2013-07-28

Hi - my computer occassionally slows down and appears to be busy. This has happened since 20 July when I downloaded CdBurner and several other DVD burners. Delta Search was automatically downloaded with one of these, and I have deleted it, but note it appears in the OTL log file which follows.

ALSO - the extra.txt file was not created. How do I initiate this please ?

Many thanks - in anticipation !

OTL logfile created on: 28/07/2013 09:58:34 - Run 2

OTL by OldTimer - Version 3.2.69.0 Folder = C:\utils\utils\old_timer

Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation

Internet Explorer (Version = 8.0.6001.18702)

Locale: 00000809 | Country: United Kingdom | Language: ENG | Date Format: dd/MM/yyyy

2.80 Gb Total Physical Memory | 1.81 Gb Available Physical Memory | 64.50% Memory free

4.65 Gb Paging File | 3.48 Gb Available in Paging File | 74.83% Paging File free

Paging file location(s): C:\pagefile.sys 2046 4092 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files

Drive C: | 465.75 Gb Total Space | 448.86 Gb Free Space | 96.37% Space Free | Partition Type: NTFS

Computer Name: CORE5 | User Name: me | Logged in as Administrator.

Boot Mode: Normal | Scan Mode: Current user | Quick Scan

Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2013/07/28 09:58:18 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\utils\utils\old_timer\OTL.exe

PRC - [2013/05/21 05:44:22 | 000,144,368 | R--- | M] (Symantec Corporation) -- C:\Program Files\Norton 360\Engine\20.4.0.40\ccSvcHst.exe

PRC - [2013/04/04 05:32:53 | 000,181,664 | ---- | M] (Oracle Corporation) -- C:\Program Files\Java\jre7\bin\jqs.exe

PRC - [2013/03/12 07:32:58 | 000,506,744 | ---- | M] (Oracle Corporation) -- C:\Program Files\Common Files\Java\Java Update\jucheck.exe

PRC - [2012/10/08 09:10:55 | 000,296,096 | ---- | M] (RealNetworks, Inc.) -- C:\Program Files\Real\RealPlayer\Update\realsched.exe

PRC - [2010/02/25 06:14:14 | 002,320,920 | R--- | M] (Intel Corporation) -- C:\Program Files\Intel\Intel(R) Management Engine Components\UNS\UNS.exe

PRC - [2010/02/25 06:14:12 | 000,268,824 | R--- | M] (Intel Corporation) -- C:\Program Files\Intel\Intel(R) Management Engine Components\LMS\LMS.exe

PRC - [2008/04/14 01:12:19 | 001,033,728 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe

PRC - [2001/03/15 06:18:18 | 000,049,254 | ---- | M] (Adobe Systems Inc.) -- C:\Program Files\Adobe\Acrobat 5.0\Distillr\AcroTray.exe

========== Modules (No Company Name) ==========

MOD - [2012/05/30 15:51:08 | 000,699,280 | R--- | M] () -- C:\Program Files\Norton 360\Engine\20.4.0.40\wincfi39.dll

MOD - [2001/03/15 06:18:08 | 000,065,536 | ---- | M] () -- C:\Program Files\Adobe\Acrobat 5.0\Distillr\adistres.dll

========== Services (SafeList) ==========

SRV - File not found [Disabled | Stopped] -- %SystemRoot%\System32\hidserv.dll -- (HidServ)

SRV - [2013/06/12 08:06:24 | 000,256,904 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpda teService.exe -- (AdobeFlashPlayerUpdateSvc)

SRV - [2013/05/21 05:44:22 | 000,144,368 | R--- | M] (Symantec Corporation) [Auto | Running] -- C:\Program Files\Norton 360\Engine\20.4.0.40\ccSvcHst.exe -- (N360)

SRV - [2013/04/04 05:32:53 | 000,181,664 | ---- | M] (Oracle Corporation) [Auto | Running] -- C:\Program Files\Java\jre7\bin\jqs.exe -- (JavaQuickStarterService)

