Advertisement
If you have a new account but are having problems posting or verifying your account, please email us on hello@boards.ie for help. Thanks :)
Hello all! Please ensure that you are posting a new thread or question in the appropriate forum. The Feedback forum is overwhelmed with questions that are having to be moved elsewhere. If you need help to verify your account contact hello@boards.ie
Hi there,
There is an issue with role permissions that is being worked on at the moment.
If you are having trouble with access or permissions on regional forums please post here to get access: https://www.boards.ie/discussion/2058365403/you-do-not-have-permission-for-that#latest
There is an issue with role permissions that is being worked on at the moment.
If you are having trouble with access or permissions on regional forums please post here to get access: https://www.boards.ie/discussion/2058365403/you-do-not-have-permission-for-that#latest
Computer very slow
-
04-09-2013 7:10pmHi,
Ran OLT and got this but don't know what to do now.
OLT.exe
OTL logfile created on: 04/09/2013 19:55:55 - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Documents and Settings\Eddie Doyle\My Documents\Downloads
Windows XP Media Center Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 7.0.5730.11)
Locale: 00001809 | Country: Ireland | Language: ENI | Date Format: dd/MM/yyyy
1022.07 Mb Total Physical Memory | 217.63 Mb Available Physical Memory | 21.29% Memory free
2.40 Gb Paging File | 1.60 Gb Available in Paging File | 66.73% Paging File free
Paging file location(s): C:\pagefile.sys 1536 3072 [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 144.30 Gb Total Space | 92.97 Gb Free Space | 64.43% Space Free | Partition Type: NTFS
Computer Name: DDRK132J | User Name: Eddie Doyle | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
========== Processes (SafeList) ==========
PRC - [2013/09/04 19:55:44 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Eddie Doyle\My Documents\Downloads\OTL.exe
PRC - [2013/09/04 19:50:37 | 000,059,964 | ---- | M] (Macrovision Europe Ltd.) -- C:\Documents and Settings\Eddie Doyle\Local Settings\Temp\clclean.0001
PRC - [2013/09/02 21:35:59 | 000,829,392 | ---- | M] (Google Inc.) -- C:\Program Files\Google\Chrome\Application\chrome.exe
PRC - [2013/05/25 01:47:30 | 027,776,968 | ---- | M] (Dropbox, Inc.) -- C:\Documents and Settings\Eddie Doyle\Application Data\Dropbox\bin\Dropbox.exe
PRC - [2013/02/27 17:38:44 | 001,259,568 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG2012\avgnsx.exe
PRC - [2013/02/05 16:48:44 | 000,272,248 | ---- | M] (McAfee, Inc.) -- C:\Program Files\McAfee Security Scan\3.0.318\SSScheduler.exe
PRC - [2012/12/05 04:44:54 | 002,321,560 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG2012\avgfws.exe
PRC - [2012/11/19 18:25:32 | 002,598,520 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG2012\avgtray.exe
PRC - [2012/11/08 04:51:06 | 000,768,632 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG2012\avgrsx.exe
PRC - [2012/11/02 04:51:18 | 005,174,392 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG2012\avgidsagent.exe
PRC - [2012/08/23 11:31:24 | 001,532,280 | ---- | M] (AVG) -- C:\Program Files\AVG\AVG PC TuneUp\TuneUpUtilitiesService32.exe
PRC - [2012/08/23 11:31:24 | 001,222,008 | ---- | M] (AVG) -- C:\Program Files\AVG\AVG PC TuneUp\TuneUpUtilitiesApp32.exe
PRC - [2012/02/14 04:53:38 | 000,193,288 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG2012\avgwdsvc.exe
PRC - [2012/02/14 04:52:38 | 000,338,784 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG2012\avgcsrvx.exe
PRC - [2010/10/05 18:58:12 | 000,488,968 | ---- | M] (RealNetworks, Inc.) -- C:\Program Files\Real\RealPlayer\realplay.exe
PRC - [2010/10/05 18:58:08 | 000,202,256 | ---- | M] (RealNetworks, Inc.) -- C:\Program Files\Common Files\Real\Update_OB\realsched.exe
PRC - [2009/05/21 10:55:32 | 000,206,064 | ---- | M] (SupportSoft, Inc.) -- C:\Program Files\Dell Support Center\bin\sprtcmd.exe
PRC - [2009/02/13 07:00:00 | 000,199,680 | ---- | M] (SEIKO EPSON CORPORATION) -- C:\WINDOWS\system32\spool\drivers\w32x86\3\E_FATIFME.EXE
PRC - [2008/08/13 18:32:40 | 000,201,968 | ---- | M] (SupportSoft, Inc.) -- C:\Program Files\Dell Support Center\bin\sprtsvc.exe
PRC - [2008/04/14 01:12:19 | 001,033,728 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
PRC - [2007/03/15 11:09:36 | 000,460,784 | ---- | M] (Gteko Ltd.) -- C:\Program Files\DellSupport\DSAgnt.exe
PRC - [2006/02/06 19:44:11 | 000,069,632 | ---- | M] (Creative Labs) -- C:\Program Files\Common Files\Creative Labs Shared\Service\CreativeLicensing.exe
PRC - [2005/09/23 22:05:26 | 000,029,696 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
PRC - [2005/09/19 08:42:06 | 001,159,168 | ---- | M] (Andrea Electronics Corporation) -- C:\Program Files\Creative\VoiceCenter\AndreaVC.exe
PRC - [2005/09/15 10:47:22 | 000,057,344 | ---- | M] (Creative Technology Ltd) -- C:\Program Files\Creative\SBAudigy\Surround Mixer\CTSysVol.exe
PRC - [2005/09/08 06:20:00 | 000,122,940 | ---- | M] (Sonic Solutions) -- C:\WINDOWS\system32\DLA\DLACTRLW.EXE
PRC - [2005/08/31 12:06:18 | 000,106,496 | ---- | M] (Corel, Inc.) -- C:\Program Files\Corel\Corel Photo Album 6\MediaDetect.exe
PRC - [2005/07/22 08:45:16 | 000,430,080 | ---- | M] (Dell) -- C:\Program Files\Dell Photo AIO Printer 944\dlcdmon.exe
PRC - [2005/06/21 09:19:38 | 000,491,520 | ---- | M] () -- C:\WINDOWS\system32\dlcdcoms.exe
PRC - [2005/03/23 01:20:44 | 000,339,968 | ---- | M] (SigmaTel, Inc.) -- C:\WINDOWS\stsystra.exe
PRC - [2004/12/02 19:23:34 | 000,102,400 | ---- | M] (Creative Technology Ltd) -- C:\Program Files\Creative\MediaSource\Detector\CTDetect.exe
========== Modules (No Company Name) ==========
MOD - [2013/09/04 19:50:37 | 000,697,884 | ---- | M] () -- C:\Documents and Settings\Eddie Doyle\Local Settings\Temp\clclean.0001.dir.0005\~df394b.tmp
MOD - [2013/09/02 21:35:56 | 000,410,576 | ---- | M] () -- C:\Program Files\Google\Chrome\Application\29.0.1547.66\ppgooglenaclpluginchrome.dll
MOD - [2013/09/02 21:35:55 | 013,599,184 | ---- | M] () -- C:\Program Files\Google\Chrome\Application\29.0.1547.66\PepperFlash\pepflashplayer.dll
MOD - [2013/09/02 21:35:54 | 004,053,456 | ---- | M] () -- C:\Program Files\Google\Chrome\Application\29.0.1547.66\pdf.dll
MOD - [2013/09/02 21:35:01 | 001,604,560 | ---- | M] () -- C:\Program Files\Google\Chrome\Application\29.0.1547.66\ffmpegsumo.dll
MOD - [2013/03/13 21:48:52 | 024,978,944 | ---- | M] () -- C:\Documents and Settings\Eddie Doyle\Application Data\Dropbox\bin\libcef.dll
MOD - [2012/11/14 00:32:50 | 003,558,400 | ---- | M] () -- C:\Documents and Settings\Eddie Doyle\Application Data\Dropbox\bin\wxmsw28uh_vc.dll
MOD - [2012/04/15 15:06:07 | 005,640,192 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Xml\d323ae2c73a139469bee0f4775b1011b\System.Xml.ni.dll
MOD - [2012/04/15 15:05:16 | 008,093,696 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System\2f7626c2764d624b96008aaa7a77d824\System.ni.dll
MOD - [2012/04/15 15:04:48 | 011,411,456 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\mscorlib\88d80a44c621044ea44d87326b70b852\mscorlib.ni.dll
MOD - [2011/11/02 00:26:32 | 000,087,912 | ---- | M] () -- C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
MOD - [2011/11/02 00:26:12 | 001,242,472 | ---- | M] () -- C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll
MOD - [2010/10/05 18:59:31 | 000,040,960 | ---- | M] () -- C:\Documents and Settings\All Users\Application Data\Real\RealPlayer\BrowserRecordPlugin\Chrome\Hook\rpchromebrowserrecordhelper.dll
MOD - [2008/12/20 23:14:38 | 001,288,192 | ---- | M] () -- C:\WINDOWS\system32\quartz.dll
MOD - [2008/11/03 22:19:23 | 002,326,528 | ---- | M] () -- c:\WINDOWS\assembly\NativeImages1_v1.1.4322\EhCM\6.0.3000.0__31bf3856ad364e35_e1a06a1e\EhCM.dll
MOD - [2008/11/03 22:19:12 | 001,302,528 | ---- | M] () -- c:\WINDOWS\assembly\NativeImages1_v1.1.4322\ehepg\6.0.3000.0__31bf3856ad364e35_572d0778\ehepg.dll
MOD - [2008/11/03 22:18:52 | 000,565,248 | ---- | M] () -- c:\WINDOWS\assembly\NativeImages1_v1.1.4322\ehiProxy\6.0.3000.0__31bf3856ad364e35_821fd25e\ehiProxy.dll
MOD - [2008/11/03 22:18:43 | 000,167,936 | ---- | M] () -- c:\WINDOWS\assembly\NativeImages1_v1.1.4322\ehepgdat\6.0.3000.0__31bf3856ad364e35_720dab11\ehepgdat.dll
MOD - [2008/11/03 22:18:36 | 000,159,744 | ---- | M] () -- c:\WINDOWS\assembly\NativeImages1_v1.1.4322\ehCIR\6.0.3000.0__31bf3856ad364e35_2f6143d1\ehCIR.dll
MOD - [2008/11/03 22:18:33 | 000,684,032 | ---- | M] () -- c:\WINDOWS\assembly\NativeImages1_v1.1.4322\ehRecObj\6.0.3000.0__31bf3856ad364e35_f0859860\ehRecObj.dll
MOD - [2008/04/14 01:12:03 | 000,192,512 | ---- | M] () -- C:\WINDOWS\system32\qcap.dll
MOD - [2008/04/14 01:11:59 | 000,014,336 | ---- | M] () -- C:\WINDOWS\system32\msdmo.dll
MOD - [2008/04/14 01:11:51 | 000,059,904 | ---- | M] () -- C:\WINDOWS\system32\devenum.dll
MOD - [2007/07/11 15:04:33 | 003,391,488 | ---- | M] () -- c:\WINDOWS\assembly\NativeImages1_v1.1.4322\mscorlib\1.0.5000.0__b77a5c561934e089_c3deb190\mscorlib.dll
MOD - [2007/07/11 15:04:04 | 001,966,080 | ---- | M] () -- c:\WINDOWS\assembly\NativeImages1_v1.1.4322\System\1.0.5000.0__b77a5c561934e089_1d458190\System.dll
MOD - [2005/08/16 22:02:52 | 000,066,560 | ---- | M] () -- c:\WINDOWS\assembly\GAC\System.EnterpriseServices\1.0.5000.0__b03f5f7f11d50a3a\system.enterpriseservices.thunk.dll
MOD - [2005/08/05 15:01:54 | 000,282,112 | ---- | M] () -- C:\WINDOWS\system32\sbe.dll
MOD - [2005/06/21 09:22:06 | 000,483,328 | ---- | M] () -- C:\WINDOWS\system32\dlcdlmpm.dll
MOD - [2005/06/21 09:19:38 | 000,491,520 | ---- | M] () -- C:\WINDOWS\system32\dlcdcoms.exe
MOD - [2005/06/21 09:18:24 | 000,155,648 | ---- | M] () -- C:\WINDOWS\system32\dlcdprox.dll
MOD - [2005/06/06 04:59:00 | 000,065,536 | ---- | M] () -- C:\Program Files\Dell Photo AIO Printer 944\dlcdcfg.dll
MOD - [2005/05/19 09:54:00 | 001,345,520 | ---- | M] () -- C:\WINDOWS\system32\CTMBHA.DLL
MOD - [2005/04/28 02:43:08 | 000,122,880 | ---- | M] () -- C:\Program Files\Dell Photo AIO Printer 944\dlcddrec.dll
MOD - [2003/03/20 17:11:02 | 000,073,728 | ---- | M] () -- C:\Program Files\Creative\VoiceCenter\AEWave.ax
========== Services (SafeList) ==========
SRV - File not found [Disabled | Stopped] -- %SystemRoot%\System32\hidserv.dll -- (HidServ)
SRV - File not found [Auto | Stopped] -- C:\WINDOWS\system32\2014298250u.exe srv -- (ClipSrvSharedAccess)
SRV - [2013/08/30 19:05:46 | 000,257,416 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2013/02/05 16:48:00 | 000,235,216 | ---- | M] (McAfee, Inc.) [On_Demand | Stopped] -- C:\Program Files\McAfee Security Scan\3.0.318\McCHSvc.exe -- (McComponentHostService)
SRV - [2012/12/05 04:44:54 | 002,321,560 | ---- | M] (AVG Technologies CZ, s.r.o.) [Auto | Running] -- C:\Program Files\AVG\AVG2012\avgfws.exe -- (avgfws)
SRV - [2012/11/02 04:51:18 | 005,174,392 | ---- | M] (AVG Technologies CZ, s.r.o.) [Auto | Running] -- C:\Program Files\AVG\AVG2012\avgidsagent.exe -- (AVGIDSAgent)
SRV - [2012/08/23 11:31:24 | 001,532,280 | ---- | M] (AVG) [Auto | Running] -- C:\Program Files\AVG\AVG PC TuneUp\TuneUpUtilitiesService32.exe -- (TuneUp.UtilitiesSvc)
SRV - [2012/02/14 04:53:38 | 000,193,288 | ---- | M] (AVG Technologies CZ, s.r.o.) [Auto | Running] -- C:\Program Files\AVG\AVG2012\avgwdsvc.exe -- (avgwd)
SRV - [2008/08/13 18:32:40 | 000,201,968 | ---- | M] (SupportSoft, Inc.) [Auto | Running] -- C:\Program Files\Dell Support Center\bin\sprtsvc.exe -- (sprtsvc_dellsupportcenter)
SRV - [2007/03/07 15:47:46 | 000,076,848 | ---- | M] () [On_Demand | Stopped] -- C:\Program Files\DellSupport\brkrsvc.exe -- (DSBrokerService)
