Welcome to MalwareRemoval.com,
What if we told you that you could get malware removal help from experts, and that it was 100% free? MalwareRemoval.com provides free support for people with infected computers. Our help, and the tools we use are always 100% free. No hidden catch. We simply enjoy helping others. You enjoy a clean, safe computer.

Malware Removal Instructions

Very Slow Internet Browsing. Continued

MalwareRemoval.com provides free support for people with infected computers. Using plain language that anyone can understand, our community of volunteer experts will walk you through each step.

Very Slow Internet Browsing. Continued

Unread postby L33AJD » September 16th, 2013, 11:25 am

DDS Logs

DDS (Ver_2012-11-20.01) - NTFS_x86
Internet Explorer: 8.0.6001.18702 BrowserJavaVersion: 1.6.0_20
Run by The Brown's at 16:22:28 on 2013-09-16
Microsoft Windows XP Professional 5.1.2600.3.1252.1.1033.18.502.178 [GMT 1:00]
.
.
============== Running Processes ================
.
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\eHome\ehRecvr.exe
C:\WINDOWS\eHome\ehSched.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe
C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
C:\WINDOWS\ehome\mcrdsvc.exe
C:\WINDOWS\system32\dllhost.exe
C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Micronet Wireless Network Utility\RtWlan.exe
C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\WINDOWS\system32\wbem\wmiprvse.exe
C:\WINDOWS\system32\svchost.exe -k netsvcs
C:\WINDOWS\system32\svchost.exe -k NetworkService
C:\WINDOWS\system32\svchost.exe -k LocalService
C:\WINDOWS\system32\svchost.exe -k LocalService
C:\WINDOWS\system32\svchost.exe -k imgsvc
.
============== Pseudo HJT Report ===============
.
uStart Page = hxxp://www.google.co.uk/
uSearch Bar = hxxp://mysearch.myway.com/jsp/dellsidebar.jsp?p=DK
uSearch Page = hxxp://www.google.com
uDefault_Page_URL = hxxp://www.dell.co.uk/myway
uSearchMigratedDefaultURL = hxxp://www.google.com/search?q={searchTerms}&sourceid=ie7&rls=com.microsoft:en-US&ie=utf8&oe=utf8
uSearchAssistant = hxxp://www.google.com/ie
uSearchURL,(Default) = hxxp://uk.search.yahoo.com/search?fr=mcafee&p=%s
mSearchAssistant = hxxp://www.google.com/ie
uURLSearchHooks: <No Name>: {4D25F926-B9FE-4682-BF72-8AB8210D6D75} - c:\program files\mywaysa\srchasde\deSrcAs.dll
uURLSearchHooks: <No Name>: {00A6FAF6-072E-44cf-8957-5838F569A31D} -
uURLSearchHooks: {EF99BD32-C1FB-11D2-892F-0090271D4F88} - <orphaned>
dURLSearchHooks: <No Name>: {00A6FAF6-072E-44cf-8957-5838F569A31D} -
dURLSearchHooks: <No Name>: {4D25F926-B9FE-4682-BF72-8AB8210D6D75} - c:\program files\mywaysa\srchasde\deSrcAs.dll
BHO: AcroIEHlprObj Class: {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - c:\program files\adobe\acrobat 6.0\reader\activex\AcroIEHelper.dll
BHO: <No Name>: {4D25F921-B9FE-4682-BF72-8AB8210D6D75} - c:\program files\mywaysa\srchasde\deSrcAs.dll
BHO: {5C255C8A-E604-49b4-9D64-90988571CECB} - <orphaned>
BHO: Groove GFS Browser Helper: {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - c:\program files\microsoft office\office14\GROOVEEX.DLL
BHO: Windows Live Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - c:\program files\common files\microsoft shared\windows live\WindowsLiveLogin.dll
BHO: Skype Browser Helper: {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - c:\program files\skype\toolbars\internet explorer\skypeieplugin.dll
BHO: Office Document Cache Handler: {B4F3A835-0E21-4959-BA22-42B3008E02FF} - c:\program files\microsoft office\office14\URLREDIR.DLL
BHO: Java(tm) Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - c:\program files\java\jre6\bin\jp2ssv.dll
BHO: JQSIEStartDetectorImpl Class: {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - c:\program files\java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
TB: My Web Search: {07B18EA9-A523-4961-B6BB-170DE4475CCA} -
TB: My Web Search: {07B18EA9-A523-4961-B6BB-170DE4475CCA} -
uRun: [ctfmon.exe] c:\windows\system32\ctfmon.exe
uRunOnce: [Shockwave Updater] c:\windows\system32\adobe\shockw~1\SWHELP~1.EXE -Update -1103472 -"Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 5.1; FunWebProducts; GTB6.6; .NET CLR 1.0.3705; .NET CLR 1.1.4322; Media Center PC 4.0; .NET CLR 2.0.50727; InfoPath.1; .NET CLR 3.0.4506.2152; .NET CLR 3.5.30729)" -"http://www.nationalexpress.com/home.aspx"
dRun: [CTFMON.EXE] c:\windows\system32\ctfmon.exe
StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\micron~1.lnk - c:\program files\micronet wireless network utility\RtWlan.exe
uPolicies-Explorer: NoDriveTypeAutoRun = dword:145
mPolicies-Windows\System: Allow-LogonScript-NetbiosDisabled = dword:1
mPolicies-Explorer: NoDriveTypeAutoRun = dword:145
IE: &Search - <no file>
IE: E&xport to Microsoft Excel - c:\progra~1\micros~3\office14\EXCEL.EXE/3000
IE: Se&nd to OneNote - c:\progra~1\micros~3\office14\ONBttnIE.dll/105
IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - c:\program files\microsoft office\office14\ONBttnIE.dll
IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - c:\program files\microsoft office\office14\ONBttnIELinkedNotes.dll
IE: {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - c:\program files\skype\toolbars\internet explorer\skypeieplugin.dll
IE: {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe
IE: {FB5F1910-F110-11d2-BB9E-00C04F795683} - c:\program files\messenger\msmsgs.exe
DPF: {17492023-C23A-453E-A040-C7C580BBF700} - hxxp://download.microsoft.com/download/ ... ontrol.cab
TCP: NameServer = 192.168.0.1
TCP: Interfaces\{4A640915-2EFE-4B3D-8D88-0A2581296DA0} : DHCPNameServer = 192.168.0.1
Filter: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - c:\program files\common files\microsoft shared\office14\MSOXMLMF.DLL
Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - c:\program files\skype\toolbars\internet explorer\skypeieplugin.dll
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - c:\program files\common files\skype\Skype4COM.dll
Notify: igfxcui - igfxdev.dll
SEH: Groove GFS Stub Execution Hook - {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - c:\program files\microsoft office\office14\GROOVEEX.DLL
mASetup: {8A69D345-D564-463c-AFF1-A69D9E530F96} - "c:\program files\google\chrome\application\29.0.1547.66\installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level --multi-install --chrome
.
============= SERVICES / DRIVERS ===============
.
R2 MBAMScheduler;MBAMScheduler;c:\program files\malwarebytes' anti-malware\mbamscheduler.exe [2013-9-12 418376]
R2 MBAMService;MBAMService;c:\program files\malwarebytes' anti-malware\mbamservice.exe [2013-9-12 701512]
R2 McrdSvc;Media Center Extender Service;c:\windows\ehome\mcrdsvc.exe [2005-8-5 99328]
R3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [2013-9-12 22856]
R3 SjyPkt;SjyPkt;c:\windows\system32\drivers\SjyPkt.sys [2011-12-31 13532]
S2 SkypeUpdate;Skype Updater;c:\program files\skype\updater\Updater.exe [2013-4-19 161384]
.
=============== Created Last 30 ================
.
2013-09-12 11:14:06 -------- d-----w- c:\documents and settings\the brown's\application data\Malwarebytes
2013-09-12 11:13:54 -------- d-----w- c:\documents and settings\all users\application data\Malwarebytes
2013-09-12 11:13:53 22856 ----a-w- c:\windows\system32\drivers\mbam.sys
2013-09-12 11:13:53 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
2013-09-12 11:07:51 -------- d-----w- c:\documents and settings\the brown's\application data\DriverCure
2013-09-12 11:07:50 -------- d-----w- c:\documents and settings\the brown's\application data\SparkTrust
2013-09-12 11:07:33 -------- d-----w- c:\documents and settings\all users\application data\SparkTrust
.
==================== Find3M ====================
.
2013-08-07 23:40:28 26600 ----a-r- c:\windows\system32\drivers\GEARAspiWDM.sys
2013-08-07 23:40:26 107368 ----a-r- c:\windows\system32\GEARAspi.dll
.
============= FINISH: 16:24:00.39 ===============


