Also i am getting other errors when running some of the programs in the tutorial for removing malware here is the OTL, please let me knw what i need to do i am going CRAZY on this computer.
OTL logfile created on: 10/23/2009 7:27:03 PM - Run 1
OTL by OldTimer - Version 3.0.22.1 Folder = C:\Documents and Settings\Owner\Desktop
Windows XP Home Edition Service Pack 2 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy
1.44 Gb Total Physical Memory | 1.05 Gb Available Physical Memory | 73.28% Memory free
1.95 Gb Paging File | 1.68 Gb Available in Paging File | 86.35% Paging File free
Paging file location(s): C:\pagefile.sys 672 1344 [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS2 | %ProgramFiles% = C:\Program Files
Drive C: | 142.96 Gb Total Space | 102.90 Gb Free Space | 71.97% Space Free | Partition Type: NTFS
D: Drive not present or media not loaded
E: Drive not present or media not loaded
F: Drive not present or media not loaded
G: Drive not present or media not loaded
Drive H: | 6.07 Gb Total Space | 0.64 Gb Free Space | 10.57% Space Free | Partition Type: FAT32
I: Drive not present or media not loaded
Computer Name: UPS-64D31459931
Current User Name: Owner
Logged in as Administrator.
Current Boot Mode: Normal
Scan Mode: Current user
Company Name Whitelist: On
Skip Microsoft Files: On
File Age = 14 Days
Output = Standard
Quick Scan
========== Processes (SafeList) ==========
PRC - [2009/10/23 19:26:35 | 00,521,728 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Owner\Desktop\OTL.exe
PRC - [2009/09/21 18:19:22 | 00,654,848 | ---- | M] (Macrovision Europe Ltd.) -- C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
PRC - [2009/09/15 18:58:28 | 00,039,408 | ---- | M] (Google Inc.) -- C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
PRC - [2009/09/15 03:49:40 | 00,018,752 | ---- | M] (ALWIL Software) -- C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
PRC - [2009/08/25 21:49:40 | 00,246,088 | ---- | M] (Rennie Glen Software LLC) -- C:\PDFSnake\PDFSnake\PDFSnakeHotFolder.exe
PRC - [2009/08/22 14:28:10 | 00,153,376 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Java\jre6\bin\jqs.exe
PRC - [2009/08/22 14:28:10 | 00,149,280 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Java\jre6\bin\jusched.exe
PRC - [2009/03/08 14:09:26 | 00,638,816 | ---- | M] (Microsoft Corporation) -- C:\Program Files\internet explorer\iexplore.exe
PRC - [2007/09/13 18:50:00 | 01,603,152 | ---- | M] (CANON INC.) -- C:\Program Files\Canon\MyPrinter\BJMyPrt.exe
PRC - [2006/10/22 23:24:02 | 00,620,152 | ---- | M] (Adobe Systems Inc.) -- C:\Program Files\Adobe\Acrobat 8.0\Acrobat\Acrotray.exe
PRC - [2004/10/22 11:53:06 | 00,053,248 | ---- | M] (S3 Graphics, Inc.) -- C:\WINDOWS2\System32\VTTimer.exe
PRC - [2004/09/07 13:47:52 | 00,057,344 | ---- | M] (Realtek Semiconductor Corp.) -- C:\WINDOWS2\ALCXMNTR.EXE
PRC - [2004/08/04 05:00:00 | 01,032,192 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS2\explorer.exe
PRC - [2004/06/29 09:06:38 | 00,088,363 | ---- | M] (Agere Systems) -- C:\WINDOWS2\AGRSMMSG.exe
========== Win32 Services (SafeList) ==========
SRV - [2009/09/21 18:19:22 | 00,654,848 | ---- | M] (Macrovision Europe Ltd.) -- C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe -- (FLEXnet Licensing Service [On_Demand | Running])
SRV - [2009/09/15 18:58:26 | 00,182,768 | ---- | M] (Google) -- C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe -- (gusvc [On_Demand | Stopped])
SRV - [2009/09/15 03:56:43 | 00,138,680 | ---- | M] () -- C:\Program Files\Alwil Software\Avast4\ashServ.exe -- (avast! Antivirus [Auto | Stopped])
SRV - [2009/09/15 03:56:28 | 00,254,040 | ---- | M] (ALWIL Software) -- C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe -- (avast! Mail Scanner [On_Demand | Stopped])
SRV - [2009/09/15 03:54:13 | 00,352,920 | ---- | M] (ALWIL Software) -- C:\Program Files\Alwil Software\Avast4\ashWebSv.exe -- (avast! Web Scanner [On_Demand | Stopped])
SRV - [2009/09/15 03:49:40 | 00,018,752 | ---- | M] (ALWIL Software) -- C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe -- (aswUpdSv [Auto | Running])
SRV - [2009/08/25 21:49:40 | 00,246,088 | ---- | M] (Rennie Glen Software LLC) -- C:\PDFSnake\PDFSnake\PDFSnakeHotFolder.exe -- (PDF Snake Hot Folders [Auto | Running])
SRV - [2009/08/22 14:28:10 | 00,153,376 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Java\jre6\bin\jqs.exe -- (JavaQuickStarterService [Auto | Running])
SRV - [2007/06/23 21:04:10 | 00,072,704 | ---- | M] (Adobe Systems) -- C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe -- (Adobe LM Service [On_Demand | Stopped])
SRV - [2006/10/18 20:05:24 | 00,913,408 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Windows Media Player\WMPNetwk.exe -- (WMPNetworkSvc [On_Demand | Stopped])
SRV - [2004/08/04 05:00:00 | 00,038,912 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS2\PCHealth\HelpCtr\Binaries\pchsvc.dll -- (helpsvc [Auto | Running])
========== Modules (SafeList) ==========
MOD - [2009/10/23 19:26:35 | 00,521,728 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Owner\Desktop\OTL.exe
MOD - [2004/08/04 05:00:00 | 01,050,624 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS2\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.2180_x-ww_a84f1ff9\COMCTL32.dll
========== Standard Registry (SafeList) ==========
========== Internet Explorer ==========
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft....k/?LinkId=69157
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft....k/?LinkId=54896
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = [binary data]
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Extensions Off Page = about:NoAdd-ons
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\WINDOWS2\system32\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft....k/?LinkId=54896
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Security Risk Page = about:SecurityRisk
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft....k/?LinkId=69157
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,CustomizeSearch = http://ie.search.msn...st/srchcust.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://ie.search.msn...st/srchasst.htm
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\WINDOWS2\system32\blank.htm
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft...amp;ar=iesearch
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.yahoo.com/
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local
FF - HKLM\software\mozilla\Firefox\Extensions\\[email protected]: C:\Program Files\Java\jre6\lib\deploy\jqs\ff [2009/08/06 21:19:28 | 00,000,000 | ---D | M]
O1 HOSTS File: (27 bytes) - C:\WINDOWS2\System32\drivers\etc\Hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (Adobe PDF Link Helper) - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)
O2 - BHO: (AVG Safe Search) - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG9\avgssie.dll File not found
O2 - BHO: (Google Toolbar Helper) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
O2 - BHO: (Adobe PDF Conversion Toolbar Helper) - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O2 - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.3.4501.1418\swg.dll (Google Inc.)
