We’d like to remind Forumites to please avoid political debate on the Forum.

This is to keep it a safe and useful space for MoneySaving discussions. Threads that are – or become – political in nature may be removed in line with the Forum’s rules. Thank you for your understanding.

📨 Have you signed up to the Forum's new Email Digest yet? Get a selection of trending threads sent straight to your inbox daily, weekly or monthly!
The Forum now has a brand new text editor, adding a bunch of handy features to use when creating posts. Read more in our how-to guide

Virus in Chrome

siamese0109
siamese0109 Posts: 355 Forumite
in Techie Stuff
Hi I'm running Chrome at the moment and a couple of weeks ago I started seeing random words underlined in blue which had pop up ads when I hovered my mouse over them. They are annoying me more and more and it's obviously some kind of virus but it's not being picked up by Malwarebytes or Superantispyware. I've looked around on line but the number of options is confusing and I'm not sure which are a real help and which might make things worse! Can anyone help please? Many thanks....
«1

Comments

  • alanrowell
    alanrowell Posts: 5,390 Forumite
    Part of the Furniture 1,000 Posts Combo Breaker
    Check your extensions, turn them off one at a time until you find the offending extension

    Probably one called "fast save"
  • waddler_8
    waddler_8 Posts: 3,588 Forumite
    Do as above first but if you have problems doing that post an OTL log. This will show your Chrome extensions.

    Download OTL by Old Timer from the link below and save it to your Desktop.

    LINK
    • Double click on OTL.exe to run it.
    • Click the Quick Scan button.
    • When it's finished , two Notepad files will open.
      • OTL.txt <-- Will be opened
      • Extras.txt <-- Will be minimized
    • Post the contents of OTL.txt in your next reply.
    You may have to split the contents of the notepad file over multiple posts
  • siamese0109
    siamese0109 Posts: 355 Forumite
    The only extensions I have are ones I've had for ages! I did check those first after looking on line.... I'll do the log though thanks both!
  • waddler_8
    waddler_8 Posts: 3,588 Forumite
    Post it when you have it. :)
  • siamese0109
    siamese0109 Posts: 355 Forumite
    i forgot to say it's also gone very slow........
  • waddler_8
    waddler_8 Posts: 3,588 Forumite
    The OTL log will show other settings and things running so if there's anything untoward we can work out what the best route to take is.
  • siamese0109
    siamese0109 Posts: 355 Forumite
    OTL logfile created on: 14/12/2012 22:01:01 - Run 1
    OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Lesley\Desktop
    Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
    Internet Explorer (Version = 9.0.8112.16421)
    Locale: 00000809 | Country: United Kingdom | Language: ENG | Date Format: dd/MM/yyyy

    2.00 Gb Total Physical Memory | 0.67 Gb Available Physical Memory | 33.74% Memory free
    4.93 Gb Paging File | 2.43 Gb Available in Paging File | 49.28% Paging File free
    Paging file location(s): C:\pagefile.sys 3067 3067 [binary data]

    %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
    Drive C: | 143.30 Gb Total Space | 22.86 Gb Free Space | 15.95% Space Free | Partition Type: NTFS

    Computer Name: LESLEY-PC | User Name: Lesley | Logged in as Administrator.
    Boot Mode: Normal | Scan Mode: Current user | Quick Scan
    Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

    ========== Processes (SafeList) ==========

    PRC - [2012/12/14 21:59:47 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Lesley\Desktop\OTL (1).exe
    PRC - [2012/11/22 08:34:06 | 011,146,360 | ---- | M] (SugarSync, Inc.) -- C:\Program Files\SugarSync\SugarSyncManager.exe
    PRC - [2012/11/12 02:45:22 | 001,104,824 | ---- | M] (Samsung) -- C:\Program Files\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe
    PRC - [2012/11/12 02:45:14 | 000,968,120 | ---- | M] (Samsung) -- C:\Program Files\Samsung\Kies\Kies.exe
    PRC - [2012/11/01 19:45:21 | 004,763,008 | ---- | M] (SUPERAntiSpyware.com) -- C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
    PRC - [2012/11/01 04:16:42 | 000,577,536 | ---- | M] (Samsung Electronics) -- C:\Program Files\Samsung\Kies\KiesAirMessage.exe
    PRC - [2012/09/29 18:54:26 | 000,766,536 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe
    PRC - [2012/09/29 18:54:26 | 000,676,936 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
    PRC - [2012/09/29 18:54:26 | 000,399,432 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe
    PRC - [2012/09/12 16:25:24 | 000,287,824 | ---- | M] (Microsoft Corporation) -- c:\Program Files\Microsoft Security Client\NisSrv.exe
    PRC - [2012/09/12 16:25:22 | 000,020,472 | ---- | M] (Microsoft Corporation) -- c:\Program Files\Microsoft Security Client\MsMpEng.exe
    PRC - [2012/09/12 16:19:44 | 000,947,176 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft Security Client\msseces.exe
    PRC - [2012/08/28 07:41:08 | 000,092,632 | ---- | M] (TomTom) -- C:\Program Files\TomTom HOME 2\TomTomHOMEService.exe
    PRC - [2012/07/27 20:51:26 | 000,063,960 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
    PRC - [2012/07/11 18:54:49 | 000,116,608 | ---- | M] (SUPERAntiSpyware.com) -- C:\Program Files\SUPERAntiSpyware\SASCore.exe
    PRC - [2012/05/24 18:39:22 | 027,112,840 | ---- | M] (Dropbox, Inc.) -- C:\Users\Lesley\AppData\Roaming\Dropbox\bin\Dropbox.exe
    PRC - [2012/01/20 20:03:48 | 000,719,672 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft Office\Office14\MSOSYNC.EXE
    PRC - [2011/02/18 10:47:12 | 000,079,192 | ---- | M] (Research In Motion Limited) -- C:\Program Files\Common Files\Research In Motion\USB Drivers\RIMBBLaunchAgent.exe
    PRC - [2011/02/15 16:01:48 | 000,019,968 | ---- | M] (Fork Ltd.) -- C:\Prey\platform\windows\cronsvc.exe
    PRC - [2010/12/14 14:49:23 | 001,169,408 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\sdclt.exe
    PRC - [2010/07/04 19:07:40 | 000,238,952 | ---- | M] (Teruten) -- C:\Windows\System32\FsUsbExService.Exe
    PRC - [2009/04/11 06:27:36 | 002,926,592 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe
    PRC - [2009/01/26 14:31:10 | 001,153,368 | ---- | M] (Safer Networking Ltd.) -- C:\Program Files\Spybot - Search & Destroy\SDWinSec.exe
    PRC - [2007/08/09 17:36:36 | 000,644,408 | ---- | M] (Lenovo Group Limited) -- C:\Program Files\Common Files\Lenovo\tvt_reg_monitor_svc.exe
    PRC - [2007/07/05 22:49:18 | 000,128,296 | ---- | M] (Lenovo) -- C:\Program Files\ThinkPad\ConnectUtilities\SvcGuiHlpr.exe
    PRC - [2007/07/05 22:48:54 | 000,206,120 | ---- | M] (Lenovo) -- C:\Program Files\ThinkPad\ConnectUtilities\AcSvc.exe
    PRC - [2007/07/05 22:48:50 | 000,091,432 | ---- | M] (Lenovo) -- C:\Program Files\ThinkPad\ConnectUtilities\AcPrfMgrSvc.exe
    PRC - [2007/06/07 23:43:46 | 000,013,312 | ---- | M] (Lenovo Group Limited) -- c:\Program Files\Lenovo\System Update\SUService.exe
    PRC - [2007/04/09 01:24:32 | 000,054,832 | ---- | M] (Lenovo.) -- C:\Program Files\Lenovo\HOTKEY\FnF5svc.exe
    PRC - [2007/03/29 20:11:50 | 000,719,664 | ---- | M] (Broadcom Corporation.) -- C:\Program Files\Lenovo\Bluetooth Software\BTTray.exe
    PRC - [2007/03/29 20:11:48 | 001,604,400 | ---- | M] (Broadcom Corporation.) -- C:\Program Files\Lenovo\Bluetooth Software\BTStackServer.exe
    PRC - [2007/03/23 11:04:54 | 004,423,680 | ---- | M] (Realtek Semiconductor) -- C:\Windows\RtHDVCpl.exe
    PRC - [2007/03/16 12:26:22 | 000,057,344 | ---- | M] (Lenovo) -- C:\Program Files\Lenovo\PM Driver\PMSveH.exe
    PRC - [2007/03/14 22:42:48 | 000,321,088 | ---- | M] (Pure Networks, Inc.) -- C:\Program Files\Pure Networks\Network Magic\nmsrvc.exe
    PRC - [2007/03/02 05:07:28 | 000,055,936 | ---- | M] () -- C:\Program Files\Lenovo\HOTKEY\TPHKSVC.exe
    PRC - [2007/02/12 20:38:04 | 000,355,096 | ---- | M] (Intel Corporation) -- C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTmon.exe
    PRC - [2007/01/30 03:01:26 | 000,108,080 | ---- | M] (Lenovo Group Limited) -- C:\Windows\System32\IPSSVC.EXE
    PRC - [2006/12/29 02:48:10 | 000,569,344 | ---- | M] (Sonix) -- C:\Windows\vsnp2uvc.exe
    PRC - [2006/11/23 22:10:42 | 000,056,928 | ---- | M] (Cyberlink Corp.) -- C:\Program Files\Lenovo Multimedia Center\PowerDVD\PDVDServ.exe
    PRC - [2006/11/15 23:21:56 | 000,217,176 | ---- | M] (Diskeeper Corporation) -- C:\Program Files\Diskeeper Corporation\Diskeeper\DkIcon.exe
    PRC - [2006/11/15 23:20:46 | 000,634,988 | ---- | M] (Diskeeper Corporation) -- C:\Program Files\Diskeeper Corporation\Diskeeper\DkService.exe
    PRC - [2006/11/02 00:46:00 | 000,215,552 | ---- | M] (Microsoft Corporation) -- C:\Windows\WindowsMobile\wmdSync.exe
    PRC - [2006/10/05 03:10:12 | 000,009,216 | ---- | M] (Agere Systems) -- C:\Windows\System32\agrsmsvc.exe