.
UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
IF REQUESTED, ZIP IT UP & ATTACH IT
.
DDS (Ver_2012-11-20.01)
.
Microsoft Windows XP Professional
Boot Device: \Device\HarddiskVolume2
Install Date: 20/01/2008 10:12:55
System Uptime: 15/09/2013 09:31:50 (31 hours ago)
.
Motherboard: Dell Inc. | | 0JC474
Processor: Intel(R) Pentium(R) 4 CPU 2.80GHz | Microprocessor | 2793/800mhz
.
==== Disk Partitions =========================
.
C: is FIXED (NTFS) - 70 GiB total, 35.307 GiB free.
.
==== Disabled Device Manager Items =============
.
Class GUID: {4D36E965-E325-11CE-BFC1-08002BE10318}
Description: CD-ROM Drive
Device ID: IDE\CDROMPHILIPS_DVD+-RW_DVD8701_________________5D24____\5&2B88F5E5&0&0.0.0
Manufacturer: (Standard CD-ROM drives)
Name: PHILIPS DVD+-RW DVD8701
PNP Device ID: IDE\CDROMPHILIPS_DVD+-RW_DVD8701_________________5D24____\5&2B88F5E5&0&0.0.0
Service: cdrom
.
Class GUID: {4D36E965-E325-11CE-BFC1-08002BE10318}
Description: CD-ROM Drive
Device ID: IDE\CDROMHL-DT-ST_CD-ROM_GCR-8485B_______________1.05____\5&2B88F5E5&0&0.1.0
Manufacturer: (Standard CD-ROM drives)
Name: HL-DT-ST CD-ROM GCR-8485B
PNP Device ID: IDE\CDROMHL-DT-ST_CD-ROM_GCR-8485B_______________1.05____\5&2B88F5E5&0&0.1.0
Service: cdrom
.
==== System Restore Points ===================
.
RP1395: 05/07/2013 22:32:41 - System Checkpoint
RP1396: 06/07/2013 23:44:21 - System Checkpoint
RP1397: 08/07/2013 00:28:00 - System Checkpoint
RP1398: 09/07/2013 01:28:01 - System Checkpoint
RP1399: 10/07/2013 02:27:50 - System Checkpoint
RP1400: 11/07/2013 03:00:24 - Software Distribution Service 3.0
RP1401: 12/07/2013 03:49:03 - System Checkpoint
RP1402: 13/07/2013 03:58:01 - System Checkpoint
RP1403: 14/07/2013 04:58:00 - System Checkpoint
RP1404: 15/07/2013 05:57:52 - System Checkpoint
RP1405: 16/07/2013 06:57:50 - System Checkpoint
RP1406: 17/07/2013 07:57:44 - System Checkpoint
RP1407: 18/07/2013 08:57:34 - System Checkpoint
RP1408: 19/07/2013 09:54:57 - System Checkpoint
RP1409: 20/07/2013 10:48:18 - System Checkpoint
RP1410: 21/07/2013 11:45:28 - System Checkpoint
RP1411: 22/07/2013 12:45:20 - System Checkpoint
RP1412: 23/07/2013 13:45:21 - System Checkpoint
RP1413: 24/07/2013 23:53:16 - System Checkpoint
RP1414: 26/07/2013 00:26:27 - System Checkpoint
RP1415: 27/07/2013 01:26:24 - System Checkpoint
RP1416: 28/07/2013 02:26:14 - System Checkpoint
RP1417: 29/07/2013 03:26:14 - System Checkpoint
RP1418: 30/07/2013 08:57:17 - System Checkpoint
RP1419: 31/07/2013 09:45:48 - System Checkpoint
RP1420: 01/08/2013 10:45:42 - System Checkpoint
RP1421: 02/08/2013 10:57:38 - System Checkpoint
RP1422: 03/08/2013 11:46:44 - System Checkpoint
RP1423: 04/08/2013 12:46:38 - System Checkpoint
RP1424: 05/08/2013 13:45:25 - System Checkpoint
RP1425: 06/08/2013 14:45:22 - System Checkpoint
RP1426: 07/08/2013 14:51:22 - System Checkpoint
RP1427: 08/08/2013 09:13:24 - Removed Sound Blaster Audigy ADVANCED MB Product Registration
RP1428: 08/08/2013 09:14:23 - Removed PIF DESIGNER
RP1429: 09/08/2013 10:06:24 - System Checkpoint
RP1430: 10/08/2013 03:00:24 - Software Distribution Service 3.0
RP1431: 11/08/2013 03:06:26 - System Checkpoint
RP1432: 12/08/2013 03:52:02 - System Checkpoint
RP1433: 13/08/2013 04:52:03 - System Checkpoint
RP1434: 14/08/2013 05:52:02 - System Checkpoint
RP1435: 15/08/2013 06:52:04 - System Checkpoint
RP1436: 16/08/2013 07:52:02 - System Checkpoint
RP1437: 17/08/2013 08:52:00 - System Checkpoint
RP1438: 18/08/2013 09:51:58 - System Checkpoint
RP1439: 19/08/2013 10:52:01 - System Checkpoint
RP1440: 20/08/2013 11:05:28 - System Checkpoint
RP1441: 21/08/2013 11:17:11 - System Checkpoint
RP1442: 22/08/2013 12:38:50 - System Checkpoint
RP1443: 23/08/2013 13:17:12 - System Checkpoint
RP1444: 24/08/2013 14:17:12 - System Checkpoint
RP1445: 25/08/2013 15:17:14 - System Checkpoint
RP1446: 26/08/2013 15:41:12 - System Checkpoint
RP1447: 27/08/2013 16:17:12 - System Checkpoint
RP1448: 28/08/2013 17:17:08 - System Checkpoint
RP1449: 29/08/2013 18:49:47 - System Checkpoint
RP1450: 30/08/2013 19:17:21 - System Checkpoint
RP1451: 31/08/2013 20:19:55 - System Checkpoint
RP1452: 01/09/2013 21:17:13 - System Checkpoint
RP1453: 02/09/2013 22:18:17 - System Checkpoint
RP1454: 03/09/2013 23:17:08 - System Checkpoint
RP1455: 05/09/2013 00:17:13 - System Checkpoint
RP1456: 06/09/2013 00:34:45 - System Checkpoint
RP1457: 07/09/2013 01:17:13 - System Checkpoint
RP1458: 08/09/2013 02:17:13 - System Checkpoint
RP1459: 09/09/2013 03:17:20 - System Checkpoint
RP1460: 10/09/2013 04:17:12 - System Checkpoint
RP1461: 11/09/2013 05:17:13 - System Checkpoint
RP1462: 12/09/2013 06:17:12 - System Checkpoint
RP1463: 13/09/2013 06:31:36 - System Checkpoint
RP1464: 14/09/2013 07:31:11 - System Checkpoint
RP1465: 15/09/2013 10:14:36 - System Checkpoint
RP1466: 16/09/2013 10:37:25 - System Checkpoint
RP1467: 16/09/2013 15:13:23 - Removed QuickTime
.
==== Installed Programs ======================
.
Adobe Acrobat - Reader 6.0.2 Update
Adobe Flash Player 10 ActiveX
Adobe Reader 6.0.1
Adobe Shockwave Player
Apple Application Support
Apple Software Update
Definition Update for Microsoft Office 2010 (KB982726) 32-Bit Edition
Dell Driver Reset Tool
Dell Support 5.0.0 (630)
Dell System Restore
EPSON Attach To Email
EPSON Copy Utility 3
EPSON Easy Photo Print
EPSON File Manager
EPSON Image Clip Palette
EPSON Printer Software
EPSON Scan
EPSON Scan Assistant
ESDX4800_4200 User's Guide
Google Chrome
Google Update Helper
GoToAssist Corporate
High Definition Audio Driver Package - KB835221
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595)
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484)
Hotfix for Windows Internet Explorer 7 (KB947864)
Hotfix for Windows Media Player 10 (KB903157)
Hotfix for Windows XP (KB2158563)
Hotfix for Windows XP (KB2443685)
Hotfix for Windows XP (KB2570791)
Hotfix for Windows XP (KB2633952)
Hotfix for Windows XP (KB2756822)
Hotfix for Windows XP (KB2779562)
Hotfix for Windows XP (KB952287)
Hotfix for Windows XP (KB954550-v5)
Hotfix for Windows XP (KB961118)
Hotfix for Windows XP (KB970653-v3)
Hotfix for Windows XP (KB976002-v5)
Hotfix for Windows XP (KB976098-v2)
Hotfix for Windows XP (KB979306)
Hotfix for Windows XP (KB981793)
Intel(R) Graphics Media Accelerator Driver
Intel(R) PRO Network Connections Drivers
Intel(R) PROSet for Wired Connections
Internet Explorer Default Page
Java 2 Runtime Environment, SE v1.4.2_03
Java Auto Updater
Java(TM) 6 Update 20
Java(TM) 6 Update 3
Java(TM) 6 Update 5
Junk Mail filter update
Malwarebytes Anti-Malware version 1.75.0.1300
MCU
Micronet Wireless Network Utility
Microsoft .NET Framework 1.0 Hotfix (KB2572066)
Microsoft .NET Framework 1.0 Hotfix (KB2604042)
Microsoft .NET Framework 1.0 Hotfix (KB2656378)
Microsoft .NET Framework 1.0 Hotfix (KB953295)
Microsoft .NET Framework 1.0 Hotfix (KB979904)
Microsoft .NET Framework 1.0 Security Update (KB2698035)
Microsoft .NET Framework 1.0 Security Update (KB2742607)
Microsoft .NET Framework 1.0 Security Update (KB2833951)
Microsoft .NET Framework 1.1
Microsoft .NET Framework 1.1 Security Update (KB2698023)
Microsoft .NET Framework 1.1 Security Update (KB2833941)
Microsoft .NET Framework 1.1 Security Update (KB979906)
Microsoft .NET Framework 2.0 Service Pack 2
Microsoft .NET Framework 3.0 Service Pack 2
Microsoft .NET Framework 3.5 SP1
Microsoft Application Error Reporting
Microsoft Choice Guard
Microsoft Internationalized Domain Names Mitigation APIs
Microsoft National Language Support Downlevel APIs
Microsoft Office 2010 Service Pack 1 (SP1)
Microsoft Office Access MUI (English) 2010
Microsoft Office Access Setup Metadata MUI (English) 2010
Microsoft Office Excel MUI (English) 2010
Microsoft Office Groove MUI (English) 2010
Microsoft Office InfoPath MUI (English) 2010
Microsoft Office OneNote MUI (English) 2010
Microsoft Office Outlook MUI (English) 2010
Microsoft Office PowerPoint MUI (English) 2010
Microsoft Office Professional Plus 2010
Microsoft Office Proof (English) 2010
Microsoft Office Proof (French) 2010
Microsoft Office Proof (Spanish) 2010
Microsoft Office Proofing (English) 2010
Microsoft Office Publisher MUI (English) 2010
Microsoft Office Shared MUI (English) 2010
Microsoft Office Shared Setup Metadata MUI (English) 2010
Microsoft Office Word MUI (English) 2010
Microsoft Software Update for Web Folders (English) 14
MSN
MSVCRT
MSXML 4.0 SP2 (KB936181)
MSXML 4.0 SP2 (KB954430)
MSXML 4.0 SP2 (KB973688)
MyWay Search Assistant
Security Update for Microsoft .NET Framework 3.5 SP1 (KB2604111)
Security Update for Microsoft .NET Framework 3.5 SP1 (KB2657424)
Security Update for Microsoft .NET Framework 3.5 SP1 (KB2736416)
Security Update for Microsoft .NET Framework 3.5 SP1 (KB2840629)
Security Update for Microsoft Excel 2010 (KB2597126) 32-Bit Edition
Security Update for Microsoft Filter Pack 2.0 (KB2553501) 32-Bit Edition
Security Update for Microsoft InfoPath 2010 (KB2687422) 32-Bit Edition
Security Update for Microsoft InfoPath 2010 (KB2760406) 32-Bit Edition
Security Update for Microsoft Office 2010 (KB2553091)
Security Update for Microsoft Office 2010 (KB2553096)
Security Update for Microsoft Office 2010 (KB2553371) 32-Bit Edition
Security Update for Microsoft Office 2010 (KB2553447) 32-Bit Edition
Security Update for Microsoft Office 2010 (KB2589320) 32-Bit Edition
Security Update for Microsoft Office 2010 (KB2597986) 32-Bit Edition
Security Update for Microsoft Office 2010 (KB2598243) 32-Bit Edition
Security Update for Microsoft Office 2010 (KB2687276) 32-Bit Edition
Security Update for Microsoft Office 2010 (KB2687501) 32-Bit Edition
Security Update for Microsoft Office 2010 (KB2687510) 32-Bit Edition
Security Update for Microsoft OneNote 2010 (KB2760600) 32-Bit Edition
Security Update for Microsoft Publisher 2010 (KB2553147) 32-Bit Edition
Security Update for Microsoft Visio 2010 (KB2810068) 32-Bit Edition
Security Update for Microsoft Visio Viewer 2010 (KB2687505) 32-Bit Edition
Security Update for Microsoft Windows (KB2564958)
Security Update for Microsoft Word 2010 (KB2760410) 32-Bit Edition
Security Update for Windows Internet Explorer 7 (KB2183461)
Security Update for Windows Internet Explorer 7 (KB2360131)
Security Update for Windows Internet Explorer 7 (KB2416400)
Security Update for Windows Internet Explorer 7 (KB2482017)
Security Update for Windows Internet Explorer 7 (KB2497640)
Security Update for Windows Internet Explorer 7 (KB2530548)
Security Update for Windows Internet Explorer 7 (KB2544521)
Security Update for Windows Internet Explorer 7 (KB2559049)
Security Update for Windows Internet Explorer 7 (KB2586448)
Security Update for Windows Internet Explorer 7 (KB938127)
Security Update for Windows Internet Explorer 7 (KB942615)
Security Update for Windows Internet Explorer 7 (KB944533)
Security Update for Windows Internet Explorer 7 (KB950759)
Security Update for Windows Internet Explorer 7 (KB953838)
Security Update for Windows Internet Explorer 7 (KB956390)
Security Update for Windows Internet Explorer 7 (KB958215)
Security Update for Windows Internet Explorer 7 (KB960714)
Security Update for Windows Internet Explorer 7 (KB961260)
Security Update for Windows Internet Explorer 7 (KB963027)
Security Update for Windows Internet Explorer 7 (KB969897)
Security Update for Windows Internet Explorer 7 (KB972260)
Security Update for Windows Internet Explorer 7 (KB974455)
Security Update for Windows Internet Explorer 7 (KB976325)
Security Update for Windows Internet Explorer 7 (KB978207)
Security Update for Windows Internet Explorer 7 (KB982381)
Security Update for Windows Internet Explorer 8 (KB2510531)
Security Update for Windows Internet Explorer 8 (KB2544521)
Security Update for Windows Internet Explorer 8 (KB2586448)
Security Update for Windows Internet Explorer 8 (KB2618444)
Security Update for Windows Internet Explorer 8 (KB2647516)
Security Update for Windows Internet Explorer 8 (KB2675157)
Security Update for Windows Internet Explorer 8 (KB2699988)
Security Update for Windows Internet Explorer 8 (KB2722913)
Security Update for Windows Internet Explorer 8 (KB2744842)
Security Update for Windows Internet Explorer 8 (KB2761465)
Security Update for Windows Internet Explorer 8 (KB2792100)
Security Update for Windows Internet Explorer 8 (KB2797052)
Security Update for Windows Internet Explorer 8 (KB2799329)
Security Update for Windows Internet Explorer 8 (KB2809289)
Security Update for Windows Internet Explorer 8 (KB2817183)
Security Update for Windows Internet Explorer 8 (KB2829530)
Security Update for Windows Internet Explorer 8 (KB2838727)
Security Update for Windows Internet Explorer 8 (KB2846071)
Security Update for Windows Internet Explorer 8 (KB2847204)
Security Update for Windows Internet Explorer 8 (KB982381)
Security Update for Windows Media Player (KB2378111)
Security Update for Windows Media Player (KB2834905)
Security Update for Windows Media Player (KB952069)
Security Update for Windows Media Player (KB954155)
Security Update for Windows Media Player (KB968816)
Security Update for Windows Media Player (KB973540)
Security Update for Windows Media Player (KB975558)
Security Update for Windows Media Player (KB978695)
Security Update for Windows Media Player 10 (KB936782)
Security Update for Windows Media Player 6.4 (KB925398)
Security Update for Windows XP (KB2079403)
Security Update for Windows XP (KB2115168)
Security Update for Windows XP (KB2121546)
Security Update for Windows XP (KB2160329)
Security Update for Windows XP (KB2229593)
Security Update for Windows XP (KB2259922)
Security Update for Windows XP (KB2279986)
Security Update for Windows XP (KB2286198)
Security Update for Windows XP (KB2296011)
Security Update for Windows XP (KB2296199)
Security Update for Windows XP (KB2347290)
Security Update for Windows XP (KB2360937)
Security Update for Windows XP (KB2387149)
Security Update for Windows XP (KB2393802)
Security Update for Windows XP (KB2412687)
Security Update for Windows XP (KB2419632)
Security Update for Windows XP (KB2423089)
Security Update for Windows XP (KB2436673)
Security Update for Windows XP (KB2440591)
Security Update for Windows XP (KB2443105)
Security Update for Windows XP (KB2476490)
Security Update for Windows XP (KB2476687)
Security Update for Windows XP (KB2478960)
Security Update for Windows XP (KB2478971)
Security Update for Windows XP (KB2479628)
Security Update for Windows XP (KB2481109)
Security Update for Windows XP (KB2483185)
Security Update for Windows XP (KB2485376)
Security Update for Windows XP (KB2485663)
Security Update for Windows XP (KB2491683)
Security Update for Windows XP (KB2503658)
Security Update for Windows XP (KB2503665)
Security Update for Windows XP (KB2506212)
Security Update for Windows XP (KB2506223)
Security Update for Windows XP (KB2507618)
Security Update for Windows XP (KB2507938)
Security Update for Windows XP (KB2508272)
Security Update for Windows XP (KB2508429)
Security Update for Windows XP (KB2509553)
Security Update for Windows XP (KB2510581)
Security Update for Windows XP (KB2511455)
Security Update for Windows XP (KB2524375)
Security Update for Windows XP (KB2535512)
Security Update for Windows XP (KB2536276-v2)
Security Update for Windows XP (KB2536276)
Security Update for Windows XP (KB2544893-v2)
Security Update for Windows XP (KB2544893)
Security Update for Windows XP (KB2555917)
Security Update for Windows XP (KB2562937)
Security Update for Windows XP (KB2566454)
Security Update for Windows XP (KB2567053)
Security Update for Windows XP (KB2567680)
Security Update for Windows XP (KB2570222)
Security Update for Windows XP (KB2570947)
Security Update for Windows XP (KB2584146)
Security Update for Windows XP (KB2585542)
Security Update for Windows XP (KB2592799)
Security Update for Windows XP (KB2598479)
Security Update for Windows XP (KB2603381)
Security Update for Windows XP (KB2618451)
Security Update for Windows XP (KB2620712)
Security Update for Windows XP (KB2621440)
Security Update for Windows XP (KB2624667)
Security Update for Windows XP (KB2631813)
Security Update for Windows XP (KB2633171)
Security Update for Windows XP (KB2639417)
Security Update for Windows XP (KB2641653)
Security Update for Windows XP (KB2646524)
Security Update for Windows XP (KB2647518)
Security Update for Windows XP (KB2653956)
Security Update for Windows XP (KB2655992)
Security Update for Windows XP (KB2659262)
Security Update for Windows XP (KB2660465)
Security Update for Windows XP (KB2661637)
Security Update for Windows XP (KB2676562)
Security Update for Windows XP (KB2685939)
Security Update for Windows XP (KB2686509)
Security Update for Windows XP (KB2691442)
Security Update for Windows XP (KB2695962)
Security Update for Windows XP (KB2698365)
Security Update for Windows XP (KB2705219)
Security Update for Windows XP (KB2707511)
Security Update for Windows XP (KB2709162)
Security Update for Windows XP (KB2712808)
Security Update for Windows XP (KB2718523)
Security Update for Windows XP (KB2719985)
Security Update for Windows XP (KB2723135)
Security Update for Windows XP (KB2724197)
Security Update for Windows XP (KB2727528)
Security Update for Windows XP (KB2731847)
Security Update for Windows XP (KB2753842-v2)
Security Update for Windows XP (KB2753842)
Security Update for Windows XP (KB2757638)
Security Update for Windows XP (KB2758857)
Security Update for Windows XP (KB2761226)
Security Update for Windows XP (KB2770660)
Security Update for Windows XP (KB2778344)
Security Update for Windows XP (KB2779030)
Security Update for Windows XP (KB2780091)
Security Update for Windows XP (KB2799494)
Security Update for Windows XP (KB2802968)
Security Update for Windows XP (KB2807986)
Security Update for Windows XP (KB2808735)
Security Update for Windows XP (KB2813170)
Security Update for Windows XP (KB2813345)
Security Update for Windows XP (KB2820197)
Security Update for Windows XP (KB2820917)
Security Update for Windows XP (KB2829361)
Security Update for Windows XP (KB2834886)
Security Update for Windows XP (KB2839229)
Security Update for Windows XP (KB2845187)
Security Update for Windows XP (KB2850851)
Security Update for Windows XP (KB923561)
Security Update for Windows XP (KB923689)
Security Update for Windows XP (KB938464-v2)
Security Update for Windows XP (KB938464)
Security Update for Windows XP (KB941569)
Security Update for Windows XP (KB946648)
Security Update for Windows XP (KB950760)
Security Update for Windows XP (KB950762)
Security Update for Windows XP (KB950974)
Security Update for Windows XP (KB951066)
Security Update for Windows XP (KB951376-v2)
Security Update for Windows XP (KB951376)
Security Update for Windows XP (KB951698)
Security Update for Windows XP (KB951748)
Security Update for Windows XP (KB952004)
Security Update for Windows XP (KB952954)
Security Update for Windows XP (KB953839)
Security Update for Windows XP (KB954211)
Security Update for Windows XP (KB954459)
Security Update for Windows XP (KB954600)
Security Update for Windows XP (KB955069)
Security Update for Windows XP (KB956391)
Security Update for Windows XP (KB956572)
Security Update for Windows XP (KB956744)
Security Update for Windows XP (KB956802)
Security Update for Windows XP (KB956803)
Security Update for Windows XP (KB956841)
Security Update for Windows XP (KB956844)
Security Update for Windows XP (KB957095)
Security Update for Windows XP (KB957097)
Security Update for Windows XP (KB958644)
Security Update for Windows XP (KB958687)
Security Update for Windows XP (KB958690)
Security Update for Windows XP (KB958869)
Security Update for Windows XP (KB959426)
Security Update for Windows XP (KB960225)
Security Update for Windows XP (KB960715)
Security Update for Windows XP (KB960803)
Security Update for Windows XP (KB960859)
Security Update for Windows XP (KB961371)
Security Update for Windows XP (KB961373)
Security Update for Windows XP (KB961501)
Security Update for Windows XP (KB968537)
Security Update for Windows XP (KB969059)
Security Update for Windows XP (KB969898)
Security Update for Windows XP (KB969947)
Security Update for Windows XP (KB970238)
Security Update for Windows XP (KB970430)
Security Update for Windows XP (KB971468)
Security Update for Windows XP (KB971486)
Security Update for Windows XP (KB971557)
Security Update for Windows XP (KB971633)
Security Update for Windows XP (KB971657)
Security Update for Windows XP (KB971961)
Security Update for Windows XP (KB972270)
Security Update for Windows XP (KB973346)
Security Update for Windows XP (KB973354)
Security Update for Windows XP (KB973507)
Security Update for Windows XP (KB973525)
Security Update for Windows XP (KB973869)
Security Update for Windows XP (KB973904)
Security Update for Windows XP (KB974112)
Security Update for Windows XP (KB974318)
Security Update for Windows XP (KB974392)
Security Update for Windows XP (KB974571)
Security Update for Windows XP (KB975025)
Security Update for Windows XP (KB975467)
Security Update for Windows XP (KB975560)
Security Update for Windows XP (KB975561)
Security Update for Windows XP (KB975562)
Security Update for Windows XP (KB975713)
Security Update for Windows XP (KB977165)
Security Update for Windows XP (KB977816)
Security Update for Windows XP (KB977914)
Security Update for Windows XP (KB978037)
Security Update for Windows XP (KB978251)
Security Update for Windows XP (KB978262)
Security Update for Windows XP (KB978338)
Security Update for Windows XP (KB978542)
Security Update for Windows XP (KB978601)
Security Update for Windows XP (KB978706)
Security Update for Windows XP (KB979309)
Security Update for Windows XP (KB979482)
Security Update for Windows XP (KB979559)
Security Update for Windows XP (KB979683)
Security Update for Windows XP (KB979687)
Security Update for Windows XP (KB980195)
Security Update for Windows XP (KB980218)
Security Update for Windows XP (KB980232)
Security Update for Windows XP (KB980436)
Security Update for Windows XP (KB981322)
Security Update for Windows XP (KB981349)
Security Update for Windows XP (KB981852)
Security Update for Windows XP (KB981957)
Security Update for Windows XP (KB981997)
Security Update for Windows XP (KB982132)
Security Update for Windows XP (KB982214)
Security Update for Windows XP (KB982665)
Security Update for Windows XP (KB982802)
Segoe UI
Skype Click to Call
Skype™ 6.3
Sonic Encoders
Sound Blaster Audigy ADVANCED MB
Update for Microsoft .NET Framework 3.5 SP1 (KB963707)
Update for Microsoft Office 2010 (KB2553065)
Update for Microsoft Office 2010 (KB2553092)
Update for Microsoft Office 2010 (KB2553181) 32-Bit Edition
Update for Microsoft Office 2010 (KB2553267) 32-Bit Edition
Update for Microsoft Office 2010 (KB2553310) 32-Bit Edition
Update for Microsoft Office 2010 (KB2553378) 32-Bit Edition
Update for Microsoft Office 2010 (KB2566458)
Update for Microsoft Office 2010 (KB2596964) 32-Bit Edition
Update for Microsoft Office 2010 (KB2598242) 32-Bit Edition
Update for Microsoft Office 2010 (KB2687509) 32-Bit Edition
Update for Microsoft Office 2010 (KB2760631) 32-Bit Edition
Update for Microsoft Office 2010 (KB2767886) 32-Bit Edition
Update for Microsoft OneNote 2010 (KB2553290) 32-Bit Edition
Update for Microsoft Outlook 2010 (KB2597090) 32-Bit Edition
Update for Microsoft Outlook 2010 (KB2687623) 32-Bit Edition
Update for Microsoft Outlook Social Connector 2010 (KB2553406) 32-Bit Edition
Update for Microsoft PowerPoint 2010 (KB2598240) 32-Bit Edition
Update for Microsoft SharePoint Workspace 2010 (KB2589371) 32-Bit Edition
Update for Windows Internet Explorer 7 (KB980182)
Update for Windows Internet Explorer 8 (KB2598845)
Update for Windows Media Player 10 (KB913800)
Update for Windows Media Player 10 (KB926251)
Update for Windows XP (KB2141007)
Update for Windows XP (KB2345886)
Update for Windows XP (KB2467659)
Update for Windows XP (KB2541763)
Update for Windows XP (KB2607712)
Update for Windows XP (KB2616676)
Update for Windows XP (KB2641690)
Update for Windows XP (KB2661254-v2)
Update for Windows XP (KB2718704)
Update for Windows XP (KB2736233)
Update for Windows XP (KB2749655)
Update for Windows XP (KB951072-v2)
Update for Windows XP (KB951978)
Update for Windows XP (KB955759)
Update for Windows XP (KB955839)
Update for Windows XP (KB961503)
Update for Windows XP (KB967715)
Update for Windows XP (KB968389)
Update for Windows XP (KB971029)
Update for Windows XP (KB971737)
Update for Windows XP (KB973687)
Update for Windows XP (KB973815)
Update Rollup 2 for Windows XP Media Center Edition 2005
Viewpoint Media Player
WebFldrs XP
Windows Internet Explorer 7
Windows Internet Explorer 8
Windows Live Call
Windows Live Communications Platform
Windows Live Essentials
Windows Live Mail
Windows Live Messenger
Windows Live Sign-in Assistant
Windows Live Upload Tool
Windows Media Format Runtime
Windows Media Player 10 Hotfix [See EmeraldQFE2 for more information]
Windows XP Media Center Edition 2005 KB2502898
Windows XP Media Center Edition 2005 KB2619340
Windows XP Media Center Edition 2005 KB2628259
Windows XP Media Center Edition 2005 KB908246
Windows XP Media Center Edition 2005 KB908250
Windows XP Media Center Edition 2005 KB973768
Windows XP Service Pack 3
.
==== Event Viewer Messages From Past Week ========
.
16/09/2013 15:25:26, error: Service Control Manager [7001] - The Windows Firewall/Internet Connection Sharing (ICS) service depends on the Windows Management Instrumentation service which failed to start because of the following error: The service cannot be started, either because it is disabled or because it has no enabled devices associated with it.
16/09/2013 15:25:26, error: Service Control Manager [7001] - The Remote Access Connection Manager service depends on the Telephony service which failed to start because of the following error: The service cannot be started, either because it is disabled or because it has no enabled devices associated with it.
16/09/2013 15:25:26, error: Service Control Manager [7001] - The Fax service depends on the Telephony service which failed to start because of the following error: The service cannot be started, either because it is disabled or because it has no enabled devices associated with it.
15/09/2013 15:13:12, error: DCOM [10005] - DCOM got error "%1058" attempting to start the service winmgmt with arguments "" in order to run the server: {8BC3F05E-D86B-11D0-A075-00C04FB68820}
15/09/2013 10:14:27, error: DCOM [10005] - DCOM got error "%1058" attempting to start the service winmgmt with arguments "" in order to run the server: {C49E32C6-BC8B-11D2-85D4-00105A1F8304}
12/09/2013 13:27:27, error: sr [1] - The System Restore filter encountered the unexpected error '0xC0000001' while processing the file '' on the volume 'HarddiskVolume2'. It has stopped monitoring the volume.
12/09/2013 12:37:25, error: Ntfs [55] - The file system structure on the disk is corrupt and unusable. Please run the chkdsk utility on the volume C:.
12/09/2013 12:09:24, error: DCOM [10005] - DCOM got error "%1058" attempting to start the service wuauserv with arguments "" in order to run the server: {E60687F7-01A1-40AA-86AC-DB1CBF673334}
.
==== End Of File ===========================
L33AJD
Regular Member
 
Posts: 24
Joined: September 12th, 2013, 9:03 am
Advertisement
Register to Remove

Re: Very Slow Internet Browsing. Continued

Unread postby pgmigg » September 16th, 2013, 11:28 am

Hello L33AJD,

Welcome back to the forum! :)

I am pgmigg and I'll be helping you with any malware problems.

Before we begin, please read and follow these important guidelines, so things will proceed smoothly.
  1. The instructions being given are for YOUR computer and system only!
    Using these instructions on a different computer can cause damage to that computer and possibly render it inoperable!
  2. You must have Administrator rights, permissions for this computer.
  3. DO NOT run any other fix or removal tools unless instructed to do so!
  4. DO NOT install any other software (or hardware) during the cleaning process until we are done as well as
    DO NOT Remove, or Scan with anything on your system unless I ask. This adds more items to be researched.
    Extra Additions and Removals of files make the analysis more difficult.
  5. Only post your problem at (1) one help site. Applying fixes from multiple help sites can cause problems.
  6. Print each set of instructions if possible - your Internet connection will not be available during some fix processes.
  7. Your security programs may give warnings for some of the tools I will ask you to use. Be assured, any links I give are safe.
  8. Only reply to this thread, do not start another one. Please, continue responding, until I give you the "All Clean!" :cheers:
    Absence of symptoms does not mean that everything is clear.

I am currently reviewing your logs and will return, as soon as possible, with additional instructions. In the meantime...

Note: If you haven't done so already, please read this topic ALL USERS OF THIS FORUM MUST READ THIS FIRST where the conditions for receiving help here are explained.

Please read all instructions carefully before executing and perform the steps, in the order given.
lf you have any questions or problems executing these instructions, <<STOP>> do not proceed, post back with the question or problem.

Please be aware that removing Malware is a potentially hazardous undertaking. I will take care not to knowingly suggest courses of action that might damage your computer. However it is impossible for me to foresee all interactions that may happen between the software on your computer and those we'll use to clear you of infection, and I cannot guarantee the safety of your system. It is possible that we might encounter situations where the only recourse is to re-format and re-install your operating system, or to necessitate you taking your computer to a repair shop.

Because of this, I advise you to backup any personal files and folders before you start


Failure to post replies within 72 hours will result in this thread being closed
User avatar
pgmigg
Admin/Teacher
Admin/Teacher
 
Posts: 5457
Joined: July 8th, 2008, 1:25 pm
Location: GMT-05:00

Re: Very Slow Internet Browsing. Continued

Unread postby L33AJD » September 16th, 2013, 11:30 am

I'm running OTL.exe at the moment. I'll post the logs shortly. Thanks.
L33AJD
Regular Member
 
Posts: 24
Joined: September 12th, 2013, 9:03 am

Re: Very Slow Internet Browsing. Continued

Unread postby L33AJD » September 16th, 2013, 11:37 am

OTL.txt
OTL logfile created on: 16/09/2013 16:27:59 - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Documents and Settings\The Brown's\Desktop
Windows XP Media Center Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000809 | Country: United Kingdom | Language: ENG | Date Format: dd/MM/yyyy

502.07 Mb Total Physical Memory | 297.70 Mb Available Physical Memory | 59.29% Memory free
1.63 Gb Paging File | 1.30 Gb Available in Paging File | 79.81% Paging File free
Paging file location(s): C:\pagefile.sys 756 1512 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 69.80 Gb Total Space | 35.31 Gb Free Space | 50.59% Space Free | Partition Type: NTFS

Computer Name: JARINA | User Name: The Brown's | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2013/09/16 16:25:21 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\The Brown's\Desktop\OTL.exe
PRC - [2013/04/04 14:50:32 | 000,701,512 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
PRC - [2013/04/04 14:50:32 | 000,532,040 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe
PRC - [2013/04/04 14:50:32 | 000,418,376 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe
PRC - [2008/04/14 01:12:19 | 001,033,728 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
PRC - [2006/05/02 17:50:08 | 000,675,840 | ---- | M] (Realtek Semiconductor Corp.) -- C:\Program Files\Micronet Wireless Network Utility\RtWLan.exe


========== Modules (No Company Name) ==========

MOD - [2013/01/02 07:49:10 | 001,292,288 | ---- | M] () -- C:\WINDOWS\system32\quartz.dll
MOD - [2011/10/14 18:38:00 | 000,456,192 | ---- | M] () -- C:\WINDOWS\system32\encdec.dll
MOD - [2011/03/17 01:11:16 | 004,297,568 | ---- | M] () -- C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Cultures\OFFICE.ODF
MOD - [2011/02/04 18:48:30 | 000,291,840 | ---- | M] () -- C:\WINDOWS\system32\sbe.dll
MOD - [2010/10/20 16:45:26 | 008,801,120 | ---- | M] () -- C:\Program Files\Microsoft Office\Office14\1033\GrooveIntlResource.dll
MOD - [2008/04/14 01:11:59 | 000,014,336 | ---- | M] () -- C:\WINDOWS\system32\msdmo.dll
MOD - [2008/04/14 01:11:51 | 000,059,904 | ---- | M] () -- C:\WINDOWS\system32\devenum.dll
MOD - [2005/11/21 17:37:42 | 000,131,072 | ---- | M] () -- C:\Program Files\Micronet Wireless Network Utility\EnumDevLib.dll
MOD - [2005/09/22 19:19:54 | 000,040,960 | ---- | M] () -- C:\WINDOWS\system32\hcwXDS.dll
MOD - [2005/08/05 15:01:54 | 000,167,936 | ---- | M] () -- C:\WINDOWS\system32\wstpager.ax
MOD - [2005/08/05 15:01:54 | 000,159,744 | ---- | M] () -- C:\WINDOWS\system32\VBICodec.ax
MOD - [2005/08/05 14:06:50 | 000,165,376 | ---- | M] () -- C:\WINDOWS\system32\mpg2splt.ax
MOD - [2005/07/20 05:53:04 | 000,966,765 | ---- | M] () -- C:\Program Files\Micronet Wireless Network Utility\acAuth.dll
MOD - [2004/08/10 06:00:00 | 000,015,360 | ---- | M] () -- C:\WINDOWS\system32\tsd32.dll


========== Services (SafeList) ==========

SRV - File not found [Disabled | Stopped] -- %SystemRoot%\System32\hidserv.dll -- (HidServ)
SRV - [2013/04/19 15:14:16 | 000,161,384 | R--- | M] (Skype Technologies) [Auto | Stopped] -- C:\Program Files\Skype\Updater\Updater.exe -- (SkypeUpdate)
SRV - [2013/04/04 14:50:32 | 000,701,512 | ---- | M] (Malwarebytes Corporation) [Auto | Running] -- C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe -- (MBAMService)
SRV - [2013/04/04 14:50:32 | 000,418,376 | ---- | M] (Malwarebytes Corporation) [Auto | Running] -- C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe -- (MBAMScheduler)
SRV - [2012/09/20 14:28:48 | 030,785,672 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Microsoft Office\Office14\GROOVE.EXE -- (Microsoft SharePoint Workspace Audit Service)
SRV - [2006/01/17 16:08:03 | 000,069,632 | ---- | M] (Creative Labs) [On_Demand | Stopped] -- C:\Program Files\Common Files\Creative Labs Shared\Service\CreativeLicensing.exe -- (Creative Labs Licensing Service)


