Looks like you're enjoying the discussion, but you're not signed up for an account. When you create an account, we remember exactly what you've read, so you always come right back where you left off. You also get notifications, here and via email, whenever new posts are made. You can like posts to share the love. 
Join 
This topic is locked
Hi Jeff, sorry again for the delay, the holiday period has disrupted my usual schedule.
I followed your last instruction to the letter and post the log here,
OTL logfile created on: 29/12/2013 21:44:16 - Run 2
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Documents and Settings\Owner\Desktop
Windows XP Home Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000809 | Country: United Kingdom | Language: ENG | Date Format: dd/MM/yyyy
1.75 Gb Total Physical Memory | 1.16 Gb Available Physical Memory | 66.47% Memory free
3.60 Gb Paging File | 3.07 Gb Available in Paging File | 85.26% Paging File free
Paging file location(s): C:\pagefile.sys 2046 4092 [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 298.08 Gb Total Space | 110.85 Gb Free Space | 37.19% Space Free | Partition Type: NTFS
Drive D: | 38.28 Gb Total Space | 36.82 Gb Free Space | 96.20% Space Free | Partition Type: NTFS
Computer Name: OWNER-3FC151321 | User Name: Owner | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
========== Processes (SafeList) ==========
PRC - C:\Program Files\AVAST Software\Avast\AvastUI.exe (AVAST Software)
PRC - C:\Program Files\AVAST Software\Avast\AvastSvc.exe (AVAST Software)
PRC - C:\Documents and Settings\Owner\Desktop\OTL.exe (OldTimer Tools)
PRC - c:\Program Files\Microsoft Security Client\MsMpEng.exe (Microsoft Corporation)
PRC - C:\Program Files\Microsoft Security Client\msseces.exe (Microsoft Corporation)
PRC - C:\Program Files\Real\RealPlayer\Update\realsched.exe (RealNetworks, Inc.)
PRC - C:\Program Files\RealNetworks\RealDownloader\rndlresolversvc.exe ()
PRC - C:\Program Files\AdFender\AdFender.exe (AdFender, Inc.)
PRC - C:\Program Files\Kodak\AiO\Center\EKAiOHostService.exe (Eastman Kodak Company)
PRC - C:\Program Files\Kodak\AiO\StatusMonitor\EKStatusMonitor.exe (Eastman Kodak Company)
PRC - C:\Program Files\Kodak\AiO\StatusMonitor\EKPrinterSDK.exe (Eastman Kodak Company)
PRC - C:\Program Files\PC Tools\PC Tools Security\BDT\BDTUpdateService.exe (Threat Expert Ltd.)
PRC - C:\WINDOWS\explorer.exe (Microsoft Corporation)
PRC - C:\Program Files\SEC\Natural Color Pro\NCProTray.exe (Samsung)
PRC - C:\WINDOWS\system32\CTHELPER.EXE (Creative Technology Ltd)
PRC - C:\WINDOWS\tppaldr.exe (In-System Design, Inc.)
========== Modules (No Company Name) ==========
MOD - C:\Program Files\AVAST Software\Avast\defs\13122900\algo.dll ()
MOD - C:\Program Files\AVAST Software\Avast\libcef.dll ()
MOD - C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Configuration\1b7600e7fe5e152f21ba6d79f3c0c3b6\System.Configuration.ni.dll ()
MOD - C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\02257c6b67db33c194fa3beccf977afb\System.Windows.Forms.ni.dll ()
MOD - C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Inkjet.DeviceSettin#\089a13b51a9c17442eff954e2d2ebc6c\Inkjet.DeviceSettings.ni.dll ()
MOD - C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Web\972dcf9830a64e9802aaca3a83cae24b\System.Web.ni.dll ()
MOD - C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Runtime.Remo#\f4ea3ea9bbe98bbc32c6def83bd2962d\System.Runtime.Remoting.ni.dll ()
MOD - C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Inkjet.Statistics\9c94aafee5b7205371940212c4055d3d\Inkjet.Statistics.ni.dll ()
MOD - C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Inkjet.Localization\5a136875748781cac5f84520b9046e56\Inkjet.Localization.ni.dll ()
MOD - C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Inkjet.Diagnostics\ebe1cb191c8906f3d161cfaef676a309\Inkjet.Diagnostics.ni.dll ()
MOD - C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Inkjet.Utilities\c43b49d65e0cc0113880b6b3f95d2314\Inkjet.Utilities.ni.dll ()
MOD - C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Inkjet.Configuration\be693a87b798c9317dd9a70638f94618\Inkjet.Configuration.ni.dll ()
MOD - C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Inkjet.Hardware\0a6fe7786e48b51759b8e18dc3060b8c\Inkjet.Hardware.ni.dll ()
MOD - C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Inkjet.Automation\67f02c1e223d14f00fb51694068b08f4\Inkjet.Automation.ni.dll ()
MOD - C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Xml\f93600ac836b9140e1df13bb0f6bfccf\System.Xml.ni.dll ()
MOD - C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Drawing\3b34cb206ab0cec687c3730b14cdff57\System.Drawing.ni.dll ()
MOD - C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System\10df39542df7d48462451fc39bce8418\System.ni.dll ()
MOD - C:\Program Files\RealNetworks\RealDownloader\rndlresolversvc.exe ()
MOD - C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Interop.EKAiO2SDKLib\ea614f74eb722c113b5cc0e7b496aa8a\Interop.EKAiO2SDKLib.ni.dll ()
MOD - C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Accessibility\8f799a4688381624de3cfb1edbccb163\Accessibility.ni.dll ()
MOD - C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\mscorlib\b14359470744c840c59fbe4e58034fd6\mscorlib.ni.dll ()
MOD - C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DisplaysManager.Graphics.Wizard\2.0.3321.40317__90ba9c70f846762e\CLI.Aspect.DisplaysManager.Graphics.Wizard.dll ()
MOD - C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.TransCode.Graphics.Wizard\2.0.3321.40399__90ba9c70f846762e\CLI.Aspect.TransCode.Graphics.Wizard.dll ()
