Click.GiftLoad Help needed

Great, thats nice to hear

Open OTL and click on Clean Up and it will remove programs we used to clean your system along with there backups, whatever it does not remove can be dragged to the trash. I will not remove Malwarebytes which is the free version and yours to keep, the Pro Version includes a protection module that will block bad sites if you should wander into the accidently, the cost is minimal but this is your choice




Safe Surfn
Ken
 
Hey, not a problem. How one AV runs on one system it may run differently on another. Myself, I have had Symantec for as long as I can remember and have never had a problem with it, its one of those deals you either hate or love it. I use Norton Internet Security, it contains AV, Anti Spyware and a firewall and my system runs fine. Dont quote me on price but I believe its around $59 for 3 computers so it works well for me, have it on my desktop and two of my laptops all for $59

I have not tried this myself but have heard good things from Microsoft Security Essentials , it contains AV , Anti Spyware and I believe a firewall , and its free, give it a shot
http://www.microsoft.com/en-us/security_essentials/default.aspx

This thread will be closed in a few days but if either of the above does not work for you just shoot me a PM and I can suggest other free programs
 
Ken,

Got suspicious that web pages were 'jumpig' a bit, and internet slow again.
Ran Spybot and you guessed it, it found Click.Giftload AGAIN!!

Any ideas??

Regards

Dave:scratch:
 
Lets run OTL to remove Click.Giftload, the reg fix may not have taken

Open OTL.exe
  • Copy/paste the following text written inside of the code box into the Custom Scans/Fixes box located at the bottom of OTL

    Code: 
    :processes
killallprocesses

:OTL



:Services

:Reg

[HKEY_USERS\.DEFAULT\Software\Microsoft\Internet Explorer\Main\featurecontrol\FEATURE_BROWSER_EMULATION]
"svchost.exe"=-

:Files






:Commands
[purity]
[emptytemp]
[start explorer]
[Reboot]
  • Then click the Run Fix button at the top. <--Not run Scan
  • Let the program run unhindered, reboot when it is done
  • Then post the results of the log it produces.
  • Then run a new scan and post a new OTL log ( don't check the boxes beside LOP Check or Purity this time )
 
1st Log:-

All processes killed
========== PROCESSES ==========
========== OTL ==========
========== SERVICES/DRIVERS ==========
========== REGISTRY ==========
Registry value HKEY_USERS\.DEFAULT\Software\Microsoft\Internet Explorer\Main\featurecontrol\FEATURE_BROWSER_EMULATION\\svchost.exe deleted successfully.
========== FILES ==========
========== COMMANDS ==========

[EMPTYTEMP]

User: Administrator
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
->Flash cache emptied: 0 bytes

User: All Users

User: David Roberts
->Temp folder emptied: 727813 bytes
->Temporary Internet Files folder emptied: 2096291 bytes
->Java cache emptied: 0 bytes
->Google Chrome cache emptied: 0 bytes
->Flash cache emptied: 2605 bytes

User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
->Flash cache emptied: 0 bytes

User: Elen Roberts
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes

User: LocalService
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33170 bytes

User: Nathan Roberts
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
->Java cache emptied: 0 bytes
->Flash cache emptied: 0 bytes

User: NetworkService
->Temp folder emptied: 25690 bytes
->Temporary Internet Files folder emptied: 33170 bytes
->Java cache emptied: 0 bytes
->Flash cache emptied: 0 bytes

User: Samantha Roberts
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
->Java cache emptied: 0 bytes
->Flash cache emptied: 0 bytes

%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32\dllcache .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 117042 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temp folder emptied: 0 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temporary Internet Files folder emptied: 0 bytes
RecycleBin emptied: 0 bytes

Total Files Cleaned = 3.00 mb


OTL by OldTimer - Version 3.2.22.3 log created on 05182011_232521

Files\Folders moved on Reboot...
C:\Documents and Settings\David Roberts\Local Settings\Temporary Internet Files\Content.IE5\I4TH4J9X\main[1].htm moved successfully.
C:\Documents and Settings\David Roberts\Local Settings\Temporary Internet Files\Content.IE5\2L3QR3LN\showthread[1].htm moved successfully.
C:\Documents and Settings\David Roberts\Local Settings\Temporary Internet Files\AntiPhishing\A0AB7674-8D67-4F4D-B5E1-96FAEADFB79D.dat moved successfully.

Registry entries deleted on Reboot...

I take it the next scan is a straightforward 'Run Scan'?
 
OTL LOG:-
OTL Extras logfile created on: 19/05/2011 21:23:34 - Run 1
OTL by OldTimer - Version 3.2.22.3 Folder = C:\Documents and Settings\David Roberts\Desktop
Windows XP Home Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 7.0.5730.11)
Locale: 00000809 | Country: United Kingdom | Language: ENG | Date Format: dd/MM/yyyy

2.00 Gb Total Physical Memory | 1.00 Gb Available Physical Memory | 69.00% Memory free
3.00 Gb Paging File | 2.00 Gb Available in Paging File | 81.00% Paging File free
Paging file location(s): C:\pagefile.sys 756 1512 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 74.53 Gb Total Space | 5.03 Gb Free Space | 6.74% Space Free | Partition Type: NTFS

Computer Name: LAPTOP1 | User Name: David Roberts | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Extra Registry (SafeList) ==========


========== File Associations ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
.url [@ = InternetShortcut] -- rundll32.exe ieframe.dll,OpenURL %l

========== Shell Spawning ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
exefile [open] -- "%1" %*
htmlfile [edit] -- "C:\Program Files\Microsoft Office\Office\msohtmed.exe" %1 (Microsoft Corporation)
htmlfile [print] -- "C:\Program Files\Microsoft Office\Office\msohtmed.exe" /p %1 (Microsoft Corporation)
InternetShortcut [open] -- rundll32.exe ieframe.dll,OpenURL %l
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

========== Security Center Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"FirstRunDisabled" = 1
"AntiVirusOverride" = 0
"FirewallOverride" = 0
"AntiVirusDisableNotify" = 0
"FirewallDisableNotify" = 0
"UpdatesDisableNotify" = 0

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall]

========== System Restore Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Sr]
"Start" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SrService]
"Start" = 2

========== Firewall Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile]

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List]
"139:TCP" = 139:TCP:*:Enabled:@xpsp2res.dll,-22004
"445:TCP" = 445:TCP:*:Enabled:@xpsp2res.dll,-22005
"137:UDP" = 137:UDP:*:Enabled:@xpsp2res.dll,-22001
"138:UDP" = 138:UDP:*:Enabled:@xpsp2res.dll,-22002
"1900:UDP" = 1900:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22007
"2869:TCP" = 2869:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22008

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 0
"DoNotAllowExceptions" = 0
"DisableNotifications" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
"1900:UDP" = 1900:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22007
"2869:TCP" = 2869:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22008
"139:TCP" = 139:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22004
"445:TCP" = 445:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22005
"137:UDP" = 137:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22001
"138:UDP" = 138:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22002
"3389:TCP" = 3389:TCP:*:Enabled:@xpsp2res.dll,-22009

========== Authorized Applications List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
"C:\Program Files\MSN Messenger\livecall.exe" = C:\Program Files\MSN Messenger\livecall.exe:*:Enabled:Windows Live Messenger 8.1 (Phone)

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"C:\Program Files\Spotify\spotify.exe" = C:\Program Files\Spotify\spotify.exe:*:Enabled:Spotify -- (Spotify Ltd)


