OTListit logfile [quote]OTListIt logfile created on: 11/04/2009 16:36:58 - Run 1 OTListIt2 by OldTimer - Version 2.0.12.2 Folder = C:\Documents and Settings\Shaun\My Documents\Sports Interactive\Football Manager 2009\schedules Windows XP Home Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation Internet Explorer (Version = 6.0.2900.5512) Locale: 00000809 | Country: United Kingdom | Language: ENG | Date Format: dd/MM/yyyy 2.00 Gb Total Physical Memory | 1.45 Gb Available Physical Memory | 72.44% Memory free 3.35 Gb Paging File | 2.94 Gb Available in Paging File | 87.90% Paging File free Paging file location(s): C:\pagefile.sys 1534 6136; %SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files Drive C: | 114.49 Gb Total Space | 3.16 Gb Free Space | 2.76% Space Free | Partition Type: NTFS Drive D: | 2.10 Gb Total Space | 0.00 Gb Free Space | 0.00% Space Free | Partition Type: UDF E: Drive not present or media not loaded F: Drive not present or media not loaded G: Drive not present or media not loaded H: Drive not present or media not loaded I: Drive not present or media not loaded Computer Name: SHAUN-228667C18 Current User Name: Shaun Logged in as Administrator. Current Boot Mode: Normal Scan Mode: Current user Output = Standard File Age = 30 Days Company Name Whitelist: On [color=orange]========== Processes (SafeList) ==========[/color] PRC - [2008/10/29 03:09:10 | 00,585,728 | ---- | M] (ATI Technologies Inc.) -- C:\WINDOWS\system32\Ati2evxx.exe PRC - [2008/10/29 03:09:10 | 00,585,728 | ---- | M] (ATI Technologies Inc.) -- C:\WINDOWS\system32\Ati2evxx.exe PRC - [2009/04/11 10:42:56 | 00,298,264 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG8\avgwdsvc.exe PRC - [2004/03/29 16:08:16 | 00,049,152 | ---- | M] () -- C:\Program Files\Belkin\F5D7051\WLService.exe PRC - [1999/12/13 02:01:00 | 00,044,032 | ---- | M] (Creative Technology Ltd) -- C:\WINDOWS\system32\CTsvcCDA.exe PRC - [2009/04/11 09:22:52 | 04,414,520 | ---- | M] (Prevx) -- C:\Program Files\Prevx\prevx.exe PRC - [2006/12/16 02:49:56 | 00,002,560 | ---- | M] () -- C:\WINDOWS\runservice.exe PRC - [2009/04/11 10:43:01 | 00,485,144 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG8\avgrsx.exe PRC - [2009/04/11 10:43:01 | 00,594,200 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG8\avgnsx.exe PRC - [2009/04/11 09:22:52 | 04,414,520 | ---- | M] (Prevx) -- C:\Program Files\Prevx\prevx.exe PRC - [2008/04/14 01:12:19 | 01,033,728 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\Explorer.EXE PRC - [2009/04/11 10:42:57 | 01,932,568 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG8\avgtray.exe PRC - [2009/04/11 10:51:36 | 05,734,400 | ---- | M] (Microsoft Corporation) -- C:\Program Files\MSN Messenger\msnmsgr.exe PRC - [2009/04/11 16:04:29 | 00,011,264 | ---- | M] () -- C:\Documents and Settings\Shaun\Local Settings\temp\mmoyfb.exe PRC - [2009/04/11 10:46:37 | 07,742,464 | ---- | M] (Mozilla Corporation) -- C:\Program Files\Mozilla Firefox\firefox.exe PRC - [2009/04/11 16:11:16 | 03,458,560 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG8\avgui.exe PRC - [2008/04/14 01:12:14 | 00,389,120 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\cmd.exe PRC - [2009/04/11 16:36:19 | 00,500,736 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Shaun\My Documents\Sports Interactive\Football Manager 2009\schedules\OTListIt2.exe [color=orange]========== Win32 Services (SafeList) ==========[/color] SRV - File not found -- -- (aawservice [Disabled | Stopped]) SRV - [2007/10/24 01:47:22 | 00,033,800 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe -- (aspnet_state [On_Demand | Stopped]) SRV - [2008/10/29 03:09:10 | 00,585,728 | ---- | M] (ATI Technologies Inc.) -- C:\WINDOWS\system32\Ati2evxx.exe -- (Ati HotKey Poller [Auto | Running]) SRV - [2008/10/28 22:05:00 | 00,593,920 | ---- | M] () -- C:\WINDOWS\system32\ati2sgag.exe -- (ATI Smart [Auto | Stopped]) SRV - [2009/04/11 10:42:56 | 00,298,264 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG8\avgwdsvc.exe -- (avg8wd [Auto | Running]) SRV - [2004/03/29 16:08:16 | 00,049,152 | ---- | M] () -- C:\Program Files\Belkin\F5D7051\WLService.exe -- (Belkin High-Speed Mode Wireless G USB Network Adapter Service [Auto | Running]) SRV - [2007/10/24 01:47:40 | 00,070,144 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32 [On_Demand | Stopped]) SRV - [1999/12/13 02:01:00 | 00,044,032 | ---- | M] (Creative Technology Ltd) -- C:\WINDOWS\system32\CTsvcCDA.exe -- (Creative Service for CDROM Access [Auto | Running]) SRV - [2009/04/11 09:22:52 | 04,414,520 | ---- | M] (Prevx) -- C:\Program Files\Prevx\prevx.exe -- (CSIScanner [Auto | Running]) SRV - File not found -- -- (FirebirdGuardianDefaultInstance [Disabled | Stopped]) SRV - [2009/04/11 11:49:28 | 02,711,552 | ---- | M] (FirebirdSQL Project) -- C:\Program Files\Firebird\Firebird_2_1\bin\fbserver.exe -- (FirebirdServerDefaultInstance [Disabled | Stopped]) SRV - [2006/10/20 22:21:24 | 00,036,864 | ---- | M] (Microsoft Corporation) -- c:\WINDOWS\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe -- (FontCache3.0.0.0 [On_Demand | Stopped]) SRV - [2008/04/14 01:12:02 | 00,038,400 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\PCHealth\HelpCtr\Binaries\pchsvc.dll -- (helpsvc [Auto | Running]) SRV - [2006/10/30 04:33:58 | 00,741,376 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe -- (idsvc [Unknown | Stopped]) SRV - File not found -- -- (iPodService [On_Demand | Stopped]) SRV - [2006/12/16 02:49:56 | 00,002,560 | ---- | M] () -- C:\WINDOWS\runservice.exe -- (LicCtrlService [Auto | Running]) SRV - [2006/10/30 04:34:02 | 00,122,880 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe -- (NetTcpPortSharing [Disabled | Stopped]) SRV - [2006/10/26 20:49:34 | 00,441,136 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE -- (odserv [On_Demand | Stopped]) SRV - [2006/10/26 15:03:08 | 00,145,184 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE -- (ose [On_Demand | Stopped]) SRV - [2008/03/25 13:36:42 | 00,066,872 | ---- | M] () -- C:\WINDOWS\system32\PnkBstrA.exe -- (PnkBstrA [Disabled | Stopped]) SRV - [2009/04/11 12:11:02 | 00,354,816 | ---- | M] (Nokia.) -- C:\Program Files\Nokia\PC Connectivity Solution\ServiceLayer.exe -- (ServiceLayer [On_Demand | Stopped]) SRV - File not found -- -- (usnjsvc [On_Demand | Stopped]) SRV - File not found -- -- (Viewpoint Manager Service [Disabled | Stopped]) SRV - [2006/10/18 21:05:24 | 00,913,408 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Windows Media Player\WMPNetwk.exe -- (WMPNetworkSvc [On_Demand | Stopped]) [color=orange]========== Driver Services (SafeList) ==========[/color] DRV - File not found -- -- (abp470n5 [On_Demand | Running]) DRV - [2007/03/30 19:50:21 | 00,017,801 | ---- | M] (Meetinghouse Data Communications) -- C:\WINDOWS\system32\DRIVERS\AegisP.sys -- (AegisP [Auto | Running]) DRV - [2004/05/08 10:21:44 | 00,035,840 | ---- | M] (Advanced Micro Devices) -- C:\WINDOWS\system32\DRIVERS\AmdK8.sys -- (AmdK8 [System | Running]) DRV - [2008/10/29 04:10:58 | 03,341,824 | ---- | M] (ATI Technologies Inc.) -- C:\WINDOWS\system32\DRIVERS\ati2mtag.sys -- (ati2mtag [On_Demand | Running]) DRV - [2006/02/22 09:13:54 | 00,006,144 | ---- | M] (ATI Technologies Inc.) -- C:\WINDOWS\system32\atiicdxx.sys -- (ATICDSDr [On_Demand | Stopped]) DRV - [2008/09/08 18:32:24 | 00,018,336 | ---- | M] () -- C:\Program Files\Ray Adams\ATI Tray Tools\atitray.sys -- (atitray [System | Running]) DRV - [2009/04/11 10:43:23 | 00,325,640 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\WINDOWS\System32\Drivers\avgldx86.sys -- (AvgLdx86 [System | Running]) DRV - [2009/04/11 10:43:20 | 00,027,656 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\WINDOWS\System32\Drivers\avgmfx86.sys -- (AvgMfx86 [System | Running]) DRV - [2009/04/11 10:43:30 | 00,108,552 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\WINDOWS\System32\Drivers\avgtdix.sys -- (AvgTdiX [System | Running]) DRV - [2008/02/27 13:49:00 | 00,003,840 | ---- | M] () -- C:\WINDOWS\System32\Drivers\BANTExt.sys -- (BANTExt [System | Running]) DRV - [2003/09/22 01:48:06 | 00,130,192 | ---- | M] (Creative Technology Ltd) -- C:\WINDOWS\system32\DRIVERS\ctsfm2k.sys -- (ctsfm2k [On_Demand | Running]) DRV - [2003/09/25 22:15:32 | 00,015,872 | ---- | M] (Printing Communications Assoc., Inc. (PCAUSA)) -- C:\WINDOWS\system32\GTNDIS5.SYS -- (GTNDIS5 [On_Demand | Stopped]) DRV - [2005/02/11 11:19:20 | 00,055,216 | ---- | M] (MCCI) -- C:\WINDOWS\system32\DRIVERS\k750bus.sys -- (k750bus [On_Demand | Stopped]) DRV - [2005/02/11 11:21:02 | 00,006,576 | ---- | M] (MCCI) -- C:\WINDOWS\system32\DRIVERS\k750mdfl.sys -- (k750mdfl [On_Demand | Stopped]) DRV - [2005/02/11 11:21:10 | 00,089,872 | ---- | M] (MCCI) -- C:\WINDOWS\system32\DRIVERS\k750mdm.sys -- (k750mdm [On_Demand | Stopped]) DRV - [2005/02/11 11:22:48 | 00,081,728 | ---- | M] (MCCI) -- C:\WINDOWS\system32\DRIVERS\k750mgmt.sys -- (k750mgmt [On_Demand | Stopped]) DRV - [2008/09/15 08:56:24 | 00,017,664 | ---- | M] (Nokia) -- C:\WINDOWS\system32\drivers\ccdcmb.sys -- (nmwcd [On_Demand | Stopped]) DRV - [2008/09/15 08:56:24 | 00,022,016 | ---- | M] (Nokia) -- C:\WINDOWS\system32\drivers\ccdcmbo.sys -- (nmwcdc [On_Demand | Stopped]) DRV - [2008/02/01 16:17:12 | 00,138,112 | ---- | M] (Nokia) -- C:\WINDOWS\system32\drivers\nmwcdnsu.sys -- (nmwcdnsu [On_Demand | Stopped]) DRV - [2008/02/01 16:17:06 | 00,008,320 | ---- | M] (Nokia) -- C:\WINDOWS\system32\drivers\nmwcdnsuc.sys -- (nmwcdnsuc [On_Demand | Stopped]) DRV - [2003/09/22 01:47:38 | 00,178,672 | ---- | M] (Creative Technology Ltd.) -- C:\WINDOWS\system32\DRIVERS\ctoss2k.sys -- (ossrv [On_Demand | Running]) DRV - [2004/06/04 09:27:46 | 00,840,960 | ---- | M] (Creative Technology Ltd.) -- C:\WINDOWS\system32\drivers\P17.sys -- (P17 [On_Demand | Running]) DRV - [2008/06/19 17:24:30 | 00,028,544 | ---- | M] (Panda Security, S.L.) -- C:\WINDOWS\system32\drivers\pavboot.sys -- (pavboot [Boot | Running]) DRV - [2007/09/17 15:53:26 | 00,021,632 | ---- | M] (Nokia) -- C:\WINDOWS\system32\DRIVERS\pccsmcfd.sys -- (pccsmcfd [On_Demand | Stopped]) DRV - [2004/08/04 13:00:00 | 00,017,792 | ---- | M] (Parallel Technologies, Inc.) -- C:\WINDOWS\system32\DRIVERS\ptilink.sys -- (Ptilink [On_Demand | Running]) DRV - [2006/08/25 04:47:00 | 00,036,528 | ---- | M] (Sonic Solutions) -- C:\WINDOWS\System32\Drivers\PxHelp20.sys -- (PxHelp20 [Boot | Running]) DRV - [2009/04/11 09:22:52 | 00,022,024 | ---- | M] (Prevx) -- C:\WINDOWS\System32\drivers\pxscan.sys -- (pxscan [Boot | Running]) DRV - [2008/12/04 14:50:04 | 00,008,944 | ---- | M] (SUPERAdBlocker.com and SUPERAntiSpyware.com) -- C:\Program Files\SUPERAntiSpyware\SASDIFSV.SYS -- (SASDIFSV [System | Running]) DRV - [2008/12/04 14:50:06 | 00,007,408 | R--- | M] ( SUPERAdBlocker.com and SUPERAntiSpyware.com) -- C:\Program Files\SUPERAntiSpyware\SASENUM.SYS -- (SASENUM [On_Demand | Running]) DRV - [2008/12/04 14:50:02 | 00,055,024 | ---- | M] (SUPERAdBlocker.com and SUPERAntiSpyware.com) -- C:\Program Files\SUPERAntiSpyware\SASKUTIL.sys -- (SASKUTIL [System | Running]) DRV - [2007/11/13 11:25:53 | 00,020,480 | ---- | M] (Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K.) -- C:\WINDOWS\system32\DRIVERS\secdrv.sys -- (Secdrv [On_Demand | Stopped]) DRV - [2004/05/25 10:36:12 | 00,028,544 | ---- | M] (Silicon Integrated Systems) -- C:\WINDOWS\system32\drivers\SiSRaid2.sys -- (SiSRaid2 [Boot | Running]) DRV - [2007/08/27 18:54:03 | 00,685,816 | ---- | M] () -- C:\WINDOWS\System32\Drivers\sptd.sys -- (sptd [Boot | Running]) DRV - [2008/09/15 08:56:24 | 00,008,064 | ---- | M] (Windows (R) Codename Longhorn DDK provider) -- C:\WINDOWS\system32\DRIVERS\usbser_lowerflt.sys -- (upperdev [On_Demand | Stopped]) DRV - [2008/04/13 19:45:12 | 00,060,032 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\drivers\usbaudio.sys -- (usbaudio [On_Demand | Stopped]) DRV - [2008/04/13 19:56:49 | 00,012,800 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\DRIVERS\usb8023.sys -- (USB_RNDIS [On_Demand | Running]) DRV - [2005/06/13 10:03:12 | 00,060,768 | ---- | M] (MCCI) -- C:\WINDOWS\system32\DRIVERS\w800bus.sys -- (w800bus [On_Demand | Stopped]) DRV - [2005/06/13 10:05:08 | 00,009,264 | ---- | M] (MCCI) -- C:\WINDOWS\system32\DRIVERS\w800mdfl.sys -- (w800mdfl [On_Demand | Stopped]) DRV - [2005/06/13 10:05:16 | 00,096,224 | ---- | M] (MCCI) -- C:\WINDOWS\system32\DRIVERS\w800mdm.sys -- (w800mdm [On_Demand | Stopped]) DRV - [2005/06/13 10:06:58 | 00,087,792 | ---- | M] (MCCI) -- C:\WINDOWS\system32\DRIVERS\w800mgmt.sys -- (w800mgmt [On_Demand | Stopped]) DRV - [2005/06/13 10:08:36 | 00,085,664 | ---- | M] (MCCI) -- C:\WINDOWS\system32\DRIVERS\w800obex.sys -- (w800obex [On_Demand | Stopped]) [color=orange]========== Standard Registry (SafeList) ==========[/color] [color=orange]========== Internet Explorer ==========[/color] IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157 IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\windows\system32\blank.htm IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,CustomizeSearch = http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchcust.htm IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchasst.htm IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\WINDOWS\system32\blank.htm IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 [color=orange]========== FireFox ==========[/color] FF - HKLM\software\mozilla\Firefox\Extensions\\{3f963a5b-e555-4543-90e2-c3908898db71}: C:\PROGRAM FILES\AVG\AVG8\FIREFOX [2009/04/11 10:42:56 | 00,000,000 | ---D | M] FF - HKLM\software\mozilla\Mozilla Firefox 2.0.0.20\extensions\\Components: C:\PROGRAM FILES\MOZILLA FIREFOX\COMPONENTS [2008/12/20 18:22:20 | 00,000,000 | ---D | M] FF - HKLM\software\mozilla\Mozilla Firefox 2.0.0.20\extensions\\Plugins: C:\PROGRAM FILES\MOZILLA FIREFOX\PLUGINS [2009/04/06 23:04:51 | 00,000,000 | ---D | M] FF - HKLM\software\mozilla\Mozilla Thunderbird 2.0.0.19\extensions\\Components: C:\PROGRAM FILES\MOZILLA THUNDERBIRD\COMPONENTS [2009/02/13 22:35:56 | 00,000,000 | ---D | M] FF - HKLM\software\mozilla\Mozilla Thunderbird 2.0.0.19\extensions\\Plugins: C:\PROGRAM FILES\MOZILLA THUNDERBIRD\PLUGINS [2009/04/06 23:11:21 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Shaun\Application Data\mozilla\Extensions [2009/04/06 23:11:21 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Shaun\Application Data\mozilla\Extensions\mozswing@mozswing.org [2009/04/10 13:36:48 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Shaun\Application Data\mozilla\Firefox\Profiles\xnjmg5k2.default\extensions [2008/06/14 02:34:49 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Shaun\Application Data\mozilla\Firefox\Profiles\xnjmg5k2.default\extensions\{27A2FD41-CB23-4518-AB5C-C25BAFFDE531} [2009/03/17 18:32:20 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Shaun\Application Data\mozilla\Firefox\Profiles\xnjmg5k2.default\extensions\iaplayer@instantaction.com [2009/04/10 13:36:48 | 00,000,000 | ---D | M] -- C:\Program Files\mozilla firefox\extensions [2008/12/20 18:22:20 | 00,000,000 | ---D | M] -- C:\Program Files\mozilla firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd} [2008/05/22 21:58:26 | 00,000,000 | ---D | M] -- C:\Program Files\mozilla firefox\extensions\{CAFEEFAC-0015-0000-0012-ABCDEFFEDCBA} [2008/07/12 11:13:46 | 00,000,000 | ---D | M] -- C:\Program Files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA} [2008/12/20 18:22:20 | 00,000,000 | ---D | M] -- C:\Program Files\mozilla firefox\extensions\inspector@mozilla.org [2008/12/20 18:22:20 | 00,000,000 | ---D | M] -- C:\Program Files\mozilla firefox\extensions\talkback@mozilla.org [2008/12/20 18:21:55 | 00,067,688 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\jar50.dll [2008/12/20 18:21:55 | 00,054,368 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\jsd3250.dll [2008/12/20 18:21:55 | 00,034,944 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\myspell.dll [2008/12/20 18:21:56 | 00,046,712 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\spellchk.dll [2008/12/20 18:21:56 | 00,172,136 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\xpinstal.dll [2008/12/20 18:22:15 | 00,001,538 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\amazon-en-GB.xml [2008/12/20 18:22:15 | 00,002,206 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\answers.xml [2008/12/20 18:22:15 | 00,000,947 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\chambers-en-GB.xml [2008/12/20 18:22:15 | 00,001,049 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\creativecommons.xml [2008/12/20 18:22:15 | 00,001,077 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\eBay-en-GB.xml [2008/12/20 18:22:15 | 00,002,368 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\google.xml [2008/12/20 18:22:15 | 00,000,831 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\yahoo-en-GB.xml O1 HOSTS File: (27 bytes) - C:\WINDOWS\System32\drivers\etc\Hosts O1 - Hosts: 127.0.0.1 localhost O2 - BHO: (AVG Safe Search) - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG8\avgssie.dll (AVG Technologies CZ, s.r.o.) O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - Reg Error: Key error. File not found O3 - HKLM\..\Toolbar: (no name) - {381FFDE8-2394-4f90-B10D-FC6124A40F8C} - Reg Error: Key error. File not found O4 - HKLM..\Run: [AVG8_TRAY] C:\Program Files\AVG\AVG8\avgtray.exe (AVG Technologies CZ, s.r.o.) O4 - HKCU..\Run: [AtiTrayTools] "C:\Program Files\Ray Adams\ATI Tray Tools\atitray.exe" (Ray Adams) O4 - HKCU..