We'd like to remind Forumites to please avoid political debate on the Forum... Read More »
Which is the best free popup blocker?
Laz123
Posts: 1,742 Forumite
in Techie Stuff
I don't mean the built in ones because they're not very good in Firefox and Chrome.
Is there one that works. I even keep getting popups now when I try and click on a link and it's always for for Apple phones even though it's (like) a government website. I've done all the usual scans, Malwarebyt, Superantispyware, Avast, et al.
TIA
Is there one that works. I even keep getting popups now when I try and click on a link and it's always for for Apple phones even though it's (like) a government website. I've done all the usual scans, Malwarebyt, Superantispyware, Avast, et al.
TIA
0
Comments
-
Ad block on Chrome works very well, though it sounds like you computer is compromised. See https://forums.moneysavingexpert.com/discussion/2436849Do you want your money back, and a bit more, search for 'money claim online' - They don't like it up 'em Captain Mainwaring0
-
Post me an OTL log so we can work out what's causing it.
Download OTL by Old Timer from the link below and save it to your Desktop.
LINK- Double click on OTL.exe to run it.
- Click the Quick Scan button.
- When it's finished , two Notepad files will open.
- OTL.txt <-- Will be opened
- Extras.txt <-- Will be minimized
- Post the contents of OTL.txt in your next reply.
0 -
Here's the log:
OTL logfile created on: 09/04/2013 08:53:55 - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Documents and Settings\Laurie\Desktop\New Games
Windows XP Home Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000809 | Country: United Kingdom | Language: ENG | Date Format: dd/MM/yyyy
1.99 Gb Total Physical Memory | 1.26 Gb Available Physical Memory | 63.35% Memory free
3.84 Gb Paging File | 3.21 Gb Available in Paging File | 83.55% Paging File free
Paging file location(s): c:\pagefile.sys 2046 4092 [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 149.00 Gb Total Space | 94.01 Gb Free Space | 63.09% Space Free | Partition Type: NTFS
Drive
| 298.56 Mb Total Space | 0.00 Mb Free Space | 0.00% Space Free | Partition Type: CDFS
Computer Name: LAURIE1-47F9CF8 | User Name: Laurie | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days
========== Processes (SafeList) ==========
PRC - [2013/04/09 08:53:38 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Laurie\Desktop\New Games\OTL.exe
PRC - [2013/04/02 16:31:26 | 002,795,048 | ---- | M] (Iminent) -- C:\Program Files\Common Files\Umbrella\Umbrella.exe
PRC - [2013/03/20 13:10:21 | 000,206,336 | ---- | M] (215 Apps) -- C:\Documents and Settings\Laurie\Local Settings\Application Data\Updater21810\Updater21810.exe
PRC - [2013/03/13 10:43:16 | 000,917,400 | ---- | M] (Mozilla Corporation) -- C:\Program Files\Mozilla Firefox\firefox.exe
PRC - [2013/03/07 00:32:44 | 004,767,304 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\AvastUI.exe
PRC - [2013/03/07 00:32:44 | 000,045,248 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe
PRC - [2013/02/20 15:37:48 | 001,611,584 | ---- | M] (IObit) -- C:\Program Files\IObit\Smart Defrag 2\SmartDefrag.exe
PRC - [2013/01/15 19:47:28 | 000,703,808 | ---- | M] (IObit) -- C:\Program Files\IObit\Advanced SystemCare 6\Monitor.exe
PRC - [2012/12/25 18:35:10 | 004,474,832 | ---- | M] (IObit) -- C:\Program Files\IObit\IObit Malware Fighter\IMF.exe
PRC - [2012/12/14 17:49:28 | 000,398,184 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe
PRC - [2012/11/29 21:31:04 | 000,038,608 | ---- | M] () -- C:\Program Files\RealNetworks\RealDownloader\rndlresolversvc.exe
PRC - [2012/07/11 19:54:49 | 000,116,608 | ---- | M] (SUPERAntiSpyware.com) -- C:\Program Files\SUPERAntiSpyware\SASCore.exe
PRC - [2012/01/09 21:17:44 | 000,821,592 | ---- | M] (IObit) -- C:\Program Files\IObit\IObit Malware Fighter\IMFsrv.exe
PRC - [2008/04/14 05:42:20 | 001,033,728 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
========== Modules (No Company Name) ==========
MOD - [2013/04/08 20:01:13 | 002,081,792 | ---- | M] () -- C:\Program Files\AVAST Software\Avast\defs\13040802\algo.dll
MOD - [2013/03/13 10:43:14 | 003,069,848 | ---- | M] () -- C:\Program Files\Mozilla Firefox\mozjs.dll
MOD - [2013/03/13 10:26:20 | 014,717,144 | ---- | M] () -- C:\WINDOWS\system32\Macromed\Flash\NPSWF32_11_6_602_180.dll
MOD - [2013/01/15 19:48:26 | 000,348,992 | ---- | M] () -- C:\Program Files\IObit\Advanced SystemCare 6\madexcept_.bpl
MOD - [2013/01/15 19:48:26 | 000,051,008 | ---- | M] () -- C:\Program Files\IObit\Advanced SystemCare 6\maddisAsm_.bpl
MOD - [2013/01/15 19:48:24 | 000,183,616 | ---- | M] () -- C:\Program Files\IObit\Advanced SystemCare 6\madbasic_.bpl
MOD - [2013/01/15 19:47:56 | 000,893,248 | ---- | M] () -- C:\Program Files\IObit\Advanced SystemCare 6\webres.dll
MOD - [2012/11/29 21:31:04 | 000,038,608 | ---- | M] () -- C:\Program Files\RealNetworks\RealDownloader\rndlresolversvc.exe
MOD - [2012/07/05 14:54:32 | 001,218,432 | ---- | M] () -- C:\Program Files\IObit\IObit Malware Fighter\Scan.dll
MOD - [2011/08/19 17:33:28 | 000,047,960 | ---- | M] () -- C:\Program Files\IObit\Smart Defrag 2\NtfsData.dll
MOD - [2011/06/23 14:41:30 | 000,138,752 | ---- | M] () -- C:\Program Files\IObit\IObit Malware Fighter\zlibwapi.dll
MOD - [2010/11/26 13:18:08 | 000,175,616 | ---- | M] () -- C:\Program Files\IObit\IObit Malware Fighter\unrar.dll
MOD - [2008/04/14 05:42:00 | 000,014,336 | ---- | M] () -- C:\WINDOWS\system32\msdmo.dll
========== Services (SafeList) ==========
SRV - File not found [Disabled | Stopped] -- C:\Program Files\Spybot -- (SDWSCService)
SRV - File not found [Disabled | Stopped] -- C:\Program Files\Spybot -- (SDUpdateService)
SRV - File not found [Disabled | Stopped] -- C:\Program Files\Spybot -- (SDScannerService)
SRV - File not found [On_Demand | Stopped] -- %SystemRoot%\System32\appmgmts.dll -- (AppMgmt)
SRV - [2013/04/02 16:31:26 | 002,795,048 | ---- | M] (Iminent) [Auto | Running] -- C:\Program Files\Common Files\Umbrella\Umbrella.exe -- (SProtection)
SRV - [2013/03/15 10:52:18 | 000,170,912 | ---- | M] (Oracle Corporation) [Disabled | Stopped] -- C:\Program Files\Java\jre7\bin\jqs.exe -- (JavaQuickStarterService)
SRV - [2013/03/13 10:43:15 | 000,115,608 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
SRV - [2013/03/13 10:29:01 | 000,253,656 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2013/03/07 00:32:44 | 000,045,248 | ---- | M] (AVAST Software) [Auto | Running] -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe -- (avast! Antivirus)
SRV - [2013/01/15 19:47:10 | 000,465,216 | ---- | M] (IObit) [Disabled | Stopped] -- C:\Program Files\IObit\Advanced SystemCare 6\ASCService.exe -- (AdvancedSystemCareService6)
SRV - [2012/12/14 17:49:28 | 000,682,344 | ---- | M] (Malwarebytes Corporation) [Auto | Stopped] -- C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe -- (MBAMService)
SRV - [2012/12/14 17:49:28 | 000,398,184 | ---- | M] (Malwarebytes Corporation) [Auto | Running] -- C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe -- (MBAMScheduler)
SRV - [2012/07/13 13:28:36 | 000,160,944 | R--- | M] (Skype Technologies) [Disabled | Stopped] -- C:\Program Files\Skype\Updater\Updater.exe -- (SkypeUpdate)
SRV - [2012/07/11 19:54:49 | 000,116,608 | ---- | M] (SUPERAntiSpyware.com) [Auto | Running] -- C:\Program Files\SUPERAntiSpyware\SASCore.exe -- (!SASCORE)
SRV - [2012/01/09 21:17:44 | 000,821,592 | ---- | M] (IObit) [Auto | Running] -- C:\Program Files\IObit\IObit Malware Fighter\IMFsrv.exe -- (IMFservice)
========== Driver Services (SafeList) ==========
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (WDICA)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDRFRAME)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDRELI)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDFRAME)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDCOMP)
DRV - File not found [Kernel | System | Stopped] -- -- (PCIDump)
DRV - File not found [Kernel | System | Stopped] -- -- (lbrtfdc)
DRV - File not found [Kernel | System | Stopped] -- -- (i2omgmt)
DRV - File not found [Kernel | System | Stopped] -- -- (Changer)
DRV - [2013/03/07 00:33:24 | 000,765,736 | ---- | M] (AVAST Software) [File_System | System | Running] -- C:\WINDOWS\System32\drivers\aswSnx.sys -- (aswSnx)
DRV - [2013/03/07 00:33:24 | 000,368,176 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\aswSP.sys -- (aswSP)
DRV - [2013/03/07 00:33:24 | 000,164,736 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\WINDOWS\System32\drivers\aswVmm.sys -- (aswVmm)
DRV - [2013/03/07 00:33:24 | 000,062,376 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\aswTdi.sys -- (aswTdi)
DRV - [2013/03/07 00:33:24 | 000,049,760 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\aswRdr.sys -- (AswRdr)
DRV - [2013/03/07 00:33:24 | 000,049,248 | ---- | M] () [Kernel | Boot | Running] -- C:\WINDOWS\System32\drivers\aswRvrt.sys -- (aswRvrt)
DRV - [2013/03/07 00:33:23 | 000,066,336 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\WINDOWS\system32\drivers\aswMonFlt.sys -- (aswMonFlt)
DRV - [2013/03/07 00:33:22 | 000,029,816 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\WINDOWS\System32\drivers\aswFsBlk.sys -- (aswFsBlk)
