Here is OTL LOG FILE : And the Extras posted at the end
OTL logfile created on: 07/05/2010 14:14:16 - Run 1
OTL by OldTimer - Version 3.2.4.1 Folder = C:\Documents and Settings\Lee\Desktop
Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 7.0.5730.13)
Locale: 00000809 | Country: United Kingdom | Language: ENG | Date Format: dd/MM/yyyy
991.00 Mb Total Physical Memory | 484.00 Mb Available Physical Memory | 49.00% Memory free
2.00 Gb Paging File | 1.00 Gb Available in Paging File | 73.00% Paging File free
Paging file location(s): C:\pagefile.sys 720 1440 [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 74.53 Gb Total Space | 2.39 Gb Free Space | 3.21% Space Free | Partition Type: NTFS
D: Drive not present or media not loaded
E: Drive not present or media not loaded
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded
Drive Z: | 232.88 Gb Total Space | 213.88 Gb Free Space | 91.84% Space Free | Partition Type: NTFS
Computer Name: SELECT-09
Current User Name: Lee
Logged in as Administrator.
Current Boot Mode: Normal
Scan Mode: Current user
Company Name Whitelist: Off
Skip Microsoft Files: Off
File Age = 30 Days
Output = Minimal
========== Processes (SafeList) ========== PRC - C:\Documents and Settings\Lee\Desktop\OTL.exe (OldTimer Tools)
PRC - C:\Program Files\Common Files\Real\Update_OB\realsched.exe (RealNetworks, Inc.)
PRC - C:\Program Files\Norton 360\Norton 360\Engine\4.1.0.32\ccSvcHst.exe (Symantec Corporation)
PRC - C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe (Google Inc.)
PRC - C:\Program Files\Microsoft Office\Office10\OUTLOOK.EXE (Microsoft Corporation)
PRC - C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe (Sun Microsystems, Inc.)
PRC - C:\WINDOWS\explorer.exe (Microsoft Corporation)
PRC - C:\WINDOWS\system32\sistray.exe (Silicon Integrated Systems Corporation)
PRC - C:\Program Files\Canon\CAL\CALMAIN.exe (Canon Inc.)
PRC - C:\Program Files\Pinnacle\InstantCDDVD\InstantWrite\iwctrl.exe (Pinnacle Systems GmbH.)
PRC - C:\WINDOWS\SOUNDMAN.EXE (Realtek Semiconductor Corp.)
PRC - C:\WINDOWS\system32\hpzipm12.exe (HP)
PRC - C:\Program Files\Microsoft ActiveSync\wcescomm.exe (Microsoft Corporation)
PRC - C:\Program Files\Common Files\EPSON\EBAPI\eEBSvc.exe ()
========== Modules (SafeList) ========== MOD - C:\Documents and Settings\Lee\Desktop\OTL.exe (OldTimer Tools)
MOD - C:\Program Files\Real\RealPlayer\rpchromebrowserrecordhelper.dll ()
MOD - C:\WINDOWS\system32\msvcr71.dll (Microsoft Corporation)
MOD - C:\Program Files\Norton 360\Norton 360\Engine\4.1.0.32\asOEHook.dll (Symantec Corporation)
MOD - C:\Program Files\Norton 360\Norton 360\Engine\4.1.0.32\Microsoft.VC90.CRT\msvcr90.dll (Microsoft Corporation)
MOD - C:\Program Files\Norton 360\Norton 360\Engine\4.1.0.32\Microsoft.VC90.CRT\msvcp90.dll (Microsoft Corporation)
MOD - C:\WINDOWS\system32\msscript.ocx (Microsoft Corporation)
========== Win32 Services (SafeList) ========== SRV - (N360) -- C:\Program Files\Norton 360\Norton 360\Engine\4.1.0.32\ccSvcHst.exe (Symantec Corporation)
SRV - (GoToAssist) -- C:\Program Files\Citrix\GoToAssist\508\g2aservice.exe (Citrix Online, a division of Citrix Systems, Inc.)
SRV - (CCALib8) -- C:\Program Files\Canon\CAL\CALMAIN.exe (Canon Inc.)
SRV - (Pml Driver HPZ12) -- C:\WINDOWS\system32\hpzipm12.exe (HP)
SRV - (EpsonBidirectionalService) -- C:\Program Files\Common Files\EPSON\EBAPI\eEBSvc.exe ()
========== Driver Services (SafeList) ========== DRV - (BHDrvx86) -- C:\Documents and Settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_4.1.0.32\Definitions\BASHDefs\20100429.001\BHDrvx86.sys (Symantec Corporation)
DRV - (SymEvent) -- C:\WINDOWS\system32\drivers\SYMEVENT.SYS (Symantec Corporation)
DRV - (NAVEX15) -- C:\Documents and Settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_4.1.0.32\Definitions\VirusDefs\20100506.025\NAVEX15.SYS (Symantec Corporation)
DRV - (eeCtrl) -- C:\Program Files\Common Files\Symantec Shared\EENGINE\eeCtrl.sys (Symantec Corporation)
DRV - (EraserUtilRebootDrv) -- C:\Program Files\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys (Symantec Corporation)
DRV - (NAVENG) -- C:\Documents and Settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_4.1.0.32\Definitions\VirusDefs\20100506.025\NAVENG.SYS (Symantec Corporation)
DRV - (SymIRON) -- C:\WINDOWS\system32\drivers\N360\0401000.020\Ironx86.SYS (Symantec Corporation)
DRV - (SRTSP) -- C:\WINDOWS\system32\drivers\N360\0401000.020\SRTSP.SYS (Symantec Corporation)
DRV - (SRTSPX) Symantec Real Time Storage Protection (PEL) -- C:\WINDOWS\system32\drivers\N360\0401000.020\SRTSPX.SYS (Symantec Corporation)
DRV - (ccHP) -- C:\WINDOWS\system32\drivers\N360\0401000.020\ccHPx86.sys (Symantec Corporation)
DRV - (SYMTDI) -- C:\WINDOWS\system32\drivers\N360\0401000.020\SYMTDI.SYS (Symantec Corporation)
DRV - (SymEFA) -- C:\WINDOWS\system32\drivers\N360\0401000.020\SYMEFA.SYS (Symantec Corporation)
DRV - (SymDS) -- C:\WINDOWS\system32\drivers\N360\0401000.020\SYMDS.SYS (Symantec Corporation)
DRV - (IDSxpx86) -- C:\Documents and Settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_4.1.0.32\Definitions\IPSDefs\20100429.001\IDSXpx86.sys (Symantec Corporation)
DRV - (61883) -- C:\WINDOWS\system32\drivers\61883.sys (Microsoft Corporation)
DRV - (Avc) -- C:\WINDOWS\system32\drivers\avc.sys (Microsoft Corporation)
DRV - (MSDV) -- C:\WINDOWS\system32\drivers\msdv.sys (Microsoft Corporation)
DRV - (usbaudio) USB Audio Driver (WDM) -- C:\WINDOWS\system32\drivers\usbaudio.sys (Microsoft Corporation)
DRV - (amdagp) -- C:\WINDOWS\system32\DRIVERS\amdagp.sys (Advanced Micro Devices, Inc.)
