bizcoaching!

suarezlfc · July 9, 2013

hi guys im having a few issues with my pc im wondering if anyone could help,i seem to be getting alot of pop ups lately when i open a new web browser page,im getting alot of gambling sites and also keep getting a page that flashes up bizcoaching!! im pretty sure this is an infection can anybody help me out?

seedy21 · July 9, 2013

Hi Suarezlfc

can you run this for me please.

Please download AdwCleaner by Xplode onto your desktop.

Close all open programs and internet browsers.
Double click on AdwCleaner.exe to run the tool.
Click on Delete.
Confirm each time with Ok.
Your computer will be rebooted automatically. A text file will open after the restart.
Please post the content of that logfile with your next answer.
You can find the logfile at C:\AdwCleaner[s1].txt as well.

Then can you go to this post and reply back with all the Logs for are security team to review them

suarezlfc · July 11, 2013

hi seedy here is the log

# AdwCleaner v2.304 - Logfile created 07/07/2013 at 13:56:26

# Updated 03/07/2013 by Xplode

# Operating system : Microsoft Windows XP Service Pack 3 (32 bits)

# User : neil fulton - SN049765120045

# Boot Mode : Normal

# Running from : D:\Documents and Settings\neil fulton\My Documents\Downloads\adwcleaner.exe

# Option [Delete]

***** [services] *****

***** [Files / Folders] *****

Deleted on reboot : D:\Documents and Settings\neil fulton\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\dlfienamagdnkekbbbocojppncdambda

File Deleted : D:\DOCUME~1\NEILFU~1\LOCALS~1\Temp\Uninstall.exe

File Deleted : D:\Documents and Settings\All Users\Desktop\RebateGiant.com.url

File Deleted : D:\Documents and Settings\neil fulton\Local Settings\Application Data\Google\Chrome\User Data\Default\Local Storage\hxxp_apps.conduit.com_0.localstorage

File Deleted : D:\END

Folder Deleted : C:\Program Files\Conduit

Folder Deleted : C:\Program Files\DomaIQ Uninstaller

Folder Deleted : C:\Program Files\Free Offers from Freeze.com

Folder Deleted : C:\Program Files\Supreme Savings

Folder Deleted : C:\Program Files\Viewpoint

Folder Deleted : C:\Program Files\vShare.tv plugin

Folder Deleted : C:\Program Files\VshareComplete

Folder Deleted : D:\Documents and Settings\All Users\Application Data\Babylon

Folder Deleted : D:\Documents and Settings\All Users\Application Data\Bandoo

Folder Deleted : D:\Documents and Settings\All Users\Application Data\boost_interprocess

Folder Deleted : D:\Documents and Settings\All Users\Application Data\iMesh

Folder Deleted : D:\Documents and Settings\All Users\Application Data\Trymedia

Folder Deleted : D:\Documents and Settings\All Users\Application Data\Viewpoint

Folder Deleted : D:\Documents and Settings\All Users\Start Menu\Programs\RebateInformer

Folder Deleted : D:\Documents and Settings\neil fulton\Application Data\Babylon

Folder Deleted : D:\Documents and Settings\neil fulton\Application Data\PriceGong

Folder Deleted : D:\Documents and Settings\neil fulton\Application Data\VshareComplete

Folder Deleted : D:\Documents and Settings\neil fulton\Local Settings\Application Data\Conduit

Folder Deleted : D:\Documents and Settings\neil fulton\Local Settings\Application Data\Ilivid

Folder Deleted : D:\Documents and Settings\neil fulton\Local Settings\Application Data\PackageAware

Folder Deleted : D:\Documents and Settings\neil fulton\Local Settings\Application Data\Updater19962

Folder Deleted : D:\Documents and Settings\neil fulton\Start Menu\Programs\Video Downloader

***** [Registry] *****

Key Deleted : HKCU\Software\BabylonToolbar

Key Deleted : HKCU\Software\Conduit

Key Deleted : HKCU\Software\DataMngr

Key Deleted : HKCU\Software\DataMngr_Toolbar

Key Deleted : HKCU\Software\Google\Chrome\Extensions\ojpijjmpahflnipadmlpgbjmagmjchkk

Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{0ECDF796-C2DC-4D79-A620-CCE0C0A66CC9}

Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{AFDBDDAA-5D3F-42EE-B79C-185A7020515B}

Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{78F3A323-798E-4AEA-9A57-88F4B05FD5DD}

Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{7AC3E13B-3BCA-4158-B330-F66DBB03C1B5}

Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{8F97BFF8-488B-4107-BCEE-B161AB4E4183}

Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{1631550F-191D-4826-B069-D9439253D926}

Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{82E1477C-B154-48D3-9891-33D83C26BCD3}

Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{95B7759C-8C7F-4BF1-B163-73684A933233}

Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{C1AF5FA5-852C-4C90-812E-A7F75E011D87}

Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{1631550F-191D-4826-B069-D9439253D926}

Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{82E1477C-B154-48D3-9891-33D83C26BCD3}

Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{95B7759C-8C7F-4BF1-B163-73684A933233}

Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{A1B48071-416D-474E-A13B-BE5456E7FC31}

Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{C1AF5FA5-852C-4C90-812E-A7F75E011D87}

Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{F25AF245-4A81-40DC-92F9-E9021F207706}

Key Deleted : HKCU\Software\PriceGong

Key Deleted : HKCU\Software\SmartBar

Key Deleted : HKCU\Software\StartSearch

Key Deleted : HKCU\Software\YahooPartnerToolbar

Key Deleted : HKLM\Software\Babylon

Key Deleted : HKLM\SOFTWARE\Classes\AppID\{C26644C4-2A12-4CA6-8F2E-0EDE6CF018F3}

Key Deleted : HKLM\SOFTWARE\Classes\Applications\ilividsetup.exe

Key Deleted : HKLM\SOFTWARE\Classes\AxMetaStream.MetaStreamCtl

Key Deleted : HKLM\SOFTWARE\Classes\AxMetaStream.MetaStreamCtl.1

Key Deleted : HKLM\SOFTWARE\Classes\AxMetaStream.MetaStreamCtlSecondary

Key Deleted : HKLM\SOFTWARE\Classes\AxMetaStream.MetaStreamCtlSecondary.1

Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{03F998B2-0E00-11D3-A498-00104B6EB52E}

Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{1B00725B-C455-4DE6-BFB6-AD540AD427CD}

Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{3C471948-F874-49F5-B338-4F214A2EE0B1}

Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{8F97BFF8-488B-4107-BCEE-B161AB4E4183}

Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{A1B48071-416D-474E-A13B-BE5456E7FC31}

Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{DE9028D0-5FFA-4E69-94E3-89EE8741F468}

Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39}

Key Deleted : HKLM\SOFTWARE\Classes\Interface\{03E2A1F3-4402-4121-8B35-733216D61217}

Key Deleted : HKLM\SOFTWARE\Classes\Interface\{813A22E0-3E2B-4188-9BDA-ECA9878B8D48}

Key Deleted : HKLM\SOFTWARE\Classes\Interface\{9E3B11F6-4179-4603-A71B-A55F4BCB0BEC}

Key Deleted : HKLM\SOFTWARE\Classes\Interface\{BCFF5F55-6F44-11D2-86F8-00104B265ED5}

Key Deleted : HKLM\SOFTWARE\Classes\Interface\{C9AE652B-8C99-4AC2-B556-8B501182874E}

Key Deleted : HKLM\SOFTWARE\Classes\Prod.cap

Key Deleted : HKLM\SOFTWARE\Classes\SuggestMeYes.SuggestMeYesBHO

Key Deleted : HKLM\SOFTWARE\Classes\SuggestMeYes.SuggestMeYesBHO.1

Key Deleted : HKLM\SOFTWARE\Classes\Toolbar.CT2504091

Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{79D60450-56C5-4A8C-9321-6D5BC2A81E5A}

Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{99C22A61-21BA-4F81-85FF-CDC9EB5DB10B}

Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{9C049BA6-EA47-4AC3-AED6-A66D8DC9E1D8}

Key Deleted : HKLM\Software\Conduit

Key Deleted : HKLM\Software\DataMngr

Key Deleted : HKLM\Software\DomaIQ

Key Deleted : HKLM\SOFTWARE\e2db88e76aee10

Key Deleted : HKLM\Software\Freeze.com

Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\dlfienamagdnkekbbbocojppncdambda

Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\ojpijjmpahflnipadmlpgbjmagmjchkk

Key Deleted : HKLM\Software\MetaStream

Key Deleted : HKLM\SOFTWARE\Microsoft\Active Setup\Installed Components\{03F998B2-0E00-11D3-A498-00104B6EB52E}

Key Deleted : HKLM\SOFTWARE\Microsoft\Active Setup\Installed Components\{1B00725B-C455-4DE6-BFB6-AD540AD427CD}

Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Management\ARPCache\Delta

Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Management\ARPCache\Supreme Savings

Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{8F97BFF8-488B-4107-BCEE-B161AB4E4183}

Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{A1B48071-416D-474E-A13B-BE5456E7FC31}

Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\063A857434EDED11A893800002C0A966

Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\ViewpointMediaPlayer

Key Deleted : HKLM\SOFTWARE\MozillaPlugins\@viewpoint.com/VMP

Key Deleted : HKLM\Software\SimplyGen

Key Deleted : HKLM\SOFTWARE\Software

Key Deleted : HKLM\Software\Viewpoint

Value Deleted : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39}]

***** [internet Browsers] *****

-\\ Internet Explorer v8.0.6001.18702

Replaced : [HKLM\SOFTWARE\Microsoft\Internet Explorer\AboutURls - bProtectTabs] = hxxp://www2.delta-search.com/?affID=120519&babsrc=NT_ss&mntrId=F86A0016E6106FFB --> hxxp://www.google.com

-\\ Google Chrome v11.0.696.65

File : D:\Documents and Settings\neil fulton\Local Settings\Application Data\Google\Chrome\User Data\Default\Preferences

Deleted [l.31] : keyword = "startsear.ch",

Deleted [l.34] : search_url = "hxxp://startsear.ch/?aff=1&src=sp&cf=697b68cc-191b-11e1-974c-0016e6106ffb&q={se[...]