    ========== Modules (No Company Name) ==========

    MOD - [2012/12/05 01:15:15 | 012,456,040 | ---- | M] () -- C:\Users\Lesley\AppData\Local\Google\Chrome\Application\23.0.1271.97\PepperFlash\pepflashplayer.dll
    MOD - [2012/12/05 01:15:15 | 000,460,904 | ---- | M] () -- C:\Users\Lesley\AppData\Local\Google\Chrome\Application\23.0.1271.97\ppgooglenaclpluginchrome.dll
    MOD - [2012/12/05 01:15:14 | 004,008,040 | ---- | M] () -- C:\Users\Lesley\AppData\Local\Google\Chrome\Application\23.0.1271.97\pdf.dll
    MOD - [2012/12/05 01:14:29 | 000,587,880 | ---- | M] () -- C:\Users\Lesley\AppData\Local\Google\Chrome\Application\23.0.1271.97\libglesv2.dll
    MOD - [2012/12/05 01:14:28 | 000,124,520 | ---- | M] () -- C:\Users\Lesley\AppData\Local\Google\Chrome\Application\23.0.1271.97\libegl.dll
    MOD - [2012/12/05 01:14:21 | 000,157,304 | ---- | M] () -- C:\Users\Lesley\AppData\Local\Google\Chrome\Application\23.0.1271.97\avutil-51.dll
    MOD - [2012/12/05 01:14:20 | 000,275,576 | ---- | M] () -- C:\Users\Lesley\AppData\Local\Google\Chrome\Application\23.0.1271.97\avformat-54.dll
    MOD - [2012/12/05 01:14:19 | 002,168,952 | ---- | M] () -- C:\Users\Lesley\AppData\Local\Google\Chrome\Application\23.0.1271.97\avcodec-54.dll
    MOD - [2012/11/27 21:24:33 | 012,621,824 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\Kies.Theme\02f1dd18d51e275a527e76e018d10de7\Kies.Theme.ni.dll
    MOD - [2012/11/27 21:24:30 | 000,609,792 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\DevicePodcast\2b9c8e717087159c421dfa602f5b7293\DevicePodcast.ni.dll
    MOD - [2012/11/27 21:24:28 | 000,293,888 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\DeviceVideo\2f107ea83be2ef508179997b376cace4\DeviceVideo.ni.dll
    MOD - [2012/11/27 21:24:27 | 000,371,712 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\DevicePhoto\868a19db784d1cdffda0af701f147102\DevicePhoto.ni.dll
    MOD - [2012/11/27 21:24:26 | 000,303,104 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\DeviceMusic\3fdd76a43f7be1d130ab62e1b0d1ad20\DeviceMusic.ni.dll
    MOD - [2012/11/27 21:24:25 | 000,471,040 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\VideoManager\6aacbc6c14c05060e39c84fc4ac595c2\VideoManager.ni.dll
    MOD - [2012/11/27 21:24:23 | 001,493,504 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\PodcastService\9d22cf9638cc731cd7b87bde8f3941dd\PodcastService.ni.dll
    MOD - [2012/11/27 21:24:21 | 000,621,568 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\PhotoManager\18bde68f83e735c974b74da2e45461dc\PhotoManager.ni.dll
    MOD - [2012/11/27 21:24:20 | 001,115,136 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\Podcaster\f229e965e2f62c15a4ff4f8cea6f89e1\Podcaster.ni.dll
    MOD - [2012/11/27 21:23:56 | 000,036,864 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\Kies.Common.DeviceS#\a479f769163e597466bdb682e7124c1a\Kies.Common.DeviceServiceLib.FirmwareUpdate.FirmwareUpdateAgentHelper.ni.dll
    MOD - [2012/11/27 21:23:54 | 006,243,328 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\DeviceHost\a6260a6a6d62c48a993d846ca1181efd\DeviceHost.ni.dll
    MOD - [2012/11/27 21:23:41 | 001,879,040 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\Phonebook\f90763e97e36c48f4fd1129af917377e\Phonebook.ni.dll
    MOD - [2012/11/27 21:23:33 | 001,008,640 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\CPKTMusicPlugin\cd2b8475c2fad46970b0fa77f0ec2a00\CPKTMusicPlugin.ni.dll
    MOD - [2012/11/27 21:23:28 | 000,941,568 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\MusicManager\c4aca0dceb07bbe270e6fde6e6b7e361\MusicManager.ni.dll
    MOD - [2012/11/27 21:23:26 | 000,397,312 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\BATPlugin\e4184dfb0d91120f41c37f33de1621d1\BATPlugin.ni.dll
    MOD - [2012/11/27 21:23:21 | 000,029,184 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\Kies.Common.StoreMa#\856fa460ae7080d0aea3ec3ebeba6499\Kies.Common.StoreManager.ni.dll
    MOD - [2012/11/27 21:23:20 | 000,507,904 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\Kies.Common.MediaDB\0e2a46b8112e80fe06c927e00af11fb7\Kies.Common.MediaDB.ni.dll
    MOD - [2012/11/27 21:23:19 | 000,232,960 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\ASF_cSharpAPI\29c5db2380d390afc22448a5c468b5fa\ASF_cSharpAPI.ni.dll
    MOD - [2012/11/27 21:23:19 | 000,064,000 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\Kies.Common.AllShare\b295d66dec0425fe0a789fc5b2d25cad\Kies.Common.AllShare.ni.dll
    MOD - [2012/11/27 21:23:18 | 000,283,136 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\Kies.Common.DeviceS#\42614a39066312b5c37fc0e9195e30df\Kies.Common.DeviceServiceLib.FirmwareUpdate.Common.ni.dll
    MOD - [2012/11/27 21:23:17 | 000,189,440 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\Kies.Common.DeviceS#\03b15e7f74fa07d8dc8cb49fb3db1a8c\Kies.Common.DeviceServiceLib.FirmwareUpdate.Downloader.ni.dll
    MOD - [2012/11/27 21:23:15 | 000,570,368 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\Kies.Common.DeviceS#\189c211220979edc5d1670b575ea5f71\Kies.Common.DeviceServiceLib.FileService.ni.dll
    MOD - [2012/11/27 21:23:15 | 000,175,616 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\Interop.DevFileServ#\ed4d981589a1df6611b9cff665f1ddd9\Interop.DevFileServiceLib.ni.dll
    MOD - [2012/11/27 21:23:13 | 000,621,568 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\Kies.Common.DeviceS#\74a25aaa8c715806e6e6f0c62d652a90\Kies.Common.DeviceServiceLib.DeviceDataService.ni.dll
    MOD - [2012/11/27 21:23:10 | 000,184,832 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\Kies.Common.DeviceS#\69ed36673ba2a14507ccb7a01e5f643f\Kies.Common.DeviceServiceLib.Interface.ni.dll
    MOD - [2012/11/27 21:23:09 | 000,915,456 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\Kies.Common.DeviceS#\70d12c875c54ffd21058174fc7095303\Kies.Common.DeviceServiceLib.DeviceManagement.ni.dll
    MOD - [2012/11/27 21:23:07 | 001,057,792 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\Kies.Common.DeviceS#\0214d956de9107833e019abdf53951bc\Kies.Common.DeviceService.ni.dll
    MOD - [2012/11/27 21:23:04 | 000,171,520 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\Interop.P3MPINTERFA#\0611e3b49b51403a06e7068532e8f225\Interop.P3MPINTERFACECTRLLib.ni.dll
    MOD - [2012/11/27 21:23:04 | 000,052,224 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\Interop.MP3FileInfo#\e99de6d3c53e90efbd718fa5c7fef157\Interop.MP3FileInfoCOMLib.ni.dll
    MOD - [2012/11/27 21:23:04 | 000,032,256 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\Interop.OGGFileInfo#\0c0283e4f6bbc64686a5c0010555e13b\Interop.OGGFileInfoCOMLib.ni.dll
    MOD - [2012/11/27 21:23:04 | 000,030,720 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\Interop.PRPLAYERCOR#\f028b092efd7ad8aa0fa1622861ef9aa\Interop.PRPLAYERCORELib.ni.dll
    MOD - [2012/11/27 21:23:01 | 002,200,576 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\Kies.Common.Multime#\d37dc0c597d349b14ec0db8274767a9b\Kies.Common.Multimedia.ni.dll
    MOD - [2012/11/27 21:22:56 | 000,200,704 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\Kies.Common.MainUI\3026edf797caeb228c0aa8c70b1830db\Kies.Common.MainUI.ni.dll
    MOD - [2012/11/27 21:22:54 | 000,067,072 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\Kies.Common.DBManag#\b77c68e50d9c835ee2669be60f6d48e9\Kies.Common.DBManager.ni.dll
    MOD - [2012/11/27 21:22:53 | 000,743,424 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\ICSharpCode.SharpZi#\13b45160c54b61732054793bbb2c69a3\ICSharpCode.SharpZipLib.ni.dll
    MOD - [2012/11/27 21:22:53 | 000,395,776 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\CabLib\c6d0e91a31dd1638c057fe74e7573078\CabLib.ni.dll
    MOD - [2012/11/27 21:22:52 | 000,274,432 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\Kies.Common.Util\85f60606b7903aa1b33af12e3453dd88\Kies.Common.Util.ni.dll
    MOD - [2012/11/27 21:22:51 | 000,052,224 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\Interop.DeviceSearc#\45980604ea67b113007cbc7027f9b908\Interop.DeviceSearchLib.ni.dll
    MOD - [2012/11/27 21:22:50 | 001,499,136 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\Kies.Locale\93ab4e07b12bbea642af02876213f848\Kies.Locale.ni.dll
    MOD - [2012/11/27 21:22:49 | 001,874,944 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\Kies.UI\16d9ad7cb69cb503fc87a37146702f71\Kies.UI.ni.dll
    MOD - [2012/11/27 21:22:49 | 000,078,848 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\Kies.MVVM\ad5c72f20766875b19bbaacc1eee8fa9\Kies.MVVM.ni.dll
    MOD - [2012/11/27 21:22:45 | 000,119,296 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\GongSolutions.Wpf.D#\b30966f9d0bd49ab0a002b3c04eeb1fe\GongSolutions.Wpf.DragDrop.ni.dll
    MOD - [2012/11/27 21:22:42 | 001,211,392 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\Kies.Interface\78409a29c456e6dad57bc04abb3500e6\Kies.Interface.ni.dll
    MOD - [2012/11/27 21:22:14 | 000,771,072 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Runtime.Remo#\b799d9ef9fda37c87235fa88712f0c0e\System.Runtime.Remoting.ni.dll
    MOD - [2012/11/27 21:22:07 | 001,691,648 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\Kies\e5ed60c80691ee1d605b523dd47fb084\Kies.ni.exe
    MOD - [2012/11/17 03:34:32 | 000,221,696 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.ServiceProce#\96b48b5a8f540eb1a0d4fac6441a5409\System.ServiceProcess.ni.dll
    MOD - [2012/11/17 03:30:27 | 001,812,480 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Xaml\739c5209c3538b3457c2f8f9ad196cbb\System.Xaml.ni.dll
    MOD - [2012/11/17 03:25:46 | 018,022,400 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\PresentationFramewo#\960b6130c64f21d8f5d8d3eb183ae660\PresentationFramework.ni.dll
    MOD - [2012/11/17 03:25:24 | 011,522,560 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\PresentationCore\6053166746abce42f4c4432e0ec54fc7\PresentationCore.ni.dll
    MOD - [2012/11/17 03:25:09 | 003,882,496 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\WindowsBase\947466e2a04c48c43a8b255eb236ba71\WindowsBase.ni.dll
    MOD - [2012/11/17 03:19:37 | 005,617,664 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Xml\e46c644e0ef0456434b32f3e91b56424\System.Xml.ni.dll
    MOD - [2012/11/17 03:19:31 | 000,982,528 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Configuration\86f1e41236b3d404d65db53bd0374d1e\System.Configuration.ni.dll
    MOD - [2012/11/17 03:19:29 | 007,070,208 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Core\9d1f9ff307e93bb9929b2b11661623cb\System.Core.ni.dll
    MOD - [2012/11/17 03:19:18 | 009,095,168 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System\aaf8a137263c899815f0acff07eb1562\System.ni.dll
    MOD - [2012/11/17 03:19:09 | 014,417,408 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\mscorlib\031abbfbd476fdc0c392160b67f2c662\mscorlib.ni.dll
    MOD - [2011/09/27 06:23:00 | 000,087,912 | ---- | M] () -- C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
    MOD - [2011/09/27 06:22:40 | 001,242,472 | ---- | M] () -- C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll
    MOD - [2011/03/17 00:11:16 | 004,297,568 | ---- | M] () -- C:\Program Files\Common Files\microsoft shared\OFFICE14\Cultures\OFFICE.ODF
    MOD - [2010/10/20 15:45:26 | 008,801,120 | ---- | M] () -- C:\Program Files\Microsoft Office\Office14\1033\GrooveIntlResource.dll
    MOD - [2007/04/14 13:30:56 | 000,139,264 | ---- | M] () -- C:\Program Files\Common Files\Lenovo\CDRecord.dll
    MOD - [2007/03/29 20:02:48 | 000,126,976 | ---- | M] () -- C:\Program Files\Lenovo\Bluetooth Software\BTKeyInd.dll
    MOD - [2007/03/29 19:42:38 | 000,389,120 | ---- | M] () -- C:\Windows\System32\btwhidcs.dll


