OTListIt logfile created on: 08/02/2009 11:09:42 - Run
OTListIt2 by OldTimer - Version 1.0.4.1 Folder = C:\Documents and Settings\Iain\Desktop
Windows XP Home Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 7.0.5730.11)
Locale: 00000809 | Country: United Kingdom | Language: ENG | Date Format: dd/MM/yyyy
509.98 Mb Total Physical Memory | 252.45 Mb Available Physical Memory | 49.50% Memory free
1.21 Gb Paging File | 0.94 Gb Available in Paging File | 77.75% Paging File free
Paging file location(s): C:\pagefile.sys 763 768;
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 76.33 Gb Total Space | 38.54 Gb Free Space | 50.49% Space Free | Partition Type: NTFS
D: Drive not present or media not loaded
E: Drive not present or media not loaded
Drive F: | 124.49 Mb Total Space | 27.64 Mb Free Space | 22.20% Space Free | Partition Type: FAT
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded
Computer Name: CLAIRE-IAIN
Current User Name: Iain
Logged in as Administrator.
Current Boot Mode: Normal
Scan Mode: Current user
Output = Minimal
File Age = 30 Days
Company Name Whitelist: On
========== Processes (SafeList) ========== C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe (ALWIL Software)
C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe (Lavasoft)
C:\Program Files\Alwil Software\Avast4\ashServ.exe (ALWIL Software)
C:\Program Files\Belkin\Bluetooth Software\bin\btwdins.exe (Broadcom Corporation.)
C:\Program Files\Common Files\InterVideo\RegMgr\iviRegMgr.exe (InterVideo)
C:\Program Files\Java\jre6\bin\jqs.exe (Sun Microsystems, Inc.)
C:\Program Files\Common Files\Microsoft Shared\VS7Debug\mdm.exe (Microsoft Corporation)
C:\Program Files\Common Files\Protexis\License Service\PSIService.exe ()
C:\WINDOWS\Installer\MSIF.tmp (Solid Documents, LLC)
C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe (Ulead Systems, Inc.)
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe (ALWIL Software)
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe (ALWIL Software)
C:\WINDOWS\system32\wbem\unsecapp.exe (Microsoft Corporation)
C:\WINDOWS\system32\wbem\wmiprvse.exe (Microsoft Corporation)
C:\Program Files\Lavasoft\Ad-Aware\AAWTray.exe (Lavasoft)
C:\Program Files\Java\jre6\bin\jusched.exe (Sun Microsystems, Inc.)
C:\WINDOWS\system32\hkcmd.exe (Intel Corporation)
C:\Program Files\Corel\Corel GuideMenu\GuideMenu.exe (Corel Copyright © 2007)
C:\Program Files\Alwil Software\Avast4\ashDisp.exe (ALWIL Software)
C:\Program Files\TomTom HOME 2\HOMERunner.exe (TomTom)
C:\WINDOWS\system32\wuauclt.exe (Microsoft Corporation)
C:\Program Files\Belkin\Bluetooth Software\BTTray.exe (Broadcom Corporation.)
C:\Documents and Settings\Iain\Desktop\OTListIt2.exe (OldTimer Tools)
========== (O23) Win32 Services (SafeList) ========== (aswUpdSv [Auto | Running]) -- C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe (ALWIL Software)
(avast! Antivirus [Auto | Running]) -- C:\Program Files\Alwil Software\Avast4\ashServ.exe (ALWIL Software)
(avast! Mail Scanner [On_Demand | Running]) -- C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe (ALWIL Software)
(avast! Web Scanner [On_Demand | Running]) -- C:\Program Files\Alwil Software\Avast4\ashWebSv.exe (ALWIL Software)
(btwdins [Auto | Running]) -- C:\Program Files\Belkin\Bluetooth Software\bin\btwdins.exe (Broadcom Corporation.)
(helpsvc [Auto | Running]) -- C:\WINDOWS\PCHealth\HelpCtr\Binaries\pchsvc.dll (Microsoft Corporation)
(IviRegMgr [Auto | Running]) -- C:\Program Files\Common Files\InterVideo\RegMgr\iviRegMgr.exe (InterVideo)
(JavaQuickStarterService [Auto | Running]) -- C:\Program Files\Java\jre6\bin\jqs.exe (Sun Microsystems, Inc.)
(Lavasoft Ad-Aware Service [Auto | Running]) -- C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe (Lavasoft)
(MDM [Auto | Running]) -- C:\Program Files\Common Files\Microsoft Shared\VS7Debug\mdm.exe (Microsoft Corporation)
(ProtexisLicensing [Auto | Running]) -- C:\Program Files\Common Files\Protexis\License Service\PSIService.exe ()
(ServiceLayer [On_Demand | Stopped]) -- C:\Program Files\PC Connectivity Solution\ServiceLayer.exe (Nokia.)
(SPDFToolsReadSpool [Auto | Running]) -- C:\WINDOWS\Installer\MSIF.tmp (Solid Documents, LLC)
(UleadBurningHelper [Auto | Running]) -- C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe (Ulead Systems, Inc.)