DRV - (iaStor) -- C:\WINDOWS\system32\DRIVERS\iaStor.sys (Intel Corporation)
DRV - (SiSkp) -- C:\WINDOWS\system32\drivers\srvkp.sys (Silicon Integrated Systems Corporation)
DRV - (SiS315) -- C:\WINDOWS\system32\drivers\sisgrp.sys (Silicon Integrated Systems Corporation)
DRV - (Aspi32) -- C:\WINDOWS\system32\drivers\aspi32.sys (Adaptec)
DRV - (ALCXWDM) Service for Realtek AC97 Audio (WDM) -- C:\WINDOWS\system32\drivers\ALCXWDM.SYS (Realtek Semiconductor Corp.)
DRV - (MarvinBus) -- C:\WINDOWS\system32\drivers\MarvinBus.sys (Pinnacle Systems GmbH)
DRV - (cdrdrv) -- C:\WINDOWS\system32\drivers\Cdrdrv.sys (Pinnacle Systems GmbH)
DRV - (PCLEPCI) -- C:\WINDOWS\system32\drivers\Pclepci.sys (Pinnacle Systems GmbH)
DRV - (vobiw) -- C:\WINDOWS\system32\drivers\vobIW.sys (Pinnacle Systems GmbH)
DRV - (adpu320) -- C:\WINDOWS\system32\DRIVERS\adpu320.sys (Adaptec, Inc.)
DRV - (ASAPIW2K) -- C:\WINDOWS\system32\drivers\asapiW2k.sys (Pinnacle Systems GmbH)
DRV - (AN983) -- C:\WINDOWS\system32\drivers\an983.sys (ADMtek Incorporated.)
DRV - (Sparrow) -- C:\WINDOWS\system32\DRIVERS\sparrow.sys (Adaptec, Inc.)
DRV - (sym_u3) -- C:\WINDOWS\system32\DRIVERS\sym_u3.sys (LSI Logic)
DRV - (sym_hi) -- C:\WINDOWS\system32\DRIVERS\sym_hi.sys (LSI Logic)
DRV - (symc8xx) -- C:\WINDOWS\system32\DRIVERS\symc8xx.sys (LSI Logic)
DRV - (symc810) -- C:\WINDOWS\system32\DRIVERS\symc810.sys (Symbios Logic Inc.)
DRV - (ultra) -- C:\WINDOWS\system32\DRIVERS\ultra.sys (Promise Technology, Inc.)
DRV - (ql12160) -- C:\WINDOWS\system32\DRIVERS\ql12160.sys (QLogic Corporation)
DRV - (ql1080) -- C:\WINDOWS\system32\DRIVERS\ql1080.sys (QLogic Corporation)
DRV - (ql1280) -- C:\WINDOWS\system32\DRIVERS\ql1280.sys (QLogic Corporation)
DRV - (dac2w2k) -- C:\WINDOWS\system32\DRIVERS\dac2w2k.sys (Mylex Corporation)
DRV - (mraid35x) -- C:\WINDOWS\system32\DRIVERS\mraid35x.sys (American Megatrends Inc.)
DRV - (asc) -- C:\WINDOWS\system32\DRIVERS\asc.sys (Advanced System Products, Inc.)
DRV - (asc3550) -- C:\WINDOWS\system32\DRIVERS\asc3550.sys (Advanced System Products, Inc.)
DRV - (AliIde) -- C:\WINDOWS\system32\DRIVERS\aliide.sys (Acer Laboratories Inc.)
DRV - (CmdIde) -- C:\WINDOWS\system32\DRIVERS\cmdide.sys (CMD Technology, Inc.)
========== Standard Registry (SafeList) ========== ========== Internet Explorer ========== IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,SearchMigratedDefaultName = Google
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,SearchMigratedDefaultURL =
http://www.google.com/search?q={searchTerms}&sourceid=ie7&rls=com.microsoft:en-US&ie=utf8&oe=utf8
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page =
http://home.endeavour.co.uk/IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
========== FireFox ========== FF - prefs.js..extensions.enabledItems: {1A5CF3E8-DDB2-4E9F-BDFF-3585E2905B12}:1.9.1
FF - prefs.js..extensions.enabledItems: {ABDE892B-13A8-4d1b-88E6-365A6E755758}:1.0
FF - prefs.js..extensions.enabledItems: {BBDA0591-3099-440a-AA10-41764D9DB4DB}:2.0
FF - prefs.js..extensions.enabledItems: {2D3F3651-74B9-4795-BDEC-6DA2F431CB62}:4.6
FF - HKLM\software\mozilla\Firefox\Extensions\\{1A5CF3E8-DDB2-4E9F-BDFF-3585E2905B12}: C:\Documents and Settings\Lee\Local Settings\Application Data\{1A5CF3E8-DDB2-4E9F-BDFF-3585E2905B12} [2009/12/12 15:20:45 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Firefox\Extensions\\{ABDE892B-13A8-4d1b-88E6-365A6E755758}: C:\Program Files\Real\RealPlayer\browserrecord [2010/04/23 15:07:31 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Firefox\Extensions\\{BBDA0591-3099-440a-AA10-41764D9DB4DB}: C:\Documents and Settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_4.1.0.32\IPSFFPlgn\ [2010/04/29 16:31:39 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Firefox\Extensions\\{2D3F3651-74B9-4795-BDEC-6DA2F431CB62}: C:\Documents and Settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_4.1.0.32\coFFPlgn\ [2010/04/29 13:46:00 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Flock\Extensions\\Plugins: C:\Program Files\Flock\flock\plugins [2010/04/23 15:07:38 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Flock\Extensions\\Components: C:\Program Files\Flock\flock\components [2010/04/23 15:07:17 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.3\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2010/05/03 10:19:15 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.3\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2010/04/27 08:45:53 | 000,000,000 | ---D | M]
[2008/07/28 17:35:56 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Lee\Application Data\Mozilla\Extensions
[2010/05/05 10:06:50 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Lee\Application Data\Mozilla\Firefox\Profiles\jryr85ce.default\extensions
[2010/05/01 15:54:20 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Documents and Settings\Lee\Application Data\Mozilla\Firefox\Profiles\jryr85ce.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}
[2010/05/05 10:06:50 | 000,000,000 | ---D | M] -- C:\Program Files\Mozilla Firefox\extensions
[2010/04/01 17:56:49 | 000,001,538 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\amazon-en-GB.xml
[2010/04/01 17:56:50 | 000,000,947 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\chambers-en-GB.xml
[2010/04/01 17:56:50 | 000,000,769 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\eBay-en-GB.xml
[2010/04/01 17:56:50 | 000,001,135 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\yahoo-en-GB.xml
O1 HOSTS File: ([2010/05/05 13:57:33 | 000,000,027 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (Adobe PDF Reader Link Helper) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
