Hi Kahdah,
Thanks for replying, I carried out your steps- here are the contents of Extras.txt and OTListIt.txt:
OTListIt Extras logfile created on: 22/03/2009 14:49:19 - Run 1
OTListIt2 by OldTimer - Version 2.0.7.0 Folder = C:\Documents and Settings\James\Desktop
Windows XP Home Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 7.0.5730.11)
Locale: 00000809 | Country: United Kingdom | Language: ENG | Date Format: dd/MM/yyyy
2.00 Gb Total Physical Memory | 1.48 Gb Available Physical Memory | 73.99% Memory free
3.81 Gb Paging File | 3.31 Gb Available in Paging File | 86.88% Paging File free
Paging file location(s): C:\pagefile.sys 2006 3072;
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 111.75 Gb Total Space | 45.58 Gb Free Space | 40.79% Space Free | Partition Type: NTFS
D: Drive not present or media not loaded
Drive E: | 186.31 Gb Total Space | 16.78 Gb Free Space | 9.01% Space Free | Partition Type: NTFS
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded
Computer Name: JIM
Current User Name: James
Logged in as Administrator.
Current Boot Mode: Normal
Scan Mode: Current user
Output = Minimal
File Age = 30 Days
Company Name Whitelist: On
========== File Associations ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] --
.js [@ = JSFile] -- C:\Program Files\Macromedia\Dreamweaver MX 2004\Dreamweaver.exe (Macromedia, Inc.)
.txt [@ = Reg Error: Value error.] -- Reg Error: Key error. File not found
========== Security Center Settings ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"AntiVirusDisableNotify" = 0
"FirewallDisableNotify" = 0
"AntiVirusOverride" = 0
"FirewallOverride" = 0
"UpdatesDisableNotify" = 0
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall]
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile
"EnableFirewall" = 0
"DisableNotifications" = 0
"DoNotAllowExceptions" = 0
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List
"139:TCP" = 139:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22004
"445:TCP" = 445:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22005
"137:UDP" = 137:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22001
"138:UDP" = 138:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22002
"1900:UDP" = 1900:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22007
"2869:TCP" = 2869:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22008
"10251:TCP" = 10251:TCP:*:Enabled:BitComet 10251 TCP
"10251:UDP" = 10251:UDP:*:Enabled:BitComet 10251 UDP
========== Authorized Applications List ========== [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019 (Microsoft Corporation)
C:\Program Files\MSN Messenger\msncall.exe:*:Enabled:Windows Live Messenger 8.0 (Phone) File not found
%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000 (Microsoft Corporation)
C:\Program Files\MSN Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger 8.1 (Microsoft Corporation)
C:\Program Files\MSN Messenger\livecall.exe:*:Enabled:Windows Live Messenger 8.1 (Phone) (Microsoft Corporation)
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019 (Microsoft Corporation)
C:\Program Files\Messenger\msmsgs.exe:*:Enabled:Windows Messenger (Microsoft Corporation)
C:\Program Files\Yahoo!\Messenger\ypager.exe:*:Enabled:Yahoo! Messenger File not found
C:\Program Files\Yahoo!\Messenger\YServer.exe:*:Enabled:Yahoo! FT Server File not found
C:\Program Files\Qnext\qnext.exe:*:Enabled:Qnext File not found
C:\Program Files\Google\Google Talk\googletalk.exe:*:Enabled:Google Talk File not found
C:\Program Files\MSN Messenger\msncall.exe:*:Enabled:Windows Live Messenger 8.0 (Phone) File not found
C:\Program Files\limewire\LimeWire.exe:*:Enabled:LimeWire File not found
C:\Program Files\BitTorrent\btdownloadgui.exe:*:Enabled:btdownloadgui File not found
C:\Program Files\Mozilla Firefox\firefox.exe:*:Enabled:Firefox (Mozilla Corporation)
C:\Program Files\Skype\Phone\Skype.exe:*:Enabled:Skype ()
C:\Games\Red Storm Entertainment\RavenShield\system\RavenShield.exe:*:Enabled:RavenShield File not found
C:\Games\Red Storm Entertainment\RavenShield\system\UCC.exe:*:Enabled:UCC File not found
C:\Games\UnrealTournament\System\UnrealTournament.exe:*:Enabled:UnrealTournament ()
C:\Program Files\Microsoft Games\Freelancer\EXE\Freelancer.exe:*:Enabled:Freelancer File not found
C:\Games\OperationFlashpoint\OperationFlashpoint.exe:*:Enabled:Operation Flashpoint ()
C:\Games\Sierra\SWAT 4\Content\System\Swat4.exe:*:Enabled:SWAT 4 (Sierra Entertainment, Inc.)
C:\Program Files\BitComet\BitComet.exe:*:Enabled:BitComet - a BitTorrent Client (www.BitComet.com)
C:\Program Files\AdwareAlert\Quarantine\26-04-2007-20-53-06\10034.qit\LimeWire.exe:*:Enabled:LimeWire File not found
C:\Program Files\Real\RealPlayer\realplay.exe:*:Enabled:RealPlayer File not found
%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000 (Microsoft Corporation)
C:\Program Files\MSN Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger 8.1 (Microsoft Corporation)
C:\Program Files\MSN Messenger\livecall.exe:*:Enabled:Windows Live Messenger 8.1 (Phone) (Microsoft Corporation)
C:\WINDOWS\system32\CtHelper.exe:*:Enabled:CTHELPER (Creative Technology Ltd)
C:\WINDOWS\system32\ctfmon.exe:*:Enabled:ctfmon (Microsoft Corporation)
C:\Program Files\Bonjour\mDNSResponder.exe:*:Enabled:Bonjour (Apple Inc.)
========== HKEY_LOCAL_MACHINE Uninstall List ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{0008546E-DF6E-4CC1-AFD0-2CB8E16C95A2}" = Notifier
"{0134A1A1-C283-4A47-91A1-92F19F960372}" = Adobe Creative Suite 2
"{015E4B8A-29B5-4AE3-BD08-38220FADFF4C}" = aspi
"{05BB2EC5-6BEF-4DDC-9E75-BEE7B161157A}" = Macromedia Dreamweaver MX 2004
"{07287123-B8AC-41CE-8346-3D777245C35B}" = Bonjour
"{14D4ED84-6A9A-45A0-96F6-1753768C3CB5}" = ESSPCD
"{15095BF3-A3D7-4DDF-B193-3A496881E003}" = Microsoft .NET Framework 3.0
"{1526D87C-A955-4FAB-BF18-697BA457E352}" = Norton WMI Update
"{162B71B8-8464-4680-A086-601D555B331D}" = Apple Mobile Device Support
"{236BB7C4-4419-42FD-0409-1E257A25E34D}" = Adobe Photoshop CS2
"{24E34264-D483-477C-A9A0-4E53F69834CF}" = Façade
"{26A24AE4-039D-4CA4-87B4-2F83216012FF}" = Java 6 Update 12
"{29B3C64A-0F93-47CD-9C54-72C0C5578487}" = Samsung PC Studio
"{2F353D44-73BB-4971-B31D-F7642E9E9531}" = Macromedia Flash MX 2004
"{3248F0A8-6813-11D6-A77B-00B0D0150010}" = J2SE Runtime Environment 5.0 Update 1
"{3248F0A8-6813-11D6-A77B-00B0D0150020}" = J2SE Runtime Environment 5.0 Update 2
"{3248F0A8-6813-11D6-A77B-00B0D0150110}" = J2SE Runtime Environment 5.0 Update 11
"{3248F0A8-6813-11D6-A77B-00B0D0160010}" = Java SE Runtime Environment 6 Update 1
"{3248F0A8-6813-11D6-A77B-00B0D0160020}" = Java 6 Update 2
"{3248F0A8-6813-11D6-A77B-00B0D0160030}" = Java 6 Update 3
"{3248F0A8-6813-11D6-A77B-00B0D0160050}" = Java 6 Update 5
"{3248F0A8-6813-11D6-A77B-00B0D0160070}" = Java 6 Update 7
"{350C97B0-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP
"{3F692FA9-348B-4264-B4EA-DE6BFA45D8AE}" = Microsoft WorldWide Telescope
"{3FA0EA26-CA46-11D4-B1B3-0050DAB93BD0}" = Digidesign Pro Tools® FREE
"{41979C2F-34B8-4F92-8111-B13C5864682D}" = MediaFACE 4.01
"{432C3720-37BF-4BD7-8E49-F38E090246D0}" = CR2
"{43DCF766-6838-4F9A-8C91-D92DA586DFA7}" = Microsoft Windows Journal Viewer
"{45EBDA59-D33B-433A-956E-B2F236468B56}" = MUSICMATCH® Jukebox
"{469730CC-78DF-4CD3-B286-562D459EA619}" = ESSCAM
"{48C82F7A-F100-4DAB-A310-8E18BF2159E1}" = ESSvpot
"{491DD792-AD81-429C-9EB4-86DD3D22E333}" = Windows Communication Foundation
"{571700F0-DB9D-4B3A-B03D-35A14BB5939F}" = Windows Live Messenger
"{643EAE81-920C-4931-9F0B-4B343B225CA6}" = ESSBrwr
"{6811CAA0-BF12-11D4-9EA1-0050BAE317E1}" = PowerDVD
"{6956856F-B6B3-4BE0-BA0B-8F495BE32033}" = Apple Software Update
"{69BD6399-3D8F-45B7-81D9-819361F5101D}" = PCDLNCH
"{6D860353-C37F-438E-9E02-8A21ADA85C62}" = Java 3D 1.3.1 (DirectX) Runtime
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{764D06D8-D8DE-411E-A1C8-D9E9380F8A84}" = Microsoft Works 7.0
"{786C5747-1033-0000-B58E-000000000001}" = Adobe Stock Photos 1.0
"{786C5747-1437-443D-B06E-79A00FE45110}" = Adobe Stock Photos 1.0
"{791CAF6C-90A3-11D4-8306-00D0B72E1DB9}" = Sentinel System Driver 5.41.0 (32-bit)
"{7D1B85BD-AA07-48B8-808D-67A4067FC6BD}" = Windows Workflow Foundation
"{7F4C8163-F259-49A0-A018-2857A90578BC}" = Adobe InDesign CS2
"{82AF77BC-423D-42DA-BE5B-FFCA04752181}" = MediaFACE 4.01 Image Library
"{87843A41-7808-4F2E-B13F-25C1E67CF2FD}" = ESShelp
"{8E1CCF20-9E12-4824-BD59-7AD9E0486DD8}" = SWAT 4
"{8E92D746-CD9F-4B90-9668-42B74C14F765}" = ESSini
