I use AGV Anti Virus Free edition
Any help very much appreciated
Nick
My logs are{
Malwarebytes' Anti-Malware 1.46
www.malwarebytes.org
Database version: 4500
Windows 5.1.2600 Service Pack 3
Internet Explorer 6.0.2900.5512
29/08/2010 22:01:02
mbam-log-2010-08-29 (22-01-02).txt
Scan type: Quick scan
Objects scanned: 138576
Time elapsed: 8 minute(s), 53 second(s)
Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 0
Registry Values Infected: 0
Registry Data Items Infected: 0
Folders Infected: 0
Files Infected: 0
Memory Processes Infected:
(No malicious items detected)
Memory Modules Infected:
(No malicious items detected)
Registry Keys Infected:
(No malicious items detected)
Registry Values Infected:
(No malicious items detected)
Registry Data Items Infected:
(No malicious items detected)
Folders Infected:
(No malicious items detected)
Files Infected:
(No malicious items detected)
-------------------------------------------------------
GMER 1.0.15.15281 - http://www.gmer.net
Rootkit scan 2010-08-29 23:18:39
Windows 5.1.2600 Service Pack 3
Running: p4zecs3d.exe; Driver: C:\DOCUME~1\Nick\LOCALS~1\Temp\pxtdipow.sys
---- System - GMER 1.0.15 ----
SSDT \??\C:\Program Files\AVG\AVG9\Identity Protection\Agent\Driver\Platform_XP\AVGIDSShim.sys (IDS Application Activity Monitor Loader Driver./AVG Technologies ) ZwOpenProcess [0xF77A8470]
SSDT \??\C:\Program Files\AVG\AVG9\Identity Protection\Agent\Driver\Platform_XP\AVGIDSShim.sys (IDS Application Activity Monitor Loader Driver./AVG Technologies ) ZwTerminateProcess [0xF77A8520]
SSDT \??\C:\Program Files\AVG\AVG9\Identity Protection\Agent\Driver\Platform_XP\AVGIDSShim.sys (IDS Application Activity Monitor Loader Driver./AVG Technologies ) ZwTerminateThread [0xF77A85C0]
SSDT \??\C:\Program Files\AVG\AVG9\Identity Protection\Agent\Driver\Platform_XP\AVGIDSShim.sys (IDS Application Activity Monitor Loader Driver./AVG Technologies ) ZwWriteVirtualMemory [0xF77A8660]
---- Kernel code sections - GMER 1.0.15 ----
.text C:\WINDOWS\system32\DRIVERS\nv4_mini.sys section is writeable [0xB8ABE380, 0x2FF527, 0xE8000020]
---- Devices - GMER 1.0.15 ----
AttachedDevice \FileSystem\Ntfs \Ntfs AVGIDSFilter.sys (IDS Application Activity Monitor Filter Driver./AVG Technologies )
AttachedDevice \Driver\Tcpip \Device\Ip avgtdix.sys (AVG Network connection watcher/AVG Technologies CZ, s.r.o.)
AttachedDevice \Driver\Tcpip \Device\Tcp avgtdix.sys (AVG Network connection watcher/AVG Technologies CZ, s.r.o.)
AttachedDevice \Driver\Tcpip \Device\Udp avgtdix.sys (AVG Network connection watcher/AVG Technologies CZ, s.r.o.)
AttachedDevice \Driver\Tcpip \Device\RawIp avgtdix.sys (AVG Network connection watcher/AVG Technologies CZ, s.r.o.)
---- Disk sectors - GMER 1.0.15 ----
Disk \Device\Harddisk0\DR0 sector 01: copy of MBR
Disk \Device\Harddisk0\DR0 sector 02: copy of MBR
Disk \Device\Harddisk0\DR0 sector 03: copy of MBR
Disk \Device\Harddisk0\DR0 sector 04: copy of MBR
Disk \Device\Harddisk0\DR0 sector 05: copy of MBR
Disk \Device\Harddisk0\DR0 sector 06: copy of MBR
Disk \Device\Harddisk0\DR0 sector 07: copy of MBR
Disk \Device\Harddisk0\DR0 sector 08: copy of MBR
Disk \Device\Harddisk0\DR0 sector 09: copy of MBR
Disk \Device\Harddisk0\DR0 sector 10: copy of MBR
Disk \Device\Harddisk0\DR0 sector 11: copy of MBR
Disk \Device\Harddisk0\DR0 sector 12: copy of MBR
Disk \Device\Harddisk0\DR0 sector 13: copy of MBR
Disk \Device\Harddisk0\DR0 sector 14: copy of MBR
Disk \Device\Harddisk0\DR0 sector 15: copy of MBR
Disk \Device\Harddisk0\DR0 sector 16: copy of MBR
Disk \Device\Harddisk0\DR0 sector 17: copy of MBR
Disk \Device\Harddisk0\DR0 sector 18: copy of MBR
Disk \Device\Harddisk0\DR0 sector 19: copy of MBR
Disk \Device\Harddisk0\DR0 sector 20: copy of MBR
Disk \Device\Harddisk0\DR0 sector 21: copy of MBR
Disk \Device\Harddisk0\DR0 sector 22: copy of MBR
Disk \Device\Harddisk0\DR0 sector 23: copy of MBR
Disk \Device\Harddisk0\DR0 sector 24: copy of MBR
Disk \Device\Harddisk0\DR0 sector 25: copy of MBR
Disk \Device\Harddisk0\DR0 sector 26: copy of MBR
Disk \Device\Harddisk0\DR0 sector 27: copy of MBR
Disk \Device\Harddisk0\DR0 sector 28: copy of MBR
Disk \Device\Harddisk0\DR0 sector 29: copy of MBR
Disk \Device\Harddisk0\DR0 sector 30: copy of MBR
Disk \Device\Harddisk0\DR0 sector 31: copy of MBR
Disk \Device\Harddisk0\DR0 sector 32: copy of MBR
Disk \Device\Harddisk0\DR0 sector 33: copy of MBR
Disk \Device\Harddisk0\DR0 sector 34: copy of MBR
Disk \Device\Harddisk0\DR0 sector 35: copy of MBR
Disk \Device\Harddisk0\DR0 sector 36: copy of MBR
Disk \Device\Harddisk0\DR0 sector 37: copy of MBR
Disk \Device\Harddisk0\DR0 sector 38: copy of MBR
Disk \Device\Harddisk0\DR0 sector 39: copy of MBR
Disk \Device\Harddisk0\DR0 sector 40: copy of MBR
Disk \Device\Harddisk0\DR0 sector 41: copy of MBR
Disk \Device\Harddisk0\DR0 sector 42: copy of MBR
Disk \Device\Harddisk0\DR0 sector 43: copy of MBR
Disk \Device\Harddisk0\DR0 sector 44: copy of MBR
Disk \Device\Harddisk0\DR0 sector 45: copy of MBR
Disk \Device\Harddisk0\DR0 sector 46: copy of MBR
Disk \Device\Harddisk0\DR0 sector 47: copy of MBR
Disk \Device\Harddisk0\DR0 sector 48: copy of MBR
Disk \Device\Harddisk0\DR0 sector 49: copy of MBR
Disk \Device\Harddisk0\DR0 sector 50: copy of MBR
Disk \Device\Harddisk0\DR0 sector 51: copy of MBR
Disk \Device\Harddisk0\DR0 sector 52: copy of MBR
Disk \Device\Harddisk0\DR0 sector 53: copy of MBR
Disk \Device\Harddisk0\DR0 sector 54: copy of MBR
Disk \Device\Harddisk0\DR0 sector 55: copy of MBR
Disk \Device\Harddisk0\DR0 sector 56: copy of MBR
Disk \Device\Harddisk0\DR0 sector 57: copy of MBR
Disk \Device\Harddisk0\DR0 sector 58: copy of MBR
Disk \Device\Harddisk0\DR0 sector 59: copy of MBR
Disk \Device\Harddisk0\DR0 sector 60: copy of MBR
Disk \Device\Harddisk0\DR0 sector 61: copy of MBR
Disk \Device\Harddisk0\DR0 sector 62: copy of MBR
Disk \Device\Harddisk0\DR0 sector 63: rootkit-like behavior; copy of MBR
---- EOF - GMER 1.0.15 ----
------------------------------------------------------
OTL logfile created on: 29/08/2010 23:29:11 - Run 1
OTL by OldTimer - Version 3.2.11.0 Folder = C:\Documents and Settings\Nick\Desktop
Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 6.0.2900.5512)
Locale: 00000809 | Country: United Kingdom | Language: ENG | Date Format: dd/MM/yyyy
2.00 Gb Total Physical Memory | 1.00 Gb Available Physical Memory | 73.00% Memory free
4.00 Gb Paging File | 3.00 Gb Available in Paging File | 90.00% Paging File free
Paging file location(s): C:\pagefile.sys 2046 4092 [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 465.75 Gb Total Space | 314.75 Gb Free Space | 67.58% Space Free | Partition Type: NTFS
D: Drive not present or media not loaded
Drive E: | 186.30 Gb Total Space | 16.43 Gb Free Space | 8.82% Space Free | Partition Type: NTFS
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded
Computer Name: HAL
Current User Name: Nick
Logged in as Administrator.
Current Boot Mode: Normal
Scan Mode: Current user
Company Name Whitelist: On
Skip Microsoft Files: On
File Age = 90 Days
Output = Minimal
Quick Scan
========== Processes (SafeList) ==========
PRC - C:\Documents and Settings\Nick\Desktop\OTL.exe (OldTimer Tools)
PRC - C:\Program Files\AVG\AVG9\avgchsvx.exe (AVG Technologies CZ, s.r.o.)
PRC - C:\Program Files\AVG\AVG9\avgnsx.exe (AVG Technologies CZ, s.r.o.)
PRC - C:\Program Files\AVG\AVG9\avgrsx.exe (AVG Technologies CZ, s.r.o.)
PRC - C:\Program Files\AVG\AVG9\avgtray.exe (AVG Technologies CZ, s.r.o.)
PRC - C:\Program Files\AVG\AVG9\avgfws9.exe (AVG Technologies CZ, s.r.o.)
PRC - C:\Program Files\AVG\AVG9\avgcsrvx.exe (AVG Technologies CZ, s.r.o.)
PRC - C:\Program Files\AVG\AVG9\avgam.exe (AVG Technologies CZ, s.r.o.)
PRC - C:\Program Files\AVG\AVG9\avgwdsvc.exe (AVG Technologies CZ, s.r.o.)
PRC - C:\Program Files\AVG\AVG9\Identity Protection\Agent\Bin\AVGIDSAgent.exe (AVG Technologies CZ, s.r.o.)
PRC - C:\Program Files\AVG\AVG9\Identity Protection\Agent\Bin\AVGIDSMonitor.exe (AVG Technologies CZ, s.r.o.)
PRC - C:\Program Files\TomTom HOME 2\TomTomHOMEService.exe (TomTom)
PRC - C:\Program Files\Common Files\Real\Update_OB\realsched.exe (RealNetworks, Inc.)
PRC - C:\Program Files\Sony Ericsson\Sony Ericsson PC Suite\SupServ.exe ()
PRC - C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACService.exe (ArcSoft Inc.)
PRC - C:\WINDOWS\explorer.exe (Microsoft Corporation)
PRC - c:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe (Protexis Inc.)
========== Modules (SafeList) ==========
MOD - C:\Documents and Settings\Nick\Desktop\OTL.exe (OldTimer Tools)
MOD - C:\WINDOWS\system32\msscript.ocx (Microsoft Corporation)
========== Win32 Services (SafeList) ==========
SRV - (WMPNetworkSvc) -- C:\Program Files\Windows Media Player\WMPNetwk.exe File not found
SRV - (IDriverT) -- C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe File not found
SRV - (HidServ) -- C:\WINDOWS\System32\hidserv.dll File not found
SRV - (Adobe LM Service) -- C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe File not found
SRV - (avgfws9) -- C:\Program Files\AVG\AVG9\avgfws9.exe (AVG Technologies CZ, s.r.o.)
SRV - (avg9wd) -- C:\Program Files\AVG\AVG9\avgwdsvc.exe (AVG Technologies CZ, s.r.o.)
SRV - (AVGIDSAgent) -- C:\Program Files\AVG\AVG9\Identity Protection\Agent\Bin\AVGIDSAgent.exe (AVG Technologies CZ, s.r.o.)
SRV - (TomTomHOMEService) -- C:\Program Files\TomTom HOME 2\TomTomHOMEService.exe (TomTom)
SRV - (getPlusHelper) getPlus® -- C:\Program Files\NOS\bin\getPlus_Helper.dll (NOS Microsystems Ltd.)
