Solved Very Slow Internet Browsing and Live Mail 2011 Error.

[Resolved] Very Slow Internet Browsing and Live Mail 2011 Error.

Hi,
I have a thread in the Microsoft Mail Section of this forum. I lost sleep mode on my computer with a blue screen error every time I tried to get it to enter sleep mode. This problem was due to Service Pack One for my Windows 7 64 bit and someone on the tech-support forum sorted this one out for me by supplying me with a Windows Hot-fix for it. It is an issue with SP1 apparently. It worked a treat.
I had another problem before this with our internet browsing whether I used Firefox or Internet Explorer, it suddenly has gone very slow to load any page. It used to be very fast and should be being an i7 computer with 6GB of Corsair Dominator 1600 MHz RAM. I am using the ASUS P6X58D-E Motherboard.
The other problem that also suddenly appeared was every time I open a mail from a friend from Facebook my Windows Live Mail finds an error and scans for a fix but has to close down. This happens with all of my friends mail from Facebook since 25th March 2011 until any present mail coming in. It is interesting to find that this does not happen if mail is sent externally to the same inbox or if it sent automatically from a Facebook application. I have recently been sent mail from Facebook friends that they are not aware they have sent but I have not clicked on the links in them. These are not the mails that are restarting my Live Maill now though. I thought I must have a virus/malware or root-kit etc?
I have scanned with avast, Spybot S & D and Malwarebytes over and over and it comes up with nothing but I still believe there is something in my system that I cannot pick up.
In my Event Viewer the error for the Windows Live restarting is listed every time as an unknown one. I have backed up all my folders in Windows Live, uninstalled it and reinstalled it, but it's still the same.
I even tried making a new account in Windows Live and it had 2 mails in it, the next day it was full of my mail in my other account somehow and acted in the same way.
I consulted the Microsoft Forum and found 6 others with the same Live Mail problem. I added my e-mail address to that list, but no feedback yet.
I have just done a Full System Scan with avast and have noticed that some files cannot be sanned now. I have included this report on the end of the reports you require. It was Miz from Microsfot Mail who recommended me to post here. Thank you.

Malwarebytes' Anti-Malware 1.50.1.1100
www.malwarebytes.org

Database version: 6199

Windows 6.1.7601 Service Pack 1
Internet Explorer 8.0.7601.17514

28/03/2011 22:30:43
mbam-log-2011-03-28 (22-30-43).txt

Scan type: Full scan (C:\|E:\|F:\|)
Objects scanned: 333522
Time elapsed: 25 minute(s), 36 second(s)

Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 0
Registry Values Infected: 0
Registry Data Items Infected: 0
Folders Infected: 0
Files Infected: 0

Memory Processes Infected:
(No malicious items detected)

Memory Modules Infected:
(No malicious items detected)

Registry Keys Infected:
(No malicious items detected)

Registry Values Infected:
(No malicious items detected)

Registry Data Items Infected:
(No malicious items detected)

Folders Infected:
(No malicious items detected)

Files Infected:
(No malicious items detected)

GMER 1.0.15.15570 - http://www.gmer.net
Rootkit scan 2011-03-28 22:47:15
Windows 6.1.7601 Service Pack 1
Running: ycxe7p06.exe


---- Files - GMER 1.0.15 ----

File C:\## aswSnx private storage 0 bytes
File C:\## aswSnx private storage\r66 0 bytes
File C:\## aswSnx private storage\snx_rhive 262144 bytes
File C:\## aswSnx private storage\snx_rhive.LOG1 21504 bytes
File C:\## aswSnx private storage\snx_rhive.LOG2 0 bytes
File C:\## aswSnx private storage\snx_rhive{2719ae79-5935-11e0-b51f-7071bc139ebc}.TM.blf 65536 bytes
File C:\## aswSnx private storage\snx_rhive{2719ae79-5935-11e0-b51f-7071bc139ebc}.TMContainer00000000000000000001.regtrans-ms 524288 bytes
File C:\## aswSnx private storage\snx_rhive{2719ae79-5935-11e0-b51f-7071bc139ebc}.TMContainer00000000000000000002.regtrans-ms 524288 bytes

---- EOF - GMER 1.0.15 ----

MBRCheck, version 1.2.3
(c) 2010, AD

Command-line:
Windows Version: Windows 7 Home Premium Edition
Windows Information: Service Pack 1 (build 7601), 64-bit
Base Board Manufacturer: ASUSTeK Computer INC.
BIOS Manufacturer: American Megatrends Inc.
System Manufacturer: System manufacturer
System Product Name: System Product Name
Logical Drives Mask: 0x0000003c

Kernel Drivers (total 202):
0x02E0D000 \SystemRoot\system32\ntoskrnl.exe
0x033F7000 \SystemRoot\system32\hal.dll
0x00BAB000 \SystemRoot\system32\kdcom.dll
0x00CF0000 \SystemRoot\system32\mcupdate_GenuineIntel.dll
0x00D3F000 \SystemRoot\system32\PSHED.dll
0x00D53000 \SystemRoot\system32\CLFS.SYS
0x00C00000 \SystemRoot\system32\CI.dll
0x00E00000 \SystemRoot\system32\drivers\Wdf01000.sys
0x00EA4000 \SystemRoot\system32\drivers\WDFLDR.SYS
0x00EB3000 \SystemRoot\system32\drivers\ACPI.sys
0x00F0A000 \SystemRoot\system32\drivers\WMILIB.SYS
0x00F13000 \SystemRoot\system32\drivers\msisadrv.sys
0x00F1D000 \SystemRoot\system32\drivers\pci.sys
0x00F50000 \SystemRoot\system32\drivers\vdrvroot.sys
0x00F5D000 \SystemRoot\System32\drivers\partmgr.sys
0x00F72000 \SystemRoot\system32\drivers\volmgr.sys
0x00F87000 \SystemRoot\System32\drivers\volmgrx.sys
0x00FE3000 \SystemRoot\system32\drivers\pciide.sys
0x00FEA000 \SystemRoot\system32\drivers\PCIIDEX.SYS
0x00CC0000 \SystemRoot\System32\drivers\mountmgr.sys
0x00CDA000 \SystemRoot\system32\drivers\atapi.sys
0x00DB1000 \SystemRoot\system32\drivers\ataport.SYS
0x010AF000 \SystemRoot\system32\DRIVERS\mv91xx.sys
0x0113B000 \SystemRoot\system32\DRIVERS\SCSIPORT.SYS
0x0116A000 \SystemRoot\system32\DRIVERS\mvxxmm.sys
0x01172000 \SystemRoot\system32\DRIVERS\msahci.sys
0x0117D000 \SystemRoot\system32\drivers\amdxata.sys
0x01188000 \SystemRoot\system32\drivers\fltmgr.sys
0x011D4000 \SystemRoot\system32\drivers\fileinfo.sys
0x011E8000 \SystemRoot\System32\Drivers\PxHlpa64.sys
0x01230000 \SystemRoot\System32\Drivers\Ntfs.sys
0x01000000 \SystemRoot\System32\Drivers\msrpc.sys
0x013D3000 \SystemRoot\System32\Drivers\ksecdd.sys
0x01403000 \SystemRoot\System32\Drivers\cng.sys
0x01475000 \SystemRoot\System32\drivers\pcw.sys
0x01486000 \SystemRoot\System32\Drivers\Fs_Rec.sys
0x01490000 \SystemRoot\system32\drivers\ndis.sys
0x01583000 \SystemRoot\system32\drivers\NETIO.SYS
0x01200000 \SystemRoot\System32\Drivers\ksecpkg.sys
0x0166A000 \SystemRoot\System32\drivers\tcpip.sys
0x0186E000 \SystemRoot\System32\drivers\fwpkclnt.sys
0x018B8000 \SystemRoot\system32\drivers\volsnap.sys
0x01904000 \SystemRoot\System32\Drivers\spldr.sys
0x0190C000 \SystemRoot\SysWOW64\speedfan.sys
0x01913000 \SystemRoot\System32\drivers\rdyboost.sys
0x0194D000 \SystemRoot\System32\Drivers\mup.sys
0x0195F000 \SystemRoot\System32\drivers\hwpolicy.sys
0x01968000 \SystemRoot\System32\DRIVERS\fvevol.sys
0x019A2000 \SystemRoot\system32\DRIVERS\disk.sys
0x019B8000 \SystemRoot\system32\DRIVERS\CLASSPNP.SYS
0x03D80000 \SystemRoot\System32\Drivers\dump_mvxxmm.sys
0x03D9B000 \SystemRoot\system32\DRIVERS\cdrom.sys
0x03C00000 \SystemRoot\System32\Drivers\aswSnx.SYS
0x03C80000 \SystemRoot\System32\Drivers\Null.SYS
0x03C89000 \SystemRoot\System32\Drivers\Beep.SYS
0x03C90000 \SystemRoot\System32\drivers\vga.sys
0x03C9E000 \SystemRoot\System32\drivers\VIDEOPRT.SYS
0x03CC3000 \SystemRoot\System32\drivers\watchdog.sys
0x03CD3000 \SystemRoot\System32\DRIVERS\RDPCDD.sys
0x03CDC000 \SystemRoot\system32\drivers\rdpencdd.sys
0x03CE5000 \SystemRoot\system32\drivers\rdprefmp.sys
0x03DC5000 \SystemRoot\System32\Drivers\Msfs.SYS
0x03DD0000 \SystemRoot\System32\Drivers\Npfs.SYS
0x01600000 \SystemRoot\system32\DRIVERS\tdx.sys
0x03DE1000 \SystemRoot\system32\DRIVERS\TDI.SYS
0x03DEE000 \SystemRoot\System32\Drivers\aswTdi.SYS
0x03ED9000 \SystemRoot\system32\drivers\afd.sys
0x03F62000 \SystemRoot\System32\Drivers\aswRdr.SYS
0x03F6C000 \SystemRoot\System32\DRIVERS\netbt.sys
0x03E00000 \SystemRoot\system32\DRIVERS\vsdatant.sys
0x03E95000 \SystemRoot\system32\DRIVERS\wfplwf.sys
0x03E9E000 \SystemRoot\system32\DRIVERS\pacer.sys
0x03EC4000 \SystemRoot\system32\DRIVERS\vpcnfltr.sys
0x03FB1000 \SystemRoot\system32\DRIVERS\netbios.sys
0x03FC0000 \SystemRoot\system32\DRIVERS\wanarp.sys
0x04413000 \SystemRoot\system32\drivers\vpcvmm.sys
0x0446A000 \SystemRoot\system32\drivers\termdd.sys
0x0447E000 \SystemRoot\system32\DRIVERS\rdbss.sys
0x044CF000 \SystemRoot\system32\drivers\nsiproxy.sys
0x044DB000 \SystemRoot\system32\drivers\mssmbios.sys
0x044E6000 \SystemRoot\system32\DRIVERS\EIO64.sys
0x044EF000 \SystemRoot\System32\drivers\discache.sys
0x044FE000 \SystemRoot\System32\Drivers\dfsc.sys
0x0451C000 \SystemRoot\system32\DRIVERS\blbdrive.sys
0x0452D000 \SystemRoot\System32\Drivers\aswSP.SYS
0x04578000 \SystemRoot\SysWow64\drivers\AsIO.sys
0x0457E000 \SystemRoot\system32\DRIVERS\tunnel.sys
0x045A4000 \SystemRoot\system32\DRIVERS\intelppm.sys
0x045BA000 \SystemRoot\system32\DRIVERS\nusb3xhc.sys
0x045EA000 \SystemRoot\system32\DRIVERS\USBD.SYS
0x045EC000 \SystemRoot\system32\drivers\ATKDispLowFilter.sys
0x02CA7000 \SystemRoot\System32\drivers\dxgkrnl.sys
0x02D9B000 \SystemRoot\System32\drivers\dxgmms1.sys
0x02C00000 \SystemRoot\system32\DRIVERS\atikmpag.sys
0x04AB0000 \SystemRoot\system32\DRIVERS\atikmdag.sys
0x053AC000 \SystemRoot\system32\drivers\HDAudBus.sys
0x053D0000 \SystemRoot\system32\DRIVERS\usbuhci.sys
0x04A00000 \SystemRoot\system32\DRIVERS\USBPORT.SYS
0x04A56000 \SystemRoot\system32\DRIVERS\usbehci.sys
0x0566E000 \SystemRoot\system32\DRIVERS\yk62x64.sys
0x056D1000 \SystemRoot\system32\drivers\1394ohci.sys
0x0570F000 \SystemRoot\system32\DRIVERS\ASACPI.sys
0x05717000 \SystemRoot\system32\drivers\i8042prt.sys
0x05735000 \SystemRoot\system32\drivers\kbdclass.sys
0x05744000 \SystemRoot\system32\DRIVERS\GEARAspiWDM.sys
0x05751000 \SystemRoot\system32\drivers\wmiacpi.sys
0x0575A000 \SystemRoot\system32\drivers\CompositeBus.sys
0x0576A000 \SystemRoot\system32\drivers\asusgsb.sys
0x0576F000 \SystemRoot\system32\drivers\ks.sys
0x057B2000 \SystemRoot\system32\drivers\ksthunk.sys
0x057B8000 \SystemRoot\system32\DRIVERS\AgileVpn.sys
0x057CE000 \SystemRoot\system32\DRIVERS\rasl2tp.sys
0x057F2000 \SystemRoot\system32\DRIVERS\ndistapi.sys
0x05600000 \SystemRoot\system32\DRIVERS\ndiswan.sys
0x0562F000 \SystemRoot\system32\DRIVERS\raspppoe.sys
0x0564A000 \SystemRoot\system32\DRIVERS\raspptp.sys
0x04A67000 \SystemRoot\system32\DRIVERS\rassstp.sys
0x04A81000 \SystemRoot\system32\drivers\mouclass.sys
0x0566B000 \SystemRoot\system32\drivers\swenum.sys
0x04A90000 \SystemRoot\system32\drivers\umbus.sys
0x053DD000 \SystemRoot\system32\DRIVERS\vpcusb.sys
0x02C4E000 \SystemRoot\system32\DRIVERS\usbrpm.sys
0x02C5D000 \SystemRoot\system32\DRIVERS\vpchbus.sys
0x02DE1000 \SystemRoot\system32\DRIVERS\nusb3hub.sys
0x05CC4000 \SystemRoot\system32\drivers\usbhub.sys
0x05D1E000 \SystemRoot\System32\Drivers\NDProxy.SYS
0x05D33000 \SystemRoot\system32\drivers\AtihdW76.sys
0x05D53000 \SystemRoot\system32\drivers\portcls.sys
0x05D90000 \SystemRoot\system32\drivers\drmk.sys
0x06A0C000 \SystemRoot\system32\drivers\RTKVHD64.sys
0x00050000 \SystemRoot\System32\win32k.sys
0x06C33000 \SystemRoot\System32\drivers\Dxapi.sys
0x06C3F000 \SystemRoot\System32\Drivers\crashdmp.sys
0x06C4D000 \SystemRoot\System32\Drivers\dump_diskdump.sys
0x06C57000 \SystemRoot\System32\Drivers\dump_mv91xx.sys
0x06CE3000 \SystemRoot\System32\Drivers\dump_dumpfve.sys
0x06CF6000 \SystemRoot\system32\DRIVERS\monitor.sys
0x00540000 \SystemRoot\System32\TSDDD.dll
0x006D0000 \SystemRoot\System32\cdd.dll
0x06D04000 \SystemRoot\system32\drivers\hidusb.sys
0x06D12000 \SystemRoot\system32\drivers\HIDCLASS.SYS
0x06D2B000 \SystemRoot\system32\drivers\HIDPARSE.SYS
0x06D34000 \SystemRoot\system32\DRIVERS\mouhid.sys
0x06D41000 \SystemRoot\system32\drivers\luafv.sys
0x06D64000 \??\C:\Windows\system32\drivers\aswMonFlt.sys
0x06D9E000 \SystemRoot\System32\Drivers\aswFsBlk.SYS
0x06DA7000 \SystemRoot\system32\drivers\WudfPf.sys
0x06DC8000 \SystemRoot\system32\DRIVERS\lltdio.sys
0x06DDD000 \SystemRoot\system32\DRIVERS\rspndr.sys
0x06A00000 \??\C:\Program Files\CheckPoint\ZAForceField\ISWKL.sys
0x06864000 \SystemRoot\system32\drivers\HTTP.sys
0x0692D000 \SystemRoot\system32\DRIVERS\bowser.sys
0x0694B000 \SystemRoot\System32\drivers\mpsdrv.sys
0x06963000 \SystemRoot\system32\DRIVERS\mrxsmb.sys
0x06990000 \SystemRoot\system32\DRIVERS\mrxsmb10.sys
0x06800000 \SystemRoot\system32\DRIVERS\mrxsmb20.sys
0x05C00000 \SystemRoot\system32\drivers\peauth.sys
0x06824000 \SystemRoot\System32\Drivers\secdrv.SYS
0x0682F000 \SystemRoot\System32\DRIVERS\srvnet.sys
0x069DD000 \SystemRoot\System32\drivers\tcpipreg.sys
0x03CEE000 \SystemRoot\System32\DRIVERS\srv2.sys
0x080DF000 \SystemRoot\System32\DRIVERS\srv.sys
0x081E9000 \SystemRoot\system32\DRIVERS\asyncmac.sys
0x77BC0000 \Windows\System32\ntdll.dll
0x48270000 \Windows\System32\smss.exe
0xFFEE0000 \Windows\System32\apisetschema.dll
0xFFD20000 \Windows\System32\autochk.exe
0x77D90000 \Windows\System32\psapi.dll
0xFFE70000 \Windows\System32\Wldap32.dll
0xFFE50000 \Windows\System32\imagehlp.dll
0xFFDD0000 \Windows\System32\difxapi.dll
0x77D80000 \Windows\System32\normaliz.dll
0x77AA0000 \Windows\System32\kernel32.dll
0xFFD50000 \Windows\System32\shlwapi.dll
0xFEFC0000 \Windows\System32\shell32.dll
0xFEFA0000 \Windows\System32\sechost.dll
0xFEF90000 \Windows\System32\lpk.dll
0x779A0000 \Windows\System32\user32.dll
0xFEF80000 \Windows\System32\nsi.dll
0xFEEB0000 \Windows\System32\usp10.dll
0xFEDD0000 \Windows\System32\advapi32.dll
0xFEBC0000 \Windows\System32\ole32.dll
0xFEA40000 \Windows\System32\urlmon.dll
0xFE9D0000 \Windows\System32\gdi32.dll
0xFE770000 \Windows\System32\iertutil.dll
0xFE6D0000 \Windows\System32\comdlg32.dll
0xFE4F0000 \Windows\System32\setupapi.dll
0xFE4C0000 \Windows\System32\imm32.dll
0xFE420000 \Windows\System32\msvcrt.dll
0xFE340000 \Windows\System32\oleaut32.dll
0xFE2F0000 \Windows\System32\ws2_32.dll
0xFE1C0000 \Windows\System32\wininet.dll
0xFE090000 \Windows\System32\rpcrt4.dll
0xFDFF0000 \Windows\System32\clbcatq.dll
0xFDEE0000 \Windows\System32\msctf.dll
0xFDEC0000 \Windows\System32\devobj.dll
0xFDE50000 \Windows\System32\KernelBase.dll
0xFDCE0000 \Windows\System32\crypt32.dll
0xFDCA0000 \Windows\System32\wintrust.dll
0xFDC60000 \Windows\System32\cfgmgr32.dll
0xFDBC0000 \Windows\System32\comctl32.dll
0xFDBB0000 \Windows\System32\msasn1.dll

Processes (total 65):
0 System Idle Process
4 System
364 C:\Windows\System32\smss.exe
508 csrss.exe
580 C:\Windows\System32\wininit.exe
600 csrss.exe
636 C:\Windows\System32\services.exe
656 C:\Windows\System32\lsass.exe
664 C:\Windows\System32\lsm.exe
784 C:\Windows\System32\winlogon.exe
816 C:\Windows\System32\svchost.exe
896 C:\Windows\System32\ATKFUSService.exe
932 C:\Windows\System32\svchost.exe
996 C:\Windows\System32\atiesrxx.exe
284 C:\Windows\System32\svchost.exe
520 C:\Windows\System32\svchost.exe
604 C:\Windows\System32\svchost.exe
1100 C:\Windows\System32\svchost.exe
1184 C:\Windows\System32\svchost.exe
1328 C:\Windows\System32\atieclxx.exe
1616 C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
1644 C:\Program Files\CheckPoint\ZAForceField\ISWSVC.exe
2040 C:\Windows\System32\spoolsv.exe
1148 C:\Windows\System32\svchost.exe
1232 C:\Program Files (x86)\Adobe\Photoshop Elements 7.0\PhotoshopElementsFileAgent.exe
1212 C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
2164 C:\Windows\SysWOW64\ASDR.exe
2184 C:\Program Files (x86)\ASUS\AsSysCtrlService\1.00.03\AsSysCtrlService.exe
2208 C:\Program Files (x86)\DeviceVM\Browser Configuration Utility\BCUService.exe
2232 C:\Windows\System32\svchost.exe
2256 C:\Windows\SysWOW64\svchost.exe
2284 C:\PROGRA~2\McAfee\SITEAD~1\mcsacore.exe
2312 C:\Windows\System32\svchost.exe
2344 C:\Program Files (x86)\CDBurnerXP\NMSAccessU.exe
2420 C:\Windows\System32\svchost.exe
2440 C:\Windows\System32\svchost.exe
2488 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
2572 C:\Windows\System32\rundll32.exe
2580 C:\Windows\SysWOW64\rundll32.exe
2672 C:\Program Files (x86)\Spybot - Search & Destroy\SDWinSec.exe
2748 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
3116 C:\Windows\System32\svchost.exe
3376 C:\Windows\System32\taskhost.exe
3436 C:\Windows\System32\dwm.exe
3460 C:\Windows\explorer.exe
3748 C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
3760 C:\Program Files\Windows Sidebar\sidebar.exe
4016 C:\Program Files\Alwil Software\Avast5\AvastUI.exe
3680 C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
3696 C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
3840 C:\Program Files\iPod\bin\iPodService.exe
4144 C:\Program Files\ASUS\GamerOSD\ATKFastUserSwitching.exe
4304 C:\Windows\System32\SearchIndexer.exe
4456 C:\Program Files\Windows Media Player\wmpnetwk.exe
4968 C:\Windows\System32\svchost.exe
4052 C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
5564 dllhost.exe
4676 C:\Windows\System32\svchost.exe
5552 C:\Program Files (x86)\Microsoft Office\Office12\OUTLOOK.EXE
5812 C:\Program Files (x86)\Mozilla Firefox\firefox.exe
7708 C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe
5308 C:\Windows\System32\audiodg.exe
7524 C:\Users\Nigel\Downloads\MBRCheck.exe
6644 C:\Windows\System32\conhost.exe
6580 C:\Windows\System32\dllhost.exe

\\.\C: --> \\.\PhysicalDrive1 at offset 0x00000000`06500000 (NTFS)
\\.\E: --> \\.\PhysicalDrive0 at offset 0x00000000`00100000 (NTFS)
\\.\F: --> \\.\PhysicalDrive0 at offset 0x00000030`d4100000 (NTFS)

PhysicalDrive1 Model Number: WDCWD6402AAEX-00Z3A0, Rev: 05.01D05
PhysicalDrive0 Model Number: WDCWD1002FAEX-00Z3A0, Rev: 05.01D05

Size Device Name MBR Status
--------------------------------------------
596 GB \\.\PhysicalDrive1