\Run: [msnmsgr] "C:\Program Files\MSN Messenger\msnmsgr.exe" /background (Microsoft Corporation) O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: dontdisplaylastusername = 0 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticecaption = O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticetext = O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: shutdownwithoutlogon = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: undockwithoutlogon = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableRegistryTools = 0 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0 O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323 O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863 O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0 O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableRegistryTools = 1 O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableTaskMgr = 1 O8 - Extra context menu item: Download all with Free Download Manager - file://C:\Program Files\Free Download Manager\dlall.htm File not found O8 - Extra context menu item: Download selected with Free Download Manager - file://C:\Program Files\Free Download Manager\dlselected.htm File not found O8 - Extra context menu item: Download web site with Free Download Manager - file://C:\Program Files\Free Download Manager\dlpage.htm File not found O8 - Extra context menu item: Download with Free Download Manager - file://C:\Program Files\Free Download Manager\dllink.htm File not found O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\Program Files\MICROS~3\Office12\EXCEL.EXE/3000 (Microsoft Corporation) O9 - Extra 'Tools' menuitem : Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\npjpi160_07.dll (Sun Microsystems, Inc.) O9 - Extra Button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office12\ONBttnIE.dll (Microsoft Corporation) O9 - Extra 'Tools' menuitem : S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office12\ONBttnIE.dll (Microsoft Corporation) O9 - Extra 'Tools' menuitem : Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe () O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\Program Files\Microsoft Office\Office12\REFIEBAR.DLL (Microsoft Corporation) O9 - Extra 'Tools' menuitem : @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe (Microsoft Corporation) O9 - Extra Button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe File not found O9 - Extra 'Tools' menuitem : Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe File not found O15 - HKLM\..Trusted Domains: 1 domain(s) and sub-domain(s) not assigned to a zone. O15 - HKCU\..Trusted Sites: doginhispen.com ([]* in Trusted sites) O15 - HKCU\..Trusted Sites: whataboutadog.com ([]* in Trusted sites) O16 - DPF: {02BF25D5-8C17-4B23-BC80-D3488ABDDC6B} http://www.apple.com/qtactivex/qtplugin.cab (QuickTime Object) O16 - DPF: {0CCA191D-13A6-4E29-B746-314DEE697D83} http://upload.facebook.com/controls/2008.10.10_v5.5.8/FacebookPhotoUploader5.cab (Facebook Photo Uploader 5 Control) O16 - DPF: {166B1BCA-3F9C-11CF-8075-444553540000} http://download.macromedia.com/pub/shockwave/cabs/director/sw.cab (Shockwave ActiveX Control) O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} http://go.microsoft.com/fwlink/?linkid=39204 (Windows Genuine Advantage Validation Tool) O16 - DPF: {2D8ED06D-3C30-438B-96AE-4D110FDC1FB8} http://acs.pandasoftware.com/activescan/cabs/as2stubie.cab (ActiveScan 2.0 Installer Class) O16 - DPF: {31435657-9980-0010-8000-00AA00389B71} http://download.microsoft.com/download/e/2/f/e2fcec4b-6c8b-48b7-adab-ab9c403a978f/wvc1dmo.cab (Reg Error: Key error.) O16 - DPF: {48DD0448-9209-4F81-9F6D-D83562940134} http://lads.myspace.com/upload/MySpaceUploader1006.cab (MySpace Uploader Control) O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} http://gfx1.hotmail.com/mail/w2/resources/MSNPUpld.cab (MSN Photo Upload Tool) O16 - DPF: {5C6698D9-7BE4-4122-8EC5-291D84DBD4A0} http://upload.facebook.com/controls/FacebookPhotoUploader3.cab (Facebook Photo Uploader 4 Control) O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} http://download.bitdefender.com/resources/scan8/oscan8.cab (BDSCANONLINE Control) O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_07-windows-i586.cab (Java Plug-in 1.6.0_07) O16 - DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} http://fpdownload.macromedia.com/get/flashplayer/current/ultrashim.cab (Reg Error: Key error.) O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} http://messenger.zone.msn.com/binary/ZIntro.cab47946.cab (Reg Error: Key error.) O16 - DPF: {CAFEEFAC-0014-0002-0010-ABCDEFFEDCBA} http://java.sun.com/products/plugin/autodl/jinstall-142-windows-i586.cab (Java Plug-in 1.4.2_10) O16 - DPF: {CAFEEFAC-0015-0000-0012-ABCDEFFEDCBA} http://java.sun.com/update/1.5.0/jinstall-1_5_0_12-windows-i586.cab (Java Plug-in 1.5.0_12) O16 - DPF: {CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_07-windows-i586.cab (Java Plug-in 1.6.0_07) O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_07-windows-i586.cab (Java Plug-in 1.6.0_07) O16 - DPF: {D0C0F75C-683A-4390-A791-1ACFD5599AB8} http://games.myspace.com/Gameshell/GameHost/1.0/OberonGameHost.cab (Oberon Flash Game Host) O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://download.macromedia.com/pub/shockwave/cabs/flash/swflash.cab (Shockwave Flash Object) O16 - DPF: {D8089245-3211-40F6-819B-9E5E92CD61A2} https://register3.valueactive.com/236/webolr/OCX/FlashAX.cab (FlashXControl Object) O16 - DPF: {E7DBFB6C-113A-47CF-B278-F5C6AF4DE1BD} http://download.abacast.com/download/files/abasetup161.cab (Reg Error: Key error.) O18 - Protocol\Handler\belarc {6318E0AB-2E93-11D1-B8ED-00608CC9A71F} - C:\Program Files\Belarc\Advisor\System\BAVoilaX.dll (Belarc, Inc.) O18 - Protocol\Handler\http\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation) O18 - Protocol\Handler\http\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation) O18 - Protocol\Handler\https\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation) O18 - Protocol\Handler\https\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation) O18 - Protocol\Handler\ipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation) O18 - Protocol\Handler\linkscanner {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG8\avgpp.dll (AVG Technologies CZ, s.r.o.) O18 - Protocol\Handler\livecall {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files\MSN Messenger\msgrapp.8.1.0178.00.dll (Microsoft Corporation) O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation) O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation) O18 - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Program Files\Common Files\Microsoft Shared\Help\hxds.dll (Microsoft Corporation) O18 - Protocol\Handler\msnim {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files\MSN Messenger\msgrapp.8.1.0178.00.dll (Microsoft Corporation) O18 - Protocol\Filter: - text/xml - C:\Program Files\Common Files\Microsoft Shared\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation) O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\Explorer.exe (Microsoft Corporation) O20 - Winlogon\Notify\!SASWinLogon: DllName - C:\Program Files\SUPERAntiSpyware\SASWINLO.DLL - C:\Program Files\SUPERAntiSpyware\SASWINLO.DLL (SUPERAntiSpyware.com) O20 - Winlogon\Notify\AtiExtEvent: DllName - Ati2evxx.dll - C:\WINDOWS\system32\Ati2evxx.dll (ATI Technologies Inc.) O20 - Winlogon\Notify\avgrsstarter: DllName - avgrsstx.dll - C:\WINDOWS\system32\avgrsstx.dll (AVG Technologies CZ, s.r.o.) O28 - HKLM ShellExecuteHooks: {5AE067D3-9AFB-48E0-853A-EBB7F4A000DA} - C:\Program Files\SUPERAntiSpyware\SASSEH.DLL (SuperAdBlocker.com) O32 - HKLM CDRom: AutoRun - 1 O32 - AutoRun File - [2005/09/14 22:18:20 | 00,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ] O32 - AutoRun File - [2008/10/13 19:44:59 | 00,136,448 | R--- | M] (Sports Interactive) - D:\autorun.exe -- [ UDF ] O32 - AutoRun File - [2008/07/25 18:10:55 | 00,000,027 | R--- | M] () - D:\autorun.inf -- [ UDF ] O33 - MountPoints2\{7e0a4fed-bcb7-11dd-b2ba-0011507d963b}\Shell - "" = AutoRun O33 - MountPoints2\{7e0a4fed-bcb7-11dd-b2ba-0011507d963b}\Shell\AutoRun - "" = Auto&Play O33 - MountPoints2\{7e0a4fed-bcb7-11dd-b2ba-0011507d963b}\Shell\AutoRun\command - "" = G:\setup\rsrc\Autorun.exe -- File not found O33 - MountPoints2\{8b4e9c34-d735-11dd-b325-0011507d963b}\Shell\AutopLAY\CoMMAnd - "" = E:\uhsvoa.exe -- File not found O33 - MountPoints2\{8b4e9c34-d735-11dd-b325-0011507d963b}\Shell\AutoRun\command - "" = E:\uhsvoa.exe -- File not found O33 - MountPoints2\{8b4e9c34-d735-11dd-b325-0011507d963b}\Shell\eXPlOrE\ComMand - "" = E:\uhsvoa.exe -- File not found O33 - MountPoints2\{8b4e9c34-d735-11dd-b325-0011507d963b}\Shell\oPen\CoMmAnd - "" = E:\uhsvoa.exe -- File not found O33 - MountPoints2\D\Shell - "" = AutoRun O33 - MountPoints2\D\Shell\AutoRun - "" = Auto&Play O33 - MountPoints2\D\Shell\AutoRun\command - "" = D:\autorun.exe -- [2008/10/13 19:44:59 | 00,136,448 | R--- | M] (Sports Interactive) O34 - HKLM BootExecute: (autocheck) - File not found O34 - HKLM BootExecute: (autochk) - C:\WINDOWS\System32\autochk.exe (Microsoft Corporation) O34 - HKLM BootExecute: (*) - File not found O34 - HKLM BootExecute: (lsdelete) - C:\WINDOWS\System32\lsdelete.exe () [color=orange]========== Files/Folders - Created Within 30 Days ==========[/color] [8 C:\WINDOWS\*.tmp files] [2009/04/11 16:29:48 | 00,000,000 | ---D | C] -- C:\Rooter$ [2009/04/11 16:15:57 | 00,000,000 | -HSD | C] -- C:\RECYCLER [2009/04/11 15:52:14 | 00,000,000 | ---D | C] -- C:\WINDOWS\temp [2009/04/11 15:19:35 | 00,000,211 | ---- | C] () -- C:\Boot.bak [2009/04/11 15:19:29 | 00,260,272 | ---- | C] () -- C:\cmldr [2009/04/11 15:19:18 | 00,000,000 | RHSD | C] -- C:\cmdcons [2009/04/11 15:18:09 | 00,212,480 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWXCACLS.exe [2009/04/11 15:18:09 | 00,161,792 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWREG.exe [2009/04/11 15:18:09 | 00,136,704 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWSC.exe [2009/04/11 15:18:09 | 00,098,816 | ---- | C] () -- C:\WINDOWS\sed.exe [2009/04/11 15:18:09 | 00,089,504 | ---- | C] (Smallfrogs Studio) -- C:\WINDOWS\fdsv.exe [2009/04/11 15:18:09 | 00,080,412 | ---- | C] () -- C:\WINDOWS\grep.exe [2009/04/11 15:18:09 | 00,068,096 | ---- | C] () -- C:\WINDOWS\zip.exe [2009/04/11 15:18:09 | 00,049,152 | ---- | C] () -- C:\WINDOWS\VFIND.exe [2009/04/11 15:18:09 | 00,029,696 | ---- | C] (NirSoft) -- C:\WINDOWS\NIRCMD.exe [2009/04/11 15:18:04 | 00,000,000 | ---D | C] -- C:\WINDOWS\ERDNT [2009/04/11 15:18:04 | 00,000,000 | ---D | C] -- C:\ComboFix [2009/04/11 15:18:02 | 00,000,000 | ---D | C] -- C:\Qoobox [2009/04/11 10:44:47 | 00,000,000 | -H-D | C] -- C:\$AVG8.VAULT$ [2009/04/11 10:43:31 | 00,001,511 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\AVG Free 8.5.lnk [2009/04/11 10:43:30 | 00,108,552 | ---- | C] (AVG Technologies CZ, s.r.o.) -- C:\WINDOWS\System32\drivers\avgtdix.sys [2009/04/11 10:43:30 | 00,010,520 | ---- | C] (AVG Technologies CZ, s.r.o.) -- C:\WINDOWS\System32\avgrsstx.dll [2009/04/11 10:43:23 | 00,325,640 | ---- | C] (AVG Technologies CZ, s.r.o.) -- C:\WINDOWS\System32\drivers\avgldx86.sys [2009/04/11 10:43:20 | 00,027,656 | ---- | C] (AVG Technologies CZ, s.r.o.) -- C:\WINDOWS\System32\drivers\avgmfx86.sys [2009/04/11 10:43:09 | 35,030,079 | ---- | C] () -- C:\WINDOWS\System32\drivers\Avg\incavi.avm [2009/04/11 10:43:09 | 06,061,540 | ---- | C] () -- C:\WINDOWS\System32\drivers\Avg\avi7.avg [2009/04/11 10:43:09 | 00,401,372 | ---- | C] () -- C:\WINDOWS\System32\drivers\Avg\miniavi.avg [2009/04/11 10:43:09 | 00,093,053 | ---- | C] () -- C:\WINDOWS\System32\drivers\Avg\microavi.avg [2009/04/11 10:43:09 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\drivers\Avg [2009/04/11 10:42:56 | 00,000,000 | ---D | C] -- C:\Program Files\AVG [2009/04/11 10:42:55 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\avg8 [2009/04/11 09:22:52 | 00,022,024 | ---- | C] (Prevx) -- C:\WINDOWS\System32\drivers\pxscan.sys [2009/04/11 09:22:52 | 00,000,000 | ---D | C] -- C:\Program Files\Prevx [2009/04/11 09:22:49 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\PrevxCSI [2009/04/10 15:30:45 | 04,541,126 | ---- | C] () -- C:\Documents and Settings\Shaun\My Documents\EasyHi-Q-Radio-6.mp3 [2009/04/10 15:24:26 | 04,341,551 | ---- | C] () -- C:\Documents and Settings\Shaun\My Documents\EasyHi-Q-Radio-5.mp3 [2009/04/10 15:20:46 | 04,181,159 | ---- | C] () -- C:\Documents and Settings\Shaun\My Documents\EasyHi-Q-Radio-3-4.mp3 [2009/04/10 15:20:33 | 00,001,567 | ---- | C] () -- C:\Documents and Settings\Shaun\My Documents\EasyHi-Q-Radio-1-2.mp3 [2009/04/10 15:15:29 | 05,321,142 | ---- | C] () -- C:\Documents and Settings\Shaun\My Documents\EasyHi-Q-Radio.mp3 [2009/04/10 14:06:58 | 00,001,859 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Nokia Software Updater.lnk [2009/04/06 23:53:02 | 00,000,430 | ---- | C] () -- C:\Documents and Settings\Shaun\My Documents\harvesterdbv9_2.dat [2009/04/06 23:11:31 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Shaun\My Documents\LimeWire [2009/04/06 23:10:54 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Shaun\Application Data\LimeWire [2009/04/06 23:05:07 | 00,001,582 | ---- | C] () -- C:\Documents and Settings\Shaun\Desktop\LimeWire 5.1.2.lnk [2009/04/06 23:04:41 | 00,000,000 | ---D | C] -- C:\Program Files\LimeWire [2009/04/06 19:35:28 | 00,000,922 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Football Manager 2009.lnk [2009/03/20 14:47:49 | 00,054,156 | -H-- | C] () -- C:\WINDOWS\QTFont.qfn [2009/03/20 14:47:49 | 00,001,409 | ---- | C] () -- C:\WINDOWS\QTFont.for [2009/03/17 18:33:32 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Shaun\Application Data\GarageGames [2009/03/14 13:27:09 | 00,000,754 | ---- | C] () -- C:\Documents and Settings\Shaun\Desktop\WinAVI MP4 Converter.lnk [2009/03/14 13:27:08 | 00,000,000 | ---D | C] -- C:\Program Files\WinAVI MP4 Converter [2009/03/14 13:23:03 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Shaun\My Documents\ImTOO Software Studio [2009/03/14 13:23:00 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Shaun\Application Data\ImTOO Software Studio [2009/03/14 13:22:39 | 00,001,738 | ---- | C] () -- C:\Documents and Settings\Shaun\Desktop\ImTOO AVI MPEG Converter.lnk [2009/03/14 13:13:00 | 00,261,632 | ---- | C] (MainConcept) -- C:\WINDOWS\System32\mcdvd_32.dll [2009/03/14 13:12:59 | 02,564,096 | ---- | C] (Online Media Technologies Ltd.) -- C:\WINDOWS\System32\NCTAudioCompress3.dll [2009/03/14 13:12:59 | 02,260,992 | ---- | C] (NCT Company Ltd.) -- C:\WINDOWS\System32\NCTVideoCompress.dll [2009/03/14 13:12:59 | 01,986,560 | ---- | C] (NCT Company Ltd.) -- C:\WINDOWS\System32\NCTAudioFile2.dll [2009/03/14 13:12:59 | 01,245,184 | ---- | C] (NCT Company Ltd.) -- C:\WINDOWS\System32\NCTRMFile.dll [2009/03/14 13:12:59 | 00,991,232 | ---- | C] (NCT Company Ltd.) -- C:\WINDOWS\System32\NCTVideoCoreM.dll [2009/03/14 13:12:59 | 00,294,912 | ---- | C] (NCT Company Ltd.) -- C:\WINDOWS\System32\NCTAVIFile.dll [2009/03/14 13:12:59 | 00,282,624 | ---- | C] (Online Media Technologies Company Ltd.) -- C:\WINDOWS\System32\NCTQuickTimeFile.dll [2009/03/14 13:12:59 | 00,196,608 | ---- | C] (NCT Company Ltd.) -- C:\WINDOWS\System32\NCTWMVFile.dll [2009/03/14 13:12:59 | 00,139,264 | ---- | C] (NCT Company Ltd.) -- C:\WINDOWS\System32\NCTVideoFile.dll [2009/03/14 13:12:59 | 00,106,496 | ---- | C] (NCT Company Ltd.) -- C:\WINDOWS\System32\NCTVideoCoreU.dll [2009/03/14 13:12:58 | 01,810,432 | ---- | C] (Online Media Technologies Ltd.) -- C:\WINDOWS\System32\NCTAudioCompress2.dll [2009/03/14 13:12:58 | 00,126,464 | ---- | C] () -- C:\WINDOWS\System32\lame_enc.dll [2009/03/14 13:12:57 | 00,000,000 | ---D | C] -- C:\Program Files\4U Computing [2009/03/14 12:08:45 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\TEMP [2009/03/14 12:08:41 | 00,000,478 | ---- | C] () -- C:\Documents and Settings\Shaun\Desktop\Fraps.lnk [2009/03/14 12:08:40 | 00,000,000 | ---D | C] -- C:\Fraps [2009/03/13 18:34:18 | 00,000,000 | ---D | C] -- C:\Program Files\StuffPlug3 [2009/02/13 19:52:33 | 00,000,064 | ---- | C] () -- C:\WINDOWS\wininit.ini [2009/01/31 10:27:04 | 00,000,091 | ---- | C] () -- C:\WINDOWS\System32\3com_dmiv.sys [2008/12/05 16:40:58 | 00,509,224 | ---- | C] () -- C:\WINDOWS\System32\ICCProfiles.dll [2008/11/28 00:12:06 | 00,000,253 | ---- | C] () -- C:\WINDOWS\RomeTW.ini [2008/03/25 13:37:20 | 00,022,328 | ---- | C] () -- C:\WINDOWS\System32\drivers\PnkBstrK.sys [2008/03/22 21:02:58 | 00,000,272 | ---- | C] () -- C:\WINDOWS\System32\q27gksf.dll~ [2008/03/22 21:02:58 | 00,000,272 | ---- | C] () -- C:\WINDOWS\System32\q27gksf.dll [2008/03/22 16:19:17 | 00,004,441 | ---- | C] () -- C:\WINDOWS\System32\xpvub165.dll [2008/03/22 12:57:19 | 00,000,005 | ---- | C] () -- C:\WINDOWS\System32\96u5f62.dll [2008/03/21 22:26:54 | 00,000,938 | -HS- | C] () -- C:\WINDOWS\System32\vpf95j.dll [2008/03/21 22:26:52 | 00,006,656 | ---- | C] () -- C:\WINDOWS\System32\cygcrypt-0.dll [2008/01/09 15:01:48 | 00,000,453 | ---- | C] () -- C:\WINDOWS\bdoscandellang.ini [2007/10/22 21:03:42 | 00,000,118 | ---- | C] () -- C:\WINDOWS\System32\MRT.INI [2007/06/25 14:03:55 | 00,000,042 | ---- | C] () -- C:\WINDOWS\System32\kbpxvcd.dll [2007/04/15 10:35:38 | 00,000,035 | ---- | C] () -- C:\WINDOWS\dice.ini [2007/03/30 19:50:15 | 00,040,960 | ---- | C] () -- C:\WINDOWS\System32\F5D7051.dll [2007/03/30 19:50:14 | 00,094,208 | ---- | C] () -- C:\WINDOWS\System32\GTW32N50.dll [2007/03/30 18:32:37 | 00,065,536 | ---- | C] ( ) -- C:\WINDOWS\System32\A3d.dll [2006/12/16 02:49:56 | 00,049,152 | ---- | C] () -- C:\WINDOWS\mmfs.dll [2006/12/16 02:49:56 | 00,000,713 | -HS- | C] () -- C:\WINDOWS\System32\mmf.sys [2006/12/06 16:43:42 | 00,000,068 | ---- | C] () -- C:\WINDOWS\IDMan.INI [2006/11/21 15:27:24 | 00,685,816 | ---- | C] () -- C:\WINDOWS\System32\drivers\sptd.sys [2006/10/03 23:13:18 | 00,010,752 | ---- | C] () -- C:\WINDOWS\System32\BASSMOD.dll [2006/10/01 22:52:30 | 00,005,018 | -HS- | C] () -- C:\WINDOWS\System32\KGyGaAvL.sys [2006/10/01 22:52:30 | 00,000,168 | RHS- | C] () -- C:\WINDOWS\System32\43FEE08A7F.sys [2006/08/30 01:48:39 | 00,058,952 | ---- | C] () -- C:\WINDOWS\System32\MsgPlusLoader.dll [2006/06/04 13:03:09 | 00,001,007 | ---- | C] () -- C:\WINDOWS\ATICIM.INI [2006/05/22 12:47:24 | 00,008,704 | ---- | C] () -- C:\WINDOWS\System32\ff_vfw.dll [2006/05/21 22:56:42 | 00,000,547 | ---- | C] () -- C:\WINDOWS\System32\ff_vfw.dll.manifest [2006/05/04 11:29:22 | 00,043,520 | ---- | C] () -- C:\WINDOWS\System32\CmdLineExt03.dll [2006/04/29 23:46:14 | 00,011,776 | ---- | C] () -- C:\WINDOWS\System32\ZPORT4AS.dll [2006/04/11 11:50:53 | 