Another Fake Garda Virus - boards.ie
Boards.ie uses cookies. By continuing to browse this site you are agreeing to our use of cookies. Click here to find out more x
Post Reply  
 
Thread Tools Search this Thread
23-07-2012, 12:19   #1
one man clappin
Registered User
 
one man clappin's Avatar
 
Join Date: Mar 2006
Posts: 339
Another Fake Garda Virus

Hi ASJ, I have the fake Garda Virus on my machine. I booted into safe mode with networking and have ran MBAM, log is below. I am downloading OTL and will post them logs as soon as they are finished. thanks

Malwarebytes Anti-Malware 1.62.0.1300
www.malwarebytes.org

Database version: v2012.07.23.06

Windows 7 x64 NTFS (Safe Mode/Networking)
Internet Explorer 8.0.7600.16385
aiden :: AIDEN-PC [administrator]

23/07/2012 11:17:12
mbam-log-2012-07-23 (12-07-53).txt

Scan type: Full scan (C:\|D:\|)
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
Scan options disabled: P2P
Objects scanned: 380658
Time elapsed: 47 minute(s), 24 second(s)

Memory Processes Detected: 0
(No malicious items detected)

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 84
HKCR\CLSID\{100EB1FD-D03E-47fd-81F3-EE91287F9465} (Adware.ShopperReports) -> No action taken.
HKCR\TypeLib\{E343EDFC-1E6C-4cb5-AA29-E9C922641C80} (Adware.ShopperReports) -> No action taken.
HKCR\Interface\{D8560AC2-21B5-4C1A-BDD4-BD12BC83B082} (Adware.ShopperReports) -> No action taken.
HKCR\ShopperReports.RprtCtrl.1 (Adware.ShopperReports) -> No action taken.
HKCR\ShopperReports.RprtCtrl (Adware.ShopperReports) -> No action taken.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{100EB1FD-D03E-47FD-81F3-EE91287F9465} (Adware.ShopperReports) -> No action taken.
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Settings\{100EB1FD-D03E-47FD-81F3-EE91287F9465} (Adware.ShopperReports) -> No action taken.
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{100EB1FD-D03E-47FD-81F3-EE91287F9465} (Adware.ShopperReports) -> No action taken.
HKCR\AppID\{0D82ACD6-A652-4496-A298-2BDE705F4227} (Adware.ClickPotato) -> No action taken.
HKCR\AppID\{7025E484-D4B0-441a-9F0B-69063BD679CE} (Adware.ClickPotato) -> No action taken.
HKCR\AppID\{8258B35C-05B8-4c0e-9525-9BCCC70F8F2D} (Adware.ClickPotato) -> No action taken.
HKCR\AppID\{A89256AD-EC17-4a83-BEF5-4B8BC4F39306} (Adware.ClickPotato) -> No action taken.
HKCR\CLSID\{20EA9658-6BC3-4599-A87D-6371FE9295FC} (Adware.ShopperReports) -> No action taken.
HKCR\ShopperReports.HbAx.1 (Adware.ShopperReports) -> No action taken.
HKCR\ShopperReports.HbAx (Adware.ShopperReports) -> No action taken.
HKCR\CLSID\{2721A8E5-BFDB-4562-9912-9E0531CA616C} (Adware.ShopperReports) -> No action taken.
HKCR\TypeLib\{5FE0CEAE-CB69-40AF-A323-40F94257DACB} (Adware.ShopperReports) -> No action taken.
HKCR\Interface\{65A16874-2ED0-460E-A547-5FE2EC3A13A7} (Adware.ShopperReports) -> No action taken.
HKCR\ShopperReports.MozillaPSExecuter.1 (Adware.ShopperReports) -> No action taken.
HKCR\ShopperReports.MozillaPSExecuter (Adware.ShopperReports) -> No action taken.
HKCR\CLSID\{396CFC12-932D-496b-A0A8-5D7201E105E1} (Adware.ShopperReports) -> No action taken.
HKCR\TypeLib\{573F4ABB-A1A2-44ED-9BA9-A8DAD40AAC46} (Adware.ShopperReports) -> No action taken.
HKCR\Interface\{71E02280-5212-45C3-B174-4D5A35DA254F} (Adware.ShopperReports) -> No action taken.
HKCR\ShopperReports.MozillaNvgtnTrpr.1 (Adware.ShopperReports) -> No action taken.
HKCR\ShopperReports.MozillaNvgtnTrpr (Adware.ShopperReports) -> No action taken.
HKCR\CLSID\{60DA826C-B1C6-4358-BDEC-4837CED45470} (Adware.ShopperReports) -> No action taken.
HKCR\ShopperReports.KOPFF.1 (Adware.ShopperReports) -> No action taken.
HKCR\ShopperReports.KOPFF (Adware.ShopperReports) -> No action taken.
HKCR\CLSID\{74C22317-5B90-471f-9AD2-FEC049870A16} (Adware.ShopperReports) -> No action taken.
HKCR\ShopperReports.Scopes.1 (Adware.ShopperReports) -> No action taken.
HKCR\ShopperReports.Scopes (Adware.ShopperReports) -> No action taken.
HKCR\CLSID\{A16AD1E9-F69A-45af-9462-B1C286708842} (Adware.ShopperReports) -> No action taken.
HKCR\ShopperReports.IEButtonA.1 (Adware.ShopperReports) -> No action taken.
HKCR\ShopperReports.IEButtonA (Adware.ShopperReports) -> No action taken.
HKCR\CLSID\{A7CDDCDC-BEEB-4685-A062-978F5E07CEEE} (Adware.ShopperReports) -> No action taken.
HKCR\ShopperReports.HbInfoBand.1 (Adware.ShopperReports) -> No action taken.
HKCR\ShopperReports.HbInfoBand (Adware.ShopperReports) -> No action taken.
HKCU\SOFTWARE\Microsoft\Internet Explorer\Explorer Bars\{A7CDDCDC-BEEB-4685-A062-978F5E07CEEE} (Adware.ShopperReports) -> No action taken.
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Settings\{A7CDDCDC-BEEB-4685-A062-978F5E07CEEE} (Adware.ShopperReports) -> No action taken.
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{A7CDDCDC-BEEB-4685-A062-978F5E07CEEE} (Adware.ShopperReports) -> No action taken.
HKCR\CLSID\{C1089F63-7AFC-4538-B0EB-BEA0F4225A57} (Adware.ShopperReports) -> No action taken.
HKCR\ShopperReports.Stock.1 (Adware.ShopperReports) -> No action taken.
HKCR\ShopperReports.Stock (Adware.ShopperReports) -> No action taken.
HKCR\CLSID\{C9CCBB35-D123-4a31-AFFC-9B2933132116} (Adware.ShopperReports) -> No action taken.
HKCR\ShopperReports.IEButton.1 (Adware.ShopperReports) -> No action taken.
HKCR\ShopperReports.IEButton (Adware.ShopperReports) -> No action taken.
HKCR\CLSID\{CC7BD6F1-565C-47ce-A5BB-9C935E77B59D} (Adware.ShopperReports) -> No action taken.
HKCR\TypeLib\{02AED140-2B62-4B49-8B3B-179020CC39B9} (Adware.ShopperReports) -> No action taken.
HKCR\Interface\{17BF1E05-C0E8-413C-BD1F-A481EEA3B8E9} (Adware.ShopperReports) -> No action taken.
HKCR\ShopperReports.CntntDic.1 (Adware.ShopperReports) -> No action taken.
HKCR\ShopperReports.CntntDic (Adware.ShopperReports) -> No action taken.
HKCR\CLSID\{CFC16189-8A92-4a29-A940-60248385F426} (Adware.ShopperReports) -> No action taken.
HKCR\ShopperReports.CntntDisp.1 (Adware.ShopperReports) -> No action taken.
HKCR\ShopperReports.CntntDisp (Adware.ShopperReports) -> No action taken.
HKCR\CLSID\{DEE758B4-C3FB-4a5b-9939-848B9C77A2FB} (Adware.ShopperReports) -> No action taken.
HKCR\Typelib\{3277CD27-4001-4EF8-9D96-C6CA745AC2F9} (Adware.7FaSSt) -> No action taken.
HKCR\Interface\{38493F7F-2922-4C6C-9A9A-8DA2C940D0EE} (Adware.7FaSSt) -> No action taken.
HKCR\CLSID\{E5A1ECE5-3E3D-4FE7-8447-78CB1FD377C6} (Adware.7FaSSt) -> No action taken.
HKCR\BBar.BBarBand.1 (Adware.7FaSSt) -> No action taken.
HKCR\BBar.BBarBand (Adware.7FaSSt) -> No action taken.
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Settings\{E5A1ECE5-3E3D-4FE7-8447-78CB1FD377C6} (Adware.7FaSSt) -> No action taken.
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{E5A1ECE5-3E3D-4FE7-8447-78CB1FD377C6} (Adware.7FaSSt) -> No action taken.
HKCR\Typelib\{ACC62306-9A63-4864-BD2F-C8825D2D7EA6} (Adware.ClickPotato) -> No action taken.
HKCR\Interface\{21BA420E-161C-413A-B21E-4E42AE1F4226} (Adware.ClickPotato) -> No action taken.
HKCR\Typelib\{CDCA70D8-C6A6-49EE-9BED-7429D6C477A2} (Adware.ShopperReports) -> No action taken.
HKCR\Interface\{8AD9AD05-36BE-4E40-BA62-5422EB0D02FB} (Adware.ShopperReports) -> No action taken.
HKCR\Typelib\{D136987F-E1C4-4CCC-A220-893DF03EC5DF} (Adware.ShopperReports) -> No action taken.
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Settings\{C5428486-50A0-4A02-9D20-520B59A9F9B2} (Adware.ShopperReports) -> No action taken.
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{C5428486-50A0-4A02-9D20-520B59A9F9B2} (Adware.ShopperReports) -> No action taken.
HKLM\SOFTWARE\Microsoft\Internet Explorer\Extensions\{C5428486-50A0-4A02-9D20-520B59A9F9B2} (Adware.ShopperReports) -> No action taken.
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Settings\{C5428486-50A0-4A02-9D20-520B59A9F9B3} (Adware.ShopperReports) -> No action taken.
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{C5428486-50A0-4A02-9D20-520B59A9F9B3} (Adware.ShopperReports) -> No action taken.
HKLM\SOFTWARE\Microsoft\Internet Explorer\Extensions\{C5428486-50A0-4A02-9D20-520B59A9F9B3} (Adware.ShopperReports) -> No action taken.
HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{A078F691-9C07-4AF2-BF43-35E79EECF8B7} (Adware.Softomate) -> No action taken.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{89F88394-3828-4d03-A0CF-8203604C3DA6} (Adware.Hotbar) -> No action taken.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{D4233F04-1789-483c-A137-731E8F113DD5} (Adware.Hotbar) -> No action taken.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\ShopperReportsSA (Adware.ShopperReports) -> No action taken.
HKCR\AppID\BRNstIE.DLL (Adware.ClickPotato) -> No action taken.
HKCR\AppID\CmndFF.DLL (Adware.ClickPotato) -> No action taken.
HKCR\AppID\mozillaps.dll (Adware.ClickPotato) -> No action taken.
HKCR\AppID\Pltfrm.DLL (Adware.ClickPotato) -> No action taken.
HKCU\SOFTWARE\ShopperReports3 (Adware.ShopperReports) -> No action taken.
HKLM\SOFTWARE\ShopperReports3 (Adware.ShopperReports) -> No action taken.
HKLM\SYSTEM\CurrentControlSet\Services\ScanQuery Service (Adware.ScanQuery) -> No action taken.

Registry Values Detected: 7
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Run|rxfvtcocbsfdiqu (Trojan.Winlock.P) -> Data: C:\ProgramData\rxfvtcoc.exe -> No action taken.
HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar|{E5A1ECE5-3E3D-4FE7-8447-78CB1FD377C6} (Adware.7FaSSt) -> Data: BBar -> No action taken.
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Run|{35662E8F-5A9D-2F4F-C2E2-C203C626374B} (Trojan.ZbotR.Gen) -> Data: C:\Users\aiden\AppData\Roaming\Giohg\siomqo.exe -> No action taken.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\5.0\User Agent\Post Platform|ShopperReports 3.0.517.0 (Adware.HotBar) -> Data: -> No action taken.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\5.0\User Agent\Post Platform|SRS_IT_E8790777B4765A5535AB99 (Malware.Trace) -> Data: -> No action taken.
HKLM\SOFTWARE\Mozilla\Firefox\extensions|ShopperReports@ShopperReports.com (ShopperReports) -> Data: C:\Program Files (x86)\ShopperReports3\bin\3.0.517.0\firefox\firefoxtoolbar\extensions -> No action taken.
HKLM\SOFTWARE\Mozilla\Firefox\extensions|ClickPotatoLite@ClickPotatoLite.com (Adware.ClickPotato) -> Data: C:\Program Files (x86)\ClickPotatoLite\bin\10.0.668.0\firefox\extensions -> No action taken.

Registry Data Items Detected: 0
(No malicious items detected)

Folders Detected: 14
C:\Users\aiden\AppData\Roaming\ShopperReports3 (Adware.ShopperReports) -> No action taken.
C:\Program Files (x86)\ShopperReports3 (Adware.ShopperReports) -> No action taken.
C:\Program Files (x86)\ShopperReports3\bin (Adware.ShopperReports) -> No action taken.
C:\Program Files (x86)\ShopperReports3\bin\3.0.517.0 (Adware.ShopperReports) -> No action taken.
C:\Program Files (x86)\ShopperReports3\bin\3.0.517.0\firefox (Adware.ShopperReports) -> No action taken.
C:\Program Files (x86)\ShopperReports3\bin\3.0.517.0\firefox\firefoxtoolbar (Adware.ShopperReports) -> No action taken.
C:\Program Files (x86)\ShopperReports3\bin\3.0.517.0\firefox\firefoxtoolbar\extensions (Adware.ShopperReports) -> No action taken.
C:\Program Files (x86)\ShopperReports3\bin\3.0.517.0\firefox\firefoxtoolbar\extensions\chrome (Adware.ShopperReports) -> No action taken.
C:\Program Files (x86)\ShopperReports3\bin\3.0.517.0\firefox\firefoxtoolbar\extensions\components (Adware.ShopperReports) -> No action taken.
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ShopperReports (Adware.ShopperReports) -> No action taken.
C:\Program Files (x86)\Mozilla Firefox\extensions\{DE9265D8-D55D-4286-9DC4-F8D8A0CA2F64} (Adware.ScanQuery) -> No action taken.
C:\Program Files (x86)\Mozilla Firefox\extensions\{DE9265D8-D55D-4286-9DC4-F8D8A0CA2F64}\chrome (Adware.ScanQuery) -> No action taken.
C:\Program Files (x86)\Mozilla Firefox\extensions\{DE9265D8-D55D-4286-9DC4-F8D8A0CA2F64}\defaults (Adware.ScanQuery) -> No action taken.
C:\Program Files (x86)\Mozilla Firefox\extensions\{DE9265D8-D55D-4286-9DC4-F8D8A0CA2F64}\defaults\preferences (Adware.ScanQuery) -> No action taken.

