We’d like to remind Forumites to please avoid political debate on the Forum.
This is to keep it a safe and useful space for MoneySaving discussions. Threads that are – or become – political in nature may be removed in line with the Forum’s rules. Thank you for your understanding.
The MSE Forum Team would like to wish you all a Merry Christmas. However, we know this time of year can be difficult for some. If you're struggling during the festive period, here's a list of organisations that might be able to help
📨 Have you signed up to the Forum's new Email Digest yet? Get a selection of trending threads sent straight to your inbox daily, weekly or monthly!
Has MSE helped you to save or reclaim money this year? Share your 2025 MoneySaving success stories!
searchqu removal
Comments
-
After uninstalling the above:
- Right click OTL.exe & choose "Run as Administrator" to start the program.
- Copy and Paste the following code into the
textbox. Do not include the word Code:
:processes v4barsvc.exe v4SrchMn.exe v4brmon.exe datamngrUI.exe :services DictionaryBossService :OTL IE - HKLM\..\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2406}: "URL" = http://dts.search-results.com/sr?src=ieb&appid=102&systemid=406&sr=0&q={searchTerms} FF - prefs.js..browser.search.defaultenginename: "My Web Search" FF - prefs.js..browser.search.defaultthis.engineName: "Produtools Maps Customized Web Search" FF - prefs.js..browser.search.defaulturl: "http://search.conduit.com/ResultsExt.aspx?ctid=CT3042917&SearchSource=3&q={searchTerms}" FF - prefs.js..browser.search.order.1: "Search Results" FF - prefs.js..browser.search.selectedEngine: "Produtools Maps Customized Web Search" FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}:6.0.22 FF - prefs.js..keyword.URL: "http://dts.search-results.com/sr?src=ffb&appid=102&systemid=406&sr=0&q=" FF - HKLM\Software\MozillaPlugins\@DictionaryBoss.com/Plugin: C:\Program Files\DictionaryBoss\bar\1.bin\NPv4Stub.dll (MindSpark) FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extens ions\\v4ffxtbr@DictionaryBoss.com: C:\Program Files\DictionaryBoss\bar\1.bin [2012/02/27 20:58:32 | 000,000,000 | ---D | M] [2011/05/27 18:00:10 | 000,000,000 | ---D | M] (Yontoo Layers) -- C:\Users\Family\AppData\Roaming\Mozilla\Firefox\Profiles\vxqax3ct.default\extensions\plugin@yontoo.com [2012/01/25 19:35:48 | 000,000,933 | ---- | M] () -- C:\Users\Family\AppData\Roaming\Mozilla\Firefox\Profiles\vxqax3ct.default\searchplugins\conduit.xml [2012/02/27 22:25:05 | 000,009,650 | ---- | M] () -- C:\Users\Family\AppData\Roaming\Mozilla\Firefox\Profiles\vxqax3ct.default\searchplugins\my-web-search.xml [2011/10/04 19:13:10 | 000,002,520 | ---- | M] () -- C:\Users\Family\AppData\Roaming\Mozilla\Firefox\Profiles\vxqax3ct.default\searchplugins\SearchResults.xml [2012/02/26 14:06:41 | 000,002,519 | ---- | M] () -- C:\Users\Family\AppData\Roaming\Mozilla\Firefox\Profiles\vxqax3ct.default\searchplugins\Search_Results.xml [2011/10/04 19:13:10 | 000,002,520 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\SearchResults.xml [2012/02/26 14:06:41 | 000,002,519 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\Search_Results.xml CHR - default_search_provider: Search Results (Enabled) CHR - default_search_provider: search_url = http://dts.search-results.com/sr?src=crb&appid=102&systemid=406&sr=0&q={searchTerms} CHR - plugin: MindSpark Toolbar Platform Plugin Stub (Enabled) = C:\Program Files\DictionaryBoss\bar\1.bin\NPv4Stub.dll O2 - BHO: (Search Assistant BHO) - {58376892-60e7-4f63-aca0-0f686af554d6} - C:\Program Files\DictionaryBoss\bar\1.bin\v4SrcAs.dll (MindSpark) O2 - BHO: (Toolbar BHO) - {6eb534fb-2001-45c4-b860-bc904865a379} - C:\Program Files\DictionaryBoss\bar\1.bin\v4bar.dll (MindSpark) O2 - BHO: (Searchqu Toolbar) - {99079a25-328f-4bd4-be04-00955acaa0a7} - C:\Program Files\Windows iLivid Toolbar\Datamngr\ToolBar\searchqudtx.dll () O2 - BHO: (DataMngr) - {9D717F81-9148-4f12-8568-69135F087DB0} - C:\Program Files\Windows iLivid Toolbar\Datamngr\BrowserConnection.dll (Bandoo Media, inc) O2 - BHO: (Yontoo Layers) - {FD72061E-9FDE-484D-A58A-0BAB4151CAD8} - C:\Program Files\Yontoo Layers\YontooIEClient.dll (Yontoo LLC) O3 - HKLM\..\Toolbar: (Searchqu Toolbar) - {99079a25-328f-4bd4-be04-00955acaa0a7} - C:\Program Files\Windows iLivid Toolbar\Datamngr\ToolBar\searchqudtx.dll () O3 - HKLM\..\Toolbar: (no name) - 10 - No CLSID value found. O4 - HKLM..\Run: [DictionaryBoss Browser Plugin Loader] C:\Program Files\DictionaryBoss\bar\1.bin\v4brmon.exe (VER_COMPANY_NAME) O4 - HKLM..\Run: [DictionaryBoss Search Scope Monitor] C:\Program Files\DictionaryBoss\bar\1.bin\DictionaryBoss Browser (MindSpark) O4 - HKLM..\Run: [DATAMNGR] C:\Program Files\Windows iLivid Toolbar\Datamngr\datamngrUI.exe (Bandoo Media,inc) O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jin...ndows-i586.cab (Java Plug-in 1.6.0_29) O16 - DPF: {CAFEEFAC-0015-0000-0009-ABCDEFFEDCBA} http://java.sun.com/update/1.5.0/jin...ndows-i586.cab (Java Plug-in 1.5.0_09) O16 - DPF: {CAFEEFAC-0016-0000-0029-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jin...ndows-i586.cab (Java Plug-in 1.6.0_29) O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jin...ndows-i586.cab (Java Plug-in 1.6.0_29) O20 - AppInit_DLLs: (C:\PROGRA~1\WI371A~1\Datamngr\datamngr.dll) - C:\Program Files\Windows iLivid Toolbar\Datamngr\datamngr.dll (Bandoo Media, inc) O20 - AppInit_DLLs: (C:\PROGRA~1\WI371A~1\Datamngr\IEBHO.dll) - C:\Program Files\Windows iLivid Toolbar\Datamngr\IEBHO.dll (Bandoo Media, inc) @Alternate Data Stream - 229 bytes -> C:\ProgramData\TEMP:1957F8A9 @Alternate Data Stream - 139 bytes -> C:\ProgramData\TEMP:8C885EDD :files C:\Program Files\Windows iLivid Toolbar C:\Program Files\Yontoo Layers C:\PROGRA~1\WI371A~1 C:\Users\Family\Documents\iLividSetupV1(1).exe C:\Users\Family\Documents\iLividSetupV1.exe C:\ProgramData\~1 c:\Users\Family\AppData\LocalLow\searchquband c:\Users\Family\AppData\LocalLow\searchqutoolbar c:\Users\Family\AppData\Roaming\Mozilla\Firefox\Profiles\vxqax3ct.default\searchqutoolbar :commands [CREATERESTOREPOINT] [REBOOT]
- Then click the Run Fix button at the top.
- Click
. - OTL may ask to reboot the machine. Please do so if asked.
- The report should appear in Notepad after the reboot.Copy and Paste that report in your next reply.
0 -
Whilst i go through that in detail, uninstall these:
Windows iLivid Toolbar
Yontoo Layers 1.10.01
doneDone that? Uninstall this too - DictionaryBossbar
http://www.threatexpert.com/report.a...4c6fc064046e0a - Mywebsearch
doneAfter uninstalling the above:- Right click OTL.exe & choose "Run as Administrator" to start the program.
- Copy and Paste the following code into the textbox. Do not include the word Code:
done
- Then click the Run Fix button at the top.
- Click .
- OTL may ask to reboot the machine. Please do so if asked.