.
DDS (Ver_11-03-05.01) - NTFS_AMD64
Run by Nigel at 12:59:31.86 on 29/03/2011
Internet Explorer: 8.0.7601.17514
Microsoft Windows 7 Home Premium 6.1.7601.1.1252.44.1033.18.6135.3709 [GMT 1:00]
.
AV: avast! Antivirus *Enabled/Updated* {2B2D1395-420B-D5C9-657E-930FE358FC3C}
SP: avast! Antivirus *Enabled/Updated* {904CF271-6431-DA47-5FCE-A87D98DFB681}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
FW: ZoneAlarm Firewall *Enabled* {D17DF357-CFF5-F001-D1C1-FCD21DFE3D5E}
.
============== Running Processes ===============
.
C:\Windows\system32\wininit.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\ATKFUSService.exe
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\system32\atiesrxx.exe
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\system32\atieclxx.exe
C:\Windows\SysWOW64\ZoneLabs\vsmon.exe
C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
C:\Program Files\CheckPoint\ZAForceField\IswSvc.exe
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Program Files (x86)\Adobe\Photoshop Elements 7.0\PhotoshopElementsFileAgent.exe
C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
C:\Windows\SysWOW64\ASDR.exe
C:\Program Files (x86)\ASUS\AsSysCtrlService\1.00.03\AsSysCtrlService.exe
C:\Program Files (x86)\DeviceVM\Browser Configuration Utility\BCUService.exe
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Windows\SysWOW64\svchost.exe -k hpdevmgmt
c:\PROGRA~2\mcafee\SITEAD~1\mcsacore.exe
C:\Windows\System32\svchost.exe -k HPZ12
C:\Program Files (x86)\CDBurnerXP\NMSAccessU.exe
C:\Windows\system32\rundll32.exe
C:\Windows\System32\svchost.exe -k HPZ12
C:\Windows\SysWOW64\rundll32.exe
C:\Windows\system32\svchost.exe -k imgsvc
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
C:\Program Files (x86)\Spybot - Search & Destroy\SDWinSec.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
C:\Windows\system32\taskhost.exe
C:\Program Files\ASUS\GamerOSD\ATKFastUserSwitching.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Windows\system32\taskeng.exe
C:\Program Files (x86)\ASUS\EPU-6 Engine\SixEngine.exe
C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
C:\Program Files (x86)\ASUS\SmartDoctor\SmartDoctor.exe
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Program Files (x86)\Spybot - Search & Destroy\TeaTimer.exe
C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe
C:\Program Files (x86)\McAfee Security Scan\2.0.181\SSScheduler.exe
C:\Program Files (x86)\Common Files\Nikon\Monitor\NkMonitor.exe
C:\Program Files (x86)\NEC Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe
C:\Program Files (x86)\DeviceVM\Browser Configuration Utility\BCU.exe
C:\Program Files\Alwil Software\Avast5\AvastUI.exe
C:\Program Files (x86)\ASUS\AI Suite\QFan3\QFanHelp.exe
C:\Program Files (x86)\ASUS\TurboV\TurboV.exe
C:\Program Files (x86)\ASUS\GamerOSD\GamerOSD.exe
C:\Program Files (x86)\Zone Labs\ZoneAlarm\zlclient.exe
C:\Windows\system32\SearchIndexer.exe
C:\Program Files (x86)\iTunes\iTunesHelper.exe
C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\Windows\System32\svchost.exe -k LocalServicePeerNet
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files (x86)\HP\Digital Imaging\bin\hpqSTE08.exe
C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
C:\Program Files (x86)\HP\Digital Imaging\bin\hpqbam08.exe
C:\Program Files (x86)\HP\Digital Imaging\bin\hpqgpc01.exe
C:\Windows\system32\DllHost.exe
C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
C:\Windows\system32\svchost.exe -k SDRSVC
C:\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\Program Files (x86)\Microsoft Office\Office12\OUTLOOK.EXE
C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe
C:\Users\Nigel\Downloads\dds.scr
C:\Windows\system32\conhost.exe
C:\Windows\system32\wbem\wmiprvse.exe
.
============== Pseudo HJT Report ===============
.
uStart Page = hxxp://www.talktalk.co.uk/
uURLSearchHooks: SearchHook Class: {bc86e1ab-eda5-4059-938f-ce307b0c6f0a} - C:\Program Files (x86)\DeviceVM\Browser Configuration Utility\AddressBarSearch.dll
uURLSearchHooks: McAfee SiteAdvisor Toolbar: {0ebbbe48-bad4-4b4c-8e5a-516abecae064} - c:\PROGRA~2\mcafee\SITEAD~1\mcieplg.dll
mWinlogon: Userinit=userinit.exe
BHO: HP Print Enhancer: {0347c33e-8762-4905-bf09-768834316c61} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll
BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
BHO: Spybot-S&D IE Protection: {53707962-6f74-2d53-2644-206d7942484f} - C:\PROGRA~2\SPYBOT~1\SDHelper.dll
BHO: Groove GFS Browser Helper: {72853161-30c5-4d22-b7f9-0bbc1d38a37e} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll
BHO: avast! WebRep: {8e5e2654-ad2d-48bf-ac2d-d17f00898d06} - C:\Program Files\Alwil Software\Avast5\aswWebRepIE.dll
BHO: Windows Live ID Sign-in Helper: {9030d464-4c02-4abf-8ecc-5164760863c6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
BHO: McAfee SiteAdvisor BHO: {b164e929-a1b6-4a06-b104-2cd0e90a88ff} - c:\PROGRA~2\mcafee\SITEAD~1\mcieplg.dll
BHO: HP Smart BHO Class: {ffffffff-cf4e-4f2b-bdc2-0e72e116a856} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll
TB: McAfee SiteAdvisor Toolbar: {0ebbbe48-bad4-4b4c-8e5a-516abecae064} - c:\PROGRA~2\mcafee\SITEAD~1\mcieplg.dll
TB: avast! WebRep: {8e5e2654-ad2d-48bf-ac2d-d17f00898d06} - C:\Program Files\Alwil Software\Avast5\aswWebRepIE.dll
TB: {D4027C7F-154A-4066-A1AD-4243D8127440} - No File
EB: HP Smart Web Printing: {555d4d79-4bd2-4094-a395-cfc534424a05} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_bho.dll
uRun: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
uRun: [SpybotSD TeaTimer] C:\Program Files (x86)\Spybot - Search & Destroy\TeaTimer.exe
mRun: [NUSB3MON] "C:\Program Files (x86)\NEC Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe "
mRun: [BCU] "C:\Program Files (x86)\DeviceVM\Browser Configuration Utility\BCU.exe "
mRun: [GrooveMonitor] "C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe "
mRun: [avast5] "C:\Program Files\Alwil Software\Avast5\avastUI.exe" /nogui
mRun: [ATICustomerCare] "C:\Program Files (x86)\ATI\ATICustomerCare\ATICustomerCare.exe "
mRun: [hpqSRMon] C:\Program Files (x86)\HP\Digital Imaging\bin\hpqSRMon.exe
mRun: [Nikon Transfer Monitor] C:\Program Files (x86)\Common Files\Nikon\Monitor\NkMonitor.exe
mRun: [QFan Help] "C:\Program Files (x86)\ASUS\AI Suite\QFan3\QFanHelp.exe "
mRun: [Cpu Level Up help] "C:\Program Files (x86)\ASUS\AI Suite\CpuLevelUpHelp.exe "
mRun: [TurboV] "C:\Program Files (x86)\ASUS\TurboV\TurboV.exe" -b
mRun: [ASUSGamerOSD] C:\Program Files (x86)\ASUS\GamerOSD\GamerOSD.exe
mRun: [Adobe Reader Speed Launcher] "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe "
mRun: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe "
mRun: [ZoneAlarm Client] "C:\Program Files (x86)\Zone Labs\ZoneAlarm\zlclient.exe "
mRun: [AppleSyncNotifier] C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleSyncNotifier.exe
mRun: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe "
mRun: [StartCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
StartupFolder: C:\Users\Nigel\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\Startup\NIKONM~1.LNK - C:\Program Files (x86)\Common Files\Nikon\Monitor\NkMonitor.exe
StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\HPDIGI~1.LNK - C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe
StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\MCAFEE~1.LNK - C:\Program Files (x86)\McAfee Security Scan\2.0.181\SSScheduler.exe
mPolicies-explorer: NoActiveDesktop = 1 (0x1)
mPolicies-explorer: NoActiveDesktopChanges = 1 (0x1)
mPolicies-system: ConsentPromptBehaviorAdmin = 5 (0x5)
mPolicies-system: ConsentPromptBehaviorUser = 3 (0x3)
mPolicies-system: EnableUIADesktopToggle = 0 (0x0)
IE: E&xport to Microsoft Excel - C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000
IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll
IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - C:\PROGRA~2\MICROS~1\Office12\REFIEBAR.DLL
IE: {DDE87865-83C5-48c4-8357-2F5B1AA84522} - {DDE87865-83C5-48c4-8357-2F5B1AA84522} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll
IE: {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~2\SPYBOT~1\SDHelper.dll
Handler: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\PROGRA~2\McAfee\SITEAD~1\McIEPlg.dll
Handler: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveSystemServices.dll
Handler: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\PROGRA~2\McAfee\SITEAD~1\McIEPlg.dll
Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
SEH: Groove GFS Stub Execution Hook: {b5a7f190-dda6-4420-b3ba-52453494e6cd} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll
BHO-X64: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
BHO-X64: McAfee SiteAdvisor BHO: {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - c:\PROGRA~2\mcafee\SITEAD~1\x64\mcieplg.dll
BHO-X64: Java(tm) Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
TB-X64: McAfee SiteAdvisor Toolbar: {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\PROGRA~2\mcafee\SITEAD~1\x64\mcieplg.dll
TB-X64: {D4027C7F-154A-4066-A1AD-4243D8127440} - No File
EB-X64: {555D4D79-4BD2-4094-A395-CFC534424A05} - No File
mRun-x64: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe -s
.
================= FIREFOX ===================
.
FF - ProfilePath - C:\Users\Nigel\AppData\Roaming\Mozilla\Firefox\Profiles\9g07cv7l.default\
FF - prefs.js: browser.search.selectedEngine - Google
FF - prefs.js: browser.startup.homepage - hxxp://en-US.start3.mozilla.com/firefox?client=firefox-a&rls=org.mozilla:en-USfficial
FF - prefs.js: keyword.URL - hxxp://uk.search.yahoo.com/search?fr=mcafee&p=
FF - component: C:\Program Files (x86)\McAfee\SiteAdvisor\components\McFFPlg.dll
FF - plugin: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll
FF - plugin: C:\Users\Nigel\AppData\Roaming\Facebook\npfbplugin_1_0_3.dll
FF - plugin: C:\Users\Nigel\AppData\Roaming\Mozilla\Firefox\Profiles\9g07cv7l.default\extensions\{E2883E8F-472F-4fb0-9522-AC9BF37916A7}\plugins\np_gp.dll
FF - plugin: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll
FF - Ext: Default: {972ce4c6-7e08-4474-a285-3208198ce6fd} - C:\Program Files (x86)\Mozilla Firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
FF - Ext: McAfee SiteAdvisor: {B7082FAA-CB62-4872-9106-E42DD88EDE45} - C:\Program Files (x86)\McAfee\SiteAdvisor
FF - Ext: Adobe DLM (powered by getPlus(R)): {E2883E8F-472F-4fb0-9522-AC9BF37916A7} - %profile%\extensions\{E2883E8F-472F-4fb0-9522-AC9BF37916A7}
.
---- FIREFOX POLICIES ----
FF - user.js: yahoo.ytff.general.dontshowhpoffer - true
============= SERVICES / DRIVERS ===============
.
R0 mv91xx;mv91xx;C:\Windows\System32\drivers\mv91xx.sys [2009-12-25 297512]
R0 PxHlpa64;PxHlpa64;C:\Windows\System32\drivers\PxHlpa64.sys [2010-9-21 52856]
R1 aswSnx;aswSnx;C:\Windows\System32\drivers\aswSnx.sys [2011-3-6 505176]
R1 aswSP;aswSP;C:\Windows\System32\drivers\aswSP.sys [2010-6-9 280408]
R1 EIO64;EIO Driver;C:\Windows\System32\drivers\EIO64.sys [2010-7-20 16384]
R2 AdobeActiveFileMonitor7.0;Adobe Active File Monitor V7;C:\Program Files (x86)\Adobe\Photoshop Elements 7.0\PhotoshopElementsFileAgent.exe [2008-9-16 169312]
R2 AMD External Events Utility;AMD External Events Utility;C:\Windows\System32\atiesrxx.exe [2010-5-27 203776]
R2 AsSysCtrlService;ASUS System Control Service;C:\Program Files (x86)\ASUS\AsSysCtrlService\1.00.03\AsSysCtrlService.exe [2010-6-9 90112]
R2 aswFsBlk;aswFsBlk;C:\Windows\System32\drivers\aswFsBlk.sys [2010-6-9 22360]
R2 aswMonFlt;aswMonFlt;C:\Windows\System32\drivers\aswMonFlt.sys [2010-6-9 64344]
R2 avast! Antivirus;avast! Antivirus;C:\Program Files\Alwil Software\Avast5\AvastSvc.exe [2011-3-6 42184]
R2 BCUService;Browser Configuration Utility Service;C:\Program Files (x86)\DeviceVM\Browser Configuration Utility\BCUService.exe [2009-10-26 223464]
R2 ISWKL;ZoneAlarm Toolbar ISWKL;C:\Program Files\CheckPoint\ZAForceField\ISWKL.sys [2010-9-2 33528]
R2 IswSvc;ZoneAlarm Toolbar IswSvc;C:\Program Files\CheckPoint\ZAForceField\ISWSVC.exe [2010-9-2 823288]
R2 McAfee SiteAdvisor Service;McAfee SiteAdvisor Service;C:\PROGRA~2\mcafee\SITEAD~1\mcsacore.exe [2011-3-16 101048]
R2 SBSDWSCService;SBSD Security Center Service;C:\Program Files (x86)\Spybot - Search & Destroy\SDWinSec.exe [2010-6-9 1153368]
R3 amdkmdag;amdkmdag;C:\Windows\System32\drivers\atikmdag.sys [2011-1-27 9085952]
R3 amdkmdap;amdkmdap;C:\Windows\System32\drivers\atikmpag.sys [2011-1-26 299520]
R3 AtiHDAudioService;ATI Function Driver for HD Audio Service;C:\Windows\System32\drivers\AtihdW76.sys [2010-11-17 115216]
R3 nusb3hub;NEC Electronics USB 3.0 Hub Driver;C:\Windows\System32\drivers\nusb3hub.sys [2010-1-22 77824]
R3 nusb3xhc;NEC Electronics USB 3.0 Host Controller Driver;C:\Windows\System32\drivers\nusb3xhc.sys [2010-1-22 180224]
R3 yukonw7;NDIS6.2 Miniport Driver for Marvell Yukon Ethernet Controller;C:\Windows\System32\drivers\yk62x64.sys [2010-9-15 394528]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-3-18 138576]
S3 McComponentHostService;McAfee Security Scan Component Host Service;C:\Program Files (x86)\McAfee Security Scan\2.0.181\McCHSvc.exe [2010-1-15 227232]
S3 TsUsbFlt;TsUsbFlt;C:\Windows\System32\drivers\TsUsbFlt.sys [2011-3-3 59392]
S3 USBAAPL64;Apple Mobile USB Driver;C:\Windows\System32\drivers\usbaapl64.sys [2010-9-28 51712]
S3 WatAdminSvc;Windows Activation Technologies Service;C:\Windows\System32\Wat\WatAdminSvc.exe [2010-6-18 1255736]
.
=============== Created Last 30 ================
.
2011-03-29 07:48:57 -------- d-----w- C:\Users\Nigel\AppData\Local\{9FC4554F-7511-4F86-8102-E3AA3437C847}
2011-03-28 12:18:19 -------- d-----w- C:\Users\Nigel\AppData\Local\{EA12B464-4C07-48C5-A7C7-BEC79CB9A571}
2011-03-28 12:17:32 -------- d-----w- C:\Users\Nigel\AppData\Local\{5D9093B1-AD34-4E88-BE08-983A444C66BC}
2011-03-27 12:18:22 -------- d-----w- C:\Users\Nigel\AppData\Local\{8CD35F94-BAB8-4E1A-8CE9-05A235AE542F}
2011-03-26 21:39:32 -------- d-----w- C:\Users\Nigel\AppData\Local\{277E537C-7AAB-46C8-8F5C-40C067488816}
2011-03-26 21:34:40 -------- d-----w- C:\Windows\en
2011-03-22 17:24:00 27520 ----a-w- C:\Windows\System32\drivers\Diskdump.sys
2011-03-22 08:08:44 7947600 ----a-w- C:\PROGRA~3\Microsoft\Windows Defender\Definition Updates\{BCC57244-B7C2-4585-A400-880204E59EEE}\mpengine.dll
2011-03-20 21:24:52 -------- d-----w- C:\Users\Nigel\AppData\Roaming\Malwarebytes
2011-03-20 21:24:45 38224 ----a-w- C:\Windows\SysWow64\drivers\mbamswissarmy.sys
2011-03-20 21:24:45 -------- d-----w- C:\PROGRA~3\Malwarebytes
2011-03-20 21:24:42 24152 ----a-w- C:\Windows\System32\drivers\mbam.sys
2011-03-20 21:24:42 -------- d-----w- C:\Program Files (x86)\Malwarebytes' Anti-Malware
2011-03-20 11:08:27 -------- d-----w- C:\Program Files (x86)\ATI Stream
2011-03-12 20:41:16 -------- d-----w- C:\Program Files\iTunes
2011-03-12 20:41:16 -------- d-----w- C:\Program Files\iPod
2011-03-12 12:28:40 103864 ----a-w- C:\Program Files (x86)\Mozilla Firefox\plugins\nppdf32.dll
2011-03-12 12:28:40 103864 ----a-w- C:\Program Files (x86)\Internet Explorer\Plugins\nppdf32.dll
2011-03-06 20:00:26 505176 ----a-w- C:\Windows\System32\drivers\aswSnx.sys
2011-03-03 22:31:14 -------- d-----w- C:\Windows\System32\SPReview
2011-03-03 22:30:23 -------- d-----w- C:\Windows\System32\EventProviders
2011-03-03 22:27:59 95232 ----a-w- C:\Windows\System32\regapi.dll
2011-03-03 22:26:54 209920 ----a-w- C:\Windows\SysWow64\PkgMgr.exe
2011-03-03 22:26:54 189952 ----a-w- C:\Windows\SysWow64\wdscore.dll
2011-03-03 22:26:49 323072 ----a-w- C:\Windows\SysWow64\drvstore.dll
2011-03-03 22:26:49 257024 ----a-w- C:\Windows\SysWow64\dpx.dll
2011-03-03 22:26:47 606208 ----a-w- C:\Windows\SysWow64\wbem\fastprox.dll
2011-03-03 22:26:47 363008 ----a-w- C:\Windows\SysWow64\wbemcomn.dll
2011-03-03 22:25:33 529408 ----a-w- C:\Windows\System32\wbemcomn.dll
2011-03-03 22:25:33 524288 ----a-w- C:\Windows\System32\wmicmiplugin.dll
2011-03-03 22:25:33 1225216 ----a-w- C:\Windows\System32\wbem\wbemcore.dll
2011-03-03 22:25:30 933376 ----a-w- C:\Windows\System32\SmiEngine.dll
2011-03-03 22:25:27 199168 ----a-w- C:\Windows\System32\PkgMgr.exe
2011-03-03 22:25:13 422912 ----a-w- C:\Windows\System32\drvstore.dll
2011-03-03 22:25:13 399872 ----a-w- C:\Windows\System32\dpx.dll
2011-03-03 22:10:55 197120 ----a-w- C:\Windows\System32\d3d10_1.dll
2011-03-03 22:10:55 161792 ----a-w- C:\Windows\SysWow64\d3d10_1.dll
.
==================== Find3M ====================
.
2011-03-03 22:34:08 152576 ----a-w- C:\Windows\SysWow64\msclmd.dll
2011-03-03 22:34:07 175616 ----a-w- C:\Windows\System32\msclmd.dll
2011-02-23 15:04:21 40648 ----a-w- C:\Windows\avastSS.scr
2011-02-23 14:55:05 64344 ----a-w- C:\Windows\System32\drivers\aswMonFlt.sys
2011-02-19 12:05:15 1139200 ----a-w- C:\Windows\System32\FntCache.dll
2011-02-19 12:04:37 1544192 ----a-w- C:\Windows\System32\DWrite.dll
2011-02-19 12:04:17 902656 ----a-w- C:\Windows\System32\d2d1.dll
2011-02-19 06:30:51 1076736 ----a-w- C:\Windows\SysWow64\DWrite.dll
2011-02-19 06:30:50 739840 ----a-w- C:\Windows\SysWow64\d2d1.dll
2011-02-08 20:12:25 505632 ----a-w- C:\Windows\System32\yk62x64.dll
2011-02-08 20:12:25 394528 ----a-w- C:\Windows\System32\drivers\yk62x64.sys
2011-02-02 17:11:20 270720 ------w- C:\Windows\System32\MpSigStub.exe
2011-01-26 23:37:22 9085952 ----a-w- C:\Windows\System32\drivers\atikmdag.sys
2011-01-26 23:22:20 22295040 ----a-w- C:\Windows\System32\atio6axx.dll
2011-01-26 23:00:46 143360 ----a-w- C:\Windows\System32\atiapfxx.exe
2011-01-26 23:00:32 596480 ----a-w- C:\Windows\SysWow64\aticfx32.dll
2011-01-26 22:59:48 17204736 ----a-w- C:\Windows\SysWow64\atioglxx.dll
2011-01-26 22:59:12 708608 ----a-w- C:\Windows\System32\aticfx64.dll
2011-01-26 22:56:30 462848 ----a-w- C:\Windows\System32\ATIDEMGX.dll
2011-01-26 22:56:16 479232 ----a-w- C:\Windows\System32\atieclxx.exe
2011-01-26 22:55:38 203776 ----a-w- C:\Windows\System32\atiesrxx.exe
2011-01-26 22:54:22 120320 ----a-w- C:\Windows\System32\atitmm64.dll
2011-01-26 22:54:02 423424 ----a-w- C:\Windows\System32\atipdl64.dll
2011-01-26 22:53:56 356352 ----a-w- C:\Windows\SysWow64\atipdlxx.dll
2011-01-26 22:53:44 278528 ----a-w- C:\Windows\SysWow64\Oemdspif.dll
2011-01-26 22:53:38 16384 ----a-w- C:\Windows\System32\atimuixx.dll
2011-01-26 22:53:34 59392 ----a-w- C:\Windows\System32\atiedu64.dll
2011-01-26 22:53:28 43520 ----a-w- C:\Windows\SysWow64\ati2edxx.dll
2011-01-26 22:49:46 4105728 ----a-w- C:\Windows\SysWow64\atidxx32.dll
2011-01-26 22:40:04 4847616 ----a-w- C:\Windows\System32\atidxx64.dll
2011-01-26 22:32:48 1208320 ----a-w- C:\Windows\System32\atiumd6v.dll
2011-01-26 22:32:14 1912832 ----a-w- C:\Windows\SysWow64\atiumdmv.dll
2011-01-26 22:32:02 3222016 ----a-w- C:\Windows\System32\atiumd6a.dll
2011-01-26 22:28:54 4170752 ----a-w- C:\Windows\SysWow64\atiumdag.dll
2011-01-26 22:27:54 51200 ----a-w- C:\Windows\System32\aticalrt64.dll
2011-01-26 22:27:52 46080 ----a-w- C:\Windows\SysWow64\aticalrt.dll
2011-01-26 22:27:44 44544 ----a-w- C:\Windows\System32\aticalcl64.dll
2011-01-26 22:27:42 44032 ----a-w- C:\Windows\SysWow64\aticalcl.dll
2011-01-26 22:27:32 6982144 ----a-w- C:\Windows\System32\aticaldd64.dll
2011-01-26 22:25:52 5580800 ----a-w- C:\Windows\SysWow64\aticaldd.dll
2011-01-26 22:24:20 3463680 ----a-w- C:\Windows\SysWow64\atiumdva.dll
2011-01-26 22:22:00 5316096 ----a-w- C:\Windows\System32\atiumd64.dll
2011-01-26 22:20:46 58880 ----a-w- C:\Windows\System32\coinst.dll
2011-01-26 22:14:16 354304 ----a-w- C:\Windows\System32\atiadlxx.dll
2011-01-26 22:14:10 249856 ----a-w- C:\Windows\SysWow64\atiadlxy.dll
2011-01-26 22:13:58 14848 ----a-w- C:\Windows\System32\atig6pxx.dll
2011-01-26 22:13:54 12800 ----a-w- C:\Windows\SysWow64\atiglpxx.dll
2011-01-26 22:13:54 12800 ----a-w- C:\Windows\System32\atiglpxx.dll
2011-01-26 22:13:52 39936 ----a-w- C:\Windows\System32\atig6txx.dll
2011-01-26 22:13:44 32768 ----a-w- C:\Windows\SysWow64\atigktxx.dll
2011-01-26 22:13:34 299520 ----a-w- C:\Windows\System32\drivers\atikmpag.sys
2011-01-26 22:12:48 39936 ----a-w- C:\Windows\System32\atiuxp64.dll
2011-01-26 22:12:42 30720 ----a-w- C:\Windows\SysWow64\atiuxpag.dll
2011-01-26 22:12:34 38400 ----a-w- C:\Windows\System32\atiu9p64.dll
2011-01-26 22:12:26 28672 ----a-w- C:\Windows\SysWow64\atiu9pag.dll
2011-01-26 22:11:48 53248 ----a-w- C:\Windows\System32\drivers\ati2erec.dll
2011-01-26 22:08:48 53760 ----a-w- C:\Windows\System32\atimpc64.dll
2011-01-26 22:08:48 53760 ----a-w- C:\Windows\System32\amdpcom64.dll
2011-01-26 22:08:42 52736 ----a-w- C:\Windows\SysWow64\atimpc32.dll
2011-01-26 22:08:42 52736 ----a-w- C:\Windows\SysWow64\amdpcom32.dll
2011-01-07 12:17:52 475648 ----a-w- C:\Windows\System32\XpsGdiConverter.dll
2011-01-07 12:17:52 1465344 ----a-w- C:\Windows\System32\XpsPrint.dll
2011-01-07 12:14:11 46080 ----a-w- C:\Windows\System32\atmlib.dll
2011-01-07 09:51:01 1638912 ----a-w- C:\Windows\System32\mshtml.tlb
2011-01-07 09:20:44 366592 ----a-w- C:\Windows\System32\atmfd.dll
2011-01-07 07:46:34 870912 ----a-w- C:\Windows\SysWow64\XpsPrint.dll
2011-01-07 07:46:34 288256 ----a-w- C:\Windows\SysWow64\XpsGdiConverter.dll
2011-01-07 07:45:57 34304 ----a-w- C:\Windows\SysWow64\atmlib.dll
2011-01-07 06:01:22 1638912 ----a-w- C:\Windows\SysWow64\mshtml.tlb
2011-01-07 05:43:36 294400 ----a-w- C:\Windows\SysWow64\atmfd.dll
2011-01-05 10:34:00 612864 ----a-w- C:\Windows\System32\vbscript.dll
2011-01-05 06:56:24 3129344 ----a-w- C:\Windows\System32\win32k.sys
2011-01-05 05:55:55 428032 ----a-w- C:\Windows\SysWow64\vbscript.dll
.
============= FINISH: 13:01:36.14 ===============