    ========== Services (SafeList) ==========

    SRV - File not found [Auto | Running] -- C:\Program Files\Spybot -- (SBSDWSCService)
    SRV - [2012/11/22 09:54:37 | 000,115,168 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
    SRV - [2012/11/09 11:21:24 | 000,160,944 | R--- | M] (Skype Technologies) [Auto | Stopped] -- C:\Program Files\Skype\Updater\Updater.exe -- (SkypeUpdate)
    SRV - [2012/09/29 18:54:26 | 000,676,936 | ---- | M] (Malwarebytes Corporation) [Auto | Running] -- C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe -- (MBAMService)
    SRV - [2012/09/29 18:54:26 | 000,399,432 | ---- | M] (Malwarebytes Corporation) [Auto | Running] -- C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe -- (MBAMScheduler)
    SRV - [2012/09/20 13:28:48 | 030,785,672 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Microsoft Office\Office14\GROOVE.EXE -- (Microsoft SharePoint Workspace Audit Service)
    SRV - [2012/09/12 16:25:24 | 000,287,824 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- c:\Program Files\Microsoft Security Client\NisSrv.exe -- (NisSrv)
    SRV - [2012/09/12 16:25:22 | 000,020,472 | ---- | M] (Microsoft Corporation) [Auto | Running] -- c:\Program Files\Microsoft Security Client\MsMpEng.exe -- (MsMpSvc)
    SRV - [2012/08/28 07:41:08 | 000,092,632 | ---- | M] (TomTom) [Auto | Running] -- C:\Program Files\TomTom HOME 2\TomTomHOMEService.exe -- (TomTomHOMEService)
    SRV - [2012/07/27 20:51:26 | 000,063,960 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)
    SRV - [2012/07/11 18:54:49 | 000,116,608 | ---- | M] (SUPERAntiSpyware.com) [Auto | Running] -- C:\Program Files\SUPERAntiSpyware\SASCore.exe -- (!SASCORE)
    SRV - [2011/02/15 16:01:48 | 000,019,968 | ---- | M] (Fork Ltd.) [Auto | Running] -- C:\Prey\platform\windows\cronsvc.exe -- (CronService)
    SRV - [2010/11/28 08:24:53 | 000,655,624 | ---- | M] (Acresso Software Inc.) [On_Demand | Stopped] -- C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe -- (FLEXnet Licensing Service)
    SRV - [2010/07/04 19:07:40 | 000,238,952 | ---- | M] (Teruten) [Auto | Running] -- C:\Windows\System32\FsUsbExService.Exe -- (FsUsbExService)
    SRV - [2008/01/18 22:38:26 | 000,272,952 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
    SRV - [2008/01/18 22:36:50 | 000,365,568 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\WindowsMobile\wcescomm.dll -- (WcesComm)
    SRV - [2008/01/18 22:36:16 | 000,167,936 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\WindowsMobile\rapimgr.dll -- (RapiMgr)
    SRV - [2007/08/09 17:36:36 | 000,644,408 | ---- | M] (Lenovo Group Limited) [Auto | Running] -- C:\Program Files\Common Files\Lenovo\tvt_reg_monitor_svc.exe -- (ThinkVantage Registry Monitor Service)
    SRV - [2007/07/05 22:48:54 | 000,206,120 | ---- | M] (Lenovo) [Auto | Running] -- C:\Program Files\ThinkPad\ConnectUtilities\AcSvc.exe -- (AcSvc)
    SRV - [2007/07/05 22:48:50 | 000,091,432 | ---- | M] (Lenovo) [Auto | Running] -- C:\Program Files\ThinkPad\ConnectUtilities\AcPrfMgrSvc.exe -- (AcPrfMgrSvc)
    SRV - [2007/06/07 23:43:46 | 000,013,312 | ---- | M] (Lenovo Group Limited) [Auto | Running] -- c:\Program Files\Lenovo\System Update\SUService.exe -- (SUService)
    SRV - [2007/04/09 01:24:32 | 000,054,832 | ---- | M] (Lenovo.) [Auto | Running] -- C:\Program Files\Lenovo\HOTKEY\FnF5svc.exe -- (FNF5SVC)
    SRV - [2007/03/16 12:26:22 | 000,057,344 | ---- | M] (Lenovo) [Auto | Running] -- C:\Program Files\Lenovo\PM Driver\PMSveH.exe -- (PMSveH)
    SRV - [2007/03/14 22:42:48 | 000,321,088 | ---- | M] (Pure Networks, Inc.) [Auto | Running] -- C:\Program Files\Pure Networks\Network Magic\nmsrvc.exe -- (nmservice)
    SRV - [2007/03/14 22:42:22 | 000,012,800 | ---- | M] (Pure Networks, Inc.) [On_Demand | Stopped] -- C:\Program Files\Pure Networks\Network Magic\WebServer\bin\nmraapache.exe -- (nmraapache)
    SRV - [2007/03/02 05:07:28 | 000,055,936 | ---- | M] () [Auto | Running] -- C:\Program Files\Lenovo\HOTKEY\TPHKSVC.exe -- (TPHKSVC)
    SRV - [2007/02/12 20:38:04 | 000,355,096 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTmon.exe -- (IAANTMON)
    SRV - [2007/01/30 03:01:26 | 000,108,080 | ---- | M] (Lenovo Group Limited) [Auto | Running] -- C:\Windows\System32\IPSSVC.EXE -- (IPSSVC)
    SRV - [2006/11/15 23:20:46 | 000,634,988 | ---- | M] (Diskeeper Corporation) [Auto | Running] -- C:\Program Files\Diskeeper Corporation\Diskeeper\DkService.exe -- (Diskeeper)
    SRV - [2006/10/05 03:10:12 | 000,009,216 | ---- | M] (Agere Systems) [Auto | Running] -- C:\Windows\System32\agrsmsvc.exe -- (AgereModemAudio)