O2 - BHO: (RealPlayer Download and Record Plugin for Internet Explorer) - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Program Files\Real\RealPlayer\rpbrowserrecordplugin.dll (RealPlayer)
O2 - BHO: (Symantec NCO BHO) - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files\Norton 360\Norton 360\Engine\4.1.0.32\CoIEPlg.dll (Symantec Corporation)
O2 - BHO: (Symantec Intrusion Prevention) - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files\Norton 360\Norton 360\Engine\4.1.0.32\IPSBHO.dll (Symantec Corporation)
O2 - BHO: (SSVHelper Class) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll (Sun Microsystems, Inc.)
O2 - BHO: (Google Toolbar Helper) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
O2 - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.5.4723.1820\swg.dll (Google Inc.)
O3 - HKLM\..\Toolbar: (Google Toolbar) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
O3 - HKLM\..\Toolbar: (Norton Toolbar) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files\Norton 360\Norton 360\Engine\4.1.0.32\CoIEPlg.dll (Symantec Corporation)
O3 - HKCU\..\Toolbar\ShellBrowser: (no name) - {C4069E3A-68F1-403E-B40E-20066696354B} - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (Google Toolbar) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
O3 - HKCU\..\Toolbar\WebBrowser: (Norton Toolbar) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files\Norton 360\Norton 360\Engine\4.1.0.32\CoIEPlg.dll (Symantec Corporation)
O4 - HKLM..\Run: [PinnacleDriverCheck] C:\WINDOWS\System32\\PSDrvCheck.exe ()
O4 - HKLM..\Run: [SiSPower] C:\WINDOWS\System32\SiSPower.dll (Silicon Integrated Systems Corporation)
O4 - HKLM..\Run: [SoundMan] C:\WINDOWS\SOUNDMAN.EXE (Realtek Semiconductor Corp.)
O4 - HKLM..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe (Sun Microsystems, Inc.)
O4 - HKLM..\Run: [TkBellExe] C:\Program Files\Common Files\Real\Update_OB\realsched.exe (RealNetworks, Inc.)
O4 - HKCU..\Run: [H/PC Connection Agent] C:\Program Files\Microsoft ActiveSync\WCESCOMM.EXE (Microsoft Corporation)
O4 - HKCU..\Run: [IW_Drop_Icon] C:\Program Files\Pinnacle\InstantCDDVD\InstantWrite\iwctrl.exe (Pinnacle Systems GmbH.)
O4 - HKCU..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe (Google Inc.)
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\EPSON Status Monitor 3 Environment Check(3).lnk = C:\WINDOWS\system32\spool\drivers\w32x86\3\E_SRCV03.EXE (SEIKO EPSON CORPORATION)
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE (Microsoft Corporation)
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Utility Tray.lnk = C:\WINDOWS\system32\sistray.exe (Silicon Integrated Systems Corporation)
O4 - Startup: C:\Documents and Settings\Lee\Start Menu\Programs\Startup\MailWasherPro.lnk = C:\Program Files\FireTrust\MailWasher Pro\MailWasher.exe File not found
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O8 - Extra context menu item: Add to Google Photos Screensa&ver - C:\WINDOWS\System32\GPhotos.scr (Google Inc.)
O8 - Extra context menu item: E&xport to Microsoft Excel - C:\Program Files\Microsoft Office\Office10\EXCEL.EXE (Microsoft Corporation)
O8 - Extra context menu item: Google Sidewiki... - C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_96D6FF0C6D236BF8.dll (Google Inc.)
O9 - Extra 'Tools' menuitem : Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\npjpi160_07.dll (Sun Microsystems, Inc.)
O9 - Extra Button: Create Mobile Favorite - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\Program Files\Microsoft ActiveSync\inetrepl.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : Create Mobile Favorite... - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Program Files\Microsoft ActiveSync\inetrepl.dll (Microsoft Corporation)
O16 - DPF: {0CCA191D-13A6-4E29-B746-314DEE697D83}
http://upload.facebook.com/controls/200 ... oader5.cab (Facebook Photo Uploader 5 Control)
O16 - DPF: {474F00F5-3853-492C-AC3A-476512BBC336}
http://picasaweb.google.com/s/v/25.18/uploader2.cab (UploadListView Class)
O16 - DPF: {6A344D34-5231-452A-8A57-D064AC9B7862}
https://webdl.symantec.com/activex/symdlmgr.cab (Symantec Download Manager)
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3}
http://www.update.microsoft.com/microso ... 2229050421 (MUWebControl Class)
O16 - DPF: {8100D56A-5661-482C-BEE8-AFECE305D968}
http://upload.facebook.com/controls/200 ... ader55.cab (Facebook Photo Uploader 5 Control)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93}
http://dl8-cdn-01.sun.com/s/ESD44/JSCDL ... 586-jc.cab (Java Plug-in 1.6.0_07)
O16 - DPF: {CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA}
http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_07)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA}
http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_07)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000}
http://download.macromedia.com/pub/shoc ... wflash.cab (Shockwave Flash Object)
O16 - DPF: {E77F23EB-E7AB-4502-8F37-247DBAF1A147}
http://gfx2.hotmail.com/mail/w4/pr01/ph ... NPUpld.cab (Windows Live Hotmail Photo Upload Tool)
O16 - DPF: {E87F6C8E-16C0-11D3-BEF7-009027438003}
http://selectworld.squarespace.com/univ ... Upload.ocx (Persits Software XUpload)
O16 - DPF: {FEE1002D-90A5-4A5D-AABE-01803FFBCF7A}
http://ps.itv.mop.com/dn/files/pCastCtl ... signed.cab (pCastPanel Class)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.0.1
O18 - Protocol\Handler\mctp {d7b95390-b1c5-11d0-b111-0080c712fe82} - C:\Program Files\Microsoft ActiveSync\aatp.dll (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - Winlogon\Notify\GoToAssist: DllName - C:\Program Files\Citrix\GoToAssist\508\G2AWinLogon.dll - C:\Program Files\Citrix\GoToAssist\508\g2awinlogon.dll (Citrix Online, a division of Citrix Systems, Inc.)