MOD - C:\WINDOWS\assembly\GAC_MSIL\CLI.Caste.Graphics.Runtime\2.0.3321.40301__90ba9c70f846762e\CLI.Caste.Graphics.Runtime.dll ()
MOD - C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.InfoCentre.Graphics.Wizard\2.0.3321.40319__90ba9c70f846762e\CLI.Aspect.InfoCentre.Graphics.Wizard.dll ()
MOD - C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.Welcome.Graphics.Dashboard\2.0.3321.40400__90ba9c70f846762e\CLI.Aspect.Welcome.Graphics.Dashboard.dll ()
MOD - C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.VPURecover.Graphics.Dashboard\2.0.3321.40318__90ba9c70f846762e\CLI.Aspect.VPURecover.Graphics.Dashboard.dll ()
MOD - C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.Radeon3D.Graphics.Wizard\2.0.3321.40363__90ba9c70f846762e\CLI.Aspect.Radeon3D.Graphics.Wizard.dll ()
MOD - C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DeviceTV.Graphics.Runtime\2.0.3321.40378__90ba9c70f846762e\CLI.Aspect.DeviceTV.Graphics.Runtime.dll ()
MOD - C:\WINDOWS\assembly\GAC_MSIL\CLI.Caste.Graphics.Dashboard\2.0.3321.40308__90ba9c70f846762e\CLI.Caste.Graphics.Dashboard.dll ()
MOD - C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DeviceCV.Graphics.Runtime\2.0.3321.40357__90ba9c70f846762e\CLI.Aspect.DeviceCV.Graphics.Runtime.dll ()
MOD - C:\WINDOWS\assembly\GAC_MSIL\CLI.Caste.Graphics.Wizard\2.0.3321.40314__90ba9c70f846762e\CLI.Caste.Graphics.Wizard.dll ()
MOD - C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DeviceProperty.Graphics.Runtime\2.0.3321.40343__90ba9c70f846762e\CLI.Aspect.DeviceProperty.Graphics.Runtime.dll ()
MOD - C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.VPURecover.Graphics.Runtime\2.0.3321.40318__90ba9c70f846762e\CLI.Aspect.VPURecover.Graphics.Runtime.dll ()
MOD - C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.HotkeysHandling.Graphics.Runtime\2.0.3321.40308__90ba9c70f846762e\CLI.Aspect.HotkeysHandling.Graphics.Runtime.dll ()
MOD - C:\WINDOWS\assembly\GAC_MSIL\CLI.Caste.HydraVision.Runtime\2.0.3321.40417__90ba9c70f846762e\CLI.Caste.HydraVision.Runtime.dll ()
MOD - C:\WINDOWS\assembly\GAC_MSIL\CLI.Caste.HydraVision.Shared\2.0.3321.40417__90ba9c70f846762e\CLI.Caste.HydraVision.Shared.dll ()
MOD - C:\WINDOWS\assembly\GAC_MSIL\CLI.Caste.HydraVision.Wizard\2.0.3321.40422__90ba9c70f846762e\CLI.Caste.HydraVision.Wizard.dll ()
MOD - C:\WINDOWS\assembly\GAC_MSIL\CLI.Caste.HydraVision.Dashboard\2.0.3321.40417__90ba9c70f846762e\CLI.Caste.HydraVision.Dashboard.dll ()
MOD - C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.MMVideo.Graphics.Dashboard\2.0.3321.40346__90ba9c70f846762e\CLI.Aspect.MMVideo.Graphics.Dashboard.dll ()
MOD - C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.MMVideo.Graphics.Wizard\2.0.3321.40372__90ba9c70f846762e\CLI.Aspect.MMVideo.Graphics.Wizard.dll ()
MOD - C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.InfoCentre.Graphics.Dashboard\2.0.3321.40320__90ba9c70f846762e\CLI.Aspect.InfoCentre.Graphics.Dashboard.dll ()
MOD - C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DisplaysOptions.Graphics.Dashboard\2.0.3321.40354__90ba9c70f846762e\CLI.Aspect.DisplaysOptions.Graphics.Dashboard.dll ()
MOD - C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.MMVideo.Graphics.Runtime\2.0.3321.40345__90ba9c70f846762e\CLI.Aspect.MMVideo.Graphics.Runtime.dll ()
MOD - C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.Radeon3D.Graphics.Runtime\2.0.3321.40362__90ba9c70f846762e\CLI.Aspect.Radeon3D.Graphics.Runtime.dll ()
MOD - C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DisplaysManager.Graphics.Dashboard\2.0.3321.40310__90ba9c70f846762e\CLI.Aspect.DisplaysManager.Graphics.Dashboard.dll ()
MOD - C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DisplaysColour2.Graphics.Dashboard\2.0.3321.40320__90ba9c70f846762e\CLI.Aspect.DisplaysColour2.Graphics.Dashboard.dll ()
MOD - C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DeviceCRT.Graphics.Dashboard\2.0.3321.40344__90ba9c70f846762e\CLI.Aspect.DeviceCRT.Graphics.Dashboard.dll ()
MOD - C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DeviceDFP.Graphics.Runtime\2.0.3321.40343__90ba9c70f846762e\CLI.Aspect.DeviceDFP.Graphics.Runtime.dll ()
MOD - C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DisplaysColour2.Graphics.Runtime\2.0.3321.40324__90ba9c70f846762e\CLI.Aspect.DisplaysColour2.Graphics.Runtime.dll ()
MOD - C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DeviceCRT.Graphics.Runtime\2.0.3321.40344__90ba9c70f846762e\CLI.Aspect.DeviceCRT.Graphics.Runtime.dll ()
MOD - C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DisplaysOptions.Graphics.Runtime\2.0.3321.40354__90ba9c70f846762e\CLI.Aspect.DisplaysOptions.Graphics.Runtime.dll ()
MOD - C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DeviceLCD.Graphics.Runtime\2.0.3321.40355__90ba9c70f846762e\CLI.Aspect.DeviceLCD.Graphics.Runtime.dll ()
MOD - C:\WINDOWS\assembly\GAC_MSIL\AEM.Plugin.Hotkeys.Shared\2.0.3294.18728__90ba9c70f846762e\AEM.Plugin.Hotkeys.Shared.dll ()
MOD - C:\WINDOWS\assembly\GAC_MSIL\AEM.Actions.CCAA.Shared\2.0.3294.18709__90ba9c70f846762e\AEM.Actions.CCAA.Shared.dll ()
MOD - C:\WINDOWS\assembly\GAC_MSIL\AEM.Plugin.WinMessages.Shared\2.0.3294.18751__90ba9c70f846762e\AEM.Plugin.WinMessages.Shared.dll ()
MOD - C:\WINDOWS\assembly\GAC_MSIL\AEM.Plugin.REG.Shared\2.0.3294.18787__90ba9c70f846762e\AEM.Plugin.REG.Shared.dll ()
MOD - C:\WINDOWS\assembly\GAC_MSIL\AEM.Plugin.GD.Shared\2.0.3294.18795__90ba9c70f846762e\AEM.Plugin.GD.Shared.dll ()