========== HKEY_LOCAL_MACHINE Uninstall List ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{00170409-78E1-11D2-B60F-006097C998E7}" = Microsoft Word 2000
"{044146E4-A924-458A-9948-4B9C7C7D9321}" = LightScribe 1.4.31.1
"{06E6E30D-B498-442F-A943-07DE41D7F785}" = Microsoft Search Enhancement Pack
"{075473F5-846A-448B-BCB3-104AA1760205}" = Sonic Data Module
"{08E4AE58-748D-4983-9B8A-495E2341769F}" = Garmin POI Loader
"{109D28C7-FB38-483A-9C91-001CB59E2699}" = EPSON CardMonitor
"{139E303E-1050-497F-98B1-9AE87B15C463}" = Windows Live Family Safety
"{15EE79F4-4ED1-4267-9B0F-351009325D7D}" = HP Software Update
"{178832DE-9DE0-4C87-9F82-9315A9B03985}" = Windows Live Writer
"{18455581-E099-4BA8-BC6B-F34B2F06600C}" = Google Toolbar for Internet Explorer
"{18D10072035C4515918F7E37EAFAACFC}" = AutoUpdate
"{197A3012-8C85-4FD3-AB66-9EC7E13DB92E}" = Adobe AIR
"{1B9B5B3B-28E7-4E59-A80D-D670AA984514}" = Nokia Connectivity Cable Driver
"{1D5EB783-25F8-495B-8B01-DE6D1BFBB8B4}" = VideoCam Suite 3.0
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{1F51A0CA-2BDD-474E-BB90-C7FA8EA78F52}" = ImageMixer VCD/DVD2 for OLYMPUS
"{205C6BDD-7B73-42DE-8505-9A093F35A238}" = Windows Live Upload Tool
"{21657574-BD54-48A2-9450-EB03B2C7FC29}" = Sonic MyDVD Plus
"{22B775E7-6C42-4FC5-8E10-9A5E3257BD94}" = MSVCRT
"{2318C2B1-4965-11d4-9B18-009027A5CD4F}" = Google Toolbar for Internet Explorer
"{23B59ED4-C360-11D7-875B-0090CC005647}" = EPSON PRINT Image Framer Tool2.1
"{23BE930B-6AC4-4D0D-B5C3-03062A2BF2A3}" = OpenMG AAC Add-on Module 1.0.00
"{2658DA34-F392-47F8-B8A9-E4E62B66D4C7}" = Steganos Internet Trace Destructor 6.1
"{26A24AE4-039D-4CA4-87B4-2F83216019FF}" = Java(TM) 6 Update 19
"{2739F500-6661-4531-8F32-762BB6A52589}" = Nokia Car Kit Software Updater
"{29748FDD-082A-48F4-97C3-681764CCEE79}" = EOCP Drivers 0.9.311007
"{29EA075F-2C61-472F-B01D-80E8D8F023F1}" = Garmin City Navigator Europe NT v9
"{29F3E29B-4B0F-4485-9A48-1A48F3F47247}" = HP_User_Guides_0005
"{2A981294-F14C-4F0F-9627-D793270922F8}" = Bonjour
"{30465B6C-B53F-49A1-9EBA-A3F187AD502E}" = Sonic Update Manager
"{308B6AEA-DE50-4666-996D-0FA461719D6B}" = Apple Mobile Device Support
"{34610DE0-3C13-42CA-8E32-01FFA38AB6E8}" = PC Connectivity Solution
"{350C97B0-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP
"{3633BA28-67CE-4AC8-A677-3406CA84C3D8}" = OpenMG Secure Module 4.5.01
"{416D80BA-6F6D-4672-B7CF-F54DA2F80B44}" = Microsoft Works
"{4286E640-B5FB-11DF-AC4B-005056C00008}" = Google Earth
"{4302B2DD-D958-40E3-BAF3-B07FFE1978CE}" = HP Wireless Assistant 1.01 B2
"{45338B07-A236-4270-9A77-EBB4115517B5}" = Windows Live Sign-in Assistant
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4acec804-8c2c-4c78-9127-6c6b756e44e2}.sdb" = Disney Interactive Global Compatibility Update June 2003
"{52F6065D-27D0-4680-B2BC-C49C9A252459}" = Motorola Driver Installation
"{56364334-9530-11D2-BFFC-00C04FA329AA}" = Microsoft Works 2000
"{57752979-A1C9-4C02-856B-FBB27AC4E02C}" = QuickTime
"{63569CE9-FA00-469C-AF5C-E5D4D93ACF91}" = Windows Genuine Advantage v1.3.0254.0
"{6412CECE-8172-4BE5-935B-6CECACD2CA87}" = Windows Live Mail
"{65F5B7AF-3363-11D7-BB6B-00018021113F}" = EPSON PhotoQuicker3.5
"{6675CA7F-E51B-4F6A-99D4-F8F0124C6EAA}" = Sonic Express Labeler
"{67EDD823-135A-4D59-87BD-950616D6E857}" = EPSON Copy Utility 3
"{6956856F-B6B3-4BE0-BA0B-8F495BE32033}" = Apple Software Update
"{6B9B0C6F-E5FA-4633-A640-AB98A272ECCA}" = Safari
"{6C11D561-620B-47DA-A693-4C597F3CDF40}" = EPSON Smart Panel
"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
"{774088D4-0777-4D78-904D-E435B318F5D2}" = Microsoft Antimalware
"{77A776C4-D10F-416D-88F0-53F2D9DCD9B3}" = Microsoft Security Client
"{77DCDCE3-2DED-62F3-8154-05E745472D07}" = Acrobat.com
"{7AC15160-A49B-4A89-B181-D4619C025FFF}" = Samsung Samples Installer
"{7B2731E4-7058-4252-B855-1EEB9C83BEC1}" = RSD_LITE_3_1
"{7B63B2922B174135AFC0E1377DD81EC2}" = DivX
"{7BD0A2D8-4EA0-43C6-BDF8-DDA87B8031C6}" = PIF DESIGNER2.1
"{7F14F68C-17FA-4F88-B3FD-7F449C1EBF32}" = EPSON Web-To-Page
"{81128EE8-8EAD-4DB0-85C6-17C2CE50FF71}" = Windows Live Essentials
"{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable
"{844DA731-B8B0-4581-AF3C-5158CC16897E}" = BlackBerry v4.2.2 for the 8320 Series Wireless Handheld
"{84814E6B-2581-46EC-926A-823BD1C670F6}" = WIDCOMM Bluetooth Software
"{84EBDF39-4B33-49D7-A0BD-EB6E2C4E81C1}" = Windows Live Sync
"{86CE85E6-DBAC-3FFD-B977-E4B79F83C909}" = Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570
"{881F5DE8-9367-4B81-A325-E91BBC6472F9}" = iTunes
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8A708DD8-A5E6-11D4-A706-000629E95E20}" = Intel(R) Graphics Media Accelerator Driver for Mobile
"{8A74E887-8F0F-4017-AF53-CBA42211AAA5}" = Microsoft Sync Framework Runtime Native v1.0 (x86)
"{8ADFC4160D694100B5B8A22DE9DCABD9}" = DivX Player
"{91810AFC-A4F8-4EBA-A5AA-B198BBC81144}" = InterVideo WinDVD
"{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting
"{96C0E73B-8813-4F4A-9EA1-D407C27AA1A1}" = TIxx21
"{995F1E2E-F542-4310-8E1D-9926F5A279B3}" = Windows Live Toolbar
"{996EC44B-38E1-4898-8E47-3EE3D15F2712}" = Garmin WebUpdater
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9F72EF8B-AEC9-4CA5-B483-143980AFD6FD}" = ALPS Touch Pad Driver
"{A0EB195B-5876-48E6-879D-33D4B2102610}" = SonicStage 4.0
"{a0fe116e-9a8a-466f-aee0-625cb7c207e3}" = Microsoft Visual C++ 2005 Redistributable - KB2467175
"{A1F66FC9-11EE-4F2F-98C9-16F8D1E69FB7}" = Segoe UI
"{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}" = Microsoft .NET Framework 3.0 Service Pack 2
"{A71D5E81-B967-43DB-93D7-FD31BFB95748}" = MobileMe Control Panel
"{A85FD55B-891B-4314-97A5-EA96C0BD80B5}" = Windows Live Messenger
"{A92A4DB0-CD37-42D1-BE1D-603D53C24328}" = Intel(R) Processor ID Utility
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{A93C4E94-1005-489D-BEAA-B873C1AA6CFC}" = HP Help and Support
"{AB708C9B-97C8-4AC9-899B-DBF226AC9382}" = Sonic Audio Module
"{AC76BA86-7AD7-1033-7B44-A94000000001}" = Adobe Reader 9.4.4
"{AC76BA86-7AD7-5760-0000-800000000003}" = Japanese Fonts Support For Adobe Reader 8
"{B1102A25-3AA3-446B-AA0F-A699B07A02FD}" = Garmin USB Drivers
"{B12665F4-4E93-4AB4-B7FC-37053B524629}" = Sonic Copy Module
"{B22FE723-D740-4448-87C4-3F34351492AC}" = Advance Training Computerised Study Kit 2007
"{B4092C6D-E886-4CB2-BA68-FE5A88D31DE6}_is1" = Spybot - Search & Destroy
"{B62C3B2A-9FB8-44AA-B58F-FD2CE550E9E3}" = Ultimate Human Body 2
"{B7050CBDB2504B34BC2A9CA0A692CC29}" = DivX Web Player
