I am posting this for a friend (I have borrowed her computer to clean it up). A few months ago she got some bad malware, through one of those "Your computer has been infected" popups which she clicked on. She's gotten it 'removed' a few times at computers stores and it always came back.
Right now, I've went through all the basic cleaning guides and done lots of scans, everything seems to come out clean. I'm hoping someone can review these and see if anything stands out, since I don't know if it will 'flare up' again.
She says that it periodically comes back, when she is just browsing the internet, her AVG will popup to say there is a virus, it blocks it and she has to re-start her computer. Is there a way to truly eliminate it?
Her computer has also gotten incredibly slow during this time. I'm thinking that she should upgrade her RAM (2x562MB right now) but will it make a significant difference? I've done all the scans available on MyDefrag and I don't think it's had that much of an impact.
Some of the files that have been deleted using MBAM can be seen in the attached picture (I can't find the old log file).
Thanks for any help or guidance!
Maxime
MALWAREBYTES LOG
Malwarebytes' Anti-Malware 1.45
www.malwarebytes.org
Database version: 4038
Windows 5.1.2600 Service Pack 2
Internet Explorer 6.0.2900.2180
8/24/2010 6:29:01 PM
mbam-log-2010-08-24 (18-29-01).txt
Scan type: Quick scan
Objects scanned: 110174
Time elapsed: 9 minute(s), 55 second(s)
Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 0
Registry Values Infected: 0
Registry Data Items Infected: 0
Folders Infected: 0
Files Infected: 0
Memory Processes Infected:
(No malicious items detected)
Memory Modules Infected:
(No malicious items detected)
Registry Keys Infected:
(No malicious items detected)
Registry Values Infected:
(No malicious items detected)
Registry Data Items Infected:
(No malicious items detected)
Folders Infected:
(No malicious items detected)
Files Infected:
(No malicious items detected)
GMER 1.0.15.15281 - http://www.gmer.net
Rootkit scan 2010-08-30 14:55:10
Windows 5.1.2600 Service Pack 2
Running: gmer.exe; Driver: C:\DOCUME~1\Miriam\LOCALS~1\Temp\awldypob.sys
---- Devices - GMER 1.0.15 ----
AttachedDevice \Driver\Tcpip \Device\Ip avgtdix.sys (AVG Network connection watcher/AVG Technologies CZ, s.r.o.)
AttachedDevice \Driver\Kbdclass \Device\KeyboardClass0 SynTP.sys (Synaptics Touchpad Driver/Synaptics, Inc.)
AttachedDevice \Driver\Kbdclass \Device\KeyboardClass0 EABFiltr.sys (QLB PS/2 Keyboard filter driver/Hewlett-Packard Development Company, L.P.)
AttachedDevice \Driver\Kbdclass \Device\KeyboardClass1 SynTP.sys (Synaptics Touchpad Driver/Synaptics, Inc.)
AttachedDevice \Driver\Kbdclass \Device\KeyboardClass1 EABFiltr.sys (QLB PS/2 Keyboard filter driver/Hewlett-Packard Development Company, L.P.)
AttachedDevice \Driver\Tcpip \Device\Tcp avgtdix.sys (AVG Network connection watcher/AVG Technologies CZ, s.r.o.)
AttachedDevice \Driver\Tcpip \Device\Tcp fssfltr_tdi.sys (Family Safety Filter Driver (TDI)/Microsoft Corporation)
AttachedDevice \Driver\Tcpip \Device\Udp avgtdix.sys (AVG Network connection watcher/AVG Technologies CZ, s.r.o.)
AttachedDevice \Driver\Tcpip \Device\Udp fssfltr_tdi.sys (Family Safety Filter Driver (TDI)/Microsoft Corporation)
AttachedDevice \Driver\Tcpip \Device\RawIp avgtdix.sys (AVG Network connection watcher/AVG Technologies CZ, s.r.o.)