- The report should appear in Notepad after the reboot.Copy and Paste that report in your next reply.
all going well - OTL rebooted but there's nothing in notepad - not sure where to look for it?
thanks for your help so far though.....Bern :j0 -
Look in C:\_OTL\MovedFiles\ddmmyyy_hhmss.log0
-
OTL logfile created on: 02/03/2012 22:39:36 - Run 2
OTL by OldTimer - Version 3.2.35.0 Folder = C:\Users\Family\Documents
Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000809 | Country: United Kingdom | Language: ENG | Date Format: dd/MM/yyyy
2.75 Gb Total Physical Memory | 1.47 Gb Available Physical Memory | 53.64% Memory free
5.70 Gb Paging File | 4.25 Gb Available in Paging File | 74.50% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 142.04 Gb Total Space | 32.13 Gb Free Space | 22.62% Space Free | Partition Type: NTFS
Drive F: | 142.04 Gb Total Space | 110.38 Gb Free Space | 77.71% Space Free | Partition Type: NTFS
Computer Name: FAMILY-PC | User Name: Family | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days
========== Processes (SafeList) ==========
PRC - [2012/03/02 22:39:01 | 000,585,216 | ---- | M] (OldTimer Tools) -- C:\Users\Family\Documents\OTL(4).exe
PRC - [2012/03/02 09:20:51 | 000,296,056 | ---- | M] (RealNetworks, Inc.) -- C:\Program Files\Real\RealPlayer\Update\realsched.exe
PRC - [2012/02/17 17:50:10 | 000,924,632 | ---- | M] (Mozilla Corporation) -- C:\Program Files\Mozilla Firefox\firefox.exe
PRC - [2011/10/11 12:49:14 | 001,179,648 | ---- | M] (W3i, LLC) -- C:\Program Files\W3i\InstallIQUpdater\InstallIQUpdater.exe
PRC - [2011/06/28 14:38:55 | 000,269,480 | ---- | M] (Avira GmbH) -- C:\Program Files\Avira\AntiVir Desktop\avguard.exe
PRC - [2011/06/24 15:54:46 | 000,020,880 | ---- | M] () -- C:\Program Files\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe
PRC - [2011/06/24 15:54:36 | 003,373,968 | ---- | M] (Samsung Electronics Co., Ltd.) -- C:\Program Files\Samsung\Kies\KiesTrayAgent.exe
PRC - [2011/06/06 11:55:28 | 000,064,952 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
PRC - [2011/04/27 21:16:41 | 000,136,360 | ---- | M] (Avira GmbH) -- C:\Program Files\Avira\AntiVir Desktop\sched.exe
PRC - [2011/02/23 00:39:24 | 000,803,432 | ---- | M] (NVIDIA Corporation) -- C:\Program Files\NVIDIA Corporation\Display\NvXDSync.exe
PRC - [2011/02/18 10:47:12 | 000,079,192 | ---- | M] (Research In Motion Limited) -- C:\Program Files\Common Files\Research In Motion\USB Drivers\RIMBBLaunchAgent.exe
PRC - [2011/01/07 19:48:56 | 000,378,984 | ---- | M] (NVIDIA Corporation) -- C:\Program Files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
PRC - [2010/12/21 12:04:30 | 000,987,704 | ---- | M] (Secunia) -- C:\Program Files\Secunia\PSI\psia.exe
PRC - [2010/12/21 12:04:30 | 000,399,416 | ---- | M] (Secunia) -- C:\Program Files\Secunia\PSI\sua.exe
PRC - [2010/12/21 12:04:30 | 000,291,896 | ---- | M] (Secunia) -- C:\Program Files\Secunia\PSI\psi_tray.exe
PRC - [2010/12/13 08:39:54 | 000,281,768 | ---- | M] (Avira GmbH) -- C:\Program Files\Avira\AntiVir Desktop\avgnt.exe
PRC - [2010/07/26 13:15:26 | 000,217,088 | ---- | M] (Teruten) -- C:\Windows\System32\FsUsbExService.Exe
PRC - [2010/01/14 21:11:00 | 000,076,968 | ---- | M] (Avira GmbH) -- C:\Program Files\Avira\AntiVir Desktop\avshadow.exe
PRC - [2009/09/06 12:38:06 | 000,071,096 | ---- | M] () -- C:\Program Files\CDBurnerXP\NMSAccessU.exe
PRC - [2009/04/11 06:28:15 | 000,117,248 | ---- | M] () -- \\?\C:\Windows\System32\wbem\WMIADAP.EXE
PRC - [2009/04/11 06:27:36 | 002,926,592 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe
PRC - [2008/12/04 12:24:30 | 000,665,424 | ---- | M] (SEIKO EPSON CORPORATION) -- C:\Program Files\Epson Software\Event Manager\EEventManager.exe
PRC - [2008/10/01 19:44:00 | 000,323,584 | ---- | M] () -- C:\Program Files\Acer\Empowering Technology\Framework.Launcher.exe
PRC - [2008/10/01 19:44:00 | 000,319,488 | ---- | M] () -- C:\Program Files\Acer\Empowering Technology\SysMonitor.exe
PRC - [2008/10/01 19:43:56 | 000,024,576 | ---- | M] () -- C:\Program Files\Acer\Empowering Technology\Service\ETService.exe
PRC - [2008/07/30 01:53:00 | 000,500,784 | ---- | M] (Egis Incorporated) -- C:\Program Files\Acer\Empowering Technology\eDataSecurity\x86\eDSService.exe
PRC - [2008/07/30 01:52:50 | 000,526,896 | ---- | M] (Egis Incorporated) -- C:\Program Files\Acer\Empowering Technology\eDataSecurity\x86\eDSLoader.exe
PRC - [2008/05/21 01:50:50 | 000,269,448 | ---- | M] (CyberLink) -- C:\Program Files\Acer Arcade Live\Acer HomeMedia Connect\Kernel\DMS\CLMSServer.exe
PRC - [2008/03/26 05:21:30 | 005,369,856 | ---- | M] (Realtek Semiconductor) -- C:\Windows\RtHDVCpl.exe
PRC - [2008/01/29 20:25:10 | 000,598,016 | ---- | M] () -- C:\Program Files\bin32\nSvcAppFlt.exe
PRC - [2008/01/29 20:24:46 | 000,163,840 | ---- | M] () -- C:\Program Files\bin32\nSvcIp.exe
PRC - [2008/01/21 02:24:46 | 000,049,664 | ---- | M] (Microsoft Corporation) -- C:\Windows\Speech\Common\sapisvr.exe
PRC - [2008/01/21 02:23:32 | 001,008,184 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Windows Defender\MSASCui.exe
========== Modules (No Company Name) ==========
MOD - [2012/02/17 17:50:10 | 001,911,768 | ---- | M] () -- C:\Program Files\Mozilla Firefox\mozjs.dll
MOD - [2012/02/16 03:36:53 | 000,998,400 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Management\8b5f54e3b382fc1720c76557ef8c8bc3\System.Management.ni.dll
MOD - [2012/02/16 03:30:28 | 012,430,848 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\65450889f3742aada2a6c0cf8e6173e3\System.Windows.Forms.ni.dll
MOD - [2012/02/16 03:30:18 | 001,587,200 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\137696d0416b65dbc1561152971488b4\System.Drawing.ni.dll
MOD - [2012/02/16 03:29:14 | 007,953,408 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System\c50133cb67d7c013fa31e1ffb942060b\System.ni.dll
MOD - [2012/02/16 03:09:06 | 001,218,560 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Management\dbc78bf6ea5ba346651f88cd45febe94\System.Management.ni.dll
MOD - [2012/02/16 03:07:28 | 000,762,880 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Runtime.Remo#\47a28c9724ca2af1e8a808b6a4492fdc\System.Runtime.Remoting.ni.dll
MOD - [2012/02/16 03:07:19 | 001,782,272 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Xaml\ecf7f8a10cf3e6c3944936c7562ffd69\System.Xaml.ni.dll
MOD - [2012/02/16 03:04:15 | 018,000,384 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\PresentationFramewo#\de7b98adae0cf9ef3ee34eba29b9e0d9\PresentationFramework.ni.dll
MOD - [2012/02/16 03:03:57 | 011,450,880 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\PresentationCore\b7d0085af8163b715488f2ed72d2b404\PresentationCore.ni.dll
MOD - [2012/02/16 03:03:46 | 013,138,432 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Windows.Forms\8f178c27be36f9a08ab5ef6b26edd53c\System.Windows.Forms.ni.dll
MOD - [2012/02/16 03:03:44 | 003,857,920 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\WindowsBase\ed88e619ee2f7890f095327c9e6c4f47\WindowsBase.ni.dll
MOD - [2012/02/16 03:03:43 | 007,069,696 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Core\e6a421765ab129b5a12db40f1ad11b33\System.Core.ni.dll