SRV - [2006/02/06 19:44:11 | 000,069,632 | ---- | M] (Creative Labs) [On_Demand | Running] -- C:\Program Files\Common Files\Creative Labs Shared\Service\CreativeLicensing.exe -- (Creative Labs Licensing Service)
SRV - [2005/06/21 09:19:38 | 000,491,520 | ---- | M] () [On_Demand | Running] -- C:\WINDOWS\system32\dlcdcoms.exe -- (dlcd_device)
========== Driver Services (SafeList) ==========
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (WDICA)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDRFRAME)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDRELI)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDFRAME)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDCOMP)
DRV - File not found [Kernel | System | Stopped] -- -- (PCIDump)
DRV - File not found [Kernel | System | Stopped] -- -- (lbrtfdc)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\ewusbmdm.sys -- (hwdatacard)
DRV - File not found [Kernel | System | Stopped] -- -- (Changer)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (bvrp_pci)
DRV - [2013/04/11 03:18:40 | 000,302,368 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\avgtdix.sys -- (Avgtdix)
DRV - [2012/12/10 04:28:36 | 000,142,176 | ---- | M] (AVG Technologies CZ, s.r.o. ) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\avgidsdriverx.sys -- (AVGIDSDriver)
DRV - [2012/11/08 04:49:26 | 000,250,080 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\avgldx86.sys -- (Avgldx86)
DRV - [2012/07/04 15:26:12 | 000,010,088 | ---- | M] (TuneUp Software) [Kernel | On_Demand | Running] -- C:\Program Files\AVG\AVG PC TuneUp\TuneUpUtilitiesDriver32.sys -- (TuneUpUtilitiesDrv)
DRV - [2012/04/19 04:50:26 | 000,024,896 | ---- | M] (AVG Technologies CZ, s.r.o. ) [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\avgidshx.sys -- (AVGIDSHX)
DRV - [2012/01/31 04:46:50 | 000,031,952 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | Boot | Running] -- C:\WINDOWS\system32\drivers\avgrkx86.sys -- (Avgrkx86)
DRV - [2012/01/12 19:52:06 | 000,030,944 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\avgfwdx.sys -- (Avgfwfd)
DRV - [2012/01/12 19:52:06 | 000,030,944 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\avgfwdx.sys -- (Avgfwdx)
DRV - [2011/12/23 13:32:14 | 000,041,040 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | System | Running] -- C:\WINDOWS\system32\drivers\avgmfx86.sys -- (Avgmfx86)
DRV - [2011/12/23 13:32:08 | 000,017,232 | ---- | M] (AVG Technologies CZ, s.r.o. ) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\avgidsshimx.sys -- (AVGIDSShim)
DRV - [2011/12/23 13:32:06 | 000,024,144 | ---- | M] (AVG Technologies CZ, s.r.o. ) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\avgidsfilterx.sys -- (AVGIDSFilter)
DRV - [2011/08/02 18:38:44 | 000,018,432 | ---- | M] (Apple Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\netaapl.sys -- (Netaapl)
DRV - [2010/05/25 09:14:34 | 000,024,880 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\OXUDIDRV_x32.sys -- (OXUDIDRV)
DRV - [2009/09/28 09:55:38 | 000,052,656 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\OXSDIDRV_x32.sys -- (OXSDIDRV_x32)
DRV - [2009/06/15 07:18:26 | 000,000,000 | ---- | M] () [Kernel | System | Stopped] -- C:\WINDOWS\system32\drivers\glaide32.sys -- (glaide32)
DRV - [2007/02/25 12:10:48 | 000,005,376 | --S- | M] (Gteko Ltd.) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\dsunidrv.sys -- (dsunidrv)
DRV - [2006/10/05 16:07:28 | 000,004,736 | ---- | M] (Gteko Ltd.) [Kernel | On_Demand | Running] -- C:\Program Files\DellSupport\GTAction\triggers\DSproct.sys -- (DSproct)
DRV - [2005/09/22 19:19:54 | 000,148,608 | ---- | M] (Hauppauge Computer Works, Inc.) [23|25|26]xxx) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\hcwPP2.sys -- (hcwPP2)
DRV - [2005/09/08 06:20:00 | 000,094,332 | ---- | M] (Sonic Solutions) [File_System | Auto | Running] -- C:\WINDOWS\system32\DLA\DLAUDFAM.SYS -- (DLAUDFAM)
DRV - [2005/09/08 06:20:00 | 000,087,036 | ---- | M] (Sonic Solutions) [File_System | Auto | Running] -- C:\WINDOWS\system32\DLA\DLAUDF_M.SYS -- (DLAUDF_M)
DRV - [2005/09/08 06:20:00 | 000,086,524 | ---- | M] (Sonic Solutions) [File_System | Auto | Running] -- C:\WINDOWS\system32\DLA\DLAIFS_M.SYS -- (DLAIFS_M)
DRV - [2005/09/08 06:20:00 | 000,025,628 | ---- | M] (Sonic Solutions) [File_System | Auto | Running] -- C:\WINDOWS\system32\DLA\DLABOIOM.SYS -- (DLABOIOM)
DRV - [2005/09/08 06:20:00 | 000,014,684 | ---- | M] (Sonic Solutions) [File_System | Auto | Running] -- C:\WINDOWS\system32\DLA\DLAOPIOM.SYS -- (DLAOPIOM)
DRV - [2005/09/08 06:20:00 | 000,006,364 | ---- | M] (Sonic Solutions) [File_System | Auto | Running] -- C:\WINDOWS\system32\DLA\DLAPoolM.SYS -- (DLAPoolM)
DRV - [2005/09/08 06:20:00 | 000,002,496 | ---- | M] (Sonic Solutions) [File_System | Auto | Running] -- C:\WINDOWS\system32\DLA\DLADResN.SYS -- (DLADResN)
DRV - [2005/08/25 13:16:52 | 000,005,628 | ---- | M] (Sonic Solutions) [File_System | System | Running] -- C:\WINDOWS\system32\drivers\DLACDBHM.SYS -- (DLACDBHM)
DRV - [2005/08/25 13:16:16 | 000,022,684 | ---- | M] (Sonic Solutions) [File_System | System | Running] -- C:\WINDOWS\system32\drivers\DLARTL_N.SYS -- (DLARTL_N)
DRV - [2005/08/04 05:10:18 | 001,273,344 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ati2mtag.sys -- (ati2mtag)
DRV - [2005/06/06 22:40:48 | 000,180,736 | ---- | M] (SigmaTel, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\sthda.sys -- (STHDA)
DRV - [2005/05/25 23:34:00 | 000,158,464 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\CTUSFSYN.SYS -- (CTUSFSYN)
DRV - [2005/03/25 17:11:00 | 001,350,272 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\sigfilt.sys -- (sigfilt)
DRV - [2005/01/11 01:15:00 | 000,138,752 | ---- | M] (Creative Technology Ltd) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\CTSFM2K.SYS -- (ctsfm2k)
DRV - [2005/01/11 01:15:00 | 000,106,496 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\CTOSS2K.SYS -- (ossrv)
DRV - [2004/06/16 04:52:40 | 000,061,157 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\IntelC53.sys -- (IntelC53)
DRV - [2004/03/06 05:15:34 | 000,647,929 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\IntelC52.sys -- (IntelC52)
DRV - [2004/03/06 05:14:42 | 001,233,525 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\IntelC51.sys -- (IntelC51)
DRV - [2004/03/06 05:13:38 | 000,037,048 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\mohfilt.sys -- (mohfilt)
========== Standard Registry (SafeList) ==========
========== Internet Explorer ==========
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm
IE - HKLM\..\SearchScopes,DefaultScope = {CCC7A320-B3CA-4199-B1A6-9F516DD69829}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://search.live.com/results.aspx?q={searchTerms}&src={referrer:source?}
IE - HKLM\..\SearchScopes\{CCC7A320-B3CA-4199-B1A6-9F516DD69829}: "URL" = http://us.yhs.search.yahoo.com/avg/search?fr=yhs-avg-chrome&type=yahoo_avg_hs2-tb-web_chrome_us&p={searchTerms}
IE - HKU\.DEFAULT\..\URLSearchHook: {A3BC75A2-1F87-4686-AA43-5347D756017C} - No CLSID value found
IE - HKU\.DEFAULT\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKU\.DEFAULT\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://search.live.com/results.aspx?q={searchTerms}&src={referrer:source?}
IE - HKU\.DEFAULT\..\SearchScopes\{CCC7A320-B3CA-4199-B1A6-9F516DD69829}: "URL" = http://us.yhs.search.yahoo.com/avg/search?fr=yhs-avg-chrome&type=yahoo_avg_hs2-tb-web_chrome_us&p={searchTerms}
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-18\..\URLSearchHook: {A3BC75A2-1F87-4686-AA43-5347D756017C} - No CLSID value found
IE - HKU\S-1-5-18\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKU\S-1-5-18\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://search.live.com/results.aspx?q={searchTerms}&src={referrer:source?}
IE - HKU\S-1-5-18\..\SearchScopes\{CCC7A320-B3CA-4199-B1A6-9F516DD69829}: "URL" = http://us.yhs.search.yahoo.com/avg/search?fr=yhs-avg-chrome&type=yahoo_avg_hs2-tb-web_chrome_us&p={searchTerms}
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-750408315-799292127-717486286-1005\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://home.iol.ie
IE - HKU\S-1-5-21-750408315-799292127-717486286-1005\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.google.com/ie
IE - HKU\S-1-5-21-750408315-799292127-717486286-1005\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = http://www.google.com/ie
IE - HKU\S-1-5-21-750408315-799292127-717486286-1005\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.google.com
IE - HKU\S-1-5-21-750408315-799292127-717486286-1005\SOFTWARE\Microsoft\Internet Explorer\Main,SearchMigratedDefaultName = Yahoo! Search
IE - HKU\S-1-5-21-750408315-799292127-717486286-1005\SOFTWARE\Microsoft\Internet Explorer\Main,SearchMigratedDefaultURL = http://search.yahoo.com/search?p={searchTerms}&ei=utf-8&fr=b1ie7
IE - HKU\S-1-5-21-750408315-799292127-717486286-1005\SOFTWARE\Microsoft\Internet Explorer\Main,Secondary Start Pages = http://www.google.ie/ [binary data]
IE - HKU\S-1-5-21-750408315-799292127-717486286-1005\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://home.iol.ie/
IE - HKU\S-1-5-21-750408315-799292127-717486286-1005\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL = http://www.google.com/ie
IE - HKU\S-1-5-21-750408315-799292127-717486286-1005\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.google.com/ie
IE - HKU\S-1-5-21-750408315-799292127-717486286-1005\..\SearchScopes,DefaultScope = {95B7759C-8C7F-4BF1-B163-73684A933233}
IE - HKU\S-1-5-21-750408315-799292127-717486286-1005\..\SearchScopes\{0CED612F-BB67-47B4-82FA-3EF8844BA4D9}: "URL" = http://search.live.com/results.aspx?q={searchTerms}&src={referrer:source?}
IE - HKU\S-1-5-21-750408315-799292127-717486286-1005\..\SearchScopes\{0D33735F-1B1C-4234-A10F-AE9E5C06DF27}: "URL" = http://www.google.com/search?q={searchTerms}&sourceid=ie7&rls=com.microsoft:en-US&ie=utf8&oe=utf8
IE - HKU\S-1-5-21-750408315-799292127-717486286-1005\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.com/search?q={sear
IE - HKU\S-1-5-21-750408315-799292127-717486286-1005\..\SearchScopes\{95B7759C-8C7F-4BF1-B163-73684A933233}: "URL" = http://isearch.avg.com/search?cid={5EBB6C6C-A61D-485B-9BA2-B8E57EF116E5}&mid=536eee8f59e782060cada498709fad2f-415bc378eae34b742cd0a550d9649e5cffba64f6&lang=us&ds=AVG&pr=pa&d=2011-12-03 15:47:15&v=10.0.0.7&sap=dsp&q={searchTerms}
IE - HKU\S-1-5-21-750408315-799292127-717486286-1005\..\SearchScopes\{F3DA1C21-B22D-40A8-91F9-52314F30CE99}: "URL" = http://search.yahoo.com/search?p={searchTerms}&ei=utf-8&fr=b1ie7
IE - HKU\S-1-5-21-750408315-799292127-717486286-1005\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-750408315-799292127-717486286-1005\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local;<local>
========== FireFox ==========
FF - prefs.js..browser.search.defaultenginename: "AVG Secure Search"
FF - prefs.js..browser.search.selectedEngine: "AVG Secure Search"
FF - prefs.js..extensions.enabledItems: jqs@sun.com:1.0
FF - prefs.js..extensions.enabledItems: {ABDE892B-13A8-4d1b-88E6-365A6E755758}:1.1.5
FF - prefs.js..extensions.enabledItems: {AB2CE124-6272-4b12-94A9-7303C7397BD1}:5.0.0.6906
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}:6.0.22
FF - prefs.js..extensions.enabledItems: avg@igeared:6.103.018.001
FF - prefs.js..keyword.URL: "http://search.avg.com/route/?d=4bfe625d&v=6.103.018.001&i=26&tp=ab&iy=&ychte=us&lng=en-GB&q="
FF - prefs.js..network.proxy.no_proxies_on: "localho,t,127.0.0.1,*.local"
FF - prefs.js..network.proxy.type: 1
FF - user.js - File not found
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\WINDOWS\system32\Macromed\Flash\NPSWF32_11_8_800_94.dll ()
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@google.com/npPicasa3,version=3.0.0: C:\Program Files\Google\Picasa3\npPicasa3.dll (Google, Inc.)
