Hi
Thank you for getting back to me.
I've included the malwarebytes log - which only contained one issue which is since clear but most of the stuff was founf by the eset online virus scanner so I've included that log as well just in case its useful.
My pc keeps trying to install the same windows update over and over again despite it installing correctly as well?
Malwarebytes Anti-Malware 1.75.0.1300
www.malwarebytes.orgDatabase version: v2014.01.28.08
Windows XP Service Pack 3 x86 NTFS
Internet Explorer 8.0.6001.18702
JJ Harte :: SEAMUS [administrator]
28/01/2014 21:07:04
mbam-log-2014-01-28 (21-07-04).txt
Scan type: Quick scan
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
Scan options disabled: P2P
Objects scanned: 251229
Time elapsed: 23 minute(s), 26 second(s)
Memory Processes Detected: 0
(No malicious items detected)
Memory Modules Detected: 0
(No malicious items detected)
Registry Keys Detected: 1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\1ClickDownload (PUP.Optional.HDVidCodec.A) -> Quarantined and deleted successfully.
Registry Values Detected: 0
(No malicious items detected)
Registry Data Items Detected: 0
(No malicious items detected)
Folders Detected: 1
C:\Program Files\hdvidcodec.com (PUP.Optional.HDVidCodec.A) -> Quarantined and deleted successfully.
Files Detected: 2
C:\Program Files\hdvidcodec.com\hdvidextsetup.exe (PUP.Optional.HDVidCodec.A) -> Quarantined and deleted successfully.
C:\Program Files\hdvidcodec.com\uninst.exe (PUP.Optional.HDVidCodec.A) -> Quarantined and deleted successfully.
(end)
ESETSmartInstaller@High as CAB hook log:
OnlineScanner.ocx - registred OK
# version=8
# iexplore.exe=8.00.6001.18702 (longhorn_ie8_rtm(wmbla).090308-0339)
# OnlineScanner.ocx=1.0.0.6920
# api_version=3.0.2
# EOSSerial=0041abf13f212b4bbe60fc6516b3e605
# engine=17126
# end=finished
# remove_checked=true
# archives_checked=true
# unwanted_checked=true
# unsafe_checked=true
# antistealth_checked=true
# utc_time=2014-02-18 09:29:25
# local_time=2014-02-18 09:29:25 (+0000, GMT Standard Time)
# country="United Kingdom"
# lang=1033
# osver=5.1.2600 NT Service Pack 3
# compatibility_mode=1034 16777213 100 80 90267 82419375 0 0
# scanned=86886
# found=14
# cleaned=14
# scan_time=7625
sh=83E43CC0F3B3B923D0E403186D2708707E55F900 ft=1 fh=2b2d6fc059986956 vn="a variant of Win32/Toolbar.SearchSuite.P potentially unwanted application (deleted - quarantined)" ac=C fn="C:\Documents and Settings\JJ Harte\Local Settings\Temp\nsj26\Helper.dll"
sh=8D57A5D02B3797856331920B2406DC0149BE5B6E ft=1 fh=2fafe1c8b7630f64 vn="Win32/Soffer.A potentially unwanted application (deleted - quarantined)" ac=C fn="C:\Documents and Settings\JJ Harte\Local Settings\Temp\nsj26\soffer.dll"
sh=A8A37E54DB53B64808D4DE3DDBB505859E9F4269 ft=1 fh=b799c6fdeb2be9bc vn="Win32/Bundled.Toolbar.Google.E potentially unsafe application (deleted - quarantined)" ac=C fn="C:\Documents and Settings\JJ Harte\My Documents\Downloads\ccsetup311.exe"
sh=8838B57D60595B2BBE83AB003316A190279C8AC4 ft=1 fh=2b617271f5617289 vn="a variant of Win32/Toolbar.Conduit.H potentially unwanted application (deleted - quarantined)" ac=C fn="C:\Program Files\NCH Software\BroadCam\bcsetup_v2.23.exe"
sh=7C2DD7308EEC5A0C73E68F0C94BFDDD8B7D50EF5 ft=1 fh=8f31461f5e6ff9d9 vn="a variant of Win32/Toolbar.Conduit.H potentially unwanted application (deleted - quarantined)" ac=C fn="C:\Program Files\NCH Software\BroadCam\broadcam.exe"
sh=2AFD5A13C6009A3DCA4714655690BCD8F55D21F5 ft=1 fh=750f02d55e6ff9d9 vn="a variant of Win32/Toolbar.Conduit.H potentially unwanted application (deleted - quarantined)" ac=C fn="C:\Program Files\NCH Software\BroadCam\uninst.exe"
sh=A033CC58A848309C839C636370383A81481BD426 ft=1 fh=cc9ff824932b8bdf vn="a variant of Win32/Toolbar.Conduit.H potentially unwanted application (deleted - quarantined)" ac=C fn="C:\Program Files\NCH Software\Prism\prism.exe"
sh=31D8C3EDE22AFD8B1CA5CAC4FDD27A245F6CC7B6 ft=1 fh=5dda5872f4087e13 vn="a variant of Win32/Toolbar.Conduit.H potentially unwanted application (deleted - quarantined)" ac=C fn="C:\Program Files\NCH Software\Prism\prismpsetup[1]_v1.82.exe"
sh=7841824088542F907AD2A804AE53FE62D201E298 ft=1 fh=36a1bcee932b8bdf vn="a variant of Win32/Toolbar.Conduit.H potentially unwanted application (deleted - quarantined)" ac=C fn="C:\Program Files\NCH Software\Prism\uninst.exe"
sh=347BB66C7BE3982B2602FE946E6BCF3C7C7224B5 ft=1 fh=9946b6b2c2e14984 vn="a variant of Win32/Toolbar.Conduit.J potentially unwanted application (deleted - quarantined)" ac=C fn="C:\Program Files\NCH Software\VideoPad\uninst.exe"
sh=20E2D74783E28D768F2F4C9D856EAB1742ECBAB4 ft=1 fh=6378f278c2e14984 vn="a variant of Win32/Toolbar.Conduit.J potentially unwanted application (deleted - quarantined)" ac=C fn="C:\Program Files\NCH Software\VideoPad\videopad.exe"
sh=6D8A3CAC283AC47CE01261DAAC15B09AF37D87CD ft=1 fh=811f7b6ed12c913d vn="a variant of Win32/Toolbar.Conduit.J potentially unwanted application (deleted - quarantined)" ac=C fn="C:\Program Files\NCH Software\VideoPad\vpsetup_v2.41.exe"
sh=20D8054196C94236BF69C78FF9122185A34B4348 ft=1 fh=c21cbc2eeb28013b vn="a variant of Win32/Adware.Yontoo.A application (cleaned by deleting - quarantined)" ac=C fn="C:\Program Files\Yontoo\YontooIEClient.dll"
sh=0F524D97E96C309485455A4CB4FAFAF8DBF42863 ft=0 fh=0000000000000000 vn="multiple threats (deleted - quarantined)" ac=C fn="C:\Program Files\Yontoo\YontooLayers.crx"
Zoek.exe v5.0.0.0 Updated 19-February-2014
Tool run by JJ Harte on 23/02/2014 at 20:59:27.62.
Microsoft Windows XP Professional 5.1.2600 Service Pack 3 x86
Running in: Normal Mode Internet Access Detected
Launched: C:\Documents and Settings\JJ Harte\Desktop\zoek.exe [Scan all users] [Checkboxes used]
==== System Restore Info ======================
23/02/2014 21:00:20 Zoek.exe System Restore Point Created Succesfully.
==== Deleting CLSID Registry Keys ======================
==== Deleting CLSID Registry Values ======================
==== Deleting Services ======================
==== Deleting Files \ Folders ======================
C:\Program Files\Movie2KDownloader.com deleted
C:\Program Files\Viewpoint deleted
C:\Program Files\Yontoo deleted
C:\Program Files\Wondershare deleted
C:\Program Files\AskBarDis deleted
C:\Documents and Settings\JJ Harte\Application Data\GetRightToGo deleted
C:\DOCUME~1\ALLUSE~1\APPLIC~1\ezsid.dat deleted
C:\DOCUME~1\ALLUSE~1\APPLIC~1\Viewpoint deleted
C:\DOCUME~1\ALLUSE~1\APPLIC~1\Babylon deleted
C:\WINDOWS\wininit.ini deleted
C:\WINDOWS\tasks\AVG-Secure-Search-Update_JUNE2013_TB_rmv.job deleted
C:\WINDOWS\System32\browseui.dll.tmp deleted
C:\WINDOWS\System32\SET28.tmp deleted
C:\WINDOWS\System32\SET2A.tmp deleted
C:\WINDOWS\System32\SET2F.tmp deleted
C:\WINDOWS\System32\SET36.tmp deleted
C:\WINDOWS\System32\SET3F.tmp deleted
C:\WINDOWS\System32\SET41.tmp deleted
C:\WINDOWS\System32\SET44.tmp deleted
C:\WINDOWS\System32\shdocvw.dll.tmp deleted
C:\WINDOWS\System32\shlwapi.dll.tmp deleted
C:\Program Files\Mozilla Firefox\components\AskHPRFF.js deleted
C:\Program Files\Mozilla Firefox\components\AskSearch.js deleted
"C:\Documents and Settings\JJ Harte\Application Data\AOL" deleted
"C:\Documents and Settings\JJ Harte\Application Data\Temp" deleted
==== Firefox Extensions Registry ======================
[HKEY_LOCAL_MACHINE\Software\Mozilla\Firefox\Extensions]
"{DF153AFF-6948-45d7-AC98-4FC4AF8A08E2}"="C:\Documents and Settings\All Users\Application Data\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext" [19/02/2014 20:42]
==== Chrome Look ======================
HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions
blaofbhgbmeikidhlkmjhbkbfohpgekf - C:\Program Files\Movie2KDownloader.com\Movie2KDownloader10.crx[]
idhngdhcfkoamngbedgpaokgjbnpdiji - C:\Documents and Settings\All Users\Application Data\RealNetworks\RealDownloader\BrowserPlugins\Chrome\Ext\realdownloader.crx[14/08/2013 15:24]
lifbcibllhkdhoafpjfnlhfpfgnpldfl - C:\Program Files\Skype\Toolbars\Skype for Chromium\skype_chrome_extension.crx[09/10/2013 09:59]
niapdbllcanepiiimjjndipklodoedlc - C:\Program Files\Yontoo\YontooLayers.crx[]
RealPlayer HTML5Video Downloader Extension - JJ Harte\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\jfmjfhklogoienhpfnppmbcbjfjnkonk
AVG Safe Search - JJ Harte\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\jmfkcklnlgedgbglfkkgedjfmejoahla
Skype Click to Call - JJ Harte\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl
==== Chrome Fix ======================
C:\Documents and Settings\JJ Harte\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\jfmjfhklogoienhpfnppmbcbjfjnkonk deleted successfully
==== Set IE to Default ======================
Old Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Start Page"="http://www.msn.com"
"Search Page"="http://www.google.com"
"SearchMigratedDefaultURL"="http://www.google.com/search?q={searchTerms}&sourceid=ie7&rls=com.microsoft:en-US&ie=utf8&oe=utf8"
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchUrl]
@="http://www.google.com/search?q=%s"
[HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Search]
"SearchAssistant"="http://www.google.com/ie"
"Default_Search_URL"="http://www.google.com/ie"
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Search]
"SearchAssistant"="http://www.google.com/ie"
"Default_Search_URL"="http://www.google.com/ie"
New Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Search Page"="http://go.microsoft.com/fwlink/?LinkId=54896"
"SearchMigratedDefaultURL"="http://go.microsoft.com/fwlink/?LinkId=54896"
"Start Page"="http://www.msn.com"
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchUrl]
"(Default)"="http://search.msn.com/results.asp?q=%s"
[HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Search]
"Default_Search_URL"="http://go.microsoft.com/fwlink/?LinkId=54896"
"SearchAssistant"="http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchasst.htm"
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Search]
"Default_Search_URL"="http://go.microsoft.com/fwlink/?LinkId=54896"
"SearchAssistant"="http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchasst.htm"
==== All HKCU SearchScopes ======================
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes
"DefaultScope"="{C471B175-EC81-4D09-BB5B-603A2F84B6F3}"
{0633EE93-D776-472f-A0FF-E1416B8B2E3A} Bing Url="http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC"
{6A1806CD-94D4-4689-BA73-E35EA1EA9990} Google Url="http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}&ie={inputEncoding}&oe={outputEncoding}&startIndex={startIndex?}&startPage={startPage}"
{C471B175-EC81-4D09-BB5B-603A2F84B6F3} Google Url="http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7&rlz=1I7GEUA_en"
