Computer very slow

Peadar06 · 04-09-2013 8:10pm #1

Hi,

Ran OLT and got this but don't know what to do now.

OLT.exe

OTL logfile created on: 04/09/2013 19:55:55 - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Documents and Settings\Eddie Doyle\My Documents\Downloads
Windows XP Media Center Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 7.0.5730.11)
Locale: 00001809 | Country: Ireland | Language: ENI | Date Format: dd/MM/yyyy

1022.07 Mb Total Physical Memory | 217.63 Mb Available Physical Memory | 21.29% Memory free
2.40 Gb Paging File | 1.60 Gb Available in Paging File | 66.73% Paging File free
Paging file location(s): C:\pagefile.sys 1536 3072 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 144.30 Gb Total Space | 92.97 Gb Free Space | 64.43% Space Free | Partition Type: NTFS

Computer Name: DDRK132J | User Name: Eddie Doyle | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2013/09/04 19:55:44 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Eddie Doyle\My Documents\Downloads\OTL.exe
PRC - [2013/09/04 19:50:37 | 000,059,964 | ---- | M] (Macrovision Europe Ltd.) -- C:\Documents and Settings\Eddie Doyle\Local Settings\Temp\clclean.0001
PRC - [2013/09/02 21:35:59 | 000,829,392 | ---- | M] (Google Inc.) -- C:\Program Files\Google\Chrome\Application\chrome.exe
PRC - [2013/05/25 01:47:30 | 027,776,968 | ---- | M] (Dropbox, Inc.) -- C:\Documents and Settings\Eddie Doyle\Application Data\Dropbox\bin\Dropbox.exe
PRC - [2013/02/27 17:38:44 | 001,259,568 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG2012\avgnsx.exe
PRC - [2013/02/05 16:48:44 | 000,272,248 | ---- | M] (McAfee, Inc.) -- C:\Program Files\McAfee Security Scan\3.0.318\SSScheduler.exe
PRC - [2012/12/05 04:44:54 | 002,321,560 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG2012\avgfws.exe
PRC - [2012/11/19 18:25:32 | 002,598,520 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG2012\avgtray.exe
PRC - [2012/11/08 04:51:06 | 000,768,632 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG2012\avgrsx.exe
PRC - [2012/11/02 04:51:18 | 005,174,392 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG2012\avgidsagent.exe
PRC - [2012/08/23 11:31:24 | 001,532,280 | ---- | M] (AVG) -- C:\Program Files\AVG\AVG PC TuneUp\TuneUpUtilitiesService32.exe
PRC - [2012/08/23 11:31:24 | 001,222,008 | ---- | M] (AVG) -- C:\Program Files\AVG\AVG PC TuneUp\TuneUpUtilitiesApp32.exe
PRC - [2012/02/14 04:53:38 | 000,193,288 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG2012\avgwdsvc.exe
PRC - [2012/02/14 04:52:38 | 000,338,784 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG2012\avgcsrvx.exe
PRC - [2010/10/05 18:58:12 | 000,488,968 | ---- | M] (RealNetworks, Inc.) -- C:\Program Files\Real\RealPlayer\realplay.exe
PRC - [2010/10/05 18:58:08 | 000,202,256 | ---- | M] (RealNetworks, Inc.) -- C:\Program Files\Common Files\Real\Update_OB\realsched.exe
PRC - [2009/05/21 10:55:32 | 000,206,064 | ---- | M] (SupportSoft, Inc.) -- C:\Program Files\Dell Support Center\bin\sprtcmd.exe
PRC - [2009/02/13 07:00:00 | 000,199,680 | ---- | M] (SEIKO EPSON CORPORATION) -- C:\WINDOWS\system32\spool\drivers\w32x86\3\E_FATIFME.EXE
PRC - [2008/08/13 18:32:40 | 000,201,968 | ---- | M] (SupportSoft, Inc.) -- C:\Program Files\Dell Support Center\bin\sprtsvc.exe
PRC - [2008/04/14 01:12:19 | 001,033,728 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
PRC - [2007/03/15 11:09:36 | 000,460,784 | ---- | M] (Gteko Ltd.) -- C:\Program Files\DellSupport\DSAgnt.exe
PRC - [2006/02/06 19:44:11 | 000,069,632 | ---- | M] (Creative Labs) -- C:\Program Files\Common Files\Creative Labs Shared\Service\CreativeLicensing.exe
PRC - [2005/09/23 22:05:26 | 000,029,696 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
PRC - [2005/09/19 08:42:06 | 001,159,168 | ---- | M] (Andrea Electronics Corporation) -- C:\Program Files\Creative\VoiceCenter\AndreaVC.exe
PRC - [2005/09/15 10:47:22 | 000,057,344 | ---- | M] (Creative Technology Ltd) -- C:\Program Files\Creative\SBAudigy\Surround Mixer\CTSysVol.exe
PRC - [2005/09/08 06:20:00 | 000,122,940 | ---- | M] (Sonic Solutions) -- C:\WINDOWS\system32\DLA\DLACTRLW.EXE
PRC - [2005/08/31 12:06:18 | 000,106,496 | ---- | M] (Corel, Inc.) -- C:\Program Files\Corel\Corel Photo Album 6\MediaDetect.exe
PRC - [2005/07/22 08:45:16 | 000,430,080 | ---- | M] (Dell) -- C:\Program Files\Dell Photo AIO Printer 944\dlcdmon.exe
PRC - [2005/06/21 09:19:38 | 000,491,520 | ---- | M] () -- C:\WINDOWS\system32\dlcdcoms.exe
PRC - [2005/03/23 01:20:44 | 000,339,968 | ---- | M] (SigmaTel, Inc.) -- C:\WINDOWS\stsystra.exe
PRC - [2004/12/02 19:23:34 | 000,102,400 | ---- | M] (Creative Technology Ltd) -- C:\Program Files\Creative\MediaSource\Detector\CTDetect.exe

========== Modules (No Company Name) ==========

MOD - [2013/09/04 19:50:37 | 000,697,884 | ---- | M] () -- C:\Documents and Settings\Eddie Doyle\Local Settings\Temp\clclean.0001.dir.0005\~df394b.tmp
MOD - [2013/09/02 21:35:56 | 000,410,576 | ---- | M] () -- C:\Program Files\Google\Chrome\Application\29.0.1547.66\ppgooglenaclpluginchrome.dll
MOD - [2013/09/02 21:35:55 | 013,599,184 | ---- | M] () -- C:\Program Files\Google\Chrome\Application\29.0.1547.66\PepperFlash\pepflashplayer.dll
MOD - [2013/09/02 21:35:54 | 004,053,456 | ---- | M] () -- C:\Program Files\Google\Chrome\Application\29.0.1547.66\pdf.dll
MOD - [2013/09/02 21:35:01 | 001,604,560 | ---- | M] () -- C:\Program Files\Google\Chrome\Application\29.0.1547.66\ffmpegsumo.dll
MOD - [2013/03/13 21:48:52 | 024,978,944 | ---- | M] () -- C:\Documents and Settings\Eddie Doyle\Application Data\Dropbox\bin\libcef.dll
MOD - [2012/11/14 00:32:50 | 003,558,400 | ---- | M] () -- C:\Documents and Settings\Eddie Doyle\Application Data\Dropbox\bin\wxmsw28uh_vc.dll
MOD - [2012/04/15 15:06:07 | 005,640,192 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Xml\d323ae2c73a139469bee0f4775b1011b\System.Xml.ni.dll
MOD - [2012/04/15 15:05:16 | 008,093,696 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System\2f7626c2764d624b96008aaa7a77d824\System.ni.dll
MOD - [2012/04/15 15:04:48 | 011,411,456 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\mscorlib\88d80a44c621044ea44d87326b70b852\mscorlib.ni.dll
MOD - [2011/11/02 00:26:32 | 000,087,912 | ---- | M] () -- C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
MOD - [2011/11/02 00:26:12 | 001,242,472 | ---- | M] () -- C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll
MOD - [2010/10/05 18:59:31 | 000,040,960 | ---- | M] () -- C:\Documents and Settings\All Users\Application Data\Real\RealPlayer\BrowserRecordPlugin\Chrome\Hook\rpchromebrowserrecordhelper.dll
MOD - [2008/12/20 23:14:38 | 001,288,192 | ---- | M] () -- C:\WINDOWS\system32\quartz.dll
MOD - [2008/11/03 22:19:23 | 002,326,528 | ---- | M] () -- c:\WINDOWS\assembly\NativeImages1_v1.1.4322\EhCM\6.0.3000.0__31bf3856ad364e35_e1a06a1e\EhCM.dll
MOD - [2008/11/03 22:19:12 | 001,302,528 | ---- | M] () -- c:\WINDOWS\assembly\NativeImages1_v1.1.4322\ehepg\6.0.3000.0__31bf3856ad364e35_572d0778\ehepg.dll
MOD - [2008/11/03 22:18:52 | 000,565,248 | ---- | M] () -- c:\WINDOWS\assembly\NativeImages1_v1.1.4322\ehiProxy\6.0.3000.0__31bf3856ad364e35_821fd25e\ehiProxy.dll
MOD - [2008/11/03 22:18:43 | 000,167,936 | ---- | M] () -- c:\WINDOWS\assembly\NativeImages1_v1.1.4322\ehepgdat\6.0.3000.0__31bf3856ad364e35_720dab11\ehepgdat.dll
MOD - [2008/11/03 22:18:36 | 000,159,744 | ---- | M] () -- c:\WINDOWS\assembly\NativeImages1_v1.1.4322\ehCIR\6.0.3000.0__31bf3856ad364e35_2f6143d1\ehCIR.dll
MOD - [2008/11/03 22:18:33 | 000,684,032 | ---- | M] () -- c:\WINDOWS\assembly\NativeImages1_v1.1.4322\ehRecObj\6.0.3000.0__31bf3856ad364e35_f0859860\ehRecObj.dll
MOD - [2008/04/14 01:12:03 | 000,192,512 | ---- | M] () -- C:\WINDOWS\system32\qcap.dll
MOD - [2008/04/14 01:11:59 | 000,014,336 | ---- | M] () -- C:\WINDOWS\system32\msdmo.dll
MOD - [2008/04/14 01:11:51 | 000,059,904 | ---- | M] () -- C:\WINDOWS\system32\devenum.dll
MOD - [2007/07/11 15:04:33 | 003,391,488 | ---- | M] () -- c:\WINDOWS\assembly\NativeImages1_v1.1.4322\mscorlib\1.0.5000.0__b77a5c561934e089_c3deb190\mscorlib.dll
MOD - [2007/07/11 15:04:04 | 001,966,080 | ---- | M] () -- c:\WINDOWS\assembly\NativeImages1_v1.1.4322\System\1.0.5000.0__b77a5c561934e089_1d458190\System.dll
MOD - [2005/08/16 22:02:52 | 000,066,560 | ---- | M] () -- c:\WINDOWS\assembly\GAC\System.EnterpriseServices\1.0.5000.0__b03f5f7f11d50a3a\system.enterpriseservices.thunk.dll
MOD - [2005/08/05 15:01:54 | 000,282,112 | ---- | M] () -- C:\WINDOWS\system32\sbe.dll
MOD - [2005/06/21 09:22:06 | 000,483,328 | ---- | M] () -- C:\WINDOWS\system32\dlcdlmpm.dll
MOD - [2005/06/21 09:19:38 | 000,491,520 | ---- | M] () -- C:\WINDOWS\system32\dlcdcoms.exe
MOD - [2005/06/21 09:18:24 | 000,155,648 | ---- | M] () -- C:\WINDOWS\system32\dlcdprox.dll
MOD - [2005/06/06 04:59:00 | 000,065,536 | ---- | M] () -- C:\Program Files\Dell Photo AIO Printer 944\dlcdcfg.dll
MOD - [2005/05/19 09:54:00 | 001,345,520 | ---- | M] () -- C:\WINDOWS\system32\CTMBHA.DLL
MOD - [2005/04/28 02:43:08 | 000,122,880 | ---- | M] () -- C:\Program Files\Dell Photo AIO Printer 944\dlcddrec.dll
MOD - [2003/03/20 17:11:02 | 000,073,728 | ---- | M] () -- C:\Program Files\Creative\VoiceCenter\AEWave.ax