AttachedDevice \Driver\Tcpip \Device\RawIp fssfltr_tdi.sys (Family Safety Filter Driver (TDI)/Microsoft Corporation)
---- EOF - GMER 1.0.15 ----
OTL logfile created on: 8/30/2010 2:56:37 PM - Run 1
OTL by OldTimer - Version 3.2.11.0 Folder = C:\Documents and Settings\Miriam\My Documents\Downloads
Windows XP Home Edition Service Pack 2 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 6.0.2900.2180)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy
894.00 Mb Total Physical Memory | 240.00 Mb Available Physical Memory | 27.00% Memory free
2.00 Gb Paging File | 2.00 Gb Available in Paging File | 74.00% Paging File free
Paging file location(s): C:\pagefile.sys 1344 2688 [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 74.52 Gb Total Space | 32.80 Gb Free Space | 44.02% Space Free | Partition Type: NTFS
D: Drive not present or media not loaded
E: Drive not present or media not loaded
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded
Computer Name: OWNER-F9217377D
Current User Name: Miriam
Logged in as Administrator.
Current Boot Mode: Normal
Scan Mode: Current user
Company Name Whitelist: On
Skip Microsoft Files: On
File Age = 90 Days
Output = Minimal
Quick Scan
========== Processes (SafeList) ==========
PRC - C:\Documents and Settings\Miriam\My Documents\Downloads\OTL.exe (OldTimer Tools)
PRC - C:\Program Files\DivX\DivX Update\DivXUpdate.exe ()
PRC - C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)
PRC - C:\Program Files\AVG\AVG9\avgtray.exe (AVG Technologies CZ, s.r.o.)
PRC - C:\Program Files\AVG\AVG9\avgnsx.exe (AVG Technologies CZ, s.r.o.)
PRC - C:\Program Files\AVG\AVG9\avgrsx.exe (AVG Technologies CZ, s.r.o.)
PRC - C:\Program Files\AVG\AVG9\avgwdsvc.exe (AVG Technologies CZ, s.r.o.)
PRC - C:\Program Files\AVG\AVG9\avgcsrvx.exe (AVG Technologies CZ, s.r.o.)
PRC - C:\Program Files\AVG\AVG9\avgchsvx.exe (AVG Technologies CZ, s.r.o.)
PRC - C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe (Microsoft Corporation)
PRC - C:\Program Files\Seagate\SeagateManager\Sync\FreeAgentService.exe (Seagate Technology LLC)
PRC - C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe (Google Inc.)
PRC - C:\WINDOWS\explorer.exe (Microsoft Corporation)
PRC - C:\Program Files\Cisco Systems\VPN Client\cvpnd.exe (Cisco Systems, Inc.)
PRC - C:\Program Files\Canon\CAL\CALMAIN.exe (Canon Inc.)
PRC - C:\Program Files\Sony\SonicStage\SSAAD.exe ()
PRC - C:\Program Files\Common Files\Sony Shared\AVLib\SSScsiSV.exe (Sony Corporation)
========== Modules (SafeList) ==========
MOD - C:\Documents and Settings\Miriam\My Documents\Downloads\OTL.exe (OldTimer Tools)
MOD - C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.2982_x-ww_ac3f9c03\comctl32.dll (Microsoft Corporation)
MOD - C:\WINDOWS\system32\msscript.ocx (Microsoft Corporation)
========== Win32 Services (SafeList) ==========
SRV - (HidServ) -- C:\WINDOWS\System32\hidserv.dll File not found
SRV - (AppMgmt) -- C:\WINDOWS\System32\appmgmts.dll File not found
SRV - (avg9wd) -- C:\Program Files\AVG\AVG9\avgwdsvc.exe (AVG Technologies CZ, s.r.o.)
SRV - (fsssvc) -- C:\Program Files\Windows Live\Family Safety\fsssvc.exe (Microsoft Corporation)
SRV - (SeaPort) -- C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe (Microsoft Corporation)
SRV - (FreeAgentGoNext Service) -- C:\Program Files\Seagate\SeagateManager\Sync\FreeAgentService.exe (Seagate Technology LLC)
SRV - (CVPND) -- C:\Program Files\Cisco Systems\VPN Client\cvpnd.exe (Cisco Systems, Inc.)