00,003,840 | ---- | C] () -- C:\WINDOWS\System32\drivers\BANTExt.sys [2006/04/07 18:01:45 | 00,000,000 | ---- | C] () -- C:\WINDOWS\WinPM.INI [2006/04/07 17:39:50 | 03,592,192 | ---- | C] () -- C:\WINDOWS\System32\qt-mt323.dll [2006/03/31 21:00:35 | 00,000,011 | ---- | C] () -- C:\WINDOWS\System32\atiicdxx.ini [2006/03/10 18:58:53 | 00,000,482 | ---- | C] () -- C:\WINDOWS\SIERRA.INI [2006/01/23 01:51:45 | 00,000,000 | ---- | C] () -- C:\WINDOWS\ipool.INI [2005/12/07 13:31:00 | 00,202,752 | R--- | C] () -- C:\WINDOWS\System32\CddbCdda.dll [2005/11/26 20:22:38 | 00,000,000 | ---- | C] () -- C:\WINDOWS\isnooker.INI [2005/11/26 20:02:32 | 00,000,000 | ---- | C] () -- C:\WINDOWS\iSoccer.INI [2005/10/30 21:03:48 | 00,000,050 | ---- | C] () -- C:\WINDOWS\cdplayer.ini [2005/10/20 18:21:33 | 00,000,023 | ---- | C] () -- C:\WINDOWS\MixBKS.INI [2005/09/27 22:10:58 | 00,200,704 | ---- | C] () -- C:\WINDOWS\System32\teulKit.dll [2005/09/25 14:01:06 | 00,069,632 | R--- | C] () -- C:\WINDOWS\System32\xmltok.dll [2005/09/25 14:01:06 | 00,036,864 | R--- | C] () -- C:\WINDOWS\System32\xmlparse.dll [2005/09/19 23:55:58 | 00,041,888 | ---- | C] () -- C:\WINDOWS\System32\drivers\Oreans.sys [2005/09/15 18:39:09 | 00,000,036 | ---- | C] () -- C:\WINDOWS\Tiny_Run.ini [2005/09/14 22:55:16 | 00,006,272 | ---- | C] () -- C:\WINDOWS\System32\drivers\ASLM75.SYS [2005/09/14 22:51:38 | 00,032,768 | ---- | C] () -- C:\WINDOWS\SIS_LIB.DLL [2005/09/14 22:50:09 | 00,004,071 | ---- | C] () -- C:\WINDOWS\Ascd_tmp.ini [2005/09/14 22:50:06 | 00,005,824 | ---- | C] () -- C:\WINDOWS\System32\drivers\ASUSHWIO.SYS [2005/09/14 22:37:59 | 00,000,231 | ---- | C] () -- C:\WINDOWS\AC3API.INI [2005/09/14 22:37:38 | 00,067,428 | ---- | C] () -- C:\WINDOWS\System32\LudaP17.ini [2005/09/14 22:37:38 | 00,000,029 | ---- | C] () -- C:\WINDOWS\System32\ctzapxx.ini [2005/09/14 22:37:25 | 00,000,077 | ---- | C] () -- C:\WINDOWS\SBWIN.INI [2005/08/09 23:13:31 | 00,831,488 | ---- | C] () -- C:\WINDOWS\System32\libeay32.dll [2005/08/09 23:13:31 | 00,159,744 | ---- | C] () -- C:\WINDOWS\System32\ssleay32.dll [2005/08/09 23:12:28 | 03,596,288 | ---- | C] () -- C:\WINDOWS\System32\qt-dx331.dll [2005/05/03 20:38:42 | 00,060,928 | ---- | C] () -- C:\WINDOWS\System32\P17.dll [2005/03/23 13:17:25 | 00,135,168 | ---- | C] () -- C:\WINDOWS\System32\Property.dll [2004/08/04 13:00:00 | 00,000,889 | ---- | C] () -- C:\WINDOWS\WIN.INI [2004/08/04 13:00:00 | 00,000,353 | ---- | C] () -- C:\WINDOWS\system.ini [2003/10/02 19:48:18 | 00,053,248 | ---- | C] () -- C:\WINDOWS\System32\P17CPI.dll [color=orange]========== Files - Modified Within 30 Days ==========[/color] [11 C:\WINDOWS\System32\*.tmp files] [8 C:\WINDOWS\*.tmp files] [2009/04/11 16:01:17 | 00,002,422 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl [2009/04/11 16:00:57 | 00,000,713 | -HS- | M] () -- C:\WINDOWS\System32\mmf.sys [2009/04/11 16:00:55 | 00,000,006 | -H-- | M] () -- C:\WINDOWS\tasks\SA.DAT [2009/04/11 16:00:51 | 00,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat [2009/04/11 16:00:50 | 00,060,452 | ---- | M] () -- C:\WINDOWS\System32\ativvaxx.cap [2009/04/11 15:55:34 | 00,000,700 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Malwarebytes' Anti-Malware.lnk [2009/04/11 15:42:04 | 00,000,353 | ---- | M] () -- C:\WINDOWS\system.ini [2009/04/11 15:41:33 | 00,000,027 | ---- | M] () -- C:\WINDOWS\System32\drivers\etc\hosts [2009/04/11 15:19:36 | 00,000,281 | RHS- | M] () -- C:\boot.ini [2009/04/11 11:34:08 | 00,135,168 | ---- | M] () -- C:\haspsp3.exe [2009/04/11 11:34:04 | 00,064,512 | ---- | M] () -- C:\HAres.exe [2009/04/11 11:33:37 | 00,263,680 | ---- | M] (Anonymous) -- C:\FairUse4WM.exe [2009/04/11 11:33:22 | 00,147,968 | ---- | M] () -- C:\Documents and Settings\Shaun\My Documents\vlc-0.8.5-win32.exe [2009/04/11 11:32:23 | 00,045,056 | ---- | M] () -- C:\Documents and Settings\Shaun\My Documents\rad_w2kxp_omega_38273.exe [2009/04/11 11:22:56 | 00,069,632 | ---- | M] () -- C:\Documents and Settings\Shaun\My Documents\AVICodecPackPlus2.exe [2009/04/11 10:51:57 | 00,000,565 | ---- | M] () -- C:\Documents and Settings\Shaun\My Documents\My Sharing Folders.lnk [2009/04/11 10:48:13 | 35,030,079 | ---- | M] () -- C:\WINDOWS\System32\drivers\Avg\incavi.avm [2009/04/11 10:47:50 | 00,093,053 | ---- | M] () -- C:\WINDOWS\System32\drivers\Avg\microavi.avg [2009/04/11 10:43:31 | 00,001,511 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\AVG Free 8.5.lnk [2009/04/11 10:43:30 | 00,108,552 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\WINDOWS\System32\drivers\avgtdix.sys [2009/04/11 10:43:30 | 00,010,520 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\WINDOWS\System32\avgrsstx.dll [2009/04/11 10:43:23 | 00,325,640 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\WINDOWS\System32\drivers\avgldx86.sys [2009/04/11 10:43:20 | 00,027,656 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\WINDOWS\System32\drivers\avgmfx86.sys [2009/04/11 10:43:09 | 06,061,540 | ---- | M] () -- C:\WINDOWS\System32\drivers\Avg\avi7.avg [2009/04/11 10:43:09 | 00,401,372 | ---- | M] () -- C:\WINDOWS\System32\drivers\Avg\miniavi.avg [2009/04/11 09:22:52 | 00,022,024 | ---- | M] (Prevx) -- C:\WINDOWS\System32\drivers\pxscan.sys [2009/04/11 09:22:49 | 00,000,064 | ---- | M] () -- C:\WINDOWS\wininit.ini [2009/04/11 07:57:45 | 00,001,324 | ---- | M] () -- C:\WINDOWS\System32\d3d9caps.dat [2009/04/10 15:34:34 | 04,541,126 | ---- | M] () -- C:\Documents and Settings\Shaun\My Documents\EasyHi-Q-Radio-6.mp3 [2009/04/10 15:28:05 | 04,341,551 | ---- | M] () -- C:\Documents and Settings\Shaun\My Documents\EasyHi-Q-Radio-5.mp3 [2009/04/10 15:24:17 | 04,181,159 | ---- | M] () -- C:\Documents and Settings\Shaun\My Documents\EasyHi-Q-Radio-3-4.mp3 [2009/04/10 15:20:34 | 00,001,567 | ---- | M] () -- C:\Documents and Settings\Shaun\My Documents\EasyHi-Q-Radio-1-2.mp3 [2009/04/10 15:19:57 | 05,321,142 | ---- | M] () -- C:\Documents and Settings\Shaun\My Documents\EasyHi-Q-Radio.mp3 [2009/04/10 14:24:10 | 00,054,156 | -H-- | M] () -- C:\WINDOWS\QTFont.qfn [2009/04/10 14:06:58 | 00,001,859 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Nokia Software Updater.lnk [2009/04/07 17:57:26 | 02,562,229 | ---- | M] () -- C:\Documents and Settings\Shaun\Application Data\NMM-MetaData.db [2009/04/07 00:30:35 | 00,119,808 | ---- | M] () -- C:\Documents and Settings\Shaun\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini [2009/04/06 23:53:02 | 00,000,430 | ---- | M] () -- C:\Documents and Settings\Shaun\My Documents\harvesterdbv9_2.dat [2009/04/06 23:05:07 | 00,001,582 | ---- | M] () -- C:\Documents and Settings\Shaun\Desktop\LimeWire 5.1.2.lnk [2009/04/06 19:35:28 | 00,000,922 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Football Manager 2009.lnk [2009/04/06 15:32:54 | 00,038,496 | ---- | M] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbamswissarmy.sys [2009/04/06 15:32:46 | 00,015,504 | ---- | M] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbam.sys [2009/03/31 13:46:10 | 33,429,019 | ---- | M] () -- C:\Documents and Settings\Shaun\My Documents\glxmdstn0 [2009/03/29 11:36:34 | 00,597,932 | ---- | M] () -- C:\WINDOWS\System32\PerfStringBackup.INI [2009/03/29 11:36:34 | 00,505,696 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat [2009/03/29 11:36:34 | 00,082,358 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat [2009/03/20 16:15:26 | 00,000,119 | ---- | M] () -- C:\Documents and Settings\Shaun\Application Data\iScrobbler.ini [2009/03/20 14:47:49 | 00,001,409 | ---- | M] () -- C:\WINDOWS\QTFont.for [2009/03/14 13:27:09 | 00,000,754 | ---- | M] () -- C:\Documents and Settings\Shaun\Desktop\WinAVI MP4 Converter.lnk [2009/03/14 13:22:39 | 00,001,738 | ---- | M] () -- C:\Documents and Settings\Shaun\Desktop\ImTOO AVI MPEG Converter.lnk [2009/03/14 12:08:41 | 00,000,478 | ---- | M] () -- C:\Documents and Settings\Shaun\Desktop\Fraps.lnk [color=orange]========== Alternate Data Streams ==========[/color] @Alternate Data Stream - 88 bytes -> C:\Documents and Settings\Shaun\My Documents\boobies.mpeg:SummaryInformation @Alternate Data Stream - 55838 bytes -> C:\Documents and Settings\All Users\Application Data\Sports Interactive:$ES_DESCRIPTOR_MVPUV1PKSVXJKX69UK1CWPP0DTVNYKM1UVXPJCEPP4DMJ3K1XYE7LRJEM53EPPJCFPLP45168LPSB5PL0EM6REGXHCTVVVVVVVVVVVVV @Alternate Data Stream - 487 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:05EE1EEF < End of report >[/quote] Extras report: [quote]OTListIt Extras logfile created on: 11/04/2009 16:36:58 - Run 1 OTListIt2 by OldTimer - Version 2.0.12.2 Folder = C:\Documents and Settings\Shaun\My Documents\Sports Interactive\Football Manager 2009\schedules Windows XP Home Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation Internet Explorer (Version = 6.0.2900.5512) Locale: 00000809 | Country: United Kingdom | Language: ENG | Date Format: dd/MM/yyyy 2.00 Gb Total Physical Memory | 1.45 Gb Available Physical Memory | 72.44% Memory free 3.35 Gb Paging File | 2.94 Gb Available in Paging File | 87.90% Paging File free Paging file location(s): C:\pagefile.sys 1534 