SRV - [2010/02/25 06:14:14 | 002,320,920 | R--- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files\Intel\Intel(R) Management Engine Components\UNS\UNS.exe -- (UNS)

SRV - [2010/02/25 06:14:12 | 000,268,824 | R--- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files\Intel\Intel(R) Management Engine Components\LMS\LMS.exe -- (LMS)

========== Driver Services (SafeList) ==========

DRV - File not found [Kernel | On_Demand | Stopped] -- -- (WDICA)

DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDRFRAME)

DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDRELI)

DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDFRAME)

DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDCOMP)

DRV - File not found [Kernel | System | Stopped] -- -- (PCIDump)

DRV - File not found [Kernel | System | Stopped] -- -- (lbrtfdc)

DRV - File not found [Kernel | System | Stopped] -- -- (i2omgmt)

DRV - File not found [Kernel | On_Demand | Stopped] -- D:\FXDrv32.sys -- (FXDrv32)

DRV - File not found [Kernel | On_Demand | Stopped] -- C:\DOCUME~1\me\LOCALS~1\Temp\cpuz132\cpuz132_x32.s ys -- (cpuz132)

DRV - File not found [Kernel | System | Stopped] -- -- (Changer)

DRV - File not found [Kernel | On_Demand | Stopped] -- C:\DOCUME~1\me\LOCALS~1\Temp\catchme.sys -- (catchme)

DRV - [2013/07/16 11:14:19 | 001,611,992 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\Documents and Settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_20.4.0.40\Definitions\VirusDefs \20130727.004\NAVEX15.SYS -- (NAVEX15)

DRV - [2013/07/16 11:14:19 | 000,093,272 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\Documents and Settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_20.4.0.40\Definitions\VirusDefs \20130727.004\NAVENG.SYS -- (NAVENG)

DRV - [2013/06/25 12:56:43 | 000,142,496 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\SYMEVENT.SYS -- (SymEvent)

DRV - [2013/06/22 07:31:36 | 000,373,728 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\Documents and Settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_20.4.0.40\Definitions\IPSDefs\2 0130726.001\IDSXpx86.sys -- (IDSxpx86)

DRV - [2013/05/23 06:25:28 | 000,934,488 | R--- | M] (Symantec Corporation) [File_System | Boot | Running] -- C:\WINDOWS\system32\drivers\N360\1404000.028\SymEF A.sys -- (SymEFA)

DRV - [2013/05/21 06:02:00 | 000,367,704 | R--- | M] (Symantec Corporation) [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\N360\1404000.028\SymDS .sys -- (SymDS)

DRV - [2013/05/21 05:41:34 | 001,002,072 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Documents and Settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_20.4.0.40\Definitions\BASHDefs\ 20130715.001\BHDrvx86.sys -- (BHDrvx86)

DRV - [2013/05/16 06:02:14 | 000,603,224 | R--- | M] (Symantec Corporation) [File_System | System | Running] -- C:\WINDOWS\system32\drivers\N360\1404000.028\srtsp .sys -- (SRTSP)

DRV - [2013/04/25 01:43:56 | 000,396,760 | R--- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\N360\1404000.028\symtd i.sys -- (SYMTDI)

DRV - [2013/04/16 03:41:14 | 000,134,744 | R--- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\N360\1404000.028\ccSet x86.sys -- (ccSet_N360)

DRV - [2013/03/05 02:39:19 | 000,175,264 | R--- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\N360\1404000.028\Ironx 86.sys -- (SymIRON)

DRV - [2013/03/05 02:21:35 | 000,032,344 | R--- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\N360\1404000.028\srtsp x.sys -- (SRTSPX)

DRV - [2012/08/09 07:32:17 | 000,376,480 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Program Files\Common Files\Symantec Shared\EENGINE\eeCtrl.sys -- (eeCtrl)

