tomtatsfield

Sorry seem to have lost the contents of the ComboFix.txt Where can I find this? # AdwCleaner v3.004 - Report created 17/09/2013 at 11:25:59 # Updated 15/09/2013 by Xplode # Operating System : Windows 7 Home Premium Service Pack 1 (64 bits) # Username : Philip - PHILIP-PC # Running from : C:\Users\Philip\Desktop\AdwCleaner.exe # Option : Clean ***** [ Services ] ***** ***** [ Files / Folders ] ***** Folder Deleted : C:\Users\Lolo\AppData\Local\Google\Chrome\User Data\Default\Extensions\jmfkcklnlgedgbglfkkgedjfmejoahla Folder Deleted : C:\Users\Cam\AppData\Local\Google\Chrome\User Data\Default\Extensions\jmfkcklnlgedgbglfkkgedjfmejoahla Folder Deleted : C:\Users\Lolo\AppData\Local\Google\Chrome\User Data\Default\Extensions\ndibdjnfmopecpmkdieinmbadjfpblof Folder Deleted : C:\Users\Cam\AppData\Local\Google\Chrome\User Data\Default\Extensions\ndibdjnfmopecpmkdieinmbadjfpblof ***** [ Shortcuts ] ***** ***** [ Registry ] ***** ***** [ Browsers ] ***** -\\ Internet Explorer v9.0.8112.16476 -\\ Mozilla Firefox v [ File : C:\Users\Philip\Application Data\Mozilla\Firefox\Profiles\ztv1i0k3.default\prefs.js ] -\\ Google Chrome v29.0.1547.66 [ File : C:\Users\Philip\AppData\Local\Google\Chrome\User Data\Default\preferences ] ************************* AdwCleaner[R0].txt - [25885 octets] - [15/09/2013 17:06:36] AdwCleaner[R1].txt - [25946 octets] - [15/09/2013 17:28:39] AdwCleaner[R2].txt - [26439 octets] - [16/09/2013 17:48:20] AdwCleaner[R3].txt - [1598 octets] - [16/09/2013 21:16:16] AdwCleaner[R4].txt - [1672 octets] - [17/09/2013 11:24:21] AdwCleaner[s0].txt - [24259 octets] - [16/09/2013 17:55:16] AdwCleaner[s1].txt - [1601 octets] - [17/09/2013 11:25:59] ########## EOF - C:\AdwCleaner\AdwCleaner[s1].txt - [1661 octets] ##########

The computer is responsive and behaving normally with updates now taking place. excellent result from rerun ADW: # AdwCleaner v3.004 - Report created 16/09/2013 at 21:16:16 # Updated 15/09/2013 by Xplode # Operating System : Windows 7 Home Premium (64 bits) # Username : Philip - PHILIP-PC # Running from : C:\Users\Philip\Desktop\AdwCleaner.exe # Option : Scan ***** [ Services ] ***** ***** [ Files / Folders ] ***** Folder Found : C:\Users\Cam\AppData\Local\Google\Chrome\User Data\Default\Extensions\jmfkcklnlgedgbglfkkgedjfmejoahla Folder Found : C:\Users\Cam\AppData\Local\Google\Chrome\User Data\Default\Extensions\ndibdjnfmopecpmkdieinmbadjfpblof Folder Found : C:\Users\Lolo\AppData\Local\Google\Chrome\User Data\Default\Extensions\jmfkcklnlgedgbglfkkgedjfmejoahla Folder Found : C:\Users\Lolo\AppData\Local\Google\Chrome\User Data\Default\Extensions\ndibdjnfmopecpmkdieinmbadjfpblof ***** [ Shortcuts ] ***** ***** [ Registry ] ***** ***** [ Browsers ] ***** -\\ Internet Explorer v9.0.8112.16476 -\\ Mozilla Firefox v [ File : C:\Users\Philip\Application Data\Mozilla\Firefox\Profiles\ztv1i0k3.default\prefs.js ] -\\ Google Chrome v29.0.1547.66 [ File : C:\Users\Philip\AppData\Local\Google\Chrome\User Data\Default\preferences ] ************************* AdwCleaner[R0].txt - [25885 octets] - [15/09/2013 17:06:36] AdwCleaner[R1].txt - [25946 octets] - [15/09/2013 17:28:39] AdwCleaner[R2].txt - [26439 octets] - [16/09/2013 17:48:20] AdwCleaner[R3].txt - [1397 octets] - [16/09/2013 21:16:16] AdwCleaner[s0].txt - [24259 octets] - [16/09/2013 17:55:16] ########## EOF - C:\AdwCleaner\AdwCleaner[R3].txt - [1518 octets] ##########

results from Eset report C:\AdwCleaner\Quarantine\C\Users\Philip\AppData\Local\Conduit\CT2269050\DVDVideoSoftTBAutoUpdaterHelper.exe.vir Win32/Toolbar.Conduit.F application C:\Program Files (x86)\Common Files\DVDVideoSoft\AskTB\ApnIC.dll a variant of Win32/Bundled.Toolbar.Ask application C:\Program Files (x86)\Common Files\DVDVideoSoft\AskTB\ApnToolbarInstaller.exe a variant of Win32/Bundled.Toolbar.Ask application C:\Users\Lolo\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\48\652c9ab0-3fcea653 multiple threats C:\Users\Philip\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\22\3bf10156-26577325 a variant of Java/Exploit.Agent.PNY trojan C:\Users\Philip\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\34\154b8aa2-1cb89e35 a variant of Java/Exploit.CVE-2013-2465.AO trojan C:\Users\Philip\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\49\4c925071-325a2651 multiple threats C:\Users\Philip\AppData\Roaming\LatestDLMgr.exe a variant of Win32/OpenCandy.A application C:\Users\Philip\Downloads\FreeStudio.exe a variant of Win32/Bundled.Toolbar.Ask application

The computer is now responding to updates perfectly, can only assume that the security issue is now resolved, thank very much. Adw report attached, will continue with ESET later and report # AdwCleaner v3.004 - Report created 16/09/2013 at 17:55:16 # Updated 15/09/2013 by Xplode # Operating System : Windows 7 Home Premium (64 bits) # Username : Philip - PHILIP-PC # Running from : C:\Users\Philip\Desktop\AdwCleaner.exe # Option : Clean ***** [ Services ] ***** ***** [ Files / Folders ] ***** Folder Deleted : C:\ProgramData\Ask Folder Deleted : C:\ProgramData\AVG Secure Search Folder Deleted : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Crawler Toolbar Folder Deleted : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Inbox Toolbar Folder Deleted : C:\Program Files (x86)\Ask.com Folder Deleted : C:\Program Files (x86)\AVG Secure Search Folder Deleted : C:\Program Files (x86)\Conduit Folder Deleted : C:\Program Files (x86)\ConduitEngine Folder Deleted : C:\Program Files (x86)\Crawler Folder Deleted : C:\Program Files (x86)\DVDVideoSoftTB Folder Deleted : C:\Program Files (x86)\Inbox Toolbar Folder Deleted : C:\Program Files (x86)\searchresults1 Folder Deleted : C:\Program Files (x86)\Common Files\AVG Secure Search Folder Deleted : C:\Program Files (x86)\Common Files\DVDVideoSoft\TB Folder Deleted : C:\Users\Philip\AppData\Local\apn Folder Deleted : C:\Users\Philip\AppData\Local\AVG Secure Search Folder Deleted : C:\Users\Philip\AppData\Local\Conduit Folder Deleted : C:\Users\Philip\AppData\LocalLow\AskToolbar Folder Deleted : C:\Users\Philip\AppData\LocalLow\Conduit Folder Deleted : C:\Users\Philip\AppData\LocalLow\ConduitEngine Folder Deleted : C:\Users\Philip\AppData\LocalLow\DVDVideoSoftTB Folder Deleted : C:\Users\Philip\AppData\LocalLow\Inbox Toolbar Folder Deleted : C:\Users\Philip\AppData\LocalLow\PriceGong Folder Deleted : C:\Users\Philip\AppData\LocalLow\searchresults1 Folder Deleted : C:\Users\Philip\Application Data\dvdvideosoftiehelpers Folder Deleted : C:\Users\Lolo\AppData\Local\AVG Secure Search Folder Deleted : C:\Users\Lolo\AppData\LocalLow\AskToolbar Folder Deleted : C:\Users\Lolo\AppData\LocalLow\AVG Secure Search Folder Deleted : C:\Users\Lolo\AppData\LocalLow\Conduit Folder Deleted : C:\Users\Lolo\AppData\LocalLow\ConduitEngine Folder Deleted : C:\Users\Lolo\AppData\LocalLow\DVDVideoSoftTB Folder Deleted : C:\Users\Lolo\AppData\LocalLow\Inbox Toolbar Folder Deleted : C:\Users\Lolo\AppData\LocalLow\PriceGong Folder Deleted : C:\Users\Cam\AppData\Local\AVG Secure Search Folder Deleted : C:\Users\Cam\AppData\LocalLow\AskToolbar Folder Deleted : C:\Users\Cam\AppData\LocalLow\AVG Secure Search Folder Deleted : C:\Users\Cam\AppData\LocalLow\Conduit Folder Deleted : C:\Users\Cam\AppData\LocalLow\ConduitEngine Folder Deleted : C:\Users\Cam\AppData\LocalLow\DVDVideoSoftTB Folder Deleted : C:\Users\Cam\AppData\LocalLow\Inbox Toolbar Folder Deleted : C:\Users\Cam\AppData\LocalLow\PriceGong Folder Deleted : C:\Users\Cam\AppData\LocalLow\searchresults1 Folder Deleted : C:\Users\Cam\AppData\LocalLow\searchresultstb Folder Deleted : C:\Users\Philip\Application Data\Mozilla\Firefox\Profiles\ztv1i0k3.default\searchresults1 Folder Deleted : C:\Users\Philip\Application Data\Mozilla\Firefox\Profiles\ztv1i0k3.default\Extensions\{ACAA314B-EEBA-48E4-AD47-84E31C44796C} Folder Deleted : C:\Users\Philip\Application Data\Mozilla\Firefox\Profiles\ztv1i0k3.default\Extensions\inboxcomtoolbar@inbox.com Folder Deleted : C:\Users\Philip\Application Data\Mozilla\Firefox\Profiles\ztv1i0k3.default\Extensions\toolbar@ask.com Folder Deleted : C:\Users\Philip\Application Data\Mozilla\Firefox\Profiles\ztv1i0k3.default\Extensions\{872b5b88-9db5-4310-bdd0-ac189557e5f5} Folder Deleted : C:\Users\Lolo\AppData\Local\Google\Chrome\User Data\Default\Extensions\jmfkcklnlgedgbglfkkgedjfmejoahla Folder Deleted : C:\Users\Cam\AppData\Local\Google\Chrome\User Data\Default\Extensions\jmfkcklnlgedgbglfkkgedjfmejoahla Folder Deleted : C:\Users\Philip\AppData\Local\Google\Chrome\User Data\Default\Extensions\ndibdjnfmopecpmkdieinmbadjfpblof Folder Deleted : C:\Users\Lolo\AppData\Local\Google\Chrome\User Data\Default\Extensions\ndibdjnfmopecpmkdieinmbadjfpblof Folder Deleted : C:\Users\Cam\AppData\Local\Google\Chrome\User Data\Default\Extensions\ndibdjnfmopecpmkdieinmbadjfpblof File Deleted : C:\Windows\SysWOW64\conduitEngine.tmp File Deleted : C:\Users\Philip\Application Data\Mozilla\Firefox\Profiles\ztv1i0k3.default\searchplugins\Askcom.xml File Deleted : C:\Users\Philip\Application Data\Mozilla\Firefox\Profiles\ztv1i0k3.default\searchplugins\avg-secure-search.xml File Deleted : C:\Windows\System32\Tasks\Scheduled Update for Ask Toolbar ***** [ Shortcuts ] ***** ***** [ Registry ] ***** Value Deleted : HKLM\SOFTWARE\Mozilla\Firefox\Extensions [Avg@toolbar] Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\jmfkcklnlgedgbglfkkgedjfmejoahla Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\ndibdjnfmopecpmkdieinmbadjfpblof Key Deleted : HKLM\SOFTWARE\Classes\AppID\GenericAskToolbar.DLL Key Deleted : HKLM\SOFTWARE\Classes\AppID\ScriptHelper.EXE Key Deleted : HKLM\SOFTWARE\Classes\AppID\ViProtocol.DLL Key Deleted : HKLM\SOFTWARE\Classes\AVG Secure Search.BrowserWndAPI Key Deleted : HKLM\SOFTWARE\Classes\AVG Secure Search.BrowserWndAPI.1 Key Deleted : HKLM\SOFTWARE\Classes\AVG Secure Search.PugiObj Key Deleted : HKLM\SOFTWARE\Classes\AVG Secure Search.PugiObj.1 Key Deleted : HKLM\SOFTWARE\Classes\Conduit.Engine Key Deleted : HKLM\SOFTWARE\Classes\ctbcommon.Buttons Key Deleted : HKLM\SOFTWARE\Classes\ctbr.R404Pro Key Deleted : HKLM\SOFTWARE\Classes\CToolbar.TB4Client Key Deleted : HKLM\SOFTWARE\Classes\CToolbar.TB4Script Key Deleted : HKLM\SOFTWARE\Classes\CToolbar.TB4Server Key Deleted : HKLM\SOFTWARE\Classes\PROTOCOLS\Handler\inbox Key Deleted : HKLM\SOFTWARE\Classes\PROTOCOLS\Handler\tbr Key Deleted : HKLM\SOFTWARE\Classes\protocols\handler\viprotocol Key Deleted : HKLM\SOFTWARE\Classes\S Key Deleted : HKLM\SOFTWARE\Classes\ScriptHelper.ScriptHelperApi Key Deleted : HKLM\SOFTWARE\Classes\ScriptHelper.ScriptHelperApi.1 Key Deleted : HKLM\SOFTWARE\Classes\ViProtocol.ViProtocolOLE Key Deleted : HKLM\SOFTWARE\Classes\ViProtocol.ViProtocolOLE.1 Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\apnstub_RASAPI32 Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\apnstub_RASMANCS Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\askpartnercobrandingtool_RASAPI32 Key Deleted : HKLM\SOFTWARE\Microsoft\tracing\askpartnercobrandingtool_RASMANCS Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\AskSLib_RASAPI32 Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\AskSLib_RASMANCS Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\CToolbar_RASAPI32 Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\CToolbar_RASMANCS Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\DVDVideoSoftTBAutoUpdaterHelper_RASAPI32 Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\DVDVideoSoftTBAutoUpdaterHelper_RASMANCS Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\DVDVideoSoftTBToolbarHelper_RASAPI32 Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\DVDVideoSoftTBToolbarHelper_RASMANCS Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\TaskScheduler_RASAPI32 Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\TaskScheduler_RASMANCS Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\Crawler Value Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run [ApnUpdater] Value Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run [vProt] Key Deleted : HKLM\SOFTWARE\MozillaPlugins\@avg.com/AVG SiteSafety plugin,version=11.0.0.1,application/x-avg-sitesafety-plugin Key Deleted : HKLM\SOFTWARE\Classes\Toolbar.CT1320680 Key Deleted : HKLM\SOFTWARE\Classes\Toolbar.CT2269050 Key Deleted : HKLM\SOFTWARE\Classes\Toolbar.CT3282128 Key Deleted : HKLM\SOFTWARE\Classes\AppID\{1FDFF5A2-7BB1-48E1-8081-7236812B12B2} Key Deleted : HKLM\SOFTWARE\Classes\AppID\{9B0CB95C-933A-4B8C-B6D4-EDCD19A43874} Key Deleted : HKLM\SOFTWARE\Classes\AppID\{BB711CB0-C70B-482E-9852-EC05EBD71DBB} Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{00000000-6E41-4FD3-8538-502F5495E5FC} Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{02478D38-C3F9-4EFB-9B51-7695ECA05670} Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{042DA63B-0933-403D-9395-B49307691690} Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{183643C8-EE67-4574-9A38-927852E34163} Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{1CB20BF0-BBAE-40A7-93F4-6435FF3D0411} Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{1DDA201E-5B42-4352-933E-21A92B297E3B} Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{30F9B915-B755-4826-820B-08FBA6BD249D} Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{37540F19-DD4C-478B-B2DF-C19281BCAF27} Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{3C471948-F874-49F5-B338-4F214A2EE0B1} Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{4B3803EA-5230-4DC3-A7FC-33638F3D3542} Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{4D25FB7A-8902-4291-960E-9ADA051CFBBF} Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{4E92DB5F-AAD9-49D3-8EAB-B40CBE5B1FF7} Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{54ECA872-DB2A-4C6B-BBB2-F3777C6786CC} Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{612AD33D-9824-4E87-8396-92374E91C4BB} Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{872B5B88-9DB5-4310-BDD0-AC189557E5F5} Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{8736C681-37A0-40C6-A0F0-4C083409151C} Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{898EA8C8-E7FF-479B-8935-AEC46303B9E5} Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{933B95E2-E7B7-4AD9-B952-7AC336682AE3} Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{94366E2C-9923-431C-B0D6-747447DD0F2B} Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{94496571-6AC5-4836-82D5-D46260C44B17} Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{95B7759C-8C7F-4BF1-B163-73684A933233} Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497} Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{B658800C-F66E-4EF3-AB85-6C0C227862A9} Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{BC9FD17D-30F6-4464-9E53-596A90AFF023} Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{CC5AD34C-6F10-4CB3-B74A-C2DD4D5060A3} Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{D3D233D5-9F6D-436C-B6C7-E63F77503B30} Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{D4027C7F-154A-4066-A1AD-4243D8127440} Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{D7E97865-918F-41E4-9CD0-25AB1C574CE8} Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{DE9028D0-5FFA-4E69-94E3-89EE8741F468} Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39} Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{EF99BD32-C1FB-11D2-892F-0090271D4F88} Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{F25AF245-4A81-40DC-92F9-E9021F207706} Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{A13CA50F-88E0-4C05-B280-D4C7E5346603} Key Deleted : HKLM\SOFTWARE\Classes\Interface\{01C78433-6FDF-4E5A-A82D-B535C32E03DF} Key Deleted : HKLM\SOFTWARE\Classes\Interface\{03E2A1F3-4402-4121-8B35-733216D61217} Key Deleted : HKLM\SOFTWARE\Classes\Interface\{28C3737A-32D1-492D-B76B-8D75EBBFB887} Key Deleted : HKLM\SOFTWARE\Classes\Interface\{41349826-5C7F-4BF0-8279-5DAF1DE6E9AE} Key Deleted : HKLM\SOFTWARE\Classes\Interface\{4E92DB5F-AAD9-49D3-8EAB-B40CBE5B1FF7} Key Deleted : HKLM\SOFTWARE\Classes\Interface\{604EA016-1EDE-41E6-A23E-76CF8F2A4808} Key Deleted : HKLM\SOFTWARE\Classes\Interface\{6C434537-053E-486D-B62A-160059D9D456} Key Deleted : HKLM\SOFTWARE\Classes\Interface\{91CF619A-4686-4CA4-9232-3B2E6B63AA92} Key Deleted : HKLM\SOFTWARE\Classes\Interface\{9E3B11F6-4179-4603-A71B-A55F4BCB0BEC} Key Deleted : HKLM\SOFTWARE\Classes\Interface\{AC71B60E-94C9-4EDE-BA46-E146747BB67E} Key Deleted : HKLM\SOFTWARE\Classes\Interface\{B3BA5582-79A9-464D-A7FA-711C5888C6E9} Key Deleted : HKLM\SOFTWARE\Classes\Interface\{C401D2CE-DC27-45C7-BC0C-8E6EA7F085D6} Key Deleted : HKLM\SOFTWARE\Classes\Interface\{CE057E0D-2D7E-4DFF-A890-07BA69B8C762} Key Deleted : HKLM\SOFTWARE\Classes\Interface\{E9BBD270-4B87-4EE2-912F-6635674986C0} Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{13ABD093-D46F-40DF-A608-47E162EC799D} Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{506F578A-91E1-46CE-830F-E2F4268E9966} Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{615E8AA1-6BB8-4A3D-A1CC-373194DB612C} Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{74FB6AFD-DD77-4CEB-83BD-AB2B63E63C93} Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{9C049BA6-EA47-4AC3-AED6-A66D8DC9E1D8} Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{C2AC8A0E-E48E-484B-A71C-C7A937FAAB94} Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{CBEF8724-D080-4737-88DA-111EEC6651AA} Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{E79BB61D-7F1A-41DF-8AD0-402795E3B566} Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{02478D38-C3F9-4EFB-9B51-7695ECA05670} Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{1CB20BF0-BBAE-40A7-93F4-6435FF3D0411} Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{30F9B915-B755-4826-820B-08FBA6BD249D} Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{872B5B88-9DB5-4310-BDD0-AC189557E5F5} Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{94366E2C-9923-431C-B0D6-747447DD0F2B} Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{95B7759C-8C7F-4BF1-B163-73684A933233} Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497} Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D3D233D5-9F6D-436C-B6C7-E63F77503B30} Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D4027C7F-154A-4066-A1AD-4243D8127440} Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{02478D38-C3F9-4EFB-9B51-7695ECA05670} Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{1CB20BF0-BBAE-40A7-93F4-6435FF3D0411} Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{30F9B915-B755-4826-820B-08FBA6BD249D} Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{4B3803EA-5230-4DC3-A7FC-33638F3D3542} Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{872B5B88-9DB5-4310-BDD0-AC189557E5F5} Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{898EA8C8-E7FF-479B-8935-AEC46303B9E5} Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{94366E2C-9923-431C-B0D6-747447DD0F2B} Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{95B7759C-8C7F-4BF1-B163-73684A933233} Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497} Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{D3D233D5-9F6D-436C-B6C7-E63F77503B30} Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{D4027C7F-154A-4066-A1AD-4243D8127440} Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{D7E97865-918F-41E4-9CD0-25AB1C574CE8} Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{EF99BD32-C1FB-11D2-892F-0090271D4F88} Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{02478D38-C3F9-4EFB-9B51-7695ECA05670} Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{1CB20BF0-BBAE-40A7-93F4-6435FF3D0411} Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{30F9B915-B755-4826-820B-08FBA6BD249D} Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{4B3803EA-5230-4DC3-A7FC-33638F3D3542} Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{872B5B88-9DB5-4310-BDD0-AC189557E5F5} Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{94366E2C-9923-431C-B0D6-747447DD0F2B} Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{95B7759C-8C7F-4BF1-B163-73684A933233} Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497} Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{D3D233D5-9F6D-436C-B6C7-E63F77503B30} Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{D4027C7F-154A-4066-A1AD-4243D8127440} Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{D7E97865-918F-41E4-9CD0-25AB1C574CE8} Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{EF99BD32-C1FB-11D2-892F-0090271D4F88} Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{02478D38-C3F9-4EFB-9B51-7695ECA05670} Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{C6FDD0C3-266A-4DC3-B459-28C697C44CDC} Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{EF99BD32-C1FB-11D2-892F-0090271D4F88} Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{F25AF245-4A81-40DC-92F9-E9021F207706} Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{A13CA50F-88E0-4C05-B280-D4C7E5346603} Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Extensions\{898EA8C8-E7FF-479B-8935-AEC46303B9E5} Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{612AD33D-9824-4E87-8396-92374E91C4BB} Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{7459F1D0-9FB6-4D71-AA7B-9DECB34EB704} Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{94366E2C-9923-431C-B0D6-747447DD0F2B} Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{A5AA24EA-11B8-4113-95AE-9ED71DEAF12A} Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39} Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{F25AF245-4A81-40DC-92F9-E9021F207706} Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{FBF1B8D2-9A06-4174-A8B5-E38606DDB92B} Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{FFE0041E-EA01-4593-9DD4-F8694C44C4CC} Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{69DC612C-537B-447D-842F-6B1D15414FE4} Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{DBC2CADF-0E8E-4CAA-A44A-EAE22E0C55DB} Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{171DEBEB-C3D4-40B7-AC73-056A5EBA4A7E} Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{1CB20BF0-BBAE-40A7-93F4-6435FF3D0411} Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{B9C7CE32-DA91-43C2-B7E9-0E9AAFC675CD} Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{C04B7D22-5AEC-4561-8F49-27F6269208F6} Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{AFDBDDAA-5D3F-42EE-B79C-185A7020515B} Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{4B3803EA-5230-4DC3-A7FC-33638F3D3542}] Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{872B5B88-9DB5-4310-BDD0-AC189557E5F5}] Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{94366E2C-9923-431C-B0D6-747447DD0F2B}] Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{95B7759C-8C7F-4BF1-B163-73684A933233}] Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{D4027C7F-154A-4066-A1AD-4243D8127440}] Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{D7E97865-918F-41E4-9CD0-25AB1C574CE8}] Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{EF99BD32-C1FB-11D2-892F-0090271D4F88}] Value Deleted : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{4B3803EA-5230-4DC3-A7FC-33638F3D3542}] Value Deleted : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{872B5B88-9DB5-4310-BDD0-AC189557E5F5}] Value Deleted : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{D7E97865-918F-41E4-9CD0-25AB1C574CE8}] Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks [{872B5B88-9DB5-4310-BDD0-AC189557E5F5}] Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{898EA8C8-E7FF-479B-8935-AEC46303B9E5} Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497} Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497} Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{F25AF245-4A81-40DC-92F9-E9021F207706} Key Deleted : HKCU\Software\APN DTX Key Deleted : HKCU\Software\APN Key Deleted : HKCU\Software\Ask.com Key Deleted : HKCU\Software\AVG Secure Search Key Deleted : HKCU\Software\Conduit Key Deleted : HKCU\Software\CToolbar Key Deleted : HKCU\Software\Inbox Toolbar Key Deleted : HKCU\Software\searchresults1 Key Deleted : HKCU\Software\YahooPartnerToolbar Key Deleted : HKCU\Software\AppDataLow\Toolbar Key Deleted : HKCU\Software\AppDataLow\Software\AskToolbar Key Deleted : HKCU\Software\AppDataLow\Software\Conduit Key Deleted : HKCU\Software\AppDataLow\Software\conduitEngine Key Deleted : HKCU\Software\AppDataLow\Software\ConduitSearchScopes Key Deleted : HKCU\Software\AppDataLow\Software\DVDVideoSoftTB Key Deleted : HKCU\Software\AppDataLow\Software\PriceGong Key Deleted : HKCU\Software\AppDataLow\Software\SmartBar Key Deleted : HKLM\Software\APN Key Deleted : HKLM\Software\AskToolbar Key Deleted : HKLM\Software\AVG Secure Search Key Deleted : HKLM\Software\AVG Security Toolbar Key Deleted : HKLM\Software\Conduit Key Deleted : HKLM\Software\conduitEngine Key Deleted : HKLM\Software\CToolbar Key Deleted : HKLM\Software\DVDVideoSoftTB Key Deleted : HKLM\Software\Freeze.com Key Deleted : HKLM\Software\Inbox Toolbar Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\{79A765E1-C399-405B-85AF-466F52E918B0} Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{612AD33D-9824-4E87-8396-92374E91C4BB}_is1 Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{86D4B82A-ABED-442A-BE86-96357B70F4FE} Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2} Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\AVG Secure Search Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\CToolbar_UNINSTALL Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\searchresults1 Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Conduit Engine Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\DVDVideoSoftTB Toolbar ***** [ Browsers ] ***** -\\ Internet Explorer v9.0.8112.16476 Setting Restored : HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [searchAssistant] Setting Restored : HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [CustomizeSearch] Setting Restored : HKLM\SOFTWARE\Microsoft\Internet Explorer\Search [searchAssistant] Setting Restored : HKLM\SOFTWARE\Microsoft\Internet Explorer\Search [CustomizeSearch] -\\ Mozilla Firefox v [ File : C:\Users\Philip\Application Data\Mozilla\Firefox\Profiles\ztv1i0k3.default\prefs.js ] -\\ Google Chrome v29.0.1547.66 [ File : C:\Users\Philip\AppData\Local\Google\Chrome\User Data\Default\preferences ] ************************* AdwCleaner[R0].txt - [25885 octets] - [15/09/2013 17:06:36] AdwCleaner[R1].txt - [25946 octets] - [15/09/2013 17:28:39] AdwCleaner[R2].txt - [26439 octets] - [16/09/2013 17:48:20] AdwCleaner[s0].txt - [24097 octets] - [16/09/2013 17:55:16] ########## EOF - C:\AdwCleaner\AdwCleaner[s0].txt - [24158 octets] ##########