SRV - (McComponentHostService) -- C:\Program Files\McAfee Security Scan\2.0.181\McCHSvc.exe (McAfee, Inc.)
SRV - (FLEXnet Licensing Service) -- C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe (Acresso Software Inc.)
SRV - (OMSI download service) -- C:\Program Files\Sony Ericsson\Sony Ericsson PC Suite\SupServ.exe ()
SRV - (ACDaemon) -- C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACService.exe (ArcSoft Inc.)
SRV - (PSI_SVC_2) -- c:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe (Protexis Inc.)
========== Driver Services (SafeList) ==========
DRV - (TfSysMon) -- C:\WINDOWS\System32\drivers\TfSysMon.sys File not found
DRV - (TfNetMon) -- C:\WINDOWS\System32\drivers\TfNetMon.sys File not found
DRV - (TfFsMon) -- C:\WINDOWS\System32\drivers\TfFsMon.sys File not found
DRV - (MpKsl7af3e666) -- C:\WINDOWS\System32\MpEngineStore\MpKsl7af3e666.sys File not found
DRV - (JakNDisMP) -- C:\WINDOWS\System32\DRIVERS\JakNDis.sys File not found
DRV - (appliandMP) -- C:\WINDOWS\System32\DRIVERS\appliand.sys File not found
DRV - (AvgRkx86) -- C:\WINDOWS\System32\Drivers\avgrkx86.sys (AVG Technologies CZ, s.r.o.)
DRV - (AVGIDSErHrxpx) -- C:\WINDOWS\System32\Drivers\AVGIDSxx.sys (AVG Technologies )
DRV - (AvgTdiX) -- C:\WINDOWS\System32\Drivers\avgtdix.sys (AVG Technologies CZ, s.r.o.)
DRV - (AvgLdx86) -- C:\WINDOWS\System32\Drivers\avgldx86.sys (AVG Technologies CZ, s.r.o.)
DRV - (AvgMfx86) -- C:\WINDOWS\System32\Drivers\avgmfx86.sys (AVG Technologies CZ, s.r.o.)
DRV - (AVGIDSDriverxpx) -- C:\Program Files\AVG\AVG9\Identity Protection\Agent\Driver\Platform_XP\AVGIDSDriver.sys (AVG Technologies )
DRV - (AVGIDSFilterxpx) -- C:\Program Files\AVG\AVG9\Identity Protection\Agent\Driver\Platform_XP\AVGIDSFilter.sys (AVG Technologies )
DRV - (AVGIDSShimxpx) -- C:\Program Files\AVG\AVG9\Identity Protection\Agent\Driver\Platform_XP\AVGIDSShim.sys (AVG Technologies )
DRV - (Avgfwfd) -- C:\WINDOWS\system32\drivers\avgfwdx.sys (AVG Technologies CZ, s.r.o.)
DRV - (Avgfwdx) -- C:\WINDOWS\system32\drivers\avgfwdx.sys (AVG Technologies CZ, s.r.o.)
DRV - (AVerA16A) -- C:\WINDOWS\system32\drivers\AVerA16A.sys (AVerMedia)
DRV - (IntcAzAudAddService) Service for Realtek HD Audio (WDM) -- C:\WINDOWS\system32\drivers\RtkHDAud.sys (Realtek Semiconductor Corp.)
DRV - (s0017mdm) -- C:\WINDOWS\system32\drivers\s0017mdm.sys (MCCI Corporation)
DRV - (s0017unic) Sony Ericsson Device 0017 USB Ethernet Emulation SEMC0017 (WDM) -- C:\WINDOWS\system32\drivers\s0017unic.sys (MCCI Corporation)
DRV - (s0017mgmt) Sony Ericsson Device 0017 USB WMC Device Management Drivers (WDM) -- C:\WINDOWS\system32\drivers\s0017mgmt.sys (MCCI Corporation)
DRV - (s0017obex) -- C:\WINDOWS\system32\drivers\s0017obex.sys (MCCI Corporation)
DRV - (s0017bus) Sony Ericsson Device 0017 driver (WDM) -- C:\WINDOWS\system32\drivers\s0017bus.sys (MCCI Corporation)
DRV - (s0017nd5) Sony Ericsson Device 0017 USB Ethernet Emulation SEMC0017 (NDIS) -- C:\WINDOWS\system32\drivers\s0017nd5.sys (MCCI Corporation)
DRV - (s0017mdfl) -- C:\WINDOWS\system32\drivers\s0017mdfl.sys (MCCI Corporation)
DRV - (adfs) -- C:\WINDOWS\System32\drivers\adfs.sys (Adobe Systems, Inc.)
DRV - (MPE) -- C:\WINDOWS\system32\drivers\MPE.sys (Microsoft Corporation)
DRV - (HDAudBus) -- C:\WINDOWS\system32\drivers\hdaudbus.sys (Windows ® Server 2003 DDK provider)
DRV - (RTLE8023xp) -- C:\WINDOWS\system32\drivers\Rtenicxp.sys (Realtek Semiconductor Corporation )
DRV - (nv) -- C:\WINDOWS\system32\drivers\nv4_mini.sys (NVIDIA Corporation)
DRV - (nvcap) nVidia WDM Video Capture (universal) -- C:\WINDOWS\system32\drivers\NVCAP.SYS (NVIDIA Corporation)
DRV - (NVXBAR) -- C:\WINDOWS\system32\drivers\NVXBAR.SYS (NVIDIA Corporation)
DRV - (TBPanel) -- C:\WINDOWS\System32\drivers\TBPanel.sys (Windows ® 2000 DDK provider)
DRV - (Afc) -- C:\WINDOWS\system32\drivers\afc.sys (Arcsoft, Inc.)
DRV - (ASPI) -- C:\WINDOWS\system32\drivers\ASPI32.SYS (Adaptec)
DRV - (UMAXPCLS) -- C:\WINDOWS\system32\drivers\umaxpcls.sys (Microsoft Corporation)
DRV - (irsir) -- C:\WINDOWS\system32\drivers\irsir.sys (Microsoft Corporation)
========== Standard Registry (SafeList) ==========
========== Internet Explorer ==========
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://search.myheritage.com
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.geekstogo...cleaning-guide/
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
========== FireFox ==========
FF - prefs.js..browser.search.defaultenginename: "Winamp Search"
FF - prefs.js..browser.search.defaulturl: "http://slirsredirect...nampie7&query="
FF - prefs.js..browser.search.selectedEngine: "Search"
FF - prefs.js..browser.search.useDBForOrder: true
FF - prefs.js..browser.startup.homepage: "http://www.google.co...k/webhp?rls=ig"
FF - prefs.js..extensions.enabledItems: {E2883E8F-472F-4fb0-9522-AC9BF37916A7}:1.6.2.60
FF - prefs.js..extensions.enabledItems: [email protected]:1.0.0.1
FF - prefs.js..extensions.enabledItems: {a7c6cf7f-112c-4500-a7ea-39801a327e5f}:1.0.9
FF - prefs.js..extensions.enabledItems: [email protected]:1.0
FF - prefs.js..extensions.enabledItems: [email protected]:4.0.0
FF - prefs.js..extensions.enabledItems: {0b38152b-1b20-484d-a11f-5e04a9b0661f}:5.6.11.2
FF - prefs.js..extensions.enabledItems: {95B184DD-1F54-422A-94D1-C9042D531E67}:1.9.1
FF - prefs.js..extensions.enabledItems: {51695FBA-5EDF-4635-8EF9-EB26CDE41325}:1.9.1
FF - prefs.js..extensions.enabledItems: {51788BD7-062D-4340-814E-5AA06E32A440}:1.9.1
FF - prefs.js..extensions.enabledItems: {8F599C26-E91B-4913-ABF6-8EFBE7A96645}:1.9.1
FF - prefs.js..extensions.enabledItems: {e001c731-5e37-4538-a5cb-8168736a2360}:0.9.9.30
FF - prefs.js..extensions.enabledItems: {e3f6c2cc-d8db-498c-af6c-499fb211db97}:1.8.3
FF - prefs.js..extensions.enabledItems: [email protected]:1.19
FF - prefs.js..extensions.enabledItems: [email protected]:1.11
FF - prefs.js..extensions.enabledItems: {3f963a5b-e555-4543-90e2-c3908898db71}:9.0.0.716
FF - prefs.js..keyword.URL: "http://search.myheri...om/?orig=ds&q="
FF - HKLM\software\mozilla\Firefox\Extensions\\{95B184DD-1F54-422A-94D1-C9042D531E67}: C:\Documents and Settings\Nick\Local Settings\Application Data\{95B184DD-1F54-422A-94D1-C9042D531E67} [2009/12/26 20:02:21 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Firefox\Extensions\\{51695FBA-5EDF-4635-8EF9-EB26CDE41325}: C:\Documents and Settings\Nick\Local Settings\Application Data\{51695FBA-5EDF-4635-8EF9-EB26CDE41325} [2009/12/30 00:49:32 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Firefox\Extensions\\{51788BD7-062D-4340-814E-5AA06E32A440}: C:\Documents and Settings\Nick\Local Settings\Application Data\{51788BD7-062D-4340-814E-5AA06E32A440} [2010/01/05 23:00:08 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Firefox\Extensions\\{8F599C26-E91B-4913-ABF6-8EFBE7A96645}: C:\Documents and Settings\Nick\Local Settings\Application Data\{8F599C26-E91B-4913-ABF6-8EFBE7A96645}\ [2010/01/11 02:09:39 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Firefox\Extensions\\[email protected]: C:\Program Files\AutocompletePro\[email protected] [2010/08/05 20:59:25 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Firefox\Extensions\\{3f963a5b-e555-4543-90e2-c3908898db71}: C:\Program Files\AVG\AVG9\Firefox [2010/08/29 16:42:54 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.8\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2010/07/24 14:32:07 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.8\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2010/08/28 15:10:11 | 000,000,000 | ---D | M]
[2010/01/14 13:37:03 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Nick\Application Data\Mozilla\Extensions
[2010/01/14 13:37:03 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Nick\Application Data\Mozilla\Extensions\[email protected]
[2010/08/29 18:09:48 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Nick\Application Data\Mozilla\Firefox\Profiles\0pann98i.default\extensions
[2009/12/05 11:49:16 | 000,000,000 | ---D | M] (Winamp Toolbar) -- C:\Documents and Settings\Nick\Application Data\Mozilla\Firefox\Profiles\0pann98i.default\extensions\{0b38152b-1b20-484d-a11f-5e04a9b0661f}
[2010/07/06 08:03:10 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Documents and Settings\Nick\Application Data\Mozilla\Firefox\Profiles\0pann98i.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}
[2010/06/11 08:14:17 | 000,000,000 | ---D | M] (FireFTP) -- C:\Documents and Settings\Nick\Application Data\Mozilla\Firefox\Profiles\0pann98i.default\extensions\{a7c6cf7f-112c-4500-a7ea-39801a327e5f}
[2010/08/04 10:27:10 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Nick\Application Data\Mozilla\Firefox\Profiles\0pann98i.default\extensions\{e001c731-5e37-4538-a5cb-8168736a2360}
[2010/02/06 11:37:58 | 000,000,000 | ---D | M] (Adobe DLM (powered by getPlus®)) -- C:\Documents and Settings\Nick\Application Data\Mozilla\Firefox\Profiles\0pann98i.default\extensions\{E2883E8F-472F-4fb0-9522-AC9BF37916A7}
[2010/06/11 08:14:15 | 000,000,000 | ---D | M] (Page Speed) -- C:\Documents and Settings\Nick\Application Data\Mozilla\Firefox\Profiles\0pann98i.default\extensions\{e3f6c2cc-d8db-498c-af6c-499fb211db97}
[2010/06/11 08:15:59 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Nick\Application Data\Mozilla\Firefox\Profiles\0pann98i.default\extensions\[email protected]
[2010/02/07 10:59:27 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Nick\Application Data\Mozilla\Firefox\Profiles\0pann98i.default\extensions\[email protected]
[2009/10/31 21:04:50 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Nick\Application Data\Mozilla\Firefox\Profiles\0pann98i.default\extensions\[email protected]
[2009/12/05 11:49:22 | 000,001,201 | ---- | M] () -- C:\Documents and Settings\Nick\Application Data\Mozilla\Firefox\Profiles\0pann98i.default\searchplugins\winamp-search.xml
[2010/08/29 18:09:48 | 000,000,000 | ---D | M] -- C:\Program Files\Mozilla Firefox\extensions
[2010/04/12 23:30:01 | 000,001,538 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\amazon-en-GB.xml
[2010/04/12 23:30:01 | 000,000,947 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\chambers-en-GB.xml
[2010/04/12 23:30:01 | 000,000,769 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\eBay-en-GB.xml
[2010/06/13 00:47:46 | 000,003,803 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\MyHeritage.xml
[2010/04/12 23:30:01 | 000,001,135 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\yahoo-en-GB.xml
O1 HOSTS File: ([2010/01/09 19:08:59 | 000,001,216 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: 127.0.0.1 activate.adobe.com
O1 - Hosts: 127.0.0.1 practivate.adobe.com
O1 - Hosts: 127.0.0.1 ereg.adobe.com
O1 - Hosts: 127.0.0.1 activate.wip3.adobe.com
O1 - Hosts: 127.0.0.1 wip3.adobe.com
O1 - Hosts: 127.0.0.1 3dns-3.adobe.com
O1 - Hosts: 127.0.0.1 3dns-2.adobe.com
O1 - Hosts: 127.0.0.1 adobe-dns.adobe.com
O1 - Hosts: 127.0.0.1 adobe-dns-2.adobe.com
O1 - Hosts: 127.0.0.1 adobe-dns-3.adobe.com
O1 - Hosts: 127.0.0.1 ereg.wip3.adobe.com
O1 - Hosts: 127.0.0.1 activate-sea.adobe.com
O1 - Hosts: 127.0.0.1 wwis-dubc1-vip60.adobe.com
O1 - Hosts: 127.0.0.1 activate-sjc0.adobe.com
O2 - BHO: (SnagIt Toolbar Loader) - {00C6482D-C502-44C8-8409-FCE54AD9C208} - C:\Program Files\TechSmith\Snagit 10\SnagitBHO.dll (TechSmith Corporation)
O2 - BHO: (Adobe PDF Reader Link Helper) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
O2 - BHO: (AC-Pro) - {0FB6A909-6086-458F-BD92-1F8EE10042A0} - C:\Program Files\AutocompletePro\AutocompletePro.dll (SimplyGen)
O2 - BHO: (AVG Safe Search) - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG9\avgssie.dll (AVG Technologies CZ, s.r.o.)
