Jump to content

beeonline

Honorary Members
  • Posts

    63
  • Joined

  • Last visited

Reputation

0 Neutral

About beeonline

  • Birthday 07/21/1945

Profile Information

  • Location
    Australia
  1. Hi MrC we seem to be in business thanks so much for your help regards Greg
  2. Results of screen317's Security Check version 0.99.71 Windows XP Service Pack 3 x86 Internet Explorer 8 ``````````````Antivirus/Firewall Check:`````````````` Windows Firewall Enabled! Please wait while WMIC compiles updated MOF files.d i s p l a y N a m e ECHO is off. F P R O T ECHO is off. A n t i v i r u s ECHO is off. f o r ECHO is off. W i n d o w s ECHO is off. Antivirus up to date! `````````Anti-malware/Other Utilities Check:````````` Out of date HijackThis installed! SUPERAntiSpyware Malwarebytes Anti-Malware version 1.75.0.1300 HijackThis 1.99.1 Registry Cleaner 1.0 Java 7 Update 25 Mozilla Firefox (22.0) Google Chrome 28.0.1500.72 Google Chrome 28.0.1500.95 ````````Process Check: objlist.exe by Laurent```````` Malwarebytes Anti-Malware mbamservice.exe Malwarebytes Anti-Malware mbamgui.exe FRISK Software F-PROT Antivirus for Windows FPAVServer.exe FRISK Software F-PROT Antivirus for Windows FProtTray.exe Malwarebytes' Anti-Malware mbamscheduler.exe `````````````````System Health check````````````````` Total Fragmentation on Drive C:: 1% ````````````````````End of Log``````````````````````
  3. Hi MrC Created new user Set up to do what I want Deleted problem user Problems gone I think probably should have bitten the bullet earlier It was not such a huge task to create the user set up I needed anyway (and did some houskeeping) Do you want me to do anything /post anything else at this stage? Off to bed at 2:16 AM I'm sure I'm getting more wrinkles
  4. Hi MrC I am just about to head for bed.... after midnight here. Let me examine the new user strategy tomorrow. Might be an incentive to clean up some stuff piled up over the years I'll report back tomorrow. Thanks for your help & patience
  5. I thought we had it for a moment........ about 2 seconds reverted back This is only happening with 1 user log on If I log on as either of the other 2 users I had edit (& keep) any keys at will with regedit Unfortunatly, it is under this user that I have set up all most most useful aplications We may get the the point where I have to configure another user as I want & then delete the problem use BTW at one point I changed this users name, but a lot of the folder names have retained the old user name. Could this be a factor?
  6. It appears to change when modifying but then reverts straight back previous conduit.com etc
  7. ran in normal mode Both keys remain unchanged when viewed with regedit
  8. Hi there, what a prick of a day. This is what I have found. I have 3 different users set up on this machine. Only user 1(me, the important user, with most application installed) is having this problem. The other two are without fault. User1 in safe mode, if the offending registry key is edited either by running script or manual editing the change sticks until rebooting into normal mode. That is safe mode & safe mode with network enabled. As soon as returning to normal mode, conduit.com returns If regedit changes are made, the changes appear to have been made but when regedit is exited it reverts back to conduit.com I also discovered that if a correction is made by editing, and then an attempt to edit the correction, the text box is already filled with the conduit.com even before exiting regedit As I appear to have full access permissions set for me as user (administrator) (And owner) I scratch my head. I use regedit with caution but I am no expert. I did read some advice re using regedit as SYSTEM but I was unable to implement it. Perhaps you may know I'll leave you to chew over what we have. At least we know WHEN the edits revert without knowing HOW or WHY Just one more thing ... when rebooting to normal mode after safe mode it now takes forever until fully loaded (10 mins +) I actually gave up a couple of times as I thought it has permanently hung before I persevered & let it run its course. It has slowed up in the past at times but never quite to this level
  9. I'm afraid it did not work. Strangely, after I ran fixer.reg regedit shows the 2 edits from fixer.reg have not been applied to the registry both still show conduit.com in the entries Was I supposed to reboot?
  10. SystemLook 30.07.11 by jpshortstuff Log created at 07:07 on 07/08/2013 by Kym Administrator - Elevation successful ========== filefind ========== Searching for "conduit" No files found. ========== folderfind ========== Searching for "conduit" No folders found. ========== regfind ========== Searching for "conduit" [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main] "Start Page"="http://search.conduit.com/?ctid=CT3289847&octid=CT3289847&SearchSource=61&CUI=UN28696842045347130&UM=2&UP=SP161F8168-4ADC-47B3-885D-D31729A68A44" [HKEY_USERS\S-1-5-21-299502267-261903793-725345543-1004\Software\Microsoft\Internet Explorer\Main] "Start Page"="http://search.conduit.com/?ctid=CT3289847&octid=CT3289847&SearchSource=61&CUI=UN28696842045347130&UM=2&UP=SP161F8168-4ADC-47B3-885D-D31729A68A44" -= EOF =-
  11. close but no cigar. It was gone I rebooted It was still gone. I ran MBam quick scan nothing detected then tried IE again conduit.com back again
  12. HKU\S-1-5-21-299502267-261903793-725345543-1004\SOFTWARE\Microsoft\Internet Explorer\Main\\Start Page| /E : value set successfully! Registry key HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Internet Explorer\Restrictions\ deleted successfully.Registry key HKEY_USERS\.DEFAULT\Software\Policies\Microsoft\Internet Explorer\Control Panel\ not found.Registry key HKEY_USERS\S-1-5-18\Software\Policies\Microsoft\Internet Explorer\Control Panel\ not found.Registry key HKEY_USERS\S-1-5-19\Software\Policies\Microsoft\Internet Explorer\Control Panel\ not found.Registry key HKEY_USERS\S-1-5-20\Software\Policies\Microsoft\Internet Explorer\Control Panel\ not found.Registry key HKEY_USERS\S-1-5-21-299502267-261903793-725345543-1004\Software\Policies\Microsoft\Internet Explorer\Control Panel\ deleted successfully. OTL by OldTimer - Version 3.2.69.0 log created on 08052013_094314
  13. OTL logfile created on: 5/08/2013 7:00:11 AM - Run 1 OTL by OldTimer - Version 3.2.69.0 Folder = C:\Documents and Settings\Kym.WISE\Desktop Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation Internet Explorer (Version = 8.0.6001.18702) Locale: 00000C09 | Country: Australia | Language: ENA | Date Format: d/MM/yyyy 3.00 Gb Total Physical Memory | 2.23 Gb Available Physical Memory | 74.48% Memory free 6.82 Gb Paging File | 6.28 Gb Available in Paging File | 91.99% Paging File free Paging file location(s): D:\pagefile.sys 4096 4096 [binary data] %SystemDrive% = C: | %SystemRoot% = C:\windows | %ProgramFiles% = C:\Program Files Drive C: | 74.52 Gb Total Space | 31.70 Gb Free Space | 42.54% Space Free | Partition Type: NTFS Drive D: | 159.24 Gb Total Space | 122.43 Gb Free Space | 76.88% Space Free | Partition Type: NTFS Drive E: | 861.89 Mb Total Space | 0.00 Mb Free Space | 0.00% Space Free | Partition Type: CDFS Drive J: | 74.52 Gb Total Space | 56.88 Gb Free Space | 76.33% Space Free | Partition Type: NTFS Drive K: | 74.52 Gb Total Space | 56.88 Gb Free Space | 76.33% Space Free | Partition Type: NTFS Drive L: | 74.52 Gb Total Space | 56.88 Gb Free Space | 76.33% Space Free | Partition Type: NTFS Drive X: | 232.88 Gb Total Space | 186.30 Gb Free Space | 80.00% Space Free | Partition Type: NTFS Drive Z: | 232.88 Gb Total Space | 186.30 Gb Free Space | 80.00% Space Free | Partition Type: NTFS Computer Name: WISE | User Name: Kym | Logged in as Administrator. Boot Mode: Normal | Scan Mode: All users | Quick Scan Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days ========== Processes (SafeList) ========== PRC - [2013/08/05 06:55:12 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Kym.WISE\Desktop\OTL.exe PRC - [2013/07/31 17:56:22 | 000,182,184 | ---- | M] (Oracle Corporation) -- C:\Program Files\Java\jre7\bin\jqs.exe PRC - [2013/02/28 12:35:44 | 000,356,752 | ---- | M] (Plantronics, Inc.) -- C:\Program Files\Plantronics\PlantronicsURE\PlantronicsBatteryStatus.exe PRC - [2013/02/28 12:24:06 | 000,625,040 | ---- | M] (Plantronics, Inc.) -- C:\Program Files\Plantronics\PlantronicsURE\PlantronicsURE.exe PRC - [2013/02/21 12:44:22 | 002,238,704 | ---- | M] (Logitech, Inc.) -- C:\Program Files\Logitech\SetPointP\SetPoint.exe PRC - [2013/02/09 04:32:00 | 000,150,768 | ---- | M] (Logitech, Inc.) -- C:\Program Files\Common Files\Logishrd\KHAL3\KHALMNPR.exe PRC - [2012/09/08 09:37:25 | 000,116,608 | ---- | M] (SUPERAntiSpyware.com) -- C:\Program Files\SUPERAntiSpyware\SASCORE.EXE PRC - [2011/10/06 12:24:52 | 000,084,136 | ---- | M] (FRISK Software International) -- C:\Program Files\FRISK Software\F-PROT Antivirus for Windows\FPAVServer.exe PRC - [2010/11/03 16:40:36 | 001,674,016 | ---- | M] (FRISK Software International) -- C:\Program Files\FRISK Software\F-PROT Antivirus for Windows\FProtTray.exe PRC - [2008/04/23 02:08:13 | 000,483,328 | ---- | M] (Adobe Systems Inc.) -- C:\Program Files\Adobe\Adobe Acrobat 7.0\Distillr\acrotray.exe PRC - [2008/04/14 10:12:19 | 001,033,728 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe PRC - [2006/04/10 17:54:14 | 000,241,664 | ---- | M] (ASUSTeK COMPUTER INC.) -- C:\WINDOWS\ATKKBService.exe PRC - [2006/01/02 17:41:22 | 000,045,056 | ---- | M] (ATI Technologies Inc.) -- C:\Program Files\ATI Technologies\ATI.ACE\CLI.exe ========== Modules (No Company Name) ========== MOD - [2013/07/11 07:26:54 | 000,136,704 | ---- | M] () -- C:\windows\assembly\NativeImages_v2.0.50727_32\Plantronics.Config.