========== Services (SafeList) ==========

SRV - File not found [Disabled | Stopped] -- %SystemRoot%\System32\hidserv.dll -- (HidServ)
SRV - File not found [Auto | Stopped] -- C:\WINDOWS\system32\2014298250u.exe srv -- (ClipSrvSharedAccess)
SRV - [2013/08/30 19:05:46 | 000,257,416 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2013/02/05 16:48:00 | 000,235,216 | ---- | M] (McAfee, Inc.) [On_Demand | Stopped] -- C:\Program Files\McAfee Security Scan\3.0.318\McCHSvc.exe -- (McComponentHostService)
SRV - [2012/12/05 04:44:54 | 002,321,560 | ---- | M] (AVG Technologies CZ, s.r.o.) [Auto | Running] -- C:\Program Files\AVG\AVG2012\avgfws.exe -- (avgfws)
SRV - [2012/11/02 04:51:18 | 005,174,392 | ---- | M] (AVG Technologies CZ, s.r.o.) [Auto | Running] -- C:\Program Files\AVG\AVG2012\avgidsagent.exe -- (AVGIDSAgent)
SRV - [2012/08/23 11:31:24 | 001,532,280 | ---- | M] (AVG) [Auto | Running] -- C:\Program Files\AVG\AVG PC TuneUp\TuneUpUtilitiesService32.exe -- (TuneUp.UtilitiesSvc)
SRV - [2012/02/14 04:53:38 | 000,193,288 | ---- | M] (AVG Technologies CZ, s.r.o.) [Auto | Running] -- C:\Program Files\AVG\AVG2012\avgwdsvc.exe -- (avgwd)
SRV - [2008/08/13 18:32:40 | 000,201,968 | ---- | M] (SupportSoft, Inc.) [Auto | Running] -- C:\Program Files\Dell Support Center\bin\sprtsvc.exe -- (sprtsvc_dellsupportcenter)
SRV - [2007/03/07 15:47:46 | 000,076,848 | ---- | M] () [On_Demand | Stopped] -- C:\Program Files\DellSupport\brkrsvc.exe -- (DSBrokerService)
SRV - [2006/02/06 19:44:11 | 000,069,632 | ---- | M] (Creative Labs) [On_Demand | Running] -- C:\Program Files\Common Files\Creative Labs Shared\Service\CreativeLicensing.exe -- (Creative Labs Licensing Service)
SRV - [2005/06/21 09:19:38 | 000,491,520 | ---- | M] () [On_Demand | Running] -- C:\WINDOWS\system32\dlcdcoms.exe -- (dlcd_device)

========== Driver Services (SafeList) ==========

DRV - File not found [Kernel | On_Demand | Stopped] -- -- (WDICA)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDRFRAME)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDRELI)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDFRAME)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDCOMP)
DRV - File not found [Kernel | System | Stopped] -- -- (PCIDump)
DRV - File not found [Kernel | System | Stopped] -- -- (lbrtfdc)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\ewusbmdm.sys -- (hwdatacard)
DRV - File not found [Kernel | System | Stopped] -- -- (Changer)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (bvrp_pci)
DRV - [2013/04/11 03:18:40 | 000,302,368 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\avgtdix.sys -- (Avgtdix)
DRV - [2012/12/10 04:28:36 | 000,142,176 | ---- | M] (AVG Technologies CZ, s.r.o. ) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\avgidsdriverx.sys -- (AVGIDSDriver)
DRV - [2012/11/08 04:49:26 | 000,250,080 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\avgldx86.sys -- (Avgldx86)
DRV - [2012/07/04 15:26:12 | 000,010,088 | ---- | M] (TuneUp Software) [Kernel | On_Demand | Running] -- C:\Program Files\AVG\AVG PC TuneUp\TuneUpUtilitiesDriver32.sys -- (TuneUpUtilitiesDrv)
DRV - [2012/04/19 04:50:26 | 000,024,896 | ---- | M] (AVG Technologies CZ, s.r.o. ) [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\avgidshx.sys -- (AVGIDSHX)
DRV - [2012/01/31 04:46:50 | 000,031,952 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | Boot | Running] -- C:\WINDOWS\system32\drivers\avgrkx86.sys -- (Avgrkx86)
DRV - [2012/01/12 19:52:06 | 000,030,944 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\avgfwdx.sys -- (Avgfwfd)
DRV - [2012/01/12 19:52:06 | 000,030,944 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\avgfwdx.sys -- (Avgfwdx)
DRV - [2011/12/23 13:32:14 | 000,041,040 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | System | Running] -- C:\WINDOWS\system32\drivers\avgmfx86.sys -- (Avgmfx86)
DRV - [2011/12/23 13:32:08 | 000,017,232 | ---- | M] (AVG Technologies CZ, s.r.o. ) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\avgidsshimx.sys -- (AVGIDSShim)
DRV - [2011/12/23 13:32:06 | 000,024,144 | ---- | M] (AVG Technologies CZ, s.r.o. ) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\avgidsfilterx.sys -- (AVGIDSFilter)
DRV - [2011/08/02 18:38:44 | 000,018,432 | ---- | M] (Apple Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\netaapl.sys -- (Netaapl)
DRV - [2010/05/25 09:14:34 | 000,024,880 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\OXUDIDRV_x32.sys -- (OXUDIDRV)
DRV - [2009/09/28 09:55:38 | 000,052,656 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\OXSDIDRV_x32.sys -- (OXSDIDRV_x32)
DRV - [2009/06/15 07:18:26 | 000,000,000 | ---- | M] () [Kernel | System | Stopped] -- C:\WINDOWS\system32\drivers\glaide32.sys -- (glaide32)
DRV - [2007/02/25 12:10:48 | 000,005,376 | --S- | M] (Gteko Ltd.) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\dsunidrv.sys -- (dsunidrv)
DRV - [2006/10/05 16:07:28 | 000,004,736 | ---- | M] (Gteko Ltd.) [Kernel | On_Demand | Running] -- C:\Program Files\DellSupport\GTAction\triggers\DSproct.sys -- (DSproct)
DRV - [2005/09/22 19:19:54 | 000,148,608 | ---- | M] (Hauppauge Computer Works, Inc.) [23|25|26]xxx) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\hcwPP2.sys -- (hcwPP2)
DRV - [2005/09/08 06:20:00 | 000,094,332 | ---- | M] (Sonic Solutions) [File_System | Auto | Running] -- C:\WINDOWS\system32\DLA\DLAUDFAM.SYS -- (DLAUDFAM)
DRV - [2005/09/08 06:20:00 | 000,087,036 | ---- | M] (Sonic Solutions) [File_System | Auto | Running] -- C:\WINDOWS\system32\DLA\DLAUDF_M.SYS -- (DLAUDF_M)
DRV - [2005/09/08 06:20:00 | 000,086,524 | ---- | M] (Sonic Solutions) [File_System | Auto | Running] -- C:\WINDOWS\system32\DLA\DLAIFS_M.SYS -- (DLAIFS_M)
DRV - [2005/09/08 06:20:00 | 000,025,628 | ---- | M] (Sonic Solutions) [File_System | Auto | Running] -- C:\WINDOWS\system32\DLA\DLABOIOM.SYS -- (DLABOIOM)
DRV - [2005/09/08 06:20:00 | 000,014,684 | ---- | M] (Sonic Solutions) [File_System | Auto | Running] -- C:\WINDOWS\system32\DLA\DLAOPIOM.SYS -- (DLAOPIOM)
DRV - [2005/09/08 06:20:00 | 000,006,364 | ---- | M] (Sonic Solutions) [File_System | Auto | Running] -- C:\WINDOWS\system32\DLA\DLAPoolM.SYS -- (DLAPoolM)
DRV - [2005/09/08 06:20:00 | 000,002,496 | ---- | M] (Sonic Solutions) [File_System | Auto | Running] -- C:\WINDOWS\system32\DLA\DLADResN.SYS -- (DLADResN)
DRV - [2005/08/25 13:16:52 | 000,005,628 | ---- | M] (Sonic Solutions) [File_System | System | Running] -- C:\WINDOWS\system32\drivers\DLACDBHM.SYS -- (DLACDBHM)
DRV - [2005/08/25 13:16:16 | 000,022,684 | ---- | M] (Sonic Solutions) [File_System | System | Running] -- C:\WINDOWS\system32\drivers\DLARTL_N.SYS -- (DLARTL_N)
DRV - [2005/08/04 05:10:18 | 001,273,344 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ati2mtag.sys -- (ati2mtag)
DRV - [2005/06/06 22:40:48 | 000,180,736 | ---- | M] (SigmaTel, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\sthda.sys -- (STHDA)
DRV - [2005/05/25 23:34:00 | 000,158,464 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\CTUSFSYN.SYS -- (CTUSFSYN)
DRV - [2005/03/25 17:11:00 | 001,350,272 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\sigfilt.sys -- (sigfilt)
DRV - [2005/01/11 01:15:00 | 000,138,752 | ---- | M] (Creative Technology Ltd) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\CTSFM2K.SYS -- (ctsfm2k)
DRV - [2005/01/11 01:15:00 | 000,106,496 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\CTOSS2K.SYS -- (ossrv)
DRV - [2004/06/16 04:52:40 | 000,061,157 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\IntelC53.sys -- (IntelC53)
DRV - [2004/03/06 05:15:34 | 000,647,929 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\IntelC52.sys -- (IntelC52)
DRV - [2004/03/06 05:14:42 | 001,233,525 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\IntelC51.sys -- (IntelC51)
DRV - [2004/03/06 05:13:38 | 000,037,048 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\mohfilt.sys -- (mohfilt)

========== Standard Registry (SafeList) ==========

========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm
IE - HKLM\..\SearchScopes,DefaultScope = {CCC7A320-B3CA-4199-B1A6-9F516DD69829}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://search.live.com/results.aspx?q={searchTerms}&src={referrer:source?}
IE - HKLM\..\SearchScopes\{CCC7A320-B3CA-4199-B1A6-9F516DD69829}: "URL" = http://us.yhs.search.yahoo.com/avg/search?fr=yhs-avg-chrome&type=yahoo_avg_hs2-tb-web_chrome_us&p={searchTerms}

IE - HKU\.DEFAULT\..\URLSearchHook: {A3BC75A2-1F87-4686-AA43-5347D756017C} - No CLSID value found
IE - HKU\.DEFAULT\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKU\.DEFAULT\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://search.live.com/results.aspx?q={searchTerms}&src={referrer:source?}
IE - HKU\.DEFAULT\..\SearchScopes\{CCC7A320-B3CA-4199-B1A6-9F516DD69829}: "URL" = http://us.yhs.search.yahoo.com/avg/search?fr=yhs-avg-chrome&type=yahoo_avg_hs2-tb-web_chrome_us&p={searchTerms}
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-18\..\URLSearchHook: {A3BC75A2-1F87-4686-AA43-5347D756017C} - No CLSID value found
IE - HKU\S-1-5-18\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKU\S-1-5-18\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://search.live.com/results.aspx?q={searchTerms}&src={referrer:source?}
IE - HKU\S-1-5-18\..\SearchScopes\{CCC7A320-B3CA-4199-B1A6-9F516DD69829}: "URL" = http://us.yhs.search.yahoo.com/avg/search?fr=yhs-avg-chrome&type=yahoo_avg_hs2-tb-web_chrome_us&p={searchTerms}
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-21-750408315-799292127-717486286-1005\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://home.iol.ie
IE - HKU\S-1-5-21-750408315-799292127-717486286-1005\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.google.com/ie
IE - HKU\S-1-5-21-750408315-799292127-717486286-1005\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = http://www.google.com/ie
IE - HKU\S-1-5-21-750408315-799292127-717486286-1005\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.google.com
IE - HKU\S-1-5-21-750408315-799292127-717486286-1005\SOFTWARE\Microsoft\Internet Explorer\Main,SearchMigratedDefaultName = Yahoo! Search
IE - HKU\S-1-5-21-750408315-799292127-717486286-1005\SOFTWARE\Microsoft\Internet Explorer\Main,SearchMigratedDefaultURL = http://search.yahoo.com/search?p={searchTerms}&ei=utf-8&fr=b1ie7
IE - HKU\S-1-5-21-750408315-799292127-717486286-1005\SOFTWARE\Microsoft\Internet Explorer\Main,Secondary Start Pages = http://www.google.ie/ [binary data]
IE - HKU\S-1-5-21-750408315-799292127-717486286-1005\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://home.iol.ie/
IE - HKU\S-1-5-21-750408315-799292127-717486286-1005\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL = http://www.google.com/ie
IE - HKU\S-1-5-21-750408315-799292127-717486286-1005\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.google.com/ie
IE - HKU\S-1-5-21-750408315-799292127-717486286-1005\..\SearchScopes,DefaultScope = {95B7759C-8C7F-4BF1-B163-73684A933233}
IE - HKU\S-1-5-21-750408315-799292127-717486286-1005\..\SearchScopes\{0CED612F-BB67-47B4-82FA-3EF8844BA4D9}: "URL" = http://search.live.com/results.aspx?q={searchTerms}&src={referrer:source?}
IE - HKU\S-1-5-21-750408315-799292127-717486286-1005\..\SearchScopes\{0D33735F-1B1C-4234-A10F-AE9E5C06DF27}: "URL" = http://www.google.com/search?q={searchTerms}&sourceid=ie7&rls=com.microsoft:en-US&ie=utf8&oe=utf8
IE - HKU\S-1-5-21-750408315-799292127-717486286-1005\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.com/search?q={sear
IE - HKU\S-1-5-21-750408315-799292127-717486286-1005\..\SearchScopes\{95B7759C-8C7F-4BF1-B163-73684A933233}: "URL" = http://isearch.avg.com/search?cid={5EBB6C6C-A61D-485B-9BA2-B8E57EF116E5}&mid=536eee8f59e782060cada498709fad2f-415bc378eae34b742cd0a550d9649e5cffba64f6&lang=us&ds=AVG&pr=pa&d=2011-12-03 15:47:15&v=10.0.0.7&sap=dsp&q={searchTerms}
IE - HKU\S-1-5-21-750408315-799292127-717486286-1005\..\SearchScopes\{F3DA1C21-B22D-40A8-91F9-52314F30CE99}: "URL" = http://search.yahoo.com/search?p={searchTerms}&ei=utf-8&fr=b1ie7
IE - HKU\S-1-5-21-750408315-799292127-717486286-1005\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-750408315-799292127-717486286-1005\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local;<local>

