OTL Extras logfile created on: 09/08/2009 15:35:16 - Run 1 OTL by OldTimer - Version 3.0.10.5 Folder = C:\Users\chris\Desktop\virus Windows Vista Home Basic Edition Service Pack 1 (Version = 6.0.6001) - Type = NTWorkstation Internet Explorer (Version = 7.0.6001.18000) Locale: 00000809 | Country: United Kingdom | Language: ENG | Date Format: dd/MM/yyyy 2.00 Gb Total Physical Memory | 1.46 Gb Available Physical Memory | 73.07% Memory free 4.00 Gb Paging File | 4.00 Gb Available in Paging File | 100.00% Paging File free Paging file location(s): ?:\pagefile.sys [binary data] %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files Drive C: | 134.36 Gb Total Space | 92.09 Gb Free Space | 68.54% Space Free | Partition Type: NTFS Drive D: | 14.65 Gb Total Space | 8.96 Gb Free Space | 61.15% Space Free | Partition Type: NTFS E: Drive not present or media not loaded Drive F: | 19.07 Mb Total Space | 0.00 Mb Free Space | 0.00% Space Free | Partition Type: CDFS G: Drive not present or media not loaded H: Drive not present or media not loaded I: Drive not present or media not loaded Computer Name: CHRISX Current User Name: chris Logged in as Administrator. Current Boot Mode: Normal Scan Mode: Current user Company Name Whitelist: On Skip Microsoft Files: On File Age = 14 Days Output = Standard Quick Scan [color=#E56717]========== Extra Registry (SafeList) ==========[/color] [color=#E56717]========== File Associations ==========[/color] [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\] .cpl [@ = cplfile] -- C:\Windows\System32\control.exe (Microsoft Corporation) .hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation) .html [@ = htmlfile] -- C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation) [HKEY_CURRENT_USER\SOFTWARE\Classes\] .html [@ = FirefoxHTML] -- C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation) [color=#E56717]========== Security Center Settings ==========[/color] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center] "cval" = 1 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc] "AntiVirusOverride" = 0 "AntiSpywareOverride" = 0 "FirewallOverride" = 0 "VistaSp1" = Reg Error: Unknown registry data type -- File not found [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile] "EnableFirewall" = 0 "DisableNotifications" = 0 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile] "EnableFirewall" = 0 "DisableNotifications" = 0 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile] "EnableFirewall" = 0 "DisableNotifications" = 0 [color=#E56717]========== Authorized Applications List ==========[/color] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List] "C:\Program Files\BitTorrent\bittorrent.exe" = C:\Program Files\BitTorrent\bittorrent.exe:*:Enabled:BitTorrent -- (BitTorrent, Inc.) [color=#E56717]========== Vista Active Open Ports Exception List ==========[/color] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules] "{2AA88CE0-C38D-4033-9617-B8BD0502182E}" = lport=2869 | protocol=6 | dir=in | app=system | "{ECBD5D8D-4285-4423-BEDC-253491F3D408}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=svchost.exe | [color=#E56717]========== Vista Active Application Exception List ==========[/color] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules] "{13BE84D6-5B7A-43D0-A5C5-8D809568C97F}" = protocol=17 | dir=in | app=c:\program files\dna\btdna.exe | "{16EDF5BD-9D32-494E-91D5-2F2D0155111E}" = protocol=6 | dir=in | app=c:\program files\microsoft office\office12\onenote.exe | "{303B5FA3-6553-4BC8-A29F-76362D4A37B1}" = dir=in | app=c:\program files\windows live\sync\windowslivesync.exe | "{61B186AE-392A-4CFE-A67F-B723F914D8B6}" = protocol=6 | dir=in | app=c:\program files\dna\btdna.exe | "{67A389B0-65C3-4829-BA40-CECA97E10CA2}" = protocol=17 | dir=in | app=c:\program files\microsoft office\office12\onenote.exe | "{707992B6-22F0-49DC-A70C-24B15B385E6C}" = dir=in | app=c:\program files\cyberlink\powerdvd dx\powerdvd.exe | "{B3D75893-C755-4802-B47F-B9D09F0CB6ED}" = dir=in | app=c:\program files\cyberlink\powerdvd dx\pdvddxsrv.exe | "{C067863B-5B7D-4386-9629-6B238CD577D1}" = dir=in | app=c:\program files\windows live\messenger\msnmsgr.exe | "{F7A028F0-EF50-4AF3-B335-C01600F4D5D3}" = dir=in | app=c:\program files\windows live\messenger\wlcsdk.exe | [color=#E56717]========== HKEY_LOCAL_MACHINE Uninstall List ==========[/color] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall] "{00203668-8170-44A0-BE44-B632FA4D780F}" = Adobe AIR "{020D8396-D6D9-4B53-A9A1-83C47E2E27AA}" = Windows Live Call "{08E81ABD-79F7-49C2-881F-FD6CB0975693}" = Roxio Creator Data "{09760D42-E223-42AD-8C3E-55B47D0DDAC3}" = Roxio Creator DE "{0AAA9C97-74D4-47CE-B089-0B147EF3553C}" = Windows Live Messenger "{15BC8CD0-A65B-47D0-A2DD-90A824590FA8}" = Microsoft Works "{1F54DAFA-9261-4A62-B59D-6C9F26B48FE4}" = Roxio Creator Tools "{205C6BDD-7B73-42DE-8505-9A093F35A238}" = Windows Live Upload Tool "{22B775E7-6C42-4FC5-8E10-9A5E3257BD94}" = MSVCRT "{26A24AE4-039D-4CA4-87B4-2F83216011FF}" = Java(TM) 6 Update 11 "{299CF645-48C7-4FA1-8BCD-5CE200CF180D}" = Microsoft Search Enhancement Pack "{2B4C7E1E-E446-4740-ADB5-9842E742EE8A}" = Windows Live Toolbar "{2EA45803-BEB7-46C4-9ADC-46A5F9E7BB77}" = GEAR driver installer for x86 and x64 "{30465B6C-B53F-49A1-9EBA-A3F187AD502E}" = Roxio Update Manager "{3138EAD3-700B-4A10-B617-B3F8096EE30D}" = Dell Edoc Viewer "{35F490E3-3543-4840-BC24-1E7E83472179}" = Fruityloops Express "{3BE480ED-E17A-431A-981C-5C2EDDBCD3BF}" = Macromedia Flash MX "{415B2719-AD3A-4944-B404-C472DB6085B3}" = Cisco EAP-FAST Module "{4AB8B41B-3AF1-46BE-99B0-0ACD3B300C0A}" = Junk Mail filter update "{4D826618-59C6-11D4-976E-00C04F8EEB39}" = Macromedia FreeHand 10 "{505DF7A3-88D5-4DD6-9AD5-C98C2ED0CEC4}" = Windows Live Sign-in Assistant "{56E57CBF-24B2-4D52-AFB4-640B9BFC3416}" = 3MB Mpeg Encoder "{63C1109E-D977-49ED-BCE3-D00D0BF187D6}" = Windows Live Mail "{65D0C510-D7B6-4438-9FC8-E6B91115AB0D}" = Live! Cam Avatar Creator "{6675CA7F-E51B-4F6A-99D4-F8F0124C6EAA}" = Roxio Express Labeler 3 "{669C7BD8-DAA2-49B6-966C-F1E2AAE6B17E}" = Cisco PEAP Module "{6811CAA0-BF12-11D4-9EA1-0050BAE317E1}" = PowerDVD "{6A92E5C5-0578-443D-91F3-92ECE5F2CAE2}" = Windows Live Writer "{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable "{73A4F29F-31AC-4EBD-AA1B-0CC5F18C8F83}" = Roxio Creator Audio "{77DCDCE3-2DED-62F3-8154-05E745472D07}" = Acrobat.com "{7DB9F1E5-9ACB-410D-A7DC-7A3D023CE045}" = Dell Getting Started Guide "{83770D14-21B9-44B3-8689-F7B523F94560}" = Cisco LEAP Module "{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight "{8A74E887-8F0F-4017-AF53-CBA42211AAA5}" = Microsoft Sync Framework Runtime Native v1.0 (x86) "{8B4AB829-DFD3-436D-B808-D9733D76C590}" = Macromedia Dreamweaver MX "{8FFC5648-FAF8-43A3-BC8F-42BA1E275C4E}" = Choice Guard "{90120000-0016-0409-0000-0000000FF1CE}" = Microsoft Office Excel MUI (English) 2007 "{90120000-0018-0409-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (English) 2007 "{90120000-001B-0409-0000-0000000FF1CE}" = Microsoft Office Word MUI (English) 2007 "{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007 "{90120000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2007 "{90120000-001F-0C0A-0000-0000000FF1CE}" = Microsoft Office Proof (Spanish) 2007 "{90120000-0020-0409-0000-0000000FF1CE}" = Compatibility Pack for the 2007 Office system "{90120000-002C-0409-0000-0000000FF1CE}" = Microsoft Office Proofing (English) 2007 "{90120000-006E-0409-0000-0000000FF1CE}" = Microsoft Office Shared MUI (English) 2007 "{90120000-00A1-0409-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (English) 2007 "{90120000-0115-0409-0000-0000000FF1CE}" = Microsoft Office Shared Setup Metadata MUI (English) 2007 "{9068B2BE-D93A-4C0A-861C-5E35E2C0E09E}" = Intel® Matrix Storage Manager "{91120000-002F-0000-0000-0000000FF1CE}" = Microsoft Office Home and Student 2007 "{930B2432-43D4-11D5-9871-00C04F8EEB39}" = Macromedia Fireworks MX "{95120000-00AF-0409-0000-0000000FF1CE}" = Microsoft Office PowerPoint Viewer 2007 (English) "{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting "{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 "{9F72EF8B-AEC9-4CA5-B483-143980AFD6FD}" = Dell Touchpad "{A2A60894-E3ED-46FE-9A6A-7CF7A87572A0}" = Opera 9.64 "{A4D7B764-4140-11D4-88EB-0050DA3579C0}" = Nero - Burning Rom "{A5BA14E0-7384-11D4-BAE7-00409631A2C8}" = Macromedia Extension Manager "{A899DA1F-D626-401C-8651-F2921E3B4CB3}" = 3Connect "{AC76BA86-7AD7-1033-7B44-A91000000001}" = Adobe Reader 9.1.3 "{AC76BA86-7AD7-5464-3428-900000000004}" = Spelling Dictionaries Support For Adobe Reader 9 "{B6A26DE5-F2B5-4D58-9570-4FC760E00FCD}" = Roxio Creator Copy "{B935C985-A17F-484B-8470-09E4FC27DC26}" = Dell-eBay "{BD64AF4A-8C80-4152-AD77-FCDDF05208AB}" = Microsoft Sync Framework Services Native v1.0 (x86) "{C4972073-2BFE-475D-8441-564EA97DA161}" = QuickSet "{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1 "{D9D754A1-EAC5-406C-A28B-C49B1E846711}" = Windows Live Essentials "{E3BFEE55-39E2-4BE0-B966-89FE583822C1}" = Dell Support Center (Support Software) "{E50AE784-FABE-46DA-A1F8-7B6B56DCB22E}" = Microsoft Office Suite Activation Assistant "{ED439A64-F018-4DD4-8BA5-328D85AB09AB}" = Roxio Creator DE "{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU] "{F69E83CF-B440-43F8-89E6-6EA80712109B}" = Windows Live Communications Platform "{F6CB42B9-F033-4152-8813-FF11DA8E6A78}" = Dell Dock "{F73A5B18-EB75-4B2C-B32D-9457576E2417}" = Windows Live Photo Gallery "{FDD810CA-D5E3-40E9-AB7B-36440B0D41EF}" = Windows Live Sync "Adobe AIR" = Adobe AIR "Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin "Adobe Photoshop 7.0" = Adobe Photoshop 7.0 "Advanced Audio FX Engine" = Advanced Audio FX Engine "AoA DVD Copy_is1" = AoA DVD Copy "avast!" = avast! Antivirus "Broadcom 802.11 Application" = Dell Wireless WLAN Card Utility "com.adobe.mauby.