==== Deleting Registry Keys ======================
HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions\blaofbhgbmeikidhlkmjhbkbfohpgekf deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions\niapdbllcanepiiimjjndipklodoedlc deleted successfully
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{0F9196C6-58B4-445B-B56E-B1200FECC151} deleted successfully
HKEY_CURRENT_USER\Software\Microsoft\Installer\Products\6C6919F04B85B5445BE61B02F0CE1C15 deleted successfully
==== Empty IE Cache ======================
C:\Documents and Settings\Administrator\Local Settings\Temporary Internet Files\Content.IE5 emptied successfully
C:\Documents and Settings\Default User\Local Settings\Temporary Internet Files\Content.IE5 emptied successfully
C:\Documents and Settings\LocalService\Local Settings\Temp\Temporary Internet Files\Content.IE5 emptied successfully
C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5 emptied successfully
C:\WINDOWS\system32\config\systemprofile\Local Settings\Temporary Internet Files\Content.IE5 emptied successfully
C:\WINDOWS\system32\config\systemprofile\Local Settings\Temporary Internet Files\Content.IE5 emptied successfully
C:\Documents and Settings\JJ Harte\Local Settings\Temporary Internet Files\Content.IE5\index.dat will be deleted at reboot
C:\Documents and Settings\LocalService\Local Settings\Temporary Internet Files\Content.IE5\index.dat will be deleted at reboot
==== Empty FireFox Cache ======================
No FireFox Cache found
==== Empty Chrome Cache ======================
C:\Documents and Settings\JJ Harte\Local Settings\Application Data\Google\Chrome\User Data\Default\Cache emptied successfully
==== Empty All Flash Cache ======================
Flash Cache Emptied Successfully
==== Empty All Java Cache ======================
Java Cache cleared successfully
==== C:\zoek_backup content ======================
C:\zoek_backup (files=739 folders=111 181371450 bytes)
==== Empty Temp Folders ======================
C:\Documents and Settings\Administrator\Local Settings\Temp emptied successfully
C:\Documents and Settings\Default User\Local Settings\Temp emptied successfully
C:\Documents and Settings\JJ Harte\Local Settings\Temp will be emptied at reboot
C:\Documents and Settings\LocalService\Local Settings\Temp emptied successfully
C:\Documents and Settings\NetworkService\Local Settings\Temp emptied successfully
C:\WINDOWS\Temp will be emptied at reboot
==== After Reboot ======================
==== Empty Temp Folders ======================
C:\WINDOWS\Temp successfully emptied
C:\DOCUME~1\JJHART~1\LOCALS~1\Temp successfully emptied
==== Empty Recycle Bin ======================
C:\RECYCLER successfully emptied
==== Deleting Files / Folders ======================
"C:\Documents and Settings\JJ Harte\Local Settings\Temporary Internet Files\Content.IE5\index.dat" not deleted
"C:\Documents and Settings\LocalService\Local Settings\Temporary Internet Files\Content.IE5\index.dat" not deleted
==== EOF on 23/02/2014 at 21:13:16.01 ======================
OTL logfile created on: 23/02/2014 21:18:46 - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Documents and Settings\JJ Harte\Desktop
Windows XP Media Center Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000809 | Country: United Kingdom | Language: ENG | Date Format: dd/MM/yyyy
1.99 Gb Total Physical Memory | 1.37 Gb Available Physical Memory | 68.68% Memory free
3.32 Gb Paging File | 2.84 Gb Available in Paging File | 85.66% Paging File free
Paging file location(s): C:\pagefile.sys 1512 3057 [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 68.40 Gb Total Space | 36.81 Gb Free Space | 53.82% Space Free | Partition Type: NTFS
Computer Name: SEAMUS | User Name: JJ Harte | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days
========== Processes (SafeList) ========== PRC - [2014/02/23 20:58:08 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\JJ Harte\Desktop\OTL.exe
PRC - [2014/02/19 16:56:27 | 000,182,696 | ---- | M] (Oracle Corporation) -- C:\Program Files\Java\jre7\bin\jqs.exe
PRC - [2014/02/18 21:38:12 | 003,767,096 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\AvastUI.exe
PRC - [2014/02/18 21:38:12 | 000,050,344 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe
PRC - [2013/12/06 14:47:20 | 001,229,528 | ---- | M] (Secunia) -- C:\Program Files\Secunia\PSI\psia.exe
PRC - [2013/12/06 14:47:20 | 000,662,232 | ---- | M] (Secunia) -- C:\Program Files\Secunia\PSI\sua.exe
PRC - [2013/10/09 09:58:16 | 003,275,136 | ---- | M] (Skype Technologies S.A.) -- C:\Documents and Settings\All Users\Application Data\Skype\Toolbars\Skype C2C Service\c2c_service.exe
PRC - [2013/08/14 15:19:22 | 000,039,056 | ---- | M] () -- C:\Program Files\RealNetworks\RealDownloader\rndlresolversvc.exe
PRC - [2012/10/22 19:30:32 | 000,116,608 | ---- | M] (SUPERAntiSpyware.com) -- C:\Program Files\SUPERAntiSpyware\SASCORE.EXE
PRC - [2008/04/14 00:12:19 | 001,033,728 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
PRC - [2005/12/28 11:04:56 | 000,262,217 | ---- | M] (Intel(R) Corporation) -- C:\Program Files\Intel\Wireless\Bin\WLKEEPER.exe
========== Modules (No Company Name) ========== MOD - [2014/02/23 15:28:32 | 002,181,632 | ---- | M] () -- C:\Program Files\AVAST Software\Avast\defs\14022301\algo.dll
MOD - [2014/02/18 21:38:15 | 019,336,120 | ---- | M] () -- C:\Program Files\AVAST Software\Avast\libcef.dll
MOD - [2014/01/20 13:17:04 | 000,073,544 | ---- | M] () -- C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
MOD - [2014/01/20 13:16:38 | 001,044,808 | ---- | M] () -- C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll
MOD - [2013/08/14 15:19:22 | 000,039,056 | ---- | M] () -- C:\Program Files\RealNetworks\RealDownloader\rndlresolversvc.exe
MOD - [2013/01/02 06:49:10 | 001,292,288 | ---- | M] () -- C:\WINDOWS\system32\quartz.dll
MOD - [2011/02/04 17:48:30 | 000,291,840 | ---- | M] () -- C:\WINDOWS\system32\sbe.dll
MOD - [2008/04/14 00:11:59 | 000,014,336 | ---- | M] () -- C:\WINDOWS\system32\msdmo.dll
MOD - [2008/04/14 00:11:51 | 000,059,904 | ---- | M] () -- C:\WINDOWS\system32\devenum.dll
MOD - [2005/12/28 11:11:34 | 000,876,544 | ---- | M] () -- C:\Program Files\Intel\Wireless\Bin\Libeay32.dll
MOD - [2005/12/28 11:11:34 | 000,208,965 | ---- | M] () -- C:\Program Files\Intel\Wireless\Bin\iWMSProv.dll
MOD - [2005/12/28 11:11:34 | 000,053,322 | ---- | M] () -- C:\Program Files\Intel\Wireless\Bin\IntStngs.dll
========== Services (SafeList) ========== SRV - [2014/02/23 15:20:49 | 000,257,920 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2014/02/19 16:56:27 | 000,182,696 | ---- | M] (Oracle Corporation) [Auto | Running] -- C:\Program Files\Java\jre7\bin\jqs.exe -- (JavaQuickStarterService)
SRV - [2014/02/18 21:38:12 | 000,050,344 | ---- | M] (AVAST Software) [Auto | Running] -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe -- (avast! Antivirus)
SRV - [2013/12/06 14:47:20 | 001,229,528 | ---- | M] (Secunia) [Auto | Running] -- C:\Program Files\Secunia\PSI\psia.exe -- (Secunia PSI Agent)
SRV - [2013/12/06 14:47:20 | 000,662,232 | ---- | M] (Secunia) [Auto | Running] -- C:\Program Files\Secunia\PSI\sua.exe -- (Secunia Update Agent)
SRV - [2013/10/23 08:15:08 | 000,172,192 | R--- | M] (Skype Technologies) [Auto | Stopped] -- C:\Program Files\Skype\Updater\Updater.exe -- (SkypeUpdate)
SRV - [2013/10/09 09:58:16 | 003,275,136 | ---- | M] (Skype Technologies S.A.) [Auto | Running] -- C:\Documents and Settings\All Users\Application Data\Skype\Toolbars\Skype C2C Service\c2c_service.exe -- (Skype C2C Service)
SRV - [2013/08/14 15:19:22 | 000,039,056 | ---- | M] () [Auto | Running] -- C:\Program Files\RealNetworks\RealDownloader\rndlresolversvc.exe -- (RealNetworks Downloader Resolver Service)
SRV - [2012/10/22 19:30:32 | 000,116,608 | ---- | M] (SUPERAntiSpyware.com) [Auto | Running] -- C:\Program Files\SUPERAntiSpyware\SASCORE.EXE -- (!SASCORE)
SRV - [2008/02/20 10:42:38 | 000,354,816 | ---- | M] (Nokia.) [On_Demand | Stopped] -- C:\Program Files\Nokia\PC Connectivity Solution\ServiceLayer.exe -- (ServiceLayer)
SRV - [2007/09/05 19:50:37 | 000,217,208 | ---- | M] (Emsi Software GmbH) [Disabled | Stopped] -- c:\Program Files\a-squared Free\a2service.exe -- (a2free)
SRV - [2005/12/28 11:04:56 | 000,262,217 | ---- | M] (Intel(R) Corporation) [Auto | Running] -- C:\Program Files\Intel\Wireless\Bin\WLKEEPER.exe -- (WLANKEEPER)
========== Driver Services (SafeList) ========== DRV - File not found [Kernel | On_Demand | Stopped] -- -- (WDICA)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\wanatw4.sys -- (wanatw)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\LV302V32.SYS -- (PID_PEPI)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\lv302af.sys -- (pepifilter)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDRFRAME)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDRELI)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDFRAME)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDCOMP)
DRV - File not found [Kernel | System | Stopped] -- -- (PCIDump)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\drivers\LVUSBSta.sys -- (LVUSBSta)
DRV - File not found [Kernel | System | Stopped] -- -- (lbrtfdc)
DRV - File not found [Kernel | System | Stopped] -- -- (Changer)
DRV - File not found [Kernel | On_Demand | Stopped] -- System32\Drivers\btwusb.sys -- (BTWUSB)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\btwdndis.sys -- (BTWDNDIS)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\btkrnl.sys -- (BTKRNL)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\btport.sys -- (BTDriver)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\drivers\btaudio.sys -- (btaudio)
DRV - [2014/02/18 22:13:46 | 000,067,824 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\WINDOWS\system32\drivers\aswmonflt.sys -- (aswMonFlt)
DRV - [2014/02/18 21:38:16 | 000,775,952 | ---- | M] (AVAST Software) [File_System | System | Running] -- C:\WINDOWS\system32\drivers\aswSnx.sys -- (aswSnx)
DRV - [2014/02/18 21:38:16 | 000,410,784 | ---- | M] (AVAST Software) [File_System | System | Running] -- C:\WINDOWS\system32\drivers\aswSP.sys -- (aswSP)
DRV - [2014/02/18 21:38:16 | 000,180,248 | ---- | M] () [Kernel | Boot | Running] -- C:\WINDOWS\System32\drivers\aswVmm.sys -- (aswVmm)
DRV - [2014/02/18 21:38:16 | 000,057,672 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\aswTdi.sys -- (aswTdi)
DRV - [2014/02/18 21:38:16 | 000,049,944 | ---- | M] () [Kernel | Boot | Running] -- C:\WINDOWS\System32\drivers\aswRvrt.sys -- (aswRvrt)
DRV - [2014/02/18 21:38:15 | 000,054,832 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\aswRdr.sys -- (aswRdr)
