Browser Problems

2 posters

WiredWX Christian Hobby Weather Tools :: GeekPolice tech support archive :: Technical Support

Browser Problems2nd October 2010, 8:15 pm

Hi there. Lately, i've been having a few problems when browsing the internet. When I use Firefox, it's having a bit of trouble connecting to the web pages, coming up with an error, saying it can't connect. Also, a pop-up appears, first saying "search.gugle.com", and then loads the "google.com" page. After clicking on a link in the browser, it sometimes loads for a split-second, and then displaying "waiting for google-analytics.com" at the bottom. I have found a make-shift way around this (by using ABP and blocking "google-analytics.com") I know this doesn't solve the problem however. Another problem is that it tries to load the web page "http://77.78.240.151/redir.php", and i'm sure this links to a fake anti-virus webpage (I have seen this a couple of times before). I have Bitdefender 2011, and have run deep scans, and all it's found is cookies. Many thanks to anyone who helps, and I hope there is enough info to help here. If not, just ask Smile...

Thanks again.

Re: Browser Problems3rd October 2010, 12:04 am

Hello.

Download OTL by OldTimer to your Desktop.

Close all windows and double click OTL.exe
Click Run Scan and let the program run uninterrupted
It will produce two logs for you, one will pop up - OTL.txt, the other will be saved on your Desktop - Extras.txt. Post both logs in this thread.
You may need to use two posts to get it all.

............................................................................................
Site Admin / Security Administrator

Virus Removal ~ OS Support ~ Have we helped you? Help us! ~ GeekChat
- Please PM me if I fail to respond within 24hrs.
Browser Problems DXwU4

Re: Browser Problems4th October 2010, 8:54 pm

OTL logfile created on: 04/10/2010 20:57:28 - Run 1
OTL by OldTimer - Version 3.2.14.1 Folder = C:\Documents and Settings\Jake M\Desktop
Windows XP Professional Edition Service Pack 2 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 7.0.5730.13)
Locale: 00000809 | Country: United Kingdom | Language: ENG | Date Format: dd/MM/yyyy

2.00 Gb Total Physical Memory | 1.00 Gb Available Physical Memory | 53.00% Memory free
4.00 Gb Paging File | 2.00 Gb Available in Paging File | 62.00% Paging File free
Paging file location(s): C:\pagefile.sys 2046 4092 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 74.44 Gb Total Space | 5.34 Gb Free Space | 7.17% Space Free | Partition Type: NTFS
D: Drive not present or media not loaded
E: Drive not present or media not loaded
F: Drive not present or media not loaded
Drive G: | 298.01 Gb Total Space | 43.26 Gb Free Space | 14.51% Space Free | Partition Type: FAT32
H: Drive not present or media not loaded
I: Drive not present or media not loaded

Computer Name: NIGEL-6518CF5A8
Current User Name: Jake M
Logged in as Administrator.

Current Boot Mode: Normal
Scan Mode: Current user
Company Name Whitelist: Off
Skip Microsoft Files: Off
File Age = 30 Days
Output = Standard

========== Processes (SafeList) ==========

PRC - [2010/10/04 19:08:41 | 000,575,488 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Jake M\Desktop\OTL.exe
PRC - [2010/09/15 00:02:44 | 000,910,296 | ---- | M] (Mozilla Corporation) -- C:\Program Files\Mozilla Firefox\firefox.exe
PRC - [2010/09/15 00:02:44 | 000,014,808 | ---- | M] (Mozilla Corporation) -- C:\Program Files\Mozilla Firefox\plugin-container.exe
PRC - [2010/08/11 20:54:48 | 001,405,584 | ---- | M] (BitDefender S.R.L.) -- C:\Program Files\BitDefender\BitDefender 2011\bdagent.exe
PRC - [2010/08/10 13:59:58 | 001,885,040 | ---- | M] (BitDefender S.R.L.) -- C:\Program Files\BitDefender\BitDefender 2011\vsserv.exe
PRC - [2010/08/10 13:59:44 | 000,042,400 | ---- | M] (BitDefender S.R.L.) -- C:\Program Files\BitDefender\BitDefender 2011\updatesrv.exe
PRC - [2010/08/10 13:57:26 | 000,064,048 | ---- | M] (BitDefender S.R.L.) -- C:\Program Files\BitDefender\BitDefender 2011\pchooklaunch32.exe
PRC - [2010/07/01 12:07:20 | 001,361,128 | ---- | M] (Trusteer Ltd.) -- C:\Program Files\Trusteer\Rapport\bin\RapportService.exe
PRC - [2010/07/01 12:07:18 | 000,840,936 | ---- | M] (Trusteer Ltd.) -- C:\Program Files\Trusteer\Rapport\bin\RapportMgmtService.exe
PRC - [2010/06/10 21:03:08 | 000,144,176 | ---- | M] (Apple Inc.) -- C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
PRC - [2009/08/28 06:40:50 | 000,606,208 | ---- | M] () -- C:\WINDOWS\Samsung\PanelMgr\SSMMgr.exe
PRC - [2009/04/16 16:20:30 | 001,516,032 | ---- | M] (Motive Communications, Inc.) -- C:\Program Files\BT Business Broadband Desktop Help\btbb_wcm\McciTrayApp.exe
PRC - [2009/04/16 16:19:42 | 001,548,288 | ---- | M] (Motive Communications, Inc.) -- C:\Program Files\BT Business Broadband Desktop Help\btbb\BTHelpNotifier.exe
PRC - [2009/04/08 21:23:45 | 002,356,088 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files\Common Files\Adobe\Updater5\AdobeUpdater.exe
PRC - [2009/03/29 21:10:39 | 000,654,848 | ---- | M] (Macrovision Europe Ltd.) -- C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
PRC - [2009/02/26 15:24:50 | 000,097,680 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE
PRC - [2009/02/06 17:07:48 | 000,027,512 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Windows Live\Contacts\wlcomm.exe
PRC - [2008/11/09 21:48:14 | 000,602,392 | ---- | M] (Yahoo! Inc.) -- C:\Program Files\Yahoo!\SoftwareUpdate\YahooAUService.exe
PRC - [2008/08/20 17:38:30 | 000,860,160 | ---- | M] (Intel(R) Corporation) -- C:\Program Files\Intel\WiFi\bin\EvtEng.exe
PRC - [2008/08/20 17:28:34 | 000,348,160 | ---- | M] (Intel(R) Corporation) -- C:\Program Files\Intel\WiFi\bin\WLKEEPER.exe
PRC - [2008/08/20 17:27:36 | 001,368,064 | ---- | M] (Intel(R) Corporation) -- C:\Program Files\Intel\WiFi\bin\ZCfgSvc.exe
PRC - [2008/08/20 17:18:34 | 000,905,216 | ---- | M] (Intel(R) Corporation) -- C:\Program Files\Intel\WiFi\bin\S24EvMon.exe
PRC - [2008/08/20 17:09:12 | 001,191,936 | ---- | M] (Intel(R) Corporation) -- C:\Program Files\Common Files\Intel\WirelessCommon\iFrmewrk.exe
PRC - [2008/08/20 17:08:02 | 000,466,944 | ---- | M] (Intel(R) Corporation) -- C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
PRC - [2008/04/04 18:10:26 | 000,030,152 | ---- | M] (Viewpoint Corporation) -- C:\Program Files\Viewpoint\Common\ViewpointService.exe
PRC - [2007/11/08 23:50:10 | 001,552,384 | ---- | M] () -- C:\Program Files\NTRU Cryptosystems\NTRU TCG Software Stack\bin\tcsd_win32.exe
PRC - [2007/09/14 11:53:16 | 000,218,424 | ---- | M] (Wave Systems Corp.) -- C:\Program Files\Wave Systems Corp\SecureUpgrade.exe
PRC - [2007/09/10 10:55:04 | 000,092,160 | ---- | M] (Wave Systems Corp.) -- C:\Program Files\Wave Systems Corp\Services Manager\DocMgr\bin\WavXDocMgr.exe
PRC - [2007/09/07 18:29:04 | 000,737,280 | ---- | M] (Wave Systems Corp.) -- C:\Program Files\Wave Systems Corp\Trusted Drive Manager\TdmService.exe
PRC - [2007/07/20 17:55:46 | 001,228,800 | ---- | M] (Dell Inc.) -- C:\Program Files\Dell\QuickSet\quickset.exe
PRC - [2007/07/20 17:53:52 | 000,475,136 | ---- | M] (Dell Inc.) -- C:\Program Files\Dell\QuickSet\NicConfigSvc.exe
PRC - [2007/07/02 14:29:22 | 000,159,744 | ---- | M] (Alps Electric Co., Ltd.) -- C:\Program Files\DellTPad\Apoint.exe
PRC - [2007/06/06 17:44:44 | 000,049,152 | ---- | M] (Alps Electric Co., Ltd.) -- C:\Program Files\DellTPad\ApntEx.exe
PRC - [2007/05/22 15:18:56 | 000,050,736 | ---- | M] (Alps Electric Co., Ltd.) -- C:\Program Files\DellTPad\ApMsgFwd.exe
PRC - [2007/05/11 02:59:23 | 000,349,808 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files\Adobe\Acrobat 8.0\Acrobat\Acrobat.exe
PRC - [2007/05/10 22:46:20 | 000,624,248 | ---- | M] (Adobe Systems Inc.) -- C:\Program Files\Adobe\Acrobat 8.0\Acrobat\acrotray.exe
PRC - [2007/05/10 11:22:32 | 000,405,504 | ---- | M] (SigmaTel, Inc.) -- C:\Program Files\SigmaTel\C-Major Audio\WDM\stsystra.exe
PRC - [2007/01/31 14:55:42 | 000,096,370 | ---- | M] (Canon Inc.) -- C:\Program Files\Canon\CAL\CALMAIN.exe
PRC - [2007/01/04 22:38:18 | 000,112,336 | ---- | M] (Viewpoint Corporation) -- C:\Program Files\Viewpoint\Viewpoint Manager\ViewMgr.exe
PRC - [2006/09/08 16:10:22 | 000,040,960 | ---- | M] (Alps Electric Co., Ltd.) -- C:\Program Files\DellTPad\hidfind.exe
PRC - [2006/06/27 16:21:14 | 001,449,984 | ---- | M] (Time Information Services Ltd.) -- C:\Program Files\Nokia\Nokia PC Suite 6\PcSync2.exe
PRC - [2006/06/15 12:36:18 | 000,229,376 | ---- | M] (Nokia) -- C:\Program Files\Nokia\Nokia PC Suite 6\LaunchApplication.exe
PRC - [2006/06/09 10:37:18 | 000,471,552 | ---- | M] (Nokia Corporation) -- C:\Program Files\Common Files\Nokia\MPAPI\MPAPI3s.exe
PRC - [2006/06/05 13:59:18 | 000,174,080 | ---- | M] (Nokia.) -- C:\Program Files\Common Files\PCSuite\Services\ServiceLayer.exe
PRC - [2004/08/04 11:00:00 | 001,032,192 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
PRC - [2003/10/29 03:06:00 | 000,024,576 | ---- | M] (BVRP Software) -- C:\Program Files\Digital Line Detect\DLG.exe

========== Modules (SafeList) ==========

MOD - [2010/10/04 19:08:41 | 000,575,488 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Jake M\Desktop\OTL.exe
MOD - [2010/08/10 13:57:24 | 000,015,624 | ---- | M] (BitDefender S.R.L.) -- C:\Program Files\BitDefender\BitDefender 2011\pchook32.dll
MOD - [2010/06/25 18:51:26 | 000,225,152 | ---- | M] (BitDefender S.R.L. Bucharest, ROMANIA) -- C:\Program Files\BitDefender\BitDefender 2011\Active Virus Control\Midas_000_001\midas32.dll
MOD - [2010/06/07 18:07:08 | 000,541,928 | ---- | M] (Trusteer Ltd.) -- C:\Program Files\Trusteer\Rapport\bin\rooksbas.dll
MOD - [2010/04/22 16:27:24 | 000,176,128 | ---- | M] (BitDefender S.R.L. Bucharest, ROMANIA) -- C:\Program Files\BitDefender\BitDefender 2011\Active Virus Control\Midas_000_001\plugin_extra.m32
MOD - [2010/04/22 16:27:12 | 000,266,240 | ---- | M] (BitDefender S.R.L. Bucharest, ROMANIA) -- C:\Program Files\BitDefender\BitDefender 2011\Active Virus Control\Midas_000_001\plugin_nt.m32
MOD - [2010/04/22 16:26:50 | 000,098,304 | ---- | M] (BitDefender S.R.L. Bucharest, ROMANIA) -- C:\Program Files\BitDefender\BitDefender 2011\Active Virus Control\Midas_000_001\plugin_net.m32
MOD - [2010/04/22 16:26:42 | 000,319,488 | ---- | M] (BitDefender S.R.L. Bucharest, ROMANIA) -- C:\Program Files\BitDefender\BitDefender 2011\Active Virus Control\Midas_000_001\plugin_fragments.m32
MOD - [2010/04/22 16:26:26 | 000,126,976 | ---- | M] (BitDefender S.R.L. Bucharest, ROMANIA) -- C:\Program Files\BitDefender\BitDefender 2011\Active Virus Control\Midas_000_001\plugin_registry.m32
MOD - [2010/04/22 16:26:18 | 000,151,552 | ---- | M] (BitDefender S.R.L. Bucharest, ROMANIA) -- C:\Program Files\BitDefender\BitDefender 2011\Active Virus Control\Midas_000_001\plugin_base.m32
MOD - [2009/07/12 00:02:02 | 000,653,120 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\WinSxS\x86_Microsoft.VC90.CRT_1fc8b3b9a1e18e3b_9.0.30729.4148_x-ww_d495ac4e\msvcr90.dll
MOD - [2009/02/10 16:53:43 | 000,198,144 | ---- | M] (Motive Communications, Inc.) -- C:\Program Files\Common Files\Motive\McciContextHook_DSR.dll
MOD - [2004/08/04 11:00:00 | 001,050,624 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.2180_x-ww_a84f1ff9\comctl32.dll
MOD - [2004/08/04 11:00:00 | 000,102,400 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\msscript.ocx

