Hi kahdah,
thankyu for the reply, and the instructions.
Below are the results of the scans:-
cheers, and thankyou for your help; very much appreciated.
Sails
OTL logfile created on: 23/08/2009 8:35:11 AM - Run 1
OTL by OldTimer - Version 3.0.10.7 Folder = E:\
Windows XP Professional Edition Service Pack 2 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 6.0.2900.2180)
Locale: 00000C09 | Country: Australia | Language: ENA | Date Format: d/MM/yyyy
511.23 Mb Total Physical Memory | 289.78 Mb Available Physical Memory | 56.68% Memory free
1.22 Gb Paging File | 0.99 Gb Available in Paging File | 80.87% Paging File free
Paging file location(s): C:\pagefile.sys 768 1536 [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 37.26 Gb Total Space | 6.19 Gb Free Space | 16.63% Space Free | Partition Type: NTFS
D: Drive not present or media not loaded
Drive E: | 1.87 Gb Total Space | 1.81 Gb Free Space | 96.81% Space Free | Partition Type: FAT
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded
Computer Name: WILLIAM-76CB72E
Current User Name: Sal
Logged in as Administrator.
Current Boot Mode: Normal
Scan Mode: Current user
Company Name Whitelist: Off
Skip Microsoft Files: Off
File Age = 30 Days
Output = Minimal
========== Processes (SafeList) ========== PRC - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe (ALWIL Software)
PRC - C:\Program Files\Alwil Software\Avast4\ashServ.exe (ALWIL Software)
PRC - C:\WINDOWS\System32\bgsvcgen.exe (B.H.A Corporation)
PRC - C:\WINDOWS\System32\nvsvc32.exe (NVIDIA Corporation)
PRC - C:\Program Files\Canon\CAL\CALMAIN.exe (Canon Inc.)
PRC - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe (ALWIL Software)
PRC - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe (ALWIL Software)
PRC - C:\WINDOWS\Explorer.EXE (Microsoft Corporation)
PRC - C:\Program Files\Alwil Software\Avast4\ashDisp.exe (ALWIL Software)
PRC - E:\OTL.exe (OldTimer Tools)
========== Win32 Services (SafeList) ========== SRV - (Adobe LM Service [Disabled | Stopped]) -- C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe (Adobe Systems)
SRV - (Adobe Version Cue CS2 [Disabled | Stopped]) -- c:\Program Files\Adobe\Adobe Version Cue CS2\bin\VersionCueCS2.exe (Adobe Systems Incorporated)
SRV - (Apple Mobile Device [Disabled | Stopped]) -- C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe (Apple Inc.)
SRV - (aswUpdSv [Auto | Running]) -- C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe (ALWIL Software)
SRV - (avast! Antivirus [Auto | Running]) -- C:\Program Files\Alwil Software\Avast4\ashServ.exe (ALWIL Software)
SRV - (avast! Mail Scanner [On_Demand | Running]) -- C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe (ALWIL Software)
SRV - (avast! Web Scanner [On_Demand | Running]) -- C:\Program Files\Alwil Software\Avast4\ashWebSv.exe (ALWIL Software)
SRV - (bgsvcgen [Auto | Running]) -- C:\WINDOWS\System32\bgsvcgen.exe (B.H.A Corporation)
SRV - (Bonjour Service [Disabled | Stopped]) -- C:\Program Files\Bonjour\mDNSResponder.exe (Apple Inc.)
SRV - (CCALib8 [Auto | Running]) -- C:\Program Files\Canon\CAL\CALMAIN.exe (Canon Inc.)
SRV - (gusvc [On_Demand | Stopped]) -- C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe (Google)
SRV - (helpsvc [Auto | Running]) -- C:\WINDOWS\PCHealth\HelpCtr\Binaries\pchsvc.dll (Microsoft Corporation)
SRV - (iPod Service [Disabled | Stopped]) -- C:\Program Files\iPod\bin\iPodService.exe (Apple Inc.)
SRV - (NVSvc [Auto | Running]) -- C:\WINDOWS\System32\nvsvc32.exe (NVIDIA Corporation)
SRV - (pwudklvy [Auto | Stopped]) -- C:\WINDOWS\System32\drnpqou.dll ()
SRV - (WMPNetworkSvc [On_Demand | Stopped]) -- C:\Program Files\Windows Media Player\WMPNetwk.exe (Microsoft Corporation)
SRV - (yrtnmno [Auto | Stopped]) -- C:\WINDOWS\System32\drnpqou.dll ()
========== Driver Services (SafeList) ========== DRV - (Aavmker4 [System | Running]) -- C:\WINDOWS\System32\drivers\aavmker4.sys (ALWIL Software)
DRV - (ApfiltrService [On_Demand | Running]) -- C:\WINDOWS\System32\DRIVERS\Apfiltr.sys (Alps Electric Co., Ltd.)
DRV - (aswFsBlk [Auto | Running]) -- C:\WINDOWS\System32\DRIVERS\aswFsBlk.sys (ALWIL Software)
DRV - (aswMon2 [Auto | Running]) -- C:\WINDOWS\System32\drivers\aswmon2.sys (ALWIL Software)
DRV - (aswRdr [On_Demand | Running]) -- C:\WINDOWS\System32\drivers\aswRdr.sys (ALWIL Software)
DRV - (aswSP [System | Running]) -- C:\WINDOWS\System32\drivers\aswSP.sys (ALWIL Software)
DRV - (aswTdi [System | Running]) -- C:\WINDOWS\System32\drivers\aswTdi.sys (ALWIL Software)
DRV - (b57w2k [On_Demand | Running]) -- C:\WINDOWS\System32\DRIVERS\b57xp32.sys (Broadcom Corporation)
DRV - (bvrp_pci [On_Demand | Stopped]) -- C:\WINDOWS\System32\drivers\bvrp_pci.sys ()
DRV - (cdrbsdrv [System | Running]) -- C:\WINDOWS\System32\drivers\cdrbsdrv.sys (B.H.A Corporation)
DRV - (CSCO21 [On_Demand | Stopped]) -- C:\WINDOWS\System32\DRIVERS\csco21.sys (Cisco Systems, Inc.)
DRV - (DevUpper [Boot | Running]) -- C:\WINDOWS\system32\DRIVERS\tiumflt.sys (Texas Instruments Inc.)
DRV - (GEARAspiWDM [On_Demand | Running]) -- C:\WINDOWS\System32\DRIVERS\GEARAspiWDM.sys (GEAR Software Inc.)
DRV - (GTICARD [On_Demand | Running]) -- C:\WINDOWS\System32\DRIVERS\gticard.sys (Texas Instruments)
DRV - (HSFHWICH [On_Demand | Running]) -- C:\WINDOWS\System32\DRIVERS\HSFHWICH.sys (Conexant Systems, Inc.)
DRV - (HSF_DP [On_Demand | Running]) -- C:\WINDOWS\System32\DRIVERS\HSF_DP.sys (Conexant Systems, Inc.)
DRV - (mdmxsdk [Auto | Running]) -- C:\WINDOWS\System32\DRIVERS\mdmxsdk.sys (Conexant)
DRV - (nv [On_Demand | Running]) -- C:\WINDOWS\System32\DRIVERS\nv4_mini.sys (NVIDIA Corporation)
DRV - (OMCI [System | Running]) -- C:\WINDOWS\SYSTEM32\DRIVERS\OMCI.SYS (Dell Computer Corporation)
DRV - (Ptilink [On_Demand | Running]) -- C:\WINDOWS\System32\DRIVERS\ptilink.sys (Parallel Technologies, Inc.)
DRV - (PxHelp20 [Boot | Running]) -- C:\WINDOWS\System32\Drivers\PxHelp20.sys (Sonic Solutions)
DRV - (Secdrv [On_Demand | Stopped]) -- C:\WINDOWS\System32\DRIVERS\secdrv.sys ()
DRV - (STAC97 [On_Demand | Running]) -- C:\WINDOWS\System32\drivers\stac97.sys (SigmaTel, Inc.)
DRV - (tiumfwl [On_Demand | Running]) -- C:\WINDOWS\System32\drivers\tiumfwl.sys (Texas Instruments Inc.)
DRV - (USBAAPL [On_Demand | Stopped]) -- C:\WINDOWS\System32\Drivers\usbaapl.sys (Apple, Inc.)
