Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Boopme!


  • This topic is locked This topic is locked
3 replies to this topic

#1 Holly-May

Holly-May

  • Members
  • 12 posts
  • OFFLINE
  •  
  • Gender:Female
  • Local time:06:34 PM

Posted 09 October 2010 - 11:10 AM

Extras.Txt

OTL Extras logfile created on: 09/10/2010 16:45:24 - Run 1
OTL by OldTimer - Version 3.2.14.1 Folder = C:UsersHollyDesktop
64bit- Home Premium Edition (Version = 6.1.7600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.7600.16385)
Locale: 00000809 | Country: United Kingdom | Language: ENG | Date Format: dd/MM/yyyy

4.00 Gb Total Physical Memory | 2.00 Gb Available Physical Memory | 63.00% Memory free
7.00 Gb Paging File | 6.00 Gb Available in Paging File | 82.00% Paging File free
Paging file location(s): ?:pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:Windows | %ProgramFiles% = C:Program Files (x86)
Drive C: | 453.94 Gb Total Space | 373.82 Gb Free Space | 82.35% Space Free | Partition Type: NTFS
D: Drive not present or media not loaded
E: Drive not present or media not loaded
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded

Computer Name: HOLLY-PC
Current User Name: Holly
Logged in as Administrator.

Current Boot Mode: Normal
Scan Mode: Current user
Include 64bit Scans
Company Name Whitelist: On
Skip Microsoft Files: On
File Age = 90 Days
Output = Standard
Quick Scan

========== Extra Registry (SafeList) ==========


========== File Associations ==========

64bit: [HKEY_LOCAL_MACHINESOFTWAREClasses<extension>]

[HKEY_LOCAL_MACHINESOFTWAREClasses<extension>]
.cpl [@ = cplfile] -- C:WindowsSysWow64control.exe (Microsoft Corporation)

[HKEY_CURRENT_USERSOFTWAREClasses<extension>]
.html [@ = FirefoxHTML] -- C:Program Files (x86)Mozilla Firefoxfirefox.exe (Mozilla Corporation)

========== Shell Spawning ==========

64bit: [HKEY_LOCAL_MACHINESOFTWAREClasses<key>shell[command]command]
batfile [open] -- "%1" %* File not found
cmdfile [open] -- "%1" %* File not found
comfile [open] -- "%1" %* File not found
exefile [open] -- "%1" %* File not found
helpfile [open] -- Reg Error: Key error.
htmlfile [edit] -- "C:Program Files (x86)Microsoft OfficeOffice12msohtmed.exe" %1 (Microsoft Corporation)
htmlfile [print] -- "C:Program Files (x86)Microsoft OfficeOffice12msohtmed.exe" /p %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%System32InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [print] -- "C:WindowsSystem32rundll32.exe" "C:WindowsSystem32mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %* File not found
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1" File not found
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l (Microsoft Corporation)
scrfile [open] -- "%1" /S File not found
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%system32rundll32.exe %SystemRoot%system32shell32.dll,OpenAs_RunDLL %1 File not found
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%Explorer.exe (Microsoft Corporation)
Directory [OneNote.Open] -- C:PROGRA~2MICROS~3Office12ONENOTE.EXE "%L" (Microsoft Corporation)
Folder [open] -- %SystemRoot%Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%Explorer.exe (Microsoft Corporation)

[HKEY_LOCAL_MACHINESOFTWAREClasses<key>shell[command]command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%System32control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [edit] -- "C:Program Files (x86)Microsoft OfficeOffice12msohtmed.exe" %1 (Microsoft Corporation)
htmlfile [print] -- "C:Program Files (x86)Microsoft OfficeOffice12msohtmed.exe" /p %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%System32InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [print] -- "C:WindowsSystem32rundll32.exe" "C:WindowsSystem32mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l (Microsoft Corporation)
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%system32rundll32.exe %SystemRoot%system32shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%Explorer.exe (Microsoft Corporation)
Directory [OneNote.Open] -- C:PROGRA~2MICROS~3Office12ONENOTE.EXE "%L" (Microsoft Corporation)
Folder [open] -- %SystemRoot%Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%Explorer.exe (Microsoft Corporation)

========== Security Center Settings ==========

64bit: [HKEY_LOCAL_MACHINESOFTWAREMicrosoftSecurity Center]
"cval" = 1

64bit: [HKEY_LOCAL_MACHINESOFTWAREMicrosoftSecurity CenterMonitoring]

64bit: [HKEY_LOCAL_MACHINESOFTWAREMicrosoftSecurity CenterSvc]
"VistaSp1" = 28 4D B2 76 41 04 CA 01 [binary data]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0

64bit: [HKEY_LOCAL_MACHINESOFTWAREMicrosoftSecurity CenterSvcVol]

[HKEY_LOCAL_MACHINESOFTWAREMicrosoftSecurity Center]

[HKEY_LOCAL_MACHINESOFTWAREMicrosoftSecurity CenterSvc]

========== Firewall Settings ==========

[HKEY_LOCAL_MACHINESYSTEMCurrentControlSetServicesSharedAccessParametersFirewallPolicyDomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1

[HKEY_LOCAL_MACHINESYSTEMCurrentControlSetServicesSharedAccessParametersFirewallPolicyStandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1

[HKEY_LOCAL_MACHINESYSTEMCurrentControlSetServicesSharedAccessParametersFirewallPolicyPublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1

========== Authorized Applications List ==========


========== HKEY_LOCAL_MACHINE Uninstall List ==========

64bit: [HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionUninstall]
"{071c9b48-7c32-4621-a0ac-3f809523288f}" = Microsoft Visual C++ 2005 Redistributable (x64)
"{33EB1061-ABF1-4470-A540-32E97A610536}" = Apple Mobile Device Support
"{41BF0DE4-5BAE-4B88-AFD3-86A30B222186}" = Bonjour
"{5F02C14D-A630-4771-8409-0BA89FCCA8D6}" = iTunes
"{90120000-002A-0000-1000-0000000FF1CE}" = Microsoft Office Office 64-bit Components 2007
"{90120000-002A-0409-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit MUI (English) 2007
"{90120000-0116-0409-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2007
"{95120000-00B9-0409-1000-0000000FF1CE}" = Microsoft Application Error Reporting
"{96F70DF8-160F-4F9C-9B9E-2A9B439B4EB9}" = Broadcom Gigabit NetLink Controller
"{B6E3757B-5E77-3915-866A-CCFC4B8D194C}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x64 8.0.50727.4053
"{BADFD936-E907-C666-A6E1-3C04C06E4260}" = ATI Catalyst Install Manager
"{BCA9334F-B6C9-4F65-9A73-AC5A329A4D04}" = PlayReady PC Runtime amd64
"{C3199A20-E216-102C-04B0-8F9FF608A8E1}" = ccc-utility64
"{EE5BE032-86BA-4A2B-4CB0-556156B45FEA}" = ATI AVIVO64 Codecs
"{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}" = Microsoft .NET Framework 4 Client Profile
"CNXT_MODEM_HDA_HSF" = HDAUDIO Soft Data Fax Modem with SmartCP
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"SynTPDeinstKey" = Synaptics Pointing Device Driver

[HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionUninstall]
"{00303EC0-EE53-4934-A606-E9B98A96E026}" = CCC Help German
"{046BFB05-BC7F-01A4-C199-B49640D2AD0F}" = Catalyst Control Center Graphics Full New
"{064C45D3-880F-D130-554A-91043413BCEE}" = CCC Help Thai
"{08C12672-6B9B-F155-B060-D375A020B656}" = CCC Help Chinese Traditional
"{090EFBB9-1196-5391-3637-64CAAC5E982B}" = CCC Help Hungarian
"{12EFA1A4-AC3B-443C-8143-237EDE760403}" = NTI Backup Now Standard
"{14272C6B-36D4-FB95-B95B-ADB1C2A7F029}" = CCC Help Italian
"{15D967B5-A4BE-42AE-9E84-64CD062B25AA}" = eSobi v2
"{178832DE-9DE0-4C87-9F82-9315A9B03985}" = Windows Live Writer
"{1D535E4B-4D8D-FD55-AD08-125C8C4117D3}" = ccc-core-static
"{1DC4A8CA-F9B1-F762-2448-0A72B36E1E12}" = CCC Help Korean
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{205C6BDD-7B73-42DE-8505-9A093F35A238}" = Windows Live Upload Tool
"{22B775E7-6C42-4FC5-8E10-9A5E3257BD94}" = MSVCRT
"{2413930C-8309-47A6-BC61-5EF27A4222BC}" = NTI Media Maker 8
"{2637C347-9DAD-11D6-9EA2-00055D0CA761}" = Acer Arcade Deluxe
"{26A24AE4-039D-4CA4-87B4-2F83216017FF}" = Java™ 6 Update 21
"{287ECFA4-719A-2143-A09B-D6A12DE54E40}" = Acrobat.com
"{309BBBEE-F25E-0105-6DB1-B668958C9D37}" = CCC Help Polish
"{3B4E636E-9D65-4D67-BA61-189800823F52}" = Windows Live Communications Platform
"{3D5044A5-97B8-45C0-B956-BB2376569188}" = Windows Live Movie Maker
"{3DB0448D-AD82-4923-B305-D001E521A964}" = Acer ePower Management
"{3EDFC198-8ACC-A6C1-6991-35A80EC9A002}" = CCC Help English
"{42ED876C-C635-EF22-F4CD-620DC799CDDD}" = Catalyst Control Center Localization All
"{45338B07-A236-4270-9A77-EBB4115517B5}" = Windows Live Sign-in Assistant
"{47826EF1-5634-D2E7-0C39-E356B8207676}" = CCC Help Turkish
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{5C93667C-8802-F818-DE66-5E16996D6074}" = CCC Help Japanese
"{5EE7D259-D137-4438-9A5F-42F432EC0421}" = VC80CRTRedist - 8.0.50727.4053
"{6140FD34-61AF-2EE7-3E9F-C0D26E532617}" = CCC Help Finnish
"{6412CECE-8172-4BE5-935B-6CECACD2CA87}" = Windows Live Mail
"{67E03279-F703-408F-B4BF-46B5FC8D70CD}" = Microsoft Works
"{68301905-2DEA-41CE-A4D4-E8B443B099BA}" = MyWinLocker
"{6956856F-B6B3-4BE0-BA0B-8F495BE32033}" = Apple Software Update
"{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}" = Windows Media Player Firefox Plugin
"{716E0306-8318-4364-8B8F-0CC4E9376BAC}" = MSXML 4.0 SP2 Parser and SDK
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{72B776E5-4530-4C4B-9453-751DF87D9D93}" = Backup Manager Basic
"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
"{7760D94E-B1B5-40A0-9AA0-ABF942108755}" = Acer Crystal Eye Webcam
"{7F811A54-5A09-4579-90E1-C93498E230D9}" = Acer eRecovery Management
"{81128EE8-8EAD-4DB0-85C6-17C2CE50FF71}" = Windows Live Essentials
"{82809116-D1EE-443C-AE31-F19E709DDF7A}" = AMD USB Filter Driver
"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-110209593}" = Chicken Invaders 2
"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-114803710}" = Star Defender 4
"{84EBDF39-4B33-49D7-A0BD-EB6E2C4E81C1}" = Windows Live Sync
"{8568FE6D-9769-A751-11D5-5AC7F6B698C2}" = CCC Help Russian
"{890E6592-0998-3C7A-2DB4-A29381485DA5}" = CCC Help Spanish
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8B999A44-8314-493B-877E-A1DA5B54D9B8}" = Catalyst Control Center - Branding
"{8ed9688e-4f79-4308-91ca-f1c37ca142b4}_is1" = Acer GameZone Console
"{90120000-0016-0409-0000-0000000FF1CE}" = Microsoft Office Excel MUI (English) 2007
"{90120000-0016-0409-0000-0000000FF1CE}_HOMESTUDENTR_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = 2007 Microsoft Office Suite Service Pack 2 (SP2)
"{90120000-0018-0409-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (English) 2007
"{90120000-0018-0409-0000-0000000FF1CE}_HOMESTUDENTR_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = 2007 Microsoft Office Suite Service Pack 2 (SP2)
"{90120000-001B-0409-0000-0000000FF1CE}" = Microsoft Office Word MUI (English) 2007
"{90120000-001B-0409-0000-0000000FF1CE}_HOMESTUDENTR_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = 2007 Microsoft Office Suite Service Pack 2 (SP2)
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-0409-0000-0000000FF1CE}_HOMESTUDENTR_{ABDDE972-355B-4AF1-89A8-DA50B7B5C045}" = 2007 Microsoft Office Suite Service Pack 2 (SP2)
"{90120000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2007
"{90120000-001F-040C-0000-0000000FF1CE}_HOMESTUDENTR_{F580DDD5-8D37-4998-968E-EBB76BB86787}" = 2007 Microsoft Office Suite Service Pack 2 (SP2)
"{90120000-001F-0C0A-0000-0000000FF1CE}" = Microsoft Office Proof (Spanish) 2007
"{90120000-001F-0C0A-0000-0000000FF1CE}_HOMESTUDENTR_{187308AB-5FA7-4F14-9AB9-D290383A10D9}" = 2007 Microsoft Office Suite Service Pack 2 (SP2)
"{90120000-0020-0409-0000-0000000FF1CE}" = Compatibility Pack for the 2007 Office system
"{90120000-002A-0000-1000-0000000FF1CE}_HOMESTUDENTR_{E64BA721-2310-4B55-BE5A-2925F9706192}" = 2007 Microsoft Office Suite Service Pack 2 (SP2)
"{90120000-002A-0409-1000-0000000FF1CE}_HOMESTUDENTR_{DE5A002D-8122-4278-A7EE-3121E7EA254E}" = 2007 Microsoft Office Suite Service Pack 2 (SP2)
"{90120000-002C-0409-0000-0000000FF1CE}" = Microsoft Office Proofing (English) 2007
"{90120000-006E-0409-0000-0000000FF1CE}" = Microsoft Office Shared MUI (English) 2007
"{90120000-006E-0409-0000-0000000FF1CE}_HOMESTUDENTR_{DE5A002D-8122-4278-A7EE-3121E7EA254E}" = 2007 Microsoft Office Suite Service Pack 2 (SP2)
"{90120000-00A1-0409-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (English) 2007
"{90120000-00A1-0409-0000-0000000FF1CE}_HOMESTUDENTR_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = 2007 Microsoft Office Suite Service Pack 2 (SP2)
"{90120000-0115-0409-0000-0000000FF1CE}" = Microsoft Office Shared Setup Metadata MUI (English) 2007
"{90120000-0115-0409-0000-0000000FF1CE}_HOMESTUDENTR_{DE5A002D-8122-4278-A7EE-3121E7EA254E}" = 2007 Microsoft Office Suite Service Pack 2 (SP2)
"{90120000-0116-0409-1000-0000000FF1CE}_HOMESTUDENTR_{DE5A002D-8122-4278-A7EE-3121E7EA254E}" = 2007 Microsoft Office Suite Service Pack 2 (SP2)
"{91120000-002F-0000-0000-0000000FF1CE}" = Microsoft Office Home and Student 2007
"{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{0B36C6D6-F5D8-4EAF-BF94-4376A230AD5B}" = 2007 Microsoft Office Suite Service Pack 2 (SP2)
"{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{3D019598-7B59-447A-80AE-815B703B84FF}" = Security Update for Microsoft Office system 2007 (972581)
"{95120000-00AF-0409-0000-0000000FF1CE}" = Microsoft Office PowerPoint Viewer 2007 (English)
"{96A39248-6496-075F-BD29-E99333354958}" = CCC Help French
"{96AE7E41-E34E-47D0-AC07-1091A8127911}" = Realtek USB 2.0 Card Reader
"{9978DB94-91EE-8D32-354E-F54A99051A37}" = Catalyst Control Center Core Implementation
"{9F73FDEF-DDC1-4307-9D96-13AB3254641A}_is1" = Doctor Who: The Adventure Games
"{A0732D58-7DC1-431F-ADE5-B9704B2EBEDF}" = Big Mutha Truckers
"{A14A9BB0-7284-D33A-C5D8-DFD773843484}" = Catalyst Control Center Graphics Full Existing
"{A391AF4E-D4D4-D295-19FC-FF6C2DB74169}" = CCC Help Portuguese
"{A85FD55B-891B-4314-97A5-EA96C0BD80B5}" = Windows Live Messenger
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{AC76BA86-7AD7-FFFF-7B44-A91000000001}" = Adobe Reader 9.2 MUI
"{B02C36FE-3C50-CD6B-6469-4A2F8D90DB3B}" = CCC Help Dutch
"{B194272D-1F92-46DF-99EB-8D5CE91CB4EC}" = Adobe AIR
"{B4E92469-CC2A-3AB0-E45A-F4C20F8C86C6}" = CCC Help Chinese Standard
"{B77CD8C3-7DB4-8339-0E2F-EEB8DFCABCBC}" = CCC Help Norwegian
"{BF2433BA-ACC4-6DA5-047E-B2D95FE8ECDA}" = CCC Help Greek
"{C05D8CDB-417D-4335-A38C-A0659EDFD6B8}" = The Sims™ 3
"{C57BCDE1-7CB9-467D-B3BA-7E119916CDC1}" = Norton Online Backup
"{CD0F9E16-4E3F-2369-9D67-9A0B84362D0A}" = Catalyst Control Center InstallProxy
"{D332D9A9-C8C7-67C6-D5B5-6A0088AB4CF5}" = CCC Help Czech
"{D6C75F0B-3BC1-4FC9-B8C5-3F7E8ED059CA}" = Windows Live Photo Gallery
"{D7B31233-EE2B-4911-AA3F-2A8C28843D3B}" = SkyPlayer for Windows Media Center
"{DAEAFD68-BB4A-4507-A241-C8804D2EA66D}" = Apple Application Support
"{E0A6AD5F-CFAF-63ED-5C31-6E94B271A4C8}" = Catalyst Control Center Graphics Light
"{E17141A6-211D-5854-61D9-69827A430D82}" = EA Download Manager UI
"{E2DFE069-083E-4631-9B6C-43C48E991DE5}" = Junk Mail filter update
"{E3E71D07-CD27-46CB-8448-16D4FB29AA13}" = Microsoft WSE 3.0 Runtime
"{E41CF65A-72A1-143E-1B4E-1E570C6AD4EC}" = CCC Help Danish
"{E50AE784-FABE-46DA-A1F8-7B6B56DCB22E}" = Microsoft Office Suite Activation Assistant
"{EB900AF8-CC61-4E15-871B-98D1EA3E8025}" = QuickTime
"{EE171732-BEB4-4576-887D-CB62727F01CA}" = Acer Updater
"{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]
"{F0E12BBA-AD66-4022-A453-A1C8A0C4D570}" = Microsoft Choice Guard
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F4F4F84E-804F-4E9A-84D7-C34283F0088F}" = RealUpgrade 1.0
"{F6BD194C-4190-4D73-B1B1-C48C99921BFE}" = Windows Live Call
"{FC1FFB3D-0FD9-0746-31EF-3AD987574BE8}" = CCC Help Swedish
"{FD1B1980-8CAB-4474-89F8-1245AF657AD1}" = Harry Potter and the Half-Blood Prince™
"Acer Registration" = Acer Registration
"Acer Screensaver" = Acer ScreenSaver
"Acer Welcome Center" = Welcome Center
"Adobe AIR" = Adobe AIR
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"Adobe Shockwave Player" = Adobe Shockwave Player 11.5
"avast5" = avast! Free Antivirus
"CCleaner" = CCleaner
"com.ea.Vault.919CACB699904AC5D41B606703500DD39747C02D.1" = EA Download Manager UI
"DivX Setup.divx.com" = DivX Setup
"EA Download Manager" = EA Download Manager
"GridVista" = Acer GridVista
"Hauppauge WinTV 7" = Hauppauge WinTV 7
"Hauppauge WinTV Infrared Remote" = Hauppauge WinTV Infrared Remote
"HOMESTUDENTR" = Microsoft Office Home and Student 2007
"Identity Card" = Identity Card
"InstallShield_{12EFA1A4-AC3B-443C-8143-237EDE760403}" = NTI Backup Now 5
"InstallShield_{15D967B5-A4BE-42AE-9E84-64CD062B25AA}" = eSobi v2
"InstallShield_{2413930C-8309-47A6-BC61-5EF27A4222BC}" = NTI Media Maker 8
"InstallShield_{2637C347-9DAD-11D6-9EA2-00055D0CA761}" = Acer Arcade Deluxe
"InstallShield_{72B776E5-4530-4C4B-9453-751DF87D9D93}" = Acer Backup Manager
"LManager" = Launch Manager
"Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware
"Mozilla Firefox (3.6.10)" = Mozilla Firefox (3.6.10)
"N360" = Norton 360
"NirSoft BlueScreenView" = NirSoft BlueScreenView
"RealPlayer 12.0" = RealPlayer
"WinLiveSuite_Wave3" = Windows Live Essentials
"WinRAR archiver" = WinRAR archiver

========== HKEY_CURRENT_USER Uninstall List ==========

[HKEY_CURRENT_USERSOFTWAREMicrosoftWindowsCurrentVersionUninstall]
"Facebook Plug-In" = Facebook Plug-In

========== Last 10 Event Log Errors ==========

Error reading Event Logs: The Event Service is not operating properly or the Event Logs are corrupt!

