suarezlfc

Members

View Profile See their activity

Posts
79
Joined
May 9, 2011
Last visited
July 26, 2013

Tech Info

Experience
beginner
System: windows_xp_home

suarezlfc's Achievements

Newbie (1/14)

Reputation

bizcoaching!

suarezlfc replied to suarezlfc's topic in Tech Support & Discussions Forum

ComboFix 13-07-25.02 - neil fulton 22/07/2013 17:19:04.4.2 - x86 Microsoft Windows XP Home Edition 5.1.2600.3.1252.44.1033.18.1022.294 [GMT 1:00] Running from: d:\documents and settings\neil fulton\My Documents\Downloads\ComboFix.exe AV: AVG Internet Security 2013 *Disabled/Updated* {17DDD097-36FF-435F-9E1B-52D74245D6BF} AV: Microsoft Security Essentials *Enabled/Updated* {EDB4FA23-53B8-4AFA-8C5D-99752CCA7095} FW: AVG Internet Security 2013 *Disabled* {17DDD097-36FF-435F-9E1B-52D74245D6BF} . . ((((((((((((((((((((((((((((((((((((((( Other Deletions ))))))))))))))))))))))))))))))))))))))))))))))))) . . c:\program files\WinPCap c:\program files\WinPCap\daemon_mgm.exe c:\program files\WinPCap\npf_mgm.exe c:\program files\WinPCap\rpcapd.exe c:\windows\ime\shared\imepadsv.exe c:\windows\system32\Cache c:\windows\system32\Cache\075884af680ff6dc.fb c:\windows\system32\Cache\227113dfa1ca894d.fb c:\windows\system32\Cache\33c3d8fb31f8c0f0.fb c:\windows\system32\Cache\49fbbc5a8678d502.fb c:\windows\system32\Cache\5c54eb1a1655b076.fb c:\windows\system32\Cache\613e8ce7ab7106af.fb c:\windows\system32\Cache\633a76311867bd11.fb c:\windows\system32\Cache\691f14230153a9e1.fb c:\windows\system32\Cache\6cb409d7ac73d9f1.fb c:\windows\system32\Cache\7614bd6cfa99e546.fb c:\windows\system32\Cache\77664b6ccc36be9f.fb c:\windows\system32\Cache\881b3593316772f0.fb c:\windows\system32\Cache\98657d0579ae1930.fb c:\windows\system32\Cache\ad188cdd908eace9.fb c:\windows\system32\Cache\c4e10d1be905349b.fb c:\windows\system32\Cache\d5c0f4e7bbe35bf3.fb c:\windows\system32\Cache\d9ca663388d21ec0.fb c:\windows\system32\Cache\f2cda51fd108941f.fb c:\windows\system32\Cache\f34d8db84131d925.fb c:\windows\system32\Packet.dll c:\windows\system32\pthreadVC.dll c:\windows\system32\WanPacket.dll c:\windows\system32\wpcap.dll c:\windows\tmp c:\windows\tmp\system.bak d:\documents and settings\All Users\Application Data\TEMP D:\install.exe . . ((((((((((((((((((((((((((((((((((((((( Drivers/Services ))))))))))))))))))))))))))))))))))))))))))))))))) . . -------\Legacy_NPF -------\Service_NPF . . ((((((((((((((((((((((((( Files Created from 2013-06-22 to 2013-07-22 ))))))))))))))))))))))))))))))) . . 2027-03-30 20:52 . 2027-03-30 20:52 -------- d-----w- d:\documents and settings\neil fulton\Local Settings\Application Data\PCHealth 2013-07-22 16:06 . 2013-07-22 16:06 29904 ----a-w- d:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{05034046-188B-4444-9C4F-31B1EBFDFD84}\MpKsl654e3556.sys 2013-07-17 22:54 . 2013-07-02 06:54 7143960 ----a-w- d:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{05034046-188B-4444-9C4F-31B1EBFDFD84}\mpengine.dll 2013-07-12 16:40 . 2013-07-02 06:54 7143960 ----a-w- d:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\Backup\mpengine.dll 2013-07-07 17:24 . 2013-07-07 17:24 144896 ----a-w- c:\windows\system32\javacpl.cpl 2013-07-07 17:24 . 2013-07-07 17:24 94632 ----a-w- c:\windows\system32\WindowsAccessBridge.dll 2013-07-02 14:13 . 2013-07-02 14:13 -------- d-----w- c:\program files\iPod 2013-07-02 14:13 . 2013-07-02 14:14 -------- d-----w- d:\documents and settings\All Users\Application Data\188F1432-103A-4ffb-80F1-36B633C5C9E1 2013-07-02 14:13 . 2013-07-02 14:14 -------- d-----w- c:\program files\iTunes 2013-07-02 14:06 . 2013-07-02 14:06 159744 ----a-w- c:\program files\Internet Explorer\PLUGINS\npqtplugin6.dll 2013-07-02 14:06 . 2013-07-02 14:06 159744 ----a-w- c:\program files\Internet Explorer\PLUGINS\npqtplugin5.dll 2013-07-02 14:06 . 2013-07-02 14:06 159744 ----a-w- c:\program files\Internet Explorer\PLUGINS\npqtplugin4.dll 2013-07-02 14:06 . 2013-07-02 14:06 159744 ----a-w- c:\program files\Internet Explorer\PLUGINS\npqtplugin3.dll 2013-07-02 14:06 . 2013-07-02 14:06 159744 ----a-w- c:\program files\Internet Explorer\PLUGINS\npqtplugin2.dll 2013-07-02 14:06 . 2013-07-02 14:06 159744 ----a-w- c:\program files\Internet Explorer\PLUGINS\npqtplugin.dll 2013-07-02 14:05 . 2013-07-02 14:06 -------- d-----w- c:\program files\QuickTime 2013-07-02 12:49 . 2013-07-02 12:49 -------- d-----w- d:\documents and settings\All Users\Application Data\Applications 2013-07-01 17:33 . 2013-07-02 12:31 -------- d-----w- d:\documents and settings\neil fulton\Application Data\Nokia Suite 2013-07-01 17:32 . 2013-07-01 17:33 -------- d-----w- d:\documents and settings\neil fulton\Application Data\Nokia 2013-07-01 17:30 . 2008-04-13 17:45 26112 ----a-w- c:\windows\system32\drivers\usbser.sys 2013-07-01 17:30 . 2008-04-13 17:45 26112 ----a-w- c:\windows\system32\dllcache\usbser.sys 2013-06-30 19:03 . 2013-07-01 17:29 -------- d-----w- d:\documents and settings\neil fulton\Local Settings\Application Data\Nokia 2013-06-30 19:02 . 2013-07-01 17:32 -------- d-----w- d:\documents and settings\neil fulton\Application Data\PC Suite 2013-06-30 19:02 . 2013-06-30 19:02 -------- d-----w- d:\documents and settings\All Users\Application Data\PC Suite 2013-06-30 18:55 . 2013-06-30 19:01 -------- d-----w- d:\documents and settings\All Users\Application Data\Nokia 2013-06-30 18:55 . 2013-06-30 18:57 -------- d-----w- c:\program files\Common Files\Nokia 2013-06-30 18:54 . 2012-10-17 13:53 19072 ----a-w- c:\windows\system32\drivers\pccsmcfd.sys 2013-06-30 18:53 . 2013-06-30 18:53 -------- d-----w- c:\program files\PC Connectivity Solution 2013-06-30 18:53 . 2013-01-23 09:31 8576 ----a-w- c:\windows\system32\drivers\nmwcdnsuc.sys 2013-06-30 18:53 . 2013-01-23 09:31 137600 ----a-w- c:\windows\system32\drivers\nmwcdnsu.sys 2013-06-30 18:53 . 2013-01-23 09:31 8192 ----a-w- c:\windows\system32\drivers\usbser_lowerfltj.sys 2013-06-30 18:53 . 2013-01-23 09:31 8192 ----a-w- c:\windows\system32\drivers\usbser_lowerflt.sys 2013-06-30 18:53 . 2013-01-23 09:31 23168 ----a-w- c:\windows\system32\drivers\ccdcmbo.sys 2013-06-30 18:53 . 2013-01-23 09:31 69632 ----a-w- c:\windows\system32\nmwcdcocls.dll 2013-06-30 18:53 . 2013-01-23 09:31 18560 ----a-w- c:\windows\system32\drivers\ccdcmb.sys 2013-06-30 18:53 . 2013-01-23 09:31 123904 ----a-w- c:\windows\system32\ccdcmbwu.dll 2013-06-30 18:53 . 2012-06-11 12:04 1461992 ----a-w- c:\windows\system32\wdfcoinstaller01009.dll 2013-06-30 18:53 . 2013-01-23 09:31 75264 ----a-w- c:\windows\system32\nmwcdcls.dll 2013-06-30 18:45 . 2013-06-30 18:55 -------- d-----w- c:\program files\Nokia . . . (((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))))) . 2013-07-07 17:24 . 2012-01-21 09:01 867240 ----a-w- c:\windows\system32\npdeployJava1.dll 2013-07-07 17:24 . 2011-05-10 12:46 789416 ----a-w- c:\windows\system32\deployJava1.dll 2013-06-08 10:41 . 2012-03-28 09:36 692104 ----a-w- c:\windows\system32\FlashPlayerApp.exe 2013-06-08 10:41 . 2011-05-18 10:09 71048 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl 2013-06-07 22:55 . 2004-08-10 15:37 385024 ----a-w- c:\windows\system32\html.iec 2013-06-07 21:56 . 2004-08-10 15:38 920064 ----a-w- c:\windows\system32\wininet.dll 2013-06-07 21:56 . 2004-08-10 15:37 43520 ----a-w- c:\windows\system32\licmgr10.dll 2013-06-07 21:56 . 2004-08-10 15:37 1469440 ----a-w- c:\windows\system32\inetcpl.cpl 2013-06-04 07:23 . 2004-08-10 15:38 562688 ----a-w- c:\windows\system32\qedit.dll 2013-06-04 01:40 . 2004-08-10 15:38 1876736 ----a-w- c:\windows\system32\win32k.sys 2013-05-08 23:28 . 2006-10-18 21:47 1543680 ------w- c:\windows\system32\wmvdecod.dll 2013-05-03 01:30 . 2004-08-10 15:38 2149888 ----a-w- c:\windows\system32\ntoskrnl.exe 2013-05-03 00:38 . 2004-08-03 21:59 2028544 ----a-w- c:\windows\system32\ntkrnlpa.exe 2013-05-02 01:06 . 2011-11-05 11:48 238872 ------w- c:\windows\system32\MpSigStub.exe 2013-05-01 02:59 . 2013-05-01 02:59 94208 ----a-w- c:\windows\system32\QuickTimeVR.qtx 2013-05-01 02:59 . 2013-05-01 02:59 69632 ----a-w- c:\windows\system32\QuickTime.qts . . ((((((((((((((((((((((((((((((((((((( Reg Loading Points )))))))))))))))))))))))))))))))))))))))))))))))))) . . *Note* empty entries & legit default entries are not shown REGEDIT4 . [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "SmpcSys"="c:\apps\SMP\SmpSys.exe" [2005-11-17 975360] "Steam"="c:\program files\Steam\Steam.exe" [2013-07-10 1672616] "swg"="c:\program files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2012-08-26 39408] "NokiaSuite.exe"="c:\program files\Nokia\Nokia Suite\NokiaSuite.exe" [2013-04-19 1090912] . [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "PHIME2002ASync"="c:\windows\system32\IME\TINTLGNT\TINTSETP.EXE" [2004-08-04 455168] "PHIME2002A"="c:\windows\system32\IME\TINTLGNT\TINTSETP.EXE" [2004-08-04 455168] "SMSERIAL"="sm56hlpr.exe" [2005-10-18 557056] "High Definition Audio Property Page Shortcut"="HDAShCut.exe" [2005-01-07 61952] "RTHDCPL"="RTHDCPL.EXE" [2005-12-09 15691264] "Vade Retro Outlook Express"="c:\progra~1\GOTOSO~1\VADERE~1\Vaderetro_oe.exe" [2004-10-04 310272] "Ulead AutoDetector v2"="c:\program files\Common Files\Ulead Systems\AutoDetector\monitor.exe" [2004-11-26 90112] "PCMService"="c:\apps\Powercinema\PCMService.exe" [2005-11-16 143360] "IMJPMIG8.1"="c:\windows\IME\imjp8_1\IMJPMIG.EXE" [2004-08-04 208952] "DHSClient.exe"="c:\program files\Virgin Media\Digital Home Support\DHSClient.exe" [2011-03-23 2032952] "APSDaemon"="c:\program files\Common Files\Apple\Apple Application Support\APSDaemon.exe" [2013-04-21 59720] "Monitor"="c:\program files\LeapFrog\LeapFrog Connect\Monitor.exe" [2011-11-12 268640] "ServiceManager.exe"="c:\program files\Virgin Media\Service Manager\ServiceManager.exe" [2011-11-16 10200376] "Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2012-01-03 843712] "Wireless Manager"="c:\program files\Virgin Broadband Wireless\Wireless Manager.exe" [2008-05-26 585728] "MSC"="c:\program files\Microsoft Security Client\msseces.exe" [2013-01-27 947152] "QuickTime Task"="c:\program files\QuickTime\QTTask.exe" [2013-05-01 421888] "iTunesHelper"="c:\program files\iTunes\iTunesHelper.exe" [2013-05-31 152392] "SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2013-03-12 253816] . [HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run] "CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-14 15360] . d:\documents and settings\All Users\Start Menu\Programs\Startup\ HP Digital Imaging Monitor.lnk - c:\program files\HP\Digital Imaging\bin\hpqtra08.exe [2005-5-11 282624] Secunia PSI Tray.lnk - c:\program files\Secunia\PSI\psi_tray.exe [2012-6-27 572000] . [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\HsdService] @="Service" . [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc] @="Service" . [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\ServicepointService] @="Service" . [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys] @="Driver" . [HKEY_LOCAL_MACHINE\software\microsoft\security center] "AntiVirusOverride"=dword:00000001 . [HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecFirewall] "DisableMonitoring"=dword:00000001 . [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List] "c:\\Program Files\\Virgin Broadband Wireless\\Wireless Manager.exe"= "c:\\Program Files\\Common Files\\Apple\\Apple Application Support\\WebKit2WebProcess.exe"= "c:\\Program Files\\iTunes\\iTunes.exe"= . R0 SmartDefragDriver;SmartDefragDriver;c:\windows\system32\drivers\SmartDefragDriver.sys [29/12/2011 21:32 14776] R1 MpKsl654e3556;MpKsl654e3556;d:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{05034046-188B-4444-9C4F-31B1EBFDFD84}\MpKsl654e3556.sys [22/07/2013 17:06 29904] R2 HsdService;HsdService;c:\program files\Virgin Media\Digital Home Support\HsdService.exe [09/05/2011 16:02 1406264] R2 McAfee SiteAdvisor Service;McAfee SiteAdvisor Service;c:\progra~1\mcafee\SITEAD~1\mcsacore.exe [06/06/2011 17:47 101552] R2 Secunia PSI Agent;Secunia PSI Agent;c:\program files\Secunia\PSI\psia.exe [27/06/2012 08:25 1326176] R2 Secunia Update Agent;Secunia Update Agent;c:\program files\Secunia\PSI\sua.exe [27/06/2012 08:25 681056] R2 ServicepointService;ServicepointService;c:\program files\Virgin Media\Service Manager\ServicepointService.exe [19/12/2011 19:51 10310968] R3 PSI;PSI;c:\windows\system32\drivers\psi_mf.sys [16/12/2011 15:19 15544] S3 FlyUsb;FLY Fusion;c:\windows\system32\drivers\FlyUsb.sys [26/02/2008 20:33 18560] S3 Leapfrog-USBLAN;Leapfrog-USBLAN;c:\windows\system32\drivers\btblan.sys [20/11/2011 16:33 33792] S3 nmwcdnsu;Nokia USB Flashing Phone Parent;c:\windows\system32\drivers\nmwcdnsu.sys [30/06/2013 19:53 137600] S3 nmwcdnsuc;Nokia USB Flashing Generic;c:\windows\system32\drivers\nmwcdnsuc.sys [30/06/2013 19:53 8576] . --- Other Services/Drivers In Memory --- . *NewlyCreated* - WS2IFSL . Contents of the 'Scheduled Tasks' folder . 2013-07-22 c:\windows\Tasks\Adobe Flash Player Updater.job - c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2012-03-28 10:41] . 2013-07-02 c:\windows\Tasks\AppleSoftwareUpdate.job - c:\program files\Apple Software Update\SoftwareUpdate.exe [2011-06-01 16:57] . 2013-07-22 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job - c:\program files\Google\Update\GoogleUpdate.exe [2012-01-10 14:49] . 2013-07-22 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job - c:\program files\Google\Update\GoogleUpdate.exe [2012-01-10 14:49] . 2013-07-22 c:\windows\Tasks\Microsoft Antimalware Scheduled Scan.job - c:\program files\Microsoft Security Client\MpCmdRun.exe [2013-01-27 10:11] . 2013-07-22 c:\windows\Tasks\SmartDefrag_Startup.job - c:\program files\IObit\Smart Defrag 2\SmartDefrag.exe [2011-12-29 10:35] . . ------- Supplementary Scan ------- . uStart Page = hxxp://www.google.co.uk/ mStart Page = hxxp://www.google.com TCP: DhcpNameServer = 192.168.1.1 . - - - - ORPHANS REMOVED - - - - . AddRemove-vShare.tv plugin - c:\program files\vShare.tv plugin\uninst.exe AddRemove-{ec4b6105-e039-42fb-8e18-c8aa393f0018}_is1 - c:\program files\VshareComplete\unins000.exe . . . ************************************************************************** . catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net Rootkit scan 2013-07-22 17:38 Windows 5.1.2600 Service Pack 3 NTFS . scanning hidden processes ... . scanning hidden autostart entries ... . scanning hidden files ... . scan completed successfully hidden files: 0 . ************************************************************************** . --------------------- LOCKED REGISTRY KEYS --------------------- . [HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}] @Denied: (A 2) (Everyone) @="FlashBroker" "LocalizedString"="@c:\\WINDOWS\\system32\\Macromed\\Flash\\FlashUtil32_11_7_700_224_ActiveX.exe,-101" . [HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation] "Enabled"=dword:00000001 . [HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32] @="c:\\WINDOWS\\system32\\Macromed\\Flash\\FlashUtil32_11_7_700_224_ActiveX.exe" . [HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib] @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}" . [HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}] @Denied: (A 2) (Everyone) @="IFlashBroker5" . [HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32] @="{00020424-0000-0000-C000-000000000046}" . [HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib] @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}" "Version"="1.0" . --------------------- DLLs Loaded Under Running Processes --------------------- . - - - - - - - > 'explorer.exe'(4276) c:\windows\system32\WININET.dll c:\progra~1\mcafee\SITEAD~1\saHook.dll c:\progra~1\GOTOSO~1\VADERE~1\VrOe_hook.dll c:\windows\system32\ieframe.dll c:\windows\system32\webcheck.dll c:\windows\system32\WPDShServiceObj.dll c:\windows\system32\PortableDeviceTypes.dll c:\windows\system32\PortableDeviceApi.dll . ------------------------ Other Running Processes ------------------------ . c:\program files\Microsoft Security Client\MsMpEng.exe c:\program files\Virgin Broadband Wireless\AffinegyService.exe c:\program files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe c:\apps\Powercinema\Kernel\TV\CLCapSvc.exe c:\apps\Powercinema\Kernel\CLML_NTService\CLMLServer.exe c:\apps\Powercinema\Kernel\CLML_NTService\CLMLService.exe c:\program files\Java\jre7\bin\jqs.exe c:\program files\LeapFrog\LeapFrog Connect\CommandService.exe c:\program files\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe c:\program files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe c:\apps\Powercinema\Kernel\TV\CLSched.exe c:\windows\sm56hlpr.exe c:\windows\RTHDCPL.EXE c:\windows\system32\rundll32.exe c:\program files\Virgin Broadband Wireless\ndis_events.exe c:\program files\iPod\bin\iPodService.exe c:\program files\HP\Digital Imaging\bin\hpqSTE08.exe c:\program files\PC Connectivity Solution\ServiceLayer.exe c:\program files\PC Connectivity Solution\Transports\NclUSBSrv.exe c:\program files\PC Connectivity Solution\Transports\NclMSBTSrv.exe . ************************************************************************** . Completion time: 2013-07-22 17:43:02 - machine was rebooted ComboFix-quarantined-files.txt 2013-07-22 16:42 . Pre-Run: 17,595,707,392 bytes free Post-Run: 17,406,660,608 bytes free . - - End Of File - - B62D83D00918E2D627C84C0B30032B0F 8F558EB6672622401DA993E1E865C861
- July 26, 2013
- 13 replies
bizcoaching!

suarezlfc replied to suarezlfc's topic in Tech Support & Discussions Forum

rogue killer log RogueKiller V8.6.3 [Jul 17 2013] by Tigzy mail : tigzyRK<at>gmail<dot>com Feedback : http://www.adlice.com/forum/ Website : http://www.adlice.com/softwares/roguekiller/ Blog : http://tigzyrk.blogspot.com/ Operating System : Windows XP (5.1.2600 Service Pack 3) 32 bits version Started in : Normal mode User : neil fulton [Admin rights] Mode : Scan -- Date : 07/14/2013 22:21:52 | ARK || FAK || MBR | ¤¤¤ Bad processes : 1 ¤¤¤ [sUSP PATH] sm56hlpr.exe -- C:\WINDOWS\sm56hlpr.exe [7] -> KILLED [TermProc] ¤¤¤ Registry Entries : 5 ¤¤¤ [HJ POL] HKCU\[...]\System : DisableRegistryTools (0) -> FOUND [HJ POL] HKLM\[...]\System : DisableRegistryTools (0) -> FOUND [HJ DESK] HKLM\[...]\NewStartPanel : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> FOUND [EXT RUN][sUSP PATH] HKCU\lindsay fulton_ON_D:\[...]\Run : M5T8QL3YW3 (D:\DOCUME~1\LINDSA~1\LOCALS~1\Temp\Shl.exe [x]) -> FOUND [EXT RUNONCE][sUSP PATH] HKCU\lindsay fulton_ON_D:\[...]\RunOnce : cN01803FfCfF01803 (D:\Documents and Settings\All Users\Application Data\cN01803FfCfF01803\cN01803FfCfF01803.exe [x][x]) -> FOUND ¤¤¤ Scheduled tasks : 0 ¤¤¤ ¤¤¤ Startup Entries : 0 ¤¤¤ ¤¤¤ Web browsers : 0 ¤¤¤ ¤¤¤ Particular Files / Folders: ¤¤¤ [ZeroAccess][Folder] U : C:\RECYCLER\S-1-5-18\$0714c658809f9a76d159c2750deb5544\U [-] --> FOUND [ZeroAccess][Folder] U : C:\RECYCLER\S-1-5-21-2908480339-1261026855-1997213502-1006\$0714c658809f9a76d159c2750deb5544\U [-] --> FOUND [ZeroAccess][Folder] L : C:\RECYCLER\S-1-5-18\$0714c658809f9a76d159c2750deb5544\L [-] --> FOUND [ZeroAccess][Folder] L : C:\RECYCLER\S-1-5-21-2908480339-1261026855-1997213502-1006\$0714c658809f9a76d159c2750deb5544\L [-] --> FOUND ¤¤¤ Driver : [LOADED] ¤¤¤ ¤¤¤ External Hives: ¤¤¤ -> D:\Documents and Settings\All Users\NTUSER.DAT -> D:\Documents and Settings\Default User\NTUSER.DAT D:\Documents and Settings\Owner\Start Menu\Programs\Startup -> D:\Documents and Settings\lindsay fulton\NTUSER.DAT D:\Documents and Settings\lindsay fulton\Start Menu\Programs\Startup -> D:\Documents and Settings\LocalService\NTUSER.DAT -> D:\Documents and Settings\LocalService.NT AUTHORITY\NTUSER.DAT D:\Documents and Settings\LocalService.NT AUTHORITY\Start Menu\Programs\Startup -> D:\Documents and Settings\neil fulton\NTUSER.DAT -> D:\Documents and Settings\NetworkService\NTUSER.DAT -> D:\Documents and Settings\NetworkService.NT AUTHORITY\NTUSER.DAT D:\Documents and Settings\NetworkService.NT AUTHORITY\Start Menu\Programs\Startup -> D:\Documents and Settings\ShopperReports3\NTUSER.DAT -> D:\Documents and Settings\UpdatusUser\NTUSER.DAT ¤¤¤ Infection : ZeroAccess ¤¤¤ ¤¤¤ HOSTS File: ¤¤¤ --> %SystemRoot%\System32\drivers\etc\hosts ÿþ1 ¤¤¤ MBR Check: ¤¤¤ +++++ PhysicalDrive0: ST3160812AS +++++ --- User --- [MBR] ecea8916f5ebeec9b928740ac0421e1a [bSP] 987cf5983f07a295a06cf311d092e291 : Windows XP MBR Code Partition table: 0 - [ACTIVE] NTFS (0x07) [VISIBLE] Offset (sectors): 63 | Size: 38703 Mo 1 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 79280775 | Size: 113906 Mo User = LL1 ... OK! User = LL2 ... OK! Finished : << RKreport[0]_S_07142013_222152.txt >>
- July 18, 2013
- 13 replies
bizcoaching!