========== FireFox ==========

FF - prefs.js..browser.search.defaultenginename: "AVG Secure Search"
FF - prefs.js..browser.search.selectedEngine: "AVG Secure Search"
FF - prefs.js..extensions.enabledItems: jqs@sun.com:1.0
FF - prefs.js..extensions.enabledItems: {ABDE892B-13A8-4d1b-88E6-365A6E755758}:1.1.5
FF - prefs.js..extensions.enabledItems: {AB2CE124-6272-4b12-94A9-7303C7397BD1}:5.0.0.6906
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}:6.0.22
FF - prefs.js..extensions.enabledItems: avg@igeared:6.103.018.001
FF - prefs.js..keyword.URL: "http://search.avg.com/route/?d=4bfe625d&v=6.103.018.001&i=26&tp=ab&iy=&ychte=us&lng=en-GB&q="
FF - prefs.js..network.proxy.no_proxies_on: "localho,t,127.0.0.1,*.local"
FF - prefs.js..network.proxy.type: 1
FF - user.js - File not found

FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\WINDOWS\system32\Macromed\Flash\NPSWF32_11_8_800_94.dll ()
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@google.com/npPicasa3,version=3.0.0: C:\Program Files\Google\Picasa3\npPicasa3.dll (Google, Inc.)
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.25.2: C:\WINDOWS\system32\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre7\bin\new_plugin\npjp2.dll File not found
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.25.2: C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@mcafee.com/McAfeeMssPlugin: C:\Program Files\McAfee Security Scan\3.0.318\npMcAfeeMss.dll (McAfee, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nppl3260;version=6.0.12.775: C:\Program Files\Real\RealPlayer\Netscape6\nppl3260.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprjplug;version=1.0.3.775: C:\Program Files\Real\RealPlayer\Netscape6\nprjplug.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprphtml5videoshim;version=1.0.0.0: C:\Documents and Settings\All Users\Application Data\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprpjplug;version=6.0.12.775: C:\Program Files\Real\RealPlayer\Netscape6\nprpjplug.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nsJSRealPlayerPlugin;version=: File not found
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.21.153\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.21.153\npGoogleUpdate3.dll (Google Inc.)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\extensions\\{ABDE892B-13A8-4d1b-88E6-365A6E755758}: C:\Documents and Settings\All Users\Application Data\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext [2010/10/05 18:59:32 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\extensions\\{1E73965B-8B48-48be-9C8D-68B920ABC1C4}: C:\Program Files\AVG\AVG2012\Firefox4\ [2013/05/15 08:32:54 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\extensions\\{F53C93F1-07D5-430c-86D4-C9531B27DFAF}: C:\Program Files\AVG\AVG2012\Firefox\DoNotTrack\ [2012/07/03 10:01:26 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 3.6.12\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2010/10/28 11:26:17 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 3.6.12\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2013/06/11 11:39:52 | 000,000,000 | ---D | M]

[2010/10/28 11:26:27 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Eddie Doyle\Application Data\Mozilla\Extensions
[2010/10/28 11:26:27 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Eddie Doyle\Application Data\Mozilla\Firefox\Profiles\1r4qr5gb.default\extensions
[2013/06/23 14:03:17 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions
[2011/01/03 12:46:10 | 000,000,000 | ---D | M] (Skype extension) -- C:\Program Files\Mozilla Firefox\extensions\{AB2CE124-6272-4b12-94A9-7303C7397BD1}
[2010/10/27 06:24:34 | 000,001,538 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\amazon-en-GB.xml
[2012/04/18 12:49:08 | 000,003,766 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\avg-secure-search.xml
[2010/10/27 06:24:34 | 000,000,947 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\chambers-en-GB.xml
[2010/10/27 06:24:34 | 000,000,769 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\eBay-en-GB.xml
[2010/10/27 06:24:34 | 000,001,135 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\yahoo-en-GB.xml

========== Chrome ==========

CHR - default_search_provider: AVG Secure Search (Enabled)
CHR - default_search_provider: search_url = http://isearch.avg.com/search?cid={5EBB6C6C-A61D-485B-9BA2-B8E57EF116E5}&mid=536eee8f59e782060cada498709fad2f-415bc378eae34b742cd0a550d9649e5cffba64f6&lang=us&ds=AVG&pr=pa&d=2011-12-03 15:47:15&v=11.0.0.9&sap=dsp&q={searchTerms}
CHR - default_search_provider: suggest_url = http://clients5.google.com/complete/search?hl={language}&q={searchTerms}&client=ie8&inputencoding={inputEncoding}&outputencoding={outputEncoding}
CHR - homepage: http://www.google.com/
CHR - plugin: Remoting Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Program Files\Google\Chrome\Application\29.0.1547.66\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Program Files\Google\Chrome\Application\29.0.1547.66\pdf.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Program Files\Google\Chrome\Application\29.0.1547.66\gcswf32.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\WINDOWS\system32\Macromed\Flash\NPSWF32.dll
CHR - plugin: Skype Toolbars (Enabled) = C:\Documents and Settings\Eddie Doyle\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl\5.0.0.6907_0\npSkypeChromePlugin.dll
CHR - plugin: Adobe Acrobat (Disabled) = C:\Program Files\Adobe\Acrobat 7.0\Reader\Browser\nppdf32.dll
CHR - plugin: Java Deployment Toolkit 6.0.220.4 (Enabled) = C:\Program Files\Java\jre6\bin\new_plugin\npdeployJava1.dll
CHR - plugin: Java(TM) Platform SE 6 U22 (Enabled) = C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll
CHR - plugin: QuickTime Plug-in 7.6.8 (Enabled) = C:\Program Files\QuickTime\plugins\npqtplugin.dll
CHR - plugin: QuickTime Plug-in 7.6.8 (Enabled) = C:\Program Files\QuickTime\plugins\npqtplugin2.dll
CHR - plugin: QuickTime Plug-in 7.6.8 (Enabled) = C:\Program Files\QuickTime\plugins\npqtplugin3.dll
CHR - plugin: QuickTime Plug-in 7.6.8 (Enabled) = C:\Program Files\QuickTime\plugins\npqtplugin4.dll
CHR - plugin: QuickTime Plug-in 7.6.8 (Enabled) = C:\Program Files\QuickTime\plugins\npqtplugin5.dll
CHR - plugin: QuickTime Plug-in 7.6.8 (Enabled) = C:\Program Files\QuickTime\plugins\npqtplugin6.dll
CHR - plugin: QuickTime Plug-in 7.6.8 (Enabled) = C:\Program Files\QuickTime\plugins\npqtplugin7.dll
CHR - plugin: RealPlayer(tm) HTML5VideoShim Plug-In (32-bit) (Enabled) = C:\Documents and Settings\All Users\Application Data\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll
CHR - plugin: RealPlayer(tm) G2 LiveConnect-Enabled Plug-In (32-bit) (Enabled) = C:\Program Files\Real\RealPlayer\Netscape6\nppl3260.dll
CHR - plugin: RealPlayer Version Plugin (Enabled) = C:\Program Files\Real\RealPlayer\Netscape6\nprpjplug.dll
CHR - plugin: AVG SiteSafety plugin (Enabled) = C:\Program Files\Common Files\AVG Secure Search\SiteSafetyInstaller\11.0.2\\npsitesafety.dll
CHR - plugin: Picasa (Enabled) = C:\Program Files\Google\Picasa3\npPicasa3.dll
CHR - plugin: Google Update (Enabled) = C:\Program Files\Google\Update\1.3.21.111\npGoogleUpdate3.dll
CHR - plugin: RealJukebox NS Plugin (Enabled) = C:\Program Files\Real\RealPlayer\Netscape6\nprjplug.dll
CHR - plugin: iTunes Application Detector (Enabled) = C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll
CHR - Extension: YouTube = C:\Documents and Settings\Eddie Doyle\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.6_0\
CHR - Extension: Google Search = C:\Documents and Settings\Eddie Doyle\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_0\
CHR - Extension: RealPlayer HTML5Video Downloader Extension = C:\Documents and Settings\Eddie Doyle\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\jfmjfhklogoienhpfnppmbcbjfjnkonk\1.2_0\
CHR - Extension: AVG Safe Search = C:\Documents and Settings\Eddie Doyle\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\jmfkcklnlgedgbglfkkgedjfmejoahla\12.0.0.2210_0\
CHR - Extension: Skype Extension = C:\Documents and Settings\Eddie Doyle\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl\5.0.0.6907_0\
CHR - Extension: AVG Do Not Track = C:\Documents and Settings\Eddie Doyle\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\ndibdjnfmopecpmkdieinmbadjfpblof\12.0.0.2166_0\
CHR - Extension: Chrome In-App Payments service = C:\Documents and Settings\Eddie Doyle\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.4.10_0\
CHR - Extension: Gmail = C:\Documents and Settings\Eddie Doyle\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_1\