.
UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
IF REQUESTED, ZIP IT UP & ATTACH IT
.
DDS (Ver_11-03-05.01)
.
Microsoft Windows 7 Home Premium
Boot Device: \Device\HarddiskVolume3
Install Date: 09/06/2010 14:44:12
System Uptime: 29/03/2011 12:23:56 (1 hours ago)
.
Motherboard: ASUSTeK Computer INC. | | P6X58D-E
Processor: Intel(R) Core(TM) i7 CPU 930 @ 2.80GHz | LGA1366 | 1596/133mhz
.
==== Disk Partitions =========================
.
C: is FIXED (NTFS) - 596 GiB total, 491.416 GiB free.
D: is CDROM ()
E: is FIXED (NTFS) - 195 GiB total, 47.64 GiB free.
F: is FIXED (NTFS) - 736 GiB total, 725.687 GiB free.
.
==== Disabled Device Manager Items =============
.
==== System Restore Points ===================
.
RP220: 13/03/2011 19:00:12 - Windows Backup
RP221: 15/03/2011 07:42:07 - Windows Update
RP222: 18/03/2011 07:56:11 - Windows Update
RP223: 20/03/2011 19:00:09 - Windows Backup
RP224: 22/03/2011 08:08:07 - Windows Update
RP225: 22/03/2011 17:23:46 - Windows Update
RP226: 24/03/2011 09:54:57 - Windows Update
RP227: 26/03/2011 17:49:44 - Removed Bonjour
RP228: 26/03/2011 21:24:25 - Installed DirectX
RP229: 26/03/2011 21:24:37 - Installed DirectX
RP230: 26/03/2011 21:27:13 - Windows Live Essentials
RP231: 26/03/2011 21:27:37 - WLSetup
RP232: 26/03/2011 21:30:41 - Windows Live Essentials
RP233: 26/03/2011 21:30:50 - Installed DirectX
RP234: 26/03/2011 21:31:04 - Installed DirectX
RP235: 26/03/2011 21:31:20 - WLSetup
RP236: 27/03/2011 19:00:09 - Windows Backup
RP237: 27/03/2011 22:04:05 - Installed DirectX
RP238: 27/03/2011 22:04:19 - Installed DirectX
.
==== Installed Programs ======================
.
3DMark Vantage
Adobe Download Manager
Adobe Flash Player 10 ActiveX
Adobe Flash Player 10 Plugin
Adobe Photoshop Elements 7.0
Adobe Reader 9.4.3
Adobe Shockwave Player 11.5
AI Suite
AIO_Scan
Amazon MP3 Downloader 1.0.9
Apple Application Support
Apple Software Update
ASUS Gamer OSD
ASUS Smart Doctor
ASUS VGA Driver
ATC for Splinter Cell Chaos Theory 1.0
ATI Catalyst Registration
Audacity 1.2.6
avast! Free Antivirus
Browser Configuration Utility
BufferChm
C4200
c4200_Help
Catalyst Control Center - Branding
Catalyst Control Center Graphics Previews Common
Catalyst Control Center InstallProxy
ccc-core-static
CCC Help English
CCleaner
CDBurnerXP
Copy
D3DX10
Data Lifeguard Diagnostic for Windows 1.21
dBpoweramp Music Converter
Destinations
DeviceDiscovery
DocProc
EPU-6 Engine
Facebook Plug-In
File Uploader
Fraps
Futuremark SystemInfo
GOM Player
GPBaseService2
HP Update
HPPhotoGadget
HPPhotoSmartDiscLabelContent1
HPPhotosmartEssential
HPProductAssistant
HPSSupply
IsoBuster 2.8
Junk Mail filter update
LAME v3.98.2 for Audacity
Magic ISO Maker v5.5 (build 0281)
Malwarebytes' Anti-Malware
MarketResearch
marvell 91xx driver
Marvell Miniport Driver
McAfee Security Scan Plus
McAfee SiteAdvisor
Medal of Honor (TM)
MediaMonkey 3.2
Microsoft Office 2007 Service Pack 2 (SP2)
Microsoft Office Access MUI (English) 2007
Microsoft Office Access Setup Metadata MUI (English) 2007
Microsoft Office Enterprise 2007
Microsoft Office Excel MUI (English) 2007
Microsoft Office Groove MUI (English) 2007
Microsoft Office Groove Setup Metadata MUI (English) 2007
Microsoft Office InfoPath MUI (English) 2007
Microsoft Office OneNote MUI (English) 2007
Microsoft Office Outlook MUI (English) 2007
Microsoft Office PowerPoint MUI (English) 2007
Microsoft Office Proof (English) 2007
Microsoft Office Proof (French) 2007
Microsoft Office Proof (Spanish) 2007
Microsoft Office Proofing (English) 2007
Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
Microsoft Office Publisher MUI (English) 2007
Microsoft Office Shared MUI (English) 2007
Microsoft Office Shared Setup Metadata MUI (English) 2007
Microsoft Office Word MUI (English) 2007
Microsoft Silverlight
Microsoft SQL Server 2005 Compact Edition [ENU]
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
Microsoft Visual C++ 2005 Redistributable
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
Microsoft XML Parser
Mozilla Firefox (3.6.16)
MSVCRT
MSVCRT_amd64
MSXML 4.0 SP2 (KB954430)
MSXML 4.0 SP2 (KB973688)
NEC Electronics USB 3.0 Host Controller Driver
NEF Codec
neroxml
NetAssistant
NetAssistant for Firefox
NFS Underground
Nikon Message Center
Nikon Transfer
NVIDIA PhysX
PC Probe II
Picture Control Utility
PS_AIO_Software_min
QuickTime
Realtek High Definition Audio Driver
Scan
Security Update for 2007 Microsoft Office System (KB2288621)
Security Update for 2007 Microsoft Office System (KB2288931)
Security Update for 2007 Microsoft Office System (KB2289158)
Security Update for 2007 Microsoft Office System (KB2344875)
Security Update for 2007 Microsoft Office System (KB2345043)
Security Update for 2007 Microsoft Office System (KB969559)
Security Update for 2007 Microsoft Office System (KB976321)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2160841)
Security Update for Microsoft Office Access 2007 (KB979440)
Security Update for Microsoft Office Excel 2007 (KB2345035)
Security Update for Microsoft Office Groove 2007 (KB2494047)
Security Update for Microsoft Office InfoPath 2007 (KB979441)
Security Update for Microsoft Office PowerPoint 2007 (KB982158)
Security Update for Microsoft Office PowerPoint Viewer (KB2413381)
Security Update for Microsoft Office Publisher 2007 (KB2284697)
Security Update for Microsoft Office system 2007 (972581)
Security Update for Microsoft Office system 2007 (KB974234)
Security Update for Microsoft Office Visio Viewer 2007 (KB973709)
Security Update for Microsoft Office Word 2007 (KB2344993)
SmartWebPrinting
SolutionCenter
SpeedFan (remove only)
Splinter Cell Pandora Tomorrow
Spybot - Search & Destroy
Status
The Lord of the Rings FREE Trial
Tom Clancy's Splinter Cell
Tom Clancy's Splinter Cell Chaos Theory
Toolbox
TrayApp
TurboV
UnloadSupport
Update for 2007 Microsoft Office System (KB2284654)
Update for 2007 Microsoft Office System (KB967642)
Update for Microsoft Office 2007 Help for Common Features (KB963673)
Update for Microsoft Office Access 2007 Help (KB963663)
Update for Microsoft Office Excel 2007 Help (KB963678)
Update for Microsoft Office Infopath 2007 Help (KB963662)
Update for Microsoft Office OneNote 2007 (KB980729)
Update for Microsoft Office OneNote 2007 Help (KB963670)
Update for Microsoft Office Outlook 2007 (KB2412171)
Update for Microsoft Office Outlook 2007 Help (KB963677)
Update for Microsoft Office Powerpoint 2007 Help (KB963669)
Update for Microsoft Office Publisher 2007 Help (KB963667)
Update for Microsoft Office Script Editor Help (KB963671)
Update for Microsoft Office Word 2007 Help (KB963665)
Update for Outlook 2007 Junk Email Filter (KB2508979)
Utility
ViewNX
VLC media player 1.1.2
VoiceOver Kit
WebReg
Windows Live Communications Platform
Windows Live Essentials
Windows Live Installer
Windows Live Mail
Windows Live Messenger
Windows Live Movie Maker
Windows Live Photo Common
Windows Live Photo Gallery
Windows Live PIMT Platform
Windows Live SOXE
Windows Live SOXE Definitions
Windows Live Sync
Windows Live UX Platform
Windows Live UX Platform Language Pack
Windows Live Writer
Windows Live Writer Resources
World of Warcraft
XviD MPEG-4 Video Codec
ZoneAlarm
.
==== Event Viewer Messages From Past Week ========
.
26/03/2011 22:51:00, Error: Microsoft-Windows-DistributedCOM [10016] - The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID {D3DCB472-7261-43CE-924B-0704BD730D5F} and APPID {D3DCB472-7261-43CE-924B-0704BD730D5F} to the user DreamMachine\Nigel SID (S-1-5-21-2461483713-2889394737-1746768284-1000) from address LocalHost (Using LRPC). This security permission can be modified using the Component Services administrative tool.
26/03/2011 22:51:00, Error: Microsoft-Windows-DistributedCOM [10016] - The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID {145B4335-FE2A-4927-A040-7C35AD3180EF} and APPID {145B4335-FE2A-4927-A040-7C35AD3180EF} to the user DreamMachine\Nigel SID (S-1-5-21-2461483713-2889394737-1746768284-1000) from address LocalHost (Using LRPC). This security permission can be modified using the Component Services administrative tool.
24/03/2011 20:59:44, Error: bowser [8003] - The master browser has received a server announcement from the computer SARAH-PC that believes that it is the master browser for the domain on transport NetBT_Tcpip_{FFEB2D4B-C40B-44C6-A772-11700B4CC104}. The master browser is stopping or an election is being forced.
22/03/2011 17:25:15, Error: Service Control Manager [7043] - The Group Policy Client service did not shut down properly after receiving a preshutdown control.
.
==== End Of File ===========================

For some reason the avast report file will not copy here. I am not sure if it because I have run out of room. I will try in another post.

 

I cannot copy the avast files that cannot be scanned here so I will have to type them in:

C:\Users\Downloads\426935_intl_x64_zip.exe>Windows6.1-KB2495523-x64.msu Error: Archive is password protected(42056)

C:\program files\alwil software\avast5\defs\11032801\algo.dll Error: The system cannot find the path specified(3)

C:\program files\alwil software\avast5\defs\11032801\aswcmnbs.dll Error: The system cannot find the path specified(3)

C:\program files\alwil software\avast5\defs\11032801\aswcmnis\dll Error: The system cannot find the path specified(3)

C:\program files\alwil software\avast5\defs\11032801\aswcmnos.dll Error: The system cannot find the path specified(3)

C:\program files\alwil software\avast5\defs\11032801\aswengin.dll Error: The system cannot find the path specified(3)

C:\program files\alwil software\avast5\defs\11032801\aswscan.dll Error: The system cannot find the path specified(3)

 

Very slow internet and error on Windows Live Mail 2011

I just looked it up on Google and found the aswSynx private storage is not a root-kit but the sandbox that kept popping up when I scanned with GMER.

The top one in the list of the avast un-scanned tools is: the Hot-fix that Microsoft has for correcting the problem of "losing the Sleep Mode Command ". I had to use the password that Microsoft provided me with.

 

Very Slow Internet Browsing and Live Mail 2011 Error

Thank you for looking at my scans broni. I have followed your latest instructions and now post the results:

ComboFix 11-03-29.06 - Nigel 30/03/2011 19:47:35.1.8 - x64
Microsoft Windows 7 Home Premium 6.1.7601.1.1252.44.1033.18.6135.4386 [GMT 1:00]
Running from: c:\users\Nigel\Downloads\ComboFix.exe
AV: avast! Antivirus *Disabled/Updated* {2B2D1395-420B-D5C9-657E-930FE358FC3C}
FW: ZoneAlarm Firewall *Disabled* {D17DF357-CFF5-F001-D1C1-FCD21DFE3D5E}
SP: avast! Antivirus *Disabled/Updated* {904CF271-6431-DA47-5FCE-A87D98DFB681}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
* Created a new restore point
.
.
((((((((((((((((((((((((( Files Created from 2011-02-28 to 2011-03-30 )))))))))))))))))))))))))))))))
.
.
2011-03-30 18:50 . 2011-03-30 18:50 -------- d-----w- c:\users\Lorraine\AppData\Local\temp
2011-03-30 18:50 . 2011-03-30 18:50 -------- d-----w- c:\users\Default\AppData\Local\temp
2011-03-30 15:19 . 2011-03-30 15:19 -------- d-----w- c:\users\Nigel\AppData\Local\{C06A3EAF-C814-4FC9-8E8D-8C64058E923E}
2011-03-30 08:47 . 2011-03-30 08:47 -------- d-----w- c:\users\Nigel\AppData\Local\{3F2A7146-8A88-425C-A3E1-0B061FCFCCC5}
2011-03-29 20:23 . 2011-03-29 20:23 -------- d-----w- c:\users\Nigel\AppData\Local\{FCDA7B7C-5F00-45A8-B857-4BFD6F43BE7E}
2011-03-29 07:48 . 2011-03-29 07:49 -------- d-----w- c:\users\Nigel\AppData\Local\{9FC4554F-7511-4F86-8102-E3AA3437C847}
2011-03-28 20:49 . 2011-03-28 20:49 -------- d-----w- c:\users\Nigel\AppData\Roaming\HPAppData
2011-03-28 12:18 . 2011-03-28 12:18 -------- d-----w- c:\users\Nigel\AppData\Local\{EA12B464-4C07-48C5-A7C7-BEC79CB9A571}
2011-03-28 12:17 . 2011-03-28 12:17 -------- d-----w- c:\users\Nigel\AppData\Local\{5D9093B1-AD34-4E88-BE08-983A444C66BC}
2011-03-27 12:18 . 2011-03-27 12:18 -------- d-----w- c:\users\Nigel\AppData\Local\{8CD35F94-BAB8-4E1A-8CE9-05A235AE542F}
2011-03-26 21:39 . 2011-03-26 21:39 -------- d-----w- c:\users\Nigel\AppData\Local\{277E537C-7AAB-46C8-8F5C-40C067488816}
2011-03-26 21:34 . 2011-03-26 21:34 -------- d-----w- c:\windows\en
2011-03-26 21:31 . 2011-03-26 21:31 -------- d-----w- c:\program files\Windows Live
2011-03-22 17:24 . 2011-01-15 06:28 27520 ----a-w- c:\windows\system32\drivers\Diskdump.sys
2011-03-22 08:08 . 2011-02-11 07:30 7947600 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{BCC57244-B7C2-4585-A400-880204E59EEE}\mpengine.dll
2011-03-20 21:24 . 2011-03-20 21:24 -------- d-----w- c:\users\Nigel\AppData\Roaming\Malwarebytes
2011-03-20 21:24 . 2011-03-20 21:24 -------- d-----w- c:\programdata\Malwarebytes
2011-03-20 21:24 . 2010-12-20 18:09 38224 ----a-w- c:\windows\SysWow64\drivers\mbamswissarmy.sys
2011-03-20 21:24 . 2011-03-20 21:24 -------- d-----w- c:\program files (x86)\Malwarebytes' Anti-Malware
2011-03-20 21:24 . 2010-12-20 18:08 24152 ----a-w- c:\windows\system32\drivers\mbam.sys
2011-03-20 11:09 . 2011-03-20 11:09 -------- d-----w- c:\programdata\ATI
2011-03-20 11:08 . 2011-03-20 11:08 -------- d-----w- c:\program files (x86)\ATI Stream
2011-03-12 20:41 . 2011-03-12 20:41 -------- d-----w- c:\program files\iTunes
2011-03-12 20:41 . 2011-03-12 20:41 -------- d-----w- c:\program files\iPod
2011-03-12 12:28 . 2011-03-12 12:28 103864 ----a-w- c:\program files (x86)\Mozilla Firefox\plugins\nppdf32.dll
2011-03-12 12:28 . 2011-03-12 12:28 103864 ----a-w- c:\program files (x86)\Internet Explorer\Plugins\nppdf32.dll
2011-03-06 20:00 . 2011-02-23 14:57 505176 ----a-w- c:\windows\system32\drivers\aswSnx.sys
2011-03-03 22:31 . 2011-03-03 22:31 -------- d-----w- c:\windows\system32\SPReview
2011-03-03 22:30 . 2011-03-03 22:30 -------- d-----w- c:\windows\system32\EventProviders
2011-03-03 22:27 . 2010-11-20 13:33 63360 ----a-w- c:\windows\system32\drivers\termdd.sys
2011-03-03 22:26 . 2010-11-20 12:21 189952 ----a-w- c:\windows\SysWow64\wdscore.dll
2011-03-03 22:26 . 2010-11-20 12:17 209920 ----a-w- c:\windows\SysWow64\PkgMgr.exe
2011-03-03 22:26 . 2010-11-20 12:18 323072 ----a-w- c:\windows\SysWow64\drvstore.dll
2011-03-03 22:26 . 2010-11-20 12:18 257024 ----a-w- c:\windows\SysWow64\dpx.dll
2011-03-03 22:26 . 2010-11-20 12:21 363008 ----a-w- c:\windows\SysWow64\wbemcomn.dll
2011-03-03 22:26 . 2010-11-20 12:19 606208 ----a-w- c:\windows\SysWow64\wbem\fastprox.dll
2011-03-03 22:25 . 2010-11-20 13:27 524288 ----a-w- c:\windows\system32\wmicmiplugin.dll
2011-03-03 22:25 . 2010-11-20 13:27 529408 ----a-w- c:\windows\system32\wbemcomn.dll
2011-03-03 22:25 . 2010-11-20 13:27 1225216 ----a-w- c:\windows\system32\wbem\wbemcore.dll
2011-03-03 22:25 . 2010-11-20 13:27 933376 ----a-w- c:\windows\system32\SmiEngine.dll
2011-03-03 22:25 . 2010-11-20 13:25 199168 ----a-w- c:\windows\system32\PkgMgr.exe
2011-03-03 22:25 . 2010-11-20 13:26 422912 ----a-w- c:\windows\system32\drvstore.dll
2011-03-03 22:25 . 2010-11-20 13:26 399872 ----a-w- c:\windows\system32\dpx.dll
2011-03-03 22:10 . 2011-01-17 11:09 197120 ----a-w- c:\windows\system32\d3d10_1.dll
2011-03-03 22:10 . 2011-01-17 05:47 161792 ----a-w- c:\windows\SysWow64\d3d10_1.dll
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2011-03-09 09:45 . 2010-06-24 10:33 18328 ----a-w- c:\programdata\Microsoft\IdentityCRL\production\ppcrlconfig600.dll
2011-03-03 22:34 . 2009-07-14 02:36 152576 ----a-w- c:\windows\SysWow64\msclmd.dll
2011-03-03 22:34 . 2009-07-14 02:36 175616 ----a-w- c:\windows\system32\msclmd.dll
2011-02-23 15:04 . 2010-06-29 15:08 40648 ----a-w- c:\windows\avastSS.scr
2011-02-23 15:04 . 2010-06-09 15:03 190016 ----a-w- c:\windows\SysWow64\aswBoot.exe
2011-02-23 15:04 . 2011-01-12 18:51 238968 ----a-w- c:\windows\system32\aswBoot.exe
2011-02-23 14:57 . 2010-06-09 15:04 280408 ----a-w- c:\windows\system32\drivers\aswSP.sys
2011-02-23 14:55 . 2010-06-09 15:04 53592 ----a-w- c:\windows\system32\drivers\aswTdi.sys
2011-02-23 14:55 . 2010-06-09 15:04 31064 ----a-w- c:\windows\system32\drivers\aswRdr.sys
2011-02-23 14:55 . 2010-06-09 15:04 64344 ----a-w- c:\windows\system32\drivers\aswMonFlt.sys
2011-02-23 14:54 . 2010-06-09 15:04 22360 ----a-w- c:\windows\system32\drivers\aswFsBlk.sys
2011-02-08 20:12 . 2010-09-15 11:30 505632 ----a-w- c:\windows\system32\yk62x64.dll
2011-02-08 20:12 . 2010-09-15 11:30 394528 ----a-w- c:\windows\system32\drivers\yk62x64.sys
2011-02-02 17:11 . 2010-06-09 14:14 270720 ------w- c:\windows\system32\MpSigStub.exe
2011-01-26 23:37 . 2011-01-26 23:37 9085952 ----a-w- c:\windows\system32\drivers\atikmdag.sys
2011-01-26 23:22 . 2011-01-26 23:22 22295040 ----a-w- c:\windows\system32\atio6axx.dll
2011-01-26 23:00 . 2011-01-26 23:00 143360 ----a-w- c:\windows\system32\atiapfxx.exe
2011-01-26 23:00 . 2010-05-05 02:19 596480 ----a-w- c:\windows\SysWow64\aticfx32.dll
2011-01-26 22:59 . 2011-01-26 22:59 17204736 ----a-w- c:\windows\SysWow64\atioglxx.dll
2011-01-26 22:59 . 2010-05-05 02:18 708608 ----a-w- c:\windows\system32\aticfx64.dll
2011-01-26 22:56 . 2011-01-26 22:56 462848 ----a-w- c:\windows\system32\ATIDEMGX.dll
2011-01-26 22:56 . 2010-05-27 17:00 479232 ----a-w- c:\windows\system32\atieclxx.exe
2011-01-26 22:55 . 2010-05-27 16:59 203776 ----a-w- c:\windows\system32\atiesrxx.exe
2011-01-26 22:54 . 2011-01-26 22:54 120320 ----a-w- c:\windows\system32\atitmm64.dll
2011-01-26 22:54 . 2010-05-27 16:58 423424 ----a-w- c:\windows\system32\atipdl64.dll
2011-01-26 22:53 . 2010-05-05 02:13 356352 ----a-w- c:\windows\SysWow64\atipdlxx.dll
2011-01-26 22:53 . 2011-01-26 22:53 278528 ----a-w- c:\windows\SysWow64\Oemdspif.dll
2011-01-26 22:53 . 2011-01-26 22:53 16384 ----a-w- c:\windows\system32\atimuixx.dll
2011-01-26 22:53 . 2011-01-26 22:53 59392 ----a-w- c:\windows\system32\atiedu64.dll
2011-01-26 22:53 . 2011-01-26 22:53 43520 ----a-w- c:\windows\SysWow64\ati2edxx.dll
2011-01-26 22:49 . 2011-01-26 22:49 4105728 ----a-w- c:\windows\SysWow64\atidxx32.dll
2011-01-26 22:40 . 2010-05-05 01:56 4847616 ----a-w- c:\windows\system32\atidxx64.dll
2011-01-26 22:32 . 2011-01-26 22:32 1208320 ----a-w- c:\windows\system32\atiumd6v.dll
2011-01-26 22:32 . 2011-01-26 22:32 1912832 ----a-w- c:\windows\SysWow64\atiumdmv.dll
2011-01-26 22:32 . 2010-05-05 01:24 3222016 ----a-w- c:\windows\system32\atiumd6a.dll
2011-01-26 22:28 . 2011-01-26 22:28 4170752 ----a-w- c:\windows\SysWow64\atiumdag.dll
2011-01-26 22:27 . 2011-01-26 22:27 51200 ----a-w- c:\windows\system32\aticalrt64.dll
2011-01-26 22:27 . 2011-01-26 22:27 46080 ----a-w- c:\windows\SysWow64\aticalrt.dll
2011-01-26 22:27 . 2011-01-26 22:27 44544 ----a-w- c:\windows\system32\aticalcl64.dll
2011-01-26 22:27 . 2011-01-26 22:27 44032 ----a-w- c:\windows\SysWow64\aticalcl.dll
2011-01-26 22:27 . 2011-01-26 22:27 6982144 ----a-w- c:\windows\system32\aticaldd64.dll
2011-01-26 22:25 . 2011-01-26 22:25 5580800 ----a-w- c:\windows\SysWow64\aticaldd.dll
2011-01-26 22:24 . 2011-01-26 22:24 3463680 ----a-w- c:\windows\SysWow64\atiumdva.dll
2011-01-26 22:22 . 2010-05-05 01:33 5316096 ----a-w- c:\windows\system32\atiumd64.dll
2011-01-26 22:20 . 2010-05-05 01:35 58880 ----a-w- c:\windows\system32\coinst.dll
2011-01-26 22:14 . 2010-05-27 16:26 354304 ----a-w- c:\windows\system32\atiadlxx.dll
2011-01-26 22:14 . 2011-01-26 22:14 249856 ----a-w- c:\windows\SysWow64\atiadlxy.dll
2011-01-26 22:13 . 2011-01-26 22:13 14848 ----a-w- c:\windows\system32\atig6pxx.dll
2011-01-26 22:13 . 2011-01-26 22:13 12800 ----a-w- c:\windows\SysWow64\atiglpxx.dll
2011-01-26 22:13 . 2011-01-26 22:13 12800 ----a-w- c:\windows\system32\atiglpxx.dll
2011-01-26 22:13 . 2011-01-26 22:13 39936 ----a-w- c:\windows\system32\atig6txx.dll
2011-01-26 22:13 . 2011-01-26 22:13 32768 ----a-w- c:\windows\SysWow64\atigktxx.dll
2011-01-26 22:13 . 2011-01-26 22:13 299520 ----a-w- c:\windows\system32\drivers\atikmpag.sys
2011-01-26 22:12 . 2010-02-10 08:30 39936 ----a-w- c:\windows\system32\atiuxp64.dll
2011-01-26 22:12 . 2011-01-26 22:12 30720 ----a-w- c:\windows\SysWow64\atiuxpag.dll
2011-01-26 22:12 . 2010-05-05 01:22 38400 ----a-w- c:\windows\system32\atiu9p64.dll
2011-01-26 22:12 . 2010-05-05 01:22 28672 ----a-w- c:\windows\SysWow64\atiu9pag.dll
2011-01-26 22:11 . 2011-01-26 22:11 53248 ----a-w- c:\windows\system32\drivers\ati2erec.dll
2011-01-26 22:08 . 2011-01-26 22:08 53760 ----a-w- c:\windows\system32\atimpc64.dll
2011-01-26 22:08 . 2011-01-26 22:08 53760 ----a-w- c:\windows\system32\amdpcom64.dll
2011-01-26 22:08 . 2011-01-26 22:08 52736 ----a-w- c:\windows\SysWow64\atimpc32.dll
2011-01-26 22:08 . 2011-01-26 22:08 52736 ----a-w- c:\windows\SysWow64\amdpcom32.dll
2011-01-07 12:17 . 2011-02-23 13:12 1465344 ----a-w- c:\windows\system32\XpsPrint.dll
2011-01-07 12:17 . 2011-02-23 13:12 475648 ----a-w- c:\windows\system32\XpsGdiConverter.dll
2011-01-07 12:14 . 2011-02-09 08:05 46080 ----a-w- c:\windows\system32\atmlib.dll
2011-01-07 09:51 . 2011-02-09 08:06 1638912 ----a-w- c:\windows\system32\mshtml.tlb
2011-01-07 09:20 . 2011-02-09 08:05 366592 ----a-w- c:\windows\system32\atmfd.dll
2011-01-07 07:46 . 2011-02-23 13:12 870912 ----a-w- c:\windows\SysWow64\XpsPrint.dll
2011-01-07 07:46 . 2011-02-23 13:12 288256 ----a-w- c:\windows\SysWow64\XpsGdiConverter.dll
2011-01-07 07:45 . 2011-02-09 08:05 34304 ----a-w- c:\windows\SysWow64\atmlib.dll
2011-01-07 06:01 . 2011-02-09 08:06 1638912 ----a-w- c:\windows\SysWow64\mshtml.tlb
2011-01-07 05:43 . 2011-02-09 08:05 294400 ----a-w- c:\windows\SysWow64\atmfd.dll
2011-01-05 10:34 . 2011-02-09 08:05 612864 ----a-w- c:\windows\system32\vbscript.dll
2011-01-05 06:56 . 2011-02-09 08:05 3129344 ----a-w- c:\windows\system32\win32k.sys
2011-01-05 05:55 . 2011-02-09 08:05 428032 ----a-w- c:\windows\SysWow64\vbscript.dll
.
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Sidebar "= "c:\program files\Windows Sidebar\sidebar.exe" [2010-11-20 1475584]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"NUSB3MON "= "c:\program files (x86)\NEC Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe" [2010-01-22 106496]
"BCU "= "c:\program files (x86)\DeviceVM\Browser Configuration Utility\BCU.exe" [2009-10-26 375000]
"GrooveMonitor "= "c:\program files (x86)\Microsoft Office\Office12\GrooveMonitor.exe" [2008-10-25 31072]
"ATICustomerCare "= "c:\program files (x86)\ATI\ATICustomerCare\ATICustomerCare.exe" [2010-03-04 311296]
"hpqSRMon "= "c:\program files (x86)\HP\Digital Imaging\bin\hpqSRMon.exe" [2008-07-22 150528]
"Nikon Transfer Monitor "= "c:\program files (x86)\Common Files\Nikon\Monitor\NkMonitor.exe" [2009-09-15 479232]
"QFan Help "= "c:\program files (x86)\ASUS\AI Suite\QFan3\QFanHelp.exe" [2010-01-13 611968]
"Cpu Level Up help "= "c:\program files (x86)\ASUS\AI Suite\CpuLevelUpHelp.exe" [2009-12-28 887936]
"TurboV "= "c:\program files (x86)\ASUS\TurboV\TurboV.exe" [2010-05-07 5701248]
"ASUSGamerOSD "= "c:\program files (x86)\ASUS\GamerOSD\GamerOSD.exe" [2009-07-30 380928]
"Adobe Reader Speed Launcher "= "c:\program files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2011-01-31 35760]
"Adobe ARM "= "c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2010-09-20 932288]
"ZoneAlarm Client "= "c:\program files (x86)\Zone Labs\ZoneAlarm\zlclient.exe" [2010-09-02 1043968]
"AppleSyncNotifier "= "c:\program files (x86)\Common Files\Apple\Mobile Device Support\AppleSyncNotifier.exe" [2010-12-14 47904]
"iTunesHelper "= "c:\program files (x86)\iTunes\iTunesHelper.exe" [2011-03-07 421160]
"StartCCC "= "c:\program files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2011-01-26 336384]
.
c:\users\Nigel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
Nikon Monitor.lnk - c:\program files (x86)\Common Files\Nikon\Monitor\NkMonitor.exe [2009-9-15 479232]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
HP Digital Imaging Monitor.lnk - c:\program files (x86)\HP\Digital Imaging\bin\hpqtra08.exe [2009-9-20 270336]
McAfee Security Scan Plus.lnk - c:\program files (x86)\McAfee Security Scan\2.0.181\SSScheduler.exe [2010-1-15 255536]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin "= 5 (0x5)
"ConsentPromptBehaviorUser "= 3 (0x3)
"EnableUIADesktopToggle "= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]
Security Packages REG_MULTI_SZ kerberos msv1_0 schannel wdigest tspkg pku2u livessp
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\run-]
"HP Software Update "=c:\program files (x86)\HP\HP Software Update\HPWuSchd2.exe
"NeroFilterCheck "=c:\windows\system32\NeroCheck.exe
"QuickTime Task "= "c:\program files (x86)\QuickTime\QTTask.exe" -atboottime
.
R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
R3 ALSysIO;ALSysIO;c:\users\Nigel\AppData\Local\Temp\ALSysIO64.sys [x]
R3 cpuz130;cpuz130;c:\users\Nigel\AppData\Local\Temp\cpuz130\cpuz_x64.sys [x]
R3 McComponentHostService;McAfee Security Scan Component Host Service;c:\program files (x86)\McAfee Security Scan\2.0.181\McCHSvc.exe [2010-01-15 227232]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [x]
R3 USBAAPL64;Apple Mobile USB Driver;c:\windows\system32\Drivers\usbaapl64.sys [x]
R3 WatAdminSvc;Windows Activation Technologies Service;c:\windows\system32\Wat\WatAdminSvc.exe [x]
S0 mv91xx;mv91xx;c:\windows\system32\DRIVERS\mv91xx.sys [x]
S0 PxHlpa64;PxHlpa64;c:\windows\System32\Drivers\PxHlpa64.sys [x]
S1 aswSnx;aswSnx; [x]
S1 aswSP;aswSP; [x]
S1 EIO64;EIO Driver;c:\windows\system32\DRIVERS\EIO64.sys [x]
S2 AdobeActiveFileMonitor7.0;Adobe Active File Monitor V7;c:\program files (x86)\Adobe\Photoshop Elements 7.0\PhotoshopElementsFileAgent.exe [2008-09-16 169312]
S2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe [x]
S2 AsSysCtrlService;ASUS System Control Service;c:\program files (x86)\ASUS\AsSysCtrlService\1.00.03\AsSysCtrlService.exe [2009-08-19 90112]
S2 aswFsBlk;aswFsBlk; [x]
S2 aswMonFlt;aswMonFlt;c:\windows\system32\drivers\aswMonFlt.sys [x]
S2 BCUService;Browser Configuration Utility Service;c:\program files (x86)\DeviceVM\Browser Configuration Utility\BCUService.exe [2009-10-26 223464]
S2 ISWKL;ZoneAlarm Toolbar ISWKL;c:\program files\CheckPoint\ZAForceField\ISWKL.sys [2010-09-02 33528]
S2 IswSvc;ZoneAlarm Toolbar IswSvc;c:\program files\CheckPoint\ZAForceField\IswSvc.exe [2010-09-02 823288]
S2 McAfee SiteAdvisor Service;McAfee SiteAdvisor Service;c:\progra~2\mcafee\SITEAD~1\mcsacore.exe [2011-02-16 101048]
S2 SBSDWSCService;SBSD Security Center Service;c:\program files (x86)\Spybot - Search & Destroy\SDWinSec.exe [2009-01-26 1153368]
S3 amdkmdag;amdkmdag;c:\windows\system32\DRIVERS\atikmdag.sys [x]
S3 amdkmdap;amdkmdap;c:\windows\system32\DRIVERS\atikmpag.sys [x]
S3 AtiHDAudioService;ATI Function Driver for HD Audio Service;c:\windows\system32\drivers\AtihdW76.sys [x]
S3 nusb3hub;NEC Electronics USB 3.0 Hub Driver;c:\windows\system32\DRIVERS\nusb3hub.sys [x]
S3 nusb3xhc;NEC Electronics USB 3.0 Host Controller Driver;c:\windows\system32\DRIVERS\nusb3xhc.sys [x]
S3 yukonw7;NDIS6.2 Miniport Driver for Marvell Yukon Ethernet Controller;c:\windows\system32\DRIVERS\yk62x64.sys [x]
.
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\svchost]
hpdevmgmt REG_MULTI_SZ hpqcxs08 hpqddsvc
getPlusHelper REG_MULTI_SZ getPlusHelper
.
.
--------- x86-64 -----------
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast]
@= "{472083B0-C522-11CF-8763-00608CC02F24} "
[HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}]
2011-02-23 15:04 134384 ----a-w- c:\program files\Alwil Software\Avast5\ashShA64.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"RtHDVCpl "= "c:\program files\Realtek\Audio\HDA\RAVCpl64.exe" [2010-01-29 10038304]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"LoadAppInit_DLLs "=0x0
.
------- Supplementary Scan -------
.
uLocal Page = c:\windows\system32\blank.htm
uStart Page = hxxp://www.talktalk.co.uk/
mLocal Page = c:\windows\SysWOW64\blank.htm
IE: E&xport to Microsoft Excel - c:\progra~2\MICROS~1\Office12\EXCEL.EXE/3000
FF - ProfilePath - c:\users\Nigel\AppData\Roaming\Mozilla\Firefox\Profiles\9g07cv7l.default\
FF - prefs.js: browser.search.selectedEngine - Google
FF - prefs.js: browser.startup.homepage - hxxp://en-US.start3.mozilla.com/firefox?client=firefox-a&rls=org.mozilla:en-USfficial
FF - prefs.js: keyword.URL - hxxp://uk.search.yahoo.com/search?fr=mcafee&p=
FF - Ext: Default: {972ce4c6-7e08-4474-a285-3208198ce6fd} - c:\program files (x86)\Mozilla Firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
FF - Ext: McAfee SiteAdvisor: {B7082FAA-CB62-4872-9106-E42DD88EDE45} - c:\program files (x86)\McAfee\SiteAdvisor
FF - Ext: Adobe DLM (powered by getPlus(R)): {E2883E8F-472F-4fb0-9522-AC9BF37916A7} - %profile%\extensions\{E2883E8F-472F-4fb0-9522-AC9BF37916A7}
FF - user.js: yahoo.ytff.general.dontshowhpoffer - true
.
- - - - ORPHANS REMOVED - - - -
.
WebBrowser-{D4027C7F-154A-4066-A1AD-4243D8127440} - (no file)
AddRemove-Adobe Shockwave Player - c:\windows\system32\Adobe\Shockwave 11\uninstaller.exe
AddRemove-dBpoweramp Music Converter - c:\windows\system32\SpoonUninstall.exe
.
.
.
--------------------- LOCKED REGISTRY KEYS ---------------------
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}]
@Denied: (A 2) (Everyone)
@= "FlashBroker "
"LocalizedString "= "@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil10h_ActiveX.exe,-101 "
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\Elevation]
"Enabled "=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\LocalServer32]
@= "c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil10h_ActiveX.exe "
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\TypeLib]
@= "{FAB3E735-69C7-453B-A446-B6823C6DF1C9} "
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@= "Shockwave Flash Object "
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@= "c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash10h.ocx "
"ThreadingModel "= "Apartment "
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@= "0 "
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@= "ShockwaveFlash.ShockwaveFlash.10 "
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@= "c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash10h.ocx, 1 "
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@= "{D27CDB6B-AE6D-11cf-96B8-444553540000} "
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@= "1.0 "
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@= "ShockwaveFlash.ShockwaveFlash "
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@= "Macromedia Flash Factory Object "
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@= "c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash10h.ocx "
"ThreadingModel "= "Apartment "
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@= "FlashFactory.FlashFactory.1 "
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@= "c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash10h.ocx, 1 "
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@= "{D27CDB6B-AE6D-11cf-96B8-444553540000} "
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@= "1.0 "
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@= "FlashFactory.FlashFactory "
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}]
@Denied: (A 2) (Everyone)
@= "IFlashBroker4 "
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\ProxyStubClsid32]
@= "{00020424-0000-0000-C000-000000000046} "
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\TypeLib]
@= "{FAB3E735-69C7-453B-A446-B6823C6DF1C9} "
"Version "= "1.0 "
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
Completion time: 2011-03-30 19:52:02
ComboFix-quarantined-files.txt 2011-03-30 18:52
.
Pre-Run: 534,427,332,608 bytes free
Post-Run: 533,975,105,536 bytes free
.
- - End Of File - - 45C03901D2653CB8EA55FED95ED0B94F