DRV - [2012/08/09 07:32:17 | 000,106,656 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\Program Files\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys -- (EraserUtilRebootDrv)

DRV - [2012/06/03 10:45:50 | 000,005,504 | ---- | M] () [File_System | Auto | Running] -- C:\WINDOWS\System32\drivers\StarOpen.sys -- (StarOpen)

DRV - [2010/02/10 08:01:10 | 000,132,352 | R--- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\Impcd.sys -- (Impcd)

DRV - [2010/02/08 11:15:44 | 005,860,384 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\RtkHDAud.sys -- (IntcAzAudAddService)

DRV - [2010/01/21 15:11:12 | 000,202,064 | R--- | M] (Realtek Semiconductor Corporation ) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\Rtenicxp.sys -- (RTLE8023xp)

DRV - [2009/12/18 12:58:52 | 000,011,336 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Program Files\SystemRequirementsLab\cpudrv.sys -- (cpudrv)

DRV - [2009/11/18 00:17:00 | 001,395,800 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\Monfilt.sys -- (Monfilt)

DRV - [2009/11/18 00:16:00 | 001,691,480 | ---- | M] (Creative) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\Ambfilt.sys -- (Ambfilt)

DRV - [2009/09/17 05:54:14 | 000,041,088 | R--- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\HECI.sys -- (HECI)

========== Standard Registry (SafeList) ==========

========== Internet Explorer ==========

IE - HKLM\..\SearchScopes,DefaultScope = {6A1806CD-94D4-4689-BA73-E35EA1EA9990}

IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://search.live.com/results.aspx?...eferrer:source?}

IE - HKLM\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.com/search?q={sear...}&sourceid=ie7

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,bProtector Start Page = http://www1.delta-search.com/?babsrc...19357&tsp=4949

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = https://www.google.co.uk/

IE - HKCU\..\SearchScopes,bProtectorDefaultScope = {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}

IE - HKCU\..\SearchScopes,DefaultScope = {6A1806CD-94D4-4689-BA73-E35EA1EA9990}

IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={search...ox&FORM=IE8SRC

IE - HKCU\..\SearchScopes\{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}: "URL" = http://www1.delta-search.com/?q={sea...19357&tsp=4949

IE - HKCU\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.com/search?q={sear...I7ADFA_enGB406

IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Int ernet Settings: "ProxyEnable" = 0

========== FireFox ==========

FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll (Google)

FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.21.2: C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)

FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)

FF - HKLM\Software\MozillaPlugins\@real.com/nppl3260;version=15.0.6.14: c:\program files\real\realplayer\Netscape6\nppl3260.dll (RealNetworks, Inc.)

FF - HKLM\Software\MozillaPlugins\@real.com/nprjplug;version=15.0.6.14: c:\program files\real\realplayer\Netscape6\nprjplug.dll (RealNetworks, Inc.)

FF - HKLM\Software\MozillaPlugins\@real.com/nprpchromebrowserrecordext;version=15.0.6.14: C:\Documents and Settings\All Users\Application Data\Real\RealPlayer\BrowserRecordPlugin\MozillaPl ugins\nprpchromebrowserrecordext.dll (RealNetworks, Inc.)

FF - HKLM\Software\MozillaPlugins\@real.com/nprphtml5videoshim;version=15.0.6.14: C:\Documents and Settings\All Users\Application Data\Real\RealPlayer\BrowserRecordPlugin\MozillaPl ugins\nprphtml5videoshim.dll (RealNetworks, Inc.)

FF - HKLM\Software\MozillaPlugins\@real.com/nprpplugin;version=15.0.6.14: c:\program files\real\realplayer\Netscape6\nprpplugin.dll (RealPlayer)

FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.21.153\npGoogleUpdate3.dll (Google Inc.)

FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.21.153\npGoogleUpdate3.dll (Google Inc.)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extens ions\\{BBDA0591-3099-440a-AA10-41764D9DB4DB}: C:\Documents and Settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_20.4.0.40\IPSFFPlgn\ [2013/06/25 12:59:25 | 000,000,000 | ---D | M]

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extens ions\\{2D3F3651-74B9-4795-BDEC-6DA2F431CB62}: C:\Documents and Settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_20.4.0.40\coFFPlgn\ [2013/07/28 06:23:22 | 000,000,000 | ---D | M]

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extens ions\\{0153E448-190B-4987-BDE1-F256CADA672F}: C:\Documents and Settings\All Users\Application Data\Real\RealPlayer\BrowserRecordPlugin\Firefox\E xt [2012/10/08 09:11:21 | 000,000,000 | ---D | M]

[2013/07/20 17:54:14 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions

========== Chrome ==========

CHR - default_search_provider: Google (Enabled)

CHR - default_search_provider: search_url = {google:baseURL}search?q={searchTerms}&{google:RLZ }{google:originalQueryForSuggestion}{google:assist edQueryStats}{google:searchFieldtrialParameter}{go ogle:searchClient}{google:sourceId}{google:instant ExtendedEnabledParameter}ie={inputEncoding}

CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldt rialParameter}client=chrome&q={searchTerms}&{googl e:cursorPosition}{google:zeroPrefixUrl}sugkey={goo gle:suggestAPIKeyParameter},

CHR - homepage: http://www.google.co.uk/

CHR - plugin: Shockwave Flash (Enabled) = C:\Program Files\Google\Chrome\Application\28.0.1500.72\Peppe rFlash\pepflashplayer.dll

CHR - plugin: Chrome Remote Desktop Viewer (Enabled) = internal-remoting-viewer

CHR - plugin: Native Client (Enabled) = C:\Program Files\Google\Chrome\Application\28.0.1500.72\ppGoo gleNaClPluginChrome.dll

CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Program Files\Google\Chrome\Application\28.0.1500.72\pdf.d ll

CHR - plugin: Adobe Acrobat (Enabled) = C:\Program Files\Adobe\Reader 9.0\Reader\Browser\nppdf32.dll

CHR - plugin: Microsoft DRM (Enabled) = C:\Program Files\Windows Media Player\npdrmv2.dll

CHR - plugin: Windows Media Player Plug-in Dynamic Link Library (Enabled) = C:\Program Files\Windows Media Player\npdsplay.dll

CHR - plugin: Microsoft DRM (Enabled) = C:\Program Files\Windows Media Player\npwmsdrm.dll

CHR - plugin: RealNetworks(tm) Chrome Background Extension Plug-In (32-bit) (Enabled) = C:\Documents and Settings\All Users\Application Data\Real\RealPlayer\BrowserRecordPlugin\MozillaPl ugins\nprpchromebrowserrecordext.dll

CHR - plugin: RealPlayer(tm) HTML5VideoShim Plug-In (32-bit) (Enabled) = C:\Documents and Settings\All Users\Application Data\Real\RealPlayer\BrowserRecordPlugin\MozillaPl ugins\nprphtml5videoshim.dll

CHR - plugin: Google Earth Plugin (Enabled) = C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll

CHR - plugin: Google Update (Enabled) = C:\Program Files\Google\Update\1.3.21.153\npGoogleUpdate3.dll

CHR - plugin: Java(TM) Platform SE 7 U21 (Enabled) = C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll

CHR - plugin: Windows Presentation Foundation (Enabled) = c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll

CHR - plugin: RealPlayer(tm) G2 LiveConnect-Enabled Plug-In (32-bit) (Enabled) = c:\program files\real\realplayer\Netscape6\nppl3260.dll

CHR - plugin: RealJukebox NS Plugin (Enabled) = c:\program files\real\realplayer\Netscape6\nprjplug.dll

CHR - plugin: RealPlayer Download Plugin (Enabled) = c:\program files\real\realplayer\Netscape6\nprpplugin.dll