========== Win32 Services (SafeList) ==========

SRV - [2010/08/10 13:59:58 | 001,885,040 | ---- | M] (BitDefender S.R.L.) [Auto | Running] -- C:\Program Files\BitDefender\BitDefender 2011\vsserv.exe -- (VSSERV)
SRV - [2010/08/10 13:59:44 | 000,042,400 | ---- | M] (BitDefender S.R.L.) [Auto | Running] -- C:\Program Files\BitDefender\BitDefender 2011\updatesrv.exe -- (Updatesrv)
SRV - [2010/07/23 09:51:36 | 000,307,544 | ---- | M] (BitDefender) [On_Demand | Stopped] -- C:\Program Files\Common Files\BitDefender\BitDefender Arrakis Server\bin\arrakis3.exe -- (Update Server)
SRV - [2010/07/01 12:07:18 | 000,840,936 | ---- | M] (Trusteer Ltd.) [Auto | Running] -- C:\Program Files\Trusteer\Rapport\bin\RapportMgmtService.exe -- (RapportMgmtService)
SRV - [2010/06/10 21:03:08 | 000,144,176 | ---- | M] (Apple Inc.) [Auto | Running] -- C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe -- (Apple Mobile Device)
SRV - [2009/11/11 21:41:32 | 000,016,680 | ---- | M] (Citrix Online, a division of Citrix Systems, Inc.) [On_Demand | Stopped] -- C:\Program Files\Citrix\GoToAssist\570\g2aservice.exe -- (GoToAssist)
SRV - [2009/03/29 21:10:39 | 000,654,848 | ---- | M] (Macrovision Europe Ltd.) [On_Demand | Running] -- C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe -- (FLEXnet Licensing Service)
SRV - [2008/11/17 11:51:58 | 001,128,944 | ---- | M] (Sonic Solutions) [On_Demand | Stopped] -- C:\Program Files\Common Files\Roxio Shared\11.0\SharedCOM\RoxMediaDB11.exe -- (RoxMediaDB11)
SRV - [2008/11/09 21:48:14 | 000,602,392 | ---- | M] (Yahoo! Inc.) [Auto | Running] -- C:\Program Files\Yahoo!\SoftwareUpdate\YahooAUService.exe -- (YahooAUService)
SRV - [2008/08/20 17:38:30 | 000,860,160 | ---- | M] (Intel(R) Corporation) [Auto | Running] -- C:\Program Files\Intel\WiFi\bin\EvtEng.exe -- (EvtEng)
SRV - [2008/08/20 17:28:34 | 000,348,160 | ---- | M] (Intel(R) Corporation) [Auto | Running] -- C:\Program Files\Intel\WiFi\bin\WLKEEPER.exe -- (WLANKEEPER) Intel(R)
SRV - [2008/08/20 17:18:34 | 000,905,216 | ---- | M] (Intel(R) Corporation) [Auto | Running] -- C:\Program Files\Intel\WiFi\bin\S24EvMon.exe -- (S24EventMonitor)
SRV - [2008/08/20 17:08:02 | 000,466,944 | ---- | M] (Intel(R) Corporation) [Auto | Running] -- C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe -- (RegSrvc)
SRV - [2008/04/04 18:10:26 | 000,030,152 | ---- | M] (Viewpoint Corporation) [Auto | Running] -- C:\Program Files\Viewpoint\Common\ViewpointService.exe -- (Viewpoint Service)
SRV - [2007/11/08 23:50:10 | 001,552,384 | ---- | M] () [Auto | Running] -- C:\Program Files\NTRU Cryptosystems\NTRU TCG Software Stack\bin\tcsd_win32.exe -- (tcsd_win32.exe)
SRV - [2007/09/13 15:31:44 | 000,192,512 | ---- | M] (Wave Systems Corp.) [On_Demand | Stopped] -- C:\Program Files\Wave Systems Corp\Authentication Manager\WaveEnrollmentService.exe -- (WaveEnrollmentService)
SRV - [2007/09/07 18:29:04 | 000,737,280 | ---- | M] (Wave Systems Corp.) [Auto | Running] -- C:\Program Files\Wave Systems Corp\Trusted Drive Manager\TdmService.exe -- (TdmService)
SRV - [2007/08/31 18:39:18 | 000,486,400 | ---- | M] (Wave Systems Corp.) [On_Demand | Stopped] -- C:\Program Files\Wave Systems Corp\Secure Storage Manager\SecureStorageService.exe -- (SecureStorageService)
SRV - [2007/07/20 17:53:52 | 000,475,136 | ---- | M] (Dell Inc.) [Auto | Running] -- C:\Program Files\Dell\QuickSet\NicConfigSvc.exe -- (NICCONFIGSVC)
SRV - [2007/03/20 16:41:24 | 000,153,792 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Program Files\Common Files\Adobe\Adobe Version Cue CS3\Server\bin\VersionCueCS3.exe -- (Adobe Version Cue CS3)
SRV - [2007/01/31 14:55:42 | 000,096,370 | ---- | M] (Canon Inc.) [Auto | Running] -- C:\Program Files\Canon\CAL\CALMAIN.exe -- (CCALib8)
SRV - [2006/06/05 13:59:18 | 000,174,080 | ---- | M] (Nokia.) [On_Demand | Running] -- C:\Program Files\Common Files\PCSuite\Services\ServiceLayer.exe -- (ServiceLayer)

========== Driver Services (SafeList) ==========

DRV - File not found [Kernel | On_Demand | Stopped] -- C:\WINDOWS\System32\DRIVERS\UIUSYS.SYS -- (UIUSys)
DRV - File not found [Kernel | Auto | Stopped] -- C:\WINDOWS\System32\Drivers\SSPORT.sys -- (SSPORT)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\PROGRA~1\COMMON~1\Motive\MRESP50a64.SYS -- (MRESP50a64)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\PROGRA~1\COMMON~1\Motive\MRENDIS5.SYS -- (MRENDIS5)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\PROGRA~1\COMMON~1\Motive\MREMPR5.SYS -- (MREMPR5)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\PROGRA~1\COMMON~1\Motive\MREMP50a64.SYS -- (MREMP50a64)
DRV - File not found [Kernel | Auto | Stopped] -- C:\WINDOWS\System32\Drivers\DgiVecp.sys -- (DgiVecp)
DRV - [2010/09/24 17:09:06 | 000,067,152 | ---- | M] (BitDefender) [Kernel | On_Demand | Running] -- C:\Program Files\BitDefender\BitDefender 2011\bdselfpr.sys -- (bdselfpr)
DRV - [2010/07/27 12:50:00 | 000,253,072 | ---- | M] (BitDefender S.R.L.) [File_System | Auto | Running] -- C:\WINDOWS\system32\drivers\Trufos.sys -- (Trufos)
DRV - [2010/07/09 15:08:14 | 000,327,368 | ---- | M] (BitDefender) [File_System | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\bdfsfltr.sys -- (bdfsfltr)
DRV - [2010/07/01 12:07:30 | 000,166,632 | ---- | M] (Trusteer Ltd.) [Kernel | System | Running] -- C:\Program Files\Trusteer\Rapport\bin\RapportPG.sys -- (RapportPG)
DRV - [2010/07/01 12:07:30 | 000,059,240 | ---- | M] (Trusteer Ltd.) [Kernel | System | Running] -- C:\Program Files\Trusteer\Rapport\bin\RapportKELL.sys -- (RapportKELL)
DRV - [2010/06/28 12:55:42 | 000,970,320 | ---- | M] (BitDefender) [File_System | Disabled | Stopped] -- C:\WINDOWS\system32\drivers\avckf.sys -- (avckf)
DRV - [2010/06/28 12:55:36 | 000,633,424 | ---- | M] (BitDefender) [File_System | Disabled | Stopped] -- C:\WINDOWS\system32\drivers\avc3.sys -- (avc3)
DRV - [2010/06/18 19:11:40 | 000,126,416 | ---- | M] (BitDefender LLC) [Kernel | System | Running] -- C:\Program Files\Common Files\BitDefender\BitDefender Firewall\bdftdif.sys -- (Bdftdif)
DRV - [2010/06/18 16:11:42 | 000,111,696 | ---- | M] (BitDefender) [Kernel | On_Demand | Running] -- C:\Program Files\Common Files\BitDefender\BitDefender Firewall\bdfndisf.sys -- (Bdfndisf)
DRV - [2010/05/13 17:02:31 | 000,012,960 | ---- | M] (BITDEFENDER LLC) [File_System | System | Running] -- C:\WINDOWS\system32\drivers\bdrawpr.sys -- (BdRawPr)
DRV - [2010/04/22 13:19:50 | 000,149,520 | ---- | M] (BitDefender S.R.L. Bucharest, ROMANIA) [File_System | On_Demand | Running] -- C:\WINDOWS\system32\drivers\bdfm.sys -- (BDFM)
DRV - [2010/03/25 03:33:04 | 000,571,008 | ---- | M] (Line 6) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\L6UX1.sys -- (L6UX1)
DRV - [2010/03/10 05:00:06 | 000,006,656 | ---- | M] (Windows (R) Codename Longhorn DDK provider) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\iPodDrv.sys -- (iPodDrv)
DRV - [2010/01/19 19:32:40 | 000,085,128 | ---- | M] (BitDefender) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\bdvedisk.sys -- (Bdvedisk)
DRV - [2009/03/19 13:48:18 | 000,136,704 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\nmwcdnsu.sys -- (nmwcdnsu)
DRV - [2009/03/19 13:48:12 | 000,008,320 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\nmwcdnsuc.sys -- (nmwcdnsuc)
DRV - [2009/02/10 16:53:42 | 000,021,248 | ---- | M] (Printing Communications Assoc., Inc. (PCAUSA)) [Kernel | On_Demand | Stopped] -- C:\Program Files\Common Files\Motive\MREMP50.sys -- (MREMP50)
DRV - [2009/02/10 16:53:41 | 000,020,096 | ---- | M] (Printing Communications Assoc., Inc. (PCAUSA)) [Kernel | On_Demand | Running] -- C:\Program Files\Common Files\Motive\MRESP50.sys -- (MRESP50)
DRV - [2009/02/09 07:37:56 | 000,007,808 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\usbser_lowerfltj.sys -- (UsbserFilt)
DRV - [2009/02/09 07:37:48 | 000,007,808 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\usbser_lowerflt.sys -- (upperdev)
DRV - [2009/02/09 07:37:46 | 000,022,016 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ccdcmbo.sys -- (nmwcdc)
DRV - [2009/02/09 07:37:46 | 000,017,664 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ccdcmb.sys -- (nmwcd)
DRV - [2008/09/12 14:22:54 | 000,540,288 | ---- | M] (eMPIA Technology, Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\emBDA.sys -- (USB28xxBGA)
DRV - [2008/09/12 14:22:24 | 000,443,520 | ---- | M] (eMPIA Technology, Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\emOEM.sys -- (USB28xxOEM)
DRV - [2008/08/29 00:34:30 | 003,632,384 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\NETw5x32.sys -- (NETw5x32) Intel(R)
DRV - [2008/08/04 12:32:26 | 000,011,904 | ---- | M] (Intel Corporation) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\s24trans.sys -- (s24trans)
DRV - [2007/12/23 18:18:48 | 000,068,696 | ---- | M] (O2Micro) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\oz776.sys -- (guardian2)
DRV - [2007/11/17 04:03:00 | 006,864,064 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\nv4_mini.sys -- (nv)
DRV - [2007/09/10 10:55:00 | 000,161,280 | ---- | M] (Wave Systems Corp.) [File_System | Auto | Running] -- C:\WINDOWS\system32\drivers\WavxDMgr.sys -- (WavxDMgr)
DRV - [2007/09/07 10:57:14 | 000,026,608 | ---- | M] (Dell Inc) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\PBADRV.sys -- (PBADRV)
DRV - [2007/09/06 10:18:40 | 000,018,176 | ---- | M] (Windows (R) Codename Longhorn DDK provider) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\WaveFDE.sys -- (WaveFDE)
DRV - [2007/06/25 19:53:10 | 000,155,136 | ---- | M] (Alps Electric Co., Ltd.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\Apfiltr.sys -- (ApfiltrService)
DRV - [2007/05/10 11:24:34 | 001,222,840 | ---- | M] (SigmaTel, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\sthda.sys -- (STHDA)
DRV - [2007/04/03 09:32:38 | 000,046,992 | ---- | M] (UPEK Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\tcusb.sys -- (TcUsb)
DRV - [2005/12/01 02:40:56 | 000,936,960 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\HSX_DPV.sys -- (HSF_DPV)
DRV - [2005/12/01 02:40:12 | 000,192,512 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\HSXHWAZL.sys -- (HSXHWAZL)
DRV - [2005/12/01 02:40:08 | 000,669,696 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\HSX_CNXT.sys -- (winachsf)
DRV - [2005/10/26 11:01:02 | 000,142,720 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\b57xp32.sys -- (b57w2k)
DRV - [2005/08/12 18:50:46 | 000,016,128 | ---- | M] (Dell Inc) [Kernel | System | Running] -- C:\WINDOWS\SYSTEM32\DRIVERS\APPDRV.SYS -- (APPDRV)
DRV - [2005/01/07 18:07:18 | 000,138,752 | ---- | M] (Windows (R) Server 2003 DDK provider) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\Hdaudbus.sys -- (HDAudBus)
DRV - [2004/08/03 23:10:14 | 000,015,360 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\MPE.sys -- (MPE)
DRV - [2004/08/03 23:07:56 | 000,059,264 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\USBAUDIO.sys -- (usbaudio) USB Audio Driver (WDM)
DRV - [2003/07/11 14:22:08 | 000,014,912 | ---- | M] (IBM) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\LUMDriver.sys -- (LUMDriver)