(WMPNetworkSvc [On_Demand | Stopped]) -- C:\Program Files\Windows Media Player\wmpnetwk.exe (Microsoft Corporation)
(WudfSvc [On_Demand | Stopped]) -- C:\WINDOWS\system32\WudfSvc.dll (Microsoft Corporation)
========== Driver Services (SafeList) ========== (Aavmker4 [System | Running]) -- C:\WINDOWS\system32\drivers\aavmker4.sys (ALWIL Software)
(AegisP [Auto | Running]) -- C:\WINDOWS\system32\drivers\AegisP.sys (Meetinghouse Data Communications)
(alcan5wn [On_Demand | Stopped]) -- C:\WINDOWS\system32\drivers\alcan5wn.sys (THOMSON)
(alcaudsl [On_Demand | Stopped]) -- C:\WINDOWS\system32\drivers\alcaudsl.sys (THOMSON)
(ALCXWDM [On_Demand | Running]) -- C:\WINDOWS\system32\drivers\ALCXWDM.SYS (Avance Logic, Inc.)
(AR5523 [On_Demand | Stopped]) -- C:\WINDOWS\system32\drivers\WG11TND5.sys (NETGEAR, Inc.)
(aswFsBlk [Auto | Running]) -- C:\WINDOWS\system32\drivers\aswFsBlk.sys (ALWIL Software)
(aswMon2 [Auto | Running]) -- C:\WINDOWS\system32\drivers\aswmon2.sys (ALWIL Software)
(aswRdr [On_Demand | Running]) -- C:\WINDOWS\system32\drivers\aswRdr.sys (ALWIL Software)
(aswSP [System | Running]) -- C:\WINDOWS\system32\drivers\aswSP.sys (ALWIL Software)
(aswTdi [System | Running]) -- C:\WINDOWS\system32\drivers\aswTdi.sys (ALWIL Software)
(btaudio [On_Demand | Running]) -- C:\WINDOWS\system32\drivers\btaudio.sys (Broadcom Corporation.)
(BTDriver [On_Demand | Stopped]) -- C:\WINDOWS\system32\drivers\btport.sys (Broadcom Corporation.)
(BTKRNL [On_Demand | Running]) -- C:\WINDOWS\system32\drivers\btkrnl.sys (Broadcom Corporation.)
(BTWDNDIS [On_Demand | Stopped]) -- C:\WINDOWS\system32\drivers\btwdndis.sys (Broadcom Corporation.)
(btwhid [On_Demand | Stopped]) -- C:\WINDOWS\system32\drivers\btwhid.sys (Broadcom Corporation.)
(btwmodem [On_Demand | Stopped]) -- C:\WINDOWS\system32\drivers\btwmodem.sys (Broadcom Corporation.)
(BTWUSB [On_Demand | Stopped]) -- C:\WINDOWS\system32\drivers\btwusb.sys (Broadcom Corporation.)
(DNINDIS5 [On_Demand | Stopped]) -- C:\WINDOWS\system32\DNINDIS5.sys (Printing Communications Assoc., Inc. (PCAUSA))
(gameenum [On_Demand | Running]) -- C:\WINDOWS\system32\drivers\gameenum.sys (Microsoft Corporation)
(giveio [On_Demand | Stopped]) -- C:\WINDOWS\system32\giveio.sys ()
(GT680x [On_Demand | Stopped]) -- C:\WINDOWS\system32\drivers\gt680x.sys ( )
(HSFHWBS2 [On_Demand | Running]) -- C:\WINDOWS\system32\drivers\HSFHWBS2.sys (Conexant Systems)
(HSF_DP [On_Demand | Running]) -- C:\WINDOWS\system32\drivers\HSF_DP.sys (Conexant Systems)
(ialm [On_Demand | Running]) -- C:\WINDOWS\system32\drivers\ialmnt5.sys (Intel Corporation)
(Iviaspi [On_Demand | Running]) -- C:\WINDOWS\system32\drivers\iviaspi.sys (InterVideo, Inc.)
(kbdhid [System | Stopped]) -- C:\WINDOWS\system32\drivers\kbdhid.sys (Microsoft Corporation)
(Lbd [Boot | Running]) -- C:\WINDOWS\system32\drivers\Lbd.sys (Lavasoft AB)
(MASPINT [Auto | Running]) -- C:\WINDOWS\system32\drivers\MASPINT.SYS (MicroStaff Co.,Ltd.)
(mdmxsdk [Auto | Running]) -- C:\WINDOWS\system32\drivers\mdmxsdk.sys (Conexant)
(ms_mpu401 [On_Demand | Running]) -- C:\WINDOWS\system32\drivers\msmpu401.sys (Microsoft Corporation)
(nmwcd [On_Demand | Stopped]) -- C:\WINDOWS\system32\drivers\nmwcd.sys (Nokia)
(Ptilink [On_Demand | Running]) -- C:\WINDOWS\system32\drivers\ptilink.sys (Parallel Technologies, Inc.)
(PxHelp20 [Boot | Running]) -- C:\WINDOWS\system32\drivers\PxHelp20.sys (Sonic Solutions)
(RT73 [On_Demand | Stopped]) -- C:\WINDOWS\system32\drivers\rt73.sys (Ralink Technology, Corp.)
(rtl8139 [On_Demand | Running]) -- C:\WINDOWS\system32\drivers\rtl8139.sys (Realtek Semiconductor Corporation)
(Secdrv [On_Demand | Stopped]) -- C:\WINDOWS\system32\drivers\secdrv.sys (Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K.)
(sptd [Boot | Running]) -- C:\WINDOWS\system32\drivers\sptd.sys ()
(tmcomm [Auto | Running]) -- C:\WINDOWS\system32\drivers\tmcomm.sys (Trend Micro Inc.)