# AdwCleaner v3.004 - Report created 15/09/2013 at 17:28:39 # Updated 15/09/2013 by Xplode # Operating System : Windows 7 Home Premium (64 bits) # Username : Philip - PHILIP-PC # Running from : C:\Users\Philip\Desktop\AdwCleaner.exe # Option : Scan ***** [ Services ] ***** ***** [ Files / Folders ] ***** File Found : C:\Users\Philip\Application Data\Mozilla\Firefox\Profiles\ztv1i0k3.default\searchplugins\Askcom.xml File Found : C:\Windows\System32\Tasks\Scheduled Update for Ask Toolbar File Found : C:\Windows\SysWOW64\conduitEngine.tmp Folder Found : C:\Users\Cam\AppData\Local\Google\Chrome\User Data\Default\Extensions\jmfkcklnlgedgbglfkkgedjfmejoahla Folder Found : C:\Users\Cam\AppData\Local\Google\Chrome\User Data\Default\Extensions\ndibdjnfmopecpmkdieinmbadjfpblof Folder Found : C:\Users\Lolo\AppData\Local\Google\Chrome\User Data\Default\Extensions\jmfkcklnlgedgbglfkkgedjfmejoahla Folder Found : C:\Users\Lolo\AppData\Local\Google\Chrome\User Data\Default\Extensions\ndibdjnfmopecpmkdieinmbadjfpblof Folder Found : C:\Users\Philip\Application Data\Mozilla\Firefox\Profiles\ztv1i0k3.default\Extensions\{872b5b88-9db5-4310-bdd0-ac189557e5f5} Folder Found : C:\Users\Philip\Application Data\Mozilla\Firefox\Profiles\ztv1i0k3.default\Extensions\{ACAA314B-EEBA-48E4-AD47-84E31C44796C} Folder Found : C:\Users\Philip\Application Data\Mozilla\Firefox\Profiles\ztv1i0k3.default\Extensions\inboxcomtoolbar@inbox.com Folder Found : C:\Users\Philip\Application Data\Mozilla\Firefox\Profiles\ztv1i0k3.default\Extensions\toolbar@ask.com Folder Found C:\Program Files (x86)\Ask.com Folder Found C:\Program Files (x86)\Common Files\AVG Secure Search Folder Found C:\Program Files (x86)\Common Files\DVDVideoSoft\TB Folder Found C:\Program Files (x86)\Conduit Folder Found C:\Program Files (x86)\ConduitEngine Folder Found C:\Program Files (x86)\Crawler Folder Found C:\Program Files (x86)\DVDVideoSoftTB Folder Found C:\Program Files (x86)\DVDVideoSoftTB Folder Found C:\Program Files (x86)\Inbox Toolbar Folder Found C:\Program Files (x86)\searchresults1 Folder Found C:\ProgramData\Ask Folder Found C:\ProgramData\AVG Secure Search Folder Found C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Crawler Toolbar Folder Found C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Crawler Toolbar Folder Found C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Inbox Toolbar Folder Found C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Inbox Toolbar Folder Found C:\Users\Cam\AppData\Local\AVG Secure Search Folder Found C:\Users\Cam\AppData\LocalLow\AskToolbar Folder Found C:\Users\Cam\AppData\LocalLow\AVG Secure Search Folder Found C:\Users\Cam\AppData\LocalLow\Conduit Folder Found C:\Users\Cam\AppData\LocalLow\ConduitEngine Folder Found C:\Users\Cam\AppData\LocalLow\DVDVideoSoftTB Folder Found C:\Users\Cam\AppData\LocalLow\DVDVideoSoftTB Folder Found C:\Users\Cam\AppData\LocalLow\Inbox Toolbar Folder Found C:\Users\Cam\AppData\LocalLow\PriceGong Folder Found C:\Users\Cam\AppData\LocalLow\searchresults1 Folder Found C:\Users\Cam\AppData\LocalLow\searchresultstb Folder Found C:\Users\Lolo\AppData\Local\AVG Secure Search Folder Found C:\Users\Lolo\AppData\LocalLow\AskToolbar Folder Found C:\Users\Lolo\AppData\LocalLow\AVG Secure Search Folder Found C:\Users\Lolo\AppData\LocalLow\Conduit Folder Found C:\Users\Lolo\AppData\LocalLow\ConduitEngine Folder Found C:\Users\Lolo\AppData\LocalLow\DVDVideoSoftTB Folder Found C:\Users\Lolo\AppData\LocalLow\DVDVideoSoftTB Folder Found C:\Users\Lolo\AppData\LocalLow\Inbox Toolbar Folder Found C:\Users\Lolo\AppData\LocalLow\PriceGong Folder Found C:\Users\Philip\AppData\Local\apn Folder Found C:\Users\Philip\AppData\Local\AVG Secure Search Folder Found C:\Users\Philip\AppData\Local\Conduit Folder Found C:\Users\Philip\AppData\LocalLow\AskToolbar Folder Found C:\Users\Philip\AppData\LocalLow\Conduit Folder Found C:\Users\Philip\AppData\LocalLow\ConduitEngine Folder Found C:\Users\Philip\AppData\LocalLow\DVDVideoSoftTB Folder Found C:\Users\Philip\AppData\LocalLow\DVDVideoSoftTB Folder Found C:\Users\Philip\AppData\LocalLow\Inbox Toolbar Folder Found C:\Users\Philip\AppData\LocalLow\PriceGong Folder Found C:\Users\Philip\AppData\LocalLow\searchresults1 Folder Found C:\Users\Philip\Application Data\dvdvideosoftiehelpers Folder Found C:\Users\Philip\Application Data\Mozilla\Firefox\Profiles\ztv1i0k3.default\searchresults1 ***** [ Shortcuts ] ***** ***** [ Registry ] ***** Key Found : HKCU\Software\APN Key Found : HKCU\Software\APN DTX Key Found : HKCU\Software\AppDataLow\Software\AskToolbar Key Found : HKCU\Software\AppDataLow\Software\Conduit Key Found : HKCU\Software\AppDataLow\Software\conduitEngine Key Found : HKCU\Software\AppDataLow\Software\conduitEngine Key Found : HKCU\Software\AppDataLow\Software\ConduitSearchScopes Key Found : HKCU\Software\AppDataLow\Software\DVDVideoSoftTB Key Found : HKCU\Software\AppDataLow\Software\DVDVideoSoftTB Key Found : HKCU\Software\AppDataLow\Software\PriceGong Key Found : HKCU\Software\AppDataLow\Software\SmartBar Key Found : HKCU\Software\AppDataLow\Toolbar Key Found : HKCU\Software\Ask.com Key Found : HKCU\Software\AVG Secure Search Key Found : HKCU\Software\Conduit Key Found : HKCU\Software\CToolbar Key Found : HKCU\Software\Inbox Toolbar Key Found : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{171DEBEB-C3D4-40B7-AC73-056A5EBA4A7E} Key Found : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{1CB20BF0-BBAE-40A7-93F4-6435FF3D0411} Key Found : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{B9C7CE32-DA91-43C2-B7E9-0E9AAFC675CD} Key Found : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{C04B7D22-5AEC-4561-8F49-27F6269208F6} Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{02478D38-C3F9-4EFB-9B51-7695ECA05670} Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{1CB20BF0-BBAE-40A7-93F4-6435FF3D0411} Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{30F9B915-B755-4826-820B-08FBA6BD249D} Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{30F9B915-B755-4826-820B-08FBA6BD249D} Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{4B3803EA-5230-4DC3-A7FC-33638F3D3542} Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{872B5B88-9DB5-4310-BDD0-AC189557E5F5} Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{872B5B88-9DB5-4310-BDD0-AC189557E5F5} Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{94366E2C-9923-431C-B0D6-747447DD0F2B} Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{95B7759C-8C7F-4BF1-B163-73684A933233} Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497} Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{D3D233D5-9F6D-436C-B6C7-E63F77503B30} Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{D4027C7F-154A-4066-A1AD-4243D8127440} Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{D7E97865-918F-41E4-9CD0-25AB1C574CE8} Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{EF99BD32-C1FB-11D2-892F-0090271D4F88} Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{02478D38-C3F9-4EFB-9B51-7695ECA05670} Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{1CB20BF0-BBAE-40A7-93F4-6435FF3D0411} Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{30F9B915-B755-4826-820B-08FBA6BD249D} Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{30F9B915-B755-4826-820B-08FBA6BD249D} Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{4B3803EA-5230-4DC3-A7FC-33638F3D3542} Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{872B5B88-9DB5-4310-BDD0-AC189557E5F5} Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{872B5B88-9DB5-4310-BDD0-AC189557E5F5} Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{898EA8C8-E7FF-479B-8935-AEC46303B9E5} Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{94366E2C-9923-431C-B0D6-747447DD0F2B} Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{95B7759C-8C7F-4BF1-B163-73684A933233} Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497} Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{D3D233D5-9F6D-436C-B6C7-E63F77503B30} Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{D4027C7F-154A-4066-A1AD-4243D8127440} Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{D7E97865-918F-41E4-9CD0-25AB1C574CE8} Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{EF99BD32-C1FB-11D2-892F-0090271D4F88} Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\{79A765E1-C399-405B-85AF-466F52E918B0} Key Found : HKCU\Software\searchresults1 Key Found : HKCU\Software\YahooPartnerToolbar Key Found : [x64] HKCU\Software\APN Key Found : [x64] HKCU\Software\APN DTX Key Found : [x64] HKCU\Software\Ask.com Key Found : [x64] HKCU\Software\AVG Secure Search Key Found : [x64] HKCU\Software\Conduit Key Found : [x64] HKCU\Software\CToolbar Key Found : [x64] HKCU\Software\Inbox Toolbar Key Found : [x64] HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{171DEBEB-C3D4-40B7-AC73-056A5EBA4A7E} Key Found : [x64] HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{1CB20BF0-BBAE-40A7-93F4-6435FF3D0411} Key Found : [x64] HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{B9C7CE32-DA91-43C2-B7E9-0E9AAFC675CD} Key Found : [x64] HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{C04B7D22-5AEC-4561-8F49-27F6269208F6} Key Found : [x64] HKCU\Software\searchresults1 Key Found : [x64] HKCU\Software\YahooPartnerToolbar Key Found : HKLM\Software\APN Key Found : HKLM\Software\AskToolbar Key Found : HKLM\SOFTWARE\Classes\AppID\{1FDFF5A2-7BB1-48E1-8081-7236812B12B2} Key Found : HKLM\SOFTWARE\Classes\AppID\{9B0CB95C-933A-4B8C-B6D4-EDCD19A43874} Key Found : HKLM\SOFTWARE\Classes\AppID\{BB711CB0-C70B-482E-9852-EC05EBD71DBB} Key Found : HKLM\SOFTWARE\Classes\AppID\GenericAskToolbar.DLL Key Found : HKLM\SOFTWARE\Classes\AppID\ScriptHelper.EXE Key Found : HKLM\SOFTWARE\Classes\AppID\ViProtocol.DLL Key Found : HKLM\SOFTWARE\Classes\AVG Secure Search.BrowserWndAPI Key Found : HKLM\SOFTWARE\Classes\AVG Secure Search.BrowserWndAPI.1 Key Found : HKLM\SOFTWARE\Classes\AVG Secure Search.PugiObj Key Found : HKLM\SOFTWARE\Classes\AVG Secure Search.PugiObj.1 Key Found : HKLM\SOFTWARE\Classes\CLSID\{00000000-6E41-4FD3-8538-502F5495E5FC} Key Found : HKLM\SOFTWARE\Classes\CLSID\{02478D38-C3F9-4EFB-9B51-7695ECA05670} Key Found : HKLM\SOFTWARE\Classes\CLSID\{042DA63B-0933-403D-9395-B49307691690} Key Found : HKLM\SOFTWARE\Classes\CLSID\{183643C8-EE67-4574-9A38-927852E34163} Key Found : HKLM\SOFTWARE\Classes\CLSID\{1CB20BF0-BBAE-40A7-93F4-6435FF3D0411} Key Found : HKLM\SOFTWARE\Classes\CLSID\{1DDA201E-5B42-4352-933E-21A92B297E3B} Key Found : HKLM\SOFTWARE\Classes\CLSID\{30F9B915-B755-4826-820B-08FBA6BD249D} Key Found : HKLM\SOFTWARE\Classes\CLSID\{30F9B915-B755-4826-820B-08FBA6BD249D} Key Found : HKLM\SOFTWARE\Classes\CLSID\{37540F19-DD4C-478B-B2DF-C19281BCAF27} Key Found : HKLM\SOFTWARE\Classes\CLSID\{3C471948-F874-49F5-B338-4F214A2EE0B1} Key Found : HKLM\SOFTWARE\Classes\CLSID\{4B3803EA-5230-4DC3-A7FC-33638F3D3542} Key Found : HKLM\SOFTWARE\Classes\CLSID\{4D25FB7A-8902-4291-960E-9ADA051CFBBF} Key Found : HKLM\SOFTWARE\Classes\CLSID\{4E92DB5F-AAD9-49D3-8EAB-B40CBE5B1FF7} Key Found : HKLM\SOFTWARE\Classes\CLSID\{54ECA872-DB2A-4C6B-BBB2-F3777C6786CC} Key Found : HKLM\SOFTWARE\Classes\CLSID\{612AD33D-9824-4E87-8396-92374E91C4BB} Key Found : HKLM\SOFTWARE\Classes\CLSID\{872B5B88-9DB5-4310-BDD0-AC189557E5F5} Key Found : HKLM\SOFTWARE\Classes\CLSID\{872B5B88-9DB5-4310-BDD0-AC189557E5F5} Key Found : HKLM\SOFTWARE\Classes\CLSID\{8736C681-37A0-40C6-A0F0-4C083409151C} Key Found : HKLM\SOFTWARE\Classes\CLSID\{898EA8C8-E7FF-479B-8935-AEC46303B9E5} Key Found : HKLM\SOFTWARE\Classes\CLSID\{933B95E2-E7B7-4AD9-B952-7AC336682AE3} Key Found : HKLM\SOFTWARE\Classes\CLSID\{94366E2C-9923-431C-B0D6-747447DD0F2B} Key Found : HKLM\SOFTWARE\Classes\CLSID\{94496571-6AC5-4836-82D5-D46260C44B17} Key Found : HKLM\SOFTWARE\Classes\CLSID\{95B7759C-8C7F-4BF1-B163-73684A933233} Key Found : HKLM\SOFTWARE\Classes\CLSID\{A13CA50F-88E0-4C05-B280-D4C7E5346603} Key Found : HKLM\SOFTWARE\Classes\CLSID\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497} Key Found : HKLM\SOFTWARE\Classes\CLSID\{B658800C-F66E-4EF3-AB85-6C0C227862A9} Key Found : HKLM\SOFTWARE\Classes\CLSID\{BC9FD17D-30F6-4464-9E53-596A90AFF023} Key Found : HKLM\SOFTWARE\Classes\CLSID\{CC5AD34C-6F10-4CB3-B74A-C2DD4D5060A3} Key Found : HKLM\SOFTWARE\Classes\CLSID\{D3D233D5-9F6D-436C-B6C7-E63F77503B30} Key Found : HKLM\SOFTWARE\Classes\CLSID\{D4027C7F-154A-4066-A1AD-4243D8127440} Key Found : HKLM\SOFTWARE\Classes\CLSID\{D7E97865-918F-41E4-9CD0-25AB1C574CE8} Key Found : HKLM\SOFTWARE\Classes\CLSID\{DE9028D0-5FFA-4E69-94E3-89EE8741F468} Key Found : HKLM\SOFTWARE\Classes\CLSID\{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39} Key Found : HKLM\SOFTWARE\Classes\CLSID\{EF99BD32-C1FB-11D2-892F-0090271D4F88} Key Found : HKLM\SOFTWARE\Classes\CLSID\{F25AF245-4A81-40DC-92F9-E9021F207706} Key Found : HKLM\SOFTWARE\Classes\Conduit.Engine Key Found : HKLM\SOFTWARE\Classes\ctbcommon.Buttons Key Found : HKLM\SOFTWARE\Classes\ctbr.R404Pro Key Found : HKLM\SOFTWARE\Classes\CToolbar.TB4Client Key Found : HKLM\SOFTWARE\Classes\CToolbar.TB4Script Key Found : HKLM\SOFTWARE\Classes\CToolbar.TB4Server Key Found : HKLM\SOFTWARE\Classes\Interface\{01C78433-6FDF-4E5A-A82D-B535C32E03DF} Key Found : HKLM\SOFTWARE\Classes\Interface\{03E2A1F3-4402-4121-8B35-733216D61217} Key Found : HKLM\SOFTWARE\Classes\Interface\{28C3737A-32D1-492D-B76B-8D75EBBFB887} Key Found : HKLM\SOFTWARE\Classes\Interface\{41349826-5C7F-4BF0-8279-5DAF1DE6E9AE} Key Found : HKLM\SOFTWARE\Classes\Interface\{4E92DB5F-AAD9-49D3-8EAB-B40CBE5B1FF7} Key Found : HKLM\SOFTWARE\Classes\Interface\{604EA016-1EDE-41E6-A23E-76CF8F2A4808} Key Found : HKLM\SOFTWARE\Classes\Interface\{6C434537-053E-486D-B62A-160059D9D456} Key Found : HKLM\SOFTWARE\Classes\Interface\{91CF619A-4686-4CA4-9232-3B2E6B63AA92} Key Found : HKLM\SOFTWARE\Classes\Interface\{9E3B11F6-4179-4603-A71B-A55F4BCB0BEC} Key Found : HKLM\SOFTWARE\Classes\Interface\{AC71B60E-94C9-4EDE-BA46-E146747BB67E} Key Found : HKLM\SOFTWARE\Classes\Interface\{B3BA5582-79A9-464D-A7FA-711C5888C6E9} Key Found : HKLM\SOFTWARE\Classes\Interface\{C401D2CE-DC27-45C7-BC0C-8E6EA7F085D6} Key Found : HKLM\SOFTWARE\Classes\Interface\{CE057E0D-2D7E-4DFF-A890-07BA69B8C762} Key Found : HKLM\SOFTWARE\Classes\Interface\{E9BBD270-4B87-4EE2-912F-6635674986C0} Key Found : HKLM\SOFTWARE\Classes\PROTOCOLS\Handler\inbox Key Found : HKLM\SOFTWARE\Classes\PROTOCOLS\Handler\tbr Key Found : HKLM\SOFTWARE\Classes\protocols\handler\viprotocol Key Found : HKLM\SOFTWARE\Classes\ScriptHelper.ScriptHelperApi Key Found : HKLM\SOFTWARE\Classes\ScriptHelper.ScriptHelperApi.1 Key Found : HKLM\SOFTWARE\Classes\Toolbar.CT1320680 Key Found : HKLM\SOFTWARE\Classes\Toolbar.CT2269050 Key Found : HKLM\SOFTWARE\Classes\Toolbar.CT3282128 Key Found : HKLM\SOFTWARE\Classes\TypeLib\{13ABD093-D46F-40DF-A608-47E162EC799D} Key Found : HKLM\SOFTWARE\Classes\TypeLib\{506F578A-91E1-46CE-830F-E2F4268E9966} Key Found : HKLM\SOFTWARE\Classes\TypeLib\{615E8AA1-6BB8-4A3D-A1CC-373194DB612C} Key Found : HKLM\SOFTWARE\Classes\TypeLib\{74FB6AFD-DD77-4CEB-83BD-AB2B63E63C93} Key Found : HKLM\SOFTWARE\Classes\TypeLib\{9C049BA6-EA47-4AC3-AED6-A66D8DC9E1D8} Key Found : HKLM\SOFTWARE\Classes\TypeLib\{C2AC8A0E-E48E-484B-A71C-C7A937FAAB94} Key Found : HKLM\SOFTWARE\Classes\TypeLib\{CBEF8724-D080-4737-88DA-111EEC6651AA} Key Found : HKLM\SOFTWARE\Classes\TypeLib\{E79BB61D-7F1A-41DF-8AD0-402795E3B566} Key Found : HKLM\SOFTWARE\Classes\ViProtocol.ViProtocolOLE Key Found : HKLM\SOFTWARE\Classes\ViProtocol.ViProtocolOLE.1 Key Found : HKLM\Software\Conduit Key Found : HKLM\Software\conduitEngine Key Found : HKLM\Software\conduitEngine Key Found : HKLM\Software\CToolbar Key Found : HKLM\Software\DVDVideoSoftTB Key Found : HKLM\Software\DVDVideoSoftTB Key Found : HKLM\Software\Freeze.com Key Found : HKLM\SOFTWARE\Google\Chrome\Extensions\jmfkcklnlgedgbglfkkgedjfmejoahla Key Found : HKLM\SOFTWARE\Google\Chrome\Extensions\ndibdjnfmopecpmkdieinmbadjfpblof Key Found : HKLM\Software\Inbox Toolbar Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Extensions\{898EA8C8-E7FF-479B-8935-AEC46303B9E5} Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{612AD33D-9824-4E87-8396-92374E91C4BB} Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{69DC612C-537B-447D-842F-6B1D15414FE4} Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{7459F1D0-9FB6-4D71-AA7B-9DECB34EB704} Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{94366E2C-9923-431C-B0D6-747447DD0F2B} Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{A5AA24EA-11B8-4113-95AE-9ED71DEAF12A} Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{DBC2CADF-0E8E-4CAA-A44A-EAE22E0C55DB} Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39} Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{F25AF245-4A81-40DC-92F9-E9021F207706} Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{FBF1B8D2-9A06-4174-A8B5-E38606DDB92B} Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{FFE0041E-EA01-4593-9DD4-F8694C44C4CC} Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{AFDBDDAA-5D3F-42EE-B79C-185A7020515B} Key Found : HKLM\SOFTWARE\Microsoft\Tracing\apnstub_RASAPI32 Key Found : HKLM\SOFTWARE\Microsoft\Tracing\apnstub_RASMANCS Key Found : HKLM\SOFTWARE\Microsoft\Tracing\askpartnercobrandingtool_RASAPI32 Key Found : HKLM\SOFTWARE\Microsoft\tracing\askpartnercobrandingtool_RASMANCS Key Found : HKLM\SOFTWARE\Microsoft\Tracing\AskSLib_RASAPI32 Key Found : HKLM\SOFTWARE\Microsoft\Tracing\AskSLib_RASMANCS Key Found : HKLM\SOFTWARE\Microsoft\Tracing\CToolbar_RASAPI32 Key Found : HKLM\SOFTWARE\Microsoft\Tracing\CToolbar_RASMANCS Key Found : HKLM\SOFTWARE\Microsoft\Tracing\DVDVideoSoftTBAutoUpdaterHelper_RASAPI32 Key Found : HKLM\SOFTWARE\Microsoft\Tracing\DVDVideoSoftTBAutoUpdaterHelper_RASMANCS Key Found : HKLM\SOFTWARE\Microsoft\Tracing\DVDVideoSoftTBToolbarHelper_RASAPI32 Key Found : HKLM\SOFTWARE\Microsoft\Tracing\DVDVideoSoftTBToolbarHelper_RASMANCS Key Found : HKLM\SOFTWARE\Microsoft\Tracing\TaskScheduler_RASAPI32 Key Found : HKLM\SOFTWARE\Microsoft\Tracing\TaskScheduler_RASMANCS Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{02478D38-C3F9-4EFB-9B51-7695ECA05670} Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{1CB20BF0-BBAE-40A7-93F4-6435FF3D0411} Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{30F9B915-B755-4826-820B-08FBA6BD249D} Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{30F9B915-B755-4826-820B-08FBA6BD249D} Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{872B5B88-9DB5-4310-BDD0-AC189557E5F5} Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{872B5B88-9DB5-4310-BDD0-AC189557E5F5} Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{94366E2C-9923-431C-B0D6-747447DD0F2B} Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{95B7759C-8C7F-4BF1-B163-73684A933233} Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497} Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D3D233D5-9F6D-436C-B6C7-E63F77503B30} Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D4027C7F-154A-4066-A1AD-4243D8127440} Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{02478D38-C3F9-4EFB-9B51-7695ECA05670} Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{A13CA50F-88E0-4C05-B280-D4C7E5346603} Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{C6FDD0C3-266A-4DC3-B459-28C697C44CDC} Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{EF99BD32-C1FB-11D2-892F-0090271D4F88} Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{F25AF245-4A81-40DC-92F9-E9021F207706} Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\Crawler Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{612AD33D-9824-4E87-8396-92374E91C4BB}_is1 Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{86D4B82A-ABED-442A-BE86-96357B70F4FE} Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2} Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\AVG Secure Search Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Conduit Engine Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\CToolbar_UNINSTALL Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\DVDVideoSoftTB Toolbar Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\searchresults1 Key Found : HKLM\SOFTWARE\MozillaPlugins\@avg.com/AVG SiteSafety plugin,version=11.0.0.1,application/x-avg-sitesafety-plugin Key Found : [x64] HKLM\SOFTWARE\Classes\CLSID\{898EA8C8-E7FF-479B-8935-AEC46303B9E5} Key Found : [x64] HKLM\SOFTWARE\Classes\CLSID\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497} Key Found : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{F25AF245-4A81-40DC-92F9-E9021F207706} Key Found : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} Key Found : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497} Value Found : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{4B3803EA-5230-4DC3-A7FC-33638F3D3542}] Value Found : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{872B5B88-9DB5-4310-BDD0-AC189557E5F5}] Value Found : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{872B5B88-9DB5-4310-BDD0-AC189557E5F5}] Value Found : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{D7E97865-918F-41E4-9CD0-25AB1C574CE8}] Value Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{4B3803EA-5230-4DC3-A7FC-33638F3D3542}] Value Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{872B5B88-9DB5-4310-BDD0-AC189557E5F5}] Value Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{872B5B88-9DB5-4310-BDD0-AC189557E5F5}] Value Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{94366E2C-9923-431C-B0D6-747447DD0F2B}] Value Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{95B7759C-8C7F-4BF1-B163-73684A933233}] Value Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{D4027C7F-154A-4066-A1AD-4243D8127440}] Value Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{D7E97865-918F-41E4-9CD0-25AB1C574CE8}] Value Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{EF99BD32-C1FB-11D2-892F-0090271D4F88}] Value Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks [{872B5B88-9DB5-4310-BDD0-AC189557E5F5}] Value Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks [{872B5B88-9DB5-4310-BDD0-AC189557E5F5}] Value Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run [ApnUpdater] Value Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run [vProt] Value Found : HKLM\SOFTWARE\Mozilla\Firefox\Extensions [Avg@toolbar] ***** [ Browsers ] ***** -\\ Internet Explorer v9.0.8112.16476 -\\ Mozilla Firefox v [ File : C:\Users\Philip\Application Data\Mozilla\Firefox\Profiles\ztv1i0k3.default\prefs.js ] -\\ Google Chrome v29.0.1547.66 [ File : C:\Users\Philip\AppData\Local\Google\Chrome\User Data\Default\preferences ] ************************* AdwCleaner[R0].txt - [25885 octets] - [15/09/2013 17:06:36] AdwCleaner[R1].txt - [25732 octets] - [15/09/2013 17:28:39] ########## EOF - C:\AdwCleaner\AdwCleaner[R1].txt - [25793 octets] ########## Malwarebytes Anti-Malware (Trial) 1.75.0.1300 www.malwarebytes.org Database version: v2013.09.15.04 Windows 7 x64 NTFS Internet Explorer 9.0.8112.16421 Philip :: PHILIP-PC [administrator] Protection: Enabled 15/09/2013 18:50:44 mbam-log-2013-09-15 (18-50-44).txt Scan type: Full scan (C:\|D:\|) Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM Scan options disabled: P2P Objects scanned: 497552 Time elapsed: 1 hour(s), 25 minute(s), 4 second(s) Memory Processes Detected: 0 (No malicious items detected) Memory Modules Detected: 0 (No malicious items detected) Registry Keys Detected: 0 (No malicious items detected) Registry Values Detected: 0 (No malicious items detected) Registry Data Items Detected: 0 (No malicious items detected) Folders Detected: 0 (No malicious items detected) Files Detected: 0 (No malicious items detected) (end)

Finally found a way ComboFix 13-09-14.01 - Philip 15/09/2013 11:03:22.1.2 - x64 Microsoft Windows 7 Home Premium 6.1.7600.0.1252.44.1033.18.4027.2342 [GMT 1:00] Running from: c:\users\Philip\Desktop\ComboFix.exe AV: AVG Internet Security 2012 *Disabled/Outdated* {5A2746B1-DEE9-F85A-FBCD-ADB11639C5F0} AV: Microsoft Security Essentials *Disabled/Updated* {641105E6-77ED-3F35-A304-765193BCB75F} FW: AVG Internet Security 2012 *Disabled* {621CC794-9486-F902-D092-0484E8EA828B} SP: AVG Internet Security 2012 *Disabled/Outdated* {E146A755-F8D3-F7D4-C17D-96C36DBE8F4D} SP: Microsoft Security Essentials *Disabled/Updated* {DF70E402-51D7-30BB-99B4-4D23E83BFDE2} SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} * Created a new restore point . . ((((((((((((((((((((((((((((((((((((((( Other Deletions ))))))))))))))))))))))))))))))))))))))))))))))))) . . c:\users\Cam\AppData\Local\Google\Chrome\User Data\Default\Preferences c:\users\Lolo\AppData\Local\Google\Chrome\User Data\Default\Preferences c:\users\Philip\AppData\Local\axiollpj.log c:\users\Philip\AppData\Local\dtggwayn.log c:\users\Philip\AppData\Local\Google\Chrome\User Data\Default\Preferences c:\users\Philip\AppData\Local\kamplwqj.log c:\users\Philip\AppData\Local\msdjxvum.log c:\users\Philip\AppData\Local\qhvydfuk.log c:\users\Philip\AppData\Local\tkokgeop.log c:\users\Philip\Documents\~WRL0198.tmp c:\users\Philip\GoToAssistDownloadHelper.exe c:\windows\SysWow64\Cache c:\windows\SysWow64\Cache\029fec230f5de8a3.fb c:\windows\SysWow64\Cache\0ed0230d16d16b76.fb c:\windows\SysWow64\Cache\26c630d098e22dd5.fb c:\windows\SysWow64\Cache\272512937d9e61a4.fb c:\windows\SysWow64\Cache\287204568329e189.fb c:\windows\SysWow64\Cache\28bc8f716fd76a47.fb c:\windows\SysWow64\Cache\2c53092c95605355.fb c:\windows\SysWow64\Cache\31a0997e9a5b5eb3.fb c:\windows\SysWow64\Cache\32038a4af788e971.fb c:\windows\SysWow64\Cache\32c84fe32bb74d60.fb c:\windows\SysWow64\Cache\3917078cb68ec657.fb c:\windows\SysWow64\Cache\3a43b8876470023e.fb c:\windows\SysWow64\Cache\43012ced285d9958.fb c:\windows\SysWow64\Cache\452393070e932957.fb c:\windows\SysWow64\Cache\590ba23ce359fd0c.fb c:\windows\SysWow64\Cache\610289e025a3ee9a.fb c:\windows\SysWow64\Cache\643c8f70d1ebaafd.fb c:\windows\SysWow64\Cache\651c5d3cdbfb8bd1.fb c:\windows\SysWow64\Cache\6c59ac5e7e7a3ad0.fb c:\windows\SysWow64\Cache\6d03dad1035885d3.fb c:\windows\SysWow64\Cache\717820e657a4a0fd.fb c:\windows\SysWow64\Cache\7294b2f1b0028680.fb c:\windows\SysWow64\Cache\7eea374eb53016a9.fb c:\windows\SysWow64\Cache\95f567698be8a182.fb c:\windows\SysWow64\Cache\a6588ba7f11769b9.fb c:\windows\SysWow64\Cache\a8556537add6dfc5.fb c:\windows\SysWow64\Cache\ad10a52aff5e038d.fb c:\windows\SysWow64\Cache\c1fa887b03019701.fb c:\windows\SysWow64\Cache\c4d28dca2e7648be.fb c:\windows\SysWow64\Cache\c7867d53acbbd237.fb c:\windows\SysWow64\Cache\d201ef9910cd39de.fb c:\windows\SysWow64\Cache\d2e94710a5708128.fb c:\windows\SysWow64\Cache\d79b9dfe81484ec4.fb c:\windows\SysWow64\Cache\ddc9cfcde40c733c.fb c:\windows\SysWow64\Cache\e0de16f883bea794.fb c:\windows\SysWow64\Cache\f0020235e21f7c5b.fb c:\windows\SysWow64\Cache\f998975c9cc711ee.fb . . ((((((((((((((((((((((((( Files Created from 2013-08-15 to 2013-09-15 ))))))))))))))))))))))))))))))) . . 2013-09-15 10:13 . 2013-09-15 10:13 -------- d-----w- c:\users\Lolo\AppData\Local\temp 2013-09-15 10:13 . 2013-09-15 10:13 -------- d-----w- c:\users\Default\AppData\Local\temp 2013-09-15 10:13 . 2013-09-15 10:13 -------- d-----w- c:\users\Cam\AppData\Local\temp 2013-09-15 09:15 . 2013-08-19 23:46 9515512 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{4BAEF24B-2B80-41AD-8513-E6B42DBD24AC}\mpengine.dll 2013-09-14 16:55 . 2013-09-14 16:55 -------- d-----w- C:\FRST 2013-09-14 16:36 . 2013-08-19 23:46 9515512 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\Backup\mpengine.dll 2013-09-14 10:45 . 2013-09-14 10:45 -------- d-----w- c:\users\Philip\AppData\Roaming\Malwarebytes 2013-09-14 10:45 . 2013-09-14 10:45 -------- d-----w- c:\programdata\Malwarebytes 2013-09-14 10:45 . 2013-09-14 10:45 -------- d-----w- c:\program files (x86)\Malwarebytes' Anti-Malware 2013-09-14 10:45 . 2013-04-04 13:50 25928 ----a-w- c:\windows\system32\drivers\mbam.sys 2013-09-14 09:12 . 2013-09-14 09:15 -------- d-----w- c:\windows\system32\MRT 2013-09-14 09:08 . 2013-09-14 09:09 -------- d-----w- c:\windows\Temp33890900-A962-99CE-4FB1-F88D5F6C1F46-Signatures 2013-09-14 09:00 . 2013-09-14 09:00 -------- d-----w- c:\windows\system32\EventProviders 2013-09-14 08:58 . 2013-02-22 06:20 1392128 ----a-w- c:\windows\system32\wininet.dll 2013-09-14 05:44 . 2013-02-12 15:37 3138048 ----a-w- c:\windows\system32\mstscax.dll 2013-09-14 05:44 . 2013-02-12 15:13 2691072 ----a-w- c:\windows\SysWow64\mstscax.dll 2013-09-14 05:44 . 2013-02-12 15:42 44032 ----a-w- c:\windows\system32\tsgqec.dll 2013-09-14 05:44 . 2013-02-12 15:31 158208 ----a-w- c:\windows\system32\aaclient.dll 2013-09-14 05:44 . 2013-02-12 15:07 131072 ----a-w- c:\windows\SysWow64\aaclient.dll 2013-09-14 05:44 . 2013-02-12 13:59 36864 ----a-w- c:\windows\SysWow64\tsgqec.dll 2013-09-14 05:43 . 2013-03-01 03:32 3150848 ----a-w- c:\windows\system32\win32k.sys 2013-09-14 05:43 . 2013-04-12 14:36 1653096 ----a-w- c:\windows\system32\drivers\ntfs.sys 2013-09-14 05:43 . 2013-01-24 05:41 223752 ----a-w- c:\windows\system32\drivers\fvevol.sys 2013-09-14 05:38 . 2013-03-19 06:19 5497688 ----a-w- c:\windows\system32\ntoskrnl.exe 2013-09-14 05:38 . 2013-03-19 05:54 43520 ----a-w- c:\windows\system32\csrsrv.dll 2013-09-14 05:38 . 2013-03-19 05:06 3958120 ----a-w- c:\windows\SysWow64\ntkrnlpa.exe 2013-09-14 05:38 . 2013-03-19 05:06 3902312 ----a-w- c:\windows\SysWow64\ntoskrnl.exe 2013-09-14 05:38 . 2013-03-19 03:19 112640 ----a-w- c:\windows\system32\smss.exe 2013-09-14 05:38 . 2013-03-19 04:53 6656 ----a-w- c:\windows\SysWow64\apisetschema.dll 2013-09-14 05:27 . 2013-02-12 14:02 19968 ----a-w- c:\windows\system32\drivers\usb8023.sys 2013-09-13 16:37 . 2013-09-13 16:37 -------- d-----w- c:\programdata\Oracle 2013-09-13 16:37 . 2013-09-13 16:37 -------- d-----w- c:\program files (x86)\Common Files\Java 2013-09-13 16:37 . 2013-09-13 16:36 96168 ----a-w- c:\windows\SysWow64\WindowsAccessBridge-32.dll 2013-09-13 16:31 . 2013-09-13 16:32 -------- d-----w- c:\program files\Speccy 2013-09-13 09:19 . 2013-09-14 09:08 -------- d-----w- c:\program files (x86)\Microsoft Security Client 2013-09-13 09:19 . 2013-09-14 09:09 -------- d-----w- c:\program files\Microsoft Security Client 2013-09-12 16:06 . 2013-09-12 16:06 -------- d-----w- c:\users\Philip\AppData\Roaming\SUPERAntiSpyware.com 2013-09-12 16:06 . 2013-09-14 21:34 -------- d-----w- c:\program files\SUPERAntiSpyware 2013-09-12 16:06 . 2013-09-12 16:06 -------- d-----w- c:\programdata\SUPERAntiSpyware.com . . . (((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))))) . 2013-09-13 16:36 . 2012-10-13 10:17 868264 ----a-w- c:\windows\SysWow64\npDeployJava1.dll 2013-09-13 16:36 . 2010-05-23 01:04 790440 ----a-w- c:\windows\SysWow64\deployJava1.dll 2013-09-01 16:08 . 2009-11-10 23:29 79143768 ----a-w- c:\windows\system32\MRT.exe 2013-08-15 16:41 . 2012-08-15 12:20 45856 ----a-w- c:\windows\system32\drivers\avgtpx64.sys 2013-06-18 20:50 . 2013-06-18 20:50 247216 ----a-w- c:\windows\system32\drivers\MpFilter.sys 2013-06-18 20:50 . 2012-08-30 21:03 139616 ----a-w- c:\windows\system32\drivers\NisDrvWFP.sys . . ((((((((((((((((((((((((((((((((((((( Reg Loading Points )))))))))))))))))))))))))))))))))))))))))))))))))) . . *Note* empty entries & legit default entries are not shown REGEDIT4 . [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\~\Browser Helper Objects\{30F9B915-B755-4826-820B-08FBA6BD249D}] 2011-01-17 14:54 175912 ----a-w- c:\program files (x86)\ConduitEngine\prxConduitEngine.dll . [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\~\Browser Helper Objects\{872b5b88-9db5-4310-bdd0-ac189557e5f5}] 2013-03-05 13:37 231168 ----a-w- c:\program files (x86)\DVDVideoSoftTB\prxtbDVD2.dll . [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\~\Browser Helper Objects\{94366e2c-9923-431c-b0d6-747447dd0f2b}] 2012-03-22 07:24 87008 ----a-w- c:\program files (x86)\searchresults1\searchresultsDx.dll . [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\~\Browser Helper Objects\{95B7759C-8C7F-4BF1-B163-73684A933233}] 2013-08-15 16:41 3122864 ----a-w- c:\program files (x86)\AVG Secure Search\15.5.0.2\AVG Secure Search_toolbar.dll . [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\~\Browser Helper Objects\{D4027C7F-154A-4066-A1AD-4243D8127440}] 2012-05-04 14:43 1519272 ----a-w- c:\program files (x86)\Ask.com\GenericAskToolbar.dll . [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar] "{872b5b88-9db5-4310-bdd0-ac189557e5f5}"= "c:\program files (x86)\DVDVideoSoftTB\prxtbDVD2.dll" [2013-03-05 231168] "{95B7759C-8C7F-4BF1-B163-73684A933233}"= "c:\program files (x86)\AVG Secure Search\15.5.0.2\AVG Secure Search_toolbar.dll" [2013-08-15 3122864] "{D4027C7F-154A-4066-A1AD-4243D8127440}"= "c:\program files (x86)\Ask.com\GenericAskToolbar.dll" [2012-05-04 1519272] "{94366e2c-9923-431c-b0d6-747447dd0f2b}"= "c:\program files (x86)\searchresults1\searchresultsDx.dll" [2012-03-22 87008] . [HKEY_CLASSES_ROOT\clsid\{872b5b88-9db5-4310-bdd0-ac189557e5f5}] . [HKEY_CLASSES_ROOT\clsid\{95b7759c-8c7f-4bf1-b163-73684a933233}] [HKEY_CLASSES_ROOT\AVG Secure Search.PugiObj.1] [HKEY_CLASSES_ROOT\AVG Secure Search.PugiObj] . [HKEY_CLASSES_ROOT\clsid\{d4027c7f-154a-4066-a1ad-4243d8127440}] [HKEY_CLASSES_ROOT\GenericAskToolbar.ToolbarWnd.1] [HKEY_CLASSES_ROOT\TypeLib\{2996F0E7-292B-4CAE-893F-47B8B1C05B56}] [HKEY_CLASSES_ROOT\GenericAskToolbar.ToolbarWnd] . [HKEY_CLASSES_ROOT\clsid\{94366e2c-9923-431c-b0d6-747447dd0f2b}] . [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "Akamai NetSession Interface"="c:\users\Philip\AppData\Local\Akamai\netsession_win.exe" [2013-06-05 4489472] "Sony PC Companion"="c:\program files (x86)\Sony\Sony PC Companion\PCCompanion.exe" [2013-05-29 449248] "swg"="c:\program files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2010-01-22 39408] . [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run] "QlbCtrl.exe"="c:\program files (x86)\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe" [2009-08-20 322104] "UCam_Menu"="c:\program files (x86)\CyberLink\YouCam\MUITransfer\MUIStartMenu.exe" [2007-08-16 218408] "Adobe Reader Speed Launcher"="c:\program files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2011-09-07 37296] "Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2013-04-04 958576] "AVG_TRAY"="c:\program files (x86)\AVG\AVG2012\avgtray.exe" [2012-04-05 2587008] "APSDaemon"="c:\program files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" [2013-01-28 59720] "vProt"="c:\program files (x86)\AVG Secure Search\vprot.exe" [2013-08-15 2314416] "ApnUpdater"="c:\program files (x86)\Ask.com\Updater\Updater.exe" [2012-05-04 1561768] "QuickTime Task"="c:\program files (x86)\QuickTime\QTTask.exe" [2012-04-18 421888] "iTunesHelper"="c:\program files (x86)\iTunes\iTunesHelper.exe" [2013-02-20 152392] "SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe" [2013-07-02 254336] . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system] "ConsentPromptBehaviorAdmin"= 5 (0x5) "ConsentPromptBehaviorUser"= 3 (0x3) "EnableLUA"= 0 (0x0) "EnableUIADesktopToggle"= 0 (0x0) . [HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager] BootExecute REG_MULTI_SZ autocheck autochk *\0c:\progra~2\AVG\AVG2012\avgrsa.exe /sync /restart . [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\!SASCORE] @="" . [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc] @="Service" . [HKEY_LOCAL_MACHINE\software\microsoft\security center] "AntiVirusOverride"=dword:00000001 "FirewallOverride"=dword:00000001 "UacDisableNotify"=dword:00000001 . R2 AVGIDSAgent;AVGIDSAgent;c:\program files (x86)\AVG\AVG2012\AVGIDSAgent.exe;c:\program files (x86)\AVG\AVG2012\AVGIDSAgent.exe [x] R2 BBSvc;BingBar Service;c:\program files (x86)\Microsoft\BingBar\7.2.241.0\BBSvc.exe;c:\program files (x86)\Microsoft\BingBar\7.2.241.0\BBSvc.exe [x] R2 BTWSp50a64;BTWSp50a64 NDIS Protocol Driver;SysWOW64\Drivers\BTWSp50a64.sys;SysWOW64\Drivers\BTWSp50a64.sys [x] R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [x] R2 Skype C2C Service;Skype C2C Service;c:\programdata\Skype\Toolbars\Skype C2C Service\c2c_service.exe;c:\programdata\Skype\Toolbars\Skype C2C Service\c2c_service.exe [x] R2 SkypeUpdate;Skype Updater;c:\program files (x86)\Skype\Updater\Updater.exe;c:\program files (x86)\Skype\Updater\Updater.exe [x] R3 BT Common Client RSA Smart Card Reader Service;BT Common Client RSA Smart Card Reader Service;c:\program files (x86)\BT Connection Manager\btomoscrsrv.exe;c:\program files (x86)\BT Connection Manager\btomoscrsrv.exe [x] R3 dg_ssudbus;SAMSUNG Mobile USB Composite Device Driver (DEVGURU Ver.);c:\windows\system32\DRIVERS\ssudbus.sys;c:\windows\SYSNATIVE\DRIVERS\ssudbus.sys [x] R3 ggflt;SEMC USB Flash Driver Filter;c:\windows\system32\DRIVERS\ggflt.sys;c:\windows\SYSNATIVE\DRIVERS\ggflt.sys [x] R3 NisDrv;Microsoft Network Inspection System;c:\windows\system32\DRIVERS\NisDrvWFP.sys;c:\windows\SYSNATIVE\DRIVERS\NisDrvWFP.sys [x] R3 NisSrv;Microsoft Network Inspection;c:\program files\Microsoft Security Client\NisSrv.exe;c:\program files\Microsoft Security Client\NisSrv.exe [x] R3 s1018bus;Sony Ericsson Device 1018 driver (WDM);c:\windows\system32\DRIVERS\s1018bus.sys;c:\windows\SYSNATIVE\DRIVERS\s1018bus.sys [x] R3 s1018mdfl;Sony Ericsson Device 1018 USB WMC Modem Filter;c:\windows\system32\DRIVERS\s1018mdfl.sys;c:\windows\SYSNATIVE\DRIVERS\s1018mdfl.sys [x] R3 s1018mdm;Sony Ericsson Device 1018 USB WMC Modem Driver;c:\windows\system32\DRIVERS\s1018mdm.sys;c:\windows\SYSNATIVE\DRIVERS\s1018mdm.sys [x] R3 s1018mgmt;Sony Ericsson Device 1018 USB WMC Device Management Drivers (WDM);c:\windows\system32\DRIVERS\s1018mgmt.sys;c:\windows\SYSNATIVE\DRIVERS\s1018mgmt.sys [x] R3 s1018nd5;Sony Ericsson Device 1018 USB Ethernet Emulation (NDIS);c:\windows\system32\DRIVERS\s1018nd5.sys;c:\windows\SYSNATIVE\DRIVERS\s1018nd5.sys [x] R3 s1018obex;Sony Ericsson Device 1018 USB WMC OBEX Interface;c:\windows\system32\DRIVERS\s1018obex.sys;c:\windows\SYSNATIVE\DRIVERS\s1018obex.sys [x] R3 s1018unic;Sony Ericsson Device 1018 USB Ethernet Emulation (WDM);c:\windows\system32\DRIVERS\s1018unic.sys;c:\windows\SYSNATIVE\DRIVERS\s1018unic.sys [x] R3 Sony PC Companion;Sony PC Companion;c:\program files (x86)\Sony\Sony PC Companion\PCCService.exe;c:\program files (x86)\Sony\Sony PC Companion\PCCService.exe [x] R3 ssudmdm;SAMSUNG Mobile USB Modem Drivers (DEVGURU Ver.);c:\windows\system32\DRIVERS\ssudmdm.sys;c:\windows\SYSNATIVE\DRIVERS\ssudmdm.sys [x] R3 USBAAPL64;Apple Mobile USB Driver;c:\windows\system32\Drivers\usbaapl64.sys;c:\windows\SYSNATIVE\Drivers\usbaapl64.sys [x] R3 WatAdminSvc;Windows Activation Technologies Service;c:\windows\system32\Wat\WatAdminSvc.exe;c:\windows\SYSNATIVE\Wat\WatAdminSvc.exe [x] S0 AVGIDSHA;AVGIDSHA;c:\windows\system32\DRIVERS\avgidsha.sys;c:\windows\SYSNATIVE\DRIVERS\avgidsha.sys [x] S0 Avgrkx64;AVG Anti-Rootkit Driver;c:\windows\system32\DRIVERS\avgrkx64.sys;c:\windows\SYSNATIVE\DRIVERS\avgrkx64.sys [x] S1 Avgfwfd;AVG network filter service;c:\windows\system32\DRIVERS\avgfwd6a.sys;c:\windows\SYSNATIVE\DRIVERS\avgfwd6a.sys [x] S1 Avgldx64;AVG AVI Loader Driver;c:\windows\system32\DRIVERS\avgldx64.sys;c:\windows\SYSNATIVE\DRIVERS\avgldx64.sys [x] S1 Avgmfx64;AVG Mini-Filter Resident Anti-Virus Shield;c:\windows\system32\DRIVERS\avgmfx64.sys;c:\windows\SYSNATIVE\DRIVERS\avgmfx64.sys [x] S1 Avgtdia;AVG TDI Driver;c:\windows\system32\DRIVERS\avgtdia.sys;c:\windows\SYSNATIVE\DRIVERS\avgtdia.sys [x] S1 avgtp;avgtp;c:\windows\system32\drivers\avgtpx64.sys;c:\windows\SYSNATIVE\drivers\avgtpx64.sys [x] S1 SASDIFSV;SASDIFSV;c:\program files\SUPERAntiSpyware\SASDIFSV64.SYS;c:\program files\SUPERAntiSpyware\SASDIFSV64.SYS [x] S1 SASKUTIL;SASKUTIL;c:\program files\SUPERAntiSpyware\SASKUTIL64.SYS;c:\program files\SUPERAntiSpyware\SASKUTIL64.SYS [x] S2 !SASCORE;SAS Core Service;c:\program files\SUPERAntiSpyware\SASCORE64.EXE;c:\program files\SUPERAntiSpyware\SASCORE64.EXE [x] S2 Akamai;Akamai NetSession Interface;c:\windows\System32\svchost.exe;c:\windows\SYSNATIVE\svchost.exe [x] S2 avgfws;AVG Firewall;c:\program files (x86)\AVG\AVG2012\avgfws.exe;c:\program files (x86)\AVG\AVG2012\avgfws.exe [x] S2 avgwd;AVG WatchDog;c:\program files (x86)\AVG\AVG2012\avgwdsvc.exe;c:\program files (x86)\AVG\AVG2012\avgwdsvc.exe [x] S2 MBAMScheduler;MBAMScheduler;c:\program files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe;c:\program files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe [x] S2 MBAMService;MBAMService;c:\program files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe;c:\program files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [x] S2 vToolbarUpdater15.5.0;vToolbarUpdater15.5.0;c:\program files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\15.5.0\ToolbarUpdater.exe;c:\program files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\15.5.0\ToolbarUpdater.exe [x] S3 AVGIDSDriver;AVGIDSDriver;c:\windows\system32\DRIVERS\avgidsdrivera.sys;c:\windows\SYSNATIVE\DRIVERS\avgidsdrivera.sys [x] S3 AVGIDSFilter;AVGIDSFilter;c:\windows\system32\DRIVERS\avgidsfiltera.sys;c:\windows\SYSNATIVE\DRIVERS\avgidsfiltera.sys [x] S3 BBUpdate;BBUpdate;c:\program files (x86)\Microsoft\BingBar\7.2.241.0\SeaPort.exe;c:\program files (x86)\Microsoft\BingBar\7.2.241.0\SeaPort.exe [x] S3 Com4QLBEx;Com4QLBEx;c:\program files (x86)\Hewlett-Packard\HP Quick Launch Buttons\Com4QLBEx.exe;c:\program files (x86)\Hewlett-Packard\HP Quick Launch Buttons\Com4QLBEx.exe [x] S3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys;c:\windows\SYSNATIVE\drivers\mbam.sys [x] S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys;c:\windows\SYSNATIVE\DRIVERS\Rt64win7.sys [x] S3 SrvHsfHDA;SrvHsfHDA;c:\windows\system32\DRIVERS\VSTAZL6.SYS;c:\windows\SYSNATIVE\DRIVERS\VSTAZL6.SYS [x] S3 SrvHsfV92;SrvHsfV92;c:\windows\system32\DRIVERS\VSTDPV6.SYS;c:\windows\SYSNATIVE\DRIVERS\VSTDPV6.SYS [x] S3 SrvHsfWinac;SrvHsfWinac;c:\windows\system32\DRIVERS\VSTCNXT6.SYS;c:\windows\SYSNATIVE\DRIVERS\VSTCNXT6.SYS [x] S3 SysMouseFilterF3;SysMouseFilterF3;c:\windows\system32\DRIVERS\SysMouseFilterF3.sys;c:\windows\SYSNATIVE\DRIVERS\SysMouseFilterF3.sys [x] . . [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\svchost] Akamai REG_MULTI_SZ Akamai . [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\active setup\installed components\{8A69D345-D564-463c-AFF1-A69D9E530F96}] 2013-09-06 16:47 1177552 ----a-w- c:\program files (x86)\Google\Chrome\Application\29.0.1547.66\Installer\chrmstp.exe . Contents of the 'Scheduled Tasks' folder . 2013-09-14 c:\windows\Tasks\Epson Printer Software Downloader.job - c:\program files (x86)\EPSON\EPAPDL\E_SAPDL2.EXE [2009-05-26 10:43] . 2013-09-15 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job - c:\program files (x86)\Google\Update\GoogleUpdate.exe [2010-01-29 07:38] . 2013-09-15 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job - c:\program files (x86)\Google\Update\GoogleUpdate.exe [2010-01-29 07:38] . 2013-09-15 c:\windows\Tasks\ROC_JAN2013_TB_rmv.job - c:\program files (x86)\AVG Secure Search\PostInstall\ROC.exe [2013-01-23 07:43] . 2013-09-14 c:\windows\Tasks\SUPERAntiSpyware Scheduled Task 938c00e0-fe2a-4e4d-9123-b2822c5b2a69.job - c:\program files\SUPERAntiSpyware\SASTask.exe [2011-05-04 17:52] . 2013-09-14 c:\windows\Tasks\SUPERAntiSpyware Scheduled Task 95a9368f-afc0-4b94-9b2d-fdb5b20b9f55.job - c:\program files\SUPERAntiSpyware\SASTask.exe [2011-05-04 17:52] . . --------- X64 Entries ----------- . . [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "MouseDriverD9"="c:\program files\MouseDriver\MouseDriver.exe" [2008-12-19 3293184] "IgfxTray"="c:\windows\system32\igfxtray.exe" [2010-08-25 161304] "HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2010-08-25 386584] "Persistence"="c:\windows\system32\igfxpers.exe" [2010-08-25 415256] "MSC"="c:\program files\Microsoft Security Client\msseces.exe" [2013-06-20 1356240] . ------- Supplementary Scan ------- . uLocal Page = c:\windows\system32\blank.htm mLocal Page = c:\windows\SysWOW64\blank.htm uInternet Settings,ProxyOverride = 127.0.0.1:9421;<local> TCP: DhcpNameServer = 192.168.2.1 Handler: tbr - {4D25FB7A-8902-4291-960E-9ADA051CFBBF} - c:\progra~2\Crawler\Toolbar\ctbr.dll Handler: viprotocol - {B658800C-F66E-4EF3-AB85-6C0C227862A9} - c:\program files (x86)\Common Files\AVG Secure Search\ViProtocolInstaller\15.5.0\ViProtocol.dll . - - - - ORPHANS REMOVED - - - - . Toolbar-Locked - (no file) Wow6432Node-HKCU-Run-BTCommonClient - c:\program files (x86)\BT Connection Manager\btomo.exe Wow6432Node-HKLM-Run-<NO NAME> - (no file) Toolbar-Locked - (no file) WebBrowser-{872B5B88-9DB5-4310-BDD0-AC189557E5F5} - (no file) WebBrowser-{F92A9FE4-2850-4198-B9D5-279880E49B16} - (no file) HKLM-Run-SynTPEnh - c:\program files (x86)\Synaptics\SynTP\SynTPEnh.exe . . . [HKEY_LOCAL_MACHINE\system\ControlSet001\services\Akamai] "ServiceDll"="c:\program files (x86)\common files\akamai/netsession_win_8fa3539.dll" . --------------------- LOCKED REGISTRY KEYS --------------------- . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}] @Denied: (A 2) (Everyone) @="FlashBroker" "LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil11e_ActiveX.exe,-101" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\Elevation] "Enabled"=dword:00000001 . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\LocalServer32] @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil11e_ActiveX.exe" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\TypeLib] @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}] @Denied: (A 2) (Everyone) @="Shockwave Flash Object" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32] @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash11e.ocx" "ThreadingModel"="Apartment" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus] @="0" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID] @="ShockwaveFlash.ShockwaveFlash.10" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32] @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash11e.ocx, 1" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib] @="{D27CDB6B-AE6D-11cf-96B8-444553540000}" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version] @="1.0" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID] @="ShockwaveFlash.ShockwaveFlash" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}] @Denied: (A 2) (Everyone) @="Macromedia Flash Factory Object" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32] @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash11e.ocx" "ThreadingModel"="Apartment" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID] @="FlashFactory.FlashFactory.1" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32] @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash11e.ocx, 1" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib] @="{D27CDB6B-AE6D-11cf-96B8-444553540000}" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version] @="1.0" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID] @="FlashFactory.FlashFactory" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}] @Denied: (A 2) (Everyone) @="IFlashBroker4" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\ProxyStubClsid32] @="{00020424-0000-0000-C000-000000000046}" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\TypeLib] @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}" "Version"="1.0" . [HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings] @Denied: (A) (Users) @Denied: (A) (Everyone) @Allowed: (B 1 2 3 4 5) (S-1-5-20) "BlindDial"=dword:00000000 . [HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings] @Denied: (A) (Users) @Denied: (A) (Everyone) @Allowed: (B 1 2 3 4 5) (S-1-5-20) "BlindDial"=dword:00000000 . [HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0002\AllUserSettings] @Denied: (A) (Users) @Denied: (A) (Everyone) @Allowed: (B 1 2 3 4 5) (S-1-5-20) "BlindDial"=dword:00000000 . [HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0003\AllUserSettings] @Denied: (A) (Users) @Denied: (A) (Everyone) @Allowed: (B 1 2 3 4 5) (S-1-5-20) "BlindDial"=dword:00000000 . [HKEY_LOCAL_MACHINE\system\ControlSet001\Control\PCW\Security] @Denied: (Full) (Everyone) . Completion time: 2013-09-15 11:19:43 ComboFix-quarantined-files.txt 2013-09-15 10:19 . Pre-Run: 92,210,757,632 bytes free Post-Run: 94,628,720,640 bytes free . - - End Of File - - 72D40484B081DBE45B78BE4848A69C9F A36C5E4F47E84449FF07ED3517B43A31