DRV - [2013/12/06 14:47:12 | 000,016,024 | ---- | M] (Secunia) [File_System | On_Demand | Running] -- C:\WINDOWS\system32\drivers\psi_mf_x86.sys -- (PSI)
DRV - [2012/10/22 19:30:24 | 000,067,664 | ---- | M] (SUPERAdBlocker.com and SUPERAntiSpyware.com) [Kernel | System | Running] -- C:\Program Files\SUPERAntiSpyware\SASKUTIL.SYS -- (SASKUTIL)
DRV - [2012/10/22 19:30:21 | 000,012,880 | ---- | M] (SUPERAdBlocker.com and SUPERAntiSpyware.com) [Kernel | System | Running] -- C:\Program Files\SUPERAntiSpyware\SASDIFSV.SYS -- (SASDIFSV)
DRV - [2012/10/22 18:47:33 | 000,012,872 | ---- | M] ( SUPERAdBlocker.com and SUPERAntiSpyware.com) [Kernel | On_Demand | Stopped] -- C:\Program Files\SUPERAntiSpyware\SASENUM.SYS -- (SASENUM)
DRV - [2011/05/10 07:06:14 | 000,018,432 | ---- | M] (Apple Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\netaapl.sys -- (Netaapl)
DRV - [2008/03/07 13:46:38 | 000,101,120 | R--- | M] (Huawei Technologies Co., Ltd.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ewusbmdm.sys -- (hwdatacard)
DRV - [2007/11/29 10:39:52 | 000,008,064 | ---- | M] (Windows (R) Codename Longhorn DDK provider) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\usbser_lowerfltj.sys -- (UsbserFilt)
DRV - [2007/11/29 10:39:42 | 000,016,896 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ccdcmb.sys -- (nmwcd)
DRV - [2007/11/29 10:39:42 | 000,008,064 | ---- | M] (Windows (R) Codename Longhorn DDK provider) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\usbser_lowerflt.sys -- (upperdev)
DRV - [2007/11/29 10:39:40 | 000,019,328 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ccdcmbo.sys -- (nmwcdc)
DRV - [2007/09/17 14:53:26 | 000,021,632 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\pccsmcfd.sys -- (pccsmcfd)
DRV - [2005/12/28 12:22:08 | 000,013,568 | ---- | M] (Intel Corporation) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\s24trans.sys -- (s24trans)
DRV - [2005/12/21 09:14:52 | 000,100,957 | ---- | M] (eMPIA Technology, Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\emDevice.sys -- (DCamUSBEMPIA)
DRV - [2005/12/21 09:14:52 | 000,019,712 | ---- | M] (Pinnacle Systems, Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\emAudio.sys -- (emAudio)
DRV - [2005/12/21 09:14:52 | 000,005,245 | ---- | M] (eMPIA Technology, Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\emFilter.sys -- (FiltUSBEMPIA)
DRV - [2005/12/21 09:14:52 | 000,004,493 | ---- | M] (eMPIA Technology, Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\emScan.sys -- (ScanUSBEMPIA)
DRV - [2005/12/04 15:55:30 | 001,428,096 | ---- | M] (Intel® Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\w39n51.sys -- (w39n51)
DRV - [2005/11/16 20:36:00 | 001,047,816 | ---- | M] (SigmaTel, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\sthda.sys -- (STHDA)
DRV - [2005/10/14 14:40:18 | 000,307,968 | ---- | M] (REDC) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\rixdptsk.sys -- (rismxdp)
DRV - [2005/10/14 14:40:18 | 000,051,328 | ---- | M] (REDC) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\rimsptsk.sys -- (rimsptsk)
DRV - [2005/10/14 14:40:18 | 000,028,544 | ---- | M] (REDC) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\rimmptsk.sys -- (rimmptsk)
DRV - [2005/08/12 15:50:46 | 000,016,128 | ---- | M] (Dell Inc) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\APPDRV.SYS -- (APPDRV)
DRV - [2005/08/05 15:32:16 | 000,045,312 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\bcm4sbxp.sys -- (bcm4sbxp)
DRV - [2005/07/22 02:02:12 | 001,035,008 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\HSF_DPV.sys -- (HSF_DPV)
DRV - [2005/07/22 02:01:08 | 000,201,600 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\HSFHWAZL.sys -- (HSFHWAZL)
DRV - [2005/07/22 02:01:00 | 000,717,952 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\HSF_CNXT.sys -- (winachsf)
DRV - [2005/06/02 18:28:38 | 000,171,008 | ---- | M] (Pinnacle Systems GmbH) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\MarvinBus.sys -- (MarvinBus)
DRV - [2004/02/13 15:46:00 | 000,017,153 | ---- | M] (Dell Inc) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\omci.sys -- (omci)
DRV - [2002/10/15 21:41:06 | 000,102,220 | ---- | M] (Sony Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\sonypvs1.sys -- (sonypvs1)
========== Standard Registry (SafeList) ========== ========== Internet Explorer ========== IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" =
http://search.live.com/results.aspx?q={searchTerms}&src={referrer:source?}
IE - HKLM\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" =
http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,SearchDefaultBranded = 1
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,SearchMigratedDefaultName = Google
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page =
http://www.msn.comIE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache =
http://uk.msn.com/?ocid=iehpIE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = en-gb
IE - HKCU\..\SearchScopes,DefaultScope = {C471B175-EC81-4D09-BB5B-603A2F84B6F3}
IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" =
http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC
IE - HKCU\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" =
http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}&ie={inputEncoding}&oe={outputEncoding}&startIndex={startIndex?}&startPage={startPage}
IE - HKCU\..\SearchScopes\{C471B175-EC81-4D09-BB5B-603A2F84B6F3}: "URL" =
http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7&rlz=1I7GEUA_en
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local
========== FireFox ========== FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\WINDOWS\system32\Adobe\Director\np32dsw_1209149.dll (Adobe Systems, Inc.)
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF - HKLM\Software\MozillaPlugins\@google.com/npPicasa2,version=2.0.0: C:\Program Files\Picasa2\npPicasa2.dll File not found
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.51.2: C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.51.2: C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@pack.google.com/Google Updater;version=14: C:\Program Files\Google\Google Updater\2.4.2432.1652\npCIDetect14.dll (Google)
FF - HKLM\Software\MozillaPlugins\@real.com/nppl3260;version=16.0.3.51: c:\program files\real\realplayer\Netscape6\nppl3260.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprndlchromebrowserrecordext;version=1.3.3: C:\Documents and Settings\All Users\Application Data\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlchromebrowserrecordext.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprndlhtml5videoshim;version=1.3.3: C:\Documents and Settings\All Users\Application Data\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlhtml5videoshim.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprndlpepperflashvideoshim;version=1.3.3: C:\Documents and Settings\All Users\Application Data\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlpepperflashvideoshim.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprpplugin;version=16.0.3.51: c:\program files\real\realplayer\Netscape6\nprpplugin.dll (RealPlayer)
FF - HKLM\Software\MozillaPlugins\@realnetworks.com/npdlplugin;version=1: C:\Documents and Settings\All Users\Application Data\RealNetworks\RealDownloader\BrowserPlugins\npdlplugin.dll (RealDownloader)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.22.5\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.22.5\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@viewpoint.com/VMP: C:\Program Files\Viewpoint\Viewpoint Experience Technology\npViewpoint.dll File not found
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{ABDE892B-13A8-4d1b-88E6-365A6E755758}: C:\Documents and Settings\All Users\Application Data\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext [2014/02/19 20:42:57 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{DF153AFF-6948-45d7-AC98-4FC4AF8A08E2}: C:\Documents and Settings\All Users\Application Data\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext\ [2014/02/19 20:42:57 | 000,000,000 | ---D | M]
[2009/05/28 09:49:36 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\JJ Harte\Application Data\Mozilla\Firefox\extensions
[2009/06/08 19:44:29 | 000,000,000 | ---D | M] ("Ask Toolbar for Firefox") -- C:\Documents and Settings\JJ Harte\Application Data\Mozilla\Firefox\extensions\{E9A1DEE0-C623-4439-8932-001E7D17607D}
[2013/02/12 15:44:35 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\JJ Harte\Application Data\Mozilla\Firefox\Profiles\extensions
[2012/12/13 20:29:00 | 000,199,445 | ---- | M] () (No name found) -- C:\Documents and Settings\JJ Harte\Application Data\Mozilla\Firefox\Profiles\extensions\movie2kdownloader@movie2kdownloader.com.xpi
[2013/02/12 15:46:15 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions
========== Chrome ========== CHR - default_search_provider: AVG Secure Search (Enabled)
CHR - default_search_provider: search_url =
http://isearch.avg.com/search?cid={3D23BFF3-9E9D-403C-9A79-3902510022E7}&mid=3b4292622ee247d194b2d15c8353e45b-c5c47d54f074192a2e8976fd0e6ad5cf9e69a833&lang=en&ds=AVG&pr=fr&d=2011-10-17 17:49:15&v=10.0.0.7&sap=dsp&q={searchTerms}
CHR - default_search_provider: suggest_url =
http://clients5.google.com/complete/search?hl={language}&q={searchTerms}&client=ie8&inputencoding={inputEncoding}&outputencoding={outputEncoding}
CHR - homepage:
http://www.delta-search.com/?affID=1197 ... 130242832eCHR - plugin: Default Plug-in (Enabled) = default_plugin
CHR - Extension: AVG Safe Search = C:\Documents and Settings\JJ Harte\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\jmfkcklnlgedgbglfkkgedjfmejoahla\12.0.0.1829_0\
CHR - Extension: AVG Safe Search = C:\Documents and Settings\JJ Harte\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\jmfkcklnlgedgbglfkkgedjfmejoahla\12.0.0.1901_0\
CHR - Extension: No name found = C:\Documents and Settings\JJ Harte\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl\5.9.0.9216_0\
O1 HOSTS File: ([2004/08/10 04:00:00 | 000,000,734 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (RealNetworks Download and Record Plugin for Internet Explorer) - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Documents and Settings\All Users\Application Data\RealNetworks\RealDownloader\BrowserPlugins\IE\rndlbrowserrecordplugin.dll (RealDownloader)
O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (avast! Online Security) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
O2 - BHO: (Skype Browser Helper) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O2 - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.7.9012.1008\swg.dll (Google Inc.)