(wceusbsh [On_Demand | Stopped]) -- C:\WINDOWS\system32\drivers\wceusbsh.sys (Microsoft Corporation)
(winachsf [On_Demand | Running]) -- C:\WINDOWS\system32\drivers\HSF_CNXT.sys (Conexant Systems)
(WS2IFSL [System | Running]) -- C:\WINDOWS\system32\drivers\ws2ifsl.sys (Microsoft Corporation)
({6080A529-897E-4629-A488-ABA0C29B635E} [System | Stopped]) -- C:\WINDOWS\system32\drivers\ialmsbw.sys (Intel Corporation)
({D31A0762-0CEB-444e-ACFF-B049A1F6FE91} [On_Demand | Stopped]) -- C:\WINDOWS\system32\drivers\ialmkchw.sys (Intel Corporation)
========== Standard Registry (All) ========== ========== Internet Explorer ========== HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL =
http://go.microsoft....k/?LinkId=69157HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL =
http://go.microsoft....k/?LinkId=54896HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL =
HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Extensions Off Page = about:NoAdd-ons
HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm
HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page =
http://go.microsoft....k/?LinkId=54896HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Security Risk Page = about:SecurityRisk
HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page =
http://go.microsoft....k/?LinkId=69157HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,CustomizeSearch =
http://ie.search.msn...st/srchcust.htmHKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant =
http://ie.search.msn...st/srchasst.htm HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page =
http://www.google.co.uk/HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
O1 HOSTS File: (734 bytes) - C:\WINDOWS\System32\drivers\etc\Hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (Adobe PDF Reader Link Helper) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
O2 - BHO: (Java Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll (Sun Microsystems, Inc.)
O2 - BHO: (Java Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll (Sun Microsystems, Inc.)
O2 - BHO: (JQSIEStartDetectorImpl Class) - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll (Sun Microsystems, Inc.)
O2 - BHO: (EpsonToolBandKicker Class) - {E99421FB-68DD-40F0-B4AC-B7027CAE2F1A} - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll (SEIKO EPSON CORPORATION)
O3 - HKLM\..\Toolbar: (no name) - {8B68564D-53FD-4293-B80C-993A9F3988EE} - Reg Error: Key does not exist or could not be opened. File not found
O3 - HKLM\..\Toolbar: (EPSON Web-To-Page) - {EE5D279F-081B-4404-994D-C6B60AAEBA6D} - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll (SEIKO EPSON CORPORATION)
O3 - HKCU\..\Toolbar: (no name) - {01E04581-4EEE-11D0-BFE9-00AA005B4383} - C:\WINDOWS\system32\browseui.dll (Microsoft Corporation)
O3 - HKCU\..\Toolbar: (no name) - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - Reg Error: Key does not exist or could not be opened. File not found
O3 - HKCU\..\Toolbar: (no name) - {01E04581-4EEE-11D0-BFE9-00AA005B4383} - C:\WINDOWS\system32\browseui.dll (Microsoft Corporation)
O3 - HKCU\..\Toolbar: (no name) - {0B53EAC3-8D69-4B9E-9B19-A37C9A5676A7} - Reg Error: Key does not exist or could not be opened. File not found
O3 - HKCU\..\Toolbar: (no name) - {0E5CBF21-D15F-11D0-8301-00AA005B4383} - C:\WINDOWS\system32\shell32.dll (Microsoft Corporation)
O3 - HKCU\..\Toolbar: (no name) - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - Reg Error: Key does not exist or could not be opened. File not found
O3 - HKCU\..\Toolbar: (no name) - {EE5D279F-081B-4404-994D-C6B60AAEBA6D} - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll (SEIKO EPSON CORPORATION)
O3 - HKCU\..\Toolbar: (no name) - {F2CF5485-4E02-4F68-819C-B92DE9277049} - C:\WINDOWS\system32\ieframe.dll (Microsoft Corporation)
O4 - HKLM..\Run: [Ad-Watch] C:\Program Files\Lavasoft\Ad-Aware\AAWTray.exe (Lavasoft)
O4 - HKLM..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe (ALWIL Software)
O4 - HKLM..\Run: [GuideMenu] C:\Program Files\Corel\Corel GuideMenu\GuideMenu.exe -hide (Corel Copyright © 2007)
O4 - HKLM..\Run: [HotKeysCmds] C:\WINDOWS\system32\hkcmd.exe (Intel Corporation)
O4 - HKLM..\Run: [IgfxTray] C:\WINDOWS\system32\igfxtray.exe (Intel Corporation)
O4 - HKLM..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime (Apple Inc.)
O4 - HKLM..\Run: [REGSHAVE] C:\Program Files\REGSHAVE\REGSHAVE.EXE /AUTORUN (FUJI PHOTO FILM CO., LTD.)
O4 - HKLM..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe" (Sun Microsystems, Inc.)
O4 - HKCU..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe (Microsoft Corporation)
O4 - HKCU..\Run: [EPSON Stylus D92 Series] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATIBZE.EXE /FU "C:\WINDOWS\TEMP\E_S9E.tmp" /EF "HKCU" (SEIKO EPSON CORPORATION)
O4 - HKCU..\Run: [Microsoft Works Update Detection] C:\Program Files\Microsoft Works\WkDetect.exe (Microsoft® Corporation)
O4 - HKCU..\Run: [TomTomHOME.exe] "C:\Program Files\TomTom HOME 2\HOMERunner.exe" (TomTom)
O4 - HKCU..\Run: [updateMgr] "C:\Program Files\Adobe\Acrobat 7.0\Reader\AdobeUpdateManager.exe" AcRdB7_0_8 -reboot 1 (Adobe Systems Incorporated)
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Bluetooth.lnk = C:\Program Files\Belkin\Bluetooth Software\BTTray.exe (Broadcom Corporation.)