problem unable to disable or stop security essentials, should I remove this program?

Sorry my error, fixlog attached: Fix result of Farbar Recovery Tool (FRST written by Farbar) (x64) Version: 13-09-2013 04Ran by Philip at 2013-09-14 22:45:48 Run:1Running from C:\Users\Philip\DesktopBoot Mode: Normal============================================== Content of fixlist:*****************HKCU\...\Run: [Google Update*] - [x] <===== ATTENTION (ZeroAccess rootkit hidden path)HKCU\...\Run: [Rxa1gKilRsOh] - C:\Users\Philip\AppData\Local\SkbeR8P.exeHKCU\...\Run: [WeySyiny] - C:\Users\Philip\AppData\Local\oxhgofel\weysyiny.exeHKLM-x32\...\Run: [Rxa1gKilRsOh] - C:\Users\Philip\AppData\Local\SkbeR8P.exe [x]HKU\Lolo\...\Run: [yCpCQSpcQDy4] - C:\Users\Lolo\AppData\Local\fvJcrgR.exeS2 Winmgmt; C:\PROGRA~3\otq109.pzz [x]U2 *etadpug; "C:\Program Files (x86)\Google\Desktop\Install\{d3145163-28fb-decd-a1a6-380b0e9b7fd1}\ \...\???\{d3145163-28fb-decd-a1a6-380b0e9b7fd1}\GoogleUpdate.exe" < <==== ATTENTION (ZeroAccess)2013-09-13 11: 28 - 2013-03-13 21:01 - 00000000 ____D C:\Users\Philip\AppData\Local\oxhgofelC:\Users\Philip\AppData\Local\Google\Desktop\InstallC:\Program Files (x86)\Google\Desktop\InstallC:\ProgramData\otq109.ctrlC:\Users\Philip\AppData\Local\Temp\_is255E.exeC:\Users\Philip\AppData\Local\Temp\_is4E00.exeC:\Users\Philip\AppData\Local\Temp\_is6650.exeC:\Users\Philip\AppData\Local\Temp\_isB869.exe***************** HKCU\Software\Microsoft\Windows\CurrentVersion\Run\\Google Update* => Value deleted successfully.HKCU\Software\Microsoft\Windows\CurrentVersion\Run\\Rxa1gKilRsOh => Value not found.HKCU\Software\Microsoft\Windows\CurrentVersion\Run\\WeySyiny => Value not found.HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\Rxa1gKilRsOh => Value deleted successfully.HKU\Lolo\Software\Microsoft\Windows\CurrentVersion\Run\\yCpCQSpcQDy4 => Value deleted successfully.Winmgmt => Service restored successfully.*etadpug => Service deleted successfully.C:\Users\Philip\AppData\Local\oxhgofel => Moved successfully.C:\Users\Philip\AppData\Local\Google\Desktop\Install => Moved successfully.C:\Program Files (x86)\Google\Desktop\Install => Moved successfully.C:\ProgramData\otq109.ctrl => Moved successfully.C:\Users\Philip\AppData\Local\Temp\_is255E.exe => Moved successfully.