O24 - Desktop WallPaper: C:\Documents and Settings\Lee\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O24 - Desktop BackupWallPaper: C:\Documents and Settings\Lee\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2006/10/18 12:15:05 | 000,000,095 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = ComFile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
NetSvcs: 6to4 - File not found
NetSvcs: Ias - C:\WINDOWS\system32\ias [2005/10/26 19:58:09 | 000,000,000 | ---D | M]
NetSvcs: Iprip - File not found
NetSvcs: Irmon - File not found
NetSvcs: NWCWorkstation - File not found
NetSvcs: Nwsapagent - File not found
NetSvcs: WmdmPmSp - File not found
CREATERESTOREPOINT
Restore point Set: OTL Restore Point (17465059307421696)
========== Files/Folders - Created Within 30 Days ========== [2010/05/07 14:09:08 | 000,570,880 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\Lee\Desktop\OTL.exe
[2010/05/06 14:07:51 | 000,000,000 | -HSD | C] -- C:\RECYCLER
[2010/05/05 16:12:13 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Lee\Desktop\New Folder
[2010/05/05 13:25:37 | 000,000,000 | RHSD | C] -- C:\cmdcons
[2010/05/05 13:21:51 | 000,212,480 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWXCACLS.exe
[2010/05/05 13:21:51 | 000,161,792 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWREG.exe
[2010/05/05 13:21:51 | 000,136,704 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWSC.exe
[2010/05/05 13:21:51 | 000,031,232 | ---- | C] (NirSoft) -- C:\WINDOWS\NIRCMD.exe
[2010/05/05 13:21:28 | 000,000,000 | ---D | C] -- C:\WINDOWS\ERDNT
[2010/05/05 13:17:40 | 000,000,000 | ---D | C] -- C:\Qoobox
[2010/05/04 15:18:31 | 000,178,000 | ---- | C] (Kaspersky Lab) -- C:\Documents and Settings\Lee\Desktop\TDSSKiller.exe
[2010/05/01 08:55:44 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Lee\My Documents\Hijack this log
[2010/05/01 08:54:25 | 000,000,000 | ---D | C] -- C:\Program Files\Hijack this log
[2010/04/30 17:59:23 | 000,000,000 | ---D | C] -- C:\Program Files\Trend Micro
[2010/04/30 17:56:16 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Lee\Application Data\Malwarebytes
[2010/04/30 17:55:31 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Malwarebytes
[2010/04/30 17:55:30 | 000,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware
[2010/04/29 13:45:04 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\DRVSTORE
[2010/04/29 13:44:58 | 000,124,976 | ---- | C] (Symantec Corporation) -- C:\WINDOWS\System32\drivers\SYMEVENT.SYS
[2010/04/29 13:44:58 | 000,060,808 | ---- | C] (Symantec Corporation) -- C:\WINDOWS\System32\S32EVNT1.DLL
[2010/04/29 13:44:48 | 000,362,032 | R--- | C] (Symantec Corporation) -- C:\WINDOWS\System32\drivers\symtdi.sys
[2010/04/29 13:44:48 | 000,362,032 | R--- | C] (Symantec Corporation) -- C:\WINDOWS\System32\drivers\N360\0401000.020\symtdi.sys
[2010/04/29 13:44:48 | 000,340,016 | R--- | C] (Symantec Corporation) -- C:\WINDOWS\System32\drivers\N360\0401000.020\symtdiv.sys
[2010/04/29 13:44:47 | 000,328,752 | R--- | C] (Symantec Corporation) -- C:\WINDOWS\System32\drivers\SymDS.sys
[2010/04/29 13:44:47 | 000,328,752 | R--- | C] (Symantec Corporation) -- C:\WINDOWS\System32\drivers\N360\0401000.020\SymDS.sys
[2010/04/29 13:44:47 | 000,325,680 | R--- | C] (Symantec Corporation) -- C:\WINDOWS\System32\drivers\N360\0401000.020\srtsp.sys
[2010/04/29 13:44:47 | 000,172,592 | R--- | C] (Symantec Corporation) -- C:\WINDOWS\System32\drivers\SymEFA.sys
[2010/04/29 13:44:47 | 000,172,592 | R--- | C] (Symantec Corporation) -- C:\WINDOWS\System32\drivers\N360\0401000.020\SymEFA.sys
[2010/04/29 13:44:47 | 000,116,784 | R--- | C] (Symantec Corporation) -- C:\WINDOWS\System32\drivers\N360\0401000.020\Ironx86.sys
[2010/04/29 13:44:47 | 000,116,784 | R--- | C] (Symantec Corporation) -- C:\WINDOWS\System32\drivers\Ironx86.sys
[2010/04/29 13:44:47 | 000,043,696 | R--- | C] (Symantec Corporation) -- C:\WINDOWS\System32\drivers\srtspx.sys
[2010/04/29 13:44:47 | 000,043,696 | R--- | C] (Symantec Corporation) -- C:\WINDOWS\System32\drivers\N360\0401000.020\srtspx.sys
[2010/04/29 13:44:46 | 000,501,888 | R--- | C] (Symantec Corporation) -- C:\WINDOWS\System32\drivers\N360\0401000.020\cchpx86.sys
[2010/04/29 13:44:46 | 000,501,888 | R--- | C] (Symantec Corporation) -- C:\WINDOWS\System32\drivers\cchpx86.sys
[2010/04/29 13:44:24 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\drivers\N360
[2010/04/29 13:44:24 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\drivers\N360\0401000.020
[2010/04/29 13:44:22 | 000,000,000 | ---D | C] -- C:\Program Files\Windows Sidebar