CHR - Extension: PageRank Status = C:\Documents and Settings\me\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\hbdkkfheckcdppiaiabobmennh ijkknn\8.0.4.0_0\

CHR - Extension: PageRank Status = C:\Documents and Settings\me\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\hbdkkfheckcdppiaiabobmennh ijkknn\8.1.3.0_0\

CHR - Extension: RealPlayer HTML5Video Downloader Extension = C:\Documents and Settings\me\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\jfmjfhklogoienhpfnppmbcbjf jnkonk\1.5_0\

CHR - Extension: Norton Identity Protection = C:\Documents and Settings\me\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\mkfokfffehpeedafpekjeddnmn jhmcmk\2013.4.0.10_1\

O1 HOSTS File: ([2004/08/04 13:00:00 | 000,000,734 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts

O1 - Hosts: 127.0.0.1 localhost

O2 - BHO: (Adobe PDF Reader Link Helper) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)

O2 - BHO: (RealPlayer Download and Record Plugin for Internet Explorer) - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Documents and Settings\All Users\Application Data\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrow serrecordplugin.dll (RealPlayer)

O2 - BHO: (Norton Identity Protection) - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files\Norton 360\Engine\20.4.0.40\CoIEPlg.dll (Symantec Corporation)

O2 - BHO: (Norton Vulnerability Protection) - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files\Norton 360\Engine\20.4.0.40\IPS\IPSBHO.dll (Symantec Corporation)

O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)

O2 - BHO: (Advertising Cookie Opt-out) - {8E425EB4-ADBD-4816-B1E8-49BB9DECF034} - C:\Program Files\Google\Advertising Cookie Opt-out\opt_out.dll (Google Inc)

O2 - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.7.8313.1002\s wg.dll (Google Inc.)

O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)

O3 - HKLM\..\Toolbar: (Norton Toolbar) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files\Norton 360\Engine\20.4.0.40\CoIEPlg.dll (Symantec Corporation)

O3 - HKCU\..\Toolbar\WebBrowser: (Norton Toolbar) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files\Norton 360\Engine\20.4.0.40\CoIEPlg.dll (Symantec Corporation)

O4 - HKLM..\Run: [APSDaemon] C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.)

O4 - HKLM..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k File not found

O4 - HKLM..\Run: [TkBellExe] C:\program files\real\realplayer\update\realsched.exe (RealNetworks, Inc.)

O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Acrobat Assistant.lnk = C:\Program Files\Adobe\Acrobat 5.0\Distillr\AcroTray.exe (Adobe Systems Inc.)

O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office\OSA9.EXE (Microsoft Corporation)

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\pol icies\Explorer: HonorAutoRunSetting = 1

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\pol icies\Explorer: NoDriveAutoRun = 67108863

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\pol icies\Explorer: NoDriveTypeAutoRun = 323

O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\pol icies\Explorer: NoDriveTypeAutoRun = 323

O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\pol icies\Explorer: NoDriveAutoRun = 67108863

O12 - Plugin for: .spop - C:\Program Files\Internet Explorer\PLUGINS\NPDocBox.dll (InterTrust Technologies Corporation, Inc.)

O16 - DPF: {0972B098-DEE9-4279-AC7E-4BAAA029102D} http://assets.photobox.com/assets/v/...L2ig_0fSS8.cab (PhotoboxPhotowaysUploader5 Control)

O16 - DPF: {831003F4-96B6-40F2-AAFA-8658734DB021} http://www.rightmove.co.uk/rmp/obj/a...ediaupload.cab (MediaUploaderForm5 Control)

O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jin...ndows-i586.cab (Java Plug-in 10.21.2)

O16 - DPF: {CAFEEFAC-0016-0000-0031-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jin...ndows-i586.cab (Java Plug-in 1.6.0_31)

O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jin...ndows-i586.cab (Java Plug-in 10.21.2)

O16 - DPF: {CF84DAC5-A4F5-419E-A0BA-C01FFD71112F} http://content.systemrequirementslab...l_4.3.13.0.cab (SysInfo Class)

O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab (Reg Error: Key error.)