#\bc76fdecd71bd53a7d94fab68199330b\Plantronics.Config.XmlSerializers.ni.dll MOD - [2013/07/11 07:25:54 | 000,346,624 | ---- | M] () -- C:\windows\assembly\NativeImages_v2.0.50727_32\PlantronicsURE\565a1c3d3f793f10e6d03dc27d77d728\PlantronicsURE.ni.exe MOD - [2013/07/11 06:56:55 | 000,134,144 | ---- | M] () -- C:\windows\assembly\NativeImages_v2.0.50727_32\PlantronicsBatteryS#\1b54014d333cfdb43330d62fb5530881\PlantronicsBatteryStatus.ni.exe MOD - [2013/07/11 06:56:40 | 000,039,424 | ---- | M] () -- C:\windows\assembly\NativeImages_v2.0.50727_32\Plantronics.UC.Wind#\7d5ca56304bca16e3c2c41a8410ec192\Plantronics.UC.WindowsMediaPlayer.ni.dll MOD - [2013/07/11 06:56:15 | 000,055,296 | ---- | M] () -- C:\windows\assembly\NativeImages_v2.0.50727_32\Plantronics.UC.Webe#\4e002888068202614ddb2e633dca7552\Plantronics.UC.WebexConnect.ni.dll MOD - [2013/07/11 06:54:48 | 000,135,168 | ---- | M] () -- C:\windows\assembly\NativeImages_v2.0.50727_32\Plantronics.UC.Skype\26596df5e99356b9651aeb53d2b7ac57\Plantronics.UC.Skype.ni.dll MOD - [2013/07/11 06:53:52 | 000,019,456 | ---- | M] () -- C:\windows\assembly\NativeImages_v2.0.50727_32\Plantronics.UC.Shor#\6b0a69b9dbb32831198d570d84b6ff5e\Plantronics.UC.ShoreTel.ni.dll MOD - [2013/07/11 06:52:53 | 000,112,128 | ---- | M] () -- C:\windows\assembly\NativeImages_v2.0.50727_32\Plantronics.UC.Sess#\9afa66fd70aefa6bf8d1f0ae42b155fc\Plantronics.UC.SessionService.ni.dll MOD - [2013/07/11 06:52:04 | 000,030,720 | ---- | M] () -- C:\windows\assembly\NativeImages_v2.0.50727_32\Plantronics.UC.Rest#\acc3e55860a678f2af9a0bb835339d5d\Plantronics.UC.Rest.JsonpExtension.ni.dll MOD - [2013/07/11 06:48:19 | 001,706,496 | ---- | M] () -- C:\windows\assembly\NativeImages_v2.0.50727_32\System.ServiceModel#\adb072a3cfd246b2bb19dfde16e217ca\System.ServiceModel.Web.ni.dll MOD - [2013/07/11 06:47:57 | 000,304,128 | ---- | M] () -- C:\windows\assembly\NativeImages_v2.0.50727_32\Plantronics.UC.Rest\8ec983407dc92a35e923ca89ef4128c3\Plantronics.UC.Rest.ni.dll MOD - [2013/07/11 06:46:47 | 000,168,448 | ---- | M] () -- C:\windows\assembly\NativeImages_v2.0.50727_32\Plantronics.UC.Offi#\541ccf8066839f939f75b8dfce71ddec\Plantronics.UC.OfficeCommunicator.ni.dll MOD - [2013/07/11 06:45:36 | 000,102,400 | ---- | M] () -- C:\windows\assembly\NativeImages_v2.0.50727_32\Interop.SP30SDKLib\6fd279d0fa38e531331ee97e410c4e04\Interop.SP30SDKLib.ni.dll MOD - [2013/07/11 06:45:30 | 000,065,024 | ---- | M] () -- C:\windows\assembly\NativeImages_v2.0.50727_32\Plantronics.UC.NEC\e8199c4e848900d082999101c896dd5a\Plantronics.UC.NEC.ni.dll MOD - [2013/07/11 06:44:39 | 000,040,960 | ---- | M] () -- C:\windows\assembly\NativeImages_v2.0.50727_32\Plantronics.UC.iTun#\8c15b0607b1054ad05dd46e82d4a0ab6\Plantronics.UC.iTunes.ni.dll MOD - [2013/07/11 06:42:13 | 001,071,616 | ---- | M] () -- C:\windows\assembly\NativeImages_v2.0.50727_32\System.IdentityModel\92ea32b01042b7d6d9eed6b2d66e38a3\System.IdentityModel.ni.dll MOD - [2013/07/11 06:41:46 | 002,345,472 | ---- | M] () -- C:\windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Seri#\afbff0c4df2ddd1e111f9e594279cb19\System.Runtime.Serialization.ni.dll MOD - [2013/07/11 06:41:31 | 000,256,000 | ---- | M] () -- C:\windows\assembly\NativeImages_v2.0.50727_32\SMDiagnostics\6e9496df269e15c52c446881e0648e0e\SMDiagnostics.ni.dll MOD - [2013/07/11 06:41:17 | 017,403,392 | ---- | M] () -- C:\windows\assembly\NativeImages_v2.0.50727_32\System.ServiceModel\d577c536166d7cd2ef47ad0896a18393\System.ServiceModel.ni.dll MOD - [2013/07/11 06:40:16 | 000,735,744 | ---- | M] () -- C:\windows\assembly\NativeImages_v2.0.50727_32\Plantronics.UC.CSFC#\ac1a134eefe7f3e96236b4b98e316874\Plantronics.UC.CSFClient.ni.dll MOD - [2013/07/11 06:39:58 | 000,140,800 | ---- | M] () -- C:\windows\assembly\NativeImages_v2.0.50727_32\Plantronics.UC.CSF\d7a4824dfda1befaca560279cbe7473e\Plantronics.UC.CSF.ni.dll MOD - [2013/07/11 06:38:22 | 000,067,072 | ---- | M] () -- C:\windows\assembly\NativeImages_v2.0.50727_32\Plantronics.UC.Cisco\00af8c139ce0f948819956ecb87fc300\Plantronics.UC.Cisco.ni.dll MOD - [2013/07/11 06:37:29 | 000,015,872 | ---- | M] () -- C:\windows\assembly\NativeImages_v2.0.50727_32\Plantronics.UC.Avay#\17f3e7d7c7899585031df6d177650e27\Plantronics.UC.AvayaSoftphone.ni.dll MOD - [2013/07/11 06:36:29 | 000,069,120 | ---- | M] () -- C:\windows\assembly\NativeImages_v2.0.50727_32\Plantronics.UC.TAPI\43941d64a9def541eb0008de8cf0df7a\Plantronics.UC.TAPI.ni.dll MOD - [2013/07/11 06:36:20 | 000,015,872 | ---- | M] () -- C:\windows\assembly\NativeImages_v2.0.50727_32\Plantronics.UC.Avay#\41ffa1c4777c337646c81cedc132d1ec\Plantronics.UC.AvayaIPAgent.ni.dll MOD - [2013/07/11 06:35:25 | 000,388,608 | ---- | M] () -- C:\windows\assembly\NativeImages_v2.0.50727_32\Plantronics.UC.Comm#\b7734294d1d31627af288347e09a4926\Plantronics.UC.Common.ni.dll MOD - [2013/07/11 06:35:11 | 000,078,848 | ---- | M] () -- C:\windows\assembly\NativeImages_v2.0.50727_32\Plantronics.UC.Avaya\9b62b448d991156b384e0c8d1de30026\Plantronics.UC.Avaya.ni.dll MOD - [2013/07/11 06:34:22 | 000,112,128 | ---- | M] () -- C:\windows\assembly\NativeImages_v2.0.50727_32\Plantronics.License#\8b31eebf251ca3a98d1e30dc786b52ea\Plantronics.License.Manager.ni.dll MOD - [2013/07/11 06:32:14 | 000,056,832 | ---- | M] () -- C:\windows\assembly\NativeImages_v2.0.50727_32\Plantronics.License#\851290dd9cd65da78f531b737c12598c\Plantronics.License.Common.ni.dll MOD - [2013/07/11 06:32:10 | 000,076,800 | ---- | M] () -- C:\windows\assembly\NativeImages_v2.0.50727_32\Plantronics.FlexNet#\c6ad43a1747190f3f4db09a626166f8a\Plantronics.FlexNet.Adapter.ni.dll MOD - [2013/07/11 06:31:01 | 000,040,448 | ---- | M] () -- C:\windows\assembly\NativeImages_v2.0.50727_32\Plantronics.Device.#\67225346a565d4f8c1018a202b109fd8\Plantronics.Device.Poseidon.ni.dll MOD - [2013/07/11 06:30:52 | 000,494,592 | ---- | M] () -- C:\windows\assembly\NativeImages_v2.0.50727_32\Plantronics.Globali#\d6c9985f70f7da013074836e5add6a9d\Plantronics.Globalization.ni.dll MOD - [2013/07/11 06:29:44 | 001,136,128 | ---- | M] () -- C:\windows\assembly\NativeImages_v2.0.50727_32\NAudio\0f4738166bc7f41f1779f1c599433515\NAudio.ni.dll MOD - [2013/07/11 06:29:29 | 000,084,992 | ---- | M] () -- C:\windows\assembly\NativeImages_v2.0.50727_32\Plantronics.UC.Util#\ed212a52807b2272b8dc5d903742fd22\Plantronics.UC.Utility.ni.dll MOD - [2013/07/11 06:29:02 | 000,117,248 | ---- | M] () -- C:\windows\assembly\NativeImages_v2.0.50727_32\Plantronics.Device.#\96b9c2d7ef244e497b8f2e70e2402d7c\Plantronics.Device.Hid.ni.dll MOD - [2013/07/11 06:28:36 | 000,615,424 | ---- | M] () -- C:\windows\assembly\NativeImages_v2.0.50727_32\Plantronics.Device.#\9097f755377c21da5ad55bb2082b88d5\Plantronics.Device.Common.ni.dll MOD - [2013/07/11 06:25:51 | 003,391,488 | ---- | M] () -- c:\windows\assembly\nativeimages1_v1.1.4322\mscorlib\1.0.5000.0__b77a5c561934e089_10198488\mscorlib.dll MOD - [2013/07/11 06:25:42 | 000,843,776 | ---- | M] () -- c:\windows\assembly\nativeimages1_v1.1.4322\system.drawing\1.0.5000.0__b03f5f7f11d50a3a_99af64b0\system.drawing.dll MOD - [2013/07/11 06:25:11 | 002,088,960 | ---- | M] () -- c:\windows\assembly\nativeimages1_v1.1.4322\system.xml\1.0.5000.0__b77a5c561934e089_46bb8287\system.xml.dll MOD - [2013/07/11 06:24:53 | 003,035,136 | ---- | M] () -- c:\windows\assembly\nativeimages1_v1.1.4322\system.windows.forms\1.0.5000.0__b77a5c561934e089_ba2defc2\system.windows.forms.dll MOD - [2013/07/11 06:24:30 | 000,059,392 | ---- | M] () -- C:\windows\assembly\NativeImages_v2.0.50727_32\Plantronics.Config\20cf7fb1cdbdb32730f5467c3270a55b\Plantronics.Config.ni.dll MOD - [2013/07/11 06:24:10 | 001,966,080 | ---- | M] () -- c:\windows\assembly\nativeimages1_v1.1.4322\system\1.0.5000.0__b77a5c561934e089_b5be9695\system.dll MOD - [2013/07/11 06:23:23 | 001,232,896 | ---- | M] () -- c:\windows\assembly\gac\system\1.0.5000.0__b77a5c561934e089\system.dll MOD - [2013/07/11 06:23:20 | 001,269,760 | ---- | M] () -- c:\windows\assembly\gac\system.web\1.0.5000.0__b03f5f7f11d50a3a\system.web.dll MOD - [2013/07/11 06:23:16 | 000,471,040 | ---- | M] () -- c:\windows\assembly\gac\system.drawing\1.0.5000.0__b03f5f7f11d50a3a\system.drawing.dll MOD - [2013/07/11 06:23:10 | 002,064,384 | ---- | M] () -- c:\windows\assembly\gac\system.windows.forms\1.0.5000.0__b77a5c561934e089\system.windows.forms.dll MOD - [2013/07/11 06:22:58 | 001,840,640 | ---- | M] () -- C:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.Services\8e597a2c933e04c3deb4a906083ff5c0\System.Web.Services.ni.dll MOD - [2013/07/11 06:22:46 | 011,816,960 | ---- | M] () -- C:\windows\assembly\NativeImages_v2.0.50727_32\System.Web\616fa195ca93638850a119a54171dac1\System.Web.ni.dll MOD - [2013/07/11 06:21:20 | 000,696,320 | ---- | M] () -- C:\windows\assembly\NativeImages_v2.0.50727_32\log4net\f6c777b12995335ca6d67b659fb0fde5\log4net.ni.dll MOD - [2013/07/11 06:20:57 | 000,501,760 | ---- | M] () -- C:\windows\assembly\NativeImages_v2.0.50727_32\Plantronics.Utility\8002e602117a46f6813230a705d633db\Plantronics.Utility.ni.dll MOD - [2013/07/11 06:17:56 | 000,214,016 | ---- | M] () -- C:\windows\assembly\NativeImages_v2.0.50727_32\Interop.FNCClient11#\7987c23a11f4738560f9211df0f109c3\Interop.FNCClient11Lib.ni.dll MOD - [2013/07/11 06:17:40 | 000,144,896 | ---- | M] () -- C:\windows\assembly\NativeImages_v2.0.50727_32\Interop.Communicato#\9f3990138cdc60f1ea4d3f39edaff4e8\Interop.CommunicatorAPI.ni.dll MOD - [2013/07/11 06:17:31 | 000,056,320 | ---- | M] () -- C:\windows\assembly\NativeImages_v2.0.50727_32\Interop.CiscoInterf#\ec2bee665ccef5e1f3c18da28f2a2e1d\Interop.CiscoInterface.ni.dll MOD - [2013/07/11 06:14:31 | 000,978,944 | ---- | M] () -- C:\windows\assembly\NativeImages_v2.0.50727_32\System.Configuration\79533103112291e81204ca24aed19890\System.Configuration.ni.dll