OTL logfile created on: 7/24/2010 3:40:03 PM - Run 1 OTL by OldTimer - Version 3.2.9.1 Folder = C:\Documents and Settings\Russell\Desktop Windows XP Home Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation Internet Explorer (Version = 7.0.5730.11) Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy 1,023.00 Mb Total Physical Memory | 641.00 Mb Available Physical Memory | 63.00% Memory free 1.00 Gb Paging File | 1.00 Gb Available in Paging File | 82.00% Paging File free Paging file location(s): C:\pagefile.sys 384 768 [binary data] %SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files Drive C: | 74.50 Gb Total Space | 56.04 Gb Free Space | 75.23% Space Free | Partition Type: NTFS D: Drive not present or media not loaded E: Drive not present or media not loaded F: Drive not present or media not loaded G: Drive not present or media not loaded H: Drive not present or media not loaded I: Drive not present or media not loaded Computer Name: OFFICE Current User Name: Russell Logged in as Administrator. Current Boot Mode: SafeMode with Networking Scan Mode: Current user Company Name Whitelist: Off Skip Microsoft Files: Off File Age = 30 Days Output = Standard [color=#E56717]========== Processes (SafeList) ==========[/color] PRC - [2010/07/24 11:20:52 | 000,574,976 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Russell\Desktop\OTL.exe PRC - [2008/04/13 20:12:19 | 001,033,728 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe [color=#E56717]========== Modules (SafeList) ==========[/color] MOD - [2010/07/24 11:20:52 | 000,574,976 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Russell\Desktop\OTL.exe MOD - [2008/04/13 20:10:20 | 000,110,592 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SYSTEM32\msscript.ocx [color=#E56717]========== Win32 Services (SafeList) ==========[/color] SRV - File not found [Auto | Stopped] -- C:\Program Files\Norton Internet Security\SymProxySvc.exe -- (SymProxySvc) SRV - File not found [On_Demand | Stopped] -- C:\WINDOWS\System32\appmgmts.dll -- (AppMgmt) SRV - [2010/06/28 16:57:15 | 000,040,384 | ---- | M] (AVAST Software) [On_Demand | Stopped] -- C:\Program Files\Alwil Software\Avast5\AvastSvc.exe -- (avast! Web Scanner) SRV - [2010/06/28 16:57:15 | 000,040,384 | ---- | M] (AVAST Software) [On_Demand | Stopped] -- C:\Program Files\Alwil Software\Avast5\AvastSvc.exe -- (avast! Mail Scanner) SRV - [2010/06/28 16:57:15 | 000,040,384 | ---- | M] (AVAST Software) [Auto | Stopped] -- C:\Program Files\Alwil Software\Avast5\AvastSvc.exe -- (avast! Antivirus) SRV - [2009/11/10 10:28:06 | 001,131,808 | ---- | M] (LeapFrog Enterprises, Inc.) [Auto | Stopped] -- C:\Program Files\LeapFrog\LeapFrog Connect\CommandService.exe -- (LeapFrog Connect Device Service) SRV - [2009/09/28 20:34:22 | 000,116,032 | ---- | M] (LogMeIn, Inc.) [Auto | Stopped] -- C:\Program Files\LogMeIn\x86\RaMaint.exe -- (LMIMaint) SRV - [2009/08/18 12:29:22 | 001,529,728 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE -- (wlidsvc) SRV - [2009/02/24 15:13:36 | 000,242,424 | ---- | M] (WildTangent, Inc.) [On_Demand | Stopped] -- C:\Program Files\WildGames\Game Console - WildGames\GameConsoleService.exe -- (GameConsoleService) SRV - [2008/08/11 13:41:00 | 000,063,040 | ---- | M] (LogMeIn, Inc.) [Auto | Stopped] -- C:\Program Files\LogMeIn\x86\LogMeIn.exe -- (LogMeIn) SRV - [2007/10/25 16:27:54 | 000,266,240 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Windows Live\installer\WLSetupSvc.exe -- (WLSetupSvc) SRV - [2007/10/18 12:31:54 | 000,098,328 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Windows Live\Messenger\usnsvc.exe -- (usnjsvc) SRV - [2006/02/23 12:41:02 | 002,045,632 | ---- | M] (Symantec Corporation) [On_Demand | Stopped] -- C:\Program Files\Symantec\LiveUpdate\LuComServer_3_0.EXE -- (LiveUpdate) SRV - [2006/02/23 12:41:02 | 000,100,032 | ---- | M] (Symantec Corporation) [Auto | Stopped] -- C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe -- (Automatic LiveUpdate Scheduler) SRV - [2003/03/09 16:31:02 | 000,065,795 | R--- | M] (HP) [On_Demand | Stopped] -- C:\WINDOWS\SYSTEM32\HPZipm12.exe -- (Pml Driver HPZ12) [color=#E56717]========== Driver Services (SafeList) ==========[/color] DRV - File not found [Kernel | On_Demand | Stopped] -- C:\WINDOWS\System32\vsdatant.sys -- (vsdatant) DRV - File not found [Kernel | On_Demand | Stopped] -- D:\SCPNDIS5.SYS -- (SCPNDIS5) DRV - File not found [Kernel | On_Demand | Stopped] -- D:\SCPMPR5.SYS -- (SCPMPR5) DRV - File not found [Kernel | On_Demand | Stopped] -- C:\PROGRA~1\COMMON~1\Motive\MRENDIS5.SYS -- (MRENDIS5) DRV - File not found [Kernel | On_Demand | Stopped] -- C:\PROGRA~1\COMMON~1\Motive\MREMPR5.SYS -- (MREMPR5) DRV - [2010/06/28 16:37:52 | 000,046,672 | ---- | M] (ALWIL Software) [Kernel | System | Stopped] -- C:\WINDOWS\System32\drivers\aswTdi.sys -- (aswTdi) DRV - [2010/06/28 16:37:30 | 000,165,456 | ---- | M] (ALWIL Software) [Kernel | System | Stopped] -- C:\WINDOWS\System32\drivers\aswSP.sys -- (aswSP) DRV - [2010/06/28 16:33:13 | 000,023,376 | ---- | M] (ALWIL Software) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\System32\drivers\aswRdr.sys -- (aswRdr) DRV - [2010/06/28 16:32:45 | 000,100,176 | ---- | M] (ALWIL Software) [File_System | Auto | Stopped] -- C:\WINDOWS\System32\drivers\aswmon2.sys -- (aswMon2) DRV - [2010/06/28 16:32:33 | 000,017,744 | ---- | M] (ALWIL Software) [File_System | Auto | Stopped] -- C:\WINDOWS\System32\drivers\aswFsBlk.sys -- (aswFsBlk) DRV - [2010/06/28 16:32:16 | 000,028,880 | ---- | M] (ALWIL Software) [Kernel | System | Stopped] -- C:\WINDOWS\System32\drivers\aavmker4.sys -- (Aavmker4) DRV - [2010/03/17 16:53:38 | 000,021,248 | ---- | M] (Printing Communications Assoc., Inc. (PCAUSA)) [Kernel | On_Demand | Stopped] -- C:\Program Files\Common Files\Motive\MREMP50.sys -- (MREMP50) DRV - [2010/03/17 16:53:22 | 000,020,096 | ---- | M] (Printing Communications Assoc., Inc. (PCAUSA)) [Kernel | On_Demand | Stopped] -- C:\Program Files\Common Files\Motive\MRESP50.sys -- (MRESP50) DRV - [2009/09/28 20:34:48 | 000,083,288 | ---- | M] (LogMeIn, Inc.) [File_System | Disabled | Stopped] -- C:\WINDOWS\System32\LMIRfsClientNP.dll -- (LMIRfsClientNP) DRV - [2008/08/11 13:41:00 | 000,047,640 | ---- | M] (LogMeIn, Inc.) [File_System | Auto | Stopped] -- C:\WINDOWS\SYSTEM32\DRIVERS\LMIRfsDriver.sys -- (LMIRfsDriver) DRV - [2008/08/11 13:41:00 | 000,012,856 | ---- | M] (LogMeIn, Inc.) [Kernel | Auto | Stopped] -- C:\Program Files\LogMeIn\x86\rainfo.sys -- (LMIInfo) DRV - [2008/04/13 14:36:39 | 000,043,008 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | Disabled | Stopped] -- C:\WINDOWS\System32\DRIVERS\amdagp.sys -- (amdagp) DRV - [2008/04/13 14:36:39 | 000,040,960 | ---- | M] (Silicon Integrated Systems Corporation) [Kernel | Disabled | Stopped] -- C:\WINDOWS\System32\DRIVERS\sisagp.sys -- (sisagp) DRV - [2007/11/23 08:50:10 | 000,018,560 | R--- | M] (Windows (R) Codename Longhorn DDK provider) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\SYSTEM32\DRIVERS\HPWPAUSB.sys -- (HPWPAUSB) DRV - [2007/10/31 12:54:06 | 000,039,552 | ---- | M] (Hewlett-Packard Development Company) [Kernel | On_Demand | Running] -- C:\WINDOWS\SYSTEM32\DRIVERS\hpnuhub.sys -- (HPNUHUB) DRV - [2007/03/27 20:12:46 | 000,012,032 | ---- | M] (Hewlett-Packard Development Company) [Kernel | On_Demand | Running] -- C:\WINDOWS\SYSTEM32\DRIVERS\hpnuhst.sys -- (hpnuhst) DRV - [2007/01/30 13:27:49 | 000,008,413 | ---- | M] (RealNetworks, Inc.) [Kernel | Auto | Stopped] -- C:\WINDOWS\System32\drivers\mcstrm.sys -- (MCSTRM) DRV - [2006/10/04 22:42:42 | 000,002,560 | ---- | M] (Sonic Solutions) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\cdralw2k.sys -- (Cdralw2k) DRV - [2006/10/04 22:42:42 | 000,002,432 | ---- | M] (Sonic Solutions) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\cdr4_xp.sys -- (Cdr4_xp) DRV - [2004/10/07 21:16:04 | 000,035,840 | ---- | M] (Oak Technology Inc.) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\AFS2K.SYS -- (AFS2K) DRV - [2003/11/17 11:33:00 | 001,618,939 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\SYSTEM32\DRIVERS\nv4_mini.sys -- (nv4) DRV - [2003/11/17 11:33:00 | 001,618,939 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\SYSTEM32\DRIVERS\nv4_mini.sys -- (nv) DRV - [2003/07/18 04:37:40 | 000,048,128 | R--- | M] (Saitek) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\SYSTEM32\DRIVERS\SaiH0464.sys -- (SaiH0464) DRV - [2003/05/01 13:26:34 | 000,005,220 | ---- | M] (Cisco Systems, Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\SYSTEM32\DRIVERS\CVirtA.sys -- (CVirtA) DRV - [2003/01/10 17:13:04 | 000,033,588 | R--- | M] (America Online, Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\SYSTEM32\DRIVERS\wanatw4.sys -- (wanatw) WAN Miniport (ATW) DRV - [2002/04/29 14:00:00 | 000,167,661 | R--- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\SYSTEM32\DRIVERS\p1030vid.sys -- (PD1030VID) DRV - [2002/04/10 18:01:12 | 000,024,554 | ---- | M] (Roxio) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\System32\drivers\Dvd_2k.sys -- (dvd_2K) DRV - [2002/04/10 18:01:00 | 000,029,638 | ---- | M] (Roxio) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\System32\drivers\Mmc_2k.sys -- (mmc_2K) DRV - [2002/04/10 18:00:44 | 000,117,898 | ---- | M] (Roxio) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\pwd_2K.sys -- (pwd_2k) DRV - [2002/04/10 17:48:04 | 000,236,032 | ---- | M] (Roxio) [File_System | System | Stopped] -- C:\WINDOWS\System32\drivers\cdudf_xp.sys -- (cdudf_xp) DRV - [2002/04/10 17:45:16 | 000,206,336 | ---- | M] (Roxio) [File_System | System | Running] -- C:\WINDOWS\System32\drivers\udfreadr_xp.sys -- (UdfReadr_xp) DRV - [2001/08/17 15:07:44 | 000,019,072 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\WINDOWS\System32\DRIVERS\sparrow.sys -- (Sparrow) DRV - [2001/08/17 15:07:42 | 000,030,688 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\WINDOWS\System32\DRIVERS\sym_u3.sys -- (sym_u3) DRV - [2001/08/17 15:07:40 | 000,028,384 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\WINDOWS\System32\DRIVERS\sym_hi.sys -- (sym_hi) DRV - [2001/08/17 15:07:36 | 000,032,640 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\WINDOWS\System32\DRIVERS\symc8xx.sys -- (symc8xx) DRV - [2001/08/17 15:07:34 | 000,016,256 | ---- | M] (Symbios Logic Inc.) [Kernel | Disabled | Stopped] -- C:\WINDOWS\System32\DRIVERS\symc810.sys -- (symc810) DRV - [2001/08/17 14:57:38 | 000,016,128 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\SYSTEM32\DRIVERS\MODEMCSA.sys -- (MODEMCSA) DRV - [2001/08/17 14:52:24 | 000,038,144 | ---- | M] (HighPoint Technologies, Inc.) [Kernel | Disabled | Stopped] -- C:\WINDOWS\System32\DRIVERS\hpt3xx.sys -- (hpt3xx) DRV - [2001/08/17 14:52:22 | 000,036,736 | ---- | M] (Promise Technology, Inc.) [Kernel | Disabled | Stopped] -- C:\WINDOWS\System32\DRIVERS\ultra.sys -- (ultra) DRV - [2001/08/17 14:52:20 | 000,045,312 | ---- | M] (QLogic Corporation) [Kernel | Disabled | Stopped] -- C:\WINDOWS\System32\DRIVERS\ql12160.sys -- (ql12160) DRV - [2001/08/17 14:52:20 | 000,040,320 | ---- | M] (QLogic Corporation) [Kernel | Disabled | Stopped] -- C:\WINDOWS\System32\DRIVERS\ql1080.sys -- (ql1080) DRV - [2001/08/17 14:52:18 | 000,049,024 | ---- | M] (QLogic Corporation) [Kernel | Disabled | Stopped] -- C:\WINDOWS\System32\DRIVERS\ql1280.sys -- (ql1280) DRV - [2001/08/17 14:52:16 | 000,179,584 | ---- | M] (Mylex Corporation) [Kernel | Disabled | Stopped] -- C:\WINDOWS\System32\DRIVERS\dac2w2k.sys -- (dac2w2k) DRV - [2001/08/17 14:52:12 | 000,017,280 | ---- | M] (American Megatrends Inc.) [Kernel | Disabled | Stopped] -- C:\WINDOWS\System32\DRIVERS\mraid35x.sys -- (mraid35x) DRV - [2001/08/17 14:52:00 | 000,026,496 | ---- | M] (Advanced System Products, Inc.) [Kernel | Disabled | Stopped] -- C:\WINDOWS\System32\DRIVERS\asc.sys -- (asc) DRV - [2001/08/17 14:51:58 | 000,014,848 | ---- | M] (Advanced System Products, Inc.) [Kernel | Disabled | Stopped] -- C:\WINDOWS\System32\DRIVERS\asc3550.sys -- (asc3550) DRV - [2001/08/17 14:51:56 | 000,005,248 | ---- | M] (Acer Laboratories Inc.) [Kernel | Disabled | Stopped] -- C:\WINDOWS\System32\DRIVERS\aliide.sys -- (AliIde) DRV - [2001/08/17 14:51:54 | 000,006,656 | ---- | M] (CMD Technology, Inc.) [Kernel | Disabled | Stopped] -- C:\WINDOWS\System32\DRIVERS\cmdide.sys -- (CmdIde) DRV - [2001/08/17 14:28:10 | 000,542,879 | ---- | M] (Conexant) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\SYSTEM32\DRIVERS\HSF_MSFT.sys -- (hsf_msft) DRV - [2001/08/17 13:20:04 | 000,096,256 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\SYSTEM32\DRIVERS\ac97intc.sys -- (ac97intc) Intel(r) 82801 Audio Driver Install Service (WDM) DRV - [2001/08/17 13:11:42 | 000,029,696 | ---- | M] (CNet Technology, Inc. ) [Kernel | On_Demand | Running] -- C:\WINDOWS\SYSTEM32\DRIVERS\DM9PCI5.SYS -- (DM9102) DAVICOM 9102(A) DRV - [2001/08/17 13:11:06 | 000,066,591 | ---- | M] (3Com Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\SYSTEM32\DRIVERS\EL90XBC5.SYS -- (EL90XBC) DRV - [2001/07/25 12:58:28 | 000,584,336 | ---- | M] (Conexant Systems) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\SYSTEM32\DRIVERS\hsf_cnxt.sys -- (winachsf) DRV - [2001/07/18 14:07:00 | 000,080,449 | ---- | M] (Conexant Systems) [Kernel | Auto | Stopped] -- C:\WINDOWS\SYSTEM32\DRIVERS\spkpnt.sys -- (SpeakerPhone) DRV - [2001/07/18 14:06:40 | 000,426,783 | ---- | M] (Conexant Systems) [Kernel | Auto | Stopped] -- C:\WINDOWS\SYSTEM32\DRIVERS\k56nt.sys -- (K56) DRV - [2001/07/18 14:06:12 | 000,127,405 | ---- | M] (Conexant Systems) [Kernel | Auto | Stopped] -- C:\WINDOWS\SYSTEM32\DRIVERS\fsksnt.sys -- (Fsks) DRV - [2001/07/18 14:05:26 | 000,217,019 | ---- | M] (Conexant Systems) [Kernel | Auto | Stopped] -- C:\WINDOWS\SYSTEM32\DRIVERS\faxnt.sys -- (SoftFax) DRV - [2001/07/18 14:04:26 | 000,056,607 | ---- | M] (Conexant Systems) [Kernel | Auto | Stopped] -- C:\WINDOWS\SYSTEM32\DRIVERS\tonesnt.sys -- (Tones) DRV - [2001/07/18 14:04:04 | 000,310,899 | ---- | M] (Conexant Systems) [Kernel | Auto | Stopped] -- C:\WINDOWS\SYSTEM32\DRIVERS\fallback.sys -- (Fallback) DRV - [2001/07/18 14:01:56 | 000,077,426 | ---- | M] (Conexant Systems) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\SYSTEM32\DRIVERS\basic2.sys -- (basic2) DRV - [2001/07/18 14:01:38 | 000,067,654 | ---- | M] (Conexant Systems) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\SYSTEM32\DRIVERS\rksample.sys -- (Rksample) DRV - [2001/07/18 14:01:20 | 000,534,125 | ---- | M] (Conexant Systems) [Kernel | Auto | Stopped] -- C:\WINDOWS\SYSTEM32\DRIVERS\v124nt.sys -- (V124) DRV - [2001/06/20 18:32:54 | 000,004,272 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\WINDOWS\System32\drivers\bvrp_pci.sys -- (bvrp_pci) [color=#E56717]========== Standard Registry (SafeList) ==========[/color] [color=#E56717]========== Internet Explorer ==========[/color] IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL = http://www.google.com/ie IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.google.com/ie IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.dellnet.com/ IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.google.com IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,SearchMigratedDefaultName = Google IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,SearchMigratedDefaultURL = http://www.google.com/search?q={searchTerms}&sourceid=ie7&rls=com.microsoft:en-US&ie=utf8&oe=utf8 IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com/ IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.google.com/ie IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyServer" = http=127.0.0.1:5643 FF - HKLM\software\mozilla\Firefox\Extensions\\{32C0181D-C406-4E3B-81DE-8CC6AB66F6FA}: C:\Documents and Settings\Russell\Local Settings\Application Data\{32C0181D-C406-4E3B-81DE-8CC6AB66F6FA} [2010/07/23 15:17:48 | 000,000,000 | ---D | M] [2010/03/01 21:30:47 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Russell\Application Data\Mozilla\Extensions O1 HOSTS File: ([2001/08/18 07:00:00 | 000,000,734 | ---- | M]) - C:\WINDOWS\SYSTEM32\DRIVERS\ETC\HOSTS O1 - Hosts: 127.0.0.1 localhost O2 - BHO: (no name) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - No CLSID value found. O2 - BHO: (Adobe PDF Reader Link Helper) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated) O2 - BHO: (Oryte Games 1 Toolbar) - {50bcbfa7-2a6a-41ed-9d96-34d2073a8943} - C:\Program Files\Oryte_Games_1\tbOryt.dll (Conduit Ltd.) O2 - BHO: (SSVHelper Class) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll (Sun Microsystems, Inc.) O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - No CLSID value found. O2 - BHO: (Google Toolbar Helper) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.) O2 - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.5.5126.1836\swg.dll (Google Inc.) O2 - BHO: (no name) - {FDD3B846-8D59-4ffb-8758-209B6AD74ACC} - C:\Program Files\Microsoft Money\System\mnyviewer.dll (Microsoft Corporation) O3 - HKLM\..\Toolbar: (Google Toolbar) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.) O3 - HKLM\..\Toolbar: (Oryte Games 1 Toolbar) - {50bcbfa7-2a6a-41ed-9d96-34d2073a8943} - C:\Program Files\Oryte_Games_1\tbOryt.dll (Conduit Ltd.) O3 - HKLM\..\Toolbar: (EarthLink Toolbar) - {C7768536-96F8-4001-B1A2-90EE21279187} - f:\Program Files\EarthLink TotalAccess\Toolbar\Toolbar.dll File not found O3 - HKCU\..\Toolbar\ShellBrowser: (Google Toolbar) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.) O3 - HKCU\..\Toolbar\WebBrowser: (Google Toolbar) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.) O3 - HKCU\..\Toolbar\WebBrowser: (Oryte Games 1 Toolbar) - {50BCBFA7-2A6A-41ED-9D96-34D2073A8943} - C:\Program Files\Oryte_Games_1\tbOryt.dll (Conduit Ltd.) O4 - HKLM..\Run: [AdaptecDirectCD] C:\Program Files\Roxio\Easy CD Creator 5\DirectCD\DirectCD.exe (Roxio) O4 - HKLM..\Run: [Adobe Reader Speed Launcher] C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe (Adobe Systems Incorporated) O4 - HKLM..\Run: [avast5] C:\Program Files\Alwil Software\Avast5\AvastUI.exe (AVAST Software) O4 - HKLM..\Run: [Dell|Alert] C:\Program Files\Dell\Support\Alert\bin\DAMon.exe () O4 - HKLM..