MOD - C:\WINDOWS\assembly\GAC_MSIL\AEM.Plugin.EEU.Shared\2.0.3294.18747__90ba9c70f846762e\AEM.Plugin.EEU.Shared.dll ()
MOD - C:\WINDOWS\assembly\GAC_MSIL\AEM.Plugin.DPPE.Shared\2.0.3294.18794__90ba9c70f846762e\AEM.Plugin.DPPE.Shared.dll ()
MOD - C:\WINDOWS\assembly\GAC_MSIL\atixclib\1.0.0.0__90ba9c70f846762e\atixclib.dll ()
MOD - C:\WINDOWS\assembly\GAC_MSIL\CLI.Foundation\2.0.3294.18708__90ba9c70f846762e\CLI.Foundation.dll ()
MOD - C:\WINDOWS\assembly\GAC_MSIL\CLI.Caste.Graphics.Shared\2.0.3294.18735__90ba9c70f846762e\CLI.Caste.Graphics.Shared.dll ()
MOD - C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.Radeon3D.Graphics.Shared\2.0.3294.18771__90ba9c70f846762e\CLI.Aspect.Radeon3D.Graphics.Shared.dll ()
MOD - C:\WINDOWS\assembly\GAC_MSIL\DEM.Graphics.I0601\2.0.2573.17685__90ba9c70f846762e\DEM.Graphics.I0601.dll ()
MOD - C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.TransCode.Graphics.Shared\2.0.3294.18785__90ba9c70f846762e\CLI.Aspect.TransCode.Graphics.Shared.dll ()
MOD - C:\WINDOWS\assembly\GAC_MSIL\LOG.Foundation\2.0.3294.18699__90ba9c70f846762e\LOG.Foundation.dll ()
MOD - C:\WINDOWS\assembly\GAC_MSIL\NEWAEM.Foundation\2.0.3294.18701__90ba9c70f846762e\NEWAEM.Foundation.dll ()
MOD - C:\WINDOWS\assembly\GAC_MSIL\CLI.Foundation.XManifest\2.0.3294.18832__90ba9c70f846762e\CLI.Foundation.XManifest.dll ()
MOD - C:\WINDOWS\assembly\GAC_MSIL\DEM.OS.I0602\2.0.3294.18753__90ba9c70f846762e\DEM.OS.I0602.dll ()
MOD - C:\WINDOWS\assembly\GAC_MSIL\CLI.Component.Wizard.Shared\2.0.3294.18737__90ba9c70f846762e\CLI.Component.Wizard.Shared.dll ()
MOD - C:\WINDOWS\assembly\GAC_MSIL\CLI.Component.Dashboard.Shared\2.0.3294.18731__90ba9c70f846762e\CLI.Component.Dashboard.Shared.dll ()
MOD - C:\WINDOWS\assembly\GAC_MSIL\CLI.Component.Client.Shared\2.0.3294.18717__90ba9c70f846762e\CLI.Component.Client.Shared.dll ()
MOD - C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.VPURecover.Graphics.Shared\2.0.3294.18759__90ba9c70f846762e\CLI.Aspect.VPURecover.Graphics.Shared.dll ()
MOD - C:\WINDOWS\assembly\GAC_MSIL\MOM.Foundation\2.0.3294.18745__90ba9c70f846762e\MOM.Foundation.dll ()
MOD - C:\WINDOWS\assembly\GAC_MSIL\DEM.OS\2.0.3294.18787__90ba9c70f846762e\DEM.OS.dll ()
MOD - C:\WINDOWS\assembly\GAC_MSIL\DEM.Graphics.I0706\2.0.2743.23304__90ba9c70f846762e\DEM.Graphics.I0706.dll ()
MOD - C:\WINDOWS\assembly\GAC_MSIL\DEM.Graphics\2.0.3294.18755__90ba9c70f846762e\DEM.Graphics.dll ()
MOD - C:\WINDOWS\assembly\GAC_MSIL\DEM.Foundation\2.0.2573.17684__90ba9c70f846762e\DEM.Foundation.dll ()
MOD - C:\WINDOWS\assembly\GAC_MSIL\CLI.Component.Runtime.Shared\2.0.3294.18727__90ba9c70f846762e\CLI.Component.Runtime.Shared.dll ()
MOD - C:\WINDOWS\assembly\GAC_MSIL\CLI.Caste.Graphics.Wizard.Shared\2.0.3294.18758__90ba9c70f846762e\CLI.Caste.Graphics.Wizard.Shared.dll ()
MOD - C:\WINDOWS\assembly\GAC_MSIL\CLI.Caste.Graphics.Dashboard.Shared\2.0.3294.18755__90ba9c70f846762e\CLI.Caste.Graphics.Dashboard.Shared.dll ()
MOD - C:\WINDOWS\assembly\GAC_MSIL\CLI.Component.Systemtray\2.0.3321.40387__90ba9c70f846762e\CLI.Component.Systemtray.dll ()
MOD - C:\WINDOWS\assembly\GAC_MSIL\ResourceManagement.Foundation.Implementation\2.0.3321.40431__90ba9c70f846762e\ResourceManagement.Foundation.Implementation.dll ()
MOD - C:\WINDOWS\assembly\GAC_MSIL\CLI.Component.Wizard\2.0.3321.40314__90ba9c70f846762e\CLI.Component.Wizard.dll ()
MOD - C:\WINDOWS\assembly\GAC_MSIL\MOM.Implementation\2.0.3321.40393__90ba9c70f846762e\MOM.Implementation.dll ()
MOD - C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DeviceTV.Graphics.Shared\2.0.3294.18772__90ba9c70f846762e\CLI.Aspect.DeviceTV.Graphics.Shared.dll ()
MOD - C:\WINDOWS\assembly\GAC_MSIL\LOG.Foundation.Implementation\2.0.3321.40391__90ba9c70f846762e\LOG.Foundation.Implementation.dll ()
MOD - C:\WINDOWS\assembly\GAC_MSIL\CLI.Component.SkinFactory\2.0.3321.40300__90ba9c70f846762e\CLI.Component.SkinFactory.dll ()
MOD - C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.MMVideo.Graphics.Shared\2.0.3294.18767__90ba9c70f846762e\CLI.Aspect.MMVideo.Graphics.Shared.dll ()
MOD - C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DeviceCRT.Graphics.Shared\2.0.3294.18766__90ba9c70f846762e\CLI.Aspect.DeviceCRT.Graphics.Shared.dll ()
MOD - C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DeviceDFP.Graphics.Shared\2.0.3294.18765__90ba9c70f846762e\CLI.Aspect.DeviceDFP.Graphics.Shared.dll ()
MOD - C:\WINDOWS\assembly\GAC_MSIL\CLI.Component.Runtime.Shared.Private\2.0.3294.18750__90ba9c70f846762e\CLI.Component.Runtime.Shared.Private.dll ()
MOD - C:\WINDOWS\assembly\GAC_MSIL\AEM.Plugin.Source.Kit.Server\2.0.3321.40409__90ba9c70f846762e\AEM.Plugin.Source.Kit.Server.dll ()
MOD - C:\WINDOWS\assembly\GAC_MSIL\CLI.Foundation.Private\2.0.3294.18714__90ba9c70f846762e\CLI.Foundation.Private.dll ()
MOD - C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DeviceCV.Graphics.Shared\2.0.3294.18771__90ba9c70f846762e\CLI.Aspect.DeviceCV.Graphics.Shared.dll ()
MOD - C:\WINDOWS\assembly\GAC_MSIL\LOG.Foundation.Private\2.0.3294.18725__90ba9c70f846762e\LOG.Foundation.Private.dll ()
MOD - C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DeviceProperty.Graphics.Shared\2.0.3294.18742__90ba9c70f846762e\CLI.Aspect.DeviceProperty.Graphics.Shared.dll ()
MOD - C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DisplaysColour2.Graphics.Shared\2.0.3294.18760__90ba9c70f846762e\CLI.Aspect.DisplaysColour2.Graphics.Shared.dll ()
MOD - C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DeviceLCD.Graphics.Shared\2.0.3294.18756__90ba9c70f846762e\CLI.Aspect.DeviceLCD.Graphics.Shared.dll ()