"{8EDBA74D-0686-4C99-BFDD-F894678E5102}" = Adobe Common File Installer
"{8FFC924C-ED06-44CB-8867-3CA778ECE903}" = Adobe Help Center 2.0
"{90190409-6000-11D3-8CFE-0050048383C9}" = Microsoft Publisher 2002
"{90280409-6000-11D3-8CFE-0050048383C9}" = Microsoft Office XP Professional with FrontPage
"{91517631-A9F3-4B7C-B482-43E0068FD55A}" = ESSgui
"{968CB479-6163-415F-A9D3-4489BF07DAFF}" = Sonic Foundry Sound Forge 6.0b
"{9D1CF8B6-17B3-4832-B062-2C2DD0B57B04}" = CCHelp
"{9D8FEE90-0377-49A9-AEFB-525BDE549BA4}" = ESScore
"{A06275F4-324B-4E85-95E6-87B2CD729401}" = Windows Defender
"{A0936F03-1191-4520-9A06-4F950E9FE3EE}" = AmpliTube Live_2 (C:\Program Files\IK Multimedia\AmpliTube Live_2)
"{A5B3EB8A-4071-42F0-8E8E-7A8342AA8E69}" = ESSvpaht
"{A5BA14E0-7384-11D4-BAE7-00409631A2C8}" = Macromedia Extension Manager
"{A6F18A67-B771-4191-8A33-36D2E742D6D9}" = ESSANUP
"{AB9FC2F9-7FC7-11D7-9D82-00065BABCB42}" = Reason
"{ABE068DF-8DC4-4947-ABFC-DD2B40850225}" = SFR2
"{AC76BA86-7AD7-1033-7B44-000000000001}" = Adobe Reader 6.0
"{AE1FA02D-E6A4-4EA0-8E58-6483CAC016DD}" = ESSCDBK
"{AE3D38A6-13B1-40B3-9423-D1FA9982FB6A}" = Adobe Bridge 1.0
"{B2F5D08C-7E79-4FCD-AAF4-57AD35FF0601}" = Adobe Illustrator CS2
"{b4092c6d-e886-4cb2-ba68-fe5a88d31de6}_is1" = Spybot - Search & Destroy
"{B4B44FE7-41FF-4DAD-8C0A-E406DDA72992}" = CCScore
"{B508B3F1-A24A-32C0-B310-85786919EF28}" = Microsoft .NET Framework 2.0 Service Pack 1
"{B5FDA445-CAC4-4BA6-A8FB-A7212BD439DE}" = Microsoft XML Parser
"{B7050CBDB2504B34BC2A9CA0A692CC29}" = DivX Web Player
"{B997C2A0-4383-41BF-B76E-9B8B7ECFB267}" = KSU
"{BA33111A-C9DA-4A80-B7D0-FE7E3DDA7755}" = AmpliTube LE
"{BAF78226-3200-4DB4-BE33-4D922A799840}" = Windows Presentation Foundation
"{C354C9B6-A4E0-4BB0-A368-6DC6BCA0E314}" = SFR
"{C49DAA9C-5BA8-459A-8244-E57B69DF0F04}" = Suite Specific
"{C4A4722E-79F9-417C-BD72-8D359A090C97}" = Samsung PC Studio
"{C9891749-3796-4144-B892-6C1DD7B5CB32}" = Eek! Adder
"{CA60320D-6A16-49C8-A34F-84EEF4799567}" = ESSTUTOR
"{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}" = Microsoft .NET Framework 1.1
"{CDDCBBF1-2703-46BC-938B-BCC81A1EEAAA}" = SUPERAntiSpyware Free Edition
"{CE7CB214-DB11-4B5D-A6AF-3B4ED47C68B7}" = Microsoft Game Studios Common Redistributables Pack 1
"{D050D7362D214723AD585B541FFB6C11}" = DivX Content Uploader
"{D15E9DB5-6BEB-4534-901E-80C0A29BAB97}" = ESSAdpt
"{D32470A1-B10C-4059-BA53-CF0486F68EBC}" = Kodak EasyShare software
"{D78653C3-A8FF-415F-92E6-D774E634FF2D}" = Dell ResourceCD
"{D88857C8-B36B-42CE-AC26-9FFFEEDB181A}" = RssReader
"{DEAB2D22-49A5-42C5-8FCA-B31934C79C9F}" = MaxMSP 4.5.6
"{E142615E-5ED8-4511-9BF0-0284BFA25766}" = ArcSoft PhotoImpression
"{E2B64929-B616-4235-B10E-D26D686296F9}" = GiPo@FileUtilities 3.2
"{EB7E8E28-B870-472F-91AB-3515C8A0518F}" = AmpliTube Live
"{EBA29752-DDD2-4B62-B2E3-9841F92A3E3A}" = Samsung PC Studio 3 USB Driver Installer
"{ED10343F-D30A-4200-9B00-665FC45F52B4}" = ArcSoft VideoImpression 1.6
"{F71760CD-0F8B-4DCC-B7B7-6B223CC3843C}" = OTtBP
"{F71C0208-1D32-439D-9257-F90F0BAACE6A}" = CM 03-04
"{FA17A726-B229-4116-B793-A2AB1A4EAE2E}" = Adobe Premiere Pro 2.0
"{FF20F6D2-28E0-43FF-8A49-E69D07B12224}" = Belkin 54g USB Network Adapter
"{FF77941A-2BFA-4A18-BE2E-69B9498E4D55}" = User Profile Hive Cleanup Service
"AC3Filter" = AC3Filter (remove only)
"Addictive Drums" = Addictive Drums
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"Adobe Premiere Pro 2.0" = Adobe Premiere Pro 2.0
"Adobe SVG Viewer" = Adobe SVG Viewer 3.0
"Amazing Slow Downer" = Amazing Slow Downer (remove only)
"ASAPI Update" = ASAPI Update
"Atmosphere_is1" = Atmosphere
"avast!" = avast! Antivirus
"BB_is1" = Band-in-a-Box 12
"Binman" = Binman
"BitComet" = BitComet 0.81
"Caprice32" = Caprice32
"CCleaner" = CCleaner (remove only)
"Celestia_is1" = Celestia 1.3.2
"CNXT_MODEM_PCI_VEN_14F1&DEV_2702" = Conexant SmartHSFi V92 56K Speakerphone PCI Modem
"COMODO Internet Security" = COMODO Internet Security
"DeliPlayer2" = DeliPlayer 2
"DivX Codec" = Remove DivX Codec
"EPSON Printer and Utilities" = EPSON Printer Software
"esetonlinescanner" = ESET Online Scanner
"Exstora" = Exstora 1.2
"ffdshow" = ffdshow
"Flashants SWF2Video Plug-in for Adobe Premiere" = Flashants SWF2Video Plug-in for Adobe Premiere
"Flashants SWF2Video Pro 1.0" = Flashants SWF2Video Pro 1.0
"HijackThis" = HijackThis 2.0.2
"IDNMitigationAPIs" = Microsoft Internationalized Domain Names Mitigation APIs
"ie7" = Windows Internet Explorer 7
"InstallShield_{41979C2F-34B8-4F92-8111-B13C5864682D}" = MediaFACE 4.01
"InstallShield_{82AF77BC-423D-42DA-BE5B-FFCA04752181}" = MediaFACE 4.01 Image Library
"InstallShield_{8E1CCF20-9E12-4824-BD59-7AD9E0486DD8}" = SWAT 4
"InstallShield_{F71C0208-1D32-439D-9257-F90F0BAACE6A}" = CM 03-04
"kdx" = Secure Delivery
"Line 6 Uninstaller" = Line 6 Uninstaller
"LiveReg" = LiveReg (Symantec Corporation)
"LiveUpdate" = LiveUpdate 2.6 (Symantec Corporation)
"Macromedia Director MX" = Macromedia Director MX
"Macromedia Shockwave Player" = Macromedia Shockwave Player
"malwarebytes' anti-malware_is1" = Malwarebytes' Anti-Malware
"MediaMonkey_is1" = MediaMonkey 3.0
"Microsoft .NET Framework 1.1 (1033)" = Microsoft .NET Framework 1.1
"Microsoft .NET Framework 3.0" = Microsoft .NET Framework 3.0
"Mount&Blade" = Mount&Blade
"Mozilla Firefox (3.0.7)" = Mozilla Firefox (3.0.7)
"Mp3 Codec" = Mpeg Layer3 Codec FHG-Radium v1.263
"Ms3DMovie" = Microsoft 3D Movie Maker 1.0
"MSCompPackV1" = Microsoft Compression Client Pack 1.0 for Windows XP
"MSTTS" = Microsoft Text-to-Speech Engine 4.0 (English)
"Native Instruments Absynth 4" = Native Instruments Absynth 4
"Nero - Burning Rom!UninstallKey" = Ahead Nero Burning ROM
"NI Service Center" = NI Service Center
"NLSDownlevelMapping" = Microsoft National Language Support Downlevel APIs
"Norton Speed Disk" = Norton Speed Disk 6.0 for Windows NT
"Norton Utilities" = Norton Utilities 2002 for Windows
"NVIDIA Display Driver" = NVIDIA Display Driver
"NVIDIA Drivers" = NVIDIA Drivers
"OpenSource Flash Video Splitter" = OpenSource Flash Video Splitter (remove only)
"Operation Flashpoint" = Operation Flashpoint uninstall
"Operation Flashpoint Gold Upgrade" = Operation Flashpoint Gold Upgrade uninstall
"Power Tab Editor 1.7" = Power Tab Editor 1.7
"ReadPlease 2000" = ReadPlease 2000
"Riva FLV Encoder 2.0_is1" = Riva FLV Encoder 2.0
"SAMSUNG CDMA Modem" = SAMSUNG CDMA Modem Driver Set
"SAMSUNG Mobile Composite Device" = SAMSUNG Mobile Composite Device Software
"Samsung Mobile phone USB driver" = Samsung Mobile phone USB driver Software
"SAMSUNG Mobile USB Modem" = SAMSUNG Mobile USB Modem Software
"SAMSUNG Mobile USB Modem 1.0" = SAMSUNG Mobile USB Modem 1.0 Software
"Shockwave" = Shockwave
"Skype_is1" = Skype 2.0
"SONAR6Producer_is1" = SONAR 6 Producer Edition
"Sound Blaster Audigy" = Sound Blaster Audigy
"spyware terminator_is1" = Spyware Terminator
"Steinberg Cubase SX 1.03" = Steinberg Cubase SX 1.03
"TaskBar" = Creative TaskBar
"Trust 120 SpaceCam" = Trust 120 SpaceCam
"Tweak UI 2.10" = Tweak UI
"UnrealTournament" = Unreal Tournament
"VLC media player" = VideoLAN VLC media player 0.8.6i
"Windows Media Format Runtime" = Windows Media Format 11 runtime
"Windows Media Player" = Windows Media Player 10
"Windows XP Service Pack" = Windows XP Service Pack 3
"WinRAR archiver" = WinRAR archiver
"WinZip" = WinZip
"WMFDist11" = Windows Media Format 11 runtime
"Wudf01000" = Microsoft User-Mode Driver Framework Feature Pack 1.0
"XpsEPSC" = XML Paper Specification Shared Components Pack 1.0
"XviD_is1" = XviD MPEG-4 Video Codec
========== HKEY_CURRENT_USER Uninstall List ========== [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"FileZilla Client" = FileZilla Client 3.2.1
========== Last 10 Event Log Errors ========== [ Antivirus Events ]
Error - 09/11/2007 14:15:22 | Computer Name = JIM | Source = avast! | ID = 33554522
Description = AAVM - scanning error: x_AavmCheckFileDirectEx: avfilesScanReal of
C:\Documents and Settings\James\My Documents\My Pictures\jpg's\Misc\roundthebend3.jpg
failed, 0000A413.
Error - 09/11/2007 14:15:22 | Computer Name = JIM | Source = avast! | ID = 33554522
Description = AAVM - scanning error: x_AavmCheckFileDirectEx: avfilesScanReal of
C:\Documents and Settings\James\My Documents\My Pictures\jpg's\Misc\rudedog10.jpg
failed, 0000A413.
Error - 09/11/2007 14:15:22 | Computer Name = JIM | Source = avast! | ID = 33554522
Description = AAVM - scanning error: x_AavmCheckFileDirectEx: avfilesScanReal of
C:\Documents and Settings\James\My Documents\My Pictures\jpg's\Misc\s-bmimage.jpg
failed, 0000A413.
