Symptoms appear to be:
- redirecting google search result clicks to various ad sites
- preventing the downloading or updating of various AV tools
- preventing access to windows updates
- shutting down of browsers (and possibly windows explorer)
I have run the preparatory processes on the Malware and Spyware Cleaning guide, except for:
- Rooter.exe - I cannot download it, just get a message that bandwidth exceeded
- Windows updates - blocked
Avast has found nothing.
Malwarebytes found two problems with notifications in Windows Security Centre, and fixed them.
My OTList2 log:
OTListIt logfile created on: 2/04/2009 4:21:50 AM - Run 1
OTListIt2 by OldTimer - Version 2.0.8.0 Folder = C:\Documents and Settings\Linda Jeffery\Desktop
Windows XP Home Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 6.0.2900.5512)
Locale: 00000C09 | Country: Australia | Language: ENA | Date Format: d/MM/yyyy
1.99 Gb Total Physical Memory | 1.34 Gb Available Physical Memory | 67.54% Memory free
2.58 Gb Paging File | 1.95 Gb Available in Paging File | 75.80% Paging File free
Paging file location(s): C:\pagefile.sys 756 1512;
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 66.88 Gb Total Space | 6.98 Gb Free Space | 10.44% Space Free | Partition Type: NTFS
Drive D: | 6.64 Gb Total Space | 0.69 Gb Free Space | 10.36% Space Free | Partition Type: FAT32
E: Drive not present or media not loaded
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded
Computer Name: LINDATRADING
Current User Name: Linda Jeffery
Logged in as Administrator.
Current Boot Mode: Normal
Scan Mode: Current user
Output = Minimal
File Age = 30 Days
Company Name Whitelist: On
========== Processes (SafeList) ==========
PRC - C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe (Intel Corporation )
PRC - C:\Program Files\Juniper\NetScreen-Remote\IPSecMon.exe (SafeNet)
PRC - C:\Program Files\Juniper\NetScreen-Remote\IreIKE.exe (SafeNet)
PRC - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe (ALWIL Software)
PRC - C:\Program Files\Alwil Software\Avast4\ashServ.exe (ALWIL Software)
PRC - C:\Program Files\TortoiseSVN\bin\TSVNCache.exe (http://tortoisesvn.net)
PRC - C:\Program Files\Adobe\Adobe Version Cue CS2\bin\VersionCueCS2.exe (Adobe Systems Incorporated)
PRC - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe (Apple, Inc.)
PRC - C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe (Broadcom Corporation.)
PRC - C:\Program Files\Intel\Wireless\Bin\EvtEng.exe (Intel Corporation)
PRC - C:\Program Files\Common Files\LightScribe\LSSrvc.exe (Hewlett-Packard Company)
PRC - C:\Program Files\AhsayOBM\aua\bin\AuaObm.exe ()
PRC - C:\Program Files\AhsayOBM\bin\Scheduler.exe ()
PRC - C:\Program Files\AhsayOBM\aua\jvm\bin\AuaObmJW.exe (Sun Microsystems, Inc.)
PRC - C:\Program Files\AhsayOBM\jvm\bin\SchedulerOBM.exe (Sun Microsystems, Inc.)
PRC - C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe (Intel Corporation)
PRC - C:\WINDOWS\system32\wdfmgr.exe (Microsoft Corporation)
PRC - C:\Program Files\Sonic\DigitalMedia Plus v7\MyDVD Plus\USBDeviceService.exe ()
PRC - C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe (Hewlett-Packard Development Company, L.P.)
PRC - C:\Program Files\Sonic\DigitalMedia Plus v7\MyDVD Plus\DetectorApp.exe ()
PRC - C:\Program Files\Synaptics\SynTP\SynTPEnh.exe (Synaptics, Inc.)
PRC - C:\Program Files\Adobe\Adobe Version Cue CS2\data\database\bin\mysqld-nt.exe ()
PRC - C:\Program Files\hpq\HP Wireless Assistant\HP Wireless Assistant.exe (Hewlett-Packard Development Company, L.P.)
PRC - C:\Program Files\Hp\HP Software Update\HPWuSchd2.exe (Hewlett-Packard Co.)
PRC - C:\Program Files\HP\QuickPlay\QPService.exe (CyberLink Corp.)
PRC - C:\Program Files\HPQ\Quick Launch Buttons\EabServr.exe (Hewlett-Packard )
PRC - C:\WINDOWS\system32\wbem\wmiprvse.exe (Microsoft Corporation)
PRC - C:\Program Files\Adobe\Adobe Version Cue\ControlPanel\VersionCueTray.exe (Adobe Systems)
PRC - C:\Program Files\Adobe\Acrobat 7.0\Distillr\Acrotray.exe (Adobe Systems Inc.)
PRC - C:\Program Files\Adobe\Adobe Version Cue CS2\ControlPanel\VersionCueCS2Tray.exe (Adobe Sytems Incorporated)
PRC - C:\Program Files\AhsayOBM\bin\SystemTray.exe ()
PRC - C:\Program Files\Intel\Wireless\bin\ZCfgSvc.exe (Intel Corporation)
PRC - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe (ALWIL Software)
PRC - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe (ALWIL Software)
PRC - C:\Program Files\HPQ\Shared\HpqToaster.exe ()
PRC - C:\Program Files\Intel\Wireless\Bin\ifrmewrk.exe (Intel Corporation)
PRC - C:\WINDOWS\system32\igfxtray.exe (Intel Corporation)
PRC - C:\WINDOWS\system32\wscntfy.exe (Microsoft Corporation)
PRC - C:\WINDOWS\explorer.exe (Microsoft Corporation)
PRC - C:\Program Files\Intel\Wireless\Bin\Dot1XCfg.exe (Intel Corporation)
PRC - C:\WINDOWS\system32\cidaemon.exe (Microsoft Corporation)
PRC - C:\WINDOWS\system32\cidaemon.exe (Microsoft Corporation)
PRC - C:\Program Files\Alwil Software\Avast4\setup\avast.setup ()
PRC - C:\Documents and Settings\Linda Jeffery\Desktop\OTListIt2.exe (OldTimer Tools)
========== Win32 Services (SafeList) ==========
SRV - (Adobe LM Service [On_Demand | Stopped]) -- C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe (Adobe Systems)
SRV - (Adobe Version Cue CS2 [Auto | Running]) -- C:\Program Files\Adobe\Adobe Version Cue CS2\bin\VersionCueCS2.exe (Adobe Systems Incorporated)
SRV - (AdobeVersionCue [On_Demand | Stopped]) -- C:\Program Files\Adobe\Adobe Version Cue\service\VersionCue.exe (Adobe Sytems)
SRV - (Apple Mobile Device [Auto | Running]) -- C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe (Apple, Inc.)
SRV - (aspnet_state [On_Demand | Stopped]) -- C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe (Microsoft Corporation)
SRV - (aswUpdSv [Auto | Running]) -- C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe (ALWIL Software)
SRV - (avast! Antivirus [Auto | Running]) -- C:\Program Files\Alwil Software\Avast4\ashServ.exe (ALWIL Software)
SRV - (avast! Mail Scanner [On_Demand | Running]) -- C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe (ALWIL Software)
SRV - (avast! Web Scanner [On_Demand | Running]) -- C:\Program Files\Alwil Software\Avast4\ashWebSv.exe (ALWIL Software)
SRV - (btwdins [Auto | Running]) -- C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe (Broadcom Corporation.)
SRV - (clr_optimization_v2.0.50727_32 [On_Demand | Stopped]) -- C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe (Microsoft Corporation)
SRV - (EvtEng [Auto | Running]) -- C:\Program Files\Intel\Wireless\Bin\EvtEng.exe (Intel Corporation)
SRV - (gusvc [On_Demand | Stopped]) -- C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe (Google)
SRV - (helpsvc [Auto | Running]) -- C:\WINDOWS\PCHealth\HelpCtr\Binaries\pchsvc.dll (Microsoft Corporation)
SRV - (hpqwmi [On_Demand | Stopped]) -- C:\Program Files\HPQ\Shared\hpqwmi.exe (Hewlett-Packard Development Company, L.P.)
SRV - (hpqwmiex [Auto | Running]) -- C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe (Hewlett-Packard Development Company, L.P.)
SRV - (IDriverT [On_Demand | Stopped]) -- C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe (Macrovision Corporation)
SRV - (IPSECMON [Auto | Running]) -- C:\Program Files\Juniper\NetScreen-Remote\IPSecMon.exe (SafeNet)
SRV - (IreIKE [Auto | Running]) -- C:\Program Files\Juniper\NetScreen-Remote\IreIKE.exe (SafeNet)
SRV - (LightScribeService [Auto | Running]) -- C:\Program Files\Common Files\LightScribe\LSSrvc.exe (Hewlett-Packard Company)
SRV - (OBAutoUpdate [Auto | Running]) -- C:\Program Files\AhsayOBM\aua\bin\AuaObm.exe ()
SRV - (OBScheduler [Auto | Running]) -- C:\Program Files\AhsayOBM\bin\Scheduler.exe ()
SRV - (ose [On_Demand | Stopped]) -- C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE (Microsoft Corporation)
SRV - (Pml Driver HPZ12 [Auto | Running]) -- C:\WINDOWS\system32\hpzipm12.dll (Hewlett-Packard)
SRV - (RegSrvc [Auto | Running]) -- C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe (Intel Corporation)
SRV - (S24EventMonitor [Auto | Running]) -- C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe (Intel Corporation )
SRV - (ServiceLayer [On_Demand | Stopped]) -- C:\Program Files\PC Connectivity Solution\ServiceLayer.exe (Nokia.)
SRV - (UMWdf [Auto | Running]) -- C:\WINDOWS\system32\wdfmgr.exe (Microsoft Corporation)
SRV - (USBDeviceService [Auto | Running]) -- C:\Program Files\Sonic\DigitalMedia Plus v7\MyDVD Plus\USBDeviceService.exe ()
========== Driver Services (SafeList) ==========
DRV - (Aavmker4 [System | Running]) -- C:\WINDOWS\System32\drivers\aavmker4.sys (ALWIL Software)
DRV - (AegisP [Auto | Running]) -- C:\WINDOWS\system32\DRIVERS\AegisP.sys (Cisco Systems, Inc.)
DRV - (AliIde [Boot | Running]) -- C:\WINDOWS\system32\DRIVERS\aliide.sys (Acer Laboratories Inc.)
DRV - (aswFsBlk [Auto | Running]) -- C:\WINDOWS\system32\DRIVERS\aswFsBlk.sys (ALWIL Software)
DRV - (aswMon2 [Auto | Running]) -- C:\WINDOWS\System32\drivers\aswmon2.sys (ALWIL Software)
DRV - (aswRdr [On_Demand | Running]) -- C:\WINDOWS\System32\drivers\aswRdr.sys (ALWIL Software)
DRV - (aswSP [System | Running]) -- C:\WINDOWS\System32\drivers\aswSP.sys (ALWIL Software)
DRV - (aswTdi [System | Running]) -- C:\WINDOWS\System32\drivers\aswTdi.sys (ALWIL Software)
DRV - (btaudio [On_Demand | Running]) -- C:\WINDOWS\system32\drivers\btaudio.sys (Broadcom Corporation.)
DRV - (BTDriver [On_Demand | Running]) -- C:\WINDOWS\system32\DRIVERS\btport.sys (Broadcom Corporation.)
DRV - (BTKRNL [On_Demand | Running]) -- C:\WINDOWS\system32\DRIVERS\btkrnl.sys (Broadcom Corporation.)
DRV - (BTWDNDIS [On_Demand | Running]) -- C:\WINDOWS\system32\DRIVERS\btwdndis.sys (Broadcom Corporation.)