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE (Microsoft Corporation)
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: dontdisplaylastusername = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticecaption =
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticetext =
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: shutdownwithoutlogon = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: undockwithoutlogon = 1
O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoViewOnDrive = 0
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office10\EXCEL.EXE/3000
O8 - Extra context menu item: Search with Wanadoo - res://C:\PROGRA~1\Wanadoo\WSBar\WSBar.dll/VSearch.htm
O8 - Extra context menu item: Send to &Bluetooth Device... - C:\Program Files\Belkin\Bluetooth Software\btsendto_ie_ctx.htm
O9 - Extra Button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\Belkin\Bluetooth Software\btsendto_ie.htm ()
O9 - Extra 'Tools' menuitem : @btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\Belkin\Bluetooth Software\btsendto_ie.htm ()
O9 - Extra 'Tools' menuitem : @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\network diagnostic\xpnetdiag.exe (Microsoft Corporation)
O9 - Extra Button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe (Microsoft Corporation)
O12 - Plugin for .spop: C:\Program Files\Internet Explorer\PLUGINS\NPDocBox.dll [2001/08/01 16:05:42 | 00,270,336 | ---- | M] (Intertrust Technologies, Inc.)
O15 - HKLM\..Trusted Sites: 1 domain(s) and sub-domain(s) not assigned to a zone.
O15 - HKCU\..Trusted Sites: 103 domain(s) and sub-domain(s) not assigned to a zone.
O16 - DPF: {215B8138-A3CF-44C5-803F-8226143CFC0A}
http://housecall65.t...ivex/hcImpl.cab (Trend Micro ActiveX Scan Agent 6.6)
O16 - DPF: {2A493D5F-8914-4D3E-8BF3-767F281862F4}
http://sell.autotrad...raderMediaX.cab (TraderMediaImgX Control)
O16 - DPF: {67DABFBF-D0AB-41FA-9C46-CC0F21721616}
http://download.divx...owserPlugin.cab (Reg Error: Key does not exist or could not be opened.)
O16 - DPF: {79E0C1C0-316D-11D5-A72A-006097BFA1AC}
http://esupport.epso...rg/ESTPTest.cab (EPSON Web Printer-SelfTest Control Class)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93}
http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_11)
O16 - DPF: {CAFEEFAC-0015-0000-0002-ABCDEFFEDCBA}
http://java.sun.com/...indows-i586.cab (Java Plug-in 1.5.0_02)
O16 - DPF: {CAFEEFAC-0015-0000-0006-ABCDEFFEDCBA}
http://java.sun.com/...indows-i586.cab (Java Plug-in 1.5.0_06)
O16 - DPF: {CAFEEFAC-0015-0000-0010-ABCDEFFEDCBA}
http://java.sun.com/...indows-i586.cab (Java Plug-in 1.5.0_10)
O16 - DPF: {CAFEEFAC-0015-0000-0011-ABCDEFFEDCBA}
http://java.sun.com/...indows-i586.cab (Java Plug-in 1.5.0_11)
O16 - DPF: {CAFEEFAC-0016-0000-0001-ABCDEFFEDCBA}
http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_01)
O16 - DPF: {CAFEEFAC-0016-0000-0002-ABCDEFFEDCBA}
http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_02)
O16 - DPF: {CAFEEFAC-0016-0000-0003-ABCDEFFEDCBA}
http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_03)
O16 - DPF: {CAFEEFAC-0016-0000-0005-ABCDEFFEDCBA}
http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_05)
O16 - DPF: {CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA}
http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_07)
O16 - DPF: {CAFEEFAC-0016-0000-0011-ABCDEFFEDCBA}
http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_11)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA}
http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_11)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000}
http://download.macr...ash/swflash.cab (Shockwave Flash Object)
O16 - DPF: DirectAnimation Java Classes file://C:\WINDOWS\Java\classes\dajava.cab (Reg Error: Key does not exist or could not be opened.)
O16 - DPF: Microsoft XML Parser for Java file://C:\WINDOWS\Java\classes\xmldso.cab (Reg Error: Key does not exist or could not be opened.)
