OTL logfile created on: 21/11/2011 15:16:47 - Run 1
OTL by OldTimer - Version 3.2.31.0 Folder = C:\Documents and Settings\ian\Desktop
Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000809 | Country: United Kingdom | Language: ENG | Date Format: dd/MM/yyyy
1.99 Gb Total Physical Memory | 1.03 Gb Available Physical Memory | 51.92% Memory free
3.84 Gb Paging File | 2.94 Gb Available in Paging File | 76.56% Paging File free
Paging file location(s): C:\pagefile.sys 2046 4092 [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 455.74 Gb Total Space | 398.81 Gb Free Space | 87.51% Space Free | Partition Type: NTFS
Drive D: | 10.00 Gb Total Space | 6.53 Gb Free Space | 65.25% Space Free | Partition Type: NTFS
Drive J: | 34.16 Gb Total Space | 18.86 Gb Free Space | 55.23% Space Free | Partition Type: NTFS
Drive K: | 34.17 Gb Total Space | 26.84 Gb Free Space | 78.55% Space Free | Partition Type: NTFS
Drive L: | 558.88 Gb Total Space | 470.32 Gb Free Space | 84.15% Space Free | Partition Type: NTFS
Drive M: | 558.88 Gb Total Space | 470.32 Gb Free Space | 84.15% Space Free | Partition Type: NTFS
Drive Z: | 54.66 Gb Total Space | 35.27 Gb Free Space | 64.52% Space Free | Partition Type: NTFS
Computer Name: HP20581498458 | User Name: ian | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Quick Scan
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days
========== Processes (SafeList) ========== PRC - [2011/11/21 15:14:58 | 000,584,192 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\ian\Desktop\OTL.exe
PRC - [2011/08/23 21:20:18 | 000,887,976 | ---- | M] (Ask) -- C:\Program Files\Ask.com\Updater\Updater.exe
PRC - [2011/08/10 10:53:46 | 000,094,880 | ---- | M] (McAfee, Inc.) -- c:\Program Files\McAfee\SiteAdvisor\McSACore.exe
PRC - [2011/06/15 14:16:48 | 000,997,920 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft Security Client\msseces.exe
PRC - [2011/06/08 10:59:59 | 000,177,784 | ---- | M] (Solid Documents, LLC) -- C:\WINDOWS\Installer\MSI1770.tmp
PRC - [2011/04/27 14:39:26 | 000,228,520 | ---- | M] (Microsoft Corporation) -- c:\Program Files\Microsoft Security Client\Antimalware\MpCmdRun.exe
PRC - [2011/04/27 14:39:26 | 000,011,736 | ---- | M] (Microsoft Corporation) -- c:\Program Files\Microsoft Security Client\Antimalware\MsMpEng.exe
PRC - [2010/12/02 12:33:40 | 005,609,472 | ---- | M] (Estimation Ltd) -- C:\EstGrp\EE\EE.exe
PRC - [2010/10/06 10:14:22 | 006,054,400 | ---- | M] (Estimation Ltd) -- C:\Program Files\Common Files\Estimation Group\LiveUpdate\LiveUpd.exe
PRC - [2010/01/15 12:49:20 | 000,255,536 | ---- | M] (McAfee, Inc.) -- C:\Program Files\McAfee Security Scan\2.0.181\SSScheduler.exe
PRC - [2008/11/13 09:33:54 | 000,097,128 | ---- | M] (Microsoft Corp.) -- C:\Program Files\Microsoft\Office Live\OfficeLiveSignIn.exe
PRC - [2008/04/14 00:12:19 | 001,033,728 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
PRC - [2008/04/07 14:10:52 | 000,576,024 | ---- | M] (PDF Complete Inc) -- C:\Program Files\PDF Complete\pdfsvc.exe
PRC - [2008/01/23 17:42:18 | 001,437,816 | ---- | M] (RICOH COMPANY,LTD.) -- C:\Program Files\RDS\RMClient\PMCTray.exe
PRC - [2008/01/11 17:50:16 | 000,030,312 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft Small Business\Business Contact Manager\BcmSqlStartupSvc.exe
PRC - [2007/12/04 15:03:02 | 000,561,152 | ---- | M] (RICOH Company Ltd.) -- C:\Program Files\RDS\PLDLnk.exe
PRC - [2007/04/11 17:01:06 | 000,163,840 | ---- | M] (RICOH Company Ltd.) -- C:\Program Files\RDS\PLTBar.exe
PRC - [2007/01/05 02:48:52 | 000,112,152 | R--- | M] (InterVideo) -- C:\Program Files\Common Files\InterVideo\RegMgr\iviRegMgr.exe
PRC - [2006/10/30 09:00:00 | 001,116,920 | ---- | M] (Roxio) -- C:\Program Files\Roxio\Drag-to-Disc\DrgToDsc.exe
PRC - [2006/07/10 17:53:08 | 000,872,448 | ---- | M] () -- C:\WINDOWS\SMINST\Scheduler.exe
PRC - [2006/05/16 22:12:59 | 000,075,376 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files\Adobe\Acrobat 7.0\Acrobat\Acrobat.exe
PRC - [2006/01/12 20:52:32 | 000,483,328 | ---- | M] (Adobe Systems Inc.) -- C:\Program Files\Adobe\Acrobat 7.0\Distillr\acrotray.exe
PRC - [2005/09/19 22:50:38 | 000,487,424 | ---- | M] (FinePrint Software, LLC) -- C:\WINDOWS\system32\spool\drivers\w32x86\3\fppdis2a.exe
========== Modules (No Company Name) ========== MOD - [2011/10/19 09:22:11 | 000,220,672 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\CustomMarshalers\3e6deccf191ab943d3a0812a38ab5c97\CustomMarshalers.ni.dll
MOD - [2011/10/19 09:21:19 | 001,941,504 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Microsoft.Office.In#\c6935503f2942d325235e4857e02792b\Microsoft.Office.Interop.Word.ni.dll
MOD - [2011/10/19 09:21:10 | 000,014,336 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Extensibility\e0184e13eb92684dd8f3f166ab684d1e\Extensibility.ni.dll
MOD - [2011/10/19 09:21:09 | 002,359,808 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Microsoft.BusinessS#\915c231ec79db798f02296f6ac86b2b4\Microsoft.BusinessSolutions.eCRM.OutlookAddIn.ni.dll
MOD - [2011/10/19 09:21:05 | 004,466,688 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Microsoft.BusinessS#\0cce5398a7880d696ea923295a44008b\Microsoft.BusinessSolutions.eCRM.OutlookAddIn.CSUtils.ni.dll
MOD - [2011/10/19 09:21:02 | 001,712,128 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Microsoft.VisualBas#\24331b719aa25ac2b21099e32232840c\Microsoft.VisualBasic.ni.dll
MOD - [2011/10/19 09:20:57 | 000,462,336 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Microsoft.BusinessS#\55173fd691166565dc73dae0d3433e73\Microsoft.BusinessSolutions.eCRM.DataSync.ni.dll
MOD - [2011/10/19 09:20:57 | 000,391,168 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Iris.Mapi.MessageSt#\836da45c2077634827a3455a646cba36\Iris.Mapi.MessageStore.ni.dll
MOD - [2011/10/19 09:20:48 | 003,826,176 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\BusinessLayer\e5a25944e9b0b1279062d66db9bebe7a\BusinessLayer.ni.dll
MOD - [2011/10/19 09:20:45 | 002,267,648 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Microsoft.Office.In#\a9942828767c5549849c82accbdbcedc\Microsoft.Office.Interop.Outlook.ni.dll
MOD - [2011/10/19 09:20:42 | 001,039,872 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Microsoft.Interop.M#\e17238fd24d0d5cc73044fa16f699ec1\Microsoft.Interop.Mapi.Impl.ni.dll
MOD - [2011/10/19 09:20:42 | 000,177,664 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Microsoft.Interop.M#\07021d10c3bc8a0ea378435a258f7b1b\Microsoft.Interop.Mapi.PropTags.ni.dll
MOD - [2011/10/19 09:20:40 | 001,526,272 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\BCMRes\faf5382cda8cd1adeef899c9e3d33f5c\BCMRes.ni.dll
MOD - [2011/10/19 09:20:39 | 000,963,072 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\office\e004a967869320dece615cb985e09ea5\office.ni.dll
MOD - [2011/10/19 09:20:39 | 000,044,032 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\stdole\401897de602682e663fca1d0dccebcd7\stdole.ni.dll
MOD - [2011/10/19 09:20:38 | 000,062,976 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Microsoft.Interop.e#\00cc95b92fb21663d07f94e15cab3be0\Microsoft.Interop.eCRM.Ole.ni.dll
MOD - [2011/10/19 09:20:37 | 000,152,064 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Microsoft.Interop.M#\daa68c80020eb582452ec3173450505d\Microsoft.Interop.Mapi.Interfaces.ni.dll
MOD - [2011/10/19 09:20:36 | 000,212,992 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.ServiceProce#\abef85f2fb8ba830eda73e2d12e8d41e\System.ServiceProcess.ni.dll