O1 HOSTS File: ([2004/08/10 06:00:00 | 000,000,734 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (Adobe PDF Reader Link Helper) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
O2 - BHO: (MSS+ Identifier) - {0E8A89AD-95D7-40EB-8D9D-083EF7066A01} - C:\Program Files\McAfee Security Scan\3.0.318\McAfeeMSS_IE.dll (McAfee, Inc.)
O2 - BHO: (RealPlayer Download and Record Plugin for Internet Explorer) - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Documents and Settings\All Users\Application Data\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll (RealPlayer)
O2 - BHO: (AVG Do Not Track) - {31332EEF-CB9F-458F-AFEB-D30E9A66B6BA} - C:\Program Files\AVG\AVG2012\avgdtiex.dll (AVG Technologies CZ, s.r.o.)
O2 - BHO: (AVG Safe Search) - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG2012\avgssie.dll (AVG Technologies CZ, s.r.o.)
O2 - BHO: (DriveLetterAccess) - {5CA3D70E-1895-11CF-8E15-001234567890} - C:\WINDOWS\system32\DLA\DLASHX_W.DLL (Sonic Solutions)
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - No CLSID value found.
O2 - BHO: (Easy Photo Print) - {9421DD08-935F-4701-A9CA-22DF90AC4EA6} - C:\Program Files\Epson Software\Easy Photo Print\EPTBL.dll (SEIKO EPSON CORPORATION / CyCom Technology Corp.)
O2 - BHO: (Skype Plug-In) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O2 - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.7.8313.1002\swg.dll (Google Inc.)
O2 - BHO: (Windows Live Toolbar Helper) - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll (Microsoft Corporation)
O2 - BHO: (EpsonToolBandKicker Class) - {E99421FB-68DD-40F0-B4AC-B7027CAE2F1A} - C:\Program Files\epson\EPSON Web-To-Page\EPSON Web-To-Page.dll (SEIKO EPSON CORPORATION)
O3 - HKLM\..\Toolbar: (Easy Photo Print) - {9421DD08-935F-4701-A9CA-22DF90AC4EA6} - C:\Program Files\Epson Software\Easy Photo Print\EPTBL.dll (SEIKO EPSON CORPORATION / CyCom Technology Corp.)
O3 - HKLM\..\Toolbar: (Windows Live Toolbar) - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll (Microsoft Corporation)
O3 - HKLM\..\Toolbar: (no name) - {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - No CLSID value found.
O3 - HKLM\..\Toolbar: (EPSON Web-To-Page) - {EE5D279F-081B-4404-994D-C6B60AAEBA6D} - C:\Program Files\epson\EPSON Web-To-Page\EPSON Web-To-Page.dll (SEIKO EPSON CORPORATION)
O3 - HKLM\..\Toolbar: (Yahoo! Toolbar) - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll (Yahoo! Inc.)
O3 - HKU\.DEFAULT\..\Toolbar\WebBrowser: (no name) - {A057A204-BACC-4D26-9990-79A187E2698E} - No CLSID value found.
O3 - HKU\.DEFAULT\..\Toolbar\WebBrowser: (Windows Live Toolbar) - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll (Microsoft Corporation)
O3 - HKU\S-1-5-18\..\Toolbar\WebBrowser: (no name) - {A057A204-BACC-4D26-9990-79A187E2698E} - No CLSID value found.
O3 - HKU\S-1-5-18\..\Toolbar\WebBrowser: (Windows Live Toolbar) - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll (Microsoft Corporation)
O3 - HKU\S-1-5-21-750408315-799292127-717486286-1005\..\Toolbar\WebBrowser: (no name) - {A057A204-BACC-4D26-9990-79A187E2698E} - No CLSID value found.
O3 - HKU\S-1-5-21-750408315-799292127-717486286-1005\..\Toolbar\WebBrowser: (Windows Live Toolbar) - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll (Microsoft Corporation)
O3 - HKU\S-1-5-21-750408315-799292127-717486286-1005\..\Toolbar\WebBrowser: (EPSON Web-To-Page) - {EE5D279F-081B-4404-994D-C6B60AAEBA6D} - C:\Program Files\epson\EPSON Web-To-Page\EPSON Web-To-Page.dll (SEIKO EPSON CORPORATION)
O3 - HKU\S-1-5-21-750408315-799292127-717486286-1005\..\Toolbar\WebBrowser: (Yahoo! Toolbar) - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll (Yahoo! Inc.)
O4 - HKLM..\Run: [18166404] C:\Documents and Settings\All Users\Application Data\18166404\18166404.exe File not found
O4 - HKLM..\Run: [98176396] C:\Documents and Settings\All Users\Application Data\98176396\98176396.exe File not found
O4 - HKLM..\Run: [alg] C:\WINDOWS\alg.exe File not found
O4 - HKLM..\Run: [APSDaemon] C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.)
O4 - HKLM..\Run: [AVG_TRAY] C:\Program Files\AVG\AVG2012\avgtray.exe (AVG Technologies CZ, s.r.o.)
O4 - HKLM..\Run: [Corel Photo Downloader] C:\Program Files\Corel\Corel Photo Album 6\MediaDetect.exe (Corel, Inc.)
O4 - HKLM..\Run: [CTSysVol] C:\Program Files\Creative\SBAudigy\Surround Mixer\CTSysVol.exe (Creative Technology Ltd)
O4 - HKLM..\Run: [DellSupportCenter] C:\Program Files\Dell Support Center\bin\sprtcmd.exe (SupportSoft, Inc.)
O4 - HKLM..\Run: [DLA] C:\WINDOWS\system32\DLA\DLACTRLW.EXE (Sonic Solutions)
O4 - HKLM..\Run: [DLCDCATS] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\DLCDtime.DLL ()
O4 - HKLM..\Run: [dlcdmon.exe] C:\Program Files\Dell Photo AIO Printer 944\dlcdmon.exe (Dell)
O4 - HKLM..\Run: [dscactivate] C:\Program Files\Dell Support Center\gs_agent\custom\dsca.exe ( )
O4 - HKLM..\Run: [lsass] C:\WINDOWS\lsass.exe File not found
O4 - HKLM..\Run: [MBMon] C:\WINDOWS\System32\CTMBHA.DLL ()
O4 - HKLM..\Run: [MemoryCardManager] C:\Program Files\Dell Photo AIO Printer 944\memcard.exe ()
O4 - HKLM..\Run: [MSKDetectorExe] C:\Program Files\McAfee\SpamKiller\MSKDetct.exe (McAfee, Inc.)
O4 - HKLM..\Run: [netc] C:\WINDOWS\svc.exe File not found
O4 - HKLM..\Run: [netw] C:\WINDOWS\svw.exe File not found
O4 - HKLM..\Run: [netx] C:\WINDOWS\svx.exe File not found
O4 - HKLM..\Run: [odby] C:\WINDOWS\odb.exe File not found
O4 - HKLM..\Run: [RegWork] C:\Program Files\RegWork\RegWork.exe File not found
O4 - HKLM..\Run: [ROC_roc_dec12] "C:\Program Files\AVG Secure Search\ROC_roc_dec12.exe" /PROMPT /CMPID=roc_dec12 File not found
O4 - HKLM..\Run: [SigmatelSysTrayApp] C:\WINDOWS\stsystra.exe (SigmaTel, Inc.)
O4 - HKLM..\Run: [sms] C:\WINDOWS\sms.exe File not found
O4 - HKLM..\Run: [system] C:\WINDOWS\system.exe File not found
O4 - HKLM..\Run: [TkBellExe] C:\Program Files\Common Files\Real\Update_OB\realsched.exe (RealNetworks, Inc.)
O4 - HKLM..\Run: [UpdateWin] C:\WINDOWS\system32\ansil.exe File not found
O4 - HKLM..\Run: [UpdReg] C:\WINDOWS\Updreg.EXE (Creative Technology Ltd.)
O4 - HKLM..\Run: [vlc] C:\WINDOWS\vlc.exe File not found
O4 - HKLM..\Run: [VoiceCenter] C:\Program Files\Creative\VoiceCenter\AndreaVC.exe (Andrea Electronics Corporation)
O4 - HKLM..\Run: [wdmon] C:\WINDOWS\wdmon.exe File not found
O4 - HKU\.DEFAULT..\Run: [userinit] C:\WINDOWS\system32\ntos.exe File not found
O4 - HKU\S-1-5-18..\Run: [userinit] C:\WINDOWS\system32\ntos.exe File not found
O4 - HKU\S-1-5-21-750408315-799292127-717486286-1005..\Run: [Creative Detector] C:\Program Files\Creative\MediaSource\Detector\CTDetect.exe (Creative Technology Ltd)
O4 - HKU\S-1-5-21-750408315-799292127-717486286-1005..\Run: [DellSupport] C:\Program Files\DellSupport\DSAgnt.exe (Gteko Ltd.)
O4 - HKU\S-1-5-21-750408315-799292127-717486286-1005..\Run: [DellSupportCenter] C:\Program Files\Dell Support Center\bin\sprtcmd.exe (SupportSoft, Inc.)
O4 - HKU\S-1-5-21-750408315-799292127-717486286-1005..\Run: [EPSON PX650 Series] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATIFME.EXE (SEIKO EPSON CORPORATION)
O4 - HKU\S-1-5-21-750408315-799292127-717486286-1005..\Run: [SetDefaultMIDI] C:\WINDOWS\MIDIDEF.EXE (Creative Technology Ltd)
O4 - HKU\S-1-5-21-750408315-799292127-717486286-1005..\Run: [UpdateWin] C:\WINDOWS\system32\ansil.exe File not found
O4 - HKU\S-1-5-21-750408315-799292127-717486286-1005..\Run: [userinit] C:\WINDOWS\system32\ntos.exe File not found
O4 - HKLM..\RunServices: [UpdateWin] C:\WINDOWS\system32\ansil.exe File not found
O4 - HKU\S-1-5-21-750408315-799292127-717486286-1005..\RunServices: [UpdateWin] C:\WINDOWS\system32\ansil.exe File not found
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe (Adobe Systems Incorporated)
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\McAfee Security Scan Plus.lnk = C:\Program Files\McAfee Security Scan\3.0.318\SSScheduler.exe (McAfee, Inc.)
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office\OSA9.EXE (Microsoft Corporation)
O4 - Startup: C:\Documents and Settings\Eddie Doyle\Start Menu\Programs\Startup\Dropbox.lnk = C:\Documents and Settings\Eddie Doyle\Application Data\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoCDBurning = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: InstallVisualStyle = C:\WINDOWS\Resources\Themes\Royale\Royale.msstyles (Microsoft)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: InstallTheme = C:\WINDOWS\Resources\Themes\Royale.theme ()
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-21-750408315-799292127-717486286-1005\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O8 - Extra context menu item: &Windows Live Search - C:\Program Files\Windows Live Toolbar\msntb.dll (Microsoft Corporation)
O8 - Extra context menu item: Add to Google Photos Screensa&ver - C:\WINDOWS\System32\GPhotos.scr (Google Inc.)
O8 - Extra context menu item: Add to Windows &Live Favorites - http://favorites.live.com/quickadd.aspx File not found
O9 - Extra Button: AVG Do Not Track - {68BCFFE1-A2DA-4B40-9068-87ECBFC19D16} - C:\Program Files\AVG\AVG2012\avgdtiex.dll (AVG Technologies CZ, s.r.o.)
O9 - Extra Button: Skype Plug-In - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra 'Tools' menuitem : Skype Plug-In - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O16 - DPF: {31435657-9980-0010-8000-00AA00389B71} http://download.microsoft.com/download/e/2/f/e2fcec4b-6c8b-48b7-adab-ab9c403a978f/wvc1dmo.cab (Reg Error: Key error.)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.7.0/jinstall-1_7_0_25-windows-i586.cab (Java Plug-in 10.25.2)
O16 - DPF: {CAFEEFAC-0017-0000-0025-ABCDEFFEDCBA} http://java.sun.com/update/1.7.0/jinstall-1_7_0_25-windows-i586.cab (Java Plug-in 1.7.0_25)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.7.0/jinstall-1_7_0_25-windows-i586.cab (Java Plug-in 1.7.0_25)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 89.101.160.4 89.101.160.5