O18 - Protocol\Handler: - about - C:\WINDOWS\system32\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler: - cdl - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler: - cdo - C:\Program Files\Common Files\Microsoft Shared\Web Folders\PKMCDO.DLL (Microsoft Corporation)
O18 - Protocol\Handler: - dvd - C:\WINDOWS\system32\msvidctl.dll (Microsoft Corporation)
O18 - Protocol\Handler: - file - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler: - ftp - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler: - gopher - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler: - http - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler: - http\0x00000001 - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler: - http\oledb - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler: - https - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler: - https\0x00000001 - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler: - https\oledb - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler: - ipp - No CLSID value found
O18 - Protocol\Handler: - ipp\0x00000001 - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler: - its - C:\WINDOWS\system32\itss.dll (Microsoft Corporation)
O18 - Protocol\Handler: - javascript - C:\WINDOWS\system32\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler: - local - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler: - mailto - C:\WINDOWS\system32\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler: - mhtml - C:\WINDOWS\system32\inetcomm.dll (Microsoft Corporation)
O18 - Protocol\Handler: - mk - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler: - msdaipp - No CLSID value found
O18 - Protocol\Handler: - msdaipp\0x00000001 - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler: - msdaipp\oledb - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler: - ms-its - C:\WINDOWS\system32\itss.dll (Microsoft Corporation)
O18 - Protocol\Handler: - ms-itss - C:\Program Files\Common Files\Microsoft Shared\Information Retrieval\msitss.dll (Microsoft Corporation)
O18 - Protocol\Handler: - mso-offdap - C:\Program Files\Common Files\Microsoft Shared\Web Components\10\OWC10.DLL (Microsoft Corporation)
O18 - Protocol\Handler: - res - C:\WINDOWS\system32\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler: - sysimage - C:\WINDOWS\system32\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler: - tv - C:\WINDOWS\system32\msvidctl.dll (Microsoft Corporation)
O18 - Protocol\Handler: - vbscript - C:\WINDOWS\system32\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler: - wia - C:\WINDOWS\system32\wiascr.dll (Microsoft Corporation)
O18 - Protocol\Filter: - Class Install Handler - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Filter: - deflate - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Filter: - gzip - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Filter: - lzdhtml - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Filter: - text/webviewhtml - C:\WINDOWS\system32\shell32.dll (Microsoft Corporation)
O18 - Protocol\Filter: - text/x-mrml - C:\Program Files\Common Files\A&W\MidRadio.ocx (YAMAHA CORPORATION)
O20 - See sections below for AppInitDlls and Winlogon settings
O21 - SSODL: CDBurn - {fbeb8a05-beee-4442-804e-409d6c4515e9}C:\WINDOWS\system32\shell32.dll (Microsoft Corporation)
O21 - SSODL: PostBootReminder - {7849596a-48ea-486e-8937-a2a3009f31a9}C:\WINDOWS\system32\shell32.dll (Microsoft Corporation)
O21 - SSODL: SysTray - {35CEC8A3-2BE6-11D2-8773-92E220524153}C:\WINDOWS\system32\stobject.dll (Microsoft Corporation)
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED}C:\WINDOWS\system32\webcheck.dll (Microsoft Corporation)
O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5}C:\WINDOWS\system32\WPDShServiceObj.dll (Microsoft Corporation)
O22 - SharedTaskScheduler: (Browseui preloader) - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll (Microsoft Corporation)
O22 - SharedTaskScheduler: (Component Categories cache daemon) - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll (Microsoft Corporation)
========== HKLM Winlogon Settings ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon]
"Shell" = Explorer.exe
>C:\WINDOWS\explorer.exe (Microsoft Corporation)
"UserInit" = C:\WINDOWS\system32\userinit.exe,
>C:\WINDOWS\system32\userinit.exe (Microsoft Corporation)
"UIHost" = logonui.exe
>C:\WINDOWS\system32\logonui.exe (Microsoft Corporation)
"VMApplet" = rundll32 shell32,Control_RunDLL "sysdm.cpl"
>C:\WINDOWS\system32\shell32.dll (Microsoft Corporation)
>C:\WINDOWS\system32\sysdm.cpl (Microsoft Corporation)
========== Winlogon Notify Settings ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\]
crypt32chain: "DllName" = crypt32.dll -- C:\WINDOWS\system32\crypt32.dll (Microsoft Corporation)
cryptnet: "DllName" = cryptnet.dll -- C:\WINDOWS\system32\cryptnet.dll (Microsoft Corporation)
cscdll: "DllName" = cscdll.dll -- C:\WINDOWS\system32\cscdll.dll (Microsoft Corporation)
dimsntfy: "DllName" = %SystemRoot%\System32\dimsntfy.dll -- C:\WINDOWS\system32\dimsntfy.dll (Microsoft Corporation)
igfxcui: "DllName" = igfxsrvc.dll -- C:\WINDOWS\system32\igfxsrvc.dll (Intel Corporation)
ScCertProp: "DllName" = wlnotify.dll -- C:\WINDOWS\system32\wlnotify.dll (Microsoft Corporation)
Schedule: "DllName" = wlnotify.dll -- C:\WINDOWS\system32\wlnotify.dll (Microsoft Corporation)
sclgntfy: "DllName" = sclgntfy.dll -- C:\WINDOWS\system32\sclgntfy.dll (Microsoft Corporation)
SensLogn: "DllName" = WlNotify.dll -- C:\WINDOWS\system32\wlnotify.dll (Microsoft Corporation)