< End of report >


Here is the OTL log now.

OTL logfile created on: 09/10/2010 16:45:24 - Run 1
OTL by OldTimer - Version 3.2.14.1 Folder = C:UsersHollyDesktop
64bit- Home Premium Edition (Version = 6.1.7600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.7600.16385)
Locale: 00000809 | Country: United Kingdom | Language: ENG | Date Format: dd/MM/yyyy

4.00 Gb Total Physical Memory | 2.00 Gb Available Physical Memory | 63.00% Memory free
7.00 Gb Paging File | 6.00 Gb Available in Paging File | 82.00% Paging File free
Paging file location(s): ?:pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:Windows | %ProgramFiles% = C:Program Files (x86)
Drive C: | 453.94 Gb Total Space | 373.82 Gb Free Space | 82.35% Space Free | Partition Type: NTFS
D: Drive not present or media not loaded
E: Drive not present or media not loaded
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded

Computer Name: HOLLY-PC
Current User Name: Holly
Logged in as Administrator.

Current Boot Mode: Normal
Scan Mode: Current user
Include 64bit Scans
Company Name Whitelist: On
Skip Microsoft Files: On
File Age = 90 Days
Output = Standard
Quick Scan

========== Processes (SafeList) ==========

PRC - [2010/10/09 16:44:55 | 000,576,512 | ---- | M] (OldTimer Tools) -- C:UsersHollyDesktopOTL.exe
PRC - [2010/09/07 16:12:02 | 002,838,912 | ---- | M] (AVAST Software) -- C:Program FilesAlwil SoftwareAvast5AvastUI.exe
PRC - [2010/09/07 16:11:59 | 000,040,384 | ---- | M] (AVAST Software) -- C:Program FilesAlwil SoftwareAvast5AvastSvc.exe
PRC - [2010/08/13 12:58:56 | 000,144,672 | ---- | M] (Apple Inc.) -- C:Program Files (x86)Common FilesAppleMobile Device SupportAppleMobileDeviceService.exe
PRC - [2010/02/10 22:11:48 | 000,117,640 | R--- | M] (Symantec Corporation) -- C:Program Files (x86)Norton 360Norton 360Engine3.8.0.41ccSvcHst.exe
PRC - [2009/08/21 01:25:50 | 000,062,720 | ---- | M] (NewTech Infosystems, Inc.) -- C:Program Files (x86)NewTech InfosystemsAcer Backup ManagerIScheduleSvc.exe
PRC - [2009/08/07 10:18:54 | 000,311,592 | ---- | M] (Egis Technology Inc.) -- C:Program Files (x86)EgisTecMyWinLocker 3x86MWLService.exe
PRC - [2009/07/26 17:44:34 | 003,883,856 | ---- | M] (Microsoft Corporation) -- C:Program Files (x86)Windows LiveMessengermsnmsgr.exe
PRC - [2009/07/13 16:22:32 | 000,434,176 | ---- | M] (Hauppauge Computer Works) -- C:Program Files (x86)WinTVTVServerHauppaugeTVServer.exe
PRC - [2009/07/04 02:47:12 | 000,240,160 | ---- | M] (Acer) -- C:Program FilesAcerAcer UpdaterUpdaterService.exe
PRC - [2009/06/18 01:31:58 | 000,144,640 | ---- | M] (NewTech Infosystems, Inc.) -- C:Program Files (x86)NewTech InfosystemsNTI Backup Now 5SchedulerSvc.exe
PRC - [2009/06/04 14:04:50 | 001,150,496 | ---- | M] (Acer Incorporated) -- C:Program Files (x86)AcerRegistrationGregHSRW.exe


========== Modules (SafeList) ==========

MOD - [2010/10/09 16:44:55 | 000,576,512 | ---- | M] (OldTimer Tools) -- C:UsersHollyDesktopOTL.exe
MOD - [2009/07/14 02:14:10 | 000,095,232 | ---- | M] (Microsoft Corporation) -- C:WindowsSysWOW64msscript.ocx
MOD - [2009/07/14 02:03:50 | 001,680,896 | ---- | M] (Microsoft Corporation) -- C:Windowswinsxsx86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16385_none_421189da2b7fabfccomctl32.dll


========== Win32 Services (SafeList) ==========

SRV:64bit: - [2010/09/07 16:11:59 | 000,040,384 | ---- | M] (AVAST Software) [On_Demand | Running] -- C:Program FilesAlwil SoftwareAvast5AvastSvc.exe -- (avast! Web Scanner)
SRV:64bit: - [2010/09/07 16:11:59 | 000,040,384 | ---- | M] (AVAST Software) [On_Demand | Running] -- C:Program FilesAlwil SoftwareAvast5AvastSvc.exe -- (avast! Mail Scanner)
SRV:64bit: - [2010/09/07 16:11:59 | 000,040,384 | ---- | M] (AVAST Software) [Auto | Running] -- C:Program FilesAlwil SoftwareAvast5AvastSvc.exe -- (avast! Antivirus)
SRV:64bit: - [2009/08/05 21:30:58 | 000,844,320 | ---- | M] (Acer Incorporated) [Auto | Running] -- C:Program FilesAcerAcer ePower ManagementePowerSvc.exe -- (ePowerSvc)
SRV:64bit: - [2009/07/14 02:41:27 | 001,011,712 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:Program FilesWindows DefenderMpSvc.dll -- (WinDefend)
SRV:64bit: - [2009/07/04 02:47:12 | 000,240,160 | ---- | M] (Acer) [Auto | Running] -- C:Program FilesAcerAcer UpdaterUpdaterService.exe -- (Updater Service)
SRV:64bit: - [2009/07/02 19:16:06 | 000,203,264 | ---- | M] (AMD) [Auto | Running] -- C:WindowsSysNativeatiesrxx.exe -- (AMD External Events Utility)
SRV - [2010/08/13 12:58:56 | 000,144,672 | ---- | M] (Apple Inc.) [Auto | Running] -- C:Program Files (x86)Common FilesAppleMobile Device SupportAppleMobileDeviceService.exe -- (Apple Mobile Device)
SRV - [2010/03/18 14:27:14 | 000,138,576 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:WindowsMicrosoft.NETFramework64v4.0.30319mscorsvw.exe -- (clr_optimization_v4.0.30319_64)
SRV - [2010/03/18 13:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:WindowsMicrosoft.NETFrameworkv4.0.30319mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2010/02/10 22:11:48 | 000,117,640 | R--- | M] (Symantec Corporation) [Auto | Running] -- C:Program Files (x86)Norton 360Norton 360Engine3.8.0.41ccSvcHst.exe -- (N360)
SRV - [2009/08/21 01:25:50 | 000,062,720 | ---- | M] (NewTech Infosystems, Inc.) [Auto | Running] -- C:Program Files (x86)NewTech InfosystemsAcer Backup ManagerIScheduleSvc.exe -- (NTI IScheduleSvc)
SRV - [2009/08/07 10:18:54 | 000,311,592 | ---- | M] () [Auto | Running] -- C:Program Files (x86)EgisTecMyWinLocker 3x86MWLService.exe -- (MWLService)
SRV - [2009/07/13 16:22:32 | 000,434,176 | ---- | M] (Hauppauge Computer Works) [Auto | Running] -- C:Program Files (x86)WinTVTVServerHauppaugeTVServer.exe -- (HauppaugeTVServer)
SRV - [2009/06/18 01:31:58 | 000,144,640 | ---- | M] (NewTech Infosystems, Inc.) [Auto | Running] -- C:Program Files (x86)NewTech InfosystemsNTI Backup Now 5SchedulerSvc.exe -- (NTISchedulerSvc)
SRV - [2009/06/18 01:31:46 | 000,050,432 | ---- | M] (NewTech InfoSystems, Inc.) [On_Demand | Stopped] -- C:Program Files (x86)NewTech InfosystemsNTI Backup Now 5BackupSvc.exe -- (NTIBackupSvc)
SRV - [2009/06/10 22:15:04 | 000,436,736 | ---- | M] (Conexant Systems, Inc.) [Auto | Running] -- C:WindowsSysWOW64XAudio64.dll -- (HsfXAudioService)
SRV - [2009/06/04 14:04:50 | 001,150,496 | ---- | M] (Acer Incorporated) [Auto | Running] -- C:Program Files (x86)AcerRegistrationGregHSRW.exe -- (Greg_Service)