DRV - (winachsf [On_Demand | Running]) -- C:\WINDOWS\System32\DRIVERS\HSF_CNXT.sys (Conexant Systems, Inc.)
========== Standard Registry (All) ========== ========== Internet Explorer ========== IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\WINDOWS\SYSTEM32\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page =
http://www.google.com.au/IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,CustomizeSearch =
http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchcust.htmIE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant =
http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchasst.htm IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL =
http://www.google.com/ieIE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\WINDOWS\SYSTEM32\blank.htm
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Page_Transitions = 1
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page =
http://www.microsoft.com/isapi/redir.dll?p...amp;ar=iesearchIE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page =
http://www.google.com.au/IE - URLSearchHook: {CFBFAE00-17A6-11D0-99CB-00C04FD64497} - C:\WINDOWS\System32\shdocvw.dll (Microsoft Corporation)
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
FF - HKLM\software\mozilla\Mozilla 1.7.5\Extensions\\Components: C:\Program Files\mozilla.org\Mozilla\Components [2009/08/21 15:52:30 | 00,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla 1.7.5\Extensions\\Plugins: C:\Program Files\mozilla.org\Mozilla\Plugins [2008/11/18 19:18:52 | 00,000,000 | ---D | M]
O1 HOSTS File: (734 bytes) - C:\WINDOWS\System32\drivers\etc\Hosts
O1 - Hosts: 127.0.0.1 localhost
O3 - HKCU\..\Toolbar\ShellBrowser: (&Address) - {01E04581-4EEE-11D0-BFE9-00AA005B4383} - C:\WINDOWS\System32\browseui.dll (Microsoft Corporation)
O3 - HKCU\..\Toolbar\WebBrowser: (&Address) - {01E04581-4EEE-11D0-BFE9-00AA005B4383} - C:\WINDOWS\System32\browseui.dll (Microsoft Corporation)
O3 - HKCU\..\Toolbar\WebBrowser: (&Links) - {0E5CBF21-D15F-11D0-8301-00AA005B4383} - C:\WINDOWS\System32\SHELL32.dll (Microsoft Corporation)
O3 - HKCU\..\Toolbar\WebBrowser: (Adobe PDF) - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - c:\Program Files\Adobe\Adobe Acrobat 7.0\Acrobat\AcroIEFavClient.dll File not found
O4 - HKLM..\Run: [avast!] C:\Program Files\Alwil Software\Avast4\ashDisp.exe (ALWIL Software)
O4 - HKLM..\Run: [NvCplDaemon] C:\WINDOWS\System32\NvCpl.DLL (NVIDIA Corporation)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: dontdisplaylastusername = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticecaption =
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticetext =
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: shutdownwithoutlogon = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: undockwithoutlogon = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableRegistryTools = 0
O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O9 - Extra Button: eBay - Homepage - {EF79EAC5-3452-4E02-B8BD-BA4C89F1AC7A} - C:\WINDOWS\System32\shdocvw.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000001 [] - C:\WINDOWS\System32\mswsock.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000002 [] - C:\WINDOWS\System32\winrnr.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000003 [] - C:\WINDOWS\System32\mswsock.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O10 - Protocol_Catalog9\Catalog_Entries\000000000001 - C:\WINDOWS\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000002 - C:\WINDOWS\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000003 - C:\WINDOWS\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000004 - C:\WINDOWS\System32\rsvpsp.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000005 - C:\WINDOWS\System32\rsvpsp.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000006 - C:\WINDOWS\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000007 - C:\WINDOWS\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000008 - C:\WINDOWS\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000009 - C:\WINDOWS\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000010 - C:\WINDOWS\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000011 - C:\WINDOWS\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000012 - C:\WINDOWS\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000013 - C:\WINDOWS\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000014 - C:\WINDOWS\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000015 - C:\WINDOWS\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000016 - C:\WINDOWS\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000017 - C:\WINDOWS\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000018 - C:\WINDOWS\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000019 - C:\WINDOWS\System32\mswsock.dll (Microsoft Corporation)
O15 - HKLM\..Trusted Domains: 1 domain(s) and sub-domain(s) not assigned to a zone.
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93}
http://java.sun.com/update/1.5.0/jinstall-...indows-i586.cab (Java Plug-in 1.5.0)
O16 - DPF: {CAFEEFAC-0015-0000-0000-ABCDEFFEDCBA}
http://java.sun.com/update/1.5.0/jinstall-...indows-i586.cab (Java Plug-in 1.5.0)
O18 - Protocol\Handler\about {3050F406-98B5-11CF-BB82-00AA00BDCE0B} - C:\WINDOWS\System32\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\cdl {3dd53d40-7b8b-11D0-b013-00aa0059ce02} - C:\WINDOWS\System32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\dvd {12D51199-0DB5-46FE-A120-47A3D7D937CC} - C:\WINDOWS\System32\msvidctl.dll (Microsoft Corporation)
O18 - Protocol\Handler\file {79eac9e7-baf9-11ce-8c82-00aa004ba90b} - C:\WINDOWS\System32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\ftp {79eac9e3-baf9-11ce-8c82-00aa004ba90b} - C:\WINDOWS\System32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\gopher {79eac9e4-baf9-11ce-8c82-00aa004ba90b} - C:\WINDOWS\System32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\http {79eac9e2-baf9-11ce-8c82-00aa004ba90b} - C:\WINDOWS\System32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\http\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\http\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\https {79eac9e5-baf9-11ce-8c82-00aa004ba90b} - C:\WINDOWS\System32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\https\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\https\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\ipp - No CLSID value found
O18 - Protocol\Handler\ipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\its {9D148291-B9C8-11D0-A4CC-0000F80149F6} - C:\WINDOWS\System32\itss.dll (Microsoft Corporation)
O18 - Protocol\Handler\javascript {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} - C:\WINDOWS\System32\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\local {79eac9e7-baf9-11ce-8c82-00aa004ba90b} - C:\WINDOWS\System32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\mailto {3050f3DA-98B5-11CF-BB82-00AA00BDCE0B} - C:\WINDOWS\System32\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\mhtml {05300401-BCBC-11d0-85E3-00C04FD85AB4} - C:\WINDOWS\System32\inetcomm.dll (Microsoft Corporation)