MOD - [2012/02/16 03:03:41 | 000,595,968 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\PresentationFramewo#\8bddd0d3155a3edec42e3039493095c7\PresentationFramework.Aero.ni.dll
MOD - [2012/02/16 03:03:36 | 001,652,736 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Drawing\48763e13ab42d7d355deba3265ea3223\System.Drawing.ni.dll
MOD - [2012/02/16 03:03:34 | 009,091,584 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System\dc9a87796af6bbda69eb6415f081d7d5\System.ni.dll
MOD - [2011/12/27 16:47:32 | 000,055,816 | ---- | M] () -- C:\Users\Family\AppData\Local\Temp\b01d42a6-0948-4bd0-8dea-54d68f50a791\CliSecureRT.dll
MOD - [2011/10/13 02:38:34 | 011,490,816 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\b6632a8b2f276a8e31f5b0f6b2006cd1\mscorlib.ni.dll
MOD - [2011/10/13 02:09:52 | 014,408,704 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\mscorlib\e360aa959e1b83be7026670d129c0a93\mscorlib.ni.dll
MOD - [2011/09/26 21:27:23 | 006,277,280 | ---- | M] () -- C:\Windows\System32\Macromed\Flash\NPSWF32.dll
MOD - [2011/06/24 21:56:36 | 000,087,328 | ---- | M] () -- C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
MOD - [2011/06/24 21:56:14 | 001,241,888 | ---- | M] () -- C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll
MOD - [2011/06/24 15:54:46 | 000,020,880 | ---- | M] () -- C:\Program Files\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe
MOD - [2011/01/07 19:48:38 | 000,235,624 | ---- | M] () -- C:\Program Files\NVIDIA Corporation\3D Vision\Nv3DVStreaming.dll
MOD - [2009/01/09 18:29:27 | 000,573,440 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\Framework.UIComponent\3.0.3011.0__739b31b1908c49e5\Framework.UIComponent.dll
MOD - [2009/01/09 18:29:27 | 000,061,440 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\Framework.Library\3.0.3011.0__3036420f80dd6947\Framework.Library.dll
MOD - [2009/01/09 18:29:27 | 000,036,864 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\Framework.Utility\3.0.3011.0__4df5dcab8860d239\Framework.Utility.dll
MOD - [2009/01/09 18:29:27 | 000,016,384 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\Framework.PluginInterface\3.0.3011.0__9ecdf03bb2054f94\Framework.PluginInterface.dll
MOD - [2009/01/09 18:29:26 | 000,028,672 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\Framework.Host\3.0.3011.0__672b450de5a7e94a\Framework.Host.dll
MOD - [2008/12/03 13:05:26 | 000,135,168 | ---- | M] () -- C:\Program Files\Epson Software\Event Manager\Assistants\Scan Assistant\ScanEngine.dll
MOD - [2008/11/26 09:56:02 | 000,057,344 | ---- | M] () -- C:\Program Files\Epson Software\Event Manager\Assistants\Scan Assistant\Satwain.dll
MOD - [2008/10/01 19:44:00 | 000,323,584 | ---- | M] () -- C:\Program Files\Acer\Empowering Technology\Framework.Launcher.exe
MOD - [2008/10/01 19:44:00 | 000,319,488 | ---- | M] () -- C:\Program Files\Acer\Empowering Technology\SysMonitor.exe
MOD - [2008/10/01 19:43:48 | 000,024,576 | ---- | M] () -- C:\Program Files\Acer\Empowering Technology\Framework.Presenter.dll
MOD - [2008/10/01 19:43:36 | 001,822,720 | ---- | M] () -- C:\Program Files\Acer\Empowering Technology\Framework.AppBar.dll
MOD - [2008/07/30 01:52:38 | 000,227,888 | ---- | M] () -- C:\Program Files\Acer\Empowering Technology\eDataSecurity\x86\ShowErrMsg.dll
========== Win32 Services (SafeList) ==========
SRV - [2011/06/28 14:38:55 | 000,269,480 | ---- | M] (Avira GmbH) [Auto | Running] -- C:\Program Files\Avira\AntiVir Desktop\avguard.exe -- (AntiVirService)
SRV - [2011/06/06 11:55:28 | 000,064,952 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)
SRV - [2011/04/27 21:16:41 | 000,136,360 | ---- | M] (Avira GmbH) [Auto | Running] -- C:\Program Files\Avira\AntiVir Desktop\sched.exe -- (AntiVirSchedulerService)
SRV - [2011/01/07 19:48:56 | 000,378,984 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe -- (Stereo Service)
SRV - [2010/12/21 12:04:30 | 000,987,704 | ---- | M] (Secunia) [Auto | Running] -- C:\Program Files\Secunia\PSI\PSIA.exe -- (Secunia PSI Agent)
SRV - [2010/12/21 12:04:30 | 000,399,416 | ---- | M] (Secunia) [Auto | Running] -- C:\Program Files\Secunia\PSI\sua.exe -- (Secunia Update Agent)
SRV - [2010/07/26 13:15:26 | 000,217,088 | ---- | M] (Teruten) [Auto | Running] -- C:\Windows\System32\FsUsbExService.Exe -- (FsUsbExService)
SRV - [2009/09/06 12:38:06 | 000,071,096 | ---- | M] () [Auto | Running] -- C:\Program Files\CDBurnerXP\NMSAccessU.exe -- (NMSAccessU)
SRV - [2008/10/01 19:43:56 | 000,024,576 | ---- | M] () [Auto | Running] -- C:\Program Files\Acer\Empowering Technology\Service\ETService.exe -- (ETService)
SRV - [2008/07/30 01:53:00 | 000,500,784 | ---- | M] (Egis Incorporated) [Auto | Running] -- C:\Program Files\Acer\Empowering Technology\eDataSecurity\x86\eDSService.exe -- (eDataSecurity Service)
SRV - [2008/05/21 01:50:50 | 000,269,448 | ---- | M] (CyberLink) [Auto | Running] -- C:\Program Files\Acer Arcade Live\Acer HomeMedia Connect\Kernel\DMS\CLMSServer.exe -- (Acer HomeMedia Connect Service)
SRV - [2008/01/29 20:25:10 | 000,598,016 | ---- | M] () [Auto | Running] -- C:\Program Files\bin32\nSvcAppFlt.exe -- (ForceWare Intelligent Application Manager (IAM)) ForceWare Intelligent Application Manager (IAM)
SRV - [2008/01/29 20:24:46 | 000,163,840 | ---- | M] () [Auto | Running] -- C:\Program Files\bin32\nSvcIp.exe -- (nSvcIp)
SRV - [2008/01/21 02:23:32 | 000,272,952 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV - [2006/12/14 01:21:20 | 000,045,056 | ---- | M] (Sony Corporation) [On_Demand | Stopped] -- C:\Program Files\Common Files\Sony Shared\AVLib\MSCSPTISRV.exe -- (MSCSPTISRV)
SRV - [2006/12/14 01:02:08 | 000,069,632 | ---- | M] (Sony Corporation) [On_Demand | Stopped] -- C:\Program Files\Common Files\Sony Shared\AVLib\SPTISRV.exe -- (SPTISRV)
SRV - [2006/12/14 00:46:16 | 000,057,344 | ---- | M] () [On_Demand | Stopped] -- C:\Program Files\Common Files\Sony Shared\AVLib\PACSPTISVR.exe -- (PACSPTISVR)
========== Driver Services (SafeList) ==========
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (NwlnkFwd)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (NwlnkFlt)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (IpInIp)
DRV - [2011/06/28 14:38:55 | 000,138,192 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\Windows\System32\drivers\avipbb.sys -- (avipbb)
DRV - [2011/06/28 14:38:55 | 000,066,616 | ---- | M] (Avira GmbH) [File_System | Auto | Running] -- C:\Windows\System32\drivers\avgntflt.sys -- (avgntflt)
DRV - [2011/06/07 11:13:36 | 000,020,032 | ---- | M] (Devguru Co., Ltd) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\dgderdrv.sys -- (dgderdrv)
DRV - [2011/02/23 01:57:00 | 010,468,360 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\nvlddmkm.sys -- (nvlddmkm)
DRV - [2010/11/11 23:10:50 | 000,122,984 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\nvhda32v.sys -- (NVHDA)
DRV - [2010/09/01 08:30:58 | 000,015,544 | ---- | M] (Secunia) [File_System | On_Demand | Running] -- C:\Windows\System32\drivers\psi_mf.sys -- (PSI)
DRV - [2010/08/12 12:07:50 | 000,292,712 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\nvmfdx32.sys -- (NVNET)
DRV - [2010/08/12 12:07:50 | 000,292,712 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\nvmfdx32.sys -- (NVENETFD)