========== Driver Services (SafeList) ==========

DRV:64bit: - File not found [Kernel | On_Demand | Stopped] -- C:WindowsSysNativeDRIVERSRtsUCcid.sys -- (USBCCID)
DRV:64bit: - File not found [Kernel | On_Demand | Stopped] -- C:WindowsSysNativeDRIVERSRts516xIR.sys -- (RtsUIR)
DRV:64bit: - [2010/09/07 15:47:33 | 000,061,008 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:WindowsSysNativedriversaswMonFlt.sys -- (aswMonFlt)
DRV:64bit: - [2010/04/19 20:47:42 | 000,050,688 | ---- | M] (Apple, Inc.) [Kernel | On_Demand | Stopped] -- C:WindowsSysNativedriversusbaapl64.sys -- (USBAAPL64)
DRV:64bit: - [2010/02/10 22:12:14 | 000,172,592 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:WindowsSysNativedriversSYMEVENT64x86.SYS -- (SymEvent)
DRV:64bit: - [2010/02/10 22:11:49 | 000,583,296 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:WindowsSysNativedriversN360x640308000.029cchpx64.sys -- (ccHP)
DRV:64bit: - [2010/02/10 22:11:49 | 000,476,720 | ---- | M] (Symantec Corporation) [File_System | System | Running] -- C:WindowsSysNativedriversN360x640308000.029srtsp64.sys -- (SRTSP)
DRV:64bit: - [2010/02/10 22:11:49 | 000,402,992 | ---- | M] (Symantec Corporation) [File_System | Boot | Running] -- C:WindowsSysNativedriversN360x640308000.029SymEFA64.sys -- (SymEFA)
DRV:64bit: - [2010/02/10 22:11:49 | 000,334,384 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:WindowsSysNativedriversN360x640308000.029BHDrvx64.sys -- (BHDrvx64)
DRV:64bit: - [2010/02/10 22:11:49 | 000,278,576 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:WindowsSysNativedriversN360x640308000.029symtdi.sys -- (SYMTDI)
DRV:64bit: - [2010/02/10 22:11:49 | 000,120,880 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:WindowsSysNativedriversN360x640308000.029symfw.sys -- (SYMFW)
DRV:64bit: - [2010/02/10 22:11:49 | 000,056,880 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:WindowsSysNativedriversN360x640308000.029symndisv.sys -- (SYMNDISV)
DRV:64bit: - [2010/02/10 22:11:49 | 000,034,152 | R--- | M] (GEAR Software Inc.) [Kernel | On_Demand | Running] -- C:WindowsSysNativedriversGEARAspiWDM.sys -- (GEARAspiWDM)
DRV:64bit: - [2010/02/10 22:11:49 | 000,032,304 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:WindowsSysNativedriversN360x640308000.029srtspx64.sys -- (SRTSPX) Symantec Real Time Storage Protection (PEL)
DRV:64bit: - [2010/02/10 22:11:49 | 000,031,280 | R--- | M] (Symantec Corporation) [Kernel | System | Running] -- C:WindowsSysNativedriversSymIMV.sys -- (SymIM)
DRV:64bit: - [2009/07/14 02:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:WindowsSysNativedriversamdsbs.sys -- (amdsbs)
DRV:64bit: - [2009/07/14 02:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:WindowsSysNativedriverslsi_sas2.sys -- (LSI_SAS2)
DRV:64bit: - [2009/07/14 02:47:48 | 000,077,888 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:WindowsSysNativedriversHpSAMD.sys -- (HpSAMD)
DRV:64bit: - [2009/07/14 02:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:WindowsSysNativedriversstexstor.sys -- (stexstor)
DRV:64bit: - [2009/07/09 02:49:16 | 001,484,800 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:WindowsSysNativedriversathrx.sys -- (athr)
DRV:64bit: - [2009/07/02 19:51:30 | 006,036,480 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:WindowsSysNativedriversatikmdag.sys -- (atikmdag)
DRV:64bit: - [2009/06/20 12:35:00 | 000,317,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Running] -- C:WindowsSysNativedriversk57nd60a.sys -- (k57nd60a) Broadcom NetLink ™
DRV:64bit: - [2009/06/20 03:09:57 | 000,054,272 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Stopped] -- C:WindowsSysNativedriversL1E62x64.sys -- (L1E) NDIS Miniport Driver for Atheros AR8121/AR8113/AR8114 PCI-E Ethernet Controller(NDIS6.20)
DRV:64bit: - [2009/06/19 05:12:32 | 000,272,432 | ---- | M] (Synaptics Incorporated) [Kernel | On_Demand | Running] -- C:WindowsSysNativedriversSynTP.sys -- (SynTP)
DRV:64bit: - [2009/06/10 22:15:04 | 000,017,024 | ---- | M] (Conexant) [Kernel | Auto | Running] -- C:WindowsSysNativedriversmdmxsdk.sys -- (mdmxsdk)
DRV:64bit: - [2009/06/10 22:15:04 | 000,010,240 | ---- | M] (Conexant Systems, Inc.) [Kernel | Auto | Running] -- C:WindowsSysNativedriversXAudio64.sys -- (XAudio)
DRV:64bit: - [2009/06/10 22:01:11 | 001,485,312 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Stopped] -- C:WindowsSysNativedriversVSTDPV6.SYS -- (SrvHsfV92)
DRV:64bit: - [2009/06/10 22:01:11 | 000,740,864 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Stopped] -- C:WindowsSysNativedriversVSTCNXT6.SYS -- (SrvHsfWinac)
DRV:64bit: - [2009/06/10 22:01:11 | 000,292,864 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Stopped] -- C:WindowsSysNativedriversVSTAZL6.SYS -- (SrvHsfHDA)
DRV:64bit: - [2009/06/10 21:38:56 | 000,000,308 | ---- | M] () [File_System | On_Demand | Running] -- C:WindowsSysNativewbemntfs.mof -- (Ntfs)
DRV:64bit: - [2009/06/10 21:37:05 | 006,108,416 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:WindowsSysNativedriversigdkmd64.sys -- (igfx)
DRV:64bit: - [2009/06/10 21:34:38 | 001,311,232 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:WindowsSysNativedriversBCMWL664.SYS -- (BCM43XX)
DRV:64bit: - [2009/06/10 21:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:WindowsSysNativedriversevbda.sys -- (ebdrv)
DRV:64bit: - [2009/06/10 21:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:WindowsSysNativedriversbxvbda.sys -- (b06bdrv)
DRV:64bit: - [2009/06/10 21:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:WindowsSysNativedriversb57nd60a.sys -- (b57nd60a)
DRV:64bit: - [2009/06/10 21:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:WindowsSysNativedrivershcw85cir.sys -- (hcw85cir)
DRV:64bit: - [2009/06/05 11:20:26 | 000,114,192 | ---- | M] (ATI Research Inc.) [Kernel | On_Demand | Running] -- C:WindowsSysNativedriversAtiHdmi.sys -- (AtiHdmiService)
DRV:64bit: - [2009/06/05 01:46:50 | 000,216,064 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Stopped] -- C:WindowsSysNativedriversRtsUStor.sys -- (RSUSBSTOR)
DRV:64bit: - [2009/06/03 04:15:30 | 000,060,464 | ---- | M] (Egis Technology Inc.) [Kernel | System | Running] -- C:WindowsSysNativedriversmwlPSDVDisk.sys -- (mwlPSDVDisk)
DRV:64bit: - [2009/06/03 04:15:30 | 000,022,576 | ---- | M] (Egis Technology Inc.) [File_System | System | Running] -- C:WindowsSysNativedriversmwlPSDFilter.sys -- (mwlPSDFilter)
DRV:64bit: - [2009/06/03 04:15:30 | 000,020,016 | ---- | M] (Egis Technology Inc.) [Kernel | System | Running] -- C:WindowsSysNativedriversmwlPSDNserv.sys -- (mwlPSDNServ)
DRV:64bit: - [2009/05/06 01:46:08 | 000,018,432 | ---- | M] (NewTech Infosystems, Inc.) [Kernel | On_Demand | Running] -- C:WindowsSysNativedriversNTIDrvr.sys -- (NTIDrvr)
DRV:64bit: - [2009/05/06 01:46:08 | 000,016,896 | ---- | M] (NewTech Infosystems Corporation) [Kernel | On_Demand | Running] -- C:WindowsSysNativedriversUBHelper.sys -- (UBHelper)
DRV:64bit: - [2009/05/05 06:30:28 | 000,016,440 | ---- | M] (Advanced Micro Devices Inc.) [Kernel | Boot | Running] -- C:WindowsSysNativedriversAtiPcie.sys -- (AtiPcie) AMD PCI Express (3GIO)
DRV:64bit: - [2009/04/28 15:03:42 | 000,067,128 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:WindowsSysNativedriversamdsata.sys -- (amdsata)
DRV:64bit: - [2009/04/28 15:03:42 | 000,028,216 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:WindowsSysNativedriversamdxata.sys -- (amdxata)
DRV:64bit: - [2009/04/03 06:39:58 | 000,034,872 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Running] -- C:WindowsSysNativedriversusbfilter.sys -- (usbfilter)
DRV:64bit: - [2009/03/11 21:18:02 | 000,019,456 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:WindowsSysNativedrivershcw95rc.sys -- (hcw95rc)
DRV:64bit: - [2009/03/11 21:16:38 | 000,656,896 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:WindowsSysNativedrivershcw95bda.sys -- (hcw95bda)
DRV:64bit: - [2009/02/13 07:24:56 | 001,485,824 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:WindowsSysNativedriversCAX_DPV.sys -- (HSF_DPV)
DRV:64bit: - [2009/02/13 07:20:56 | 000,292,864 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:WindowsSysNativedriversCAXHWAZL.sys -- (CAXHWAZL)
DRV:64bit: - [2009/02/13 07:19:34 | 000,740,864 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:WindowsSysNativedriversCAX_CNXT.sys -- (winachsf)
DRV - [2010/09/29 09:00:00 | 001,804,336 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:ProgramDataNorton{0C55C096-0F1D-4F28-AAA2-85EF591126E7}NortonDefinitionsVirusDefs20101008.049EX64.SYS -- (NAVEX15)
DRV - [2010/09/29 09:00:00 | 000,117,808 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:ProgramDataNorton{0C55C096-0F1D-4F28-AAA2-85EF591126E7}NortonDefinitionsVirusDefs20101008.049ENG64.SYS -- (NAVENG)
DRV - [2010/09/15 19:02:19 | 000,476,720 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:ProgramDataNorton{0C55C096-0F1D-4F28-AAA2-85EF591126E7}NortonDefinitionsIPSDefs20101008.002IDSviA64.sys -- (IDSVia64)
DRV - [2010/08/23 18:50:54 | 000,132,656 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:Program Files (x86)Common FilesSymantec SharedEENGINEEraserUtilRebootDrv.sys -- (EraserUtilRebootDrv)
DRV - [2010/05/26 09:00:00 | 000,475,696 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:Program Files (x86)Common FilesSymantec SharedEENGINEeeCtrl64.sys -- (eeCtrl)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE:64bit: - HKLMSOFTWAREMicrosoftInternet ExplorerMain,Default_Page_URL = http://homepage.acer.com/rdr.aspx?b=ACAW&a...68z185t48k1y225
IE:64bit: - HKLMSOFTWAREMicrosoftInternet ExplorerMain,Start Page = http://homepage.acer.com/rdr.aspx?b=ACAW&a...68z185t48k1y225
IE - HKLMSOFTWAREMicrosoftInternet ExplorerMain,Default_Page_URL = http://homepage.acer.com/rdr.aspx?b=ACAW&a...68z185t48k1y225
IE - HKLMSOFTWAREMicrosoftInternet ExplorerMain,Local Page = C:WindowsSysWOW64blank.htm
IE - HKLMSOFTWAREMicrosoftInternet ExplorerMain,Start Page = http://homepage.acer.com/rdr.aspx?b=ACAW&a...68z185t48k1y225

IE - HKCUSOFTWAREMicrosoftInternet ExplorerMain,Default_Page_URL = http://homepage.acer.com/rdr.aspx?b=ACAW&a...68z185t48k1y225
IE - HKCUSOFTWAREMicrosoftInternet ExplorerMain,Search Page =
IE - HKCUSOFTWAREMicrosoftInternet ExplorerMain,Start Page Redirect Cache = http://uk.msn.com/?ocid=iehp
IE - HKCUSOFTWAREMicrosoftInternet ExplorerMain,Start Page Redirect Cache AcceptLangs = en-gb
IE - HKCUSOFTWAREMicrosoftInternet ExplorerMain,Start Page Redirect Cache_TIMESTAMP = AA 0E 52 9D 05 63 CB 01 [binary data]
IE - HKCUSoftwareMicrosoftWindowsCurrentVersionInternet Settings: "ProxyEnable" = 0