*************************

AdwCleaner[R1].txt - [9074 octets] - [07/07/2013 13:55:09]

AdwCleaner[s1].txt - [8932 octets] - [07/07/2013 13:56:26]

########## EOF - D:\AdwCleaner[s1].txt - [8992 octets] ##########

suarezlfc · July 11, 2013

malware log

Malwarebytes Anti-Malware 1.75.0.1300

http://www.malwarebytes.org

Database version: v2013.07.11.04

Windows XP Service Pack 3 x86 NTFS

Internet Explorer 8.0.6001.18702

neil fulton :: SN049765120045 [administrator]

07/07/2013 15:43:00

mbam-log-2013-07-07 (15-43-00).txt

Scan type: Full scan (C:\|D:\|E:\|F:\|G:\|H:\|I:\|)

Scan options disabled: P2P

Objects scanned: 409829

Time elapsed: 1 hour(s), 58 second(s)

Memory Processes Detected: 0

(No malicious items detected)

Memory Modules Detected: 0

(No malicious items detected)

Registry Keys Detected: 1

HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\SETUP.EXE (Trojan.DomaIQ) -> Quarantined and deleted successfully.

Registry Values Detected: 0

(No malicious items detected)

Registry Data Items Detected: 0

(No malicious items detected)

Folders Detected: 0

(No malicious items detected)

Files Detected: 1

D:\Documents and Settings\neil fulton\My Documents\Downloads\Setup.exe (Trojan.DomaIQ) -> Quarantined and deleted successfully.

(end)

suarezlfc · July 11, 2013

OTL logfile created on: 07/07/2013 17:52:30 - Run 2

OTL by OldTimer - Version 3.2.53.0 Folder = D:\Documents and Settings\neil fulton\Desktop

Windows XP Home Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation

Internet Explorer (Version = 8.0.6001.18702)

Locale: 00000809 | Country: United Kingdom | Language: ENG | Date Format: dd/MM/yyyy

1022.48 Mb Total Physical Memory | 305.09 Mb Available Physical Memory | 29.84% Memory free

2.40 Gb Paging File | 1.72 Gb Available in Paging File | 71.89% Paging File free

Paging file location(s): C:\pagefile.sys 0 0 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files

Drive C: | 37.80 Gb Total Space | 16.74 Gb Free Space | 44.28% Space Free | Partition Type: NTFS

Drive D: | 111.24 Gb Total Space | 79.50 Gb Free Space | 71.47% Space Free | Partition Type: NTFS

Computer Name: SN049765120045 | User Name: neil fulton | Logged in as Administrator.

Boot Mode: Normal | Scan Mode: Current user

Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - D:\Documents and Settings\neil fulton\Local Settings\temp\jre-7u25-windows-i586-iftw.exe (Oracle Corporation)

PRC - c:\Program Files\McAfee\SiteAdvisor\McSACore.exe (McAfee, Inc.)

PRC - C:\Program Files\Nokia\Nokia Suite\NokiaSuite.exe (Nokia)

PRC - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe (Nokia)

PRC - C:\Program Files\PC Connectivity Solution\Transports\NclUSBSrv.exe (Nokia)

PRC - C:\Program Files\PC Connectivity Solution\Transports\NclMSBTSrv.exe (Nokia)

PRC - C:\Program Files\Java\jre7\bin\jqs.exe (Oracle Corporation)

PRC - C:\Program Files\McAfee Security Scan\3.0.318\SSScheduler.exe (McAfee, Inc.)

PRC - C:\Program Files\Microsoft Security Client\MsMpEng.exe (Microsoft Corporation)

PRC - C:\Program Files\Microsoft Security Client\msseces.exe (Microsoft Corporation)

PRC - D:\Documents and Settings\neil fulton\Desktop\OTL (1).exe (OldTimer Tools)

PRC - C:\Program Files\Secunia\PSI\psia.exe (Secunia)

PRC - C:\Program Files\Secunia\PSI\sua.exe (Secunia)

PRC - C:\Program Files\Secunia\PSI\psi_tray.exe (Secunia)

PRC - C:\Program Files\Virgin Media\Service Manager\ServicepointService.exe (Radialpoint SafeCare Inc.)

PRC - C:\Program Files\LeapFrog\LeapFrog Connect\Monitor.exe (LeapFrog Enterprises, Inc.)

PRC - C:\Program Files\LeapFrog\LeapFrog Connect\CommandService.exe (LeapFrog Enterprises, Inc.)

PRC - C:\Program Files\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe (NVIDIA Corporation)

PRC - C:\Program Files\IObit\Smart Defrag 2\SmartDefrag.exe (IObit)

PRC - D:\Documents and Settings\neil fulton\Local Settings\Application Data\Google\Chrome\Application\chrome.exe (Google Inc.)

PRC - C:\Program Files\Virgin Media\Digital Home Support\HsdService.exe (Virgin Media)

PRC - C:\Program Files\Virgin Media\Digital Home Support\DHSClient.exe (Virgin Media)

PRC - C:\Program Files\Virgin Broadband Wireless\Wireless Manager.exe (Affinegy, Inc.)

PRC - C:\Program Files\Virgin Broadband Wireless\AffinegyService.exe (Affinegy, Inc.)

PRC - C:\Program Files\Virgin Broadband Wireless\ndis_events.exe ()

PRC - C:\Program Files\WinPcap\rpcapd.exe (CACE Technologies)

PRC - C:\WINDOWS\explorer.exe (Microsoft Corporation)

PRC - C:\APPS\SMP\SMPSYS.EXE (Packard Bell BV)

PRC - c:\APPS\Powercinema\Kernel\TV\CLSched.exe ()

PRC - c:\APPS\Powercinema\Kernel\TV\CLCapSvc.exe ()

PRC - C:\APPS\Powercinema\PCMService.exe (CyberLink Corp.)

PRC - c:\APPS\Powercinema\Kernel\CLML_NTService\CLMLService.exe (Cyberlink)

PRC - c:\APPS\Powercinema\Kernel\CLML_NTService\CLMLServer.exe (Cyberlink)

PRC - C:\WINDOWS\sm56hlpr.exe (Motorola Inc.)

PRC - C:\Program Files\Common Files\Ulead Systems\AutoDetector\Monitor.exe (Ulead Systems, Inc.)

PRC - C:\Program Files\Goto Software\Vade Retro\Vaderetro_oe.exe ()

PRC - C:\Program Files\Common Files\AOL\ACS\AOLacsd.exe (America Online, Inc.)

PRC - C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe (Ulead Systems, Inc.)