DRV - [2010/07/26 13:15:26 | 000,036,640 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Windows\System32\FsUsbExDisk.Sys -- (FsUsbExDisk)
DRV - [2010/06/21 03:26:36 | 000,121,576 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ssadmdm.sys -- (ssadmdm)
DRV - [2010/06/21 03:26:36 | 000,096,488 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ssadbus.sys -- (ssadbus) SAMSUNG Android USB Composite Device driver (WDM)
DRV - [2010/06/21 03:26:36 | 000,030,312 | ---- | M] (Google Inc) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ssadadb.sys -- (androidusb)
DRV - [2010/06/21 03:26:36 | 000,012,776 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ssadmdfl.sys -- (ssadmdfl) SAMSUNG Android USB Modem (Filter)
DRV - [2010/06/17 14:27:22 | 000,028,520 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\Windows\System32\drivers\ssmdrv.sys -- (ssmdrv)
DRV - [2010/05/12 10:14:58 | 000,098,152 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ssadserd.sys -- (ssadserd) SAMSUNG Android USB Diagnostic Serial Port (WDM)
DRV - [2010/04/27 02:25:20 | 000,123,648 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\sscemdm.sys -- (sscemdm)
DRV - [2010/04/27 02:25:20 | 000,098,560 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\sscebus.sys -- (sscebus) SAMSUNG USB Composite Device V2 driver (WDM)
DRV - [2010/04/27 02:25:20 | 000,014,848 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\sscemdfl.sys -- (sscemdfl)
DRV - [2009/09/28 20:57:28 | 000,007,168 | ---- | M] () [File_System | On_Demand | Stopped] -- C:\Windows\System32\drivers\StarOpen.sys -- (StarOpen)
DRV - [2009/02/13 12:35:05 | 000,011,608 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\Program Files\Avira\AntiVir Desktop\avgio.sys -- (avgio)
DRV - [2008/10/01 18:04:16 | 000,012,832 | ---- | M] (Acer, Inc.) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\int15.sys -- (int15)
DRV - [2008/01/25 12:02:02 | 000,140,832 | ---- | M] (NVIDIA Corporation) [Kernel | Boot | Running] -- C:\Windows\system32\DRIVERS\nvstor32.sys -- (nvstor32)
DRV - [2007/12/04 13:50:56 | 000,464,384 | ---- | M] (Ralink Technology, Corp.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\netr73.sys -- (netr73)
DRV - [2007/10/12 08:53:10 | 000,013,312 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\nvsmu.sys -- (nvsmu)
DRV - [2003/10/23 00:23:00 | 000,016,848 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ctpdusb.sys -- (Jukebox3)Bern :j0 -
========== Internet Explorer ==========
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://homepage.acer.com/rdr.aspx?b=ACAW&l=0809&s=1&o=vp32&d=1006&m=aspire_x1300
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://homepage.acer.com/rdr.aspx?b=ACAW&l=0809&s=1&o=vp32&d=1006&m=aspire_x1300
IE - HKLM\..\SearchScopes,DefaultScope = {9BB47C17-9C68-4BB3-B188-DD9AF0FD2406}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKLM\..\SearchScopes\{67A2568C-7A0A-4EED-AECC-B5405DE63B64}: "URL" = http://www.google.com/search?sourceid=ie7&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7ACAW
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://homepage.acer.com/rdr.aspx?b=ACAW&l=0809&s=1&o=vp32&d=1006&m=aspire_x1300
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.google.com/ie
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = http://global.acer.com [binary data]
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = http://www.google.com/ie
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.google.com
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,SearchDefaultBranded = 1
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.co.uk/
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 1
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL = http://www.google.com/ie
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.google.com/ie
IE - HKCU\..\SearchScopes,DefaultScope = {0906EB1A-D0D5-47C2-A539-7271DB82D268}
IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC
IE - HKCU\..\SearchScopes\{0906EB1A-D0D5-47C2-A539-7271DB82D268}: "URL" = http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7&rlz=1I7ACAW_enGB348
IE - HKCU\..\SearchScopes\{70D46D94-BF1E-45ED-B567-48701376298E}: "URL" = http://127.0.0.1:4664/search&s=E30TFkkxV3Q66H1exWZnQ4_1Ulg?q={searchTerms}
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local
========== FireFox ==========
FF - prefs.js..browser.search.defaultenginename: ""
FF - prefs.js..browser.search.defaultthis.engineName: ""
FF - prefs.js..browser.search.defaulturl: ""
FF - prefs.js..browser.search.order.1: ""
FF - prefs.js..browser.search.selectedEngine: ""
FF - prefs.js..browser.search.useDBForOrder: true
FF - prefs.js..browser.startup.homepage: "http://www.searchqu.com/406"
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF32.dll ()
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@garmin.com/GpsControl: C:\Program Files\Garmin GPS Plugin\npGarmin.dll (GARMIN Corp.)
FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF - HKLM\Software\MozillaPlugins\@google.com/npPicasa3,version=3.0.0: C:\Program Files\Google\Picasa3\npPicasa3.dll (Google, Inc.)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files\Microsoft Silverlight\4.1.10111.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/!!!!!!!!!!,version=1.3: C:\Program Files\Microsoft\Office Live\npOLW.dll (Microsoft Corp.)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/!!!!!!!!!!,version=1.5: C:\Program Files\Microsoft\Office Live\npOLW.dll (Microsoft Corp.)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3508.1109: C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVision: C:\Program Files\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVisionStreaming: C:\Program Files\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF - HKLM\Software\MozillaPlugins\@real.com/nppl3260;version=15.0.2.72: c:\program files\real\realplayer\Netscape6\nppl3260.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprjplug;version=15.0.2.72: c:\program files\real\realplayer\Netscape6\nprjplug.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprpchromebrowserrecordext;version=15.0.1.13: C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprpchromebrowserrecordext.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprphtml5videoshim;version=15.0.2.72: C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprpjplug;version=15.0.2.72: c:\program files\real\realplayer\Netscape6\nprpjplug.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nsJSRealPlayerPlugin;version=: File not found
FF - HKLM\Software\MozillaPlugins\@rim.com/npappworld: C:\Program Files\Research In Motion Limited\BlackBerry App World Browser Plugin\npappworld.dll ()
FF - HKLM\Software\MozillaPlugins\@RIM.com/WebSLLauncher,version=1.0: C:\Program Files\Common Files\Research In Motion\BBWebSLLauncher\NPWebSLLauncher.dll ()
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.21.99\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.21.99\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKCU\Software\MozillaPlugins\@yahoo.com/BrowserPlus,version=2.9.8: C:\Users\Family\AppData\Local\Yahoo!\BrowserPlus\2.9.8\Plugins\npybrowserplus_2.9.8.dll (Yahoo! Inc.)
