[tom468]

Hi all,

You guys have helped me out in the past and I would really appreciate it once more.

My desktop PC has suddenly started running incredibly slow.

It struggles opening programs and is mainly used for browsing, outlook and photoshop on Win XP.

The fan has started getting really loud, like it is labouring. You can hear it kick up a notch when it is struggling. I have so many processes running which I dont know how to stop/remove. There is nothing in my startup so dont know why they are running.

I am running OTL so just waiting for that to finish.

Attached Thumbnails

• 

[Advertisements]

OTL logfile created on: 24/07/2012 11:16:39 - Run 1
OTL by OldTimer - Version 3.1.19.0 Folder = C:\Documents and Settings\T\My Documents\anti V
Windows XP Home Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000809 | Country: United Kingdom | Language: ENG | Date Format: dd/MM/yyyy

3.00 Gb Total Physical Memory | 2.00 Gb Available Physical Memory | 72.00% Memory free
5.00 Gb Paging File | 4.00 Gb Available in Paging File | 84.00% Paging File free
Paging file location(s): C:\pagefile.sys 1524 3048 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 145.82 Gb Total Space | 49.72 Gb Free Space | 34.09% Space Free | Partition Type: NTFS
D: Drive not present or media not loaded
E: Drive not present or media not loaded
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded

Computer Name: TOM
Current User Name: T
Logged in as Administrator.

Current Boot Mode: Normal
Scan Mode: Current user
Company Name Whitelist: On
Skip Microsoft Files: On
File Age = 14 Days
Output = Standard
Quick Scan

========== Processes (SafeList) ==========

PRC - [2012/03/07 00:15:17 | 04,241,512 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\AvastUI.exe
PRC - [2012/03/07 00:15:14 | 00,044,768 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe
PRC - [2011/11/15 18:20:26 | 00,095,608 | ---- | M] (Dyn, Inc.) -- C:\Program Files\DynDNS Updater\DynUpSvc.exe
PRC - [2011/11/15 18:20:26 | 00,078,192 | ---- | M] (Dyn, Inc.) -- C:\Program Files\DynDNS Updater\DynTray.exe
PRC - [2011/04/06 16:20:16 | 00,349,472 | ---- | M] (Apple Inc.) -- C:\Program Files\Bonjour\mDNSResponder.exe
PRC - [2011/02/02 22:40:41 | 00,153,376 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Java\jre6\bin\jqs.exe
PRC - [2009/12/21 09:32:46 | 00,513,536 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\T\My Documents\anti V\OTL.exe
PRC - [2009/04/30 13:23:26 | 00,090,112 | ---- | M] () -- C:\Program Files\Sony Ericsson\Sony Ericsson PC Suite\SupServ.exe
PRC - [2009/03/08 14:09:26 | 00,638,816 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Internet Explorer\iexplore.exe
PRC - [2008/04/14 01:12:19 | 01,033,728 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
PRC - [2005/10/14 20:46:34 | 00,077,824 | ---- | M] (Intel Corporation) -- C:\WINDOWS\system32\hkcmd.exe
PRC - [2004/10/07 22:24:02 | 00,069,632 | ---- | M] (HP) -- C:\WINDOWS\system32\spool\drivers\w32x86\3\HPZIPM12.EXE
PRC - [2004/08/04 05:00:00 | 00,016,896 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wbem\unsecapp.exe


========== Modules (SafeList) ==========

MOD - [2012/03/07 00:15:13 | 00,215,736 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\snxhk.dll
MOD - [2010/08/23 17:12:02 | 01,054,208 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.6028_x-ww_61e65202\comctl32.dll
MOD - [2009/12/21 09:32:46 | 00,513,536 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\T\My Documents\anti V\OTL.exe
MOD - [2006/05/03 22:53:54 | 00,174,592 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\framedyn.dll


========== Win32 Services (SafeList) ==========

SRV - [2012/07/12 14:24:19 | 00,250,056 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2012/03/07 00:15:14 | 00,044,768 | ---- | M] (AVAST Software) [Auto | Running] -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe -- (avast! Antivirus)
SRV - [2011/11/15 18:20:26 | 00,095,608 | ---- | M] (Dyn, Inc.) [Auto | Running] -- C:\Program Files\DynDNS Updater\DynUpSvc.exe -- (Dyn Updater)
SRV - [2011/04/27 01:22:46 | 00,820,520 | ---- | M] (Apple Inc.) [Disabled | Stopped] -- C:\Program Files\iPod\bin\iPodService.exe -- (iPod Service)
SRV - [2011/04/06 16:20:16 | 00,349,472 | ---- | M] (Apple Inc.) [Disabled | Running] -- C:\Program Files\Bonjour\mDNSResponder.exe -- (Bonjour Service)
SRV - [2011/02/18 16:37:16 | 00,037,664 | ---- | M] (Apple Inc.) [Disabled | Stopped] -- C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe -- (Apple Mobile Device)
SRV - [2011/02/02 22:40:41 | 00,153,376 | ---- | M] (Sun Microsystems, Inc.) [Auto | Running] -- C:\Program Files\Java\jre6\bin\jqs.exe -- (JavaQuickStarterService)
SRV - [2009/10/20 19:19:48 | 00,117,264 | ---- | M] (CACE Technologies, Inc.) [On_Demand | Stopped] -- C:\Program Files\WinPcap\rpcapd.exe -- (rpcapd) Remote Packet Capture Protocol v.0 (experimental)
SRV - [2009/04/30 13:23:26 | 00,090,112 | ---- | M] () [Auto | Running] -- C:\Program Files\Sony Ericsson\Sony Ericsson PC Suite\SupServ.exe -- (OMSI download service)
SRV - [2009/03/26 16:57:15 | 00,655,624 | ---- | M] (Acresso Software Inc.) [On_Demand | Stopped] -- C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe -- (FLEXnet Licensing Service)
SRV - [2006/11/03 19:19:58 | 00,013,592 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Program Files\Windows Defender\MsMpEng.exe -- (WinDefend)
SRV - [2006/10/02 11:28:35 | 00,072,704 | ---- | M] (Adobe Systems) [On_Demand | Stopped] -- C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe -- (Adobe LM Service)
SRV - [2004/11/19 11:26:40 | 00,147,456 | ---- | M] (Intel® Corporation) [On_Demand | Stopped] -- C:\Program Files\Intel\PROSetWired\NCS\Sync\NetSvc.exe -- (NetSvc)
SRV - [2004/10/07 22:24:02 | 00,069,632 | ---- | M] (HP) [Auto | Running] -- C:\WINDOWS\system32\spool\drivers\w32x86\3\HPZIPM12.EXE -- (Pml Driver HPZ12)
SRV - [2003/07/28 12:28:22 | 00,089,136 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE -- (ose)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Page_URL = www.google.co.uk/ig/dell?hl=en&client=dell-usuk&channel=uk&ibd=4060918
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,Start Page = www.google.co.uk/ig/dell?hl=en&client=dell-usuk&channel=uk&ibd=4060918

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,SearchMigratedDefaultName = Google
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,SearchMigratedDefaultURL = http://www.google.co...ie=utf8&oe=utf8
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.co.uk/
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = en-gb
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 30 32 CC 99 BC 3A CB 01 [binary data]
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

========== FireFox ==========

FF - prefs.js..browser.startup.homepage: "http://www.sharepric...XPLORATION-PLC"
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}:6.0.21
FF - prefs.js..extensions.enabledItems: [email protected]:1.0
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}:6.0.24
FF - prefs.js..extensions.enabledItems: [email protected]:7.0.1426
FF - prefs.js..network.proxy.no_proxies_on: "*.local"

FF - HKLM\software\mozilla\Firefox\extensions\\[email protected]: C:\Program Files\AVAST Software\Avast\WebRep\FF [2012/06/20 08:36:20 | 00,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.28\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2012/03/27 12:34:07 | 00,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.28\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2012/04/13 11:46:06 | 00,000,000 | ---D | M]