help! Unable to locate fixlog.txt in my desktop

Hi Thanks, Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 13-09-2013 04Ran by Philip (administrator) on PHILIP-PC on 14-09-2013 17:55:55Running from C:\Users\Philip\DesktopWindows 7 Home Premium (X64) OS Language: English(US)Internet Explorer Version 9Boot Mode: Normal ==================== Could not list processes =============== ==================== Registry (Whitelisted) ================== HKLM\...\Run: [synTPEnh] - C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [1808168 2009-06-18] (Synaptics Incorporated)HKLM\...\Run: [MouseDriverD9] - C:\Program Files\MouseDriver\MouseDriver.exe [3293184 2008-12-19] ()HKLM\...\Run: [HotKeysCmds] - C:\Windows\system32\hkcmd.exe [ ] ()HKLM\...\Run: [MSC] - c:\Program Files\Microsoft Security Client\msseces.exe [1356240 2013-06-20] (Microsoft Corporation)Winlogon\Notify\GoToAssist: C:\Program Files (x86)\Citrix\GoToAssist\599\G2AWinLogon_x64.dll (Citrix Online, a division of Citrix Systems, Inc.)Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)HKCU\...\Run: [EPSON Stylus DX7400 Series] - C:\Windows\system32\spool\DRIVERS\x64\3\E_IATICDE.EXE /FU "C:\Windows\TEMP\E_S3AFD.tmp" /EF "HKCU"HKCU\...\Run: [EPSON SX510W Series] - C:\Windows\system32\spool\DRIVERS\x64\3\E_IATIFIE.EXE /FU "C:\Windows\TEMP\E_S5B0E.tmp" /EF "HKCU"HKCU\...\Run: [Epson Stylus SX510W(Network)] - C:\Windows\system32\spool\DRIVERS\x64\3\E_IATIFIE.EXE /FU "C:\Windows\TEMP\E_SF6E.tmp" /EF "HKCU"HKCU\...\Run: [bTCommonClient] - "C:\Program Files (x86)\BT Connection Manager\btomo.exe" -aHKCU\...\Run: [Akamai NetSession Interface] - C:\Users\Philip\AppData\Local\Akamai\netsession_win.exe [4489472 2013-06-05] (Akamai Technologies, Inc.)HKCU\...\Run: [sony PC Companion] - C:\Program Files (x86)\Sony\Sony PC Companion\PCCompanion.exe [449248 2013-05-29] (Sony)HKCU\...\Run: [swg] - C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [39408 2010-01-22] (Google Inc.)HKCU\...\Run: [Google Update*] - [x] <===== ATTENTION (ZeroAccess rootkit hidden path)HKCU\...\Run: [Rxa1gKilRsOh] - C:\Users\Philip\AppData\Local\SkbeR8P.exeHKCU\...\Run: [WeySyiny] - C:\Users\Philip\AppData\Local\oxhgofel\weysyiny.exeMountPoints2: {8cae339c-7405-11e0-8596-001f165c9edf} - G:\LaunchU3.exe -aMountPoints2: {9eaaba10-8528-11e1-9ff3-001f165c9edf} - G:\Startme.exeMountPoints2: {bb84a57f-2fa4-11e1-bd41-001f165c9edf} - G:\KODAK_Camera_Setup_App.exeHKLM-x32\...\Run: [QlbCtrl.exe] - C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe [322104 2009-08-20] ( Hewlett-Packard Development Company, L.P.)HKLM-x32\...\Run: [uCam_Menu] - C:\Program Files (x86)\CyberLink\YouCam\MUITransfer\MUIStartMenu.exe [218408 2007-08-17] (CyberLink Corp.)HKLM-x32\...\Run: [Adobe Reader Speed Launcher] - C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe [37296 2011-09-07] (Adobe Systems Incorporated)HKLM-x32\...\Run: [Adobe ARM] - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [958576 2013-04-04] (Adobe Systems Incorporated)HKLM-x32\...\Run: [AVG_TRAY] - C:\Program Files (x86)\AVG\AVG2012\avgtray.exe [2587008 2012-04-05] (AVG Technologies CZ, s.r.o.)HKLM-x32\...\Run: [APSDaemon] - C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [59720 2013-01-28] (Apple Inc.)HKLM-x32\...\Run: [vProt] - C:\Program Files (x86)\AVG Secure Search\vprot.exe [2314416 2013-08-15] ()HKLM-x32\...\Run: [] - [x]HKLM-x32\...\Run: [ApnUpdater] - C:\Program Files (x86)\Ask.com\Updater\Updater.exe [1561768 2012-05-04] (Ask)HKLM-x32\...\Run: [QuickTime Task] - C:\Program Files (x86)\QuickTime\QTTask.exe [421888 2012-04-18] (Apple Inc.)HKLM-x32\...\Run: [iTunesHelper] - C:\Program Files (x86)\iTunes\iTunesHelper.exe [152392 2013-02-20] (Apple Inc.)HKLM-x32\...\Run: [Rxa1gKilRsOh] - C:\Users\Philip\AppData\Local\SkbeR8P.exe [x]HKLM-x32\...\Run: [sunJavaUpdateSched] - C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [254336 2013-07-02] (Oracle Corporation)HKU\Lolo\...\Run: [swg] - C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [39408 2010-01-22] (Google Inc.)HKU\Lolo\...\Run: [QuickTime Task] - C:\Program Files (x86)\QuickTime\QTTask.exe [421888 2012-04-18] (Apple Inc.)HKU\Lolo\...\Run: [yCpCQSpcQDy4] - C:\Users\Lolo\AppData\Local\fvJcrgR.exeStartup: C:\Users\Lolo\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\BBC iPlayer Desktop.lnkShortcutTarget: BBC iPlayer Desktop.lnk -> C:\Program Files (x86)\BBC iPlayer Desktop\BBC iPlayer Desktop.exe (No File)BootExecute: autocheck autochk * C:\PROGRA~2\AVG\AVG2012\avgrsa.exe /sync /restart ==================== Internet (Whitelisted) ==================== HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://home.bt.yahoo.com/HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://uk.msn.com/?ocid=iehpHKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = en-gbHKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,SearchAssistant = http://inboxtoolbar.com/search/ie.aspx?tbid=80150HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,CustomizeSearch = http://inboxtoolbar.com/help/sa_customize.aspx?tbid=80150StartMenuInternet: IEXPLORE.EXE - C:\Program Files (x86)\Internet Explorer\iexplore.exeSearchScopes: HKLM-x32 - {afdbddaa-5d3f-42ee-b79c-185a7020515b} URL = http://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT2269050SearchScopes: HKCU - {171DEBEB-C3D4-40b7-AC73-056A5EBA4A7E} URL = http://websearch.ask.com/redirect?client=ie&tb=ORJ&o=&src=crm&q={searchTerms}&locale=&apn_ptnrs=&apn_dtid=OSJ000&apn_uid=E6EF932F-2CD2-4926-AEDD-31A9B8D552F2&apn_sauid=3718A540-1C9A-4CC1-A40D-3EAA3EEF2228SearchScopes: HKCU - {1CB20BF0-BBAE-40A7-93F4-6435FF3D0411} URL = http://www.crawler.com/search/dispatcher.aspx?tp=bs&qkw={searchTerms}&tbid=60195SearchScopes: HKCU - {3BF28F2B-AC36-4B43-9717-D939AE2EA317} URL = http://websearch.ask.com/redirect?client=ie&tb=MTV&o=1590&src=kw&q={searchTerms}&locale=en_UK&apn_ptnrs=^AAH&apn_dtid=^YYYYYY^SN^GB&apn_uid=7a94154a-5850-4f8f-bf35-76e9bcb89ff6&apn_sauid=1354B9E3-A3DF-4386-A8BF-308FABEA718ASearchScopes: HKCU - {58A7CA70-8734-4895-92DF-D4C753293510} URL = http://uk.search.yahoo.com/search?p={searchTerms}&fr=chr-bt-odtbSearchScopes: HKCU - {8771476E-103F-4598-A070-F5996ACFBB77} URL = http://search.avg.com/?d=4e3acf18&i=23&tp=chrome&q={searchTerms}&lng={language}&nt=1SearchScopes: HKCU - {95B7759C-8C7F-4BF1-B163-73684A933233} URL = http://isearch.avg.com/search?cid={64F44EEF-D1BE-408C-B23E-F32672D53B55}&mid=1d884ce8f0ca47d1835bd15650b8772c-788d4ab33b549ffce1972619ba5d771eb3f901c6〈=en&ds=AVG&pr=pr&d=2012-08-15 13:20:14&v=15.3.0.11&pid=avg&sg=0&sap=dsp&q={searchTerms}SearchScopes: HKCU - {B9C7CE32-DA91-43C2-B7E9-0E9AAFC675CD} URL = http://eu.ask.com/web?l=dis&o=16552&gct=sb&qsrc=2869&apn_dtid=^YYYYYY^YY^GB&apn_ptnrs=^A9T&apn_uid=0511950047654335&p2=^A9T^YYYYYY^YY^GB&q={searchTerms}SearchScopes: HKCU - {C04B7D22-5AEC-4561-8F49-27F6269208F6} URL = http://inboxtoolbar.com/search/dispatcher.aspx?tp=bs&qkw={searchTerms}&tbid=80150&lng=enSearchScopes: HKCU - {DFE392A0-EEB4-4F1E-A778-C9407D981523} URL = http://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT3282128&CUI=UN16764107532400725BHO: AVG Do Not Track - {31332EEF-CB9F-458F-AFEB-D30E9A66B6BA} - C:\Program Files (x86)\AVG\AVG2012\avgdtiea.dll (AVG Technologies CZ, s.r.o.)BHO: AVG Safe Search - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files (x86)\AVG\AVG2012\avgssiea.dll (AVG Technologies CZ, s.r.o.)BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)BHO: Skype add-on for Internet Explorer - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Skype Technologies S.A.)BHO-x32: &Yahoo! Toolbar Helper - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn0\yt.dll (Yahoo! Inc.)BHO-x32: Adobe PDF Link Helper - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)BHO-x32: No Name - {1CB20BF0-BBAE-40A7-93F4-6435FF3D0411} - C:\Program Files (x86)\Crawler\Toolbar\ctbr.dll (Crawler.com)BHO-x32: Conduit Engine - {30F9B915-B755-4826-820B-08FBA6BD249D} - C:\Program Files (x86)\ConduitEngine\prxConduitEngine.dll (Conduit Ltd.)BHO-x32: AVG Safe Search - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files (x86)\AVG\AVG2012\avgssie.dll (AVG Technologies CZ, s.r.o.)BHO-x32: Java Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)BHO-x32: DVDVideoSoftTB Toolbar - {872b5b88-9db5-4310-bdd0-ac189557e5f5} - C:\Program Files (x86)\DVDVideoSoftTB\prxtbDVD2.dll (Conduit Ltd.)BHO-x32: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)BHO-x32: Search Results Toolbar - {94366e2c-9923-431c-b0d6-747447dd0f2b} - C:\Program Files (x86)\searchresults1\searchresultsDx.dll (Ask.com)BHO-x32: AVG Security Toolbar - {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Program Files (x86)\AVG Secure Search\15.5.0.2\AVG Secure Search_toolbar.dll (AVG Secure Search)BHO-x32: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)BHO-x32: Skype Browser Helper - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)BHO-x32: Bing Bar Helper - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files (x86)\Microsoft\BingBar\7.2.241.0\BingExt.dll (Microsoft Corporation.)BHO-x32: Inbox Toolbar - {D3D233D5-9F6D-436C-B6C7-E63F77503B30} - C:\PROGRA~2\INBOXT~1\Inbox.dll No FileBHO-x32: Ask Toolbar - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll (Ask)BHO-x32: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)BHO-x32: SingleInstance Class - {FDAD4DA1-61A2-4FD8-9C17-86F7AC245081} - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn\YTSingleInstance.dll (Yahoo! Inc)Toolbar: HKLM - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)Toolbar: HKLM-x32 - &Inbox Toolbar - {D7E97865-918F-41E4-9CD0-25AB1C574CE8} - C:\PROGRA~2\INBOXT~1\Inbox.dll No FileToolbar: HKLM-x32 - &Crawler Toolbar - {4B3803EA-5230-4DC3-A7FC-33638F3D3542} - C:\Program Files (x86)\Crawler\Toolbar\ctbr.dll (Crawler.com)Toolbar: HKLM-x32 - DVDVideoSoftTB Toolbar - {872b5b88-9db5-4310-bdd0-ac189557e5f5} - C:\Program Files (x86)\DVDVideoSoftTB\prxtbDVD2.dll (Conduit Ltd.)Toolbar: HKLM-x32 - Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn0\yt.dll (Yahoo! Inc.)Toolbar: HKLM-x32 - AVG Security Toolbar - {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Program Files (x86)\AVG Secure Search\15.5.0.2\AVG Secure Search_toolbar.dll (AVG Secure Search)Toolbar: HKLM-x32 - Ask Toolbar - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll (Ask)Toolbar: HKLM-x32 - Search Results Toolbar - {94366e2c-9923-431c-b0d6-747447dd0f2b} - C:\Program Files (x86)\searchresults1\searchresultsDx.dll (Ask.com)Toolbar: HKLM-x32 - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)Toolbar: HKLM-x32 - Bing Bar - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files (x86)\Microsoft\BingBar\7.2.241.0\BingExt.dll (Microsoft Corporation.)Toolbar: HKCU - No Name - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - No FileToolbar: HKCU - Google Toolbar - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)Toolbar: HKCU - No Name - {4B3803EA-5230-4DC3-A7FC-33638F3D3542} - No FileToolbar: HKCU - No Name - {D7E97865-918F-41E4-9CD0-25AB1C574CE8} - No FileToolbar: HKCU - No Name - {872B5B88-9DB5-4310-BDD0-AC189557E5F5} - No FileToolbar: HKCU - No Name - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - No FileToolbar: HKCU - No Name - {D4027C7F-154A-4066-A1AD-4243D8127440} - No FileToolbar: HKCU - No Name - {E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39} - No FileToolbar: HKCU - No Name - {F92A9FE4-2850-4198-B9D5-279880E49B16} - No FileDPF: HKLM-x32 {20A60F0D-9AFA-4515-A0FD-83BD84642501} http://messenger.zone.msn.com/binary/msgrchkr.cab56986.cabDPF: HKLM-x32 {32C3FEAE-0877-4767-8C20-62A5829A0945} http://static.ak.facebook.com/fbplugin/win32/axfbootloader.cabDPF: HKLM-x32 {8100D56A-5661-482C-BEE8-AFECE305D968} http://upload.facebook.com/controls/2009.07.28_v5.5.8.1/FacebookPhotoUploader55.cabDPF: HKLM-x32 {C1FDEE68-98D5-4F42-A4DD-D0BECF5077EB} http://tools.ebayimg.com/eps/wl/activex/eBay_Enhanced_Picture_Control_v1-0-29-0.cabDPF: HKLM-x32 {C3F79A2B-B9B4-4A66-B012-3EE46475B072} http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cabDPF: HKLM-x32 {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cabDPF: HKLM-x32 {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cabHandler: inbox - {37540F19-DD4C-478B-B2DF-C19281BCAF27} - No FileHandler: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files (x86)\AVG\AVG2012\avgppa.dll (AVG Technologies CZ, s.r.o.)Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Skype Technologies S.A.)Handler: tbr - {4D25FB7A-8902-4291-960E-9ADA051CFBBF} - No FileHandler-x32: http\0x00000001 - {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation)Handler-x32: http\oledb - {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation)Handler-x32: https\0x00000001 - {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation)Handler-x32: https\oledb - {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation)Handler-x32: inbox - {37540F19-DD4C-478B-B2DF-C19281BCAF27} - C:\PROGRA~2\INBOXT~1\Inbox.dll No FileHandler-x32: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files (x86)\AVG\AVG2012\avgpp.dll (AVG Technologies CZ, s.r.o.)Handler-x32: msdaipp\0x00000001 - {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation)Handler-x32: msdaipp\oledb - {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation)Handler-x32: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)Handler-x32: tbr - {4D25FB7A-8902-4291-960E-9ADA051CFBBF} - C:\Program Files (x86)\Crawler\Toolbar\ctbr.dll (Crawler.com)Handler-x32: viprotocol - {B658800C-F66E-4EF3-AB85-6C0C227862A9} - C:\Program Files (x86)\Common Files\AVG Secure Search\ViProtocolInstaller\15.5.0\ViProtocol.dll (AVG Secure Search)Filter: text/xml - {807553E5-5146-11D5-A672-00B0D022E945} - No FileWinsock: Catalog5 01 mswsock.dll File Not found (Microsoft Corporation) ATTENTION: The LibraryPath should be "%SystemRoot%\system32\NLAapi.dll"Winsock: Catalog5 02 mswsock.dll File Not found (Microsoft Corporation) ATTENTION: The LibraryPath should be "%SystemRoot%\System32\mswsock.dll"Winsock: Catalog9 01 mswsock.dll File Not found (Microsoft Corporation)Winsock: Catalog9 02 mswsock.dll File Not found (Microsoft Corporation)Winsock: Catalog9 03 mswsock.dll File Not found (Microsoft Corporation)Winsock: Catalog9 04 mswsock.dll File Not found (Microsoft Corporation)Winsock: Catalog9 05 mswsock.dll File Not found (Microsoft Corporation)Winsock: Catalog9 06 mswsock.dll File Not found (Microsoft Corporation)Winsock: Catalog9 07 mswsock.dll File Not found (Microsoft Corporation)Winsock: Catalog9 08 mswsock.dll File Not found (Microsoft Corporation)Winsock: Catalog9 09 mswsock.dll File Not found (Microsoft Corporation)Winsock: Catalog9 10 mswsock.dll File Not found (Microsoft Corporation)Winsock: Catalog9 11 mswsock.dll File Not found (Microsoft Corporation)Winsock: Catalog5-x64 01 mswsock.dll File Not found (Microsoft Corporation) ATTENTION: The LibraryPath should be "%SystemRoot%\system32\NLAapi.dll"Winsock: Catalog5-x64 02 mswsock.dll File Not found (Microsoft Corporation) ATTENTION: The LibraryPath should be "%SystemRoot%\System32\mswsock.dll"Winsock: Catalog9-x64 01 mswsock.dll File Not found (Microsoft Corporation)Winsock: Catalog9-x64 02 mswsock.dll File Not found (Microsoft Corporation)Winsock: Catalog9-x64 03 mswsock.dll File Not found (Microsoft Corporation)Winsock: Catalog9-x64 04 mswsock.dll File Not found (Microsoft Corporation)Winsock: Catalog9-x64 05 mswsock.dll File Not found (Microsoft Corporation)Winsock: Catalog9-x64 06 mswsock.dll File Not found (Microsoft Corporation)Winsock: Catalog9-x64 07 mswsock.dll File Not found (Microsoft Corporation)Winsock: Catalog9-x64 08 mswsock.dll File Not found (Microsoft Corporation)Winsock: Catalog9-x64 09 mswsock.dll File Not found (Microsoft Corporation)Winsock: Catalog9-x64 10 mswsock.dll File Not found (Microsoft Corporation)Winsock: Catalog9-x64 11 mswsock.dll File Not found (Microsoft Corporation)Tcpip\Parameters: [DhcpNameServer] 192.168.2.1 FireFox:========FF ProfilePath: C:\Users\Philip\Application Data\Mozilla\Firefox\Profiles\ztv1i0k3.defaultFF Plugin: @microsoft.com/GENUINE - disabled No FileFF Plugin: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files\Microsoft Silverlight\5.1.20513.0\npctrl.dll ( Microsoft Corporation)FF Plugin-x32: @Apple.com/iTunes,version=1.0 - C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()FF Plugin-x32: @avg.com/AVG SiteSafety plugin,version=11.0.0.1,application/x-avg-sitesafety-plugin - C:\Program Files (x86)\Common Files\AVG Secure Search\SiteSafetyInstaller\15.5.0\\npsitesafety.dll (AVG Technologies)FF Plugin-x32: @Google.com/GoogleEarthPlugin - C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)FF Plugin-x32: @java.com/DTPlugin,version=10.40.2 - C:\Windows\SysWOW64\npDeployJava1.dll (Oracle Corporation)FF Plugin-x32: @java.com/JavaPlugin,version=10.40.2 - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)FF Plugin-x32: @microsoft.com/GENUINE - disabled No FileFF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files (x86)\Microsoft Silverlight\5.1.20513.0\npctrl.dll ( Microsoft Corporation)FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3508.1109 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)FF Plugin-x32: @playstation.com/PsndlCheck,version=1.00 - C:\Program Files (x86)\Sony\PLAYSTATION Network Downloader\nppsndl.dll (Sony Computer Entertainment Inc.)FF Plugin-x32: @SonyCreativeSoftware.com/Media Go,version=1.0 - C:\Program Files (x86)\Sony\Media Go\npmediago.dll (Sony Network Entertainment International LLC)FF Plugin-x32: @tools.google.com/Google Update;version=3 - C:\Program Files (x86)\Google\Update\1.3.21.153\npGoogleUpdate3.dll (Google Inc.)FF Plugin-x32: @tools.google.com/Google Update;version=9 - C:\Program Files (x86)\Google\Update\1.3.21.153\npGoogleUpdate3.dll (Google Inc.)FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)FF Plugin HKCU: @facebook.com/FBPlugin,version=1.0.3 - C:\Users\Philip\AppData\Roaming\Facebook\npfbplugin_1_0_3.dll ( )FF Plugin HKCU: @yahoo.com/BrowserPlus,version=2.9.8 - C:\Users\Philip\AppData\Local\Yahoo!\BrowserPlus\2.9.8\Plugins\npybrowserplus_2.9.8.dll (Yahoo! Inc.)FF SearchPlugin: C:\Users\Philip\Application Data\Mozilla\Firefox\Profiles\ztv1i0k3.default\searchplugins\askcom.xmlFF Extension: No Name - C:\Users\Philip\Application Data\Mozilla\Firefox\Profiles\ztv1i0k3.default\Extensions\inboxcomtoolbar@inbox.comFF Extension: Ask Toolbar - C:\Users\Philip\Application Data\Mozilla\Firefox\Profiles\ztv1i0k3.default\Extensions\toolbar@ask.comFF Extension: DVDVideoSoftTB Toolbar - C:\Users\Philip\Application Data\Mozilla\Firefox\Profiles\ztv1i0k3.default\Extensions\{872b5b88-9db5-4310-bdd0-ac189557e5f5}FF Extension: No Name - C:\Users\Philip\Application Data\Mozilla\Firefox\Profiles\ztv1i0k3.default\Extensions\{ACAA314B-EEBA-48e4-AD47-84E31C44796C}FF HKLM-x32\...\Firefox\Extensions: [{7BA52691-1876-45ce-9EE6-54BCB3B04BBC}] - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\coFFPlgn\FF HKLM-x32\...\Firefox\Extensions: [{1E73965B-8B48-48be-9C8D-68B920ABC1C4}] - C:\Program Files (x86)\AVG\AVG2012\Firefox4\FF Extension: AVG Safe Search - C:\Program Files (x86)\AVG\AVG2012\Firefox4\FF HKLM-x32\...\Firefox\Extensions: [avg@toolbar] - C:\ProgramData\AVG Secure Search\FireFoxExt\15.5.0.2FF Extension: AVG Security Toolbar - C:\ProgramData\AVG Secure Search\FireFoxExt\15.5.0.2 Chrome: =======CHR DefaultSearchURL: (Google) - {google:baseURL}search?q={searchTerms}&{google:RLZ}{google:originalQueryForSuggestion}{google:assistedQueryStats}{google:searchFieldtrialParameter}{google:searchClient}{google:sourceId}{google:instantExtendedEnabledParameter}{google:omniboxStartMarginParameter}ie={inputEncoding}CHR DefaultSuggestURL: (Google) - {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client={google:suggestClient}&q={searchTerms}&{google:cursorPosition}{google:zeroPrefixUrl}sugkey={google:suggestAPIKeyParameter}CHR Plugin: (Shockwave Flash) - C:\Program Files (x86)\Google\Chrome\Application\29.0.1547.66\PepperFlash\pepflashplayer.dll ()CHR Plugin: (Chrome Remote Desktop Viewer) - internal-remoting-viewerCHR Plugin: (Native Client) - C:\Program Files (x86)\Google\Chrome\Application\29.0.1547.66\ppGoogleNaClPluginChrome.dll ()CHR Plugin: (Chrome PDF Viewer) - C:\Program Files (x86)\Google\Chrome\Application\29.0.1547.66\pdf.dll ()CHR Plugin: (Skype Toolbars) - C:\Users\Philip\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl\5.9.0.9216_0\npSkypeChromePlugin.dll No FileCHR Plugin: (AVG Internet Security) - C:\Users\Philip\AppData\Local\Google\Chrome\User Data\Default\Extensions\jmfkcklnlgedgbglfkkgedjfmejoahla\12.0.0.2191_0\plugins/avgnpss.dll (AVG Technologies CZ, s.r.o.)CHR Plugin: (Adobe Acrobat) - C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Browser\nppdf32.dll (Adobe Systems Inc.)CHR Plugin: (QuickTime Plug-in 7.7.2) - C:\Program Files (x86)\QuickTime\plugins\npqtplugin.dll (Apple Inc.)CHR Plugin: (QuickTime Plug-in 7.7.2) - C:\Program Files (x86)\QuickTime\plugins\npqtplugin2.dll (Apple Inc.)CHR Plugin: (QuickTime Plug-in 7.7.2) - C:\Program Files (x86)\QuickTime\plugins\npqtplugin3.dll (Apple Inc.)CHR Plugin: (QuickTime Plug-in 7.7.2) - C:\Program Files (x86)\QuickTime\plugins\npqtplugin4.dll (Apple Inc.)CHR Plugin: (QuickTime Plug-in 7.7.2) - C:\Program Files (x86)\QuickTime\plugins\npqtplugin4.dll (Apple Inc.)CHR Plugin: (QuickTime Plug-in 7.7.2) - C:\Program Files (x86)\QuickTime\plugins\npqtplugin5.dll (Apple Inc.)CHR Plugin: (QuickTime Plug-in 7.7.2) - C:\Program Files (x86)\QuickTime\plugins\npqtplugin6.dll (Apple Inc.)CHR Plugin: (QuickTime Plug-in 7.7.2) - C:\Program Files (x86)\QuickTime\plugins\npqtplugin7.dll (Apple Inc.)CHR Plugin: (AVG SiteSafety plugin) - C:\Program Files (x86)\Common Files\AVG Secure Search\SiteSafetyInstaller\12.2.6\\npsitesafety.dll (AVG Technologies)CHR Plugin: (Google Earth Plugin) - C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)CHR Plugin: (Google Update) - C:\Program Files (x86)\Google\Update\1.3.21.123\npGoogleUpdate3.dll No FileCHR Plugin: (Java Platform SE 7 U7) - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)CHR Plugin: (Java Deployment Toolkit 7.0.70.11) - C:\Windows\SysWOW64\npDeployJava1.dll (Oracle Corporation)CHR Plugin: (Media Go Detector) - C:\Program Files (x86)\Sony\Media Go\npmediago.dll (Sony Network Entertainment International LLC)CHR Plugin: (PlayStation®Network Downloader Check Plug-in) - C:\Program Files (x86)\Sony\PLAYSTATION Network Downloader\nppsndl.dll (Sony Computer Entertainment Inc.)CHR Plugin: (Windows Live\u0099 Photo Gallery) - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)CHR Plugin: (iTunes Application Detector) - C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()CHR Plugin: (BrowserPlus (from Yahoo!) v2.9.8) - C:\Users\Philip\AppData\Local\Yahoo!\BrowserPlus\2.9.8\Plugins\npybrowserplus_2.9.8.dll (Yahoo! Inc.)CHR Plugin: (Facebook Plugin) - C:\Users\Philip\AppData\Roaming\Facebook\npfbplugin_1_0_3.dll ( )CHR Plugin: (Silverlight Plug-In) - c:\Program Files (x86)\Microsoft Silverlight\5.1.10411.0\npctrl.dll No FileCHR Extension: (AVG Safe Search) - C:\Users\Philip\AppData\Local\Google\Chrome\User Data\Default\Extensions\jmfkcklnlgedgbglfkkgedjfmejoahla\12.0.0.2191_0CHR Extension: (Skype Click to Call) - C:\Users\Philip\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl\6.7.0.12055_0CHR Extension: (AVG Secure Search) - C:\Users\Philip\AppData\Local\Google\Chrome\User Data\Default\Extensions\ndibdjnfmopecpmkdieinmbadjfpblof\15.5.0.2_0CHR Extension: (Chrome In-App Payments service) - C:\Users\Philip\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.4.11_0CHR HKLM-x32\...\Chrome\Extension: [jmfkcklnlgedgbglfkkgedjfmejoahla] - C:\Program Files (x86)\AVG\AVG2012\Chrome\safesearch.crxCHR HKLM-x32\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - C:\Program Files (x86)\Skype\Toolbars\Skype for Chromium\skype_chrome_extension.crxCHR HKLM-x32\...\Chrome\Extension: [ndibdjnfmopecpmkdieinmbadjfpblof] - C:\ProgramData\AVG Secure Search\ChromeExt\15.5.0.2\avg.crx ==================== Services (Whitelisted) ================= R2 !SASCORE; C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE [140672 2012-07-11] (SUPERAntiSpyware.com)R2 Akamai; c:\program files (x86)\common files\akamai/netsession_win_8fa3539.dll [4569856 2013-07-02] (Akamai Technologies, Inc.)R2 avgfws; C:\Program Files (x86)\AVG\AVG2012\avgfws.exe [2321560 2012-06-13] (AVG Technologies CZ, s.r.o.)S2 AVGIDSAgent; C:\Program Files (x86)\AVG\AVG2012\AVGIDSAgent.exe [5160568 2012-07-04] (AVG Technologies CZ, s.r.o.)R2 avgwd; C:\Program Files (x86)\AVG\AVG2012\avgwdsvc.exe [193288 2012-02-14] (AVG Technologies CZ, s.r.o.)R2 MBAMScheduler; C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe [418376 2013-04-04] (Malwarebytes Corporation)R2 MBAMService; C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [701512 2013-04-04] (Malwarebytes Corporation)R2 MsMpSvc; c:\Program Files\Microsoft Security Client\MsMpEng.exe [23808 2013-06-20] (Microsoft Corporation)S3 NisSrv; c:\Program Files\Microsoft Security Client\NisSrv.exe [366600 2013-06-20] (Microsoft Corporation)R2 vToolbarUpdater15.5.0; C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\15.5.0\ToolbarUpdater.exe [1643184 2013-08-15] (AVG Secure Search)S3 BT Common Client RSA Smart Card Reader Service; C:\Program Files (x86)\BT Connection Manager\btomoscrsrv.exe [x]S2 Winmgmt; C:\PROGRA~3\otq109.pzz [x]U2 *etadpug; "C:\Program Files (x86)\Google\Desktop\Install\{d3145163-28fb-decd-a1a6-380b0e9b7fd1}\ \...\???\{d3145163-28fb-decd-a1a6-380b0e9b7fd1}\GoogleUpdate.exe" < <==== ATTENTION (ZeroAccess) ==================== Drivers (Whitelisted) ==================== R1 Avgfwfd; C:\Windows\System32\DRIVERS\avgfwd6a.sys [48992 2011-05-23] (AVG Technologies CZ, s.r.o.)R3 AVGIDSDriver; C:\Windows\System32\DRIVERS\avgidsdrivera.sys [124496 2011-12-23] (AVG Technologies CZ, s.r.o. )R3 AVGIDSFilter; C:\Windows\System32\DRIVERS\avgidsfiltera.sys [29776 2011-12-23] (AVG Technologies CZ, s.r.o. )R0 AVGIDSHA; C:\Windows\System32\DRIVERS\avgidsha.sys [28480 2012-04-19] (AVG Technologies CZ, s.r.o. )R1 Avgldx64; C:\Windows\System32\DRIVERS\avgldx64.sys [289872 2012-02-22] (AVG Technologies CZ, s.r.o.)R1 Avgmfx64; C:\Windows\System32\DRIVERS\avgmfx64.sys [47696 2011-12-23] (AVG Technologies CZ, s.r.o.)R0 Avgrkx64; C:\Windows\System32\DRIVERS\avgrkx64.sys [36944 2012-01-31] (AVG Technologies CZ, s.r.o.)R1 Avgtdia; C:\Windows\System32\DRIVERS\avgtdia.sys [383808 2012-03-19] (AVG Technologies CZ, s.r.o.)R1 avgtp; C:\Windows\system32\drivers\avgtpx64.sys [45856 2013-08-15] (AVG Technologies)R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25928 2013-04-04] (Malwarebytes Corporation)R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25928 2013-04-04] (Malwarebytes Corporation)R0 MpFilter; C:\Windows\System32\DRIVERS\MpFilter.sys [247216 2013-06-18] (Microsoft Corporation)S3 NisDrv; C:\Windows\System32\DRIVERS\NisDrvWFP.sys [139616 2013-06-18] (Microsoft Corporation)S3 RimUsb; C:\Windows\System32\Drivers\RimUsb_AMD64.sys [27520 2007-05-14] (Research In Motion Limited)S3 s1018bus; C:\Windows\System32\DRIVERS\s1018bus.sys [113704 2009-03-25] (MCCI Corporation)S3 s1018mdfl; C:\Windows\System32\DRIVERS\s1018mdfl.sys [19496 2009-03-25] (MCCI Corporation)S3 s1018mdm; C:\Windows\System32\DRIVERS\s1018mdm.sys [153128 2009-03-25] (MCCI Corporation)S3 s1018mgmt; C:\Windows\System32\DRIVERS\s1018mgmt.sys [133160 2009-03-25] (MCCI Corporation)S3 s1018nd5; C:\Windows\System32\DRIVERS\s1018nd5.sys [34856 2009-03-25] (MCCI Corporation)S3 s1018obex; C:\Windows\System32\DRIVERS\s1018obex.sys [128552 2009-03-25] (MCCI Corporation)S3 s1018unic; C:\Windows\System32\DRIVERS\s1018unic.sys [146472 2009-03-25] (MCCI Corporation)R1 SASDIFSV; C:\Program Files\SUPERAntiSpyware\SASDIFSV64.SYS [14928 2011-07-22] (SUPERAdBlocker.com and SUPERAntiSpyware.com)R1 SASDIFSV; C:\Program Files\SUPERAntiSpyware\SASDIFSV64.SYS [14928 2011-07-22] (SUPERAdBlocker.com and SUPERAntiSpyware.com)R1 SASKUTIL; C:\Program Files\SUPERAntiSpyware\SASKUTIL64.SYS [12368 2011-07-12] (SUPERAdBlocker.com and SUPERAntiSpyware.com)R1 SASKUTIL; C:\Program Files\SUPERAntiSpyware\SASKUTIL64.SYS [12368 2011-07-12] (SUPERAdBlocker.com and SUPERAntiSpyware.com)R3 SysMouseFilterF3; C:\Windows\System32\DRIVERS\SysMouseFilterF3.sys [28152 2008-12-08] ()S2 BTWSp50a64; SysWOW64\Drivers\BTWSp50a64.sys [x]S3 ZTEusbmdm6k; system32\DRIVERS\ZTEusbmdm6k.sys [x]S3 ZTEusbnmea; system32\DRIVERS\ZTEusbnmea.sys [x]S3 ZTEusbser6k; system32\DRIVERS\ZTEusbser6k.sys [x] ==================== NetSvcs (Whitelisted) =================== ==================== One Month Created Files and Folders ======== 2013-09-14 17:55 - 2013-09-14 17:55 - 00000000 ____D C:\FRST2013-09-14 17:53 - 2013-09-14 17:53 - 01950312 _____ (Farbar) C:\Users\Philip\Desktop\FRST64.exe2013-09-14 12:38 - 2013-09-14 12:38 - 00004946 _____ C:\Users\Philip\Desktop\attach.txt2013-09-14 12:38 - 2013-09-14 12:37 - 00019477 _____ C:\Users\Philip\Desktop\dds.txt2013-09-14 12:29 - 2013-09-14 12:29 - 00688992 ____R (Swearware) C:\Users\Philip\Desktop\dds.com2013-09-14 11:45 - 2013-09-14 11:45 - 00001113 _____ C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk2013-09-14 11:45 - 2013-09-14 11:45 - 00000000 ____D C:\ProgramData\Malwarebytes2013-09-14 11:45 - 2013-09-14 11:45 - 00000000 ____D C:\Program Files (x86)\Malwarebytes' Anti-Malware2013-09-14 11:45 - 2013-04-04 14:50 - 00025928 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys2013-09-14 11:42 - 2013-09-14 11:43 - 10285040 _____ (Malwarebytes Corporation ) C:\Users\Philip\Downloads\mbam-setup-1.75.0.1300.exe2013-09-14 10:47 - 2013-09-14 10:47 - 00347424 _____ (Microsoft Corporation) C:\Users\Philip\Downloads\MicrosoftFixit.WinSecurity.RNP.38302582825594639.1.1.Run.exe2013-09-14 10:12 - 2013-09-14 10:15 - 00000000 ____D C:\Windows\system32\MRT2013-09-14 10:08 - 2013-09-14 10:09 - 00000000 ____D C:\Windows\Temp33890900-A962-99CE-4FB1-F88D5F6C1F46-Signatures2013-09-14 10:00 - 2013-09-14 10:00 - 00000000 ____D C:\Windows\system32\EventProviders2013-09-14 09:59 - 2013-02-22 07:27 - 02312704 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll2013-09-14 09:59 - 2013-02-22 07:21 - 01346560 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll2013-09-14 09:59 - 2013-02-22 07:19 - 01494528 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl2013-09-14 09:59 - 2013-02-22 07:18 - 00237056 _____ (Microsoft Corporation) C:\Windows\system32\url.dll2013-09-14 09:59 - 2013-02-22 07:15 - 00173056 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe2013-09-14 09:59 - 2013-02-22 07:14 - 00729088 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll2013-09-14 09:59 - 2013-02-22 07:13 - 00096768 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll2013-09-14 09:59 - 2013-02-22 07:12 - 02382848 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb2013-09-14 09:59 - 2013-02-22 07:09 - 00248320 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll2013-09-14 09:59 - 2013-02-22 04:38 - 01104384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll2013-09-14 09:59 - 2013-02-22 04:37 - 01427968 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl2013-09-14 09:59 - 2013-02-22 04:36 - 00231936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\url.dll2013-09-14 09:59 - 2013-02-22 04:34 - 00420864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll2013-09-14 09:59 - 2013-02-22 04:34 - 00142848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe2013-09-14 09:59 - 2013-02-22 04:33 - 00607744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll2013-09-14 09:59 - 2013-02-22 04:31 - 02382848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb2013-09-14 09:59 - 2013-02-22 04:31 - 00073216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll2013-09-14 09:59 - 2013-02-22 04:28 - 00176640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll2013-09-14 09:58 - 2013-02-22 07:57 - 17817088 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll2013-09-14 09:58 - 2013-02-22 07:29 - 10925568 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll2013-09-14 09:58 - 2013-02-22 07:20 - 01392128 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll2013-09-14 09:58 - 2013-02-22 07:17 - 00085504 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll2013-09-14 09:58 - 2013-02-22 07:15 - 00816640 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll2013-09-14 09:58 - 2013-02-22 07:15 - 00599040 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll2013-09-14 09:58 - 2013-02-22 07:13 - 02147840 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll2013-09-14 09:58 - 2013-02-22 05:05 - 12324352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll2013-09-14 09:58 - 2013-02-22 04:47 - 09738752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll2013-09-14 09:58 - 2013-02-22 04:46 - 01800704 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll2013-09-14 09:58 - 2013-02-22 04:38 - 01129472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll2013-09-14 09:58 - 2013-02-22 04:35 - 00065024 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll2013-09-14 09:58 - 2013-02-22 04:34 - 00717824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll2013-09-14 09:58 - 2013-02-22 04:32 - 01796096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll2013-09-14 06:44 - 2013-02-12 16:42 - 00044032 _____ (Microsoft Corporation) C:\Windows\system32\tsgqec.dll2013-09-14 06:44 - 2013-02-12 16:37 - 03138048 _____ (Microsoft Corporation) C:\Windows\system32\mstscax.dll2013-09-14 06:44 - 2013-02-12 16:31 - 00158208 _____ (Microsoft Corporation) C:\Windows\system32\aaclient.dll2013-09-14 06:44 - 2013-02-12 16:13 - 02691072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mstscax.dll2013-09-14 06:44 - 2013-02-12 16:07 - 00131072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\aaclient.dll2013-09-14 06:44 - 2013-02-12 14:59 - 00036864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tsgqec.dll2013-09-14 06:43 - 2013-04-12 15:36 - 01653096 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ntfs.sys2013-09-14 06:43 - 2013-03-01 04:32 - 03150848 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys2013-09-14 06:43 - 2013-01-24 06:41 - 00223752 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\fvevol.sys2013-09-14 06:38 - 2013-03-19 07:19 - 05497688 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe2013-09-14 06:38 - 2013-03-19 06:54 - 00043520 _____ (Microsoft Corporation) C:\Windows\system32\csrsrv.dll2013-09-14 06:38 - 2013-03-19 06:06 - 03958120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe2013-09-14 06:38 - 2013-03-19 06:06 - 03902312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe2013-09-14 06:38 - 2013-03-19 05:53 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\apisetschema.dll2013-09-14 06:38 - 2013-03-19 04:19 - 00112640 _____ (Microsoft Corporation) C:\Windows\system32\smss.exe2013-09-14 06:27 - 2013-02-12 15:02 - 00019968 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usb8023.sys2013-09-13 17:37 - 2013-09-13 17:37 - 00000000 ____D C:\ProgramData\Oracle2013-09-13 17:37 - 2013-09-13 17:36 - 00264616 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaws.exe2013-09-13 17:37 - 2013-09-13 17:36 - 00175016 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaw.exe2013-09-13 17:37 - 2013-09-13 17:36 - 00175016 _____ (Oracle Corporation) C:\Windows\SysWOW64\java.exe2013-09-13 17:37 - 2013-09-13 17:36 - 00096168 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll2013-09-13 17:32 - 2013-09-13 17:39 - 00000953 _____ C:\Users\Public\Desktop\Speccy.lnk2013-09-13 17:31 - 2013-09-13 17:32 - 00000000 ____D C:\Program Files\Speccy2013-09-13 10:21 - 2013-09-14 10:10 - 00001945 _____ C:\Windows\epplauncher.mif2013-09-13 10:19 - 2013-09-14 10:09 - 00000000 ____D C:\Program Files\Microsoft Security Client2013-09-13 10:19 - 2013-09-14 10:08 - 00000000 ____D C:\Program Files (x86)\Microsoft Security Client2013-09-12 17:07 - 2013-09-14 17:07 - 00000512 _____ C:\Windows\Tasks\SUPERAntiSpyware Scheduled Task 938c00e0-fe2a-4e4d-9123-b2822c5b2a69.job2013-09-12 17:07 - 2013-09-14 02:00 - 00000512 _____ C:\Windows\Tasks\SUPERAntiSpyware Scheduled Task 95a9368f-afc0-4b94-9b2d-fdb5b20b9f55.job2013-09-12 17:07 - 2013-09-12 17:07 - 00003594 _____ C:\Windows\System32\Tasks\SUPERAntiSpyware Scheduled Task 95a9368f-afc0-4b94-9b2d-fdb5b20b9f552013-09-12 17:07 - 2013-09-12 17:07 - 00003520 _____ C:\Windows\System32\Tasks\SUPERAntiSpyware Scheduled Task 938c00e0-fe2a-4e4d-9123-b2822c5b2a692013-09-12 17:06 - 2013-09-14 10:27 - 00000000 ____D C:\Program Files\SUPERAntiSpyware2013-09-12 17:06 - 2013-09-12 17:29 - 00001965 _____ C:\Users\Public\Desktop\SUPERAntiSpyware Free Edition.lnk2013-09-12 17:06 - 2013-09-12 17:06 - 00000000 ____D C:\ProgramData\SUPERAntiSpyware.com2013-09-12 16:44 - 2013-09-12 16:44 - 00000000 ____D C:\Users\Philip\AppData\Local\{13AADDCA-586C-4E40-9C9F-8465FD7660B3}2013-09-10 08:29 - 2013-09-10 08:29 - 00153605 _____ C:\Users\Cam\AppData\Local\e5d9ade3-6325-4fdb-922f-38d35a21b99f2013-09-09 09:17 - 2013-09-10 19:24 - 00000000 _____ C:\ProgramData\otq109.ctrl2013-09-09 09:17 - 2013-09-09 09:17 - 95025368 ____T C:\ProgramData\otq109.pff2013-09-09 09:17 - 2013-09-09 09:17 - 00153605 _____ C:\Users\Philip\AppData\Local\e5d9ade3-6325-4fdb-922f-38d35a21b99f2013-09-07 13:39 - 2013-09-08 19:00 - 00024552 _____ C:\Users\Cam\Downloads\Cam Chorley INVOICE.xlsx2013-09-07 13:05 - 2013-09-07 13:05 - 00024538 _____ C:\Users\Cam\Downloads\Blank Invoice.xlsx2013-08-17 08:30 - 2013-08-17 08:34 - 00024423 _____ C:\Users\Philip\Documents\City Data invoice ctc201.xlsx ==================== One Month Modified Files and Folders ======= 2013-09-14 17:55 - 2013-09-14 17:55 - 00000000 ____D C:\FRST2013-09-14 17:55 - 2009-07-14 05:51 - 01417604 _____ C:\Windows\setupact.log2013-09-14 17:53 - 2013-09-14 17:53 - 01950312 _____ (Farbar) C:\Users\Philip\Desktop\FRST64.exe2013-09-14 17:39 - 2009-11-10 22:07 - 01969229 _____ C:\Windows\WindowsUpdate.log2013-09-14 17:07 - 2013-09-12 17:07 - 00000512 _____ C:\Windows\Tasks\SUPERAntiSpyware Scheduled Task 938c00e0-fe2a-4e4d-9123-b2822c5b2a69.job2013-09-14 17:07 - 2010-01-29 08:38 - 00000898 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job2013-09-14 13:22 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\system32\NDF2013-09-14 12:59 - 2010-07-03 12:59 - 00000254 _____ C:\Windows\Tasks\Epson Printer Software Downloader.job2013-09-14 12:38 - 2013-09-14 12:38 - 00004946 _____ C:\Users\Philip\Desktop\attach.txt2013-09-14 12:37 - 2013-09-14 12:38 - 00019477 _____ C:\Users\Philip\Desktop\dds.txt2013-09-14 12:29 - 2013-09-14 12:29 - 00688992 ____R (Swearware) C:\Users\Philip\Desktop\dds.com2013-09-14 12:23 - 2009-07-14 05:45 - 00019648 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A02013-09-14 12:23 - 2009-07-14 05:45 - 00019648 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A02013-09-14 12:14 - 2013-06-04 07:53 - 00000350 _____ C:\Windows\Tasks\AVG-Secure-Search-Update_JUNE2013_TB_rmv.job2013-09-14 12:14 - 2013-01-23 15:19 - 00000354 _____ C:\Windows\Tasks\ROC_JAN2013_TB_rmv.job2013-09-14 12:14 - 2010-01-29 08:38 - 00000894 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job2013-09-14 12:14 - 2009-07-14 06:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT2013-09-14 12:13 - 2009-11-11 19:41 - 00384566 _____ C:\Windows\PFRO.log2013-09-14 11:45 - 2013-09-14 11:45 - 00001113 _____ C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk2013-09-14 11:45 - 2013-09-14 11:45 - 00000000 ____D C:\ProgramData\Malwarebytes2013-09-14 11:45 - 2013-09-14 11:45 - 00000000 ____D C:\Program Files (x86)\Malwarebytes' Anti-Malware2013-09-14 11:43 - 2013-09-14 11:42 - 10285040 _____ (Malwarebytes Corporation ) C:\Users\Philip\Downloads\mbam-setup-1.75.0.1300.exe2013-09-14 10:47 - 2013-09-14 10:47 - 00347424 _____ (Microsoft Corporation) C:\Users\Philip\Downloads\MicrosoftFixit.WinSecurity.RNP.38302582825594639.1.1.Run.exe2013-09-14 10:27 - 2013-09-12 17:06 - 00000000 ____D C:\Program Files\SUPERAntiSpyware2013-09-14 10:22 - 2009-07-14 05:45 - 00365096 _____ C:\Windows\system32\FNTCACHE.DAT2013-09-14 10:21 - 2012-05-11 08:53 - 00000000 ____D C:\Program Files\Microsoft Silverlight2013-09-14 10:21 - 2012-05-11 08:53 - 00000000 ____D C:\Program Files (x86)\Microsoft Silverlight2013-09-14 10:18 - 2009-07-14 03:34 - 00000499 _____ C:\Windows\win.ini2013-09-14 10:15 - 2013-09-14 10:12 - 00000000 ____D C:\Windows\system32\MRT2013-09-14 10:10 - 2013-09-13 10:21 - 00001945 _____ C:\Windows\epplauncher.mif2013-09-14 10:09 - 2013-09-14 10:08 - 00000000 ____D C:\Windows\Temp33890900-A962-99CE-4FB1-F88D5F6C1F46-Signatures2013-09-14 10:09 - 2013-09-13 10:19 - 00000000 ____D C:\Program Files\Microsoft Security Client2013-09-14 10:08 - 2013-09-13 10:19 - 00000000 ____D C:\Program Files (x86)\Microsoft Security Client2013-09-14 10:02 - 2009-11-29 19:28 - 00000000 ____D C:\Program Files (x86)\Microsoft Office2013-09-14 10:00 - 2013-09-14 10:00 - 00000000 ____D C:\Windows\system32\EventProviders2013-09-14 02:00 - 2013-09-12 17:07 - 00000512 _____ C:\Windows\Tasks\SUPERAntiSpyware Scheduled Task 95a9368f-afc0-4b94-9b2d-fdb5b20b9f55.job2013-09-13 17:39 - 2013-09-13 17:32 - 00000953 _____ C:\Users\Public\Desktop\Speccy.lnk2013-09-13 17:37 - 2013-09-13 17:37 - 00000000 ____D C:\ProgramData\Oracle2013-09-13 17:36 - 2013-09-13 17:37 - 00264616 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaws.exe2013-09-13 17:36 - 2013-09-13 17:37 - 00175016 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaw.exe2013-09-13 17:36 - 2013-09-13 17:37 - 00175016 _____ (Oracle Corporation) C:\Windows\SysWOW64\java.exe2013-09-13 17:36 - 2013-09-13 17:37 - 00096168 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll2013-09-13 17:36 - 2012-10-13 11:17 - 00868264 _____ (Oracle Corporation) C:\Windows\SysWOW64\npDeployJava1.dll2013-09-13 17:36 - 2010-05-23 02:04 - 00790440 _____ (Oracle Corporation) C:\Windows\SysWOW64\deployJava1.dll2013-09-13 17:32 - 2013-09-13 17:31 - 00000000 ____D C:\Program Files\Speccy2013-09-13 11:37 - 2009-11-10 23:43 - 00568512 _____ C:\Windows\DPINST.LOG2013-09-13 11:34 - 2012-04-18 10:00 - 00001945 _____ C:\Users\Public\Desktop\Sony PC Companion 2.1.lnk2013-09-13 11:33 - 2009-11-10 23:45 - 00000000 ___HD C:\Program Files (x86)\InstallShield Installation Information2013-09-13 11:28 - 2013-03-13 21:02 - 00576999 _____ C:\Users\Philip\AppData\Local\axiollpj.log2013-09-13 11:28 - 2013-03-13 21:02 - 00000004 _____ C:\Users\Philip\AppData\Local\jdgfavyj.log2013-09-13 11:28 - 2013-03-13 21:01 - 00000028 _____ C:\Users\Philip\AppData\Local\xkllrhiv.log2013-09-13 11:28 - 2013-03-13 21:01 - 00000000 ____D C:\Users\Philip\AppData\Local\oxhgofel2013-09-13 11:28 - 2009-11-10 22:07 - 00000000 ___RD C:\Users\Philip\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup2013-09-13 11:27 - 2013-03-14 11:37 - 00000000 _____ C:\Users\Philip\AppData\Local\vyxhgegi.log2013-09-13 10:09 - 2013-06-03 10:02 - 01108325 _____ C:\Users\Philip\AppData\Local\msdjxvum.log2013-09-13 10:09 - 2013-04-15 15:12 - 00003937 _____ C:\Users\Philip\AppData\Local\kamplwqj.log2013-09-13 10:09 - 2013-03-13 21:04 - 00003288 _____ C:\Users\Philip\AppData\Local\qhvydfuk.log2013-09-13 10:09 - 2013-03-13 21:02 - 00005370 _____ C:\Users\Philip\AppData\Local\dtggwayn.log2013-09-12 17:29 - 2013-09-12 17:06 - 00001965 _____ C:\Users\Public\Desktop\SUPERAntiSpyware Free Edition.lnk2013-09-12 17:28 - 2011-10-02 05:23 - 00000000 ____D C:\Users\Philip\AppData\Local\CrashDumps2013-09-12 17:07 - 2013-09-12 17:07 - 00003594 _____ C:\Windows\System32\Tasks\SUPERAntiSpyware Scheduled Task 95a9368f-afc0-4b94-9b2d-fdb5b20b9f552013-09-12 17:07 - 2013-09-12 17:07 - 00003520 _____ C:\Windows\System32\Tasks\SUPERAntiSpyware Scheduled Task 938c00e0-fe2a-4e4d-9123-b2822c5b2a692013-09-12 17:06 - 2013-09-12 17:06 - 00000000 ____D C:\ProgramData\SUPERAntiSpyware.com2013-09-12 16:44 - 2013-09-12 16:44 - 00000000 ____D C:\Users\Philip\AppData\Local\{13AADDCA-586C-4E40-9C9F-8465FD7660B3}2013-09-10 22:40 - 2010-07-21 18:02 - 00000000 ____D C:\Program Files (x86)\Inbox Toolbar2013-09-10 19:24 - 2013-09-09 09:17 - 00000000 _____ C:\ProgramData\otq109.ctrl2013-09-10 18:42 - 2013-03-21 20:31 - 00000000 ____D C:\Users\Cam2013-09-10 08:29 - 2013-09-10 08:29 - 00153605 _____ C:\Users\Cam\AppData\Local\e5d9ade3-6325-4fdb-922f-38d35a21b99f2013-09-10 08:27 - 2013-03-21 20:32 - 00000000 ____D C:\Users\Cam\AppData\Local\Google2013-09-09 09:17 - 2013-09-09 09:17 - 95025368 ____T C:\ProgramData\otq109.pff2013-09-09 09:17 - 2013-09-09 09:17 - 00153605 _____ C:\Users\Philip\AppData\Local\e5d9ade3-6325-4fdb-922f-38d35a21b99f2013-09-09 09:13 - 2010-01-23 10:47 - 00000000 ____D C:\Users\Philip\AppData\Local\Google2013-09-09 09:13 - 2010-01-22 20:57 - 00000000 ____D C:\Program Files (x86)\Google2013-09-08 19:00 - 2013-09-07 13:39 - 00024552 _____ C:\Users\Cam\Downloads\Cam Chorley INVOICE.xlsx2013-09-08 16:48 - 2009-07-14 06:13 - 00730532 _____ C:\Windows\system32\PerfStringBackup.INI2013-09-07 13:05 - 2013-09-07 13:05 - 00024538 _____ C:\Users\Cam\Downloads\Blank Invoice.xlsx2013-09-06 17:51 - 2013-03-20 16:26 - 00002102 _____ C:\Users\Public\Desktop\Google Chrome.lnk2013-09-01 17:08 - 2009-11-11 00:29 - 79143768 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe2013-08-29 18:47 - 2013-03-13 21:02 - 00000798 _____ C:\Users\Philip\AppData\Local\tkokgeop.log2013-08-17 08:34 - 2013-08-17 08:30 - 00024423 _____ C:\Users\Philip\Documents\City Data invoice ctc201.xlsx2013-08-15 17:42 - 2012-01-29 18:42 - 00000000 ____D C:\Windows\SysWOW64\cache2013-08-15 17:41 - 2012-08-15 13:20 - 00045856 _____ (AVG Technologies) C:\Windows\system32\Drivers\avgtpx64.sys2013-08-15 17:41 - 2012-08-15 13:20 - 00000000 ____D C:\Program Files (x86)\AVG Secure Search Files to move or delete:====================ZeroAccess:C:\Users\Philip\AppData\Local\Google\Desktop\InstallZeroAccess:C:\Program Files (x86)\Google\Desktop\InstallC:\ProgramData\otq109.ctrlC:\Users\Philip\Photoshop_12_LS1.exe Some content of TEMP:====================C:\Users\Cam\AppData\Local\Temp\jre-7u17-windows-i586-iftw.exeC:\Users\Cam\AppData\Local\Temp\jre-7u21-windows-i586-iftw.exeC:\Users\Cam\AppData\Local\Temp\jre-7u25-windows-i586-iftw.exeC:\Users\Lolo\AppData\Local\Temp\jre-7u17-windows-i586-iftw.exeC:\Users\Lolo\AppData\Local\Temp\jre-7u21-windows-i586-iftw.exeC:\Users\Lolo\AppData\Local\Temp\jre-7u25-windows-i586-iftw.exeC:\Users\Philip\AppData\Local\Temp\APNStub.exeC:\Users\Philip\AppData\Local\Temp\jre-7u21-windows-i586-iftw.exeC:\Users\Philip\AppData\Local\Temp\jre-7u25-windows-i586-iftw.exeC:\Users\Philip\AppData\Local\Temp\jre-7u40-windows-i586-iftw.exeC:\Users\Philip\AppData\Local\Temp\tbProd.dllC:\Users\Philip\AppData\Local\Temp\_is255E.exeC:\Users\Philip\AppData\Local\Temp\_is4E00.exeC:\Users\Philip\AppData\Local\Temp\_is6650.exeC:\Users\Philip\AppData\Local\Temp\_isB869.exe ==================== Bamital & volsnap Check ================= C:\Windows\System32\winlogon.exe => MD5 is legitC:\Windows\System32\wininit.exe => MD5 is legitC:\Windows\SysWOW64\wininit.exe => MD5 is legitC:\Windows\explorer.exe => MD5 is legitC:\Windows\SysWOW64\explorer.exe => MD5 is legitC:\Windows\System32\svchost.exe => MD5 is legitC:\Windows\SysWOW64\svchost.exe => MD5 is legitC:\Windows\System32\services.exe => MD5 is legitC:\Windows\System32\User32.dll => MD5 is legitC:\Windows\SysWOW64\User32.dll => MD5 is legitC:\Windows\System32\userinit.exe => MD5 is legitC:\Windows\SysWOW64\userinit.exe => MD5 is legitC:\Windows\System32\Drivers\volsnap.sys => MD5 is legit LastRegBack: 2013-09-12 19:29 ==================== End Of Log ============================ Additional scan result of Farbar Recovery Scan Tool (x64) Version: 13-09-2013 04Ran by Philip at 2013-09-14 17:58:10Running from C:\Users\Philip\DesktopBoot Mode: Normal========================================================== ==================== Installed Programs ======================= ABBYY FineReader 6.0 Sprint (x32 Version: 6.00.1395.4512)Acoustica Effects Pack (x32 Version: 3.0)Acoustica Mixcraft 5 (x32)Acrobat.com (x32 Version: 2.0.0)Acrobat.com (x32 Version: 2.0.0.0)Adobe AIR (x32 Version: 3.6.0.6090)Adobe Download Assistant (x32 Version: 1.0.6)Adobe Flash Player 11 ActiveX (x32 Version: 11.1.102.55)Adobe Reader 9.4.6 (x32 Version: 9.4.6)AGEIA PhysX v7.01.12 (x32 Version: 7.01.12)Akamai NetSession Interface (HKCU)Akamai NetSession Interface Service (x32)Apple Application Support (x32 Version: 2.3.3)Apple Mobile Device Support (Version: 6.1.0.13)Apple Software Update (x32 Version: 2.1.3.127)Ask Toolbar (x32 Version: 1.15.2.0)Ask Toolbar Updater (HKCU Version: 1.2.1.23037)AVG 2012 (Version: 12.0.2197)AVG 2012 (Version: 12.0.2437)AVG 2012 (Version: 2012.0.2197)AVG Security Toolbar (x32 Version: 15.5.0.2)Bing Bar (x32 Version: 7.2.241.0)Bonjour (Version: 3.0.0.10)Bug Bits 1.0 (x32)Camera RAW Plug-In for EPSON Creativity Suite (x32 Version: 2.2.0.0)Compatibility Pack for the 2007 Office system (x32 Version: 12.0.6612.1000)Conexant HD Audio (Version: 4.58.1.0)ConstructionSkills (x32 Version: 1.00.673)Crawler Toolbar (x32)CyberLink YouCam (x32 Version: 1.0.1002)D3DX10 (x32 Version: 15.4.2368.0902)DVDVideoSoftTB Toolbar (x32 Version: 6.11.2.6)EPSON Printer SoftwareEpson Printer Software Downloader (x32 Version: 2.0.0)Epson Printer Software Downloader (x32)EPSON Scan (x32)Epson Stylus SX510W_TX550W Manual (x32)EPSON SX510W Series Printer UninstallEpsonNet Print (x32 Version: 2.4i)EpsonNet Setup (x32 Version: 3.1c)Facebook Plug-In (HKCU)Free Audio CD Burner version 1.4.7 (x32)Free NaturalReader (x32 Version: 9.0)Free Studio version 5.0.13 (x32)Free YouTube to MP3 Converter version 3.9.31 (x32)Google Chrome (x32 Version: 29.0.1547.66)Google Earth (x32 Version: 7.1.1.1888)Google Toolbar for Internet Explorer (x32 Version: 1.0.0)Google Toolbar for Internet Explorer (x32 Version: 7.5.4413.1752)Google Update Helper (x32 Version: 1.3.21.153)GoToAssist Corporate (x32 Version: 9.0.0.599)HP Quick Launch Buttons (x32 Version: 6.50.7.1)Inbox Toolbar (x32 Version: 1.0.0)iTunes (Version: 11.0.2.26)Java 7 Update 40 (x32 Version: 7.0.400)Java Auto Updater (x32 Version: 2.1.9.8)Java 6 Update 21 (x32 Version: 6.0.210)Junk Mail filter update (x32 Version: 15.4.3502.0922)KODAK Share Button App (x32 Version: 4.00.0000.0000)Malwarebytes Anti-Malware version 1.75.0.1300 (x32 Version: 1.75.0.1300)Media Go (x32 Version: 2.1.392)Media Go Video Playback Engine 1.88.110.12050 (x32 Version: 1.88.110.12050)Microsoft .NET Framework 4 Client Profile (Version: 4.0.30319)Microsoft Application Error Reporting (Version: 12.0.6015.5000)Microsoft Office File Validation Add-In (x32 Version: 14.0.5130.5003)Microsoft Office Professional Edition 2003 (x32 Version: 11.0.8173.0)Microsoft Security Client (Version: 4.3.0215.0)Microsoft Security Essentials (Version: 4.3.215.0)Microsoft Silverlight (Version: 5.1.20513.0)Microsoft SQL Server 2005 Compact Edition [ENU] (x32 Version: 3.1.0000)Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (x32 Version: 8.0.50727.4053)Microsoft Visual C++ 2005 Redistributable - KB2467175 (x32 Version: 8.0.51011)Microsoft Visual C++ 2005 Redistributable (x32 Version: 8.0.59193)Microsoft Visual C++ 2005 Redistributable (x32 Version: 8.0.61001)Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148 (x32 Version: 9.0.30729.4148)Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022.218 (x32 Version: 9.0.21022.218)Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (x32 Version: 9.0.30729)Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (x32 Version: 9.0.30729.4148)Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (x32 Version: 9.0.30729.6161)Microsoft Works 6-9 Converter (x32 Version: 9.7.0621)MouseDriver (Version: 1.00.0000)MouseDriver (x32)MSVCRT (x32 Version: 15.4.2862.0708)MSVCRT_amd64 (x32 Version: 15.4.2862.0708)MSXML 4.0 SP2 (KB954430) (x32 Version: 4.20.9870.0)MSXML 4.0 SP2 (KB973688) (x32 Version: 4.20.9876.0)Network Play System (Patching) (x32)PlayStation®Network Downloader (x32 Version: 2.07.00849)PlayStation®Store (x32 Version: 4.7.14.14146)PortGo Softphone version 8.0 (x32 Version: 8.0)QLBCASL (x32 Version: 6.40.17.2)QuickTime (x32 Version: 7.72.80.56)Sage Planning for Business (x32 Version: 1.0.462.0)Sage Start-up (x32 Version: 2.0.0.11)Search Results Toolbar (x32 Version: 1.0.0.12)Skype Click to Call (x32 Version: 6.7.12055)Skype™ 5.10 (x32 Version: 5.10.116)Sony Ericsson Update Engine (x32 Version: 2.12.12.24)Sony PC Companion 2.10.173 (x32 Version: 2.10.173)Speccy (Version: 1.23)SUPERAntiSpyware (Version: 5.6.1014)Synaptics Pointing Device Driver (Version: 13.2.2.0)Uninstall 1.0.0.1 (x32)Update for Microsoft .NET Framework 4 Client Profile (KB2468871) (x32 Version: 1)Update for Microsoft .NET Framework 4 Client Profile (KB2533523) (x32 Version: 1)Update for Microsoft .NET Framework 4 Client Profile (KB2600217) (x32 Version: 1)Visual Studio 2008 x64 Redistributables (x32 Version: 10.0.0.2)Windows Driver Package - Eastman Kodak KODAK Digital Camera (01/29/2010 1.4.1.0) (Version: 01/29/2010 1.4.1.0)Windows Live Communications Platform (x32 Version: 15.4.3502.0922)Windows Live Essentials (x32 Version: 15.4.3502.0922)Windows Live Family Safety (Version: 15.4.3502.0922)Windows Live ID Sign-in Assistant (Version: 7.250.4225.0)Windows Live Installer (x32 Version: 15.4.3502.0922)Windows Live Language Selector (Version: 15.4.3502.0922)Windows Live Mail (x32 Version: 15.4.3502.0922)Windows Live Messenger (x32 Version: 15.4.3502.0922)Windows Live MIME IFilter (Version: 15.4.3502.0922)Windows Live Movie Maker (x32 Version: 15.4.3502.0922)Windows Live Photo Common (x32 Version: 15.4.3502.0922)Windows Live Photo Gallery (x32 Version: 15.4.3502.0922)Windows Live PIMT Platform (x32 Version: 15.4.3502.0922)Windows Live SOXE (x32 Version: 15.4.3502.0922)Windows Live SOXE Definitions (x32 Version: 15.4.3502.0922)Windows Live Sync (x32 Version: 14.0.8089.726)Windows Live UX Platform (x32 Version: 15.4.3502.0922)Windows Live UX Platform Language Pack (x32 Version: 15.4.3502.0922)Windows Live Writer (x32 Version: 15.4.3502.0922)Windows Live Writer Resources (x32 Version: 15.4.3502.0922)WinRAR archiverYahoo! BrowserPlus 2.9.8 (HKCU)Yahoo! Software Update (x32)Yahoo! Toolbar (x32) ==================== Restore Points ========================= Could not list Restore Points. ==================== Hosts content: ========================== 2009-07-14 03:34 - 2009-06-10 22:00 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts ==================== Scheduled Tasks (whitelisted) ============= Task: {044A6734-E90E-4F8F-B357-B2DC8AB3B5EC} - System32\Tasks\Microsoft\Windows\Time Synchronization\SynchronizeTime => Sc.exe start w32time task_startedTask: {049AC2BD-8F0D-47CF-9396-104FC4D464C4} - System32\Tasks\SUPERAntiSpyware Scheduled Task 95a9368f-afc0-4b94-9b2d-fdb5b20b9f55 => C:\Program Files\SUPERAntiSpyware\SASTask.exe [2011-05-04] (SUPERAdBlocker.com)Task: {04FD6CBE-816F-4EBF-9A2B-1D1C50CB1214} - System32\Tasks\Microsoft\Windows Live\SOXE\Extractor Definitions Update TaskTask: {2621026C-1470-42B6-8CB5-A24654CED961} - System32\Tasks\WPD\SqmUpload_S-1-5-21-1578952971-1974380792-2542341017-1003 => C:\Windows\System32\portabledeviceapi.dll [2009-07-14] (Microsoft Corporation)Task: {293E896C-3578-45DF-9BF1-E01A1A1AAFC6} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2010-01-29] (Google Inc.)Task: {3275D579-1C3C-46C1-AAEC-8C75E2416CDC} - System32\Tasks\SidebarExecute => C:\Program Files (x86)\Windows Sidebar\sidebar.exe [2009-07-14] (Microsoft Corporation)Task: {3D4C6202-F0E3-42B8-9911-F609B5F82A78} - System32\Tasks\Scheduled Update for Ask Toolbar => C:\Program Files (x86)\Ask.com\UpdateTask.exe [2012-05-04] ()Task: {566D10AE-2C15-4B15-B93F-4095A5B4F3B4} - System32\Tasks\AVG-Secure-Search-Update_JUNE2013_TB_rmv => C:\Windows\TEMP\{5F61A6E8-CD28-4698-BBFB-93AC41728277}.exeTask: {5DB54E9A-3154-4574-B2D9-545EB43B266E} - System32\Tasks\ROC_JAN2013_TB_rmv => C:\Program Files (x86)\AVG Secure Search\PostInstall\ROC.exe [2013-01-31] ()Task: {8F16C24F-9648-4546-9593-40955A47961E} - System32\Tasks\CreateChoiceProcessTask => C:\Windows\System32\browserchoice.exe [2010-02-23] (Microsoft Corporation)Task: {98864E29-9393-4F65-B32B-B422BFF94628} - System32\Tasks\{10EF5062-FADE-4238-95E4-4EA61663B88F}-Kodak Share Button App Camera detect => C:\Program Files (x86)\Kodak\KODAK Share Button App\Listener.exe [2011-09-22] (Eastman Kodak Company)Task: {B2510878-8826-4B53-9A1C-A3763FBC0903} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2010-01-29] (Google Inc.)Task: {D92D7D90-A854-4FBF-8E3B-FD5973699C13} - System32\Tasks\Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan => c:\Program Files\Microsoft Security Client\MpCmdRun.exe [2013-06-20] (Microsoft Corporation)Task: {E07C876B-5678-46A5-BC9B-7B65E6A969C4} - System32\Tasks\SUPERAntiSpyware Scheduled Task 938c00e0-fe2a-4e4d-9123-b2822c5b2a69 => C:\Program Files\SUPERAntiSpyware\SASTask.exe [2011-05-04] (SUPERAdBlocker.com)Task: {EC7D6EA5-D124-409B-A289-966B11EA70A4} - System32\Tasks\{28A419A5-CBB8-4061-B6DF-FD387B4F4369} => C:\Program Files (x86)\Skype\Phone\Skype.exe [2012-07-13] (Skype Technologies S.A.)Task: {F4F33EA7-9244-40C4-A27A-0A1E6979AA63} - System32\Tasks\Microsoft\Windows\Media Center\mcupdate_scheduled => C:\Windows\ehome\mcupdate.exe [2010-08-04] (Microsoft Corporation)Task: {F9E3170E-DB85-4063-BD9D-70AB06C9EA52} - System32\Tasks\Epson Printer Software Downloader => C:\Program Files (x86)\EPSON\EPAPDL\E_SAPDL2.EXE [2009-05-26] (SEIKO EPSON CORPORATION)Task: {FCDEA430-EC50-4C69-BB07-AF9003E6C8CC} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)Task: C:\Windows\Tasks\AVG-Secure-Search-Update_JUNE2013_TB_rmv.job => C:\Windows\TEMP\{5F61A6E8-CD28-4698-BBFB-93AC41728277}.exeTask: C:\Windows\Tasks\Epson Printer Software Downloader.job => C:\Program Files (x86)\EPSON\EPAPDL\E_SAPDL2.EXETask: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exeTask: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exeTask: C:\Windows\Tasks\ROC_JAN2013_TB_rmv.job => C:\Program Files (x86)\AVG Secure Search\PostInstall\ROC.exeTask: C:\Windows\Tasks\SUPERAntiSpyware Scheduled Task 938c00e0-fe2a-4e4d-9123-b2822c5b2a69.job => C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exeTask: C:\Windows\Tasks\SUPERAntiSpyware Scheduled Task 95a9368f-afc0-4b94-9b2d-fdb5b20b9f55.job => C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe ==================== Loaded Modules (whitelisted) ============= ==================== Alternate Data Streams (whitelisted) ========== ==================== Faulty Device Manager Devices ============= Could not list Devices. ==================== Event log errors: ========================= Application errors:==================Error: (09/13/2013 08:32:46 PM) (Source: Application Hang) (User: )Description: The program explorer.exe version 6.1.7600.16768 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel. Process ID: d3c Start Time: 01ceb0b7aa3f88ee Termination Time: 0 Application Path: C:\Windows\explorer.exe Report Id: Error: (09/13/2013 08:30:12 PM) (Source: Application Hang) (User: )Description: The program Explorer.EXE version 6.1.7600.16768 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel. Process ID: 174 Start Time: 01ceb09e2db96e8a Termination Time: 0 Application Path: C:\Windows\Explorer.EXE Report Id: Error: (09/13/2013 01:06:06 PM) (Source: Bonjour Service) (User: )Description: Task Scheduling Error: m->NextScheduledSPRetry 707230 Error: (09/13/2013 01:06:06 PM) (Source: Bonjour Service) (User: )Description: Task Scheduling Error: m->NextScheduledEvent 707230 Error: (09/13/2013 01:06:06 PM) (Source: Bonjour Service) (User: )Description: Task Scheduling Error: Continuously busy for more than a second Error: (09/13/2013 11:33:49 AM) (Source: MsiInstaller) (User: NT AUTHORITY)Description: Product: Skype Click to Call -- Error 1720. There is a problem with this Windows Installer package. A script required for this install to complete could not be run. Contact your support personnel or package vendor. Custom action GetFirefoxLocalProfilePath.AE456DBC_DDBA_441F_BC5E_0CF21D88B0A1 script error -2146827864, Microsoft VBScript runtime error: Object required: 'CreateObject(...).NameSpace(...)' Line 191, Column 7, Error: (09/13/2013 10:17:03 AM) (Source: Application Hang) (User: )Description: The program iexplore.exe version 9.0.8112.16464 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel. Process ID: b28 Start Time: 01ceb061cbd3dc1c Termination Time: 0 Application Path: C:\Program Files (x86)\Internet Explorer\iexplore.exe Report Id: 3772f7f1-1c55-11e3-a09d-001f165c9edf Error: (09/13/2013 10:11:11 AM) (Source: Application Hang) (User: )Description: The program iexplore.exe version 9.0.8112.16464 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel. Process ID: 1110 Start Time: 01ceb0610c70ae00 Termination Time: 31 Application Path: C:\Program Files (x86)\Internet Explorer\iexplore.exe Report Id: Error: (09/12/2013 05:28:38 PM) (Source: Application Error) (User: )Description: Faulting application name: SUPERAntiSpyware.exe, version: 5.6.0.1014, time stamp: 0x5092d064Faulting module name: SUPERAntiSpyware.exe, version: 5.6.0.1014, time stamp: 0x5092d064Exception code: 0xc000041dFault offset: 0x00000000000d3164Faulting process id: 0xa34Faulting application start time: 0xSUPERAntiSpyware.exe0Faulting application path: SUPERAntiSpyware.exe1Faulting module path: SUPERAntiSpyware.exe2Report Id: SUPERAntiSpyware.exe3 Error: (09/08/2013 04:36:12 PM) (Source: Application Error) (User: )Description: Faulting application name: E_IARNFIE.EXE, version: 5.0.5.0, time stamp: 0x490594a9Faulting module name: E_IAPRFIE.DLL, version: 6.0.2.0, time stamp: 0x4ac15cf5Exception code: 0xc0000005Fault offset: 0x000000000006a503Faulting process id: 0x434Faulting application start time: 0xE_IARNFIE.EXE0Faulting application path: E_IARNFIE.EXE1Faulting module path: E_IARNFIE.EXE2Report Id: E_IARNFIE.EXE3 System errors:=============Error: (09/14/2013 05:59:26 PM) (Source: Service Control Manager) (User: )Description: The Windows Management Instrumentation service terminated with the following error: %%126 Error: (09/14/2013 05:58:56 PM) (Source: Service Control Manager) (User: )Description: The Windows Management Instrumentation service terminated with the following error: %%126 Error: (09/14/2013 05:58:11 PM) (Source: Service Control Manager) (User: )Description: The Windows Management Instrumentation service terminated with the following error: %%126 Error: (09/14/2013 05:55:55 PM) (Source: Service Control Manager) (User: )Description: The Windows Management Instrumentation service terminated with the following error: %%126 Error: (09/14/2013 05:40:56 PM) (Source: Service Control Manager) (User: )Description: The Windows Management Instrumentation service terminated with the following error: %%126 Error: (09/14/2013 05:40:26 PM) (Source: Service Control Manager) (User: )Description: The Windows Management Instrumentation service terminated with the following error: %%126 Error: (09/14/2013 05:39:56 PM) (Source: Service Control Manager) (User: )Description: The Windows Management Instrumentation service terminated with the following error: %%126 Error: (09/14/2013 05:39:26 PM) (Source: Service Control Manager) (User: )Description: The Windows Management Instrumentation service terminated with the following error: %%126 Error: (09/14/2013 05:38:56 PM) (Source: Service Control Manager) (User: )Description: The Windows Management Instrumentation service terminated with the following error: %%126 Error: (09/14/2013 05:38:26 PM) (Source: Service Control Manager) (User: )Description: The Windows Management Instrumentation service terminated with the following error: %%126 Microsoft Office Sessions:=========================Error: (09/13/2013 08:32:46 PM) (Source: Application Hang)(User: )Description: explorer.exe6.1.7600.16768d3c01ceb0b7aa3f88ee0C:\Windows\explorer.exe Error: (09/13/2013 08:30:12 PM) (Source: Application Hang)(User: )Description: Explorer.EXE6.1.7600.1676817401ceb09e2db96e8a0C:\Windows\Explorer.EXE Error: (09/13/2013 01:06:06 PM) (Source: Bonjour Service)(User: )Description: Task Scheduling Error: m->NextScheduledSPRetry 707230 Error: (09/13/2013 01:06:06 PM) (Source: Bonjour Service)(User: )Description: Task Scheduling Error: m->NextScheduledEvent 707230 Error: (09/13/2013 01:06:06 PM) (Source: Bonjour Service)(User: )Description: Task Scheduling Error: Continuously busy for more than a second Error: (09/13/2013 11:33:49 AM) (Source: MsiInstaller)(User: NT AUTHORITY)Description: Product: Skype Click to Call -- Error 1720. There is a problem with this Windows Installer package. A script required for this install to complete could not be run. Contact your support personnel or package vendor. Custom action GetFirefoxLocalProfilePath.AE456DBC_DDBA_441F_BC5E_0CF21D88B0A1 script error -2146827864, Microsoft VBScript runtime error: Object required: 'CreateObject(...).NameSpace(...)' Line 191, Column 7, (NULL)(NULL)(NULL)(NULL)(NULL) Error: (09/13/2013 10:17:03 AM) (Source: Application Hang)(User: )Description: iexplore.exe9.0.8112.16464b2801ceb061cbd3dc1c0C:\Program Files (x86)\Internet Explorer\iexplore.exe3772f7f1-1c55-11e3-a09d-001f165c9edf Error: (09/13/2013 10:11:11 AM) (Source: Application Hang)(User: )Description: iexplore.exe9.0.8112.16464111001ceb0610c70ae0031C:\Program Files (x86)\Internet Explorer\iexplore.exe Error: (09/12/2013 05:28:38 PM) (Source: Application Error)(User: )Description: SUPERAntiSpyware.exe5.6.0.10145092d064SUPERAntiSpyware.exe5.6.0.10145092d064c000041d00000000000d3164a3401ceafd3dc4e5e8aC:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exeC:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe6049f90f-1bc8-11e3-8092-001f165c9edf Error: (09/08/2013 04:36:12 PM) (Source: Application Error)(User: )Description: E_IARNFIE.EXE5.0.5.0490594a9E_IAPRFIE.DLL6.0.2.04ac15cf5c0000005000000000006a50343401ceaca88d19bc45C:\Windows\system32\spool\DRIVERS\x64\3\E_IARNFIE.EXEC:\Windows\system32\spool\DRIVERS\x64\3\E_IAPRFIE.DLL63bf3e1a-189c-11e3-a94b-001f165c9edf CodeIntegrity Errors:=================================== Date: 2013-07-24 09:24:01.321 Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume1\Users\Philip\AppData\Local\Temp\esaacfgo.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source. Date: 2013-07-24 09:24:00.978 Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume1\Users\Philip\AppData\Local\Temp\esaacfgo.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source. Date: 2013-07-22 21:52:46.354 Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume1\Users\Philip\AppData\Local\Temp\esaacfgo.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source. Date: 2013-07-22 21:52:45.933 Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume1\Users\Philip\AppData\Local\Temp\esaacfgo.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source. Date: 2013-07-14 18:13:50.170 Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume1\Users\Philip\AppData\Local\Temp\esaacfgo.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source. Date: 2013-07-14 18:13:49.733 Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume1\Users\Philip\AppData\Local\Temp\esaacfgo.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source. Date: 2013-07-14 16:26:45.918 Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume1\Users\Philip\AppData\Local\Temp\esaacfgo.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source. Date: 2013-07-14 16:26:45.559 Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume1\Users\Philip\AppData\Local\Temp\esaacfgo.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source. Date: 2013-07-13 12:01:24.582 Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume1\Users\Philip\AppData\Local\Temp\esaacfgo.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source. Date: 2013-07-13 12:01:24.223 Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume1\Users\Philip\AppData\Local\Temp\esaacfgo.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source. ==================== Memory info =========================== Percentage of memory in use: 51%Total physical RAM: 4027.2 MBAvailable physical RAM: 1969.98 MBTotal Pagefile: 8052.53 MBAvailable Pagefile: 5670.17 MBTotal Virtual: 8192 MBAvailable Virtual: 8191.82 MB ==================== Drives ================================ Drive c: () (Fixed) (Total:138.97 GB) (Free:86.01 GB) NTFS ==>[Drive with boot components (obtained from BCD)]Drive d: (RECOVERY) (Fixed) (Total:10.08 GB) (Free:1.75 GB) NTFS ==>[system with boot components (obtained from reading drive)] ==================== MBR & Partition Table ================== ========================================================Disk: 0 (MBR Code: Windows 7 or 8) (Size: 149 GB) (Disk ID: 317C40FD)Partition 1: (Active) - (Size=139 GB) - (Type=07 NTFS)Partition 2: (Not Active) - (Size=10 GB) - (Type=07 NTFS) ==================== End Of Log ============================