Files Detected: 26
C:\ProgramData\rxfvtcoc.exe (Trojan.Winlock.P) -> No action taken.
C:\Program Files (x86)\ShopperReports3\bin\3.0.517.0\ShopperReports.dll (Adware.ShopperReports) -> No action taken.
C:\Program Files (x86)\ShopperReports3\bin\3.0.517.0\mozillaps.dll (Adware.ShopperReports) -> No action taken.
C:\Program Files (x86)\ShopperReports3\bin\3.0.517.0\CmndFF.dll (Adware.ShopperReports) -> No action taken.
C:\Program Files (x86)\ShopperReports3\bin\3.0.517.0\CntntCntr.dll (Adware.ShopperReports) -> No action taken.
C:\Program Files (x86)\ShopperReports3\bin\3.0.517.0\BRNstIE.dll (Adware.ShopperReports) -> No action taken.
C:\Program Files (x86)\blinkx Remote Toolbar\the_blinkx_toolbar.dll (Adware.7FaSSt) -> No action taken.
C:\Program Files (x86)\ShopperReports3\bin\3.0.517.0\ShopperReportsUninstaller.exe (Adware.ShopperReports) -> No action taken.
C:\Program Files (x86)\ShopperReports3\bin\3.0.517.0\firefox\firefoxtoolbar\extensions\components\BRNstFF.dll (Adware.ShopperReports) -> No action taken.
C:\Users\aiden\0.7665084305361457.exe (Trojan.Winlock.P) -> No action taken.
C:\Users\aiden\AppData\Local\Temp\bjbA6E8.tmp (Adware.Casino) -> No action taken.
C:\Users\aiden\AppData\Local\Temp\rEBxnFzX.exe.part (Adware.Casino) -> No action taken.
C:\Users\aiden\AppData\Local\Temp\0.6712967405393793 (Exploit.Drop.9) -> No action taken.
C:\Users\aiden\AppData\Roaming\Giohg\siomqo.exe (Trojan.ZbotR.Gen) -> No action taken.
C:\Program Files (x86)\ShopperReports3\bin\3.0.517.0\link.ico (Adware.ShopperReports) -> No action taken.
C:\Program Files (x86)\ShopperReports3\bin\3.0.517.0\firefox\firefoxtoolbar\extensions\chrome.manifest (Adware.ShopperReports) -> No action taken.
C:\Program Files (x86)\ShopperReports3\bin\3.0.517.0\firefox\firefoxtoolbar\extensions\install.rdf (Adware.ShopperReports) -> No action taken.
C:\Program Files (x86)\ShopperReports3\bin\3.0.517.0\firefox\firefoxtoolbar\extensions\chrome\firefoxtoolbar.jar (Adware.ShopperReports) -> No action taken.
C:\Program Files (x86)\ShopperReports3\bin\3.0.517.0\firefox\firefoxtoolbar\extensions\components\BRNstFF.xpt (Adware.ShopperReports) -> No action taken.
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ShopperReports\About Us.lnk (Adware.ShopperReports) -> No action taken.
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ShopperReports\Customer Support.lnk (Adware.ShopperReports) -> No action taken.
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ShopperReports\ShopperReports Uninstall Instructions.lnk (Adware.ShopperReports) -> No action taken.
C:\Program Files (x86)\Mozilla Firefox\extensions\{DE9265D8-D55D-4286-9DC4-F8D8A0CA2F64}\chrome.manifest (Adware.ScanQuery) -> No action taken.
C:\Program Files (x86)\Mozilla Firefox\extensions\{DE9265D8-D55D-4286-9DC4-F8D8A0CA2F64}\install.rdf (Adware.ScanQuery) -> No action taken.
C:\Program Files (x86)\Mozilla Firefox\extensions\{DE9265D8-D55D-4286-9DC4-F8D8A0CA2F64}\chrome\scanquery.jar (Adware.ScanQuery) -> No action taken.
C:\Program Files (x86)\Mozilla Firefox\extensions\{DE9265D8-D55D-4286-9DC4-F8D8A0CA2F64}\defaults\preferences\prefs.js (Adware.ScanQuery) -> No action taken.

(end)
one man clappin is offline  
Advertisement
23-07-2012, 12:21   #2
ASJ112
Banned
 
Join Date: Jan 2010
Posts: 1,155
you can let MBAM fix those
ASJ112 is offline  
23-07-2012, 12:30   #3
one man clappin
Registered User
 
one man clappin's Avatar
 
Join Date: Mar 2006
Posts: 339
I have deleted those with MBAM. Below is log of OTL:

OTL logfile created on: 7/23/2012 12:21:08 PM - Run 1
OTL by OldTimer - Version 3.2.54.0 Folder = C:\Users\aiden\Downloads
64bit- Home Premium Edition (Version = 6.1.7600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.7600.16385)
Locale: 00000409 | Country: Ireland | Language: IRE | Date Format: dd/MM/yyyy

3.80 Gb Total Physical Memory | 3.10 Gb Available Physical Memory | 81.49% Memory free
7.60 Gb Paging File | 6.95 Gb Available in Paging File | 91.37% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 283.34 Gb Total Space | 187.07 Gb Free Space | 66.02% Space Free | Partition Type: NTFS

Computer Name: AIDEN-PC | User Name: aiden | Logged in as Administrator.
Boot Mode: SafeMode with Networking | Scan Mode: Current user | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2012/07/23 12:16:14 | 000,596,480 | ---- | M] (OldTimer Tools) -- C:\Users\aiden\Downloads\OTL.exe
PRC - [2012/07/20 17:48:39 | 000,913,888 | ---- | M] (Mozilla Corporation) -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe


========== Modules (No Company Name) ==========

MOD - [2012/07/20 17:48:39 | 002,003,424 | ---- | M] () -- C:\Program Files (x86)\Mozilla Firefox\mozjs.dll
MOD - [2012/02/22 18:26:33 | 008,527,008 | ---- | M] () -- C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll


========== Win32 Services (SafeList) ==========

SRV:64bit: - [2010/09/23 01:10:10 | 000,057,184 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Program Files\Windows Live\Mesh\wlcrasvc.exe -- (wlcrasvc)
SRV:64bit: - [2010/06/18 06:10:14 | 000,258,048 | ---- | M] (IDT, Inc.) [Auto | Stopped] -- C:\Program Files\IDT\WDM\stacsv64.exe -- (STacSV)
SRV:64bit: - [2010/02/03 07:13:10 | 000,048,128 | ---- | M] (Dell Inc.) [Auto | Stopped] -- C:\Program Files\Dell\DW WLAN Card\WLTRYSVC.EXE -- (wltrysvc)
SRV:64bit: - [2009/06/09 15:11:14 | 000,155,648 | ---- | M] (Stardock Corporation) [Auto | Stopped] -- C:\Program Files\Dell\DellDock\DockLogin.exe -- (DockLoginService)
SRV:64bit: - [2009/03/03 11:42:58 | 000,089,600 | ---- | M] (Andrea Electronics Corporation) [Auto | Stopped] -- C:\Program Files\IDT\WDM\AESTSr64.exe -- (AESTFilters)
SRV - [2012/07/20 17:48:39 | 000,113,120 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
SRV - [2012/07/02 16:25:14 | 002,232,504 | ---- | M] (Giraffic) [Auto | Stopped] -- C:\Program Files (x86)\Giraffic\Veoh_GirafficWatchdog.exe -- (Giraffic)
SRV - [2011/10/01 09:30:22 | 000,219,496 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe -- (sftvsa)
SRV - [2011/10/01 09:30:18 | 000,508,776 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe -- (sftlist)
SRV - [2011/08/18 17:05:46 | 001,692,480 | ---- | M] (SoftThinks SAS) [Auto | Stopped] -- C:\Program Files (x86)\Dell DataSafe Local Backup\SftService.exe -- (SftService)
SRV - [2011/04/17 01:45:11 | 000,130,008 | R--- | M] (Symantec Corporation) [Auto | Stopped] -- C:\Program Files (x86)\Norton Internet Security\Engine\18.7.2.3\ccSvcHst.exe -- (NIS)
SRV - [2010/06/08 17:49:30 | 000,013,336 | ---- | M] (Intel Corporation) [Auto | Stopped] -- C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe -- (IAStorDataMgrSvc) Intel(R)
SRV - [2010/03/18 14:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2010/03/03 21:42:02 | 002,320,920 | ---- | M] (Intel Corporation) [Auto | Stopped] -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe -- (UNS) Intel(R)
SRV - [2010/03/03 21:41:58 | 000,268,824 | ---- | M] (Intel Corporation) [Auto | Stopped] -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe -- (LMS) Intel(R)
SRV - [2009/06/10 22:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)
SRV - [2009/06/06 01:07:28 | 000,250,616 | ---- | M] (WildTangent, Inc.) [On_Demand | Stopped] -- C:\Program Files (x86)\WildTangent\Dell Games\Dell Game Console\GameConsoleService.exe -- (GameConsoleService)


========== Driver Services (SafeList) ==========

DRV:64bit: - [2012/03/01 07:54:38 | 000,022,896 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\Windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec)
DRV:64bit: - [2011/10/15 14:42:49 | 000,174,200 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\SYMEVENT64x86.SYS -- (SymEvent)
DRV:64bit: - [2011/10/01 09:30:22 | 000,022,376 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\Sftvollh.sys -- (Sftvol)
DRV:64bit: - [2011/10/01 09:30:18 | 000,268,648 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\Sftplaylh.sys -- (Sftplay)
DRV:64bit: - [2011/10/01 09:30:18 | 000,025,960 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\Sftredirlh.sys -- (Sftredir)
DRV:64bit: - [2011/10/01 09:30:10 | 000,764,264 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\Sftfslh.sys -- (Sftfs)
DRV:64bit: - [2011/04/21 02:37:49 | 000,386,168 | ---- | M] (Symantec Corporation) [Kernel | System | Stopped] -- C:\Windows\SysNative\drivers\NISx64\1207020.003\symnets.sys -- (SymNetS)
DRV:64bit: - [2011/03/31 04:00:09 | 000,744,568 | ---- | M] (Symantec Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\NISx64\1207020.003\srtsp64.sys -- (SRTSP)
DRV:64bit: - [2011/03/31 04:00:09 | 000,040,568 | ---- | M] (Symantec Corporation) [Kernel | System | Stopped] -- C:\Windows\SysNative\drivers\NISx64\1207020.003\srtspx64.sys -- (SRTSPX) Symantec Real Time Storage Protection (PEL)
DRV:64bit: - [2011/03/15 03:31:23 | 000,912,504 | ---- | M] (Symantec Corporation) [File_System | Boot | Running] -- C:\Windows\SysNative\drivers\NISx64\1207020.003\symefa64.sys -- (SymEFA)
DRV:64bit: - [2011/03/11 07:22:41 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:64bit: - [2011/03/11 07:22:40 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:64bit: - [2011/01/27 07:47:10 | 000,450,680 | ---- | M] (Symantec Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\NISx64\1207020.003\symds64.sys -- (SymDS)
DRV:64bit: - [2010/11/16 02:45:33 | 000,171,128 | R--- | M] (Symantec Corporation) [Kernel | System | Stopped] -- C:\Windows\SysNative\drivers\NISx64\1207020.003\ironx64.sys -- (SymIRON)
DRV:64bit: - [2010/08/30 13:17:36 | 000,289,280 | ---- | M] (Intel(R) Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\IntcDAud.sys -- (IntcDAud) Intel(R)
DRV:64bit: - [2010/08/25 21:36:02 | 010,611,552 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\igdkmd64.sys -- (igfx)
DRV:64bit: - [2010/08/12 17:51:30 | 000,175,168 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\CtClsFlt.sys -- (CtClsFlt)
DRV:64bit: - [2010/06/18 06:10:14 | 000,515,584 | ---- | M] (IDT, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stwrt64.sys -- (STHDA)
DRV:64bit: - [2010/06/08 17:33:14 | 000,540,696 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\iaStor.sys -- (iaStor)
DRV:64bit: - [2010/03/17 22:44:44 | 000,301,104 | ---- | M] (Synaptics Incorporated) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\SynTP.sys -- (SynTP)
DRV:64bit: - [2010/03/17 22:41:48 | 000,325,152 | ---- | M] (Realtek ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Rt64win7.sys -- (RTL8167)
DRV:64bit: - [2010/03/17 22:29:52 | 000,232,480 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\RtsUStor.sys -- (RSUSBSTOR)
DRV:64bit: - [2010/02/27 01:32:12 | 000,158,976 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\Impcd.sys -- (Impcd)
DRV:64bit: - [2010/02/03 07:13:08 | 000,022,520 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bcm42rly.sys -- (BCM42RLY)
DRV:64bit: - [2010/02/03 07:13:08 | 000,020,984 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\bcmvwl64.sys -- (BcmVWL)
DRV:64bit: - [2010/02/03 07:13:06 | 003,058,168 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\BCMWL664.SYS -- (BCM43XX)
DRV:64bit: - [2009/09/17 19:54:54 | 000,056,344 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\HECIx64.sys -- (HECIx64) Intel(R)
DRV:64bit: - [2009/07/14 02:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:64bit: - [2009/07/14 02:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:64bit: - [2009/07/14 02:47:48 | 000,077,888 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:64bit: - [2009/07/14 02:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:64bit: - [2009/07/14 01:35:32 | 000,012,288 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\serscan.sys -- (StillCam)
DRV:64bit: - [2009/07/09 10:00:00 | 000,055,280 | ---- | M] (Sonic Solutions) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\PxHlpa64.sys -- (PxHlpa64)
DRV:64bit: - [2009/06/10 21:35:33 | 000,389,120 | ---- | M] (Marvell) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\yk62x64.sys -- (yukonw7)
DRV:64bit: - [2009/06/10 21:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:64bit: - [2009/06/10 21:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:64bit: - [2009/06/10 21:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
DRV:64bit: - [2009/06/10 21:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
DRV:64bit: - [2006/11/01 19:51:00 | 000,151,656 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\WimFltr.sys -- (WimFltr)
DRV - [2012/04/28 01:18:20 | 000,488,568 | ---- | M] (Symantec Corporation) [Kernel | System | Stopped] -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_18.5.0.125\Definitions\IPSDefs\20120511.001\IDSviA64.sys -- (IDSVia64)
DRV - [2012/04/21 13:08:36 | 002,048,632 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Stopped] -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_18.5.0.125\Definitions\VirusDefs\20120512.016\EX64.SYS -- (NAVEX15)
DRV - [2012/04/21 13:08:36 | 000,482,936 | ---- | M] (Symantec Corporation) [Kernel | System | Stopped] -- C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys -- (eeCtrl)
DRV - [2012/04/21 13:08:36 | 000,117,880 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Stopped] -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_18.5.0.125\Definitions\VirusDefs\20120512.016\ENG64.SYS -- (NAVENG)
DRV - [2012/04/03 00:38:04 | 001,160,824 | ---- | M] (Symantec Corporation) [Kernel | System | Stopped] -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_18.5.0.125\Definitions\BASHDefs\20120507.001\BHDrvx64.sys -- (BHDrvx64)
DRV - [2012/02/04 13:47:02 | 000,138,360 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys -- (EraserUtilRebootDrv)
DRV - [2009/07/14 02:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\..\URLSearchHook: {ba14329e-9550-4989-b3f2-9732e92d17cc} - C:\Program Files (x86)\Vuze_Remote\prxtbVuze.dll (Conduit Ltd.)
IE - HKLM\..\SearchScopes,DefaultScope = {AFDBDDAA-5D3F-42EE-B79C-185A7020515B}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKLM\..\SearchScopes\{AFDBDDAA-5D3F-42EE-B79C-185A7020515B}: "URL" = http://search.conduit.com/ResultsExt...ctid=CT2653012

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = Preserve
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,SearchPage =
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://g.uk.msn.com/USCON/2
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://uk.msn.com/?ocid=iehp
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = ga-ie
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = CD 93 39 56 DB 61 CD 01 [binary data]
IE - HKCU\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