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{3FC8E6D5-3661-4A74-AA42-A6FB21F56A45}: DhcpNameServer = 89.101.160.4 89.101.160.5
O18 - Protocol\Handler\linkscanner {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG2012\avgpp.dll (AVG Technologies CZ, s.r.o.)
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\WINDOWS\system32\userinit.exe) - C:\WINDOWS\system32\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\WINDOWS\system32\ntos.exe) - File not found
O20 - Winlogon\Notify\WgaLogon: DllName - (Reg Error: Value error.) - Reg Error: Value error. File not found
O24 - Desktop WallPaper: C:\Documents and Settings\Eddie Doyle\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O24 - Desktop BackupWallPaper: C:\Documents and Settings\Eddie Doyle\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O27 - HKLM IFEO\a2service.exe: Debugger - C:\WINDOWS\System32\ntsd.exe (Microsoft Corporation)
O27 - HKLM IFEO\ArcaCheck.exe: Debugger - C:\WINDOWS\System32\ntsd.exe (Microsoft Corporation)
O27 - HKLM IFEO\arcavir.exe: Debugger - C:\WINDOWS\System32\ntsd.exe (Microsoft Corporation)
O27 - HKLM IFEO\ashDisp.exe: Debugger - C:\WINDOWS\System32\ntsd.exe (Microsoft Corporation)
O27 - HKLM IFEO\ashEnhcd.exe: Debugger - C:\WINDOWS\System32\ntsd.exe (Microsoft Corporation)
O27 - HKLM IFEO\ashServ.exe: Debugger - C:\WINDOWS\System32\ntsd.exe (Microsoft Corporation)
O27 - HKLM IFEO\ashUpd.exe: Debugger - C:\WINDOWS\System32\ntsd.exe (Microsoft Corporation)
O27 - HKLM IFEO\aswUpdSv.exe: Debugger - C:\WINDOWS\System32\ntsd.exe (Microsoft Corporation)
O27 - HKLM IFEO\autoruns.exe: Debugger - C:\WINDOWS\System32\ntsd.exe (Microsoft Corporation)
O27 - HKLM IFEO\avadmin.exe: Debugger - C:\WINDOWS\System32\ntsd.exe (Microsoft Corporation)
O27 - HKLM IFEO\avcenter.exe: Debugger - C:\WINDOWS\System32\ntsd.exe (Microsoft Corporation)
O27 - HKLM IFEO\avcls.exe: Debugger - C:\WINDOWS\System32\ntsd.exe (Microsoft Corporation)
O27 - HKLM IFEO\avconfig.exe: Debugger - C:\WINDOWS\System32\ntsd.exe (Microsoft Corporation)
O27 - HKLM IFEO\avconsol.exe: Debugger - C:\WINDOWS\System32\ntsd.exe (Microsoft Corporation)
O27 - HKLM IFEO\avgnt.exe: Debugger - C:\WINDOWS\System32\ntsd.exe (Microsoft Corporation)
O27 - HKLM IFEO\avgrssvc.exe: Debugger - C:\WINDOWS\System32\ntsd.exe (Microsoft Corporation)
O27 - HKLM IFEO\avguard.exe: Debugger - C:\WINDOWS\System32\ntsd.exe (Microsoft Corporation)
O27 - HKLM IFEO\AvMonitor.exe: Debugger - C:\WINDOWS\System32\ntsd.exe (Microsoft Corporation)
O27 - HKLM IFEO\avp.com: Debugger - C:\WINDOWS\System32\ntsd.exe (Microsoft Corporation)
O27 - HKLM IFEO\avp.exe: Debugger - C:\WINDOWS\System32\ntsd.exe (Microsoft Corporation)
O27 - HKLM IFEO\AVP32.EXE: Debugger - C:\WINDOWS\System32\ntsd.exe (Microsoft Corporation)
O27 - HKLM IFEO\avscan.exe: Debugger - C:\WINDOWS\System32\ntsd.exe (Microsoft Corporation)
O27 - HKLM IFEO\avz.exe: Debugger - C:\WINDOWS\System32\ntsd.exe (Microsoft Corporation)
O27 - HKLM IFEO\avz_se.exe: Debugger - C:\WINDOWS\System32\ntsd.exe (Microsoft Corporation)
O27 - HKLM IFEO\avz4.exe: Debugger - C:\WINDOWS\System32\ntsd.exe (Microsoft Corporation)
O27 - HKLM IFEO\bdagent.exe: Debugger - C:\WINDOWS\System32\ntsd.exe (Microsoft Corporation)
O27 - HKLM IFEO\bdinit.exe: Debugger - C:\WINDOWS\System32\ntsd.exe (Microsoft Corporation)
O27 - HKLM IFEO\caav.exe: Debugger - C:\WINDOWS\System32\ntsd.exe (Microsoft Corporation)
O27 - HKLM IFEO\caavguiscan.exe: Debugger - C:\WINDOWS\System32\ntsd.exe (Microsoft Corporation)
O27 - HKLM IFEO\casecuritycenter.exe: Debugger - C:\WINDOWS\System32\ntsd.exe (Microsoft Corporation)
O27 - HKLM IFEO\CCenter.exe: Debugger - C:\WINDOWS\System32\ntsd.exe (Microsoft Corporation)
O27 - HKLM IFEO\ccupdate.exe: Debugger - C:\WINDOWS\System32\ntsd.exe (Microsoft Corporation)
O27 - HKLM IFEO\cfp.exe: Debugger - C:\WINDOWS\System32\ntsd.exe (Microsoft Corporation)
O27 - HKLM IFEO\cfpupdat.exe: Debugger - C:\WINDOWS\System32\ntsd.exe (Microsoft Corporation)
O27 - HKLM IFEO\cmdagent.exe: Debugger - C:\WINDOWS\System32\ntsd.exe (Microsoft Corporation)
O27 - HKLM IFEO\drwadins.exe: Debugger - C:\WINDOWS\System32\ntsd.exe (Microsoft Corporation)
O27 - HKLM IFEO\DRWEB32.EXE: Debugger - C:\WINDOWS\System32\ntsd.exe (Microsoft Corporation)
O27 - HKLM IFEO\drwebupw.exe: Debugger - C:\WINDOWS\System32\ntsd.exe (Microsoft Corporation)
O27 - HKLM IFEO\ekrn.exe: Debugger - C:\WINDOWS\System32\ntsd.exe (Microsoft Corporation)
O27 - HKLM IFEO\FAMEH32.EXE: Debugger - C:\WINDOWS\System32\ntsd.exe (Microsoft Corporation)
O27 - HKLM IFEO\filemon.exe: Debugger - C:\WINDOWS\System32\ntsd.exe (Microsoft Corporation)
O27 - HKLM IFEO\FPAVServer.exe: Debugger - C:\WINDOWS\System32\ntsd.exe (Microsoft Corporation)
O27 - HKLM IFEO\fpscan.exe: Debugger - C:\WINDOWS\System32\ntsd.exe (Microsoft Corporation)
O27 - HKLM IFEO\FPWin.exe: Debugger - C:\WINDOWS\System32\ntsd.exe (Microsoft Corporation)
O27 - HKLM IFEO\fsav32.exe: Debugger - C:\WINDOWS\System32\ntsd.exe (Microsoft Corporation)
O27 - HKLM IFEO\fsgk32st.exe: Debugger - C:\WINDOWS\System32\ntsd.exe (Microsoft Corporation)
O27 - HKLM IFEO\FSMA32.EXE: Debugger - C:\WINDOWS\System32\ntsd.exe (Microsoft Corporation)
O27 - HKLM IFEO\GFRing3.exe: Debugger - C:\WINDOWS\System32\ntsd.exe (Microsoft Corporation)
O27 - HKLM IFEO\guardgui.exe: Debugger - C:\WINDOWS\System32\ntsd.exe (Microsoft Corporation)
O27 - HKLM IFEO\guardxservice.exe: Debugger - C:\WINDOWS\System32\ntsd.exe (Microsoft Corporation)
O27 - HKLM IFEO\guardxup.exe: Debugger - C:\WINDOWS\System32\ntsd.exe (Microsoft Corporation)
O27 - HKLM IFEO\HijackThis.exe: Debugger - C:\WINDOWS\System32\ntsd.exe (Microsoft Corporation)
O27 - HKLM IFEO\KASMain.exe: Debugger - C:\WINDOWS\System32\ntsd.exe (Microsoft Corporation)
O27 - HKLM IFEO\KASTask.exe: Debugger - C:\WINDOWS\System32\ntsd.exe (Microsoft Corporation)
O27 - HKLM IFEO\KAV32.exe: Debugger - C:\WINDOWS\System32\ntsd.exe (Microsoft Corporation)
O27 - HKLM IFEO\KAVDX.exe: Debugger - C:\WINDOWS\System32\ntsd.exe (Microsoft Corporation)
O27 - HKLM IFEO\KAVPF.exe: Debugger - C:\WINDOWS\System32\ntsd.exe (Microsoft Corporation)
O27 - HKLM IFEO\KAVPFW.exe: Debugger - C:\WINDOWS\System32\ntsd.exe (Microsoft Corporation)
O27 - HKLM IFEO\KAVStart.exe: Debugger - C:\WINDOWS\System32\ntsd.exe (Microsoft Corporation)
O27 - HKLM IFEO\KPFW32.exe: Debugger - C:\WINDOWS\System32\ntsd.exe (Microsoft Corporation)
O27 - HKLM IFEO\KPFW32X.exe: Debugger - C:\WINDOWS\System32\ntsd.exe (Microsoft Corporation)
O27 - HKLM IFEO\Navapsvc.exe: Debugger - C:\WINDOWS\System32\ntsd.exe (Microsoft Corporation)
O27 - HKLM IFEO\Navapw32.exe: Debugger - C:\WINDOWS\System32\ntsd.exe (Microsoft Corporation)
O27 - HKLM IFEO\navigator.exe: Debugger - C:\WINDOWS\System32\ntsd.exe (Microsoft Corporation)
O27 - HKLM IFEO\NAVNT.EXE: Debugger - C:\WINDOWS\System32\ntsd.exe (Microsoft Corporation)
O27 - HKLM IFEO\NAVSTUB.EXE: Debugger - C:\WINDOWS\System32\ntsd.exe (Microsoft Corporation)
O27 - HKLM IFEO\NAVW32.EXE: Debugger - C:\WINDOWS\System32\ntsd.exe (Microsoft Corporation)
O27 - HKLM IFEO\NAVWNT.EXE: Debugger - C:\WINDOWS\System32\ntsd.exe (Microsoft Corporation)
O27 - HKLM IFEO\niu.exe: Debugger - C:\WINDOWS\System32\ntsd.exe (Microsoft Corporation)
O27 - HKLM IFEO\nod32.exe: Debugger - C:\WINDOWS\System32\ntsd.exe (Microsoft Corporation)
O27 - HKLM IFEO\nod32krn.exe: Debugger - C:\WINDOWS\System32\ntsd.exe (Microsoft Corporation)
O27 - HKLM IFEO\Nvcc.exe: Debugger - C:\WINDOWS\System32\ntsd.exe (Microsoft Corporation)
O27 - HKLM IFEO\OllyDBG.EXE: Debugger - C:\WINDOWS\System32\ntsd.exe (Microsoft Corporation)
O27 - HKLM IFEO\outpost.exe: Debugger - C:\WINDOWS\System32\ntsd.exe (Microsoft Corporation)
O27 - HKLM IFEO\preupd.exe: Debugger - C:\WINDOWS\System32\ntsd.exe (Microsoft Corporation)
O27 - HKLM IFEO\procexp.exe: Debugger - C:\WINDOWS\System32\ntsd.exe (Microsoft Corporation)
O27 - HKLM IFEO\pskdr.exe: Debugger - C:\WINDOWS\System32\ntsd.exe (Microsoft Corporation)
O27 - HKLM IFEO\regedit.exe: Debugger - C:\WINDOWS\System32\ntsd.exe (Microsoft Corporation)
O27 - HKLM IFEO\regmon.exe: Debugger - C:\WINDOWS\System32\ntsd.exe (Microsoft Corporation)
O27 - HKLM IFEO\RegTool.exe: Debugger - C:\WINDOWS\System32\ntsd.exe (Microsoft Corporation)
O27 - HKLM IFEO\scan32.exe: Debugger - C:\WINDOWS\System32\ntsd.exe (Microsoft Corporation)
O27 - HKLM IFEO\SfFnUp.exe: Debugger - C:\WINDOWS\System32\ntsd.exe (Microsoft Corporation)
O27 - HKLM IFEO\Vba32arkit.exe: Debugger - C:\WINDOWS\System32\ntsd.exe (Microsoft Corporation)
O27 - HKLM IFEO\vba32ldr.exe: Debugger - C:\WINDOWS\System32\ntsd.exe (Microsoft Corporation)
O27 - HKLM IFEO\vsserv.exe: Debugger - C:\WINDOWS\System32\ntsd.exe (Microsoft Corporation)
O27 - HKLM IFEO\Zanda.exe: Debugger - C:\WINDOWS\System32\ntsd.exe (Microsoft Corporation)
O27 - HKLM IFEO\zapro.exe: Debugger - C:\WINDOWS\System32\ntsd.exe (Microsoft Corporation)
O27 - HKLM IFEO\Zlh.exe: Debugger - C:\WINDOWS\System32\ntsd.exe (Microsoft Corporation)
O27 - HKLM IFEO\zonealarm.exe: Debugger - C:\WINDOWS\System32\ntsd.exe (Microsoft Corporation)
O27 - HKLM IFEO\zoneband.dll: Debugger - C:\WINDOWS\System32\ntsd.exe (Microsoft Corporation)
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2005/08/16 05:43:04 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O33 - MountPoints2\{0cb06d92-08c9-11de-a009-00123fc74f8f}\Shell - "" = AutoRun
O33 - MountPoints2\{0cb06d92-08c9-11de-a009-00123fc74f8f}\Shell\AutoRun - "" = Auto&Play
O33 - MountPoints2\{0cb06d92-08c9-11de-a009-00123fc74f8f}\Shell\AutoRun\command - "" = J:\AutoRun.exe
O33 - MountPoints2\{361ac05d-0e0d-11da-9aa9-806d6172696f}\Shell - "" = AutoRun
O33 - MountPoints2\{361ac05d-0e0d-11da-9aa9-806d6172696f}\Shell\AutoRun - "" = Auto&Play
O33 - MountPoints2\{361ac05d-0e0d-11da-9aa9-806d6172696f}\Shell\AutoRun\command - "" = E:\setup.exe
O34 - HKLM BootExecute: (autocheck autochk *)
O34 - HKLM BootExecute: (C:\PROGRA~1\AVG\AVG2012\avgrsx.exe /sync /restart)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)