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.25.2: C:\WINDOWS\system32\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre7\bin\new_plugin\npjp2.dll File not found
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.25.2: C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@mcafee.com/McAfeeMssPlugin: C:\Program Files\McAfee Security Scan\3.0.318\npMcAfeeMss.dll (McAfee, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nppl3260;version=6.0.12.775: C:\Program Files\Real\RealPlayer\Netscape6\nppl3260.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprjplug;version=1.0.3.775: C:\Program Files\Real\RealPlayer\Netscape6\nprjplug.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprphtml5videoshim;version=1.0.0.0: C:\Documents and Settings\All Users\Application Data\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprpjplug;version=6.0.12.775: C:\Program Files\Real\RealPlayer\Netscape6\nprpjplug.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nsJSRealPlayerPlugin;version=: File not found
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.21.153\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.21.153\npGoogleUpdate3.dll (Google Inc.)
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\extensions\\{ABDE892B-13A8-4d1b-88E6-365A6E755758}: C:\Documents and Settings\All Users\Application Data\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext [2010/10/05 18:59:32 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\extensions\\{1E73965B-8B48-48be-9C8D-68B920ABC1C4}: C:\Program Files\AVG\AVG2012\Firefox4\ [2013/05/15 08:32:54 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\extensions\\{F53C93F1-07D5-430c-86D4-C9531B27DFAF}: C:\Program Files\AVG\AVG2012\Firefox\DoNotTrack\ [2012/07/03 10:01:26 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 3.6.12\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2010/10/28 11:26:17 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 3.6.12\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2013/06/11 11:39:52 | 000,000,000 | ---D | M]
[2010/10/28 11:26:27 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Eddie Doyle\Application Data\Mozilla\Extensions
[2010/10/28 11:26:27 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Eddie Doyle\Application Data\Mozilla\Firefox\Profiles\1r4qr5gb.default\extensions
[2013/06/23 14:03:17 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions
[2011/01/03 12:46:10 | 000,000,000 | ---D | M] (Skype extension) -- C:\Program Files\Mozilla Firefox\extensions\{AB2CE124-6272-4b12-94A9-7303C7397BD1}
[2010/10/27 06:24:34 | 000,001,538 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\amazon-en-GB.xml
[2012/04/18 12:49:08 | 000,003,766 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\avg-secure-search.xml
[2010/10/27 06:24:34 | 000,000,947 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\chambers-en-GB.xml
[2010/10/27 06:24:34 | 000,000,769 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\eBay-en-GB.xml
[2010/10/27 06:24:34 | 000,001,135 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\yahoo-en-GB.xml
========== Chrome ==========
CHR - default_search_provider: AVG Secure Search (Enabled)
CHR - default_search_provider: search_url = http://isearch.avg.com/search?cid={5EBB6C6C-A61D-485B-9BA2-B8E57EF116E5}&mid=536eee8f59e782060cada498709fad2f-415bc378eae34b742cd0a550d9649e5cffba64f6&lang=us&ds=AVG&pr=pa&d=2011-12-03 15:47:15&v=11.0.0.9&sap=dsp&q={searchTerms}
CHR - default_search_provider: suggest_url = http://clients5.google.com/complete/search?hl={language}&q={searchTerms}&client=ie8&inputencoding={inputEncoding}&outputencoding={outputEncoding}
CHR - homepage: http://www.google.com/
CHR - plugin: Remoting Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Program Files\Google\Chrome\Application\29.0.1547.66\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Program Files\Google\Chrome\Application\29.0.1547.66\pdf.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Program Files\Google\Chrome\Application\29.0.1547.66\gcswf32.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\WINDOWS\system32\Macromed\Flash\NPSWF32.dll
CHR - plugin: Skype Toolbars (Enabled) = C:\Documents and Settings\Eddie Doyle\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl\5.0.0.6907_0\npSkypeChromePlugin.dll
CHR - plugin: Adobe Acrobat (Disabled) = C:\Program Files\Adobe\Acrobat 7.0\Reader\Browser\nppdf32.dll
CHR - plugin: Java Deployment Toolkit 6.0.220.4 (Enabled) = C:\Program Files\Java\jre6\bin\new_plugin\npdeployJava1.dll
CHR - plugin: Java(TM) Platform SE 6 U22 (Enabled) = C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll
CHR - plugin: QuickTime Plug-in 7.6.8 (Enabled) = C:\Program Files\QuickTime\plugins\npqtplugin.dll
CHR - plugin: QuickTime Plug-in 7.6.8 (Enabled) = C:\Program Files\QuickTime\plugins\npqtplugin2.dll
CHR - plugin: QuickTime Plug-in 7.6.8 (Enabled) = C:\Program Files\QuickTime\plugins\npqtplugin3.dll
CHR - plugin: QuickTime Plug-in 7.6.8 (Enabled) = C:\Program Files\QuickTime\plugins\npqtplugin4.dll
CHR - plugin: QuickTime Plug-in 7.6.8 (Enabled) = C:\Program Files\QuickTime\plugins\npqtplugin5.dll
CHR - plugin: QuickTime Plug-in 7.6.8 (Enabled) = C:\Program Files\QuickTime\plugins\npqtplugin6.dll
CHR - plugin: QuickTime Plug-in 7.6.8 (Enabled) = C:\Program Files\QuickTime\plugins\npqtplugin7.dll
CHR - plugin: RealPlayer(tm) HTML5VideoShim Plug-In (32-bit) (Enabled) = C:\Documents and Settings\All Users\Application Data\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll
CHR - plugin: RealPlayer(tm) G2 LiveConnect-Enabled Plug-In (32-bit) (Enabled) = C:\Program Files\Real\RealPlayer\Netscape6\nppl3260.dll
CHR - plugin: RealPlayer Version Plugin (Enabled) = C:\Program Files\Real\RealPlayer\Netscape6\nprpjplug.dll
CHR - plugin: AVG SiteSafety plugin (Enabled) = C:\Program Files\Common Files\AVG Secure Search\SiteSafetyInstaller\11.0.2\\npsitesafety.dll
CHR - plugin: Picasa (Enabled) = C:\Program Files\Google\Picasa3\npPicasa3.dll
CHR - plugin: Google Update (Enabled) = C:\Program Files\Google\Update\1.3.21.111\npGoogleUpdate3.dll
CHR - plugin: RealJukebox NS Plugin (Enabled) = C:\Program Files\Real\RealPlayer\Netscape6\nprjplug.dll
CHR - plugin: iTunes Application Detector (Enabled) = C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll
CHR - Extension: YouTube = C:\Documents and Settings\Eddie Doyle\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.6_0\
CHR - Extension: Google Search = C:\Documents and Settings\Eddie Doyle\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_0\
CHR - Extension: RealPlayer HTML5Video Downloader Extension = C:\Documents and Settings\Eddie Doyle\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\jfmjfhklogoienhpfnppmbcbjfjnkonk\1.2_0\
CHR - Extension: AVG Safe Search = C:\Documents and Settings\Eddie Doyle\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\jmfkcklnlgedgbglfkkgedjfmejoahla\12.0.0.2210_0\
CHR - Extension: Skype Extension = C:\Documents and Settings\Eddie Doyle\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl\5.0.0.6907_0\
CHR - Extension: AVG Do Not Track = C:\Documents and Settings\Eddie Doyle\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\ndibdjnfmopecpmkdieinmbadjfpblof\12.0.0.2166_0\
CHR - Extension: Chrome In-App Payments service = C:\Documents and Settings\Eddie Doyle\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.4.10_0\
CHR - Extension: Gmail = C:\Documents and Settings\Eddie Doyle\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_1\
O1 HOSTS File: ([2004/08/10 06:00:00 | 000,000,734 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (Adobe PDF Reader Link Helper) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
O2 - BHO: (MSS+ Identifier) - {0E8A89AD-95D7-40EB-8D9D-083EF7066A01} - C:\Program Files\McAfee Security Scan\3.0.318\McAfeeMSS_IE.dll (McAfee, Inc.)
O2 - BHO: (RealPlayer Download and Record Plugin for Internet Explorer) - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Documents and Settings\All Users\Application Data\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll (RealPlayer)
O2 - BHO: (AVG Do Not Track) - {31332EEF-CB9F-458F-AFEB-D30E9A66B6BA} - C:\Program Files\AVG\AVG2012\avgdtiex.dll (AVG Technologies CZ, s.r.o.)
O2 - BHO: (AVG Safe Search) - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG2012\avgssie.dll (AVG Technologies CZ, s.r.o.)
O2 - BHO: (DriveLetterAccess) - {5CA3D70E-1895-11CF-8E15-001234567890} - C:\WINDOWS\system32\DLA\DLASHX_W.DLL (Sonic Solutions)
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - No CLSID value found.
O2 - BHO: (Easy Photo Print) - {9421DD08-935F-4701-A9CA-22DF90AC4EA6} - C:\Program Files\Epson Software\Easy Photo Print\EPTBL.dll (SEIKO EPSON CORPORATION / CyCom Technology Corp.)
O2 - BHO: (Skype Plug-In) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O2 - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.7.8313.1002\swg.dll (Google Inc.)
O2 - BHO: (Windows Live Toolbar Helper) - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll (Microsoft Corporation)
O2 - BHO: (EpsonToolBandKicker Class) - {E99421FB-68DD-40F0-B4AC-B7027CAE2F1A} - C:\Program Files\epson\EPSON Web-To-Page\EPSON Web-To-Page.dll (SEIKO EPSON CORPORATION)
O3 - HKLM\..\Toolbar: (Easy Photo Print) - {9421DD08-935F-4701-A9CA-22DF90AC4EA6} - C:\Program Files\Epson Software\Easy Photo Print\EPTBL.dll (SEIKO EPSON CORPORATION / CyCom Technology Corp.)