========== Modules (No Company Name) ==========

MOD - D:\Documents and Settings\neil fulton\Application Data\Sun\Java\jre1.7.0_25\lzma.dll ()

MOD - C:\Program Files\Nokia\Nokia Suite\phonon4.dll ()

MOD - C:\Program Files\Nokia\Nokia Suite\qjson.dll ()

MOD - C:\Program Files\Nokia\Nokia Suite\QtXmlPatterns4.dll ()

MOD - C:\Program Files\Nokia\Nokia Suite\QtXml4.dll ()

MOD - C:\Program Files\Nokia\Nokia Suite\QtWebKit4.dll ()

MOD - C:\Program Files\Nokia\Nokia Suite\QtScript4.dll ()

MOD - C:\Program Files\Nokia\Nokia Suite\QtSql4.dll ()

MOD - C:\Program Files\Nokia\Nokia Suite\QtNetwork4.dll ()

MOD - C:\Program Files\Nokia\Nokia Suite\QtOpenGL4.dll ()

MOD - C:\Program Files\Nokia\Nokia Suite\QtGui4.dll ()

MOD - C:\Program Files\Nokia\Nokia Suite\QtMultimediaKit1.dll ()

MOD - C:\Program Files\Nokia\Nokia Suite\QtDeclarative4.dll ()

MOD - C:\Program Files\Nokia\Nokia Suite\QtCore4.dll ()

MOD - C:\Program Files\Nokia\Nokia Suite\sqldrivers\qsqlite4.dll ()

MOD - C:\Program Files\Nokia\Nokia Suite\Imageformats\qjpeg4.dll ()

MOD - C:\Program Files\Nokia\Nokia Suite\Imageformats\qico4.dll ()

MOD - C:\Program Files\Nokia\Nokia Suite\Imageformats\qgif4.dll ()

MOD - C:\Program Files\Nokia\Nokia Suite\NService.dll ()

MOD - C:\Program Files\Nokia\Nokia Suite\CommonUpdateChecker.dll ()

MOD - C:\Program Files\Nokia\Nokia Suite\ssoengine.dll ()

MOD - C:\Program Files\Nokia\Nokia Suite\securestorage.dll ()

MOD - C:\WINDOWS\system32\quartz.dll ()

MOD - C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll ()

MOD - C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll ()

MOD - C:\Program Files\LeapFrog\LeapFrog Connect\QtGui4.dll ()

MOD - C:\Program Files\LeapFrog\LeapFrog Connect\QtCore4.dll ()

MOD - C:\Program Files\IObit\Smart Defrag 2\NtfsData.dll ()

MOD - D:\Documents and Settings\neil fulton\Local Settings\Application Data\Google\Chrome\Application\11.0.696.65\ppgooglenaclpluginchrome.dll ()

MOD - D:\Documents and Settings\neil fulton\Local Settings\Application Data\Google\Chrome\Application\11.0.696.65\pdf.dll ()

MOD - D:\Documents and Settings\neil fulton\Local Settings\Application Data\Google\Chrome\Application\11.0.696.65\Locales\en-US.dll ()

MOD - D:\Documents and Settings\neil fulton\Local Settings\Application Data\Google\Chrome\Application\11.0.696.65\avutil-50.dll ()

MOD - D:\Documents and Settings\neil fulton\Local Settings\Application Data\Google\Chrome\Application\11.0.696.65\avformat-52.dll ()

MOD - D:\Documents and Settings\neil fulton\Local Settings\Application Data\Google\Chrome\Application\11.0.696.65\avcodec-52.dll ()

MOD - C:\Program Files\Virgin Broadband Wireless\AffinegyServicePS.dll ()

MOD - C:\Program Files\Virgin Broadband Wireless\ndis_events.exe ()

MOD - C:\WINDOWS\system32\pthreadVC.dll ()

MOD - C:\WINDOWS\system32\msdmo.dll ()

MOD - C:\WINDOWS\system32\devenum.dll ()

MOD - c:\APPS\Powercinema\Kernel\TV\CLSched.exe ()

MOD - c:\APPS\Powercinema\Kernel\TV\CLCapSvc.exe ()

MOD - c:\APPS\Powercinema\Kernel\TV\CLCapEngine.dll ()

MOD - c:\APPS\Powercinema\Kernel\TV\CLSchMgr.dll ()

MOD - c:\APPS\Powercinema\Kernel\TV\CLCapSvcps.dll ()

MOD - c:\APPS\Powercinema\Kernel\TV\CLSchedps.dll ()

MOD - C:\WINDOWS\sm56spn.dll ()

MOD - C:\WINDOWS\sm56jpn.dll ()

MOD - C:\WINDOWS\sm56itl.dll ()

MOD - C:\WINDOWS\sm56eng.dll ()

MOD - C:\WINDOWS\sm56ger.dll ()

MOD - C:\WINDOWS\sm56fra.dll ()

MOD - C:\WINDOWS\sm56brz.dll ()

MOD - C:\WINDOWS\sm56cht.dll ()

MOD - C:\WINDOWS\sm56chs.dll ()

MOD - C:\Program Files\Goto Software\Vade Retro\Vaderetro_oe.exe ()

MOD - C:\Program Files\Goto Software\Vade Retro\VrOe_hook.dll ()

MOD - C:\Program Files\Common Files\Ulead Systems\AutoDetector\DetMethod.dll ()

========== Win32 Services (SafeList) ==========

SRV - (HidServ) -- %SystemRoot%\System32\hidserv.dll File not found

SRV - (AppMgmt) -- %SystemRoot%\System32\appmgmts.dll File not found

SRV - (AdobeFlashPlayerUpdateSvc) -- C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe (Adobe Systems Incorporated)

SRV - (McAfee SiteAdvisor Service) -- c:\Program Files\McAfee\SiteAdvisor\McSACore.exe (McAfee, Inc.)

SRV - (ServiceLayer) -- C:\Program Files\PC Connectivity Solution\ServiceLayer.exe (Nokia)

SRV - (JavaQuickStarterService) -- C:\Program Files\Java\jre7\bin\jqs.exe (Oracle Corporation)

SRV - (McComponentHostService) -- C:\Program Files\McAfee Security Scan\3.0.318\McCHSvc.exe (McAfee, Inc.)

SRV - (MsMpSvc) -- C:\Program Files\Microsoft Security Client\MsMpEng.exe (Microsoft Corporation)

SRV - (Secunia PSI Agent) -- C:\Program Files\Secunia\PSI\psia.exe (Secunia)

SRV - (Secunia Update Agent) -- C:\Program Files\Secunia\PSI\sua.exe (Secunia)

SRV - (ServicepointService) -- C:\Program Files\Virgin Media\Service Manager\ServicepointService.exe (Radialpoint SafeCare Inc.)

SRV - (LeapFrog Connect Device Service) -- C:\Program Files\LeapFrog\LeapFrog Connect\CommandService.exe (LeapFrog Enterprises, Inc.)

SRV - (nvUpdatusService) -- C:\Program Files\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe (NVIDIA Corporation)

SRV - (HsdService) -- C:\Program Files\Virgin Media\Digital Home Support\HsdService.exe (Virgin Media)

SRV - (Steam Client Service) -- C:\Program Files\Common Files\Steam\SteamService.exe (Valve Corporation)

SRV - (AffinegyService) -- C:\Program Files\Virgin Broadband Wireless\AffinegyService.exe (Affinegy, Inc.)

SRV - (rpcapd) Remote Packet Capture Protocol v.0 (experimental) -- C:\Program Files\WinPcap\rpcapd.exe (CACE Technologies)

SRV - (Pml Driver HPZ12) -- C:\WINDOWS\system32\HPZipm12.exe (HP)

SRV - (CLSched) CyberLink Task Scheduler (CTS) -- c:\APPS\Powercinema\Kernel\TV\CLSched.exe ()

SRV - (CLCapSvc) CyberLink Background Capture Service (CBCS) -- c:\APPS\Powercinema\Kernel\TV\CLCapSvc.exe ()

SRV - (CyberLink Media Library Service) -- c:\APPS\Powercinema\Kernel\CLML_NTService\CLMLServer.exe (Cyberlink)

SRV - (AOL ACS) -- C:\Program Files\Common Files\AOL\ACS\AOLacsd.exe (America Online, Inc.)

SRV - (UleadBurningHelper) -- C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe (Ulead Systems, Inc.)

========== Driver Services (SafeList) ==========

DRV - (AFGMp50) -- System32\Drivers\AFGMp50.sys File not found

DRV - (nmwcdnsu) -- C:\WINDOWS\system32\drivers\nmwcdnsu.sys (Nokia)

DRV - (nmwcdnsuc) -- C:\WINDOWS\system32\drivers\nmwcdnsuc.sys (Nokia)

DRV - (nmwcdc) -- C:\WINDOWS\system32\drivers\ccdcmbo.sys (Nokia)

DRV - (nmwcd) -- C:\WINDOWS\system32\drivers\ccdcmb.sys (Nokia)

DRV - (UsbserFilt) -- C:\WINDOWS\system32\drivers\usbser_lowerfltj.sys (Nokia)

DRV - (upperdev) -- C:\WINDOWS\system32\drivers\usbser_lowerflt.sys (Nokia)

DRV - (pccsmcfd) -- C:\WINDOWS\system32\drivers\pccsmcfd.sys (Nokia)

DRV - (PSI) -- C:\WINDOWS\system32\drivers\psi_mf.sys (Secunia)

DRV - (Leapfrog-USBLAN) -- C:\WINDOWS\system32\drivers\btblan.sys (Belcarra Technologies)

DRV - (SmartDefragDriver) -- C:\WINDOWS\system32\drivers\SmartDefragDriver.sys ()

DRV - (AFGSp50) -- C:\WINDOWS\system32\drivers\AFGSp50.sys (Printing Communications Assoc., Inc. (PCAUSA))

DRV - (NPF) -- C:\WINDOWS\system32\drivers\npf.sys (CACE Technologies)

DRV - (FlyUsb) -- C:\WINDOWS\system32\drivers\FlyUsb.sys (LeapFrog)

DRV - (ASCTRM) -- C:\WINDOWS\System32\drivers\asctrm.sys (Windows ® 2000 DDK provider)

DRV - (IntcAzAudAddService) Service for Realtek HD Audio (WDM) -- C:\WINDOWS\system32\drivers\RtkHDAud.Sys (Realtek Semiconductor Corp.)