========== Standard Registry (SafeList) ==========

========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://uk.yahoo.com
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://uk.rd.yahoo.com/customize/ie/defaults/su/msgr9/*http://uk.search.yahoo.com
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://uk.rd.yahoo.com/customize/ie/defaults/sp/msgr9/*http://uk.search.yahoo.com
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://uk.yahoo.com

IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

========== FireFox ==========

FF - prefs.js..browser.search.suggest.enabled: false
FF - prefs.js..extensions.enabledItems: jqs@sun.com:1.0
FF - prefs.js..extensions.enabledItems: {d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}:1.2.2

FF - HKLM\software\mozilla\Firefox\extensions\\FFToolbar@bitdefender.com: C:\Program Files\BitDefender\BitDefender 2011\bdaphffext\ [2010/09/24 17:47:06 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.10\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2010/09/22 21:35:02 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.10\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2010/09/22 21:31:05 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Thunderbird\Extensions\\bdThunderbird@bitdefender.com: C:\Program Files\BitDefender\BitDefender 2011\bdtbext\ [2010/09/24 17:47:15 | 000,000,000 | ---D | M]

[2010/08/07 10:00:08 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jake M\Application Data\Mozilla\Extensions
[2010/10/02 19:00:41 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jake M\Application Data\Mozilla\Firefox\Profiles\faqv7gkp.default\extensions
[2010/08/08 12:00:23 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Documents and Settings\Jake M\Application Data\Mozilla\Firefox\Profiles\faqv7gkp.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}
[2010/09/25 14:41:15 | 000,000,000 | ---D | M] (Adblock Plus) -- C:\Documents and Settings\Jake M\Application Data\Mozilla\Firefox\Profiles\faqv7gkp.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}
[2010/10/04 18:11:04 | 000,000,000 | ---D | M] -- C:\Program Files\Mozilla Firefox\extensions
[2010/09/14 22:09:10 | 000,001,538 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\amazon-en-GB.xml
[2010/09/14 22:09:10 | 000,000,947 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\chambers-en-GB.xml
[2010/09/14 22:09:10 | 000,000,769 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\eBay-en-GB.xml
[2010/09/14 22:09:10 | 000,001,135 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\yahoo-en-GB.xml

O1 HOSTS File: ([2004/08/04 11:00:00 | 000,000,734 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (&Yahoo! Toolbar Helper) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn1\yt.dll (Yahoo! Inc.)
O2 - BHO: (Adobe PDF Reader Link Helper) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
O2 - BHO: (ContributeBHO Class) - {074C1DC5-9320-4A9A-947D-C042949C6216} - C:\Program Files\Adobe\/Adobe Contribute CS3/contributeieplugin.dll ()
O2 - BHO: (Yahooo Search Protection) - {25BC7718-0BFA-40EA-B381-4B2D9732D686} - C:\Program Files\Yahoo!\Search Protection\ysp.dll (Yahoo! Inc.)
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - No CLSID value found.
O2 - BHO: (PodcastBHO Class) - {65134FDF-F8A5-4B3D-91D9-CDF273CFD578} - C:\Program Files\Common Files\doubleTwist\IEPodcastPlugin.dll (doubleTwist Corporation)
O2 - BHO: (Groove GFS Browser Helper) - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll (Microsoft Corporation)
O2 - BHO: (Adobe PDF Conversion Toolbar Helper) - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O2 - BHO: (SingleInstance Class) - {FDAD4DA1-61A2-4FD8-9C17-86F7AC245081} - C:\Program Files\Yahoo!\Companion\Installs\cpn1\YTSingleInstance.dll (Yahoo! Inc)
O3 - HKLM\..\Toolbar: (BitDefender Toolbar) - {381FFDE8-2394-4F90-B10D-FC6124A40F8C} - C:\Program Files\BitDefender\BitDefender 2011\ietoolbar.dll (BitDefender S.R.L.)
O3 - HKLM\..\Toolbar: (Adobe PDF) - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O3 - HKLM\..\Toolbar: (Contribute Toolbar) - {517BDDE4-E3A7-4570-B21E-2B52B6139FC7} - C:\Program Files\Adobe\/Adobe Contribute CS3/contributeieplugin.dll ()
O3 - HKLM\..\Toolbar: (Yahoo! Toolbar) - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn1\yt.dll (Yahoo! Inc.)
O3 - HKCU\..\Toolbar\WebBrowser: (Adobe PDF) - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O4 - HKLM..\Run: [] File not found
O4 - HKLM..\Run: [Acrobat Assistant 8.0] C:\Program Files\Adobe\Acrobat 8.0\Acrobat\Acrotray.exe (Adobe Systems Inc.)
O4 - HKLM..\Run: [Adobe_ID0EYTHM] C:\Program Files\Common Files\Adobe\Adobe Version Cue CS3\Server\bin\VersionCueCS3Tray.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [Apoint] C:\Program Files\DellTPad\Apoint.exe (Alps Electric Co., Ltd.)
O4 - HKLM..\Run: [AppleSyncNotifier] C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleSyncNotifier.exe (Apple Inc.)
O4 - HKLM..\Run: [BDAgent] C:\Program Files\BitDefender\BitDefender 2011\bdagent.exe (BitDefender S.R.L.)
O4 - HKLM..\Run: [BitDefender Antiphishing Helper] C:\Program Files\BitDefender\BitDefender 2011\ieshow.exe (BitDefender S.R.L.)
O4 - HKLM..\Run: [BluetoothAuthenticationAgent] C:\WINDOWS\System32\bthprops.cpl (Microsoft Corporation)
O4 - HKLM..\Run: [btbb_McciTrayApp] C:\Program Files\BT Business Broadband Desktop Help\btbb\BTHelpNotifier.exe (Motive Communications, Inc.)
O4 - HKLM..\Run: [btbb_wcm_McciTrayApp] C:\Program Files\BT Business Broadband Desktop Help\btbb_wcm\McciTrayApp.exe (Motive Communications, Inc.)
O4 - HKLM..\Run: [ChangeTPMAuth] C:\Program Files\Wave Systems Corp\Common\ChangeTPMAuth.exe (Wave Systems Corp.)
O4 - HKLM..\Run: [Dell QuickSet] C:\Program Files\Dell\QuickSet\quickset.exe (Dell Inc.)
O4 - HKLM..\Run: [EmbassySecurityCheck] C:\Program Files\Wave Systems Corp\EMBASSY Security Setup\EMBASSYSecurityCheck.exe (Wave Systems Corp.)
O4 - HKLM..\Run: [IntelWireless] C:\Program Files\Common Files\Intel\WirelessCommon\iFrmewrk.exe (Intel(R) Corporation)
O4 - HKLM..\Run: [IntelZeroConfig] C:\Program Files\Intel\WiFi\bin\ZCfgSvc.exe (Intel(R) Corporation)
O4 - HKLM..\Run: [NvCplDaemon] C:\WINDOWS\System32\NvCpl.DLL (NVIDIA Corporation)
O4 - HKLM..\Run: [NVHotkey] C:\WINDOWS\System32\nvhotkey.dll (NVIDIA Corporation)
O4 - HKLM..\Run: [NvMediaCenter] C:\WINDOWS\System32\NvMcTray.DLL (NVIDIA Corporation)
O4 - HKLM..\Run: [nwiz] C:\WINDOWS\System32\nwiz.exe ()
O4 - HKLM..\Run: [PCSuiteTrayApplication] C:\Program Files\Nokia\Nokia PC Suite 6\LaunchApplication.exe (Nokia)
O4 - HKLM..\Run: [Samsung PanelMgr] C:\WINDOWS\Samsung\PanelMgr\SSMMgr.exe ()
O4 - HKLM..\Run: [SecureUpgrade] C:\Program Files\Wave Systems Corp\SecureUpgrade.exe (Wave Systems Corp.)
O4 - HKLM..\Run: [SigmatelSysTrayApp] C:\Program Files\SigmaTel\C-Major Audio\WDM\stsystra.exe (SigmaTel, Inc.)
O4 - HKLM..\Run: [WavXMgr] C:\Program Files\Wave Systems Corp\Services Manager\DocMgr\bin\WavXDocMgr.exe (Wave Systems Corp.)
O4 - HKLM..\Run: [wcnhqepr] C:\Documents and Settings\Jake\Local Settings\Application Data\dqwrjjlek\slayldftssd.exe File not found
O4 - HKCU..\Run: [Steam] c:\program files\steam\steam.exe (Valve Corporation)
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Digital Line Detect.lnk = C:\Program Files\Digital Line Detect\DLG.exe (BVRP Software)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoCDBurning = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O8 - Extra context menu item: Append to existing PDF - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Convert link target to Adobe PDF - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Convert link target to existing PDF - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Convert selected links to Adobe PDF - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Convert selected links to existing PDF - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Convert selection to Adobe PDF - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Convert selection to existing PDF - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Convert to Adobe PDF - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: E&xport to Microsoft Excel - C:\Program Files\Microsoft Office\Office12\EXCEL.EXE (Microsoft Corporation)
O9 - Extra Button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office12\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office12\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\Program Files\Microsoft Office\Office12\REFIEBAR.DLL (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : Yahoo! Search Protection - {BBF74FB9-ABCD-4678-880A-2511DAABB5E1} - C:\Program Files\Yahoo!\Search Protection\ysp.dll (Yahoo! Inc.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000005 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O16 - DPF: {CAFEEFAC-0016-0000-0015-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_15-windows-i586.cab (Java Plug-in 1.6.0_15)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_15-windows-i586.cab (Java Plug-in 1.6.0_15)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.254
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: NameServer = 93.188.164.72,93.188.166.222
O18 - Protocol\Handler\grooveLocalGWS {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll (Microsoft Corporation)
O18 - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Program Files\Common Files\Microsoft Shared\Help\hxds.dll (Microsoft Corporation)
O18 - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\Microsoft Shared\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - Winlogon\Notify\gemsafe: DllName - C:\Program Files\Gemplus\GemSafe Libraries\BIN\WLEventNotify.dll - C:\Program Files\Gemplus\GemSafe Libraries\BIN\WLEventNotify.dll (Gemplus)
O20 - Winlogon\Notify\GoToAssist: DllName - C:\Program Files\Citrix\GoToAssist\570\G2AWinLogon.dll - C:\Program Files\Citrix\GoToAssist\570\g2awinlogon.dll (Citrix Online, a division of Citrix Systems, Inc.)
O24 - Desktop WallPaper: C:\WINDOWS\Web\Wallpaper\Bliss.bmp
O24 - Desktop BackupWallPaper: C:\WINDOWS\Web\Wallpaper\Bliss.bmp
O28 - HKLM ShellExecuteHooks: {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll (Microsoft Corporation)
O30 - LSA: Authentication Packages - (wvauth) - C:\WINDOWS\System32\wvauth.dll (Wave Systems Corp.)
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2009/03/23 13:01:36 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O32 - AutoRun File - [2009/01/29 13:45:34 | 000,000,000 | ---D | M] - G:\autorun -- [ FAT32 ]
O32 - AutoRun File - [2008/02/25 10:30:42 | 000,000,054 | RHS- | M] () - G:\autorun.in_2.org -- [ FAT32 ]
O32 - AutoRun File - [2010/04/05 18:43:44 | 000,000,000 | ---D | M] - G:\Automatically Add to iTunes -- [ FAT32 ]
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