"{BA820A24-704B-428D-9904-71A10DAC1372}" = OLYMPUS Master
"{BB3CDC11-CA2F-4D93-8C10-F9040DD7E9ED}" = Become a Human Body Explorer
"{BC7E9D03-F7B1-4179-AAEC-941D14DF5EF3}" = Ben 10 Alien Force Bounty Hunters
"{BD64AF4A-8C80-4152-AD77-FCDDF05208AB}" = Microsoft Sync Framework Services Native v1.0 (x86)
"{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}" = Microsoft .NET Framework 2.0 Service Pack 2
"{C48817E7-AA05-4151-A99D-1E1E550CE801}" = EPSON PhotoStarter3.1
"{C4A4722E-79F9-417C-BD72-8D359A090C97}" = Samsung PC Studio 3
"{C5DD42DC-5402-11D3-8072-00C04FA329AA}" = Word in Works Suite add-in
"{CAE7D1D9-3794-4169-B4DD-964ADBC534EE}" = HP Product Detection
"{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}" = Microsoft .NET Framework 1.1
"{CD95D125-2992-4858-B3EF-5F6FB52FBAD6}" = Skype Toolbars
"{CD95F661-A5C4-44F5-A6AA-ECDD91C240C1}" = WinZip 15.0
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{CEB326EC-8F40-47B2-BA22-BB092565D66F}" = Quick Launch Buttons 5.10 B5
"{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}" = SAMSUNG USB Driver for Mobile Phones
"{D10FF038-7941-4B62-8051-17D3E2BC150A}" = Garmin City Navigator Europe NT+ v8.02
"{D6C75F0B-3BC1-4FC9-B8C5-3F7E8ED059CA}" = Windows Live Photo Gallery
"{D6CD26FD-CD7F-4C86-96A3-EEBFABE5FE47}" = Kies
"{DB518BA6-CB74-4EB6-9ABD-880B6D6E1F38}" = HpSdpAppCoreApp
"{E0783143-EAE2-4047-A8D6-E155523C594C}" = Garmin WebUpdater
"{E2DFE069-083E-4631-9B6C-43C48E991DE5}" = Junk Mail filter update
"{E3A54A70-1CFA-4D79-ACD6-5AA2A98C212F}" = Samsung PC Studio 3
"{E59113EB-0285-4BFD-A37A-B79EAC6B8F4B}" = Microsoft SQL Server Compact 3.5 SP1 English
"{E633D396-5188-4E9D-8F6B-BFB8BF3467E8}" = Skype™ 5.0
"{EAF5E394-BC2B-42D3-9A94-E0AD66851922}" = Vodafone Mobile Connect
"{EBA29752-DDD2-4B62-B2E3-9841F92A3E3A}" = Samsung PC Studio 3 USB Driver Installer
"{EBAE381B-60A6-4863-AA9F-FCAB755BC9E5}" = ScanToWeb
"{ED00D08A-3C5F-488D-93A0-A04F21F23956}" = Windows Live Communications Platform
"{EE6097DD-05F4-4178-9719-D3170BF098E8}" = Apple Application Support
"{F0A37341-D692-11D4-A984-009027EC0A9C}" = SoundMAX
"{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]
"{F0E12BBA-AD66-4022-A453-A1C8A0C4D570}" = Microsoft Choice Guard
"{F128BA10-362E-11D3-81AB-00C04FB932BA}" = Microsoft Home Publishing 2000
"{F193FC0E-9E18-40FC-A974-509A1BDD240A}" = Samsung New PC Studio
"{F3B76517-C1BC-40A7-814C-4C0A87E7D9DF}" = Garmin MapSource
"{F6BD194C-4190-4D73-B1B1-C48C99921BFE}" = Windows Live Call
"45A7283175C62FAC673F913C1F532C5361F97841" = Windows Driver Package - Garmin (grmnusb) GARMIN Devices (03/08/2007 2.2.1.0)
"504244733D18C8F63FF584AEB290E3904E791693" = Windows Driver Package - Nokia pccsmcfd (08/22/2008 7.0.0.0)
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Adobe Shockwave Player" = Adobe Shockwave Player 11.5
"Agere Systems Soft Modem" = Agere Systems AC'97 Modem
"Amazon MP3 Downloader" = Amazon MP3 Downloader 1.0.9
"Art Attack" = Art Attack
"BodyWorks 6.0" = BodyWorks 6.0
"Britannica Word Games Platinum" = Britannica Word Games Platinum
"com.adobe.mauby.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1" = Acrobat.com
"Cucusoft DVD to iPod + iPod Video Converter Suite_is1" = Cucusoft DVD to iPod + iPod Video Converter Suite 7.19.7.12
"CyberScrub Professional 3.0" = CyberScrub Professional 3.0
"Dan Elwell's Broadband Speed Test_is1" = Dan Elwell's Broadband Speed Test
"DrumXtreme" = DrumXtreme
"DVD Decrypter" = DVD Decrypter (Remove Only)
"EPSON Printer and Utilities" = EPSON Printer Software
"EPSON Scanner" = EPSON Scan
"ERUNT_is1" = ERUNT 1.1j
"ESCX6600 Reference Guide" = ESCX6600 Reference Guide
"ESCX6600 Software Guide" = ESCX6600 Software Guide
"ESET Online Scanner" = ESET Online Scanner v3
"Flash&Backup3" = Flash&Backup
"GolfScoreMaster" = GolfScoreMaster
"Google Chrome" = Google Chrome
"Google Updater" = Google Updater
"IDNMitigationAPIs" = Microsoft Internationalized Domain Names Mitigation APIs
"ie7" = Windows Internet Explorer 7
"InCD!UninstallKey" = InCD
"InstallShield_{23BE930B-6AC4-4D0D-B5C3-03062A2BF2A3}" = OpenMG AAC Add-on Module 1.0.00
"InstallShield_{29748FDD-082A-48F4-97C3-681764CCEE79}" = EOCP Drivers 0.9.311007
"InstallShield_{3633BA28-67CE-4AC8-A677-3406CA84C3D8}" = OpenMG Secure Module 4.5.01
"InstallShield_{96C0E73B-8813-4F4A-9EA1-D407C27AA1A1}" = Texas Instruments PCIxx21/x515 drivers.
"InstallShield_{BA820A24-704B-428D-9904-71A10DAC1372}" = OLYMPUS Master
"InstallShield_{D6CD26FD-CD7F-4C86-96A3-EEBFABE5FE47}" = Kies
"InstallShield_{F193FC0E-9E18-40FC-A974-509A1BDD240A}" = Samsung New PC Studio
"Life On Mars 02" = Life On Mars 02 Screen Saver
"Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware
"McDonald's Dragons " = McDonald's Dragons
"McDonald's Fairies " = McDonald's Fairies
"Microsoft .NET Framework 1.1 (1033)" = Microsoft .NET Framework 1.1
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"Microsoft Security Client" = Microsoft Security Essentials
"Mozilla Thunderbird (2.0.0.23)" = Mozilla Thunderbird (2.0.0.23)
"MRW!UninstallKey" = Ahead InCD EasyWrite Reader
"Nero - Burning Rom!UninstallKey" = Nero OEM
"NeroVision!UninstallKey" = NeroVision Express
"NLSDownlevelMapping" = Microsoft National Language Support Downlevel APIs
"NMPUninstallKey" = NeroMediaPlayer
"OpenMG HotFix4.5-06-05-10-01" = OpenMG Limited Patch 4.5-06-05-12-01
"PC Tools Firewall Plus" = PC Tools Firewall Plus 7.0
"Photo Viewer" = Photo Viewer 2.24
"Print Pack" = Print Pack
"RealPlayer 6.0" = RealPlayer
"SAMSUNG CDMA Modem" = SAMSUNG CDMA Modem Driver Set
"Simba's Pride GameBreak" = Disney's Simba's Pride GameBreak
"Sony Eyetoy SLEH-00031" = Sony Eyetoy SLEH-00031
"Spotify" = Spotify
"SpywareBlaster_is1" = SpywareBlaster 4.4
"Trusted Software Assistant_is1" = File Type Assistant
"UnityWebPlayer" = Unity Web Player
"Videora iPod Converter" = Videora iPod Converter 5.03
"Wdf01005" = Microsoft Kernel-Mode Driver Framework Feature Pack 1.5
"WinASO Registry Optimizer_is1" = WinASO Registry Optimizer 2.0.5
"Windows CE Services" = Microsoft ActiveSync 3.7
"Windows Live OneCare safety scanner" = Windows Live OneCare safety scanner
"Windows Media Format Runtime" = Windows Media Format Runtime
"Windows Media Player" = Windows Media Player 10
"Windows XP Service Pack" = Windows XP Service Pack 3
"WinLiveSuite_Wave3" = Windows Live Essentials
"WinRAR archiver" = WinRAR 4.00 (32-bit)
"WinZip Self-Extractor" = WinZip Self-Extractor
"Works2kSetup" = Microsoft Works 2000 Setup Launcher
"YouTube Downloader App" = YouTube Downloader App 2.03