    ========== Driver Services (SafeList) ==========

    DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\nwlnkfwd.sys -- (NwlnkFwd)
    DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\nwlnkflt.sys -- (NwlnkFlt)
  • siamese0109
    siamese0109 Posts: 355 Forumite
    DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\ipinip.sys -- (IpInIp)
    DRV - File not found [Kernel | Boot | Stopped] -- System32\drivers\rgnptl.sys -- (gyhy)
    DRV - File not found [Kernel | On_Demand | Stopped] -- C:\Windows\TEMP\cpuz135\cpuz135_x32.sys -- (cpuz135)
    DRV - File not found [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\blbdrive.sys -- (blbdrive)
    DRV - [2012/09/29 18:54:26 | 000,022,856 | ---- | M] (Malwarebytes Corporation) [File_System | On_Demand | Running] -- C:\Windows\System32\drivers\mbam.sys -- (MBAMProtector)
    DRV - [2012/08/30 21:03:50 | 000,099,272 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\NisDrvWFP.sys -- (NisDrv)
    DRV - [2012/02/24 09:14:42 | 000,181,432 | ---- | M] (DEVGURU Co., LTD.(https://www.devguru.co.kr)) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ssudmdm.sys -- (ssudmdm)
    DRV - [2012/02/24 09:14:42 | 000,080,824 | ---- | M] (DEVGURU Co., LTD.(https://www.devguru.co.kr)) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ssudbus.sys -- (dg_ssudbus)
    DRV - [2011/07/22 16:27:02 | 000,012,880 | ---- | M] (SUPERAdBlocker.com and SUPERAntiSpyware.com) [Kernel | System | Running] -- C:\Program Files\SUPERAntiSpyware\sasdifsv.sys -- (SASDIFSV)
    DRV - [2011/07/12 21:55:22 | 000,067,664 | ---- | M] (SUPERAdBlocker.com and SUPERAntiSpyware.com) [Kernel | System | Running] -- C:\Program Files\SUPERAntiSpyware\SASKUTIL.SYS -- (SASKUTIL)
    DRV - [2010/06/14 09:32:54 | 000,036,608 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Windows\System32\FsUsbExDisk.Sys -- (FsUsbExDisk)
    DRV - [2010/02/04 12:23:12 | 000,108,416 | R--- | M] (QUALCOMM Incorporated) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\smtmoser.sys -- (smtmoser)
    DRV - [2009/07/13 23:51:11 | 000,034,944 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\winusb.sys -- (WinUSB)
    DRV - [2009/02/24 18:42:14 | 000,116,736 | ---- | M] (MagicISO, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\mcdbus.sys -- (mcdbus)
    DRV - [2008/06/30 09:18:46 | 000,104,960 | ---- | M] (ZTE Incorporated) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ZTEusbser6k.sys -- (ZTEusbser6k)
    DRV - [2008/06/30 09:18:46 | 000,104,960 | ---- | M] (ZTE Incorporated) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ZTEusbnmea.sys -- (ZTEusbnmea)
    DRV - [2008/06/30 09:18:46 | 000,104,960 | ---- | M] (ZTE Incorporated) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ZTEusbmdm6k.sys -- (ZTEusbmdm6k)
    DRV - [2008/03/13 02:36:42 | 002,555,392 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\NETw4v32.sys -- (NETw4v32)
    DRV - [2007/06/17 04:29:08 | 000,146,824 | ---- | M] (AuthenTec, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\atswpdrv.sys -- (ATSWPDRV)
    DRV - [2007/05/22 22:59:38 | 000,030,336 | ---- | M] (Lenovo (United States) Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\tvti2c.sys -- (TVTI2C)
    DRV - [2007/05/22 14:35:00 | 007,117,856 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\nvlddmkm.sys -- (nvlddmkm)
    DRV - [2007/05/22 07:59:34 | 000,021,376 | ---- | M] (Lenovo (United States) Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\psadd.sys -- (psadd)
    DRV - [2007/03/22 05:02:04 | 000,037,376 | ---- | M] (REDC) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\rixdptsk.sys -- (rismxdp)
    DRV - [2007/02/24 21:42:22 | 000,039,936 | ---- | M] (REDC) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\rimmptsk.sys -- (rimmptsk)
    DRV - [2007/02/16 22:09:06 | 009,598,080 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\snp2uvc.sys -- (SNP2UVC)
    DRV - [2007/01/23 23:40:20 | 000,042,496 | ---- | M] (REDC) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\rimsptsk.sys -- (rimsptsk)
    DRV - [2006/12/19 00:12:22 | 001,786,880 | ---- | M] (Intel® Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\NETw3v32.sys -- (NETw3v32)
    DRV - [2006/11/09 21:34:26 | 000,019,456 | ---- | M] (COMPAL ELECTRONIC INC.) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\LPCFilter.sys -- (LPCFilter)
    DRV - [2006/11/08 07:29:44 | 001,161,888 | ---- | M] (Agere Systems) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\AGRSM.sys -- (AgereSoftModem)
    DRV - [2006/11/06 08:23:24 | 000,012,080 | ---- | M] (Lenovo Group Limited) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\PROCDD.SYS -- (PROCDD)
    DRV - [2006/08/30 10:04:04 | 000,013,744 | ---- | M] (Lenovo Group Limited) [Kernel | System | Running] -- C:\Windows\System32\drivers\smiif32.sys -- (lenovo.smi)


    ========== Standard Registry (SafeList) ==========


    ========== Internet Explorer ==========

    IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://lenovo.live.com
    IE - HKLM\..\SearchScopes,DefaultScope = {59FA9065-F80E-4F8E-9118-0C7E98FA191C}
    IE - HKLM\..\SearchScopes\{59FA9065-F80E-4F8E-9118-0C7E98FA191C}: "URL" = http://search.live.com/results.aspx?q={searchTerms}&entrypoint={referrer:source?}&FORM=LENIE
    IE - HKLM\..\SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b}: "URL" = http://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT2786678

    IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.co.uk/
    IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 1
    IE - HKCU\..\URLSearchHook: {bf7380fa-e3b4-4db2-af3e-9d8783a45bfc} - No CLSID value found
    IE - HKCU\..\SearchScopes,DefaultScope = {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}
    IE - HKCU\..\SearchScopes\{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}: "URL" = http://search.babylon.com/web/{searchTerms}?babsrc=SP_ss&affID=111015&mntrId=1e38f279000000000000001b380f28e6
    IE - HKCU\..\SearchScopes\{59FA9065-F80E-4F8E-9118-0C7E98FA191C}: "URL" = http://search.live.com/results.aspx?q={searchTerms}&entrypoint={referrer:source?}&FORM=LENIE
    IE - HKCU\..\SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b}: "URL" = http://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT2786678
    IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
    IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local