O2 - BHO: (Google Dictionary Compression sdch) - {C84D72FE-E17D-4195-BB24-76C02E2E7C4E} - C:\Program Files\Google\Google Toolbar\Component\fastsearch_B7C5AC242193BB3E.dll (Google Inc.)
O2 - BHO: (WOT Helper) - {C920E44A-7F78-4E64-BDD7-A57026E7FEB7} - C:\Program Files\WOT\WOT.dll ()
O2 - BHO: (Java Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll (Sun Microsystems, Inc.)
O2 - BHO: (JQSIEStartDetectorImpl Class) - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll (Sun Microsystems, Inc.)
O3 - HKLM\..\Toolbar: (Google Toolbar) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
O3 - HKLM\..\Toolbar: (Adobe PDF) - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O3 - HKLM\..\Toolbar: (WOT) - {71576546-354D-41c9-AAE8-31F2EC22BF0D} - C:\Program Files\WOT\WOT.dll ()
O3 - HKCU\..\Toolbar\WebBrowser: (Google Toolbar) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
O3 - HKCU\..\Toolbar\WebBrowser: (Adobe PDF) - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O3 - HKCU\..\Toolbar\WebBrowser: (WOT) - {71576546-354D-41C9-AAE8-31F2EC22BF0D} - C:\Program Files\WOT\WOT.dll ()
O4 - HKLM..\Run: [] File not found
O4 - HKLM..\Run: [Acrobat Assistant 8.0] C:\Program Files\Adobe\Acrobat 8.0\Acrobat\Acrotray.exe (Adobe Systems Inc.)
O4 - HKLM..\Run: [Adobe Reader Speed Launcher] C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [AGRSMMSG] C:\WINDOWS2\AGRSMMSG.exe (Agere Systems)
O4 - HKLM..\Run: [AlcxMonitor] C:\WINDOWS2\ALCXMNTR.EXE (Realtek Semiconductor Corp.)
O4 - HKLM..\Run: [avast!] C:\Program Files\Alwil Software\Avast4\ashDisp.exe (ALWIL Software)
O4 - HKLM..\Run: [CanonMyPrinter] C:\Program Files\Canon\MyPrinter\BJMyPrt.exe (CANON INC.)
O4 - HKLM..\Run: [CanonSolutionMenu] C:\Program Files\Canon\SolutionMenu\CNSLMAIN.exe (CANON INC.)
O4 - HKLM..\Run: [QuickTime Task] C:\Program Files\QuickTime\qttask.exe (Apple Inc.)
O4 - HKLM..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre6\bin\jusched.exe (Sun Microsystems, Inc.)
O4 - HKLM..\Run: [VTTimer] C:\WINDOWS2\System32\VTTimer.exe (S3 Graphics, Inc.)
O4 - HKCU..\Run: [PopRock] C:\DOCUME~1\Owner\LOCALS~1\Temp\b.exe File not found
O4 - HKCU..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe (Google Inc.)
O4 - HKLM..\RunOnce: [Malwarebytes' Anti-Malware] C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe File not found
O4 - Startup: C:\Documents and Settings\All Users.WINDOWS2\Start Menu\Programs\Startup\Adobe Acrobat Speed Launcher.lnk = C:\WINDOWS2\Installer\{AC76BA86-1033-0000-7760-000000000003}\_SC_Acrobat.exe ()
O4 - Startup: C:\Documents and Settings\All Users.WINDOWS2\Start Menu\Programs\Startup\Adobe Acrobat Synchronizer.lnk = C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AdobeCollabSync.exe ()
O4 - Startup: C:\Documents and Settings\Owner\Start Menu\Programs\Startup\ERUNT AutoBackup.lnk = C:\Program Files\ERUNT\AUTOBACK.EXE ()
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoCDBurning = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: dontdisplaylastusername = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticecaption =
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticetext =
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: shutdownwithoutlogon = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: undockwithoutlogon = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableRegistryTools = 0
O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableRegistryTools = 0
O8 - Extra context menu item: Append to existing PDF - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Convert link target to Adobe PDF - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Convert link target to existing PDF - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Convert selected links to Adobe PDF - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Convert selected links to existing PDF - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Convert selection to Adobe PDF - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Convert selection to existing PDF - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Convert to Adobe PDF - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O15 - HKLM\..Trusted Domains: 1 domain(s) and sub-domain(s) not assigned to a zone.