O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O3 - HKLM\..\Toolbar: (avast! Online Security) - {CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
O3 - HKLM\..\Toolbar: (no name) - {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - No CLSID value found.
O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {604BC32A-9680-40D1-9AC6-E06B23A1BA4C} - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {A057A204-BACC-4D26-9990-79A187E2698E} - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39} - No CLSID value found.
O4 - HKLM..\Run: [AvastUI.exe] C:\Program Files\AVAST Software\Avast\AvastUI.exe (AVAST Software)
O4 - HKLM..\Run: [Conime] C:\WINDOWS\system32\conime.exe (Microsoft Corporation)
O4 - HKLM..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre7\bin\jusched.exe File not found
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoCDBurning = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: InstallVisualStyle = C:\WINDOWS\Resources\Themes\Royale\Royale.msstyles (Microsoft)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: InstallTheme = C:\WINDOWS\Resources\Themes\Royale.theme ()
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O9 - Extra 'Tools' menuitem : Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - Reg Error: Key error. File not found
O9 - Extra Button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O16 - DPF: {05CA9FB0-3E3E-4B36-BF41-0E3A5CAA8CD8}
http://download.microsoft.com/download/ ... ontrol.cab (Office Genuine Advantage Validation Tool)
O16 - DPF: {0CCA191D-13A6-4E29-B746-314DEE697D83}
http://upload.facebook.com/controls/200 ... oader5.cab (Facebook Photo Uploader 5 Control)
O16 - DPF: {149E45D8-163E-4189-86FC-45022AB2B6C9} file:///C:/Program%20Files/Rocket%20Mania/Images/stg_drm.ocx (SpinTop DRM Control)
O16 - DPF: {215B8138-A3CF-44C5-803F-8226143CFC0A}
http://housecall65.trendmicro.com/house ... hcImpl.cab (Trend Micro ActiveX Scan Agent 6.6)
O16 - DPF: {4ED9DDF0-7479-4BBE-9335-5A1EDB1D8A21}
http://download.mcafee.com/molbin/share ... insctl.cab (Reg Error: Key error.)
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3}
http://www.update.microsoft.com/microso ... 9025315906 (MUWebControl Class)
O16 - DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5}
http://download.eset.com/special/eos/OnlineScanner.cab (OnlineScanner Control)
O16 - DPF: {76392179-60A8-462D-8961-B95C14DAADF4}
https://billcentre.vodafone.co.uk/bpa/c ... engine.cab (PrintEngine ActiveX Control v4.2)
O16 - DPF: {8100D56A-5661-482C-BEE8-AFECE305D968}
http://upload.facebook.com/controls/200 ... ader55.cab (Facebook Photo Uploader 5 Control)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93}
http://java.sun.com/products/plugin/aut ... s-i586.cab (Java Plug-in 10.51.2)
O16 - DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C}
http://fpdownload.macromedia.com/get/fl ... rashim.cab (Reg Error: Key error.)
O16 - DPF: {A90A5822-F108-45AD-8482-9BC8B12DD539}
http://www.crucial.com/controls/cpcScanner.cab (Crucial cpcScan)
O16 - DPF: {C52439A0-2693-4E40-B141-9F9AD5257241}
https://ediagnostics.lexmark.com/serval.cab (Lexmark eDiagnostics Class)
O16 - DPF: {CAFEEFAC-0017-0000-0051-ABCDEFFEDCBA}
http://java.sun.com/products/plugin/aut ... s-i586.cab (Java Plug-in 1.7.0_51)
O16 - DPF: {CC450D71-CC90-424C-8638-1F2DBAC87A54} file:///C:/Program%20Files/Rocket%20Mania/Images/armhelper.ocx (ArmHelper Control)
O16 - DPF: {E008A543-CEFB-4559-912F-C27C2B89F13B}
https://webmail.royalmail.com/dwa7W.cab (Domino Web Access 7 Control)
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7}
http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab (Reg Error: Key error.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.0.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{1219C35A-A8FA-48C6-8DB2-8E7DD1C70E76}: DhcpNameServer = 192.168.0.1
O18 - Protocol\Handler\bwfile-8876480 {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll (Logitech Inc.)
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\WINDOWS\system32\userinit.exe) - C:\WINDOWS\system32\userinit.exe (Microsoft Corporation)
O28 - HKLM ShellExecuteHooks: {56F9679E-7826-4C84-81F3-532071A8BCC5} - C:\Program Files\Windows Desktop Search\MsnlNamespaceMgr.dll (Microsoft Corporation)
O28 - HKLM ShellExecuteHooks: {5AE067D3-9AFB-48E0-853A-EBB7F4A000DA} - C:\Program Files\SUPERAntiSpyware\SASSEH.DLL (SuperAdBlocker.com)
O28 - HKLM ShellExecuteHooks: {88485281-8b4b-4f8d-9ede-82e29a064277} - C:\Program Files\MarkAny\ContentSafer\MACSMANAGER.dll (MarkAny Cooperation.)
O32 - HKLM CDRom: AutoRun - 1
O33 - MountPoints2\{008eba08-4fad-11dc-b029-00038a000015}\Shell - "" = AutoRun
O33 - MountPoints2\{008eba08-4fad-11dc-b029-00038a000015}\Shell\AutoRun - "" = Auto&Play
O33 - MountPoints2\{008eba08-4fad-11dc-b029-00038a000015}\Shell\AutoRun\command - "" = C:\WINDOWS\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL wscript.exe CWU-8A050702B5C.vbs
O33 - MountPoints2\{2309a9e5-c046-11dd-b1da-0015c5b70da8}\Shell - "" = AutoRun
O33 - MountPoints2\{2309a9e5-c046-11dd-b1da-0015c5b70da8}\Shell\AutoRun - "" = Auto&Play
O33 - MountPoints2\{2309a9e5-c046-11dd-b1da-0015c5b70da8}\Shell\AutoRun\command - "" = E:\setup.exe
O33 - MountPoints2\{361ac05d-0e0d-11da-9aa9-806d6172696f}\Shell - "" = AutoRun
O33 - MountPoints2\{361ac05d-0e0d-11da-9aa9-806d6172696f}\Shell\AutoRun - "" = Auto&Play
O33 - MountPoints2\{361ac05d-0e0d-11da-9aa9-806d6172696f}\Shell\AutoRun\command - "" = E:\setup.exe
O33 - MountPoints2\{4852a1b1-35f8-11dd-b14e-0015c5b70da8}\Shell - "" = AutoRun
O33 - MountPoints2\{4852a1b1-35f8-11dd-b14e-0015c5b70da8}\Shell\AutoRun - "" = Auto&Play
O33 - MountPoints2\{4852a1b1-35f8-11dd-b14e-0015c5b70da8}\Shell\AutoRun\command - "" = C:\WINDOWS\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL wscript.exe CWU-8A050702B5C.vbs
O33 - MountPoints2\{926616f4-be22-11dd-b1d8-0015c5b70da8}\Shell - "" = AutoRun
O33 - MountPoints2\{926616f4-be22-11dd-b1d8-0015c5b70da8}\Shell\AutoRun - "" = Auto&Play
O33 - MountPoints2\{926616f4-be22-11dd-b1d8-0015c5b70da8}\Shell\AutoRun\command - "" = E:\setup.exe
O33 - MountPoints2\{979e82f8-bf73-11dd-b1d9-0015c5b70da8}\Shell - "" = AutoRun
O33 - MountPoints2\{979e82f8-bf73-11dd-b1d9-0015c5b70da8}\Shell\AutoRun - "" = Auto&Play
O33 - MountPoints2\{979e82f8-bf73-11dd-b1d9-0015c5b70da8}\Shell\AutoRun\command - "" = E:\setup.exe
O33 - MountPoints2\{979e82f9-bf73-11dd-b1d9-0015c5b70da8}\Shell - "" = AutoRun
O33 - MountPoints2\{979e82f9-bf73-11dd-b1d9-0015c5b70da8}\Shell\AutoRun - "" = Auto&Play
O33 - MountPoints2\{979e82f9-bf73-11dd-b1d9-0015c5b70da8}\Shell\AutoRun\command - "" = E:\setup.exe
O33 - MountPoints2\{aab9157c-be21-11dd-b1d7-0015c5b70da8}\Shell - "" = AutoRun
O33 - MountPoints2\{aab9157c-be21-11dd-b1d7-0015c5b70da8}\Shell\AutoRun - "" = Auto&Play
O33 - MountPoints2\{aab9157c-be21-11dd-b1d7-0015c5b70da8}\Shell\AutoRun\command - "" = E:\setup.exe
O33 - MountPoints2\{d1b282c9-c334-11dc-b0b4-0015c51106b2}\Shell - "" = AutoRun
O33 - MountPoints2\{d1b282c9-c334-11dc-b0b4-0015c51106b2}\Shell\AutoRun - "" = Auto&Play
O33 - MountPoints2\{d1b282c9-c334-11dc-b0b4-0015c51106b2}\Shell\AutoRun\command - "" = F:\LaunchU3.exe -a
O33 - MountPoints2\E\Shell - "" = AutoRun
O33 - MountPoints2\E\Shell\AutoRun - "" = Auto&Play
O33 - MountPoints2\E\Shell\AutoRun\command - "" = E:\setup.exe
O33 - MountPoints2\G\Shell - "" = AutoRun
O33 - MountPoints2\G\Shell\AutoRun - "" = Auto&Play
O33 - MountPoints2\G\Shell\AutoRun\command - "" = G:\setup.exe
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
========== Files/Folders - Created Within 30 Days ========== [2014/02/23 21:12:41 | 000,000,000 | ---D | C] -- C:\WINDOWS\Temp
[2014/02/23 20:59:16 | 000,000,000 | ---D | C] -- C:\zoek_backup
[2014/02/23 20:58:07 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\JJ Harte\Desktop\OTL.exe
[2014/02/19 20:45:06 | 000,000,000 | ---D | C] -- C:\Documents and Settings\JJ Harte\Application Data\RealNetworks
[2014/02/19 20:42:55 | 000,000,000 | ---D | C] -- C:\Program Files\RealNetworks
[2014/02/19 20:42:54 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\RealNetworks
[2014/02/19 20:40:56 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\xing shared
[2014/02/19 20:23:07 | 000,000,000 | R--D | C] -- C:\Documents and Settings\JJ Harte\My Documents\My Videos
[2014/02/19 20:22:42 | 000,688,992 | R--- | C] (Swearware) -- C:\Documents and Settings\JJ Harte\Desktop\dds.scr
[2014/02/19 20:10:01 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\install_clap
[2014/02/19 20:03:10 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\CyberLink
[2014/02/19 19:32:06 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\Adobe
[2014/02/19 17:56:11 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Skype
[2014/02/19 17:56:09 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Skype
[2014/02/19 17:52:54 | 000,000,000 | ---D | C] -- C:\history
[2014/02/19 17:30:04 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\WindowsPowerShell
[2014/02/19 17:30:02 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\winrm
[2014/02/19 17:29:56 | 000,000,000 | -H-D | C] -- C:\WINDOWS\$968930Uinstall_KB968930$
[2014/02/19 17:05:42 | 000,000,000 | ---D | C] -- C:\Malwarebytes
[2014/02/19 17:00:42 | 000,000,000 | ---D | C] -- C:\Documents and Settings\JJ Harte\Application Data\Oracle
[2014/02/19 17:00:02 | 000,000,000 | ---D | C] -- C:\Documents and Settings\JJ Harte\Local Settings\Application Data\Sun
[2014/02/19 16:57:17 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Sun
[2014/02/19 16:56:52 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Java
[2014/02/19 12:48:18 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\iTunes
[2014/02/19 12:46:22 | 000,000,000 | ---D | C] -- C:\Program Files\iPod
[2014/02/19 12:45:22 | 000,000,000 | ---D | C] -- C:\Program Files\iTunes
[2014/02/19 12:45:22 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\188F1432-103A-4ffb-80F1-36B633C5C9E1
[2014/02/19 12:10:40 | 000,000,000 | ---D | C] -- C:\Documents and Settings\JJ Harte\Local Settings\Application Data\Secunia PSI