MOD - C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.CustomFormats.Graphics.Shared\2.0.3294.18748__90ba9c70f846762e\CLI.Aspect.CustomFormats.Graphics.Shared.dll ()
MOD - C:\WINDOWS\assembly\GAC_MSIL\CLI.Component.Wizard.Shared.Private\2.0.3294.18748__90ba9c70f846762e\CLI.Component.Wizard.Shared.Private.dll ()
MOD - C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DisplaysOptions.Graphics.Shared\2.0.3294.18769__90ba9c70f846762e\CLI.Aspect.DisplaysOptions.Graphics.Shared.dll ()
MOD - C:\WINDOWS\assembly\GAC_MSIL\ACE.Graphics.DisplaysManager.Shared\2.0.2573.17685__90ba9c70f846762e\ACE.Graphics.DisplaysManager.Shared.dll ()
MOD - C:\WINDOWS\assembly\GAC_MSIL\ResourceManagement.Foundation.Private\2.0.3294.18720__90ba9c70f846762e\ResourceManagement.Foundation.Private.dll ()
MOD - C:\WINDOWS\assembly\GAC_MSIL\LOG.Foundation.Implementation.Private\2.0.3294.18745__90ba9c70f846762e\LOG.Foundation.Implementation.Private.dll ()
MOD - C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.HotkeysHandling.Graphics.Shared\2.0.3294.18757__90ba9c70f846762e\CLI.Aspect.HotkeysHandling.Graphics.Shared.dll ()
MOD - C:\WINDOWS\assembly\GAC_MSIL\APM.Foundation\2.0.3294.18746__90ba9c70f846762e\APM.Foundation.dll ()
MOD - C:\WINDOWS\assembly\GAC_MSIL\AEM.Server.Shared\2.0.3294.18728__90ba9c70f846762e\AEM.Server.Shared.dll ()
MOD - C:\WINDOWS\assembly\GAC_MSIL\AxInterop.WBOCXLib\1.0.0.0__90ba9c70f846762e\AxInterop.WBOCXLib.dll ()
MOD - C:\WINDOWS\assembly\GAC\Interop.WBOCXLib\1.0.0.0__90ba9c70f846762e\Interop.WBOCXLib.dll ()
MOD - C:\WINDOWS\assembly\GAC_MSIL\CLI.Component.Runtime.Extension.EEU\2.0.3321.40297__90ba9c70f846762e\CLI.Component.Runtime.Extension.EEU.dll ()
MOD - C:\WINDOWS\assembly\GAC_MSIL\CLI.Component.Dashboard\2.0.3321.40305__90ba9c70f846762e\CLI.Component.Dashboard.dll ()
MOD - C:\WINDOWS\assembly\GAC_MSIL\ATIDEMOS\2.0.3321.40299__90ba9c70f846762e\ATIDEMOS.dll ()
MOD - C:\WINDOWS\assembly\GAC_MSIL\CLI.Component.Runtime\2.0.3321.40298__90ba9c70f846762e\CLI.Component.Runtime.dll ()
MOD - C:\WINDOWS\assembly\GAC_MSIL\APM.Server\2.0.3321.40298__90ba9c70f846762e\APM.Server.dll ()
MOD - C:\WINDOWS\assembly\GAC_MSIL\AEM.Server\2.0.3321.40297__90ba9c70f846762e\AEM.Server.dll ()
MOD - C:\WINDOWS\assembly\GAC_MSIL\CLI.Component.Client.Shared.Private\2.0.3294.18740__90ba9c70f846762e\CLI.Component.Client.Shared.Private.dll ()
MOD - C:\WINDOWS\assembly\GAC_MSIL\ATICCCom\2.0.0.0__90ba9c70f846762e\ATICCCom.dll ()
MOD - C:\WINDOWS\assembly\GAC_MSIL\CCC.Implementation\2.0.3321.40392__90ba9c70f846762e\CCC.Implementation.dll ()
MOD - C:\WINDOWS\assembly\GAC_MSIL\CLI.Component.Dashboard.Shared.Private\2.0.3294.18744__90ba9c70f846762e\CLI.Component.Dashboard.Shared.Private.dll ()
MOD - C:\WINDOWS\assembly\GAC_MSIL\CLI.Caste.Graphics.Runtime.Shared.Private\2.0.3294.18774__90ba9c70f846762e\CLI.Caste.Graphics.Runtime.Shared.Private.dll ()
MOD - C:\Program Files\ATI Technologies\ATI.ACE\Branding\Branding.dll ()
========== Services (SafeList) ==========
SRV - (HidServ) -- %SystemRoot%\System32\hidserv.dll File not found
SRV - (AppMgmt) -- %SystemRoot%\System32\appmgmts.dll File not found
SRV - (avast! Antivirus) -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe (AVAST Software)
SRV - (MsMpSvc) -- c:\Program Files\Microsoft Security Client\MsMpEng.exe (Microsoft Corporation)
SRV - (RealNetworks Downloader Resolver Service) -- C:\Program Files\RealNetworks\RealDownloader\rndlresolversvc.exe ()
SRV - (Kodak AiO Network Discovery Service) -- C:\Program Files\Kodak\AiO\Center\EKAiOHostService.exe (Eastman Kodak Company)
SRV - (Kodak AiO Status Monitor Service) -- C:\Program Files\Kodak\AiO\StatusMonitor\EKPrinterSDK.exe (Eastman Kodak Company)
SRV - (sdCoreService) -- C:\Program Files\PC Tools\PC Tools Security\pctsSvc.exe (PC Tools)
SRV - (sdAuxService) -- C:\Program Files\PC Tools\PC Tools Security\pctsAuxs.exe (PC Tools)
SRV - (Browser Defender Update Service) -- C:\Program Files\PC Tools\PC Tools Security\BDT\BDTUpdateService.exe (Threat Expert Ltd.)
========== Driver Services (SafeList) ==========
DRV - (WDICA) -- File not found
DRV - (PDRFRAME) -- File not found
DRV - (PDRELI) -- File not found
DRV - (PDFRAME) -- File not found
DRV - (PDCOMP) -- File not found
DRV - (PCIDump) -- File not found
DRV - (lbrtfdc) -- File not found
DRV - (i2omgmt) -- File not found
DRV - (Changer) -- File not found
DRV - (catchme) -- C:\ComboFix\catchme.sys File not found
DRV - (aswSnx) -- C:\WINDOWS\system32\drivers\aswSnx.sys (AVAST Software)
DRV - (aswSP) -- C:\WINDOWS\system32\drivers\aswSP.sys (AVAST Software)
DRV - (aswVmm) -- C:\WINDOWS\System32\drivers\aswVmm.sys ()
DRV - (aswMonFlt) -- C:\WINDOWS\system32\drivers\aswMonFlt.sys (AVAST Software)
DRV - (aswTdi) -- C:\WINDOWS\system32\drivers\aswTdi.sys (AVAST Software)
DRV - (AswRdr) -- C:\WINDOWS\system32\drivers\aswRdr.sys (AVAST Software)
DRV - (aswRvrt) -- C:\WINDOWS\System32\drivers\aswRvrt.sys ()
DRV - (aswFsBlk) -- C:\WINDOWS\system32\drivers\aswFsBlk.sys (AVAST Software)
DRV - (pctplsm) -- C:\WINDOWS\system32\drivers\pctplsm.sys (PC Tools)
DRV - (PCTSD) -- C:\WINDOWS\system32\drivers\PCTSD.sys (PC Tools)
DRV - (pctgntdi) -- C:\WINDOWS\system32\drivers\pctgntdi.sys (PC Tools)
DRV - (PCTBD) -- C:\WINDOWS\system32\drivers\PCTBD.sys (PC Tools)
DRV - (PCTCore) -- C:\WINDOWS\system32\drivers\PCTCore.sys (PC Tools)
DRV - (pctEFA) -- C:\WINDOWS\system32\drivers\pctEFA.sys (PC Tools)
DRV - (pctDS) -- C:\WINDOWS\system32\drivers\pctDS.sys (PC Tools)
DRV - (IntcAzAudAddService) -- C:\WINDOWS\system32\drivers\RtkHDAud.sys (Realtek Semiconductor Corp.)