========== HKEY_CURRENT_USER Uninstall List ==========

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"eMusic Download Manager" = eMusic Download Manager

========== Last 10 Event Log Errors ==========

[ Application Events ]
Error - 17/05/2011 16:08:43 | Computer Name = LAPTOP1 | Source = crypt32 | ID = 131080
Description = Failed auto update retrieval of third-party root list sequence number
from: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootseq.txt>
with error: A connection with the server could not be established

Error - 17/05/2011 16:33:59 | Computer Name = LAPTOP1 | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: Continuously busy for more than a second

Error - 17/05/2011 16:33:59 | Computer Name = LAPTOP1 | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledEvent 6266

Error - 17/05/2011 16:33:59 | Computer Name = LAPTOP1 | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledSPRetry 6266

Error - 18/05/2011 19:52:07 | Computer Name = LAPTOP1 | Source = crypt32 | ID = 131080
Description = Failed auto update retrieval of third-party root list sequence number
from: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootseq.txt>
with error: A connection with the server could not be established

Error - 19/05/2011 11:46:38 | Computer Name = LAPTOP1 | Source = Bonjour Service | ID = 100
Description = DNS Message from «ZERO ADDRESS»:0 to «ZERO ADDRESS»:0 length 0
too short

Error - 19/05/2011 13:47:50 | Computer Name = LAPTOP1 | Source = crypt32 | ID = 131080
Description = Failed auto update retrieval of third-party root list sequence number
from: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootseq.txt>
with error: A connection with the server could not be established

Error - 19/05/2011 14:46:25 | Computer Name = LAPTOP1 | Source = crypt32 | ID = 131080
Description = Failed auto update retrieval of third-party root list sequence number
from: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootseq.txt>
with error: A connection with the server could not be established

Error - 19/05/2011 14:46:57 | Computer Name = LAPTOP1 | Source = crypt32 | ID = 131080
Description = Failed auto update retrieval of third-party root list sequence number
from: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootseq.txt>
with error: A connection with the server could not be established

Error - 19/05/2011 14:46:59 | Computer Name = LAPTOP1 | Source = crypt32 | ID = 131080
Description = Failed auto update retrieval of third-party root list sequence number
from: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootseq.txt>
with error: This network connection does not exist.

[ System Events ]
Error - 18/05/2011 18:25:23 | Computer Name = LAPTOP1 | Source = Service Control Manager | ID = 7034
Description = The Java Quick Starter service terminated unexpectedly. It has done
this 1 time(s).

Error - 18/05/2011 18:25:24 | Computer Name = LAPTOP1 | Source = Service Control Manager | ID = 7034
Description = The InCD Helper service terminated unexpectedly. It has done this
1 time(s).

Error - 18/05/2011 18:25:31 | Computer Name = LAPTOP1 | Source = Service Control Manager | ID = 7034
Description = The PC Tools Firewall Plus service terminated unexpectedly. It has
done this 1 time(s).

Error - 18/05/2011 18:25:31 | Computer Name = LAPTOP1 | Source = Service Control Manager | ID = 7034
Description = The SoundMAX Agent Service service terminated unexpectedly. It has
done this 1 time(s).

Error - 18/05/2011 18:25:32 | Computer Name = LAPTOP1 | Source = Service Control Manager | ID = 7034
Description = The iPod Service service terminated unexpectedly. It has done this
1 time(s).

Error - 18/05/2011 18:35:17 | Computer Name = LAPTOP1 | Source = Service Control Manager | ID = 7023
Description = The Windows Firewall/Internet Connection Sharing (ICS) service terminated
with the following error: %%2

Error - 18/05/2011 19:01:53 | Computer Name = LAPTOP1 | Source = Service Control Manager | ID = 7023
Description = The Windows Firewall/Internet Connection Sharing (ICS) service terminated
with the following error: %%2

Error - 19/05/2011 05:28:03 | Computer Name = LAPTOP1 | Source = Service Control Manager | ID = 7023
Description = The Windows Firewall/Internet Connection Sharing (ICS) service terminated
with the following error: %%2

Error - 19/05/2011 11:46:43 | Computer Name = LAPTOP1 | Source = Service Control Manager | ID = 7023
Description = The Windows Firewall/Internet Connection Sharing (ICS) service terminated
with the following error: %%2

Error - 19/05/2011 15:38:20 | Computer Name = LAPTOP1 | Source = Service Control Manager | ID = 7023
Description = The Windows Firewall/Internet Connection Sharing (ICS) service terminated
with the following error: %%2


< End of report >

1st S&D Log:-
19.05.2011 19:53:24 - ##### check started #####
19.05.2011 19:53:24 - ### Version: 1.6.2
19.05.2011 19:53:24 - ### Date: 19/05/2011 19:53:24
19.05.2011 19:53:28 - ##### checking bots #####
19.05.2011 20:02:18 - found: Fraud.Sysguard User settings
19.05.2011 20:05:20 - found: Fraud.Sysguard Settings
19.05.2011 20:30:12 - found: WebTrends live Tracking cookie (Internet Explorer: David Roberts)
19.05.2011 20:30:12 - found: Tradedoubler Tracking cookie (Internet Explorer: David Roberts)
19.05.2011 20:30:12 - found: MediaPlex Tracking cookie (Internet Explorer: David Roberts)
19.05.2011 20:30:17 - ##### check finished #####

A 2nd S&D Log:-

19.05.2011 21:53:50 - ##### check started #####
19.05.2011 21:53:50 - ### Version: 1.6.2
19.05.2011 21:53:50 - ### Date: 19/05/2011 21:53:50
19.05.2011 21:53:54 - ##### checking bots #####
19.05.2011 22:31:05 - found: WebTrends live Tracking cookie (Internet Explorer: David Roberts)
19.05.2011 22:31:09 - ##### check finished #####

My daughter spends a lot of time on facebook and the problems seem to appear after that.