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{ABDE892B-13A8-4d1b-88E6-365A6E755758}: C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext [2012/03/02 09:21:41 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 10.0.2\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2012/02/17 17:50:11 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 10.0.2\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2012/03/02 09:22:03 | 000,000,000 | ---D | M]
[2012/03/02 22:19:38 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Family\AppData\Roaming\Mozilla\Extensions
[2012/03/02 22:27:13 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Family\AppData\Roaming\Mozilla\Firefox\Profiles\vxqax3ct.default\extensions
[2010/06/25 08:00:01 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Users\Family\AppData\Roaming\Mozilla\Firefox\Profiles\vxqax3ct.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}
[2012/03/02 22:19:38 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions
[2012/03/02 09:21:41 | 000,000,000 | ---D | M] (RealPlayer Browser Record Plugin) -- C:\PROGRAMDATA\REAL\REALPLAYER\BROWSERRECORDPLUGIN\FIREFOX\EXT
[2012/02/17 17:50:10 | 000,134,104 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\browsercomps.dll
[2011/12/22 17:17:20 | 000,476,904 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\mozilla firefox\plugins\npdeployJava1.dll
[2012/01/29 14:08:59 | 000,001,538 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\amazon-en-GB.xml
[2012/01/29 13:50:55 | 000,002,252 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\bing.xml
[2012/01/29 14:08:59 | 000,000,947 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\chambers-en-GB.xml
[2012/01/29 14:08:59 | 000,001,180 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\eBay-en-GB.xml
[2012/01/29 14:08:59 | 000,001,135 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\yahoo-en-GB.xml
========== Chrome ==========
CHR - default_search_provider: Search Results (Enabled)
CHR - default_search_provider: search_url = http://dts.search-results.com/sr?src=crb&appid=102&systemid=406&sr=0&q={searchTerms}
CHR - default_search_provider: suggest_url =
CHR - plugin: Remoting Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Program Files\Google\Chrome\Application\17.0.963.56\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Program Files\Google\Chrome\Application\17.0.963.56\pdf.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Program Files\Google\Chrome\Application\17.0.963.56\gcswf32.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Windows\system32\Macromed\Flash\NPSWF32.dll
CHR - plugin: Adobe Acrobat (Disabled) = C:\Program Files\Adobe\Reader 10.0\Reader\Browser\nppdf32.dll
CHR - plugin: Java Deployment Toolkit 6.0.290.11 (Enabled) = C:\Program Files\Java\jre6\bin\new_plugin\npdeployJava1.dll
CHR - plugin: Java(TM) Platform SE 6 U29 (Enabled) = C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll
CHR - plugin: RealPlayer(tm) G2 LiveConnect-Enabled Plug-In (32-bit) (Enabled) = C:\Program Files\Mozilla Firefox\plugins\nppl3260.dll
CHR - plugin: RealPlayer Version Plugin (Enabled) = C:\Program Files\Mozilla Firefox\plugins\nprpjplug.dll
CHR - plugin: RealPlayer(tm) HTML5VideoShim Plug-In (32-bit) (Enabled) = C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll
CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin.dll
CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin2.dll
CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin3.dll
CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin4.dll
CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin5.dll
CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin6.dll
CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin7.dll
CHR - plugin: RealJukebox NS Plugin (Enabled) = C:\Program Files\Mozilla Firefox\plugins\nprjplug.dll
CHR - plugin: RIM Handheld Application Loader (Enabled) = C:\Program Files\Common Files\Research In Motion\BBWebSLLauncher\NPWebSLLauncher.dll
CHR - plugin: MindSpark Toolbar Platform Plugin Stub (Enabled) = C:\Program Files\DictionaryBoss\bar\1.bin\NPv4Stub.dll
CHR - plugin: Garmin Communicator Plug-In (Enabled) = C:\Program Files\Garmin GPS Plugin\npGarmin.dll
CHR - plugin: Google Earth Plugin (Enabled) = C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll
CHR - plugin: Picasa (Enabled) = C:\Program Files\Google\Picasa3\npPicasa3.dll
CHR - plugin: Google Update (Enabled) = C:\Program Files\Google\Update\1.3.21.99\npGoogleUpdate3.dll
CHR - plugin: Silverlight Plug-In (Enabled) = C:\Program Files\Microsoft Silverlight\4.1.10111.0\npctrl.dll
CHR - plugin: Microsoft Office Live Plug-in for Firefox (Enabled) = C:\Program Files\Microsoft\Office Live\npOLW.dll
CHR - plugin: NVIDIA 3D Vision (Enabled) = C:\Program Files\NVIDIA Corporation\3D Vision\npnv3dv.dll
CHR - plugin: NVIDIA 3D VISION (Enabled) = C:\Program Files\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll
CHR - plugin: BlackBerry AppWorld (Enabled) = C:\Program Files\Research In Motion Limited\BlackBerry App World Browser Plugin\npappworld.dll
CHR - plugin: Windows Live\u0099 Photo Gallery (Enabled) = C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll
CHR - plugin: iTunes Application Detector (Enabled) = C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll
CHR - plugin: RealNetworks(tm) Chrome Background Extension Plug-In (32-bit) (Enabled) = C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprpchromebrowserrecordext.dll
CHR - plugin: BrowserPlus (from Yahoo!) v2.9.8 (Enabled) = C:\Users\Family\AppData\Local\Yahoo!\BrowserPlus\2.9.8\Plugins\npybrowserplus_2.9.8.dll
CHR - plugin: Windows Presentation Foundation (Enabled) = C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll
CHR - plugin: Default Plug-in (Enabled) = default_plugin
CHR - Extension: Entanglement = C:\Users\Family\AppData\Local\Google\Chrome\User Data\Default\Extensions\aciahcmjmecflokailenpkdchphgkefd\2.7.9_0\
CHR - Extension: Surf Canyon = C:\Users\Family\AppData\Local\Google\Chrome\User Data\Default\Extensions\bcjagnifjocnddgeknajocbkkhlgibem\3.3.7_0\
CHR - Extension: RealPlayer HTML5Video Downloader Extension = C:\Users\Family\AppData\Local\Google\Chrome\User Data\Default\Extensions\jfmjfhklogoienhpfnppmbcbjfjnkonk\1.5_0\
CHR - Extension: Poppit = C:\Users\Family\AppData\Local\Google\Chrome\User Data\Default\Extensions\mcbkbpnkkkipelfledbfocopglifcfmi\2.2_0\
O1 HOSTS File: ([2006/09/18 21:41:30 | 000,000,761 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: ::1 localhost
O2 - BHO: (RealPlayer Download and Record Plugin for Internet Explorer) - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll (RealPlayer)
O2 - BHO: (ShowBarObj Class) - {83A2F9B1-01A2-4AA5-87D1-45B6B8505E96} - C:\Program Files\Acer\Empowering Technology\eDataSecurity\x86\ActiveToolBand.dll (Egis)
O2 - BHO: (Easy Photo Print) - {9421DD08-935F-4701-A9CA-22DF90AC4EA6} - C:\Program Files\Epson Software\Easy Photo Print\EPTBL.dll (SEIKO EPSON CORPORATION / CyCom Technology Corp.)
O3 - HKLM\..\Toolbar: (no name) - !{3042df7a-e900-4389-9b94-923df0daa57e} - No CLSID value found.
O3 - HKLM\..\Toolbar: (Acer eDataSecurity Management) - {5CBE3B7C-1E47-477e-A7DD-396DB0476E29} - C:\Program Files\Acer\Empowering Technology\eDataSecurity\x86\eDStoolbar.dll (Egis Incorporated.)
O3 - HKLM\..\Toolbar: (Easy Photo Print) - {9421DD08-935F-4701-A9CA-22DF90AC4EA6} - C:\Program Files\Epson Software\Easy Photo Print\EPTBL.dll (SEIKO EPSON CORPORATION / CyCom Technology Corp.)
O3 - HKCU\..\Toolbar\ShellBrowser: (Acer eDataSecurity Management) - {5CBE3B7C-1E47-477E-A7DD-396DB0476E29} - C:\Program Files\Acer\Empowering Technology\eDataSecurity\x86\eDStoolbar.dll (Egis Incorporated.)
O4 - HKLM..\Run: [Acer Assist Launcher] C:\Program Files\Acer\Acer Assist\launcher.exe ()
O4 - HKLM..\Run: [Acer Empowering Technology Monitor] C:\Program Files\Acer\Empowering Technology\SysMonitor.exe ()
O4 - HKLM..\Run: [Acer Product Registration] C:\Program Files\Acer\Acer Registration\ACE1.exe (Leader Technologies)
O4 - HKLM..\Run: [APSDaemon] C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.)
O4 - HKLM..\Run: [avgnt] C:\Program Files\Avira\AntiVir Desktop\avgnt.exe (Avira GmbH)
O4 - HKLM..\Run: [DVDtoiPodConverter_upgrade] C:\Program Files\E-Zsoft\DVDtoiPodConverter\DVDtoiPodConverter.exe (E-Z soft)
O4 - HKLM..\Run: [eDataSecurity Loader] C:\Program Files\Acer\Empowering Technology\eDataSecurity\x86\eDSLoader.exe (Egis Incorporated)
O4 - HKLM..\Run: [EEventManager] C:\Program Files\Epson Software\Event Manager\EEventManager.exe (SEIKO EPSON CORPORATION)
O4 - HKLM..\Run: [EmpoweringTechnology] C:\Program Files\Acer\Empowering Technology\Framework.Launcher.exe boot File not found
O4 - HKLM..\Run: [KiesTrayAgent] C:\Program Files\Samsung\Kies\KiesTrayAgent.exe (Samsung Electronics Co., Ltd.)