========== Files/Folders - Created Within 30 Days ==========

[2010/10/04 19:08:34 | 000,575,488 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\Jake M\Desktop\OTL.exe
[2010/10/02 19:58:04 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Jake M\Local Settings\Application Data\Temp
[2010/10/02 19:57:45 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Jake M\Local Settings\Application Data\Google
[2010/09/25 16:38:57 | 000,000,000 | RH-D | C] -- C:\Documents and Settings\Jake M\Recent
[2010/09/25 14:53:02 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Jake M\Application Data\QuickScan
[2010/09/25 14:26:54 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Jake M\Application Data\BitDefender
[2010/09/25 09:28:09 | 000,000,000 | ---D | C] -- C:\Documents and Settings\NetworkService\Application Data\QuickScan
[2010/09/24 18:20:35 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\bdch
[2010/09/24 17:46:22 | 000,000,000 | ---D | C] -- C:\Program Files\MSSOAP
[2010/09/24 17:45:56 | 000,000,000 | ---D | C] -- C:\Program Files\BitDefender
[2010/09/24 17:09:09 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\BitDefender
[2010/09/24 17:09:09 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\BitDefender
[2010/09/24 16:33:42 | 000,253,072 | ---- | C] (BitDefender S.R.L.) -- C:\WINDOWS\System32\drivers\Trufos.sys
[2010/09/24 16:33:41 | 000,327,368 | ---- | C] (BitDefender) -- C:\WINDOWS\System32\drivers\bdfsfltr.sys
[2010/09/24 16:33:41 | 000,012,960 | ---- | C] (BITDEFENDER LLC) -- C:\WINDOWS\System32\drivers\bdrawpr.sys
[2010/09/06 19:04:16 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Jake M\Application Data\.minecraft
[2010/09/04 23:18:22 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Jake M\My Documents\things
[6 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2010/10/04 21:02:00 | 000,000,980 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-220523388-2025429265-839522115-1007UA.job
[2010/10/04 20:53:10 | 000,000,121 | ---- | M] () -- C:\WINDOWS\bdagent.INI
[2010/10/04 20:53:04 | 000,121,915 | ---- | M] () -- C:\WINDOWS\System32\nvModes.001
[2010/10/04 20:02:02 | 000,000,928 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-220523388-2025429265-839522115-1007Core.job
[2010/10/04 19:08:41 | 000,575,488 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Jake M\Desktop\OTL.exe
[2010/10/04 18:40:43 | 000,000,000 | ---- | M] () -- C:\Documents and Settings\Jake M\Local Settings\Application Data\WavXMapDrive.bat
[2010/10/04 18:40:33 | 000,002,206 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2010/10/04 18:40:31 | 003,932,160 | -H-- | M] () -- C:\Documents and Settings\Jake M\NTUSER.DAT
[2010/10/04 18:40:31 | 000,000,178 | -HS- | M] () -- C:\Documents and Settings\Jake M\ntuser.ini
[2010/10/04 17:55:21 | 000,000,236 | ---- | M] () -- C:\WINDOWS\tasks\OGALogon.job
[2010/10/04 17:54:47 | 000,000,006 | -H-- | M] () -- C:\WINDOWS\tasks\SA.DAT
[2010/10/04 17:54:33 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2010/10/02 20:22:29 | 000,002,293 | ---- | M] () -- C:\Documents and Settings\Jake M\Desktop\Google Chrome.lnk
[2010/10/02 20:22:29 | 000,002,271 | ---- | M] () -- C:\Documents and Settings\Jake M\Application Data\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk
[2010/10/02 18:48:50 | 000,002,137 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\iTunes.lnk
[2010/10/01 20:45:03 | 000,121,915 | ---- | M] () -- C:\WINDOWS\System32\nvModes.dat
[2010/09/25 13:01:01 | 000,000,016 | ---- | M] () -- C:\WINDOWS\System32\asdict.dat
[2010/09/24 17:50:45 | 000,103,713 | ---- | M] () -- C:\Documents and Settings\All Users\Application Data\bdinstall.bin
[2010/09/24 17:50:19 | 000,000,415 | ---- | M] () -- C:\WINDOWS\System32\user_gensett.xml
[2010/09/24 17:47:24 | 000,001,869 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\BitDefender Total Security 2011.lnk
[2010/09/24 16:52:39 | 000,002,577 | ---- | M] () -- C:\WINDOWS\System32\CONFIG.NT
[2010/09/22 21:31:26 | 000,001,620 | ---- | M] () -- C:\Documents and Settings\Jake M\Application Data\Microsoft\Internet Explorer\Quick Launch\Mozilla Firefox.lnk
[2010/09/22 21:31:26 | 000,001,602 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Mozilla Firefox.lnk
[2010/09/22 18:35:23 | 000,081,460 | -H-- | M] () -- C:\WINDOWS\System32\mlfcache.dat
[2010/09/22 18:34:54 | 000,002,409 | ---- | M] () -- C:\Documents and Settings\Jake M\Application Data\Microsoft\Internet Explorer\Quick Launch\Apple Safari.lnk
[2010/09/22 18:34:54 | 000,002,391 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Safari.lnk
[2010/09/21 21:07:32 | 000,815,710 | ---- | M] () -- C:\Documents and Settings\Jake M\My Documents\parking and cctv.docx
[2010/09/21 20:34:57 | 000,802,438 | ---- | M] () -- C:\Documents and Settings\Jake M\My Documents\Untitled-2.jpg
[2010/09/19 20:09:28 | 000,027,856 | ---- | M] () -- C:\Documents and Settings\Jake M\My Documents\jl copy.jpg
[2010/09/19 20:09:20 | 000,603,716 | ---- | M] () -- C:\Documents and Settings\Jake M\My Documents\jl.psd
[2010/09/11 15:03:10 | 000,106,760 | ---- | M] () -- C:\Documents and Settings\Jake M\Local Settings\Application Data\GDIPFONTCACHEV1.DAT
[2010/09/11 14:50:04 | 001,650,320 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2010/09/05 11:17:16 | 000,032,397 | ---- | M] () -- C:\WINDOWS\SGTBox.INI
[2010/09/04 23:09:23 | 000,000,898 | ---- | M] () -- C:\Documents and Settings\Jake M\My Documents\ssnotallaboutme.rtf
[6 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]

========== Files Created - No Company Name ==========

[2010/10/02 20:22:29 | 000,002,271 | ---- | C] () -- C:\Documents and Settings\Jake M\Application Data\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk
[2010/10/02 20:22:28 | 000,002,293 | ---- | C] () -- C:\Documents and Settings\Jake M\Desktop\Google Chrome.lnk
[2010/10/02 19:57:55 | 000,000,980 | ---- | C] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-220523388-2025429265-839522115-1007UA.job
[2010/10/02 19:57:54 | 000,000,928 | ---- | C] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-220523388-2025429265-839522115-1007Core.job
[2010/09/25 13:01:01 | 000,000,016 | ---- | C] () -- C:\WINDOWS\System32\asdict.dat
[2010/09/24 17:50:40 | 000,000,121 | ---- | C] () -- C:\WINDOWS\bdagent.INI
[2010/09/24 17:50:19 | 000,000,415 | ---- | C] () -- C:\WINDOWS\System32\user_gensett.xml
[2010/09/24 17:47:24 | 000,001,869 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\BitDefender Total Security 2011.lnk
[2010/09/24 16:33:40 | 000,103,713 | ---- | C] () -- C:\Documents and Settings\All Users\Application Data\bdinstall.bin
[2010/09/22 21:31:26 | 000,001,620 | ---- | C] () -- C:\Documents and Settings\Jake M\Application Data\Microsoft\Internet Explorer\Quick Launch\Mozilla Firefox.lnk
[2010/09/22 18:34:54 | 000,002,409 | ---- | C] () -- C:\Documents and Settings\Jake M\Application Data\Microsoft\Internet Explorer\Quick Launch\Apple Safari.lnk
[2010/09/21 21:06:14 | 000,815,710 | ---- | C] () -- C:\Documents and Settings\Jake M\My Documents\parking and cctv.docx
[2010/09/21 20:34:44 | 000,802,438 | ---- | C] () -- C:\Documents and Settings\Jake M\My Documents\Untitled-2.jpg
[2010/09/19 20:09:27 | 000,027,856 | ---- | C] () -- C:\Documents and Settings\Jake M\My Documents\jl copy.jpg
[2010/09/19 20:09:19 | 000,603,716 | ---- | C] () -- C:\Documents and Settings\Jake M\My Documents\jl.psd
[2010/09/15 18:58:27 | 000,013,547 | ---- | C] () -- C:\Documents and Settings\Jake M\hs_err_pid4856.log
[2010/09/04 23:09:23 | 000,000,898 | ---- | C] () -- C:\Documents and Settings\Jake M\My Documents\ssnotallaboutme.rtf
[2010/08/20 13:46:23 | 000,022,723 | ---- | C] () -- C:\WINDOWS\System32\cl31cl3.dll
[2010/08/07 09:59:35 | 000,000,000 | ---- | C] () -- C:\Documents and Settings\Jake M\Local Settings\Application Data\WavXMapDrive.bat
[2010/07/08 10:37:14 | 000,101,544 | ---- | C] () -- C:\Program Files\Common Files\LinkInstaller.exe
[2010/05/03 09:48:45 | 000,001,588 | ---- | C] () -- C:\WINDOWS\TVEpaDrv.ini
[2010/05/03 09:48:36 | 000,363,520 | ---- | C] () -- C:\WINDOWS\System32\PsisDecd.dll
[2010/04/18 19:25:17 | 000,000,127 | ---- | C] () -- C:\Documents and Settings\All Users\Application Data\Microsoft.SqlServer.Compact.351.32.bc
[2010/04/18 19:16:05 | 000,000,547 | ---- | C] () -- C:\WINDOWS\System32\ff_vfw.dll.manifest
[2010/04/18 19:16:04 | 000,057,344 | ---- | C] () -- C:\WINDOWS\System32\ff_vfw.dll
[2010/04/12 18:00:18 | 000,000,260 | ---- | C] () -- C:\WINDOWS\_delis32.ini
[2010/01/15 12:26:30 | 000,032,397 | ---- | C] () -- C:\WINDOWS\SGTBox.INI
[2009/08/03 16:07:42 | 000,403,816 | ---- | C] () -- C:\WINDOWS\System32\OGACheckControl.dll
[2009/03/30 22:06:42 | 000,000,083 | ---- | C] () -- C:\WINDOWS\hpw1280k.ini
[2009/03/30 22:04:47 | 000,016,272 | ---- | C] () -- C:\WINDOWS\hpdj1280.ini
[2009/03/29 21:23:22 | 002,463,976 | ---- | C] () -- C:\WINDOWS\System32\NPSWF32.dll
[2009/03/23 16:08:52 | 000,080,368 | ---- | C] () -- C:\WINDOWS\System32\pbadrvdll.dll
[2009/03/23 16:08:42 | 000,143,360 | ---- | C] () -- C:\WINDOWS\System32\bioapi_mds300.dll
[2009/03/23 16:08:42 | 000,106,496 | ---- | C] () -- C:\WINDOWS\System32\bioapi100.dll
[2009/03/23 15:54:22 | 001,703,936 | ---- | C] () -- C:\WINDOWS\System32\nvwdmcpl.dll
[2009/03/23 15:54:22 | 001,019,904 | ---- | C] () -- C:\WINDOWS\System32\nvwimg.dll
[2009/03/23 15:54:21 | 001,474,560 | ---- | C] () -- C:\WINDOWS\System32\nview.dll
[2009/03/23 15:54:21 | 000,466,944 | ---- | C] () -- C:\WINDOWS\System32\nvshell.dll
[2008/10/07 10:13:30 | 000,197,912 | ---- | C] () -- C:\WINDOWS\System32\physxcudart_20.dll
[2008/10/07 10:13:22 | 000,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelTraditionalChinese.dll
[2008/10/07 10:13:20 | 000,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelSwedish.dll
[2008/10/07 10:13:20 | 000,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelSpanish.dll
[2008/10/07 10:13:20 | 000,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelSimplifiedChinese.dll
[2008/10/07 10:13:20 | 000,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelPortugese.dll
[2008/10/07 10:13:20 | 000,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelKorean.dll
[2008/10/07 10:13:20 | 000,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelJapanese.dll
[2008/10/07 10:13:20 | 000,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelGerman.dll
[2008/10/07 10:13:20 | 000,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelFrench.dll
[2007/09/13 15:42:30 | 000,499,712 | ---- | C] () -- C:\WINDOWS\System32\AmRes_ru.dll
[2007/09/13 15:42:30 | 000,471,040 | ---- | C] () -- C:\WINDOWS\System32\AmRes_pt-BR.dll
[2007/09/13 15:42:28 | 000,487,424 | ---- | C] () -- C:\WINDOWS\System32\AmRes_it.dll
[2007/09/13 15:42:28 | 000,487,424 | ---- | C] () -- C:\WINDOWS\System32\AmRes_fr.dll
[2007/09/13 15:42:28 | 000,462,848 | ---- | C] () -- C:\WINDOWS\System32\AmRes_ko.dll
[2007/09/13 15:42:28 | 000,458,752 | ---- | C] () -- C:\WINDOWS\System32\AmRes_ja.dll
[2007/09/13 15:42:26 | 000,487,424 | ---- | C] () -- C:\WINDOWS\System32\AmRes_es.dll
[2007/09/13 15:42:26 | 000,487,424 | ---- | C] () -- C:\WINDOWS\System32\AmRes_de.dll
[2007/09/13 15:42:26 | 000,466,944 | ---- | C] () -- C:\WINDOWS\System32\AmRes_en.dll
[2007/09/13 15:42:26 | 000,434,176 | ---- | C] () -- C:\WINDOWS\System32\AmRes_zh-CHT.dll
[2007/09/13 15:36:24 | 000,438,272 | ---- | C] () -- C:\WINDOWS\System32\AmRes_zh-CHS.dll
[2007/09/12 16:05:08 | 000,102,400 | ---- | C] () -- C:\WINDOWS\System32\Internationalization_pt.dll
[2007/09/12 16:04:46 | 000,086,016 | ---- | C] () -- C:\WINDOWS\System32\Internationalization_zh-CHT.dll
[2007/09/12 16:04:26 | 000,090,112 | ---- | C] () -- C:\WINDOWS\System32\Internationalization_ko.dll
[2007/09/12 16:04:06 | 000,102,400 | ---- | C] () -- C:\WINDOWS\System32\Internationalization_es.dll
[2007/09/12 16:03:44 | 000,098,304 | ---- | C] () -- C:\WINDOWS\System32\Internationalization_ru.dll
[2007/09/12 16:03:24 | 000,090,112 | ---- | C] () -- C:\WINDOWS\System32\Internationalization_ja.dll
[2007/09/12 16:03:04 | 000,102,400 | ---- | C] () -- C:\WINDOWS\System32\Internationalization_it.dll
[2007/09/12 16:02:44 | 000,102,400 | ---- | C] () -- C:\WINDOWS\System32\Internationalization_de.dll
[2007/09/12 16:02:22 | 000,102,400 | ---- | C] () -- C:\WINDOWS\System32\Internationalization_fr.dll
[2007/09/12 16:02:02 | 000,086,016 | ---- | C] () -- C:\WINDOWS\System32\Internationalization_zh-CHS.dll
[2007/09/10 10:53:26 | 000,262,144 | ---- | C] () -- C:\WINDOWS\System32\wxvault.dll
[2007/06/15 11:19:20 | 000,835,584 | ---- | C] () -- C:\WINDOWS\System32\DemoLicense.dll
[2007/01/31 14:50:32 | 000,913,408 | ---- | C] () -- C:\WINDOWS\System32\xreglib.dll
[2006/08/14 12:02:10 | 000,072,192 | ---- | C] () -- C:\WINDOWS\System32\xltZlib.dll
[2006/06/12 09:01:16 | 000,348,160 | ---- | C] () -- C:\WINDOWS\tsp.dll
[2005/12/07 12:31:00 | 000,202,752 | R--- | C] () -- C:\WINDOWS\System32\CddbCdda.dll
[2004/09/10 14:34:00 | 000,917,504 | ---- | C] () -- C:\WINDOWS\System32\lmgr10.dll
[2004/09/10 14:34:00 | 000,057,344 | ---- | C] () -- C:\WINDOWS\System32\ADsSecurity.dll
[2004/08/04 11:00:00 | 000,027,440 | ---- | C] () -- C:\WINDOWS\System32\drivers\secdrv.sys
< End of report >

