OTL logfile created on: 30/11/2009 01:29:12 - Run 1 OTL by OldTimer - Version 3.1.11.3 Folder = C:\Users\Iain W Masterson\Desktop Windows Vista Home Basic Edition (Version = 6.0.6000) - Type = NTWorkstation Internet Explorer (Version = 7.0.6000.16916) Locale: 00000809 | Country: United Kingdom | Language: ENG | Date Format: dd/MM/yyyy 1.87 Gb Total Physical Memory | 1.54 Gb Available Physical Memory | 82.03% Memory free 3.96 Gb Paging File | 3.78 Gb Available in Paging File | 95.29% Paging File free Paging file location(s): ?:\pagefile.sys [binary data] %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files Drive C: | 45.78 Gb Total Space | 9.50 Gb Free Space | 20.75% Space Free | Partition Type: NTFS Drive D: | 10.00 Gb Total Space | 6.81 Gb Free Space | 68.13% Space Free | Partition Type: NTFS E: Drive not present or media not loaded F: Drive not present or media not loaded G: Drive not present or media not loaded H: Drive not present or media not loaded I: Drive not present or media not loaded Computer Name: LAPTOP Current User Name: Iain W Masterson Logged in as Administrator. Current Boot Mode: SafeMode Scan Mode: Current user Company Name Whitelist: On Skip Microsoft Files: On File Age = 14 Days Output = Standard Quick Scan [color=#E56717]========== Processes (SafeList) ==========[/color] PRC - [2009/11/30 01:20:53 | 00,536,064 | ---- | M] (OldTimer Tools) -- C:\Users\Iain W Masterson\Desktop\OTL.exe PRC - [2008/10/29 06:20:29 | 02,923,520 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe PRC - [2008/01/09 15:50:22 | 00,767,976 | ---- | M] (McAfee, Inc.) -- C:\Program Files\McAfee\MSC\mcmscsvc.exe PRC - [2007/11/01 18:12:38 | 00,582,992 | ---- | M] (McAfee, Inc.) -- c:\Program Files\McAfee.com\Agent\mcagent.exe PRC - [2007/11/01 18:12:38 | 00,265,040 | ---- | M] (McAfee, Inc.) -- c:\Program Files\McAfee\MSC\mcuimgr.exe PRC - [2006/11/02 09:45:50 | 00,037,376 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\wbem\unsecapp.exe PRC - [2006/10/30 17:20:26 | 00,362,064 | ---- | M] (McAfee, Inc.) -- C:\Program Files\McAfee\VirusScan\mcods.exe [color=#E56717]========== Modules (SafeList) ==========[/color] MOD - [2009/11/30 01:20:53 | 00,536,064 | ---- | M] (OldTimer Tools) -- C:\Users\Iain W Masterson\Desktop\OTL.exe MOD - [2006/11/02 09:38:57 | 01,648,128 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6000.16386_none_5d07289e07e1d100\comctl32.dll [color=#E56717]========== Win32 Services (SafeList) ==========[/color] SRV - [2008/12/17 15:56:45 | 00,029,744 | ---- | M] (Google) -- C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe -- (GoogleDesktopManager-061008-081103) SRV - [2008/02/04 14:18:32 | 00,504,104 | ---- | M] (Apple Inc.) -- C:\Program Files\iPod\bin\iPodService.exe -- (iPod Service) SRV - [2008/01/25 01:38:12 | 02,458,128 | ---- | M] (McAfee, Inc.) -- c:\Program Files\Common Files\McAfee\MNA\McNASvc.exe -- (McNASvc) SRV - [2008/01/15 02:40:04 | 00,110,592 | ---- | M] (Apple, Inc.) -- C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe -- (Apple Mobile Device) SRV - [2008/01/09 15:50:22 | 00,767,976 | ---- | M] (McAfee, Inc.) -- C:\Program Files\McAfee\MSC\mcmscsvc.exe -- (mcmscsvc) SRV - [2007/09/18 06:57:46 | 00,265,912 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend) SRV - [2007/08/24 06:59:20 | 00,068,464 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft Office\Office12\GrooveAuditService.exe -- (Microsoft Office Groove Audit Service) SRV - [2007/08/24 03:19:12 | 00,443,776 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE -- (odserv) SRV - [2007/07/24 15:17:08 | 00,229,376 | ---- | M] (Apple Inc.) -- C:\Program Files\Bonjour\mDNSResponder.exe -- (Bonjour Service) SRV - [2007/04/05 17:26:16 | 00,569,344 | ---- | M] (ATI Technologies Inc.) -- C:\Windows\System32\Ati2evxx.exe -- (Ati External Event Utility) SRV - [2007/01/19 11:54:14 | 00,097,136 | ---- | M] (Microsoft Corporation) -- C:\Program Files\MSN Messenger\usnsvc.exe -- (usnjsvc) SRV - [2006/11/22 22:56:36 | 00,090,112 | ---- | M] (SigmaTel, Inc.) -- C:\Program Files\SigmaTel\C-Major Audio\WDM\stacsv.exe -- (STacSV) SRV - [2006/11/18 05:48:58 | 00,024,064 | ---- | M] () -- C:\Windows\System32\WLTRYSVC.EXE -- (wltrysvc) SRV - [2006/11/11 23:10:40 | 00,386,560 | ---- | M] (Conexant Systems, Inc.) -- C:\Windows\System32\drivers\XAudio.exe -- (XAudioService) SRV - [2006/11/07 13:27:02 | 00,070,656 | ---- | M] () -- C:\Program Files\DellSupport\brkrsvc.exe -- (DSBrokerService) SRV - [2006/11/05 11:15:12 | 00,880,640 | ---- | M] (Sonic Solutions) -- C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxMediaDB9.exe -- (RoxMediaDB9) SRV - [2006/11/05 11:13:00 | 00,159,744 | ---- | M] (Sonic Solutions) -- C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxWatch9.exe -- (RoxWatch9) SRV - [2006/11/03 16:12:38 | 00,833,064 | ---- | M] (McAfee, Inc.) -- C:\Program Files\McAfee\MPF\MPFSrv.exe -- (MpfService) SRV - [2006/10/30 17:20:26 | 00,362,064 | ---- | M] (McAfee, Inc.) -- C:\Program Files\McAfee\VirusScan\mcods.exe -- (McODS) SRV - [2006/10/30 16:17:14 | 00,624,720 | ---- | M] (McAfee, Inc.) -- C:\Program Files\McAfee\VirusScan\mcsysmon.exe -- (McSysmon) SRV - [2006/10/30 16:03:20 | 00,894,504 | ---- | M] (McAfee, Inc.) -- C:\Program Files\McAfee\MPS\mps.exe -- (MPS9) SRV - [2006/10/28 20:59:38 | 00,337,488 | ---- | M] (McAfee, Inc.) -- C:\Program Files\Common Files\McAfee\EmProxy\emproxy.exe -- (Emproxy) SRV - [2006/10/27 14:38:16 | 00,028,752 | ---- | M] (McAfee Inc.) -- C:\Program Files\McAfee\MSK\MskSrver.exe -- (MSK80Service) SRV - [2006/10/26 15:03:02 | 00,239,200 | ---- | M] (McAfee, Inc.) -- c:\Program Files\Common Files\McAfee\RedirSvc\RedirSvc.exe -- (McRedirector) SRV - [2006/10/26 14:46:16 | 00,349,784 | ---- | M] (McAfee, Inc.) -- c:\Program Files\Common Files\McAfee\McProxy\McProxy.exe -- (McProxy) SRV - [2006/10/26 13:03:08 | 00,145,184 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE -- (ose) SRV - [2006/10/26 09:55:50 | 00,144,960 | ---- | M] (McAfee, Inc.) -- C:\Program Files\McAfee\VirusScan\Mcshield.exe -- (McShield) SRV - [2006/10/23 16:12:16 | 00,554,600 | ---- | M] (McAfee, Inc.) -- C:\Program Files\Common Files\McAfee\HackerWatch\HWAPI.exe -- (McAfee HackerWatch Service) SRV - [2006/09/14 14:54:34 | 00,073,728 | ---- | M] (MicroVision Development, Inc.) -- C:\Program Files\Common Files\SureThing Shared\stllssvr.exe -- (stllssvr) SRV - [2005/04/03 23:41:10 | 00,069,632 | ---- | M] (Macrovision Corporation) -- C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe -- (IDriverT) [color=#E56717]========== Standard Registry (SafeList) ==========[/color] [color=#E56717]========== Internet Explorer ==========[/color] IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.google.co.uk/ig/dell?hl=en&client=dell-usuk&channel=uk&ibd=3070213 IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = [Binary data over 100 bytes] IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://g.msn.co.uk/0SEENGB/SAOS01?FORM=TOOLBR IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Secondary Start Pages = [Binary data over 100 bytes] IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://google.flashget.com/ IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 1 IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 1 IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyServer" = http=127.0.0.1:5555 [color=#E56717]========== FireFox ==========[/color] FF - prefs.js..browser.search.defaultenginename: "Google" FF - prefs.js..browser.search.defaulturl: "http://www.google.com/search?lr=&ie=UTF-8&oe=UTF-8&q=" FF - prefs.js..browser.search.selectedEngine: "Google" FF - prefs.js..network.proxy.autoconfig_url: "http://www.abdn.ac.uk/local/autoproxy.php" FF - HKLM\software\mozilla\Mozilla Firefox 