O3 - HKLM\..\Toolbar: (Windows Live Toolbar) - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll (Microsoft Corporation)
O3 - HKLM\..\Toolbar: (no name) - {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - No CLSID value found.
O3 - HKLM\..\Toolbar: (EPSON Web-To-Page) - {EE5D279F-081B-4404-994D-C6B60AAEBA6D} - C:\Program Files\epson\EPSON Web-To-Page\EPSON Web-To-Page.dll (SEIKO EPSON CORPORATION)
O3 - HKLM\..\Toolbar: (Yahoo! Toolbar) - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll (Yahoo! Inc.)
O3 - HKU\.DEFAULT\..\Toolbar\WebBrowser: (no name) - {A057A204-BACC-4D26-9990-79A187E2698E} - No CLSID value found.
O3 - HKU\.DEFAULT\..\Toolbar\WebBrowser: (Windows Live Toolbar) - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll (Microsoft Corporation)
O3 - HKU\S-1-5-18\..\Toolbar\WebBrowser: (no name) - {A057A204-BACC-4D26-9990-79A187E2698E} - No CLSID value found.
O3 - HKU\S-1-5-18\..\Toolbar\WebBrowser: (Windows Live Toolbar) - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll (Microsoft Corporation)
O3 - HKU\S-1-5-21-750408315-799292127-717486286-1005\..\Toolbar\WebBrowser: (no name) - {A057A204-BACC-4D26-9990-79A187E2698E} - No CLSID value found.
O3 - HKU\S-1-5-21-750408315-799292127-717486286-1005\..\Toolbar\WebBrowser: (Windows Live Toolbar) - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll (Microsoft Corporation)
O3 - HKU\S-1-5-21-750408315-799292127-717486286-1005\..\Toolbar\WebBrowser: (EPSON Web-To-Page) - {EE5D279F-081B-4404-994D-C6B60AAEBA6D} - C:\Program Files\epson\EPSON Web-To-Page\EPSON Web-To-Page.dll (SEIKO EPSON CORPORATION)
O3 - HKU\S-1-5-21-750408315-799292127-717486286-1005\..\Toolbar\WebBrowser: (Yahoo! Toolbar) - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll (Yahoo! Inc.)
O4 - HKLM..\Run: [18166404] C:\Documents and Settings\All Users\Application Data\18166404\18166404.exe File not found
O4 - HKLM..\Run: [98176396] C:\Documents and Settings\All Users\Application Data\98176396\98176396.exe File not found
O4 - HKLM..\Run: [alg] C:\WINDOWS\alg.exe File not found
O4 - HKLM..\Run: [APSDaemon] C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.)
O4 - HKLM..\Run: [AVG_TRAY] C:\Program Files\AVG\AVG2012\avgtray.exe (AVG Technologies CZ, s.r.o.)
O4 - HKLM..\Run: [Corel Photo Downloader] C:\Program Files\Corel\Corel Photo Album 6\MediaDetect.exe (Corel, Inc.)
O4 - HKLM..\Run: [CTSysVol] C:\Program Files\Creative\SBAudigy\Surround Mixer\CTSysVol.exe (Creative Technology Ltd)
O4 - HKLM..\Run: [DellSupportCenter] C:\Program Files\Dell Support Center\bin\sprtcmd.exe (SupportSoft, Inc.)
O4 - HKLM..\Run: [DLA] C:\WINDOWS\system32\DLA\DLACTRLW.EXE (Sonic Solutions)
O4 - HKLM..\Run: [DLCDCATS] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\DLCDtime.DLL ()
O4 - HKLM..\Run: [dlcdmon.exe] C:\Program Files\Dell Photo AIO Printer 944\dlcdmon.exe (Dell)
O4 - HKLM..\Run: [dscactivate] C:\Program Files\Dell Support Center\gs_agent\custom\dsca.exe ( )
O4 - HKLM..\Run: [lsass] C:\WINDOWS\lsass.exe File not found
O4 - HKLM..\Run: [MBMon] C:\WINDOWS\System32\CTMBHA.DLL ()
O4 - HKLM..\Run: [MemoryCardManager] C:\Program Files\Dell Photo AIO Printer 944\memcard.exe ()
O4 - HKLM..\Run: [MSKDetectorExe] C:\Program Files\McAfee\SpamKiller\MSKDetct.exe (McAfee, Inc.)
O4 - HKLM..\Run: [netc] C:\WINDOWS\svc.exe File not found
O4 - HKLM..\Run: [netw] C:\WINDOWS\svw.exe File not found
O4 - HKLM..\Run: [netx] C:\WINDOWS\svx.exe File not found
O4 - HKLM..\Run: [odby] C:\WINDOWS\odb.exe File not found
O4 - HKLM..\Run: [RegWork] C:\Program Files\RegWork\RegWork.exe File not found
O4 - HKLM..\Run: [ROC_roc_dec12] "C:\Program Files\AVG Secure Search\ROC_roc_dec12.exe" /PROMPT /CMPID=roc_dec12 File not found
O4 - HKLM..\Run: [SigmatelSysTrayApp] C:\WINDOWS\stsystra.exe (SigmaTel, Inc.)
O4 - HKLM..\Run: [sms] C:\WINDOWS\sms.exe File not found
O4 - HKLM..\Run: [system] C:\WINDOWS\system.exe File not found
O4 - HKLM..\Run: [TkBellExe] C:\Program Files\Common Files\Real\Update_OB\realsched.exe (RealNetworks, Inc.)
O4 - HKLM..\Run: [UpdateWin] C:\WINDOWS\system32\ansil.exe File not found
O4 - HKLM..\Run: [UpdReg] C:\WINDOWS\Updreg.EXE (Creative Technology Ltd.)
O4 - HKLM..\Run: [vlc] C:\WINDOWS\vlc.exe File not found
O4 - HKLM..\Run: [VoiceCenter] C:\Program Files\Creative\VoiceCenter\AndreaVC.exe (Andrea Electronics Corporation)
O4 - HKLM..\Run: [wdmon] C:\WINDOWS\wdmon.exe File not found
O4 - HKU\.DEFAULT..\Run: [userinit] C:\WINDOWS\system32\ntos.exe File not found
O4 - HKU\S-1-5-18..\Run: [userinit] C:\WINDOWS\system32\ntos.exe File not found
O4 - HKU\S-1-5-21-750408315-799292127-717486286-1005..\Run: [Creative Detector] C:\Program Files\Creative\MediaSource\Detector\CTDetect.exe (Creative Technology Ltd)
O4 - HKU\S-1-5-21-750408315-799292127-717486286-1005..\Run: [DellSupport] C:\Program Files\DellSupport\DSAgnt.exe (Gteko Ltd.)
O4 - HKU\S-1-5-21-750408315-799292127-717486286-1005..\Run: [DellSupportCenter] C:\Program Files\Dell Support Center\bin\sprtcmd.exe (SupportSoft, Inc.)
O4 - HKU\S-1-5-21-750408315-799292127-717486286-1005..\Run: [EPSON PX650 Series] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATIFME.EXE (SEIKO EPSON CORPORATION)
O4 - HKU\S-1-5-21-750408315-799292127-717486286-1005..\Run: [SetDefaultMIDI] C:\WINDOWS\MIDIDEF.EXE (Creative Technology Ltd)
O4 - HKU\S-1-5-21-750408315-799292127-717486286-1005..\Run: [UpdateWin] C:\WINDOWS\system32\ansil.exe File not found
O4 - HKU\S-1-5-21-750408315-799292127-717486286-1005..\Run: [userinit] C:\WINDOWS\system32\ntos.exe File not found
O4 - HKLM..\RunServices: [UpdateWin] C:\WINDOWS\system32\ansil.exe File not found
O4 - HKU\S-1-5-21-750408315-799292127-717486286-1005..\RunServices: [UpdateWin] C:\WINDOWS\system32\ansil.exe File not found
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe (Adobe Systems Incorporated)
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\McAfee Security Scan Plus.lnk = C:\Program Files\McAfee Security Scan\3.0.318\SSScheduler.exe (McAfee, Inc.)
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office\OSA9.EXE (Microsoft Corporation)
O4 - Startup: C:\Documents and Settings\Eddie Doyle\Start Menu\Programs\Startup\Dropbox.lnk = C:\Documents and Settings\Eddie Doyle\Application Data\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoCDBurning = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: InstallVisualStyle = C:\WINDOWS\Resources\Themes\Royale\Royale.msstyles (Microsoft)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: InstallTheme = C:\WINDOWS\Resources\Themes\Royale.theme ()
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-21-750408315-799292127-717486286-1005\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O8 - Extra context menu item: &Windows Live Search - C:\Program Files\Windows Live Toolbar\msntb.dll (Microsoft Corporation)
O8 - Extra context menu item: Add to Google Photos Screensa&ver - C:\WINDOWS\System32\GPhotos.scr (Google Inc.)
O8 - Extra context menu item: Add to Windows &Live Favorites - http://favorites.live.com/quickadd.aspx File not found
O9 - Extra Button: AVG Do Not Track - {68BCFFE1-A2DA-4B40-9068-87ECBFC19D16} - C:\Program Files\AVG\AVG2012\avgdtiex.dll (AVG Technologies CZ, s.r.o.)
O9 - Extra Button: Skype Plug-In - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra 'Tools' menuitem : Skype Plug-In - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O16 - DPF: {31435657-9980-0010-8000-00AA00389B71} http://download.microsoft.com/download/e/2/f/e2fcec4b-6c8b-48b7-adab-ab9c403a978f/wvc1dmo.cab (Reg Error: Key error.)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.7.0/jinstall-1_7_0_25-windows-i586.cab (Java Plug-in 10.25.2)
O16 - DPF: {CAFEEFAC-0017-0000-0025-ABCDEFFEDCBA} http://java.sun.com/update/1.7.0/jinstall-1_7_0_25-windows-i586.cab (Java Plug-in 1.7.0_25)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.7.0/jinstall-1_7_0_25-windows-i586.cab (Java Plug-in 1.7.0_25)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 89.101.160.4 89.101.160.5
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{3FC8E6D5-3661-4A74-AA42-A6FB21F56A45}: DhcpNameServer = 89.101.160.4 89.101.160.5
O18 - Protocol\Handler\linkscanner {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG2012\avgpp.dll (AVG Technologies CZ, s.r.o.)