O4 - HKLM..\Run: [Malwarebytes' Anti-Malware (reboot)] C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe (Malwarebytes Corporation)
O4 - HKLM..\Run: [MontiorGeo] c:\Acer\MonitorGeo.cmd File not found
O4 - HKLM..\Run: [PCMMediaSharing] C:\Program Files\Acer Arcade Live\Acer HomeMedia Connect\Kernel\DMS\PCMMediaSharing.exe ()
O4 - HKLM..\Run: [RIMBBLaunchAgent.exe] C:\Program Files\Common Files\Research In Motion\USB Drivers\RIMBBLaunchAgent.exe (Research In Motion Limited)
O4 - HKLM..\Run: [RtHDVCpl] C:\Windows\RtHDVCpl.exe (Realtek Semiconductor)
O4 - HKLM..\Run: [Setresolution] C:\ACER\config\1366x768.cmd File not found
O4 - HKLM..\Run: [TkBellExe] c:\program files\real\realplayer\Update\realsched.exe (RealNetworks, Inc.)
O4 - HKLM..\Run: [Windows Defender] C:\Program Files\Windows Defender\MSASCui.exe (Microsoft Corporation)
O4 - HKCU..\Run: [EPSON SX210 Series] C:\Windows\System32\spool\DRIVERS\W32X86\3\E_FATIFDE.EXE (SEIKO EPSON CORPORATION)
O4 - HKCU..\Run: [InstallIQUpdater] C:\Program Files\W3i\InstallIQUpdater\InstallIQUpdater.exe (W3i, LLC)
O4 - HKCU..\Run: [KiesHelper] C:\Program Files\Samsung\Kies\KiesHelper.exe (Samsung)
O4 - HKCU..\Run: [KiesPDLR] C:\Program Files\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe ()
O4 - HKCU..\Run: [KiesTrayAgent] C:\Program Files\Samsung\Kies\KiesTrayAgent.exe (Samsung Electronics Co., Ltd.)
O4 - HKCU..\Run: [Speech Recognition] C:\Windows\Speech\Common\sapisvr.exe (Microsoft Corporation)
O4 - HKCU..\Run: [Spotify] C:\Users\Family\AppData\Roaming\Spotify\Spotify.exe (Spotify Ltd)
O4 - HKCU..\Run: [Startw3i] C:\Program Files\PC Speed Maximizer\Startw3i.exe File not found
O4 - Startup: C:\Users\Family\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\e-Speaking Voice and Speech Recognition Software.appref-ms ()
O8 - Extra context menu item: Add to Google Photos Screensa&ver - C:\Windows\System32\GPhotos.scr (Google Inc.)
O8 - Extra context menu item: Google Sidewiki... - res://C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_7461B1589E8B4FB7.dll/cmsidewiki.html File not found
O10 - NameSpace_Catal!!!\Catalog_Entries\000000000007 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O10 - Protocol_Catalog9\Catalog_Entries\000000000001 - C:\Windows\System32\nvLsp.dll (NVIDIA)
O10 - Protocol_Catalog9\Catalog_Entries\000000000002 - C:\Windows\System32\nvLsp.dll (NVIDIA)
O10 - Protocol_Catalog9\Catalog_Entries\000000000003 - C:\Windows\System32\nvLsp.dll (NVIDIA)
O10 - Protocol_Catalog9\Catalog_Entries\000000000014 - C:\Windows\System32\nvLsp.dll (NVIDIA)
O13 - gopher Prefix: missing
O15 - HKCU\..Trusted Domains: localhost ([]http in Local intranet)
O15 - HKCU\..Trusted Ranges: GD ([http] in Local intranet)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.254
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{197B649D-B446-4689-8DDE-B1AB0396C4D9}: DhcpNameServer = 192.168.1.254
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{3EE42708-4341-45B3-A356-099CA861B2F0}: DhcpNameServer = 192.168.1.254
O20 - AppInit_DLLs: (C:\PROGRA~1\Google\GOOGLE~1\GOEC62~1.DLL) - C:\Program Files\Google\Google Desktop Search\GoogleDesktopNetwork3.dll (Google)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\System32\userinit.exe (Microsoft Corporation)
O24 - Desktop WallPaper: C:\Users\Family\AppData\Roaming\Microsoft\Windows Photo Gallery\Windows Photo Gallery Wallpaper.jpg
O24 - Desktop BackupWallPaper: C:\Users\Family\AppData\Roaming\Microsoft\Windows Photo Gallery\Windows Photo Gallery Wallpaper.jpg
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2006/09/18 21:43:36 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*Bern :j0 -
========== Standard Registry (SafeList) ==========
========== Files/Folders - Created Within 30 Days ==========
[2012/03/02 22:38:54 | 000,585,216 | ---- | C] (OldTimer Tools) -- C:\Users\Family\Documents\OTL(4).exe
[2012/03/02 22:38:45 | 000,000,000 | ---D | C] -- C:\Users\Family\AppData\Local\{D4735339-5168-4366-9595-D8BE47590A0B}
[2012/03/02 22:32:11 | 000,000,000 | ---D | C] -- C:\_OTL
[2012/03/02 22:30:16 | 000,585,216 | ---- | C] (OldTimer Tools) -- C:\Users\Family\Documents\OTL(3).exe
[2012/03/02 20:27:15 | 000,584,704 | ---- | C] (OldTimer Tools) -- C:\Users\Family\Documents\OTL(2).exe
[2012/03/02 20:16:38 | 000,584,704 | ---- | C] (OldTimer Tools) -- C:\Users\Family\Documents\OTL(1).exe
[2012/03/02 20:15:04 | 000,584,704 | ---- | C] (OldTimer Tools) -- C:\Users\Family\Documents\OTL.exe
[2012/03/02 09:21:46 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\xing shared
[2012/03/02 07:37:37 | 000,000,000 | ---D | C] -- C:\Users\Family\AppData\Local\{2BB5341F-B59E-4E60-8B1B-8B985364A601}
[2012/03/02 07:37:20 | 000,000,000 | ---D | C] -- C:\Users\Family\AppData\Local\{07266CD6-F131-4217-BD2C-C57ED633715D}
[2012/02/27 07:53:53 | 000,000,000 | ---D | C] -- C:\Users\Family\AppData\Local\{7C590E16-031D-4A7E-96A2-2BC13D655495}
[2012/02/27 07:53:43 | 000,000,000 | ---D | C] -- C:\Users\Family\AppData\Local\{9C5E9529-8608-436B-8813-AC8E09A1F3C2}
[2012/02/26 14:20:35 | 002,364,504 | ---- | C] (Musiclab, LLC ) -- C:\Users\Family\Documents\BearShareV10.exe
[2012/02/25 13:59:43 | 000,000,000 | ---D | C] -- C:\Users\Family\AppData\Local\{FFED9DC3-8182-41FD-9228-884BE3E8A5AE}
[2012/02/25 13:59:33 | 000,000,000 | ---D | C] -- C:\Users\Family\AppData\Local\{BDC74B2D-9994-436C-8B1F-53BBC14BD42D}
[2012/02/25 13:11:52 | 000,000,000 | ---D | C] -- C:\Users\Family\AppData\Local\{4B43DD1F-BF70-43FC-8625-AF25E0A9B31F}
[2012/02/25 13:11:38 | 000,000,000 | ---D | C] -- C:\Users\Family\AppData\Local\{F3403B71-E43B-405F-9055-221A9D20456F}
[2012/02/20 17:53:09 | 000,000,000 | ---D | C] -- C:\Users\Family\Desktop\waistcoat_files
[2012/02/18 10:14:27 | 000,000,000 | ---D | C] -- C:\Users\Family\AppData\Local\{34CA434B-8079-4A06-91C1-FA0C908CB0BA}
[2012/02/18 10:14:17 | 000,000,000 | ---D | C] -- C:\Users\Family\AppData\Local\{FB63E4A7-3719-4099-9B86-802509F22F01}
[2012/02/16 08:34:00 | 000,000,000 | ---D | C] -- C:\Users\Family\AppData\Local\{9CE2BBDF-0BFF-4373-A096-B1A49432A7A8}
[2012/02/16 08:33:50 | 000,000,000 | ---D | C] -- C:\Users\Family\AppData\Local\{FDE8C3C1-FDBB-48DD-9849-1AFC869269F0}