O15 - HKCU\..Trusted Domains: internet ([]about in Trusted sites)
O15 - HKCU\..Trusted Domains: mcafee.com ([]http in Trusted sites)
O15 - HKCU\..Trusted Domains: mcafee.com ([]https in Trusted sites)
O16 - DPF: {02BF25D5-8C17-4B23-BC80-D3488ABDDC6B} http://appldnld.appl...ex/qtplugin.cab (QuickTime Object)
O16 - DPF: {166B1BCA-3F9C-11CF-8075-444553540000} http://download.macr...director/sw.cab (Shockwave ActiveX Control)
O16 - DPF: {31435657-9980-0010-8000-00AA00389B71} http://download.micr...78f/wvc1dmo.cab (Reg Error: Key error.)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_15)
O16 - DPF: {CAFEEFAC-0016-0000-0015-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_15)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_15)
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.ad...Plus/1.6/gp.cab (Reg Error: Key error.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1
O18 - Protocol\Handler\http\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\http\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\https\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\https\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\ipp - No CLSID value found
O18 - Protocol\Handler\ipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp - No CLSID value found
O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\wot {C2A44D6B-CB9F-4663-88A6-DF2F26E4D952} - C:\Program Files\WOT\WOT.dll ()
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS2\Explorer.exe (Microsoft Corporation)
O24 - Desktop Components:0 (My Current Home Page) - About:Home
O31 - SafeBoot: AlternateShell - cmd.exe
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2004/10/21 16:51:26 | 00,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O32 - AutoRun File - [2001/07/28 06:07:38 | 00,000,000 | -HS- | M] () - H:\AUTOEXEC.BAT -- [ FAT32 ]
O34 - HKLM BootExecute: (autocheck) - File not found
O34 - HKLM BootExecute: (autochk) - C:\WINDOWS2\System32\autochk.exe (Microsoft Corporation)
O34 - HKLM BootExecute: (*) - File not found
O35 - comfile [open] -- "%1" %* File not found
O35 - exefile [open] -- "%1" %* File not found
NetSvcs: 6to4 - Service key not found. File not found
NetSvcs: Ias - Service key not found. File not found
NetSvcs: Iprip - Service key not found. File not found
NetSvcs: Irmon - Service key not found. File not found
NetSvcs: NWCWorkstation - Service key not found. File not found
NetSvcs: Nwsapagent - Service key not found. File not found
NetSvcs: Wmi - Service key not found. File not found
NetSvcs: WmdmPmSp - Service key not found. File not found
NetSvcs: helpsvc - C:\WINDOWS2\PCHealth\HelpCtr\Binaries\pchsvc.dll (Microsoft Corporation)
========== Files/Folders - Created Within 14 Days ==========
[2009/10/14 20:11:09 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users.WINDOWS2\Application Data\Apple
[2009/10/14 20:11:46 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users.WINDOWS2\Application Data\Apple Computer
[2009/10/16 21:35:11 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users.WINDOWS2\Application Data\avg9
[2009/10/16 21:40:54 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users.WINDOWS2\Application Data\SUPERAntiSpyware.com
[2009/10/13 12:26:38 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users.WINDOWS2\Application Data\Windows Genuine Advantage
[2009/10/14 20:14:44 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Owner\Application Data\Apple Computer
[2009/10/16 21:40:37 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Owner\Application Data\SUPERAntiSpyware.com
[2009/10/14 20:11:10 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Owner\Local Settings\Application Data\Apple
[2009/10/14 20:10:19 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Owner\Local Settings\Application Data\Apple Computer
[2009/10/16 21:35:12 | 00,000,000 | ---D | C] -- C:\Program Files\AVG
[2009/10/23 19:20:21 | 00,000,000 | ---D | C] -- C:\Program Files\ERUNT
[2009/10/23 19:21:16 | 00,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware
[2009/10/16 21:40:37 | 00,000,000 | ---D | C] -- C:\Program Files\SUPERAntiSpyware
[2009/10/13 12:29:46 | 00,000,000 | ---D | C] -- C:\Program Files\Windows Media Connect 2
[2009/10/23 19:26:32 | 00,521,728 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\Owner\Desktop\OTL.exe
[2009/10/23 19:22:58 | 00,000,000 | -H-D | C] -- C:\WINDOWS2\PIF
[2009/10/23 19:21:17 | 00,038,224 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS2\System32\drivers\mbamswissarmy.sys
[2009/10/23 19:21:16 | 00,019,160 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS2\System32\drivers\mbam.sys
[2009/10/23 19:19:18 | 00,021,504 | ---- | C] (Doug Knox) -- C:\Documents and Settings\Owner\Desktop\SysRestorePoint.exe
[2009/10/23 19:16:04 | 00,271,872 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\Owner\Desktop\TFC.exe
