Database version: 2500
Windows 5.1.2600 Service Pack 3
7/26/2009 7:17:05 AM
mbam-log-2009-07-26 (07-17-05).txt
Scan type: Quick Scan
Objects scanned: 103409
Time elapsed: 8 minute(s), 48 second(s)
Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 0
Registry Values Infected: 0
Registry Data Items Infected: 0
Folders Infected: 0
Files Infected: 0
Memory Processes Infected:
(No malicious items detected)
Memory Modules Infected:
(No malicious items detected)
Registry Keys Infected:
(No malicious items detected)
Registry Values Infected:
(No malicious items detected)
Registry Data Items Infected:
(No malicious items detected)
Folders Infected:
(No malicious items detected)
Files Infected:
(No malicious items detected)
ROOTREPEAL © AD, 2007-2009
==================================================
Scan Start Time: 2009/07/25 12:21
Program Version: Version 1.3.2.0
Windows Version: Windows XP SP3
==================================================
Drivers
-------------------
Name: rootrepeal.sys
Image Path: C:\WINDOWS\system32\drivers\rootrepeal.sys
Address: 0xF09C5000 Size: 49152 File Visible: No Signed: -
Status: -
Hidden/Locked Files
-------------------
Path: C:\hiberfil.sys
Status: Locked to the Windows API!
Path: c:\documents and settings\owner\local settings\temp\~df365f.tmp
Status: Allocation size mismatch (API: 49152, Raw: 16384)
Path: c:\documents and settings\owner\local settings\temp\~df5866.tmp
Status: Allocation size mismatch (API: 131072, Raw: 16384)
Path: c:\documents and settings\owner\local settings\temp\~df58cf.tmp
Status: Allocation size mismatch (API: 131072, Raw: 16384)
SSDT
-------------------
#: 025 Function Name: NtClose
Status: Hooked by "C:\WINDOWS\System32\Drivers\aswSP.SYS" at address 0xf24336b8
#: 041 Function Name: NtCreateKey
Status: Hooked by "C:\WINDOWS\System32\Drivers\aswSP.SYS" at address 0xf2433574
#: 065 Function Name: NtDeleteValueKey
Status: Hooked by "C:\WINDOWS\System32\Drivers\aswSP.SYS" at address 0xf2433a52
#: 068 Function Name: NtDuplicateObject
Status: Hooked by "C:\WINDOWS\System32\Drivers\aswSP.SYS" at address 0xf243314c
#: 119 Function Name: NtOpenKey
Status: Hooked by "C:\WINDOWS\System32\Drivers\aswSP.SYS" at address 0xf243364e
#: 122 Function Name: NtOpenProcess
Status: Hooked by "C:\WINDOWS\System32\Drivers\aswSP.SYS" at address 0xf243308c
#: 128 Function Name: NtOpenThread
Status: Hooked by "C:\WINDOWS\System32\Drivers\aswSP.SYS" at address 0xf24330f0
#: 177 Function Name: NtQueryValueKey
Status: Hooked by "C:\WINDOWS\System32\Drivers\aswSP.SYS" at address 0xf243376e
#: 204 Function Name: NtRestoreKey
Status: Hooked by "C:\WINDOWS\System32\Drivers\aswSP.SYS" at address 0xf243372e
#: 247 Function Name: NtSetValueKey
Status: Hooked by "C:\WINDOWS\System32\Drivers\aswSP.SYS" at address 0xf24338ae
==EOF==OTL logfile created on: 7/26/2009 6:49:21 AM - Run 1
OTL by OldTimer - Version 3.0.10.3 Folder = C:\Documents and Settings\Owner\Desktop
Windows XP Home Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy
511.48 Mb Total Physical Memory | 181.21 Mb Available Physical Memory | 35.43% Memory free
1.22 Gb Paging File | 0.74 Gb Available in Paging File | 60.44% Paging File free
Paging file location(s): C:\pagefile.sys 768 1536 [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 70.89 Gb Total Space | 43.57 Gb Free Space | 61.46% Space Free | Partition Type: NTFS
Drive D: | 3.62 Gb Total Space | 0.73 Gb Free Space | 20.08% Space Free | Partition Type: FAT32
E: Drive not present or media not loaded
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded
Computer Name: DWAYNEDUPRE
Current User Name: Owner
Logged in as Administrator.
Current Boot Mode: Normal
Scan Mode: All users
Company Name Whitelist: Off
Skip Microsoft Files: Off
File Age = 30 Days
Output = Standard
========== Processes (SafeList) ==========
PRC - [2009/02/05 16:01:25 | 00,018,752 | ---- | M] (ALWIL Software) -- C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
PRC - [2009/02/05 16:08:40 | 00,138,680 | ---- | M] (ALWIL Software) -- C:\Program Files\Alwil Software\Avast4\ashServ.exe
PRC - [2008/04/13 19:12:19 | 01,033,728 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\Explorer.EXE
PRC - [1998/05/07 19:04:38 | 00,052,736 | ---- | M] (Hewlett-Packard Company) -- C:\windows\system\hpsysdrv.exe
PRC - [2001/07/06 23:56:56 | 00,061,440 | ---- | M] (Hewlett-Packard Company) -- C:\HP\KBD\KBD.EXE
PRC - [2004/09/13 15:49:00 | 00,049,152 | ---- | M] (Hewlett-Packard Company) -- C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
PRC - [2009/02/05 16:08:45 | 00,081,000 | ---- | M] (ALWIL Software) -- C:\Program Files\Alwil Software\Avast4\ashDisp.exe
PRC - [2005/06/20 20:11:36 | 00,218,688 | ---- | M] (BillP Studios) -- C:\Program Files\BillP Studios\WinPatrol\winpatrol.exe
PRC - [2004/09/07 13:47:52 | 00,057,344 | ---- | M] (Realtek Semiconductor Corp.) -- C:\WINDOWS\ALCXMNTR.EXE
PRC - [2003/07/14 09:52:44 | 00,040,960 | ---- | M] (Agere Systems) -- C:\WINDOWS\LTMSG.exe
PRC - [2009/06/30 09:55:40 | 02,329,224 | ---- | M] (IObit) -- C:\Program Files\IObit\Advanced SystemCare 3\AWC.exe
PRC - [2004/11/04 19:28:24 | 00,258,048 | ---- | M] (Hewlett-Packard Co.) -- C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
PRC - [2008/05/26 23:19:14 | 00,123,904 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Windows Desktop Search\WindowsSearch.exe
PRC - [2004/11/04 19:36:46 | 00,425,984 | ---- | M] (Hewlett-Packard Co.) -- C:\Program Files\HP\Digital Imaging\bin\hpqgalry.exe
PRC - [2003/07/28 14:19:00 | 00,077,824 | ---- | M] (NVIDIA Corporation) -- C:\WINDOWS\System32\nvsvc32.exe
PRC - [2009/05/19 11:36:18 | 00,240,512 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
PRC - [2009/02/05 16:08:26 | 00,254,040 | ---- | M] (ALWIL Software) -- C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
PRC - [2009/02/05 16:06:04 | 00,352,920 | ---- | M] (ALWIL Software) -- C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
PRC - [2009/03/08 14:09:26 | 00,638,816 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Internet Explorer\iexplore.exe
PRC - [2009/03/08 14:09:26 | 00,638,816 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Internet Explorer\iexplore.exe
PRC - [2009/03/08 14:09:26 | 00,638,816 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Internet Explorer\iexplore.exe
PRC - [2007/08/09 02:27:52 | 00,073,728 | ---- | M] (HP) -- C:\WINDOWS\System32\HPZipm12.exe
PRC - [2009/02/06 05:10:02 | 00,227,840 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\wbem\wmiprvse.exe
PRC - [2009/07/26 06:48:45 | 00,513,536 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Owner\Desktop\OTL.exe
========== Win32 Services (SafeList) ==========
SRV - [2009/02/05 16:01:25 | 00,018,752 | ---- | M] (ALWIL Software) -- C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe -- (aswUpdSv [Auto | Running])
SRV - [2009/02/05 16:08:40 | 00,138,680 | ---- | M] (ALWIL Software) -- C:\Program Files\Alwil Software\Avast4\ashServ.exe -- (avast! Antivirus [Auto | Running])
SRV - [2009/02/05 16:08:26 | 00,254,040 | ---- | M] (ALWIL Software) -- C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe -- (avast! Mail Scanner [On_Demand | Running])
SRV - [2009/02/05 16:06:04 | 00,352,920 | ---- | M] (ALWIL Software) -- C:\Program Files\Alwil Software\Avast4\ashWebSv.exe -- (avast! Web Scanner [On_Demand | Running])
SRV - [2009/07/07 15:50:50 | 00,138,168 | ---- | M] (Google) -- C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe -- (gusvc [Disabled | Stopped])
SRV - [2008/04/13 19:12:02 | 00,038,400 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\PCHealth\HelpCtr\Binaries\pchsvc.dll -- (helpsvc [Auto | Running])
SRV - File not found -- -- (msCMTSrvc [On_Demand | Stopped])
SRV - [2003/07/28 14:19:00 | 00,077,824 | ---- | M] (NVIDIA Corporation) -- C:\WINDOWS\System32\nvsvc32.exe -- (NVSvc [Auto | Running])
SRV - [2007/08/09 02:27:52 | 00,073,728 | ---- | M] (HP) -- C:\WINDOWS\System32\HPZipm12.exe -- (Pml Driver HPZ12 [Auto | Running])
SRV - [2009/05/19 11:36:18 | 00,240,512 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe -- (SeaPort [Auto | Running])
SRV - [2001/09/25 19:32:50 | 00,065,536 | ---- | M] (America Online, Inc.) -- C:\WINDOWS\wanmpsvc.exe -- (WANMiniportService [Disabled | Stopped])