========== FireFox ==========

FF - prefs.js..browser.search.defaultenginename: "Web Search..."
FF - prefs.js..browser.search.useDBForOrder: true
FF - prefs.js..browser.startup.homepage: "http://gb.toolbarhome.com/?hp=df"
FF - prefs.js..extensions.enabledItems: {ABDE892B-13A8-4d1b-88E6-365A6E755758}:1.1.5
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}:6.0.21
FF - prefs.js..keyword.URL: "http://gb.toolbarhome.com/search.aspx?srch=ku&q="
FF - prefs.js..network.proxy.no_proxies_on: "*.local"
FF - prefs.js..network.proxy.type: 4

FF - HKLMsoftwaremozillaFirefoxExtensions{7BA52691-1876-45ce-9EE6-54BCB3B04BBC}: C:ProgramDataNorton{0C55C096-0F1D-4F28-AAA2-85EF591126E7}NortoncoFFPlgn [2010/04/27 17:09:26 | 000,000,000 | ---D | M]
FF - HKLMsoftwaremozillaFirefoxExtensions{ABDE892B-13A8-4d1b-88E6-365A6E755758}: C:ProgramDataRealRealPlayerBrowserRecordPluginFirefoxExt [2010/09/15 19:24:15 | 000,000,000 | ---D | M]
FF - HKLMsoftwaremozillaMozilla Firefox 3.6.10extensionsComponents: C:Program Files (x86)Mozilla Firefoxcomponents [2010/09/24 22:00:29 | 000,000,000 | ---D | M]
FF - HKLMsoftwaremozillaMozilla Firefox 3.6.10extensionsPlugins: C:Program Files (x86)Mozilla Firefoxplugins [2010/10/03 14:27:37 | 000,000,000 | ---D | M]

[2010/09/04 18:34:26 | 000,000,000 | ---D | M] -- C:UsersHollyAppDataRoamingmozillaExtensions
[2010/09/04 18:34:26 | 000,000,000 | ---D | M] -- C:UsersHollyAppDataRoamingmozillaExtensionsIMVUClientXUL@imvu.com
[2010/10/01 18:42:12 | 000,000,000 | ---D | M] -- C:UsersHollyAppDataRoamingmozillaFirefoxProfilesq8ln8iti.defaultextensions
[2010/09/29 18:42:06 | 000,001,571 | ---- | M] () -- C:UsersHollyAppDataRoamingMozillaFireFoxProfilesq8ln8iti.defaultsearchpluginsweb-search.xml
[2010/10/09 01:09:18 | 000,000,000 | ---D | M] -- C:Program Files (x86)Mozilla Firefoxextensions
[2010/09/30 16:37:17 | 000,000,000 | ---D | M] (Java Console) -- C:Program Files (x86)Mozilla Firefoxextensions{CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}
[2010/07/17 05:00:04 | 000,423,656 | ---- | M] (Sun Microsystems, Inc.) -- C:Program Files (x86)Mozilla FirefoxpluginsnpdeployJava1.dll
[2010/07/23 01:29:54 | 000,001,538 | ---- | M] () -- C:Program Files (x86)Mozilla Firefoxsearchpluginsamazon-en-GB.xml
[2010/07/23 01:29:54 | 000,000,947 | ---- | M] () -- C:Program Files (x86)Mozilla Firefoxsearchpluginschambers-en-GB.xml
[2010/07/23 01:29:54 | 000,000,769 | ---- | M] () -- C:Program Files (x86)Mozilla FirefoxsearchpluginseBay-en-GB.xml
[2010/07/23 01:29:54 | 000,001,135 | ---- | M] () -- C:Program Files (x86)Mozilla Firefoxsearchpluginsyahoo-en-GB.xml

O1 HOSTS File: ([2009/06/10 22:00:26 | 000,000,824 | ---- | M]) - C:WindowsSysNativedriversetchosts
O2 - BHO: (RealPlayer Download and Record Plugin for Internet Explorer) - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:ProgramDataRealRealPlayerBrowserRecordPluginIErpbrowserrecordplugin.dll (RealPlayer)
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - No CLSID value found.
O2 - BHO: (Symantec NCO BHO) - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:Program Files (x86)Norton 360Norton 360Engine3.8.0.41CoIEPlg.dll (Symantec Corporation)
O2 - BHO: (Symantec Intrusion Prevention) - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:Program Files (x86)Norton 360Norton 360Engine3.8.0.41IPSBHO.dll (Symantec Corporation)
O3:64bit: - HKLM..Toolbar: (no name) - Locked - No CLSID value found.
O3 - HKLM..Toolbar: (Norton Toolbar) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:Program Files (x86)Norton 360Norton 360Engine3.8.0.41CoIEPlg.dll (Symantec Corporation)
O3 - HKLM..Toolbar: (no name) - Locked - No CLSID value found.
O3 - HKCU..ToolbarWebBrowser: (Norton Toolbar) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:Program Files (x86)Norton 360Norton 360Engine3.8.0.41CoIEPlg.dll (Symantec Corporation)
O4 - HKLM..Run: [avast5] C:Program FilesAlwil SoftwareAvast5avastUI.exe (AVAST Software)
O4 - HKCU..Run: [msnmsgr] C:Program Files (x86)Windows LiveMessengermsnmsgr.exe (Microsoft Corporation)
O4 - HKCU..Run: [RESTART_STICKY_NOTES] C:WindowsSysWow64StikyNot.exe File not found
O6 - HKLMSOFTWAREMicrosoftWindowsCurrentVersionpoliciesExplorer: NoActiveDesktop = 1
O6 - HKLMSOFTWAREMicrosoftWindowsCurrentVersionpoliciesExplorer: NoActiveDesktopChanges = 1
O6 - HKLMSOFTWAREMicrosoftWindowsCurrentVersionpoliciesSystem: ConsentPromptBehaviorAdmin = 0
O6 - HKLMSOFTWAREMicrosoftWindowsCurrentVersionpoliciesSystem: ConsentPromptBehaviorUser = 3
O6 - HKLMSOFTWAREMicrosoftWindowsCurrentVersionpoliciesSystem: EnableLUA = 0
O6 - HKLMSOFTWAREMicrosoftWindowsCurrentVersionpoliciesSystem: PromptOnSecureDesktop = 0
O7 - HKCUSOFTWAREMicrosoftWindowsCurrentVersionpoliciesExplorer: NoDriveTypeAutoRun = 0
O9 - Extra Button: Blog This - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:Program Files (x86)Windows LiveWriterWriterBrowserExtension.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : &Blog This in Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:Program Files (x86)Windows LiveWriterWriterBrowserExtension.dll (Microsoft Corporation)
O9 - Extra Button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:Program Files (x86)Microsoft OfficeOffice12ONBttnIE.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:Program Files (x86)Microsoft OfficeOffice12ONBttnIE.dll (Microsoft Corporation)
O10:64bit: - NameSpace_Catalog5Catalog_Entries000000000007 [] - C:Program Files (x86)BonjourmdnsNSP.dll (Apple Inc.)
O10 - NameSpace_Catalog5Catalog_Entries000000000007 [] - C:Program Files (x86)BonjourmdnsNSP.dll (Apple Inc.)
O13 - gopher Prefix: missing
O13 - gopher Prefix: missing
O16 - DPF: {140E4DF8-9E14-4A34-9577-C77561ED7883} http://content.systemrequirementslab.com.s...ri_4.1.71.0.cab (Reg Error: Key error.)
O16 - DPF: {166B1BCA-3F9C-11CF-8075-444553540000} http://download.macromedia.com/pub/shockwa...director/sw.cab (Shockwave ActiveX Control)
O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} http://download.bitdefender.com/resources/...can8/oscan8.cab (BDSCANONLINE Control)
O16 - DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} http://download.eset.com/special/eos/OnlineScanner.cab (Reg Error: Key error.)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-...indows-i586.cab (Java Plug-in 1.6.0_21)
O16 - DPF: {BB21F850-63F4-4EC9-BF9D-565BD30C9AE9} http://ax.emsisoft.com/asquared.cab (a-squared Scanner)
O16 - DPF: {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-...indows-i586.cab (Java Plug-in 1.6.0_21)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-...indows-i586.cab (Java Plug-in 1.6.0_21)
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab (Reg Error: Key error.)
O17 - HKLMSystemCCSServicesTcpipParameters: DhcpNameServer = 192.168.1.1
O18:64bit: - ProtocolHandlerlivecall {828030A1-22C1-4009-854F-8E305202313F} - Reg Error: Key error. File not found
O18:64bit: - ProtocolHandlerms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - Reg Error: Key error. File not found
O18:64bit: - ProtocolHandlerms-itss {0A9007C0-4076-11D3-8789-0000F8105754} - Reg Error: Key error. File not found
O18:64bit: - ProtocolHandlermsnim {828030A1-22C1-4009-854F-8E305202313F} - Reg Error: Key error. File not found
O18:64bit: - ProtocolHandlersymres {AA1061FE-6C41-421f-9344-69640C9732AB} - Reg Error: Key error. File not found
O18:64bit: - ProtocolHandlerwlmailhtml {03C514A3-1EFB-4856-9F99-10D7BE1653C0} - Reg Error: Key error. File not found
O18 - ProtocolHandlersymres {AA1061FE-6C41-421f-9344-69640C9732AB} - C:Program Files (x86)Norton 360Norton 360Engine3.8.0.41CoIEPlg.dll (Symantec Corporation)
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:Windowsexplorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:WindowsSysNativeSystemPropertiesPerformance.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:WindowsSysWow64explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:WindowsSysWow64SystemPropertiesPerformance.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found.
O32 - HKLM CDRom: AutoRun - 1
O33 - MountPoints2{72787743-b34e-11de-8197-806e6f6e6963}Shell - "" = AutoRun
O33 - MountPoints2{72787743-b34e-11de-8197-806e6f6e6963}ShellAutoRuncommand - "" = D:Autorun.exe -- File not found
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35:64bit: - HKLM..comfile [open] -- "%1" %*
O35:64bit: - HKLM..exefile [open] -- "%1" %*
O35 - HKLM..comfile [open] -- "%1" %*
O35 - HKLM..exefile [open] -- "%1" %*
O37:64bit: - HKLM...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM...exe [@ = exefile] -- "%1" %*
O37 - HKLM...com [@ = comfile] -- "%1" %*
O37 - HKLM...exe [@ = exefile] -- "%1" %*