DRV - [2012/12/14 17:49:28 | 000,021,104 | ---- | M] (Malwarebytes Corporation) [File_System | On_Demand | Running] -- C:\WINDOWS\system32\drivers\mbam.sys -- (MBAMProtector)
DRV - [2012/07/05 14:54:18 | 000,016,248 | ---- | M] (IObit.com) [Kernel | On_Demand | Running] -- C:\Program Files\IObit\IObit Malware Fighter\Drivers\wxp_x86\UrlFilter.sys -- (UrlFilter)
DRV - [2012/07/05 14:54:16 | 000,030,408 | ---- | M] (IObit.com) [Kernel | On_Demand | Running] -- C:\Program Files\IObit\IObit Malware Fighter\Drivers\wxp_x86\RegFilter.sys -- (RegFilter)
DRV - [2012/06/03 10:45:50 | 000,005,504 | ---- | M] () [File_System | Auto | Running] -- C:\WINDOWS\System32\drivers\StarOpen.sys -- (StarOpen)
DRV - [2012/03/26 15:50:12 | 000,018,432 | ---- | M] (Apple Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\netaapl.sys -- (Netaapl)
DRV - [2012/01/05 19:07:40 | 000,246,816 | ---- | M] (IObit) [File_System | On_Demand | Running] -- C:\Program Files\IObit\IObit Malware Fighter\Drivers\wxp_x86\FileMonitor.sys -- (FileMonitor)
DRV - [2011/07/22 17:27:02 | 000,012,880 | ---- | M] (SUPERAdBlocker.com and SUPERAntiSpyware.com) [Kernel | System | Running] -- C:\Program Files\SUPERAntiSpyware\sasdifsv.sys -- (SASDIFSV)
DRV - [2011/07/12 22:55:22 | 000,067,664 | ---- | M] (SUPERAdBlocker.com and SUPERAntiSpyware.com) [Kernel | System | Running] -- C:\Program Files\SUPERAntiSpyware\SASKUTIL.SYS -- (SASKUTIL)
DRV - [2010/11/26 19:02:52 | 000,014,776 | ---- | M] () [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\SmartDefragDriver.sys -- (SmartDefragDriver)
DRV - [2005/08/17 15:41:08 | 001,022,040 | ---- | M] (SigmaTel, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\sthda.sys -- (STHDA)
========== Standard Registry (SafeList) ==========
========== Internet Explorer ==========
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL = http://www.google.com/ie
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.google.com/ie
IE - HKLM\..\SearchScopes,DefaultScope = {C9C014EB-AC6A-437C-B7CB-4D2768803EEE}
IE - HKLM\..\SearchScopes\{006ee092-9658-4fd6-bd8e-a21a348e59f5}: "URL" = http://feed.helperbar.com/?publisher=OC&dpid=OC&co=GB&userid=6ee4a01d-cedf-49a9-8595-102ab8452419&affid=111585&searchtype=ds&babsrc=lnkry&q={searchTerms}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://search.live.com/results.aspx?q={searchTerms}&src={referrer:source?}
IE - HKLM\..\SearchScopes\{C9C014EB-AC6A-437C-B7CB-4D2768803EEE}: "URL" = http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = http://feed.helperbar.com/?publisher=OC&dpid=OC&co=GB&userid=6ee4a01d-cedf-49a9-8595-102ab8452419&affid=111585&searchtype=ds&babsrc=lnkry&q={searchTerms}
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://feed.helperbar.com/?publisher=OC&dpid=OC&co=GB&userid=6ee4a01d-cedf-49a9-8595-102ab8452419&affid=111585&searchtype=ds&babsrc=lnkry&q={searchTerms}
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://personal.informer.com/
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL = http://feed.helperbar.com/?publisher=OC&dpid=OC&co=GB&userid=6ee4a01d-cedf-49a9-8595-102ab8452419&affid=111585&searchtype=ds&babsrc=lnkry&q={searchTerms}
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://feed.helperbar.com/?publisher=OC&dpid=OC&co=GB&userid=6ee4a01d-cedf-49a9-8595-102ab8452419&affid=111585&searchtype=ds&babsrc=lnkry&q={searchTerms}
IE - HKCU\..\SearchScopes,DefaultScope = {B5936A91-6F56-4793-B103-EB37A1EE6F6D}
IE - HKCU\..\SearchScopes\{006ee092-9658-4fd6-bd8e-a21a348e59f5}: "URL" = http://feed.helperbar.com/?publisher=OC&dpid=OC&co=GB&userid=6ee4a01d-cedf-49a9-8595-102ab8452419&affid=111585&searchtype=ds&babsrc=lnkry&q={searchTerms}
IE - HKCU\..\SearchScopes\{B5936A91-6F56-4793-B103-EB37A1EE6F6D}: "URL" = http://www.bing.com/search?q={searchTerms}&form=IE8SRC&src=IE-SearchBox
IE - HKCU\..\SearchScopes\{C9C014EB-AC6A-437C-B7CB-4D2768803EEE}: "URL" = http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7&rlz=1I7FDUM_enGB496
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local
========== FireFox ==========
FF - prefs.js..browser.search.selectedEngine: "Bing"
FF - prefs.js..browser.search.useDBForOrder: true
FF - prefs.js..browser.startup.homepage: "http://personal.informer.com/"
FF - prefs.js..extensions.enabledAddons: extension21810%40extension21810.com:0.91.49
FF - prefs.js..extensions.enabledAddons: webbooster%40iminent.com:6.13.4.1
FF - prefs.js..extensions.enabledAddons: adblockpopups%40jessehakanen.net:0.7
FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:19.0.2
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\WINDOWS\system32\Macromed\Flash\NPSWF32_11_6_602_180.dll ()
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@canon.com/EPPEX: C:\Program Files\Canon\Easy-PhotoPrint EX\NPEZFFPI.DLL (CANON INC.)
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Browser Plugin,version=1.0.0: C:\Program Files\DivX\DivX Plus Web Player\npdivx32.dll (DivX, LLC)
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX VOD Helper,version=1.0.0: C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.17.2: C:\WINDOWS\system32\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.17.2: C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@real.com/nppl3260;version=16.0.0.282: c:\program files\real\realplayer\Netscape6\nppl3260.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprndlchromebrowserrecordext;version=1.3.0: C:\Documents and Settings\All Users\Application Data\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlchromebrowserrecordext.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprndlhtml5videoshim;version=1.3.0: C:\Documents and Settings\All Users\Application Data\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlhtml5videoshim.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprndlpepperflashvideoshim;version=1.3.0: C:\Documents and Settings\All Users\Application Data\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlpepperflashvideoshim.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprpplugin;version=16.0.0.282: c:\program files\real\realplayer\Netscape6\nprpplugin.dll (RealPlayer)
FF - HKLM\Software\MozillaPlugins\@realnetworks.com/npdlplugin;version=1: C:\Documents and Settings\All Users\Application Data\RealNetworks\RealDownloader\BrowserPlugins\npdlplugin.dll (RealDownloader)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.0.5: C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\extensions\\wrc@avast.com: C:\Program Files\AVAST Software\Avast\WebRep\FF [2013/03/13 10:17:08 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\extensions\\{23fcfd51-4958-4f00-80a3-ae97e717ed8b}: C:\Program Files\DivX\DivX Plus Web Player\firefox\DivXHTML5 [2012/11/19 10:28:51 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\extensions\\{34712C68-7391-4c47-94F3-8F88D49AD632}: C:\Documents and Settings\All Users\Application Data\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext\ [2012/12/17 19:46:20 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\extensions\\webbooster@iminent.com: C:\Program Files\Iminent\webbooster@iminent.com [2013/04/04 16:29:43 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\extensions\\{ABDE892B-13A8-4d1b-88E6-365A6E755758}: C:\Documents and Settings\All Users\Application Data\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext [2012/12/17 19:46:20 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 18.0.2\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2013/03/13 10:43:17 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 18.0.2\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2013/03/16 09:18:53 | 000,000,000 | ---D | M]
[2012/12/07 15:58:24 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Laurie\Application Data\Mozilla\Extensions
[2013/04/08 21:16:02 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Laurie\Application Data\Mozilla\Firefox\Profiles\ai7um0uk.default\extensions
[2013/03/21 13:04:24 | 000,000,000 | ---D | M] ("Giant Savings Extension") -- C:\Documents and Settings\Laurie\Application Data\Mozilla\Firefox\Profiles\ai7um0uk.default\extensions\extension21810@extension21810.com
[2013/03/21 13:04:22 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Laurie\Application Data\Mozilla\Firefox\Profiles\ai7um0uk.default\extensions\extension21810@extension21810.com\chrome
[2013/03/21 13:04:22 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Laurie\Application Data\Mozilla\Firefox\Profiles\ai7um0uk.default\extensions\extension21810@extension21810.com\defaults
[2013/03/21 13:04:21 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Laurie\Application Data\Mozilla\Firefox\Profiles\ai7um0uk.default\extensions\extension21810@extension21810.com\locale
[2013/03/21 13:04:21 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Laurie\Application Data\Mozilla\Firefox\Profiles\ai7um0uk.default\extensions\extension21810@extension21810.com\skin
[2013/03/21 13:04:22 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Laurie\Application Data\Mozilla\Firefox\Profiles\ai7um0uk.default\extensions\extension21810@extension21810.com\chrome\content\extensionCode
[2013/04/08 21:16:02 | 000,134,804 | ---- | M] () (No name found) -- C:\Documents and Settings\Laurie\Application Data\Mozilla\Firefox\Profiles\ai7um0uk.default\extensions\adblockpopups@jessehakanen.net.xpi