[2009/11/11 09:42:46 | 00,000,000 | ---D | M] -- C:\Documents and Settings\T\Application Data\Mozilla\Extensions
[2012/07/18 14:48:16 | 00,000,000 | ---D | M] -- C:\Documents and Settings\T\Application Data\Mozilla\Firefox\Profiles\0h5n5h6u.default\extensions
[2012/07/18 14:48:16 | 00,000,000 | ---D | M] -- C:\Program Files\Mozilla Firefox\extensions
[2010/08/06 11:50:03 | 00,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}
[2011/02/25 10:32:09 | 00,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}
[2011/02/02 22:40:24 | 00,472,808 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Mozilla Firefox\plugins\npdeployJava1.dll
[2011/11/15 13:56:02 | 00,001,538 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\amazon-en-GB.xml
[2011/11/15 13:56:02 | 00,000,947 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\chambers-en-GB.xml
[2011/11/15 13:56:02 | 00,000,769 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\eBay-en-GB.xml
[2011/11/15 13:56:02 | 00,001,135 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\yahoo-en-GB.xml

O1 HOSTS File: (27 bytes) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (Adobe PDF Link Helper) - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)
O2 - BHO: (Spybot-S&D IE Protection) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
O2 - BHO: (DriveLetterAccess) - {5CA3D70E-1895-11CF-8E15-001234567890} - C:\WINDOWS\system32\DLA\DLASHX_W.DLL (Sonic Solutions)
O2 - BHO: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
O2 - BHO: (CBrowserHelperObject Object) - {CA6319C0-31B7-401E-A518-A07C3DB8F777} - C:\Program Files\BAE\BAE.dll (Dell Inc.)
O2 - BHO: (Java™ Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll (Sun Microsystems, Inc.)
O2 - BHO: (JQSIEStartDetectorImpl Class) - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll (Sun Microsystems, Inc.)
O3 - HKLM\..\Toolbar: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
O4 - HKLM..\Run: [avast] C:\Program Files\AVAST Software\Avast\avastUI.exe (AVAST Software)
O4 - HKLM..\Run: [igfxhkcmd] C:\WINDOWS\system32\hkcmd.exe (Intel Corporation)
O4 - HKLM..\Run: [igfxtray] C:\WINDOWS\system32\igfxtray.exe (Intel Corporation)
O4 - HKLM..\Run: [ISUSPM Startup] C:\Program Files\Common Files\InstallShield\UpdateService\ISUSPM.exe (InstallShield Software Corporation)
O4 - HKLM..\Run: [MSConfig] C:\WINDOWS\pchealth\helpctr\Binaries\MSCONFIG.EXE (Microsoft Corporation)
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Dyn Updater Tray Icon.lnk = C:\Program Files\DynDNS Updater\DynTray.exe (Dyn, Inc.)
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\r1.asx.url ()
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoCDBurning = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 36
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = FF FF FF FF [binary data]
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O9 - Extra 'Tools' menuitem : Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O16 - DPF: {166B1BCA-3F9C-11CF-8075-444553540000} http://download.macr...director/sw.cab (Shockwave ActiveX Control)
O16 - DPF: {172826E5-EC1B-402E-9782-02E3D087E008} https://skyfex.com/d...d/en/skyfex.exe (SkyFex Remote Desktop (Internet Explorer Add-on))
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} http://download.micr...heckControl.cab (Windows Genuine Advantage Validation Tool)
O16 - DPF: {215B8138-A3CF-44C5-803F-8226143CFC0A} http://housecall65.t...ivex/hcImpl.cab (Trend Micro ActiveX Scan Agent 6.6)
O16 - DPF: {4871A87A-BFDD-4106-8153-FFDE2BAC2967} http://dlm.tools.aka...vex-2.2.4.1.cab (DLM Control)
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} http://gfx1.hotmail....es/MSNPUpld.cab (MSN Photo Upload Tool)
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} http://update.micros...b?1159527175108 (WUWebControl Class)
O16 - DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} http://download.eset...lineScanner.cab (OnlineScanner Control)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/...indows-i586.cab (Reg Error: Value error.)
O16 - DPF: {CAFCF48D-8E34-4490-8154-026191D73924} http://192.168.16.64...ActiveX_V23.cab (NetVideoActiveX23 Control)
O16 - DPF: {CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_24)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_24)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload.ma...ent/swflash.cab (Shockwave Flash Object)
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.ad...Plus/1.6/gp.cab (Reg Error: Key error.)
O16 - DPF: {E77F23EB-E7AB-4502-8F37-247DBAF1A147} http://gfx2.hotmail....ol/MSNPUpld.cab (Windows Live Hotmail Photo Upload Tool)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.16.1
O18 - Protocol\Handler\livecall {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files\MSN Messenger\msgrapp.8.1.0178.00.dll (Microsoft Corporation)
O18 - Protocol\Handler\msnim {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files\MSN Messenger\msgrapp.8.1.0178.00.dll (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - Winlogon\Notify\igfxcui: DllName - igfxdev.dll - C:\WINDOWS\System32\igfxdev.dll (Intel Corporation)
O28 - HKLM ShellExecuteHooks: {091EB208-39DD-417D-A5DD-7E2C2D8FB9CB} - C:\Program Files\Windows Defender\MpShHook.dll (Microsoft Corporation)
O28 - HKLM ShellExecuteHooks: {56F9679E-7826-4C84-81F3-532071A8BCC5} - C:\Program Files\Windows Desktop Search\MsnlNamespaceMgr.dll (Microsoft Corporation)
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2004/08/10 13:04:08 | 00,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O32 - AutoRun File - [2009/12/22 09:32:57 | 00,000,000 | R--D | M] - C:\autorun.inf -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O34 - HKLM BootExecute: (C:\PROGRA~1\AVG\AVG10\avgchsvx.exe /sync) - C:\PROGRA~1\AVG\AVG10\avgchsvx.exe File not found
O34 - HKLM BootExecute: (C:\PROGRA~1\AVG\AVG10\avgrsx.exe /sync /restart) - C:\PROGRA~1\AVG\AVG10\avgrsx.exe File not found
O35 - comfile [open] -- "%1" %*
O35 - exefile [open] -- "%1" %*

========== Files/Folders - Created Within 14 Days ==========

[2012/07/16 10:10:25 | 00,000,000 | ---D | C] -- C:\Documents and Settings\T\Desktop\Politics
[2012/07/13 10:35:32 | 00,000,000 | ---D | C] -- C:\Documents and Settings\T\Desktop\Bosch
[2012/07/11 12:27:45 | 00,000,000 | ---D | C] -- C:\Documents and Settings\T\Desktop\Moyles Podcasts
[2012/06/14 08:39:01 | 00,000,000 | ---D | M] -- C:\Documents and Settings\NetworkService\Local Settings\Application Data\Apple
[2011/09/22 09:14:32 | 00,000,000 | ---D | M] -- C:\Documents and Settings\LocalService\Local Settings\Application Data\Adobe
[2011/09/22 09:13:08 | 00,000,000 | --SD | M] -- C:\Documents and Settings\LocalService\Application Data\Microsoft
[2011/06/17 16:16:02 | 00,000,000 | ---D | M] -- C:\Documents and Settings\NetworkService\Local Settings\Application Data\Microsoft
[2010/08/05 13:10:44 | 00,000,000 | ---D | M] -- C:\Documents and Settings\LocalService\Application Data\Adobe
[2010/08/05 13:10:11 | 00,000,000 | ---D | M] -- C:\Documents and Settings\LocalService\Application Data\Macromedia
[2009/12/21 12:00:49 | 00,000,000 | ---D | M] -- C:\Documents and Settings\LocalService\Local Settings\Application Data\Microsoft
[2009/12/21 12:00:48 | 00,000,000 | --SD | M] -- C:\Documents and Settings\NetworkService\Application Data\Microsoft
[2009/01/28 11:49:31 | 00,000,000 | ---D | M] -- C:\Documents and Settings\NetworkService\Local Settings\Application Data\PCHealth
[2006/09/29 11:49:35 | 00,000,000 | ---D | M] -- C:\Documents and Settings\LocalService\Application Data\McAfee.com Personal Firewall