CREATERESTOREPOINT
Restore point Set: OTL Restore Point

========== Files/Folders - Created Within 90 Days ==========

[2010/10/09 16:44:48 | 000,576,512 | ---- | C] (OldTimer Tools) -- C:UsersHollyDesktopOTL.exe
[2010/10/07 17:47:41 | 000,000,000 | ---D | C] -- C:UsersHollyAppDataRoamingWindows Live Writer
[2010/10/07 17:47:41 | 000,000,000 | ---D | C] -- C:UsersHollyAppDataLocalWindows Live Writer
[2010/10/07 17:47:41 | 000,000,000 | ---D | C] -- C:UsersHollyDocumentsMy Weblog Posts
[2010/10/05 16:26:17 | 000,000,000 | ---D | C] -- C:UsersHollyAppDataLocalElevatedDiagnostics
[2010/10/05 16:24:51 | 000,000,000 | ---D | C] -- C:ProgramDataMFAData
[2010/10/05 16:17:09 | 000,000,000 | ---D | C] -- C:Program Files (x86)CCleaner
[2010/10/05 15:46:10 | 000,121,936 | ---- | C] (AVAST Software) -- C:WindowsSysNativedriversaswSP.sys
[2010/10/05 15:46:10 | 000,020,048 | ---- | C] (AVAST Software) -- C:WindowsSysNativedriversaswFsBlk.sys
[2010/10/05 15:46:08 | 000,028,752 | ---- | C] (AVAST Software) -- C:WindowsSysNativedriversaswRdr.sys
[2010/10/05 15:46:04 | 000,051,280 | ---- | C] (AVAST Software) -- C:WindowsSysNativedriversaswTdi.sys
[2010/10/05 15:46:01 | 000,061,008 | ---- | C] (AVAST Software) -- C:WindowsSysNativedriversaswMonFlt.sys
[2010/10/05 15:45:27 | 000,038,848 | ---- | C] (AVAST Software) -- C:WindowsavastSS.scr
[2010/10/05 15:45:23 | 000,167,592 | ---- | C] (AVAST Software) -- C:WindowsSysWow64aswBoot.exe
[2010/10/04 20:38:33 | 000,000,000 | ---D | C] -- C:Program Files (x86)NirSoft
[2010/10/03 13:21:10 | 000,000,000 | ---D | C] -- C:Windowspss
[2010/10/01 23:20:12 | 000,000,000 | ---D | C] -- C:WindowsMinidump
[2010/10/01 22:21:01 | 000,000,000 | ---D | C] -- C:ProgramDataAlwil Software
[2010/10/01 22:21:01 | 000,000,000 | ---D | C] -- C:Program FilesAlwil Software
[2010/09/30 16:37:40 | 000,000,000 | ---D | C] -- C:ProgramDataSun
[2010/09/30 16:37:38 | 000,000,000 | ---D | C] -- C:Program Files (x86)Common FilesJava
[2010/09/29 17:59:14 | 000,000,000 | ---D | C] -- C:WindowsSun
[2010/09/28 19:01:13 | 000,000,000 | ---D | C] -- C:UsersHollyAppDataRoamingUniblue
[2010/09/28 19:00:57 | 000,000,000 | ---D | C] -- C:Program Files (x86)Uniblue
[2010/09/27 20:47:20 | 000,000,000 | ---D | C] -- C:WindowsBDOSCAN8
[2010/09/24 22:02:51 | 000,000,000 | ---D | C] -- C:Program FilesiPod
[2010/09/24 22:02:50 | 000,000,000 | ---D | C] -- C:Program FilesiTunes
[2010/09/24 22:02:50 | 000,000,000 | ---D | C] -- C:Program Files (x86)iTunes
[2010/09/24 22:02:50 | 000,000,000 | ---D | C] -- C:ProgramData{93E26451-CD9A-43A5-A2FA-C42392EA4001}
[2010/09/24 22:00:04 | 000,000,000 | ---D | C] -- C:Program Files (x86)QuickTime
[2010/09/24 21:57:22 | 000,000,000 | ---D | C] -- C:Program FilesBonjour
[2010/09/24 21:57:22 | 000,000,000 | ---D | C] -- C:Program Files (x86)Bonjour
[2010/09/15 22:40:02 | 000,000,000 | ---D | C] -- C:19c50b3346ac2a6917fd
[2010/09/15 19:23:29 | 000,000,000 | ---D | C] -- C:Program Files (x86)Common Filesxing shared
[2010/09/11 17:33:18 | 000,000,000 | ---D | C] -- C:UsersHollyAppDataRoamingZumoCast
[2010/09/11 17:33:06 | 000,000,000 | ---D | C] -- C:Program Files (x86)Zecter
[2010/09/11 17:32:24 | 000,000,000 | ---D | C] -- C:Program Files (x86)Java
[2010/09/04 18:40:28 | 000,000,000 | ---D | C] -- C:UsersHollyAppDataRoamingVivox
[2010/08/24 12:08:29 | 000,000,000 | R--D | C] -- C:Program Files (x86)Norton Support
[2010/08/21 18:57:44 | 000,000,000 | ---D | C] -- C:UsersHollyAppDataRoamingMozilla
[2010/08/21 18:57:44 | 000,000,000 | ---D | C] -- C:UsersHollyAppDataLocalMozilla
[2010/08/21 18:56:35 | 000,000,000 | ---D | C] -- C:Program Files (x86)Mozilla Firefox
[2010/08/03 20:43:04 | 000,000,000 | R--D | C] -- C:UsersHollyDocumentsItunes
[2010/08/01 13:01:43 | 000,000,000 | ---D | C] -- C:divx
[2010/07/26 15:59:41 | 000,000,000 | ---D | C] -- C:UsersHollyDocumentsBig Mutha Truckers
[2010/07/26 15:30:33 | 000,000,000 | -H-D | C] -- C:Windowsmsdownld.tmp
[2010/07/26 15:30:29 | 000,000,000 | ---D | C] -- C:WindowsSysWow64directx
[2010/07/26 15:27:24 | 000,000,000 | ---D | C] -- C:Program Files (x86)Empire Interactive
[2009/08/22 10:01:18 | 000,036,136 | ---- | C] (Oberon Media) -- C:ProgramDataFullRemove.exe
[1 C:Windows*.tmp files -> C:Windows*.tmp -> ]
[1 C:UsersHollyDocuments*.tmp files -> C:UsersHollyDocuments*.tmp -> ]

========== Files - Modified Within 90 Days ==========

[2010/10/09 16:53:08 | 003,145,728 | -HS- | M] () -- C:UsersHollyntuser.dat
[2010/10/09 16:52:00 | 000,000,896 | ---- | M] () -- C:WindowstasksGoogleUpdateTaskMachineUA.job
[2010/10/09 16:44:55 | 000,576,512 | ---- | M] (OldTimer Tools) -- C:UsersHollyDesktopOTL.exe
[2010/10/09 16:02:57 | 000,017,600 | -H-- | M] () -- C:WindowsSysNative7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2010/10/09 16:02:57 | 000,017,600 | -H-- | M] () -- C:WindowsSysNative7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2010/10/09 15:54:34 | 000,000,344 | ---- | M] () -- C:WindowstasksRegistryBooster.job
[2010/10/09 15:54:30 | 000,000,892 | ---- | M] () -- C:WindowstasksGoogleUpdateTaskMachineCore.job
[2010/10/09 15:54:06 | 000,000,006 | -H-- | M] () -- C:WindowstasksSA.DAT
[2010/10/09 15:53:57 | 000,067,584 | --S- | M] () -- C:Windowsbootstat.dat
[2010/10/09 15:53:42 | 3018,608,640 | -HS- | M] () -- C:hiberfil.sys
[2010/10/09 01:07:17 | 001,957,210 | -H-- | M] () -- C:UsersHollyAppDataLocalIconCache.db
[2010/10/08 20:46:43 | 430,086,759 | ---- | M] () -- C:WindowsMEMORY.DMP
[2010/10/05 16:17:16 | 000,001,007 | ---- | M] () -- C:UsersHollyDesktopCCleaner.lnk
[2010/10/05 15:46:11 | 000,001,856 | ---- | M] () -- C:UsersPublicDesktopavast! Free Antivirus.lnk
[2010/10/05 15:46:01 | 000,000,000 | ---- | M] () -- C:WindowsSysWow64config.nt
[2010/10/05 15:37:00 | 000,726,316 | ---- | M] () -- C:WindowsSysNativePerfStringBackup.INI
[2010/10/05 15:37:00 | 000,628,460 | ---- | M] () -- C:WindowsSysNativeperfh009.dat
[2010/10/05 15:37:00 | 000,110,612 | ---- | M] () -- C:WindowsSysNativeperfc009.dat
[2010/10/03 19:01:17 | 000,003,288 | ---- | M] () -- C:bootsqm.dat
[2010/10/01 22:11:15 | 000,000,102 | ---- | M] () -- C:Windowswininit.ini
[2010/10/01 21:52:22 | 000,006,046 | ---- | M] () -- C:UsersHollyDocumentscc_20101001_215219.reg
[2010/09/28 19:00:59 | 000,001,108 | ---- | M] () -- C:UsersHollyApplication DataMicrosoftInternet ExplorerQuick LaunchRegistryBooster.lnk
[2010/09/26 10:56:39 | 000,001,027 | ---- | M] () -- C:UsersHollyDesktopExecutable.lnk
[2010/09/24 22:04:02 | 000,002,429 | ---- | M] () -- C:UsersPublicDesktopiTunes.lnk
[2010/09/24 22:00:12 | 000,001,849 | ---- | M] () -- C:UsersPublicDesktopQuickTime Player.lnk
[2010/09/21 21:37:59 | 000,002,387 | ---- | M] () -- C:UsersPublicDesktopEA Download Manager.lnk
[2010/09/15 19:34:33 | 000,010,373 | ---- | M] () -- C:UsersHollyDocumentsHai.docx
[2010/09/15 19:24:15 | 000,001,038 | ---- | M] () -- C:UsersPublicDesktopRealPlayer SP.lnk
[2010/09/15 19:22:56 | 000,278,528 | ---- | M] (Real Networks, Inc) -- C:WindowsSysWow64pncrt.dll
[2010/09/07 16:12:17 | 000,038,848 | ---- | M] (AVAST Software) -- C:WindowsavastSS.scr
[2010/09/07 16:11:54 | 000,167,592 | ---- | M] (AVAST Software) -- C:WindowsSysWow64aswBoot.exe
[2010/09/07 15:52:29 | 000,051,280 | ---- | M] (AVAST Software) -- C:WindowsSysNativedriversaswTdi.sys
[2010/09/07 15:52:09 | 000,121,936 | ---- | M] (AVAST Software) -- C:WindowsSysNativedriversaswSP.sys
[2010/09/07 15:47:49 | 000,028,752 | ---- | M] (AVAST Software) -- C:WindowsSysNativedriversaswRdr.sys
[2010/09/07 15:47:33 | 000,061,008 | ---- | M] (AVAST Software) -- C:WindowsSysNativedriversaswMonFlt.sys
[2010/09/07 15:47:10 | 000,020,048 | ---- | M] (AVAST Software) -- C:WindowsSysNativedriversaswFsBlk.sys
[2010/09/04 18:07:37 | 000,100,865 | ---- | M] () -- C:UsersHollyDocumentsBeastly.docx
[2010/08/27 00:31:35 | 000,001,609 | ---- | M] () -- C:UsersHollyDesktopDivX Movies.lnk
[2010/08/27 00:31:02 | 000,001,112 | ---- | M] () -- C:UsersPublicDesktopDivX Plus Player.lnk
[2010/08/24 12:21:34 | 000,001,009 | ---- | M] () -- C:UsersPublicDesktopExecutable.lnk
[2010/08/21 18:57:54 | 000,000,000 | ---- | M] () -- C:Windowsnsreg.dat
[2010/08/21 18:56:41 | 000,001,963 | ---- | M] () -- C:UsersHollyApplication DataMicrosoftInternet ExplorerQuick LaunchMozilla Firefox.lnk
[2010/08/21 18:56:41 | 000,001,939 | ---- | M] () -- C:UsersPublicDesktopMozilla Firefox.lnk
[2010/08/19 23:52:23 | 000,003,584 | ---- | M] () -- C:UsersHollyAppDataLocalDCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2010/08/17 14:35:04 | 000,001,550 | ---- | M] () -- C:UsersHollyDesktopGame script vista 32 version.lnk
[2010/08/15 11:43:02 | 000,343,552 | ---- | M] () -- C:WindowsSysNativeFNTCACHE.DAT
[2010/08/13 16:18:31 | 000,057,344 | ---- | M] () -- C:UsersHollyDocumentsform.doc
[2010/08/03 17:55:29 | 571,849,938 | ---- | M] () -- C:UsersHollyDocumentsRepo! The Genetic Opera.m4v
[2010/07/30 19:28:03 | 643,878,998 | ---- | M] () -- C:UsersHollyDocumentsRemember me..avi
[2010/07/30 18:00:10 | 557,821,804 | ---- | M] () -- C:UsersHollyDocumentsRepo! The Genetic Opera.avi
[2010/07/26 15:27:55 | 000,002,453 | ---- | M] () -- C:UsersPublicDesktopBig Mutha Truckers.lnk
[2010/07/25 23:39:42 | 000,406,494 | ---- | M] () -- C:UsersHollyDocumentsSleeping Beauty 18.pdf
[1 C:Windows*.tmp files -> C:Windows*.tmp -> ]
[1 C:UsersHollyDocuments*.tmp files -> C:UsersHollyDocuments*.tmp -> ]