[2013/03/13 10:42:48 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions
[2013/03/13 10:42:49 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0037-ABCDEFFEDCBA}
[2013/04/04 16:29:43 | 000,000,000 | ---D | M] ("Iminent Minibar") -- C:\PROGRAM FILES\IMINENT\WEBBOOSTER@IMINENT.COM
[2013/03/13 10:43:17 | 000,263,064 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\browsercomps.dll
[2012/12/17 19:45:09 | 000,124,056 | ---- | M] (RealPlayer) -- C:\Program Files\mozilla firefox\plugins\nprpplugin.dll
[2012/09/06 02:26:22 | 000,002,465 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\bing.xml
[2013/03/13 10:43:13 | 000,002,086 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\twitter.xml0 -
========== Chrome ==========
CHR - homepage:
CHR - default_search_provider: Google (Enabled)
CHR - default_search_provider: search_url = {google:baseURL}search?q={searchTerms}&{google:RLZ}{google:acceptedSuggestion}{google:originalQueryForSuggestion}{google:assistedQueryStats}{google:searchFieldtrialParameter}sourceid=chrome&ie={inputEncoding}
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client=chrome&hl={language}&q={searchTerms}&sugkey={google:suggestAPIKeyParameter}
CHR - homepage:
CHR - plugin: Shockwave Flash (Enabled) = C:\Program Files\Google\Chrome\Application\23.0.1271.97\PepperFlash\pepflashplayer.dll
CHR - plugin: Chrome Remote Desktop Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Program Files\Google\Chrome\Application\23.0.1271.97\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Program Files\Google\Chrome\Application\23.0.1271.97\pdf.dll
CHR - plugin: Conduit Chrome Plugin (Enabled) = C:\Documents and Settings\Laurie\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\ahilkiibpgjnonbhdfkkgjddddmapala\10.11.21.5_0\plugins/ConduitChromeApiPlugin.dll
CHR - plugin: Conduit Radio Plugin (Enabled) = C:\Documents and Settings\Laurie\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\ahilkiibpgjnonbhdfkkgjddddmapala\10.11.21.5_0\plugins/np-cwmp.dll
CHR - plugin: Adobe Acrobat (Enabled) = C:\Program Files\Adobe\Reader 11.0\Reader\Browser\nppdf32.dll
CHR - plugin: RealPlayer(tm) G2 LiveConnect-Enabled Plug-In (32-bit) (Enabled) = C:\Program Files\Mozilla Firefox\plugins\nppl3260.dll
CHR - plugin: QuickTime Plug-in 7.7.3 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin.dll
CHR - plugin: QuickTime Plug-in 7.7.3 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin2.dll
CHR - plugin: QuickTime Plug-in 7.7.3 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin3.dll
CHR - plugin: QuickTime Plug-in 7.7.3 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin4.dll
CHR - plugin: QuickTime Plug-in 7.7.3 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin5.dll
CHR - plugin: QuickTime Plug-in 7.7.3 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin6.dll
CHR - plugin: QuickTime Plug-in 7.7.3 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin7.dll
CHR - plugin: RealPlayer Download Plugin (Enabled) = C:\Program Files\Mozilla Firefox\plugins\nprpplugin.dll
CHR - plugin: Microsoft\u00C2\u00AE DRM (Enabled) = C:\Program Files\Windows Media Player\npdrmv2.dll
CHR - plugin: Windows Media Player Plug-in Dynamic Link Library (Enabled) = C:\Program Files\Windows Media Player\npdsplay.dll
CHR - plugin: Microsoft\u00C2\u00AE DRM (Enabled) = C:\Program Files\Windows Media Player\npwmsdrm.dll
CHR - plugin: RealNetworks(tm) RealDownloader Chrome Background Extension Plug-In (32-bit) (Enabled) = C:\Documents and Settings\All Users\Application Data\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlchromebrowserrecordext.dll
CHR - plugin: RealNetworks(tm) RealDownloader HTML5VideoShim Plug-In (32-bit) (Enabled) = C:\Documents and Settings\All Users\Application Data\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlhtml5videoshim.dll
CHR - plugin: RealNetworks(tm) RealDownloader PepperFlashVideoShim Plug-In (32-bit) (Enabled) = C:\Documents and Settings\All Users\Application Data\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlpepperflashvideoshim.dll
CHR - plugin: RealDownloader Plugin (Enabled) = C:\Documents and Settings\All Users\Application Data\RealNetworks\RealDownloader\BrowserPlugins\npdlplugin.dll
CHR - plugin: CANON iMAGE GATEWAY Album Plugin Utility (Enabled) = C:\Program Files\Canon\Easy-PhotoPrint EX\NPEZFFPI.DLL
CHR - plugin: DivX VOD Helper Plug-in (Enabled) = C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll
CHR - plugin: DivX Plus Web Player (Enabled) = C:\Program Files\DivX\DivX Plus Web Player\npdivx32.dll
CHR - plugin: Google Update (Enabled) = C:\Program Files\Google\Update\1.3.21.123\npGoogleUpdate3.dll
CHR - plugin: Java(TM) Platform SE 7 U13 (Enabled) = C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll
CHR - plugin: VLC Web Plugin (Enabled) = C:\Program Files\VideoLAN\VLC\npvlc.dll
CHR - plugin: iTunes Application Detector (Enabled) = C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\WINDOWS\system32\Macromed\Flash\NPSWF32_11_5_502_149.dll
CHR - plugin: Java Deployment Toolkit 7.0.130.20 (Enabled) = C:\WINDOWS\system32\npDeployJava1.dll
CHR - plugin: Windows Presentation Foundation (Enabled) = c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll
CHR - Extension: FLV Runner = C:\Documents and Settings\Laurie\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\ahilkiibpgjnonbhdfkkgjddddmapala\10.14.370.524_0\
CHR - Extension: Google Drive = C:\Documents and Settings\Laurie\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.3_0\
CHR - Extension: Google Search = C:\Documents and Settings\Laurie\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.19_0\
CHR - Extension: Giant Savings Extension = C:\Documents and Settings\Laurie\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\halffneccaebicfdfajnbfgpglahfgoe\1.23.49_0\crossrider
CHR - Extension: Giant Savings Extension = C:\Documents and Settings\Laurie\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\halffneccaebicfdfajnbfgpglahfgoe\1.23.49_0\
CHR - Extension: avast! WebRep = C:\Documents and Settings\Laurie\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\icmlaeflemplmjndnaapfdbbnpncnbda\8.0.1483_0\
CHR - Extension: RealDownloader = C:\Documents and Settings\Laurie\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\idhngdhcfkoamngbedgpaokgjbnpdiji\1.3.0_0\
CHR - Extension: Iminent = C:\Documents and Settings\Laurie\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.13.4.1_0\
CHR - Extension: DivX Plus Web Player HTML5 \u003Cvideo\u003E = C:\Documents and Settings\Laurie\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\nneajnkjbffgblleaoojgaacokifdkhm\2.1.2.145_0\
CHR - Extension: Gmail = C:\Documents and Settings\Laurie\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\
O1 HOSTS File: ([2004/08/04 11:00:00 | 000,000,734 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (Giant Savings Extension) - {11111111-1111-1111-1111-110211181110} - C:\Program Files\Giant Savings Extension\Giant Savings Extension.dll (215 Apps)
O2 - BHO: (RealNetworks Download and Record Plugin for Internet Explorer) - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Documents and Settings\All Users\Application Data\RealNetworks\RealDownloader\BrowserPlugins\IE\rndlbrowserrecordplugin.dll (RealDownloader)
O2 - BHO: (no name) - {326E768D-4182-46FD-9C16-1449A49795F4} - No CLSID value found.
O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
O2 - BHO: (IMinent WebBooster (BHO)) - {A09AB6EB-31B5-454C-97EC-9B294D92EE2A} - C:\Program Files\Iminent\Iminent.WebBooster.InternetExplorer.dll (Iminent)
O2 - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.7.7529.1424\swg.dll (Google Inc.)
O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O3 - HKLM\..\Toolbar: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
O3 - HKLM\..\Toolbar: (no name) - {ae07101b-46d4-4a98-af68-0333ea26e113} - No CLSID value found.
O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - No CLSID value found.
O4 - HKLM..\Run: [APSDaemon] C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.)
O4 - HKLM..\Run: [avast] C:\Program Files\AVAST Software\Avast\avastUI.exe (AVAST Software)
O4 - HKLM..\Run: [Iminent] File not found
O4 - HKLM..\Run: [IminentMessenger] File not found
O4 - HKLM..\Run: [IObit Malware Fighter] C:\Program Files\IObit\IObit Malware Fighter\IMF.exe (IObit)
O4 - HKLM..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k File not found
O4 - HKCU..\Run: [Updater21810.exe] C:\Documents and Settings\Laurie\Local Settings\Application Data\Updater21810\Updater21810.exe (215 Apps)
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Infodelivery present
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoViewOnDrive = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = F7 FF FF 03 [binary data]
O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} http://v4.windowsupdate.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1344248009571 (Reg Error: Value error.)
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} http://update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1344848452328 (MUWebControl Class)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_37-windows-i586.cab (Reg Error: Value error.)