suarezlfc replied to suarezlfc's topic in Tech Support & Discussions Forum

hi starbuck were will i find radialpoint security advisor had a look on my programmes but couldnt see it here is the new otl log All processes killed ========== OTL ========== No active process named AOLacsd.exe was found! Service AOL ACS stopped successfully! Service AOL ACS deleted successfully! C:\Program Files\Common Files\AOL\ACS\AOLacsd.exe moved successfully. Service AFGMp50 stopped successfully! Service AFGMp50 deleted successfully! File System32\Drivers\AFGMp50.sys File not found not found. Error: No service named wanatw) WAN Miniport (ATW was found to stop! Service\Driver key wanatw) WAN Miniport (ATW not found. C:\WINDOWS\system32\drivers\wanatw4.sys moved successfully. Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\KernelFaultCheck deleted successfully. Registry value HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run\\ deleted successfully. Registry key HKEY_CURRENT_USER\Software\Policies\Microsoft\Internet Explorer\Control Panel\ deleted successfully. Registry key HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\WinSock2\Parameters\Protocol_Catalog9\Catalog_Entries\000000000004\ deleted successfully. Registry key HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\WinSock2\Parameters\Protocol_Catalog9\Catalog_Entries\000000000005\ deleted successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\StartUpReg\CTFMON.EXE\ deleted successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\StartUpReg\HP Software Update\ deleted successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\StartUpReg\NvCplDaemon\ deleted successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\StartUpReg\nwiz\ deleted successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\StartUpReg\QuickTime Task\ deleted successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\StartUpReg\RealTray\ deleted successfully. D:\Documents and Settings\All Users\Application Data\AVG2013\log folder moved successfully. D:\Documents and Settings\All Users\Application Data\AVG2013\IDS\quarantine folder moved successfully. D:\Documents and Settings\All Users\Application Data\AVG2013\IDS\config folder moved successfully. D:\Documents and Settings\All Users\Application Data\AVG2013\IDS folder moved successfully. D:\Documents and Settings\All Users\Application Data\AVG2013\DB folder moved successfully. D:\Documents and Settings\All Users\Application Data\AVG2013\Cfg folder moved successfully. D:\Documents and Settings\All Users\Application Data\AVG2013 folder moved successfully. D:\Documents and Settings\All Users\Application Data\BabylonIM folder moved successfully. D:\Documents and Settings\neil fulton\Application Data\AVG2013\cfgall folder moved successfully. D:\Documents and Settings\neil fulton\Application Data\AVG2013 folder moved successfully. D:\Documents and Settings\neil fulton\Application Data\Azureus\torrents folder moved successfully. D:\Documents and Settings\neil fulton\Application Data\Azureus\tmp folder moved successfully. D:\Documents and Settings\neil fulton\Application Data\Azureus\shares folder moved successfully. D:\Documents and Settings\neil fulton\Application Data\Azureus\rss folder moved successfully. D:\Documents and Settings\neil fulton\Application Data\Azureus\plugins\mlab folder moved successfully. D:\Documents and Settings\neil fulton\Application Data\Azureus\plugins\azupnpav folder moved successfully. D:\Documents and Settings\neil fulton\Application Data\Azureus\plugins\aefeatman_v folder moved successfully. D:\Documents and Settings\neil fulton\Application Data\Azureus\plugins folder moved successfully. D:\Documents and Settings\neil fulton\Application Data\Azureus\net folder moved successfully. D:\Documents and Settings\neil fulton\Application Data\Azureus\logs folder moved successfully. D:\Documents and Settings\neil fulton\Application Data\Azureus\dht folder moved successfully. D:\Documents and Settings\neil fulton\Application Data\Azureus\devices folder moved successfully. D:\Documents and Settings\neil fulton\Application Data\Azureus\active folder moved successfully. D:\Documents and Settings\neil fulton\Application Data\Azureus folder moved successfully. D:\Documents and Settings\neil fulton\Application Data\BitLord\state folder moved successfully. D:\Documents and Settings\neil fulton\Application Data\BitLord\plugins folder moved successfully. D:\Documents and Settings\neil fulton\Application Data\BitLord\ipc folder moved successfully. D:\Documents and Settings\neil fulton\Application Data\BitLord\icons folder moved successfully. D:\Documents and Settings\neil fulton\Application Data\BitLord\favicons folder moved successfully. D:\Documents and Settings\neil fulton\Application Data\BitLord\BrowserCache folder moved successfully. D:\Documents and Settings\neil fulton\Application Data\BitLord folder moved successfully. ========== FILES ========== File\Folder C:\Program Files\AVG not found. < ipconfig /flushdns /c > Windows IP Configuration Successfully flushed the DNS Resolver Cache. D:\Documents and Settings\neil fulton\My Documents\Downloads\cmd.bat deleted successfully. D:\Documents and Settings\neil fulton\My Documents\Downloads\cmd.txt deleted successfully. ========== COMMANDS ========== [EMPTYTEMP] User: All Users User: Default User ->Temp folder emptied: 0 bytes User: lindsay fulton ->Temp folder emptied: 0 bytes ->Java cache emptied: 0 bytes ->FireFox cache emptied: 0 bytes ->Google Chrome cache emptied: 0 bytes ->Flash cache emptied: 0 bytes User: LocalService ->Temp folder emptied: 66016 bytes ->Flash cache emptied: 10119 bytes User: LocalService.NT AUTHORITY ->Temp folder emptied: 0 bytes User: neil fulton ->Temp folder emptied: 458255348 bytes ->Temporary Internet Files folder emptied: 1999219 bytes ->Java cache emptied: 0 bytes ->Google Chrome cache emptied: 106479904 bytes ->Flash cache emptied: 3362 bytes User: NetworkService ->Temp folder emptied: 1244344 bytes ->Temporary Internet Files folder emptied: 93357272 bytes User: NetworkService.NT AUTHORITY ->Temp folder emptied: 0 bytes User: ShopperReports3 User: UpdatusUser ->Temp folder emptied: 0 bytes %systemdrive% .tmp files removed: 0 bytes %systemroot% .tmp files removed: 0 bytes %systemroot%\System32 .tmp files removed: 0 bytes %systemroot%\System32\dllcache .tmp files removed: 0 bytes %systemroot%\System32\drivers .tmp files removed: 0 bytes Windows Temp folder emptied: 88087050 bytes %systemroot%\system32\config\systemprofile\Local Settings\Temp folder emptied: 212322870 bytes %systemroot%\system32\config\systemprofile\Local Settings\Temporary Internet Files folder emptied: 33170 bytes RecycleBin emptied: 1500546 bytes Total Files Cleaned = 919.00 mb C:\WINDOWS\System32\drivers\etc\Hosts moved successfully. HOSTS file reset successfully HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\WinSock2\Parameters\Protocol_Catalog9\: LSP stack updated. OTL by OldTimer - Version 3.2.69.0 log created on 07142013_215745 Files\Folders moved on Reboot... PendingFileRenameOperations files... Registry entries deleted on Reboot...
- July 18, 2013
- 13 replies
bizcoaching!

suarezlfc replied to suarezlfc's topic in Tech Support & Discussions Forum

extrasOTL Extras logfile created on: 10/07/2013 14:29:07 - Run 3OTL by OldTimer - Version 3.2.69.0 Folder = D:\Documents and Settings\neil fulton\My Documents\Downloads Windows XP Home Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation Internet Explorer (Version = 8.0.6001.18702) Locale: 00000809 | Country: United Kingdom | Language: ENG | Date Format: dd/MM/yyyy 1022.48 Mb Total Physical Memory | 320.48 Mb Available Physical Memory | 31.34% Memory free 2.40 Gb Paging File | 1.73 Gb Available in Paging File | 71.96% Paging File free Paging file location(s): C:\pagefile.sys 0 0 [binary data] %SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files Drive C: | 37.80 Gb Total Space | 16.54 Gb Free Space | 43.75% Space Free | Partition Type: NTFS Drive D: | 111.24 Gb Total Space | 79.48 Gb Free Space | 71.45% Space Free | Partition Type: NTFS Computer Name: SN049765120045 | User Name: neil fulton | Logged in as Administrator. Boot Mode: Normal | Scan Mode: Current user Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days ========== Extra Registry (SafeList) ========== ========== File Associations ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>] .cpl [@ = cplfile] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%* [HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>] .html [@ = htmlfile] -- Reg Error: Key error. File not found ========== Shell Spawning ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command] batfile [open] -- "%1" %* cmdfile [open] -- "%1" %* comfile [open] -- "%1" %* cplfile [cplopen] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%* exefile [open] -- "%1" %* htmlfile [edit] -- Reg Error: Key error. piffile [open] -- "%1" %* regfile [merge] -- Reg Error: Key error. scrfile [config] -- "%1" scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l scrfile [open] -- "%1" /S txtfile [edit] -- Reg Error: Key error. Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1 Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation) Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation) Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) ========== Security Center Settings ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center] "FirstRunDisabled" = 1 "AntiVirusDisableNotify" = 0 "FirewallDisableNotify" = 0 "UpdatesDisableNotify" = 0 "AntiVirusOverride" = 1 "FirewallOverride" = 0 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall] "DisableMonitoring" = 1 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall] ========== System Restore Settings ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore] "DisableSR" = 0 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Sr] "Start" = 0 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SrService] "Start" = 2 ========== Firewall Settings ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall] [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile] [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile] "EnableFirewall" = 1 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile] "EnableFirewall" = 1 "DoNotAllowExceptions" = 0 ========== Authorized Applications List ========== [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List] "C:\Program Files\Virgin Broadband Wireless\Wireless Manager.exe" = C:\Program Files\Virgin Broadband Wireless\Wireless Manager.exe:*:Enabled:Wireless Manager Application -- (Affinegy, Inc.) "C:\Program Files\AVG\AVG2013\avgmfapx.exe" = C:\Program Files\AVG\AVG2013\avgmfapx.exe:*:Enabled:AVG Installer "C:\Program Files\Common Files\Apple\Apple Application Support\WebKit2WebProcess.exe" = C:\Program Files\Common Files\Apple\Apple Application Support\WebKit2WebProcess.exe:*:Enabled:WebKit -- (Apple Inc.) "C:\Program Files\iTunes\iTunes.exe" = C:\Program Files\iTunes\iTunes.exe:*:Enabled:iTunes -- (Apple Inc.) ========== HKEY_LOCAL_MACHINE Uninstall List ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall] "{00C1B233-D218-484B-8078-9375482C5608}" = LeapFrog Tag Plugin "{048298C9-A4D3-490B-9FF9-AB023A9238F3}" = Steam "{0611BD4E-4FE4-4a62-B0C0-18A4CC463428}" = CP_Package_Variety1 "{09984AEC-6B9F-4ca7-B78D-CB44D4771DA3}" = Destinations "{0A0CADCF-78DA-33C4-A350-CD51849B9702}" = Microsoft .NET Framework 4 Extended "{0B33B738-AD79-4E32-90C5-E67BFB10BBFF}" = AiO_Scan "{0C808377-8C23-44ED-9016-05F42E6D4900}" = Nokia Suite "{15EE79F4-4ED1-4267-9B0F-351009325D7D}" = HP Software Update "{18455581-E099-4BA8-BC6B-F34B2F06600C}" = Google Toolbar for Internet Explorer "{1C139D7D-9FEA-468d-A9C8-2A6E3BDE564A}" = CP_Package_Variety3 "{21657574-BD54-48A2-9450-EB03B2C7FC29}" = Sonic MyDVD "{2318C2B1-4965-11d4-9B18-009027A5CD4F}" = Google Toolbar for Internet Explorer "{26A24AE4-039D-4CA4-87B4-2F83217025FF}" = Java 7 Update 25 "{29373274-977E-413C-A4DE-DC0F8E80C429}" = Nokia Connectivity Cable Driver "{2CADCEAB-D5DA-44D6-B5FC-7DEE87AB3C0C}" = Unload "{30C19FF2-7FBA-4d09-B9DE-1659977F64F6}" = TrayApp "{350C97B0-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP "{35ED3F83-4BDC-4c44-8EC6-6A8301C7413A}" = McAfee SiteAdvisor "{390DD8BB-BB57-4942-A029-2D913E4E9D74}" = Microsoft Security Client "{3C3901C5-3455-3E0A-A214-0B093A5070A6}" = Microsoft .NET Framework 4 Client Profile "{416D80BA-6F6D-4672-B7CF-F54DA2F80B44}" = Microsoft Works "{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater "{54E3707F-808E-4fd4-95C9-15D1AB077E5D}" = NewCopy "{56F8AFC3-FA98-4ff1-9673-8A026CBF85BE}" = WebReg "{5B622B7A-60FB-4630-B11D-F121D20BCCD6}" = MarketResearch "{5B79CFD1-6845-4158-9D7D-6BE89DF2C135}" = HP PSC & OfficeJet 5.3.B "{5D09C772-ECB3-442B-9CC6-B4341C78FDC2}" = Apple Application Support "{612C34C7-5E90-47D8-9B5C-0F717DD82726}" = swMSM "{65248369-7CB9-43A9-82C8-C438AE04DED4}" = 1500 "{66E6CE0C-5A1E-430C-B40A-0C90FF1804A8}" = eSupportQFolder "{6BB6627C-694F-4FDC-A3E5-C7F4BED4C724}" = DocProc "{6D01D1B1-17BD-4F10-BB11-F08F0C47D42B}" = PC Connectivity Solution "{6D3245B1-8DB8-4A23-9CD2-2C90F40ABAF6}" = MSVC80_x86_v2 "{6F5E2F4A-377D-4700-B0E3-8F7F7507EA15}" = CustomerResearchQFolder "{7850A6D2-CBEA-4728-9877-F1BEDEA9F619}" = AiOSoftware "{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}" = Apple Software Update "{7C9B95B7-B598-4398-B30F-7F6827192E6C}" = ProductContext "{7D1D6A24-65D4-454C-8815-4F08A5FFF12C}" = Macromedia Shockwave Player "{81E06318-EEB9-4D55-8CD5-7AC9148D5E66}" = 1500_Help "{91FD46D2-4FB7-4A51-8637-556E1BE1DB7C}" = iTunes "{923A7F5A-1E8C-4FBE-8DF6-85940A60A79F}" = Readme "{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting "{9541FED0-327F-4DF0-8B96-EF57EF622F19}" = Sonic RecordNow! "{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 "{9E17C94B-913A-48A4-B1A8-8CE25157C170}" = Media Player Product Tool 5.30 "{A195B13E-A5E3-4BAF-A995-7F70F445CD06}" = ScannerCopy "{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}" = Microsoft .NET Framework 3.0 Service Pack 2 "{A4B9033B-D183-4A6C-9BCB-6BC8F80B939D}" = RPS CRT "{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper "{AB05F2C8-F608-403b-95E1-FD8ADFACD31E}" = Windows 7 Upgrade Advisor "{AB5D51AE-EBC3-438D-872C-705C7C2084B0}" = DeviceManagementQFolder "{AC76BA86-7AD7-1033-7B44-AA1000000001}" = Adobe Reader X (10.1.3) "{AF111648-99A1-453E-81DD-80DBBF6DAD0D}" = MSVC90_x86 "{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.ControlPanel" = NVIDIA Control Panel 285.58 "{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NView" = NVIDIA nView 135.95 "{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update" = NVIDIA Update 1.5.20 "{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_installer" = NVIDIA Install Application "{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NVIDIA.Update" = NVIDIA Update Components "{B67BAFBA-4C9F-48FA-9496-933E3B255044}" = QuickTime "{B824B5C9-849F-4b9e-9EA7-6FD8CD8116DA}" = CP_Package_Variety2 "{B996AE66-10DB-4ac5-B151-E8B4BFBC42FC}" = BufferChm "{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}" = Microsoft .NET Framework 2.0 Service Pack 2 "{C506A18C-1469-4678-B094-F4EC9DAE6DB7}" = Scan "{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}" = Microsoft .NET Framework 1.1 "{CBA30674-A242-4531-82B5-586B31F90E04}" = 1500Trb "{CE24344F-DFD8-40C8-8FD8-C9740B5F25AC}" = Fax "{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1 "{D19C4BCB-FAAE-48C1-A423-3DA40C3B7F42}" = LeapFrog Leapster Explorer Plugin "{E14ADE0E-75F3-4A46-87E5-26692DD626EC}" = Apple Mobile Device Support "{E38C00D0-A68B-4318-A8A6-F7D4B5B1DF0E}" = Windows Media Encoder 9 Series "{E3B64CC5-C011-40C0-92BC-7316CD5E5688}" = Microsoft_VC100_CRT_SP1_x86 "{E3F90083-80D4-4b5a-87C7-E97E12F5516D}" = HPProductAssistant "{EA103B64-C0E4-4C0E-A506-751590E1653D}" = SolutionCenter "{ec4b6105-e039-42fb-8e18-c8aa393f0018}_is1" = VshareComplete "{ECDD5C30-074C-4586-80BC-1FD0F2E9AAD7}" = SM56Tester "{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 "{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver "{F4C2E5F5-2970-45f4-ABD3-C180C4D961C4}" = Status "{F9D59E62-845F-49A2-8B75-DDB00661673C}" = LeapFrog Connect "{FE5ED1C0-A340-4EAC-B4BE-FA0AB173436C}" = LeapFrog LeapPad Explorer Plugin "{FE64AE29-0883-4C70-8388-DC026019C900}" = HP Image Zone Express "{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 "17D063A0A9F5D5A225B76B1D9BCB5ADBE85C8382" = Windows Driver Package - Nokia pccsmcfd “LegacyDriver” (05/31/2012 7.1.2.0) "2B0D8F3C-18AD-4D8E-879A-74A867C5C3CB_is1" = Wireless Manager "781745E87AFF80C0C1388CFF79D19ECAB2E9BB47" = Windows Driver Package - LeapFrog (FlyUsb) USB (11/05/2008 1.1.1.0) "8F14F2ECEDE68D26EA515B48DC25B39103C4FE8D" = Windows Driver Package - Leapfrog (Leapfrog-USBLAN) Net (09/10/2009 02.03.05.012) "Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX "Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin "Adobe Shockwave Player" = Adobe Shockwave Player 11.6 "Chronicles of Mystery HO2/EN-English_is1" = Chronicles of Mystery: Secret of the Lost Kingdom "ESET Online Scanner" = ESET Online Scanner v3 "eSupport UndeletePlus_is1" = eSupport UndeletePlus 3.0.2.406 "HP Imaging Device Functions" = HP Imaging Device Functions 5.3 "HP Solution Center & Imaging Support Tools" = HP Solution Center & Imaging Support Tools 5.3 "HPExtendedCapabilities" = HP Extended Capabilities 5.3 "ie8" = Windows Internet Explorer 8 "LeapPadExplorerPlugin" = Use the entry named LeapFrog Connect to uninstall (LeapFrog LeapPad Explorer Plugin) "LeapsterExplorerPlugin" = Use the entry named LeapFrog Connect to uninstall (LeapFrog Leapster Explorer Plugin) "Malwarebytes' Anti-Malware_is1" = Malwarebytes Anti-Malware version 1.75.0.1300 "McAfee Security Scan" = McAfee Security Scan Plus "Microsoft .NET Framework 1.1 (1033)" = Microsoft .NET Framework 1.1 "Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1 "Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile "Microsoft .NET Framework 4 Extended" = Microsoft .NET Framework 4 Extended "Microsoft Security Client" = Microsoft Security Essentials "MSCompPackV1" = Microsoft Compression Client Pack 1.0 for Windows XP "Nokia Suite" = Nokia Suite "RadialpointClientGateway_is1" = Virgin Media Service Manager 4.1.16 "RadialpointHomeSecurityDashboard_is1" = Virgin Media Digital Home Support 2.1.27 "RadialpointSecurityAdvisorService_is1" = Radialpoint Security Advisor 2.5.23 "Secunia PSI" = Secunia PSI (3.0.0.2004) "Smart Defrag 2_is1" = Smart Defrag 2 "SMSERIAL" = Motorola SM56 Data Fax Modem "Speccy" = Speccy "Steam App 71270" = Football Manager 2012 "TagPlugin" = Use the entry named LeapFrog Connect to uninstall (LeapFrog Tag Plugin) "UPCShell" = LeapFrog Connect "vShare.tv plugin" = vShare.tv plugin 1.3 "Wdf01007" = Microsoft Kernel-Mode Driver Framework Feature Pack 1.7 "Wdf01009" = Microsoft Kernel-Mode Driver Framework Feature Pack 1.9 "WIC" = Windows Imaging Component "Windows Media Format Runtime" = Windows Media Format 11 runtime "Windows Media Player" = Windows Media Player 11 "Windows XP Service Pack" = Windows XP Service Pack 3 "winusb0100" = Microsoft WinUsb 1.0 "WMFDist11" = Windows Media Format 11 runtime "wmp11" = Windows Media Player 11 "Wudf01007" = Microsoft User-Mode Driver Framework Feature Pack 1.7 ========== HKEY_CURRENT_USER Uninstall List ========== [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall] "Google Chrome" = Google Chrome ========== Last 20 Event Log Errors ========== [ Application Events ] Error - 07/07/2013 13:24:28 | Computer Name = SN049765120045 | Source = MsiInstaller | ID = 10005 Description = Product: Windows Phone app for desktop -- We can't install the Windows Phone app for desktop on server operating systems. [ System Events ] Error - 05/07/2013 12:15:35 | Computer Name = SN049765120045 | Source = Service Control Manager | ID = 7009 Description = Timeout (30000 milliseconds) waiting for the Google Software Updater service to connect. Error - 06/07/2013 12:45:15 | Computer Name = SN049765120045 | Source = DCOM | ID = 10005 Description = DCOM got error "%1053" attempting to start the service gusvc with arguments "" in order to run the server: {89DAE4CD-9F17-4980-902A-99BA84A8F5C8} Error - 06/07/2013 12:45:28 | Computer Name = SN049765120045 | Source = Service Control Manager | ID = 7009 Description = Timeout (30000 milliseconds) waiting for the Google Software Updater service to connect. Error - 07/07/2013 08:42:39 | Computer Name = SN049765120045 | Source = Dhcp | ID = 1002 Description = The IP address lease 192.168.1.2 for the Network Card with network address 0016E6106FFB has been denied by the DHCP server 192.168.1.1 (The DHCP Server sent a DHCPNACK message). Error - 07/07/2013 08:59:05 | Computer Name = SN049765120045 | Source = Microsoft Antimalware | ID = 2001 Description = %%860 has encountered an error trying to update signatures. New Signature Version: Previous Signature Version: 1.153.1421.0 Update Source: %%859 Update Stage: %%854 Source Path: http://www.microsoft.com Signature Type: %%800 Update Type: %%803 User: NT AUTHORITY\SYSTEM Current Engine Version: Previous Engine Version: 1.1.9607.0 Error code: 0x80240016 Error description: An unexpected problem occurred while checking for updates. For information on installing or troubleshooting updates, see Help and Support. Error - 07/07/2013 08:59:05 | Computer Name = SN049765120045 | Source = Microsoft Antimalware | ID = 2001 Description = %%860 has encountered an error trying to update signatures. New Signature Version: Previous Signature Version: 1.153.1421.0 Update Source: %%859 Update Stage: %%854 Source Path: http://www.microsoft.com Signature Type: %%800 Update Type: %%803 User: NT AUTHORITY\SYSTEM Current Engine Version: Previous Engine Version: 1.1.9607.0 Error code: 0x80240016 Error description: An unexpected problem occurred while checking for updates. For information on installing or troubleshooting updates, see Help and Support. Error - 07/07/2013 08:59:05 | Computer Name = SN049765120045 | Source = Microsoft Antimalware | ID = 2001 Description = %%860 has encountered an error trying to update signatures. New Signature Version: Previous Signature Version: 1.153.1421.0 Update Source: %%859 Update Stage: %%853 Source Path: http://www.microsoft.com Signature Type: %%800 Update Type: %%803 User: NT AUTHORITY\SYSTEM Current Engine Version: Previous Engine Version: 1.1.9607.0 Error code: 0x80240016 Error description: An unexpected problem occurred while checking for updates. For information on installing or troubleshooting updates, see Help and Support. Error - 07/07/2013 12:33:13 | Computer Name = SN049765120045 | Source = Service Control Manager | ID = 7026 Description = The following boot-start or system-start driver(s) failed to load: abp480n5 adpu160m agp440 agpCPQ Aha154x aic78u2 aic78xx AliIde alim1541 amdagp amsint asc asc3350p asc3550 cbidf cd20xrnt CmdIde Cpqarray dac2w2k dac960nt dpti2o hpn i2omp ini910u IntelIde mraid35x perc2 perc2hib ql1080 Ql10wnt ql12160 ql1240 ql1280 sisagp Sparrow symc810 symc8xx sym_hi sym_u3 TosIde ultra viaagp ViaIde Error - 07/07/2013 13:00:04 | Computer Name = SN049765120045 | Source = Ntfs | ID = 262199 Description = The file system structure on the disk is corrupt and unusable. Please run the chkdsk utility on the volume D:. Error - 07/07/2013 13:23:00 | Computer Name = SN049765120045 | Source = Service Control Manager | ID = 7034 Description = The Java Quick Starter service terminated unexpectedly. It has done this 1 time(s). < End of report >
- July 14, 2013
- 13 replies
bizcoaching!