========== Files/Folders - Created Within 30 Days ==========

[3 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
[2 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2013/09/04 19:50:27 | 000,000,892 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
[2013/09/04 19:50:26 | 000,000,436 | ---- | M] () -- C:\WINDOWS\tasks\RNUpgradeHelperLogonPrompt_Eddie Doyle.job
[2013/09/04 19:50:26 | 000,000,290 | ---- | M] () -- C:\WINDOWS\tasks\RealUpgradeLogonTaskS-1-5-21-750408315-799292127-717486286-1005.job
[2013/09/04 19:50:17 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2013/09/04 19:50:14 | 1071,796,224 | -HS- | M] () -- C:\hiberfil.sys
[2013/09/04 19:49:37 | 000,000,268 | -H-- | M] () -- C:\sqmdata07.sqm
[2013/09/04 19:49:37 | 000,000,244 | -H-- | M] () -- C:\sqmnoopt10.sqm
[2013/09/04 19:29:00 | 000,000,266 | ---- | M] () -- C:\WINDOWS\tasks\Check Updates for Windows Live Toolbar.job
[2013/09/04 19:19:00 | 000,000,896 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
[2013/09/04 19:05:01 | 000,000,830 | ---- | M] () -- C:\WINDOWS\tasks\Adobe Flash Player Updater.job
[2013/09/04 18:21:32 | 000,001,813 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Google Chrome.lnk
[2013/09/04 18:13:02 | 000,000,252 | ---- | M] () -- C:\WINDOWS\tasks\Epson Printer Software Downloader.job
[2013/09/04 17:29:39 | 136,151,040 | ---- | M] () -- C:\WINDOWS\System32\drivers\AVG\incavi.avm
[2013/09/03 21:55:02 | 000,000,268 | -H-- | M] () -- C:\sqmdata06.sqm
[2013/09/03 21:55:02 | 000,000,244 | -H-- | M] () -- C:\sqmnoopt09.sqm
[2013/09/03 20:40:01 | 000,000,426 | ---- | M] () -- C:\WINDOWS\tasks\ReclaimerUpdateXML_Eddie Doyle.job
[2013/09/03 18:39:02 | 000,000,430 | ---- | M] () -- C:\WINDOWS\tasks\ReclaimerUpdateFiles_Eddie Doyle.job
[2013/09/02 17:32:36 | 000,539,852 | ---- | M] () -- C:\WINDOWS\System32\drivers\AVG\iavichjg.avm
[2013/09/01 21:19:41 | 000,000,268 | -H-- | M] () -- C:\sqmdata05.sqm
[2013/09/01 21:19:41 | 000,000,244 | -H-- | M] () -- C:\sqmnoopt08.sqm
[2013/09/01 16:18:01 | 000,000,298 | ---- | M] () -- C:\WINDOWS\tasks\RealUpgradeScheduledTaskS-1-5-21-750408315-799292127-717486286-1005.job
[2013/08/30 19:05:45 | 000,692,104 | ---- | M] (Adobe Systems Incorporated) -- C:\WINDOWS\System32\FlashPlayerApp.exe
[2013/08/30 19:05:44 | 000,071,048 | ---- | M] (Adobe Systems Incorporated) -- C:\WINDOWS\System32\FlashPlayerCPLApp.cpl
[2013/08/29 20:41:32 | 000,002,206 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2013/08/15 13:43:46 | 000,000,268 | -H-- | M] () -- C:\sqmdata04.sqm
[2013/08/15 13:43:46 | 000,000,244 | -H-- | M] () -- C:\sqmnoopt07.sqm
[2013/08/13 23:30:30 | 000,000,268 | -H-- | M] () -- C:\sqmdata03.sqm
[2013/08/13 23:30:30 | 000,000,244 | -H-- | M] () -- C:\sqmnoopt06.sqm
[2013/08/12 12:41:11 | 000,083,456 | ---- | M] () -- C:\Documents and Settings\Eddie Doyle\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2013/08/12 08:18:02 | 000,000,284 | ---- | M] () -- C:\WINDOWS\tasks\AppleSoftwareUpdate.job
[2013/08/10 01:05:49 | 000,000,268 | -H-- | M] () -- C:\sqmdata02.sqm
[2013/08/10 01:05:49 | 000,000,244 | -H-- | M] () -- C:\sqmnoopt05.sqm
[2013/08/08 23:00:00 | 000,000,326 | ---- | M] () -- C:\WINDOWS\tasks\Regwork.job
[2013/08/08 00:52:25 | 000,000,268 | -H-- | M] () -- C:\sqmdata01.sqm
[2013/08/08 00:52:25 | 000,000,244 | -H-- | M] () -- C:\sqmnoopt04.sqm
[2013/08/07 00:05:59 | 000,000,268 | -H-- | M] () -- C:\sqmdata00.sqm
[2013/08/07 00:05:59 | 000,000,244 | -H-- | M] () -- C:\sqmnoopt03.sqm
[3 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
[2 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]

========== Files Created - No Company Name ==========

[2013/08/30 20:37:02 | 000,000,436 | ---- | C] () -- C:\WINDOWS\tasks\RNUpgradeHelperLogonPrompt_Eddie Doyle.job
[2013/08/30 20:37:01 | 000,000,430 | ---- | C] () -- C:\WINDOWS\tasks\ReclaimerUpdateFiles_Eddie Doyle.job
[2013/08/30 20:37:01 | 000,000,426 | ---- | C] () -- C:\WINDOWS\tasks\ReclaimerUpdateXML_Eddie Doyle.job
[2012/05/22 17:32:50 | 000,034,814 | ---- | C] () -- C:\Documents and Settings\Eddie Doyle\Local Settings\Application Data\dt.dat
[2012/04/15 15:07:08 | 000,024,880 | ---- | C] () -- C:\WINDOWS\System32\drivers\OXUDIDRV_x32.sys
[2011/12/21 21:45:24 | 000,029,648 | -H-- | C] () -- C:\WINDOWS\System32\mlfcache.dat
[2011/09/11 18:06:33 | 000,111,932 | ---- | C] () -- C:\WINDOWS\System32\EPPICPrinterDB.dat
[2011/09/11 18:06:33 | 000,031,053 | ---- | C] () -- C:\WINDOWS\System32\EPPICPattern131.dat
[2011/09/11 18:06:33 | 000,027,417 | ---- | C] () -- C:\WINDOWS\System32\EPPICPattern121.dat
[2011/09/11 18:06:33 | 000,026,154 | ---- | C] () -- C:\WINDOWS\System32\EPPICPattern1.dat
[2011/09/11 18:06:33 | 000,024,903 | ---- | C] () -- C:\WINDOWS\System32\EPPICPattern3.dat
[2011/09/11 18:06:33 | 000,021,390 | ---- | C] () -- C:\WINDOWS\System32\EPPICPattern5.dat
[2011/09/11 18:06:33 | 000,020,148 | ---- | C] () -- C:\WINDOWS\System32\EPPICPattern2.dat
[2011/09/11 18:06:33 | 000,011,811 | ---- | C] () -- C:\WINDOWS\System32\EPPICPattern4.dat
[2011/09/11 18:06:33 | 000,004,943 | ---- | C] () -- C:\WINDOWS\System32\EPPICPattern6.dat
[2011/09/11 18:06:33 | 000,001,146 | ---- | C] () -- C:\WINDOWS\System32\EPPICPresetData_DU.dat
[2011/09/11 18:06:33 | 000,001,139 | ---- | C] () -- C:\WINDOWS\System32\EPPICPresetData_PT.dat
[2011/09/11 18:06:33 | 000,001,139 | ---- | C] () -- C:\WINDOWS\System32\EPPICPresetData_BP.dat
[2011/09/11 18:06:33 | 000,001,136 | ---- | C] () -- C:\WINDOWS\System32\EPPICPresetData_ES.dat
[2011/09/11 18:06:33 | 000,001,129 | ---- | C] () -- C:\WINDOWS\System32\EPPICPresetData_FR.dat
[2011/09/11 18:06:33 | 000,001,129 | ---- | C] () -- C:\WINDOWS\System32\EPPICPresetData_CF.dat
[2011/09/11 18:06:33 | 000,001,120 | ---- | C] () -- C:\WINDOWS\System32\EPPICPresetData_IT.dat
[2011/09/11 18:06:33 | 000,001,107 | ---- | C] () -- C:\WINDOWS\System32\EPPICPresetData_GE.dat
[2011/09/11 18:06:33 | 000,001,104 | ---- | C] () -- C:\WINDOWS\System32\EPPICPresetData_EN.dat
[2011/09/11 18:06:33 | 000,000,097 | ---- | C] () -- C:\WINDOWS\System32\PICSDK.ini
[2009/06/02 13:10:28 | 000,000,000 | ---- | C] () -- C:\Documents and Settings\All Users\Application Data\98176396.ini
[2008/06/08 13:56:50 | 000,083,456 | ---- | C] () -- C:\Documents and Settings\Eddie Doyle\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2006/06/14 12:40:09 | 000,001,356 | ---- | C] () -- C:\Documents and Settings\All Users\Application Data\QTSBandwidthCache
[2006/04/12 10:02:18 | 000,000,251 | ---- | C] () -- C:\Program Files\wt3d.ini
[2006/03/15 20:45:39 | 016,817,176 | ---- | C] () -- C:\Program Files\avg71free_375a703.exe
[2006/03/15 20:36:00 | 000,000,134 | ---- | C] () -- C:\Documents and Settings\Eddie Doyle\Local Settings\Application Data\fusioncache.dat

========== ZeroAccess Check ==========

[2005/08/16 05:39:16 | 000,000,227 | RHS- | M] () -- C:\WINDOWS\assembly\Desktop.ini

[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]

[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shdocvw.dll -- [2008/04/14 01:12:05 | 001,499,136 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = C:\WINDOWS\system32\wbem\fastprox.dll -- [2009/02/09 13:10:48 | 000,473,600 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
"" = C:\WINDOWS\system32\wbem\wbemess.dll -- [2008/04/14 01:12:08 | 000,273,920 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both

< End of report >

Extras.exe

OTL Extras logfile created on: 04/09/2013 19:55:55 - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Documents and Settings\Eddie Doyle\My Documents\Downloads
Windows XP Media Center Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 7.0.5730.11)
Locale: 00001809 | Country: Ireland | Language: ENI | Date Format: dd/MM/yyyy

1022.07 Mb Total Physical Memory | 217.63 Mb Available Physical Memory | 21.29% Memory free
2.40 Gb Paging File | 1.60 Gb Available in Paging File | 66.73% Paging File free
Paging file location(s): C:\pagefile.sys 1536 3072 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 144.30 Gb Total Space | 92.97 Gb Free Space | 64.43% Space Free | Partition Type: NTFS

Computer Name: DDRK132J | User Name: Eddie Doyle | Logg

jsa112 · 04-09-2013 10:46pm

you got a lot of viruses, download combofix, run it and post its log here Peter

http://www.bleepingcomputer.com/download/combofix/

Peadar06 · 17-09-2013 7:03pm

ComboFix 13-09-17.01 - Eddie Doyle 17/09/2013 18:35:28.1.2 - x86
Microsoft Windows XP Professional 5.1.2600.3.1252.1.1033.18.1022.322 [GMT 1:00]
Running from: c:\documents and settings\Eddie Doyle\My Documents\Downloads\ComboFix.exe
AV: AVG Internet Security 2012 *Disabled/Updated* {17DDD097-36FF-435F-9E1B-52D74245D6BF}
FW: AVG Internet Security 2012 *Disabled* {17DDD097-36FF-435F-9E1B-52D74245D6BF}
.
.
((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\docume~1\EDDIED~1\LOCALS~1\Temp\clclean.0001.dir.0000\~df394b.tmp
c:\documents and settings\All Users\Application Data\98176396.ini
c:\documents and settings\Eddie Doyle\Local Settings\Application Data\Google\Chrome\User Data\Default\Preferences
c:\documents and settings\Eddie Doyle\Local Settings\Temp\clclean.0001.dir.0000\~df394b.tmp
c:\documents and settings\Eddie Doyle\WINDOWS
c:\windows\pkunzip.pif
c:\windows\pkzip.pif
c:\windows\system32\2014298250.dat
c:\windows\system32\4040774368.dat
c:\windows\system32\Cache
c:\windows\system32\Cache\0d76f4ec1c7f143a.fb
c:\windows\system32\Cache\272512937d9e61a4.fb
c:\windows\system32\Cache\287204568329e189.fb
c:\windows\system32\Cache\28bc8f716fd76a47.fb
c:\windows\system32\Cache\2c53092c95605355.fb
c:\windows\system32\Cache\32c84fe32bb74d60.fb
c:\windows\system32\Cache\3917078cb68ec657.fb
c:\windows\system32\Cache\590ba23ce359fd0c.fb
c:\windows\system32\Cache\610289e025a3ee9a.fb
c:\windows\system32\Cache\651c5d3cdbfb8bd1.fb
c:\windows\system32\Cache\6c59ac5e7e7a3ad0.fb
c:\windows\system32\Cache\6d03dad1035885d3.fb
c:\windows\system32\Cache\a8556537add6dfc5.fb
c:\windows\system32\Cache\ad10a52aff5e038d.fb
c:\windows\system32\Cache\c1fa887b03019701.fb
c:\windows\system32\Cache\c4d28dca2e7648be.fb
c:\windows\system32\Cache\d201ef9910cd39de.fb
c:\windows\system32\Cache\d2e94710a5708128.fb
c:\windows\system32\Cache\d79b9dfe81484ec4.fb
c:\windows\system32\Cache\e0de16f883bea794.fb
c:\windows\system32\Cache\ea95269a29556720.fb
c:\windows\system32\Cache\f3bd9578715d7352.fb
c:\windows\system32\Cache\f998975c9cc711ee.fb
c:\windows\system32\rnaph.dll
c:\windows\system32\SET14.tmp
c:\windows\wininit.ini
.
.
((((((((((((((((((((((((((((((((((((((( Drivers/Services )))))))))))))))))))))))))))))))))))))))))))))))))
.
.