========== Files - Modified Within 14 Days ==========

[2012/07/24 11:25:01 | 00,150,845 | ---- | M] () -- C:\Documents and Settings\T\Desktop\processes.jpg
[2012/07/24 11:25:00 | 00,000,438 | -H-- | M] () -- C:\WINDOWS\tasks\User_Feed_Synchronization-{975C5731-0753-4F1D-BDAB-DA1754EAB6B7}.job
[2012/07/24 11:24:15 | 00,000,830 | ---- | M] () -- C:\WINDOWS\tasks\Adobe Flash Player Updater.job
[2012/07/24 11:09:57 | 00,000,698 | ---- | M] () -- C:\WINDOWS\win.ini
[2012/07/24 11:09:57 | 00,000,327 | RHS- | M] () -- C:\boot.ini
[2012/07/24 11:09:57 | 00,000,227 | ---- | M] () -- C:\WINDOWS\system.ini
[2012/07/24 11:07:19 | 00,002,206 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2012/07/24 11:07:08 | 09,699,328 | -H-- | M] () -- C:\Documents and Settings\T\NTUSER.DAT
[2012/07/24 11:07:08 | 00,000,278 | -HS- | M] () -- C:\Documents and Settings\T\ntuser.ini
[2012/07/24 11:06:35 | 01,503,728 | ---- | M] () -- C:\Documents and Settings\T\Desktop\sale.psd
[2012/07/23 14:45:48 | 00,000,223 | ---- | M] () -- C:\WINDOWS\hpbafd.ini
[2012/07/23 10:46:27 | 00,310,328 | ---- | M] () -- C:\Documents and Settings\T\Desktop\92577.jpg
[2012/07/23 10:46:07 | 00,290,575 | ---- | M] () -- C:\Documents and Settings\T\Desktop\92611.jpg
[2012/07/20 11:48:17 | 00,109,049 | ---- | M] () -- C:\Documents and Settings\T\Desktop\Truck.jpg
[2012/07/20 11:09:56 | 00,036,078 | ---- | M] () -- C:\Documents and Settings\T\Desktop\mels%20car%20hp.jpg
[2012/07/19 13:38:51 | 00,000,778 | ---- | M] () -- C:\WINDOWS\PSDUK.INI
[2012/07/19 08:39:01 | 00,000,284 | ---- | M] () -- C:\WINDOWS\tasks\AppleSoftwareUpdate.job
[2012/07/17 11:04:28 | 00,025,300 | ---- | M] () -- C:\Documents and Settings\T\My Documents\Tony-Adams-001.jpg
[2012/07/17 10:51:47 | 00,104,965 | ---- | M] () -- C:\Documents and Settings\T\My Documents\prince-william-and-kate-middleton.jpg
[2012/07/17 09:01:31 | 00,000,006 | -H-- | M] () -- C:\WINDOWS\tasks\SA.DAT
[2012/07/17 09:01:17 | 00,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2012/07/17 09:01:12 | 34,793,26720 | -HS- | M] () -- C:\hiberfil.sys
[2012/07/17 09:00:04 | 00,004,155 | ---- | M] () -- C:\Documents and Settings\T\My Documents\Fixit50388.reg
[2012/07/12 15:52:50 | 13,146,624 | ---- | M] () -- C:\Documents and Settings\T\My Documents\woodturning brochure 2012.pub
[2012/07/12 09:13:14 | 02,294,856 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2012/07/12 08:51:43 | 00,001,374 | ---- | M] () -- C:\WINDOWS\imsins.BAK

========== Files Created - No Company Name ==========

[2012/07/24 11:06:33 | 01,503,728 | ---- | C] () -- C:\Documents and Settings\T\Desktop\sale.psd
[2012/07/23 10:46:27 | 00,310,328 | ---- | C] () -- C:\Documents and Settings\T\Desktop\92577.jpg
[2012/07/23 10:46:06 | 00,290,575 | ---- | C] () -- C:\Documents and Settings\T\Desktop\92611.jpg
[2012/07/20 11:48:17 | 00,109,049 | ---- | C] () -- C:\Documents and Settings\T\Desktop\Truck.jpg
[2012/07/20 11:10:00 | 00,036,078 | ---- | C] () -- C:\Documents and Settings\T\Desktop\mels%20car%20hp.jpg
[2012/07/17 11:04:51 | 00,025,300 | ---- | C] () -- C:\Documents and Settings\T\My Documents\Tony-Adams-001.jpg
[2012/07/17 10:51:53 | 00,104,965 | ---- | C] () -- C:\Documents and Settings\T\My Documents\prince-william-and-kate-middleton.jpg
[2012/07/17 09:00:03 | 00,004,155 | ---- | C] () -- C:\Documents and Settings\T\My Documents\Fixit50388.reg
[2012/07/05 13:50:57 | 00,250,358 | ---- | C] () -- C:\Documents and Settings\T\Local Settings\Application Data\census.cache
[2012/07/05 13:50:51 | 00,199,213 | ---- | C] () -- C:\Documents and Settings\T\Local Settings\Application Data\ars.cache
[2012/03/28 22:11:06 | 00,974,848 | ---- | C] () -- C:\WINDOWS\System32\cis-2.4.dll
[2012/03/28 22:11:06 | 00,081,920 | ---- | C] () -- C:\WINDOWS\System32\issacapi_bs-2.3.dll
[2012/03/28 22:11:06 | 00,065,536 | ---- | C] () -- C:\WINDOWS\System32\issacapi_pe-2.3.dll
[2012/03/28 22:11:06 | 00,057,344 | ---- | C] () -- C:\WINDOWS\System32\issacapi_se-2.3.dll
[2012/03/13 13:25:36 | 00,038,448 | ---- | C] () -- C:\Documents and Settings\T\Application Data\Microsoft Excel.ADR
[2012/02/16 00:06:33 | 00,003,072 | ---- | C] () -- C:\WINDOWS\System32\iacenc.dll
[2011/08/30 10:44:01 | 00,000,246 | ---- | C] () -- C:\WINDOWS\cdplayer.ini
[2011/05/09 09:13:22 | 00,000,078 | ---- | C] () -- C:\Documents and Settings\T\Local Settings\Application Data\xobni_installer_updater.log
[2010/07/20 16:13:00 | 00,049,152 | ---- | C] () -- C:\WINDOWS\System32\RemConfigRes_CHI.dll
[2010/07/20 16:11:50 | 00,081,920 | ---- | C] () -- C:\WINDOWS\System32\RemConfigRes_ENG.dll
[2010/07/20 15:20:10 | 00,028,672 | ---- | C] () -- C:\WINDOWS\System32\ActiveXRes_CHI.dll
[2010/07/20 09:49:40 | 00,032,768 | ---- | C] () -- C:\WINDOWS\System32\ActiveXRes_ENG.dll
[2010/07/19 20:35:36 | 00,880,640 | ---- | C] () -- C:\WINDOWS\System32\ShowRemConfig.dll
[2010/07/01 11:22:38 | 00,143,434 | ---- | C] () -- C:\WINDOWS\System32\StreamTransClient.dll
[2010/07/01 09:41:42 | 00,217,205 | ---- | C] () -- C:\WINDOWS\System32\SystemTransform.dll
[2010/06/11 09:10:08 | 01,146,968 | ---- | C] () -- C:\WINDOWS\System32\PlayCtrl.dll
[2010/04/19 16:55:11 | 00,000,000 | ---- | C] () -- C:\WINDOWS\DbgOut.INI
[2009/10/20 19:19:30 | 00,053,299 | ---- | C] () -- C:\WINDOWS\System32\pthreadVC.dll
[2009/08/18 15:18:03 | 00,000,036 | ---- | C] () -- C:\Documents and Settings\T\Local Settings\Application Data\housecall.guid.cache
[2007/12/07 13:51:59 | 00,000,000 | ---- | C] () -- C:\Documents and Settings\T\Application Data\AVSDVDPlayer.m3u
[2007/12/07 13:39:47 | 00,765,952 | ---- | C] () -- C:\WINDOWS\System32\xvidcore.dll
[2007/12/07 13:39:47 | 00,180,224 | ---- | C] () -- C:\WINDOWS\System32\xvidvfw.dll
[2007/09/27 10:51:02 | 00,020,698 | ---- | C] () -- C:\WINDOWS\System32\idxcntrs.ini
[2007/09/27 10:48:48 | 00,030,628 | ---- | C] () -- C:\WINDOWS\System32\gsrvctr.ini
[2007/09/27 10:48:28 | 00,031,698 | ---- | C] () -- C:\WINDOWS\System32\gthrctr.ini
[2007/04/10 15:21:33 | 00,000,029 | ---- | C] () -- C:\WINDOWS\DEBUGSM.INI
[2007/04/10 14:47:35 | 00,049,152 | ---- | C] () -- C:\WINDOWS\StiRegstEng.dll
[2007/04/10 14:44:46 | 00,000,097 | ---- | C] () -- C:\WINDOWS\System32\PICSDK.ini
[2007/04/10 14:43:55 | 00,000,027 | ---- | C] () -- C:\WINDOWS\CDE P4490DEFGIPSR.ini
[2007/04/02 14:22:56 | 00,005,632 | ---- | C] () -- C:\WINDOWS\System32\drivers\StarOpen.sys
[2007/02/02 10:21:48 | 00,122,880 | ---- | C] () -- C:\WINDOWS\System32\lfkodak.dll
[2006/10/18 15:17:17 | 00,000,037 | ---- | C] () -- C:\WINDOWS\Viewer.ini
[2006/10/18 14:20:03 | 00,000,778 | ---- | C] () -- C:\WINDOWS\PSDUK.INI
[2006/10/18 14:20:03 | 00,000,075 | ---- | C] () -- C:\WINDOWS\psdxpuk.ini
[2006/10/09 11:15:14 | 00,000,000 | ---- | C] () -- C:\Documents and Settings\All Users\Application Data\LauncherAccess.dt
[2006/10/05 16:42:24 | 00,000,000 | ---- | C] () -- C:\WINDOWS\HPMProp.INI
[2006/10/05 16:41:45 | 00,094,274 | ---- | C] () -- C:\WINDOWS\System32\HPBHEALR.DLL
[2006/10/02 14:22:46 | 00,007,680 | ---- | C] () -- C:\Documents and Settings\T\Application Data\dvd.bmk
[2006/10/02 14:22:13 | 00,000,124 | ---- | C] () -- C:\Documents and Settings\T\Local Settings\Application Data\fusioncache.dat
[2006/10/02 13:26:09 | 00,000,000 | ---- | C] () -- C:\WINDOWS\ui.INI
[2006/10/02 13:22:29 | 00,041,472 | ---- | C] () -- C:\WINDOWS\System32\drivers\sfc4.sys
[2006/09/30 12:37:41 | 00,000,223 | ---- | C] () -- C:\WINDOWS\hpbafd.ini
[2006/09/30 11:14:12 | 00,000,376 | ---- | C] () -- C:\WINDOWS\ODBC.INI
[2006/09/30 10:34:03 | 00,005,852 | -HS- | C] () -- C:\WINDOWS\System32\KGyGaAvL.sys
[2006/09/30 10:34:03 | 00,000,088 | RHS- | C] () -- C:\WINDOWS\System32\90B973048B.sys
[2006/09/30 10:22:37 | 00,000,002 | ---- | C] () -- C:\WINDOWS\msoffice.ini
[2006/09/29 14:35:50 | 00,108,032 | ---- | C] () -- C:\Documents and Settings\T\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2006/09/18 20:00:38 | 00,000,061 | ---- | C] () -- C:\WINDOWS\smscfg.ini
[2006/09/18 19:54:53 | 00,000,126 | ---- | C] () -- C:\WINDOWS\wininit.ini
[2006/09/18 19:49:36 | 00,712,704 | ---- | C] () -- C:\WINDOWS\System32\DellSystemRestore.dll
[2006/09/18 19:26:06 | 00,000,475 | ---- | C] () -- C:\WINDOWS\System32\OEMINFO.INI
[2005/11/10 08:56:34 | 00,000,000 | ---- | C] () -- C:\WINDOWS\System32\px.ini
[2004/08/10 13:12:05 | 00,000,780 | ---- | C] () -- C:\WINDOWS\orun32.ini
[2004/08/10 13:01:18 | 00,001,793 | ---- | C] () -- C:\WINDOWS\System32\fxsperf.ini
[2003/01/07 15:05:08 | 00,002,695 | ---- | C] () -- C:\WINDOWS\System32\OUTLPERF.INI