suarezlfc replied to suarezlfc's topic in Tech Support & Discussions Forum

otl OTL logfile created on: 10/07/2013 14:29:06 - Run 3 OTL by OldTimer - Version 3.2.69.0 Folder = D:\Documents and Settings\neil fulton\My Documents\Downloads Windows XP Home Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation Internet Explorer (Version = 8.0.6001.18702) Locale: 00000809 | Country: United Kingdom | Language: ENG | Date Format: dd/MM/yyyy 1022.48 Mb Total Physical Memory | 320.48 Mb Available Physical Memory | 31.34% Memory free 2.40 Gb Paging File | 1.73 Gb Available in Paging File | 71.96% Paging File free Paging file location(s): C:\pagefile.sys 0 0 [binary data] %SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files Drive C: | 37.80 Gb Total Space | 16.54 Gb Free Space | 43.75% Space Free | Partition Type: NTFS Drive D: | 111.24 Gb Total Space | 79.48 Gb Free Space | 71.45% Space Free | Partition Type: NTFS Computer Name: SN049765120045 | User Name: neil fulton | Logged in as Administrator. Boot Mode: Normal | Scan Mode: Current user Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days ========== Processes (SafeList) ========== PRC - D:\Documents and Settings\neil fulton\My Documents\Downloads\OTL (1).exe (OldTimer Tools) PRC - C:\Program Files\Java\jre7\bin\jqs.exe (Oracle Corporation) PRC - c:\Program Files\McAfee\SiteAdvisor\McSACore.exe (McAfee, Inc.) PRC - C:\Program Files\Nokia\Nokia Suite\NokiaSuite.exe (Nokia) PRC - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe (Nokia) PRC - C:\Program Files\PC Connectivity Solution\Transports\NclUSBSrv.exe (Nokia) PRC - C:\Program Files\PC Connectivity Solution\Transports\NclMSBTSrv.exe (Nokia) PRC - C:\Program Files\McAfee Security Scan\3.0.318\SSScheduler.exe (McAfee, Inc.) PRC - C:\Program Files\Microsoft Security Client\MsMpEng.exe (Microsoft Corporation) PRC - C:\Program Files\Microsoft Security Client\msseces.exe (Microsoft Corporation) PRC - C:\Program Files\Secunia\PSI\psia.exe (Secunia) PRC - C:\Program Files\Secunia\PSI\sua.exe (Secunia) PRC - C:\Program Files\Secunia\PSI\psi_tray.exe (Secunia) PRC - C:\Program Files\Virgin Media\Service Manager\ServicepointService.exe (Radialpoint SafeCare Inc.) PRC - C:\Program Files\LeapFrog\LeapFrog Connect\Monitor.exe (LeapFrog Enterprises, Inc.) PRC - C:\Program Files\LeapFrog\LeapFrog Connect\CommandService.exe (LeapFrog Enterprises, Inc.) PRC - C:\Program Files\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe (NVIDIA Corporation) PRC - C:\Program Files\IObit\Smart Defrag 2\SmartDefrag.exe (IObit) PRC - D:\Documents and Settings\neil fulton\Local Settings\Application Data\Google\Chrome\Application\chrome.exe (Google Inc.) PRC - C:\Program Files\Virgin Media\Digital Home Support\HsdService.exe (Virgin Media) PRC - C:\Program Files\Virgin Media\Digital Home Support\DHSClient.exe (Virgin Media) PRC - C:\Program Files\Virgin Broadband Wireless\Wireless Manager.exe (Affinegy, Inc.) PRC - C:\Program Files\Virgin Broadband Wireless\AffinegyService.exe (Affinegy, Inc.) PRC - C:\Program Files\Virgin Broadband Wireless\ndis_events.exe () PRC - C:\Program Files\WinPcap\rpcapd.exe (CACE Technologies) PRC - C:\WINDOWS\explorer.exe (Microsoft Corporation) PRC - C:\APPS\SMP\SMPSYS.EXE (Packard Bell BV) PRC - c:\APPS\Powercinema\Kernel\TV\CLSched.exe () PRC - c:\APPS\Powercinema\Kernel\TV\CLCapSvc.exe () PRC - C:\APPS\Powercinema\PCMService.exe (CyberLink Corp.) PRC - c:\APPS\Powercinema\Kernel\CLML_NTService\CLMLService.exe (Cyberlink) PRC - c:\APPS\Powercinema\Kernel\CLML_NTService\CLMLServer.exe (Cyberlink) PRC - C:\WINDOWS\sm56hlpr.exe (Motorola Inc.) PRC - C:\Program Files\Common Files\Ulead Systems\AutoDetector\Monitor.exe (Ulead Systems, Inc.) PRC - C:\Program Files\Goto Software\Vade Retro\Vaderetro_oe.exe () PRC - C:\Program Files\Common Files\AOL\ACS\AOLacsd.exe (America Online, Inc.) PRC - C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe (Ulead Systems, Inc.) ========== Modules (No Company Name) ========== MOD - C:\Program Files\Nokia\Nokia Suite\phonon4.dll () MOD - C:\Program Files\Nokia\Nokia Suite\qjson.dll () MOD - C:\Program Files\Nokia\Nokia Suite\QtXmlPatterns4.dll () MOD - C:\Program Files\Nokia\Nokia Suite\QtXml4.dll () MOD - C:\Program Files\Nokia\Nokia Suite\QtWebKit4.dll () MOD - C:\Program Files\Nokia\Nokia Suite\QtScript4.dll () MOD - C:\Program Files\Nokia\Nokia Suite\QtSql4.dll () MOD - C:\Program Files\Nokia\Nokia Suite\QtNetwork4.dll () MOD - C:\Program Files\Nokia\Nokia Suite\QtOpenGL4.dll () MOD - C:\Program Files\Nokia\Nokia Suite\QtGui4.dll () MOD - C:\Program Files\Nokia\Nokia Suite\QtMultimediaKit1.dll () MOD - C:\Program Files\Nokia\Nokia Suite\QtDeclarative4.dll () MOD - C:\Program Files\Nokia\Nokia Suite\QtCore4.dll () MOD - C:\Program Files\Nokia\Nokia Suite\sqldrivers\qsqlite4.dll () MOD - C:\Program Files\Nokia\Nokia Suite\Imageformats\qjpeg4.dll () MOD - C:\Program Files\Nokia\Nokia Suite\Imageformats\qico4.dll () MOD - C:\Program Files\Nokia\Nokia Suite\Imageformats\qgif4.dll () MOD - C:\Program Files\Nokia\Nokia Suite\NService.dll () MOD - C:\Program Files\Nokia\Nokia Suite\CommonUpdateChecker.dll () MOD - C:\Program Files\Nokia\Nokia Suite\ssoengine.dll () MOD - C:\Program Files\Nokia\Nokia Suite\securestorage.dll () MOD - C:\WINDOWS\system32\quartz.dll () MOD - C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll () MOD - C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll () MOD - C:\Program Files\LeapFrog\LeapFrog Connect\QtGui4.dll () MOD - C:\Program Files\LeapFrog\LeapFrog Connect\QtCore4.dll () MOD - C:\Program Files\IObit\Smart Defrag 2\NtfsData.dll () MOD - D:\Documents and Settings\neil fulton\Local Settings\Application Data\Google\Chrome\Application\11.0.696.65\ppgooglenaclpluginchrome.dll () MOD - D:\Documents and Settings\neil fulton\Local Settings\Application Data\Google\Chrome\Application\11.0.696.65\pdf.dll () MOD - D:\Documents and Settings\neil fulton\Local Settings\Application Data\Google\Chrome\Application\11.0.696.65\Locales\en-US.dll () MOD - D:\Documents and Settings\neil fulton\Local Settings\Application Data\Google\Chrome\Application\11.0.696.65\avutil-50.dll () MOD - D:\Documents and Settings\neil fulton\Local Settings\Application Data\Google\Chrome\Application\11.0.696.65\avformat-52.dll () MOD - D:\Documents and Settings\neil fulton\Local Settings\Application Data\Google\Chrome\Application\11.0.696.65\avcodec-52.dll () MOD - C:\Program Files\Virgin Broadband Wireless\AffinegyServicePS.dll () MOD - C:\Program Files\Virgin Broadband Wireless\ndis_events.exe () MOD - C:\WINDOWS\system32\pthreadVC.dll () MOD - C:\WINDOWS\system32\msdmo.dll () MOD - C:\WINDOWS\system32\devenum.dll () MOD - c:\APPS\Powercinema\Kernel\TV\CLSched.exe () MOD - c:\APPS\Powercinema\Kernel\TV\CLCapSvc.exe () MOD - c:\APPS\Powercinema\Kernel\TV\CLCapEngine.dll () MOD - c:\APPS\Powercinema\Kernel\TV\CLSchMgr.dll () MOD - c:\APPS\Powercinema\Kernel\TV\CLCapSvcps.dll () MOD - c:\APPS\Powercinema\Kernel\TV\CLSchedps.dll () MOD - C:\WINDOWS\sm56spn.dll () MOD - C:\WINDOWS\sm56jpn.dll () MOD - C:\WINDOWS\sm56itl.dll () MOD - C:\WINDOWS\sm56eng.dll () MOD - C:\WINDOWS\sm56ger.dll () MOD - C:\WINDOWS\sm56fra.dll () MOD - C:\WINDOWS\sm56brz.dll () MOD - C:\WINDOWS\sm56cht.dll () MOD - C:\WINDOWS\sm56chs.dll () MOD - C:\Program Files\Goto Software\Vade Retro\Vaderetro_oe.exe () MOD - C:\Program Files\Goto Software\Vade Retro\VrOe_hook.dll () MOD - C:\Program Files\Common Files\Ulead Systems\AutoDetector\DetMethod.dll () ========== Services (SafeList) ========== SRV - (HidServ) -- %SystemRoot%\System32\hidserv.dll File not found SRV - (AppMgmt) -- %SystemRoot%\System32\appmgmts.dll File not found SRV - (JavaQuickStarterService) -- C:\Program Files\Java\jre7\bin\jqs.exe (Oracle Corporation) SRV - (AdobeFlashPlayerUpdateSvc) -- C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe (Adobe Systems Incorporated) SRV - (McAfee SiteAdvisor Service) -- c:\Program Files\McAfee\SiteAdvisor\McSACore.exe (McAfee, Inc.) SRV - (ServiceLayer) -- C:\Program Files\PC Connectivity Solution\ServiceLayer.exe (Nokia) SRV - (McComponentHostService) -- C:\Program Files\McAfee Security Scan\3.0.318\McCHSvc.exe (McAfee, Inc.) SRV - (MsMpSvc) -- C:\Program Files\Microsoft Security Client\MsMpEng.exe (Microsoft Corporation) SRV - (Secunia PSI Agent) -- C:\Program Files\Secunia\PSI\psia.exe (Secunia) SRV - (Secunia Update Agent) -- C:\Program Files\Secunia\PSI\sua.exe (Secunia) SRV - (ServicepointService) -- C:\Program Files\Virgin Media\Service Manager\ServicepointService.exe (Radialpoint SafeCare Inc.) SRV - (LeapFrog Connect Device Service) -- C:\Program Files\LeapFrog\LeapFrog Connect\CommandService.exe (LeapFrog Enterprises, Inc.) SRV - (nvUpdatusService) -- C:\Program Files\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe (NVIDIA Corporation) SRV - (HsdService) -- C:\Program Files\Virgin Media\Digital Home Support\HsdService.exe (Virgin Media) SRV - (Steam Client Service) -- C:\Program Files\Common Files\Steam\SteamService.exe (Valve Corporation) SRV - (AffinegyService) -- C:\Program Files\Virgin Broadband Wireless\AffinegyService.exe (Affinegy, Inc.) SRV - (rpcapd) -- C:\Program Files\WinPcap\rpcapd.exe (CACE Technologies) SRV - (Pml Driver HPZ12) -- C:\WINDOWS\system32\HPZipm12.exe (HP) SRV - (CLSched) -- c:\APPS\Powercinema\Kernel\TV\CLSched.exe () SRV - (CLCapSvc) -- c:\APPS\Powercinema\Kernel\TV\CLCapSvc.exe () SRV - (CyberLink Media Library Service) -- c:\APPS\Powercinema\Kernel\CLML_NTService\CLMLServer.exe (Cyberlink) SRV - (AOL ACS) -- C:\Program Files\Common Files\AOL\ACS\AOLacsd.exe (America Online, Inc.) SRV - (UleadBurningHelper) -- C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe (Ulead Systems, Inc.) ========== Driver Services (SafeList) ========== DRV - (AFGMp50) -- System32\Drivers\AFGMp50.sys File not found DRV - (nmwcdnsu) -- C:\WINDOWS\system32\drivers\nmwcdnsu.sys (Nokia) DRV - (nmwcdnsuc) -- C:\WINDOWS\system32\drivers\nmwcdnsuc.sys (Nokia) DRV - (nmwcdc) -- C:\WINDOWS\system32\drivers\ccdcmbo.sys (Nokia) DRV - (nmwcd) -- C:\WINDOWS\system32\drivers\ccdcmb.sys (Nokia) DRV - (UsbserFilt) -- C:\WINDOWS\system32\drivers\usbser_lowerfltj.sys (Nokia) DRV - (upperdev) -- C:\WINDOWS\system32\drivers\usbser_lowerflt.sys (Nokia) DRV - (pccsmcfd) -- C:\WINDOWS\system32\drivers\pccsmcfd.sys (Nokia) DRV - (PSI) -- C:\WINDOWS\system32\drivers\psi_mf.sys (Secunia) DRV - (Leapfrog-USBLAN) -- C:\WINDOWS\system32\drivers\btblan.sys (Belcarra Technologies) DRV - (SmartDefragDriver) -- C:\WINDOWS\system32\drivers\SmartDefragDriver.sys () DRV - (AFGSp50) -- C:\WINDOWS\system32\drivers\AFGSp50.sys (Printing Communications Assoc., Inc. (PCAUSA)) DRV - (NPF) -- C:\WINDOWS\system32\drivers\npf.sys (CACE Technologies) DRV - (FlyUsb) -- C:\WINDOWS\system32\drivers\FlyUsb.sys (LeapFrog) DRV - (ASCTRM) -- C:\WINDOWS\System32\drivers\asctrm.sys (Windows ® 2000 DDK provider) DRV - (IntcAzAudAddService) -- C:\WINDOWS\system32\drivers\RtkHDAud.Sys (Realtek Semiconductor Corp.) DRV - (smserial) -- C:\WINDOWS\system32\drivers\smserial.sys (Motorola Inc.) DRV - (RTL8023xp) -- C:\WINDOWS\system32\drivers\Rtnicxp.sys (Realtek Semiconductor Corporation ) DRV - (HdAudAddService) -- C:\WINDOWS\system32\drivers\Hdaudio.sys (Windows ® Server 2003 DDK provider) DRV - (wanatw) -- C:\WINDOWS\system32\drivers\wanatw4.sys (America Online, Inc.) ========== Standard Registry (SafeList) ========== ========== Internet Explorer ========== IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com IE - HKLM\..\SearchScopes,DefaultScope = IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://search.live.com/results.aspx?q={searchTerms}&src={referrer:source?} IE - HKLM\..\SearchScopes\{7D1CC8B6-4271-40C8-BA9E-91854C72078F}: "URL" = http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7 IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.co.uk/ IE - HKCU\..\URLSearchHook: {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\Program Files\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.) IE - HKCU\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A} IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC IE - HKCU\..\SearchScopes\{4E9D8D44-C087-446F-9AAF-32AED87212EA}: "URL" = http://www.bing.com/search?q={searchTerms}&r=468 IE - HKCU\..\SearchScopes\{601115BF-FE84-4E00-AAAE-281610222DF3}: "URL" = http://uk.search.yahoo.com/search?fr=mcafee&p={SearchTerms} IE - HKCU\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC IE - HKCU\..\SearchScopes\{7D1CC8B6-4271-40C8-BA9E-91854C72078F}: "URL" = http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7&rlz=1I7PRFB_enGB466 IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 ========== FireFox ========== FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\WINDOWS\system32\Macromed\Flash\NPSWF32_11_7_700_224.dll () FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\WINDOWS\system32\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.) FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll () FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.25.2: C:\WINDOWS\system32\npDeployJava1.dll (Oracle Corporation) FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.25.2: C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation) FF - HKLM\Software\MozillaPlugins\@mcafee.com/McAfeeMssPlugin: C:\Program Files\McAfee Security Scan\3.0.318\npMcAfeeMss.dll (McAfee, Inc.) FF - HKLM\Software\MozillaPlugins\@mcafee.com/SAFFPlugin: C:\Program Files\McAfee\SiteAdvisor\npmcffplg32.dll (McAfee, Inc.) FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@nokia.com/EnablerPlugin: C:\Program Files\Nokia\Nokia Suite\npNokiaSuiteEnabler.dll ( ) FF - HKLM\Software\MozillaPlugins\@radialpoint.com/SPA,version=1: C:\Program Files\Virgin Media\Service Manager\nprpspa.dll (Virgin Media) FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.21.153\npGoogleUpdate3.dll (Google Inc.) FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.21.153\npGoogleUpdate3.dll (Google Inc.) FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.) FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: D:\Documents and Settings\neil fulton\Local Settings\Application Data\Google\Update\1.3.21.53\npGoogleUpdate3.dll (Google Inc.) FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: D:\Documents and Settings\neil fulton\Local Settings\Application Data\Google\Update\1.3.21.53\npGoogleUpdate3.dll (Google Inc.) FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\jqs@sun.com: C:\Program Files\Java\jre6\lib\deploy\jqs\ff FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{4ED1F68A-5463-4931-9384-8FFF5ED91D92}: C:\Program Files\McAfee\SiteAdvisor [2013/06/02 09:46:36 | 000,000,000 | ---D | M] [2013/04/27 19:59:07 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions ========== Chrome ========== CHR - default_search_provider: Web Search (Enabled) CHR - default_search_provider: search_url = http://startsear.ch/?aff=1&src=sp&cf=697b68cc-191b-11e1-974c-0016e6106ffb&q={searchTerms} CHR - default_search_provider: suggest_url = CHR - homepage: CHR - plugin: Shockwave Flash (Enabled) = D:\Documents and Settings\neil fulton\Local Settings\Application Data\Google\Chrome\Application\11.0.696.65\gcswf32.dll CHR - plugin: Shockwave Flash (Enabled) = C:\WINDOWS\system32\Macromed\Flash\NPSWF32.dll CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files\QuickTime\plugins\npqtplugin.dll CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files\QuickTime\plugins\npqtplugin2.dll CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files\QuickTime\plugins\npqtplugin3.dll CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files\QuickTime\plugins\npqtplugin4.dll CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files\QuickTime\plugins\npqtplugin5.dll CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files\QuickTime\plugins\npqtplugin6.dll CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files\QuickTime\plugins\npqtplugin7.dll CHR - plugin: Adobe Acrobat (Disabled) = C:\Program Files\Adobe\Reader 10.0\Reader\Browser\nppdf32.dll CHR - plugin: Windows Media Player Plug-in Dynamic Link Library (Enabled) = C:\Program Files\Windows Media Player\npdsplay.dll CHR - plugin: Chrome PDF Viewer (Enabled) = D:\Documents and Settings\neil fulton\Local Settings\Application Data\Google\Chrome\Application\11.0.696.65\pdf.dll CHR - plugin: Chrome NaCl (Disabled) = D:\Documents and Settings\neil fulton\Local Settings\Application Data\Google\Chrome\Application\11.0.696.65\ppGoogleNaClPluginChrome.dll CHR - plugin: Google Gears 0.5.33.0 (Enabled) = D:\Documents and Settings\neil fulton\Local Settings\Application Data\Google\Chrome\Application\11.0.696.65\gears.dll CHR - plugin: McAfee SiteAdvisor (Enabled) = D:\Documents and Settings\neil fulton\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\fheoggkfdfchfphceeifdbepaooicaho\3.41.123.2_0\McChPlg.dll CHR - plugin: McAfee SiteAdvisor (Enabled) = C:\Program Files\McAfee\SiteAdvisor\npmcffplg32.dll CHR - plugin: vShare.tv plug-in (Enabled) = D:\Documents and Settings\neil fulton\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\kpionmjnkbpcdpcflammlgllecmejgjj\1.3_0\chvsharetvplg.dll CHR - plugin: Client Gateway 4.1.16 (Enabled) = D:\Documents and Settings\neil fulton\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\lmmhpfbhngkongobaoibpmnijjokabmj\1.0_0\nprpspa.dll CHR - plugin: Java Platform SE 7 U2 (Enabled) = C:\Program Files\Java\jre7\bin\new_plugin\npjp2.dll CHR - plugin: Microsoft DRM (Enabled) = C:\Program Files\Windows Media Player\npdrmv2.dll CHR - plugin: Microsoft DRM (Enabled) = C:\Program Files\Windows Media Player\npwmsdrm.dll CHR - plugin: Google Update (Enabled) = C:\Program Files\Google\Update\1.3.21.99\npGoogleUpdate3.dll CHR - plugin: MetaStream 3 Plugin (Enabled) = C:\Program Files\Viewpoint\Viewpoint Experience Technology\npViewpoint.dll CHR - plugin: iTunes Application Detector (Enabled) = C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll CHR - plugin: Windows Presentation Foundation (Enabled) = C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll CHR - plugin: Default Plug-in (Enabled) = default_plugin CHR - Extension: SiteAdvisor = D:\Documents and Settings\neil fulton\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\fheoggkfdfchfphceeifdbepaooicaho\3.6.2.1341_0\ CHR - Extension: vshare plugin = D:\Documents and Settings\neil fulton\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\kpionmjnkbpcdpcflammlgllecmejgjj\1.3_0\ CHR - Extension: Radialpoint SPD Extension = D:\Documents and Settings\neil fulton\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\lmmhpfbhngkongobaoibpmnijjokabmj\1.0_0\ O1 HOSTS File: ([2012/01/20 22:57:19 | 000,000,098 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\Hosts O1 - Hosts: 127.0.0.1 localhost O1 - Hosts: ::1 localhost O2 - BHO: (MSS+ Identifier) - {0E8A89AD-95D7-40EB-8D9D-083EF7066A01} - C:\Program Files\McAfee Security Scan\3.0.318\McAfeeMSS_IE.dll (McAfee, Inc.) O2 - BHO: (Java Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation) O2 - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.7.8313.1002\swg.dll (Google Inc.) O2 - BHO: (McAfee SiteAdvisor BHO) - {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - c:\Program Files\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.) O2 - BHO: (Java Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation) O3 - HKLM\..\Toolbar: (McAfee SiteAdvisor Toolbar) - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\Program Files\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.) O4 - HKLM..\Run: [APSDaemon] C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.) O4 - HKLM..\Run: [DHSClient.exe] C:\Program Files\Virgin Media\Digital Home Support\DHSClient.exe (Virgin Media) O4 - HKLM..\Run: [High Definition Audio Property Page Shortcut] C:\WINDOWS\System32\HdAShCut.exe (Windows ® Server 2003 DDK provider) O4 - HKLM..\Run: [iMJPMIG8.1] C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE (Microsoft Corporation) O4 - HKLM..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k File not found O4 - HKLM..\Run: [Monitor] C:\Program Files\LeapFrog\LeapFrog Connect\Monitor.exe (LeapFrog Enterprises, Inc.) O4 - HKLM..\Run: [MSC] C:\Program Files\Microsoft Security Client\msseces.exe (Microsoft Corporation) O4 - HKLM..\Run: [PCMService] c:\apps\Powercinema\PCMService.exe (CyberLink Corp.) O4 - HKLM..\Run: [PHIME2002A] C:\WINDOWS\System32\IME\TINTLGNT\TINTSETP.EXE (Microsoft Corporation) O4 - HKLM..\Run: [PHIME2002ASync] C:\WINDOWS\System32\IME\TINTLGNT\TINTSETP.EXE (Microsoft Corporation) O4 - HKLM..\Run: [serviceManager.exe] C:\Program Files\Virgin Media\Service Manager\ServiceManager.exe (Virgin Media) O4 - HKLM..\Run: [sMSERIAL] C:\WINDOWS\sm56hlpr.exe (Motorola Inc.) O4 - HKLM..\Run: [ulead AutoDetector v2] C:\Program Files\Common Files\Ulead Systems\AutoDetector\Monitor.exe (Ulead Systems, Inc.) O4 - HKLM..\Run: [Vade Retro Outlook Express] C:\Program Files\Goto Software\Vade Retro\Vaderetro_oe.exe () O4 - HKLM..\Run: [Wireless Manager] C:\Program Files\Virgin Broadband Wireless\Wireless Manager.exe (Affinegy, Inc.) O4 - HKCU..\Run: [] File not found O4 - HKCU..\Run: [NokiaSuite.exe] C:\Program Files\Nokia\Nokia Suite\NokiaSuite.exe (Nokia) O4 - HKCU..\Run: [smpcSys] C:\APPS\SMP\SMPSYS.EXE (Packard Bell BV) O4 - HKCU..\Run: [steam] C:\Program Files\Steam\Steam.exe (Valve Corporation) O4 - HKCU..\RunOnce: [FlashPlayerUpdate] C:\WINDOWS\System32\Macromed\Flash\FlashUtil32_11_7_700_224_ActiveX.exe (Adobe Systems Incorporated) O4 - Startup: D:\Documents and Settings\All Users\Start Menu\Programs\Startup\McAfee Security Scan Plus.lnk = C:\Program Files\McAfee Security Scan\3.0.318\SSScheduler.exe (McAfee, Inc.) O4 - Startup: D:\Documents and Settings\All Users\Start Menu\Programs\Startup\Secunia PSI Tray.lnk = C:\Program Files\Secunia\PSI\psi_tray.exe (Secunia) O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Infodelivery present O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0 O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323 O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863 O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0 O10 - Protocol_Catalog9\Catalog_Entries\000000000004 - mswsock.dll File not found O10 - Protocol_Catalog9\Catalog_Entries\000000000005 - mswsock.dll File not found O15 - HKCU\..Trusted Domains: aol.com ([objects] * is out of zone range - 5) O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} http://www.update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1365692516062 (WUWebControl Class) O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.macromedia.com/pub/shockwave/cabs/flash/swflash.cab (Shockwave Flash Object) O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{FDDA3FEC-98C4-4888-880B-B2077EF2D21C}: DhcpNameServer = 192.168.1.1 O18 - Protocol\Handler\dssrequest {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.) O18 - Protocol\Handler\sacore {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.) O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation) O20 - HKLM Winlogon: UserInit - (C:\WINDOWS\system32\userinit.exe) - C:\WINDOWS\system32\userinit.exe (Microsoft Corporation) O24 - Desktop WallPaper: C:\APPS\DESKTOP\BG1280UK.bmp O24 - Desktop BackupWallPaper: C:\APPS\DESKTOP\BG1280UK.bmp O32 - HKLM CDRom: AutoRun - 1 O34 - HKLM BootExecute: (autocheck autochk *) O35 - HKLM\..comfile [open] -- "%1" %* O35 - HKLM\..exefile [open] -- "%1" %* O37 - HKLM\...com [@ = comfile] -- "%1" %* O37 - HKLM\...exe [@ = exefile] -- "%1" %* O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3) O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2) ========== Files/Folders - Created Within 30 Days ========== [2027/03/30 21:52:20 | 000,000,000 | ---D | C] -- D:\Documents and Settings\neil fulton\Local Settings\Application Data\PCHealth [2027/03/24 23:04:39 | 000,000,000 | ---D | C] -- C:\WINDOWS\tmp [2013/07/07 18:24:50 | 000,144,896 | ---- | C] (Oracle Corporation) -- C:\WINDOWS\System32\javacpl.cpl [2013/07/07 18:24:47 | 000,263,592 | ---- | C] (Oracle Corporation) -- C:\WINDOWS\System32\javaws.exe [2013/07/07 18:24:42 | 000,175,016 | ---- | C] (Oracle Corporation) -- C:\WINDOWS\System32\javaw.exe [2013/07/07 18:24:42 | 000,175,016 | ---- | C] (Oracle Corporation) -- C:\WINDOWS\System32\java.exe [2013/07/07 18:24:42 | 000,094,632 | ---- | C] (Oracle Corporation) -- C:\WINDOWS\System32\WindowsAccessBridge.dll [2013/07/02 15:14:52 | 000,000,000 | ---D | C] -- D:\Documents and Settings\All Users\Start Menu\Programs\iTunes [2013/07/02 15:13:37 | 000,000,000 | ---D | C] -- C:\Program Files\iPod [2013/07/02 15:13:21 | 000,000,000 | ---D | C] -- C:\Program Files\iTunes [2013/07/02 15:13:21 | 000,000,000 | ---D | C] -- D:\Documents and Settings\All Users\Application Data\188F1432-103A-4ffb-80F1-36B633C5C9E1 [2013/07/02 15:06:28 | 000,000,000 | ---D | C] -- D:\Documents and Settings\All Users\Start Menu\Programs\QuickTime [2013/07/02 15:05:46 | 000,000,000 | ---D | C] -- C:\Program Files\QuickTime [2013/07/02 13:49:27 | 000,000,000 | ---D | C] -- D:\Documents and Settings\All Users\Application Data\Applications [2013/07/01 18:36:31 | 000,000,000 | ---D | C] -- D:\Documents and Settings\neil fulton\My Documents\Nokia Suite [2013/07/01 18:33:30 | 000,000,000 | ---D | C] -- D:\Documents and Settings\neil fulton\Application Data\Nokia Suite [2013/07/01 18:32:41 | 000,000,000 | ---D | C] -- D:\Documents and Settings\neil fulton\Application Data\Nokia [2013/07/01 18:30:11 | 000,026,112 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\usbser.sys [2013/07/01 18:29:57 | 000,000,000 | ---D | C] -- D:\Documents and Settings\neil fulton\Local Settings\Application Data\NokiaAccount [2013/06/30 20:03:00 | 000,000,000 | ---D | C] -- D:\Documents and Settings\neil fulton\Local Settings\Application Data\Nokia [2013/06/30 20:02:45 | 000,000,000 | ---D | C] -- D:\Documents and Settings\neil fulton\Application Data\PC Suite [2013/06/30 20:02:34 | 000,000,000 | ---D | C] -- D:\Documents and Settings\All Users\Application Data\PC Suite [2013/06/30 19:58:54 | 000,000,000 | ---D | C] -- D:\Documents and Settings\All Users\Start Menu\Programs\Nokia [2013/06/30 19:55:39 | 000,000,000 | ---D | C] -- D:\Documents and Settings\All Users\Application Data\Nokia [2013/06/30 19:55:39 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Nokia [2013/06/30 19:54:12 | 000,019,072 | ---- | C] (Nokia) -- C:\WINDOWS\System32\drivers\pccsmcfd.sys [2013/06/30 19:53:42 | 000,000,000 | ---D | C] -- C:\Program Files\PC Connectivity Solution [2013/06/30 19:53:26 | 000,008,576 | ---- | C] (Nokia) -- C:\WINDOWS\System32\drivers\nmwcdnsuc.sys [2013/06/30 19:53:25 | 000,137,600 | ---- | C] (Nokia) -- C:\WINDOWS\System32\drivers\nmwcdnsu.sys [2013/06/30 19:53:20 | 000,008,192 | ---- | C] (Nokia) -- C:\WINDOWS\System32\drivers\usbser_lowerfltj.sys [2013/06/30 19:53:17 | 000,008,192 | ---- | C] (Nokia) -- C:\WINDOWS\System32\drivers\usbser_lowerflt.sys [2013/06/30 19:53:15 | 000,023,168 | ---- | C] (Nokia) -- C:\WINDOWS\System32\drivers\ccdcmbo.sys [2013/06/30 19:53:10 | 001,461,992 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\wdfcoinstaller01009.dll [2013/06/30 19:53:10 | 000,123,904 | ---- | C] (Nokia) -- C:\WINDOWS\System32\ccdcmbwu.dll [2013/06/30 19:53:10 | 000,069,632 | ---- | C] (Nokia) -- C:\WINDOWS\System32\nmwcdcocls.dll [2013/06/30 19:53:10 | 000,018,560 | ---- | C] (Nokia) -- C:\WINDOWS\System32\drivers\ccdcmb.sys [2013/06/30 19:53:08 | 000,075,264 | ---- | C] (Nokia) -- C:\WINDOWS\System32\nmwcdcls.dll [2013/06/30 19:45:51 | 000,000,000 | ---D | C] -- D:\Documents and Settings\All Users\Application Data\NokiaInstallerCache [2013/06/30 19:45:51 | 000,000,000 | ---D | C] -- C:\Program Files\Nokia ========== Files - Modified Within 30 Days ========== [2013/07/10 13:41:00 | 000,000,830 | ---- | M] () -- C:\WINDOWS\tasks\Adobe Flash Player Updater.job [2013/07/10 13:39:02 | 000,000,896 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job [2013/07/10 13:39:00 | 000,000,892 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job [2013/07/10 13:14:23 | 000,000,384 | -H-- | M] () -- C:\WINDOWS\tasks\Microsoft Antimalware Scheduled Scan.job [2013/07/10 13:02:00 | 000,000,292 | ---- | M] () -- C:\WINDOWS\tasks\SmartDefrag_Startup.job [2013/07/10 13:01:56 | 000,001,158 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl [2013/07/10 13:01:54 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat [2013/07/10 13:01:52 | 1072,222,208 | -HS- | M] () -- C:\hiberfil.sys [2013/07/07 18:24:30 | 000,094,632 | ---- | M] (Oracle Corporation) -- C:\WINDOWS\System32\WindowsAccessBridge.dll [2013/07/07 18:24:24 | 000,263,592 | ---- | M] (Oracle Corporation) -- C:\WINDOWS\System32\javaws.exe [2013/07/07 18:24:24 | 000,175,016 | ---- | M] (Oracle Corporation) -- C:\WINDOWS\System32\javaw.exe [2013/07/07 18:24:23 | 000,175,016 | ---- | M] (Oracle Corporation) -- C:\WINDOWS\System32\java.exe [2013/07/07 18:24:23 | 000,144,896 | ---- | M] (Oracle Corporation) -- C:\WINDOWS\System32\javacpl.cpl [2013/07/07 18:24:21 | 000,867,240 | ---- | M] (Oracle Corporation) -- C:\WINDOWS\System32\npdeployJava1.dll [2013/07/07 18:24:21 | 000,789,416 | ---- | M] (Oracle Corporation) -- C:\WINDOWS\System32\deployJava1.dll [2013/07/07 14:42:45 | 000,253,472 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT [2013/07/07 14:37:31 | 000,564,082 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat [2013/07/07 14:37:31 | 000,113,670 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat [2013/07/07 14:32:39 | 000,001,355 | ---- | M] () -- C:\WINDOWS\imsins.BAK [2013/07/07 13:53:18 | 000,650,027 | ---- | M] () -- D:\Documents and Settings\neil fulton\Desktop\adwcleaner (1).exe [2013/07/02 15:14:52 | 000,001,463 | ---- | M] () -- D:\Documents and Settings\All Users\Desktop\iTunes.lnk [2013/07/02 15:06:28 | 000,001,501 | ---- | M] () -- D:\Documents and Settings\All Users\Desktop\QuickTime Player.lnk [2013/07/02 14:37:01 | 000,000,284 | ---- | M] () -- C:\WINDOWS\tasks\AppleSoftwareUpdate.job [2013/07/01 18:29:56 | 000,000,000 | -H-- | M] () -- C:\WINDOWS\System32\drivers\Msft_User_WpdMtpDr_01_00_00.Wdf [2013/07/01 18:29:49 | 000,000,000 | -H-- | M] () -- C:\WINDOWS\System32\drivers\Msft_Kernel_ccdcmb_01009.Wdf [2013/07/01 18:29:47 | 000,000,000 | -H-- | M] () -- C:\WINDOWS\System32\drivers\MsftWdf_Kernel_01009_Coinstaller_Critical.Wdf [2013/06/30 19:58:53 | 000,001,636 | ---- | M] () -- D:\Documents and Settings\All Users\Desktop\Nokia Suite.lnk ========== Files Created - No Company Name ========== [2013/07/07 13:52:48 | 000,650,027 | ---- | C] () -- D:\Documents and Settings\neil fulton\Desktop\adwcleaner (1).exe [2013/07/02 15:14:52 | 000,001,463 | ---- | C] () -- D:\Documents and Settings\All Users\Desktop\iTunes.lnk [2013/07/02 15:06:28 | 000,001,501 | ---- | C] () -- D:\Documents and Settings\All Users\Desktop\QuickTime Player.lnk [2013/07/01 18:29:56 | 000,000,000 | -H-- | C] () -- C:\WINDOWS\System32\drivers\Msft_User_WpdMtpDr_01_00_00.Wdf [2013/07/01 18:29:49 | 000,000,000 | -H-- | C] () -- C:\WINDOWS\System32\drivers\Msft_Kernel_ccdcmb_01009.Wdf [2013/07/01 18:29:47 | 000,000,000 | -H-- | C] () -- C:\WINDOWS\System32\drivers\MsftWdf_Kernel_01009_Coinstaller_Critical.Wdf [2013/06/30 19:58:52 | 000,001,636 | ---- | C] () -- D:\Documents and Settings\All Users\Desktop\Nokia Suite.lnk [2013/04/11 14:42:00 | 000,000,664 | ---- | C] () -- C:\WINDOWS\System32\d3d9caps.dat [2012/10/13 13:41:20 | 000,053,299 | ---- | C] () -- C:\WINDOWS\System32\pthreadVC.dll [2012/02/15 09:48:32 | 000,003,072 | ---- | C] () -- C:\WINDOWS\System32\iacenc.dll [2012/02/14 14:34:01 | 000,008,704 | ---- | C] () -- D:\Documents and Settings\neil fulton\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini [2012/02/11 20:57:31 | 000,058,872 | -H-- | C] () -- C:\WINDOWS\System32\mlfcache.dat [2011/12/29 23:00:59 | 000,020,312 | ---- | C] () -- C:\WINDOWS\System32\RegistryDefragBootTime.exe [2011/12/29 21:32:27 | 000,025,944 | ---- | C] () -- C:\WINDOWS\System32\SmartDefragBootTime.exe [2011/12/29 21:32:21 | 000,014,776 | ---- | C] () -- C:\WINDOWS\System32\drivers\SmartDefragDriver.sys [2011/12/29 17:40:39 | 001,072,544 | ---- | C] () -- C:\WINDOWS\System32\nvdrsdb1.bin [2011/12/29 17:40:39 | 001,072,544 | ---- | C] () -- C:\WINDOWS\System32\nvdrsdb0.bin [2011/12/29 17:40:39 | 000,000,001 | ---- | C] () -- C:\WINDOWS\System32\nvdrssel.bin [2011/12/29 17:39:22 | 002,816,504 | ---- | C] () -- C:\WINDOWS\System32\nvdata.data [2011/07/24 14:56:21 | 000,000,227 | ---- | C] () -- C:\WINDOWS\HP_CounterReport_Update_HPSU.ini [2011/07/24 14:56:00 | 000,000,214 | ---- | C] () -- C:\WINDOWS\HP_48BitScanUpdatePatch.ini [2011/07/24 14:52:12 | 000,000,221 | ---- | C] () -- C:\WINDOWS\HP_RedboxHprblog_HPSU.ini [2011/07/22 20:54:16 | 000,113,032 | ---- | C] () -- C:\WINDOWS\hpoins07.dat [2011/07/22 20:54:16 | 000,021,124 | ---- | C] () -- C:\WINDOWS\hpomdl07.dat [2007/05/20 19:38:23 | 000,001,755 | ---- | C] () -- D:\Documents and Settings\All Users\Application Data\QTSBandwidthCache ========== ZeroAccess Check ========== [2013/04/11 14:34:37 | 000,000,000 | -HSD | M] -- C:\RECYCLER\S-1-5-18\$0714c658809f9a76d159c2750deb5544\L [2013/04/11 15:47:25 | 000,000,000 | -HSD | M] -- C:\RECYCLER\S-1-5-18\$0714c658809f9a76d159c2750deb5544\U [2013/04/11 15:46:43 | 000,000,804 | ---- | M] () -- C:\RECYCLER\S-1-5-18\$0714c658809f9a76d159c2750deb5544\L\00000004.@ [2006/07/01 08:42:29 | 000,000,227 | RHS- | M] () -- C:\WINDOWS\assembly\Desktop.ini [HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] [HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] "ThreadingModel" = Both "" = shell32.dll -- [2012/06/08 15:26:20 | 008,462,848 | ---- | M] (Microsoft Corporation) [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] "" = %SystemRoot%\system32\shdocvw.dll -- [2008/04/14 01:12:05 | 001,499,136 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Apartment [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] "" = fastprox.dll -- [2009/02/09 13:10:48 | 000,473,600 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Free [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] "" = C:\WINDOWS\system32\wbem\wbemess.dll -- [2008/04/14 01:12:08 | 000,273,920 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Both < End of report >
- July 14, 2013
- 13 replies
bizcoaching!