[2014/02/19 12:10:09 | 000,000,000 | ---D | C] -- C:\Program Files\Secunia
[2014/02/18 22:20:54 | 000,000,000 | ---D | C] -- C:\Documents and Settings\JJ Harte\Application Data\TuneUp Software
[2014/02/18 22:14:57 | 000,000,000 | ---D | C] -- C:\Documents and Settings\JJ Harte\Application Data\AVAST Software
[2014/02/18 22:13:49 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Avast
[2014/02/18 21:38:27 | 000,057,672 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswTdi.sys
[2014/02/18 21:38:25 | 000,775,952 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswSnx.sys
[2014/02/18 21:38:25 | 000,410,784 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswSP.sys
[2014/02/18 21:38:24 | 000,067,824 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswmonflt.sys
[2014/02/18 21:38:23 | 000,054,832 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswRdr.sys
[2014/02/18 21:38:20 | 000,270,240 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\aswBoot.exe
[2014/02/18 21:38:15 | 000,043,152 | ---- | C] (AVAST Software) -- C:\WINDOWS\avastSS.scr
[2014/02/18 21:37:36 | 000,000,000 | ---D | C] -- C:\Program Files\AVAST Software
[2014/02/18 21:36:43 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\AVAST Software
[2014/02/18 19:17:33 | 000,000,000 | ---D | C] -- C:\Program Files\ESET
[2014/02/18 18:53:38 | 000,000,000 | RH-D | C] -- C:\Documents and Settings\JJ Harte\Recent
[2014/02/17 20:34:00 | 000,000,000 | ---D | C] -- C:\Documents and Settings\JJ Harte\My Documents\My Media
[2014/02/17 18:37:22 | 000,000,000 | R--D | C] -- C:\Documents and Settings\JJ Harte\My Documents\My Music
[2014/02/15 20:52:16 | 000,000,000 | R--D | C] -- C:\Documents and Settings\JJ Harte\My Documents\My Pictures
[2014/02/15 20:07:17 | 000,000,000 | ---D | C] -- C:\Documents and Settings\JJ Harte\My Documents\2014
[46 C:\*.tmp files -> C:\*.tmp -> ]
[1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
[1 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
========== Files - Modified Within 30 Days ========== [2014/02/23 21:20:15 | 000,000,830 | ---- | M] () -- C:\WINDOWS\tasks\Adobe Flash Player Updater.job
[2014/02/23 21:13:41 | 000,000,284 | ---- | M] () -- C:\WINDOWS\tasks\RealPlayerRealUpgradeLogonTaskS-1-5-21-683979466-3969323425-3249523656-1005.job
[2014/02/23 21:13:29 | 000,000,292 | ---- | M] () -- C:\WINDOWS\tasks\RealPlayerRealUpgradeScheduledTaskS-1-5-21-683979466-3969323425-3249523656-1005.job
[2014/02/23 21:13:27 | 000,000,368 | -H-- | M] () -- C:\WINDOWS\tasks\avast! Emergency Update.job
[2014/02/23 21:13:06 | 000,002,206 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2014/02/23 21:13:05 | 000,000,882 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
[2014/02/23 21:12:54 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2014/02/23 21:12:00 | 000,000,886 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
[2014/02/23 20:59:15 | 000,024,064 | ---- | M] () -- C:\WINDOWS\zoek-delete.exe
[2014/02/23 20:58:08 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\JJ Harte\Desktop\OTL.exe
[2014/02/23 20:57:16 | 001,284,608 | ---- | M] () -- C:\Documents and Settings\JJ Harte\Desktop\zoek.exe
[2014/02/23 15:15:17 | 000,000,428 | -H-- | M] () -- C:\WINDOWS\tasks\User_Feed_Synchronization-{8FDA62CA-FC67-4752-87DC-C5830AA731C3}.job
[2014/02/19 20:38:27 | 000,272,896 | ---- | M] (Progressive Networks) -- C:\WINDOWS\System32\pncrt.dll
[2014/02/19 20:22:59 | 000,688,992 | R--- | M] (Swearware) -- C:\Documents and Settings\JJ Harte\Desktop\dds.scr
[2014/02/19 19:38:06 | 000,000,284 | ---- | M] () -- C:\WINDOWS\tasks\AppleSoftwareUpdate.job
[2014/02/19 17:56:11 | 000,001,878 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Skype.lnk
[2014/02/19 17:37:22 | 000,001,374 | ---- | M] () -- C:\WINDOWS\imsins.BAK
[2014/02/19 12:48:19 | 000,001,542 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\iTunes.lnk
[2014/02/18 22:13:49 | 000,001,733 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\avast! Free Antivirus.lnk
[2014/02/18 22:13:46 | 000,067,824 | ---- | M] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswmonflt.sys
[2014/02/18 21:38:16 | 000,775,952 | ---- | M] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswSnx.sys
[2014/02/18 21:38:16 | 000,410,784 | ---- | M] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswSP.sys
[2014/02/18 21:38:16 | 000,180,248 | ---- | M] () -- C:\WINDOWS\System32\drivers\aswVmm.sys
[2014/02/18 21:38:16 | 000,057,672 | ---- | M] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswTdi.sys
[2014/02/18 21:38:16 | 000,049,944 | ---- | M] () -- C:\WINDOWS\System32\drivers\aswRvrt.sys
[2014/02/18 21:38:15 | 000,270,240 | ---- | M] (AVAST Software) -- C:\WINDOWS\System32\aswBoot.exe
[2014/02/18 21:38:15 | 000,054,832 | ---- | M] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswRdr.sys
[2014/02/18 21:38:15 | 000,043,152 | ---- | M] (AVAST Software) -- C:\WINDOWS\avastSS.scr
[2014/02/18 19:37:59 | 000,000,209 | RHS- | M] () -- C:\boot.ini
[2014/02/18 19:08:45 | 000,243,090 | ---- | M] () -- C:\Documents and Settings\JJ Harte\My Documents\cc_20140218_190809 REGISTRY BACKUP 17 FEB 2014.reg
[2014/02/18 19:04:54 | 000,000,292 | ---- | M] () -- C:\WINDOWS\tasks\RealUpgradeScheduledTaskS-1-5-21-683979466-3969323425-3249523656-1005.job
[2014/02/18 19:04:50 | 000,000,284 | ---- | M] () -- C:\WINDOWS\tasks\RealUpgradeLogonTaskS-1-5-21-683979466-3969323425-3249523656-1005.job
[2014/02/18 19:04:37 | 000,000,314 | ---- | M] () -- C:\WINDOWS\tasks\RealDownloaderRealUpgradeScheduledTaskS-1-5-21-683979466-3969323425-3249523656-1005.job
[2014/02/18 19:04:34 | 000,000,306 | ---- | M] () -- C:\WINDOWS\tasks\RealDownloaderRealUpgradeLogonTaskS-1-5-21-683979466-3969323425-3249523656-1005.job
[2014/02/18 19:04:30 | 000,000,332 | ---- | M] () -- C:\WINDOWS\tasks\RealDownloaderDownloaderScheduledTaskS-1-5-21-683979466-3969323425-3249523656-1005.job
[2014/02/18 18:51:38 | 000,000,682 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\CCleaner.lnk
[2014/02/18 18:48:10 | 000,001,632 | ---- | M] () -- C:\Documents and Settings\JJ Harte\Desktop\Update Checker.lnk
[2014/02/16 00:41:15 | 000,464,292 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
[2014/02/16 00:41:15 | 000,079,568 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
[2014/02/15 20:38:27 | 000,050,710 | ---- | M] () -- C:\Documents and Settings\JJ Harte\Application Data\wklnhst.dat
[46 C:\*.tmp files -> C:\*.tmp -> ]
[1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
[1 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
========== Files Created - No Company Name ========== [2014/02/23 21:12:42 | 000,024,064 | ---- | C] () -- C:\WINDOWS\zoek-delete.exe
[2014/02/23 20:57:14 | 001,284,608 | ---- | C] () -- C:\Documents and Settings\JJ Harte\Desktop\zoek.exe
[2014/02/19 17:56:11 | 000,001,878 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Skype.lnk
[2014/02/19 17:31:10 | 000,001,374 | ---- | C] () -- C:\WINDOWS\imsins.BAK
[2014/02/19 17:26:06 | 000,225,262 | ---- | C] () -- C:\WINDOWS\System32\dllcache\msimain.sdb
[2014/02/19 12:48:19 | 000,001,542 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\iTunes.lnk
[2014/02/19 12:10:22 | 000,000,716 | ---- | C] () -- C:\Documents and Settings\All Users\Start Menu\Programs\Secunia PSI.lnk
[2014/02/18 22:13:49 | 000,001,733 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\avast! Free Antivirus.lnk
[2014/02/18 22:13:22 | 000,000,368 | -H-- | C] () -- C:\WINDOWS\tasks\avast! Emergency Update.job
[2014/02/18 21:38:26 | 000,180,248 | ---- | C] () -- C:\WINDOWS\System32\drivers\aswVmm.sys
[2014/02/18 21:38:24 | 000,049,944 | ---- | C] () -- C:\WINDOWS\System32\drivers\aswRvrt.sys
[2014/02/18 19:08:39 | 000,243,090 | ---- | C] () -- C:\Documents and Settings\JJ Harte\My Documents\cc_20140218_190809 REGISTRY BACKUP 17 FEB 2014.reg
[2014/02/18 18:48:10 | 000,001,632 | ---- | C] () -- C:\Documents and Settings\JJ Harte\Desktop\Update Checker.lnk
[2012/03/22 20:56:47 | 000,000,664 | ---- | C] () -- C:\WINDOWS\System32\d3d9caps.dat
[2008/11/11 07:53:37 | 000,002,290 | ---- | C] () -- C:\Documents and Settings\JJ Harte\.recently-used.xbel
[2008/08/29 10:16:43 | 000,000,036 | ---- | C] () -- C:\Documents and Settings\JJ Harte\.gtk-bookmarks
[2008/03/07 16:43:56 | 000,084,734 | R--- | C] () -- C:\Documents and Settings\All Users\Application Data\DeviceManager.xml.rc4
[2008/03/07 13:47:30 | 000,020,270 | ---- | C] () -- C:\Documents and Settings\All Users\Application Data\DeviceInstaller.xml
[2007/07/31 09:02:09 | 000,206,970 | ---- | C] () -- C:\Documents and Settings\JJ Harte\Application Data\NMM-MetaData.db
[2006/10/13 04:12:15 | 000,000,251 | ---- | C] () -- C:\Program Files\wt3d.ini
[2006/05/16 11:32:33 | 000,116,736 | ---- | C] () -- C:\Documents and Settings\JJ Harte\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2006/05/16 06:56:20 | 000,050,710 | ---- | C] () -- C:\Documents and Settings\JJ Harte\Application Data\wklnhst.dat
[2006/05/16 06:46:40 | 000,000,131 | ---- | C] () -- C:\Documents and Settings\JJ Harte\Local Settings\Application Data\fusioncache.dat
[2006/04/26 07:34:33 | 000,000,004 | -H-- | C] () -- C:\Documents and Settings\All Users\Application Data\QSLLPSVCShare
========== ZeroAccess Check ========== [2005/08/16 03:39:16 | 000,000,227 | RHS- | M] () -- C:\WINDOWS\assembly\Desktop.ini
[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shdocvw.dll -- [2009/01/07 17:20:52 | 001,497,088 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = C:\WINDOWS\system32\wbem\fastprox.dll -- [2009/02/09 12:10:48 | 000,473,600 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
"" = C:\WINDOWS\system32\wbem\wbemess.dll -- [2008/04/14 00:12:08 | 000,273,920 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both
========== LOP Check ========== [2014/02/19 12:48:05 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\188F1432-103A-4ffb-80F1-36B633C5C9E1
[2012/01/21 18:04:45 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Avanquest Software Publishing Ltd