MOD - [2013/07/11 06:14:21 | 000,440,832 | ---- | M] () -- C:\windows\assembly\NativeImages_v2.0.50727_32\Atapi\b73102a403a4f399b1d7d7be014ca9f1\Atapi.ni.dll MOD - [2013/07/11 06:09:57 | 005,462,016 | ---- | M] () -- C:\windows\assembly\NativeImages_v2.0.50727_32\System.Xml\a1d221960bf7a0cbfd1f355595f77e83\System.Xml.ni.dll MOD - [2013/07/11 06:09:33 | 012,434,432 | ---- | M] () -- C:\windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\efecb20c44117df86f2eb5f93592fdd8\System.Windows.Forms.ni.dll MOD - [2013/07/11 06:07:46 | 001,593,344 | ---- | M] () -- C:\windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\82a53e923936d5f62d9af4cdfe50a4f8\System.Drawing.ni.dll MOD - [2013/07/11 06:04:49 | 002,295,808 | ---- | M] () -- C:\windows\assembly\NativeImages_v2.0.50727_32\System.Core\4bcddb1b8314edc004a69a5fd85b1146\System.Core.ni.dll MOD - [2013/07/11 05:49:38 | 007,977,984 | ---- | M] () -- C:\windows\assembly\NativeImages_v2.0.50727_32\System\16562c54978851e92db8fec6f759bba1\System.ni.dll MOD - [2013/07/11 05:48:48 | 011,497,984 | ---- | M] () -- C:\windows\assembly\NativeImages_v2.0.50727_32\mscorlib\b14359470744c840c59fbe4e58034fd6\mscorlib.ni.dll MOD - [2011/05/07 19:31:44 | 000,507,904 | ---- | M] () -- C:\windows\assembly\GAC_MSIL\System.WorkflowServices\3.5.0.0__31bf3856ad364e35\System.WorkflowServices.dll MOD - [2009/04/05 18:07:33 | 000,372,736 | ---- | M] () -- c:\windows\assembly\gac\system.management\1.0.5000.0__b03f5f7f11d50a3a\system.management.dll MOD - [2009/04/05 18:07:32 | 001,339,392 | ---- | M] () -- c:\windows\assembly\gac\system.xml\1.0.5000.0__b77a5c561934e089\system.xml.dll MOD - [2009/04/05 18:07:31 | 000,323,584 | ---- | M] () -- c:\windows\assembly\gac\system.runtime.remoting\1.0.5000.0__b77a5c561934e089\system.runtime.remoting.dll MOD - [2007/12/06 09:41:02 | 000,080,815 | ---- | M] () -- C:\WINDOWS\system32\evolismonusb.dll MOD - [2007/11/06 14:26:00 | 000,011,264 | ---- | M] () -- C:\WINDOWS\system32\KOBZQJBL.dll MOD - [2005/06/01 12:23:46 | 000,081,920 | ---- | M] () -- C:\WINDOWS\system32\pdfxp.dll ========== Services (SafeList) ========== SRV - File not found [On_Demand | Stopped] -- C:\WINDOWS\system32\wbem\wmiapsrv.exe -- (WmiApSrv) SRV - [2013/07/31 17:56:22 | 000,182,184 | ---- | M] (Oracle Corporation) [Auto | Running] -- C:\Program Files\Java\jre7\bin\jqs.exe -- (JavaQuickStarterService) SRV - [2013/06/19 00:21:21 | 000,117,144 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance) SRV - [2013/04/04 14:50:32 | 000,701,512 | ---- | M] (Malwarebytes Corporation) [Auto | Stopped] -- C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe -- (MBAMService) SRV - [2013/04/04 14:50:32 | 000,418,376 | ---- | M] (Malwarebytes Corporation) [Auto | Stopped] -- C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe -- (MBAMScheduler) SRV - [2013/02/09 04:29:56 | 000,295,664 | ---- | M] (Logitech, Inc.) [On_Demand | Stopped] -- C:\Program Files\Common Files\Logishrd\Bluetooth\LBTServ.exe -- (LBTServ) SRV - [2012/11/22 10:29:16 | 003,290,304 | ---- | M] (Skype Technologies S.A.) [Auto | Stopped] -- C:\Documents and Settings\All Users.WINDOWS\Application Data\Skype\Toolbars\Skype C2C Service\c2c_service.exe -- (Skype C2C Service) SRV - [2012/11/09 11:21:24 | 000,160,944 | R--- | M] (Skype Technologies) [Auto | Stopped] -- C:\Program Files\Skype\Updater\Updater.exe -- (SkypeUpdate) SRV - [2012/09/08 09:37:25 | 000,116,608 | ---- | M] (SUPERAntiSpyware.com) [Auto | Running] -- C:\Program Files\SUPERAntiSpyware\SASCORE.EXE -- (!SASCORE) SRV - [2011/10/06 12:24:52 | 000,084,136 | ---- | M] (FRISK Software International) [Auto | Running] -- C:\Program Files\FRISK Software\F-PROT Antivirus for Windows\FPAVServer.exe -- (FPAVServer) SRV - [2010/03/04 23:38:00 | 000,071,096 | ---- | M] () [On_Demand | Stopped] -- C:\Program Files\CDBurnerXP\NMSAccessU.exe -- (NMSAccess) SRV - [2006/04/10 17:54:14 | 000,241,664 | ---- | M] (ASUSTeK COMPUTER INC.) [Auto | Running] -- C:\WINDOWS\ATKKBService.exe -- (ATKKeyboardService) SRV - [2005/03/14 12:05:02 | 000,069,632 | ---- | M] (HP) [Disabled | Stopped] -- C:\WINDOWS\system32\HPZipm12.exe -- (Pml Driver HPZ12) ========== Driver Services (SafeList) ========== DRV - File not found [Kernel | On_Demand | Stopped] -- -- (WDICA) DRV - File not found [Kernel | Auto | Stopped] -- D:\Downloads\emulate floppy\vfd.sys -- (VirtualFD) DRV - File not found [Kernel | On_Demand | Stopped] -- system32\drivers\sthda.sys -- (STHDA) DRV - File not found [Kernel | On_Demand | Stopped] -- C:\Program Files\Internet Explorer\SABProcEnum.sys -- (SABProcEnum) DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDRFRAME) DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDRELI) DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDFRAME) DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDCOMP) DRV - File not found [Kernel | System | Stopped] -- -- (PCIDump) DRV - File not found [Kernel | On_Demand | Unknown] -- C:\ComboFix\mbr.sys -- (mbr) DRV - File not found [Kernel | System | Stopped] -- -- (lbrtfdc) DRV - File not found [Kernel | System | Stopped] -- -- (i2omgmt) DRV - File not found [Kernel | System | Stopped] -- -- (Changer) DRV - File not found [Kernel | On_Demand | Running] -- C:\Temp\catchme.sys -- (catchme) DRV - [2013/04/04 14:50:32 | 000,022,856 | ---- | M] (Malwarebytes Corporation) [File_System | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\mbam.sys -- (MBAMProtector) DRV - [2013/01/03 18:18:04 | 000,040,200 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\LMouFilt.Sys -- (LMouFilt) DRV - [2013/01/03 18:18:00 | 000,044,680 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\LHidFilt.Sys -- (LHidFilt) DRV - [2013/01/03 18:18:00 | 000,044,296 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\LEqdUsb.sys -- (LEqdUsb) DRV - [2013/01/03 18:18:00 | 000,012,808 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\LHidEqd.sys -- (LHidEqd) DRV - [2013/01/03 18:18:00 | 000,012,808 | ---- | M] (Logitech, Inc.) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\LBeepKE.sys -- (LBeepKE) DRV - [2012/06/03 10:44:46 | 000,005,504 | ---- | M] () [File_System | Auto | Running] -- C:\windows\System32\drivers\StarOpen.sys -- (StarOpen) DRV - [2011/11/11 10:24:26 | 000,704,800 | ---- | M] (FRISK Software International) [File_System | Boot | Running] -- C:\WINDOWS\system32\drivers\FStopW.sys -- (FPAV_RTP) DRV - [2011/08/04 16:48:55 | 000,067,664 | ---- | M] (SUPERAdBlocker.com and SUPERAntiSpyware.com) [Kernel | System | Running] -- C:\Program Files\SUPERAntiSpyware\SASKUTIL.SYS -- (SASKUTIL) DRV - [2011/08/04 16:48:55 | 000,012,880 | ---- | M] (SUPERAdBlocker.com and SUPERAntiSpyware.com) [Kernel | System | Running] -- C:\Program Files\SUPERAntiSpyware\SASDIFSV.SYS -- (SASDIFSV) DRV - [2011/04/29 16:09:14 | 000,035,456 | ---- | M] (Gili Soft Inc.) [File_System | Boot | Running] -- C:\WINDOWS\system32\drivers\FileLock.sys -- (FileLock) DRV - [2009/04/06 14:41:15 | 000,047,616 | ---- | M] (Aladdin Knowledge Systems) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\Haspnt.sys -- (Haspnt) DRV - [2009/04/06 13:59:29 | 000,015,360 | ---- | M] (MARX Software Security ) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\CBN.SYS -- (CBN) DRV - [2008/12/24 05:40:12 | 000,080,256 | ---- | M] (Windows ® 2000 DDK provider) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\NmPar.sys -- (NmPar) DRV - [2008/04/14 04:36:41 | 000,063,744 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\mf.sys -- (mf) DRV - [2008/03/27 18:50:00 | 000,350,720 | ---- | M] (Aladdin Knowledge Systems Ltd.) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\aksfridge.sys -- (aksfridge) DRV - [2008/03/15 15:52:33 | 000,199,168 | ---- | M] () [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\hl_mull.sys -- (hl_mull) DRV - [2007/08/18 00:00:00 | 000,004,818 | ---- | M] (www.winchiphead.com) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\UFBFilte.sys -- (UFBFilte) DRV - [2006/06/14 15:56:00 | 000,012,288 | R--- | M] (ASUSTeK Computer Inc.) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\EIO.sys -- (EIO) DRV - [2006/06/07 19:08:56 | 001,580,544 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ati2mtag.sys -- (ati2mtag) DRV - [2005/10/18 15:01:38 | 000,011,008 | ---- | M] (ASUSTeK COMPUTER INC.) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\atkkbnt.sys -- (asuskbnt) DRV - [2005/09/27 08:46:48 | 000,041,728 | ---- | M] (Sonic Focus, Inc) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\sfng32.sys -- (sfng32) DRV - [2005/07/28 08:18:40 | 000,685,056 | ---- | M] (Aladdin Knowledge Systems Ltd.) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\hardlock.sys -- (Hardlock) DRV - [2005/07/20 18:08:28 | 000,100,096 | ---- | M] (Aladdin Knowledge Systems Ltd.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\aksusb.sys -- (aksusb) DRV - [2005/07/20 18:08:26 | 000,327,808 | ---- | M] (Aladdin Knowledge Systems Ltd.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\akshasp.sys -- (akshasp) DRV - [2004/10/04 16:57:16 | 000,379,488 | ---- | M] (NETGEAR, Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\wg111nd5.sys -- (wg111nd5) DRV - [2004/10/04 16:57:14 | 000,016,292 | ---- | M] (Printing Communications Assoc., Inc. (PCAUSA)) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\PCANDIS5.SYS -- (PCANDIS5) DRV - [2004/10/04 16:57:12 | 000,015,781 | ---- | M] (Meetinghouse Data Communications) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\mdc8021x.sys -- (MDC8021X) DRV - [2002/05/01 13:40:00 | 000,049,540 | ---- | M] (Warp Nine Engineering) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\par1284.sys -- (PAR1284) DRV - [2002/01/15 13:31:18 | 000,002,905 | R--- | M] () [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\accessio.sys -- (accessio) DRV - [2000/08/18 13:57:52 | 000,017,524 | ---- | M] ( ) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\gt680x.sys -- (GT680x) DRV - [1999/08/12 07:22:46 | 000,011,296 | ---- | M] () [Kernel | Auto | Running] -- C:\windows\System32\drivers\Marxdev2.sys -- (MarxDev2) DRV - [1999/08/12 07:22:46 | 000,011,296 | ---- | M] () [Kernel | Auto | Running] -- C:\windows\System32\drivers\Marxdev1.sys -- (MarxDev1) DRV - [1999/08/12 07:22:44 | 000,011,296 | ---- | M] () [Kernel | Auto | Running] -- C:\windows\System32\drivers\Marxdev3.sys -- (MarxDev3) ========== Standard Registry (SafeList) ========== ========== Internet Explorer ========== IE - HKLM\..