========== Driver Services (SafeList) ==========
DRV - [2009/02/05 16:05:11 | 00,026,944 | ---- | M] (ALWIL Software) -- C:\WINDOWS\System32\drivers\aavmker4.sys -- (Aavmker4 [System | Running])
DRV - [2004/10/01 10:24:02 | 02,279,424 | ---- | M] (Realtek Semiconductor Corp.) -- C:\WINDOWS\System32\drivers\ALCXWDM.SYS -- (ALCXWDM [On_Demand | Running])
DRV - [2009/02/05 16:08:10 | 00,094,032 | ---- | M] (ALWIL Software) -- C:\WINDOWS\System32\drivers\aswmon2.sys -- (aswMon2 [Auto | Running])
DRV - [2009/02/05 16:06:10 | 00,023,152 | ---- | M] (ALWIL Software) -- C:\WINDOWS\System32\drivers\aswRdr.sys -- (aswRdr [On_Demand | Running])
DRV - [2009/02/05 16:07:23 | 00,114,768 | ---- | M] (ALWIL Software) -- C:\WINDOWS\System32\drivers\aswSP.sys -- (aswSP [System | Running])
DRV - [2009/02/05 16:06:20 | 00,051,376 | ---- | M] (ALWIL Software) -- C:\WINDOWS\System32\drivers\aswTdi.sys -- (aswTdi [System | Running])
DRV - [2005/10/21 19:58:52 | 00,049,920 | ---- | M] (HP) -- C:\WINDOWS\System32\DRIVERS\HPZid412.sys -- (HPZid412 [On_Demand | Running])
DRV - [2005/10/21 19:58:58 | 00,016,496 | ---- | M] (HP) -- C:\WINDOWS\System32\DRIVERS\HPZipr12.sys -- (HPZipr12 [On_Demand | Running])
DRV - [2005/10/22 07:22:48 | 00,021,568 | ---- | M] (HP) -- C:\WINDOWS\System32\DRIVERS\HPZius12.sys -- (HPZius12 [On_Demand | Running])
DRV - [2002/10/25 19:02:20 | 00,080,283 | ---- | M] (Intel Corporation) -- C:\WINDOWS\System32\DRIVERS\ialmnt5.sys -- (ialm [On_Demand | Stopped])
DRV - [2000/08/31 14:06:50 | 00,032,108 | ---- | M] (Intel Corporation) -- C:\WINDOWS\System32\DRIVERS\ISECDRV.SYS -- (ISD [Auto | Running])
DRV - [2003/12/12 19:03:10 | 00,652,689 | ---- | M] (Agere Systems) -- C:\WINDOWS\System32\DRIVERS\ltmdmnt.sys -- (ltmodem5 [On_Demand | Running])
DRV - [2003/07/28 14:19:00 | 01,341,339 | ---- | M] (NVIDIA Corporation) -- C:\WINDOWS\System32\DRIVERS\nv4_mini.sys -- (nv [On_Demand | Running])
DRV - [2002/09/06 21:24:00 | 00,013,568 | ---- | M] (NVIDIA Corporation) -- C:\WINDOWS\System32\DRIVERS\nv_agp.sys -- (nv_agp [Boot | Running])
DRV - [2002/11/20 20:08:24 | 00,009,856 | ---- | M] (Padus, Inc.) -- C:\WINDOWS\System32\drivers\pfc.sys -- (pfc [On_Demand | Running])
DRV - [2002/07/30 00:43:50 | 00,023,808 | ---- | M] (Hewlett-Packard Company) -- C:\WINDOWS\System32\DRIVERS\PS2.sys -- (Ps2 [On_Demand | Running])
DRV - [2002/08/29 05:00:00 | 00,017,792 | ---- | M] (Parallel Technologies, Inc.) -- C:\WINDOWS\System32\DRIVERS\ptilink.sys -- (Ptilink [On_Demand | Running])
DRV - [2002/11/27 12:02:00 | 00,017,232 | ---- | M] (VERITAS Software, Inc.) -- C:\WINDOWS\System32\DRIVERS\PxHelp20.sys -- (PxHelp20 [Boot | Running])
DRV - [2009/03/25 06:29:52 | 00,130,432 | ---- | M] (Realtek Semiconductor Corporation ) -- C:\WINDOWS\System32\DRIVERS\Rtnicxp.sys -- (RTL8023xp [On_Demand | Running])
DRV - [2004/08/03 22:31:34 | 00,020,992 | ---- | M] (Realtek Semiconductor Corporation) -- C:\WINDOWS\System32\DRIVERS\RTL8139.SYS -- (rtl8139 [On_Demand | Stopped])
DRV - [2004/08/03 22:29:52 | 00,166,912 | ---- | M] (S3 Graphics, Inc.) -- C:\WINDOWS\System32\DRIVERS\s3gnbm.sys -- (S3Psddr [On_Demand | Stopped])
DRV - [2007/11/13 03:47:45 | 00,020,480 | ---- | M] (Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K.) -- C:\WINDOWS\System32\DRIVERS\secdrv.sys -- (Secdrv [On_Demand | Stopped])
DRV - [2002/07/24 14:30:00 | 00,032,128 | ---- | M] (VIA Technologies, Inc.) -- C:\WINDOWS\System32\DRIVERS\viaagp1.sys -- (viaagp1 [Boot | Running])
DRV - [2001/09/27 21:00:26 | 00,028,396 | ---- | M] (America Online, Inc.) -- C:\WINDOWS\System32\DRIVERS\wanatw4.sys -- (wanatw [On_Demand | Running])
DRV - [2002/10/25 19:03:22 | 00,091,774 | ---- | M] (Intel Corporation) -- C:\WINDOWS\System32\drivers\ialmsbw.sys -- ({6080A529-897E-4629-A488-ABA0C29B635E} [System | Stopped])
DRV - [2002/10/25 19:03:30 | 00,071,514 | ---- | M] (Intel Corporation) -- C:\WINDOWS\System32\drivers\ialmkchw.sys -- ({D31A0762-0CEB-444e-ACFF-B049A1F6FE91} [On_Demand | Stopped])
========== Standard Registry (SafeList) ==========
========== Internet Explorer ==========
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft....k/?LinkId=69157
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft....k/?LinkId=54896
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = [binary data]
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Extensions Off Page = about:NoAdd-ons
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\WINDOWS\system32\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft....k/?LinkId=54896
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Security Risk Page = about:SecurityRisk
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft....k/?LinkId=69157
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,CustomizeSearch = http://ie.search.msn...st/srchcust.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://ie.search.msn...st/srchasst.htm
IE - HKU\.DEFAULT\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-18\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-19\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-20\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-23717625-3988469780-812823917-1003\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://qus7.hpwis.com/
IE - HKU\S-1-5-21-23717625-3988469780-812823917-1003\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://srch-qus7.hpwis.com/
IE - HKU\S-1-5-21-23717625-3988469780-812823917-1003\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\WINDOWS\system32\blank.htm
IE - HKU\S-1-5-21-23717625-3988469780-812823917-1003\SOFTWARE\Microsoft\Internet Explorer\Main,Page_Transitions = 1
IE - HKU\S-1-5-21-23717625-3988469780-812823917-1003\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://srch-qus7.hpwis.com/
IE - HKU\S-1-5-21-23717625-3988469780-812823917-1003\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.yahoo.com/
IE - HKU\S-1-5-21-23717625-3988469780-812823917-1003\S-1-5-21-23717625-3988469780-812823917-1003\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
FF - HKLM\software\mozilla\CompuServe 7.0\Extensions\\:
FF - HKLM\software\mozilla\CompuServe 7.0\Extensions\\Components: C:\Program Files\Common Files\csshare\plugins0942 [2009/07/23 17:27:54 | 00,000,000 | ---D | M]
FF - HKLM\software\mozilla\CompuServe 7.0\Extensions\\Plugins: C:\Program Files\Common Files\csshare\plugins0942 [2009/07/23 17:27:54 | 00,000,000 | ---D | M]
FF - HKLM\software\mozilla\Netscape 7.0\Extensions\\Components: C:\Program Files\Netscape\Netscape\Components [2003/01/24 10:27:10 | 00,000,000 | ---D | M]
FF - HKLM\software\mozilla\Netscape 7.0\Extensions\\Plugins: C:\Program Files\Netscape\Netscape\Plugins [2009/07/23 17:31:05 | 00,000,000 | ---D | M]
O1 HOSTS File: (734 bytes) - C:\WINDOWS\System32\drivers\etc\Hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (Adobe PDF Reader Link Helper) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
O2 - BHO: (Yahoo! Companion BHO) - {13F537F0-AF09-11d6-9029-0002B31F9E59} - C:\Program Files\Yahoo!\Common\ycomp5,0,8,0.dll (Yahoo! Inc.)
O2 - BHO: (Adobe PDF Link Helper) - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)
O2 - BHO: (no name) - {243B17DE-77C7-46BF-B94B-0B5F309A0E64} - C:\Program Files\Microsoft Money\System\mnyside.dll (Microsoft Corporation)
O2 - BHO: (Search Helper) - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll (Microsoft Corporation)
O2 - BHO: (no name) - {FDD3B846-8D59-4ffb-8758-209B6AD74ACC} - No CLSID value found.
O3 - HKLM\..\Toolbar: (Yahoo! Companion) - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Common\ycomp5,0,8,0.dll (Yahoo! Inc.)
O3 - HKU\S-1-5-21-23717625-3988469780-812823917-1003\..\Toolbar\ShellBrowser: (no name) - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - No CLSID value found.
O3 - HKU\S-1-5-21-23717625-3988469780-812823917-1003\..\Toolbar\ShellBrowser: (Yahoo! Companion) - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Common\ycomp5,0,8,0.dll (Yahoo! Inc.)
O3 - HKU\S-1-5-21-23717625-3988469780-812823917-1003\..\Toolbar\WebBrowser: (Yahoo! Companion) - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Common\ycomp5,0,8,0.dll (Yahoo! Inc.)
O4 - HKLM..\Run: [Adobe Reader Speed Launcher] C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [AlcxMonitor] C:\WINDOWS\ALCXMNTR.EXE (Realtek Semiconductor Corp.)