DRV - (BTWUSB [On_Demand | Running]) -- C:\WINDOWS\System32\Drivers\btwusb.sys (Broadcom Corporation.)
DRV - (CoachAud [On_Demand | Stopped]) -- C:\WINDOWS\system32\DRIVERS\CoachAud.sys (FotoNation Inc.)
DRV - (CoachUsb [On_Demand | Stopped]) -- C:\WINDOWS\system32\DRIVERS\CoachUsb.sys (FotoNation Inc.)
DRV - (CoachVid [On_Demand | Stopped]) -- C:\WINDOWS\system32\DRIVERS\CoachVid.sys (FotoNation Inc.)
DRV - (Crypto [Auto | Running]) -- C:\WINDOWS\system32\Drivers\Crypto.sys (SafeNet)
DRV - (DNE [On_Demand | Running]) -- C:\WINDOWS\system32\DRIVERS\dne2000.sys (Deterministic Networks, Inc.)
DRV - (DniVap [On_Demand | Running]) -- C:\WINDOWS\system32\DRIVERS\vap.sys (Deterministic Networks Inc.)
DRV - (E100B [On_Demand | Running]) -- C:\WINDOWS\system32\DRIVERS\e100b325.sys (Intel Corporation)
DRV - (eabfiltr [System | Running]) -- C:\WINDOWS\system32\drivers\EABFiltr.sys (Hewlett-Packard Development Company, L.P.)
DRV - (eabusb [On_Demand | Stopped]) -- C:\WINDOWS\system32\drivers\eabusb.sys (Hewlett-Packard Development Company, L.P.)
DRV - (eeCtrl [System | Running]) -- C:\Program Files\Common Files\Symantec Shared\EENGINE\eeCtrl.sys (Symantec Corporation)
DRV - (HdAudAddService [On_Demand | Running]) -- C:\WINDOWS\system32\drivers\CHDAud.sys (Conexant Systems Inc.)
DRV - (HDAudBus [On_Demand | Running]) -- C:\WINDOWS\system32\DRIVERS\HDAudBus.sys (Windows ® Server 2003 DDK provider)
DRV - (HSFHWAZL [On_Demand | Running]) -- C:\WINDOWS\system32\DRIVERS\HSFHWAZL.sys (Conexant Systems, Inc.)
DRV - (HSF_DPV [On_Demand | Running]) -- C:\WINDOWS\system32\DRIVERS\HSF_DPV.sys (Conexant Systems, Inc.)
DRV - (hwdatacard [On_Demand | Stopped]) -- C:\WINDOWS\system32\DRIVERS\ewusbmdm.sys (Huawei Technologies Co., Ltd.)
DRV - (ialm [On_Demand | Running]) -- C:\WINDOWS\system32\DRIVERS\igxpmp32.sys (Intel Corporation)
DRV - (iaStor [Boot | Running]) -- C:\WINDOWS\System32\DRIVERS\iaStor.sys (Intel Corporation)
DRV - (IPSECDRV [System | Running]) -- C:\WINDOWS\system32\Drivers\IPSECDRV.sys (SafeNet)
DRV - (mdmxsdk [Auto | Running]) -- C:\WINDOWS\system32\DRIVERS\mdmxsdk.sys (Conexant)
DRV - (Mvc25U870_VID_1262&PID_25FD [On_Demand | Running]) -- C:\WINDOWS\System32\Drivers\Mvc25U870.sys (Micro Vision Co.,Ltd)
DRV - (NETw4x32 [On_Demand | Running]) -- C:\WINDOWS\system32\DRIVERS\NETw4x32.sys (Intel Corporation)
DRV - (nmwcd [On_Demand | Stopped]) -- C:\WINDOWS\system32\drivers\ccdcmb.sys (Nokia)
DRV - (nmwcdc [On_Demand | Stopped]) -- C:\WINDOWS\system32\drivers\ccdcmbo.sys (Nokia)
DRV - (nmwcdnsu [On_Demand | Stopped]) -- C:\WINDOWS\system32\drivers\nmwcdnsu.sys (Nokia)
DRV - (nmwcdnsuc [On_Demand | Stopped]) -- C:\WINDOWS\system32\drivers\nmwcdnsuc.sys (Nokia)
DRV - (pccsmcfd [On_Demand | Stopped]) -- C:\WINDOWS\system32\DRIVERS\pccsmcfd.sys (Nokia)
DRV - (Ptilink [On_Demand | Running]) -- C:\WINDOWS\system32\DRIVERS\ptilink.sys (Parallel Technologies, Inc.)
DRV - (PxHelp20 [Boot | Running]) -- C:\WINDOWS\System32\Drivers\PxHelp20.sys (Sonic Solutions)
DRV - (rimmptsk [On_Demand | Running]) -- C:\WINDOWS\system32\DRIVERS\rimmptsk.sys (REDC)
DRV - (rimsptsk [On_Demand | Running]) -- C:\WINDOWS\system32\DRIVERS\rimsptsk.sys (REDC)
DRV - (rismxdp [On_Demand | Running]) -- C:\WINDOWS\system32\DRIVERS\rixdptsk.sys (REDC)
DRV - (s24trans [Auto | Running]) -- C:\WINDOWS\system32\DRIVERS\s24trans.sys (Intel Corporation)
DRV - (Secdrv [On_Demand | Stopped]) -- C:\WINDOWS\system32\DRIVERS\secdrv.sys (Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K.)
DRV - (SMCIRDA [On_Demand | Stopped]) -- C:\WINDOWS\system32\DRIVERS\smcirda.sys (SMC)
DRV - (SynTP [On_Demand | Running]) -- C:\WINDOWS\system32\DRIVERS\SynTP.sys (Synaptics, Inc.)
DRV - (upperdev [On_Demand | Stopped]) -- C:\WINDOWS\system32\DRIVERS\usbser_lowerflt.sys (Windows ® Codename Longhorn DDK provider)
DRV - (usbser [On_Demand | Stopped]) -- C:\WINDOWS\system32\drivers\usbser.sys (Microsoft Corporation)
DRV - (UsbserFilt [On_Demand | Stopped]) -- C:\WINDOWS\system32\DRIVERS\usbser_lowerfltj.sys (Windows ® Codename Longhorn DDK provider)
DRV - (w39n51 [On_Demand | Stopped]) -- C:\WINDOWS\system32\DRIVERS\w39n51.sys (Intel® Corporation)
DRV - (winachsf [On_Demand | Running]) -- C:\WINDOWS\system32\DRIVERS\HSF_CNXT.sys (Conexant Systems, Inc.)
========== Standard Registry (SafeList) ==========
========== Internet Explorer ==========
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://ie.redirect.h...a...n&pf=laptop
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.google.com/ie
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft...amp;ar=iesearch
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.microsoft...p...ER}&ar=home
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,CustomizeSearch = http://ie.search.msn...st/srchcust.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL = http://www.google.com/ie
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.google.com/ie
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\WINDOWS\system32\blank.htm
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.google.com
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com.au/
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.google.com/ie
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
========== FireFox ==========
FF - prefs.js..browser.search.selectedEngine: "Confluence"
FF - prefs.js..browser.search.useDBForOrder: true
FF - prefs.js..browser.startup.homepage: "http://www.google.com.au/"
FF - HKLM\software\mozilla\Firefox\Extensions\\[email protected]: C:\PROGRAM FILES\NOKIA\NOKIA PC SUITE 7\BKMRKSYNC\ [2009/01/12 23:37:46 | 00,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 2.0.0.20\extensions\\Components: C:\PROGRAM FILES\MOZILLA FIREFOX\COMPONENTS [2009/04/02 02:55:56 | 00,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 2.0.0.20\extensions\\Plugins: C:\PROGRAM FILES\MOZILLA FIREFOX\PLUGINS [2009/02/22 23:55:28 | 00,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Sunbird 0.8\extensions\\Components: C:\PROGRAM FILES\MOZILLA SUNBIRD\COMPONENTS [2009/02/22 23:55:28 | 00,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Sunbird 0.8\extensions\\Plugins: C:\PROGRAM FILES\MOZILLA SUNBIRD\PLUGINS
[2009/04/02 02:31:31 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Linda Jeffery\Application Data\mozilla\Firefox\Profiles\jxslctez.default\extensions
[2009/02/04 18:52:44 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Linda Jeffery\Application Data\mozilla\Firefox\Profiles\jxslctez.default\extensions\{37E4D8EA-8BDA-4831-8EA1-89053939A250}
[2008/11/03 22:33:31 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Linda Jeffery\Application Data\mozilla\Firefox\Profiles\jxslctez.default\extensions\{a7c6cf7f-112c-4500-a7ea-39801a327e5f}
[2009/02/04 18:52:42 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Linda Jeffery\Application Data\mozilla\Firefox\Profiles\jxslctez.default\extensions\{B9C8BE50-7105-4ec6-8FB4-4935C0671648}
[2009/02/23 11:27:13 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Linda Jeffery\Application Data\mozilla\Firefox\Profiles\jxslctez.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}
[2009/02/23 11:27:13 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Linda Jeffery\Application Data\mozilla\Firefox\Profiles\jxslctez.default\extensions\{e1170235-2845-420c-acc3-42261a29dd46}
[2008/02/19 12:06:13 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Linda Jeffery\Application Data\mozilla\Firefox\Profiles\jxslctez.default\extensions\[email protected]
[2008/08/21 17:23:52 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Linda Jeffery\Application Data\mozilla\Firefox\Profiles\jxslctez.default\extensions\[email protected]
[2009/02/23 11:27:13 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Linda Jeffery\Application Data\mozilla\Firefox\Profiles\jxslctez.default\extensions\[email protected]
[2008/07/14 12:23:55 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Linda Jeffery\Application Data\mozilla\Firefox\Profiles\jxslctez.default\extensions\[email protected]
[2008/09/19 15:47:33 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Linda Jeffery\Application Data\mozilla\Sunbird\Profiles\afdjqi94.default\extensions
[2007/12/20 14:08:09 | 00,001,476 | ---- | M] () -- C:\Documents and Settings\Linda Jeffery\Application Data\Mozilla\FireFox\Profiles\jxslctez.default\searchplugins\confluence.xml
[2007/12/20 14:07:54 | 00,001,484 | ---- | M] () -- C:\Documents and Settings\Linda Jeffery\Application Data\Mozilla\FireFox\Profiles\jxslctez.default\searchplugins\jira.xml
[2009/04/02 03:40:22 | 00,000,000 | ---D | M] -- C:\Program Files\mozilla firefox\extensions
[2009/04/02 02:54:31 | 00,000,000 | ---D | M] -- C:\Program Files\mozilla firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
[2008/04/15 13:09:57 | 00,000,000 | ---D | M] -- C:\Program Files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0003-ABCDEFFEDCBA}
[2008/06/11 11:35:24 | 00,000,000 | ---D | M] -- C:\Program Files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0005-ABCDEFFEDCBA}
[2008/03/28 10:12:09 | 00,000,000 | ---D | M] -- C:\Program Files\mozilla firefox\extensions\[email protected]
[2008/12/19 14:44:05 | 00,067,688 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\jar50.dll
[2008/12/19 14:44:05 | 00,054,368 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\jsd3250.dll
[2008/12/19 14:44:05 | 00,034,944 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\myspell.dll
[2008/12/19 14:44:06 | 00,046,712 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\spellchk.dll
[2008/12/19 14:44:06 | 00,172,136 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\xpinstal.dll
[2006/06/15 21:24:15 | 00,001,538 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\amazon-en-GB.xml
[2006/07/06 16:44:17 | 00,002,206 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\answers.xml
[2006/06/15 21:24:15 | 00,000,947 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\chambers-en-GB.xml
[2006/06/01 10:17:38 | 00,001,049 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\creativecommons.xml
[2006/06/15 21:24:15 | 00,001,077 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\eBay-en-GB.xml
[2007/01/18 09:05:32 | 00,002,368 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\google.xml
[2006/09/12 01:39:34 | 00,000,831 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\yahoo-en-GB.xml
O1 HOSTS File: (734 bytes) - C:\WINDOWS\System32\drivers\etc\Hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (Adobe PDF Reader Link Helper) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
O2 - BHO: (Spybot-S&D IE Protection) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
O2 - BHO: (SSVHelper Class) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll (Sun Microsystems, Inc.)