[2009/10/22 20:33:33 | 00,023,152 | ---- | C] (ALWIL Software) -- C:\WINDOWS2\System32\drivers\aswRdr.sys
[2009/10/22 20:33:32 | 00,052,368 | ---- | C] (ALWIL Software) -- C:\WINDOWS2\System32\drivers\aswTdi.sys
[2009/10/22 20:33:31 | 00,027,408 | ---- | C] (ALWIL Software) -- C:\WINDOWS2\System32\drivers\aavmker4.sys
[2009/10/22 20:33:30 | 00,114,768 | ---- | C] (ALWIL Software) -- C:\WINDOWS2\System32\drivers\aswSP.sys
[2009/10/22 20:33:30 | 00,097,480 | ---- | C] (ALWIL Software) -- C:\WINDOWS2\System32\AvastSS.scr
[2009/10/22 20:33:30 | 00,020,560 | ---- | C] (ALWIL Software) -- C:\WINDOWS2\System32\drivers\aswFsBlk.sys
[2009/10/22 20:33:29 | 00,094,160 | ---- | C] (ALWIL Software) -- C:\WINDOWS2\System32\drivers\aswmon2.sys
[2009/10/22 20:33:29 | 00,093,424 | ---- | C] (ALWIL Software) -- C:\WINDOWS2\System32\drivers\aswmon.sys
[2009/10/22 20:33:13 | 01,279,968 | ---- | C] (ALWIL Software) -- C:\WINDOWS2\System32\aswBoot.exe
[2009/10/22 20:21:12 | 00,308,160 | ---- | C] (ALWIL Software) -- C:\Documents and Settings\Owner\Desktop\avast_home_setup.exe
[2009/10/16 21:35:52 | 00,000,000 | -H-D | C] -- C:\$AVG
[2009/10/16 21:34:58 | 00,000,000 | ---D | C] -- C:\WINDOWS2\SxsCaPendDel
[2009/10/13 12:31:43 | 00,000,000 | R--D | C] -- C:\Documents and Settings\Owner\My Documents\My Videos
[2009/10/13 12:31:43 | 00,000,000 | R--D | C] -- C:\Documents and Settings\All Users.WINDOWS2\Documents\My Videos
[2009/10/13 12:27:40 | 00,000,000 | ---D | C] -- C:\WINDOWS2\System32\drivers\UMDF
[2009/10/13 12:27:39 | 00,000,000 | ---D | C] -- C:\WINDOWS2\System32\LogFiles
========== Files - Modified Within 14 Days ==========
[2009/10/23 19:26:35 | 00,521,728 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Owner\Desktop\OTL.exe
[2009/10/23 19:24:06 | 00,000,000 | ---- | M] () -- C:\Documents and Settings\Owner\Desktop\settings.dat
[2009/10/23 19:21:20 | 00,000,707 | ---- | M] () -- C:\Documents and Settings\All Users.WINDOWS2\Desktop\test.lnk
[2009/10/23 19:20:23 | 00,000,778 | ---- | M] () -- C:\Documents and Settings\Owner\Start Menu\Programs\Startup\ERUNT AutoBackup.lnk
[2009/10/23 19:20:21 | 00,000,622 | ---- | M] () -- C:\Documents and Settings\Owner\Desktop\NTREGOPT.lnk
[2009/10/23 19:20:21 | 00,000,603 | ---- | M] () -- C:\Documents and Settings\Owner\Desktop\ERUNT.lnk
[2009/10/23 19:19:20 | 00,021,504 | ---- | M] (Doug Knox) -- C:\Documents and Settings\Owner\Desktop\SysRestorePoint.exe
[2009/10/23 19:18:30 | 00,000,242 | -H-- | M] () -- C:\WINDOWS2\tasks\{7B02EF0B-A410-4938-8480-9BA26420A627}.job
[2009/10/23 19:18:28 | 00,013,646 | ---- | M] () -- C:\WINDOWS2\System32\wpa.dbl
[2009/10/23 19:18:28 | 00,000,278 | -H-- | M] () -- C:\WINDOWS2\tasks\{BB65B0FB-5712-401b-B616-E69AC55E2757}.job
[2009/10/23 19:18:28 | 00,000,006 | -H-- | M] () -- C:\WINDOWS2\tasks\SA.DAT
[2009/10/23 19:18:16 | 00,000,000 | ---- | M] () -- C:\WINDOWS2\win32k.sys
[2009/10/23 19:18:15 | 00,002,048 | --S- | M] () -- C:\WINDOWS2\bootstat.dat
[2009/10/23 19:16:06 | 00,271,872 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Owner\Desktop\TFC.exe
[2009/10/23 19:07:06 | 00,000,507 | ---- | M] () -- C:\WINDOWS2\win.ini
[2009/10/23 19:07:06 | 00,000,394 | -HS- | M] () -- C:\boot.ini
[2009/10/23 19:07:06 | 00,000,227 | ---- | M] () -- C:\WINDOWS2\system.ini
[2009/10/23 19:00:50 | 00,000,362 | ---- | M] () -- C:\WINDOWS2\tasks\PerfectOptimizer_home.job
[2009/10/23 07:09:25 | 00,002,339 | ---- | M] () -- C:\Documents and Settings\All Users.WINDOWS2\Start Menu\Programs\Startup\Adobe Acrobat Speed Launcher.lnk
[2009/10/22 20:33:33 | 00,001,720 | ---- | M] () -- C:\Documents and Settings\All Users.WINDOWS2\Desktop\avast! Antivirus.lnk
[2009/10/22 20:33:30 | 00,002,626 | ---- | M] () -- C:\WINDOWS2\System32\CONFIG.NT
[2009/10/22 20:21:17 | 00,308,160 | ---- | M] (ALWIL Software) -- C:\Documents and Settings\Owner\Desktop\avast_home_setup.exe
[2009/10/22 17:44:35 | 00,001,146 | -H-- | M] () -- C:\Documents and Settings\Owner\My Documents\Default.rdp
[2009/10/22 16:23:06 | 00,000,019 | ---- | M] () -- C:\WINDOWS2\KA.INI
[2009/10/22 15:51:20 | 00,154,112 | ---- | M] () -- C:\WINDOWS2\msa.exe
[2009/10/17 20:23:01 | 00,000,284 | ---- | M] () -- C:\WINDOWS2\tasks\AppleSoftwareUpdate.job
[2009/10/16 19:27:24 | 00,051,712 | ---- | M] () -- C:\Documents and Settings\Owner\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2009/10/14 20:12:24 | 00,001,617 | ---- | M] () -- C:\Documents and Settings\All Users.WINDOWS2\Desktop\QuickTime Player.lnk
[2009/10/14 19:36:11 | 00,001,393 | ---- | M] () -- C:\WINDOWS2\imsins.BAK
[2009/10/13 16:02:09 | 00,023,392 | ---- | M] () -- C:\WINDOWS2\System32\nscompat.tlb
[2009/10/13 16:02:09 | 00,016,832 | ---- | M] () -- C:\WINDOWS2\System32\amcompat.tlb
[2009/10/13 12:28:42 | 00,316,640 | ---- | M] () -- C:\WINDOWS2\WMSysPr9.prx
[2009/10/13 12:27:42 | 00,000,000 | -H-- | M] () -- C:\WINDOWS2\System32\drivers\UMDF\MsftWdf_user_01_00_00.Wdf