========== Driver Services (SafeList) ==========

DRV - File not found [Kernel | On_Demand | Stopped] -- -- (WDICA)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\wanatw4.sys -- (wanatw)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDRFRAME)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDRELI)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDFRAME)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDCOMP)
DRV - File not found [Kernel | System | Stopped] -- -- (PCIDump)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\PROGRA~1\COMMON~1\Motive\MRESP50.SYS -- (MRESP50)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\PROGRA~1\COMMON~1\Motive\MRENDIS5.SYS -- (MRENDIS5)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\PROGRA~1\COMMON~1\Motive\MREMPR5.SYS -- (MREMPR5)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\PROGRA~1\COMMON~1\Motive\MREMP50.SYS -- (MREMP50)
DRV - File not found [Kernel | On_Demand | Unknown] -- C:\DOCUME~1\THEBRO~1\LOCALS~1\Temp\mbr.sys -- (mbr)
DRV - File not found [Kernel | System | Stopped] -- -- (lbrtfdc)
DRV - File not found [Kernel | System | Stopped] -- -- (Changer)
DRV - [2013/04/04 14:50:32 | 000,022,856 | ---- | M] (Malwarebytes Corporation) [File_System | On_Demand | Running] -- C:\WINDOWS\system32\drivers\mbam.sys -- (MBAMProtector)
DRV - [2005/09/22 19:19:54 | 000,148,608 | ---- | M] (Hauppauge Computer Works, Inc.) [23|25|26]xxx) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\hcwPP2.sys -- (hcwPP2)
DRV - [2005/06/06 22:40:48 | 000,180,736 | ---- | M] (SigmaTel, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\sthda.sys -- (STHDA)
DRV - [2005/05/25 23:34:00 | 000,158,464 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\CTUSFSYN.SYS -- (CTUSFSYN)
DRV - [2005/03/25 17:11:00 | 001,350,272 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\sigfilt.sys -- (sigfilt)
DRV - [2005/01/11 01:15:00 | 000,138,752 | ---- | M] (Creative Technology Ltd) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\CTSFM2K.SYS -- (ctsfm2k)
DRV - [2005/01/11 01:15:00 | 000,106,496 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\CTOSS2K.SYS -- (ossrv)
DRV - [2004/12/23 02:58:00 | 000,008,704 | ---- | M] (Creative Technology Ltd.) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\PFModNT.sys -- (PfModNT)
DRV - [2002/10/02 10:57:12 | 000,013,532 | ---- | M] (Windows (R) 2000 DDK provider) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\SjyPkt.sys -- (SjyPkt)
DRV - [2001/08/27 14:29:26 | 000,050,528 | ---- | M] (SCM Microsystems Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\EUSBMSD.SYS -- (EUSBMSD)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,CustomSearch = http://uk.red.clientapps.yahoo.com/cust ... _side.html
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL = http://www.google.com/ie
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.google.com/ie
IE - HKLM\..\SearchScopes,DefaultScope = {6A1806CD-94D4-4689-BA73-E35EA1EA9990}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://search.live.com/results.aspx?q={searchTerms}&src={referrer:source?}
IE - HKLM\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7
IE - HKLM\..\SearchScopes\{AFBCB7E0-F91A-4951-9F31-58FEE57A25C4}: "URL" = http://www.ask.com/web?&o=101881&l=dis&q={SEARCHTERMS}


IE - HKU\.DEFAULT\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.dell.co.uk/myway
IE - HKU\.DEFAULT\SOFTWARE\Microsoft\Internet Explorer\Main,First Home Page = http://www.dell.co.uk/myway
IE - HKU\.DEFAULT\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = http://mysearch.myway.com/jsp/dellsidebar.jsp?p=DK
IE - HKU\.DEFAULT\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.dell.co.uk/myway
IE - HKU\.DEFAULT\..\URLSearchHook: {00A6FAF6-072E-44cf-8957-5838F569A31D} - SOFTWARE\Classes\CLSID\{00A6FAF6-072E-44cf-8957-5838F569A31D}\InprocServer32 File not found
IE - HKU\.DEFAULT\..\URLSearchHook: {4D25F926-B9FE-4682-BF72-8AB8210D6D75} - C:\Program Files\MyWaySA\SrchAsDe\deSrcAs.dll (MyWay.com)
IE - HKU\.DEFAULT\..\SearchScopes,DefaultScope = {6A1806CD-94D4-4689-BA73-E35EA1EA9990}
IE - HKU\.DEFAULT\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://search.live.com/results.aspx?q={searchTerms}&src={referrer:source?}
IE - HKU\.DEFAULT\..\SearchScopes\{56256A51-B582-467e-B8D4-7786EDA79AE0}: "URL" = http://www.mywebsearch.com/jsp/cfg_redi ... com/web&q={searchTerms}&l=zu&o=sb
IE - HKU\.DEFAULT\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7
IE - HKU\.DEFAULT\..\SearchScopes\{AFBCB7E0-F91A-4951-9F31-58FEE57A25C4}: "URL" = http://www.ask.com/web?&o=101881&l=dis&q={SEARCHTERMS}
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-18\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.dell.co.uk/myway
IE - HKU\S-1-5-18\SOFTWARE\Microsoft\Internet Explorer\Main,First Home Page = http://www.dell.co.uk/myway
IE - HKU\S-1-5-18\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = http://mysearch.myway.com/jsp/dellsidebar.jsp?p=DK
IE - HKU\S-1-5-18\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.dell.co.uk/myway
IE - HKU\S-1-5-18\..\URLSearchHook: {00A6FAF6-072E-44cf-8957-5838F569A31D} - SOFTWARE\Classes\CLSID\{00A6FAF6-072E-44cf-8957-5838F569A31D}\InprocServer32 File not found
IE - HKU\S-1-5-18\..\URLSearchHook: {4D25F926-B9FE-4682-BF72-8AB8210D6D75} - C:\Program Files\MyWaySA\SrchAsDe\deSrcAs.dll (MyWay.com)
IE - HKU\S-1-5-18\..\SearchScopes,DefaultScope = {6A1806CD-94D4-4689-BA73-E35EA1EA9990}
IE - HKU\S-1-5-18\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://search.live.com/results.aspx?q={searchTerms}&src={referrer:source?}
IE - HKU\S-1-5-18\..\SearchScopes\{56256A51-B582-467e-B8D4-7786EDA79AE0}: "URL" = http://www.mywebsearch.com/jsp/cfg_redi ... com/web&q={searchTerms}&l=zu&o=sb
IE - HKU\S-1-5-18\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7
IE - HKU\S-1-5-18\..\SearchScopes\{AFBCB7E0-F91A-4951-9F31-58FEE57A25C4}: "URL" = http://www.ask.com/web?&o=101881&l=dis&q={SEARCHTERMS}
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-19\..\SearchScopes\{AFBCB7E0-F91A-4951-9F31-58FEE57A25C4}: "URL" = http://www.ask.com/web?&o=101881&l=dis&q={SEARCHTERMS}

IE - HKU\S-1-5-20\..\SearchScopes\{AFBCB7E0-F91A-4951-9F31-58FEE57A25C4}: "URL" = http://www.ask.com/web?&o=101881&l=dis&q={SEARCHTERMS}

IE - HKU\S-1-5-21-3030998525-717131792-4089313889-1005\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.dell.co.uk/myway
IE - HKU\S-1-5-21-3030998525-717131792-4089313889-1005\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = http://mysearch.myway.com/jsp/dellsidebar.jsp?p=DK
IE - HKU\S-1-5-21-3030998525-717131792-4089313889-1005\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.google.com
IE - HKU\S-1-5-21-3030998525-717131792-4089313889-1005\SOFTWARE\Microsoft\Internet Explorer\Main,SearchMigratedDefaultName = Google
IE - HKU\S-1-5-21-3030998525-717131792-4089313889-1005\SOFTWARE\Microsoft\Internet Explorer\Main,SearchMigratedDefaultURL = http://www.google.com/search?q={searchTerms}&sourceid=ie7&rls=com.microsoft:en-US&ie=utf8&oe=utf8
IE - HKU\S-1-5-21-3030998525-717131792-4089313889-1005\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.co.uk/
IE - HKU\S-1-5-21-3030998525-717131792-4089313889-1005\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.google.com/ie
IE - HKU\S-1-5-21-3030998525-717131792-4089313889-1005\..\URLSearchHook: {00A6FAF6-072E-44cf-8957-5838F569A31D} - SOFTWARE\Classes\CLSID\{00A6FAF6-072E-44cf-8957-5838F569A31D}\InprocServer32 File not found
IE - HKU\S-1-5-21-3030998525-717131792-4089313889-1005\..\URLSearchHook: {4D25F926-B9FE-4682-BF72-8AB8210D6D75} - C:\Program Files\MyWaySA\SrchAsDe\deSrcAs.dll (MyWay.com)
IE - HKU\S-1-5-21-3030998525-717131792-4089313889-1005\..\URLSearchHook: {EF99BD32-C1FB-11D2-892F-0090271D4F88} - No CLSID value found
IE - HKU\S-1-5-21-3030998525-717131792-4089313889-1005\..\SearchScopes,DefaultScope = {20692B1C-679A-41A9-A532-F8EC16CF29E9}
IE - HKU\S-1-5-21-3030998525-717131792-4089313889-1005\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC
IE - HKU\S-1-5-21-3030998525-717131792-4089313889-1005\..\SearchScopes\{20692B1C-679A-41A9-A532-F8EC16CF29E9}: "URL" = http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7&rlz=1I7ADBF_en-GBGB258
IE - HKU\S-1-5-21-3030998525-717131792-4089313889-1005\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7
IE - HKU\S-1-5-21-3030998525-717131792-4089313889-1005\..\SearchScopes\{AFBCB7E0-F91A-4951-9F31-58FEE57A25C4}: "URL" = http://www.ask.com/web?&o=101881&l=dis&q={SEARCHTERMS}
IE - HKU\S-1-5-21-3030998525-717131792-4089313889-1005\..\SearchScopes\{DECA3892-BA8F-44b8-A993-A466AD694AE4}: "URL" = http://uk.search.yahoo.com/search?fr=mcafee&p={searchTerms}
IE - HKU\S-1-5-21-3030998525-717131792-4089313889-1005\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

========== FireFox ==========

FF - prefs.js..browser.search.selectedEngine: "Google"
FF - user.js - File not found

FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\WINDOWS\system32\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~1\MICROS~3\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~1\MICROS~3\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.21.153\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.21.153\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@viewpoint.com/VMP: C:\Program Files\Viewpoint\Viewpoint Experience Technology\npViewpoint.dll ()


[2009/12/11 20:11:49 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\The Brown's\Application Data\Mozilla\Firefox\Profiles\odsc3zt1.default\extensions
[2008/03/04 10:41:59 | 000,000,000 | ---D | M] (Firefox (default)) -- C:\Documents and Settings\The Brown's\Application Data\Mozilla\Firefox\Profiles\odsc3zt1.default\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
[2009/12/11 20:11:49 | 000,000,000 | ---D | M] (Microsoft Choice Guard) -- C:\Documents and Settings\The Brown's\Application Data\Mozilla\Firefox\Profiles\odsc3zt1.default\extensions\ChoiceGuard@Microsoft
[2013/08/07 09:47:45 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions
[2010/05/28 22:05:25 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}
[2010/05/28 22:04:40 | 000,411,368 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\mozilla firefox\plugins\npdeployJava1.dll
[2008/04/18 10:25:52 | 000,024,673 | ---- | M] (MyWebSearch.com) -- C:\Program Files\mozilla firefox\plugins\NPMyWebS.dll

========== Chrome ==========

CHR - default_search_provider: Google (Enabled)
CHR - default_search_provider: search_url = {google:baseURL}search?q={searchTerms}&{google:RLZ}{google:originalQueryForSuggestion}{google:assistedQueryStats}{google:searchFieldtrialParameter}{google:searchClient}{google:sourceId}{google:instantExtendedEnabledParameter}{google:omniboxStartMarginParameter}ie={inputEncoding}
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client={google:suggestClient}&q={searchTerms}&{google:cursorPosition}{google:zeroPrefixUrl}sugkey={google:suggestAPIKeyParameter}
CHR - homepage: http://www.google.co.uk/
CHR - plugin: Shockwave Flash (Enabled) = C:\Program Files\Google\Chrome\Application\29.0.1547.66\PepperFlash\pepflashplayer.dll
CHR - plugin: Chrome Remote Desktop Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Program Files\Google\Chrome\Application\29.0.1547.66\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Program Files\Google\Chrome\Application\29.0.1547.66\pdf.dll
CHR - plugin: Adobe Acrobat (Enabled) = C:\Program Files\Adobe\Acrobat 6.0\Reader\Browser\nppdf32.dll
CHR - plugin: Java Deployment Toolkit 6.0.200.2 (Enabled) = C:\Program Files\Java\jre6\bin\new_plugin\npdeployJava1.dll
CHR - plugin: Java(TM) Platform SE 6 U20 (Enabled) = C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll
CHR - plugin: Shockwave for Director (Enabled) = C:\Program Files\Mozilla Firefox\plugins\np32dsw.dll
CHR - plugin: My Web Search Plugin Stub (Enabled) = C:\Program Files\Mozilla Firefox\plugins\NPMyWebS.dll
CHR - plugin: RealPlayer(tm) G2 LiveConnect-Enabled Plug-In (32-bit) (Enabled) = C:\Program Files\Mozilla Firefox\plugins\nppl3260.dll
CHR - plugin: QuickTime Plug-in 7.7.3 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin.dll
CHR - plugin: QuickTime Plug-in 7.7.3 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin2.dll
CHR - plugin: QuickTime Plug-in 7.7.3 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin3.dll
CHR - plugin: QuickTime Plug-in 7.7.3 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin4.dll
CHR - plugin: QuickTime Plug-in 7.7.3 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin5.dll
CHR - plugin: QuickTime Plug-in 7.7.3 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin6.dll
CHR - plugin: QuickTime Plug-in 7.7.3 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin7.dll
CHR - plugin: RealJukebox NS Plugin (Enabled) = C:\Program Files\Mozilla Firefox\plugins\nprjplug.dll
CHR - plugin: RealPlayer Download Plugin (Enabled) = C:\Program Files\Mozilla Firefox\plugins\nprpplugin.dll
CHR - plugin: RealNetworks(tm) Chrome Background Extension Plug-In (32-bit) (Enabled) = C:\Documents and Settings\All Users\Application Data\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprpchromebrowserrecordext.dll
CHR - plugin: RealPlayer(tm) HTML5VideoShim Plug-In (32-bit) (Enabled) = C:\Documents and Settings\All Users\Application Data\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll
CHR - plugin: Microsoft Office 2010 (Enabled) = C:\PROGRA~1\MICROS~3\Office14\NPAUTHZ.DLL
CHR - plugin: Microsoft Office 2010 (Enabled) = C:\PROGRA~1\MICROS~3\Office14\NPSPWRAP.DLL
CHR - plugin: Google Update (Enabled) = C:\Program Files\Google\Update\1.3.21.153\npGoogleUpdate3.dll
CHR - plugin: MetaStream 3 Plugin (Enabled) = C:\Program Files\Viewpoint\Viewpoint Experience Technology\npViewpoint.dll
CHR - plugin: Windows Presentation Foundation (Enabled) = c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll
CHR - Extension: Google Docs = C:\Documents and Settings\The Brown's\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.5_0\
CHR - Extension: Google Drive = C:\Documents and Settings\The Brown's\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.3_0\
CHR - Extension: YouTube = C:\Documents and Settings\The Brown's\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.6_0\
CHR - Extension: AdBlock = C:\Documents and Settings\The Brown's\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.6.6_0\
CHR - Extension: RealPlayer HTML5Video Downloader Extension = C:\Documents and Settings\The Brown's\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\jfmjfhklogoienhpfnppmbcbjfjnkonk\1.5_0\
CHR - Extension: Skype Click to Call = C:\Documents and Settings\The Brown's\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl\5.6.0.8442_0\
CHR - Extension: Chrome In-App Payments service = C:\Documents and Settings\The Brown's\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.4.10_0\
CHR - Extension: Gmail = C:\Documents and Settings\The Brown's\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\

O1 HOSTS File: ([2004/08/10 06:00:00 | 000,000,734 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (AcroIEHlprObj Class) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
O2 - BHO: (no name) - {4D25F921-B9FE-4682-BF72-8AB8210D6D75} - C:\Program Files\MyWaySA\SrchAsDe\deSrcAs.dll (MyWay.com)
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - No CLSID value found.
O2 - BHO: (Groove GFS Browser Helper) - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
O2 - BHO: (Skype Browser Helper) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O2 - BHO: (Office Document Cache Handler) - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
O3 - HKLM\..\Toolbar: (My Web Search) - {07B18EA9-A523-4961-B6BB-170DE4475CCA} - C:\Program Files\MyWebSearch\bar\1.bin\MWSBAR.DLL File not found
O3 - HKU\.DEFAULT\..\Toolbar\WebBrowser: (no name) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No CLSID value found.
O3 - HKU\S-1-5-18\..\Toolbar\WebBrowser: (no name) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No CLSID value found.
O3 - HKU\S-1-5-21-3030998525-717131792-4089313889-1005\..\Toolbar\WebBrowser: (My Web Search) - {07B18EA9-A523-4961-B6BB-170DE4475CCA} - C:\Program Files\MyWebSearch\bar\1.bin\MWSBAR.DLL File not found
O4 - HKU\S-1-5-21-3030998525-717131792-4089313889-1005..\RunOnce: [Shockwave Updater] C:\WINDOWS\system32\Adobe\SHOCKW~1\SWHELP~1.EXE -Update -1103472 -"Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 5.1; FunWebProducts; GTB6.6; .NET CLR 1.0.3705; .NET CLR 1.1.4322; Media Center PC 4.0; .NET CLR 2.0.50727; InfoPath.1; .NET CLR 3.0.4506.2152; .NET CLR 3.5.30729)" -"http://www.nationalexpress.com/home.aspx" File not found
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Micronet Wireless Network Utility.lnk = C:\Program Files\Micronet Wireless Network Utility\RtWLan.exe (Realtek Semiconductor Corp.)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: InstallVisualStyle = C:\WINDOWS\Resources\Themes\Royale\Royale.msstyles (Microsoft)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: InstallTheme = C:\WINDOWS\Resources\Themes\Royale.theme ()
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-21-3030998525-717131792-4089313889-1005\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O8 - Extra context menu item: &Search - Reg Error: Value error. File not found
O8 - Extra context menu item: E&xport to Microsoft Excel - C:\Program Files\Microsoft Office\Office14\EXCEL.EXE (Microsoft Corporation)
O8 - Extra context menu item: Se&nd to OneNote - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra Button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : Se&nd to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra Button: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll (Microsoft Corporation)
O9 - Extra Button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra 'Tools' menuitem : Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} http://download.microsoft.com/download/ ... ontrol.cab (Windows Genuine Advantage Validation Tool)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.0.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{4A640915-2EFE-4B3D-8D88-0A2581296DA0}: DhcpNameServer = 192.168.0.1
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\WINDOWS\system32\userinit.exe) - C:\WINDOWS\system32\userinit.exe (Microsoft Corporation)
O24 - Desktop WallPaper: C:\WINDOWS\Web\Wallpaper\Bliss.bmp
O24 - Desktop BackupWallPaper: C:\WINDOWS\Web\Wallpaper\Bliss.bmp
O28 - HKLM ShellExecuteHooks: {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2005/08/16 05:43:04 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O33 - MountPoints2\{361ac05d-0e0d-11da-9aa9-806d6172696f}\Shell - "" = AutoRun
O33 - MountPoints2\{361ac05d-0e0d-11da-9aa9-806d6172696f}\Shell\AutoRun - "" = Auto&Play
O33 - MountPoints2\{361ac05d-0e0d-11da-9aa9-806d6172696f}\Shell\AutoRun\command - "" = E:\setup.exe
O33 - MountPoints2\{98ae1aac-f2eb-11df-9072-001320cfde2d}\Shell\Setup\command - "" = C:\WINDOWS\System32\setup.exe -- [2008/04/14 01:12:34 | 000,023,040 | ---- | M] (Microsoft Corporation)
O33 - MountPoints2\{c199c245-c73f-11dc-85d8-00038a000015}\Shell\AutoRun\command - "" = F:\setupSNK.exe
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)

========== Files/Folders - Created Within 30 Days ==========

[2013/09/16 16:25:18 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\The Brown's\Desktop\OTL.exe
[2013/09/12 17:59:54 | 000,000,000 | ---D | C] -- C:\Documents and Settings\The Brown's\Desktop\Malware Stuff
[2013/09/12 17:58:09 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Office Genuine Advantage
[2013/09/12 17:58:00 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Windows Genuine Advantage
[2013/09/12 12:14:06 | 000,000,000 | ---D | C] -- C:\Documents and Settings\The Brown's\Application Data\Malwarebytes
[2013/09/12 12:13:55 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Malwarebytes' Anti-Malware
[2013/09/12 12:13:54 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Malwarebytes
[2013/09/12 12:13:53 | 000,022,856 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbam.sys
[2013/09/12 12:13:53 | 000,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware
[2013/09/12 12:07:51 | 000,000,000 | ---D | C] -- C:\Documents and Settings\The Brown's\Application Data\DriverCure
[2013/09/12 12:07:50 | 000,000,000 | ---D | C] -- C:\Documents and Settings\The Brown's\Application Data\SparkTrust
[2013/09/12 12:07:33 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\SparkTrust
[2013/09/03 18:12:47 | 000,000,000 | ---D | C] -- C:\Documents and Settings\The Brown's\Desktop\George's Stuff
[12 C:\Documents and Settings\All Users\*.tmp files -> C:\Documents and Settings\All Users\*.tmp -> ]
[1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
[1 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2013/09/16 16:28:01 | 000,000,896 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
[2013/09/16 16:25:21 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\The Brown's\Desktop\OTL.exe
[2013/09/16 15:39:21 | 000,002,206 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2013/09/16 15:28:01 | 000,000,892 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
[2013/09/16 10:54:34 | 000,000,284 | ---- | M] () -- C:\WINDOWS\tasks\AppleSoftwareUpdate.job
[2013/09/15 09:32:59 | 000,000,290 | ---- | M] () -- C:\WINDOWS\tasks\RealUpgradeLogonTaskS-1-5-21-3030998525-717131792-4089313889-1005.job
[2013/09/15 09:32:28 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2013/09/15 09:32:27 | 526,536,704 | -HS- | M] () -- C:\hiberfil.sys
[2013/09/11 09:29:04 | 000,000,298 | ---- | M] () -- C:\WINDOWS\tasks\RealUpgradeScheduledTaskS-1-5-21-3030998525-717131792-4089313889-1005.job
[2013/09/05 20:59:09 | 000,516,358 | ---- | M] () -- C:\Documents and Settings\The Brown's\Desktop\Help to Buy at a glance[1].pdf
[2013/09/04 00:35:38 | 000,001,813 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Google Chrome.lnk
[2013/08/24 12:08:47 | 000,002,265 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Skype.lnk
[2013/08/20 14:13:45 | 000,001,831 | ---- | M] () -- C:\Documents and Settings\The Brown's\Application Data\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk
[12 C:\Documents and Settings\All Users\*.tmp files -> C:\Documents and Settings\All Users\*.tmp -> ]
[1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
[1 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]