\Run: [EarthLink Installer] File not found O4 - HKLM..\Run: [Jtuvemunajaze] C:\WINDOWS\izecogot.DLL (Parallels Holdings, Ltd. and its affiliates.) O4 - HKLM..\Run: [LogMeIn GUI] C:\Program Files\LogMeIn\x86\LogMeInSystray.exe (LogMeIn, Inc.) O4 - HKLM..\Run: [Malwarebytes Anti-Malware (reboot)] C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe (Malwarebytes Corporation) O4 - HKLM..\Run: [Monitor] C:\Program Files\LeapFrog\LeapFrog Connect\Monitor.exe (LeapFrog Enterprises, Inc.) O4 - HKLM..\Run: [NvCplDaemon] C:\WINDOWS\System32\NvCpl.DLL (NVIDIA Corporation) O4 - HKLM..\Run: [nwiz] C:\WINDOWS\System32\nwiz.exe (NVIDIA Corporation) O4 - HKLM..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe (Sun Microsystems, Inc.) O4 - HKCU..\Run: [E6TaskPanel] F:\Program Files\EarthLink TotalAccess\TaskPanl.exe File not found O4 - HKCU..\Run: [Eraser] C:\Program Files\Eraser\eraser.exe (The Eraser Project) O4 - HKCU..\Run: [PhotoShow Deluxe Media Manager] C:\PROGRA~1\Comcast\COMCAS~1\data\Xtras\mssysmgr.exe File not found O4 - HKCU..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe (Google Inc.) O4 - HKCU..\Run: [updateMgr] C:\Program Files\Adobe\Acrobat 7.0\Reader\AdobeUpdateManager.exe File not found O4 - HKCU..\Run: [Weather] C:\Program Files\AWS\WeatherBug\Weather.exe (AWS Convergence Technologies, Inc.) O4 - HKCU..\RunOnce: [7229915329] C:\Documents and Settings\Russell\Local Settings\Application Data\7229915329.exe () O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Adobe Gamma Loader.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe (Adobe Systems, Inc.) O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\connection manager.lnk = C:\Program Files\HP Wireless Printer Adapter\ConnectMgr.exe () O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1 O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145 O8 - Extra context menu item: Google Sidewiki... - C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_89D8574934B26AC4.dll (Google Inc.) O9 - Extra 'Tools' menuitem : Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\npjpi160_05.dll (Sun Microsystems, Inc.) O9 - Extra Button: AIM - {AC9E2541-2814-11d5-BC6D-00B0D0A1DE45} - C:\Program Files\AIM\aim.exe File not found O9 - Extra Button: MoneySide - {E023F504-0C5A-4750-A1E7-A9046DEA8A21} - C:\Program Files\Microsoft Money\System\mnyviewer.dll (Microsoft Corporation) O15 - HKCU\..Trusted Domains: ([]msn in My Computer) O15 - HKCU\..Trusted Domains: aol.com ([free] http in Trusted sites) O15 - HKCU\..Trusted Domains: aol.com ([objects] * is out of zone range - 5) O16 - DPF: {00B71CFB-6864-4346-A978-C0A14556272C} http://messenger.zone.msn.com/binary/msgrchkr.cab31267.cab (Checkers Class) O16 - DPF: {01113300-3E00-11D2-8470-0060089874ED} https://activatemyfios.verizon.net/sdcCommon/download/FIOS/Verizon%20FiOS%20Installer.cab (Support.com Configuration Class) O16 - DPF: {02BCC737-B171-4746-94C9-0D8A0B2C0089} http://office.microsoft.com/templates/ieawsdc.cab (Microsoft Office Template and Media Control) O16 - DPF: {02BF25D5-8C17-4B23-BC80-D3488ABDDC6B} http://www.apple.com/qtactivex/qtplugin.cab (QuickTime Object) O16 - DPF: {0E5F0222-96B9-11D3-8997-00104BD12D94} http://www.pcpitstop.com/pcpitstop/PCPitStop.CAB (Reg Error: Key error.) O16 - DPF: {1E2941E3-8E63-11D4-9D5A-00902742D6E0} https://corpmail.maxinc.com/iNotes.cab (iNotes Class) O16 - DPF: {2871FC9B-5E34-4AAE-9E9C-EBD1652D5C92} http://forms.real.com/real/player/download.html?f=windows/mrkt/rhapx/RhapsodyPlayerEngine_Inst_Win.cab (RhapsodyPlayerEngineCtrl Class) O16 - DPF: {2B323CD9-50E3-11D3-9466-00A0C9700498} http://us.chat1.yimg.com/us.yimg.com/i/chat/applet/v45/yacscom.cab (Reg Error: Key error.) O16 - DPF: {30528230-99F7-4BB4-88D8-FA1D4F56A2AB} http://download.yahoo.com/dl/installs/yinst.cab (Reg Error: Key error.) O16 - DPF: {33564D57-0000-0010-8000-00AA00389B71} http://download.microsoft.com/download/F/6/E/F6E491A6-77E1-4E20-9F5F-94901338C922/wmv9VCM.CAB (Reg Error: Key error.) O16 - DPF: {3451DEDE-631F-421C-8127-FD793AFC6CC8} http://www.symantec.com/techsupp/asa/ctrl/SymAData.cab (Reg Error: Key error.) O16 - DPF: {38AB6A6C-CC4C-4F9E-A3DD-3C5681EF18A1} http://www-cdn.freerealms.com/gamedata/plugins/1.0.3.93/FreeRealmsInstaller.cab?v=1044 (SonyOnlineInstallerX) O16 - DPF: {406B5949-7190-4245-91A9-30A17DE16AD0} http://www1.snapfish.com/SnapfishActivia.cab (Snapfish Activia) O16 - DPF: {41F17733-B041-4099-A042-B518BB6A408C} http://a1540.g.akamai.net/7/1540/52/20020323/qtinstall.info.apple.com/qt505/us/win/QuickTimeInstaller.exe (Reg Error: Key error.) O16 - DPF: {44990200-3C9D-426D-81DF-AAB636FA4345} http://www.symantec.com/techsupp/asa/ctrl/tgctlsi.cab (Symantec SmartIssue) O16 - DPF: {44990301-3C9D-426D-81DF-AAB636FA4345} http://www.symantec.com/techsupp/asa/ctrl/tgctlsr.cab (Symantec Script Runner Class) O16 - DPF: {4A3CF76B-EC7A-405D-A67D-8DC6B52AB35B} http://aolcc.aol.com/computercheckup/qdiagcc.cab (Reg Error: Key error.) O16 - DPF: {4CCA4E80-9259-11D9-AC6E-444553544200} http://h30155.www3.hp.com/ediags/dd/install/HPInstallMgr_v01_5.cab (FixController Control) O16 - DPF: {56336BCB-3D8A-11D6-A00B-0050DA18DE71} http://207.188.7.150/058fbb55da883ba39617/netzip/RdxIE601.cab (Reg Error: Key error.) O16 - DPF: {5763F8E8-0DD7-4A0F-ADB0-9F64C8F2C349} http://www.snapfish.com/SnapfishUploader.cab (Pixami/Snapfish Upload UI Control) O16 - DPF: {644E432F-49D3-41A1-8DD5-E099162EEEC5} http://security.symantec.com/sscv6/SharedContent/common/bin/cabsa.cab (Symantec RuFSI Utility Class) O16 - DPF: {7D1E9C49-BD6A-11D3-87A8-009027A35D73} http://chat.yahoo.com/cab/yacsui.cab (Reg Error: Key error.) O16 - DPF: {8100D56A-5661-482C-BEE8-AFECE305D968} http://upload.facebook.com/controls/2009.07.28_v5.5.8.1/FacebookPhotoUploader55.cab (Facebook Photo Uploader 5 Control) O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_05-windows-i586.cab (Java Plug-in 1.6.0_05) O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} http://messenger.zone.msn.com/binary/MessengerStatsClient.cab31267.cab (MessengerStatsClient Class) O16 - DPF: {90A29DA5-D020-4B18-8660-6689520C7CD7} http://ftp.us.dell.com/fixes/PROFILER.CAB (Reg Error: Key error.) O16 - DPF: {9522B3FB-7A2B-4646-8AF6-36E7F593073C} http://a19.g.akamai.net/7/19/7125/1446/ftp.coupons.com/r3302/cpbrkpie.cab (cpbrkpie Control) O16 - DPF: {9600F64D-755F-11D4-A47F-0001023E6D5A} http://web1.shutterfly.com/downloads/Uploader.cab (Shutterfly Picture Upload Plugin) O16 - DPF: {9AA73F41-EC64-489E-9A73-9CD52E528BC4} http://messenger.zone.msn.com/binary/ZAxRcMgr.cab (ZoneAxRcMgr Class) O16 - DPF: {A4E84B61-1174-4309-87F0-E795A64158CC} https://maxsts.maxinc.com/sametime/stmeetingroomclient/STJNILoader.cab (JNILoader Control) O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} http://messenger.msn.com/download/MsnMessengerSetupDownloader.cab (MsnMessengerSetupDownloadControl Class) O16 - DPF: {C2FCEF52-ACE9-11D3-BEBD-00105AA9B6AE} http://security1.norton.com/SSC/SharedContent/sc/bin/cabsa.cab (Symantec RuFSI Registry Information Class) O16 - DPF: {CAFEEFAC-0015-0000-0006-ABCDEFFEDCBA} http://java.sun.com/update/1.5.0/jinstall-1_5_0_06-windows-i586.cab (Java Plug-in 1.5.0_06) O16 - DPF: {CAFEEFAC-0015-0000-0008-ABCDEFFEDCBA} http://java.sun.com/update/1.5.0/jinstall-1_5_0_08-windows-i586.cab (Java Plug-in 1.5.0_08) O16 - DPF: {CAFEEFAC-0016-0000-0001-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_01-windows-i586.cab (Java Plug-in 1.6.0_01) O16 - DPF: {CAFEEFAC-0016-0000-0002-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_02-windows-i586.cab (Java Plug-in 1.6.0_02) O16 - DPF: {CAFEEFAC-0016-0000-0003-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_03-windows-i586.cab (Java Plug-in 1.6.0_03) O16 - DPF: {CAFEEFAC-0016-0000-0005-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_05-windows-i586.cab (Java Plug-in 1.6.0_05) O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_05-windows-i586.cab (Java Plug-in 1.6.0_05) O16 - DPF: {CC05BC12-2AA2-4AC7-AC81-0E40F83B1ADF} http://www.live365.com/players/play365.cab (Reg Error: Key error.) O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload.macromedia.com/get/shockwave/cabs/flash/swflash.cab (Shockwave Flash Object) O16 - DPF: {D821DC4A-0814-435E-9820-661C543A4679} http://drmlicense.one.microsoft.com/crlupdate/en/crlocx.ocx (CRLDownloadWrapper Class) O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab (Reg Error: Key error.) O16 - DPF: {E7DBFB6C-113A-47CF-B278-F5C6AF4DE1BD} http://download.abacast.com/download/files/abasetup142f1.cab (Reg Error: Key error.) O16 - DPF: {EB387D2F-E27B-4D36-979E-847D1036C65D} http://h30043.www3.hp.com/aio/eng/check/qdiagh.cab?312 (QDiagHUpdateObj Class) O16 - DPF: {EF99BD32-C1FB-11D2-892F-0090271D4F88} http://us.dl1.yimg.com/download.companion.yahoo.com/dl/toolbar/yiebio5_3_12_0.cab (Reg Error: Key error.) O16 - DPF: {F58E1CEF-A068-4C15-BA5E-587CAF3EE8C6} http://chat.msn.com/bin/msnchat45.cab (MSN Chat Control 4.5) O16 - DPF: {F6BF0D00-0B2A-4A75-BF7B-F385591623AF} http://messenger.zone.msn.com/binary/SolitaireShowdown.cab31267.cab (Solitaire Showdown Class) O16 - DPF: {FD0B6769-6490-4A91-AA0A-B5AE0DC75AC9} https://secure.logmein.com/activex/ractrl.cab?lmi=100 (Performance Viewer Activex Control) O16 - DPF: Microsoft XML Parser for Java file://C:\WINDOWS\Java\classes\xmldso.cab (Reg Error: Key error.) O16 - DPF: Yahoo! Chat http://us.chat1.yimg.com/us.yimg.com/i/chat/applet/c381/chat.cab (Reg Error: Key error.) O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1 O18 - Protocol\Handler\livecall {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files\Windows Live\Messenger\msgrapp.8.5.1302.1018.dll (Microsoft Corporation) O18 - Protocol\Handler\msnim {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files\Windows Live\Messenger\msgrapp.8.5.1302.1018.dll (Microsoft Corporation) O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies) O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation) O20 - Winlogon\Notify\LMIinit: DllName - LMIinit.dll - C:\WINDOWS\System32\LMIinit.dll (LogMeIn, Inc.) O24 - Desktop WallPaper: C:\WINDOWS\Web\Wallpaper\Bliss.bmp O24 - Desktop BackupWallPaper: C:\WINDOWS\Web\Wallpaper\Bliss.bmp O32 - HKLM CDRom: AutoRun - 1 O32 - AutoRun File - [2001/11/15 08:31:14 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ] O33 - MountPoints2\{46026d44-23d3-11df-b029-0008a1030ec7}\Shell - "" = AutoRun O33 - MountPoints2\{46026d44-23d3-11df-b029-0008a1030ec7}\Shell\AutoRun - "" = Auto&Play O33 - MountPoints2\{46026d44-23d3-11df-b029-0008a1030ec7}\Shell\AutoRun\command - "" = F:\LaunchU3.exe -- File not found O33 - MountPoints2\{65304194-6fd2-11d8-aebb-00038a000015}\Shell\AutoRun\command - "" = F:\setupSNK.exe -- File not found O33 - MountPoints2\F\Shell - "" = AutoRun O33 - MountPoints2\F\Shell\AutoRun - "" = Auto&Play O33 - MountPoints2\F\Shell\AutoRun\command - "" = F:\LaunchU3.exe -- File not found O34 - HKLM BootExecute: (autocheck autochk *) - File not found O35 - HKLM\..comfile [open] -- "%1" %* O35 - HKLM\..exefile [open] -- "%1" %* O37 - HKLM\...com [@ = comfile] -- "%1" %* O37 - HKLM\...exe [@ = exefile] -- "%1" %* NetSvcs: 6to4 - File not found NetSvcs: AppMgmt - C:\WINDOWS\System32\appmgmts.dll File not found NetSvcs: Ias - File not found NetSvcs: Iprip - File not found NetSvcs: Irmon - File not found NetSvcs: NWCWorkstation - File not found NetSvcs: Nwsapagent - File not found NetSvcs: Wmi - C:\WINDOWS\System32\wmi.dll (Microsoft Corporation) NetSvcs: WmdmPmSp - File not found Drivers32: midi - C:\WINDOWS\System32\wdmaud.drv (Microsoft Corporation) Drivers32: midimapper - C:\WINDOWS\System32\midimap.dll (Microsoft Corporation) Drivers32: mixer - C:\WINDOWS\System32\wdmaud.drv (Microsoft Corporation) Drivers32: msacm.iac2 - C:\WINDOWS\SYSTEM32\iac25_32.ax (Intel Corporation) Drivers32: msacm.imaadpcm - C:\WINDOWS\System32\imaadp32.acm (Microsoft Corporation) Drivers32: msacm.l3acm - C:\WINDOWS\SYSTEM32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS) Drivers32: msacm.msadpcm - C:\WINDOWS\System32\msadp32.acm (Microsoft Corporation) Drivers32: msacm.msaudio1 - C:\WINDOWS\System32\msaud32.acm (Microsoft Corporation) Drivers32: msacm.msg711 - C:\WINDOWS\System32\MSG711.ACM (Microsoft Corporation) Drivers32: msacm.msg723 - C:\WINDOWS\System32\MSG723.ACM (Microsoft Corporation) Drivers32: msacm.msgsm610 - C:\WINDOWS\System32\MSGSM32.ACM (Microsoft Corporation) Drivers32: msacm.siren - C:\WINDOWS\System32\sirenacm.dll (Microsoft Corporation) Drivers32: msacm.sl_anet - C:\WINDOWS\System32\sl_anet.acm (Sipro Lab Telecom Inc.) Drivers32: msacm.trspch - C:\WINDOWS\System32\TSSOFT32.ACM (DSP GROUP, INC.) Drivers32: MSVideo8 - C:\WINDOWS\System32\vfwwdm32.dll (Microsoft Corporation) Drivers32: vidc.cvid - C:\WINDOWS\System32\iccvid.dll (Radius Inc.) Drivers32: VIDC.I420 - C:\WINDOWS\System32\msh263.drv (Microsoft Corporation) Drivers32: vidc.iv31 - C:\WINDOWS\System32\IR32_32.DLL () Drivers32: vidc.iv32 - C:\WINDOWS\System32\IR32_32.DLL () Drivers32: vidc.iv41 - C:\WINDOWS\System32\ir41_32.ax (Intel Corporation) Drivers32: vidc.iv50 - C:\WINDOWS\System32\ir50_32.dll (Intel Corporation) Drivers32: VIDC.IYUV - C:\WINDOWS\System32\iyuv_32.dll (Microsoft Corporation) Drivers32: vidc.M261 - C:\WINDOWS\System32\msh261.drv (Microsoft Corporation) Drivers32: vidc.M263 - C:\WINDOWS\System32\msh263.drv (Microsoft Corporation) Drivers32: vidc.mp42 - C:\WINDOWS\System32\MPG4C32.DLL (Microsoft Corporation) Drivers32: vidc.mp43 - C:\WINDOWS\System32\MPG4C32.DLL (Microsoft Corporation) Drivers32: vidc.mpg4 - C:\WINDOWS\System32\MPG4C32.DLL (Microsoft Corporation) Drivers32: vidc.mrle - C:\WINDOWS\System32\msrle32.dll (Microsoft Corporation) Drivers32: vidc.msvc - C:\WINDOWS\System32\msvidc32.dll (Microsoft Corporation) Drivers32: VIDC.UYVY - C:\WINDOWS\System32\msyuv.dll (Microsoft Corporation) Drivers32: VIDC.WMV3 - C:\WINDOWS\System32\wmv9vcm.dll (Microsoft Corporation) Drivers32: VIDC.YUY2 - C:\WINDOWS\System32\msyuv.dll (Microsoft Corporation) Drivers32: VIDC.YVU9 - C:\WINDOWS\System32\tsbyuv.dll (Microsoft Corporation) Drivers32: VIDC.YVYU - C:\WINDOWS\System32\msyuv.dll (Microsoft Corporation) Drivers32: wave - C:\WINDOWS\System32\wdmaud.drv (Microsoft Corporation) Drivers32: wave1 - C:\WINDOWS\System32\SERWVDRV.DLL (Microsoft Corporation) Drivers32: wavemapper - C:\WINDOWS\System32\MSACM32.DRV (Microsoft Corporation) CREATERESTOREPOINT Error starting restore point: The function was called in safe mode. Error closing restore point: The sequence number is invalid. [color=#E56717]========== Files/Folders - Created Within 30 Days ==========[/color] [2010/07/24 11:36:58 | 000,165,456 | ---- | C] (ALWIL Software) -- C:\WINDOWS\System32\drivers\aswSP.sys [2010/07/24 11:36:58 | 000,017,744 | ---- | C] (ALWIL Software) -- C:\WINDOWS\System32\drivers\aswFsBlk.sys [2010/07/24 11:36:57 | 000,023,376 | ---- | C] (ALWIL Software) -- C:\WINDOWS\System32\drivers\aswRdr.sys [2010/07/24 11:36:56 | 000,046,672 | ---- | C] (ALWIL Software) -- C:\WINDOWS\System32\drivers\aswTdi.sys [2010/07/24 11:36:54 | 000,100,176 | ---- | C] (ALWIL Software) -- C:\WINDOWS\System32\drivers\aswmon2.sys [2010/07/24 11:36:54 | 000,094,544 | ---- | C] (ALWIL Software) -- C:\WINDOWS\System32\drivers\aswmon.sys [2010/07/24 11:36:52 | 000,028,880 | ---- | C] (ALWIL Software) -- C:\WINDOWS\System32\drivers\aavmker4.sys [2010/07/24 11:36:44 | 000,038,848 | ---- | C] (ALWIL Software) -- C:\WINDOWS\avastSS.scr [2010/07/24 11:36:43 | 000,165,032 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\aswBoot.exe [2010/07/24 11:32:01 | 000,000,000 | ---D | C] -- C:\Program Files\Alwil Software [2010/07/24 11:32:01 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Alwil Software [2010/07/24 11:31:01 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Russell\Desktop\Logs [2010/07/24 11:17:12 | 000,000,000 | ---D | C] -- C:\Documents and Settings\LocalService\Application Data\Macromedia [2010/07/24 11:17:10 | 000,000,000 | ---D | C] -- C:\Documents and Settings\LocalService\Application Data\Adobe [2010/07/23 15:37:32 | 000,000,000 | ---D | C] -- C:\Documents and Settings\NetworkService\Application Data\Macromedia [2010/07/23 15:37:22 | 000,000,000 | ---D | C] -- C:\Documents and Settings\NetworkService\Application Data\Adobe [2010/07/23 15:17:48 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Russell\Local Settings\Application Data\{32C0181D-C406-4E3B-81DE-8CC6AB66F6FA} [2010/07/23 15:15:11 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Russell\Local Settings\Application Data\hqafibyso [2010/07/14 14:36:17 | 000,744,448 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\helpsvc.exe [2010/06/27 16:39:55 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Russell\My Documents\MTB [2010/06/27 07:25:27 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Russell\Local Settings\Application Data\CutePDF Writer [2010/06/27 07:25:09 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Russell\My Documents\Lifebook [2010/06/27 07:24:16 | 000,000,000 | ---D | C] -- C:\Program Files\GPLGS [2010/06/27 07:23:45 | 000,000,000 | ---D | C] -- C:\Program Files\Acro Software [color=#E56717]========== Files - Modified Within 30 Days ==========[/color] [2010/07/24 11:36:59 | 000,001,700 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\avast! Free Antivirus.lnk [2010/07/24 11:36:55 | 000,002,626 | ---- | M] () -- C:\WINDOWS\System32\CONFIG.NT [2010/07/24 11:35:38 | 000,001,170 | ---- | M] () -- C:\WINDOWS\System32\WPA.DBL [2010/07/24 11:35:22 | 000,002,048 | --S- | M] () -- C:\WINDOWS\BOOTSTAT.DAT [2010/07/24 11:34:43 | 006,815,744 | ---- | M] () -- C:\Documents and Settings\Russell\ntuser.dat [2010/07/24 11:34:43 | 000,000,178 | -HS- | M] () -- C:\Documents and Settings\Russell\NTUSER.INI [2010/07/24 11:34:39 | 004,240,656 | -H-- | M] () -- C:\Documents and Settings\Russell\Local Settings\Application Data\IconCache.db [2010/07/24 11:20:52 | 000,574,976 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Russell\Desktop\OTL.exe [2010/07/24 11:20:30 | 000,284,915 | ---- | M] () -- C:\Documents and Settings\Russell\Desktop\gmer.zip [2010/07/24 11:20:04 | 054,835,272 | ---- | M] () -- C:\Documents