O18 - Protocol\Handler\mk {79eac9e6-baf9-11ce-8c82-00aa004ba90b} - C:\WINDOWS\System32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp - No CLSID value found
O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\ms-its {9D148291-B9C8-11D0-A4CC-0000F80149F6} - C:\WINDOWS\System32\itss.dll (Microsoft Corporation)
O18 - Protocol\Handler\res {3050F3BC-98B5-11CF-BB82-00AA00BDCE0B} - C:\WINDOWS\System32\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\sysimage {76E67A63-06E9-11D2-A840-006008059382} - C:\WINDOWS\System32\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\tv {CBD30858-AF45-11D2-B6D6-00C04FBBDE6E} - C:\WINDOWS\System32\msvidctl.dll (Microsoft Corporation)
O18 - Protocol\Handler\vbscript {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} - C:\WINDOWS\System32\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\wia {13F3EA8B-91D7-4F0A-AD76-D2853AC8BECE} - C:\WINDOWS\System32\wiascr.dll (Microsoft Corporation)
O18 - Protocol\Filter: - Class Install Handler - C:\WINDOWS\System32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Filter: - deflate - C:\WINDOWS\System32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Filter: - gzip - C:\WINDOWS\System32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Filter: - lzdhtml - C:\WINDOWS\System32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Filter: - text/webviewhtml - C:\WINDOWS\System32\SHELL32.dll (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\Explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\WINDOWS\system32\userinit.exe) - C:\WINDOWS\System32\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UIHost - (logonui.exe) - C:\WINDOWS\System32\logonui.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (rundll32 shell32) - C:\WINDOWS\System32\shell32.dll (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (Control_RunDLL "sysdm.cpl") - C:\WINDOWS\System32\sysdm.cpl (Microsoft Corporation)
O20 - Winlogon\Notify\crypt32chain: DllName - crypt32.dll - C:\WINDOWS\System32\crypt32.dll (Microsoft Corporation)
O20 - Winlogon\Notify\cryptnet: DllName - cryptnet.dll - C:\WINDOWS\System32\cryptnet.dll (Microsoft Corporation)
O20 - Winlogon\Notify\cscdll: DllName - cscdll.dll - C:\WINDOWS\System32\cscdll.dll (Microsoft Corporation)
O20 - Winlogon\Notify\ScCertProp: DllName - wlnotify.dll - C:\WINDOWS\System32\wlnotify.dll (Microsoft Corporation)
O20 - Winlogon\Notify\Schedule: DllName - wlnotify.dll - C:\WINDOWS\System32\wlnotify.dll (Microsoft Corporation)
O20 - Winlogon\Notify\sclgntfy: DllName - sclgntfy.dll - C:\WINDOWS\System32\sclgntfy.dll (Microsoft Corporation)
O20 - Winlogon\Notify\SensLogn: DllName - WlNotify.dll - C:\WINDOWS\System32\WlNotify.dll (Microsoft Corporation)
O20 - Winlogon\Notify\termsrv: DllName - wlnotify.dll - C:\WINDOWS\System32\wlnotify.dll (Microsoft Corporation)
O20 - Winlogon\Notify\wlballoon: DllName - wlnotify.dll - C:\WINDOWS\System32\wlnotify.dll (Microsoft Corporation)
O21 - SSODL: CDBurn - {fbeb8a05-beee-4442-804e-409d6c4515e9} - C:\WINDOWS\System32\SHELL32.dll (Microsoft Corporation)
O21 - SSODL: PostBootReminder - {7849596a-48ea-486e-8937-a2a3009f31a9} - C:\WINDOWS\System32\SHELL32.dll (Microsoft Corporation)
O21 - SSODL: SysTray - {35CEC8A3-2BE6-11D2-8773-92E220524153} - C:\WINDOWS\System32\stobject.dll (Microsoft Corporation)
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - C:\WINDOWS\System32\webcheck.dll (Microsoft Corporation)
O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\System32\WPDShServiceObj.dll (Microsoft Corporation)
O22 - SharedTaskScheduler: {438755C2-A8BA-11D1-B96B-00A0C90312E1} - Browseui preloader - C:\WINDOWS\System32\browseui.dll (Microsoft Corporation)
O22 - SharedTaskScheduler: {8C7461EF-2B13-11d2-BE35-3078302C2030} - Component Categories cache daemon - C:\WINDOWS\System32\browseui.dll (Microsoft Corporation)
O24 - Desktop Components:0 (My Current Home Page) - About:Home
O27 - HKLM IFEO\Your Image File Name Here without a path: Debugger - C:\WINDOWS\System32\ntsd.exe (Microsoft Corporation)
O28 - HKLM ShellExecuteHooks: {AEB6717E-7E19-11d0-97EE-00C04FD91972} - C:\WINDOWS\System32\shell32.dll (Microsoft Corporation)
O29 - HKLM SecurityProviders - (msapsspc.dll) - C:\WINDOWS\System32\msapsspc.dll (Microsoft Corporation)
O29 - HKLM SecurityProviders - (schannel.dll) - C:\WINDOWS\System32\schannel.dll (Microsoft Corporation)
O29 - HKLM SecurityProviders - (digest.dll) - C:\WINDOWS\System32\digest.dll (Microsoft Corporation)
O29 - HKLM SecurityProviders - (msnsspc.dll) - C:\WINDOWS\System32\msnsspc.dll (Microsoft Corporation)
O30 - LSA: Authentication Packages - (msv1_0) - C:\WINDOWS\System32\msv1_0.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (kerberos) - C:\WINDOWS\System32\kerberos.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (msv1_0) - C:\WINDOWS\System32\msv1_0.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (schannel) - C:\WINDOWS\System32\schannel.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (wdigest) - C:\WINDOWS\System32\wdigest.dll (Microsoft Corporation)
O31 - SafeBoot: AlternateShell - cmd.exe
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2005/06/23 14:49:42 | 00,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck) - File not found
O34 - HKLM BootExecute: (autochk) - C:\WINDOWS\System32\autochk.exe (Microsoft Corporation)
O34 - HKLM BootExecute: (*) - File not found
========== Files/Folders - Created Within 30 Days ========== [3 C:\WINDOWS\*.tmp files]
[2009/08/23 08:33:56 | 00,000,262 | ---- | C] () -- C:\Documents and Settings\Sal\Desktop\OTL.lnk
[2009/08/22 22:51:14 | 00,000,672 | ---- | C] () -- C:\Documents and Settings\Sal\Desktop\My Pictures.lnk
[2009/08/22 22:51:08 | 00,000,400 | ---- | C] () -- C:\Documents and Settings\Sal\Desktop\Malcolms.lnk
[2009/08/22 22:05:34 | 13,755,08480 | ---- | C] () -- C:\Backup.bkf
[2009/08/22 21:49:57 | 00,000,346 | ---- | C] () -- C:\WINDOWS\tasks\OptimizerEasy_home.job
[2009/08/22 21:49:44 | 00,000,749 | ---- | C] () -- C:\Documents and Settings\Sal\Desktop\Optimizer Easy.lnk
[2009/08/22 21:49:42 | 00,000,000 | ---D | C] -- C:\Program Files\Optimizer Easy
[2009/08/22 20:21:35 | 01,580,544 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cache\sfcfiles.dll
[2009/08/22 20:21:35 | 00,435,200 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cache\ntmssvc.dll
[2009/08/22 20:21:35 | 00,243,200 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cache\es.dll
[2009/08/22 20:21:35 | 00,197,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cache\netman.dll
[2009/08/22 20:21:35 | 00,190,976 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cache\schedsvc.dll
[2009/08/22 20:21:35 | 00,185,344 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cache\upnphost.dll
[2009/08/22 20:21:35 | 00,170,496 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cache\srsvc.dll
[2009/08/22 20:21:35 | 00,134,656 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cache\shsvcs.dll
[2009/08/22 20:21:35 | 00,089,088 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cache\rasauto.dll
[2009/08/22 20:21:35 | 00,071,680 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cache\ssdpsrv.dll