DRV - (RTLE8023xp) -- C:\WINDOWS\system32\drivers\Rtenicxp.sys (Realtek Semiconductor Corporation )
DRV - (ati2mtag) -- C:\WINDOWS\system32\drivers\ati2mtag.sys (ATI Technologies Inc.)
DRV - (Monfilt) -- C:\WINDOWS\system32\drivers\Monfilt.sys (Creative Technology Ltd.)
DRV - (Ambfilt) -- C:\WINDOWS\system32\drivers\Ambfilt.sys (Creative)
DRV - (gameenum) -- C:\WINDOWS\system32\drivers\gameenum.sys (Microsoft Corporation)
DRV - (amdide) -- C:\WINDOWS\system32\drivers\amdide.sys (Advanced Micro Devices)
DRV - (AmdK8) -- C:\WINDOWS\system32\drivers\AmdK8.sys (Advanced Micro Devices)
DRV - (NCPro) -- C:\WINDOWS\system32\drivers\MTictwl.sys ()
DRV - (MagicTune) -- C:\WINDOWS\system32\drivers\MTictwl.sys ()
DRV - (ha10kx2k) -- C:\WINDOWS\system32\drivers\ha10kx2k.sys (Creative Technology Ltd)
DRV - (emupia) -- C:\WINDOWS\system32\drivers\EMUPIA2K.SYS (Creative Technology Ltd)
DRV - (ctsfm2k) -- C:\WINDOWS\system32\drivers\CTSFM2K.SYS (Creative Technology Ltd)
DRV - (ctprxy2k) -- C:\WINDOWS\system32\drivers\CTPRXY2K.SYS (Creative Technology Ltd)
DRV - (ossrv) -- C:\WINDOWS\system32\drivers\ctoss2k.sys (Creative Technology Ltd.)
DRV - (ctaud2k) -- C:\WINDOWS\system32\drivers\ctaud2k.sys (Creative Technology Ltd)
DRV - (ctac32k) -- C:\WINDOWS\system32\drivers\CTAC32K.SYS (Creative Technology Ltd)
DRV - (sfman) -- C:\WINDOWS\system32\drivers\sfmanm.sys (Creative Technology Ltd.)
DRV - (emu10k1) -- C:\WINDOWS\system32\drivers\ctlfacem.sys (Creative Technology Ltd.)
DRV - (emu10k) -- C:\WINDOWS\system32\drivers\emu10k1m.sys (Creative Technology Ltd.)
DRV - (ctljystk) -- C:\WINDOWS\system32\drivers\ctljystk.sys (Creative Technology Ltd.)
DRV - (PfModNT) -- C:\WINDOWS\system32\PfModNT.SYS (Creative Technology Ltd.)
========== Standard Registry (SafeList) ==========
========== Internet Explorer ==========
IE - HKLM\..\SearchScopes,DefaultScope = {9EFB316C-E6AC-470D-8EF1-4860D61AEA97}
IE - HKLM\..\SearchScopes\{9EFB316C-E6AC-470D-8EF1-4860D61AEA97}: "URL" = http://www.google.co...g}&sourceid=ie7
IE - HKLM\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://uk.yahoo.com/
IE - HKCU\..\URLSearchHook: {472734EA-242A-422b-ADF8-83D1E48CC825} - C:\Program Files\PC Tools\PC Tools Security\BDT\PCTBrowserDefender.dll (Threat Expert Ltd.)
IE - HKCU\..\SearchScopes,DefaultScope = {9EFB316C-E6AC-470D-8EF1-4860D61AEA97}
IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/...Box&FORM=IE8SRC
IE - HKCU\..\SearchScopes\{9EFB316C-E6AC-470D-8EF1-4860D61AEA97}: "URL" = http://www.google.co...1I7SAVV_enGB540
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
========== FireFox ==========
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\WINDOWS\system32\Macromed\Flash\NPSWF32_11_9_900_170.dll ()
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@real.com/nppl3260;version=16.0.3.51: c:\program files\real\realplayer\Netscape6\nppl3260.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprndlchromebrowserrecordext;version=1.3.3: C:\Documents and Settings\All Users\Application Data\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlchromebrowserrecordext.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprndlhtml5videoshim;version=1.3.3: C:\Documents and Settings\All Users\Application Data\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlhtml5videoshim.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprndlpepperflashvideoshim;version=1.3.3: C:\Documents and Settings\All Users\Application Data\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlpepperflashvideoshim.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprpplugin;version=16.0.3.51: c:\program files\real\realplayer\Netscape6\nprpplugin.dll (RealPlayer)
FF - HKLM\Software\MozillaPlugins\@realnetworks.com/npdlplugin;version=1: C:\Documents and Settings\All Users\Application Data\RealNetworks\RealDownloader\BrowserPlugins\npdlplugin.dll (RealDownloader)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.0.8: C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.1.1: C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.1.2: C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{DF153AFF-6948-45d7-AC98-4FC4AF8A08E2}: C:\Documents and Settings\All Users\Application Data\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext\ [2013/09/10 18:24:57 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{cb84136f-9c44-433a-9048-c5cd9df1dc16}: C:\Program Files\PC Tools\PC Tools Security\BDT\Firefox\ [2013/11/07 21:37:54 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{ABDE892B-13A8-4d1b-88E6-365A6E755758}: C:\Documents and Settings\All Users\Application Data\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext [2013/09/10 18:24:57 | 000,000,000 | ---D | M]
========== Chrome ==========
CHR - default_search_provider: Google (Enabled)
CHR - default_search_provider: search_url = {google:baseURL}search?q={searchTerms}&{google:RLZ}{google:originalQueryForSuggestion}{google:assistedQueryStats}{google:searchFieldtrialParameter}{google:bookmarkBarPinned}{google:searchClient}{google:sourceId}{google:instantExtendedEnabledParameter}{google:omniboxStartMarginParameter}ie={inputEncoding}
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client={google:suggestClient}&q={searchTerms}&{google:cursorPosition}{google:zeroPrefixUrl}{google:pageClassification}sugkey={google:suggestAPIKeyParameter},
CHR - homepage: http://uk.yahoo.com/
CHR - plugin: Shockwave Flash (Enabled) = C:\Program Files\Google\Chrome\Application\31.0.1650.63\PepperFlash\pepflashplayer.dll