Have tried normal virus removal programs to no avail, need help with clearing stubborn lockout from security centre. Help with this problem will be gratefully received. Thank you Tom dds report and attach below: DDS (Ver_2012-11-20.01) - NTFS_AMD64 Internet Explorer: 9.0.8112.16476 BrowserJavaVersion: 10.40.2Run by Philip at 12:35:09 on 2013-09-14.============== Running Processes ================.C:\Program Files (x86)\Common Files\EPSON\EBAPI\eEBSVC.exeC:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exeC:\Program Files (x86)\AVG\AVG2012\avgfws.exeC:\Program Files (x86)\AVG\AVG2012\avgwdsvc.exeC:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exeC:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exeC:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exeC:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\15.5.0\ToolbarUpdater.exeC:\Program Files (x86)\Yahoo!\SoftwareUpdate\YahooAUService.exeC:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\15.5.0\loggingserver.exeC:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exeC:\Program Files (x86)\Kodak\KODAK Share Button App\Listener.exeC:\Users\Philip\AppData\Local\Akamai\netsession_win.exeC:\Program Files (x86)\Sony\Sony PC Companion\PCCompanion.exeC:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exeC:\Program Files (x86)\Hewlett-Packard\HP Quick Launch Buttons\QLBCtrl.exeC:\Users\Philip\AppData\Local\Akamai\netsession_win.exeC:\Program Files (x86)\AVG\AVG2012\avgtray.exeC:\Program Files (x86)\AVG Secure Search\vprot.exeC:\Program Files (x86)\Ask.com\Updater\Updater.exeC:\Program Files (x86)\iTunes\iTunesHelper.exeC:\Program Files (x86)\Common Files\Java\Java Update\jusched.exeC:\Program Files (x86)\Sony\Sony PC Companion\PCCompanionInfo.exeC:\Program Files (x86)\Hewlett-Packard\HP Quick Launch Buttons\Com4QLBEx.exeC:\Program Files (x86)\Microsoft\BingBar\7.2.241.0\SeaPort.exeC:\Program Files (x86)\Google\Chrome\Application\chrome.exeC:\Program Files (x86)\Google\Chrome\Application\chrome.exeC:\Program Files (x86)\Google\Chrome\Application\chrome.exeC:\Program Files (x86)\Google\Chrome\Application\chrome.exeC:\Program Files (x86)\Google\Chrome\Application\chrome.exeC:\Windows\SysWOW64\svchost.exe -k Akamai.============== Pseudo HJT Report ===============.uSearch Bar = PreserveuProxyOverride = 127.0.0.1:9421;<local>mURLSearchHooks: DVDVideoSoftTB Toolbar: {872b5b88-9db5-4310-bdd0-ac189557e5f5} - C:\Program Files (x86)\DVDVideoSoftTB\prxtbDVD2.dllmWinlogon: Userinit = userinit.exe,BHO: &Yahoo! Toolbar Helper: {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn0\yt.dllBHO: Adobe PDF Link Helper: {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dllBHO: <No Name>: {1CB20BF0-BBAE-40A7-93F4-6435FF3D0411} - C:\Program Files (x86)\Crawler\Toolbar\ctbr.dllBHO: Conduit Engine : {30F9B915-B755-4826-820B-08FBA6BD249D} - C:\Program Files (x86)\ConduitEngine\prxConduitEngine.dllBHO: AVG Safe Search: {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files (x86)\AVG\AVG2012\avgssie.dllBHO: Java Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dllBHO: DVDVideoSoftTB Toolbar: {872b5b88-9db5-4310-bdd0-ac189557e5f5} - C:\Program Files (x86)\DVDVideoSoftTB\prxtbDVD2.dllBHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dllBHO: Search Results Toolbar: {94366e2c-9923-431c-b0d6-747447dd0f2b} - C:\Program Files (x86)\searchresults1\searchresultsDx.dllBHO: AVG Security Toolbar: {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Program Files (x86)\AVG Secure Search\15.5.0.2\AVG Secure Search_toolbar.dllBHO: Google Toolbar Helper: {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dllBHO: Skype Browser Helper: {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dllBHO: Bing Bar Helper: {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files (x86)\Microsoft\BingBar\7.2.241.0\BingExt.dllBHO: Inbox Toolbar: {D3D233D5-9F6D-436C-B6C7-E63F77503B30} - BHO: Ask Toolbar: {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dllBHO: Java Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dllBHO: SingleInstance Class: {FDAD4DA1-61A2-4FD8-9C17-86F7AC245081} - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn\YTSingleInstance.dllTB: Google Toolbar: {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dllTB: &Crawler Toolbar: {4B3803EA-5230-4DC3-A7FC-33638F3D3542} - C:\Program Files (x86)\Crawler\Toolbar\ctbr.dllTB: &Inbox Toolbar: {D7E97865-918F-41E4-9CD0-25AB1C574CE8} - TB: DVDVideoSoftTB Toolbar: {872B5B88-9DB5-4310-BDD0-AC189557E5F5} - C:\Program Files (x86)\DVDVideoSoftTB\prxtbDVD2.dllTB: Ask Toolbar: {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dllTB: <No Name>: {E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39} - LocalServer32 - <no file>TB: &Inbox Toolbar: {D7E97865-918F-41E4-9CD0-25AB1C574CE8} - TB: &Crawler Toolbar: {4B3803EA-5230-4DC3-A7FC-33638F3D3542} - C:\Program Files (x86)\Crawler\Toolbar\ctbr.dllTB: DVDVideoSoftTB Toolbar: {872b5b88-9db5-4310-bdd0-ac189557e5f5} - C:\Program Files (x86)\DVDVideoSoftTB\prxtbDVD2.dllTB: Yahoo! Toolbar: {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn0\yt.dllTB: AVG Security Toolbar: {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Program Files (x86)\AVG Secure Search\15.5.0.2\AVG Secure Search_toolbar.dllTB: Ask Toolbar: {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dllTB: Search Results Toolbar: {94366e2c-9923-431c-b0d6-747447dd0f2b} - C:\Program Files (x86)\searchresults1\searchresultsDx.dllTB: Google Toolbar: {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dllTB: Bing Bar: {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files (x86)\Microsoft\BingBar\7.2.241.0\BingExt.dlluRun: [EPSON Stylus DX7400 Series] C:\Windows\System32\spool\DRIVERS\x64\3\E_IATICDE.EXE /FU "C:\Windows\TEMP\E_S3AFD.tmp" /EF "HKCU"uRun: [EPSON SX510W Series] C:\Windows\System32\spool\DRIVERS\x64\3\E_IATIFIE.EXE /FU "C:\Windows\TEMP\E_S5B0E.tmp" /EF "HKCU"uRun: [Epson Stylus SX510W(Network)] C:\Windows\System32\spool\DRIVERS\x64\3\E_IATIFIE.EXE /FU "C:\Windows\TEMP\E_SF6E.tmp" /EF "HKCU"uRun: [bTCommonClient] "C:\Program Files (x86)\BT Connection Manager\btomo.exe" -auRun: [Akamai NetSession Interface] "C:\Users\Philip\AppData\Local\Akamai\netsession_win.exe"uRun: [sony PC Companion] "C:\Program Files (x86)\Sony\Sony PC Companion\PCCompanion.exe" /BackgrounduRun: [swg] "C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"uRun: [Rxa1gKilRsOh] C:\Users\Philip\AppData\Local\SkbeR8P.exeuRun: [WeySyiny] C:\Users\Philip\AppData\Local\oxhgofel\weysyiny.exemRun: [QlbCtrl.exe] C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe /StartmRun: [uCam_Menu] "C:\Program Files (x86)\CyberLink\YouCam\MUITransfer\MUIStartMenu.exe" "C:\Program Files (x86)\CyberLink\YouCam" update "Software\CyberLink\YouCam\1.0"mRun: [Adobe Reader Speed Launcher] "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe"mRun: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"mRun: [AVG_TRAY] "C:\Program Files (x86)\AVG\AVG2012\avgtray.exe"mRun: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"mRun: [vProt] "C:\Program Files (x86)\AVG Secure Search\vprot.exe"mRun: [ApnUpdater] "C:\Program Files (x86)\Ask.com\Updater\Updater.exe"mRun: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottimemRun: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe"mRun: [Rxa1gKilRsOh] C:\Users\Philip\AppData\Local\SkbeR8P.exemRun: [sunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"mPolicies-Explorer: NoActiveDesktop = dword:1mPolicies-System: ConsentPromptBehaviorAdmin = dword:5mPolicies-System: ConsentPromptBehaviorUser = dword:3mPolicies-System: EnableLUA = dword:0mPolicies-System: EnableUIADesktopToggle = dword:0IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dllIE: {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dllIE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503}LSP: mswsock.dllTCP: NameServer = 192.168.2.1TCP: Interfaces\{6B01FC2B-B405-4D86-9FEA-DA388231BD14} : DHCPNameServer = 192.168.2.1TCP: Interfaces\{6B01FC2B-B405-4D86-9FEA-DA388231BD14}\244584572633D225736363 : DHCPNameServer = 192.168.1.254TCP: Interfaces\{6B01FC2B-B405-4D86-9FEA-DA388231BD14}\4516E6E6562702641627D602051627B60275962756C6563737 : DHCPNameServer = 192.168.231.1Handler: inbox - {37540F19-DD4C-478B-B2DF-C19281BCAF27} - Handler: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files (x86)\AVG\AVG2012\avgpp.dllHandler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dllHandler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dllHandler: tbr - {4D25FB7A-8902-4291-960E-9ADA051CFBBF} - C:\Program Files (x86)\Crawler\Toolbar\ctbr.dllHandler: viprotocol - {B658800C-F66E-4EF3-AB85-6C0C227862A9} - C:\Program Files (x86)\Common Files\AVG Secure Search\ViProtocolInstaller\15.5.0\ViProtocol.dllHandler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dllSSODL: WebCheck - <orphaned>mASetup: {8A69D345-D564-463c-AFF1-A69D9E530F96} - "C:\Program Files (x86)\Google\Chrome\Application\29.0.1547.66\Installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level --multi-install --chromex64-BHO: AVG Do Not Track: {31332EEF-CB9F-458F-AFEB-D30E9A66B6BA} - C:\Program Files (x86)\AVG\AVG2012\avgdtiea.dllx64-BHO: AVG Safe Search: {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files (x86)\AVG\AVG2012\avgssiea.dllx64-BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dllx64-BHO: Google Toolbar Helper: {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dllx64-BHO: Skype add-on for Internet Explorer: {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dllx64-TB: Google Toolbar: {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dllx64-Run: [synTPEnh] C:\Program Files (x86)\Synaptics\SynTP\SynTPEnh.exex64-Run: [MouseDriverD9] C:\Program Files\MouseDriver\MouseDriver.exex64-Run: [igfxTray] C:\Windows\System32\igfxtray.exex64-Run: [HotKeysCmds] C:\Windows\System32\hkcmd.exex64-Run: [Persistence] C:\Windows\System32\igfxpers.exex64-Run: [MSC] "c:\Program Files\Microsoft Security Client\msseces.exe" -hide -runkeyx64-IE: {68BCFFE1-A2DA-4B40-9068-87ECBFC19D16} - {68BCFFE1-A2DA-4B40-9068-87ECBFC19D16} - C:\Program Files (x86)\AVG\AVG2012\avgdtiea.dllx64-IE: {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dllx64-Handler: inbox - {37540F19-DD4C-478B-B2DF-C19281BCAF27} - <orphaned>x64-Handler: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files (x86)\AVG\AVG2012\avgppa.dllx64-Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dllx64-Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - <orphaned>x64-Handler: tbr - {4D25FB7A-8902-4291-960E-9ADA051CFBBF} - <orphaned>x64-Handler: viprotocol - {B658800C-F66E-4EF3-AB85-6C0C227862A9} - <orphaned>x64-Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - <orphaned>x64-Notify: GoToAssist - C:\Program Files (x86)\Citrix\GoToAssist\599\G2AWinLogon_x64.dllx64-Notify: igfxcui - igfxdev.dllx64-SSODL: WebCheck - <orphaned>.============= SERVICES / DRIVERS ===============.R? ?etadpug;Google Update Service (gupdate)R? AVGIDSAgent;AVGIDSAgentR? BBSvc;BingBar ServiceR? BT Common Client RSA Smart Card Reader Service;BT Common Client RSA Smart Card Reader ServiceR? BTWSp50a64;BTWSp50a64 NDIS Protocol DriverR? clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86R? clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64R? dg_ssudbus;SAMSUNG Mobile USB Composite Device Driver (DEVGURU Ver.)R? fssfltr;fssfltrR? fsssvc;Windows Live Family Safety ServiceR? ggflt;SEMC USB Flash Driver FilterR? NisDrv;Microsoft Network Inspection SystemR? NisSrv;Microsoft Network InspectionR? s1018bus;Sony Ericsson Device 1018 driver (WDM)R? s1018mdfl;Sony Ericsson Device 1018 USB WMC Modem FilterR? s1018mdm;Sony Ericsson Device 1018 USB WMC Modem DriverR? s1018mgmt;Sony Ericsson Device 1018 USB WMC Device Management Drivers (WDM)R? s1018nd5;Sony Ericsson Device 1018 USB Ethernet Emulation (NDIS)R? s1018obex;Sony Ericsson Device 1018 USB WMC OBEX InterfaceR? s1018unic;Sony Ericsson Device 1018 USB Ethernet Emulation (WDM)R? SkypeUpdate;Skype UpdaterR? Sony PC Companion;Sony PC CompanionR? ssudmdm;SAMSUNG Mobile USB Modem Drivers (DEVGURU Ver.)R? USBAAPL64;Apple Mobile USB DriverR? WatAdminSvc;Windows Activation Technologies ServiceS? !SASCORE;SAS Core ServiceS? Akamai;Akamai NetSession InterfaceS? Avgfwfd;AVG network filter serviceS? avgfws;AVG FirewallS? AVGIDSDriver;AVGIDSDriverS? AVGIDSFilter;AVGIDSFilterS? AVGIDSHA;AVGIDSHAS? Avgldx64;AVG AVI Loader DriverS? Avgmfx64;AVG Mini-Filter Resident Anti-Virus ShieldS? Avgrkx64;AVG Anti-Rootkit DriverS? Avgtdia;AVG TDI DriverS? avgtp;avgtpS? avgwd;AVG WatchDogS? BBUpdate;BBUpdateS? Com4QLBEx;Com4QLBExS? MBAMProtector;MBAMProtectorS? MBAMScheduler;MBAMSchedulerS? MBAMService;MBAMServiceS? MpFilter;Microsoft Malware Protection DriverS? RTL8167;Realtek 8167 NT DriverS? SASDIFSV;SASDIFSVS? SASKUTIL;SASKUTILS? Skype C2C Service;Skype C2C ServiceS? SrvHsfHDA;SrvHsfHDAS? SrvHsfV92;SrvHsfV92S? SrvHsfWinac;SrvHsfWinacS? SysMouseFilterF3;SysMouseFilterF3S? vToolbarUpdater15.5.0;vToolbarUpdater15.5.0.=============== Created Last 30 ================.2013-09-14 10:45:12 -------- d-----w- C:\ProgramData\Malwarebytes2013-09-14 10:45:10 25928 ----a-w- C:\Windows\System32\drivers\mbam.sys2013-09-14 10:45:10 -------- d-----w- C:\Program Files (x86)\Malwarebytes' Anti-Malware2013-09-14 09:12:48 -------- d-----w- C:\Windows\System32\MRT2013-09-14 09:08:40 -------- d-----w- C:\Windows\Temp33890900-A962-99CE-4FB1-F88D5F6C1F46-Signatures2013-09-14 09:00:12 -------- d-----w- C:\Windows\System32\EventProviders2013-09-14 05:44:05 3138048 ----a-w- C:\Windows\System32\mstscax.dll2013-09-14 05:44:04 2691072 ----a-w- C:\Windows\SysWow64\mstscax.dll2013-09-14 05:44:03 44032 ----a-w- C:\Windows\System32\tsgqec.dll2013-09-14 05:44:03 36864 ----a-w- C:\Windows\SysWow64\tsgqec.dll2013-09-14 05:44:03 158208 ----a-w- C:\Windows\System32\aaclient.dll2013-09-14 05:44:03 131072 ----a-w- C:\Windows\SysWow64\aaclient.dll2013-09-14 05:43:54 3150848 ----a-w- C:\Windows\System32\win32k.sys2013-09-14 05:43:53 1653096 ----a-w- C:\Windows\System32\drivers\ntfs.sys2013-09-14 05:43:50 223752 ----a-w- C:\Windows\System32\drivers\fvevol.sys2013-09-14 05:38:25 5497688 ----a-w- C:\Windows\System32\ntoskrnl.exe2013-09-14 05:38:23 43520 ----a-w- C:\Windows\System32\csrsrv.dll2013-09-14 05:38:23 3958120 ----a-w- C:\Windows\SysWow64\ntkrnlpa.exe2013-09-14 05:38:23 3902312 ----a-w- C:\Windows\SysWow64\ntoskrnl.exe2013-09-14 05:38:23 112640 ----a-w- C:\Windows\System32\smss.exe2013-09-14 05:38:22 6656 ----a-w- C:\Windows\SysWow64\apisetschema.dll2013-09-14 05:27:56 19968 ----a-w- C:\Windows\System32\drivers\usb8023.sys2013-09-14 01:29:50 9515512 ----a-w- C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{27FA8F10-D7CD-40BF-80AA-E1B043C8C82D}\mpengine.dll2013-09-13 17:42:19 9515512 ----a-w- C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\Backup\mpengine.dll2013-09-13 16:37:40 -------- d-----w- C:\ProgramData\Oracle2013-09-13 16:37:06 96168 ----a-w- C:\Windows\SysWow64\WindowsAccessBridge-32.dll2013-09-13 16:31:55 -------- d-----w- C:\Program Files\Speccy2013-09-13 09:19:29 -------- d-----w- C:\Program Files (x86)\Microsoft Security Client2013-09-13 09:19:17 -------- d-----w- C:\Program Files\Microsoft Security Client2013-09-12 16:06:19 -------- d-----w- C:\ProgramData\SUPERAntiSpyware.com2013-09-12 16:06:19 -------- d-----w- C:\Program Files\SUPERAntiSpyware2013-09-12 15:44:08 -------- d-----w- C:\Users\Philip\AppData\Local\{13AADDCA-586C-4E40-9C9F-8465FD7660B3}.==================== Find3M ====================.2013-09-13 16:36:36 868264 ----a-w- C:\Windows\SysWow64\npDeployJava1.dll2013-09-13 16:36:36 790440 ----a-w- C:\Windows\SysWow64\deployJava1.dll2013-08-15 16:41:55 45856 ----a-w- C:\Windows\System32\drivers\avgtpx64.sys2013-06-18 20:50:08 247216 ----a-w- C:\Windows\System32\drivers\MpFilter.sys2013-06-18 20:50:08 139616 ----a-w- C:\Windows\System32\drivers\NisDrvWFP.sys.============= FINISH: 12:37:40.72 =============== .==== Installed Programs ======================.ABBYY FineReader 6.0 SprintAcoustica Effects PackAcoustica Mixcraft 5Acrobat.comAdobe AIRAdobe Download AssistantAdobe Flash Player 11 ActiveXAdobe Reader 9.4.6AGEIA PhysX v7.01.12Akamai NetSession InterfaceAkamai NetSession Interface ServiceApple Application SupportApple Mobile Device SupportApple Software UpdateAsk ToolbarAsk Toolbar UpdaterAVG 2012AVG Security ToolbarBing BarBonjourBug Bits 1.0Camera RAW Plug-In for EPSON Creativity SuiteCompatibility Pack for the 2007 Office systemConexant HD AudioConstructionSkillsCrawler ToolbarCyberLink YouCamD3DX10DVDVideoSoftTB ToolbarEPSON Printer SoftwareEpson Printer Software DownloaderEPSON ScanEpson Stylus SX510W_TX550W ManualEPSON SX510W Series Printer UninstallEpsonNet PrintEpsonNet SetupFacebook Plug-InFree Audio CD Burner version 1.4.7Free NaturalReaderFree Studio version 5.0.13Free YouTube to MP3 Converter version 3.9.31Google ChromeGoogle EarthGoogle Toolbar for Internet ExplorerGoogle Update HelperGoToAssist CorporateHP Quick Launch ButtonsInbox ToolbariTunesJava 7 Update 40Java Auto UpdaterJava 6 Update 21Junk Mail filter updateKODAK Share Button AppMalwarebytes Anti-Malware version 1.75.0.1300Media GoMedia Go Video Playback Engine 1.88.110.12050Microsoft .NET Framework 4 Client ProfileMicrosoft Application Error ReportingMicrosoft Office File Validation Add-InMicrosoft Office Professional Edition 2003Microsoft Security ClientMicrosoft Security EssentialsMicrosoft SilverlightMicrosoft SQL Server 2005 Compact Edition [ENU]Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053Microsoft Visual C++ 2005 RedistributableMicrosoft Visual C++ 2005 Redistributable - KB2467175Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022.218Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161Microsoft Works 6-9 ConverterMouseDriverMSVCRTMSVCRT_amd64MSXML 4.0 SP2 (KB954430)MSXML 4.0 SP2 (KB973688)Network Play System (Patching)PlayStation®Network DownloaderPlayStation®StorePortGo Softphone version 8.0QLBCASLQuickTimeSage Planning for BusinessSage Start-upSearch Results ToolbarSecurity Update for Microsoft .NET Framework 4 Client Profile (KB2160841)Security Update for Microsoft .NET Framework 4 Client Profile (KB2446708)Security Update for Microsoft .NET Framework 4 Client Profile (KB2478663)Security Update for Microsoft .NET Framework 4 Client Profile (KB2518870)Security Update for Microsoft .NET Framework 4 Client Profile (KB2539636)Security Update for Microsoft .NET Framework 4 Client Profile (KB2572078)Security Update for Microsoft .NET Framework 4 Client Profile (KB2604121)Security Update for Microsoft .NET Framework 4 Client Profile (KB2633870)Security Update for Microsoft .NET Framework 4 Client Profile (KB2656351)Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368)Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368v2)Security Update for Microsoft .NET Framework 4 Client Profile (KB2656405)Security Update for Microsoft .NET Framework 4 Client Profile (KB2686827)Security Update for Microsoft .NET Framework 4 Client Profile (KB2729449)Security Update for Microsoft .NET Framework 4 Client Profile (KB2737019)Security Update for Microsoft .NET Framework 4 Client Profile (KB2742595)Security Update for Microsoft .NET Framework 4 Client Profile (KB2789642)Skype Click to CallSkype™ 5.10Sony Ericsson Update EngineSony PC Companion 2.10.173SpeccySUPERAntiSpywareSynaptics Pointing Device DriverUninstall 1.0.0.1Update for Microsoft .NET Framework 4 Client Profile (KB2468871)Update for Microsoft .NET Framework 4 Client Profile (KB2533523)Update for Microsoft .NET Framework 4 Client Profile (KB2600217)Visual Studio 2008 x64 RedistributablesWindows Driver Package - Eastman Kodak KODAK Digital Camera (01/29/2010 1.4.1.0)Windows Live Communications PlatformWindows Live EssentialsWindows Live Family SafetyWindows Live ID Sign-in AssistantWindows Live InstallerWindows Live Language SelectorWindows Live MailWindows Live MessengerWindows Live MIME IFilterWindows Live Movie MakerWindows Live Photo CommonWindows Live Photo GalleryWindows Live PIMT PlatformWindows Live SOXEWindows Live SOXE DefinitionsWindows Live SyncWindows Live UX PlatformWindows Live UX Platform Language PackWindows Live WriterWindows Live Writer ResourcesWinRAR archiverYahoo! BrowserPlus 2.9.8Yahoo! Software UpdateYahoo! Toolbar.==== End Of File ===========================