This log file is located at C:\rkill.log.
Please post this only if requested to by the person helping you.
Otherwise you can close this log when you wish.

Rkill was run on 30/03/2011 at 20:00:05.
Operating System: Windows 7 Home Premium


Processes terminated by Rkill or while it was running:

C:\Windows\sysWow64\SearchProtocolHost.exe
C:\Windows\SysWOW64\runonce.exe



Rkill completed on 30/03/2011 at 20:00:10.

 

Very slow internet browser and error in Windows Live Mai; 2011

The OTL software seemed to scan well other than at the end where across the top of the dialogue box was written "not responding ". However it seemed to finish and produce both text files.

OTL logfile created on: 31/03/2011 21:06:48 - Run 1
OTL by OldTimer - Version 3.2.22.3 Folder = C:\Users\Nigel\Downloads
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 8.0.7601.17514)
Locale: 00000809 | Country: United Kingdom | Language: ENG | Date Format: dd/MM/yyyy

6.00 Gb Total Physical Memory | 5.00 Gb Available Physical Memory | 79.00% Memory free
12.00 Gb Paging File | 10.00 Gb Available in Paging File | 82.00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 596.07 Gb Total Space | 492.12 Gb Free Space | 82.56% Space Free | Partition Type: NTFS
Drive E: | 195.31 Gb Total Space | 47.64 Gb Free Space | 24.39% Space Free | Partition Type: NTFS
Drive F: | 736.20 Gb Total Space | 725.69 Gb Free Space | 98.57% Space Free | Partition Type: NTFS

Computer Name: DREAMMACHINE | User Name: Nigel | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Quick Scan | Include 64bit Scans
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2011/03/31 08:45:45 | 000,580,608 | ---- | M] (OldTimer Tools) -- C:\Users\Nigel\Downloads\OTL.exe
PRC - [2011/02/23 16:04:20 | 003,451,496 | ---- | M] (AVAST Software) -- C:\Program Files\Alwil Software\Avast5\AvastUI.exe
PRC - [2011/02/23 16:04:19 | 000,042,184 | ---- | M] (AVAST Software) -- C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
PRC - [2010/09/02 10:22:30 | 002,435,592 | ---- | M] (Check Point Software Technologies LTD) -- C:\Windows\SysWOW64\ZoneLabs\vsmon.exe
PRC - [2010/09/02 10:21:04 | 001,043,968 | ---- | M] (Check Point Software Technologies LTD) -- C:\Program Files (x86)\Zone Labs\ZoneAlarm\zlclient.exe
PRC - [2010/05/07 14:12:28 | 005,701,248 | ---- | M] (ASUSTeK Computer Inc.) -- C:\Program Files (x86)\ASUS\TurboV\TurboV.exe
PRC - [2010/03/04 23:38:00 | 000,071,096 | ---- | M] () -- C:\Program Files (x86)\CDBurnerXP\NMSAccessU.exe
PRC - [2010/01/22 12:29:40 | 000,106,496 | ---- | M] (NEC Electronics Corporation) -- C:\Program Files (x86)\NEC Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe
PRC - [2010/01/15 13:49:20 | 000,255,536 | ---- | M] (McAfee, Inc.) -- C:\Program Files (x86)\McAfee Security Scan\2.0.181\SSScheduler.exe
PRC - [2010/01/13 20:55:10 | 000,611,968 | ---- | M] (ASUSTeK Computer Inc.) -- C:\Program Files (x86)\ASUS\AI Suite\QFan3\QFanHelp.exe
PRC - [2009/12/01 21:24:52 | 007,275,008 | ---- | M] (ASUSTeK Computer Inc.) -- C:\Program Files (x86)\ASUS\EPU-6 Engine\SixEngine.exe
PRC - [2009/10/26 13:16:00 | 000,223,464 | ---- | M] (DeviceVM, Inc.) -- C:\Program Files (x86)\DeviceVM\Browser Configuration Utility\BCUService.exe
PRC - [2009/10/26 13:15:56 | 000,375,000 | ---- | M] (DeviceVM, Inc.) -- C:\Program Files (x86)\DeviceVM\Browser Configuration Utility\BCU.exe
PRC - [2009/09/15 18:47:36 | 000,479,232 | ---- | M] (Nikon Corporation) -- C:\Program Files (x86)\Common Files\Nikon\Monitor\NkMonitor.exe
PRC - [2009/08/19 12:56:38 | 000,090,112 | R--- | M] (ASUSTeK Computer Inc.) -- C:\Program Files (x86)\ASUS\AsSysCtrlService\1.00.03\AsSysCtrlService.exe
PRC - [2009/07/30 18:10:04 | 000,380,928 | ---- | M] (ASUSTeK Computer Inc.) -- C:\Program Files (x86)\ASUS\GamerOSD\GamerOSD.exe
PRC - [2009/07/27 11:13:28 | 000,061,440 | ---- | M] () -- C:\Windows\SysWOW64\ASDR.exe
PRC - [2009/03/05 16:07:20 | 002,260,480 | RHS- | M] (Safer-Networking Ltd.) -- C:\Program Files (x86)\Spybot - Search & Destroy\TeaTimer.exe
PRC - [2009/01/26 15:31:10 | 001,153,368 | ---- | M] (Safer Networking Ltd.) -- C:\Program Files (x86)\Spybot - Search & Destroy\SDWinSec.exe
PRC - [2008/09/16 12:03:18 | 000,169,312 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files (x86)\Adobe\Photoshop Elements 7.0\PhotoshopElementsFileAgent.exe
PRC - [2002/01/16 04:21:42 | 001,204,224 | ---- | M] (ASUSTeK Inc.) -- C:\Program Files (x86)\ASUS\SmartDoctor\SmartDoctor.exe


========== Modules (SafeList) ==========

MOD - [2011/03/31 08:45:45 | 000,580,608 | ---- | M] (OldTimer Tools) -- C:\Users\Nigel\Downloads\OTL.exe
MOD - [2011/03/09 17:54:14 | 000,018,176 | ---- | M] (McAfee, Inc.) -- c:\Program Files (x86)\McAfee\SiteAdvisor\sahook.dll
MOD - [2010/11/20 12:55:09 | 001,680,896 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2\comctl32.dll


========== Win32 Services (SafeList) ==========

SRV:64bit: - [2011/02/23 16:04:19 | 000,042,184 | ---- | M] (AVAST Software) [Auto | Running] -- C:\Program Files\Alwil Software\Avast5\AvastSvc.exe -- (avast! Antivirus)
SRV:64bit: - [2011/01/26 23:55:38 | 000,203,776 | ---- | M] (AMD) [Auto | Running] -- C:\Windows\SysNative\atiesrxx.exe -- (AMD External Events Utility)
SRV:64bit: - [2010/09/02 13:26:32 | 000,823,288 | ---- | M] (Check Point Software Technologies) [Auto | Running] -- C:\Program Files\CheckPoint\ZAForceField\IswSvc.exe -- (IswSvc)
SRV:64bit: - [2009/12/01 14:22:58 | 000,063,488 | ---- | M] (ASUSTeK COMPUTER INC.) [Auto | Running] -- C:\Windows\SysNative\ATKFUSService.exe -- (ATKFUSService)
SRV:64bit: - [2009/07/14 02:41:27 | 001,011,712 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV - [2011/02/16 16:49:08 | 000,101,048 | ---- | M] (McAfee, Inc.) [Auto | Running] -- c:\Program Files (x86)\McAfee\SiteAdvisor\mcsacore.exe -- (McAfee SiteAdvisor Service)
SRV - [2010/09/21 11:49:46 | 000,651,720 | ---- | M] (Macrovision Europe Ltd.) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe -- (FLEXnet Licensing Service)
SRV - [2010/09/02 10:22:30 | 002,435,592 | ---- | M] (Check Point Software Technologies LTD) [Auto | Running] -- C:\Windows\SysWOW64\ZoneLabs\vsmon.exe -- (vsmon)
SRV - [2010/03/29 08:53:22 | 000,068,000 | ---- | M] (NOS Microsystems Ltd.) [On_Demand | Stopped] -- C:\Program Files (x86)\NOS\bin\getPlus_Helper.dll -- (getPlusHelper) getPlus(R)
SRV - [2010/03/18 13:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2010/03/04 23:38:00 | 000,071,096 | ---- | M] () [Auto | Running] -- C:\Program Files (x86)\CDBurnerXP\NMSAccessU.exe -- (NMSAccess)
SRV - [2010/01/15 13:49:20 | 000,227,232 | ---- | M] (McAfee, Inc.) [On_Demand | Stopped] -- C:\Program Files (x86)\McAfee Security Scan\2.0.181\McCHSvc.exe -- (McComponentHostService)
SRV - [2009/10/26 13:16:00 | 000,223,464 | ---- | M] (DeviceVM, Inc.) [Auto | Running] -- C:\Program Files (x86)\DeviceVM\Browser Configuration Utility\BCUService.exe -- (BCUService)
SRV - [2009/08/19 12:56:38 | 000,090,112 | R--- | M] (ASUSTeK Computer Inc.) [Auto | Running] -- C:\Program Files (x86)\ASUS\AsSysCtrlService\1.00.03\AsSysCtrlService.exe -- (AsSysCtrlService)
SRV - [2009/07/27 11:13:28 | 000,061,440 | ---- | M] () [Auto | Running] -- C:\Windows\SysWOW64\ASDR.exe -- (ASDR)
SRV - [2009/06/10 22:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)
SRV - [2009/01/26 15:31:10 | 001,153,368 | ---- | M] (Safer Networking Ltd.) [Auto | Running] -- C:\Program Files (x86)\Spybot - Search & Destroy\SDWinSec.exe -- (SBSDWSCService)
SRV - [2008/09/16 12:03:18 | 000,169,312 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files (x86)\Adobe\Photoshop Elements 7.0\PhotoshopElementsFileAgent.exe -- (AdobeActiveFileMonitor7.0)


========== Driver Services (SafeList) ==========

DRV:64bit: - [2011/02/23 15:55:05 | 000,064,344 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\Windows\SysNative\drivers\aswMonFlt.sys -- (aswMonFlt)
DRV:64bit: - [2011/02/08 21:12:25 | 000,394,528 | ---- | M] (Marvell) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\yk62x64.sys -- (yukonw7)
DRV:64bit: - [2011/01/27 00:37:22 | 009,085,952 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\atikmdag.sys -- (amdkmdag)
DRV:64bit: - [2011/01/26 23:13:34 | 000,299,520 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\atikmpag.sys -- (amdkmdap)
DRV:64bit: - [2010/11/20 14:34:02 | 000,360,832 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\vpcvmm.sys -- (vpcvmm)
DRV:64bit: - [2010/11/20 14:34:02 | 000,194,944 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\vpchbus.sys -- (vpcbus)
DRV:64bit: - [2010/11/20 14:33:35 | 000,078,720 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:64bit: - [2010/11/20 14:32:47 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:64bit: - [2010/11/20 14:32:46 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:64bit: - [2010/11/20 12:35:32 | 000,095,232 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\vpcusb.sys -- (vpcusb)
DRV:64bit: - [2010/11/20 12:35:20 | 000,059,392 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\vpcnfltr.sys -- (vpcnfltr)
DRV:64bit: - [2010/11/20 12:07:05 | 000,059,392 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV:64bit: - [2010/11/17 13:04:32 | 000,115,216 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\AtihdW76.sys -- (AtiHDAudioService)
DRV:64bit: - [2010/09/28 16:44:52 | 000,051,712 | ---- | M] (Apple, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\usbaapl64.sys -- (USBAAPL64)
DRV:64bit: - [2010/09/21 11:48:59 | 000,052,856 | ---- | M] (Sonic Solutions) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\PxHlpa64.sys -- (PxHlpa64)
DRV:64bit: - [2010/09/02 13:26:10 | 000,033,528 | ---- | M] (Check Point Software Technologies) [Kernel | Auto | Running] -- C:\Program Files\CheckPoint\ZAForceField\ISWKL.sys -- (ISWKL)
DRV:64bit: - [2010/07/20 18:26:36 | 000,016,384 | ---- | M] (ASUSTeK Computer Inc.) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\EIO64.sys -- (EIO64)
DRV:64bit: - [2010/05/15 17:30:52 | 000,458,840 | ---- | M] (Check Point Software Technologies LTD) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\vsdatant.sys -- (Vsdatant)
DRV:64bit: - [2010/05/06 10:21:46 | 000,125,456 | ---- | M] (ATI Technologies, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\AtiHdmi.sys -- (AtiHdmiService)
DRV:64bit: - [2010/01/22 12:22:22 | 000,180,224 | ---- | M] (NEC Electronics Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\nusb3xhc.sys -- (nusb3xhc)
DRV:64bit: - [2010/01/22 12:22:18 | 000,077,824 | ---- | M] (NEC Electronics Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\nusb3hub.sys -- (nusb3hub)
DRV:64bit: - [2009/12/25 08:05:40 | 000,297,512 | ---- | M] (Marvell Semiconductor, Inc.) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\mv91xx.sys -- (mv91xx)
DRV:64bit: - [2009/07/16 04:38:40 | 000,015,416 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\ASACPI.sys -- (MTsensor)
DRV:64bit: - [2009/07/14 02:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:64bit: - [2009/07/14 02:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:64bit: - [2009/07/14 02:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:64bit: - [2009/06/10 21:38:56 | 000,000,308 | ---- | M] () [File_System | On_Demand | Running] -- C:\Windows\SysNative\wbem\ntfs.mof -- (Ntfs)
DRV:64bit: - [2009/06/10 21:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:64bit: - [2009/06/10 21:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:64bit: - [2009/06/10 21:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
DRV:64bit: - [2009/06/10 21:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
DRV:64bit: - [2009/05/18 14:17:08 | 000,034,152 | ---- | M] (GEAR Software Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\GEARAspiWDM.sys -- (GEARAspiWDM)
DRV:64bit: - [2009/02/17 18:22:22 | 000,039,424 | ---- | M] (ASUSTeK Computer Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\ATKDispLowFilter.sys -- (atkdisplf)
DRV:64bit: - [2009/02/17 18:22:22 | 000,017,792 | ---- | M] (ASUSTeK Computer Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\asusgsb.sys -- (asusgsb)
DRV - [2009/11/12 14:48:56 | 000,007,168 | ---- | M] () [File_System | On_Demand | Stopped] -- C:\Windows\SysWow64\drivers\StarOpen.sys -- (StarOpen)
DRV - [2007/02/07 19:27:46 | 000,014,104 | ---- | M] (Windows (R) Server 2003 DDK provider) [Kernel | Boot | Running] -- C:\Windows\SysWOW64\speedfan.sys -- (speedfan)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm


IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0



IE - HKU\S-1-5-21-2461483713-2889394737-1746768284-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.talktalk.co.uk/
IE - HKU\S-1-5-21-2461483713-2889394737-1746768284-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = en-gb
IE - HKU\S-1-5-21-2461483713-2889394737-1746768284-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 9C 29 4F F2 5D 10 CB 01 [binary data]
IE - HKU\S-1-5-21-2461483713-2889394737-1746768284-1000\..\URLSearchHook: {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
IE - HKU\S-1-5-21-2461483713-2889394737-1746768284-1000\..\URLSearchHook: {BC86E1AB-EDA5-4059-938F-CE307B0C6F0A} - C:\Program Files (x86)\DeviceVM\Browser Configuration Utility\AddressBarSearch.dll (DeviceVM, Inc.)
IE - HKU\S-1-5-21-2461483713-2889394737-1746768284-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

========== FireFox ==========

FF - prefs.js..browser.search.defaultenginename: "Yahoo "
FF - prefs.js..browser.search.order.1: "Yahoo "
FF - prefs.js..browser.search.order.2: " "
FF - prefs.js..browser.search.selectedEngine: "Google "
FF - prefs.js..browser.startup.homepage: "http://en-US.start3.mozilla.com/firefox?client=firefox-a&rls=org.mozilla:en-USfficial "
FF - prefs.js..extensions.enabledItems: {B7082FAA-CB62-4872-9106-E42DD88EDE45}:3.3.1
FF - prefs.js..extensions.enabledItems: {E2883E8F-472F-4fb0-9522-AC9BF37916A7}:1.6.2.63
FF - prefs.js..keyword.URL: "http://uk.search.yahoo.com/search?fr=mcafee&p= "