MOD - [2011/10/19 09:20:22 | 000,627,712 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.EnterpriseSe#\69792bef8a100a055db88848836a7d88\System.EnterpriseServices.ni.dll
MOD - [2011/10/19 09:20:22 | 000,280,064 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.EnterpriseSe#\69792bef8a100a055db88848836a7d88\System.EnterpriseServices.Wrapper.dll
MOD - [2011/10/19 09:20:21 | 000,627,200 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Transactions\8efcd633af87989355382b5039f1b7df\System.Transactions.ni.dll
MOD - [2011/10/19 09:20:17 | 000,971,264 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Configuration\bce0720436dc6cb76006377f295ea365\System.Configuration.ni.dll
MOD - [2011/10/19 09:20:16 | 000,484,352 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\BCMCommon\1b38913d7b398cc42238ea4aff37955d\BCMCommon.ni.dll
MOD - [2011/10/19 09:19:46 | 000,025,600 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Accessibility\d86a3346c3d90ff12d0df9d7726f3ece\Accessibility.ni.dll
MOD - [2011/10/19 09:18:20 | 005,450,752 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Xml\70cacc44f0b4257f6037eda7a59a0aeb\System.Xml.ni.dll
MOD - [2011/10/19 09:18:15 | 012,430,848 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\71a2ae9ad561a62181cbd9fb11e9de7a\System.Windows.Forms.ni.dll
MOD - [2011/10/19 09:18:03 | 000,208,384 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Drawing.Desi#\896eca06e2d9377b2dc4fad56ce49b07\System.Drawing.Design.ni.dll
MOD - [2011/10/19 09:18:02 | 001,587,200 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Drawing\c10bea3c4bb7ef654651141bf9419090\System.Drawing.ni.dll
MOD - [2011/10/19 09:17:59 | 010,683,392 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Design\c6374d32e4af7b7e3e46b32176f76558\System.Design.ni.dll
MOD - [2011/10/19 09:17:46 | 006,616,576 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Data\ec323cf1df697cc0a45f67de685db90c\System.Data.ni.dll
MOD - [2011/10/19 09:16:17 | 007,950,848 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System\af39f6e644af02873b9bae319f2bfb13\System.ni.dll
MOD - [2011/10/19 09:16:07 | 011,490,816 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\mscorlib\ca87ba84221991839abbe7d4bc9c6721\mscorlib.ni.dll
MOD - [2011/10/19 09:15:20 | 002,933,248 | ---- | M] () -- C:\WINDOWS\assembly\GAC_32\System.Data\2.0.0.0__b77a5c561934e089\System.Data.dll
MOD - [2011/10/19 09:14:57 | 000,069,120 | ---- | M] () -- C:\WINDOWS\assembly\GAC_32\CustomMarshalers\2.0.0.0__b03f5f7f11d50a3a\CustomMarshalers.dll
MOD - [2011/10/19 09:14:55 | 000,113,664 | ---- | M] () -- C:\WINDOWS\assembly\GAC_32\System.EnterpriseServices\2.0.0.0__b03f5f7f11d50a3a\System.EnterpriseServices.Wrapper.dll
MOD - [2011/10/19 09:14:52 | 000,261,632 | ---- | M] () -- C:\WINDOWS\assembly\GAC_32\System.Transactions\2.0.0.0__b77a5c561934e089\System.Transactions.dll
MOD - [2011/08/04 14:29:05 | 000,757,760 | ---- | M] () -- C:\WINDOWS\assembly\GAC\C1.Win.C1Chart\1.0.20034.13244__a22e16972c085838\C1.Win.C1Chart.dll
MOD - [2010/12/21 21:17:46 | 000,027,456 | ---- | M] () -- C:\WINDOWS\system32\solidlocalmon.dll
MOD - [2009/11/21 13:11:05 | 000,310,720 | ---- | M] () -- C:\WINDOWS\assembly\GAC_32\BCMCommon\3.0.0.0__31bf3856ad364e35\BCMCommon.dll
MOD - [2009/11/21 12:44:18 | 000,591,976 | ---- | M] () -- C:\WINDOWS\assembly\GAC_32\Microsoft.Interop.Mapi.Impl\3.0.0.0__31bf3856ad364e35\Microsoft.Interop.Mapi.Impl.dll
MOD - [2009/09/07 08:22:33 | 000,844,920 | ---- | M] () -- C:\WINDOWS\assembly\GAC\ActiveReports\3.3.1.2009__cc4967777c49a3ff\ActiveReports.dll
MOD - [2009/09/07 08:22:30 | 000,733,184 | ---- | M] () -- C:\WINDOWS\assembly\GAC\C1.Win.C1TrueDBGrid\1.2.20033.30829__75ae3fb0e2b1e0da\C1.Win.C1TrueDBGrid.dll
MOD - [2009/09/07 08:22:30 | 000,614,400 | ---- | M] () -- C:\WINDOWS\assembly\GAC\C1.C1PrintDocument\1.0.20023.101__1a6f4158ebe6d3b8\C1.C1PrintDocument.dll
MOD - [2009/09/07 08:22:30 | 000,585,728 | ---- | M] () -- C:\WINDOWS\assembly\GAC\C1.Win.C1Command\1.0.20023.1__e808566f358766d8\C1.Win.C1Command.dll
MOD - [2009/09/07 08:22:30 | 000,483,328 | ---- | M] () -- C:\WINDOWS\assembly\GAC\C1.Win.C1PrintPreview\1.0.20023.101__3af768410ba0a64f\C1.Win.C1PrintPreview.dll
MOD - [2009/09/07 08:22:30 | 000,090,112 | ---- | M] () -- C:\WINDOWS\assembly\GAC\C1.Common\1.0.20031.116__e272bb32d11b1948\C1.Common.dll
MOD - [2009/02/14 05:04:38 | 000,756,040 | ---- | M] () -- C:\Program Files\Common Files\Microsoft Shared\OFFICE12\MSPTLS.DLL
MOD - [2008/10/26 05:42:14 | 000,065,376 | ---- | M] () -- C:\Program Files\Microsoft Office\Office12\ADDINS\ColleagueImport.dll
MOD - [2008/02/22 10:22:32 | 000,055,792 | ---- | M] () -- C:\WINDOWS\system32\DLAAPI_W.DLL
MOD - [2008/01/11 17:50:32 | 000,529,512 | ---- | M] () -- C:\Program Files\Microsoft Small Business\Business Contact Manager\en-US\BCMRes.resources.dll
MOD - [2007/08/14 12:59:54 | 006,365,184 | ---- | M] () -- C:\Program Files\Common Files\LightScribe\QtGui4.dll
MOD - [2007/07/12 12:55:52 | 000,131,072 | ---- | M] () -- C:\Program Files\Common Files\LightScribe\plugins\imageformats\qjpeg4.dll
MOD - [2007/07/12 12:55:28 | 001,581,056 | ---- | M] () -- C:\Program Files\Common Files\LightScribe\QtCore4.dll
MOD - [2007/04/02 12:49:20 | 000,355,112 | ---- | M] () -- C:\WINDOWS\system32\msjetoledb40.dll
MOD - [2006/10/29 14:32:58 | 000,064,328 | ---- | M] () -- C:\Program Files\Microsoft Small Business\Business Contact Manager\en-US\BusinessLayer.resources.dll
MOD - [2006/10/29 14:32:42 | 000,012,104 | ---- | M] () -- C:\Program Files\Microsoft Small Business\Business Contact Manager\en-US\Microsoft.Interop.Mapi.Interfaces.resources.dll
MOD - [2006/10/27 15:35:18 | 000,436,512 | ---- | M] () -- C:\Program Files\Microsoft Office\Office12\ADDINS\UmOutlookAddin.dll
MOD - [2006/07/10 17:53:08 | 000,872,448 | ---- | M] () -- C:\WINDOWS\SMINST\Scheduler.exe
MOD - [2005/03/30 12:15:50 | 001,925,185 | R--- | M] () -- C:\Program Files\Adobe\Acrobat 7.0\Acrobat\Onix32.dll
MOD - [2002/09/09 07:51:48 | 000,084,992 | ---- | M] () -- C:\WINDOWS\system32\qrpdflib.dll
========== Win32 Services (SafeList) ========== SRV - File not found [Disabled | Stopped] -- -- (HidServ)
SRV - [2011/08/10 10:53:46 | 000,094,880 | ---- | M] (McAfee, Inc.) [Auto | Running] -- c:\Program Files\McAfee\SiteAdvisor\McSACore.exe -- (McAfee SiteAdvisor Service)
SRV - [2011/06/08 10:59:59 | 000,177,784 | ---- | M] (Solid Documents, LLC) [Auto | Running] -- C:\WINDOWS\Installer\MSI1770.tmp -- (SCPDFReadSpool)
SRV - [2011/04/27 14:39:26 | 000,011,736 | ---- | M] (Microsoft Corporation) [Auto | Running] -- c:\Program Files\Microsoft Security Client\Antimalware\MsMpEng.exe -- (MsMpSvc)
SRV - [2011/02/13 21:56:59 | 001,623,552 | ---- | M] () [On_Demand | Stopped] -- C:\Program Files\DIAL GmbH\DIAL Communication Framework\DialComService.exe -- (DialComService)
SRV - [2010/01/15 12:49:20 | 000,227,232 | ---- | M] (McAfee, Inc.) [On_Demand | Stopped] -- C:\Program Files\McAfee Security Scan\2.0.181\McCHSvc.exe -- (McComponentHostService)
SRV - [2008/12/04 17:18:11 | 000,077,944 | ---- | M] (Autodesk) [On_Demand | Stopped] -- C:\Program Files\Common Files\Autodesk Shared\Service\AdskScSrv.exe -- (Autodesk Licensing Service)
SRV - [2008/04/07 14:10:52 | 000,576,024 | ---- | M] (PDF Complete Inc) [Auto | Running] -- C:\Program Files\PDF Complete\pdfsvc.exe -- (pdfcDispatcher)
SRV - [2008/01/11 17:50:16 | 000,030,312 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Microsoft Small Business\Business Contact Manager\BcmSqlStartupSvc.exe -- (BcmSqlStartupSvc)