O16 - DPF: {CAFEEFAC-0014-0002-0003-ABCDEFFEDCBA} http://java.sun.com/update/1.4.2/jinstall-1_4_2_03-windows-i586.cab (Java Plug-in 1.4.2_03)
O16 - DPF: {CAFEEFAC-0016-0000-0037-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_37-windows-i586.cab (Java Plug-in 1.6.0_37)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_37-windows-i586.cab (Java Plug-in 1.6.0_37)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab (Shockwave Flash Object)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.254
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{9885728F-44AA-4BA1-A87B-ABEF18D77E16}: DhcpNameServer = 192.168.1.254
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O20 - AppInit_DLLs: (c:\docume~1\alluse~1\applic~1\browse~1\261095~1.52\{c16c1~1\browse~1.dll) - File not found
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\WINDOWS\system32\userinit.exe) - C:\WINDOWS\system32\userinit.exe (Microsoft Corporation)
O20 - Winlogon\Notify\SDWinLogon: DllName - (SDWinLogon.dll) - File not found
O24 - Desktop WallPaper: C:\Documents and Settings\Laurie\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O24 - Desktop BackupWallPaper: C:\Documents and Settings\Laurie\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O28 - HKLM ShellExecuteHooks: {5AE067D3-9AFB-48E0-853A-EBB7F4A000DA} - C:\Program Files\SUPERAntiSpyware\SASSEH.DLL (SuperAdBlocker.com)
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2012/08/06 10:33:09 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O32 - AutoRun File - [2000/06/01 08:39:56 | 000,000,524 | R--- | M] () -\AUTORUN.INF -- [ CDFS ]
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
========== Files/Folders - Created Within 30 Days ==========
[2013/04/04 16:31:56 | 000,000,000 | ---D | C] -- C:\Program Files\DomaIQ Uninstaller
[2013/04/04 15:39:43 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Laurie\Application Data\Iminent
[2013/04/04 15:39:35 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Iminent
[2013/04/04 15:38:56 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Iminent
[2013/04/04 15:38:54 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Umbrella
[2013/04/04 15:38:45 | 000,000,000 | ---D | C] -- C:\Program Files\Iminent
[2013/04/01 17:24:46 | 000,000,000 | RH-D | C] -- C:\Documents and Settings\Laurie\Recent
[2013/03/30 10:30:44 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Laurie\Application Data\log
[2013/03/29 15:51:45 | 000,029,528 | ---- | C] (IObit) -- C:\WINDOWS\System32\SmartDefragBootTime.exe
[2013/03/27 00:25:16 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\iTunes
[2013/03/27 00:24:16 | 000,000,000 | ---D | C] -- C:\Program Files\iPod
[2013/03/27 00:24:08 | 000,000,000 | ---D | C] -- C:\Program Files\iTunes
[2013/03/27 00:24:08 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\188F1432-103A-4ffb-80F1-36B633C5C9E1
[2013/03/25 13:34:18 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Laurie\Desktop\Data
[2013/03/25 13:32:51 | 000,000,000 | ---D | C] -- C:\Program Files\SIWPortable
[2013/03/20 13:10:23 | 000,000,000 | ---D | C] -- C:\Program Files\JDownloader
[2013/03/20 13:10:20 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Laurie\Local Settings\Application Data\Updater21810
[2013/03/20 13:09:41 | 000,000,000 | ---D | C] -- C:\Program Files\Giant Savings Extension
[2013/03/18 15:54:44 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\IObit Malware Fighter
[2013/03/18 15:54:39 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Smart Defrag 2
[2013/03/18 15:43:06 | 000,000,000 | ---D | C] -- C:\WINDOWS\tasks\TaskDisabled
[2013/03/17 11:43:35 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Licenses
[2013/03/13 10:42:47 | 000,000,000 | ---D | C] -- C:\Program Files\Mozilla Firefox
[2013/03/13 10:17:11 | 000,066,336 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswMonFlt.sys
[7 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]0 -
========== Files - Modified Within 30 Days ==========
[2013/04/09 08:28:15 | 000,000,830 | ---- | M] () -- C:\WINDOWS\tasks\Adobe Flash Player Updater.job
[2013/04/09 08:27:00 | 000,000,280 | ---- | M] () -- C:\WINDOWS\tasks\RealUpgradeLogonTaskS-1-5-21-1482476501-1214440339-725345543-1004.job
[2013/04/09 08:26:57 | 000,000,364 | -H-- | M] () -- C:\WINDOWS\tasks\avast! Emergency Update.job
[2013/04/09 08:26:57 | 000,000,280 | ---- | M] () -- C:\WINDOWS\tasks\RealPlayerRealUpgradeLogonTaskS-1-5-21-1482476501-1214440339-725345543-1004.job
[2013/04/09 08:26:55 | 000,000,288 | ---- | M] () -- C:\WINDOWS\tasks\RealPlayerRealUpgradeScheduledTaskS-1-5-21-1482476501-1214440339-725345543-1004.job
[2013/04/09 08:26:37 | 000,000,280 | ---- | M] () -- C:\WINDOWS\tasks\SmartDefragUpdate.job
[2013/04/09 08:26:28 | 000,000,270 | ---- | M] () -- C:\WINDOWS\tasks\ASC6_PerformanceMonitor.job
[2013/04/09 08:26:26 | 000,000,282 | ---- | M] () -- C:\WINDOWS\tasks\SmartDefrag_Startup.job
[2013/04/09 08:26:18 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2013/04/08 08:24:02 | 000,000,288 | ---- | M] () -- C:\WINDOWS\tasks\RealUpgradeScheduledTaskS-1-5-21-1482476501-1214440339-725345543-1004.job
[2013/04/07 19:49:46 | 000,340,594 | ---- | M] () -- C:\Documents and Settings\Laurie\Local Settings\Application Data\census.cache
[2013/04/07 19:49:43 | 000,187,854 | ---- | M] () -- C:\Documents and Settings\Laurie\Local Settings\Application Data\ars.cache
[2013/04/07 17:46:56 | 000,000,310 | ---- | M] () -- C:\WINDOWS\tasks\RealDownloaderRealUpgradeScheduledTaskS-1-5-21-1482476501-1214440339-725345543-1004.job
[2013/04/05 18:56:00 | 001,411,202 | ---- | M] () -- C:\Documents and Settings\Laurie\Desktop\zipcar.BMP
[2013/04/04 15:39:32 | 000,000,596 | ---- | M] () -- C:\WINDOWS\System32\InstallUtil.InstallLog
[2013/04/03 10:34:00 | 000,000,290 | ---- | M] () -- C:\WINDOWS\tasks\DriverPerformer_UPDATES.job
[2013/04/03 08:21:21 | 000,000,211 | -HS- | M] () -- C:\boot.ini
[2013/04/02 12:23:37 | 000,002,473 | ---- | M] () -- C:\Documents and Settings\Laurie\Desktop\Microsoft Word.lnk
[2013/04/02 11:57:40 | 000,001,717 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\The Conquerors.lnk
[2013/04/02 11:55:38 | 000,001,819 | ---- | M] () -- C:\Documents and Settings\Laurie\Desktop\Age of Empires II.lnk
[2013/04/01 10:29:01 | 000,000,328 | ---- | M] () -- C:\WINDOWS\tasks\RealDownloaderDownloaderScheduledTaskS-1-5-21-1482476501-1214440339-725345543-1004.job
[2013/03/31 19:04:17 | 000,001,106 | ---- | M] () -- C:\Documents and Settings\Laurie\My Documents\iPod Release Notes.rtf
[2013/03/31 08:01:14 | 000,494,318 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
[2013/03/31 08:01:13 | 000,084,670 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
[2013/03/30 10:30:29 | 000,001,877 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Aiseesoft DVD Copy.lnk
[2013/03/30 09:37:48 | 003,654,329 | ---- | M] () -- C:\Documents and Settings\Laurie\Desktop\attachments_2013_03_30(1).zip
[2013/03/30 09:37:46 | 003,654,329 | ---- | M] () -- C:\Documents and Settings\Laurie\Desktop\attachments_2013_03_30.zip
[2013/03/28 12:38:02 | 011,915,269 | ---- | M] () -- C:\Documents and Settings\Laurie\Desktop\apprentiships-rospectuslowres.pdf
[2013/03/28 12:37:56 | 001,391,398 | ---- | M] () -- C:\Documents and Settings\Laurie\Desktop\PTprospectuslowres.pdf
[2013/03/28 12:37:24 | 001,193,223 | ---- | M] () -- C:\Documents and Settings\Laurie\Desktop\FTprospectuslowres.pdf
[2013/03/27 00:25:16 | 000,001,542 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\iTunes.lnk
[2013/03/25 13:35:13 | 000,002,206 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2013/03/23 13:38:49 | 000,000,045 | ---- | M] () -- C:\WINDOWS\System32\initdebug.nfo
[2013/03/22 16:42:40 | 000,010,536 | ---- | M] () -- C:\WINDOWS\System32\drivers\hmonitor45.sys
[2013/03/22 16:41:36 | 000,000,000 | ---- | M] () -- C:\END
[2013/03/22 04:48:25 | 000,002,265 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Skype.lnk
[2013/03/20 13:11:56 | 000,001,694 | ---- | M] () -- C:\Documents and Settings\Laurie\Desktop\JDownloader.lnk
[2013/03/20 13:11:56 | 000,001,658 | ---- | M] () -- C:\Documents and Settings\Laurie\Application Data\Microsoft\Internet Explorer\Quick Launch\JDownloader.lnk
[2013/03/18 15:54:44 | 000,000,826 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\IObit Malware Fighter.lnk
[2013/03/18 15:54:40 | 000,000,841 | ---- | M] () -- C:\Documents and Settings\Laurie\Application Data\Microsoft\Internet Explorer\Quick Launch\Smart Defrag 2.lnk
[2013/03/18 15:54:39 | 000,000,823 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Smart Defrag 2.lnk
[2013/03/17 11:43:29 | 000,000,754 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\SpywareBlaster.lnk
[2013/03/17 11:43:07 | 000,000,682 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\CCleaner.lnk
[2013/03/17 11:40:52 | 000,001,632 | ---- | M] () -- C:\Documents and Settings\Laurie\Desktop\Update Checker.lnk
[2013/03/13 10:17:11 | 000,002,577 | ---- | M] () -- C:\WINDOWS\System32\CONFIG.NT
[7 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
========== Files Created - No Company Name ==========
[2013/04/05 18:55:56 | 001,411,202 | ---- | C] () -- C:\Documents and Settings\Laurie\Desktop\zipcar.BMP
[2013/04/04 15:39:18 | 000,000,596 | ---- | C] () -- C:\WINDOWS\System32\InstallUtil.InstallLog
[2013/04/02 11:57:40 | 000,001,717 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\The Conquerors.lnk
[2013/04/02 11:55:38 | 000,001,819 | ---- | C] () -- C:\Documents and Settings\Laurie\Desktop\Age of Empires II.lnk
[2013/03/31 19:04:17 | 000,001,106 | ---- | C] () -- C:\Documents and Settings\Laurie\My Documents\iPod Release Notes.rtf
[2013/03/30 10:30:29 | 000,001,877 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Aiseesoft DVD Copy.lnk
[2013/03/30 09:37:32 | 003,654,329 | ---- | C] () -- C:\Documents and Settings\Laurie\Desktop\attachments_2013_03_30(1).zip
[2013/03/30 09:37:28 | 003,654,329 | ---- | C] () -- C:\Documents and Settings\Laurie\Desktop\attachments_2013_03_30.zip
[2013/03/29 15:51:46 | 000,000,282 | ---- | C] () -- C:\WINDOWS\tasks\SmartDefrag_Startup.job
[2013/03/29 15:51:44 | 000,000,280 | ---- | C] () -- C:\WINDOWS\tasks\SmartDefragUpdate.job
[2013/03/28 12:37:49 | 001,391,398 | ---- | C] () -- C:\Documents and Settings\Laurie\Desktop\PTprospectuslowres.pdf
[2013/03/28 12:37:30 | 011,915,269 | ---- | C] () -- C:\Documents and Settings\Laurie\Desktop\apprentiships-rospectuslowres.pdf
[2013/03/28 12:37:20 | 001,193,223 | ---- | C] () -- C:\Documents and Settings\Laurie\Desktop\FTprospectuslowres.pdf
[2013/03/27 00:25:16 | 000,001,542 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\iTunes.lnk
[2013/03/23 13:38:47 | 000,000,045 | ---- | C] () -- C:\WINDOWS\System32\initdebug.nfo
[2013/03/22 16:41:34 | 000,000,000 | ---- | C] () -- C:\END
[2013/03/22 16:25:55 | 000,010,536 | ---- | C] () -- C:\WINDOWS\System32\drivers\hmonitor45.sys