O2 - BHO: (JQSIEStartDetectorImpl Class) - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll File not found
O3 - HKLM\..\Toolbar: (Snagit) - {8FF5E183-ABDE-46EB-B09E-D2AAB95CABE3} - C:\Program Files\TechSmith\Snagit 10\SnagitIEAddin.dll (TechSmith Corporation)
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {8FF5E180-ABDE-46EB-B09E-D2AAB95CABE3} - No CLSID value found.
O4 - HKLM..\Run: [AVG9_TRAY] C:\Program Files\AVG\AVG9\avgtray.exe (AVG Technologies CZ, s.r.o.)
O4 - HKLM..\Run: [NvCplDaemon] C:\WINDOWS\System32\NvCpl.DLL (NVIDIA Corporation)
O4 - HKLM..\Run: [TkBellExe] C:\Program Files\Common Files\Real\Update_OB\realsched.exe (RealNetworks, Inc.)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O8 - Extra context menu item: Open with WordPerfect - c:\Program Files\Corel\WordPerfect Office X5\Programs\WPLauncher.hta ()
O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_16)
O16 - DPF: {B9F79165-A264-4C4A-A211-133A5E8D647F} http://support.f-sec.../fshc/fscax.cab (F-Secure Health Check 1.1)
O16 - DPF: {CAFEEFAC-0016-0000-0016-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_16)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_16)
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.ad...Plus/1.6/gp.cab (get_atlcom Class)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 194.168.4.100 194.168.8.100
O18 - Protocol\Handler\linkscanner {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG9\avgpp.dll (AVG Technologies CZ, s.r.o.)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - Winlogon\Notify\avgrsstarter: DllName - avgrsstx.dll - C:\WINDOWS\System32\avgrsstx.dll (AVG Technologies CZ, s.r.o.)
O24 - Desktop WallPaper: C:\Documents and Settings\Nick\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O24 - Desktop BackupWallPaper: C:\Documents and Settings\Nick\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2009/12/31 19:11:32 | 000,000,050 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O32 - AutoRun File - [2005/02/25 00:18:14 | 000,000,000 | ---- | M] () - E:\AUTOEXEC.BAT -- [ NTFS ]
O33 - MountPoints2\{bdd3a788-b591-11de-bd1e-001966d8cb79}\Shell\AutoRun\command - "" = F:\InstallTomTomHOME.exe -- File not found
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
NetSvcs: 6to4 - File not found
NetSvcs: HidServ - C:\WINDOWS\System32\hidserv.dll File not found
NetSvcs: Ias - File not found
NetSvcs: Iprip - File not found
NetSvcs: NWCWorkstation - File not found
NetSvcs: Nwsapagent - File not found
NetSvcs: WmdmPmSp - File not found
Drivers32: msacm.ac3acm - C:\WINDOWS\System32\AC3ACM.acm (fccHandler)
Drivers32: msacm.alf2cd - C:\WINDOWS\System32\alf2cd.acm (NCT Company)
Drivers32: msacm.iac2 - C:\WINDOWS\system32\iac25_32.ax (Intel Corporation)
Drivers32: msacm.l3acm - C:\WINDOWS\system32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: msacm.scg726 - C:\WINDOWS\System32\Scg726.acm (SHARP Corporation)
Drivers32: msacm.sl_anet - C:\WINDOWS\System32\sl_anet.acm (Sipro Lab Telecom Inc.)
Drivers32: msacm.trspch - C:\WINDOWS\System32\tssoft32.acm (DSP GROUP, INC.)
Drivers32: msacm.voxacm160 - C:\WINDOWS\System32\vct3216.acm (Voxware, Inc.)
Drivers32: MSVideo8 - C:\WINDOWS\System32\vfwwdm32.dll (Microsoft Corporation)
Drivers32: vidc.cvid - C:\WINDOWS\System32\iccvid.dll (Radius Inc.)
Drivers32: vidc.DIVX - C:\WINDOWS\System32\divx.dll (DivXNetworks, Inc.)
Drivers32: vidc.dvsd - C:\WINDOWS\System32\mcdvd_32.dll (MainConcept)
Drivers32: vidc.iv31 - C:\WINDOWS\System32\ir32_32.dll ()
Drivers32: vidc.iv32 - C:\WINDOWS\System32\ir32_32.dll ()
Drivers32: vidc.iv41 - C:\WINDOWS\System32\ir41_32.ax ()
Drivers32: vidc.iv50 - C:\WINDOWS\System32\ir50_32.dll ()
Drivers32: vidc.mp42 - C:\WINDOWS\System32\mpg4c32.dll (Microsoft Corporation)
Drivers32: vidc.mp43 - C:\WINDOWS\System32\mpg4c32.dll (Microsoft Corporation)
Drivers32: vidc.mpg4 - C:\WINDOWS\System32\mpg4c32.dll (Microsoft Corporation)
Drivers32: vidc.XVID - C:\WINDOWS\System32\xvidvfw.dll ()
CREATERESTOREPOINT
Restore point Set: OTL Restore Point (56590081070202880)
========== Files/Folders - Created Within 90 Days ==========
[2010/08/29 23:27:58 | 000,574,976 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\Nick\Desktop\OTL.exe
[2010/08/29 21:43:34 | 000,000,000 | ---D | C] -- C:\WINDOWS\ERDNT
[2010/08/29 21:42:41 | 000,000,000 | ---D | C] -- C:\Program Files\ERUNT
[2010/08/29 21:41:16 | 000,791,393 | ---- | C] (Lars Hederer ) -- C:\Documents and Settings\Nick\Desktop\erunt-setup.exe
[2010/08/29 21:27:05 | 000,446,464 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\Nick\Desktop\TFC.exe
[2010/08/29 16:43:34 | 000,161,800 | ---- | C] (AVG Technologies CZ, s.r.o.) -- C:\WINDOWS\System32\drivers\avgrkx86.sys
[2010/08/29 16:43:34 | 000,025,608 | ---- | C] (AVG Technologies ) -- C:\WINDOWS\System32\drivers\AVGIDSxx.sys
[2010/08/29 16:43:34 | 000,012,464 | ---- | C] (AVG Technologies CZ, s.r.o.) -- C:\WINDOWS\System32\avgrsstx.dll
[2010/08/29 16:43:33 | 000,360,584 | ---- | C] (AVG Technologies CZ, s.r.o.) -- C:\WINDOWS\System32\drivers\avgtdix.sys
[2010/08/29 16:43:26 | 000,333,192 | ---- | C] (AVG Technologies CZ, s.r.o.) -- C:\WINDOWS\System32\drivers\avgldx86.sys
[2010/08/29 16:43:25 | 000,028,424 | ---- | C] (AVG Technologies CZ, s.r.o.) -- C:\WINDOWS\System32\drivers\avgmfx86.sys
[2010/08/29 16:43:19 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\drivers\Avg
[2010/08/29 16:42:54 | 000,050,968 | ---- | C] (AVG Technologies CZ, s.r.o.) -- C:\WINDOWS\System32\avgfwdx.dll
[2010/08/29 16:42:54 | 000,030,104 | ---- | C] (AVG Technologies CZ, s.r.o.) -- C:\WINDOWS\System32\drivers\avgfwdx.sys
[2010/08/29 12:15:27 | 006,153,376 | ---- | C] (Malwarebytes Corporation ) -- C:\Documents and Settings\Nick\Desktop\zztoy.exe.exe
[2010/08/28 11:29:58 | 000,000,000 | ---D | C] -- C:\Program Files\temp
[2010/08/28 11:29:51 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft
[2010/08/28 09:52:45 | 000,000,000 | ---D | C] -- C:\Program Files\IrfanView
[2010/08/26 21:16:59 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Nick\My Documents\Download Cache
[2010/08/26 17:52:56 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Nick\My Documents\My Guitar Lessons
[2010/08/15 08:39:30 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Nick\My Documents\Snagit
[2010/08/15 08:37:54 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\TechSmith
[2010/08/15 08:37:46 | 000,000,000 | ---D | C] -- C:\Program Files\TechSmith
[2010/08/15 08:37:45 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Nick\Local Settings\Application Data\TechSmith
[2010/08/14 21:44:33 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Documents\Jacquie'swebsite
[2010/08/14 16:00:45 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Nick\My Documents\Pics
[2010/08/14 15:55:55 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Nick\My Documents\Nikon S203 manual
[2010/08/14 15:46:17 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Nick\Application Data\Nikon
[2010/08/14 15:41:49 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Gems
[2010/08/14 15:40:23 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\muvee Technologies
[2010/08/14 15:40:17 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Nikon
[2010/08/14 15:40:17 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Nikon
[2010/08/14 15:40:09 | 000,000,000 | ---D | C] -- C:\Program Files\Nikon
[2010/08/14 15:39:35 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Ultima_T15
[2010/08/14 15:39:35 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Flange Saw
[2010/08/14 15:39:35 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\EnterNHelp
[2010/08/12 23:14:26 | 000,000,000 | ---D | C] -- C:\Flac encoder
[2010/08/05 20:59:25 | 000,000,000 | ---D | C] -- C:\Program Files\AutocompletePro
[2010/08/05 20:58:12 | 000,000,000 | ---D | C] -- C:\Program Files\MKV Player
[2010/08/03 09:36:05 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Nick\My Documents\My Streaming Media
[2010/08/03 09:36:02 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Nick\Local Settings\Application Data\Jaksta_LLC
[2010/08/03 09:32:18 | 000,000,000 | ---D | C] -- C:\Program Files\Jaksta
[2010/08/03 00:25:45 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Nick\My Documents\My Recordings
[2010/08/03 00:20:30 | 000,323,584 | ---- | C] (Stefan Toengi) -- C:\WINDOWS\System32\AUDIOGENIE2.DLL
[2010/08/03 00:19:59 | 000,000,000 | ---D | C] -- C:\Program Files\Replay Media Catcher
[2010/08/03 00:19:05 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Nick\My Documents\New Folder
[2010/08/03 00:12:18 | 000,000,000 | ---D | C] -- C:\WINDOWS\Replay Media Catcher
[2010/08/03 00:12:17 | 000,000,000 | ---D | C] -- C:\Program Files\Applian Director
[2010/08/02 23:36:22 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Nick\Application Data\ProgSense
[2010/08/02 23:36:15 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Nick\Application Data\GrabPro
[2010/08/02 23:36:15 | 000,000,000 | ---D | C] -- C:\downloads
[2010/08/02 23:36:12 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Nick\Application Data\Orbit
[2010/07/15 05:44:36 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Nick\Application Data\Buur
[2010/07/12 20:48:57 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Nick\Application Data\Ovyk
[2010/07/04 22:39:58 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Documents\Recipes
[2010/07/04 10:26:16 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\XPSViewer
[2010/07/04 10:26:11 | 000,000,000 | ---D | C] -- C:\Program Files\MSBuild
[2010/07/04 10:26:02 | 000,000,000 | ---D | C] -- C:\Program Files\Reference Assemblies
[2010/07/04 10:25:25 | 000,000,000 | ---D | C] -- C:\bb76f8233e4de05218f367fb
[2010/07/04 09:49:38 | 000,000,000 | ---D | C] -- C:\Program Files\MSXML 4.0
[2010/07/03 16:32:13 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Nick\My Documents\Working Files
[2010/07/03 16:31:33 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Nick\Application Data\Corel
[2010/07/03 16:27:56 | 000,000,000 | R-SD | C] -- C:\WINDOWS\assembly
[2010/07/03 16:26:31 | 000,000,000 | ---D | C] -- C:\WINDOWS\Microsoft.NET
[2010/07/03 16:24:02 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Protexis