O2 - BHO: (LastPass Browser Helper Object) - {95D9ECF5-2A4D-4550-BE49-70D42F71296E} - C:\Program Files\LastPass\LPBar.dll ()
O2 - BHO: (Google Toolbar Helper) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll (Google Inc.)
O2 - BHO: (Adobe PDF Conversion Toolbar Helper) - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O2 - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\3.1.807.1746\swg.dll (Google Inc.)
O3 - HKLM\..\Toolbar: (&Google) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll (Google Inc.)
O3 - HKLM\..\Toolbar: (Adobe PDF) - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O3 - HKLM\..\Toolbar: (LastPass Toolbar) - {9f6b5cc3-5c7b-4b5c-97af-19dec1e380e5} - C:\Program Files\LastPass\LPBar.dll ()
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll (Google Inc.)
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {C4069E3A-68F1-403E-B40E-20066696354B} - Reg Error: Key error. File not found
O4 - HKLM..\Run: [] File not found
O4 - HKLM..\Run: [Acrobat Assistant 7.0] "C:\Program Files\Adobe\Acrobat 7.0\Distillr\Acrotray.exe" (Adobe Systems Inc.)
O4 - HKLM..\Run: [Adobe Version Cue CS2] "C:\Program Files\Adobe\Adobe Version Cue CS2\ControlPanel\VersionCueCS2Tray.exe" (Adobe Sytems Incorporated)
O4 - HKLM..\Run: [AdobeVersionCue] C:\Program Files\Adobe\Adobe Version Cue\ControlPanel\VersionCueTray.exe (Adobe Systems)
O4 - HKLM..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe (ALWIL Software)
O4 - HKLM..\Run: [C:\Program Files\Free Video Zilla\FVZilla.exe] File not found
O4 - HKLM..\Run: [Cpqset] C:\Program Files\HPQ\Default Settings\cpqset.exe ()
O4 - HKLM..\Run: [DetectorApp] C:\Program Files\Sonic\DigitalMedia Plus v7\MyDVD Plus\DetectorApp.exe ()
O4 - HKLM..\Run: [eabconfg.cpl] C:\Program Files\HPQ\Quick Launch Buttons\EabServr.exe /Start (Hewlett-Packard )
O4 - HKLM..\Run: [High Definition Audio Property Page Shortcut] CHDAudPropShortcut.exe (Windows ® Server 2003 DDK provider)
O4 - HKLM..\Run: [HotKeysCmds] C:\WINDOWS\system32\hkcmd.exe (Intel Corporation)
O4 - HKLM..\Run: [HP Software Update] C:\Program Files\Hp\HP Software Update\HPWuSchd2.exe (Hewlett-Packard Co.)
O4 - HKLM..\Run: [hpWirelessAssistant] C:\Program Files\hpq\HP Wireless Assistant\HP Wireless Assistant.exe (Hewlett-Packard Development Company, L.P.)
O4 - HKLM..\Run: [IgfxTray] C:\WINDOWS\system32\igfxtray.exe (Intel Corporation)
O4 - HKLM..\Run: [IMEKRMIG6.1] C:\WINDOWS\ime\imkr6_1\IMEKRMIG.EXE (Microsoft Corporation)
O4 - HKLM..\Run: [IMJPMIG8.1] "C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32 (Microsoft Corporation)
O4 - HKLM..\Run: [IntelWireless] "C:\Program Files\Intel\Wireless\Bin\ifrmewrk.exe" /tf Intel PROSet/Wireless (Intel Corporation)
O4 - HKLM..\Run: [IntelZeroConfig] "C:\Program Files\Intel\Wireless\bin\ZCfgSvc.exe" (Intel Corporation)
O4 - HKLM..\Run: [MSPY2002] C:\WINDOWS\system32\IME\PINTLGNT\ImScInst.exe /SYNC ()
O4 - HKLM..\Run: [OBSystemTray] "C:\Program Files\AhsayOBM\bin\SystemTray.exe" ()
O4 - HKLM..\Run: [Persistence] C:\WINDOWS\system32\igfxpers.exe (Intel Corporation)
O4 - HKLM..\Run: [PHIME2002A] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /IMEName (Microsoft Corporation)
O4 - HKLM..\Run: [PHIME2002ASync] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /SYNC (Microsoft Corporation)
O4 - HKLM..\Run: [QPService] "C:\Program Files\HP\QuickPlay\QPService.exe" (CyberLink Corp.)
O4 - HKLM..\Run: [RecGuard] C:\Windows\SMINST\RecGuard.exe ()
O4 - HKLM..\Run: [Reminder] C:\Windows\CREATOR\Remind_XP.exe (SoftThinks)
O4 - HKLM..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe (Synaptics, Inc.)
O4 - HKCU..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background (Microsoft Corporation)
O4 - HKCU..\Run: [PC Suite Tray] "C:\Program Files\Nokia\Nokia PC Suite 7\PCSuite.exe" -onlytray (Nokia)
O4 - HKCU..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe (Safer Networking Limited)
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Adobe Acrobat Speed Launcher.lnk = C:\WINDOWS\Installer\{AC76BA86-1033-0000-7760-100000000002}\SC_Acrobat.exe ()
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Adobe Gamma Loader.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe (Adobe Systems, Inc.)
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Adobe Gamma.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe (Adobe Systems, Inc.)
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Bluetooth.lnk = C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe (Broadcom Corporation.)
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\HP Photosmart Premier Fast Start.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqthb08.exe (Hewlett-Packard Development Company, L.P.)
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\NetScreen-Remote.lnk = C:\Program Files\Juniper\NetScreen-Remote\SafeCfg.exe (SafeNet)
O4 - Startup: C:\Documents and Settings\Linda Jeffery\Start Menu\Programs\Startup\Dora Fairytale Adventures Registration.lnk = E:\ATR1.exe File not found
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoCDBurning = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: dontdisplaylastusername = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticecaption =
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticetext =
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: shutdownwithoutlogon = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: undockwithoutlogon = 1
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 255
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: _NoDriveTypeAutoRun = 145
O8 - Extra context menu item: Convert link target to Adobe PDF - res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: Convert link target to existing PDF - res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
O8 - Extra context menu item: Convert selected links to Adobe PDF - res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECaptureSelLinks.html
O8 - Extra context menu item: Convert selected links to existing PDF - res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppendSelLinks.html
O8 - Extra context menu item: Convert selection to Adobe PDF - res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: Convert selection to existing PDF - res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
O8 - Extra context menu item: Convert to Adobe PDF - res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: Convert to existing PDF - res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~4\OFFICE11\EXCEL.EXE/3000
O8 - Extra context menu item: Send To &Bluetooth - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
O9 - Extra 'Tools' menuitem : Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\npjpi160_07.dll (Sun Microsystems, Inc.)
O9 - Extra Button: Run WinHTTrack - {36ECAF82-3300-8F84-092E-AFF36D6C7040} - C:\Program Files\WinHTTrack\WinHTTrackIEBar.dll ()
O9 - Extra 'Tools' menuitem : Launch WinHTTrack - {36ECAF82-3300-8F84-092E-AFF36D6C7040} - C:\Program Files\WinHTTrack\WinHTTrackIEBar.dll ()
O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\Program Files\Microsoft Office\OFFICE11\REFIEBAR.DLL (Microsoft Corporation)
O9 - Extra Button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O9 - Extra 'Tools' menuitem : @btrez.dll,-4017 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O9 - Extra 'Tools' menuitem : Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
O9 - Extra 'Tools' menuitem : @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe (Microsoft Corporation)
O9 - Extra Button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe (Microsoft Corporation)
O15 - HKLM\..Trusted Domains: 1 domain(s) and sub-domain(s) not assigned to a zone.
O15 - HKCU\..Trusted Domains: cmss-systems.com ([svn.dev] https in Trusted sites)
O15 - HKCU\..Trusted Domains: 1 domain(s) and sub-domain(s) not assigned to a zone.