[2014/02/18 21:36:51 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\AVAST Software
[2014/02/18 22:29:15 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\AVG2012
[2011/03/13 21:04:54 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Application Data\CanonIJScan
[2008/10/03 10:41:09 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Citrix
[2011/10/17 16:49:06 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Application Data\Common Files
[2005/08/16 19:54:52 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\DIGStream
[2007/07/31 06:37:25 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Downloaded Installations
[2014/01/06 19:05:11 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Driving Test Success
[2007/07/31 06:34:26 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Installations
[2014/02/19 20:10:28 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\install_clap
[2014/02/18 18:50:20 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\kds_kodak
[2014/02/18 22:22:51 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\MFAData
[2007/07/31 08:34:21 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Nokia
[2006/05/16 11:14:17 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\OLYMPUS
[2007/07/31 06:42:52 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\PC Suite
[2008/05/06 06:13:01 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Pinnacle
[2014/02/19 20:10:15 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\TEMP
[2011/04/13 14:44:23 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Vodafone
[2011/09/20 08:23:01 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\{429CAD59-35B1-4DBC-BB6D-1DB246563521}
[2008/01/24 05:34:09 | 000,000,000 | ---D | M] -- C:\Documents and Settings\JJ Harte\Application Data\AA Pass Your Test
[2014/02/18 22:14:57 | 000,000,000 | ---D | M] -- C:\Documents and Settings\JJ Harte\Application Data\AVAST Software
[2008/11/29 14:21:27 | 000,000,000 | ---D | M] -- C:\Documents and Settings\JJ Harte\Application Data\Bytemobile
[2011/03/14 18:26:17 | 000,000,000 | ---D | M] -- C:\Documents and Settings\JJ Harte\Application Data\Canon
[2008/09/14 15:42:55 | 000,000,000 | ---D | M] -- C:\Documents and Settings\JJ Harte\Application Data\DataCast
[2007/02/11 20:19:58 | 000,000,000 | ---D | M] -- C:\Documents and Settings\JJ Harte\Application Data\DataLayer
[2008/08/29 10:17:30 | 000,000,000 | ---D | M] -- C:\Documents and Settings\JJ Harte\Application Data\gtk-2.0
[2006/05/16 11:59:04 | 000,000,000 | ---D | M] -- C:\Documents and Settings\JJ Harte\Application Data\Leadertech
[2009/08/26 11:15:08 | 000,000,000 | ---D | M] -- C:\Documents and Settings\JJ Harte\Application Data\Nokia
[2011/04/17 13:29:20 | 000,000,000 | ---D | M] -- C:\Documents and Settings\JJ Harte\Application Data\Nokia Multimedia Player
[2014/02/19 17:00:42 | 000,000,000 | ---D | M] -- C:\Documents and Settings\JJ Harte\Application Data\Oracle
[2009/04/06 07:05:06 | 000,000,000 | ---D | M] -- C:\Documents and Settings\JJ Harte\Application Data\PC Suite
[2008/03/07 09:19:27 | 000,000,000 | ---D | M] -- C:\Documents and Settings\JJ Harte\Application Data\SpinTop
[2008/11/27 13:16:27 | 000,000,000 | ---D | M] -- C:\Documents and Settings\JJ Harte\Application Data\Template
[2014/02/18 22:20:54 | 000,000,000 | ---D | M] -- C:\Documents and Settings\JJ Harte\Application Data\TuneUp Software
[2009/06/08 19:44:28 | 000,000,000 | ---D | M] -- C:\Documents and Settings\JJ Harte\Application Data\uTorrent
[2008/11/29 14:25:06 | 000,000,000 | ---D | M] -- C:\Documents and Settings\JJ Harte\Application Data\Vodafone
[2009/06/08 20:06:46 | 000,000,000 | ---D | M] -- C:\Documents and Settings\JJ Harte\Application Data\Windows Desktop Search
[2009/06/11 10:11:16 | 000,000,000 | ---D | M] -- C:\Documents and Settings\JJ Harte\Application Data\Windows Search
========== Purity Check ========== ========== Alternate Data Streams ========== @Alternate Data Stream - 117 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:2B812916
@Alternate Data Stream - 113 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:45474B93
< End of report >
OTL Extras logfile created on: 23/02/2014 21:18:46 - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Documents and Settings\JJ Harte\Desktop
Windows XP Media Center Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000809 | Country: United Kingdom | Language: ENG | Date Format: dd/MM/yyyy
1.99 Gb Total Physical Memory | 1.37 Gb Available Physical Memory | 68.68% Memory free
3.32 Gb Paging File | 2.84 Gb Available in Paging File | 85.66% Paging File free
Paging file location(s): C:\pagefile.sys 1512 3057 [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 68.40 Gb Total Space | 36.81 Gb Free Space | 53.82% Space Free | Partition Type: NTFS
Computer Name: SEAMUS | User Name: JJ Harte | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days
========== Extra Registry (SafeList) ========== ========== File Associations ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
========== Shell Spawning ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
exefile [open] -- "%1" %*
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
========== Security Center Settings ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"FirstRunDisabled" = 1
"UpdatesDisableNotify" = 0
"AntiVirusDisableNotify" = 0
"FirewallDisableNotify" = 0
"AntiVirusOverride" = 0
"FirewallOverride" = 0
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall]
========== System Restore Settings ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Sr]
"Start" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SrService]
"Start" = 2
========== Firewall Settings ========== [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1
"DoNotAllowExceptions" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
"1900:UDP" = 1900:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22007
"86:TCP" = 86:TCP:*:Enabled:BroadCam Video Streaming Server Web Server
"1935:TCP" = 1935:TCP:*:Enabled:BroadCam Video Streaming Server Flash Video Server
"5985:TCP" = 5985:TCP:*:Disabled:Windows Remote Management
"80:TCP" = 80:TCP:*:Disabled:Windows Remote Management - Compatibility Mode (HTTP-In)
========== Authorized Applications List ========== [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
"%windir%\system32\sessmgr.exe" = %windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019 -- (Microsoft Corporation)
"C:\Program Files\Common Files\AOL\ACS\AOLDial.exe" = C:\Program Files\Common Files\AOL\ACS\AOLDial.exe:*:Enabled:AOL
"C:\Program Files\Common Files\AOL\ACS\AOLacsd.exe" = C:\Program Files\Common Files\AOL\ACS\AOLacsd.exe:*:Enabled:AOL
"C:\Program Files\AOL 9.0\waol.exe" = C:\Program Files\AOL 9.0\waol.exe:*:Enabled:AOL 9.0
"%windir%\Network Diagnostic\xpnetdiag.exe" = %windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000 -- (Microsoft Corporation)
"C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe" = C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe:*:Enabled:Logitech Desktop Messenger -- (Logitech Inc.)
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"%windir%\system32\sessmgr.exe" = %windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019 -- (Microsoft Corporation)
"C:\Program Files\Common Files\AOL\ACS\AOLDial.exe" = C:\Program Files\Common Files\AOL\ACS\AOLDial.exe:*:Enabled:AOL
"C:\Program Files\Common Files\AOL\ACS\AOLacsd.exe" = C:\Program Files\Common Files\AOL\ACS\AOLacsd.exe:*:Enabled:AOL
"C:\Program Files\AOL 9.0\waol.exe" = C:\Program Files\AOL 9.0\waol.exe:*:Enabled:AOL 9.0
"C:\Program Files\Messenger\msmsgs.exe" = C:\Program Files\Messenger\msmsgs.exe:*:Enabled:Windows Messenger -- (Microsoft Corporation)
"C:\Program Files\Grisoft\AVG Free\avginet.exe" = C:\Program Files\Grisoft\AVG Free\avginet.exe:*:Enabled:avginet.exe
"C:\Program Files\Real\RealPlayer\realplay.exe" = C:\Program Files\Real\RealPlayer\realplay.exe:*:Disabled:RealPlayer -- (RealNetworks, Inc.)
"C:\Program Files\Grisoft\AVG Free\avgamsvr.exe" = C:\Program Files\Grisoft\AVG Free\avgamsvr.exe:*:Enabled:avgamsvr.exe
"C:\Program Files\Grisoft\AVG Free\avgcc.exe" = C:\Program Files\Grisoft\AVG Free\avgcc.exe:*:Enabled:avgcc.exe
"%windir%\Network Diagnostic\xpnetdiag.exe" = %windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000 -- (Microsoft Corporation)
"C:\Program Files\Nokia\Nokia Software Updater\nsu_ui_client.exe" = C:\Program Files\Nokia\Nokia Software Updater\nsu_ui_client.exe:*:Enabled:Nokia Software Updater -- (Nokia Corporation)
"C:\Program Files\Common Files\Nokia\Service Layer\A\nsl_host_process.exe" = C:\Program Files\Common Files\Nokia\Service Layer\A\nsl_host_process.exe:*:Enabled:Nokia Service Layer Host Process -- (Nokia Corporation)
"C:\Documents and Settings\JJ Harte\Application Data\U3\00002B7061F2208C\0DE4F643-C398-46ec-9339-2362F2311932\Exec\Skype.exe" = C:\Documents and Settings\JJ Harte\Application Data\U3\00002B7061F2208C\0DE4F643-C398-46ec-9339-2362F2311932\Exec\Skype.exe:*:Enabled:Skype
"C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe" = C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe:*:Enabled:Logitech Desktop Messenger -- (Logitech Inc.)
"C:\Program Files\Internet Explorer\iexplore.exe" = C:\Program Files\Internet Explorer\iexplore.exe:*:Enabled:Internet Explorer -- (Microsoft Corporation)
"C:\WINDOWS\system32\muzapp.exe" = C:\WINDOWS\system32\muzapp.exe:*:Enabled:MUZ AOD APP player -- (Musiccity Co.Ltd.)
"C:\Program Files\Foxit Software\PDF Editor\PDFEdit.exe" = C:\Program Files\Foxit Software\PDF Editor\PDFEdit.exe:*:Enabled:Foxit PDF Editor, the first REAL editor for PDF files! -- (Foxit Software Company)
"C:\Program Files\Spotify\spotify.exe" = C:\Program Files\Spotify\spotify.exe:*:Enabled:Spotify
"C:\Program Files\AVG\AVG2012\avgmfapx.exe" = C:\Program Files\AVG\AVG2012\avgmfapx.exe:*:Enabled:AVG Installer
"C:\Program Files\Bonjour\mDNSResponder.exe" = C:\Program Files\Bonjour\mDNSResponder.exe:*:Enabled:Bonjour Service -- (Apple Inc.)