Thanks

Dave
 
Well, Facebook is a nice site, use it myself but you need to be careful on it and dont click on anything that you dont know.

You posted the log from the fix and also the extras log but run OTL and post a new log, there will be no extras

Are things better ?
 
Ken,
Things are running better, internet was really fast until I installed the anti virus software!! But in all I think everything is good - Thanks to you.

OTL logfile created on: 19/05/2011 23:46:51 - Run 2
OTL by OldTimer - Version 3.2.22.3 Folder = C:\Documents and Settings\David Roberts\Desktop
Windows XP Home Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 7.0.5730.11)
Locale: 00000809 | Country: United Kingdom | Language: ENG | Date Format: dd/MM/yyyy

2.00 Gb Total Physical Memory | 1.00 Gb Available Physical Memory | 66.00% Memory free
3.00 Gb Paging File | 2.00 Gb Available in Paging File | 79.00% Paging File free
Paging file location(s): C:\pagefile.sys 756 1512 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 74.53 Gb Total Space | 5.02 Gb Free Space | 6.73% Space Free | Partition Type: NTFS

Computer Name: LAPTOP1 | User Name: David Roberts | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2011/05/18 23:22:47 | 000,580,608 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\David Roberts\Desktop\OTL.exe
PRC - [2011/02/09 16:00:00 | 000,610,120 | R--- | M] (WinZip Computing, S.L.) -- C:\Program Files\WinZip\WZQKPICK.EXE
PRC - [2010/11/30 13:20:36 | 000,997,408 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft Security Client\msseces.exe
PRC - [2010/11/29 11:55:44 | 002,676,696 | ---- | M] (PC Tools) -- C:\Program Files\PC Tools Firewall Plus\FirewallGUI.exe
PRC - [2010/11/17 10:29:38 | 000,287,024 | ---- | M] (PC Tools) -- C:\Program Files\PC Tools Firewall Plus\FWService.exe
PRC - [2010/11/11 12:26:40 | 000,011,736 | ---- | M] (Microsoft Corporation) -- c:\Program Files\Microsoft Security Client\Antimalware\MsMpEng.exe
PRC - [2009/12/26 22:02:22 | 000,349,600 | ---- | M] (Panasonic Corporation) -- C:\Program Files\Common Files\Panasonic\VideoCam Suite AutoStart\VideoCamSuiteAutoStart.exe
PRC - [2009/12/22 03:31:26 | 000,217,088 | ---- | M] (Teruten) -- C:\WINDOWS\system32\FsUsbExService.Exe
PRC - [2009/03/05 16:07:20 | 002,260,480 | ---- | M] (Safer-Networking Ltd.) -- C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
PRC - [2008/04/14 15:03:54 | 000,596,584 | ---- | M] (Broadcom Corporation.) -- C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
PRC - [2008/04/14 01:12:19 | 001,033,728 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
PRC - [2007/06/15 13:57:42 | 000,145,504 | ---- | M] (B.H.A Corporation) -- C:\WINDOWS\system32\bgsvcgen.exe
PRC - [2006/05/08 05:17:56 | 000,081,920 | ---- | M] () -- C:\Program Files\Sony\SonicStage\SSAAD.exe
PRC - [2004/12/03 13:24:20 | 000,290,816 | ---- | M] (Hewlett-Packard ) -- C:\Program Files\HPQ\Quick Launch Buttons\eabservr.exe
PRC - [2004/10/14 09:11:10 | 001,388,544 | ---- | M] (Analog Devices, Inc.) -- C:\Program Files\Analog Devices\SoundMAX\SMax4PNP.exe
PRC - [2003/10/23 18:33:02 | 001,224,754 | ---- | M] (Ahead Software AG) -- C:\Program Files\Ahead\InCD\InCD.exe
PRC - [2003/10/23 18:30:04 | 000,786,484 | ---- | M] (AHEAD Software) -- C:\Program Files\Ahead\InCD\incdsrv.exe
PRC - [2002/09/20 14:50:10 | 000,045,056 | ---- | M] (Analog Devices, Inc.) -- C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe


========== Modules (SafeList) ==========

MOD - [2011/05/18 23:22:47 | 000,580,608 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\David Roberts\Desktop\OTL.exe
MOD - [2010/08/23 17:12:02 | 001,054,208 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.6028_x-ww_61e65202\comctl32.dll
MOD - [2008/04/14 14:58:14 | 000,073,728 | ---- | M] (Broadcom Corporation.) -- C:\WINDOWS\system32\BtMmHook.dll
MOD - [2006/05/03 23:53:54 | 000,174,592 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\framedyn.dll


========== Win32 Services (SafeList) ==========

SRV - File not found [On_Demand | Stopped] -- -- (AppMgmt)
SRV - [2010/11/17 10:29:38 | 000,287,024 | ---- | M] (PC Tools) [Auto | Running] -- C:\Program Files\PC Tools Firewall Plus\FWService.exe -- (PCToolsFirewallPlus)
SRV - [2010/11/11 12:26:40 | 000,011,736 | ---- | M] (Microsoft Corporation) [Auto | Running] -- c:\Program Files\Microsoft Security Client\Antimalware\MsMpEng.exe -- (MsMpSvc)
SRV - [2009/12/22 03:31:26 | 000,217,088 | ---- | M] (Teruten) [Auto | Running] -- C:\WINDOWS\system32\FsUsbExService.Exe -- (FsUsbExService)
SRV - [2008/11/11 09:38:06 | 000,620,544 | ---- | M] (Nokia.) [On_Demand | Stopped] -- C:\Program Files\PC Connectivity Solution\ServiceLayer.exe -- (ServiceLayer)
SRV - [2007/06/15 13:57:42 | 000,145,504 | ---- | M] (B.H.A Corporation) [Auto | Running] -- C:\WINDOWS\System32\bgsvcgen.exe -- (bgsvcgen)
SRV - [2006/05/08 04:24:54 | 000,069,632 | ---- | M] (Sony Corporation) [On_Demand | Stopped] -- C:\Program Files\Common Files\Sony Shared\AVLib\SSScsiSV.exe -- (SSScsiSV)
SRV - [2006/04/27 17:35:16 | 000,053,337 | ---- | M] (Sony Corporation) [On_Demand | Stopped] -- C:\Program Files\Common Files\Sony Shared\AVLib\MSCSPTISRV.exe -- (MSCSPTISRV)
SRV - [2006/04/27 17:27:06 | 000,049,241 | ---- | M] (Sony Corporation) [On_Demand | Stopped] -- C:\Program Files\Common Files\Sony Shared\AVLib\PACSPTISVR.exe -- (PACSPTISVR)
SRV - [2006/04/27 17:16:28 | 000,069,718 | ---- | M] (Sony Corporation) [On_Demand | Stopped] -- C:\Program Files\Common Files\Sony Shared\AVLib\SPTISRV.exe -- (SPTISRV)
SRV - [2003/10/23 18:30:04 | 000,786,484 | ---- | M] (AHEAD Software) [Auto | Running] -- C:\Program Files\Ahead\InCD\incdsrv.exe -- (InCDsrv)
SRV - [2002/09/20 14:50:10 | 000,045,056 | ---- | M] (Analog Devices, Inc.) [Auto | Running] -- C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe -- (SoundMAX Agent Service (default))