O16 - DPF: {166B1BCA-3F9C-11CF-8075-444553540000} http://download.macr...director/sw.cab (Shockwave ActiveX Control)
O16 - DPF: {2BC66F54-93A8-11D3-BEB6-00105AA9B6AE} http://security.syma...bin/AvSniff.cab (Symantec AntiVirus scanner)
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} http://update.micros...b?1149317752314 (WUWebControl Class)
O16 - DPF: {644E432F-49D3-41A1-8DD5-E099162EEEC5} http://security.syma...n/bin/cabsa.cab (Symantec RuFSI Utility Class)
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} http://www.update.mi...b?1202943098734 (MUWebControl Class)
O16 - DPF: {77EA215F-E276-4050-A196-8E12D4378BA3} http://demos.netcat....rdToHTMLLib.cab (ncWordToHTML Control)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_07)
O16 - DPF: {CAFEEFAC-0015-0000-0006-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.5.0_06)
O16 - DPF: {CAFEEFAC-0016-0000-0002-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_02)
O16 - DPF: {CAFEEFAC-0016-0000-0003-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_03)
O16 - DPF: {CAFEEFAC-0016-0000-0005-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_05)
O16 - DPF: {CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_07)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_07)
O16 - DPF: {CF40ACC5-E1BB-4AFF-AC72-04C2F616BCA7} http://www.adobe.com...obat/nos/gp.cab (get_atlcom Class)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload.ma...ash/swflash.cab (Shockwave Flash Object)
O18 - Protocol\Handler\http\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\http\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\https\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\https\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\ipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\mso-offdap {3D9F03FA-7A94-11D3-BE81-0050048385D1} - C:\Program Files\Common Files\Microsoft Shared\Web Components\10\OWC10.DLL (Microsoft Corporation)
O18 - Protocol\Handler\mso-offdap11 {32505114-5902-49B2-880A-1F7738E5A384} - C:\Program Files\Common Files\Microsoft Shared\Web Components\11\OWC11.DLL (Microsoft Corporation)
O18 - Protocol\Filter: - text/xml - C:\Program Files\Common Files\Microsoft Shared\OFFICE11\MSOXMLMF.DLL (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\Explorer.exe (Microsoft Corporation)
O20 - Winlogon\Notify\igfxcui: DllName - igfxdev.dll - C:\WINDOWS\system32\igfxdev.dll (Intel Corporation)
O24 - Desktop Components:0 (My Current Home Page) - About:Home
O31 - SafeBoot: AlternateShell - cmd.exe
O32 - HKLM CDRom: AutoRun - 1
O32 - Autorun File - D:\AUTOEXEC.BAT () - [ FAT32 ]
O32 - Autorun File - D:\Autorun.inf () - [ FAT32 ]
O33 - MountPoints2\{037f2eb1-0f99-11dd-a79a-00164124792d}\Shell - "" = AutoRun
O33 - MountPoints2\{037f2eb1-0f99-11dd-a79a-00164124792d}\Shell\AutoRun - "" = Auto&Play
O33 - MountPoints2\{037f2eb1-0f99-11dd-a79a-00164124792d}\Shell\AutoRun\command - "" = F:\AutoRun.exe -- File not found
O33 - MountPoints2\{3cb2ee21-8b5f-11dd-a7f7-00164124792d}\Shell\AutoRun\command - "" = F:\Launch.exe -- File not found
O33 - MountPoints2\{59679a88-1ca6-11dd-a79c-00164124792d}\Shell - "" = AutoRun
O33 - MountPoints2\{59679a88-1ca6-11dd-a79c-00164124792d}\Shell\AutoRun - "" = Auto&Play
O33 - MountPoints2\{59679a88-1ca6-11dd-a79c-00164124792d}\Shell\AutoRun\command - "" = F:\AutoRun.exe -- File not found
O33 - MountPoints2\{95ec440e-1d5c-11dd-a79d-00164124792d}\Shell - "" = AutoRun
O33 - MountPoints2\{95ec440e-1d5c-11dd-a79d-00164124792d}\Shell\AutoRun - "" = Auto&Play
O33 - MountPoints2\{95ec440e-1d5c-11dd-a79d-00164124792d}\Shell\AutoRun\command - "" = F:\AutoRun.exe -- File not found
O33 - MountPoints2\G\Shell\AutoRun\command - "" = G:\setup.exe -- File not found
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
========== Files/Folders - Created Within 30 Days ==========
[3 C:\WINDOWS\*.tmp files]
[2009/04/02 04:20:40 | 00,041,984 | ---- | C] () -- C:\Documents and Settings\Linda Jeffery\My Documents\Step Six.doc
[2009/04/02 04:19:04 | 00,499,712 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\Linda Jeffery\Desktop\OTListIt2.exe
[2009/04/02 03:59:57 | 00,000,000 | ---D | C] -- C:\WINDOWS\ERDNT
[2009/04/02 03:59:17 | 00,000,000 | ---D | C] -- C:\Program Files\ERUNT
[2009/04/02 03:57:59 | 00,791,393 | ---- | C] (Lars Hederer ) -- C:\Documents and Settings\Linda Jeffery\Desktop\erunt_setup.exe
[2009/04/02 03:56:59 | 00,009,334 | ---- | C] () -- C:\Documents and Settings\Linda Jeffery\Desktop\SysRestorePoint_v13.zip
[2009/04/02 03:15:27 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Linda Jeffery\Application Data\Malwarebytes
[2009/04/02 03:15:26 | 00,000,696 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Malwarebytes' Anti-Malware.lnk
[2009/04/02 03:15:25 | 00,015,504 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbam.sys
[2009/04/02 03:15:23 | 00,038,496 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbamswissarmy.sys
[2009/04/02 03:15:22 | 00,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware
[2009/04/02 03:15:22 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Malwarebytes
[2009/04/02 03:12:49 | 00,060,277 | ---- | C] () -- C:\Documents and Settings\Linda Jeffery\Desktop\Malwarebytes_Anti-Malware_d5756.html
[2009/04/02 03:12:31 | 02,906,240 | ---- | C] (Malwarebytes Corporation ) -- C:\Documents and Settings\Linda Jeffery\Desktop\mbam-setup.exe
[2009/04/02 02:33:27 | 03,062,142 | ---- | C] () -- C:\Documents and Settings\Linda Jeffery\Desktop\ComboFix.exe
[2009/04/02 02:31:47 | 00,094,208 | ---- | C] () -- C:\Documents and Settings\Linda Jeffery\Desktop\GooredFix.exe
[2009/04/01 09:14:55 | 13,505,835 | ---- | C] () -- C:\Documents and Settings\Linda Jeffery\Desktop\video.flv
[2009/03/31 13:40:58 | 00,098,304 | ---- | C] () -- C:\Documents and Settings\Linda Jeffery\My Documents\Reseller_Prospect_Labels.doc
[2009/03/31 09:30:26 | 00,051,376 | ---- | C] (ALWIL Software) -- C:\WINDOWS\System32\drivers\aswTdi.sys
[2009/03/31 09:30:26 | 00,023,152 | ---- | C] (ALWIL Software) -- C:\WINDOWS\System32\drivers\aswRdr.sys
[2009/03/31 09:30:26 | 00,001,709 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\avast! Antivirus.lnk
[2009/03/31 09:30:25 | 00,097,480 | ---- | C] (ALWIL Software) -- C:\WINDOWS\System32\AvastSS.scr
[2009/03/31 09:30:25 | 00,026,944 | ---- | C] (ALWIL Software) -- C:\WINDOWS\System32\drivers\aavmker4.sys
[2009/03/31 09:30:24 | 00,114,768 | ---- | C] (ALWIL Software) -- C:\WINDOWS\System32\drivers\aswSP.sys
[2009/03/31 09:30:24 | 00,094,032 | ---- | C] (ALWIL Software) -- C:\WINDOWS\System32\drivers\aswmon2.sys
[2009/03/31 09:30:24 | 00,093,296 | ---- | C] (ALWIL Software) -- C:\WINDOWS\System32\drivers\aswmon.sys
[2009/03/31 09:30:24 | 00,020,560 | ---- | C] (ALWIL Software) -- C:\WINDOWS\System32\drivers\aswFsBlk.sys
[2009/03/31 09:30:11 | 01,256,296 | ---- | C] (ALWIL Software) -- C:\WINDOWS\System32\aswBoot.exe
[2009/03/31 09:30:11 | 00,380,928 | ---- | C] () -- C:\WINDOWS\System32\actskin4.ocx
[2009/03/31 09:30:08 | 00,000,000 | ---D | C] -- C:\Program Files\Alwil Software
[2009/03/29 16:24:59 | 00,000,000 | ---D | C] -- C:\Program Files\Spybot - Search & Destroy
[2009/03/29 16:24:59 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy
[2009/03/26 16:25:55 | 00,268,256 | ---- | C] () -- C:\Documents and Settings\Linda Jeffery\Desktop\Alert Threshold Analysis Tool_User_Input.xlsm
[2009/03/26 16:13:59 | 01,444,831 | ---- | C] () -- C:\Documents and Settings\Linda Jeffery\Desktop\TortoiseSVN-1.6.0.15855-win32-svn-1.6.0.msi
[2009/03/26 10:50:49 | 00,145,920 | ---- | C] () -- C:\Documents and Settings\Linda Jeffery\My Documents\MarginallyLegal.doc
[2009/03/25 15:38:54 | 00,001,734 | ---- | C] () -- C:\Documents and Settings\Linda Jeffery\Desktop\HijackThis.lnk
[2009/03/25 15:38:53 | 00,000,000 | ---D | C] -- C:\Program Files\Trend Micro
[2009/03/25 12:48:23 | 00,812,344 | ---- | C] (Trend Micro Inc.) -- C:\Documents and Settings\Linda Jeffery\Desktop\HJTInstall.exe
[2009/03/24 16:15:36 | 00,000,041 | ---- | C] () -- C:\WINDOWS\crw.ini
[2009/03/23 16:40:07 | 00,010,367 | ---- | C] () -- C:\Documents and Settings\Linda Jeffery\My Documents\e-PayDay® FREEPAY Registration.rtf
[2009/03/23 16:15:13 | 00,262,328 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\MSDATGRD.OCX
[2009/03/23 16:15:12 | 00,205,848 | ---- | C] (Sheridan Software Systems, Inc.) -- C:\WINDOWS\System32\THREED32.OCX
[2009/03/23 16:15:10 | 00,040,960 | ---- | C] (ASP Microcomputers) -- C:\WINDOWS\System32\ZIPNet.dll
[2009/03/23 16:15:06 | 00,115,920 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\MSINET.OCX
[2009/03/23 16:14:56 | 00,000,000 | ---D | C] -- C:\WINDOWS\CRYSTAL
[2009/03/23 16:14:55 | 01,471,232 | ---- | C] (Crystal Computer Services, Inc.) -- C:\WINDOWS\System\CRPE.DLL
[2009/03/23 16:14:55 | 00,093,200 | ---- | C] (Crystal Computer Services, Inc.) -- C:\WINDOWS\System\CRYSTAL.VBX
[2009/03/23 16:13:52 | 00,008,240 | ---- | C] () -- C:\WINDOWS\System\Dzprog.exe
[2009/03/23 16:13:50 | 00,091,072 | ---- | C] () -- C:\WINDOWS\System\SS3D2.VBX
[2009/03/23 16:13:47 | 00,995,136 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System\MSAJT200.DLL
[2009/03/23 16:13:47 | 00,518,688 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System\MAPI.DLL
[2009/03/23 16:13:47 | 00,398,416 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System\VBRUN300.DLL
[2009/03/23 16:13:47 | 00,235,264 | ---- | C] (Sheridan Software Systems, Inc.) -- C:\WINDOWS\System\SSDATA2.VBX
[2009/03/23 16:13:47 | 00,117,312 | ---- | C] (Crescent Division of Progress Software Corporation) -- C:\WINDOWS\System\CSTEXT.VBX
[2009/03/23 16:13:47 | 00,095,200 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System\VBDB300.DLL
[2009/03/23 16:13:47 | 00,094,480 | ---- | C] (MicroHelp Inc.) -- C:\WINDOWS\System\MHRUN400.DLL
[2009/03/23 16:13:47 | 00,092,176 | ---- | C] (VideoSoft) -- C:\WINDOWS\System\VSVBX.VBX
[2009/03/23 16:13:47 | 00,086,240 | ---- | C] (MicroHelp Inc.) -- C:\WINDOWS\System\MHTAB.VBX
[2009/03/23 16:13:47 | 00,075,136 | ---- | C] (VideoSoft) -- C:\WINDOWS\System\VSVIEW.VBX
[2009/03/23 16:13:47 | 00,066,752 | ---- | C] (Inner Media, Inc., Hollis NH USA) -- C:\WINDOWS\System\DZIP.DLL
[2009/03/23 16:13:47 | 00,064,432 | ---- | C] (Sheridan Software Systems, Inc.) -- C:\WINDOWS\System\THREED.VBX
[2009/03/23 16:13:47 | 00,058,880 | ---- | C] (MicroHelp Inc.) -- C:\WINDOWS\System\MHGCAL.VBX