========== FireFox ==========

FF - prefs.js..browser.search.defaultthis.engineName: "Veoh Web Player Customized Web Search"
FF - prefs.js..browser.search.defaulturl: "http://search.conduit.com/ResultsExt.aspx?ctid=CT2653012&SearchSource=3&q={searchTerms}"
FF - prefs.js..browser.startup.homepage: "http://www.google.ie/"
FF - prefs.js..extensions.enabledItems: toolbar@blinkx.com:1.0
FF - prefs.js..extensions.enabledItems: ShopperReports@ShopperReports.com:3.0.517.0
FF - prefs.js..extensions.enabledItems: {DE9265D8-D55D-4286-9DC4-F8D8A0CA2F64}:1.0
FF - prefs.js..extensions.enabledItems: ClickPotatoLite@ClickPotatoLite.com:10.0.668.0
FF - prefs.js..extensions.enabledItems: engine@conduit.com:3.3.3.2
FF - prefs.js..extensions.enabledItems: {cd90bf73-20f6-44ef-993d-bb920303bd2e}:3.6.0.10
FF - prefs.js..extensions.enabledItems: {ba14329e-9550-4989-b3f2-9732e92d17cc}:3.6.0.10
FF - prefs.js..extensions.enabledItems: firefox@tvunetworks.com:2
FF - prefs.js..extensions.enabledItems: 5
FF - prefs.js..extensions.enabledItems: 3
FF - prefs.js..extensions.enabledItems: 1
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}:6.0.21
FF - prefs.js..keyword.URL: "chrome://browser-region/locale/region.properties"


FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll ()
FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files (x86)\Java\jre6\bin\plugin2\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files (x86)\Microsoft Silverlight\4.1.10329.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3508.1109: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@pages.tvunetworks.com/WebPlayer: C:\Windows\system32\TVUAx\npTVUAx.dll (TVU networks)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.21.115\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.21.115\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@octoshape.com/Octoshape Streaming Services,version=1.0: C:\Users\aiden\AppData\Roaming\Octoshape\Octoshape Streaming Services\sua-1101262-0-npoctoshape.dll (Octoshape ApS)
FF - HKCU\Software\MozillaPlugins\@talk.google.com/GoogleTalkPlugin: C:\Users\aiden\AppData\Roaming\Mozilla\plugins\npgoogletalk.dll (Google)
FF - HKCU\Software\MozillaPlugins\@talk.google.com/O3DPlugin: C:\Users\aiden\AppData\Roaming\Mozilla\plugins\npgtpo3dautoplugin.dll ()
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Users\aiden\AppData\Local\Google\Update\1.3.21.115\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Users\aiden\AppData\Local\Google\Update\1.3.21.115\npGoogleUpdate3.dll (Google Inc.)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{3252b9ae-c69a-4eaf-9502-dc9c1f6c009e}: C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Default Manager\DMExtension\ [2010/12/12 15:29:32 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{BBDA0591-3099-440a-AA10-41764D9DB4DB}: C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_18.5.0.125\IPSFFPlgn\ [2012/02/04 13:11:01 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{2D3F3651-74B9-4795-BDEC-6DA2F431CB62}: C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_18.5.0.125\coFFPlgn_2011_7_10_1 [2012/07/23 10:54:55 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 14.0.1\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2012/07/20 17:48:39 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 14.0.1\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2012/07/23 12:13:33 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 14.0.1\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2012/07/20 17:48:39 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 14.0.1\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2012/07/23 12:13:33 | 000,000,000 | ---D | M]

[2011/02/26 00:36:11 | 000,000,000 | ---D | M] (No name found) -- C:\Users\aiden\AppData\Roaming\Mozilla\Extensions
[2012/07/15 18:46:09 | 000,000,000 | ---D | M] (No name found) -- C:\Users\aiden\AppData\Roaming\Mozilla\Firefox\Profiles\pbv2gb97.default\extensions
[2012/07/15 18:46:08 | 000,000,000 | ---D | M] (Vuze Remote Community Toolbar) -- C:\Users\aiden\AppData\Roaming\Mozilla\Firefox\Profiles\pbv2gb97.default\extensions\{ba14329e-9550-4989-b3f2-9732e92d17cc}
[2012/07/15 18:46:09 | 000,000,000 | ---D | M] (Veoh Web Player Community Toolbar) -- C:\Users\aiden\AppData\Roaming\Mozilla\Firefox\Profiles\pbv2gb97.default\extensions\{cd90bf73-20f6-44ef-993d-bb920303bd2e}
[2011/05/03 19:50:54 | 000,000,000 | ---D | M] (TVU Web Player) -- C:\Users\aiden\AppData\Roaming\Mozilla\Firefox\Profiles\pbv2gb97.default\extensions\firefox@tvunetworks.com
[2011/03/21 14:46:56 | 000,000,933 | ---- | M] () -- C:\Users\aiden\AppData\Roaming\Mozilla\Firefox\Profiles\pbv2gb97.default\searchplugins\conduit.xml
[2011/10/30 18:16:08 | 000,002,472 | ---- | M] () -- C:\Users\aiden\AppData\Roaming\Mozilla\Firefox\Profiles\pbv2gb97.default\searchplugins\safesearch.xml
[2012/07/23 12:13:33 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\extensions
[2012/07/20 17:48:39 | 000,136,672 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\mozilla firefox\components\browsercomps.dll
[2009/11/06 16:37:19 | 000,091,552 | ---- | M] (Coupons, Inc.) -- C:\Program Files (x86)\mozilla firefox\plugins\npCouponPrinter.dll
[2012/02/22 18:52:22 | 000,476,904 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files (x86)\mozilla firefox\plugins\npdeployJava1.dll
[2009/11/06 16:37:20 | 000,091,552 | ---- | M] (Coupons, Inc.) -- C:\Program Files (x86)\mozilla firefox\plugins\npMozCouponPrinter.dll
[2012/06/25 11:30:24 | 000,001,525 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\amazon-en-GB.xml
[2012/06/25 11:30:24 | 000,002,252 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\bing.xml
[2012/06/25 11:30:24 | 000,000,935 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\chambers-en-GB.xml
[2012/06/25 11:30:24 | 000,001,166 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\eBay-en-GB.xml
[2012/06/25 11:30:24 | 000,002,040 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\twitter.xml
[2012/06/25 11:30:24 | 000,001,121 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\yahoo-en-GB.xml

O1 HOSTS File: ([2009/06/10 22:00:26 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O2:64bit: - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll File not found
O2 - BHO: (Adobe PDF Reader Link Helper) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
O2 - BHO: (Conduit Engine) - {30F9B915-B755-4826-820B-08FBA6BD249D} - C:\Program Files (x86)\ConduitEngine\prxConduitEngine.dll (Conduit Ltd.)
O2 - BHO: (Symantec NCO BHO) - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files (x86)\Norton Internet Security\Engine\18.7.2.3\coieplg.dll (Symantec Corporation)
O2 - BHO: (Symantec Intrusion Prevention) - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files (x86)\Norton Internet Security\Engine\18.7.2.3\ips\ipsbho.dll (Symantec Corporation)
O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre6\bin\ssv.dll (Sun Microsystems, Inc.)
O2 - BHO: (Skype add-on for Internet Explorer) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O2 - BHO: (Vuze Remote Toolbar) - {ba14329e-9550-4989-b3f2-9732e92d17cc} - C:\Program Files (x86)\Vuze_Remote\prxtbVuze.dll (Conduit Ltd.)
O3 - HKLM\..\Toolbar: (Conduit Engine) - {30F9B915-B755-4826-820B-08FBA6BD249D} - C:\Program Files (x86)\ConduitEngine\prxConduitEngine.dll (Conduit Ltd.)
O3 - HKLM\..\Toolbar: (Norton Toolbar) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton Internet Security\Engine\18.7.2.3\coieplg.dll (Symantec Corporation)
O3 - HKLM\..\Toolbar: (Vuze Remote Toolbar) - {ba14329e-9550-4989-b3f2-9732e92d17cc} - C:\Program Files (x86)\Vuze_Remote\prxtbVuze.dll (Conduit Ltd.)
O3 - HKCU\..\Toolbar\WebBrowser: (Norton Toolbar) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton Internet Security\Engine\18.7.2.3\coieplg.dll (Symantec Corporation)
O3 - HKCU\..\Toolbar\WebBrowser: (Vuze Remote Toolbar) - {BA14329E-9550-4989-B3F2-9732E92D17CC} - C:\Program Files (x86)\Vuze_Remote\prxtbVuze.dll (Conduit Ltd.)
O4:64bit: - HKLM..\Run: [Broadcom Wireless Manager UI] C:\Program Files\Dell\DW WLAN Card\WLTRAY.EXE (Dell Inc.)
O4:64bit: - HKLM..\Run: [HotKeysCmds] C:\Windows\SysNative\hkcmd.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [IgfxTray] C:\Windows\SysNative\igfxtray.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [Persistence] C:\Windows\SysNative\igfxpers.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [QuickSet] C:\Program Files\Dell\QuickSet\quickset.exe (Dell Inc.)
O4:64bit: - HKLM..\Run: [SysTrayApp] C:\Program Files\IDT\WDM\sttray64.exe (IDT, Inc.)
O4 - HKLM..\Run: [] File not found
O4 - HKLM..\Run: [Dell Webcam Central] C:\Program Files (x86)\Dell Webcam\Dell Webcam Central\WebcamDell2.exe (Creative Technology Ltd)
O4 - HKLM..\Run: [Desktop Disc Tool] C:\Program Files (x86)\Roxio\Roxio Burn\RoxioBurnLauncher.exe ()
O4 - HKLM..\Run: [IAStorIcon] C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe (Intel Corporation)
O4 - HKCU..\Run: [Octoshape Streaming Services] C:\Users\aiden\AppData\Roaming\Octoshape\Octoshape Streaming Services\OctoshapeClient.exe (Octoshape ApS)
O4 - HKLM..\RunOnce: ["C:\Program Files (x86)\Dell DataSafe Local Backup\Components\DSUpdate\DSUpdate.exe"] C:\Program Files (x86)\Dell DataSafe Local Backup\Components\DSUpdate\DSUpdate.exe (Dell)
O4 - HKLM..\RunOnce: [Malwarebytes Anti-Malware] C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation)
O4 - Startup: C:\Users\aiden\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dell Dock.lnk = File not found
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O9 - Extra Button: Skype add-on for Internet Explorer - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra 'Tools' menuitem : Skype add-on for Internet Explorer - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra Button: PartyPoker.com - {B7FE5D70-9AA2-40F1-9C6B-12A255F085E1} - C:\Users\aiden\Desktop\PartyPoker.lnk File not found
O9 - Extra 'Tools' menuitem : PartyPoker.com - {B7FE5D70-9AA2-40F1-9C6B-12A255F085E1} - C:\Users\aiden\Desktop\PartyPoker.lnk File not found
O1364bit: - gopher Prefix: missing
O13 - gopher Prefix: missing
O15 - HKCU\..Trusted Domains: riaenvia.net ([]* in Trusted sites)
O15 - HKCU\..Trusted Domains: riafinancial.com ([]* in Trusted sites)
O16 - DPF: {1169E0CD-9E76-11D7-B1D8-FB63945DE96D} https://fxonline.riaenvia.net/Plugins/VSTwain.dll (VintaSoftTwain Control v5.1)
O16 - DPF: {22571E97-956A-4CDD-AF8D-AE9C26597683} https://fxonline.riaenvia.net/Plugins/99510060.CAB (ctlUSBHID.USBHID)
O16 - DPF: {2489E566-F550-47E1-9EC6-462B13BFB268} https://fxonline.riaenvia.net/Plugins/URLUpload.CAB (URLUpload.Upload)
O16 - DPF: {44B019DE-19F4-4A37-B2AB-815655927BB0} https://fxonline.riaenvia.net/Plugin...4-104.0002.CAB (KbdWedgeOCX.KbdWedge)
O16 - DPF: {7206EAAC-5CFA-43A3-9F61-E27E8E51E42F} http://lai.liveblockauctions.com/con...ry/laiexec.cab (laiExcuter Class)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jin...ndows-i586.cab (Java Plug-in 1.6.0_31)
O16 - DPF: {9E8EBAA8-573C-45D2-A64C-DD93489744DE} https://fxonline.riaenvia.net/Plugins/MTMicrImage.CAB (MTMicrImage.MicrImage)
O16 - DPF: {CAFEEFAC-0016-0000-0031-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jin...ndows-i586.cab (Java Plug-in 1.6.0_31)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jin...ndows-i586.cab (Java Plug-in 1.6.0_31)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.10.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{20549A0B-1A77-4A55-9E7B-9F1F53E1E03C}: DhcpNameServer = 192.168.10.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{8058A41E-B460-488F-B1E9-5FC185105813}: DhcpNameServer = 192.168.1.254
O18:64bit: - Protocol\Handler\livecall - No CLSID value found
O18:64bit: - Protocol\Handler\ms-help - No CLSID value found
O18:64bit: - Protocol\Handler\msnim - No CLSID value found
O18:64bit: - Protocol\Handler\skype4com - No CLSID value found
O18:64bit: - Protocol\Handler\skype-ie-addon-data - No CLSID value found
O18:64bit: - Protocol\Handler\wlmailhtml - No CLSID value found
O18:64bit: - Protocol\Handler\wlpg - No CLSID value found
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\SysNative\SystemPropertiesPerformance.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysWOW64\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O20:64bit: - Winlogon\Notify\igfxcui: DllName - (igfxdev.dll) - C:\Windows\SysNative\igfxdev.dll (Intel Corporation)
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)

========== Files/Folders - Created Within 30 Days ==========

[2012/07/23 11:16:34 | 000,000,000 | ---D | C] -- C:\Users\aiden\AppData\Roaming\Malwarebytes
[2012/07/23 11:16:27 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware
[2012/07/23 11:16:26 | 000,024,904 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbam.sys
[2012/07/23 11:16:26 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware
[2012/07/23 11:16:26 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2012/07/22 20:22:10 | 000,000,000 | ---D | C] -- C:\Users\aiden\AppData\Local\CrashDumps
[2012/07/22 16:43:21 | 000,000,000 | ---D | C] -- C:\Users\aiden\AppData\Roaming\Giohg
[2012/07/22 16:43:21 | 000,000,000 | ---D | C] -- C:\Users\aiden\AppData\Roaming\Ceymz
[2012/07/22 16:42:48 | 000,000,000 | ---D | C] -- C:\ProgramData\mkzdbtwkbnyctqp
[2012/07/15 23:35:46 | 000,000,000 | ---D | C] -- C:\Windows\Minidump
[2012/07/11 19:36:02 | 000,307,200 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ncrypt.dll
[2012/06/23 19:38:37 | 000,000,000 | ---D | C] -- C:\ProgramData\Mozilla
[2012/06/23 19:38:36 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Mozilla Maintenance Service

========== Files - Modified Within 30 Days ==========

[2012/07/23 12:10:37 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2012/07/23 12:10:31 | 3062,915,072 | -HS- | M] () -- C:\hiberfil.sys
[2012/07/23 11:16:27 | 000,001,115 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
[2012/07/23 11:06:24 | 000,000,472 | ---- | M] () -- C:\Windows\tasks\SDMsgUpdate (TE).job
[2012/07/23 11:06:00 | 000,000,896 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2012/07/23 11:02:06 | 000,013,872 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2012/07/23 11:02:06 | 000,013,872 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2012/07/23 10:55:13 | 000,000,892 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2012/07/23 10:11:46 | 000,000,908 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-2801790525-1181544261-1216082320-1001UA.job
[2012/07/22 16:42:49 | 000,000,051 | ---- | M] () -- C:\ProgramData\pcvuuyuptedhonx
[2012/07/22 15:51:00 | 000,000,856 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-2801790525-1181544261-1216082320-1001Core.job
[2012/07/22 01:17:34 | 534,839,758 | ---- | M] () -- C:\Windows\MEMORY.DMP
[2012/07/20 17:48:41 | 000,002,050 | ---- | M] () -- C:\Users\aiden\Application Data\Microsoft\Internet Explorer\Quick Launch\Mozilla Firefox.lnk
[2012/07/19 20:27:19 | 000,031,720 | ---- | M] () -- C:\Users\aiden\Documents\bacpol 19072012.pdf
[2012/07/19 15:13:45 | 000,727,334 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2012/07/19 15:13:45 | 000,616,694 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2012/07/19 15:13:45 | 000,106,816 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2012/07/14 11:33:08 | 000,062,103 | ---- | M] () -- C:\Users\aiden\Documents\lituanian driver.pdf
[2012/07/12 08:04:40 | 000,310,896 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
[2012/07/05 11:42:09 | 000,031,728 | ---- | M] () -- C:\Users\aiden\Documents\bacpolpayment05072012.pdf
[2012/07/05 11:34:36 | 000,031,725 | ---- | M] () -- C:\Users\aiden\Documents\kimhutpayment5072012.pdf
[2012/07/04 15:48:43 | 000,852,350 | ---- | M] () -- C:\Users\aiden\Documents\turban1.pdf
[2012/07/04 15:47:58 | 000,903,808 | ---- | M] () -- C:\Users\aiden\Documents\turban.pdf
[2012/07/03 13:46:44 | 000,024,904 | ---- | M] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbam.sys
[2012/06/26 14:52:18 | 000,283,607 | ---- | M] () -- C:\Users\aiden\Documents\em.pdf