CHR - plugin: Chrome Remote Desktop Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Program Files\Google\Chrome\Application\31.0.1650.63\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Program Files\Google\Chrome\Application\31.0.1650.63\pdf.dll
CHR - plugin: Adobe Acrobat (Enabled) = C:\Program Files\Adobe\Reader 11.0\Reader\Browser\nppdf32.dll
CHR - plugin: Microsoft\u00AE DRM (Enabled) = C:\Program Files\Windows Media Player\npdrmv2.dll
CHR - plugin: Windows Media Player Plug-in Dynamic Link Library (Enabled) = C:\Program Files\Windows Media Player\npdsplay.dll
CHR - plugin: Microsoft\u00AE DRM (Enabled) = C:\Program Files\Windows Media Player\npwmsdrm.dll
CHR - plugin: Google Update (Enabled) = C:\Program Files\Google\Update\1.3.21.123\npGoogleUpdate3.dll
CHR - plugin: Windows Presentation Foundation (Enabled) = c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll
CHR - Extension: Google Docs = C:\Documents and Settings\Owner\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.5_0\
CHR - Extension: Google Drive = C:\Documents and Settings\Owner\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.3_0\
CHR - Extension: YouTube = C:\Documents and Settings\Owner\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.6_0\
CHR - Extension: Google Search = C:\Documents and Settings\Owner\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_0\
CHR - Extension: avast! Online Security = C:\Documents and Settings\Owner\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki\8.0.8_0\
CHR - Extension: RealDownloader = C:\Documents and Settings\Owner\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\idhngdhcfkoamngbedgpaokgjbnpdiji\1.3.3_0\
CHR - Extension: Google Wallet = C:\Documents and Settings\Owner\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.0_0\
CHR - Extension: Gmail = C:\Documents and Settings\Owner\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\
O1 HOSTS File: ([2013/12/29 21:39:23 | 000,000,098 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\Hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: ::1 localhost
O2 - BHO: (Adobe PDF Reader Link Helper) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
O2 - BHO: (PC Tools Browser Guard BHO) - {2A0F3D1B-0909-4FF4-B272-609CCE6054E7} - C:\Program Files\PC Tools\PC Tools Security\BDT\PCTBrowserDefender.dll (Threat Expert Ltd.)
O2 - BHO: (RealNetworks Download and Record Plugin for Internet Explorer) - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Documents and Settings\All Users\Application Data\RealNetworks\RealDownloader\BrowserPlugins\IE\rndlbrowserrecordplugin.dll (RealDownloader)
O2 - BHO: (avast! Online Security) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
O2 - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.7.9012.1008\swg.dll (Google Inc.)
O3 - HKLM\..\Toolbar: (PC Tools Browser Guard) - {472734EA-242A-422B-ADF8-83D1E48CC825} - C:\Program Files\PC Tools\PC Tools Security\BDT\PCTBrowserDefender.dll (Threat Expert Ltd.)
O3 - HKLM\..\Toolbar: (avast! Online Security) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
O3 - HKCU\..\Toolbar\WebBrowser: (PC Tools Browser Guard) - {472734EA-242A-422B-ADF8-83D1E48CC825} - C:\Program Files\PC Tools\PC Tools Security\BDT\PCTBrowserDefender.dll (Threat Expert Ltd.)
O4 - HKLM..\Run: [AvastUI.exe] C:\Program Files\AVAST Software\Avast\AvastUI.exe (AVAST Software)
O4 - HKLM..\Run: [Conime] C:\WINDOWS\system32\conime.exe (Microsoft Corporation)
O4 - HKLM..\Run: [CTStartup] C:\Program Files\Creative\Splash Screen\CTEaxSpl.EXE (Creative Technology Ltd.)
O4 - HKLM..\Run: [EKStatusMonitor] C:\Program Files\Kodak\AiO\StatusMonitor\EKStatusMonitor.exe (Eastman Kodak Company)
O4 - HKLM..\Run: [Jet Detection] C:\Program Files\Creative\SBLive\Program\ADGJDet.exe ()
O4 - HKLM..\Run: [MSC] c:\Program Files\Microsoft Security Client\msseces.exe (Microsoft Corporation)
O4 - HKLM..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe (Ahead Software Gmbh)
O4 - HKLM..\Run: [StartCCC] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.)
O4 - HKLM..\Run: [TkBellExe] C:\program files\real\realplayer\update\realsched.exe (RealNetworks, Inc.)
O4 - HKLM..\Run: [TPP Auto Loader] C:\WINDOWS\tppaldr.exe (In-System Design, Inc.)
O4 - HKLM..\Run: [WINDVDPatch] C:\WINDOWS\System32\CTHELPER.EXE (Creative Technology Ltd)
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\AdFender.lnk = C:\Program Files\AdFender\AdFender.exe (AdFender, Inc.)
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Adobe Gamma Loader.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe (Adobe Systems, Inc.)
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\NCProTray.lnk = C:\Program Files\SEC\Natural Color Pro\NCProTray.exe (Samsung)
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: =
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O12 - Plugin for: .spop - C:\Program Files\Internet Explorer\Plugins\NPDocBox.dll (InterTrust Technologies Corporation, Inc.)
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} http://www.update.mi...b?1369314406283 (WUWebControl Class)
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} http://www.update.mi...b?1369320571843 (MUWebControl Class)
O16 - DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} http://download.eset...lineScanner.cab (OnlineScanner Control)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{C6053F85-E4E6-423E-A872-BD18370BA919}: DhcpNameServer = 192.168.1.1
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\WINDOWS\system32\userinit.exe) - C:\WINDOWS\system32\userinit.exe (Microsoft Corporation)
O20 - Winlogon\Notify\AtiExtEvent: DllName - (Ati2evxx.dll) - C:\WINDOWS\System32\ati2evxx.dll (ATI Technologies Inc.)