[2009/03/23 16:13:47 | 00,058,384 | ---- | C] (Crescent Division of Progress Software Corporation) -- C:\WINDOWS\System\CSDIALOG.VBX
[2009/03/23 16:13:47 | 00,057,984 | ---- | C] (Crescent dividion of Progress Software Corporation) -- C:\WINDOWS\System\QPRO200.DLL
[2009/03/23 16:13:47 | 00,054,432 | ---- | C] (Crescent Division of Progress Software Corporation) -- C:\WINDOWS\System\CSCMD.VBX
[2009/03/23 16:13:47 | 00,047,776 | ---- | C] (Sheridan Software Systems, Inc.) -- C:\WINDOWS\System\SSDATA1.VBX
[2009/03/23 16:13:47 | 00,046,992 | ---- | C] (Inner Media, Inc., Hollis NH USA) -- C:\WINDOWS\System\DUNZIP.DLL
[2009/03/23 16:13:47 | 00,046,896 | ---- | C] (Crescent Division of Progress Software Corporation.) -- C:\WINDOWS\System\CSSPIN.VBX
[2009/03/23 16:13:47 | 00,040,112 | ---- | C] (Crescent Division of Progress Software Corporation) -- C:\WINDOWS\System\CSCOMBO.VBX
[2009/03/23 16:13:47 | 00,038,624 | ---- | C] (MicroHelp Inc.) -- C:\WINDOWS\System\MHGOBD.VBX
[2009/03/23 16:13:47 | 00,036,352 | ---- | C] (Cresent Software, Inc.) -- C:\WINDOWS\System\CSFORM.VBX
[2009/03/23 16:13:47 | 00,032,000 | ---- | C] (Cresent Software, Inc.) -- C:\WINDOWS\System\CSPICT.VBX
[2009/03/23 16:13:47 | 00,031,744 | ---- | C] (Microsoft Corp.) -- C:\WINDOWS\System\MSAFINX.DLL
[2009/03/23 16:13:47 | 00,025,648 | ---- | C] (MicroHelp Inc.) -- C:\WINDOWS\System\KEYSTAT.VBX
[2009/03/23 16:13:47 | 00,024,400 | ---- | C] (Inner Media, Inc.) -- C:\WINDOWS\System\VBUNZ.VBX
[2009/03/23 16:13:47 | 00,023,728 | ---- | C] (Inner Media, Inc.) -- C:\WINDOWS\System\VBZIP.VBX
[2009/03/23 16:13:47 | 00,021,536 | ---- | C] (MicroHelp Inc.) -- C:\WINDOWS\System\MHAN200.VBX
[2009/03/23 16:13:47 | 00,021,120 | ---- | C] (MicroHelp Inc.) -- C:\WINDOWS\System\MHGLBL.VBX
[2009/03/23 16:13:47 | 00,020,928 | ---- | C] (MicroHelp Inc.) -- C:\WINDOWS\System\MHTIP.VBX
[2009/03/23 16:13:47 | 00,019,008 | ---- | C] (MicroHelp Inc.) -- C:\WINDOWS\System\MHMQ200.VBX
[2009/03/23 16:13:47 | 00,018,976 | ---- | C] (MicroHelp Inc.) -- C:\WINDOWS\System\MHGTXT.VBX
[2009/03/23 16:13:47 | 00,017,440 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System\MSAJT112.DLL
[2009/03/23 16:13:34 | 00,000,000 | ---D | C] -- C:\Program Files\e-PayDay
[2009/03/23 13:39:58 | 00,001,729 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Adobe Reader 8.lnk
[2009/03/23 11:27:56 | 01,264,089 | ---- | C] () -- C:\Documents and Settings\Linda Jeffery\My Documents\99cows.pdf
[2009/03/23 11:15:21 | 00,024,160 | ---- | C] () -- C:\Documents and Settings\Linda Jeffery\Desktop\Complementaryfiles.zip
[2009/03/23 11:14:46 | 00,688,787 | ---- | C] () -- C:\Documents and Settings\Linda Jeffery\Desktop\iNETDocs-Documentation.pdf
[2009/03/23 11:14:31 | 00,426,480 | ---- | C] () -- C:\Documents and Settings\Linda Jeffery\Desktop\iNETDocs1.5.zip
[2009/03/21 16:14:55 | 00,160,931 | ---- | C] () -- C:\Documents and Settings\Linda Jeffery\Desktop\ZuckerWiki_1.0.zip
[2009/03/21 13:34:12 | 00,052,224 | ---- | C] () -- C:\Documents and Settings\Linda Jeffery\Desktop\ginny leads.doc
[2009/03/21 13:33:57 | 00,166,400 | ---- | C] () -- C:\Documents and Settings\Linda Jeffery\Desktop\Copy of names_mailout4.xls
[2009/03/19 23:53:09 | 00,626,175 | ---- | C] () -- C:\Documents and Settings\Linda Jeffery\Desktop\CE_User_List_Manual.docx
[2009/03/19 22:17:06 | 00,862,720 | ---- | C] () -- C:\Documents and Settings\Linda Jeffery\Desktop\amf_flags.xls
[2009/03/18 12:15:04 | 00,017,714 | ---- | C] () -- C:\Documents and Settings\Linda Jeffery\My Documents\acrobat_icon.png
[2009/03/18 12:14:17 | 00,001,889 | ---- | C] () -- C:\Documents and Settings\Linda Jeffery\My Documents\acrobat_logo.jpg
[2009/03/18 11:56:29 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Office Genuine Advantage
[2009/03/17 22:42:51 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Linda Jeffery\Desktop\demo
[2009/03/17 21:36:23 | 97,376,751 | ---- | C] () -- C:\Documents and Settings\Linda Jeffery\Desktop\demo.zip
[2009/03/17 21:32:29 | 06,660,096 | ---- | C] () -- C:\Documents and Settings\Linda Jeffery\Desktop\ppt_spbe_english.ppt
[2009/03/17 10:02:41 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Documents\amf flags spreadsheet
[2009/03/16 17:42:57 | 00,000,043 | ---- | C] () -- C:\Documents and Settings\Linda Jeffery\Desktop\ATT29425.gif
[2009/03/16 17:42:43 | 00,000,048 | ---- | C] () -- C:\Documents and Settings\Linda Jeffery\Desktop\ATT29424.gif
[2009/03/16 09:02:17 | 00,059,850 | ---- | C] () -- C:\Documents and Settings\Linda Jeffery\My Documents\showBackupReportFull.htm
[2009/03/14 22:23:56 | 24,453,120 | ---- | C] () -- C:\Documents and Settings\Linda Jeffery\Desktop\shift-happens-23665.ppt
[2009/03/14 17:23:38 | 00,222,510 | ---- | C] () -- C:\Documents and Settings\Linda Jeffery\My Documents\12_Data_Backup_Secrets_SME.pdf
[2009/03/12 17:17:14 | 00,021,752 | ---- | C] () -- C:\Documents and Settings\Linda Jeffery\Desktop\S60SpotOn_0.07.SISX
[2009/03/12 15:52:00 | 00,645,511 | ---- | C] (Jay Elaraj ) -- C:\Documents and Settings\Linda Jeffery\Desktop\ts2.5_setup.exe
[2009/03/12 13:44:39 | 00,268,762 | ---- | C] () -- C:\Documents and Settings\Linda Jeffery\My Documents\hoyts.pdf
[2009/03/12 12:26:08 | 00,457,405 | ---- | C] () -- C:\Documents and Settings\Linda Jeffery\My Documents\declaration_solid.pdf
[2009/03/11 07:48:08 | 00,023,040 | ---- | C] () -- C:\Documents and Settings\Linda Jeffery\My Documents\Operational Plans March 2009.doc
[2009/03/10 11:17:56 | 00,025,600 | ---- | C] () -- C:\Documents and Settings\Linda Jeffery\My Documents\Questions and Comments on WO tender brief.doc
[2009/03/09 11:00:40 | 00,031,232 | ---- | C] () -- C:\Documents and Settings\Linda Jeffery\My Documents\Bushfire Val's Line of command.doc
[2009/03/05 12:22:43 | 00,296,448 | ---- | C] () -- C:\Documents and Settings\Linda Jeffery\My Documents\USE.doc
========== Files - Modified Within 30 Days ==========
[2 C:\WINDOWS\System32\*.tmp files]
[3 C:\WINDOWS\*.tmp files]
[2009/04/02 04:20:40 | 00,041,984 | ---- | M] () -- C:\Documents and Settings\Linda Jeffery\My Documents\Step Six.doc
[2009/04/02 04:19:09 | 00,499,712 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Linda Jeffery\Desktop\OTListIt2.exe
[2009/04/02 03:58:46 | 00,791,393 | ---- | M] (Lars Hederer ) -- C:\Documents and Settings\Linda Jeffery\Desktop\erunt_setup.exe
[2009/04/02 03:56:50 | 00,009,334 | ---- | M] () -- C:\Documents and Settings\Linda Jeffery\Desktop\SysRestorePoint_v13.zip
[2009/04/02 03:41:05 | 00,481,674 | ---- | M] () -- C:\WINDOWS\System32\PerfStringBackup.INI
[2009/04/02 03:41:05 | 00,409,800 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
[2009/04/02 03:41:05 | 00,064,774 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
[2009/04/02 03:36:40 | 00,001,748 | -HS- | M] () -- C:\hpqp.ini
[2009/04/02 03:36:38 | 00,000,040 | ---- | M] () -- C:\XP_TV.ini
[2009/04/02 03:36:24 | 00,000,006 | -H-- | M] () -- C:\WINDOWS\tasks\SA.DAT
[2009/04/02 03:36:18 | 00,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2009/04/02 03:15:26 | 00,000,696 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Malwarebytes' Anti-Malware.lnk
[2009/04/02 03:14:37 | 02,906,240 | ---- | M] (Malwarebytes Corporation ) -- C:\Documents and Settings\Linda Jeffery\Desktop\mbam-setup.exe
[2009/04/02 03:12:54 | 00,060,277 | ---- | M] () -- C:\Documents and Settings\Linda Jeffery\Desktop\Malwarebytes_Anti-Malware_d5756.html
[2009/04/02 02:37:14 | 03,062,142 | ---- | M] () -- C:\Documents and Settings\Linda Jeffery\Desktop\ComboFix.exe
[2009/04/02 02:31:51 | 00,094,208 | ---- | M] () -- C:\Documents and Settings\Linda Jeffery\Desktop\GooredFix.exe
[2009/04/01 09:18:14 | 13,505,835 | ---- | M] () -- C:\Documents and Settings\Linda Jeffery\Desktop\video.flv
[2009/04/01 01:50:50 | 00,082,944 | ---- | M] () -- C:\Documents and Settings\Linda Jeffery\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2009/03/31 13:40:58 | 00,098,304 | ---- | M] () -- C:\Documents and Settings\Linda Jeffery\My Documents\Reseller_Prospect_Labels.doc
[2009/03/31 09:30:26 | 00,001,709 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\avast! Antivirus.lnk
[2009/03/31 09:30:24 | 00,002,626 | ---- | M] () -- C:\WINDOWS\System32\CONFIG.NT
[2009/03/29 13:23:28 | 03,180,054 | -H-- | M] () -- C:\Documents and Settings\Linda Jeffery\Local Settings\Application Data\IconCache.db
[2009/03/26 16:49:56 | 00,038,496 | ---- | M] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbamswissarmy.sys
[2009/03/26 16:49:50 | 00,015,504 | ---- | M] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbam.sys
[2009/03/26 16:25:44 | 00,268,256 | ---- | M] () -- C:\Documents and Settings\Linda Jeffery\Desktop\Alert Threshold Analysis Tool_User_Input.xlsm
[2009/03/26 16:19:44 | 01,444,831 | ---- | M] () -- C:\Documents and Settings\Linda Jeffery\Desktop\TortoiseSVN-1.6.0.15855-win32-svn-1.6.0.msi
[2009/03/26 10:50:49 | 00,145,920 | ---- | M] () -- C:\Documents and Settings\Linda Jeffery\My Documents\MarginallyLegal.doc
[2009/03/25 17:25:44 | 00,054,156 | -H-- | M] () -- C:\WINDOWS\QTFont.qfn
[2009/03/25 15:38:54 | 00,001,734 | ---- | M] () -- C:\Documents and Settings\Linda Jeffery\Desktop\HijackThis.lnk
[2009/03/25 12:48:27 | 00,812,344 | ---- | M] (Trend Micro Inc.) -- C:\Documents and Settings\Linda Jeffery\Desktop\HJTInstall.exe
[2009/03/25 11:51:32 | 00,002,335 | ---- | M] () -- C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Adobe Acrobat Speed Launcher.lnk
[2009/03/24 16:26:56 | 00,000,041 | ---- | M] () -- C:\WINDOWS\crw.ini
[2009/03/23 16:40:07 | 00,010,367 | ---- | M] () -- C:\Documents and Settings\Linda Jeffery\My Documents\e-PayDay® FREEPAY Registration.rtf
[2009/03/23 16:15:13 | 00,001,087 | ---- | M] () -- C:\WINDOWS\win.ini
[2009/03/23 13:39:58 | 00,001,729 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Adobe Reader 8.lnk
[2009/03/23 11:27:56 | 01,264,089 | ---- | M] () -- C:\Documents and Settings\Linda Jeffery\My Documents\99cows.pdf
[2009/03/23 11:15:31 | 00,024,160 | ---- | M] () -- C:\Documents and Settings\Linda Jeffery\Desktop\Complementaryfiles.zip
[2009/03/23 11:15:07 | 00,688,787 | ---- | M] () -- C:\Documents and Settings\Linda Jeffery\Desktop\iNETDocs-Documentation.pdf
[2009/03/23 11:14:55 | 00,426,480 | ---- | M] () -- C:\Documents and Settings\Linda Jeffery\Desktop\iNETDocs1.5.zip
[2009/03/22 20:41:39 | 00,001,834 | -H-- | M] () -- C:\Documents and Settings\Linda Jeffery\My Documents\Default.rdp
[2009/03/21 16:15:03 | 00,160,931 | ---- | M] () -- C:\Documents and Settings\Linda Jeffery\Desktop\ZuckerWiki_1.0.zip