[2010/07/03 16:23:27 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Documents\WordPerfect Office
[2010/07/03 16:23:24 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Corel
[2010/07/03 16:23:15 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Corel
[2010/07/03 16:22:39 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Borland Shared
[2010/07/03 16:22:39 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Borland
[2010/07/03 16:22:11 | 000,000,000 | ---D | C] -- C:\Program Files\Corel
[2010/06/21 23:20:55 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Nick\Application Data\Scalabium
[2010/06/13 00:50:12 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Nick\My Documents\MyHeritage
[2010/06/13 00:50:12 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Nick\Application Data\MyHeritage
[2010/06/13 00:50:12 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\MyHeritage
[2010/06/13 00:47:41 | 000,000,000 | ---D | C] -- C:\Program Files\Family Toolbar
[2010/06/13 00:46:26 | 000,000,000 | ---D | C] -- C:\Program Files\MyHeritage
[2010/06/12 19:13:06 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Nick\My Documents\Poster Dev
[2010/06/06 14:01:42 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Nick\My Documents\Textures
[2010/06/05 12:32:45 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Nick\Application Data\Leadertech
[2010/06/04 16:51:00 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Nick\Local Settings\Application Data\ABBYY
[2010/06/04 16:26:23 | 000,000,000 | ---D | C] -- C:\Program Files\Epson Software
[2010/06/04 16:25:52 | 000,000,000 | ---D | C] -- C:\Program Files\ABBYY FineReader 6.0 Sprint
[2010/06/04 16:25:31 | 000,018,688 | ---- | C] (Arcsoft, Inc.) -- C:\WINDOWS\System32\drivers\afc.sys
[2010/01/15 11:04:34 | 000,148,736 | ---- | C] (Avanquest Software) -- C:\Documents and Settings\All Users\Application Data\hpeE.dll
========== Files - Modified Within 90 Days ==========
[2010/08/29 23:29:00 | 000,000,880 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
[2010/08/29 23:28:05 | 000,574,976 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Nick\Desktop\OTL.exe
[2010/08/29 23:24:38 | 000,002,206 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2010/08/29 23:24:38 | 000,000,876 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
[2010/08/29 23:24:37 | 000,000,276 | ---- | M] () -- C:\WINDOWS\tasks\RealUpgradeLogonTaskS-1-5-21-299502267-796845957-682003330-1003.job
[2010/08/29 23:23:46 | 000,000,006 | -H-- | M] () -- C:\WINDOWS\tasks\SA.DAT
[2010/08/29 23:23:44 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2010/08/29 21:42:44 | 000,000,592 | ---- | M] () -- C:\Documents and Settings\Nick\Desktop\ERUNT.lnk
[2010/08/29 21:41:26 | 000,791,393 | ---- | M] (Lars Hederer ) -- C:\Documents and Settings\Nick\Desktop\erunt-setup.exe
[2010/08/29 21:33:55 | 007,340,032 | -H-- | M] () -- C:\Documents and Settings\Nick\NTUSER.DAT
[2010/08/29 21:27:28 | 000,446,464 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Nick\Desktop\TFC.exe
[2010/08/29 16:43:34 | 000,161,800 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\WINDOWS\System32\drivers\avgrkx86.sys
[2010/08/29 16:43:34 | 000,025,608 | ---- | M] (AVG Technologies ) -- C:\WINDOWS\System32\drivers\AVGIDSxx.sys
[2010/08/29 16:43:34 | 000,012,464 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\WINDOWS\System32\avgrsstx.dll
[2010/08/29 16:43:34 | 000,001,507 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\AVG 9.0.lnk
[2010/08/29 16:43:33 | 000,360,584 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\WINDOWS\System32\drivers\avgtdix.sys
[2010/08/29 16:43:27 | 000,333,192 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\WINDOWS\System32\drivers\avgldx86.sys
[2010/08/29 16:43:25 | 064,052,916 | ---- | M] () -- C:\WINDOWS\System32\drivers\Avg\incavi.avm
[2010/08/29 16:43:25 | 000,616,965 | ---- | M] () -- C:\WINDOWS\System32\drivers\Avg\iavifw.avm
[2010/08/29 16:43:25 | 000,113,461 | ---- | M] () -- C:\WINDOWS\System32\drivers\Avg\iavichjw.avm
[2010/08/29 16:43:25 | 000,028,424 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\WINDOWS\System32\drivers\avgmfx86.sys
[2010/08/29 16:43:19 | 006,061,540 | ---- | M] () -- C:\WINDOWS\System32\drivers\Avg\avi7.avg
[2010/08/29 16:43:19 | 000,492,629 | ---- | M] () -- C:\WINDOWS\System32\drivers\Avg\miniavi.avg
[2010/08/29 16:43:19 | 000,142,495 | ---- | M] () -- C:\WINDOWS\System32\drivers\Avg\microavi.avg
[2010/08/29 16:42:54 | 000,050,968 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\WINDOWS\System32\avgfwdx.dll
[2010/08/29 16:42:54 | 000,030,104 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\WINDOWS\System32\drivers\avgfwdx.sys
[2010/08/29 13:45:12 | 000,293,376 | ---- | M] () -- C:\Documents and Settings\Nick\Desktop\p4zecs3d.exe
[2010/08/29 13:10:43 | 000,293,376 | ---- | M] () -- C:\Documents and Settings\Nick\Desktop\zlt51ov0.exe
[2010/08/29 12:25:09 | 000,000,000 | ---- | M] () -- C:\Documents and Settings\Nick\Local Settings\Application Data\prvlcl.dat
[2010/08/29 12:15:28 | 006,153,376 | ---- | M] (Malwarebytes Corporation ) -- C:\Documents and Settings\Nick\Desktop\zztoy.exe.exe
[2010/08/29 00:51:10 | 000,000,745 | ---- | M] () -- C:\Documents and Settings\Nick\Desktop\Shortcut to iexplore.lnk
[2010/08/28 11:30:15 | 000,113,135 | ---- | M] () -- C:\Documents and Settings\All Users\Documents\stuffed cabbage.htm
[2010/08/26 18:24:42 | 000,000,284 | ---- | M] () -- C:\WINDOWS\tasks\RealUpgradeScheduledTaskS-1-5-21-299502267-796845957-682003330-1003.job
[2010/08/18 09:33:50 | 000,000,624 | ---- | M] () -- C:\WINDOWS\win.ini
[2010/08/18 09:33:50 | 000,000,227 | ---- | M] () -- C:\WINDOWS\system.ini
[2010/08/18 09:33:50 | 000,000,211 | -HS- | M] () -- C:\boot.ini
[2010/08/15 14:45:29 | 000,000,020 | -H-- | M] () -- C:\Documents and Settings\All Users\Application Data\PKP_DLdu.DAT
[2010/08/15 08:38:08 | 000,001,817 | ---- | M] () -- C:\Documents and Settings\Nick\Application Data\Microsoft\Internet Explorer\Quick Launch\Snagit 10.lnk
[2010/08/14 15:46:52 | 000,000,000 | ---- | M] () -- C:\WINDOWS\ViewNX.INI
[2010/08/14 15:46:18 | 000,000,020 | -H-- | M] () -- C:\Documents and Settings\All Users\Application Data\PKP_DLdw.DAT
[2010/08/14 15:41:49 | 000,000,268 | RH-- | M] () -- C:\Documents and Settings\All Users\Application Data\Applications
[2010/08/14 15:41:49 | 000,000,268 | RH-- | M] () -- C:\Documents and Settings\Nick\Application Data\Animals
[2010/08/14 15:39:35 | 000,000,268 | RH-- | M] () -- C:\Documents and Settings\All Users\Application Data\Application
[2010/08/14 15:39:35 | 000,000,268 | RH-- | M] () -- C:\Documents and Settings\Nick\Application Data\Analog Swirl
[2010/08/14 15:29:29 | 000,033,960 | ---- | M] () -- C:\Documents and Settings\Nick\My Documents\surrender.jpg
[2010/08/12 23:18:03 | 000,052,224 | ---- | M] () -- C:\Documents and Settings\Nick\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2010/08/11 18:27:05 | 000,154,768 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2010/08/11 18:20:54 | 000,001,374 | ---- | M] () -- C:\WINDOWS\imsins.BAK
[2010/08/11 18:19:53 | 000,488,794 | ---- | M] () -- C:\WINDOWS\System32\PerfStringBackup.INI
[2010/08/11 18:19:53 | 000,432,686 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
[2010/08/11 18:19:53 | 000,067,516 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
[2010/08/04 23:44:19 | 000,627,558 | ---- | M] () -- C:\Documents and Settings\Nick\My Documents\img021.pdf
[2010/08/04 18:08:39 | 000,002,828 | -HS- | M] () -- C:\Documents and Settings\All Users\Application Data\KGyGaAvL.sys
[2010/08/04 18:08:36 | 000,000,088 | RHS- | M] () -- C:\Documents and Settings\All Users\Application Data\11905C6389.sys
[2010/08/03 09:08:02 | 000,323,584 | ---- | M] (Stefan Toengi) -- C:\WINDOWS\System32\AUDIOGENIE2.DLL
[2010/08/01 23:21:05 | 026,850,922 | ---- | M] () -- C:\Documents and Settings\Nick\My Documents\img016.bmp
[2010/08/01 23:13:37 | 026,850,922 | ---- | M] () -- C:\Documents and Settings\Nick\My Documents\img015.bmp
[2010/07/25 02:34:00 | 000,000,456 | ---- | M] () -- C:\WINDOWS\tasks\Driver Robot.job
[2010/07/22 08:00:18 | 000,476,558 | ---- | M] () -- C:\Documents and Settings\Nick\My Documents\img014.pdf
[2010/07/13 19:18:17 | 000,000,075 | ---- | M] () -- C:\WINDOWS\cdplayer.ini
[2010/07/13 19:14:08 | 000,035,936 | ---- | M] () -- C:\Documents and Settings\Nick\Local Settings\Application Data\GDIPFONTCACHEV1.DAT
[2010/07/03 17:52:14 | 000,029,184 | ---- | M] () -- C:\Documents and Settings\Nick\My Documents\Testimony for Sunday.doc
[2010/07/03 16:23:01 | 000,000,504 | ---- | M] () -- C:\WINDOWS\System32\mapisvc.inf
[2010/06/28 15:54:00 | 000,000,284 | ---- | M] () -- C:\WINDOWS\tasks\AppleSoftwareUpdate.job
[2010/06/10 14:43:10 | 000,000,119 | ---- | M] () -- C:\Documents and Settings\Nick\My Documents\Files named le tiger.fnd
[2010/06/04 16:45:36 | 000,000,000 | ---- | M] () -- C:\WINDOWS\EEventManager.INI
[2010/06/04 16:18:15 | 000,000,025 | ---- | M] () -- C:\WINDOWS\CDE V30V300DEFGIPSRUk.ini
========== Files Created - No Company Name ==========
[2010/08/29 21:42:44 | 000,000,592 | ---- | C] () -- C:\Documents and Settings\Nick\Desktop\ERUNT.lnk
[2010/08/29 16:43:34 | 000,001,507 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\AVG 9.0.lnk
[2010/08/29 16:43:25 | 000,616,965 | ---- | C] () -- C:\WINDOWS\System32\drivers\Avg\iavifw.avm
[2010/08/29 16:43:25 | 000,113,461 | ---- | C] () -- C:\WINDOWS\System32\drivers\Avg\iavichjw.avm
[2010/08/29 16:43:19 | 064,052,916 | ---- | C] () -- C:\WINDOWS\System32\drivers\Avg\incavi.avm
[2010/08/29 16:43:19 | 006,061,540 | ---- | C] () -- C:\WINDOWS\System32\drivers\Avg\avi7.avg
[2010/08/29 16:43:19 | 000,492,629 | ---- | C] () -- C:\WINDOWS\System32\drivers\Avg\miniavi.avg
[2010/08/29 16:43:19 | 000,142,495 | ---- | C] () -- C:\WINDOWS\System32\drivers\Avg\microavi.avg
[2010/08/29 13:45:11 | 000,293,376 | ---- | C] () -- C:\Documents and Settings\Nick\Desktop\p4zecs3d.exe
[2010/08/29 13:10:41 | 000,293,376 | ---- | C] () -- C:\Documents and Settings\Nick\Desktop\zlt51ov0.exe
[2010/08/29 00:51:10 | 000,000,745 | ---- | C] () -- C:\Documents and Settings\Nick\Desktop\Shortcut to iexplore.lnk
[2010/08/15 08:38:08 | 000,001,817 | ---- | C] () -- C:\Documents and Settings\Nick\Application Data\Microsoft\Internet Explorer\Quick Launch\Snagit 10.lnk