2.0.0.20\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2009/02/22 21:22:58 | 00,000,000 | ---D | M] FF - HKLM\software\mozilla\Mozilla Firefox 2.0.0.20\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2009/02/22 21:22:58 | 00,000,000 | ---D | M] [2009/11/29 22:36:29 | 00,000,000 | ---D | M] -- C:\Users\Iain W Masterson\AppData\Roaming\Mozilla\Firefox\Profiles\9il9ml4t.default\extensions [2008/10/25 12:14:01 | 00,000,000 | ---D | M] -- C:\Users\Iain W Masterson\AppData\Roaming\Mozilla\Firefox\Profiles\9il9ml4t.default\extensions\{59c81df5-4b7a-477b-912d-4e0fdf64e5f2} [2009/10/30 17:12:00 | 00,000,000 | ---D | M] -- C:\Users\Iain W Masterson\AppData\Roaming\Mozilla\Firefox\Profiles\9il9ml4t.default\extensions\{DB9127A2-3381-41ec-82B3-1B6ED4C6F29A} [2008/03/06 12:49:20 | 00,000,000 | ---D | M] -- C:\Program Files\Mozilla Firefox\extensions [2007/09/23 17:50:01 | 00,000,000 | ---D | M] -- C:\Program Files\Mozilla Firefox\extensions\{3112ca9c-de6d-4884-a869-9855de68056c} [2007/10/21 11:58:12 | 00,000,000 | ---D | M] -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0003-ABCDEFFEDCBA} [2008/03/06 12:49:20 | 00,000,000 | ---D | M] -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0005-ABCDEFFEDCBA} [2009/02/06 11:33:07 | 00,000,000 | ---D | M] -- C:\Program Files\Mozilla Firefox\extensions\talkback@mozilla.org [2009/02/06 11:31:43 | 00,067,688 | ---- | M] (Mozilla Foundation) -- C:\Program Files\Mozilla Firefox\components\jar50.dll [2009/02/06 11:31:43 | 00,054,368 | ---- | M] (Mozilla Foundation) -- C:\Program Files\Mozilla Firefox\components\jsd3250.dll [2009/02/06 11:31:44 | 00,034,944 | ---- | M] (Mozilla Foundation) -- C:\Program Files\Mozilla Firefox\components\myspell.dll [2009/02/06 11:31:56 | 00,046,712 | ---- | M] (Mozilla Foundation) -- C:\Program Files\Mozilla Firefox\components\spellchk.dll [2009/02/06 11:31:58 | 00,172,136 | ---- | M] (Mozilla Foundation) -- C:\Program Files\Mozilla Firefox\components\xpinstal.dll [2008/12/17 15:56:46 | 00,000,686 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\GoogleDesktopMozilla.png [2008/12/17 15:56:46 | 00,000,531 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\GoogleDesktopMozilla.src O1 HOSTS File: (761 bytes) - C:\Windows\System32\drivers\etc\hosts O1 - Hosts: 127.0.0.1 localhost O1 - Hosts: ::1 localhost O2 - BHO: (Adobe PDF Reader Link Helper) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated) O2 - BHO: (Groove GFS Browser Helper) - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll (Microsoft Corporation) O2 - BHO: (SSVHelper Class) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll (Sun Microsystems, Inc.) O2 - BHO: (scriptproxy) - {7DB2D5A0-7241-4E79-B68D-6309F01C5231} - c:\Program Files\McAfee\VirusScan\scriptcl.dll (McAfee, Inc.) O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - No CLSID value found. O2 - BHO: (Google Toolbar Helper) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\Program Files\Google\GoogleToolbar1.dll (Google Inc.) O2 - BHO: (Windows Live Toolbar Helper) - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll (Microsoft Corporation) O2 - BHO: (CBrowserHelperObject Object) - {CA6319C0-31B7-401E-A518-A07C3DB8F777} - C:\Program Files\BAE\BAE.dll (Dell Inc.) O3 - HKLM\..\Toolbar: (&Google) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\Program Files\Google\GoogleToolbar1.dll (Google Inc.) O3 - HKLM\..\Toolbar: (Windows Live Toolbar) - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll (Microsoft Corporation) O3 - HKCU\..\Toolbar\WebBrowser: (&Google) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - c:\Program Files\Google\GoogleToolbar1.dll (Google Inc.) O3 - HKCU\..\Toolbar\WebBrowser: (Windows Live Toolbar) - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll (Microsoft Corporation) O4 - HKLM..\Run: [] File not found O4 - HKLM..