SRV - (CCALib8) -- C:\Program Files\Canon\CAL\CALMAIN.exe (Canon Inc.)
SRV - (MSCSPTISRV) -- C:\Program Files\Common Files\Sony Shared\AVLib\MSCSPTISRV.exe (Sony Corporation)
SRV - (PACSPTISVR) -- C:\Program Files\Common Files\Sony Shared\AVLib\PACSPTISVR.exe (Sony Corporation)
SRV - (SPTISRV) -- C:\Program Files\Common Files\Sony Shared\AVLib\SPTISRV.exe (Sony Corporation)
SRV - (SSScsiSV) -- C:\Program Files\Common Files\Sony Shared\AVLib\SSScsiSV.exe (Sony Corporation)
========== Driver Services (SafeList) ==========
DRV - (SASKUTIL) -- C:\DOCUME~1\Miriam\LOCALS~1\Temp\SAS_SelfExtract\SASKUTIL.sys File not found
DRV - (SASENUM) -- C:\DOCUME~1\Miriam\LOCALS~1\Temp\SAS_SelfExtract\SASENUM.SYS File not found
DRV - (SASDIFSV) -- C:\DOCUME~1\Miriam\LOCALS~1\Temp\SAS_SelfExtract\SASDIFSV.SYS File not found
DRV - (cpuz132) -- C:\DOCUME~1\Miriam\LOCALS~1\Temp\cpuz132\cpuz132_x32.sys File not found
DRV - (AvgTdiX) -- C:\WINDOWS\system32\drivers\avgtdix.sys (AVG Technologies CZ, s.r.o.)
DRV - (AvgLdx86) -- C:\WINDOWS\system32\drivers\avgldx86.sys (AVG Technologies CZ, s.r.o.)
DRV - (AvgMfx86) -- C:\WINDOWS\system32\drivers\avgmfx86.sys (AVG Technologies CZ, s.r.o.)
DRV - (fssfltr) -- C:\WINDOWS\system32\drivers\fssfltr_tdi.sys (Microsoft Corporation)
DRV - (CVPNDRVA) -- C:\WINDOWS\system32\drivers\CVPNDRVA.sys (Cisco Systems, Inc.)
DRV - (DNE) -- C:\WINDOWS\system32\drivers\dne2000.sys (Deterministic Networks, Inc.)
DRV - (CVirtA) -- C:\WINDOWS\system32\drivers\CVirtA.sys (Cisco Systems, Inc.)
DRV - (ati2mtag) -- C:\WINDOWS\system32\drivers\ati2mtag.sys (ATI Technologies Inc.)
DRV - (HSF_DP) -- C:\WINDOWS\system32\drivers\HSF_DP.sys (Conexant Systems, Inc.)
DRV - (winachsf) -- C:\WINDOWS\system32\drivers\HSF_CNXT.sys (Conexant Systems, Inc.)
DRV - (HSFHWATI) -- C:\WINDOWS\system32\drivers\HSFHWATI.sys (Conexant Systems, Inc.)
DRV - (BCM43XX) -- C:\WINDOWS\system32\drivers\BCMWL5.SYS (Broadcom Corporation)
DRV - (CAMCHALA) -- C:\WINDOWS\system32\drivers\camc6hal.sys (Conexant Systems Inc.)
DRV - (CAMCAUD) -- C:\WINDOWS\system32\drivers\camc6aud.sys (Conexant Systems Inc.)
DRV - (RTL8023xp) -- C:\WINDOWS\system32\drivers\Rtlnicxp.sys (Realtek Semiconductor Corporation )
DRV - (SynTP) -- C:\WINDOWS\system32\drivers\SynTP.sys (Synaptics, Inc.)
DRV - (eabfiltr) -- C:\WINDOWS\system32\drivers\eabfiltr.sys (Hewlett-Packard Development Company, L.P.)