[2013/03/20 13:11:56 | 000,001,694 | ---- | C] () -- C:\Documents and Settings\Laurie\Desktop\JDownloader.lnk
[2013/03/20 13:11:56 | 000,001,658 | ---- | C] () -- C:\Documents and Settings\Laurie\Application Data\Microsoft\Internet Explorer\Quick Launch\JDownloader.lnk
[2013/03/20 13:11:35 | 000,001,658 | ---- | C] () -- C:\Documents and Settings\All Users\Start Menu\Programs\JDownloader.lnk
[2013/03/20 13:11:34 | 000,001,602 | ---- | C] () -- C:\Documents and Settings\All Users\Start Menu\Programs\JDownloader Uninstaller.lnk
[2013/03/20 13:11:34 | 000,001,581 | ---- | C] () -- C:\Documents and Settings\All Users\Start Menu\Programs\JDownloader Update.lnk
[2013/03/18 15:54:44 | 000,000,826 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\IObit Malware Fighter.lnk
[2013/03/18 15:54:41 | 000,014,776 | ---- | C] () -- C:\WINDOWS\System32\drivers\SmartDefragDriver.sys
[2013/03/18 15:54:40 | 000,000,841 | ---- | C] () -- C:\Documents and Settings\Laurie\Application Data\Microsoft\Internet Explorer\Quick Launch\Smart Defrag 2.lnk
[2013/03/18 15:54:39 | 000,000,823 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Smart Defrag 2.lnk
[2013/03/17 11:43:29 | 000,000,754 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\SpywareBlaster.lnk
[2013/03/17 11:43:07 | 000,000,682 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\CCleaner.lnk
[2013/03/13 10:19:00 | 000,000,280 | ---- | C] () -- C:\WINDOWS\tasks\RealPlayerRealUpgradeLogonTaskS-1-5-21-1482476501-1214440339-725345543-1004.job
[2013/03/13 10:18:59 | 000,000,288 | ---- | C] () -- C:\WINDOWS\tasks\RealPlayerRealUpgradeScheduledTaskS-1-5-21-1482476501-1214440339-725345543-1004.job
[2013/03/13 10:17:12 | 000,164,736 | ---- | C] () -- C:\WINDOWS\System32\drivers\aswVmm.sys
[2013/03/13 10:17:12 | 000,049,248 | ---- | C] () -- C:\WINDOWS\System32\drivers\aswRvrt.sys
[2013/01/22 12:54:48 | 000,000,127 | ---- | C] () -- C:\WINDOWS\wininit.ini
[2012/11/11 11:57:01 | 000,005,504 | ---- | C] () -- C:\WINDOWS\System32\drivers\StarOpen.sys
[2012/11/09 11:23:32 | 000,000,579 | ---- | C] () -- C:\Documents and Settings\Laurie\Application Data\burnaware.ini
[2012/10/10 10:52:03 | 000,046,744 | -H-- | C] () -- C:\WINDOWS\System32\mlfcache.dat
[2012/08/23 15:19:40 | 000,340,594 | ---- | C] () -- C:\Documents and Settings\Laurie\Local Settings\Application Data\census.cache
[2012/08/23 15:19:34 | 000,187,854 | ---- | C] () -- C:\Documents and Settings\Laurie\Local Settings\Application Data\ars.cache
[2012/08/23 15:07:10 | 000,000,036 | ---- | C] () -- C:\Documents and Settings\Laurie\Local Settings\Application Data\housecall.guid.cache
[2012/08/08 19:19:40 | 000,030,720 | ---- | C] () -- C:\Documents and Settings\Laurie\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2012/08/08 12:49:23 | 000,178,688 | ---- | C] () -- C:\WINDOWS\System32\unrar.dll
[2012/08/06 15:26:49 | 000,000,376 | ---- | C] () -- C:\WINDOWS\ODBC.INI
[2012/08/06 11:21:31 | 000,004,161 | ---- | C] () -- C:\WINDOWS\ODBCINST.INI
[2012/08/06 11:20:11 | 000,250,288 | ---- | C] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2012/08/06 10:46:13 | 004,456,448 | -H-- | C] () -- C:\Documents and Settings\Laurie\NTUSER.bak
[2012/08/06 10:35:42 | 000,002,048 | --S- | C] () -- C:\WINDOWS\bootstat.dat
[2012/08/06 10:30:12 | 000,022,720 | ---- | C] () -- C:\WINDOWS\System32\emptyregdb.dat
========== ZeroAccess Check ==========
[2012/08/10 09:40:14 | 000,000,227 | RHS- | M] () -- C:\WINDOWS\assembly\Desktop.ini
[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shdocvw.dll -- [2008/04/14 05:42:06 | 001,499,136 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = C:\WINDOWS\system32\wbem\fastprox.dll -- [2009/02/09 13:10:48 | 000,473,600 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
"" = C:\WINDOWS\system32\wbem\wbemess.dll -- [2008/04/14 05:42:10 | 000,273,920 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both
========== LOP Check ==========
[2013/03/27 00:25:13 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\188F1432-103A-4ffb-80F1-36B633C5C9E1
[2013/03/30 10:30:13 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Aiseesoft Studio
[2012/08/31 09:19:11 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\ashampoo
[2012/08/06 15:06:17 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\AVAST Software
[2013/01/31 15:39:15 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Babylon
[2012/11/11 11:57:19 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Canneverbe Limited
[2013/02/06 12:01:08 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Application Data\CanonBJ
[2012/08/06 14:39:32 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Application Data\CanonEPP
[2013/02/05 13:13:00 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Application Data\CanonIJEGV
[2012/08/06 14:39:32 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Application Data\CanonIJEPPEX2
[2012/08/06 14:38:10 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\CanonIJMSetup
[2013/02/06 12:14:14 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Application Data\CanonIJScan
[2012/08/06 14:39:33 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Application Data\CanonIJSolutionMenuEX
[2012/08/06 14:34:58 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\CanonIJWSpt
[2012/08/08 12:40:44 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Application Data\Common Files
[2013/04/04 15:39:35 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Iminent
[2013/03/18 15:53:36 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\IObit
[2013/03/17 11:43:35 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Licenses
[2012/09/15 09:15:41 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\LongoSoftware
[2012/10/21 08:46:02 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\MagicSoftware
[2012/10/19 10:26:21 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\PC Optimizer Pro
[2012/08/12 13:09:04 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Sony
[2012/11/22 17:10:22 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\SpeedMaxPc
[2013/01/31 15:45:51 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Tarma Installer
[2013/03/29 15:52:32 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\TEMP
[2012/09/04 15:24:58 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Tencent
[2012/08/08 16:25:18 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Ulead Systems
[2012/10/25 14:35:17 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\vsosdk
[2013/02/04 16:56:22 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\{CED89F1A-945F-46EC-B23C-5EAF6D2DB12A}
[2012/10/16 15:49:07 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Laurie\Application Data\AnvSoft
[2012/10/22 09:16:45 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Laurie\Application Data\Ashampoo
[2012/08/29 11:46:22 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Laurie\Application Data\Auslogics
[2013/01/31 15:39:13 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Laurie\Application Data\Babylon
[2013/02/09 10:17:50 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Laurie\Application Data\Boilsoft
[2012/11/11 11:57:19 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Laurie\Application Data\Canneverbe Limited
[2013/02/06 12:14:14 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Laurie\Application Data\Canon
[2013/01/10 11:42:21 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Laurie\Application Data\DDMSettings
[2012/10/05 09:23:56 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Laurie\Application Data\Digiarty
[2012/11/22 16:55:29 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Laurie\Application Data\DriverCure
[2013/01/31 14:57:53 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Laurie\Application Data\DVDVideoSoft
[2012/09/15 11:20:05 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Laurie\Application Data\FinalBurner Video DVD
[2013/01/31 13:36:50 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Laurie\Application Data\ImgBurn
[2013/04/04 15:39:43 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Laurie\Application Data\Iminent
[2013/03/18 15:54:41 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Laurie\Application Data\IObit
[2012/08/24 09:31:57 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Laurie\Application Data\KC Softwares
[2013/03/30 10:30:44 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Laurie\Application Data\log
[2012/08/09 11:49:06 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Laurie\Application Data\Nuclear Coffee
[2012/11/22 13:09:31 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Laurie\Application Data\OpenCandy
[2012/11/26 11:39:11 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Laurie\Application Data\Opera
[2012/08/12 09:27:37 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Laurie\Application Data\Oracle
[2013/01/31 15:41:58 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Laurie\Application Data\player
[2012/08/12 13:46:12 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Laurie\Application Data\Publish Providers
[2012/11/08 16:09:03 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\Laurie\Application Data\RPPrivate
[2012/08/13 16:08:01 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Laurie\Application Data\Serif
[2012/08/12 14:42:18 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Laurie\Application Data\Sony
[2012/11/22 16:55:28 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Laurie\Application Data\SpeedMaxPc
[2012/12/25 11:22:59 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Laurie\Application Data\Template
[2012/09/04 15:24:58 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Laurie\Application Data\Tencent
[2012/08/08 16:26:08 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Laurie\Application Data\Ulead Systems
========== Purity Check ==========
========== Alternate Data Streams ==========
@Alternate Data Stream - 468 bytes -> C:\Documents and Settings\Laurie\My Documents\Henrik-Site1.wpp:SummaryInformation
@Alternate Data Stream - 144 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:373E1720
@Alternate Data Stream - 124 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:07BF512B
@Alternate Data Stream - 119 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:5C321E34
@Alternate Data Stream - 108 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:61B310EE
< End of report >0 -
Bloody hell - most of it. Back up your files and start again, though I think they maybe compromised. I would think about using Ubuntu to sweep them before using them with windows.Do you want your money back, and a bit more, search for 'money claim online' - They don't like it up 'em Captain Mainwaring0
-
There's nothing particularly malicious, but there's a bit of junkware (Iminent, Giant Savings etc) in there.