DRV - (smserial) -- C:\WINDOWS\system32\drivers\smserial.sys (Motorola Inc.)

DRV - (RTL8023xp) -- C:\WINDOWS\system32\drivers\Rtnicxp.sys (Realtek Semiconductor Corporation )

DRV - (HdAudAddService) -- C:\WINDOWS\system32\drivers\Hdaudio.sys (Windows ® Server 2003 DDK provider)

DRV - (wanatw) WAN Miniport (ATW) -- C:\WINDOWS\system32\drivers\wanatw4.sys (America Online, Inc.)

========== Standard Registry (SafeList) ==========

========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com

IE - HKLM\..\SearchScopes,DefaultScope =

IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://search.live.com/results.aspx?q={searchTerms}&src={referrer:source?}

IE - HKLM\..\SearchScopes\{7D1CC8B6-4271-40C8-BA9E-91854C72078F}: "URL" = http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.co.uk/

IE - HKCU\..\URLSearchHook: {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\Program Files\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)

IE - HKCU\..\SearchScopes,DefaultScope =

IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC

IE - HKCU\..\SearchScopes\{4E9D8D44-C087-446F-9AAF-32AED87212EA}: "URL" = http://www.bing.com/search?q={searchTerms}&r=468

IE - HKCU\..\SearchScopes\{601115BF-FE84-4E00-AAAE-281610222DF3}: "URL" = http://uk.search.yahoo.com/search?fr=mcafee&p={SearchTerms}

IE - HKCU\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC

IE - HKCU\..\SearchScopes\{7D1CC8B6-4271-40C8-BA9E-91854C72078F}: "URL" = http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7&rlz=1I7PRFB_enGB466

IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

========== FireFox ==========

FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\WINDOWS\system32\Macromed\Flash\NPSWF32_11_7_700_224.dll ()

FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\WINDOWS\system32\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.)

FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found

FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll ()

FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.21.2: C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)

FF - HKLM\Software\MozillaPlugins\@mcafee.com/McAfeeMssPlugin: C:\Program Files\McAfee Security Scan\3.0.318\npMcAfeeMss.dll (McAfee, Inc.)

FF - HKLM\Software\MozillaPlugins\@mcafee.com/SAFFPlugin: C:\Program Files\McAfee\SiteAdvisor\npmcffplg32.dll (McAfee, Inc.)

FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)

FF - HKLM\Software\MozillaPlugins\@nokia.com/EnablerPlugin: C:\Program Files\Nokia\Nokia Suite\npNokiaSuiteEnabler.dll ( )

FF - HKLM\Software\MozillaPlugins\@radialpoint.com/SPA,version=1: C:\Program Files\Virgin Media\Service Manager\nprpspa.dll (Virgin Media)

FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.21.149\npGoogleUpdate3.dll (Google Inc.)

FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.21.149\npGoogleUpdate3.dll (Google Inc.)

FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)

FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: D:\Documents and Settings\neil fulton\Local Settings\Application Data\Google\Update\1.3.21.53\npGoogleUpdate3.dll (Google Inc.)

FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: D:\Documents and Settings\neil fulton\Local Settings\Application Data\Google\Update\1.3.21.53\npGoogleUpdate3.dll (Google Inc.)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\jqs@sun.com: C:\Program Files\Java\jre6\lib\deploy\jqs\ff

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{4ED1F68A-5463-4931-9384-8FFF5ED91D92}: C:\Program Files\McAfee\SiteAdvisor [2013/06/02 09:46:36 | 000,000,000 | ---D | M]

[2013/04/27 19:59:07 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions

========== Chrome ==========

CHR - default_search_provider: Web Search (Enabled)

CHR - default_search_provider: search_url = http://startsear.ch/?aff=1&src=sp&cf=697b68cc-191b-11e1-974c-0016e6106ffb&q={searchTerms}

CHR - default_search_provider: suggest_url =

CHR - plugin: Shockwave Flash (Enabled) = D:\Documents and Settings\neil fulton\Local Settings\Application Data\Google\Chrome\Application\11.0.696.65\gcswf32.dll

CHR - plugin: Shockwave Flash (Enabled) = C:\WINDOWS\system32\Macromed\Flash\NPSWF32.dll

CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files\QuickTime\plugins\npqtplugin.dll

CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files\QuickTime\plugins\npqtplugin2.dll

CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files\QuickTime\plugins\npqtplugin3.dll

CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files\QuickTime\plugins\npqtplugin4.dll

CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files\QuickTime\plugins\npqtplugin5.dll

CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files\QuickTime\plugins\npqtplugin6.dll

CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files\QuickTime\plugins\npqtplugin7.dll

CHR - plugin: Adobe Acrobat (Disabled) = C:\Program Files\Adobe\Reader 10.0\Reader\Browser\nppdf32.dll

CHR - plugin: Windows Media Player Plug-in Dynamic Link Library (Enabled) = C:\Program Files\Windows Media Player\npdsplay.dll

CHR - plugin: Chrome PDF Viewer (Enabled) = D:\Documents and Settings\neil fulton\Local Settings\Application Data\Google\Chrome\Application\11.0.696.65\pdf.dll

CHR - plugin: Chrome NaCl (Disabled) = D:\Documents and Settings\neil fulton\Local Settings\Application Data\Google\Chrome\Application\11.0.696.65\ppGoogleNaClPluginChrome.dll

CHR - plugin: Google Gears 0.5.33.0 (Enabled) = D:\Documents and Settings\neil fulton\Local Settings\Application Data\Google\Chrome\Application\11.0.696.65\gears.dll

CHR - plugin: McAfee SiteAdvisor (Enabled) = D:\Documents and Settings\neil fulton\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\fheoggkfdfchfphceeifdbepaooicaho\3.41.123.2_0\McChPlg.dll

CHR - plugin: McAfee SiteAdvisor (Enabled) = C:\Program Files\McAfee\SiteAdvisor\npmcffplg32.dll

CHR - plugin: vShare.tv plug-in (Enabled) = D:\Documents and Settings\neil fulton\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\kpionmjnkbpcdpcflammlgllecmejgjj\1.3_0\chvsharetvplg.dll

CHR - plugin: Client Gateway 4.1.16 (Enabled) = D:\Documents and Settings\neil fulton\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\lmmhpfbhngkongobaoibpmnijjokabmj\1.0_0\nprpspa.dll

CHR - plugin: Java Platform SE 7 U2 (Enabled) = C:\Program Files\Java\jre7\bin\new_plugin\npjp2.dll

CHR - plugin: Microsoft DRM (Enabled) = C:\Program Files\Windows Media Player\npdrmv2.dll

CHR - plugin: Microsoft DRM (Enabled) = C:\Program Files\Windows Media Player\npwmsdrm.dll

CHR - plugin: Google Update (Enabled) = C:\Program Files\Google\Update\1.3.21.99\npGoogleUpdate3.dll

CHR - plugin: MetaStream 3 Plugin (Enabled) = C:\Program Files\Viewpoint\Viewpoint Experience Technology\npViewpoint.dll

CHR - plugin: iTunes Application Detector (Enabled) = C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll

CHR - plugin: Windows Presentation Foundation (Enabled) = C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll

CHR - plugin: Default Plug-in (Enabled) = default_plugin

CHR - Extension: SiteAdvisor = D:\Documents and Settings\neil fulton\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\fheoggkfdfchfphceeifdbepaooicaho\3.6.2.1341_0\

CHR - Extension: vshare plugin = D:\Documents and Settings\neil fulton\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\kpionmjnkbpcdpcflammlgllecmejgjj\1.3_0\

CHR - Extension: Radialpoint SPD Extension = D:\Documents and Settings\neil fulton\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\lmmhpfbhngkongobaoibpmnijjokabmj\1.0_0\

O1 HOSTS File: ([2012/01/20 22:57:19 | 000,000,098 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\Hosts

O1 - Hosts: 127.0.0.1 localhost

O1 - Hosts: ::1 localhost

O2 - BHO: (MSS+ Identifier) - {0E8A89AD-95D7-40EB-8D9D-083EF7066A01} - C:\Program Files\McAfee Security Scan\3.0.318\McAfeeMSS_IE.dll (McAfee, Inc.)

O2 - BHO: (Java Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)

O2 - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.7.8313.1002\swg.dll (Google Inc.)

O2 - BHO: (McAfee SiteAdvisor BHO) - {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - c:\Program Files\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)

O2 - BHO: (Java Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)

O3 - HKLM\..\Toolbar: (McAfee SiteAdvisor Toolbar) - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\Program Files\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)

O4 - HKLM..\Run: [APSDaemon] C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.)