[2009/03/21 13:34:10 | 00,052,224 | ---- | M] () -- C:\Documents and Settings\Linda Jeffery\Desktop\ginny leads.doc
[2009/03/21 13:33:56 | 00,166,400 | ---- | M] () -- C:\Documents and Settings\Linda Jeffery\Desktop\Copy of names_mailout4.xls
[2009/03/19 23:53:02 | 00,626,175 | ---- | M] () -- C:\Documents and Settings\Linda Jeffery\Desktop\CE_User_List_Manual.docx
[2009/03/19 22:17:14 | 00,862,720 | ---- | M] () -- C:\Documents and Settings\Linda Jeffery\Desktop\amf_flags.xls
[2009/03/18 15:57:07 | 00,000,664 | ---- | M] () -- C:\WINDOWS\System32\d3d9caps.dat
[2009/03/18 12:15:06 | 00,017,714 | ---- | M] () -- C:\Documents and Settings\Linda Jeffery\My Documents\acrobat_icon.png
[2009/03/18 12:14:20 | 00,001,889 | ---- | M] () -- C:\Documents and Settings\Linda Jeffery\My Documents\acrobat_logo.jpg
[2009/03/18 11:56:33 | 00,001,158 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2009/03/17 22:27:55 | 97,376,751 | ---- | M] () -- C:\Documents and Settings\Linda Jeffery\Desktop\demo.zip
[2009/03/17 21:35:44 | 06,660,096 | ---- | M] () -- C:\Documents and Settings\Linda Jeffery\Desktop\ppt_spbe_english.ppt
[2009/03/16 17:42:55 | 00,000,043 | ---- | M] () -- C:\Documents and Settings\Linda Jeffery\Desktop\ATT29425.gif
[2009/03/16 17:42:41 | 00,000,048 | ---- | M] () -- C:\Documents and Settings\Linda Jeffery\Desktop\ATT29424.gif
[2009/03/16 09:02:26 | 00,059,850 | ---- | M] () -- C:\Documents and Settings\Linda Jeffery\My Documents\showBackupReportFull.htm
[2009/03/14 22:33:35 | 24,453,120 | ---- | M] () -- C:\Documents and Settings\Linda Jeffery\Desktop\shift-happens-23665.ppt
[2009/03/14 17:23:43 | 00,222,510 | ---- | M] () -- C:\Documents and Settings\Linda Jeffery\My Documents\12_Data_Backup_Secrets_SME.pdf
[2009/03/12 17:17:13 | 00,021,752 | ---- | M] () -- C:\Documents and Settings\Linda Jeffery\Desktop\S60SpotOn_0.07.SISX
[2009/03/12 15:52:11 | 00,645,511 | ---- | M] (Jay Elaraj ) -- C:\Documents and Settings\Linda Jeffery\Desktop\ts2.5_setup.exe
[2009/03/12 13:44:44 | 00,268,762 | ---- | M] () -- C:\Documents and Settings\Linda Jeffery\My Documents\hoyts.pdf
[2009/03/12 12:40:47 | 00,457,405 | ---- | M] () -- C:\Documents and Settings\Linda Jeffery\My Documents\declaration_solid.pdf
[2009/03/12 10:53:50 | 00,384,016 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2009/03/12 10:05:39 | 00,023,040 | ---- | M] () -- C:\Documents and Settings\Linda Jeffery\My Documents\Operational Plans March 2009.doc
[2009/03/12 07:44:49 | 00,001,374 | ---- | M] () -- C:\WINDOWS\imsins.BAK
[2009/03/10 16:13:01 | 00,031,232 | ---- | M] () -- C:\Documents and Settings\Linda Jeffery\My Documents\Bushfire Val's Line of command.doc
[2009/03/10 12:50:22 | 00,025,600 | ---- | M] () -- C:\Documents and Settings\Linda Jeffery\My Documents\Questions and Comments on WO tender brief.doc
[2009/03/05 12:22:43 | 00,296,448 | ---- | M] () -- C:\Documents and Settings\Linda Jeffery\My Documents\USE.doc
< End of report >
My Extras.txt report:
OTListIt Extras logfile created on: 2/04/2009 4:21:50 AM - Run 1
OTListIt2 by OldTimer - Version 2.0.8.0 Folder = C:\Documents and Settings\Linda Jeffery\Desktop
Windows XP Home Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 6.0.2900.5512)
Locale: 00000C09 | Country: Australia | Language: ENA | Date Format: d/MM/yyyy
1.99 Gb Total Physical Memory | 1.34 Gb Available Physical Memory | 67.54% Memory free
2.58 Gb Paging File | 1.95 Gb Available in Paging File | 75.80% Paging File free
Paging file location(s): C:\pagefile.sys 756 1512;
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 66.88 Gb Total Space | 6.98 Gb Free Space | 10.44% Space Free | Partition Type: NTFS
Drive D: | 6.64 Gb Total Space | 0.69 Gb Free Space | 10.36% Space Free | Partition Type: FAT32
E: Drive not present or media not loaded
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded
Computer Name: LINDATRADING
Current User Name: Linda Jeffery
Logged in as Administrator.
Current Boot Mode: Normal
Scan Mode: Current user
Output = Minimal
File Age = 30 Days
Company Name Whitelist: On
========== File Associations ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)
========== Security Center Settings ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"FirstRunDisabled" = 1
"UpdatesDisableNotify" = 0
"AntiVirusOverride" = 0
"FirewallOverride" = 0
"AntiVirusDisableNotify" = 0
"FirewallDisableNotify" = 0
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]
"DisableMonitoring" = 1
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall]
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile
"EnableFirewall" = 0
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List
"1900:UDP" = 1900:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22007
"2869:TCP" = 2869:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22008
"139:TCP" = 139:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22004
"445:TCP" = 445:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22005
"137:UDP" = 137:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22001
"138:UDP" = 138:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22002
========== Authorized Applications List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000 (Microsoft Corporation)
C:\Program Files\Juniper\NetScreen-Remote\IreIKE.exe:*:Enabled:IreIke (SafeNet)
C:\Program Files\Juniper\NetScreen-Remote\ViewLog.exe:127.0.0.1/255.255.255.255:Enabled:ViewLog (SafeNet)
C:\Program Files\Juniper\NetScreen-Remote\CmonApp.exe:127.0.0.1/255.255.255.255:Enabled:CMonApp (SafeNet)
C:\Program Files\Juniper\NetScreen-Remote\vpn.exe:127.0.0.1/255.255.255.255:Enabled:VPN Connection Manager (SafeNet)
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
C:\Program Files\Adobe\Adobe Version Cue CS2\bin\VersionCueCS2.exe:*:Enabled:Adobe Version Cue CS2 (Adobe Systems Incorporated)
%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000 (Microsoft Corporation)
C:\Program Files\Free Video Zilla\FVZilla.exe:*:Enabled:FVZilla ()
C:\Program Files\Juniper\NetScreen-Remote\IreIKE.exe:*:Enabled:IreIke (SafeNet)
C:\Program Files\Juniper\NetScreen-Remote\ViewLog.exe:127.0.0.1/255.255.255.255:Enabled:ViewLog (SafeNet)
C:\Program Files\Juniper\NetScreen-Remote\CmonApp.exe:127.0.0.1/255.255.255.255:Enabled:CMonApp (SafeNet)
C:\Program Files\Juniper\NetScreen-Remote\vpn.exe:127.0.0.1/255.255.255.255:Enabled:VPN Connection Manager (SafeNet)
========== HKEY_LOCAL_MACHINE Uninstall List ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{0134A1A1-C283-4A47-91A1-92F19F960372}" = Adobe Creative Suite 2
"{075473F5-846A-448B-BCB3-104AA1760205}" = Sonic Data Module
"{0A399F13-2F24-4318-B632-D27B7FCCB43A}" = TortoiseSVN 1.5.6.14908 (32 bit)
"{0E2B0B41-7E08-4F9F-B21F-41C4133F43B7}" = mLogView
"{0FD23E02-2BFB-4BEC-8823-FE984F83F161}" = VMware Server Console
"{15AC0C5D-A6FB-4CE2-8CD0-28179EEB5625}" = Nokia Connectivity Cable Driver
"{18D10072035C4515918F7E37EAFAACFC}" = AutoUpdate
"{19B90AF8-4F07-4FAC-AFD0-A6415F3ADE06}" = Simply Budgets 1st Steps
"{19C3EBF9-7639-42E9-B060-5871DE5C09A7}" = Reading & Phonics
"{1CB34CE9-0E6B-493F-BB66-3425E5DF76E5}" = CP_CalendarTemplates1
"{1E04F83B-2AB9-4301-9EF7-E86307F79C72}" = Google Earth
"{212748BB-0DA5-46DE-82A1-403736DC9F27}" = MSVC80_x86
"{21657574-BD54-48A2-9450-EB03B2C7FC29}" = Sonic MyDVD Plus
"{23012310-3E05-46A5-88A9-C6CBCABCAC79}" = Customer Experience Enhancement
"{2318C2B1-4965-11d4-9B18-009027A5CD4F}" = Google Toolbar for Internet Explorer
"{236BB7C4-4419-42FD-0409-1E257A25E34D}" = Adobe Photoshop CS2
"{23B35809-5E4A-4F14-8332-1CDEDDFAC089}" = CP_Package_Variety2
"{23FB368F-1399-4EAC-817C-4B83ECBE3D83}" = mProSafe
"{24BEBF2E-73F3-4599-840B-EDC612CCDD0D}" = Destinations
"{25AA6102-EA34-4045-BF7B-EEB3162AD006}" = 101 Kid's Brainy Games
"{286F29AF-0BE2-4D5F-AB17-B7631A810553}" = muvee autoProducer 4.5
"{2A548002-9042-4083-A270-B67473DE1073}" = SkinsHP1
"{2F931B84-0CEE-11D1-AA7D-0080AD1AC47A}" = NetScreen-Remote
"{30465B6C-B53F-49A1-9EBA-A3F187AD502E}" = Sonic Update Manager
"{307FBAE3-388E-40B7-BBC2-CF06FBB517E3}" = Maths Quest
"{3248F0A8-6813-11D6-A77B-00B0D0150060}" = J2SE Runtime Environment 5.0 Update 6
"{3248F0A8-6813-11D6-A77B-00B0D0160020}" = Java 6 Update 2
"{3248F0A8-6813-11D6-A77B-00B0D0160030}" = Java 6 Update 3
"{3248F0A8-6813-11D6-A77B-00B0D0160050}" = Java 6 Update 5
"{3248F0A8-6813-11D6-A77B-00B0D0160070}" = Java 6 Update 7
"{329A3C81-7884-4A64-B8F6-078795C31506}" = Citrix Endpoint Analysis Client
"{34AC1011-B8EB-4A08-8166-E88619C9DF6C}" = iSpy Console
"{34F3FCF1-817B-4D61-B6AF-19D9486AFEA0}" = Unload
"{350C97B0-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP
"{36D620AD-EEBA-4973-BA86-0C9AE6396620}" = OptionalContentQFolder
"{3E9D596A-61D4-4239-BD19-2DB984D2A16F}" = mIWA
"{3F4EC965-28EF-45C3-B063-04B25D4E9679}" = HP Integrated Module with Bluetooth wireless technology
"{3FE0CFAB-584A-4AA5-B8CD-C32284CFA308}" = RandMap
"{4041C245-7099-4C96-9738-5EBC23827B3C}" = BufferChm
"{4302B2DD-D958-40E3-BAF3-B07FFE1978CE}" = HP Wireless Assistant 2.00 B3
"{45D707E9-F3C4-11D9-A373-0050BAE317E1}" = HP QuickPlay 2.0
"{46548E80-0409-0000-7E8A-45000F855001}" = Adobe GoLive CS2
"{494D17B5-3369-4905-8C4B-80C972C5E0FF}" = CP_Panorama1Config
"{4DA4012B-39AF-48c2-B23B-A4D570D233A6}" = cp_LightScribeConfig
"{4E868D3D-6EEB-4273-926C-2287236B5B79}" = 3DVIA Player 4.1
"{522D1D79-9C0A-4361-91F8-2AFF8EC6C2E1}" = CP_Package_Variety1
"{53EE9E42-CECB-4C92-BF76-9CA65DAF8F1C}" = FullDPAppQFolder
"{54F0998F-73C8-4b51-8286-FE903C231BED}" = cp_PosterPrintConfig
"{58C62A8E-E628-4822-A0F2-BBE10329D53F}" = HP User Guides 0009
"{58FB2F9A-5F2D-40E8-82DF-4987E60AD8BD}" = Nokia PC Suite
"{59367F7E-D7C1-4629-8AEC-71AA24A68F31}" = Nokia Software Updater
"{5B09BD67-4C99-46A1-8161-B7208CE18121}" = QuickTime
"{6675CA7F-E51B-4F6A-99D4-F8F0124C6EAA}" = Sonic Express Labeler
"{69880C00-08DD-4385-B752-9C62656F6D1E}" = Microsoft SQL Server 2005 Backward compatibility
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{766633B3-1AFA-44B6-A3FC-1DE991CD9C52}" = CP_Package_Basic1
"{79F8E1D4-36C1-439C-95FA-F695050B5B07}" = Sonic_PrimoSDK
"{7B63B2922B174135AFC0E1377DD81EC2}" = DivX
"{7F4C8163-F259-49A0-A018-2857A90578BC}" = Adobe InDesign CS2
"{80AE27BA-B0ED-4288-A8B9-D8194BCF4115}" = cp_UpdateProjectsConfig
"{829CD169-E692-48E8-9BDE-A3E8D8B65538}" = mSCfg
"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-110002467}" = Inspector-Parker
"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-110074983}" = BeTrapped!