\Run: [Broadcom Wireless Manager UI] C:\Windows\System32\WLTRAY.EXE (Dell Inc.) O4 - HKLM..\Run: [Corel Photo Downloader] C:\Program Files\Corel\Corel Snapfire Plus\PhotoDownloader.exe File not found O4 - HKLM..\Run: [ECenter] c:\DELL\E-Center\EULALauncher.exe ( ) O4 - HKLM..\Run: [Google Desktop Search] C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe (Google) O4 - HKLM..\Run: [GrooveMonitor] C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe (Microsoft Corporation) O4 - HKLM..\Run: [ISTray] C:\Program Files\Spyware Doctor\pctsTray.exe (PC Tools) O4 - HKLM..\Run: [ISUSPM Startup] C:\Program Files\Common Files\InstallShield\UpdateService\ISUSPM.exe (Macrovision Corporation) O4 - HKLM..\Run: [ISUSScheduler] C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe (Macrovision Corporation) O4 - HKLM..\Run: [iTunesHelper] C:\Program Files\iTunes\iTunesHelper.exe (Apple Inc.) O4 - HKLM..\Run: [mcagent_exe] C:\Program Files\McAfee.com\Agent\mcagent.exe (McAfee, Inc.) O4 - HKLM..\Run: [MskAgentexe] C:\Program Files\McAfee\MSK\mskagent.exe (McAfee Inc.) O4 - HKLM..\Run: [PDVDDXSrv] C:\Program Files\CyberLink\PowerDVD DX\PDVDDXSrv.exe (CyberLink Corp.) O4 - HKLM..\Run: [QuickTime Task] C:\Program Files\QuickTime\QTTask.exe (Apple Inc.) O4 - HKLM..\Run: [RoxioDragToDisc] C:\Program Files\Roxio\Drag-to-Disc\DrgToDsc.exe (Roxio) O4 - HKLM..\Run: [RoxWatchTray] C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxWatchTray9.exe (Sonic Solutions) O4 - HKLM..\Run: [SigmatelSysTrayApp] C:\Windows\sttray.exe (SigmaTel, Inc.) O4 - HKLM..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe (Sun Microsystems, Inc.) O4 - HKLM..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe (Synaptics, Inc.) O4 - HKLM..\Run: [WinampAgent] C:\Program Files\Winamp\winampa.exe File not found O4 - HKLM..\Run: [Windows Defender] C:\Program Files\Windows Defender\MSASCui.exe (Microsoft Corporation) O4 - HKCU..\Run: [] File not found O4 - HKCU..\Run: [DellSupport] C:\Program Files\DellSupport\DSAgnt.exe (Gteko Ltd.) O4 - HKCU..\Run: [euypkdgf] C:\Users\Iain W Masterson\AppData\Local\ovrhtt\cmkdsysguard.exe () O4 - HKCU..\Run: [FlashGet 3] C:\Program Files\FlashGet Network\FlashGet 3\FlashGet3.exe File not found O4 - HKCU..\Run: [StartCCC] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe () O4 - HKCU..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\wmpnscfg.exe (Microsoft Corporation) O4 - Startup: C:\Users\Iain W Masterson\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OneNote 2007 Screen Clipper and Launcher.lnk = C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE (Microsoft Corporation) O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 157 O8 - Extra context menu item: &Windows Live Search - C:\Program Files\Windows Live Toolbar\msntb.dll (Microsoft Corporation) O8 - Extra context menu item: E&xport to Microsoft Excel - C:\Program Files\Microsoft Office\Office12\EXCEL.EXE (Microsoft Corporation) O9 - Extra 'Tools' menuitem : Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll (Sun Microsystems, Inc.) O9 - Extra Button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office12\ONBttnIE.dll (Microsoft Corporation) O9 - Extra 'Tools' menuitem : S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office12\ONBttnIE.dll (Microsoft Corporation) O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\Program Files\Microsoft Office\Office12\REFIEBAR.DLL (Microsoft Corporation) O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.) O13 - gopher Prefix: missing O15 - HKCU\..Trusted Ranges: GD ([http] in Local intranet) O16 - DPF: {0CCA191D-13A6-4E29-B746-314DEE697D83} http://upload.facebook.com/controls/FacebookPhotoUploader5.cab (Facebook Photo Uploader 5) O16 - DPF: {5C6698D9-7BE4-4122-8EC5-291D84DBD4A0} http://upload.facebook.com/controls/FacebookPhotoUploader3.cab (Facebook Photo Uploader 4 Control) O16 - DPF: {67DABFBF-D0AB-41FA-9C46-CC0F21721616} http://download.divx.com/player/DivXBrowserPlugin.cab (DivXBrowserPlugin Object) O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_05-windows-i586.cab (Java Plug-in 1.6.0_05) O16 - DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} http://fpdownload.macromedia.com/get/flashplayer/current/ultrashim.cab (Reg Error: Key error.) O16 - DPF: {CAFEEFAC-0016-0000-0000-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0-windows-i586.cab (Java Plug-in 1.6.0) O16 - DPF: {CAFEEFAC-0016-0000-0003-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_03-windows-i586.cab (Java Plug-in 1.6.0_03) O16 - DPF: {CAFEEFAC-0016-0000-0005-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_05-windows-i586.cab (Java Plug-in 1.6.0_05) O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_05-windows-i586.cab (Java Plug-in 1.6.0_05) O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.254 O18 - Protocol\Handler\grooveLocalGWS {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll (Microsoft Corporation) O18 - Protocol\Handler\livecall {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files\MSN Messenger\msgrapp.8.1.0178.00.dll (Microsoft Corporation) O18 - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Program Files\Common Files\microsoft shared\Help\hxds.dll (Microsoft Corporation) O18 - Protocol\Handler\msnim {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files\MSN Messenger\msgrapp.8.1.0178.00.dll (Microsoft Corporation) O18 - Protocol\Filter\application/x-internet-signup {A173B69A-1F9B-4823-9FDA-412F641E65D6} - C:\Program Files\Tiscali\Tiscali Internet\dlls\tiscalifilter.dll () O18 - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\microsoft shared\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation) O20 - AppInit_DLLs: (C:\PROGRA~1\Google\GOOGLE~1\GOEC62~1.DLL) - C:\Program Files\Google\Google Desktop Search\GoogleDesktopNetwork3.dll (Google) O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation) O28 - HKLM ShellExecuteHooks: {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll (Microsoft Corporation) O32 - HKLM CDRom: AutoRun - 1 O32 - AutoRun File - [2006/09/18 21:43:36 | 00,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ] O34 - HKLM BootExecute: (autocheck) - File not found O34 - HKLM BootExecute: (*) - File not found O35 - comfile [open] -- "%1" %* File not found O35 - exefile [open] -- "%1" %* File not found NetSvcs: FastUserSwitchingCompatibility - File not found NetSvcs: Ias - C:\Windows\System32\ias [2006/11/02 11:18:47 | 00,000,000 | ---D | M] NetSvcs: Irmon - C:\Windows\System32\irmon.dll (Microsoft Corporation) NetSvcs: Nla - File not found NetSvcs: Ntmssvc - File not found NetSvcs: NWCWorkstation - File not found NetSvcs: Nwsapagent - File not found NetSvcs: SRService - File not found NetSvcs: Wmi - C:\Windows\System32\wmi.dll (Microsoft Corporation) NetSvcs: WmdmPmSp - File not found NetSvcs: LogonHours - File not found NetSvcs: PCAudit - File not found NetSvcs: helpsvc - File not found NetSvcs: uploadmgr - File not found OTL cannot create restorepoints on Vista OSs! [color=#E56717]========== Files/Folders - Created Within 14 Days ==========[/color] [2009/11/30 01:20:58 | 00,536,064 | ---- | C] (OldTimer Tools) -- C:\Users\Iain W Masterson\Desktop\OTL.exe [2009/11/30 01:20:29 | 00,472,064 | ---- | C] ( ) -- C:\Users\Iain W Masterson\Desktop\RootRepeal.exe [2009/11/30 01:05:28 | 00,000,000 | ---D | C] -- C:\Windows\ERDNT [2009/11/30 00:57:14 | 00,021,504 | ---- | C] (Doug Knox) -- C:\Users\Iain W Masterson\Desktop\SysRestorePoint.exe [2009/11/30 00:56:37 | 00,341,504 | ---- | C] (OldTimer Tools) -- C:\Users\Iain W Masterson\Desktop\TFC.exe [2009/11/29 23:30:32 | 00,233,136 | ---- | C] (PC Tools) -- C:\Windows\System32\drivers\pctgntdi.sys [2009/11/29 23:30:32 | 00,098,600 | ---- | C] (PC Tools) -- C:\Windows\System32\drivers\pctwfpfilter.sys [2009/11/29 23:30:27 | 00,207,792 | ---- | C] (PC Tools) -- C:\Windows\System32\drivers\PCTCore.sys [2009/11/29 23:30:27 | 00,087,784 | ---- | C] (PC Tools) -- C:\Windows\System32\drivers\PCTAppEvent.sys [2009/11/29 23:30:19 | 00,070,408 | ---- | C] (PC Tools) -- C:\Windows\System32\drivers\pctplsg.sys [2009/11/29 23:30:11 | 00,000,000 | ---D | C] -- C:\Program Files\Spyware Doctor [2009/11/29 23:30:11 | 00,000,000 | ---D | C] -- C:\Users\Iain W Masterson\AppData\Roaming\PC Tools [2009/11/29 23:30:11 | 00,000,000 | ---D | C] -- C:\ProgramData\PC Tools [2009/11/29 23:30:11 | 00,000,000 | ---D | C] -- C:\Program Files\Common Files\PC Tools [2009/11/29 22:51:27 | 00,000,000 | ---D | C] -- C:\32788R22FWJFW [2009/11/28 01:57:30 | 00,000,000 | ---D | C] -- C:\Users\Iain W Masterson\AppData\Local\ovrhtt [2009/11/27 03:34:03 | 00,000,000 | ---D | C] -- C:\Users\Iain W Masterson\Desktop\John Martyn-Solid Air-1973 [2009/11/25 03:00:46 | 00,000,000 | -HSD | C] -- C:\Config.Msi [2009/11/20 19:41:33 | 00,000,000 | ---D | C] -- C:\Users\Iain W Masterson\Desktop\Princess Mononoke [2009/11/19 12:37:21 | 00,000,000 | ---D | C] -- C:\Users\Iain W Masterson\Desktop\My Neighbour Totoro [color=#E56717]========== Files - Modified Within 14 Days ==========[/color] [2009/11/30 01:28:42 | 00,716,948 | ---- | M] () -- C:\Windows\System32\PerfStringBackup.INI [2009/11/30 01:28:42 | 00,621,746 | ---- | M] () -- C:\Windows\System32\perfh009.dat [2009/11/30 01:28:42 | 00,107,332 | ---- | M] () -- C:\Windows\System32\perfc009.dat [2009/11/30 01:26:00 | 00,000,000 | ---- | M] () -- C:\Users\Iain W Masterson\Desktop\settings.dat [2009/11/30 01:24:20 | 00,067,584 | --S- | M] () -- C:\Windows\bootstat.dat [2009/11/30 01:22:44 | 00,018,276 | ---- | M] () -- C:\Windows\System32\Config.MPF [2009/11/30 01:22:44 | 00,000,006 | -H-- | M] () -- C:\Windows\tasks\SA.DAT [2009/11/30 01:22:42 | 03,145,728 | -HS- | M] () -- C:\Users\Iain W Masterson\NTUSER.DAT [2009/11/30 01:22:33 | 01,680,727 | -H-- | M] () -- C:\Users\Iain W Masterson\AppData\Local\IconCache.db [2009/11/30 01:20:53 | 00,536,064 | ---- | M] (OldTimer Tools) -- C:\Users\Iain W Masterson\Desktop\OTL.exe [2009/11/30 01:20:26 | 00,472,064 | ---- | M] ( ) -- C:\Users\Iain W Masterson\Desktop\RootRepeal.exe [2009/11/30 01:20:01 | 00,000,440 | -H-- | M] () -- C:\Windows\tasks\User_Feed_Synchronization-{B59555B1-AE2B-4627-B7E9-22DB4FC7D44C}.job [2009/11/30 01:12:34 | 00,003,456 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0 [2009/11/30 01:12:34 | 00,003,456 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0 [2009/11/30 00:57:10 | 00,021,504 | ---- | M] (Doug Knox) -- C:\Users\Iain W Masterson\Desktop\SysRestorePoint.exe [2009/11/30 00:56:19 | 00,341,504 | ---- | M] (OldTimer Tools) -- C:\Users\Iain W Masterson\Desktop\TFC.exe [2009/11/29 23:35:00 | 00,000,256 | ---- | M] () -- C:\Windows\tasks\Check Updates for Windows Live Toolbar.job [2009/11/29 23:30:23 | 00,001,761 | ---- | M] () -- C:\Users\Public\Desktop\Spyware Doctor.lnk [2009/11/25 17:20:48 | 00,019,188 | ---- | M] () -- C:\Users\Iain W Masterson\AppData\Roaming\wklnhst.dat [2009/11/23 19:04:45 | 00,215,552 | ---- | M] () -- C:\Users\Iain W Masterson\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini [2009/11/23 19:04:42 | 18,365,0246 | ---- | M] () -- C:\Users\Iain W Masterson\Desktop\Family.Guy.S08E07.Jerome.Is.the.New.Black.PDTV.XviD-FQM(2).avi [2009/11/23 18:30:51 | 02,449,656 | ---- | M] () -- C:\Users\Iain W Masterson\Desktop\Family.Guy.S08E07.Jerome.Is.the.New.Black.PDTV.XviD-FQM.avi.part [2009/11/19 07:51:50 | 18,380,2494 | ---- | M] () -- C:\Users\Iain W Masterson\Desktop\South.Park.S13E14.Pee.HDTV.XviD-FQM.avi [color=#E56717]========== Files Created - No Company Name ==========[/color] [2009/11/30 01:26:00 | 00,000,000 | ---- | C] () -- C:\Users\Iain W Masterson\Desktop\settings.dat [2009/11/29 23:30:32 | 00,007,387 | ---- | C] () -- C:\Windows\System32\drivers\pctgntdi.cat [2009/11/29 23:30:27 | 00,007,412 | ---- | C] () -- C:\Windows\System32\drivers\PCTAppEvent.cat [2009/11/29 23:30:27 | 00,007,383 | ---- | C] () -- C:\Windows\System32\drivers\pctcore.cat [2009/11/29 23:30:23 | 00,001,761 | ---- | C] () -- C:\Users\Public\Desktop\Spyware Doctor.lnk [2009/11/29 23:30:19 | 00,007,383 | ---- | C] () -- C:\Windows\System32\drivers\pctplsg.cat [2009/11/23 18:54:41 | 00,000,089 | ---- | C] () -- C:\Users\Iain W Masterson\Desktop\Gunners Heaven [NTSC-J].cue [2009/11/23 18:54:13 | 39,830,6496 | ---- | C] () -- C:\Users\Iain W Masterson\Desktop\Gunners Heaven [NTSC-J].bin [2009/11/23 18:32:12 | 18,365,0246 | ---- | C] () -- C:\Users\Iain W Masterson\Desktop\Family.Guy.S08E07.Jerome.Is.the.New.Black.PDTV.XviD-FQM(2).avi [2009/11/23 18:29:11 | 02,449,656 | ---- | C] () -- C:\Users\Iain W Masterson\Desktop\Family.Guy.S08E07.Jerome.Is.the.New.Black.PDTV.XviD-FQM.avi.part [2009/11/19 07:35:40 | 18,380,2494 | ---- | C] () -- C:\Users\Iain W Masterson\Desktop\South.Park.S13E14.Pee.HDTV.XviD-FQM.avi [2009/10/30 17:11:33 | 00,000,025 | ---- | C] () -- C:\Windows\libem.INI [2009/10/15 00:15:05 | 00,028,400 | ---- | C] () -- C:\Users\Iain W Masterson\AppData\Roaming\b.exe [2009/07/06 20:17:37 | 00,721,904 | ---- | C] () -- C:\Windows\System32\drivers\sptd.sys [2009/02/10 00:09:09 | 00,081,332 | ---- | C] () -- C:\Windows\System32\bass.dll [2008/10/24 10:12:34 | 00,002,403 | ---- | C] () -- C:\Windows\CD_SearchHistory.INI [2008/10/24 10:11:58 | 01,654,784 | ---- | C] () -- C:\Windows\System32\beconvlib.dll [2008/10/24 10:11:58 | 00,204,800 | ---- | C] () -- C:\Windows\System32\bprgcomm.dll [2008/10/24 10:11:58 | 00,131,072 | ---- | C] () -- C:\Windows\System32\CSVSpecialProcessing.dll [2008/10/24 10:11:57 | 00,000,530 | ---- | C] () -- C:\Windows\System32\tx14_ic.ini [2008/10/24 10:11:56 | 00,221,184 | ---- | C] () -- C:\Windows\System32\SII_PDF.dll [2008/10/24 10:11:56 | 00,102,400 | ---- | C] () -- C:\Windows\System32\SARzilla.dll [2008/10/24 10:11:56 | 00,098,304 | ---- | C] () -- C:\Windows\System32\DVM.dll [2008/04/29 18:46:31 | 00,000,125 | -H-- | C] () -- C:\Users\Iain W Masterson\AppData\Roaming\brara1985.sys [2008/04/29 18:45:48 | 00,010,568 | ---- | C] () -- C:\Users\Iain W Masterson\AppData\Roaming\docXConverter.ini [2008/03/02 20:22:53 | 00,237,568 | ---- | C] () -- C:\Windows\System32\lame_enc.dll [2008/02/21 02:05:44 | 03,596,288 | ---- | C] () -- C:\Windows\System32\qt-dx331.dll [2008/02/21 02:04:16 | 00,000,416 | ---- | C] () -- C:\Windows\System32\dtu100.dll.manifest [2008/02/21 02:04:16 | 00,000,416 | ---- | C] () -- C:\Windows\System32\dpl100.dll.manifest [2008/02/21 02:03:24 | 00,012,288 | ---- | C] () -- C:\Windows\System32\DivXWMPExtType.dll [2007/09/17 15:01:49 | 00,007,680 | ---- | C] () -- C:\Windows\System32\ff_vfw.dll [2007/09/17 15:01:49 | 00,000,547 | ---- | C] () -- C:\Windows\System32\ff_vfw.dll.manifest [2007/02/22 18:38:02 | 00,215,552 | ---- | C] () -- C:\Users\Iain W Masterson\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini [2007/02/21 18:45:16 | 00,019,188 | ---- | C] () -- C:\Users\Iain W Masterson\AppData\Roaming\wklnhst.dat [2007/02/13 06:43:18 | 00,159,744 | ---- | C] () -- C:\Windows\System32\atitmmxx.dll [2007/02/13 06:43:17 | 00,016,480 | ---- | C] () -- C:\Windows\System32\rixdicon.dll [2007/02/13 06:43:07 | 01,060,424 | ---- | C] () -- C:\Windows\System32\WdfCoInstaller01000.dll [2007/02/12 23:17:32 | 00,056,056 | ---- | C] () -- C:\Windows\System32\DLAAPI_W.DLL [2007/02/12 23:17:32 | 00,000,120 | ---- | C] () -- C:\Windows\wininit.ini [2007/02/12 23:05:41 | 00,065,536 | ---- | C] () -- C:\Windows\System32\bcmwlrmt.dll [2006/11/07 19:25:58 | 00,000,000 | ---- | C] () -- C:\Windows\System32\px.ini [2006/11/02 07:40:29 | 00,013,750 | ---- | C] () -- C:\Windows\System32\pacerprf.ini [2006/09/16 23:36:50 | 00,520,192 | ---- | C] () -- C:\Windows\System32\CddbPlaylist2Roxio.dll [2006/09/16 23:36:50 | 00,204,800 | ---- | C] () -- C:\Windows\System32\CddbFileTaggerRoxio.dll [color=#E56717]========== LOP Check ==========[/color] [2008/10/29 13:06:42 | 00,000,000 | ---D | M] -- C:\Users\Iain W Masterson\AppData\Roaming\ACASystems [2007/09/22 16:48:14 | 00,000,000 | ---D | M] -- C:\Users\Iain W Masterson\AppData\Roaming\Azureus [2009/11/03 20:36:51 | 00,000,000 | ---D | M] -- C:\Users\Iain W Masterson\AppData\Roaming\BITS [2007/10/13 18:15:07 | 00,000,000 | ---D | M] -- C:\Users\Iain W Masterson\AppData\Roaming\BitTorrent [2009/07/06 20:15:34 | 00,000,000 | ---D | M] -- C:\Users\Iain W Masterson\AppData\Roaming\DAEMON Tools Pro [2009/10/30 17:11:29 | 00,000,000 | ---D | M] -- C:\Users\Iain W Masterson\AppData\Roaming\FlashGet [2009/10/30 17:11:17 | 00,000,000 | ---D | M] -- C:\Users\Iain W Masterson\AppData\Roaming\FlashGetBHO [2008/10/20 16:02:34 | 00,000,000 | ---D | M] -- C:\Users\Iain W Masterson\AppData\Roaming\fltk.org [2008/01/31 20:28:41 | 00,000,000 | ---D | M] -- C:\Users\Iain W Masterson\AppData\Roaming\FUJIFILM [2007/02/21 18:45:33 | 00,000,000 | ---D | M] -- C:\Users\Iain W Masterson\AppData\Roaming\Template [2009/09/03 03:23:54 | 00,000,000 | ---D | M] -- C:\Users\Iain W Masterson\AppData\Roaming\uTorrent [2009/11/29 23:35:00 | 00,000,256 | ---- | M] () -- C:\Windows\Tasks\Check Updates for Windows Live Toolbar.job [2009/11/15 03:21:27 | 00,000,342 | ---- | M] () -- C:\Windows\Tasks\McDefragTask.job [2009/11/01 01:00:22 | 00,000,334 | ---- | M] () -- C:\Windows\Tasks\McQcTask.job [2009/11/30 01:22:44 | 00,032,630 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT [2009/11/30 01:20:01 | 00,000,440 | -H-- | M] () -- C:\Windows\Tasks\User_Feed_Synchronization-{B59555B1-AE2B-4627-B7E9-22DB4FC7D44C}.job [color=#E56717]========== Purity Check ==========[/color] [color=#E56717]========== Custom Scans ==========[/color] [color=#A23BEC]< %SYSTEMDRIVE%\*.exe >[/color] [color=#E56717]========== Alternate Data Streams ==========[/color] @Alternate Data Stream - 76 bytes -> C:\Users\Iain W Masterson\Documents\Video Downloads:Roxio EMC Stream @Alternate Data Stream - 76 bytes -> C:\Users\Iain W Masterson\Documents\plugin:Roxio EMC Stream @Alternate Data Stream - 76 bytes -> C:\Users\Iain W Masterson\Documents\OneNote Notebooks:Roxio EMC Stream @Alternate Data Stream - 76 bytes -> C:\Users\Iain W Masterson\Documents\My Received Files:Roxio EMC Stream @Alternate Data Stream - 76 bytes -> C:\Users\Iain W Masterson\Documents\My PSP Files:Roxio EMC Stream @Alternate Data Stream - 76 bytes -> C:\Users\Iain W Masterson\Documents\Downloads:Roxio EMC Stream @Alternate Data Stream - 76 bytes -> C:\Users\Iain W Masterson\Documents\Converted Videos:Roxio EMC Stream @Alternate Data Stream - 76 bytes -> C:\Users\Iain W Masterson\Desktop\Tom Waits - Rain Dogs:Roxio EMC Stream @Alternate Data Stream - 76 bytes -> C:\Users\Iain W Masterson\Desktop\Princess Mononoke:Roxio EMC Stream @Alternate Data Stream - 76 bytes -> C:\Users\Iain W Masterson\Desktop\My Neighbour Totoro:Roxio EMC Stream @Alternate Data Stream - 76 bytes -> C:\Users\Iain W Masterson\Desktop\Le Samurai:Roxio EMC Stream @Alternate Data Stream - 76 bytes -> C:\Users\Iain W Masterson\Desktop\Law:Roxio EMC Stream @Alternate Data Stream - 76 bytes -> C:\Users\Iain W Masterson\Desktop\John Martyn-Solid Air-1973:Roxio EMC Stream @Alternate Data Stream - 76 bytes -> C:\Users\Iain W Masterson\Desktop\Iain Masterson:Roxio EMC Stream @Alternate Data Stream - 76 bytes -> C:\Users\Iain W Masterson\Desktop\Graham Coxon:Roxio EMC Stream @Alternate Data Stream - 76 bytes -> C:\Users\Iain W Masterson\Desktop\1976. Small Change:Roxio EMC Stream @Alternate Data Stream - 129 bytes -> C:\ProgramData\TEMP:05EE1EEF @Alternate Data Stream - 105 bytes -> C:\ProgramData\TEMP:DFC5A2B2 < End of report >