========== Files - No Company Name ==========
[2009/10/23 19:24:06 | 00,000,000 | ---- | C] () -- C:\Documents and Settings\Owner\Desktop\settings.dat
[2009/10/23 19:21:20 | 00,000,707 | ---- | C] () -- C:\Documents and Settings\All Users.WINDOWS2\Desktop\test.lnk
[2009/10/23 19:20:23 | 00,000,778 | ---- | C] () -- C:\Documents and Settings\Owner\Start Menu\Programs\Startup\ERUNT AutoBackup.lnk
[2009/10/23 19:20:21 | 00,000,622 | ---- | C] () -- C:\Documents and Settings\Owner\Desktop\NTREGOPT.lnk
[2009/10/23 19:20:21 | 00,000,603 | ---- | C] () -- C:\Documents and Settings\Owner\Desktop\ERUNT.lnk
[2009/10/22 20:33:33 | 00,001,720 | ---- | C] () -- C:\Documents and Settings\All Users.WINDOWS2\Desktop\avast! Antivirus.lnk
[2009/10/22 20:33:13 | 00,380,928 | ---- | C] () -- C:\WINDOWS2\System32\actskin4.ocx
[2009/10/22 15:59:50 | 00,000,000 | ---- | C] () -- C:\WINDOWS2\win32k.sys
[2009/10/22 15:51:33 | 00,154,112 | ---- | C] () -- C:\WINDOWS2\msa.exe
[2009/10/22 15:51:25 | 00,000,242 | -H-- | C] () -- C:\WINDOWS2\tasks\{7B02EF0B-A410-4938-8480-9BA26420A627}.job
[2009/10/22 15:51:20 | 00,000,278 | -H-- | C] () -- C:\WINDOWS2\tasks\{BB65B0FB-5712-401b-B616-E69AC55E2757}.job
[2009/10/14 20:12:24 | 00,001,617 | ---- | C] () -- C:\Documents and Settings\All Users.WINDOWS2\Desktop\QuickTime Player.lnk
[2009/10/14 20:11:11 | 00,000,284 | ---- | C] () -- C:\WINDOWS2\tasks\AppleSoftwareUpdate.job
[2009/10/13 12:27:42 | 00,000,000 | -H-- | C] () -- C:\WINDOWS2\System32\drivers\UMDF\MsftWdf_user_01_00_00.Wdf
[2009/09/21 19:39:25 | 00,000,297 | ---- | C] () -- C:\Documents and Settings\All Users.WINDOWS2\Application Data\pdfsnake.2.bf1e9897a119e625c29abae37ac73f4322b2934e.paid
[2009/09/21 19:39:07 | 00,000,369 | ---- | C] () -- C:\Documents and Settings\Owner\Application Data\PDFSnake.reg
[2009/09/21 18:29:19 | 02,463,976 | ---- | C] () -- C:\WINDOWS2\System32\NPSWF32.dll
[2009/08/28 16:13:50 | 00,000,019 | ---- | C] () -- C:\WINDOWS2\KA.INI
[2009/08/09 20:27:15 | 05,882,456 | -H-- | C] () -- C:\Documents and Settings\Owner\Local Settings\Application Data\IconCache.db
[2009/08/09 20:24:26 | 00,051,712 | ---- | C] () -- C:\Documents and Settings\Owner\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2009/08/09 19:50:26 | 00,013,288 | ---- | C] () -- C:\Documents and Settings\Owner\Local Settings\Application Data\GDIPFONTCACHEV1.DAT
[2009/08/09 19:49:30 | 00,000,062 | -HS- | C] () -- C:\Documents and Settings\Owner\Application Data\desktop.ini
[2009/08/09 12:11:45 | 00,000,062 | -HS- | C] () -- C:\Documents and Settings\All Users.WINDOWS2\Application Data\desktop.ini
[2004/09/17 17:37:42 | 00,061,440 | ---- | C] () -- C:\WINDOWS2\System32\vuins32.dll
[2004/08/04 05:00:00 | 00,061,952 | ---- | C] () -- C:\WINDOWS2\System32\eventlog.dll
[2004/08/04 05:00:00 | 00,027,440 | ---- | C] () -- C:\WINDOWS2\System32\drivers\secdrv.sys
[2004/08/04 05:00:00 | 00,000,507 | ---- | C] () -- C:\WINDOWS2\win.ini
[2004/08/04 05:00:00 | 00,000,227 | ---- | C] () -- C:\WINDOWS2\system.ini
========== LOP Check ==========
[2009/10/22 16:25:37 | 00,000,000 | RH-D | M] -- C:\Documents and Settings\All Users.WINDOWS2\Application Data
[2009/08/09 20:21:42 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users.WINDOWS2\Application Data\1Click DVD Copy
[2009/09/21 18:37:29 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users.WINDOWS2\Application Data\ALM
[2009/10/22 16:25:42 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users.WINDOWS2\Application Data\avg9
[2009/09/22 20:18:24 | 00,000,000 | -H-D | M] -- C:\Documents and Settings\All Users.WINDOWS2\Application Data\CanonBJ
[2009/09/21 19:29:10 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users.WINDOWS2\Application Data\FLEXnet
[2009/08/22 14:46:53 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users.WINDOWS2\Application Data\TEMP
[2009/10/16 21:40:37 | 00,000,000 | RH-D | M] -- C:\Documents and Settings\Owner\Application Data
[2009/09/12 16:39:36 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Owner\Application Data\BitZipper
[2009/09/22 20:37:01 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Owner\Application Data\Canon
[2009/10/17 20:23:01 | 00,000,284 | ---- | M] () -- C:\WINDOWS2\Tasks\AppleSoftwareUpdate.job
[2004/08/04 05:00:00 | 00,000,065 | RH-- | M] () -- C:\WINDOWS2\Tasks\desktop.ini
[2009/10/23 19:00:50 | 00,000,362 | ---- | M] () -- C:\WINDOWS2\Tasks\PerfectOptimizer_home.job
[2009/10/23 19:18:28 | 00,000,006 | -H-- | M] () -- C:\WINDOWS2\Tasks\SA.DAT
[2009/10/23 19:18:30 | 00,000,242 | -H-- | M] () -- C:\WINDOWS2\Tasks\{7B02EF0B-A410-4938-8480-9BA26420A627}.job
[2009/10/23 19:18:28 | 00,000,278 | -H-- | M] () -- C:\WINDOWS2\Tasks\{BB65B0FB-5712-401b-B616-E69AC55E2757}.job
========== Purity Check ==========
========== Custom Scans ==========
< %SYSTEMDRIVE%\*.exe >