SRV - [2007/01/05 02:48:52 | 000,112,152 | R--- | M] (InterVideo) [Auto | Running] -- C:\Program Files\Common Files\InterVideo\RegMgr\iviRegMgr.exe -- (IviRegMgr)
SRV - [2004/10/22 03:24:18 | 000,073,728 | ---- | M] (Macrovision Corporation) [On_Demand | Stopped] -- C:\Program Files\Roxio\Roxio MyDVD Basic v9\InstallShield\Driver\1050\Intel 32\IDriverT.exe -- (IDriverT)
========== Driver Services (SafeList) ========== DRV - File not found [File_System | Disabled | Running] -- -- (pctEFA)
DRV - File not found [Kernel | Disabled | Running] -- -- (pctDS)
DRV - File not found [Kernel | Disabled | Running] -- -- (PCTCore)
DRV - [2011/11/21 08:24:58 | 000,028,752 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- c:\Documents and Settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{4A7DD6D4-3F8C-499D-8C1C-3CEB41F7EE14}\MpKslf1362b80.sys -- (MpKslf1362b80)
DRV - [2011/11/21 08:20:57 | 000,065,808 | ---- | M] (trend_company_name) [Kernel | Auto | Stopped] -- C:\WINDOWS\system32\drivers\tmrkb.sys -- (tmrkb)
DRV - [2011/11/21 07:50:20 | 000,028,752 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- c:\Documents and Settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{4A7DD6D4-3F8C-499D-8C1C-3CEB41F7EE14}\MpKsle393465b.sys -- (MpKsle393465b)
DRV - [2010/04/28 07:44:02 | 000,054,760 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\fssfltr_tdi.sys -- (fssfltr)
DRV - [2008/02/22 10:22:54 | 000,009,136 | ---- | M] (Roxio) [File_System | Auto | Running] -- C:\WINDOWS\system32\DLA\DLADResM.SYS -- (DLADResM)
DRV - [2008/02/22 10:22:38 | 000,094,384 | ---- | M] (Roxio) [File_System | Auto | Running] -- C:\WINDOWS\system32\DLA\DLAUDFAM.SYS -- (DLAUDFAM)
DRV - [2008/02/22 10:22:38 | 000,034,832 | ---- | M] (Roxio) [File_System | Auto | Running] -- C:\WINDOWS\system32\DLA\DLABMFSM.SYS -- (DLABMFSM)
DRV - [2008/02/22 10:22:36 | 000,097,584 | ---- | M] (Roxio) [File_System | Auto | Running] -- C:\WINDOWS\system32\DLA\DLAUDF_M.SYS -- (DLAUDF_M)
DRV - [2008/02/22 10:22:36 | 000,026,032 | ---- | M] (Roxio) [File_System | Auto | Running] -- C:\WINDOWS\system32\DLA\DLAOPIOM.SYS -- (DLAOPIOM)
DRV - [2008/02/22 10:22:34 | 000,032,208 | ---- | M] (Roxio) [File_System | Auto | Running] -- C:\WINDOWS\system32\DLA\DLABOIOM.SYS -- (DLABOIOM)
DRV - [2008/02/22 10:22:34 | 000,014,256 | ---- | M] (Roxio) [File_System | Auto | Running] -- C:\WINDOWS\system32\DLA\DLAPoolM.SYS -- (DLAPoolM)
DRV - [2008/02/22 10:22:32 | 000,104,240 | ---- | M] (Roxio) [File_System | Auto | Running] -- C:\WINDOWS\system32\DLA\DLAIFS_M.SYS -- (DLAIFS_M)
DRV - [2008/01/03 22:10:16 | 000,105,856 | ---- | M] (Realtek Semiconductor Corporation ) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\Rtenicxp.sys -- (RTLE8023xp)
DRV - [2007/11/06 17:23:56 | 004,622,848 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\RtkHDAud.sys -- (IntcAzAudAddService) Service for Realtek HD Audio (WDM)
DRV - [2007/10/19 20:23:44 | 000,013,696 | R--- | M] () [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\fnetusb.sys -- (fnetusb)
DRV - [2007/02/08 20:05:30 | 000,028,120 | ---- | M] (Roxio) [File_System | System | Running] -- C:\WINDOWS\system32\drivers\DLARTL_M.SYS -- (DLARTL_M)
DRV - [2007/02/08 20:05:30 | 000,012,856 | ---- | M] (Roxio) [File_System | System | Running] -- C:\WINDOWS\system32\drivers\DLACDBHM.SYS -- (DLACDBHM)
DRV - [2004/08/03 17:29:50 | 000,019,455 | ---- | M] (Intel® Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\wVchNTxx.sys -- (iAimFP4)
DRV - [2004/08/03 17:29:48 | 000,012,063 | ---- | M] (Intel® Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\wSiINTxx.sys -- (iAimFP3)
DRV - [2004/08/03 17:29:46 | 000,025,471 | ---- | M] (Intel® Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\wATV10nt.sys -- (iAimTV5)
DRV - [2004/08/03 17:29:46 | 000,023,615 | ---- | M] (Intel® Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\wCh7xxNT.sys -- (iAimTV4)
DRV - [2004/08/03 17:29:46 | 000,022,271 | ---- | M] (Intel® Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\wATV06nt.sys -- (iAimTV6)
DRV - [2004/08/03 17:29:44 | 000,033,599 | ---- | M] (Intel® Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\wATV04nt.sys -- (iAimTV3)
DRV - [2004/08/03 17:29:44 | 000,019,551 | ---- | M] (Intel® Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\wATV02NT.sys -- (iAimTV1)
DRV - [2004/08/03 17:29:42 | 000,029,311 | ---- | M] (Intel® Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\wATV01nt.sys -- (iAimTV0)
DRV - [2004/08/03 17:29:42 | 000,011,871 | ---- | M] (Intel® Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\wADV09NT.sys -- (iAimFP7)
DRV - [2004/08/03 17:29:40 | 000,011,807 | ---- | M] (Intel® Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\wADV07nt.sys -- (iAimFP5)
DRV - [2004/08/03 17:29:40 | 000,011,295 | ---- | M] (Intel® Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\wADV08NT.sys -- (iAimFP6)
DRV - [2004/08/03 17:29:38 | 000,161,020 | ---- | M] (Intel® Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\i81xnt5.sys -- (i81x)
DRV - [2004/08/03 17:29:38 | 000,012,415 | ---- | M] (Intel® Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\wADV01nt.sys -- (iAimFP0)
DRV - [2004/08/03 17:29:38 | 000,012,127 | ---- | M] (Intel® Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\wADV02NT.sys -- (iAimFP1)
DRV - [2004/08/03 17:29:38 | 000,011,775 | ---- | M] (Intel® Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\wADV05NT.sys -- (iAimFP2)
DRV - [2002/04/04 05:32:06 | 000,028,416 | R--- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\WINDOWS\system32\DRIVERS\symmpi.sys -- (Symmpi)
========== Standard Registry (SafeList) ========== ========== Internet Explorer ========== IE - HKU\.DEFAULT\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page =
http://www.hp.comIE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-18\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page =
http://www.hp.comIE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-19\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page =
http://www.hp.com IE - HKU\S-1-5-20\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page =
http://www.hp.comIE - HKU\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-1279318860-2237719119-1038282657-1149\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page =
http://www.brownelectrical.co.uk/IE - HKU\S-1-5-21-1279318860-2237719119-1038282657-1149\..\URLSearchHook: {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\Program Files\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
IE - HKU\S-1-5-21-1279318860-2237719119-1038282657-1149\..\URLSearchHook: {472734EA-242A-422b-ADF8-83D1E48CC825} - No CLSID value found
IE - HKU\S-1-5-21-1279318860-2237719119-1038282657-1149\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\WINDOWS\system32\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.)
FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF - HKLM\Software\MozillaPlugins\@mcafee.com/SAFFPlugin: C:\Program Files\McAfee\SiteAdvisor\npmcffplg32.dll (McAfee, Inc.)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\4.0.60831.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeLive,version=1.3: C:\Program Files\Microsoft\Office Live\npOLW.dll (Microsoft Corp.)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=14.0.8117.0416: C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.21.79\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.21.79\npGoogleUpdate3.dll (Google Inc.)