suarezlfc replied to suarezlfc's topic in Tech Support & Discussions Forum

OTL logfile created on: 07/07/2013 17:52:30 - Run 2 OTL by OldTimer - Version 3.2.53.0 Folder = D:\Documents and Settings\neil fulton\Desktop Windows XP Home Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation Internet Explorer (Version = 8.0.6001.18702) Locale: 00000809 | Country: United Kingdom | Language: ENG | Date Format: dd/MM/yyyy 1022.48 Mb Total Physical Memory | 305.09 Mb Available Physical Memory | 29.84% Memory free 2.40 Gb Paging File | 1.72 Gb Available in Paging File | 71.89% Paging File free Paging file location(s): C:\pagefile.sys 0 0 [binary data] %SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files Drive C: | 37.80 Gb Total Space | 16.74 Gb Free Space | 44.28% Space Free | Partition Type: NTFS Drive D: | 111.24 Gb Total Space | 79.50 Gb Free Space | 71.47% Space Free | Partition Type: NTFS Computer Name: SN049765120045 | User Name: neil fulton | Logged in as Administrator. Boot Mode: Normal | Scan Mode: Current user Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days ========== Processes (SafeList) ========== PRC - D:\Documents and Settings\neil fulton\Local Settings\temp\jre-7u25-windows-i586-iftw.exe (Oracle Corporation) PRC - c:\Program Files\McAfee\SiteAdvisor\McSACore.exe (McAfee, Inc.) PRC - C:\Program Files\Nokia\Nokia Suite\NokiaSuite.exe (Nokia) PRC - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe (Nokia) PRC - C:\Program Files\PC Connectivity Solution\Transports\NclUSBSrv.exe (Nokia) PRC - C:\Program Files\PC Connectivity Solution\Transports\NclMSBTSrv.exe (Nokia) PRC - C:\Program Files\Java\jre7\bin\jqs.exe (Oracle Corporation) PRC - C:\Program Files\McAfee Security Scan\3.0.318\SSScheduler.exe (McAfee, Inc.) PRC - C:\Program Files\Microsoft Security Client\MsMpEng.exe (Microsoft Corporation) PRC - C:\Program Files\Microsoft Security Client\msseces.exe (Microsoft Corporation) PRC - D:\Documents and Settings\neil fulton\Desktop\OTL (1).exe (OldTimer Tools) PRC - C:\Program Files\Secunia\PSI\psia.exe (Secunia) PRC - C:\Program Files\Secunia\PSI\sua.exe (Secunia) PRC - C:\Program Files\Secunia\PSI\psi_tray.exe (Secunia) PRC - C:\Program Files\Virgin Media\Service Manager\ServicepointService.exe (Radialpoint SafeCare Inc.) PRC - C:\Program Files\LeapFrog\LeapFrog Connect\Monitor.exe (LeapFrog Enterprises, Inc.) PRC - C:\Program Files\LeapFrog\LeapFrog Connect\CommandService.exe (LeapFrog Enterprises, Inc.) PRC - C:\Program Files\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe (NVIDIA Corporation) PRC - C:\Program Files\IObit\Smart Defrag 2\SmartDefrag.exe (IObit) PRC - D:\Documents and Settings\neil fulton\Local Settings\Application Data\Google\Chrome\Application\chrome.exe (Google Inc.) PRC - C:\Program Files\Virgin Media\Digital Home Support\HsdService.exe (Virgin Media) PRC - C:\Program Files\Virgin Media\Digital Home Support\DHSClient.exe (Virgin Media) PRC - C:\Program Files\Virgin Broadband Wireless\Wireless Manager.exe (Affinegy, Inc.) PRC - C:\Program Files\Virgin Broadband Wireless\AffinegyService.exe (Affinegy, Inc.) PRC - C:\Program Files\Virgin Broadband Wireless\ndis_events.exe () PRC - C:\Program Files\WinPcap\rpcapd.exe (CACE Technologies) PRC - C:\WINDOWS\explorer.exe (Microsoft Corporation) PRC - C:\APPS\SMP\SMPSYS.EXE (Packard Bell BV) PRC - c:\APPS\Powercinema\Kernel\TV\CLSched.exe () PRC - c:\APPS\Powercinema\Kernel\TV\CLCapSvc.exe () PRC - C:\APPS\Powercinema\PCMService.exe (CyberLink Corp.) PRC - c:\APPS\Powercinema\Kernel\CLML_NTService\CLMLService.exe (Cyberlink) PRC - c:\APPS\Powercinema\Kernel\CLML_NTService\CLMLServer.exe (Cyberlink) PRC - C:\WINDOWS\sm56hlpr.exe (Motorola Inc.) PRC - C:\Program Files\Common Files\Ulead Systems\AutoDetector\Monitor.exe (Ulead Systems, Inc.) PRC - C:\Program Files\Goto Software\Vade Retro\Vaderetro_oe.exe () PRC - C:\Program Files\Common Files\AOL\ACS\AOLacsd.exe (America Online, Inc.) PRC - C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe (Ulead Systems, Inc.) ========== Modules (No Company Name) ========== MOD - D:\Documents and Settings\neil fulton\Application Data\Sun\Java\jre1.7.0_25\lzma.dll () MOD - C:\Program Files\Nokia\Nokia Suite\phonon4.dll () MOD - C:\Program Files\Nokia\Nokia Suite\qjson.dll () MOD - C:\Program Files\Nokia\Nokia Suite\QtXmlPatterns4.dll () MOD - C:\Program Files\Nokia\Nokia Suite\QtXml4.dll () MOD - C:\Program Files\Nokia\Nokia Suite\QtWebKit4.dll () MOD - C:\Program Files\Nokia\Nokia Suite\QtScript4.dll () MOD - C:\Program Files\Nokia\Nokia Suite\QtSql4.dll () MOD - C:\Program Files\Nokia\Nokia Suite\QtNetwork4.dll () MOD - C:\Program Files\Nokia\Nokia Suite\QtOpenGL4.dll () MOD - C:\Program Files\Nokia\Nokia Suite\QtGui4.dll () MOD - C:\Program Files\Nokia\Nokia Suite\QtMultimediaKit1.dll () MOD - C:\Program Files\Nokia\Nokia Suite\QtDeclarative4.dll () MOD - C:\Program Files\Nokia\Nokia Suite\QtCore4.dll () MOD - C:\Program Files\Nokia\Nokia Suite\sqldrivers\qsqlite4.dll () MOD - C:\Program Files\Nokia\Nokia Suite\Imageformats\qjpeg4.dll () MOD - C:\Program Files\Nokia\Nokia Suite\Imageformats\qico4.dll () MOD - C:\Program Files\Nokia\Nokia Suite\Imageformats\qgif4.dll () MOD - C:\Program Files\Nokia\Nokia Suite\NService.dll () MOD - C:\Program Files\Nokia\Nokia Suite\CommonUpdateChecker.dll () MOD - C:\Program Files\Nokia\Nokia Suite\ssoengine.dll () MOD - C:\Program Files\Nokia\Nokia Suite\securestorage.dll () MOD - C:\WINDOWS\system32\quartz.dll () MOD - C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll () MOD - C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll () MOD - C:\Program Files\LeapFrog\LeapFrog Connect\QtGui4.dll () MOD - C:\Program Files\LeapFrog\LeapFrog Connect\QtCore4.dll () MOD - C:\Program Files\IObit\Smart Defrag 2\NtfsData.dll () MOD - D:\Documents and Settings\neil fulton\Local Settings\Application Data\Google\Chrome\Application\11.0.696.65\ppgooglenaclpluginchrome.dll () MOD - D:\Documents and Settings\neil fulton\Local Settings\Application Data\Google\Chrome\Application\11.0.696.65\pdf.dll () MOD - D:\Documents and Settings\neil fulton\Local Settings\Application Data\Google\Chrome\Application\11.0.696.65\Locales\en-US.dll () MOD - D:\Documents and Settings\neil fulton\Local Settings\Application Data\Google\Chrome\Application\11.0.696.65\avutil-50.dll () MOD - D:\Documents and Settings\neil fulton\Local Settings\Application Data\Google\Chrome\Application\11.0.696.65\avformat-52.dll () MOD - D:\Documents and Settings\neil fulton\Local Settings\Application Data\Google\Chrome\Application\11.0.696.65\avcodec-52.dll () MOD - C:\Program Files\Virgin Broadband Wireless\AffinegyServicePS.dll () MOD - C:\Program Files\Virgin Broadband Wireless\ndis_events.exe () MOD - C:\WINDOWS\system32\pthreadVC.dll () MOD - C:\WINDOWS\system32\msdmo.dll () MOD - C:\WINDOWS\system32\devenum.dll () MOD - c:\APPS\Powercinema\Kernel\TV\CLSched.exe () MOD - c:\APPS\Powercinema\Kernel\TV\CLCapSvc.exe () MOD - c:\APPS\Powercinema\Kernel\TV\CLCapEngine.dll () MOD - c:\APPS\Powercinema\Kernel\TV\CLSchMgr.dll () MOD - c:\APPS\Powercinema\Kernel\TV\CLCapSvcps.dll () MOD - c:\APPS\Powercinema\Kernel\TV\CLSchedps.dll () MOD - C:\WINDOWS\sm56spn.dll () MOD - C:\WINDOWS\sm56jpn.dll () MOD - C:\WINDOWS\sm56itl.dll () MOD - C:\WINDOWS\sm56eng.dll () MOD - C:\WINDOWS\sm56ger.dll () MOD - C:\WINDOWS\sm56fra.dll () MOD - C:\WINDOWS\sm56brz.dll () MOD - C:\WINDOWS\sm56cht.dll () MOD - C:\WINDOWS\sm56chs.dll () MOD - C:\Program Files\Goto Software\Vade Retro\Vaderetro_oe.exe () MOD - C:\Program Files\Goto Software\Vade Retro\VrOe_hook.dll () MOD - C:\Program Files\Common Files\Ulead Systems\AutoDetector\DetMethod.dll () ========== Win32 Services (SafeList) ========== SRV - (HidServ) -- %SystemRoot%\System32\hidserv.dll File not found SRV - (AppMgmt) -- %SystemRoot%\System32\appmgmts.dll File not found SRV - (AdobeFlashPlayerUpdateSvc) -- C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe (Adobe Systems Incorporated) SRV - (McAfee SiteAdvisor Service) -- c:\Program Files\McAfee\SiteAdvisor\McSACore.exe (McAfee, Inc.) SRV - (ServiceLayer) -- C:\Program Files\PC Connectivity Solution\ServiceLayer.exe (Nokia) SRV - (JavaQuickStarterService) -- C:\Program Files\Java\jre7\bin\jqs.exe (Oracle Corporation) SRV - (McComponentHostService) -- C:\Program Files\McAfee Security Scan\3.0.318\McCHSvc.exe (McAfee, Inc.) SRV - (MsMpSvc) -- C:\Program Files\Microsoft Security Client\MsMpEng.exe (Microsoft Corporation) SRV - (Secunia PSI Agent) -- C:\Program Files\Secunia\PSI\psia.exe (Secunia) SRV - (Secunia Update Agent) -- C:\Program Files\Secunia\PSI\sua.exe (Secunia) SRV - (ServicepointService) -- C:\Program Files\Virgin Media\Service Manager\ServicepointService.exe (Radialpoint SafeCare Inc.) SRV - (LeapFrog Connect Device Service) -- C:\Program Files\LeapFrog\LeapFrog Connect\CommandService.exe (LeapFrog Enterprises, Inc.) SRV - (nvUpdatusService) -- C:\Program Files\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe (NVIDIA Corporation) SRV - (HsdService) -- C:\Program Files\Virgin Media\Digital Home Support\HsdService.exe (Virgin Media) SRV - (Steam Client Service) -- C:\Program Files\Common Files\Steam\SteamService.exe (Valve Corporation) SRV - (AffinegyService) -- C:\Program Files\Virgin Broadband Wireless\AffinegyService.exe (Affinegy, Inc.) SRV - (rpcapd) Remote Packet Capture Protocol v.0 (experimental) -- C:\Program Files\WinPcap\rpcapd.exe (CACE Technologies) SRV - (Pml Driver HPZ12) -- C:\WINDOWS\system32\HPZipm12.exe (HP) SRV - (CLSched) CyberLink Task Scheduler (CTS) -- c:\APPS\Powercinema\Kernel\TV\CLSched.exe () SRV - (CLCapSvc) CyberLink Background Capture Service (CBCS) -- c:\APPS\Powercinema\Kernel\TV\CLCapSvc.exe () SRV - (CyberLink Media Library Service) -- c:\APPS\Powercinema\Kernel\CLML_NTService\CLMLServer.exe (Cyberlink) SRV - (AOL ACS) -- C:\Program Files\Common Files\AOL\ACS\AOLacsd.exe (America Online, Inc.) SRV - (UleadBurningHelper) -- C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe (Ulead Systems, Inc.) ========== Driver Services (SafeList) ========== DRV - (AFGMp50) -- System32\Drivers\AFGMp50.sys File not found DRV - (nmwcdnsu) -- C:\WINDOWS\system32\drivers\nmwcdnsu.sys (Nokia) DRV - (nmwcdnsuc) -- C:\WINDOWS\system32\drivers\nmwcdnsuc.sys (Nokia) DRV - (nmwcdc) -- C:\WINDOWS\system32\drivers\ccdcmbo.sys (Nokia) DRV - (nmwcd) -- C:\WINDOWS\system32\drivers\ccdcmb.sys (Nokia) DRV - (UsbserFilt) -- C:\WINDOWS\system32\drivers\usbser_lowerfltj.sys (Nokia) DRV - (upperdev) -- C:\WINDOWS\system32\drivers\usbser_lowerflt.sys (Nokia) DRV - (pccsmcfd) -- C:\WINDOWS\system32\drivers\pccsmcfd.sys (Nokia) DRV - (PSI) -- C:\WINDOWS\system32\drivers\psi_mf.sys (Secunia) DRV - (Leapfrog-USBLAN) -- C:\WINDOWS\system32\drivers\btblan.sys (Belcarra Technologies) DRV - (SmartDefragDriver) -- C:\WINDOWS\system32\drivers\SmartDefragDriver.sys () DRV - (AFGSp50) -- C:\WINDOWS\system32\drivers\AFGSp50.sys (Printing Communications Assoc., Inc. (PCAUSA)) DRV - (NPF) -- C:\WINDOWS\system32\drivers\npf.sys (CACE Technologies) DRV - (FlyUsb) -- C:\WINDOWS\system32\drivers\FlyUsb.sys (LeapFrog) DRV - (ASCTRM) -- C:\WINDOWS\System32\drivers\asctrm.sys (Windows ® 2000 DDK provider) DRV - (IntcAzAudAddService) Service for Realtek HD Audio (WDM) -- C:\WINDOWS\system32\drivers\RtkHDAud.Sys (Realtek Semiconductor Corp.) DRV - (smserial) -- C:\WINDOWS\system32\drivers\smserial.sys (Motorola Inc.) DRV - (RTL8023xp) -- C:\WINDOWS\system32\drivers\Rtnicxp.sys (Realtek Semiconductor Corporation ) DRV - (HdAudAddService) -- C:\WINDOWS\system32\drivers\Hdaudio.sys (Windows ® Server 2003 DDK provider) DRV - (wanatw) WAN Miniport (ATW) -- C:\WINDOWS\system32\drivers\wanatw4.sys (America Online, Inc.) ========== Standard Registry (SafeList) ========== ========== Internet Explorer ========== IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com IE - HKLM\..\SearchScopes,DefaultScope = IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://search.live.com/results.aspx?q={searchTerms}&src={referrer:source?} IE - HKLM\..\SearchScopes\{7D1CC8B6-4271-40C8-BA9E-91854C72078F}: "URL" = http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7 IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.co.uk/ IE - HKCU\..\URLSearchHook: {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\Program Files\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.) IE - HKCU\..\SearchScopes,DefaultScope = IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC IE - HKCU\..\SearchScopes\{4E9D8D44-C087-446F-9AAF-32AED87212EA}: "URL" = http://www.bing.com/search?q={searchTerms}&r=468 IE - HKCU\..\SearchScopes\{601115BF-FE84-4E00-AAAE-281610222DF3}: "URL" = http://uk.search.yahoo.com/search?fr=mcafee&p={SearchTerms} IE - HKCU\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC IE - HKCU\..\SearchScopes\{7D1CC8B6-4271-40C8-BA9E-91854C72078F}: "URL" = http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7&rlz=1I7PRFB_enGB466 IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 ========== FireFox ========== FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\WINDOWS\system32\Macromed\Flash\NPSWF32_11_7_700_224.dll () FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\WINDOWS\system32\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.) FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll () FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.21.2: C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation) FF - HKLM\Software\MozillaPlugins\@mcafee.com/McAfeeMssPlugin: C:\Program Files\McAfee Security Scan\3.0.318\npMcAfeeMss.dll (McAfee, Inc.) FF - HKLM\Software\MozillaPlugins\@mcafee.com/SAFFPlugin: C:\Program Files\McAfee\SiteAdvisor\npmcffplg32.dll (McAfee, Inc.) FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@nokia.com/EnablerPlugin: C:\Program Files\Nokia\Nokia Suite\npNokiaSuiteEnabler.dll ( ) FF - HKLM\Software\MozillaPlugins\@radialpoint.com/SPA,version=1: C:\Program Files\Virgin Media\Service Manager\nprpspa.dll (Virgin Media) FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.21.149\npGoogleUpdate3.dll (Google Inc.) FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.21.149\npGoogleUpdate3.dll (Google Inc.) FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.) FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: D:\Documents and Settings\neil fulton\Local Settings\Application Data\Google\Update\1.3.21.53\npGoogleUpdate3.dll (Google Inc.) FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: D:\Documents and Settings\neil fulton\Local Settings\Application Data\Google\Update\1.3.21.53\npGoogleUpdate3.dll (Google Inc.) FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\jqs@sun.com: C:\Program Files\Java\jre6\lib\deploy\jqs\ff FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{4ED1F68A-5463-4931-9384-8FFF5ED91D92}: C:\Program Files\McAfee\SiteAdvisor [2013/06/02 09:46:36 | 000,000,000 | ---D | M] [2013/04/27 19:59:07 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions ========== Chrome ========== CHR - default_search_provider: Web Search (Enabled) CHR - default_search_provider: search_url = http://startsear.ch/?aff=1&src=sp&cf=697b68cc-191b-11e1-974c-0016e6106ffb&q={searchTerms} CHR - default_search_provider: suggest_url = CHR - plugin: Shockwave Flash (Enabled) = D:\Documents and Settings\neil fulton\Local Settings\Application Data\Google\Chrome\Application\11.0.696.65\gcswf32.dll CHR - plugin: Shockwave Flash (Enabled) = C:\WINDOWS\system32\Macromed\Flash\NPSWF32.dll CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files\QuickTime\plugins\npqtplugin.dll CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files\QuickTime\plugins\npqtplugin2.dll CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files\QuickTime\plugins\npqtplugin3.dll CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files\QuickTime\plugins\npqtplugin4.dll CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files\QuickTime\plugins\npqtplugin5.dll CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files\QuickTime\plugins\npqtplugin6.dll CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files\QuickTime\plugins\npqtplugin7.dll CHR - plugin: Adobe Acrobat (Disabled) = C:\Program Files\Adobe\Reader 10.0\Reader\Browser\nppdf32.dll CHR - plugin: Windows Media Player Plug-in Dynamic Link Library (Enabled) = C:\Program Files\Windows Media Player\npdsplay.dll CHR - plugin: Chrome PDF Viewer (Enabled) = D:\Documents and Settings\neil fulton\Local Settings\Application Data\Google\Chrome\Application\11.0.696.65\pdf.dll CHR - plugin: Chrome NaCl (Disabled) = D:\Documents and Settings\neil fulton\Local Settings\Application Data\Google\Chrome\Application\11.0.696.65\ppGoogleNaClPluginChrome.dll CHR - plugin: Google Gears 0.5.33.0 (Enabled) = D:\Documents and Settings\neil fulton\Local Settings\Application Data\Google\Chrome\Application\11.0.696.65\gears.dll CHR - plugin: McAfee SiteAdvisor (Enabled) = D:\Documents and Settings\neil fulton\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\fheoggkfdfchfphceeifdbepaooicaho\3.41.123.2_0\McChPlg.dll CHR - plugin: McAfee SiteAdvisor (Enabled) = C:\Program Files\McAfee\SiteAdvisor\npmcffplg32.dll CHR - plugin: vShare.tv plug-in (Enabled) = D:\Documents and Settings\neil fulton\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\kpionmjnkbpcdpcflammlgllecmejgjj\1.3_0\chvsharetvplg.dll CHR - plugin: Client Gateway 4.1.16 (Enabled) = D:\Documents and Settings\neil fulton\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\lmmhpfbhngkongobaoibpmnijjokabmj\1.0_0\nprpspa.dll CHR - plugin: Java Platform SE 7 U2 (Enabled) = C:\Program Files\Java\jre7\bin\new_plugin\npjp2.dll CHR - plugin: Microsoft DRM (Enabled) = C:\Program Files\Windows Media Player\npdrmv2.dll CHR - plugin: Microsoft DRM (Enabled) = C:\Program Files\Windows Media Player\npwmsdrm.dll CHR - plugin: Google Update (Enabled) = C:\Program Files\Google\Update\1.3.21.99\npGoogleUpdate3.dll CHR - plugin: MetaStream 3 Plugin (Enabled) = C:\Program Files\Viewpoint\Viewpoint Experience Technology\npViewpoint.dll CHR - plugin: iTunes Application Detector (Enabled) = C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll CHR - plugin: Windows Presentation Foundation (Enabled) = C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll CHR - plugin: Default Plug-in (Enabled) = default_plugin CHR - Extension: SiteAdvisor = D:\Documents and Settings\neil fulton\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\fheoggkfdfchfphceeifdbepaooicaho\3.6.2.1341_0\ CHR - Extension: vshare plugin = D:\Documents and Settings\neil fulton\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\kpionmjnkbpcdpcflammlgllecmejgjj\1.3_0\ CHR - Extension: Radialpoint SPD Extension = D:\Documents and Settings\neil fulton\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\lmmhpfbhngkongobaoibpmnijjokabmj\1.0_0\ O1 HOSTS File: ([2012/01/20 22:57:19 | 000,000,098 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\Hosts O1 - Hosts: 127.0.0.1 localhost O1 - Hosts: ::1 localhost O2 - BHO: (MSS+ Identifier) - {0E8A89AD-95D7-40EB-8D9D-083EF7066A01} - C:\Program Files\McAfee Security Scan\3.0.318\McAfeeMSS_IE.dll (McAfee, Inc.) O2 - BHO: (Java Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation) O2 - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.7.8313.1002\swg.dll (Google Inc.) O2 - BHO: (McAfee SiteAdvisor BHO) - {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - c:\Program Files\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.) O2 - BHO: (Java Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation) O3 - HKLM\..\Toolbar: (McAfee SiteAdvisor Toolbar) - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\Program Files\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.) O4 - HKLM..\Run: [APSDaemon] C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.) O4 - HKLM..\Run: [DHSClient.exe] C:\Program Files\Virgin Media\Digital Home Support\DHSClient.exe (Virgin Media) O4 - HKLM..\Run: [High Definition Audio Property Page Shortcut] C:\WINDOWS\System32\HdAShCut.exe (Windows ® Server 2003 DDK provider) O4 - HKLM..\Run: [iMJPMIG8.1] C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE (Microsoft Corporation) O4 - HKLM..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k File not found O4 - HKLM..\Run: [Monitor] C:\Program Files\LeapFrog\LeapFrog Connect\Monitor.exe (LeapFrog Enterprises, Inc.) O4 - HKLM..\Run: [MSC] C:\Program Files\Microsoft Security Client\msseces.exe (Microsoft Corporation) O4 - HKLM..\Run: [PCMService] c:\apps\Powercinema\PCMService.exe (CyberLink Corp.) O4 - HKLM..\Run: [PHIME2002A] C:\WINDOWS\System32\IME\TINTLGNT\TINTSETP.EXE (Microsoft Corporation) O4 - HKLM..\Run: [PHIME2002ASync] C:\WINDOWS\System32\IME\TINTLGNT\TINTSETP.EXE (Microsoft Corporation) O4 - HKLM..\Run: [serviceManager.exe] C:\Program Files\Virgin Media\Service Manager\ServiceManager.exe (Virgin Media) O4 - HKLM..\Run: [sMSERIAL] C:\WINDOWS\sm56hlpr.exe (Motorola Inc.) O4 - HKLM..\Run: [ulead AutoDetector v2] C:\Program Files\Common Files\Ulead Systems\AutoDetector\Monitor.exe (Ulead Systems, Inc.) O4 - HKLM..\Run: [Vade Retro Outlook Express] C:\Program Files\Goto Software\Vade Retro\Vaderetro_oe.exe () O4 - HKLM..\Run: [Wireless Manager] C:\Program Files\Virgin Broadband Wireless\Wireless Manager.exe (Affinegy, Inc.) O4 - HKCU..\Run: [] File not found O4 - HKCU..\Run: [NokiaSuite.exe] C:\Program Files\Nokia\Nokia Suite\NokiaSuite.exe (Nokia) O4 - HKCU..\Run: [smpcSys] C:\APPS\SMP\SMPSYS.EXE (Packard Bell BV) O4 - HKCU..\Run: [steam] C:\Program Files\Steam\Steam.exe (Valve Corporation) O4 - Startup: D:\Documents and Settings\All Users\Start Menu\Programs\Startup\McAfee Security Scan Plus.lnk = C:\Program Files\McAfee Security Scan\3.0.318\SSScheduler.exe (McAfee, Inc.) O4 - Startup: D:\Documents and Settings\All Users\Start Menu\Programs\Startup\Secunia PSI Tray.lnk = C:\Program Files\Secunia\PSI\psi_tray.exe (Secunia) O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Infodelivery present O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0 O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323 O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863 O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0 O10 - Protocol_Catalog9\Catalog_Entries\000000000004 - mswsock.dll File not found O10 - Protocol_Catalog9\Catalog_Entries\000000000005 - mswsock.dll File not found O15 - HKCU\..Trusted Domains: aol.com ([objects] * is out of zone range - 5) O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} http://www.update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1365692516062 (WUWebControl Class) O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.macromedia.com/pub/shockwave/cabs/flash/swflash.cab (Shockwave Flash Object) O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{FDDA3FEC-98C4-4888-880B-B2077EF2D21C}: DhcpNameServer = 192.168.1.1 O18 - Protocol\Handler\dssrequest {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.) O18 - Protocol\Handler\sacore {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.) O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation) O20 - HKLM Winlogon: UserInit - (C:\WINDOWS\system32\userinit.exe) - C:\WINDOWS\system32\userinit.exe (Microsoft Corporation) O24 - Desktop WallPaper: C:\APPS\DESKTOP\BG1280UK.bmp O24 - Desktop BackupWallPaper: C:\APPS\DESKTOP\BG1280UK.bmp O32 - HKLM CDRom: AutoRun - 1 O34 - HKLM BootExecute: (autocheck autochk *) O35 - HKLM\..comfile [open] -- "%1" %* O35 - HKLM\..exefile [open] -- "%1" %* O37 - HKLM\...com [@ = comfile] -- "%1" %* O37 - HKLM\...exe [@ = exefile] -- "%1" %* O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3) O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2) NetSvcs: 6to4 - File not found NetSvcs: AppMgmt - %SystemRoot%\System32\appmgmts.dll File not found NetSvcs: HidServ - %SystemRoot%\System32\hidserv.dll File not found NetSvcs: Ias - File not found NetSvcs: Iprip - File not found NetSvcs: Irmon - File not found NetSvcs: NWCWorkstation - File not found NetSvcs: Nwsapagent - File not found NetSvcs: WmdmPmSp - File not found MsConfig - StartUpReg: CTFMON.EXE - hkey= - key= - Reg Error: Value error. File not found MsConfig - StartUpReg: HP Software Update - hkey= - key= - Reg Error: Value error. File not found MsConfig - StartUpReg: NvCplDaemon - hkey= - key= - Reg Error: Value error. File not found MsConfig - StartUpReg: nwiz - hkey= - key= - Reg Error: Value error. File not found MsConfig - StartUpReg: QuickTime Task - hkey= - key= - Reg Error: Value error. File not found MsConfig - StartUpReg: RealTray - hkey= - key= - Reg Error: Value error. File not found CREATERESTOREPOINT Restore point Set: OTL Restore Point ========== Files/Folders - Created Within 30 Days ========== [2027/03/30 21:52:20 | 000,000,000 | ---D | C] -- D:\Documents and Settings\neil fulton\Local Settings\Application Data\PCHealth [2027/03/24 23:04:39 | 000,000,000 | ---D | C] -- C:\WINDOWS\tmp [2013/07/02 15:14:52 | 000,000,000 | ---D | C] -- D:\Documents and Settings\All Users\Start Menu\Programs\iTunes [2013/07/02 15:13:37 | 000,000,000 | ---D | C] -- C:\Program Files\iPod [2013/07/02 15:13:21 | 000,000,000 | ---D | C] -- C:\Program Files\iTunes [2013/07/02 15:13:21 | 000,000,000 | ---D | C] -- D:\Documents and Settings\All Users\Application Data\188F1432-103A-4ffb-80F1-36B633C5C9E1 [2013/07/02 15:06:28 | 000,000,000 | ---D | C] -- D:\Documents and Settings\All Users\Start Menu\Programs\QuickTime [2013/07/02 15:05:46 | 000,000,000 | ---D | C] -- C:\Program Files\QuickTime [2013/07/02 13:49:27 | 000,000,000 | ---D | C] -- D:\Documents and Settings\All Users\Application Data\Applications [2013/07/01 18:36:31 | 000,000,000 | ---D | C] -- D:\Documents and Settings\neil fulton\My Documents\Nokia Suite [2013/07/01 18:33:30 | 000,000,000 | ---D | C] -- D:\Documents and Settings\neil fulton\Application Data\Nokia Suite [2013/07/01 18:32:41 | 000,000,000 | ---D | C] -- D:\Documents and Settings\neil fulton\Application Data\Nokia [2013/07/01 18:30:11 | 000,026,112 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\usbser.sys [2013/07/01 18:29:57 | 000,000,000 | ---D | C] -- D:\Documents and Settings\neil fulton\Local Settings\Application Data\NokiaAccount [2013/06/30 20:03:00 | 000,000,000 | ---D | C] -- D:\Documents and Settings\neil fulton\Local Settings\Application Data\Nokia [2013/06/30 20:02:45 | 000,000,000 | ---D | C] -- D:\Documents and Settings\neil fulton\Application Data\PC Suite [2013/06/30 20:02:34 | 000,000,000 | ---D | C] -- D:\Documents and Settings\All Users\Application Data\PC Suite [2013/06/30 19:58:54 | 000,000,000 | ---D | C] -- D:\Documents and Settings\All Users\Start Menu\Programs\Nokia [2013/06/30 19:55:39 | 000,000,000 | ---D | C] -- D:\Documents and Settings\All Users\Application Data\Nokia [2013/06/30 19:55:39 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Nokia [2013/06/30 19:54:12 | 000,019,072 | ---- | C] (Nokia) -- C:\WINDOWS\System32\drivers\pccsmcfd.sys [2013/06/30 19:53:42 | 000,000,000 | ---D | C] -- C:\Program Files\PC Connectivity Solution [2013/06/30 19:53:26 | 000,008,576 | ---- | C] (Nokia) -- C:\WINDOWS\System32\drivers\nmwcdnsuc.sys [2013/06/30 19:53:25 | 000,137,600 | ---- | C] (Nokia) -- C:\WINDOWS\System32\drivers\nmwcdnsu.sys [2013/06/30 19:53:20 | 000,008,192 | ---- | C] (Nokia) -- C:\WINDOWS\System32\drivers\usbser_lowerfltj.sys [2013/06/30 19:53:17 | 000,008,192 | ---- | C] (Nokia) -- C:\WINDOWS\System32\drivers\usbser_lowerflt.sys [2013/06/30 19:53:15 | 000,023,168 | ---- | C] (Nokia) -- C:\WINDOWS\System32\drivers\ccdcmbo.sys [2013/06/30 19:53:10 | 001,461,992 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\wdfcoinstaller01009.dll [2013/06/30 19:53:10 | 000,123,904 | ---- | C] (Nokia) -- C:\WINDOWS\System32\ccdcmbwu.dll [2013/06/30 19:53:10 | 000,069,632 | ---- | C] (Nokia) -- C:\WINDOWS\System32\nmwcdcocls.dll [2013/06/30 19:53:10 | 000,018,560 | ---- | C] (Nokia) -- C:\WINDOWS\System32\drivers\ccdcmb.sys [2013/06/30 19:53:08 | 000,075,264 | ---- | C] (Nokia) -- C:\WINDOWS\System32\nmwcdcls.dll [2013/06/30 19:45:51 | 000,000,000 | ---D | C] -- D:\Documents and Settings\All Users\Application Data\NokiaInstallerCache [2013/06/30 19:45:51 | 000,000,000 | ---D | C] -- C:\Program Files\Nokia ========== Files - Modified Within 30 Days ========== [2013/07/07 17:44:53 | 000,000,384 | -H-- | M] () -- C:\WINDOWS\tasks\Microsoft Antimalware Scheduled Scan.job [2013/07/07 17:41:00 | 000,000,830 | ---- | M] () -- C:\WINDOWS\tasks\Adobe Flash Player Updater.job [2013/07/07 17:34:13 | 000,000,896 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job [2013/07/07 17:32:37 | 000,000,892 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job [2013/07/07 17:32:37 | 000,000,292 | ---- | M] () -- C:\WINDOWS\tasks\SmartDefrag_Startup.job [2013/07/07 17:32:29 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat [2013/07/07 17:32:27 | 1072,222,208 | -HS- | M] () -- C:\hiberfil.sys [2013/07/07 14:42:45 | 000,253,472 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT [2013/07/07 14:37:31 | 000,564,082 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat [2013/07/07 14:37:31 | 000,113,670 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat [2013/07/07 14:32:39 | 000,001,355 | ---- | M] () -- C:\WINDOWS\imsins.BAK [2013/07/07 13:53:18 | 000,650,027 | ---- | M] () -- D:\Documents and Settings\neil fulton\Desktop\adwcleaner (1).exe [2013/07/05 17:13:33 | 000,001,158 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl [2013/07/02 15:14:52 | 000,001,463 | ---- | M] () -- D:\Documents and Settings\All Users\Desktop\iTunes.lnk [2013/07/02 15:06:28 | 000,001,501 | ---- | M] () -- D:\Documents and Settings\All Users\Desktop\QuickTime Player.lnk [2013/07/02 14:37:01 | 000,000,284 | ---- | M] () -- C:\WINDOWS\tasks\AppleSoftwareUpdate.job [2013/07/01 18:29:56 | 000,000,000 | -H-- | M] () -- C:\WINDOWS\System32\drivers\Msft_User_WpdMtpDr_01_00_00.Wdf [2013/07/01 18:29:49 | 000,000,000 | -H-- | M] () -- C:\WINDOWS\System32\drivers\Msft_Kernel_ccdcmb_01009.Wdf [2013/07/01 18:29:47 | 000,000,000 | -H-- | M] () -- C:\WINDOWS\System32\drivers\MsftWdf_Kernel_01009_Coinstaller_Critical.Wdf [2013/06/30 19:58:53 | 000,001,636 | ---- | M] () -- D:\Documents and Settings\All Users\Desktop\Nokia Suite.lnk [2013/06/08 11:41:22 | 000,692,104 | ---- | M] (Adobe Systems Incorporated) -- C:\WINDOWS\System32\FlashPlayerApp.exe [2013/06/08 11:41:22 | 000,071,048 | ---- | M] (Adobe Systems Incorporated) -- C:\WINDOWS\System32\FlashPlayerCPLApp.cpl [2013/06/07 23:55:44 | 000,385,024 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\html.iec [2013/06/07 22:56:06 | 006,017,536 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mshtml.dll [2013/06/07 22:56:06 | 001,215,488 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\urlmon.dll [2013/06/07 22:56:06 | 000,920,064 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wininet.dll [2013/06/07 22:56:06 | 000,759,296 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\vgx.dll [2013/06/07 22:56:06 | 000,630,272 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\msfeeds.dll [2013/06/07 22:56:06 | 000,630,272 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msfeeds.dll [2013/06/07 22:56:06 | 000,611,840 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\mstime.dll [2013/06/07 22:56:06 | 000,611,840 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mstime.dll [2013/06/07 22:56:06 | 000,522,240 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\jsdbgui.dll [2013/06/07 22:56:06 | 000,206,848 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\occache.dll [2013/06/07 22:56:06 | 000,105,984 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\url.dll [2013/06/07 22:56:06 | 000,105,984 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\url.dll [2013/06/07 22:56:06 | 000,067,072 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mshtmled.dll [2013/06/07 22:56:06 | 000,055,296 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\msfeedsbs.dll [2013/06/07 22:56:06 | 000,055,296 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msfeedsbs.dll [2013/06/07 22:56:06 | 000,043,520 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\licmgr10.dll [2013/06/07 22:56:06 | 000,043,520 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\licmgr10.dll [2013/06/07 22:56:06 | 000,025,600 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\jsproxy.dll [2013/06/07 22:56:06 | 000,025,600 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\jsproxy.dll [2013/06/07 22:56:05 | 011,112,960 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ieframe.dll [2013/06/07 22:56:05 | 002,005,504 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\iertutil.dll [2013/06/07 22:56:05 | 001,469,440 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\inetcpl.cpl [2013/06/07 22:56:05 | 001,469,440 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\inetcpl.cpl [2013/06/07 22:56:05 | 000,743,424 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\iedvtool.dll [2013/06/07 22:56:05 | 000,387,584 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\iedkcs32.dll [2013/06/07 22:56:05 | 000,387,584 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\iedkcs32.dll [2013/06/07 22:56:05 | 000,184,320 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\iepeers.dll [2013/06/07 22:56:05 | 000,184,320 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\iepeers.dll [2013/06/07 19:26:09 | 000,174,592 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\ie4uinit.exe [2013/06/07 19:26:09 | 000,174,592 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ie4uinit.exe ========== Files Created - No Company Name ========== [2013/07/07 13:52:48 | 000,650,027 | ---- | C] () -- D:\Documents and Settings\neil fulton\Desktop\adwcleaner (1).exe [2013/07/02 15:14:52 | 000,001,463 | ---- | C] () -- D:\Documents and Settings\All Users\Desktop\iTunes.lnk [2013/07/02 15:06:28 | 000,001,501 | ---- | C] () -- D:\Documents and Settings\All Users\Desktop\QuickTime Player.lnk [2013/07/01 18:29:56 | 000,000,000 | -H-- | C] () -- C:\WINDOWS\System32\drivers\Msft_User_WpdMtpDr_01_00_00.Wdf [2013/07/01 18:29:49 | 000,000,000 | -H-- | C] () -- C:\WINDOWS\System32\drivers\Msft_Kernel_ccdcmb_01009.Wdf [2013/07/01 18:29:47 | 000,000,000 | -H-- | C] () -- C:\WINDOWS\System32\drivers\MsftWdf_Kernel_01009_Coinstaller_Critical.Wdf [2013/06/30 19:58:52 | 000,001,636 | ---- | C] () -- D:\Documents and Settings\All Users\Desktop\Nokia Suite.lnk [2013/04/11 14:42:00 | 000,000,664 | ---- | C] () -- C:\WINDOWS\System32\d3d9caps.dat [2012/10/13 13:41:20 | 000,053,299 | ---- | C] () -- C:\WINDOWS\System32\pthreadVC.dll [2012/02/15 09:48:32 | 000,003,072 | ---- | C] () -- C:\WINDOWS\System32\iacenc.dll [2012/02/14 14:34:01 | 000,008,704 | ---- | C] () -- D:\Documents and Settings\neil fulton\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini [2012/02/11 20:57:31 | 000,058,872 | -H-- | C] () -- C:\WINDOWS\System32\mlfcache.dat [2011/12/29 23:00:59 | 000,020,312 | ---- | C] () -- C:\WINDOWS\System32\RegistryDefragBootTime.exe [2011/12/29 21:32:27 | 000,025,944 | ---- | C] () -- C:\WINDOWS\System32\SmartDefragBootTime.exe [2011/12/29 21:32:21 | 000,014,776 | ---- | C] () -- C:\WINDOWS\System32\drivers\SmartDefragDriver.sys [2011/12/29 17:40:39 | 001,072,544 | ---- | C] () -- C:\WINDOWS\System32\nvdrsdb1.bin [2011/12/29 17:40:39 | 001,072,544 | ---- | C] () -- C:\WINDOWS\System32\nvdrsdb0.bin [2011/12/29 17:40:39 | 000,000,001 | ---- | C] () -- C:\WINDOWS\System32\nvdrssel.bin [2011/12/29 17:39:22 | 002,816,504 | ---- | C] () -- C:\WINDOWS\System32\nvdata.data [2011/07/24 14:56:21 | 000,000,227 | ---- | C] () -- C:\WINDOWS\HP_CounterReport_Update_HPSU.ini [2011/07/24 14:56:00 | 000,000,214 | ---- | C] () -- C:\WINDOWS\HP_48BitScanUpdatePatch.ini [2011/07/24 14:52:12 | 000,000,221 | ---- | C] () -- C:\WINDOWS\HP_RedboxHprblog_HPSU.ini [2011/07/22 20:54:16 | 000,113,032 | ---- | C] () -- C:\WINDOWS\hpoins07.dat [2011/07/22 20:54:16 | 000,021,124 | ---- | C] () -- C:\WINDOWS\hpomdl07.dat [2007/05/20 19:38:23 | 000,001,755 | ---- | C] () -- D:\Documents and Settings\All Users\Application Data\QTSBandwidthCache ========== LOP Check ========== [2013/07/02 15:14:46 | 000,000,000 | ---D | M] -- D:\Documents and Settings\All Users\Application Data\188F1432-103A-4ffb-80F1-36B633C5C9E1 [2010/08/05 10:34:32 | 000,000,000 | ---D | M] -- D:\Documents and Settings\All Users\Application Data\2032C [2011/09/04 16:03:37 | 000,000,000 | ---D | M] -- D:\Documents and Settings\All Users\Application Data\2537A [2009/08/09 19:08:24 | 000,000,000 | ---D | M] -- D:\Documents and Settings\All Users\Application Data\AdventureChronicles1 [2012/10/13 13:41:19 | 000,000,000 | ---D | M] -- D:\Documents and Settings\All Users\Application Data\Affinegy [2013/07/02 13:49:27 | 000,000,000 | ---D | M] -- D:\Documents and Settings\All Users\Application Data\Applications [2013/06/06 19:57:15 | 000,000,000 | ---D | M] -- D:\Documents and Settings\All Users\Application Data\AVG2013 [2010/08/05 10:51:19 | 000,000,000 | ---D | M] -- D:\Documents and Settings\All Users\Application Data\BabylonIM [2009/07/14 18:06:51 | 000,000,000 | ---D | M] -- D:\Documents and Settings\All Users\Application Data\Beanbag Studios [2011/05/01 19:36:55 | 000,000,000 | ---D | M] -- D:\Documents and Settings\All Users\Application Data\Big Fish Games [2011/05/10 13:40:34 | 000,000,000 | ---D | M] -- D:\Documents and Settings\All Users\Application Data\cN01803FfCfF01803 [2012/01/17 19:13:47 | 000,000,000 | -H-D | M] -- D:\Documents and Settings\All Users\Application Data\Common Files [2011/12/29 22:12:07 | 000,000,000 | ---D | M] -- D:\Documents and Settings\All Users\Application Data\IObit [2009/07/04 22:33:56 | 000,000,000 | ---D | M] -- D:\Documents and Settings\All Users\Application Data\JollyBear [2011/11/13 14:47:51 | 000,000,000 | ---D | M] -- D:\Documents and Settings\All Users\Application Data\Leapfrog [2013/06/06 20:00:25 | 000,000,000 | ---D | M] -- D:\Documents and Settings\All Users\Application Data\MFAData [2009/03/07 13:42:18 | 000,000,000 | ---D | M] -- D:\Documents and Settings\All Users\Application Data\MGS [2009/03/07 13:39:09 | 000,000,000 | ---D | M] -- D:\Documents and Settings\All Users\Application Data\Microgaming [2013/06/30 20:01:44 | 000,000,000 | ---D | M] -- D:\Documents and Settings\All Users\Application Data\Nokia [2013/06/30 19:45:51 | 000,000,000 | ---D | M] -- D:\Documents and Settings\All Users\Application Data\NokiaInstallerCache [2009/07/04 23:37:32 | 000,000,000 | ---D | M] -- D:\Documents and Settings\All Users\Application Data\Oberonv1005 [2006/04/20 16:49:05 | 000,000,000 | ---D | M] -- D:\Documents and Settings\All Users\Application Data\OD2 [2013/06/30 20:02:34 | 000,000,000 | ---D | M] -- D:\Documents and Settings\All Users\Application Data\PC Suite [2009/07/14 17:54:44 | 000,000,000 | ---D | M] -- D:\Documents and Settings\All Users\Application Data\PlayFirst [2009/08/10 18:48:02 | 000,000,000 | ---D | M] -- D:\Documents and Settings\All Users\Application Data\Product [2009/08/10 18:48:02 | 000,000,000 | ---D | M] -- D:\Documents and Settings\All Users\Application Data\QuickClick [2013/07/07 17:35:04 | 000,000,000 | ---D | M] -- D:\Documents and Settings\All Users\Application Data\Radialpoint [2009/07/06 22:06:53 | 000,000,000 | ---D | M] -- D:\Documents and Settings\All Users\Application Data\SpinTop Games [2007/10/23 11:31:30 | 000,000,000 | ---D | M] -- D:\Documents and Settings\All Users\Application Data\STOPzilla! [2011/05/02 18:41:54 | 000,000,000 | ---D | M] -- D:\Documents and Settings\All Users\Application Data\TEMP [2009/07/13 00:20:21 | 000,000,000 | ---D | M] -- D:\Documents and Settings\All Users\Application Data\The Game Equation [2009/10/16 15:20:34 | 000,000,000 | ---D | M] -- D:\Documents and Settings\All Users\Application Data\Ulead Systems [2006/07/01 08:57:55 | 000,000,000 | ---D | M] -- D:\Documents and Settings\All Users\Application Data\VadeRetro [2012/01/19 20:39:37 | 000,000,000 | ---D | M] -- D:\Documents and Settings\All Users\Application Data\Virgin Media [2010/10/11 22:07:45 | 000,000,000 | ---D | M] -- D:\Documents and Settings\All Users\Application Data\Zylom [2010/08/05 09:24:33 | 000,000,000 | -H-D | M] -- D:\Documents and Settings\All Users\Application Data\{1A458D70-B989-4B6C-8D14-6475A477F678} [2011/09/11 16:22:58 | 000,000,000 | ---D | M] -- D:\Documents and Settings\All Users\Application Data\{429CAD59-35B1-4DBC-BB6D-1DB246563521} [2011/05/15 21:23:15 | 000,000,000 | ---D | M] -- D:\Documents and Settings\neil fulton\Application Data\asoftech [2013/04/11 22:17:42 | 000,000,000 | ---D | M] -- D:\Documents and Settings\neil fulton\Application Data\AVG2013 [2012/12/12 21:31:36 | 000,000,000 | ---D | M] -- D:\Documents and Settings\neil fulton\Application Data\Azureus [2012/12/03 00:05:21 | 000,000,000 | ---D | M] -- D:\Documents and Settings\neil fulton\Application Data\BitLord [2011/09/06 13:44:44 | 000,000,000 | ---D | M] -- D:\Documents and Settings\neil fulton\Application Data\bsbandmltbpi [2011/12/29 21:47:21 | 000,000,000 | ---D | M] -- D:\Documents and Settings\neil fulton\Application Data\IObit [2013/07/01 18:33:24 | 000,000,000 | ---D | M] -- D:\Documents and Settings\neil fulton\Application Data\Nokia [2013/07/02 13:31:14 | 000,000,000 | ---D | M] -- D:\Documents and Settings\neil fulton\Application Data\Nokia Suite [2011/09/04 17:07:30 | 000,000,000 | ---D | M] -- D:\Documents and Settings\neil fulton\Application Data\OD2 [2013/07/01 18:32:29 | 000,000,000 | ---D | M] -- D:\Documents and Settings\neil fulton\Application Data\PC Suite [2013/04/30 10:16:51 | 000,000,000 | ---D | M] -- D:\Documents and Settings\neil fulton\Application Data\player [2012/12/02 23:57:49 | 000,000,000 | ---D | M] -- D:\Documents and Settings\neil fulton\Application Data\Python-Eggs [2013/06/29 20:05:33 | 000,000,000 | ---D | M] -- D:\Documents and Settings\neil fulton\Application Data\Radialpoint [2011/12/27 13:39:25 | 000,000,000 | ---D | M] -- D:\Documents and Settings\neil fulton\Application Data\Sports Interactive [2013/04/11 22:12:32 | 000,000,000 | ---D | M] -- D:\Documents and Settings\neil fulton\Application Data\TuneUp Software [2011/05/10 16:28:17 | 000,000,000 | ---D | M] -- D:\Documents and Settings\neil fulton\Application Data\Ulead Systems [2011/05/09 17:09:41 | 000,000,000 | ---D | M] -- D:\Documents and Settings\neil fulton\Application Data\VadeRetro [2012/01/19 14:01:39 | 000,000,000 | ---D | M] -- D:\Documents and Settings\neil fulton\Application Data\Virgin Media [2013/07/07 17:32:37 | 000,000,292 | ---- | M] () -- C:\WINDOWS\Tasks\SmartDefrag_Startup.job ========== Purity Check ========== ========== Custom Scans ========== ========== Drive Information ========== Physical Drives --------------- Drive: \\\\.\\PHYSICALDRIVE0 - Fixed\thard disk media Interface type: IDE Media Type: Fixed\thard disk media Model: ST3160812AS Partitions: 2 Status: OK Status Info: 0 Drive: \\\\.\\PHYSICALDRIVE1 - Interface type: USB Media Type: Model: Generic USB SD Reader USB Device Partitions: 0 Status: OK Status Info: 0 Drive: \\\\.\\PHYSICALDRIVE2 - Interface type: USB Media Type: Model: Generic USB CF Reader USB Device Partitions: 0 Status: OK Status Info: 0 Drive: \\\\.\\PHYSICALDRIVE3 - Interface type: USB Media Type: Model: Generic USB SM Reader USB Device Partitions: 0 Status: OK Status Info: 0 Drive: \\\\.\\PHYSICALDRIVE4 - Interface type: USB Media Type: Model: Generic USB MS Reader USB Device Partitions: 0 Status: OK Status Info: 0 Partitions --------------- DeviceID: Disk #0, Partition #0 PartitionType: Installable File System Bootable: True BootPartition: True PrimaryPartition: True Size: 38.00GB Starting Offset: 32256 Hidden sectors: 0 DeviceID: Disk #0, Partition #1 PartitionType: Installable File System Bootable: False BootPartition: False PrimaryPartition: True Size: 111.00GB Starting Offset: 40591756800 Hidden sectors: 0 < %SYSTEMDRIVE%\*.* > [2006/07/01 08:53:44 | 000,000,210 | RHS- | M] () -- C:\BOOT.BAK [2006/07/01 09:28:19 | 000,000,281 | RHS- | M] () -- C:\BOOT.INI [2004/08/04 14:00:00 | 000,260,272 | RHS- | M] () -- C:\cmldr [2006/07/01 08:10:44 | 000,006,053 | ---- | M] () -- C:\DWNLOG.TXT [2013/07/07 17:32:27 | 1072,222,208 | -HS- | M] () -- C:\hiberfil.sys [2006/07/01 08:55:19 | 000,000,000 | RHS- | M] () -- C:\IO.SYS [2006/07/01 08:57:04 | 000,000,880 | -H-- | M] () -- C:\IPH.PH [2006/07/01 08:10:44 | 000,006,053 | ---- | M] () -- C:\MCDLOG.TXT [2006/07/01 08:55:19 | 000,000,000 | RHS- | M] () -- C:\MSDOS.SYS [2004/08/04 14:00:00 | 000,047,564 | ---- | M] () -- C:\NTDETECT.COM [2011/11/20 20:07:59 | 000,250,048 | ---- | M] () -- C:\NTLDR [2013/07/07 17:32:26 | 1608,224,768 | -HS- | M] () -- C:\pagefile.sys [2006/04/20 11:01:26 | 000,001,128 | ---- | M] () -- C:\SAUDIT.TXT [2006/07/01 08:10:44 | 000,000,000 | ---- | M] () -- C:\UPDFLOP.TAG < %systemroot%\system32\Spool\prtprocs\w32x86\*.dll > [2008/07/06 13:06:10 | 000,089,088 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\Spool\prtprocs\w32x86\filterpipelineprintproc.dll < %systemroot%\*. /mp /s > < %systemroot%\system32\*.dll /lockedfiles > < %systemroot%\Tasks\*.job /lockedfiles > < %systemroot%\system32\drivers\*.sys /lockedfiles > < %systemroot%\system32\*.exe /lockedfiles > < %systemroot%\System32\config\*.sav > [2004/08/10 16:46:06 | 000,094,208 | ---- | M] () -- C:\WINDOWS\System32\config\default.sav [2004/08/10 16:46:06 | 000,634,880 | ---- | M] () -- C:\WINDOWS\System32\config\software.sav [2004/08/10 16:46:06 | 000,847,872 | ---- | M] () -- C:\WINDOWS\System32\config\system.sav < %PROGRAMFILES%\* > < %USERPROFILE%\..|smtmp;true;true;true /FP > < HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Win dows\WindowsUpdate\AU > < hklm\software\clients\startmenuinternet|command /rs > HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\aol.exe\InstallInfo\\ReinstallCommand: C:\PROGRA~1\AOL9~1.0\accdef.exe -rb [2005/03/08 06:02:40 | 000,016,496 | ---- | M] (America Online, Inc.) HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\aol.exe\InstallInfo\\HideIconsCommand: C:\PROGRA~1\AOL9~1.0\accdef.exe -hb [2005/03/08 06:02:40 | 000,016,496 | ---- | M] (America Online, Inc.) HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\aol.exe\InstallInfo\\ShowIconsCommand: C:\PROGRA~1\AOL9~1.0\accdef.exe -sb [2005/03/08 06:02:40 | 000,016,496 | ---- | M] (America Online, Inc.) HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\aol.exe\shell\open\command\\: C:\PROGRA~1\AOL9~1.0\aol.exe [2005/03/08 06:03:18 | 000,038,000 | ---- | M] (America Online, Inc.) HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\chrome.exe\shell\open\command\\: "D:\Documents and Settings\neil fulton\Local Settings\Application Data\Google\Chrome\Application\chrome.exe" [2011/05/06 20:50:10 | 001,010,232 | ---- | M] (Google Inc.) HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\Google Chrome\InstallInfo\\ShowIconsCommand: "D:\Documents and Settings\neil fulton\Local Settings\Application Data\Google\Chrome\Application\chrome.exe" --show-icons [2011/05/06 20:50:10 | 001,010,232 | ---- | M] (Google Inc.) HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\Google Chrome\InstallInfo\\HideIconsCommand: "D:\Documents and Settings\neil fulton\Local Settings\Application Data\Google\Chrome\Application\chrome.exe" --hide-icons [2011/05/06 20:50:10 | 001,010,232 | ---- | M] (Google Inc.) HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\Google Chrome\InstallInfo\\ReinstallCommand: "D:\Documents and Settings\neil fulton\Local Settings\Application Data\Google\Chrome\Application\chrome.exe" --make-default-browser [2011/05/06 20:50:10 | 001,010,232 | ---- | M] (Google Inc.) HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\Google Chrome\shell\open\command\\: "D:\Documents and Settings\neil fulton\Local Settings\Application Data\Google\Chrome\Application\chrome.exe" [2011/05/06 20:50:10 | 001,010,232 | ---- | M] (Google Inc.) HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\InstallInfo\\ReinstallCommand: "C:\WINDOWS\system32\ie4uinit.exe" -reinstall [2013/06/07 19:26:09 | 000,174,592 | ---- | M] (Microsoft Corporation) HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\InstallInfo\\HideIconsCommand: "C:\WINDOWS\system32\ie4uinit.exe" -hide [2013/06/07 19:26:09 | 000,174,592 | ---- | M] (Microsoft Corporation) HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\InstallInfo\\ShowIconsCommand: "C:\WINDOWS\system32\ie4uinit.exe" -show [2013/06/07 19:26:09 | 000,174,592 | ---- | M] (Microsoft Corporation) HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\shell\naom\command\\: "C:\Program Files\Internet Explorer\iexplore.exe" -extoff [2009/03/08 14:09:26 | 000,638,816 | ---- | M] (Microsoft Corporation) HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\shell\open\command\\: "C:\Program Files\Internet Explorer\iexplore.exe" [2009/03/08 14:09:26 | 000,638,816 | ---- | M] (Microsoft Corporation) < hklm\software\clients\startmenuinternet|command /64 /rs > HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\aol.exe\InstallInfo\\ReinstallCommand: C:\PROGRA~1\AOL9~1.0\accdef.exe -rb [2005/03/08 06:02:40 | 000,016,496 | ---- | M] (America Online, Inc.) HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\aol.exe\InstallInfo\\HideIconsCommand: C:\PROGRA~1\AOL9~1.0\accdef.exe -hb [2005/03/08 06:02:40 | 000,016,496 | ---- | M] (America Online, Inc.) HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\aol.exe\InstallInfo\\ShowIconsCommand: C:\PROGRA~1\AOL9~1.0\accdef.exe -sb [2005/03/08 06:02:40 | 000,016,496 | ---- | M] (America Online, Inc.) HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\aol.exe\shell\open\command\\: C:\PROGRA~1\AOL9~1.0\aol.exe [2005/03/08 06:03:18 | 000,038,000 | ---- | M] (America Online, Inc.) HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\chrome.exe\shell\open\command\\: "D:\Documents and Settings\neil fulton\Local Settings\Application Data\Google\Chrome\Application\chrome.exe" [2011/05/06 20:50:10 | 001,010,232 | ---- | M] (Google Inc.) HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\Google Chrome\InstallInfo\\ShowIconsCommand: "D:\Documents and Settings\neil fulton\Local Settings\Application Data\Google\Chrome\Application\chrome.exe" --show-icons [2011/05/06 20:50:10 | 001,010,232 | ---- | M] (Google Inc.) HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\Google Chrome\InstallInfo\\HideIconsCommand: "D:\Documents and Settings\neil fulton\Local Settings\Application Data\Google\Chrome\Application\chrome.exe" --hide-icons [2011/05/06 20:50:10 | 001,010,232 | ---- | M] (Google Inc.) HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\Google Chrome\InstallInfo\\ReinstallCommand: "D:\Documents and Settings\neil fulton\Local Settings\Application Data\Google\Chrome\Application\chrome.exe" --make-default-browser [2011/05/06 20:50:10 | 001,010,232 | ---- | M] (Google Inc.) HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\Google Chrome\shell\open\command\\: "D:\Documents and Settings\neil fulton\Local Settings\Application Data\Google\Chrome\Application\chrome.exe" [2011/05/06 20:50:10 | 001,010,232 | ---- | M] (Google Inc.) HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\InstallInfo\\ReinstallCommand: "C:\WINDOWS\system32\ie4uinit.exe" -reinstall [2013/06/07 19:26:09 | 000,174,592 | ---- | M] (Microsoft Corporation) HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\InstallInfo\\HideIconsCommand: "C:\WINDOWS\system32\ie4uinit.exe" -hide [2013/06/07 19:26:09 | 000,174,592 | ---- | M] (Microsoft Corporation) HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\InstallInfo\\ShowIconsCommand: "C:\WINDOWS\system32\ie4uinit.exe" -show [2013/06/07 19:26:09 | 000,174,592 | ---- | M] (Microsoft Corporation) HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\shell\naom\command\\: "C:\Program Files\Internet Explorer\iexplore.exe" -extoff [2009/03/08 14:09:26 | 000,638,816 | ---- | M] (Microsoft Corporation) HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\shell\open\command\\: "C:\Program Files\Internet Explorer\iexplore.exe" [2009/03/08 14:09:26 | 000,638,816 | ---- | M] (Microsoft Corporation) < End of report >
- July 11, 2013
- 13 replies
bizcoaching!