Post the contents of other log - extras.txt - and we'll see what we can uninstall & then script the rest out.
One question - Did you knowingly install JDownloader?0 -
One question - Did you knowingly install JDownloader?
Yes.
Here's the other log:
OTL Extras logfile created on: 09/04/2013 08:53:56 - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Documents and Settings\Laurie\Desktop\New Games
Windows XP Home Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000809 | Country: United Kingdom | Language: ENG | Date Format: dd/MM/yyyy
1.99 Gb Total Physical Memory | 1.26 Gb Available Physical Memory | 63.35% Memory free
3.84 Gb Paging File | 3.21 Gb Available in Paging File | 83.55% Paging File free
Paging file location(s): c:\pagefile.sys 2046 4092 [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 149.00 Gb Total Space | 94.01 Gb Free Space | 63.09% Space Free | Partition Type: NTFS
Drive | 298.56 Mb Total Space | 0.00 Mb Free Space | 0.00% Space Free | Partition Type: CDFS
Computer Name: LAURIE1-47F9CF8 | User Name: Laurie | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days
========== Extra Registry (SafeList) ==========
========== File Associations ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
.html [@ = ChromeHTML] -- C:\Program Files\Google\Chrome\Application\chrome.exe (Google Inc.)
[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)
========== Shell Spawning ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
exefile [open] -- "%1" %*
htmlfile [edit] -- Reg Error: Key error.
http [open] -- "C:\Program Files\Google\Chrome\Application\chrome.exe" -- "%1" (Google Inc.)
https [open] -- "C:\Program Files\Google\Chrome\Application\chrome.exe" -- "%1" (Google Inc.)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" (VideoLAN)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" (VideoLAN)
Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
========== Security Center Settings ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"FirstRunDisabled" = 1
"FirewallDisableNotify" = 0
"UpdatesDisableNotify" = 0
"AntiVirusOverride" = 0
"FirewallOverride" = 0
"ANTIVIRUSDISABLENOTIFY" = 0
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall]
========== System Restore Settings ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows NT\SystemRestore]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Sr]
"Start" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SrService]
"Start" = 2
========== Firewall Settings ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1
"DoNotAllowExceptions" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
"5985:TCP" = 5985:TCP:*:Disabled:Windows Remote Management
"80:TCP" = 80:TCP:*:Disabled:Windows Remote Management - Compatibility Mode (HTTP-In)
========== Authorized Applications List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
"%windir%\system32\sessmgr.exe" = %windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019 -- (Microsoft Corporation)
"%windir%\Network Diagnostic\xpnetdiag.exe" = %windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000 -- (Microsoft Corporation)
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"%windir%\system32\sessmgr.exe" = %windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019 -- (Microsoft Corporation)
"%windir%\Network Diagnostic\xpnetdiag.exe" = %windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000 -- (Microsoft Corporation)
"C:\Program Files\Skype\Phone\Skype.exe" = C:\Program Files\Skype\Phone\Skype.exe:*:Enabled:Skype -- (Skype Technologies S.A.)
"C:\Program Files\Microsoft Games\Age of Empires II\age2_x1\age2_x1.exe" = C:\Program Files\Microsoft Games\Age of Empires II\age2_x1\age2_x1.exe:*:Enabled:Age of Empires II Expansion -- (Microsoft Corporation)
"C:\Documents and Settings\Laurie\Local Settings\Temp\ChromeplusDownload\online_installer.exe" = C:\Documents and Settings\Laurie\Local Settings\Temp\ChromeplusDownload\online_installer.exe:*:Enabled:online_installer
"C:\Program Files\Opera\opera.exe" = C:\Program Files\Opera\opera.exe:*:Enabled:Opera Internet Browser
"C:\Documents and Settings\Laurie\Local Settings\Temp\7zS5D.tmp\SymNRT.exe" = C:\Documents and Settings\Laurie\Local Settings\Temp\7zS5D.tmp\SymNRT.exe:*:Enabled:Norton Removal Tool
"C:\Documents and Settings\Laurie\Local Settings\Temp\7zS6B.tmp\SymNRT.exe" = C:\Documents and Settings\Laurie\Local Settings\Temp\7zS6B.tmp\SymNRT.exe:*:Enabled:Norton Removal Tool
"C:\Program Files\Bonjour\mDNSResponder.exe" = C:\Program Files\Bonjour\mDNSResponder.exe:*:Enabled:Bonjour Service -- (Apple Inc.)
"C:\Program Files\Spybot - Search & Destroy 2\SDTray.exe" = C:\Program Files\Spybot - Search & Destroy 2\SDTray.exe:*:Enabled:Spybot-S&D 2 Tray Icon -- (Safer-Networking Ltd.)
"C:\Program Files\Spybot - Search & Destroy 2\SDFSSvc.exe" = C:\Program Files\Spybot - Search & Destroy 2\SDFSSvc.exe:*:Enabled:Spybot-S&D 2 Scanner Service -- (Safer-Networking Ltd.)
"C:\Program Files\Spybot - Search & Destroy 2\SDUpdate.exe" = C:\Program Files\Spybot - Search & Destroy 2\SDUpdate.exe:*:Enabled:Spybot-S&D 2 Updater -- (Safer-Networking Ltd.)
"C:\Program Files\Spybot - Search & Destroy 2\SDUpdSvc.exe" = C:\Program Files\Spybot - Search & Destroy 2\SDUpdSvc.exe:*:Enabled:Spybot-S&D 2 Background update service -- (Safer-Networking Ltd.)
"C:\Documents and Settings\Laurie\Desktop\Cryptload 1.1.8\Cryptload 1.1.8\Cryptload1.1.8\RouterClient.exe" = C:\Documents and Settings\Laurie\Desktop\Cryptload 1.1.8\Cryptload 1.1.8\Cryptload1.1.8\RouterClient.exe:*:Enabled:RouterClient
"C:\Program Files\Java\jre7\bin\javaw.exe" = C:\Program Files\Java\jre7\bin\javaw.exe:*:Enabled:Java(TM) Platform SE binary -- (Oracle Corporation)
"C:\Program Files\Common Files\Apple\Apple Application Support\WebKit2WebProcess.exe" = C:\Program Files\Common Files\Apple\Apple Application Support\WebKit2WebProcess.exe:*:Enabled:WebKit -- (Apple Inc.)
"C:\Program Files\iTunes\iTunes.exe" = C:\Program Files\iTunes\iTunes.exe:*:Enabled:iTunes -- (Apple Inc.)