OTL Extras logfile created on: 04/10/2010 20:57:28 - Run 1
OTL by OldTimer - Version 3.2.14.1 Folder = C:\Documents and Settings\Jake M\Desktop
Windows XP Professional Edition Service Pack 2 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 7.0.5730.13)
Locale: 00000809 | Country: United Kingdom | Language: ENG | Date Format: dd/MM/yyyy

2.00 Gb Total Physical Memory | 1.00 Gb Available Physical Memory | 53.00% Memory free
4.00 Gb Paging File | 2.00 Gb Available in Paging File | 62.00% Paging File free
Paging file location(s): C:\pagefile.sys 2046 4092 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 74.44 Gb Total Space | 5.34 Gb Free Space | 7.17% Space Free | Partition Type: NTFS
D: Drive not present or media not loaded
E: Drive not present or media not loaded
F: Drive not present or media not loaded
Drive G: | 298.01 Gb Total Space | 43.26 Gb Free Space | 14.51% Space Free | Partition Type: FAT32
H: Drive not present or media not loaded
I: Drive not present or media not loaded

Computer Name: NIGEL-6518CF5A8
Current User Name: Jake M
Logged in as Administrator.

Current Boot Mode: Normal
Scan Mode: Current user
Company Name Whitelist: Off
Skip Microsoft Files: Off
File Age = 30 Days
Output = Standard

========== Extra Registry (SafeList) ==========

========== File Associations ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\]

[HKEY_CURRENT_USER\SOFTWARE\Classes\]
.html [@ = FirefoxHTML] -- C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)

========== Shell Spawning ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
htmlfile [edit] -- "C:\Program Files\Microsoft Office\Office12\msohtmed.exe" %1 (Microsoft Corporation)
htmlfile [print] -- "C:\Program Files\Microsoft Office\Office12\msohtmed.exe" /p %1 (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l (Microsoft Corporation)
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [Digital Photo Professional] -- C:\Program Files\Canon\Digital Photo Professional\DPPViewer.exe /path "%1" (CANON INC.)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [OneNote.Open] -- C:\PROGRA~1\MICROS~2\Office12\ONENOTE.EXE "%L" (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

========== Security Center Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"FirstRunDisabled" = 1
"AntiVirusDisableNotify" = 0
"FirewallDisableNotify" = 0
"UpdatesDisableNotify" = 0
"AntiVirusOverride" = 0
"FirewallOverride" = 0

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall]

========== System Restore Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Sr]
"Start" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SrService]
"Start" = 2

========== Firewall Settings ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 0
"DoNotAllowExceptions" = 0
"DisableNotifications" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
"3703:TCP" = 3703:TCP:*:Disabled:Adobe Version Cue CS3 Server
"3704:TCP" = 3704:TCP:*:Disabled:Adobe Version Cue CS3 Server
"50900:TCP" = 50900:TCP:*:Disabled:Adobe Version Cue CS3 Server
"50901:TCP" = 50901:TCP:*:Disabled:Adobe Version Cue CS3 Server
"1900:UDP" = 1900:UDP:LocalSubNet:Disabled:@xpsp2res.dll,-22007
"2869:TCP" = 2869:TCP:LocalSubNet:Disabled:@xpsp2res.dll,-22008

========== Authorized Applications List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
"C:\Program Files\Windows Live\Messenger\wlcsdk.exe" = C:\Program Files\Windows Live\Messenger\wlcsdk.exe:*:Enabled:Windows Live Call -- (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"C:\Program Files\Nokia\Nokia Software Updater\nsu_ui_client.exe" = C:\Program Files\Nokia\Nokia Software Updater\nsu_ui_client.exe:*:Enabled:Nokia Software Updater -- (Nokia Corporation)
"C:\Program Files\Windows Live\Messenger\wlcsdk.exe" = C:\Program Files\Windows Live\Messenger\wlcsdk.exe:*:Enabled:Windows Live Call -- (Microsoft Corporation)
"C:\Program Files\Mozilla Firefox\firefox.exe" = C:\Program Files\Mozilla Firefox\firefox.exe:*:Enabled:Firefox -- (Mozilla Corporation)
"C:\WINDOWS\system32\rtcshare.exe" = C:\WINDOWS\system32\rtcshare.exe:*:Disabled:RTC App Sharing -- (Microsoft Corporation)
"C:\Program Files\NetMeeting\conf.exe" = C:\Program Files\NetMeeting\conf.exe:*:Disabled:Windows® NetMeeting® -- (Microsoft Corporation)
"E:\Documents\Football Manager\Football Manager 2008\fm.exe" = E:\Documents\Football Manager\Football Manager 2008\fm.exe:*:Enabled:Football Manager 2008 -- File not found
"C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe" = C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe:*:Enabled:Yahoo! Messenger -- (Yahoo! Inc.)
"C:\Program Files\Steam\steam.exe" = C:\Program Files\Steam\steam.exe:*:Enabled:Steam -- (Valve Corporation)
"C:\Program Files\Steam\SteamApps\common\left 4 dead 2 demo\left4dead2.exe" = C:\Program Files\Steam\SteamApps\common\left 4 dead 2 demo\left4dead2.exe:*:Enabled:left4dead2 -- ()
"C:\Program Files\BT Business Broadband Desktop Help\btbb\BTHelpBrowser.exe" = C:\Program Files\BT Business Broadband Desktop Help\btbb\BTHelpBrowser.exe:*:Enabled:BT Business Broadband Desktop Help -- (Motive Communications, Inc.)
"C:\Program Files\BT Business Broadband Desktop Help\btbb\BTHelpNotifier.exe" = C:\Program Files\BT Business Broadband Desktop Help\btbb\BTHelpNotifier.exe:*:Enabled:BT Business Broadband Desktop Help Notifier -- (Motive Communications, Inc.)
"C:\Program Files\Adobe\Adobe Dreamweaver CS3\Dreamweaver.exe" = C:\Program Files\Adobe\Adobe Dreamweaver CS3\Dreamweaver.exe:*:Disabled:Adobe Dreamweaver CS3 -- (Adobe Systems, Inc.)
"C:\Program Files\Common Files\Adobe\Adobe Version Cue CS3\Server\bin\VersionCueCS3.exe" = C:\Program Files\Common Files\Adobe\Adobe Version Cue CS3\Server\bin\VersionCueCS3.exe:*:Disabled:Adobe Version Cue CS3 Server -- (Adobe Systems Incorporated)
"C:\Program Files\Steam\SteamApps\jm_9\team fortress 2\hl2.exe" = C:\Program Files\Steam\SteamApps\jm_9\team fortress 2\hl2.exe:*:Disabled:hl2 -- ()
"C:\Program Files\Common Files\Nokia\Service Layer\A\nsl_host_process.exe" = C:\Program Files\Common Files\Nokia\Service Layer\A\nsl_host_process.exe:*:Disabled:Nokia Service Layer Host Process -- (Nokia Corporation)
"C:\Program Files\QuickTime\QuickTimePlayer.exe" = C:\Program Files\QuickTime\QuickTimePlayer.exe:*:Disabled:QuickTime Player -- (Apple Inc.)
"C:\Documents and Settings\Nigel\Local Settings\Temp\RarSFX0\PPB.exe" = C:\Documents and Settings\Nigel\Local Settings\Temp\RarSFX0\PPB.exe:*:Enabled:PS3 Patch Blocker v1.0 -- File not found
"C:\Program Files\Wave Systems Corp\Security Wizards\bin\Secure 8021x.exe" = C:\Program Files\Wave Systems Corp\Security Wizards\bin\Secure 8021x.exe:*:Enabled:802.1x Authentication Setup Wizard -- (Wave Systems Corp.)
"C:\Program Files\Microsoft Office\Office12\GROOVE.EXE" = C:\Program Files\Microsoft Office\Office12\GROOVE.EXE:*:Enabled:Microsoft Office Groove -- (Microsoft Corporation)
"C:\Program Files\Microsoft Office\Office12\ONENOTE.EXE" = C:\Program Files\Microsoft Office\Office12\ONENOTE.EXE:*:Enabled:Microsoft Office OneNote -- (Microsoft Corporation)
"C:\Program Files\Microsoft Office\Office12\OUTLOOK.EXE" = C:\Program Files\Microsoft Office\Office12\OUTLOOK.EXE:*:Enabled:Microsoft Office Outlook -- (Microsoft Corporation)
"C:\Program Files\Sports Interactive\Football Manager 2010\fm.exe" = C:\Program Files\Sports Interactive\Football Manager 2010\fm.exe:*:Disabled:Football Manager 2010 -- File not found
"F:\Documents\Football Manager\fm.exe" = F:\Documents\Football Manager\fm.exe:*:Enabled:Football Manager 2010 -- File not found
"C:\Program Files\Steam\SteamApps\common\alien swarm\swarm.exe" = C:\Program Files\Steam\SteamApps\common\alien swarm\swarm.exe:*:Enabled:Alien Swarm -- ()
"C:\Program Files\iTunes\iTunes.exe" = C:\Program Files\iTunes\iTunes.exe:*:Enabled:iTunes -- (Apple Inc.)
"C:\Program Files\Steam\SteamApps\common\left 4 dead 2\left4dead2.exe" = C:\Program Files\Steam\SteamApps\common\left 4 dead 2\left4dead2.exe:*:Enabled:Left 4 Dead 2 -- ()