O4 - HKLM..\Run: [DHSClient.exe] C:\Program Files\Virgin Media\Digital Home Support\DHSClient.exe (Virgin Media)

O4 - HKLM..\Run: [High Definition Audio Property Page Shortcut] C:\WINDOWS\System32\HdAShCut.exe (Windows ® Server 2003 DDK provider)

O4 - HKLM..\Run: [iMJPMIG8.1] C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE (Microsoft Corporation)

O4 - HKLM..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k File not found

O4 - HKLM..\Run: [Monitor] C:\Program Files\LeapFrog\LeapFrog Connect\Monitor.exe (LeapFrog Enterprises, Inc.)

O4 - HKLM..\Run: [MSC] C:\Program Files\Microsoft Security Client\msseces.exe (Microsoft Corporation)

O4 - HKLM..\Run: [PCMService] c:\apps\Powercinema\PCMService.exe (CyberLink Corp.)

O4 - HKLM..\Run: [PHIME2002A] C:\WINDOWS\System32\IME\TINTLGNT\TINTSETP.EXE (Microsoft Corporation)

O4 - HKLM..\Run: [PHIME2002ASync] C:\WINDOWS\System32\IME\TINTLGNT\TINTSETP.EXE (Microsoft Corporation)

O4 - HKLM..\Run: [serviceManager.exe] C:\Program Files\Virgin Media\Service Manager\ServiceManager.exe (Virgin Media)

O4 - HKLM..\Run: [sMSERIAL] C:\WINDOWS\sm56hlpr.exe (Motorola Inc.)

O4 - HKLM..\Run: [ulead AutoDetector v2] C:\Program Files\Common Files\Ulead Systems\AutoDetector\Monitor.exe (Ulead Systems, Inc.)

O4 - HKLM..\Run: [Vade Retro Outlook Express] C:\Program Files\Goto Software\Vade Retro\Vaderetro_oe.exe ()

O4 - HKLM..\Run: [Wireless Manager] C:\Program Files\Virgin Broadband Wireless\Wireless Manager.exe (Affinegy, Inc.)

O4 - HKCU..\Run: [] File not found

O4 - HKCU..\Run: [NokiaSuite.exe] C:\Program Files\Nokia\Nokia Suite\NokiaSuite.exe (Nokia)

O4 - HKCU..\Run: [smpcSys] C:\APPS\SMP\SMPSYS.EXE (Packard Bell BV)

O4 - HKCU..\Run: [steam] C:\Program Files\Steam\Steam.exe (Valve Corporation)

O4 - Startup: D:\Documents and Settings\All Users\Start Menu\Programs\Startup\McAfee Security Scan Plus.lnk = C:\Program Files\McAfee Security Scan\3.0.318\SSScheduler.exe (McAfee, Inc.)

O4 - Startup: D:\Documents and Settings\All Users\Start Menu\Programs\Startup\Secunia PSI Tray.lnk = C:\Program Files\Secunia\PSI\psi_tray.exe (Secunia)

O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Infodelivery present

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0

O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present

O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323

O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863

O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0

O10 - Protocol_Catalog9\Catalog_Entries\000000000004 - mswsock.dll File not found

O10 - Protocol_Catalog9\Catalog_Entries\000000000005 - mswsock.dll File not found

O15 - HKCU\..Trusted Domains: aol.com ([objects] * is out of zone range - 5)

O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} http://www.update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1365692516062 (WUWebControl Class)

O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.macromedia.com/pub/shockwave/cabs/flash/swflash.cab (Shockwave Flash Object)

O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1

O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{FDDA3FEC-98C4-4888-880B-B2077EF2D21C}: DhcpNameServer = 192.168.1.1

O18 - Protocol\Handler\dssrequest {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)

O18 - Protocol\Handler\sacore {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)

O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)

O20 - HKLM Winlogon: UserInit - (C:\WINDOWS\system32\userinit.exe) - C:\WINDOWS\system32\userinit.exe (Microsoft Corporation)

O24 - Desktop WallPaper: C:\APPS\DESKTOP\BG1280UK.bmp

O24 - Desktop BackupWallPaper: C:\APPS\DESKTOP\BG1280UK.bmp

O32 - HKLM CDRom: AutoRun - 1

O34 - HKLM BootExecute: (autocheck autochk *)

O35 - HKLM\..comfile [open] -- "%1" %*

O35 - HKLM\..exefile [open] -- "%1" %*

O37 - HKLM\...com [@ = comfile] -- "%1" %*

O37 - HKLM\...exe [@ = exefile] -- "%1" %*

O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)

O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)

NetSvcs: 6to4 - File not found

NetSvcs: AppMgmt - %SystemRoot%\System32\appmgmts.dll File not found

NetSvcs: HidServ - %SystemRoot%\System32\hidserv.dll File not found

NetSvcs: Ias - File not found

NetSvcs: Iprip - File not found

NetSvcs: Irmon - File not found

NetSvcs: NWCWorkstation - File not found

NetSvcs: Nwsapagent - File not found

NetSvcs: WmdmPmSp - File not found

MsConfig - StartUpReg: CTFMON.EXE - hkey= - key= - Reg Error: Value error. File not found

MsConfig - StartUpReg: HP Software Update - hkey= - key= - Reg Error: Value error. File not found

MsConfig - StartUpReg: NvCplDaemon - hkey= - key= - Reg Error: Value error. File not found

MsConfig - StartUpReg: nwiz - hkey= - key= - Reg Error: Value error. File not found

MsConfig - StartUpReg: QuickTime Task - hkey= - key= - Reg Error: Value error. File not found

MsConfig - StartUpReg: RealTray - hkey= - key= - Reg Error: Value error. File not found

CREATERESTOREPOINT

Restore point Set: OTL Restore Point

========== Files/Folders - Created Within 30 Days ==========

[2027/03/30 21:52:20 | 000,000,000 | ---D | C] -- D:\Documents and Settings\neil fulton\Local Settings\Application Data\PCHealth

[2027/03/24 23:04:39 | 000,000,000 | ---D | C] -- C:\WINDOWS\tmp

[2013/07/02 15:14:52 | 000,000,000 | ---D | C] -- D:\Documents and Settings\All Users\Start Menu\Programs\iTunes

[2013/07/02 15:13:37 | 000,000,000 | ---D | C] -- C:\Program Files\iPod

[2013/07/02 15:13:21 | 000,000,000 | ---D | C] -- C:\Program Files\iTunes

[2013/07/02 15:13:21 | 000,000,000 | ---D | C] -- D:\Documents and Settings\All Users\Application Data\188F1432-103A-4ffb-80F1-36B633C5C9E1

[2013/07/02 15:06:28 | 000,000,000 | ---D | C] -- D:\Documents and Settings\All Users\Start Menu\Programs\QuickTime

[2013/07/02 15:05:46 | 000,000,000 | ---D | C] -- C:\Program Files\QuickTime

[2013/07/02 13:49:27 | 000,000,000 | ---D | C] -- D:\Documents and Settings\All Users\Application Data\Applications

[2013/07/01 18:36:31 | 000,000,000 | ---D | C] -- D:\Documents and Settings\neil fulton\My Documents\Nokia Suite

[2013/07/01 18:33:30 | 000,000,000 | ---D | C] -- D:\Documents and Settings\neil fulton\Application Data\Nokia Suite

[2013/07/01 18:32:41 | 000,000,000 | ---D | C] -- D:\Documents and Settings\neil fulton\Application Data\Nokia

[2013/07/01 18:30:11 | 000,026,112 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\usbser.sys

[2013/07/01 18:29:57 | 000,000,000 | ---D | C] -- D:\Documents and Settings\neil fulton\Local Settings\Application Data\NokiaAccount

[2013/06/30 20:03:00 | 000,000,000 | ---D | C] -- D:\Documents and Settings\neil fulton\Local Settings\Application Data\Nokia

[2013/06/30 20:02:45 | 000,000,000 | ---D | C] -- D:\Documents and Settings\neil fulton\Application Data\PC Suite

[2013/06/30 20:02:34 | 000,000,000 | ---D | C] -- D:\Documents and Settings\All Users\Application Data\PC Suite

[2013/06/30 19:58:54 | 000,000,000 | ---D | C] -- D:\Documents and Settings\All Users\Start Menu\Programs\Nokia

[2013/06/30 19:55:39 | 000,000,000 | ---D | C] -- D:\Documents and Settings\All Users\Application Data\Nokia

[2013/06/30 19:55:39 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Nokia

[2013/06/30 19:54:12 | 000,019,072 | ---- | C] (Nokia) -- C:\WINDOWS\System32\drivers\pccsmcfd.sys

[2013/06/30 19:53:42 | 000,000,000 | ---D | C] -- C:\Program Files\PC Connectivity Solution

[2013/06/30 19:53:26 | 000,008,576 | ---- | C] (Nokia) -- C:\WINDOWS\System32\drivers\nmwcdnsuc.sys