Ok, have now completed the IE reset, cleared cache in Chrome, checked download location and as previously set by me. System restore has been reset, reports below from latest DSS run. DDS (Ver_2012-11-20.01) - NTFS_AMD64 Internet Explorer: 9.0.8112.16470 BrowserJavaVersion: 10.15.2 Run by TOM at 10:13:49 on 2013-03-19 Microsoft Windows 7 Home Premium 6.1.7601.1.1252.44.1033.18.8154.5790 [GMT 0:00] . AV: Microsoft Security Essentials *Disabled/Updated* {3F839487-C7A2-C958-E30C-E2825BA31FB5} SP: Windows Defender *Disabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} SP: Microsoft Security Essentials *Disabled/Updated* {84E27563-E198-C6D6-D9BC-D9F020245508} . ============== Running Processes =============== . C:\Windows\system32\lsm.exe C:\Windows\system32\svchost.exe -k DcomLaunch C:\Windows\system32\svchost.exe -k RPCSS c:\Program Files\Microsoft Security Client\MsMpEng.exe C:\Program Files (x86)\Trusteer\Rapport\bin\RapportMgmtService.exe C:\Windows\system32\atiesrxx.exe C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted C:\Windows\system32\svchost.exe -k LocalService C:\Windows\system32\svchost.exe -k netsvcs C:\Windows\system32\svchost.exe -k GPSvcGroup C:\Windows\system32\svchost.exe -k NetworkService C:\Windows\system32\atieclxx.exe C:\Windows\System32\spoolsv.exe C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe C:\Windows\system32\taskhost.exe C:\Windows\system32\dlcxcoms.exe C:\Program Files\Dell Printers\Additional Color Laser Software\Status Monitor\DLSDBNT.EXE C:\Windows\system32\Dwm.exe C:\Windows\system32\taskeng.exe C:\Windows\Explorer.EXE C:\ProgramData\EPSON\EPW!3 SSRP\E_S30RP1.EXE C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe C:\Windows\system32\svchost.exe -k imgsvc C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE C:\Program Files\Dell Printers\Additional Color Laser Software\Status Monitor\DLPWDNT.EXE C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe C:\Windows\vsnp2std.exe C:\Program Files (x86)\Dell Photo AIO Printer 926\dlcxmon.exe C:\Program Files (x86)\Dell Photo AIO Printer 926\memcard.exe C:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe C:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe C:\Program Files\Microsoft Security Client\msseces.exe C:\Program Files\Saitek\SD6\Software\ProfilerU.exe C:\Program Files\Saitek\SD6\Software\SaiMfd.exe C:\Program Files (x86)\BillP Studios\WinPatrol\WinPatrol.exe C:\Program Files\Dell Printers\Additional Color Laser Software\Status Monitor\dlpsp.exe C:\Program Files\Dell Printers\Additional Color Laser Software\Updater\dlupdr.exe C:\Program Files\SUPERAntiSpyware\SUPERANTISPYWARE.EXE C:\Program Files (x86)\Skype\Phone\Skype.exe C:\Windows\System32\spool\drivers\x64\3\E_FATIBOE.EXE C:\Program Files (x86)\Keyboard Indicator\KeyboardIndicatorEx.exe C:\Windows\FixCamera.exe C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted C:\Windows\system32\SearchIndexer.exe C:\Windows\System32\WUDFHost.exe C:\Program Files\Windows Media Player\wmpnetwk.exe C:\Windows\System32\svchost.exe -k LocalServicePeerNet C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe C:\Program Files (x86)\Nero\Update\NASvc.exe C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe C:\Windows\system32\svchost.exe -k SDRSVC C:\Applications\Tools\DockBar\DockBar.exe C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Windows\system32\wbem\wmiprvse.exe C:\Windows\System32\cscript.exe . ============== Pseudo HJT Report =============== . uSearch Bar = Preserve mStart Page = hxxp://www.google.com TB: Adobe PDF: {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll TB: AOL UK Toolbar: {1E7144B2-0B4E-435A-AF95-D925C184DAB3} - C:\Program Files (x86)\AOL UK Toolbar\aoluktb.dll TB: Adobe PDF: {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll TB: Contribute Toolbar: {517BDDE4-E3A7-4570-B21E-2B52B6139FC7} - C:\Program Files (x86)\Adobe\/Adobe Contribute CS3/contributeieplugin.dll TB: AOL UK Toolbar: {1e7144b2-0b4e-435a-af95-d925c184dab3} - C:\Program Files (x86)\AOL UK Toolbar\aoluktb.dll EB: Adobe PDF: {182EC0BE-5110-49C8-A062-BEB1D02A220B} - C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll uRun: [sUPERAntiSpyware] C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe uRun: [skype] "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun uRun: [\\TOM-TOSH\EPSON Stylus Photo R360 Series] C:\Windows\System32\spool\DRIVERS\x64\3\E_FATIBOE.EXE /FU "C:\Users\TOM\AppData\Local\Temp\E_S7091.tmp" /EF "HKCU" mRun: [AMD AVT] Cmd.exe /c start "AMD Accelerated Video Transcoding device initialization" /min "C:\Program Files (x86)\AMD AVT\bin\kdbsync.exe" aml mRun: [kbIndicatorKeyboardDriver] "C:\Program Files (x86)\Keyboard Indicator\KeyboardIndicatorEx.exe" showhide mRun: [FixCamera] C:\Windows\FixCamera.exe mRun: [WinPatrol] C:\Program Files (x86)\BillP Studios\WinPatrol\winpatrol.exe -expressboot mRun: [GrooveMonitor] "C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe" mRun: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" mRun: [sunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe" uPolicies-Explorer: NoDrives = dword:0 mPolicies-Explorer: NoDrives = dword:0 mPolicies-System: ConsentPromptBehaviorAdmin = dword:5 mPolicies-System: ConsentPromptBehaviorUser = dword:3 mPolicies-System: EnableUIADesktopToggle = dword:0 IE: {0000036B-C524-4050-81A0-243669A86B9F} - {B63DBA5F-523F-4B9C-A43D-65DF1977EAD3} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files (x86)\Microsoft Office\Office12\ONBttnIE.dll IE: {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} - hxxp://download.eset.com/special/eos/OnlineScanner.cab TCP: NameServer = 192.168.2.1 TCP: Interfaces\{1C472E69-E0EC-4D6A-A73C-31A53ABC2952}\2456C6B696E6F5032454932364 : DHCPNameServer = 192.168.2.1 TCP: Interfaces\{93897053-D460-412D-B871-201635BFF278} : DHCPNameServer = 192.168.2.1 Handler: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveSystemServices.dll Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll SEH: Groove GFS Stub Execution Hook - {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll mASetup: {8A69D345-D564-463c-AFF1-A69D9E530F96} - "C:\Program Files (x86)\Google\Chrome\Application\25.0.1364.172\Installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level --multi-install --chrome x64-Run: [RTHDVCPL] C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe -s x64-Run: [snp2std] C:\Windows\vsnp2std.exe x64-Run: [dlcxmon.exe] "C:\Program Files (x86)\Dell Photo AIO Printer 926\dlcxmon.exe" x64-Run: [MemoryCardManager] "C:\Program Files (x86)\Dell Photo AIO Printer 926\memcard.exe" x64-Run: [intelliType Pro] "c:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe" x64-Run: [intelliPoint] "c:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe" x64-Run: [MSC] "c:\Program Files\Microsoft Security Client\msseces.exe" -hide -runkey x64-Run: [ProfilerU] C:\Program Files\Saitek\SD6\Software\ProfilerU.exe x64-Run: [saiMfd] C:\Program Files\Saitek\SD6\Software\SaiMfd.exe x64-Run: [WinPatrol] C:\Program Files (x86)\BillP Studios\WinPatrol\WinPatrol.exe -expressboot x64-Run: [DLCXCATS] rundll32 C:\Windows\System32\spool\DRIVERS\x64\3\DLCXtime.dll,RunDLLEntry x64-Run: [DLPSP] "C:\Program Files\Dell Printers\Additional Color Laser Software\Status Monitor\DLPSP.EXE" x64-Run: [DLUPDR] "C:\Program Files\Dell Printers\Additional Color Laser Software\Updater\DLUPDR.EXE" x64-Run: [DLQLU] "C:\Program Files\Dell Printers\Additional Color Laser Software\Launcher\DLQLU.EXE" /S x64-IE: {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll x64-Handler: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - <orphaned> x64-Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll x64-Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - <orphaned> . ============= SERVICES / DRIVERS =============== . R0 MpFilter;Microsoft Malware Protection Driver;C:\Windows\System32\drivers\MpFilter.sys [2013-1-20 230320] R0 RapportKE64;RapportKE64;C:\Windows\System32\drivers\RapportKE64.sys [2012-10-30 236248] R1 RapportCerberus_50414;RapportCerberus_50414;C:\ProgramData\Trusteer\Rapport\store\exts\RapportCerberus\baseline\RapportCerberus64_50414.sys [2013-3-1 585944] R1 RapportEI64;RapportEI64;C:\Program Files (x86)\Trusteer\Rapport\bin\x64\RapportEI64.sys [2013-2-13 228760] R1 RapportPG64;RapportPG64;C:\Program Files (x86)\Trusteer\Rapport\bin\x64\RapportPG64.sys [2013-2-13 357272] R1 SASDIFSV;SASDIFSV;C:\Program Files\SUPERAntiSpyware\sasdifsv64.sys [2011-7-22 14928] R1 SASKUTIL;SASKUTIL;C:\Program Files\SUPERAntiSpyware\saskutil64.sys [2011-7-12 12368] R2 !SASCORE;SAS Core Service;C:\Program Files\SUPERAntiSpyware\SASCore64.exe [2012-7-11 140672] R2 AMD External Events Utility;AMD External Events Utility;C:\Windows\System32\atiesrxx.exe [2012-4-6 236544] R2 dlcx_device;dlcx_device;C:\Windows\System32\dlcxcoms.exe -service --> C:\Windows\System32\dlcxcoms.exe -service [?] R2 DLSDB;Dell Printer Status Database;C:\Program Files\Dell Printers\Additional Color Laser Software\Status Monitor\dlsdbnt.exe [2013-3-9 344384] R2 MBAMScheduler;MBAMScheduler;C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe [2013-2-3 398184] R2 MBAMService;MBAMService;C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [2013-2-3 682344] R2 NAUpdate;Nero Update;C:\Program Files (x86)\Nero\Update\NASvc.exe [2010-2-18 462632] R2 RapportMgmtService;Rapport Management Service;C:\Program Files (x86)\Trusteer\Rapport\bin\RapportMgmtService.exe [2013-2-13 1124184] R2 Skype C2C Service;Skype C2C Service;C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe [2013-1-31 3289208] R2 UNS;Intel® Management and Security Application User Notification Service;C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe [2012-6-20 2656536] R3 AtiHDAudioService;AMD Function Driver for HD Audio Service;C:\Windows\System32\drivers\AtihdW76.sys [2012-2-23 95760] R3 MBAMProtector;MBAMProtector;C:\Windows\System32\drivers\mbam.sys [2013-2-3 24176] S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384] S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-3-18 138576] S2 SkypeUpdate;Skype Updater;C:\Program Files (x86)\Skype\Updater\Updater.exe [2013-1-8 161536] S3 androidusb;ADB Interface Driver;C:\Windows\System32\drivers\androidusb.sys [2010-10-18 38424] S3 fssfltr;fssfltr;C:\Windows\System32\drivers\fssfltr.sys [2012-6-20 48488] S3 fsssvc;Windows Live Family Safety Service;C:\Program Files (x86)\Windows Live\Family Safety\fsssvc.exe [2010-9-22 1493352] S3 NisDrv;Microsoft Network Inspection System;C:\Windows\System32\drivers\NisDrvWFP.sys [2012-8-30 130008] S3 NisSrv;Microsoft Network Inspection;C:\Program Files\Microsoft Security Client\NisSrv.exe [2013-1-27 379360] S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;C:\Windows\System32\drivers\rdpvideominiport.sys [2013-1-23 19456] S3 RTL8167;Realtek 8167 NT Driver;C:\Windows\System32\drivers\Rt64win7.sys [2012-6-20 646248] S3 SaiH0255;SaiH0255;C:\Windows\System32\drivers\SaiH0255.sys [2008-2-15 178304] S3 TsUsbFlt;TsUsbFlt;C:\Windows\System32\drivers\TsUsbFlt.sys [2013-1-23 57856] S3 TsUsbGD;Remote Desktop Generic USB Device;C:\Windows\System32\drivers\TsUsbGD.sys [2013-1-23 30208] S3 WatAdminSvc;Windows Activation Technologies Service;C:\Windows\System32\Wat\WatAdminSvc.exe [2012-10-7 1255736] S4 wlcrasvc;Windows Live Mesh remote connections service;C:\Program Files\Windows Live\Mesh\wlcrasvc.exe [2010-9-22 57184] . =============== Created Last 30 ================ . 2013-03-18 11:20:06 9162192 ----a-w- C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{64790395-2BE0-4FBB-9B1F-3633AD5F79B4}\mpengine.dll 2013-03-17 16:58:37 9162192 ----a-w- C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\Backup\mpengine.dll 2013-03-12 09:57:24 972264 ------w- C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{D39676B2-8087-483E-BB68-03191AB9C10B}\gapaengine.dll 2013-03-09 10:10:27 192832 ----a-w- C:\Windows\System32\dlsrm.dll 2013-03-08 18:38:39 184320 ----a-w- C:\Windows\System32\dlhsmzil.dll 2013-03-07 12:01:25 -------- d-----w- C:\Trish 2013-03-06 17:34:38 -------- d-----w- C:\Users\TOM\AppData\Local\Deployment 2013-03-02 20:47:13 -------- d-----w- C:\Program Files\Dell Printers 2013-03-02 20:46:33 5632 ----a-w- C:\Program Files (x86)\Common Files\InstallShield\Professional\RunTime\11\00\Intel32\DotNetInstaller.exe 2013-03-02 20:22:23 63488 ----a-w- C:\Program Files (x86)\Common Files\InstallShield\Professional\RunTime\11\00\Intel32\ISBEW64.exe 2013-03-02 20:22:23 184320 ----a-w- C:\Program Files (x86)\Common Files\InstallShield\Professional\RunTime\11\00\Intel32\iuser.dll 2013-03-02 20:22:22 753664 ----a-w- C:\Program Files (x86)\Common Files\InstallShield\Professional\RunTime\11\00\Intel32\iKernel.dll 2013-03-02 20:22:22 69714 ----a-w- C:\Program Files (x86)\Common Files\InstallShield\Professional\RunTime\11\00\Intel32\ctor.dll 2013-03-02 20:22:22 331908 ----a-w- C:\Program Files (x86)\Common Files\InstallShield\Professional\RunTime\11\00\Intel32\setup.dll 2013-03-02 20:22:22 274432 ----a-w- C:\Program Files (x86)\Common Files\InstallShield\Professional\RunTime\11\00\Intel32\iscript.dll 2013-03-02 20:22:22 200836 ----a-w- C:\Program Files (x86)\Common Files\InstallShield\Professional\RunTime\11\00\Intel32\iGdi.dll 2013-03-02 19:38:30 -------- d-----w- C:\BridgeData Backup 02Mar13 2013-02-22 17:39:47 -------- d-----w- C:\Westerham Bowls Secondary 2013-02-20 09:34:26 95648 ----a-w- C:\Windows\SysWow64\WindowsAccessBridge-32.dll 2013-02-17 12:23:43 -------- d-----w- C:\Flight Sim Progs . ==================== Find3M ==================== . 2013-03-13 15:27:11 73432 ----a-w- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl 2013-03-13 15:27:11 693976 ----a-w- C:\Windows\SysWow64\FlashPlayerApp.exe 2013-02-24 09:23:24 848 --sha-w- C:\Windows\SysWow64\KGyGaAvL.sys 2013-02-20 09:34:22 861088 ----a-w- C:\Windows\SysWow64\npDeployJava1.dll 2013-02-20 09:34:22 782240 ----a-w- C:\Windows\SysWow64\deployJava1.dll 2013-02-13 09:19:12 236248 ----a-w- C:\Windows\System32\drivers\RapportKE64.sys 2013-02-12 05:45:24 135168 ----a-w- C:\Windows\apppatch\AppPatch64\AcXtrnal.dll 2013-02-12 05:45:22 350208 ----a-w- C:\Windows\apppatch\AppPatch64\AcLayers.dll 2013-02-12 05:45:22 308736 ----a-w- C:\Windows\apppatch\AppPatch64\AcGenral.dll 2013-02-12 05:45:22 111104 ----a-w- C:\Windows\apppatch\AppPatch64\acspecfc.dll 2013-02-12 04:48:31 474112 ----a-w- C:\Windows\apppatch\AcSpecfc.dll 2013-02-12 04:48:26 2176512 ----a-w- C:\Windows\apppatch\AcGenral.dll 2013-02-05 18:45:15 74272 ----a-w- C:\Windows\System32\RtNicProp64.dll 2013-02-05 18:45:15 107552 ----a-w- C:\Windows\System32\RTNUninst64.dll 2013-02-02 06:57:02 2312704 ----a-w- C:\Windows\System32\jscript9.dll 2013-02-02 06:47:24 1494528 ----a-w- C:\Windows\System32\inetcpl.cpl 2013-02-02 06:47:19 1392128 ----a-w- C:\Windows\System32\wininet.dll 2013-02-02 06:42:18 173056 ----a-w- C:\Windows\System32\ieUnatt.exe 2013-02-02 06:41:51 599040 ----a-w- C:\Windows\System32\vbscript.dll 2013-02-02 06:38:01 2382848 ----a-w- C:\Windows\System32\mshtml.tlb 2013-02-02 03:38:35 1800704 ----a-w- C:\Windows\SysWow64\jscript9.dll 2013-02-02 03:30:32 1427968 ----a-w- C:\Windows\SysWow64\inetcpl.cpl 2013-02-02 03:30:21 1129472 ----a-w- C:\Windows\SysWow64\wininet.dll 2013-02-02 03:26:47 142848 ----a-w- C:\Windows\SysWow64\ieUnatt.exe 2013-02-02 03:26:21 420864 ----a-w- C:\Windows\SysWow64\vbscript.dll 2013-02-02 03:23:28 2382848 ----a-w- C:\Windows\SysWow64\mshtml.tlb 2013-01-30 10:53:22 273840 ------w- C:\Windows\System32\MpSigStub.exe 2013-01-27 19:56:57 286720 ----a-w- C:\Windows\iun506.exe 2013-01-20 15:59:04 230320 ----a-w- C:\Windows\System32\drivers\MpFilter.sys 2013-01-20 15:59:04 130008 ----a-w- C:\Windows\System32\drivers\NisDrvWFP.sys 2013-01-13 21:17:03 9728 ---ha-w- C:\Windows\SysWow64\api-ms-win-downlevel-shlwapi-l1-1-0.dll 2013-01-13 21:17:02 2560 ---ha-w- C:\Windows\SysWow64\api-ms-win-downlevel-normaliz-l1-1-0.dll 2013-01-13 21:16:42 10752 ---ha-w- C:\Windows\SysWow64\api-ms-win-downlevel-advapi32-l1-1-0.dll 2013-01-13 21:12:46 3584 ---ha-w- C:\Windows\SysWow64\api-ms-win-downlevel-advapi32-l2-1-0.dll 2013-01-13 21:11:21 4096 ---ha-w- C:\Windows\SysWow64\api-ms-win-downlevel-user32-l1-1-0.dll 2013-01-13 21:11:08 5632 ---ha-w- C:\Windows\SysWow64\api-ms-win-downlevel-ole32-l1-1-0.dll 2013-01-13 21:11:07 5632 ---ha-w- C:\Windows\SysWow64\api-ms-win-downlevel-shlwapi-l2-1-0.dll 2013-01-13 21:11:07 3072 ---ha-w- C:\Windows\SysWow64\api-ms-win-downlevel-version-l1-1-0.dll 2013-01-13 21:11:07 3072 ---ha-w- C:\Windows\SysWow64\api-ms-win-downlevel-shell32-l1-1-0.dll 2013-01-13 20:35:31 9728 ---ha-w- C:\Windows\System32\api-ms-win-downlevel-shlwapi-l1-1-0.dll 2013-01-13 20:35:31 2560 ---ha-w- C:\Windows\System32\api-ms-win-downlevel-normaliz-l1-1-0.dll 2013-01-13 20:35:18 10752 ---ha-w- C:\Windows\System32\api-ms-win-downlevel-advapi32-l1-1-0.dll 2013-01-13 20:32:07 3584 ---ha-w- C:\Windows\System32\api-ms-win-downlevel-advapi32-l2-1-0.dll 2013-01-13 20:31:48 4096 ---ha-w- C:\Windows\System32\api-ms-win-downlevel-user32-l1-1-0.dll 2013-01-13 20:31:41 5632 ---ha-w- C:\Windows\System32\api-ms-win-downlevel-ole32-l1-1-0.dll 2013-01-13 20:31:40 5632 ---ha-w- C:\Windows\System32\api-ms-win-downlevel-shlwapi-l2-1-0.dll 2013-01-13 20:31:40 3072 ---ha-w- C:\Windows\System32\api-ms-win-downlevel-version-l1-1-0.dll 2013-01-13 20:31:40 3072 ---ha-w- C:\Windows\System32\api-ms-win-downlevel-shell32-l1-1-0.dll 2013-01-13 20:31:00 1247744 ----a-w- C:\Windows\SysWow64\DWrite.dll 2013-01-13 20:22:22 1988096 ----a-w- C:\Windows\SysWow64\d3d10warp.dll 2013-01-13 20:20:31 293376 ----a-w- C:\Windows\SysWow64\dxgi.dll 2013-01-13 20:09:00 249856 ----a-w- C:\Windows\SysWow64\d3d10_1core.dll 2013-01-13 20:08:43 220160 ----a-w- C:\Windows\SysWow64\d3d10core.dll 2013-01-13 20:08:35 1504768 ----a-w- C:\Windows\SysWow64\d3d11.dll 2013-01-13 19:59:04 1643520 ----a-w- C:\Windows\System32\DWrite.dll 2013-01-13 19:58:28 1175552 ----a-w- C:\Windows\System32\FntCache.dll 2013-01-13 19:54:01 604160 ----a-w- C:\Windows\SysWow64\d3d10level9.dll 2013-01-13 19:53:58 207872 ----a-w- C:\Windows\SysWow64\WindowsCodecsExt.dll 2013-01-13 19:53:14 187392 ----a-w- C:\Windows\SysWow64\UIAnimation.dll 2013-01-13 19:51:30 2565120 ----a-w- C:\Windows\System32\d3d10warp.dll 2013-01-13 19:49:17 363008 ----a-w- C:\Windows\System32\dxgi.dll 2013-01-13 19:48:47 161792 ----a-w- C:\Windows\SysWow64\d3d10_1.dll 2013-01-13 19:46:25 1080832 ----a-w- C:\Windows\SysWow64\d3d10.dll 2013-01-13 19:43:21 1230336 ----a-w- C:\Windows\SysWow64\WindowsCodecs.dll 2013-01-13 19:38:39 333312 ----a-w- C:\Windows\System32\d3d10_1core.dll 2013-01-13 19:38:32 1887232 ----a-w- C:\Windows\System32\d3d11.dll 2013-01-13 19:38:21 296960 ----a-w- C:\Windows\System32\d3d10core.dll 2013-01-13 19:37:57 3419136 ----a-w- C:\Windows\SysWow64\d2d1.dll 2013-01-13 19:25:04 245248 ----a-w- C:\Windows\System32\WindowsCodecsExt.dll 2013-01-13 19:24:33 648192 ----a-w- C:\Windows\System32\d3d10level9.dll 2013-01-13 19:24:30 221184 ----a-w- C:\Windows\System32\UIAnimation.dll 2013-01-13 19:20:42 194560 ----a-w- C:\Windows\System32\d3d10_1.dll 2013-01-13 19:20:04 1238528 ----a-w- C:\Windows\System32\d3d10.dll 2013-01-13 19:15:40 1424384 ----a-w- C:\Windows\System32\WindowsCodecs.dll 2013-01-13 19:10:36 3928064 ----a-w- C:\Windows\System32\d2d1.dll 2013-01-13 19:02:06 417792 ----a-w- C:\Windows\SysWow64\WMPhoto.dll 2013-01-13 18:34:58 364544 ----a-w- C:\Windows\SysWow64\XpsGdiConverter.dll 2013-01-13 18:32:43 465920 ----a-w- C:\Windows\System32\WMPhoto.dll 2013-01-13 18:09:52 522752 ----a-w- C:\Windows\System32\XpsGdiConverter.dll 2013-01-13 17:26:42 1158144 ----a-w- C:\Windows\SysWow64\XpsPrint.dll 2013-01-13 17:05:09 1682432 ----a-w- C:\Windows\System32\XpsPrint.dll 2013-01-05 05:53:43 5553512 ----a-w- C:\Windows\System32\ntoskrnl.exe 2013-01-05 05:00:15 3967848 ----a-w- C:\Windows\SysWow64\ntkrnlpa.exe 2013-01-05 05:00:11 3913064 ----a-w- C:\Windows\SysWow64\ntoskrnl.exe 2013-01-04 06:11:21 2284544 ----a-w- C:\Windows\SysWow64\msmpeg2vdec.dll 2013-01-04 06:11:13 2776576 ----a-w- C:\Windows\System32\msmpeg2vdec.dll 2013-01-04 05:46:09 215040 ----a-w- C:\Windows\System32\winsrv.dll 2013-01-04 04:51:16 5120 ----a-w- C:\Windows\SysWow64\wow32.dll 2013-01-04 04:43:21 44032 ----a-w- C:\Windows\apppatch\acwow64.dll 2013-01-04 03:26:48 3153408 ----a-w- C:\Windows\System32\win32k.sys 2013-01-04 02:47:35 25600 ----a-w- C:\Windows\SysWow64\setup16.exe 2013-01-04 02:47:34 7680 ----a-w- C:\Windows\SysWow64\instnm.exe 2013-01-04 02:47:34 2048 ----a-w- C:\Windows\SysWow64\user.exe 2013-01-04 02:47:33 14336 ----a-w- C:\Windows\SysWow64\ntvdm64.dll 2013-01-03 06:00:54 1913192 ----a-w- C:\Windows\System32\drivers\tcpip.sys 2013-01-03 06:00:42 288088 ----a-w- C:\Windows\System32\drivers\FWPKCLNT.SYS . ============= FINISH: 10:14:27.02 =============== . UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG. IF REQUESTED, ZIP IT UP & ATTACH IT . DDS (Ver_2012-11-20.01) . Microsoft Windows 7 Home Premium Boot Device: \Device\HarddiskVolume1 Install Date: 05/10/2012 08:24:17 System Uptime: 19/03/2013 09:48:10 (1 hours ago) . Motherboard: Advent | | DT2 Processor: Intel® Core i5-2320 CPU @ 3.00GHz | SOCKET 0 | 2490/100mhz . ==== Disk Partitions ========================= . C: is FIXED (NTFS) - 1854 GiB total, 1733.154 GiB free. E: is Removable F: is CDROM () G: is Removable H: is Removable I: is Removable J: is Removable . ==== Disabled Device Manager Items ============= . Class GUID: {4d36e972-e325-11ce-bfc1-08002be10318} Description: Realtek PCIe GBE Family Controller Device ID: PCI\VEN_10EC&DEV_8168&SUBSYS_77881462&REV_06\4&3683A64A&0&00E4 Manufacturer: Realtek Name: Realtek PCIe GBE Family Controller PNP Device ID: PCI\VEN_10EC&DEV_8168&SUBSYS_77881462&REV_06\4&3683A64A&0&00E4 Service: RTL8167 . ==== System Restore Points =================== . RP159: 08/03/2013 19:24:28 - Installed Dell Printer Software RP160: 08/03/2013 19:27:49 - Configured Dell Printer Software RP161: 08/03/2013 20:02:20 - Configured Dell Printer Software RP162: 09/03/2013 09:21:57 - Configured Dell Printer Software RP163: 09/03/2013 09:32:58 - Configured Dell Printer Software RP164: 09/03/2013 09:54:14 - Restore Operation RP165: 09/03/2013 10:10:00 - Installed Dell Printer Software RP166: 09/03/2013 10:15:02 - Windows Update RP167: 09/03/2013 10:16:53 - Installed Java 7 Update 17 RP168: 10/03/2013 19:16:49 - Restore Operation RP169: 10/03/2013 20:01:26 - Configured Dell Printer Software RP170: 13/03/2013 08:06:21 - Windows Update RP171: 16/03/2013 09:34:53 - Windows Update RP172: 18/03/2013 20:05:09 - new restore pnt RP173: 19/03/2013 09:29:15 - Installed Microsoft Fix it 50195 RP174: 19/03/2013 09:40:44 - Installed Microsoft Fix it 50195 . ==== Installed Programs ====================== . ABBYY FineReader 6.0 Sprint Add or Remove Adobe Creative Suite 3 Master Collection Adobe Acrobat 8 Professional Adobe After Effects CS3 Adobe After Effects CS3 Presets Adobe AIR Adobe Anchor Service CS3 Adobe Asset Services CS3 Adobe Bridge CS3 Adobe Bridge Start Meeting Adobe BridgeTalk Plugin CS3 Adobe Camera Raw 4.0 Adobe CMaps Adobe Color - Photoshop Specific Adobe Color Common Settings Adobe Color EU Recommended Settings Adobe Color JA Extra Settings Adobe Color NA Extra Settings Adobe Contribute CS3 Adobe Creative Suite 3 Master Collection Adobe Default Language CS3 Adobe Device Central CS3 Adobe Digital Editions 2.0 Adobe Encore CS3 Adobe Encore CS3 Codecs Adobe ExtendScript Toolkit 2 Adobe Extension Manager CS3 Adobe Flash CS3 Adobe Flash Player 11 ActiveX Adobe Flash Player 11 Plugin Adobe Flash Video Encoder Adobe Fonts All Adobe Help Viewer CS3 Adobe Illustrator CS3 Adobe InDesign CS3 Adobe InDesign CS3 Icon Handler Adobe Linguistics CS3 Adobe MotionPicture Color Files Adobe PDF Library Files Adobe Photoshop CS3 Adobe Premiere Pro CS3 Adobe Premiere Pro CS3 Functional Content Adobe Premiere Pro CS3 Third Party Content Adobe Reader XI (11.0.02) Adobe Setup Adobe SING CS3 Adobe Soundbooth CS3 Adobe Soundbooth CS3 Codecs Adobe Stock Photos CS3 Adobe Type Support Adobe Update Manager CS3 Adobe Version Cue CS3 Client Adobe Version Cue CS3 Server Adobe Video Profiles Adobe WAS CS3 Adobe WinSoft Linguistics Plugin Adobe XMP DVA Panels CS3 Adobe XMP Panels CS3 AHV content for Acrobat and Flash AMD Accelerated Video Transcoding AMD APP SDK Runtime AMD Catalyst Install Manager AMD Drag and Drop Transcoding AMD Media Foundation Decoders AOL UK Toolbar Applian FLV and Media Player 3.1.1.12 camac Camera RAW Plug-In for EPSON Creativity Suite Catalyst Control Center Catalyst Control Center - Branding Catalyst Control Center Graphics Previews Common Catalyst Control Center InstallProxy Catalyst Control Center Localization All ccc-utility64 CCC Help Chinese Standard CCC Help Chinese Traditional CCC Help Czech CCC Help Danish CCC Help Dutch CCC Help English CCC Help Finnish CCC Help French CCC Help German CCC Help Greek CCC Help Hungarian CCC Help Italian CCC Help Japanese CCC Help Korean CCC Help Norwegian CCC Help Polish CCC Help Portuguese CCC Help Russian CCC Help Spanish CCC Help Swedish CCC Help Thai CCC Help Turkish CCleaner Corel Paint Shop Pro X D3DX10 Defence Dell Photo AIO Printer 926 Dell Printer Software EPSON Attach To Email EPSON Easy Photo Print EPSON File Manager EPSON Print CD EPSON PRINT Image Framer Tool EPSON Printer Software EPSON Scan Assistant ESET Online Scanner v3 ESPR360_390 User's Guide FSC FSNavigator Google Chrome Google Earth Google Update Helper High-Definition Video Playback 10 Intel® Management Engine Components Java 7 Update 15 Java Auto Updater Junk Mail filter update Keyboard Indicator KNOWHOW APP CENTRE Malwarebytes Anti-Malware version 1.70.0.1100 Mesh Runtime Messenger Companion Microsoft .NET Framework 4 Client Profile Microsoft .NET Framework 4 Extended Microsoft Application Error Reporting Microsoft Flight Simulator 2004 A Century of Flight Microsoft Mouse and Keyboard Center Microsoft Office 2007 Service Pack 3 (SP3) Microsoft Office Access MUI (English) 2007 Microsoft Office Access Setup Metadata MUI (English) 2007 Microsoft Office Enterprise 2007 Microsoft Office Excel MUI (English) 2007 Microsoft Office File Validation Add-In Microsoft Office Groove MUI (English) 2007 Microsoft Office Groove Setup Metadata MUI (English) 2007 Microsoft Office InfoPath MUI (English) 2007 Microsoft Office Office 64-bit Components 2007 Microsoft Office OneNote MUI (English) 2007 Microsoft Office Outlook MUI (English) 2007 Microsoft Office PowerPoint MUI (English) 2007 Microsoft Office Proof (English) 2007 Microsoft Office Proof (French) 2007 Microsoft Office Proof (Spanish) 2007 Microsoft Office Proofing (English) 2007 Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3) Microsoft Office Publisher MUI (English) 2007 Microsoft Office Shared 64-bit MUI (English) 2007 Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2007 Microsoft Office Shared MUI (English) 2007 Microsoft Office Shared Setup Metadata MUI (English) 2007 Microsoft Office Word MUI (English) 2007 Microsoft Primary Interoperability Assemblies 2005 Microsoft Security Client Microsoft Security Essentials Microsoft Silverlight Microsoft SQL Server 2005 Compact Edition [ENU] Microsoft VC9 runtime libraries Microsoft Visual C++ 2005 Redistributable Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 Microsoft Visual C++ 2010 x64 Redistributable - 10.0.30319 Microsoft Visual C++ 2010 x86 Redistributable - 10.0.30319 More Acol Bidding MSVCRT MSVCRT_amd64 MSXML 4.0 SP2 (KB954430) MSXML 4.0 SP2 (KB973688) Nero 10 ClipartPack Nero 10 Menu TemplatePack 1 Nero 10 Menu TemplatePack 2 Nero 10 Menu TemplatePack 3 Nero 10 Menu TemplatePack Basic Nero 10 Movie ThemePack 1 Nero 10 Movie ThemePack 2 Nero 10 Movie ThemePack Basic Nero 10 Sample ImagePack Nero 10 Sample Videos Nero BackItUp 10 Nero BackItUp 10 Help (CHM) Nero Burning ROM 10 Nero BurningROM 10 Help (CHM) Nero BurnRights 10 Nero BurnRights 10 Help (CHM) Nero Control Center 10 Nero Core Components 10 Nero CoverDesigner 10 Nero CoverDesigner 10 Help (CHM) Nero DiscSpeed 10 Nero DiscSpeed 10 Help (CHM) Nero Dolby Files 10 Nero Express 10 Nero Express 10 Help (CHM) Nero InfoTool 10 Nero InfoTool 10 Help (CHM) Nero MediaHub 10 Nero MediaHub 10 Help (CHM) Nero Multimedia Suite 10 Nero Recode 10 Nero Recode 10 Help (CHM) Nero RescueAgent 10 Nero RescueAgent 10 Help (CHM) Nero SoundTrax 10 Nero SoundTrax 10 Help (CHM) Nero StartSmart 10 Nero StartSmart 10 Help (CHM) Nero Update Nero Vision 10 Nero Vision 10 Help (CHM) Nero WaveEditor 10 Nero WaveEditor 10 Help (CHM) PDF Settings Picasa 3 PlayReady PC Runtime amd64 Radioplayer Rapport RealAir Simulations SF.260 Realtek Ethernet Controller Driver Realtek High Definition Audio Driver Remove UK2000 Gatwick Pro files Remove UK2000 Part 3 files Remove UK2000 Part 5 files Revo Uninstaller 1.94 ScoreBridge 9 Security Update for CAPICOM (KB931906) Security Update for Microsoft .NET Framework 4 Client Profile (KB2604121) Security Update for Microsoft .NET Framework 4 Client Profile (KB2656351) Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368v2) Security Update for Microsoft .NET Framework 4 Client Profile (KB2656405) Security Update for Microsoft .NET Framework 4 Client Profile (KB2686827) Security Update for Microsoft .NET Framework 4 Client Profile (KB2729449) Security Update for Microsoft .NET Framework 4 Client Profile (KB2736428) Security Update for Microsoft .NET Framework 4 Client Profile (KB2737019) Security Update for Microsoft .NET Framework 4 Client Profile (KB2742595) Security Update for Microsoft .NET Framework 4 Client Profile (KB2789642) Security Update for Microsoft .NET Framework 4 Extended (KB2487367) Security Update for Microsoft .NET Framework 4 Extended (KB2656351) Security Update for Microsoft .NET Framework 4 Extended (KB2736428) Security Update for Microsoft .NET Framework 4 Extended (KB2742595) Security Update for Microsoft Office 2007 suites (KB2596615) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2596672) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2596744) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2596754) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2596785) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2596792) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2596871) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2597969) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2687311) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2687439) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2687499) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2760416) 32-Bit Edition Security Update for Microsoft Office Excel 2007 (KB2687307) 32-Bit Edition Security Update for Microsoft Office InfoPath 2007 (KB2687440) 32-Bit Edition Security Update for Microsoft Office PowerPoint 2007 (KB2596764) 32-Bit Edition Security Update for Microsoft Office PowerPoint 2007 (KB2596912) 32-Bit Edition Security Update for Microsoft Office Publisher 2007 (KB2596705) 32-Bit Edition Security Update for Microsoft Office Word 2007 (KB2760421) 32-Bit Edition Serif PagePlus X5 Serif PagePlus X6 Serif PhotoPlus X6 Serif WebPlus 10 Serif WebPlus X5 Skype Click to Call Skype™ 6.1 Smart Technology Programming Software 7.0.2.7 Speccy Spotify SUPERAntiSpyware Update for 2007 Microsoft Office System (KB967642) Update for Microsoft .NET Framework 4 Client Profile (KB2468871) Update for Microsoft .NET Framework 4 Client Profile (KB2533523) Update for Microsoft .NET Framework 4 Client Profile (KB2600217) Update for Microsoft .NET Framework 4 Extended (KB2468871) Update for Microsoft .NET Framework 4 Extended (KB2533523) Update for Microsoft .NET Framework 4 Extended (KB2600217) Update for Microsoft Office 2007 Help for Common Features (KB963673) Update for Microsoft Office 2007 suites (KB2596620) 32-Bit Edition Update for Microsoft Office 2007 suites (KB2596660) 32-Bit Edition Update for Microsoft Office 2007 suites (KB2596802) 32-Bit Edition Update for Microsoft Office 2007 suites (KB2596848) 32-Bit Edition Update for Microsoft Office 2007 suites (KB2687493) 32-Bit Edition Update for Microsoft Office 2007 suites (KB2767916) 32-Bit Edition Update for Microsoft Office Access 2007 Help (KB963663) Update for Microsoft Office Excel 2007 Help (KB963678) Update for Microsoft Office Infopath 2007 Help (KB963662) Update for Microsoft Office OneNote 2007 Help (KB963670) Update for Microsoft Office Outlook 2007 (KB2687404) 32-Bit Edition Update for Microsoft Office Outlook 2007 Help (KB963677) Update for Microsoft Office Outlook 2007 Junk Email Filter (KB2768024) 32-Bit Edition Update for Microsoft Office Powerpoint 2007 Help (KB963669) Update for Microsoft Office Publisher 2007 Help (KB963667) Update for Microsoft Office Script Editor Help (KB963671) Update for Microsoft Office Word 2007 Help (KB963665) VLC media player 2.0.4 Windows Live Communications Platform Windows Live Essentials Windows Live Family Safety Windows Live ID Sign-in Assistant Windows Live Installer Windows Live Language Selector Windows Live Mail Windows Live Mesh Windows Live Mesh ActiveX Control for Remote Connections Windows Live Messenger Windows Live Messenger Companion Core Windows Live MIME IFilter Windows Live Movie Maker Windows Live Photo Common Windows Live Photo Gallery Windows Live PIMT Platform Windows Live Remote Client Windows Live Remote Client Resources Windows Live Remote Service Windows Live Remote Service Resources Windows Live SOXE Windows Live SOXE Definitions Windows Live UX Platform Windows Live UX Platform Language Pack Windows Live Writer Windows Live Writer Resources WinPatrol . ==== Event Viewer Messages From Past Week ======== . 18/03/2013 12:46:25, Error: Microsoft-Windows-Kernel-General [5] - {Registry Hive Recovered} Registry hive (file): '\??\Volume{a67b5386-d45e-11e1-a543-806e6f6e6963}\System Volume Information\SPP\SppCbsHiveStore\{cd42efe1-f6f1-427c-b004-033192c625a4}{75F80CB1-D204-4726-96C6-F25451887F10}' was corrupted and it has been recovered. Some data might have been lost. 18/03/2013 10:05:50, Error: Microsoft-Windows-Kernel-General [5] - {Registry Hive Recovered} Registry hive (file): '\??\Volume{a67b5386-d45e-11e1-a543-806e6f6e6963}\System Volume Information\SPP\SppCbsHiveStore\{cd42efe1-f6f1-427c-b004-033192c625a4}{9D8F3813-57B7-476C-8A6A-12D71370BE65}' was corrupted and it has been recovered. Some data might have been lost. 17/03/2013 13:05:16, Error: Microsoft-Windows-Kernel-General [5] - {Registry Hive Recovered} Registry hive (file): '\??\Volume{a67b5386-d45e-11e1-a543-806e6f6e6963}\System Volume Information\SPP\SppCbsHiveStore\{cd42efe1-f6f1-427c-b004-033192c625a4}{3795016A-2C9C-42DD-A475-B1BD587C55E8}' was corrupted and it has been recovered. Some data might have been lost. 15/03/2013 12:53:39, Error: Microsoft-Windows-Kernel-General [5] - {Registry Hive Recovered} Registry hive (file): '\??\Volume{a67b5386-d45e-11e1-a543-806e6f6e6963}\System Volume Information\SPP\SppCbsHiveStore\{cd42efe1-f6f1-427c-b004-033192c625a4}{2AE35F0B-76B6-49A7-91A8-A39CE2CDF488}' was corrupted and it has been recovered. Some data might have been lost. 14/03/2013 17:49:16, Error: Microsoft-Windows-Kernel-General [5] - {Registry Hive Recovered} Registry hive (file): '\??\Volume{a67b5386-d45e-11e1-a543-806e6f6e6963}\System Volume Information\SPP\SppCbsHiveStore\{cd42efe1-f6f1-427c-b004-033192c625a4}{E2C806F3-21A2-4018-AB32-E899B01EE2C0}' was corrupted and it has been recovered. Some data might have been lost. 13/03/2013 17:25:11, Error: Microsoft-Windows-Kernel-General [5] - {Registry Hive Recovered} Registry hive (file): '\??\Volume{a67b5386-d45e-11e1-a543-806e6f6e6963}\System Volume Information\SPP\SppCbsHiveStore\{cd42efe1-f6f1-427c-b004-033192c625a4}{6B180DAD-15FA-48E1-B983-077FD9945933}' was corrupted and it has been recovered. Some data might have been lost. 13/03/2013 12:04:31, Error: Application Popup [877] - There was error [DATABASE OPEN FAILED] processing the driver database. 12/03/2013 12:49:50, Error: Microsoft-Windows-Kernel-General [5] - {Registry Hive Recovered} Registry hive (file): '\??\Volume{a67b5386-d45e-11e1-a543-806e6f6e6963}\System Volume Information\SPP\SppCbsHiveStore\{cd42efe1-f6f1-427c-b004-033192c625a4}{31E0FD0E-7BA6-44EB-9585-9CF4FB4F6BC4}' was corrupted and it has been recovered. Some data might have been lost. . ==== End Of File ===========================

Hi Maurice, . This is the same computer that had malware removed a short while ago under the references quoted earlier. Thanks for response, I Mainly use Google as my browser, not sure if there are settings similar to those you mention for IE and Firefox? I have run the chkdisk operation and no errors were found, Just about to clear the restore, and have now created new restore point. Tom