Re: Browser Problems4th October 2010, 8:54 pm

========== HKEY_LOCAL_MACHINE Uninstall List ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{004685F7-9FB6-4789-812F-59ABB34A55AF}" = Adobe Setup
"{0046FA01-C5B9-4985-BACB-398DC480FC05}" = Adobe Photoshop CS3
"{00CB213D-CA43-4CB7-A9ED-808E1D0E4739}" = Video Capture USB
"{0224CACC-994D-45F8-B973-D65056EA9C2F}" = Adobe XMP DVA Panels CS3
"{02B71D92-A84B-4DFB-9A10-D12BB01AC1F2}" = Nokia N73 highlights
"{0327FA9D-975C-448C-A086-577D57BB25B8}" = Adobe Soundbooth CS3 Codecs
"{048298C9-A4D3-490B-9FF9-AB023A9238F3}" = Steam
"{07D618CD-B016-438A-ADC9-A75BD23F85CE}" = Wave Support Software
"{08B32819-6EEF-4057-AEDA-5AB681A36A23}" = Adobe Bridge Start Meeting
"{0B0A2153-58A6-4244-B458-25EDF5FCD809}" = Private Information Manager
"{0CB9668D-F979-4F31-B8B8-67FE90F929F8}" = Bonjour
"{0D80391C-0A72-43BB-9BC2-143F63CC111D}" = Nokia PC Connectivity Solution
"{184CE391-7E0E-4C63-9935-D7A10EDFD3C6}" = Adobe WinSoft Linguistics Plugin
"{193EAFD0-1BAF-4FB4-B18F-79D5D6A4B285}" = Adobe After Effects CS3 Presets
"{1D53B6F9-E66E-42D8-A221-4FF8AC134FD7}" = Roxio Activation Module
"{1D58229F-C505-45CA-8223-F35F3A34B963}" = Adobe Version Cue CS3 Server
"{1DD81E7D-0D28-4CEB-87B2-C041A4FCB215}" = Rapport
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{205C6BDD-7B73-42DE-8505-9A093F35A238}" = Windows Live Upload Tool
"{21ABEA96-CCAB-4C40-8699-6BDFEC5FD63C}" = Roxio Easy VHS to DVD Content
"{22B775E7-6C42-4FC5-8E10-9A5E3257BD94}" = MSVCRT
"{24A494F3-5B5F-4183-9F7D-9CE82812C1FC}" = tsp patch
"{26A24AE4-039D-4CA4-87B4-2F83216015FF}" = Java(TM) 6 Update 15
"{29E5EA97-5F74-4A57-B8B2-D4F169117183}" = Adobe Stock Photos CS3
"{2EFFFC71-1E66-454E-A6E6-CEEC800B96D2}" = Adobe Flash Video Encoder
"{3383136B-4F86-4F05-8612-DD4BB16A1EAE}" = Roxio Easy VHS to DVD
"{350C97B0-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP
"{35748B06-FCFC-4700-8285-DAD41689E4FE}" = Broadcom TPM Driver Installer
"{3A6BE9F4-5FC8-44BB-BE7B-32A29607FEF6}" = Preboot Manager
"{3AC54383-31D1-4907-961B-B12CBB1D0AE8}" = MobileMe Control Panel
"{3B4E636E-9D65-4D67-BA61-189800823F52}" = Windows Live Communications Platform
"{3D9892BB-A751-4E48-ADC8-E4289956CE1D}" = QuickTime
"{4458C442-7376-4CF9-AF58-E8CEA6722363}" = Adobe Setup
"{45338B07-A236-4270-9A77-EBB4115517B5}" = Windows Live Sign-in Assistant
"{485ACF57-F364-440A-8496-E1E81C8FA1AA}" = Adobe Premiere Pro CS3 Third Party Content
"{4BDFD2CE-6329-42E4-9801-9B3D1F10D79B}" = Adobe® Photoshop® Album Starter Edition 3.0
"{4BF18ED6-C888-4BCF-A4AF-AC7A16305BC1}" = GemSafe Standard Edition 5.1
"{50F102CA-4BE2-41A9-9810-5BB05EB91B9A}" = Adobe Premiere Pro CS3 Functional Content
"{51AE9E42-640D-4C14-A9B6-43F64AA4E3E2}" = Document Manager Lite
"{52A7C6A6-6B88-47D1-922E-9F8A7E089E6A}" = Intel(R) PROSet/Wireless WiFi Software
"{531317A5-586A-4E36-87C1-CA823447B375}" = Nokia PC Suite
"{53333479-6A52-4816-8497-5C52B67ED339}" = EMBASSY Security Setup
"{54793AA1-5001-42F4-ABB6-C364617C6078}" = Adobe Linguistics CS3
"{54B2EAD9-A110-43F7-B010-2859A1BD2AFE}" = Adobe Encore CS3
"{58DCEEE5-532E-44F4-B1D7-A146EF9E9FDA}" = Adobe Premiere Pro CS3
"{59359B3D-ABE7-46BF-AB55-43B67A64DC68}" = Nokia MTP driver
"{5EC5F187-9D2B-4051-8906-88656819A869}" = Dell Drivers MSI
"{60A86035-3EAD-401C-8C8F-1CB46977320F}" = QuickSnooker
"{6956856F-B6B3-4BE0-BA0B-8F495BE32033}" = Apple Software Update
"{6ABE0BEE-D572-4FE8-B434-9E72A289431B}" = Adobe Fonts All
"{6B3CA80E-6AC0-4725-BABF-9B0FEF880CB3}" = Power Tab Editor 1.7
"{6B52140A-F189-4945-BFFC-DB3F00B8C589}" = Adobe Flash CS3
"{6B708481-748A-4EB4-97C1-CD386244FF77}" = Adobe MotionPicture Color Files
"{6BBAA81D-6A7E-43AD-8889-2F002DCAAFDD}" = AHV content for Acrobat and Flash
"{6FF5DD7A-FE28-4439-B8CF-1E9AF4EA0A61}" = Adobe Asset Services CS3
"{7169FA93-66C2-43BD-86E0-CD332A686B29}" = Nokia Software Updater
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{73B5D990-04EA-4751-B10F-5534770B91F2}" = Adobe Color EU Recommended Settings
"{73E30715-9EC4-4DAE-BE67-64500AEB8012}" = Nokia Nseries Skin for Microsoft Windows Media Player
"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
"{77F5816C-64A6-4FBE-BBE5-52EFE5EB84E8}" = Nokia themes for your device
"{7919D8D9-69FB-4E94-B330-04C4AF251867}" = Roxio Easy VHS to DVD
"{7ACFB90E-8FD0-4397-AD3A-5195412623A3}" = Adobe Help Viewer CS3
"{7C10F5C7-F00F-4BD3-A110-C7D240D2DD25}" = Adobe Dreamweaver CS3
"{7DFC1012-D346-46CE-B03E-FF79125AE029}" = Adobe Fireworks CS3
"{7ECEF10B-F1C2-4FD5-861F-A3FCB4653304}" = Adobe After Effects CS3 Third Party Content
"{81128EE8-8EAD-4DB0-85C6-17C2CE50FF71}" = Windows Live Essentials
"{82427977-8776-4087-90CA-9F65174D3C4D}" = Nokia Connectivity Cable Driver
"{845A8DB9-8802-4FD3-9FE3-938A6C46A2EC}" = Adobe Video Profiles
"{85991ED2-010C-4930-96FA-52F43C2CE98A}" = Apple Mobile Device Support
"{8718DC03-D066-4957-94E5-50C3C5042E8E}" = Adobe Creative Suite 3 Master Collection
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8D2BA474-F406-4710-9AE4-D4F22D21F0DD}" = Adobe Device Central CS3
"{8E6808E2-613D-4FCD-81A2-6C8FA8E03312}" = Adobe Type Support
"{90120000-0010-0409-0000-0000000FF1CE}" = Microsoft Software Update for Web Folders (English) 12
"{90120000-0015-0409-0000-0000000FF1CE}" = Microsoft Office Access MUI (English) 2007
"{90120000-0015-0409-0000-0000000FF1CE}_ENTERPRISE_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0016-0409-0000-0000000FF1CE}" = Microsoft Office Excel MUI (English) 2007
"{90120000-0016-0409-0000-0000000FF1CE}_ENTERPRISE_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0018-0409-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (English) 2007
"{90120000-0018-0409-0000-0000000FF1CE}_ENTERPRISE_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0019-0409-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (English) 2007
"{90120000-0019-0409-0000-0000000FF1CE}_ENTERPRISE_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001A-0409-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (English) 2007
"{90120000-001A-0409-0000-0000000FF1CE}_ENTERPRISE_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001B-0409-0000-0000000FF1CE}" = Microsoft Office Word MUI (English) 2007
"{90120000-001B-0409-0000-0000000FF1CE}_ENTERPRISE_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-0409-0000-0000000FF1CE}_ENTERPRISE_{ABDDE972-355B-4AF1-89A8-DA50B7B5C045}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2007
"{90120000-001F-040C-0000-0000000FF1CE}_ENTERPRISE_{F580DDD5-8D37-4998-968E-EBB76BB86787}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-0C0A-0000-0000000FF1CE}" = Microsoft Office Proof (Spanish) 2007
"{90120000-001F-0C0A-0000-0000000FF1CE}_ENTERPRISE_{187308AB-5FA7-4F14-9AB9-D290383A10D9}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-002C-0409-0000-0000000FF1CE}" = Microsoft Office Proofing (English) 2007
"{90120000-0030-0000-0000-0000000FF1CE}" = Microsoft Office Enterprise 2007
"{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{0B36C6D6-F5D8-4EAF-BF94-4376A230AD5B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{3D019598-7B59-447A-80AE-815B703B84FF}" = Security Update for Microsoft Office system 2007 (972581)
"{90120000-0044-0409-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (English) 2007
"{90120000-0044-0409-0000-0000000FF1CE}_ENTERPRISE_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-006E-0409-0000-0000000FF1CE}" = Microsoft Office Shared MUI (English) 2007
"{90120000-006E-0409-0000-0000000FF1CE}_ENTERPRISE_{DE5A002D-8122-4278-A7EE-3121E7EA254E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-00A1-0409-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (English) 2007
"{90120000-00A1-0409-0000-0000000FF1CE}_ENTERPRISE_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-00BA-0409-0000-0000000FF1CE}" = Microsoft Office Groove MUI (English) 2007
"{90120000-00BA-0409-0000-0000000FF1CE}_ENTERPRISE_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0114-0409-0000-0000000FF1CE}" = Microsoft Office Groove Setup Metadata MUI (English) 2007
"{90120000-0114-0409-0000-0000000FF1CE}_ENTERPRISE_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0115-0409-0000-0000000FF1CE}" = Microsoft Office Shared Setup Metadata MUI (English) 2007
"{90120000-0115-0409-0000-0000000FF1CE}_ENTERPRISE_{DE5A002D-8122-4278-A7EE-3121E7EA254E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0117-0409-0000-0000000FF1CE}" = Microsoft Office Access Setup Metadata MUI (English) 2007
"{90120000-0117-0409-0000-0000000FF1CE}_ENTERPRISE_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90176341-0A8B-4CCC-A78D-F862228A6B95}" = Adobe Anchor Service CS3
"{91F7F3F3-CE80-48C3-8327-7D24A0A5716A}" = iTunes
"{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting
"{9593C6E5-205E-45C3-B785-05CF146CA76A}" = biolsp patch
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9C9824D9-9000-4373-A6A5-D0E5D4831394}" = Adobe Bridge CS3
"{9F72EF8B-AEC9-4CA5-B483-143980AFD6FD}" = Dell Touchpad
"{A093D83F-429A-4AB2-A0CD-1F7E9C7B764A}" = Trusted Drive Manager
"{A1F66FC9-11EE-4F2F-98C9-16F8D1E69FB7}" = Segoe UI
"{A2B242BD-FF8D-4840-9DAA-9170EABEC59C}" = Adobe CMaps
"{A2D81E70-2A98-4A08-A628-94388B063C5E}" = Adobe Color - Photoshop Specific
"{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}" = Microsoft .NET Framework 3.0 Service Pack 2
"{A462213D-EED4-42C2-9A60-7BDD4D4B0B17}" = SigmaTel Audio
"{A49F249F-0C91-497F-86DF-B2585E8E76B7}" = Microsoft Visual C++ 2005 Redistributable
"{A6B23EFA-6590-482C-A11F-5ACE1B91F5B9}" = Adobe Soundbooth CS3
"{A85FD55B-891B-4314-97A5-EA96C0BD80B5}" = Windows Live Messenger
"{ABBA2EA4-740E-4052-902B-9CA70B081E3F}" = Dell Embassy Trust Suite by Wave Systems
"{AC5B0C19-D851-42F4-BDA0-410ECF7F70A5}" = PDF Settings
"{AC76BA86-1033-0000-7760-000000000003}" = Adobe Acrobat 8 Professional
"{AE86AE81-CD7F-496F-A39F-0210C985E71B}" = FM Modifier 2.21
"{AF9E97C1-7431-426D-A8D5-ABE40995C0B1}" = DirectX 9 Runtime
"{B194272D-1F92-46DF-99EB-8D5CE91CB4EC}" = Adobe AIR
"{B2544A03-10D0-4E5E-BA69-0362FFC20D18}" = OGA Notifier 2.0.0048.0
"{B2D328BE-45AD-4D92-96F9-2151490A203E}" = Apple Application Support
"{B3BF6689-A81D-40D8-9A86-4AC4ACD9FC1C}" = Adobe Camera Raw 4.0
"{B671CBFD-4109-4D35-9252-3062D3CCB7B2}" = Adobe SING CS3
"{B73CFB12-C814-4638-AFFD-7E3AAFAF0B4E}" = Adobe BridgeTalk Plugin CS3
"{B7F54262-AB66-44B3-88BF-9FC69941B643}" = Broadcom Gigabit Integrated Controller
"{B83FC356-B7C0-441F-8A4D-D71E088E7974}" = NVIDIA PhysX
"{B8B7A4D8-80E1-4DAE-BD33-7FD535BA3931}" = Adobe Encore CS3 Codecs
"{B9B35331-B7E4-4E5C-BF4C-7BC87856124D}" = Adobe Default Language CS3
"{BB3AB664-D92B-4CB5-8B3E-D841841F4E68}" = Canon Camera WIA Driver
"{BCB4C18A-ACA6-4383-8688-E19933A705DD}" = Microsoft SOAP Toolkit 3.0
"{BD8A0C60-1AEB-11D6-B8E1-00025521AE60}" = VBA (3821b)
"{BE5F3842-8309-4754-92D5-83E02E6077A3}" = Adobe Extension Manager CS3
"{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}" = Microsoft .NET Framework 2.0 Service Pack 2
"{C0FE37FA-0886-4B66-B01B-76CF70FB77AB}" = Roxio CinePlayer Decoder Pack
"{C2D69781-F392-4118-A5A7-C7E9C38DBFC2}" = Adobe ExtendScript Toolkit 2
"{C5074CC4-0E26-4716-A307-960272A90040}" = QuickSet
"{C5BD220A-EFE8-48A5-B70E-9503D535FACE}" = Adobe WAS CS3
"{CB3F8375-B600-4B9F-83C9-238ED1E583FD}" = Adobe InDesign CS3
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{CFB8BDCE-8814-4B9A-8EA9-31DB74FEF0AE}" = BitDefender Total Security 2011
"{D0DFF92A-492E-4C40-B862-A74A173C25C5}" = Adobe Version Cue CS3 Client
"{D1E829E9-88B8-47C6-A75E-0D40E2C09D50}" = Secure Update
"{D2559B88-CC9D-4B48-81BB-F492BAA9C48C}" = Adobe PDF Library Files
"{D5A31AB1-345D-47C7-A87B-036A669F6DF1}" = Adobe XMP Panels CS3
"{DAB5C521-80B2-48C3-B0DA-326A1B331F55}" = GoToAssist Corporate
"{DADD7B8A-BCB0-44F5-967A-ECB6B4F2ECD9}" = Adobe Color Common Settings
"{DD7DB3C5-6FA3-4FA3-8A71-C2F2940EB029}" = Adobe Color JA Extra Settings
"{E2E78020-45C7-6C28-E7FC-E31C656232BD}" = Rightmove Desktop
"{E40D6E16-6D7D-4AF3-9E13-B3A308571E81}" = Roxio Easy VHS to DVD
"{E56D39F8-2A9F-44B4-B068-A72E45A073E6}" = Safari
"{E646DCF0-5A68-11D5-B229-002078017FBF}" = Digital Line Detect
"{E69AE897-9E0B-485C-8552-7841F48D42D8}" = Adobe Update Manager CS3
"{E738A392-F690-4A9D-808E-7BAF80E0B398}" = ESC Home Page Plugin
"{EA536059-6D12-4E0E-9FB2-DA912AFAB3F1}" = upekmsi
"{EA7B3CC4-366D-4CF6-8350-FD7A7034116E}" = Adobe InDesign CS3 Icon Handler
"{EB0202F7-016A-410C-ADE4-40F848CCC661}" = Adobe After Effects CS3
"{EB4DF30B-102B-4F0C-927A-D50E037A325D}" = AuthenTec Fingerprint Sensor Minimum Install
"{EC84E3E6-C2D6-4DFB-81E0-448324C8FDF4}" = Security Wizards
"{ECC22AFA-B905-4A6A-8072-10F52B9E09B7}" = Wave Infrastructure Installer
"{EDC2B89F-3F72-48EA-B63E-985BC51622E4}" = OZ776 SCR Driver V1.1.4.202
"{EE074561-3C0A-4B6A-B4A5-09CD69E1DDF0}" = HP Deskjet 1280
"{EE565795-2776-415A-B31C-EB3A8D7C6FA4}" = Nokia Lifeblog 2.1
"{EEAFE1E5-076B-430A-96D9-B567792AFA88}" = EMBASSY Security Center
"{EF05BA0F-AC15-4D12-AC5C-276225F5E751}" = Gemalto
"{F08E8D2E-F132-4742-9C87-D5FF223A016A}" = Adobe Illustrator CS3
"{F0E12BBA-AD66-4022-A453-A1C8A0C4D570}" = Microsoft Choice Guard
"{F1802FA6-54E9-4B24-BD2A-B50866819795}" = EMBASSY Trust Suite by Wave Systems
"{F6BD194C-4190-4D73-B1B1-C48C99921BFE}" = Windows Live Call
"{FC9E08AA-CD59-4C59-BEF9-87E05B9E37D7}" = Adobe Contribute CS3
"{FEC193E4-6C5F-40E9-A249-7D8C8404A9EC}" = NTRU TCG Software Stack
"{FF29A7E2-FF40-4D07-B7E4-2093DE59E10A}" = Adobe Color NA Extra Settings
"3271E907F27C989F2C244ACB3D32020E3DD3CA6F" = Windows Driver Package - Nokia Modem (06/12/2006 6.81.0.21)
"Adobe AIR" = Adobe AIR
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"Adobe Shockwave Player" = Adobe Shockwave Player 11.5
"Adobe_3675c95c239b992d5d0ee8fce969b9e" = Adobe After Effects CS3 Third Party Content
"Adobe_4dcfd9b7e901b57f81f667144603236" = Add or Remove Adobe Creative Suite 3 Master Collection
"Audacity_is1" = Audacity 1.2.6
"BitDefender" = BitDefender Total Security 2011
"BT Business Broadband Desktop Help" = BT Business Broadband Desktop Help
"BT Wireless Connection Manager" = BT Wireless Connection Manager
"CAL" = Canon Camera Access Library
"CameraWindowDVC5" = Canon Utilities CameraWindow DC_DV 5 for ZoomBrowser EX
"CameraWindowDVC6" = Canon Utilities CameraWindow DC_DV 6 for ZoomBrowser EX
"CameraWindowLauncher" = Canon Utilities CameraWindow
"CANON iMAGE GATEWAY Task" = CANON iMAGE GATEWAY Task for ZoomBrowser EX
"Canon Internet Library for ZoomBrowser EX" = Canon Internet Library for ZoomBrowser EX
"Canon ScanGear Toolbox CS" = Canon ScanGear Toolbox CS 2.2
"CNXT_MODEM_HDAUDIO_VEN_14F1&DEV_2BFA&SUBSYS_14F100C3" = Conexant HDA D110 MDC V.92 Modem
"com.rightmove.rmdesktop.303FAAB8E16C565CA4B74422796CD427470CE949.1" = Rightmove Desktop
"CSCLIB" = Canon Camera Support Core Library
"doubleTwist" = doubleTwist
"DPP" = Canon Utilities Digital Photo Professional 3.4
"Driving Test Success - All Tests_is1" = Driving Test Success - All Tests (2008-2009)
"DVD Decrypter" = DVD Decrypter (Remove Only)
"ENTERPRISE" = Microsoft Office Enterprise 2007
"EOS Utility" = Canon Utilities EOS Utility
"ffdshow_is1" = ffdshow [rev 2527] [2008-12-19]
"Football Manager 2008" = Football Manager 2008
"Football Manager 2010" = Football Manager 2010
"FoxyTunesForFirefox" = FoxyTunes for Firefox
"GoToAssist" = GoToAssist Corporate
"HandBrake" = HandBrake 0.9.3
"IDNMitigationAPIs" = Microsoft Internationalized Domain Names Mitigation APIs
"ie7" = Windows Internet Explorer 7
"Inkscape" = Inkscape 0.47
"InstallShield_{07D618CD-B016-438A-ADC9-A75BD23F85CE}" = Wave Support Software
"InstallShield_{0B0A2153-58A6-4244-B458-25EDF5FCD809}" = Private Information Manager
"InstallShield_{51AE9E42-640D-4C14-A9B6-43F64AA4E3E2}" = Document Manager Lite
"InstallShield_{53333479-6A52-4816-8497-5C52B67ED339}" = EMBASSY Security Setup
"InstallShield_{BB3AB664-D92B-4CB5-8B3E-D841841F4E68}" = Canon EOS 5D WIA Driver
"InstallShield_{D1E829E9-88B8-47C6-A75E-0D40E2C09D50}" = Secure Update
"InstallShield_{E738A392-F690-4A9D-808E-7BAF80E0B398}" = ESC Home Page Plugin
"InstallShield_{EC84E3E6-C2D6-4DFB-81E0-448324C8FDF4}" = Security Wizards
"InstallShield_{EDC2B89F-3F72-48EA-B63E-985BC51622E4}" = OZ776 SCR Driver V1.1.4.202
"InstallShield_{EEAFE1E5-076B-430A-96D9-B567792AFA88}" = EMBASSY Security Center
"Line 6 Uninstaller" = Line 6 Uninstaller
"Live 7.0.10" = Live 7.0.10
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"Mozilla Firefox (3.6.10)" = Mozilla Firefox (3.6.10)
"MSCompPackV1" = Microsoft Compression Client Pack 1.0 for Windows XP
"MyCamera" = Canon Utilities MyCamera
"NLSDownlevelMapping" = Microsoft National Language Support Downlevel APIs
"NVIDIA Drivers" = NVIDIA Drivers
"Original Data Security Tools" = Canon Utilities Original Data Security Tools
"PhotoStitch" = Canon Utilities PhotoStitch
"Picture Style Editor" = Canon Utilities Picture Style Editor
"ProInst" = Intel PROSet Wireless
"Rapport_msi" = Rapport
"RAW Image Task" = Canon RAW Image Task for ZoomBrowser EX
"RemoteCaptureTask" = Canon Utilities RemoteCapture Task for ZoomBrowser EX
"RiffWorks T4" = RiffWorks T4
"Samsung CLP-310 Series" = Samsung CLP-310 Series
"Steam App 550" = Left 4 Dead 2
"Steam App 564" = Left 4 Dead 2 Add-on Support
"Steam App 630" = Alien Swarm
"TVEpaDrv" = Roxio Video Capture USB Driver
"UnityWebPlayer" = Unity Web Player
"Viewpoint Manager" = Viewpoint Manager (Remove Only)
"ViewpointMediaPlayer" = Viewpoint Media Player
"VLC media player" = VLC media player 1.0.1
"Wdf01005" = Microsoft Kernel-Mode Driver Framework Feature Pack 1.5
"Wdf01007" = Microsoft Kernel-Mode Driver Framework Feature Pack 1.7
"WFTK" = Canon Utilities WFT-E1/E2/E3 Utility
"WIC" = Windows Imaging Component
"Windows Media Format Runtime" = Windows Media Format 11 runtime
"Windows Media Player" = Windows Media Player 11
"WinLiveSuite_Wave3" = Windows Live Essentials
"WinRAR archiver" = WinRAR archiver
"WMFDist11" = Windows Media Format 11 runtime
"wmp11" = Windows Media Player 11
"Wudf01000" = Microsoft User-Mode Driver Framework Feature Pack 1.0
"Yahoo! Companion" = Yahoo! Toolbar
"Yahoo! Messenger" = Yahoo! Messenger
"Yahoo! Search Defender" = Yahoo! Search Protection
"Yahoo! Software Update" = Yahoo! Software Update
"ZoomBrowser EX" = Canon Utilities ZoomBrowser EX
"ZoomBrowser EX Memory Card Utility" = Canon ZoomBrowser EX Memory Card Utility