and Settings\Russell\Desktop\setup_av_free.exe [2010/07/24 11:16:34 | 000,446,464 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Russell\Desktop\TFC.exe [2010/07/23 18:03:27 | 000,000,006 | -H-- | M] () -- C:\WINDOWS\tasks\SA.DAT [2010/07/23 17:52:00 | 000,000,886 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job [2010/07/23 17:46:08 | 000,000,882 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job [2010/07/23 15:27:19 | 000,002,804 | ---- | M] () -- C:\WINDOWS\uloweseb.dll [2010/07/23 15:17:49 | 000,000,120 | ---- | M] () -- C:\WINDOWS\Egera.dat [2010/07/23 15:17:49 | 000,000,000 | ---- | M] () -- C:\WINDOWS\Olebazu.bin [2010/07/23 15:16:09 | 001,180,672 | ---- | M] () -- C:\Documents and Settings\Russell\Local Settings\Application Data\7229915329.exe [2010/07/01 02:29:00 | 000,000,264 | ---- | M] () -- C:\WINDOWS\tasks\Disk Cleanup.job [2010/06/28 16:57:33 | 000,038,848 | ---- | M] (ALWIL Software) -- C:\WINDOWS\avastSS.scr [2010/06/28 16:57:12 | 000,165,032 | ---- | M] (AVAST Software) -- C:\WINDOWS\System32\aswBoot.exe [2010/06/28 16:37:52 | 000,046,672 | ---- | M] (ALWIL Software) -- C:\WINDOWS\System32\drivers\aswTdi.sys [2010/06/28 16:37:30 | 000,165,456 | ---- | M] (ALWIL Software) -- C:\WINDOWS\System32\drivers\aswSP.sys [2010/06/28 16:33:13 | 000,023,376 | ---- | M] (ALWIL Software) -- C:\WINDOWS\System32\drivers\aswRdr.sys [2010/06/28 16:32:45 | 000,100,176 | ---- | M] (ALWIL Software) -- C:\WINDOWS\System32\drivers\aswmon2.sys [2010/06/28 16:32:42 | 000,094,544 | ---- | M] (ALWIL Software) -- C:\WINDOWS\System32\drivers\aswmon.sys [2010/06/28 16:32:33 | 000,017,744 | ---- | M] (ALWIL Software) -- C:\WINDOWS\System32\drivers\aswFsBlk.sys [2010/06/28 16:32:16 | 000,028,880 | ---- | M] (ALWIL Software) -- C:\WINDOWS\System32\drivers\aavmker4.sys [color=#E56717]========== Files Created - No Company Name ==========[/color] [2010/07/24 11:36:59 | 000,001,700 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\avast! Free Antivirus.lnk [2010/07/24 11:20:33 | 000,284,915 | ---- | C] () -- C:\Documents and Settings\Russell\Desktop\gmer.zip [2010/07/24 11:20:04 | 054,835,272 | ---- | C] () -- C:\Documents and Settings\Russell\Desktop\setup_av_free.exe [2010/07/23 15:27:19 | 000,002,804 | ---- | C] () -- C:\WINDOWS\uloweseb.dll [2010/07/23 15:17:49 | 000,000,120 | ---- | C] () -- C:\WINDOWS\Egera.dat [2010/07/23 15:17:49 | 000,000,000 | ---- | C] () -- C:\WINDOWS\Olebazu.bin [2010/07/23 15:16:09 | 001,180,672 | ---- | C] () -- C:\Documents and Settings\Russell\Local Settings\Application Data\7229915329.exe [2010/06/27 07:23:54 | 000,087,552 | ---- | C] () -- C:\WINDOWS\System32\cpwmon2k.dll [2009/12/25 10:24:45 | 000,000,110 | ---- | C] () -- C:\WINDOWS\{7E7D778E-121D-4BBD-BA29-FAA81B9FBD8C}_WiseFW.ini [2009/11/19 13:29:09 | 000,000,165 | ---- | C] () -- C:\WINDOWS\QUICKEN.INI [2009/05/14 15:29:30 | 000,462,848 | ---- | C] () -- C:\WINDOWS\System32\ractrlkeyhook.dll [2007/06/24 16:41:08 | 000,000,214 | ---- | C] () -- C:\WINDOWS\HP_48BitScanUpdatePatch.ini [2005/11/27 23:54:25 | 000,000,056 | RHS- | C] () -- C:\WINDOWS\System32\A8EF4EDF9B.sys [2005/11/27 23:41:34 | 000,003,350 | -HS- | C] () -- C:\WINDOWS\System32\KGyGaAvL.sys [2005/06/25 23:22:50 | 000,000,004 | -H-- | C] () -- C:\WINDOWS\uccspecb.sys [2005/06/01 22:43:37 | 000,000,012 | ---- | C] () -- C:\WINDOWS\msoffice.ini [2004/07/28 07:32:18 | 000,000,029 | ---- | C] () -- C:\WINDOWS\atid.ini [2004/07/28 07:32:17 | 000,000,049 | ---- | C] () -- C:\WINDOWS\upth.ini [2004/01/22 12:00:28 | 000,012,635 | ---- | C] () -- C:\WINDOWS\System32\DAntivirus.ini [2003/12/25 12:07:36 | 000,363,520 | ---- | C] () -- C:\WINDOWS\System32\psisdecd.dll [2003/08/25 20:36:50 | 000,000,064 | ---- | C] () -- C:\WINDOWS\sysdat.dll [2003/08/20 20:46:09 | 000,000,027 | ---- | C] () -- C:\WINDOWS\UP9ASP.INI [2003/07/21 20:07:49 | 000,140,480 | ---- | C] () -- C:\WINDOWS\System32\CSGina.dll [2003/03/16 22:13:26 | 000,000,057 | ---- | C] () -- C:\WINDOWS\SNAPFI~1.INI [2002/12/15 22:34:11 | 000,338,944 | ---- | C] () -- C:\WINDOWS\System32\lffpx7.dll [2002/12/15 22:34:11 | 000,118,784 | ---- | C] () -- C:\WINDOWS\System32\lfkodak.dll [2002/11/28 13:43:19 | 000,000,448 | ---- | C] () -- C:\WINDOWS\ulead32.ini [2002/11/28 12:09:20 | 000,014,211 | R--- | C] () -- C:\WINDOWS\twacker.ini [2002/06/30 16:34:12 | 000,012,851 | ---- | C] () -- C:\WINDOWS\cdplayer.ini [2002/06/16 12:26:26 | 000,000,453 | ---- | C] () -- C:\WINDOWS\videoimp.ini [2002/06/16 12:26:20 | 000,010,240 | ---- | C] () -- C:\WINDOWS\System32\vidx16.dll [2002/06/15 11:27:56 | 000,001,793 | ---- | C] () -- C:\WINDOWS\System32\fxsperf.ini [2002/06/15 11:02:55 | 000,000,020 | ---- | C] () -- C:\WINDOWS\InfModM.ini [2002/06/11 21:40:57 | 000,000,000 | ---- | C] () -- C:\WINDOWS\iPlayer.INI [2002/06/04 03:26:02 | 000,000,061 | ---- | C] () -- C:\WINDOWS\smscfg.ini [2002/06/04 03:20:42 | 000,000,029 | ---- | C] () -- C:\WINDOWS\wgedit.ini [2002/06/04 03:20:39 | 000,057,344 | ---- | C] () -- C:\WINDOWS\uninstBVRP.dll [2002/06/04 03:20:30 | 000,004,272 | ---- | C] () -- C:\WINDOWS\System32\drivers\bvrp_pci.sys [2002/06/04 03:18:19 | 000,000,890 | ---- | C] () -- C:\WINDOWS\orun32.ini [2002/06/04 01:49:10 | 000,000,547 | ---- | C] () -- C:\WINDOWS\System32\OEMINFO.INI [2002/03/13 16:46:46 | 000,053,248 | R--- | C] () -- C:\WINDOWS\System32\zlib.dll [2001/11/15 09:19:38 | 000,000,376 | ---- | C] () -- C:\WINDOWS\ODBC.INI [1998/08/16 06:00:00 | 000,004,096 | ---- | C] () -- C:\WINDOWS\System32\sysres.dll [1996/11/17 01:00:00 | 000,022,016 | ---- | C] () -- C:\WINDOWS\System32\ODBCSTF.DLL [1996/11/17 01:00:00 | 000,022,016 | ---- | C] () -- C:\WINDOWS\System32\DOCOBJ.DLL [1996/11/17 01:00:00 | 000,012,288 | ---- | C] () -- C:\WINDOWS\System32\HLINKPRX.DLL [color=#E56717]========== Custom Scans ==========[/color] [color=#A23BEC]< %SYSTEMDRIVE%\*.