========== Files Created - No Company Name ==========

[2010/10/08 20:46:43 | 430,086,759 | ---- | C] () -- C:WindowsMEMORY.DMP
[2010/10/05 16:17:16 | 000,001,007 | ---- | C] () -- C:UsersHollyDesktopCCleaner.lnk
[2010/10/05 15:46:11 | 000,001,856 | ---- | C] () -- C:UsersPublicDesktopavast! Free Antivirus.lnk
[2010/10/03 19:01:17 | 000,003,288 | ---- | C] () -- C:bootsqm.dat
[2010/10/01 22:23:14 | 000,000,000 | ---- | C] () -- C:WindowsSysWow64config.nt
[2010/10/01 21:52:20 | 000,006,046 | ---- | C] () -- C:UsersHollyDocumentscc_20101001_215219.reg
[2010/09/28 19:01:16 | 000,000,344 | ---- | C] () -- C:WindowstasksRegistryBooster.job
[2010/09/28 19:00:59 | 000,001,108 | ---- | C] () -- C:UsersHollyApplication DataMicrosoftInternet ExplorerQuick LaunchRegistryBooster.lnk
[2010/09/26 10:56:39 | 000,001,027 | ---- | C] () -- C:UsersHollyDesktopExecutable.lnk
[2010/09/24 22:04:02 | 000,002,429 | ---- | C] () -- C:UsersPublicDesktopiTunes.lnk
[2010/09/24 22:00:12 | 000,001,849 | ---- | C] () -- C:UsersPublicDesktopQuickTime Player.lnk
[2010/09/15 19:34:31 | 000,010,373 | ---- | C] () -- C:UsersHollyDocumentsHai.docx
[2010/09/15 19:24:15 | 000,001,038 | ---- | C] () -- C:UsersPublicDesktopRealPlayer SP.lnk
[2010/09/04 18:07:37 | 000,100,865 | ---- | C] () -- C:UsersHollyDocumentsBeastly.docx
[2010/08/27 00:31:02 | 000,001,112 | ---- | C] () -- C:UsersPublicDesktopDivX Plus Player.lnk
[2010/08/21 18:57:54 | 000,000,000 | ---- | C] () -- C:Windowsnsreg.dat
[2010/08/21 18:56:41 | 000,001,963 | ---- | C] () -- C:UsersHollyApplication DataMicrosoftInternet ExplorerQuick LaunchMozilla Firefox.lnk
[2010/08/21 18:56:41 | 000,001,939 | ---- | C] () -- C:UsersPublicDesktopMozilla Firefox.lnk
[2010/08/17 14:30:41 | 000,001,550 | ---- | C] () -- C:UsersHollyDesktopGame script vista 32 version.lnk
[2010/08/13 16:09:57 | 000,057,344 | ---- | C] () -- C:UsersHollyDocumentsform.doc
[2010/08/07 16:31:46 | 000,003,584 | ---- | C] () -- C:UsersHollyAppDataLocalDCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2010/08/03 16:58:41 | 571,849,938 | ---- | C] () -- C:UsersHollyDocumentsRepo! The Genetic Opera.m4v
[2010/07/30 19:29:04 | 643,878,998 | ---- | C] () -- C:UsersHollyDocumentsRemember me..avi
[2010/07/30 18:02:52 | 557,821,804 | ---- | C] () -- C:UsersHollyDocumentsRepo! The Genetic Opera.avi
[2010/07/26 15:27:55 | 000,002,453 | ---- | C] () -- C:UsersPublicDesktopBig Mutha Truckers.lnk
[2010/07/25 23:39:42 | 000,406,494 | ---- | C] () -- C:UsersHollyDocumentsSleeping Beauty 18.pdf
[2010/04/12 18:49:41 | 000,000,000 | ---- | C] () -- C:WindowsiPlayer.INI
[2010/03/20 15:21:10 | 000,000,102 | ---- | C] () -- C:Windowswininit.ini
[2010/03/02 21:13:57 | 000,000,540 | ---- | C] () -- C:Windowscdplayer.ini
[2009/12/28 17:43:23 | 000,033,169 | ---- | C] () -- C:WindowsIrremote.ini
[2009/12/28 17:42:54 | 000,000,135 | ---- | C] () -- C:WindowsODBC.INI
[2009/12/28 17:41:29 | 000,006,245 | ---- | C] () -- C:WindowsHCWPNP.INI
[2009/10/08 00:11:40 | 000,001,593 | ---- | C] () -- C:WindowsWPatchProgress.ini
[2009/10/07 15:56:05 | 000,000,033 | ---- | C] () -- C:WindowsLaunApp.ini
[2009/10/07 15:43:31 | 000,007,825 | ---- | C] () -- C:ProgramDataArcadeDeluxe3.log
[2009/10/07 15:39:32 | 000,626,688 | ---- | C] () -- C:WindowsImage.dll
[2009/10/07 15:39:32 | 000,000,323 | ---- | C] () -- C:WindowsPidList.ini
[2009/08/22 10:00:39 | 000,192,484 | ---- | C] () -- C:Program Files (x86)Common FilesAcer GameZone online.ico
[2009/08/22 07:01:04 | 000,872,448 | ---- | C] () -- C:Windowsiconv.dll
[2009/08/22 07:01:04 | 000,743,424 | ---- | C] () -- C:Windowslibxml2.dll
[2009/08/22 07:01:02 | 000,000,193 | ---- | C] () -- C:WindowsPrelaunch.ini
[2009/08/22 07:01:02 | 000,000,168 | ---- | C] () -- C:WindowsWisLangCode.ini
[2009/08/22 07:01:02 | 000,000,147 | ---- | C] () -- C:WindowsWisPriority.ini
[2009/07/14 00:42:10 | 000,064,000 | ---- | C] () -- C:WindowsSysWow64BWContextHandler.dll
[2009/07/13 22:03:59 | 000,364,544 | ---- | C] () -- C:WindowsSysWow64msjetoledb40.dll
[2009/01/05 15:44:10 | 000,000,453 | ---- | C] () -- C:Windowsbdoscandellang.ini

========== LOP Check ==========

[2009/12/24 13:40:14 | 000,000,000 | -HSD | M] -- C:UsersHollyAppDataRoaming.#
[2010/06/08 16:36:19 | 000,000,000 | ---D | M] -- C:UsersHollyAppDataRoamingDoctor Who
[2010/03/03 21:01:09 | 000,000,000 | ---D | M] -- C:UsersHollyAppDataRoamingDownloaded Installations
[2010/03/02 21:05:00 | 000,000,000 | ---D | M] -- C:UsersHollyAppDataRoamingFacebook
[2009/12/24 13:28:41 | 000,000,000 | ---D | M] -- C:UsersHollyAppDataRoamingGameConsole
[2010/07/06 17:22:49 | 000,000,000 | ---D | M] -- C:UsersHollyAppDataRoamingGameTuts
[2010/07/06 14:34:48 | 000,000,000 | ---D | M] -- C:UsersHollyAppDataRoamingPowerCinema
[2010/07/06 14:58:15 | 000,000,000 | ---D | M] -- C:UsersHollyAppDataRoamingSoftDMA
[2010/09/28 19:01:13 | 000,000,000 | ---D | M] -- C:UsersHollyAppDataRoamingUniblue
[2010/09/04 18:40:28 | 000,000,000 | ---D | M] -- C:UsersHollyAppDataRoamingVivox
[2010/10/07 17:47:41 | 000,000,000 | ---D | M] -- C:UsersHollyAppDataRoamingWindows Live Writer
[2010/10/03 19:36:22 | 000,000,000 | ---D | M] -- C:UsersHollyAppDataRoamingZumoCast
[2010/10/09 15:54:34 | 000,000,344 | ---- | M] () -- C:WindowsTasksRegistryBooster.job
[2010/10/08 20:44:16 | 000,032,620 | ---- | M] () -- C:WindowsTasksSCHEDLGU.TXT