Error - 09/11/2007 14:15:22 | Computer Name = JIM | Source = avast! | ID = 33554522
Description = AAVM - scanning error: x_AavmCheckFileDirectEx: avfilesScanReal of
C:\Documents and Settings\James\My Documents\My Pictures\jpg's\Misc\sccwall.jpg
failed, 0000A413.
Error - 09/11/2007 14:15:22 | Computer Name = JIM | Source = avast! | ID = 33554522
Description = AAVM - scanning error: x_AavmCheckFileDirectEx: avfilesScanReal of
C:\Documents and Settings\James\My Documents\My Pictures\jpg's\Misc\sig2.jpg failed,
0000A413.
Error - 09/11/2007 14:15:22 | Computer Name = JIM | Source = avast! | ID = 33554522
Description = AAVM - scanning error: x_AavmCheckFileDirectEx: avfilesScanReal of
C:\Documents and Settings\James\My Documents\My Pictures\jpg's\Misc\sigurros1.jpg
failed, 0000A413.
Error - 09/11/2007 14:15:22 | Computer Name = JIM | Source = avast! | ID = 33554522
Description = AAVM - scanning error: x_AavmCheckFileDirectEx: avfilesScanReal of
C:\Documents and Settings\James\My Documents\My Pictures\jpg's\Misc\smith.jpg failed,
0000A413.
Error - 09/11/2007 14:15:22 | Computer Name = JIM | Source = avast! | ID = 33554522
Description = AAVM - scanning error: x_AavmCheckFileDirectEx: avfilesScanReal of
C:\Documents and Settings\James\My Documents\My Pictures\jpg's\Misc\strongbad.JPG
failed, 0000A413.
Error - 09/11/2007 14:15:22 | Computer Name = JIM | Source = avast! | ID = 33554522
Description = AAVM - scanning error: x_AavmCheckFileDirectEx: avfilesScanReal of
C:\Documents and Settings\James\My Documents\My Pictures\jpg's\Misc\Sunset.jpg
failed, 0000A413.
Error - 09/11/2007 14:15:22 | Computer Name = JIM | Source = avast! | ID = 33554522
Description = AAVM - scanning error: x_AavmCheckFileDirectEx: avfilesScanReal of
C:\Documents and Settings\James\My Documents\My Pictures\jpg's\Misc\swccrouch160606.jpg
failed, 0000A413.
[ Application Events ]
Error - 11/03/2009 19:05:09 | Computer Name = JIM | Source = Spybot - Search & Destroy | ID = 0
Description =
Error - 11/03/2009 19:09:45 | Computer Name = JIM | Source = Spybot - Search & Destroy | ID = 0
Description =
Error - 12/03/2009 03:39:27 | Computer Name = JIM | Source = Spybot - Search & Destroy | ID = 0
Description =
Error - 14/03/2009 20:40:29 | Computer Name = JIM | Source = Application Hang | ID = 1002
Description = Hanging application iTunes.exe, version 8.0.2.20, hang module hungapp,
version 0.0.0.0, hang address 0x00000000.
Error - 18/03/2009 19:37:37 | Computer Name = JIM | Source = MsiInstaller | ID = 11904
Description = Product: Adobe Flash Player 9 ActiveX -- Error 1904.Module C:\WINDOWS\system32\Macromed\Flash\FlDbg9c.ocx
failed to register. HRESULT -2147220473. Contact your support personnel.
Error - 19/03/2009 18:23:57 | Computer Name = JIM | Source = MsiInstaller | ID = 1013
Description = Product: Adobe Bridge 1.0 -- Setup has detected that a newer version
of the this product is already installed. Setup will now terminate.
Error - 19/03/2009 18:23:58 | Computer Name = JIM | Source = MsiInstaller | ID = 1013
Description = Product: Adobe Common File Installer -- Setup has detected that a
newer version of this product is already installed. Setup will now terminate.
Error - 19/03/2009 18:24:06 | Computer Name = JIM | Source = MsiInstaller | ID = 1013
Description = Product: Adobe Help Center 1.0 -- Setup has detected that a newer
version of the this product is already installed. Setup will now terminate.
Error - 20/03/2009 16:15:49 | Computer Name = JIM | Source = Application Hang | ID = 1002
Description = Hanging application wmplayer.exe, version 10.0.0.3646, hang module
hungapp, version 0.0.0.0, hang address 0x00000000.
Error - 21/03/2009 19:04:05 | Computer Name = JIM | Source = Application Hang | ID = 1002
Description = Hanging application wmplayer.exe, version 10.0.0.3646, hang module
hungapp, version 0.0.0.0, hang address 0x00000000.
[ System Events ]
Error - 21/03/2009 16:27:34 | Computer Name = JIM | Source = Service Control Manager | ID = 7000
Description = The Background Intelligent Transfer Service service failed to start
due to the following error: %%2
Error - 21/03/2009 19:04:14 | Computer Name = JIM | Source = DCOM | ID = 10005
Description = DCOM got error "%1058" attempting to start the service wuauserv with
arguments "" in order to run the server: {E60687F7-01A1-40AA-86AC-DB1CBF673334}
Error - 21/03/2009 20:38:14 | Computer Name = JIM | Source = Service Control Manager | ID = 7000
Description = The Belkin 54g Wireless USB Network Adapter service failed to start
due to the following error: %%2
Error - 21/03/2009 20:38:14 | Computer Name = JIM | Source = Service Control Manager | ID = 7000
Description = The Background Intelligent Transfer Service service failed to start
due to the following error: %%2
Error - 21/03/2009 20:38:14 | Computer Name = JIM | Source = Service Control Manager | ID = 7000
Description = The Iomega App Services service failed to start due to the following
error: %%3
Error - 22/03/2009 06:54:21 | Computer Name = JIM | Source = Service Control Manager | ID = 7000
Description = The Belkin 54g Wireless USB Network Adapter service failed to start
due to the following error: %%2
Error - 22/03/2009 06:54:22 | Computer Name = JIM | Source = Service Control Manager | ID = 7000
Description = The Background Intelligent Transfer Service service failed to start
due to the following error: %%2
Error - 22/03/2009 06:54:22 | Computer Name = JIM | Source = Service Control Manager | ID = 7000
Description = The Iomega App Services service failed to start due to the following
error: %%3
Error - 22/03/2009 08:05:01 | Computer Name = JIM | Source = Service Control Manager | ID = 7000
Description = The Windows Presentation Foundation Font Cache 3.0.0.0 service failed
to start due to the following error: %%5
Error - 22/03/2009 08:33:33 | Computer Name = JIM | Source = DCOM | ID = 10005
Description = DCOM got error "%1058" attempting to start the service wuauserv with
arguments "" in order to run the server: {E60687F7-01A1-40AA-86AC-DB1CBF673334}
< End of report >
OTListIt logfile created on: 22/03/2009 14:49:19 - Run 1
OTListIt2 by OldTimer - Version 2.0.7.0 Folder = C:\Documents and Settings\James\Desktop
Windows XP Home Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 7.0.5730.11)
Locale: 00000809 | Country: United Kingdom | Language: ENG | Date Format: dd/MM/yyyy
2.00 Gb Total Physical Memory | 1.48 Gb Available Physical Memory | 73.99% Memory free
3.81 Gb Paging File | 3.31 Gb Available in Paging File | 86.88% Paging File free
Paging file location(s): C:\pagefile.sys 2006 3072;
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 111.75 Gb Total Space | 45.58 Gb Free Space | 40.79% Space Free | Partition Type: NTFS
D: Drive not present or media not loaded
Drive E: | 186.31 Gb Total Space | 16.78 Gb Free Space | 9.01% Space Free | Partition Type: NTFS
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded
Computer Name: JIM
Current User Name: James
Logged in as Administrator.
Current Boot Mode: Normal
Scan Mode: Current user
Output = Minimal
File Age = 30 Days
Company Name Whitelist: On
========== Processes (SafeList) ========== PRC - C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe ()
PRC - C:\Program Files\Windows Defender\MsMpEng.exe (Microsoft Corporation)
PRC - C:\WINDOWS\Explorer.EXE (Microsoft Corporation)
PRC - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe (ALWIL Software)
PRC - C:\Program Files\Alwil Software\Avast4\ashServ.exe (ALWIL Software)
PRC - C:\WINDOWS\vsnpstd.exe ()
PRC - C:\Program Files\Alwil Software\Avast4\ashDisp.exe (ALWIL Software)
PRC - C:\Program Files\Windows Defender\MSASCui.exe (Microsoft Corporation)
PRC - C:\WINDOWS\system32\CTHELPER.EXE (Creative Technology Ltd)
PRC - C:\Program Files\Java\jre6\bin\jusched.exe (Sun Microsystems, Inc.)
PRC - C:\Program Files\Exstora\Exstora.exe (Exstora.com)
PRC - C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe (SUPERAntiSpyware.com)
PRC - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe (Apple Inc.)
PRC - C:\Program Files\Bonjour\mDNSResponder.exe (Apple Inc.)
PRC - C:\Program Files\Common Files\EPSON\EBAPI\SAgent2.exe (SEIKO EPSON CORPORATION)
PRC - C:\Program Files\Java\jre6\bin\jqs.exe (Sun Microsystems, Inc.)
PRC - C:\WINDOWS\system32\drivers\KodakCCS.exe (Eastman Kodak Company)
PRC - C:\Program Files\Norton Utilities\NPROTECT.EXE (Symantec Corporation)
PRC - C:\WINDOWS\System32\ScsiAccess.EXE ()
PRC - C:\Program Files\Speed Disk\nopdb.exe (Symantec Corporation)
PRC - C:\Program Files\Spyware Terminator\sp_rsser.exe (Crawler.com)
PRC - C:\Program Files\UPHClean\uphclean.exe (Microsoft Corporation)
PRC - C:\WINDOWS\System32\MsPMSPSv.exe (Microsoft Corporation)
PRC - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe (ALWIL Software)
PRC - C:\WINDOWS\system32\wscntfy.exe (Microsoft Corporation)
PRC - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe (ALWIL Software)
PRC - C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe (Microsoft Corporation)
PRC - C:\Documents and Settings\James\Desktop\OTListIt2.exe (OldTimer Tools)
========== Win32 Services (SafeList) ========== SRV - (Adobe LM Service [On_Demand | Stopped]) -- C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe (Adobe Systems)
SRV - (Apple Mobile Device [Auto | Running]) -- C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe (Apple Inc.)
SRV - (aspnet_state [On_Demand | Stopped]) -- C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe (Microsoft Corporation)
SRV - (aswUpdSv [Auto | Running]) -- C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe (ALWIL Software)
SRV - (avast! Antivirus [Auto | Running]) -- C:\Program Files\Alwil Software\Avast4\ashServ.exe (ALWIL Software)
SRV - (avast! Mail Scanner [On_Demand | Running]) -- C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe (ALWIL Software)
SRV - (avast! Web Scanner [On_Demand | Running]) -- C:\Program Files\Alwil Software\Avast4\ashWebSv.exe (ALWIL Software)
SRV - (Belkin 54g Wireless USB Network Adapter Service [Auto | Stopped]) -- File not found
SRV - (Bonjour Service [Auto | Running]) -- C:\Program Files\Bonjour\mDNSResponder.exe (Apple Inc.)