"C:\WINDOWS\system32\dplaysvr.exe" = C:\WINDOWS\system32\dplaysvr.exe:*:Enabled:Microsoft DirectPlay Helper -- (Microsoft Corporation)
"C:\Program Files\Iminent\Iminent.exe" = C:\Program Files\Iminent\Iminent.exe:*:Enabled:Iminent Firewall Rule -- (Iminent)
"C:\Program Files\Iminent\Iminent.Messengers.exe" = C:\Program Files\Iminent\Iminent.Messengers.exe:*:Enabled:Iminent.Messengers Firewall Rule -- (Iminent)
========== HKEY_LOCAL_MACHINE Uninstall List ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{00030409-78E1-11D2-B60F-006097C998E7}" = Microsoft Office 2000 Small Business
"{0A0CADCF-78DA-33C4-A350-CD51849B9702}" = Microsoft .NET Framework 4 Extended
"{0E08BAC8-845B-4327-8CDB-4B0F8C9857A5}_is1" = FLV Media Player version 1.3
"{1111706F-666A-4037-7777-211328764D10}" = JavaFX 2.1.1
"{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MP280_series" = Canon MP280 series MP Drivers
"{18455581-E099-4BA8-BC6B-F34B2F06600C}" = Google Toolbar for Internet Explorer
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{2318C2B1-4965-11d4-9B18-009027A5CD4F}" = Google Toolbar for Internet Explorer
"{24549038-9956-4EE5-976D-4419AAEA7DD5}_is1" = Boilsoft Video Splitter 6.34
"{268278CF-FB69-4D98-B70E-BFEC1CDCA225}" = iTunes
"{26A24AE4-039D-4CA4-87B4-2F83216037FF}" = Java(TM) 6 Update 37
"{26A24AE4-039D-4CA4-87B4-2F83217017FF}" = Java 7 Update 17
"{28C2DED6-325B-4CC7-983A-1777C8F7FBAB}" = RealUpgrade 1.1
"{31383A1D-FAE6-435A-9DBD-FDB61C7C8EC9}" = Ulead Photo Express 5 SE
"{350C97B0-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP
"{3661F243-518C-4d05-8BDF-7B10CC22689F}_is1" = Aiseesoft Total Video Converter Platinum 6.3.26
"{3C3901C5-3455-3E0A-A214-0B093A5070A6}" = Microsoft .NET Framework 4 Client Profile
"{45C56AA7-ED1B-4800-A97F-EDDF3F3520B1}" = Apple Application Support
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4F23DE27-8262-4c5a-9D7E-223FF16D9968}_is1" = Aiseesoft DVD Copy 5.0.12
"{5905F42D-3F5F-4916-ADA6-94A3646AEE76}" = Dell Driver Reset Tool
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{7148F0A8-6813-11D6-A77B-00B0D0142030}" = Java 2 Runtime Environment, SE v1.4.2_03
"{764D06D8-D8DE-411E-A1C8-D9E9380F8A84}" = Microsoft Works 7.0
"{7770E71B-2D43-4800-9CB3-5B6CAAEBEBEA}" = RealNetworks - Microsoft Visual C++ 2008 Runtime
"{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}" = Apple Software Update
"{79155F2B-9895-49D7-8612-D92580E0DE5B}" = Bonjour
"{7E265513-8CDA-4631-B696-F40D983F3B07}_is1" = CDBurnerXP
"{85309D89-7BE9-4094-BB17-24999C6118FC}" = PhotoStudio
"{89B5DFCA-81E0-4EA4-8A0A-4F4087A1DD00}" = Iminent
"{8A708DD8-A5E6-11D4-A706-000629E95E20}" = Intel(R) Graphics Media Accelerator Driver
"{90120000-0020-0409-0000-0000000FF1CE}" = Compatibility Pack for the 2007 Office system
"{933B4015-4618-4716-A828-5289FC03165F}" = VC80CRTRedist - 8.0.50727.6195
"{97E038E1-41AD-4C93-BCDC-6A2394AEE352}" = Vegas Movie Studio Platinum 9.0
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}" = Microsoft .NET Framework 3.0 Service Pack 2
"{A462213D-EED4-42C2-9A60-7BDD4D4B0B17}" = SigmaTel Audio
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{AAECF7BA-E83B-4A10-87EA-DE0B333F8734}" = RealNetworks - Microsoft Visual C++ 2010 Runtime
"{AC76BA86-7AD7-1033-7B44-AB0000000001}" = Adobe Reader XI (11.0.02)
"{AF0CE7C0-A3E4-4D73-988B-B29187EC6E9A}" = QuickTime
"{AF7EBCA4-9FAF-4DC8-8D09-67854BB84D34}" = RealDownloader
"{B4092C6D-E886-4CB2-BA68-FE5A99D31DE7}_is1" = Spybot - Search & Destroy
"{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}" = Microsoft .NET Framework 2.0 Service Pack 2
"{C713C8B5-F0E1-401D-AE9B-3AB0E180D626}" = WinDriversBackup
"{CDDCBBF1-2703-46BC-938B-BCC81A1EEAAA}" = SUPERAntiSpyware
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{DF6A13C0-77DF-41FE-BD05-6D5201EB0CE7}_is1" = Auslogics Disk Defrag
"{E14ADE0E-75F3-4A46-87E5-26692DD626EC}" = Apple Mobile Device Support
"{EE7257A2-39A2-4D2F-9DAC-F9F25B8AE1D8}" = Skype™ 5.10
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{FCD9CD52-7222-4672-94A0-A722BA702FD0}" = Dell Resource CD
"5513-1208-7298-9440" = JDownloader 0.9
"7-Zip" = 7-Zip 9.22beta
"Adobe Acrobat 4.0" = Adobe Acrobat 4.0
"Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin
"Advanced SystemCare 6_is1" = Advanced SystemCare 6
"Age of Empires 2.0" = Microsoft Age of Empires II
"Any Video Converter 5_is1" = Any Video Converter 5 5.0.3
"Any Video Converter_is1" = Any Video Converter 3.5.8
"Ashampoo Burning Studio 2010_is1" = Ashampoo Burning Studio 2010
"Ashampoo Burning Studio 2012_is1" = Ashampoo Burning Studio 2012 v.10.0.15
"Audacity_is1" = Audacity 1.2.6
"avast" = avast! Free Antivirus
"BurnAware Free_is1" = BurnAware Free 5.3
"Canon MP280 series User Registration" = Canon MP280 series User Registration
"CanonMyPrinter" = Canon My Printer
"CanonSolutionMenuEX" = Canon Solution Menu EX
"CCleaner" = CCleaner
"CheckIt Diagnostics" = CheckIt Diagnostics
"DivX Setup" = DivX Setup
"Doxillion" = Doxillion Document Converter
"DVD Flick_is1" = DVD Flick 1.3.0.7
"Easy-PhotoPrint EX" = Canon Easy-PhotoPrint EX
"EndItAll_is1" = EndItAll 2.0
"ERUNT_is1" = ERUNT 1.1j
"FileHippo.com" = FileHippo.com Update Checker
"Fotosizer" = Fotosizer 1.37
"Free Disc Burner_is1" = Free Disc Burner version 3.0.18.128
"Free FLV to MP3 Converter_is1" = Free FLV to MP3 Converter
"Free Hide Folder" = Free Hide Folder
"get_iplayer" = get_iplayer 4.5
"Giant Savings Extension" = Giant Savings Extension
"Google Chrome" = Google Chrome
"ie8" = Windows Internet Explorer 8
"IMBoosterARP" = Iminent
"ImgBurn" = ImgBurn
"IObit Malware Fighter_is1" = IObit Malware Fighter
"KC Softwares AVIToolbox_is1" = KC Softwares AVIToolbox
"KLiteCodecPack_is1" = K-Lite Codec Pack 9.1.0 (Full)
"Longo DVD Ripper_is1" = Longo DVD Ripper2.0.1
"Magic DVD Copier_is1" = Magic DVD Copier V7.1.1
"Malwarebytes' Anti-Malware_is1" = Malwarebytes Anti-Malware version 1.70.0.1100
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Extended" = Microsoft .NET Framework 4 Extended
"Mozilla Firefox 18.0.2 (x86 en-US)" = Mozilla Firefox 18.0.2 (x86 en-US)
"MozillaMaintenanceService" = Mozilla Maintenance Service
"MP Navigator EX 4.0" = Canon MP Navigator EX 4.0
"MSCompPackV1" = Microsoft Compression Client Pack 1.0 for Windows XP
"PowerShell" = Windows PowerShell(TM) 1.0
"PROSet" = Intel(R) PRO Network Connections Drivers
"RealPlayer 16.0" = RealPlayer
"Revo Uninstaller" = Revo Uninstaller 1.94
"Smart Defrag 2_is1" = Smart Defrag 2
"SpywareBlaster_is1" = SpywareBlaster 5.0
"The Voyager" = The Voyager
"Tweak UI 2.10" = Tweak UI
"VideoGet_is1" = Nuclear Coffee - VideoGet
"VLC media player" = VLC media player 2.0.5
"Wdf01009" = Microsoft Kernel-Mode Driver Framework Feature Pack 1.9
"Windows Media Format Runtime" = Windows Media Format 11 runtime
"Windows Media Player" = Windows Media Player 11
"Windows XP Service Pack" = Windows XP Service Pack 3
"WinX DVD Ripper Platinum_is1" = WinX DVD Ripper Platinum 6.9.2
"WMFDist11" = Windows Media Format 11 runtime
"wmp11" = Windows Media Player 11
"Wondershare DVD Creator_is1" = Wondershare DVD Creator(Build 2.6.5)
========== HKEY_CURRENT_USER Uninstall List ==========
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"ChromePlus" = CoolNovo
========== Last 20 Event Log Errors ==========
[ Application Events ]
Error - 02/04/2013 06:14:04 | Computer Name = LAURIE1-47F9CF8 | Source = Bonjour Service | ID = 100
Description = ERROR: handle_resolve_request bad interfaceIndex 22
Error - 02/04/2013 06:14:04 | Computer Name = LAURIE1-47F9CF8 | Source = Bonjour Service | ID = 100
Description = ERROR: handle_resolve_request bad interfaceIndex 23
Error - 02/04/2013 06:14:04 | Computer Name = LAURIE1-47F9CF8 | Source = Bonjour Service | ID = 100
Description = ERROR: handle_resolve_request bad interfaceIndex 24
Error - 02/04/2013 06:16:17 | Computer Name = LAURIE1-47F9CF8 | Source = Bonjour Service | ID = 100
Description = Client application bug: DNSServiceResolve(f4:1b:a1:2a:00:94@fe80::f61b:a1ff:fe2a:94._apple-mobdev._tcp.local.)
active for over two minutes. This places considerable burden on the network.
Error - 02/04/2013 06:30:20 | Computer Name = LAURIE1-47F9CF8 | Source = Application Error | ID = 1000
Description = Faulting application age2_x1.exe, version 0.7.26.809, faulting module
age2_x1.exe, version 0.7.26.809, fault address 0x001fab30.
Error - 02/04/2013 09:16:53 | Computer Name = LAURIE1-47F9CF8 | Source = Application Error | ID = 1000
Description = Faulting application burningstudio2010.exe, version 9.12.0.11, faulting
module acdw.dll, version 2.0.0.0, fault address 0x00161c30.
Error - 02/04/2013 09:25:40 | Computer Name = LAURIE1-47F9CF8 | Source = Application Error | ID = 1000
Description = Faulting application burningstudio2010.exe, version 9.12.0.11, faulting
module acdw.dll, version 2.0.0.0, fault address 0x00161c30.
Error - 02/04/2013 09:26:43 | Computer Name = LAURIE1-47F9CF8 | Source = Application Error | ID = 1000
Description = Faulting application burningstudio2012.exe, version 10.0.15.206, faulting
module acdw.dll, version 2.0.0.0, fault address 0x0007ec7e.