O4 - HKLM..\Run: [avast!] C:\Program Files\Alwil Software\Avast4\ashDisp.exe (ALWIL Software)
O4 - HKLM..\Run: [HotKeysCmds] C:\WINDOWS\System32\hkcmd.exe (Intel Corporation)
O4 - HKLM..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPWuSchd2.exe (Hewlett-Packard Company)
O4 - HKLM..\Run: [hpsysdrv] c:\windows\system\hpsysdrv.exe (Hewlett-Packard Company)
O4 - HKLM..\Run: [KBD] C:\HP\KBD\KBD.EXE (Hewlett-Packard Company)
O4 - HKLM..\Run: [LTMSG] C:\WINDOWS\LTMSG.exe (Agere Systems)
O4 - HKLM..\Run: [NvCplDaemon] C:\WINDOWS\System32\NvCpl.DLL (NVIDIA Corporation)
O4 - HKLM..\Run: [NvMediaCenter] C:\WINDOWS\System32\NvMcTray.DLL (NVIDIA Corporation)
O4 - HKLM..\Run: [nwiz] C:\WINDOWS\System32\nwiz.exe (NVIDIA Corporation)
O4 - HKLM..\Run: [PS2] C:\WINDOWS\System32\ps2.exe (Hewlett-Packard Company)
O4 - HKLM..\Run: [Recguard] C:\WINDOWS\SMINST\RECGUARD.EXE ()
O4 - HKLM..\Run: [Reminder] C:\Windows\Creator\Remind_XP.exe ()
O4 - HKLM..\Run: [StorageGuard] C:\Program Files\VERITAS Software\Update Manager\sgtray.exe (VERITAS Software, Inc.)
O4 - HKLM..\Run: [TkBellExe] C:\Program Files\Common Files\Real\Update_OB\realsched.exe (RealNetworks, Inc.)
O4 - HKLM..\Run: [WCOLOREAL] C:\Program Files\Coloreal\coloreal.exe ()
O4 - HKLM..\Run: [WinPatrol] C:\Program Files\BillP Studios\WinPatrol\winpatrol.exe (BillP Studios)
O4 - HKU\S-1-5-21-23717625-3988469780-812823917-1003..\Run: [Advanced SystemCare 3] C:\Program Files\IObit\Advanced SystemCare 3\AWC.exe (IObit)
O4 - HKU\S-1-5-21-23717625-3988469780-812823917-1003..\Run: [DriverCure] C:\Program Files\ParetoLogic\DriverCure\DriverCure.exe (ParetoLogic)
O4 - HKU\S-1-5-21-23717625-3988469780-812823917-1003..\Run: [NvMediaCenter] C:\WINDOWS\System32\NVMCTRAY.DLL (NVIDIA Corporation)
O4 - HKLM..\RunOnce: [Malwarebytes' Anti-Malware] C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation)
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe (Hewlett-Packard Co.)
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\HP Image Zone Fast Start.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqthb08.exe (Hewlett-Packard Co.)
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\MsnFixer.lnk = C:\hp\bin\msnfix\msnfixjs.js File not found
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Quicken Scheduled Updates.lnk = C:\Program Files\Quicken\bagent.exe (Intuit Inc.)
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Windows Search.lnk = C:\Program Files\Windows Desktop Search\WindowsSearch.exe (Microsoft Corporation)
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Infodelivery present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: LinkResolveIgnoreLinkInfo = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoResolveSearch = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: dontdisplaylastusername = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticecaption =
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticetext =
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: shutdownwithoutlogon = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: undockwithoutlogon = 1
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-21-23717625-3988469780-812823917-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-21-23717625-3988469780-812823917-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: LinkResolveIgnoreLinkInfo = 0
O9 - Extra Button: Yahoo! Login - {2499216C-4BA5-11D5-BD9C-000103C116D5} - C:\Program Files\Yahoo!\Common\ylogin.dll (Yahoo! Inc.)
O9 - Extra 'Tools' menuitem : Yahoo! Login - {2499216C-4BA5-11D5-BD9C-000103C116D5} - C:\Program Files\Yahoo!\Common\ylogin.dll (Yahoo! Inc.)
O9 - Extra Button: Messenger - {4528BBE0-4E08-11D5-AD55-00010333D0AD} - C:\Program Files\Yahoo!\Messenger\yhexbmes.dll (Yahoo! Inc.)
O9 - Extra 'Tools' menuitem : Yahoo! Messenger - {4528BBE0-4E08-11D5-AD55-00010333D0AD} - C:\Program Files\Yahoo!\Messenger\yhexbmes.dll (Yahoo! Inc.)
O9 - Extra Button: MoneySide - {E023F504-0C5A-4750-A1E7-A9046DEA8A21} - C:\Program Files\Microsoft Money\System\mnyside.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe (Microsoft Corporation)
O9 - Extra Button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe (Microsoft Corporation)
O12 - Plugin for: .spop - C:\Program Files\Internet Explorer\Plugins\NPDocBox.dll (InterTrust Technologies Corporation, Inc.)
O15 - HKLM\..Trusted Domains: 1 domain(s) and sub-domain(s) not assigned to a zone.
O15 - HKU\S-1-5-21-23717625-3988469780-812823917-1003\..Trusted Domains: 8 domain(s) and sub-domain(s) not assigned to a zone.
O16 - DPF: {01113300-3E00-11D2-8470-0060089874ED} http://support.att.n...oad/tgctlcm.cab (Support.com Configuration Class)
O16 - DPF: {1E54D648-B804-468d-BC78-4AFFED8E262F} http://www.nvidia.co...sreqlab_nvd.cab (System Requirements Lab Class)
O16 - DPF: {5AE58FCF-6F6A-49B2-B064-02492C66E3F4} http://catalog.updat...b?1246566678812 (MUCatalogWebControl Class)
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} http://update.micros...b?1246529395984 (WUWebControl Class)
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} http://update.micros...b?1246566929921 (MUWebControl Class)
O16 - DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} http://fpdownload.ma...r/ultrashim.cab (Reg Error: Value error.)
O16 - DPF: {A17E30C4-A9BA-11D4-8673-60DB54C10000} http://download.yaho...mail/ymmapi.dll (YahooYMailTo Class)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.m...ash/swflash.cab (Shockwave Flash Object)
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.ad...Plus/1.6/gp.cab (Reg Error: Value error.)
O16 - DPF: DirectAnimation Java Classes file://C:\WINDOWS\Java\classes\dajava.cab (Reg Error: Key error.)
O16 - DPF: Microsoft XML Parser for Java file://C:\WINDOWS\Java\classes\xmldso.cab (Reg Error: Key error.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.254 192.168.1.254
O18 - Protocol\Handler\http\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\http\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\https\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\https\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\ipp - No CLSID value found
O18 - Protocol\Handler\ipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp - No CLSID value found
O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\msdaipp.dll (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\Explorer.exe (Microsoft Corporation)
O20 - Winlogon\Notify\igfxcui: DllName - igfxsrvc.dll - C:\WINDOWS\System32\igfxsrvc.dll (Intel Corporation)
O24 - Desktop Components:0 (My Current Home Page) - About:Home
O28 - HKLM ShellExecuteHooks: {56F9679E-7826-4C84-81F3-532071A8BCC5} - C:\Program Files\Windows Desktop Search\MSNLNamespaceMgr.dll (Microsoft Corporation)
O31 - SafeBoot: AlternateShell - cmd.exe
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2003/01/24 09:07:32 | 00,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O32 - AutoRun File - [2001/07/28 07:07:38 | 00,000,000 | -HS- | M] () - D:\AUTOEXEC.BAT -- [ FAT32 ]
O32 - AutoRun File - [2002/09/11 02:02:32 | 00,000,045 | -HS- | M] () - D:\Autorun.inf -- [ FAT32 ]
O34 - HKLM BootExecute: (autocheck) - File not found
O34 - HKLM BootExecute: (autochk) - C:\WINDOWS\System32\autochk.exe (Microsoft Corporation)
O34 - HKLM BootExecute: (*) - File not found
========== Files/Folders - Created Within 30 Days ==========
[2009/07/26 06:48:41 | 00,513,536 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\Owner\Desktop\OTL.exe
[2009/07/25 18:46:02 | 00,000,372 | ---- | C] () -- C:\Documents and Settings\Owner\My Documents\spider.sav
[2009/07/25 12:18:06 | 00,000,000 | ---- | C] () -- C:\Documents and Settings\Owner\Desktop\settings.dat
[2009/07/25 11:29:11 | 00,000,000 | ---D | C] -- C:\WINDOWS\ERDNT
[2009/07/25 11:27:28 | 00,000,619 | ---- | C] () -- C:\Documents and Settings\Owner\Desktop\NTREGOPT.lnk
[2009/07/25 11:27:28 | 00,000,600 | ---- | C] () -- C:\Documents and Settings\Owner\Desktop\ERUNT.lnk
[2009/07/25 11:27:27 | 00,000,000 | ---D | C] -- C:\Program Files\ERUNT
[2009/07/25 11:20:59 | 00,021,504 | ---- | C] (Doug Knox) -- C:\Documents and Settings\Owner\Desktop\SysRestorePoint.exe
[2009/07/25 10:58:10 | 00,265,216 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\Owner\Desktop\TFC.exe
[2009/07/25 09:27:21 | 00,001,742 | ---- | C] () -- C:\Documents and Settings\Owner\Desktop\HijackThis.lnk
[2009/07/25 09:27:21 | 00,000,000 | ---D | C] -- C:\Program Files\Trend Micro