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\WINDOWS\system32\userinit.exe) - C:\WINDOWS\system32\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\WINDOWS\system32\ntos.exe) - File not found
O20 - Winlogon\Notify\WgaLogon: DllName - (Reg Error: Value error.) - Reg Error: Value error. File not found
O24 - Desktop WallPaper: C:\Documents and Settings\Eddie Doyle\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O24 - Desktop BackupWallPaper: C:\Documents and Settings\Eddie Doyle\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O27 - HKLM IFEO\a2service.exe: Debugger - C:\WINDOWS\System32\ntsd.exe (Microsoft Corporation)
O27 - HKLM IFEO\ArcaCheck.exe: Debugger - C:\WINDOWS\System32\ntsd.exe (Microsoft Corporation)
O27 - HKLM IFEO\arcavir.exe: Debugger - C:\WINDOWS\System32\ntsd.exe (Microsoft Corporation)
O27 - HKLM IFEO\ashDisp.exe: Debugger - C:\WINDOWS\System32\ntsd.exe (Microsoft Corporation)
O27 - HKLM IFEO\ashEnhcd.exe: Debugger - C:\WINDOWS\System32\ntsd.exe (Microsoft Corporation)
O27 - HKLM IFEO\ashServ.exe: Debugger - C:\WINDOWS\System32\ntsd.exe (Microsoft Corporation)
O27 - HKLM IFEO\ashUpd.exe: Debugger - C:\WINDOWS\System32\ntsd.exe (Microsoft Corporation)
O27 - HKLM IFEO\aswUpdSv.exe: Debugger - C:\WINDOWS\System32\ntsd.exe (Microsoft Corporation)
O27 - HKLM IFEO\autoruns.exe: Debugger - C:\WINDOWS\System32\ntsd.exe (Microsoft Corporation)
O27 - HKLM IFEO\avadmin.exe: Debugger - C:\WINDOWS\System32\ntsd.exe (Microsoft Corporation)
O27 - HKLM IFEO\avcenter.exe: Debugger - C:\WINDOWS\System32\ntsd.exe (Microsoft Corporation)
O27 - HKLM IFEO\avcls.exe: Debugger - C:\WINDOWS\System32\ntsd.exe (Microsoft Corporation)
O27 - HKLM IFEO\avconfig.exe: Debugger - C:\WINDOWS\System32\ntsd.exe (Microsoft Corporation)
O27 - HKLM IFEO\avconsol.exe: Debugger - C:\WINDOWS\System32\ntsd.exe (Microsoft Corporation)
O27 - HKLM IFEO\avgnt.exe: Debugger - C:\WINDOWS\System32\ntsd.exe (Microsoft Corporation)
O27 - HKLM IFEO\avgrssvc.exe: Debugger - C:\WINDOWS\System32\ntsd.exe (Microsoft Corporation)
O27 - HKLM IFEO\avguard.exe: Debugger - C:\WINDOWS\System32\ntsd.exe (Microsoft Corporation)
O27 - HKLM IFEO\AvMonitor.exe: Debugger - C:\WINDOWS\System32\ntsd.exe (Microsoft Corporation)
O27 - HKLM IFEO\avp.com: Debugger - C:\WINDOWS\System32\ntsd.exe (Microsoft Corporation)
O27 - HKLM IFEO\avp.exe: Debugger - C:\WINDOWS\System32\ntsd.exe (Microsoft Corporation)
O27 - HKLM IFEO\AVP32.EXE: Debugger - C:\WINDOWS\System32\ntsd.exe (Microsoft Corporation)
O27 - HKLM IFEO\avscan.exe: Debugger - C:\WINDOWS\System32\ntsd.exe (Microsoft Corporation)
O27 - HKLM IFEO\avz.exe: Debugger - C:\WINDOWS\System32\ntsd.exe (Microsoft Corporation)
O27 - HKLM IFEO\avz_se.exe: Debugger - C:\WINDOWS\System32\ntsd.exe (Microsoft Corporation)
O27 - HKLM IFEO\avz4.exe: Debugger - C:\WINDOWS\System32\ntsd.exe (Microsoft Corporation)
O27 - HKLM IFEO\bdagent.exe: Debugger - C:\WINDOWS\System32\ntsd.exe (Microsoft Corporation)
O27 - HKLM IFEO\bdinit.exe: Debugger - C:\WINDOWS\System32\ntsd.exe (Microsoft Corporation)
O27 - HKLM IFEO\caav.exe: Debugger - C:\WINDOWS\System32\ntsd.exe (Microsoft Corporation)
O27 - HKLM IFEO\caavguiscan.exe: Debugger - C:\WINDOWS\System32\ntsd.exe (Microsoft Corporation)
O27 - HKLM IFEO\casecuritycenter.exe: Debugger - C:\WINDOWS\System32\ntsd.exe (Microsoft Corporation)
O27 - HKLM IFEO\CCenter.exe: Debugger - C:\WINDOWS\System32\ntsd.exe (Microsoft Corporation)
O27 - HKLM IFEO\ccupdate.exe: Debugger - C:\WINDOWS\System32\ntsd.exe (Microsoft Corporation)
O27 - HKLM IFEO\cfp.exe: Debugger - C:\WINDOWS\System32\ntsd.exe (Microsoft Corporation)
O27 - HKLM IFEO\cfpupdat.exe: Debugger - C:\WINDOWS\System32\ntsd.exe (Microsoft Corporation)
O27 - HKLM IFEO\cmdagent.exe: Debugger - C:\WINDOWS\System32\ntsd.exe (Microsoft Corporation)
O27 - HKLM IFEO\drwadins.exe: Debugger - C:\WINDOWS\System32\ntsd.exe (Microsoft Corporation)
O27 - HKLM IFEO\DRWEB32.EXE: Debugger - C:\WINDOWS\System32\ntsd.exe (Microsoft Corporation)
O27 - HKLM IFEO\drwebupw.exe: Debugger - C:\WINDOWS\System32\ntsd.exe (Microsoft Corporation)
O27 - HKLM IFEO\ekrn.exe: Debugger - C:\WINDOWS\System32\ntsd.exe (Microsoft Corporation)
O27 - HKLM IFEO\FAMEH32.EXE: Debugger - C:\WINDOWS\System32\ntsd.exe (Microsoft Corporation)
O27 - HKLM IFEO\filemon.exe: Debugger - C:\WINDOWS\System32\ntsd.exe (Microsoft Corporation)
O27 - HKLM IFEO\FPAVServer.exe: Debugger - C:\WINDOWS\System32\ntsd.exe (Microsoft Corporation)
O27 - HKLM IFEO\fpscan.exe: Debugger - C:\WINDOWS\System32\ntsd.exe (Microsoft Corporation)
O27 - HKLM IFEO\FPWin.exe: Debugger - C:\WINDOWS\System32\ntsd.exe (Microsoft Corporation)
O27 - HKLM IFEO\fsav32.exe: Debugger - C:\WINDOWS\System32\ntsd.exe (Microsoft Corporation)
O27 - HKLM IFEO\fsgk32st.exe: Debugger - C:\WINDOWS\System32\ntsd.exe (Microsoft Corporation)
O27 - HKLM IFEO\FSMA32.EXE: Debugger - C:\WINDOWS\System32\ntsd.exe (Microsoft Corporation)
O27 - HKLM IFEO\GFRing3.exe: Debugger - C:\WINDOWS\System32\ntsd.exe (Microsoft Corporation)
O27 - HKLM IFEO\guardgui.exe: Debugger - C:\WINDOWS\System32\ntsd.exe (Microsoft Corporation)
O27 - HKLM IFEO\guardxservice.exe: Debugger - C:\WINDOWS\System32\ntsd.exe (Microsoft Corporation)
O27 - HKLM IFEO\guardxup.exe: Debugger - C:\WINDOWS\System32\ntsd.exe (Microsoft Corporation)
O27 - HKLM IFEO\HijackThis.exe: Debugger - C:\WINDOWS\System32\ntsd.exe (Microsoft Corporation)
O27 - HKLM IFEO\KASMain.exe: Debugger - C:\WINDOWS\System32\ntsd.exe (Microsoft Corporation)
O27 - HKLM IFEO\KASTask.exe: Debugger - C:\WINDOWS\System32\ntsd.exe (Microsoft Corporation)
O27 - HKLM IFEO\KAV32.exe: Debugger - C:\WINDOWS\System32\ntsd.exe (Microsoft Corporation)
O27 - HKLM IFEO\KAVDX.exe: Debugger - C:\WINDOWS\System32\ntsd.exe (Microsoft Corporation)
O27 - HKLM IFEO\KAVPF.exe: Debugger - C:\WINDOWS\System32\ntsd.exe (Microsoft Corporation)
O27 - HKLM IFEO\KAVPFW.exe: Debugger - C:\WINDOWS\System32\ntsd.exe (Microsoft Corporation)
O27 - HKLM IFEO\KAVStart.exe: Debugger - C:\WINDOWS\System32\ntsd.exe (Microsoft Corporation)
O27 - HKLM IFEO\KPFW32.exe: Debugger - C:\WINDOWS\System32\ntsd.exe (Microsoft Corporation)
O27 - HKLM IFEO\KPFW32X.exe: Debugger - C:\WINDOWS\System32\ntsd.exe (Microsoft Corporation)
O27 - HKLM IFEO\Navapsvc.exe: Debugger - C:\WINDOWS\System32\ntsd.exe (Microsoft Corporation)
O27 - HKLM IFEO\Navapw32.exe: Debugger - C:\WINDOWS\System32\ntsd.exe (Microsoft Corporation)
O27 - HKLM IFEO\navigator.exe: Debugger - C:\WINDOWS\System32\ntsd.exe (Microsoft Corporation)
O27 - HKLM IFEO\NAVNT.EXE: Debugger - C:\WINDOWS\System32\ntsd.exe (Microsoft Corporation)
O27 - HKLM IFEO\NAVSTUB.EXE: Debugger - C:\WINDOWS\System32\ntsd.exe (Microsoft Corporation)
O27 - HKLM IFEO\NAVW32.EXE: Debugger - C:\WINDOWS\System32\ntsd.exe (Microsoft Corporation)
O27 - HKLM IFEO\NAVWNT.EXE: Debugger - C:\WINDOWS\System32\ntsd.exe (Microsoft Corporation)
O27 - HKLM IFEO\niu.exe: Debugger - C:\WINDOWS\System32\ntsd.exe (Microsoft Corporation)
O27 - HKLM IFEO\nod32.exe: Debugger - C:\WINDOWS\System32\ntsd.exe (Microsoft Corporation)
O27 - HKLM IFEO\nod32krn.exe: Debugger - C:\WINDOWS\System32\ntsd.exe (Microsoft Corporation)
O27 - HKLM IFEO\Nvcc.exe: Debugger - C:\WINDOWS\System32\ntsd.exe (Microsoft Corporation)
O27 - HKLM IFEO\OllyDBG.EXE: Debugger - C:\WINDOWS\System32\ntsd.exe (Microsoft Corporation)
O27 - HKLM IFEO\outpost.exe: Debugger - C:\WINDOWS\System32\ntsd.exe (Microsoft Corporation)
O27 - HKLM IFEO\preupd.exe: Debugger - C:\WINDOWS\System32\ntsd.exe (Microsoft Corporation)
O27 - HKLM IFEO\procexp.exe: Debugger - C:\WINDOWS\System32\ntsd.exe (Microsoft Corporation)
O27 - HKLM IFEO\pskdr.exe: Debugger - C:\WINDOWS\System32\ntsd.exe (Microsoft Corporation)
O27 - HKLM IFEO\regedit.exe: Debugger - C:\WINDOWS\System32\ntsd.exe (Microsoft Corporation)
O27 - HKLM IFEO\regmon.exe: Debugger - C:\WINDOWS\System32\ntsd.exe (Microsoft Corporation)
O27 - HKLM IFEO\RegTool.exe: Debugger - C:\WINDOWS\System32\ntsd.exe (Microsoft Corporation)
O27 - HKLM IFEO\scan32.exe: Debugger - C:\WINDOWS\System32\ntsd.exe (Microsoft Corporation)
O27 - HKLM IFEO\SfFnUp.exe: Debugger - C:\WINDOWS\System32\ntsd.exe (Microsoft Corporation)
O27 - HKLM IFEO\Vba32arkit.exe: Debugger - C:\WINDOWS\System32\ntsd.exe (Microsoft Corporation)
O27 - HKLM IFEO\vba32ldr.exe: Debugger - C:\WINDOWS\System32\ntsd.exe (Microsoft Corporation)
O27 - HKLM IFEO\vsserv.exe: Debugger - C:\WINDOWS\System32\ntsd.exe (Microsoft Corporation)
O27 - HKLM IFEO\Zanda.exe: Debugger - C:\WINDOWS\System32\ntsd.exe (Microsoft Corporation)
O27 - HKLM IFEO\zapro.exe: Debugger - C:\WINDOWS\System32\ntsd.exe (Microsoft Corporation)
O27 - HKLM IFEO\Zlh.exe: Debugger - C:\WINDOWS\System32\ntsd.exe (Microsoft Corporation)
O27 - HKLM IFEO\zonealarm.exe: Debugger - C:\WINDOWS\System32\ntsd.exe (Microsoft Corporation)
O27 - HKLM IFEO\zoneband.dll: Debugger - C:\WINDOWS\System32\ntsd.exe (Microsoft Corporation)
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2005/08/16 05:43:04 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O33 - MountPoints2\{0cb06d92-08c9-11de-a009-00123fc74f8f}\Shell - "" = AutoRun
O33 - MountPoints2\{0cb06d92-08c9-11de-a009-00123fc74f8f}\Shell\AutoRun - "" = Auto&Play
O33 - MountPoints2\{0cb06d92-08c9-11de-a009-00123fc74f8f}\Shell\AutoRun\command - "" = J:\AutoRun.exe
O33 - MountPoints2\{361ac05d-0e0d-11da-9aa9-806d6172696f}\Shell - "" = AutoRun
O33 - MountPoints2\{361ac05d-0e0d-11da-9aa9-806d6172696f}\Shell\AutoRun - "" = Auto&Play
O33 - MountPoints2\{361ac05d-0e0d-11da-9aa9-806d6172696f}\Shell\AutoRun\command - "" = E:\setup.exe
O34 - HKLM BootExecute: (autocheck autochk *)
O34 - HKLM BootExecute: (C:\PROGRA~1\AVG\AVG2012\avgrsx.exe /sync /restart)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
========== Files/Folders - Created Within 30 Days ==========
[3 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
[2 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
========== Files - Modified Within 30 Days ==========
[2013/09/04 19:50:27 | 000,000,892 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