    ========== FireFox ==========

    FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF32.dll ()
    FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found
    FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll ()
    FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Browser Plugin,version=1.0.0: C:\Program Files\DivX\DivX Plus Web Player\npdivx32.dll (DivX, LLC)
    FF - HKLM\Software\MozillaPlugins\@divx.com/DivX VOD Helper,version=1.0.0: C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
    FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.5.1: C:\Windows\system32\npDeployJava1.dll (Oracle Corporation)
    FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre7\bin\new_plugin\npjp2.dll File not found
    FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.5.0: C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
    FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\4.1.10329.0\npctrl.dll ( Microsoft Corporation)
    FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~1\MI1933~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)
    FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~1\MI1933~1\Office14\NPSPWRAP.DLL (Microsoft Corporation)
    FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
    FF - HKLM\Software\MozillaPlugins\@real.com/nppl3260;version=15.0.4.53: c:\program files\real\realplayer\Netscape6\nppl3260.dll (RealNetworks, Inc.)
    FF - HKLM\Software\MozillaPlugins\@real.com/nprjplug;version=15.0.4.53: c:\program files\real\realplayer\Netscape6\nprjplug.dll (RealNetworks, Inc.)
    FF - HKLM\Software\MozillaPlugins\@real.com/nprpchromebrowserrecordext;version=15.0.4.53: C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprpchromebrowserrecordext.dll (RealNetworks, Inc.)
    FF - HKLM\Software\MozillaPlugins\@real.com/nprphtml5videoshim;version=15.0.4.53: C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll (RealNetworks, Inc.)
    FF - HKLM\Software\MozillaPlugins\@real.com/nprpplugin;version=15.0.4.53: c:\program files\real\realplayer\Netscape6\nprpplugin.dll (RealPlayer)
    FF - HKLM\Software\MozillaPlugins\@RIM.com/WebSLLauncher,version=1.0: C:\Program Files\Common Files\Research In Motion\BBWebSLLauncher\NPWebSLLauncher.dll ()
    FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.)
    FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.)
    FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
    FF - HKCU\Software\MozillaPlugins\@doubletwist.com/NPPodcast: C:\Program Files\Common Files\doubleTwist\NPPodcast.dll File not found
    FF - HKCU\Software\MozillaPlugins\@talk.google.com/GoogleTalkPlugin: C:\Users\Lesley\AppData\Roaming\Mozilla\plugins\npgoogletalk.dll (Google)
    FF - HKCU\Software\MozillaPlugins\@talk.google.com/O3DPlugin: C:\Users\Lesley\AppData\Roaming\Mozilla\plugins\npgtpo3dautoplugin.dll ()
    FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Users\Lesley\AppData\Local\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.)
    FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Users\Lesley\AppData\Local\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.)

    FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{23fcfd51-4958-4f00-80a3-ae97e717ed8b}: C:\Program Files\DivX\DivX Plus Web Player\firefox\html5video [2011/05/02 10:15:38 | 000,000,000 | ---D | M]
    FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{6904342A-8307-11DF-A508-4AE2DFD72085}: C:\Program Files\DivX\DivX Plus Web Player\firefox\wpa [2011/05/02 10:15:38 | 000,000,000 | ---D | M]
    FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\fbphotozoom@installdaddy.com: C:\Program Files\fbphotozoom\fbphotozoom15.xpi [2012/03/23 07:52:28 | 000,102,423 | ---- | M] ()
    FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{97E22097-9A2F-45b1-8DAF-36AD648C7EF4}: C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext [2012/06/23 19:17:03 | 000,000,000 | ---D | M]
    FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Thunderbird 17.0\extensions\\Components: C:\Program Files\Mozilla Thunderbird\components [2012/11/22 09:53:41 | 000,000,000 | ---D | M]
    FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Thunderbird 17.0\extensions\\Plugins: C:\Program Files\Mozilla Thunderbird\plugins [2012/11/22 09:53:44 | 000,000,000 | ---D | M]
    FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Thunderbird 17.0\extensions\\Components: C:\Program Files\Mozilla Thunderbird\components [2012/11/22 09:53:41 | 000,000,000 | ---D | M]
    FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Thunderbird 17.0\extensions\\Plugins: C:\Program Files\Mozilla Thunderbird\plugins [2012/11/22 09:53:44 | 000,000,000 | ---D | M]

    [2010/06/20 07:45:40 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Lesley\AppData\Roaming\Mozilla\Extensions
    [2010/06/20 07:45:40 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Lesley\AppData\Roaming\Mozilla\Extensions\{3550f703-e582-4d05-9a08-453d09bdfdc6}
    [2010/06/19 16:22:23 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Lesley\AppData\Roaming\Mozilla\Extensions\home2@tomtom.com
    [2011/12/21 20:37:10 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Lesley\AppData\Roaming\Mozilla\Firefox\extensions
    [2011/12/21 20:37:11 | 000,000,000 | ---D | M] (uTorrentBar Community Toolbar) -- C:\Users\Lesley\AppData\Roaming\Mozilla\Firefox\extensions\{bf7380fa-e3b4-4db2-af3e-9d8783a45bfc}

    ========== Chrome ==========

    CHR - homepage: http://www.google.com/
    CHR - default_search_provider: Google (Enabled)
    CHR - default_search_provider: search_url = {google:baseURL}search?q={searchTerms}&{google:RLZ}{google:acceptedSuggestion}{google:originalQueryForSuggestion}{google:assistedQueryStats}{google:searchFieldtrialParameter}sourceid=chrome&ie={inputEncoding}
    CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client=chrome&hl={language}&q={searchTerms}&sugkey={google:suggestAPIKeyParameter},
    CHR - homepage: http://www.google.com/
    CHR - plugin: Remoting Viewer (Enabled) = internal-remoting-viewer
    CHR - plugin: Native Client (Enabled) = C:\Users\Lesley\AppData\Local\Google\Chrome\Application\23.0.1271.97\ppGoogleNaClPluginChrome.dll
    CHR - plugin: Chrome PDF Viewer (Disabled) = C:\Users\Lesley\AppData\Local\Google\Chrome\Application\23.0.1271.97\pdf.dll
    CHR - plugin: Shockwave Flash (Enabled) = C:\Users\Lesley\AppData\Local\Google\Chrome\Application\23.0.1271.97\gcswf32.dll
    CHR - plugin: Shockwave Flash (Disabled) = C:\Users\Lesley\AppData\Local\Google\Chrome\User Data\PepperFlash\11.2.31.144\pepflashplayer.dll
    CHR - plugin: Shockwave Flash (Enabled) = C:\Windows\system32\Macromed\Flash\NPSWF32.dll
    CHR - plugin: Skype Click to Call (Enabled) = C:\Users\Lesley\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl\5.11.0.9874_0\npSkypeChromePlugin.dll
    CHR - plugin: Adobe Acrobat (Enabled) = C:\Program Files\Adobe\Reader 10.0\Reader\Browser\nppdf32.dll
    CHR - plugin: Java Deployment Toolkit 6.0.290.11 (Enabled) = C:\Program Files\Java\jre6\bin\new_plugin\npdeployJava1.dll
    CHR - plugin: Java(TM) Platform SE 6 U29 (Enabled) = C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll
    CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files\QuickTime\plugins\npqtplugin.dll
    CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files\QuickTime\plugins\npqtplugin2.dll
    CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files\QuickTime\plugins\npqtplugin3.dll
    CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files\QuickTime\plugins\npqtplugin4.dll
    CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files\QuickTime\plugins\npqtplugin5.dll
    CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files\QuickTime\plugins\npqtplugin6.dll
    CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files\QuickTime\plugins\npqtplugin7.dll
    CHR - plugin: Google Talk Plugin (Enabled) = C:\Users\Lesley\AppData\Roaming\Mozilla\plugins\npgoogletalk.dll
    CHR - plugin: Google Talk Plugin Video Accelerator (Disabled) = C:\Users\Lesley\AppData\Roaming\Mozilla\plugins\npgtpo3dautoplugin.dll
    CHR - plugin: Microsoft Office 2010 (Enabled) = C:\PROGRA~1\MI1933~1\Office14\NPAUTHZ.DLL
    CHR - plugin: Microsoft Office 2010 (Enabled) = C:\PROGRA~1\MI1933~1\Office14\NPSPWRAP.DLL
    CHR - plugin: RIM Handheld Application Loader (Disabled) = C:\Program Files\Common Files\Research In Motion\BBWebSLLauncher\NPWebSLLauncher.dll
    CHR - plugin: DivX VOD Helper Plug-in (Enabled) = C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll
    CHR - plugin: DivX Web Player (Enabled) = C:\Program Files\DivX\DivX Plus Web Player\npdivx32.dll
    CHR - plugin: iTunes Application Detector (Enabled) = C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll
    CHR - plugin: RealNetworks(tm) Chrome Background Extension Plug-In (32-bit) (Enabled) = C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprpchromebrowserrecordext.dll
    CHR - plugin: RealPlayer(tm) HTML5VideoShim Plug-In (32-bit) (Enabled) = C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll
    CHR - plugin: RealPlayer(tm) G2 LiveConnect-Enabled Plug-In (32-bit) (Enabled) = c:\program files\real\realplayer\Netscape6\nppl3260.dll
    CHR - plugin: RealPlayer Version Plugin (Enabled) = c:\program files\real\realplayer\Netscape6\nprpjplug.dll
    CHR - plugin: Google Update (Enabled) = C:\Users\Lesley\AppData\Local\Google\Update\1.3.21.111\npGoogleUpdate3.dll
    CHR - plugin: Silverlight Plug-In (Enabled) = c:\Program Files\Microsoft Silverlight\4.1.10329.0\npctrl.dll
    CHR - plugin: Windows Presentation Foundation (Disabled) = c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll
    CHR - plugin: RealJukebox NS Plugin (Enabled) = c:\program files\real\realplayer\Netscape6\nprjplug.dll
    CHR - Extension: Angry Birds = C:\Users\Lesley\AppData\Local\Google\Chrome\User Data\Default\Extensions\aknpkdffaafgjchaibgeefbgmgeghloj\1.5.0.7_0\
    CHR - Extension: WOT = C:\Users\Lesley\AppData\Local\Google\Chrome\User Data\Default\Extensions\bhmmomiinigofkjcapegjjndpbikblnp\1.3.12_0\
    CHR - Extension: YouTube = C:\Users\Lesley\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\
    CHR - Extension: Adblock Plus = C:\Users\Lesley\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.3.1_0\
    CHR - Extension: Google Search = C:\Users\Lesley\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.19_0\
    CHR - Extension: Search by Image (by Google) = C:\Users\Lesley\AppData\Local\Google\Chrome\User Data\Default\Extensions\dajedkncpodkggklbegccjpmnglmnflm\1.3.2_0\
    CHR - Extension: DivX HiQ = C:\Users\Lesley\AppData\Local\Google\Chrome\User Data\Default\Extensions\fnjbmmemklcjgepojigaapkoodmkgbae\2.1.1.94_0\
    CHR - Extension: LastPass = C:\Users\Lesley\AppData\Local\Google\Chrome\User Data\Default\Extensions\hdokiejnpimakedhajhdlcegeplioahd\2.0.14_0\
    CHR - Extension: InvisibleHand = C:\Users\Lesley\AppData\Local\Google\Chrome\User Data\Default\Extensions\lghjfnfolmcikomdjmoiemllfnlmmoko\3.8.26_0\
    CHR - Extension: Skype Click to Call = C:\Users\Lesley\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl\5.11.0.9874_0\
    CHR - Extension: FBPHOTOZOOM = C:\Users\Lesley\AppData\Local\Google\Chrome\User Data\Default\Extensions\mpieaakhacmfleokhjcjnpcnmnmpfkid\2.2_0\
    CHR - Extension: Google+ Ultimate = C:\Users\Lesley\AppData\Local\Google\Chrome\User Data\Default\Extensions\nhogbifmjccfhopdggilcbeamcmlhmgo\1.3.4_0\
    CHR - Extension: Evernote Web Clipper = C:\Users\Lesley\AppData\Local\Google\Chrome\User Data\Default\Extensions\pioclpoplcdbaefihamjohnefbikjilc\5.9.4_0\
    CHR - Extension: Gmail = C:\Users\Lesley\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\