[2009/08/22 20:21:35 | 00,059,904 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cache\regsvc.dll
[2009/08/22 20:21:35 | 00,013,824 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cache\wscntfy.exe
[2009/08/22 20:21:34 | 03,012,608 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cache\mshtml.dll
[2009/08/22 20:21:34 | 00,924,432 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cache\mfc40u.dll
[2009/08/22 20:21:34 | 00,792,064 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cache\comres.dll
[2009/08/22 20:21:34 | 00,611,328 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cache\comctl32.dll
[2009/08/22 20:21:34 | 00,574,592 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cache\ntfs.sys
[2009/08/22 20:21:34 | 00,407,040 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cache\netlogon.dll
[2009/08/22 20:21:34 | 00,395,776 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cache\rpcss.dll
[2009/08/22 20:21:34 | 00,382,464 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cache\qmgr.dll
[2009/08/22 20:21:34 | 00,246,272 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cache\tapisrv.dll
[2009/08/22 20:21:34 | 00,245,248 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cache\mswsock.dll
[2009/08/22 20:21:34 | 00,180,224 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cache\scecli.dll
[2009/08/22 20:21:34 | 00,142,464 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cache\aec.sys
[2009/08/22 20:21:34 | 00,129,536 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cache\xmlprov.dll
[2009/08/22 20:21:34 | 00,110,080 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cache\imm32.dll
[2009/08/22 20:21:34 | 00,077,312 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cache\browser.dll
[2009/08/22 20:21:34 | 00,060,416 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cache\cryptsvc.dll
[2009/08/22 20:21:34 | 00,055,808 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cache\eventlog.dll
[2009/08/22 20:21:34 | 00,033,792 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cache\msgsvc.dll
[2009/08/22 20:21:34 | 00,026,112 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cache\MsPMSNSv.dll
[2009/08/22 20:21:34 | 00,024,576 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cache\kbdclass.sys
[2009/08/22 20:21:34 | 00,022,016 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cache\lpk.dll
[2009/08/22 20:21:34 | 00,014,336 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cache\asyncmac.sys
[2009/08/22 20:21:34 | 00,011,648 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cache\acpiec.sys
[2009/08/22 20:21:34 | 00,005,120 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cache\sfc.dll
[2009/08/22 20:21:34 | 00,004,224 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cache\beep.sys
[2009/08/22 20:21:34 | 00,002,944 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cache\null.sys
[2009/08/22 20:21:33 | 02,179,328 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cache\ntoskrnl.exe
[2009/08/22 20:21:33 | 02,056,832 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cache\ntkrnlpa.exe
[2009/08/22 20:21:33 | 01,032,192 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cache\explorer.exe
[2009/08/22 20:21:33 | 00,983,552 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cache\kernel32.dll
[2009/08/22 20:21:33 | 00,295,424 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cache\termsrv.dll
[2009/08/22 20:21:33 | 00,108,032 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cache\services.exe
[2009/08/22 20:21:33 | 00,057,856 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cache\spoolsv.exe
[2009/08/22 20:21:33 | 00,051,224 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cache\wuauclt.exe
[2009/08/22 20:21:33 | 00,029,056 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cache\ip6fw.sys
[2009/08/22 20:21:33 | 00,024,576 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cache\userinit.exe
[2009/08/22 20:21:33 | 00,017,408 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cache\powrprof.dll
[2009/08/22 20:21:33 | 00,015,360 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cache\ctfmon.exe
[2009/08/22 20:21:33 | 00,013,312 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cache\lsass.exe
[2009/08/22 20:21:32 | 00,657,920 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cache\wininet.dll
[2009/08/22 20:21:32 | 00,577,024 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cache\user32.dll
[2009/08/22 20:21:32 | 00,502,272 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cache\winlogon.exe
[2009/08/22 20:21:32 | 00,359,808 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cache\tcpip.sys
[2009/08/22 20:21:32 | 00,182,912 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cache\ndis.sys
[2009/08/22 20:21:32 | 00,082,944 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cache\ws2_32.dll
[2009/08/22 20:21:32 | 00,014,336 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cache\svchost.exe
[2009/08/22 20:21:32 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\dllcache\cache
[2009/08/22 19:57:19 | 00,228,864 | ---- | C] () -- C:\WINDOWS\PEV.exe
[2009/08/22 19:57:19 | 00,212,480 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWXCACLS.exe
[2009/08/22 19:57:19 | 00,161,792 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWREG.exe
[2009/08/22 19:57:19 | 00,136,704 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWSC.exe
[2009/08/22 19:57:19 | 00,098,816 | ---- | C] () -- C:\WINDOWS\sed.exe
[2009/08/22 19:57:19 | 00,080,412 | ---- | C] () -- C:\WINDOWS\grep.exe
[2009/08/22 19:57:19 | 00,068,096 | ---- | C] () -- C:\WINDOWS\zip.exe
[2009/08/22 19:57:19 | 00,031,232 | ---- | C] (NirSoft) -- C:\WINDOWS\NIRCMD.exe
[2009/08/22 19:57:16 | 00,000,000 | ---D | C] -- C:\WINDOWS\ERDNT
[2009/08/22 19:55:17 | 00,000,000 | ---D | C] -- C:\Qoobox
[2009/08/22 16:31:08 | 00,000,124 | ---- | C] () -- C:\Documents and Settings\Sal\Desktop\Control Panel.lnk
[2009/08/22 16:18:12 | 00,001,734 | ---- | C] () -- C:\Documents and Settings\Sal\Desktop\HijackThis.lnk
[2009/08/22 16:18:12 | 00,000,000 | ---D | C] -- C:\Program Files\Trend Micro
[2009/08/22 16:09:25 | 00,000,690 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\AutorunRemover.lnk
[2009/08/22 16:09:24 | 00,000,000 | ---D | C] -- C:\Program Files\AutorunRemover
[2009/08/22 16:08:35 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Sal\Desktop\AutorunRemover
[2009/08/22 16:07:25 | 01,184,565 | ---- | C] () -- C:\Documents and Settings\Sal\Desktop\AutorunRemover.zip
[2009/08/22 15:35:29 | 00,000,000 | ---D | C] -- C:\Program Files\Innovative Solutions
[2009/08/22 15:29:57 | 00,000,434 | ---- | C] () -- C:\WINDOWS\tasks\RegCure Program Check.job
[2009/08/22 15:29:51 | 00,000,368 | ---- | C] () -- C:\WINDOWS\tasks\RegCure.job
[2009/08/22 15:23:39 | 00,001,528 | ---- | C] () -- C:\Documents and Settings\Sal\Desktop\RegCure Application.lnk
[2009/08/22 15:23:34 | 00,000,000 | ---D | C] -- C:\Program Files\RegCure
[2009/08/22 15:18:28 | 00,000,444 | ---- | C] () -- C:\WINDOWS\tasks\XoftSpySE 2.job