"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-110075733}" = Chainz
"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-110082360}" = Alien Shooter
"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-110099903}" = Magic Inlay
"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-110111700}" = Zuma Deluxe
"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-110113233}" = Bookworm Deluxe
"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-11015843}" = Ricochet Lost Worlds
"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-110160733}" = Slingo
"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-110166840}" = Ballistik
"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-110176513}" = Feeding Frenzy
"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-110194827}" = Jewel Quest
"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-110245793}" = Insaniquarium Deluxe
"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-110250590}" = A Series of Unfortunate Events
"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-110261550}" = Shape Solitaire
"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-110265407}" = Bejeweled 2 Deluxe
"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-110268640}" = Links® Course Challenge – Chateau Whistler
"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-11028247}" = Cubis Gold 2
"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-11029123}" = Bricks of Egypt
"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-110294723}" = Mah Jong Quest
"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-110300453}" = Spin & Win
"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-110313550}" = Jigsaw 365
"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-110325350}" = Mah Jong Medley
"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-110353813}" = Magic Ball 2
"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-110371640}" = Poker Superstars
"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-110375480}" = Luxor
"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-11037623}" = Tradewinds 2
"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-110379827}" = Wonderland - Secret Worlds
"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-110411970}" = Chuzzle
"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-11042853}" = Tumblebugs
"{869C3062-4745-4949-B6C9-98AF24D89030}" = PhotoGallery
"{86B8537C-6644-4007-9B7A-C83445213A0B}" = ComponentOne Doc-To-Help
"{8B928BA1-EDEC-4227-A2DA-DD83026C36F5}" = mPfMgr
"{8C6BB412-D3A8-4AAE-A01B-35B681789D68}" = mHelp
"{8EDBA74D-0686-4C99-BFDD-F894678E5B39}" = Adobe Common File Installer
"{90120000-0020-0409-0000-0000000FF1CE}" = Compatibility Pack for the 2007 Office system
"{90B0D222-8C21-4B35-9262-53B042F18AF9}" = mPfWiz
"{90F80409-6000-11D3-8CFE-0150048383C9}" = Remove Hidden Data Tool
"{91110409-6000-11D3-8CFE-0150048383C9}" = Microsoft Office Professional Edition 2003
"{913B0409-6000-11D3-8CFE-0150048383C9}" = Microsoft Office Project Professional 2003
"{91477C6F-EC7C-4BFC-BBE1-E45908019DED}" = LightScribe 1.4.52.1
"{91510409-6000-11D3-8CFE-0150048383C9}" = Microsoft Office Visio Professional 2003
"{94658027-9F16-4509-BBD7-A59FE57C3023}" = mZConfig
"{9D4ABB0C-F60B-44A6-956C-A4A63D5495C9}" = CueTour
"{A0D14CE3-52F4-415C-9454-C8991722A723}" = Disney Flix 3.0
"{A0F925BF-5C55-44C2-A4E7-5A4C59791C29}" = mDriver
"{A654A805-41D9-40C7-AA46-4AF04F044D61}" = Adobe® Photoshop® Album Starter Edition 3.2
"{A6888DCB-945D-4462-A9BC-F499A0233C14}" = Exploring Our Solar System
"{A6D23784-2091-11D4-9BEB-00104B198B0D}" = Oz - TMA
"{A93C4E94-1005-489D-BEAA-B873C1AA6CFC}" = HP Help and Support
"{A96D35D6-EC2D-481C-80AF-E98861A41085}" = Garfield G2 Maths
"{AB5D51AE-EBC3-438D-872C-705C7C2084B0}" = DeviceManagementQFolder
"{AB708C9B-97C8-4AC9-899B-DBF226AC9382}" = Sonic Audio Module
"{AC76BA86-1033-0000-7760-100000000002}" = Adobe Acrobat 7.0 Professional
"{AC76BA86-7AD7-1033-7B44-A81300000003}" = Adobe Reader 8.1.4
"{AD298C10-EED0-4075-A9F1-4C8C93ACBD08}" = Dora Fairytale Adventure
"{ADBE46EE-54E0-4610-B436-D7E93D829100}" = Adobe Version Cue CS2
"{AEC01EFA-2C3B-40F1-8F5B-AA49D2490979}" = KISS Wave MP3 Editor v14.2
"{AEF7A12C-CD9B-4773-8AD1-6916138CA7EA}" = SmartAudio
"{B11E71BA-498C-42D4-9F1A-9D7A89D9DA61}" = CP_AtenaShokunin1Config
"{B12665F4-4E93-4AB4-B7FC-37053B524629}" = Sonic Copy Module
"{B148AB4B-C8FA-474B-B981-F2943C5B5BCD}" = OGA Notifier 1.7.0105.35.0
"{B2F5D08C-7E79-4FCD-AAF4-57AD35FF0601}" = Adobe Illustrator CS2
"{B4092C6D-E886-4CB2-BA68-FE5A88D31DE6}_is1" = Spybot - Search & Destroy
"{B508B3F1-A24A-32C0-B310-85786919EF28}" = Microsoft .NET Framework 2.0 Service Pack 1
"{B57F2FF0-5A25-4332-B503-4592B370C02F}" = CP_Package_Variety3
"{B5C209B1-8DDB-4642-A573-375B951514CB}" = Apple Mobile Device Support
"{B69C374D-5E7B-4D0D-9DD9-C8B5FDB17811}" = Literacy Quest
"{B74D4E10-6884-0000-0000-000000000103}" = Adobe Bridge 1.0
"{B74F042E-E1B9-4A5B-8D46-387BB172F0A4}" = Apple Software Update
"{BB85ED9C-AFC9-43BD-B8DC-258C3C7DF72E}" = HP Software Update
"{BBD3BF67-5B89-4CBB-BA58-5818ED5F3290}" = cp_OnlineProjectsConfig
"{BC96BBA7-C634-460E-AD18-A0A994213F80}" = HP User Guides--System Recovery
"{C49DAA9C-5BA8-459A-8244-E57B69DF0F04}" = Suite Specific
"{C798FFFD-48E2-425B-AF2C-61686BB982AF}" = ODF Add-in for Microsoft Word
"{C8A8AC11-53BE-47D3-AC09-9E8B7D0D206F}" = abc's & 123's
"{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}" = Microsoft .NET Framework 1.1
"{CEB326EC-8F40-47B2-BA22-BB092565D66F}" = Quick Launch Buttons 5.20 F2
"{D52ECEBC-9B20-41A5-81C4-A62DE2367419}" = Adobe Creative Suite
"{D848D140-41C3-4A53-86D8-E866A100B4CD}" = PC Connectivity Solution
"{D99C322D-C21B-40C7-AE71-EE51AA096B6E}" = Nokia Flashing Cable Driver
"{DB518BA6-CB74-4EB6-9ABD-880B6D6E1F38}" = HpSdpAppCoreApp
"{E81667C6-2856-46D6-ABEA-6A2F42166779}" = mCore
"{E9787678-1033-0000-8E67-000000000001}" = Adobe Help Center 1.0
"{EE0D5DCD-2B97-4473-98DF-E93C0BD92F7A}" = Adobe Stock Photos 1.0
"{F0BFC7EF-9CF8-44EE-91B0-158884CD87C5}" = mMHouse
"{F2C820FD-A3AA-4C07-814D-B7F38DDAE1C6}" = DataDirector 2
"{F6090A17-0967-4A8A-B3C3-422A1B514D49}" = mDrWiFi
"{FC8D25A7-FF1B-41BB-BB3B-9A06C0A60AE0}" = InstantShareDevices
"{FCA651F3-5BDA-4DDA-9E4A-5D87D6914CC4}" = mWlsSafe
"504244733D18C8F63FF584AEB290E3904E791693" = Windows Driver Package - Nokia pccsmcfd (08/22/2008 7.0.0.0)
"5986551A16FD8E9B1B4C89E7AAD17C1BB3196D28" = Windows Driver Package - Nokia Modem (10/27/2008 7.01.0.1)
"6D296974BAB6CA8429D5E687B292A6DA3E9FBD4A" = Windows Driver Package - Nokia Modem (10/27/2008 3.9)
"75FFA390FABE1F136DFF357E465361D41DEF5AFA" = Windows Driver Package - MicroVision (Mvc25U870_VID_1262&PID_25FD) Image (11/30/2005 1.0.1.1)
"9CD348AE9C64C4B939B624E8E24F3903EFDFC82B" = Windows Driver Package - Nokia Modem (05/22/2008 7.00.0.1)
"Adobe Acrobat 7.0 Professional - V" = Adobe Acrobat 7.1.0 Professional
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player Plugin
"Adobe Shockwave Player" = Adobe Shockwave Player 11
"Adobe SVG Viewer" = Adobe SVG Viewer 3.0
"Adobe® Photoshop® Album Starter Edition 3.2" = Adobe® Photoshop® Album Starter Edition 3.2
"AhsayOBM_is1" = AhsayOBM
"avast!" = avast! Antivirus
"Barbie as The Princess and the Pauper" = Barbie as The Princess and the Pauper
"Barbie Beauty Boutique CD-ROM" = Barbie Beauty Boutique CD-ROM
"Barbie Fashion Show CD-ROM" = Barbie Fashion Show CD-ROM
"Barbie Mermaid Adventure CD-ROM" = Barbie Mermaid Adventure CD-ROM
"Big Reading Adventure" = Big Reading Adventure
"BlueVoda_Website_Builder_1.0" = BlueVoda Website Builder 10.2
"BRAINtastic1.0 standard" = BRAINtastic
"C5A76DC11BABDA0A881E7BE8DDEB641365A77FFD" = Windows Driver Package - Nokia Modem (05/22/2008 3.8)
"CamStudio" = CamStudio
"CNXT_HDAUDIO" = Conexant HD Audio
"CNXT_MODEM_HDAUDIO_qta30a0k" = HDAUDIO Soft Data Fax Modem with SmartCP
"Cool MP3 Splitter_is1" = Cool MP3 Splitter 2.2
"CutePDF Writer Installation" = CutePDF Writer 2.7
"ERUNT_is1" = ERUNT 1.1j
"FileZilla Client" = FileZilla Client 3.2.0
"FolderScavenger" = FolderScavenger 1.0.0
"Free PDF to Word Doc Converter_is1" = Free PDF to Word Doc Converter v1.1
"Free Video to Mp3 Converter_is1" = Free Video to Mp3 Converter version 3.1
"Free Video Zilla_is1" = Free Video Zilla
"getPlus®_ocx" = getPlus®_ocx
"HDMI" = Intel® Graphics Media Accelerator Driver
"HijackThis" = HijackThis 2.0.2
"HP Imaging Device Functions" = HP Imaging Device Functions 6.0