O16 - DPF: {E55B74AB-0B51-4BAE-A5B5-2531AB5EA4D9} http://assets.photobox.com/assets/v/...5T0lFcde-o.cab (Uploader Control)

O16 - DPF: {E5ABEB00-B357-4884-9949-77B2C71A7EE3} http://www.intel.com/design/motherbd...id/BoardID.cab (BoardCtl Class)

O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.254

O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfac es\{E6DBA619-E2A3-4BF9-AFB7-F51A3C65F907}: DhcpNameServer = 192.168.1.254

O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)

O20 - HKLM Winlogon: UserInit - (C:\WINDOWS\system32\userinit.exe) - C:\WINDOWS\system32\userinit.exe (Microsoft Corporation)

O24 - Desktop WallPaper: C:\WINDOWS\Web\Wallpaper\Bliss.bmp

O24 - Desktop BackupWallPaper: C:\WINDOWS\Web\Wallpaper\Bliss.bmp

O32 - HKLM CDRom: AutoRun - 1

O32 - AutoRun File - [2010/11/17 00:27:23 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]

O34 - HKLM BootExecute: (autocheck autochk *)

O35 - HKLM\..comfile [open] -- "%1" %*

O35 - HKLM\..exefile [open] -- "%1" %*

O37 - HKLM\...com [@ = comfile] -- "%1" %*

O37 - HKLM\...exe [@ = exefile] -- "%1" %*

O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)

O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)

========== Files/Folders - Created Within 30 Days ==========

[2013/07/20 18:02:04 | 000,000,000 | ---D | C] -- C:\Documents and Settings\me\Application Data\ImgBurn

[2013/07/20 17:55:51 | 000,000,000 | ---D | C] -- C:\Program Files\ImgBurn

[2013/07/20 17:55:51 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\ImgBurn

[2013/07/20 17:54:46 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\searchplugins

[2013/07/20 17:54:46 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\Extensions

[2013/07/20 17:54:44 | 000,000,000 | ---D | C] -- C:\Documents and Settings\me\Start Menu\Programs\BrowserDefender

[2013/07/20 17:54:35 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\BrowserDefender

[2013/07/20 17:54:14 | 000,000,000 | ---D | C] -- C:\Program Files\Mozilla Firefox

[2013/07/20 17:53:38 | 000,000,000 | ---D | C] -- C:\Documents and Settings\me\Application Data\Babylon

[2013/07/20 17:53:38 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Babylon

[2013/07/20 17:30:37 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Documents\FreeBurner

[2013/07/20 17:30:23 | 000,200,704 | ---- | C] (vbAccelerator) -- C:\WINDOWS\System32\vbalExpBar6.ocx

[2013/07/20 17:30:20 | 000,040,960 | ---- | C] (vbAccelerator) -- C:\WINDOWS\System32\SSubTmr6.dll

[2013/07/20 17:30:19 | 000,000,000 | ---D | C] -- C:\Documents and Settings\me\Application Data\FreeBurner

[2013/07/20 17:28:58 | 000,000,000 | ---D | C] -- C:\Program Files\Free Easy CD DVD Burner

[2013/07/20 17:05:34 | 000,000,000 | ---D | C] -- C:\Documents and Settings\me\Application Data\Canneverbe Limited

[2013/07/20 17:05:34 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Canneverbe Limited

[2013/07/20 17:05:22 | 000,000,000 | ---D | C] -- C:\Program Files\CDBurnerXP

[2013/07/10 21:53:55 | 000,000,000 | -HSD | C] -- C:\Config.Msi

[4 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]