termsrv: "DllName" = wlnotify.dll -- C:\WINDOWS\system32\wlnotify.dll (Microsoft Corporation)
WgaLogon: "DllName" = WgaLogon.dll -- C:\WINDOWS\system32\WgaLogon.dll (Microsoft Corporation)
wlballoon: "DllName" = wlnotify.dll -- C:\WINDOWS\system32\wlnotify.dll (Microsoft Corporation)
========== IFEO "Debugger" Settings ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\]
Your Image File Name Here without a path:"Debugger" = C:\WINDOWS\system32\ntsd.exe (Microsoft Corporation)
========== Shell Execute Hooks ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{AEB6717E-7E19-11d0-97EE-00C04FD91972}" (HKLM) -- C:\WINDOWS\system32\shell32.dll (Microsoft Corporation)
========== HKLM *SecurityProviders* ========== [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SecurityProviders]
"SecurityProviders" = msapsspc.dll, schannel.dll, digest.dll, msnsspc.dll
>C:\WINDOWS\system32\msapsspc.dll (Microsoft Corporation)
>C:\WINDOWS\system32\schannel.dll (Microsoft Corporation)
>C:\WINDOWS\system32\digest.dll (Microsoft Corporation)
>C:\WINDOWS\system32\msnsspc.dll (Microsoft Corporation)
========== LSA *Authentication Packages* ========== [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa]
"Authentication Packages" = msv1_0,
>C:\WINDOWS\system32\msv1_0.dll (Microsoft Corporation)
========== LSA *Security Packages* ========== [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa]
"Security Packages" = kerberos,msv1_0,schannel,wdigest,
>C:\WINDOWS\system32\kerberos.dll (Microsoft Corporation)
>C:\WINDOWS\system32\msv1_0.dll (Microsoft Corporation)
>C:\WINDOWS\system32\schannel.dll (Microsoft Corporation)
>C:\WINDOWS\system32\wdigest.dll (Microsoft Corporation)
========== Safeboot Options ========== "AlternateShell" = cmd.exe
========== CDRom AutoRun Settings ========== [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Cdrom]
"AutoRun" = 1
========== Autorun Files on Drives ========== AUTOEXEC.BAT []
C:\AUTOEXEC.BAT () -- [ NTFS ]
========== MountPoints2 ========== [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{591e2772-b623-11dc-b620-00146ced6cfc}\Shell\AutoRun\command]
"" = E:\InstallTomTomHOME.exe -- File not found
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{b11a5dda-e8c2-11db-b4ab-00146ced6cfc}\Shell\AutoRun\command]
"" = F:\setupSNK.exe -- File not found
========== Files/Folders - Created Within 30 Days ========== [5 C:\WINDOWS\*.tmp files]
[2009/02/08 11:08:37 | 00,419,328 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\Iain\Desktop\OTListIt2.exe
[2009/02/07 18:18:28 | 00,001,709 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\avast! Antivirus.lnk
[2009/02/07 18:18:26 | 00,051,376 | ---- | C] (ALWIL Software) -- C:\WINDOWS\System32\drivers\aswTdi.sys
[2009/02/07 18:18:25 | 00,026,944 | ---- | C] (ALWIL Software) -- C:\WINDOWS\System32\drivers\aavmker4.sys
[2009/02/07 18:18:22 | 00,097,480 | ---- | C] (ALWIL Software) -- C:\WINDOWS\System32\AvastSS.scr
[2009/02/07 18:18:21 | 00,114,768 | ---- | C] (ALWIL Software) -- C:\WINDOWS\System32\drivers\aswSP.sys
[2009/02/07 18:18:21 | 00,094,032 | ---- | C] (ALWIL Software) -- C:\WINDOWS\System32\drivers\aswmon2.sys
[2009/02/07 18:18:21 | 00,093,296 | ---- | C] (ALWIL Software) -- C:\WINDOWS\System32\drivers\aswmon.sys
[2009/02/07 18:18:21 | 00,020,560 | ---- | C] (ALWIL Software) -- C:\WINDOWS\System32\drivers\aswFsBlk.sys
[2009/02/07 18:17:53 | 00,380,928 | ---- | C] () -- C:\WINDOWS\System32\actskin4.ocx
[2009/02/07 18:17:49 | 00,000,000 | ---D | C] -- C:\Program Files\Alwil Software
[2009/02/07 17:54:36 | 30,363,016 | ---- | C] () -- C:\Program Files\setupeng.exe
[2009/02/07 16:55:00 | 00,401,720 | ---- | C] (Trend Micro Inc.) -- C:\Documents and Settings\Iain\Desktop\HiJackThis.exe
[2009/02/07 12:09:46 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Iain\Application Data\Malwarebytes
[2009/02/07 12:09:40 | 00,015,504 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbam.sys
[2009/02/07 12:09:40 | 00,000,696 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Malwarebytes' Anti-Malware.lnk
[2009/02/07 12:09:37 | 00,038,496 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbamswissarmy.sys
[2009/02/07 12:09:36 | 00,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware
[2009/02/07 12:09:36 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Malwarebytes
[2009/02/07 12:09:18 | 02,737,824 | ---- | C] (Malwarebytes Corporation ) -- C:\Documents and Settings\Iain\Desktop\mbam-setup.exe
[2009/02/07 12:08:06 | 00,000,000 | ---D | C] -- C:\WINDOWS\ERDNT
[2009/02/07 12:07:46 | 00,000,000 | ---D | C] -- C:\Program Files\ERUNT
[2009/02/07 11:55:30 | 00,102,664 | ---- | C] (Trend Micro Inc.) -- C:\WINDOWS\System32\drivers\tmcomm.sys
[2009/02/06 18:11:04 | 00,518,888 | ---- | C] (Microsoft Corporation) -- C:\Documents and Settings\Iain\My Documents\WindowsXP-KB884020-x86-enu.exe
[2009/02/06 17:52:37 | 57,011,104 | ---- | C] () -- C:\Documents and Settings\Iain\My Documents\regbackup.reg
[2009/02/05 18:26:32 | 00,015,688 | ---- | C] () -- C:\WINDOWS\System32\lsdelete.exe
[2009/02/05 17:59:17 | 00,064,160 | ---- | C] (Lavasoft AB) -- C:\WINDOWS\System32\drivers\Lbd.sys
[2009/02/05 17:58:24 | 00,000,867 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Ad-Aware.lnk
[2009/02/05 17:54:14 | 34,543,112 | ---- | C] (Lavasoft ) -- C:\Documents and Settings\Iain\Desktop\Ad-AwareAE.exe
[2009/02/04 21:08:14 | 00,000,472 | ---- | C] () -- C:\WINDOWS\tasks\Ad-Aware Update (Weekly).job
[2009/02/04 21:05:05 | 00,000,000 | -H-D | C] -- C:\Documents and Settings\All Users\Application Data\{83C91755-2546-441D-AC40-9A6B4B860800}