========== Files Created - No Company Name ==========

[2013/09/05 20:59:09 | 000,516,358 | ---- | C] () -- C:\Documents and Settings\The Brown's\Desktop\Help to Buy at a glance[1].pdf
[2013/08/08 00:45:02 | 000,001,940 | ---- | C] () -- C:\Documents and Settings\The Brown's\Local Settings\Application Data\{96C87F53-AC72-4604-A9CC-186A49F17F3C}.ini
[2013/08/07 10:42:49 | 000,001,940 | ---- | C] () -- C:\Documents and Settings\LocalService\Local Settings\Application Data\{96C87F53-AC72-4604-A9CC-186A49F17F3C}.ini
[2013/03/31 13:13:25 | 000,000,000 | ---- | C] () -- C:\WINDOWS\PROTOCOL.INI
[2012/12/08 18:15:52 | 000,000,029 | ---- | C] () -- C:\WINDOWS\DEBUGSM.INI
[2012/02/15 08:56:27 | 000,003,072 | ---- | C] () -- C:\WINDOWS\System32\iacenc.dll
[2011/02/28 12:36:23 | 000,103,784 | ---- | C] () -- C:\Documents and Settings\The Brown's\GoToAssistDownloadHelper.exe
[2009/04/12 20:09:15 | 000,006,144 | ---- | C] () -- C:\Documents and Settings\The Brown's\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2009/03/11 20:25:59 | 000,000,034 | ---- | C] () -- C:\Documents and Settings\The Brown's\jagex_runescape_preferences.dat
[2008/06/07 15:43:35 | 000,004,740 | ---- | C] () -- C:\Documents and Settings\All Users\lxdj
[2008/01/20 11:13:15 | 000,000,134 | ---- | C] () -- C:\Documents and Settings\The Brown's\Local Settings\Application Data\fusioncache.dat

========== ZeroAccess Check ==========

[2005/08/16 05:39:16 | 000,000,227 | RHS- | M] () -- C:\WINDOWS\assembly\Desktop.ini

[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]

[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shdocvw.dll -- [2008/04/14 01:12:05 | 001,499,136 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = C:\WINDOWS\system32\wbem\fastprox.dll -- [2009/02/09 13:10:48 | 000,473,600 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
"" = C:\WINDOWS\system32\wbem\wbemess.dll -- [2008/04/14 01:12:08 | 000,273,920 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both

========== LOP Check ==========

[2011/02/28 12:36:54 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Citrix
[2008/03/23 11:52:47 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\PopCap
[2013/09/12 12:10:12 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\SparkTrust
[2010/10/02 15:20:08 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\UDL
[2006/01/17 16:13:16 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Viewpoint
[2013/08/08 00:43:12 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\{7B6BA59A-FB0E-4499-8536-A7420338BF3B}
[2009/10/19 17:48:40 | 000,000,000 | ---D | M] -- C:\Documents and Settings\LocalService\Application Data\SACore
[2013/09/12 12:07:51 | 000,000,000 | ---D | M] -- C:\Documents and Settings\The Brown's\Application Data\DriverCure
[2012/12/08 18:15:52 | 000,000,000 | ---D | M] -- C:\Documents and Settings\The Brown's\Application Data\EPSON
[2008/04/25 17:18:55 | 000,000,000 | ---D | M] -- C:\Documents and Settings\The Brown's\Application Data\FunWebProducts
[2010/05/31 21:22:15 | 000,000,000 | ---D | M] -- C:\Documents and Settings\The Brown's\Application Data\Lexmark Productivity Studio
[2013/09/12 12:07:50 | 000,000,000 | ---D | M] -- C:\Documents and Settings\The Brown's\Application Data\SparkTrust
[2008/03/26 18:13:04 | 000,000,000 | ---D | M] -- C:\Documents and Settings\The Brown's\Application Data\Template
[2008/04/11 21:07:05 | 000,000,000 | ---D | M] -- C:\Documents and Settings\The Brown's\Application Data\Viewpoint

========== Purity Check ==========



< End of report >


[bExtras.txt[/b]

OTL Extras logfile created on: 16/09/2013 16:27:59 - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Documents and Settings\The Brown's\Desktop
Windows XP Media Center Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000809 | Country: United Kingdom | Language: ENG | Date Format: dd/MM/yyyy

502.07 Mb Total Physical Memory | 297.70 Mb Available Physical Memory | 59.29% Memory free
1.63 Gb Paging File | 1.30 Gb Available in Paging File | 79.81% Paging File free
Paging file location(s): C:\pagefile.sys 756 1512 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 69.80 Gb Total Space | 35.31 Gb Free Space | 50.59% Space Free | Partition Type: NTFS

Computer Name: JARINA | User Name: The Brown's | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Extra Registry (SafeList) ==========


========== File Associations ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*

[HKEY_USERS\S-1-5-21-3030998525-717131792-4089313889-1005\SOFTWARE\Classes\<extension>]
.html [@ = ChromeHTML] -- Reg Error: Key error. File not found

========== Shell Spawning ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
exefile [open] -- "%1" %*
htmlfile [edit] -- "C:\PROGRA~1\MICROS~3\Office14\msohtmed.exe" %1 (Microsoft Corporation)
htmlfile [print] -- "C:\PROGRA~1\MICROS~3\Office14\msohtmed.exe" /p %1 (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

========== Security Center Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"FirstRunDisabled" = 1
"AntiVirusDisableNotify" = 0
"FirewallDisableNotify" = 0
"UpdatesDisableNotify" = 0
"AntiVirusOverride" = 0
"FirewallOverride" = 0

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall]

========== System Restore Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Sr]
"Start" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SrService]
"Start" = 2

========== Firewall Settings ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List]
"139:TCP" = 139:TCP:*:Enabled:@xpsp2res.dll,-22004
"445:TCP" = 445:TCP:*:Enabled:@xpsp2res.dll,-22005
"137:UDP" = 137:UDP:*:Enabled:@xpsp2res.dll,-22001
"138:UDP" = 138:UDP:*:Enabled:@xpsp2res.dll,-22002
"1900:UDP" = 1900:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22007
"2869:TCP" = 2869:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22008

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
"1900:UDP" = 1900:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22007
"139:TCP" = 139:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22004
"445:TCP" = 445:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22005
"137:UDP" = 137:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22001
"138:UDP" = 138:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22002
"2869:TCP" = 2869:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22008

========== Authorized Applications List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
"%windir%\system32\sessmgr.exe" = %windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019 -- (Microsoft Corporation)
"C:\Program Files\Lexmark 1400 Series\app4r.exe" = C:\Program Files\Lexmark 1400 Series\App4R.exe:*:Enabled:Lexmark Imaging Studio
"%windir%\Network Diagnostic\xpnetdiag.exe" = %windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000 -- (Microsoft Corporation)
"C:\Program Files\Windows Live\Messenger\wlcsdk.exe" = C:\Program Files\Windows Live\Messenger\wlcsdk.exe:*:Enabled:Windows Live Call -- (Microsoft Corporation)
"C:\Program Files\Windows Live\Messenger\msnmsgr.exe" = C:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger -- (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"%windir%\system32\sessmgr.exe" = %windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019 -- (Microsoft Corporation)
"C:\Program Files\Lexmark 1400 Series\lxdjamon.exe" = C:\Program Files\Lexmark 1400 Series\lxdjamon.exe:*:Enabled:Lexmark Device Monitor
"C:\Program Files\Lexmark 1400 Series\App4R.exe" = C:\Program Files\Lexmark 1400 Series\App4R.exe:*:Enabled:Lexmark Imaging Studio
"C:\WINDOWS\system32\lxdjcfg.exe" = C:\WINDOWS\system32\lxdjcfg.exe:*:Enabled:
"C:\WINDOWS\system32\lxdjcoms.exe" = C:\WINDOWS\system32\lxdjcoms.exe:*:Enabled:Lexmark Communications System
"C:\Program Files\Messenger\msmsgs.exe" = C:\Program Files\Messenger\msmsgs.exe:*:Enabled:Windows Messenger -- (Microsoft Corporation)
"%windir%\Network Diagnostic\xpnetdiag.exe" = %windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000 -- (Microsoft Corporation)
"C:\Program Files\Windows Live\Messenger\wlcsdk.exe" = C:\Program Files\Windows Live\Messenger\wlcsdk.exe:*:Enabled:Windows Live Call -- (Microsoft Corporation)
"C:\Program Files\Windows Live\Messenger\msnmsgr.exe" = C:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger -- (Microsoft Corporation)
"C:\WINDOWS\system32\spool\drivers\w32x86\3\lxdjjswx.exe" = C:\WINDOWS\system32\spool\drivers\w32x86\3\lxdjjswx.exe:*:Enabled:
"C:\WINDOWS\system32\spool\drivers\w32x86\3\lxdjtime.exe" = C:\WINDOWS\system32\spool\drivers\w32x86\3\lxdjtime.exe:*:Enabled:
"C:\WINDOWS\system32\spool\drivers\w32x86\3\lxdjpswx.exe" = C:\WINDOWS\system32\spool\drivers\w32x86\3\lxdjpswx.exe:*:Enabled:
"C:\Program Files\Microsoft Office\Office14\GROOVE.EXE" = C:\Program Files\Microsoft Office\Office14\GROOVE.EXE:*:Enabled:Microsoft SharePoint Workspace -- (Microsoft Corporation)
"C:\Program Files\Microsoft Office\Office14\ONENOTE.EXE" = C:\Program Files\Microsoft Office\Office14\ONENOTE.EXE:*:Enabled:Microsoft OneNote -- (Microsoft Corporation)
"C:\Program Files\Microsoft Office\Office14\OUTLOOK.EXE" = C:\Program Files\Microsoft Office\Office14\OUTLOOK.EXE:*:Enabled:Microsoft Office Outlook -- (Microsoft Corporation)
"C:\Program Files\Common Files\Apple\Apple Application Support\WebKit2WebProcess.exe" = C:\Program Files\Common Files\Apple\Apple Application Support\WebKit2WebProcess.exe:*:Enabled:WebKit -- (Apple Inc.)
"C:\Program Files\Skype\Phone\Skype.exe" = C:\Program Files\Skype\Phone\Skype.exe:*:Enabled:Skype -- (Skype Technologies S.A.)


========== HKEY_LOCAL_MACHINE Uninstall List ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{205C6BDD-7B73-42DE-8505-9A093F35A238}" = Windows Live Upload Tool
"{20C45B32-5AB6-46A4-94EF-58950CAF05E5}" = EPSON Attach To Email
"{22B775E7-6C42-4FC5-8E10-9A5E3257BD94}" = MSVCRT
"{26A24AE4-039D-4CA4-87B4-2F83216020FF}" = Java(TM) 6 Update 20
"{2A88F1BF-7041-4E42-84B1-6B4ACB83AC64}" = EPSON Scan Assistant
"{314F6D08-A8B7-11D8-8446-0050BA1D384D}" = EPSON Image Clip Palette
"{3248F0A8-6813-11D6-A77B-00B0D0160030}" = Java(TM) 6 Update 3
"{3248F0A8-6813-11D6-A77B-00B0D0160050}" = Java(TM) 6 Update 5
"{350C97B0-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP
"{35BDEFF1-A610-4956-A00D-15453C116395}" = Internet Explorer Default Page
"{45338B07-A236-4270-9A77-EBB4115517B5}" = Windows Live Sign-in Assistant
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4E76FF7E-AEBA-4C87-B788-CD47E5425B9D}" = Skype™ 6.3
"{53C6D09E-EAB6-49E5-BA4C-BA7FF13830FB}" = Sound Blaster Audigy ADVANCED MB
"{5905F42D-3F5F-4916-ADA6-94A3646AEE76}" = Dell Driver Reset Tool
"{5DA7BC15-18D3-41A0-9F59-838DA3EAEF17}" = EPSON Easy Photo Print
"{6412CECE-8172-4BE5-935B-6CECACD2CA87}" = Windows Live Mail
"{67EDD823-135A-4D59-87BD-950616D6E857}" = EPSON Copy Utility 3
"{7148F0A8-6813-11D6-A77B-00B0D0142030}" = Java 2 Runtime Environment, SE v1.4.2_03
"{74F7662C-B1DB-489E-A8AC-07A06B24978B}" = Dell System Restore
"{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}" = Apple Software Update
"{81128EE8-8EAD-4DB0-85C6-17C2CE50FF71}" = Windows Live Essentials
"{83F793B5-8BBF-42FD-A8A6-868CB3E2AAEA}" = Intel(R) PROSet for Wired Connections
"{8A708DD8-A5E6-11D4-A706-000629E95E20}" = Intel(R) Graphics Media Accelerator Driver
"{90140000-0010-0409-0000-0000000FF1CE}" = Microsoft Software Update for Web Folders (English) 14
"{90140000-0015-0409-0000-0000000FF1CE}" = Microsoft Office Access MUI (English) 2010
"{90140000-0015-0409-0000-0000000FF1CE}_Office14.PROPLUSR_{6BD185A0-E67F-4F77-8BCD-E34EA6AE76DF}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0016-0409-0000-0000000FF1CE}" = Microsoft Office Excel MUI (English) 2010
"{90140000-0016-0409-0000-0000000FF1CE}_Office14.PROPLUSR_{6BD185A0-E67F-4F77-8BCD-E34EA6AE76DF}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0018-0409-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (English) 2010
"{90140000-0018-0409-0000-0000000FF1CE}_Office14.PROPLUSR_{6BD185A0-E67F-4F77-8BCD-E34EA6AE76DF}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0019-0409-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (English) 2010
"{90140000-0019-0409-0000-0000000FF1CE}_Office14.PROPLUSR_{6BD185A0-E67F-4F77-8BCD-E34EA6AE76DF}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001A-0409-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (English) 2010
"{90140000-001A-0409-0000-0000000FF1CE}_Office14.PROPLUSR_{6BD185A0-E67F-4F77-8BCD-E34EA6AE76DF}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001B-0409-0000-0000000FF1CE}" = Microsoft Office Word MUI (English) 2010
"{90140000-001B-0409-0000-0000000FF1CE}_Office14.PROPLUSR_{6BD185A0-E67F-4F77-8BCD-E34EA6AE76DF}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2010
"{90140000-001F-0409-0000-0000000FF1CE}_Office14.PROPLUSR_{99ACCA38-6DD3-48A8-96AE-A283C9759279}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2010
"{90140000-001F-040C-0000-0000000FF1CE}_Office14.PROPLUSR_{46298F6A-1E7E-4D4A-B5F5-106A4F0E48C6}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001F-0C0A-0000-0000000FF1CE}" = Microsoft Office Proof (Spanish) 2010
"{90140000-001F-0C0A-0000-0000000FF1CE}_Office14.PROPLUSR_{DEA87BE2-FFCC-4F33-9946-FCBE55A1E998}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-002C-0409-0000-0000000FF1CE}" = Microsoft Office Proofing (English) 2010
"{90140000-002C-0409-0000-0000000FF1CE}_Office14.PROPLUSR_{7CA93DF4-8902-449E-A42E-4C5923CFBDE3}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0044-0409-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (English) 2010
"{90140000-0044-0409-0000-0000000FF1CE}_Office14.PROPLUSR_{6BD185A0-E67F-4F77-8BCD-E34EA6AE76DF}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-006E-0409-0000-0000000FF1CE}" = Microsoft Office Shared MUI (English) 2010
"{90140000-006E-0409-0000-0000000FF1CE}_Office14.PROPLUSR_{4560037C-E356-444A-A015-D21F487D809E}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-00A1-0409-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (English) 2010
"{90140000-00A1-0409-0000-0000000FF1CE}_Office14.PROPLUSR_{6BD185A0-E67F-4F77-8BCD-E34EA6AE76DF}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-00BA-0409-0000-0000000FF1CE}" = Microsoft Office Groove MUI (English) 2010
"{90140000-00BA-0409-0000-0000000FF1CE}_Office14.PROPLUSR_{6BD185A0-E67F-4F77-8BCD-E34EA6AE76DF}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0115-0409-0000-0000000FF1CE}" = Microsoft Office Shared Setup Metadata MUI (English) 2010
"{90140000-0115-0409-0000-0000000FF1CE}_Office14.PROPLUSR_{4560037C-E356-444A-A015-D21F487D809E}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0117-0409-0000-0000000FF1CE}" = Microsoft Office Access Setup Metadata MUI (English) 2010
"{90140000-0117-0409-0000-0000000FF1CE}_Office14.PROPLUSR_{6BD185A0-E67F-4F77-8BCD-E34EA6AE76DF}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{91140000-0011-0000-0000-0000000FF1CE}" = Microsoft Office Professional Plus 2010
"{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{047B0968-E622-4FAA-9B4B-121FA109EDDE}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting
"{9941F0AA-B903-4AF4-A055-83A9815CC011}" = Sonic Encoders
"{A1F66FC9-11EE-4F2F-98C9-16F8D1E69FB7}" = Segoe UI
"{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}" = Microsoft .NET Framework 3.0 Service Pack 2
"{A85FD55B-891B-4314-97A5-EA96C0BD80B5}" = Windows Live Messenger
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{AC76BA86-0000-0000-0000-6028747ADE01}" = Adobe Acrobat - Reader 6.0.2 Update
"{AC76BA86-7AD7-1033-7B44-A00000000001}" = Adobe Reader 6.0.1
"{B41F5ED6-4D67-4FAA-B787-D5DF1DD0EC80}" = Micronet Wireless Network Utility
"{B6CF2967-C81E-40C0-9815-C05774FEF120}" = Skype Click to Call
"{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}" = Microsoft .NET Framework 2.0 Service Pack 2
"{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}" = Microsoft .NET Framework 1.1
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{D2988E9B-C73F-422C-AD4B-A66EBE257120}" = MCU
"{DAB5C521-80B2-48C3-B0DA-326A1B331F55}" = GoToAssist Corporate
"{E2DFE069-083E-4631-9B6C-43C48E991DE5}" = Junk Mail filter update
"{E7559288-223B-453C-9F06-340E3BE21E39}" = MyWay Search Assistant
"{E86BC406-944E-41F6-ADE6-2C136734C96B}" = EPSON File Manager
"{ED00D08A-3C5F-488D-93A0-A04F21F23956}" = Windows Live Communications Platform
"{F0E12BBA-AD66-4022-A453-A1C8A0C4D570}" = Microsoft Choice Guard
"{F5266D28-E0B2-4130-BFC5-EE155AD514DC}" = Apple Application Support
"{F6BD194C-4190-4D73-B1B1-C48C99921BFE}" = Windows Live Call
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Adobe Shockwave Player" = Adobe Shockwave Player
"DellSupport" = Dell Support 5.0.0 (630)
"EmeraldQFE2" = Windows Media Player 10 Hotfix [See EmeraldQFE2 for more information]
"EPSON Printer and Utilities" = EPSON Printer Software
"EPSON Scanner" = EPSON Scan
"ESDX4800_4200 User's Guide" = ESDX4800_4200 User's Guide
"Google Chrome" = Google Chrome
"IDNMitigationAPIs" = Microsoft Internationalized Domain Names Mitigation APIs
"ie7" = Windows Internet Explorer 7
"ie8" = Windows Internet Explorer 8
"InstallShield_{20C45B32-5AB6-46A4-94EF-58950CAF05E5}" = EPSON Attach To Email
"Malwarebytes' Anti-Malware_is1" = Malwarebytes Anti-Malware version 1.75.0.1300
"Microsoft .NET Framework 1.1 (1033)" = Microsoft .NET Framework 1.1
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"MSNINST" = MSN
"NLSDownlevelMapping" = Microsoft National Language Support Downlevel APIs
"Office14.PROPLUSR" = Microsoft Office Professional Plus 2010
"PROSet" = Intel(R) PRO Network Connections Drivers
"ViewpointMediaPlayer" = Viewpoint Media Player
"Windows Media Format Runtime" = Windows Media Format Runtime
"Windows XP Service Pack" = Windows XP Service Pack 3
"WinLiveSuite_Wave3" = Windows Live Essentials

========== HKEY_USERS Uninstall List ==========

[HKEY_USERS\S-1-5-21-3030998525-717131792-4089313889-1005\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]

========== Last 20 Event Log Errors ==========

[ Application Events ]
Error - 11/08/2013 08:44:37 | Computer Name = JARINA | Source = Application Hang | ID = 1002
Description = Hanging application iexplore.exe, version 8.0.6001.18702, hang module
hungapp, version 0.0.0.0, hang address 0x00000000.

Error - 11/08/2013 09:54:22 | Computer Name = JARINA | Source = Media Center Phone Service | ID = 8
Description = Initializing the telephony service failed with error 0x80040005.

Error - 20/08/2013 10:19:31 | Computer Name = JARINA | Source = Media Center Phone Service | ID = 8
Description = Initializing the telephony service failed with error 0x80040005.

Error - 22/08/2013 06:21:48 | Computer Name = JARINA | Source = Application Hang | ID = 1002
Description = Hanging application iexplore.exe, version 8.0.6001.18702, hang module
hungapp, version 0.0.0.0, hang address 0x00000000.

Error - 23/08/2013 14:52:45 | Computer Name = JARINA | Source = Application Hang | ID = 1002
Description = Hanging application iexplore.exe, version 8.0.6001.18702, hang module
hungapp, version 0.0.0.0, hang address 0x00000000.

Error - 31/08/2013 15:00:49 | Computer Name = JARINA | Source = Application Hang | ID = 1002
Description = Hanging application iexplore.exe, version 8.0.6001.18702, hang module
hungapp, version 0.0.0.0, hang address 0x00000000.

Error - 11/09/2013 12:35:53 | Computer Name = JARINA | Source = Application Hang | ID = 1002
Description = Hanging application iexplore.exe, version 8.0.6001.18702, hang module
hungapp, version 0.0.0.0, hang address 0x00000000.

Error - 12/09/2013 08:08:32 | Computer Name = JARINA | Source = Media Center Phone Service | ID = 8
Description = Initializing the telephony service failed with error 0x80040005.

Error - 12/09/2013 09:33:17 | Computer Name = JARINA | Source = Media Center Phone Service | ID = 8
Description = Initializing the telephony service failed with error 0x80040005.

Error - 15/09/2013 05:38:36 | Computer Name = JARINA | Source = Media Center Phone Service | ID = 8
Description = Initializing the telephony service failed with error 0x80040005.