========== LOP Check ==========

[2007/02/07 16:27:10 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Alfac
[2011/06/21 09:55:40 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\AVAST Software
[2009/12/21 12:24:42 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\avg9
[2008/10/23 14:15:06 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\BVRP Software
[2011/05/09 09:05:46 | 00,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Application Data\Common Files
[2011/12/02 18:11:45 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Dyn
[2011/08/07 13:47:55 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\DynDNS
[2009/03/17 09:39:40 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Grisoft
[2010/04/15 13:00:44 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\HTC
[2007/03/28 16:06:45 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\MSScanAppDataDir
[2012/04/25 13:12:35 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Samsung
[2009/07/21 09:22:08 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\SSScanAppDataDir
[2010/04/15 13:00:35 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Teleca
[2006/11/09 15:26:59 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\TEMP
[2010/07/30 11:55:51 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Trusteer
[2006/09/18 19:52:04 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Viewpoint
[2012/06/13 12:35:04 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\WindSolutions
[2011/05/20 16:39:33 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\{429CAD59-35B1-4DBC-BB6D-1DB246563521}
[2009/12/07 16:32:45 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\{755AC846-7372-4AC8-8550-C52491DAA8BD}
[2010/08/16 08:21:46 | 00,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Application Data\~0
[2008/02/22 13:30:11 | 00,000,000 | ---D | M] -- C:\Documents and Settings\T\Application Data\.BitTornado
[2010/04/14 12:22:59 | 00,000,000 | ---D | M] -- C:\Documents and Settings\T\Application Data\aerix
[2007/02/07 16:40:30 | 00,000,000 | ---D | M] -- C:\Documents and Settings\T\Application Data\Alfac
[2009/04/27 13:10:44 | 00,000,000 | ---D | M] -- C:\Documents and Settings\T\Application Data\Amazon
[2012/06/13 15:00:54 | 00,000,000 | ---D | M] -- C:\Documents and Settings\T\Application Data\Audacity
[2011/06/21 09:09:24 | 00,000,000 | ---D | M] -- C:\Documents and Settings\T\Application Data\AVG10
[2009/12/17 09:34:02 | 00,000,000 | ---D | M] -- C:\Documents and Settings\T\Application Data\ContentGuard
[2006/12/15 17:28:34 | 00,000,000 | ---D | M] -- C:\Documents and Settings\T\Application Data\ConvertTemp
[2007/04/16 14:52:54 | 00,000,000 | ---D | M] -- C:\Documents and Settings\T\Application Data\EPSON
[2006/10/13 11:08:09 | 00,000,000 | ---D | M] -- C:\Documents and Settings\T\Application Data\Leadertech
[2007/03/26 10:41:24 | 00,000,000 | ---D | M] -- C:\Documents and Settings\T\Application Data\Opera
[2012/04/25 13:19:47 | 00,000,000 | ---D | M] -- C:\Documents and Settings\T\Application Data\Samsung
[2009/04/24 11:40:41 | 00,000,000 | ---D | M] -- C:\Documents and Settings\T\Application Data\streamripper
[2007/08/09 15:27:18 | 00,000,000 | ---D | M] -- C:\Documents and Settings\T\Application Data\Teleca
[2006/10/09 11:40:29 | 00,000,000 | ---D | M] -- C:\Documents and Settings\T\Application Data\Temporary
[2007/05/24 15:08:13 | 00,000,000 | ---D | M] -- C:\Documents and Settings\T\Application Data\TransRender
[2010/07/30 11:56:42 | 00,000,000 | ---D | M] -- C:\Documents and Settings\T\Application Data\Trusteer
[2007/08/01 12:59:23 | 00,000,000 | ---D | M] -- C:\Documents and Settings\T\Application Data\Viewpoint
[2011/09/22 09:10:38 | 00,000,000 | ---D | M] -- C:\Documents and Settings\T\Application Data\Windows Desktop Search
[2011/09/22 09:25:44 | 00,000,000 | ---D | M] -- C:\Documents and Settings\T\Application Data\Windows Search
[2012/06/13 12:35:12 | 00,000,000 | ---D | M] -- C:\Documents and Settings\T\Application Data\WindSolutions
[2012/07/24 11:25:00 | 00,000,438 | -H-- | M] () -- C:\WINDOWS\Tasks\User_Feed_Synchronization-{975C5731-0753-4F1D-BDAB-DA1754EAB6B7}.job

========== Purity Check ==========



========== Alternate Data Streams ==========

@Alternate Data Stream - 128 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:0CE7F3C9
< End of report >

[tom468]

OTL logfile created on: 24/07/2012 11:16:39 - Run 1
OTL by OldTimer - Version 3.1.19.0 Folder = C:\Documents and Settings\T\My Documents\anti V
Windows XP Home Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000809 | Country: United Kingdom | Language: ENG | Date Format: dd/MM/yyyy

3.00 Gb Total Physical Memory | 2.00 Gb Available Physical Memory | 72.00% Memory free
5.00 Gb Paging File | 4.00 Gb Available in Paging File | 84.00% Paging File free
Paging file location(s): C:\pagefile.sys 1524 3048 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 145.82 Gb Total Space | 49.72 Gb Free Space | 34.09% Space Free | Partition Type: NTFS
D: Drive not present or media not loaded
E: Drive not present or media not loaded
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded

Computer Name: TOM
Current User Name: T
Logged in as Administrator.