[2013/09/04 19:50:26 | 000,000,436 | ---- | M] () -- C:\WINDOWS\tasks\RNUpgradeHelperLogonPrompt_Eddie Doyle.job
[2013/09/04 19:50:26 | 000,000,290 | ---- | M] () -- C:\WINDOWS\tasks\RealUpgradeLogonTaskS-1-5-21-750408315-799292127-717486286-1005.job
[2013/09/04 19:50:17 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2013/09/04 19:50:14 | 1071,796,224 | -HS- | M] () -- C:\hiberfil.sys
[2013/09/04 19:49:37 | 000,000,268 | -H-- | M] () -- C:\sqmdata07.sqm
[2013/09/04 19:49:37 | 000,000,244 | -H-- | M] () -- C:\sqmnoopt10.sqm
[2013/09/04 19:29:00 | 000,000,266 | ---- | M] () -- C:\WINDOWS\tasks\Check Updates for Windows Live Toolbar.job
[2013/09/04 19:19:00 | 000,000,896 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
[2013/09/04 19:05:01 | 000,000,830 | ---- | M] () -- C:\WINDOWS\tasks\Adobe Flash Player Updater.job
[2013/09/04 18:21:32 | 000,001,813 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Google Chrome.lnk
[2013/09/04 18:13:02 | 000,000,252 | ---- | M] () -- C:\WINDOWS\tasks\Epson Printer Software Downloader.job
[2013/09/04 17:29:39 | 136,151,040 | ---- | M] () -- C:\WINDOWS\System32\drivers\AVG\incavi.avm
[2013/09/03 21:55:02 | 000,000,268 | -H-- | M] () -- C:\sqmdata06.sqm
[2013/09/03 21:55:02 | 000,000,244 | -H-- | M] () -- C:\sqmnoopt09.sqm
[2013/09/03 20:40:01 | 000,000,426 | ---- | M] () -- C:\WINDOWS\tasks\ReclaimerUpdateXML_Eddie Doyle.job
[2013/09/03 18:39:02 | 000,000,430 | ---- | M] () -- C:\WINDOWS\tasks\ReclaimerUpdateFiles_Eddie Doyle.job
[2013/09/02 17:32:36 | 000,539,852 | ---- | M] () -- C:\WINDOWS\System32\drivers\AVG\iavichjg.avm
[2013/09/01 21:19:41 | 000,000,268 | -H-- | M] () -- C:\sqmdata05.sqm
[2013/09/01 21:19:41 | 000,000,244 | -H-- | M] () -- C:\sqmnoopt08.sqm
[2013/09/01 16:18:01 | 000,000,298 | ---- | M] () -- C:\WINDOWS\tasks\RealUpgradeScheduledTaskS-1-5-21-750408315-799292127-717486286-1005.job
[2013/08/30 19:05:45 | 000,692,104 | ---- | M] (Adobe Systems Incorporated) -- C:\WINDOWS\System32\FlashPlayerApp.exe
[2013/08/30 19:05:44 | 000,071,048 | ---- | M] (Adobe Systems Incorporated) -- C:\WINDOWS\System32\FlashPlayerCPLApp.cpl
[2013/08/29 20:41:32 | 000,002,206 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2013/08/15 13:43:46 | 000,000,268 | -H-- | M] () -- C:\sqmdata04.sqm
[2013/08/15 13:43:46 | 000,000,244 | -H-- | M] () -- C:\sqmnoopt07.sqm
[2013/08/13 23:30:30 | 000,000,268 | -H-- | M] () -- C:\sqmdata03.sqm
[2013/08/13 23:30:30 | 000,000,244 | -H-- | M] () -- C:\sqmnoopt06.sqm
[2013/08/12 12:41:11 | 000,083,456 | ---- | M] () -- C:\Documents and Settings\Eddie Doyle\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2013/08/12 08:18:02 | 000,000,284 | ---- | M] () -- C:\WINDOWS\tasks\AppleSoftwareUpdate.job
[2013/08/10 01:05:49 | 000,000,268 | -H-- | M] () -- C:\sqmdata02.sqm
[2013/08/10 01:05:49 | 000,000,244 | -H-- | M] () -- C:\sqmnoopt05.sqm
[2013/08/08 23:00:00 | 000,000,326 | ---- | M] () -- C:\WINDOWS\tasks\Regwork.job
[2013/08/08 00:52:25 | 000,000,268 | -H-- | M] () -- C:\sqmdata01.sqm
[2013/08/08 00:52:25 | 000,000,244 | -H-- | M] () -- C:\sqmnoopt04.sqm
[2013/08/07 00:05:59 | 000,000,268 | -H-- | M] () -- C:\sqmdata00.sqm
[2013/08/07 00:05:59 | 000,000,244 | -H-- | M] () -- C:\sqmnoopt03.sqm
[3 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
[2 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
========== Files Created - No Company Name ==========
[2013/08/30 20:37:02 | 000,000,436 | ---- | C] () -- C:\WINDOWS\tasks\RNUpgradeHelperLogonPrompt_Eddie Doyle.job
[2013/08/30 20:37:01 | 000,000,430 | ---- | C] () -- C:\WINDOWS\tasks\ReclaimerUpdateFiles_Eddie Doyle.job
[2013/08/30 20:37:01 | 000,000,426 | ---- | C] () -- C:\WINDOWS\tasks\ReclaimerUpdateXML_Eddie Doyle.job
[2012/05/22 17:32:50 | 000,034,814 | ---- | C] () -- C:\Documents and Settings\Eddie Doyle\Local Settings\Application Data\dt.dat
[2012/04/15 15:07:08 | 000,024,880 | ---- | C] () -- C:\WINDOWS\System32\drivers\OXUDIDRV_x32.sys
[2011/12/21 21:45:24 | 000,029,648 | -H-- | C] () -- C:\WINDOWS\System32\mlfcache.dat
[2011/09/11 18:06:33 | 000,111,932 | ---- | C] () -- C:\WINDOWS\System32\EPPICPrinterDB.dat
[2011/09/11 18:06:33 | 000,031,053 | ---- | C] () -- C:\WINDOWS\System32\EPPICPattern131.dat
[2011/09/11 18:06:33 | 000,027,417 | ---- | C] () -- C:\WINDOWS\System32\EPPICPattern121.dat
[2011/09/11 18:06:33 | 000,026,154 | ---- | C] () -- C:\WINDOWS\System32\EPPICPattern1.dat
[2011/09/11 18:06:33 | 000,024,903 | ---- | C] () -- C:\WINDOWS\System32\EPPICPattern3.dat
[2011/09/11 18:06:33 | 000,021,390 | ---- | C] () -- C:\WINDOWS\System32\EPPICPattern5.dat
[2011/09/11 18:06:33 | 000,020,148 | ---- | C] () -- C:\WINDOWS\System32\EPPICPattern2.dat
[2011/09/11 18:06:33 | 000,011,811 | ---- | C] () -- C:\WINDOWS\System32\EPPICPattern4.dat
[2011/09/11 18:06:33 | 000,004,943 | ---- | C] () -- C:\WINDOWS\System32\EPPICPattern6.dat
[2011/09/11 18:06:33 | 000,001,146 | ---- | C] () -- C:\WINDOWS\System32\EPPICPresetData_DU.dat
[2011/09/11 18:06:33 | 000,001,139 | ---- | C] () -- C:\WINDOWS\System32\EPPICPresetData_PT.dat
[2011/09/11 18:06:33 | 000,001,139 | ---- | C] () -- C:\WINDOWS\System32\EPPICPresetData_BP.dat
[2011/09/11 18:06:33 | 000,001,136 | ---- | C] () -- C:\WINDOWS\System32\EPPICPresetData_ES.dat
[2011/09/11 18:06:33 | 000,001,129 | ---- | C] () -- C:\WINDOWS\System32\EPPICPresetData_FR.dat
[2011/09/11 18:06:33 | 000,001,129 | ---- | C] () -- C:\WINDOWS\System32\EPPICPresetData_CF.dat
[2011/09/11 18:06:33 | 000,001,120 | ---- | C] () -- C:\WINDOWS\System32\EPPICPresetData_IT.dat
[2011/09/11 18:06:33 | 000,001,107 | ---- | C] () -- C:\WINDOWS\System32\EPPICPresetData_GE.dat
[2011/09/11 18:06:33 | 000,001,104 | ---- | C] () -- C:\WINDOWS\System32\EPPICPresetData_EN.dat
[2011/09/11 18:06:33 | 000,000,097 | ---- | C] () -- C:\WINDOWS\System32\PICSDK.ini
[2009/06/02 13:10:28 | 000,000,000 | ---- | C] () -- C:\Documents and Settings\All Users\Application Data\98176396.ini
[2008/06/08 13:56:50 | 000,083,456 | ---- | C] () -- C:\Documents and Settings\Eddie Doyle\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2006/06/14 12:40:09 | 000,001,356 | ---- | C] () -- C:\Documents and Settings\All Users\Application Data\QTSBandwidthCache
[2006/04/12 10:02:18 | 000,000,251 | ---- | C] () -- C:\Program Files\wt3d.ini
[2006/03/15 20:45:39 | 016,817,176 | ---- | C] () -- C:\Program Files\avg71free_375a703.exe
[2006/03/15 20:36:00 | 000,000,134 | ---- | C] () -- C:\Documents and Settings\Eddie Doyle\Local Settings\Application Data\fusioncache.dat
========== ZeroAccess Check ==========
[2005/08/16 05:39:16 | 000,000,227 | RHS- | M] () -- C:\WINDOWS\assembly\Desktop.ini
[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shdocvw.dll -- [2008/04/14 01:12:05 | 001,499,136 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = C:\WINDOWS\system32\wbem\fastprox.dll -- [2009/02/09 13:10:48 | 000,473,600 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
"" = C:\WINDOWS\system32\wbem\wbemess.dll -- [2008/04/14 01:12:08 | 000,273,920 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both
< End of report >
Extras.exe
OTL Extras logfile created on: 04/09/2013 19:55:55 - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Documents and Settings\Eddie Doyle\My Documents\Downloads
Windows XP Media Center Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 7.0.5730.11)
Locale: 00001809 | Country: Ireland | Language: ENI | Date Format: dd/MM/yyyy
1022.07 Mb Total Physical Memory | 217.63 Mb Available Physical Memory | 21.29% Memory free
2.40 Gb Paging File | 1.60 Gb Available in Paging File | 66.73% Paging File free
Paging file location(s): C:\pagefile.sys 1536 3072 [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 144.30 Gb Total Space | 92.97 Gb Free Space | 64.43% Space Free | Partition Type: NTFS
Computer Name: DDRK132J | User Name: Eddie Doyle | Logg0
Comments
-
you got a lot of viruses, download combofix, run it and post its log here Peter
http://www.bleepingcomputer.com/download/combofix/0 -
ComboFix 13-09-17.01 - Eddie Doyle 17/09/2013 18:35:28.1.2 - x86
Microsoft Windows XP Professional 5.1.2600.3.1252.1.1033.18.1022.322 [GMT 1:00]
Running from: c:\documents and settings\Eddie Doyle\My Documents\Downloads\ComboFix.exe
AV: AVG Internet Security 2012 *Disabled/Updated* {17DDD097-36FF-435F-9E1B-52D74245D6BF}
FW: AVG Internet Security 2012 *Disabled* {17DDD097-36FF-435F-9E1B-52D74245D6BF}
.
.
((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\docume~1\EDDIED~1\LOCALS~1\Temp\clclean.0001.dir.0000\~df394b.tmp
c:\documents and settings\All Users\Application Data\98176396.ini
c:\documents and settings\Eddie Doyle\Local Settings\Application Data\Google\Chrome\User Data\Default\Preferences
c:\documents and settings\Eddie Doyle\Local Settings\Temp\clclean.0001.dir.0000\~df394b.tmp
c:\documents and settings\Eddie Doyle\WINDOWS
c:\windows\pkunzip.pif
c:\windows\pkzip.pif
c:\windows\system32\2014298250.dat
c:\windows\system32\4040774368.dat
c:\windows\system32\Cache
c:\windows\system32\Cache\0d76f4ec1c7f143a.fb
c:\windows\system32\Cache\272512937d9e61a4.fb
c:\windows\system32\Cache\287204568329e189.fb
c:\windows\system32\Cache\28bc8f716fd76a47.fb
c:\windows\system32\Cache\2c53092c95605355.fb
c:\windows\system32\Cache\32c84fe32bb74d60.fb
c:\windows\system32\Cache\3917078cb68ec657.fb
c:\windows\system32\Cache\590ba23ce359fd0c.fb
c:\windows\system32\Cache\610289e025a3ee9a.fb
c:\windows\system32\Cache\651c5d3cdbfb8bd1.fb
c:\windows\system32\Cache\6c59ac5e7e7a3ad0.fb
c:\windows\system32\Cache\6d03dad1035885d3.fb
c:\windows\system32\Cache\a8556537add6dfc5.fb
c:\windows\system32\Cache\ad10a52aff5e038d.fb
c:\windows\system32\Cache\c1fa887b03019701.fb
c:\windows\system32\Cache\c4d28dca2e7648be.fb
c:\windows\system32\Cache\d201ef9910cd39de.fb
c:\windows\system32\Cache\d2e94710a5708128.fb
c:\windows\system32\Cache\d79b9dfe81484ec4.fb
c:\windows\system32\Cache\e0de16f883bea794.fb
c:\windows\system32\Cache\ea95269a29556720.fb
c:\windows\system32\Cache\f3bd9578715d7352.fb
c:\windows\system32\Cache\f998975c9cc711ee.fb
c:\windows\system32\rnaph.dll
c:\windows\system32\SET14.tmp
c:\windows\wininit.ini
.