[1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2013/07/28 10:00:00 | 000,000,296 | ---- | M] () -- C:\WINDOWS\tasks\BrowserDefendert.job

[2013/07/28 09:18:00 | 000,000,878 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job

[2013/07/28 09:06:00 | 000,000,830 | ---- | M] () -- C:\WINDOWS\tasks\Adobe Flash Player Updater.job

[2013/07/28 08:25:43 | 000,002,473 | ---- | M] () -- C:\Documents and Settings\me\Desktop\Microsoft Word.lnk

[2013/07/28 07:29:31 | 000,000,260 | ---- | M] () -- C:\WINDOWS\tasks\WGASetup.job

[2013/07/28 06:23:36 | 000,000,272 | ---- | M] () -- C:\WINDOWS\tasks\RealUpgradeLogonTaskS-1-5-21-1220945662-861567501-839522115-1003.job

[2013/07/28 06:23:35 | 000,000,280 | ---- | M] () -- C:\WINDOWS\tasks\RealUpgradeScheduledTaskS-1-5-21-1220945662-861567501-839522115-1003.job

[2013/07/28 06:23:13 | 000,000,874 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job

[2013/07/28 06:23:13 | 000,000,400 | ---- | M] () -- C:\WINDOWS\tasks\RNUpgradeHelperLogonPrompt_me.job

[2013/07/28 06:23:06 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat

[2013/07/27 14:32:01 | 000,000,390 | ---- | M] () -- C:\WINDOWS\tasks\ReclaimerUpdateXML_me.job

[2013/07/26 09:17:52 | 000,013,646 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl

[2013/07/24 06:03:02 | 000,000,394 | ---- | M] () -- C:\WINDOWS\tasks\ReclaimerUpdateFiles_me.job

[2013/07/20 19:15:54 | 000,000,789 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Malwarebytes Anti-Malware.lnk

[2013/07/20 17:55:52 | 000,001,551 | ---- | M] () -- C:\Documents and Settings\me\Application Data\Microsoft\Internet Explorer\Quick Launch\ImgBurn.lnk

[2013/07/20 17:55:52 | 000,001,533 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\ImgBurn.lnk

[2013/07/20 17:05:26 | 000,001,609 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\CDBurnerXP.lnk

[2013/07/17 10:01:33 | 000,723,694 | ---- | M] () -- C:\Documents and Settings\me\Desktop\Digital Economy.pdf

[2013/07/13 07:14:49 | 000,001,818 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Google Chrome.lnk

[2013/07/11 08:57:46 | 000,250,288 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT

[2013/07/10 21:55:19 | 000,001,374 | ---- | M] () -- C:\WINDOWS\imsins.BAK

[2013/07/10 21:54:35 | 000,433,122 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat

[2013/07/10 21:54:35 | 000,067,952 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat

[4 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]

[1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]

========== Files Created - No Company Name ==========

[2013/07/20 17:55:52 | 000,001,551 | ---- | C] () -- C:\Documents and Settings\me\Application Data\Microsoft\Internet Explorer\Quick Launch\ImgBurn.lnk

[2013/07/20 17:55:52 | 000,001,533 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\ImgBurn.lnk

[2013/07/20 17:54:44 | 000,000,296 | ---- | C] () -- C:\WINDOWS\tasks\BrowserDefendert.job

[2013/07/20 17:05:26 | 000,001,609 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\CDBurnerXP.lnk

[2013/07/20 17:05:25 | 000,001,561 | ---- | C] () -- C:\Documents and Settings\All Users\Start Menu\Programs\CDBurnerXP.lnk

[2013/07/20 17:05:23 | 000,005,504 | ---- | C] () -- C:\WINDOWS\System32\drivers\StarOpen.sys

[2013/07/17 10:53:54 | 000,723,694 | ---- | C] () -- C:\Documents and Settings\me\Desktop\Digital Economy.pdf