"HP Photo & Imaging" = HP Photosmart Premier Software 6.0
"Indeo® Software" = Indeo® Software
"InstallShield_{23012310-3E05-46A5-88A9-C6CBCABCAC79}" = Customer Experience Enhancement
"InterActual Player" = InterActual Player
"JumpStart Advanced Preschool" = JumpStart Advanced Preschool
"JumpStart Animal Adventures" = JumpStart Animal Adventures
"JumpStart Art for Fun" = JumpStart Art for Fun
"KLiteCodecPack_is1" = K-Lite Codec Pack 4.1.4 (Standard)
"LastPass" = LastPass (uninstall only)
"LEARN & GROW SERIES 1" = LEARN & GROW SERIES 1
"MailWasher Free_is1" = MailWasher Free
"Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware
"Microsoft .NET Framework 1.1 (1033)" = Microsoft .NET Framework 1.1
"Money2005b" = Microsoft Money
"Mozilla Firefox (2.0.0.20)" = Mozilla Firefox (2.0.0.20)
"Mozilla Sunbird (0.8)" = Mozilla Sunbird (0.8)
"MSCSR" = Microsoft Speech Recognition Engine 4.0 (English)
"Nokia PC Suite" = Nokia PC Suite
"Numbers Up!2 Baggin' the Dragon V1.2Aust V1.2" = Numbers Up!2 Baggin' the Dragon V1.2
"Optus Wireless Broadband" = Optus Wireless Broadband
"PDF Password Remover v3.0_is1" = PDF Password Remover v3.0
"PHONICS FOR BEGINNERS" = PHONICS FOR BEGINNERS
"ProInst" = Intel® PROSet/Wireless Software
"PROSet" = Intel® PRO Network Connections Drivers
"ShockwaveFlash" = Adobe Flash Player 9 ActiveX
"Space_is1" = Space 1.4.5
"SynTPDeinstKey" = Synaptics Pointing Device Driver
"TLPS" = e-PayDay® FREEPAY®
"TMS32.exe" = Treasure MathStorm!
"TMTWIN32.exe" = Treasure Mountain!
"Uninstall_is1" = Uninstall 1.0.0.1
"VoiceExplorer2005® " = VoiceExplorer2005®
"Wdf01005" = Microsoft Kernel-Mode Driver Framework Feature Pack 1.5
"Wdf01007" = Microsoft Kernel-Mode Driver Framework Feature Pack 1.7
"Windows Media Format Runtime" = Windows Media Format Runtime
"Windows Media Player" = Windows Media Player 10
"Windows XP Service Pack" = Windows XP Service Pack 3
"WinHTTrack Website Copier_is1" = WinHTTrack Website Copier 3.40-2
"Winnie the Pooh Toddler" = Disney's Winnie the Pooh Toddler
"WinRAR archiver" = WinRAR archiver
"WMV9_VCM" = Microsoft Windows Media Video 9 VCM
========== HKEY_CURRENT_USER Uninstall List ==========
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"b996e812c4b1deb0" = ROUTE 66 Sync
"Compliance Explorer" = Compliance Explorer
"MetaStock 9.0" = MetaStock 9.0
========== Last 10 Event Log Errors ==========
[ Application Events ]
Error - 30/03/2009 8:20:07 PM | Computer Name = LINDATRADING | Source = Application Error | ID = 1000
Description = Faulting application svchost.exe, version 5.1.2600.5512, faulting
module unknown, version 0.0.0.0, fault address 0x10001e39.
Error - 30/03/2009 11:53:11 PM | Computer Name = LINDATRADING | Source = MsiInstaller | ID = 1024
Description = Product: Microsoft Office Project Professional 2003 - Update 'Project
2003 Service Pack 3 (SP3): PROJECTSP3' could not be installed. Error code 1603.
Windows Installer can create logs to help troubleshoot issues with installing software
packages. Use the following link for instructions on turning on logging support:
http://go.microsoft....k/?LinkId=23127
Error - 31/03/2009 12:38:13 AM | Computer Name = LINDATRADING | Source = MsiInstaller | ID = 1024
Description = Product: Microsoft Office Project Professional 2003 - Update 'Project
2003 Service Pack 3 (SP3): PROJECTSP3' could not be installed. Error code 1603.
Windows Installer can create logs to help troubleshoot issues with installing software
packages. Use the following link for instructions on turning on logging support:
http://go.microsoft....k/?LinkId=23127
Error - 31/03/2009 5:50:38 PM | Computer Name = LINDATRADING | Source = MsiInstaller | ID = 1024
Description = Product: Microsoft Office Project Professional 2003 - Update 'Project
2003 Service Pack 3 (SP3): PROJECTSP3' could not be installed. Error code 1603.
Windows Installer can create logs to help troubleshoot issues with installing software
packages. Use the following link for instructions on turning on logging support:
http://go.microsoft....k/?LinkId=23127
Error - 31/03/2009 10:51:54 PM | Computer Name = LINDATRADING | Source = Application Error | ID = 1000
Description = Faulting application firefox.exe, version 1.8.20081.21709, faulting
module unknown, version 0.0.0.0, fault address 0x10001e39.
Error - 1/04/2009 2:27:39 AM | Computer Name = LINDATRADING | Source = Application Error | ID = 1000
Description = Faulting application , version 0.0.0.0, faulting module unknown, version
0.0.0.0, fault address 0x00000000.
Error - 1/04/2009 12:00:55 PM | Computer Name = LINDATRADING | Source = MsiInstaller | ID = 1024
Description = Product: Microsoft Office Project Professional 2003 - Update 'Project
2003 Service Pack 3 (SP3): PROJECTSP3' could not be installed. Error code 1603.
Windows Installer can create logs to help troubleshoot issues with installing software
packages. Use the following link for instructions on turning on logging support:
http://go.microsoft....k/?LinkId=23127
Error - 1/04/2009 12:44:09 PM | Computer Name = LINDATRADING | Source = Application Error | ID = 1000
Description = Faulting application iexplore.exe, version 6.0.2900.5512, faulting
module unknown, version 0.0.0.0, fault address 0x10021e39.
Error - 1/04/2009 12:44:37 PM | Computer Name = LINDATRADING | Source = Application Error | ID = 1000
Description = Faulting application iexplore.exe, version 6.0.2900.5512, faulting
module unknown, version 0.0.0.0, fault address 0x10021e39.
Error - 1/04/2009 1:00:35 PM | Computer Name = LINDATRADING | Source = Application Error | ID = 1000
Description = Faulting application mbam.exe, version 1.35.0.0, faulting module unknown,
version 0.0.0.0, fault address 0x20021e39.
[ System Events ]
Error - 31/03/2009 12:42:55 AM | Computer Name = LINDATRADING | Source = DCOM | ID = 10005
Description = DCOM got error "%1084" attempting to start the service EventSystem
with arguments "" in order to run the server: {1BE1F766-5536-11D1-B726-00C04FB926AF}
Error - 31/03/2009 12:43:59 AM | Computer Name = LINDATRADING | Source = Service Control Manager | ID = 7026
Description = The following boot-start or system-start driver(s) failed to load:
Aavmker4 aswSP eabfiltr eeCtrl Fips intelppm
Error - 31/03/2009 12:45:36 AM | Computer Name = LINDATRADING | Source = DCOM | ID = 10005
Description = DCOM got error "%1084" attempting to start the service StiSvc with
arguments "" in order to run the server: {A1F4E726-8CF1-11D1-BF92-0060081ED811}
Error - 31/03/2009 12:45:59 AM | Computer Name = LINDATRADING | Source = DCOM | ID = 10005
Description = DCOM got error "%1084" attempting to start the service StiSvc with
arguments "" in order to run the server: {A1F4E726-8CF1-11D1-BF92-0060081ED811}
Error - 31/03/2009 12:45:59 AM | Computer Name = LINDATRADING | Source = DCOM | ID = 10005
Description = DCOM got error "%1084" attempting to start the service StiSvc with
arguments "" in order to run the server: {A1F4E726-8CF1-11D1-BF92-0060081ED811}
Error - 31/03/2009 2:21:15 AM | Computer Name = LINDATRADING | Source = DCOM | ID = 10005
Description = DCOM got error "%1084" attempting to start the service EventSystem
with arguments "" in order to run the server: {1BE1F766-5536-11D1-B726-00C04FB926AF}
Error - 31/03/2009 5:49:21 PM | Computer Name = LINDATRADING | Source = DCOM | ID = 10010
Description = The server {73E709EA-5D93-4B2E-BBB0-99B7938DA9E4} did not register
with DCOM within the required timeout.
Error - 31/03/2009 5:51:18 PM | Computer Name = LINDATRADING | Source = Windows Update Agent | ID = 20
Description = Installation Failure: Windows failed to install the following update
with error 0x80070643: Project 2003 Service Pack 3 (SP3).
Error - 31/03/2009 8:25:16 PM | Computer Name = LINDATRADING | Source = Windows Update Agent | ID = 16
Description = Unable to Connect: Windows is unable to connect to the automatic updates
service and therefore cannot download and install updates according to the set
schedule. Windows will continue to try to establish a connection.
Error - 1/04/2009 12:01:34 PM | Computer Name = LINDATRADING | Source = Windows Update Agent | ID = 20
Description = Installation Failure: Windows failed to install the following update
with error 0x80070643: Project 2003 Service Pack 3 (SP3).
< End of report >
Help would be greatly appreciated as this is really starting to get me annoyed.
Thanks very much.