FF - HKLM\software\mozilla\Firefox\Extensions\\smartwebprinting@hp.com: C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2010/07/28 22:33:46 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Firefox\Extensions\\wrc@avast.com: C:\Program Files\Alwil Software\Avast5\WebRep\FF [2011/03/06 21:00:26 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Firefox\Extensions\\{B7082FAA-CB62-4872-9106-E42DD88EDE45}: C:\Program Files (x86)\McAfee\SiteAdvisor [2011/03/28 19:21:40 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.16\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2011/03/24 23:05:22 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.16\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2011/03/24 23:05:22 | 000,000,000 | ---D | M]

[2010/06/09 15:34:16 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Nigel\AppData\Roaming\Mozilla\Extensions
[2011/03/31 16:17:03 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Nigel\AppData\Roaming\Mozilla\Firefox\Profiles\9g07cv7l.default\extensions
[2010/07/22 08:05:33 | 000,000,000 | ---D | M] (Adobe DLM (powered by getPlus(R))) -- C:\Users\Nigel\AppData\Roaming\Mozilla\Firefox\Profiles\9g07cv7l.default\extensions\{E2883E8F-472F-4fb0-9522-AC9BF37916A7}
[2010/06/09 15:34:01 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\extensions
[2011/03/28 19:21:40 | 000,000,000 | ---D | M] (McAfee SiteAdvisor) -- C:\PROGRAM FILES (X86)\MCAFEE\SITEADVISOR
[2010/06/09 18:00:25 | 000,002,027 | ---- | M] () -- C:\Program Files (x86)\Mozilla Firefox\searchplugins\McSiteAdvisor.xml

O1 HOSTS File: ([2009/06/10 22:00:26 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O2:64bit: - BHO: (McAfee SiteAdvisor BHO) - {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll (McAfee, Inc.)
O2 - BHO: (Spybot-S&D IE Protection) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files (x86)\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
O2 - BHO: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\Alwil Software\Avast5\aswWebRepIE.dll ()
O2 - BHO: (McAfee SiteAdvisor BHO) - {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
O3:64bit: - HKLM\..\Toolbar: (McAfee SiteAdvisor Toolbar) - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll (McAfee, Inc.)
O3 - HKLM\..\Toolbar: (McAfee SiteAdvisor Toolbar) - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
O3 - HKLM\..\Toolbar: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\Alwil Software\Avast5\aswWebRepIE.dll ()
O3 - HKU\S-1-5-21-2461483713-2889394737-1746768284-1000\..\Toolbar\WebBrowser: (no name) - {D4027C7F-154A-4066-A1AD-4243D8127440} - No CLSID value found.
O4:64bit: - HKLM..\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Realtek Semiconductor)
O4 - HKLM..\Run: [ASUSGamerOSD] C:\Program Files (x86)\ASUS\GamerOSD\GamerOSD.exe (ASUSTeK Computer Inc.)
O4 - HKLM..\Run: [ATICustomerCare] C:\Program Files (x86)\ATI\ATICustomerCare\ATICustomerCare.exe (Advanced Micro Devices, Inc.)
O4 - HKLM..\Run: [BCU] C:\Program Files (x86)\DeviceVM\Browser Configuration Utility\BCU.exe (DeviceVM, Inc.)
O4 - HKLM..\Run: [Cpu Level Up help] C:\Program Files (x86)\ASUS\AI Suite\CpuLevelUpHelp.exe ()
O4 - HKLM..\Run: [Nikon Transfer Monitor] C:\Program Files (x86)\Common Files\Nikon\Monitor\NkMonitor.exe (Nikon Corporation)
O4 - HKLM..\Run: [NUSB3MON] C:\Program Files (x86)\NEC Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe (NEC Electronics Corporation)
O4 - HKLM..\Run: [QFan Help] C:\Program Files (x86)\ASUS\AI Suite\QFan3\QFanHelp.exe (ASUSTeK Computer Inc.)
O4 - HKLM..\Run: [StartCCC] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.)
O4 - HKLM..\Run: [TurboV] C:\Program Files (x86)\ASUS\TurboV\TurboV.exe (ASUSTeK Computer Inc.)
O4 - HKLM..\Run: [ZoneAlarm Client] C:\Program Files (x86)\Zone Labs\ZoneAlarm\zlclient.exe (Check Point Software Technologies LTD)
O4 - HKU\S-1-5-21-2461483713-2889394737-1746768284-1000..\Run: [SpybotSD TeaTimer] C:\Program Files (x86)\Spybot - Search & Destroy\TeaTimer.exe (Safer-Networking Ltd.)
O4 - Startup: C:\Users\Nigel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Nikon Monitor.lnk = C:\Program Files (x86)\Common Files\Nikon\Monitor\NkMonitor.exe (Nikon Corporation)
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O7 - HKU\.DEFAULT\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-18\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-19\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-20\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-21-2461483713-2889394737-1746768284-1000\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-21-2461483713-2889394737-1746768284-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O9 - Extra 'Tools' menuitem : Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files (x86)\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab (Java Plug-in 1.6.0_20)
O16 - DPF: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab (Java Plug-in 1.6.0_20)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab (Java Plug-in 1.6.0_20)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.0.1
O18:64bit: - Protocol\Handler\dssrequest {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll (McAfee, Inc.)
O18:64bit: - Protocol\Handler\grooveLocalGWS {88FED34C-F0CA-4636-A375-3CB6248B04CD} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\livecall {828030A1-22C1-4009-854F-8E305202313F} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\msnim {828030A1-22C1-4009-854F-8E305202313F} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\sacore {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll (McAfee, Inc.)
O18:64bit: - Protocol\Handler\wlmailhtml {03C514A3-1EFB-4856-9F99-10D7BE1653C0} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\wlpg {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - Reg Error: Key error. File not found
O18 - Protocol\Handler\dssrequest {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
O18 - Protocol\Handler\sacore {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
O20:64bit: - HKLM Winlogon: Shell - (Explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\SysNative\SystemPropertiesPerformance.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O28:64bit: - HKLM ShellExecuteHooks: {AEB6717E-7E19-11d0-97EE-00C04FD91972} - Reg Error: Key error. File not found
O28 - HKLM ShellExecuteHooks: {AEB6717E-7E19-11d0-97EE-00C04FD91972} - Reg Error: Key error. File not found
O32 - HKLM CDRom: AutoRun - 1
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = ComFile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = ComFile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*


Drivers32:64bit: msacm.l3acm - C:\Windows\System32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32:64bit: VIDC.FPS1 - frapsv64.dll (Beepa P/L)
Drivers32:64bit: VIDC.XFR1 - xfcodec64.dll ()
Drivers32: msacm.divxa32 - C:\Windows\SysWow64\msaud32_divx.acm (Microsoft Corporation)
Drivers32: msacm.l3acm - C:\Windows\SysWOW64\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: vidc.cvid - C:\Windows\SysWow64\iccvid.dll (Radius Inc.)
Drivers32: VIDC.FPS1 - C:\Windows\SysWow64\frapsvid.dll (Beepa P/L)
Drivers32: vidc.XVID - C:\Windows\SysWow64\xvidvfw.dll ()

CREATERESTOREPOINT
Restore point Set: OTL Restore Point

========== Files/Folders - Created Within 30 Days ==========

[2011/03/31 08:50:42 | 000,000,000 | ---D | C] -- C:\Users\Nigel\AppData\Local\{AD9A8F06-4416-44E5-98E5-54929967DC7C}
[2011/03/30 21:33:52 | 000,000,000 | -HSD | C] -- C:\$RECYCLE.BIN
[2011/03/30 19:46:19 | 000,161,792 | ---- | C] (SteelWerX) -- C:\Windows\SWREG.exe
[2011/03/30 19:46:19 | 000,136,704 | ---- | C] (SteelWerX) -- C:\Windows\SWSC.exe
[2011/03/30 19:46:19 | 000,031,232 | ---- | C] (NirSoft) -- C:\Windows\NIRCMD.exe
[2011/03/30 19:46:15 | 000,000,000 | ---D | C] -- C:\Windows\ERDNT
[2011/03/30 19:45:44 | 000,000,000 | ---D | C] -- C:\Qoobox
[2011/03/30 19:45:30 | 000,212,480 | ---- | C] (SteelWerX) -- C:\Windows\SWXCACLS.exe
[2011/03/30 16:19:32 | 000,000,000 | ---D | C] -- C:\Users\Nigel\AppData\Local\{C06A3EAF-C814-4FC9-8E8D-8C64058E923E}
[2011/03/30 09:47:01 | 000,000,000 | ---D | C] -- C:\Users\Nigel\AppData\Local\{3F2A7146-8A88-425C-A3E1-0B061FCFCCC5}
[2011/03/29 21:23:15 | 000,000,000 | ---D | C] -- C:\Users\Nigel\AppData\Local\{FCDA7B7C-5F00-45A8-B857-4BFD6F43BE7E}
[2011/03/29 08:48:57 | 000,000,000 | ---D | C] -- C:\Users\Nigel\AppData\Local\{9FC4554F-7511-4F86-8102-E3AA3437C847}
[2011/03/28 21:49:40 | 000,000,000 | ---D | C] -- C:\Users\Nigel\AppData\Roaming\HPAppData
[2011/03/28 13:18:19 | 000,000,000 | ---D | C] -- C:\Users\Nigel\AppData\Local\{EA12B464-4C07-48C5-A7C7-BEC79CB9A571}
[2011/03/28 13:17:32 | 000,000,000 | ---D | C] -- C:\Users\Nigel\AppData\Local\{5D9093B1-AD34-4E88-BE08-983A444C66BC}
[2011/03/27 13:18:22 | 000,000,000 | ---D | C] -- C:\Users\Nigel\AppData\Local\{8CD35F94-BAB8-4E1A-8CE9-05A235AE542F}
[2011/03/26 22:39:32 | 000,000,000 | ---D | C] -- C:\Users\Nigel\AppData\Local\{277E537C-7AAB-46C8-8F5C-40C067488816}
[2011/03/26 22:34:40 | 000,000,000 | ---D | C] -- C:\Windows\en
[2011/03/26 22:31:46 | 000,000,000 | ---D | C] -- C:\Program Files\Windows Live
[2011/03/26 22:14:17 | 000,000,000 | ---D | C] -- C:\Users\Nigel\Documents\Widows Live Mail 2011 Backup of all folders_26.3.2011
[2011/03/23 15:14:55 | 000,000,000 | ---D | C] -- C:\Users\Nigel\Documents\Windows Live Mail Backup_23.3.11
[2011/03/22 18:21:20 | 000,000,000 | ---D | C] -- C:\Users\Nigel\Documents\New folder
[2011/03/20 22:24:52 | 000,000,000 | ---D | C] -- C:\Users\Nigel\AppData\Roaming\Malwarebytes
[2011/03/20 22:24:45 | 000,038,224 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysWow64\drivers\mbamswissarmy.sys
[2011/03/20 22:24:45 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware
[2011/03/20 22:24:45 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2011/03/20 22:24:42 | 000,024,152 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbam.sys
[2011/03/20 22:24:42 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware
[2011/03/20 18:13:52 | 000,000,000 | ---D | C] -- C:\Users\Nigel\Documents\P6X58D-E-ASUS-0502
[2011/03/20 12:09:03 | 000,000,000 | ---D | C] -- C:\ProgramData\ATI
[2011/03/20 12:08:27 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ATI Stream SDK v2
[2011/03/20 12:08:27 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\ATI Stream
[2011/03/20 12:08:23 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Catalyst Control Center
[2011/03/12 21:41:24 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
[2011/03/12 21:41:16 | 000,000,000 | ---D | C] -- C:\Program Files\iTunes
[2011/03/12 21:41:16 | 000,000,000 | ---D | C] -- C:\Program Files\iPod
[2011/03/06 21:01:36 | 000,000,000 | ---D | C] -- C:\Users\Nigel\Documents\EA Games
[2011/03/06 21:00:26 | 000,505,176 | ---- | C] (AVAST Software) -- C:\Windows\SysNative\drivers\aswSnx.sys
[2011/03/03 23:31:14 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\SPReview
[2011/03/03 23:30:23 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\EventProviders
[2011/03/03 23:27:51 | 000,116,224 | ---- | C] (Windows (R) Codename Longhorn DDK provider) -- C:\Windows\SysNative\fms.dll
[2011/03/03 23:27:29 | 000,093,696 | ---- | C] (Windows (R) Codename Longhorn DDK provider) -- C:\Windows\SysWow64\fms.dll
[2011/03/03 22:27:27 | 000,000,000 | ---D | C] -- C:\Users\Nigel\Documents\Splinter Cell Chaos Theory Fixes
[2011/03/02 09:35:53 | 000,000,000 | ---D | C] -- C:\Users\Nigel\Documents\ASUS
[2 C:\Windows\SysNative\drivers\*.tmp files -> C:\Windows\SysNative\drivers\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2011/03/31 19:35:44 | 000,726,316 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2011/03/31 19:35:44 | 000,630,154 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2011/03/31 19:35:44 | 000,111,328 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2011/03/31 19:04:06 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2011/03/31 12:20:21 | 000,013,632 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2011/03/31 12:20:21 | 000,013,632 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2011/03/31 12:13:02 | 529,879,039 | -HS- | M] () -- C:\hiberfil.sys
[2011/03/29 14:35:47 | 000,035,372 | ---- | M] () -- C:\Users\Nigel\Documents\avast scan_29.3.11..png
[2011/03/29 13:19:32 | 000,001,486 | ---- | M] () -- C:\Users\Nigel\Desktop\gmer - Shortcut.lnk
[2011/03/29 13:15:27 | 000,003,364 | ---- | M] () -- C:\Users\Nigel\Desktop\DDS_2.zip
[2011/03/29 13:15:16 | 000,006,830 | ---- | M] () -- C:\Users\Nigel\Desktop\DDS_1.zip
[2011/03/29 12:56:38 | 000,137,101 | ---- | M] () -- C:\Users\Nigel\Desktop\avast files that cannnot be scanned_29.3.11..jpg
[2011/03/27 19:08:25 | 000,083,487 | ---- | M] () -- C:\Users\Nigel\Documents\Road Safety Camera Car Rules.pdf
[2011/03/26 23:42:44 | 000,005,633 | ---- | M] () -- C:\Users\Nigel\Documents\Saved Contacts MSN.csv
[2011/03/26 22:44:23 | 000,001,137 | ---- | M] () -- C:\Users\Nigel\Application Data\Microsoft\Internet Explorer\Quick Launch\Microsoft Office Outlook.lnk
[2011/03/26 22:36:27 | 000,421,592 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
[2011/03/24 09:33:03 | 000,002,014 | ---- | M] () -- C:\Users\Public\Desktop\Adobe Reader 9.lnk
[2011/03/22 00:06:11 | 000,002,624 | ---- | M] () -- C:\Users\Nigel\Documents\energy-report.zip
[2011/03/20 22:24:45 | 000,001,113 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk
[2011/03/20 18:12:05 | 001,089,487 | ---- | M] () -- C:\Users\Nigel\Documents\P6X58D-E-ASUS-0502.zip
[2011/03/19 23:17:20 | 000,019,179 | ---- | M] () -- C:\Users\Nigel\Documents\energy-report.html
[2011/03/18 17:11:03 | 000,268,518 | ---- | M] () -- C:\Users\Nigel\Documents\Why Buy Hurst Plastics - Product - Compsite Doors copy.pdf
[2011/03/14 22:44:37 | 000,000,817 | ---- | M] () -- C:\Users\Nigel\Desktop\CoreTemp.ini
[2011/03/14 22:44:13 | 000,000,011 | ---- | M] () -- C:\Users\Nigel\Desktop\Plugins.ini
[2011/03/12 21:41:24 | 000,001,783 | ---- | M] () -- C:\Users\Public\Desktop\iTunes.lnk
[2011/03/11 13:23:06 | 000,012,259 | ---- | M] () -- C:\Users\Nigel\Documents\New Chair Invoice_11.3.11..pdf
[2011/03/07 17:31:11 | 000,000,000 | ---- | M] () -- C:\Windows\SysWow64\config.nt
[2011/03/03 18:27:41 | 000,924,051 | ---- | M] () -- C:\Users\Nigel\Documents\Sam's Latest Timetable_Feb 2011.pdf
[2011/03/03 14:45:07 | 000,022,752 | ---- | M] () -- C:\Windows\hpqins15.dat
[2011/03/03 14:20:19 | 000,022,752 | ---- | M] () -- C:\Windows\hpqins15.dat.temp
[2 C:\Windows\SysNative\drivers\*.tmp files -> C:\Windows\SysNative\drivers\*.tmp -> ]

========== Files Created - No Company Name ==========

[2011/03/30 19:46:19 | 000,256,512 | ---- | C] () -- C:\Windows\PEV.exe
[2011/03/30 19:46:19 | 000,098,816 | ---- | C] () -- C:\Windows\sed.exe
[2011/03/30 19:46:19 | 000,089,088 | ---- | C] () -- C:\Windows\MBR.exe
[2011/03/30 19:46:19 | 000,080,412 | ---- | C] () -- C:\Windows\grep.exe
[2011/03/30 19:46:19 | 000,068,096 | ---- | C] () -- C:\Windows\zip.exe
[2011/03/29 14:35:47 | 000,035,372 | ---- | C] () -- C:\Users\Nigel\Documents\avast scan_29.3.11..png
[2011/03/29 13:19:32 | 000,001,486 | ---- | C] () -- C:\Users\Nigel\Desktop\gmer - Shortcut.lnk
[2011/03/29 13:15:27 | 000,003,364 | ---- | C] () -- C:\Users\Nigel\Desktop\DDS_2.zip
[2011/03/29 13:15:16 | 000,006,830 | ---- | C] () -- C:\Users\Nigel\Desktop\DDS_1.zip
[2011/03/29 12:56:38 | 000,137,101 | ---- | C] () -- C:\Users\Nigel\Desktop\avast files that cannnot be scanned_29.3.11..jpg
[2011/03/27 19:08:25 | 000,083,487 | ---- | C] () -- C:\Users\Nigel\Documents\Road Safety Camera Car Rules.pdf
[2011/03/26 23:42:42 | 000,005,633 | ---- | C] () -- C:\Users\Nigel\Documents\Saved Contacts MSN.csv
[2011/03/26 22:32:41 | 000,001,458 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Live Mail.lnk
[2011/03/24 09:33:03 | 000,002,014 | ---- | C] () -- C:\Users\Public\Desktop\Adobe Reader 9.lnk
[2011/03/22 00:06:11 | 000,002,624 | ---- | C] () -- C:\Users\Nigel\Documents\energy-report.zip
[2011/03/20 22:24:45 | 000,001,113 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk
[2011/03/20 18:12:04 | 001,089,487 | ---- | C] () -- C:\Users\Nigel\Documents\P6X58D-E-ASUS-0502.zip
[2011/03/19 23:17:20 | 000,019,179 | ---- | C] () -- C:\Users\Nigel\Documents\energy-report.html
[2011/03/18 17:11:03 | 000,268,518 | ---- | C] () -- C:\Users\Nigel\Documents\Why Buy Hurst Plastics - Product - Compsite Doors copy.pdf
[2011/03/14 22:44:13 | 000,000,817 | ---- | C] () -- C:\Users\Nigel\Desktop\CoreTemp.ini
[2011/03/14 22:44:13 | 000,000,011 | ---- | C] () -- C:\Users\Nigel\Desktop\Plugins.ini
[2011/03/12 21:41:24 | 000,001,783 | ---- | C] () -- C:\Users\Public\Desktop\iTunes.lnk
[2011/03/11 13:23:05 | 000,012,259 | ---- | C] () -- C:\Users\Nigel\Documents\New Chair Invoice_11.3.11..pdf
[2011/03/03 23:28:30 | 000,347,904 | ---- | C] () -- C:\Windows\SysNative\systemsf.ebd
[2011/03/03 23:27:18 | 000,010,429 | ---- | C] () -- C:\Windows\SysNative\ScavengeSpace.xml
[2011/03/03 23:27:07 | 000,105,559 | ---- | C] () -- C:\Windows\SysWow64\RacRules.xml
[2011/03/03 23:27:07 | 000,105,559 | ---- | C] () -- C:\Windows\SysNative\RacRules.xml
[2011/03/03 23:26:54 | 000,001,041 | ---- | C] () -- C:\Windows\SysWow64\tcpbidi.xml
[2011/03/03 18:27:38 | 000,924,051 | ---- | C] () -- C:\Users\Nigel\Documents\Sam's Latest Timetable_Feb 2011.pdf
[2010/12/21 03:27:22 | 000,003,113 | ---- | C] () -- C:\Windows\SysWow64\atipblag.dat
[2010/11/12 12:05:50 | 000,022,752 | ---- | C] () -- C:\Windows\hpqins15.dat.temp
[2010/09/06 22:24:50 | 005,653,224 | ---- | C] () -- C:\Windows\SysWow64\SpoonUninstall.exe
[2010/09/06 22:24:50 | 000,015,347 | ---- | C] () -- C:\Windows\SysWow64\SpoonUninstall-dBpoweramp Music Converter.dat
[2010/07/28 22:33:01 | 000,022,752 | ---- | C] () -- C:\Windows\hpqins15.dat
[2010/07/20 20:14:57 | 000,053,248 | ---- | C] () -- C:\Windows\SysWow64\asrussian.dll
[2010/07/20 20:14:57 | 000,053,248 | ---- | C] () -- C:\Windows\SysWow64\askorean.dll
[2010/07/20 20:14:57 | 000,053,248 | ---- | C] () -- C:\Windows\SysWow64\asjapan.dll
[2010/07/20 20:14:57 | 000,053,248 | ---- | C] () -- C:\Windows\SysWow64\asgerman.dll
[2010/07/20 20:14:57 | 000,053,248 | ---- | C] () -- C:\Windows\SysWow64\asfrench.dll
[2010/07/20 20:14:57 | 000,053,248 | ---- | C] () -- C:\Windows\SysWow64\aseng.dll
[2010/07/20 20:14:57 | 000,053,248 | ---- | C] () -- C:\Windows\SysWow64\ASCHT.dll
[2010/07/20 20:14:57 | 000,053,248 | ---- | C] () -- C:\Windows\SysWow64\aschs.dll
[2010/07/20 20:14:56 | 000,761,856 | ---- | C] () -- C:\Windows\SysWow64\xvidcore.dll
[2010/07/20 20:14:56 | 000,180,224 | ---- | C] () -- C:\Windows\SysWow64\xvidvfw.dll
[2010/07/08 19:03:38 | 000,011,832 | ---- | C] () -- C:\Windows\SysWow64\drivers\AsInsHelp64.sys
[2010/07/08 19:03:38 | 000,010,216 | ---- | C] () -- C:\Windows\SysWow64\drivers\AsInsHelp32.sys
[2010/06/28 20:16:44 | 000,007,168 | ---- | C] () -- C:\Windows\SysWow64\drivers\StarOpen.sys
[2010/06/21 22:11:45 | 000,069,632 | R--- | C] () -- C:\Windows\SysWow64\xmltok.dll
[2010/06/21 22:11:45 | 000,036,864 | R--- | C] () -- C:\Windows\SysWow64\xmlparse.dll
[2010/06/13 16:56:52 | 000,000,268 | RH-- | C] () -- C:\ProgramData\Colors
[2010/06/13 16:56:52 | 000,000,268 | RH-- | C] () -- C:\Users\Nigel\AppData\Roaming\Clips
[2010/06/13 16:56:52 | 000,000,020 | -H-- | C] () -- C:\ProgramData\PKP_DLdw.DAT
[2010/06/13 16:56:52 | 000,000,012 | RH-- | C] () -- C:\ProgramData\Configure Folder Actions
[2010/06/13 16:54:58 | 000,000,268 | RH-- | C] () -- C:\ProgramData\ColorSync
[2010/06/13 16:54:58 | 000,000,268 | RH-- | C] () -- C:\Users\Nigel\AppData\Roaming\Classical
[2010/06/13 16:54:58 | 000,000,020 | -H-- | C] () -- C:\ProgramData\PKP_DLdu.DAT
[2010/06/13 16:54:58 | 000,000,012 | RH-- | C] () -- C:\ProgramData\Common
[2010/06/11 18:23:50 | 000,164,766 | ---- | C] () -- C:\Windows\hpoins13.dat
[2010/06/11 18:23:50 | 000,000,457 | ---- | C] () -- C:\Windows\hpomdl13.dat
[2010/06/09 16:17:49 | 000,000,000 | ---- | C] () -- C:\Windows\ativpsrm.bin
[2010/06/09 15:03:56 | 000,024,576 | R--- | C] () -- C:\Windows\SysWow64\AsIO.dll
[2010/06/09 15:03:56 | 000,013,440 | R--- | C] () -- C:\Windows\SysWow64\drivers\AsIO.sys
[2010/06/09 14:51:30 | 000,001,769 | ---- | C] () -- C:\Windows\Language_trs.ini
[2010/06/09 14:51:24 | 000,030,366 | ---- | C] () -- C:\Windows\Ascd_tmp.ini
[2009/07/27 11:13:28 | 000,061,440 | ---- | C] () -- C:\Windows\SysWow64\ASDR.exe
[2009/07/14 06:38:36 | 000,067,584 | --S- | C] () -- C:\Windows\bootstat.dat
[2009/07/14 03:35:51 | 000,000,741 | ---- | C] () -- C:\Windows\SysWow64\NOISE.DAT
[2009/07/14 03:34:42 | 000,215,943 | ---- | C] () -- C:\Windows\SysWow64\dssec.dat
[2009/07/14 01:10:29 | 000,043,131 | ---- | C] () -- C:\Windows\mib.bin
[2009/07/14 00:42:10 | 000,064,000 | ---- | C] () -- C:\Windows\SysWow64\BWContextHandler.dll
[2009/07/13 22:03:59 | 000,364,544 | ---- | C] () -- C:\Windows\SysWow64\msjetoledb40.dll
[2009/06/10 22:26:10 | 000,673,088 | ---- | C] () -- C:\Windows\SysWow64\mlang.dat
[2009/04/02 13:30:14 | 000,010,296 | ---- | C] () -- C:\Windows\SysWow64\drivers\ASUSHWIO.SYS
[2008/10/07 10:13:30 | 000,197,912 | ---- | C] () -- C:\Windows\SysWow64\physxcudart_20.dll
[2008/10/07 10:13:22 | 000,058,648 | ---- | C] () -- C:\Windows\SysWow64\AgCPanelTraditionalChinese.dll
[2008/10/07 10:13:20 | 000,058,648 | ---- | C] () -- C:\Windows\SysWow64\AgCPanelSwedish.dll
[2008/10/07 10:13:20 | 000,058,648 | ---- | C] () -- C:\Windows\SysWow64\AgCPanelSpanish.dll
[2008/10/07 10:13:20 | 000,058,648 | ---- | C] () -- C:\Windows\SysWow64\AgCPanelSimplifiedChinese.dll
[2008/10/07 10:13:20 | 000,058,648 | ---- | C] () -- C:\Windows\SysWow64\AgCPanelPortugese.dll
[2008/10/07 10:13:20 | 000,058,648 | ---- | C] () -- C:\Windows\SysWow64\AgCPanelKorean.dll
[2008/10/07 10:13:20 | 000,058,648 | ---- | C] () -- C:\Windows\SysWow64\AgCPanelJapanese.dll
[2008/10/07 10:13:20 | 000,058,648 | ---- | C] () -- C:\Windows\SysWow64\AgCPanelGerman.dll
[2008/10/07 10:13:20 | 000,058,648 | ---- | C] () -- C:\Windows\SysWow64\AgCPanelFrench.dll