[2009/07/23 21:53:19 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Owner\Local Settings\Application Data\jZip
[2009/07/23 21:52:58 | 00,076,407 | ---- | C] () -- C:\Documents and Settings\Owner\Application Data\Smiley.ico
[2009/07/23 21:52:58 | 00,000,145 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Emoticons for your messenger!.url
[2009/07/23 21:52:33 | 00,000,634 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\jZip.lnk
[2009/07/23 21:52:21 | 00,000,000 | ---D | C] -- C:\Program Files\jZip
[2009/07/23 20:05:12 | 00,001,795 | ---- | C] () -- C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Windows Search.lnk
[2009/07/23 20:04:48 | 00,001,374 | ---- | C] () -- C:\WINDOWS\imsins.BAK
[2009/07/23 20:03:51 | 00,192,000 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\offfilt.dll
[2009/07/23 20:03:51 | 00,098,304 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\nlhtml.dll
[2009/07/23 20:03:51 | 00,029,696 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mimefilt.dll
[2009/07/23 05:44:53 | 00,714,528 | ---- | C] (Sun Microsystems, Inc.) -- C:\Documents and Settings\Owner\My Documents\JavaSetup6u14.exe
[2009/07/21 21:41:36 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Desktop\Adobe Reader 9 Installer
[2009/07/21 21:13:44 | 00,001,708 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\WSQviewer.lnk
[2009/07/21 21:13:44 | 00,000,000 | ---D | C] -- C:\Program Files\Cognaxon
[2009/07/21 18:07:59 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Owner\Application Data\licenses
[2009/07/21 18:07:55 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Owner\Application Data\PCMM2009
[2009/07/21 18:05:41 | 00,000,000 | ---D | C] -- C:\Program Files\PC MightyMax 2009
[2009/07/21 18:01:07 | 01,947,136 | ---- | C] () -- C:\Documents and Settings\Owner\My Documents\haynesville.xls
[2009/07/20 21:58:15 | 00,033,280 | ---- | C] () -- C:\Documents and Settings\Owner\My Documents\10 business cards.doc
[2009/07/08 05:51:21 | 00,000,882 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Advanced SystemCare.lnk
[2009/07/08 05:29:24 | 00,000,704 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Malwarebytes' Anti-Malware.lnk
[2009/07/08 05:29:21 | 00,038,160 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbamswissarmy.sys
[2009/07/08 05:29:19 | 00,019,096 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbam.sys
[2009/07/08 05:29:19 | 00,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware
[2009/07/07 22:45:32 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\SUPERAntiSpyware.com
[2009/07/07 22:45:15 | 00,000,000 | ---D | C] -- C:\Program Files\SUPERAntiSpyware
[2009/07/07 22:45:15 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Owner\Application Data\SUPERAntiSpyware.com
[2009/07/07 18:59:24 | 00,000,000 | ---D | C] -- C:\Program Files\SystemRequirementsLab
[2009/07/07 05:13:46 | 53,639,9872 | -HS- | C] () -- C:\hiberfil.sys
[2009/07/02 19:17:26 | 00,284,160 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\pdh.dll
[2009/07/02 19:17:25 | 00,473,600 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fastprox.dll
[2009/07/02 19:17:25 | 00,453,120 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmiprvsd.dll
[2009/07/02 19:17:25 | 00,401,408 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\rpcss.dll
[2009/07/02 19:17:25 | 00,227,840 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmiprvse.exe
[2009/07/02 19:17:25 | 00,110,592 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\services.exe
[2009/07/02 19:17:24 | 00,729,088 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\lsasrv.dll
[2009/07/02 19:17:24 | 00,714,752 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ntdll.dll
[2009/07/02 19:17:24 | 00,617,472 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\advapi32.dll
[2009/07/02 19:16:56 | 00,203,136 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\rmcast.sys
[2009/07/02 19:16:53 | 00,333,952 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\srv.sys
[2009/07/02 19:16:51 | 00,331,776 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msadce.dll
[2009/07/02 19:16:40 | 00,691,712 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\inetcomm.dll
[2009/07/02 19:16:12 | 00,247,326 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\strmdll.dll
[2009/07/02 19:16:09 | 00,337,408 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\netapi32.dll
[2009/07/02 19:16:07 | 01,106,944 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msxml3.dll
[2009/07/02 19:15:29 | 01,203,922 | ---- | C] () -- C:\WINDOWS\System32\dllcache\sysmain.sdb
[2009/07/02 19:15:28 | 00,215,552 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wordpad.exe
[2009/07/02 19:11:14 | 00,000,000 | ---D | C] -- C:\WINDOWS\Prefetch
[2009/07/02 16:49:15 | 00,007,208 | ---- | C] () -- C:\WINDOWS\System32\secupd.sig
[2009/07/02 16:49:15 | 00,004,569 | ---- | C] () -- C:\WINDOWS\System32\secupd.dat
[2009/07/02 16:48:41 | 00,057,667 | ---- | C] () -- C:\WINDOWS\System32\ieuinit.inf
[2009/07/02 15:40:46 | 00,018,944 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\qmgrprxy.dll
[2009/07/02 15:40:45 | 00,354,304 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\winhttp.dll
[2009/07/01 23:38:24 | 00,006,272 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\splitter.sys
[2009/07/01 23:38:23 | 00,083,072 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\wdmaud.sys
[2009/07/01 23:38:22 | 00,052,864 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\dmusic.sys
[2009/07/01 23:38:21 | 00,056,576 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\swmidi.sys
[2009/07/01 23:38:20 | 00,142,592 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\aec.sys
[2009/07/01 23:38:19 | 00,172,416 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\kmixer.sys
[2009/07/01 23:38:18 | 00,002,944 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\drmkaud.sys
[2009/07/01 23:38:17 | 00,060,800 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\sysaudio.sys
[2009/07/01 23:38:16 | 00,007,552 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\mskssrv.sys
[2009/07/01 23:38:15 | 00,004,992 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\mspqm.sys
[2009/07/01 23:38:13 | 00,005,376 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\mspclock.sys
[2009/07/01 23:37:57 | 00,146,048 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\portcls.sys
[2009/07/01 23:37:57 | 00,129,536 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\ksproxy.ax
[2009/07/01 23:37:57 | 00,060,160 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\drmk.sys
[2009/07/01 23:37:57 | 00,004,096 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\ksuser.dll
[2009/07/01 23:37:41 | 00,061,696 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\ohci1394.sys
[2009/07/01 23:37:41 | 00,053,376 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\1394bus.sys
[2009/07/01 22:19:40 | 00,308,160 | ---- | C] (ALWIL Software) -- C:\Documents and Settings\Owner\Desktop\avast_home_setup.exe
[2009/07/01 21:12:38 | 00,000,806 | ---- | C] () -- C:\Documents and Settings\All Users\Start Menu\Programs\Startup\HP Image Zone Fast Start.lnk
[2009/07/01 21:10:03 | 00,001,816 | ---- | C] () -- C:\Documents and Settings\All Users\Start Menu\Programs\Startup\HP Digital Imaging Monitor.lnk
[2009/07/01 20:59:50 | 00,068,951 | ---- | C] () -- C:\WINDOWS\hpoins05.dat
[2009/07/01 20:58:51 | 00,016,496 | ---- | C] (HP) -- C:\WINDOWS\System32\drivers\HPZipr12.sys
[2009/07/01 20:58:49 | 00,049,920 | ---- | C] (HP) -- C:\WINDOWS\System32\drivers\HPZid412.sys
[2009/07/01 20:58:18 | 00,021,568 | ---- | C] (HP) -- C:\WINDOWS\System32\drivers\HPZius12.sys
[2009/07/01 20:58:14 | 00,025,856 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\usbprint.sys
[2009/07/01 20:57:43 | 00,286,720 | ---- | C] (Hewlett-Packard Co.) -- C:\WINDOWS\System32\HPZc3212.dll
[2009/07/01 20:57:42 | 00,229,376 | R--- | C] (Hewlett-Packard Co.) -- C:\WINDOWS\System32\hpovst08.dll
[2009/07/01 20:57:41 | 00,581,632 | R--- | C] (Hewlett-Packard Co.) -- C:\WINDOWS\System32\hpotscl.dll
[2009/07/01 20:57:40 | 00,278,528 | R--- | C] (Hewlett-Packard) -- C:\WINDOWS\System32\hpgwiamd.dll
[2009/07/01 20:57:39 | 00,015,104 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\usbscan.sys
[2009/07/01 20:55:17 | 00,000,000 | ---D | C] -- C:\WUTemp