========== Driver Services (SafeList) ==========

DRV - [2011/05/19 20:38:13 | 000,028,752 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- c:\Documents and Settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{38509E5C-A75C-4234-B420-5ED6B4F824A0}\MpKsl9a24bee5.sys -- (MpKsl9a24bee5)
DRV - [2010/11/25 10:53:58 | 000,160,448 | ---- | M] (PC Tools) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\PCTAppEvent.sys -- (PCTAppEvent)
DRV - [2010/11/25 10:42:10 | 000,124,992 | ---- | M] (PC Tools) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\pctplfw.sys -- (pctplfw)
DRV - [2010/11/24 09:18:16 | 000,089,192 | ---- | M] (PC Tools) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\pctNdis-PacketFilter.sys -- (PCTFW-PacketFilter)
DRV - [2010/11/17 10:19:50 | 000,249,616 | ---- | M] (PC Tools) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\pctgntdi.sys -- (pctgntdi)
DRV - [2010/09/27 08:24:58 | 000,027,264 | ---- | M] (CSR) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\nokiackx.sys -- (nokiackx)
DRV - [2010/07/08 09:49:10 | 000,057,536 | ---- | M] (PC Tools) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\pctNdis.sys -- (pctNdisMP)
DRV - [2010/07/08 09:49:10 | 000,057,536 | ---- | M] (PC Tools) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\pctNdis.sys -- (pctNdis)
DRV - [2010/02/11 13:02:15 | 000,226,880 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\tcpip6.sys -- (Tcpip6)
DRV - [2009/12/22 03:31:26 | 000,036,640 | ---- | M] () [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\FsUsbExDisk.Sys -- (FsUsbExDisk)
DRV - [2009/12/22 03:31:02 | 000,018,136 | ---- | M] (Devguru Co., Ltd) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\dgderdrv.sys -- (dgderdrv)
DRV - [2009/09/19 06:30:10 | 000,123,648 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ss_bmdm.sys -- (ss_bmdm)
DRV - [2009/09/19 06:30:10 | 000,100,224 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ss_bserd.sys -- (ss_bserd)
DRV - [2009/09/19 06:30:10 | 000,098,432 | ---- | M] (MCCI) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ss_bbus.sys -- (ss_bbus) SAMSUNG USB Mobile Device (WDM)
DRV - [2009/09/19 06:30:10 | 000,014,848 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ss_bmdfl.sys -- (ss_bmdfl) SAMSUNG USB Mobile Modem (Filter)
DRV - [2009/08/05 23:48:42 | 000,054,752 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\fssfltr_tdi.sys -- (fssfltr)
DRV - [2008/08/26 09:26:12 | 000,018,816 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\pccsmcfd.sys -- (pccsmcfd)
DRV - [2008/04/15 12:14:02 | 000,990,632 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\btkrnl.sys -- (BTKRNL)
DRV - [2008/04/15 12:13:58 | 000,534,440 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\btaudio.sys -- (btaudio)
DRV - [2008/04/13 19:56:06 | 000,088,320 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\nwlnkipx.sys -- (NwlnkIpx)
DRV - [2008/03/27 18:18:12 | 000,047,272 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\btwusb.sys -- (BTWUSB)
DRV - [2008/03/10 19:18:42 | 000,057,384 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\btwhid.sys -- (btwhid)
DRV - [2008/02/04 18:57:44 | 000,037,160 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\btport.sys -- (BTDriver)
DRV - [2007/12/31 18:06:10 | 000,022,768 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\usbsermpt.sys -- (usbsermpt)
DRV - [2007/10/08 14:38:48 | 000,174,530 | ---- | M] (OmniVision Technologies, Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ov519vid.sys -- (ovt519)
DRV - [2007/09/20 12:59:14 | 000,156,392 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\btwdndis.sys -- (BTWDNDIS)
DRV - [2007/04/02 23:13:46 | 000,021,632 | ---- | M] (Motorola) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\motmodem.sys -- (motmodem)
DRV - [2006/12/14 12:27:18 | 000,040,832 | ---- | M] (Motorola Inc) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\motodrv.sys -- (MotDev)
DRV - [2006/07/24 17:05:00 | 000,005,632 | ---- | M] () [File_System | System | Running] -- C:\WINDOWS\System32\drivers\StarOpen.sys -- (StarOpen)
DRV - [2006/02/20 20:17:40 | 000,033,408 | ---- | M] (B.H.A Corporation) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\cdrbsdrv.sys -- (cdrbsdrv)
DRV - [2005/06/20 15:42:16 | 003,281,408 | ---- | M] (Intel® Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\w29n51.sys -- (w29n51) Intel(R)
DRV - [2005/04/13 11:12:38 | 001,066,278 | ---- | M] (Agere Systems) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\AGRSM.sys -- (AgereSoftModem)
DRV - [2005/04/04 17:25:36 | 000,160,768 | ---- | M] (Texas Instruments) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\tifm21.sys -- (tifm21)
DRV - [2005/03/31 13:14:16 | 000,266,240 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\BCMWL5.SYS -- (BCM43XX)
DRV - [2005/03/31 13:14:16 | 000,026,496 | ---- | M] (Option N.V.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\g3grumdm.sys -- (G3GRUMDM)
DRV - [2005/03/31 13:14:16 | 000,023,296 | ---- | M] (Option N.V.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\g3gruser.sys -- (G3GRUSER)
DRV - [2005/03/04 12:10:26 | 000,074,496 | ---- | M] (Realtek Semiconductor Corporation ) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\Rtlnicxp.sys -- (RTL8023xp)
DRV - [2005/01/31 18:23:08 | 000,109,319 | ---- | M] (Alps Electric Co., Ltd.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\Apfiltr.sys -- (ApfiltrService)
DRV - [2004/08/04 09:00:00 | 000,063,232 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\nwlnknb.sys -- (NwlnkNb)
DRV - [2004/08/04 09:00:00 | 000,055,936 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\nwlnkspx.sys -- (NwlnkSpx)
DRV - [2004/04/26 09:49:56 | 000,381,056 | ---- | M] (Sensaura) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\senfilt.sys -- (senfilt)
DRV - [2004/04/14 07:36:50 | 000,007,432 | ---- | M] (Hewlett-Packard Company) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\eabfiltr.sys -- (eabfiltr)
DRV - [2003/11/18 06:01:34 | 000,062,673 | ---- | M] (Funk Software, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\odysseyIM3.sys -- (odysseyIM3)
DRV - [2003/10/23 18:34:34 | 000,028,560 | ---- | M] (Ahead Software) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\incdpass.sys -- (InCDPass)
DRV - [2003/10/23 18:34:14 | 000,088,400 | ---- | M] (Ahead Software) [File_System | Disabled | Running] -- C:\WINDOWS\System32\drivers\incdfs.sys -- (InCDfs)
DRV - [2003/08/21 15:56:36 | 000,025,520 | ---- | M] (Ahead Software AG) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\incdrm.sys -- (incdrm)
DRV - [2003/06/06 11:46:16 | 000,005,220 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\EabUsb.sys -- (eabusb)
DRV - [2002/09/20 11:53:34 | 000,235,100 | ---- | M] (Analog Devices Inc) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\MidiSyn.sys -- (MidiSyn)
DRV - [2001/08/17 12:10:28 | 000,035,913 | ---- | M] (SMC) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\smcirda.sys -- (SMCIRDA)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.tiscali.co.uk/
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL = http://www.google.com/ie

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.talktalk.co.uk/
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = <local>

========== FireFox ==========


FF - HKLM\software\mozilla\Firefox\extensions\\{EFB458FC-F343-413F-8DF7-2658C04A8C52}: C:\Documents and Settings\Nathan Roberts\Local Settings\Application Data\{EFB458FC-F343-413F-8DF7-2658C04A8C52} [2010/07/06 15:45:40 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Firefox\extensions\\{A81C6ECF-DBAC-46A8-AB0F-1772D2A05683}: C:\Documents and Settings\Samantha Roberts\Local Settings\Application Data\{A81C6ECF-DBAC-46A8-AB0F-1772D2A05683} [2010/07/11 08:50:17 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Firefox\extensions\\{184CA625-3265-40F7-98DA-F49D55AE2F79}: C:\Documents and Settings\Elen Roberts\Local Settings\Application Data\{184CA625-3265-40F7-98DA-F49D55AE2F79}
FF - HKLM\software\mozilla\Mozilla Thunderbird 2.0.0.23\extensions\\Components: C:\Program Files\Mozilla Thunderbird\components [2011/01/05 19:32:26 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Thunderbird 2.0.0.23\extensions\\Plugins: C:\Program Files\Mozilla Thunderbird\plugins [2011/05/16 19:47:46 | 000,000,000 | ---D | M]

[2008/03/03 18:31:43 | 000,000,000 | ---D | M] (Talkback) -- C:\PROGRAM FILES\MOZILLA THUNDERBIRD\EXTENSIONS\TALKBACK@MOZILLA.ORG