[2013/07/11 22:07:37 | 000,125,120 | ---- | C] () -- C:\Documents and Settings\LocalService\Local Settings\Application Data\FontCache3.0.0.0.dat

[2012/02/15 03:10:37 | 000,003,072 | ---- | C] () -- C:\WINDOWS\System32\iacenc.dll

[2011/11/20 00:11:36 | 000,003,584 | ---- | C] () -- C:\Documents and Settings\me\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini

[2011/08/24 14:53:56 | 000,000,054 | ---- | C] () -- C:\WINDOWS\JascCmdFile.INI

[2011/05/12 20:00:37 | 000,001,940 | ---- | C] () -- C:\Documents and Settings\LocalService\Local Settings\Application Data\{96C87F53-AC72-4604-A9CC-186A49F17F3C}.ini

========== ZeroAccess Check ==========

[2010/11/17 00:38:34 | 000,000,227 | RHS- | M] () -- C:\WINDOWS\assembly\Desktop.ini

[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]

[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc8 7-2188-41fd-b9a3-0c966feabec1}\InProcServer32]

"" = %SystemRoot%\system32\shdocvw.dll -- [2010/04/16 17:09:07 | 001,509,888 | ---- | M] (Microsoft Corporation)

"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA 9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]

"" = C:\WINDOWS\system32\wbem\fastprox.dll -- [2009/02/09 13:10:48 | 000,473,600 | ---- | M] (Microsoft Corporation)

"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CD B-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]

"" = C:\WINDOWS\system32\wbem\wbemess.dll -- [2008/04/14 01:12:08 | 000,273,920 | ---- | M] (Microsoft Corporation)

"ThreadingModel" = Both

========== LOP Check ==========

[2013/07/20 17:53:38 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Babylon

[2013/07/20 17:54:35 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\BrowserDefender

[2013/07/20 17:05:34 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Canneverbe Limited

[2010/11/17 01:34:43 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\PC Drivers HeadQuarters

[2010/11/18 11:45:01 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\PCSettings

[2010/11/18 10:57:32 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\{3276BE95_AF08_429F_A64F_CA64CB79BCF6}

[2011/10/25 20:36:27 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\{429CAD59-35B1-4DBC-BB6D-1DB246563521}

[2011/07/18 22:30:40 | 000,000,000 | ---D | M] -- C:\Documents and Settings\me\Application Data\AVSoftware

[2013/07/20 17:53:38 | 000,000,000 | ---D | M] -- C:\Documents and Settings\me\Application Data\Babylon

[2013/07/20 17:05:34 | 000,000,000 | ---D | M] -- C:\Documents and Settings\me\Application Data\Canneverbe Limited

[2010/11/18 12:48:51 | 000,000,000 | ---D | M] -- C:\Documents and Settings\me\Application Data\CoSoSys

[2013/07/20 17:30:30 | 000,000,000 | ---D | M] -- C:\Documents and Settings\me\Application Data\FreeBurner

[2011/09/21 18:19:21 | 000,000,000 | ---D | M] -- C:\Documents and Settings\me\Application Data\GirlsDateChat

[2013/07/20 18:02:52 | 000,000,000 | ---D | M] -- C:\Documents and Settings\me\Application Data\ImgBurn

[2010/11/17 17:12:13 | 000,000,000 | ---D | M] -- C:\Documents and Settings\me\Application Data\InterTrust

[2011/11/05 22:08:49 | 000,000,000 | ---D | M] -- C:\Documents and Settings\me\Application Data\Seagate

[2010/11/17 17:02:38 | 000,000,000 | ---D | M] -- C:\Documents and Settings\me\Application Data\Serif

[2010/11/17 10:19:37 | 000,000,000 | ---D | M] -- C:\Documents and Settings\me\Application Data\WinBatch

[2012/10/31 11:49:37 | 000,000,000 | ---D | M] -- C:\Documents and Settings\me\Application Data\Wondershare

========== Purity Check ==========

< End of report >

Show more