[2009/07/01 20:54:52 | 00,182,880 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\iuenginenew.dll
[2009/07/01 20:53:47 | 00,032,128 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\usbccgp.sys
[2009/07/01 20:53:30 | 00,004,176 | RHS- | C] () -- C:\WINDOWS\System32\drivers\HP_DD220A-ABA S3500CL NA110_YC_Pres_QMX3150_E32NAheRED3 _4_IMS-6577_SMICRO-STAR INTERNATIONAL CO., LTD_V030_B3.15_T030226_WXH1_L409_M512_J80_7Intel_8Pentium 4_92.67_1103300F2_N10EC8139_P_Z11C1044E_K_A808624C5_U808624C2.MRK
[2009/07/01 20:50:41 | 00,000,435 | ---- | C] () -- C:\Documents and Settings\All Users\Start Menu\Programs\Startup\MsnFixer.lnk
[2009/07/01 20:50:33 | 00,052,480 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\i8042prt.sys
[2009/07/01 20:50:33 | 00,024,576 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\kbdclass.sys
[2009/07/01 20:49:15 | 00,040,960 | ---- | C] (Gtek) -- C:\WINDOWS\AolCInUn.exe
[2009/07/01 20:49:04 | 00,000,000 | ---D | C] -- C:\Program Files\America Online 7.0a
[2009/06/30 20:42:07 | 00,078,170 | ---- | C] () -- C:\WINDOWS\System32\usb
[2009/06/30 20:33:51 | 00,078,251 | ---- | C] () -- C:\Documents and Settings\Owner\My Documents\hpsysdig.gz
[2009/06/30 20:33:50 | 00,000,462 | ---- | C] () -- C:\Documents and Settings\Owner\Desktop\hpsysdig.lnk
[2009/06/30 20:33:28 | 00,672,218 | ---- | C] () -- C:\Documents and Settings\Owner\My Documents\hpsysdig.htm
[2009/06/30 05:34:28 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Owner\Desktop\HP_WebRelease
[2009/06/29 22:28:53 | 00,019,696 | ---- | C] () -- C:\WINDOWS\hpomdl05.dat
[2009/06/29 20:07:56 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Owner\Application Data\Malwarebytes
[2009/06/29 20:07:13 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Malwarebytes
[2009/06/29 18:10:12 | 00,068,952 | ---- | C] () -- C:\WINDOWS\hpoins05.dat.temp
[2009/06/29 18:10:12 | 00,019,696 | ---- | C] () -- C:\WINDOWS\hpomdl05.dat.temp
[2009/06/29 15:14:04 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Owner\Application Data\WinBatch
[2009/06/29 15:01:47 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\PC Drivers HeadQuarters
[2009/06/22 16:57:10 | 00,307,200 | ---- | C] () -- C:\WINDOWS\System32\AscSQLite.dll
[2009/04/20 17:57:31 | 00,223,232 | ---- | C] () -- C:\WINDOWS\System32\sqlite3.dll
[2009/04/20 17:57:29 | 00,086,016 | ---- | C] () -- C:\WINDOWS\System32\SQLiteWrapper.dll
[2009/02/09 20:13:11 | 00,000,075 | ---- | C] () -- C:\WINDOWS\TaxACT08.ini
[2008/12/01 19:02:30 | 00,000,034 | ---- | C] () -- C:\WINDOWS\System32\_111881690A7D.sys
[2008/11/27 12:47:56 | 00,073,728 | ---- | C] () -- C:\WINDOWS\System32\RtNicProp32.dll
[2008/04/30 23:28:39 | 00,030,976 | ---- | C] () -- C:\WINDOWS\rascntrl.dll
[2008/04/30 21:18:36 | 00,055,808 | ---- | C] () -- C:\WINDOWS\CP-FPCOS100.dll
[2008/01/30 21:50:00 | 00,000,074 | ---- | C] () -- C:\WINDOWS\TaxACT07.ini
[2007/10/09 19:42:51 | 00,006,048 | ---- | C] () -- C:\WINDOWS\System32\MCC16.dll
[2007/09/27 11:51:02 | 00,020,698 | ---- | C] () -- C:\WINDOWS\System32\idxcntrs.ini
[2007/09/27 11:48:48 | 00,030,628 | ---- | C] () -- C:\WINDOWS\System32\gsrvctr.ini
[2007/09/27 11:48:28 | 00,031,698 | ---- | C] () -- C:\WINDOWS\System32\gthrctr.ini
[2006/11/18 07:34:04 | 00,000,214 | ---- | C] () -- C:\WINDOWS\HP_48BitScanUpdatePatch.ini
[2006/10/22 13:22:00 | 01,662,976 | ---- | C] () -- C:\WINDOWS\System32\nvwdmcpl.dll
[2006/10/22 13:22:00 | 01,019,904 | ---- | C] () -- C:\WINDOWS\System32\nvwimg.dll
[2006/10/22 13:22:00 | 00,581,632 | ---- | C] () -- C:\WINDOWS\System32\nvhwvid.dll
[2006/10/22 13:22:00 | 00,286,720 | ---- | C] () -- C:\WINDOWS\System32\nvnt4cpl.dll
[2006/10/22 13:22:00 | 00,212,992 | ---- | C] () -- C:\WINDOWS\System32\nvapi.dll
[2006/07/21 16:09:48 | 00,000,643 | ---- | C] () -- C:\WINDOWS\WININIT.INI
[2006/06/01 19:14:52 | 00,000,114 | ---- | C] () -- C:\WINDOWS\kpcms.ini
[2006/06/01 19:14:50 | 00,000,832 | ---- | C] () -- C:\WINDOWS\EZPHOTO.INI
[2006/05/31 15:24:28 | 00,248,832 | ---- | C] () -- C:\WINDOWS\System32\ECircles.dll
[2006/05/31 15:24:28 | 00,153,088 | ---- | C] () -- C:\WINDOWS\System32\SoyWeb.dll
[2006/05/31 15:22:00 | 00,006,144 | ---- | C] () -- C:\WINDOWS\System32\ImgLibLead.dll
[2006/05/31 15:21:59 | 00,100,864 | ---- | C] () -- C:\WINDOWS\System32\Dc50ip32.dll
[2006/05/31 15:21:59 | 00,065,864 | ---- | C] () -- C:\WINDOWS\System32\Digita.sys
[2006/05/31 15:21:59 | 00,007,808 | ---- | C] () -- C:\WINDOWS\System32\dc240u.sys
[2006/05/31 15:21:50 | 00,210,944 | ---- | C] () -- C:\WINDOWS\System32\MSVCRT10.DLL
[2006/05/17 16:11:11 | 00,000,070 | ---- | C] () -- C:\WINDOWS\iltwain.ini
[2006/05/17 14:18:04 | 00,000,206 | ---- | C] () -- C:\WINDOWS\HPGdiPlus.ini
[2006/01/20 22:45:33 | 00,000,021 | ---- | C] () -- C:\WINDOWS\progman.ini
[2006/01/07 11:04:35 | 00,000,044 | ---- | C] () -- C:\WINDOWS\liveup.ini
[2005/09/26 17:37:27 | 00,000,597 | ---- | C] () -- C:\WINDOWS\ULEAD32.INI
[2005/07/06 16:51:38 | 00,000,334 | ---- | C] () -- C:\WINDOWS\ODBC.INI
[2005/07/06 09:23:58 | 00,000,170 | ---- | C] () -- C:\WINDOWS\GetServer.ini
[2005/07/06 09:10:44 | 00,011,776 | ---- | C] () -- C:\WINDOWS\System32\ZPORT4AS.dll
[2005/05/03 11:44:44 | 00,025,157 | ---- | C] () -- C:\WINDOWS\RMAgentOutput.dll
[2005/05/03 11:43:44 | 00,126,976 | ---- | C] () -- C:\WINDOWS\dllTSCLIBMT.dll
[2005/03/03 16:16:42 | 00,000,256 | ---- | C] () -- C:\WINDOWS\aucfg.ini
[2004/10/01 17:33:46 | 00,000,679 | ---- | C] () -- C:\WINDOWS\TSC.ini
[2004/07/10 18:55:38 | 00,252,416 | ---- | C] () -- C:\WINDOWS\System32\wsiShared.dll
[2003/12/09 13:16:52 | 00,442,368 | ---- | C] ( ) -- C:\WINDOWS\System32\comintfs.dll
[2003/01/25 05:43:47 | 00,000,061 | ---- | C] () -- C:\WINDOWS\smscfg.ini
[2003/01/25 05:43:16 | 00,000,000 | ---- | C] () -- C:\WINDOWS\System32\iAlmcoin.dll
[2003/01/24 10:36:27 | 00,073,728 | ---- | C] () -- C:\WINDOWS\System32\IntroReg.dll
[2003/01/24 10:36:25 | 00,024,576 | ---- | C] () -- C:\WINDOWS\System32\syscontr.dll
[2003/01/24 10:36:24 | 00,036,864 | ---- | C] () -- C:\WINDOWS\System32\hpreg.dll
[2003/01/24 10:18:55 | 00,000,052 | ---- | C] () -- C:\WINDOWS\intuprof.ini
[2003/01/24 10:18:40 | 00,000,626 | ---- | C] () -- C:\WINDOWS\QUICKEN.INI
[2003/01/24 10:15:33 | 00,019,968 | ---- | C] () -- C:\WINDOWS\System32\cpuinf32.dll
[2003/01/24 09:52:52 | 00,001,793 | ---- | C] () -- C:\WINDOWS\System32\fxsperf.ini
[2003/01/24 09:41:30 | 00,266,240 | ---- | C] () -- C:\WINDOWS\System32\shpshftr.dll
[2003/01/24 09:30:21 | 00,299,073 | ---- | C] () -- C:\WINDOWS\System32\PythonCOM22.dll
[2003/01/24 09:30:21 | 00,065,536 | ---- | C] () -- C:\WINDOWS\System32\PyWinTypes22.dll
[2003/01/24 09:29:52 | 00,016,896 | ---- | C] () -- C:\WINDOWS\System32\bcbmm.dll
[2003/01/24 09:11:36 | 00,000,802 | ---- | C] () -- C:\WINDOWS\orun32.ini
[2003/01/24 07:55:28 | 00,000,552 | ---- | C] () -- C:\WINDOWS\System32\oeminfo.ini
[2003/01/24 07:55:07 | 00,000,758 | ---- | C] () -- C:\WINDOWS\win.ini
[2003/01/24 07:55:04 | 00,000,231 | ---- | C] () -- C:\WINDOWS\system.ini
[2002/12/13 21:32:52 | 00,000,141 | ---- | C] () -- C:\WINDOWS\System32\px.ini
[2002/07/04 15:05:34 | 00,000,269 | ---- | C] () -- C:\WINDOWS\tmupdate.ini
[2001/12/14 13:34:46 | 00,164,864 | ---- | C] () -- C:\WINDOWS\patchw32.dll
[2001/09/01 01:33:58 | 00,425,984 | ---- | C] () -- C:\WINDOWS\System32\VxDMDcDlg.dll
[1999/07/23 13:46:48 | 00,000,116 | ---- | C] () -- C:\WINDOWS\AuHCcup1.ini
[1999/07/23 10:53:20 | 00,129,536 | ---- | C] () -- C:\WINDOWS\AuHCcup1.dll
========== Files - Modified Within 30 Days ==========
[1 C:\WINDOWS\System32\*.tmp files]
[2009/07/26 06:48:45 | 00,513,536 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Owner\Desktop\OTL.exe
[2009/07/26 05:49:00 | 00,000,364 | ---- | M] () -- C:\WINDOWS\tasks\Symantec NetDetect.job
[2009/07/26 03:52:00 | 00,000,372 | ---- | M] () -- C:\WINDOWS\tasks\RegCure.job
[2009/07/25 18:46:02 | 00,000,372 | ---- | M] () -- C:\Documents and Settings\Owner\My Documents\spider.sav
[2009/07/25 12:18:06 | 00,000,000 | ---- | M] () -- C:\Documents and Settings\Owner\Desktop\settings.dat
[2009/07/25 12:08:29 | 00,001,158 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2009/07/25 11:37:53 | 00,000,704 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Malwarebytes' Anti-Malware.lnk
[2009/07/25 11:27:28 | 00,000,619 | ---- | M] () -- C:\Documents and Settings\Owner\Desktop\NTREGOPT.lnk
[2009/07/25 11:27:28 | 00,000,600 | ---- | M] () -- C:\Documents and Settings\Owner\Desktop\ERUNT.lnk