[ System Events ]
Error - 16/09/2013 11:26:18 | Computer Name = JARINA | Source = Service Control Manager | ID = 7001
Description = The Remote Access Connection Manager service depends on the Telephony
service which failed to start because of the following error: %%1058

Error - 16/09/2013 11:26:18 | Computer Name = JARINA | Source = Service Control Manager | ID = 7001
Description = The Remote Access Connection Manager service depends on the Telephony
service which failed to start because of the following error: %%1058

Error - 16/09/2013 11:26:18 | Computer Name = JARINA | Source = Service Control Manager | ID = 7001
Description = The Remote Access Connection Manager service depends on the Telephony
service which failed to start because of the following error: %%1058

Error - 16/09/2013 11:26:18 | Computer Name = JARINA | Source = Service Control Manager | ID = 7001
Description = The Remote Access Connection Manager service depends on the Telephony
service which failed to start because of the following error: %%1058

Error - 16/09/2013 11:26:18 | Computer Name = JARINA | Source = Service Control Manager | ID = 7001
Description = The Remote Access Connection Manager service depends on the Telephony
service which failed to start because of the following error: %%1058

Error - 16/09/2013 11:26:18 | Computer Name = JARINA | Source = Service Control Manager | ID = 7001
Description = The Remote Access Connection Manager service depends on the Telephony
service which failed to start because of the following error: %%1058

Error - 16/09/2013 11:26:18 | Computer Name = JARINA | Source = Service Control Manager | ID = 7001
Description = The Remote Access Connection Manager service depends on the Telephony
service which failed to start because of the following error: %%1058

Error - 16/09/2013 11:26:18 | Computer Name = JARINA | Source = Service Control Manager | ID = 7001
Description = The Remote Access Connection Manager service depends on the Telephony
service which failed to start because of the following error: %%1058

Error - 16/09/2013 11:26:18 | Computer Name = JARINA | Source = Service Control Manager | ID = 7001
Description = The Remote Access Connection Manager service depends on the Telephony
service which failed to start because of the following error: %%1058

Error - 16/09/2013 11:26:18 | Computer Name = JARINA | Source = Service Control Manager | ID = 7001
Description = The Remote Access Connection Manager service depends on the Telephony
service which failed to start because of the following error: %%1058


< End of report >
L33AJD
Regular Member
 
Posts: 24
Joined: September 12th, 2013, 9:03 am

Re: Very Slow Internet Browsing. Continued

Unread postby pgmigg » September 16th, 2013, 11:38 am

Good! :D

Checking your logs, will be back soon... ;)
User avatar
pgmigg
Admin/Teacher
Admin/Teacher
 
Posts: 5457
Joined: July 8th, 2008, 1:25 pm
Location: GMT-05:00

Re: Very Slow Internet Browsing. Continued

Unread postby pgmigg » September 16th, 2013, 5:04 pm

Hello L33AJD,

Thank you for your patience... :)

For safety reason (to have a good registry to restore if needed), I will ask you to create a System Restore Point (SRP) before most of my instructions sets...

Step 1.
Create a New System Restore Point.
  1. Click Start, select All Programs -> Accessories -> System Tools, then press System Restore.
  2. At the Welcome screen select Create a restore point and then press Next.
  3. In the description box, type a name to describe this restore point.
      System Restore automatically adds (to your description) the current date and time.
  4. Click Create to finish creating this restore point.
  5. Click Close to exit System Restore.
Unless you use some other method to create system restore points, it is advisable to leave this feature ON and active.

If you have successfully created a System Restore Point, we can proceed.
STOP! If you have NOT successfully created a System Restore Point... STOP! do not go any further!
Please post back so we can determine why it was unsuccessful.

Step 2.
Add/Remove Programs
I need you to uninstall some programs from your computer.
  1. Click Start -> Run.
  2. Copy and paste the value below, into the open text entry box:
    appwiz.cpl
  3. Click the OK. It takes a few seconds for the program list to be populated.
  4. Locate the following program(s):
    Adobe Acrobat - Reader 6.0.2 Update
    Adobe Reader 6.0.1
    Java 2 Runtime Environment, SE v1.4.2_03
    Java Auto Updater
    Java(TM) 6 Update 20
    Java(TM) 6 Update 3
    Java(TM) 6 Update 5
    MyWay Search Assistant
  5. Press the "Remove" or "Change/Remove" button to uninstall the program.
    Carefully read any prompts...
    Some uninstallers prompt in a way to trick you into keeping the program, sometimes, preventing them from being uninstalled again!
    Don't worry if you can not find all programs from the list - some may not have an uninstall feature or may have been removed in previous steps.
  6. Repeat steps 4 - 5 for each program in the list.
  7. When finished, close/exit Add/Remove Programs.

Step 3.
Image Junkware Removal Tool
  1. Please download Junkware Removal Tool and save JRT.exe to your Desktop.
  2. Shut down your protection software as shown in This topic now to avoid potential conflicts.
  3. Double-click on JRT.exe to run it - the tool will open and start scanning your system.
  4. Please be patient as this can take a while to complete depending on your system's specifications.
  5. On completion, a log file JRT.txt is saved to your desktop and will automatically open.
  6. Please post the contents of JRT.txt into your next reply.

Step 4.
SystemLook
Please download SystemLook.exe by jpshortstuff and save it to your Desktop.
Alternate download site.
  1. Double-click SystemLook.exe to run it.
    If you receive an "Open file - security warning"... asking "Do you want to run this file?", press the Run button.
  2. Highlight and copy the following entries: into SystemLook's main text entry window.
    Code: Select all
    :filefind
    *AskToolbar*
    *Ask.com*
    *Bandoo*
    *Babylon*
    *Conduit*
    *datamngr*
    *searchab*
    *Fun4IM*
    *Funmoods*
    *iLivid*
    *IObit*
    *Iminent*
    *MyWay*
    *Searchqu*
    *Searchnu*
    *smartbar*
    *Tarma*
    *trolltech*
    *Vafmusic2*
    *vshare*
    *whitesmoke*
    *Yontoo*
    
    :folderfind
    *AskToolbar*
    *Ask.com*
    *Babylon*
    *Bandoo*
    *Conduit*
    *datamngr*
    *searchab*
    *smartbar*
    *Fun4IM*
    *Funmoods*
    *iLivid*
    *IObit*
    *Iminent*
    *MyWay*
    *Searchqu*
    *Searchnu*
    *Tarma*
    *trolltech*
    *Vafmusic2*
    *vshare*
    *whitesmoke*
    *Yontoo*
    
    :Regfind
    AskToolbar
    Ask.com
    Babylon
    Bandoo
    Conduit
    datamngr
    searchab
    Fun4IM
    Funmoods
    iLivid
    IObit
    Iminent
    MyWay
    Searchqu
    Searchnu
    smartbar
    Tarma
    trolltech
    Vafmusic2
    vshare
    whitesmoke
    Yontoo
    
  3. Press the Look button to start the scan. Please be patient as this can take a while (even a couple hours!) to complete depending on your system's specifications.
    When finished, a Notepad window will open with the results of the scan.
    A file will be created (on your Desktop) with the results of the scan, named SystemLook.txt
  4. Please post the contents of the SystemLook.txt file in your next reply.

Step 4.
Fresh OTL Scan
You should still have OTL.exe on your desktop.
Important! Close all applications and windows so that you have nothing open and are at your Desktop.
  1. Double click on OTL.exe to run it.
  2. Under Output, ensure that Standard Output is selected.
  3. Check the boxes labeled:
    • Scan All Users
    • Extra Registry > Use SafeList
  4. Click on Run Scan at the top left hand corner.
  5. When done, one Notepad file OTL.txt <-- Will be opened, maximized
  6. Please post the content of OTL.txt file ONLY in your next reply.

Please include in your next reply:
  1. Do you have any problems executing the instructions?
  2. Contents of the JRT.txt log file
  3. Contents of the SystemLook.txt log file
  4. Contents of OTL.txt log file
  5. Do you see any changes in computer behavior?

Please do not hesitate to divide the post into multiple if it is too long...

Thanks,
pgmigg

Failure to post replies within 72 hours will result in this thread being closed
User avatar
pgmigg
Admin/Teacher
Admin/Teacher
 
Posts: 5457
Joined: July 8th, 2008, 1:25 pm
Location: GMT-05:00

Re: Very Slow Internet Browsing. Continued

Unread postby L33AJD » September 17th, 2013, 4:05 pm

JRT.txt

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.0.1 (09.15.2013:1)
OS: Microsoft Windows XP x86
Ran by The Brown's on 17/09/2013 at 19:17:44.31
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




~~~ Services



~~~ Registry Values

Successfully repaired: [Registry Value] HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\\DisplayName
Successfully repaired: [Registry Value] HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\\URL



~~~ Registry Keys

Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{02478D38-C3F9-4EFB-9B51-7695ECA05670}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{9AFB8248-617F-460D-9366-D71CDEDA3179}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{EF99BD32-C1FB-11D2-892F-0090271D4F88}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\Interface\{79FB5FC8-44B9-4AF5-BADD-CCE547F953E5}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\Interface\{E79DFBCB-5697-4FBD-94E5-5B2A9C7C1612}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\Interface\{F87D7FB5-9DC5-4C8C-B998-D8DFE02E2978}
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\funwebproducts
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\mywebsearch
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\sparktrust
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\yahoopartnertoolbar
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\MenuExt\&search
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{07B18EA9-A523-4961-B6BB-170DE4475CCA}
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{1E0DE227-5CE4-4EA3-AB0C-8B03E1AA76BC}
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{02478D38-C3F9-4EFB-9B51-7695ECA05670}
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{1D4DB7D2-6EC9-47A3-BD87-1E41684E07BB}
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{EF99BD32-C1FB-11D2-892F-0090271D4F88}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\funwebproducts
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\mywebsearch
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\sparktrust
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\axmetastream.metastreamctl
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\axmetastream.metastreamctl.1
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\axmetastream.metastreamctlsecondary
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\axmetastream.metastreamctlsecondary.1
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\funwebproducts.datacontrol
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\funwebproducts.datacontrol.1
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\funwebproducts.historykillerscheduler
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\funwebproducts.historykillerscheduler.1
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\funwebproducts.historyswattercontrolbar
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\funwebproducts.historyswattercontrolbar.1
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\funwebproducts.htmlmenu
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\funwebproducts.htmlmenu.1
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\funwebproducts.htmlmenu.2
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\funwebproducts.iecookiesmanager
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\funwebproducts.iecookiesmanager.1
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\funwebproducts.killerobjmanager
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\funwebproducts.killerobjmanager.1
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\funwebproducts.popswatterbarbutton
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\funwebproducts.popswatterbarbutton.1
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\funwebproducts.popswattersettingscontrol
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\funwebproducts.popswattersettingscontrol.1
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\mywebsearch.chatsessionplugin
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\mywebsearch.chatsessionplugin.1
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\mywebsearch.htmlpanel
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\mywebsearch.htmlpanel.1
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\mywebsearch.outlookaddin
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\mywebsearch.outlookaddin.1
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\mywebsearch.pseudotransparentplugin
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\mywebsearch.pseudotransparentplugin.1
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\mywebsearchtoolbar.settingsplugin
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\mywebsearchtoolbar.settingsplugin.1
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\mywebsearchtoolbar.toolbarplugin
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\mywebsearchtoolbar.toolbarplugin.1
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\screensavercontrol.screensaverinstaller
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\screensavercontrol.screensaverinstaller.1
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{07B18EAB-A523-4961-B6BB-170DE4475CCA}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{25560540-9571-4D7B-9389-0F166788785A}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{3DC201FB-E9C9-499C-A11F-23C360D7C3F8}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{3E720452-B472-4954-B7AA-33069EB53906}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{63D0ED2C-B45B-4458-8B3B-60C69BBBD83C}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{7473D294-B7BB-4F24-AE82-7E2CE94BB6A9}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{98D9753D-D73B-42D5-8C85-4469CDA897AB}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{9FF05104-B030-46FC-94B8-81276E4E27DF}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{E79DFBCA-5697-4FBD-94E5-5B2A9C7C1612}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\viewpointmediaplayer
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{AFBCB7E0-F91A-4951-9F31-58FEE57A25C4}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\SearchScopes\{AFBCB7E0-F91A-4951-9F31-58FEE57A25C4}



