Gadgie Posted November 11, 2011 Author Posted November 11, 2011 OTL Extras logfile created on: 11/11/2011 3:24:51 PM - Run 1 OTL by OldTimer - Version 3.2.31.0 Folder = C:\Users\George\Desktop 64bit- Home Premium Edition (Version = 6.1.7600) - Type = NTWorkstation Internet Explorer (Version = 8.0.7600.16385) Locale: 00000409 | Country: United Kingdom | Language: ENG | Date Format: dd/MM/yyyy 1.75 Gb Total Physical Memory | 0.75 Gb Available Physical Memory | 42.87% Memory free 3.49 Gb Paging File | 1.45 Gb Available in Paging File | 41.48% Paging File free Paging file location(s): ?:\pagefile.sys [binary data] %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86) Drive C: | 219.29 Gb Total Space | 156.42 Gb Free Space | 71.33% Space Free | Partition Type: NTFS Drive D: | 13.30 Gb Total Space | 2.21 Gb Free Space | 16.62% Space Free | Partition Type: NTFS Drive E: | 99.18 Mb Total Space | 95.72 Mb Free Space | 96.51% Space Free | Partition Type: FAT32 Computer Name: GEORGE-PC | User Name: George | Logged in as Administrator. Boot Mode: Normal | Scan Mode: Current user | Include 64bit Scans Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days ========== Extra Registry (SafeList) ========== ========== File Associations ========== 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>] .url[@ = InternetShortcut] -- C:\Windows\SysNative\rundll32.exe (Microsoft Corporation) [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>] .cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation) ========== Shell Spawning ========== 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command] batfile [open] -- "%1" %* cmdfile [open] -- "%1" %* comfile [open] -- "%1" %* exefile [open] -- "%1" %* helpfile [open] -- Reg Error: Key error. inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation) InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation) InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation) piffile [open] -- "%1" %* regfile [merge] -- Reg Error: Key error. scrfile [config] -- "%1" scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l scrfile [open] -- "%1" /S txtfile [edit] -- Reg Error: Key error. Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1 Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation) Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Folder [explore] -- Reg Error: Value error. Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command] batfile [open] -- "%1" %* cmdfile [open] -- "%1" %* comfile [open] -- "%1" %* cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation) exefile [open] -- "%1" %* helpfile [open] -- Reg Error: Key error. inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation) piffile [open] -- "%1" %* regfile [merge] -- Reg Error: Key error. scrfile [config] -- "%1" scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l scrfile [open] -- "%1" /S txtfile [edit] -- Reg Error: Key error. Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1 Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation) Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Folder [explore] -- Reg Error: Value error. Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) ========== Security Center Settings ========== 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center] "cval" = 1 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring] 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc] "VistaSp1" = 28 4D B2 76 41 04 CA 01 [binary data] "AntiVirusOverride" = 0 "AntiSpywareOverride" = 0 "FirewallOverride" = 0 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus] "DisableMonitoring" = 1 "" = [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc] ========== Firewall Settings ========== [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile] "DisableNotifications" = 0 "EnableFirewall" = 0 "DoNotAllowExceptions" = 0 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile] "DisableNotifications" = 0 "EnableFirewall" = 0 "DoNotAllowExceptions" = 0 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile] "DisableNotifications" = 0 "EnableFirewall" = 0 "DoNotAllowExceptions" = 0 ========== Authorized Applications List ========== ========== HKEY_LOCAL_MACHINE Uninstall List ========== 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall] "{071c9b48-7c32-4621-a0ac-3f809523288f}" = Microsoft Visual C++ 2005 Redistributable (x64) "{1B8ABA62-74F0-47ED-B18C-A43128E591B8}" = Windows Live ID Sign-in Assistant "{26A24AE4-039D-4CA4-87B4-2F86416015FF}" = Java 6 Update 15 (64-bit) "{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 "{5EB6F3CB-46F4-451F-A028-7F6D8D35D7D0}" = Windows Live Language Selector "{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 "{64A3A4F4-B792-11D6-A78A-00B0D0160150}" = Java SE Development Kit 6 Update 15 (64-bit) "{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}" = Bonjour "{8220EEFE-38CD-377E-8595-13398D740ACE}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 "{8338783A-0968-3B85-AFC7-BAAE0A63DC50}" = Microsoft Visual C++ 2008 Redistributable - KB2467174 - x64 9.0.30729.5570 "{90120000-002A-0000-1000-0000000FF1CE}" = Microsoft Office Office 64-bit Components 2007 "{90120000-002A-0409-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit MUI (English) 2007 "{90120000-0116-0409-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2007 "{902004C7-2B12-4A4F-E1DB-E75C7B03EDD4}" = ATI Catalyst Install Manager "{95120000-00B9-0409-1000-0000000FF1CE}" = Microsoft Application Error Reporting "{9C98CA38-4C1A-4AC8-B55C-169497C8826B}" = Apple Mobile Device Support "{9CD0F7D3-B67F-4BF8-8784-D73AD229FF1E}" = iTunes "{aac9fcc4-dd9e-4add-901c-b5496a07ab2e}" = Microsoft Visual C++ 2005 Redistributable (x64) - KB2467175 "{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}" = Microsoft Visual C++ 2005 Redistributable (x64) "{B6E3757B-5E77-3915-866A-CCFC4B8D194C}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x64 8.0.50727.4053 "{D4A6E342-907C-4CEF-96CC-FC2F4990DC9C}" = AVSDK5 "{DA54F80E-261C-41A2-A855-549A144F2F59}" = Windows Live MIME IFilter "{E787AC54-0E56-A6DF-7BDB-AAC360813B6C}" = ccc-utility64 "{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}" = Microsoft .NET Framework 4 Client Profile "EPSON BX310FN Series" = EPSON BX310FN Series Printer Uninstall "Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile "SynTPDeinstKey" = Synaptics Pointing Device Driver [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall] "{0096A731-71DB-4969-AF1A-651698B246A5}" = Sony Ericsson Media Manager 1.1 "{01FB4998-33C4-4431-85ED-079E3EEFE75D}" = CyberLink YouCam "{07E49BC1-24FF-4D7A-AC74-727BE95801AF}" = LightScribe System Software "{07FA4960-B038-49EB-891B-9F95930AA544}" = HP Customer Experience Enhancements "{08234a0d-cf39-4dca-99f0-0c5cb496da81}" = Bing Bar "{0868BCEA-C983-1450-3ACB-79411138ACB0}" = Catalyst Control Center Core Implementation "{0B0F231F-CE6A-483D-AA23-77B364F75917}" = Windows Live Installer "{0CBE6C93-CB2E-4378-91EE-12BE6D4E2E4A}" = Epson FAX Utility "{0FA359BD-666B-5135-B712-852F21504E96}" = Catalyst Control Center Graphics Previews Vista "{152C18DA-4270-FAF2-DE48-8A7286BD1FB1}" = CCC Help Japanese "{15BC8CD0-A65B-47D0-A2DD-90A824590FA8}" = Microsoft Works "{17B4760F-334B-475D-829F-1A3E94A6A4E6}" = HP Setup "{196467F1-C11F-4F76-858B-5812ADC83B94}" = MSXML 4.0 SP3 Parser "{19BA08F7-C728-469C-8A35-BFBD3633BE08}" = Windows Live Movie Maker "{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 "{1F6AB0E7-8CDD-4B93-8A23-AA9EB2FEFCE4}" = Junk Mail filter update "{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}" = CyberLink DVD Suite "{200FEC62-3C34-4D60-9CE8-EC372E01C08F}" = Windows Live SOXE Definitions "{21B5704D-788D-F083-A5E0-94B0390889F5}" = Catalyst Control Center InstallProxy "{24D753CA-6AE9-4E30-8F5F-EFC93E08BF3D}" = Skype™ 4.0 "{26A24AE4-039D-4CA4-87B4-2F83216015FF}" = Java 6 Update 29 "{287ECFA4-719A-2143-A09B-D6A12DE54E40}" = Acrobat.com "{2BF2E31F-B8BB-40A7-B650-98D28E0F7D47}" = CyberLink PowerDVD 8 "{2FC32740-5BF8-F11E-1257-80A41497B9F1}" = Catalyst Control Center Graphics Light "{31A559C1-9E4D-423B-9DD3-34A6C5398752}" = HTC BMP USB Driver "{3336F667-9049-4D46-98B6-4C743EEBC5B1}" = Windows Live Photo Gallery "{337E0592-9B00-AF1D-B10C-16225B981C96}" = CCC Help Thai "{34D2AB40-150D-475D-AE32-BD23FB5EE355}" = HP Quick Launch Buttons "{34F4D9A4-42C2-4348-BEF4-E553C84549E7}" = Windows Live Photo Gallery "{36214841-EA3C-DA47-7F29-E6A16231702E}" = CCC Help Dutch "{3BC080DE-CF23-E18E-0678-47CA2E70C1CD}" = Catalyst Control Center Graphics Full New "{3E31400D-274E-4647-916C-2CACC3741799}" = EpsonNet Print "{40BF1E83-20EB-11D8-97C5-0009C5020658}" = Power2Go "{40FB8D7C-6FF8-4AF2-BC8B-0B1DB32AF04B}" = HP Advisor "{41888B21-922B-4241-4594-EF1E6828A72B}" = BBC iPlayer Desktop "{44B2A0AB-412E-4F8C-B058-D1E8AECCDFF5}" = Recovery Manager "{46C045BF-2B3F-4BC4-8E4C-00E0CF8BD9DB}" = Adobe AIR "{47365A91-7A32-5C08-927C-17F27D9F0E50}" = Catalyst Control Center Graphics Previews Common "{47BD6184-519F-C649-6A5C-58234406B62C}" = CCC Help Italian "{48F22622-1CC2-4A83-9C1E-644DD96F832D}" = Epson Event Manager "{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater "{4B57F6F3-5577-7158-A8F7-9E71547F8B7C}" = CCC Help Finnish "{4CBABDFD-49F8-47FD-BE7D-ECDE7270525A}" = Windows Live PIMT Platform "{4E432692-A736-4F77-AF77-F9078CF88D31}" = HP Wireless Assistant "{501451DE-5808-4599-B544-8BD0915B6B24}_is1" = FreeRIP v3.6 "{51C7AD07-C3F6-4635-8E8A-231306D810FE}" = Cisco LEAP Module "{5271C0D4-24E4-4C3D-A782-C012033FD3CF}" = AMD USB Filter Driver "{5645FB61-898F-4F59-AF80-52FEF3D63A64}" = HTC Sync "{5708788D-EC95-7D4A-C0D8-CB393C9E90AC}" = CCC Help Hungarian "{64BF0187-F3D2-498B-99EA-163AF9AE6EC9}" = Cisco EAP-FAST Module "{65C0025A-2CDE-43C5-82D0-C7A56EF0DB39}" = Bing Bar Platform "{675ABEBC-DBA1-FF26-52BF-697FF5012CA1}" = CCC Help Spanish "{682B3E4F-696A-42DE-A41C-4C07EA1678B4}" = Windows Live SOXE "{68910580-F9FF-91E0-8AFE-86D49DD07AE4}" = CCC Help Russian "{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}" = Windows Media Player Firefox Plugin "{6A05FEDF-662E-46BF-8A25-010E3F1C9C69}" = Windows Live UX Platform Language Pack "{6B57CF04-5182-9DED-CCD4-84DAC76784D4}" = CCC Help Swedish "{6D6664A9-3342-4948-9B7E-034EFE366F0F}" = HTC Driver Installer "{6F340107-F9AA-47C6-B54C-C3A19F11553F}" = Hewlett-Packard ACLM.NET v1.1.1.0 "{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable "{71B7E1DE-4913-5E2E-2B83-B90C3BB308BA}" = ccc-core-static "{73CD9967-000C-49C6-A900-C87D5B2D253F}" = Presto! PageManager 8.15.01 SE "{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 "{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}" = Apple Software Update "{7DA2FB1E-31A5-54A6-91AC-9EDCA6258F40}" = CCC Help French "{80956555-A512-4190-9CAD-B000C36D6B6B}" = Windows Live Messenger "{80E158EA-7181-40FE-A701-301CE6BE64AB}" = CyberLink MediaShow "{84EBDF39-4B33-49D7-A0BD-EB6E2C4E81C1}" = Windows Live Sync "{86CE85E6-DBAC-3FFD-B977-E4B79F83C909}" = Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570 "{87C2248A-C7DD-49ED-9BCD-B312A9D0819E}" = Epson Easy Photo Print 2 "{8833FFB6-5B0C-4764-81AA-06DFEED9A476}" = Realtek 8136 8168 8169 Ethernet Driver "{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight "{8DD46C6A-0056-4FEC-B70A-28BB16A1F11F}" = MSVCRT "{8DF8417C-07F9-22AA-019E-7F761437BFAC}" = CCC Help Polish "{90120000-0016-0409-0000-0000000FF1CE}" = Microsoft Office Excel MUI (English) 2007 "{90120000-0016-0409-0000-0000000FF1CE}_HOMESTUDENTR_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2) "{90120000-0018-0409-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (English) 2007 "{90120000-0018-0409-0000-0000000FF1CE}_HOMESTUDENTR_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2) "{90120000-001B-0409-0000-0000000FF1CE}" = Microsoft Office Word MUI (English) 2007 "{90120000-001B-0409-0000-0000000FF1CE}_HOMESTUDENTR_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2) "{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007 "{90120000-001F-0409-0000-0000000FF1CE}_HOMESTUDENTR_{ABDDE972-355B-4AF1-89A8-DA50B7B5C045}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2) "{90120000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2007 "{90120000-001F-040C-0000-0000000FF1CE}_HOMESTUDENTR_{F580DDD5-8D37-4998-968E-EBB76BB86787}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2) "{90120000-001F-0C0A-0000-0000000FF1CE}" = Microsoft Office Proof (Spanish) 2007 "{90120000-001F-0C0A-0000-0000000FF1CE}_HOMESTUDENTR_{187308AB-5FA7-4F14-9AB9-D290383A10D9}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2) "{90120000-0020-0409-0000-0000000FF1CE}" = Compatibility Pack for the 2007 Office system "{90120000-002A-0000-1000-0000000FF1CE}_HOMESTUDENTR_{E64BA721-2310-4B55-BE5A-2925F9706192}" = Microsoft Office 2007 Service Pack 2 (SP2) "{90120000-002A-0409-1000-0000000FF1CE}_HOMESTUDENTR_{DE5A002D-8122-4278-A7EE-3121E7EA254E}" = Microsoft Office 2007 Service Pack 2 (SP2) "{90120000-002C-0409-0000-0000000FF1CE}" = Microsoft Office Proofing (English) 2007 "{90120000-006E-0409-0000-0000000FF1CE}" = Microsoft Office Shared MUI (English) 2007 "{90120000-006E-0409-0000-0000000FF1CE}_HOMESTUDENTR_{DE5A002D-8122-4278-A7EE-3121E7EA254E}" = Microsoft Office 2007 Service Pack 2 (SP2) "{90120000-00A1-0409-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (English) 2007 "{90120000-00A1-0409-0000-0000000FF1CE}_HOMESTUDENTR_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2) "{90120000-0115-0409-0000-0000000FF1CE}" = Microsoft Office Shared Setup Metadata MUI (English) 2007 "{90120000-0115-0409-0000-0000000FF1CE}_HOMESTUDENTR_{DE5A002D-8122-4278-A7EE-3121E7EA254E}" = Microsoft Office 2007 Service Pack 2 (SP2) "{90120000-0116-0409-1000-0000000FF1CE}_HOMESTUDENTR_{DE5A002D-8122-4278-A7EE-3121E7EA254E}" = Microsoft Office 2007 Service Pack 2 (SP2) "{90140000-2005-0000-0000-0000000FF1CE}" = Microsoft Office File Validation Add-In "{90E03F32-42EC-A16D-8146-A4E2F0FC9588}" = CCC Help English "{91120000-002F-0000-0000-0000000FF1CE}" = Microsoft Office Home and Student 2007 "{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{0B36C6D6-F5D8-4EAF-BF94-4376A230AD5B}" = Microsoft Office 2007 Service Pack 2 (SP2) "{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{3D019598-7B59-447A-80AE-815B703B84FF}" = Security Update for Microsoft Office system 2007 (972581) "{91B36C7F-0796-5A98-D1BA-C29C8D24396F}" = CCC Help Portuguese "{92EA4134-10D1-418A-91E1-5A0453131A38}" = Windows Live Movie Maker "{95120000-00AF-0409-0000-0000000FF1CE}" = Microsoft Office PowerPoint Viewer 2007 (English) "{96AE7E41-E34E-47D0-AC07-1091A8127911}" = Realtek USB 2.0 Card Reader "{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 "{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 "{9D3318E1-5A9F-4A95-A7A1-7E045403AE34}" = HP User Guides 0148 "{9D56775A-93F3-44A3-8092-840E3826DE30}" = Windows Live Mail "{9D8B0949-7C47-476F-9F06-F900D3B078EA}" = Kaspersky Internet Security 2010 "{A0A47CD2-749A-97BD-C4AE-862EFA38CAC1}" = CCC Help Danish "{A44CD09A-6D0F-08EC-8B80-6FD5EF62598B}" = CCC Help Czech "{A5786D80-1FAE-577A-C448-9C61274E9F7B}" = CCC Help Turkish "{A726AE06-AAA3-43D1-87E3-70F510314F04}" = Windows Live Writer "{A83279FD-CA4B-4206-9535-90974DE76654}" = Apple Application Support "{A9BDCA6B-3653-467B-AC83-94367DA3BFE3}" = Windows Live Photo Common "{AAAFC670-569B-4A2F-82B4-42945E0DE3EF}" = Windows Live Writer "{AAF454FC-82CA-4F29-AB31-6A109485E76E}" = Windows Live Writer "{AC76BA86-7AD7-1033-7B44-AA0000000001}" = Adobe Reader X (10.0.1) "{AD72CFB4-C2BF-424E-9DF0-C7BAD1F30A11}" = Adobe Shockwave Player "{AF6B5CC8-55F5-55BC-2E2A-2B192EA79E16}" = CCC Help Greek "{B6A98E5F-D6A7-46FB-9E9D-1F7BF4434001}" = Epson Printer Software Downloader "{C2AFB298-CD06-BCF0-16CD-FB506E07B262}" = CCC Help Norwegian "{C2FFBCE8-3A0D-154C-EE84-47B189E79D60}" = CCC Help German "{C3A32068-8AB1-4327-BB16-BED9C6219DC7}" = Atheros Driver Installation Program "{C59C179C-668D-49A9-B6EA-0121CCFC1243}" = LabelPrint "{C66824E4-CBB3-4851-BB3F-E8CFD6350923}" = Windows Live Mail "{C9E14402-3631-4182-B377-6B0DFB1C0339}" = QuickTime "{CA43FE4F-9FF2-4AD7-88F0-CC3BAC17B226}" = HP Support Assistant "{CB099890-1D5F-11D5-9EA9-0050BAE317E1}" = PowerDirector "{CB71B7E6-3156-2DB6-3800-6B853D5D6EF6}" = Catalyst Control Center Graphics Full Existing "{CE95A79E-E4FC-4FFF-8A75-29F04B942FF2}" = Windows Live UX Platform "{CFF8B8E8-E086-4DE0-935F-FE22CAB54F80}" = Microsoft Search Enhancement Pack "{D0B44725-3666-492D-BEF6-587A14BD9BD9}" = MSVCRT_amd64 "{D436F577-1695-4D2F-8B44-AC76C99E0002}" = Windows Live Photo Common "{D45240D3-B6B3-4FF9-B243-54ECE3E10066}" = Windows Live Communications Platform "{D46D081B-F60E-467E-A7C4-117B70D76731}" = HP Update "{D8029B62-C3D6-E02D-A98E-07AFEA8CDF79}" = Catalyst Control Center Localization All "{DDC8BDEE-DCAC-404D-8257-3E8D4B782467}" = Windows Live Writer Resources "{DE626616-D7C4-4F00-7E0B-EAF26FA65749}" = muvee Reveal "{E0897770-46C9-4322-AD44-8BFA6BE217B2}" = Catalyst Control Center - Branding "{E09C4DB7-630C-4F06-A631-8EA7239923AF}" = D3DX10 "{E3A5A8AB-58F6-45FF-AFCB-C9AE18C05001}" = IDT Audio "{E50AE784-FABE-46DA-A1F8-7B6B56DCB22E}" = Microsoft Office Suite Activation Assistant "{EB4DF488-AAEF-406F-A341-CB2AAA315B90}" = Windows Live Messenger "{EC1F6690-DE55-4B9E-C556-EE1558EAB7A5}" = CCC Help Chinese Standard "{EC83C809-3943-830A-ED5C-C569267E4804}" = CCC Help Korean "{ED5776D5-59B4-46B7-AF81-5F2D94D7C640}" = Cisco PEAP Module "{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU] "{F1D7AC58-554A-4A58-B784-B61558B1449A}" = QLBCASL "{F696BBD9-A383-4F54-155B-451A15482C89}" = CCC Help Chinese Traditional "{FE044230-9CA5-43F7-9B58-5AC5A28A1F33}" = Windows Live Essentials "{FFFAE01B-466F-4C07-9821-A94FD753BDDA}" = EpsonNet Setup "Adobe AIR" = Adobe AIR "Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX "Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin "BBCiPlayerDesktop.61DB7A798358575D6A969CCD73DDBBD723A6DA9D.1" = BBC iPlayer Desktop "EasyBits Magic Desktop" = Magic Desktop "EPSON PC-FAX Driver 2" = Epson PC-FAX Driver "Epson Printer Software Downloader" = Epson Printer Software Downloader "EPSON Scanner" = EPSON Scan "Epson Stylus Office BX310FN_TX510FN User’s