[2010/04/29 13:44:09 | 000,000,000 | ---D | C] -- C:\Program Files\NortonInstaller
[2010/04/29 13:44:09 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\NortonInstaller
[2010/04/29 13:11:11 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Documents\Norton
[2010/04/29 13:11:11 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Norton
[2010/04/29 09:20:42 | 000,000,000 | ---D | C] -- C:\Documents and Settings\NetworkService\Application Data\Macromedia
[2010/04/29 09:20:38 | 000,000,000 | ---D | C] -- C:\Documents and Settings\NetworkService\Application Data\Adobe
[2010/04/23 15:08:10 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Lee\Local Settings\Application Data\Real
[2010/04/23 15:07:35 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\xing shared
[2010/04/13 17:46:54 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Lee\My Documents\Paytons Ledbury Dilapidation Claim
[2 C:\WINDOWS\System32\dllcache\*.tmp files -> C:\WINDOWS\System32\dllcache\*.tmp -> ]
[15 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
[1 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
========== Files - Modified Within 30 Days ========== [2010/05/07 14:13:00 | 000,000,878 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
[2010/05/07 14:09:08 | 000,570,880 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Lee\Desktop\OTL.exe
[2010/05/07 10:19:17 | 000,000,418 | -H-- | M] () -- C:\WINDOWS\tasks\User_Feed_Synchronization-{898C5654-CDAC-482F-B8DF-430F31E4F8DA}.job
[2010/05/07 09:15:49 | 000,001,158 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2010/05/07 09:15:47 | 000,000,874 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
[2010/05/07 09:15:13 | 000,000,006 | -H-- | M] () -- C:\WINDOWS\tasks\SA.DAT
[2010/05/07 09:15:06 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2010/05/07 08:37:07 | 000,100,908 | ---- | M] () -- C:\Documents and Settings\Lee\Desktop\SystemLook.exe
[2010/05/06 17:37:40 | 007,602,176 | -H-- | M] () -- C:\Documents and Settings\Lee\NTUSER.DAT
[2010/05/06 17:37:40 | 000,000,278 | -HS- | M] () -- C:\Documents and Settings\Lee\ntuser.ini
[2010/05/06 17:10:41 | 000,000,349 | ---- | M] () -- C:\Documents and Settings\All Users\Documents\PCLECHAL.INI
[2010/05/06 14:10:50 | 000,000,000 | ---- | M] () -- C:\Documents and Settings\Lee\defogger_reenable
[2010/05/06 14:09:19 | 000,050,477 | ---- | M] () -- C:\Documents and Settings\Lee\Desktop\Defogger.exe
[2010/05/06 08:22:58 | 000,096,256 | ---- | M] () -- C:\Documents and Settings\Lee\My Documents\Jotti 1.doc
[2010/05/05 14:34:47 | 000,076,288 | ---- | M] () -- C:\Documents and Settings\Lee\My Documents\ComboFix 10.doc
[2010/05/05 14:00:38 | 000,000,227 | ---- | M] () -- C:\WINDOWS\system.ini
[2010/05/05 13:57:33 | 000,000,027 | ---- | M] () -- C:\WINDOWS\System32\drivers\etc\hosts
[2010/05/05 13:25:47 | 000,000,281 | RHS- | M] () -- C:\boot.ini
[2010/05/05 13:17:01 | 003,946,364 | R--- | M] () -- C:\Documents and Settings\Lee\Desktop\zzz.exe
[2010/05/04 15:17:39 | 000,178,000 | ---- | M] (Kaspersky Lab) -- C:\Documents and Settings\Lee\Desktop\TDSSKiller.exe
[2010/05/04 14:08:05 | 000,003,601 | ---- | M] () -- C:\WINDOWS\Wm98.INI
[2010/05/01 08:53:13 | 000,002,443 | ---- | M] () -- C:\Documents and Settings\Lee\Desktop\HiJackThis.lnk
[2010/04/30 17:29:00 | 000,038,912 | ---- | M] () -- C:\Documents and Settings\Lee\My Documents\malware.doc
[2010/04/29 13:55:10 | 000,441,124 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
[2010/04/29 13:55:10 | 000,071,060 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
[2010/04/29 13:55:09 | 000,521,766 | ---- | M] () -- C:\WINDOWS\System32\PerfStringBackup.INI
[2010/04/29 13:50:25 | 000,669,798 | ---- | M] () -- C:\WINDOWS\System32\drivers\N360\0401000.020\Cat.DB
[2010/04/29 13:44:58 | 000,124,976 | ---- | M] (Symantec Corporation) -- C:\WINDOWS\System32\drivers\SYMEVENT.SYS
[2010/04/29 13:44:58 | 000,060,808 | ---- | M] (Symantec Corporation) -- C:\WINDOWS\System32\S32EVNT1.DLL
[2010/04/29 13:44:58 | 000,007,443 | ---- | M] () -- C:\WINDOWS\System32\drivers\SYMEVENT.CAT
[2010/04/29 13:44:58 | 000,000,805 | ---- | M] () -- C:\WINDOWS\System32\drivers\SYMEVENT.INF
[2010/04/29 13:44:51 | 000,002,051 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Norton 360.LNK
[2010/04/29 13:11:12 | 000,000,811 | ---- | M] () -- C:\Documents and Settings\Lee\Desktop\Norton Installation Files.lnk
[2010/04/29 12:28:03 | 000,000,120 | ---- | M] () -- C:\WINDOWS\Edulikovuviy.dat
[2010/04/29 08:26:54 | 000,000,000 | ---- | M] () -- C:\WINDOWS\Dtihigokimakigej.bin