~~~ Files



~~~ Folders

Successfully deleted: [Folder] "C:\Documents and Settings\All Users\application data\sparktrust"
Successfully deleted: [Folder] "C:\Documents and Settings\All Users\application data\viewpoint"
Successfully deleted: [Folder] "C:\Documents and Settings\The Brown's\Application Data\drivercure"
Successfully deleted: [Folder] "C:\Documents and Settings\The Brown's\Application Data\funwebproducts"
Successfully deleted: [Folder] "C:\Documents and Settings\The Brown's\Application Data\sparktrust"
Successfully deleted: [Folder] "C:\Documents and Settings\The Brown's\Application Data\viewpoint"
Successfully deleted: [Folder] "C:\Program Files\funwebproducts"
Successfully deleted: [Folder] "C:\Program Files\mywebsearch"
Successfully deleted: [Folder] "C:\Program Files\viewpoint"





~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 17/09/2013 at 19:22:46.15
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
L33AJD
Regular Member
 
Posts: 24
Joined: September 12th, 2013, 9:03 am

Re: Very Slow Internet Browsing. Continued

Unread postby L33AJD » September 17th, 2013, 4:05 pm

[b]SystemLook.txt[b]

SystemLook 30.07.11 by jpshortstuff
Log created at 19:42 on 17/09/2013 by The Brown's
Administrator - Elevation successful

========== filefind ==========

Searching for "*AskToolbar*"
No files found.

Searching for "*Ask.com*"
No files found.

Searching for "*Bandoo*"
No files found.

Searching for "*Babylon*"
No files found.

Searching for "*Conduit*"
No files found.

Searching for "*datamngr*"
C:\Documents and Settings\The Brown's\Local Settings\Temp\jrt\datamngr_del.reg --a---- 386 bytes [18:17 17/09/2013] [03:41 22/08/2013] 95F42A3D43416D3BB978F174C83F494C

Searching for "*searchab*"
No files found.

Searching for "*Fun4IM*"
No files found.

Searching for "*Funmoods*"
No files found.

Searching for "*iLivid*"
No files found.

Searching for "*IObit*"
No files found.

Searching for "*Iminent*"
No files found.

Searching for "*MyWay*"
No files found.

Searching for "*Searchqu*"
No files found.

Searching for "*Searchnu*"
No files found.

Searching for "*smartbar*"
No files found.

Searching for "*Tarma*"
No files found.

Searching for "*trolltech*"
No files found.

Searching for "*Vafmusic2*"
No files found.

Searching for "*vshare*"
No files found.

Searching for "*whitesmoke*"
No files found.

Searching for "*Yontoo*"
No files found.

========== folderfind ==========

Searching for "*AskToolbar*"
No folders found.

Searching for "*Ask.com*"
No folders found.

Searching for "*Babylon*"
No folders found.

Searching for "*Bandoo*"
No folders found.

Searching for "*Conduit*"
No folders found.

Searching for "*datamngr*"
No folders found.

Searching for "*searchab*"
No folders found.

Searching for "*smartbar*"
No folders found.

Searching for "*Fun4IM*"
No folders found.

Searching for "*Funmoods*"
No folders found.

Searching for "*iLivid*"
No folders found.

Searching for "*IObit*"
No folders found.

Searching for "*Iminent*"
No folders found.

Searching for "*MyWay*"
No folders found.

Searching for "*Searchqu*"
No folders found.

Searching for "*Searchnu*"
No folders found.

Searching for "*Tarma*"
No folders found.

Searching for "*trolltech*"
No folders found.

Searching for "*Vafmusic2*"
No folders found.

Searching for "*vshare*"
No folders found.

Searching for "*whitesmoke*"
No folders found.

Searching for "*Yontoo*"
No folders found.

========== Regfind ==========

Searching for "AskToolbar"
No data found.

Searching for "Ask.com"
[HKEY_USERS\.DEFAULT\Software\Microsoft\Internet Explorer\SearchScopes\{56256A51-B582-467e-B8D4-7786EDA79AE0}]
"DisplayName"="Ask.com"
[HKEY_USERS\.DEFAULT\Software\Microsoft\Internet Explorer\SearchScopes\{56256A51-B582-467e-B8D4-7786EDA79AE0}]
"URL"="http://www.mywebsearch.com/jsp/cfg_redir2.jsp?id=ZUxdm265YYGB&fl=0&ptb=.Yhl78JM.GGZbMKkPM3_YQ&ind=2008041805&url=http://www.uk.ask.com/web&q={searchTerms}&l=zu&o=sb"
[HKEY_USERS\.DEFAULT\Software\Microsoft\Internet Explorer\SearchScopes\{AFBCB7E0-F91A-4951-9F31-58FEE57A25C4}]
"URL"="http://www.ask.com/web?&o=101881&l=dis&q={SEARCHTERMS}"
[HKEY_USERS\S-1-5-19\Software\Microsoft\Internet Explorer\SearchScopes\{AFBCB7E0-F91A-4951-9F31-58FEE57A25C4}]
"URL"="http://www.ask.com/web?&o=101881&l=dis&q={SEARCHTERMS}"
[HKEY_USERS\S-1-5-20\Software\Microsoft\Internet Explorer\SearchScopes\{AFBCB7E0-F91A-4951-9F31-58FEE57A25C4}]
"URL"="http://www.ask.com/web?&o=101881&l=dis&q={SEARCHTERMS}"
[HKEY_USERS\S-1-5-18\Software\Microsoft\Internet Explorer\SearchScopes\{56256A51-B582-467e-B8D4-7786EDA79AE0}]
"DisplayName"="Ask.com"
[HKEY_USERS\S-1-5-18\Software\Microsoft\Internet Explorer\SearchScopes\{56256A51-B582-467e-B8D4-7786EDA79AE0}]
"URL"="http://www.mywebsearch.com/jsp/cfg_redir2.jsp?id=ZUxdm265YYGB&fl=0&ptb=.Yhl78JM.GGZbMKkPM3_YQ&ind=2008041805&url=http://www.uk.ask.com/web&q={searchTerms}&l=zu&o=sb"
[HKEY_USERS\S-1-5-18\Software\Microsoft\Internet Explorer\SearchScopes\{AFBCB7E0-F91A-4951-9F31-58FEE57A25C4}]
"URL"="http://www.ask.com/web?&o=101881&l=dis&q={SEARCHTERMS}"

Searching for "Babylon"
No data found.

Searching for "Bandoo"
No data found.

Searching for "Conduit"
No data found.

Searching for "datamngr"
No data found.

Searching for "searchab"
No data found.

Searching for "Fun4IM"
No data found.

Searching for "Funmoods"
No data found.

Searching for "iLivid"
No data found.

Searching for "IObit"
No data found.

Searching for "Iminent"
No data found.

Searching for "MyWay"
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Default_Page_URL"="http://www.dell.co.uk/myway"
[HKEY_CURRENT_USER\Software\MyWaySA]
[HKEY_CURRENT_USER\Software\MyWaySA\SearchAssistantDE]
"ABS"="http://mysearch.myway.com/jsp/cfg_redir2.jsp?id=DK&psa=DUOSxX5B7KWnezSORwQVLA&url=http://search.myway.com/search/barsearch.jhtml&st=kwd&ptnrS=DK&PG=SEASUSH&SEC=ABMANY&searchfor="
[HKEY_CURRENT_USER\Software\MyWaySA\SearchAssistantDE]
"DES"="http://mysearch.myway.com/jsp/cfg_redir2.jsp?id=DK&psa=DUOSxX5B7KWnezSORwQVLA&url=http://search.myway.com/search/barsearch.jhtml&st=dns&ptnrS=DK&PG=SEASUSH&SEC=DNS&searchfor="
[HKEY_USERS\.DEFAULT\Software\Microsoft\Internet Explorer\Main]
"Default_Page_URL"="http://www.dell.co.uk/myway"
[HKEY_USERS\.DEFAULT\Software\Microsoft\Internet Explorer\Main]
"Start Page"="http://www.dell.co.uk/myway"
[HKEY_USERS\.DEFAULT\Software\Microsoft\Internet Explorer\Main]
"First Home Page"="http://www.dell.co.uk/myway"
[HKEY_USERS\.DEFAULT\Software\Microsoft\Internet Explorer\Main]
"Search Bar"="http://mysearch.myway.com/jsp/dellsidebar.jsp?p=DK"
[HKEY_USERS\.DEFAULT\Software\MyWaySA]
[HKEY_USERS\S-1-5-21-3030998525-717131792-4089313889-1005\Software\Microsoft\Internet Explorer\Main]
"Default_Page_URL"="http://www.dell.co.uk/myway"
[HKEY_USERS\S-1-5-21-3030998525-717131792-4089313889-1005\Software\MyWaySA]
[HKEY_USERS\S-1-5-21-3030998525-717131792-4089313889-1005\Software\MyWaySA\SearchAssistantDE]
"ABS"="http://mysearch.myway.com/jsp/cfg_redir2.jsp?id=DK&psa=DUOSxX5B7KWnezSORwQVLA&url=http://search.myway.com/search/barsearch.jhtml&st=kwd&ptnrS=DK&PG=SEASUSH&SEC=ABMANY&searchfor="
[HKEY_USERS\S-1-5-21-3030998525-717131792-4089313889-1005\Software\MyWaySA\SearchAssistantDE]
"DES"="http://mysearch.myway.com/jsp/cfg_redir2.jsp?id=DK&psa=DUOSxX5B7KWnezSORwQVLA&url=http://search.myway.com/search/barsearch.jhtml&st=dns&ptnrS=DK&PG=SEASUSH&SEC=DNS&searchfor="
[HKEY_USERS\S-1-5-18\Software\Microsoft\Internet Explorer\Main]
"Default_Page_URL"="http://www.dell.co.uk/myway"
[HKEY_USERS\S-1-5-18\Software\Microsoft\Internet Explorer\Main]
"Start Page"="http://www.dell.co.uk/myway"
[HKEY_USERS\S-1-5-18\Software\Microsoft\Internet Explorer\Main]
"First Home Page"="http://www.dell.co.uk/myway"
[HKEY_USERS\S-1-5-18\Software\Microsoft\Internet Explorer\Main]
"Search Bar"="http://mysearch.myway.com/jsp/dellsidebar.jsp?p=DK"
[HKEY_USERS\S-1-5-18\Software\MyWaySA]

Searching for "Searchqu"
No data found.

Searching for "Searchnu"
No data found.

Searching for "smartbar"
No data found.

Searching for "Tarma"
No data found.

Searching for "trolltech"
No data found.

Searching for "Vafmusic2"
No data found.

Searching for "vshare"
No data found.

Searching for "whitesmoke"
No data found.

Searching for "Yontoo"
No data found.

-= EOF =-
L33AJD
Regular Member
 
Posts: 24
Joined: September 12th, 2013, 9:03 am

Re: Very Slow Internet Browsing. Continued

Unread postby L33AJD » September 17th, 2013, 4:06 pm

OTL.txt

OTL logfile created on: 17/09/2013 20:41:13 - Run 2
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Documents and Settings\The Brown's\Desktop
Windows XP Media Center Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000809 | Country: United Kingdom | Language: ENG | Date Format: dd/MM/yyyy

502.07 Mb Total Physical Memory | 355.34 Mb Available Physical Memory | 70.78% Memory free
1.42 Gb Paging File | 1.25 Gb Available in Paging File | 87.93% Paging File free
Paging file location(s): C:\pagefile.sys 756 1512 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 69.80 Gb Total Space | 35.46 Gb Free Space | 50.80% Space Free | Partition Type: NTFS

Computer Name: JARINA | User Name: The Brown's | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2013/09/16 16:25:21 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\The Brown's\Desktop\OTL.exe
PRC - [2008/04/14 01:12:19 | 001,033,728 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
PRC - [2006/05/02 17:50:08 | 000,675,840 | ---- | M] (Realtek Semiconductor Corp.) -- C:\Program Files\Micronet Wireless Network Utility\RtWLan.exe


========== Modules (No Company Name) ==========

MOD - [2013/01/02 07:49:10 | 001,292,288 | ---- | M] () -- C:\WINDOWS\system32\quartz.dll
MOD - [2011/10/14 18:38:00 | 000,456,192 | ---- | M] () -- C:\WINDOWS\system32\encdec.dll
MOD - [2011/03/17 01:11:16 | 004,297,568 | ---- | M] () -- C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Cultures\OFFICE.ODF
MOD - [2011/02/04 18:48:30 | 000,291,840 | ---- | M] () -- C:\WINDOWS\system32\sbe.dll
MOD - [2010/10/20 16:45:26 | 008,801,120 | ---- | M] () -- C:\Program Files\Microsoft Office\Office14\1033\GrooveIntlResource.dll
MOD - [2008/04/14 01:11:59 | 000,014,336 | ---- | M] () -- C:\WINDOWS\system32\msdmo.dll
MOD - [2008/04/14 01:11:51 | 000,059,904 | ---- | M] () -- C:\WINDOWS\system32\devenum.dll
MOD - [2005/11/21 17:37:42 | 000,131,072 | ---- | M] () -- C:\Program Files\Micronet Wireless Network Utility\EnumDevLib.dll
MOD - [2005/09/22 19:19:54 | 000,040,960 | ---- | M] () -- C:\WINDOWS\system32\hcwXDS.dll
MOD - [2005/08/05 15:01:54 | 000,167,936 | ---- | M] () -- C:\WINDOWS\system32\wstpager.ax
MOD - [2005/08/05 15:01:54 | 000,159,744 | ---- | M] () -- C:\WINDOWS\system32\VBICodec.ax
MOD - [2005/08/05 14:06:50 | 000,165,376 | ---- | M] () -- C:\WINDOWS\system32\mpg2splt.ax
MOD - [2005/07/20 05:53:04 | 000,966,765 | ---- | M] () -- C:\Program Files\Micronet Wireless Network Utility\acAuth.dll


========== Services (SafeList) ==========

SRV - File not found [Disabled | Stopped] -- %SystemRoot%\System32\hidserv.dll -- (HidServ)
SRV - [2013/04/19 15:14:16 | 000,161,384 | R--- | M] (Skype Technologies) [Auto | Stopped] -- C:\Program Files\Skype\Updater\Updater.exe -- (SkypeUpdate)
SRV - [2013/04/04 14:50:32 | 000,701,512 | ---- | M] (Malwarebytes Corporation) [Auto | Stopped] -- C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe -- (MBAMService)
SRV - [2013/04/04 14:50:32 | 000,418,376 | ---- | M] (Malwarebytes Corporation) [Auto | Stopped] -- C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe -- (MBAMScheduler)
SRV - [2012/09/20 14:28:48 | 030,785,672 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Microsoft Office\Office14\GROOVE.EXE -- (Microsoft SharePoint Workspace Audit Service)
SRV - [2006/01/17 16:08:03 | 000,069,632 | ---- | M] (Creative Labs) [On_Demand | Stopped] -- C:\Program Files\Common Files\Creative Labs Shared\Service\CreativeLicensing.exe -- (Creative Labs Licensing Service)


========== Driver Services (SafeList) ==========

DRV - File not found [Kernel | On_Demand | Stopped] -- -- (WDICA)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\wanatw4.sys -- (wanatw)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDRFRAME)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDRELI)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDFRAME)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDCOMP)
DRV - File not found [Kernel | System | Stopped] -- -- (PCIDump)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\PROGRA~1\COMMON~1\Motive\MRESP50.SYS -- (MRESP50)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\PROGRA~1\COMMON~1\Motive\MRENDIS5.SYS -- (MRENDIS5)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\PROGRA~1\COMMON~1\Motive\MREMPR5.SYS -- (MREMPR5)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\PROGRA~1\COMMON~1\Motive\MREMP50.SYS -- (MREMP50)
DRV - File not found [Kernel | System | Stopped] -- -- (lbrtfdc)
DRV - File not found [Kernel | System | Stopped] -- -- (Changer)
DRV - [2013/04/04 14:50:32 | 000,022,856 | ---- | M] (Malwarebytes Corporation) [File_System | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\mbam.sys -- (MBAMProtector)
DRV - [2005/09/22 19:19:54 | 000,148,608 | ---- | M] (Hauppauge Computer Works, Inc.) [23|25|26]xxx) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\hcwPP2.sys -- (hcwPP2)
DRV - [2005/06/06 22:40:48 | 000,180,736 | ---- | M] (SigmaTel, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\sthda.sys -- (STHDA)
DRV - [2005/05/25 23:34:00 | 000,158,464 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\CTUSFSYN.SYS -- (CTUSFSYN)
DRV - [2005/03/25 17:11:00 | 001,350,272 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\sigfilt.sys -- (sigfilt)
DRV - [2005/01/11 01:15:00 | 000,138,752 | ---- | M] (Creative Technology Ltd) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\CTSFM2K.SYS -- (ctsfm2k)
DRV - [2005/01/11 01:15:00 | 000,106,496 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\CTOSS2K.SYS -- (ossrv)
DRV - [2004/12/23 02:58:00 | 000,008,704 | ---- | M] (Creative Technology Ltd.) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\PFModNT.sys -- (PfModNT)
DRV - [2002/10/02 10:57:12 | 000,013,532 | ---- | M] (Windows (R) 2000 DDK provider) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\SjyPkt.sys -- (SjyPkt)
DRV - [2001/08/27 14:29:26 | 000,050,528 | ---- | M] (SCM Microsystems Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\EUSBMSD.SYS -- (EUSBMSD)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,CustomSearch = http://uk.red.clientapps.yahoo.com/cust ... _side.html
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL = http://www.google.com/ie
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.google.com/ie
IE - HKLM\..\SearchScopes,DefaultScope = {6A1806CD-94D4-4689-BA73-E35EA1EA9990}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search
IE - HKLM\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7


IE - HKU\.DEFAULT\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.dell.co.uk/myway
IE - HKU\.DEFAULT\SOFTWARE\Microsoft\Internet Explorer\Main,First Home Page = http://www.dell.co.uk/myway
IE - HKU\.DEFAULT\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = http://mysearch.myway.com/jsp/dellsidebar.jsp?p=DK
IE - HKU\.DEFAULT\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.dell.co.uk/myway
IE - HKU\.DEFAULT\..\URLSearchHook: {00A6FAF6-072E-44cf-8957-5838F569A31D} - SOFTWARE\Classes\CLSID\{00A6FAF6-072E-44cf-8957-5838F569A31D}\InprocServer32 File not found
IE - HKU\.DEFAULT\..\URLSearchHook: {4D25F926-B9FE-4682-BF72-8AB8210D6D75} - No CLSID value found
IE - HKU\.DEFAULT\..\SearchScopes,DefaultScope = {6A1806CD-94D4-4689-BA73-E35EA1EA9990}
IE - HKU\.DEFAULT\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://search.live.com/results.aspx?q={searchTerms}&src={referrer:source?}
IE - HKU\.DEFAULT\..\SearchScopes\{56256A51-B582-467e-B8D4-7786EDA79AE0}: "URL" = http://www.mywebsearch.com/jsp/cfg_redi ... com/web&q={searchTerms}&l=zu&o=sb
IE - HKU\.DEFAULT\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7
IE - HKU\.DEFAULT\..\SearchScopes\{AFBCB7E0-F91A-4951-9F31-58FEE57A25C4}: "URL" = http://www.ask.com/web?&o=101881&l=dis&q={SEARCHTERMS}
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-18\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.dell.co.uk/myway
IE - HKU\S-1-5-18\SOFTWARE\Microsoft\Internet Explorer\Main,First Home Page = http://www.dell.co.uk/myway
IE - HKU\S-1-5-18\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = http://mysearch.myway.com/jsp/dellsidebar.jsp?p=DK
IE - HKU\S-1-5-18\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.dell.co.uk/myway
IE - HKU\S-1-5-18\..\URLSearchHook: {00A6FAF6-072E-44cf-8957-5838F569A31D} - SOFTWARE\Classes\CLSID\{00A6FAF6-072E-44cf-8957-5838F569A31D}\InprocServer32 File not found
IE - HKU\S-1-5-18\..\URLSearchHook: {4D25F926-B9FE-4682-BF72-8AB8210D6D75} - No CLSID value found
IE - HKU\S-1-5-18\..\SearchScopes,DefaultScope = {6A1806CD-94D4-4689-BA73-E35EA1EA9990}
IE - HKU\S-1-5-18\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://search.live.com/results.aspx?q={searchTerms}&src={referrer:source?}
IE - HKU\S-1-5-18\..\SearchScopes\{56256A51-B582-467e-B8D4-7786EDA79AE0}: "URL" = http://www.mywebsearch.com/jsp/cfg_redi ... com/web&q={searchTerms}&l=zu&o=sb
IE - HKU\S-1-5-18\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7
IE - HKU\S-1-5-18\..\SearchScopes\{AFBCB7E0-F91A-4951-9F31-58FEE57A25C4}: "URL" = http://www.ask.com/web?&o=101881&l=dis&q={SEARCHTERMS}
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-19\..\SearchScopes\{AFBCB7E0-F91A-4951-9F31-58FEE57A25C4}: "URL" = http://www.ask.com/web?&o=101881&l=dis&q={SEARCHTERMS}

IE - HKU\S-1-5-20\..\SearchScopes\{AFBCB7E0-F91A-4951-9F31-58FEE57A25C4}: "URL" = http://www.ask.com/web?&o=101881&l=dis&q={SEARCHTERMS}

IE - HKU\S-1-5-21-3030998525-717131792-4089313889-1005\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.dell.co.uk/myway
IE - HKU\S-1-5-21-3030998525-717131792-4089313889-1005\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.google.com
IE - HKU\S-1-5-21-3030998525-717131792-4089313889-1005\SOFTWARE\Microsoft\Internet Explorer\Main,SearchMigratedDefaultName = Google
IE - HKU\S-1-5-21-3030998525-717131792-4089313889-1005\SOFTWARE\Microsoft\Internet Explorer\Main,SearchMigratedDefaultURL = http://www.google.com/search?q={searchTerms}&sourceid=ie7&rls=com.microsoft:en-US&ie=utf8&oe=utf8
IE - HKU\S-1-5-21-3030998525-717131792-4089313889-1005\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.co.uk/
IE - HKU\S-1-5-21-3030998525-717131792-4089313889-1005\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.google.com/ie
IE - HKU\S-1-5-21-3030998525-717131792-4089313889-1005\..\URLSearchHook: {00A6FAF6-072E-44cf-8957-5838F569A31D} - SOFTWARE\Classes\CLSID\{00A6FAF6-072E-44cf-8957-5838F569A31D}\InprocServer32 File not found
IE - HKU\S-1-5-21-3030998525-717131792-4089313889-1005\..\URLSearchHook: {EF99BD32-C1FB-11D2-892F-0090271D4F88} - No CLSID value found
IE - HKU\S-1-5-21-3030998525-717131792-4089313889-1005\..\SearchScopes,DefaultScope = {20692B1C-679A-41A9-A532-F8EC16CF29E9}
IE - HKU\S-1-5-21-3030998525-717131792-4089313889-1005\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC
IE - HKU\S-1-5-21-3030998525-717131792-4089313889-1005\..\SearchScopes\{20692B1C-679A-41A9-A532-F8EC16CF29E9}: "URL" = http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7&rlz=1I7ADBF_en-GBGB258
IE - HKU\S-1-5-21-3030998525-717131792-4089313889-1005\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7
IE - HKU\S-1-5-21-3030998525-717131792-4089313889-1005\..\SearchScopes\{DECA3892-BA8F-44b8-A993-A466AD694AE4}: "URL" = http://uk.search.yahoo.com/search?fr=mcafee&p={searchTerms}
IE - HKU\S-1-5-21-3030998525-717131792-4089313889-1005\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

========== FireFox ==========

FF - prefs.js..browser.search.selectedEngine: "Google"
FF - user.js - File not found

FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\WINDOWS\system32\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~1\MICROS~3\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~1\MICROS~3\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.21.153\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.21.153\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@viewpoint.com/VMP: C:\Program Files\Viewpoint\Viewpoint Experience Technology\npViewpoint.dll File not found


[2009/12/11 20:11:49 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\The Brown's\Application Data\Mozilla\Firefox\Profiles\odsc3zt1.default\extensions
[2008/03/04 10:41:59 | 000,000,000 | ---D | M] (Firefox (default)) -- C:\Documents and Settings\The Brown's\Application Data\Mozilla\Firefox\Profiles\odsc3zt1.default\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
[2009/12/11 20:11:49 | 000,000,000 | ---D | M] (Microsoft Choice Guard) -- C:\Documents and Settings\The Brown's\Application Data\Mozilla\Firefox\Profiles\odsc3zt1.default\extensions\ChoiceGuard@Microsoft
[2013/08/07 09:47:45 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions
[2010/05/28 22:05:25 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}
[2010/05/28 22:04:40 | 000,411,368 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\mozilla firefox\plugins\npdeployJava1.dll
[2008/04/18 10:25:52 | 000,024,673 | ---- | M] (MyWebSearch.com) -- C:\Program Files\mozilla firefox\plugins\NPMyWebS.dll

========== Chrome ==========

CHR - default_search_provider: Google (Enabled)
CHR - default_search_provider: search_url = {google:baseURL}search?q={searchTerms}&{google:RLZ}{google:originalQueryForSuggestion}{google:assistedQueryStats}{google:searchFieldtrialParameter}{google:searchClient}{google:sourceId}{google:instantExtendedEnabledParameter}{google:omniboxStartMarginParameter}ie={inputEncoding}
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client={google:suggestClient}&q={searchTerms}&{google:cursorPosition}{google:zeroPrefixUrl}sugkey={google:suggestAPIKeyParameter}
CHR - homepage: http://www.google.co.uk/
CHR - plugin: Shockwave Flash (Enabled) = C:\Program Files\Google\Chrome\Application\29.0.1547.66\PepperFlash\pepflashplayer.dll
CHR - plugin: Chrome Remote Desktop Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Program Files\Google\Chrome\Application\29.0.1547.66\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Program Files\Google\Chrome\Application\29.0.1547.66\pdf.dll
CHR - plugin: Adobe Acrobat (Enabled) = C:\Program Files\Adobe\Acrobat 6.0\Reader\Browser\nppdf32.dll
CHR - plugin: Java Deployment Toolkit 6.0.200.2 (Enabled) = C:\Program Files\Java\jre6\bin\new_plugin\npdeployJava1.dll
CHR - plugin: Java(TM) Platform SE 6 U20 (Enabled) = C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll
CHR - plugin: Shockwave for Director (Enabled) = C:\Program Files\Mozilla Firefox\plugins\np32dsw.dll
CHR - plugin: My Web Search Plugin Stub (Enabled) = C:\Program Files\Mozilla Firefox\plugins\NPMyWebS.dll
CHR - plugin: RealPlayer(tm) G2 LiveConnect-Enabled Plug-In (32-bit) (Enabled) = C:\Program Files\Mozilla Firefox\plugins\nppl3260.dll
CHR - plugin: QuickTime Plug-in 7.7.3 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin.dll
CHR - plugin: QuickTime Plug-in 7.7.3 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin2.dll
CHR - plugin: QuickTime Plug-in 7.7.3 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin3.dll