.
((((((((((((((((((((((((((((((((((((((( Drivers/Services )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
\Legacy_clipsrvsharedaccess
\Service_ClipSrvSharedAccess
.
.
((((((((((((((((((((((((( Files Created from 2013-08-17 to 2013-09-17 )))))))))))))))))))))))))))))))
.
.
2013-09-17 17:23 . 2013-09-17 17:23
d
w- c:\program files\Mozilla Maintenance Service
2013-09-17 17:23 . 2013-09-11 02:28 271256 ----a-w- c:\program files\Mozilla Firefox\browser\components\browsercomps.dll
2013-09-17 17:23 . 2013-09-11 02:27 107416 ----a-w- c:\program files\Mozilla Firefox\webapprt-stub.exe
2013-09-17 17:23 . 2013-09-11 02:27 170232 ----a-w- c:\program files\Mozilla Firefox\webapp-uninstaller.exe
2013-09-17 17:23 . 2013-09-11 02:27 27544 ----a-w- c:\program files\Mozilla Firefox\plugin-hang-ui.exe
2013-09-17 17:23 . 2013-09-11 02:26 3279768 ----a-w- c:\program files\Mozilla Firefox\mozjs.dll
2013-09-17 17:23 . 2013-09-11 02:26 128920 ----a-w- c:\program files\Mozilla Firefox\mozglue.dll
2013-09-17 17:23 . 2013-09-11 02:26 16280 ----a-w- c:\program files\Mozilla Firefox\mozalloc.dll
2013-09-17 17:23 . 2013-09-11 02:26 193824 ----a-w- c:\program files\Mozilla Firefox\maintenanceservice_installer.exe
2013-09-17 17:23 . 2010-03-18 16:15 770384 ----a-w- c:\program files\Mozilla Firefox\msvcr100.dll
2013-09-17 17:23 . 2010-03-18 16:15 421200 ----a-w- c:\program files\Mozilla Firefox\msvcp100.dll
2013-09-17 17:22 . 2013-09-11 02:26 118680 ----a-w- c:\program files\Mozilla Firefox\maintenanceservice.exe
2013-09-17 17:22 . 2013-09-11 02:26 548760 ----a-w- c:\program files\Mozilla Firefox\libGLESv2.dll
2013-09-17 17:22 . 2013-09-11 02:26 63384 ----a-w- c:\program files\Mozilla Firefox\libEGL.dll
2013-09-17 17:22 . 2013-09-11 02:26 3215256 ----a-w- c:\program files\Mozilla Firefox\gkmedias.dll
2013-09-17 17:22 . 2013-09-11 02:26 74648 ----a-w- c:\program files\Mozilla Firefox\breakpadinjector.dll
2013-09-17 17:22 . 2010-05-26 18:41 2106216 ----a-w- c:\program files\Mozilla Firefox\D3DCompiler_43.dll
2013-09-04 20:34 . 2013-09-04 20:34
d
w- c:\documents and settings\Eddie Doyle\Application Data\SUPERAntiSpyware.com
2013-09-04 20:33 . 2013-09-04 20:34
d
w- c:\program files\SUPERAntiSpyware
2013-09-04 20:33 . 2013-09-04 20:33
d
w- c:\documents and settings\All Users\Application Data\SUPERAntiSpyware.com
2013-09-04 20:27 . 2013-09-04 20:27
d
w- c:\program files\CCleaner
2013-09-04 19:17 . 2013-09-04 19:17
d
w- c:\program files\ESET
2013-09-04 19:13 . 2013-09-04 19:13
d
w- c:\documents and settings\Eddie Doyle\Application Data\Malwarebytes
2013-09-04 19:12 . 2013-09-04 19:12
d
w- c:\documents and settings\All Users\Application Data\Malwarebytes
2013-09-04 19:12 . 2013-09-04 19:13
d
w- c:\program files\Malwarebytes' Anti-Malware
2013-09-04 19:12 . 2013-04-04 13:50 22856 ----a-w- c:\windows\system32\drivers\mbam.sys
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2013-09-13 18:05 . 2013-03-06 13:23 692616 ----a-w- c:\windows\system32\FlashPlayerApp.exe
2013-09-13 18:05 . 2012-02-20 08:46 71048 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2013-06-23 09:04 . 2013-06-23 09:04 94632 ----a-w- c:\windows\system32\WindowsAccessBridge.dll
2013-06-23 09:04 . 2013-06-11 10:39 867240 ----a-w- c:\windows\system32\npDeployJava1.dll
2013-06-23 09:04 . 2010-08-04 22:23 789416 ----a-w- c:\windows\system32\deployJava1.dll
2013-06-23 09:04 . 2009-01-29 15:59 144896 ----a-w- c:\windows\system32\javacpl.cpl
2006-03-15 17:16 . 2006-03-15 19:45 16817176 ----a-w- c:\program files\avg71free_375a703.exe
.
.
Sigcheck
Note: Unsigned files aren't necessarily malware.
.
[7] 2008-06-20 . AD978A1B783B5719720CFF204B666C8E . 361600 . . [5.1.2600.5625] . . c:\windows\$hf_mig$\KB951748\SP3QFE\tcpip.sys
[7] 2008-06-20 . 9AEFA14BD6B182D61E3119FA5F436D3D . 361600 . . [5.1.2600.5625] . . c:\windows\$hf_mig$\KB951748\SP3GDR\tcpip.sys
[-] 2008-06-20 . 9425B72F40257B45D45D24773273DAD0 . 361600 . . [5.1.2600.5625] . . c:\windows\system32\dllcache\tcpip.sys
[-] 2008-06-20 . 9425B72F40257B45D45D24773273DAD0 . 361600 . . [5.1.2600.5625] . . c:\windows\system32\drivers\tcpip.sys
[7] 2008-06-20 . 2A5554FC5B1E04E131230E3CE035C3F9 . 360320 . . [5.1.2600.3394] . . c:\windows\$NtServicePackUninstall$\tcpip.sys
[7] 2008-06-20 . 744E57C99232201AE98C49168B918F48 . 360960 . . [5.1.2600.3394] . . c:\windows\$hf_mig$\KB951748\SP2QFE\tcpip.sys
[7] 2008-04-13 . 93EA8D04EC73A85DB02EB8805988F733 . 361344 . . [5.1.2600.5512] . . c:\windows\$NtUninstallKB951748$\tcpip.sys
[-] 2008-04-13 . ACCF5A9A1FFAA490F33DBA1C632B95E1 . 361344 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\tcpip.sys
[-] 2007-10-30 . 90CAFF4B094573449A0872A0F919B178 . 360064 . . [5.1.2600.3244] . . c:\windows\$NtUninstallKB951748_0$\tcpip.sys
[-] 2007-10-30 . 64798ECFA43D78C7178375FCDD16D8C8 . 360832 . . [5.1.2600.3244] . . c:\windows\$hf_mig$\KB941644\SP2QFE\tcpip.sys
[-] 2006-04-20 . B2220C618B42A2212A59D91EBD6FC4B4 . 360576 . . [5.1.2600.2892] . . c:\windows\$hf_mig$\KB917953\SP2QFE\tcpip.sys
[-] 2006-04-20 . 1DBF125862891817F374F407626967F4 . 359808 . . [5.1.2600.2892] . . c:\windows\$NtUninstallKB941644$\tcpip.sys
[-] 2006-01-13 . 5562CC0A47B2AEF06D3417B733F3C195 . 360448 . . [5.1.2600.2827] . . c:\windows\$hf_mig$\KB913446\SP2QFE\tcpip.sys
[-] 2006-01-13 . 583E063FDC888CA30D05C2724B0D7EF4 . 359808 . . [5.1.2600.2827] . . c:\windows\$NtUninstallKB917953$\tcpip.sys
[-] 2004-08-10 . 9F4B36614A0FC234525BA224957DE55C . 359040 . . [5.1.2600.2180] . . c:\windows\$NtUninstallKB913446$\tcpip.sys
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt1]
@="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}]
2013-05-25 00:36 130736 ----a-w- c:\documents and settings\Eddie Doyle\Application Data\Dropbox\bin\DropboxExt.19.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt2]
@="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}]
2013-05-25 00:36 130736 ----a-w- c:\documents and settings\Eddie Doyle\Application Data\Dropbox\bin\DropboxExt.19.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt3]
@="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}]
2013-05-25 00:36 130736 ----a-w- c:\documents and settings\Eddie Doyle\Application Data\Dropbox\bin\DropboxExt.19.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt4]
@="{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}]
2013-05-25 00:36 130736 ----a-w- c:\documents and settings\Eddie Doyle\Application Data\Dropbox\bin\DropboxExt.19.dll
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SetDefaultMIDI"="MIDIDef.exe" [2004-12-22 24576]
"Creative Detector"="c:\program files\Creative\MediaSource\Detector\CTDetect.exe" [2004-12-02 102400]
"DellSupport"="c:\program files\DellSupport\DSAgnt.exe" [2007-03-15 460784]
"DellSupportCenter"="c:\program files\Dell Support Center\bin\sprtcmd.exe" [2009-05-21 206064]
"SUPERAntiSpyware"="c:\program files\SUPERAntiSpyware\SUPERAntiSpyware.exe" [2013-08-15 5703920]
"ctfmon.exe"="c:\windows\system32\ctfmon.exe" [2008-04-14 15360]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ehTray"="c:\windows\ehome\ehtray.exe" [2005-09-29 67584]
"SigmatelSysTrayApp"="stsystra.exe" [2005-03-23 339968]
"ATIPTA"="c:\program files\ATI Technologies\ATI Control Panel\atiptaxx.exe" [2005-08-05 344064]
"IntelMeM"="c:\program files\Intel\Modem Event Monitor\IntelMEM.exe" [2003-09-03 221184]
"CTSysVol"="c:\program files\Creative\SBAudigy\Surround Mixer\CTSysVol.exe" [2005-09-15 57344]
"MBMon"="CTMBHA.DLL" [2005-05-19 1345520]
"UpdReg"="c:\windows\UpdReg.EXE" [2000-05-11 90112]
"VoiceCenter"="c:\program files\Creative\VoiceCenter\AndreaVC.exe" [2005-09-19 1159168]
"ISUSPM Startup"="c:\program files\Common Files\InstallShield\UpdateService\isuspm.exe" [2005-06-10 249856]
"ISUSScheduler"="c:\program files\Common Files\InstallShield\UpdateService\issch.exe" [2005-06-10 81920]
"DLA"="c:\windows\System32\DLA\DLACTRLW.EXE" [2005-09-08 122940]
"DLCDCATS"="c:\windows\System32\spool\DRIVERS\W32X86\3\DLCDtime.dll" [2005-06-07 69632]
"dlcdmon.exe"="c:\program files\Dell Photo AIO Printer 944\dlcdmon.exe" [2005-07-22 430080]
"MemoryCardManager"="c:\program files\Dell Photo AIO Printer 944\memcard.exe" [2005-06-27 282624]
"MSKDetectorExe"="c:\program files\McAfee\SpamKiller\MSKDetct.exe" [2006-11-07 1121280]
"igfxtray"="c:\windows\system32\igfxtray.exe" [2005-10-14 94208]
"igfxhkcmd"="c:\windows\system32\hkcmd.exe" [2005-10-14 77824]
"igfxpers"="c:\windows\system32\igfxpers.exe" [2005-10-14 114688]
"dscactivate"="c:\program files\Dell Support Center\gs_agent\custom\dsca.exe" [2007-11-15 16384]
"DellSupportCenter"="c:\program files\Dell Support Center\bin\sprtcmd.exe" [2009-05-21 206064]
"QuickTime Task"="c:\program files\QuickTime\qttask.exe" [2010-09-08 421888]
"TkBellExe"="c:\program files\Common Files\Real\Update_OB\realsched.exe" [2010-10-05 202256]
"APSDaemon"="c:\program files\Common Files\Apple\Apple Application Support\APSDaemon.exe" [2012-05-30 59280]
"AVG_TRAY"="c:\program files\AVG\AVG2012\avgtray.exe" [2012-11-19 2598520]
"iTunesHelper"="c:\program files\iTunes\iTunesHelper.exe" [2012-06-07 421776]
"Corel Photo Downloader"="c:\program files\Corel\Corel Photo Album 6\MediaDetect.exe" [2005-08-31 106496]
.
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-14 15360]
.