[2009/07/25 11:21:03 | 00,021,504 | ---- | M] (Doug Knox) -- C:\Documents and Settings\Owner\Desktop\SysRestorePoint.exe
[2009/07/25 11:03:37 | 00,000,438 | ---- | M] () -- C:\WINDOWS\tasks\RegCure Program Check.job
[2009/07/25 11:03:30 | 00,000,006 | -H-- | M] () -- C:\WINDOWS\tasks\SA.DAT
[2009/07/25 11:03:21 | 00,000,243 | ---- | M] () -- C:\WINDOWS\System\hpsysdrv.dat
[2009/07/25 11:03:14 | 00,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2009/07/25 11:03:13 | 53,639,9872 | -HS- | M] () -- C:\hiberfil.sys
[2009/07/25 10:58:18 | 00,265,216 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Owner\Desktop\TFC.exe
[2009/07/25 09:27:21 | 00,001,742 | ---- | M] () -- C:\Documents and Settings\Owner\Desktop\HijackThis.lnk
[2009/07/25 09:06:48 | 12,875,414 | -H-- | M] () -- C:\Documents and Settings\Owner\Local Settings\Application Data\IconCache.db
[2009/07/25 08:50:13 | 00,000,643 | ---- | M] () -- C:\WINDOWS\WININIT.INI
[2009/07/24 18:00:00 | 00,000,442 | ---- | M] () -- C:\WINDOWS\tasks\ParetoLogic Registration.job
[2009/07/24 04:57:55 | 00,714,528 | ---- | M] (Sun Microsystems, Inc.) -- C:\Documents and Settings\Owner\My Documents\JavaSetup6u14.exe
[2009/07/23 21:52:58 | 00,000,145 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Emoticons for your messenger!.url
[2009/07/23 21:52:33 | 00,000,634 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\jZip.lnk
[2009/07/23 21:08:49 | 00,144,424 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2009/07/23 20:33:42 | 00,031,808 | ---- | M] () -- C:\Documents and Settings\Owner\Local Settings\Application Data\GDIPFONTCACHEV1.DAT
[2009/07/23 20:05:12 | 00,001,795 | ---- | M] () -- C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Windows Search.lnk
[2009/07/23 20:05:12 | 00,001,374 | ---- | M] () -- C:\WINDOWS\imsins.BAK
[2009/07/23 20:05:07 | 00,438,080 | ---- | M] () -- C:\WINDOWS\System32\PerfStringBackup.INI
[2009/07/23 20:05:07 | 00,386,120 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
[2009/07/23 20:05:07 | 00,053,134 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
[2009/07/23 19:49:11 | 00,088,224 | ---- | M] () -- C:\WINDOWS\System32\nvapps.xml
[2009/07/21 21:46:25 | 00,001,737 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Adobe Reader 9.lnk
[2009/07/21 21:17:28 | 00,000,758 | ---- | M] () -- C:\WINDOWS\win.ini
[2009/07/21 21:13:44 | 00,001,708 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\WSQviewer.lnk
[2009/07/21 20:34:23 | 02,781,184 | ---- | M] () -- C:\Documents and Settings\Owner\My Documents\My Money.mny
[2009/07/21 20:34:15 | 02,782,238 | R--- | M] () -- C:\Documents and Settings\Owner\My Documents\My Money Backup.mbf
[2009/07/21 18:49:00 | 00,000,284 | ---- | M] () -- C:\WINDOWS\tasks\AppleSoftwareUpdate.job
[2009/07/21 18:01:13 | 01,947,136 | ---- | M] () -- C:\Documents and Settings\Owner\My Documents\haynesville.xls
[2009/07/21 18:00:00 | 00,000,406 | ---- | M] () -- C:\WINDOWS\tasks\Pareto UNS.job
[2009/07/20 21:58:22 | 00,033,280 | ---- | M] () -- C:\Documents and Settings\Owner\My Documents\10 business cards.doc
[2009/07/17 15:37:00 | 00,000,436 | ---- | M] () -- C:\WINDOWS\tasks\EasyShare Registration Task.job
[2009/07/13 13:36:34 | 00,038,160 | ---- | M] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbamswissarmy.sys
[2009/07/13 13:36:12 | 00,019,096 | ---- | M] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbam.sys
[2009/07/08 05:51:22 | 00,000,153 | ---- | M] () -- C:\Documents and Settings\Owner\Desktop\IObit Freeware.url
[2009/07/08 05:51:21 | 00,000,882 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Advanced SystemCare.lnk
[2009/07/07 10:10:56 | 24,539,592 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\MRT.exe
[2009/07/02 19:12:11 | 00,316,640 | ---- | M] () -- C:\WINDOWS\WMSysPr9.prx
[2009/07/02 18:57:41 | 00,250,048 | RHS- | M] () -- C:\ntldr
[2009/07/02 18:51:29 | 00,000,000 | ---- | M] () -- C:\WINDOWS\System32\spdwnwxp.exe
[2009/07/02 17:11:12 | 00,000,201 | RHS- | M] () -- C:\boot.ini
[2009/07/02 17:04:48 | 00,047,564 | RHS- | M] () -- C:\NTDETECT.COM
[2009/07/01 23:38:41 | 00,000,231 | ---- | M] () -- C:\WINDOWS\system.ini
[2009/07/01 22:23:47 | 00,001,717 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\avast! Antivirus.lnk
[2009/07/01 22:23:44 | 00,002,626 | ---- | M] () -- C:\WINDOWS\System32\CONFIG.NT
[2009/07/01 22:21:27 | 00,308,160 | ---- | M] (ALWIL Software) -- C:\Documents and Settings\Owner\Desktop\avast_home_setup.exe
[2009/07/01 21:23:25 | 00,068,951 | ---- | M] () -- C:\WINDOWS\hpoins05.dat
[2009/07/01 21:12:38 | 00,000,906 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\HP Image Zone.lnk
[2009/07/01 21:12:38 | 00,000,806 | ---- | M] () -- C:\Documents and Settings\All Users\Start Menu\Programs\Startup\HP Image Zone Fast Start.lnk
[2009/07/01 21:11:46 | 00,001,902 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\HP Document Viewer.lnk
[2009/07/01 21:10:03 | 00,001,816 | ---- | M] () -- C:\Documents and Settings\All Users\Start Menu\Programs\Startup\HP Digital Imaging Monitor.lnk
[2009/07/01 21:09:10 | 00,000,812 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\HP Director.lnk
[2009/07/01 20:53:30 | 00,004,176 | RHS- | M] () -- C:\WINDOWS\System32\drivers\HP_DD220A-ABA S3500CL NA110_YC_Pres_QMX3150_E32NAheRED3 _4_IMS-6577_SMICRO-STAR INTERNATIONAL CO., LTD_V030_B3.15_T030226_WXH1_L409_M512_J80_7Intel_8Pentium 4_92.67_1103300F2_N10EC8139_P_Z11C1044E_K_A808624C5_U808624C2.MRK
[2009/07/01 20:50:57 | 00,000,993 | ---- | M] () -- C:\WINDOWS\System32\$winnt$.inf
[2009/07/01 20:50:41 | 00,000,435 | ---- | M] () -- C:\Documents and Settings\All Users\Start Menu\Programs\Startup\MsnFixer.lnk
[2009/07/01 20:50:21 | 00,000,584 | -H-- | M] () -- C:\IPH.PH
[2009/07/01 20:45:51 | 00,000,725 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Register with Compaq.lnk
[2009/07/01 02:27:25 | 00,000,330 | -H-- | M] () -- C:\WINDOWS\tasks\MP Scheduled Scan.job
[2009/07/01 02:08:06 | 00,101,376 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\iecompat.dll
[2009/07/01 00:33:02 | 00,000,416 | ---- | M] () -- C:\WINDOWS\tasks\ParetoLogic Update Version2.job
[2009/06/30 20:57:23 | 00,078,170 | ---- | M] () -- C:\WINDOWS\System32\usb
[2009/06/30 20:33:51 | 00,672,218 | ---- | M] () -- C:\Documents and Settings\Owner\My Documents\hpsysdig.htm
[2009/06/30 20:33:51 | 00,078,251 | ---- | M] () -- C:\Documents and Settings\Owner\My Documents\hpsysdig.gz
[2009/06/30 20:33:51 | 00,000,462 | ---- | M] () -- C:\Documents and Settings\Owner\Desktop\hpsysdig.lnk
[2009/06/29 22:35:50 | 00,068,952 | ---- | M] () -- C:\WINDOWS\hpoins05.dat.temp
[2009/06/29 05:34:33 | 00,000,380 | ---- | M] () -- C:\WINDOWS\tasks\DriverCure.job
========== Alternate Data Streams ==========
@Alternate Data Stream - 127 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:7AB94506
@Alternate Data Stream - 119 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:28534A3F
@Alternate Data Stream - 110 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:DFC5A2B2
@Alternate Data Stream - 109 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:D1B5B4F1
========== Files - Unicode (All) ==========
[2005/07/02 07:01:54 | 00,000,008 | ---- | C] ()(C:\WINDOWS\System32\??) -- C:\WINDOWS\System32\ﳀɍ
[2005/07/02 07:01:54 | 00,000,008 | ---- | M] ()(C:\WINDOWS\System32\??) -- C:\WINDOWS\System32\ﳀɍ
[2005/07/02 07:35:09 | 00,000,008 | ---- | C] ()(C:\WINDOWS\System32\??) -- C:\WINDOWS\System32\
[2005/07/02 07:35:09 | 00,000,008 | ---- | M] ()(C:\WINDOWS\System32\??) -- C:\WINDOWS\System32\
< End of report >
OTL Extras logfile created on: 7/26/2009 6:49:21 AM - Run 1
OTL by OldTimer - Version 3.0.10.3 Folder = C:\Documents and Settings\Owner\Desktop
Windows XP Home Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy
511.48 Mb Total Physical Memory | 181.21 Mb Available Physical Memory | 35.43% Memory free
1.22 Gb Paging File | 0.74 Gb Available in Paging File | 60.44% Paging File free
Paging file location(s): C:\pagefile.sys 768 1536 [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 70.89 Gb Total Space | 43.57 Gb Free Space | 61.46% Space Free | Partition Type: NTFS
Drive D: | 3.62 Gb Total Space | 0.73 Gb Free Space | 20.08% Space Free | Partition Type: FAT32
E: Drive not present or media not loaded
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded
Computer Name: DWAYNEDUPRE
Current User Name: Owner
Logged in as Administrator.