========== LOP Check ==========

[2011/01/30 13:24:43 | 000,000,000 | ---D | M] -- C:\Users\Lorraine\AppData\Roaming\Windows Live Writer
[2011/02/27 22:49:25 | 000,000,000 | ---D | M] -- C:\Users\Nigel\AppData\Roaming\Amazon
[2010/08/27 19:51:51 | 000,000,000 | ---D | M] -- C:\Users\Nigel\AppData\Roaming\Audacity
[2010/06/28 20:16:50 | 000,000,000 | ---D | M] -- C:\Users\Nigel\AppData\Roaming\Canneverbe Limited
[2010/06/22 19:09:02 | 000,000,000 | ---D | M] -- C:\Users\Nigel\AppData\Roaming\DeepBurner
[2010/06/19 19:17:44 | 000,000,000 | ---D | M] -- C:\Users\Nigel\AppData\Roaming\Facebook
[2010/12/21 17:55:59 | 000,000,000 | ---D | M] -- C:\Users\Nigel\AppData\Roaming\FinalTorrent
[2010/12/24 16:03:30 | 000,000,000 | ---D | M] -- C:\Users\Nigel\AppData\Roaming\FreeFileViewer
[2010/12/20 21:03:08 | 000,000,000 | ---D | M] -- C:\Users\Nigel\AppData\Roaming\GetRightToGo
[2010/12/24 14:41:39 | 000,000,000 | ---D | M] -- C:\Users\Nigel\AppData\Roaming\NetAssistant
[2010/06/30 20:29:18 | 000,000,000 | ---D | M] -- C:\Users\Nigel\AppData\Roaming\Nikon
[2010/10/28 20:35:47 | 000,000,000 | ---D | M] -- C:\Users\Nigel\AppData\Roaming\Windows Live Writer
[2011/03/21 08:52:42 | 000,032,620 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT

========== Purity Check ==========



========== Custom Scans ==========


< >

< %SYSTEMDRIVE%\*.* >
[2010/07/02 21:48:54 | 000,000,157 | ---- | M] () -- C:\AsCD.log
[2010/06/09 23:23:05 | 000,000,160 | ---- | M] () -- C:\bookmark.ini.BAK
[2011/03/30 19:52:02 | 000,023,659 | ---- | M] () -- C:\ComboFix.txt
[2010/07/02 22:00:52 | 000,000,177 | -H-- | M] () -- C:\dvmexp.idx.BAK
[2011/03/31 12:13:02 | 529,879,039 | -HS- | M] () -- C:\hiberfil.sys
[2007/01/10 02:05:34 | 000,004,286 | R--- | M] () -- C:\Netgear.ico
[2011/03/31 12:13:06 | 2138,165,247 | -HS- | M] () -- C:\pagefile.sys
[2011/03/30 20:00:10 | 000,000,440 | ---- | M] () -- C:\rkill.log

< %systemroot%\Fonts\*.com >
[2009/07/14 06:32:31 | 000,026,040 | ---- | M] () -- C:\Windows\Fonts\GlobalMonospace.CompositeFont
[2009/07/14 06:32:31 | 000,026,489 | ---- | M] () -- C:\Windows\Fonts\GlobalSansSerif.CompositeFont
[2009/07/14 06:32:31 | 000,029,779 | ---- | M] () -- C:\Windows\Fonts\GlobalSerif.CompositeFont
[2009/07/14 06:32:31 | 000,043,318 | ---- | M] () -- C:\Windows\Fonts\GlobalUserInterface.CompositeFont

< %systemroot%\Fonts\*.dll >

< %systemroot%\Fonts\*.ini >
[2009/06/10 21:49:50 | 000,000,065 | ---- | M] () -- C:\Windows\Fonts\desktop.ini

< %systemroot%\Fonts\*.ini2 >

< %systemroot%\Fonts\*.exe >

< %systemroot%\system32\spool\prtprocs\w32x86\*.* >

< %systemroot%\REPAIR\*.bak1 >

< %systemroot%\REPAIR\*.ini >

< %systemroot%\system32\*.jpg >

< %systemroot%\*.jpg >

< %systemroot%\*.png >

< %systemroot%\*.scr >
[2011/02/23 16:04:21 | 000,040,648 | ---- | M] (AVAST Software) -- C:\Windows\avastSS.scr
[2010/11/10 02:28:46 | 000,301,936 | ---- | M] (Microsoft Corporation) -- C:\Windows\WLXPGSS.SCR

< %systemroot%\*._sy >

< %APPDATA%\Adobe\Update\*.* >

< %ALLUSERSPROFILE%\Favorites\*.* >

< %APPDATA%\Microsoft\*.* >

< %PROGRAMFILES%\*.* >
[2009/07/14 05:54:24 | 000,000,174 | -HS- | M] () -- C:\Program Files (x86)\desktop.ini

< %APPDATA%\Update\*.* >

< %systemroot%\*. /mp /s >

< %systemroot%\System32\config\*.sav >

< %PROGRAMFILES%\bak. /s >

< %systemroot%\system32\bak. /s >

< %ALLUSERSPROFILE%\Start Menu\*.lnk /x >

< %systemroot%\system32\config\systemprofile\*.dat /x >

< %systemroot%\*.config >

< %systemroot%\system32\*.db >

< %APPDATA%\Microsoft\Internet Explorer\Quick Launch\*.lnk /x >
[2010/06/09 15:20:52 | 000,000,221 | -HS- | M] () -- C:\Users\Nigel\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\desktop.ini

< %USERPROFILE%\Desktop\*.exe >
[2010/05/08 13:47:04 | 000,403,472 | ---- | M] () -- C:\Users\Nigel\Desktop\Core Temp.exe
[2010/03/24 12:05:26 | 001,882,600 | ---- | M] (CPUID) -- C:\Users\Nigel\Desktop\cpuz.exe

< %PROGRAMFILES%\Common Files\*.* >

< %systemroot%\*.src >

< %systemroot%\install\*.* >

< %systemroot%\system32\DLL\*.* >

< %systemroot%\system32\HelpFiles\*.* >

< %systemroot%\system32\rundll\*.* >

< %systemroot%\winn32\*.* >

< %systemroot%\Java\*.* >

< %systemroot%\system32\test\*.* >

< %systemroot%\system32\Rundll32\*.* >

< %systemroot%\AppPatch\Custom\*.* >

< %APPDATA%\Roaming\Microsoft\Windows\Recent\*.lnk /x >

< %PROGRAMFILES%\PC-Doctor\Downloads\*.* >

< %PROGRAMFILES%\Internet Explorer\*.tmp >

< %PROGRAMFILES%\Internet Explorer\*.dat >

< %USERPROFILE%\My Documents\*.exe >

< %USERPROFILE%\*.exe >

< %systemroot%\ADDINS\*.* >
[2009/06/10 22:20:04 | 000,000,802 | ---- | M] () -- C:\Windows\addins\FXSEXT.ecf

< %systemroot%\assembly\*.bak2 >

< %systemroot%\Config\*.* >

< %systemroot%\REPAIR\*.bak2 >

< %systemroot%\SECURITY\Database\*.sdb /x >

< %systemroot%\SYSTEM\*.bak2 >

< %systemroot%\Web\*.bak2 >

< %systemroot%\Driver Cache\*.* >

< %PROGRAMFILES%\Mozilla Firefox\0*.exe >

< %ProgramFiles%\Microsoft Common\*.* >

< %ProgramFiles%\TinyProxy. >

< %USERPROFILE%\Favorites\*.url /x >

< %systemroot%\system32\*.bk >

< %systemroot%\*.te >

< %systemroot%\system32\system32\*.* >

< %ALLUSERSPROFILE%\*.dat /x >
[2010/06/13 16:56:52 | 000,000,268 | RH-- | M] () -- C:\ProgramData\Colors
[2010/06/13 16:54:58 | 000,000,268 | RH-- | M] () -- C:\ProgramData\ColorSync
[2010/06/13 16:54:58 | 000,000,012 | RH-- | M] () -- C:\ProgramData\Common
[2010/06/13 16:56:52 | 000,000,012 | RH-- | M] () -- C:\ProgramData\Configure Folder Actions
[2011/03/03 14:45:16 | 000,003,323 | ---- | M] () -- C:\ProgramData\hpzinstall.log

< %systemroot%\system32\drivers\*.rmv >

< dir /b "%systemroot%\system32\*.exe" | find /i " " /c >

< dir /b "%systemroot%\*.exe" | find /i " " /c >

< %PROGRAMFILES%\Microsoft\*.* >

< %systemroot%\System32\Wbem\proquota.exe >

< %PROGRAMFILES%\Mozilla Firefox\*.dat >

< %USERPROFILE%\Cookies\*.txt /x >

< %SystemRoot%\system32\fonts\*.* >

< %systemroot%\system32\winlog\*.* >

< %systemroot%\system32\Language\*.* >

< %systemroot%\system32\Settings\*.* >

< %systemroot%\system32\*.quo >

< %SYSTEMROOT%\AppPatch\*.exe >

< %SYSTEMROOT%\inf\*.exe >

< %SYSTEMROOT%\Installer\*.exe >

< %systemroot%\system32\config\*.bak2 >

< %systemroot%\system32\Computers\*.* >

< %SystemRoot%\system32\Sound\*.* >

< %SystemRoot%\system32\SpecialImg\*.* >

< %SystemRoot%\system32\code\*.* >

< %SystemRoot%\system32\draft\*.* >

< %SystemRoot%\system32\MSSSys\*.* >

< %ProgramFiles%\Javascript\*.* >

< %systemroot%\pchealth\helpctr\System\*.exe /s >

< %systemroot%\Web\*.exe >

< %systemroot%\system32\msn\*.* >

< %systemroot%\system32\*.tro >

< %AppData%\Microsoft\Installer\msupdates\*.* >

< %ProgramFiles%\Messenger\*.* >

< %systemroot%\system32\systhem32\*.* >

< %systemroot%\system\*.exe >

< HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate\AU >

< HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\ Auto Update\Results\Install|LastSuccessTime /rs >


< End of report >

 

part 2 of OTL Scan for slow interent browser and error in windows live 2011

I had to put OTL.txt Extras in a separate entry due to my last one being too many letter/numbers

OTL Extras logfile created on: 31/03/2011 21:06:48 - Run 1
OTL by OldTimer - Version 3.2.22.3 Folder = C:\Users\Nigel\Downloads
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 8.0.7601.17514)
Locale: 00000809 | Country: United Kingdom | Language: ENG | Date Format: dd/MM/yyyy

6.00 Gb Total Physical Memory | 5.00 Gb Available Physical Memory | 79.00% Memory free
12.00 Gb Paging File | 10.00 Gb Available in Paging File | 82.00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 596.07 Gb Total Space | 492.12 Gb Free Space | 82.56% Space Free | Partition Type: NTFS
Drive E: | 195.31 Gb Total Space | 47.64 Gb Free Space | 24.39% Space Free | Partition Type: NTFS
Drive F: | 736.20 Gb Total Space | 725.69 Gb Free Space | 98.57% Space Free | Partition Type: NTFS

Computer Name: DREAMMACHINE | User Name: Nigel | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Quick Scan | Include 64bit Scans
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

========== Extra Registry (SafeList) ==========


========== File Associations ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.url[@ = InternetShortcut] -- C:\Windows\SysNative\rundll32.exe (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)

[HKEY_USERS\S-1-5-21-2461483713-2889394737-1746768284-1000\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation)

========== Shell Spawning ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %* File not found
cmdfile [open] -- "%1" %* File not found
comfile [open] -- "%1" %* File not found
exefile [open] -- "%1" %* File not found
helpfile [open] -- Reg Error: Key error.
htmlfile [print] -- rundll32.exe %SystemRoot%\system32\mshtml.dll,PrintHTML "%1" (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\rundll32.exe setupapi,InstallHinfSection DefaultInstall 132 %1 (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll ",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll ",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %* File not found
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1" File not found
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l File not found
scrfile [open] -- "%1" /S File not found
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1 File not found
Directory [AddToPlaylistVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [MediaMonkey.1Play] -- "C:\Program Files (x86)\MediaMonkey\MediaMonkey.exe" "%1" (Ventis Media Inc.)
Directory [MediaMonkey.2PlayNext] -- "C:\Program Files (x86)\MediaMonkey\MediaMonkey.exe" /NEXT "%1" (Ventis Media Inc.)
Directory [MediaMonkey.3Enqueue] -- "C:\Program Files (x86)\MediaMonkey\MediaMonkey.exe" /ADD "%1" (Ventis Media Inc.)
Directory [PlayWithVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1 ",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1 "
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [MediaMonkey.1Play] -- "C:\Program Files (x86)\MediaMonkey\MediaMonkey.exe" "%1" (Ventis Media Inc.)
Directory [MediaMonkey.2PlayNext] -- "C:\Program Files (x86)\MediaMonkey\MediaMonkey.exe" /NEXT "%1" (Ventis Media Inc.)
Directory [MediaMonkey.3Enqueue] -- "C:\Program Files (x86)\MediaMonkey\MediaMonkey.exe" /ADD "%1" (Ventis Media Inc.)
Directory [PlayWithVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

========== Security Center Settings ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
"FirewallDisableNotify" = 0
"AntiVirusDisableNotify" = 0
"UpdatesDisableNotify" = 0

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = 28 4D B2 76 41 04 CA 01 [binary data]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"FirewallDisableNotify" = 0
"AntiVirusDisableNotify" = 0
"UpdatesDisableNotify" = 0

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]

========== System Restore Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR" = 0

========== Firewall Settings ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall]

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile]

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile]

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile]

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 0

========== Authorized Applications List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]


========== HKEY_LOCAL_MACHINE Uninstall List ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{14BC5667-22B0-4DC4-8205-597053BBDDC9}" = HP Photosmart C4200 All-In-One Driver Software 13.0 Rel. 1
"{1B8ABA62-74F0-47ED-B18C-A43128E591B8}" = Windows Live ID Sign-in Assistant
"{22441735-5983-AD2A-5CC5-FA2CCD7EF732}" = ATI Stream SDK v2 Developer
"{23170F69-40C1-2702-0915-000001000000}" = 7-Zip 9.15 (x64 edition)
"{26A24AE4-039D-4CA4-87B4-2F86416020FF}" = Java(TM) 6 Update 20 (64-bit)
"{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148
"{55D55008-E5F6-47D6-B16F-B2A40D4D145F}" = 64 Bit HP CIO Components Installer
"{56F26668-13DA-497A-883F-61434A10CBAB}" = MobileMe Control Panel
"{5E2BDF97-E0C7-75AE-29E1-5EA9DA262F2F}" = WMV9/VC-1 Video Playback
"{825C7AAC-C5D5-B89B-EBA1-D4DFC5E46D6C}" = AMD Drag and Drop Transcoding
"{8F473675-D702-45F9-8EBC-342B40C17BF5}" = Apple Mobile Device Support
"{90120000-002A-0000-1000-0000000FF1CE}" = Microsoft Office Office 64-bit Components 2007
"{90120000-002A-0409-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit MUI (English) 2007
"{90120000-0116-0409-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2007
"{95120000-00B9-0409-1000-0000000FF1CE}" = Microsoft Application Error Reporting
"{9545E9DB-6F4C-4404-BF25-E221BE8B44C5}" = iTunes
"{AE57C044-8912-A181-A0E4-BC2DAB3A092A}" = ATI Catalyst Install Manager
"{B2C5B378-546F-75A7-7757-C1EAAFAF9E33}" = ccc-utility64
"{D07A61E5-A59C-433C-BCBD-22025FA2287B}" = Windows Live Language Selector
"{DA54F80E-261C-41A2-A855-549A144F2F59}" = Windows Live MIME IFilter
"{DA5E371C-6333-3D8A-93A4-6FD5B20BCC6E}" = Microsoft Visual C++ 2010 x64 Redistributable - 10.0.30319
"{E4AFA5F8-C8BF-9BBA-3DD8-D631BD044238}" = ATI AVIVO64 Codecs
"{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}" = Microsoft .NET Framework 4 Client Profile
"CutePDF Writer Installation" = CutePDF Writer 2.8
"HP Imaging Device Functions" = HP Imaging Device Functions 13.0
"HP Photosmart Essential" = HP Photosmart Essential 3.5
"HP Smart Web Printing" = HP Smart Web Printing 4.60
"HP Solution Center & Imaging Support Tools" = HP Solution Center 13.0
"HPExtendedCapabilities" = HP Customer Participation Program 13.0
"HPOCR" = OCR Software by I.R.I.S. 13.0
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Recuva" = Recuva
"Shop for HP Supplies" = Shop for HP Supplies

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{06A1D88C-E102-4527-AF70-29FFD7AF215A}" = Scan
"{084A9731-D05B-4ADA-B4A0-0ADD25FD7152}" = Splinter Cell Pandora Tomorrow
"{0B0F231F-CE6A-483D-AA23-77B364F75917}" = Windows Live Installer
"{0EF5BEA9-B9D3-46d7-8958-FB69A0BAEACC}" = Status
"{11083C7A-D0D6-4DA4-8C3A-74B8389EC07B}" = ATI Catalyst Registration
"{1266764D-FC4F-4FA7-B63B-884D53B1680F}" = NetAssistant
"{175F0111-2968-4935-8F70-33108C6A4DE3}" = MarketResearch
"{19BA08F7-C728-469C-8A35-BFBD3633BE08}" = Windows Live Movie Maker
"{1B7D12BE-D1D8-4CCE-A01B-43CAFF8ECA9B}" = C4200
"{1C4551A6-4743-4093-91E4-1477CD655043}" = NVIDIA PhysX
"{1EC71BFB-01A3-4239-B6AF-B1AE656B15C0}" = TrayApp
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{1F6AB0E7-8CDD-4B93-8A23-AA9EB2FEFCE4}" = Junk Mail filter update
"{200FEC62-3C34-4D60-9CE8-EC372E01C08F}" = Windows Live SOXE Definitions
"{237CD223-1B9D-47E8-A76C-E478B83CCEA2}" = File Uploader
"{2DC94AFD-A6E2-4AB4-9132-4A3F8E07B386}" = Apple Application Support
"{2EEA7AA4-C203-4b90-A34F-19FB7EF1C81C}" = BufferChm
"{2FF8C687-DB7D-4adc-A5DC-57983EC25046}" = DeviceDiscovery
"{310BC5E2-31AF-49BB-904D-E71EB93645DC}" = AI Suite
"{3336F667-9049-4D46-98B6-4C743EEBC5B1}" = Windows Live Photo Gallery
"{34F4D9A4-42C2-4348-BEF4-E553C84549E7}" = Windows Live Photo Gallery
"{35ED3F83-4BDC-4c44-8EC6-6A8301C7413A}" = McAfee SiteAdvisor
"{3C92B2E6-380D-4fef-B4DF-4A3B4B669771}" = Copy
"{415030B8-3E8B-462A-8C03-41D95AA3AB3B}" = Medal of Honor (TM)
"{43CDF946-F5D9-4292-B006-BA0D92013021}" = WebReg
"{4A70EF07-7F88-4434-BB61-D1DE8AE93DD4}" = SolutionCenter
"{4E7C28C7-D5DA-4E9F-A1CA-60490B54AE35}" = UnloadSupport
"{519C4DB6-B53B-4F5C-8297-89B2BE949FA5}_is1" = Data Lifeguard Diagnostic for Windows 1.21
"{56B83336-FBC1-4C46-8613-90A9E3B440D6}" = EPU-6 Engine
"{56C049BE-79E9-4502-BEA7-9754A3E60F9B}" = neroxml
"{57752979-A1C9-4C02-856B-FBB27AC4E02C}" = QuickTime
"{579684A4-DDD5-4CA3-9EA8-7BE7D9593DB4}" = Windows Live UX Platform Language Pack
"{5F8D5450-5BD8-4B8A-A1DE-8326C0395D5D}" = PS_AIO_Software_min
"{5FD89EA1-99C2-40EE-BBF5-20F8991ED756}" = Catalyst Control Center - Branding
"{63FF21C9-A810-464F-B60A-3111747B1A6D}" = GPBaseService2
"{660787DD-68B3-4E67-9073-4A66DD7AD193}" = ASUS VGA Driver
"{664D6E1D-2A6C-D54D-31A5-B6BC30CEB0C6}" = CCC Help English
"{681B698F-C997-42C3-B184-B489C6CA24C9}" = HPPhotoSmartDiscLabelContent1
"{682B3E4F-696A-42DE-A41C-4C07EA1678B4}" = Windows Live SOXE
"{6B2FFB21-AC88-45C3-9A7D-4BB3E744EC91}" = HPSSupply
"{6BBA26E9-AB03-4FE7-831A-3535584CA002}" = Toolbox
"{7059BDA7-E1DB-442C-B7A1-6144596720A4}" = HP Update
"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
"{7B9F5775-8C8C-2A4E-0CAB-74EA7AF5CB09}" = ccc-core-static
"{7C5B4583-7CBF-4289-B195-03B553959DEA}" = VoiceOver Kit
"{7E265513-8CDA-4631-B696-F40D983F3B07}_is1" = CDBurnerXP
"{7F88C9E5-12BD-404F-AC6A-108BAAC9B708}" = ASUS Gamer OSD
"{80956555-A512-4190-9CAD-B000C36D6B6B}" = Windows Live Messenger
"{809D7E6D-915D-4EAD-821F-E13D93F37161}" = ASUS Smart Doctor
"{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable
"{83C292B7-38A5-440B-A731-07070E81A64F}" = Windows Live PIMT Platform
"{87441A59-5E64-4096-A170-14EFE67200C3}" = Picture Control Utility
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8ACC73AA-6511-7C55-B1A9-8E5D1DEAFAA3}" = The Lord of the Rings FREE Trial
"{8DD46C6A-0056-4FEC-B70A-28BB16A1F11F}" = MSVCRT
"{8FF6F5CA-4E30-4E3B-B951-204CAAA2716A}" = SmartWebPrinting
"{90120000-0015-0409-0000-0000000FF1CE}" = Microsoft Office Access MUI (English) 2007
"{90120000-0015-0409-0000-0000000FF1CE}_ENTERPRISE_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0016-0409-0000-0000000FF1CE}" = Microsoft Office Excel MUI (English) 2007
"{90120000-0016-0409-0000-0000000FF1CE}_ENTERPRISE_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0018-0409-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (English) 2007
"{90120000-0018-0409-0000-0000000FF1CE}_ENTERPRISE_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0019-0409-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (English) 2007
"{90120000-0019-0409-0000-0000000FF1CE}_ENTERPRISE_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001A-0409-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (English) 2007
"{90120000-001A-0409-0000-0000000FF1CE}_ENTERPRISE_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001B-0409-0000-0000000FF1CE}" = Microsoft Office Word MUI (English) 2007
"{90120000-001B-0409-0000-0000000FF1CE}_ENTERPRISE_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-0409-0000-0000000FF1CE}_ENTERPRISE_{ABDDE972-355B-4AF1-89A8-DA50B7B5C045}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2007
"{90120000-001F-040C-0000-0000000FF1CE}_ENTERPRISE_{F580DDD5-8D37-4998-968E-EBB76BB86787}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-0C0A-0000-0000000FF1CE}" = Microsoft Office Proof (Spanish) 2007
"{90120000-001F-0C0A-0000-0000000FF1CE}_ENTERPRISE_{187308AB-5FA7-4F14-9AB9-D290383A10D9}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-002A-0000-1000-0000000FF1CE}_ENTERPRISE_{E64BA721-2310-4B55-BE5A-2925F9706192}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-002A-0409-1000-0000000FF1CE}_ENTERPRISE_{DE5A002D-8122-4278-A7EE-3121E7EA254E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-002C-0409-0000-0000000FF1CE}" = Microsoft Office Proofing (English) 2007
"{90120000-0030-0000-0000-0000000FF1CE}" = Microsoft Office Enterprise 2007
"{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{0B36C6D6-F5D8-4EAF-BF94-4376A230AD5B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{3D019598-7B59-447A-80AE-815B703B84FF}" = Security Update for Microsoft Office system 2007 (972581)
"{90120000-0044-0409-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (English) 2007
"{90120000-0044-0409-0000-0000000FF1CE}_ENTERPRISE_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-006E-0409-0000-0000000FF1CE}" = Microsoft Office Shared MUI (English) 2007
"{90120000-006E-0409-0000-0000000FF1CE}_ENTERPRISE_{DE5A002D-8122-4278-A7EE-3121E7EA254E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-00A1-0409-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (English) 2007
"{90120000-00A1-0409-0000-0000000FF1CE}_ENTERPRISE_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-00BA-0409-0000-0000000FF1CE}" = Microsoft Office Groove MUI (English) 2007
"{90120000-00BA-0409-0000-0000000FF1CE}_ENTERPRISE_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0114-0409-0000-0000000FF1CE}" = Microsoft Office Groove Setup Metadata MUI (English) 2007
"{90120000-0114-0409-0000-0000000FF1CE}_ENTERPRISE_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0115-0409-0000-0000000FF1CE}" = Microsoft Office Shared Setup Metadata MUI (English) 2007
"{90120000-0115-0409-0000-0000000FF1CE}_ENTERPRISE_{DE5A002D-8122-4278-A7EE-3121E7EA254E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0116-0409-1000-0000000FF1CE}_ENTERPRISE_{DE5A002D-8122-4278-A7EE-3121E7EA254E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0117-0409-0000-0000000FF1CE}" = Microsoft Office Access Setup Metadata MUI (English) 2007
"{90120000-0117-0409-0000-0000000FF1CE}_ENTERPRISE_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{92EA4134-10D1-418A-91E1-5A0453131A38}" = Windows Live Movie Maker
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9B362566-EC1B-4700-BB9C-EC661BDE2175}" = DocProc
"{9D56775A-93F3-44A3-8092-840E3826DE30}" = Windows Live Mail
"{A174402A-2EE6-4B86-A930-7BC85A9933BD}" = Tom Clancy's Splinter Cell
"{A31951C5-DCD8-4DFE-A525-CFC701F54792}" = TurboV
"{A89768CF-CD21-44FD-A723-16D5A8557415}" = NEF Codec
"{A99968BE-C155-474C-0089-33239DEE1CE2}" = NFS Underground
"{A9BDCA6B-3653-467B-AC83-94367DA3BFE3}" = Windows Live Photo Common
"{AA945C94-285E-DE48-A30F-70105C6580DE}" = Catalyst Control Center Graphics Previews Common
"{AAAFC670-569B-4A2F-82B4-42945E0DE3EF}" = Windows Live Writer
"{AC76BA86-7AD7-1033-7B44-A94000000001}" = Adobe Reader 9.4.3
"{B10914FD-8812-47A4-85A1-50FCDE7F1F33}" = Windows Live Sync
"{B4092C6D-E886-4CB2-BA68-FE5A88D31DE6}_is1" = Spybot - Search & Destroy
"{BABAEBE4-9FFB-4B5D-9453-64FF11517CA2}" = Tom Clancy's Splinter Cell Chaos Theory
"{BD7204BA-DD64-499E-9B55-6A282CDF4FA4}" = Destinations
"{BEE64C14-BEF1-4610-8A68-A16EAA47B882}" = Futuremark SystemInfo
"{C40C3C3D-97CF-44B5-836C-766E374464B3}" = 3DMark Vantage
"{C41300B9-185D-475E-BFEC-39EF732F19B1}" = Apple Software Update
"{C43326F5-F135-4551-8270-7F7ABA0462E1}" = HPProductAssistant
"{C66824E4-CBB3-4851-BB3F-E8CFD6350923}" = Windows Live Mail
"{CAE4213F-F797-439D-BD9E-79B71D115BE3}" = HPPhotoGadget
"{CB6075D9-F912-40AE-BEA6-E590DA24F16B}" = Adobe Photoshop Elements 7.0
"{CC29B835-95A5-3CD9-087B-F94D7B9ECC9B}" = Catalyst Control Center InstallProxy
"{CE95A79E-E4FC-4FFF-8A75-29F04B942FF2}" = Windows Live UX Platform
"{D0B44725-3666-492D-BEF6-587A14BD9BD9}" = MSVCRT_amd64
"{D2FCC1AE-6311-47C5-8130-C6C66D77DD71}" = Nikon Message Center
"{D436F577-1695-4D2F-8B44-AC76C99E0002}" = Windows Live Photo Common
"{D45240D3-B6B3-4FF9-B243-54ECE3E10066}" = Windows Live Communications Platform
"{D642E38E-0D24-486C-9A2D-E316DD696F4B}" = Microsoft XML Parser
"{D79113E7-274C-470B-BD46-01B10219DF6A}" = HPPhotosmartEssential
"{D793423B-FF18-4A54-B9C9-75B3396BAAC4}" = Browser Configuration Utility
"{D7AF16E7-5938-4369-BA54-B1ABD541BC32}" = Utility
"{D7BF9739-8A68-4335-BBEE-37752AD9E86B}" = NEC Electronics USB 3.0 Host Controller Driver
"{D86B0E2E-DF9A-441C-AF77-8D1A0FF00FA6}" = AIO_Scan
"{DDC8BDEE-DCAC-404D-8257-3E8D4B782467}" = Windows Live Writer Resources
"{E09C4DB7-630C-4F06-A631-8EA7239923AF}" = D3DX10
"{E2883E8F-472F-4fb0-9522-AC9BF37916A7}" = Adobe Download Manager
"{E65CA2A8-1F2A-4400-AE55-FFD43D3B6980}" = c4200_Help
"{E9757890-7EC5-46C8-99AB-B00F07B6525C}" = Nikon Transfer
"{EB4DF488-AAEF-406F-A341-CB2AAA315B90}" = Windows Live Messenger
"{F007CBCE-D714-4C0B-8CE9-9B0D78116468}" = ViewNX
"{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F7338FA3-DAB5-49B2-900D-0AFB5760C166}" = PC Probe II
"{FE044230-9CA5-43F7-9B58-5AC5A28A1F33}" = Windows Live Essentials
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"Adobe Photoshop Elements 7" = Adobe Photoshop Elements 7.0
"Adobe Shockwave Player" = Adobe Shockwave Player 11.5
"Amazon MP3 Downloader" = Amazon MP3 Downloader 1.0.9
"ATC for Splinter Cell Chaos Theory_is1" = ATC for Splinter Cell Chaos Theory 1.0
"Audacity_is1" = Audacity 1.2.6
"avast" = avast! Free Antivirus
"CCleaner" = CCleaner
"dBpoweramp Music Converter" = dBpoweramp Music Converter
"ENTERPRISE" = Microsoft Office Enterprise 2007
"Fraps" = Fraps
"GOM Player" = GOM Player
"InstallShield_{809D7E6D-915D-4EAD-821F-E13D93F37161}" = ASUS Smart Doctor
"InstallShield_{D7BF9739-8A68-4335-BBEE-37752AD9E86B}" = NEC Electronics USB 3.0 Host Controller Driver
"IsoBuster_is1" = IsoBuster 2.8
"LAME for Audacity_is1" = LAME v3.98.2 for Audacity
"Magic ISO Maker v5.5 (build 0281)" = Magic ISO Maker v5.5 (build 0281)
"MagniDriver" = marvell 91xx driver
"Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware
"Marvell Miniport Driver" = Marvell Miniport Driver
"McAfee Security Scan" = McAfee Security Scan Plus
"MediaMonkey_is1" = MediaMonkey 3.2
"Mozilla Firefox (3.6.16)" = Mozilla Firefox (3.6.16)
"SpeedFan" = SpeedFan (remove only)
"VLC media player" = VLC media player 1.1.2
"WinLiveSuite" = Windows Live Essentials
"World of Warcraft" = World of Warcraft
"xvid" = XviD MPEG-4 Video Codec
"ZoneAlarm" = ZoneAlarm