[2009/02/04 21:04:39 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Lavasoft
[2009/02/04 21:03:04 | 34,543,112 | ---- | C] (Lavasoft ) -- C:\Documents and Settings\Iain\My Documents\Ad-AwareAE.exe
========== Files - Modified Within 30 Days ========== [1 C:\WINDOWS\System32\*.tmp files]
[5 C:\WINDOWS\*.tmp files]
[2009/02/08 11:06:26 | 00,001,158 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2009/02/08 11:05:45 | 00,000,006 | -H-- | M] () -- C:\WINDOWS\tasks\SA.DAT
[2009/02/08 11:05:35 | 00,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2009/02/08 11:04:58 | 00,419,328 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Iain\Desktop\OTListIt2.exe
[2009/02/07 18:28:35 | 00,002,626 | ---- | M] () -- C:\WINDOWS\System32\CONFIG.NT
[2009/02/07 18:18:28 | 00,001,709 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\avast! Antivirus.lnk
[2009/02/07 16:55:03 | 00,401,720 | ---- | M] (Trend Micro Inc.) -- C:\Documents and Settings\Iain\Desktop\HiJackThis.exe
[2009/02/07 12:09:40 | 00,000,696 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Malwarebytes' Anti-Malware.lnk
[2009/02/07 12:09:21 | 02,737,824 | ---- | M] (Malwarebytes Corporation ) -- C:\Documents and Settings\Iain\Desktop\mbam-setup.exe
[2009/02/07 10:19:57 | 00,102,664 | ---- | M] (Trend Micro Inc.) -- C:\WINDOWS\System32\drivers\tmcomm.sys
[2009/02/06 18:11:11 | 00,518,888 | ---- | M] (Microsoft Corporation) -- C:\Documents and Settings\Iain\My Documents\WindowsXP-KB884020-x86-enu.exe
[2009/02/06 17:52:56 | 57,011,104 | ---- | M] () -- C:\Documents and Settings\Iain\My Documents\regbackup.reg
[2009/02/06 17:52:13 | 00,001,507 | ---- | M] () -- C:\Documents and Settings\Iain\Desktop\Notepad.lnk
[2009/02/05 21:11:35 | 01,256,296 | ---- | M] (ALWIL Software) -- C:\WINDOWS\System32\aswBoot.exe
[2009/02/05 21:08:19 | 00,093,296 | ---- | M] (ALWIL Software) -- C:\WINDOWS\System32\drivers\aswmon.sys
[2009/02/05 21:08:10 | 00,094,032 | ---- | M] (ALWIL Software) -- C:\WINDOWS\System32\drivers\aswmon2.sys
[2009/02/05 21:07:23 | 00,114,768 | ---- | M] (ALWIL Software) -- C:\WINDOWS\System32\drivers\aswSP.sys
[2009/02/05 21:07:12 | 00,020,560 | ---- | M] (ALWIL Software) -- C:\WINDOWS\System32\drivers\aswFsBlk.sys
[2009/02/05 21:06:20 | 00,051,376 | ---- | M] (ALWIL Software) -- C:\WINDOWS\System32\drivers\aswTdi.sys
[2009/02/05 21:06:10 | 00,023,152 | ---- | M] (ALWIL Software) -- C:\WINDOWS\System32\drivers\aswRdr.sys
[2009/02/05 21:05:11 | 00,026,944 | ---- | M] (ALWIL Software) -- C:\WINDOWS\System32\drivers\aavmker4.sys
[2009/02/05 21:04:45 | 00,097,480 | ---- | M] (ALWIL Software) -- C:\WINDOWS\System32\AvastSS.scr
[2009/02/05 17:58:24 | 00,000,867 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Ad-Aware.lnk
[2009/02/05 17:52:08 | 34,543,112 | ---- | M] (Lavasoft ) -- C:\Documents and Settings\Iain\Desktop\Ad-AwareAE.exe
[2009/02/05 16:43:30 | 00,017,920 | ---- | M] () -- C:\Documents and Settings\Iain\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2009/02/04 21:08:14 | 00,000,472 | ---- | M] () -- C:\WINDOWS\tasks\Ad-Aware Update (Weekly).job
[2009/02/04 21:03:11 | 34,543,112 | ---- | M] (Lavasoft ) -- C:\Documents and Settings\Iain\My Documents\Ad-AwareAE.exe
[2009/01/18 21:35:13 | 00,015,688 | ---- | M] () -- C:\WINDOWS\System32\lsdelete.exe
[2009/01/18 21:30:13 | 00,064,160 | ---- | M] (Lavasoft AB) -- C:\WINDOWS\System32\drivers\Lbd.sys
[2009/01/14 16:11:32 | 00,038,496 | ---- | M] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbamswissarmy.sys
[2009/01/14 16:11:28 | 00,015,504 | ---- | M] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbam.sys
[2009/01/10 01:35:28 | 20,853,704 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\MRT.exe
========== LOP Check ========== [2009/02/07 18:12:12 | 00,000,000 | RH-D | M] -- C:\Documents and Settings\All Users\Application Data
[2009/02/05 17:58:27 | 00,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Application Data\{83C91755-2546-441D-AC40-9A6B4B860800}
[2008/09/17 15:27:56 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\ACD Systems
[2006/08/11 13:56:32 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Adobe
[2007/09/17 20:27:01 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Apple Computer
[2009/02/07 18:12:26 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\avg7
[2003/06/03 06:35:37 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\CyberLink
[2008/01/22 20:07:52 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\EPSON
[2006/12/01 15:18:35 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Google
[2008/03/29 18:22:03 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Installations
[2009/02/05 17:59:23 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Lavasoft
[2009/02/07 12:09:36 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Malwarebytes
[2008/03/23 17:03:33 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\McAfee
[2007/04/28 15:10:22 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\McAfee.com
[2009/02/07 12:01:33 | 00,000,000 | --SD | M] -- C:\Documents and Settings\All Users\Application Data\Microsoft
[2007/04/20 19:21:29 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\MSN6
[2008/03/29 18:33:01 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\PC Suite
[2005/02/07 18:28:29 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\QuickTime
[2006/09/04 19:45:35 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Real
[2008/09/10 18:24:56 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\SolidDocuments