O24 - Desktop WallPaper: C:\Documents and Settings\Owner\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O24 - Desktop BackupWallPaper: C:\Documents and Settings\Owner\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2013/05/23 11:24:05 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
========== Files/Folders - Created Within 30 Days ==========
[2013/12/29 21:39:03 | 000,000,000 | ---D | C] -- C:\_OTL
[2013/12/22 16:24:25 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Owner\Application Data\vlc
[2013/12/22 16:24:06 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\VideoLAN
[2013/12/22 16:14:51 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Combined Community Codec Pack
[2013/12/22 16:14:42 | 000,000,000 | ---D | C] -- C:\Program Files\Combined Community Codec Pack
[2013/12/21 22:53:05 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Owner\Desktop\Femi
[2013/12/21 20:22:50 | 000,000,000 | ---D | C] -- C:\WINDOWS\SoftwareDistribution
[2013/12/21 19:59:51 | 000,181,064 | ---- | C] (Sysinternals) -- C:\WINDOWS\PSEXESVC.EXE
[2013/12/21 19:58:24 | 000,000,000 | ---D | C] -- C:\RegBackup
[2013/12/21 18:58:10 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Owner\Start Menu\Programs\Tweaking.com
[2013/12/21 18:58:08 | 000,000,000 | ---D | C] -- C:\Program Files\Tweaking.com
[2013/12/19 08:59:57 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Owner\Desktop\SHOP FINANCES
[2013/12/19 08:59:49 | 000,000,000 | -HSD | C] -- C:\RECYCLER
[2013/12/16 22:52:31 | 000,000,000 | ---D | C] -- C:\Program Files\ESET
[2013/12/10 23:20:49 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\TEMP
[2013/12/10 23:07:39 | 000,000,000 | ---D | C] -- C:\WINDOWS\temp
[2013/12/10 22:55:08 | 000,000,000 | RHSD | C] -- C:\cmdcons
[2013/12/03 20:26:15 | 000,518,144 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWREG.exe
[2013/12/03 20:26:15 | 000,060,416 | ---- | C] (NirSoft) -- C:\WINDOWS\NIRCMD.exe
[2013/12/03 20:26:14 | 000,406,528 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWSC.exe
[2013/12/03 20:26:14 | 000,212,480 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWXCACLS.exe
[2013/12/03 19:42:58 | 000,000,000 | ---D | C] -- C:\Qoobox
[2013/12/03 19:42:43 | 000,000,000 | ---D | C] -- C:\Documents and Settings\LocalService\Application Data\KODAK AiO Home Center489310287
[2013/12/03 19:42:37 | 000,000,000 | ---D | C] -- C:\WINDOWS\erdnt
[2013/12/03 19:37:27 | 005,153,140 | R--- | C] (Swearware) -- C:\Documents and Settings\Owner\Desktop\ComboFix.exe
[2013/05/25 19:52:12 | 000,021,866 | ---- | C] (In-System Design, Inc.) -- C:\Program Files\Common Files\tppupd2k.dll
========== Files - Modified Within 30 Days ==========
[2013/12/29 21:45:29 | 000,433,580 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
[2013/12/29 21:45:29 | 000,068,218 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
[2013/12/29 21:41:26 | 000,000,278 | ---- | M] () -- C:\WINDOWS\tasks\RealPlayerRealUpgradeLogonTaskS-1-5-21-1292428093-1580818891-1801674531-1003.job
[2013/12/29 21:41:19 | 000,000,286 | ---- | M] () -- C:\WINDOWS\tasks\RealPlayerRealUpgradeScheduledTaskS-1-5-21-1292428093-1580818891-1801674531-1003.job
[2013/12/29 21:41:17 | 000,000,364 | -H-- | M] () -- C:\WINDOWS\tasks\avast! Emergency Update.job
[2013/12/29 21:40:57 | 000,000,880 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
[2013/12/29 21:40:57 | 000,000,300 | ---- | M] () -- C:\WINDOWS\tasks\RealDownloaderRealUpgradeLogonTaskS-1-5-21-1292428093-1580818891-1801674531-1003.job
[2013/12/29 21:40:47 | 000,013,646 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2013/12/29 21:40:43 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2013/12/29 21:39:46 | 000,024,888 | ---- | M] () -- C:\WINDOWS\System32\BMXCtrlState-{00000003-00000000-00000005-00001102-00000002-80641102}.rfx
[2013/12/29 21:39:46 | 000,024,888 | ---- | M] () -- C:\WINDOWS\System32\BMXBkpCtrlState-{00000003-00000000-00000005-00001102-00000002-80641102}.rfx
[2013/12/29 21:39:46 | 000,016,420 | ---- | M] () -- C:\WINDOWS\System32\BMXStateBkp-{00000003-00000000-00000005-00001102-00000002-80641102}.rfx
[2013/12/29 21:39:46 | 000,016,420 | ---- | M] () -- C:\WINDOWS\System32\BMXState-{00000003-00000000-00000005-00001102-00000002-80641102}.rfx
[2013/12/29 21:39:46 | 000,001,080 | ---- | M] () -- C:\WINDOWS\System32\settingsbkup.sfm
[2013/12/29 21:39:46 | 000,001,080 | ---- | M] () -- C:\WINDOWS\System32\settings.sfm
[2013/12/29 21:39:46 | 000,000,024 | ---- | M] () -- C:\WINDOWS\System32\DVCStateBkp-{00000003-00000000-00000005-00001102-00000002-80641102}.dat
[2013/12/29 21:39:46 | 000,000,024 | ---- | M] () -- C:\WINDOWS\System32\DVCState-{00000003-00000000-00000005-00001102-00000002-80641102}.dat
[2013/12/29 21:39:23 | 000,000,098 | ---- | M] () -- C:\WINDOWS\System32\drivers\etc\Hosts
[2013/12/29 21:33:01 | 000,000,884 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
[2013/12/29 01:45:06 | 000,000,384 | -H-- | M] () -- C:\WINDOWS\tasks\Microsoft Antimalware Scheduled Scan.job
[2013/12/28 22:38:05 | 000,015,872 | ---- | M] () -- C:\Documents and Settings\Owner\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2013/12/25 12:39:45 | 000,000,069 | ---- | M] () -- C:\WINDOWS\NeroDigital.ini
[2013/12/25 10:21:21 | 000,000,308 | ---- | M] () -- C:\WINDOWS\tasks\RealDownloaderRealUpgradeScheduledTaskS-1-5-21-1292428093-1580818891-1801674531-1003.job
[2013/12/23 23:22:04 | 000,000,326 | ---- | M] () -- C:\WINDOWS\tasks\RealDownloaderDownloaderScheduledTaskS-1-5-21-1292428093-1580818891-1801674531-1003.job
[2013/12/23 19:13:43 | 000,001,831 | ---- | M] () -- C:\Documents and Settings\Owner\Application Data\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk
[2013/12/23 19:13:43 | 000,001,813 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Google Chrome.lnk