Current Boot Mode: Normal
Scan Mode: All users
Company Name Whitelist: Off
Skip Microsoft Files: Off
File Age = 30 Days
Output = Standard
========== Extra Registry (SafeList) ==========
========== File Associations ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.html [@ = htmlfile] -- C:\Program Files\Internet Explorer\IEXPLORE.EXE (Microsoft Corporation)
========== Security Center Settings ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"AntiVirusDisableNotify" = 0
"FirewallDisableNotify" = 0
"UpdatesDisableNotify" = 0
"AntiVirusOverride" = 0
"FirewallOverride" = 0
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1
"DoNotAllowExceptions" = 0
"DisableNotifications" = 0
========== Authorized Applications List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
========== HKEY_LOCAL_MACHINE Uninstall List ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{01F9D88C-3C86-4E82-840A-101A3221F67A}" = Microsoft Money 2003
"{02B42D23-10F2-4862-ADA4-3DF1EA0021B2}" = Microsoft Money 2003 System Pack
"{07295ABF-1245-415A-BE06-863271753443}" = ShowBiz
"{09DA4F91-2A09-4232-AB8C-6BC740096DE3}" = RecordNow Update Manager
"{0DC86BEC-5CE3-413A-BB61-C40A3D186B24}" = Scan
"{14589F05-C658-4594-9429-D437BA688686}" = IntelliMover Data Transfer Demo
"{14BEB6DF-A499-4A38-8E06-E173BCD5C087}" = ScannerCopy
"{17293791-C82E-476C-9997-9A0FF234A19B}" = HP Product Assistant
"{181821B7-82AA-44DA-9DAF-EF254CCB670A}" = Fax
"{1AD5F465-8282-4DAD-B957-E09C0B783D18}" = InstantShare
"{1B680FBA-E317-4E93-AF43-3B59798A4BE0}" = Copy
"{1F7CCFA3-D926-4882-B2A5-A0217ED25597}" = PC-Doctor for Windows
"{20FBC0A0-3160-4F14-83ED-3A74BB6B8C31}" = TrayApp
"{2318C2B1-4965-11d4-9B18-009027A5CD4F}" = Google Toolbar for Internet Explorer
"{272EC8BA-5A08-4ea1-A189-684466A06B02}" = cp_dwShrek2Albums1
"{27565B66-EC6D-48A9-A1C3-8886A849995F}" = Space Rocks
"{2B4B4104-7AC7-4950-8BF2-6BB5E3E61CA7}" = Men In Black II CROSSFIRE Trial Version
"{2B5DDB2C-0807-47FD-9C11-80EA761902C0}" = easy Internet sign-up
"{2E8428AD-6CD2-4031-916A-3CF9BBF2DEC9}" = Unload
"{31403AA7-7357-43E1-9B46-4B45847C37D5}" = Blasterball Wild
"{33A16A26-1533-4016-AE2D-89D6398D7EB2}" = Blackhawk Striker
"{342C7C88-D335-4bc2-8CF1-281857629CE2}" = HP PSC & OfficeJet 4.7
"{350C97B0-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP
"{350CC34B-2B8E-4EE5-AE4D-F04FDF37DC39}" = Blasterball 2
"{3762DB2D-71BD-421F-9E55-C74DA7DF4D07}" = CueTour
"{391E18CE-7D3B-45E9-A8F0-34E77F14F47A}" = ProductContext
"{3C5E25C7-D999-4AB6-BE8C-532FD5B79D6A}" = Betty Bad
"{442BE28B-782B-4DC0-B490-E70A403B1C69}" = Readme
"{461073BF-9642-4A73-B58E-157358D412AB}" = 6200
"{4CBA3D4C-8F51-4D60-B27E-F6B641C571E7}" = Microsoft Search Enhancement Pack
"{4E5B5975-1138-4B20-A53F-30704B135B5C}" = Pig Pen
"{5E835305-63BB-4E55-BBB7-EEBBE67774DB}" = MyDVD
"{5E8D588F-307C-4250-B622-26969027319A}" = PanoStandAlone
"{644D04A2-C682-4FD5-977D-03B804C4B9C5}" = CreativeProjects
"{646A65DD-23FC-418E-B9F0-E0500FB42CB1}" = PhotoGallery
"{64FC0C98-B035-4530-B15D-3D30610B6DF1}" = HP Software Update
"{6518675B-CC8D-4AB3-A3F6-CC02FF6548D7}" = 6200_Help
"{655CB07D-C944-40BE-B93F-55957CAC7625}" = AiO_Scan
"{67D9A48A-81E9-4863-8B55-744BAEA180E2}" = Disney's Lilo and Stitch Pinball
"{68963635-14A4-48D9-B431-DF3A74D1AAE1}" = Destinations
"{6991CF80-F82C-11D4-BD19-00D0B702AEC0}" = Intel® Security Driver
"{700A6597-3CE6-49C1-AA75-846B24CDA66D}" = BufferChm
"{7131646D-CD3C-40F4-97B9-CD9E4E6262EF}" = Microsoft .NET Framework 2.0
"{724517BD-1DE1-4986-BFCA-C1DFD379E3BC}" = cp_dwShrek2Cards1
"{764D06D8-D8DE-411E-A1C8-D9E9380F8A84}" = Microsoft Works 7.0
"{7AD25C9F-9957-4D1C-95EF-9BCD09F6D31B}" = HPSystemDiagnostics
"{80E21EE8-007B-4C28-ADB2-5110B4401E2E}" = Snowboard Extreme
"{8214CC02-6271-4DC8-B8DD-779933450264}" = RecordNow
"{84CDF5A8-1D57-4B69-BAB6-1F11D8923375}" = SkinsHP1
"{85CFD253-38AE-4DB1-ACB7-F0F4C791990D}" = AiOSoftware
"{865917D2-33F4-4223-BDCD-C7DA958C216C}" = Dark Orbit
"{8777AC6D-89F9-4793-8266-DE406F343E89}" = QFolder
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8A708DD8-A5E6-11D4-A706-000629E95E20}" = Intel® Extreme Graphics Driver Software
"{8BC3B99B-A6BE-4A0B-8535-B1B94BA4B1B1}" = DocProc
"{8D5D99B8-DFA2-4018-ADE9-A6B83E655C65}" =
"{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting
"{98E8A2EF-4EAE-43B8-A172-74842B764777}" = InterVideo WinDVD Player
"{A2BCA9F1-566C-4805-97D1-7FDC93386723}" = Adobe AIR
"{A5B9D22C-755A-4AC6-9904-875E80838BB6}" = CP_AtenaShokunin1Config
"{AC76BA86-7AD7-1033-7B44-A91000000001}" = Adobe Reader 9.1
"{B43357AA-3A6D-4D94-B56E-43C44D09E548}" = Microsoft .NET Framework (English)
"{B911B811-BA3E-46D4-90F8-6F3338359651}" = Director
"{BD29EBAC-AD7D-4b27-B727-4CC6AC52D36B}" = MarketResearch
"{BDE90251-93EB-4F6A-89D8-086E2D91DC56}" = Coloreal
"{C3F81504-72F3-4262-9449-487404DA75BB}" = 6200Trb
"{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}" = Microsoft .NET Framework 1.1
"{CDFCF124-115F-4976-8BF4-08C89187A146}" = WebReg
"{CE0C8CC5-E396-442B-A50E-D1D374A9E820}" = DocumentViewer
"{DBEA1034-5882-4A88-8033-81C4EF0CFA29}" = Google Toolbar for Internet Explorer
"{EEDAA297-DFDF-436A-B977-D95EA63C907D}" = Virtual Warfare
"{EEF397AC-DAEF-4C04-90A9-5B2BD31875DC}" = Simple Installer - Multilanguage Version
"{F61F2821-694C-475F-99AB-6AF2EFDF40FD}" = Quicken 2003 New User Edition
"{FC22D020-3005-4715-8DF9-F3EDE81DEB3D}" = CreativeProjectsTemplates
"Adobe Acrobat 5.0" = Adobe Acrobat 5.0
"Adobe AIR" = Adobe AIR
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Advanced SystemCare 3_is1" = Advanced SystemCare 3
"America Online us" = America Online
"AolCoach" = AOL Coach Version 1.0(Build:20011028.1)
"avast!" = avast! Antivirus
"CompuServe us" = CompuServe
"ERUNT_is1" = ERUNT 1.1j
"HijackThis" = HijackThis 2.0.2
"HP Photo & Imaging" = HP Image Zone 4.7
"HPExtendedCapabilities" = HP Extended Capabilities 4.7
"ie8" = Windows Internet Explorer 8
"Inactive HP Printer Drivers (Remove only)" = Inactive HP Printer Drivers (Remove only)
"InstallShield_{F61F2821-694C-475F-99AB-6AF2EFDF40FD}" = Quicken 2003 New User Edition
"jZip" = jZip
"LiveReg" = LiveReg (Symantec Corporation)
"LiveUpdate" = LiveUpdate 1.80 (Symantec Corporation)
"Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware
"Microsoft .NET Framework 2.0" = Microsoft .NET Framework 2.0
"Microsoft .NET Framework Full v1.0.3705 (1033)" = Microsoft .NET Framework (English) v1.0.3705
"Netscape (7.0)" = Netscape (7.0)
"NVIDIA" = NVIDIA Windows 2000/XP Display Drivers
"NVIDIA Drivers" = NVIDIA Drivers
"PS2" = PS2
"Python 2.2 combined Win32 extensions" = Python 2.2 combined Win32 extensions
"Python 2.2.1" = Python 2.2.1
"RealPlayer 6.0" = RealOne Player
"S3Display" = S3Display
"S3Gamma2" = S3Gamma2
"S3Info2" = S3Info2
"S3Overlay" = S3Overlay
"SystemRequirementsLab" = System Requirements Lab
"ViewpointMediaPlayer" = Viewpoint Media Player (Remove Only)
"WildTangentDDC" = WildTangent Channel Manager
"Windows XP Service Pack" = Windows XP Service Pack 3
"Yahoo! Companion" = Yahoo! Companion
"Yahoo! Essentials" = Yahoo! Essentials
"Yahoo! Login" = Yahoo! Login
"Yahoo! Mail" = Yahoo! Internet Mail
"Yahoo! Messenger" = Yahoo! Messenger
"Yahoo! Messenger Explorer Bar" = Yahoo! Messenger Explorer Bar
========== Last 10 Event Log Errors ==========
[ Antivirus Events ]
Error - 7/2/2009 5:50:05 AM | Computer Name = DWAYNEDUPRE | Source = avast! | ID = 33554522
Description = AAVM - initialization error: P2P provider: cannot start because 'Norton
Antivirus / Symantec Antivirus' is active!, 00000000.