CHR - plugin: QuickTime Plug-in 7.7.3 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin4.dll
CHR - plugin: QuickTime Plug-in 7.7.3 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin5.dll
CHR - plugin: QuickTime Plug-in 7.7.3 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin6.dll
CHR - plugin: QuickTime Plug-in 7.7.3 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin7.dll
CHR - plugin: RealJukebox NS Plugin (Enabled) = C:\Program Files\Mozilla Firefox\plugins\nprjplug.dll
CHR - plugin: RealPlayer Download Plugin (Enabled) = C:\Program Files\Mozilla Firefox\plugins\nprpplugin.dll
CHR - plugin: RealNetworks(tm) Chrome Background Extension Plug-In (32-bit) (Enabled) = C:\Documents and Settings\All Users\Application Data\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprpchromebrowserrecordext.dll
CHR - plugin: RealPlayer(tm) HTML5VideoShim Plug-In (32-bit) (Enabled) = C:\Documents and Settings\All Users\Application Data\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll
CHR - plugin: Microsoft Office 2010 (Enabled) = C:\PROGRA~1\MICROS~3\Office14\NPAUTHZ.DLL
CHR - plugin: Microsoft Office 2010 (Enabled) = C:\PROGRA~1\MICROS~3\Office14\NPSPWRAP.DLL
CHR - plugin: Google Update (Enabled) = C:\Program Files\Google\Update\1.3.21.153\npGoogleUpdate3.dll
CHR - plugin: MetaStream 3 Plugin (Enabled) = C:\Program Files\Viewpoint\Viewpoint Experience Technology\npViewpoint.dll
CHR - plugin: Windows Presentation Foundation (Enabled) = c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll
CHR - Extension: Google Docs = C:\Documents and Settings\The Brown's\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.5_0\
CHR - Extension: Google Drive = C:\Documents and Settings\The Brown's\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.3_0\
CHR - Extension: YouTube = C:\Documents and Settings\The Brown's\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.6_0\
CHR - Extension: AdBlock = C:\Documents and Settings\The Brown's\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.6.6_0\
CHR - Extension: Skype Click to Call = C:\Documents and Settings\The Brown's\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl\5.6.0.8442_0\
CHR - Extension: Chrome In-App Payments service = C:\Documents and Settings\The Brown's\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.4.10_0\
CHR - Extension: Gmail = C:\Documents and Settings\The Brown's\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\

O1 HOSTS File: ([2004/08/10 06:00:00 | 000,000,734 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - No CLSID value found.
O2 - BHO: (Groove GFS Browser Helper) - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
O2 - BHO: (Skype Browser Helper) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O2 - BHO: (Office Document Cache Handler) - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
O3 - HKLM\..\Toolbar: (My Web Search) - {07B18EA9-A523-4961-B6BB-170DE4475CCA} - C:\Program Files\MyWebSearch\bar\1.bin\MWSBAR.DLL File not found
O3 - HKU\.DEFAULT\..\Toolbar\WebBrowser: (no name) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No CLSID value found.
O3 - HKU\S-1-5-18\..\Toolbar\WebBrowser: (no name) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No CLSID value found.
O3 - HKU\S-1-5-21-3030998525-717131792-4089313889-1005\..\Toolbar\WebBrowser: (My Web Search) - {07B18EA9-A523-4961-B6BB-170DE4475CCA} - C:\Program Files\MyWebSearch\bar\1.bin\MWSBAR.DLL File not found
O4 - HKU\S-1-5-21-3030998525-717131792-4089313889-1005..\RunOnce: [Shockwave Updater] C:\WINDOWS\system32\Adobe\SHOCKW~1\SWHELP~1.EXE -Update -1103472 -"Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 5.1; FunWebProducts; GTB6.6; .NET CLR 1.0.3705; .NET CLR 1.1.4322; Media Center PC 4.0; .NET CLR 2.0.50727; InfoPath.1; .NET CLR 3.0.4506.2152; .NET CLR 3.5.30729)" -"http://www.nationalexpress.com/home.aspx" File not found
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Micronet Wireless Network Utility.lnk = C:\Program Files\Micronet Wireless Network Utility\RtWLan.exe (Realtek Semiconductor Corp.)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: InstallVisualStyle = C:\WINDOWS\Resources\Themes\Royale\Royale.msstyles (Microsoft)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: InstallTheme = C:\WINDOWS\Resources\Themes\Royale.theme ()
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-21-3030998525-717131792-4089313889-1005\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O8 - Extra context menu item: E&xport to Microsoft Excel - C:\Program Files\Microsoft Office\Office14\EXCEL.EXE (Microsoft Corporation)
O8 - Extra context menu item: Se&nd to OneNote - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra Button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : Se&nd to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra Button: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll (Microsoft Corporation)
O9 - Extra Button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra 'Tools' menuitem : Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} http://download.microsoft.com/download/ ... ontrol.cab (Windows Genuine Advantage Validation Tool)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.0.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{4A640915-2EFE-4B3D-8D88-0A2581296DA0}: DhcpNameServer = 192.168.0.1
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\WINDOWS\system32\userinit.exe) - C:\WINDOWS\system32\userinit.exe (Microsoft Corporation)
O24 - Desktop WallPaper: C:\WINDOWS\Web\Wallpaper\Bliss.bmp
O24 - Desktop BackupWallPaper: C:\WINDOWS\Web\Wallpaper\Bliss.bmp
O28 - HKLM ShellExecuteHooks: {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2005/08/16 05:43:04 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O33 - MountPoints2\{361ac05d-0e0d-11da-9aa9-806d6172696f}\Shell - "" = AutoRun
O33 - MountPoints2\{361ac05d-0e0d-11da-9aa9-806d6172696f}\Shell\AutoRun - "" = Auto&Play
O33 - MountPoints2\{361ac05d-0e0d-11da-9aa9-806d6172696f}\Shell\AutoRun\command - "" = E:\setup.exe
O33 - MountPoints2\{98ae1aac-f2eb-11df-9072-001320cfde2d}\Shell\Setup\command - "" = C:\WINDOWS\System32\setup.exe -- [2008/04/14 01:12:34 | 000,023,040 | ---- | M] (Microsoft Corporation)
O33 - MountPoints2\{c199c245-c73f-11dc-85d8-00038a000015}\Shell\AutoRun\command - "" = F:\setupSNK.exe
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)

========== Files/Folders - Created Within 30 Days ==========

[2013/09/17 19:17:39 | 000,000,000 | ---D | C] -- C:\WINDOWS\ERUNT
[2013/09/17 19:13:19 | 001,029,675 | ---- | C] (Thisisu) -- C:\Documents and Settings\The Brown's\Desktop\JRT.exe
[2013/09/16 16:25:18 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\The Brown's\Desktop\OTL.exe
[2013/09/12 17:59:54 | 000,000,000 | ---D | C] -- C:\Documents and Settings\The Brown's\Desktop\Malware Stuff
[2013/09/12 17:58:09 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Office Genuine Advantage
[2013/09/12 17:58:00 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Windows Genuine Advantage
[2013/09/12 12:14:06 | 000,000,000 | ---D | C] -- C:\Documents and Settings\The Brown's\Application Data\Malwarebytes
[2013/09/12 12:13:55 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Malwarebytes' Anti-Malware
[2013/09/12 12:13:54 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Malwarebytes
[2013/09/12 12:13:53 | 000,022,856 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbam.sys
[2013/09/12 12:13:53 | 000,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware
[2013/09/03 18:12:47 | 000,000,000 | ---D | C] -- C:\Documents and Settings\The Brown's\Desktop\George's Stuff
[12 C:\Documents and Settings\All Users\*.tmp files -> C:\Documents and Settings\All Users\*.tmp -> ]
[1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
[1 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2013/09/17 20:28:02 | 000,000,896 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
[2013/09/17 19:41:08 | 000,139,264 | ---- | M] () -- C:\Documents and Settings\The Brown's\Desktop\SystemLook.exe
[2013/09/17 19:13:29 | 001,029,675 | ---- | M] (Thisisu) -- C:\Documents and Settings\The Brown's\Desktop\JRT.exe
[2013/09/17 19:10:06 | 000,000,892 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
[2013/09/17 19:10:05 | 000,000,290 | ---- | M] () -- C:\WINDOWS\tasks\RealUpgradeLogonTaskS-1-5-21-3030998525-717131792-4089313889-1005.job
[2013/09/17 19:09:53 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2013/09/17 19:09:52 | 526,536,704 | -HS- | M] () -- C:\hiberfil.sys
[2013/09/16 17:20:29 | 000,002,501 | ---- | M] () -- C:\Documents and Settings\The Brown's\Desktop\Microsoft Word 2010.lnk
[2013/09/16 16:25:21 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\The Brown's\Desktop\OTL.exe
[2013/09/16 15:39:21 | 000,002,206 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2013/09/16 10:54:34 | 000,000,284 | ---- | M] () -- C:\WINDOWS\tasks\AppleSoftwareUpdate.job
[2013/09/11 09:29:04 | 000,000,298 | ---- | M] () -- C:\WINDOWS\tasks\RealUpgradeScheduledTaskS-1-5-21-3030998525-717131792-4089313889-1005.job
[2013/09/05 20:59:09 | 000,516,358 | ---- | M] () -- C:\Documents and Settings\The Brown's\Desktop\Help to Buy at a glance[1].pdf
[2013/09/04 00:35:38 | 000,001,813 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Google Chrome.lnk
[2013/08/24 12:08:47 | 000,002,265 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Skype.lnk
[2013/08/20 14:13:45 | 000,001,831 | ---- | M] () -- C:\Documents and Settings\The Brown's\Application Data\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk
[12 C:\Documents and Settings\All Users\*.tmp files -> C:\Documents and Settings\All Users\*.tmp -> ]
[1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
[1 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]

========== Files Created - No Company Name ==========

[2013/09/17 19:41:07 | 000,139,264 | ---- | C] () -- C:\Documents and Settings\The Brown's\Desktop\SystemLook.exe
[2013/09/05 20:59:09 | 000,516,358 | ---- | C] () -- C:\Documents and Settings\The Brown's\Desktop\Help to Buy at a glance[1].pdf
[2013/08/08 00:45:02 | 000,001,940 | ---- | C] () -- C:\Documents and Settings\The Brown's\Local Settings\Application Data\{96C87F53-AC72-4604-A9CC-186A49F17F3C}.ini
[2013/08/07 10:42:49 | 000,001,940 | ---- | C] () -- C:\Documents and Settings\LocalService\Local Settings\Application Data\{96C87F53-AC72-4604-A9CC-186A49F17F3C}.ini
[2013/03/31 13:13:25 | 000,000,000 | ---- | C] () -- C:\WINDOWS\PROTOCOL.INI
[2012/12/08 18:15:52 | 000,000,029 | ---- | C] () -- C:\WINDOWS\DEBUGSM.INI
[2012/02/15 08:56:27 | 000,003,072 | ---- | C] () -- C:\WINDOWS\System32\iacenc.dll
[2011/02/28 12:36:23 | 000,103,784 | ---- | C] () -- C:\Documents and Settings\The Brown's\GoToAssistDownloadHelper.exe
[2009/04/12 20:09:15 | 000,006,144 | ---- | C] () -- C:\Documents and Settings\The Brown's\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2009/03/11 20:25:59 | 000,000,034 | ---- | C] () -- C:\Documents and Settings\The Brown's\jagex_runescape_preferences.dat
[2008/06/07 15:43:35 | 000,004,740 | ---- | C] () -- C:\Documents and Settings\All Users\lxdj
[2008/01/20 11:13:15 | 000,000,134 | ---- | C] () -- C:\Documents and Settings\The Brown's\Local Settings\Application Data\fusioncache.dat

========== ZeroAccess Check ==========

[2005/08/16 05:39:16 | 000,000,227 | RHS- | M] () -- C:\WINDOWS\assembly\Desktop.ini

[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]

[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shdocvw.dll -- [2008/04/14 01:12:05 | 001,499,136 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = C:\WINDOWS\system32\wbem\fastprox.dll -- [2009/02/09 13:10:48 | 000,473,600 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
"" = C:\WINDOWS\system32\wbem\wbemess.dll -- [2008/04/14 01:12:08 | 000,273,920 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both

< End of report >
L33AJD
Regular Member
 
Posts: 24
Joined: September 12th, 2013, 9:03 am

Re: Very Slow Internet Browsing. Continued

Unread postby L33AJD » September 17th, 2013, 4:07 pm

There doesn't appear to be any change in my PC as yet.
L33AJD
Regular Member
 
Posts: 24
Joined: September 12th, 2013, 9:03 am

Re: Very Slow Internet Browsing. Continued

Unread postby pgmigg » September 18th, 2013, 12:41 am

Hello L33AJD,

There doesn't appear to be any change in my PC as yet.
It is OK for now - we just started the treatment. Let continue...

Step 1.
OTL - Run Fix Script
You should still have OTL.exe on your desktop.
Important! Close all applications and windows so that you have nothing open and are at your Desktop.
  1. Double click on OTL.exe to run it.
  2. Underneath Output at the top, make sure Standard Output is selected.
  3. Copy and Paste the following code into the Image text box. Do not include the word Code
    Code: Select all
    :Commands
    [CREATERESTOREPOINT]
    
    :OTL
    IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,CustomSearch = http://uk.red.clientapps.yahoo.com/cust ... _side.html
    IE - HKLM\..\SearchScopes,DefaultScope = {6A1806CD-94D4-4689-BA73-E35EA1EA9990}
    IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search 
    IE - HKU\.DEFAULT\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.dell.co.uk/myway
    IE - HKU\.DEFAULT\SOFTWARE\Microsoft\Internet Explorer\Main,First Home Page = http://www.dell.co.uk/myway
    IE - HKU\.DEFAULT\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = http://mysearch.myway.com/jsp/dellsidebar.jsp?p=DK
    IE - HKU\.DEFAULT\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.dell.co.uk/myway 
    IE - HKU\.DEFAULT\..\URLSearchHook: {00A6FAF6-072E-44cf-8957-5838F569A31D} - SOFTWARE\Classes\CLSID\{00A6FAF6-072E-44cf-8957-5838F569A31D}\InprocServer32 File not found
    IE - HKU\.DEFAULT\..\URLSearchHook: {4D25F926-B9FE-4682-BF72-8AB8210D6D75} - No CLSID value found
    IE - HKU\.DEFAULT\..\SearchScopes,DefaultScope = {6A1806CD-94D4-4689-BA73-E35EA1EA9990}
    IE - HKU\.DEFAULT\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://search.live.com/results.aspx?q= {searchTerms}&src={referrer:source?}
    IE - HKU\.DEFAULT\..\SearchScopes\{56256A51-B582-467e-B8D4-7786EDA79AE0}: "URL" = http://www.mywebsearch.com/jsp/cfg_redi ... com/web&q= {searchTerms}&l=zu&o=sb
    IE - HKU\.DEFAULT\..\SearchScopes\{AFBCB7E0-F91A-4951-9F31-58FEE57A25C4}: "URL" = http://www.ask.com/web?&o=101881&am ... dis&q= {SEARCHTERMS}
    IE - HKU\S-1-5-18\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.dell.co.uk/myway
    IE - HKU\S-1-5-18\SOFTWARE\Microsoft\Internet Explorer\Main,First Home Page = http://www.dell.co.uk/myway
    IE - HKU\S-1-5-18\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = http://mysearch.myway.com/jsp/dellsidebar.jsp?p=DK
    IE - HKU\S-1-5-18\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.dell.co.uk/myway
    IE - HKU\S-1-5-18\..\URLSearchHook: {00A6FAF6-072E-44cf-8957-5838F569A31D} - SOFTWARE\Classes\CLSID\{00A6FAF6-072E-44cf-8957-5838F569A31D}\InprocServer32 File not found
    IE - HKU\S-1-5-18\..\URLSearchHook: {4D25F926-B9FE-4682-BF72-8AB8210D6D75} - No CLSID value found
    IE - HKU\S-1-5-18\..\SearchScopes,DefaultScope = {6A1806CD-94D4-4689-BA73-E35EA1EA9990}
    IE - HKU\S-1-5-18\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://search.live.com/results.aspx?q= {searchTerms}&src={referrer:source?}
    IE - HKU\S-1-5-18\..\SearchScopes\{56256A51-B582-467e-B8D4-7786EDA79AE0}: "URL" = http://www.mywebsearch.com/jsp/cfg_redi ... com/web&q= {searchTerms}&l=zu&o=sb
    IE - HKU\S-1-5-18\..\SearchScopes\{AFBCB7E0-F91A-4951-9F31-58FEE57A25C4}: "URL" = http://www.ask.com/web?&o=101881&am ... dis&q= {SEARCHTERMS}
    IE - HKU\S-1-5-19\..\SearchScopes\{AFBCB7E0-F91A-4951-9F31-58FEE57A25C4}: "URL" = http://www.ask.com/web?&o=101881&am ... dis&q= {SEARCHTERMS}
    IE - HKU\S-1-5-20\..\SearchScopes\{AFBCB7E0-F91A-4951-9F31-58FEE57A25C4}: "URL" = http://www.ask.com/web?&o=101881&am ... dis&q= {SEARCHTERMS}
    IE - HKU\S-1-5-21-3030998525-717131792-4089313889-1005\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.dell.co.uk/myway 
    IE - HKU\S-1-5-21-3030998525-717131792-4089313889-1005\..\URLSearchHook: {00A6FAF6-072E-44cf-8957-5838F569A31D} - SOFTWARE\Classes\CLSID\{00A6FAF6-072E-44cf-8957-5838F569A31D}\InprocServer32 File not found
    IE - HKU\S-1-5-21-3030998525-717131792-4089313889-1005\..\URLSearchHook: {EF99BD32-C1FB-11D2-892F-0090271D4F88} - No CLSID value found
    IE - HKU\S-1-5-21-3030998525-717131792-4089313889-1005\..\SearchScopes,DefaultScope = {20692B1C-679A-41A9-A532-F8EC16CF29E9}
    IE - HKU\S-1-5-21-3030998525-717131792-4089313889-1005\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q= {searchTerms}&src=IE-SearchBox&FORM=IE8SRC
    IE - HKU\S-1-5-21-3030998525-717131792-4089313889-1005\..\SearchScopes\{DECA3892-BA8F-44b8-A993-A466AD694AE4}: "URL" = http://uk.search.yahoo.com/search?fr=mcafee&p= {searchTerms}
    CHR - plugin: My Web Search Plugin Stub (Enabled) = C:\Program Files\Mozilla Firefox\plugins\NPMyWebS.dll
    O3 - HKLM\..\Toolbar: (My Web Search) - {07B18EA9-A523-4961-B6BB-170DE4475CCA} - C:\Program Files\MyWebSearch\bar\1.bin\MWSBAR.DLL File not found
    O3 - HKU\.DEFAULT\..\Toolbar\WebBrowser: (no name) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No CLSID value found.
    O3 - HKU\S-1-5-18\..\Toolbar\WebBrowser: (no name) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No CLSID value found.
    O3 - HKU\S-1-5-21-3030998525-717131792-4089313889-1005\..\Toolbar\WebBrowser: (My Web Search) - {07B18EA9-A523-4961-B6BB-170DE4475CCA} - C:\Program Files\MyWebSearch\bar\1.bin\MWSBAR.DLL File not found
    
    :Files
    C:\Documents and Settings\All Users\*.tmp
    C:\WINDOWS\System32\*.tmp
    C:\WINDOWS\*.tmp
    C:\Documents and Settings\The Brown's\Local Settings\Temp\jrt\datamngr_del.reg
    ipconfig /flushdns /c
    
    :Reg
    [HKEY_USERS\.DEFAULT\Software\Microsoft\Internet Explorer\SearchScopes\{56256A51-B582-467e-B8D4-7786EDA79AE0}]
    "DisplayName"=-
    [HKEY_USERS\.DEFAULT\Software\Microsoft\Internet Explorer\SearchScopes\{56256A51-B582-467e-B8D4-7786EDA79AE0}]
    "URL"=-
    [HKEY_USERS\.DEFAULT\Software\Microsoft\Internet Explorer\SearchScopes\{AFBCB7E0-F91A-4951-9F31-58FEE57A25C4}]
    "URL"=-
    [HKEY_USERS\S-1-5-19\Software\Microsoft\Internet Explorer\SearchScopes\{AFBCB7E0-F91A-4951-9F31-58FEE57A25C4}]
    "URL"=-
    [HKEY_USERS\S-1-5-20\Software\Microsoft\Internet Explorer\SearchScopes\{AFBCB7E0-F91A-4951-9F31-58FEE57A25C4}]
    "URL"=-
    [HKEY_USERS\S-1-5-18\Software\Microsoft\Internet Explorer\SearchScopes\{56256A51-B582-467e-B8D4-7786EDA79AE0}]
    "DisplayName"=-
    [HKEY_USERS\S-1-5-18\Software\Microsoft\Internet Explorer\SearchScopes\{56256A51-B582-467e-B8D4-7786EDA79AE0}]
    "URL"=-
    [HKEY_USERS\S-1-5-18\Software\Microsoft\Internet Explorer\SearchScopes\{AFBCB7E0-F91A-4951-9F31-58FEE57A25C4}]
    "URL"=-
    [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
    "Default_Page_URL"=-
    [-HKEY_CURRENT_USER\Software\MyWaySA]
    [HKEY_USERS\.DEFAULT\Software\Microsoft\Internet Explorer\Main]
    "Default_Page_URL"=-
    [HKEY_USERS\.DEFAULT\Software\Microsoft\Internet Explorer\Main]
    "Start Page"=-
    [HKEY_USERS\.DEFAULT\Software\Microsoft\Internet Explorer\Main]
    "First Home Page"=-
    [HKEY_USERS\.DEFAULT\Software\Microsoft\Internet Explorer\Main]
    "Search Bar"=-
    [-HKEY_USERS\.DEFAULT\Software\MyWaySA]
    [HKEY_USERS\S-1-5-21-3030998525-717131792-4089313889-1005\Software\Microsoft\Internet Explorer\Main]
    "Default_Page_URL"=-
    [-HKEY_USERS\S-1-5-21-3030998525-717131792-4089313889-1005\Software\MyWaySA]
    [HKEY_USERS\S-1-5-18\Software\Microsoft\Internet Explorer\Main]
    "Default_Page_URL"=-
    [HKEY_USERS\S-1-5-18\Software\Microsoft\Internet Explorer\Main]
    "Start Page"=-
    [HKEY_USERS\S-1-5-18\Software\Microsoft\Internet Explorer\Main]
    "First Home Page"=-
    [HKEY_USERS\S-1-5-18\Software\Microsoft\Internet Explorer\Main]
    "Search Bar"=-
    [-HKEY_USERS\S-1-5-18\Software\MyWaySA]
    
    :Commands
    [emptytemp]
    [emptyjava]
    [emptyflash]
    
  4. Click under the Custom Scan/Fixes box and paste the copied text.
  5. Click the Run Fix button. If prompted... click OK. It may take a while - please be patient...
  6. OTL may ask to reboot the machine. Please do so if asked.
  7. When the scan completes, Notepad will open with the scan results (OTL.txt). The report is saved in the same location as OTL.
  8. Please post the contents of report in your next reply.

Step 2.
AdwCleaner - Scan Only
Please download AdwCleaner by Xplode onto your desktop.
  1. Close all open programs and internet browsers.
  2. Double-click on adwcleaner.exe to run it.
  3. Click on Scan. When the scan finishes, you'll see a message on the product window: "Pending. Please uncheck elements you don't want to remove."
  4. Press the Report button to produce the scan report.
  5. A log file C:\AdwCleaner[Rn].txt will automatically open. ([Rn] n = number of run)
  6. Please post the content of the C:\AdwCleaner[Rn].txt log file in your next reply.

Step 3.
TDSSKiller - Rootkit Removal Tool - Scan only
Please download the TDSSKiller.exe by Kaspersky and save it to your Desktop. <-Important!!!
  1. Double-click on TDSSKiller.exe to run the tool for known TDSS/TDL variants.
    If TDSSKiller does not run, please rename it. Right-click on TDSSKiller.exe, select Rename and give it a random name with the .com file extension (i.e. zarodinu.com).
    If you don't see file extensions, please see: How to change the file extension.
  2. Click the Start Scan button. Do not use the computer during the scan!
  3. If the scan completes with nothing found, click Close to exit.
  4. If malicious objects are found, they will show in the "Scan results - Select action for found objects" and offer 3 options.
    • Please select Skip instead of Cure (default).
  5. Then click Continue, then Close and then Close again.
  6. A log file named TDSSKiller_version_dd.mm.yyyy_hh.mm.ss_log.txt will be created and saved to the root directory (usually Local Disk C:).
  7. Copy and paste the contents of that file in your next reply.

Step 4.
SystemLook
Please download SystemLook.exe by jpshortstuff and save it to your Desktop.
Alternate download site.
  1. Double-click SystemLook.exe to run it.
    If you receive an "Open file - security warning"... asking "Do you want to run this file?", press the Run button.
  2. Highlight and copy the following entries: into SystemLook's main text entry window.
    Code: Select all
    :Regfind
    Ask.com
    MyWay
    
  3. Press the Look button to start the scan.
    When finished, a Notepad window will open with the results of the scan.
    A file will be created (on your Desktop) with the results of the scan, named SystemLook.txt
  4. Please post the contents of the SystemLook.txt file in your next reply.

Please include in your next reply:
  1. Do you have any problems executing the instructions?
  2. Contents of the C:\_OTL\MovedFiles\MMDDYYYY_HHMMSS.log log file after OTL FixScript run
  3. Contents of the AdwCleaner[R1].txt log file
  4. Contents of TDSSKiller report file.
  5. Contents of the SystemLook.txt log file

Please do not hesitate to divide the post into multiple if it is too long...

Thanks,
pgmigg

Failure to post replies within 72 hours will result in this thread being closed
User avatar
pgmigg
Admin/Teacher