[2009/08/22 15:18:27 | 00,000,358 | ---- | C] () -- C:\WINDOWS\tasks\XoftSpySE.job
[2009/08/22 15:18:24 | 00,000,682 | ---- | C] () -- C:\Documents and Settings\Sal\Desktop\XoftSpySE.lnk
[2009/08/22 15:18:22 | 00,000,000 | ---D | C] -- C:\Program Files\XoftSpySE
[2009/08/22 15:18:06 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Sal\Application Data\WinRAR
[2009/08/22 15:17:06 | 00,000,000 | ---D | C] -- C:\Program Files\WinRAR
[2009/08/22 15:16:18 | 00,000,000 | ---D | C] -- C:\WINDOWS\RegCure
[2009/08/22 15:08:26 | 16,409,960 | ---- | C] (Safer Networking Limited ) -- C:\Documents and Settings\Sal\Desktop\setup-spybotsd162.exe
[2009/08/22 14:50:46 | 00,000,933 | ---- | C] () -- C:\Documents and Settings\Sal\Desktop\Spybot - Search & Destroy.lnk
[2009/08/22 14:50:32 | 00,000,000 | ---D | C] -- C:\Program Files\Spybot - Search & Destroy
[2009/08/22 14:50:32 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy
[2009/08/22 14:41:19 | 00,011,643 | ---- | C] () -- C:\WINDOWS\System32\net21.inf
[2009/08/22 14:41:19 | 00,007,980 | ---- | C] () -- C:\WINDOWS\System32\net21.cat
[2009/08/22 14:41:16 | 00,344,832 | ---- | C] (Cisco Systems, Inc.) -- C:\WINDOWS\System32\drivers\csco21.sys
[2009/08/22 14:41:16 | 00,344,832 | ---- | C] (Cisco Systems, Inc.) -- C:\WINDOWS\System32\csco21.sys
[2009/08/22 12:48:43 | 00,000,000 | ---D | C] -- C:\WINDOWS\CSC
[2009/08/22 12:20:23 | 00,000,874 | ---- | C] () -- C:\Documents and Settings\Sal\Desktop\TreeSize Free.lnk
[2009/08/22 11:28:47 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Sal\Application Data\JAM Software
[2009/08/22 11:28:27 | 00,000,000 | ---D | C] -- C:\Program Files\JAM Software
[2009/08/22 10:52:45 | 00,014,048 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\spmsg.dll
[2009/08/22 09:25:47 | 00,000,000 | -HSD | C] -- C:\Config.Msi
[2009/08/21 16:33:54 | 00,001,709 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\avast! Antivirus.lnk
[2009/08/21 16:33:53 | 00,023,152 | ---- | C] (ALWIL Software) -- C:\WINDOWS\System32\drivers\aswRdr.sys
[2009/08/21 16:33:52 | 00,051,376 | ---- | C] (ALWIL Software) -- C:\WINDOWS\System32\drivers\aswTdi.sys
[2009/08/21 16:33:50 | 00,026,944 | ---- | C] (ALWIL Software) -- C:\WINDOWS\System32\drivers\aavmker4.sys
[2009/08/21 16:33:46 | 00,097,480 | ---- | C] (ALWIL Software) -- C:\WINDOWS\System32\AvastSS.scr
[2009/08/21 16:33:44 | 00,114,768 | ---- | C] (ALWIL Software) -- C:\WINDOWS\System32\drivers\aswSP.sys
[2009/08/21 16:33:44 | 00,020,560 | ---- | C] (ALWIL Software) -- C:\WINDOWS\System32\drivers\aswFsBlk.sys
[2009/08/21 16:33:40 | 00,094,160 | ---- | C] (ALWIL Software) -- C:\WINDOWS\System32\drivers\aswmon2.sys
[2009/08/21 16:33:40 | 00,093,392 | ---- | C] (ALWIL Software) -- C:\WINDOWS\System32\drivers\aswmon.sys
[2009/08/21 16:33:06 | 01,279,456 | ---- | C] (ALWIL Software) -- C:\WINDOWS\System32\aswBoot.exe
[2009/08/21 16:33:06 | 00,380,928 | ---- | C] () -- C:\WINDOWS\System32\actskin4.ocx
[2009/08/21 16:32:59 | 00,000,000 | ---D | C] -- C:\Program Files\Alwil Software
[2009/08/20 19:54:58 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Sal\Application Data\MSNInstaller
[2009/08/06 19:00:11 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Sal\My Documents\My Received Files
[2009/05/18 19:28:54 | 00,000,293 | ---- | C] () -- C:\WINDOWS\BROWSER.INI
[2008/09/23 21:19:57 | 00,000,028 | ---- | C] () -- C:\WINDOWS\MotionSDSTUDIO.INI
[2008/05/23 19:57:17 | 00,000,000 | ---- | C] () -- C:\WINDOWS\PROTOCOL.INI
[2008/05/23 19:56:43 | 00,240,640 | R--- | C] () -- C:\WINDOWS\System32\NMOCOD.DLL
[2008/04/08 18:53:59 | 00,000,025 | ---- | C] () -- C:\WINDOWS\Pharaoh's Pitfalls.ini
[2007/05/25 20:08:28 | 00,000,211 | ---- | C] () -- C:\WINDOWS\cncscore.ini
[2007/05/23 18:30:31 | 00,000,594 | ---- | C] () -- C:\WINDOWS\TetrisPk.ini
[2007/02/25 08:46:07 | 00,000,020 | ---- | C] () -- C:\WINDOWS\gojigsaw.ini
[2006/09/22 16:14:55 | 00,000,057 | ---- | C] () -- C:\WINDOWS\101plg.ini
[2006/07/02 12:28:41 | 00,000,000 | ---- | C] () -- C:\WINDOWS\VPC32.INI
[2006/01/11 18:50:42 | 00,000,049 | ---- | C] () -- C:\WINDOWS\NeroDigital.ini
[2005/11/05 08:34:59 | 00,000,000 | ---- | C] () -- C:\WINDOWS\OpPrintServer.INI
[2005/07/26 20:33:34 | 00,004,272 | ---- | C] () -- C:\WINDOWS\System32\drivers\bvrp_pci.sys
[2005/06/30 19:25:05 | 00,000,000 | ---- | C] () -- C:\WINDOWS\WTNSETUP.INI
[2005/06/30 19:07:32 | 00,000,376 | ---- | C] () -- C:\WINDOWS\ODBC.INI
[2004/08/12 23:33:16 | 00,000,623 | ---- | C] () -- C:\WINDOWS\win.ini
[2004/08/12 23:30:36 | 00,000,227 | ---- | C] () -- C:\WINDOWS\system.ini
[2004/08/12 23:27:58 | 00,027,440 | ---- | C] () -- C:\WINDOWS\System32\drivers\secdrv.sys
[2004/08/12 23:20:44 | 00,168,096 | RHS- | C] () -- C:\WINDOWS\System32\drnpqou.dll
[2004/08/12 23:19:54 | 00,081,920 | ---- | C] () -- C:\WINDOWS\System32\ieencode.dll
[1999/03/23 23:46:24 | 00,040,448 | ---- | C] () -- C:\WINDOWS\System32\REGOBJ.DLL
[1999/01/22 20:46:58 | 00,065,536 | ---- | C] () -- C:\WINDOWS\System32\MSRTEDIT.DLL
========== Files - Modified Within 30 Days ========== [2 C:\WINDOWS\System32\*.tmp files]
[3 C:\WINDOWS\*.tmp files]
[2009/08/23 08:33:56 | 00,000,262 | ---- | M] () -- C:\Documents and Settings\Sal\Desktop\OTL.lnk
[2009/08/23 08:32:59 | 00,017,112 | ---- | M] () -- C:\WINDOWS\System32\nvapps.xml
[2009/08/23 08:32:58 | 00,028,987 | ---- | M] () -- C:\WINDOWS\System32\nvModes.001
[2009/08/23 08:32:52 | 00,000,444 | ---- | M] () -- C:\WINDOWS\tasks\XoftSpySE 2.job
[2009/08/23 08:32:50 | 00,000,434 | ---- | M] () -- C:\WINDOWS\tasks\RegCure Program Check.job
[2009/08/23 08:32:22 | 00,000,006 | -H-- | M] () -- C:\WINDOWS\tasks\SA.DAT
[2009/08/23 08:32:13 | 00,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2009/08/22 23:49:00 | 00,001,374 | ---- | M] () -- C:\WINDOWS\imsins.BAK
[2009/08/22 22:32:35 | 00,002,473 | ---- | M] () -- C:\Documents and Settings\Sal\Desktop\Word.lnk
[2009/08/22 22:21:10 | 13,755,08480 | ---- | M] () -- C:\Backup.bkf
[2009/08/22 21:50:04 | 00,000,346 | ---- | M] () -- C:\WINDOWS\tasks\OptimizerEasy_home.job
[2009/08/22 21:49:44 | 00,000,749 | ---- | M] () -- C:\Documents and Settings\Sal\Desktop\Optimizer Easy.lnk
[2009/08/22 20:20:27 | 00,000,227 | ---- | M] () -- C:\WINDOWS\system.ini
[2009/08/22 16:31:08 | 00,000,124 | ---- | M] () -- C:\Documents and Settings\Sal\Desktop\Control Panel.lnk
[2009/08/22 16:19:38 | 00,001,734 | ---- | M] () -- C:\Documents and Settings\Sal\Desktop\HijackThis.lnk
[2009/08/22 16:09:25 | 00,000,690 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\AutorunRemover.lnk
[2009/08/22 16:07:40 | 01,184,565 | ---- | M] () -- C:\Documents and Settings\Sal\Desktop\AutorunRemover.zip
[2009/08/22 15:29:57 | 00,000,368 | ---- | M] () -- C:\WINDOWS\tasks\RegCure.job
[2009/08/22 15:23:39 | 00,001,528 | ---- | M] () -- C:\Documents and Settings\Sal\Desktop\RegCure Application.lnk
[2009/08/22 15:18:29 | 00,000,358 | ---- | M] () -- C:\WINDOWS\tasks\XoftSpySE.job
[2009/08/22 15:18:24 | 00,000,682 | ---- | M] () -- C:\Documents and Settings\Sal\Desktop\XoftSpySE.lnk
[2009/08/22 15:16:59 | 00,000,933 | ---- | M] () -- C:\Documents and Settings\Sal\Desktop\Spybot - Search & Destroy.lnk