[2010/04/28 18:13:41 | 000,001,819 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Google Chrome.lnk
[2010/04/27 08:45:57 | 000,001,608 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Mozilla Firefox.lnk
[2010/04/26 15:58:12 | 000,256,512 | ---- | M] () -- C:\WINDOWS\PEV.exe
[2010/04/23 15:09:27 | 000,000,681 | ---- | M] () -- C:\WINDOWS\cdplayer.ini
[2010/04/23 15:07:31 | 000,000,903 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\RealPlayer.lnk
[2010/04/23 15:07:17 | 000,185,920 | ---- | M] (RealNetworks, Inc.) -- C:\WINDOWS\System32\rmoc3260.dll
[2010/04/23 15:07:00 | 000,006,656 | ---- | M] (RealNetworks, Inc.) -- C:\WINDOWS\System32\pndx5016.dll
[2010/04/23 15:07:00 | 000,005,632 | ---- | M] (RealNetworks, Inc.) -- C:\WINDOWS\System32\pndx5032.dll
[2010/04/23 15:06:56 | 000,348,160 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\msvcr71.dll
[2010/04/23 15:06:56 | 000,278,528 | ---- | M] (Real Networks, Inc) -- C:\WINDOWS\System32\pncrt.dll
[2010/04/16 17:39:19 | 000,282,619 | ---- | M] () -- C:\Documents and Settings\Lee\My Documents\Wright Hassall response 13 apr 2010.jpg
[2010/04/16 17:06:15 | 000,282,619 | ---- | M] () -- C:\Documents and Settings\Lee\My Documents\Letterhead.jpg
[2010/04/15 08:39:56 | 000,001,735 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Adobe Reader 9.lnk
[2010/04/15 08:34:05 | 000,001,374 | ---- | M] () -- C:\WINDOWS\imsins.BAK
[2010/04/14 17:26:40 | 014,562,902 | ---- | M] () -- C:\Documents and Settings\Lee\My Documents\Solus Piece - Cover SELECT WORLD.pdf
[2 C:\WINDOWS\System32\dllcache\*.tmp files -> C:\WINDOWS\System32\dllcache\*.tmp -> ]
[15 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
[1 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
========== Files Created - No Company Name ========== [2010/05/07 08:37:06 | 000,100,908 | ---- | C] () -- C:\Documents and Settings\Lee\Desktop\SystemLook.exe
[2010/05/06 15:52:26 | 000,000,290 | ---- | C] () -- C:\Documents and Settings\Lee\mbr.log
[2010/05/06 14:10:50 | 000,000,000 | ---- | C] () -- C:\Documents and Settings\Lee\defogger_reenable
[2010/05/06 14:09:19 | 000,050,477 | ---- | C] () -- C:\Documents and Settings\Lee\Desktop\Defogger.exe
[2010/05/06 08:22:57 | 000,096,256 | ---- | C] () -- C:\Documents and Settings\Lee\My Documents\Jotti 1.doc
[2010/05/05 14:34:47 | 000,076,288 | ---- | C] () -- C:\Documents and Settings\Lee\My Documents\ComboFix 10.doc
[2010/05/05 13:25:47 | 000,000,211 | ---- | C] () -- C:\Boot.bak
[2010/05/05 13:25:40 | 000,260,272 | ---- | C] () -- C:\cmldr
[2010/05/05 13:21:51 | 000,256,512 | ---- | C] () -- C:\WINDOWS\PEV.exe
[2010/05/05 13:21:51 | 000,098,816 | ---- | C] () -- C:\WINDOWS\sed.exe
[2010/05/05 13:21:51 | 000,080,412 | ---- | C] () -- C:\WINDOWS\grep.exe
[2010/05/05 13:21:51 | 000,077,312 | ---- | C] () -- C:\WINDOWS\MBR.exe
[2010/05/05 13:21:51 | 000,068,096 | ---- | C] () -- C:\WINDOWS\zip.exe
[2010/05/05 13:16:10 | 003,946,364 | R--- | C] () -- C:\Documents and Settings\Lee\Desktop\zzz.exe
[2010/04/30 17:59:23 | 000,002,443 | ---- | C] () -- C:\Documents and Settings\Lee\Desktop\HiJackThis.lnk
[2010/04/30 17:28:59 | 000,038,912 | ---- | C] () -- C:\Documents and Settings\Lee\My Documents\malware.doc
[2010/04/29 13:45:06 | 000,669,798 | ---- | C] () -- C:\WINDOWS\System32\drivers\N360\0401000.020\Cat.DB
[2010/04/29 13:44:58 | 000,007,443 | ---- | C] () -- C:\WINDOWS\System32\drivers\SYMEVENT.CAT
[2010/04/29 13:44:58 | 000,000,805 | ---- | C] () -- C:\WINDOWS\System32\drivers\SYMEVENT.INF
[2010/04/29 13:44:51 | 000,002,051 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Norton 360.LNK
[2010/04/29 13:44:26 | 000,003,374 | R--- | C] () -- C:\WINDOWS\System32\drivers\N360\0401000.020\SymEFA.inf
[2010/04/29 13:44:26 | 000,002,793 | R--- | C] () -- C:\WINDOWS\System32\drivers\N360\0401000.020\SymDS.inf
[2010/04/29 13:44:26 | 000,001,473 | R--- | C] () -- C:\WINDOWS\System32\drivers\N360\0401000.020\SymNetV.inf
[2010/04/29 13:44:26 | 000,001,445 | R--- | C] () -- C:\WINDOWS\System32\drivers\N360\0401000.020\SymNet.inf
[2010/04/29 13:44:25 | 000,007,787 | R--- | C] () -- C:\WINDOWS\System32\drivers\N360\0401000.020\symnetv.cat
[2010/04/29 13:44:25 | 000,007,444 | R--- | C] () -- C:\WINDOWS\System32\drivers\N360\0401000.020\SymEFA.cat
[2010/04/29 13:44:25 | 000,007,442 | R--- | C] () -- C:\WINDOWS\System32\drivers\N360\0401000.020\srtspx.cat
[2010/04/29 13:44:25 | 000,007,438 | R--- | C] () -- C:\WINDOWS\System32\drivers\N360\0401000.020\srtsp.cat
[2010/04/29 13:44:25 | 000,007,438 | R--- | C] () -- C:\WINDOWS\System32\drivers\N360\0401000.020\iron.cat