suarezlfc replied to suarezlfc's topic in Tech Support & Discussions Forum

malware log Malwarebytes Anti-Malware 1.75.0.1300 http://www.malwarebytes.org Database version: v2013.07.11.04 Windows XP Service Pack 3 x86 NTFS Internet Explorer 8.0.6001.18702 neil fulton :: SN049765120045 [administrator] 07/07/2013 15:43:00 mbam-log-2013-07-07 (15-43-00).txt Scan type: Full scan (C:\|D:\|E:\|F:\|G:\|H:\|I:\|) Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM Scan options disabled: P2P Objects scanned: 409829 Time elapsed: 1 hour(s), 58 second(s) Memory Processes Detected: 0 (No malicious items detected) Memory Modules Detected: 0 (No malicious items detected) Registry Keys Detected: 1 HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\SETUP.EXE (Trojan.DomaIQ) -> Quarantined and deleted successfully. Registry Values Detected: 0 (No malicious items detected) Registry Data Items Detected: 0 (No malicious items detected) Folders Detected: 0 (No malicious items detected) Files Detected: 1 D:\Documents and Settings\neil fulton\My Documents\Downloads\Setup.exe (Trojan.DomaIQ) -> Quarantined and deleted successfully. (end)
- July 11, 2013
- 13 replies
bizcoaching!