========== Files Created - No Company Name ==========

[2012/07/23 11:16:27 | 000,001,115 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
[2012/07/22 16:42:42 | 000,000,051 | ---- | C] () -- C:\ProgramData\pcvuuyuptedhonx
[2012/07/19 20:27:19 | 000,031,720 | ---- | C] () -- C:\Users\aiden\Documents\bacpol 19072012.pdf
[2012/07/15 23:35:38 | 534,839,758 | ---- | C] () -- C:\Windows\MEMORY.DMP
[2012/07/05 11:42:09 | 000,031,728 | ---- | C] () -- C:\Users\aiden\Documents\bacpolpayment05072012.pdf
[2012/07/05 11:34:36 | 000,031,725 | ---- | C] () -- C:\Users\aiden\Documents\kimhutpayment5072012.pdf
[2012/07/04 15:48:43 | 000,852,350 | ---- | C] () -- C:\Users\aiden\Documents\turban1.pdf
[2012/07/04 15:47:57 | 000,903,808 | ---- | C] () -- C:\Users\aiden\Documents\turban.pdf
[2012/06/26 14:52:18 | 000,283,607 | ---- | C] () -- C:\Users\aiden\Documents\em.pdf
[2012/06/13 19:57:13 | 000,000,146 | ---- | C] () -- C:\Windows\ODBC.INI
[2012/06/13 19:51:35 | 000,000,027 | ---- | C] () -- C:\Windows\BarCode.ini
[2012/02/17 16:29:33 | 000,110,456 | ---- | C] () -- C:\Users\aiden\g2ax_customer_downloadhelper_win32_x86.exe
[2011/12/11 15:39:08 | 000,000,410 | ---- | C] () -- C:\Windows\BRWMARK.INI
[2011/12/11 15:39:08 | 000,000,034 | ---- | C] () -- C:\Windows\SysWow64\BD2030.DAT
[2011/04/18 16:47:12 | 000,735,726 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2011/04/05 16:25:47 | 000,815,104 | ---- | C] () -- C:\Windows\SysWow64\xvidcore.dll
[2011/04/05 16:25:47 | 000,180,224 | ---- | C] () -- C:\Windows\SysWow64\xvidvfw.dll
[2011/03/11 11:06:28 | 000,000,056 | -H-- | C] () -- C:\ProgramData\ezsidmv.dat
[2010/12/12 16:06:20 | 000,870,560 | ---- | C] () -- C:\Windows\SysWow64\igkrng575.bin
[2010/12/12 16:06:20 | 000,208,896 | ---- | C] () -- C:\Windows\SysWow64\iglhsip32.dll
[2010/12/12 16:06:20 | 000,143,360 | ---- | C] () -- C:\Windows\SysWow64\iglhcp32.dll
[2010/12/12 16:06:20 | 000,104,796 | ---- | C] () -- C:\Windows\SysWow64\igfcg575m.bin
[2010/12/12 16:06:19 | 000,127,868 | ---- | C] () -- C:\Windows\SysWow64\igcompkrng575.bin
[2010/12/12 16:02:53 | 000,000,325 | ---- | C] () -- C:\Windows\Prelaunch.ini
[2010/12/12 16:02:53 | 000,000,271 | ---- | C] () -- C:\Windows\WisPriority.ini
[2010/12/12 16:02:53 | 000,000,035 | ---- | C] () -- C:\Windows\DELL_LANGCODE.ini
[2010/12/12 16:02:53 | 000,000,033 | ---- | C] () -- C:\Windows\DELL_OSTYPE.ini
[2010/12/12 16:02:53 | 000,000,032 | ---- | C] () -- C:\Windows\WisHWDest.ini
[2010/12/12 16:02:53 | 000,000,028 | ---- | C] () -- C:\Windows\WisLangCode.ini
[2010/12/12 16:02:53 | 000,000,023 | ---- | C] () -- C:\Windows\WisSysInfo.ini

< End of report >
one man clappin is offline  
23-07-2012, 12:31   #4
one man clappin
Registered User
 
one man clappin's Avatar
 
Join Date: Mar 2006
Posts: 339
Extras Log:

OTL Extras logfile created on: 7/23/2012 12:21:08 PM - Run 1
OTL by OldTimer - Version 3.2.54.0 Folder = C:\Users\aiden\Downloads
64bit- Home Premium Edition (Version = 6.1.7600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.7600.16385)
Locale: 00000409 | Country: Ireland | Language: IRE | Date Format: dd/MM/yyyy

3.80 Gb Total Physical Memory | 3.10 Gb Available Physical Memory | 81.49% Memory free
7.60 Gb Paging File | 6.95 Gb Available in Paging File | 91.37% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 283.34 Gb Total Space | 187.07 Gb Free Space | 66.02% Space Free | Partition Type: NTFS

Computer Name: AIDEN-PC | User Name: aiden | Logged in as Administrator.
Boot Mode: SafeMode with Networking | Scan Mode: Current user | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Extra Registry (SafeList) ==========


========== File Associations ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.url[@ = InternetShortcut] -- C:\Windows\SysNative\rundll32.exe (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)

[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation)

========== Shell Spawning ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

========== Security Center Settings ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 0

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = 28 4D B2 76 41 04 CA 01 [binary data]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]

========== Firewall Settings ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1

========== Authorized Applications List ==========


========== Vista Active Open Ports Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{05EE50CD-FD1B-4643-9B95-76EE98F30339}" = lport=138 | protocol=17 | dir=in | app=system |
"{10A56532-46A1-4FA3-8E31-0CF0DAD822D5}" = rport=137 | protocol=17 | dir=out | app=system |
"{114691FE-1BCA-4B97-963D-4BD597B8BFA6}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 |
"{134ACC62-7E31-4127-A999-C220BC997863}" = lport=2869 | protocol=6 | dir=in | app=system |
"{19C43D64-D4C3-4527-9854-B98616D80B71}" = rport=10243 | protocol=6 | dir=out | app=system |
"{1C3569B9-C5BC-4C29-B80B-A8F5A4D9A8B4}" = lport=10243 | protocol=6 | dir=in | app=system |
"{3A0338AE-087C-43D7-BB4D-273BB3B3D264}" = lport=445 | protocol=6 | dir=in | app=system |
"{3C0F8F6C-E045-4C98-9DB4-AFB8B226A2B2}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{4140B1C8-2B85-404B-A7AE-3A4EAB8361FD}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{5247F521-56DF-462B-85A0-A13C0075FA27}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{645E2378-058D-4C11-BC28-F8471950A201}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{87C7B15D-4610-4017-A159-B61E7088DAF3}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{8836E9D6-50FF-4C02-BB8D-356E6BEBB8E9}" = lport=2869 | protocol=6 | dir=in | name=windows live communications platform (upnp) |
"{887EEDF8-1B70-481C-BC92-28428108C6B7}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{9E1F21A8-A112-4B98-A03A-0736EED73ED4}" = rport=139 | protocol=6 | dir=out | app=system |
"{A963A45D-E968-40FF-97B8-E3BBB4F97674}" = lport=137 | protocol=17 | dir=in | app=system |
"{B1F6F36F-89E6-4600-86FD-5EB178BF2327}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{BE4841B1-9225-4575-AABA-8B2F2741E112}" = lport=139 | protocol=6 | dir=in | app=system |
"{C080FC62-FFA7-4158-8843-8EC1CDCBA0F1}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{CFC4669E-4686-4B69-8EC9-6FDD366BA048}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{D342C71D-4FEF-46E0-A03F-9B3EABBC8CE3}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe |
"{DEE35F72-928C-4DDC-993A-550C2685A29D}" = rport=445 | protocol=6 | dir=out | app=system |
"{EEEBAE48-FCC0-43FE-BD9C-ECD3E43B26AB}" = rport=138 | protocol=17 | dir=out | app=system |
"{F4F789F5-8E5C-430D-A36C-CFCD3F11E9F1}" = lport=1900 | protocol=17 | dir=in | name=windows live communications platform (ssdp) |
"{F780AF82-18C6-449C-AF77-7F22EA8674E5}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |

========== Vista Active Application Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{0561EC3D-8744-4DAB-A8A9-CBBE860859F2}" = protocol=6 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{062E341C-A58C-4C2B-8D1C-2058387EB4FC}" = protocol=6 | dir=in | app=c:\program files (x86)\vuze\azureus.exe |
"{065B5912-AB59-4054-85F8-E2CC45B60A93}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{0D44F584-D66E-4C9C-8CD4-467AD196C2FB}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{1610D92C-143D-4381-BDC6-371974769E63}" = protocol=17 | dir=in | app=c:\program files\hp\hp deskjet 3050 j610 series\bin\devicesetup.exe |
"{16238889-FD09-4CC3-8AE9-A1DDD8ACC6AA}" = protocol=17 | dir=in | app=c:\program files (x86)\vuze\azureus.exe |
"{2468230B-7A96-4393-890F-9411395F975E}" = dir=in | app=c:\program files (x86)\windows live\mesh\moe.exe |
"{251C2430-7B4E-4596-BEC5-BB7B1CCB8ED4}" = protocol=17 | dir=in | app=c:\program files (x86)\raptr\raptr.exe |
"{2E77AC01-FF89-4AC2-9C89-02C2BFCC8194}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 |
"{38BEEAA9-28BD-4EBC-9BB5-19DA5F1E8E97}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{38E89A0E-3415-4868-9F12-B10CCFA678D2}" = protocol=6 | dir=in | app=c:\program files (x86)\giraffic\veoh_giraffic.exe |
"{464D103B-3612-4E2F-83FD-7F27D4856FBD}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{56B74252-37E3-4C30-840C-A737D07450BD}" = protocol=17 | dir=in | app=c:\program files\common files\mcafee\mcsvchost\mcsvhost.exe |
"{5BC7B79D-18E7-4247-8795-90FB2EC418E2}" = protocol=17 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{5F3845D8-CEBC-472D-8003-F76DDC3A48B0}" = protocol=17 | dir=in | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{70DB5790-1570-43D3-A7FD-89DEE3F39FAF}" = protocol=17 | dir=in | app=c:\program files (x86)\giraffic\veoh_giraffic.exe |
"{7CC04E41-6848-4D61-B21B-B34DABF7FEEB}" = protocol=6 | dir=in | app=c:\program files\hp\hp deskjet 3050 j610 series\bin\hpnetworkcommunicator.exe |
"{84CE6919-D64B-478C-84ED-DA66C0C53B45}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{8CFA2BEA-8536-4D7D-A40B-6F2AA76302FC}" = dir=in | app=c:\program files (x86)\windows live\contacts\wlcomm.exe |
"{8DABA407-E508-46EF-B9C5-EEE74347549E}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 |
"{9486E3FF-DF15-4983-86FE-1AF0E0EB0FF8}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
"{9EBF73A3-AC58-46D2-9ECC-AE20F9241913}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{9F803CAF-735B-4975-BDB9-5DDDADD2BCCF}" = protocol=6 | dir=in | app=c:\program files (x86)\raptr\raptr_im.exe |
"{AA40A295-DB43-4739-A24C-346810AF78A8}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{AFAEE58F-7194-4542-90CC-2D6FC179BCA2}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{B449608D-AD6F-42F4-B4DD-36B810D3A3FD}" = dir=in | app=c:\program files (x86)\windows live\messenger\msnmsgr.exe |
"{C4A199A7-E055-42BA-A4E2-68943599471E}" = protocol=17 | dir=in | app=c:\program files (x86)\giraffic\veoh_girafficwatchdog.exe |
"{CA4CE259-6F00-4ABD-94DA-B5CE98B44508}" = protocol=6 | dir=in | app=c:\program files\common files\mcafee\mcsvchost\mcsvhost.exe |
"{CD69AF1C-CAEB-4C8D-A738-DD6E60A84105}" = protocol=6 | dir=in | app=c:\program files (x86)\microsoft office\office12\onenote.exe |
"{CDC6046D-D389-4593-B0C0-39C9A97813D0}" = protocol=17 | dir=in | app=c:\program files (x86)\raptr\raptr_im.exe |
"{D41919B0-5995-4471-975A-2C95135153C4}" = protocol=6 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{DBB983FC-FE57-4E71-8F9A-51A75E8FFE4C}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 |
"{DCDF84B3-7F2D-45A8-A798-788649E6184F}" = protocol=6 | dir=in | app=c:\program files (x86)\giraffic\veoh_girafficwatchdog.exe |
"{E0E5574A-C284-42AF-A4B3-1C021DDC5D53}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 |
"{E3493439-ED6D-44D6-B87C-32187B81FC69}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{E856DB20-2EC8-4EC6-AAA7-F22C79C5E632}" = protocol=6 | dir=in | app=c:\program files\hp\hp deskjet 3050 j610 series\bin\devicesetup.exe |
"{ECEAFF03-0A1A-4169-9D73-F6AFB1BB0947}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{F01A838C-07C3-4BEA-AD81-9C3926A4E53F}" = protocol=17 | dir=in | app=c:\program files\hp\hp deskjet 3050 j610 series\bin\hpnetworkcommunicator.exe |
"{F3666B52-8BFB-475B-BDB9-D306C5155ACD}" = protocol=17 | dir=in | app=c:\program files (x86)\veoh networks\veohwebplayer\veohwebplayer.exe |
"{F5BF0708-FBCC-4BD5-A348-5A8B5F7E87DA}" = protocol=6 | dir=out | app=system |
"{F7513B6F-B265-42D7-8B71-8EAEE8F06999}" = protocol=6 | dir=in | app=c:\program files (x86)\raptr\raptr.exe |
"{FF18F664-9858-414C-9490-1F91CE1E14B8}" = protocol=6 | dir=in | app=c:\program files (x86)\veoh networks\veohwebplayer\veohwebplayer.exe |
"{FF6CF16E-A9F9-4859-A623-848EEC764EFD}" = protocol=17 | dir=in | app=c:\program files (x86)\microsoft office\office12\onenote.exe |