DRV - (eabusb) -- C:\WINDOWS\system32\drivers\EabUsb.sys (Hewlett-Packard Development Company, L.P.)
DRV - (AmdK8) -- C:\WINDOWS\system32\drivers\AmdK8.sys (Advanced Micro Devices)
DRV - (Afc) -- C:\WINDOWS\system32\drivers\afc.sys (Arcsoft, Inc.)
DRV - (SQTECH930B) -- C:\WINDOWS\system32\drivers\Capt930b.sys ()
DRV - (vsdatant) -- C:\WINDOWS\system32\vsdatant.sys (Zone Labs LLC)
DRV - (usbaudio) USB Audio Driver (WDM) -- C:\WINDOWS\system32\drivers\USBAUDIO.sys (Microsoft Corporation)
DRV - (rtl8139) Realtek RTL8139(A/B/C) -- C:\WINDOWS\system32\drivers\RTL8139.sys (Realtek Semiconductor Corporation)
DRV - (Iviaspi) -- C:\WINDOWS\system32\drivers\iviaspi.sys (InterVideo, Inc.)
DRV - (pfc) -- C:\WINDOWS\system32\drivers\pfc.sys (Padus, Inc.)
========== Standard Registry (SafeList) ==========
========== Internet Explorer ==========
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.hp.com
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.google.com/ie
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL = http://www.google.com/ie
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.google.com/ie
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.google.com/ie
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.google.com
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.ca/
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL = http://www.google.com/ie
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.google.com/ie
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local
========== FireFox ==========
FF - prefs.js..browser.startup.homepage: "http://www.bbc.co.uk/"
FF - prefs.js..extensions.enabledItems: {3f963a5b-e555-4543-90e2-c3908898db71}:9.0.0.845
FF - prefs.js..extensions.enabledItems: {d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}:1.2.1
FF - prefs.js..extensions.enabledItems: [email protected]:1.0
FF - HKLM\software\mozilla\Firefox\extensions\\{3f963a5b-e555-4543-90e2-c3908898db71}: C:\Program Files\AVG\AVG9\Firefox [2010/07/20 17:12:04 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.5.11\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2010/08/17 20:56:42 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.5.11\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2010/07/22 18:47:39 | 000,000,000 | ---D | M]
[2009/11/02 21:52:58 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Miriam\Application Data\Mozilla\Extensions
[2010/08/30 13:29:59 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Miriam\Application Data\Mozilla\Firefox\Profiles\r0v3jcov.default\extensions
[2009/11/06 19:06:13 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Documents and Settings\Miriam\Application Data\Mozilla\Firefox\Profiles\r0v3jcov.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}
[2010/07/26 17:34:09 | 000,000,000 | ---D | M] (Adblock Plus) -- C:\Documents and Settings\Miriam\Application Data\Mozilla\Firefox\Profiles\r0v3jcov.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}
[2010/08/30 13:29:59 | 000,000,000 | ---D | M] -- C:\Program Files\Mozilla Firefox\extensions
O1 HOSTS File: ([2004/08/04 09:00:00 | 000,000,734 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (Adobe PDF Reader Link Helper) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
O2 - BHO: (AVG Safe Search) - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG9\avgssie.dll (AVG Technologies CZ, s.r.o.)
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - No CLSID value found.
O2 - BHO: (Search Helper) - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll (Microsoft Corporation)
O2 - BHO: (Google Toolbar Helper) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll ()
O2 - BHO: (Skype add-on for Internet Explorer) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O2 - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.4.4525.1752\swg.dll (Google Inc.)
O2 - BHO: (Google Dictionary Compression sdch) - {C84D72FE-E17D-4195-BB24-76C02E2E7C4E} - C:\Program Files\Google\Google Toolbar\Component\fastsearch_219B3E1547538286.dll (Google Inc.)
O2 - BHO: (Windows Live Toolbar Helper) - {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} - C:\Program Files\Windows Live\Toolbar\wltcore.dll (Microsoft Corporation)
O3 - HKLM\..\Toolbar: (no name) - - No CLSID value found.