========== HKEY_USERS Uninstall List ==========

[HKEY_USERS\S-1-5-21-2461483713-2889394737-1746768284-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Facebook Plug-In" = Facebook Plug-In
"NetAssistant" = NetAssistant for Firefox

========== Last 10 Event Log Errors ==========

[ Application Events ]
Error - 30/03/2011 16:11:04 | Computer Name = DreamMachine | Source = Application Error | ID = 1000
Description = Faulting application name: wlmail.exe, version: 15.4.3508.1109, time
stamp: 0x4cda7a4f Faulting module name: unknown, version: 0.0.0.0, time stamp: 0x00000000
Exception
code: 0xc0000005 Fault offset: 0x0c0c05d3 Faulting process id: 0x16e0 Faulting application
start time: 0x01cbef1684220726 Faulting application path: C:\Program Files (x86)\Windows
Live\Mail\wlmail.exe Faulting module path: unknown Report Id: d6e3d246-5b09-11e0-8453-7071bc139ebc

Error - 30/03/2011 16:11:29 | Computer Name = DreamMachine | Source = Application Error | ID = 1000
Description = Faulting application name: wlmail.exe, version: 15.4.3508.1109, time
stamp: 0x4cda7a4f Faulting module name: unknown, version: 0.0.0.0, time stamp: 0x00000000
Exception
code: 0xc0000005 Fault offset: 0x113e05d3 Faulting process id: 0x145c Faulting application
start time: 0x01cbef16a38faf45 Faulting application path: C:\Program Files (x86)\Windows
Live\Mail\wlmail.exe Faulting module path: unknown Report Id: e559f7cc-5b09-11e0-8453-7071bc139ebc

Error - 31/03/2011 03:50:20 | Computer Name = DreamMachine | Source = Application Error | ID = 1000
Description = Faulting application name: wlmail.exe, version: 15.4.3508.1109, time
stamp: 0x4cda7a4f Faulting module name: unknown, version: 0.0.0.0, time stamp: 0x00000000
Exception
code: 0xc0000005 Fault offset: 0x0b7605d3 Faulting process id: 0x15e0 Faulting application
start time: 0x01cbef7841766a5e Faulting application path: C:\Program Files (x86)\Windows
Live\Mail\wlmail.exe Faulting module path: unknown Report Id: 86367e5d-5b6b-11e0-aa7a-7071bc139ebc

Error - 31/03/2011 03:51:13 | Computer Name = DreamMachine | Source = Application Error | ID = 1000
Description = Faulting application name: wlmail.exe, version: 15.4.3508.1109, time
stamp: 0x4cda7a4f Faulting module name: unknown, version: 0.0.0.0, time stamp: 0x00000000
Exception
code: 0xc0000005 Fault offset: 0x13d905d3 Faulting process id: 0x1158 Faulting application
start time: 0x01cbef784ca98da9 Faulting application path: C:\Program Files (x86)\Windows
Live\Mail\wlmail.exe Faulting module path: unknown Report Id: a5cd0bd5-5b6b-11e0-aa7a-7071bc139ebc

Error - 31/03/2011 03:51:38 | Computer Name = DreamMachine | Source = Application Error | ID = 1000
Description = Faulting application name: wlmail.exe, version: 15.4.3508.1109, time
stamp: 0x4cda7a4f Faulting module name: unknown, version: 0.0.0.0, time stamp: 0x00000000
Exception
code: 0xc0000005 Fault offset: 0x0b3305d3 Faulting process id: 0x1524 Faulting application
start time: 0x01cbef786d7f086d Faulting application path: C:\Program Files (x86)\Windows
Live\Mail\wlmail.exe Faulting module path: unknown Report Id: b4ecba46-5b6b-11e0-aa7a-7071bc139ebc

Error - 31/03/2011 04:20:31 | Computer Name = DreamMachine | Source = SideBySide | ID = 16842815
Description = Activation context generation failed for "c:\program files (x86)\spybot
- search & destroy\DelZip179.dll ".Error in manifest or policy file "c:\program
files (x86)\spybot - search & destroy\DelZip179.dll" on line 8. The value "*" of
attribute "language" in element "assemblyIdentity" is invalid.

Error - 31/03/2011 07:16:09 | Computer Name = DreamMachine | Source = Application Error | ID = 1000
Description = Faulting application name: wlmail.exe, version: 15.4.3508.1109, time
stamp: 0x4cda7a4f Faulting module name: unknown, version: 0.0.0.0, time stamp: 0x00000000
Exception
code: 0xc0000005 Fault offset: 0x15e305d3 Faulting process id: 0xc28 Faulting application
start time: 0x01cbef94f58226d7 Faulting application path: C:\Program Files (x86)\Windows
Live\Mail\wlmail.exe Faulting module path: unknown Report Id: 46ead3c2-5b88-11e0-a422-7071bc139ebc

Error - 31/03/2011 07:16:36 | Computer Name = DreamMachine | Source = Application Error | ID = 1000
Description = Faulting application name: wlmail.exe, version: 15.4.3508.1109, time
stamp: 0x4cda7a4f Faulting module name: unknown, version: 0.0.0.0, time stamp: 0x00000000
Exception
code: 0xc0000005 Fault offset: 0x113505d3 Faulting process id: 0x64c Faulting application
start time: 0x01cbef9514db5f98 Faulting application path: C:\Program Files (x86)\Windows
Live\Mail\wlmail.exe Faulting module path: unknown Report Id: 56daca58-5b88-11e0-a422-7071bc139ebc

Error - 31/03/2011 07:16:50 | Computer Name = DreamMachine | Source = Application Error | ID = 1000
Description = Faulting application name: wlmail.exe, version: 15.4.3508.1109, time
stamp: 0x4cda7a4f Faulting module name: unknown, version: 0.0.0.0, time stamp: 0x00000000
Exception
code: 0xc0000005 Fault offset: 0x15fc05d3 Faulting process id: 0x878 Faulting application
start time: 0x01cbef951c59f4b5 Faulting application path: C:\Program Files (x86)\Windows
Live\Mail\wlmail.exe Faulting module path: unknown Report Id: 5f2615cc-5b88-11e0-a422-7071bc139ebc

Error - 31/03/2011 13:30:25 | Computer Name = DreamMachine | Source = Application Error | ID = 1000
Description = Faulting application name: wlmail.exe, version: 15.4.3508.1109, time
stamp: 0x4cda7a4f Faulting module name: unknown, version: 0.0.0.0, time stamp: 0x00000000
Exception
code: 0xc0000005 Fault offset: 0x0b1b05d3 Faulting process id: 0x828 Faulting application
start time: 0x01cbefc9488112c3 Faulting application path: C:\Program Files (x86)\Windows
Live\Mail\wlmail.exe Faulting module path: unknown Report Id: 8f944739-5bbc-11e0-a422-7071bc139ebc

[ System Events ]
Error - 26/03/2011 18:43:00 | Computer Name = DreamMachine | Source = DCOM | ID = 10016
Description =

Error - 26/03/2011 18:43:00 | Computer Name = DreamMachine | Source = DCOM | ID = 10016
Description =

Error - 26/03/2011 18:51:00 | Computer Name = DreamMachine | Source = DCOM | ID = 10016
Description =

Error - 26/03/2011 18:51:00 | Computer Name = DreamMachine | Source = DCOM | ID = 10016
Description =

Error - 28/03/2011 18:02:09 | Computer Name = DreamMachine | Source = EventLog | ID = 6008
Description = The previous system shutdown at 22:57:09 on ?28/?03/?2011 was unexpected.

Error - 30/03/2011 10:57:49 | Computer Name = DreamMachine | Source = Service Control Manager | ID = 7023
Description = The Function Discovery Resource Publication service terminated with
the following error: %%-2147014847

Error - 30/03/2011 14:45:33 | Computer Name = DreamMachine | Source = Service Control Manager | ID = 7034
Description = The hpqcxs08 service terminated unexpectedly. It has done this 1
time(s).

Error - 30/03/2011 14:45:33 | Computer Name = DreamMachine | Source = Service Control Manager | ID = 7034
Description = The HP CUE DeviceDiscovery Service service terminated unexpectedly.
It has done this 1 time(s).

Error - 30/03/2011 14:49:07 | Computer Name = DreamMachine | Source = Service Control Manager | ID = 7030
Description = The PEVSystemStart service is marked as an interactive service. However,
the system is configured to not allow interactive services. This service may not
function properly.

Error - 30/03/2011 14:50:40 | Computer Name = DreamMachine | Source = Service Control Manager | ID = 7030
Description = The PEVSystemStart service is marked as an interactive service. However,
the system is configured to not allow interactive services. This service may not
function properly.


< End of report >

 

Very Slow Internet Browsing and error on Windows Live Mail 2011

Hi broni,
I used your java link and it said: "No working java was detected on your system "
"something is wrong, java is not working ".
I installed the latest java from there: Java SE Runtime Environment 6 update 24.
The Java Quick Starter was not an option for me in Advanced Settings....it is "greyed out" and "you cannot click on it either ".
I removed the java older versions successfully and provide the text file here:

JavaRa 1.16 Removal Log.

Report follows after line.