"C:\Program Files\iTunes\iTunes.exe" = C:\Program Files\iTunes\iTunes.exe:*:Enabled:iTunes -- (Apple Inc.)
"C:\Program Files\Skype\Phone\Skype.exe" = C:\Program Files\Skype\Phone\Skype.exe:*:Enabled:Skype -- (Skype Technologies S.A.)
========== HKEY_LOCAL_MACHINE Uninstall List ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{00040409-78E1-11D2-B60F-006097C998E7}" = Microsoft Office 2000 Disc 2
"{03528A01-7E5E-4C5F-94DF-1D8012E969EF}" = Nokia Map Loader
"{06BE8AFD-A8E2-4B63-BAE7-287016D16ACB}" = mSSO
"{075473F5-846A-448B-BCB3-104AA1760205}" = Sonic RecordNow Data
"{0E2B0B41-7E08-4F9F-B21F-41C4133F43B7}" = mLogView
"{0E94871C-623C-464F-A117-B8474BFF84E1}" = Nokia MTP driver
"{10E3A6DD-84D8-4D8A-BB11-5E5314BCA7FD}" = Apple Mobile Device Support
"{17E3A651-12B9-4149-BAE8-E6FB9A5ADC4F}" = Microsoft Works Suite Add-in for Microsoft Word
"{18455581-E099-4BA8-BC6B-F34B2F06600C}" = Google Toolbar for Internet Explorer
"{18D10072035C4515918F7E37EAFAACFC}" = AutoUpdate
"{196467F1-C11F-4F76-858B-5812ADC83B94}" = MSXML 4.0 SP3 Parser
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{1F528948-0E80-4C96-B455-DE4167CB1DF7}" = Internal Network Card Power Management
"{21657574-BD54-48A2-9450-EB03B2C7FC29}" = Sonic MyDVD LE
"{2318C2B1-4965-11d4-9B18-009027A5CD4F}" = Google Toolbar for Internet Explorer
"{23FB368F-1399-4EAC-817C-4B83ECBE3D83}" = mProSafe
"{26A24AE4-039D-4CA4-87B4-2F83217051FF}" = Java 7 Update 51
"{26E1BFB0-E87E-4696-9F89-B467F01F81E5}" = Broadcom Management Programs
"{28C2DED6-325B-4CC7-983A-1777C8F7FBAB}" = RealUpgrade 1.1
"{2D21ECE3-8EC1-4315-AE4E-1970FB3AF17A}" = Nokia Nseries Video Manager
"{2FA28330-2028-4033-BD10-425C87EB4D54}" = Nokia Software Updater
"{30465B6C-B53F-49A1-9EBA-A3F187AD502E}" = Sonic Update Manager
"{309A4810-C1A1-4BAC-888A-5BB93BC707F4}" = Nokia NSeries One Touch Access
"{350C97B0-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP
"{37D33EA0-A902-4925-8081-9AF88CB86EE1}" = Nokia NSeries Content Copier
"{3E9D596A-61D4-4239-BD19-2DB984D2A16F}" = mIWA
"{3F92ABBB-6BBF-11D5-B229-002078017FBF}" = NetWaiting
"{420C7754-7758-49F5-807A-A3F9F2790704}" = OfficeReady Software for KODAK ESP Office All-in-One Printers
"{49D687E5-6784-431B-A0A2-2F23B8CC5A1B}" = mHlpDell
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4B6E7269-2948-4E5B-9C82-3B4803AEDD37}" = Nokia NSeries Application Installer
"{4D2A6330-2F8B-11E3-9C40-B8AC6F97B88E}" = Google Earth
"{4E76FF7E-AEBA-4C87-B788-CD47E5425B9D}" = Skype™ 6.11
"{4F1DCA42-2030-437C-A94E-736692A499C1}" = Nokia Connectivity Cable Driver
"{50DECEE8-63A6-4EE0-8EDD-655A01B16D28}" = OfficeReadyToolBarSetup
"{5C29CB8B-AC1E-4114-8D68-9CD080140D4A}" = Sony USB Driver
"{5D95AD35-368F-47D5-B63A-A082DDF00116}" = Microsoft Digital Image 2006 Standard Edition Editor
"{612C34C7-5E90-47D8-9B5C-0F717DD82726}" = swMSM
"{616445AF-BBCF-41C1-A4D6-8CFF171C182D}" = iTunes
"{63DB9CCD-2B56-4217-9A3D-507AC78320CA}" = mWMI
"{649CB8E9-4A54-409C-B0D8-7D6865329D26}" = Nokia Download!
"{6811CAA0-BF12-11D4-9EA1-0050BAE317E1}" = PowerDVD 5.7
"{691F4068-81BF-49E3-B32E-FE3E16400112}" = Microsoft Digital Image 2006 Standard Edition Library
"{6D52C408-B09A-4520-9B18-475B81D393F1}" = Microsoft Works
"{710BF966-43C8-4216-A8EC-BC4E169FF7C1}" = MobileMe Control Panel
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{74F7662C-B1DB-489E-A8AC-07A06B24978B}" = Dell System Restore
"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
"{7770E71B-2D43-4800-9CB3-5B6CAAEBEBEA}" = RealNetworks - Microsoft Visual C++ 2008 Runtime
"{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}" = Apple Software Update
"{79155F2B-9895-49D7-8612-D92580E0DE5B}" = Bonjour
"{7B63B2922B174135AFC0E1377DD81EC2}" = DivX
"{7F142D56-3326-11D5-B229-002078017FBF}" = Modem Helper
"{83ED1E80-A1B7-4236-BCF1-AC4A88151A6B}" = Microsoft AutoRoute 2006
"{86D6A20D-3910-4441-A3E5-EB6977251C86}" = Samsung USB Driver
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8A708DD8-A5E6-11D4-A706-000629E95E20}" = Intel(R) Graphics Media Accelerator Driver
"{8B928BA1-EDEC-4227-A2DA-DD83026C36F5}" = mPfMgr
"{900B1197-53F5-4F46-A882-2CFFFE2EEDCB}" = Logitech Desktop Messenger
"{90120000-0010-0409-0000-0000000FF1CE}" = Microsoft Software Update for Web Folders (English) 12
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-0409-0000-0000000FF1CE}_VISPROR_{1FF96026-A04A-4C3E-B50A-BB7022654D0F}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2007
"{90120000-001F-040C-0000-0000000FF1CE}_VISPROR_{71F055E8-E2C6-4214-BB3D-BFE03561B89E}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-0C0A-0000-0000000FF1CE}" = Microsoft Office Proof (Spanish) 2007
"{90120000-001F-0C0A-0000-0000000FF1CE}_VISPROR_{2314F9A1-126F-45CC-8A5E-DFAF866F3FBC}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-0020-0409-0000-0000000FF1CE}" = Compatibility Pack for the 2007 Office system
"{90120000-002C-0409-0000-0000000FF1CE}" = Microsoft Office Proofing (English) 2007
"{90120000-0054-0409-0000-0000000FF1CE}" = Microsoft Office Visio MUI (English) 2007
"{90120000-0054-0409-0000-0000000FF1CE}_VISPROR_{7DA87C7E-E8A7-473E-ADFF-1B6BECCCADA7}" = Microsoft Office Visio 2007 Service Pack 3 (SP3)
"{90120000-006E-0409-0000-0000000FF1CE}" = Microsoft Office Shared MUI (English) 2007
"{90120000-006E-0409-0000-0000000FF1CE}_VISPROR_{98333358-268C-4164-B6D4-C96DF5153727}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0115-0409-0000-0000000FF1CE}" = Microsoft Office Shared Setup Metadata MUI (English) 2007
"{90120000-0115-0409-0000-0000000FF1CE}_VISPROR_{98333358-268C-4164-B6D4-C96DF5153727}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90280409-6000-11D3-8CFE-0050048383C9}" = Microsoft Office XP Professional with FrontPage
"{90B0D222-8C21-4B35-9262-53B042F18AF9}" = mPfWiz
"{91120000-0051-0000-0000-0000000FF1CE}" = Microsoft Office Visio Professional 2007
"{91120000-0051-0000-0000-0000000FF1CE}_VISPROR_{CE144BF4-4950-4CDB-A5F7-CCE1888F49CB}" = Microsoft Office Visio 2007 Service Pack 3 (SP3)
"{911B0409-6000-11D3-8CFE-0050048383C9}" = Microsoft Word 2002
"{94658027-9F16-4509-BBD7-A59FE57C3023}" = mZConfig
"{95120000-011B-0409-0000-0000000FF1CE}" = Microsoft Office Outlook Connector
"{97007EE6-18FB-444D-B636-FBD8BB802350}" = PC Connectivity Solution
"{9941F0AA-B903-4AF4-A055-83A9815CC011}" = Sonic Encoders
"{9BB873FA-4907-4BF5-829D-8C18BD68F3A5}" = Nokia Nseries PC Suite
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{9CC89556-3578-48DD-8408-04E66EBEF401}" = mXML
"{9F7FC79B-3059-4264-9450-39EB368E3225}" = Microsoft Digital Image Library 9 - Blocker
"{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}" = Microsoft .NET Framework 3.0 Service Pack 2
"{A4E0CA0F-1903-440A-9B98-FEA6CB049999}" = Nokia Flashing Cable Driver
"{A922C4B7-50E0-4787-A94C-59DBF3C65DBE}" = Apple Application Support
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{A982E6CC-9F0D-4948-9B18-BDFD55DE4A72}" = Nokia PC Suite
"{AAECF7BA-E83B-4A10-87EA-DE0B333F8734}" = RealNetworks - Microsoft Visual C++ 2010 Runtime
"{AB708C9B-97C8-4AC9-899B-DBF226AC9382}" = Sonic Audio module
"{B12665F4-4E93-4AB4-B7FC-37053B524629}" = Sonic RecordNow Copy
"{B67BAFBA-4C9F-48FA-9496-933E3B255044}" = QuickTime
"{B6CF2967-C81E-40C0-9815-C05774FEF120}" = Skype Click to Call
"{B9966F27-9678-4620-9579-925E3084647E}" = Microsoft Works
"{BAF78226-3200-4DB4-BE33-4D922A799840}" = Windows Presentation Foundation
"{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}" = Microsoft .NET Framework 2.0 Service Pack 2
"{C20CE592-B0F8-4D20-BF31-0151CA6331A6}" = Samsung Media Studio
"{C5074CC4-0E26-4716-A307-960272A90040}" = QuickSet
"{C779648B-410E-4BBA-B75B-5815BCEFE71D}" = Safari
"{C8E8D2E3-EF6A-4B1D-A09E-7B27EBE2F3CE}" = RealDownloader
"{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}" = Microsoft .NET Framework 1.1
"{CD64CA10-B597-4C84-869F-1903013E3697}" = Nokia Photos
"{CDDCBBF1-2703-46BC-938B-BCC81A1EEAAA}" = SUPERAntiSpyware Free Edition
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{CF3BAA39-989D-4EC4-9224-44D578494B5B}" = Nokia NSeries System Utilities
"{D2988E9B-C73F-422C-AD4B-A66EBE257120}" = MCU
"{DE1AF137-C455-494A-A817-EFE44BCCFDEE}" = Works Upgrade
"{E646DCF0-5A68-11D5-B229-002078017FBF}" = Digital Line Detect
"{E81667C6-2856-46D6-ABEA-6A2F42166779}" = mCore
"{EE565795-2776-415A-B31C-EB3A8D7C6FA4}" = Nokia Lifeblog 2.1
"{EF781A5C-58F5-4BFD-87F9-E4F14D382F25}" = Pinnacle Instant DVD Recorder
"{F0BFC7EF-9CF8-44EE-91B0-158884CD87C5}" = mMHouse
"{F6090A17-0967-4A8A-B3C3-422A1B514D49}" = mDrWiFi
"{F7C0163D-9CD8-4F5F-BAC8-3E45A0000AFF}" = Vodafone Mobile Connect
"{FCA651F3-5BDA-4DDA-9E4A-5D87D6914CC4}" = mWlsSafe
"0C5EDC3653FED5B121F464339EAC12534D253B25" = Windows Driver Package - Nokia Modem (02/15/2007 3.1)
"3A5DEFA413DDE699DBA6EBE0A63534ACA524D30F" = Windows Driver Package - Nokia pccsmcfd (10/12/2007 6.85.4.0)
"Adobe Flash Player ActiveX" = Adobe Flash Player 13 ActiveX
"Adobe Shockwave Player" = Adobe Shockwave Player 12.0
"Audacity_is1" = Audacity 1.2.4
"Avast" = avast! Free Antivirus
"B726756F5B5A5AA9D798B399386FC6205A45F19E" = Windows Driver Package - Nokia Modem (02/15/2007 3.1)