6136; %SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files Drive C: | 114.49 Gb Total Space | 3.16 Gb Free Space | 2.76% Space Free | Partition Type: NTFS Drive D: | 2.10 Gb Total Space | 0.00 Gb Free Space | 0.00% Space Free | Partition Type: UDF E: Drive not present or media not loaded F: Drive not present or media not loaded G: Drive not present or media not loaded H: Drive not present or media not loaded I: Drive not present or media not loaded Computer Name: SHAUN-228667C18 Current User Name: Shaun Logged in as Administrator. Current Boot Mode: Normal Scan Mode: Current user Output = Standard File Age = 30 Days Company Name Whitelist: On [color=orange]========== File Associations ==========[/color] [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\] .html [@ = FirefoxHTML] -- C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation) [color=orange]========== Security Center Settings ==========[/color] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center] "FirstRunDisabled" = 1 "AntiVirusOverride" = 1 "FirewallOverride" = 1 "UacDisableNotify" = 1 "AntiVirusDisableNotify" = 1 "FirewallDisableNotify" = 1 "UpdatesDisableNotify" = 1 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc] "AntiVirusOverride" = 1 "AntiVirusDisableNotify" = 1 "FirewallDisableNotify" = 1 "FirewallOverride" = 1 "UpdatesDisableNotify" = 1 "UacDisableNotify" = 1 HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile "EnableFirewall" = 0 "DisableNotifications" = 0 "DoNotAllowExceptions" = 0 HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List [color=orange]========== Authorized Applications List ==========[/color] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List] [2008/04/13 19:53:32 | 00,558,080 | ---- | M] (Microsoft Corporation) -- %windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000 [2009/04/11 10:51:36 | 05,734,400 | ---- | M] (Microsoft Corporation) -- C:\Program Files\MSN Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger 8.1 File not found -- C:\Program Files\MSN Messenger\livecall.exe:*:Enabled:Windows Live Messenger 8.1 (Phone) [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List] [2005/10/18 13:50:24 | 12,116,480 | ---- | M] (Apple Computer, Inc.) -- C:\Program Files\iTunes\iTunes.exe:*:Enabled:iTunes [2009/04/11 11:39:27 | 00,120,832 | ---- | M] () -- C:\Program Files\BitTorrent\bittorrent.exe:*:Enabled:BitTorrent [2007/09/14 23:51:15 | 00,219,952 | ---- | M] () -- C:\Program Files\uTorrent\utorrent.exe:*:Enabled:µTorrent [2006/10/27 16:03:04 | 01,018,664 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft Office\Office12\ONENOTE.EXE:*:Enabled:Microsoft Office OneNote File not found -- C:\WINDOWS\system32\msissl.exe File not found -- C:\WINDOWS\system32\ntweb.exe [2008/04/13 19:53:32 | 00,558,080 | ---- | M] (Microsoft Corporation) -- %windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000 [2009/04/11 10:51:36 | 05,734,400 | ---- | M] (Microsoft Corporation) -- C:\Program Files\MSN Messenger\msnmsgr.exe:*:Enabled:ipsec [2009/04/11 10:46:57 | 08,720,384 | ---- | M] () -- C:\Program Files\MySpace\IM\MySpaceIM.exe:*:Enabled:MySpaceIM [2009/04/11 10:46:37 | 07,742,464 | ---- | M] (Mozilla Corporation) -- C:\PROGRAM FILES\Mozilla Firefox\firefox.exe:*:Enabled:ipsec [2004/08/04 13:00:00 | 00,138,752 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\SNDVOL32.EXE:*:Enabled:ipsec [2008/11/30 12:29:58 | 00,657,408 | ---- | M] (Ray Adams) -- C:\Program Files\Ray Adams\ATI Tray Tools\atitray.exe:*:Enabled:ipsec [2009/04/11 12:21:53 | 01,896,448 | ---- | M] (SUPERAntiSpyware.com) -- C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe:*:Enabled:ipsec [2008/04/14 01:12:29 | 00,086,016 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\netsh.exe:*:Enabled:ipsec [2009/04/11 12:20:56 | 28,364,800 | ---- | M] (Sports Interactive) -- C:\Program Files\Sports Interactive\Football Manager 2009\fm.exe:*:Enabled:Football Manager 2009 [2009/04/11 10:42:56 | 01,057,048 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG8\avgupd.exe:*:Enabled:avgupd.exe [2009/04/11 10:43:01 | 00,594,200 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG8\avgnsx.exe:*:Enabled:avgnsx.exe [2008/04/14 01:12:37 | 00,209,408 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\taskmgr.exe:*:Enabled:ipsec [2009/04/11 10:42:57 | 01,932,568 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG8\avgtray.exe:*:Enabled:ipsec File not found -- C:\ComboFix\NirCmd.cfexe:*:Enabled:ipsec File not found -- C:\WINDOWS\system32\CF17040.exe:*:Enabled:ipsec File not found -- C:\DOCUME~1\Shaun\LOCALS~1\Temp\pgpx.exe:*:Enabled:ipsec File not found -- C:\DOCUME~1\Shaun\LOCALS~1\Temp\xyka.exe:*:Enabled:ipsec File not found -- C:\DOCUME~1\Shaun\LOCALS~1\Temp\winiywc.exe:*:Enabled:ipsec File not found -- C:\DOCUME~1\Shaun\LOCALS~1\Temp\fhsm.exe:*:Enabled:ipsec File not found -- C:\DOCUME~1\Shaun\LOCALS~1\Temp\kvta.exe:*:Enabled:ipsec [2009/04/11 09:22:52 | 04,414,520 | ---- | M] (Prevx) -- C:\Program Files\Prevx\prevx.exe:*:Enabled:ipsec File not found -- C:\DOCUME~1\Shaun\LOCALS~1\Temp\winnbao.exe:*:Enabled:ipsec [2009/04/11 16:04:29 | 00,011,264 | ---- | M] () -- C:\DOCUME~1\Shaun\LOCALS~1\Temp\mmoyfb.exe:*:Enabled:ipsec [color=orange]========== HKEY_LOCAL_MACHINE Uninstall List ==========[/color] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall] "{03528A01-7E5E-4C5F-94DF-1D8012E969EF}" = Nokia Map Loader "{15095BF3-A3D7-4DDF-B193-3A496881E003}" = Microsoft .NET Framework 3.0 "{15AC0C5D-A6FB-4CE2-8CD0-28179EEB5625}" = Nokia Connectivity Cable Driver "{15F5C98B-756F-4752-8820-5D91A155A3BD}" = HyperLoad - Multiplayer Bowling "{1683994C-E65D-4B94-A186-3F6C5FD7A5D1}" = Nokia NSeries Music Manager "{18D10072035C4515918F7E37EAFAACFC}" = AutoUpdate "{1ADE1AA0-7F82-4BB1-B1BD-727DE438057B}" = Cool & Quiet "{1F06F0CE-C2B7-428C-BF70-8C55EEDF81BC}" = Paragon Partition Manager 6.0 Demo "{21DBBDD6-93A5-4326-9A04-C9A5C9148502}" = Norton PartitionMagic "{22B3CC30-77B8-419C-AA4B-F571FDF5D66D}" = Windows Live Sign-in Assistant "{29F2FE64-EFCE-4FC5-8FEB-16B688578F89}" = Nitro PDF Professional "{2D21ECE3-8EC1-4315-AE4E-1970FB3AF17A}" = Nokia Nseries Video Manager "{309A4810-C1A1-4BAC-888A-5BB93BC707F4}" = Nokia NSeries One Touch Access "{3248F0A8-6813-11D6-A77B-00B0D0150120}" = J2SE Runtime Environment 5.0 Update 12 "{3248F0A8-6813-11D6-A77B-00B0D0160070}" = Java(TM) 6 Update 7 "{350C97B0-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP "{37D33EA0-A902-4925-8081-9AF88CB86EE1}" = Nokia NSeries Content Copier "{3868A8EE-5051-4DB0-8DF6-4F4B8A98D083}" = QuickTime "{3D047C15-C859-45F7-81CE-F2681778069B}" = iPod for Windows 2006-01-10 "{3DE5E7D4-7B88-403C-A3FD-2017A8240C5B}" = Google Earth "{43DCF766-6838-4F9A-8C91-D92DA586DFA8}" = Microsoft Windows Journal Viewer "{491DD792-AD81-429C-9EB4-86DD3D22E333}" = Windows Communication Foundation "{49CFD5D9-0556-4037-B7D6-E13ED4BEA4C5}" = Football Manager 2006 "{4B6E7269-2948-4E5B-9C82-3B4803AEDD37}" = Nokia NSeries Application Installer "{4BDFD2CE-6329-42E4-9801-9B3D1F10D79B}" = Adobe® Photoshop® Album Starter Edition 3.0 "{51AFB69C-1C54-4C77-A888-2860F8CD3E7D}" = Paint.NET v3.31 "{56F3E1FF-54FE-4384-A153-6CCABA097814}" = Creative MediaSource "{571700F0-DB9D-4B3A-B03D-35A14BB5939F}" = Windows Live Messenger "{5E977DEC-5BB4-44C7-9FE5-9357D2DB4FCB}" = Disc2Phone "{649CB8E9-4A54-409C-B0D8-7D6865329D26}" = Nokia Download! "{6A5FE305-1147-400D-9795-8B80E693476A}" = Serif WebPlus SE "{7148F0A8-6813-11D6-A77B-00B0D0142100}" = Java 2 Runtime Environment, SE v1.4.2_10 "{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable "{734BB64A-5A3D-4624-867D-6358B7068496}" = Sound Blaster Live! 24-bit "{78D62D17-D970-42DA-B8CF-5E5576293B33}" = Final Draft 7 "{7B63B2922B174135AFC0E1377DD81EC2}" = DivX "{7D1B85BD-AA07-48B8-808D-67A4067FC6BD}" = Windows Workflow Foundation "{872653C6-5DDC-488B-B7C2-CF9E4D9335E5}" = iTunes "{896D642C-7125-44F0-AC49-A23ABF82209C}" = CDBurnerXP Pro 3 "{8B75D41A-95DF-4CC0-BAB2-6EF0D5043A98}" = Rome - Total War - Gold Edition "{8BECF123-B0EF-4E51-B7F3-923EFE15CC4A}" = Battlefield 2(TM) Demo "{90120000-0010-0409-0000-0000000FF1CE}" = Microsoft Software Update for Web Folders (English) 12 "{90120000-0016-0409-0000-0000000FF1CE}" = Microsoft Office Excel MUI (English) 2007 "{90120000-0018-0409-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (English) 2007 "{90120000-001B-0409-0000-0000000FF1CE}" = Microsoft Office Word MUI (English) 2007 "{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007 "{90120000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2007 "{90120000-001F-0C0A-0000-0000000FF1CE}" = Microsoft Office Proof (Spanish) 2007 "{90120000-002C-0409-0000-0000000FF1CE}" = Microsoft Office Proofing (English) 2007 "{90120000-006E-0409-0000-0000000FF1CE}" = Microsoft Office Shared MUI (English) 2007 "{90120000-00A1-0409-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (English) 2007 "{90120000-0115-0409-0000-0000000FF1CE}" = Microsoft Office Shared Setup Metadata MUI (English) 2007 "{91120000-002F-0000-0000-0000000FF1CE}" = Microsoft