[2010/08/14 15:46:52 | 000,000,000 | ---- | C] () -- C:\WINDOWS\ViewNX.INI
[2010/08/14 15:41:49 | 000,000,268 | RH-- | C] () -- C:\Documents and Settings\All Users\Application Data\Applications
[2010/08/14 15:41:49 | 000,000,268 | RH-- | C] () -- C:\Documents and Settings\Nick\Application Data\Animals
[2010/08/14 15:41:49 | 000,000,020 | -H-- | C] () -- C:\Documents and Settings\All Users\Application Data\PKP_DLdw.DAT
[2010/08/14 15:39:35 | 000,000,268 | RH-- | C] () -- C:\Documents and Settings\All Users\Application Data\Application
[2010/08/14 15:39:35 | 000,000,268 | RH-- | C] () -- C:\Documents and Settings\Nick\Application Data\Analog Swirl
[2010/08/14 15:39:35 | 000,000,020 | -H-- | C] () -- C:\Documents and Settings\All Users\Application Data\PKP_DLdu.DAT
[2010/08/14 15:29:27 | 000,033,960 | ---- | C] () -- C:\Documents and Settings\Nick\My Documents\surrender.jpg
[2010/08/04 23:44:19 | 000,627,558 | ---- | C] () -- C:\Documents and Settings\Nick\My Documents\img021.pdf
[2010/08/03 09:37:28 | 000,001,182 | ---- | C] () -- C:\Documents and Settings\All Users\Application Data\jaksta.smr.lic
[2010/08/01 23:21:05 | 026,850,922 | ---- | C] () -- C:\Documents and Settings\Nick\My Documents\img016.bmp
[2010/08/01 23:13:37 | 026,850,922 | ---- | C] () -- C:\Documents and Settings\Nick\My Documents\img015.bmp
[2010/07/22 08:00:18 | 000,476,558 | ---- | C] () -- C:\Documents and Settings\Nick\My Documents\img014.pdf
[2010/07/04 22:40:20 | 000,113,135 | ---- | C] () -- C:\Documents and Settings\All Users\Documents\stuffed cabbage.htm
[2010/07/03 17:52:14 | 000,029,184 | ---- | C] () -- C:\Documents and Settings\Nick\My Documents\Testimony for Sunday.doc
[2010/07/03 16:31:43 | 000,000,088 | RHS- | C] () -- C:\Documents and Settings\All Users\Application Data\11905C6389.sys
[2010/07/03 16:31:40 | 000,002,828 | -HS- | C] () -- C:\Documents and Settings\All Users\Application Data\KGyGaAvL.sys
[2010/07/03 16:23:00 | 000,000,504 | ---- | C] () -- C:\WINDOWS\System32\mapisvc.inf
[2010/06/10 14:43:10 | 000,000,119 | ---- | C] () -- C:\Documents and Settings\Nick\My Documents\Files named le tiger.fnd
[2010/06/04 16:45:36 | 000,000,000 | ---- | C] () -- C:\WINDOWS\EEventManager.INI
[2010/06/04 16:19:10 | 000,111,932 | ---- | C] () -- C:\WINDOWS\System32\EPPICPrinterDB.dat
[2010/06/04 16:19:10 | 000,031,053 | ---- | C] () -- C:\WINDOWS\System32\EPPICPattern131.dat
[2010/06/04 16:19:10 | 000,027,417 | ---- | C] () -- C:\WINDOWS\System32\EPPICPattern121.dat
[2010/06/04 16:19:10 | 000,026,154 | ---- | C] () -- C:\WINDOWS\System32\EPPICPattern1.dat
[2010/06/04 16:19:10 | 000,024,903 | ---- | C] () -- C:\WINDOWS\System32\EPPICPattern3.dat
[2010/06/04 16:19:10 | 000,021,390 | ---- | C] () -- C:\WINDOWS\System32\EPPICPattern5.dat
[2010/06/04 16:19:10 | 000,020,148 | ---- | C] () -- C:\WINDOWS\System32\EPPICPattern2.dat
[2010/06/04 16:19:10 | 000,013,732 | ---- | C] () -- C:\WINDOWS\System32\EPPICLocal_EN.cfg
[2010/06/04 16:19:10 | 000,011,811 | ---- | C] () -- C:\WINDOWS\System32\EPPICPattern4.dat
[2010/06/04 16:19:10 | 000,006,442 | ---- | C] () -- C:\WINDOWS\System32\EPPICLocal_IT.cfg
[2010/06/04 16:19:10 | 000,006,347 | ---- | C] () -- C:\WINDOWS\System32\EPPICLocal_PT.cfg
[2010/06/04 16:19:10 | 000,006,347 | ---- | C] () -- C:\WINDOWS\System32\EPPICLocal_BP.cfg
[2010/06/04 16:19:10 | 000,006,335 | ---- | C] () -- C:\WINDOWS\System32\EPPICLocal_GE.cfg
[2010/06/04 16:19:10 | 000,006,195 | ---- | C] () -- C:\WINDOWS\System32\EPPICLocal_FR.cfg
[2010/06/04 16:19:10 | 000,006,195 | ---- | C] () -- C:\WINDOWS\System32\EPPICLocal_CF.cfg
[2010/06/04 16:19:10 | 000,006,122 | ---- | C] () -- C:\WINDOWS\System32\EPPICLocal_DU.cfg
[2010/06/04 16:19:10 | 000,006,103 | ---- | C] () -- C:\WINDOWS\System32\EPPICLocal_ES.cfg
[2010/06/04 16:19:10 | 000,005,817 | ---- | C] () -- C:\WINDOWS\System32\EPPICLocal_KO.cfg
[2010/06/04 16:19:10 | 000,005,436 | ---- | C] () -- C:\WINDOWS\System32\EPPICLocal_SC.cfg
[2010/06/04 16:19:10 | 000,004,943 | ---- | C] () -- C:\WINDOWS\System32\EPPICPattern6.dat
[2010/06/04 16:19:10 | 000,002,889 | ---- | C] () -- C:\WINDOWS\System32\EPPICLocal_RU.cfg
[2010/06/04 16:19:10 | 000,002,426 | ---- | C] () -- C:\WINDOWS\System32\EPPICLocal_TC.cfg
[2010/06/04 16:19:10 | 000,001,146 | ---- | C] () -- C:\WINDOWS\System32\EPPICPresetData_DU.dat
[2010/06/04 16:19:10 | 000,001,139 | ---- | C] () -- C:\WINDOWS\System32\EPPICPresetData_PT.dat
[2010/06/04 16:19:10 | 000,001,139 | ---- | C] () -- C:\WINDOWS\System32\EPPICPresetData_BP.dat
[2010/06/04 16:19:10 | 000,001,136 | ---- | C] () -- C:\WINDOWS\System32\EPPICPresetData_ES.dat
[2010/06/04 16:19:10 | 000,001,129 | ---- | C] () -- C:\WINDOWS\System32\EPPICPresetData_FR.dat
[2010/06/04 16:19:10 | 000,001,129 | ---- | C] () -- C:\WINDOWS\System32\EPPICPresetData_CF.dat
[2010/06/04 16:19:10 | 000,001,120 | ---- | C] () -- C:\WINDOWS\System32\EPPICPresetData_IT.dat
[2010/06/04 16:19:10 | 000,001,107 | ---- | C] () -- C:\WINDOWS\System32\EPPICPresetData_GE.dat
[2010/06/04 16:19:10 | 000,001,104 | ---- | C] () -- C:\WINDOWS\System32\EPPICPresetData_EN.dat
[2010/06/04 16:19:10 | 000,000,097 | ---- | C] () -- C:\WINDOWS\System32\PICSDK.ini
[2010/06/04 16:18:41 | 000,065,793 | ---- | C] () -- C:\WINDOWS\System32\esfw8b.bin
[2010/06/04 16:18:15 | 000,000,025 | ---- | C] () -- C:\WINDOWS\CDE V30V300DEFGIPSRUk.ini
[2010/05/12 23:54:07 | 000,000,174 | ---- | C] () -- C:\WINDOWS\System32\MRT.INI
[2010/04/25 16:49:53 | 000,000,000 | ---- | C] () -- C:\Documents and Settings\Nick\Local Settings\Application Data\prvlcl.dat
[2010/04/25 09:02:53 | 000,014,620 | -HS- | C] () -- C:\Documents and Settings\Nick\Local Settings\Application Data\f1pKdvbneJkm
[2010/04/25 09:02:53 | 000,014,620 | -HS- | C] () -- C:\Documents and Settings\All Users\Application Data\f1pKdvbneJkm
[2010/04/21 17:54:37 | 000,001,092 | -HS- | C] () -- C:\Documents and Settings\NetworkService\Local Settings\Application Data\Ih48cYUD
[2010/04/21 17:54:37 | 000,001,092 | -HS- | C] () -- C:\Documents and Settings\All Users\Application Data\Ih48cYUD
[2010/04/19 23:00:28 | 000,014,120 | -HS- | C] () -- C:\Documents and Settings\Nick\Local Settings\Application Data\1673359747
[2010/04/19 23:00:28 | 000,014,120 | -HS- | C] () -- C:\Documents and Settings\All Users\Application Data\1673359747
[2010/04/19 17:47:37 | 000,014,112 | -HS- | C] () -- C:\Documents and Settings\Nick\Local Settings\Application Data\0757hIHSDv3
[2010/04/19 09:22:37 | 000,014,112 | -HS- | C] () -- C:\Documents and Settings\All Users\Application Data\0757hIHSDv3
[2010/02/27 22:37:21 | 000,000,029 | ---- | C] () -- C:\WINDOWS\DEBUGSM.INI
[2010/02/27 22:35:30 | 000,096,768 | ---- | C] () -- C:\WINDOWS\SlantAdj.dll
[2010/02/27 22:35:30 | 000,001,571 | ---- | C] () -- C:\WINDOWS\Faxcpp1.ini
[2010/02/27 22:35:30 | 000,000,422 | ---- | C] () -- C:\WINDOWS\Faxcpp.ini
[2010/02/27 22:35:30 | 000,000,072 | ---- | C] () -- C:\WINDOWS\System32\epDPE.ini
[2010/01/11 14:38:47 | 000,000,075 | ---- | C] () -- C:\WINDOWS\cdplayer.ini
[2009/12/31 19:19:54 | 000,000,000 | ---- | C] () -- C:\WINDOWS\muveeapp.INI
[2009/12/31 19:01:27 | 000,000,558 | ---- | C] () -- C:\WINDOWS\DFC.INI
[2009/12/31 18:10:55 | 000,363,520 | ---- | C] () -- C:\WINDOWS\System32\PsisDecd.dll
[2009/12/31 18:10:37 | 000,003,072 | ---- | C] () -- C:\WINDOWS\System32\34CoInstaller.dll
[2009/10/20 22:32:27 | 000,000,693 | ---- | C] () -- C:\Documents and Settings\All Users\Application Data\hpzinstall.log
[2009/10/05 01:06:19 | 000,524,288 | ---- | C] () -- C:\WINDOWS\System32\xvidcore.dll
[2009/10/05 01:06:19 | 000,139,264 | ---- | C] () -- C:\WINDOWS\System32\xvidvfw.dll
[2009/10/04 00:46:15 | 000,000,376 | ---- | C] () -- C:\WINDOWS\ODBC.INI
[2009/10/03 18:59:07 | 000,052,224 | ---- | C] () -- C:\Documents and Settings\Nick\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2009/10/03 17:25:44 | 000,004,256 | ---- | C] () -- C:\WINDOWS\Ascd_tmp.ini
[2009/10/03 17:25:43 | 000,010,288 | ---- | C] () -- C:\WINDOWS\System32\drivers\ASUSHWIO.SYS
[2007/10/12 13:39:43 | 001,703,936 | ---- | C] () -- C:\WINDOWS\System32\nvwdmcpl.dll
[2007/10/12 13:39:43 | 001,474,560 | ---- | C] () -- C:\WINDOWS\System32\nview.dll
[2007/10/12 13:39:43 | 001,019,904 | ---- | C] () -- C:\WINDOWS\System32\nvwimg.dll
[2007/10/12 13:39:43 | 000,466,944 | ---- | C] () -- C:\WINDOWS\System32\nvshell.dll
[2007/10/12 13:39:43 | 000,286,720 | ---- | C] () -- C:\WINDOWS\System32\nvnt4cpl.dll
[2004/08/04 13:00:00 | 000,755,200 | ---- | C] () -- C:\WINDOWS\System32\ir50_32.dll
[2004/08/04 13:00:00 | 000,338,432 | ---- | C] () -- C:\WINDOWS\System32\ir41_qcx.dll
[2004/08/04 13:00:00 | 000,200,192 | ---- | C] () -- C:\WINDOWS\System32\ir50_qc.dll
[2004/08/04 13:00:00 | 000,183,808 | ---- | C] () -- C:\WINDOWS\System32\ir50_qcx.dll
[2004/08/04 13:00:00 | 000,120,320 | ---- | C] () -- C:\WINDOWS\System32\ir41_qc.dll
[1999/01/22 13:46:58 | 000,065,536 | ---- | C] () -- C:\WINDOWS\System32\MSRTEDIT.DLL
========== LOP Check ==========
[2010/04/25 09:04:05 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\avG
[2010/08/29 16:42:52 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\avg9
[2010/07/03 16:22:44 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Borland
[2010/01/15 11:05:35 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\BVRP Software
[2010/01/24 23:25:36 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Cakewalk
[2010/08/14 15:41:49 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\EnterNHelp
[2010/08/14 15:39:35 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Flange Saw
[2010/08/14 15:41:49 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Gems
[2009/10/04 00:19:26 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\GlobalSCAPE
[2009/12/31 19:10:34 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\muvee Technologies
[2010/06/13 00:57:35 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\MyHeritage
[2010/02/02 00:46:23 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\NCH Swift Sound
[2010/08/14 15:40:17 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Nikon
[2010/08/15 08:37:54 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\TechSmith
[2010/01/11 02:08:27 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\TEMP