[2010/04/29 13:44:25 | 000,007,425 | R--- | C] () -- C:\WINDOWS\System32\drivers\N360\0401000.020\SymDS.cat
[2010/04/29 13:44:25 | 000,007,396 | R--- | C] () -- C:\WINDOWS\System32\drivers\N360\0401000.020\cchpx86.cat
[2010/04/29 13:44:25 | 000,007,368 | R--- | C] () -- C:\WINDOWS\System32\drivers\N360\0401000.020\SymNet.cat
[2010/04/29 13:44:25 | 000,001,754 | R--- | C] () -- C:\WINDOWS\System32\drivers\N360\0401000.020\ccHPx86.inf
[2010/04/29 13:44:25 | 000,001,388 | R--- | C] () -- C:\WINDOWS\System32\drivers\N360\0401000.020\srtspx.inf
[2010/04/29 13:44:25 | 000,001,382 | R--- | C] () -- C:\WINDOWS\System32\drivers\N360\0401000.020\srtsp.inf
[2010/04/29 13:44:25 | 000,000,741 | R--- | C] () -- C:\WINDOWS\System32\drivers\N360\0401000.020\Iron.inf
[2010/04/29 13:44:25 | 000,000,172 | ---- | C] () -- C:\WINDOWS\System32\drivers\N360\0401000.020\isolate.ini
[2010/04/29 13:11:11 | 000,000,811 | ---- | C] () -- C:\Documents and Settings\Lee\Desktop\Norton Installation Files.lnk
[2010/04/27 08:45:57 | 000,001,608 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Mozilla Firefox.lnk
[2010/04/23 15:07:54 | 000,001,819 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Google Chrome.lnk
[2010/04/23 15:07:31 | 000,000,903 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\RealPlayer.lnk
[2010/04/16 17:39:19 | 000,282,619 | ---- | C] () -- C:\Documents and Settings\Lee\My Documents\Wright Hassall response 13 apr 2010.jpg
[2010/04/16 17:06:14 | 000,282,619 | ---- | C] () -- C:\Documents and Settings\Lee\My Documents\Letterhead.jpg
[2010/04/15 08:38:52 | 000,001,735 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Adobe Reader 9.lnk
[2010/04/14 17:26:14 | 014,562,902 | ---- | C] () -- C:\Documents and Settings\Lee\My Documents\Solus Piece - Cover SELECT WORLD.pdf
[2010/03/13 14:54:09 | 000,131,072 | ---- | C] () -- C:\WINDOWS\System32\ZipDll.dll
[2010/03/13 14:54:09 | 000,116,224 | ---- | C] () -- C:\WINDOWS\System32\UnzDLL.dll
[2010/01/14 09:43:13 | 000,000,127 | ---- | C] () -- C:\WINDOWS\System32\MRT.INI
[2009/04/21 17:35:53 | 000,000,147 | ---- | C] () -- C:\WINDOWS\System32\AddPort.ini
[2009/04/21 17:35:11 | 000,000,011 | ---- | C] () -- C:\WINDOWS\hpclj3600g.ini
[2009/04/21 17:32:40 | 000,000,011 | ---- | C] () -- C:\WINDOWS\hpclj3600m.ini
[2007/04/18 11:52:06 | 000,018,764 | ---- | C] () -- C:\WINDOWS\System32\ddmon.dll
[2007/03/29 14:16:13 | 000,176,235 | ---- | C] () -- C:\WINDOWS\System32\Primomonnt.dll
[2007/01/23 09:40:03 | 000,000,000 | ---- | C] () -- C:\WINDOWS\System32\WCp64log.dll
[2006/12/11 21:11:41 | 000,000,310 | ---- | C] () -- C:\WINDOWS\primopdf.ini
[2006/12/05 18:28:03 | 000,000,681 | ---- | C] () -- C:\WINDOWS\cdplayer.ini
[2006/10/18 16:03:44 | 000,000,017 | ---- | C] () -- C:\WINDOWS\MovingPicture.ini
[2006/10/18 12:30:03 | 000,194,248 | ---- | C] () -- C:\WINDOWS\System32\LTRFD13n.DLL
[2006/10/18 12:15:05 | 000,001,289 | ---- | C] () -- C:\WINDOWS\VFO.INI
[2006/10/18 12:15:00 | 000,196,096 | ---- | C] () -- C:\WINDOWS\System32\macd32.dll
[2006/10/18 12:15:00 | 000,138,752 | ---- | C] () -- C:\WINDOWS\System32\mase32.dll
[2006/10/18 12:15:00 | 000,136,192 | ---- | C] () -- C:\WINDOWS\System32\mamc32.dll
[2006/10/18 12:15:00 | 000,057,856 | ---- | C] () -- C:\WINDOWS\System32\masd32.dll
[2006/10/18 12:14:59 | 000,027,648 | ---- | C] () -- C:\WINDOWS\System32\ma32.dll
[2006/10/17 12:20:53 | 000,003,601 | ---- | C] () -- C:\WINDOWS\Wm98.INI
[2006/10/17 10:46:24 | 000,000,116 | ---- | C] () -- C:\WINDOWS\NeroDigital.ini
[2006/10/17 09:41:40 | 000,000,502 | ---- | C] () -- C:\WINDOWS\ODBC.INI
[2006/10/17 09:40:57 | 000,122,880 | ---- | C] () -- C:\WINDOWS\System32\EEBAPI.dll
[2006/10/17 09:40:57 | 000,102,400 | ---- | C] () -- C:\WINDOWS\System32\EEBDSCVR.dll
[2006/10/17 09:40:57 | 000,065,536 | ---- | C] () -- C:\WINDOWS\System32\EBAPI.dll
[2006/10/16 16:19:42 | 000,076,990 | ---- | C] () -- C:\WINDOWS\VGAsetup.ini
[2006/10/16 16:19:28 | 000,117,132 | ---- | C] () -- C:\WINDOWS\System32\VGAunistlog.ini
[2006/08/25 03:51:35 | 000,156,672 | ---- | C] () -- C:\WINDOWS\System32\RTLCPAPI.dll
[2006/05/02 23:38:24 | 000,000,748 | ---- | C] () -- C:\WINDOWS\SetBrowser.ini
[2006/02/24 15:54:42 | 000,073,728 | ---- | C] () -- C:\WINDOWS\System32\deskMenu2.dll
[2005/10/26 11:06:30 | 000,000,061 | ---- | C] () -- C:\WINDOWS\smscfg.ini
[2005/07/29 19:38:24 | 003,375,104 | ---- | C] () -- C:\WINDOWS\System32\qt-mt331.dll
[2005/04/28 13:32:27 | 000,001,038 | ---- | C] () -- C:\WINDOWS\System32\oeminfo.ini
[2005/04/27 13:40:30 | 000,002,572 | ---- | C] () -- C:\WINDOWS\WINDVDBOOTRECDOE.sys