========== HKEY_CURRENT_USER Uninstall List ==========

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Google Chrome" = Google Chrome

========== Last 10 Event Log Errors ==========

[ Application Events ]
Error - 03/10/2010 05:59:04 | Computer Name = NIGEL-6518CF5A8 | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledEvent 4297

Error - 03/10/2010 05:59:04 | Computer Name = NIGEL-6518CF5A8 | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledSPRetry 4297

Error - 03/10/2010 05:59:06 | Computer Name = NIGEL-6518CF5A8 | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: Continuously busy for more than a second

Error - 03/10/2010 05:59:06 | Computer Name = NIGEL-6518CF5A8 | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledEvent 6250

Error - 03/10/2010 05:59:06 | Computer Name = NIGEL-6518CF5A8 | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledSPRetry 6250

Error - 03/10/2010 08:40:40 | Computer Name = NIGEL-6518CF5A8 | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: Continuously busy for more than a second

Error - 03/10/2010 08:40:40 | Computer Name = NIGEL-6518CF5A8 | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledEvent 9700609

Error - 03/10/2010 08:40:40 | Computer Name = NIGEL-6518CF5A8 | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledSPRetry 9700609

Error - 03/10/2010 08:42:17 | Computer Name = NIGEL-6518CF5A8 | Source = crypt32 | ID = 131080
Description = Failed auto update retrieval of third-party root list sequence number
from:
with error: This operation returned because the timeout period expired.

Error - 03/10/2010 08:42:17 | Computer Name = NIGEL-6518CF5A8 | Source = crypt32 | ID = 131080
Description = Failed auto update retrieval of third-party root list sequence number
from:
with error: This network connection does not exist.

[ OSession Events ]
Error - 03/06/2009 17:08:14 | Computer Name = NIGEL-6518CF5A8 | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 0, Application Name: Microsoft Office Word, Application Version:
12.0.6331.5000, Microsoft Office Version: 12.0.6215.1000. This session lasted 10305
seconds with 60 seconds of active time. This session ended with a crash.

Error - 05/07/2009 08:33:31 | Computer Name = NIGEL-6518CF5A8 | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 6, Application Name: Microsoft Office Outlook, Application Version:
12.0.6504.5000, Microsoft Office Version: 12.0.6215.1000. This session lasted 6
seconds with 0 seconds of active time. This session ended with a crash.

Error - 05/07/2009 08:33:36 | Computer Name = NIGEL-6518CF5A8 | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 6, Application Name: Microsoft Office Outlook, Application Version:
12.0.6504.5000, Microsoft Office Version: 12.0.6215.1000. This session lasted 6
seconds with 0 seconds of active time. This session ended with a crash.

Error - 05/07/2009 08:33:41 | Computer Name = NIGEL-6518CF5A8 | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 6, Application Name: Microsoft Office Outlook, Application Version:
12.0.6504.5000, Microsoft Office Version: 12.0.6215.1000. This session lasted 2
seconds with 0 seconds of active time. This session ended with a crash.