\Legacy_clipsrvsharedaccess

\Service_ClipSrvSharedAccess
.
.
((((((((((((((((((((((((( Files Created from 2013-08-17 to 2013-09-17 )))))))))))))))))))))))))))))))
.
.
2013-09-17 17:23 . 2013-09-17 17:23

d

w- c:\program files\Mozilla Maintenance Service
2013-09-17 17:23 . 2013-09-11 02:28 271256 ----a-w- c:\program files\Mozilla Firefox\browser\components\browsercomps.dll
2013-09-17 17:23 . 2013-09-11 02:27 107416 ----a-w- c:\program files\Mozilla Firefox\webapprt-stub.exe
2013-09-17 17:23 . 2013-09-11 02:27 170232 ----a-w- c:\program files\Mozilla Firefox\webapp-uninstaller.exe
2013-09-17 17:23 . 2013-09-11 02:27 27544 ----a-w- c:\program files\Mozilla Firefox\plugin-hang-ui.exe
2013-09-17 17:23 . 2013-09-11 02:26 3279768 ----a-w- c:\program files\Mozilla Firefox\mozjs.dll
2013-09-17 17:23 . 2013-09-11 02:26 128920 ----a-w- c:\program files\Mozilla Firefox\mozglue.dll
2013-09-17 17:23 . 2013-09-11 02:26 16280 ----a-w- c:\program files\Mozilla Firefox\mozalloc.dll
2013-09-17 17:23 . 2013-09-11 02:26 193824 ----a-w- c:\program files\Mozilla Firefox\maintenanceservice_installer.exe
2013-09-17 17:23 . 2010-03-18 16:15 770384 ----a-w- c:\program files\Mozilla Firefox\msvcr100.dll
2013-09-17 17:23 . 2010-03-18 16:15 421200 ----a-w- c:\program files\Mozilla Firefox\msvcp100.dll
2013-09-17 17:22 . 2013-09-11 02:26 118680 ----a-w- c:\program files\Mozilla Firefox\maintenanceservice.exe
2013-09-17 17:22 . 2013-09-11 02:26 548760 ----a-w- c:\program files\Mozilla Firefox\libGLESv2.dll
2013-09-17 17:22 . 2013-09-11 02:26 63384 ----a-w- c:\program files\Mozilla Firefox\libEGL.dll
2013-09-17 17:22 . 2013-09-11 02:26 3215256 ----a-w- c:\program files\Mozilla Firefox\gkmedias.dll
2013-09-17 17:22 . 2013-09-11 02:26 74648 ----a-w- c:\program files\Mozilla Firefox\breakpadinjector.dll
2013-09-17 17:22 . 2010-05-26 18:41 2106216 ----a-w- c:\program files\Mozilla Firefox\D3DCompiler_43.dll
2013-09-04 20:34 . 2013-09-04 20:34

d

w- c:\documents and settings\Eddie Doyle\Application Data\SUPERAntiSpyware.com
2013-09-04 20:33 . 2013-09-04 20:34

d

w- c:\program files\SUPERAntiSpyware
2013-09-04 20:33 . 2013-09-04 20:33

d

w- c:\documents and settings\All Users\Application Data\SUPERAntiSpyware.com
2013-09-04 20:27 . 2013-09-04 20:27

d

w- c:\program files\CCleaner
2013-09-04 19:17 . 2013-09-04 19:17

d

w- c:\program files\ESET
2013-09-04 19:13 . 2013-09-04 19:13

d

w- c:\documents and settings\Eddie Doyle\Application Data\Malwarebytes
2013-09-04 19:12 . 2013-09-04 19:12

d

w- c:\documents and settings\All Users\Application Data\Malwarebytes
2013-09-04 19:12 . 2013-09-04 19:13

d

w- c:\program files\Malwarebytes' Anti-Malware
2013-09-04 19:12 . 2013-04-04 13:50 22856 ----a-w- c:\windows\system32\drivers\mbam.sys
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2013-09-13 18:05 . 2013-03-06 13:23 692616 ----a-w- c:\windows\system32\FlashPlayerApp.exe
2013-09-13 18:05 . 2012-02-20 08:46 71048 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2013-06-23 09:04 . 2013-06-23 09:04 94632 ----a-w- c:\windows\system32\WindowsAccessBridge.dll
2013-06-23 09:04 . 2013-06-11 10:39 867240 ----a-w- c:\windows\system32\npDeployJava1.dll
2013-06-23 09:04 . 2010-08-04 22:23 789416 ----a-w- c:\windows\system32\deployJava1.dll
2013-06-23 09:04 . 2009-01-29 15:59 144896 ----a-w- c:\windows\system32\javacpl.cpl
2006-03-15 17:16 . 2006-03-15 19:45 16817176 ----a-w- c:\program files\avg71free_375a703.exe
.
.

Sigcheck

Note: Unsigned files aren't necessarily malware.
.
[7] 2008-06-20 . AD978A1B783B5719720CFF204B666C8E . 361600 . . [5.1.2600.5625] . . c:\windows\$hf_mig$\KB951748\SP3QFE\tcpip.sys
[7] 2008-06-20 . 9AEFA14BD6B182D61E3119FA5F436D3D . 361600 . . [5.1.2600.5625] . . c:\windows\$hf_mig$\KB951748\SP3GDR\tcpip.sys
[-] 2008-06-20 . 9425B72F40257B45D45D24773273DAD0 . 361600 . . [5.1.2600.5625] . . c:\windows\system32\dllcache\tcpip.sys
[-] 2008-06-20 . 9425B72F40257B45D45D24773273DAD0 . 361600 . . [5.1.2600.5625] . . c:\windows\system32\drivers\tcpip.sys
[7] 2008-06-20 . 2A5554FC5B1E04E131230E3CE035C3F9 . 360320 . . [5.1.2600.3394] . . c:\windows\$NtServicePackUninstall$\tcpip.sys
[7] 2008-06-20 . 744E57C99232201AE98C49168B918F48 . 360960 . . [5.1.2600.3394] . . c:\windows\$hf_mig$\KB951748\SP2QFE\tcpip.sys
[7] 2008-04-13 . 93EA8D04EC73A85DB02EB8805988F733 . 361344 . . [5.1.2600.5512] . . c:\windows\$NtUninstallKB951748$\tcpip.sys
[-] 2008-04-13 . ACCF5A9A1FFAA490F33DBA1C632B95E1 . 361344 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\tcpip.sys
[-] 2007-10-30 . 90CAFF4B094573449A0872A0F919B178 . 360064 . . [5.1.2600.3244] . . c:\windows\$NtUninstallKB951748_0$\tcpip.sys
[-] 2007-10-30 . 64798ECFA43D78C7178375FCDD16D8C8 . 360832 . . [5.1.2600.3244] . . c:\windows\$hf_mig$\KB941644\SP2QFE\tcpip.sys
[-] 2006-04-20 . B2220C618B42A2212A59D91EBD6FC4B4 . 360576 . . [5.1.2600.2892] . . c:\windows\$hf_mig$\KB917953\SP2QFE\tcpip.sys
[-] 2006-04-20 . 1DBF125862891817F374F407626967F4 . 359808 . . [5.1.2600.2892] . . c:\windows\$NtUninstallKB941644$\tcpip.sys
[-] 2006-01-13 . 5562CC0A47B2AEF06D3417B733F3C195 . 360448 . . [5.1.2600.2827] . . c:\windows\$hf_mig$\KB913446\SP2QFE\tcpip.sys
[-] 2006-01-13 . 583E063FDC888CA30D05C2724B0D7EF4 . 359808 . . [5.1.2600.2827] . . c:\windows\$NtUninstallKB917953$\tcpip.sys
[-] 2004-08-10 . 9F4B36614A0FC234525BA224957DE55C . 359040 . . [5.1.2600.2180] . . c:\windows\$NtUninstallKB913446$\tcpip.sys
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt1]
@="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}]
2013-05-25 00:36 130736 ----a-w- c:\documents and settings\Eddie Doyle\Application Data\Dropbox\bin\DropboxExt.19.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt2]
@="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}]
2013-05-25 00:36 130736 ----a-w- c:\documents and settings\Eddie Doyle\Application Data\Dropbox\bin\DropboxExt.19.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt3]
@="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}]
2013-05-25 00:36 130736 ----a-w- c:\documents and settings\Eddie Doyle\Application Data\Dropbox\bin\DropboxExt.19.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt4]
@="{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}]
2013-05-25 00:36 130736 ----a-w- c:\documents and settings\Eddie Doyle\Application Data\Dropbox\bin\DropboxExt.19.dll
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SetDefaultMIDI"="MIDIDef.exe" [2004-12-22 24576]
"Creative Detector"="c:\program files\Creative\MediaSource\Detector\CTDetect.exe" [2004-12-02 102400]
"DellSupport"="c:\program files\DellSupport\DSAgnt.exe" [2007-03-15 460784]
"DellSupportCenter"="c:\program files\Dell Support Center\bin\sprtcmd.exe" [2009-05-21 206064]
"SUPERAntiSpyware"="c:\program files\SUPERAntiSpyware\SUPERAntiSpyware.exe" [2013-08-15 5703920]
"ctfmon.exe"="c:\windows\system32\ctfmon.exe" [2008-04-14 15360]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ehTray"="c:\windows\ehome\ehtray.exe" [2005-09-29 67584]
"SigmatelSysTrayApp"="stsystra.exe" [2005-03-23 339968]
"ATIPTA"="c:\program files\ATI Technologies\ATI Control Panel\atiptaxx.exe" [2005-08-05 344064]
"IntelMeM"="c:\program files\Intel\Modem Event Monitor\IntelMEM.exe" [2003-09-03 221184]
"CTSysVol"="c:\program files\Creative\SBAudigy\Surround Mixer\CTSysVol.exe" [2005-09-15 57344]
"MBMon"="CTMBHA.DLL" [2005-05-19 1345520]
"UpdReg"="c:\windows\UpdReg.EXE" [2000-05-11 90112]
"VoiceCenter"="c:\program files\Creative\VoiceCenter\AndreaVC.exe" [2005-09-19 1159168]
"ISUSPM Startup"="c:\program files\Common Files\InstallShield\UpdateService\isuspm.exe" [2005-06-10 249856]
"ISUSScheduler"="c:\program files\Common Files\InstallShield\UpdateService\issch.exe" [2005-06-10 81920]
"DLA"="c:\windows\System32\DLA\DLACTRLW.EXE" [2005-09-08 122940]
"DLCDCATS"="c:\windows\System32\spool\DRIVERS\W32X86\3\DLCDtime.dll" [2005-06-07 69632]
"dlcdmon.exe"="c:\program files\Dell Photo AIO Printer 944\dlcdmon.exe" [2005-07-22 430080]
"MemoryCardManager"="c:\program files\Dell Photo AIO Printer 944\memcard.exe" [2005-06-27 282624]
"MSKDetectorExe"="c:\program files\McAfee\SpamKiller\MSKDetct.exe" [2006-11-07 1121280]
"igfxtray"="c:\windows\system32\igfxtray.exe" [2005-10-14 94208]
"igfxhkcmd"="c:\windows\system32\hkcmd.exe" [2005-10-14 77824]
"igfxpers"="c:\windows\system32\igfxpers.exe" [2005-10-14 114688]
"dscactivate"="c:\program files\Dell Support Center\gs_agent\custom\dsca.exe" [2007-11-15 16384]
"DellSupportCenter"="c:\program files\Dell Support Center\bin\sprtcmd.exe" [2009-05-21 206064]
"QuickTime Task"="c:\program files\QuickTime\qttask.exe" [2010-09-08 421888]
"TkBellExe"="c:\program files\Common Files\Real\Update_OB\realsched.exe" [2010-10-05 202256]
"APSDaemon"="c:\program files\Common Files\Apple\Apple Application Support\APSDaemon.exe" [2012-05-30 59280]
"AVG_TRAY"="c:\program files\AVG\AVG2012\avgtray.exe" [2012-11-19 2598520]
"iTunesHelper"="c:\program files\iTunes\iTunesHelper.exe" [2012-06-07 421776]
"Corel Photo Downloader"="c:\program files\Corel\Corel Photo Album 6\MediaDetect.exe" [2005-08-31 106496]
.
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-14 15360]
.
[hkey_local_machine\software\microsoft\windows\currentversion\explorer\ShellExecuteHooks]
"{5AE067D3-9AFB-48E0-853A-EBB7F4A000DA}"= "c:\program files\SUPERAntiSpyware\SASSEH.DLL" [2013-05-07 115440]
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager]
BootExecute REG_MULTI_SZ autocheck autochk *\0c:\progra~1\AVG\AVG2012\avgrsx.exe /sync /restart
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\!SASCORE]
@=""
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]
@="Driver"
.
[HKEY_LOCAL_MACHINE\software\microsoft\security center]
"AntiVirusOverride"=dword:00000001
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"c:\\Program Files\\Messenger\\msmsgs.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"c:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"=
"c:\\Program Files\\Windows Live\\Messenger\\livecall.exe"=
"c:\\Program Files\\Skype\\Plugin Manager\\skypePM.exe"=
"c:\\Program Files\\Skype\\Phone\\Skype.exe"=
"c:\\Program Files\\Bonjour\\mDNSResponder.exe"=
"c:\\Program Files\\AVG\\AVG2012\\avgmfapx.exe"=
"c:\\Program Files\\Common Files\\Apple\\Apple Application Support\\WebKit2WebProcess.exe"=
"c:\\Program Files\\iTunes\\iTunes.exe"=
"c:\\Documents and Settings\\Eddie Doyle\\Application Data\\Dropbox\\bin\\Dropbox.exe"=
"c:\\Program Files\\AVG\\AVG2012\\avgnsx.exe"=
"c:\\Program Files\\AVG\\AVG2012\\avgdiagex.exe"=
.
R0 AVGIDSHX;AVGIDSHX;c:\windows\system32\drivers\avgidshx.sys [19/04/2012 04:50 24896]
R0 Avgrkx86;AVG Anti-Rootkit Driver;c:\windows\system32\drivers\avgrkx86.sys [31/01/2012 04:46 31952]
R1 Avgldx86;AVG AVI Loader Driver;c:\windows\system32\drivers\avgldx86.sys [22/02/2012 05:25 250080]
R1 Avgtdix;AVG TDI Driver;c:\windows\system32\drivers\avgtdix.sys [19/03/2012 05:17 302368]
R1 SASDIFSV;SASDIFSV;c:\program files\SUPERAntiSpyware\sasdifsv.sys [22/07/2011 17:27 12880]
R1 SASKUTIL;SASKUTIL;c:\program files\SUPERAntiSpyware\SASKUTIL.SYS [12/07/2011 22:55 67664]
R2 !SASCORE;SAS Core Service;c:\program files\SUPERAntiSpyware\SASCore.exe [23/05/2013 21:11 119056]
R2 avgwd;AVG WatchDog;c:\program files\AVG\AVG2012\avgwdsvc.exe [14/02/2012 04:53 193288]
R2 TuneUp.UtilitiesSvc;AVG PC TuneUp Service;c:\program files\AVG\AVG PC TuneUp\TuneUpUtilitiesService32.exe [23/08/2012 11:31 1532280]
R3 Avgfwdx;Avgfwdx;c:\windows\system32\drivers\avgfwdx.sys [12/01/2012 19:52 30944]
R3 AVGIDSDriver;AVGIDSDriver;c:\windows\system32\drivers\avgidsdriverx.sys [23/12/2011 13:32 142176]
R3 AVGIDSFilter;AVGIDSFilter;c:\windows\system32\drivers\avgidsfilterx.sys [23/12/2011 13:32 24144]
R3 AVGIDSShim;AVGIDSShim;c:\windows\system32\drivers\avgidsshimx.sys [23/12/2011 13:32 17232]
R3 dlcd_device;dlcd_device;c:\windows\system32\dlcdcoms.exe -service --> c:\windows\system32\dlcdcoms.exe -service [?]
R3 TuneUpUtilitiesDrv;TuneUpUtilitiesDrv;c:\program files\AVG\AVG PC TuneUp\TuneUpUtilitiesDriver32.sys [04/07/2012 15:26 10088]
S2 avgfws;AVG Firewall;c:\program files\AVG\AVG2012\avgfws.exe [05/12/2012 04:44 2321560]
S2 AVGIDSAgent;AVGIDSAgent;c:\program files\AVG\AVG2012\avgidsagent.exe [02/11/2012 04:51 5174392]
S3 Avgfwfd;AVG network filter service;c:\windows\system32\drivers\avgfwdx.sys [12/01/2012 19:52 30944]
S3 Netaapl;Apple Mobile Device Ethernet Service;c:\windows\system32\drivers\netaapl.sys [22/06/2012 13:08 18432]
S3 OXSDIDRV_x32;Oxford Semi eSATA Filter (x32);c:\windows\system32\drivers\OXSDIDRV_x32.sys [28/09/2009 09:55 52656]
S3 OXUDIDRV;OXUDIDRV;c:\windows\system32\drivers\OXUDIDRV_x32.sys [15/04/2012 15:07 24880]
.
--- Other Services/Drivers In Memory ---
.
*NewlyCreated* - WS2IFSL
.
[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{8A69D345-D564-463c-AFF1-A69D9E530F96}]
2013-09-04 17:19 1177552 ----a-w- c:\program files\Google\Chrome\Application\29.0.1547.66\Installer\chrmstp.exe
.
Contents of the 'Scheduled Tasks' folder
.
2013-09-17 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2013-03-06 18:05]
.
2013-09-09 c:\windows\Tasks\AppleSoftwareUpdate.job
- c:\program files\Apple Software Update\SoftwareUpdate.exe [2009-10-22 17:57]
.
2013-09-17 c:\windows\Tasks\Check Updates for Windows Live Toolbar.job
- c:\program files\Windows Live Toolbar\MSNTBUP.EXE [2007-10-19 10:20]
.
2013-09-17 c:\windows\Tasks\Epson Printer Software Downloader.job
- c:\program files\EPSON\EPAPDL\E_SAPDL2.EXE [2009-01-23 14:03]
.
2013-09-17 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files\Google\Update\GoogleUpdate.exe [2010-10-05 17:58]
.
2013-09-17 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files\Google\Update\GoogleUpdate.exe [2010-10-05 17:58]
.
2013-09-17 c:\windows\Tasks\RealUpgradeLogonTaskS-1-5-21-750408315-799292127-717486286-1005.job
- c:\program files\Real\RealUpgrade\realupgrade.exe [2010-06-03 02:02]
.
2013-09-15 c:\windows\Tasks\RealUpgradeScheduledTaskS-1-5-21-750408315-799292127-717486286-1005.job
- c:\program files\Real\RealUpgrade\realupgrade.exe [2010-06-03 02:02]
.
2013-09-16 c:\windows\Tasks\ReclaimerUpdateFiles_Eddie Doyle.job
- c:\documents and settings\Eddie Doyle\Application Data\Real\Update\UpgradeHelper\RealPlayer\10.60\agent\rnupgagent.exe [2013-08-30 16:36]
.
2013-09-16 c:\windows\Tasks\ReclaimerUpdateXML_Eddie Doyle.job
- c:\documents and settings\Eddie Doyle\Application Data\Real\Update\UpgradeHelper\RealPlayer\10.60\agent\rnupgagent.exe [2013-08-30 16:36]
.
2013-09-17 c:\windows\Tasks\RNUpgradeHelperLogonPrompt_Eddie Doyle.job
- c:\documents and settings\Eddie Doyle\Application Data\Real\Update\UpgradeHelper\RealPlayer\10.60\agent\rnupgagent.exe [2013-08-30 16:36]
.
2013-09-17 c:\windows\Tasks\SUPERAntiSpyware Scheduled Task 23b447ea-2f25-49ed-886b-0b0d6682f4c1.job
- c:\program files\SUPERAntiSpyware\SASTask.exe [2013-05-23 20:21]
.
2013-09-17 c:\windows\Tasks\SUPERAntiSpyware Scheduled Task 35a1cc96-5734-456e-98cd-3fb2ecc62ae8.job
- c:\program files\SUPERAntiSpyware\SASTask.exe [2013-05-23 20:21]
.
.