[2012/02/13 13:40:30 | 000,000,000 | ---D | C] -- C:\Users\Family\AppData\Local\{FA952211-A196-489F-9E2F-E0A0EF267BD2}
[2012/02/13 13:40:02 | 000,000,000 | ---D | C] -- C:\Users\Family\AppData\Local\{6BD9D9A6-E150-4546-A0AD-D5BD96033807}
[2012/02/10 09:35:55 | 000,000,000 | ---D | C] -- C:\Users\Family\Desktop\vintage web
[2012/02/10 09:29:34 | 000,000,000 | ---D | C] -- C:\Users\Family\AppData\Local\{FD6C78DE-DCDF-43E4-9D5B-F2EFB96E31FC}
[2012/02/10 09:29:24 | 000,000,000 | ---D | C] -- C:\Users\Family\AppData\Local\{06534A31-1329-4496-84BD-2DF2F13D2011}
[2012/02/09 17:42:19 | 000,000,000 | ---D | C] -- C:\Users\Family\AppData\Local\{2ED4896D-D76C-42F9-86F8-1561D4A4F2AE}
[2012/02/09 17:42:00 | 000,000,000 | ---D | C] -- C:\Users\Family\AppData\Local\{A23E250A-0F6E-49BE-821F-041D5AA77636}
[2012/02/05 13:37:01 | 000,000,000 | ---D | C] -- C:\Users\Family\AppData\Local\{FB975BE7-8619-4F3C-8280-E796050673B6}
[2012/02/05 13:36:51 | 000,000,000 | ---D | C] -- C:\Users\Family\AppData\Local\{BD4F3496-29BC-4B4A-B74B-E4F01917AE5D}
[2012/02/05 12:08:20 | 000,000,000 | ---D | C] -- C:\Users\Family\AppData\Local\{04151520-5576-4376-857F-0DC7E18E2EF2}
[2012/02/05 12:08:03 | 000,000,000 | ---D | C] -- C:\Users\Family\AppData\Local\{6D5A6175-D95A-4A44-B7E1-48A02339F313}
[2012/02/04 10:29:51 | 000,000,000 | ---D | C] -- C:\Users\Family\AppData\Local\{D92FB47A-7A31-4994-817F-0B56D2CCA80D}
[2012/02/04 10:29:41 | 000,000,000 | ---D | C] -- C:\Users\Family\AppData\Local\{F9471317-F26A-4B9A-9FBD-6F7B64D214BC}
[2 C:\Users\Family\Documents\*.tmp files -> C:\Users\Family\Documents\*.tmp -> ]
========== Files - Modified Within 30 Days ==========
[2012/03/02 22:41:04 | 000,608,760 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2012/03/02 22:41:04 | 000,108,268 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2012/03/02 22:39:01 | 000,585,216 | ---- | M] (OldTimer Tools) -- C:\Users\Family\Documents\OTL(4).exe
[2012/03/02 22:35:32 | 000,000,882 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2012/03/02 22:34:55 | 000,003,216 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
[2012/03/02 22:34:55 | 000,003,216 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
[2012/03/02 22:34:51 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2012/03/02 22:34:49 | 2951,208,960 | -HS- | M] () -- C:\hiberfil.sys
[2012/03/02 22:30:19 | 000,585,216 | ---- | M] (OldTimer Tools) -- C:\Users\Family\Documents\OTL(3).exe
[2012/03/02 22:08:00 | 000,000,886 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2012/03/02 20:27:17 | 000,584,704 | ---- | M] (OldTimer Tools) -- C:\Users\Family\Documents\OTL(2).exe
[2012/03/02 20:16:40 | 000,584,704 | ---- | M] (OldTimer Tools) -- C:\Users\Family\Documents\OTL(1).exe
[2012/03/02 20:15:07 | 000,584,704 | ---- | M] (OldTimer Tools) -- C:\Users\Family\Documents\OTL.exe
[2012/03/02 10:08:00 | 000,029,696 | ---- | M] () -- C:\Users\Family\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2012/03/02 09:21:55 | 000,001,745 | ---- | M] () -- C:\Users\Public\Desktop\Free Offers.lnk
[2012/03/02 09:21:55 | 000,000,847 | ---- | M] () -- C:\Users\Public\Desktop\RealPlayer.lnk
[2012/03/02 09:21:01 | 000,272,896 | ---- | M] (Progressive Networks) -- C:\Windows\System32\pncrt.dll
[2012/02/27 15:11:12 | 000,119,408 | ---- | M] () -- C:\Users\Family\Desktop\DANS CV...rtf
[2012/02/27 15:07:41 | 000,119,314 | ---- | M] () -- C:\Users\Family\Desktop\DANS CV 8-6-11.rtf
[2012/02/26 14:20:40 | 002,364,504 | ---- | M] (Musiclab, LLC ) -- C:\Users\Family\Documents\BearShareV10.exe
[2012/02/23 08:41:01 | 002,969,352 | ---- | M] () -- C:\Users\Family\Documents\Tyler The Creator - Yonkers.mp3
[2012/02/23 08:40:56 | 002,419,736 | ---- | M] () -- C:\Users\Family\Documents\Earl Sweatshirt - EARL.mp3
[2012/02/23 08:40:55 | 003,683,226 | ---- | M] () -- C:\Users\Family\Documents\Damian Marley - Me Name Jr. Gong.mp3
[2012/02/23 08:40:45 | 000,013,398 | -HS- | M] () -- C:\Users\Family\Documents\Folder.jpg
[2012/02/23 08:40:45 | 000,013,398 | -HS- | M] () -- C:\Users\Family\Documents\AlbumArt_{75D18E15-4F27-4D33-84DD-572DBF2EFFD0}_Large.jpg
[2012/02/23 08:40:44 | 000,003,086 | -HS- | M] () -- C:\Users\Family\Documents\AlbumArtSmall.jpg
[2012/02/23 08:40:44 | 000,003,086 | -HS- | M] () -- C:\Users\Family\Documents\AlbumArt_{75D18E15-4F27-4D33-84DD-572DBF2EFFD0}_Small.jpg
[2012/02/20 18:04:04 | 000,015,006 | ---- | M] () -- C:\Users\Family\Desktop\waistcoat pic.jpg
[2012/02/20 17:53:11 | 000,105,112 | ---- | M] () -- C:\Users\Family\Desktop\waistcoat.htm
[2012/02/17 05:09:22 | 000,001,975 | ---- | M] () -- C:\Users\Public\Desktop\Google Chrome.lnk
[2012/02/16 03:27:52 | 000,306,864 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT
[2012/02/14 20:01:26 | 000,007,282 | ---- | M] () -- C:\Users\Family\Desktop\good vintage header.jpg
[2012/02/03 23:23:38 | 000,000,850 | ---- | M] () -- C:\Users\Public\Desktop\Mozilla Firefox.lnk
[2 C:\Users\Family\Documents\*.tmp files -> C:\Users\Family\Documents\*.tmp -> ]
========== Files Created - No Company Name ==========
[2012/03/02 09:21:55 | 000,000,847 | ---- | C] () -- C:\Users\Public\Desktop\RealPlayer.lnk
[2012/02/27 15:11:10 | 000,119,408 | ---- | C] () -- C:\Users\Family\Desktop\DANS CV...rtf
[2012/02/23 08:40:45 | 000,013,398 | -HS- | C] () -- C:\Users\Family\Documents\AlbumArt_{75D18E15-4F27-4D33-84DD-572DBF2EFFD0}_Large.jpg
[2012/02/23 08:40:45 | 000,003,086 | -HS- | C] () -- C:\Users\Family\Documents\AlbumArt_{75D18E15-4F27-4D33-84DD-572DBF2EFFD0}_Small.jpg
[2012/02/20 18:04:04 | 000,015,006 | ---- | C] () -- C:\Users\Family\Desktop\waistcoat pic.jpg
[2012/02/20 17:53:09 | 000,105,112 | ---- | C] () -- C:\Users\Family\Desktop\waistcoat.htm
[2012/02/14 19:55:29 | 000,007,282 | ---- | C] () -- C:\Users\Family\Desktop\good vintage header.jpg
[2012/02/13 13:45:35 | 002,419,736 | ---- | C] () -- C:\Users\Family\Documents\Earl Sweatshirt - EARL.mp3
[2012/02/13 13:45:01 | 002,969,352 | ---- | C] () -- C:\Users\Family\Documents\Tyler The Creator - Yonkers.mp3
[2012/02/13 13:43:16 | 003,683,226 | ---- | C] () -- C:\Users\Family\Documents\Damian Marley - Me Name Jr. Gong.mp3
[2012/02/03 23:23:38 | 000,000,850 | ---- | C] () -- C:\Users\Public\Desktop\Mozilla Firefox.lnk