O1 HOSTS File: ([2011/05/15 21:44:41 | 000,000,098 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\Hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: ::1 localhost
O2 - BHO: (Spybot-S&D IE Protection) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - No CLSID value found.
O2 - BHO: (no name) - {9A928341-D366-4032-A471-6EC120CD9B73} - No CLSID value found.
O2 - BHO: (Skype Plug-In) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O2 - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.6.6209.1142\swg.dll (Google Inc.)
O2 - BHO: (no name) - {E4F3F5D3-847E-4970-8754-9165E77EEE13} - No CLSID value found.
O2 - BHO: (EpsonToolBandKicker Class) - {E99421FB-68DD-40F0-B4AC-B7027CAE2F1A} - C:\Program Files\epson\EPSON Web-To-Page\EPSON Web-To-Page.dll (SEIKO EPSON CORPORATION)
O3 - HKLM\..\Toolbar: (EPSON Web-To-Page) - {EE5D279F-081B-4404-994D-C6B60AAEBA6D} - C:\Program Files\epson\EPSON Web-To-Page\EPSON Web-To-Page.dll (SEIKO EPSON CORPORATION)
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {A057A204-BACC-4D26-9990-79A187E2698E} - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (EPSON Web-To-Page) - {EE5D279F-081B-4404-994D-C6B60AAEBA6D} - C:\Program Files\epson\EPSON Web-To-Page\EPSON Web-To-Page.dll (SEIKO EPSON CORPORATION)
O4 - HKLM..\Run: [\BEDROOM\CX6600] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATI9EE.EXE (SEIKO EPSON CORPORATION)
O4 - HKLM..\Run: [\BEDROOM\EPSON] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATI9EE.EXE (SEIKO EPSON CORPORATION)
O4 - HKLM..\Run: [\BEDROOM\EPSON CX6600] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATI9EE.EXE (SEIKO EPSON CORPORATION)
O4 - HKLM..\Run: [00PCTFW] C:\Program Files\PC Tools Firewall Plus\FirewallGUI.exe (PC Tools)
O4 - HKLM..\Run: [Cpqset] C:\Program Files\HPQ\Default Settings\Cpqset.exe ()
O4 - HKLM..\Run: [eabconfg.cpl] C:\Program Files\HPQ\Quick Launch Buttons\EabServr.exe (Hewlett-Packard )
O4 - HKLM..\Run: [EPSON Stylus CX6600 Series] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATI9EE.EXE (SEIKO EPSON CORPORATION)
O4 - HKLM..\Run: [EPSON Stylus CX6600 Series (Copy 1)] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATI9EE.EXE (SEIKO EPSON CORPORATION)
O4 - HKLM..\Run: [InCD] C:\Program Files\Ahead\InCD\InCD.exe (Ahead Software AG)
O4 - HKLM..\Run: [LSBWatcher] c:\hp\drivers\hplsbwatcher\LSBurnWatcher.exe (Hewlett-Packard Company)
O4 - HKLM..\Run: [MSC] c:\Program Files\Microsoft Security Client\msseces.exe (Microsoft Corporation)
O4 - HKLM..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe (Ahead Software Gmbh)
O4 - HKLM..\Run: [SoundMAXPnP] C:\Program Files\Analog Devices\SoundMAX\SMax4PNP.exe (Analog Devices, Inc.)
O4 - HKCU..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe (Safer-Networking Ltd.)
O4 - HKCU..\Run: [Spyware Doctor] File not found
O4 - HKCU..\Run: [SsAAD.exe] C:\Program Files\Sony\SonicStage\SSAAD.exe ()
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Bluetooth.lnk = C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe (Broadcom Corporation.)
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office\OSA9.EXE (Microsoft Corporation)
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Microsoft Works Calendar Reminders.lnk = C:\WINDOWS\Installer\{F128BA10-362E-11D3-81AB-00C04FB932BA}\4EBD23F5.exe ()
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\VideoCam Suite.lnk = C:\Program Files\Common Files\Panasonic\VideoCam Suite AutoStart\VideoCamSuiteAutoStart.exe (Panasonic Corporation)
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\WinZip Quick Pick.lnk = C:\Program Files\WinZip\WZQKPICK.EXE (WinZip Computing, S.L.)
O4 - Startup: C:\Documents and Settings\David Roberts\Start Menu\Programs\Startup\ERUNT AutoBackup.lnk = C:\Program Files\ERUNT\AUTOBACK.EXE ()
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoCDBurning = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O8 - Extra context menu item: Google Sidewiki... - C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_D183CA64F05FDD98.dll (Google Inc.)
O8 - Extra context menu item: Send to &Bluetooth Device... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm ()
O8 - Extra context menu item: Send To Bluetooth - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O9 - Extra Button: Skype Plug-In - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra 'Tools' menuitem : Skype Plug-In - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra Button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O9 - Extra 'Tools' menuitem : @btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O9 - Extra 'Tools' menuitem : Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - C:\WINDOWS\system32\nwprovau.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000005 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O15 - HKCU\..Trusted Domains: autotrader.co.uk ([www] https in Trusted sites)
O16 - DPF: {166B1BCA-3F9C-11CF-8075-444553540000} http://fpdownload.macromedia.com/pub/shockwave/cabs/director/sw.cab (Shockwave ActiveX Control)
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} http://go.microsoft.com/fwlink/?linkid=39204 (Windows Genuine Advantage Validation Tool)
O16 - DPF: {1B735B98-8010-11D5-AD0B-00500463D885} http://www.partsarena.co.uk/baxi/Plugins/IMIESRCH.cab (SearchCD Control)
O16 - DPF: {233C1507-6A77-46A4-9443-F871F945D258} http://download.macromedia.com/pub/shockwave/cabs/director/sw.cab (Shockwave ActiveX Control)
O16 - DPF: {36C17E9B-3354-11D1-95CF-0000B4530F04} http://www.partsarena.com/baxi/Plugins/GFXVIEW.cab (GrafixViewControl)
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} Reg Error: Value error. (Reg Error: Key error.)
O16 - DPF: {5ED80217-570B-4DA9-BF44-BE107C0EC166} Reg Error: Value error. (Reg Error: Key error.)
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} http://update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1240350071421 (WUWebControl Class)
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} http://update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1240349950203 (MUWebControl Class)
O16 - DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} http://download.eset.com/special/eos-beta/OnlineScanner.cab (OnlineScanner Control)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_19-windows-i586.cab (Java Plug-in 1.6.0_19)
O16 - DPF: {CAFEEFAC-0016-0000-0019-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_19-windows-i586.cab (Java Plug-in 1.6.0_19)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload.macromedia.com/get/flashplayer/current/swflash.cab (Shockwave Flash Object)
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab (Reg Error: Key error.)
O16 - DPF: Garmin Communicator Plug-In https://static.garmincdn.com/gcp/ie/2.9.3.0/GarminAxControl.CAB (Reg Error: Key error.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.0.1
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - Winlogon\Notify\avgrsstarter: DllName - Reg Error: Value error. - Reg Error: Value error. File not found
O20 - Winlogon\Notify\igfxcui: DllName - igfxsrvc.dll - C:\WINDOWS\System32\igfxsrvc.dll (Intel Corporation)
O32 - HKLM CDRom: AutoRun - 1
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

========== Files/Folders - Created Within 30 Days ==========

[2011/05/19 19:45:53 | 016,409,960 | ---- | C] (Safer Networking Limited ) -- C:\Documents and Settings\David Roberts\Desktop\spybotsd162.exe
[2011/05/18 23:25:21 | 000,000,000 | ---D | C] -- C:\_OTL
[2011/05/18 23:22:42 | 000,580,608 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\David Roberts\Desktop\OTL.exe
[2011/05/16 22:30:51 | 000,000,000 | ---D | C] -- C:\Documents and Settings\LocalService\Local Settings\Application Data\PCHealth
[2011/05/16 22:01:07 | 000,222,080 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\MpSigStub.exe
[2011/05/16 21:55:04 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Security Client
[2011/05/16 21:52:16 | 007,866,472 | ---- | C] (Microsoft Corporation) -- C:\Documents and Settings\David Roberts\Desktop\mseinstall.exe
[2011/05/16 00:54:25 | 000,000,000 | ---D | C] -- C:\Documents and Settings\David Roberts\Application Data\PCToolsFirewallPlus
[2011/05/16 00:53:48 | 000,218,592 | ---- | C] (PC Tools) -- C:\WINDOWS\System32\drivers\PCTCore.sys
[2011/05/16 00:53:47 | 000,160,448 | ---- | C] (PC Tools) -- C:\WINDOWS\System32\drivers\PCTAppEvent.sys
[2011/05/16 00:53:46 | 000,249,616 | ---- | C] (PC Tools) -- C:\WINDOWS\System32\drivers\pctgntdi.sys
[2011/05/16 00:52:14 | 000,089,192 | ---- | C] (PC Tools) -- C:\WINDOWS\System32\drivers\pctNdis-PacketFilter.sys
[2011/05/16 00:52:14 | 000,057,536 | ---- | C] (PC Tools) -- C:\WINDOWS\System32\drivers\pctNdis.sys
[2011/05/16 00:52:14 | 000,032,808 | ---- | C] (PC Tools) -- C:\WINDOWS\System32\drivers\pctNdis-DNS.sys
[2011/05/16 00:52:14 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\PC Tools Firewall Plus
[2011/05/16 00:52:14 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\PC Tools
[2011/05/16 00:52:12 | 000,124,992 | ---- | C] (PC Tools) -- C:\WINDOWS\System32\drivers\pctplfw.sys
[2011/05/16 00:52:11 | 000,000,000 | ---D | C] -- C:\Program Files\PC Tools Firewall Plus
[2011/05/16 00:50:28 | 010,234,024 | ---- | C] ( ) -- C:\Documents and Settings\David Roberts\Desktop\fwinstall.exe
[2011/05/16 00:35:36 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\SpywareBlaster
[2011/05/16 00:35:35 | 000,000,000 | ---D | C] -- C:\Program Files\SpywareBlaster
[2011/05/16 00:34:23 | 003,194,296 | ---- | C] (Javacool Software LLC ) -- C:\Documents and Settings\David Roberts\Desktop\spywareblastersetup44.exe
[2011/05/15 21:44:41 | 000,000,000 | -HSD | C] -- C:\RECYCLER
[2011/05/15 18:07:37 | 000,000,000 | ---D | C] -- C:\Program Files\ESET
[2011/05/15 15:16:21 | 000,000,000 | ---D | C] -- C:\WINDOWS\temp
[2011/05/14 12:50:01 | 000,000,000 | ---D | C] -- C:\WINDOWS\pss
[2011/05/14 11:26:15 | 000,000,000 | ---D | C] -- C:\Program Files\Perfect Uninstaller
[2011/05/13 01:14:40 | 000,000,000 | ---D | C] -- C:\WINDOWS\Minidump
[2011/05/13 01:05:24 | 000,000,000 | RHSD | C] -- C:\cmdcons
[2011/05/11 20:59:05 | 000,589,632 | ---- | C] (AVAST Software) -- C:\Documents and Settings\David Roberts\Desktop\aswMBR.exe
[2011/05/08 13:49:29 | 000,000,000 | ---D | C] -- C:\WINDOWS\ERDNT
[2011/05/08 13:48:25 | 000,000,000 | ---D | C] -- C:\Program Files\ERUNT
[2011/05/08 13:48:25 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\ERUNT
[2011/05/08 13:46:37 | 000,791,393 | ---- | C] (Lars Hederer ) -- C:\Documents and Settings\David Roberts\Desktop\erunt-setup.exe
[2011/05/06 19:03:48 | 000,038,224 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbamswissarmy.sys
[2011/05/06 19:03:48 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Malwarebytes' Anti-Malware
[2011/05/06 19:03:43 | 000,020,952 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbam.sys
[2011/05/06 19:03:43 | 000,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware
[2011/05/05 19:24:55 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\PC Tools
[5 C:\Documents and Settings\David Roberts\My Documents\*.tmp files -> C:\Documents and Settings\David Roberts\My Documents\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2011/05/19 23:45:12 | 000,000,438 | -H-- | M] () -- C:\WINDOWS\tasks\User_Feed_Synchronization-{2F101100-00B3-42AC-896F-CF4BCEB79A51}.job
[2011/05/19 23:45:00 | 000,000,444 | -H-- | M] () -- C:\WINDOWS\tasks\User_Feed_Synchronization-{27FF52A0-9509-4DD6-A1FD-E8ADFEA13033}.job
[2011/05/19 23:10:01 | 000,000,886 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
[2011/05/19 22:48:53 | 000,030,724 | ---- | M] () -- C:\Documents and Settings\David Roberts\Application Data\wklnhst.dat
[2011/05/19 22:21:38 | 000,000,868 | ---- | M] () -- C:\WINDOWS\tasks\Google Software Updater.job
[2011/05/19 20:43:13 | 000,000,424 | -H-- | M] () -- C:\WINDOWS\tasks\MP Scheduled Scan.job
[2011/05/19 20:39:36 | 000,002,565 | ---- | M] () -- C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Microsoft Works Calendar Reminders.lnk
[2011/05/19 20:39:18 | 000,001,158 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2011/05/19 20:38:21 | 000,000,882 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
[2011/05/19 20:37:55 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2011/05/19 20:37:54 | 2137,509,888 | -HS- | M] () -- C:\hiberfil.sys
[2011/05/19 19:50:57 | 000,000,933 | ---- | M] () -- C:\Documents and Settings\David Roberts\Desktop\Spybot - Search & Destroy.lnk
[2011/05/19 19:45:53 | 016,409,960 | ---- | M] (Safer Networking Limited ) -- C:\Documents and Settings\David Roberts\Desktop\spybotsd162.exe
[2011/05/18 23:22:47 | 000,580,608 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\David Roberts\Desktop\OTL.exe
[2011/05/16 21:55:57 | 000,001,945 | ---- | M] () -- C:\WINDOWS\epplauncher.mif
[2011/05/16 21:52:16 | 007,866,472 | ---- | M] (Microsoft Corporation) -- C:\Documents and Settings\David Roberts\Desktop\mseinstall.exe
[2011/05/16 19:47:46 | 000,001,729 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Adobe Reader 9.lnk
[2011/05/16 01:07:01 | 000,326,704 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2011/05/16 00:50:28 | 010,234,024 | ---- | M] ( ) -- C:\Documents and Settings\David Roberts\Desktop\fwinstall.exe
[2011/05/16 00:35:36 | 000,000,690 | ---- | M] () -- C:\Documents and Settings\David Roberts\Desktop\SpywareBlaster.lnk
[2011/05/16 00:34:36 | 003,194,296 | ---- | M] (Javacool Software LLC ) -- C:\Documents and Settings\David Roberts\Desktop\spywareblastersetup44.exe
[2011/05/15 21:44:41 | 000,000,098 | ---- | M] () -- C:\WINDOWS\System32\drivers\etc\Hosts
[2011/05/15 14:55:28 | 000,000,327 | RHS- | M] () -- C:\boot.ini
[2011/05/14 11:26:24 | 000,000,042 | ---- | M] () -- C:\WINDOWS\System32\AK083E209605E394C.lie
[2011/05/14 09:18:10 | 000,001,374 | ---- | M] () -- C:\WINDOWS\imsins.BAK
[2011/05/14 09:01:46 | 000,441,772 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
[2011/05/14 09:01:46 | 000,071,708 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
[2011/05/13 22:12:00 | 000,001,813 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Google Chrome.lnk
[2011/05/12 23:15:58 | 000,004,624 | ---- | M] () -- C:\Documents and Settings\David Roberts\Desktop\attachtext.zip
[2011/05/11 21:00:30 | 000,000,512 | ---- | M] () -- C:\Documents and Settings\David Roberts\Desktop\MBR.dat
[2011/05/11 20:59:06 | 000,589,632 | ---- | M] (AVAST Software) -- C:\Documents and Settings\David Roberts\Desktop\aswMBR.exe
[2011/05/11 20:58:15 | 000,000,133 | ---- | M] () -- C:\Documents and Settings\David Roberts\Desktop\Regfix.reg
[2011/05/08 14:35:22 | 000,004,439 | ---- | M] () -- C:\Documents and Settings\David Roberts\Desktop\Attach Text.zip
[2011/05/08 13:48:56 | 000,000,767 | ---- | M] () -- C:\Documents and Settings\David Roberts\Start Menu\Programs\Startup\ERUNT AutoBackup.lnk
[2011/05/08 13:48:25 | 000,000,611 | ---- | M] () -- C:\Documents and Settings\David Roberts\Desktop\NTREGOPT.lnk
[2011/05/08 13:48:25 | 000,000,592 | ---- | M] () -- C:\Documents and Settings\David Roberts\Desktop\ERUNT.lnk
[2011/05/08 13:46:39 | 000,791,393 | ---- | M] (Lars Hederer ) -- C:\Documents and Settings\David Roberts\Desktop\erunt-setup.exe
[2011/05/08 13:39:34 | 000,000,241 | ---- | M] () -- C:\Documents and Settings\David Roberts\Desktop\Safer-Networking Forums.url
[2011/05/07 17:34:03 | 000,005,007 | ---- | M] () -- C:\Documents and Settings\David Roberts\Desktop\AFC COLWYN AFC Colwyn Under 8s.url
[2011/05/06 19:03:49 | 000,000,784 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Malwarebytes' Anti-Malware.lnk
[2011/05/05 19:30:39 | 000,668,800 | ---- | M] () -- C:\WINDOWS\System32\drivers\Cat.DB
[2011/04/25 17:58:42 | 000,485,360 | ---- | M] () -- C:\Documents and Settings\David Roberts\My Documents\ultrastore.pdf
[5 C:\Documents and Settings\David Roberts\My Documents\*.tmp files -> C:\Documents and Settings\David Roberts\My Documents\*.tmp -> ]