------------------------------------

The JavaRa removal process was started on Fri Apr 01 16:47:10 2011

Found and removed: Applications\java.exe

Found and removed: Applications\javaw.exe

Found and removed: JavaPlugin.FamilyVersionSupport

Found and removed: CLSID\{CAFEEFAC-0013-0000-0003-ABCDEFFEDCBA}

Found and removed: CLSID\{CAFEEFAC-0013-0000-0004-ABCDEFFEDCBA}

Found and removed: CLSID\{CAFEEFAC-0013-0000-0005-ABCDEFFEDCBA}

Found and removed: CLSID\{CAFEEFAC-0013-0001-0000-ABCDEFFEDCBA}

Found and removed: CLSID\{CAFEEFAC-0013-0001-0001-ABCDEFFEDCBA}

Found and removed: CLSID\{CAFEEFAC-0013-0001-0001-ABCDEFFEDCBB}

Found and removed: CLSID\{CAFEEFAC-0013-0001-0002-ABCDEFFEDCBA}

Found and removed: CLSID\{CAFEEFAC-0013-0001-0002-ABCDEFFEDCBB}

Found and removed: CLSID\{CAFEEFAC-0013-0001-0003-ABCDEFFEDCBA}

Found and removed: CLSID\{CAFEEFAC-0013-0001-0003-ABCDEFFEDCBB}

Found and removed: CLSID\{CAFEEFAC-0013-0001-0004-ABCDEFFEDCBA}

Found and removed: CLSID\{CAFEEFAC-0013-0001-0004-ABCDEFFEDCBB}

Found and removed: CLSID\{CAFEEFAC-0013-0001-0005-ABCDEFFEDCBA}

Found and removed: CLSID\{CAFEEFAC-0013-0001-0005-ABCDEFFEDCBB}

Found and removed: CLSID\{CAFEEFAC-0013-0001-0006-ABCDEFFEDCBA}

Found and removed: CLSID\{CAFEEFAC-0013-0001-0006-ABCDEFFEDCBB}

Found and removed: CLSID\{CAFEEFAC-0013-0001-0007-ABCDEFFEDCBA}

Found and removed: CLSID\{CAFEEFAC-0013-0001-0007-ABCDEFFEDCBB}

Found and removed: CLSID\{CAFEEFAC-0013-0001-0008-ABCDEFFEDCBA}

Found and removed: CLSID\{CAFEEFAC-0013-0001-0008-ABCDEFFEDCBB}

Found and removed: CLSID\{CAFEEFAC-0013-0001-0009-ABCDEFFEDCBA}

Found and removed: CLSID\{CAFEEFAC-0013-0001-0009-ABCDEFFEDCBB}

Found and removed: CLSID\{CAFEEFAC-0013-0001-0010-ABCDEFFEDCBA}

Found and removed: CLSID\{CAFEEFAC-0013-0001-0010-ABCDEFFEDCBB}

Found and removed: CLSID\{CAFEEFAC-0013-0001-0011-ABCDEFFEDCBA}

Found and removed: CLSID\{CAFEEFAC-0013-0001-0011-ABCDEFFEDCBB}

Found and removed: CLSID\{CAFEEFAC-0013-0001-0012-ABCDEFFEDCBA}

Found and removed: CLSID\{CAFEEFAC-0013-0001-0012-ABCDEFFEDCBB}

Found and removed: CLSID\{CAFEEFAC-0013-0001-0013-ABCDEFFEDCBA}

Found and removed: CLSID\{CAFEEFAC-0013-0001-0013-ABCDEFFEDCBB}

Found and removed: CLSID\{CAFEEFAC-0013-0001-0014-ABCDEFFEDCBA}

Found and removed: CLSID\{CAFEEFAC-0013-0001-0014-ABCDEFFEDCBB}

Found and removed: CLSID\{CAFEEFAC-0013-0001-0015-ABCDEFFEDCBA}

Found and removed: CLSID\{CAFEEFAC-0013-0001-0015-ABCDEFFEDCBB}

Found and removed: CLSID\{CAFEEFAC-0013-0001-0016-ABCDEFFEDCBA}

Found and removed: CLSID\{CAFEEFAC-0013-0001-0016-ABCDEFFEDCBB}

Found and removed: CLSID\{CAFEEFAC-0013-0001-0017-ABCDEFFEDCBA}

Found and removed: CLSID\{CAFEEFAC-0013-0001-0017-ABCDEFFEDCBB}

Found and removed: CLSID\{CAFEEFAC-0013-0001-0018-ABCDEFFEDCBA}

Found and removed: CLSID\{CAFEEFAC-0013-0001-0018-ABCDEFFEDCBB}

Found and removed: CLSID\{CAFEEFAC-0013-0001-0019-ABCDEFFEDCBA}

Found and removed: CLSID\{CAFEEFAC-0013-0001-0019-ABCDEFFEDCBB}

Found and removed: CLSID\{CAFEEFAC-0013-0001-0020-ABCDEFFEDCBA}

Found and removed: CLSID\{CAFEEFAC-0013-0001-0020-ABCDEFFEDCBB}

Found and removed: CLSID\{CAFEEFAC-0013-0001-0021-ABCDEFFEDCBA}

Found and removed: CLSID\{CAFEEFAC-0013-0001-0021-ABCDEFFEDCBB}

Found and removed: CLSID\{CAFEEFAC-0013-0001-0022-ABCDEFFEDCBA}

Found and removed: CLSID\{CAFEEFAC-0013-0001-0022-ABCDEFFEDCBB}

Found and removed: CLSID\{CAFEEFAC-0013-0001-0023-ABCDEFFEDCBA}

Found and removed: CLSID\{CAFEEFAC-0013-0001-0023-ABCDEFFEDCBB}

Found and removed: CLSID\{CAFEEFAC-0013-0001-0024-ABCDEFFEDCBA}

Found and removed: CLSID\{CAFEEFAC-0013-0001-0024-ABCDEFFEDCBB}

Found and removed: CLSID\{CAFEEFAC-0013-0001-0025-ABCDEFFEDCBA}

Found and removed: CLSID\{CAFEEFAC-0013-0001-0025-ABCDEFFEDCBB}

Found and removed: CLSID\{CAFEEFAC-0014-0000-0000-ABCDEFFEDCBA}

Found and removed: CLSID\{CAFEEFAC-0014-0000-0000-ABCDEFFEDCBB}

Found and removed: CLSID\{CAFEEFAC-0014-0000-0001-ABCDEFFEDCBA}

Found and removed: CLSID\{CAFEEFAC-0014-0000-0001-ABCDEFFEDCBB}

Found and removed: CLSID\{CAFEEFAC-0014-0000-0002-ABCDEFFEDCBA}

Found and removed: CLSID\{CAFEEFAC-0014-0000-0002-ABCDEFFEDCBB}

Found and removed: CLSID\{CAFEEFAC-0014-0000-0003-ABCDEFFEDCBA}

Found and removed: CLSID\{CAFEEFAC-0014-0000-0003-ABCDEFFEDCBB}

Found and removed: CLSID\{CAFEEFAC-0014-0000-0004-ABCDEFFEDCBA}

Found and removed: CLSID\{CAFEEFAC-0014-0000-0004-ABCDEFFEDCBB}

Found and removed: CLSID\{CAFEEFAC-0014-0001-0000-ABCDEFFEDCBA}

Found and removed: CLSID\{CAFEEFAC-0014-0001-0000-ABCDEFFEDCBB}

Found and removed: CLSID\{CAFEEFAC-0014-0001-0001-ABCDEFFEDCBA}

Found and removed: CLSID\{CAFEEFAC-0014-0001-0001-ABCDEFFEDCBB}

Found and removed: CLSID\{CAFEEFAC-0014-0001-0002-ABCDEFFEDCBA}

Found and removed: CLSID\{CAFEEFAC-0014-0001-0002-ABCDEFFEDCBB}

Found and removed: CLSID\{CAFEEFAC-0014-0001-0003-ABCDEFFEDCBA}

Found and removed: CLSID\{CAFEEFAC-0014-0001-0003-ABCDEFFEDCBB}

Found and removed: CLSID\{CAFEEFAC-0014-0001-0004-ABCDEFFEDCBA}

Found and removed: CLSID\{CAFEEFAC-0014-0001-0004-ABCDEFFEDCBB}

Found and removed: CLSID\{CAFEEFAC-0014-0001-0005-ABCDEFFEDCBA}

Found and removed: CLSID\{CAFEEFAC-0014-0001-0005-ABCDEFFEDCBB}

Found and removed: CLSID\{CAFEEFAC-0014-0001-0006-ABCDEFFEDCBA}

Found and removed: CLSID\{CAFEEFAC-0014-0001-0006-ABCDEFFEDCBB}

Found and removed: CLSID\{CAFEEFAC-0014-0001-0007-ABCDEFFEDCBA}

Found and removed: CLSID\{CAFEEFAC-0014-0001-0007-ABCDEFFEDCBB}

Found and removed: CLSID\{CAFEEFAC-0014-0002-0000-ABCDEFFEDCBA}

Found and removed: CLSID\{CAFEEFAC-0014-0002-0000-ABCDEFFEDCBB}

Found and removed: CLSID\{CAFEEFAC-0014-0002-0001-ABCDEFFEDCBA}

Found and removed: CLSID\{CAFEEFAC-0014-0002-0001-ABCDEFFEDCBB}

Found and removed: CLSID\{CAFEEFAC-0014-0002-0002-ABCDEFFEDCBA}

Found and removed: CLSID\{CAFEEFAC-0014-0002-0002-ABCDEFFEDCBB}

Found and removed: CLSID\{CAFEEFAC-0014-0002-0003-ABCDEFFEDCBA}

Found and removed: CLSID\{CAFEEFAC-0014-0002-0003-ABCDEFFEDCBB}

Found and removed: CLSID\{CAFEEFAC-0014-0002-0004-ABCDEFFEDCBA}

Found and removed: CLSID\{CAFEEFAC-0014-0002-0004-ABCDEFFEDCBB}

Found and removed: CLSID\{CAFEEFAC-0014-0002-0005-ABCDEFFEDCBA}

Found and removed: CLSID\{CAFEEFAC-0014-0002-0005-ABCDEFFEDCBB}

Found and removed: CLSID\{CAFEEFAC-0014-0002-0006-ABCDEFFEDCBA}

Found and removed: CLSID\{CAFEEFAC-0014-0002-0006-ABCDEFFEDCBB}

Found and removed: CLSID\{CAFEEFAC-0014-0002-0007-ABCDEFFEDCBA}

Found and removed: CLSID\{CAFEEFAC-0014-0002-0007-ABCDEFFEDCBB}

Found and removed: CLSID\{CAFEEFAC-0014-0002-0008-ABCDEFFEDCBA}

Found and removed: CLSID\{CAFEEFAC-0014-0002-0008-ABCDEFFEDCBB}

Found and removed: CLSID\{CAFEEFAC-0014-0002-0009-ABCDEFFEDCBA}

Found and removed: CLSID\{CAFEEFAC-0014-0002-0009-ABCDEFFEDCBB}

Found and removed: CLSID\{CAFEEFAC-0014-0002-0010-ABCDEFFEDCBA}

Found and removed: CLSID\{CAFEEFAC-0014-0002-0010-ABCDEFFEDCBB}

Found and removed: CLSID\{CAFEEFAC-0014-0002-0011-ABCDEFFEDCBA}

Found and removed: CLSID\{CAFEEFAC-0014-0002-0011-ABCDEFFEDCBB}

Found and removed: CLSID\{CAFEEFAC-0014-0002-0012-ABCDEFFEDCBA}

Found and removed: CLSID\{CAFEEFAC-0014-0002-0012-ABCDEFFEDCBB}

Found and removed: CLSID\{CAFEEFAC-0014-0002-0013-ABCDEFFEDCBA}

Found and removed: CLSID\{CAFEEFAC-0014-0002-0013-ABCDEFFEDCBB}

Found and removed: CLSID\{CAFEEFAC-0014-0002-0014-ABCDEFFEDCBA}

Found and removed: CLSID\{CAFEEFAC-0014-0002-0014-ABCDEFFEDCBB}

Found and removed: CLSID\{CAFEEFAC-0014-0002-0015-ABCDEFFEDCBA}

Found and removed: CLSID\{CAFEEFAC-0014-0002-0015-ABCDEFFEDCBB}

Found and removed: CLSID\{CAFEEFAC-0014-0002-0016-ABCDEFFEDCBA}

Found and removed: CLSID\{CAFEEFAC-0014-0002-0016-ABCDEFFEDCBB}

Found and removed: CLSID\{CAFEEFAC-0014-0002-0017-ABCDEFFEDCBA}

Found and removed: CLSID\{CAFEEFAC-0014-0002-0017-ABCDEFFEDCBB}

Found and removed: CLSID\{CAFEEFAC-0014-0002-0018-ABCDEFFEDCBA}

Found and removed: CLSID\{CAFEEFAC-0014-0002-0018-ABCDEFFEDCBB}

Found and removed: CLSID\{CAFEEFAC-0014-0002-0019-ABCDEFFEDCBA}

Found and removed: CLSID\{CAFEEFAC-0014-0002-0019-ABCDEFFEDCBB}

Found and removed: CLSID\{CAFEEFAC-0014-0002-FFFF-ABCDEFFEDCBA}

Found and removed: CLSID\{CAFEEFAC-0015-0000-0000-ABCDEFFEDCBA}

Found and removed: CLSID\{CAFEEFAC-0015-0000-0000-ABCDEFFEDCBB}

Found and removed: CLSID\{CAFEEFAC-0015-0000-0000-ABCDEFFEDCBC}

Found and removed: CLSID\{CAFEEFAC-0015-0000-0001-ABCDEFFEDCBA}

Found and removed: CLSID\{CAFEEFAC-0015-0000-0001-ABCDEFFEDCBB}

Found and removed: CLSID\{CAFEEFAC-0015-0000-0001-ABCDEFFEDCBC}

Found and removed: CLSID\{CAFEEFAC-0015-0000-0002-ABCDEFFEDCBA}

Found and removed: CLSID\{CAFEEFAC-0015-0000-0002-ABCDEFFEDCBB}

Found and removed: CLSID\{CAFEEFAC-0015-0000-0002-ABCDEFFEDCBC}

Found and removed: CLSID\{CAFEEFAC-0015-0000-0003-ABCDEFFEDCBA}

Found and removed: CLSID\{CAFEEFAC-0015-0000-0003-ABCDEFFEDCBB}

Found and removed: CLSID\{CAFEEFAC-0015-0000-0003-ABCDEFFEDCBC}

Found and removed: CLSID\{CAFEEFAC-0015-0000-0004-ABCDEFFEDCBA}

Found and removed: CLSID\{CAFEEFAC-0015-0000-0004-ABCDEFFEDCBB}

Found and removed: CLSID\{CAFEEFAC-0015-0000-0004-ABCDEFFEDCBC}

Found and removed: CLSID\{CAFEEFAC-0015-0000-0005-ABCDEFFEDCBA}

Found and removed: CLSID\{CAFEEFAC-0015-0000-0005-ABCDEFFEDCBB}

Found and removed: CLSID\{CAFEEFAC-0015-0000-0005-ABCDEFFEDCBC}

Found and removed: CLSID\{CAFEEFAC-0015-0000-0006-ABCDEFFEDCBA}

Found and removed: CLSID\{CAFEEFAC-0015-0000-0006-ABCDEFFEDCBB}

Found and removed: CLSID\{CAFEEFAC-0015-0000-0006-ABCDEFFEDCBC}

Found and removed: CLSID\{CAFEEFAC-0015-0000-0007-ABCDEFFEDCBA}

Found and removed: CLSID\{CAFEEFAC-0015-0000-0007-ABCDEFFEDCBB}

Found and removed: CLSID\{CAFEEFAC-0015-0000-0007-ABCDEFFEDCBC}

Found and removed: CLSID\{CAFEEFAC-0015-0000-0008-ABCDEFFEDCBA}

Found and removed: CLSID\{CAFEEFAC-0015-0000-0008-ABCDEFFEDCBB}

Found and removed: CLSID\{CAFEEFAC-0015-0000-0008-ABCDEFFEDCBC}

Found and removed: CLSID\{CAFEEFAC-0015-0000-0009-ABCDEFFEDCBA}

Found and removed: CLSID\{CAFEEFAC-0015-0000-0009-ABCDEFFEDCBB}

Found and removed: CLSID\{CAFEEFAC-0015-0000-0009-ABCDEFFEDCBC}

Found and removed: CLSID\{CAFEEFAC-0015-0000-0010-ABCDEFFEDCBA}

Found and removed: CLSID\{CAFEEFAC-0015-0000-0010-ABCDEFFEDCBB}

Found and removed: CLSID\{CAFEEFAC-0015-0000-0010-ABCDEFFEDCBC}

Found and removed: CLSID\{CAFEEFAC-0015-0000-0011-ABCDEFFEDCBA}

Found and removed: CLSID\{CAFEEFAC-0015-0000-0011-ABCDEFFEDCBB}

Found and removed: CLSID\{CAFEEFAC-0015-0000-0011-ABCDEFFEDCBC}

Found and removed: CLSID\{CAFEEFAC-0015-0000-0012-ABCDEFFEDCBA}

Found and removed: CLSID\{CAFEEFAC-0015-0000-0012-ABCDEFFEDCBB}

Found and removed: CLSID\{CAFEEFAC-0015-0000-0012-ABCDEFFEDCBC}

Found and removed: CLSID\{CAFEEFAC-0015-0000-0013-ABCDEFFEDCBA}

Found and removed: CLSID\{CAFEEFAC-0015-0000-0013-ABCDEFFEDCBB}

Found and removed: CLSID\{CAFEEFAC-0015-0000-0013-ABCDEFFEDCBC}

Found and removed: CLSID\{CAFEEFAC-0015-0000-0014-ABCDEFFEDCBA}

Found and removed: CLSID\{CAFEEFAC-0015-0000-0014-ABCDEFFEDCBB}

Found and removed: CLSID\{CAFEEFAC-0015-0000-0014-ABCDEFFEDCBC}

Found and removed: CLSID\{CAFEEFAC-0015-0000-0015-ABCDEFFEDCBA}

Found and removed: CLSID\{CAFEEFAC-0015-0000-0015-ABCDEFFEDCBB}

Found and removed: CLSID\{CAFEEFAC-0015-0000-0015-ABCDEFFEDCBC}

Found and removed: CLSID\{CAFEEFAC-0015-0000-0016-ABCDEFFEDCBA}

Found and removed: CLSID\{CAFEEFAC-0015-0000-0016-ABCDEFFEDCBB}

Found and removed: CLSID\{CAFEEFAC-0015-0000-0016-ABCDEFFEDCBC}

Found and removed: CLSID\{CAFEEFAC-0015-0000-0017-ABCDEFFEDCBA}

Found and removed: CLSID\{CAFEEFAC-0015-0000-0017-ABCDEFFEDCBB}

Found and removed: CLSID\{CAFEEFAC-0015-0000-0017-ABCDEFFEDCBC}

Found and removed: CLSID\{CAFEEFAC-0015-0000-0018-ABCDEFFEDCBA}

Found and removed: CLSID\{CAFEEFAC-0015-0000-0018-ABCDEFFEDCBB}

Found and removed: CLSID\{CAFEEFAC-0015-0000-0018-ABCDEFFEDCBC}

Found and removed: CLSID\{CAFEEFAC-0015-0000-0019-ABCDEFFEDCBA}

Found and removed: CLSID\{CAFEEFAC-0015-0000-0019-ABCDEFFEDCBB}

Found and removed: CLSID\{CAFEEFAC-0015-0000-0019-ABCDEFFEDCBC}

Found and removed: CLSID\{CAFEEFAC-0015-0000-0020-ABCDEFFEDCBA}

Found and removed: CLSID\{CAFEEFAC-0015-0000-0020-ABCDEFFEDCBB}

Found and removed: CLSID\{CAFEEFAC-0015-0000-0020-ABCDEFFEDCBC}

Found and removed: CLSID\{CAFEEFAC-0015-0000-0021-ABCDEFFEDCBA}

Found and removed: CLSID\{CAFEEFAC-0015-0000-0021-ABCDEFFEDCBB}

Found and removed: CLSID\{CAFEEFAC-0015-0000-0021-ABCDEFFEDCBC}

Found and removed: CLSID\{CAFEEFAC-0015-0000-0022-ABCDEFFEDCBA}

Found and removed: CLSID\{CAFEEFAC-0015-0000-0022-ABCDEFFEDCBB}

Found and removed: CLSID\{CAFEEFAC-0015-0000-0022-ABCDEFFEDCBC}

Found and removed: CLSID\{CAFEEFAC-0016-0000-0000-ABCDEFFEDCBA}

Found and removed: CLSID\{CAFEEFAC-0016-0000-0000-ABCDEFFEDCBB}

Found and removed: CLSID\{CAFEEFAC-0016-0000-0000-ABCDEFFEDCBC}

Found and removed: CLSID\{CAFEEFAC-0016-0000-0001-ABCDEFFEDCBA}

Found and removed: CLSID\{CAFEEFAC-0016-0000-0001-ABCDEFFEDCBB}

Found and removed: CLSID\{CAFEEFAC-0016-0000-0001-ABCDEFFEDCBC}

Found and removed: CLSID\{CAFEEFAC-0016-0000-0002-ABCDEFFEDCBA}

Found and removed: CLSID\{CAFEEFAC-0016-0000-0002-ABCDEFFEDCBB}

Found and removed: CLSID\{CAFEEFAC-0016-0000-0002-ABCDEFFEDCBC}

Found and removed: CLSID\{CAFEEFAC-0016-0000-0003-ABCDEFFEDCBA}

Found and removed: CLSID\{CAFEEFAC-0016-0000-0003-ABCDEFFEDCBB}

Found and removed: CLSID\{CAFEEFAC-0016-0000-0003-ABCDEFFEDCBC}

Found and removed: CLSID\{CAFEEFAC-0016-0000-0004-ABCDEFFEDCBA}

Found and removed: CLSID\{CAFEEFAC-0016-0000-0004-ABCDEFFEDCBB}

Found and removed: CLSID\{CAFEEFAC-0016-0000-0004-ABCDEFFEDCBC}

Found and removed: CLSID\{CAFEEFAC-0016-0000-0005-ABCDEFFEDCBA}

Found and removed: CLSID\{CAFEEFAC-0016-0000-0005-ABCDEFFEDCBB}

Found and removed: CLSID\{CAFEEFAC-0016-0000-0005-ABCDEFFEDCBC}

Found and removed: CLSID\{CAFEEFAC-0016-0000-0006-ABCDEFFEDCBA}

Found and removed: CLSID\{CAFEEFAC-0016-0000-0006-ABCDEFFEDCBB}

Found and removed: CLSID\{CAFEEFAC-0016-0000-0006-ABCDEFFEDCBC}

Found and removed: CLSID\{CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA}

Found and removed: CLSID\{CAFEEFAC-0016-0000-0007-ABCDEFFEDCBB}

Found and removed: CLSID\{CAFEEFAC-0016-0000-0007-ABCDEFFEDCBC}

Found and removed: CLSID\{CAFEEFAC-0016-0000-0008-ABCDEFFEDCBA}

Found and removed: CLSID\{CAFEEFAC-0016-0000-0008-ABCDEFFEDCBB}

Found and removed: CLSID\{CAFEEFAC-0016-0000-0008-ABCDEFFEDCBC}

Found and removed: CLSID\{CAFEEFAC-0016-0000-0009-ABCDEFFEDCBA}

Found and removed: CLSID\{CAFEEFAC-0016-0000-0009-ABCDEFFEDCBB}

Found and removed: CLSID\{CAFEEFAC-0016-0000-0009-ABCDEFFEDCBC}

Found and removed: CLSID\{CAFEEFAC-0016-0000-0010-ABCDEFFEDCBA}

Found and removed: CLSID\{CAFEEFAC-0016-0000-0010-ABCDEFFEDCBB}

Found and removed: CLSID\{CAFEEFAC-0016-0000-0010-ABCDEFFEDCBC}

Found and removed: CLSID\{CAFEEFAC-0016-0000-0011-ABCDEFFEDCBA}

Found and removed: CLSID\{CAFEEFAC-0016-0000-0011-ABCDEFFEDCBB}

Found and removed: CLSID\{CAFEEFAC-0016-0000-0011-ABCDEFFEDCBC}

Found and removed: CLSID\{CAFEEFAC-0016-0000-0012-ABCDEFFEDCBA}

Found and removed: CLSID\{CAFEEFAC-0016-0000-0012-ABCDEFFEDCBB}

Found and removed: CLSID\{CAFEEFAC-0016-0000-0012-ABCDEFFEDCBC}

Found and removed: CLSID\{CAFEEFAC-0016-0000-0013-ABCDEFFEDCBA}

Found and removed: CLSID\{CAFEEFAC-0016-0000-0013-ABCDEFFEDCBB}

Found and removed: CLSID\{CAFEEFAC-0016-0000-0013-ABCDEFFEDCBC}

Found and removed: CLSID\{CAFEEFAC-0016-0000-0014-ABCDEFFEDCBA}

Found and removed: CLSID\{CAFEEFAC-0016-0000-0014-ABCDEFFEDCBB}

Found and removed: CLSID\{CAFEEFAC-0016-0000-0014-ABCDEFFEDCBC}

Found and removed: CLSID\{CAFEEFAC-0016-0000-0015-ABCDEFFEDCBA}

Found and removed: CLSID\{CAFEEFAC-0016-0000-0015-ABCDEFFEDCBB}

Found and removed: CLSID\{CAFEEFAC-0016-0000-0015-ABCDEFFEDCBC}

Found and removed: CLSID\{CAFEEFAC-0016-0000-0016-ABCDEFFEDCBA}

Found and removed: CLSID\{CAFEEFAC-0016-0000-0016-ABCDEFFEDCBB}

Found and removed: CLSID\{CAFEEFAC-0016-0000-0016-ABCDEFFEDCBC}

Found and removed: CLSID\{CAFEEFAC-0016-0000-0017-ABCDEFFEDCBA}

Found and removed: CLSID\{CAFEEFAC-0016-0000-0017-ABCDEFFEDCBB}

Found and removed: CLSID\{CAFEEFAC-0016-0000-0017-ABCDEFFEDCBC}

Found and removed: CLSID\{CAFEEFAC-0016-0000-0018-ABCDEFFEDCBA}

Found and removed: CLSID\{CAFEEFAC-0016-0000-0018-ABCDEFFEDCBB}

Found and removed: CLSID\{CAFEEFAC-0016-0000-0018-ABCDEFFEDCBC}

Found and removed: CLSID\{CAFEEFAC-0016-0000-0019-ABCDEFFEDCBA}

Found and removed: CLSID\{CAFEEFAC-0016-0000-0019-ABCDEFFEDCBB}

Found and removed: CLSID\{CAFEEFAC-0016-0000-0019-ABCDEFFEDCBC}

Found and removed: CLSID\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}

Found and removed: CLSID\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBB}

Found and removed: CLSID\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBC}

Found and removed: CLSID\{CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}

Found and removed: CLSID\{CAFEEFAC-0016-0000-0021-ABCDEFFEDCBB}

Found and removed: CLSID\{CAFEEFAC-0016-0000-0021-ABCDEFFEDCBC}

Found and removed: CLSID\{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}

Found and removed: CLSID\{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBB}

Found and removed: CLSID\{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBC}

Found and removed: CLSID\{CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}

Found and removed: CLSID\{CAFEEFAC-0016-0000-0023-ABCDEFFEDCBB}

Found and removed: CLSID\{CAFEEFAC-0016-0000-0023-ABCDEFFEDCBC}

Found and removed: JavaScript

Found and removed: JavaScript Author

Found and removed: JavaScript1.1

Found and removed: JavaScript1.1 Author

Found and removed: JavaScript1.2

Found and removed: JavaScript1.2 Author

Found and removed: SOFTWARE\Classes\JavaPlugin

Found and removed: SOFTWARE\Classes\JavaPlugin.160_20

Found and removed: SOFTWARE\JavaSoft\Java Runtime Environment\1.6

Found and removed: SOFTWARE\JavaSoft\Java Web Start\1.0.1

Found and removed: SOFTWARE\JavaSoft\Java Web Start\1.0.1_02

Found and removed: SOFTWARE\JavaSoft\Java Web Start\1.0.1_03

Found and removed: SOFTWARE\JavaSoft\Java Web Start\1.0.1_04

Found and removed: SOFTWARE\JavaSoft\Java Web Start\1.2

Found and removed: SOFTWARE\JavaSoft\Java Web Start\1.2.0_01

Found and removed: SOFTWARE\Microsoft\Active Setup\Installed Components\{08B0E5C0-4FCB-11CF-AAA5-00401C608500}

Found and removed: SOFTWARE\MozillaPlugins\@java.com/JavaPlugin\MimeTypes\application/x-java-applet;version=1.1

Found and removed: SOFTWARE\MozillaPlugins\@java.com/JavaPlugin\MimeTypes\application/x-java-applet;version=1.1.1

Found and removed: SOFTWARE\MozillaPlugins\@java.com/JavaPlugin\MimeTypes\application/x-java-applet;version=1.1.3

Found and removed: SOFTWARE\MozillaPlugins\@java.com/JavaPlugin\MimeTypes\application/x-java-applet;version=1.2

Found and removed: SOFTWARE\MozillaPlugins\@java.com/JavaPlugin\MimeTypes\application/x-java-applet;version=1.2.1

Found and removed: SOFTWARE\MozillaPlugins\@java.com/JavaPlugin\MimeTypes\application/x-java-applet;version=1.3

Found and removed: SOFTWARE\MozillaPlugins\@java.com/JavaPlugin\MimeTypes\application/x-java-applet;version=1.3.1

Found and removed: SOFTWARE\MozillaPlugins\@java.com/JavaPlugin\MimeTypes\application/x-java-applet;version=1.4

Found and removed: SOFTWARE\MozillaPlugins\@java.com/JavaPlugin\MimeTypes\application/x-java-applet;version=1.4.1

Found and removed: SOFTWARE\MozillaPlugins\@java.com/JavaPlugin\MimeTypes\application/x-java-applet;version=1.5

------------------------------------

Finished reporting.

I successfully completed the OTL Fix:

========== OTL ==========
Registry value HKEY_USERS\S-1-5-21-2461483713-2889394737-1746768284-1000\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{D4027C7F-154A-4066-A1AD-4243D8127440} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{D4027C7F-154A-4066-A1AD-4243D8127440}\ not found.
64bit-Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks\\{AEB6717E-7E19-11d0-97EE-00C04FD91972} deleted successfully.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{AEB6717E-7E19-11d0-97EE-00C04FD91972}\ not found.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks\\{AEB6717E-7E19-11d0-97EE-00C04FD91972} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{AEB6717E-7E19-11d0-97EE-00C04FD91972}\ not found.
C:\Windows\SysNative\drivers\~GLH0023.TMP deleted successfully.
C:\Windows\SysNative\drivers\~GLH0024.TMP deleted successfully.

OTL by OldTimer - Version 3.2.22.3 log created on 04012011_165221

The security checker never picked up my Resident Spybot S & D as far as I could see. I had to turn off my Zone Alarm Checkpoint software.

Results of screen317's Security Check version 0.99.7
Windows 7 (UAC is enabled)
Internet Explorer 8
``````````````````````````````
Antivirus/Firewall Check:
Windows Firewall Disabled!
avast! Free Antivirus
McAfee Security Scan Plus
ZoneAlarm
WMI entry may not exist for antivirus; attempting automatic update.
```````````````````````````````
Anti-malware/Other Utilities Check:
Malwarebytes' Anti-Malware
CCleaner
Java(TM) 6 Update 24
Out of date Java installed!
Adobe Flash Player 10.2.153.1
Adobe Reader 9.4.3
Out of date Adobe Reader installed!
Mozilla Firefox (3.6.16)
````````````````````````````````
Process Check:
objlist.exe by Laurent
Alwil Software Avast5 AvastSvc.exe
Zone Labs ZoneAlarm zlclient.exe
``````````End of Log````````````

Ran TFC and it removed 177mb and had to reboot.

Now the ESET Scanner picked up one threat, which is odd; it's in my 2nd hard drive, partition F, as you can see. It is the folder where I have kept information on my daughter's Windows XP computer, made by MESH, for when I reboot it completely. I am expecting you will say it's nothing, but you never know!

F:\Nigel\My Saved Documents\Sarah's MESH Computer\Sarah's computer\Sarah's Reboot prog.'s\MsgPlusLive-483.exe a variant of Win32/Adware.CiDHelp application

I have just realised that this software it has picked up is for MSN Plus. It adds more emoticons and options to chatting on Windows Messenger.

My browsing is still going very slowly and my Windows Live 2011 is still crashing every time I open a mail from a friend from Facebook, anything after 25.3.11.

Have you found anything suspect at all broni?
Thank you for all your help.

 

add-on to last post

Just thought of something else.....videos will not load now, they take an age and if you think they have loaded, it will stop every few seconds to load more, so annoying.
I just took about 3 minutes to get back into here, the green bar loading is so slow at the bottom of the Firefox Browser.

 

Very slow interent browsing and error on Windows Live Mail 2011

I updated Adobe Reader OK but cannot see how to remove old versions. I have looked in Programes and Features in Control Panel but only the latest is there and looking on Google people say they find the new one does not work if you remove older ones?
I have a minor problem now, I noticed today, that avast antivirus is not starting on start-up unless you click on the avast icon on the desktop. In Task Manager it doesn't seem to be on as you start up?
I run the OTL Fix, as you instructed and this is the log file:

All processes killed
========== OTL ==========
========== COMMANDS ==========

[EMPTYTEMP]

User: All Users

User: Default
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
->Flash cache emptied: 56466 bytes

User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
->Flash cache emptied: 0 bytes

User: Lorraine
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
->FireFox cache emptied: 0 bytes
->Flash cache emptied: 0 bytes

User: Nigel
->Temp folder emptied: 419623 bytes
->Temporary Internet Files folder emptied: 7577201 bytes
->Java cache emptied: 0 bytes
->FireFox cache emptied: 45950055 bytes
->Flash cache emptied: 456 bytes

User: Public
->Temp folder emptied: 0 bytes

%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32 (64bit) .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 19556 bytes
%systemroot%\sysnative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files folder emptied: 33170 bytes
RecycleBin emptied: 0 bytes

Total Files Cleaned = 52.00 mb


[EMPTYFLASH]

User: All Users

User: Default
->Flash cache emptied: 0 bytes

User: Default User
->Flash cache emptied: 0 bytes

User: Lorraine
->Flash cache emptied: 0 bytes

User: Nigel
->Flash cache emptied: 0 bytes

User: Public

Total Flash Files Cleaned = 0.00 mb

Restore point Set: OTL Restore Point

OTL by OldTimer - Version 3.2.22.3 log created on 04022011_184424

Files\Folders moved on Reboot...
C:\Users\Nigel\AppData\Local\Temp\FXSAPIDebugLogFile.txt moved successfully.
C:\Users\Nigel\AppData\Local\Temp\~DF48CA6E6E3C971902.TMP moved successfully.
File\Folder C:\Users\Nigel\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.Word\~WRS{0A809B35-0593-46B6-88A5-F5075F682DFB}.tmp not found!
File\Folder C:\Users\Nigel\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.Word\~WRS{1C4F10B2-08C5-4978-B118-2FAEA3E6ECC1}.tmp not found!
File\Folder C:\Users\Nigel\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.Word\~WRS{B6DAC6B0-32AD-4D3E-A928-4C9BBD4A5ACC}.tmp not found!
File\Folder C:\Users\Nigel\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.Word\~WRS{BBBE8CDC-A223-4A4E-BD7A-680D4431FD4A}.tmp not found!
File move failed. C:\Windows\temp\_avast_\Webshlock.txt scheduled to be moved on reboot.
File\Folder C:\Windows\temp\ZLT05704.TMP not found!

Registry entries deleted on Reboot...

and ran the OTL Cleanup OK.
I like the Secunia Personal Software Inspector, I have installed that and had a mark of 95% and updated the 4 out of date and removed remnants of Nero old software.
I like the FileHippo updater too. I have installed and 11 programs to update, so working on that at the moment.
I see out of the new programs showing up highlighted in my all programs list is Windows Live, when I haven't updated it?

Was I infected before you started this thread and can you tell me what sort if I was please? Just wondering if it was a Trojan?
My Windows Live is still shutting down on any friends messages from Facebook. I have solved this temporarily or so I thought by stopping any messages coming from Facebook to my Windows Live Mail but the bogus infected ones are still getting through with links on them.
I have changed my default web browser to Internet Explorer now and that is going faster than Firefox.
I will update those other programs and also defrag my C drive.
Thank you again.

 

add on to last post

I have been using Internet Explorer 8 tonight and the browsing is very fast.
I think the problem for the browsing lies in Firefox, so I guess maybe an add-on that needs to be disabled, if I wanted to find the fault, but quite happy with IE8 now.

 

slow internet browsing & error on windows live 2011

I fixed the avast easily by going into programs and features from Control Panel and selecting avast and then selecting repair. My avast now starts again on start-up.
There is no option on my Mozilla Firefox to select safe mode for it. However since installing Firefox 4.0 everything became right, fast surfing of the web, videos streaming from youtube ok etc. But there are times when it goes back to going slowly again. I can't believe it's due to the ammount of people online, nothing should make your browsing that slow surely?
I found that my Defrag. in Windows 7 is set to a default regular scan once a week and it is 0% defragmented.
I fully un-installed all of my Windows Live Eseentials 2011 package last night and re-installed it, thinking no messages or no contacts would be in either until I loaded my back-up....how wrong I was, all of my e-mails were still in there and all of my contacts in both live mail and MSN. The error was still there too in Windows Live Mail, although Microsoft recommends you un-install and re-install with this problem. Were my mail and contacts loaded from their server?
Internet Explorer is deinitely bettter at the moment for browsing, much faster, although it always used to be the other way around.
I have updated all programs now that Filehippo recommended, all 11 of them and my Secunia PSI score is up to 100%.
I would feel much happier if there was an answer to my Live Mial. Is there any way to re-install with an empty inbox and folders?