Office Home and Student 2007 "{93A1B09E-BAFA-4628-A5B6-921CB026955A}" = Corel Paint Shop Pro Photo XI "{97007EE6-18FB-444D-B636-FBD8BB802350}" = PC Connectivity Solution "{9BB873FA-4907-4BF5-829D-8C18BD68F3A5}" = Nokia Nseries PC Suite "{9BC43D64-145B-45CE-9DE3-CE32A4534ACE}" = 7tools Partition Manager 2005 Demo "{A43BF6A5-D5F0-4AAA-BF41-65995063EC44}" = MSXML 6.0 Parser "{A5CC2A09-E9D3-49EC-923D-03874BBD4C2C}" = Windows Defender Signatures "{A5D65411-8E73-4C85-AD80-9FE8B7391CF9}" = Rome Total War - patch 1.3 "{AC76BA86-7AD7-1033-7B44-A70800000002}" = Adobe Reader 7.0.8 "{B508B3F1-A24A-32C0-B310-85786919EF28}" = Microsoft .NET Framework 2.0 Service Pack 1 "{BAF78226-3200-4DB4-BE33-4D922A799840}" = Windows Presentation Foundation "{C151CE54-E7EA-4804-854B-F515368B0798}" = AMD Processor Driver "{C6E8173D-40EE-4998-B659-CA19F1F278BA}" = BitDefender Antivirus 2008 "{C8283917-C24D-45E3-A84A-A5A084283218}" = Corel Snapfire Plus "{CA832FE2-4E56-4B4C-A56F-1AEB7B71A8A9}" = Belkin High-Speed Mode Wireless G USB Network Adapter "{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}" = Microsoft .NET Framework 1.1 "{CD64CA10-B597-4C84-869F-1903013E3697}" = Nokia Photos "{CDDCBBF1-2703-46BC-938B-BCC81A1EEAAA}" = SUPERAntiSpyware Free Edition "{CF3BAA39-989D-4EC4-9224-44D578494B5B}" = Nokia NSeries System Utilities "{D417C96A-FCC7-4590-A1BB-FAF73F5BC98E}" = GTA San Andreas "{D4936AAF-FFD0-44A1-A7EA-A2DB41CEB5BC}" = iPod for Windows 2005-09-23 "{D84E40A2-380A-46E9-A750-6F55D398D973}" = ATI Catalyst Control Center "{D99C322D-C21B-40C7-AE71-EE51AA096B6E}" = Nokia Flashing Cable Driver "{DED53B0B-B67C-4244-AE6A-D6FD3C28D1EF}" = Ad-Aware 2007 "{E38C00D0-A68B-4318-A8A6-F7D4B5B1DF0E}" = Windows Media Encoder 9 Series "{EC0AB585-B279-4A77-8BB5-64C403E43EE7}" = Football Manager 2005 "{ECA1A3B6-898F-4DCE-9F04-714CF3BA126B}" = Adobe Flash Player 10 Plugin "{EF4F620F-F295-41D7-92C0-6B635709C850}" = Nokia Software Updater "{F231AAF4-D148-44F1-AF1C-7ECE65FDB876}" = FM Modifier 2.0 "{F5346614-B7C4-4E94-826A-E2363155233D}" = EasyCleaner "3A5DEFA413DDE699DBA6EBE0A63534ACA524D30F" = Windows Driver Package - Nokia pccsmcfd (10/12/2007 6.85.4.0) "Abacast Client" = Abacast Client "Abexo Free Registry Cleaner" = Abexo Free Registry Cleaner "AC3Filter" = AC3Filter (remove only) "ActiveScan 2.0" = Panda ActiveScan 2.0 "Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX "AdobeESD" = Adobe Download Manager 2.0 (Remove Only) "Applian FLV Player2.0.24" = Applian FLV Player "Arena Expansion mod" = Arena Expansion mod 1.5 "ASUS Probe V2.23.01" = ASUS Probe V2.23.01 "ATI Display Driver" = ATI Display Driver "Audio Splitter Convertor_is1" = Audio Splitter Convertor 1.8 "AVG8Uninstall" = AVG 8.5 "Battleground Europe: WWIIOL " = Battleground Europe: WWIIOL "BE: WWIIOL TEST" = BE: WWIIOL TEST "Belarc Advisor" = Belarc Advisor 7.2 "Belarc Advisor 2.0" = Belarc Advisor 7.0 "BitTorrent" = BitTorrent 5.0.9 "Bowl Bound College Football Demo" = Bowl Bound College Football Demo "burnatonce_is1" = burnatonce "Cliprex DVD Player Professional" = Cliprex DVD Player Professional "CM Rev Match Balls Installer SE_is1" = CM Rev Match Balls Installer SE 1.0 "Core FTP LE 1.3c" = Core FTP LE 1.3c "Core FTP LE 2.1" = Core FTP LE 2.1 "Device Control" = Device Control "Driver Cleaner Pro" = DH Driver Cleaner Professional Edition "Easy Hi-Q Recorder_is1" = Easy Hi-Q Recorder 2.2 "EAX" = Creative EAX Console "eMedia Codec" = eMedia Codec 4.0 "eMule" = eMule "eMusic Promotion" = eMusic - 50 Free MP3 offer "FBDBServer_2_0_is1" = Firebird 2.1.0.16780 (Win32) "ffdshow" = ffdshow "FMScout" = FM Scout "Football Manager 2009" = Football Manager 2009 "Fraps" = Fraps "Free Download Manager_is1" = Free Download Manager 2.0 - Free Downloads Center Edition "FREE Hi-Q Recorder_is1" = FREE Hi-Q Recorder 1.92 "Free iPod Video Converter_is1" = Free iPod Video Converter 1.26 "GoldWave v5.23" = GoldWave v5.23 "HASP Service Pack 3a" = HASP Service Pack 3a "Hell's Angels Resurrection" = Hell's Angels Resurrection "Hell's Angels Super Patch" = Hell's Angels Super Patch "HOMESTUDENTR" = Microsoft Office Home and Student 2007 Trial "ImTOO AVI MPEG Converter" = ImTOO AVI MPEG Converter "InstallShield_{21DBBDD6-93A5-4326-9A04-C9A5C9148502}" = Norton PartitionMagic 8.0 "InstallShield_{3868A8EE-5051-4DB0-8DF6-4F4B8A98D083}" = QuickTime "InstallShield_{3D047C15-C859-45F7-81CE-F2681778069B}" = iPod for Windows 2006-01-10 "InstallShield_{872653C6-5DDC-488B-B7C2-CF9E4D9335E5}" = iTunes "InstallShield_{D4936AAF-FFD0-44A1-A7EA-A2DB41CEB5BC}" = iPod for Windows 2005-09-23 "iScrobbler" = iScrobbler "iSnooker" = iSnooker "Last.fm Player_is1" = Last.fm Player 1.1.3 "LimeWire" = LimeWire 5.1.2 "Macromedia Shockwave Player" = Macromedia Shockwave Player "Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware "mflGameDay_is1" = myfantasyleague.com Game Day 2008 "Microsoft .NET Framework 1.1 (1033)" = Microsoft .NET Framework 1.1 "Microsoft .NET Framework 3.0" = Microsoft .NET Framework 3.0 "Microsoft DirectX SDK (June 2008)" = Microsoft DirectX SDK (June 2008) "MMIP Anonymity_is1" = Anonymity 1.1 "Morpheus" = Morpheus 5.1 (remove only) "Mount&Blade" = Mount&Blade "Mozilla Firefox (2.0.0.20)" = Mozilla Firefox (2.0.0.20) "Mozilla Thunderbird (2.0.0.19)" = Mozilla Thunderbird (2.0.0.19) "MPE" = MyPhoneExplorer "MSCompPackV1" = Microsoft Compression Client Pack 1.0 for Windows XP "MsgPlus! Plugin" = Messenger Plus! 3 "MSN Music Assistant" = MSN Music Assistant "MultiRes (remove only)" = MultiRes (remove only) "MySpaceIM" = MySpaceIM "Net Vampire_is1" = Net Vampire 4.0 "NetObjects Fusion Essentials" = NetObjects Fusion Essentials "Nokia NSeries Application Installer" = Nokia NSeries Application Installer 6.84.2114 "Nokia NSeries Content Copier" = Nokia NSeries Content Copier 6.84.2114 "Nokia NSeries Music Manager" = Nokia NSeries Music Manager 6.84.2114 "Nokia NSeries One Touch Access" = Nokia NSeries One Touch Access 6.84.2114 "Nokia NSeries System Utilities" = Nokia NSeries System Utilities 6.84.2114 "Orb" = Orb "Panda ActiveScan" = Panda ActiveScan "PCSI" = Prevx CSI "PlayGATE Setup" = PlayGATE Setup "PodPlus_is1" = PodPlus 1.3.1.0 "PowerISO" = PowerISO "Puzzle Word Demo" = Puzzle Word Demo "Radeon Omega Drivers for Windows 2k/XPv3.8.273" = Radeon Omega Drivers v3.8.273 Setup Files and Tools "Radeon Omega Drivers for Windows XP/2kv4.8.442" = Radeon Omega Drivers v4.8.442 Setup Files and Tools "rayatitray" = Ray Adams ATI Tray Tools "RealPlayer 6.0" = RealPlayer "Red Baron 3D" = Red Baron 3D "Replay_Screencast_1.0" = Replay Screencast 1.21 "SAM3" = SAM Broadcaster (remove only) "ShotOnline International" = ShotOnline International "SHOUTcastDSP" = SHOUTcast Source DSP 1.9.0 (remove only) "Sierra Utilities" = Sierra Utilities "SmartFTP Client 3.0 Setup Files" = SmartFTP Client 3.0 Setup Files (remove only) "SmartUndelete_is1" = SmartUndelete "SPEAKER" = Creative Speaker Settings "ST6UNST #1" = Karen's Alarm Clock "Streamripper.Plugin" = Streamripper Plugin 1.61.27 (Remove only) "StuffPlug3" = StuffPlug 3 "StuffPlug-NG" = StuffPlug-NG (Messenger Plus! Plugins) "Teamspeak 2 RC2_is1" = TeamSpeak 2 RC2 "The Last Days" = The Last Days hotfix_2.0_for_v2.2.1 "The Last Days patch" = The Last Days patch 2.1 to 2.11 "TVAnts 1.0" = TVAnts 1.0 "TVUPlayer" = TVUPlayer 2.2.0 "UControl Scan and Remove" = UControl Scan and Remove "UltimatePoker" = UltimatePoker "UltraISO_is1" = UltraISO V7.25 ME "uTorrent" = µTorrent "ViewpointMediaPlayer" = Viewpoint Media Player "VLC media player" = VideoLAN VLC media player 0.8.6i "Warrider Soundpack" = M&B: Warrider Soundpack "Wdf01005" = Microsoft Kernel-Mode Driver Framework Feature Pack 1.5 "Wdf01007" = Microsoft Kernel-Mode Driver Framework Feature Pack 1.7 "Winamp" = Winamp (remove only) "Windows Media Encoder 9" = Windows Media Encoder 9 Series "Windows Media Format Runtime" = Windows Media Format 11 runtime "Windows Media Player" = Windows Media Player 11 "Windows XP Service Pack" = Windows XP Service Pack 3 "WinRAR archiver" = WinRAR archiver "WinZip" = WinZip "WMFDist11" = Windows Media Format 11 runtime "wmp11" = Windows Media Player 11 "Wudf01005" = Microsoft User-Mode Driver Framework Feature Pack 1.5 "XpsEPSC" = XML Paper Specification Shared Components Pack 1.0 "Xvid_is1" = Xvid 1.1.3 final uninstall [color=orange]========== HKEY_CURRENT_USER Uninstall List ==========[/color] [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall] "uTorrent" = µTorrent [color=orange]========== Last 10 Event Log Errors ==========[/color] [ Application Events ] Error - 08/03/2009 18:13:59 | Computer Name = SHAUN-228667C18 | Source = Application Error | ID = 1000 Description = Faulting application fm.exe, version 9.3.0.36289, faulting module , version 0.0.0.0, fault address 0x00000000. Error - 20/03/2009 10:55:43 | Computer Name = SHAUN-228667C18 | Source = Application Error | ID = 1000 Description = Faulting application itunes.exe, version 6.0.1.3, faulting module , version 0.0.0.0, fault address 0x00000000. Error - 06/04/2009 19:22:58 | Computer Name = SHAUN-228667C18 | Source = Nokia Nseries PC Suite | ID = 100 Description = Timestamp: 06/04/2009 23:22:58 Message: HandlingInstanceID: 20bea980-459b-45b1-aa55-5eb434474364 An exception of type 'System.Exception' occurred and was caught. ---------------------------------------------------------------- 04/07/2009 00:22:58 Type : System.Exception, mscorlib, Version=2.