[2011/06/07 11:13:38 | 000,974,848 | ---- | C] () -- C:\Windows\System32\cis-2.4.dll
[2011/06/07 11:13:38 | 000,081,920 | ---- | C] () -- C:\Windows\System32\issacapi_bs-2.3.dll
[2011/06/07 11:13:38 | 000,065,536 | ---- | C] () -- C:\Windows\System32\issacapi_pe-2.3.dll
[2011/06/07 11:13:38 | 000,057,344 | ---- | C] () -- C:\Windows\System32\issacapi_se-2.3.dll
[2011/06/07 11:13:38 | 000,030,568 | ---- | C] () -- C:\Windows\MusiccityDownload.exe
[2011/03/31 16:42:18 | 000,000,680 | ---- | C] () -- C:\Users\Family\AppData\Local\d3d9caps.dat
[2011/01/24 21:34:00 | 000,127,348 | -H-- | C] () -- C:\Windows\System32\mlfcache.dat
[2010/09/17 19:32:17 | 000,110,592 | ---- | C] () -- C:\Windows\System32\FsUsbExDevice.Dll
[2010/09/17 19:32:17 | 000,036,640 | ---- | C] () -- C:\Windows\System32\FsUsbExDisk.Sys
========== LOP Check ==========
[2010/07/18 16:58:48 | 000,000,000 | -HSD | M] -- C:\Users\Family\AppData\Roaming\.#
[2011/12/27 16:12:01 | 000,000,000 | ---D | M] -- C:\Users\Family\AppData\Roaming\4Media
[2009/10/05 17:15:51 | 000,000,000 | ---D | M] -- C:\Users\Family\AppData\Roaming\Acer
[2009/01/09 19:00:58 | 000,000,000 | ---D | M] -- C:\Users\Family\AppData\Roaming\Acer GameZone Console
[2009/10/22 10:08:35 | 000,000,000 | ---D | M] -- C:\Users\Family\AppData\Roaming\Anthropics
[2010/11/04 23:09:17 | 000,000,000 | ---D | M] -- C:\Users\Family\AppData\Roaming\BitTorrent
[2011/07/01 10:09:11 | 000,000,000 | ---D | M] -- C:\Users\Family\AppData\Roaming\Blackberry Desktop
[2009/10/19 16:51:06 | 000,000,000 | ---D | M] -- C:\Users\Family\AppData\Roaming\Canneverbe_Limited
[2009/10/10 16:10:06 | 000,000,000 | ---D | M] -- C:\Users\Family\AppData\Roaming\Canon
[2011/12/27 15:57:55 | 000,000,000 | ---D | M] -- C:\Users\Family\AppData\Roaming\E-Zsoft
[2011/10/27 12:48:26 | 000,000,000 | ---D | M] -- C:\Users\Family\AppData\Roaming\Epson
[2010/07/18 16:44:38 | 000,000,000 | ---D | M] -- C:\Users\Family\AppData\Roaming\GARMIN
[2010/08/16 12:12:48 | 000,000,000 | ---D | M] -- C:\Users\Family\AppData\Roaming\HandBrake
[2009/10/05 17:15:50 | 000,000,000 | ---D | M] -- C:\Users\Family\AppData\Roaming\Leadertech
[2009/11/20 15:50:02 | 000,000,000 | ---D | M] -- C:\Users\Family\AppData\Roaming\LimeWire
[2010/08/09 14:03:39 | 000,000,000 | ---D | M] -- C:\Users\Family\AppData\Roaming\Oberonv1000
[2011/05/27 18:30:58 | 000,000,000 | ---D | M] -- C:\Users\Family\AppData\Roaming\RegistryKeys
[2011/02/24 12:23:56 | 000,000,000 | ---D | M] -- C:\Users\Family\AppData\Roaming\Research In Motion
[2011/12/27 16:44:24 | 000,000,000 | ---D | M] -- C:\Users\Family\AppData\Roaming\Samsung
[2012/03/02 22:33:10 | 000,000,000 | ---D | M] -- C:\Users\Family\AppData\Roaming\Spotify
[2011/01/22 10:34:24 | 000,000,000 | ---D | M] -- C:\Users\Family\AppData\Roaming\SystemRequirementsLab
[2009/10/11 13:53:04 | 000,000,000 | ---D | M] -- C:\Users\Family\AppData\Roaming\Template
[2011/05/27 18:08:34 | 000,000,000 | ---D | M] -- C:\Users\Family\AppData\Roaming\Titanium Gears
[2010/02/28 19:39:05 | 000,000,000 | ---D | M] -- C:\Users\Family\AppData\Roaming\Trusteer
[2011/02/24 12:31:17 | 000,000,000 | ---D | M] -- C:\Users\Family\AppData\Roaming\Uniblue
[2011/07/03 12:16:18 | 000,000,000 | ---D | M] -- C:\Users\Family\AppData\Roaming\Windows Live Writer
[2012/03/02 22:33:34 | 000,032,602 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT
========== Purity Check ==========
========== Alternate Data Streams ==========
@Alternate Data Stream - 889 bytes -> C:\Users\Family\Documents\raffle - programme notes.eml:OECustomProperty
< End of report >Bern :j0 -
Most of it's gone - just a few stragglers left.
- Right click OTL.exe & choose "Run as Administrator" to start the program.
- Copy and Paste the following code into the textbox. Do not include the word Code:
:OTL FF - prefs.js..browser.startup.homepage: "http://www.searchqu.com/406" CHR - default_search_provider: Search Results (Enabled) CHR - default_search_provider: search_url = http://dts.search-results.com/sr?src=crb&appid=102&systemid=406&sr=0&q={searchTerms} O3 - HKLM\..\Toolbar: (no name) - !{3042df7a-e900-4389-9b94-923df0daa57e} - No CLSID value found. :commands [CREATERESTOREPOINT] [REBOOT]
- Then click the Run Fix button at the top.
- Click .
- OTL may ask to reboot the machine. Please do so if asked.
- The report should appear in Notepad after the reboot.Copy and Paste that report in your next reply.
0 -
========== OTL ==========
Prefs.js: "http://www.searchqu.com/406" removed from browser.startup.homepage
Unable to fix default_search_provider items.
Unable to fix default_search_provider items.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\!{3042df7a-e900-4389-9b94-923df0daa57e} deleted successfully.
========== COMMANDS ==========
is that it?
I think that's sorted it - have just reset my preferred option to google - and that's held firm!..
Thanks so much for your help - much appreciated.Bern :j0 -
Open Google Chrome, Click about:settings > Basics > search > click manage search engines.
Hover over: Search Results > http://dts.search-results.com & then click the X on the end.
Set google or something as the default.Then run a quick scan with Malwarebytes anti-malware as you have it installed.
I see this is a family PC? Who uses bearshare, limewire & other file sharing programs - the kids?That's how this junk gets on the pc.0 -
Open Google Chrome, Click about:settings > Basics > search > click manage search engines.
Hover over: Search Results > http://dts.search-results.com & then click the X on the end.
I see this is a family PC? Who uses bearshare, limewire & other file sharing programs - the kids?That's how this junk gets on the pc.
hmm - there's an X by all the other options but not dts.search-results.com ...
yes- have had words with son about downloading 'stuff' - again.Bern :j0
This discussion has been closed.
Confirm your email address to Create Threads and Reply
Categories
- All Categories
- 352.9K Banking & Borrowing
- 253.9K Reduce Debt & Boost Income
- 454.7K Spending & Discounts
- 246K Work, Benefits & Business
- 602.1K Mortgages, Homes & Bills
- 177.8K Life & Family
- 259.9K Travel & Transport
- 1.5M Hobbies & Leisure
- 16K Discuss & Feedback
- 37.7K Read-Only Boards