< %systemroot%\system32\eventlog.dll >
[2004/08/04 05:00:00 | 00,061,952 | ---- | M] () -- C:\WINDOWS2\system32\eventlog.dll
< %systemroot%\system32\scecli.dll >
[2004/08/04 05:00:00 | 00,180,224 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS2\system32\scecli.dll
< %systemroot%\netlogon.dll >
< %systemroot%\system32\cngaudit.dll >
< %systemroot%\system32\sceclt.dll >
< %systemroot%\ntelogon.dll >
< %systemroot%\system32\logevent.dll >
[2004/08/04 05:00:00 | 00,055,808 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS2\system32\logevent.dll
< %systemroot%\system32\drivers\iaStor.sys >
< %systemroot%\System32\drivers\nvstor.sys >
< %systemroot%\system32\drivers\atapi.sys >
[2004/08/04 05:00:00 | 00,095,360 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS2\system32\drivers\atapi.sys
< %systemroot%\system32\drivers\IdeChnDr.sys >
< End of report >
OTL Extras logfile created on: 10/23/2009 7:27:03 PM - Run 1
OTL by OldTimer - Version 3.0.22.1 Folder = C:\Documents and Settings\Owner\Desktop
Windows XP Home Edition Service Pack 2 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy
1.44 Gb Total Physical Memory | 1.05 Gb Available Physical Memory | 73.28% Memory free
1.95 Gb Paging File | 1.68 Gb Available in Paging File | 86.35% Paging File free
Paging file location(s): C:\pagefile.sys 672 1344 [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS2 | %ProgramFiles% = C:\Program Files
Drive C: | 142.96 Gb Total Space | 102.90 Gb Free Space | 71.97% Space Free | Partition Type: NTFS
D: Drive not present or media not loaded
E: Drive not present or media not loaded
F: Drive not present or media not loaded
G: Drive not present or media not loaded
Drive H: | 6.07 Gb Total Space | 0.64 Gb Free Space | 10.57% Space Free | Partition Type: FAT32
I: Drive not present or media not loaded
Computer Name: UPS-64D31459931
Current User Name: Owner
Logged in as Administrator.
Current Boot Mode: Normal
Scan Mode: Current user
Company Name Whitelist: On
Skip Microsoft Files: On
File Age = 14 Days
Output = Standard
Quick Scan
========== Extra Registry (SafeList) ==========
========== File Associations ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.chm [@ = chm.file] -- C:\WINDOWS2\hh.exe (Microsoft Corporation)
.html [@ = htmlfile] -- C:\Program Files\Internet Explorer\IEXPLORE.EXE (Microsoft Corporation)
========== Shell Spawning ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %* File not found
chm.file [open] -- "C:\WINDOWS2\hh.exe" %1 (Microsoft Corporation)
cmdfile [open] -- "%1" %* File not found
comfile [open] -- "%1" %* File not found
exefile [open] -- "%1" %* File not found
htmlfile [edit] -- Reg Error: Key error.
htmlfile [open] -- "C:\Program Files\Internet Explorer\IEXPLORE.EXE" -nohome (Microsoft Corporation)
htmlfile [opennew] -- "C:\Program Files\Internet Explorer\IEXPLORE.EXE" %1 (Microsoft Corporation)
http [open] -- "C:\Program Files\Internet Explorer\IEXPLORE.EXE" -nohome (Microsoft Corporation)
https [open] -- "C:\Program Files\Internet Explorer\IEXPLORE.EXE" -nohome (Microsoft Corporation)
piffile [open] -- "%1" %* File not found
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1" File not found
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l (Microsoft Corporation)
scrfile [open] -- "%1" /S File not found
txtfile [edit] -- Reg Error: Key error.
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\IEXPLORE.EXE" %1 (Microsoft Corporation)
CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- "%programfiles%\internet explorer\iexplore.exe" (Microsoft Corporation)
========== Security Center Settings ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"FirstRunDisabled" = 1
"AntiVirusDisableNotify" = 0
"FirewallDisableNotify" = 0
"UpdatesDisableNotify" = 0
"AntiVirusOverride" = 0
"FirewallOverride" = 0
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
========== Authorized Applications List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"C:\Program Files\BitTorrent\bittorrent.exe" = C:\Program Files\BitTorrent\bittorrent.exe:*:Enabled:BitTorrent -- File not found
========== HKEY_LOCAL_MACHINE Uninstall List ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{0046FA01-C5B9-4985-BACB-398DC480FC05}" = Adobe Photoshop CS3
"{04AF207D-9A77-465A-8B76-991F6AB66245}" = Adobe Help Viewer CS3
"{08B32819-6EEF-4057-AEDA-5AB681A36A23}" = Adobe Bridge Start Meeting
"{0C34B801-6AEC-4667-B053-03A67E2D0415}" = Apple Application Support
"{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MP190_series" = Canon MP190 series MP Drivers
"{18455581-E099-4BA8-BC6B-F34B2F06600C}" = Google Toolbar for Internet Explorer
"{184CE391-7E0E-4C63-9935-D7A10EDFD3C6}" = Adobe WinSoft Linguistics Plugin
"{18D10072035C4515918F7E37EAFAACFC}" = AutoUpdate
"{222421DC-CAEB-42EC-AF15-09A39AA5C94D}" = Adobe Creative Suite 3 Design Standard