Current Boot Mode: Normal
Scan Mode: Current user
Company Name Whitelist: On
Skip Microsoft Files: On
File Age = 14 Days
Output = Standard
Quick Scan

========== Processes (SafeList) ==========

PRC - [2012/03/07 00:15:17 | 04,241,512 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\AvastUI.exe
PRC - [2012/03/07 00:15:14 | 00,044,768 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe
PRC - [2011/11/15 18:20:26 | 00,095,608 | ---- | M] (Dyn, Inc.) -- C:\Program Files\DynDNS Updater\DynUpSvc.exe
PRC - [2011/11/15 18:20:26 | 00,078,192 | ---- | M] (Dyn, Inc.) -- C:\Program Files\DynDNS Updater\DynTray.exe
PRC - [2011/04/06 16:20:16 | 00,349,472 | ---- | M] (Apple Inc.) -- C:\Program Files\Bonjour\mDNSResponder.exe
PRC - [2011/02/02 22:40:41 | 00,153,376 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Java\jre6\bin\jqs.exe
PRC - [2009/12/21 09:32:46 | 00,513,536 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\T\My Documents\anti V\OTL.exe
PRC - [2009/04/30 13:23:26 | 00,090,112 | ---- | M] () -- C:\Program Files\Sony Ericsson\Sony Ericsson PC Suite\SupServ.exe
PRC - [2009/03/08 14:09:26 | 00,638,816 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Internet Explorer\iexplore.exe
PRC - [2008/04/14 01:12:19 | 01,033,728 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
PRC - [2005/10/14 20:46:34 | 00,077,824 | ---- | M] (Intel Corporation) -- C:\WINDOWS\system32\hkcmd.exe
PRC - [2004/10/07 22:24:02 | 00,069,632 | ---- | M] (HP) -- C:\WINDOWS\system32\spool\drivers\w32x86\3\HPZIPM12.EXE
PRC - [2004/08/04 05:00:00 | 00,016,896 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wbem\unsecapp.exe


========== Modules (SafeList) ==========

MOD - [2012/03/07 00:15:13 | 00,215,736 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\snxhk.dll
MOD - [2010/08/23 17:12:02 | 01,054,208 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.6028_x-ww_61e65202\comctl32.dll
MOD - [2009/12/21 09:32:46 | 00,513,536 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\T\My Documents\anti V\OTL.exe
MOD - [2006/05/03 22:53:54 | 00,174,592 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\framedyn.dll


========== Win32 Services (SafeList) ==========

SRV - [2012/07/12 14:24:19 | 00,250,056 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2012/03/07 00:15:14 | 00,044,768 | ---- | M] (AVAST Software) [Auto | Running] -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe -- (avast! Antivirus)
SRV - [2011/11/15 18:20:26 | 00,095,608 | ---- | M] (Dyn, Inc.) [Auto | Running] -- C:\Program Files\DynDNS Updater\DynUpSvc.exe -- (Dyn Updater)
SRV - [2011/04/27 01:22:46 | 00,820,520 | ---- | M] (Apple Inc.) [Disabled | Stopped] -- C:\Program Files\iPod\bin\iPodService.exe -- (iPod Service)
SRV - [2011/04/06 16:20:16 | 00,349,472 | ---- | M] (Apple Inc.) [Disabled | Running] -- C:\Program Files\Bonjour\mDNSResponder.exe -- (Bonjour Service)
SRV - [2011/02/18 16:37:16 | 00,037,664 | ---- | M] (Apple Inc.) [Disabled | Stopped] -- C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe -- (Apple Mobile Device)
SRV - [2011/02/02 22:40:41 | 00,153,376 | ---- | M] (Sun Microsystems, Inc.) [Auto | Running] -- C:\Program Files\Java\jre6\bin\jqs.exe -- (JavaQuickStarterService)
SRV - [2009/10/20 19:19:48 | 00,117,264 | ---- | M] (CACE Technologies, Inc.) [On_Demand | Stopped] -- C:\Program Files\WinPcap\rpcapd.exe -- (rpcapd) Remote Packet Capture Protocol v.0 (experimental)
SRV - [2009/04/30 13:23:26 | 00,090,112 | ---- | M] () [Auto | Running] -- C:\Program Files\Sony Ericsson\Sony Ericsson PC Suite\SupServ.exe -- (OMSI download service)
SRV - [2009/03/26 16:57:15 | 00,655,624 | ---- | M] (Acresso Software Inc.) [On_Demand | Stopped] -- C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe -- (FLEXnet Licensing Service)
SRV - [2006/11/03 19:19:58 | 00,013,592 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Program Files\Windows Defender\MsMpEng.exe -- (WinDefend)
SRV - [2006/10/02 11:28:35 | 00,072,704 | ---- | M] (Adobe Systems) [On_Demand | Stopped] -- C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe -- (Adobe LM Service)
SRV - [2004/11/19 11:26:40 | 00,147,456 | ---- | M] (Intel® Corporation) [On_Demand | Stopped] -- C:\Program Files\Intel\PROSetWired\NCS\Sync\NetSvc.exe -- (NetSvc)
SRV - [2004/10/07 22:24:02 | 00,069,632 | ---- | M] (HP) [Auto | Running] -- C:\WINDOWS\system32\spool\drivers\w32x86\3\HPZIPM12.EXE -- (Pml Driver HPZ12)
SRV - [2003/07/28 12:28:22 | 00,089,136 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE -- (ose)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Page_URL = www.google.co.uk/ig/dell?hl=en&client=dell-usuk&channel=uk&ibd=4060918
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,Start Page = www.google.co.uk/ig/dell?hl=en&client=dell-usuk&channel=uk&ibd=4060918

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,SearchMigratedDefaultName = Google
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,SearchMigratedDefaultURL = http://www.google.co...ie=utf8&oe=utf8
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.co.uk/
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = en-gb
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 30 32 CC 99 BC 3A CB 01 [binary data]
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

========== FireFox ==========

FF - prefs.js..browser.startup.homepage: "http://www.sharepric...XPLORATION-PLC"
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}:6.0.21
FF - prefs.js..extensions.enabledItems: [email protected]:1.0
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}:6.0.24
FF - prefs.js..extensions.enabledItems: [email protected]:7.0.1426
FF - prefs.js..network.proxy.no_proxies_on: "*.local"

FF - HKLM\software\mozilla\Firefox\extensions\\[email protected]: C:\Program Files\AVAST Software\Avast\WebRep\FF [2012/06/20 08:36:20 | 00,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.28\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2012/03/27 12:34:07 | 00,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.28\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2012/04/13 11:46:06 | 00,000,000 | ---D | M]

[2009/11/11 09:42:46 | 00,000,000 | ---D | M] -- C:\Documents and Settings\T\Application Data\Mozilla\Extensions
[2012/07/18 14:48:16 | 00,000,000 | ---D | M] -- C:\Documents and Settings\T\Application Data\Mozilla\Firefox\Profiles\0h5n5h6u.default\extensions
[2012/07/18 14:48:16 | 00,000,000 | ---D | M] -- C:\Program Files\Mozilla Firefox\extensions
[2010/08/06 11:50:03 | 00,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}
[2011/02/25 10:32:09 | 00,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}
[2011/02/02 22:40:24 | 00,472,808 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Mozilla Firefox\plugins\npdeployJava1.dll
[2011/11/15 13:56:02 | 00,001,538 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\amazon-en-GB.xml
[2011/11/15 13:56:02 | 00,000,947 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\chambers-en-GB.xml
[2011/11/15 13:56:02 | 00,000,769 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\eBay-en-GB.xml
[2011/11/15 13:56:02 | 00,001,135 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\yahoo-en-GB.xml