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1" = Acrobat.com "Creative OA009" = Integrated Webcam Driver (1.00.02.0825) "Dell Webcam Central" = Dell Webcam Central "Easy DVD Shrink" = Easy DVD Shrink "Easy DVD-Video Copy" = Easy DVD-Video Copy "FontCreator55_is1" = FontCreator 5.6 "foobar2000" = foobar2000 v0.9.6.8 "GoToAssist" = GoToAssist 8.0.0.514 "HOMESTUDENTR" = Microsoft Office Home and Student 2007 "Huawei Modems" = Huawei modem "Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware "Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1 "Mozilla Firefox (3.0.10)" = Mozilla Firefox (3.0.10) "N360" = Norton 360 "RealPlayer 6.0" = RealPlayer "ST6UNST #1" = TABVIEW2 "TEFView_is1" = TEFView 2.65 "WinLiveSuite_Wave3" = Windows Live Essentials "WinRAR archiver" = WinRAR archiver [color=#E56717]========== HKEY_CURRENT_USER Uninstall List ==========[/color] [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall] "BitTorrent" = BitTorrent "BitTorrent DNA" = DNA "Google Chrome" = Google Chrome [color=#E56717]========== Last 10 Event Log Errors ==========[/color] [ Application Events ] Error - 04/08/2009 16:37:30 | Computer Name = chrisx | Source = WinMgmt | ID = 10 Description = Error - 04/08/2009 16:47:05 | Computer Name = chrisx | Source = Google Update | ID = 20 Description = Error - 04/08/2009 19:08:22 | Computer Name = chrisx | Source = WinMgmt | ID = 10 Description = Error - 05/08/2009 09:54:49 | Computer Name = chrisx | Source = WinMgmt | ID = 10 Description = Error - 05/08/2009 13:47:05 | Computer Name = chrisx | Source = Google Update | ID = 20 Description = Error - 05/08/2009 14:47:05 | Computer Name = chrisx | Source = Google Update | ID = 20 Description = Error - 05/08/2009 14:50:42 | Computer Name = chrisx | Source = WinMgmt | ID = 10 Description = Error - 05/08/2009 15:47:05 | Computer Name = chrisx | Source = Google Update | ID = 20 Description = Error - 05/08/2009 16:29:12 | Computer Name = chrisx | Source = RasClient | ID = 20227 Description = Error - 05/08/2009 16:47:05 | Computer Name = chrisx | Source = Google Update | ID = 20 Description = [ System Events ] Error - 08/08/2009 19:05:27 | Computer Name = chrisx | Source = Service Control Manager | ID = 7000 Description = Error - 08/08/2009 19:05:27 | Computer Name = chrisx | Source = Service Control Manager | ID = 7000 Description = Error - 08/08/2009 20:02:12 | Computer Name = chrisx | Source = Microsoft-Windows-Kernel-Processor-Power | ID = 2 Description = Error - 08/08/2009 20:02:38 | Computer Name = chrisx | Source = HTTP | ID = 15016 Description = Error - 08/08/2009 20:03:16 | Computer Name = chrisx | Source = Service Control Manager | ID = 7000 Description = Error - 08/08/2009 20:03:16 | Computer Name = chrisx | Source = Service Control Manager | ID = 7000 Description = Error - 09/08/2009 06:40:25 | Computer Name = chrisx | Source = Microsoft-Windows-Kernel-Processor-Power | ID = 2 Description = Error - 09/08/2009 06:40:49 | Computer Name = chrisx | Source = HTTP | ID = 15016 Description = Error - 09/08/2009 06:41:28 | Computer Name = chrisx | Source = Service Control Manager | ID = 7000 Description = Error - 09/08/2009 06:41:28 | Computer Name = chrisx | Source = Service Control Manager | ID = 7000 Description = < End of report >