O3 - HKLM\..\Toolbar: (&Windows Live Toolbar) - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Program Files\Windows Live\Toolbar\wltcore.dll (Microsoft Corporation)
O3 - HKLM\..\Toolbar: (&Google Toolbar) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll ()
O3 - HKLM\..\Toolbar: (Easy-WebPrint) - {327C2873-E90D-4c37-AA9D-10AC9BABA46C} - C:\Program Files\Canon\Easy-WebPrint\Toolband.dll ()
O3 - HKLM\..\Toolbar: (HP view) - {B2847E28-5D7D-4DEB-8B67-05D28BCF79F5} - C:\Program Files\Hp\Digital Imaging\bin\HPDTLK02.dll (Hewlett-Packard Company)
O3 - HKCU\..\Toolbar\ShellBrowser: (&Google Toolbar) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll ()
O3 - HKCU\..\Toolbar\ShellBrowser: (HP view) - {B2847E28-5D7D-4DEB-8B67-05D28BCF79F5} - C:\Program Files\Hp\Digital Imaging\bin\HPDTLK02.dll (Hewlett-Packard Company)
O3 - HKCU\..\Toolbar\WebBrowser: (&Windows Live Toolbar) - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Program Files\Windows Live\Toolbar\wltcore.dll (Microsoft Corporation)
O3 - HKCU\..\Toolbar\WebBrowser: (&Google Toolbar) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll ()
O3 - HKCU\..\Toolbar\WebBrowser: (HP view) - {B2847E28-5D7D-4DEB-8B67-05D28BCF79F5} - C:\Program Files\Hp\Digital Imaging\bin\HPDTLK02.dll (Hewlett-Packard Company)
O4 - HKLM..\Run: [AVG9_TRAY] C:\Program Files\AVG\AVG9\avgtray.exe (AVG Technologies CZ, s.r.o.)
O4 - HKLM..\Run: [DivXUpdate] C:\Program Files\DivX\DivX Update\DivXUpdate.exe ()
O4 - HKLM..\Run: [SsAAD.exe] C:\Program Files\Sony\SonicStage\SSAAD.exe ()
O4 - HKCU..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe (Google Inc.)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoCDBurning = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O8 - Extra context menu item: Add to Google Photos Screensa&ver - C:\WINDOWS\System32\GPhotos.scr (Google Inc.)
O8 - Extra context menu item: E&xport to Microsoft Excel - C:\Program Files\Microsoft Office\Office10\EXCEL.EXE (Microsoft Corporation)
O8 - Extra context menu item: Easy-WebPrint Add To Print List - C:\Program Files\Canon\Easy-WebPrint\Resource.dll ()
O8 - Extra context menu item: Easy-WebPrint High Speed Print - C:\Program Files\Canon\Easy-WebPrint\Resource.dll ()
O8 - Extra context menu item: Easy-WebPrint Preview - C:\Program Files\Canon\Easy-WebPrint\Resource.dll ()
O8 - Extra context menu item: Easy-WebPrint Print - C:\Program Files\Canon\Easy-WebPrint\Resource.dll ()
O8 - Extra context menu item: Open in new background tab - C:\Program Files\Windows Live Toolbar\Components\en-us\msntabres.dll.mui (Microsoft Corporation)
O8 - Extra context menu item: Open in new foreground tab - C:\Program Files\Windows Live Toolbar\Components\en-us\msntabres.dll.mui (Microsoft Corporation)
O9 - Extra Button: Blog This - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : &Blog This in Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll (Microsoft Corporation)
O9 - Extra Button: Skype add-on for Internet Explorer - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra 'Tools' menuitem : Skype add-on for Internet Explorer - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O16 - DPF: {0CCA191D-13A6-4E29-B746-314DEE697D83} http://upload.facebo...toUploader5.cab (Facebook Photo Uploader 5 Control)
O16 - DPF: {5C6698D9-7BE4-4122-8EC5-291D84DBD4A0} http://upload.facebo...toUploader3.cab (Facebook Photo Uploader 4 Control)
O16 - DPF: {8100D56A-5661-482C-BEE8-AFECE305D968} http://upload.facebo...oUploader55.cab (Facebook Photo Uploader 5 Control)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_15)
O16 - DPF: {B3E32D88-8E7F-468F-B0E2-3A300FD4A82C} http://myitlab.pears...ces/ax/stub.cab (Enlite 2.x Simulation Engine Installer)
O16 - DPF: {CAFEEFAC-0015-0000-0005-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0015-0000-0006-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0016-0000-0015-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_15)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_15)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.0.1
O18 - Protocol\Handler\linkscanner {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG9\avgpp.dll (AVG Technologies CZ, s.r.o.)