Error - 7/2/2009 5:50:05 AM | Computer Name = DWAYNEDUPRE | Source = avast! | ID = 33554522
Description = AAVM - initialization error: Standard Shield provider: cannot start
because 'Norton Antivirus / Symantec Antivirus' is active!, 00000000.
Error - 7/2/2009 4:31:18 PM | Computer Name = DWAYNEDUPRE | Source = avast! | ID = 33554522
Description = AAVM - scanning error: x_AavmCheckFileDirectEx: avfilesScanReal of
http://catalog.updat...b?1246566677437
failed, 00000026.
Error - 7/6/2009 10:29:38 PM | Computer Name = DWAYNEDUPRE | Source = avast! | ID = 33554522
Description = Internal error has occurred in module aswar scan function failed!,
function 00000002.
Error - 7/8/2009 12:02:59 AM | Computer Name = DWAYNEDUPRE | Source = avast! | ID = 33554522
Description = AAVM - scanning error: x_AavmCheckFileDirectEx: avfilesScanReal of
C:\ccf645c1fab3a6f4044541edc8\amd64\msxpsdrv.inf failed, 00000005.
Error - 7/8/2009 12:02:59 AM | Computer Name = DWAYNEDUPRE | Source = avast! | ID = 33554522
Description = AAVM - scanning error: x_AavmCheckFileDirectEx: avfilesScanReal of
C:\CCF645C1FAB3A6F4044541EDC8\AMD64\MXDWDRV.DLL failed, 00000005.
Error - 7/8/2009 12:02:59 AM | Computer Name = DWAYNEDUPRE | Source = avast! | ID = 33554522
Description = AAVM - scanning error: x_AavmCheckFileDirectEx: avfilesScanReal of
C:\CCF645C1FAB3A6F4044541EDC8\AMD64\XPSSVCS.DLL failed, 00000005.
Error - 7/8/2009 12:03:00 AM | Computer Name = DWAYNEDUPRE | Source = avast! | ID = 33554522
Description = AAVM - scanning error: x_AavmCheckFileDirectEx: avfilesScanReal of
C:\ccf645c1fab3a6f4044541edc8\i386\msxpsdrv.inf failed, 00000005.
Error - 7/8/2009 12:03:00 AM | Computer Name = DWAYNEDUPRE | Source = avast! | ID = 33554522
Description = AAVM - scanning error: x_AavmCheckFileDirectEx: avfilesScanReal of
C:\CCF645C1FAB3A6F4044541EDC8\I386\MXDWDRV.DLL failed, 00000005.
Error - 7/8/2009 12:03:00 AM | Computer Name = DWAYNEDUPRE | Source = avast! | ID = 33554522
Description = AAVM - scanning error: x_AavmCheckFileDirectEx: avfilesScanReal of
C:\CCF645C1FAB3A6F4044541EDC8\I386\XPSSVCS.DLL failed, 00000005.
[ Application Events ]
Error - 7/25/2009 1:13:37 PM | Computer Name = DWAYNEDUPRE | Source = MsiInstaller | ID = 10005
Description = Product: Microsoft .NET Framework 2.0 Service Pack 2 -- There is a
problem with this Windows Installer package. Please refer to the setup log for
more information.
Error - 7/25/2009 1:13:39 PM | Computer Name = DWAYNEDUPRE | Source = MsiInstaller | ID = 1023
Description = Product: Microsoft .NET Framework 2.0 Service Pack 2 - Update '.NET
Framework CLR' could not be installed. Error code 1603. Additional information
is available in the log file C:\DOCUME~1\Owner\LOCALS~1\Temp\dd_NET_Framework20_Setup52B1.txt.
Error - 7/25/2009 1:13:39 PM | Computer Name = DWAYNEDUPRE | Source = MsiInstaller | ID = 1023
Description = Product: Microsoft .NET Framework 2.0 Service Pack 2 - Update '.NET
Framework CA' could not be installed. Error code 1603. Additional information is
available in the log file C:\DOCUME~1\Owner\LOCALS~1\Temp\dd_NET_Framework20_Setup52B1.txt.
Error - 7/25/2009 1:13:39 PM | Computer Name = DWAYNEDUPRE | Source = MsiInstaller | ID = 1023
Description = Product: Microsoft .NET Framework 2.0 Service Pack 2 - Update '.NET
Framework CRT' could not be installed. Error code 1603. Additional information
is available in the log file C:\DOCUME~1\Owner\LOCALS~1\Temp\dd_NET_Framework20_Setup52B1.txt.
Error - 7/25/2009 1:13:39 PM | Computer Name = DWAYNEDUPRE | Source = MsiInstaller | ID = 1023
Description = Product: Microsoft .NET Framework 2.0 Service Pack 2 - Update '.NET
Framework PreXP' could not be installed. Error code 1603. Additional information
is available in the log file C:\DOCUME~1\Owner\LOCALS~1\Temp\dd_NET_Framework20_Setup52B1.txt.
Error - 7/25/2009 1:13:39 PM | Computer Name = DWAYNEDUPRE | Source = MsiInstaller | ID = 1023
Description = Product: Microsoft .NET Framework 2.0 Service Pack 2 - Update 'Dr.
Watson' could not be installed. Error code 1603. Additional information is available
in the log file C:\DOCUME~1\Owner\LOCALS~1\Temp\dd_NET_Framework20_Setup52B1.txt.
Error - 7/25/2009 1:13:39 PM | Computer Name = DWAYNEDUPRE | Source = MsiInstaller | ID = 1023
Description = Product: Microsoft .NET Framework 2.0 Service Pack 2 - Update '.NET
Framework 1' could not be installed. Error code 1603. Additional information is
available in the log file C:\DOCUME~1\Owner\LOCALS~1\Temp\dd_NET_Framework20_Setup52B1.txt.
Error - 7/25/2009 1:13:39 PM | Computer Name = DWAYNEDUPRE | Source = MsiInstaller | ID = 1023
Description = Product: Microsoft .NET Framework 2.0 Service Pack 2 - Update '.NET
Framework 2' could not be installed. Error code 1603. Additional information is
available in the log file C:\DOCUME~1\Owner\LOCALS~1\Temp\dd_NET_Framework20_Setup52B1.txt.
Error - 7/25/2009 1:13:39 PM | Computer Name = DWAYNEDUPRE | Source = MsiInstaller | ID = 1023
Description = Product: Microsoft .NET Framework 2.0 Service Pack 2 - Update '.NET
Framework ASP .NET' could not be installed. Error code 1603. Additional information
is available in the log file C:\DOCUME~1\Owner\LOCALS~1\Temp\dd_NET_Framework20_Setup52B1.txt.
Error - 7/25/2009 1:13:39 PM | Computer Name = DWAYNEDUPRE | Source = MsiInstaller | ID = 1023
Description = Product: Microsoft .NET Framework 2.0 Service Pack 2 - Update '.NET
Framework WinForms' could not be installed. Error code 1603. Additional information
is available in the log file C:\DOCUME~1\Owner\LOCALS~1\Temp\dd_NET_Framework20_Setup52B1.txt.
[ System Events ]
Error - 7/25/2009 10:48:17 AM | Computer Name = DWAYNEDUPRE | Source = Service Control Manager | ID = 7023
Description = The Application Management service terminated with the following error:
%%126
Error - 7/25/2009 10:48:17 AM | Computer Name = DWAYNEDUPRE | Source = Service Control Manager | ID = 7023
Description = The Application Management service terminated with the following error:
%%126
Error - 7/25/2009 10:48:17 AM | Computer Name = DWAYNEDUPRE | Source = Service Control Manager | ID = 7023
Description = The Application Management service terminated with the following error:
%%126
Error - 7/25/2009 10:48:17 AM | Computer Name = DWAYNEDUPRE | Source = Service Control Manager | ID = 7023
Description = The Application Management service terminated with the following error:
%%126
Error - 7/25/2009 10:48:17 AM | Computer Name = DWAYNEDUPRE | Source = Service Control Manager | ID = 7023
Description = The Application Management service terminated with the following error:
%%126
Error - 7/25/2009 10:48:17 AM | Computer Name = DWAYNEDUPRE | Source = Service Control Manager | ID = 7023
Description = The Application Management service terminated with the following error:
%%126
Error - 7/25/2009 10:48:17 AM | Computer Name = DWAYNEDUPRE | Source = Service Control Manager | ID = 7023
Description = The Application Management service terminated with the following error:
%%126
Error - 7/25/2009 10:48:18 AM | Computer Name = DWAYNEDUPRE | Source = Service Control Manager | ID = 7023
Description = The Application Management service terminated with the following error:
%%126
Error - 7/25/2009 10:48:18 AM | Computer Name = DWAYNEDUPRE | Source = Service Control Manager | ID = 7023
Description = The Application Management service terminated with the following error:
%%126
Error - 7/25/2009 10:48:18 AM | Computer Name = DWAYNEDUPRE | Source = Service Control Manager | ID = 7023
Description = The Application Management service terminated with the following error:
%%126
< End of report >
internet window often shows can not display and I can't download Java and some Window Updates.and this is before and after finding the worm and other virus. I have avast,ccleaner and advanced systemcare on my pc.