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{4ED1F68A-5463-4931-9384-8FFF5ED91D92}: C:\Program Files\McAfee\SiteAdvisor [2011/11/16 11:18:54 | 000,000,000 | ---D | M]
========== Chrome ========== CHR - default_search_provider: Google (Enabled)
CHR - default_search_provider: search_url = {google:baseURL}search?{google:RLZ}{google:acceptedSuggestion}{google:originalQueryForSuggestion}{google:searchFieldtrialParameter}{google:instantFieldTrialGroupParameter}sourceid=chrome&ie={inputEncoding}&q={searchTerms}
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}{google:instantFieldTrialGroupParameter}client=chrome&hl={language}&q={searchTerms}
CHR - Extension: SiteAdvisor = C:\Documents and Settings\ian\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\fheoggkfdfchfphceeifdbepaooicaho\3.40.135.1_0\
CHR - Extension: avast! WebRep = C:\Documents and Settings\ian\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\icmlaeflemplmjndnaapfdbbnpncnbda\6.0.1289_0\
O1 HOSTS File: ([2006/02/28 02:00:00 | 000,000,734 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (Adobe PDF Reader Link Helper) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - No CLSID value found.
O2 - BHO: (DIALux 3.1 ULDBrowserHelper Class) - {69AB812A-8CE4-4BF3-B49B-3B60A9F31FB2} - C:\Program Files\DIALux\DLXShellExtension.dll (DIAL GmbH, Germany)
O2 - BHO: (SSVHelper Class) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_02\bin\ssv.dll (Sun Microsystems, Inc.)
O2 - BHO: (AOL Toolbar BHO) - {7C554162-8CB7-45A4-B8F4-8EA1C75885F9} - C:\Program Files\AOL\AOL Toolbar 5.0\aoltb.dll (AOL LLC)
O2 - BHO: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll File not found
O2 - BHO: (Adobe PDF Conversion Toolbar Helper) - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O2 - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.7.7018.1622\swg.dll (Google Inc.)
O2 - BHO: (McAfee SiteAdvisor BHO) - {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - c:\Program Files\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
O2 - BHO: (Support.com Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll (Ask)
O3 - HKLM\..\Toolbar: (McAfee SiteAdvisor Toolbar) - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\Program Files\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
O3 - HKLM\..\Toolbar: (Adobe PDF) - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O3 - HKLM\..\Toolbar: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll File not found
O3 - HKLM\..\Toolbar: (Support.com Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll (Ask)
O3 - HKLM\..\Toolbar: (AOL Toolbar) - {DE9C389F-3316-41A7-809B-AA305ED9D922} - C:\Program Files\AOL\AOL Toolbar 5.0\aoltb.dll (AOL LLC)
O3 - HKU\S-1-5-21-1279318860-2237719119-1038282657-1149\..\Toolbar\WebBrowser: (Adobe PDF) - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O3 - HKU\S-1-5-21-1279318860-2237719119-1038282657-1149\..\Toolbar\WebBrowser: (AOL Toolbar) - {DE9C389F-3316-41A7-809B-AA305ED9D922} - C:\Program Files\AOL\AOL Toolbar 5.0\aoltb.dll (AOL LLC)
O4 - HKLM..\Run: [] File not found
O4 - HKLM..\Run: [Acrobat Assistant 7.0] C:\Program Files\Adobe\Acrobat 7.0\Distillr\Acrotray.exe (Adobe Systems Inc.)
O4 - HKLM..\Run: [ApnUpdater] C:\Program Files\Ask.com\Updater\Updater.exe (Ask)
O4 - HKLM..\Run: [JobHisInit] C:\Program Files\RDS\RMClient\JobHisInit.exe (RICOH COMPANY,LTD.)
O4 - HKLM..\Run: [MplSetUp] C:\Program Files\RDS\RMClient\MplSetUp.exe (RICOH COMPANY,LTD.)
O4 - HKLM..\Run: [MSC] c:\Program Files\Microsoft Security Client\msseces.exe (Microsoft Corporation)
O4 - HKLM..\Run: [PDF Complete] C:\Program Files\PDF Complete\pdfsty.exe (PDF Complete Inc)
O4 - HKLM..\Run: [pdfFactory Dispatcher v2] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\fppdis2a.exe (FinePrint Software, LLC)
O4 - HKLM..\Run: [Recguard] C:\WINDOWS\SMINST\Recguard.exe ()
O4 - HKLM..\Run: [Reminder] C:\WINDOWS\CREATOR\Remind_XP.exe ()
O4 - HKLM..\Run: [RoxioDragToDisc] C:\Program Files\Roxio\Drag-to-Disc\DrgToDsc.exe (Roxio)
O4 - HKLM..\Run: [Scheduler] C:\WINDOWS\SMINST\Scheduler.exe ()
O4 - HKLM..\Run: [SetRefresh] C:\Program Files\Compaq\SetRefresh\SetRefresh.exe (Hewlett-Packard Company)
O4 - HKU\S-1-5-21-1279318860-2237719119-1038282657-1149..\Run: [EstLiveUpd] C:\Program Files\Common Files\Estimation Group\LiveUpdate\LiveUpd.exe (Estimation Ltd)
O4 - HKU\S-1-5-21-1279318860-2237719119-1038282657-1149..\Run: [updateMgr] C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AdobeUpdateManager.exe (Adobe Systems Incorporated)
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Adobe Acrobat Speed Launcher.lnk = C:\WINDOWS\Installer\{AC76BA86-1033-0000-7760-100000000002}\SC_Acrobat.exe ()
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Auto Document Link.lnk = C:\Program Files\RDS\PLDLnk.exe (RICOH Company Ltd.)
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\AutoCAD Startup Accelerator.lnk = C:\Program Files\Common Files\Autodesk Shared\acstart17.exe (Autodesk, Inc)
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\McAfee Security Scan Plus.lnk = C:\Program Files\McAfee Security Scan\2.0.181\SSScheduler.exe (McAfee, Inc.)
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\SmartDeviceMonitor for Client.lnk = C:\Program Files\RDS\RMClient\PMClient.exe (RICOH COMPANY,LTD.)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoWelcomeScreen = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoCDBurning = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 0
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-21-1279318860-2237719119-1038282657-1149\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-21-1279318860-2237719119-1038282657-1149\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: DisablePersonalDirChange = 1
O8 - Extra context menu item: &AOL Toolbar Search - C:\Documents and Settings\All Users\Application Data\AOL\ieToolbar\resources\en-GB\local\search.html ()
O8 - Extra context menu item: Convert link target to Adobe PDF - C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Convert link target to existing PDF - C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Convert selected links to Adobe PDF - C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Convert selected links to existing PDF - C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Convert selection to Adobe PDF - C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Convert selection to existing PDF - C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Convert to Adobe PDF - C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Convert to existing PDF - C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O9 - Extra 'Tools' menuitem : Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_02\bin\npjpi160_02.dll (Sun Microsystems, Inc.)