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O18 - Protocol\Handler\wlmailhtml {03C514A3-1EFB-4856-9F99-10D7BE1653C0} - C:\Program Files\Windows Live\Mail\mailcomm.dll (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - Winlogon\Notify\AtiExtEvent: DllName - Ati2evxx.dll - C:\WINDOWS\System32\ati2evxx.dll (ATI Technologies Inc.)
O20 - Winlogon\Notify\avgrsstarter: DllName - avgrsstx.dll - C:\WINDOWS\System32\avgrsstx.dll (AVG Technologies CZ, s.r.o.)
O24 - Desktop WallPaper: C:\Documents and Settings\Miriam\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O24 - Desktop BackupWallPaper: C:\Documents and Settings\Miriam\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2006/03/17 18:53:21 | 000,000,050 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O33 - MountPoints2\{1ecfebdc-3598-11de-b7cd-0014a570a2bc}\Shell\AutoRun\command - "" = NADFOLDER\autorun.exe
O33 - MountPoints2\{1ecfebdc-3598-11de-b7cd-0014a570a2bc}\Shell\open\command - "" = NADFOLDER\autorun.exe
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = ComFile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKCU\...exe [@ = exefile] -- Reg Error: Key error. File not found
NetSvcs: 6to4 - File not found
NetSvcs: AppMgmt - C:\WINDOWS\System32\appmgmts.dll File not found
NetSvcs: HidServ - C:\WINDOWS\System32\hidserv.dll File not found
NetSvcs: Ias - File not found
NetSvcs: Iprip - File not found
NetSvcs: Irmon - File not found
NetSvcs: NWCWorkstation - File not found
NetSvcs: Nwsapagent - File not found
NetSvcs: Wmi - C:\WINDOWS\System32\wmi.dll (Microsoft Corporation)
NetSvcs: WmdmPmSp - File not found
Drivers32: msacm.iac2 - C:\WINDOWS\system32\iac25_32.ax (Intel Corporation)
Drivers32: msacm.l3acm - C:\WINDOWS\system32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: msacm.siren - C:\WINDOWS\System32\sirenacm.dll (Microsoft Corporation)
Drivers32: msacm.sl_anet - C:\WINDOWS\System32\sl_anet.acm (Sipro Lab Telecom Inc.)
Drivers32: msacm.trspch - C:\WINDOWS\System32\tssoft32.acm (DSP GROUP, INC.)
Drivers32: MSVideo8 - C:\WINDOWS\System32\vfwwdm32.dll (Microsoft Corporation)
Drivers32: vidc.cvid - C:\WINDOWS\System32\iccvid.dll (Radius Inc.)
Drivers32: vidc.DIVX - C:\WINDOWS\System32\DivX.dll (DivX, Inc.)
Drivers32: vidc.iv31 - C:\WINDOWS\System32\ir32_32.dll ()
Drivers32: vidc.iv32 - C:\WINDOWS\System32\ir32_32.dll ()
Drivers32: vidc.iv41 - C:\WINDOWS\System32\ir41_32.ax (Intel Corporation)
Drivers32: vidc.iv50 - C:\WINDOWS\System32\ir50_32.dll (Intel Corporation)
Drivers32: vidc.LEAD - LCODCCMP.DLL File not found
Drivers32: vidc.yv12 - C:\WINDOWS\System32\DivX.dll (DivX, Inc.)