========== HKEY_LOCAL_MACHINE Uninstall List ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{0090A87C-3E0E-43D4-AA71-A71B06563A4A}" = Dell Support Center
"{071c9b48-7c32-4621-a0ac-3f809523288f}" = Microsoft Visual C++ 2005 Redistributable (x64)
"{1B8ABA62-74F0-47ED-B18C-A43128E591B8}" = Windows Live ID Sign-in Assistant
"{5EB6F3CB-46F4-451F-A028-7F6D8D35D7D0}" = Windows Live Language Selector
"{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161
"{650AF771-456D-418F-BFC7-F6FFC9D0235C}" = HP Deskjet 3050 J610 series Basic Device Software
"{656DEEDE-F6AC-47CA-A568-A1B4E34B5760}" = Windows Live Remote Service Resources
"{8220EEFE-38CD-377E-8595-13398D740ACE}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17
"{8338783A-0968-3B85-AFC7-BAAE0A63DC50}" = Microsoft Visual C++ 2008 Redistributable - KB2467174 - x64 9.0.30729.5570
"{847B0532-55E3-4AAF-8D7B-E3A1A7CD17E5}" = Windows Live Remote Client Resources
"{87CF757E-C1F1-4D22-865C-00C6950B5258}" = Quickset64
"{90120000-002A-0000-1000-0000000FF1CE}" = Microsoft Office Office 64-bit Components 2007
"{90120000-002A-0409-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit MUI (English) 2007
"{90120000-0116-0409-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2007
"{90140000-006D-0409-1000-0000000FF1CE}" = Microsoft Office Click-to-Run 2010
"{95120000-00B9-0409-1000-0000000FF1CE}" = Microsoft Application Error Reporting
"{aac9fcc4-dd9e-4add-901c-b5496a07ab2e}" = Microsoft Visual C++ 2005 Redistributable (x64) - KB2467175
"{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}" = Microsoft Visual C++ 2005 Redistributable (x64)
"{B6E3757B-5E77-3915-866A-CCFC4B8D194C}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x64 8.0.50727.4053
"{B9C3D27C-D72A-4F48-A0A4-8E1758219735}" = TEC-IT TBarCode Office 10
"{C73A3942-84C8-4597-9F9B-EE227DCBA758}" = Dell Dock
"{DA54F80E-261C-41A2-A855-549A144F2F59}" = Windows Live MIME IFilter
"{DF6D988A-EEA0-4277-AAB8-158E086E439B}" = Windows Live Remote Client
"{E02A6548-6FDE-40E2-8ED9-119D7D7E641F}" = Windows Live Remote Service
"{EE936C7A-EA40-31D5-9B65-8E3E089C3828}" = Microsoft Visual C++ 2008 ATL Update kb973924 - x64 9.0.30729.4148
"{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}" = Microsoft .NET Framework 4 Client Profile
"{FEB2C4AA-661E-483F-9626-21A8ACFD10F2}" = HP Deskjet 3050 J610 series Product Improvement Study
"Dell Support Center" = Dell Support Center
"DW WLAN Card Utility" = DW WLAN Card Utility
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"SynTPDeinstKey" = Synaptics Pointing Device Driver

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{052bac4a-6f79-46d4-a024-1ce1b4f73cd4}" = Microsoft Visual C++ 2005 Redistributable
"{0B0F231F-CE6A-483D-AA23-77B364F75917}" = Windows Live Installer
"{0ED7EE95-6A97-47AA-AD73-152C08A15B04}" = Dell DataSafe Local Backup
"{196BB40D-1578-3D01-B289-BEFC77A11A1E}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.30319
"{19BA08F7-C728-469C-8A35-BFBD3633BE08}" = Windows Live Movie Maker
"{1CAC7A41-583B-4483-9FA5-3E5465AFF8C2}" = Microsoft Default Manager
"{1F6AB0E7-8CDD-4B93-8A23-AA9EB2FEFCE4}" = Junk Mail filter update
"{200FEC62-3C34-4D60-9CE8-EC372E01C08F}" = Windows Live SOXE Definitions
"{26A24AE4-039D-4CA4-87B4-2F83216031FF}" = Java(TM) 6 Update 31
"{2902F983-B4C1-44BA-B85D-5C6D52E2C441}" = Windows Live Mesh ActiveX Control for Remote Connections
"{3336F667-9049-4D46-98B6-4C743EEBC5B1}" = Windows Live Photo Gallery
"{33CBA936-14BD-4FD9-9E67-9B94201BB6C7}" = TEC-IT TFORMer 7.0
"{34F4D9A4-42C2-4348-BEF4-E553C84549E7}" = Windows Live Photo Gallery
"{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}" = Intel(R) Rapid Storage Technology
"{3F15E203-BC3E-3597-84CD-EDF99546C917}" = Google Talk Plugin
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4CBABDFD-49F8-47FD-BE7D-ECDE7270525A}" = Windows Live PIMT Platform
"{50816F92-1652-4A7C-B9BC-48F682742C4B}" = Messenger Companion
"{51C7AD07-C3F6-4635-8E8A-231306D810FE}" = Cisco LEAP Module
"{5A3C1721-F8ED-11E0-8AFB-B8AC6F97B88E}" = Google Earth
"{61EDBE71-5D3E-4AB7-AD95-E53FEAF68C17}" = Bing Rewards Client Installer
"{64BF0187-F3D2-498B-99EA-163AF9AE6EC9}" = Cisco EAP-FAST Module
"{65153EA5-8B6E-43B6-857B-C6E4FC25798A}" = Intel(R) Management Engine Components
"{682B3E4F-696A-42DE-A41C-4C07EA1678B4}" = Windows Live SOXE
"{6A05FEDF-662E-46BF-8A25-010E3F1C9C69}" = Windows Live UX Platform Language Pack
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
"{787D1A33-A97B-4245-87C0-7174609A540C}" = HP Update
"{78A96B4C-A643-4D0F-98C2-A8E16A6669F9}" = Windows Live Messenger Companion Core
"{7DB9F1E5-9ACB-410D-A7DC-7A3D023CE045}" = Dell Getting Started Guide
"{80956555-A512-4190-9CAD-B000C36D6B6B}" = Windows Live Messenger
"{820B6609-4C97-3A2B-B644-573B06A0F0CC}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8C6D6116-B724-4810-8F2D-D047E6B7D68E}" = Mesh Runtime
"{8DD46C6A-0056-4FEC-B70A-28BB16A1F11F}" = MSVCRT
"{8FB53850-246A-3507-8ADE-0060093FFEA6}" = Visual Studio Tools for the Office system 3.0 Runtime
"{90120000-0016-0409-0000-0000000FF1CE}" = Microsoft Office Excel MUI (English) 2007
"{90120000-0016-0409-0000-0000000FF1CE}_HOMESTUDENTR_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0018-0409-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (English) 2007
"{90120000-0018-0409-0000-0000000FF1CE}_HOMESTUDENTR_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001B-0409-0000-0000000FF1CE}" = Microsoft Office Word MUI (English) 2007
"{90120000-001B-0409-0000-0000000FF1CE}_HOMESTUDENTR_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-0409-0000-0000000FF1CE}_HOMESTUDENTR_{1FF96026-A04A-4C3E-B50A-BB7022654D0F}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2007
"{90120000-001F-040C-0000-0000000FF1CE}_HOMESTUDENTR_{71F055E8-E2C6-4214-BB3D-BFE03561B89E}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-0C0A-0000-0000000FF1CE}" = Microsoft Office Proof (Spanish) 2007
"{90120000-001F-0C0A-0000-0000000FF1CE}_HOMESTUDENTR_{2314F9A1-126F-45CC-8A5E-DFAF866F3FBC}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-002A-0000-1000-0000000FF1CE}_HOMESTUDENTR_{664655D8-B9BB-455D-8A58-7EAF7B0B2862}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-002A-0409-1000-0000000FF1CE}_HOMESTUDENTR_{98333358-268C-4164-B6D4-C96DF5153727}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-002C-0409-0000-0000000FF1CE}" = Microsoft Office Proofing (English) 2007
"{90120000-006E-0409-0000-0000000FF1CE}" = Microsoft Office Shared MUI (English) 2007
"{90120000-006E-0409-0000-0000000FF1CE}_HOMESTUDENTR_{98333358-268C-4164-B6D4-C96DF5153727}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-00A1-0409-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (English) 2007
"{90120000-00A1-0409-0000-0000000FF1CE}_HOMESTUDENTR_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0115-0409-0000-0000000FF1CE}" = Microsoft Office Shared Setup Metadata MUI (English) 2007
"{90120000-0115-0409-0000-0000000FF1CE}_HOMESTUDENTR_{98333358-268C-4164-B6D4-C96DF5153727}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0116-0409-1000-0000000FF1CE}_HOMESTUDENTR_{98333358-268C-4164-B6D4-C96DF5153727}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90140011-0066-0409-0000-0000000FF1CE}" = Microsoft Office Starter 2010 - English
"{91120000-002F-0000-0000-0000000FF1CE}" = Microsoft Office Home and Student 2007
"{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{92EA4134-10D1-418A-91E1-5A0453131A38}" = Windows Live Movie Maker
"{95140000-0070-0000-0000-0000000FF1CE}" = Microsoft Office 2010
"{981029E0-7FC9-4CF3-AB39-6F133621921A}" = Skype Toolbars
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{9D56775A-93F3-44A3-8092-840E3826DE30}" = Windows Live Mail
"{A0C91188-C88F-4E86-93E6-CD7C9A266649}" = Windows Live Mesh
"{a0fe116e-9a8a-466f-aee0-625cb7c207e3}" = Microsoft Visual C++ 2005 Redistributable - KB2467175
"{A33E7B0C-B99C-4EC9-B702-8A328B161AF9}" = Roxio Burn
"{A726AE06-AAA3-43D1-87E3-70F510314F04}" = Windows Live Writer
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{A9668246-FB70-4103-A1E3-66C9BC2EFB49}" = Dell DataSafe Local Backup - Support Software
"{A9BDCA6B-3653-467B-AC83-94367DA3BFE3}" = Windows Live Photo Common
"{AAAFC670-569B-4A2F-82B4-42945E0DE3EF}" = Windows Live Writer
"{AAF454FC-82CA-4F29-AB31-6A109485E76E}" = Windows Live Writer
"{AC76BA86-7AD7-1033-7B44-A81200000003}" = Adobe Reader 8.1.2
"{B2E47DE7-800B-40BB-BD1F-9F221C3AEE87}" = Roxio Burn
"{C66824E4-CBB3-4851-BB3F-E8CFD6350923}" = Windows Live Mail
"{CE95A79E-E4FC-4FFF-8A75-29F04B942FF2}" = Windows Live UX Platform
"{D0B44725-3666-492D-BEF6-587A14BD9BD9}" = MSVCRT_amd64
"{D103C4BA-F905-437A-8049-DB24763BBE36}" = Skype™ 4.2
"{D436F577-1695-4D2F-8B44-AC76C99E0002}" = Windows Live Photo Common
"{D45240D3-B6B3-4FF9-B243-54ECE3E10066}" = Windows Live Communications Platform
"{DDC8BDEE-DCAC-404D-8257-3E8D4B782467}" = Windows Live Writer Resources
"{DECDCB7C-58CC-4865-91AF-627F9798FE48}" = Windows Live Mesh
"{DFC3E171-965F-4C07-AA42-05F6F5B7380B}_is1" = RAR Opener version 1.0
"{E09C4DB7-630C-4F06-A631-8EA7239923AF}" = D3DX10
"{EB4DF488-AAEF-406F-A341-CB2AAA315B90}" = Windows Live Messenger
"{ED5776D5-59B4-46B7-AF81-5F2D94D7C640}" = Cisco PEAP Module
"{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]
"{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}" = Intel(R) Graphics Media Accelerator Driver
"{F11DD279-BC82-4234-A8B8-AADCA1A8B308}" = Virtual Com for USB Driver V1.0.3
"{F7632A9B-661E-4FD9-B1A4-3B86BC99847F}" = HP Deskjet 3050 J610 series Help
"{F8A9085D-4C7A-41a9-8A77-C8998A96C421}" = Intel(R) Control Center
"{FE044230-9CA5-43F7-9B58-5AC5A28A1F33}" = Windows Live Essentials
"8461-7759-5462-8226" = Vuze
"Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin
"Advanced Audio FX Engine" = Advanced Audio FX Engine
"conduitEngine" = Conduit Engine
"Coupon Printer for Windows5.0.0.0" = Coupon Printer for Windows
"Dell Dock" = Dell Dock
"Dell Webcam Central" = Dell Webcam Central
"Giraffic" = Veoh Giraffic Video Accelerator
"HOMESTUDENTR" = Microsoft Office Home and Student 2007
"HP Photo Creations" = HP Photo Creations
"Malwarebytes' Anti-Malware_is1" = Malwarebytes Anti-Malware version 1.62.0.1300
"Mozilla Firefox 14.0.1 (x86 en-GB)" = Mozilla Firefox 14.0.1 (x86 en-GB)
"MozillaMaintenanceService" = Mozilla Maintenance Service
"NIS" = Norton Internet Security
"Office14.Click2Run" = Microsoft Office Click-to-Run 2010
"PartyPoker" = PartyPoker
"SmartDraw 2012" = SmartDraw 2012
"Visual Studio Tools for the Office system 3.0 Runtime" = Visual Studio Tools for the Office system 3.0 Runtime
"Vuze_Remote Toolbar" = Vuze Remote Toolbar
"WildTangent dell Master Uninstall" = WildTangent Games
"WinLiveSuite" = Windows Live Essentials
"Xvid_is1" = Xvid 1.2.1 final uninstall

========== HKEY_CURRENT_USER Uninstall List ==========

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"6019B71A5A75B58CE85C0186950C1D941142E4EC" = TECIT.TBarCode.ExcelAddIn
"F80C393CE1229535BC84582CD13B70388ABABEFC" = TECIT.TBarCode.WordAddIn
"Octoshape Streaming Services" = Octoshape Streaming Services
"William Hill CASINO CLUB" = William Hill CASINO CLUB

========== Last 20 Event Log Errors ==========

[ Application Events ]
Error - 6/22/2012 5:36:26 AM | Computer Name = aiden-PC | Source = EventSystem | ID = 4621
Description =

Error - 6/23/2012 4:58:25 PM | Computer Name = aiden-PC | Source = EventSystem | ID = 4621
Description =

Error - 6/24/2012 5:12:28 PM | Computer Name = aiden-PC | Source = EventSystem | ID = 4622
Description =

Error - 6/27/2012 4:59:07 PM | Computer Name = aiden-PC | Source = EventSystem | ID = 4621
Description =

Error - 6/29/2012 5:18:02 PM | Computer Name = aiden-PC | Source = EventSystem | ID = 4621
Description =

Error - 7/3/2012 9:52:21 AM | Computer Name = aiden-PC | Source = CVHSVC | ID = 100
Description = Information only. (Patch task for {90140011-0066-0409-0000-0000000FF1CE}):
DownloadLatest Failed: The operation timed out

Error - 7/3/2012 5:00:08 PM | Computer Name = aiden-PC | Source = EventSystem | ID = 4622
Description =

Error - 7/5/2012 4:02:19 PM | Computer Name = aiden-PC | Source = EventSystem | ID = 4621
Description =

Error - 7/5/2012 4:13:47 PM | Computer Name = aiden-PC | Source = CVHSVC | ID = 100
Description = Information only. (Patch task for {90140011-0066-0409-0000-0000000FF1CE}):
DownloadLatest Failed: The server name or address could not be resolved

Error - 7/5/2012 5:06:19 PM | Computer Name = aiden-PC | Source = EventSystem | ID = 4621
Description =

Error - 7/7/2012 5:08:22 PM | Computer Name = aiden-PC | Source = EventSystem | ID = 4621
Description =

[ Broadcom Wireless LAN Events ]
Error - 7/19/2012 4:26:44 AM | Computer Name = aiden-PC | Source = WLAN-Tray | ID = 0
Description = 09:26:44, Thu, Jul 19, 12 Error - P2P: Failed to set APSTA mode

Error - 7/19/2012 10:11:23 AM | Computer Name = aiden-PC | Source = WLAN-Tray | ID = 0
Description = 15:11:22, Thu, Jul 19, 12 Error - Unable to gain access to user store


Error - 7/21/2012 8:19:38 PM | Computer Name = aiden-PC | Source = WLAN-Tray | ID = 0
Description = 01:19:38, Sun, Jul 22, 12 Error - Unable to gain access to user store


Error - 7/22/2012 12:01:01 PM | Computer Name = aiden-PC | Source = WLAN-Tray | ID = 0
Description = 17:01:01, Sun, Jul 22, 12 Error - Unable to get current user admin
status

Error - 7/22/2012 12:10:38 PM | Computer Name = aiden-PC | Source = WLAN-Tray | ID = 0
Description = 17:10:38, Sun, Jul 22, 12 Error - Unable to get current user admin
status

Error - 7/22/2012 12:26:58 PM | Computer Name = aiden-PC | Source = WLAN-Tray | ID = 0
Description = 17:26:58, Sun, Jul 22, 12 Error - Unable to get current user admin
status

Error - 7/22/2012 1:42:58 PM | Computer Name = aiden-PC | Source = WLAN-Tray | ID = 0
Description = 18:42:58, Sun, Jul 22, 12 Error - Unable to get current user admin
status

Error - 7/23/2012 5:14:03 AM | Computer Name = aiden-PC | Source = WLAN-Tray | ID = 0
Description = 10:14:03, Mon, Jul 23, 12 Error - Unable to get current user admin
status

Error - 7/23/2012 5:15:47 AM | Computer Name = aiden-PC | Source = WLAN-Tray | ID = 0
Description = 10:15:47, Mon, Jul 23, 12 Error - Unable to get current user admin
status

Error - 7/23/2012 6:00:40 AM | Computer Name = aiden-PC | Source = WLAN-Tray | ID = 0
Description = 11:00:40, Mon, Jul 23, 12 Error - Unable to get current user admin
status

[ Dell Events ]
Error - 2/25/2011 7:37:34 PM | Computer Name = aiden-PC | Source = DataSafe | ID = 17
Description = The process was interrupted before completion.