========== Purity Check ==========



========== Custom Scans ==========


< %SYSTEMDRIVE%*.exe >


< MD5 for: AGP440.SYS >
[2009/07/14 02:52:21 | 000,061,008 | ---- | M] (Microsoft Corporation) MD5=608C14DBA7299D8CB6ED035A68A15799 -- C:WindowsSysWow64DriverStoreFileRepositorymachine.inf_amd64_neutral_9e6bb86c3b39a3e9AGP440.sys
[2009/07/14 02:52:21 | 000,061,008 | ---- | M] (Microsoft Corporation) MD5=608C14DBA7299D8CB6ED035A68A15799 -- C:Windowswinsxsamd64_machine.inf_31bf3856ad364e35_6.1.7600.16385_none_1607dee2d861e021AGP440.sys

< MD5 for: ATAPI.SYS >
[2009/07/14 02:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:WindowsSysWow64DriverStoreFileRepositorymshdc.inf_amd64_neutral_a69a58a4286f0b22atapi.sys
[2009/07/14 02:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:Windowswinsxsamd64_mshdc.inf_31bf3856ad364e35_6.1.7600.16385_none_392d19c13b3ad543atapi.sys

< MD5 for: CNGAUDIT.DLL >
[2009/07/14 02:15:06 | 000,012,288 | ---- | M] (Microsoft Corporation) MD5=50BA656134F78AF64E4DD3C8B6FEFD7E -- C:WindowsSysWOW64cngaudit.dll
[2009/07/14 02:15:06 | 000,012,288 | ---- | M] (Microsoft Corporation) MD5=50BA656134F78AF64E4DD3C8B6FEFD7E -- C:WindowsSysWOW64cngaudit.dll
[2009/07/14 02:15:06 | 000,012,288 | ---- | M] (Microsoft Corporation) MD5=50BA656134F78AF64E4DD3C8B6FEFD7E -- C:Windowswinsxsx86_microsoft-windows-cngaudit-dll_31bf3856ad364e35_6.1.7600.16385_none_e83a414890e8132bcngaudit.dll
[2009/07/14 02:40:20 | 000,018,944 | ---- | M] (Microsoft Corporation) MD5=86FE1B1F8FD42CD0DB641AB1CDB13093 -- C:Windowswinsxsamd64_microsoft-windows-cngaudit-dll_31bf3856ad364e35_6.1.7600.16385_none_4458dccc49458461cngaudit.dll

< MD5 for: IASTORV.SYS >
[2009/07/14 02:48:04 | 000,410,688 | ---- | M] (Intel Corporation) MD5=D83EFB6FD45DF9D55E9A1AFC63640D50 -- C:WindowsSysWow64DriverStoreFileRepositoryiastorv.inf_amd64_neutral_18cccb83b34e1453iaStorV.sys
[2009/07/14 02:48:04 | 000,410,688 | ---- | M] (Intel Corporation) MD5=D83EFB6FD45DF9D55E9A1AFC63640D50 -- C:Windowswinsxsamd64_iastorv.inf_31bf3856ad364e35_6.1.7600.16385_none_0b06441fa1790136iaStorV.sys

< MD5 for: NETLOGON.DLL >
[2009/07/14 02:41:52 | 000,692,736 | ---- | M] (Microsoft Corporation) MD5=956D030D375F207B22FB111E06EF9C35 -- C:Windowswinsxsamd64_microsoft-windows-security-netlogon_31bf3856ad364e35_6.1.7600.16385_none_59aca8ea51aaeefenetlogon.dll
[2009/07/14 02:16:02 | 000,563,712 | ---- | M] (Microsoft Corporation) MD5=EAA75D9000B71F10EEC04D2AE6C60E81 -- C:WindowsSysWOW64netlogon.dll
[2009/07/14 02:16:02 | 000,563,712 | ---- | M] (Microsoft Corporation) MD5=EAA75D9000B71F10EEC04D2AE6C60E81 -- C:WindowsSysWOW64netlogon.dll
[2009/07/14 02:16:02 | 000,563,712 | ---- | M] (Microsoft Corporation) MD5=EAA75D9000B71F10EEC04D2AE6C60E81 -- C:Windowswinsxswow64_microsoft-windows-security-netlogon_31bf3856ad364e35_6.1.7600.16385_none_6401533c860bb0f9netlogon.dll

< MD5 for: NVSTOR.SYS >
[2009/07/14 02:45:45 | 000,167,488 | ---- | M] (NVIDIA Corporation) MD5=477DC4D6DEB99BE37084C9AC6D013DA1 -- C:WindowsSysWow64DriverStoreFileRepositorynvraid.inf_amd64_neutral_5bde3fe2945bce9envstor.sys
[2009/07/14 02:45:45 | 000,167,488 | ---- | M] (NVIDIA Corporation) MD5=477DC4D6DEB99BE37084C9AC6D013DA1 -- C:Windowswinsxsamd64_nvraid.inf_31bf3856ad364e35_6.1.7600.16385_none_95cfb4ced8afab0envstor.sys

< MD5 for: SCECLI.DLL >
[2009/07/14 02:16:13 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=26073302DAEA83CC5B944C546D6B47D2 -- C:WindowsSysWOW64scecli.dll
[2009/07/14 02:16:13 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=26073302DAEA83CC5B944C546D6B47D2 -- C:WindowsSysWOW64scecli.dll
[2009/07/14 02:16:13 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=26073302DAEA83CC5B944C546D6B47D2 -- C:Windowswinsxswow64_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7600.16385_none_9e577e55272d37b4scecli.dll
[2009/07/14 02:41:53 | 000,232,448 | ---- | M] (Microsoft Corporation) MD5=398712DDDAEFB85EDF61DF6A07B65C79 -- C:Windowswinsxsamd64_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7600.16385_none_9402d402f2cc75b9scecli.dll

< %systemroot%*. /mp /s >

========== Alternate Data Streams ==========

@Alternate Data Stream - 146 bytes -> C:ProgramDataTemp:AB689DEA
@Alternate Data Stream - 138 bytes -> C:ProgramDataTemp:5D7E5A8F
@Alternate Data Stream - 133 bytes -> C:ProgramDataTemp:93DE1838
@Alternate Data Stream - 132 bytes -> C:ProgramDataTemp:814B9485
@Alternate Data Stream - 132 bytes -> C:ProgramDataTemp:4D066AD2
@Alternate Data Stream - 124 bytes -> C:ProgramDataTemp:E1F04E8D
< End of report >

Sorry I am taking so much time posting!!!!

I compared times yesterday as to when I had a mini BSOD and to when the emails were sent out.
The emails went out at the time of the BSOD.

Edited by hamluis, 09 October 2010 - 01:47 PM.
Merged posts ~ Hamluis.


BC AdBot (Login to Remove)

 


#2 myrti

myrti

    Sillyberry


  • Malware Study Hall Admin
  • 33,784 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:At home
  • Local time:07:34 PM

Posted 17 October 2010 - 05:05 AM

Hello and welcome to Bleeping Computer

We apologize for the delay in responding to your request for help. Here at Bleeping Computer we get overwhelmed at times, and we are trying our best to keep up. Please note that your topic was not intentionally overlooked. Our mission is to help everyone in need, but sometimes it takes just a little longer to get to every request for help. No one is ignored here.

If you have since resolved the original problem you were having, we would appreciate you letting us know. If not please perform the following steps below so we can have a look at the current condition of your machine.

Please include a clear description of the problems you're having, along with any steps you may have performed so far.

Please refrain from running tools or applying updates other than those we suggest while we are cleaning up your computer. The reason for this is so we know what is going on with the machine at any time. Some programs can interfere with others and hamper the recovery process.

Even if you have already provided information about your PC, we need a new log to see what has changed since you originally posted your problem.
We need to create an OTL Report
  1. Please download OTL from one of the following mirrors:
  2. Save it to your desktop.
  3. Double click on the icon on your desktop.
  4. Click the "Scan All Users" checkbox.
  5. In the custom scan box paste the following:
    CODE
    msconfig
    safebootminimal
    activex
    drivers32
    netsvcs
    %SYSTEMDRIVE%\*.exe
    /md5start
    explorer.exe
    winlogon.exe
    hlp.dat
    /md5stop
    %systemroot%\*. /mp /s
    %systemroot%\system32\*.dll /lockedfiles
    %systemroot%\Tasks\*.job /lockedfiles
    %systemroot%\system32\drivers\*.sys /lockedfiles
    %systemroot%\System32\config\*.sav
    %systemroot%\system32\drivers\*.sys /90
  6. Push the button.
  7. Two reports will open, copy and paste them in a reply here:
    • OTL.txt <-- Will be opened
    • Extra.txt<--Will be minimized

In the upper right hand corner of the topic you will see a button called Options. If you click on this in the drop-down menu you can choose Track this topic. I suggest you do this and select Immediate E-Mail notification and click on Proceed. This way you will be advised when we respond to your topic and facilitate the cleaning of your machine.

After 5 days if a topic is not replied to we assume it has been abandoned and it is closed.

regards myrti

is that a bird?  a plane? nooo it's the flying blueberry!

If I have been helping you and haven't replied in 2 days, feel free to shoot me a PM! Please don't send help request via PM, unless I am already helping you. Use the forums!

animinionsmalltext.gif

Follow BleepingComputer on: Facebook | Twitter | Google+


#3 Holly-May

Holly-May
  • Topic Starter

  • Members
  • 12 posts
  • OFFLINE
  •  
  • Gender:Female
  • Local time:06:34 PM

Posted 17 October 2010 - 07:37 AM

I have fixed my computer it was a packer virus, a few trojans and large piece of adware. Everything seems to be running fine at the moment but if any problems do pop up I will know who to turn to.

Thank you for your time and help.

#4 myrti

myrti

    Sillyberry


  • Malware Study Hall Admin
  • 33,784 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:At home
  • Local time:07:34 PM

Posted 17 October 2010 - 09:53 AM

Since this topic appears to be resolved, I will now close it. Thanks for letting us know.

If you need this topic re-opened please send me a PM.

Everyone else, please start a new topic.

With Regards,
myrti

is that a bird?  a plane? nooo it's the flying blueberry!

If I have been helping you and haven't replied in 2 days, feel free to shoot me a PM! Please don't send help request via PM, unless I am already helping you. Use the forums!

animinionsmalltext.gif

Follow BleepingComputer on: Facebook | Twitter | Google+





0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users