CREATERESTOREPOINT
Restore point Set: OTL Restore Point (54619756233228288)
========== Files/Folders - Created Within 90 Days ==========
[2010/08/24 20:12:43 | 000,000,000 | ---D | C] -- C:\Program Files\MyDefrag v4.3.1
[2010/08/24 18:17:51 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Miriam\Application Data\DivX
[2010/08/24 18:11:43 | 000,000,000 | ---D | C] -- C:\Program Files\ERUNT
[2010/08/24 17:56:18 | 000,446,464 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\Miriam\Desktop\TFC.exe
[2010/07/29 19:45:03 | 000,000,000 | ---D | C] -- C:\Documents and Settings\LocalService\Local Settings\Application Data\HP
[2010/06/22 19:40:31 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Miriam\Application Data\Facebook
[2010/06/22 19:34:54 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Skype
========== Files - Modified Within 90 Days ==========
[2010/08/30 13:52:10 | 000,130,903 | ---- | M] () -- C:\Documents and Settings\Miriam\Desktop\malware.JPG
[2010/08/30 12:45:16 | 000,000,000 | ---- | M] () -- C:\Documents and Settings\Miriam\Local Settings\Application Data\prvlcl.dat
[2010/08/30 12:38:02 | 064,087,930 | ---- | M] () -- C:\WINDOWS\System32\drivers\Avg\incavi.avm
[2010/08/30 12:32:27 | 000,002,206 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2010/08/30 12:31:25 | 000,000,006 | -H-- | M] () -- C:\WINDOWS\tasks\SA.DAT
[2010/08/30 12:31:18 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2010/08/30 12:31:16 | 937,676,800 | -HS- | M] () -- C:\hiberfil.sys
[2010/08/29 22:09:06 | 005,242,880 | -H-- | M] () -- C:\Documents and Settings\Miriam\NTUSER.DAT
[2010/08/29 22:09:06 | 000,000,278 | -HS- | M] () -- C:\Documents and Settings\Miriam\ntuser.ini
[2010/08/29 11:41:41 | 000,001,472 | ---- | M] () -- C:\Documents and Settings\Miriam\Desktop\DivX Movies.lnk
[2010/08/24 20:12:47 | 000,000,733 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\MyDefrag.lnk
[2010/08/24 19:38:22 | 000,278,152 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2010/08/24 17:58:14 | 000,002,137 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\iTunes.lnk
[2010/08/24 17:56:20 | 000,446,464 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Miriam\Desktop\TFC.exe
[2010/08/11 09:42:57 | 000,000,198 | ---- | M] () -- C:\WINDOWS\System32\MRT.INI
[2010/08/10 18:37:48 | 000,002,265 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Skype.lnk
[2010/08/09 23:17:07 | 000,035,166 | ---- | M] () -- C:\Documents and Settings\Miriam\My Documents\sexual-health.jpg
[2010/08/09 19:24:56 | 000,061,036 | -H-- | M] () -- C:\WINDOWS\System32\mlfcache.dat
[2010/08/08 17:46:58 | 000,082,137 | ---- | M] () -- C:\Documents and Settings\Miriam\My Documents\VolunteerApplicationForm.doc.pdf
[2010/08/07 22:41:48 | 000,043,008 | ---- | M] () -- C:\Documents and Settings\Miriam\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2010/07/29 19:44:53 | 000,000,129 | ---- | M] () -- C:\Documents and Settings\Miriam\Local Settings\Application Data\fusioncache.dat
[2010/07/19 19:35:47 | 000,051,712 | ---- | M] () -- C:\Documents and Settings\Miriam\Desktop\Grille d'analyse - final - with prof comments.doc