\SearchScopes,DefaultScope = IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-19\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com IE - HKU\S-1-5-19\..\SearchScopes,DefaultScope = IE - HKU\S-1-5-20\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com IE - HKU\S-1-5-20\..\SearchScopes,DefaultScope = IE - HKU\S-1-5-21-299502267-261903793-725345543-1004\SOFTWARE\Microsoft\Internet Explorer\Main,SearchMigratedDefaultName = Google IE - HKU\S-1-5-21-299502267-261903793-725345543-1004\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://search.conduit.com/?ctid=CT3289847&octid=CT3289847&SearchSource=61&CUI=UN28696842045347130&UM=2&UP=SP161F8168-4ADC-47B3-885D-D31729A68A44 IE - HKU\S-1-5-21-299502267-261903793-725345543-1004\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A} IE - HKU\S-1-5-21-299502267-261903793-725345543-1004\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC IE - HKU\S-1-5-21-299502267-261903793-725345543-1004\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC IE - HKU\S-1-5-21-299502267-261903793-725345543-1004\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 ========== FireFox ========== FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:22.0 FF - user.js - File not found FF - HKLM\Software\MozillaPlugins\@abr.gov.au/KeyMgmtPlugin: C:\Program Files\ABR\Plug-In\bin\npAUSkeyPlugin.dll (Commonwealth Government of Australia) FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll (Google) FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.25.2: C:\windows\system32\npDeployJava1.dll (Oracle Corporation) FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.25.2: C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation) FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.21.153\npGoogleUpdate3.dll (Google Inc.) FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.21.153\npGoogleUpdate3.dll (Google Inc.) FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.0.7: C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN) FF - HKCU\Software\MozillaPlugins\@talk.google.com/GoogleTalkPlugin: C:\Documents and Settings\Kym.WISE\Application Data\Mozilla\plugins\npgoogletalk.dll (Google) FF - HKCU\Software\MozillaPlugins\@talk.google.com/O3DPlugin: C:\Documents and Settings\Kym.WISE\Application Data\Mozilla\plugins\npgtpo3dautoplugin.dll () FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Documents and Settings\Kym.WISE\Local Settings\Application Data\Google\Update\1.3.21.153\npGoogleUpdate3.dll (Google Inc.) FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Documents and Settings\Kym.WISE\Local Settings\Application Data\Google\Update\1.3.21.153\npGoogleUpdate3.dll (Google Inc.) FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{0107F529-99EB-44FA-9D0E-15E0B8DEDD8A}: C:\Documents and Settings\Kym.WISE\Local Settings\Application Data\{0107F529-99EB-44FA-9D0E-15E0B8DEDD8A} [2009/12/23 15:58:28 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 22.0\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2013/08/01 09:22:15 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 22.0\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2013/08/01 09:22:15 | 000,000,000 | ---D | M] [2013/08/01 09:32:31 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Kym.WISE\Application Data\Mozilla\Extensions [2011/07/06 20:46:13 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Kym.WISE\Application Data\Mozilla\Firefox\Profiles\82cm421k.default\extensions [2011/07/06 20:46:12 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Documents and Settings\Kym.WISE\Application Data\Mozilla\Firefox\Profiles\82cm421k.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}(2) [2013/08/01 09:22:15 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions [2006/09/29 13:24:10 | 000,000,000 | ---D | M] (Google Toolbar for Firefox) -- C:\Program Files\Mozilla Firefox\extensions\{3112ca9c-de6d-4884-a869-9855de68056c} [2006/09/29 13:24:03 | 000,000,000 | ---D | M] (Mozilla Firefox distributed by RealNetworks) -- C:\Program Files\Mozilla Firefox\extensions\realplayer@partners.mozilla.com [2013/08/01 09:22:21 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\browser\extensions [2013/08/01 09:22:21 | 000,000,000 | ---D | M] (Default) -- C:\Program Files\Mozilla Firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd} [2006/09/29 13:24:00 | 000,060,526 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\jar50.dll [2006/09/29 13:24:00 | 000,049,256 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\jsd3250.dll [2006/09/29 13:24:00 | 000,166,000 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\xpinstal.dll [2006/09/29 13:24:02 | 000,000,680 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\amazondotcom.png [2006/09/29 13:24:02 | 000,000,741 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\amazondotcom.src [2006/09/29 13:24:02 | 000,001,150 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\answers.png [2006/09/29 13:24:02 | 000,000,539 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\answers.src [2006/09/29 13:24:02 | 000,000,356 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\creativecommons.png [2006/09/29 13:24:02 | 000,001,007 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\creativecommons.src [2006/09/29 13:24:02 | 000,000,210 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\eBay.gif [2006/09/29 13:24:02 | 000,001,056 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\eBay.src [2006/09/29 13:24:02 | 000,001,076 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\google.gif [2006/09/29 13:24:02 | 000,000,718 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\google.src [2006/09/29 13:24:02 | 000,000,088 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\yahoo.gif [2006/09/29 13:24:02 | 000,001,122 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\yahoo.src ========== Chrome ========== CHR - default_search_provider: Google (Enabled) CHR - default_search_provider: search_url = {google:baseURL}search?q={searchTerms}&{google:RLZ}{google:originalQueryForSuggestion}{google:assistedQueryStats}{google:searchFieldtrialParameter}{google:searchClient}{google:sourceId}{google:instantExtendedEnabledParameter}ie={inputEncoding} CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client=chrome&q={searchTerms}&{google:cursorPosition}{google:zeroPrefixUrl}sugkey={google:suggestAPIKeyParameter}, CHR - homepage: http://mail.google.com/a/justboards.com.au CHR - plugin: Shockwave Flash (Enabled) = C:\Program Files\Google\Chrome\Application\28.0.1500.95\PepperFlash\pepflashplayer.dll CHR - plugin: Chrome Remote Desktop Viewer (Enabled) = internal-remoting-viewer CHR - plugin: Native Client (Enabled) = C:\Program Files\Google\Chrome\Application\28.0.1500.95\ppGoogleNaClPluginChrome.dll CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Program Files\Google\Chrome\Application\28.0.1500.95\pdf.dll CHR - plugin: Google Talk Plugin (Enabled) = C:\Documents and Settings\Kym.WISE\Application Data\Mozilla\plugins\npgoogletalk.dll CHR - plugin: Google Talk Plugin Video Accelerator (Enabled) = C:\Documents and Settings\Kym.WISE\Application Data\Mozilla\plugins\npgtpo3dautoplugin.dll CHR - plugin: Adobe Acrobat (Enabled) = C:\Program Files\Adobe\Adobe Acrobat 7.0\Acrobat\Browser\nppdf32.dll CHR - plugin: Microsoft\u00AE DRM (Enabled) = C:\Program Files\Windows Media Player\npdrmv2.dll CHR - plugin: Windows Media Player Plug-in Dynamic Link Library (Enabled) = C:\Program Files\Windows Media Player\npdsplay.dll CHR - plugin: Microsoft\u00AE DRM (Enabled) = C:\Program Files\Windows Media Player\npwmsdrm.dll CHR - plugin: Google Update (Enabled) = C:\Documents and Settings\Kym.WISE\Local Settings\Application Data\Google\Update\1.3.21.135\npGoogleUpdate3.dll CHR - plugin: Google Earth Plugin (Enabled) = C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll CHR - plugin: Java Platform SE 7 U17 (Enabled) = C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll CHR - plugin: VLC Web Plugin (Enabled) = C:\Program Files\VideoLAN\VLC\npvlc.dll CHR - plugin: Windows Presentation Foundation (Enabled) = C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll CHR - plugin: Java Deployment Toolkit 7.0.170.2 (Enabled) = C:\windows\system32\npDeployJava1.dll CHR - Extension: YouTube = C:\Documents and Settings\Kym.WISE\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.6_0\ CHR - Extension: Google Search = C:\Documents and Settings\Kym.WISE\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_0\ CHR - Extension: Mailto: for Gmail\u2122 = C:\Documents and Settings\Kym.WISE\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\dgkkmcknielgdhebimdnfahpipajcpjn\2.4_1\ CHR - Extension: Sitemap Generator = C:\Documents and Settings\Kym.WISE\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\ihlnmilclmcloeooaifmfekglbkophkj\1.0.2_0\ CHR - Extension: Google +1 Button = C:\Documents and Settings\Kym.WISE\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\jgoepmocgafhnchmokaimcmlojpnlkhp\1.2.0.329_0\ CHR - Extension: Gmail = C:\Documents and Settings\Kym.WISE\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\ O1 HOSTS File: ([2013/08/05 00:58:43 | 000,000,027 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts O1 - Hosts: 127.0.0.1 localhost O3 - HKLM\..