"{2318C2B1-4965-11d4-9B18-009027A5CD4F}" = Google Toolbar for Internet Explorer
"{26A24AE4-039D-4CA4-87B4-2F83216015FF}" = Java 6 Update 15
"{29E5EA97-5F74-4A57-B8B2-D4F169117183}" = Adobe Stock Photos CS3
"{350C97B0-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP
"{3FC7CBBC4C1E11DCA1A752EA55D89593}" = DivX Version Checker
"{51846830-E7B2-4218-8968-B77F0FF475B8}" = Adobe Color EU Extra Settings
"{54793AA1-5001-42F4-ABB6-C364617C6078}" = Adobe Linguistics CS3
"{6956856F-B6B3-4BE0-BA0B-8F495BE32033}" = Apple Software Update
"{6ABE0BEE-D572-4FE8-B434-9E72A289431B}" = Adobe Fonts All
"{6B708481-748A-4EB4-97C1-CD386244FF77}" = Adobe MotionPicture Color Files
"{6BBAA81D-6A7E-43AD-8889-2F002DCAAFDD}" = AHV content for Acrobat and Flash
"{6FF5DD7A-FE28-4439-B8CF-1E9AF4EA0A61}" = Adobe Asset Services CS3
"{767CC44C-9BBC-438D-BAD3-FD4595DD148B}" = VC80CRTRedist - 8.0.50727.762
"{7B63B2922B174135AFC0E1377DD81EC2}" = DivX Codec
"{802771A9-A856-4A41-ACF7-1450E523C923}" = Adobe XMP Panels CS3
"{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable
"{88D422DB-E9C7-4E16-9D80-2999F4FD6AD9}" = Adobe Flash Player 9 Plugin
"{8D2BA474-F406-4710-9AE4-D4F22D21F0DD}" = Adobe Device Central CS3
"{8E6808E2-613D-4FCD-81A2-6C8FA8E03312}" = Adobe Type Support
"{90176341-0A8B-4CCC-A78D-F862228A6B95}" = Adobe Anchor Service CS3
"{95655ED4-7CA5-46DF-907F-7144877A32E5}" = Adobe Color NA Recommended Settings
"{9C9824D9-9000-4373-A6A5-D0E5D4831394}" = Adobe Bridge CS3
"{A14A8608-CF1C-4010-A348-7EA220C70305}_is1" = PerfectOptimizer 5.2
"{A2B242BD-FF8D-4840-9DAA-9170EABEC59C}" = Adobe CMaps
"{A2BCA9F1-566C-4805-97D1-7FDC93386723}" = Adobe AIR
"{A2D81E70-2A98-4A08-A628-94388B063C5E}" = Adobe Color - Photoshop Specific
"{A429C2AE-EBF1-4F81-A221-1C115CAADDAD}" = QuickTime
"{AC5B0C19-D851-42F4-BDA0-410ECF7F70A5}" = PDF Settings
"{AC76BA86-1033-0000-7760-000000000003}" = Adobe Acrobat 8 Professional
"{AC76BA86-7AD7-1033-7B44-A91000000001}" = Adobe Reader 9.1
"{B3BF6689-A81D-40D8-9A86-4AC4ACD9FC1C}" = Adobe Camera Raw 4.0
"{B671CBFD-4109-4D35-9252-3062D3CCB7B2}" = Adobe SING CS3
"{B7F560B3-6EFF-4026-A982-843895A41149}" = Adobe BridgeTalk Plugin CS3
"{B9B35331-B7E4-4E5C-BF4C-7BC87856124D}" = Adobe Default Language CS3
"{BC4F8E84-5E29-49EC-B4E7-E6F9CB50986C}" = Adobe Flash Player 9 ActiveX
"{C2D69781-F392-4118-A5A7-C7E9C38DBFC2}" = Adobe ExtendScript Toolkit 2
"{C5BD220A-EFE8-48A5-B70E-9503D535FACE}" = Adobe WAS CS3
"{CB3F8375-B600-4B9F-83C9-238ED1E583FD}" = Adobe InDesign CS3
"{D0DFF92A-492E-4C40-B862-A74A173C25C5}" = Adobe Version Cue CS3 Client
"{D2559B88-CC9D-4B48-81BB-F492BAA9C48C}" = Adobe PDF Library Files
"{D4DBF0C9-E294-4C01-A205-73B8ED947D50}" = Adobe Setup
"{DADD7B8A-BCB0-44F5-967A-ECB6B4F2ECD9}" = Adobe Color Common Settings
"{DB6BD5D5-8482-45C0-99CF-745C5B924497}" = WOT for Internet Explorer
"{DD7DB3C5-6FA3-4FA3-8A71-C2F2940EB029}" = Adobe Color JA Extra Settings
"{E69AE897-9E0B-485C-8552-7841F48D42D8}" = Adobe Update Manager CS3
"{EA7B3CC4-366D-4CF6-8350-FD7A7034116E}" = Adobe InDesign CS3 Icon Handler
"{F08E8D2E-F132-4742-9C87-D5FF223A016A}" = Adobe Illustrator CS3
"Adobe AIR" = Adobe AIR
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Adobe Shockwave Player" = Adobe Shockwave Player 11.5
"Adobe_0e772471f6aed60c960ed52600a76bd" = Add or Remove Adobe Creative Suite 3 Design Standard
"Agere Systems Soft Modem" = Agere Systems PCI Soft Modem
"avast!" = avast! Antivirus
"BitZipper_is1" = BitZipper 2009
"BookMaker Poker" = BookMaker Poker
"Canon MP190 series User Registration" = Canon MP190 series User Registration
"CanonMyPrinter" = Canon My Printer
"CanonSolutionMenu" = Canon Utilities Solution Menu
"Easy-PhotoPrint EX" = Canon Utilities Easy-PhotoPrint EX
"ERUNT_is1" = ERUNT 1.1j
"HijackThis" = HijackThis 2.0.2
"ie8" = Windows Internet Explorer 8
"Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware
"MP Navigator EX 1.2" = Canon MP Navigator EX 1.2
"MSCompPackV1" = Microsoft Compression Client Pack 1.0 for Windows XP
"PDF Snake_is1" = PDF Snake Version 4.33
"S3" = VIA/S3G Display Driver
"VN_VUIns_Rhine_VIA" = VIA Rhine-Family Fast Ethernet Adapter
"VTDisplay" = S3 S3Display
"VTGamma2" = S3 S3Gamma2
"VTInfo2" = S3 S3Info2
"VTOverlay" = S3 S3Overlay
"Windows Media Format Runtime" = Windows Media Format 11 runtime
"Windows Media Player" = Windows Media Player 11
"WMFDist11" = Windows Media Format 11 runtime
"wmp11" = Windows Media Player 11
"Wudf01000" = Microsoft User-Mode Driver Framework Feature Pack 1.0
========== HKEY_CURRENT_USER Uninstall List ==========
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
========== Last 10 Event Log Errors ==========
[ Application Events ]
Error - 9/13/2009 2:36:12 PM | Computer Name = UPS-64D31459931 | Source = Application Hang | ID = 1002
Description = Hanging application iexplore.exe, version 8.0.6001.18702, hang module
hungapp, version 0.0.0.0, hang address 0x00000000.