[2009/08/22 15:14:12 | 16,409,960 | ---- | M] (Safer Networking Limited ) -- C:\Documents and Settings\Sal\Desktop\setup-spybotsd162.exe
[2009/08/22 14:42:46 | 00,356,120 | ---- | M] () -- C:\WINDOWS\System32\PerfStringBackup.INI
[2009/08/22 14:42:46 | 00,312,172 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
[2009/08/22 14:42:46 | 00,040,394 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
[2009/08/22 14:42:31 | 06,629,354 | -H-- | M] () -- C:\Documents and Settings\Sal\Local Settings\Application Data\IconCache.db
[2009/08/22 12:20:23 | 00,000,874 | ---- | M] () -- C:\Documents and Settings\Sal\Desktop\TreeSize Free.lnk
[2009/08/22 09:39:01 | 04,444,296 | ---- | M] (Computer Associates International, Inc.) -- C:\vet-win32-full-10.67.0.0.exe
[2009/08/21 21:46:18 | 00,002,626 | ---- | M] () -- C:\WINDOWS\System32\CONFIG.NT
[2009/08/21 16:33:54 | 00,001,709 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\avast! Antivirus.lnk
[2009/08/20 22:17:15 | 00,228,864 | ---- | M] () -- C:\WINDOWS\PEV.exe
[2009/08/18 18:20:45 | 00,002,206 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2009/08/18 02:10:20 | 01,279,456 | ---- | M] (ALWIL Software) -- C:\WINDOWS\System32\aswBoot.exe
[2009/08/18 02:06:54 | 00,093,392 | ---- | M] (ALWIL Software) -- C:\WINDOWS\System32\drivers\aswmon.sys
[2009/08/18 02:06:43 | 00,094,160 | ---- | M] (ALWIL Software) -- C:\WINDOWS\System32\drivers\aswmon2.sys
[2009/08/18 02:05:52 | 00,114,768 | ---- | M] (ALWIL Software) -- C:\WINDOWS\System32\drivers\aswSP.sys
[2009/08/18 02:05:37 | 00,020,560 | ---- | M] (ALWIL Software) -- C:\WINDOWS\System32\drivers\aswFsBlk.sys
[2009/08/18 02:04:40 | 00,051,376 | ---- | M] (ALWIL Software) -- C:\WINDOWS\System32\drivers\aswTdi.sys
[2009/08/18 02:04:29 | 00,023,152 | ---- | M] (ALWIL Software) -- C:\WINDOWS\System32\drivers\aswRdr.sys
[2009/08/18 02:03:21 | 00,026,944 | ---- | M] (ALWIL Software) -- C:\WINDOWS\System32\drivers\aavmker4.sys
[2009/08/18 02:02:50 | 00,097,480 | ---- | M] (ALWIL Software) -- C:\WINDOWS\System32\AvastSS.scr
[2009/08/06 20:18:35 | 00,000,211 | ---- | M] () -- C:\WINDOWS\cncscore.ini
[2009/08/06 20:16:29 | 00,028,987 | ---- | M] () -- C:\WINDOWS\System32\nvModes.dat
[2009/08/05 15:51:02 | 00,000,767 | ---- | M] () -- C:\Documents and Settings\Sal\Desktop\Internet Explorer.lnk
[2009/07/29 09:49:37 | 00,000,000 | ---- | M] () -- C:\Documents and Settings\Sal\My Documents\PDVD_MediaDisc.PlayList
========== LOP Check ========== [2009/08/22 15:23:02 | 00,000,000 | RH-D | M] -- C:\Documents and Settings\All Users\Application Data
[2008/11/18 19:21:35 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\{3276BE95_AF08_429F_A64F_CA64CB79BCF6}
[2005/07/17 20:33:49 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Ahead
[2005/07/17 20:28:09 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\CyberLink
[2008/09/23 21:19:10 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Panasonic
[2005/06/30 19:11:35 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\SBT
[2009/08/22 15:18:06 | 00,000,000 | RH-D | M] -- C:\Documents and Settings\Sal\Application Data
[2005/07/21 12:10:54 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Sal\Application Data\Ahead
[2008/10/29 15:48:10 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Sal\Application Data\CyberLink
[2009/08/22 11:28:47 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Sal\Application Data\JAM Software
[2009/08/20 19:55:29 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Sal\Application Data\MSNInstaller
[2007/04/27 13:22:05 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Sal\Application Data\Opera
[2005/08/07 08:51:21 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Sal\Application Data\Qualcomm
[2009/04/14 08:07:07 | 00,000,284 | ---- | M] () -- C:\WINDOWS\Tasks\AppleSoftwareUpdate.job
[2004/08/12 23:23:47 | 00,000,065 | RH-- | M] () -- C:\WINDOWS\Tasks\desktop.ini
[2009/08/22 21:50:04 | 00,000,346 | ---- | M] () -- C:\WINDOWS\Tasks\OptimizerEasy_home.job
[2009/08/23 08:32:50 | 00,000,434 | ---- | M] () -- C:\WINDOWS\Tasks\RegCure Program Check.job
[2009/08/22 15:29:57 | 00,000,368 | ---- | M] () -- C:\WINDOWS\Tasks\RegCure.job
[2009/08/23 08:32:22 | 00,000,006 | -H-- | M] () -- C:\WINDOWS\Tasks\SA.DAT
[2009/08/23 08:32:52 | 00,000,444 | ---- | M] () -- C:\WINDOWS\Tasks\XoftSpySE 2.job
[2009/08/22 15:18:29 | 00,000,358 | ---- | M] () -- C:\WINDOWS\Tasks\XoftSpySE.job
========== Purity Check ========== ========== Alternate Data Streams ========== @Alternate Data Stream - 88 bytes -> C:\vet-win32-full-10.67.0.0.exe:SummaryInformation
@Alternate Data Stream - 88 bytes -> C:\vetsetuplog.txt:SummaryInformation
< End of report >
OTL Extras logfile created on: 23/08/2009 8:35:11 AM - Run 1
OTL by OldTimer - Version 3.0.10.7 Folder = E:\
Windows XP Professional Edition Service Pack 2 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 6.0.2900.2180)
Locale: 00000C09 | Country: Australia | Language: ENA | Date Format: d/MM/yyyy
511.23 Mb Total Physical Memory | 289.78 Mb Available Physical Memory | 56.68% Memory free
1.22 Gb Paging File | 0.99 Gb Available in Paging File | 80.87% Paging File free
Paging file location(s): C:\pagefile.sys 768 1536 [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 37.26 Gb Total Space | 6.19 Gb Free Space | 16.63% Space Free | Partition Type: NTFS
D: Drive not present or media not loaded
Drive E: | 1.87 Gb Total Space | 1.81 Gb Free Space | 96.81% Space Free | Partition Type: FAT
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded
Computer Name: WILLIAM-76CB72E
Current User Name: Sal
Logged in as Administrator.
Current Boot Mode: Normal
Scan Mode: Current user
Company Name Whitelist: Off
Skip Microsoft Files: Off
File Age = 30 Days
Output = Minimal
========== Extra Registry (SafeList) ========== ========== File Associations ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.html [@ = MozillaHTML] -- C:\Program Files\mozilla.org\Mozilla\mozilla.exe (Mozilla Foundation)
========== Security Center Settings ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"FirstRunDisabled" = 1
"AntiVirusDisableNotify" = 0
"FirewallDisableNotify" = 0
"UpdatesDisableNotify" = 0
"AntiVirusOverride" = 1
"FirewallOverride" = 0
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1
"DoNotAllowExceptions" = 0
"DisableNotifications" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
"1618:TCP" = 1618:TCP:*:Enabled:fqegnxir
========== Authorized Applications List ========== [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
"%windir%\system32\sessmgr.exe" = %windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019 -- (Microsoft Corporation)
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"C:\Program Files\Adobe\Adobe Version Cue CS2\bin\VersionCueCS2.exe" = C:\Program Files\Adobe\Adobe Version Cue CS2\bin\VersionCueCS2.exe:*:Disabled:Adobe Version Cue CS2 -- (Adobe Systems Incorporated)
"C:\Program Files\Bonjour\mDNSResponder.exe" = C:\Program Files\Bonjour\mDNSResponder.exe:*:Disabled:Bonjour -- (Apple Inc.)
"C:\Program Files\iTunes\iTunes.exe" = C:\Program Files\iTunes\iTunes.exe:*:Disabled:iTunes -- (Apple Inc.)