Error - 03/04/2013 08:04:30 | Computer Name = LAURIE1-47F9CF8 | Source = Bonjour Service | ID = 100
Description = Client application bug: DNSServiceResolve(f4:1b:a1:2a:00:94@fe80::f61b:a1ff:fe2a:94._apple-mobdev._tcp.local.)
active for over two minutes. This places considerable burden on the network.
Error - 03/04/2013 08:04:30 | Computer Name = LAURIE1-47F9CF8 | Source = Bonjour Service | ID = 100
Description = Client application bug: DNSServiceResolve(bc:52:b7:18:39:c9@fe80::be52:b7ff:fe18:39c9._apple-mobdev._tcp.local.)
active for over two minutes. This places considerable burden on the network.
[ System Events ]
Error - 02/04/2013 13:24:15 | Computer Name = LAURIE1-47F9CF8 | Source = Cdrom | ID = 262151
Description = The device, \Device\CdRom0, has a bad block.
Error - 02/04/2013 13:24:17 | Computer Name = LAURIE1-47F9CF8 | Source = Cdrom | ID = 262151
Description = The device, \Device\CdRom0, has a bad block.
Error - 02/04/2013 16:59:35 | Computer Name = LAURIE1-47F9CF8 | Source = Service Control Manager | ID = 7009
Description = Timeout (30000 milliseconds) waiting for the Spybot-S&D 2 Security
Center Service service to connect.
Error - 02/04/2013 16:59:35 | Computer Name = LAURIE1-47F9CF8 | Source = Service Control Manager | ID = 7000
Description = The Spybot-S&D 2 Security Center Service service failed to start due
to the following error: %%1053
Error - 03/04/2013 03:12:18 | Computer Name = LAURIE1-47F9CF8 | Source = Service Control Manager | ID = 7009
Description = Timeout (30000 milliseconds) waiting for the Spybot-S&D 2 Security
Center Service service to connect.
Error - 03/04/2013 03:12:18 | Computer Name = LAURIE1-47F9CF8 | Source = Service Control Manager | ID = 7000
Description = The Spybot-S&D 2 Security Center Service service failed to start due
to the following error: %%1053
Error - 03/04/2013 03:15:28 | Computer Name = LAURIE1-47F9CF8 | Source = Service Control Manager | ID = 7031
Description = The Apple Mobile Device service terminated unexpectedly. It has done
this 1 time(s). The following corrective action will be taken in 60000 milliseconds:
Restart the service.
Error - 03/04/2013 03:16:01 | Computer Name = LAURIE1-47F9CF8 | Source = Service Control Manager | ID = 7034
Description = The iPod Service service terminated unexpectedly. It has done this
1 time(s).
Error - 03/04/2013 03:17:46 | Computer Name = LAURIE1-47F9CF8 | Source = Service Control Manager | ID = 7009
Description = Timeout (30000 milliseconds) waiting for the Spybot-S&D 2 Security
Center Service service to connect.
Error - 03/04/2013 03:17:46 | Computer Name = LAURIE1-47F9CF8 | Source = Service Control Manager | ID = 7000
Description = The Spybot-S&D 2 Security Center Service service failed to start due
to the following error: %%1053
< End of report >0 -
I use Adblock Plus on my Chrome browser and it works a treat. It also blocks ads that appear on Google searches or while you're on Facebook. I'm not a technie, but this has been good for me. I can't post a link as I'm a newbie, but it's pretty easy to Google.If music be the food of love, play on :beer:0
-
Uninstall these:
Giant Savings Extension
Iminent
Java 2 Runtime Environment, SE v1.4.2_03
Java(TM) 6 Update 37
Then run this OTL script.
The script below will stop explorer & your desktop will temporarily disappear (it will return on reboot), & your recycle bin will be emptied.- Double-click OTL.exe to start the program.
- Copy and Paste all the following code into the
textbox. Do not include the word Code:
:commands [CREATERESTOREPOINT] :OTL SRV - [2013/04/02 16:31:26 | 002,795,048 | ---- | M] (Iminent) [Auto | Running] -- C:\Program Files\Common Files\Umbrella\Umbrella.exe -- (SProtection) IE - HKLM\..\SearchScopes\{006ee092-9658-4fd6-bd8e-a21a348e59f5}: "URL" = http://feed.helperbar.com/?publisher=OC&dpid=OC&co=GB&userid=6ee4a01d-cedf-49a9-8595-102ab8452419&affid=111585&searchtype=ds&babsrc=lnkry&q={searchTerms} IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = http://feed.helperbar.com/?publisher=OC&dpid=OC&co=GB&userid=6ee4a01d-cedf-49a9-8595-102ab8452419&affid=111585&searchtype=ds&babsrc=lnkry&q={searchTerms} IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://feed.helperbar.com/?publisher=OC&dpid=OC&co=GB&userid=6ee4a01d-cedf-49a9-8595-102ab8452419&affid=111585&searchtype=ds&babsrc=lnkry&q={searchTerms} IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL = http://feed.helperbar.com/?publisher=OC&dpid=OC&co=GB&userid=6ee4a01d-cedf-49a9-8595-102ab8452419&affid=111585&searchtype=ds&babsrc=lnkry&q={searchTerms} IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://feed.helperbar.com/?publisher=OC&dpid=OC&co=GB&userid=6ee4a01d-cedf-49a9-8595-102ab8452419&affid=111585&searchtype=ds&babsrc=lnkry&q={searchTerms} IE - HKCU\..\SearchScopes\{006ee092-9658-4fd6-bd8e-a21a348e59f5}: "URL" = http://feed.helperbar.com/?publisher=OC&dpid=OC&co=GB&userid=6ee4a01d-cedf-49a9-8595-102ab8452419&affid=111585&searchtype=ds&babsrc=lnkry&q={searchTerms} FF - prefs.js..extensions.enabledAddons: extension21810%40extension21810.com:0.91.49 FF - prefs.js..extensions.enabledAddons: webbooster%40iminent.com:6.13.4.1 FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\extensions\\webbooster@iminent.com: C:\Program Files\Iminent\webbooster@iminent.com [2013/04/04 16:29:43 | 000,000,000 | ---D | M] [2013/03/21 13:04:24 | 000,000,000 | ---D | M] ("Giant Savings Extension") -- C:\Documents and Settings\Laurie\Application Data\Mozilla\Firefox\Profiles\ai7um0uk.default\extensions\extension21810@extension21810.com [2013/03/21 13:04:22 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Laurie\Application Data\Mozilla\Firefox\Profiles\ai7um0uk.default\extensions\extension21810@extension21810.com\chrome [2013/03/21 13:04:22 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Laurie\Application Data\Mozilla\Firefox\Profiles\ai7um0uk.default\extensions\extension21810@extension21810.com\defaults [2013/03/21 13:04:21 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Laurie\Application Data\Mozilla\Firefox\Profiles\ai7um0uk.default\extensions\extension21810@extension21810.com\locale [2013/03/21 13:04:21 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Laurie\Application Data\Mozilla\Firefox\Profiles\ai7um0uk.default\extensions\extension21810@extension21810.com\skin [2013/03/21 13:04:22 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Laurie\Application Data\Mozilla\Firefox\Profiles\ai7um0uk.default\extensions\extension21810@extension21810.com\chrome\content\extensionCode [2013/04/04 16:29:43 | 000,000,000 | ---D | M] ("Iminent Minibar") -- C:\PROGRAM FILES\IMINENT\WEBBOOSTER@IMINENT.COM O2 - BHO: (Giant Savings Extension) - {11111111-1111-1111-1111-110211181110} - C:\Program Files\Giant Savings Extension\Giant Savings Extension.dll (215 Apps) O4 - HKLM..\Run: [Iminent] File not found O4 - HKLM..\Run: [IminentMessenger] File not found O4 - HKCU..\Run: [Updater21810.exe] C:\Documents and Settings\Laurie\Local Settings\Application Data\Updater21810\Updater21810.exe (215 Apps) O20 - AppInit_DLLs: (c:\docume~1\alluse~1\applic~1\browse~1\261095~1.5 2\{c16c1~1\browse~1.dll) - File not found @Alternate Data Stream - 144 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:373E1720 @Alternate Data Stream - 124 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:07BF512B @Alternate Data Stream - 119 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:5C321E34 @Alternate Data Stream - 108 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:61B310EE :files C:\Program Files\DomaIQ Uninstaller C:\Documents and Settings\Laurie\Application Data\Iminent C:\Documents and Settings\All Users\Application Data\Iminent C:\Documents and Settings\All Users\Start Menu\Programs\Iminent C:\Program Files\Common Files\Umbrella C:\Program Files\Iminent C:\Documents and Settings\Laurie\Local Settings\Application Data\Updater21810 C:\Program Files\Giant Savings Extension C:\Documents and Settings\All Users\Application Data\Babylon C:\Documents and Settings\All Users\Application Data\Iminent C:\Documents and Settings\All Users\Application Data\PC Optimizer Pro C:\Documents and Settings\All Users\Application Data\Tarma Installer C:\Documents and Settings\All Users\Application Data\SpeedMaxPc C:\Documents and Settings\Laurie\Application Data\Babylon C:\Documents and Settings\Laurie\Application Data\Iminent C:\Documents and Settings\Laurie\Application Data\OpenCandy C:\Documents and Settings\Laurie\Application Data\SpeedMaxPc C:\Documents and Settings\Laurie\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\halffneccaebicfdfajnbfgpglahfgoe C:\Documents and Settings\Laurie\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl :commands [CREATERESTOREPOINT] [EMPTYTEMP] - Then click the Run Fix button at the top.
- Click
. - OTL may ask to reboot the machine. Click OK & allow it to do so if asked.
- The report should appear in Notepad after the reboot.
- Copy and Paste that report in your next reply.
0
This discussion has been closed.
Confirm your email address to Create Threads and Reply
Categories
- All Categories
- 349.9K Banking & Borrowing
- 252.6K Reduce Debt & Boost Income
- 453K Spending & Discounts
- 242.8K Work, Benefits & Business
- 619.6K Mortgages, Homes & Bills
- 176.4K Life & Family
- 255.7K Travel & Transport
- 1.5M Hobbies & Leisure
- 16.1K Discuss & Feedback
- 15.1K Coronavirus Support Boards