O9 - Extra Button: AOL Toolbar - {3369AF0D-62E9-4bda-8103-B4C75499B578} - C:\Program Files\AOL\AOL Toolbar 5.0\aoltb.dll (AOL LLC)
O16 - DPF: {13AEBFDE-CA17-4423-AADE-59BD76C7BDA7}
http://rmft.piggotta...ex_packager.ocx (bhub_packager Class)
O16 - DPF: {166B1BCA-3F9C-11CF-8075-444553540000}
http://download.macr...director/sw.cab (Shockwave ActiveX Control)
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3}
http://www.update.mi...b?1258806241431 (MUWebControl Class)
O16 - DPF: {88448E4B-4286-401F-BB90-A1765E8B104C}
http://rmft.piggotta...ent_activex.ocx (LiteCopyJS Class)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93}
http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_02)
O16 - DPF: {CAFEEFAC-0016-0000-0002-ABCDEFFEDCBA}
http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_02)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA}
http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_02)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000}
http://download.macr...ash/swflash.cab (Shockwave Flash Object)
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7}
http://platformdl.ad...Plus/1.6/gp.cab (Reg Error: Key error.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.0.2
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: Domain = Brownelectrical.local
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{BA63D865-AABB-40D4-BDC1-6407C0298956}: DhcpNameServer = 192.168.0.2
O18 - Protocol\Handler\dialux {8352FA4C-39C6-11D3-ADBA-00A0244FB1A2} - C:\Program Files\DIALux\DLXToolBox.dll (DIAL GmbH, Germany)
O18 - Protocol\Handler\dssrequest {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
O18 - Protocol\Handler\sacore {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
O20 - HKLM Winlogon: Shell - (Explorer.exe) -C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\WINDOWS\system32\userinit.exe) -C:\WINDOWS\system32\userinit.exe (Microsoft Corporation)
O24 - Desktop WallPaper: C:\Documents and Settings\ian\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O24 - Desktop BackupWallPaper: C:\Documents and Settings\ian\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2010/05/19 07:28:02 | 000,000,000 | ---D | M] - C:\Autodesk -- [ NTFS ]
O32 - AutoRun File - [2011/11/17 15:01:19 | 000,000,000 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O32 - AutoRun File - [2004/05/01 00:01:00 | 000,000,053 | -HS- | M] () - D:\Autorun.inf -- [ NTFS ]
O33 - MountPoints2\{c6ac8287-c235-11df-98c9-001f29d8d90f}\Shell - "" = AutoRun
O33 - MountPoints2\{c6ac8287-c235-11df-98c9-001f29d8d90f}\Shell\AutoRun - "" = Auto&Play
O33 - MountPoints2\{c6ac8287-c235-11df-98c9-001f29d8d90f}\Shell\AutoRun\command - "" = L:\laucher.exe
O33 - MountPoints2\{ca541f7f-af42-11de-987a-001f29d8d90f}\Shell - "" = AutoRun
O33 - MountPoints2\{ca541f7f-af42-11de-987a-001f29d8d90f}\Shell\AutoRun - "" = Auto&Play
O33 - MountPoints2\{ca541f7f-af42-11de-987a-001f29d8d90f}\Shell\AutoRun\command - "" = L:\laucher.exe
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
NetSvcs: 6to4 - File not found
NetSvcs: HidServ - File not found
NetSvcs: Ias - File not found
NetSvcs: Iprip - File not found
NetSvcs: Irmon - File not found
NetSvcs: NWCWorkstation - File not found
NetSvcs: Nwsapagent - File not found
NetSvcs: WmdmPmSp - File not found
========== Files/Folders - Created Within 30 Days ========== [2011/11/21 15:15:10 | 000,584,192 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\ian\Desktop\OTL.exe
[2011/11/21 10:25:16 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\PC Tools
[2011/11/21 10:25:15 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\TEMP
[2011/11/21 10:25:15 | 000,000,000 | ---D | C] -- C:\Program Files\PC Tools Security
[2011/11/21 10:23:49 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\PC Tools
[2011/11/21 08:20:58 | 000,205,072 | ---- | C] (Trend Micro Inc.) -- C:\WINDOWS\System32\drivers\tmcomm.sys
[2011/11/21 08:20:57 | 000,065,808 | ---- | C] (trend_company_name) -- C:\WINDOWS\System32\drivers\tmrkb.sys
[2011/11/18 11:00:27 | 000,000,000 | ---D | C] -- C:\Program Files\Hitman Pro 3.5
[2011/11/18 10:59:54 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Hitman Pro
[2011/11/18 09:35:10 | 000,000,000 | ---D | C] -- C:\WINDOWS\Minidump
[2011/11/18 08:51:25 | 000,000,000 | ---D | C] -- C:\Documents and Settings\ian\Application Data\Sammsoft
[2011/11/18 08:50:20 | 000,000,000 | ---D | C] -- C:\Firefox
[2011/11/18 08:50:16 | 000,000,000 | ---D | C] -- C:\Program Files\Ask.com
[2011/11/18 08:49:53 | 000,000,000 | ---D | C] -- C:\Documents and Settings\ian\Local Settings\Application Data\AskToolbar
[2011/11/18 07:57:49 | 000,094,896 | ---- | C] (Kaspersky Lab, GERT) -- C:\WINDOWS\System32\drivers\94024816.sys
[2011/11/17 15:00:05 | 000,000,000 | ---D | C] -- C:\sh4ldr
[2011/11/17 15:00:05 | 000,000,000 | ---D | C] -- C:\Program Files\Enigma Software Group
[2011/11/17 13:38:45 | 000,041,272 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbamswissarmy.sys
[2011/11/17 11:36:54 | 001,564,976 | ---- | C] (Kaspersky Lab ZAO) -- C:\Documents and Settings\ian\Desktop\tdsskiller.exe
[2011/11/15 09:28:14 | 000,000,000 | ---D | C] -- C:\Documents and Settings\ian\Desktop\Auto Cad Symbols and Legend
[2011/11/10 23:30:10 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Google Earth
[2011/11/03 12:08:50 | 000,000,000 | ---D | C] -- C:\Documents and Settings\ian\Application Data\Malwarebytes
[2011/11/03 12:08:34 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Malwarebytes
[2011/11/03 12:07:56 | 009,851,496 | ---- | C] (Malwarebytes Corporation ) -- C:\Documents and Settings\ian\Desktop\mbam-setup.exe
[2011/11/03 11:41:38 | 000,000,000 | ---D | C] -- C:\Program Files\AVAST Software
[2011/11/03 11:41:38 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\AVAST Software
[2011/11/03 11:15:36 | 000,000,000 | R--D | C] -- C:\Documents and Settings\ian\Recent
[2011/11/03 10:27:40 | 000,000,000 | ---D | C] -- C:\573d8408c4b6a444fa02c8972077ec5f
[2011/11/03 10:27:31 | 000,000,000 | ---D | C] -- C:\38e8213a79ecd1ca46
[2011/10/25 09:16:54 | 000,000,000 | ---D | C] -- C:\Documents and Settings\ian\Local Settings\Application Data\IsolatedStorage
[2 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
[2 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
========== Files - Modified Within 30 Days ========== [2011/11/21 15:14:58 | 000,584,192 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\ian\Desktop\OTL.exe
[2011/11/21 14:52:00 | 000,000,230 | ---- | M] () -- C:\WINDOWS\tasks\Scheduled Update for Ask Toolbar.job
[2011/11/21 14:29:00 | 000,000,880 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
[2011/11/21 11:19:09 | 001,916,416 | ---- | M] (AVAST Software) -- C:\Documents and Settings\ian\Desktop\aswMBR.exe
[2011/11/21 10:27:08 | 000,693,372 | ---- | M] () -- C:\WINDOWS\System32\drivers\Cat.DB
[2011/11/21 08:48:04 | 000,023,624 | ---- | M] () -- C:\WINDOWS\System32\drivers\hitmanpro35.sys
[2011/11/21 08:30:02 | 000,000,424 | -H-- | M] () -- C:\WINDOWS\tasks\MP Scheduled Scan.job
[2011/11/21 08:27:59 | 000,002,335 | ---- | M] () -- C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Adobe Acrobat Speed Launcher.lnk
[2011/11/21 08:27:09 | 000,001,158 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2011/11/21 08:27:06 | 000,000,236 | ---- | M] () -- C:\WINDOWS\tasks\OGALogon.job
[2011/11/21 08:27:05 | 000,000,876 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