    O1 HOSTS File: ([2006/09/18 21:41:30 | 000,000,761 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
    O1 - Hosts: 127.0.0.1 localhost
    O1 - Hosts: ::1 localhost
    O2 - BHO: (RealPlayer Download and Record Plugin for Internet Explorer) - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll (RealPlayer)
    O2 - BHO: (DivX Plus Web Player HTML5 <video>) - {326E768D-4182-46FD-9C16-1449A49795F4} - C:\Program Files\DivX\DivX Plus Web Player\npdivx32.dll (DivX, LLC)
    O2 - BHO: (DivX HiQ) - {593DDEC6-7468-4cdd-90E1-42DADAA222E9} - C:\Program Files\DivX\DivX Plus Web Player\npdivx32.dll (DivX, LLC)
    O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - No CLSID value found.
    O2 - BHO: (Groove GFS Browser Helper) - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
    O2 - BHO: (Skype Browser Helper) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
    O2 - BHO: (Office Document Cache Handler) - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
    O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
    O2 - BHO: (CPwmIEBrowserHelper Object) - {F040E541-A427-4CF7-85D8-75E3E0F476C5} - C:\Program Files\Lenovo\Client Security Solution\tvtpwm_ie_com.dll (Lenovo Group Limited)
    O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - No CLSID value found.
    O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - No CLSID value found.
    O4 - HKLM..\Run: [APSDaemon] C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.)
    O4 - HKLM..\Run: [FingerPrintSoftware] C:\Program Files\Lenovo Fingerprint Software\fpapp.exe (Authentec,Inc)
    O4 - HKLM..\Run: [LanguageShortcut] C:\Program Files\Lenovo Multimedia Center\PowerDVD\Language\Language.exe ()
    O4 - HKLM..\Run: [MSC] c:\Program Files\Microsoft Security Client\msseces.exe (Microsoft Corporation)
    O4 - HKLM..\Run: [NPSStartup] File not found
    O4 - HKLM..\Run: [NvCplDaemon] C:\Windows\System32\NvCpl.dll (NVIDIA Corporation)
    O4 - HKLM..\Run: [NvMediaCenter] C:\Windows\System32\NvMcTray.dll (NVIDIA Corporation)
    O4 - HKLM..\Run: [NvSvc] C:\Windows\System32\nvsvc.dll (NVIDIA Corporation)
    O4 - HKLM..\Run: [RemoteControl] C:\Program Files\Lenovo Multimedia Center\PowerDVD\PDVDServ.exe (Cyberlink Corp.)
    O4 - HKLM..\Run: [RIMBBLaunchAgent.exe] C:\Program Files\Common Files\Research In Motion\USB Drivers\RIMBBLaunchAgent.exe (Research In Motion Limited)
    O4 - HKLM..\Run: [RtHDVCpl] C:\Windows\RtHDVCpl.exe (Realtek Semiconductor)
    O4 - HKLM..\Run: [snp2uvc] C:\Windows\vsnp2uvc.exe (Sonix)
    O4 - HKLM..\Run: [Windows Defender] C:\Program Files\Windows Defender\MSASCui.exe (Microsoft Corporation)
    O4 - HKLM..\Run: [Windows Mobile-based device management] C:\Windows\WindowsMobile\wmdSync.exe (Microsoft Corporation)
    O4 - HKCU..\Run: [] C:\Program Files\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe (Samsung)
    O4 - HKCU..\Run: [KiesAirMessage] C:\Program Files\Samsung\Kies\KiesAirMessage.exe (Samsung Electronics)
    O4 - HKCU..\Run: [KiesPDLR] C:\Program Files\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe (Samsung)
    O4 - HKCU..\Run: [KiesPreload] C:\Program Files\Samsung\Kies\Kies.exe (Samsung)
    O4 - HKCU..\Run: [OfficeSyncProcess] C:\Program Files\Microsoft Office\Office14\MSOSYNC.EXE (Microsoft Corporation)
    O4 - HKCU..\Run: [SugarSync] C:\Program Files\SugarSync\SugarSyncManager.exe (SugarSync, Inc.)
    O4 - HKCU..\Run: [SUPERAntiSpyware] C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe (SUPERAntiSpyware.com)
    O4 - Startup: C:\Users\Lesley\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk = C:\Users\Lesley\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
    O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
    O8 - Extra context menu item: Add to Evernote 4.0 - C:\Program Files\Evernote\Evernote\EvernoteIE.dll (Evernote Corp., 333 W Evelyn Ave. Mountain View, CA 94041)
    O8 - Extra context menu item: E&xport to Microsoft Excel - C:\Program Files\Microsoft Office\Office14\EXCEL.EXE (Microsoft Corporation)
    O8 - Extra context menu item: Free YouTube to Mp3 Converter - C:\Users\Lesley\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubetomp3converter.htm ()
    O8 - Extra context menu item: Se&nd to OneNote - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation)
    O8 - Extra context menu item: Send image to &Bluetooth Device... - C:\Program Files\Lenovo\Bluetooth Software\btsendto_ie_ctx.htm ()
    O8 - Extra context menu item: Send page to &Bluetooth Device... - C:\Program Files\Lenovo\Bluetooth Software\btsendto_ie.htm ()
    O9 - Extra 'Tools' menuitem : ThinkVantage Password Manager... - {0045D4BC-5189-4b67-969C-83BB1906C421} - C:\Program
  • siamese0109
    siamese0109 Posts: 355 Forumite
    Files\Lenovo\Client Security Solution\tvtpwm_ie_com.dll (Lenovo Group Limited)
    O9 - Extra Button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation)
    O9 - Extra 'Tools' menuitem : Se&nd to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation)
    O9 - Extra Button: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll (Microsoft Corporation)
    O9 - Extra 'Tools' menuitem : OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll (Microsoft Corporation)
    O9 - Extra Button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
    O9 - Extra 'Tools' menuitem : Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
    O9 - Extra Button: @C:\Program Files\Evernote\Evernote\Resource.dll,-101 - {A95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\Program Files\Evernote\Evernote\EvernoteIE.dll (Evernote Corp., 333 W Evelyn Ave. Mountain View, CA 94041)
    O9 - Extra 'Tools' menuitem : @C:\Program Files\Evernote\Evernote\Resource.dll,-101 - {A95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\Program Files\Evernote\Evernote\EvernoteIE.dll (Evernote Corp., 333 W Evelyn Ave. Mountain View, CA 94041)
    O9 - Extra Button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\Lenovo\Bluetooth Software\btsendto_ie.htm ()
    O9 - Extra 'Tools' menuitem : @btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\Lenovo\Bluetooth Software\btsendto_ie.htm ()
    O10 - NameSpace_Catalog5\Catalog_Entries\000000000008 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
    O13 - gopher Prefix: missing
    O15 - HKCU\..Trusted Ranges: Range1979 ([http] in Trusted sites)
    O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.7.0/jinstall-1_7_0_05-windows-i586.cab (Java Plug-in 10.5.0)
    O16 - DPF: {CAFEEFAC-0017-0000-0005-ABCDEFFEDCBA} http://java.sun.com/update/1.7.0/jinstall-1_7_0_05-windows-i586.cab (Java Plug-in 1.7.0_05)
    O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.7.0/jinstall-1_7_0_05-windows-i586.cab (Java Plug-in 1.7.0_05)
    O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.0.1
    O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{B974278D-CFCA-4400-9B3C-365E05058F38}: DhcpNameServer = 192.168.0.1
    O18 - Protocol\Handler\belarc {6318E0AB-2E93-11D1-B8ED-00608CC9A71F} - C:\Program Files\Belarc\Advisor\System\BAVoilaX.dll (Belarc, Inc.)
    O18 - Protocol\Handler\gopher - No CLSID value found
    O18 - Protocol\Handler\pure-go {4746C79A-2042-4332-8650-48966E44ABA8} - C:\Program Files\Common Files\Pure Networks Shared\puresp3.dll (Pure Networks, Inc.)
    O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
    O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
    O18 - Protocol\Filter\lzdhtml - No CLSID value found
    O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
    O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\System32\userinit.exe (Microsoft Corporation)
    O24 - Desktop WallPaper: C:\SWTOOLS\Wallpaper\gallery_beach.jpg
    O24 - Desktop BackupWallPaper: C:\SWTOOLS\Wallpaper\gallery_beach.jpg
    O28 - HKLM ShellExecuteHooks: {5AE067D3-9AFB-48E0-853A-EBB7F4A000DA} - C:\Program Files\SUPERAntiSpyware\SASSEH.DLL (SuperAdBlocker.com)
    O28 - HKLM ShellExecuteHooks: {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
    O32 - HKLM CDRom: AutoRun - 1
    O32 - AutoRun File - [2006/09/18 21:43:36 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
    O33 - MountPoints2\{19f38104-5919-11e1-bced-001dd9fbd017}\Shell - "" = AutoRun
    O33 - MountPoints2\{19f38104-5919-11e1-bced-001dd9fbd017}\Shell\AutoRun\command - "" = F:\setup_vmc_lite.exe /checkApplicationPresence
    O33 - MountPoints2\{59e4d6b4-3bc1-11e2-9048-001dd9fbd017}\Shell - "" = AutoRun
    O33 - MountPoints2\{59e4d6b4-3bc1-11e2-9048-001dd9fbd017}\Shell\AutoRun\command - "" = F:\AutoRun.exe
    O33 - MountPoints2\{7696347e-713e-11e0-b230-001dd9fbd017}\Shell - "" = AutoRun
    O33 - MountPoints2\{7696347e-713e-11e0-b230-001dd9fbd017}\Shell\AutoRun\command - "" = F:\AutoRun.exe
    O33 - MountPoints2\{838166b1-adc0-11e0-8bc1-001b380f28e6}\Shell - "" = AutoRun
    O33 - MountPoints2\{838166b1-adc0-11e0-8bc1-001b380f28e6}\Shell\AutoRun\command - "" = F:\PcOptions.exe
    O33 - MountPoints2\{838166c5-adc0-11e0-8bc1-001b380f28e6}\Shell - "" = AutoRun
    O33 - MountPoints2\{838166c5-adc0-11e0-8bc1-001b380f28e6}\Shell\AutoRun\command - "" = F:\PcOptions.exe
    O33 - MountPoints2\{a24c81a5-9b13-11e1-ad14-001dd9fbd017}\Shell - "" = AutoRun
    O33 - MountPoints2\{a24c81a5-9b13-11e1-ad14-001dd9fbd017}\Shell\AutoRun\command - "" = F:\TotalLock.exe
    O34 - HKLM BootExecute: (autocheck autochk *)
    O35 - HKLM\..comfile [open] -- "%1" %*
    O35 - HKLM\..exefile [open] -- "%1" %*
    O37 - HKLM\...com [@ = comfile] -- "%1" %*
    O37 - HKLM\...exe [@ = exefile] -- "%1" %*
    O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
    O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)