Dale, I'm not sure that the following files are going to be needed for the problem that I'm experiencing, But will leave that judgement to your good self. Normally after downloading any file there is the option to <show all downloads>, clicking this opens the all downloads page, where within, is the option <show in folder> clicking this option is no longer working, I have workarounds but would like to get this facility working correctly again. , Other than the above hiccup the computer is performing very well. Thanks for your interest. Tom Reports requested: DDS (Ver_2012-11-20.01) - NTFS_AMD64 Internet Explorer: 9.0.8112.16470 BrowserJavaVersion: 10.15.2 Run by TOM at 16:53:54 on 2013-03-17 Microsoft Windows 7 Home Premium 6.1.7601.1.1252.44.1033.18.8154.5480 [GMT 0:00] . AV: Microsoft Security Essentials *Disabled/Updated* {3F839487-C7A2-C958-E30C-E2825BA31FB5} SP: Windows Defender *Disabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} SP: Microsoft Security Essentials *Disabled/Updated* {84E27563-E198-C6D6-D9BC-D9F020245508} . ============== Running Processes =============== . C:\Windows\system32\lsm.exe C:\Windows\system32\svchost.exe -k DcomLaunch C:\Windows\system32\svchost.exe -k RPCSS c:\Program Files\Microsoft Security Client\MsMpEng.exe C:\Program Files (x86)\Trusteer\Rapport\bin\RapportMgmtService.exe C:\Windows\system32\atiesrxx.exe C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted C:\Windows\system32\svchost.exe -k LocalService C:\Windows\system32\svchost.exe -k netsvcs C:\Windows\system32\svchost.exe -k GPSvcGroup C:\Windows\system32\svchost.exe -k NetworkService C:\Windows\system32\atieclxx.exe C:\Windows\System32\spoolsv.exe C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe C:\Windows\system32\taskhost.exe C:\Windows\system32\dlcxcoms.exe C:\Program Files\Dell Printers\Additional Color Laser Software\Status Monitor\DLSDBNT.EXE C:\Windows\system32\Dwm.exe C:\Windows\system32\taskeng.exe C:\Windows\Explorer.EXE C:\ProgramData\EPSON\EPW!3 SSRP\E_S30RP1.EXE C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe C:\Windows\system32\svchost.exe -k imgsvc C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE C:\Program Files\Dell Printers\Additional Color Laser Software\Status Monitor\DLPWDNT.EXE C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe C:\Windows\vsnp2std.exe C:\Program Files (x86)\Dell Photo AIO Printer 926\dlcxmon.exe C:\Program Files (x86)\Dell Photo AIO Printer 926\memcard.exe C:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe C:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe C:\Program Files\Microsoft Security Client\msseces.exe C:\Program Files\Saitek\SD6\Software\ProfilerU.exe C:\Program Files\Saitek\SD6\Software\SaiMfd.exe C:\Program Files\Dell Printers\Additional Color Laser Software\Status Monitor\dlpsp.exe C:\Program Files\Dell Printers\Additional Color Laser Software\Updater\dlupdr.exe C:\Program Files\SUPERAntiSpyware\SUPERANTISPYWARE.EXE C:\Program Files (x86)\Skype\Phone\Skype.exe C:\Windows\System32\spool\drivers\x64\3\E_FATIBOE.EXE C:\Program Files (x86)\Keyboard Indicator\KeyboardIndicatorEx.exe C:\Windows\FixCamera.exe C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted C:\Windows\System32\WUDFHost.exe C:\Windows\system32\SearchIndexer.exe C:\Windows\System32\svchost.exe -k LocalServicePeerNet C:\Program Files\Windows Media Player\wmpnetwk.exe C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe C:\Program Files (x86)\Nero\Update\NASvc.exe C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe C:\Windows\system32\svchost.exe -k SDRSVC C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Applications\Tools\DockBar\DockBar.exe C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe C:\Program Files (x86)\Serif\PagePlus\X6\Program\PagePlus.exe C:\Windows\splwow64.exe C:\Program Files (x86)\Microsoft Office\Office12\WINWORD.EXE C:\Windows\system32\UI0Detect.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Windows\system32\SearchProtocolHost.exe C:\Windows\system32\SearchFilterHost.exe C:\Windows\system32\wbem\wmiprvse.exe C:\Windows\System32\cscript.exe . ============== Pseudo HJT Report =============== . mStart Page = hxxp://www.google.com BHO: ContributeBHO Class: {074C1DC5-9320-4A9A-947D-C042949C6216} - C:\Program Files (x86)\Adobe\/Adobe Contribute CS3/contributeieplugin.dll BHO: Adobe PDF Link Helper: {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll BHO: Groove GFS Browser Helper: {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll BHO: Windows Live Messenger Companion Helper: {9FDDE16B-836F-4806-AB1F-1455CBEFF289} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll BHO: Adobe PDF Conversion Toolbar Helper: {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll BHO: Skype Browser Helper: {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll BHO: AOL UK Toolbar Loader: {c7651f6e-3592-4612-b4e0-e0d471da0626} - C:\Program Files (x86)\AOL UK Toolbar\aoluktb.dll TB: Adobe PDF: {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll TB: AOL UK Toolbar: {1E7144B2-0B4E-435A-AF95-D925C184DAB3} - C:\Program Files (x86)\AOL UK Toolbar\aoluktb.dll TB: Adobe PDF: {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll TB: Contribute Toolbar: {517BDDE4-E3A7-4570-B21E-2B52B6139FC7} - C:\Program Files (x86)\Adobe\/Adobe Contribute CS3/contributeieplugin.dll TB: AOL UK Toolbar: {1e7144b2-0b4e-435a-af95-d925c184dab3} - C:\Program Files (x86)\AOL UK Toolbar\aoluktb.dll EB: Adobe PDF: {182EC0BE-5110-49C8-A062-BEB1D02A220B} - C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll uRun: [sUPERAntiSpyware] C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe uRun: [skype] "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun uRun: [\\TOM-TOSH\EPSON Stylus Photo R360 Series] C:\Windows\System32\spool\DRIVERS\x64\3\E_FATIBOE.EXE /FU "C:\Users\TOM\AppData\Local\Temp\E_S7091.tmp" /EF "HKCU" mRun: [AMD AVT] Cmd.exe /c start "AMD Accelerated Video Transcoding device initialization" /min "C:\Program Files (x86)\AMD AVT\bin\kdbsync.exe" aml mRun: [kbIndicatorKeyboardDriver] "C:\Program Files (x86)\Keyboard Indicator\KeyboardIndicatorEx.exe" showhide mRun: [FixCamera] C:\Windows\FixCamera.exe mRun: [WinPatrol] C:\Program Files (x86)\BillP Studios\WinPatrol\winpatrol.exe -expressboot mRun: [GrooveMonitor] "C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe" mRun: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" mRun: [sunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe" uPolicies-Explorer: NoDrives = dword:0 mPolicies-Explorer: NoDrives = dword:0 mPolicies-System: ConsentPromptBehaviorAdmin = dword:5 mPolicies-System: ConsentPromptBehaviorUser = dword:3 mPolicies-System: EnableUIADesktopToggle = dword:0 IE: Append to existing PDF - C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html IE: Convert link target to Adobe PDF - C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html IE: Convert link target to existing PDF - C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html IE: Convert selected links to Adobe PDF - C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECaptureSelLinks.html IE: Convert selected links to existing PDF - C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppendSelLinks.html IE: Convert selection to Adobe PDF - C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html IE: Convert selection to existing PDF - C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html IE: Convert to Adobe PDF - C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html IE: E&xport to Microsoft Excel - C:\PROGRA~2\MICROS~2\Office12\EXCEL.EXE/3000 IE: {0000036B-C524-4050-81A0-243669A86B9F} - {B63DBA5F-523F-4B9C-A43D-65DF1977EAD3} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files (x86)\Microsoft Office\Office12\ONBttnIE.dll IE: {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} - hxxp://download.eset.com/special/eos/OnlineScanner.cab TCP: NameServer = 192.168.2.1 TCP: Interfaces\{1C472E69-E0EC-4D6A-A73C-31A53ABC2952}\2456C6B696E6F5032454932364 : DHCPNameServer = 192.168.2.1 TCP: Interfaces\{93897053-D460-412D-B871-201635BFF278} : DHCPNameServer = 192.168.2.1 Handler: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveSystemServices.dll Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll SEH: Groove GFS Stub Execution Hook - {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll mASetup: {8A69D345-D564-463c-AFF1-A69D9E530F96} - "C:\Program Files (x86)\Google\Chrome\Application\25.0.1364.172\Installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level --multi-install --chrome x64-BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll x64-BHO: Skype add-on for Internet Explorer: {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll x64-Run: [RTHDVCPL] C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe -s x64-Run: [snp2std] C:\Windows\vsnp2std.exe x64-Run: [dlcxmon.exe] "C:\Program Files (x86)\Dell Photo AIO Printer 926\dlcxmon.exe" x64-Run: [MemoryCardManager] "C:\Program Files (x86)\Dell Photo AIO Printer 926\memcard.exe" x64-Run: [intelliType Pro] "c:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe" x64-Run: [intelliPoint] "c:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe" x64-Run: [MSC] "c:\Program Files\Microsoft Security Client\msseces.exe" -hide -runkey x64-Run: [ProfilerU] C:\Program Files\Saitek\SD6\Software\ProfilerU.exe x64-Run: [saiMfd] C:\Program Files\Saitek\SD6\Software\SaiMfd.exe x64-Run: [WinPatrol] C:\Program Files (x86)\BillP Studios\WinPatrol\WinPatrol.exe -expressboot x64-Run: [DLCXCATS] rundll32 C:\Windows\System32\spool\DRIVERS\x64\3\DLCXtime.dll,RunDLLEntry x64-Run: [DLPSP] "C:\Program Files\Dell Printers\Additional Color Laser Software\Status Monitor\DLPSP.EXE" x64-Run: [DLUPDR] "C:\Program Files\Dell Printers\Additional Color Laser Software\Updater\DLUPDR.EXE" x64-Run: [DLQLU] "C:\Program Files\Dell Printers\Additional Color Laser Software\Launcher\DLQLU.EXE" /S x64-IE: {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll x64-Handler: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - <orphaned> x64-Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll x64-Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - <orphaned> . ============= SERVICES / DRIVERS =============== . R0 MpFilter;Microsoft Malware Protection Driver;C:\Windows\System32\drivers\MpFilter.sys [2013-1-20 230320] R0 RapportKE64;RapportKE64;C:\Windows\System32\drivers\RapportKE64.sys [2012-10-30 236248] R1 RapportCerberus_50414;RapportCerberus_50414;C:\ProgramData\Trusteer\Rapport\store\exts\RapportCerberus\baseline\RapportCerberus64_50414.sys [2013-3-1 585944] R1 RapportEI64;RapportEI64;C:\Program Files (x86)\Trusteer\Rapport\bin\x64\RapportEI64.sys [2013-2-13 228760] R1 RapportPG64;RapportPG64;C:\Program Files (x86)\Trusteer\Rapport\bin\x64\RapportPG64.sys [2013-2-13 357272] R1 SASDIFSV;SASDIFSV;C:\Program Files\SUPERAntiSpyware\sasdifsv64.sys [2011-7-22 14928] R1 SASKUTIL;SASKUTIL;C:\Program Files\SUPERAntiSpyware\saskutil64.sys [2011-7-12 12368] R2 !SASCORE;SAS Core Service;C:\Program Files\SUPERAntiSpyware\SASCore64.exe [2012-7-11 140672] R2 AMD External Events Utility;AMD External Events Utility;C:\Windows\System32\atiesrxx.exe [2012-4-6 236544] R2 dlcx_device;dlcx_device;C:\Windows\System32\dlcxcoms.exe -service --> C:\Windows\System32\dlcxcoms.exe -service [?] R2 DLSDB;Dell Printer Status Database;C:\Program Files\Dell Printers\Additional Color Laser Software\Status Monitor\dlsdbnt.exe [2013-3-9 344384] R2 MBAMScheduler;MBAMScheduler;C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe [2013-2-3 398184] R2 NAUpdate;Nero Update;C:\Program Files (x86)\Nero\Update\NASvc.exe [2010-2-18 462632] R2 RapportMgmtService;Rapport Management Service;C:\Program Files (x86)\Trusteer\Rapport\bin\RapportMgmtService.exe [2013-2-13 1124184] R2 Skype C2C Service;Skype C2C Service;C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe [2013-1-31 3289208] R2 UNS;Intel® Management and Security Application User Notification Service;C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe [2012-6-20 2656536] R3 AtiHDAudioService;AMD Function Driver for HD Audio Service;C:\Windows\System32\drivers\AtihdW76.sys [2012-2-23 95760] R3 MBAMProtector;MBAMProtector;C:\Windows\System32\drivers\mbam.sys [2013-2-3 24176] R3 RapportIaso;RapportIaso;C:\ProgramData\Trusteer\Rapport\store\exts\RapportMS\baseline\RapportIaso64.sys [2013-3-1 175352] S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384] S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-3-18 138576] S2 MBAMService;MBAMService;C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [2013-2-3 682344] S2 SkypeUpdate;Skype Updater;C:\Program Files (x86)\Skype\Updater\Updater.exe [2013-1-8 161536] S3 androidusb;ADB Interface Driver;C:\Windows\System32\drivers\androidusb.sys [2010-10-18 38424] S3 fssfltr;fssfltr;C:\Windows\System32\drivers\fssfltr.sys [2012-6-20 48488] S3 fsssvc;Windows Live Family Safety Service;C:\Program Files (x86)\Windows Live\Family Safety\fsssvc.exe [2010-9-22 1493352] S3 NisDrv;Microsoft Network Inspection System;C:\Windows\System32\drivers\NisDrvWFP.sys [2012-8-30 130008] S3 NisSrv;Microsoft Network Inspection;C:\Program Files\Microsoft Security Client\NisSrv.exe [2013-1-27 379360] S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;C:\Windows\System32\drivers\rdpvideominiport.sys [2013-1-23 19456] S3 RTL8167;Realtek 8167 NT Driver;C:\Windows\System32\drivers\Rt64win7.sys [2012-6-20 646248] S3 SaiH0255;SaiH0255;C:\Windows\System32\drivers\SaiH0255.sys [2008-2-15 178304] S3 TsUsbFlt;TsUsbFlt;C:\Windows\System32\drivers\TsUsbFlt.sys [2013-1-23 57856] S3 TsUsbGD;Remote Desktop Generic USB Device;C:\Windows\System32\drivers\TsUsbGD.sys [2013-1-23 30208] S3 WatAdminSvc;Windows Activation Technologies Service;C:\Windows\System32\Wat\WatAdminSvc.exe [2012-10-7 1255736] S4 wlcrasvc;Windows Live Mesh remote connections service;C:\Program Files\Windows Live\Mesh\wlcrasvc.exe [2010-9-22 57184] . =============== Created Last 30 ================ . 2013-03-17 10:05:49 9162192 ----a-w- C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{FF4815ED-3720-4B7D-B0D1-1A1D7B92A687}\mpengine.dll 2013-03-16 09:35:37 9162192 ----a-w- C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\Backup\mpengine.dll 2013-03-12 09:57:24 972264 ------w- C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{D39676B2-8087-483E-BB68-03191AB9C10B}\gapaengine.dll 2013-03-09 10:10:27 192832 ----a-w- C:\Windows\System32\dlsrm.dll 2013-03-08 18:38:39 184320 ----a-w- C:\Windows\System32\dlhsmzil.dll 2013-03-07 12:01:25 -------- d-----w- C:\Trish 2013-03-06 17:34:38 -------- d-----w- C:\Users\TOM\AppData\Local\Deployment 2013-03-02 20:47:13 -------- d-----w- C:\Program Files\Dell Printers 2013-03-02 20:46:33 5632 ----a-w- C:\Program Files (x86)\Common Files\InstallShield\Professional\RunTime\11\00\Intel32\DotNetInstaller.exe 2013-03-02 20:22:23 63488 ----a-w- C:\Program Files (x86)\Common Files\InstallShield\Professional\RunTime\11\00\Intel32\ISBEW64.exe 2013-03-02 20:22:23 184320 ----a-w- C:\Program Files (x86)\Common Files\InstallShield\Professional\RunTime\11\00\Intel32\iuser.dll 2013-03-02 20:22:22 753664 ----a-w- C:\Program Files (x86)\Common Files\InstallShield\Professional\RunTime\11\00\Intel32\iKernel.dll 2013-03-02 20:22:22 69714 ----a-w- C:\Program Files (x86)\Common Files\InstallShield\Professional\RunTime\11\00\Intel32\ctor.dll 2013-03-02 20:22:22 331908 ----a-w- C:\Program Files (x86)\Common Files\InstallShield\Professional\RunTime\11\00\Intel32\setup.dll 2013-03-02 20:22:22 274432 ----a-w- C:\Program Files (x86)\Common Files\InstallShield\Professional\RunTime\11\00\Intel32\iscript.dll 2013-03-02 20:22:22 200836 ----a-w- C:\Program Files (x86)\Common Files\InstallShield\Professional\RunTime\11\00\Intel32\iGdi.dll 2013-03-02 19:38:30 -------- d-----w- C:\BridgeData Backup 02Mar13 2013-02-22 17:39:47 -------- d-----w- C:\Westerham Bowls Secondary 2013-02-20 09:34:26 95648 ----a-w- C:\Windows\SysWow64\WindowsAccessBridge-32.dll 2013-02-17 12:23:43 -------- d-----w- C:\Flight Sim Progs 2013-02-16 11:40:10 -------- d-----w- C:\Program Files\Dell Photo AIO Printer 926 2013-02-16 11:40:06 -------- d-----w- C:\Program Files (x86)\Dell Photo AIO Printer 926 2013-02-16 11:40:02 305152 ----a-w- C:\Windows\System32\dlcxhcp.dll 2013-02-16 11:40:02 194048 ----a-w- C:\Windows\System32\dlcxinst.dll . ==================== Find3M ==================== . 2013-03-13 15:27:11 73432 ----a-w- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl 2013-03-13 15:27:11 693976 ----a-w- C:\Windows\SysWow64\FlashPlayerApp.exe 2013-02-24 09:23:24 848 --sha-w- C:\Windows\SysWow64\KGyGaAvL.sys 2013-02-20 09:34:22 861088 ----a-w- C:\Windows\SysWow64\npDeployJava1.dll 2013-02-20 09:34:22 782240 ----a-w- C:\Windows\SysWow64\deployJava1.dll 2013-02-13 09:19:12 236248 ----a-w- C:\Windows\System32\drivers\RapportKE64.sys 2013-02-12 05:45:24 135168 ----a-w- C:\Windows\apppatch\AppPatch64\AcXtrnal.dll 2013-02-12 05:45:22 350208 ----a-w- C:\Windows\apppatch\AppPatch64\AcLayers.dll 2013-02-12 05:45:22 308736 ----a-w- C:\Windows\apppatch\AppPatch64\AcGenral.dll 2013-02-12 05:45:22 111104 ----a-w- C:\Windows\apppatch\AppPatch64\acspecfc.dll 2013-02-12 04:48:31 474112 ----a-w- C:\Windows\apppatch\AcSpecfc.dll 2013-02-12 04:48:26 2176512 ----a-w- C:\Windows\apppatch\AcGenral.dll 2013-02-05 18:45:15 74272 ----a-w- C:\Windows\System32\RtNicProp64.dll 2013-02-05 18:45:15 107552 ----a-w- C:\Windows\System32\RTNUninst64.dll 2013-02-02 06:57:02 2312704 ----a-w- C:\Windows\System32\jscript9.dll 2013-02-02 06:47:24 1494528 ----a-w- C:\Windows\System32\inetcpl.cpl 2013-02-02 06:47:19 1392128 ----a-w- C:\Windows\System32\wininet.dll 2013-02-02 06:42:18 173056 ----a-w- C:\Windows\System32\ieUnatt.exe 2013-02-02 06:41:51 599040 ----a-w- C:\Windows\System32\vbscript.dll 2013-02-02 06:38:01 2382848 ----a-w- C:\Windows\System32\mshtml.tlb 2013-02-02 03:38:35 1800704 ----a-w- C:\Windows\SysWow64\jscript9.dll 2013-02-02 03:30:32 1427968 ----a-w- C:\Windows\SysWow64\inetcpl.cpl 2013-02-02 03:30:21 1129472 ----a-w- C:\Windows\SysWow64\wininet.dll 2013-02-02 03:26:47 142848 ----a-w- C:\Windows\SysWow64\ieUnatt.exe 2013-02-02 03:26:21 420864 ----a-w- C:\Windows\SysWow64\vbscript.dll 2013-02-02 03:23:28 2382848 ----a-w- C:\Windows\SysWow64\mshtml.tlb 2013-01-30 10:53:22 273840 ------w- C:\Windows\System32\MpSigStub.exe 2013-01-27 19:56:57 286720 ----a-w- C:\Windows\iun506.exe 2013-01-20 15:59:04 230320 ----a-w- C:\Windows\System32\drivers\MpFilter.sys 2013-01-20 15:59:04 130008 ----a-w- C:\Windows\System32\drivers\NisDrvWFP.sys 2013-01-13 21:17:03 9728 ---ha-w- C:\Windows\SysWow64\api-ms-win-downlevel-shlwapi-l1-1-0.dll 2013-01-13 21:17:02 2560 ---ha-w- C:\Windows\SysWow64\api-ms-win-downlevel-normaliz-l1-1-0.dll 2013-01-13 21:16:42 10752 ---ha-w- C:\Windows\SysWow64\api-ms-win-downlevel-advapi32-l1-1-0.dll 2013-01-13 21:12:46 3584 ---ha-w- C:\Windows\SysWow64\api-ms-win-downlevel-advapi32-l2-1-0.dll 2013-01-13 21:11:21 4096 ---ha-w- C:\Windows\SysWow64\api-ms-win-downlevel-user32-l1-1-0.dll 2013-01-13 21:11:08 5632 ---ha-w- C:\Windows\SysWow64\api-ms-win-downlevel-ole32-l1-1-0.dll 2013-01-13 21:11:07 5632 ---ha-w- C:\Windows\SysWow64\api-ms-win-downlevel-shlwapi-l2-1-0.dll 2013-01-13 21:11:07 3072 ---ha-w- C:\Windows\SysWow64\api-ms-win-downlevel-version-l1-1-0.dll 2013-01-13 21:11:07 3072 ---ha-w- C:\Windows\SysWow64\api-ms-win-downlevel-shell32-l1-1-0.dll 2013-01-13 20:35:31 9728 ---ha-w- C:\Windows\System32\api-ms-win-downlevel-shlwapi-l1-1-0.dll 2013-01-13 20:35:31 2560 ---ha-w- C:\Windows\System32\api-ms-win-downlevel-normaliz-l1-1-0.dll 2013-01-13 20:35:18 10752 ---ha-w- C:\Windows\System32\api-ms-win-downlevel-advapi32-l1-1-0.dll 2013-01-13 20:32:07 3584 ---ha-w- C:\Windows\System32\api-ms-win-downlevel-advapi32-l2-1-0.dll 2013-01-13 20:31:48 4096 ---ha-w- C:\Windows\System32\api-ms-win-downlevel-user32-l1-1-0.dll 2013-01-13 20:31:41 5632 ---ha-w- C:\Windows\System32\api-ms-win-downlevel-ole32-l1-1-0.dll 2013-01-13 20:31:40 5632 ---ha-w- C:\Windows\System32\api-ms-win-downlevel-shlwapi-l2-1-0.dll 2013-01-13 20:31:40 3072 ---ha-w- C:\Windows\System32\api-ms-win-downlevel-version-l1-1-0.dll 2013-01-13 20:31:40 3072 ---ha-w- C:\Windows\System32\api-ms-win-downlevel-shell32-l1-1-0.dll 2013-01-13 20:31:00 1247744 ----a-w- C:\Windows\SysWow64\DWrite.dll 2013-01-13 20:22:22 1988096 ----a-w- C:\Windows\SysWow64\d3d10warp.dll 2013-01-13 20:20:31 293376 ----a-w- C:\Windows\SysWow64\dxgi.dll 2013-01-13 20:09:00 249856 ----a-w- C:\Windows\SysWow64\d3d10_1core.dll 2013-01-13 20:08:43 220160 ----a-w- C:\Windows\SysWow64\d3d10core.dll 2013-01-13 20:08:35 1504768 ----a-w- C:\Windows\SysWow64\d3d11.dll 2013-01-13 19:59:04 1643520 ----a-w- C:\Windows\System32\DWrite.dll 2013-01-13 19:58:28 1175552 ----a-w- C:\Windows\System32\FntCache.dll 2013-01-13 19:54:01 604160 ----a-w- C:\Windows\SysWow64\d3d10level9.dll 2013-01-13 19:53:58 207872 ----a-w- C:\Windows\SysWow64\WindowsCodecsExt.dll 2013-01-13 19:53:14 187392 ----a-w- C:\Windows\SysWow64\UIAnimation.dll 2013-01-13 19:51:30 2565120 ----a-w- C:\Windows\System32\d3d10warp.dll 2013-01-13 19:49:17 363008 ----a-w- C:\Windows\System32\dxgi.dll 2013-01-13 19:48:47 161792 ----a-w- C:\Windows\SysWow64\d3d10_1.dll 2013-01-13 19:46:25 1080832 ----a-w- C:\Windows\SysWow64\d3d10.dll 2013-01-13 19:43:21 1230336 ----a-w- C:\Windows\SysWow64\WindowsCodecs.dll 2013-01-13 19:38:39 333312 ----a-w- C:\Windows\System32\d3d10_1core.dll 2013-01-13 19:38:32 1887232 ----a-w- C:\Windows\System32\d3d11.dll 2013-01-13 19:38:21 296960 ----a-w- C:\Windows\System32\d3d10core.dll 2013-01-13 19:37:57 3419136 ----a-w- C:\Windows\SysWow64\d2d1.dll 2013-01-13 19:25:04 245248 ----a-w- C:\Windows\System32\WindowsCodecsExt.dll 2013-01-13 19:24:33 648192 ----a-w- C:\Windows\System32\d3d10level9.dll 2013-01-13 19:24:30 221184 ----a-w- C:\Windows\System32\UIAnimation.dll 2013-01-13 19:20:42 194560 ----a-w- C:\Windows\System32\d3d10_1.dll 2013-01-13 19:20:04 1238528 ----a-w- C:\Windows\System32\d3d10.dll 2013-01-13 19:15:40 1424384 ----a-w- C:\Windows\System32\WindowsCodecs.dll 2013-01-13 19:10:36 3928064 ----a-w- C:\Windows\System32\d2d1.dll 2013-01-13 19:02:06 417792 ----a-w- C:\Windows\SysWow64\WMPhoto.dll 2013-01-13 18:34:58 364544 ----a-w- C:\Windows\SysWow64\XpsGdiConverter.dll 2013-01-13 18:32:43 465920 ----a-w- C:\Windows\System32\WMPhoto.dll 2013-01-13 18:09:52 522752 ----a-w- C:\Windows\System32\XpsGdiConverter.dll 2013-01-13 17:26:42 1158144 ----a-w- C:\Windows\SysWow64\XpsPrint.dll 2013-01-13 17:05:09 1682432 ----a-w- C:\Windows\System32\XpsPrint.dll 2013-01-05 05:53:43 5553512 ----a-w- C:\Windows\System32\ntoskrnl.exe 2013-01-05 05:00:15 3967848 ----a-w- C:\Windows\SysWow64\ntkrnlpa.exe 2013-01-05 05:00:11 3913064 ----a-w- C:\Windows\SysWow64\ntoskrnl.exe 2013-01-04 06:11:21 2284544 ----a-w- C:\Windows\SysWow64\msmpeg2vdec.dll 2013-01-04 06:11:13 2776576 ----a-w- C:\Windows\System32\msmpeg2vdec.dll 2013-01-04 05:46:09 215040 ----a-w- C:\Windows\System32\winsrv.dll 2013-01-04 04:51:16 5120 ----a-w- C:\Windows\SysWow64\wow32.dll 2013-01-04 04:43:21 44032 ----a-w- C:\Windows\apppatch\acwow64.dll 2013-01-04 03:26:48 3153408 ----a-w- C:\Windows\System32\win32k.sys 2013-01-04 02:47:35 25600 ----a-w- C:\Windows\SysWow64\setup16.exe 2013-01-04 02:47:34 7680 ----a-w- C:\Windows\SysWow64\instnm.exe 2013-01-04 02:47:34 2048 ----a-w- C:\Windows\SysWow64\user.exe 2013-01-04 02:47:33 14336 ----a-w- C:\Windows\SysWow64\ntvdm64.dll 2013-01-03 06:00:54 1913192 ----a-w- C:\Windows\System32\drivers\tcpip.sys 2013-01-03 06:00:42 288088 ----a-w- C:\Windows\System32\drivers\FWPKCLNT.SYS . ============= FINISH: 16:54:18.08 =============== . UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG. IF REQUESTED, ZIP IT UP & ATTACH IT . DDS (Ver_2012-11-20.01) . Microsoft Windows 7 Home Premium Boot Device: \Device\HarddiskVolume1 Install Date: 05/10/2012 08:24:17 System Uptime: 17/03/2013 09:54:40 (7 hours ago) . Motherboard: Advent | | DT2 Processor: Intel® Core i5-2320 CPU @ 3.00GHz | SOCKET 0 | 3001/100mhz . ==== Disk Partitions ========================= . C: is FIXED (NTFS) - 1854 GiB total, 1730.881 GiB free. E: is Removable F: is CDROM () G: is Removable H: is Removable I: is Removable J: is Removable L: is Removable . ==== Disabled Device Manager Items ============= . Class GUID: {4d36e972-e325-11ce-bfc1-08002be10318} Description: Realtek PCIe GBE Family Controller Device ID: PCI\VEN_10EC&DEV_8168&SUBSYS_77881462&REV_06\4&3683A64A&0&00E4 Manufacturer: Realtek Name: Realtek PCIe GBE Family Controller PNP Device ID: PCI\VEN_10EC&DEV_8168&SUBSYS_77881462&REV_06\4&3683A64A&0&00E4 Service: RTL8167 . ==== System Restore Points =================== . RP155: 06/03/2013 19:32:06 - Configured Dell Printer Software RP156: 08/03/2013 09:33:52 - Installed Java 7 Update 17 RP157: 08/03/2013 17:27:52 - Configured Dell Printer Software RP158: 08/03/2013 17:35:39 - Configured Dell Printer Software RP159: 08/03/2013 19:24:28 - Installed Dell Printer Software RP160: 08/03/2013 19:27:49 - Configured Dell Printer Software RP161: 08/03/2013 20:02:20 - Configured Dell Printer Software RP162: 09/03/2013 09:21:57 - Configured Dell Printer Software RP163: 09/03/2013 09:32:58 - Configured Dell Printer Software RP164: 09/03/2013 09:54:14 - Restore Operation RP165: 09/03/2013 10:10:00 - Installed Dell Printer Software RP166: 09/03/2013 10:15:02 - Windows Update RP167: 09/03/2013 10:16:53 - Installed Java 7 Update 17 RP168: 10/03/2013 19:16:49 - Restore Operation RP169: 10/03/2013 20:01:26 - Configured Dell Printer Software RP170: 13/03/2013 08:06:21 - Windows Update RP171: 16/03/2013 09:34:53 - Windows Update . ==== Installed Programs ====================== . ABBYY FineReader 6.0 Sprint Add or Remove Adobe Creative Suite 3 Master Collection Adobe Acrobat 8 Professional Adobe After Effects CS3 Adobe After Effects CS3 Presets Adobe AIR Adobe Anchor Service CS3 Adobe Asset Services CS3 Adobe Bridge CS3 Adobe Bridge Start Meeting Adobe BridgeTalk Plugin CS3 Adobe Camera Raw 4.0 Adobe CMaps Adobe Color - Photoshop Specific Adobe Color Common Settings Adobe Color EU Recommended Settings Adobe Color JA Extra Settings Adobe Color NA Extra Settings Adobe Contribute CS3 Adobe Creative Suite 3 Master Collection Adobe Default Language CS3 Adobe Device Central CS3 Adobe Digital Editions 2.0 Adobe Encore CS3 Adobe Encore CS3 Codecs Adobe ExtendScript Toolkit 2 Adobe Extension Manager CS3 Adobe Flash CS3 Adobe Flash Player 11 ActiveX Adobe Flash Player 11 Plugin Adobe Flash Video Encoder Adobe Fonts All Adobe Help Viewer CS3 Adobe Illustrator CS3 Adobe InDesign CS3 Adobe InDesign CS3 Icon Handler Adobe Linguistics CS3 Adobe MotionPicture Color Files Adobe PDF Library Files Adobe Photoshop CS3 Adobe Premiere Pro CS3 Adobe Premiere Pro CS3 Functional Content Adobe Premiere Pro CS3 Third Party Content Adobe Reader XI (11.0.02) Adobe Setup Adobe SING CS3 Adobe Soundbooth CS3 Adobe Soundbooth CS3 Codecs Adobe Stock Photos CS3 Adobe Type Support Adobe Update Manager CS3 Adobe Version Cue CS3 Client Adobe Version Cue CS3 Server Adobe Video Profiles Adobe WAS CS3 Adobe WinSoft Linguistics Plugin Adobe XMP DVA Panels CS3 Adobe XMP Panels CS3 AHV content for Acrobat and Flash AMD Accelerated Video Transcoding AMD APP SDK Runtime AMD Catalyst Install Manager AMD Drag and Drop Transcoding AMD Media Foundation Decoders AOL UK Toolbar Applian FLV and Media Player 3.1.1.12 camac Camera RAW Plug-In for EPSON Creativity Suite Catalyst Control Center Catalyst Control Center - Branding Catalyst Control Center Graphics Previews Common Catalyst Control Center InstallProxy Catalyst Control Center Localization All ccc-utility64 CCC Help Chinese Standard CCC Help Chinese Traditional CCC Help Czech CCC Help Danish CCC Help Dutch CCC Help English CCC Help Finnish CCC Help French CCC Help German CCC Help Greek CCC Help Hungarian CCC Help Italian CCC Help Japanese CCC Help Korean CCC Help Norwegian CCC Help Polish CCC Help Portuguese CCC Help Russian CCC Help Spanish CCC Help Swedish CCC Help Thai CCC Help Turkish CCleaner Corel Paint Shop Pro X D3DX10 Defence Dell Photo AIO Printer 926 Dell Printer Software EPSON Attach To Email EPSON Easy Photo Print EPSON File Manager EPSON Print CD EPSON PRINT Image Framer Tool EPSON Printer Software EPSON Scan Assistant ESET Online Scanner v3 ESPR360_390 User's Guide FSC FSNavigator Google Chrome Google Earth Google Update Helper High-Definition Video Playback 10 Intel® Management Engine Components Java 7 Update 15 Java Auto Updater Junk Mail filter update Keyboard Indicator KNOWHOW APP CENTRE Malwarebytes Anti-Malware version 1.70.0.1100 Mesh Runtime Messenger Companion Microsoft .NET Framework 4 Client Profile Microsoft .NET Framework 4 Extended Microsoft Application Error Reporting Microsoft Flight Simulator 2004 A Century of Flight Microsoft Mouse and Keyboard Center Microsoft Office 2007 Service Pack 3 (SP3) Microsoft Office Access MUI (English) 2007 Microsoft Office Access Setup Metadata MUI (English) 2007 Microsoft Office Enterprise 2007 Microsoft Office Excel MUI (English) 2007 Microsoft Office File Validation Add-In Microsoft Office Groove MUI (English) 2007 Microsoft Office Groove Setup Metadata MUI (English) 2007 Microsoft Office InfoPath MUI (English) 2007 Microsoft Office Office 64-bit Components 2007 Microsoft Office OneNote MUI (English) 2007 Microsoft Office Outlook MUI (English) 2007 Microsoft Office PowerPoint MUI (English) 2007 Microsoft Office Proof (English) 2007 Microsoft Office Proof (French) 2007 Microsoft Office Proof (Spanish) 2007 Microsoft Office Proofing (English) 2007 Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3) Microsoft Office Publisher MUI (English) 2007 Microsoft Office Shared 64-bit MUI (English) 2007 Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2007 Microsoft Office Shared MUI (English) 2007 Microsoft Office Shared Setup Metadata MUI (English) 2007 Microsoft Office Word MUI (English) 2007 Microsoft Primary Interoperability Assemblies 2005 Microsoft Security Client Microsoft Security Essentials Microsoft Silverlight Microsoft SQL Server 2005 Compact Edition [ENU] Microsoft VC9 runtime libraries Microsoft Visual C++ 2005 Redistributable Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 Microsoft Visual C++ 2010 x64 Redistributable - 10.0.30319 Microsoft Visual C++ 2010 x86 Redistributable - 10.0.30319 More Acol Bidding MSVCRT MSVCRT_amd64 MSXML 4.0 SP2 (KB954430) MSXML 4.0 SP2 (KB973688) Nero 10 ClipartPack Nero 10 Menu TemplatePack 1 Nero 10 Menu TemplatePack 2 Nero 10 Menu TemplatePack 3 Nero 10 Menu TemplatePack Basic Nero 10 Movie ThemePack 1 Nero 10 Movie ThemePack 2 Nero 10 Movie ThemePack Basic Nero 10 Sample ImagePack Nero 10 Sample Videos Nero BackItUp 10 Nero BackItUp 10 Help (CHM) Nero Burning ROM 10 Nero BurningROM 10 Help (CHM) Nero BurnRights 10 Nero BurnRights 10 Help (CHM) Nero Control Center 10 Nero Core Components 10 Nero CoverDesigner 10 Nero CoverDesigner 10 Help (CHM) Nero DiscSpeed 10 Nero DiscSpeed 10 Help (CHM) Nero Dolby Files 10 Nero Express 10 Nero Express 10 Help (CHM) Nero InfoTool 10 Nero InfoTool 10 Help (CHM) Nero MediaHub 10 Nero MediaHub 10 Help (CHM) Nero Multimedia Suite 10 Nero Recode 10 Nero Recode 10 Help (CHM) Nero RescueAgent 10 Nero RescueAgent 10 Help (CHM) Nero SoundTrax 10 Nero SoundTrax 10 Help (CHM) Nero StartSmart 10 Nero StartSmart 10 Help (CHM) Nero Update Nero Vision 10 Nero Vision 10 Help (CHM) Nero WaveEditor 10 Nero WaveEditor 10 Help (CHM) PDF Settings Picasa 3 PlayReady PC Runtime amd64 Radioplayer Rapport RealAir Simulations SF.260 Realtek Ethernet Controller Driver Realtek High Definition Audio Driver Remove UK2000 Gatwick Pro files Remove UK2000 Part 3 files Remove UK2000 Part 5 files Revo Uninstaller 1.94 ScoreBridge 9 Security Update for CAPICOM (KB931906) Security Update for Microsoft .NET Framework 4 Client Profile (KB2604121) Security Update for Microsoft .NET Framework 4 Client Profile (KB2656351) Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368v2) Security Update for Microsoft .NET Framework 4 Client Profile (KB2656405) Security Update for Microsoft .NET Framework 4 Client Profile (KB2686827) Security Update for Microsoft .NET Framework 4 Client Profile (KB2729449) Security Update for Microsoft .NET Framework 4 Client Profile (KB2736428) Security Update for Microsoft .NET Framework 4 Client Profile (KB2737019) Security Update for Microsoft .NET Framework 4 Client Profile (KB2742595) Security Update for Microsoft .NET Framework 4 Client Profile (KB2789642) Security Update for Microsoft .NET Framework 4 Extended (KB2487367) Security Update for Microsoft .NET Framework 4 Extended (KB2656351) Security Update for Microsoft .NET Framework 4 Extended (KB2736428) Security Update for Microsoft .NET Framework 4 Extended (KB2742595) Security Update for Microsoft Office 2007 suites (KB2596615) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2596672) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2596744) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2596754) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2596785) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2596792) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2596871) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2597969) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2687311) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2687439) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2687499) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2760416) 32-Bit Edition Security Update for Microsoft Office Excel 2007 (KB2687307) 32-Bit Edition Security Update for Microsoft Office InfoPath 2007 (KB2687440) 32-Bit Edition Security Update for Microsoft Office PowerPoint 2007 (KB2596764) 32-Bit Edition Security Update for Microsoft Office PowerPoint 2007 (KB2596912) 32-Bit Edition Security Update for Microsoft Office Publisher 2007 (KB2596705) 32-Bit Edition Security Update for Microsoft Office Word 2007 (KB2760421) 32-Bit Edition Serif PagePlus X5 Serif PagePlus X6 Serif PhotoPlus X6 Serif WebPlus 10 Serif WebPlus X5 Skype Click to Call Skype™ 6.1 Smart Technology Programming Software 7.0.2.7 Speccy Spotify SUPERAntiSpyware Update for 2007 Microsoft Office System (KB967642) Update for Microsoft .NET Framework 4 Client Profile (KB2468871) Update for Microsoft .NET Framework 4 Client Profile (KB2533523) Update for Microsoft .NET Framework 4 Client Profile (KB2600217) Update for Microsoft .NET Framework 4 Extended (KB2468871) Update for Microsoft .NET Framework 4 Extended (KB2533523) Update for Microsoft .NET Framework 4 Extended (KB2600217) Update for Microsoft Office 2007 Help for Common Features (KB963673) Update for Microsoft Office 2007 suites (KB2596620) 32-Bit Edition Update for Microsoft Office 2007 suites (KB2596660) 32-Bit Edition Update for Microsoft Office 2007 suites (KB2596802) 32-Bit Edition Update for Microsoft Office 2007 suites (KB2596848) 32-Bit Edition Update for Microsoft Office 2007 suites (KB2687493) 32-Bit Edition Update for Microsoft Office 2007 suites (KB2767916) 32-Bit Edition Update for Microsoft Office Access 2007 Help (KB963663) Update for Microsoft Office Excel 2007 Help (KB963678) Update for Microsoft Office Infopath 2007 Help (KB963662) Update for Microsoft Office OneNote 2007 Help (KB963670) Update for Microsoft Office Outlook 2007 (KB2687404) 32-Bit Edition Update for Microsoft Office Outlook 2007 Help (KB963677) Update for Microsoft Office Outlook 2007 Junk Email Filter (KB2768024) 32-Bit Edition Update for Microsoft Office Powerpoint 2007 Help (KB963669) Update for Microsoft Office Publisher 2007 Help (KB963667) Update for Microsoft Office Script Editor Help (KB963671) Update for Microsoft Office Word 2007 Help (KB963665) VLC media player 2.0.4 Windows Live Communications Platform Windows Live Essentials Windows Live Family Safety Windows Live ID Sign-in Assistant Windows Live Installer Windows Live Language Selector Windows Live Mail Windows Live Mesh Windows Live Mesh ActiveX Control for Remote Connections Windows Live Messenger Windows Live Messenger Companion Core Windows Live MIME IFilter Windows Live Movie Maker Windows Live Photo Common Windows Live Photo Gallery Windows Live PIMT Platform Windows Live Remote Client Windows Live Remote Client Resources Windows Live Remote Service Windows Live Remote Service Resources Windows Live SOXE Windows Live SOXE Definitions Windows Live UX Platform Windows Live UX Platform Language Pack Windows Live Writer Windows Live Writer Resources WinPatrol . ==== Event Viewer Messages From Past Week ======== . 17/03/2013 13:05:16, Error: Microsoft-Windows-Kernel-General [5] - {Registry Hive Recovered} Registry hive (file): '\??\Volume{a67b5386-d45e-11e1-a543-806e6f6e6963}\System Volume Information\SPP\SppCbsHiveStore\{cd42efe1-f6f1-427c-b004-033192c625a4}{3795016A-2C9C-42DD-A475-B1BD587C55E8}' was corrupted and it has been recovered. Some data might have been lost. 15/03/2013 12:53:39, Error: Microsoft-Windows-Kernel-General [5] - {Registry Hive Recovered} Registry hive (file): '\??\Volume{a67b5386-d45e-11e1-a543-806e6f6e6963}\System Volume Information\SPP\SppCbsHiveStore\{cd42efe1-f6f1-427c-b004-033192c625a4}{2AE35F0B-76B6-49A7-91A8-A39CE2CDF488}' was corrupted and it has been recovered. Some data might have been lost. 14/03/2013 17:49:16, Error: Microsoft-Windows-Kernel-General [5] - {Registry Hive Recovered} Registry hive (file): '\??\Volume{a67b5386-d45e-11e1-a543-806e6f6e6963}\System Volume Information\SPP\SppCbsHiveStore\{cd42efe1-f6f1-427c-b004-033192c625a4}{E2C806F3-21A2-4018-AB32-E899B01EE2C0}' was corrupted and it has been recovered. Some data might have been lost. 13/03/2013 17:25:11, Error: Microsoft-Windows-Kernel-General [5] - {Registry Hive Recovered} Registry hive (file): '\??\Volume{a67b5386-d45e-11e1-a543-806e6f6e6963}\System Volume Information\SPP\SppCbsHiveStore\{cd42efe1-f6f1-427c-b004-033192c625a4}{6B180DAD-15FA-48E1-B983-077FD9945933}' was corrupted and it has been recovered. Some data might have been lost. 13/03/2013 12:04:31, Error: Application Popup [877] - There was error [DATABASE OPEN FAILED] processing the driver database. 12/03/2013 12:49:50, Error: Microsoft-Windows-Kernel-General [5] - {Registry Hive Recovered} Registry hive (file): '\??\Volume{a67b5386-d45e-11e1-a543-806e6f6e6963}\System Volume Information\SPP\SppCbsHiveStore\{cd42efe1-f6f1-427c-b004-033192c625a4}{31E0FD0E-7BA6-44EB-9585-9CF4FB4F6BC4}' was corrupted and it has been recovered. Some data might have been lost. 11/03/2013 18:13:51, Error: Microsoft-Windows-Kernel-General [5] - {Registry Hive Recovered} Registry hive (file): '\??\Volume{a67b5386-d45e-11e1-a543-806e6f6e6963}\System Volume Information\SPP\SppCbsHiveStore\{cd42efe1-f6f1-427c-b004-033192c625a4}{44F89C42-50DF-4247-A72F-DE44C0ADA74F}' was corrupted and it has been recovered. Some data might have been lost. 11/03/2013 10:59:57, Error: Microsoft-Windows-Kernel-General [5] - {Registry Hive Recovered} Registry hive (file): '\??\Volume{a67b5386-d45e-11e1-a543-806e6f6e6963}\System Volume Information\SPP\SppCbsHiveStore\{cd42efe1-f6f1-427c-b004-033192c625a4}{017625DA-BC7A-49AE-B5A9-7BD9A3532CE3}' was corrupted and it has been recovered. Some data might have been lost. 10/03/2013 21:36:04, Error: Microsoft-Windows-Kernel-General [5] - {Registry Hive Recovered} Registry hive (file): '\??\Volume{a67b5386-d45e-11e1-a543-806e6f6e6963}\System Volume Information\SPP\SppCbsHiveStore\{cd42efe1-f6f1-427c-b004-033192c625a4}{0A0C0D17-70BA-499E-B392-447A504BB5F0}' was corrupted and it has been recovered. Some data might have been lost. 10/03/2013 20:33:01, Error: bowser [8003] - The master browser has received a server announcement from the computer VERA that believes that it is the master browser for the domain on transport NetBT_Tcpip_{93897053-D460-412D-B871-201635BFF278}. The master browser is stopping or an election is being forced. 10/03/2013 19:26:22, Error: Microsoft-Windows-Kernel-General [5] - {Registry Hive Recovered} Registry hive (file): '\??\Volume{a67b5386-d45e-11e1-a543-806e6f6e6963}\System Volume Information\SystemRestore\New-software' was corrupted and it has been recovered. Some data might have been lost. 10/03/2013 19:26:18, Error: Microsoft-Windows-Kernel-General [5] - {Registry Hive Recovered} Registry hive (file): '\??\Volume{a67b5386-d45e-11e1-a543-806e6f6e6963}\System Volume Information\SystemRestore\New-system' was corrupted and it has been recovered. Some data might have been lost. 10/03/2013 19:18:08, Error: Service Control Manager [7011] - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the Spooler service. 10/03/2013 19:10:15, Error: Service Control Manager [7043] - The Windows Update service did not shut down properly after receiving a preshutdown control. . ==== End Of File ===========================