[2013/12/21 20:21:51 | 000,215,264 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2013/12/21 20:21:40 | 000,549,180 | ---- | M] () -- C:\WINDOWS\System32\drivers\Cat.DB
[2013/12/21 20:19:15 | 000,181,064 | ---- | M] (Sysinternals) -- C:\WINDOWS\PSEXESVC.EXE
[2013/12/21 20:13:35 | 000,023,392 | ---- | M] () -- C:\WINDOWS\System32\nscompat.tlb
[2013/12/21 20:13:35 | 000,016,832 | ---- | M] () -- C:\WINDOWS\System32\amcompat.tlb
[2013/12/19 21:42:36 | 005,045,639 | ---- | M] () -- C:\Documents and Settings\Owner\Desktop\tweaking.com_windows_repair_aio_setup.exe
[2013/12/17 21:26:48 | 000,000,044 | ---- | M] () -- C:\Documents and Settings\Owner\Press
[2013/12/17 21:26:48 | 000,000,000 | ---- | M] () -- C:\Documents and Settings\Owner\and
[2013/12/15 22:41:22 | 000,001,393 | ---- | M] () -- C:\WINDOWS\imsins.BAK
[2013/12/15 20:40:02 | 000,692,616 | ---- | M] (Adobe Systems Incorporated) -- C:\WINDOWS\System32\FlashPlayerApp.exe
[2013/12/15 20:40:01 | 000,071,048 | ---- | M] (Adobe Systems Incorporated) -- C:\WINDOWS\System32\FlashPlayerCPLApp.cpl
[2013/12/10 23:11:01 | 000,000,027 | ---- | M] () -- C:\WINDOWS\System32\drivers\etc\hosts_bak_461
[2013/12/10 22:55:15 | 000,000,339 | RHS- | M] () -- C:\boot.ini
[2013/12/10 22:27:55 | 005,153,140 | R--- | M] (Swearware) -- C:\Documents and Settings\Owner\Desktop\ComboFix.exe
[2013/12/03 20:28:52 | 000,000,339 | ---- | M] () -- C:\Boot.bak
========== Files Created - No Company Name ==========
[2013/12/19 21:42:20 | 005,045,639 | ---- | C] () -- C:\Documents and Settings\Owner\Desktop\tweaking.com_windows_repair_aio_setup.exe
[2013/12/17 21:26:48 | 000,000,044 | ---- | C] () -- C:\Documents and Settings\Owner\Press
[2013/12/17 21:26:48 | 000,000,000 | ---- | C] () -- C:\Documents and Settings\Owner\and
[2013/12/03 20:28:51 | 000,000,339 | ---- | C] () -- C:\Boot.bak
[2013/12/03 20:28:49 | 000,260,272 | RHS- | C] () -- C:\cmldr
[2013/12/03 20:26:15 | 000,256,000 | ---- | C] () -- C:\WINDOWS\PEV.exe
[2013/12/03 20:26:15 | 000,208,896 | ---- | C] () -- C:\WINDOWS\MBR.exe
[2013/12/03 20:26:15 | 000,068,096 | ---- | C] () -- C:\WINDOWS\zip.exe
[2013/12/03 20:26:14 | 000,098,816 | ---- | C] () -- C:\WINDOWS\sed.exe
[2013/12/03 20:26:14 | 000,080,412 | ---- | C] () -- C:\WINDOWS\grep.exe
[2013/11/07 21:37:25 | 000,769,144 | ---- | C] () -- C:\WINDOWS\BDTSupport.dll
[2013/07/28 11:00:01 | 000,000,376 | ---- | C] () -- C:\WINDOWS\ODBC.INI
[2013/07/07 23:39:24 | 000,000,069 | ---- | C] () -- C:\WINDOWS\NeroDigital.ini
[2013/06/28 21:43:25 | 000,000,024 | ---- | C] () -- C:\WINDOWS\System32\DVCStateBkp-{00000003-00000000-00000005-00001102-00000002-80641102}.dat
[2013/06/28 21:43:25 | 000,000,024 | ---- | C] () -- C:\WINDOWS\System32\DVCState-{00000003-00000000-00000005-00001102-00000002-80641102}.dat
[2013/06/28 17:51:58 | 000,000,231 | ---- | C] () -- C:\WINDOWS\AC3API.INI
[2013/06/28 17:51:55 | 001,048,576 | ---- | C] () -- C:\WINDOWS\System32\SFMAN.DAT
[2013/06/28 17:51:18 | 000,034,914 | ---- | C] () -- C:\WINDOWS\System32\Emu10kx.ini
[2013/06/28 17:51:18 | 000,000,029 | ---- | C] () -- C:\WINDOWS\System32\ctzapxx.ini
[2013/06/28 17:51:15 | 000,179,669 | ---- | C] () -- C:\WINDOWS\System32\ctstatic.dat
[2013/06/28 17:51:14 | 000,163,933 | ---- | C] () -- C:\WINDOWS\System32\ctdlang.dat
[2013/06/28 17:51:14 | 000,112,387 | ---- | C] () -- C:\WINDOWS\System32\ctbasicw.dat
[2013/06/28 17:51:14 | 000,112,287 | ---- | C] () -- C:\WINDOWS\System32\CTBAS2W.DAT
[2013/06/28 17:51:14 | 000,044,055 | ---- | C] () -- C:\WINDOWS\System32\ctdaught.dat
[2013/06/28 17:51:10 | 000,036,864 | ---- | C] () -- C:\WINDOWS\System32\REGPLIB.EXE
[2013/06/28 17:51:09 | 000,176,128 | ---- | C] () -- C:\WINDOWS\PSCONV.EXE
[2013/06/28 17:51:09 | 000,049,152 | ---- | C] () -- C:\WINDOWS\System32\KILLAPPS.EXE
[2013/06/28 17:51:08 | 000,000,166 | ---- | C] () -- C:\WINDOWS\System32\KILL.INI
[2013/06/28 17:51:03 | 000,049,152 | ---- | C] ( ) -- C:\WINDOWS\System32\a3d.dll
[2013/05/25 19:54:26 | 000,015,872 | ---- | C] () -- C:\Documents and Settings\Owner\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2013/05/25 19:18:13 | 000,000,011 | ---- | C] () -- C:\WINDOWS\SBWIN.INI
[2013/05/25 19:06:27 | 000,178,304 | ---- | C] () -- C:\WINDOWS\System32\drivers\aswVmm.sys
[2013/05/25 19:06:26 | 000,049,944 | ---- | C] () -- C:\WINDOWS\System32\drivers\aswRvrt.sys
[2013/05/25 18:22:47 | 000,013,396 | ---- | C] () -- C:\WINDOWS\System32\drivers\MTictwl.sys
[2013/05/23 13:32:11 | 000,003,072 | ---- | C] () -- C:\WINDOWS\System32\iacenc.dll
[2013/05/23 12:12:12 | 000,004,161 | ---- | C] () -- C:\WINDOWS\ODBCINST.INI
[2013/05/23 12:11:09 | 000,215,264 | ---- | C] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2013/05/23 11:49:26 | 000,021,736 | ---- | C] () -- C:\WINDOWS\System32\drivers\RTAIODAT.DAT
[2013/05/23 11:48:24 | 000,081,936 | ---- | C] () -- C:\WINDOWS\System32\RtNicProp32.dll
[2013/05/23 11:42:37 | 000,000,000 | ---- | C] () -- C:\WINDOWS\ativpsrm.bin
[2013/05/23 11:37:53 | 000,593,920 | ---- | C] () -- C:\WINDOWS\System32\ati2sgag.exe
[2013/05/23 11:25:38 | 000,002,048 | --S- | C] () -- C:\WINDOWS\bootstat.dat
[2013/05/23 11:21:39 | 000,021,640 | ---- | C] () -- C:\WINDOWS\System32\emptyregdb.dat
[2012/09/24 12:31:08 | 000,001,119 | ---- | C] () -- C:\WINDOWS\System32\EKaio2WiaCoInst.ini
========== ZeroAccess Check ==========
[2013/05/23 11:38:45 | 000,000,227 | RHS- | M] () -- C:\WINDOWS\assembly\Desktop.ini
[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shdocvw.dll -- [2013/04/16 21:18:26 | 001,510,400 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = c:\windows\system32\wbem\fastprox.dll -- [2009/02/09 12:10:48 | 000,473,600 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
"" = c:\windows\system32\wbem\wbemess.dll -- [2008/04/14 12:00:00 | 000,273,920 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both
< End of report >
As always, thank you for your continued support.