[2004/12/20 18:24:03 | 001,663,068 | ---- | C] () -- C:\WINDOWS\System32\libmmd.dll
[2004/08/20 19:44:19 | 000,000,791 | ---- | C] () -- C:\WINDOWS\orun32.ini
[2003/11/25 12:15:46 | 000,045,056 | ---- | C] () -- C:\WINDOWS\System32\MemCompress.dll
[2003/06/12 12:00:56 | 000,040,448 | ---- | C] () -- C:\WINDOWS\System32\regobj.dll
[2003/06/04 16:10:48 | 000,000,332 | ---- | C] () -- C:\WINDOWS\ActiveSkin.ini
[2001/07/06 16:30:00 | 000,003,399 | ---- | C] () -- C:\WINDOWS\System32\hptcpmon.ini
========== Custom Scans ========== < %SYSTEMDRIVE%\*.* >[2006/10/18 15:20:56 | 000,413,867 | ---- | M] () -- C:\adorage-protocol.txt
[2006/10/18 12:15:05 | 000,000,095 | ---- | M] () -- C:\AUTOEXEC.BAT
[2006/10/16 16:17:28 | 000,000,211 | ---- | M] () -- C:\Boot.bak
[2010/05/05 13:25:47 | 000,000,281 | RHS- | M] () -- C:\boot.ini
[2004/08/03 23:00:00 | 000,260,272 | ---- | M] () -- C:\cmldr
[2010/05/05 14:15:01 | 000,025,167 | ---- | M] () -- C:\ComboFix.txt
[2004/08/20 19:33:47 | 000,000,000 | ---- | M] () -- C:\CONFIG.SYS
[2008/07/14 14:56:10 | 000,000,123 | ---- | M] () -- C:\Defaults.ppr
[2004/08/20 19:33:47 | 000,000,000 | RHS- | M] () -- C:\IO.SYS
[2010/05/07 09:16:07 | 000,000,000 | ---- | M] () -- C:\iwctrllog.txt
[2006/10/16 16:20:50 | 000,001,476 | ---- | M] () -- C:\lang.txt
[2002/01/05 04:48:16 | 000,974,848 | ---- | M] (Microsoft Corporation) -- C:\mfc70.dll
[2002/01/05 04:36:38 | 000,964,608 | ---- | M] (Microsoft Corporation) -- C:\mfc70u.dll
[2004/08/20 19:33:47 | 000,000,000 | RHS- | M] () -- C:\MSDOS.SYS
[2004/08/04 13:00:00 | 000,047,564 | RHS- | M] () -- C:\NTDETECT.COM
[2008/05/31 12:04:47 | 000,250,048 | RHS- | M] () -- C:\ntldr
[2006/10/17 12:45:56 | 661,012,480 | ---- | M] () -- C:\Outlook.pst
[2010/05/07 09:14:25 | 754,974,720 | -HS- | M] () -- C:\pagefile.sys
[2010/03/23 14:38:06 | 000,013,030 | ---- | M] () -- C:\PDOXUSRS.NET
[2010/05/04 15:15:28 | 000,043,498 | ---- | M] () -- C:\TDSSKiller.2.2.8.1_04.05.2010_15.15.21_log.txt
[2010/05/06 14:27:51 | 000,013,352 | ---- | M] () -- C:\TDSSKiller.2.2.8.1_06.05.2010_14.27.44_log.txt
< %systemroot%\*. /mp /s > < %systemroot%\system32\*.dll /lockedfiles >[15 C:\WINDOWS\system32\*.tmp files -> C:\WINDOWS\system32\*.tmp -> ]
< %systemroot%\Tasks\*.job /lockedfiles > < %systemroot%\System32\config\*.sav >[2004/08/20 20:21:01 | 000,094,208 | ---- | M] () -- C:\WINDOWS\system32\config\default.sav
[2004/08/20 20:21:01 | 000,659,456 | ---- | M] () -- C:\WINDOWS\system32\config\software.sav
[2004/08/20 20:21:01 | 000,868,352 | ---- | M] () -- C:\WINDOWS\system32\config\system.sav
< %systemroot%\system32\drivers\*.sys /90 >[2010/05/07 08:19:50 | 000,096,512 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\drivers\atapi.sys
[2010/02/26 00:22:57 | 000,501,888 | R--- | M] (Symantec Corporation) -- C:\WINDOWS\system32\drivers\cchpx86.sys
[2010/02/27 03:23:54 | 000,116,784 | R--- | M] (Symantec Corporation) -- C:\WINDOWS\system32\drivers\Ironx86.sys
[2010/02/24 14:11:07 | 000,455,680 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\drivers\mrxsmb.sys
[2010/02/27 03:23:21 | 000,043,696 | R--- | M] (Symantec Corporation) -- C:\WINDOWS\system32\drivers\srtspx.sys
[2010/04/29 13:44:58 | 000,124,976 | ---- | M] (Symantec Corporation) -- C:\WINDOWS\system32\drivers\SYMEVENT.SYS
[2010/02/11 13:02:15 | 000,226,880 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\drivers\tcpip6.sys
< End of report >
Here Is The Extras.txt.
OTL Extras logfile created on: 07/05/2010 14:14:16 - Run 1
OTL by OldTimer - Version 3.2.4.1 Folder = C:\Documents and Settings\Lee\Desktop
Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 7.0.5730.13)
Locale: 00000809 | Country: United Kingdom | Language: ENG | Date Format: dd/MM/yyyy
991.00 Mb Total Physical Memory | 484.00 Mb Available Physical Memory | 49.00% Memory free
2.00 Gb Paging File | 1.00 Gb Available in Paging File | 73.00% Paging File free
Paging file location(s): C:\pagefile.sys 720 1440 [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 74.53 Gb Total Space | 2.39 Gb Free Space | 3.21% Space Free | Partition Type: NTFS
D: Drive not present or media not loaded
E: Drive not present or media not loaded
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded
Drive Z: | 232.88 Gb Total Space | 213.88 Gb Free Space | 91.84% Space Free | Partition Type: NTFS
Computer Name: SELECT-09
Current User Name: Lee
Logged in as Administrator.
Current Boot Mode: Normal
Scan Mode: Current user
Company Name Whitelist: Off
Skip Microsoft Files: Off
File Age = 30 Days
Output = Minimal
========== Extra Registry (SafeList) ==========