Downloads show in folder. Not working. Help

<p>result from security check:</p> <p> </p> <p> </p> <div>Results of screen317's Security Check version 0.99.60 </div> <div> Windows 7 Service Pack 1 x64 (UAC is enabled) </div> <div> Internet Explorer 9 </div> <div>``````````````Antivirus/Firewall Check:`````````````` </div> <div> Windows Firewall Enabled! </div> <div>Microsoft Security Essentials </div> <div> Antivirus up to date! </div> <div>`````````Anti-malware/Other Utilities Check:````````` </div> <div> Malwarebytes Anti-Malware version 1.70.0.1100 </div> <div> Java 7 Update 13 </div> <div> Java version out of Date! </div> <div> Adobe Flash Player 9 Flash Player out of Date! </div> <div> Adobe Reader 10.1.6 Adobe Reader out of Date! </div> <div> Google Chrome 24.0.1312.57 </div> <div> Google Chrome 25.0.1364.97 </div> <div>````````Process Check: objlist.exe by Laurent```````` </div> <div> Microsoft Security Essentials MSMpEng.exe </div> <div> Microsoft Security Essentials msseces.exe </div> <div> WinPatrol winpatrol.exe </div> <div> Malwarebytes' Anti-Malware mbamscheduler.exe </div> <div> TOSHIBA TOSHIBA Online Product Information TOPI.exe </div> <div> BillP Studios WinPatrol WinPatrol.exe </div> <div>`````````````````System Health check````````````````` </div> <div> Total Fragmentation on Drive C: 0% </div> <div>````````````````````End of Log``````````````````````</div>

Report on computer. Running well with no problems at present, will run a full test for responses tomorrow and confirm to you. thanks

<p> </p> <div>Malwarebytes Anti-Malware (PRO) 1.70.0.1100</div> <div>www.malwarebytes.org</div> <div> </div> <div>Database version: v2013.02.26.09</div> <div> </div> <div>Windows 7 Service Pack 1 x64 NTFS</div> <div>Internet Explorer 9.0.8112.16421</div> <div>Tom :: TOM-TOSH [administrator]</div> <div> </div> <div>Protection: Disabled</div> <div> </div> <div>26/02/2013 19:10:25</div> <div>mbam-log-2013-02-26 (19-10-25).txt</div> <div> </div> <div>Scan type: Quick scan</div> <div>Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM</div> <div>Scan options disabled: P2P</div> <div>Objects scanned: 214044</div> <div>Time elapsed: 4 minute(s), 43 second(s)</div> <div> </div> <div>Memory Processes Detected: 0</div> <div>(No malicious items detected)</div> <div> </div> <div>Memory Modules Detected: 0</div> <div>(No malicious items detected)</div> <div> </div> <div>Registry Keys Detected: 0</div> <div>(No malicious items detected)</div> <div> </div> <div>Registry Values Detected: 0</div> <div>(No malicious items detected)</div> <div> </div> <div>Registry Data Items Detected: 0</div> <div>(No malicious items detected)</div> <div> </div> <div>Folders Detected: 0</div> <div>(No malicious items detected)</div> <div> </div> <div>Files Detected: 0</div> <div>(No malicious items detected)</div> <div> </div> <div>(end)</div>

ADW report 2 # AdwCleaner v2.113 - Logfile created 02/26/2013 at 17:44:42 # Updated 23/02/2013 by Xplode # Operating system : Windows 7 Home Premium Service Pack 1 (64 bits) # User : Tom - TOM-TOSH # Boot Mode : Normal # Running from : C:\Users\Tom\Desktop\adwcleaner.exe # Option [Delete] ***** [services] ***** ***** [Files / Folders] ***** Folder Deleted : C:\Program Files (x86)\Conduit Folder Deleted : C:\ProgramData\InstallMate Folder Deleted : C:\Users\Tom\AppData\Local\APN Folder Deleted : C:\Users\Tom\AppData\Local\Conduit Folder Deleted : C:\Users\Tom\AppData\LocalLow\Conduit Folder Deleted : C:\Users\Tom\AppData\LocalLow\Minibar Folder Deleted : C:\Users\Tom\AppData\LocalLow\PriceGong Folder Deleted : C:\Users\Tom\AppData\LocalLow\Toolbar4 ***** [Registry] ***** Key Deleted : HKCU\Software\AppDataLow\Software\Conduit Key Deleted : HKCU\Software\AppDataLow\Software\PriceGong Key Deleted : HKCU\Software\AppDataLow\Software\SmartBar Key Deleted : HKCU\Software\Ask&Record Key Deleted : HKCU\Software\Conduit Key Deleted : HKCU\Software\Iminent Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{95B7759C-8C7F-4BF1-B163-73684A933233} Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{95B7759C-8C7F-4BF1-B163-73684A933233} Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{DF7770F7-832F-4BDF-B144-100EDDD0C3AE} Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\{79A765E1-C399-405B-85AF-466F52E918B0} Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{AFDBDDAA-5D3F-42EE-B79C-185A7020515B} Key Deleted : HKLM\SOFTWARE\Classes\AppID\{CFDAFE39-20CE-451D-BD45-A37452F39CF0} Key Deleted : HKLM\SOFTWARE\Classes\AppID\YontooIEClient.DLL Key Deleted : HKLM\SOFTWARE\Classes\Toolbar.CT1060933 Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{2BF2028E-3F3C-4C05-AB45-B2F1DCFE0759} Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{9C049BA6-EA47-4AC3-AED6-A66D8DC9E1D8} Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{DB538320-D3C5-433C-BCA9-C4081A054FCF} Key Deleted : HKLM\SOFTWARE\Classes\YontooIEClient.Api Key Deleted : HKLM\SOFTWARE\Classes\YontooIEClient.Api.1 Key Deleted : HKLM\Software\Conduit Key Deleted : HKLM\Software\Freeze.com Key Deleted : HKLM\Software\Iminent Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Extension Compatibility\{2EECD738-5844-4A99-B4B6-146BF802613B} Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Extension Compatibility\{97F2FF5B-260C-4CCF-834A-2DDA4E29E39E} Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Extension Compatibility\{98889811-442D-49DD-99D7-DC866BE87DBC} Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\apntoolbarinstaller_RASAPI32 Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\apntoolbarinstaller_RASMANCS Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\ConduitInstaller_RASAPI32 Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\ConduitInstaller_RASMANCS Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\Iminent_RASAPI32 Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\Iminent_RASMANCS Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{02054E11-5113-4BE3-8153-AA8DFB5D3761} Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{3C471948-F874-49F5-B338-4F214A2EE0B1} Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{80922EE0-8A76-46AE-95D5-BD3C3FE0708D} Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{CC5AD34C-6F10-4CB3-B74A-C2DD4D5060A3} Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{DF7770F7-832F-4BDF-B144-100EDDD0C3AE} Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39} Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{021B4049-F57D-4565-A693-FD3B04786BFA} Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{0362AA09-808D-48E9-B360-FB51A8CBCE09} Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{03E2A1F3-4402-4121-8B35-733216D61217} Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{06844020-CD0B-3D3D-A7FE-371153013E49} Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{0ADC01BB-303B-3F8E-93DA-12C140E85460} Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{10D3722F-23E6-3901-B6C1-FF6567121920} Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{1675E62B-F911-3B7B-A046-EB57261212F3} Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{192929F2-9273-3894-91B0-F54671C4C861} Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{1AD27395-1659-4DFF-A319-2CFA243861A5} Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{2932897E-3036-43D9-8A64-B06447992065} Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{2DE92D29-A042-3C37-BFF8-07C7D8893EFA} Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{32B80AD6-1214-45F4-994E-78A5D482C000} Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{3A8E103F-B2B7-3BEF-B3B0-88E29B2420E4} Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{478CE5D3-D38E-3FFE-8DBE-8C4A0F1C4D8D} Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{48B7DA4E-69ED-39E3-BAD5-3E3EFF22CFB0} Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{5982F405-44E4-3BBB-BAC4-CF8141CBBC5C} Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{5D8C3CC3-3C05-38A1-B244-924A23115FE9} Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{641593AF-D9FD-30F7-B783-36E16F7A2E08} Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{711FC48A-1356-3932-94D8-A8B733DBC7E4} Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{72227B7F-1F02-3560-95F5-592E68BACC0C} Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{7B5E8CE3-4722-4C0E-A236-A6FF731BEF37} Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{890D4F59-5ED0-3CB4-8E0E-74A5A86E7ED0} Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{8C68913C-AC3C-4494-8B9C-984D87C85003} Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{8D019513-083F-4AA5-933F-7D43A6DA82C4} Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{923F6FB8-A390-370E-A0D2-DD505432481D} Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{9BBB26EF-B178-35D6-9D3D-B485F4279FE5} Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{9E3B11F6-4179-4603-A71B-A55F4BCB0BEC} Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{A62DDBE0-8D2A-339A-B089-8CBCC5CD322A} Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{A82AD04D-0B8E-3A49-947B-6A69A8A9C96D} Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{ADEB3CC9-A05D-4FCC-BD09-9025456AA3EA} Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{B06D4521-D09C-3F41-8E39-9D784CCA2A75} Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{C06DAD42-6F39-4CE1-83CC-9A8B9105E556} Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{C2E799D0-43A5-3477-8A98-FC5F3677F35C} Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{D16107CD-2AD5-46A8-BA59-303B7C32C500} Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{D25B101F-8188-3B43-9D85-201F372BC205} Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{D2BA7595-5E44-3F1E-880F-03B3139FA5ED} Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{D35F5C81-17D9-3E1C-A1FC-4472542E1D25} Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{D8FA96CA-B250-312C-AF34-4FF1DD72589D} Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{DAFC1E63-3359-416D-9BC2-E7DCA6F7B0F3} Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{DC5E5C44-80FD-3697-9E65-9F286D92F3E7} Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{E1B4C9DE-D741-385F-981E-6745FACE6F01} Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{E7B623F5-9715-3F9F-A671-D1485A39F8A2} Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{ED916A7B-7C68-3198-B87D-2DABC30A5587} Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{EFA1BDB2-BB3D-3D9A-8EB5-D0D22E0F64F4} Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{F4CBF4DD-F8FE-35BA-BB7E-68304DAAB70B} Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{FC32005D-E27C-32E0-ADFA-152F598B75E7} Key Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{628F3201-34D0-49C0-BB9A-82A26AEFB291} Key Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{68B81CCD-A80C-4060-8947-5AE69ED01199} Key Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{E6B969FB-6D33-48D2-9061-8BBD4899EB08} Key Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\{AFDBDDAA-5D3F-42EE-B79C-185A7020515B} Key Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{CD95D125-2992-4858-B3EF-5F6FB52FBAD6} Key Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\SearchTheWebARP Key Deleted : HKLM\SOFTWARE\Classes\Interface\{021B4049-F57D-4565-A693-FD3B04786BFA} Key Deleted : HKLM\SOFTWARE\Classes\Interface\{0362AA09-808D-48E9-B360-FB51A8CBCE09} Key Deleted : HKLM\SOFTWARE\Classes\Interface\{03E2A1F3-4402-4121-8B35-733216D61217} Key Deleted : HKLM\SOFTWARE\Classes\Interface\{06844020-CD0B-3D3D-A7FE-371153013E49} Key Deleted : HKLM\SOFTWARE\Classes\Interface\{0ADC01BB-303B-3F8E-93DA-12C140E85460} Key Deleted : HKLM\SOFTWARE\Classes\Interface\{10D3722F-23E6-3901-B6C1-FF6567121920} Key Deleted : HKLM\SOFTWARE\Classes\Interface\{10DE7085-6A1E-4D41-A7BF-9AF93E351401} Key Deleted : HKLM\SOFTWARE\Classes\Interface\{1675E62B-F911-3B7B-A046-EB57261212F3} Key Deleted : HKLM\SOFTWARE\Classes\Interface\{192929F2-9273-3894-91B0-F54671C4C861} Key Deleted : HKLM\SOFTWARE\Classes\Interface\{1AD27395-1659-4DFF-A319-2CFA243861A5} Key Deleted : HKLM\SOFTWARE\Classes\Interface\{2932897E-3036-43D9-8A64-B06447992065} Key Deleted : HKLM\SOFTWARE\Classes\Interface\{2DE92D29-A042-3C37-BFF8-07C7D8893EFA} Key Deleted : HKLM\SOFTWARE\Classes\Interface\{32B80AD6-1214-45F4-994E-78A5D482C000} Key Deleted : HKLM\SOFTWARE\Classes\Interface\{3A8E103F-B2B7-3BEF-B3B0-88E29B2420E4} Key Deleted : HKLM\SOFTWARE\Classes\Interface\{478CE5D3-D38E-3FFE-8DBE-8C4A0F1C4D8D} Key Deleted : HKLM\SOFTWARE\Classes\Interface\{48B7DA4E-69ED-39E3-BAD5-3E3EFF22CFB0} Key Deleted : HKLM\SOFTWARE\Classes\Interface\{5982F405-44E4-3BBB-BAC4-CF8141CBBC5C} Key Deleted : HKLM\SOFTWARE\Classes\Interface\{5D8C3CC3-3C05-38A1-B244-924A23115FE9} Key Deleted : HKLM\SOFTWARE\Classes\Interface\{641593AF-D9FD-30F7-B783-36E16F7A2E08} Key Deleted : HKLM\SOFTWARE\Classes\Interface\{711FC48A-1356-3932-94D8-A8B733DBC7E4} Key Deleted : HKLM\SOFTWARE\Classes\Interface\{72227B7F-1F02-3560-95F5-592E68BACC0C} Key Deleted : HKLM\SOFTWARE\Classes\Interface\{7B5E8CE3-4722-4C0E-A236-A6FF731BEF37} Key Deleted : HKLM\SOFTWARE\Classes\Interface\{890D4F59-5ED0-3CB4-8E0E-74A5A86E7ED0} Key Deleted : HKLM\SOFTWARE\Classes\Interface\{8C68913C-AC3C-4494-8B9C-984D87C85003} Key Deleted : HKLM\SOFTWARE\Classes\Interface\{8D019513-083F-4AA5-933F-7D43A6DA82C4} Key Deleted : HKLM\SOFTWARE\Classes\Interface\{923F6FB8-A390-370E-A0D2-DD505432481D} Key Deleted : HKLM\SOFTWARE\Classes\Interface\{9BBB26EF-B178-35D6-9D3D-B485F4279FE5} Key Deleted : HKLM\SOFTWARE\Classes\Interface\{9E3B11F6-4179-4603-A71B-A55F4BCB0BEC} Key Deleted : HKLM\SOFTWARE\Classes\Interface\{A62DDBE0-8D2A-339A-B089-8CBCC5CD322A} Key Deleted : HKLM\SOFTWARE\Classes\Interface\{A82AD04D-0B8E-3A49-947B-6A69A8A9C96D} Key Deleted : HKLM\SOFTWARE\Classes\Interface\{ADEB3CC9-A05D-4FCC-BD09-9025456AA3EA} Key Deleted : HKLM\SOFTWARE\Classes\Interface\{B06D4521-D09C-3F41-8E39-9D784CCA2A75} Key Deleted : HKLM\SOFTWARE\Classes\Interface\{C06DAD42-6F39-4CE1-83CC-9A8B9105E556} Key Deleted : HKLM\SOFTWARE\Classes\Interface\{C2E799D0-43A5-3477-8A98-FC5F3677F35C} Key Deleted : HKLM\SOFTWARE\Classes\Interface\{D16107CD-2AD5-46A8-BA59-303B7C32C500} Key Deleted : HKLM\SOFTWARE\Classes\Interface\{D25B101F-8188-3B43-9D85-201F372BC205} Key Deleted : HKLM\SOFTWARE\Classes\Interface\{D2BA7595-5E44-3F1E-880F-03B3139FA5ED} Key Deleted : HKLM\SOFTWARE\Classes\Interface\{D35F5C81-17D9-3E1C-A1FC-4472542E1D25} Key Deleted : HKLM\SOFTWARE\Classes\Interface\{D8FA96CA-B250-312C-AF34-4FF1DD72589D} Key Deleted : HKLM\SOFTWARE\Classes\Interface\{DAFC1E63-3359-416D-9BC2-E7DCA6F7B0F3} Key Deleted : HKLM\SOFTWARE\Classes\Interface\{DC5E5C44-80FD-3697-9E65-9F286D92F3E7} Key Deleted : HKLM\SOFTWARE\Classes\Interface\{E1B4C9DE-D741-385F-981E-6745FACE6F01} Key Deleted : HKLM\SOFTWARE\Classes\Interface\{E7B623F5-9715-3F9F-A671-D1485A39F8A2} Key Deleted : HKLM\SOFTWARE\Classes\Interface\{ED916A7B-7C68-3198-B87D-2DABC30A5587} Key Deleted : HKLM\SOFTWARE\Classes\Interface\{EFA1BDB2-BB3D-3D9A-8EB5-D0D22E0F64F4} Key Deleted : HKLM\SOFTWARE\Classes\Interface\{F4CBF4DD-F8FE-35BA-BB7E-68304DAAB70B} Key Deleted : HKLM\SOFTWARE\Classes\Interface\{FC32005D-E27C-32E0-ADFA-152F598B75E7} Key Deleted : HKLM\SOFTWARE\Software Value Deleted : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{977AE9CC-AF83-45E8-9E03-E2798216E2D5}] ***** [internet Browsers] ***** -\\ Internet Explorer v9.0.8112.16464 [OK] Registry is clean. -\\ Google Chrome v25.0.1364.97 File : C:\Users\Tom\AppData\Local\Google\Chrome\User Data\Default\Preferences [OK] File is clean. ************************* AdwCleaner[R1].txt - [13394 octets] - [26/02/2013 11:18:43] AdwCleaner[s1].txt - [13561 octets] - [26/02/2013 17:44:42] ########## EOF - C:\AdwCleaner[s1].txt - [13622 octets] ##########

Good Morning MrC, Not sure what the APN folder refers to, all other folders are of no consequence. Report follows # AdwCleaner v2.113 - Logfile created 02/26/2013 at 11:18:43 # Updated 23/02/2013 by Xplode # Operating system : Windows 7 Home Premium Service Pack 1 (64 bits) # User : Tom - TOM-TOSH # Boot Mode : Normal # Running from : C:\Users\Tom\Desktop\adwcleaner.exe # Option [search] ***** [services] ***** ***** [Files / Folders] ***** Folder Found : C:\Program Files (x86)\Conduit Folder Found : C:\ProgramData\InstallMate Folder Found : C:\Users\Tom\AppData\Local\APN Folder Found : C:\Users\Tom\AppData\Local\Conduit Folder Found : C:\Users\Tom\AppData\LocalLow\Conduit Folder Found : C:\Users\Tom\AppData\LocalLow\Minibar Folder Found : C:\Users\Tom\AppData\LocalLow\PriceGong Folder Found : C:\Users\Tom\AppData\LocalLow\Toolbar4 ***** [Registry] ***** Key Found : HKCU\Software\AppDataLow\Software\Conduit Key Found : HKCU\Software\AppDataLow\Software\PriceGong Key Found : HKCU\Software\AppDataLow\Software\SmartBar Key Found : HKCU\Software\Ask&Record Key Found : HKCU\Software\Conduit Key Found : HKCU\Software\Iminent Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{95B7759C-8C7F-4BF1-B163-73684A933233} Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{95B7759C-8C7F-4BF1-B163-73684A933233} Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{DF7770F7-832F-4BDF-B144-100EDDD0C3AE} Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\{79A765E1-C399-405B-85AF-466F52E918B0} Key Found : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{AFDBDDAA-5D3F-42EE-B79C-185A7020515B} Key Found : HKLM\SOFTWARE\Classes\AppID\{CFDAFE39-20CE-451D-BD45-A37452F39CF0} Key Found : HKLM\SOFTWARE\Classes\AppID\YontooIEClient.DLL Key Found : HKLM\SOFTWARE\Classes\Toolbar.CT1060933 Key Found : HKLM\SOFTWARE\Classes\TypeLib\{2BF2028E-3F3C-4C05-AB45-B2F1DCFE0759} Key Found : HKLM\SOFTWARE\Classes\TypeLib\{9C049BA6-EA47-4AC3-AED6-A66D8DC9E1D8} Key Found : HKLM\SOFTWARE\Classes\TypeLib\{DB538320-D3C5-433C-BCA9-C4081A054FCF} Key Found : HKLM\SOFTWARE\Classes\YontooIEClient.Api Key Found : HKLM\SOFTWARE\Classes\YontooIEClient.Api.1 Key Found : HKLM\Software\Conduit Key Found : HKLM\Software\Freeze.com Key Found : HKLM\Software\Iminent Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Extension Compatibility\{2EECD738-5844-4A99-B4B6-146BF802613B} Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Extension Compatibility\{97F2FF5B-260C-4CCF-834A-2DDA4E29E39E} Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Extension Compatibility\{98889811-442D-49DD-99D7-DC866BE87DBC} Key Found : HKLM\SOFTWARE\Microsoft\Tracing\apntoolbarinstaller_RASAPI32 Key Found : HKLM\SOFTWARE\Microsoft\Tracing\apntoolbarinstaller_RASMANCS Key Found : HKLM\SOFTWARE\Microsoft\Tracing\ConduitInstaller_RASAPI32 Key Found : HKLM\SOFTWARE\Microsoft\Tracing\ConduitInstaller_RASMANCS Key Found : HKLM\SOFTWARE\Microsoft\Tracing\Iminent_RASAPI32 Key Found : HKLM\SOFTWARE\Microsoft\Tracing\Iminent_RASMANCS Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{02054E11-5113-4BE3-8153-AA8DFB5D3761} Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{3C471948-F874-49F5-B338-4F214A2EE0B1} Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{80922EE0-8A76-46AE-95D5-BD3C3FE0708D} Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{CC5AD34C-6F10-4CB3-B74A-C2DD4D5060A3} Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{DF7770F7-832F-4BDF-B144-100EDDD0C3AE} Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39} Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{021B4049-F57D-4565-A693-FD3B04786BFA} Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{0362AA09-808D-48E9-B360-FB51A8CBCE09} Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{03E2A1F3-4402-4121-8B35-733216D61217} Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{06844020-CD0B-3D3D-A7FE-371153013E49} Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{0ADC01BB-303B-3F8E-93DA-12C140E85460} Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{10D3722F-23E6-3901-B6C1-FF6567121920} Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{1675E62B-F911-3B7B-A046-EB57261212F3} Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{192929F2-9273-3894-91B0-F54671C4C861} Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{1AD27395-1659-4DFF-A319-2CFA243861A5} Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{2932897E-3036-43D9-8A64-B06447992065} Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{2DE92D29-A042-3C37-BFF8-07C7D8893EFA} Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{32B80AD6-1214-45F4-994E-78A5D482C000} Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{3A8E103F-B2B7-3BEF-B3B0-88E29B2420E4} Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{478CE5D3-D38E-3FFE-8DBE-8C4A0F1C4D8D} Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{48B7DA4E-69ED-39E3-BAD5-3E3EFF22CFB0} Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{5982F405-44E4-3BBB-BAC4-CF8141CBBC5C} Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{5D8C3CC3-3C05-38A1-B244-924A23115FE9} Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{641593AF-D9FD-30F7-B783-36E16F7A2E08} Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{711FC48A-1356-3932-94D8-A8B733DBC7E4} Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{72227B7F-1F02-3560-95F5-592E68BACC0C} Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{7B5E8CE3-4722-4C0E-A236-A6FF731BEF37} Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{890D4F59-5ED0-3CB4-8E0E-74A5A86E7ED0} Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{8C68913C-AC3C-4494-8B9C-984D87C85003} Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{8D019513-083F-4AA5-933F-7D43A6DA82C4} Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{923F6FB8-A390-370E-A0D2-DD505432481D} Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{9BBB26EF-B178-35D6-9D3D-B485F4279FE5} Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{9E3B11F6-4179-4603-A71B-A55F4BCB0BEC} Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{A62DDBE0-8D2A-339A-B089-8CBCC5CD322A} Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{A82AD04D-0B8E-3A49-947B-6A69A8A9C96D} Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{ADEB3CC9-A05D-4FCC-BD09-9025456AA3EA} Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{B06D4521-D09C-3F41-8E39-9D784CCA2A75} Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{C06DAD42-6F39-4CE1-83CC-9A8B9105E556} Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{C2E799D0-43A5-3477-8A98-FC5F3677F35C} Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{D16107CD-2AD5-46A8-BA59-303B7C32C500} Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{D25B101F-8188-3B43-9D85-201F372BC205} Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{D2BA7595-5E44-3F1E-880F-03B3139FA5ED} Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{D35F5C81-17D9-3E1C-A1FC-4472542E1D25} Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{D8FA96CA-B250-312C-AF34-4FF1DD72589D} Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{DAFC1E63-3359-416D-9BC2-E7DCA6F7B0F3} Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{DC5E5C44-80FD-3697-9E65-9F286D92F3E7} Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{E1B4C9DE-D741-385F-981E-6745FACE6F01} Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{E7B623F5-9715-3F9F-A671-D1485A39F8A2} Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{ED916A7B-7C68-3198-B87D-2DABC30A5587} Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{EFA1BDB2-BB3D-3D9A-8EB5-D0D22E0F64F4} Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{F4CBF4DD-F8FE-35BA-BB7E-68304DAAB70B} Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{FC32005D-E27C-32E0-ADFA-152F598B75E7} Key Found : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{628F3201-34D0-49C0-BB9A-82A26AEFB291} Key Found : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{68B81CCD-A80C-4060-8947-5AE69ED01199} Key Found : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{E6B969FB-6D33-48D2-9061-8BBD4899EB08} Key Found : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\{AFDBDDAA-5D3F-42EE-B79C-185A7020515B} Key Found : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{CD95D125-2992-4858-B3EF-5F6FB52FBAD6} Key Found : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\SearchTheWebARP Key Found : HKLM\SOFTWARE\Classes\Interface\{021B4049-F57D-4565-A693-FD3B04786BFA} Key Found : HKLM\SOFTWARE\Classes\Interface\{0362AA09-808D-48E9-B360-FB51A8CBCE09} Key Found : HKLM\SOFTWARE\Classes\Interface\{03E2A1F3-4402-4121-8B35-733216D61217} Key Found : HKLM\SOFTWARE\Classes\Interface\{06844020-CD0B-3D3D-A7FE-371153013E49} Key Found : HKLM\SOFTWARE\Classes\Interface\{0ADC01BB-303B-3F8E-93DA-12C140E85460} Key Found : HKLM\SOFTWARE\Classes\Interface\{10D3722F-23E6-3901-B6C1-FF6567121920} Key Found : HKLM\SOFTWARE\Classes\Interface\{10DE7085-6A1E-4D41-A7BF-9AF93E351401} Key Found : HKLM\SOFTWARE\Classes\Interface\{1675E62B-F911-3B7B-A046-EB57261212F3} Key Found : HKLM\SOFTWARE\Classes\Interface\{192929F2-9273-3894-91B0-F54671C4C861} Key Found : HKLM\SOFTWARE\Classes\Interface\{1AD27395-1659-4DFF-A319-2CFA243861A5} Key Found : HKLM\SOFTWARE\Classes\Interface\{2932897E-3036-43D9-8A64-B06447992065} Key Found : HKLM\SOFTWARE\Classes\Interface\{2DE92D29-A042-3C37-BFF8-07C7D8893EFA} Key Found : HKLM\SOFTWARE\Classes\Interface\{32B80AD6-1214-45F4-994E-78A5D482C000} Key Found : HKLM\SOFTWARE\Classes\Interface\{3A8E103F-B2B7-3BEF-B3B0-88E29B2420E4} Key Found : HKLM\SOFTWARE\Classes\Interface\{478CE5D3-D38E-3FFE-8DBE-8C4A0F1C4D8D} Key Found : HKLM\SOFTWARE\Classes\Interface\{48B7DA4E-69ED-39E3-BAD5-3E3EFF22CFB0} Key Found : HKLM\SOFTWARE\Classes\Interface\{5982F405-44E4-3BBB-BAC4-CF8141CBBC5C} Key Found : HKLM\SOFTWARE\Classes\Interface\{5D8C3CC3-3C05-38A1-B244-924A23115FE9} Key Found : HKLM\SOFTWARE\Classes\Interface\{641593AF-D9FD-30F7-B783-36E16F7A2E08} Key Found : HKLM\SOFTWARE\Classes\Interface\{711FC48A-1356-3932-94D8-A8B733DBC7E4} Key Found : HKLM\SOFTWARE\Classes\Interface\{72227B7F-1F02-3560-95F5-592E68BACC0C} Key Found : HKLM\SOFTWARE\Classes\Interface\{7B5E8CE3-4722-4C0E-A236-A6FF731BEF37} Key Found : HKLM\SOFTWARE\Classes\Interface\{890D4F59-5ED0-3CB4-8E0E-74A5A86E7ED0} Key Found : HKLM\SOFTWARE\Classes\Interface\{8C68913C-AC3C-4494-8B9C-984D87C85003} Key Found : HKLM\SOFTWARE\Classes\Interface\{8D019513-083F-4AA5-933F-7D43A6DA82C4} Key Found : HKLM\SOFTWARE\Classes\Interface\{923F6FB8-A390-370E-A0D2-DD505432481D} Key Found : HKLM\SOFTWARE\Classes\Interface\{9BBB26EF-B178-35D6-9D3D-B485F4279FE5} Key Found : HKLM\SOFTWARE\Classes\Interface\{9E3B11F6-4179-4603-A71B-A55F4BCB0BEC} Key Found : HKLM\SOFTWARE\Classes\Interface\{A62DDBE0-8D2A-339A-B089-8CBCC5CD322A} Key Found : HKLM\SOFTWARE\Classes\Interface\{A82AD04D-0B8E-3A49-947B-6A69A8A9C96D} Key Found : HKLM\SOFTWARE\Classes\Interface\{ADEB3CC9-A05D-4FCC-BD09-9025456AA3EA} Key Found : HKLM\SOFTWARE\Classes\Interface\{B06D4521-D09C-3F41-8E39-9D784CCA2A75} Key Found : HKLM\SOFTWARE\Classes\Interface\{C06DAD42-6F39-4CE1-83CC-9A8B9105E556} Key Found : HKLM\SOFTWARE\Classes\Interface\{C2E799D0-43A5-3477-8A98-FC5F3677F35C} Key Found : HKLM\SOFTWARE\Classes\Interface\{D16107CD-2AD5-46A8-BA59-303B7C32C500} Key Found : HKLM\SOFTWARE\Classes\Interface\{D25B101F-8188-3B43-9D85-201F372BC205} Key Found : HKLM\SOFTWARE\Classes\Interface\{D2BA7595-5E44-3F1E-880F-03B3139FA5ED} Key Found : HKLM\SOFTWARE\Classes\Interface\{D35F5C81-17D9-3E1C-A1FC-4472542E1D25} Key Found : HKLM\SOFTWARE\Classes\Interface\{D8FA96CA-B250-312C-AF34-4FF1DD72589D} Key Found : HKLM\SOFTWARE\Classes\Interface\{DAFC1E63-3359-416D-9BC2-E7DCA6F7B0F3} Key Found : HKLM\SOFTWARE\Classes\Interface\{DC5E5C44-80FD-3697-9E65-9F286D92F3E7} Key Found : HKLM\SOFTWARE\Classes\Interface\{E1B4C9DE-D741-385F-981E-6745FACE6F01} Key Found : HKLM\SOFTWARE\Classes\Interface\{E7B623F5-9715-3F9F-A671-D1485A39F8A2} Key Found : HKLM\SOFTWARE\Classes\Interface\{ED916A7B-7C68-3198-B87D-2DABC30A5587} Key Found : HKLM\SOFTWARE\Classes\Interface\{EFA1BDB2-BB3D-3D9A-8EB5-D0D22E0F64F4} Key Found : HKLM\SOFTWARE\Classes\Interface\{F4CBF4DD-F8FE-35BA-BB7E-68304DAAB70B} Key Found : HKLM\SOFTWARE\Classes\Interface\{FC32005D-E27C-32E0-ADFA-152F598B75E7} Key Found : HKLM\SOFTWARE\Software Key Found : HKU\S-1-5-21-1245820443-1263946897-2661463687-1000\Software\Microsoft\Internet Explorer\SearchScopes\{AFDBDDAA-5D3F-42EE-B79C-185A7020515B} Value Found : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{977AE9CC-AF83-45E8-9E03-E2798216E2D5}] ***** [internet Browsers] ***** -\\ Internet Explorer v9.0.8112.16464 [OK] Registry is clean. -\\ Google Chrome v24.0.1312.57 File : C:\Users\Tom\AppData\Local\Google\Chrome\User Data\Default\Preferences [OK] File is clean. ************************* AdwCleaner[R1].txt - [13361 octets] - [26/02/2013 11:18:43] ########## EOF - C:\AdwCleaner[R1].txt - [13422 octets] ##########

Thank goodness it was driving me bonkers

Sorry Mr C, I'm really trying my best, I've now found out why I was unable to use this program previously, Hoping the JPGs are now in this post. http://imageshack.us/a/img189/3064/image2ti.jpg http://imageshack.us/a/img41/31/image1nx.jpg Tom

Sorry Imageshack wouldn't work for me. this link should work OK https://www.yousendit.com/download/UW15RGwwdVVENlRtcXRVag

will attempt again Just get the following message malware 1jpg.Spp You aren't permitted to upload this kind of file