Guide" = Epson Stylus Office BX310FN_TX510FN Manual "HOMESTUDENTR" = Microsoft Office Home and Student 2007 "InstallShield_{01FB4998-33C4-4431-85ED-079E3EEFE75D}" = CyberLink YouCam "InstallShield_{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}" = CyberLink DVD Suite "InstallShield_{2BF2E31F-B8BB-40A7-B650-98D28E0F7D47}" = CyberLink PowerDVD 8 "InstallShield_{40BF1E83-20EB-11D8-97C5-0009C5020658}" = Power2Go "InstallShield_{80E158EA-7181-40FE-A701-301CE6BE64AB}" = CyberLink MediaShow "InstallShield_{C59C179C-668D-49A9-B6EA-0121CCFC1243}" = LabelPrint "InstallShield_{CB099890-1D5F-11D5-9EA9-0050BAE317E1}" = PowerDirector "InstallWIX_{9D8B0949-7C47-476F-9F06-F900D3B078EA}" = Kaspersky Internet Security 2010 "Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware version 1.51.2.1300 "Spotify" = Spotify "WildTangent hp Master Uninstall" = HP Games "WinGimp-2.0_is1" = GIMP 2.6.11 "WinLiveSuite" = Windows Live Essentials ========== HKEY_CURRENT_USER Uninstall List ========== [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall] "Google Chrome" = Google Chrome ========== Last 10 Event Log Errors ========== [ Application Events ] Error - 11/2/2011 9:56:58 AM | Computer Name = GEORGE-PC | Source = Bonjour Service | ID = 100 Description = Task Scheduling Error: m->NextScheduledSPRetry 10733 Error - 11/2/2011 9:56:59 AM | Computer Name = GEORGE-PC | Source = Bonjour Service | ID = 100 Description = Task Scheduling Error: Continuously busy for more than a second Error - 11/2/2011 9:56:59 AM | Computer Name = GEORGE-PC | Source = Bonjour Service | ID = 100 Description = Task Scheduling Error: m->NextScheduledEvent 12012 Error - 11/2/2011 9:56:59 AM | Computer Name = GEORGE-PC | Source = Bonjour Service | ID = 100 Description = Task Scheduling Error: m->NextScheduledSPRetry 12012 Error - 11/2/2011 9:57:00 AM | Computer Name = GEORGE-PC | Source = Bonjour Service | ID = 100 Description = Task Scheduling Error: Continuously busy for more than a second Error - 11/2/2011 9:57:00 AM | Computer Name = GEORGE-PC | Source = Bonjour Service | ID = 100 Description = Task Scheduling Error: m->NextScheduledEvent 13104 Error - 11/2/2011 9:57:00 AM | Computer Name = GEORGE-PC | Source = Bonjour Service | ID = 100 Description = Task Scheduling Error: m->NextScheduledSPRetry 13104 Error - 11/2/2011 9:57:01 AM | Computer Name = GEORGE-PC | Source = Bonjour Service | ID = 100 Description = Task Scheduling Error: Continuously busy for more than a second Error - 11/2/2011 9:57:01 AM | Computer Name = GEORGE-PC | Source = Bonjour Service | ID = 100 Description = Task Scheduling Error: m->NextScheduledEvent 14305 Error - 11/2/2011 9:57:01 AM | Computer Name = GEORGE-PC | Source = Bonjour Service | ID = 100 Description = Task Scheduling Error: m->NextScheduledSPRetry 14305 [ Hewlett-Packard Events ] Error - 10/18/2011 2:36:19 PM | Computer Name = George-PC | Source = HPSF.exe | ID = 4000 Description = Error - 10/18/2011 2:36:34 PM | Computer Name = George-PC | Source = HPSF.exe | ID = 4000 Description = Error - 10/18/2011 2:36:35 PM | Computer Name = George-PC | Source = HPSF.exe | ID = 4000 Description = Error - 10/18/2011 2:36:35 PM | Computer Name = George-PC | Source = HPSF.exe | ID = 4000 Description = Error - 10/18/2011 2:36:36 PM | Computer Name = George-PC | Source = HPSF.exe | ID = 4000 Description = Error - 10/30/2011 5:24:30 PM | Computer Name = George-PC | Source = HPSF.exe | ID = 4000 Description = Error - 10/30/2011 5:30:35 PM | Computer Name = George-PC | Source = HPSF.exe | ID = 4000 Description = Error - 10/30/2011 5:30:48 PM | Computer Name = George-PC | Source = HPSF.exe | ID = 4000 Description = Error - 10/30/2011 5:31:16 PM | Computer Name = George-PC | Source = HPSF.exe | ID = 2000 Description = HP Error ID: -2146233088HPSF.exe at HPSFConfigReader.ConfigHelper.loadXML() at HPSFConfigReader.ConfigHelper..ctor() at HP.SupportAssistant.Engine.Resources.ResourceTasks.LoadApplicationResources(Boolean isOnAppLoad) Message: Exception of type 'System.Exception' was thrown. StackTrace: at HPSFConfigReader.ConfigHelper.loadXML() at HPSFConfigReader.ConfigHelper..ctor() at HP.SupportAssistant.Engine.Resources.ResourceTasks.LoadApplicationResources(Boolean isOnAppLoad) Source: HPSFConfigReader Name: HPSF.exe Version: 06.00.01.01 Path: C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe Format: en-US RAM: 1788 Ram Utilization: 70 TargetSite: Void loadXML() Error - 10/30/2011 5:31:30 PM | Computer Name = George-PC | Source = HPSF.exe | ID = 4000 Description = [ OSession Events ] Error - 6/17/2010 2:57:34 PM | Computer Name = George-PC | Source = Microsoft Office 12 Sessions | ID = 7001 Description = ID: 1, Application Name: Microsoft Office Excel, Application Version: 12.0.6535.5002, Microsoft Office Version: 12.0.6425.1000. This session lasted 231 seconds with 60 seconds of active time. This session ended with a crash. [ System Events ] Error - 11/10/2011 6:50:52 AM | Computer Name = George-PC | Source = Service Control Manager | ID = 7001 Description = The Network List Service service depends on the Network Location Awareness service which failed to start because of the following error: %%1068 Error - 11/10/2011 6:51:03 AM | Computer Name = George-PC | Source = DCOM | ID = 10005 Description = Error - 11/10/2011 6:51:03 AM | Computer Name = George-PC | Source = DCOM | ID = 10005 Description = Error - 11/10/2011 6:51:03 AM | Computer Name = George-PC | Source = Service Control Manager | ID = 7001 Description = The Network List Service service depends on the Network Location Awareness service which failed to start because of the following error: %%1068 Error - 11/10/2011 6:55:37 AM | Computer Name = George-PC | Source = atikmdag | ID = 52236 Description = CPLIB :: General - Invalid Parameter Error - 11/10/2011 9:59:49 AM | Computer Name = George-PC | Source = EventLog | ID = 6008 Description = The previous system shutdown at 13:58:28 on ?10/?11/?2011 was unexpected. Error - 11/10/2011 9:59:47 AM | Computer Name = George-PC | Source = atikmdag | ID = 52236 Description = CPLIB :: General - Invalid Parameter Error - 11/10/2011 11:01:33 AM | Computer Name = George-PC | Source = atikmdag | ID = 52236 Description = CPLIB :: General - Invalid Parameter Error - 11/11/2011 5:59:29 AM | Computer Name = George-PC | Source = Service Control Manager | ID = 7011 Description = A timeout (30000 milliseconds) was reached while waiting for a transaction response from the Netman service. Error - 11/11/2011 10:49:37 AM | Computer Name = George-PC | Source = Service Control Manager | ID = 7011 Description = A timeout (30000 milliseconds) was reached while waiting for a transaction response from the Netman service. < End of report > Is everything there that you need? cheers Quote
Starbuck Posted November 11, 2011 Posted November 11, 2011 Hi Gadgie It only took a few seconds does that seem correct? Yes, that's fine. Is everything there that you need? Great thanks, i can see a couple of things we should address. Step 1 Double click on OTL to run it. Copy the lines in the codebox below. (make sure that :Otl is on the first line ) :otl O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - No CLSID value found. O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found. O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found. :Files ipconfig /flushdns /c :commands [emptytemp] [purity] [RESETHOSTS] Return to OTL, right click in the Custom Scans/Fixes window (under the blue bar) and choose Paste. http://img.photobucket.com/albums/v708/starbuck50/new%20forum/scan-fix.png Click the red Run Fix button. http://img.photobucket.com/albums/v708/starbuck50/runfixbutton.png OTL will reboot your system once the fix has completed. After the reboot, you may need to double click OTL to launch the program and retrieve the log. Copy and paste the contents of the OTL log that comes up after the fix in your next reply. if you lose the report, there will be a copy here: C:\_OTL\MovedFiles Step 2 Your Java is out of date. Older versions have vulnerabilities that malware can use to infect your system. A malicious site could render Java content under older, vulnerable versions of Sun's software if the user has not removed them. Please follow these steps to remove older version Java components and update:Download the latest version of Java Runtime Environment (JRE) 7 Update 1 and save it to your desktop. Scroll down to where it says "Java SE 7 Update 1". Click the "Download JRE" button to the right. Accept the license agreement. select 'Windows x64'offline from the list. ( this is the version for a 64bit system) Save the file to your desktop. Close any programs you may have running - especially your web browser. Go to Start > Settings > Control Panel, double-click on Add/Remove Programs and remove all older versions of Java. Check (highlight) any item with Java Runtime Environment (JRE or J2SE) in the name. Click the Remove or Change/Remove button. Repeat as many times as necessary to remove each Java versions. . Java 6 Update 15 (64-bit) Java SE Development Kit 6 Update 15 (64-bit) Java 6 Update 29 . Reboot your computer once all Java components are removed. Then from your desktop double-click on jre-7u1-windows-i586-p.exe to install the newest version. In your next reply, please submit: Otl fix report Also let me know if there are any problems with the system now. Thanks. Quote Member of:UNITE
Gadgie Posted November 11, 2011 Author Posted November 11, 2011 (edited) Hi Gadgie Yes, that's fine. Great thanks, i can see a couple of things we should address. Step 1 Double click on OTL to run it. Copy the lines in the codebox below. (make sure that :Otl is on the first line ) :otl O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - No CLSID value found. O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found. O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found. :Files ipconfig /flushdns /c :commands [emptytemp] [purity] [RESETHOSTS] Return to OTL, right click in the Custom Scans/Fixes window (under the blue bar) and choose Paste. http://img.photobucket.com/albums/v708/starbuck50/new%20forum/scan-fix.png Click the red Run Fix button. http://img.photobucket.com/albums/v708/starbuck50/runfixbutton.png OTL will reboot your system once the fix has completed. After the reboot, you may need to double click OTL to launch the program and retrieve the log. Copy and paste the contents of the OTL log that comes up after the fix in your next reply. if you lose the report, there will be a copy here: C:\_OTL\MovedFiles Step 2 Your Java is out of date. Older versions have vulnerabilities that malware can use to infect your system. A malicious site could render Java content under older, vulnerable versions of Sun's software if the user has not removed them. Please follow these steps to remove older version Java components and update: Download the latest version of Java Runtime Environment (JRE) 7 Update 1 and save it to your desktop. Scroll down to where it says "Java SE 7 Update 1". Click the "Download JRE" button to the right. Accept the license agreement. select 'Windows x64'offline from the list. ( this is the version for a 64bit system) Save the file to your desktop. Close any programs you may have running - especially your web browser. Go to Start > Settings > Control Panel, double-click on Add/Remove Programs and remove all older versions of Java. Check (highlight) any item with Java Runtime Environment (JRE or J2SE) in the name. Click the Remove or Change/Remove button. Repeat as many times as necessary to remove each Java versions. . Java 6 Update 15 (64-bit) Java SE Development Kit 6 Update 15 (64-bit) Java 6 Update 29 . Reboot your computer once all Java components are removed. Then from your desktop double-click on jre-7u1-windows-i586-p.exe to install the newest version. In your next reply, please submit: Otl fix report Also let me know if there are any problems with the system now. Thanks. Hi Before I run the OTL do I need to "check" the 2 boxes near the bottom like the first time? (LOP & Purity) And should it still be on minimal output cheers for your help Edited November 11, 2011 by Gadgie Quote
Starbuck Posted November 11, 2011 Posted November 11, 2011 Before I run the OTL do I need to "check" the 2 boxes near the bottom like the first time? (LOP & Purity) And should it still be on minimal output No you don't need to check anything this time around. Because we are clicking the 'FIX' button, OTL won't run a scan.... it'll just complete the fix, reboot the system and produce a short fix report saying what was completed. Quote Member of:UNITE
Gadgie Posted November 11, 2011 Author Posted November 11, 2011 (edited) No you don't need to check anything this time around. Because we are clicking the 'FIX' button, OTL won't run a scan.... it'll just complete the fix, reboot the system and produce a short fix report saying what was completed. Hi I got an error message box with a red cross about host files (sorry cant remember exactly what it said), the software now seems stuck with the prompt "Resetting HOST file DO NOT INTERRUPT is this still sound okay? cheers Edited November 11, 2011 by Gadgie Quote
Gadgie Posted November 11, 2011 Author Posted November 11, 2011 still seems stuck with the prompt mentioned in my last message, should it take this long? Quote
Gadgie Posted November 11, 2011 Author Posted November 11, 2011 still seems stuck with the prompt mentioned in my last message, should it take this long? dont think it worked what should I do? Quote
Starbuck Posted November 12, 2011 Posted November 12, 2011 Hi Gadgie dont think it worked what should I do? Just run OTL again and click the scan button. It'll only produce the main scan this time ( but that's all we need) You don't need to check the LOP & Purity buttons this time. Clicking just the scan button will be enough to see what's beed fixed. Quote Member of:UNITE
Gadgie Posted November 12, 2011 Author Posted November 12, 2011 Hi Gadgie Just run OTL again and click the scan button. It'll only produce the main scan this time ( but that's all we need) You don't need to check the LOP & Purity buttons this time. Clicking just the scan button will be enough to see what's beed fixed. Hi i have run a scan (with nothing pasted in the bottom window) Here are the results: OTL logfile created on: 11/12/2011 2:19:44 PM - Run 2 OTL by OldTimer - Version 3.2.31.0 Folder = C:\Users\George\Desktop 64bit- Home Premium Edition (Version = 6.1.7600) - Type = NTWorkstation Internet Explorer (Version = 8.0.7600.16385) Locale: 00000409 | Country: United Kingdom | Language: ENG | Date Format: dd/MM/yyyy 1.75 Gb Total Physical Memory | 0.65 Gb Available Physical Memory | 37.13% Memory free 3.49 Gb Paging File | 1.65 Gb Available in Paging File | 47.38% Paging File free Paging file location(s): ?:\pagefile.sys [binary data] %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86) Drive C: | 219.29 Gb Total Space | 160.15 Gb Free Space | 73.03% Space Free | Partition Type: NTFS Drive D: | 13.30 Gb Total Space | 2.21 Gb Free Space | 16.62% Space Free | Partition Type: NTFS Drive E: | 99.18 Mb Total Space | 95.72 Mb Free Space | 96.51% Space Free | Partition Type: FAT32 Computer Name: GEORGE-PC | User Name: George | Logged in as Administrator. Boot Mode: Normal | Scan Mode: Current user | Include 64bit Scans Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days ========== Processes (SafeList) ========== PRC - File not found PRC - C:\Users\George\Desktop\OTL.exe (OldTimer Tools) PRC - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation) PRC - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe (Malwarebytes Corporation) PRC - C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe (Hewlett-Packard Company) PRC - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe (Kaspersky Lab) PRC - C:\Program Files (x86)\BBC iPlayer Desktop\BBC iPlayer Desktop.exe () PRC - C:\Program Files (x86)\HTC\HTC Sync 3.0\htcUPCTLoader.exe () PRC - C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe () PRC - C:\Program Files (x86)\Epson Software\FAX Utility\FUFAXSTM.exe (SEIKO EPSON CORPORATION) PRC - C:\Program Files (x86)\Epson Software\Event Manager\EEventManager.exe (SEIKO EPSON CORPORATION) PRC - C:\Program Files (x86)\NewSoft\Presto! PageManager 8 for EP\PMSpeed.exe (NewSoft Technology Corporation) PRC - C:\Program Files (x86)\Common Files\EPSON\EBAPI\eEBSvc.exe (SEIKO EPSON CORPORATION) ========== Modules (No Company Name) ========== MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Management\cc6713be0e405d5a89a2783103f7e771\System.Management.ni.dll () MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\5672e6b9d976feca51deb06d8dd1df0e\PresentationFramework.Aero.ni.dll () MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Remo#\018d2569cf208acbe8ad73908705f607\System.Runtime.Remoting.ni.dll () MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Data\45a20172acfdcc160ecb6bd358179c31\System.Data.ni.dll () MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\09e39322b47f9b4e8dd2199ff03acb2e\PresentationFramework.ni.dll () MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\0e245eb9c1067cabd5673fe832d28613\System.Drawing.ni.dll () MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\UIAutomationTypes\a3f989a61ab0468876629134c49514b2\UIAutomationTypes.ni.dll () MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\PresentationCore\d2dc021a8311197516e4fa325b292f21\PresentationCore.ni.dll () MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\WindowsBase\3136e12cfb8809d39813e76c766c782c\WindowsBase.ni.dll () MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Xml\275680f2b9db0501d53c50ea7d7a43f0\System.Xml.ni.dll () MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Configuration\e9ebeb7959f1c916ebf6fca8f7077d6c\System.Configuration.ni.dll () MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System\95b9866ab6e4437ef5dc5855ebab4e33\System.ni.dll () MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\1b31ced9bb880d94fff1c6d47c16a81e\mscorlib.ni.dll () MOD - C:\Windows\assembly\GAC_MSIL\HP.ActiveSupportLibrary\2.0.0.1__01a974bc1760f423\HP.ActiveSupportLibrary.dll () MOD - C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll () MOD - C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll () MOD - C:\Program Files (x86)\BBC iPlayer Desktop\BBC iPlayer Desktop.exe () MOD - C:\Program Files (x86)\HTC\HTC Sync 3.0\sqlite3.dll () MOD - C:\Program Files (x86)\HTC\HTC Sync 3.0\htcUPCTLoader.exe () MOD - C:\Program Files (x86)\HTC\HTC Sync 3.0\htcDetect.dll () MOD - C:\Program Files (x86)\HTC\HTC Sync 3.0\htcDisk.dll () MOD - C:\Program Files (x86)\HTC\HTC Sync 3.0\htcDetectLegend.dll () MOD - C:\Program Files (x86)\HTC\HTC Sync 3.0\fdHttpd.dll () MOD - C:\Program Files (x86)\Common Files\LightScribe\QtGui4.dll () MOD - C:\Program Files (x86)\Common Files\LightScribe\QtCore4.dll () MOD - C:\Program Files (x86)\Common Files\LightScribe\plugins\imageformats\qjpeg4.dll () MOD - C:\Program Files (x86)\Hewlett-Packard\HP Advisor\Pillars\PCAlerts\PCAlertsPillar.dll () MOD - C:\Program Files (x86)\Hewlett-Packard\HP Advisor\Pillars\ECenter\ECLibrary.dll () MOD - C:\Program Files (x86)\Hewlett-Packard\HP Advisor\MessagingServer.dll () MOD - C:\Program Files (x86)\Hewlett-Packard\HP Advisor\MessagingClients.dll () MOD - C:\Program Files (x86)\Hewlett-Packard\HP Advisor\RemotingClient.dll () MOD - C:\Program Files (x86)\Hewlett-Packard\HP Advisor\MessagingInterface.dll () MOD - C:\Program Files (x86)\Hewlett-Packard\HP Advisor\MessagingMessages.dll () MOD - C:\Program Files (x86)\Hewlett-Packard\HP Advisor\Microsoft.Practices.EnterpriseLibrary.ExceptionHandling.Logging.dll () MOD - C:\Windows\SysWOW64\msjetoledb40.dll () MOD - C:\Windows\assembly\GAC_32\System.Data\2.0.0.0__b77a5c561934e089\System.Data.dll () MOD - C:\Program Files (x86)\Epson Software\Event Manager\Assistants\Scan Assistant\ScanEngine.dll () MOD - C:\Program Files (x86)\Epson Software\Event Manager\Assistants\Scan Assistant\Satwain.dll () ========== Win32 Services (SafeList) ========== SRV:64bit: - (vseqrts) -- C:\Program Files\Common Files\Authentium\AntiVirus5\vseqrts.exe (Authentium, Inc) SRV:64bit: - (vsedsps) -- C:\Program Files\Common Files\Authentium\AntiVirus5\vsedsps.exe (Authentium, Inc) SRV:64bit: - (vseamps) -- C:\Program Files\Common Files\Authentium\AntiVirus5\vseamps.exe (Authentium, Inc) SRV:64bit: - (AMD External Events Utility) -- C:\Windows\SysNative\atiesrxx.exe (AMD) SRV:64bit: - (STacSV) -- C:\Windows\SysNative\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_ccf0dd3cb081af84\stacsv64.exe (IDT, Inc.) SRV:64bit: - (WinDefend) -- C:\Program Files\Windows Defender\MpSvc.dll (Microsoft Corporation) SRV:64bit: - (AESTFilters) -- C:\Windows\SysNative\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_ccf0dd3cb081af84\AESTSr64.exe (Andrea Electronics Corporation) SRV - (MBAMService) -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe (Malwarebytes Corporation) SRV - (HP Support Assistant Service) -- C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe (Hewlett-Packard Company) SRV - (HPDrvMntSvc.exe) -- C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe (Hewlett-Packard Company) SRV - (AVP) -- C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe (Kaspersky Lab) SRV - (PassThru Service) -- C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe () SRV - (clr_optimization_v4.0.30319_32) -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe (Microsoft Corporation) SRV - (clr_optimization_v2.0.50727_32) -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe (Microsoft Corporation) SRV - (GameConsoleService) -- C:\Program Files (x86)\HP Games\HP Game Console\GameConsoleService.exe (WildTangent, Inc.) SRV - (ezSharedSvc) -- C:\Windows\SysWOW64\ezsvc7.dll (EasyBits Sofware AS) SRV - (EpsonBidirectionalService) -- C:\Program Files (x86)\Common Files\EPSON\EBAPI\eEBSvc.exe (SEIKO EPSON CORPORATION) ========== Driver Services (SafeList) ========== DRV:64bit: - (MBAMProtector) -- C:\Windows\SysNative\drivers\mbam.sys (Malwarebytes Corporation) DRV:64bit: - (USBAAPL64) -- C:\Windows\SysNative\drivers\usbaapl64.sys (Apple, Inc.) DRV:64bit: - (amdsata) -- C:\Windows\SysNative\drivers\amdsata.sys (Advanced Micro Devices) DRV:64bit: - (amdxata) -- C:\Windows\SysNative\drivers\amdxata.sys (Advanced Micro Devices) DRV:64bit: - (SynTP) -- C:\Windows\SysNative\drivers\SynTP.sys (Synaptics Incorporated) DRV:64bit: - (htcnprot) -- C:\Windows\SysNative\drivers\htcnprot.sys (Windows ® Win 7 DDK provider) DRV:64bit: - (athr) -- C:\Windows\SysNative\drivers\athrx.sys (Atheros Communications, Inc.) DRV:64bit: - (BVRPMPR5a64) -- C:\Windows\SysNative\drivers\BVRPMPR5a64.SYS (Avanquest Software) DRV:64bit: - (KLIF) -- C:\Windows\SysNative\drivers\klif.sys (Kaspersky Lab) DRV:64bit: - (KLIM6) -- C:\Windows\SysNative\drivers\klim6.sys (Kaspersky Lab) DRV:64bit: - (HTCAND64) -- C:\Windows\SysNative\drivers\ANDROIDUSB.sys (HTC, Corporation) DRV:64bit: - (KLBG) -- C:\Windows\SysNative\drivers\klbg.sys (Kaspersky Lab) DRV:64bit: - (klmouflt) -- C:\Windows\SysNative\drivers\klmouflt.sys (Kaspersky Lab) DRV:64bit: - (kl1) -- C:\Windows\SysNative\drivers\kl1.sys (Kaspersky Lab) DRV:64bit: - (atikmdag) -- C:\Windows\SysNative\drivers\atikmdag.sys (ATI Technologies Inc.) DRV:64bit: - (AtiHdmiService) -- C:\Windows\SysNative\drivers\AtiHdmi.sys (ATI Technologies, Inc.) DRV:64bit: - (STHDA) -- C:\Windows\SysNative\drivers\stwrt64.sys (IDT, Inc.) DRV:64bit: - (amdsbs) -- C:\Windows\SysNative\drivers\amdsbs.sys (AMD Technologies Inc.) DRV:64bit: - (LSI_SAS2) -- C:\Windows\SysNative\drivers\lsi_sas2.sys (LSI Corporation) DRV:64bit: - (HpSAMD) -- C:\Windows\SysNative\drivers\HpSAMD.sys (Hewlett-Packard Company) DRV:64bit: - (stexstor) -- C:\Windows\SysNative\drivers\stexstor.sys (Promise Technology) DRV:64bit: - (sdbus) -- C:\Windows\SysNative\drivers\sdbus.sys (Microsoft Corporation) DRV:64bit: - (SrvHsfV92) -- C:\Windows\SysNative\drivers\VSTDPV6.SYS (Conexant Systems, Inc.) DRV:64bit: - (SrvHsfWinac) -- C:\Windows\SysNative\drivers\VSTCNXT6.SYS (Conexant Systems, Inc.) DRV:64bit: - (SrvHsfHDA) -- C:\Windows\SysNative\drivers\VSTAZL6.SYS (Conexant Systems, Inc.) DRV:64bit: - (AgereSoftModem) -- C:\Windows\SysNative\drivers\agrsm64.sys (LSI Corp) DRV:64bit: - (igfx) -- C:\Windows\SysNative\drivers\igdkmd64.sys (Intel Corporation) DRV:64bit: - (yukonw7) -- C:\Windows\SysNative\drivers\yk62x64.sys (Marvell) DRV:64bit: - (netw5v64) Intel® -- C:\Windows\SysNative\drivers\netw5v64.sys (Intel Corporation) DRV:64bit: - (ebdrv) -- C:\Windows\SysNative\drivers\evbda.sys (Broadcom Corporation) DRV:64bit: - (b06bdrv) -- C:\Windows\SysNative\drivers\bxvbda.sys (Broadcom Corporation) DRV:64bit: - (b57nd60a) -- C:\Windows\SysNative\drivers\b57nd60a.sys (Broadcom Corporation) DRV:64bit: - (hcw85cir) -- C:\Windows\SysNative\drivers\hcw85cir.sys (Hauppauge Computer Works, Inc.) DRV:64bit: - (RTL8167) -- C:\Windows\SysNative\drivers\Rt64win7.sys (Realtek ) DRV:64bit: - (GEARAspiWDM) -- C:\Windows\SysNative\drivers\GEARAspiWDM.sys (GEAR Software Inc.) DRV:64bit: - (AtiPcie) AMD PCI Express (3GIO) -- C:\Windows\SysNative\drivers\AtiPcie.sys (Advanced Micro Devices Inc.) DRV:64bit: - (HpqKbFiltr) -- C:\Windows\SysNative\drivers\HpqKbFiltr.sys (Hewlett-Packard Development Company, L.P.) DRV:64bit: - (usbfilter) -- C:\Windows\SysNative\drivers\usbfilter.sys (Advanced Micro Devices) DRV - (WIMMount) -- C:\Windows\SysWOW64\drivers\wimmount.sys (Microsoft Corporation) ========== Standard Registry (SafeList) ========== ========== Internet Explorer ========== IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://g.uk.msn.com/CQNOT/2 IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://g.uk.msn.com/CQNOT/2 IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://g.uk.msn.com/CQNOT/2 IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://g.uk.msn.com/CQNOT/2 IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://g.uk.msn.com/CQNOT/2 IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://g.uk.msn.com/CQNOT/2 IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF32.dll () FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\Windows\SysWOW64\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.) FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll () FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files (x86)\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.) FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files (x86)\Microsoft Silverlight\4.0.60831.0\npctrl.dll ( Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3508.1109: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation) FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Users\George\AppData\Local\Google\Update\1.3.21.79\npGoogleUpdate3.dll (Google Inc.) FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Users\George\AppData\Local\Google\Update\1.3.21.79\npGoogleUpdate3.dll (Google Inc.) FF - HKEY_LOCAL_MACHINE\software\mozilla\Thunderbird\Extensions\\{eea12ec4-729d-4703-bc37-106ce9879ce2}: C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2010\THBExt [2011/02/03 17:01:42 | 000,000,000 | ---D | M] ========== Chrome ========== CHR - default_search_provider: Google (Enabled) CHR - default_search_provider: search_url = {google:baseURL}search?{google:RLZ}{google:acceptedSuggestion}{google:originalQueryForSuggestion}{google:searchFieldtrialParameter}{google:instantFieldTrialGroupParameter}sourceid=chrome&ie={inputEncoding}&q={searchTerms} CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}{google:instantFieldTrialGroupParameter}client=chrome&hl={language}&q={searchTerms} CHR - plugin: Shockwave Flash (Enabled) = C:\Users\George\AppData\Local\Google\Chrome\Application\15.0.874.106\gcswf32.dll CHR - plugin: Shockwave Flash (Enabled) = C:\Windows\system32\Macromed\Flash\NPSWF32.dll CHR - plugin: QuickTime Plug-in 7.6.9 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin.dll CHR - plugin: QuickTime Plug-in 7.6.9 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin2.dll CHR - plugin: QuickTime Plug-in 7.6.9 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin3.dll CHR - plugin: QuickTime Plug-in 7.6.9 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin4.dll CHR - plugin: QuickTime Plug-in 7.6.9 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin5.dll CHR - plugin: QuickTime Plug-in 7.6.9 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin6.dll CHR - plugin: QuickTime Plug-in 7.6.9 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin7.dll CHR - plugin: Java Deployment Toolkit 6.0.230.5 (Enabled) = C:\Program Files (x86)\Java\jre6\bin\new_plugin\npdeployJava1.dll CHR - plugin: Java Platform SE 6 U23 (Enabled) = C:\Program Files (x86)\Java\jre6\bin\new_plugin\npjp2.dll CHR - plugin: Adobe Acrobat (Disabled) = C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Browser\nppdf32.dll CHR - plugin: Silverlight Plug-In (Enabled) = c:\Program Files (x86)\Microsoft Silverlight\4.0.60531.0\npctrl.dll CHR - plugin: Shockwave for Director (Enabled) = C:\Windows\SysWOW64\Adobe\Director\np32dsw.dll CHR - plugin: DivX Web Player (Enabled) = C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll CHR - plugin: Microsoft\u00AE Windows Media Player Firefox Plugin (Enabled) = C:\PFiles\Plugins\np-mswmp.dll CHR - plugin: Remoting Viewer (Enabled) = internal-remoting-viewer CHR - plugin: Native Client (Enabled) = C:\Users\George\AppData\Local\Google\Chrome\Application\15.0.874.106\ppGoogleNaClPluginChrome.dll CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Users\George\AppData\Local\Google\Chrome\Application\15.0.874.106\pdf.dll CHR - plugin: DivX OVS Helper Plug-in (Enabled) = C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll CHR - plugin: Windows Live\u0099 Photo Gallery (Enabled) = C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll CHR - plugin: iTunes Application Detector (Enabled) = C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll CHR - plugin: Google Update (Enabled) = C:\Users\George\AppData\Local\Google\Update\1.3.21.69\npGoogleUpdate3.dll CHR - plugin: Default Plug-in (Enabled) = default_plugin O1 HOSTS File: ([2009/06/10 21:00:26 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts O2:64bit: - BHO: (IEVkbdBHO Class) - {59273AB4-E7D3-40F9-A1A8-6FA9CCA1862C} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2010\x64\ievkbd.dll (Kaspersky Lab) O2:64bit: - BHO: (FilterBHO Class) - {E33CF602-D945-461A-83F0-819F76A199F8} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2010\x64\klwtbbho.dll (Kaspersky Lab) O2 - BHO: (IEVkbdBHO Class) - {59273AB4-E7D3-40F9-A1A8-6FA9CCA1862C} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2010\ievkbd.dll (Kaspersky Lab) O2 - BHO: (Bing Bar BHO) - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files (x86)\MSN Toolbar\Platform\6.3.2322.0\npwinext.dll (Microsoft Corporation) O2 - BHO: (FilterBHO Class) - {E33CF602-D945-461A-83F0-819F76A199F8} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2010\klwtbbho.dll (Kaspersky Lab) O3 - HKLM\..\Toolbar: (@C:\Program Files (x86)\MSN Toolbar\Platform\6.3.2322.0\npwinext.dll,-100) - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files (x86)\MSN Toolbar\Platform\6.3.2322.0\npwinext.dll (Microsoft Corporation) O4:64bit: - HKLM..\Run: [sysTrayApp] C:\Program Files\IDT\WDM\sttray64.exe (IDT, Inc.) O4:64bit: - HKLM..\Run: [WrtMon.exe] C:\Windows\SysNative\spool\drivers\x64\3\WrtMon.exe (NewSoft Technology Corporation) O4 - HKLM..\Run: [Adobe Reader Speed Launcher] C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Reader_sl.exe (Adobe Systems Incorporated) O4 - HKLM..\Run: [APSDaemon] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.) O4 - HKLM..\Run: [AVP] C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe (Kaspersky Lab) O4 - HKLM..\Run: [DivX Download Manager] "C:\Program Files (x86)\DivX\DivX Plus Web Player\DDmService.exe" start File not found O4 - HKLM..\Run: [Easybits Recovery] C:\Program Files (x86)\EasyBits For Kids\ezRecover.exe (EasyBits Software AS) O4 - HKLM..\Run: [EEventManager] C:\Program Files (x86)\Epson Software\Event Manager\EEventManager.exe (SEIKO EPSON CORPORATION) O4 - HKLM..\Run: [FUFAXSTM] C:\Program Files (x86)\Epson Software\FAX Utility\FUFAXSTM.exe (SEIKO EPSON CORPORATION) O4 - HKLM..\Run: [HTC Sync Loader] C:\Program Files (x86)\HTC\HTC Sync 3.0\htcUPCTLoader.exe () O4 - HKLM..\Run: [Malwarebytes' Anti-Malware] C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation) O4 - HKLM..\Run: [startCCC] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.) O4 - HKCU..\Run: [Epson Stylus Office BX310FN(Network)] C:\Windows\system32\spool\DRIVERS\x64\3\E_IATIFHE.EXE /FU "C:\Windows\TEMP\E_S142.tmp" /EF "HKCU" File not found O4 - HKCU..\Run: [PMSpeed] C:\Program Files (x86)\NewSoft\Presto! PageManager 8 for EP\PMSpeed.exe (NewSoft Technology Corporation) O4 - Startup: C:\Users\George\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\BBC iPlayer Desktop.lnk = C:\Program Files (x86)\BBC iPlayer Desktop\BBC iPlayer Desktop.exe () O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: HideFastUserSwitching = 0 O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableLockWorkstation = 0 O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableChangePassword = 0 O8:64bit: - Extra context menu item: Add to Anti-Banner - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2010\ie_banner_deny.htm () O8 - Extra context menu item: Add to Anti-Banner - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2010\ie_banner_deny.htm () O9:64bit: - Extra Button: &Virtual keyboard - {4248FE82-7FCB-46AC-B270-339F08212110} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2010\x64\klwtbbho.dll (Kaspersky Lab) O9:64bit: - Extra Button: URLs c&heck - {CCF151D8-D089-449F-A5A4-D9909053F20F} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2010\x64\klwtbbho.dll (Kaspersky Lab) O9 - Extra Button: &Virtual keyboard - {4248FE82-7FCB-46AC-B270-339F08212110} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2010\klwtbbho.dll (Kaspersky Lab) O9 - Extra Button: URLs c&heck - {CCF151D8-D089-449F-A5A4-D9909053F20F} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2010\klwtbbho.dll (Kaspersky Lab) O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000009 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.) O10 - NameSpace_Catalog5\Catalog_Entries\000000000009 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.) O1364bit: - gopher Prefix: missing O13 - gopher Prefix: missing O16 - DPF: {CAFEEFAC-0016-0000-0015-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_15-windows-i586.cab (Java Plug-in 1.6.0_15) O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_15-windows-i586.cab (Java Plug-in 1.6.0_15) O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab (Java Plug-in 1.6.0_29) O16 - DPF: {C345E174-3E87-4F41-A01C-B066A90A49B4} http://trial.trymicrosoftoffice.com/trialoaa/buymsoffice_assets/framework/microsoft/wrc32.ocx (WRC Class) O16 - DPF: {CAFEEFAC-0016-0000-0029-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab (Java Plug-in 1.6.0_29) O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab (Java Plug-in 1.6.0_29) O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.0.1 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{00B79012-13F1-4762-9162-B99B29B2073A}: DhcpNameServer = 192.168.0.1 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{E2554BC2-6961-4221-AE9C-1E126C17DA7C}: DhcpNameServer = 192.168.0.1 O18:64bit: - Protocol\Handler\livecall - No CLSID value found O18:64bit: - Protocol\Handler\ms-help - No CLSID value found O18:64bit: - Protocol\Handler\ms-itss - No CLSID value found O18:64bit: - Protocol\Handler\msnim - No CLSID value found O18:64bit: - Protocol\Handler\wlmailhtml - No CLSID value found O18:64bit: - Protocol\Handler\wlpg - No CLSID value found O20:64bit: - AppInit_DLLs: (C:\PROGRA~2\KASPER~1\KASPER~1\x64\sbhook64.dll) - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2010\x64\sbhook64.dll (Kaspersky Lab) O20:64bit: - AppInit_DLLs: (C:\PROGRA~2\KASPER~1\KASPER~1\x64\kloehk.dll) - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2010\x64\kloehk.dll (Kaspersky Lab) O20 - AppInit_DLLs: (C:\PROGRA~2\KASPER~1\KASPER~1\mzvkbd3.dll) -C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2010\mzvkbd3.dll (Kaspersky Lab) O20 - AppInit_DLLs: (C:\PROGRA~2\KASPER~1\KASPER~1\sbhook.dll) -C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2010\sbhook.dll (Kaspersky Lab) O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation) O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation) O20:64bit: - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\SysNative\SystemPropertiesPerformance.exe (Microsoft Corporation) O20:64bit: - HKLM Winlogon: VMApplet - (/pagefile) - File not found O20 - HKLM Winlogon: Shell - (explorer.exe) -C:\Windows\SysWow64\explorer.exe (Microsoft Corporation) O20 - HKLM Winlogon: UserInit - (userinit.exe) -C:\Windows\SysWow64\userinit.exe (Microsoft Corporation) O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found O20:64bit: - Winlogon\Notify\klogon: DllName - (%SystemRoot%\System32\klogon.dll) - C:\Windows\SysNative\klogon.dll (Kaspersky Lab) O28 - HKLM ShellExecuteHooks: {E54729E8-BB3D-4270-9D49-7389EA579090} - C:\Windows\SysWOW64\ezUPBHook.dll (EasyBits Software Corp.) O32 - HKLM CDRom: AutoRun - 1 O34 - HKLM BootExecute: (autocheck autochk *) O35:64bit: - HKLM\..comfile [open] -- "%1" %* O35:64bit: - HKLM\..exefile [open] -- "%1" %* O35 - HKLM\..comfile [open] -- "%1" %* O35 - HKLM\..exefile [open] -- "%1" %* O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %* O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %* O37 - HKLM\...com [@ = comfile] -- "%1" %* O37 - HKLM\...exe [@ = exefile] -- "%1" %* ========== Files/Folders - Created Within 30 Days ========== [2011/11/11 17:02:58 | 000,000,000 | ---D | C] -- C:\_OTL [2011/11/11 15:23:03 | 000,584,192 | ---- | C] (OldTimer Tools) -- C:\Users\George\Desktop\OTL.exe [2011/11/10 11:11:59 | 000,000,000 | ---D | C] -- C:\Users\George\AppData\Roaming\Malwarebytes [2011/11/10 11:11:35 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware [2011/11/10 11:11:34 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes [2011/11/10 11:11:30 | 000,025,416 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbam.sys [2011/11/10 11:11:29 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware [2011/11/09 15:47:32 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\EventProviders [2011/11/09 15:27:43 | 000,078,376 | ---- | C] (CyberDefender Corp.) -- C:\Windows\SysNative\drivers\CDAVFS.sys [2011/11/09 15:26:11 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Authentium [2011/11/09 15:26:11 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Authentium [2011/11/09 12:26:07 | 000,157,472 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\SysWow64\javaws.exe [2011/11/09 12:26:07 | 000,145,184 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\SysWow64\javaw.exe [2011/11/09 12:26:07 | 000,145,184 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\SysWow64\java.exe [2011/10/27 19:15:52 | 000,000,000 | ---D | C] -- C:\Users\George\Desktop\cheese cakes [2011/10/19 22:35:19 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes [2011/10/19 22:27:11 | 000,000,000 | ---D | C] -- C:\Program Files\iTunes [2011/10/19 22:27:11 | 000,000,000 | ---D | C] -- C:\Program Files\iPod [2011/10/19 21:47:32 | 000,000,000 | ---D | C] -- C:\Program Files\Bonjour [2011/10/19 21:47:32 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Bonjour [2011/10/19 20:34:38 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\QuickTime [2011/10/19 20:33:04 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\QuickTime [2011/10/19 20:13:56 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Apple Software Update ========== Files - Modified Within 30 Days ========== [2011/11/12 14:16:06 | 000,000,912 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-1737154417-1697994350-281717988-1002UA.job [2011/11/12 14:06:49 | 000,023,248 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 [2011/11/12 14:06:49 | 000,023,248 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 [2011/11/12 14:06:11 | 000,726,316 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI [2011/11/12 14:06:11 | 000,628,460 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat [2011/11/12 14:06:11 | 000,110,612 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat [2011/11/12 13:59:13 | 000,001,089 | ---- | M] () -- C:\Users\George\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\BBC iPlayer Desktop.lnk [2011/11/12 13:57:16 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat [2011/11/12 13:57:11 | 1406,296,064 | -HS- | M] () -- C:\hiberfil.sys [2011/11/11 19:42:04 | 000,000,254 | ---- | M] () -- C:\Windows\tasks\Epson Printer Software Downloader.job [2011/11/11 15:22:56 | 000,584,192 | ---- | M] (OldTimer Tools) -- C:\Users\George\Desktop\OTL.exe [2011/11/11 15:19:16 | 000,000,512 | ---- | M] () -- C:\Users\George\Desktop\MBR.dat [2011/11/11 10:14:30 | 000,000,860 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-1737154417-1697994350-281717988-1002Core.job [2011/11/10 11:11:36 | 000,001,109 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk [2011/11/09 18:51:04 | 000,000,272 | ---- | M] () -- C:\Windows\reimage.ini [2011/11/09 16:16:10 | 000,354,008 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT [2011/11/09 15:24:00 | 000,078,376 | ---- | M] (CyberDefender Corp.) -- C:\Windows\SysNative\drivers\CDAVFS.sys [2011/11/08 20:31:43 | 000,000,336 | ---- | M] () -- C:\Windows\tasks\HPCeeScheduleForGeorge.job [2011/10/27 19:09:46 | 000,002,545 | ---- | M] () -- C:\Users\George\Desktop\Google Chrome.lnk [2011/10/26 20:43:37 | 000,972,391 | ---- | M] () -- C:\Users\George\IMG_0187.JPG [2011/10/26 20:43:33 | 001,172,071 | ---- | M] () -- C:\Users\George\IMG_0186.JPG [2011/10/26 20:43:27 | 001,099,387 | ---- | M] () -- C:\Users\George\IMG_0185.JPG [2011/10/26 20:42:58 | 001,390,768 | ---- | M] () -- C:\Users\George\IMG_0184.JPG [2011/10/26 20:42:51 | 001,352,881 | ---- | M] () -- C:\Users\George\IMG_0183.JPG [2011/10/26 20:42:46 | 001,100,058 | ---- | M] () -- C:\Users\George\IMG_0182.JPG [2011/10/26 20:42:41 | 001,091,482 | ---- | M] () -- C:\Users\George\IMG_0181.JPG [2011/10/26 20:42:34 | 001,178,514 | ---- | M] () -- C:\Users\George\IMG_0180.JPG [2011/10/26 20:42:28 | 001,343,303 | ---- | M] () -- C:\Users\George\IMG_0179.JPG [2011/10/26 20:42:18 | 001,029,273 | ---- | M] () -- C:\Users\George\IMG_0178.JPG [2011/10/26 20:42:13 | 001,201,297 | ---- | M] () -- C:\Users\George\IMG_0177.JPG [2011/10/26 20:42:06 | 001,193,096 | ---- | M] () -- C:\Users\George\IMG_0174.JPG [2011/10/26 20:42:00 | 001,161,963 | ---- | M] () -- C:\Users\George\IMG_0173.JPG [2011/10/26 20:41:35 | 001,073,003 | ---- | M] () -- C:\Users\George\IMG_0160.JPG [2011/10/26 20:41:31 | 001,243,470 | ---- | M] () -- C:\Users\George\IMG_0159.JPG [2011/10/26 20:41:26 | 001,430,236 | ---- | M] () -- C:\Users\George\IMG_0158.JPG [2011/10/26 20:41:19 | 001,123,275 | ---- | M] () -- C:\Users\George\IMG_0157.JPG [2011/10/26 20:41:12 | 001,244,701 | ---- | M] () -- C:\Users\George\IMG_0156.JPG [2011/10/26 20:41:02 | 001,255,172 | ---- | M] () -- C:\Users\George\IMG_0155.JPG [2011/10/26 20:40:38 | 001,169,178 | ---- | M] () -- C:\Users\George\IMG_0154.JPG [2011/10/26 20:40:33 | 001,247,204 | ---- | M] () -- C:\Users\George\IMG_0153.JPG [2011/10/26 20:40:27 | 001,266,730 | ---- | M] () -- C:\Users\George\IMG_0152.JPG [2011/10/26 20:39:45 | 001,060,796 | ---- | M] () -- C:\Users\George\IMG_0151.JPG [2011/10/26 20:39:34 | 001,117,773 | ---- | M] () -- C:\Users\George\IMG_0150.JPG [2011/10/26 20:39:29 | 001,090,241 | ---- | M] () -- C:\Users\George\IMG_0149.JPG [2011/10/26 20:38:37 | 001,167,834 | ---- | M] () -- C:\Users\George\IMG_0091.JPG [2011/10/26 20:38:28 | 001,034,709 | ---- | M] () -- C:\Users\George\IMG_0090.JPG [2011/10/26 20:38:23 | 001,012,862 | ---- | M] () -- C:\Users\George\IMG_0089.JPG [2011/10/26 20:38:17 | 001,043,759 | ---- | M] () -- C:\Users\George\IMG_0088.JPG [2011/10/26 20:38:09 | 001,026,910 | ---- | M] () -- C:\Users\George\IMG_0087.JPG [2011/10/26 20:38:03 | 000,969,025 | ---- | M] () -- C:\Users\George\IMG_0086.JPG [2011/10/26 20:37:53 | 001,559,771 | ---- | M] () -- C:\Users\George\IMG_0085.JPG [2011/10/26 20:37:47 | 001,519,735 | ---- | M] () -- C:\Users\George\IMG_0084.JPG [2011/10/26 20:36:58 | 001,181,672 | ---- | M] () -- C:\Users\George\IMG_0041.JPG [2011/10/26 20:36:44 | 001,233,150 | ---- | M] () -- C:\Users\George\IMG_0039.JPG [2011/10/26 20:36:18 | 001,157,940 | ---- | M] () -- C:\Users\George\IMG_0038.JPG [2011/10/26 20:18:46 | 001,162,813 | ---- | M] () -- C:\Users\George\IMG_0037.JPG [2011/10/26 20:17:26 | 001,123,507 | ---- | M] () -- C:\Users\George\IMG_0036.JPG [2011/10/26 20:17:12 | 001,131,980 | ---- | M] () -- C:\Users\George\IMG_0035.JPG [2011/10/26 20:16:59 | 001,136,736 | ---- | M] () -- C:\Users\George\IMG_0034.JPG [2011/10/19 22:35:20 | 000,001,783 | ---- | M] () -- C:\Users\Public\Desktop\iTunes.lnk [2011/10/19 20:34:41 | 000,001,845 | ---- | M] () -- C:\Users\Public\Desktop\QuickTime Player.lnk ========== Files Created - No Company Name ========== [2011/11/11 15:19:16 | 000,000,512 | ---- | C] () -- C:\Users\George\Desktop\MBR.dat [2011/11/10 11:11:36 | 000,001,109 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk [2011/11/09 18:50:10 | 000,000,272 | ---- | C] () -- C:\Windows\reimage.ini [2011/10/19 22:35:20 | 000,001,783 | ---- | C] () -- C:\Users\Public\Desktop\iTunes.lnk [2011/10/19 20:34:40 | 000,001,845 | ---- | C] () -- C:\Users\Public\Desktop\QuickTime Player.lnk [2011/10/19 20:14:05 | 000,002,519 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Apple Software Update.lnk [2011/10/19 18:35:04 | 001,397,332 | ---- | C] () -- C:\Users\George\IMG_0188.JPG [2011/10/19 18:35:04 | 001,196,255 | ---- | C] () -- C:\Users\George\IMG_0192.JPG [2011/10/19 18:35:04 | 001,194,080 | ---- | C] () -- C:\Users\George\IMG_0190.JPG [2011/10/19 18:35:04 | 001,090,990 | ---- | C] () -- C:\Users\George\IMG_0191.JPG [2011/10/19 18:35:04 | 001,022,651 | ---- | C] () -- C:\Users\George\IMG_0189.JPG [2011/10/19 18:35:03 | 001,390,768 | ---- | C] () -- C:\Users\George\IMG_0184.JPG [2011/10/19 18:35:03 | 001,172,071 | ---- | C] () -- C:\Users\George\IMG_0186.JPG [2011/10/19 18:35:03 | 001,099,387 | ---- | C] () -- C:\Users\George\IMG_0185.JPG [2011/10/19 18:35:03 | 000,972,391 | ---- | C] () -- C:\Users\George\IMG_0187.JPG [2011/10/19 18:35:02 | 001,352,881 | ---- | C] () -- C:\Users\George\IMG_0183.JPG [2011/10/19 18:35:02 | 001,100,058 | ---- | C] () -- C:\Users\George\IMG_0182.JPG [2011/10/19 18:35:02 | 001,091,482 | ---- | C] () -- C:\Users\George\IMG_0181.JPG [2011/10/19 18:35:01 | 001,343,303 | ---- | C] () -- C:\Users\George\IMG_0179.JPG [2011/10/19 18:35:01 | 001,178,514 | ---- | C] () -- C:\Users\George\IMG_0180.JPG [2011/10/19 18:35:01 | 001,029,273 | ---- | C] () -- C:\Users\George\IMG_0178.JPG [2011/10/19 18:35:00 | 001,332,164 | ---- | C] () -- C:\Users\George\IMG_0176.JPG [2011/10/19 18:35:00 | 001,201,297 | ---- | C] () -- C:\Users\George\IMG_0177.JPG [2011/10/19 18:35:00 | 001,193,096 | ---- | C] () -- C:\Users\George\IMG_0174.JPG [2011/10/19 18:35:00 | 001,041,198 | ---- | C] () -- C:\Users\George\IMG_0175.JPG [2011/10/19 18:34:59 | 001,243,470 | ---- | C] () -- C:\Users\George\IMG_0159.JPG [2011/10/19 18:34:59 | 001,162,414 | ---- | C] () -- C:\Users\George\IMG_0161.JPG [2011/10/19 18:34:59 | 001,161,963 | ---- | C] () -- C:\Users\George\IMG_0173.JPG [2011/10/19 18:34:59 | 001,140,711 | ---- | C] () -- C:\Users\George\IMG_0162.JPG [2011/10/19 18:34:59 | 001,073,003 | ---- | C] () -- C:\Users\George\IMG_0160.JPG [2011/10/19 18:34:58 | 001,430,236 | ---- | C] () -- C:\Users\George\IMG_0158.JPG [2011/10/19 18:34:58 | 001,123,275 | ---- | C] () -- C:\Users\George\IMG_0157.JPG [2011/10/19 18:34:57 | 001,255,172 | ---- | C] () -- C:\Users\George\IMG_0155.JPG [2011/10/19 18:34:57 | 001,247,204 | ---- | C] () -- C:\Users\George\IMG_0153.JPG [2011/10/19 18:34:57 | 001,244,701 | ---- | C] () -- C:\Users\George\IMG_0156.JPG [2011/10/19 18:34:57 | 001,169,178 | ---- | C] () -- C:\Users\George\IMG_0154.JPG [2011/10/19 18:34:56 | 001,266,730 | ---- | C] () -- C:\Users\George\IMG_0152.JPG [2011/10/19 18:34:56 | 001,117,773 | ---- | C] () -- C:\Users\George\IMG_0150.JPG [2011/10/19 18:34:56 | 001,090,241 | ---- | C] () -- C:\Users\George\IMG_0149.JPG [2011/10/19 18:34:56 | 001,060,796 | ---- | C] () -- C:\Users\George\IMG_0151.JPG [2011/10/19 18:34:56 | 000,291,498 | ---- | C] () -- C:\Users\George\IMG_0148.JPG [2011/10/19 18:34:56 | 000,287,629 | ---- | C] () -- C:\Users\George\IMG_0145.JPG [2011/10/19 18:34:56 | 000,255,181 | ---- | C] () -- C:\Users\George\IMG_0146.JPG [2011/10/19 18:34:56 | 000,241,637 | ---- | C] () -- C:\Users\George\IMG_0147.JPG [2011/10/19 18:34:55 | 001,800,621 | ---- | C] () -- C:\Users\George\IMG_0141.JPG [2011/10/19 18:34:55 | 000,313,434 | ---- | C] () -- C:\Users\George\IMG_0144.JPG [2011/10/19 18:34:55 | 000,300,255 | ---- | C] () -- C:\Users\George\IMG_0143.JPG [2011/10/19 18:34:55 | 000,243,083 | ---- | C] () -- C:\Users\George\IMG_0142.JPG [2011/10/19 18:34:54 | 001,904,859 | ---- | C] () -- C:\Users\George\IMG_0139.JPG [2011/10/19 18:34:54 | 001,748,399 | ---- | C] () -- C:\Users\George\IMG_0137.JPG [2011/10/19 18:34:54 | 001,722,190 | ---- | C] () -- C:\Users\George\IMG_0138.JPG [2011/10/19 18:34:54 | 001,666,884 | ---- | C] () -- C:\Users\George\IMG_0140.JPG [2011/10/19 18:34:53 | 001,731,972 | ---- | C] () -- C:\Users\George\IMG_0135.JPG [2011/10/19 18:34:53 | 001,676,201 | ---- | C] () -- C:\Users\George\IMG_0136.JPG [2011/10/19 18:34:53 | 001,643,206 | ---- | C] () -- C:\Users\George\IMG_0134.JPG [2011/10/19 18:34:52 | 001,443,176 | ---- | C] () -- C:\Users\George\IMG_0131.JPG [2011/10/19 18:34:52 | 001,438,662 | ---- | C] () -- C:\Users\George\IMG_0132.JPG [2011/10/19 18:34:52 | 001,429,637 | ---- | C] () -- C:\Users\George\IMG_0133.JPG [2011/10/19 18:34:51 | 001,501,910 | ---- | C] () -- C:\Users\George\IMG_0128.JPG [2011/10/19 18:34:51 | 001,460,918 | ---- | C] () -- C:\Users\George\IMG_0130.JPG [2011/10/19 18:34:51 | 001,429,045 | ---- | C] () -- C:\Users\George\IMG_0129.JPG [2011/10/19 18:34:51 | 001,303,655 | ---- | C] () -- C:\Users\George\IMG_0127.JPG [2011/10/19 18:34:50 | 001,397,674 | ---- | C] () -- C:\Users\George\IMG_0126.JPG [2011/10/19 18:34:50 | 001,366,788 | ---- | C] () -- C:\Users\George\IMG_0125.JPG [2011/10/19 18:34:50 | 001,358,853 | ---- | C] () -- C:\Users\George\IMG_0124.JPG [2011/10/19 18:34:49 | 001,879,980 | ---- | C] () -- C:\Users\George\IMG_0123.JPG [2011/10/19 18:34:49 | 001,842,426 | ---- | C] () -- C:\Users\George\IMG_0122.JPG [2011/10/19 18:34:49 | 001,815,075 | ---- | C] () -- C:\Users\George\IMG_0121.JPG [2011/10/19 18:34:49 | 001,448,044 | ---- | C] () -- C:\Users\George\IMG_0120.JPG [2011/10/19 18:34:49 | 001,368,566 | ---- | C] () -- C:\Users\George\IMG_0119.JPG [2011/10/19 18:34:48 | 001,484,386 | ---- | C] () -- C:\Users\George\IMG_0118.JPG [2011/10/19 18:34:48 | 000,233,419 | ---- | C] () -- C:\Users\George\IMG_0109.PNG [2011/10/19 18:34:48 | 000,219,655 | ---- | C] () -- C:\Users\George\IMG_0111.PNG [2011/10/19 18:34:42 | 048,406,812 | ---- | C] () -- C:\Users\George\IMG_0108.MOV [2011/10/19 18:34:42 | 001,382,125 | ---- | C] () -- C:\Users\George\IMG_0107.JPG [2011/10/19 18:34:41 | 001,299,533 | ---- | C] () -- C:\Users\George\IMG_0106.JPG [2011/10/19 18:34:41 | 001,243,404 | ---- | C] () -- C:\Users\George\IMG_0104.JPG [2011/10/19 18:34:41 | 001,213,387 | ---- | C] () -- C:\Users\George\IMG_0103.JPG [2011/10/19 18:34:41 | 001,186,275 | ---- | C] () -- C:\Users\George\IMG_0105.JPG [2011/10/19 18:34:40 | 000,562,601 | ---- | C] () -- C:\Users\George\IMG_0102.MOV [2011/10/19 18:34:40 | 000,291,498 | ---- | C] () -- C:\Users\George\IMG_0101.JPG [2011/10/19 18:34:37 | 012,969,786 | ---- | C] () -- C:\Users\George\IMG_0100.MOV [2011/10/19 18:34:37 | 001,266,529 | ---- | C] () -- C:\Users\George\IMG_0095.JPG [2011/10/19 18:34:37 | 001,240,950 | ---- | C] () -- C:\Users\George\IMG_0097.JPG [2011/10/19 18:34:37 | 001,118,064 | ---- | C] () -- C:\Users\George\IMG_0096.JPG [2011/10/19 18:34:37 | 001,070,644 | ---- | C] () -- C:\Users\George\IMG_0099.JPG [2011/10/19 18:34:37 | 001,025,251 | ---- | C] () -- C:\Users\George\IMG_0098.JPG [2011/10/19 18:34:36 | 001,308,295 | ---- | C] () -- C:\Users\George\IMG_0093.JPG [2011/10/19 18:34:36 | 001,300,523 | ---- | C] () -- C:\Users\George\IMG_0094.JPG [2011/10/19 18:34:36 | 001,283,445 | ---- | C] () -- C:\Users\George\IMG_0092.JPG [2011/10/19 18:34:36 | 001,167,834 | ---- | C] () -- C:\Users\George\IMG_0091.JPG [2011/10/19 18:34:36 | 001,034,709 | ---- | C] () -- C:\Users\George\IMG_0090.JPG [2011/10/19 18:34:35 | 001,559,771 | ---- | C] () -- C:\Users\George\IMG_0085.JPG [2011/10/19 18:34:35 | 001,519,735 | ---- | C] () -- C:\Users\George\IMG_0084.JPG [2011/10/19 18:34:35 | 001,043,759 | ---- | C] () -- C:\Users\George\IMG_0088.JPG [2011/10/19 18:34:35 | 001,026,910 | ---- | C] () -- C:\Users\George\IMG_0087.JPG [2011/10/19 18:34:35 | 001,012,862 | ---- | C] () -- C:\Users\George\IMG_0089.JPG [2011/10/19 18:34:35 | 000,969,025 | ---- | C] () -- C:\Users\George\IMG_0086.JPG [2011/10/19 18:34:34 | 001,047,300 | ---- | C] () -- C:\Users\George\IMG_0081.JPG [2011/10/19 18:34:34 | 001,007,786 | ---- | C] () -- C:\Users\George\IMG_0083.JPG [2011/10/19 18:34:34 | 000,981,855 | ---- | C] () -- C:\Users\George\IMG_0082.JPG [2011/10/19 18:34:34 | 000,875,165 | ---- | C] () -- C:\Users\George\IMG_0080.JPG [2011/10/19 18:34:33 | 001,070,259 | ---- | C] () -- C:\Users\George\IMG_0079.JPG [2011/10/19 18:34:27 | 040,386,004 | ---- | C] () -- C:\Users\George\IMG_0060.MOV [2011/10/19 18:34:26 | 001,139,118 | ---- | C] () -- C:\Users\George\IMG_0059.JPG [2011/10/19 18:34:26 | 000,573,697 | ---- | C] () -- C:\Users\George\IMG_0057.JPG [2011/10/19 18:34:26 | 000,537,415 | ---- | C] () -- C:\Users\George\IMG_0058.JPG [2011/10/19 18:34:26 | 000,137,498 | ---- | C] () -- C:\Users\George\IMG_0043.JPG [2011/10/19 18:34:25 | 001,233,150 | ---- | C] () -- C:\Users\George\IMG_0039.JPG [2011/10/19 18:34:25 | 001,181,672 | ---- | C] () -- C:\Users\George\IMG_0041.JPG [2011/10/19 18:34:25 | 001,162,813 | ---- | C] () -- C:\Users\George\IMG_0037.JPG [2011/10/19 18:34:25 | 001,157,940 | ---- | C] () -- C:\Users\George\IMG_0038.JPG [2011/10/19 18:34:25 | 001,123,507 | ---- | C] () -- C:\Users\George\IMG_0036.JPG [2011/10/19 18:34:24 | 001,136,736 | ---- | C] () -- C:\Users\George\IMG_0034.JPG [2011/10/19 18:34:24 | 001,131,980 | ---- | C] () -- C:\Users\George\IMG_0035.JPG [2011/04/01 19:16:40 | 000,000,033 | ---- | C] () -- C:\ProgramData\{081230F8-EA50-42A9-983C-D22ABC2EED3B}.ini [2011/03/27 17:54:25 | 000,001,854 | ---- | C] () -- C:\Users\George\AppData\Roaming\GhostObjGAFix.xml [2010/05/27 10:24:14 | 000,001,378 | ---- | C] () -- C:\ProgramData\ss.ini [2010/05/22 11:28:58 | 000,000,422 | ---- | C] () -- C:\Users\George\AppData\Roaming\wklnhst.dat [2010/05/17 18:32:10 | 000,111,932 | ---- | C] () -- C:\Windows\SysWow64\EPPICPrinterDB.dat [2010/05/17 18:32:10 | 000,031,053 | ---- | C] () -- C:\Windows\SysWow64\EPPICPattern131.dat [2010/05/17 18:32:10 | 000,027,417 | ---- | C] () -- C:\Windows\SysWow64\EPPICPattern121.dat [2010/05/17 18:32:10 | 000,026,154 | ---- | C] () -- C:\Windows\SysWow64\EPPICPattern1.dat [2010/05/17 18:32:10 | 000,024,903 | ---- | C] () -- C:\Windows\SysWow64\EPPICPattern3.dat [2010/05/17 18:32:10 | 000,021,390 | ---- | C] () -- C:\Windows\SysWow64\EPPICPattern5.dat [2010/05/17 18:32:10 | 000,020,148 | ---- | C] () -- C:\Windows\SysWow64\EPPICPattern2.dat [2010/05/17 18:32:10 | 000,011,811 | ---- | C] () -- C:\Windows\SysWow64\EPPICPattern4.dat [2010/05/17 18:32:10 | 000,004,943 | ---- | C] () -- C:\Windows\SysWow64\EPPICPattern6.dat [2010/05/17 18:32:10 | 000,001,146 | ---- | C] () -- C:\Windows\SysWow64\EPPICPresetData_DU.dat [2010/05/17 18:32:10 | 000,001,139 | ---- | C] () -- C:\Windows\SysWow64\EPPICPresetData_PT.dat [2010/05/17 18:32:10 | 000,001,139 | ---- | C] () -- C:\Windows\SysWow64\EPPICPresetData_BP.dat [2010/05/17 18:32:10 | 000,001,136 | ---- | C] () -- C:\Windows\SysWow64\EPPICPresetData_ES.dat [2010/05/17 18:32:10 | 000,001,129 | ---- | C] () -- C:\Windows\SysWow64\EPPICPresetData_FR.dat [2010/05/17 18:32:10 | 000,001,129 | ---- | C] () -- C:\Windows\SysWow64\EPPICPresetData_CF.dat [2010/05/17 18:32:10 | 000,001,120 | ---- | C] () -- C:\Windows\SysWow64\EPPICPresetData_IT.dat [2010/05/17 18:32:10 | 000,001,107 | ---- | C] () -- C:\Windows\SysWow64\EPPICPresetData_GE.dat [2010/05/17 18:32:10 | 000,001,104 | ---- | C] () -- C:\Windows\SysWow64\EPPICPresetData_EN.dat [2010/05/17 18:32:10 | 000,000,097 | ---- | C] () -- C:\Windows\SysWow64\PICSDK.ini [2010/05/13 21:49:04 | 000,000,056 | -H-- | C] () -- C:\Windows\SysWow64\ezsidmv.dat [2010/03/26 09:27:33 | 000,000,282 | ---- | C] () -- C:\Windows\SysWow64\RStoneLog2.ini [2010/03/26 09:27:33 | 000,000,223 | ---- | C] () -- C:\Windows\SysWow64\RStoneLog.ini [2009/12/17 11:56:52 | 000,009,868 | ---- | C] () -- C:\Windows\SysWow64\ezdigsgn.dat [2009/12/17 09:47:50 | 000,000,000 | ---- | C] () -- C:\Windows\ativpsrm.bin [2009/09/29 23:25:16 | 000,013,312 | ---- | C] () -- C:\Windows\LPRES.DLL [2009/07/14 05:38:36 | 000,067,584 | --S- | C] () -- C:\Windows\bootstat.dat [2009/07/14 02:35:51 | 000,000,741 | ---- | C] () -- C:\Windows\SysWow64\NOISE.DAT [2009/07/14 02:34:42 | 000,215,943 | ---- | C] () -- C:\Windows\SysWow64\dssec.dat [2009/07/14 00:10:29 | 000,043,131 | ---- | C] () -- C:\Windows\mib.bin [2009/07/13 23:42:10 | 000,064,000 | ---- | C] () -- C:\Windows\SysWow64\BWContextHandler.dll [2009/07/13 21:59:36 | 001,498,564 | ---- | C] () -- C:\Windows\SysWow64\igkrng400.bin [2009/07/13 21:03:59 | 000,364,544 | ---- | C] () -- C:\Windows\SysWow64\msjetoledb40.dll [2009/06/10 21:26:10 | 000,673,088 | ---- | C] () -- C:\Windows\SysWow64\mlang.dat < End of report > what do I need to do next please? cheers Quote
Starbuck Posted November 14, 2011 Posted November 14, 2011 Hi Gadgie what do I need to do next please? Seems the fix worked ok .... entries have been removed. Only the Hosts part didn't work. It's not a huge problem as the hosts file wasn't showing any bad entries anyway. It's just something we do as a matter of course. These lines are still showing: O16 - DPF: {CAFEEFAC-0016-0000-0015-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jin...ndows-i586.cab (Java Plug-in 1.6.0_15) O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jin...ndows-i586.cab (Java Plug-in 1.6.0_15) O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jin...ndows-i586.cab (Java Plug-in 1.6.0_29) O16 - DPF: {CAFEEFAC-0016-0000-0029-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jin...ndows-i586.cab (Java Plug-in 1.6.0_29) O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jin...ndows-i586.cab (Java Plug-in 1.6.0_29) Have you followed the instructions to update Java? If so, these lines shouldn't have appeared. Quote Member of:UNITE
Gadgie Posted November 15, 2011 Author Posted November 15, 2011 Hi Gadgie Yes, that's fine. Great thanks, i can see a couple of things we should address. Step 1 Double click on OTL to run it. Copy the lines in the codebox below. (make sure that :Otl is on the first line ) :otl O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - No CLSID value found. O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found. O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found. :Files ipconfig /flushdns /c :commands [emptytemp] [purity] [RESETHOSTS] Return to OTL, right click in the Custom Scans/Fixes window (under the blue bar) and choose Paste. http://img.photobucket.com/albums/v708/starbuck50/new%20forum/scan-fix.png Click the red Run Fix button. http://img.photobucket.com/albums/v708/starbuck50/runfixbutton.png OTL will reboot your system once the fix has completed. After the reboot, you may need to double click OTL to launch the program and retrieve the log. Copy and paste the contents of the OTL log that comes up after the fix in your next reply. if you lose the report, there will be a copy here: C:\_OTL\MovedFiles Step 2 Your Java is out of date. Older versions have vulnerabilities that malware can use to infect your system. A malicious site could render Java content under older, vulnerable versions of Sun's software if the user has not removed them. Please follow these steps to remove older version Java components and update: Download the latest version of Java Runtime Environment (JRE) 7 Update 1 and save it to your desktop. Scroll down to where it says "Java SE 7 Update 1". Click the "Download JRE" button to the right. Accept the license agreement. select ' from the list. ( this is the version for a 64bit system) Save the file to your desktop. Close any programs you may have running - especially your web browser. Go to Start > Settings > Control Panel, double-click on Add/Remove Programs and remove all older versions of Java. Check (highlight) any item with Java Runtime Environment (JRE or J2SE) in the name. Click the Remove or Change/Remove button. Repeat as many times as necessary to remove each Java versions. . Java 6 Update 15 (64-bit) Java SE Development Kit 6 Update 15 (64-bit) Java 6 Update 29 . Reboot your computer once all Java components are removed. Then from your desktop double-click on jre-7u1-windows-i586-p.exe to install the newest version. In your next reply, please submit: Otl fix report Also let me know if there are any problems with the system now. Thanks. Hi Ooops forgot to update Java. I have followed your instructions at the start but cant see an option to download Windows x64'offline. There is a x86 offline or or just a x64 (no offline option) Please can you clarify. Thanks again Mark http://www.oracle.com/technetwork/java/javase/downloads/jre-7u1-download-513652.html Quote
Starbuck Posted November 15, 2011 Posted November 15, 2011 Hi there, Yes, sorry about that. I only have a 32 bit OS so had never noticed that the 64bit didn't have the offline option. Yep, just click the option you see. I'll have to remember that in future, thanks for pointing it out. Quote Member of:UNITE
Gadgie Posted November 17, 2011 Author Posted November 17, 2011 Hi there, Yes, sorry about that. I only have a 32 bit OS so had never noticed that the 64bit didn't have the offline option. Yep, just click the option you see. I'll have to remember that in future, thanks for pointing it out. Hi, Okay have instaled the new Java and here is the latest OTL report: OTL logfile created on: 11/17/2011 10:45:54 AM - Run 3 OTL by OldTimer - Version 3.2.31.0 Folder = C:\Users\George\Desktop 64bit- Home Premium Edition (Version = 6.1.7600) - Type = NTWorkstation Internet Explorer (Version = 8.0.7600.16385) Locale: 00000409 | Country: United Kingdom | Language: ENG | Date Format: dd/MM/yyyy 1.75 Gb Total Physical Memory | 0.60 Gb Available Physical Memory | 34.24% Memory free 3.49 Gb Paging File | 1.60 Gb Available in Paging File | 45.77% Paging File free Paging file location(s): ?:\pagefile.sys [binary data] %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86) Drive C: | 219.29 Gb Total Space | 160.58 Gb Free Space | 73.23% Space Free | Partition Type: NTFS Drive D: | 13.30 Gb Total Space | 2.21 Gb Free Space | 16.62% Space Free | Partition Type: NTFS Drive E: | 99.18 Mb Total Space | 95.72 Mb Free Space | 96.51% Space Free | Partition Type: FAT32 Computer Name: GEORGE-PC | User Name: George | Logged in as Administrator. Boot Mode: Normal | Scan Mode: Current user | Include 64bit Scans Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days ========== Processes (SafeList) ========== PRC - File not found PRC - C:\Users\George\Desktop\OTL.exe (OldTimer Tools) PRC - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation) PRC - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe (Malwarebytes Corporation) PRC - C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe (Hewlett-Packard Company) PRC - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe (Kaspersky Lab) PRC - C:\Program Files (x86)\BBC iPlayer Desktop\BBC iPlayer Desktop.exe () PRC - C:\Program Files (x86)\HTC\HTC Sync 3.0\htcUPCTLoader.exe () PRC - C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe () PRC - C:\Program Files (x86)\Epson Software\FAX Utility\FUFAXSTM.exe (SEIKO EPSON CORPORATION) PRC - C:\Program Files (x86)\Epson Software\Event Manager\EEventManager.exe (SEIKO EPSON CORPORATION) PRC - C:\Program Files (x86)\NewSoft\Presto! PageManager 8 for EP\PMSpeed.exe (NewSoft Technology Corporation) PRC - C:\Program Files (x86)\Common Files\EPSON\EBAPI\eEBSvc.exe (SEIKO EPSON CORPORATION) ========== Modules (No Company Name) ========== MOD - C:\Users\George\AppData\Local\Google\Chrome\Application\15.0.874.120\ppgooglenaclpluginchrome.dll () MOD - C:\Users\George\AppData\Local\Google\Chrome\Application\15.0.874.120\pdf.dll () MOD - C:\Users\George\AppData\Local\Google\Chrome\Application\15.0.874.120\avutil-51.dll () MOD - C:\Users\George\AppData\Local\Google\Chrome\Application\15.0.874.120\avformat-53.dll () MOD - C:\Users\George\AppData\Local\Google\Chrome\Application\15.0.874.120\avcodec-53.dll () MOD - C:\Users\George\AppData\Local\Google\Chrome\Application\15.0.874.120\gcswf32.dll () MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Management\cc6713be0e405d5a89a2783103f7e771\System.Management.ni.dll () MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\5672e6b9d976feca51deb06d8dd1df0e\PresentationFramework.Aero.ni.dll () MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Remo#\018d2569cf208acbe8ad73908705f607\System.Runtime.Remoting.ni.dll () MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Data\45a20172acfdcc160ecb6bd358179c31\System.Data.ni.dll () MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\09e39322b47f9b4e8dd2199ff03acb2e\PresentationFramework.ni.dll () MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\0e245eb9c1067cabd5673fe832d28613\System.Drawing.ni.dll () MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\UIAutomationTypes\a3f989a61ab0468876629134c49514b2\UIAutomationTypes.ni.dll () MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\UIAutomationProvider\fccf285ecdd9091a3f8d5e73d79c3300\UIAutomationProvider.ni.dll () MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\Accessibility\d71769228ebe7732ae31ac194fe00ff0\Accessibility.ni.dll () MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\PresentationCore\d2dc021a8311197516e4fa325b292f21\PresentationCore.ni.dll () MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\WindowsBase\3136e12cfb8809d39813e76c766c782c\WindowsBase.ni.dll () MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Xml\275680f2b9db0501d53c50ea7d7a43f0\System.Xml.ni.dll () MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Configuration\e9ebeb7959f1c916ebf6fca8f7077d6c\System.Configuration.ni.dll () MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System\95b9866ab6e4437ef5dc5855ebab4e33\System.ni.dll () MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\1b31ced9bb880d94fff1c6d47c16a81e\mscorlib.ni.dll () MOD - C:\Windows\assembly\GAC_MSIL\HP.ActiveSupportLibrary\2.0.0.1__01a974bc1760f423\HP.ActiveSupportLibrary.dll () MOD - C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll () MOD - C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll () MOD - C:\Program Files (x86)\BBC iPlayer Desktop\BBC iPlayer Desktop.exe () MOD - C:\Program Files (x86)\HTC\HTC Sync 3.0\sqlite3.dll () MOD - C:\Program Files (x86)\HTC\HTC Sync 3.0\htcUPCTLoader.exe () MOD - C:\Program Files (x86)\HTC\HTC Sync 3.0\htcDetect.dll () MOD - C:\Program Files (x86)\HTC\HTC Sync 3.0\htcDisk.dll () MOD - C:\Program Files (x86)\HTC\HTC Sync 3.0\htcDetectLegend.dll () MOD - C:\Program Files (x86)\HTC\HTC Sync 3.0\fdHttpd.dll () MOD - C:\Program Files (x86)\Common Files\LightScribe\QtGui4.dll () MOD - C:\Program Files (x86)\Common Files\LightScribe\QtCore4.dll () MOD - C:\Program Files (x86)\Common Files\LightScribe\plugins\imageformats\qjpeg4.dll () MOD - C:\Program Files (x86)\Hewlett-Packard\HP Advisor\Pillars\PCAlerts\PCAlertsPillar.dll () MOD - C:\Program Files (x86)\Hewlett-Packard\HP Advisor\Pillars\ECenter\ECLibrary.dll () MOD - C:\Program Files (x86)\Hewlett-Packard\HP Advisor\MessagingServer.dll () MOD - C:\Program Files (x86)\Hewlett-Packard\HP Advisor\MessagingClients.dll () MOD - C:\Program Files (x86)\Hewlett-Packard\HP Advisor\RemotingClient.dll () MOD - C:\Program Files (x86)\Hewlett-Packard\HP Advisor\MessagingInterface.dll () MOD - C:\Program Files (x86)\Hewlett-Packard\HP Advisor\MessagingMessages.dll () MOD - C:\Program Files (x86)\Hewlett-Packard\HP Advisor\Microsoft.Practices.EnterpriseLibrary.ExceptionHandling.Logging.dll () MOD - C:\Windows\SysWOW64\msjetoledb40.dll () MOD - C:\Windows\assembly\GAC_32\System.Data\2.0.0.0__b77a5c561934e089\System.Data.dll () MOD - C:\Program Files (x86)\Epson Software\Event Manager\Assistants\Scan Assistant\ScanEngine.dll () MOD - C:\Program Files (x86)\Epson Software\Event Manager\Assistants\Scan Assistant\Satwain.dll () ========== Win32 Services (SafeList) ========== SRV:64bit: - (vseqrts) -- C:\Program Files\Common Files\Authentium\AntiVirus5\vseqrts.exe (Authentium, Inc) SRV:64bit: - (vsedsps) -- C:\Program Files\Common Files\Authentium\AntiVirus5\vsedsps.exe (Authentium, Inc) SRV:64bit: - (vseamps) -- C:\Program Files\Common Files\Authentium\AntiVirus5\vseamps.exe (Authentium, Inc) SRV:64bit: - (AMD External Events Utility) -- C:\Windows\SysNative\atiesrxx.exe (AMD) SRV:64bit: - (STacSV) -- C:\Windows\SysNative\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_ccf0dd3cb081af84\stacsv64.exe (IDT, Inc.) SRV:64bit: - (WinDefend) -- C:\Program Files\Windows Defender\MpSvc.dll (Microsoft Corporation) SRV:64bit: - (AESTFilters) -- C:\Windows\SysNative\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_ccf0dd3cb081af84\AESTSr64.exe (Andrea Electronics Corporation) SRV - (MBAMService) -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe (Malwarebytes Corporation) SRV - (HP Support Assistant Service) -- C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe (Hewlett-Packard Company) SRV - (HPDrvMntSvc.exe) -- C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe (Hewlett-Packard Company) SRV - (AVP) -- C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe (Kaspersky Lab) SRV - (PassThru Service) -- C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe () SRV - (clr_optimization_v4.0.30319_32) -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe (Microsoft Corporation) SRV - (clr_optimization_v2.0.50727_32) -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe (Microsoft Corporation) SRV - (GameConsoleService) -- C:\Program Files (x86)\HP Games\HP Game Console\GameConsoleService.exe (WildTangent, Inc.) SRV - (ezSharedSvc) -- C:\Windows\SysWOW64\ezsvc7.dll (EasyBits Sofware AS) SRV - (EpsonBidirectionalService) -- C:\Program Files (x86)\Common Files\EPSON\EBAPI\eEBSvc.exe (SEIKO EPSON CORPORATION) ========== Driver Services (SafeList) ========== DRV:64bit: - (MBAMProtector) -- C:\Windows\SysNative\drivers\mbam.sys (Malwarebytes Corporation) DRV:64bit: - (USBAAPL64) -- C:\Windows\SysNative\drivers\usbaapl64.sys (Apple, Inc.) DRV:64bit: - (amdsata) -- C:\Windows\SysNative\drivers\amdsata.sys (Advanced Micro Devices) DRV:64bit: - (amdxata) -- C:\Windows\SysNative\drivers\amdxata.sys (Advanced Micro Devices) DRV:64bit: - (SynTP) -- C:\Windows\SysNative\drivers\SynTP.sys (Synaptics Incorporated) DRV:64bit: - (htcnprot) -- C:\Windows\SysNative\drivers\htcnprot.sys (Windows ® Win 7 DDK provider) DRV:64bit: - (athr) -- C:\Windows\SysNative\drivers\athrx.sys (Atheros Communications, Inc.) DRV:64bit: - (BVRPMPR5a64) -- C:\Windows\SysNative\drivers\BVRPMPR5a64.SYS (Avanquest Software) DRV:64bit: - (KLIF) -- C:\Windows\SysNative\drivers\klif.sys (Kaspersky Lab) DRV:64bit: - (KLIM6) -- C:\Windows\SysNative\drivers\klim6.sys (Kaspersky Lab) DRV:64bit: - (HTCAND64) -- C:\Windows\SysNative\drivers\ANDROIDUSB.sys (HTC, Corporation) DRV:64bit: - (KLBG) -- C:\Windows\SysNative\drivers\klbg.sys (Kaspersky Lab) DRV:64bit: - (klmouflt) -- C:\Windows\SysNative\drivers\klmouflt.sys (Kaspersky Lab) DRV:64bit: - (kl1) -- C:\Windows\SysNative\drivers\kl1.sys (Kaspersky Lab) DRV:64bit: - (atikmdag) -- C:\Windows\SysNative\drivers\atikmdag.sys (ATI Technologies Inc.) DRV:64bit: - (AtiHdmiService) -- C:\Windows\SysNative\drivers\AtiHdmi.sys (ATI Technologies, Inc.) DRV:64bit: - (STHDA) -- C:\Windows\SysNative\drivers\stwrt64.sys (IDT, Inc.) DRV:64bit: - (amdsbs) -- C:\Windows\SysNative\drivers\amdsbs.sys (AMD Technologies Inc.) DRV:64bit: - (LSI_SAS2) -- C:\Windows\SysNative\drivers\lsi_sas2.sys (LSI Corporation) DRV:64bit: - (HpSAMD) -- C:\Windows\SysNative\drivers\HpSAMD.sys (Hewlett-Packard Company) DRV:64bit: - (stexstor) -- C:\Windows\SysNative\drivers\stexstor.sys (Promise Technology) DRV:64bit: - (sdbus) -- C:\Windows\SysNative\drivers\sdbus.sys (Microsoft Corporation) DRV:64bit: - (SrvHsfV92) -- C:\Windows\SysNative\drivers\VSTDPV6.SYS (Conexant Systems, Inc.) DRV:64bit: - (SrvHsfWinac) -- C:\Windows\SysNative\drivers\VSTCNXT6.SYS (Conexant Systems, Inc.) DRV:64bit: - (SrvHsfHDA) -- C:\Windows\SysNative\drivers\VSTAZL6.SYS (Conexant Systems, Inc.) DRV:64bit: - (AgereSoftModem) -- C:\Windows\SysNative\drivers\agrsm64.sys (LSI Corp) DRV:64bit: - (igfx) -- C:\Windows\SysNative\drivers\igdkmd64.sys (Intel Corporation) DRV:64bit: - (yukonw7) -- C:\Windows\SysNative\drivers\yk62x64.sys (Marvell) DRV:64bit: - (netw5v64) Intel® -- C:\Windows\SysNative\drivers\netw5v64.sys (Intel Corporation) DRV:64bit: - (ebdrv) -- C:\Windows\SysNative\drivers\evbda.sys (Broadcom Corporation) DRV:64bit: - (b06bdrv) -- C:\Windows\SysNative\drivers\bxvbda.sys (Broadcom Corporation) DRV:64bit: - (b57nd60a) -- C:\Windows\SysNative\drivers\b57nd60a.sys (Broadcom Corporation) DRV:64bit: - (hcw85cir) -- C:\Windows\SysNative\drivers\hcw85cir.sys (Hauppauge Computer Works, Inc.) DRV:64bit: - (RTL8167) -- C:\Windows\SysNative\drivers\Rt64win7.sys (Realtek ) DRV:64bit: - (GEARAspiWDM) -- C:\Windows\SysNative\drivers\GEARAspiWDM.sys (GEAR Software Inc.) DRV:64bit: - (AtiPcie) AMD PCI Express (3GIO) -- C:\Windows\SysNative\drivers\AtiPcie.sys (Advanced Micro Devices Inc.) DRV:64bit: - (HpqKbFiltr) -- C:\Windows\SysNative\drivers\HpqKbFiltr.sys (Hewlett-Packard Development Company, L.P.) DRV:64bit: - (usbfilter) -- C:\Windows\SysNative\drivers\usbfilter.sys (Advanced Micro Devices) DRV - (WIMMount) -- C:\Windows\SysWOW64\drivers\wimmount.sys (Microsoft Corporation) ========== Standard Registry (SafeList) ========== ========== Internet Explorer ========== IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://g.uk.msn.com/CQNOT/2 IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://g.uk.msn.com/CQNOT/2 IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://g.uk.msn.com/CQNOT/2 IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://g.uk.msn.com/CQNOT/2 IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://g.uk.msn.com/CQNOT/2 IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://g.uk.msn.com/CQNOT/2 IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local FF:64bit: - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre7\bin\new_plugin\npjp2.dll (Oracle Corporation) FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF32.dll () FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\Windows\SysWOW64\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.) FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll () FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files (x86)\Microsoft Silverlight\4.0.60831.0\npctrl.dll ( Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3508.1109: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation) FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Users\George\AppData\Local\Google\Update\1.3.21.79\npGoogleUpdate3.dll (Google Inc.) FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Users\George\AppData\Local\Google\Update\1.3.21.79\npGoogleUpdate3.dll (Google Inc.) FF - HKEY_LOCAL_MACHINE\software\mozilla\Thunderbird\Extensions\\{eea12ec4-729d-4703-bc37-106ce9879ce2}: C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2010\THBExt [2011/02/03 17:01:42 | 000,000,000 | ---D | M] ========== Chrome ========== CHR - default_search_provider: Google (Enabled) CHR - default_search_provider: search_url = {google:baseURL}search?{google:RLZ}{google:acceptedSuggestion}{google:originalQueryForSuggestion}{google:searchFieldtrialParameter}{google:instantFieldTrialGroupParameter}sourceid=chrome&ie={inputEncoding}&q={searchTerms} CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}{google:instantFieldTrialGroupParameter}client=chrome&hl={language}&q={searchTerms} CHR - plugin: Shockwave Flash (Enabled) = C:\Users\George\AppData\Local\Google\Chrome\Application\15.0.874.120\gcswf32.dll CHR - plugin: Shockwave Flash (Enabled) = C:\Windows\system32\Macromed\Flash\NPSWF32.dll CHR - plugin: QuickTime Plug-in 7.6.9 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin.dll CHR - plugin: QuickTime Plug-in 7.6.9 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin2.dll CHR - plugin: QuickTime Plug-in 7.6.9 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin3.dll CHR - plugin: QuickTime Plug-in 7.6.9 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin4.dll CHR - plugin: QuickTime Plug-in 7.6.9 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin5.dll CHR - plugin: QuickTime Plug-in 7.6.9 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin6.dll CHR - plugin: QuickTime Plug-in 7.6.9 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin7.dll CHR - plugin: Java Deployment Toolkit 6.0.230.5 (Enabled) = C:\Program Files (x86)\Java\jre6\bin\new_plugin\npdeployJava1.dll CHR - plugin: Java Platform SE 6 U23 (Enabled) = C:\Program Files (x86)\Java\jre6\bin\new_plugin\npjp2.dll CHR - plugin: Adobe Acrobat (Disabled) = C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Browser\nppdf32.dll CHR - plugin: Silverlight Plug-In (Enabled) = c:\Program Files (x86)\Microsoft Silverlight\4.0.60531.0\npctrl.dll CHR - plugin: Shockwave for Director (Enabled) = C:\Windows\SysWOW64\Adobe\Director\np32dsw.dll CHR - plugin: DivX Web Player (Enabled) = C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll CHR - plugin: Microsoft\u00AE Windows Media Player Firefox Plugin (Enabled) = C:\PFiles\Plugins\np-mswmp.dll CHR - plugin: Remoting Viewer (Enabled) = internal-remoting-viewer CHR - plugin: Native Client (Enabled) = C:\Users\George\AppData\Local\Google\Chrome\Application\15.0.874.120\ppGoogleNaClPluginChrome.dll CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Users\George\AppData\Local\Google\Chrome\Application\15.0.874.120\pdf.dll CHR - plugin: DivX OVS Helper Plug-in (Enabled) = C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll CHR - plugin: Windows Live\u0099 Photo Gallery (Enabled) = C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll CHR - plugin: iTunes Application Detector (Enabled) = C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll CHR - plugin: Google Update (Enabled) = C:\Users\George\AppData\Local\Google\Update\1.3.21.69\npGoogleUpdate3.dll CHR - plugin: Default Plug-in (Enabled) = default_plugin O1 HOSTS File: ([2009/06/10 21:00:26 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts O2:64bit: - BHO: (IEVkbdBHO Class) - {59273AB4-E7D3-40F9-A1A8-6FA9CCA1862C} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2010\x64\ievkbd.dll (Kaspersky Lab) O2:64bit: - BHO: (Java Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation) O2:64bit: - BHO: (FilterBHO Class) - {E33CF602-D945-461A-83F0-819F76A199F8} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2010\x64\klwtbbho.dll (Kaspersky Lab) O2 - BHO: (IEVkbdBHO Class) - {59273AB4-E7D3-40F9-A1A8-6FA9CCA1862C} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2010\ievkbd.dll (Kaspersky Lab) O2 - BHO: (Bing Bar BHO) - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files (x86)\MSN Toolbar\Platform\6.3.2322.0\npwinext.dll (Microsoft Corporation) O2 - BHO: (Java Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll File not found O2 - BHO: (FilterBHO Class) - {E33CF602-D945-461A-83F0-819F76A199F8} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2010\klwtbbho.dll (Kaspersky Lab) O3 - HKLM\..\Toolbar: (@C:\Program Files (x86)\MSN Toolbar\Platform\6.3.2322.0\npwinext.dll,-100) - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files (x86)\MSN Toolbar\Platform\6.3.2322.0\npwinext.dll (Microsoft Corporation) O4:64bit: - HKLM..\Run: [sysTrayApp] C:\Program Files\IDT\WDM\sttray64.exe (IDT, Inc.) O4:64bit: - HKLM..\Run: [WrtMon.exe] C:\Windows\SysNative\spool\drivers\x64\3\WrtMon.exe (NewSoft Technology Corporation) O4 - HKLM..\Run: [Adobe Reader Speed Launcher] C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Reader_sl.exe (Adobe Systems Incorporated) O4 - HKLM..\Run: [APSDaemon] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.) O4 - HKLM..\Run: [AVP] C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe (Kaspersky Lab) O4 - HKLM..\Run: [DivX Download Manager] "C:\Program Files (x86)\DivX\DivX Plus Web Player\DDmService.exe" start File not found O4 - HKLM..\Run: [Easybits Recovery] C:\Program Files (x86)\EasyBits For Kids\ezRecover.exe (EasyBits Software AS) O4 - HKLM..\Run: [EEventManager] C:\Program Files (x86)\Epson Software\Event Manager\EEventManager.exe (SEIKO EPSON CORPORATION) O4 - HKLM..\Run: [FUFAXSTM] C:\Program Files (x86)\Epson Software\FAX Utility\FUFAXSTM.exe (SEIKO EPSON CORPORATION) O4 - HKLM..\Run: [HTC Sync Loader] C:\Program Files (x86)\HTC\HTC Sync 3.0\htcUPCTLoader.exe () O4 - HKLM..\Run: [Malwarebytes' Anti-Malware] C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation) O4 - HKLM..\Run: [startCCC] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.) O4 - HKCU..\Run: [Epson Stylus Office BX310FN(Network)] C:\Windows\system32\spool\DRIVERS\x64\3\E_IATIFHE.EXE /FU "C:\Windows\TEMP\E_S142.tmp" /EF "HKCU" File not found O4 - HKCU..\Run: [PMSpeed] C:\Program Files (x86)\NewSoft\Presto! PageManager 8 for EP\PMSpeed.exe (NewSoft Technology Corporation) O4 - Startup: C:\Users\George\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\BBC iPlayer Desktop.lnk = C:\Program Files (x86)\BBC iPlayer Desktop\BBC iPlayer Desktop.exe () O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: HideFastUserSwitching = 0 O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableLockWorkstation = 0 O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableChangePassword = 0 O8:64bit: - Extra context menu item: Add to Anti-Banner - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2010\ie_banner_deny.htm () O8 - Extra context menu item: Add to Anti-Banner - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2010\ie_banner_deny.htm () O9:64bit: - Extra Button: &Virtual keyboard - {4248FE82-7FCB-46AC-B270-339F08212110} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2010\x64\klwtbbho.dll (Kaspersky Lab) O9:64bit: - Extra Button: URLs c&heck - {CCF151D8-D089-449F-A5A4-D9909053F20F} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2010\x64\klwtbbho.dll (Kaspersky Lab) O9 - Extra Button: &Virtual keyboard - {4248FE82-7FCB-46AC-B270-339F08212110} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2010\klwtbbho.dll (Kaspersky Lab) O9 - Extra Button: URLs c&heck - {CCF151D8-D089-449F-A5A4-D9909053F20F} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2010\klwtbbho.dll (Kaspersky Lab) O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000009 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.) O10 - NameSpace_Catalog5\Catalog_Entries\000000000009 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.) O1364bit: - gopher Prefix: missing O13 - gopher Prefix: missing O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.7.0/jinstall-1_7_0_01-windows-i586.cab (Java Plug-in 10.1.0) O16 - DPF: {CAFEEFAC-0017-0000-0001-ABCDEFFEDCBA} http://java.sun.com/update/1.7.0/jinstall-1_7_0_01-windows-i586.cab (Java Plug-in 1.7.0_01) O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.7.0/jinstall-1_7_0_01-windows-i586.cab (Java Plug-in 1.7.0_01) O16 - DPF: {C345E174-3E87-4F41-A01C-B066A90A49B4} http://trial.trymicrosoftoffice.com/trialoaa/buymsoffice_assets/framework/microsoft/wrc32.ocx (WRC Class) O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.0.1 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{00B79012-13F1-4762-9162-B99B29B2073A}: DhcpNameServer = 192.168.0.1 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{E2554BC2-6961-4221-AE9C-1E126C17DA7C}: DhcpNameServer = 192.168.0.1 O18:64bit: - Protocol\Handler\livecall - No CLSID value found O18:64bit: - Protocol\Handler\ms-help - No CLSID value found O18:64bit: - Protocol\Handler\ms-itss - No CLSID value found O18:64bit: - Protocol\Handler\msnim - No CLSID value found O18:64bit: - Protocol\Handler\wlmailhtml - No CLSID value found O18:64bit: - Protocol\Handler\wlpg - No CLSID value found O20:64bit: - AppInit_DLLs: (C:\PROGRA~2\KASPER~1\KASPER~1\x64\sbhook64.dll) - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2010\x64\sbhook64.dll (Kaspersky Lab) O20:64bit: - AppInit_DLLs: (C:\PROGRA~2\KASPER~1\KASPER~1\x64\kloehk.dll) - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2010\x64\kloehk.dll (Kaspersky Lab) O20 - AppInit_DLLs: (C:\PROGRA~2\KASPER~1\KASPER~1\mzvkbd3.dll) -C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2010\mzvkbd3.dll (Kaspersky Lab) O20 - AppInit_DLLs: (C:\PROGRA~2\KASPER~1\KASPER~1\sbhook.dll) -C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2010\sbhook.dll (Kaspersky Lab) O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation) O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation) O20:64bit: - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\SysNative\SystemPropertiesPerformance.exe (Microsoft Corporation) O20:64bit: - HKLM Winlogon: VMApplet - (/pagefile) - File not found O20 - HKLM Winlogon: Shell - (explorer.exe) -C:\Windows\SysWow64\explorer.exe (Microsoft Corporation) O20 - HKLM Winlogon: UserInit - (userinit.exe) -C:\Windows\SysWow64\userinit.exe (Microsoft Corporation) O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found O20:64bit: - Winlogon\Notify\klogon: DllName - (%SystemRoot%\System32\klogon.dll) - C:\Windows\SysNative\klogon.dll (Kaspersky Lab) O28 - HKLM ShellExecuteHooks: {E54729E8-BB3D-4270-9D49-7389EA579090} - C:\Windows\SysWOW64\ezUPBHook.dll (EasyBits Software Corp.) O32 - HKLM CDRom: AutoRun - 1 O34 - HKLM BootExecute: (autocheck autochk *) O35:64bit: - HKLM\..comfile [open] -- "%1" %* O35:64bit: - HKLM\..exefile [open] -- "%1" %* O35 - HKLM\..comfile [open] -- "%1" %* O35 - HKLM\..exefile [open] -- "%1" %* O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %* O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %* O37 - HKLM\...com [@ = comfile] -- "%1" %* O37 - HKLM\...exe [@ = exefile] -- "%1" %* ========== Files/Folders - Created Within 30 Days ========== [2011/11/17 10:40:51 | 000,627,600 | ---- | C] (Oracle Corporation) -- C:\Windows\SysNative\deployJava1.dll [2011/11/17 10:40:50 | 000,252,296 | ---- | C] (Oracle Corporation) -- C:\Windows\SysNative\javaws.exe [2011/11/17 10:40:50 | 000,188,808 | ---- | C] (Oracle Corporation) -- C:\Windows\SysNative\javaw.exe [2011/11/17 10:40:50 | 000,188,808 | ---- | C] (Oracle Corporation) -- C:\Windows\SysNative\java.exe [2011/11/11 17:02:58 | 000,000,000 | ---D | C] -- C:\_OTL [2011/11/11 15:23:03 | 000,584,192 | ---- | C] (OldTimer Tools) -- C:\Users\George\Desktop\OTL.exe [2011/11/10 11:11:59 | 000,000,000 | ---D | C] -- C:\Users\George\AppData\Roaming\Malwarebytes [2011/11/10 11:11:35 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware [2011/11/10 11:11:34 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes [2011/11/10 11:11:30 | 000,025,416 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbam.sys [2011/11/10 11:11:29 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware [2011/11/09 15:47:32 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\EventProviders [2011/11/09 15:27:43 | 000,078,376 | ---- | C] (CyberDefender Corp.) -- C:\Windows\SysNative\drivers\CDAVFS.sys [2011/11/09 15:26:11 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Authentium [2011/11/09 15:26:11 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Authentium [2011/10/27 19:15:52 | 000,000,000 | ---D | C] -- C:\Users\George\Desktop\cheese cakes [2011/10/19 22:35:19 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes [2011/10/19 22:27:11 | 000,000,000 | ---D | C] -- C:\Program Files\iTunes [2011/10/19 22:27:11 | 000,000,000 | ---D | C] -- C:\Program Files\iPod [2011/10/19 21:47:32 | 000,000,000 | ---D | C] -- C:\Program Files\Bonjour [2011/10/19 21:47:32 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Bonjour [2011/10/19 20:34:38 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\QuickTime [2011/10/19 20:33:04 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\QuickTime [2011/10/19 20:13:56 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Apple Software Update ========== Files - Modified Within 30 Days ========== [2011/11/17 10:41:04 | 000,023,248 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 [2011/11/17 10:41:04 | 000,023,248 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 [2011/11/17 10:40:45 | 000,726,316 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI [2011/11/17 10:40:45 | 000,628,460 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat [2011/11/17 10:40:45 | 000,110,612 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat [2011/11/17 10:40:17 | 000,627,600 | ---- | M] (Oracle Corporation) -- C:\Windows\SysNative\deployJava1.dll [2011/11/17 10:40:17 | 000,252,296 | ---- | M] (Oracle Corporation) -- C:\Windows\SysNative\javaws.exe [2011/11/17 10:40:17 | 000,188,808 | ---- | M] (Oracle Corporation) -- C:\Windows\SysNative\javaw.exe [2011/11/17 10:40:17 | 000,188,808 | ---- | M] (Oracle Corporation) -- C:\Windows\SysNative\java.exe [2011/11/17 10:34:00 | 000,001,089 | ---- | M] () -- C:\Users\George\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\BBC iPlayer Desktop.lnk [2011/11/17 10:32:56 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat [2011/11/17 10:32:50 | 1406,296,064 | -HS- | M] () -- C:\hiberfil.sys [2011/11/17 10:16:03 | 000,000,912 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-1737154417-1697994350-281717988-1002UA.job [2011/11/17 09:44:05 | 000,000,860 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-1737154417-1697994350-281717988-1002Core.job [2011/11/17 01:49:04 | 000,000,254 | ---- | M] () -- C:\Windows\tasks\Epson Printer Software Downloader.job [2011/11/15 10:39:44 | 000,002,545 | ---- | M] () -- C:\Users\George\Desktop\Google Chrome.lnk [2011/11/11 15:22:56 | 000,584,192 | ---- | M] (OldTimer Tools) -- C:\Users\George\Desktop\OTL.exe [2011/11/11 15:19:16 | 000,000,512 | ---- | M] () -- C:\Users\George\Desktop\MBR.dat [2011/11/10 11:11:36 | 000,001,109 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk [2011/11/09 18:51:04 | 000,000,272 | ---- | M] () -- C:\Windows\reimage.ini [2011/11/09 16:16:10 | 000,354,008 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT [2011/11/09 15:24:00 | 000,078,376 | ---- | M] (CyberDefender Corp.) -- C:\Windows\SysNative\drivers\CDAVFS.sys [2011/11/08 20:31:43 | 000,000,336 | ---- | M] () -- C:\Windows\tasks\HPCeeScheduleForGeorge.job [2011/10/26 20:43:37 | 000,972,391 | ---- | M] () -- C:\Users\George\IMG_0187.JPG [2011/10/26 20:43:33 | 001,172,071 | ---- | M] () -- C:\Users\George\IMG_0186.JPG [2011/10/26 20:43:27 | 001,099,387 | ---- | M] () -- C:\Users\George\IMG_0185.JPG [2011/10/26 20:42:58 | 001,390,768 | ---- | M] () -- C:\Users\George\IMG_0184.JPG [2011/10/26 20:42:51 | 001,352,881 | ---- | M] () -- C:\Users\George\IMG_0183.JPG [2011/10/26 20:42:46 | 001,100,058 | ---- | M] () -- C:\Users\George\IMG_0182.JPG [2011/10/26 20:42:41 | 001,091,482 | ---- | M] () -- C:\Users\George\IMG_0181.JPG [2011/10/26 20:42:34 | 001,178,514 | ---- | M] () -- C:\Users\George\IMG_0180.JPG [2011/10/26 20:42:28 | 001,343,303 | ---- | M] () -- C:\Users\George\IMG_0179.JPG [2011/10/26 20:42:18 | 001,029,273 | ---- | M] () -- C:\Users\George\IMG_0178.JPG [2011/10/26 20:42:13 | 001,201,297 | ---- | M] () -- C:\Users\George\IMG_0177.JPG [2011/10/26 20:42:06 | 001,193,096 | ---- | M] () -- C:\Users\George\IMG_0174.JPG [2011/10/26 20:42:00 | 001,161,963 | ---- | M] () -- C:\Users\George\IMG_0173.JPG [2011/10/26 20:41:35 | 001,073,003 | ---- | M] () -- C:\Users\George\IMG_0160.JPG [2011/10/26 20:41:31 | 001,243,470 | ---- | M] () -- C:\Users\George\IMG_0159.JPG [2011/10/26 20:41:26 | 001,430,236 | ---- | M] () -- C:\Users\George\IMG_0158.JPG [2011/10/26 20:41:19 | 001,123,275 | ---- | M] () -- C:\Users\George\IMG_0157.JPG [2011/10/26 20:41:12 | 001,244,701 | ---- | M] () -- C:\Users\George\IMG_0156.JPG [2011/10/26 20:41:02 | 001,255,172 | ---- | M] () -- C:\Users\George\IMG_0155.JPG [2011/10/26 20:40:38 | 001,169,178 | ---- | M] () -- C:\Users\George\IMG_0154.JPG [2011/10/26 20:40:33 | 001,247,204 | ---- | M] () -- C:\Users\George\IMG_0153.JPG [2011/10/26 20:40:27 | 001,266,730 | ---- | M] () -- C:\Users\George\IMG_0152.JPG [2011/10/26 20:39:45 | 001,060,796 | ---- | M] () -- C:\Users\George\IMG_0151.JPG [2011/10/26 20:39:34 | 001,117,773 | ---- | M] () -- C:\Users\George\IMG_0150.JPG [2011/10/26 20:39:29 | 001,090,241 | ---- | M] () -- C:\Users\George\IMG_0149.JPG [2011/10/26 20:38:37 | 001,167,834 | ---- | M] () -- C:\Users\George\IMG_0091.JPG [2011/10/26 20:38:28 | 001,034,709 | ---- | M] () -- C:\Users\George\IMG_0090.JPG [2011/10/26 20:38:23 | 001,012,862 | ---- | M] () -- C:\Users\George\IMG_0089.JPG [2011/10/26 20:38:17 | 001,043,759 | ---- | M] () -- C:\Users\George\IMG_0088.JPG [2011/10/26 20:38:09 | 001,026,910 | ---- | M] () -- C:\Users\George\IMG_0087.JPG [2011/10/26 20:38:03 | 000,969,025 | ---- | M] () -- C:\Users\George\IMG_0086.JPG [2011/10/26 20:37:53 | 001,559,771 | ---- | M] () -- C:\Users\George\IMG_0085.JPG [2011/10/26 20:37:47 | 001,519,735 | ---- | M] () -- C:\Users\George\IMG_0084.JPG [2011/10/26 20:36:58 | 001,181,672 | ---- | M] () -- C:\Users\George\IMG_0041.JPG [2011/10/26 20:36:44 | 001,233,150 | ---- | M] () -- C:\Users\George\IMG_0039.JPG [2011/10/26 20:36:18 | 001,157,940 | ---- | M] () -- C:\Users\George\IMG_0038.JPG [2011/10/26 20:18:46 | 001,162,813 | ---- | M] () -- C:\Users\George\IMG_0037.JPG [2011/10/26 20:17:26 | 001,123,507 | ---- | M] () -- C:\Users\George\IMG_0036.JPG [2011/10/26 20:17:12 | 001,131,980 | ---- | M] () -- C:\Users\George\IMG_0035.JPG [2011/10/26 20:16:59 | 001,136,736 | ---- | M] () -- C:\Users\George\IMG_0034.JPG [2011/10/19 22:35:20 | 000,001,783 | ---- | M] () -- C:\Users\Public\Desktop\iTunes.lnk [2011/10/19 20:34:41 | 000,001,845 | ---- | M] () -- C:\Users\Public\Desktop\QuickTime Player.lnk ========== Files Created - No Company Name ========== [2011/11/11 15:19:16 | 000,000,512 | ---- | C] () -- C:\Users\George\Desktop\MBR.dat [2011/11/10 11:11:36 | 000,001,109 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk [2011/11/09 18:50:10 | 000,000,272 | ---- | C] () -- C:\Windows\reimage.ini [2011/10/19 22:35:20 | 000,001,783 | ---- | C] () -- C:\Users\Public\Desktop\iTunes.lnk [2011/10/19 20:34:40 | 000,001,845 | ---- | C] () -- C:\Users\Public\Desktop\QuickTime Player.lnk [2011/10/19 20:14:05 | 000,002,519 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Apple Software Update.lnk [2011/10/19 18:35:04 | 001,397,332 | ---- | C] () -- C:\Users\George\IMG_0188.JPG [2011/10/19 18:35:04 | 001,196,255 | ---- | C] () -- C:\Users\George\IMG_0192.JPG [2011/10/19 18:35:04 | 001,194,080 | ---- | C] () -- C:\Users\George\IMG_0190.JPG [2011/10/19 18:35:04 | 001,090,990 | ---- | C] () -- C:\Users\George\IMG_0191.JPG [2011/10/19 18:35:04 | 001,022,651 | ---- | C] () -- C:\Users\George\IMG_0189.JPG [2011/10/19 18:35:03 | 001,390,768 | ---- | C] () -- C:\Users\George\IMG_0184.JPG [2011/10/19 18:35:03 | 001,172,071 | ---- | C] () -- C:\Users\George\IMG_0186.JPG [2011/10/19 18:35:03 | 001,099,387 | ---- | C] () -- C:\Users\George\IMG_0185.JPG [2011/10/19 18:35:03 | 000,972,391 | ---- | C] () -- C:\Users\George\IMG_0187.JPG [2011/10/19 18:35:02 | 001,352,881 | ---- | C] () -- C:\Users\George\IMG_0183.JPG [2011/10/19 18:35:02 | 001,100,058 | ---- | C] () -- C:\Users\George\IMG_0182.JPG [2011/10/19 18:35:02 | 001,091,482 | ---- | C] () -- C:\Users\George\IMG_0181.JPG [2011/10/19 18:35:01 | 001,343,303 | ---- | C] () -- C:\Users\George\IMG_0179.JPG [2011/10/19 18:35:01 | 001,178,514 | ---- | C] () -- C:\Users\George\IMG_0180.JPG [2011/10/19 18:35:01 | 001,029,273 | ---- | C] () -- C:\Users\George\IMG_0178.JPG [2011/10/19 18:35:00 | 001,332,164 | ---- | C] () -- C:\Users\George\IMG_0176.JPG [2011/10/19 18:35:00 | 001,201,297 | ---- | C] () -- C:\Users\George\IMG_0177.JPG [2011/10/19 18:35:00 | 001,193,096 | ---- | C] () -- C:\Users\George\IMG_0174.JPG [2011/10/19 18:35:00 | 001,041,198 | ---- | C] () -- C:\Users\George\IMG_0175.JPG [2011/10/19 18:34:59 | 001,243,470 | ---- | C] () -- C:\Users\George\IMG_0159.JPG [2011/10/19 18:34:59 | 001,162,414 | ---- | C] () -- C:\Users\George\IMG_0161.JPG [2011/10/19 18:34:59 | 001,161,963 | ---- | C] () -- C:\Users\George\IMG_0173.JPG [2011/10/19 18:34:59 | 001,140,711 | ---- | C] () -- C:\Users\George\IMG_0162.JPG [2011/10/19 18:34:59 | 001,073,003 | ---- | C] () -- C:\Users\George\IMG_0160.JPG [2011/10/19 18:34:58 | 001,430,236 | ---- | C] () -- C:\Users\George\IMG_0158.JPG [2011/10/19 18:34:58 | 001,123,275 | ---- | C] () -- C:\Users\George\IMG_0157.JPG [2011/10/19 18:34:57 | 001,255,172 | ---- | C] () -- C:\Users\George\IMG_0155.JPG [2011/10/19 18:34:57 | 001,247,204 | ---- | C] () -- C:\Users\George\IMG_0153.JPG [2011/10/19 18:34:57 | 001,244,701 | ---- | C] () -- C:\Users\George\IMG_0156.JPG [2011/10/19 18:34:57 | 001,169,178 | ---- | C] () -- C:\Users\George\IMG_0154.JPG [2011/10/19 18:34:56 | 001,266,730 | ---- | C] () -- C:\Users\George\IMG_0152.JPG [2011/10/19 18:34:56 | 001,117,773 | ---- | C] () -- C:\Users\George\IMG_0150.JPG [2011/10/19 18:34:56 | 001,090,241 | ---- | C] () -- C:\Users\George\IMG_0149.JPG [2011/10/19 18:34:56 | 001,060,796 | ---- | C] () -- C:\Users\George\IMG_0151.JPG [2011/10/19 18:34:56 | 000,291,498 | ---- | C] () -- C:\Users\George\IMG_0148.JPG [2011/10/19 18:34:56 | 000,287,629 | ---- | C] () -- C:\Users\George\IMG_0145.JPG [2011/10/19 18:34:56 | 000,255,181 | ---- | C] () -- C:\Users\George\IMG_0146.JPG [2011/10/19 18:34:56 | 000,241,637 | ---- | C] () -- C:\Users\George\IMG_0147.JPG [2011/10/19 18:34:55 | 001,800,621 | ---- | C] () -- C:\Users\George\IMG_0141.JPG [2011/10/19 18:34:55 | 000,313,434 | ---- | C] () -- C:\Users\George\IMG_0144.JPG [2011/10/19 18:34:55 | 000,300,255 | ---- | C] () -- C:\Users\George\IMG_0143.JPG [2011/10/19 18:34:55 | 000,243,083 | ---- | C] () -- C:\Users\George\IMG_0142.JPG [2011/10/19 18:34:54 | 001,904,859 | ---- | C] () -- C:\Users\George\IMG_0139.JPG [2011/10/19 18:34:54 | 001,748,399 | ---- | C] () -- C:\Users\George\IMG_0137.JPG [2011/10/19 18:34:54 | 001,722,190 | ---- | C] () -- C:\Users\George\IMG_0138.JPG [2011/10/19 18:34:54 | 001,666,884 | ---- | C] () -- C:\Users\George\IMG_0140.JPG [2011/10/19 18:34:53 | 001,731,972 | ---- | C] () -- C:\Users\George\IMG_0135.JPG [2011/10/19 18:34:53 | 001,676,201 | ---- | C] () -- C:\Users\George\IMG_0136.JPG [2011/10/19 18:34:53 | 001,643,206 | ---- | C] () -- C:\Users\George\IMG_0134.JPG [2011/10/19 18:34:52 | 001,443,176 | ---- | C] () -- C:\Users\George\IMG_0131.JPG [2011/10/19 18:34:52 | 001,438,662 | ---- | C] () -- C:\Users\George\IMG_0132.JPG [2011/10/19 18:34:52 | 001,429,637 | ---- | C] () -- C:\Users\George\IMG_0133.JPG [2011/10/19 18:34:51 | 001,501,910 | ---- | C] () -- C:\Users\George\IMG_0128.JPG [2011/10/19 18:34:51 | 001,460,918 | ---- | C] () -- C:\Users\George\IMG_0130.JPG [2011/10/19 18:34:51 | 001,429,045 | ---- | C] () -- C:\Users\George\IMG_0129.JPG [2011/10/19 18:34:51 | 001,303,655 | ---- | C] () -- C:\Users\George\IMG_0127.JPG [2011/10/19 18:34:50 | 001,397,674 | ---- | C] () -- C:\Users\George\IMG_0126.JPG [2011/10/19 18:34:50 | 001,366,788 | ---- | C] () -- C:\Users\George\IMG_0125.JPG [2011/10/19 18:34:50 | 001,358,853 | ---- | C] () -- C:\Users\George\IMG_0124.JPG [2011/10/19 18:34:49 | 001,879,980 | ---- | C] () -- C:\Users\George\IMG_0123.JPG [2011/10/19 18:34:49 | 001,842,426 | ---- | C] () -- C:\Users\George\IMG_0122.JPG [2011/10/19 18:34:49 | 001,815,075 | ---- | C] () -- C:\Users\George\IMG_0121.JPG [2011/10/19 18:34:49 | 001,448,044 | ---- | C] () -- C:\Users\George\IMG_0120.JPG [2011/10/19 18:34:49 | 001,368,566 | ---- | C] () -- C:\Users\George\IMG_0119.JPG [2011/10/19 18:34:48 | 001,484,386 | ---- | C] () -- C:\Users\George\IMG_0118.JPG [2011/10/19 18:34:48 | 000,233,419 | ---- | C] () -- C:\Users\George\IMG_0109.PNG [2011/10/19 18:34:48 | 000,219,655 | ---- | C] () -- C:\Users\George\IMG_0111.PNG [2011/10/19 18:34:42 | 048,406,812 | ---- | C] () -- C:\Users\George\IMG_0108.MOV [2011/10/19 18:34:42 | 001,382,125 | ---- | C] () -- C:\Users\George\IMG_0107.JPG [2011/10/19 18:34:41 | 001,299,533 | ---- | C] () -- C:\Users\George\IMG_0106.JPG [2011/10/19 18:34:41 | 001,243,404 | ---- | C] () -- C:\Users\George\IMG_0104.JPG [2011/10/19 18:34:41 | 001,213,387 | ---- | C] () -- C:\Users\George\IMG_0103.JPG [2011/10/19 18:34:41 | 001,186,275 | ---- | C] () -- C:\Users\George\IMG_0105.JPG [2011/10/19 18:34:40 | 000,562,601 | ---- | C] () -- C:\Users\George\IMG_0102.MOV [2011/10/19 18:34:40 | 000,291,498 | ---- | C] () -- C:\Users\George\IMG_0101.JPG [2011/10/19 18:34:37 | 012,969,786 | ---- | C] () -- C:\Users\George\IMG_0100.MOV [2011/10/19 18:34:37 | 001,266,529 | ---- | C] () -- C:\Users\George\IMG_0095.JPG [2011/10/19 18:34:37 | 001,240,950 | ---- | C] () -- C:\Users\George\IMG_0097.JPG [2011/10/19 18:34:37 | 001,118,064 | ---- | C] () -- C:\Users\George\IMG_0096.JPG [2011/10/19 18:34:37 | 001,070,644 | ---- | C] () -- C:\Users\George\IMG_0099.JPG [2011/10/19 18:34:37 | 001,025,251 | ---- | C] () -- C:\Users\George\IMG_0098.JPG [2011/10/19 18:34:36 | 001,308,295 | ---- | C] () -- C:\Users\George\IMG_0093.JPG [2011/10/19 18:34:36 | 001,300,523 | ---- | C] () -- C:\Users\George\IMG_0094.JPG [2011/10/19 18:34:36 | 001,283,445 | ---- | C] () -- C:\Users\George\IMG_0092.JPG [2011/10/19 18:34:36 | 001,167,834 | ---- | C] () -- C:\Users\George\IMG_0091.JPG [2011/10/19 18:34:36 | 001,034,709 | ---- | C] () -- C:\Users\George\IMG_0090.JPG [2011/10/19 18:34:35 | 001,559,771 | ---- | C] () -- C:\Users\George\IMG_0085.JPG [2011/10/19 18:34:35 | 001,519,735 | ---- | C] () -- C:\Users\George\IMG_0084.JPG [2011/10/19 18:34:35 | 001,043,759 | ---- | C] () -- C:\Users\George\IMG_0088.JPG [2011/10/19 18:34:35 | 001,026,910 | ---- | C] () -- C:\Users\George\IMG_0087.JPG [2011/10/19 18:34:35 | 001,012,862 | ---- | C] () -- C:\Users\George\IMG_0089.JPG [2011/10/19 18:34:35 | 000,969,025 | ---- | C] () -- C:\Users\George\IMG_0086.JPG [2011/10/19 18:34:34 | 001,047,300 | ---- | C] () -- C:\Users\George\IMG_0081.JPG [2011/10/19 18:34:34 | 001,007,786 | ---- | C] () -- C:\Users\George\IMG_0083.JPG [2011/10/19 18:34:34 | 000,981,855 | ---- | C] () -- C:\Users\George\IMG_0082.JPG [2011/10/19 18:34:34 | 000,875,165 | ---- | C] () -- C:\Users\George\IMG_0080.JPG [2011/10/19 18:34:33 | 001,070,259 | ---- | C] () -- C:\Users\George\IMG_0079.JPG [2011/10/19 18:34:27 | 040,386,004 | ---- | C] () -- C:\Users\George\IMG_0060.MOV [2011/10/19 18:34:26 | 001,139,118 | ---- | C] () -- C:\Users\George\IMG_0059.JPG [2011/10/19 18:34:26 | 000,573,697 | ---- | C] () -- C:\Users\George\IMG_0057.JPG [2011/10/19 18:34:26 | 000,537,415 | ---- | C] () -- C:\Users\George\IMG_0058.JPG [2011/10/19 18:34:26 | 000,137,498 | ---- | C] () -- C:\Users\George\IMG_0043.JPG [2011/10/19 18:34:25 | 001,233,150 | ---- | C] () -- C:\Users\George\IMG_0039.JPG [2011/10/19 18:34:25 | 001,181,672 | ---- | C] () -- C:\Users\George\IMG_0041.JPG [2011/10/19 18:34:25 | 001,162,813 | ---- | C] () -- C:\Users\George\IMG_0037.JPG [2011/10/19 18:34:25 | 001,157,940 | ---- | C] () -- C:\Users\George\IMG_0038.JPG [2011/10/19 18:34:25 | 001,123,507 | ---- | C] () -- C:\Users\George\IMG_0036.JPG [2011/10/19 18:34:24 | 001,136,736 | ---- | C] () -- C:\Users\George\IMG_0034.JPG [2011/10/19 18:34:24 | 001,131,980 | ---- | C] () -- C:\Users\George\IMG_0035.JPG [2011/04/01 19:16:40 | 000,000,033 | ---- | C] () -- C:\ProgramData\{081230F8-EA50-42A9-983C-D22ABC2EED3B}.ini [2011/03/27 17:54:25 | 000,001,854 | ---- | C] () -- C:\Users\George\AppData\Roaming\GhostObjGAFix.xml [2010/05/27 10:24:14 | 000,001,378 | ---- | C] () -- C:\ProgramData\ss.ini [2010/05/22 11:28:58 | 000,000,422 | ---- | C] () -- C:\Users\George\AppData\Roaming\wklnhst.dat [2010/05/17 18:32:10 | 000,111,932 | ---- | C] () -- C:\Windows\SysWow64\EPPICPrinterDB.dat [2010/05/17 18:32:10 | 000,031,053 | ---- | C] () -- C:\Windows\SysWow64\EPPICPattern131.dat [2010/05/17 18:32:10 | 000,027,417 | ---- | C] () -- C:\Windows\SysWow64\EPPICPattern121.dat [2010/05/17 18:32:10 | 000,026,154 | ---- | C] () -- C:\Windows\SysWow64\EPPICPattern1.dat [2010/05/17 18:32:10 | 000,024,903 | ---- | C] () -- C:\Windows\SysWow64\EPPICPattern3.dat [2010/05/17 18:32:10 | 000,021,390 | ---- | C] () -- C:\Windows\SysWow64\EPPICPattern5.dat [2010/05/17 18:32:10 | 000,020,148 | ---- | C] () -- C:\Windows\SysWow64\EPPICPattern2.dat [2010/05/17 18:32:10 | 000,011,811 | ---- | C] () -- C:\Windows\SysWow64\EPPICPattern4.dat [2010/05/17 18:32:10 | 000,004,943 | ---- | C] () -- C:\Windows\SysWow64\EPPICPattern6.dat [2010/05/17 18:32:10 | 000,001,146 | ---- | C] () -- C:\Windows\SysWow64\EPPICPresetData_DU.dat [2010/05/17 18:32:10 | 000,001,139 | ---- | C] () -- C:\Windows\SysWow64\EPPICPresetData_PT.dat [2010/05/17 18:32:10 | 000,001,139 | ---- | C] () -- C:\Windows\SysWow64\EPPICPresetData_BP.dat [2010/05/17 18:32:10 | 000,001,136 | ---- | C] () -- C:\Windows\SysWow64\EPPICPresetData_ES.dat [2010/05/17 18:32:10 | 000,001,129 | ---- | C] () -- C:\Windows\SysWow64\EPPICPresetData_FR.dat [2010/05/17 18:32:10 | 000,001,129 | ---- | C] () -- C:\Windows\SysWow64\EPPICPresetData_CF.dat [2010/05/17 18:32:10 | 000,001,120 | ---- | C] () -- C:\Windows\SysWow64\EPPICPresetData_IT.dat [2010/05/17 18:32:10 | 000,001,107 | ---- | C] () -- C:\Windows\SysWow64\EPPICPresetData_GE.dat [2010/05/17 18:32:10 | 000,001,104 | ---- | C] () -- C:\Windows\SysWow64\EPPICPresetData_EN.dat [2010/05/17 18:32:10 | 000,000,097 | ---- | C] () -- C:\Windows\SysWow64\PICSDK.ini [2010/05/13 21:49:04 | 000,000,056 | -H-- | C] () -- C:\Windows\SysWow64\ezsidmv.dat [2010/03/26 09:27:33 | 000,000,282 | ---- | C] () -- C:\Windows\SysWow64\RStoneLog2.ini [2010/03/26 09:27:33 | 000,000,223 | ---- | C] () -- C:\Windows\SysWow64\RStoneLog.ini [2009/12/17 11:56:52 | 000,009,868 | ---- | C] () -- C:\Windows\SysWow64\ezdigsgn.dat [2009/12/17 09:47:50 | 000,000,000 | ---- | C] () -- C:\Windows\ativpsrm.bin [2009/09/29 23:25:16 | 000,013,312 | ---- | C] () -- C:\Windows\LPRES.DLL [2009/07/14 05:38:36 | 000,067,584 | --S- | C] () -- C:\Windows\bootstat.dat [2009/07/14 02:35:51 | 000,000,741 | ---- | C] () -- C:\Windows\SysWow64\NOISE.DAT [2009/07/14 02:34:42 | 000,215,943 | ---- | C] () -- C:\Windows\SysWow64\dssec.dat [2009/07/14 00:10:29 | 000,043,131 | ---- | C] () -- C:\Windows\mib.bin [2009/07/13 23:42:10 | 000,064,000 | ---- | C] () -- C:\Windows\SysWow64\BWContextHandler.dll [2009/07/13 21:59:36 | 001,498,564 | ---- | C] () -- C:\Windows\SysWow64\igkrng400.bin [2009/07/13 21:03:59 | 000,364,544 | ---- | C] () -- C:\Windows\SysWow64\msjetoledb40.dll [2009/06/10 21:26:10 | 000,673,088 | ---- | C] () -- C:\Windows\SysWow64\mlang.dat < End of report > cheers Quote
Starbuck Posted November 17, 2011 Posted November 17, 2011 Hi Gadgie I've just been double checking the reports, seems i missed something first time around. Let's deal with this now. Step 1 Click Start >> Control Panel Under Programs, click Uninstall a Program. Click on AVSDK5, ok the message and uninstall the program. It may or may not uninstall.... either way now run the following fix. Step 2 Double click on OTL to run it. Copy the lines in the codebox below. (make sure that :Otl is on the first line ) :Otl SRV:64bit: - (vseqrts) -- C:\Program Files\Common Files\Authentium\AntiVirus5\vseqrts.exe (Authentium, Inc) SRV:64bit: - (vsedsps) -- C:\Program Files\Common Files\Authentium\AntiVirus5\vsedsps.exe (Authentium, Inc) SRV:64bit: - (vseamps) -- C:\Program Files\Common Files\Authentium\AntiVirus5\vseamps.exe (Authentium, Inc) [2011/11/09 15:26:11 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Authentium [2011/11/09 15:26:11 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Authentium :Files ipconfig /flushdns /c :commands [emptytemp] Return to OTL, right click in the Custom Scans/Fixes window (under the blue bar) and choose Paste. http://img.photobucket.com/albums/v708/starbuck50/new%20forum/scan-fix.png Click the red Run Fix button. http://img.photobucket.com/albums/v708/starbuck50/runfixbutton.png OTL will reboot your system once the fix has completed. After the reboot, you may need to double click OTL to launch the program and retrieve the log. Copy and paste the contents of the OTL log that comes up after the fix in your next reply. if you lose the report, there will be a copy here: C:\_OTL\MovedFiles In your next reply, please submit: Otl fix report and let me know if the system is running any better now. Thanks. Quote Member of:UNITE