[2010/01/14 13:37:37 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\TomTom
[2010/08/14 15:41:49 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Ultima_T15
[2010/04/18 22:24:32 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\WinZip
[2009/10/17 09:40:27 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\{755AC846-7372-4AC8-8550-C52491DAA8BD}
[2009/12/05 02:32:54 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Nick\Application Data\Amazon
[2010/02/27 21:19:55 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Nick\Application Data\Blitware
[2010/08/29 12:58:45 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Nick\Application Data\Buur
[2010/01/24 23:36:42 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Nick\Application Data\Cakewalk
[2010/05/12 16:26:24 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Nick\Application Data\com.adobe.ExMan
[2010/06/06 13:49:07 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Nick\Application Data\EPSON
[2010/05/18 17:33:48 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Nick\Application Data\FileZilla
[2009/10/04 00:19:40 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Nick\Application Data\GlobalSCAPE
[2010/08/02 23:36:15 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Nick\Application Data\GrabPro
[2010/06/05 12:32:45 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Nick\Application Data\Leadertech
[2010/06/13 00:50:12 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Nick\Application Data\MyHeritage
[2010/08/15 14:45:32 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Nick\Application Data\Nikon
[2010/08/02 23:54:14 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Nick\Application Data\Orbit
[2010/08/29 12:59:00 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Nick\Application Data\Ovyk
[2010/01/10 20:58:22 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Nick\Application Data\PCToolsFirewallPlus
[2010/08/02 23:36:22 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Nick\Application Data\ProgSense
[2010/05/30 11:33:14 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Nick\Application Data\QuickScan
[2010/04/20 00:47:42 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Nick\Application Data\Ryane
[2010/06/21 23:20:55 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Nick\Application Data\Scalabium
[2010/01/10 20:58:15 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Nick\Application Data\Spam Monitor
[2010/08/29 17:31:15 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Nick\Application Data\Spotify
[2010/01/24 21:15:49 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Nick\Application Data\Steinberg
[2009/10/12 17:39:03 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Nick\Application Data\Thunderbird
[2010/01/14 13:36:55 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Nick\Application Data\TomTom
[2010/04/20 00:48:49 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Nick\Application Data\Utahe
[2010/08/28 12:21:51 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Nick\Application Data\uTorrent
[2010/02/27 21:16:58 | 000,000,354 | ---- | M] () -- C:\WINDOWS\Tasks\Driver Fetch.job
[2010/07/25 02:34:00 | 000,000,456 | ---- | M] () -- C:\WINDOWS\Tasks\Driver Robot.job
[2009/12/31 20:30:21 | 000,000,284 | ---- | M] () -- C:\WINDOWS\Tasks\videopadSevenDaysInit.job
[2009/12/31 20:32:09 | 000,000,278 | ---- | M] () -- C:\WINDOWS\Tasks\videopadShakeIcon.job
========== Purity Check ==========
========== Custom Scans ==========
< %SYSTEMDRIVE%\*.* >
[2009/12/31 19:11:32 | 000,000,050 | ---- | M] () -- C:\AUTOEXEC.BAT
[2010/08/18 09:33:50 | 000,000,211 | -HS- | M] () -- C:\boot.ini
[2009/10/03 17:21:13 | 000,000,000 | ---- | M] () -- C:\CONFIG.SYS
[2010/01/05 01:45:35 | 000,004,743 | ---- | M] () -- C:\DVDCLog.log
[2009/10/03 17:21:13 | 000,000,000 | RHS- | M] () -- C:\IO.SYS
[2010/04/24 20:22:24 | 000,000,109 | ---- | M] () -- C:\mbam-error.txt
[2009/10/03 17:21:13 | 000,000,000 | RHS- | M] () -- C:\MSDOS.SYS
[2004/08/04 13:00:00 | 000,047,564 | RHS- | M] () -- C:\NTDETECT.COM
[2009/10/06 10:05:34 | 000,250,048 | RHS- | M] () -- C:\ntldr
[2010/08/29 23:23:36 | 2145,386,496 | -HS- | M] () -- C:\pagefile.sys
< %systemroot%\Fonts\*.com >
[2006/04/18 15:39:28 | 000,026,040 | ---- | M] () -- C:\WINDOWS\Fonts\GlobalMonospace.CompositeFont
[2006/06/29 14:53:56 | 000,026,489 | ---- | M] () -- C:\WINDOWS\Fonts\GlobalSansSerif.CompositeFont
[2006/04/18 15:39:28 | 000,029,779 | ---- | M] () -- C:\WINDOWS\Fonts\GlobalSerif.CompositeFont
[2006/06/29 14:58:52 | 000,030,808 | ---- | M] () -- C:\WINDOWS\Fonts\GlobalUserInterface.CompositeFont
< %systemroot%\Fonts\*.dll >
< %systemroot%\Fonts\*.ini >
[2009/10/03 17:20:53 | 000,000,067 | -HS- | M] () -- C:\WINDOWS\Fonts\desktop.ini
< %systemroot%\Fonts\*.ini2 >
< %systemroot%\Fonts\*.exe >
< %systemroot%\system32\spool\prtprocs\w32x86\*.* >
[2008/07/06 13:06:10 | 000,089,088 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\spool\prtprocs\w32x86\filterpipelineprintproc.dll
[2008/07/06 11:50:03 | 000,597,504 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\spool\prtprocs\w32x86\printfilterpipelinesvc.exe
< %systemroot%\REPAIR\*.bak1 >
< %systemroot%\REPAIR\*.ini >
< %systemroot%\system32\*.jpg >
< %systemroot%\*.jpg >
< %systemroot%\*.png >
< %systemroot%\*.scr >
< %systemroot%\*._sy >
< %APPDATA%\Adobe\Update\*.* >
< %ALLUSERSPROFILE%\Favorites\*.* >
< %APPDATA%\Microsoft\*.* >
< %PROGRAMFILES%\*.* >
< %APPDATA%\Update\*.* >
< %systemroot%\*. /mp /s >
< %systemroot%\System32\config\*.sav >
[2009/10/03 18:09:39 | 000,094,208 | ---- | M] () -- C:\WINDOWS\system32\config\default.sav
[2009/10/03 18:09:39 | 000,659,456 | ---- | M] () -- C:\WINDOWS\system32\config\software.sav
[2009/10/03 18:09:39 | 000,901,120 | ---- | M] () -- C:\WINDOWS\system32\config\system.sav
< %PROGRAMFILES%\bak. /s >
< %systemroot%\system32\bak. /s >
< %ALLUSERSPROFILE%\Start Menu\*.lnk /x >
[2009/10/06 10:12:42 | 000,000,272 | -HS- | M] () -- C:\Documents and Settings\All Users\Start Menu\desktop.ini
< %systemroot%\system32\config\systemprofile\*.dat /x >
< %systemroot%\*.config >
< %systemroot%\system32\*.db >
< %APPDATA%\Microsoft\Internet Explorer\Quick Launch\*.lnk /x >
[2009/10/06 10:55:53 | 000,000,119 | -HS- | M] () -- C:\Documents and Settings\Nick\Application Data\Microsoft\Internet Explorer\Quick Launch\desktop.ini
[2009/10/03 17:24:48 | 000,000,079 | ---- | M] () -- C:\Documents and Settings\Nick\Application Data\Microsoft\Internet Explorer\Quick Launch\Show Desktop.scf
< %USERPROFILE%\Desktop\*.exe >
[2010/08/29 21:41:26 | 000,791,393 | ---- | M] (Lars Hederer ) -- C:\Documents and Settings\Nick\Desktop\erunt-setup.exe
[2010/08/29 23:28:05 | 000,574,976 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Nick\Desktop\OTL.exe
[2010/08/29 13:45:12 | 000,293,376 | ---- | M] () -- C:\Documents and Settings\Nick\Desktop\p4zecs3d.exe
[2010/08/29 21:27:28 | 000,446,464 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Nick\Desktop\TFC.exe
[2010/08/29 13:10:43 | 000,293,376 | ---- | M] () -- C:\Documents and Settings\Nick\Desktop\zlt51ov0.exe
[2010/08/29 12:15:28 | 006,153,376 | ---- | M] (Malwarebytes Corporation ) -- C:\Documents and Settings\Nick\Desktop\zztoy.exe.exe
< %PROGRAMFILES%\Common Files\*.* >
< %systemroot%\*.src >
< %systemroot%\install\*.* >
< %systemroot%\system32\DLL\*.* >
< %systemroot%\system32\HelpFiles\*.* >
< %systemroot%\system32\rundll\*.* >
< %systemroot%\winn32\*.* >
< %systemroot%\Java\*.* >
< %systemroot%\system32\test\*.* >
< %systemroot%\system32\Rundll32\*.* >
< %systemroot%\AppPatch\Custom\*.* >
< %APPDATA%\Roaming\Microsoft\Windows\Recent\*.lnk /x >
< %PROGRAMFILES%\PC-Doctor\Downloads\*.* >
< %PROGRAMFILES%\Internet Explorer\*.tmp >
< %PROGRAMFILES%\Internet Explorer\*.dat >
< %USERPROFILE%\My Documents\*.exe >
< %USERPROFILE%\*.exe >
< %systemroot%\ADDINS\*.* >
< %systemroot%\assembly\*.bak2 >
< %systemroot%\Config\*.* >
< %systemroot%\REPAIR\*.bak2 >
< %systemroot%\SECURITY\Database\*.sdb /x >
< %systemroot%\SYSTEM\*.bak2 >
< %systemroot%\Web\*.bak2 >
< %systemroot%\Driver Cache\*.* >
< %PROGRAMFILES%\Mozilla Firefox\0*.exe >
< %ProgramFiles%\Microsoft Common\*.* >
< %ProgramFiles%\TinyProxy. >
< %USERPROFILE%\Favorites\*.url /x >
[2005/08/03 11:13:24 | 000,000,122 | -HS- | M] () -- C:\Documents and Settings\Nick\Favorites\Desktop.ini
[2010/02/02 00:46:22 | 000,000,274 | ---- | M] () -- C:\Documents and Settings\Nick\Favorites\NCH Audio and Telephony Software.lnk
[2010/02/02 00:49:55 | 000,000,228 | ---- | M] () -- C:\Documents and Settings\Nick\Favorites\NCH Software Download.lnk
< %systemroot%\system32\*.bk >
< %systemroot%\*.te >
< %systemroot%\system32\system32\*.* >
< %ALLUSERSPROFILE%\*.dat /x >
< HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate\AU >
< HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update\Results\Install|LastSuccessTime /rs >
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update\Results\Install\\LastSuccessTime: 2010-08-11 17:21:20
========== Alternate Data Streams ==========
@Alternate Data Stream - 120 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:A1063995
@Alternate Data Stream - 108 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:430C6D84
@Alternate Data Stream - 100 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:5160F090
< End of report >
OTL Extras logfile created on: 29/08/2010 23:29:11 - Run 1
OTL by OldTimer - Version 3.2.11.0 Folder = C:\Documents and Settings\Nick\Desktop
Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 6.0.2900.5512)
Locale: 00000809 | Country: United Kingdom | Language: ENG | Date Format: dd/MM/yyyy
2.00 Gb Total Physical Memory | 1.00 Gb Available Physical Memory | 73.00% Memory free
4.00 Gb Paging File | 3.00 Gb Available in Paging File | 90.00% Paging File free
Paging file location(s): C:\pagefile.sys 2046 4092 [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 465.75 Gb Total Space | 314.75 Gb Free Space | 67.58% Space Free | Partition Type: NTFS
D: Drive not present or media not loaded
Drive E: | 186.30 Gb Total Space | 16.43 Gb Free Space | 8.82% Space Free | Partition Type: NTFS
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded
Computer Name: HAL
Current User Name: Nick
Logged in as Administrator.