Admin/Teacher
 
Posts: 5457
Joined: July 8th, 2008, 1:25 pm
Location: GMT-05:00

Re: Very Slow Internet Browsing. Continued

Unread postby L33AJD » September 18th, 2013, 1:55 pm

OTL

All processes killed
========== COMMANDS ==========
Restore point Set: OTL Restore Point
========== OTL ==========
HKLM\SOFTWARE\Microsoft\Internet Explorer\Search\\CustomSearch| /E : value set successfully!
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope| /E : value set successfully!
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ not found.
HKU\.DEFAULT\SOFTWARE\Microsoft\Internet Explorer\Main\\Default_Page_URL| /E : value set successfully!
HKU\.DEFAULT\SOFTWARE\Microsoft\Internet Explorer\Main\\First Home Page| /E : value set successfully!
HKU\.DEFAULT\SOFTWARE\Microsoft\Internet Explorer\Main\\Search Bar| /E : value set successfully!
HKU\.DEFAULT\SOFTWARE\Microsoft\Internet Explorer\Main\\Start Page| /E : value set successfully!
Registry value HKEY_USERS\.DEFAULT\Software\Microsoft\Internet Explorer\URLSearchHooks\\{00A6FAF6-072E-44cf-8957-5838F569A31D} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{00A6FAF6-072E-44cf-8957-5838F569A31D}\ deleted successfully.
Registry value HKEY_USERS\.DEFAULT\Software\Microsoft\Internet Explorer\URLSearchHooks\\{4D25F926-B9FE-4682-BF72-8AB8210D6D75} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{4D25F926-B9FE-4682-BF72-8AB8210D6D75}\ not found.
HKEY_USERS\.DEFAULT\Software\Microsoft\Internet Explorer\SearchScopes\\DefaultScope| /E : value set successfully!
Registry key HKEY_USERS\.DEFAULT\Software\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ not found.
Registry key HKEY_USERS\.DEFAULT\Software\Microsoft\Internet Explorer\SearchScopes\{56256A51-B582-467e-B8D4-7786EDA79AE0}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{56256A51-B582-467e-B8D4-7786EDA79AE0}\ not found.
Registry key HKEY_USERS\.DEFAULT\Software\Microsoft\Internet Explorer\SearchScopes\{AFBCB7E0-F91A-4951-9F31-58FEE57A25C4}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{AFBCB7E0-F91A-4951-9F31-58FEE57A25C4}\ not found.
HKU\S-1-5-18\SOFTWARE\Microsoft\Internet Explorer\Main\\Default_Page_URL| /E : value set successfully!
HKU\S-1-5-18\SOFTWARE\Microsoft\Internet Explorer\Main\\First Home Page| /E : value set successfully!
HKU\S-1-5-18\SOFTWARE\Microsoft\Internet Explorer\Main\\Search Bar| /E : value set successfully!
HKU\S-1-5-18\SOFTWARE\Microsoft\Internet Explorer\Main\\Start Page| /E : value set successfully!
Registry value HKEY_USERS\S-1-5-18\Software\Microsoft\Internet Explorer\URLSearchHooks\\{00A6FAF6-072E-44cf-8957-5838F569A31D} not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{00A6FAF6-072E-44cf-8957-5838F569A31D}\ not found.
Registry value HKEY_USERS\S-1-5-18\Software\Microsoft\Internet Explorer\URLSearchHooks\\{4D25F926-B9FE-4682-BF72-8AB8210D6D75} not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{4D25F926-B9FE-4682-BF72-8AB8210D6D75}\ not found.
HKEY_USERS\S-1-5-18\Software\Microsoft\Internet Explorer\SearchScopes\\DefaultScope| /E : value set successfully!
Registry key HKEY_USERS\S-1-5-18\Software\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ not found.
Registry key HKEY_USERS\S-1-5-18\Software\Microsoft\Internet Explorer\SearchScopes\{56256A51-B582-467e-B8D4-7786EDA79AE0}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{56256A51-B582-467e-B8D4-7786EDA79AE0}\ not found.
Registry key HKEY_USERS\S-1-5-18\Software\Microsoft\Internet Explorer\SearchScopes\{AFBCB7E0-F91A-4951-9F31-58FEE57A25C4}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{AFBCB7E0-F91A-4951-9F31-58FEE57A25C4}\ not found.
Registry key HKEY_USERS\S-1-5-19\Software\Microsoft\Internet Explorer\SearchScopes\{AFBCB7E0-F91A-4951-9F31-58FEE57A25C4}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{AFBCB7E0-F91A-4951-9F31-58FEE57A25C4}\ not found.
Registry key HKEY_USERS\S-1-5-20\Software\Microsoft\Internet Explorer\SearchScopes\{AFBCB7E0-F91A-4951-9F31-58FEE57A25C4}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{AFBCB7E0-F91A-4951-9F31-58FEE57A25C4}\ not found.
HKU\S-1-5-21-3030998525-717131792-4089313889-1005\SOFTWARE\Microsoft\Internet Explorer\Main\\Default_Page_URL| /E : value set successfully!
Registry value HKEY_USERS\S-1-5-21-3030998525-717131792-4089313889-1005\Software\Microsoft\Internet Explorer\URLSearchHooks\\{00A6FAF6-072E-44cf-8957-5838F569A31D} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{00A6FAF6-072E-44cf-8957-5838F569A31D}\ not found.
Registry value HKEY_USERS\S-1-5-21-3030998525-717131792-4089313889-1005\Software\Microsoft\Internet Explorer\URLSearchHooks\\{EF99BD32-C1FB-11D2-892F-0090271D4F88} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{EF99BD32-C1FB-11D2-892F-0090271D4F88}\ not found.
HKEY_USERS\S-1-5-21-3030998525-717131792-4089313889-1005\Software\Microsoft\Internet Explorer\SearchScopes\\DefaultScope| /E : value set successfully!
Registry key HKEY_USERS\S-1-5-21-3030998525-717131792-4089313889-1005\Software\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ not found.
Registry key HKEY_USERS\S-1-5-21-3030998525-717131792-4089313889-1005\Software\Microsoft\Internet Explorer\SearchScopes\{DECA3892-BA8F-44b8-A993-A466AD694AE4}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{DECA3892-BA8F-44b8-A993-A466AD694AE4}\ not found.
C:\Program Files\Mozilla Firefox\plugins\NPMyWebS.dll moved successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\{07B18EA9-A523-4961-B6BB-170DE4475CCA} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{07B18EA9-A523-4961-B6BB-170DE4475CCA}\ deleted successfully.
Registry value HKEY_USERS\.DEFAULT\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{2318C2B1-4965-11D4-9B18-009027A5CD4F} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{2318C2B1-4965-11D4-9B18-009027A5CD4F}\ not found.
Registry value HKEY_USERS\S-1-5-18\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{2318C2B1-4965-11D4-9B18-009027A5CD4F} not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{2318C2B1-4965-11D4-9B18-009027A5CD4F}\ not found.
Registry value HKEY_USERS\S-1-5-21-3030998525-717131792-4089313889-1005\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{07B18EA9-A523-4961-B6BB-170DE4475CCA} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{07B18EA9-A523-4961-B6BB-170DE4475CCA}\ not found.
========== FILES ==========
C:\Documents and Settings\All Users\SPL1.tmp moved successfully.
C:\Documents and Settings\All Users\SPL11.tmp moved successfully.
C:\Documents and Settings\All Users\SPL1E.tmp moved successfully.
C:\Documents and Settings\All Users\SPL2.tmp moved successfully.
C:\Documents and Settings\All Users\SPL20.tmp moved successfully.
C:\Documents and Settings\All Users\SPL3.tmp moved successfully.
C:\Documents and Settings\All Users\SPL4.tmp moved successfully.
C:\Documents and Settings\All Users\SPL5.tmp moved successfully.
C:\Documents and Settings\All Users\SPL6.tmp moved successfully.
C:\Documents and Settings\All Users\SPL7.tmp moved successfully.
C:\Documents and Settings\All Users\SPL76.tmp moved successfully.
C:\Documents and Settings\All Users\SPL8.tmp moved successfully.
C:\WINDOWS\System32\CONFIG.TMP moved successfully.
C:\WINDOWS\002999_.tmp moved successfully.
C:\Documents and Settings\The Brown's\Local Settings\Temp\jrt\datamngr_del.reg moved successfully.
< ipconfig /flushdns /c >
Windows IP Configuration
Successfully flushed the DNS Resolver Cache.
C:\Documents and Settings\The Brown's\Desktop\cmd.bat deleted successfully.
C:\Documents and Settings\The Brown's\Desktop\cmd.txt deleted successfully.
========== REGISTRY ==========
Registry key HKEY_USERS\.DEFAULT\Software\Microsoft\Internet Explorer\SearchScopes\{56256A51-B582-467e-B8D4-7786EDA79AE0} not found.
Registry key HKEY_USERS\.DEFAULT\Software\Microsoft\Internet Explorer\SearchScopes\{56256A51-B582-467e-B8D4-7786EDA79AE0} not found.
Registry key HKEY_USERS\.DEFAULT\Software\Microsoft\Internet Explorer\SearchScopes\{AFBCB7E0-F91A-4951-9F31-58FEE57A25C4} not found.
Registry key HKEY_USERS\S-1-5-19\Software\Microsoft\Internet Explorer\SearchScopes\{AFBCB7E0-F91A-4951-9F31-58FEE57A25C4} not found.
Registry key HKEY_USERS\S-1-5-20\Software\Microsoft\Internet Explorer\SearchScopes\{AFBCB7E0-F91A-4951-9F31-58FEE57A25C4} not found.
Registry key HKEY_USERS\S-1-5-18\Software\Microsoft\Internet Explorer\SearchScopes\{56256A51-B582-467e-B8D4-7786EDA79AE0} not found.
Registry key HKEY_USERS\S-1-5-18\Software\Microsoft\Internet Explorer\SearchScopes\{56256A51-B582-467e-B8D4-7786EDA79AE0} not found.
Registry key HKEY_USERS\S-1-5-18\Software\Microsoft\Internet Explorer\SearchScopes\{AFBCB7E0-F91A-4951-9F31-58FEE57A25C4} not found.
Registry value HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main\\Default_Page_URL deleted successfully.
Registry key HKEY_CURRENT_USER\Software\MyWaySA\ deleted successfully.
Registry value HKEY_USERS\.DEFAULT\Software\Microsoft\Internet Explorer\Main\\Default_Page_URL deleted successfully.
Registry value HKEY_USERS\.DEFAULT\Software\Microsoft\Internet Explorer\Main\\Start Page deleted successfully.
Registry value HKEY_USERS\.DEFAULT\Software\Microsoft\Internet Explorer\Main\\First Home Page deleted successfully.
Registry value HKEY_USERS\.DEFAULT\Software\Microsoft\Internet Explorer\Main\\Search Bar deleted successfully.
Registry key HKEY_USERS\.DEFAULT\Software\MyWaySA\ deleted successfully.
Registry value HKEY_USERS\S-1-5-21-3030998525-717131792-4089313889-1005\Software\Microsoft\Internet Explorer\Main\\Default_Page_URL not found.
Registry key HKEY_USERS\S-1-5-21-3030998525-717131792-4089313889-1005\Software\MyWaySA\ not found.
Registry value HKEY_USERS\S-1-5-18\Software\Microsoft\Internet Explorer\Main\\Default_Page_URL not found.
Registry value HKEY_USERS\S-1-5-18\Software\Microsoft\Internet Explorer\Main\\Start Page not found.
Registry value HKEY_USERS\S-1-5-18\Software\Microsoft\Internet Explorer\Main\\First Home Page not found.
Registry value HKEY_USERS\S-1-5-18\Software\Microsoft\Internet Explorer\Main\\Search Bar not found.
Registry key HKEY_USERS\S-1-5-18\Software\MyWaySA\ not found.
========== COMMANDS ==========

[EMPTYTEMP]

User: Administrator
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes

User: All Users

User: Becca
->Temp folder emptied: 480 bytes
->Temporary Internet Files folder emptied: 1474 bytes
->Google Chrome cache emptied: 856432 bytes
->Flash cache emptied: 14210 bytes

User: Default User
->Temp folder emptied: 92732 bytes
->Temporary Internet Files folder emptied: 32902 bytes

User: George
->Temp folder emptied: 480 bytes
->Temporary Internet Files folder emptied: 1273 bytes
->Java cache emptied: 4155 bytes
->Google Chrome cache emptied: 349238902 bytes
->Flash cache emptied: 18934 bytes

User: LocalService
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 14123486 bytes

User: NetworkService
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 773049 bytes

User: The Brown's
->Temp folder emptied: 51024822 bytes
->Temporary Internet Files folder emptied: 272841730 bytes
->Java cache emptied: 2198869 bytes
->Google Chrome cache emptied: 348619234 bytes
->Flash cache emptied: 13748 bytes

%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32\dllcache .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 25836 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temp folder emptied: 378578224 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temporary Internet Files folder emptied: 343078 bytes
RecycleBin emptied: 20846390 bytes

Total Files Cleaned = 1,373.00 mb


[EMPTYJAVA]

User: Administrator

User: All Users

User: Becca

User: Default User

User: George
->Java cache emptied: 0 bytes

User: LocalService

User: NetworkService

User: The Brown's
->Java cache emptied: 0 bytes

Total Java Files Cleaned = 0.00 mb


[EMPTYFLASH]

User: Administrator

User: All Users

User: Becca
->Flash cache emptied: 0 bytes

User: Default User

User: George
->Flash cache emptied: 0 bytes

User: LocalService

User: NetworkService

User: The Brown's
->Flash cache emptied: 0 bytes

Total Flash Files Cleaned = 0.00 mb


OTL by OldTimer - Version 3.2.69.0 log created on 09182013_184627

Files\Folders moved on Reboot...

PendingFileRenameOperations files...

Registry entries deleted on Reboot...
L33AJD
Regular Member
 
Posts: 24
Joined: September 12th, 2013, 9:03 am

Re: Very Slow Internet Browsing. Continued

Unread postby L33AJD » September 18th, 2013, 1:59 pm

AdwCleaner

# AdwCleaner v3.004 - Report created 18/09/2013 at 18:57:50
# Updated 15/09/2013 by Xplode
# Operating System : Microsoft Windows XP Service Pack 3 (32 bits)
# Username : The Brown's - JARINA
# Running from : C:\Documents and Settings\The Brown's\Desktop\adwcleaner.exe
# Option : Scan

***** [ Services ] *****


***** [ Files / Folders ] *****

File Found : C:\Program Files\Mozilla Firefox\searchplugins\safesearch.xml

***** [ Shortcuts ] *****


***** [ Registry ] *****

Key Found : HKCU\Software\Fun Web Products
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{EF99BD32-C1FB-11D2-892F-0090271D4F88}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{00A6FAF6-072E-44CF-8957-5838F569A31D}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{07B18EA9-A523-4961-B6BB-170DE4475CCA}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{07B18EAB-A523-4961-B6BB-170DE4475CCA}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{1E0DE227-5CE4-4EA3-AB0C-8B03E1AA76BC}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{25560540-9571-4D7B-9389-0F166788785A}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{3DC201FB-E9C9-499C-A11F-23C360D7C3F8}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{898EA8C8-E7FF-479B-8935-AEC46303B9E5}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{9FF05104-B030-46FC-94B8-81276E4E27DF}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{DF780F87-FF2B-4DF8-92D0-73DB16A1543A}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{03F998B2-0E00-11D3-A498-00104B6EB52E}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{07B18EAB-A523-4961-B6BB-170DE4475CCA}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{0F8ECF4F-3646-4C3A-8881-8E138FFCAF70}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{147A976F-EEE1-4377-8EA7-4716E4CDD239}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{1B00725B-C455-4DE6-BFB6-AD540AD427CD}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{1E0DE227-5CE4-4EA3-AB0C-8B03E1AA76BC}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{25560540-9571-4D7B-9389-0F166788785A}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{3DC201FB-E9C9-499C-A11F-23C360D7C3F8}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{3E720452-B472-4954-B7AA-33069EB53906}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{53CED2D0-5E9A-4761-9005-648404E6F7E5}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{63D0ED2C-B45B-4458-8B3B-60C69BBBD83C}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{7473D292-B7BB-4F24-AE82-7E2CE94BB6A9}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{7473D294-B7BB-4F24-AE82-7E2CE94BB6A9}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{7473D296-B7BB-4F24-AE82-7E2CE94BB6A9}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{84DA4FDF-A1CF-4195-8688-3E961F505983}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{898EA8C8-E7FF-479B-8935-AEC46303B9E5}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{8E6F1832-9607-4440-8530-13BE7C4B1D14}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{938AA51A-996C-4884-98CE-80DD16A5C9DA}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{98D9753D-D73B-42D5-8C85-4469CDA897AB}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{9FF05104-B030-46FC-94B8-81276E4E27DF}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{A4730EBE-43A6-443E-9776-36915D323AD3}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{A9571378-68A1-443D-B082-284F960C6D17}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{ADB01E81-3C79-4272-A0F1-7B2BE7A782DC}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{B813095C-81C0-4E40-AA14-67520372B987}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{C9D7BE3E-141A-4C85-8CD6-32461F3DF2C7}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{CFF4CE82-3AA2-451F-9B77-7165605FB835}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{D9FFFB27-D62A-4D64-8CEC-1FF006528805}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{E79DFBCA-5697-4FBD-94E5-5B2A9C7C1612}
Key Found : HKLM\SOFTWARE\Classes\Interface\{07B18EAC-A523-4961-B6BB-170DE4475CCA}
Key Found : HKLM\SOFTWARE\Classes\Interface\{1093995A-BA37-41D2-836E-091067C4AD17}
Key Found : HKLM\SOFTWARE\Classes\Interface\{120927BF-1700-43BC-810F-FAB92549B390}
Key Found : HKLM\SOFTWARE\Classes\Interface\{17DE5E5E-BFE3-4E83-8E1F-8755795359EC}
Key Found : HKLM\SOFTWARE\Classes\Interface\{1F52A5FA-A705-4415-B975-88503B291728}
Key Found : HKLM\SOFTWARE\Classes\Interface\{247A115F-06C2-4FB3-967D-2D62D3CF4F0A}
Key Found : HKLM\SOFTWARE\Classes\Interface\{2E3537FC-CF2F-4F56-AF54-5A6A3DD375CC}
Key Found : HKLM\SOFTWARE\Classes\Interface\{2E9937FC-CF2F-4F56-AF54-5A6A3DD375CC}
Key Found : HKLM\SOFTWARE\Classes\Interface\{3E1656ED-F60E-4597-B6AA-B6A58E171495}
Key Found : HKLM\SOFTWARE\Classes\Interface\{3E53E2CB-86DB-4A4A-8BD9-FFEB7A64DF82}
Key Found : HKLM\SOFTWARE\Classes\Interface\{3E720451-B472-4954-B7AA-33069EB53906}
Key Found : HKLM\SOFTWARE\Classes\Interface\{3E720453-B472-4954-B7AA-33069EB53906}
Key Found : HKLM\SOFTWARE\Classes\Interface\{63D0ED2B-B45B-4458-8B3B-60C69BBBD83C}
Key Found : HKLM\SOFTWARE\Classes\Interface\{63D0ED2D-B45B-4458-8B3B-60C69BBBD83C}
Key Found : HKLM\SOFTWARE\Classes\Interface\{6E74766C-4D93-4CC0-96D1-47B8E07FF9CA}
Key Found : HKLM\SOFTWARE\Classes\Interface\{72EE7F04-15BD-4845-A005-D6711144D86A}
Key Found : HKLM\SOFTWARE\Classes\Interface\{741DE825-A6F0-4497-9AA6-8023CF9B0FFF}
Key Found : HKLM\SOFTWARE\Classes\Interface\{7473D291-B7BB-4F24-AE82-7E2CE94BB6A9}
Key Found : HKLM\SOFTWARE\Classes\Interface\{7473D293-B7BB-4F24-AE82-7E2CE94BB6A9}
Key Found : HKLM\SOFTWARE\Classes\Interface\{7473D295-B7BB-4F24-AE82-7E2CE94BB6A9}
Key Found : HKLM\SOFTWARE\Classes\Interface\{7473D297-B7BB-4F24-AE82-7E2CE94BB6A9}
Key Found : HKLM\SOFTWARE\Classes\Interface\{90449521-D834-4703-BB4E-D3AA44042FF8}
Key Found : HKLM\SOFTWARE\Classes\Interface\{991AAC62-B100-47CE-8B75-253965244F69}
Key Found : HKLM\SOFTWARE\Classes\Interface\{A626CDBD-3D13-4F78-B819-440A28D7E8FC}
Key Found : HKLM\SOFTWARE\Classes\Interface\{BBABDC90-F3D5-4801-863A-EE6AE529862D}
Key Found : HKLM\SOFTWARE\Classes\Interface\{D6FF3684-AD3B-48EB-BBB4-B9E6C5A355C1}
Key Found : HKLM\SOFTWARE\Classes\Interface\{DE38C398-B328-4F4C-A3AD-1B5E4ED93477}
Key Found : HKLM\SOFTWARE\Classes\Interface\{E342AF55-B78A-4CD0-A2BB-DA7F52D9D25E}
Key Found : HKLM\SOFTWARE\Classes\Interface\{E342AF55-B78A-4CD0-A2BB-DA7F52D9D25F}
Key Found : HKLM\SOFTWARE\Classes\Interface\{E4E3E0F8-CD30-4380-8CE9-B96904BDEFCA}
Key Found : HKLM\SOFTWARE\Classes\Interface\{E79DFBC9-5697-4FBD-94E5-5B2A9C7C1612}
Key Found : HKLM\SOFTWARE\Classes\Interface\{EB9E5C1C-B1F9-4C2B-BE8A-27D6446FDAF8}
Key Found : HKLM\SOFTWARE\Classes\Interface\{FE8A736F-4124-4D9C-B4B1-3B12381EFABE}
Key Found : HKLM\SOFTWARE\Classes\TypeLib\{0D26BC71-A633-4E71-AD31-EADC3A1B6A3A}
Key Found : HKLM\SOFTWARE\Classes\TypeLib\{29D67D3C-509A-4544-903F-C8C1B8236554}
Key Found : HKLM\SOFTWARE\Classes\TypeLib\{3E720450-B472-4954-B7AA-33069EB53906}
Key Found : HKLM\SOFTWARE\Classes\TypeLib\{7473D290-B7BB-4F24-AE82-7E2CE94BB6A9}
Key Found : HKLM\SOFTWARE\Classes\TypeLib\{8CA01F0E-987C-49C3-B852-2F1AC4A7094C}
Key Found : HKLM\SOFTWARE\Classes\TypeLib\{8E6F1830-9607-4440-8530-13BE7C4B1D14}
Key Found : HKLM\SOFTWARE\Classes\TypeLib\{C8CECDE3-1AE1-4C4A-AD82-6D5B00212144}
Key Found : HKLM\SOFTWARE\Classes\TypeLib\{E47CAEE0-DEEA-464A-9326-3F2801535A4D}
Key Found : HKLM\SOFTWARE\Classes\TypeLib\{E79DFBC0-5697-4FBD-94E5-5B2A9C7C1612}
Key Found : HKLM\SOFTWARE\Classes\TypeLib\{F42228FB-E84E-479E-B922-FBBD096E792C}
Key Found : HKLM\Software\FocusInteractive
Key Found : HKLM\Software\Fun Web Products
Key Found : HKLM\Software\MetaStream
Key Found : HKLM\SOFTWARE\Microsoft\Active Setup\Installed Components\{03F998B2-0E00-11D3-A498-00104B6EB52E}
Key Found : HKLM\SOFTWARE\Microsoft\Active Setup\Installed Components\{1B00725B-C455-4DE6-BFB6-AD540AD427CD}
Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Extensions\{898EA8C8-E7FF-479B-8935-AEC46303B9E5}
Key Found : HKLM\SOFTWARE\Microsoft\Multimedia\WMPlayer\Schemes\f3pss
Key Found : HKLM\SOFTWARE\Microsoft\Office\Outlook\Addins\MyWebSearch.OutlookAddin
Key Found : HKLM\SOFTWARE\Microsoft\Office\Word\Addins\MyWebSearch.OutlookAddin
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Management\ARPCache\mywebsearch bar uninstall
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Management\ARPCache\ViewpointMediaPlayer
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}
Key Found : HKLM\SOFTWARE\MozillaPlugins\@viewpoint.com/VMP
Key Found : HKLM\Software\Viewpoint
Value Found : HKLM\SOFTWARE\Microsoft\Windows Media\Wmsdk\Sources [F3PopularScreenSavers]
Value Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\User Agent\post platform [FunWebProducts]

***** [ Browsers ] *****

-\\ Internet Explorer v8.0.6001.18702


-\\ Mozilla Firefox v

[ File : C:\Documents and Settings\The Brown's\Application Data\Mozilla\Firefox\Profiles\odsc3zt1.default\prefs.js ]


-\\ Google Chrome v29.0.1547.66

[ File : C:\Documents and Settings\The Brown's\Local Settings\Application Data\Google\Chrome\User Data\Default\preferences ]


[ File : C:\Documents and Settings\George\Local Settings\Application Data\Google\Chrome\User Data\Default\preferences ]


[ File : C:\Documents and Settings\Becca\Local Settings\Application Data\Google\Chrome\User Data\Default\preferences ]


*************************

AdwCleaner[R0].txt - [9882 octets] - [18/09/2013 18:57:50]

########## EOF - C:\AdwCleaner\AdwCleaner[R0].txt - [9942 octets] ##########
L33AJD
Regular Member
 
Posts: 24
Joined: September 12th, 2013, 9:03 am

Re: Very Slow Internet Browsing. Continued

Unread postby L33AJD » September 18th, 2013, 2:02 pm

TDSSKiller

No threats were found. Should there be a .txt file? It doesn't appear to have saved one on my desktop.
L33AJD
Regular Member
 
Posts: 24
Joined: September 12th, 2013, 9:03 am

Re: Very Slow Internet Browsing. Continued

Unread postby L33AJD » September 18th, 2013, 2:04 pm

SystemLook

SystemLook 30.07.11 by jpshortstuff
Log created at 19:04 on 18/09/2013 by The Brown's
Administrator - Elevation successful

========== Regfind ==========

Searching for "Ask.com"
No data found.

Searching for "MyWay"
No data found.

-= EOF =-
L33AJD
Regular Member
 
Posts: 24
Joined: September 12th, 2013, 9:03 am
Advertisement
Register to Remove

Next

  • Similar Topics
    Replies
    Views
    Last post

Return to Infected? Virus, malware, adware, ransomware, oh my!



Who is online

Users browsing this forum: No registered users and 105 guests

Contact us:

Advertisements do not imply our endorsement of that product or service. Register to remove all ads. The forum is run by volunteers who donate their time and expertise. We make every attempt to ensure that the help and advice posted is accurate and will not cause harm to your computer. However, we do not guarantee that they are accurate and they are to be used at your own risk. All trademarks are the property of their respective owners.

Member site: UNITE Against Malware