\Toolbar: (Adobe PDF) - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Adobe\Adobe Acrobat 7.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated) O3 - HKU\S-1-5-21-299502267-261903793-725345543-1004\..\Toolbar\WebBrowser: (Adobe PDF) - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Adobe\Adobe Acrobat 7.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated) O4 - HKLM..\Run: [Acrobat Assistant 7.0] C:\Program Files\Adobe\Adobe Acrobat 7.0\Distillr\Acrotray.exe (Adobe Systems Inc.) O4 - HKLM..\Run: [ATICCC] C:\Program Files\ATI Technologies\ATI.ACE\cli.exe (ATI Technologies Inc.) O4 - HKLM..\Run: [EvtMgr6] C:\Program Files\Logitech\SetPointP\SetPoint.exe (Logitech, Inc.) O4 - HKLM..\Run: [F-PROT Antivirus Tray application] C:\Program Files\FRISK Software\F-PROT Antivirus for Windows\FProtTray.exe (FRISK Software International) O4 - HKLM..\Run: [Google Quick Search Box] C:\Program Files\Google\Quick Search Box\GoogleQuickSearchBox.exe (Google Inc.) O4 - HKLM..\Run: [PlantronicsBatteryStatus.exe] C:\Program Files\Plantronics\PlantronicsURE\PlantronicsBatteryStatus.exe (Plantronics, Inc.) O4 - HKLM..\Run: [PlantronicsURE.exe] C:\Program Files\Plantronics\PlantronicsURE\PlantronicsURE.exe (Plantronics, Inc.) O4 - HKU\S-1-5-21-299502267-261903793-725345543-1004..\Run: [EFI Job Monitor] C:\windows\System32\spool\DRIVERS\W32X86\3\EFJM.dll (EFI) O4 - HKU\S-1-5-21-299502267-261903793-725345543-1004..\Run: [sUPERAntiSpyware] C:\Program Files\SUPERAntiSpyware\SUPERANTISPYWARE.EXE (SUPERAntiSpyware.com) O4 - HKU\S-1-5-21-299502267-261903793-725345543-1004..\Run: [TrafficTravisv4] C:\Documents and Settings\Kym.WISE\Application Data\Traffic Travis v4\TrafficTravisV4.exe () O4 - Startup: C:\Documents and Settings\Kym.WISE\Start Menu\Programs\Startup\Dropbox.lnk = C:\Documents and Settings\Kym.WISE\Application Data\Dropbox\bin\Dropbox.exe (Dropbox, Inc.) O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0 O7 - HKU\.DEFAULT\Software\Policies\Microsoft\Internet Explorer\Control Panel present O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323 O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863 O7 - HKU\S-1-5-18\Software\Policies\Microsoft\Internet Explorer\Control Panel present O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323 O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863 O7 - HKU\S-1-5-19\Software\Policies\Microsoft\Internet Explorer\Control Panel present O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145 O7 - HKU\S-1-5-20\Software\Policies\Microsoft\Internet Explorer\Control Panel present O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145 O7 - HKU\S-1-5-21-299502267-261903793-725345543-1004\Software\Policies\Microsoft\Internet Explorer\Control Panel present O7 - HKU\S-1-5-21-299502267-261903793-725345543-1004\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323 O7 - HKU\S-1-5-21-299502267-261903793-725345543-1004\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863 O7 - HKU\S-1-5-21-299502267-261903793-725345543-1004\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0 O16 - DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} http://download.eset.com/special/eos/OnlineScanner.cab (OnlineScanner Control) O16 - DPF: {B1E2B96C-12FE-45E2-BEF1-44A219113CDD} http://www.superadblocker.com/activex/sabspx.cab (SABScanProcesses Class) O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 10.1.1.1 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{DE5BEB9B-12B5-4021-8E3F-3463C2082C03}: DhcpNameServer = 10.1.1.1 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{FB0E3BB5-8B50-4036-8B7F-2CFFF878DD92}: NameServer = 192.168.1.1 O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies) O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.) O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\windows\explorer.exe (Microsoft Corporation) O20 - HKLM Winlogon: UserInit - (C:\windows\system32\userinit.exe) - C:\WINDOWS\system32\userinit.exe (Microsoft Corporation) O20 - Winlogon\Notify\AtiExtEvent: DllName - (Ati2evxx.dll) - C:\windows\System32\ati2evxx.dll (ATI Technologies Inc.) O20 - Winlogon\Notify\LBTWlgn: DllName - (c:\program files\common files\logishrd\bluetooth\LBTWlgn.dll) - c:\Program Files\Common Files\Logishrd\Bluetooth\LBTWLgn.dll (Logitech, Inc.) O24 - Desktop WallPaper: C:\Documents and Settings\Kym.WISE\Application Data\Microsoft\Internet Explorer\Internet Explorer Wallpaper.bmp O24 - Desktop BackupWallPaper: C:\Documents and Settings\Kym.WISE\Application Data\Microsoft\Internet Explorer\Internet Explorer Wallpaper.bmp O28 - HKLM ShellExecuteHooks: {5AE067D3-9AFB-48E0-853A-EBB7F4A000DA} - C:\Program Files\SUPERAntiSpyware\SASSEH.DLL (SuperAdBlocker.com) O32 - HKLM CDRom: AutoRun - 1 O32 - AutoRun File - [2005/07/08 13:03:31 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ] O34 - HKLM BootExecute: (autocheck autochk *) O35 - HKLM\..comfile [open] -- "%1" %* O35 - HKLM\..exefile [open] -- "%1" %* O37 - HKLM\...com [@ = ComFile] -- "%1" %* O37 - HKLM\...exe [@ = exefile] -- "%1" %* O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3) O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2) ========== Files/Folders - Created Within 30 Days ========== [2013/08/05 06:55:08 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\Kym.WISE\Desktop\OTL.exe [2013/08/05 01:02:12 | 000,000,000 | ---D | C] -- C:\windows\temp [2013/08/05 00:48:10 | 000,518,144 | ---- | C] (SteelWerX) -- C:\windows\SWREG.exe [2013/08/05 00:48:10 | 000,406,528 | ---- | C] (SteelWerX) -- C:\windows\SWSC.exe [2013/08/05 00:48:10 | 000,212,480 | ---- | C] (SteelWerX) -- C:\windows\SWXCACLS.exe [2013/08/05 00:48:10 | 000,060,416 | ---- | C] (NirSoft) -- C:\windows\NIRCMD.exe [2013/08/05 00:47:59 | 000,000,000 | ---D | C] -- C:\Qoobox [2013/08/03 01:41:32 | 000,000,000 | ---D | C] -- C:\Program Files\ESET [2013/08/02 11:45:41 | 000,000,000 | ---D | C] -- C:\FRST [2013/08/02 09:50:44 | 000,000,000 | ---D | C] -- C:\windows\ERUNT [2013/08/01 09:22:31 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users.WINDOWS\Application Data\Mozilla [2013/08/01 09:22:30 | 000,000,000 | ---D | C] -- C:\Program Files\Mozilla Maintenance Service [2013/07/31 17:57:30 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Kym.WISE\Desktop\RK_Quarantine [2013/07/31 16:33:28 | 000,000,000 | ---D | C] -- C:\Program Files\ABR [2013/07/31 15:35:02 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Kym.WISE\Application Data\AUSkey [2013/07/30 19:11:58 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users.WINDOWS\Start Menu\Programs\Google Earth [2013/07/26 03:00:57 | 000,000,000 | ---D | C] -- C:\windows\System32\MRT [2013/07/10 14:44:39 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users.WINDOWS\Start Menu\Programs\VideoLAN [2013/07/10 13:21:02 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users.WINDOWS\Start Menu\Programs\Technical Information System [2013/07/10 13:20:20 | 000,000,000 | ---D | C] -- C:\ISIS [2013/07/10 13:20:14 | 000,246,272 | ---- | C] (Stirling Technologies, Inc.) -- C:\windows\UNINST16.EXE [2008/05/02 10:40:36 | 006,104,632 | ---- | C] (Google Inc.) -- C:\Program Files\picasaweb-current-setup.exe ========== Files - Modified Within 30 Days ========== [2024/03/21 13:44:18 | 000,246,272 | ---- | M] (Stirling Technologies, Inc.) -- C:\windows\UNINST16.EXE [2013/08/05 06:55:12 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Kym.WISE\Desktop\OTL.exe [2013/08/05 06:24:01 | 000,000,980 | ---- | M] () -- C:\windows\tasks\GoogleUpdateTaskUserS-1-5-21-299502267-261903793-725345543-1004UA.job [2013/08/05 06:10:00 | 000,000,886 | ---- | M] () -- C:\windows\tasks\GoogleUpdateTaskMachineUA.job [2013/08/05 02:10:00 | 000,000,506 | ---- | M] () -- C:\windows\tasks\SUPERAntiSpyware Scheduled Task 3a3492df-b2e7-4a0c-826d-c41cee42bf47.job [2013/08/05 01:42:00 | 000,000,506 | ---- | M] () -- C:\windows\tasks\SUPERAntiSpyware Scheduled Task 17e3eec5-c655-40e3-a4a1-a0ab3c349d09.job [2013/08/05 00:58:43 | 000,000,027 | ---- | M] () -- C:\windows\System32\drivers\etc\hosts [2013/08/04 23:39:15 | 000,001,612 | ---- | M] () -- C:\Documents and Settings\Kym.WISE\Desktop\Job Monitor.lnk [2013/08/04 23:37:06 | 000,000,882 | ---- | M] () -- C:\windows\tasks\GoogleUpdateTaskMachineCore.job [2013/08/04 23:37:06 | 000,000,236 | ---- | M] () -- C:\windows\tasks\OGALogon.job [2013/08/04 23:36:46 | 001,014,896 | ---- | M] () -- C:\windows\System32\FNTCACHE.DAT [2013/08/04 23:36:41 | 008,405,015 | ---- | M] () -- C:\windows\TempFile [2013/08/04 23:36:33 | 000,002,048 | --S- | M] () -- C:\windows\bootstat.dat [2013/08/04 23:30:09 | 000,016,896 | ---- | M] () -- C:\Documents and Settings\Kym.WISE\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini [2013/08/04 10:39:05 | 000,002,483 | ---- | M] () -- C:\Documents and Settings\Kym.WISE\Desktop\Microsoft Word.lnk [2013/08/04 09:55:39 | 000,001,717 | ---- | M] () -- C:\Documents and Settings\All Users.WINDOWS\Desktop\eMedia Card Designer.lnk [2013/08/04 07:24:04 | 000,000,928 | ---- | M] () -- C:\windows\tasks\GoogleUpdateTaskUserS-1-5-21-299502267-261903793-725345543-1004Core.job [2013/08/03 14:42:42 | 000,002,481 | ---- | M] () -- C:\Documents and Settings\Kym.WISE\Desktop\Microsoft Excel.lnk [2013/08/02 16:20:40 | 000,001,916 | ---- | M] () -- C:\windows\qpv20.ini [2013/08/01 09:58:03 | 000,000,055 | ---- | M] () -- C:\windows\Reports.ini [2013/08/01 09:22:32 | 000,000,787 | ---- | M] () -- C:\Documents and