SRV - (clr_optimization_v2.0.50727_32 [Auto | Running]) -- C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe (Microsoft Corporation)
SRV - (cmdAgent [Auto | Running]) -- C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe ()
SRV - (EPSONStatusAgent2 [Auto | Running]) -- C:\Program Files\Common Files\EPSON\EBAPI\SAgent2.exe (SEIKO EPSON CORPORATION)
SRV - (helpsvc [Auto | Running]) -- C:\WINDOWS\PCHealth\HelpCtr\Binaries\pchsvc.dll (Microsoft Corporation)
SRV - (IDriverT [On_Demand | Stopped]) -- C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe (Macrovision Corporation)
SRV - (Iomega Activity Disk2 [Disabled | Stopped]) -- File not found
SRV - (Iomega App Services [Auto | Stopped]) -- File not found
SRV - (JavaQuickStarterService [Auto | Running]) -- C:\Program Files\Java\jre6\bin\jqs.exe (Sun Microsystems, Inc.)
SRV - (KodakCCS [Auto | Running]) -- C:\WINDOWS\system32\drivers\KodakCCS.exe (Eastman Kodak Company)
SRV - (Macromedia Licensing Service [On_Demand | Stopped]) -- C:\Program Files\Common Files\Macromedia Shared\Service\Macromedia Licensing.exe ()
SRV - (NProtectService [Auto | Running]) -- C:\Program Files\Norton Utilities\NPROTECT.EXE (Symantec Corporation)
SRV - (NVSvc [Auto | Stopped]) -- C:\WINDOWS\system32\nvsvc32.exe (NVIDIA Corporation)
SRV - (ScsiAccess [Auto | Running]) -- C:\WINDOWS\System32\ScsiAccess.EXE ()
SRV - (Speed Disk service [Auto | Running]) -- C:\Program Files\Speed Disk\nopdb.exe (Symantec Corporation)
SRV - (sp_rssrv [Auto | Running]) -- C:\Program Files\Spyware Terminator\sp_rsser.exe (Crawler.com)
SRV - (SymWSC [Auto | Stopped]) -- C:\Program Files\Common Files\Symantec Shared\Security Center\SymWSC.exe (Symantec Corporation)
SRV - (UPHClean [Auto | Running]) -- C:\Program Files\UPHClean\uphclean.exe (Microsoft Corporation)
SRV - (usnjsvc [On_Demand | Stopped]) -- C:\Program Files\MSN Messenger\usnsvc.exe (Microsoft Corporation)
SRV - (WinDefend [Auto | Running]) -- C:\Program Files\Windows Defender\MsMpEng.exe (Microsoft Corporation)
SRV - (WMDM PMSP Service [Auto | Running]) -- C:\WINDOWS\System32\MsPMSPSv.exe (Microsoft Corporation)
SRV - (idsvc [Unknown | Stopped]) -- C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe (Microsoft Corporation)
SRV - (NetTcpPortSharing [Disabled | Stopped]) -- C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe (Microsoft Corporation)
SRV - (FontCache3.0.0.0 [On_Demand | Stopped]) -- c:\WINDOWS\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe (Microsoft Corporation)
========== Driver Services (SafeList) ========== DRV - (Aavmker4 [System | Running]) -- C:\WINDOWS\System32\drivers\aavmker4.sys (ALWIL Software)
DRV - (AegisP [Auto | Running]) -- C:\WINDOWS\system32\DRIVERS\AegisP.sys (Meetinghouse Data Communications)
DRV - (Asapi [System | Running]) -- C:\WINDOWS\System32\drivers\asapi.sys (VOB Computersysteme GmbH)
DRV - (aswFsBlk [Auto | Running]) -- C:\WINDOWS\system32\DRIVERS\aswFsBlk.sys (ALWIL Software)
DRV - (aswMon2 [Auto | Running]) -- C:\WINDOWS\System32\drivers\aswmon2.sys (ALWIL Software)
DRV - (aswRdr [On_Demand | Running]) -- C:\WINDOWS\System32\drivers\aswRdr.sys (ALWIL Software)
DRV - (aswSP [System | Running]) -- C:\WINDOWS\System32\drivers\aswSP.sys (ALWIL Software)
DRV - (aswTdi [System | Running]) -- C:\WINDOWS\System32\drivers\aswTdi.sys (ALWIL Software)
DRV - (bkn50USB [On_Demand | Running]) -- C:\WINDOWS\system32\DRIVERS\rt2500usb.sys (Ralink Technology Inc.)
DRV - (cmdGuard [System | Running]) -- C:\WINDOWS\System32\DRIVERS\cmdguard.sys (COMODO)
DRV - (cmdHlp [System | Running]) -- C:\WINDOWS\System32\DRIVERS\cmdhlp.sys (COMODO)
DRV - (COMMONFX.DLL [On_Demand | Stopped]) -- C:\WINDOWS\system32\COMMONFX.DLL (Creative Technology Ltd)
DRV - (CT20XUT.DLL [On_Demand | Stopped]) -- C:\WINDOWS\system32\CT20XUT.DLL (Creative Technology Ltd.)
DRV - (ctac32k [On_Demand | Running]) -- C:\WINDOWS\System32\drivers\ctac32k.sys (Creative Technology Ltd)
DRV - (ctaud2k [On_Demand | Stopped]) -- C:\WINDOWS\system32\drivers\ctaud2k.sys (Creative Technology Ltd)
DRV - (CTAUDFX.DLL [On_Demand | Stopped]) -- C:\WINDOWS\system32\CTAUDFX.DLL (Creative Technology Ltd)
DRV - (ctdvda2k [On_Demand | Stopped]) -- C:\WINDOWS\system32\drivers\ctdvda2k.sys (Creative Technology Ltd)
DRV - (CTEAPSFX.DLL [On_Demand | Stopped]) -- C:\WINDOWS\system32\CTEAPSFX.DLL (Creative Technology Ltd)
DRV - (CTEDSPFX.DLL [On_Demand | Stopped]) -- C:\WINDOWS\system32\CTEDSPFX.DLL (Creative Technology Ltd)
DRV - (CTEDSPIO.DLL [On_Demand | Stopped]) -- C:\WINDOWS\system32\CTEDSPIO.DLL (Creative Technology Ltd)
DRV - (CTEDSPSY.DLL [On_Demand | Stopped]) -- C:\WINDOWS\system32\CTEDSPSY.DLL (Creative Technology Ltd)
DRV - (CTERFXFX.DLL [On_Demand | Stopped]) -- C:\WINDOWS\system32\CTERFXFX.DLL (Creative Technology Ltd)
DRV - (CTEXFIFX.DLL [On_Demand | Stopped]) -- C:\WINDOWS\system32\CTEXFIFX.DLL (Creative Technology Ltd.)
DRV - (CTHWIUT.DLL [On_Demand | Stopped]) -- C:\WINDOWS\system32\CTHWIUT.DLL (Creative Technology Ltd.)
DRV - (ctprxy2k [On_Demand | Running]) -- C:\WINDOWS\System32\drivers\ctprxy2k.sys (Creative Technology Ltd)
DRV - (CTSBLFX.DLL [On_Demand | Stopped]) -- C:\WINDOWS\system32\CTSBLFX.DLL (Creative Technology Ltd)
DRV - (ctsfm2k [On_Demand | Running]) -- C:\WINDOWS\System32\drivers\ctsfm2k.sys (Creative Technology Ltd)
DRV - (d347bus [Boot | Running]) -- C:\WINDOWS\system32\DRIVERS\d347bus.sys ( )
DRV - (d347prt [Boot | Running]) -- C:\WINDOWS\System32\Drivers\d347prt.sys ( )
DRV - (DcCam [System | Running]) -- C:\WINDOWS\System32\DRIVERS\DcCam.sys (Eastman Kodak Company)
DRV - (DcFpoint [On_Demand | Stopped]) -- C:\WINDOWS\System32\DRIVERS\DcFpoint.sys (Eastman Kodak Company)
DRV - (DCFS2K [Auto | Running]) -- C:\WINDOWS\system32\drivers\dcfs2k.sys (Eastman Kodak Company)
DRV - (DcLps [On_Demand | Stopped]) -- C:\WINDOWS\System32\DRIVERS\DcLps.sys (Eastman Kodak Company)
DRV - (DcPTP [On_Demand | Stopped]) -- C:\WINDOWS\System32\DRIVERS\DcPTP.sys (Eastman Kodak Company)
DRV - (emu10kx [On_Demand | Running]) -- C:\WINDOWS\system32\drivers\e10kx2k.sys (Creative Technology Ltd)
DRV - (emupia [On_Demand | Running]) -- C:\WINDOWS\System32\drivers\emupia2k.sys (Creative Technology Ltd)
DRV - (Exportit [System | Stopped]) -- C:\WINDOWS\System32\DRIVERS\exportit.sys (Eastman Kodak Company)
DRV - (gameenum [On_Demand | Running]) -- C:\WINDOWS\System32\DRIVERS\gameenum.sys (Microsoft Corporation)
DRV - (GEARAspiWDM [On_Demand | Running]) -- C:\WINDOWS\SYSTEM32\DRIVERS\GEARAspiWDM.sys (GEAR Software Inc.)
DRV - (ggsemc [On_Demand | Stopped]) -- C:\WINDOWS\system32\DRIVERS\ggsemc.sys (Sony Ericsson Mobile Communications)
DRV - (ha10kx2k [On_Demand | Stopped]) -- C:\WINDOWS\system32\drivers\ha10kx2k.sys (Creative Technology Ltd)
DRV - (hap16v2k [On_Demand | Stopped]) -- C:\WINDOWS\system32\drivers\hap16v2k.sys (Creative Technology Ltd)
DRV - (hap17v2k [On_Demand | Stopped]) -- C:\WINDOWS\system32\drivers\hap17v2k.sys (Creative Technology Ltd)
DRV - (HSFHWBS2 [On_Demand | Running]) -- C:\WINDOWS\System32\DRIVERS\HSFHWBS2.sys (Conexant Systems)
DRV - (HSF_DP [On_Demand | Running]) -- C:\WINDOWS\System32\DRIVERS\HSF_DP.sys (Conexant Systems)
DRV - (Inspect [Boot | Running]) -- C:\WINDOWS\System32\DRIVERS\inspect.sys (COMODO)
DRV - (iomdisk [Boot | Running]) -- C:\WINDOWS\System32\DRIVERS\iomdisk.sys (Iomega Corporation)
DRV - (L6PODX3LV [On_Demand | Stopped]) -- C:\WINDOWS\System32\Drivers\L6PODX3LV.sys (Line 6)
DRV - (L6TPortB [On_Demand | Running]) -- C:\WINDOWS\System32\Drivers\L6TPortB.sys (Line 6)
DRV - (mdmxsdk [Auto | Running]) -- C:\WINDOWS\System32\DRIVERS\mdmxsdk.sys (Conexant)
DRV - (MODEMCSA [On_Demand | Running]) -- C:\WINDOWS\system32\drivers\MODEMCSA.sys (Microsoft Corporation)
DRV - (MxlW2k [On_Demand | Stopped]) -- C:\WINDOWS\System32\drivers\MxlW2k.sys (MusicMatch, Inc.)
DRV - (NETMDSHA [On_Demand | Stopped]) -- C:\WINDOWS\System32\Drivers\MDSHA031.sys (Sony Corporation)
DRV - (nm [On_Demand | Stopped]) -- C:\WINDOWS\system32\DRIVERS\NMnt.sys (Microsoft Corporation)
DRV - (NPDriver [On_Demand | Running]) -- C:\WINDOWS\System32\Drivers\NPDRIVER.SYS (Symantec Corporation)
DRV - (Nsynas32 [Auto | Running]) -- C:\WINDOWS\System32\drivers\NSynas32.sys (Syncrosoft Hard- und Software GmbH)
DRV - (nv [On_Demand | Running]) -- C:\WINDOWS\System32\DRIVERS\nv4_mini.sys (NVIDIA Corporation)
DRV - (OMCI [System | Running]) -- C:\WINDOWS\SYSTEM32\DRIVERS\OMCI.SYS (Dell Computer Corporation)
DRV - (ossrv [On_Demand | Running]) -- C:\WINDOWS\System32\drivers\ctoss2k.sys (Creative Technology Ltd.)