    ========== Files/Folders - Created Within 30 Days ==========

    [2012/12/14 21:59:44 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Users\Lesley\Desktop\OTL (1).exe
    [2012/12/04 17:41:48 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
    [2012/12/04 17:41:47 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Skype
    [2012/11/27 18:17:23 | 000,000,000 | ---D | C] -- C:\Users\Public\Documents\NativeFus_Log
    [2012/11/27 18:17:23 | 000,000,000 | ---D | C] -- C:\Users\Public\Documents\CrashDump
    [2012/11/27 18:16:49 | 000,000,000 | ---D | C] -- C:\Program Files\MyFree Codec
    [2012/11/27 17:17:54 | 000,000,000 | ---D | C] -- C:\Users\Lesley\Documents\samsung stuff
    [2012/11/22 09:53:41 | 000,000,000 | ---D | C] -- C:\Program Files\Mozilla Thunderbird
    [2012/11/18 14:26:59 | 000,000,000 | ---D | C] -- C:\Users\Lesley\Documents\dw
    [2012/11/18 12:32:03 | 000,000,000 | ---D | C] -- C:\Users\Lesley\Documents\My SugarSync
    [2012/11/18 12:30:03 | 000,000,000 | ---D | C] -- C:\Users\Lesley\AppData\Local\SugarSync
    [2012/11/18 12:29:23 | 000,000,000 | ---D | C] -- C:\Program Files\SugarSync
    [2010/08/13 19:59:58 | 000,047,360 | ---- | C] (VSO Software) -- C:\Users\Lesley\AppData\Roaming\pcouffin.sys

    ========== Files - Modified Within 30 Days ==========

    [2012/12/14 22:17:57 | 000,000,029 | ---- | M] () -- C:\Windows\System32\TempWmicBatchFile.bat
    [2012/12/14 21:59:47 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Lesley\Desktop\OTL (1).exe
    [2012/12/14 21:50:00 | 000,000,912 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-4146757318-4248663145-4192901059-1000UA.job
    [2012/12/14 21:39:00 | 000,000,886 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
    [2012/12/14 21:37:40 | 000,003,568 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
    [2012/12/14 21:37:40 | 000,003,568 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
    [2012/12/14 20:39:00 | 000,000,882 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
    [2012/12/14 05:50:00 | 000,000,860 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-4146757318-4248663145-4192901059-1000Core.job
    [2012/12/13 03:54:14 | 000,002,057 | ---- | M] () -- C:\Users\Lesley\Desktop\Google Chrome.lnk
    [2012/12/13 03:54:14 | 000,002,019 | ---- | M] () -- C:\Users\Lesley\Application Data\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk
    [2012/12/12 08:07:17 | 000,609,642 | ---- | M] () -- C:\Windows\System32\perfh009.dat
    [2012/12/12 08:07:17 | 000,109,118 | ---- | M] () -- C:\Windows\System32\perfc009.dat
    [2012/12/12 03:38:00 | 000,025,181 | ---- | M] () -- C:\Windows\System32\PROCDB.INI
    [2012/12/12 03:37:33 | 000,000,380 | ---- | M] () -- C:\Windows\System32\IPSCtrl.INI
    [2012/12/12 03:37:19 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
    [2012/12/12 03:37:07 | 000,397,632 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT
    [2012/12/12 03:33:53 | 000,002,140 | ---- | M] () -- C:\Windows\bthservsdp.dat
    [2012/12/04 17:41:48 | 000,001,878 | ---- | M] () -- C:\Users\Public\Desktop\Skype.lnk
    [2012/11/24 16:23:26 | 000,036,864 | ---- | M] () -- C:\Users\Lesley\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
    [2012/11/18 12:32:03 | 000,000,563 | ---- | M] () -- C:\Users\Lesley\Desktop\My SugarSync.lnk
    [2012/11/18 12:29:37 | 000,001,745 | ---- | M] () -- C:\Users\Public\Desktop\SugarSync Manager.lnk