[2013/06/30 19:53:25 | 000,137,600 | ---- | C] (Nokia) -- C:\WINDOWS\System32\drivers\nmwcdnsu.sys

[2013/06/30 19:53:20 | 000,008,192 | ---- | C] (Nokia) -- C:\WINDOWS\System32\drivers\usbser_lowerfltj.sys

[2013/06/30 19:53:17 | 000,008,192 | ---- | C] (Nokia) -- C:\WINDOWS\System32\drivers\usbser_lowerflt.sys

[2013/06/30 19:53:15 | 000,023,168 | ---- | C] (Nokia) -- C:\WINDOWS\System32\drivers\ccdcmbo.sys

[2013/06/30 19:53:10 | 001,461,992 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\wdfcoinstaller01009.dll

[2013/06/30 19:53:10 | 000,123,904 | ---- | C] (Nokia) -- C:\WINDOWS\System32\ccdcmbwu.dll

[2013/06/30 19:53:10 | 000,069,632 | ---- | C] (Nokia) -- C:\WINDOWS\System32\nmwcdcocls.dll

[2013/06/30 19:53:10 | 000,018,560 | ---- | C] (Nokia) -- C:\WINDOWS\System32\drivers\ccdcmb.sys

[2013/06/30 19:53:08 | 000,075,264 | ---- | C] (Nokia) -- C:\WINDOWS\System32\nmwcdcls.dll

[2013/06/30 19:45:51 | 000,000,000 | ---D | C] -- D:\Documents and Settings\All Users\Application Data\NokiaInstallerCache

[2013/06/30 19:45:51 | 000,000,000 | ---D | C] -- C:\Program Files\Nokia

========== Files - Modified Within 30 Days ==========

[2013/07/07 17:44:53 | 000,000,384 | -H-- | M] () -- C:\WINDOWS\tasks\Microsoft Antimalware Scheduled Scan.job

[2013/07/07 17:41:00 | 000,000,830 | ---- | M] () -- C:\WINDOWS\tasks\Adobe Flash Player Updater.job

[2013/07/07 17:34:13 | 000,000,896 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job

[2013/07/07 17:32:37 | 000,000,892 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job

[2013/07/07 17:32:37 | 000,000,292 | ---- | M] () -- C:\WINDOWS\tasks\SmartDefrag_Startup.job

[2013/07/07 17:32:29 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat

[2013/07/07 17:32:27 | 1072,222,208 | -HS- | M] () -- C:\hiberfil.sys

[2013/07/07 14:42:45 | 000,253,472 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT

[2013/07/07 14:37:31 | 000,564,082 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat

[2013/07/07 14:37:31 | 000,113,670 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat

[2013/07/07 14:32:39 | 000,001,355 | ---- | M] () -- C:\WINDOWS\imsins.BAK

[2013/07/07 13:53:18 | 000,650,027 | ---- | M] () -- D:\Documents and Settings\neil fulton\Desktop\adwcleaner (1).exe

[2013/07/05 17:13:33 | 000,001,158 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl

[2013/07/02 15:14:52 | 000,001,463 | ---- | M] () -- D:\Documents and Settings\All Users\Desktop\iTunes.lnk

[2013/07/02 15:06:28 | 000,001,501 | ---- | M] () -- D:\Documents and Settings\All Users\Desktop\QuickTime Player.lnk

[2013/07/02 14:37:01 | 000,000,284 | ---- | M] () -- C:\WINDOWS\tasks\AppleSoftwareUpdate.job

[2013/07/01 18:29:56 | 000,000,000 | -H-- | M] () -- C:\WINDOWS\System32\drivers\Msft_User_WpdMtpDr_01_00_00.Wdf

[2013/07/01 18:29:49 | 000,000,000 | -H-- | M] () -- C:\WINDOWS\System32\drivers\Msft_Kernel_ccdcmb_01009.Wdf

[2013/07/01 18:29:47 | 000,000,000 | -H-- | M] () -- C:\WINDOWS\System32\drivers\MsftWdf_Kernel_01009_Coinstaller_Critical.Wdf

[2013/06/30 19:58:53 | 000,001,636 | ---- | M] () -- D:\Documents and Settings\All Users\Desktop\Nokia Suite.lnk

[2013/06/08 11:41:22 | 000,692,104 | ---- | M] (Adobe Systems Incorporated) -- C:\WINDOWS\System32\FlashPlayerApp.exe

[2013/06/08 11:41:22 | 000,071,048 | ---- | M] (Adobe Systems Incorporated) -- C:\WINDOWS\System32\FlashPlayerCPLApp.cpl

[2013/06/07 23:55:44 | 000,385,024 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\html.iec

[2013/06/07 22:56:06 | 006,017,536 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mshtml.dll

[2013/06/07 22:56:06 | 001,215,488 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\urlmon.dll

[2013/06/07 22:56:06 | 000,920,064 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wininet.dll

[2013/06/07 22:56:06 | 000,759,296 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\vgx.dll

[2013/06/07 22:56:06 | 000,630,272 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\msfeeds.dll

[2013/06/07 22:56:06 | 000,630,272 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msfeeds.dll

[2013/06/07 22:56:06 | 000,611,840 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\mstime.dll

[2013/06/07 22:56:06 | 000,611,840 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mstime.dll

[2013/06/07 22:56:06 | 000,522,240 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\jsdbgui.dll

[2013/06/07 22:56:06 | 000,206,848 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\occache.dll

[2013/06/07 22:56:06 | 000,105,984 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\url.dll

[2013/06/07 22:56:06 | 000,105,984 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\url.dll

[2013/06/07 22:56:06 | 000,067,072 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mshtmled.dll

[2013/06/07 22:56:06 | 000,055,296 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\msfeedsbs.dll

[2013/06/07 22:56:06 | 000,055,296 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msfeedsbs.dll

[2013/06/07 22:56:06 | 000,043,520 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\licmgr10.dll

[2013/06/07 22:56:06 | 000,043,520 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\licmgr10.dll

[2013/06/07 22:56:06 | 000,025,600 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\jsproxy.dll

[2013/06/07 22:56:06 | 000,025,600 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\jsproxy.dll

[2013/06/07 22:56:05 | 011,112,960 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ieframe.dll

[2013/06/07 22:56:05 | 002,005,504 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\iertutil.dll

[2013/06/07 22:56:05 | 001,469,440 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\inetcpl.cpl

[2013/06/07 22:56:05 | 001,469,440 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\inetcpl.cpl

[2013/06/07 22:56:05 | 000,743,424 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\iedvtool.dll

[2013/06/07 22:56:05 | 000,387,584 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\iedkcs32.dll

[2013/06/07 22:56:05 | 000,387,584 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\iedkcs32.dll

[2013/06/07 22:56:05 | 000,184,320 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\iepeers.dll

[2013/06/07 22:56:05 | 000,184,320 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\iepeers.dll

[2013/06/07 19:26:09 | 000,174,592 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\ie4uinit.exe

[2013/06/07 19:26:09 | 000,174,592 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ie4uinit.exe

========== Files Created - No Company Name ==========

[2013/07/07 13:52:48 | 000,650,027 | ---- | C] () -- D:\Documents and Settings\neil fulton\Desktop\adwcleaner (1).exe

[2013/07/02 15:14:52 | 000,001,463 | ---- | C] () -- D:\Documents and Settings\All Users\Desktop\iTunes.lnk

[2013/07/02 15:06:28 | 000,001,501 | ---- | C] () -- D:\Documents and Settings\All Users\Desktop\QuickTime Player.lnk

[2013/07/01 18:29:56 | 000,000,000 | -H-- | C] () -- C:\WINDOWS\System32\drivers\Msft_User_WpdMtpDr_01_00_00.Wdf

[2013/07/01 18:29:49 | 000,000,000 | -H-- | C] () -- C:\WINDOWS\System32\drivers\Msft_Kernel_ccdcmb_01009.Wdf

[2013/07/01 18:29:47 | 000,000,000 | -H-- | C] () -- C:\WINDOWS\System32\drivers\MsftWdf_Kernel_01009_Coinstaller_Critical.Wdf

[2013/06/30 19:58:52 | 000,001,636 | ---- | C] () -- D:\Documents and Settings\All Users\Desktop\Nokia Suite.lnk

[2013/04/11 14:42:00 | 000,000,664 | ---- | C] () -- C:\WINDOWS\System32\d3d9caps.dat

[2012/10/13 13:41:20 | 000,053,299 | ---- | C] () -- C:\WINDOWS\System32\pthreadVC.dll

[2012/02/15 09:48:32 | 000,003,072 | ---- | C] () -- C:\WINDOWS\System32\iacenc.dll

[2012/02/14 14:34:01 | 000,008,704 | ---- | C] () -- D:\Documents and Settings\neil fulton\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini

[2012/02/11 20:57:31 | 000,058,872 | -H-- | C] () -- C:\WINDOWS\System32\mlfcache.dat