Settings\Kym.WISE\Application Data\Microsoft\Internet Explorer\Quick Launch\Mozilla Firefox.lnk [2013/08/01 09:22:32 | 000,000,769 | ---- | M] () -- C:\Documents and Settings\All Users.WINDOWS\Desktop\Mozilla Firefox.lnk [2013/07/31 15:22:42 | 000,013,646 | ---- | M] () -- C:\windows\System32\wpa.dbl [2013/07/31 14:30:01 | 000,001,728 | ---- | M] () -- C:\windows\qpv17.ini [2013/07/31 14:22:41 | 000,000,424 | ---- | M] () -- C:\windows\QPMail.INI [2013/07/31 14:22:02 | 000,001,273 | ---- | M] () -- C:\windows\qpv19.ini [2013/07/20 15:07:26 | 000,009,772 | ---- | M] () -- C:\windows\lmpp.ini [2013/07/19 07:29:20 | 000,000,173 | ---- | M] () -- C:\windows\R_INB.INI [2013/07/11 11:34:05 | 000,000,110 | ---- | M] () -- C:\windows\FLEXE.INI [2013/07/11 11:30:07 | 000,002,296 | ---- | M] () -- C:\windows\qpv18.ini [2013/07/11 07:45:15 | 000,001,106 | ---- | M] () -- C:\Documents and Settings\Kym.WISE\Desktop\Traffic Travis v4.lnk [2013/07/11 07:45:15 | 000,001,084 | ---- | M] () -- C:\Documents and Settings\Kym.WISE\Application Data\Microsoft\Internet Explorer\Quick Launch\Traffic Travis v4.lnk [2013/07/11 07:07:23 | 000,580,884 | ---- | M] () -- C:\windows\System32\perfh009.dat [2013/07/11 07:07:23 | 000,120,658 | ---- | M] () -- C:\windows\System32\perfc009.dat [2013/07/11 06:25:17 | 000,001,374 | ---- | M] () -- C:\windows\imsins.BAK [2013/07/10 14:44:39 | 000,000,764 | ---- | M] () -- C:\Documents and Settings\All Users.WINDOWS\Desktop\VLC media player.lnk [2013/07/10 13:20:25 | 000,046,020 | ---- | M] () -- C:\windows\System32\FORDLINE.TTF ========== Files Created - No Company Name ========== [2013/08/05 00:48:10 | 000,256,000 | ---- | C] () -- C:\windows\PEV.exe [2013/08/05 00:48:10 | 000,208,896 | ---- | C] () -- C:\windows\MBR.exe [2013/08/05 00:48:10 | 000,098,816 | ---- | C] () -- C:\windows\sed.exe [2013/08/05 00:48:10 | 000,080,412 | ---- | C] () -- C:\windows\grep.exe [2013/08/05 00:48:10 | 000,068,096 | ---- | C] () -- C:\windows\zip.exe [2013/08/04 09:42:08 | 000,000,506 | ---- | C] () -- C:\windows\tasks\SUPERAntiSpyware Scheduled Task 17e3eec5-c655-40e3-a4a1-a0ab3c349d09.job [2013/08/04 09:42:01 | 000,000,506 | ---- | C] () -- C:\windows\tasks\SUPERAntiSpyware Scheduled Task 3a3492df-b2e7-4a0c-826d-c41cee42bf47.job [2013/08/01 09:22:32 | 000,000,787 | ---- | C] () -- C:\Documents and Settings\Kym.WISE\Application Data\Microsoft\Internet Explorer\Quick Launch\Mozilla Firefox.lnk [2013/08/01 09:22:32 | 000,000,775 | ---- | C] () -- C:\Documents and Settings\All Users.WINDOWS\Start Menu\Programs\Mozilla Firefox.lnk [2013/08/01 09:22:32 | 000,000,769 | ---- | C] () -- C:\Documents and Settings\All Users.WINDOWS\Desktop\Mozilla Firefox.lnk [2013/07/31 17:43:45 | 000,000,697 | ---- | C] () -- C:\Documents and Settings\Kym.WISE\Start Menu\Programs\CLOX 2000.LNK [2013/07/20 15:27:17 | 002,572,800 | ---- | C] () -- C:\Documents and Settings\Kym.WISE\Desktop\clox2007.exe [2013/07/10 14:44:39 | 000,000,764 | ---- | C] () -- C:\Documents and Settings\All Users.WINDOWS\Desktop\VLC media player.lnk [2013/07/10 13:20:25 | 000,046,020 | ---- | C] () -- C:\windows\System32\FORDLINE.TTF [2013/06/17 11:33:54 | 000,000,062 | ---- | C] () -- C:\windows\QPv22.INI [2012/11/11 16:18:30 | 000,038,461 | ---- | C] () -- C:\Documents and Settings\Kym.WISE\Application Data\Comma Separated Values (Windows).ADR [2012/08/24 16:01:15 | 000,000,616 | ---- | C] () -- C:\windows\System32\NTS5CSET.INI [2012/08/18 19:08:51 | 000,056,079 | ---- | C] () -- C:\windows\System32\hlremove.exe [2012/08/18 19:08:49 | 000,199,168 | ---- | C] () -- C:\windows\System32\drivers\hl_mull.sys [2012/08/18 17:42:03 | 000,057,344 | ---- | C] () -- C:\windows\System32\drivers\wdreg.exe [2012/07/13 15:00:21 | 000,000,032 | ---- | C] () -- C:\windows\convert21.INI [2012/07/13 15:00:19 | 000,000,428 | ---- | C] () -- C:\windows\qpv21.ini [2012/07/13 09:21:16 | 000,000,110 | ---- | C] () -- C:\windows\FLEXE.INI [2012/05/08 11:05:08 | 000,000,402 | ---- | C] () -- C:\windows\POSTCODE.INI [2012/03/20 09:45:54 | 000,044,544 | ---- | C] () -- C:\windows\System32\Gif89.dll [2012/02/15 08:46:40 | 000,003,072 | ---- | C] () -- C:\windows\System32\iacenc.dll [2011/11/10 16:56:36 | 000,147,456 | ---- | C] () -- C:\windows\System32\ssleay32.dll [2011/10/03 11:30:57 | 000,000,216 | ---- | C] () -- C:\windows\efinl.ini [2011/09/22 13:22:04 | 000,000,032 | ---- | C] () -- C:\windows\convert16.INI [2011/09/17 12:22:41 | 000,000,000 | ---- | C] () -- C:\windows\DWNLD_32.INI [2011/09/08 11:42:10 | 000,077,824 | ---- | C] () -- C:\windows\System32\hpzids01.dll [2011/09/08 11:04:53 | 000,000,000 | ---- | C] () -- C:\windows\Ui.INI [2011/09/08 10:54:54 | 000,017,524 | ---- | C] ( ) -- C:\windows\System32\drivers\gt680x.sys [2011/09/02 12:41:51 | 000,005,504 | ---- | C] () -- C:\windows\System32\drivers\StarOpen.sys [2009/04/08 12:57:42 | 000,016,896 | ---- | C] () -- C:\Documents and Settings\Kym.WISE\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini [2009/04/06 09:39:36 | 000,000,131 | ---- | C] () -- C:\Documents and Settings\Kym.WISE\Local Settings\Application Data\fusioncache.dat ========== ZeroAccess Check ========== [2009/04/05 11:32:13 | 000,000,227 | RHS- | M] () -- C:\windows\assembly\Desktop.ini [HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] [HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] "" = %SystemRoot%\system32\shdocvw.dll -- [2008/04/14 10:12:05 | 001,499,136 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Apartment [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] "" = %systemroot%\system32\wbem\fastprox.dll -- [2009/02/09 22:10:48 | 000,473,600 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Free [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] "" = %systemroot%\system32\wbem\wbemess.dll -- [2008/04/14 10:12:08 | 000,273,920 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Both ========== LOP Check ========== [2007/11/21 18:15:51 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\BVRP Software [2007/11/21 09:20:41 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\BVRP Software(2) [2007/11/21 09:20:31 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\BVRP Software(3) [2008/08/22 15:26:15 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\FRISK Software [2005/07/13 09:38:29 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\MSN Search Toolbar [2008/11/20 17:17:54 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\PC Drivers HeadQuarters [2011/08/04 16:49:06 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users.WINDOWS\Application Data\!SASCORE [2011/09/02 12:42:09 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users.WINDOWS\Application Data\Canneverbe Limited [2009/04/05 10:40:22 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users.WINDOWS\Application Data\FRISK Software [2010/09/14 13:06:11 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users.WINDOWS\Application Data\IM [2010/09/14 13:04:59 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users.WINDOWS\Application Data\IncrediMail [2011/04/29 16:10:49 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users.WINDOWS\Application Data\Install [2013/04/20 22:36:53 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users.WINDOWS\Application Data\InstallMate [2012/03/13 14:24:02 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users.WINDOWS\Application Data\Plantronics [2011/01/11 13:12:49 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users.WINDOWS\Application Data\VirtualizedApplications [2009/10/22 10:37:33 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users.WINDOWS\Application Data\WinZip [2013/06/08 09:02:42 | 000,000,000 | ---D | M] -- C:\Documents and Settings\fark\Application Data\Affilorama [2006/06/12 18:08:56 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Guest\Application Data\Plaxo [2007/02/27 15:12:45 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Guest\Application Data\Windows Desktop Search [2012/12/29 10:10:52 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Kym.WISE\Application Data\AceSniper [2013/03/28 08:20:06 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Kym.WISE\Application Data\Affilorama [2013/08/01 10:30:07 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Kym.WISE\Application Data\AUSkey [2011/09/02 12:42:09 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Kym.WISE\Application Data\Canneverbe Limited [2012/04/23 11:10:23 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Kym.WISE\Application Data\CoreFTP [2013/08/04 23:40:35 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Kym.WISE\Application Data\Dropbox [2009/04/29 17:40:32 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Kym.WISE\Application Data\FRISK Software [2012/03/20 08:51:24 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Kym.WISE\Application Data\GetRightToGo [2013/04/20 22:36:17 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Kym.WISE\Application Data\iPumper [2013/04/21 19:35:41 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Kym.WISE\Application Data\Leadertech [2012/06/02 14:34:38 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Kym.WISE\Application Data\Registry Cleaner [2011/01/19 10:24:53 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Kym.WISE\Application Data\SoftGrid Client [2011/01/17 10:23:59 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Kym.WISE\Application Data\TP [2013/07/12 02:31:14 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Kym.WISE\Application Data\Traffic Travis v4 [2009/04/29 15:12:14 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Kym.WISE\Application Data\Uniblue [2013/08/01 10:29:58 | 000,000,000 | ---D | M] -- C:\Documents and Settings\LocalService.NT AUTHORITY\Application