"C:\WINDOWS\system32\sessmgr.exe" = C:\WINDOWS\system32\sessmgr.exe:*:Disabled:@xpsp2res.dll,-22019 -- (Microsoft Corporation)
"C:\Program Files\Messenger\msmsgs.exe" = C:\Program Files\Messenger\msmsgs.exe:*:Disabled:Windows Messenger -- (Microsoft Corporation)
========== HKEY_LOCAL_MACHINE Uninstall List ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{00000409-78E1-11D2-B60F-006097C998E7}" = Microsoft Office 2000 Premium
"{00040409-78E1-11D2-B60F-006097C998E7}" = Microsoft Office 2000 Disc 2
"{0134A1A1-C283-4A47-91A1-92F19F960372}" = Adobe Creative Suite 2
"{05108C14-956B-4723-8346-7EA8982CD2FC}" = 101 Puzzle & Logic Games
"{14FB4C04-0A21-4FE6-A2D2-13EA3B82A211}_is1" = OptimizerEasy 5.1
"{236BB7C4-4419-42FD-0409-1E257A25E34D}" = Adobe Photoshop CS2
"{3248F0A8-6813-11D6-A77B-00B0D0150000}" = J2SE Runtime Environment 5.0
"{350C97B0-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP
"{3DE5E7D4-7B88-403C-A3FD-2017A8240C5B}" = Google Earth
"{46548E80-0409-0000-7E8A-45000F855001}" = Adobe GoLive CS2
"{4DBBF091-FACD-422C-B43C-786335BD5398}" = MovieEdit Task
"{50E25180-3BDC-4B6D-80A2-3F1F0C9CF39D}" = Camera Window DVC
"{5B34EEAF-2BD6-4323-B7C2-FB8968755ACC}" = Cisco Aironet Installation Program
"{6811CAA0-BF12-11D4-9EA1-0050BAE317E1}" = PowerDVD
"{6956856F-B6B3-4BE0-BA0B-8F495BE32033}" = Apple Software Update
"{6C3A75A6-9A90-44A3-A703-82AC1EA6A85D}" = Camera Window MC
"{786C5747-1033-0000-B58E-000000000001}" = Adobe Stock Photos 1.0
"{7F142D56-3326-11D5-B229-002078017FBF}" = Modem Helper
"{7F4C8163-F259-49A0-A018-2857A90578BC}" = Adobe InDesign CS2
"{874E44F3-B9A7-4AA1-B4BA-83E5684ED9C6}" = PhotoStitch
"{8A25392D-C5D2-4E79-A2BD-C15DDC5B0959}" = Bonjour
"{8DC42D05-680B-41B0-8878-6C14D24602DB}" = QuickTime
"{8EDBA74D-0686-4C99-BFDD-F894678E5B39}" = Adobe Common File Installer
"{901F8ED7-13E8-43EF-B738-2FE89B0588EB}" = Camera Access Library
"{976C2B2A-CE59-4AB3-83FB-BF895E28F2E6}" = Apple Mobile Device Support
"{9F72EF8B-AEC9-4CA5-B483-143980AFD6FD}" = ALPS Touch Pad Driver
"{A1D0D14A-B776-4907-BC00-5149F2298086}" = Camera Support Core Library
"{A2EB8F2E-6D9B-4F8B-96EB-F976D33F416F}" = Camera Window DVC
"{A462213D-EED4-42C2-9A60-7BDD4D4B0B17}" = C-Major Audio
"{AA47D951-588B-48A5-8183-21C44B1EA6EA}" = VRWriter4
"{AC76BA86-1033-0000-7760-100000000002}" = Adobe Acrobat 7.0 Professional
"{ADBE46EE-54E0-4610-B436-D7E93D829100}" = Adobe Version Cue CS2
"{B2F5D08C-7E79-4FCD-AAF4-57AD35FF0601}" = Adobe Illustrator CS2
"{B4092C6D-E886-4CB2-BA68-FE5A88D31DE6}_is1" = Spybot - Search & Destroy
"{B74D4E10-1033-0000-0000-000000000001}" = Adobe Bridge 1.0
"{BAA43DA2-B6C5-46EC-B163-0E8EEAF975A4}" = RAW Image Task 2.2
"{BBBC2B89-E193-4348-A83C-C8DD8210A4AC}" = Canon PhotoRecord
"{BE6890C7-31EF-478C-812E-1E2899ABFCA9}" = Broadcom Gigabit Integrated Controller
"{C1D76D7A-F3BB-47EA-A746-5B1E2FFC1DF2}" = Canon ZoomBrowser EX (E)
"{C49DAA9C-5BA8-459A-8244-E57B69DF0F04}" = Suite Specific
"{CDCBF62D-8E74-44A5-91AD-44AB4C2EFD89}" = InterVideo FilterSDK for Panasonic
"{D78653C3-A8FF-415F-92E6-D774E634FF2D}" = Dell ResourceCD
"{DDDE0BE3-0CBE-4BF6-B75A-E3F69C947843}" = iTunes
"{E045A5E3-0FC6-4AC2-BBE3-C49D68BA54DA}" = MotionSD STUDIO 1.3E
"{E9787678-1033-0000-8E67-000000000001}" = Adobe Help Center 1.0
"{F9984F4C-BDF5-4992-BCD9-4D774D4643D9}" = Camera Window DS
"Ad-Aware SE Personal" = Ad-Aware SE Personal
"Adobe Flash Player Plugin" = Adobe Flash Player Plugin
"Adobe SVG Viewer" = Adobe SVG Viewer 3.0
"Autorun Virus Remover_is1" = Autorun Virus Remover 2.3
"avast!" = avast! Antivirus
"CNXT_MODEM_PCI_VEN_8086&DEV_24x6&SUBSYS_542214F1" = Conexant D480 MDC V.9x Modem
"EPSON Printer and Utilities" = EPSON Printer Software
"HijackThis" = HijackThis 2.0.2
"InstallShield_{4DBBF091-FACD-422C-B43C-786335BD5398}" = Canon MovieEdit Task for ZoomBrowser EX
"InstallShield_{50E25180-3BDC-4B6D-80A2-3F1F0C9CF39D}" = Canon Camera Window DC_DV 6 for ZoomBrowser EX
"InstallShield_{6C3A75A6-9A90-44A3-A703-82AC1EA6A85D}" = Canon Camera Window MC 6 for ZoomBrowser EX
"InstallShield_{874E44F3-B9A7-4AA1-B4BA-83E5684ED9C6}" = Canon Utilities PhotoStitch 3.1
"InstallShield_{901F8ED7-13E8-43EF-B738-2FE89B0588EB}" = Canon Camera Access Library
"InstallShield_{A1D0D14A-B776-4907-BC00-5149F2298086}" = Canon Camera Support Core Library
"InstallShield_{A2EB8F2E-6D9B-4F8B-96EB-F976D33F416F}" = Canon Camera Window DC_DV 5 for ZoomBrowser EX
"InstallShield_{BAA43DA2-B6C5-46EC-B163-0E8EEAF975A4}" = Canon RAW Image Task for ZoomBrowser EX
"InstallShield_{BE6890C7-31EF-478C-812E-1E2899ABFCA9}" = Broadcom Gigabit Integrated Controller
"InstallShield_{F9984F4C-BDF5-4992-BCD9-4D774D4643D9}" = Canon Camera Window DSLR 5 for ZoomBrowser EX
"IrfanView" = IrfanView (remove only)
"Macromedia Shockwave Player" = Macromedia Shockwave Player
"MSNINST" = MSN
"Nero - Burning Rom!UninstallKey" = Nero 6 Ultra Edition
"NeroVision!UninstallKey" = NeroVision Express 2
"NMPUninstallKey" = Nero Media Player
"NVIDIA Drivers" = NVIDIA Drivers
"Picasa 3" = Picasa 3
"RegCure" = RegCure
"TreeSize Free_is1" = TreeSize Free V2.3.3
"Typequick" = Typequick
"Windows Media Format Runtime" = Windows Media Format 11 runtime
"Windows Media Player" = Windows Media Player 11
"WinRAR archiver" = WinRAR archiver
"WMFDist11" = Windows Media Format 11 runtime
"wmp11" = Windows Media Player 11
"Wudf01000" = Microsoft User-Mode Driver Framework Feature Pack 1.0.0 (Pre-Release 5348)
"XoftSpySE" = XoftSpySE
========== Last 10 Event Log Errors ========== [ Antivirus Events ]
Error - 22/08/2009 2:27:55 AM | Computer Name = WILLIAM-76CB72E | Source = avast! | ID = 33554522
Description = AAVM - scanning error: x_AavmCheckFileDirectEx: avfilesScanReal of
C:\windows\system32\drnpqou.dll failed, 00000005.
Error - 22/08/2009 2:28:05 AM | Computer Name = WILLIAM-76CB72E | Source = avast! | ID = 33554522
Description = AAVM - scanning error: x_AavmCheckFileDirectEx: avfilesScanReal of
C:\WINDOWS\system32\01.tmp failed, 00000005.
Error - 22/08/2009 3:46:39 AM | Computer Name = WILLIAM-76CB72E | Source = avast! | ID = 33554522
Description = AAVM - scanning error: x_AavmCheckFileDirectEx: avfilesScanReal of
C:\windows\system32\drnpqou.dll failed, 00000005.