* >[/color] [2009/11/19 22:19:07 | 000,001,024 | ---- | M] () -- C:\.rnd [2005/12/07 01:04:07 | 000,010,920 | ---- | M] () -- C:\aolconnfix.exe [2005/12/07 01:04:07 | 000,001,039 | ---- | M] () -- C:\aolconnfix.txt [2001/11/15 08:31:14 | 000,000,000 | ---- | M] () -- C:\AUTOEXEC.BAT [2004/08/25 22:41:41 | 000,000,211 | RHS- | M] () -- C:\BOOT.INI [2001/11/14 17:35:22 | 000,000,512 | -HS- | M] () -- C:\BOOTSECT.DOS [2001/11/15 08:31:14 | 000,000,000 | ---- | M] () -- C:\CONFIG.SYS [2002/06/04 02:01:30 | 000,003,964 | RH-- | M] () -- C:\DELL.SDR [2008/12/13 20:59:01 | 000,000,488 | ---- | M] () -- C:\hpfr5550.xml [2003/12/30 21:43:37 | 000,000,796 | -H-- | M] () -- C:\hpothb07.dat [2003/12/30 21:43:12 | 000,016,868 | -H-- | M] () -- C:\hpothb07.tif [2003/03/13 22:34:24 | 000,000,116 | ---- | M] () -- C:\index.html [2006/03/26 14:55:49 | 000,015,721 | ---- | M] () -- C:\install.log [2001/11/15 08:31:14 | 000,000,000 | -H-- | M] () -- C:\IO.SYS [2007/08/15 23:47:04 | 000,000,430 | -H-- | M] () -- C:\IPH.PH [2002/12/30 19:53:53 | 000,031,024 | ---- | M] () -- C:\log.txt [2002/12/30 19:04:40 | 000,324,634 | ---- | M] () -- C:\Matt & Jenn 002.jpg [2010/05/22 15:02:49 | 000,000,109 | ---- | M] () -- C:\mbam-error.txt [2001/11/15 08:31:14 | 000,000,000 | -H-- | M] () -- C:\MSDOS.SYS [2008/08/17 12:54:31 | 000,001,142 | ---- | M] () -- C:\NTDClient.log [2004/08/25 22:27:54 | 000,047,564 | RHS- | M] () -- C:\NTDETECT.COM [2008/10/30 07:47:09 | 000,250,048 | RHS- | M] () -- C:\NTLDR [2010/07/24 11:35:15 | 402,653,184 | -HS- | M] () -- C:\pagefile.sys [2008/06/22 15:53:56 | 000,068,608 | ---- | M] () -- C:\Resume%20Spring%20Revised%202008[1].doc [2010/05/04 22:20:30 | 000,027,979 | ---- | M] () -- C:\scramble.log [2005/07/16 10:04:20 | 000,006,656 | -HS- | M] () -- C:\Thumbs.db [2007/06/09 03:59:12 | 000,129,607 | ---- | M] () -- C:\VETlog.dmp [2007/06/09 03:59:12 | 000,329,111 | ---- | M] () -- C:\VETlog.txt [color=#A23BEC]< %systemroot%\system32\*.wt >[/color] [color=#A23BEC]< %systemroot%\system32\*.ruy >[/color] [color=#A23BEC]< %systemroot%\Fonts\*.com >[/color] [2006/04/18 16:39:28 | 000,026,040 | ---- | M] () -- C:\WINDOWS\Fonts\GlobalMonospace.CompositeFont [2006/06/29 15:53:56 | 000,026,489 | ---- | M] () -- C:\WINDOWS\Fonts\GlobalSansSerif.CompositeFont [2006/04/18 16:39:28 | 000,029,779 | ---- | M] () -- C:\WINDOWS\Fonts\GlobalSerif.CompositeFont [2006/06/29 15:58:52 | 000,030,808 | ---- | M] () -- C:\WINDOWS\Fonts\GlobalUserInterface.CompositeFont [color=#A23BEC]< %systemroot%\Fonts\*.dll >[/color] [color=#A23BEC]< %systemroot%\Fonts\*.ini >[/color] [2001/11/15 08:30:48 | 000,000,067 | -HS- | M] () -- C:\WINDOWS\Fonts\DESKTOP.INI [color=#A23BEC]< %systemroot%\Fonts\*.ini2 >[/color] [color=#A23BEC]< %systemroot%\system32\spool\prtprocs\w32x86\*.* >[/color] [2008/07/06 08:06:10 | 000,089,088 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SYSTEM32\SPOOL\PRTPROCS\W32X86\filterpipelineprintproc.dll [2009/09/28 20:34:40 | 000,047,416 | ---- | M] (LogMeIn, Inc.) -- C:\WINDOWS\SYSTEM32\SPOOL\PRTPROCS\W32X86\LMIproc.dll [2008/07/06 06:50:03 | 000,597,504 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SYSTEM32\SPOOL\PRTPROCS\W32X86\printfilterpipelinesvc.exe [2000/03/21 12:29:42 | 000,016,840 | ---- | M] (BVRP Software) -- C:\WINDOWS\SYSTEM32\SPOOL\PRTPROCS\W32X86\wfxprint2000.dll [color=#A23BEC]< %systemroot%\REPAIR\*.bak1 >[/color] [color=#A23BEC]< %systemroot%\REPAIR\*.ini >[/color] [color=#A23BEC]< %systemroot%\system32\*.jpg >[/color] [color=#A23BEC]< %systemroot%\*.scr >[/color] [2010/06/28 16:57:33 | 000,038,848 | ---- | M] (ALWIL Software) -- C:\WINDOWS\avastSS.scr [2005/07/27 13:10:27 | 000,278,528 | ---- | M] (Simple Star, Inc.) -- C:\WINDOWS\Comcast PhotoShow.scr [color=#A23BEC]< %systemroot%\*._sy >[/color] [color=#A23BEC]< %APPDATA%\Adobe\Update\*.* >[/color] [color=#A23BEC]< %ALLUSERSPROFILE%\Favorites\*.* >[/color] [color=#A23BEC]< %APPDATA%\Microsoft\*.* >[/color] [2008/11/23 18:13:03 | 000,001,666 | -H-- | M] () -- C:\Documents and Settings\Russell\Application Data\Microsoft\LastFlashConfig.WFC [color=#A23BEC]< %PROGRAMFILES%\*.* >[/color] [2003/04/09 20:59:40 | 013,736,688 | ---- | M] (InstallShield Software Corporation) -- C:\Program Files\AcroReader51_ENU_full.exe [2004/07/11 22:17:40 | 016,706,160 | ---- | M] (Netopsystems AG) -- C:\Program Files\AdbeRdr60_enu_full.exe [2004/07/11 22:16:49 | 006,811,656 | ---- | M] (Adobe Systems, Inc. ) -- C:\Program Files\psa201se_us.exe [color=#A23BEC]< %APPDATA%\Update\*.* >[/color] [color=#A23BEC]< %systemroot%\*. /mp /s >[/color] [color=#A23BEC]< %systemroot%\system32\*.dll /lockedfiles >[/color] [color=#A23BEC]< %systemroot%\Tasks\*.job /lockedfiles >[/color] [color=#A23BEC]< %systemroot%\System32\config\*.sav >[/color] [2001/11/15 08:22:22 | 000,090,112 | ---- | M] () -- C:\WINDOWS\SYSTEM32\CONFIG\DEFAULT.SAV [2001/11/15 08:22:22 | 000,606,208 | ---- | M] () -- C:\WINDOWS\SYSTEM32\CONFIG\SOFTWARE.SAV [2001/11/15 08:22:22 | 000,380,928 | ---- | M] () -- C:\WINDOWS\SYSTEM32\CONFIG\SYSTEM.SAV [color=#A23BEC]< %systemroot%\system32\user32.dll /md5 >[/color] [2008/04/13 20:12:08 | 000,578,560 | ---- | M] (Microsoft Corporation) MD5=B26B135FF1B9F60C9388B4A7D16F600B -- C:\WINDOWS\SYSTEM32\user32.dll [color=#A23BEC]< %systemroot%\system32\ws2_32.dll /md5 >[/color] [2008/04/13 20:12:10 | 000,082,432 | ---- | M] (Microsoft Corporation) MD5=2CCC474EB85CEAA3E1FA1726580A3E5A -- C:\WINDOWS\SYSTEM32\ws2_32.dll [color=#A23BEC]< %systemroot%\system32\ws2help.dll /md5 >[/color] [2008/04/13 20:12:10 | 000,019,968 | ---- | M] (Microsoft Corporation) MD5=9789E95E1D88EEB4B922BF3EA7779C28 -- C:\WINDOWS\SYSTEM32\ws2help.dll [color=#A23BEC]< HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate\AU >[/color] [color=#A23BEC]< HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update\Results\Install|LastSuccessTime /rs >[/color] HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update\Results\Install\\LastSuccessTime: 2010-07-15 07:05:07 [color=#E56717]========== Alternate Data Streams ==========[/color] @Alternate Data Stream - 129 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:2193C133 @Alternate Data Stream - 110 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:888AFB86 < End of report >