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089 Message : ECONA_FILE_NO_PERMISSION_ON_PC: ECONA_FILE_NO_PERMISSION_ON_PC Source : NLib Help link : Data : System.Collections.ListDictionaryInternal TargetSite : Boolean PutFile(System.String, System.String, System.String) Stack Trace : at Nokia.NLib.CONAFileSystem.PutFile(String filename, String sourcePath, String targetPath) at Nokia.Launcher.NNPCSUI.TranscodeHandler.CopierThread_DoWork(Object sender, DoWorkEventArgs e) Additional Info: MachineName : SHAUN-228667C18 TimeStamp : 06/04/2009 23:22:58 FullName : Microsoft.Practices.EnterpriseLibrary.ExceptionHandling, Version=3.1.0.0, Culture=neutral, PublicKeyToken=b03f5f7f11d50a3a AppDomainName : NNPCSUI.exe ThreadIdentity : WindowsIdentity : SHAUN-228667C18\Shaun Category: Default Category Priority: 0 EventId: 100 Severity: Error Title:NNPCS Exception Machine: SHAUN-228667C18 Application Domain: NNPCSUI.exe Process Id: 488 Process Name: C:\Program Files\Nokia\NNPCS\NNPCSUI.exe Win32 Thread Id: 4180 Thread Name: Extended Properties: Error - 06/04/2009 19:31:14 | Computer Name = SHAUN-228667C18 | Source = Nokia Nseries PC Suite | ID = 100 Description = Timestamp: 06/04/2009 23:31:14 Message: HandlingInstanceID: 2d0246af-cc63-407c-a045-e868797a5651 An exception of type 'System.Exception' occurred and was caught. ---------------------------------------------------------------- 04/07/2009 00:31:14 Type : System.Exception, mscorlib, Version=2.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089 Message : ECONA_FILE_NO_PERMISSION_ON_PC: ECONA_FILE_NO_PERMISSION_ON_PC Source : NLib Help link : Data : System.Collections.ListDictionaryInternal TargetSite : Boolean PutFile(System.String, System.String, System.String) Stack Trace : at Nokia.NLib.CONAFileSystem.PutFile(String filename, String sourcePath, String targetPath) at Nokia.Launcher.NNPCSUI.TranscodeHandler.CopierThread_DoWork(Object sender, DoWorkEventArgs e) Additional Info: MachineName : SHAUN-228667C18 TimeStamp : 06/04/2009 23:31:14 FullName : Microsoft.Practices.EnterpriseLibrary.ExceptionHandling, Version=3.1.0.0, Culture=neutral, PublicKeyToken=b03f5f7f11d50a3a AppDomainName : NNPCSUI.exe ThreadIdentity : WindowsIdentity : SHAUN-228667C18\Shaun Category: Default Category Priority: 0 EventId: 100 Severity: Error Title:NNPCS Exception Machine: SHAUN-228667C18 Application Domain: NNPCSUI.exe Process Id: 488 Process Name: C:\Program Files\Nokia\NNPCS\NNPCSUI.exe Win32 Thread Id: 2176 Thread Name: Extended Properties: Error - 06/04/2009 19:33:15 | Computer Name = SHAUN-228667C18 | Source = Nokia Nseries PC Suite | ID = 100 Description = Timestamp: 06/04/2009 23:33:15 Message: HandlingInstanceID: cb906293-35bc-4565-96bd-4ceb6b6faf8f An exception of type 'System.NotSupportedException' occurred and was caught. ---------------------------------------------------------------------------- 04/07/2009 00:33:15 Type : System.NotSupportedException, mscorlib, Version=2.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089 Message : Nokia Lifeblog : Software missing (PC) Source : Help link : Data : System.Collections.ListDictionaryInternal TargetSite : Stack Trace : The stack trace is unavailable. Additional Info: MachineName : SHAUN-228667C18 TimeStamp : 06/04/2009 23:33:15 FullName : Microsoft.Practices.EnterpriseLibrary.ExceptionHandling, Version=3.1.0.0, Culture=neutral, PublicKeyToken=b03f5f7f11d50a3a AppDomainName : NNPCSUI.exe ThreadIdentity : WindowsIdentity : SHAUN-228667C18\Shaun Category: Default Category Priority: 0 EventId: 100 Severity: Error Title:NNPCS Exception Machine: SHAUN-228667C18 Application Domain: NNPCSUI.exe Process Id: 488 Process Name: C:\Program Files\Nokia\NNPCS\NNPCSUI.exe Win32 Thread Id: 3952 Thread Name: Extended Properties: Error - 11/04/2009 05:52:51 | Computer Name = SHAUN-228667C18 | Source = Application Error | ID = 1000 Description = Faulting application explorer.exe, version 6.0.2900.5512, faulting module , version 0.0.0.0, fault address 0x00000000. [ System Events ] Error - 11/04/2009 11:01:24 | Computer Name = SHAUN-228667C18 | Source = SideBySide | ID = 16842811 Description = Resolve Partial Assembly failed for Microsoft.VC90.CRT. Reference error message: The referenced assembly is not installed on your system. . Error - 11/04/2009 11:01:24 | Computer Name = SHAUN-228667C18 | Source = SideBySide | ID = 16842811 Description = Generate Activation Context failed for C:\Program Files\Ray Adams\ATI Tray Tools\plugins\osd_intelcpu.dll. Reference error message: The operation completed successfully. . Error - 11/04/2009 11:01:38 | Computer Name = SHAUN-228667C18 | Source = DCOM | ID = 10005 Description = DCOM got error "%2" attempting to start the service usnjsvc with arguments "" in order to run the server: {98AC5C33-EE18-4EC2-BE25-3B16EE8F75F1} Error - 11/04/2009 11:01:38 | Computer Name = SHAUN-228667C18 | Source = Service Control Manager | ID = 7000 Description = The Messenger Sharing Folders USN Journal Reader service service failed to start due to the following error: %%2 Error - 11/04/2009 11:01:49 | Computer Name = SHAUN-228667C18 | Source = DCOM | ID = 10005 Description = DCOM got error "%2" attempting to start the service usnjsvc with arguments "" in order to run the server: {98AC5C33-EE18-4EC2-BE25-3B16EE8F75F1} Error - 11/04/2009 11:01:49 | Computer Name = SHAUN-228667C18 | Source = Service Control Manager | ID = 7000 Description = The Messenger Sharing Folders USN Journal Reader service service failed to start due to the following error: %%2 Error - 11/04/2009 11:01:59 | Computer Name = SHAUN-228667C18 | Source = DCOM | ID = 10005 Description = DCOM got error "%2" attempting to start the service usnjsvc with arguments "" in order to run the server: {98AC5C33-EE18-4EC2-BE25-3B16EE8F75F1} Error - 11/04/2009 11:01:59 | Computer Name = SHAUN-228667C18 | Source = Service Control Manager | ID = 7000 Description = The Messenger Sharing Folders USN Journal Reader service service failed to start due to the following error: %%2 Error - 11/04/2009 11:02:10 | Computer Name = SHAUN-228667C18 | Source = DCOM | ID = 10005 Description = DCOM got error "%2" attempting to start the service usnjsvc with arguments "" in order to run the server: {98AC5C33-EE18-4EC2-BE25-3B16EE8F75F1} Error - 11/04/2009 11:02:10 | Computer Name = SHAUN-228667C18 | Source = Service Control Manager | ID = 7000 Description = The Messenger Sharing Folders USN Journal Reader service service failed to start due to the following error: %%2 < End of report > [/quote] And finally, Malwarebytes report: [quote]Malwarebytes' Anti-Malware 1.36 Database version: 1966 Windows 5.1.2600 Service Pack 3 11/04/2009 15:59:00 mbam-log-2009-04-11 (15-59-00).txt Scan type: Quick Scan Objects scanned: 97007 Time elapsed: 2 minute(s), 55 second(s) Memory Processes Infected: 0 Memory Modules Infected: 0 Registry Keys Infected: 0 Registry Values Infected: 0 Registry Data Items Infected: 8 Folders Infected: 0 Files Infected: 0 Memory Processes Infected: (No malicious items detected) Memory Modules Infected: (No malicious items detected) Registry Keys Infected: (No malicious items detected) Registry Values Infected: (No malicious items detected) Registry Data Items Infected: HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System\DisableRegistryTools (Hijack.Regedit) -> Bad: (1) Good: (0) -> Quarantined and deleted successfully. HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System\DisableTaskMgr (Hijack.TaskManager) -> Bad: (1) Good: (0) -> Quarantined and deleted successfully. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\AntiVirusDisableNotify (Disabled.SecurityCenter) -> Bad: (1) Good: (0) -> Quarantined and deleted successfully. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\FirewallDisableNotify (Disabled.SecurityCenter) -> Bad: (1) Good: (0) -> Quarantined and deleted successfully. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\UpdatesDisableNotify (Disabled.SecurityCenter) -> Bad: (1) Good: (0) -> Quarantined and deleted successfully. HKEY_CURRENT_USER\SOFTWARE\Microsoft\Security Center\AntiVirusDisableNotify (Disabled.SecurityCenter) -> Bad: (1) Good: (0) -> Quarantined and deleted successfully. HKEY_CURRENT_USER\SOFTWARE\Microsoft\Security Center\FirewallDisableNotify (Disabled.SecurityCenter) -> Bad: (1) Good: (0) -> Quarantined and deleted successfully. HKEY_CURRENT_USER\SOFTWARE\Microsoft\Security Center\UpdatesDisableNotify (Disabled.SecurityCenter) -> Bad: (1) Good: (0) -> Quarantined and deleted successfully. Folders Infected: (No malicious items detected) Files Infected: (No malicious items detected)[/quote] AVG lists a number of current security threats as part of the win32/heur problem.