Current Boot Mode: Normal
Scan Mode: Current user
Company Name Whitelist: On
Skip Microsoft Files: On
File Age = 90 Days
Output = Minimal
Quick Scan
========== Extra Registry (SafeList) ==========
========== File Associations ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)
========== Shell Spawning ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
htmlfile [edit] -- "C:\Program Files\Microsoft Office\Office\msohtmed.exe" %1 (Microsoft Corporation)
htmlfile [print] -- "C:\Program Files\Microsoft Office\Office\msohtmed.exe" /p %1 (Microsoft Corporation)
jsfile [edit] -- "C:\Program Files\Macromedia\Dreamweaver 8\dreamweaver.exe" "%1" File not found
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l (Microsoft Corporation)
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
========== Security Center Settings ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"FirstRunDisabled" = 1
"AntiVirusOverride" = 1
"FirewallOverride" = 1
"AntiVirusDisableNotify" = 0
"FirewallDisableNotify" = 0
"UpdatesDisableNotify" = 0
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall" = 1
"DoNotAllowExceptions" = 0
"DisableNotifications" = 1
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1
"DoNotAllowExceptions" = 0
"DisableNotifications" = 1
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
"5353:TCP" = 5353:TCP:*:Enabled:Adobe CSI CS4
========== Authorized Applications List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"C:\Program Files\Spotify\spotify.exe" = C:\Program Files\Spotify\spotify.exe:*:Enabled:Spotify -- (Spotify Ltd)
"C:\Program Files\uTorrent\uTorrent.exe" = C:\Program Files\uTorrent\uTorrent.exe:*:Enabled:µTorrent -- (BitTorrent, Inc.)
"C:\Program Files\iTunes\iTunes.exe" = C:\Program Files\iTunes\iTunes.exe:*:Enabled:iTunes -- (Apple Inc.)
"C:\Program Files\Common Files\Adobe\CS4ServiceManager\CS4ServiceManager.exe" = C:\Program Files\Common Files\Adobe\CS4ServiceManager\CS4ServiceManager.exe:*:Enabled:Adobe CSI CS4 -- (Adobe Systems Incorporated)
========== HKEY_LOCAL_MACHINE Uninstall List ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"_{DE6DE4A1-0343-4DBE-9DC2-E667AA03F579}" = WordPerfect Office X5
"{00000409-78E1-11D2-B60F-006097C998E7}" = Microsoft Office 2000 Premium
"{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}" = Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148
"{00ADFB20-AE75-46F4-AD2C-F48B15AC3100}" = Adobe Color NA Recommended Settings CS4
"{02E89EFC-7B07-4D5A-AA03-9EC0902914EE}" = VC 9.0 Runtime
"{045ACD95-9D51-4309-A556-21A6A9617974}" = Advanced Outlook Express DBX Recovery
"{05308C4E-7285-4066-BAE3-6B50DA6ED755}" = Adobe Update Manager CS4
"{054EFA56-2AC1-48F4-A883-0AB89874B972}" = Adobe Extension Manager CS4
"{07287123-B8AC-41CE-8346-3D777245C35B}" = Bonjour
"{0837A661-FEC3-48B3-876C-91E7D32048A9}" = Macromedia Dreamweaver 8
"{098727E1-775A-4450-B573-3F441F1CA243}" = kuler
"{0D6013AB-A0C7-41DC-973C-E93129C9A29F}" = Adobe Color JA Extra Settings CS4
"{0F723FC1-7606-4867-866C-CE80AD292DAF}" = Adobe CSI CS4
"{105CFC7C-6992-11D5-BD9D-000102C10FD8}" = LizardTech DjVu Control
"{13EBF9E8-82FF-47D0-A324-534B79EF7F71}" = WordPerfect Office X5 - WT
"{14AFE241-FC6E-4FDB-BCA0-7AD6F4974171}" = Adobe Setup
"{1618734A-3957-4ADD-8199-F973763109A8}" = Adobe Anchor Service CS4
"{16E16F01-2E2D-4248-A42F-76261C147B6C}" = Adobe Drive CS4
"{16E6D2C1-7C90-4309-8EC4-D2212690AAA4}" = AdobeColorCommonSetRGB
"{17C5A285-F7B6-492B-8F3B-343D02B84D75}" = WordPerfect Office X5 - Common
"{197A3012-8C85-4FD3-AB66-9EC7E13DB92E}" = Adobe AIR
"{19B4CD07-1919-4002-B28F-A5D2027026E0}" = WordPerfect Office X5 - IPM
"{1F0D7D15-8A36-4AE4-8573-70BEA7DF379D}" = WordPerfect Office X5 - Migration Manager
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{1F63ED0B-EDD2-4037-B6AB-1358C624AF48}" = Scan
"{2168245A-B5AD-40D8-A641-48E3E070B5B6}" = Adobe Flash CS4 STI-en
"{237CD223-1B9D-47E8-A76C-E478B83CCEA2}" = File Uploader
"{26A24AE4-039D-4CA4-87B4-2F83216016FF}" = Java™ 6 Update 16
"{2FFE93F0-BB72-4E52-8761-354D1AAA9387}" = Sony Ericsson PC Suite 6.011.00
"{30C8AA56-4088-426F-91D1-0EDFD3A25678}" = Adobe Dreamweaver CS4
"{350C97B0-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP
"{35D94F92-1D3A-43C5-8605-EA268B1A7BD9}" = PDF Settings CS4
"{378BAC91-3AE8-45F0-90E4-4F81E3EAEBC5}" = WordPerfect Office X5 - PR
"{39F6E2B4-CFE8-C30A-66E8-489651F0F34C}" = Adobe Media Player
"{3A4E8896-C2E7-4084-A4A4-B8FD1894E739}" = Adobe XMP Panels CS4
"{3A6829EF-0791-4FDD-9382-C690DD0821B9}" = Adobe Flash Player 10 ActiveX
"{3DA8DF9A-044E-46C4-8531-DEDBB0EE37FF}" = Adobe WinSoft Linguistics Plugin
"{3FA365DF-2D68-45ED-8F83-8C8A33E65143}" = Apple Application Support
"{43509E18-076E-40FE-AF38-CA5ED400A5A9}" = Pixel Bender Toolkit
"{4873CC58-69D8-490D-9E5C-001DC2EE2010}" = WordPerfect Lightning - Messages
"{4873CC58-69D8-490D-9E5C-001DC2EE2020}" = WordPerfect Lightning - IPM
"{48F22622-1CC2-4A83-9C1E-644DD96F832D}" = Epson Event Manager
"{4943EFF5-229F-435D-BEA9-BE3CAEA783A7}" = Adobe Service Manager Extension
"{52D97366-9779-43AB-98A2-91600DCD9102}" = Enterprise
"{531F0013-964C-4BE6-B382-4117DC8BCDF9}" = ArcSoft MediaImpression
"{5546CDB5-2CE2-498B-B059-5B3BF81FC41F}" = Macromedia Extension Manager
"{5570C7F0-43D0-4916-8A9E-AEDD52FA86F4}" = Adobe Color EU Extra Settings CS4
"{597E70FF-7C46-4EED-8092-91B7C2E0529D}" = Google SketchUp 7
"{5BCC634A-58AD-42F9-B3C6-2EA52F81CF85}" = Snagit 10
"{60DB5894-B5A1-4B62-B0F3-669A22C0EE5D}" = Adobe Dynamiclink Support
"{64459BD5-3AE8-4689-B7B0-D57B667D8399}" = WordPerfect Office X5 - PerfectExperts EN
"{67ED9603-CB76-4338-B7B0-690FE144C4DA}" = WordPerfect Lightning
"{67F0E67A-8E93-4C2C-B29D-47C48262738A}" = Adobe Device Central CS4
"{6956856F-B6B3-4BE0-BA0B-8F495BE32033}" = Apple Software Update
"{6B3CA80E-6AC0-4725-BABF-9B0FEF880CB3}" = Power Tab Editor 1.7
"{6C13C708-FF28-4991-84E6-5526A0EE677B}" = WordPerfect Office X5 - Oxford
"{6E4B1E42-A831-44B4-A705-D006F68560EC}" = WordPerfect Office X5 - Graphics
"{71D2F8EE-9D45-4D95-A6F6-F6433C2B94B5}" = WordPerfect Office X5 - System EN
"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
"{793D1D88-6141-43DE-BE58-59BCE31B4090}" = Adobe Flash CS4 Extension - Flash Lite STI en
"{7CDC26F7-D6BF-442A-B599-0075A48310F7}" = SA32xx Device Manager
"{8186FF34-D389-4B7E-9A2F-C197585BCFBD}" = Adobe Media Encoder CS4 Importer
"{820D3F45-F6EE-4AAF-81EF-CE21FF21D230}" = Adobe Type Support CS4
"{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable
"{83877DB1-8B77-45BC-AB43-2BAC22E093E0}" = Adobe Bridge CS4
"{842B4B72-9E8F-4962-B3C1-1C422A5C4434}" = Suite Shared Configuration CS4
"{87441A59-5E64-4096-A170-14EFE67200C3}" = Picture Control Utility
"{8777AC6D-89F9-4793-8266-DE406F343E89}" = QFolder
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8B7917E0-AF55-4E8A-9473-017F0AA03AC8}" = QuickTime
"{8D8B167A-ED0F-43F1-AC10-3F4379F7CBBB}" = ArcSoft MediaConverter 2.5
"{8F3C31C5-9C3A-4AA8-8EFA-71290A7AD533}" = TomTom HOME Visual Studio Merge Modules
"{92B60B3B-7DF3-4BF7-8823-9F17A9EEA31E}" = WordPerfect Office X5
"{931AB7EA-3656-4BB7-864D-022B09E3DD67}" = Adobe Linguistics CS4
"{94D398EB-D2FD-4FD1-B8C4-592635E8A191}" = Adobe CMaps CS4
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9A3EABC0-CA06-11D4-BF77-00104B130C19}" = EPSON TWAIN 5
"{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}" = Microsoft .NET Framework 3.0 Service Pack 2
"{A4EA3AB4-E78C-4286-96DF-26035507CE55}" = AiO_Scan
"{A654A805-41D9-40C7-AA46-4AF04F044D61}" = Adobe® Photoshop® Album Starter Edition 3.2
"{A6FD1334-FD75-4951-935D-08F8C7E4C6B0}" = WordPerfect Office X5 - Sharepoint
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{AA72FB28-73B4-49E5-B6B4-E78F44BBD0AD}" = Epson Copy Utility 3.5
"{AADEA55D-C834-4BCB-98A3-4B8D1C18F4EE}" = Apple Mobile Device Support
"{AC1314E7-D28C-40A1-B322-80D2868D35CE}" = HP PSC & Officejet 4.2 Corporate Edition
"{AC76BA86-7AD7-1033-7B44-A81300000003}" = Adobe Reader 8.1.3
"{AC76BA86-7AD7-2447-0000-800000000003}" = Chinese Simplified Fonts Support For Adobe Reader 8
"{ACF60000-22B9-4CE9-98D6-2CCF359BAC07}" = ABBYY FineReader 6.0 Sprint
"{B023185F-F1EF-4F97-B0BD-AE6D802226D1}" = NVIDIA WDM Drivers
"{B29AD377-CC12-490A-A480-1452337C618D}" = Connect
"{B3276CB1-20B6-4AF9-AAEC-E72C83816495}" = IKEA Home Planner
"{B5F97043-363D-4410-820E-A21D9A5D2E51}_is1" = RiffMaster Pro 3.0
"{BB4E33EC-8181-4685-96F7-8554293DEC6A}" = Adobe Output Module
"{BF5EE349-90CD-4422-A43B-661778180173}" = USB Disk Win98 Driver
"{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}" = Microsoft .NET Framework 2.0 Service Pack 2
"{C52E3EC1-048C-45E1-8D53-10B0C6509683}" = Adobe Default Language CS4
"{C9BED750-1211-4480-B1A5-718A3BE15525}" = REALTEK GbE & FE Ethernet PCI-E NIC Driver
"{CC75AB5C-2110-4A7F-AF52-708680D22FE8}" = Photoshop Camera Raw
"{CD5C6C29-E6CB-4DF3-B45F-A04087B1C294}" = WordPerfect Office X5 - Templates
"{CD95F661-A5C4-44F5-A6AA-ECDD91C240B8}" = WinZip 12.1
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{D2FCC1AE-6311-47C5-8130-C6C66D77DD71}" = Nikon Message Center
"{D4167D08-0F61-4F44-BC3F-26B4960745C4}" = WordPerfect Office X5 - Skins