Error - 3/8/2011 5:26:22 AM | Computer Name = aiden-PC | Source = DataSafe | ID = 17
Description = The process was interrupted before completion.

Error - 3/8/2011 5:26:22 AM | Computer Name = aiden-PC | Source = DataSafe | ID = 17
Description = The process was interrupted before completion.

Error - 5/18/2011 9:19:03 AM | Computer Name = aiden-PC | Source = DataSafe | ID = 17
Description = The process was interrupted before completion.

Error - 5/18/2011 9:19:03 AM | Computer Name = aiden-PC | Source = DataSafe | ID = 17
Description = The process was interrupted before completion.

Error - 9/1/2011 12:16:28 PM | Computer Name = aiden-PC | Source = DataSafe | ID = 17
Description = The process was interrupted before completion.

Error - 9/1/2011 12:16:28 PM | Computer Name = aiden-PC | Source = DataSafe | ID = 17
Description = The process was interrupted before completion.

Error - 11/10/2011 1:08:08 PM | Computer Name = aiden-PC | Source = DataSafe | ID = 17
Description = The process was interrupted before completion.

Error - 11/10/2011 1:08:08 PM | Computer Name = aiden-PC | Source = DataSafe | ID = 17
Description = The process was interrupted before completion.

Error - 11/13/2011 11:17:15 AM | Computer Name = aiden-PC | Source = DataSafe | ID = 17
Description = The process was interrupted before completion.

[ Media Center Events ]
Error - 5/10/2011 10:44:06 PM | Computer Name = aiden-PC | Source = MCUpdate | ID = 0
Description = 03:44:06 - Error connecting to the internet. 03:44:06 - Unable
to contact server..

Error - 5/10/2011 10:44:16 PM | Computer Name = aiden-PC | Source = MCUpdate | ID = 0
Description = 03:44:11 - Error connecting to the internet. 03:44:11 - Unable
to contact server..

Error - 5/10/2011 11:44:20 PM | Computer Name = aiden-PC | Source = MCUpdate | ID = 0
Description = 04:44:20 - Error connecting to the internet. 04:44:20 - Unable
to contact server..

Error - 5/10/2011 11:44:26 PM | Computer Name = aiden-PC | Source = MCUpdate | ID = 0
Description = 04:44:25 - Error connecting to the internet. 04:44:25 - Unable
to contact server..

Error - 5/11/2011 12:44:31 AM | Computer Name = aiden-PC | Source = MCUpdate | ID = 0
Description = 05:44:31 - Error connecting to the internet. 05:44:31 - Unable
to contact server..

Error - 5/11/2011 12:44:37 AM | Computer Name = aiden-PC | Source = MCUpdate | ID = 0
Description = 05:44:36 - Error connecting to the internet. 05:44:36 - Unable
to contact server..

Error - 5/11/2011 1:44:42 AM | Computer Name = aiden-PC | Source = MCUpdate | ID = 0
Description = 06:44:42 - Error connecting to the internet. 06:44:42 - Unable
to contact server..

Error - 5/11/2011 1:44:48 AM | Computer Name = aiden-PC | Source = MCUpdate | ID = 0
Description = 06:44:47 - Error connecting to the internet. 06:44:47 - Unable
to contact server..

[ System Events ]
Error - 7/23/2012 7:10:42 AM | Computer Name = aiden-PC | Source = Service Control Manager | ID = 7003
Description = The IKE and AuthIP IPsec Keying Modules service depends the following
service: BFE. This service might not be installed.

Error - 7/23/2012 7:10:42 AM | Computer Name = aiden-PC | Source = Service Control Manager | ID = 7003
Description = The IPsec Policy Agent service depends the following service: BFE.
This service might not be installed.

Error - 7/23/2012 7:10:42 AM | Computer Name = aiden-PC | Source = Service Control Manager | ID = 7001
Description = The Client Virtualization Handler service depends on the Application
Virtualization Client service which failed to start because of the following error:
%%1068

Error - 7/23/2012 7:10:45 AM | Computer Name = aiden-PC | Source = Service Control Manager | ID = 7026
Description = The following boot-start or system-start driver(s) failed to load:
BHDrvx64 discache eeCtrl IDSVia64 spldr SRTSPX SymIRON SymNetS Wanarpv6

Error - 7/23/2012 7:10:51 AM | Computer Name = aiden-PC | Source = DCOM | ID = 10005
Description =

Error - 7/23/2012 7:10:58 AM | Computer Name = aiden-PC | Source = DCOM | ID = 10005
Description =

Error - 7/23/2012 7:11:00 AM | Computer Name = aiden-PC | Source = DCOM | ID = 10005
Description =

Error - 7/23/2012 7:11:00 AM | Computer Name = aiden-PC | Source = DCOM | ID = 10005
Description =

Error - 7/23/2012 7:11:00 AM | Computer Name = aiden-PC | Source = Service Control Manager | ID = 7001
Description = The HomeGroup Provider service depends on the Function Discovery Provider
Host service which failed to start because of the following error: %%1068

Error - 7/23/2012 7:11:01 AM | Computer Name = aiden-PC | Source = Microsoft-Windows-WLAN-AutoConfig | ID = 10000
Description = WLAN Extensibility Module has failed to start. Module Path: C:\Windows\System32\bcmihvsrv64.dll
Error
Code: 21


< End of report >
one man clappin is offline  
23-07-2012, 12:43   #5
ASJ112
Banned
 
Join Date: Jan 2010
Posts: 1,155
oipen OTL copy and paste this in the custom scan/fixes box



:OTL
FF - prefs.js..extensions.enabledItems: ShopperReports@ShopperReports.com:3.0.517.0
FF - prefs.js..extensions.enabledItems: {DE9265D8-D55D-4286-9DC4-F8D8A0CA2F64}:1.0
[2012/07/22 16:43:21 | 000,000,000 | ---D | C] -- C:\Users\aiden\AppData\Roaming\Giohg
[2012/07/22 16:43:21 | 000,000,000 | ---D | C] -- C:\Users\aiden\AppData\Roaming\Ceymz
[2012/07/22 16:42:48 | 000,000,000 | ---D | C] -- C:\ProgramData\mkzdbtwkbnyctqp
[2012/07/22 16:42:49 | 000,000,051 | ---- | M] () -- C:\ProgramData\pcvuuyuptedhonx


:Commands
[PURITY]
[EMPTYTEMP]
[EMPTYFLASH]
[RESETHOSTS]
[EMPTYJAVA]
[CREATERESTOREPOINT]
[Reboot]
:Files
ipconfig /flushdns /c


click run fix, reboot, and tell me how its running.
ASJ112 is offline  
Thanks from:
Advertisement
23-07-2012, 12:56   #6
one man clappin
Registered User
 
one man clappin's Avatar
 
Join Date: Mar 2006
Posts: 339
Thanks a million ASJ. That seems to have worked perfect. Below is the final log of OTL on reboot:

All processes killed
========== OTL ==========
Prefs.js: ShopperReports@ShopperReports.com:3.0.517.0 removed from extensions.enabledItems
Prefs.js: {DE9265D8-D55D-4286-9DC4-F8D8A0CA2F64}:1.0 removed from extensions.enabledItems
C:\Users\aiden\AppData\Roaming\Giohg folder moved successfully.
C:\Users\aiden\AppData\Roaming\Ceymz folder moved successfully.
C:\ProgramData\mkzdbtwkbnyctqp folder moved successfully.
C:\ProgramData\pcvuuyuptedhonx moved successfully.
========== COMMANDS ==========

[EMPTYTEMP]

User: aiden
->Temp folder emptied: 537416989 bytes
->Temporary Internet Files folder emptied: 727874636 bytes
->Java cache emptied: 2272956 bytes
->FireFox cache emptied: 1139130834 bytes
->Flash cache emptied: 2583 bytes

User: All Users

User: Default
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33170 bytes

User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes

User: Public

%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32 (64bit) .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 516871956 bytes
%systemroot%\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files folder emptied: 33304 bytes
%systemroot%\system32\config\systemprofile\AppData\LocalLow\Sun\Java\Deployment folder emptied: 753 bytes
%systemroot%\sysnative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files folder emptied: 36050602 bytes
%systemroot%\sysnative\config\systemprofile\AppData\LocalLow\Sun\Java\Deployment folder emptied: 749 bytes
RecycleBin emptied: 0 bytes

Total Files Cleaned = 2,823.00 mb


[EMPTYFLASH]

User: aiden
->Flash cache emptied: 0 bytes

User: All Users

User: Default

User: Default User

User: Public

Total Flash Files Cleaned = 0.00 mb

C:\Windows\System32\drivers\etc\Hosts moved successfully.
HOSTS file reset successfully

[EMPTYJAVA]

User: aiden
->Java cache emptied: 0 bytes

User: All Users

User: Default

User: Default User

User: Public

Total Java Files Cleaned = 0.00 mb

Unable to start System Restore Service. Error code 1084
========== FILES ==========
< ipconfig /flushdns /c >
Windows IP Configuration
Successfully flushed the DNS Resolver Cache.
C:\Users\aiden\Downloads\cmd.bat deleted successfully.
C:\Users\aiden\Downloads\cmd.txt deleted successfully.

OTL by OldTimer - Version 3.2.54.0 log created on 07232012_124441

Files\Folders moved on Reboot...
C:\Users\aiden\AppData\Local\Temp\FXSAPIDebugLogFile.txt moved successfully.

PendingFileRenameOperations files...
File C:\Users\aiden\AppData\Local\Temp\FXSAPIDebugLogFile.txt not found!

Registry entries deleted on Reboot...
one man clappin is offline  
23-07-2012, 13:00   #7
ASJ112
Banned
 
Join Date: Jan 2010
Posts: 1,155
play around with it and let me know if there are any issues left


if not, open OTL click the CleanUp! button and that's it.
ASJ112 is offline  
Thanks from:
25-07-2012, 10:57   #8
paddybongo
Registered User
 
Join Date: Sep 2011
Posts: 38
Go download superantispyware it will clean all them spyware and anything mbam has left,then go download Ccleaner and run it,that should do the trick.
http://www.superantispyware.com/
http://www.piriform.com/CCLEANER
paddybongo is offline  
25-07-2012, 13:58   #9
seligehgit
Registered User
 
seligehgit's Avatar
 
Join Date: Nov 2007
Location: Hoth
Posts: 1,655
Quote:
Originally Posted by one man clappin View Post
Extras Log:

OTL Extras logfile created on: 7/23/2012 12:21:08 PM - Run 1
OTL by OldTimer - Version 3.2.54.0 Folder = C:\Users\aiden\Downloads
64bit- Home Premium Edition (Version = 6.1.7600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.7600.16385)
Locale: 00000409 | Country: Ireland | Language: IRE | Date Format: dd/MM/yyyy

3.80 Gb Total Physical Memory | 3.10 Gb Available Physical Memory | 81.49% Memory free
7.60 Gb Paging File | 6.95 Gb Available in Paging File | 91.37% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 283.34 Gb Total Space | 187.07 Gb Free Space | 66.02% Space Free | Partition Type: NTFS

Computer Name: AIDEN-PC | User Name: aiden | Logged in as Administrator.
Boot Mode: SafeMode with Networking | Scan Mode: Current user | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Extra Registry (SafeList) ==========


========== File Associations ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.url[@ = InternetShortcut] -- C:\Windows\SysNative\rundll32.exe (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)

[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation)

========== Shell Spawning ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

========== Security Center Settings ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 0

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = 28 4D B2 76 41 04 CA 01 [binary data]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]

========== Firewall Settings ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1

========== Authorized Applications List ==========


========== Vista Active Open Ports Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{05EE50CD-FD1B-4643-9B95-76EE98F30339}" = lport=138 | protocol=17 | dir=in | app=system |
"{10A56532-46A1-4FA3-8E31-0CF0DAD822D5}" = rport=137 | protocol=17 | dir=out | app=system |
"{114691FE-1BCA-4B97-963D-4BD597B8BFA6}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 |
"{134ACC62-7E31-4127-A999-C220BC997863}" = lport=2869 | protocol=6 | dir=in | app=system |
"{19C43D64-D4C3-4527-9854-B98616D80B71}" = rport=10243 | protocol=6 | dir=out | app=system |
"{1C3569B9-C5BC-4C29-B80B-A8F5A4D9A8B4}" = lport=10243 | protocol=6 | dir=in | app=system |
"{3A0338AE-087C-43D7-BB4D-273BB3B3D264}" = lport=445 | protocol=6 | dir=in | app=system |
"{3C0F8F6C-E045-4C98-9DB4-AFB8B226A2B2}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{4140B1C8-2B85-404B-A7AE-3A4EAB8361FD}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{5247F521-56DF-462B-85A0-A13C0075FA27}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{645E2378-058D-4C11-BC28-F8471950A201}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{87C7B15D-4610-4017-A159-B61E7088DAF3}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{8836E9D6-50FF-4C02-BB8D-356E6BEBB8E9}" = lport=2869 | protocol=6 | dir=in | name=windows live communications platform (upnp) |
"{887EEDF8-1B70-481C-BC92-28428108C6B7}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{9E1F21A8-A112-4B98-A03A-0736EED73ED4}" = rport=139 | protocol=6 | dir=out | app=system |
"{A963A45D-E968-40FF-97B8-E3BBB4F97674}" = lport=137 | protocol=17 | dir=in | app=system |
"{B1F6F36F-89E6-4600-86FD-5EB178BF2327}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{BE4841B1-9225-4575-AABA-8B2F2741E112}" = lport=139 | protocol=6 | dir=in | app=system |
"{C080FC62-FFA7-4158-8843-8EC1CDCBA0F1}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{CFC4669E-4686-4B69-8EC9-6FDD366BA048}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{D342C71D-4FEF-46E0-A03F-9B3EABBC8CE3}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe |
"{DEE35F72-928C-4DDC-993A-550C2685A29D}" = rport=445 | protocol=6 | dir=out | app=system |
"{EEEBAE48-FCC0-43FE-BD9C-ECD3E43B26AB}" = rport=138 | protocol=17 | dir=out | app=system |
"{F4F789F5-8E5C-430D-A36C-CFCD3F11E9F1}" = lport=1900 | protocol=17 | dir=in | name=windows live communications platform (ssdp) |
"{F780AF82-18C6-449C-AF77-7F22EA8674E5}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |

========== Vista Active Application Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{0561EC3D-8744-4DAB-A8A9-CBBE860859F2}" = protocol=6 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{062E341C-A58C-4C2B-8D1C-2058387EB4FC}" = protocol=6 | dir=in | app=c:\program files (x86)\vuze\azureus.exe |
"{065B5912-AB59-4054-85F8-E2CC45B60A93}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{0D44F584-D66E-4C9C-8CD4-467AD196C2FB}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{1610D92C-143D-4381-BDC6-371974769E63}" = protocol=17 | dir=in | app=c:\program files\hp\hp deskjet 3050 j610 series\bin\devicesetup.exe |
"{16238889-FD09-4CC3-8AE9-A1DDD8ACC6AA}" = protocol=17 | dir=in | app=c:\program files (x86)\vuze\azureus.exe |
"{2468230B-7A96-4393-890F-9411395F975E}" = dir=in | app=c:\program files (x86)\windows live\mesh\moe.exe |
"{251C2430-7B4E-4596-BEC5-BB7B1CCB8ED4}" = protocol=17 | dir=in | app=c:\program files (x86)\raptr\raptr.exe |
"{2E77AC01-FF89-4AC2-9C89-02C2BFCC8194}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 |
"{38BEEAA9-28BD-4EBC-9BB5-19DA5F1E8E97}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{38E89A0E-3415-4868-9F12-B10CCFA678D2}" = protocol=6 | dir=in | app=c:\program files (x86)\giraffic\veoh_giraffic.exe |
"{464D103B-3612-4E2F-83FD-7F27D4856FBD}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{56B74252-37E3-4C30-840C-A737D07450BD}" = protocol=17 | dir=in | app=c:\program files\common files\mcafee\mcsvchost\mcsvhost.exe |
"{5BC7B79D-18E7-4247-8795-90FB2EC418E2}" = protocol=17 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{5F3845D8-CEBC-472D-8003-F76DDC3A48B0}" = protocol=17 | dir=in | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{70DB5790-1570-43D3-A7FD-89DEE3F39FAF}" = protocol=17 | dir=in | app=c:\program files (x86)\giraffic\veoh_giraffic.exe |
"{7CC04E41-6848-4D61-B21B-B34DABF7FEEB}" = protocol=6 | dir=in | app=c:\program files\hp\hp deskjet 3050 j610 series\bin\hpnetworkcommunicator.exe |
"{84CE6919-D64B-478C-84ED-DA66C0C53B45}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{8CFA2BEA-8536-4D7D-A40B-6F2AA76302FC}" = dir=in | app=c:\program files (x86)\windows live\contacts\wlcomm.exe |
"{8DABA407-E508-46EF-B9C5-EEE74347549E}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 |
"{9486E3FF-DF15-4983-86FE-1AF0E0EB0FF8}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
"{9EBF73A3-AC58-46D2-9ECC-AE20F9241913}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{9F803CAF-735B-4975-BDB9-5DDDADD2BCCF}" = protocol=6 | dir=in | app=c:\program files (x86)\raptr\raptr_im.exe |
"{AA40A295-DB43-4739-A24C-346810AF78A8}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{AFAEE58F-7194-4542-90CC-2D6FC179BCA2}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{B449608D-AD6F-42F4-B4DD-36B810D3A3FD}" = dir=in | app=c:\program files (x86)\windows live\messenger\msnmsgr.exe |
"{C4A199A7-E055-42BA-A4E2-68943599471E}" = protocol=17 | dir=in | app=c:\program files (x86)\giraffic\veoh_girafficwatchdog.exe |
"{CA4CE259-6F00-4ABD-94DA-B5CE98B44508}" = protocol=6 | dir=in | app=c:\program files\common files\mcafee\mcsvchost\mcsvhost.exe |
"{CD69AF1C-CAEB-4C8D-A738-DD6E60A84105}" = protocol=6 | dir=in | app=c:\program files (x86)\microsoft office\office12\onenote.exe |
"{CDC6046D-D389-4593-B0C0-39C9A97813D0}" = protocol=17 | dir=in | app=c:\program files (x86)\raptr\raptr_im.exe |
"{D41919B0-5995-4471-975A-2C95135153C4}" = protocol=6 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{DBB983FC-FE57-4E71-8F9A-51A75E8FFE4C}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 |
"{DCDF84B3-7F2D-45A8-A798-788649E6184F}" = protocol=6 | dir=in | app=c:\program files (x86)\giraffic\veoh_girafficwatchdog.exe |
"{E0E5574A-C284-42AF-A4B3-1C021DDC5D53}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 |
"{E3493439-ED6D-44D6-B87C-32187B81FC69}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{E856DB20-2EC8-4EC6-AAA7-F22C79C5E632}" = protocol=6 | dir=in | app=c:\program files\hp\hp deskjet 3050 j610 series\bin\devicesetup.exe |
"{ECEAFF03-0A1A-4169-9D73-F6AFB1BB0947}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{F01A838C-07C3-4BEA-AD81-9C3926A4E53F}" = protocol=17 | dir=in | app=c:\program files\hp\hp deskjet 3050 j610 series\bin\hpnetworkcommunicator.exe |
"{F3666B52-8BFB-475B-BDB9-D306C5155ACD}" = protocol=17 | dir=in | app=c:\program files (x86)\veoh networks\veohwebplayer\veohwebplayer.exe |
"{F5BF0708-FBCC-4BD5-A348-5A8B5F7E87DA}" = protocol=6 | dir=out | app=system |
"{F7513B6F-B265-42D7-8B71-8EAEE8F06999}" = protocol=6 | dir=in | app=c:\program files (x86)\raptr\raptr.exe |
"{FF18F664-9858-414C-9490-1F91CE1E14B8}" = protocol=6 | dir=in | app=c:\program files (x86)\veoh networks\veohwebplayer\veohwebplayer.exe |
"{FF6CF16E-A9F9-4859-A623-848EEC764EFD}" = protocol=17 | dir=in | app=c:\program files (x86)\microsoft office\office12\onenote.exe |

========== HKEY_LOCAL_MACHINE Uninstall List ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{0090A87C-3E0E-43D4-AA71-A71B06563A4A}" = Dell Support Center
"{071c9b48-7c32-4621-a0ac-3f809523288f}" = Microsoft Visual C++ 2005 Redistributable (x64)
"{1B8ABA62-74F0-47ED-B18C-A43128E591B8}" = Windows Live ID Sign-in Assistant
"{5EB6F3CB-46F4-451F-A028-7F6D8D35D7D0}" = Windows Live Language Selector
"{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161
"{650AF771-456D-418F-BFC7-F6FFC9D0235C}" = HP Deskjet 3050 J610 series Basic Device Software
"{656DEEDE-F6AC-47CA-A568-A1B4E34B5760}" = Windows Live Remote Service Resources
"{8220EEFE-38CD-377E-8595-13398D740ACE}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17
"{8338783A-0968-3B85-AFC7-BAAE0A63DC50}" = Microsoft Visual C++ 2008 Redistributable - KB2467174 - x64 9.0.30729.5570
"{847B0532-55E3-4AAF-8D7B-E3A1A7CD17E5}" = Windows Live Remote Client Resources
"{87CF757E-C1F1-4D22-865C-00C6950B5258}" = Quickset64
"{90120000-002A-0000-1000-0000000FF1CE}" = Microsoft Office Office 64-bit Components 2007
"{90120000-002A-0409-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit MUI (English) 2007
"{90120000-0116-0409-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2007
"{90140000-006D-0409-1000-0000000FF1CE}" = Microsoft Office Click-to-Run 2010
"{95120000-00B9-0409-1000-0000000FF1CE}" = Microsoft Application Error Reporting
"{aac9fcc4-dd9e-4add-901c-b5496a07ab2e}" = Microsoft Visual C++ 2005 Redistributable (x64) - KB2467175
"{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}" = Microsoft Visual C++ 2005 Redistributable (x64)
"{B6E3757B-5E77-3915-866A-CCFC4B8D194C}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x64 8.0.50727.4053
"{B9C3D27C-D72A-4F48-A0A4-8E1758219735}" = TEC-IT TBarCode Office 10
"{C73A3942-84C8-4597-9F9B-EE227DCBA758}" = Dell Dock
"{DA54F80E-261C-41A2-A855-549A144F2F59}" = Windows Live MIME IFilter
"{DF6D988A-EEA0-4277-AAB8-158E086E439B}" = Windows Live Remote Client
"{E02A6548-6FDE-40E2-8ED9-119D7D7E641F}" = Windows Live Remote Service
"{EE936C7A-EA40-31D5-9B65-8E3E089C3828}" = Microsoft Visual C++ 2008 ATL Update kb973924 - x64 9.0.30729.4148
"{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}" = Microsoft .NET Framework 4 Client Profile
"{FEB2C4AA-661E-483F-9626-21A8ACFD10F2}" = HP Deskjet 3050 J610 series Product Improvement Study
"Dell Support Center" = Dell Support Center
"DW WLAN Card Utility" = DW WLAN Card Utility
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"SynTPDeinstKey" = Synaptics Pointing Device Driver

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{052bac4a-6f79-46d4-a024-1ce1b4f73cd4}" = Microsoft Visual C++ 2005 Redistributable
"{0B0F231F-CE6A-483D-AA23-77B364F75917}" = Windows Live Installer
"{0ED7EE95-6A97-47AA-AD73-152C08A15B04}" = Dell DataSafe Local Backup
"{196BB40D-1578-3D01-B289-BEFC77A11A1E}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.30319
"{19BA08F7-C728-469C-8A35-BFBD3633BE08}" = Windows Live Movie Maker
"{1CAC7A41-583B-4483-9FA5-3E5465AFF8C2}" = Microsoft Default Manager
"{1F6AB0E7-8CDD-4B93-8A23-AA9EB2FEFCE4}" = Junk Mail filter update
"{200FEC62-3C34-4D60-9CE8-EC372E01C08F}" = Windows Live SOXE Definitions
"{26A24AE4-039D-4CA4-87B4-2F83216031FF}" = Java(TM) 6 Update 31
"{2902F983-B4C1-44BA-B85D-5C6D52E2C441}" = Windows Live Mesh ActiveX Control for Remote Connections
"{3336F667-9049-4D46-98B6-4C743EEBC5B1}" = Windows Live Photo Gallery
"{33CBA936-14BD-4FD9-9E67-9B94201BB6C7}" = TEC-IT TFORMer 7.0
"{34F4D9A4-42C2-4348-BEF4-E553C84549E7}" = Windows Live Photo Gallery
"{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}" = Intel(R) Rapid Storage Technology
"{3F15E203-BC3E-3597-84CD-EDF99546C917}" = Google Talk Plugin
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4CBABDFD-49F8-47FD-BE7D-ECDE7270525A}" = Windows Live PIMT Platform
"{50816F92-1652-4A7C-B9BC-48F682742C4B}" = Messenger Companion
"{51C7AD07-C3F6-4635-8E8A-231306D810FE}" = Cisco LEAP Module
"{5A3C1721-F8ED-11E0-8AFB-B8AC6F97B88E}" = Google Earth
"{61EDBE71-5D3E-4AB7-AD95-E53FEAF68C17}" = Bing Rewards Client Installer
"{64BF0187-F3D2-498B-99EA-163AF9AE6EC9}" = Cisco EAP-FAST Module
"{65153EA5-8B6E-43B6-857B-C6E4FC25798A}" = Intel(R) Management Engine Components
"{682B3E4F-696A-42DE-A41C-4C07EA1678B4}" = Windows Live SOXE
"{6A05FEDF-662E-46BF-8A25-010E3F1C9C69}" = Windows Live UX Platform Language Pack
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
"{787D1A33-A97B-4245-87C0-7174609A540C}" = HP Update
"{78A96B4C-A643-4D0F-98C2-A8E16A6669F9}" = Windows Live Messenger Companion Core
"{7DB9F1E5-9ACB-410D-A7DC-7A3D023CE045}" = Dell Getting Started Guide
"{80956555-A512-4190-9CAD-B000C36D6B6B}" = Windows Live Messenger
"{820B6609-4C97-3A2B-B644-573B06A0F0CC}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8C6D6116-B724-4810-8F2D-D047E6B7D68E}" = Mesh Runtime
"{8DD46C6A-0056-4FEC-B70A-28BB16A1F11F}" = MSVCRT
"{8FB53850-246A-3507-8ADE-0060093FFEA6}" = Visual Studio Tools for the Office system 3.0 Runtime
"{90120000-0016-0409-0000-0000000FF1CE}" = Microsoft Office Excel MUI (English) 2007
"{90120000-0016-0409-0000-0000000FF1CE}_HOMESTUDENTR_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0018-0409-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (English) 2007
"{90120000-0018-0409-0000-0000000FF1CE}_HOMESTUDENTR_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001B-0409-0000-0000000FF1CE}" = Microsoft Office Word MUI (English) 2007
"{90120000-001B-0409-0000-0000000FF1CE}_HOMESTUDENTR_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-0409-0000-0000000FF1CE}_HOMESTUDENTR_{1FF96026-A04A-4C3E-B50A-BB7022654D0F}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2007
"{90120000-001F-040C-0000-0000000FF1CE}_HOMESTUDENTR_{71F055E8-E2C6-4214-BB3D-BFE03561B89E}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-0C0A-0000-0000000FF1CE}" = Microsoft Office Proof (Spanish) 2007
"{90120000-001F-0C0A-0000-0000000FF1CE}_HOMESTUDENTR_{2314F9A1-126F-45CC-8A5E-DFAF866F3FBC}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-002A-0000-1000-0000000FF1CE}_HOMESTUDENTR_{664655D8-B9BB-455D-8A58-7EAF7B0B2862}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-002A-0409-1000-0000000FF1CE}_HOMESTUDENTR_{98333358-268C-4164-B6D4-C96DF5153727}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-002C-0409-0000-0000000FF1CE}" = Microsoft Office Proofing (English) 2007
"{90120000-006E-0409-0000-0000000FF1CE}" = Microsoft Office Shared MUI (English) 2007
"{90120000-006E-0409-0000-0000000FF1CE}_HOMESTUDENTR_{98333358-268C-4164-B6D4-C96DF5153727}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-00A1-0409-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (English) 2007
"{90120000-00A1-0409-0000-0000000FF1CE}_HOMESTUDENTR_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0115-0409-0000-0000000FF1CE}" = Microsoft Office Shared Setup Metadata MUI (English) 2007
"{90120000-0115-0409-0000-0000000FF1CE}_HOMESTUDENTR_{98333358-268C-4164-B6D4-C96DF5153727}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0116-0409-1000-0000000FF1CE}_HOMESTUDENTR_{98333358-268C-4164-B6D4-C96DF5153727}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90140011-0066-0409-0000-0000000FF1CE}" = Microsoft Office Starter 2010 - English
"{91120000-002F-0000-0000-0000000FF1CE}" = Microsoft Office Home and Student 2007
"{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{92EA4134-10D1-418A-91E1-5A0453131A38}" = Windows Live Movie Maker
"{95140000-0070-0000-0000-0000000FF1CE}" = Microsoft Office 2010
"{981029E0-7FC9-4CF3-AB39-6F133621921A}" = Skype Toolbars
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{9D56775A-93F3-44A3-8092-840E3826DE30}" = Windows Live Mail
"{A0C91188-C88F-4E86-93E6-CD7C9A266649}" = Windows Live Mesh
"{a0fe116e-9a8a-466f-aee0-625cb7c207e3}" = Microsoft Visual C++ 2005 Redistributable - KB2467175
"{A33E7B0C-B99C-4EC9-B702-8A328B161AF9}" = Roxio Burn
"{A726AE06-AAA3-43D1-87E3-70F510314F04}" = Windows Live Writer
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{A9668246-FB70-4103-A1E3-66C9BC2EFB49}" = Dell DataSafe Local Backup - Support Software
"{A9BDCA6B-3653-467B-AC83-94367DA3BFE3}" = Windows Live Photo Common
"{AAAFC670-569B-4A2F-82B4-42945E0DE3EF}" = Windows Live Writer
"{AAF454FC-82CA-4F29-AB31-6A109485E76E}" = Windows Live Writer
"{AC76BA86-7AD7-1033-7B44-A81200000003}" = Adobe Reader 8.1.2
"{B2E47DE7-800B-40BB-BD1F-9F221C3AEE87}" = Roxio Burn
"{C66824E4-CBB3-4851-BB3F-E8CFD6350923}" = Windows Live Mail
"{CE95A79E-E4FC-4FFF-8A75-29F04B942FF2}" = Windows Live UX Platform
"{D0B44725-3666-492D-BEF6-587A14BD9BD9}" = MSVCRT_amd64
"{D103C4BA-F905-437A-8049-DB24763BBE36}" = Skype™ 4.2
"{D436F577-1695-4D2F-8B44-AC76C99E0002}" = Windows Live Photo Common
"{D45240D3-B6B3-4FF9-B243-54ECE3E10066}" = Windows Live Communications Platform
"{DDC8BDEE-DCAC-404D-8257-3E8D4B782467}" = Windows Live Writer Resources
"{DECDCB7C-58CC-4865-91AF-627F9798FE48}" = Windows Live Mesh
"{DFC3E171-965F-4C07-AA42-05F6F5B7380B}_is1" = RAR Opener version 1.0
"{E09C4DB7-630C-4F06-A631-8EA7239923AF}" = D3DX10
"{EB4DF488-AAEF-406F-A341-CB2AAA315B90}" = Windows Live Messenger
"{ED5776D5-59B4-46B7-AF81-5F2D94D7C640}" = Cisco PEAP Module
"{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]
"{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}" = Intel(R) Graphics Media Accelerator Driver
"{F11DD279-BC82-4234-A8B8-AADCA1A8B308}" = Virtual Com for USB Driver V1.0.3
"{F7632A9B-661E-4FD9-B1A4-3B86BC99847F}" = HP Deskjet 3050 J610 series Help
"{F8A9085D-4C7A-41a9-8A77-C8998A96C421}" = Intel(R) Control Center
"{FE044230-9CA5-43F7-9B58-5AC5A28A1F33}" = Windows Live Essentials
"8461-7759-5462-8226" = Vuze
"Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin
"Advanced Audio FX Engine" = Advanced Audio FX Engine
"conduitEngine" = Conduit Engine
"Coupon Printer for Windows5.0.0.0" = Coupon Printer for Windows
"Dell Dock" = Dell Dock
"Dell Webcam Central" = Dell Webcam Central
"Giraffic" = Veoh Giraffic Video Accelerator
"HOMESTUDENTR" = Microsoft Office Home and Student 2007
"HP Photo Creations" = HP Photo Creations
"Malwarebytes' Anti-Malware_is1" = Malwarebytes Anti-Malware version 1.62.0.1300
"Mozilla Firefox 14.0.1 (x86 en-GB)" = Mozilla Firefox 14.0.1 (x86 en-GB)
"MozillaMaintenanceService" = Mozilla Maintenance Service
"NIS" = Norton Internet Security
"Office14.Click2Run" = Microsoft Office Click-to-Run 2010
"PartyPoker" = PartyPoker
"SmartDraw 2012" = SmartDraw 2012
"Visual Studio Tools for the Office system 3.0 Runtime" = Visual Studio Tools for the Office system 3.0 Runtime
"Vuze_Remote Toolbar" = Vuze Remote Toolbar
"WildTangent dell Master Uninstall" = WildTangent Games
"WinLiveSuite" = Windows Live Essentials
"Xvid_is1" = Xvid 1.2.1 final uninstall