"BroadCam" = BroadCam Video Streaming Server
"CCleaner" = CCleaner
"CD8424B9400BFF7D34AA18F816C71322AC4BDAA7" = Windows Driver Package - Nokia Modem (05/24/2007 6.84.0.1)
"CNXT_MODEM_HDAUDIO_VEN_14F1&DEV_2BFA&SUBSYS_14F100C3" = Conexant HDA D110 MDC V.92 Modem
"Duplicate File Finder_is1" = Duplicate File Finder 1.1.0.0
"EmeraldQFE2" = Windows Media Player 10 Hotfix [See EmeraldQFE2 for more information]
"ESET Online Scanner" = ESET Online Scanner v3
"ESPNMotion" = ESPNMotion
"filehippo.com" = FileHippo.com Update Checker
"Foxit PDF Editor" = Foxit PDF Editor
"Google Updater" = Google Updater
"IDNMitigationAPIs" = Microsoft Internationalized Domain Names Mitigation APIs
"ie7" = Windows Internet Explorer 7
"ie8" = Windows Internet Explorer 8
"Macromedia Shockwave Player" = Macromedia Shockwave Player
"Malwarebytes' Anti-Malware_is1" = Malwarebytes Anti-Malware version 1.75.0.1300
"Microsoft .NET Framework 1.1 (1033)" = Microsoft .NET Framework 1.1
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"MP Navigator EX 2.0" = Canon MP Navigator EX 2.0
"MSCompPackV1" = Microsoft Compression Client Pack 1.0 for Windows XP
"NLSDownlevelMapping" = Microsoft National Language Support Downlevel APIs
"Nokia NSeries Application Installer" = Nokia NSeries Application Installer 6.84.2114
"Nokia NSeries Content Copier" = Nokia NSeries Content Copier 6.84.2114
"Nokia NSeries One Touch Access" = Nokia NSeries One Touch Access 6.84.2114
"Nokia NSeries System Utilities" = Nokia NSeries System Utilities 6.84.2114
"Nokia PC Suite" = Nokia PC Suite
"PictureItPrem_v11" = Microsoft Digital Image 2006 Standard Edition
"Prism" = Prism Video File Converter
"ProInst" = Intel(R) PROSet/Wireless Software
"RealPlayer 16.0" = RealPlayer
"Secunia PSI" = Secunia PSI (3.0.0.9016)
"ST6UNST #1" = Audio Converter
"SynTPDeinstKey" = Synaptics Pointing Device Driver
"VideoPad" = VideoPad Video Editor
"ViewpointMediaPlayer" = Viewpoint Media Player
"VISPROR" = Microsoft Office Visio Professional 2007 Trial
"Wanadoo" = Wanadoo UK
"Wdf01005" = Microsoft Kernel-Mode Driver Framework Feature Pack 1.5
"Wdf01009" = Microsoft Kernel-Mode Driver Framework Feature Pack 1.9
"WIC" = Windows Imaging Component
"Windows Media Format Runtime" = Windows Media Format 11 runtime
"Windows Media Player" = Windows Media Player 11
"Windows XP Service Pack" = Windows XP Service Pack 3
"WinRAR archiver" = WinRAR archiver
"WMFDist11" = Windows Media Format 11 runtime
"wmp11" = Windows Media Player 11
"Works2004Setup" = Microsoft Works 2004 Setup Launcher
"Works2006Setup" = Microsoft Works Suite 2006 Setup Launcher
"Wudf01005" = Microsoft User-Mode Driver Framework Feature Pack 1.5
"XpsEPSC" = XML Paper Specification Shared Components Pack 1.0
========== HKEY_CURRENT_USER Uninstall List ========== [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
========== Last 20 Event Log Errors ========== [ Application Events ]
Error - 19/02/2014 17:35:59 | Computer Name = SEAMUS | Source = Windows Search Service | ID = 3013
Description = The entry <C:\DOCUMENTS AND SETTINGS\JJ HARTE\PHONE BROWSER\MY GALLERY\MY
TONES> in the hash map cannot be updated. Context: Application, SystemIndex Catalog
Details:
A
device attached to the system is not functioning. (0x8007001f)
Error - 19/02/2014 17:35:59 | Computer Name = SEAMUS | Source = Windows Search Service | ID = 3013
Description = The entry <C:\DOCUMENTS AND SETTINGS\JJ HARTE\PHONE BROWSER\MY GALLERY\MY
TONES> in the hash map cannot be updated. Context: Application, SystemIndex Catalog
Details:
A
device attached to the system is not functioning. (0x8007001f)
Error - 19/02/2014 17:35:59 | Computer Name = SEAMUS | Source = Windows Search Service | ID = 3013
Description = The entry <C:\DOCUMENTS AND SETTINGS\JJ HARTE\PHONE BROWSER\MY GALLERY\MY
VIDEO CLIPS> in the hash map cannot be updated. Context: Application, SystemIndex
Catalog Details: A device attached to the system is not functioning. (0x8007001f)
Error - 19/02/2014 17:35:59 | Computer Name = SEAMUS | Source = Windows Search Service | ID = 3013
Description = The entry <C:\DOCUMENTS AND SETTINGS\JJ HARTE\PHONE BROWSER\MY GALLERY\MY
VIDEO CLIPS> in the hash map cannot be updated. Context: Application, SystemIndex
Catalog Details: A device attached to the system is not functioning. (0x8007001f)
Error - 19/02/2014 17:35:59 | Computer Name = SEAMUS | Source = Windows Search Service | ID = 3013
Description = The entry <C:\DOCUMENTS AND SETTINGS\JJ HARTE\PHONE BROWSER\MY GALLERY\MY
VOICE RECORDINGS> in the hash map cannot be updated. Context: Application, SystemIndex
Catalog Details: A device attached to the system is not functioning. (0x8007001f)
Error - 19/02/2014 17:35:59 | Computer Name = SEAMUS | Source = Windows Search Service | ID = 3013
Description = The entry <C:\DOCUMENTS AND SETTINGS\JJ HARTE\PHONE BROWSER\MY GALLERY\MY
VOICE RECORDINGS> in the hash map cannot be updated. Context: Application, SystemIndex
Catalog Details: A device attached to the system is not functioning. (0x8007001f)
Error - 19/02/2014 17:36:01 | Computer Name = SEAMUS | Source = Windows Search Service | ID = 3013
Description = The entry <C:\DOCUMENTS AND SETTINGS\JJ HARTE\PHONE BROWSER\MY MESSAGES\MY
DRAFTS> in the hash map cannot be updated. Context: Application, SystemIndex Catalog
Details:
A
device attached to the system is not functioning. (0x8007001f)
Error - 19/02/2014 17:36:01 | Computer Name = SEAMUS | Source = Windows Search Service | ID = 3013
Description = The entry <C:\DOCUMENTS AND SETTINGS\JJ HARTE\PHONE BROWSER\MY MESSAGES\MY
DRAFTS> in the hash map cannot be updated. Context: Application, SystemIndex Catalog
Details:
A
device attached to the system is not functioning. (0x8007001f)
Error - 19/02/2014 17:36:29 | Computer Name = SEAMUS | Source = Windows Search Service | ID = 3013
Description = The entry <C:\DOCUMENTS AND SETTINGS\LOCALSERVICE\START MENU\PROGRAMS>
in the hash map cannot be updated. Context: Application, SystemIndex Catalog Details:
A
device attached to the system is not functioning. (0x8007001f)
Error - 19/02/2014 17:36:29 | Computer Name = SEAMUS | Source = Windows Search Service | ID = 3013
Description = The entry <C:\DOCUMENTS AND SETTINGS\LOCALSERVICE\START MENU\PROGRAMS>
in the hash map cannot be updated. Context: Application, SystemIndex Catalog Details:
A
device attached to the system is not functioning. (0x8007001f)
[ System Events ]
Error - 19/02/2014 17:58:52 | Computer Name = SEAMUS | Source = Service Control Manager | ID = 7001
Description = The Media Center Extender Service service depends on the SSDP Discovery
Service service which failed to start because of the following error: %%1058
Error - 19/02/2014 18:14:40 | Computer Name = SEAMUS | Source = Service Control Manager | ID = 7001
Description = The Media Center Extender Service service depends on the SSDP Discovery
Service service which failed to start because of the following error: %%1058
Error - 19/02/2014 18:25:37 | Computer Name = SEAMUS | Source = Service Control Manager | ID = 7001
Description = The Media Center Extender Service service depends on the SSDP Discovery
Service service which failed to start because of the following error: %%1058
Error - 20/02/2014 04:00:53 | Computer Name = SEAMUS | Source = Service Control Manager | ID = 7001
Description = The Media Center Extender Service service depends on the SSDP Discovery
Service service which failed to start because of the following error: %%1058
Error - 20/02/2014 04:23:14 | Computer Name = SEAMUS | Source = Service Control Manager | ID = 7001
Description = The Media Center Extender Service service depends on the SSDP Discovery
Service service which failed to start because of the following error: %%1058
Error - 20/02/2014 04:41:45 | Computer Name = SEAMUS | Source = Service Control Manager | ID = 7001
Description = The Media Center Extender Service service depends on the SSDP Discovery
Service service which failed to start because of the following error: %%1058
Error - 23/02/2014 10:58:00 | Computer Name = SEAMUS | Source = Service Control Manager | ID = 7001
Description = The Media Center Extender Service service depends on the SSDP Discovery
Service service which failed to start because of the following error: %%1058
Error - 23/02/2014 11:24:10 | Computer Name = SEAMUS | Source = Service Control Manager | ID = 7001
Description = The Media Center Extender Service service depends on the SSDP Discovery
Service service which failed to start because of the following error: %%1058
Error - 23/02/2014 11:28:14 | Computer Name = SEAMUS | Source = Service Control Manager | ID = 7001
Description = The Media Center Extender Service service depends on the SSDP Discovery
Service service which failed to start because of the following error: %%1058
Error - 23/02/2014 17:13:04 | Computer Name = SEAMUS | Source = Service Control Manager | ID = 7001
Description = The Media Center Extender Service service depends on the SSDP Discovery
Service service which failed to start because of the following error: %%1058
< End of report >