DRV - (pfc [On_Demand | Stopped]) -- C:\WINDOWS\system32\drivers\pfc.sys (Padus, Inc.)
DRV - (PfModNT [Auto | Running]) -- C:\WINDOWS\system32\PfModNT.sys (Creative Technology Ltd.)
DRV - (prodrv06 [System | Running]) -- C:\WINDOWS\System32\drivers\prodrv06.sys (Protection Technology)
DRV - (prohlp02 [Boot | Running]) -- C:\WINDOWS\System32\drivers\prohlp02.sys (Protection Technology)
DRV - (prosync1 [Boot | Running]) -- C:\WINDOWS\System32\drivers\prosync1.sys (Protection Technology)
DRV - (Ptilink [On_Demand | Running]) -- C:\WINDOWS\System32\DRIVERS\ptilink.sys (Parallel Technologies, Inc.)
DRV - (PxHelp20 [Boot | Running]) -- C:\WINDOWS\system32\DRIVERS\PxHelp20.sys (Sonic Solutions)
DRV - (ROOTMODEM [On_Demand | Running]) -- C:\WINDOWS\System32\Drivers\RootMdm.sys (Microsoft Corporation)
DRV - (RT73 [On_Demand | Stopped]) -- C:\WINDOWS\system32\DRIVERS\rt73.sys (Ralink Technology, Corp.)
DRV - (rtl8139 [On_Demand | Running]) -- C:\WINDOWS\System32\DRIVERS\RTL8139.SYS (Realtek Semiconductor Corporation)
DRV - (SASDIFSV [System | Running]) -- C:\Program Files\SUPERAntiSpyware\SASDIFSV.SYS (SUPERAdBlocker.com and SUPERAntiSpyware.com)
DRV - (SASENUM [On_Demand | Running]) -- C:\Program Files\SUPERAntiSpyware\SASENUM.SYS ( SUPERAdBlocker.com and SUPERAntiSpyware.com)
DRV - (SASKUTIL [System | Running]) -- C:\Program Files\SUPERAntiSpyware\SASKUTIL.sys (SUPERAdBlocker.com and SUPERAntiSpyware.com)
DRV - (Secdrv [Auto | Running]) -- C:\WINDOWS\System32\DRIVERS\secdrv.sys (Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K.)
DRV - (Sentinel [Auto | Running]) -- C:\WINDOWS\System32\Drivers\SENTINEL.SYS (Rainbow Technologies, Inc.)
DRV - (sfhlp01 [Boot | Running]) -- C:\WINDOWS\System32\drivers\sfhlp01.sys (Protection Technology)
DRV - (snpstd [On_Demand | Stopped]) -- C:\WINDOWS\system32\DRIVERS\snpstd.sys ()
DRV - (ss_bus [On_Demand | Stopped]) -- C:\WINDOWS\system32\DRIVERS\ss_bus.sys (MCCI)
DRV - (ss_mdfl [On_Demand | Stopped]) -- C:\WINDOWS\system32\DRIVERS\ss_mdfl.sys (MCCI)
DRV - (ss_mdm [On_Demand | Stopped]) -- C:\WINDOWS\system32\DRIVERS\ss_mdm.sys (MCCI)
DRV - (StarOpen [System | Running]) -- C:\WINDOWS\System32\drivers\StarOpen.sys ()
DRV - (SymEvent [On_Demand | Running]) -- C:\Program Files\Symantec\SYMEVENT.SYS (Symantec Corporation)
DRV - (TPkd [Boot | Running]) -- C:\WINDOWS\System32\drivers\TPkd.sys (PACE Anti-Piracy, Inc.)
DRV - (winachsf [On_Demand | Running]) -- C:\WINDOWS\System32\DRIVERS\HSF_CNXT.sys (Conexant Systems)
========== Standard Registry (All) ========== ========== Internet Explorer ========== IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL =
http://go.microsoft....k/?LinkId=69157IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL =
http://go.microsoft....k/?LinkId=54896IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL =
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Extensions Off Page = about:NoAdd-ons
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page =
http://go.microsoft....k/?LinkId=54896IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Security Risk Page = about:SecurityRisk
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page =
http://go.microsoft....k/?LinkId=69157 IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\WINDOWS\system32\blank.htm
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Page_Transitions = 1
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page =
http://go.microsoft....k/?LinkId=54896IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,SearchMigratedDefaultName = Yahoo! Search
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,SearchMigratedDefaultURL =
http://search.yahoo....e...-8&fr=b1ie7IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page =
http://www.google.co.uk/IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = localhost;<local>
========== FireFox ========== FF - prefs.js..browser.search.selectedEngine: "Amazon.co.uk"
FF - prefs.js..browser.startup.homepage: "
http://www.google.co.uk/"FF - prefs.js..extensions.enabledItems: {b9db16a4-6edc-47ec-a1f4-b86292ed211d}:4.2
FF - prefs.js..extensions.enabledItems:
[email protected]:1.3.3
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0001-ABCDEFFEDCBA}:6.0.01
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0002-ABCDEFFEDCBA}:6.0.02
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0003-ABCDEFFEDCBA}:6.0.03
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0005-ABCDEFFEDCBA}:6.0.05
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA}:6.0.07
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0012-ABCDEFFEDCBA}:6.0.12
FF - prefs.js..extensions.enabledItems:
[email protected]:1.0
FF - prefs.js..extensions.enabledItems: {CA0A44A7-9B2A-4D0B-ABD5-CA69113FDDAD}:1.0
FF - prefs.js..extensions.enabledItems: {972ce4c6-7e08-4474-a285-3208198ce6fd}:3.0.7
FF - prefs.js..extensions.enabledItems: {9f08cb5a-76b1-4bcf-aff9-90e1a5d60b1e}:3.61
FF - HKLM\software\mozilla\Firefox\extensions\\
[email protected]: C:\PROGRAM FILES\JAVA\JRE6\LIB\DEPLOY\JQS\FF [2009/03/15 02:26:17 | 00,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.0.7\extensions\\Components: C:\PROGRAM FILES\MOZILLA FIREFOX\COMPONENTS [2009/03/19 21:12:05 | 00,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.0.7\extensions\\Plugins: C:\PROGRAM FILES\MOZILLA FIREFOX\PLUGINS [2009/03/19 21:12:05 | 00,000,000 | ---D | M]
[2008/09/24 11:04:59 | 00,000,000 | ---D | M] -- C:\Documents and Settings\James\Application Data\mozilla\Extensions
[2008/09/24 11:04:59 | 00,000,000 | ---D | M] -- C:\Documents and Settings\James\Application Data\mozilla\Extensions\{ec8030f7-c20a-464f-9b0e-13a3a9e97384}
[2009/03/22 11:09:23 | 00,000,000 | ---D | M] -- C:\Documents and Settings\James\Application Data\mozilla\Firefox\Profiles\i0z4h0dw.default\extensions
[2009/03/15 17:18:09 | 00,000,000 | ---D | M] -- C:\Documents and Settings\James\Application Data\mozilla\Firefox\Profiles\i0z4h0dw.default\extensions\{3d7eb24f-2740-49df-8937-200b1cc08f8a}
[2009/03/15 17:17:50 | 00,000,000 | ---D | M] -- C:\Documents and Settings\James\Application Data\mozilla\Firefox\Profiles\i0z4h0dw.default\extensions\{9f08cb5a-76b1-4bcf-aff9-90e1a5d60b1e}
[2009/03/04 19:26:06 | 00,000,000 | ---D | M] -- C:\Documents and Settings\James\Application Data\mozilla\Firefox\Profiles\i0z4h0dw.default\extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}
[2009/02/26 23:00:43 | 00,000,000 | ---D | M] -- C:\Documents and Settings\James\Application Data\mozilla\Firefox\Profiles\i0z4h0dw.default\extensions\
[email protected][2007/09/29 09:51:20 | 00,000,000 | ---D | M] -- C:\Documents and Settings\James\Application Data\mozilla\Firefox\Profiles\i0z4h0dw.default\extensions\
[email protected][2009/03/22 11:09:23 | 00,000,000 | ---D | M] -- C:\Program Files\mozilla firefox\extensions
[2009/03/07 01:22:09 | 00,000,000 | ---D | M] -- C:\Program Files\mozilla firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
[2009/03/10 21:18:58 | 00,000,000 | ---D | M] -- C:\Program Files\mozilla firefox\extensions\{CA0A44A7-9B2A-4D0B-ABD5-CA69113FDDAD}
[2007/05/10 09:20:04 | 00,000,000 | ---D | M] -- C:\Program Files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0001-ABCDEFFEDCBA}
[2007/08/08 07:26:35 | 00,000,000 | ---D | M] -- C:\Program Files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0002-ABCDEFFEDCBA}
[2007/12/08 11:37:58 | 00,000,000 | ---D | M] -- C:\Program Files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0003-ABCDEFFEDCBA}
[2008/05/14 07:42:56 | 00,000,000 | ---D | M] -- C:\Program Files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0005-ABCDEFFEDCBA}
[2008/08/12 07:08:05 | 00,000,000 | ---D | M] -- C:\Program Files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA}
[2009/03/15 02:26:39 | 00,000,000 | ---D | M] -- C:\Program Files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0012-ABCDEFFEDCBA}
[2009/03/07 01:22:09 | 00,023,032 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\browserdirprovider.dll
[2009/03/07 01:22:09 | 00,134,648 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\brwsrcmp.dll
[2008/01/04 15:36:50 | 00,001,538 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\amazon-en-GB.xml
[2006/07/05 18:47:38 | 00,002,193 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\answers.xml
[2008/01/04 15:36:50 | 00,000,947 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\chambers-en-GB.xml
[2008/03/08 09:35:22 | 00,001,534 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\creativecommons.xml
[2008/11/15 15:50:41 | 00,000,759 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\eBay-en-GB.xml
[2008/04/16 04:08:20 | 00,001,706 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\google.xml
[2008/03/28 18:11:14 | 00,001,178 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\wikipedia.xml
[2008/01/04 15:36:50 | 00,000,831 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\yahoo-en-GB.xml
O1 HOSTS File: (302790 bytes) - C:\WINDOWS\System32\drivers\etc\Hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: 127.0.0.1 www.007guard.com
O1 - Hosts: 127.0.0.1 007guard.com
O1 - Hosts: 127.0.0.1 008i.com
O1 - Hosts: 127.0.0.1 www.008k.com
O1 - Hosts: 127.0.0.1 008k.com
O1 - Hosts: 127.0.0.1 www.00hq.com
O1 - Hosts: 127.0.0.1 00hq.com
O1 - Hosts: 127.0.0.1 010402.com
O1 - Hosts: 127.0.0.1 www.032439.com
O1 - Hosts: 127.0.0.1 032439.com
O1 - Hosts: 127.0.0.1 www.0scan.com
O1 - Hosts: 127.0.0.1 0scan.com
O1 - Hosts: 127.0.0.1 www.1000gratisproben.com
O1 - Hosts: 127.0.0.1 1000gratisproben.com
O1 - Hosts: 127.0.0.1 www.1001namen.com
O1 - Hosts: 127.0.0.1 1001namen.com
O1 - Hosts: 127.0.0.1 100888290cs.com
O1 - Hosts: 127.0.0.1 www.100888290cs.com
O1 - Hosts: 127.0.0.1 100sexlinks.com
O1 - Hosts: 127.0.0.1 www.100sexlinks.com
O1 - Hosts: 127.0.0.1 10sek.com
O1 - Hosts: 127.0.0.1 www.10sek.com
O1 - Hosts: 127.0.0.1 www.1-2005-search.com
O1 - Hosts: 127.0.0.1 1-2005-search.com
O1 - Hosts: 10436 more lines...