[2011/12/29 23:00:59 | 000,020,312 | ---- | C] () -- C:\WINDOWS\System32\RegistryDefragBootTime.exe

[2011/12/29 21:32:27 | 000,025,944 | ---- | C] () -- C:\WINDOWS\System32\SmartDefragBootTime.exe

[2011/12/29 21:32:21 | 000,014,776 | ---- | C] () -- C:\WINDOWS\System32\drivers\SmartDefragDriver.sys

[2011/12/29 17:40:39 | 001,072,544 | ---- | C] () -- C:\WINDOWS\System32\nvdrsdb1.bin

[2011/12/29 17:40:39 | 001,072,544 | ---- | C] () -- C:\WINDOWS\System32\nvdrsdb0.bin

[2011/12/29 17:40:39 | 000,000,001 | ---- | C] () -- C:\WINDOWS\System32\nvdrssel.bin

[2011/12/29 17:39:22 | 002,816,504 | ---- | C] () -- C:\WINDOWS\System32\nvdata.data

[2011/07/24 14:56:21 | 000,000,227 | ---- | C] () -- C:\WINDOWS\HP_CounterReport_Update_HPSU.ini

[2011/07/24 14:56:00 | 000,000,214 | ---- | C] () -- C:\WINDOWS\HP_48BitScanUpdatePatch.ini

[2011/07/24 14:52:12 | 000,000,221 | ---- | C] () -- C:\WINDOWS\HP_RedboxHprblog_HPSU.ini

[2011/07/22 20:54:16 | 000,113,032 | ---- | C] () -- C:\WINDOWS\hpoins07.dat

[2011/07/22 20:54:16 | 000,021,124 | ---- | C] () -- C:\WINDOWS\hpomdl07.dat

[2007/05/20 19:38:23 | 000,001,755 | ---- | C] () -- D:\Documents and Settings\All Users\Application Data\QTSBandwidthCache

========== LOP Check ==========

[2013/07/02 15:14:46 | 000,000,000 | ---D | M] -- D:\Documents and Settings\All Users\Application Data\188F1432-103A-4ffb-80F1-36B633C5C9E1

[2010/08/05 10:34:32 | 000,000,000 | ---D | M] -- D:\Documents and Settings\All Users\Application Data\2032C

[2011/09/04 16:03:37 | 000,000,000 | ---D | M] -- D:\Documents and Settings\All Users\Application Data\2537A

[2009/08/09 19:08:24 | 000,000,000 | ---D | M] -- D:\Documents and Settings\All Users\Application Data\AdventureChronicles1

[2012/10/13 13:41:19 | 000,000,000 | ---D | M] -- D:\Documents and Settings\All Users\Application Data\Affinegy

[2013/07/02 13:49:27 | 000,000,000 | ---D | M] -- D:\Documents and Settings\All Users\Application Data\Applications

[2013/06/06 19:57:15 | 000,000,000 | ---D | M] -- D:\Documents and Settings\All Users\Application Data\AVG2013

[2010/08/05 10:51:19 | 000,000,000 | ---D | M] -- D:\Documents and Settings\All Users\Application Data\BabylonIM

[2009/07/14 18:06:51 | 000,000,000 | ---D | M] -- D:\Documents and Settings\All Users\Application Data\Beanbag Studios

[2011/05/01 19:36:55 | 000,000,000 | ---D | M] -- D:\Documents and Settings\All Users\Application Data\Big Fish Games

[2011/05/10 13:40:34 | 000,000,000 | ---D | M] -- D:\Documents and Settings\All Users\Application Data\cN01803FfCfF01803

[2012/01/17 19:13:47 | 000,000,000 | -H-D | M] -- D:\Documents and Settings\All Users\Application Data\Common Files

[2011/12/29 22:12:07 | 000,000,000 | ---D | M] -- D:\Documents and Settings\All Users\Application Data\IObit

[2009/07/04 22:33:56 | 000,000,000 | ---D | M] -- D:\Documents and Settings\All Users\Application Data\JollyBear

[2011/11/13 14:47:51 | 000,000,000 | ---D | M] -- D:\Documents and Settings\All Users\Application Data\Leapfrog

[2013/06/06 20:00:25 | 000,000,000 | ---D | M] -- D:\Documents and Settings\All Users\Application Data\MFAData

[2009/03/07 13:42:18 | 000,000,000 | ---D | M] -- D:\Documents and Settings\All Users\Application Data\MGS

[2009/03/07 13:39:09 | 000,000,000 | ---D | M] -- D:\Documents and Settings\All Users\Application Data\Microgaming

[2013/06/30 20:01:44 | 000,000,000 | ---D | M] -- D:\Documents and Settings\All Users\Application Data\Nokia

[2013/06/30 19:45:51 | 000,000,000 | ---D | M] -- D:\Documents and Settings\All Users\Application Data\NokiaInstallerCache

[2009/07/04 23:37:32 | 000,000,000 | ---D | M] -- D:\Documents and Settings\All Users\Application Data\Oberonv1005

[2006/04/20 16:49:05 | 000,000,000 | ---D | M] -- D:\Documents and Settings\All Users\Application Data\OD2

[2013/06/30 20:02:34 | 000,000,000 | ---D | M] -- D:\Documents and Settings\All Users\Application Data\PC Suite

[2009/07/14 17:54:44 | 000,000,000 | ---D | M] -- D:\Documents and Settings\All Users\Application Data\PlayFirst

[2009/08/10 18:48:02 | 000,000,000 | ---D | M] -- D:\Documents and Settings\All Users\Application Data\Product

[2009/08/10 18:48:02 | 000,000,000 | ---D | M] -- D:\Documents and Settings\All Users\Application Data\QuickClick

[2013/07/07 17:35:04 | 000,000,000 | ---D | M] -- D:\Documents and Settings\All Users\Application Data\Radialpoint

[2009/07/06 22:06:53 | 000,000,000 | ---D | M] -- D:\Documents and Settings\All Users\Application Data\SpinTop Games

[2007/10/23 11:31:30 | 000,000,000 | ---D | M] -- D:\Documents and Settings\All Users\Application Data\STOPzilla!

[2011/05/02 18:41:54 | 000,000,000 | ---D | M] -- D:\Documents and Settings\All Users\Application Data\TEMP

[2009/07/13 00:20:21 | 000,000,000 | ---D | M] -- D:\Documents and Settings\All Users\Application Data\The Game Equation

[2009/10/16 15:20:34 | 000,000,000 | ---D | M] -- D:\Documents and Settings\All Users\Application Data\Ulead Systems

[2006/07/01 08:57:55 | 000,000,000 | ---D | M] -- D:\Documents and Settings\All Users\Application Data\VadeRetro

[2012/01/19 20:39:37 | 000,000,000 | ---D | M] -- D:\Documents and Settings\All Users\Application Data\Virgin Media

[2010/10/11 22:07:45 | 000,000,000 | ---D | M] -- D:\Documents and Settings\All Users\Application Data\Zylom

[2010/08/05 09:24:33 | 000,000,000 | -H-D | M] -- D:\Documents and Settings\All Users\Application Data\{1A458D70-B989-4B6C-8D14-6475A477F678}

[2011/09/11 16:22:58 | 000,000,000 | ---D | M] -- D:\Documents and Settings\All Users\Application Data\{429CAD59-35B1-4DBC-BB6D-1DB246563521}

[2011/05/15 21:23:15 | 000,000,000 | ---D | M] -- D:\Documents and Settings\neil fulton\Application Data\asoftech

[2013/04/11 22:17:42 | 000,000,000 | ---D | M] -- D:\Documents and Settings\neil fulton\Application Data\AVG2013

[2012/12/12 21:31:36 | 000,000,000 | ---D | M] -- D:\Documents and Settings\neil fulton\Application Data\Azureus

[2012/12/03 00:05:21 | 000,000,000 | ---D | M] -- D:\Documents and Settings\neil fulton\Application Data\BitLord

[2011/09/06 13:44:44 | 000,000,000 | ---D | M] -- D:\Documents and Settings\neil fulton\Application Data\bsbandmltbpi

[2011/12/29 21:47:21 | 000,000,000 | ---D | M] -- D:\Documents and Settings\neil fulton\Application Data\IObit

[2013/07/01 18:33:24 | 000,000,000 | ---D | M] -- D:\Documents and Settings\neil fulton\Application Data\Nokia

[2013/07/02 13:31:14 | 000,000,000 | ---D | M] -- D:\Documents and Settings\neil fulton\Application Data\Nokia Suite

[2011/09/04 17:07:30 | 000,000,000 | ---D | M] -- D:\Documents and Settings\neil fulton\Application Data\OD2

[2013/07/01 18:32:29 | 000,000,000 | ---D | M] -- D:\Documents and Settings\neil fulton\Application Data\PC Suite

[2013/04/30 10:16:51 | 000,000,000 | ---D | M] -- D:\Documents and Settings\neil fulton\Application Data\player