[2008/04/06 15:32:22 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy
[2006/05/18 19:16:20 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Symantec
[2008/03/09 16:15:42 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\TomTom
[2008/01/22 20:11:41 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\UDL
[2008/12/26 14:48:34 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Ulead Systems
[2005/08/18 18:11:46 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Windows Genuine Advantage
[2009/02/07 12:09:46 | 00,000,000 | RH-D | M] -- C:\Documents and Settings\Iain\Application Data
[2008/11/23 11:49:09 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Iain\Application Data\ACD Systems
[2008/06/04 13:03:58 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Iain\Application Data\Adobe
[2007/01/08 13:31:41 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Iain\Application Data\AdobeAUM
[2007/01/01 19:38:10 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Iain\Application Data\AdobeUM
[2007/09/28 20:52:00 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Iain\Application Data\Apple Computer
[2009/02/07 18:12:12 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Iain\Application Data\AVG7
[2008/02/08 18:26:30 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Iain\Application Data\BitZipper
[2007/04/15 12:51:37 | 00,000,000 | R--D | M] -- C:\Documents and Settings\Iain\Application Data\Brother
[2008/12/26 15:02:15 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Iain\Application Data\Corel
[2008/03/18 20:20:10 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Iain\Application Data\DAEMON Tools
[2008/12/20 15:22:16 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Iain\Application Data\Desktopicon
[2008/01/23 18:52:21 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Iain\Application Data\EPSON
[2005/02/07 18:37:54 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Iain\Application Data\FUJIFILM
[2006/09/23 09:22:03 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Iain\Application Data\Google
[2005/03/12 18:02:54 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Iain\Application Data\Help
[2003/06/03 03:33:19 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Iain\Application Data\Identities
[2003/06/03 05:28:29 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Iain\Application Data\InterTrust
[2008/12/26 15:01:24 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Iain\Application Data\InterVideo
[2009/02/07 12:01:33 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Iain\Application Data\Lavasoft
[2006/09/04 20:03:39 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Iain\Application Data\Leadertech
[2005/04/10 15:48:44 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Iain\Application Data\Macromedia
[2009/02/07 12:09:46 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Iain\Application Data\Malwarebytes
[2007/05/10 16:55:53 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Iain\Application Data\McAfee
[2006/09/04 19:47:28 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Iain\Application Data\Media Player Classic
[2009/02/07 19:13:30 | 00,000,000 | --SD | M] -- C:\Documents and Settings\Iain\Application Data\Microsoft
[2005/04/02 17:26:01 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Iain\Application Data\Mozilla
[2008/03/29 18:33:12 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Iain\Application Data\Nokia
[2008/03/29 18:26:38 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Iain\Application Data\PC Suite
[2005/10/26 20:08:51 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Iain\Application Data\PC Tools
[2006/09/16 10:12:19 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Iain\Application Data\Real
[2008/12/04 20:13:19 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Iain\Application Data\SolidDocuments
[2005/04/10 16:06:49 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Iain\Application Data\Sun
[2005/02/07 18:18:26 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Iain\Application Data\Symantec
[2005/04/02 17:25:38 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Iain\Application Data\Talkback
[2007/12/29 15:36:25 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Iain\Application Data\TomTom
[2007/09/28 20:18:07 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Iain\Application Data\Torrent Episode Downloader
[2009/01/02 17:50:11 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Iain\Application Data\Ulead Systems
[2009/01/20 22:42:31 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Iain\Application Data\uTorrent
[2006/06/27 19:23:16 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Iain\Application Data\vlc
[2007/06/13 14:59:24 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Iain\Application Data\WinRAR
[2009/02/04 21:08:14 | 00,000,472 | ---- | M] () -- C:\WINDOWS\Tasks\Ad-Aware Update (Weekly).job
[2002/08/29 12:00:00 | 00,000,065 | RH-- | M] () -- C:\WINDOWS\Tasks\desktop.ini
[2009/02/08 11:05:45 | 00,000,006 | -H-- | M] () -- C:\WINDOWS\Tasks\SA.DAT
========== Purity Check ========== ========== Alternate Data Streams ========== @Alternate Data Stream - 2628 bytes -> %SystemRoot%\System32\OEMLOGO.BMP:Q30lsldxJoudresxAaaqpcawXc
@Alternate Data Stream - 0 bytes -> %UserProfile%\Desktop\Thumbs.db:encryptable
@Alternate Data Stream - 0 bytes -> %SystemRoot%\System32\OEMLOGO.BMP:{4c8cc155-6c1e-11d1-8e41-00c04fb9386d}
@Alternate Data Stream - 0 bytes -> %AllUsersProfile%\Documents\Thumbs.db:encryptable
< End of report >