Data\AUSkey [2013/03/28 07:47:28 | 000,000,000 | ---D | M] -- C:\Documents and Settings\punce\Application Data\Affilorama ========== Purity Check ========== < End of report > OTL Extras logfile created on: 5/08/2013 7:00:11 AM - Run 1 OTL by OldTimer - Version 3.2.69.0 Folder = C:\Documents and Settings\Kym.WISE\Desktop Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation Internet Explorer (Version = 8.0.6001.18702) Locale: 00000C09 | Country: Australia | Language: ENA | Date Format: d/MM/yyyy 3.00 Gb Total Physical Memory | 2.23 Gb Available Physical Memory | 74.48% Memory free 6.82 Gb Paging File | 6.28 Gb Available in Paging File | 91.99% Paging File free Paging file location(s): D:\pagefile.sys 4096 4096 [binary data] %SystemDrive% = C: | %SystemRoot% = C:\windows | %ProgramFiles% = C:\Program Files Drive C: | 74.52 Gb Total Space | 31.70 Gb Free Space | 42.54% Space Free | Partition Type: NTFS Drive D: | 159.24 Gb Total Space | 122.43 Gb Free Space | 76.88% Space Free | Partition Type: NTFS Drive E: | 861.89 Mb Total Space | 0.00 Mb Free Space | 0.00% Space Free | Partition Type: CDFS Drive J: | 74.52 Gb Total Space | 56.88 Gb Free Space | 76.33% Space Free | Partition Type: NTFS Drive K: | 74.52 Gb Total Space | 56.88 Gb Free Space | 76.33% Space Free | Partition Type: NTFS Drive L: | 74.52 Gb Total Space | 56.88 Gb Free Space | 76.33% Space Free | Partition Type: NTFS Drive X: | 232.88 Gb Total Space | 186.30 Gb Free Space | 80.00% Space Free | Partition Type: NTFS Drive Z: | 232.88 Gb Total Space | 186.30 Gb Free Space | 80.00% Space Free | Partition Type: NTFS Computer Name: WISE | User Name: Kym | Logged in as Administrator. Boot Mode: Normal | Scan Mode: All users | Quick Scan Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days ========== Extra Registry (SafeList) ========== ========== File Associations ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>] .cpl [@ = cplfile] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%* .html [@ = ChromeHTML] -- C:\Program Files\Google\Chrome\Application\chrome.exe (Google Inc.) .url [@ = InternetShortcut] -- rundll32.exe ieframe.dll,OpenURL %l [HKEY_USERS\S-1-5-21-299502267-261903793-725345543-1004\SOFTWARE\Classes\<extension>] .html [@ = ChromeHTML] -- Reg Error: Key error. File not found ========== Shell Spawning ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command] batfile [open] -- "%1" %* cmdfile [open] -- "%1" %* comfile [open] -- "%1" %* cplfile [cplopen] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%* exefile [open] -- "%1" %* https [open] -- "C:\Program Files\Google\Chrome\Application\chrome.exe" -- "%1" (Google Inc.) InternetShortcut [open] -- rundll32.exe ieframe.dll,OpenURL %l piffile [open] -- "%1" %* regfile [merge] -- Reg Error: Key error. scrfile [config] -- "%1" scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l scrfile [open] -- "%1" /S txtfile [edit] -- Reg Error: Key error. Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1 Directory [AddToPlaylistVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" (VideoLAN) Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Directory [PlayWithVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" (VideoLAN) Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation) Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation) Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) ========== Security Center Settings ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center] "FirstRunDisabled" = 1 "UpdatesDisableNotify" = 0 "AntiVirusDisableNotify" = 0 "FirewallDisableNotify" = 0 "AntiVirusOverride" = 0 "FirewallOverride" = 0 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall] ========== System Restore Settings ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore] "DisableSR" = 0 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Sr] "Start" = 0 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SrService] "Start" = 2 ========== Firewall Settings ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall] [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile] [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List] "139:TCP" = 139:TCP:*:Enabled:@xpsp2res.dll,-22004 "445:TCP" = 445:TCP:*:Enabled:@xpsp2res.dll,-22005 "137:UDP" = 137:UDP:*:Enabled:@xpsp2res.dll,-22001 "138:UDP" = 138:UDP:*:Enabled:@xpsp2res.dll,-22002 "1900:UDP" = 1900:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22007 "2869:TCP" = 2869:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22008 "3389:TCP" = 3389:TCP:*:Disabled:@xpsp2res.dll,-22009 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile] "EnableFirewall" = 1 "DoNotAllowExceptions" = 0 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List] "1900:UDP" = 1900:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22007 "2869:TCP" = 2869:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22008 "139:TCP" = 139:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22004 "445:TCP" = 445:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22005 "137:UDP" = 137:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22001 "138:UDP" = 138:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22002 "3389:TCP" = 3389:TCP:*:Disabled:@xpsp2res.dll,-22009 "1947:TCP" = 1947:TCP:*:Enabled:HASP SRM "1947:UDP" = 1947:UDP:*:Enabled:HASP SRM ========== Authorized Applications List ========== [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List] "%windir%\system32\sessmgr.exe" = %windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019 -- (Microsoft Corporation) "%windir%\Network Diagnostic\xpnetdiag.exe" = %windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000 -- (Microsoft Corporation) [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List] "%windir%\system32\sessmgr.exe" = %windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019 -- (Microsoft Corporation) "C:\WINDOWS\system32\mmc.exe" = C:\WINDOWS\system32\mmc.exe:*:Enabled:Microsoft Management Console -- (Microsoft Corporation) "%windir%\Network Diagnostic\xpnetdiag.exe" = %windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000 -- (Microsoft Corporation) "C:\Program Files\Messenger\msmsgs.exe" = C:\Program Files\Messenger\msmsgs.exe:*:Enabled:Windows Messenger -- (Microsoft Corporation) "C:\Program Files\Google\Google Earth\plugin\geplugin.exe" = C:\Program Files\Google\Google Earth\plugin\geplugin.exe:*:Enabled:Google Earth -- (Google) "C:\Program Files\WS_FTP\WS_FTP95.exe" = C:\Program Files\WS_FTP\WS_FTP95.exe:*:Enabled:WS_FTP 95 -- (Ipswitch, Inc. 81 Hartwell Ave. Lexington, MA 02173) "C:\WINDOWS\system32\dpvsetup.exe" = C:\WINDOWS\system32\dpvsetup.exe:*:Enabled:Microsoft DirectPlay Voice Test -- (Microsoft Corporation) "C:\Documents and Settings\Kym.WISE\Application Data\Dropbox\bin\Dropbox.exe" = C:\Documents and Settings\Kym.WISE\Application Data\Dropbox\bin\Dropbox.exe:*:Enabled:Dropbox -- (Dropbox, Inc.) "C:\Documents and Settings\Kym.WISE\Local Settings\Application Data\Google\Google Talk Plugin\googletalkplugin.exe" = C:\Documents and Settings\Kym.WISE\Local Settings\Application Data\Google\Google Talk Plugin\googletalkplugin.exe:*:Enabled:Google Talk Plugin -- (Google) "C:\Program Files\Adobe\Adobe Photoshop CS2\Photoshop.exe" = C:\Program Files\Adobe\Adobe Photoshop CS2\Photoshop.exe:*:Enabled:Adobe Photoshop CS2 -- (Adobe Systems, Incorporated) "C:\Program Files\Adobe\Adobe Acrobat 7.0\Acrobat\Acrobat.exe" = C:\Program Files\Adobe\Adobe Acrobat 7.0\Acrobat\Acrobat.exe:*:Enabled:Adobe Acrobat 7.0 -- (Adobe Systems Incorporated) "C:\Program Files\Microsoft Office\Office10\WINWORD.EXE" = C:\Program Files\Microsoft Office\Office10\WINWORD.EXE:*:Enabled:Microsoft Word -- (Microsoft Corporation) "C:\Program Files\Skype\Phone\Skype.exe" = C:\Program Files\Skype\Phone\Skype.exe:*:Enabled:Skype -- (Skype Technologies S.A.) ========== HKEY_LOCAL_MACHINE Uninstall List ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall] "{0134A1A1-C283-4A47-91A1-92F19F960372}" = Adobe Creative Suite 2 "{172423F9-522A-483A-AD65-03600CE4CA4F}" = Microsoft Works 6-9 Converter "{18455581-E099-4BA8-BC6B-F34B2F06600C}" = Google Toolbar for Internet Explorer "{1DC3160B-3A07-47BB-92C4-E5B8C2601DE8}" = Plantronics Spokes Software "{21B9CC18-8AB7-402F-B343-CD2127FC3CFC}" = NETGEAR WG111 Software "{2318C2B1-4965-11d4-9B18-009027A5CD4F}" = Google Toolbar for Internet Explorer "{236BB7C4-4419-42FD-0409-1E257A25E34D}" = Adobe Photoshop CS2 "{24D37B30-83B4-46A7-A691-30F2FCEAE58E}" = AUSkey software 1.4.4 "{26A24AE4-039D-4CA4-87B4-2F83217025FF}" = Java 7 Update 25 "{28A7B2F5-CFE5-4A4D-98B4-FA1994915F3D}" = ATI Catalyst Control Center "{315ACD04-BCEB-478B-9B1D-5431D0E6CB11}" = ASUS Enhanced Display Driver "{350C97B0-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP "{35C30793-32F4-11D6-A043-00E081105A80}" = Fiery Remote Scan 5.1.2.6 "{3C3901C5-3455-3E0A-A214-0B093A5070A6}" = Microsoft .NET Framework 4 Client Profile "{3EE9BCAE-E9A9-45E5-9B1C-83A4D357E05C}" = eReg "{46548E80-0409-0000-7E8A-45000F855001}" = Adobe GoLive CS2 "{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater "{4CC40F30-FD5F-11D4-B809-00105AE77964}" = Fiery Email Port Monitor 1.0.012b "{52E26953-00EF-42B3-A075-A57E86A38D07}" = File Rescue Plus "{5DBC79DA-87D2-376D-A65D-B14097C06C71}" = Google Talk Plugin "{60A73620-3618-11D2-AD1A-006008A6ABE2}" = Command WorkStation 4 .0.20 "{68A35043-C55A-4237-88C9-37EE1C63ED71}" = Microsoft Visual J# 2.0 Redistributable Package "{6FE663A8-675A-11D5-A04E-00E08110FCBC}" = FieryPrinterDeleteUtility 1.1.8 "{716E0306-8318-4364-8B8F-0CC4E9376BAC}" = MSXML 4.0 SP2 Parser and SDK "{71D4305B-56E6-4971-A799-FB7678A1D1AB}" = ASUS ATI Driver "{777AD08E-B32A-4456-AFE1-094DBECEB268}" = Intel® Network Connections 13.5.32.0 "{786C5747-1033-0000-B58E-000000000001}" = Adobe Stock Photos 1.0 "{79361740-EAE3-11E2-9911-B8AC6F98CCE3}" = Google Earth Plug-in "{7E265513-8CDA-4631-B696-F40D983F3B07}_is1" = CDBurnerXP "{7F4C8163-F259-49A0-A018-2857A90578BC}" = Adobe InDesign CS2 "{8777AC6D-89F9-4793-8266-DE406F343E89}" = QFolder "{8D70145A-3BD3-4DBF-9CBF-223EF4A43257}" = ATI Parental Control & Encoder "{8EDBA74D-0686-4C99-BFDD-F894678E5B39}" = Adobe Common File Installer "{90120000-0020-0409-0000-0000000FF1CE}" = Compatibility Pack for the 2007 Office system "{902261FB-61C7-11D5-A02B-00E081105A80}" = ColorWise Pro Tools 3.1.15 "{90280409-6000-11D3-8CFE-0050048383C9}" = Microsoft Office XP Professional with FrontPage "{90C2C7A0-69FF-11D5-81E2-400003CB602B}" = National Online "{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 "{9D0C08AE-2882-11D5-A0CF-00E081105A80}" = DBPro "{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}" = Microsoft .NET Framework 3.0 Service Pack 2 "{A595CC0D-F39E-4A66-B057-B0DBE9BAD757}" = Calisto DFU Driver (x86) "{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper "{AC76BA86-1033-0000-7760-000000000002}" = Adobe Acrobat 7.0 Professional "{B2544A03-10D0-4E5E-BA69-0362FFC20D18}" = OGA Notifier 2.0.0048.0 "{B2F5D08C-7E79-4FCD-AAF4-57AD35FF0601}" = Adobe Illustrator CS2 "{B6CF2967-C81E-40C0-9815-C05774FEF120}" = Skype Click to Call "{B74D4E10-1033-0000-0000-000000000001}" = Adobe Bridge 1.0 "{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}" = Microsoft .NET Framework 2.0 Service Pack 2 "{C49DAA9C-5BA8-459A-8244-E57B69DF0F04}" = Suite Specific "{C7F5982F-C0C1-4363-8700-43E6FC47ADC0}" = eMedia Card Designer "{C9A87D86-FDFD-418B-BF96-EF09320973B3}" = PC Inspector smart recovery "{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}" = Microsoft .NET Framework 1.1 "{CDDCBBF1-2703-46BC-938B-BCC81A1EEAAA}" = SUPERAntiSpyware "{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1 "{E58B329B-FB28-4874-90DE-0D7CB2709267}" = F-PROT Antivirus for Windows "{E9787678-1033-0000-8E67-000000000001}" = Adobe Help Center 1.0 "{EA17F4FC-FDBF-4CF8-A529-2D983132D053}" = Skype™ 6.0 "{ED313321-A145-47D5-9713-B67C9C54D624}" = Australia On Disc 2009 "{F29F0A94-5E11-11D6-A054-00E081105A80}" = IEEE 1284 Parallel Port Driver (v.3.07.0) "07AFE62D73C8799E9E5689F86FB9F48389717BA3" = Windows Driver Package - Plantronics, Inc. (usbser.nt) Ports (04/21/2009 5.1) "Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX "Adobe SVG Viewer" = Adobe SVG Viewer 3.0 "Aladdin DiagnostiX 1.10" = Aladdin DiagnostiX 1.10 "All ATI Software" = ATI - Software Uninstall Utility "ATI Display Driver" = ATI Display Driver "CoreFTP" = Core FTP LE "ESET Online Scanner" = ESET Online Scanner v3 "Evolis Dualys2_is1" = Evolis Dualys2 version 10.0.10.2 "Google Chrome" = Google Chrome "HijackThis" = HijackThis 1.99.1 "hlsolution" = NoDongle solution (remove only) "IDNMitigationAPIs" = Microsoft Internationalized Domain Names Mitigation APIs "ie8" = Windows Internet Explorer 8 "Konica Minolta TWAIN Driver" = Konica Minolta TWAIN Driver "Kyocera Product Library" = Kyocera Product Library "LABEL MATRIX 7 PowerPro" = LABEL MATRIX 7 PowerPro "Malwarebytes' Anti-Malware_is1" = Malwarebytes Anti-Malware version 1.75.0.1300 "Microsoft .NET Framework 1.1 (1033)" = Microsoft .NET Framework 1.1 "Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1 "Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile "Microsoft Visual J# 2.0 Redistributable Package" = Microsoft Visual J# 2.0 Redistributable Package "Mozilla Firefox 22.0 (x86 en-US)" = Mozilla Firefox 22.0 (x86 en-US) "MozillaMaintenanceService" = Mozilla Maintenance Service "NLSDownlevelMapping" = Microsoft National Language Support Downlevel APIs "OKSoft Graphic Converter_is1" = OKSoft Graphic Converter 1.08 "Payroll Premier" = Payroll Premier "PDFcamp Pro v2.1_is1" = PDFcamp Pro v2.1 "Quick Search Box" = Google Quick Search Box "QuickBooks Pro" = QuickBooks Pro "Registry Cleaner (Registered Version)_is1" = Registry Cleaner 1.0 "sp6" = Logitech SetPoint 6.52 "ST5UNST #1" = CLOX 2000 "ST5UNST #2" = CLOX 2000 (C:\Program Files\CLOX\) "ST5UNST #3" = CLOX 2000 (C:\Program Files\CLOX\) #3 "Traffic Travis 4.1 Setup Wizard_is1" = Traffic Travis 4.1.0 "VLC media player" = VLC media player 2.0.7 "Wdf01009" = Microsoft Kernel-Mode Driver Framework Feature Pack 1.9 "Windows Media Format Runtime" = Windows Media Format 11 runtime "Windows Media Player" = Windows Media Player 11 "WinRAR archiver" = WinRAR archiver "WinZip" = WinZip "WMFDist11" = Windows Media Format 11 runtime "wmp11" = Windows Media Player 11 ========== HKEY_USERS Uninstall List ========== [HKEY_USERS\S-1-5-21-299502267-261903793-725345543-1004\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall] "Dropbox" = Dropbox ========== Last 20 Event Log Errors ========== [ Application Events ] Error - 1/08/2013 5:24:20 PM | Computer Name = WISE | Source = MsiInstaller | ID = 11714 Description = Product: Google Talk Plugin -- Error 1714. The older version of Google Talk Plugin cannot be removed. Contact your technical support group. System Error 1612. Error - 1/08/2013 10:32:39 PM | Computer Name = WISE | Source = MsiInstaller | ID = 11714 Description = Product: Google Talk Plugin -- Error 1714. The older version of Google Talk Plugin cannot be removed. Contact your technical support group. System Error 1612. Error - 2/08/2013 3:31:55 AM | Computer Name = WISE | Source = MsiInstaller | ID = 11714 Description = Product: Google Talk Plugin -- Error 1714. The older version of Google Talk Plugin cannot be removed. Contact your technical support group. System Error 1612. Error - 2/08/2013 8:32:44 AM | Computer Name = WISE | Source = MsiInstaller | ID = 11714 Description = Product: Google Talk Plugin -- Error 1714. The older version of Google Talk Plugin cannot be removed. Contact your technical support group. System Error 1612. Error - 2/08/2013 10:09:58 AM | Computer Name = WISE | Source = F-PROT Antivirus | ID = 4096 Description = Internet Explorer protection disabled For more information please visit http://www.f-prot.com/support/index.html Error - 2/08/2013 10:09:58 AM | Computer Name = WISE | Source = F-PROT Antivirus | ID = 4096 Description = Outlook e-mail protection disabled For more information please visit http://www.f-prot.com/support/index.html Error - 2/08/2013 1:41:01 PM | Computer Name = WISE | Source = MsiInstaller | ID = 11714 Description = Product: Google Talk Plugin -- Error 1714. The older version of Google Talk Plugin cannot be removed. Contact your technical support group. System Error 1612. Error - 4/08/2013 10:40:29 AM | Computer Name = WISE | Source = F-PROT Antivirus | ID = 4096 Description = Outlook e-mail protection disabled For more information please visit http://www.f-prot.com/support/index.html Error - 4/08/2013 10:40:40 AM | Computer Name = WISE | Source = F-PROT Antivirus | ID = 4096 Description = File system protection disabled For more information please visit http://www.f-prot.com/support/index.html Error - 4/08/2013 4:59:54 PM | Computer Name = WISE | Source = Application Hang | ID = 1002 Description = Hanging application OTL.exe, version 3.2.69.0, hang module hungapp, version 0.0.0.0, hang address 0x00000000. [ System Events ] Error - 2/08/2013 9:59:18 AM | Computer Name = WISE | Source = Service Control Manager | ID = 7000 Description = The VirtualFD service failed to start due to the following error: %%2 Error - 2/08/2013 7:32:34 PM | Computer Name = WISE | Source = Service Control Manager | ID = 7000 Description = The VirtualFD service failed to start due to the following error: %%2 Error - 3/08/2013 7:20:47 PM | Computer Name = WISE | Source = DCOM | ID = 10005 Description = DCOM got error "%1084" attempting to start the service EventSystem with arguments "" in order to run the server: {1BE1F766-5536-11D1-B726-00C04FB926AF} Error - 3/08/2013 7:21:28 PM | Computer Name = WISE | Source = Service Control Manager | ID = 7026 Description = The following boot-start or system-start driver(s) failed to load: asuskbnt Fips intelppm SASDIFSV SASKUTIL Error - 3/08/2013 7:29:39 PM | Computer Name = WISE | Source = DCOM | ID = 10005 Description = DCOM got error "%1084" attempting to start the service StiSvc with arguments "" in order to run the server: {A1F4E726-8CF1-11D1-BF92-0060081ED811} Error - 3/08/2013 7:31:18 PM | Computer Name = WISE | Source = DCOM | ID = 10005 Description = DCOM got error "%1084" attempting to start the service StiSvc with arguments "" in order to run the server: {A1F4E726-8CF1-11D1-BF92-0060081ED811} Error - 3/08/2013 7:33:22 PM | Computer Name = WISE | Source = DCOM | ID = 10005 Description = DCOM got error "%1084" attempting to start the service EventSystem with arguments "" in order to run the server: {1BE1F766-5536-11D1-B726-00C04FB926AF} Error - 3/08/2013 7:36:09 PM | Computer Name = WISE | Source = Service Control Manager | ID = 7000 Description = The VirtualFD service failed to start due to the following error: %%2 Error - 4/08/2013 9:36:44 AM | Computer Name = WISE | Source = Service Control Manager | ID = 7000 Description = The VirtualFD service failed to start due to the following error: %%2 Error - 4/08/2013 10:47:50 AM | Computer Name = WISE | Source = Service Control Manager | ID = 7034 Description = The Skype C2C Service service terminated unexpectedly. It has done this 1 time(s). < End of report >
  14. Hi there. What a prick of a thing. It is going to have to wait until later on for me. It is nearly 2:00 in the morning here & my dog is complaining she is missing out on her beauty sleep. You can see what it has already done to my good looks. Thanks heaps for your help Persistence is the name of the game.
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.