Error - 05/07/2009 09:08:39 | Computer Name = NIGEL-6518CF5A8 | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 6, Application Name: Microsoft Office Outlook, Application Version:
12.0.6504.5000, Microsoft Office Version: 12.0.6215.1000. This session lasted 2094
seconds with 0 seconds of active time. This session ended with a crash.

Error - 05/07/2009 09:08:49 | Computer Name = NIGEL-6518CF5A8 | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 6, Application Name: Microsoft Office Outlook, Application Version:
12.0.6504.5000, Microsoft Office Version: 12.0.6215.1000. This session lasted 2
seconds with 0 seconds of active time. This session ended with a crash.

Error - 18/08/2009 09:28:17 | Computer Name = NIGEL-6518CF5A8 | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 0, Application Name: Microsoft Office Word, Application Version:
12.0.6504.5000, Microsoft Office Version: 12.0.6215.1000. This session lasted 5674
seconds with 0 seconds of active time. This session ended with a crash.

Error - 23/09/2009 16:21:24 | Computer Name = NIGEL-6518CF5A8 | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 0, Application Name: Microsoft Office Word, Application Version:
12.0.6504.5000, Microsoft Office Version: 12.0.6215.1000. This session lasted 6640
seconds with 180 seconds of active time. This session ended with a crash.

[ System Events ]
Error - 03/10/2010 10:42:51 | Computer Name = NIGEL-6518CF5A8 | Source = Service Control Manager | ID = 7000
Description = The SSPORT service failed to start due to the following error: %%2

Error - 04/10/2010 12:54:53 | Computer Name = NIGEL-6518CF5A8 | Source = Service Control Manager | ID = 7000
Description = The DgiVecp service failed to start due to the following error: %%2

Error - 04/10/2010 12:54:53 | Computer Name = NIGEL-6518CF5A8 | Source = Service Control Manager | ID = 7000
Description = The SSPORT service failed to start due to the following error: %%2

Error - 04/10/2010 12:54:53 | Computer Name = NIGEL-6518CF5A8 | Source = DCOM | ID = 10016
Description = The machine-default permission settings do not grant Local Activation
permission for the COM Server application with CLSID {A4199E55-EBB9-49E5-AF1A-7A5408B2E206}

to the user NT AUTHORITY\NETWORK SERVICE SID (S-1-5-20). This security permission
can be modified using the Component Services administrative tool.

Error - 04/10/2010 12:54:53 | Computer Name = NIGEL-6518CF5A8 | Source = DCOM | ID = 10016
Description = The machine-default permission settings do not grant Local Activation
permission for the COM Server application with CLSID {A4199E55-EBB9-49E5-AF1A-7A5408B2E206}

to the user NT AUTHORITY\NETWORK SERVICE SID (S-1-5-20). This security permission
can be modified using the Component Services administrative tool.

Error - 04/10/2010 12:54:53 | Computer Name = NIGEL-6518CF5A8 | Source = DCOM | ID = 10016
Description = The machine-default permission settings do not grant Local Activation
permission for the COM Server application with CLSID {A4199E55-EBB9-49E5-AF1A-7A5408B2E206}

to the user NT AUTHORITY\NETWORK SERVICE SID (S-1-5-20). This security permission
can be modified using the Component Services administrative tool.

Error - 04/10/2010 12:56:54 | Computer Name = NIGEL-6518CF5A8 | Source = DCOM | ID = 10016
Description = The machine-default permission settings do not grant Local Activation
permission for the COM Server application with CLSID {A4199E55-EBB9-49E5-AF1A-7A5408B2E206}

to the user NT AUTHORITY\NETWORK SERVICE SID (S-1-5-20). This security permission
can be modified using the Component Services administrative tool.

Error - 04/10/2010 12:56:55 | Computer Name = NIGEL-6518CF5A8 | Source = DCOM | ID = 10016
Description = The machine-default permission settings do not grant Local Activation
permission for the COM Server application with CLSID {A4199E55-EBB9-49E5-AF1A-7A5408B2E206}

to the user NT AUTHORITY\NETWORK SERVICE SID (S-1-5-20). This security permission
can be modified using the Component Services administrative tool.

Error - 04/10/2010 12:56:55 | Computer Name = NIGEL-6518CF5A8 | Source = DCOM | ID = 10016
Description = The machine-default permission settings do not grant Local Activation
permission for the COM Server application with CLSID {A4199E55-EBB9-49E5-AF1A-7A5408B2E206}

to the user NT AUTHORITY\NETWORK SERVICE SID (S-1-5-20). This security permission
can be modified using the Component Services administrative tool.

Error - 04/10/2010 14:31:11 | Computer Name = NIGEL-6518CF5A8 | Source = Windows Update Agent | ID = 16
Description = Unable to Connect: Windows is unable to connect to the automatic updates
service and therefore cannot download and install updates according to the set
schedule. Windows will continue to try to establish a connection.

< End of report >

Re: Browser Problems4th October 2010, 11:11 pm

Hello.

Please run OTL.exe.

Copy the commands with file paths below to the clipboard by highlighting ALL of them and pressing CTRL + C (or, after highlighting, right-click and choose Copy):

:OTL
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - No CLSID value found.
O4 - HKLM..\Run: [] File not found
O4 - HKLM..\Run: [wcnhqepr] C:\Documents and Settings\Jake\Local Settings\Application Data\dqwrjjlek\slayldftssd.exe File not found
Return to OTL, right click in the "Custom Scans/Fixes" window (under the light green bar) and choose Paste.
Click the red Run Fix button.
A fix log in Notepad will appear. Copy the contents of the fix log to the clipboard by highlighting ALL of them and pressing CTRL + C (or, after highlighting, right-click and choose copy), and paste it in your next reply.
Close OTL.exe

If a file or folder cannot be moved immediately you may be asked to reboot the machine to finish the move process. If you are asked to reboot the machine choose Yes.

Re: Browser Problems5th October 2010, 8:20 pm

The first log I ran showed this:

Error: Unable to interpret in the current context!
Error: Unable to interpret in the current context!
Error: Unable to interpret in the current context!
Error: Unable to interpret in the current context!

OTL by OldTimer - Version 3.2.14.1 log created on 10052010_211600

Then, about 1 minute later, I ran it again, and the following was displayed:

========== OTL ==========
Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{5C255C8A-E604-49b4-9D64-90988571CECB}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{5C255C8A-E604-49b4-9D64-90988571CECB}\ not found.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\ deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\wcnhqepr deleted successfully.

OTL by OldTimer - Version 3.2.14.1 log created on 10052010_211819

Also, I have just had a new browser tab opened up, stating that my computer was about to be checked, by 'Antivirus 2010'. As well, the majority of the time, when I click on a link, it opens up a new browser tab, which i'm sure is trying to open up the fake antivirus page.

Many thanks.

Re: Browser Problems5th October 2010, 9:18 pm

Please download and run this tool.

Download Malwarebytes' Anti-Malware from Here

Double Click mbam-setup.exe to install the application.

Make sure a checkmark is placed next to Update Malwarebytes' Anti-Malware and Launch Malwarebytes' Anti-Malware, then click Finish.
If an update is found, it will download and install the latest version.
Once the program has loaded, select "Perform Quick Scan", then click Scan.
The scan may take some time to finish,so please be patient.
When the scan is complete, click OK, then Show Results to view the results.
Make sure that everything is checked, and click Remove Selected.
When disinfection is completed, a log will open in Notepad and you may be prompted to Restart. (See Note)
The log is automatically saved by MBAM and can be viewed by clicking the Logs tab in MBAM.

Note:
If MBAM encounters a file that is difficult to remove, you will be presented with 1 of 2 prompts.
Click OK to either and let MBAM proceed with the disinfection process.
If asked to restart the computer, please do so immediately.

Post the contents of the MBAM Log.

Re: Browser Problems6th October 2010, 9:11 pm

Malwarebytes' Anti-Malware 1.46
www.malwarebytes.org

Database version: 4052

Windows 5.1.2600 Service Pack 2
Internet Explorer 7.0.5730.13

06/10/2010 21:27:59
mbam-log-2010-10-06 (21-27-59).txt

Scan type: Quick scan
Objects scanned: 182783
Time elapsed: 25 minute(s), 38 second(s)

Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 0
Registry Values Infected: 0
Registry Data Items Infected: 4
Folders Infected: 0
Files Infected: 0

Memory Processes Infected:
(No malicious items detected)

Memory Modules Infected:
(No malicious items detected)

Registry Keys Infected:
(No malicious items detected)

Registry Values Infected:
(No malicious items detected)

Registry Data Items Infected:
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters\NameServer (Trojan.DNSChanger) -> Data: 93.188.164.72,93.188.166.222 -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters\Interfaces\{0c64b57c-59e6-4f69-8bc9-dd5e24c81da1}\NameServer (Trojan.DNSChanger) -> Data: 93.188.164.72,93.188.166.222 -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters\Interfaces\{ac5dd237-3c15-4ff0-b420-307d463411fe}\NameServer (Trojan.DNSChanger) -> Data: 93.188.164.72,93.188.166.222 -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters\Interfaces\{b6fae162-6fd3-4736-97b0-89dd3d085400}\NameServer (Trojan.DNSChanger) -> Data: 93.188.164.72,93.188.166.222 -> Quarantined and deleted successfully.

Folders Infected:
(No malicious items detected)

Files Infected:
(No malicious items detected)

Re: Browser Problems6th October 2010, 9:29 pm

Hello.

Please re-open Malwarebytes, click the Update tab, and click Check for Updates. Then, click the Scanner tab, select Perform Quick Scan, and press Scan.

Post the new log when done.

Re: Browser Problems7th October 2010, 5:50 pm

Malwarebytes' Anti-Malware 1.46
www.malwarebytes.org

Database version: 4770

Windows 5.1.2600 Service Pack 2
Internet Explorer 7.0.5730.13

07/10/2010 18:49:07
mbam-log-2010-10-07 (18-49-07).txt

Scan type: Quick scan
Objects scanned: 209152
Time elapsed: 26 minute(s), 49 second(s)

Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 0
Registry Values Infected: 0
Registry Data Items Infected: 0
Folders Infected: 0
Files Infected: 1

Memory Processes Infected:
(No malicious items detected)

Memory Modules Infected:
(No malicious items detected)

Registry Keys Infected:
(No malicious items detected)

Registry Values Infected:
(No malicious items detected)

Registry Data Items Infected:
(No malicious items detected)

Folders Infected:
(No malicious items detected)

Files Infected:
C:\Program Files\Microsoft\desktoplayer.exe (Trojan.Agent) -> Quarantined and deleted successfully.

Re: Browser Problems7th October 2010, 7:42 pm

Hello.
Bad news, MBAM found a file related to new infection called Ramnit, it's a file infector that can infect all your .exe files on the machine.

Do you have your XP disc? the only way out Ramnit is to format the machine.

Re: Browser Problems7th October 2010, 8:58 pm

Ah, thanks. Will this have any problems with my removable hard drive? I really wouldn't like to lose everything on it (it contains all of my music and photos), would it be possible to copy everything to a few DVD's?

So basically, re-format the computer, and all will be ok?

Re: Browser Problems7th October 2010, 10:27 pm

Hello.

Download combofix from here
Link 1
Link 2

1. If you are using Firefox, make sure that your download settings are as follows:

* Tools->Options->Main tab
* Set to "Always ask me where to Save the files".

2. During the download, rename Combofix to Combo-Fix as follows:

3. It is important you rename Combofix during the download, but not after.
4. Please do not rename Combofix to other names, but only to the one indicated.
5. Close any open browsers.
6. Close/disable all anti virus and anti malware programs so they do not interfere with the running of ComboFix.
We need to disable your local AV (Anti-virus) before running Combofix.
See HERE for how to disable your AV.
Double click on ComboFix.exe.
Follow the prompts. NOTE:
ComboFix will check to see if the Microsoft Windows Recovery Console is installed.
***It's strongly recommended to have the Recovery Console installed before doing any malware removal.***

**Please note: If the Microsoft Windows Recovery Console is already installed, ComboFix will automatically proceed with its scan.
The Recovery Console provides a recovery/repair mode should a problem occur during a Combofix run.
Allow ComboFix to download the Recovery Console.
Accept the End-User License Agreement.
The Recovery Console will be installed.
You will then get this next prompt that asks if you want to continue the malware scan, select yes
Allow combofix to run
Post C:\combofix.txt back here.

Note:
Do not mouseclick combofix's window whilst it's running. That may cause it to stall.

Browser Problems

descriptionBrowser Problems2nd October 2010, 8:15 pm

descriptionRe: Browser Problems3rd October 2010, 12:04 am

descriptionRe: Browser Problems4th October 2010, 8:54 pm

descriptionRe: Browser Problems4th October 2010, 8:54 pm

descriptionRe: Browser Problems4th October 2010, 11:11 pm

descriptionRe: Browser Problems5th October 2010, 8:20 pm

descriptionRe: Browser Problems5th October 2010, 9:18 pm

descriptionRe: Browser Problems6th October 2010, 9:11 pm

descriptionRe: Browser Problems6th October 2010, 9:29 pm

descriptionRe: Browser Problems7th October 2010, 5:50 pm

descriptionRe: Browser Problems7th October 2010, 7:42 pm

descriptionRe: Browser Problems7th October 2010, 8:58 pm

descriptionRe: Browser Problems7th October 2010, 10:27 pm

descriptionRe: Browser Problems