Gadgie Posted November 18, 2011 Author Posted November 18, 2011 Hi Gadgie I've just been double checking the reports, seems i missed something first time around. Let's deal with this now. Step 1 Click Start >> Control Panel Under Programs, click Uninstall a Program. Click on AVSDK5, ok the message and uninstall the program. It may or may not uninstall.... either way now run the following fix. Step 2 Double click on OTL to run it. Copy the lines in the codebox below. (make sure that :Otl is on the first line ) :Otl SRV:64bit: - (vseqrts) -- C:\Program Files\Common Files\Authentium\AntiVirus5\vseqrts.exe (Authentium, Inc) SRV:64bit: - (vsedsps) -- C:\Program Files\Common Files\Authentium\AntiVirus5\vsedsps.exe (Authentium, Inc) SRV:64bit: - (vseamps) -- C:\Program Files\Common Files\Authentium\AntiVirus5\vseamps.exe (Authentium, Inc) [2011/11/09 15:26:11 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Authentium [2011/11/09 15:26:11 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Authentium :Files ipconfig /flushdns /c :commands [emptytemp] Return to OTL, right click in the Custom Scans/Fixes window (under the blue bar) and choose Paste. http://img.photobucket.com/albums/v708/starbuck50/new%20forum/scan-fix.png Click the red Run Fix button. http://img.photobucket.com/albums/v708/starbuck50/runfixbutton.png OTL will reboot your system once the fix has completed. After the reboot, you may need to double click OTL to launch the program and retrieve the log. Copy and paste the contents of the OTL log that comes up after the fix in your next reply. if you lose the report, there will be a copy here: C:\_OTL\MovedFiles In your next reply, please submit: Otl fix report and let me know if the system is running any better now. Thanks. Hi Cant see AVSDK5 anywhere so still proceed to the OTL fix? Also can you tell me what the AVSDK5 is? cheers Quote
Starbuck Posted November 18, 2011 Posted November 18, 2011 Hi Gadgie Cant see AVSDK5 anywhere so still proceed to the OTL fix? Also can you tell me what the AVSDK5 is? It's related to Authentium AntiVirus. It is not recommend that you have more than one anti virus product installed and running on your computer at a time. The reason for this is that if both products have their automatic (Real-Time) protection switched on, then those products which do not encrypt the virus strings within them can cause other anti virus products to cause "false alarms". It can also lead to a clash as both products fight for access to files which are opened again this is the resident/automatic protection. In general terms, the two programs may conflict and cause: 1) False Alarms: When the anti virus software tells you that your PC has a virus when it actually doesn't. 2) System Performance Problems: Your system may lock up due to both products attempting to access the same file at the same time. But i've read that sometimes it's installed along with something else, so you may not have actually installed it yourself. Can you post the OTL fix report so that i can double check that the whole fix worked. Is the system running any better now? Quote Member of:UNITE
Gadgie Posted November 23, 2011 Author Posted November 23, 2011 Hi Gadgie It's related to Authentium AntiVirus. It is not recommend that you have more than one anti virus product installed and running on your computer at a time. The reason for this is that if both products have their automatic (Real-Time) protection switched on, then those products which do not encrypt the virus strings within them can cause other anti virus products to cause "false alarms". It can also lead to a clash as both products fight for access to files which are opened again this is the resident/automatic protection. In general terms, the two programs may conflict and cause: 1) False Alarms: When the anti virus software tells you that your PC has a virus when it actually doesn't. 2) System Performance Problems: Your system may lock up due to both products attempting to access the same file at the same time. But i've read that sometimes it's installed along with something else, so you may not have actually installed it yourself. Can you post the OTL fix report so that i can double check that the whole fix worked. Is the system running any better now? Hi Starbuck, Here is the report: All processes killed ========== OTL ========== Service vseqrts stopped successfully! Service vseqrts deleted successfully! C:\Program Files\Common Files\Authentium\AntiVirus5\vseqrts.exe moved successfully. Error: Unable to stop service vsedsps! Registry key HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\vsedsps deleted successfully. C:\Program Files\Common Files\Authentium\AntiVirus5\vsedsps.exe moved successfully. Service vseamps stopped successfully! Service vseamps deleted successfully! C:\Program Files\Common Files\Authentium\AntiVirus5\vseamps.exe moved successfully. C:\Program Files\Common Files\Authentium\AntiVirus5\ampse folder moved successfully. C:\Program Files\Common Files\Authentium\AntiVirus5\ampmf folder moved successfully. C:\Program Files\Common Files\Authentium\AntiVirus5 folder moved successfully. C:\Program Files\Common Files\Authentium folder moved successfully. C:\Program Files (x86)\Common Files\Authentium\AntiVirus5 folder moved successfully. C:\Program Files (x86)\Common Files\Authentium folder moved successfully. ========== FILES ========== < ipconfig /flushdns /c > Windows IP Configuration Successfully flushed the DNS Resolver Cache. C:\Users\George\Desktop\cmd.bat deleted successfully. C:\Users\George\Desktop\cmd.txt deleted successfully. ========== COMMANDS ========== [EMPTYTEMP] User: All Users User: Default ->Temp folder emptied: 0 bytes ->Temporary Internet Files folder emptied: 0 bytes ->Flash cache emptied: 0 bytes User: Default User ->Temp folder emptied: 0 bytes ->Temporary Internet Files folder emptied: 0 bytes ->Flash cache emptied: 0 bytes User: George ->Temp folder emptied: 198384 bytes ->Temporary Internet Files folder emptied: 14129559 bytes ->Java cache emptied: 0 bytes ->Google Chrome cache emptied: 373427296 bytes ->Flash cache emptied: 9487 bytes User: Mark User: Public %systemdrive% .tmp files removed: 0 bytes %systemroot% .tmp files removed: 0 bytes %systemroot%\System32 .tmp files removed: 0 bytes %systemroot%\System32 (64bit) .tmp files removed: 0 bytes %systemroot%\System32\drivers .tmp files removed: 0 bytes Windows Temp folder emptied: 1125307 bytes %systemroot%\sysnative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files folder emptied: 66717 bytes %systemroot%\sysnative\config\systemprofile\AppData\LocalLow\Sun\Java\Deployment folder emptied: 749 bytes RecycleBin emptied: 110312 bytes Total Files Cleaned = 371.00 mb OTL by OldTimer - Version 3.2.31.0 log created on 11232011_122204 Files\Folders moved on Reboot... C:\Users\George\AppData\Local\Temp\FXSAPIDebugLogFile.txt moved successfully. Registry entries deleted on Reboot... The system is running better thanks but the internet can still be a bit slow think it is problems with my ISP, Orange. Is it worth purchasing the malware protection programme? And I assume it doesnt interfere with my Kesperskey? Cheers Gadgie Can I ask you about a problem with another computer once you have finished helping me with this one? many thanks Quote
Starbuck Posted November 23, 2011 Posted November 23, 2011 Hi Gadgie Is it worth purchasing the malware protection programme? And I assume it doesnt interfere with my Kesperskey? For the little that it costs, it is a good investment. It's a lifetime agreement, so once you pay .... that's it, nothing to pay again for life. The big difference between the free and paid for version is that you can use the paid for version to run all the time in the background and it's self updating. TBH, most people just use the free version and update it manually and run a scan once or twice a week. So it's entirely up to you. No, it won't interfere with Kaspersky at all. Can I ask you about a problem with another computer once you have finished helping me with this one? No problem at all. Just start a new thread about the other system.... it won't get confusing that way. I'd like you to do an ESET OnlineScan Let's double check everything before finishing off. 64Bit users, please see note at the bottom. You may find it beneficial to close your resident AV program before running the scan. It's been found that on some systems the Eset's Online Scan fails during the database download ( around 20% ) To prevent this happening: When the Computer scan settings display shows, click the Advanced option, the place a check next to the following (if it is not already checked): Enable Anti-Stealth technology http://img.photobucket.com/albums/v708/starbuck50/eset.png Hold down Control and click on the following link to open ESET OnlineScan in a new window. ESET OnlineScan . Click the http://billy-oneal.com/Canned%20Speeches/speechimages/eset/esetOnline.png button. For alternate browsers only: (Microsoft Internet Explorer users can skip these steps) Click on http://billy-oneal.com/Canned%20Speeches/speechimages/eset/esetSmartInstall.png to download the ESET Smart Installer. Save it to your desktop. Double click on the http://billy-oneal.com/Canned%20Speeches/speechimages/eset/esetSmartInstallDesktopIcon.png icon on your desktop. [*]Check http://billy-oneal.com/Canned%20Speeches/speechimages/eset/esetAcceptTerms.png [*]Click the http://billy-oneal.com/Canned%20Speeches/speechimages/eset/esetStart.png button. [*]Accept any security warnings from your browser. [*]Check http://billy-oneal.com/Canned%20Speeches/speechimages/eset/esetScanArchives.png [*]Click the Start button. [*]ESET will then download updates for itself, install itself, and begin scanning your computer. Please be patient as this can take some time. [*]When the scan completes, push http://billy-oneal.com/Canned%20Speeches/speechimages/eset/esetListThreats.png [*]Click http://billy-oneal.com/Canned%20Speeches/speechimages/eset/esetExport.png, and save the file to your desktop using a unique name, such as ESETScan. Include the contents of this report in your next reply. [*]Click the http://billy-oneal.com/Canned%20Speeches/speechimages/eset/esetBack.png button. [*]Click http://billy-oneal.com/Canned%20Speeches/speechimages/eset/esetFinish.png A log file will be saved here: C:\Program Files\ESET\ESET Online Scanner\log.txt Note: As you are running a 64bit system: The ESET Online Scanner is a 32-bit application, which means it must be run through in the 32-bit version of Internet Explorer, and as an Administrator. To do so, right-click on the Internet Explorer (32-bit) icon in the Start Menu and select "Run as administrator" from the context menu. Let me have the Eset report if anything is found. Thanks Quote Member of:UNITE
Gadgie Posted November 29, 2011 Author Posted November 29, 2011 Hi Gadgie For the little that it costs, it is a good investment. It's a lifetime agreement, so once you pay .... that's it, nothing to pay again for life. The big difference between the free and paid for version is that you can use the paid for version to run all the time in the background and it's self updating. TBH, most people just use the free version and update it manually and run a scan once or twice a week. So it's entirely up to you. No, it won't interfere with Kaspersky at all. No problem at all. Just start a new thread about the other system.... it won't get confusing that way. I'd like you to do an ESET OnlineScan Let's double check everything before finishing off. 64Bit users, please see note at the bottom. You may find it beneficial to close your resident AV program before running the scan. It's been found that on some systems the Eset's Online Scan fails during the database download ( around 20% ) To prevent this happening: When the Computer scan settings display shows, click the Advanced option, the place a check next to the following (if it is not already checked): Enable Anti-Stealth technology http://img.photobucket.com/albums/v708/starbuck50/eset.png Hold down Control and click on the following link to open ESET OnlineScan in a new window. ESET OnlineScan Click the http://billy-oneal.com/Canned%20Speeches/speechimages/eset/esetOnline.png button. For alternate browsers only: (Microsoft Internet Explorer users can skip these steps) Click on http://billy-oneal.com/Canned%20Speeches/speechimages/eset/esetSmartInstall.png to download the ESET Smart Installer. Save it to your desktop. Double click on the http://billy-oneal.com/Canned%20Speeches/speechimages/eset/esetSmartInstallDesktopIcon.png icon on your desktop. [*]Check http://billy-oneal.com/Canned%20Speeches/speechimages/eset/esetAcceptTerms.png [*]Click the http://billy-oneal.com/Canned%20Speeches/speechimages/eset/esetStart.png button. [*]Accept any security warnings from your browser. [*]Check http://billy-oneal.com/Canned%20Speeches/speechimages/eset/esetScanArchives.png [*]Click the Start button. [*]ESET will then download updates for itself, install itself, and begin scanning your computer. Please be patient as this can take some time. [*]When the scan completes, push http://billy-oneal.com/Canned%20Speeches/speechimages/eset/esetListThreats.png [*]Click http://billy-oneal.com/Canned%20Speeches/speechimages/eset/esetExport.png, and save the file to your desktop using a unique name, such as ESETScan. Include the contents of this report in your next reply. [*]Click the http://billy-oneal.com/Canned%20Speeches/speechimages/eset/esetBack.png button. [*]Click http://billy-oneal.com/Canned%20Speeches/speechimages/eset/esetFinish.png A log file will be saved here: C:\Program Files\ESET\ESET Online Scanner\log.txt Note: As you are running a 64bit system: The ESET Online Scanner is a 32-bit application, which means it must be run through in the 32-bit version of Internet Explorer, and as an Administrator. To do so, right-click on the Internet Explorer (32-bit) icon in the Start Menu and select "Run as administrator" from the context menu. Let me have the Eset report if anything is found. Thanks Hi Starbuck Sorry for the late reply was away for a few days. Im not sure what you mean by ESET on-line scan. I googled it and assume you want me to download some software? Is it one of these? http://www.eset.co.uk/Download cheers Quote
RandyL Posted November 29, 2011 Posted November 29, 2011 You missed seeing the link. Here it is again. ESET OnlineScan On the left side you will see; STEP ONE: Run free on-demand scan That is what you want. Scroll up to post #43 for Starbucks instructions on this please. Quote We are all members helping other members. Please return here where you may be able to help someone else. After all, no one knows everything and you may have the answer that someone needs.Get help with computer problems. Join Free PC Help here Donations are welcome. Read Here
Starbuck Posted November 29, 2011 Posted November 29, 2011 I've now highlighted the link in both replies to make things easier. Quote Member of:UNITE
Gadgie Posted November 30, 2011 Author Posted November 30, 2011 Hi Starbuck Sorry for the late reply was away for a few days. Im not sure what you mean by ESET on-line scan. I googled it and assume you want me to download some software? Is it one of these? http://www.eset.co.uk/Download cheers Hi, Sorry I missed the link, that was pretty stupid even for me!!. Just wanted to double check that I am also having to scan the archives? The reason I ask is that I have been scanning for almost 3 hours and it is only at 17%. cheers Quote
Starbuck Posted November 30, 2011 Posted November 30, 2011 Just wanted to double check that I am also having to scan the archives? It's best to run a full system scan, so yes that's ok. Depending on your system and hard drive, the scan can take anything from a couple of hours.... to all night. :o But it is worth it, it's a very thougher scan. Quote Member of:UNITE
Gadgie Posted December 1, 2011 Author Posted December 1, 2011 (edited) It's best to run a full system scan, so yes that's ok. Depending on your system and hard drive, the scan can take anything from a couple of hours.... to all night. :o But it is worth it, it's a very thougher scan. Hi Starbuck, I had to abandon the test as I had to do some internet banking, it ran for 12 hours and only hit 43%. Will try and get it done in the next few days and will get back to you. Also meant to say that my internet is going slower as ever and I cant play online videos despite internet speed tests telling me that I am getting in excess of 4MB of dowload speed. Cheers Edited December 1, 2011 by Gadgie Quote
Gadgie Posted December 1, 2011 Author Posted December 1, 2011 Hi Starbuck, I had to abandon the test as I had to do some internet banking, it ran for 12 hours and only hit 43%. Will try and get it done in the next few days and will get back to you. Also meant to say that my internet is going slower as ever and I cant play online videos despite internet speed tests telling me that I am getting in excess of 4MB of dowload speed. Cheers I'd imagine that this is why the scan is taking sooooo long. Is there anything that I might have done over the course of trying to fix the computer to cause my connection to drop so significantly? cheers Quote
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.