O2 - BHO: (no name) - {afdadd21-4c3e-4c3d-bc14-ccea26868b19} - Reg Error: Key error. File not found
O2 - BHO: (Java Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll (Sun Microsystems, Inc.)
O2 - BHO: (JQSIEStartDetectorImpl Class) - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll (Sun Microsystems, Inc.)
O3 - HKCU\..\Toolbar\ShellBrowser: (no name) - {01E04581-4EEE-11D0-BFE9-00AA005B4383} - C:\WINDOWS\System32\browseui.dll (Microsoft Corporation)
O3 - HKCU\..\Toolbar\ShellBrowser: (no name) - {0E5CBF21-D15F-11D0-8301-00AA005B4383} - C:\WINDOWS\system32\SHELL32.dll (Microsoft Corporation)
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {01E04581-4EEE-11D0-BFE9-00AA005B4383} - C:\WINDOWS\System32\browseui.dll (Microsoft Corporation)
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {0E5CBF21-D15F-11D0-8301-00AA005B4383} - C:\WINDOWS\system32\SHELL32.dll (Microsoft Corporation)
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - Reg Error: Key error. File not found
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - Reg Error: Key error. File not found
O4 - HKLM..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe (ALWIL Software)
O4 - HKLM..\Run: [COMODO Internet Security] "C:\Program Files\COMODO\COMODO Internet Security\cfp.exe" -h ()
O4 - HKLM..\Run: [CTHelper] CTHELPER.EXE (Creative Technology Ltd)
O4 - HKLM..\Run: [CTxfiHlp] CTXFIHLP.EXE (Creative Technology Ltd)
O4 - HKLM..\Run: [EPSON Stylus D68 Series] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATIAAE.EXE /P23 "EPSON Stylus D68 Series" /O6 "USB001" /M "Stylus D68" (SEIKO EPSON CORPORATION)
O4 - HKLM..\Run: [Jet Detection] C:\Program Files\Creative\SBAudigy\PROGRAM\ADGJDet.exe ()
O4 - HKLM..\Run: [NeroCheck] C:\WINDOWS\system32\NeroCheck.exe (Ahead Software Gmbh)
O4 - HKLM..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe (Ahead Software Gmbh)
O4 - HKLM..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup (NVIDIA Corporation)
O4 - HKLM..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit (NVIDIA Corporation)
O4 - HKLM..\Run: [nwiz] nwiz.exe /install (NVIDIA Corporation)
O4 - HKLM..\Run: [snpstd] C:\WINDOWS\vsnpstd.exe ()
O4 - HKLM..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe" (Sun Microsystems, Inc.)
O4 - HKLM..\Run: [UpdReg] C:\WINDOWS\Updreg.exe (Creative Technology Ltd.)
O4 - HKLM..\Run: [Windows Defender] "C:\Program Files\Windows Defender\MSASCui.exe" -hide (Microsoft Corporation)
O4 - HKCU..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe (Microsoft Corporation)
O4 - HKCU..\Run: [Exstora] "C:\Program Files\Exstora\Exstora.exe" (Exstora.com)
O4 - HKCU..\Run: [mount.exe] C:\Program Files\GiPo@Utilities\FileUtilities.3\mount.exe /z (Gibin Software House (
http://www.gibinsoft.net))
O4 - HKCU..\Run: [SUPERAntiSpyware] C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe (SUPERAntiSpyware.com)
O4 - HKLM..\RunOnceEx: [] File not found
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoRun = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: dontdisplaylastusername = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticecaption =
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticetext =
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: shutdownwithoutlogon = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: undockwithoutlogon = 1
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 95
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: =
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: ClearRecentDocsOnExit = 01 00 00 00 [binary data]
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoRun = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoFolderOptions = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableRegistryTools = 0
O9 - Extra 'Tools' menuitem : @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe (Microsoft Corporation)
O9 - Extra Button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000001 [Tcpip] - C:\WINDOWS\System32\mswsock.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000002 [NTDS] - C:\WINDOWS\System32\winrnr.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000003 [Network Location Awareness (NLA) Namespace] - C:\WINDOWS\System32\mswsock.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [mdnsNSP] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O10 - Protocol_Catalog9\Catalog_Entries\000000000001 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000002 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000003 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000004 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000005 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000006 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000007 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000008 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000009 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000010 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000011 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000012 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000013 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000014 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000015 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000016 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000017 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000018 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000019 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000020 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000021 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000022 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000023 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000024 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000025 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000026 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000027 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000028 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000029 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000030 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000031 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000032 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000033 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000034 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000035 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000036 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000037 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O16 - DPF: {00000055-9980-0010-8000-00AA00389B71}
http://codecs.micros...cs/i386/fhg.CAB (Reg Error: Key error.)
O16 - DPF: {161A7465-FEEE-4B40-8A85-ED752B93F73E} file://D:\IntraLaunch.CAB (Reg Error: Key error.)
O16 - DPF: {2917297F-F02B-4B9D-81DF-494B6333150B}
http://messenger.zon...er.cab31267.cab (Minesweeper Flags Class)
O16 - DPF: {33564D57-0000-0010-8000-00AA00389B71}
http://download.micr...922/wmv9VCM.CAB (Reg Error: Key error.)
O16 - DPF: {56762dec-6b0d-4ab4-a8ad-989993b5d08b}
http://www.eset.eu/b...lineScanner.cab (OnlineScanner Control)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93}
http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_12)
O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D}
http://messenger.zon...nt.cab31267.cab (MessengerStatsClient Class)
O16 - DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C}
http://fpdownload.ma...r/ultrashim.cab (Reg Error: Key error.)
O16 - DPF: {9F1C11AA-197B-4942-BA54-47A8489BB47F}
http://v4.windowsupd...7978.2073263889 (Reg Error: Key error.)
O16 - DPF: {B9191F79-5613-4C76-AA2A-398534BB8999}
http://us.dl1.yimg.c...utocomplete.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0014-0001-0006-ABCDEFFEDCBA} (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0015-0000-0002-ABCDEFFEDCBA}
http://java.sun.com/...indows-i586.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0015-0000-0011-ABCDEFFEDCBA}
http://java.sun.com/...indows-i586.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0016-0000-0001-ABCDEFFEDCBA}
http://java.sun.com/...indows-i586.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0016-0000-0002-ABCDEFFEDCBA}
http://java.sun.com/...indows-i586.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0016-0000-0003-ABCDEFFEDCBA}
http://java.sun.com/...indows-i586.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0016-0000-0005-ABCDEFFEDCBA}
http://java.sun.com/...indows-i586.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA}
http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_07)
O16 - DPF: {CAFEEFAC-0016-0000-0012-ABCDEFFEDCBA}
http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_12)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA}
http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_12)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000}
http://fpdownload.ma...ash/swflash.cab (Shockwave Flash Object)
O16 - DPF: {F54C1137-5E34-4B95-95A5-BA56D4D8D743}
http://www.gamespot.com/KDX/kdx.cab (Secure Delivery)
O16 - DPF: DirectAnimation Java Classes file://C:\WINDOWS\Java\classes\dajava.cab (Reg Error: Key error.)
O16 - DPF: Microsoft XML Parser for Java file://C:\WINDOWS\Java\classes\xmldso.cab (Reg Error: Key error.)
O18 - Protocol\Filter: - application/octet-stream - C:\WINDOWS\system32\mscoree.dll (Microsoft Corporation)
O18 - Protocol\Filter: - application/x-complus - C:\WINDOWS\system32\mscoree.dll (Microsoft Corporation)
O18 - Protocol\Filter: - application/x-msdownload - C:\WINDOWS\system32\mscoree.dll (Microsoft Corporation)
O18 - Protocol\Filter: - Class Install Handler - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Filter: - deflate - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Filter: - gzip - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Filter: - lzdhtml - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Filter: - text/webviewhtml - C:\WINDOWS\system32\SHELL32.dll (Microsoft Corporation)
O20 - AppInit_DLLs: (qbhibi.dll) - File not found
O20 - AppInit_DLLs: (C:\WINDOWS\system32\talogevi.dll) - C:\WINDOWS\system32\talogevi.dll File not found
O20 - AppInit_DLLs: (c:\windows\system32\) - c:\windows\system32 [2009/03/22 12:05:38 | 00,000,000 | ---D | M]
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\Explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\WINDOWS\system32\userinit.exe) - C:\WINDOWS\system32\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UIHost - (LogonUI.EXE) - C:\WINDOWS\system32\LogonUI.EXE (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (rundll32 shell32) - C:\WINDOWS\System32\shell32.dll (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (Control_RunDLL "sysdm.cpl") - C:\WINDOWS\system32\sysdm.cpl (Microsoft Corporation)