"{D7643510-C1AE-44AD-B0F9-0665C4D73BFD}" = WordPerfect Office X5 - LegalTools
"{DA34FE93-5DC5-48E0-ACC8-A5389E05BB51}" = iTunes
"{DAEDCD3D-B981-4F10-B17B-764753EDAF9F}" = WordPerfect Office X5 - QP
"{DE6DE4A1-0343-4DBE-9DC2-E667AA03F579}" = WordPerfect Office X5 - Setup Files
"{DEB90B8E-0DCB-48CE-B90E-8842A2BD643E}" = Adobe Media Encoder CS4
"{E2883E8F-472F-4fb0-9522-AC9BF37916A7}" = Adobe Download Manager
"{E38C00D0-A68B-4318-A8A6-F7D4B5B1DF0E}" = Windows Media Encoder 9 Series
"{E539B721-4458-4EFC-8BD0-04D4842051AE}" = Wordperfect Office X5 - EN
"{E5FCED12-3E77-4C0E-A305-5AEB38A52A70}" = AdobeColorCommonSetCMYK
"{E67732DE-3387-4F1E-BDDA-2D0C08BC025B}" = WordPerfect Office X5 - Filters
"{E9757890-7EC5-46C8-99AB-B00F07B6525C}" = Nikon Transfer
"{EBAE381B-60A6-4863-AA9F-FCAB755BC9E5}" = ScanToWeb
"{EC61C6D9-159B-4B14-AAF3-AF33FCFA50DD}" = WordPerfect Office X5 - WP
"{EED50C97-C79E-4149-BD82-7C5A22437708}" = Adobe Setup
"{EFB21DE7-8C19-4A88-BB28-A766E16493BC}" = Adobe Photoshop CS
"{F007CBCE-D714-4C0B-8CE9-9B0D78116468}" = ViewNX
"{F0E64E2E-3A60-40D8-A55D-92F6831875DA}" = Adobe Search for Help
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F18046C5-1C4E-4BE1-A3D6-A6F970E2E8E8}" = ArcSoft Panorama Maker 5
"{F3A6EBFE-414C-4DC3-8931-83BD03784658}" = AVerHybridTV
"{F4F4F84E-804F-4E9A-84D7-C34283F0088F}" = RealUpgrade 1.0
"{F6E99614-F042-4459-82B7-8B38B2601356}" = Adobe Flash CS4
"{F6EE49FD-B736-4888-A05A-115F3B1160FA}" = WordPerfect Lightning - MSOM
"{F7B0939E-58DF-11DF-B3A6-005056806466}" = Google Earth
"{F8EF2B3F-C345-4F20-8FE4-791A20333CD5}" = Adobe ExtendScript Toolkit CS4
"{F93C84A6-0DC6-42AF-89FA-776F7C377353}" = Adobe PDF Library Files CS4
"Adobe AIR" = Adobe AIR
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"Adobe_a68eec966ce913ddaa63251dc82ed31" = Adobe Flash CS4 Professional
"Adobe_acce07fd2c8fe7f9e3f26243e626578" = Adobe Dreamweaver CS4
"Adobe® Photoshop® Album Starter Edition 3.2" = Adobe® Photoshop® Album Starter Edition 3.2
"Amazon MP3 Downloader" = Amazon MP3 Downloader 1.0.8
"Applet_App" = Applet_App
"Applet_Copy" = Applet_Copy
"Applet_Creativity" = Applet_Creativity
"Applet_Email" = Applet_Email
"Applet_Epp" = Applet_Epp
"Applet_File" = Applet_File
"Applet_OCR" = Applet_OCR
"Applet_Web" = Applet_Web
"AutocompletePro2_is1" = AutocompletePro
"AVG9Uninstall" = AVG 9.0
"AVS Video Tools 5.1_is1" = AVS Video Tools 5.1
"AVSDiscCreator_is1" = AVS Disc Creator version 2.1
"com.adobe.amp.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1" = Adobe Media Player
"Copy Utility" = Copy Utility
"CuteFTP" = CuteFTP
"DVD Shrink_is1" = DVD Shrink 3.2
"EncFlac" = EncFlac 1.1.2
"EPSON PERFECTION V30_V300 PHOTO User’s Guide" = EPSON PERFECTION V30_V300 PHOTO Manual
"EPSON Photo Print" = EPSON Photo Print
"EPSON Scanner" = EPSON Scan
"EPSON Smart Panel" = EPSON Smart Panel
"ERUNT_is1" = ERUNT 1.1j
"FeedForAll v2.0" = FeedForAll v2.0
"get_iplayer" = get_iplayer 2.44+
"Google Chrome" = Google Chrome
"Guitar Pro 5_is1" = Guitar Pro 5.2
"iCoolPlayer_is1" = iCoolPlayer 1.0
"in2site 1.006 (UK)" = in2site 1.006 (UK)
"InstallShield_{F3A6EBFE-414C-4DC3-8931-83BD03784658}" = AVerHybridTV
"IrfanView" = IrfanView (remove only)
"Magic FLAC to MP3 Converter_is1" = Magic FLAC to MP3 Converter 3.71
"Magic Video Studio_is1" = Magic Video Studio Trial Version (English) 8.0.1.18
"Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware
"McAfee Security Scan" = McAfee Security Scan Plus
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"MKV Player_is1" = MKV Player 2.0
"Mozilla Firefox (3.6.8)" = Mozilla Firefox (3.6.8)
"MSCompPackV1" = Microsoft Compression Client Pack 1.0 for Windows XP
"Nero - Burning Rom!UninstallKey" = Ahead Nero Burning ROM
"NVIDIA Drivers" = NVIDIA Drivers
"PitchScope_is1" = PitchScope 1.0
"RealPlayer 12.0" = RealPlayer
"SONAR6Producer_is1" = SONAR 6 Producer Edition
"Spotify" = Spotify
"TomTom HOME" = TomTom HOME 2.7.5.2014
"ToolBox" = NCH Toolbox
"TwelveKeys" = TwelveKeys Music Transcription Software
"Vtune_is1" = Vtune 5.3
"Windows Media Encoder 9" = Windows Media Encoder 9 Series
"Windows Media Format Runtime" = Windows Media Format 11 runtime
"Windows Media Player" = Windows Media Player 11
"Windows XP Service Pack" = Windows XP Service Pack 3
"WMFDist11" = Windows Media Format 11 runtime
"wmp11" = Windows Media Player 11
"Wudf01000" = Microsoft User-Mode Driver Framework Feature Pack 1.0
"Xvid_is1" = Xvid 1.1.2 final uninstall
========== HKEY_CURRENT_USER Uninstall List ==========
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"FileZilla Client" = FileZilla Client 3.3.2.1
"uTorrent" = µTorrent
========== Last 10 Event Log Errors ==========
[ Application Events ]
Error - 13/05/2010 12:59:24 | Computer Name = HAL | Source = Application Hang | ID = 1002
Description = Hanging application GP5.exe, version 5.2.0.0, hang module hungapp,
version 0.0.0.0, hang address 0x00000000.
Error - 13/05/2010 20:50:24 | Computer Name = HAL | Source = crypt32 | ID = 131080
Description = Failed auto update retrieval of third-party root list sequence number
from: <http://www.download....uthrootseq.txt>
with error: The connection with the server was terminated abnormally
Error - 13/05/2010 20:50:25 | Computer Name = HAL | Source = crypt32 | ID = 131080
Description = Failed auto update retrieval of third-party root list sequence number
from: <http://www.download....uthrootseq.txt>
with error: This network connection does not exist.
Error - 14/05/2010 00:12:17 | Computer Name = HAL | Source = Application Error | ID = 1000
Description = Faulting application svchost.exe, version 5.1.2600.5512, faulting
module Flash10c.ocx, version 10.0.32.18, fault address 0x000e672a.
Error - 14/05/2010 00:22:35 | Computer Name = HAL | Source = crypt32 | ID = 131080
Description = Failed auto update retrieval of third-party root list sequence number
from: <http://www.download....uthrootseq.txt>
with error: The connection with the server was terminated abnormally
Error - 14/05/2010 00:22:35 | Computer Name = HAL | Source = crypt32 | ID = 131080
Description = Failed auto update retrieval of third-party root list sequence number
from: <http://www.download....uthrootseq.txt>
with error: This network connection does not exist.
Error - 14/05/2010 00:52:36 | Computer Name = HAL | Source = crypt32 | ID = 131080
Description = Failed auto update retrieval of third-party root list sequence number
from: <http://www.download....uthrootseq.txt>
with error: The connection with the server was terminated abnormally
Error - 14/05/2010 00:52:36 | Computer Name = HAL | Source = crypt32 | ID = 131080
Description = Failed auto update retrieval of third-party root list sequence number
from: <http://www.download....uthrootseq.txt>
with error: This network connection does not exist.
Error - 18/05/2010 18:50:10 | Computer Name = HAL | Source = TomTomHOMEService | ID = 10000
Description =
Error - 26/06/2010 05:55:12 | Computer Name = HAL | Source = Application Error | ID = 1000
Description = Faulting application vsmon.exe, version 8.0.298.0, faulting module
vsmon.exe, version 8.0.298.0, fault address 0x0002f4b4.
[ System Events ]
Error - 29/08/2010 16:50:07 | Computer Name = HAL | Source = Service Control Manager | ID = 7026
Description = The following boot-start or system-start driver(s) failed to load:
TfFsMon TfSysMon
Error - 29/08/2010 17:12:29 | Computer Name = HAL | Source = Service Control Manager | ID = 7000
Description = The Print Port Scanner Driver service failed to start due to the following
error: %%1058
Error - 29/08/2010 17:12:32 | Computer Name = HAL | Source = Service Control Manager | ID = 7026
Description = The following boot-start or system-start driver(s) failed to load:
TfFsMon TfSysMon
Error - 29/08/2010 17:57:10 | Computer Name = HAL | Source = Service Control Manager | ID = 7011
Description = Timeout (30000 milliseconds) waiting for a transaction response from
the stisvc service.
Error - 29/08/2010 17:57:10 | Computer Name = HAL | Source = Service Control Manager | ID = 7011
Description = Timeout (30000 milliseconds) waiting for a transaction response from
the avg9wd service.
Error - 29/08/2010 17:57:10 | Computer Name = HAL | Source = Service Control Manager | ID = 7011
Description = Timeout (30000 milliseconds) waiting for a transaction response from
the avg9wd service.
Error - 29/08/2010 18:03:28 | Computer Name = HAL | Source = Service Control Manager | ID = 7000
Description = The Print Port Scanner Driver service failed to start due to the following
error: %%1058
Error - 29/08/2010 18:03:39 | Computer Name = HAL | Source = Service Control Manager | ID = 7026
Description = The following boot-start or system-start driver(s) failed to load:
TfFsMon TfSysMon
Error - 29/08/2010 18:24:10 | Computer Name = HAL | Source = Service Control Manager | ID = 7000
Description = The Print Port Scanner Driver service failed to start due to the following
error: %%1058
Error - 29/08/2010 18:24:14 | Computer Name = HAL | Source = Service Control Manager | ID = 7026
Description = The following boot-start or system-start driver(s) failed to load:
TfFsMon TfSysMon
< End of report >
Sign In
Create Account