O1 HOSTS File: (27 bytes) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (Adobe PDF Link Helper) - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)
O2 - BHO: (Spybot-S&D IE Protection) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
O2 - BHO: (DriveLetterAccess) - {5CA3D70E-1895-11CF-8E15-001234567890} - C:\WINDOWS\system32\DLA\DLASHX_W.DLL (Sonic Solutions)
O2 - BHO: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
O2 - BHO: (CBrowserHelperObject Object) - {CA6319C0-31B7-401E-A518-A07C3DB8F777} - C:\Program Files\BAE\BAE.dll (Dell Inc.)
O2 - BHO: (Java™ Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll (Sun Microsystems, Inc.)
O2 - BHO: (JQSIEStartDetectorImpl Class) - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll (Sun Microsystems, Inc.)
O3 - HKLM\..\Toolbar: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
O4 - HKLM..\Run: [avast] C:\Program Files\AVAST Software\Avast\avastUI.exe (AVAST Software)
O4 - HKLM..\Run: [igfxhkcmd] C:\WINDOWS\system32\hkcmd.exe (Intel Corporation)
O4 - HKLM..\Run: [igfxtray] C:\WINDOWS\system32\igfxtray.exe (Intel Corporation)
O4 - HKLM..\Run: [ISUSPM Startup] C:\Program Files\Common Files\InstallShield\UpdateService\ISUSPM.exe (InstallShield Software Corporation)
O4 - HKLM..\Run: [MSConfig] C:\WINDOWS\pchealth\helpctr\Binaries\MSCONFIG.EXE (Microsoft Corporation)
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Dyn Updater Tray Icon.lnk = C:\Program Files\DynDNS Updater\DynTray.exe (Dyn, Inc.)
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\r1.asx.url ()
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoCDBurning = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 36
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = FF FF FF FF [binary data]
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O9 - Extra 'Tools' menuitem : Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O16 - DPF: {166B1BCA-3F9C-11CF-8075-444553540000} http://download.macr...director/sw.cab (Shockwave ActiveX Control)
O16 - DPF: {172826E5-EC1B-402E-9782-02E3D087E008} https://skyfex.com/d...d/en/skyfex.exe (SkyFex Remote Desktop (Internet Explorer Add-on))
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} http://download.micr...heckControl.cab (Windows Genuine Advantage Validation Tool)
O16 - DPF: {215B8138-A3CF-44C5-803F-8226143CFC0A} http://housecall65.t...ivex/hcImpl.cab (Trend Micro ActiveX Scan Agent 6.6)
O16 - DPF: {4871A87A-BFDD-4106-8153-FFDE2BAC2967} http://dlm.tools.aka...vex-2.2.4.1.cab (DLM Control)
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} http://gfx1.hotmail....es/MSNPUpld.cab (MSN Photo Upload Tool)
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} http://update.micros...b?1159527175108 (WUWebControl Class)
O16 - DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} http://download.eset...lineScanner.cab (OnlineScanner Control)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/...indows-i586.cab (Reg Error: Value error.)
O16 - DPF: {CAFCF48D-8E34-4490-8154-026191D73924} http://192.168.16.64...ActiveX_V23.cab (NetVideoActiveX23 Control)
O16 - DPF: {CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_24)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_24)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload.ma...ent/swflash.cab (Shockwave Flash Object)
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.ad...Plus/1.6/gp.cab (Reg Error: Key error.)
O16 - DPF: {E77F23EB-E7AB-4502-8F37-247DBAF1A147} http://gfx2.hotmail....ol/MSNPUpld.cab (Windows Live Hotmail Photo Upload Tool)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.16.1
O18 - Protocol\Handler\livecall {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files\MSN Messenger\msgrapp.8.1.0178.00.dll (Microsoft Corporation)
O18 - Protocol\Handler\msnim {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files\MSN Messenger\msgrapp.8.1.0178.00.dll (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - Winlogon\Notify\igfxcui: DllName - igfxdev.dll - C:\WINDOWS\System32\igfxdev.dll (Intel Corporation)
O28 - HKLM ShellExecuteHooks: {091EB208-39DD-417D-A5DD-7E2C2D8FB9CB} - C:\Program Files\Windows Defender\MpShHook.dll (Microsoft Corporation)
O28 - HKLM ShellExecuteHooks: {56F9679E-7826-4C84-81F3-532071A8BCC5} - C:\Program Files\Windows Desktop Search\MsnlNamespaceMgr.dll (Microsoft Corporation)
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2004/08/10 13:04:08 | 00,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O32 - AutoRun File - [2009/12/22 09:32:57 | 00,000,000 | R--D | M] - C:\autorun.inf -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O34 - HKLM BootExecute: (C:\PROGRA~1\AVG\AVG10\avgchsvx.exe /sync) - C:\PROGRA~1\AVG\AVG10\avgchsvx.exe File not found
O34 - HKLM BootExecute: (C:\PROGRA~1\AVG\AVG10\avgrsx.exe /sync /restart) - C:\PROGRA~1\AVG\AVG10\avgrsx.exe File not found
O35 - comfile [open] -- "%1" %*
O35 - exefile [open] -- "%1" %*

========== Files/Folders - Created Within 14 Days ==========

[2012/07/16 10:10:25 | 00,000,000 | ---D | C] -- C:\Documents and Settings\T\Desktop\Politics
[2012/07/13 10:35:32 | 00,000,000 | ---D | C] -- C:\Documents and Settings\T\Desktop\Bosch
[2012/07/11 12:27:45 | 00,000,000 | ---D | C] -- C:\Documents and Settings\T\Desktop\Moyles Podcasts
[2012/06/14 08:39:01 | 00,000,000 | ---D | M] -- C:\Documents and Settings\NetworkService\Local Settings\Application Data\Apple
[2011/09/22 09:14:32 | 00,000,000 | ---D | M] -- C:\Documents and Settings\LocalService\Local Settings\Application Data\Adobe
[2011/09/22 09:13:08 | 00,000,000 | --SD | M] -- C:\Documents and Settings\LocalService\Application Data\Microsoft
[2011/06/17 16:16:02 | 00,000,000 | ---D | M] -- C:\Documents and Settings\NetworkService\Local Settings\Application Data\Microsoft
[2010/08/05 13:10:44 | 00,000,000 | ---D | M] -- C:\Documents and Settings\LocalService\Application Data\Adobe
[2010/08/05 13:10:11 | 00,000,000 | ---D | M] -- C:\Documents and Settings\LocalService\Application Data\Macromedia
[2009/12/21 12:00:49 | 00,000,000 | ---D | M] -- C:\Documents and Settings\LocalService\Local Settings\Application Data\Microsoft
[2009/12/21 12:00:48 | 00,000,000 | --SD | M] -- C:\Documents and Settings\NetworkService\Application Data\Microsoft
[2009/01/28 11:49:31 | 00,000,000 | ---D | M] -- C:\Documents and Settings\NetworkService\Local Settings\Application Data\PCHealth
[2006/09/29 11:49:35 | 00,000,000 | ---D | M] -- C:\Documents and Settings\LocalService\Application Data\McAfee.com Personal Firewall