[hkey_local_machine\software\microsoft\windows\currentversion\explorer\ShellExecuteHooks]
"{5AE067D3-9AFB-48E0-853A-EBB7F4A000DA}"= "c:\program files\SUPERAntiSpyware\SASSEH.DLL" [2013-05-07 115440]
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager]
BootExecute REG_MULTI_SZ autocheck autochk *\0c:\progra~1\AVG\AVG2012\avgrsx.exe /sync /restart
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\!SASCORE]
@=""
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]
@="Driver"
.
[HKEY_LOCAL_MACHINE\software\microsoft\security center]
"AntiVirusOverride"=dword:00000001
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"c:\\Program Files\\Messenger\\msmsgs.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"c:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"=
"c:\\Program Files\\Windows Live\\Messenger\\livecall.exe"=
"c:\\Program Files\\Skype\\Plugin Manager\\skypePM.exe"=
"c:\\Program Files\\Skype\\Phone\\Skype.exe"=
"c:\\Program Files\\Bonjour\\mDNSResponder.exe"=
"c:\\Program Files\\AVG\\AVG2012\\avgmfapx.exe"=
"c:\\Program Files\\Common Files\\Apple\\Apple Application Support\\WebKit2WebProcess.exe"=
"c:\\Program Files\\iTunes\\iTunes.exe"=
"c:\\Documents and Settings\\Eddie Doyle\\Application Data\\Dropbox\\bin\\Dropbox.exe"=
"c:\\Program Files\\AVG\\AVG2012\\avgnsx.exe"=
"c:\\Program Files\\AVG\\AVG2012\\avgdiagex.exe"=
.
R0 AVGIDSHX;AVGIDSHX;c:\windows\system32\drivers\avgidshx.sys [19/04/2012 04:50 24896]
R0 Avgrkx86;AVG Anti-Rootkit Driver;c:\windows\system32\drivers\avgrkx86.sys [31/01/2012 04:46 31952]
R1 Avgldx86;AVG AVI Loader Driver;c:\windows\system32\drivers\avgldx86.sys [22/02/2012 05:25 250080]
R1 Avgtdix;AVG TDI Driver;c:\windows\system32\drivers\avgtdix.sys [19/03/2012 05:17 302368]
R1 SASDIFSV;SASDIFSV;c:\program files\SUPERAntiSpyware\sasdifsv.sys [22/07/2011 17:27 12880]
R1 SASKUTIL;SASKUTIL;c:\program files\SUPERAntiSpyware\SASKUTIL.SYS [12/07/2011 22:55 67664]
R2 !SASCORE;SAS Core Service;c:\program files\SUPERAntiSpyware\SASCore.exe [23/05/2013 21:11 119056]
R2 avgwd;AVG WatchDog;c:\program files\AVG\AVG2012\avgwdsvc.exe [14/02/2012 04:53 193288]
R2 TuneUp.UtilitiesSvc;AVG PC TuneUp Service;c:\program files\AVG\AVG PC TuneUp\TuneUpUtilitiesService32.exe [23/08/2012 11:31 1532280]
R3 Avgfwdx;Avgfwdx;c:\windows\system32\drivers\avgfwdx.sys [12/01/2012 19:52 30944]
R3 AVGIDSDriver;AVGIDSDriver;c:\windows\system32\drivers\avgidsdriverx.sys [23/12/2011 13:32 142176]
R3 AVGIDSFilter;AVGIDSFilter;c:\windows\system32\drivers\avgidsfilterx.sys [23/12/2011 13:32 24144]
R3 AVGIDSShim;AVGIDSShim;c:\windows\system32\drivers\avgidsshimx.sys [23/12/2011 13:32 17232]
R3 dlcd_device;dlcd_device;c:\windows\system32\dlcdcoms.exe -service --> c:\windows\system32\dlcdcoms.exe -service [?]
R3 TuneUpUtilitiesDrv;TuneUpUtilitiesDrv;c:\program files\AVG\AVG PC TuneUp\TuneUpUtilitiesDriver32.sys [04/07/2012 15:26 10088]
S2 avgfws;AVG Firewall;c:\program files\AVG\AVG2012\avgfws.exe [05/12/2012 04:44 2321560]
S2 AVGIDSAgent;AVGIDSAgent;c:\program files\AVG\AVG2012\avgidsagent.exe [02/11/2012 04:51 5174392]
S3 Avgfwfd;AVG network filter service;c:\windows\system32\drivers\avgfwdx.sys [12/01/2012 19:52 30944]
S3 Netaapl;Apple Mobile Device Ethernet Service;c:\windows\system32\drivers\netaapl.sys [22/06/2012 13:08 18432]
S3 OXSDIDRV_x32;Oxford Semi eSATA Filter (x32);c:\windows\system32\drivers\OXSDIDRV_x32.sys [28/09/2009 09:55 52656]
S3 OXUDIDRV;OXUDIDRV;c:\windows\system32\drivers\OXUDIDRV_x32.sys [15/04/2012 15:07 24880]
.
--- Other Services/Drivers In Memory ---
.
*NewlyCreated* - WS2IFSL
.
[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{8A69D345-D564-463c-AFF1-A69D9E530F96}]
2013-09-04 17:19 1177552 ----a-w- c:\program files\Google\Chrome\Application\29.0.1547.66\Installer\chrmstp.exe
.
Contents of the 'Scheduled Tasks' folder
.
2013-09-17 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2013-03-06 18:05]
.
2013-09-09 c:\windows\Tasks\AppleSoftwareUpdate.job
- c:\program files\Apple Software Update\SoftwareUpdate.exe [2009-10-22 17:57]
.
2013-09-17 c:\windows\Tasks\Check Updates for Windows Live Toolbar.job
- c:\program files\Windows Live Toolbar\MSNTBUP.EXE [2007-10-19 10:20]
.
2013-09-17 c:\windows\Tasks\Epson Printer Software Downloader.job
- c:\program files\EPSON\EPAPDL\E_SAPDL2.EXE [2009-01-23 14:03]
.
2013-09-17 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files\Google\Update\GoogleUpdate.exe [2010-10-05 17:58]
.
2013-09-17 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files\Google\Update\GoogleUpdate.exe [2010-10-05 17:58]
.
2013-09-17 c:\windows\Tasks\RealUpgradeLogonTaskS-1-5-21-750408315-799292127-717486286-1005.job
- c:\program files\Real\RealUpgrade\realupgrade.exe [2010-06-03 02:02]
.
2013-09-15 c:\windows\Tasks\RealUpgradeScheduledTaskS-1-5-21-750408315-799292127-717486286-1005.job
- c:\program files\Real\RealUpgrade\realupgrade.exe [2010-06-03 02:02]
.
2013-09-16 c:\windows\Tasks\ReclaimerUpdateFiles_Eddie Doyle.job
- c:\documents and settings\Eddie Doyle\Application Data\Real\Update\UpgradeHelper\RealPlayer\10.60\agent\rnupgagent.exe [2013-08-30 16:36]
.
2013-09-16 c:\windows\Tasks\ReclaimerUpdateXML_Eddie Doyle.job
- c:\documents and settings\Eddie Doyle\Application Data\Real\Update\UpgradeHelper\RealPlayer\10.60\agent\rnupgagent.exe [2013-08-30 16:36]
.
2013-09-17 c:\windows\Tasks\RNUpgradeHelperLogonPrompt_Eddie Doyle.job
- c:\documents and settings\Eddie Doyle\Application Data\Real\Update\UpgradeHelper\RealPlayer\10.60\agent\rnupgagent.exe [2013-08-30 16:36]
.
2013-09-17 c:\windows\Tasks\SUPERAntiSpyware Scheduled Task 23b447ea-2f25-49ed-886b-0b0d6682f4c1.job
- c:\program files\SUPERAntiSpyware\SASTask.exe [2013-05-23 20:21]
.
2013-09-17 c:\windows\Tasks\SUPERAntiSpyware Scheduled Task 35a1cc96-5734-456e-98cd-3fb2ecc62ae8.job
- c:\program files\SUPERAntiSpyware\SASTask.exe [2013-05-23 20:21]
.
.
Supplementary Scan
.
uStart Page = hxxp://home.iol.ie/
uSearchMigratedDefaultURL = hxxp://search.yahoo.com/search?p={searchTerms}&ei=utf-8&fr=b1ie7
uDefault_Search_URL = hxxp://www.google.com/ie
uInternet Connection Wizard,ShellNext = iexplore
uInternet Settings,ProxyOverride = *.local;<local>
uSearchAssistant = hxxp://www.google.com/ie
uSearchURL,(Default) = hxxp://www.google.com/search?q=%s
IE: &Windows Live Search - c:\program files\Windows Live Toolbar\msntb.dll/search.htm
IE: Add to Google Photos Screensa&ver - c:\windows\system32\GPhotos.scr/200
IE: Add to Windows &Live Favorites - http://favorites.live.com/quickadd.aspx
TCP: DhcpNameServer = 89.101.160.4 89.101.160.5
FF - ProfilePath - c:\documents and settings\Eddie Doyle\Application Data\Mozilla\Firefox\Profiles\1r4qr5gb.default\
FF - prefs.js: browser.search.selectedEngine - AVG Secure Search
FF - prefs.js: browser.startup.homepage - hxxp://www.google.ie/
FF - prefs.js: keyword.URL - hxxp://search.avg.com/route/?d=4bfe625d&v=6.103.018.001&i=26&tp=ab&iy=&ychte=us&lng=en-GB&q=
FF - prefs.js: network.proxy.type - 1
.
- - - - ORPHANS REMOVED - - - -
.
Toolbar-{CCC7A320-B3CA-4199-B1A6-9F516DD69829} - (no file)
WebBrowser-{CCC7A320-B3CA-4199-B1A6-9F516DD69829} - (no file)
HKLM-Run-alg - c:\windows\alg.exe
HKLM-Run-RegWork - c:\program files\RegWork\RegWork.exe
HKLM-Run-ROC_roc_dec12 - c:\program files\AVG Secure Search\ROC_roc_dec12.exe
Notify-WgaLogon - (no file)
AddRemove-My First CD-ROM - Number - c:\windows\uninst.exe -rDK Interactive Learning\My First CD-ROM - Number\1.1.0.3
.
.
.
**************************************************************************
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2013-09-17 18:50
Windows 5.1.2600 Service Pack 3 NTFS
.
scanning hidden processes ...
.
scanning hidden autostart entries ...
.
HKLM\Software\Microsoft\Windows\CurrentVersion\Run
DLCDCATS = rundll32 c:\windows\System32\spool\DRIVERS\W32X86\3\DLCDtime.dll,_RunDLLEntry@16???????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????
.
scanning hidden files ...
.
scan completed successfully
hidden files: 0
.
**************************************************************************
.
LOCKED REGISTRY KEYS
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c\WINDOWS\\system32\\Macromed\\Flash\\FlashUtil32_11_8_800_174_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\WINDOWS\\system32\\Macromed\\Flash\\FlashUtil32_11_8_800_174_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
DLLs Loaded Under Running Processes
.
- - - - - - - > 'explorer.exe'(3464)
c:\documents and settings\Eddie Doyle\Application Data\Dropbox\bin\DropboxExt.19.dll
.
Other Running Processes
.
c:\windows\system32\Ati2evxx.exe
c:\program files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
c:\program files\Bonjour\mDNSResponder.exe
c:\windows\system32\CTsvcCDA.exe
c:\windows\eHome\ehRecvr.exe
c:\windows\eHome\ehSched.exe
c:\program files\Dell Support Center\bin\sprtsvc.exe
c:\windows\system32\wdfmgr.exe
c:\windows\ehome\mcrdsvc.exe
c:\windows\stsystra.exe
c:\program files\AVG\AVG PC TuneUp\TuneUpUtilitiesApp32.exe
c:\windows\system32\dllhost.exe
c:\windows\system32\dlcdcoms.exe
c:\program files\iPod\bin\iPodService.exe
c:\windows\eHome\ehmsas.exe
c:\windows\system32\wscntfy.exe
.
**************************************************************************
.
Completion time: 2013-09-17 18:58:22 - machine was rebooted
ComboFix-quarantined-files.txt 2013-09-17 17:58
.
Pre-Run: 102,036,373,504 bytes free
Post-Run: 102,425,387,008 bytes free
.
WindowsXP-KB310994-SP2-Pro-BootDisk-ENU.exe
[boot loader]
timeout=2
default=multi(0)disk(0)rdisk(0)partition(2)\WINDOWS
[operating systems]
c:\cmdcons\BOOTSECT.DAT="Microsoft Windows Recovery Console" /cmdcons
UnsupportedDebug="do not select this" /debug
multi(0)disk(0)rdisk(0)partition(2)\WINDOWS="Windows XP Media Center Edition" /noexecute=optin /fastdetect
.
- - End Of File - - 216B6AE94314468993F4FF2B2AE84F4B
5CB90281D1A59B251F6603134774EEC30 -
update malwarebytes, run a quick scan post that log0
Advertisement