[2011/11/21 08:24:36 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2011/11/21 08:24:35 | 2137,313,280 | -HS- | M] () -- C:\hiberfil.sys
[2011/11/21 08:20:57 | 000,065,808 | ---- | M] (trend_company_name) -- C:\WINDOWS\System32\drivers\tmrkb.sys
[2011/11/21 08:20:51 | 000,205,072 | ---- | M] (Trend Micro Inc.) -- C:\WINDOWS\System32\drivers\tmcomm.sys
[2011/11/18 15:29:40 | 000,000,083 | ---- | M] () -- C:\WINDOWS\ccolwiz.ini
[2011/11/18 10:06:03 | 000,302,592 | ---- | M] () -- C:\Documents and Settings\ian\Desktop\xl05fhwt.exe
[2011/11/18 07:57:49 | 000,094,896 | ---- | M] (Kaspersky Lab, GERT) -- C:\WINDOWS\System32\drivers\94024816.sys
[2011/11/17 17:00:13 | 000,002,577 | ---- | M] () -- C:\WINDOWS\System32\CONFIG.NT
[2011/11/17 15:01:19 | 000,000,000 | ---- | M] () -- C:\autoexec.bat
[2011/11/17 14:32:36 | 000,041,272 | ---- | M] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbamswissarmy.sys
[2011/11/17 11:36:45 | 001,564,976 | ---- | M] (Kaspersky Lab ZAO) -- C:\Documents and Settings\ian\Desktop\tdsskiller.exe
[2011/11/17 08:07:28 | 000,672,148 | ---- | M] () -- C:\Documents and Settings\ian\Desktop\08600809.ZDP
[2011/11/16 10:03:17 | 000,000,129 | ---- | M] () -- C:\WINDOWS\System32\MRT.INI
[2011/11/16 10:01:12 | 000,001,393 | ---- | M] () -- C:\WINDOWS\imsins.BAK
[2011/11/15 12:09:46 | 000,030,541 | ---- | M] () -- C:\Documents and Settings\ian\Desktop\287-70986R.pdf
[2011/11/15 08:06:06 | 000,002,275 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\AMTECH SingleCable (17th Edition).lnk
[2011/11/08 15:18:35 | 000,837,990 | ---- | M] () -- C:\Documents and Settings\ian\Desktop\W.bmp
[2011/11/03 12:17:59 | 000,684,297 | ---- | M] () -- C:\Documents and Settings\ian\Desktop\unhide.exe
[2011/11/03 12:07:56 | 009,851,496 | ---- | M] (Malwarebytes Corporation ) -- C:\Documents and Settings\ian\Desktop\mbam-setup.exe
[2011/11/03 11:36:09 | 001,008,092 | ---- | M] () -- C:\Documents and Settings\ian\Desktop\iExplore.exe
[2011/11/03 10:20:08 | 000,000,440 | ---- | M] () -- C:\Documents and Settings\All Users\Application Data\6DSS92c31Apgjk
[2011/11/03 10:17:14 | 000,553,072 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
[2011/11/03 10:17:14 | 000,107,240 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
[2011/11/03 10:16:26 | 000,000,296 | ---- | M] () -- C:\Documents and Settings\All Users\Application Data\~6DSS92c31Apgjk
[2011/11/03 10:16:26 | 000,000,200 | ---- | M] () -- C:\Documents and Settings\All Users\Application Data\~6DSS92c31Apgjkr
[2011/10/25 09:31:08 | 000,000,664 | ---- | M] () -- C:\Documents and Settings\ian\Local Settings\Application Data\d3d9caps.dat
[2 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
[2 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
========== Files Created - No Company Name ========== [2011/11/21 10:26:47 | 000,693,372 | ---- | C] () -- C:\WINDOWS\System32\drivers\Cat.DB
[2011/11/21 07:36:43 | 2137,313,280 | -HS- | C] () -- C:\hiberfil.sys
[2011/11/18 11:00:29 | 000,023,624 | ---- | C] () -- C:\WINDOWS\System32\drivers\hitmanpro35.sys
[2011/11/18 10:06:00 | 000,302,592 | ---- | C] () -- C:\Documents and Settings\ian\Desktop\xl05fhwt.exe
[2011/11/18 08:52:46 | 000,000,230 | ---- | C] () -- C:\WINDOWS\tasks\Scheduled Update for Ask Toolbar.job
[2011/11/17 15:01:19 | 000,000,000 | ---- | C] () -- C:\autoexec.bat
[2011/11/17 08:07:28 | 000,672,148 | ---- | C] () -- C:\Documents and Settings\ian\Desktop\08600809.ZDP
[2011/11/16 10:03:17 | 000,000,129 | ---- | C] () -- C:\WINDOWS\System32\MRT.INI
[2011/11/15 12:09:46 | 000,030,541 | ---- | C] () -- C:\Documents and Settings\ian\Desktop\287-70986R.pdf
[2011/11/08 15:18:35 | 000,837,990 | ---- | C] () -- C:\Documents and Settings\ian\Desktop\W.bmp
[2011/11/03 14:30:51 | 000,002,537 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Solid Converter PDF.lnk
[2011/11/03 14:30:51 | 000,002,337 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\designgenie.lnk
[2011/11/03 14:30:51 | 000,002,275 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\AMTECH SingleCable (17th Edition).lnk
[2011/11/03 14:30:51 | 000,001,866 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\DWG TrueView 2011.lnk
[2011/11/03 14:30:51 | 000,001,619 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\McAfee Security Scan Plus.lnk
[2011/11/03 14:30:51 | 000,001,526 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\DIALux 4.6 Light.lnk
[2011/11/03 14:30:51 | 000,001,512 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\DIALux 4.6.lnk
[2011/11/03 14:30:51 | 000,001,503 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Browser Choice.lnk
[2011/11/03 14:30:51 | 000,000,804 | ---- | C] () -- C:\Documents and Settings\ian\Application Data\Microsoft\Internet Explorer\Quick Launch\Windows Media Player.lnk
[2011/11/03 14:30:51 | 000,000,154 | ---- | C] () -- C:\Documents and Settings\ian\Application Data\Microsoft\Internet Explorer\Quick Launch\Weather.url
[2011/11/03 14:30:50 | 000,000,815 | ---- | C] () -- C:\Documents and Settings\ian\Application Data\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk
[2011/11/03 14:30:50 | 000,000,792 | ---- | C] () -- C:\Documents and Settings\ian\Application Data\Microsoft\Internet Explorer\Quick Launch\Microsoft Office Outlook.lnk
[2011/11/03 14:30:50 | 000,000,427 | ---- | C] () -- C:\Documents and Settings\ian\Application Data\Microsoft\Internet Explorer\Quick Launch\Met Office- Weather and climate change.url
[2011/11/03 14:30:50 | 000,000,079 | ---- | C] () -- C:\Documents and Settings\ian\Application Data\Microsoft\Internet Explorer\Quick Launch\Show Desktop.scf
[2011/11/03 14:30:49 | 000,001,636 | ---- | C] () -- C:\Documents and Settings\All Users\Start Menu\Programs\Startup\SmartDeviceMonitor for Client.lnk
[2011/11/03 14:30:49 | 000,001,611 | ---- | C] () -- C:\Documents and Settings\All Users\Start Menu\Programs\Startup\McAfee Security Scan Plus.lnk
[2011/11/03 14:30:48 | 000,002,335 | ---- | C] () -- C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Adobe Acrobat Speed Launcher.lnk
[2011/11/03 14:30:48 | 000,001,949 | ---- | C] () -- C:\Documents and Settings\All Users\Start Menu\Programs\Startup\AutoCAD Startup Accelerator.lnk
[2011/11/03 14:30:48 | 000,001,441 | ---- | C] () -- C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Auto Document Link.lnk
[2011/11/03 14:30:41 | 000,002,363 | ---- | C] () -- C:\Documents and Settings\All Users\Start Menu\Programs\Adobe Designer 7.0.lnk
[2011/11/03 14:30:41 | 000,002,331 | ---- | C] () -- C:\Documents and Settings\All Users\Start Menu\Programs\Acrobat Distiller 7.0.lnk
[2011/11/03 14:30:41 | 000,002,315 | ---- | C] () -- C:\Documents and Settings\All Users\Start Menu\Programs\Adobe Acrobat 7.0 Professional.lnk
[2011/11/03 14:30:41 | 000,001,680 | ---- | C] () -- C:\Documents and Settings\All Users\Start Menu\Programs\Microsoft Security Essentials.lnk
[2011/11/03 14:30:41 | 000,000,690 | ---- | C] () -- C:\Documents and Settings\All Users\Start Menu\Programs\Windows Movie Maker.lnk
[2011/11/03 14:30:41 | 000,000,609 | ---- | C] () -- C:\Documents and Settings\All Users\Start Menu\Programs\Windows Messenger.lnk
[2011/11/03 12:17:57 | 000,684,297 | ---- | C] () -- C:\Documents and Settings\ian\Desktop\unhide.exe
[2011/11/03 11:58:21 | 001,008,092 | ---- | C] () -- C:\Documents and Settings\ian\Desktop\iExplore.exe