O20 - Winlogon\Notify\!SASWinLogon: DllName - C:\Program Files\SUPERAntiSpyware\SASWINLO.dll - C:\Program Files\SUPERAntiSpyware\SASWINLO.dll (SUPERAntiSpyware.com)
O20 - Winlogon\Notify\crypt32chain: DllName - crypt32.dll - C:\WINDOWS\system32\crypt32.dll (Microsoft Corporation)
O20 - Winlogon\Notify\cryptnet: DllName - cryptnet.dll - C:\WINDOWS\system32\cryptnet.dll (Microsoft Corporation)
O20 - Winlogon\Notify\cscdll: DllName - cscdll.dll - C:\WINDOWS\system32\cscdll.dll (Microsoft Corporation)
O20 - Winlogon\Notify\dimsntfy: DllName - %SystemRoot%\System32\dimsntfy.dll - C:\WINDOWS\System32\dimsntfy.dll (Microsoft Corporation)
O20 - Winlogon\Notify\ScCertProp: DllName - wlnotify.dll - C:\WINDOWS\system32\wlnotify.dll (Microsoft Corporation)
O20 - Winlogon\Notify\Schedule: DllName - wlnotify.dll - C:\WINDOWS\system32\wlnotify.dll (Microsoft Corporation)
O20 - Winlogon\Notify\sclgntfy: DllName - sclgntfy.dll - C:\WINDOWS\system32\sclgntfy.dll (Microsoft Corporation)
O20 - Winlogon\Notify\SensLogn: DllName - WlNotify.dll - C:\WINDOWS\system32\WlNotify.dll (Microsoft Corporation)
O20 - Winlogon\Notify\termsrv: DllName - wlnotify.dll - C:\WINDOWS\system32\wlnotify.dll (Microsoft Corporation)
O20 - Winlogon\Notify\WgaLogon: DllName - WgaLogon.dll - C:\WINDOWS\system32\WgaLogon.dll (Microsoft Corporation)
O20 - Winlogon\Notify\wlballoon: DllName - wlnotify.dll - C:\WINDOWS\system32\wlnotify.dll (Microsoft Corporation)
O21 - SSODL: CDBurn - {fbeb8a05-beee-4442-804e-409d6c4515e9} - C:\WINDOWS\system32\SHELL32.dll (Microsoft Corporation)
O21 - SSODL: PostBootReminder - {7849596a-48ea-486e-8937-a2a3009f31a9} - C:\WINDOWS\system32\SHELL32.dll (Microsoft Corporation)
O21 - SSODL: SysTray - {35CEC8A3-2BE6-11D2-8773-92E220524153} - C:\WINDOWS\System32\stobject.dll (Microsoft Corporation)
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - C:\WINDOWS\system32\webcheck.dll (Microsoft Corporation)
O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll (Microsoft Corporation)
O22 - SharedTaskScheduler: {438755C2-A8BA-11D1-B96B-00A0C90312E1} - Browseui preloader - C:\WINDOWS\System32\browseui.dll (Microsoft Corporation)
O22 - SharedTaskScheduler: {8C7461EF-2B13-11d2-BE35-3078302C2030} - Component Categories cache daemon - C:\WINDOWS\System32\browseui.dll (Microsoft Corporation)
O24 - Desktop Components:0 (My Current Home Page) - About:Home
O27 - HKLM IFEO\Your Image File Name Here without a path: Debugger - C:\WINDOWS\System32\ntsd.exe (Microsoft Corporation)
O28 - HKLM ShellExecuteHooks: {091EB208-39DD-417D-A5DD-7E2C2D8FB9CB} - C:\Program Files\Windows Defender\MpShHook.dll (Microsoft Corporation)
O28 - HKLM ShellExecuteHooks: {5AE067D3-9AFB-48E0-853A-EBB7F4A000DA} - C:\Program Files\SUPERAntiSpyware\SASSEH.DLL (SuperAdBlocker.com)
O28 - HKLM ShellExecuteHooks: {AEB6717E-7E19-11d0-97EE-00C04FD91972} - C:\WINDOWS\system32\shell32.dll (Microsoft Corporation)
O29 - HKLM SecurityProviders - (msapsspc.dll) - C:\WINDOWS\system32\msapsspc.dll (Microsoft Corporation)
O29 - HKLM SecurityProviders - ( schannel.dll) - C:\WINDOWS\system32\schannel.dll (Microsoft Corporation)
O29 - HKLM SecurityProviders - ( digest.dll) - C:\WINDOWS\system32\digest.dll (Microsoft Corporation)
O29 - HKLM SecurityProviders - ( msnsspc.dll) - C:\WINDOWS\system32\msnsspc.dll (Microsoft Corporation)
O30 - LSA: Authentication Packages - (msv1_0) - C:\WINDOWS\System32\msv1_0.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (kerberos) - C:\WINDOWS\System32\kerberos.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (msv1_0) - C:\WINDOWS\System32\msv1_0.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (schannel) - C:\WINDOWS\System32\schannel.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (wdigest) - C:\WINDOWS\System32\wdigest.dll (Microsoft Corporation)
O31 - SafeBoot: AlternateShell - cmd.exe
O32 - HKLM CDRom: AutoRun - 1
O33 - MountPoints2\{416472cb-6bc7-11d9-a3e6-00904703ba36}\Shell\AutoRun\command - "" = G:\autorun.exe -- File not found
O33 - MountPoints2\{db0b081b-0a0a-11dc-aa84-00904703ba36}\Shell\AutoRun\command - "" = F:\setupSNK.exe -- File not found
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
========== Files/Folders - Created Within 30 Days ========== [4 C:\WINDOWS\System32\*.tmp files]
[1 C:\WINDOWS\*.tmp files]
[2009/03/22 14:46:36 | 00,499,200 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\James\Desktop\OTListIt2.exe
[2009/03/22 12:51:55 | 00,000,000 | ---D | C] -- C:\Program Files\Trend Micro
[2009/03/22 12:06:47 | 00,000,000 | ---D | C] -- C:\Program Files\Eek! Records
[2009/03/22 12:05:05 | 00,000,000 | ---D | C] -- C:\Program Files\MSBuild
[2009/03/22 12:00:29 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\XPSViewer
[2009/03/22 11:58:43 | 00,000,000 | ---D | C] -- C:\Program Files\Reference Assemblies
[2009/03/22 11:54:08 | 00,014,048 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\spmsg2.dll
[2009/03/22 11:54:06 | 00,000,000 | ---D | C] -- C:\WINDOWS\LastGood
[2009/03/21 13:11:36 | 21,464,88320 | -HS- | C] () -- C:\hiberfil.sys
[2009/03/20 22:15:58 | 00,000,000 | ---D | C] -- C:\Documents and Settings\James\My Documents\Updater
[2009/03/19 22:34:33 | 00,016,384 | ---- | C] () -- C:\WINDOWS\System32\FileOps.exe
[2009/03/19 22:34:33 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\Adobe
[2009/03/15 17:41:02 | 00,000,000 | ---D | C] -- C:\Documents and Settings\James\Application Data\SoundSpectrum
[2009/03/15 02:27:58 | 00,000,000 | ---D | C] -- C:\Program Files\SoundSpectrum
[2009/03/15 01:28:42 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\{00D89592-F643-4D8D-8F0F-AFAE0F14D4C3}
[2009/03/14 15:50:08 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Comodo
[2009/03/14 15:50:07 | 00,155,384 | ---- | C] () -- C:\WINDOWS\System32\guard32.dll
[2009/03/14 15:50:07 | 00,110,992 | ---- | C] (COMODO) -- C:\WINDOWS\System32\drivers\cmdguard.sys
[2009/03/14 15:50:07 | 00,080,400 | ---- | C] (COMODO) -- C:\WINDOWS\System32\drivers\inspect.sys
[2009/03/14 15:50:07 | 00,024,336 | ---- | C] (COMODO) -- C:\WINDOWS\System32\drivers\cmdhlp.sys
[2009/03/14 15:50:03 | 00,000,000 | ---D | C] -- C:\Program Files\COMODO
[2009/03/13 19:16:44 | 00,000,120 | ---- | C] () -- C:\WINDOWS\CIS_Setup_3.8.65951.477_XP_Vista_x32.INI
[2009/03/13 01:08:13 | 00,142,592 | ---- | C] () -- C:\WINDOWS\System32\drivers\sp_rsdrv2.sys
[2009/03/13 01:08:11 | 00,000,000 | ---D | C] -- C:\Documents and Settings\James\Application Data\Spyware Terminator
[2009/03/13 01:08:06 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Spyware Terminator
[2009/03/13 01:08:05 | 00,000,000 | ---D | C] -- C:\Program Files\Spyware Terminator
[2009/03/13 00:55:16 | 00,153,104 | ---- | C] (Trend Micro Inc.) -- C:\WINDOWS\System32\drivers\tmcomm.sys
[2009/03/13 00:36:44 | 00,000,000 | ---D | C] -- C:\Documents and Settings\James\Application Data\Malwarebytes
[2009/03/13 00:36:42 | 00,015,504 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbam.sys
[2009/03/13 00:36:39 | 00,038,496 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbamswissarmy.sys
[2009/03/13 00:36:38 | 00,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware
[2009/03/13 00:36:38 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Malwarebytes
[2009/03/12 22:25:01 | 00,000,000 | ---D | C] -- C:\Program Files\EsetOnlineScanner
[2009/03/11 22:17:57 | 00,000,455 | ---- | C] () -- C:\WINDOWS\wininit.ini
========== Files - Modified Within 30 Days ========== [1 C:\*.tmp files]
[4 C:\WINDOWS\System32\*.tmp files]
[1 C:\WINDOWS\*.tmp files]
[2009/03/22 14:46:39 | 00,499,200 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\James\Desktop\OTListIt2.exe
[2009/03/22 12:11:32 | 00,072,696 | ---- | M] () -- C:\Documents and Settings\James\Local Settings\Application Data\GDIPFONTCACHEV1.DAT
[2009/03/22 12:05:38 | 00,519,878 | ---- | M] () -- C:\WINDOWS\System32\PerfStringBackup.INI
[2009/03/22 12:05:38 | 00,441,932 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
[2009/03/22 12:05:38 | 00,071,424 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
[2009/03/22 11:36:14 | 00,000,366 | ---- | M] () -- C:\WINDOWS\tasks\Symantec NetDetect.job
[2009/03/22 10:57:35 | 00,000,330 | -H-- | M] () -- C:\WINDOWS\tasks\MP Scheduled Scan.job
[2009/03/22 10:54:39 | 00,002,206 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2009/03/22 10:54:03 | 00,000,006 | -H-- | M] () -- C:\WINDOWS\tasks\SA.DAT
[2009/03/22 10:53:53 | 00,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2009/03/22 10:53:52 | 21,464,88320 | -HS- | M] () -- C:\hiberfil.sys
[2009/03/22 01:35:32 | 00,024,888 | ---- | M] () -- C:\WINDOWS\System32\BMXCtrlState-{00000002-00000000-00000000-00001102-00000004-00511102}.rfx
[2009/03/22 01:35:32 | 00,024,888 | ---- | M] () -- C:\WINDOWS\System32\BMXBkpCtrlState-{00000002-00000000-00000000-00001102-00000004-00511102}.rfx
[2009/03/22 01:35:32 | 00,019,088 | ---- | M] () -- C:\WINDOWS\System32\BMXStateBkp-{00000002-00000000-00000000-00001102-00000004-00511102}.rfx
[2009/03/22 01:35:32 | 00,019,088 | ---- | M] () -- C:\WINDOWS\System32\BMXState-{00000002-00000000-00000000-00001102-00000004-00511102}.rfx
[2009/03/22 01:35:32 | 00,001,072 | ---- | M] () -- C:\WINDOWS\System32\settingsbkup.sfm
[2009/03/22 01:35:32 | 00,001,072 | ---- | M] () -- C:\WINDOWS\System32\settings.sfm
[2009/03/22 01:35:32 | 00,000,024 | ---- | M] () -- C:\WINDOWS\System32\DVCStateBkp-{00000002-00000000-00000000-00001102-00000004-00511102}.dat
[2009/03/22 01:35:32 | 00,000,024 | ---- | M] () -- C:\WINDOWS\System32\DVCState-{00000002-00000000-00000000-00001102-00000004-00511102}.dat
[2009/03/20 07:47:23 | 00,004,095 | ---- | M] () -- C:\WINDOWS\cdplayer.ini
[2009/03/20 00:08:43 | 01,552,536 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2009/03/19 23:27:20 | 00,053,248 | ---- | M] () -- C:\WINDOWS\System32\pxhpinst.exe
[2009/03/18 22:00:03 | 00,007,680 | ---- | M] () -- C:\Documents and Settings\James\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2009/03/15 16:54:04 | 00,000,040 | ---- | M] () -- C:\WINDOWS\nero.INI
[2009/03/14 15:50:03 | 00,155,384 | ---- | M] () -- C:\WINDOWS\System32\guard32.dll
[2009/03/14 15:50:02 | 00,110,992 | ---- | M] (COMODO) -- C:\WINDOWS\System32\drivers\cmdguard.sys
[2009/03/14 15:50:02 | 00,080,400 | ---- | M] (COMODO) -- C:\WINDOWS\System32\drivers\inspect.sys
[2009/03/14 15:50:02 | 00,024,336 | ---- | M] (COMODO) -- C:\WINDOWS\System32\drivers\cmdhlp.sys
[2009/03/13 19:34:03 | 00,002,626 | ---- | M] () -- C:\WINDOWS\System32\CONFIG.NT
[2009/03/13 19:16:44 | 00,000,120 | ---- | M] () -- C:\WINDOWS\CIS_Setup_3.8.65951.477_XP_Vista_x32.INI
[2009/03/13 01:08:14 | 00,142,592 | ---- | M] () -- C:\WINDOWS\System32\drivers\sp_rsdrv2.sys