    ========== Files Created - No Company Name ==========

    [2012/12/12 03:09:27 | 000,000,003 | ---- | C] () -- C:\Windows\System32\drivers\MsftWdf_User_01_11_00_Inbox_Critical.Wdf
    [2012/12/12 03:09:27 | 000,000,003 | ---- | C] () -- C:\Windows\System32\drivers\MsftWdf_Kernel_01011_Inbox_Critical.Wdf
    [2012/12/04 17:41:48 | 000,001,878 | ---- | C] () -- C:\Users\Public\Desktop\Skype.lnk
    [2012/11/18 12:32:03 | 000,000,563 | ---- | C] () -- C:\Users\Lesley\Desktop\My SugarSync.lnk
    [2012/11/18 12:29:37 | 000,001,757 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SugarSync Manager.lnk
    [2012/11/18 12:29:37 | 000,001,745 | ---- | C] () -- C:\Users\Public\Desktop\SugarSync Manager.lnk
    [2012/09/06 19:15:43 | 000,000,129 | ---- | C] () -- C:\Windows\wininit.ini
    [2012/01/15 17:04:27 | 000,000,193 | ---- | C] () -- C:\ProgramData\Microsoft.SqlServer.Compact.351.32.bc
    [2011/11/16 19:57:27 | 000,110,592 | ---- | C] () -- C:\Windows\System32\FsUsbExDevice.Dll
    [2011/11/16 19:57:27 | 000,036,608 | ---- | C] () -- C:\Windows\System32\FsUsbExDisk.Sys
    [2011/10/31 11:22:40 | 000,081,920 | ---- | C] () -- C:\Windows\System32\issacapi_bs-2.3.dll
    [2011/10/31 11:22:40 | 000,065,536 | ---- | C] () -- C:\Windows\System32\issacapi_pe-2.3.dll
    [2011/10/31 11:22:40 | 000,057,344 | ---- | C] () -- C:\Windows\System32\issacapi_se-2.3.dll
    [2011/10/31 11:22:38 | 000,974,848 | ---- | C] () -- C:\Windows\System32\cis-2.4.dll
    [2011/03/02 06:57:44 | 000,030,568 | ---- | C] () -- C:\Windows\MusiccityDownload.exe
    [2011/01/23 09:50:13 | 000,000,056 | -H-- | C] () -- C:\ProgramData\ezsidmv.dat
    [2010/12/28 09:41:02 | 000,027,648 | ---- | C] () -- C:\Windows\System32\AVSredirect.dll
    [2010/12/27 21:20:41 | 002,392,064 | ---- | C] () -- C:\Windows\System32\videotrans.dll
    [2010/12/27 21:20:41 | 000,215,040 | ---- | C] () -- C:\Windows\System32\videoformat.dll
    [2010/12/27 21:20:40 | 000,017,920 | ---- | C] () -- C:\Windows\System32\videocore.dll
    [2010/12/27 21:20:38 | 000,061,440 | ---- | C] () -- C:\Windows\System32\imgscaler.dll
    [2010/12/27 21:20:38 | 000,022,016 | ---- | C] () -- C:\Windows\System32\img_utils.dll
    [2010/08/13 20:02:21 | 000,001,057 | ---- | C] () -- C:\Users\Lesley\AppData\Roaming\vso_ts_preview.xml
    [2010/08/13 19:59:58 | 000,087,608 | ---- | C] () -- C:\Users\Lesley\AppData\Roaming\inst.exe
    [2010/08/13 19:59:58 | 000,007,887 | ---- | C] () -- C:\Users\Lesley\AppData\Roaming\pcouffin.cat
    [2010/08/13 19:59:58 | 000,001,144 | ---- | C] () -- C:\Users\Lesley\AppData\Roaming\pcouffin.inf
    [2010/07/02 17:58:54 | 000,036,864 | ---- | C] () -- C:\Users\Lesley\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
    [2010/06/19 15:34:16 | 000,001,356 | ---- | C] () -- C:\Users\Lesley\AppData\Local\d3d9caps.dat

    ========== ZeroAccess Check ==========

    [2006/11/02 12:54:22 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini

    [HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]

    [HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]

    [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
    "" = %SystemRoot%\system32\shell32.dll -- [2012/06/08 17:47:00 | 011,586,048 | ---- | M] (Microsoft Corporation)
    "ThreadingModel" = Apartment

    [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
    "" = %systemroot%\system32\wbem\fastprox.dll -- [2009/04/11 06:28:19 | 000,614,912 | ---- | M] (Microsoft Corporation)
    "ThreadingModel" = Free

    [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
    "" = %systemroot%\system32\wbem\wbemess.dll -- [2009/04/11 06:28:25 | 000,347,648 | ---- | M] (Microsoft Corporation)
    "ThreadingModel" = Both

    ========== LOP Check ==========

    [2010/12/25 22:07:38 | 000,000,000 | ---D | M] -- C:\Users\Lesley\AppData\Roaming\Amazon
    [2011/11/12 17:58:02 | 000,000,000 | ---D | M] -- C:\Users\Lesley\AppData\Roaming\AnvSoft
    [2010/10/03 16:07:31 | 000,000,000 | ---D | M] -- C:\Users\Lesley\AppData\Roaming\Blackberry Desktop
    [2012/02/07 17:25:20 | 000,000,000 | ---D | M] -- C:\Users\Lesley\AppData\Roaming\calibre
    [2012/12/12 07:40:55 | 000,000,000 | ---D | M] -- C:\Users\Lesley\AppData\Roaming\Dropbox
    [2012/03/05 18:20:58 | 000,000,000 | ---D | M] -- C:\Users\Lesley\AppData\Roaming\DVDVideoSoft
    [2011/02/11 18:20:54 | 000,000,000 | ---D | M] -- C:\Users\Lesley\AppData\Roaming\DVDVideoSoftIEHelpers
    [2011/11/12 17:46:35 | 000,000,000 | ---D | M] -- C:\Users\Lesley\AppData\Roaming\HandBrake
    [2010/10/17 13:07:59 | 000,000,000 | ---D | M] -- C:\Users\Lesley\AppData\Roaming\ImgBurn
    [2012/10/17 19:20:09 | 000,000,000 | ---D | M] -- C:\Users\Lesley\AppData\Roaming\Leadertech
    [2010/06/19 15:38:33 | 000,000,000 | ---D | M] -- C:\Users\Lesley\AppData\Roaming\Lenovo
    [2010/06/19 22:59:36 | 000,000,000 | ---D | M] -- C:\Users\Lesley\AppData\Roaming\OpenOffice.org
    [2010/08/15 16:03:09 | 000,000,000 | ---D | M] -- C:\Users\Lesley\AppData\Roaming\Research In Motion
    [2012/05/19 15:09:41 | 000,000,000 | ---D | M] -- C:\Users\Lesley\AppData\Roaming\Samsung
    [2012/07/12 17:09:03 | 000,000,000 | ---D | M] -- C:\Users\Lesley\AppData\Roaming\Spotify
    [2012/06/15 22:48:47 | 000,000,000 | ---D | M] -- C:\Users\Lesley\AppData\Roaming\Temp
    [2010/06/20 07:45:39 | 000,000,000 | ---D | M] -- C:\Users\Lesley\AppData\Roaming\Thunderbird
    [2010/06/19 16:22:22 | 000,000,000 | ---D | M] -- C:\Users\Lesley\AppData\Roaming\TomTom
    [2011/05/16 19:30:38 | 000,000,000 | ---D | M] -- C:\Users\Lesley\AppData\Roaming\Tyre
    [2010/07/09 06:21:27 | 000,000,000 | ---D | M] -- C:\Users\Lesley\AppData\Roaming\Update
    [2010/06/19 17:51:23 | 000,000,000 | ---D | M] -- C:\Users\Lesley\AppData\Roaming\URSoft
    [2012/12/14 22:00:37 | 000,000,000 | ---D | M] -- C:\Users\Lesley\AppData\Roaming\uTorrent
    [2012/02/29 18:43:22 | 000,000,000 | ---D | M] -- C:\Users\Lesley\AppData\Roaming\Vodafone
    [2012/11/10 09:09:40 | 000,000,000 | ---D | M] -- C:\Users\Lesley\AppData\Roaming\Vso

    ========== Purity Check ==========



    ========== Alternate Data Streams ==========

    @Alternate Data Stream - 157 bytes -> C:\ProgramData\TEMP:1CE11B51

    < End of report >
  • lollipopsarah
    lollipopsarah Posts: 1,333 Forumite
    Tenth Anniversary 1,000 Posts Combo Breaker
    Well I don't understand what the extension are (will try and ask my son tmorrow) but I have been have the same problem too so look forward to any other advise, thanks OP for your post.
    xx
This discussion has been closed.
Meet your Ambassadors

🚀 Getting Started

Hi new member!

Our Getting Started Guide will help you get the most out of the Forum

Categories

  • All Categories
  • 353.5K Banking & Borrowing
  • 254.1K Reduce Debt & Boost Income
  • 455K Spending & Discounts
  • 246.6K Work, Benefits & Business
  • 602.9K Mortgages, Homes & Bills
  • 178.1K Life & Family
  • 260.6K Travel & Transport
  • 1.5M Hobbies & Leisure
  • 16K Discuss & Feedback
  • 37.7K Read-Only Boards

Is this how you want to be seen?

We see you are using a default avatar. It takes only a few seconds to pick a picture.
Update Your Picture