suarezlfc replied to suarezlfc's topic in Tech Support & Discussions Forum

hi seedy here is the log # AdwCleaner v2.304 - Logfile created 07/07/2013 at 13:56:26 # Updated 03/07/2013 by Xplode # Operating system : Microsoft Windows XP Service Pack 3 (32 bits) # User : neil fulton - SN049765120045 # Boot Mode : Normal # Running from : D:\Documents and Settings\neil fulton\My Documents\Downloads\adwcleaner.exe # Option [Delete] ***** [services] ***** ***** [Files / Folders] ***** Deleted on reboot : D:\Documents and Settings\neil fulton\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\dlfienamagdnkekbbbocojppncdambda File Deleted : D:\DOCUME~1\NEILFU~1\LOCALS~1\Temp\Uninstall.exe File Deleted : D:\Documents and Settings\All Users\Desktop\RebateGiant.com.url File Deleted : D:\Documents and Settings\neil fulton\Local Settings\Application Data\Google\Chrome\User Data\Default\Local Storage\hxxp_apps.conduit.com_0.localstorage File Deleted : D:\END Folder Deleted : C:\Program Files\Conduit Folder Deleted : C:\Program Files\DomaIQ Uninstaller Folder Deleted : C:\Program Files\Free Offers from Freeze.com Folder Deleted : C:\Program Files\Supreme Savings Folder Deleted : C:\Program Files\Viewpoint Folder Deleted : C:\Program Files\vShare.tv plugin Folder Deleted : C:\Program Files\VshareComplete Folder Deleted : D:\Documents and Settings\All Users\Application Data\Babylon Folder Deleted : D:\Documents and Settings\All Users\Application Data\Bandoo Folder Deleted : D:\Documents and Settings\All Users\Application Data\boost_interprocess Folder Deleted : D:\Documents and Settings\All Users\Application Data\iMesh Folder Deleted : D:\Documents and Settings\All Users\Application Data\Trymedia Folder Deleted : D:\Documents and Settings\All Users\Application Data\Viewpoint Folder Deleted : D:\Documents and Settings\All Users\Start Menu\Programs\RebateInformer Folder Deleted : D:\Documents and Settings\neil fulton\Application Data\Babylon Folder Deleted : D:\Documents and Settings\neil fulton\Application Data\PriceGong Folder Deleted : D:\Documents and Settings\neil fulton\Application Data\VshareComplete Folder Deleted : D:\Documents and Settings\neil fulton\Local Settings\Application Data\Conduit Folder Deleted : D:\Documents and Settings\neil fulton\Local Settings\Application Data\Ilivid Folder Deleted : D:\Documents and Settings\neil fulton\Local Settings\Application Data\PackageAware Folder Deleted : D:\Documents and Settings\neil fulton\Local Settings\Application Data\Updater19962 Folder Deleted : D:\Documents and Settings\neil fulton\Start Menu\Programs\Video Downloader ***** [Registry] ***** Key Deleted : HKCU\Software\BabylonToolbar Key Deleted : HKCU\Software\Conduit Key Deleted : HKCU\Software\DataMngr Key Deleted : HKCU\Software\DataMngr_Toolbar Key Deleted : HKCU\Software\Google\Chrome\Extensions\ojpijjmpahflnipadmlpgbjmagmjchkk Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{0ECDF796-C2DC-4D79-A620-CCE0C0A66CC9} Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{AFDBDDAA-5D3F-42EE-B79C-185A7020515B} Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{78F3A323-798E-4AEA-9A57-88F4B05FD5DD} Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{7AC3E13B-3BCA-4158-B330-F66DBB03C1B5} Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{8F97BFF8-488B-4107-BCEE-B161AB4E4183} Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{1631550F-191D-4826-B069-D9439253D926} Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{82E1477C-B154-48D3-9891-33D83C26BCD3} Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{95B7759C-8C7F-4BF1-B163-73684A933233} Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{C1AF5FA5-852C-4C90-812E-A7F75E011D87} Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{1631550F-191D-4826-B069-D9439253D926} Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{82E1477C-B154-48D3-9891-33D83C26BCD3} Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{95B7759C-8C7F-4BF1-B163-73684A933233} Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{A1B48071-416D-474E-A13B-BE5456E7FC31} Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{C1AF5FA5-852C-4C90-812E-A7F75E011D87} Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{F25AF245-4A81-40DC-92F9-E9021F207706} Key Deleted : HKCU\Software\PriceGong Key Deleted : HKCU\Software\SmartBar Key Deleted : HKCU\Software\StartSearch Key Deleted : HKCU\Software\YahooPartnerToolbar Key Deleted : HKLM\Software\Babylon Key Deleted : HKLM\SOFTWARE\Classes\AppID\{C26644C4-2A12-4CA6-8F2E-0EDE6CF018F3} Key Deleted : HKLM\SOFTWARE\Classes\Applications\ilividsetup.exe Key Deleted : HKLM\SOFTWARE\Classes\AxMetaStream.MetaStreamCtl Key Deleted : HKLM\SOFTWARE\Classes\AxMetaStream.MetaStreamCtl.1 Key Deleted : HKLM\SOFTWARE\Classes\AxMetaStream.MetaStreamCtlSecondary Key Deleted : HKLM\SOFTWARE\Classes\AxMetaStream.MetaStreamCtlSecondary.1 Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{03F998B2-0E00-11D3-A498-00104B6EB52E} Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{1B00725B-C455-4DE6-BFB6-AD540AD427CD} Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{3C471948-F874-49F5-B338-4F214A2EE0B1} Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{8F97BFF8-488B-4107-BCEE-B161AB4E4183} Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{A1B48071-416D-474E-A13B-BE5456E7FC31} Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{DE9028D0-5FFA-4E69-94E3-89EE8741F468} Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39} Key Deleted : HKLM\SOFTWARE\Classes\Interface\{03E2A1F3-4402-4121-8B35-733216D61217} Key Deleted : HKLM\SOFTWARE\Classes\Interface\{813A22E0-3E2B-4188-9BDA-ECA9878B8D48} Key Deleted : HKLM\SOFTWARE\Classes\Interface\{9E3B11F6-4179-4603-A71B-A55F4BCB0BEC} Key Deleted : HKLM\SOFTWARE\Classes\Interface\{BCFF5F55-6F44-11D2-86F8-00104B265ED5} Key Deleted : HKLM\SOFTWARE\Classes\Interface\{C9AE652B-8C99-4AC2-B556-8B501182874E} Key Deleted : HKLM\SOFTWARE\Classes\Prod.cap Key Deleted : HKLM\SOFTWARE\Classes\SuggestMeYes.SuggestMeYesBHO Key Deleted : HKLM\SOFTWARE\Classes\SuggestMeYes.SuggestMeYesBHO.1 Key Deleted : HKLM\SOFTWARE\Classes\Toolbar.CT2504091 Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{79D60450-56C5-4A8C-9321-6D5BC2A81E5A} Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{99C22A61-21BA-4F81-85FF-CDC9EB5DB10B} Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{9C049BA6-EA47-4AC3-AED6-A66D8DC9E1D8} Key Deleted : HKLM\Software\Conduit Key Deleted : HKLM\Software\DataMngr Key Deleted : HKLM\Software\DomaIQ Key Deleted : HKLM\SOFTWARE\e2db88e76aee10 Key Deleted : HKLM\Software\Freeze.com Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\dlfienamagdnkekbbbocojppncdambda Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\ojpijjmpahflnipadmlpgbjmagmjchkk Key Deleted : HKLM\Software\MetaStream Key Deleted : HKLM\SOFTWARE\Microsoft\Active Setup\Installed Components\{03F998B2-0E00-11D3-A498-00104B6EB52E} Key Deleted : HKLM\SOFTWARE\Microsoft\Active Setup\Installed Components\{1B00725B-C455-4DE6-BFB6-AD540AD427CD} Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Management\ARPCache\Delta Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Management\ARPCache\Supreme Savings Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{8F97BFF8-488B-4107-BCEE-B161AB4E4183} Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{A1B48071-416D-474E-A13B-BE5456E7FC31} Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\063A857434EDED11A893800002C0A966 Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\ViewpointMediaPlayer Key Deleted : HKLM\SOFTWARE\MozillaPlugins\@viewpoint.com/VMP Key Deleted : HKLM\Software\SimplyGen Key Deleted : HKLM\SOFTWARE\Software Key Deleted : HKLM\Software\Viewpoint Value Deleted : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39}] ***** [internet Browsers] ***** -\\ Internet Explorer v8.0.6001.18702 Replaced : [HKLM\SOFTWARE\Microsoft\Internet Explorer\AboutURls - bProtectTabs] = hxxp://www2.delta-search.com/?affID=120519&babsrc=NT_ss&mntrId=F86A0016E6106FFB --> hxxp://www.google.com -\\ Google Chrome v11.0.696.65 File : D:\Documents and Settings\neil fulton\Local Settings\Application Data\Google\Chrome\User Data\Default\Preferences Deleted [l.31] : keyword = "startsear.ch", Deleted [l.34] : search_url = "hxxp://startsear.ch/?aff=1&src=sp&cf=697b68cc-191b-11e1-974c-0016e6106ffb&q={se[...] ************************* AdwCleaner[R1].txt - [9074 octets] - [07/07/2013 13:55:09] AdwCleaner[s1].txt - [8932 octets] - [07/07/2013 13:56:26] ########## EOF - D:\AdwCleaner[s1].txt - [8992 octets] ##########
- July 11, 2013
- 13 replies
bizcoaching!

suarezlfc posted a topic in Tech Support & Discussions Forum

hi guys im having a few issues with my pc im wondering if anyone could help,i seem to be getting alot of pop ups lately when i open a new web browser page,im getting alot of gambling sites and also keep getting a page that flashes up bizcoaching!! im pretty sure this is an infection can anybody help me out?
- July 9, 2013
- 13 replies
[Solved] Help needed

suarezlfc replied to suarezlfc's topic in Tech Support & Discussions Forum

it seems to be running pretty well mate,its a bit slow at times but nothing major
- July 3, 2012
- 48 replies
[Solved] Help needed

suarezlfc replied to suarezlfc's topic in Tech Support & Discussions Forum

is smart defrag made by iobit? and how does having smart defrag benefit my computer?
- July 1, 2012
- 48 replies
[Solved] Help needed

suarezlfc replied to suarezlfc's topic in Tech Support & Discussions Forum

hi etavares i ran the eset scan but i never got the option when it had finished for a list of found threats,it just said no threats were found
- July 1, 2012
- 48 replies
[Solved] Help needed

suarezlfc replied to suarezlfc's topic in Tech Support & Discussions Forum

is iobit the same thing is smart defrag?
- June 28, 2012
- 48 replies
[Solved] Help needed