Error - 9/21/2009 9:29:08 PM | Computer Name = UPS-64D31459931 | Source = MsiInstaller | ID = 11904
Description = Product: Adobe Flash Player 9 ActiveX -- Error 1904.Module C:\WINDOWS2\system32\Macromed\Flash\FlDbg9c.ocx
failed to register. HRESULT -2147220473. Contact your support personnel.
Error - 10/3/2009 1:40:59 AM | Computer Name = UPS-64D31459931 | Source = Application Error | ID = 1000
Description = Faulting application iexplore.exe, version 8.0.6001.18702, faulting
module unknown, version 0.0.0.0, fault address 0x02f09f1c.
Error - 10/22/2009 6:42:51 PM | Computer Name = UPS-64D31459931 | Source = Application Hang | ID = 1002
Description = Hanging application iexplore.exe, version 8.0.6001.18702, hang module
hungapp, version 0.0.0.0, hang address 0x00000000.
Error - 10/22/2009 7:07:00 PM | Computer Name = UPS-64D31459931 | Source = Application Hang | ID = 1002
Description = Hanging application iexplore.exe, version 8.0.6001.18702, hang module
hungapp, version 0.0.0.0, hang address 0x00000000.
Error - 10/22/2009 7:07:11 PM | Computer Name = UPS-64D31459931 | Source = Application Hang | ID = 1002
Description = Hanging application iexplore.exe, version 8.0.6001.18702, hang module
hungapp, version 0.0.0.0, hang address 0x00000000.
Error - 10/22/2009 7:07:20 PM | Computer Name = UPS-64D31459931 | Source = Application Hang | ID = 1002
Description = Hanging application iexplore.exe, version 8.0.6001.18702, hang module
hungapp, version 0.0.0.0, hang address 0x00000000.
Error - 10/22/2009 7:07:23 PM | Computer Name = UPS-64D31459931 | Source = Application Hang | ID = 1002
Description = Hanging application iexplore.exe, version 8.0.6001.18702, hang module
hungapp, version 0.0.0.0, hang address 0x00000000.
Error - 10/22/2009 7:07:32 PM | Computer Name = UPS-64D31459931 | Source = Application Hang | ID = 1002
Description = Hanging application iexplore.exe, version 8.0.6001.18702, hang module
hungapp, version 0.0.0.0, hang address 0x00000000.
Error - 10/22/2009 7:07:35 PM | Computer Name = UPS-64D31459931 | Source = Application Hang | ID = 1002
Description = Hanging application iexplore.exe, version 8.0.6001.18702, hang module
hungapp, version 0.0.0.0, hang address 0x00000000.
[ System Events ]
Error - 8/22/2009 4:56:12 PM | Computer Name = UPS-64D31459931 | Source = Service Control Manager | ID = 7009
Description = Timeout (30000 milliseconds) waiting for the PEVSystemStart service
to connect.
Error - 8/22/2009 4:56:26 PM | Computer Name = UPS-64D31459931 | Source = Service Control Manager | ID = 7034
Description = The Application Layer Gateway Service service terminated unexpectedly.
It has done this 1 time(s).
Error - 8/22/2009 4:56:27 PM | Computer Name = UPS-64D31459931 | Source = Service Control Manager | ID = 7034
Description = The Print Spooler service terminated unexpectedly. It has done this
1 time(s).
Error - 8/22/2009 5:00:23 PM | Computer Name = UPS-64D31459931 | Source = Service Control Manager | ID = 7009
Description = Timeout (30000 milliseconds) waiting for the PEVSystemStart service
to connect.
Error - 8/22/2009 5:01:52 PM | Computer Name = UPS-64D31459931 | Source = Service Control Manager | ID = 7009
Description = Timeout (30000 milliseconds) waiting for the PEVSystemStart service
to connect.
Error - 8/22/2009 5:32:13 PM | Computer Name = UPS-64D31459931 | Source = Print | ID = 54
Description = Document https://ps.losrios.e...ey=0.3920147009
was corrupted and has been deleted. The associated driver is: AGFA-AccuSet v52.3.
Error - 8/22/2009 7:29:47 PM | Computer Name = UPS-64D31459931 | Source = Print | ID = 54
Description = Document https://ps.losrios.e...ey=0.3920147009
was corrupted and has been deleted. The associated driver is: AGFA-AccuSet v52.3.
Error - 8/23/2009 3:47:25 PM | Computer Name = UPS-64D31459931 | Source = sr | ID = 1
Description = The System Restore filter encountered the unexpected error '0xC000003A'
while processing the file '2.0.0.0__b03f5f7f11d50a3a' on the volume 'Hardd .. lume2'.
It has stopped monitoring the volume.
Error - 8/31/2009 1:39:10 PM | Computer Name = UPS-64D31459931 | Source = Dhcp | ID = 1002
Description = The IP address lease 192.168.1.100 for the Network Card with network
address 0011D812A91C has been denied by the DHCP server 192.168.1.1 (The DHCP Server
sent a DHCPNACK message).
Error - 8/31/2009 6:17:11 PM | Computer Name = UPS-64D31459931 | Source = Service Control Manager | ID = 7034
Description = The avast! Web Scanner service terminated unexpectedly. It has done
this 1 time(s).
< End of report >