[2011/11/03 10:16:26 | 000,000,296 | ---- | C] () -- C:\Documents and Settings\All Users\Application Data\~6DSS92c31Apgjk
[2011/11/03 10:16:26 | 000,000,200 | ---- | C] () -- C:\Documents and Settings\All Users\Application Data\~6DSS92c31Apgjkr
[2011/11/03 10:16:20 | 000,000,440 | ---- | C] () -- C:\Documents and Settings\All Users\Application Data\6DSS92c31Apgjk
[2011/10/25 09:31:08 | 000,000,664 | ---- | C] () -- C:\Documents and Settings\ian\Local Settings\Application Data\d3d9caps.dat
[2011/06/08 11:01:44 | 000,000,116 | ---- | C] () -- C:\WINDOWS\ConverterCore.INI
[2011/06/08 11:00:01 | 000,027,456 | ---- | C] () -- C:\WINDOWS\System32\solidlocalmon.dll
[2011/06/08 11:00:01 | 000,018,752 | ---- | C] () -- C:\WINDOWS\System32\solidlocalui.dll
[2010/12/22 07:41:52 | 000,013,696 | R--- | C] () -- C:\WINDOWS\System32\drivers\fnetusb.sys
[2010/12/22 07:41:46 | 000,013,696 | R--- | C] () -- C:\WINDOWS\System32\fnetusb.sys
[2010/12/22 07:40:22 | 000,000,372 | ---- | C] () -- C:\WINDOWS\ODBC.INI
[2010/12/03 08:35:56 | 000,815,104 | ---- | C] () -- C:\WINDOWS\System32\xvidcore.dll
[2010/12/03 08:35:55 | 000,180,224 | ---- | C] () -- C:\WINDOWS\System32\xvidvfw.dll
[2010/11/17 08:29:09 | 000,000,095 | ---- | C] () -- C:\WINDOWS\Dialux.ini
[2010/11/01 10:10:37 | 000,000,081 | ---- | C] () -- C:\WINDOWS\Riconv.ini
[2010/10/14 06:35:19 | 000,583,968 | ---- | C] () -- C:\Documents and Settings\LocalService\Local Settings\Application Data\FontCache3.0.0.0.dat
[2010/09/01 13:46:08 | 000,482,304 | ---- | C] () -- C:\WINDOWS\System32\ImageDB.dll
[2009/12/08 18:01:19 | 000,000,226 | ---- | C] () -- C:\WINDOWS\PMJobCli.ini
[2009/12/08 18:01:17 | 000,012,309 | ---- | C] () -- C:\WINDOWS\PMRicMb.ini
[2009/12/08 18:01:17 | 000,007,873 | ---- | C] () -- C:\WINDOWS\PMRicPMb.ini
[2009/12/08 18:01:17 | 000,005,390 | ---- | C] () -- C:\WINDOWS\PMPrtMb.ini
[2009/12/08 18:01:17 | 000,004,644 | ---- | C] () -- C:\WINDOWS\PMRicFMb.ini
[2009/12/08 18:01:17 | 000,003,149 | ---- | C] () -- C:\WINDOWS\PMDvPrn.ini
[2009/12/08 18:01:17 | 000,002,102 | ---- | C] () -- C:\WINDOWS\PMDvDev.ini
[2009/12/08 18:01:17 | 000,002,047 | ---- | C] () -- C:\WINDOWS\PMDIOMb.ini
[2009/12/08 18:01:17 | 000,002,036 | ---- | C] () -- C:\WINDOWS\PMHostMb.ini
[2009/12/08 18:01:17 | 000,001,885 | ---- | C] () -- C:\WINDOWS\PMPSIOMb.ini
[2009/12/08 18:01:17 | 000,001,727 | ---- | C] () -- C:\WINDOWS\PMRicSMb.ini
[2009/12/08 18:01:17 | 000,001,706 | ---- | C] () -- C:\WINDOWS\PMRicCMb.ini
[2009/12/08 18:01:17 | 000,001,494 | ---- | C] () -- C:\WINDOWS\PMMib2Mb.ini
[2009/12/08 18:01:17 | 000,001,168 | ---- | C] () -- C:\WINDOWS\PMDvFax.ini
[2009/12/08 18:01:17 | 000,001,143 | ---- | C] () -- C:\WINDOWS\PMDPIMb.ini
[2009/12/08 18:01:17 | 000,001,094 | ---- | C] () -- C:\WINDOWS\PMAxsMb.ini
[2009/12/08 18:01:17 | 000,000,842 | ---- | C] () -- C:\WINDOWS\PMDvScan.ini
[2009/12/08 18:01:17 | 000,000,423 | ---- | C] () -- C:\WINDOWS\PMDvCopy.ini
[2009/12/08 18:01:17 | 000,000,332 | ---- | C] () -- C:\WINDOWS\PMSnmpMb.ini
[2009/12/08 18:01:05 | 000,024,576 | ---- | C] () -- C:\WINDOWS\System32\PMObservps.dll
[2009/12/08 18:00:59 | 000,002,255 | ---- | C] () -- C:\WINDOWS\PmData.Dat
[2009/12/08 18:00:15 | 000,000,035 | ---- | C] () -- C:\WINDOWS\RidocPrn.ini
[2009/12/01 08:54:34 | 000,000,462 | ---- | C] () -- C:\WINDOWS\iScreensaver.ini
[2009/11/24 10:15:30 | 000,000,072 | ---- | C] () -- C:\WINDOWS\ricdb.ini
[2009/11/24 10:15:27 | 000,000,021 | ---- | C] () -- C:\WINDOWS\System32\RPCS.ini
[2009/09/04 09:41:33 | 000,000,000 | ---- | C] () -- C:\WINDOWS\VPC32.INI
[2009/08/03 15:07:42 | 000,676,224 | ---- | C] () -- C:\WINDOWS\System32\OGACheckControl.dll
[2009/08/03 15:07:42 | 000,230,768 | ---- | C] () -- C:\WINDOWS\System32\OGAEXEC.exe
[2009/02/05 12:24:59 | 000,000,083 | ---- | C] () -- C:\WINDOWS\ccolwiz.ini
[2009/01/19 16:31:27 | 000,022,528 | ---- | C] () -- C:\Documents and Settings\ian\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2008/12/05 10:51:27 | 000,000,311 | ---- | C] () -- C:\WINDOWS\SWWATER.INI
[2008/12/04 17:35:57 | 000,055,792 | ---- | C] () -- C:\WINDOWS\System32\DLAAPI_W.DLL
[2008/12/04 17:35:57 | 000,000,169 | ---- | C] () -- C:\WINDOWS\wininit.ini
[2008/08/03 01:38:48 | 000,000,061 | ---- | C] () -- C:\WINDOWS\smscfg.ini
[2008/08/03 01:19:25 | 000,204,800 | ---- | C] () -- C:\WINDOWS\System32\IVIresizeW7.dll
[2008/08/03 01:19:25 | 000,200,704 | ---- | C] () -- C:\WINDOWS\System32\IVIresizeA6.dll
[2008/08/03 01:19:25 | 000,192,512 | ---- | C] () -- C:\WINDOWS\System32\IVIresizeP6.dll
[2008/08/03 01:19:25 | 000,192,512 | ---- | C] () -- C:\WINDOWS\System32\IVIresizeM6.dll
[2008/08/03 01:19:25 | 000,188,416 | ---- | C] () -- C:\WINDOWS\System32\IVIresizePX.dll
[2008/08/03 01:19:25 | 000,020,480 | ---- | C] () -- C:\WINDOWS\System32\IVIresize.dll
[2008/08/03 01:18:43 | 000,049,152 | ---- | C] () -- C:\WINDOWS\System32\ChCfg.exe
[2008/08/03 01:05:17 | 000,147,456 | ---- | C] () -- C:\WINDOWS\System32\igfxCoIn_v4885.dll
[2008/02/28 16:02:10 | 000,000,000 | ---- | C] () -- C:\WINDOWS\System32\px.ini
[2007/08/16 16:17:50 | 000,143,360 | ---- | C] () -- C:\WINDOWS\System32\nsldap32v50.dll
[2006/09/24 23:02:34 | 000,520,192 | ---- | C] () -- C:\WINDOWS\System32\CddbPlaylist2Roxio.dll
[2006/09/24 23:02:34 | 000,204,800 | ---- | C] () -- C:\WINDOWS\System32\CddbFileTaggerRoxio.dll
[2006/04/25 18:05:14 | 000,002,048 | --S- | C] () -- C:\WINDOWS\bootstat.dat
[2006/04/25 17:43:54 | 000,553,072 | ---- | C] () -- C:\WINDOWS\System32\perfh009.dat
[2006/04/25 17:43:54 | 000,107,240 | ---- | C] () -- C:\WINDOWS\System32\perfc009.dat
[2006/04/25 17:39:48 | 000,404,712 | ---- | C] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2006/04/25 17:31:56 | 000,004,161 | ---- | C] () -- C:\WINDOWS\ODBCINST.INI
[2006/04/25 17:27:12 | 000,021,640 | ---- | C] () -- C:\WINDOWS\System32\emptyregdb.dat
[2006/02/28 02:00:00 | 000,673,088 | ---- | C] () -- C:\WINDOWS\System32\mlang.dat
[2006/02/28 02:00:00 | 000,272,128 | ---- | C] () -- C:\WINDOWS\System32\perfi009.dat
[2006/02/28 02:00:00 | 000,218,003 | ---- | C] () -- C:\WINDOWS\System32\dssec.dat
[2006/02/28 02:00:00 | 000,046,258 | ---- | C] () -- C:\WINDOWS\System32\mib.bin
[2006/02/28 02:00:00 | 000,028,626 | ---- | C] () -- C:\WINDOWS\System32\perfd009.dat
[2006/02/28 02:00:00 | 000,004,569 | ---- | C] () -- C:\WINDOWS\System32\secupd.dat
[2006/02/28 02:00:00 | 000,001,804 | ---- | C] () -- C:\WINDOWS\System32\dcache.bin
[2006/02/28 02:00:00 | 000,000,741 | ---- | C] () -- C:\WINDOWS\System32\noise.dat
[2005/12/21 17:57:04 | 000,024,576 | ---- | C] () -- C:\WINDOWS\System32\nsldappr32v50.dll
[2005/12/21 17:54:34 | 000,040,960 | ---- | C] () -- C:\WINDOWS\System32\nsldapssl32v50.dll
[2002/09/09 07:51:48 | 000,084,992 | ---- | C] () -- C:\WINDOWS\System32\qrpdflib.dll
[2002/05/28 07:55:42 | 013,107,200 | ---- | C] () -- C:\WINDOWS\System32\oembios.bin
[2002/05/28 07:54:40 | 000,004,605 | ---- | C] () -- C:\WINDOWS\System32\oembios.dat
[2002/05/08 10:12:22 | 000,000,829 | ---- | C] () -- C:\WINDOWS\System32\oeminfo.ini
========== LOP Check ========== [2008/12/04 17:13:23 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Application Data\Autodesk
[2008/08/03 01:33:21 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Application Data\SampleView
[2008/08/03 01:33:21 | 000,000,000 | ---D | M] -- C:\Documents and Settings\administrator.BROWNELECTRICAL\Application Data\SampleView
[2010/05/19 07:30:11 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Autodesk