Error - 22/08/2009 3:46:42 AM | Computer Name = WILLIAM-76CB72E | Source = avast! | ID = 33554522
Description = AAVM - scanning error: x_AavmCheckFileDirectEx: avfilesScanReal of
C:\WINDOWS\system32\01.tmp failed, 00000005.
Error - 22/08/2009 5:54:20 AM | Computer Name = WILLIAM-76CB72E | Source = avast! | ID = 33554522
Description = AAVM - scanning error: x_AavmCheckFileDirectEx: avfilesScanReal of
C:\windows\system32\drnpqou.dll failed, 00000005.
Error - 22/08/2009 5:54:28 AM | Computer Name = WILLIAM-76CB72E | Source = avast! | ID = 33554522
Description = AAVM - scanning error: x_AavmCheckFileDirectEx: avfilesScanReal of
C:\WINDOWS\system32\01.tmp failed, 00000005.
Error - 22/08/2009 6:31:39 AM | Computer Name = WILLIAM-76CB72E | Source = avast! | ID = 33554522
Description = AAVM - scanning error: x_AavmCheckFileDirectEx: avfilesScanReal of
C:\windows\system32\drnpqou.dll failed, 00000005.
Error - 22/08/2009 6:31:48 AM | Computer Name = WILLIAM-76CB72E | Source = avast! | ID = 33554522
Description = AAVM - scanning error: x_AavmCheckFileDirectEx: avfilesScanReal of
C:\WINDOWS\system32\01.tmp failed, 00000005.
Error - 22/08/2009 6:32:23 PM | Computer Name = WILLIAM-76CB72E | Source = avast! | ID = 33554522
Description = AAVM - scanning error: x_AavmCheckFileDirectEx: avfilesScanReal of
C:\windows\system32\drnpqou.dll failed, 00000005.
Error - 22/08/2009 6:32:45 PM | Computer Name = WILLIAM-76CB72E | Source = avast! | ID = 33554522
Description = AAVM - scanning error: x_AavmCheckFileDirectEx: avfilesScanReal of
C:\WINDOWS\system32\01.tmp failed, 00000005.
[ Application Events ]
Error - 6/08/2009 2:24:05 AM | Computer Name = WILLIAM-76CB72E | Source = EventSystem | ID = 4618
Description = The COM+ Event System raised an unexpected access violation at address
0x7C911E58, attempting to access address 0x00000000. Please contact Microsoft
Product Support Services to report this error. ntdll!RtlInitializeCriticalSection+0x32b
ntdll!wcsncpy+0x2cd
ole32!IsValidIid+0xdb
ole32!CoTaskMemFree+0x13
es!DllGetClassObject+0xa67
es!DllGetClassObject+0x175d
es!DllGetClassObject+0x180e
es!DllGetClassObject+0x1901
es!+0x12a43
es!+0x12a85
es!+0x12ad4
es!+0x12b0e
ole32!FreePropVariantArray+0xf8
ole32!FreePropVariantArray+0xa0
es!+0x26d16
es!+0x29013
kernel32!GetModuleFileNameA+0x1b4
Error - 6/08/2009 2:24:05 AM | Computer Name = WILLIAM-76CB72E | Source = EventSystem | ID = 4618
Description = The COM+ Event System raised an unexpected access violation at address
0x7C910F2B, attempting to access address 0x48435054. Please contact Microsoft
Product Support Services to report this error. ntdll!wcsncpy+0x49c ntdll!wcsncpy+0x2cd
ole32!IsValidIid+0xdb
ole32!CoTaskMemFree+0x13
es!+0x2863d
es!+0x247d7
es!+0x12a3d
es!+0x12a85
es!+0x12ad4
es!+0x12b0e
ole32!FreePropVariantArray+0xf8
ole32!FreePropVariantArray+0xa0
es!+0x26d25
es!+0x29013
kernel32!GetModuleFileNameA+0x1b4
Error - 21/08/2009 4:09:10 AM | Computer Name = WILLIAM-76CB72E | Source = MsiInstaller | ID = 11706
Description = Product: Symantec AntiVirus -- Error 1706.No valid source could be
found for product Symantec AntiVirus. The Windows Installer cannot continue.
Error - 22/08/2009 1:06:57 AM | Computer Name = WILLIAM-76CB72E | Source = Application Hang | ID = 1002
Description = Hanging application rundll32.exe, version 5.1.2600.2180, hang module
hungapp, version 0.0.0.0, hang address 0x00000000.
Error - 22/08/2009 1:38:09 AM | Computer Name = WILLIAM-76CB72E | Source = Application Hang | ID = 1002
Description = Hanging application Advanced Uninstaller PRO v9.6 Setup.tmp, version
51.49.0.0, hang module hungapp, version 0.0.0.0, hang address 0x00000000.
Error - 22/08/2009 1:38:23 AM | Computer Name = WILLIAM-76CB72E | Source = Application Hang | ID = 1002
Description = Hanging application Advanced Uninstaller PRO v9.6 Setup.tmp, version
51.49.0.0, hang module hungapp, version 0.0.0.0, hang address 0x00000000.
Error - 22/08/2009 8:19:52 AM | Computer Name = WILLIAM-76CB72E | Source = Application Hang | ID = 1002
Description = Hanging application Photoshop.exe, version 9.0.0.0, hang module hungapp,
version 0.0.0.0, hang address 0x00000000.
Error - 22/08/2009 8:19:54 AM | Computer Name = WILLIAM-76CB72E | Source = Application Hang | ID = 1002
Description = Hanging application Photoshop.exe, version 9.0.0.0, hang module hungapp,
version 0.0.0.0, hang address 0x00000000.
Error - 22/08/2009 8:21:09 AM | Computer Name = WILLIAM-76CB72E | Source = NTBackup | ID = 8001
Description = End Backup of 'C:' 'Warnings or errors were encountered.' Verify:
Off Mode: Replace Type: Normal Consult the backup report for more details.
Error - 22/08/2009 8:21:10 AM | Computer Name = WILLIAM-76CB72E | Source = NTBackup | ID = 8019
Description = End Operation: Warnings or errors were encountered. Consult the backup
report for more details.
[ System Events ]
Error - 22/08/2009 6:13:41 AM | Computer Name = WILLIAM-76CB72E | Source = Service Control Manager | ID = 7009
Description = Timeout (30000 milliseconds) waiting for the PEVSystemStart service
to connect.
Error - 22/08/2009 6:19:17 AM | Computer Name = WILLIAM-76CB72E | Source = Service Control Manager | ID = 7009
Description = Timeout (30000 milliseconds) waiting for the PEVSystemStart service
to connect.
Error - 22/08/2009 6:19:18 AM | Computer Name = WILLIAM-76CB72E | Source = Service Control Manager | ID = 7009
Description = Timeout (30000 milliseconds) waiting for the PEVSystemStart service
to connect.
Error - 22/08/2009 6:30:00 AM | Computer Name = WILLIAM-76CB72E | Source = Service Control Manager | ID = 7011
Description = Timeout (30000 milliseconds) waiting for a transaction response from
the avast! Antivirus service.
Error - 22/08/2009 6:31:42 AM | Computer Name = WILLIAM-76CB72E | Source = Service Control Manager | ID = 7023
Description = The Monitor Update service terminated with the following error: %%1114
Error - 22/08/2009 6:31:42 AM | Computer Name = WILLIAM-76CB72E | Source = Service Control Manager | ID = 7023
Description = The Config Boot service terminated with the following error: %%1114
Error - 22/08/2009 8:00:06 AM | Computer Name = WILLIAM-76CB72E | Source = Removable Storage Service | ID = 262255
Description = RSM could not load media in drive Drive 0 of library Imation Imation
USB USB Device.
Error - 22/08/2009 8:00:08 AM | Computer Name = WILLIAM-76CB72E | Source = Removable Storage Service | ID = 262255
Description = RSM could not load media in drive Drive 0 of library Imation Imation
USB USB Device.
Error - 22/08/2009 6:32:26 PM | Computer Name = WILLIAM-76CB72E | Source = Service Control Manager | ID = 7023
Description = The Monitor Update service terminated with the following error: %%1114
Error - 22/08/2009 6:32:26 PM | Computer Name = WILLIAM-76CB72E | Source = Service Control Manager | ID = 7023
Description = The Config Boot service terminated with the following error: %%1114
< End of report >