========== Files Created - No Company Name ==========

[2011/05/19 19:50:57 | 000,000,933 | ---- | C] () -- C:\Documents and Settings\David Roberts\Desktop\Spybot - Search & Destroy.lnk
[2011/05/16 22:00:42 | 000,000,424 | -H-- | C] () -- C:\WINDOWS\tasks\MP Scheduled Scan.job
[2011/05/16 21:55:57 | 000,001,945 | ---- | C] () -- C:\WINDOWS\epplauncher.mif
[2011/05/16 21:55:23 | 000,001,680 | ---- | C] () -- C:\Documents and Settings\All Users\Start Menu\Programs\Microsoft Security Essentials.lnk
[2011/05/16 19:46:31 | 000,001,729 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Adobe Reader 9.lnk
[2011/05/16 19:46:30 | 000,002,347 | ---- | C] () -- C:\Documents and Settings\All Users\Start Menu\Programs\Adobe Reader 9.lnk
[2011/05/16 00:35:36 | 000,000,690 | ---- | C] () -- C:\Documents and Settings\David Roberts\Desktop\SpywareBlaster.lnk
[2011/05/15 15:56:23 | 2137,509,888 | -HS- | C] () -- C:\hiberfil.sys
[2011/05/14 11:26:24 | 000,000,042 | ---- | C] () -- C:\WINDOWS\System32\AK083E209605E394C.lie
[2011/05/13 01:05:43 | 000,000,211 | ---- | C] () -- C:\Boot.bak
[2011/05/13 01:05:33 | 000,260,272 | RHS- | C] () -- C:\cmldr
[2011/05/12 23:15:58 | 000,004,624 | ---- | C] () -- C:\Documents and Settings\David Roberts\Desktop\attachtext.zip
[2011/05/11 21:00:30 | 000,000,512 | ---- | C] () -- C:\Documents and Settings\David Roberts\Desktop\MBR.dat
[2011/05/11 20:58:15 | 000,000,133 | ---- | C] () -- C:\Documents and Settings\David Roberts\Desktop\Regfix.reg
[2011/05/08 14:35:22 | 000,004,439 | ---- | C] () -- C:\Documents and Settings\David Roberts\Desktop\Attach Text.zip
[2011/05/08 13:48:56 | 000,000,767 | ---- | C] () -- C:\Documents and Settings\David Roberts\Start Menu\Programs\Startup\ERUNT AutoBackup.lnk
[2011/05/08 13:48:25 | 000,000,611 | ---- | C] () -- C:\Documents and Settings\David Roberts\Desktop\NTREGOPT.lnk
[2011/05/08 13:48:25 | 000,000,592 | ---- | C] () -- C:\Documents and Settings\David Roberts\Desktop\ERUNT.lnk
[2011/05/08 13:39:34 | 000,000,241 | ---- | C] () -- C:\Documents and Settings\David Roberts\Desktop\Safer-Networking Forums.url
[2011/05/06 19:03:49 | 000,000,784 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Malwarebytes' Anti-Malware.lnk
[2011/05/05 19:30:20 | 000,668,800 | ---- | C] () -- C:\WINDOWS\System32\drivers\Cat.DB
[2011/04/25 17:58:42 | 000,485,360 | ---- | C] () -- C:\Documents and Settings\David Roberts\My Documents\ultrastore.pdf
[2010/12/13 00:05:52 | 000,000,056 | -H-- | C] () -- C:\WINDOWS\System32\ezsidmv.dat
[2010/12/12 23:40:11 | 000,040,960 | R--- | C] () -- C:\WINDOWS\CleanDev.exe
[2010/12/12 18:55:22 | 000,200,704 | ---- | C] () -- C:\WINDOWS\sel3110.exe
[2010/12/12 18:55:22 | 000,032,528 | ---- | C] () -- C:\WINDOWS\amcap.exe
[2010/08/19 23:52:40 | 000,300,632 | ---- | C] () -- C:\Documents and Settings\LocalService\Local Settings\Application Data\FontCache3.0.0.0.dat
[2010/07/13 07:31:10 | 000,005,214 | ---- | C] () -- C:\WINDOWS\wininit.ini
[2010/07/12 17:15:33 | 000,000,552 | ---- | C] () -- C:\WINDOWS\System32\d3d8caps.dat
[2010/07/06 00:32:44 | 000,000,120 | ---- | C] () -- C:\WINDOWS\Aqeyujek.dat
[2010/07/06 00:32:44 | 000,000,000 | ---- | C] () -- C:\WINDOWS\Fcazogev.bin
[2009/12/28 14:38:00 | 000,062,732 | -H-- | C] () -- C:\WINDOWS\System32\mlfcache.dat
[2009/11/09 03:08:10 | 000,974,848 | ---- | C] () -- C:\WINDOWS\System32\cis-2.4.dll
[2009/11/09 03:08:10 | 000,081,920 | ---- | C] () -- C:\WINDOWS\System32\issacapi_bs-2.3.dll
[2009/11/09 03:08:10 | 000,065,536 | ---- | C] () -- C:\WINDOWS\System32\issacapi_pe-2.3.dll
[2009/11/09 03:08:10 | 000,057,344 | ---- | C] () -- C:\WINDOWS\System32\issacapi_se-2.3.dll
[2009/10/19 23:29:22 | 000,002,528 | ---- | C] () -- C:\Documents and Settings\David Roberts\Application Data\$_hpcst$.hpc
[2009/10/19 22:12:04 | 000,110,592 | ---- | C] () -- C:\WINDOWS\System32\FsUsbExDevice.Dll
[2009/10/19 22:12:04 | 000,036,640 | ---- | C] () -- C:\WINDOWS\System32\FsUsbExDisk.Sys
[2009/10/12 21:59:02 | 000,019,456 | ---- | C] () -- C:\Documents and Settings\David Roberts\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2009/08/31 14:00:22 | 000,021,504 | ---- | C] () -- C:\WINDOWS\System32\WBCustomizer.dll
[2009/08/31 14:00:21 | 000,185,344 | ---- | C] () -- C:\WINDOWS\System32\MemWarp.dll
[2009/02/01 21:19:50 | 000,007,680 | ---- | C] () -- C:\WINDOWS\System32\ff_vfw.dll
[2009/02/01 21:19:47 | 000,348,160 | ---- | C] () -- C:\WINDOWS\System32\cdga.dll
[2008/12/28 23:28:29 | 000,000,664 | ---- | C] () -- C:\WINDOWS\System32\d3d9caps.dat
[2008/10/14 16:05:42 | 000,014,800 | ---- | C] () -- C:\WINDOWS\System32\IMSRCIta.dll
[2008/10/14 16:05:08 | 000,014,800 | ---- | C] () -- C:\WINDOWS\System32\IMSRCFra.dll
[2008/10/14 16:04:36 | 000,014,800 | ---- | C] () -- C:\WINDOWS\System32\IMSRCEsp.dll
[2008/10/14 16:04:02 | 000,014,288 | ---- | C] () -- C:\WINDOWS\System32\IMSRCEng.dll
[2008/10/14 16:03:34 | 000,014,288 | ---- | C] () -- C:\WINDOWS\System32\IMSRCDeu.dll
[2008/10/06 16:49:36 | 000,000,033 | ---- | C] () -- C:\WINDOWS\Tiny_Run.ini
[2008/04/14 14:58:40 | 002,854,912 | ---- | C] () -- C:\WINDOWS\System32\btwicons.dll
[2008/02/18 12:38:02 | 000,691,545 | ---- | C] () -- C:\WINDOWS\unins000.exe
[2008/02/18 12:38:01 | 000,003,452 | ---- | C] () -- C:\WINDOWS\unins000.dat
[2008/01/28 22:35:48 | 000,125,392 | ---- | C] () -- C:\WINDOWS\bw6uinst.exe
[2007/12/30 01:41:21 | 000,000,000 | ---- | C] () -- C:\Documents and Settings\All Users\Application Data\LauncherAccess.dt
[2007/12/30 01:38:45 | 000,005,632 | ---- | C] () -- C:\WINDOWS\System32\drivers\StarOpen.sys
[2007/02/15 23:54:16 | 000,012,288 | ---- | C] () -- C:\WINDOWS\impborl.dll
[2007/02/09 12:05:59 | 000,010,240 | ---- | C] () -- C:\WINDOWS\System32\vidx16.dll
[2006/11/18 00:01:10 | 000,000,032 | ---- | C] () -- C:\WINDOWS\System32\thxcfg.ini
[2006/10/12 00:14:55 | 000,059,392 | R--- | C] () -- C:\WINDOWS\System32\streamhlp.dll
[2006/09/10 18:16:42 | 000,000,376 | ---- | C] () -- C:\WINDOWS\ODBC.INI
[2006/07/16 22:27:17 | 000,520,192 | ---- | C] () -- C:\WINDOWS\System32\CddbPlaylist2Sony.dll
[2006/05/01 21:16:51 | 000,000,283 | ---- | C] () -- C:\WINDOWS\cdplayer.ini
[2006/03/11 21:31:47 | 000,001,755 | ---- | C] () -- C:\Documents and Settings\All Users\Application Data\QTSBandwidthCache
[2006/02/04 18:37:49 | 000,000,335 | ---- | C] () -- C:\WINDOWS\nsreg.dat
[2006/01/24 19:08:29 | 000,012,288 | ---- | C] () -- C:\WINDOWS\System32\DivXWMPExtType.dll
[2006/01/14 23:13:50 | 000,000,000 | ---- | C] () -- C:\WINDOWS\MSDraw.ini
[2006/01/08 21:46:24 | 000,000,029 | ---- | C] () -- C:\WINDOWS\DEBUGSM.INI
[2006/01/08 01:27:33 | 000,030,724 | ---- | C] () -- C:\Documents and Settings\David Roberts\Application Data\wklnhst.dat
[2006/01/08 01:06:13 | 000,096,768 | ---- | C] () -- C:\WINDOWS\SlantAdj.dll
[2006/01/08 01:06:13 | 000,003,136 | ---- | C] () -- C:\WINDOWS\Ade001.bin
[2006/01/08 01:06:13 | 000,000,072 | ---- | C] () -- C:\WINDOWS\System32\epDPE.ini
[2006/01/08 01:05:22 | 000,030,605 | ---- | C] () -- C:\WINDOWS\System32\EPPICPrinterDB.dat
[2006/01/08 01:05:22 | 000,027,030 | ---- | C] () -- C:\WINDOWS\System32\EPPICPattern1.dat
[2006/01/08 01:05:22 | 000,000,022 | ---- | C] () -- C:\WINDOWS\System32\PICSDK.ini
[2006/01/08 01:02:06 | 000,000,025 | ---- | C] () -- C:\WINDOWS\CDE CX6600E.ini
[2005/11/23 05:00:00 | 000,778,240 | ---- | C] () -- C:\WINDOWS\System32\DivXsm.exe
[2005/08/12 22:57:09 | 003,596,288 | ---- | C] () -- C:\WINDOWS\System32\qt-dx331.dll
[2005/08/04 09:08:14 | 000,204,800 | ---- | C] () -- C:\WINDOWS\System32\IVIresizeW7.dll
[2005/08/04 09:08:14 | 000,200,704 | ---- | C] () -- C:\WINDOWS\System32\IVIresizeA6.dll
[2005/08/04 09:08:14 | 000,192,512 | ---- | C] () -- C:\WINDOWS\System32\IVIresizeP6.dll
[2005/08/04 09:08:14 | 000,192,512 | ---- | C] () -- C:\WINDOWS\System32\IVIresizeM6.dll
[2005/08/04 09:08:14 | 000,188,416 | ---- | C] () -- C:\WINDOWS\System32\IVIresizePX.dll
[2005/08/04 09:08:14 | 000,020,480 | ---- | C] () -- C:\WINDOWS\System32\IVIresize.dll
[2005/08/04 08:54:54 | 000,015,669 | ---- | C] () -- C:\WINDOWS\System32\oeminfo.ini
[2005/07/01 12:47:08 | 000,000,000 | ---- | C] () -- C:\WINDOWS\System32\px.ini
[2004/08/07 14:16:54 | 000,002,048 | --S- | C] () -- C:\WINDOWS\bootstat.dat
[2004/08/07 14:16:44 | 000,000,061 | ---- | C] () -- C:\WINDOWS\smscfg.ini
[2004/08/07 14:10:30 | 000,441,772 | ---- | C] () -- C:\WINDOWS\System32\perfh009.dat
[2004/08/07 14:10:30 | 000,071,708 | ---- | C] () -- C:\WINDOWS\System32\perfc009.dat
[2004/08/07 14:10:08 | 000,000,882 | ---- | C] () -- C:\WINDOWS\orun32.ini
[2004/08/07 14:02:54 | 000,326,704 | ---- | C] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2004/08/07 13:57:54 | 000,004,161 | ---- | C] () -- C:\WINDOWS\ODBCINST.INI
[2004/08/07 13:54:58 | 000,021,640 | ---- | C] () -- C:\WINDOWS\System32\emptyregdb.dat
[2004/08/04 09:00:00 | 000,673,088 | ---- | C] () -- C:\WINDOWS\System32\mlang.dat
[2004/08/04 09:00:00 | 000,272,128 | ---- | C] () -- C:\WINDOWS\System32\perfi009.dat
[2004/08/04 09:00:00 | 000,218,003 | ---- | C] () -- C:\WINDOWS\System32\dssec.dat
[2004/08/04 09:00:00 | 000,046,258 | ---- | C] () -- C:\WINDOWS\System32\mib.bin
[2004/08/04 09:00:00 | 000,028,626 | ---- | C] () -- C:\WINDOWS\System32\perfd009.dat
[2004/08/04 09:00:00 | 000,004,569 | ---- | C] () -- C:\WINDOWS\System32\secupd.dat
[2004/08/04 09:00:00 | 000,001,804 | ---- | C] () -- C:\WINDOWS\System32\dcache.bin
[2004/08/04 09:00:00 | 000,000,741 | ---- | C] () -- C:\WINDOWS\System32\noise.dat
[2004/01/13 20:46:34 | 000,172,032 | ---- | C] () -- C:\WINDOWS\System32\tifmicon.dll
[2002/05/28 09:55:42 | 013,107,200 | ---- | C] () -- C:\WINDOWS\System32\oembios.bin
[2002/05/28 09:54:40 | 000,004,605 | ---- | C] () -- C:\WINDOWS\System32\oembios.dat
[2001/11/14 14:56:00 | 001,802,240 | ---- | C] () -- C:\WINDOWS\System32\lcppn21.dll

========== Alternate Data Streams ==========

@Alternate Data Stream - 634462 bytes -> C:\WINDOWS\System32\EPUSB1: (EPSON Stylus CX6600)
@Alternate Data Stream - 109 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:DFC5A2B2
@Alternate Data Stream - 106 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:C31F31E6

< End of report >
 
Hi,

I am looking at markers in your log for AVG and Norton, which program do you want to keep, you should only have one AV , more is overkill and can slow your system down and cause other problems

Let me know what you want to do related to your AV ?
 
Ken,

I would like to start from scratch, does MS Essentils scan e-mail like AVG does?
Its running ok but I'm open to suggestions.

Dave
 
Hi Ken,

:bigthumb: All seems ok, Spybot found the odd bit of spyware/malware :-

19.05.2011 19:53:24 - ##### check started #####
19.05.2011 19:53:24 - ### Version: 1.6.2
19.05.2011 19:53:24 - ### Date: 19/05/2011 19:53:24
19.05.2011 19:53:28 - ##### checking bots #####
19.05.2011 20:02:18 - found: Fraud.Sysguard User settings
19.05.2011 20:05:20 - found: Fraud.Sysguard Settings
19.05.2011 20:30:12 - found: WebTrends live Tracking cookie (Internet Explorer: David Roberts)
19.05.2011 20:30:12 - found: Tradedoubler Tracking cookie (Internet Explorer: David Roberts)
19.05.2011 20:30:12 - found: MediaPlex Tracking cookie (Internet Explorer: David Roberts)
19.05.2011 20:30:17 - ##### check finished #####

I also get a warning box on startup saying 'HP wireless assistant is not supported on this computer'

Regards
Dave
 
You must log in or register to reply here.
Back
Top