[2011/11/17 17:01:17 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\AVAST Software
[2011/03/10 16:59:04 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\DIAL GmbH
[2011/03/11 08:20:37 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\DIALux
[2010/07/30 06:28:58 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Estimation
[2011/10/11 09:33:24 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Febdok
[2011/10/10 10:50:02 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\FebdokSetup
[2011/11/18 10:59:55 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Hitman Pro
[2011/06/08 10:59:33 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\SolidDocuments
[2011/11/21 11:29:30 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\TEMP
[2008/08/03 01:26:39 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\{174892B1-CBE7-44F5-86FF-AB555EFD73A3}
[2008/08/03 01:33:21 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Default User\Application Data\SampleView
[2010/02/17 12:19:09 | 000,000,000 | ---D | M] -- C:\Documents and Settings\ian\Application Data\AlpCAD Software
[2010/05/19 07:43:43 | 000,000,000 | ---D | M] -- C:\Documents and Settings\ian\Application Data\Autodesk
[2011/01/27 07:33:59 | 000,000,000 | ---D | M] -- C:\Documents and Settings\ian\Application Data\Boocco
[2011/08/16 06:27:46 | 000,000,000 | ---D | M] -- C:\Documents and Settings\ian\Application Data\InterVideo
[2009/12/01 08:54:22 | 000,000,000 | ---D | M] -- C:\Documents and Settings\ian\Application Data\iScreensaver
[2010/10/01 09:35:23 | 000,000,000 | ---D | M] -- C:\Documents and Settings\ian\Application Data\Relux Informatik AG
[2011/01/27 07:53:01 | 000,000,000 | ---D | M] -- C:\Documents and Settings\ian\Application Data\Rese
[2011/11/18 10:04:24 | 000,000,000 | ---D | M] -- C:\Documents and Settings\ian\Application Data\Sammsoft
[2008/08/03 01:33:21 | 000,000,000 | ---D | M] -- C:\Documents and Settings\ian\Application Data\SampleView
[2011/11/14 10:54:29 | 000,000,000 | ---D | M] -- C:\Documents and Settings\ian\Application Data\SolidDocuments
[2011/11/21 08:30:02 | 000,000,424 | -H-- | M] () -- C:\WINDOWS\Tasks\MP Scheduled Scan.job
[2011/11/21 08:27:06 | 000,000,236 | ---- | M] () -- C:\WINDOWS\Tasks\OGALogon.job
[2011/11/21 14:52:00 | 000,000,230 | ---- | M] () -- C:\WINDOWS\Tasks\Scheduled Update for Ask Toolbar.job
========== Purity Check ========== ========== Custom Scans ========== < %SYSTEMDRIVE%\*.exe >[2011/10/04 13:41:49 | 000,602,456 | ---- | M] (Google Inc.) -- C:\GoogleEarthPluginSetup.exe
[2007/11/07 07:03:18 | 000,562,688 | ---- | M] (Microsoft Corporation) -- C:\install.exe
< MD5 for: EXPLORER.EXE >[2008/04/14 00:12:19 | 001,033,728 | ---- | M] (Microsoft Corporation) MD5=12896823FB95BFB3DC9B46BCAEDC9923 -- C:\WINDOWS\explorer.exe
[2008/04/14 00:12:19 | 001,033,728 | ---- | M] (Microsoft Corporation) MD5=12896823FB95BFB3DC9B46BCAEDC9923 -- C:\WINDOWS\ServicePackFiles\i386\explorer.exe
[2011/01/16 16:55:21 | 000,255,488 | ---- | M] () MD5=3C33B26F2F7FA61D882515F2D6078691 -- C:\Documents and Settings\ian\Local Settings\Temp\RarSFX0\procs\explorer.exe
[2011/01/16 16:55:21 | 000,255,488 | ---- | M] () MD5=3C33B26F2F7FA61D882515F2D6078691 -- C:\Documents and Settings\ian\Local Settings\Temp\RarSFX1\procs\explorer.exe
[2011/01/16 16:55:21 | 000,255,488 | ---- | M] () MD5=3C33B26F2F7FA61D882515F2D6078691 -- C:\Documents and Settings\ian\Local Settings\Temp\RarSFX2\procs\explorer.exe
[2011/01/16 16:55:21 | 000,255,488 | ---- | M] () MD5=3C33B26F2F7FA61D882515F2D6078691 -- C:\Documents and Settings\ian\Local Settings\Temp\RarSFX3\procs\explorer.exe
[2006/02/28 02:00:00 | 001,032,192 | ---- | M] (Microsoft Corporation) MD5=A0732187050030AE399B241436565E64 -- C:\WINDOWS\$NtServicePackUninstall$\explorer.exe
[2005/08/16 02:54:58 | 000,001,536 | ---- | M] () MD5=ABC6379205DE2618851C4FCBF72112EB -- C:\Documents and Settings\ian\Local Settings\Temp\RarSFX0\h\explorer.exe
[2005/08/16 02:54:58 | 000,001,536 | ---- | M] () MD5=ABC6379205DE2618851C4FCBF72112EB -- C:\Documents and Settings\ian\Local Settings\Temp\RarSFX1\h\explorer.exe
[2005/08/16 02:54:58 | 000,001,536 | ---- | M] () MD5=ABC6379205DE2618851C4FCBF72112EB -- C:\Documents and Settings\ian\Local Settings\Temp\RarSFX2\h\explorer.exe
[2005/08/16 02:54:58 | 000,001,536 | ---- | M] () MD5=ABC6379205DE2618851C4FCBF72112EB -- C:\Documents and Settings\ian\Local Settings\Temp\RarSFX3\h\explorer.exe
< MD5 for: SVCHOST.EXE >[2008/04/14 00:12:36 | 000,014,336 | ---- | M] (Microsoft Corporation) MD5=27C6D03BCDB8CFEB96B716F3D8BE3E18 -- C:\WINDOWS\ServicePackFiles\i386\svchost.exe
[2008/04/14 00:12:36 | 000,014,336 | ---- | M] (Microsoft Corporation) MD5=27C6D03BCDB8CFEB96B716F3D8BE3E18 -- C:\WINDOWS\system32\svchost.exe
[2006/02/28 02:00:00 | 000,014,336 | ---- | M] (Microsoft Corporation) MD5=8F078AE4ED187AAABC0A305146DE6716 -- C:\WINDOWS\$NtServicePackUninstall$\svchost.exe
< MD5 for: USERINIT.EXE >[2006/02/28 02:00:00 | 000,024,576 | ---- | M] (Microsoft Corporation) MD5=39B1FFB03C2296323832ACBAE50D2AFF -- C:\WINDOWS\$NtServicePackUninstall$\userinit.exe
[2008/04/14 00:12:38 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=A93AEE1928A9D7CE3E16D24EC7380F89 -- C:\WINDOWS\ServicePackFiles\i386\userinit.exe
[2008/04/14 00:12:38 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=A93AEE1928A9D7CE3E16D24EC7380F89 -- C:\WINDOWS\system32\userinit.exe
[2009/05/26 19:47:22 | 000,031,232 | ---- | M] (NirSoft) MD5=AC6094297CD882B8626466CDEB64F19F -- C:\Documents and Settings\ian\Local Settings\Temp\RarSFX0\userinit.exe
[2009/05/26 19:47:22 | 000,031,232 | ---- | M] (NirSoft) MD5=AC6094297CD882B8626466CDEB64F19F -- C:\Documents and Settings\ian\Local Settings\Temp\RarSFX1\userinit.exe
[2009/05/26 19:47:22 | 000,031,232 | ---- | M] (NirSoft) MD5=AC6094297CD882B8626466CDEB64F19F -- C:\Documents and Settings\ian\Local Settings\Temp\RarSFX2\userinit.exe
[2009/05/26 19:47:22 | 000,031,232 | ---- | M] (NirSoft) MD5=AC6094297CD882B8626466CDEB64F19F -- C:\Documents and Settings\ian\Local Settings\Temp\RarSFX3\userinit.exe
< MD5 for: WINLOGON.EXE >[2006/02/28 02:00:00 | 000,502,272 | ---- | M] (Microsoft Corporation) MD5=01C3346C241652F43AED8E2149881BFE -- C:\WINDOWS\$NtServicePackUninstall$\winlogon.exe
[2009/05/26 19:47:22 | 000,031,232 | ---- | M] (NirSoft) MD5=AC6094297CD882B8626466CDEB64F19F -- C:\Documents and Settings\ian\Local Settings\Temp\RarSFX0\winlogon.exe
[2009/05/26 19:47:22 | 000,031,232 | ---- | M] (NirSoft) MD5=AC6094297CD882B8626466CDEB64F19F -- C:\Documents and Settings\ian\Local Settings\Temp\RarSFX1\winlogon.exe
[2009/05/26 19:47:22 | 000,031,232 | ---- | M] (NirSoft) MD5=AC6094297CD882B8626466CDEB64F19F -- C:\Documents and Settings\ian\Local Settings\Temp\RarSFX2\winlogon.exe
[2009/05/26 19:47:22 | 000,031,232 | ---- | M] (NirSoft) MD5=AC6094297CD882B8626466CDEB64F19F -- C:\Documents and Settings\ian\Local Settings\Temp\RarSFX3\winlogon.exe
[2008/04/14 00:12:39 | 000,507,904 | ---- | M] (Microsoft Corporation) MD5=ED0EF0A136DEC83DF69F04118870003E -- C:\WINDOWS\ServicePackFiles\i386\winlogon.exe
[2008/04/14 00:12:39 | 000,507,904 | ---- | M] (Microsoft Corporation) MD5=ED0EF0A136DEC83DF69F04118870003E -- C:\WINDOWS\system32\winlogon.exe
< C:\Windows\assembly\tmp\U\*.* /s > < > ========== Alternate Data Streams ========== @Alternate Data Stream - 109 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:DFC5A2B2
< End of report >