========== Files - Modified Within 14 Days ==========

[2012/07/24 11:25:01 | 00,150,845 | ---- | M] () -- C:\Documents and Settings\T\Desktop\processes.jpg
[2012/07/24 11:25:00 | 00,000,438 | -H-- | M] () -- C:\WINDOWS\tasks\User_Feed_Synchronization-{975C5731-0753-4F1D-BDAB-DA1754EAB6B7}.job
[2012/07/24 11:24:15 | 00,000,830 | ---- | M] () -- C:\WINDOWS\tasks\Adobe Flash Player Updater.job
[2012/07/24 11:09:57 | 00,000,698 | ---- | M] () -- C:\WINDOWS\win.ini
[2012/07/24 11:09:57 | 00,000,327 | RHS- | M] () -- C:\boot.ini
[2012/07/24 11:09:57 | 00,000,227 | ---- | M] () -- C:\WINDOWS\system.ini
[2012/07/24 11:07:19 | 00,002,206 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2012/07/24 11:07:08 | 09,699,328 | -H-- | M] () -- C:\Documents and Settings\T\NTUSER.DAT
[2012/07/24 11:07:08 | 00,000,278 | -HS- | M] () -- C:\Documents and Settings\T\ntuser.ini
[2012/07/24 11:06:35 | 01,503,728 | ---- | M] () -- C:\Documents and Settings\T\Desktop\sale.psd
[2012/07/23 14:45:48 | 00,000,223 | ---- | M] () -- C:\WINDOWS\hpbafd.ini
[2012/07/23 10:46:27 | 00,310,328 | ---- | M] () -- C:\Documents and Settings\T\Desktop\92577.jpg
[2012/07/23 10:46:07 | 00,290,575 | ---- | M] () -- C:\Documents and Settings\T\Desktop\92611.jpg
[2012/07/20 11:48:17 | 00,109,049 | ---- | M] () -- C:\Documents and Settings\T\Desktop\Truck.jpg
[2012/07/20 11:09:56 | 00,036,078 | ---- | M] () -- C:\Documents and Settings\T\Desktop\mels%20car%20hp.jpg
[2012/07/19 13:38:51 | 00,000,778 | ---- | M] () -- C:\WINDOWS\PSDUK.INI
[2012/07/19 08:39:01 | 00,000,284 | ---- | M] () -- C:\WINDOWS\tasks\AppleSoftwareUpdate.job
[2012/07/17 11:04:28 | 00,025,300 | ---- | M] () -- C:\Documents and Settings\T\My Documents\Tony-Adams-001.jpg
[2012/07/17 10:51:47 | 00,104,965 | ---- | M] () -- C:\Documents and Settings\T\My Documents\prince-william-and-kate-middleton.jpg
[2012/07/17 09:01:31 | 00,000,006 | -H-- | M] () -- C:\WINDOWS\tasks\SA.DAT
[2012/07/17 09:01:17 | 00,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2012/07/17 09:01:12 | 34,793,26720 | -HS- | M] () -- C:\hiberfil.sys
[2012/07/17 09:00:04 | 00,004,155 | ---- | M] () -- C:\Documents and Settings\T\My Documents\Fixit50388.reg
[2012/07/12 15:52:50 | 13,146,624 | ---- | M] () -- C:\Documents and Settings\T\My Documents\woodturning brochure 2012.pub
[2012/07/12 09:13:14 | 02,294,856 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2012/07/12 08:51:43 | 00,001,374 | ---- | M] () -- C:\WINDOWS\imsins.BAK

========== Files Created - No Company Name ==========

[2012/07/24 11:06:33 | 01,503,728 | ---- | C] () -- C:\Documents and Settings\T\Desktop\sale.psd
[2012/07/23 10:46:27 | 00,310,328 | ---- | C] () -- C:\Documents and Settings\T\Desktop\92577.jpg
[2012/07/23 10:46:06 | 00,290,575 | ---- | C] () -- C:\Documents and Settings\T\Desktop\92611.jpg
[2012/07/20 11:48:17 | 00,109,049 | ---- | C] () -- C:\Documents and Settings\T\Desktop\Truck.jpg
[2012/07/20 11:10:00 | 00,036,078 | ---- | C] () -- C:\Documents and Settings\T\Desktop\mels%20car%20hp.jpg
[2012/07/17 11:04:51 | 00,025,300 | ---- | C] () -- C:\Documents and Settings\T\My Documents\Tony-Adams-001.jpg
[2012/07/17 10:51:53 | 00,104,965 | ---- | C] () -- C:\Documents and Settings\T\My Documents\prince-william-and-kate-middleton.jpg
[2012/07/17 09:00:03 | 00,004,155 | ---- | C] () -- C:\Documents and Settings\T\My Documents\Fixit50388.reg
[2012/07/05 13:50:57 | 00,250,358 | ---- | C] () -- C:\Documents and Settings\T\Local Settings\Application Data\census.cache
[2012/07/05 13:50:51 | 00,199,213 | ---- | C] () -- C:\Documents and Settings\T\Local Settings\Application Data\ars.cache
[2012/03/28 22:11:06 | 00,974,848 | ---- | C] () -- C:\WINDOWS\System32\cis-2.4.dll
[2012/03/28 22:11:06 | 00,081,920 | ---- | C] () -- C:\WINDOWS\System32\issacapi_bs-2.3.dll
[2012/03/28 22:11:06 | 00,065,536 | ---- | C] () -- C:\WINDOWS\System32\issacapi_pe-2.3.dll
[2012/03/28 22:11:06 | 00,057,344 | ---- | C] () -- C:\WINDOWS\System32\issacapi_se-2.3.dll
[2012/03/13 13:25:36 | 00,038,448 | ---- | C] () -- C:\Documents and Settings\T\Application Data\Microsoft Excel.ADR
[2012/02/16 00:06:33 | 00,003,072 | ---- | C] () -- C:\WINDOWS\System32\iacenc.dll
[2011/08/30 10:44:01 | 00,000,246 | ---- | C] () -- C:\WINDOWS\cdplayer.ini
[2011/05/09 09:13:22 | 00,000,078 | ---- | C] () -- C:\Documents and Settings\T\Local Settings\Application Data\xobni_installer_updater.log
[2010/07/20 16:13:00 | 00,049,152 | ---- | C] () -- C:\WINDOWS\System32\RemConfigRes_CHI.dll
[2010/07/20 16:11:50 | 00,081,920 | ---- | C] () -- C:\WINDOWS\System32\RemConfigRes_ENG.dll
[2010/07/20 15:20:10 | 00,028,672 | ---- | C] () -- C:\WINDOWS\System32\ActiveXRes_CHI.dll
[2010/07/20 09:49:40 | 00,032,768 | ---- | C] () -- C:\WINDOWS\System32\ActiveXRes_ENG.dll
[2010/07/19 20:35:36 | 00,880,640 | ---- | C] () -- C:\WINDOWS\System32\ShowRemConfig.dll
[2010/07/01 11:22:38 | 00,143,434 | ---- | C] () -- C:\WINDOWS\System32\StreamTransClient.dll
[2010/07/01 09:41:42 | 00,217,205 | ---- | C] () -- C:\WINDOWS\System32\SystemTransform.dll
[2010/06/11 09:10:08 | 01,146,968 | ---- | C] () -- C:\WINDOWS\System32\PlayCtrl.dll
[2010/04/19 16:55:11 | 00,000,000 | ---- | C] () -- C:\WINDOWS\DbgOut.INI
[2009/10/20 19:19:30 | 00,053,299 | ---- | C] () -- C:\WINDOWS\System32\pthreadVC.dll
[2009/08/18 15:18:03 | 00,000,036 | ---- | C] () -- C:\Documents and Settings\T\Local Settings\Application Data\housecall.guid.cache
[2007/12/07 13:51:59 | 00,000,000 | ---- | C] () -- C:\Documents and Settings\T\Application Data\AVSDVDPlayer.m3u
[2007/12/07 13:39:47 | 00,765,952 | ---- | C] () -- C:\WINDOWS\System32\xvidcore.dll
[2007/12/07 13:39:47 | 00,180,224 | ---- | C] () -- C:\WINDOWS\System32\xvidvfw.dll
[2007/09/27 10:51:02 | 00,020,698 | ---- | C] () -- C:\WINDOWS\System32\idxcntrs.ini
[2007/09/27 10:48:48 | 00,030,628 | ---- | C] () -- C:\WINDOWS\System32\gsrvctr.ini
[2007/09/27 10:48:28 | 00,031,698 | ---- | C] () -- C:\WINDOWS\System32\gthrctr.ini
[2007/04/10 15:21:33 | 00,000,029 | ---- | C] () -- C:\WINDOWS\DEBUGSM.INI
[2007/04/10 14:47:35 | 00,049,152 | ---- | C] () -- C:\WINDOWS\StiRegstEng.dll
[2007/04/10 14:44:46 | 00,000,097 | ---- | C] () -- C:\WINDOWS\System32\PICSDK.ini
[2007/04/10 14:43:55 | 00,000,027 | ---- | C] () -- C:\WINDOWS\CDE P4490DEFGIPSR.ini
[2007/04/02 14:22:56 | 00,005,632 | ---- | C] () -- C:\WINDOWS\System32\drivers\StarOpen.sys
[2007/02/02 10:21:48 | 00,122,880 | ---- | C] () -- C:\WINDOWS\System32\lfkodak.dll
[2006/10/18 15:17:17 | 00,000,037 | ---- | C] () -- C:\WINDOWS\Viewer.ini
[2006/10/18 14:20:03 | 00,000,778 | ---- | C] () -- C:\WINDOWS\PSDUK.INI
[2006/10/18 14:20:03 | 00,000,075 | ---- | C] () -- C:\WINDOWS\psdxpuk.ini
[2006/10/09 11:15:14 | 00,000,000 | ---- | C] () -- C:\Documents and Settings\All Users\Application Data\LauncherAccess.dt
[2006/10/05 16:42:24 | 00,000,000 | ---- | C] () -- C:\WINDOWS\HPMProp.INI
[2006/10/05 16:41:45 | 00,094,274 | ---- | C] () -- C:\WINDOWS\System32\HPBHEALR.DLL
[2006/10/02 14:22:46 | 00,007,680 | ---- | C] () -- C:\Documents and Settings\T\Application Data\dvd.bmk
[2006/10/02 14:22:13 | 00,000,124 | ---- | C] () -- C:\Documents and Settings\T\Local Settings\Application Data\fusioncache.dat
[2006/10/02 13:26:09 | 00,000,000 | ---- | C] () -- C:\WINDOWS\ui.INI
[2006/10/02 13:22:29 | 00,041,472 | ---- | C] () -- C:\WINDOWS\System32\drivers\sfc4.sys
[2006/09/30 12:37:41 | 00,000,223 | ---- | C] () -- C:\WINDOWS\hpbafd.ini
[2006/09/30 11:14:12 | 00,000,376 | ---- | C] () -- C:\WINDOWS\ODBC.INI
[2006/09/30 10:34:03 | 00,005,852 | -HS- | C] () -- C:\WINDOWS\System32\KGyGaAvL.sys
[2006/09/30 10:34:03 | 00,000,088 | RHS- | C] () -- C:\WINDOWS\System32\90B973048B.sys
[2006/09/30 10:22:37 | 00,000,002 | ---- | C] () -- C:\WINDOWS\msoffice.ini
[2006/09/29 14:35:50 | 00,108,032 | ---- | C] () -- C:\Documents and Settings\T\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2006/09/18 20:00:38 | 00,000,061 | ---- | C] () -- C:\WINDOWS\smscfg.ini
[2006/09/18 19:54:53 | 00,000,126 | ---- | C] () -- C:\WINDOWS\wininit.ini
[2006/09/18 19:49:36 | 00,712,704 | ---- | C] () -- C:\WINDOWS\System32\DellSystemRestore.dll
[2006/09/18 19:26:06 | 00,000,475 | ---- | C] () -- C:\WINDOWS\System32\OEMINFO.INI
[2005/11/10 08:56:34 | 00,000,000 | ---- | C] () -- C:\WINDOWS\System32\px.ini
[2004/08/10 13:12:05 | 00,000,780 | ---- | C] () -- C:\WINDOWS\orun32.ini
[2004/08/10 13:01:18 | 00,001,793 | ---- | C] () -- C:\WINDOWS\System32\fxsperf.ini
[2003/01/07 15:05:08 | 00,002,695 | ---- | C] () -- C:\WINDOWS\System32\OUTLPERF.INI