========== HKEY_CURRENT_USER Uninstall List ==========

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"6019B71A5A75B58CE85C0186950C1D941142E4EC" = TECIT.TBarCode.ExcelAddIn
"F80C393CE1229535BC84582CD13B70388ABABEFC" = TECIT.TBarCode.WordAddIn
"Octoshape Streaming Services" = Octoshape Streaming Services
"William Hill CASINO CLUB" = William Hill CASINO CLUB

========== Last 20 Event Log Errors ==========

[ Application Events ]
Error - 6/22/2012 5:36:26 AM | Computer Name = aiden-PC | Source = EventSystem | ID = 4621
Description =

Error - 6/23/2012 4:58:25 PM | Computer Name = aiden-PC | Source = EventSystem | ID = 4621
Description =

Error - 6/24/2012 5:12:28 PM | Computer Name = aiden-PC | Source = EventSystem | ID = 4622
Description =

Error - 6/27/2012 4:59:07 PM | Computer Name = aiden-PC | Source = EventSystem | ID = 4621
Description =

Error - 6/29/2012 5:18:02 PM | Computer Name = aiden-PC | Source = EventSystem | ID = 4621
Description =

Error - 7/3/2012 9:52:21 AM | Computer Name = aiden-PC | Source = CVHSVC | ID = 100
Description = Information only. (Patch task for {90140011-0066-0409-0000-0000000FF1CE}):
DownloadLatest Failed: The operation timed out

Error - 7/3/2012 5:00:08 PM | Computer Name = aiden-PC | Source = EventSystem | ID = 4622
Description =

Error - 7/5/2012 4:02:19 PM | Computer Name = aiden-PC | Source = EventSystem | ID = 4621
Description =

Error - 7/5/2012 4:13:47 PM | Computer Name = aiden-PC | Source = CVHSVC | ID = 100
Description = Information only. (Patch task for {90140011-0066-0409-0000-0000000FF1CE}):
DownloadLatest Failed: The server name or address could not be resolved

Error - 7/5/2012 5:06:19 PM | Computer Name = aiden-PC | Source = EventSystem | ID = 4621
Description =

Error - 7/7/2012 5:08:22 PM | Computer Name = aiden-PC | Source = EventSystem | ID = 4621
Description =

[ Broadcom Wireless LAN Events ]
Error - 7/19/2012 4:26:44 AM | Computer Name = aiden-PC | Source = WLAN-Tray | ID = 0
Description = 09:26:44, Thu, Jul 19, 12 Error - P2P: Failed to set APSTA mode

Error - 7/19/2012 10:11:23 AM | Computer Name = aiden-PC | Source = WLAN-Tray | ID = 0
Description = 15:11:22, Thu, Jul 19, 12 Error - Unable to gain access to user store


Error - 7/21/2012 8:19:38 PM | Computer Name = aiden-PC | Source = WLAN-Tray | ID = 0
Description = 01:19:38, Sun, Jul 22, 12 Error - Unable to gain access to user store


Error - 7/22/2012 12:01:01 PM | Computer Name = aiden-PC | Source = WLAN-Tray | ID = 0
Description = 17:01:01, Sun, Jul 22, 12 Error - Unable to get current user admin
status

Error - 7/22/2012 12:10:38 PM | Computer Name = aiden-PC | Source = WLAN-Tray | ID = 0
Description = 17:10:38, Sun, Jul 22, 12 Error - Unable to get current user admin
status

Error - 7/22/2012 12:26:58 PM | Computer Name = aiden-PC | Source = WLAN-Tray | ID = 0
Description = 17:26:58, Sun, Jul 22, 12 Error - Unable to get current user admin
status

Error - 7/22/2012 1:42:58 PM | Computer Name = aiden-PC | Source = WLAN-Tray | ID = 0
Description = 18:42:58, Sun, Jul 22, 12 Error - Unable to get current user admin
status

Error - 7/23/2012 5:14:03 AM | Computer Name = aiden-PC | Source = WLAN-Tray | ID = 0
Description = 10:14:03, Mon, Jul 23, 12 Error - Unable to get current user admin
status

Error - 7/23/2012 5:15:47 AM | Computer Name = aiden-PC | Source = WLAN-Tray | ID = 0
Description = 10:15:47, Mon, Jul 23, 12 Error - Unable to get current user admin
status

Error - 7/23/2012 6:00:40 AM | Computer Name = aiden-PC | Source = WLAN-Tray | ID = 0
Description = 11:00:40, Mon, Jul 23, 12 Error - Unable to get current user admin
status

[ Dell Events ]
Error - 2/25/2011 7:37:34 PM | Computer Name = aiden-PC | Source = DataSafe | ID = 17
Description = The process was interrupted before completion.

Error - 3/8/2011 5:26:22 AM | Computer Name = aiden-PC | Source = DataSafe | ID = 17
Description = The process was interrupted before completion.

Error - 3/8/2011 5:26:22 AM | Computer Name = aiden-PC | Source = DataSafe | ID = 17
Description = The process was interrupted before completion.

Error - 5/18/2011 9:19:03 AM | Computer Name = aiden-PC | Source = DataSafe | ID = 17
Description = The process was interrupted before completion.

Error - 5/18/2011 9:19:03 AM | Computer Name = aiden-PC | Source = DataSafe | ID = 17
Description = The process was interrupted before completion.

Error - 9/1/2011 12:16:28 PM | Computer Name = aiden-PC | Source = DataSafe | ID = 17
Description = The process was interrupted before completion.

Error - 9/1/2011 12:16:28 PM | Computer Name = aiden-PC | Source = DataSafe | ID = 17
Description = The process was interrupted before completion.

Error - 11/10/2011 1:08:08 PM | Computer Name = aiden-PC | Source = DataSafe | ID = 17
Description = The process was interrupted before completion.

Error - 11/10/2011 1:08:08 PM | Computer Name = aiden-PC | Source = DataSafe | ID = 17
Description = The process was interrupted before completion.

Error - 11/13/2011 11:17:15 AM | Computer Name = aiden-PC | Source = DataSafe | ID = 17
Description = The process was interrupted before completion.

[ Media Center Events ]
Error - 5/10/2011 10:44:06 PM | Computer Name = aiden-PC | Source = MCUpdate | ID = 0
Description = 03:44:06 - Error connecting to the internet. 03:44:06 - Unable
to contact server..

Error - 5/10/2011 10:44:16 PM | Computer Name = aiden-PC | Source = MCUpdate | ID = 0
Description = 03:44:11 - Error connecting to the internet. 03:44:11 - Unable
to contact server..

Error - 5/10/2011 11:44:20 PM | Computer Name = aiden-PC | Source = MCUpdate | ID = 0
Description = 04:44:20 - Error connecting to the internet. 04:44:20 - Unable
to contact server..

Error - 5/10/2011 11:44:26 PM | Computer Name = aiden-PC | Source = MCUpdate | ID = 0
Description = 04:44:25 - Error connecting to the internet. 04:44:25 - Unable
to contact server..

Error - 5/11/2011 12:44:31 AM | Computer Name = aiden-PC | Source = MCUpdate | ID = 0
Description = 05:44:31 - Error connecting to the internet. 05:44:31 - Unable
to contact server..

Error - 5/11/2011 12:44:37 AM | Computer Name = aiden-PC | Source = MCUpdate | ID = 0
Description = 05:44:36 - Error connecting to the internet. 05:44:36 - Unable
to contact server..

Error - 5/11/2011 1:44:42 AM | Computer Name = aiden-PC | Source = MCUpdate | ID = 0
Description = 06:44:42 - Error connecting to the internet. 06:44:42 - Unable
to contact server..

Error - 5/11/2011 1:44:48 AM | Computer Name = aiden-PC | Source = MCUpdate | ID = 0
Description = 06:44:47 - Error connecting to the internet. 06:44:47 - Unable
to contact server..

[ System Events ]
Error - 7/23/2012 7:10:42 AM | Computer Name = aiden-PC | Source = Service Control Manager | ID = 7003
Description = The IKE and AuthIP IPsec Keying Modules service depends the following
service: BFE. This service might not be installed.

Error - 7/23/2012 7:10:42 AM | Computer Name = aiden-PC | Source = Service Control Manager | ID = 7003
Description = The IPsec Policy Agent service depends the following service: BFE.
This service might not be installed.

Error - 7/23/2012 7:10:42 AM | Computer Name = aiden-PC | Source = Service Control Manager | ID = 7001
Description = The Client Virtualization Handler service depends on the Application
Virtualization Client service which failed to start because of the following error:
%%1068

Error - 7/23/2012 7:10:45 AM | Computer Name = aiden-PC | Source = Service Control Manager | ID = 7026
Description = The following boot-start or system-start driver(s) failed to load:
BHDrvx64 discache eeCtrl IDSVia64 spldr SRTSPX SymIRON SymNetS Wanarpv6

Error - 7/23/2012 7:10:51 AM | Computer Name = aiden-PC | Source = DCOM | ID = 10005
Description =

Error - 7/23/2012 7:10:58 AM | Computer Name = aiden-PC | Source = DCOM | ID = 10005
Description =

Error - 7/23/2012 7:11:00 AM | Computer Name = aiden-PC | Source = DCOM | ID = 10005
Description =

Error - 7/23/2012 7:11:00 AM | Computer Name = aiden-PC | Source = DCOM | ID = 10005
Description =

Error - 7/23/2012 7:11:00 AM | Computer Name = aiden-PC | Source = Service Control Manager | ID = 7001
Description = The HomeGroup Provider service depends on the Function Discovery Provider
Host service which failed to start because of the following error: %%1068

Error - 7/23/2012 7:11:01 AM | Computer Name = aiden-PC | Source = Microsoft-Windows-WLAN-AutoConfig | ID = 10000
Description = WLAN Extensibility Module has failed to start. Module Path: C:\Windows\System32\bcmihvsrv64.dll
Error
Code: 21


< End of report >
Hi guys
Forgive my ignorance but I have a very limited knowlege of this area.How does one interpret this log?I scan my laptop with MSE and MBAM and run an adware extension on Google Chrome.Am I to understand that MBAM failed to remove adware(no action taken)?Where is it indicated that there is trojan virus???I have now installed OTL,superantispyware,cCleaner?Overkill?Not entirely sure what I should and should not do with them????
seligehgit is offline  
Advertisement
25-07-2012, 14:06   #10
ASJ112
Banned
 
Join Date: Jan 2010
Posts: 1,155
You need to tell MBAM to fix the things it finds


Quote:
I have now installed OTL,superantispyware,cCleaner?Overkill?Not entirely sure what I should and should not do with them????
You don't need OTL. With the others just run them once every few weeks. If they find anything let them fix it.
ASJ112 is offline  
25-07-2012, 17:05   #11
seligehgit
Registered User
 
seligehgit's Avatar
 
Join Date: Nov 2007
Location: Hoth
Posts: 1,655
I realise that but I understand from the OP that MBAM failed to remove these suspicious programs after been instructed?
seligehgit is offline  
25-07-2012, 17:22   #12
ASJ112
Banned
 
Join Date: Jan 2010
Posts: 1,155
No it did remove the malware it found, the user just waited to confirm it with me before clicking Fix, which is why it shows up in the log as No action taken.
ASJ112 is offline  
Thanks from:
29-07-2012, 22:56   #13
RUCKING FETARD
Closed Account
 
Join Date: Jun 2012
Posts: 1,432
What sites are people picking up these viruses from???
RUCKING FETARD is offline  
01-08-2012, 00:59   #14
Mum4Stressed
Registered User
 
Join Date: Aug 2012
Posts: 1
It not people it's kids going on to things because it says it's FREE. Spent the last 4 hours trying to delete it out of my Reg. Kids are not grounded with no TV or computer. Humf
Mum4Stressed is offline  
Post Reply

Quick Reply
Message:
Remove Text Formatting
Bold
Italic
Underline

Insert Image
Wrap [QUOTE] tags around selected text
 
Decrease Size
Increase Size
Please sign up or log in to join the discussion

Thread Tools Search this Thread
Search this Thread:

Advanced Search



Share Tweet