[2009/03/13 00:55:15 | 00,153,104 | ---- | M] (Trend Micro Inc.) -- C:\WINDOWS\System32\drivers\tmcomm.sys
[2009/03/12 22:18:24 | 00,000,455 | ---- | M] () -- C:\WINDOWS\wininit.ini
[2009/03/12 22:08:16 | 00,302,790 | R--- | M] () -- C:\WINDOWS\System32\drivers\etc\hosts
[2009/03/12 07:45:48 | 00,006,456 | -H-- | M] () -- C:\WINDOWS\System32\hilevoya
[2009/03/10 22:19:21 | 00,014,336 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\svchost.exe
[2009/03/10 22:19:21 | 00,014,336 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\svchost.exe
[2009/03/10 20:17:54 | 00,009,662 | ---- | M] () -- C:\WINDOWS\EPISME00.SWB
[2009/03/08 18:18:00 | 00,000,270 | ---- | M] () -- C:\WINDOWS\tasks\Uniblue SpeedUpMyPC Nag.job
========== LOP Check ========== [2009/03/19 20:03:46 | 00,000,000 | RH-D | M] -- C:\Documents and Settings\All Users\Application Data
[2009/03/15 01:29:09 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\{00D89592-F643-4D8D-8F0F-AFAE0F14D4C3}
[2007/02/22 14:32:17 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Ableton
[2009/03/19 21:22:52 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Adobe
[2006/12/30 15:32:13 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Adobe Systems
[2009/02/07 23:05:18 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Apple
[2009/03/15 02:33:28 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Apple Computer
[2004/12/20 17:44:44 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\CA
[2007/08/03 14:36:23 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Cakewalk
[2009/03/14 15:53:56 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Comodo
[2003/12/23 11:43:47 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\CyberLink
[2005/06/08 11:44:33 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\DVD Shrink
[2004/12/02 17:16:40 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Fellowes
[2009/03/19 19:37:24 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\FLEXnet
[2004/11/03 15:21:20 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Justsystem
[2003/12/25 21:16:41 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Kodak
[2009/01/11 14:16:31 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Line 6
[2004/01/03 12:05:02 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Macromedia
[2003/12/26 14:06:04 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Macrovision
[2009/03/13 00:36:38 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Malwarebytes
[2009/02/11 21:01:30 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\MediaMonkey
[2007/01/03 23:58:59 | 00,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Application Data\Microsoft
[2005/06/08 19:32:50 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Minnetonka Audio Software
[2004/09/18 22:27:01 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\MSN6
[2004/10/09 01:54:07 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\nView_Profiles
[2005/03/29 13:45:05 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\PACE Anti-Piracy
[2005/04/23 22:43:47 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Pinnacle
[2005/03/13 03:08:30 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\pixelStorm
[2004/01/07 12:01:33 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Propellerhead Software
[2003/12/24 11:50:32 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\QuickTime
[2006/02/06 00:32:12 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Skype
[2009/03/21 13:26:10 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy
[2009/03/21 09:07:20 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Spyware Terminator
[2009/01/11 11:07:02 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\SUPERAntiSpyware.com
[2006/02/26 23:30:43 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Symantec
[2005/08/28 23:39:09 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Wait stupid audio bone
[2006/04/26 09:23:41 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Windows Genuine Advantage
[2009/03/15 17:41:02 | 00,000,000 | RH-D | M] -- C:\Documents and Settings\James\Application Data
[2007/02/22 14:32:17 | 00,000,000 | ---D | M] -- C:\Documents and Settings\James\Application Data\Ableton
[2004/10/21 14:16:53 | 00,000,000 | ---D | M] -- C:\Documents and Settings\James\Application Data\Active Disk
[2009/03/19 23:17:48 | 00,000,000 | ---D | M] -- C:\Documents and Settings\James\Application Data\Adobe
[2007/09/15 19:12:36 | 00,000,000 | ---D | M] -- C:\Documents and Settings\James\Application Data\AdobeUM
[2006/04/19 13:17:19 | 00,000,000 | ---D | M] -- C:\Documents and Settings\James\Application Data\Allume Systems
[2006/02/08 16:36:22 | 00,000,000 | ---D | M] -- C:\Documents and Settings\James\Application Data\Apple Computer
[2004/05/12 11:40:14 | 00,000,000 | ---D | M] -- C:\Documents and Settings\James\Application Data\Applied Acoustics Systems
[2004/11/05 17:17:17 | 00,000,000 | ---D | M] -- C:\Documents and Settings\James\Application Data\ArcSoft
[2007/04/30 22:03:04 | 00,000,000 | ---D | M] -- C:\Documents and Settings\James\Application Data\Cakewalk
[2008/04/05 16:21:10 | 00,000,000 | ---D | M] -- C:\Documents and Settings\James\Application Data\ConvertTemp
[2008/05/24 14:30:11 | 00,000,000 | ---D | M] -- C:\Documents and Settings\James\Application Data\Creative
[2005/04/09 12:18:05 | 00,000,000 | ---D | M] -- C:\Documents and Settings\James\Application Data\Cycling '74
[2004/10/30 00:36:45 | 00,000,000 | ---D | M] -- C:\Documents and Settings\James\Application Data\Digidesign
[2009/03/06 22:01:25 | 00,000,000 | ---D | M] -- C:\Documents and Settings\James\Application Data\FileZilla
[2007/02/03 00:38:09 | 00,000,000 | ---D | M] -- C:\Documents and Settings\James\Application Data\GetRightToGo
[2005/07/17 15:48:05 | 00,000,000 | ---D | M] -- C:\Documents and Settings\James\Application Data\Google
[2004/01/30 20:24:05 | 00,000,000 | ---D | M] -- C:\Documents and Settings\James\Application Data\Help
[2007/04/26 20:52:27 | 00,000,000 | ---D | M] -- C:\Documents and Settings\James\Application Data\ICQLite
[2007/04/30 22:03:04 | 00,000,000 | ---D | M] -- C:\Documents and Settings\James\Application Data\Identities
[2004/01/12 22:16:35 | 00,000,000 | ---D | M] -- C:\Documents and Settings\James\Application Data\Kazaa Lite
[2004/09/20 22:31:35 | 00,000,000 | ---D | M] -- C:\Documents and Settings\James\Application Data\Kontiki
[2008/05/24 14:53:33 | 00,000,000 | ---D | M] -- C:\Documents and Settings\James\Application Data\Line 6
[2006/12/25 13:08:50 | 00,000,000 | ---D | M] -- C:\Documents and Settings\James\Application Data\Lionhead Studios
[2009/03/19 23:45:27 | 00,000,000 | ---D | M] -- C:\Documents and Settings\James\Application Data\Macromedia
[2005/01/30 01:33:50 | 00,000,000 | ---D | M] -- C:\Documents and Settings\James\Application Data\Mail Atom Mapi
[2009/03/13 00:36:44 | 00,000,000 | ---D | M] -- C:\Documents and Settings\James\Application Data\Malwarebytes
[2006/11/27 21:04:34 | 00,000,000 | ---D | M] -- C:\Documents and Settings\James\Application Data\Media Player Classic
[2008/02/05 12:06:34 | 00,000,000 | --SD | M] -- C:\Documents and Settings\James\Application Data\Microsoft
[2007/07/28 20:38:10 | 00,000,000 | ---D | M] -- C:\Documents and Settings\James\Application Data\Mount&Blade
[2008/09/24 11:04:59 | 00,000,000 | ---D | M] -- C:\Documents and Settings\James\Application Data\Mozilla
[2004/09/18 22:27:01 | 00,000,000 | ---D | M] -- C:\Documents and Settings\James\Application Data\MSN6
[2005/03/29 13:45:05 | 00,000,000 | ---D | M] -- C:\Documents and Settings\James\Application Data\PACE Anti-Piracy
[2004/01/13 00:11:58 | 00,000,000 | ---D | M] -- C:\Documents and Settings\James\Application Data\Propellerhead Software
[2009/01/11 12:35:06 | 00,000,000 | ---D | M] -- C:\Documents and Settings\James\Application Data\Real
[2008/12/17 22:11:34 | 00,000,000 | ---D | M] -- C:\Documents and Settings\James\Application Data\Samsung
[2006/12/04 23:58:28 | 00,000,000 | ---D | M] -- C:\Documents and Settings\James\Application Data\Skype
[2004/01/14 18:46:46 | 00,000,000 | ---D | M] -- C:\Documents and Settings\James\Application Data\Sonic Foundry
[2009/03/21 23:06:02 | 00,000,000 | ---D | M] -- C:\Documents and Settings\James\Application Data\SoundSpectrum
[2009/03/21 09:06:34 | 00,000,000 | ---D | M] -- C:\Documents and Settings\James\Application Data\Spyware Terminator
[2005/04/24 15:07:13 | 00,000,000 | ---D | M] -- C:\Documents and Settings\James\Application Data\Steinberg
[2005/07/10 11:06:04 | 00,000,000 | ---D | M] -- C:\Documents and Settings\James\Application Data\Sun
[2009/01/11 11:06:36 | 00,000,000 | ---D | M] -- C:\Documents and Settings\James\Application Data\SUPERAntiSpyware.com
[2003/12/25 19:25:33 | 00,000,000 | ---D | M] -- C:\Documents and Settings\James\Application Data\Symantec
[2006/09/06 16:48:22 | 00,000,000 | ---D | M] -- C:\Documents and Settings\James\Application Data\Teleca
[2003/12/24 15:24:33 | 00,000,000 | ---D | M] -- C:\Documents and Settings\James\Application Data\Template
[2008/04/05 16:21:10 | 00,000,000 | ---D | M] -- C:\Documents and Settings\James\Application Data\Temporary
[2008/12/17 22:14:21 | 00,000,000 | ---D | M] -- C:\Documents and Settings\James\Application Data\TransRender
[2008/01/13 18:24:22 | 00,000,000 | ---D | M] -- C:\Documents and Settings\James\Application Data\Uniblue
[2008/09/05 00:25:50 | 00,000,000 | ---D | M] -- C:\Documents and Settings\James\Application Data\vlc
[2005/05/30 00:54:56 | 00,000,000 | ---D | M] -- C:\Documents and Settings\James\Application Data\Yahoo! Messenger
[2002/09/03 16:46:18 | 00,000,065 | RH-- | M] () -- C:\WINDOWS\Tasks\desktop.ini
[2009/03/22 10:57:35 | 00,000,330 | -H-- | M] () -- C:\WINDOWS\Tasks\MP Scheduled Scan.job
[2009/03/22 10:54:03 | 00,000,006 | -H-- | M] () -- C:\WINDOWS\Tasks\SA.DAT
[2009/03/22 11:36:14 | 00,000,366 | ---- | M] () -- C:\WINDOWS\Tasks\Symantec NetDetect.job
[2009/03/08 18:18:00 | 00,000,270 | ---- | M] () -- C:\WINDOWS\Tasks\Uniblue SpeedUpMyPC Nag.job
[2008/01/13 18:07:05 | 00,000,392 | ---- | M] () -- C:\WINDOWS\Tasks\Uniblue SpeedUpMyPC.job
========== Purity Check ========== ========== Alternate Data Streams ========== @Alternate Data Stream - 970 bytes -> C:\Documents and Settings\All Users\Application Data\Microsoft:9xXFpu12yTUR6rykeq0sNDk
@Alternate Data Stream - 962 bytes -> C:\Documents and Settings\All Users\Application Data\Microsoft:4gAWMkHQSSBnH1g2legNCzFIrv46
@Alternate Data Stream - 1119 bytes -> C:\Documents and Settings\All Users\Application Data\Microsoft:Q35k6ej81ti2GzQfE
@Alternate Data Stream - 1094 bytes -> C:\Documents and Settings\All Users\Application Data\Microsoft:gncva2WDUkYd5eO98GUbm
< End of report >