========== LOP Check ==========

[2007/02/07 16:27:10 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Alfac
[2011/06/21 09:55:40 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\AVAST Software
[2009/12/21 12:24:42 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\avg9
[2008/10/23 14:15:06 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\BVRP Software
[2011/05/09 09:05:46 | 00,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Application Data\Common Files
[2011/12/02 18:11:45 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Dyn
[2011/08/07 13:47:55 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\DynDNS
[2009/03/17 09:39:40 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Grisoft
[2010/04/15 13:00:44 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\HTC
[2007/03/28 16:06:45 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\MSScanAppDataDir
[2012/04/25 13:12:35 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Samsung
[2009/07/21 09:22:08 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\SSScanAppDataDir
[2010/04/15 13:00:35 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Teleca
[2006/11/09 15:26:59 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\TEMP
[2010/07/30 11:55:51 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Trusteer
[2006/09/18 19:52:04 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Viewpoint
[2012/06/13 12:35:04 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\WindSolutions
[2011/05/20 16:39:33 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\{429CAD59-35B1-4DBC-BB6D-1DB246563521}
[2009/12/07 16:32:45 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\{755AC846-7372-4AC8-8550-C52491DAA8BD}
[2010/08/16 08:21:46 | 00,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Application Data\~0
[2008/02/22 13:30:11 | 00,000,000 | ---D | M] -- C:\Documents and Settings\T\Application Data\.BitTornado
[2010/04/14 12:22:59 | 00,000,000 | ---D | M] -- C:\Documents and Settings\T\Application Data\aerix
[2007/02/07 16:40:30 | 00,000,000 | ---D | M] -- C:\Documents and Settings\T\Application Data\Alfac
[2009/04/27 13:10:44 | 00,000,000 | ---D | M] -- C:\Documents and Settings\T\Application Data\Amazon
[2012/06/13 15:00:54 | 00,000,000 | ---D | M] -- C:\Documents and Settings\T\Application Data\Audacity
[2011/06/21 09:09:24 | 00,000,000 | ---D | M] -- C:\Documents and Settings\T\Application Data\AVG10
[2009/12/17 09:34:02 | 00,000,000 | ---D | M] -- C:\Documents and Settings\T\Application Data\ContentGuard
[2006/12/15 17:28:34 | 00,000,000 | ---D | M] -- C:\Documents and Settings\T\Application Data\ConvertTemp
[2007/04/16 14:52:54 | 00,000,000 | ---D | M] -- C:\Documents and Settings\T\Application Data\EPSON
[2006/10/13 11:08:09 | 00,000,000 | ---D | M] -- C:\Documents and Settings\T\Application Data\Leadertech
[2007/03/26 10:41:24 | 00,000,000 | ---D | M] -- C:\Documents and Settings\T\Application Data\Opera
[2012/04/25 13:19:47 | 00,000,000 | ---D | M] -- C:\Documents and Settings\T\Application Data\Samsung
[2009/04/24 11:40:41 | 00,000,000 | ---D | M] -- C:\Documents and Settings\T\Application Data\streamripper
[2007/08/09 15:27:18 | 00,000,000 | ---D | M] -- C:\Documents and Settings\T\Application Data\Teleca
[2006/10/09 11:40:29 | 00,000,000 | ---D | M] -- C:\Documents and Settings\T\Application Data\Temporary
[2007/05/24 15:08:13 | 00,000,000 | ---D | M] -- C:\Documents and Settings\T\Application Data\TransRender
[2010/07/30 11:56:42 | 00,000,000 | ---D | M] -- C:\Documents and Settings\T\Application Data\Trusteer
[2007/08/01 12:59:23 | 00,000,000 | ---D | M] -- C:\Documents and Settings\T\Application Data\Viewpoint
[2011/09/22 09:10:38 | 00,000,000 | ---D | M] -- C:\Documents and Settings\T\Application Data\Windows Desktop Search
[2011/09/22 09:25:44 | 00,000,000 | ---D | M] -- C:\Documents and Settings\T\Application Data\Windows Search
[2012/06/13 12:35:12 | 00,000,000 | ---D | M] -- C:\Documents and Settings\T\Application Data\WindSolutions
[2012/07/24 11:25:00 | 00,000,438 | -H-- | M] () -- C:\WINDOWS\Tasks\User_Feed_Synchronization-{975C5731-0753-4F1D-BDAB-DA1754EAB6B7}.job

========== Purity Check ==========



========== Alternate Data Streams ==========

@Alternate Data Stream - 128 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:0CE7F3C9
< End of report >

[tom468]

Can anyone help please?