suarezlfc replied to suarezlfc's topic in Tech Support & Discussions Forum

otl report no 2 OTL logfile created on: 28/06/2012 22:30:14 - Run 8 OTL by OldTimer - Version 3.2.53.0 Folder = D:\Documents and Settings\neil fulton\Desktop Windows XP Home Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation Internet Explorer (Version = 8.0.6001.18702) Locale: 00000809 | Country: United Kingdom | Language: ENG | Date Format: dd/MM/yyyy 1022.48 Mb Total Physical Memory | 339.38 Mb Available Physical Memory | 33.19% Memory free 2.40 Gb Paging File | 1.70 Gb Available in Paging File | 70.96% Paging File free Paging file location(s): C:\pagefile.sys 0 0 [binary data] %SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files Drive C: | 37.80 Gb Total Space | 22.45 Gb Free Space | 59.41% Space Free | Partition Type: NTFS Drive D: | 111.24 Gb Total Space | 90.96 Gb Free Space | 81.77% Space Free | Partition Type: NTFS Computer Name: SN049765120045 | User Name: neil fulton | Logged in as Administrator. Boot Mode: Normal | Scan Mode: All users Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days ========== Processes (SafeList) ========== PRC - D:\Documents and Settings\neil fulton\Desktop\OTL (1).exe (OldTimer Tools) PRC - C:\Program Files\Java\jre7\bin\jqs.exe (Oracle Corporation) PRC - C:\Program Files\Microsoft Security Client\msseces.exe (Microsoft Corporation) PRC - C:\Program Files\Microsoft Security Client\MsMpEng.exe (Microsoft Corporation) PRC - c:\Program Files\McAfee\SiteAdvisor\saUI.exe (McAfee, Inc.) PRC - c:\Program Files\McAfee\SiteAdvisor\McSACore.exe (McAfee, Inc.) PRC - C:\Program Files\Steam\steam.exe (Valve Corporation) PRC - C:\Program Files\Virgin Media\Service Manager\ServicepointService.exe (Radialpoint SafeCare Inc.) PRC - C:\Program Files\Virgin Media\Service Manager\ServiceManager.exe (Virgin Media) PRC - C:\Program Files\LeapFrog\LeapFrog Connect\Monitor.exe (LeapFrog Enterprises, Inc.) PRC - C:\Program Files\LeapFrog\LeapFrog Connect\CommandService.exe (LeapFrog Enterprises, Inc.) PRC - C:\Program Files\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe (NVIDIA Corporation) PRC - C:\Program Files\IObit\Smart Defrag 2\SmartDefrag.exe (IObit) PRC - D:\Documents and Settings\neil fulton\Local Settings\Application Data\Google\Chrome\Application\chrome.exe (Google Inc.) PRC - C:\Program Files\Virgin Media\Digital Home Support\HsdService.exe (Virgin Media) PRC - C:\Program Files\Virgin Media\Digital Home Support\DHSClient.exe (Virgin Media) PRC - C:\WINDOWS\explorer.exe (Microsoft Corporation) PRC - C:\Program Files\Real\RealPlayer\realplay.exe (RealNetworks, Inc.) PRC - C:\APPS\SMP\SMPSYS.EXE (Packard Bell BV) PRC - c:\APPS\Powercinema\Kernel\TV\CLSched.exe () PRC - c:\APPS\Powercinema\Kernel\TV\CLCapSvc.exe () PRC - C:\APPS\Powercinema\PCMService.exe (CyberLink Corp.) PRC - c:\APPS\Powercinema\Kernel\CLML_NTService\CLMLService.exe (Cyberlink) PRC - c:\APPS\Powercinema\Kernel\CLML_NTService\CLMLServer.exe (Cyberlink) PRC - C:\WINDOWS\sm56hlpr.exe (Motorola Inc.) PRC - C:\Program Files\Common Files\Ulead Systems\AutoDetector\Monitor.exe (Ulead Systems, Inc.) PRC - C:\Program Files\Goto Software\Vade Retro\Vaderetro_oe.exe () PRC - C:\Program Files\Common Files\AOL\ACS\AOLacsd.exe (America Online, Inc.) PRC - C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe (Ulead Systems, Inc.) ========== Modules (No Company Name) ========== MOD - C:\Program Files\Steam\bin\libcef.dll () MOD - C:\Program Files\Steam\bin\chromehtml.dll () MOD - C:\Program Files\Steam\bin\avcodec-53.dll () MOD - C:\Program Files\Steam\bin\avformat-53.dll () MOD - C:\Program Files\Steam\bin\avutil-51.dll () MOD - C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll () MOD - C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll () MOD - C:\Program Files\LeapFrog\LeapFrog Connect\QtGui4.dll () MOD - C:\Program Files\LeapFrog\LeapFrog Connect\QtCore4.dll () MOD - C:\Program Files\IObit\Smart Defrag 2\NtfsData.dll () MOD - D:\Documents and Settings\neil fulton\Local Settings\Application Data\Google\Chrome\Application\11.0.696.65\ppgooglenaclpluginchrome.dll () MOD - D:\Documents and Settings\neil fulton\Local Settings\Application Data\Google\Chrome\Application\11.0.696.65\pdf.dll () MOD - D:\Documents and Settings\neil fulton\Local Settings\Application Data\Google\Chrome\Application\11.0.696.65\Locales\en-US.dll () MOD - D:\Documents and Settings\neil fulton\Local Settings\Application Data\Google\Chrome\Application\11.0.696.65\avutil-50.dll () MOD - D:\Documents and Settings\neil fulton\Local Settings\Application Data\Google\Chrome\Application\11.0.696.65\avformat-52.dll () MOD - D:\Documents and Settings\neil fulton\Local Settings\Application Data\Google\Chrome\Application\11.0.696.65\avcodec-52.dll () MOD - D:\Documents and Settings\neil fulton\Local Settings\Application Data\Google\Chrome\Application\11.0.696.65\gcswf32.dll () MOD - C:\WINDOWS\system32\msdmo.dll () MOD - C:\WINDOWS\system32\devenum.dll () MOD - c:\APPS\Powercinema\Kernel\TV\CLSched.exe () MOD - c:\APPS\Powercinema\Kernel\TV\CLCapSvc.exe () MOD - c:\APPS\Powercinema\Kernel\TV\CLCapEngine.dll () MOD - c:\APPS\Powercinema\Kernel\TV\CLSchMgr.dll () MOD - c:\APPS\Powercinema\Kernel\TV\CLCapSvcps.dll () MOD - c:\APPS\Powercinema\Kernel\TV\CLSchedps.dll () MOD - C:\WINDOWS\sm56spn.dll () MOD - C:\WINDOWS\sm56jpn.dll () MOD - C:\WINDOWS\sm56itl.dll () MOD - C:\WINDOWS\sm56eng.dll () MOD - C:\WINDOWS\sm56ger.dll () MOD - C:\WINDOWS\sm56fra.dll () MOD - C:\WINDOWS\sm56brz.dll () MOD - C:\WINDOWS\sm56cht.dll () MOD - C:\WINDOWS\sm56chs.dll () MOD - C:\Program Files\Goto Software\Vade Retro\Vaderetro_oe.exe () MOD - C:\Program Files\Goto Software\Vade Retro\VrOe_hook.dll () MOD - C:\Program Files\Common Files\Ulead Systems\AutoDetector\DetMethod.dll () ========== Win32 Services (SafeList) ========== SRV - (HidServ) -- %SystemRoot%\System32\hidserv.dll File not found SRV - (AppMgmt) -- %SystemRoot%\System32\appmgmts.dll File not found SRV - (JavaQuickStarterService) -- C:\Program Files\Java\jre7\bin\jqs.exe (Oracle Corporation) SRV - (AdobeFlashPlayerUpdateSvc) -- C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe (Adobe Systems Incorporated) SRV - (MsMpSvc) -- C:\Program Files\Microsoft Security Client\MsMpEng.exe (Microsoft Corporation) SRV - (McAfee SiteAdvisor Service) -- c:\Program Files\McAfee\SiteAdvisor\McSACore.exe (McAfee, Inc.) SRV - (ServicepointService) -- C:\Program Files\Virgin Media\Service Manager\ServicepointService.exe (Radialpoint SafeCare Inc.) SRV - (LeapFrog Connect Device Service) -- C:\Program Files\LeapFrog\LeapFrog Connect\CommandService.exe (LeapFrog Enterprises, Inc.) SRV - (nvUpdatusService) -- C:\Program Files\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe (NVIDIA Corporation) SRV - (HsdService) -- C:\Program Files\Virgin Media\Digital Home Support\HsdService.exe (Virgin Media) SRV - (Steam Client Service) -- C:\Program Files\Common Files\Steam\SteamService.exe (Valve Corporation) SRV - (Pml Driver HPZ12) -- C:\WINDOWS\system32\HPZipm12.exe (HP) SRV - (CLSched) CyberLink Task Scheduler (CTS) -- c:\APPS\Powercinema\Kernel\TV\CLSched.exe () SRV - (CLCapSvc) CyberLink Background Capture Service (CBCS) -- c:\APPS\Powercinema\Kernel\TV\CLCapSvc.exe () SRV - (CyberLink Media Library Service) -- c:\APPS\Powercinema\Kernel\CLML_NTService\CLMLServer.exe (Cyberlink) SRV - (AOL ACS) -- C:\Program Files\Common Files\AOL\ACS\AOLacsd.exe (America Online, Inc.) SRV - (UleadBurningHelper) -- C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe (Ulead Systems, Inc.) ========== Driver Services (SafeList) ========== DRV - (Leapfrog-USBLAN) -- C:\WINDOWS\system32\drivers\btblan.sys (Belcarra Technologies) DRV - (SmartDefragDriver) -- C:\WINDOWS\system32\drivers\SmartDefragDriver.sys () DRV - (FlyUsb) -- C:\WINDOWS\system32\drivers\FlyUsb.sys (LeapFrog) DRV - (ASCTRM) -- C:\WINDOWS\System32\drivers\asctrm.sys (Windows ® 2000 DDK provider) DRV - (IntcAzAudAddService) Service for Realtek HD Audio (WDM) -- C:\WINDOWS\system32\drivers\RtkHDAud.Sys (Realtek Semiconductor Corp.) DRV - (smserial) -- C:\WINDOWS\system32\drivers\smserial.sys (Motorola Inc.) DRV - (RTL8023xp) -- C:\WINDOWS\system32\drivers\Rtnicxp.sys (Realtek Semiconductor Corporation ) DRV - (HdAudAddService) -- C:\WINDOWS\system32\drivers\Hdaudio.sys (Windows ® Server 2003 DDK provider) DRV - (wanatw) WAN Miniport (ATW) -- C:\WINDOWS\system32\drivers\wanatw4.sys (America Online, Inc.) ========== Standard Registry (SafeList) ========== ========== Internet Explorer ========== IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com IE - HKLM\..\SearchScopes,DefaultScope = {7D1CC8B6-4271-40C8-BA9E-91854C72078F} IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://search.live.com/results.aspx?q={searchTerms}&src={referrer:source?} IE - HKLM\..\SearchScopes\{7D1CC8B6-4271-40C8-BA9E-91854C72078F}: "URL" = http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7 IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-21-2908480339-1261026855-1997213502-1006\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.co.uk/ IE - HKU\S-1-5-21-2908480339-1261026855-1997213502-1006\..\URLSearchHook: {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\Program Files\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.) IE - HKU\S-1-5-21-2908480339-1261026855-1997213502-1006\..\SearchScopes,DefaultScope = {6A1806CD-94D4-4689-BA73-E35EA1EA9990} IE - HKU\S-1-5-21-2908480339-1261026855-1997213502-1006\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://search.live.com/results.aspx?q={searchTerms}&src=IE-SearchBox&Form=IE8SRC IE - HKU\S-1-5-21-2908480339-1261026855-1997213502-1006\..\SearchScopes\{601115BF-FE84-4E00-AAAE-281610222DF3}: "URL" = http://uk.search.yahoo.com/search?fr=mcafee&p={SearchTerms} IE - HKU\S-1-5-21-2908480339-1261026855-1997213502-1006\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7&rlz=1I7PRFB_enGB466 IE - HKU\S-1-5-21-2908480339-1261026855-1997213502-1006\..\SearchScopes\{7D1CC8B6-4271-40C8-BA9E-91854C72078F}: "URL" = http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7&rlz=1I7PRFB_enGB466 IE - HKU\S-1-5-21-2908480339-1261026855-1997213502-1006\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-21-2908480339-1261026855-1997213502-1007\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 ========== FireFox ========== FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\WINDOWS\system32\Macromed\Flash\NPSWF32.dll () FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll () FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.4.0: C:\WINDOWS\system32\npDeployJava1.dll (Oracle Corporation) FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.4.0: C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation) FF - HKLM\Software\MozillaPlugins\@mcafee.com/SAFFPlugin: C:\Program Files\McAfee\SiteAdvisor\npmcffplg32.dll (McAfee, Inc.) FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@radialpoint.com/SPA,version=1: C:\Program Files\Virgin Media\Service Manager\nprpspa.dll (Virgin Media) FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.21.111\npGoogleUpdate3.dll (Google Inc.) FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.21.111\npGoogleUpdate3.dll (Google Inc.) FF - HKLM\Software\MozillaPlugins\@viewpoint.com/VMP: C:\Program Files\Viewpoint\Viewpoint Experience Technology\npViewpoint.dll () FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.) FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: D:\Documents and Settings\neil fulton\Local Settings\Application Data\Google\Update\1.3.21.53\npGoogleUpdate3.dll (Google Inc.) FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: D:\Documents and Settings\neil fulton\Local Settings\Application Data\Google\Update\1.3.21.53\npGoogleUpdate3.dll (Google Inc.) FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\jqs@sun.com: C:\Program Files\Java\jre6\lib\deploy\jqs\ff FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{4ED1F68A-5463-4931-9384-8FFF5ED91D92}: C:\Program Files\McAfee\SiteAdvisor [2012/02/23 22:10:22 | 000,000,000 | ---D | M] ========== Chrome ========== CHR - default_search_provider: Web Search (Enabled) CHR - default_search_provider: search_url = http://startsear.ch/?aff=1&src=sp&cf=697b68cc-191b-11e1-974c-0016e6106ffb&q={searchTerms} CHR - default_search_provider: suggest_url = CHR - plugin: Shockwave Flash (Enabled) = D:\Documents and Settings\neil fulton\Local Settings\Application Data\Google\Chrome\Application\11.0.696.65\gcswf32.dll CHR - plugin: Shockwave Flash (Enabled) = C:\WINDOWS\system32\Macromed\Flash\NPSWF32.dll CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files\QuickTime\plugins\npqtplugin.dll CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files\QuickTime\plugins\npqtplugin2.dll CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files\QuickTime\plugins\npqtplugin3.dll CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files\QuickTime\plugins\npqtplugin4.dll CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files\QuickTime\plugins\npqtplugin5.dll CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files\QuickTime\plugins\npqtplugin6.dll CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files\QuickTime\plugins\npqtplugin7.dll CHR - plugin: Adobe Acrobat (Disabled) = C:\Program Files\Adobe\Reader 10.0\Reader\Browser\nppdf32.dll CHR - plugin: Windows Media Player Plug-in Dynamic Link Library (Enabled) = C:\Program Files\Windows Media Player\npdsplay.dll CHR - plugin: Chrome PDF Viewer (Enabled) = D:\Documents and Settings\neil fulton\Local Settings\Application Data\Google\Chrome\Application\11.0.696.65\pdf.dll CHR - plugin: Chrome NaCl (Disabled) = D:\Documents and Settings\neil fulton\Local Settings\Application Data\Google\Chrome\Application\11.0.696.65\ppGoogleNaClPluginChrome.dll CHR - plugin: Google Gears 0.5.33.0 (Enabled) = D:\Documents and Settings\neil fulton\Local Settings\Application Data\Google\Chrome\Application\11.0.696.65\gears.dll CHR - plugin: McAfee SiteAdvisor (Enabled) = D:\Documents and Settings\neil fulton\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\fheoggkfdfchfphceeifdbepaooicaho\3.41.123.2_0\McChPlg.dll CHR - plugin: McAfee SiteAdvisor (Enabled) = C:\Program Files\McAfee\SiteAdvisor\npmcffplg32.dll CHR - plugin: vShare.tv plug-in (Enabled) = D:\Documents and Settings\neil fulton\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\kpionmjnkbpcdpcflammlgllecmejgjj\1.3_0\chvsharetvplg.dll CHR - plugin: Client Gateway 4.1.16 (Enabled) = D:\Documents and Settings\neil fulton\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\lmmhpfbhngkongobaoibpmnijjokabmj\1.0_0\nprpspa.dll CHR - plugin: Java Platform SE 7 U2 (Enabled) = C:\Program Files\Java\jre7\bin\new_plugin\npjp2.dll CHR - plugin: Microsoft\u00AE DRM (Enabled) = C:\Program Files\Windows Media Player\npdrmv2.dll CHR - plugin: Microsoft\u00AE DRM (Enabled) = C:\Program Files\Windows Media Player\npwmsdrm.dll CHR - plugin: Google Update (Enabled) = C:\Program Files\Google\Update\1.3.21.99\npGoogleUpdate3.dll CHR - plugin: MetaStream 3 Plugin (Enabled) = C:\Program Files\Viewpoint\Viewpoint Experience Technology\npViewpoint.dll CHR - plugin: iTunes Application Detector (Enabled) = C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll CHR - plugin: Windows Presentation Foundation (Enabled) = C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll CHR - plugin: Default Plug-in (Enabled) = default_plugin CHR - Extension: VshareComplete plugin for chrome = D:\Documents and Settings\neil fulton\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\dlfienamagdnkekbbbocojppncdambda\1.1_0\ CHR - Extension: SiteAdvisor = D:\Documents and Settings\neil fulton\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\fheoggkfdfchfphceeifdbepaooicaho\3.41.123.2_0\ CHR - Extension: vshare plugin = D:\Documents and Settings\neil fulton\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\kpionmjnkbpcdpcflammlgllecmejgjj\1.3_0\ CHR - Extension: Radialpoint SPD Extension = D:\Documents and Settings\neil fulton\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\lmmhpfbhngkongobaoibpmnijjokabmj\1.0_0\ O1 HOSTS File: ([2012/01/20 22:57:19 | 000,000,098 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\Hosts O1 - Hosts: 127.0.0.1 localhost O1 - Hosts: ::1 localhost O2 - BHO: (Java Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation) O2 - BHO: (McAfee SiteAdvisor BHO) - {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - c:\Program Files\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.) O2 - BHO: (Java Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation) O3 - HKLM\..\Toolbar: (McAfee SiteAdvisor Toolbar) - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\Program Files\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.) O4 - HKLM..\Run: [APSDaemon] C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.) O4 - HKLM..\Run: [DHSClient.exe] C:\Program Files\Virgin Media\Digital Home Support\DHSClient.exe (Virgin Media) O4 - HKLM..\Run: [High Definition Audio Property Page Shortcut] C:\WINDOWS\System32\HdAShCut.exe (Windows ® Server 2003 DDK provider) O4 - HKLM..\Run: [iMJPMIG8.1] C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE (Microsoft Corporation) O4 - HKLM..\Run: [Monitor] C:\Program Files\LeapFrog\LeapFrog Connect\Monitor.exe (LeapFrog Enterprises, Inc.) O4 - HKLM..\Run: [MSC] C:\Program Files\Microsoft Security Client\msseces.exe (Microsoft Corporation) O4 - HKLM..\Run: [NvCplDaemon] C:\WINDOWS\System32\NvCpl.dll (NVIDIA Corporation) O4 - HKLM..\Run: [NvMediaCenter] C:\WINDOWS\System32\nvmctray.dll (NVIDIA Corporation) O4 - HKLM..\Run: [nwiz] C:\Program Files\NVIDIA Corporation\nview\nwiz.exe () O4 - HKLM..\Run: [PCMService] c:\apps\Powercinema\PCMService.exe (CyberLink Corp.) O4 - HKLM..\Run: [PHIME2002A] C:\WINDOWS\System32\IME\TINTLGNT\TINTSETP.EXE (Microsoft Corporation) O4 - HKLM..\Run: [PHIME2002ASync] C:\WINDOWS\System32\IME\TINTLGNT\TINTSETP.EXE (Microsoft Corporation) O4 - HKLM..\Run: [RealTray] C:\Program Files\Real\RealPlayer\RealPlay.exe (RealNetworks, Inc.) O4 - HKLM..\Run: [serviceManager.exe] C:\Program Files\Virgin Media\Service Manager\ServiceManager.exe (Virgin Media) O4 - HKLM..\Run: [sMSERIAL] C:\WINDOWS\sm56hlpr.exe (Motorola Inc.) O4 - HKLM..\Run: [ulead AutoDetector v2] C:\Program Files\Common Files\Ulead Systems\AutoDetector\Monitor.exe (Ulead Systems, Inc.) O4 - HKLM..\Run: [Vade Retro Outlook Express] C:\Program Files\Goto Software\Vade Retro\Vaderetro_oe.exe () O4 - HKU\S-1-5-21-2908480339-1261026855-1997213502-1006..\Run: [smpcSys] C:\APPS\SMP\SMPSYS.EXE (Packard Bell BV) O4 - HKU\S-1-5-21-2908480339-1261026855-1997213502-1006..\Run: [steam] C:\Program Files\Steam\Steam.exe (Valve Corporation) O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Infodelivery present O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0 O7 - HKU\.DEFAULT\Software\Policies\Microsoft\Internet Explorer\Control Panel present O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323 O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863 O7 - HKU\S-1-5-18\Software\Policies\Microsoft\Internet Explorer\Control Panel present O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323 O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863 O7 - HKU\S-1-5-19\Software\Policies\Microsoft\Internet Explorer\Control Panel present O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145 O7 - HKU\S-1-5-20\Software\Policies\Microsoft\Internet Explorer\Control Panel present O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145 O7 - HKU\S-1-5-21-2908480339-1261026855-1997213502-1006\Software\Policies\Microsoft\Internet Explorer\Control Panel present O7 - HKU\S-1-5-21-2908480339-1261026855-1997213502-1006\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323 O7 - HKU\S-1-5-21-2908480339-1261026855-1997213502-1006\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863 O7 - HKU\S-1-5-21-2908480339-1261026855-1997213502-1006\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0 O7 - HKU\S-1-5-21-2908480339-1261026855-1997213502-1007\Software\Policies\Microsoft\Internet Explorer\Control Panel present O7 - HKU\S-1-5-21-2908480339-1261026855-1997213502-1007\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145 O15 - HKU\S-1-5-21-2908480339-1261026855-1997213502-1006\..Trusted Domains: aol.com ([objects] * is out of zone range - 5) O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.macromedia.com/pub/shockwave/cabs/flash/swflash.cab (Shockwave Flash Object) O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 194.168.4.100 194.168.8.100 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{FDDA3FEC-98C4-4888-880B-B2077EF2D21C}: DhcpNameServer = 194.168.4.100 194.168.8.100 O18 - Protocol\Handler\dssrequest {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.) O18 - Protocol\Handler\sacore {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.) O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation) O20 - HKLM Winlogon: UserInit - (C:\WINDOWS\system32\userinit.exe) - C:\WINDOWS\system32\userinit.exe (Microsoft Corporation) O24 - Desktop WallPaper: C:\APPS\DESKTOP\BG1280UK.bmp O24 - Desktop BackupWallPaper: C:\APPS\DESKTOP\BG1280UK.bmp O32 - HKLM CDRom: AutoRun - 1 O34 - HKLM BootExecute: (autocheck autochk *) O35 - HKLM\..comfile [open] -- "%1" %* O35 - HKLM\..exefile [open] -- "%1" %* O37 - HKLM\...com [@ = comfile] -- "%1" %* O37 - HKLM\...exe [@ = exefile] -- "%1" %* O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3) O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2) ========== Files/Folders - Created Within 30 Days ========== [2027/03/30 21:52:20 | 000,000,000 | ---D | C] -- D:\Documents and Settings\neil fulton\Local Settings\Application Data\PCHealth [2027/03/24 23:04:39 | 000,000,000 | ---D | C] -- C:\WINDOWS\tmp [2012/06/28 22:19:29 | 000,596,992 | ---- | C] (OldTimer Tools) -- D:\Documents and Settings\neil fulton\Desktop\OTL (1).exe [2012/06/28 22:16:47 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Java [2012/06/28 22:16:36 | 000,143,872 | ---- | C] (Oracle Corporation) -- C:\WINDOWS\System32\javacpl.cpl [2012/06/28 22:16:35 | 000,227,784 | ---- | C] (Oracle Corporation) -- C:\WINDOWS\System32\javaws.exe [2012/06/28 22:16:29 | 000,174,024 | ---- | C] (Oracle Corporation) -- C:\WINDOWS\System32\javaw.exe [2012/06/28 22:16:29 | 000,174,024 | ---- | C] (Oracle Corporation) -- C:\WINDOWS\System32\java.exe [2012/06/28 22:11:27 | 021,053,392 | ---- | C] (Oracle Corporation) -- D:\Documents and Settings\neil fulton\Desktop\jre-7u4-windows-i586 (1).exe [2012/06/13 15:50:26 | 000,521,728 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\jsdbgui.dll ========== Files - Modified Within 30 Days ========== [2012/06/28 22:32:43 | 000,000,384 | -H-- | M] () -- C:\WINDOWS\tasks\Microsoft Antimalware Scheduled Scan.job [2012/06/28 22:22:31 | 000,000,892 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job [2012/06/28 22:22:30 | 000,000,292 | ---- | M] () -- C:\WINDOWS\tasks\SmartDefrag_Startup.job [2012/06/28 22:22:22 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat [2012/06/28 22:22:20 | 1072,222,208 | -HS- | M] () -- C:\hiberfil.sys [2012/06/28 22:19:23 | 000,596,992 | ---- | M] (OldTimer Tools) -- D:\Documents and Settings\neil fulton\Desktop\OTL (1).exe [2012/06/28 22:16:12 | 000,227,784 | ---- | M] (Oracle Corporation) -- C:\WINDOWS\System32\javaws.exe [2012/06/28 22:16:12 | 000,174,024 | ---- | M] (Oracle Corporation) -- C:\WINDOWS\System32\javaw.exe [2012/06/28 22:16:12 | 000,174,024 | ---- | M] (Oracle Corporation) -- C:\WINDOWS\System32\java.exe [2012/06/28 22:16:12 | 000,143,872 | ---- | M] (Oracle Corporation) -- C:\WINDOWS\System32\javacpl.cpl [2012/06/28 22:16:11 | 000,772,552 | ---- | M] (Oracle Corporation) -- C:\WINDOWS\System32\npdeployJava1.dll [2012/06/28 22:16:11 | 000,687,560 | ---- | M] (Oracle Corporation) -- C:\WINDOWS\System32\deployJava1.dll [2012/06/28 22:11:18 | 021,053,392 | ---- | M] (Oracle Corporation) -- D:\Documents and Settings\neil fulton\Desktop\jre-7u4-windows-i586 (1).exe [2012/06/28 22:09:00 | 000,000,896 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job [2012/06/28 21:41:00 | 000,000,830 | ---- | M] () -- C:\WINDOWS\tasks\Adobe Flash Player Updater.job [2012/06/27 13:52:03 | 000,001,158 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl [2012/06/14 14:07:20 | 000,253,472 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT [2012/06/13 22:37:15 | 028,573,696 | ---- | M] () -- C:\WINDOWS\software.old [2012/06/13 22:36:23 | 000,441,552 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat [2012/06/13 22:36:23 | 000,071,488 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat [2012/06/13 22:30:45 | 000,001,374 | ---- | M] () -- C:\WINDOWS\imsins.BAK [2012/06/07 14:13:30 | 000,000,669 | ---- | M] () -- D:\Documents and Settings\All Users\Desktop\Malwarebytes Anti-Malware.lnk [2012/06/04 21:53:37 | 000,005,120 | ---- | M] () -- D:\Documents and Settings\neil fulton\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini [2012/06/02 15:19:44 | 000,022,040 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\wucltui.dll.mui [2012/06/02 15:19:38 | 000,329,240 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\wucltui.dll [2012/06/02 15:19:38 | 000,329,240 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wucltui.dll [2012/06/02 15:19:38 | 000,219,160 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wuaucpl.cpl [2012/06/02 15:19:38 | 000,210,968 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wuweb.dll [2012/06/02 15:19:34 | 000,097,304 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cdm.dll [2012/06/02 15:19:34 | 000,097,304 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\cdm.dll [2012/06/02 15:19:34 | 000,053,784 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wuauclt.exe [2012/06/02 15:19:34 | 000,045,080 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\wups2.dll [2012/06/02 15:19:34 | 000,035,864 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\wups.dll [2012/06/02 15:19:34 | 000,035,864 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wups.dll [2012/06/02 15:19:34 | 000,015,384 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\wuapi.dll.mui [2012/06/02 15:19:24 | 000,577,048 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\wuapi.dll [2012/06/02 15:19:24 | 000,577,048 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wuapi.dll [2012/06/02 15:19:18 | 001,933,848 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wuaueng.dll [2012/06/02 15:18:58 | 000,275,696 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\mucltui.dll [2012/06/02 15:18:58 | 000,017,136 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\mucltui.dll.mui [2012/05/31 14:22:09 | 000,599,040 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\crypt32.dll ========== Files Created - No Company Name ========== [2012/02/15 09:48:32 | 000,003,072 | ---- | C] () -- C:\WINDOWS\System32\iacenc.dll [2012/02/14 14:34:01 | 000,005,120 | ---- | C] () -- D:\Documents and Settings\neil fulton\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini [2012/02/11 20:57:31 | 000,058,872 | -H-- | C] () -- C:\WINDOWS\System32\mlfcache.dat [2011/12/29 23:00:59 | 000,020,312 | ---- | C] () -- C:\WINDOWS\System32\RegistryDefragBootTime.exe [2011/12/29 21:32:27 | 000,025,944 | ---- | C] () -- C:\WINDOWS\System32\SmartDefragBootTime.exe [2011/12/29 21:32:21 | 000,014,776 | ---- | C] () -- C:\WINDOWS\System32\drivers\SmartDefragDriver.sys [2011/12/29 17:40:39 | 000,285,176 | ---- | C] () -- C:\WINDOWS\System32\nvdrsdb1.bin [2011/12/29 17:40:39 | 000,285,176 | ---- | C] () -- C:\WINDOWS\System32\nvdrsdb0.bin [2011/12/29 17:40:39 | 000,000,001 | ---- | C] () -- C:\WINDOWS\System32\nvdrssel.bin [2011/12/29 17:39:22 | 002,130,002 | ---- | C] () -- C:\WINDOWS\System32\nvdata.data [2011/07/24 14:56:21 | 000,000,227 | ---- | C] () -- C:\WINDOWS\HP_CounterReport_Update_HPSU.ini [2011/07/24 14:56:00 | 000,000,214 | ---- | C] () -- C:\WINDOWS\HP_48BitScanUpdatePatch.ini [2011/07/24 14:52:12 | 000,000,221 | ---- | C] () -- C:\WINDOWS\HP_RedboxHprblog_HPSU.ini [2011/07/22 20:54:16 | 000,113,032 | ---- | C] () -- C:\WINDOWS\hpoins07.dat [2011/07/22 20:54:16 | 000,021,124 | ---- | C] () -- C:\WINDOWS\hpomdl07.dat [2011/05/17 16:20:19 | 000,000,754 | ---- | C] () -- C:\WINDOWS\WORDPAD.INI [2011/05/14 14:55:49 | 000,000,030 | ---- | C] () -- C:\WINDOWS\iedit.INI [2007/05/20 19:38:23 | 000,001,755 | ---- | C] () -- D:\Documents and Settings\All Users\Application Data\QTSBandwidthCache < End of report >
- June 28, 2012
- 48 replies
[Solved] Help needed

suarezlfc replied to suarezlfc's topic in Tech Support & Discussions Forum

hi etavares i cant seem to find the iobit ive checked on the add/remove program list but it is not there! could it be located anywere else? all old javas deleted and new java installed otl report no1 All processes killed========== OTL ========== Service WDICA stopped successfully! Service WDICA deleted successfully! File File not found not found. Service Trufos stopped successfully! Service Trufos deleted successfully! File C:\Program Files\Virgin Media\Security\BitDefender\trufos.sys File not found not found. Service Profos stopped successfully! Service Profos deleted successfully! File C:\Program Files\Virgin Media\Security\BitDefender\profos.sys File not found not found. Service PDRFRAME stopped successfully! Service PDRFRAME deleted successfully! File File not found not found. Service PDRELI stopped successfully! Service PDRELI deleted successfully! File File not found not found. Service PDFRAME stopped successfully! Service PDFRAME deleted successfully! File File not found not found. Service PDCOMP stopped successfully! Service PDCOMP deleted successfully! File File not found not found. Service PCIDump stopped successfully! Service PCIDump deleted successfully! File File not found not found. Service lbrtfdc stopped successfully! Service lbrtfdc deleted successfully! File File not found not found. Service Changer stopped successfully! Service Changer deleted successfully! File File not found not found. Service catchme stopped successfully! Service catchme deleted successfully! File D:\DOCUME~1\NEILFU~1\LOCALS~1\Temp\catchme.sys File not found not found. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD22}\ deleted successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{9BB47C17-9C68-4BB3-B188-DD9AF0FD22}\ not found. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{A7B1B330-62A8-4731-A40B-34AAC361D96F}\ deleted successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{A7B1B330-62A8-4731-A40B-34AAC361D96F}\ not found. Registry key HKEY_USERS\S-1-5-21-2908480339-1261026855-1997213502-1006\Software\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD22}\ deleted successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{9BB47C17-9C68-4BB3-B188-DD9AF0FD22}\ not found. Registry key HKEY_USERS\S-1-5-21-2908480339-1261026855-1997213502-1006\Software\Microsoft\Internet Explorer\SearchScopes\{A7B1B330-62A8-4731-A40B-34AAC361D96F}\ deleted successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{A7B1B330-62A8-4731-A40B-34AAC361D96F}\ not found. Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E7E6F031-17CE-4C07-BC86-EABFE594F69C}\ deleted successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{E7E6F031-17CE-4C07-BC86-EABFE594F69C}\ deleted successfully. Registry value HKEY_USERS\.DEFAULT\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{0B53EAC3-8D69-4B9E-9B19-A37C9A5676A7} deleted successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0B53EAC3-8D69-4B9E-9B19-A37C9A5676A7}\ not found. Registry value HKEY_USERS\.DEFAULT\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{C4069E3A-68F1-403E-B40E-20066696354B} deleted successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{C4069E3A-68F1-403E-B40E-20066696354B}\ not found. Registry value HKEY_USERS\S-1-5-18\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{0B53EAC3-8D69-4B9E-9B19-A37C9A5676A7} not found. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0B53EAC3-8D69-4B9E-9B19-A37C9A5676A7}\ not found. Registry value HKEY_USERS\S-1-5-18\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{C4069E3A-68F1-403E-B40E-20066696354B} not found. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{C4069E3A-68F1-403E-B40E-20066696354B}\ not found. Registry value HKEY_USERS\S-1-5-21-2908480339-1261026855-1997213502-1006\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{2318C2B1-4965-11D4-9B18-009027A5CD4F} deleted successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{2318C2B1-4965-11D4-9B18-009027A5CD4F}\ not found. Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\SunJavaUpdateSched deleted successfully. ========== COMMANDS ========== [EMPTYTEMP] User: All Users User: Default User ->Temp folder emptied: 0 bytes User: lindsay fulton ->Temp folder emptied: 0 bytes ->Java cache emptied: 0 bytes ->FireFox cache emptied: 0 bytes ->Google Chrome cache emptied: 0 bytes ->Flash cache emptied: 0 bytes User: LocalService ->Temp folder emptied: 66083 bytes User: LocalService.NT AUTHORITY ->Temp folder emptied: 0 bytes User: neil fulton ->Temp folder emptied: 21009908 bytes ->Temporary Internet Files folder emptied: 2048294 bytes ->Java cache emptied: 0 bytes ->Google Chrome cache emptied: 375438483 bytes ->Flash cache emptied: 928 bytes User: NetworkService ->Temp folder emptied: 520220 bytes ->Temporary Internet Files folder emptied: 79720579 bytes User: NetworkService.NT AUTHORITY ->Temp folder emptied: 0 bytes User: ShopperReports3 User: UpdatusUser ->Temp folder emptied: 0 bytes %systemdrive% .tmp files removed: 0 bytes %systemroot% .tmp files removed: 1351680 bytes %systemroot%\System32 .tmp files removed: 0 bytes %systemroot%\System32\dllcache .tmp files removed: 0 bytes %systemroot%\System32\drivers .tmp files removed: 0 bytes Windows Temp folder emptied: 4493792 bytes %systemroot%\system32\config\systemprofile\Local Settings\Temp folder emptied: 78013328 bytes %systemroot%\system32\config\systemprofile\Local Settings\Temporary Internet Files folder emptied: 0 bytes RecycleBin emptied: 20291055 bytes Total Files Cleaned = 556.00 mb OTL by OldTimer - Version 3.2.53.0 log created on 06282012_222055 Files\Folders moved on Reboot... PendingFileRenameOperations files... Registry entries deleted on Reboot...
- June 28, 2012
- 48 replies

Sign In

suarezlfc

Posts

Joined

Last visited

Tech Info

suarezlfc's Achievements

Newbie (1/14)

Reputation

bizcoaching!

bizcoaching!

bizcoaching!

bizcoaching!

bizcoaching!

bizcoaching!

bizcoaching!

bizcoaching!

bizcoaching!

[Solved] Help needed

[Solved] Help needed

[Solved] Help needed

[Solved] Help needed

[Solved] Help needed

[Solved] Help needed

Browse

Activity

Site Info