[2012/12/02 23:57:49 | 000,000,000 | ---D | M] -- D:\Documents and Settings\neil fulton\Application Data\Python-Eggs

[2013/06/29 20:05:33 | 000,000,000 | ---D | M] -- D:\Documents and Settings\neil fulton\Application Data\Radialpoint

[2011/12/27 13:39:25 | 000,000,000 | ---D | M] -- D:\Documents and Settings\neil fulton\Application Data\Sports Interactive

[2013/04/11 22:12:32 | 000,000,000 | ---D | M] -- D:\Documents and Settings\neil fulton\Application Data\TuneUp Software

[2011/05/10 16:28:17 | 000,000,000 | ---D | M] -- D:\Documents and Settings\neil fulton\Application Data\Ulead Systems

[2011/05/09 17:09:41 | 000,000,000 | ---D | M] -- D:\Documents and Settings\neil fulton\Application Data\VadeRetro

[2012/01/19 14:01:39 | 000,000,000 | ---D | M] -- D:\Documents and Settings\neil fulton\Application Data\Virgin Media

[2013/07/07 17:32:37 | 000,000,292 | ---- | M] () -- C:\WINDOWS\Tasks\SmartDefrag_Startup.job

========== Purity Check ==========

========== Custom Scans ==========

========== Drive Information ==========

Physical Drives

---------------

Drive: \\\\.\\PHYSICALDRIVE0 - Fixed\thard disk media

Interface type: IDE

Media Type: Fixed\thard disk media

Model: ST3160812AS

Partitions: 2

Status: OK

Status Info: 0

Drive: \\\\.\\PHYSICALDRIVE1 -

Interface type: USB

Media Type:

Model: Generic USB SD Reader USB Device

Partitions: 0

Status: OK

Status Info: 0

Drive: \\\\.\\PHYSICALDRIVE2 -

Interface type: USB

Media Type:

Model: Generic USB CF Reader USB Device

Partitions: 0

Status: OK

Status Info: 0

Drive: \\\\.\\PHYSICALDRIVE3 -

Interface type: USB

Media Type:

Model: Generic USB SM Reader USB Device

Partitions: 0

Status: OK

Status Info: 0

Drive: \\\\.\\PHYSICALDRIVE4 -

Interface type: USB

Media Type:

Model: Generic USB MS Reader USB Device

Partitions: 0

Status: OK

Status Info: 0

Partitions

---------------

DeviceID: Disk #0, Partition #0

PartitionType: Installable File System

Bootable: True

BootPartition: True

PrimaryPartition: True

Size: 38.00GB

Starting Offset: 32256

Hidden sectors: 0

DeviceID: Disk #0, Partition #1

PartitionType: Installable File System

Bootable: False

BootPartition: False

PrimaryPartition: True

Size: 111.00GB

Starting Offset: 40591756800

Hidden sectors: 0

< %SYSTEMDRIVE%\*.* >

[2006/07/01 08:53:44 | 000,000,210 | RHS- | M] () -- C:\BOOT.BAK

[2006/07/01 09:28:19 | 000,000,281 | RHS- | M] () -- C:\BOOT.INI

[2004/08/04 14:00:00 | 000,260,272 | RHS- | M] () -- C:\cmldr

[2006/07/01 08:10:44 | 000,006,053 | ---- | M] () -- C:\DWNLOG.TXT

[2013/07/07 17:32:27 | 1072,222,208 | -HS- | M] () -- C:\hiberfil.sys

[2006/07/01 08:55:19 | 000,000,000 | RHS- | M] () -- C:\IO.SYS

[2006/07/01 08:57:04 | 000,000,880 | -H-- | M] () -- C:\IPH.PH

[2006/07/01 08:10:44 | 000,006,053 | ---- | M] () -- C:\MCDLOG.TXT

[2006/07/01 08:55:19 | 000,000,000 | RHS- | M] () -- C:\MSDOS.SYS

[2004/08/04 14:00:00 | 000,047,564 | ---- | M] () -- C:\NTDETECT.COM

[2011/11/20 20:07:59 | 000,250,048 | ---- | M] () -- C:\NTLDR

[2013/07/07 17:32:26 | 1608,224,768 | -HS- | M] () -- C:\pagefile.sys

[2006/04/20 11:01:26 | 000,001,128 | ---- | M] () -- C:\SAUDIT.TXT

[2006/07/01 08:10:44 | 000,000,000 | ---- | M] () -- C:\UPDFLOP.TAG

< %systemroot%\system32\Spool\prtprocs\w32x86\*.dll >

[2008/07/06 13:06:10 | 000,089,088 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\Spool\prtprocs\w32x86\filterpipelineprintproc.dll

< %systemroot%\*. /mp /s >

< %systemroot%\system32\*.dll /lockedfiles >

< %systemroot%\Tasks\*.job /lockedfiles >

< %systemroot%\system32\drivers\*.sys /lockedfiles >

< %systemroot%\system32\*.exe /lockedfiles >

< %systemroot%\System32\config\*.sav >

[2004/08/10 16:46:06 | 000,094,208 | ---- | M] () -- C:\WINDOWS\System32\config\default.sav

[2004/08/10 16:46:06 | 000,634,880 | ---- | M] () -- C:\WINDOWS\System32\config\software.sav

[2004/08/10 16:46:06 | 000,847,872 | ---- | M] () -- C:\WINDOWS\System32\config\system.sav

< %PROGRAMFILES%\* >

< %USERPROFILE%\..|smtmp;true;true;true /FP >

< HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Win dows\WindowsUpdate\AU >

< hklm\software\clients\startmenuinternet|command /rs >

HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\aol.exe\InstallInfo\\ReinstallCommand: C:\PROGRA~1\AOL9~1.0\accdef.exe -rb [2005/03/08 06:02:40 | 000,016,496 | ---- | M] (America Online, Inc.)

HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\aol.exe\InstallInfo\\HideIconsCommand: C:\PROGRA~1\AOL9~1.0\accdef.exe -hb [2005/03/08 06:02:40 | 000,016,496 | ---- | M] (America Online, Inc.)

HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\aol.exe\InstallInfo\\ShowIconsCommand: C:\PROGRA~1\AOL9~1.0\accdef.exe -sb [2005/03/08 06:02:40 | 000,016,496 | ---- | M] (America Online, Inc.)

HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\aol.exe\shell\open\command\\: C:\PROGRA~1\AOL9~1.0\aol.exe [2005/03/08 06:03:18 | 000,038,000 | ---- | M] (America Online, Inc.)

HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\chrome.exe\shell\open\command\\: "D:\Documents and Settings\neil fulton\Local Settings\Application Data\Google\Chrome\Application\chrome.exe" [2011/05/06 20:50:10 | 001,010,232 | ---- | M] (Google Inc.)

HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\Google Chrome\InstallInfo\\ShowIconsCommand: "D:\Documents and Settings\neil fulton\Local Settings\Application Data\Google\Chrome\Application\chrome.exe" --show-icons [2011/05/06 20:50:10 | 001,010,232 | ---- | M] (Google Inc.)

HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\Google Chrome\InstallInfo\\HideIconsCommand: "D:\Documents and Settings\neil fulton\Local Settings\Application Data\Google\Chrome\Application\chrome.exe" --hide-icons [2011/05/06 20:50:10 | 001,010,232 | ---- | M] (Google Inc.)

HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\Google Chrome\InstallInfo\\ReinstallCommand: "D:\Documents and Settings\neil fulton\Local Settings\Application Data\Google\Chrome\Application\chrome.exe" --make-default-browser [2011/05/06 20:50:10 | 001,010,232 | ---- | M] (Google Inc.)

HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\Google Chrome\shell\open\command\\: "D:\Documents and Settings\neil fulton\Local Settings\Application Data\Google\Chrome\Application\chrome.exe" [2011/05/06 20:50:10 | 001,010,232 | ---- | M] (Google Inc.)

HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\InstallInfo\\ReinstallCommand: "C:\WINDOWS\system32\ie4uinit.exe" -reinstall [2013/06/07 19:26:09 | 000,174,592 | ---- | M] (Microsoft Corporation)

HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\InstallInfo\\HideIconsCommand: "C:\WINDOWS\system32\ie4uinit.exe" -hide [2013/06/07 19:26:09 | 000,174,592 | ---- | M] (Microsoft Corporation)

HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\InstallInfo\\ShowIconsCommand: "C:\WINDOWS\system32\ie4uinit.exe" -show [2013/06/07 19:26:09 | 000,174,592 | ---- | M] (Microsoft Corporation)

HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\shell\naom\command\\: "C:\Program Files\Internet Explorer\iexplore.exe" -extoff [2009/03/08 14:09:26 | 000,638,816 | ---- | M] (Microsoft Corporation)

HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\shell\open\command\\: "C:\Program Files\Internet Explorer\iexplore.exe" [2009/03/08 14:09:26 | 000,638,816 | ---- | M] (Microsoft Corporation)

< hklm\software\clients\startmenuinternet|command /64 /rs >