Supplementary Scan

.
uStart Page = hxxp://home.iol.ie/
uSearchMigratedDefaultURL = hxxp://search.yahoo.com/search?p={searchTerms}&ei=utf-8&fr=b1ie7
uDefault_Search_URL = hxxp://www.google.com/ie
uInternet Connection Wizard,ShellNext = iexplore
uInternet Settings,ProxyOverride = *.local;<local>
uSearchAssistant = hxxp://www.google.com/ie
uSearchURL,(Default) = hxxp://www.google.com/search?q=%s
IE: &Windows Live Search - c:\program files\Windows Live Toolbar\msntb.dll/search.htm
IE: Add to Google Photos Screensa&ver - c:\windows\system32\GPhotos.scr/200
IE: Add to Windows &Live Favorites - http://favorites.live.com/quickadd.aspx
TCP: DhcpNameServer = 89.101.160.4 89.101.160.5
FF - ProfilePath - c:\documents and settings\Eddie Doyle\Application Data\Mozilla\Firefox\Profiles\1r4qr5gb.default\
FF - prefs.js: browser.search.selectedEngine - AVG Secure Search
FF - prefs.js: browser.startup.homepage - hxxp://www.google.ie/
FF - prefs.js: keyword.URL - hxxp://search.avg.com/route/?d=4bfe625d&v=6.103.018.001&i=26&tp=ab&iy=&ychte=us&lng=en-GB&q=
FF - prefs.js: network.proxy.type - 1
.
- - - - ORPHANS REMOVED - - - -
.
Toolbar-{CCC7A320-B3CA-4199-B1A6-9F516DD69829} - (no file)
WebBrowser-{CCC7A320-B3CA-4199-B1A6-9F516DD69829} - (no file)
HKLM-Run-alg - c:\windows\alg.exe
HKLM-Run-RegWork - c:\program files\RegWork\RegWork.exe
HKLM-Run-ROC_roc_dec12 - c:\program files\AVG Secure Search\ROC_roc_dec12.exe
Notify-WgaLogon - (no file)
AddRemove-My First CD-ROM - Number - c:\windows\uninst.exe -rDK Interactive Learning\My First CD-ROM - Number\1.1.0.3
.
.
.
**************************************************************************
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2013-09-17 18:50
Windows 5.1.2600 Service Pack 3 NTFS
.
scanning hidden processes ...
.
scanning hidden autostart entries ...
.
HKLM\Software\Microsoft\Windows\CurrentVersion\Run
DLCDCATS = rundll32 c:\windows\System32\spool\DRIVERS\W32X86\3\DLCDtime.dll,_RunDLLEntry@16???????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????
.
scanning hidden files ...
.
scan completed successfully
hidden files: 0
.
**************************************************************************
.

LOCKED REGISTRY KEYS

.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c $:\$ \WINDOWS\\system32\\Macromed\\Flash\\FlashUtil32_11_8_800_174_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\WINDOWS\\system32\\Macromed\\Flash\\FlashUtil32_11_8_800_174_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.

DLLs Loaded Under Running Processes

.
- - - - - - - > 'explorer.exe'(3464)
c:\documents and settings\Eddie Doyle\Application Data\Dropbox\bin\DropboxExt.19.dll
.

Other Running Processes

.
c:\windows\system32\Ati2evxx.exe
c:\program files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
c:\program files\Bonjour\mDNSResponder.exe
c:\windows\system32\CTsvcCDA.exe
c:\windows\eHome\ehRecvr.exe
c:\windows\eHome\ehSched.exe
c:\program files\Dell Support Center\bin\sprtsvc.exe
c:\windows\system32\wdfmgr.exe
c:\windows\ehome\mcrdsvc.exe
c:\windows\stsystra.exe
c:\program files\AVG\AVG PC TuneUp\TuneUpUtilitiesApp32.exe
c:\windows\system32\dllhost.exe
c:\windows\system32\dlcdcoms.exe
c:\program files\iPod\bin\iPodService.exe
c:\windows\eHome\ehmsas.exe
c:\windows\system32\wscntfy.exe
.
**************************************************************************
.
Completion time: 2013-09-17 18:58:22 - machine was rebooted
ComboFix-quarantined-files.txt 2013-09-17 17:58
.
Pre-Run: 102,036,373,504 bytes free
Post-Run: 102,425,387,008 bytes free
.
WindowsXP-KB310994-SP2-Pro-BootDisk-ENU.exe
[boot loader]
timeout=2
default=multi(0)disk(0)rdisk(0)partition(2)\WINDOWS
[operating systems]
c:\cmdcons\BOOTSECT.DAT="Microsoft Windows Recovery Console" /cmdcons
UnsupportedDebug="do not select this" /debug
multi(0)disk(0)rdisk(0)partition(2)\WINDOWS="Windows XP Media Center Edition" /noexecute=optin /fastdetect
.
- - End Of File - - 216B6AE94314468993F4FF2B2AE84F4B
5CB90281D1A59B251F6603134774EEC3

jsa112 · 17-09-2013 10:02pm

update malwarebytes, run a quick scan post that log

Computer very slow

Comments