[2010/07/15 17:36:29 | 000,243,024 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\WINDOWS\System32\drivers\avgtdix.sys
[2010/07/15 17:36:27 | 000,012,536 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\WINDOWS\System32\avgrsstx.dll
[2010/07/15 17:35:27 | 000,216,400 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\WINDOWS\System32\drivers\avgldx86.sys
[2010/07/13 23:59:27 | 000,000,729 | ---- | M] () -- C:\WINDOWS\win.ini
[2010/06/22 23:09:28 | 000,502,956 | ---- | M] () -- C:\WINDOWS\System32\PerfStringBackup.INI
[2010/06/22 23:09:28 | 000,442,024 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
[2010/06/22 23:09:28 | 000,071,810 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
[2010/06/11 01:43:37 | 000,001,374 | ---- | M] () -- C:\WINDOWS\imsins.BAK
[2010/06/09 22:12:01 | 000,030,720 | ---- | M] () -- C:\Documents and Settings\Miriam\My Documents\Mom's letter.doc
[2010/06/02 19:27:14 | 000,029,584 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\WINDOWS\System32\drivers\avgmfx86.sys
========== Files Created - No Company Name ==========
[2010/08/30 13:52:10 | 000,130,903 | ---- | C] () -- C:\Documents and Settings\Miriam\Desktop\malware.JPG
[2010/08/24 20:12:47 | 000,000,733 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\MyDefrag.lnk
[2010/08/09 23:16:53 | 000,035,166 | ---- | C] () -- C:\Documents and Settings\Miriam\My Documents\sexual-health.jpg
[2010/08/09 19:24:56 | 000,061,036 | -H-- | C] () -- C:\WINDOWS\System32\mlfcache.dat
[2010/08/08 17:46:58 | 000,082,137 | ---- | C] () -- C:\Documents and Settings\Miriam\My Documents\VolunteerApplicationForm.doc.pdf
[2010/07/29 19:44:53 | 000,000,129 | ---- | C] () -- C:\Documents and Settings\Miriam\Local Settings\Application Data\fusioncache.dat
[2010/07/19 19:13:31 | 000,051,712 | ---- | C] () -- C:\Documents and Settings\Miriam\Desktop\Grille d'analyse - final - with prof comments.doc
[2010/06/22 19:34:55 | 000,002,265 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Skype.lnk
[2010/06/09 22:12:01 | 000,030,720 | ---- | C] () -- C:\Documents and Settings\Miriam\My Documents\Mom's letter.doc
[2010/05/16 00:15:24 | 000,000,000 | ---- | C] () -- C:\Documents and Settings\Miriam\Local Settings\Application Data\prvlcl.dat
[2010/05/12 22:19:05 | 000,000,198 | ---- | C] () -- C:\WINDOWS\System32\MRT.INI
[2010/04/23 13:09:16 | 000,013,668 | -HS- | C] () -- C:\Documents and Settings\All Users\Application Data\q841
[2010/04/12 21:39:36 | 000,000,232 | ---- | C] () -- C:\WINDOWS\reimage.ini
[2009/03/03 19:46:25 | 000,015,340 | ---- | C] () -- C:\WINDOWS\930TwCfg.INI
[2009/03/03 19:46:24 | 000,247,325 | ---- | C] () -- C:\WINDOWS\System32\drivers\Capt930b.sys
[2009/03/03 19:46:24 | 000,024,966 | ---- | C] () -- C:\WINDOWS\System32\drivers\Camd930b.sys
[2008/02/05 00:13:16 | 000,000,097 | ---- | C] () -- C:\WINDOWS\System32\PICSDK.ini
[2008/02/05 00:10:04 | 000,000,044 | ---- | C] () -- C:\WINDOWS\EPCX4400.ini
[2007/04/03 16:18:26 | 000,197,672 | ---- | C] () -- C:\WINDOWS\System32\vpnapi.dll
[2007/04/03 16:18:06 | 000,193,576 | ---- | C] () -- C:\WINDOWS\System32\CSGina.dll
[2006/11/01 01:49:33 | 000,000,000 | ---- | C] () -- C:\WINDOWS\iPlayer.INI
[2006/09/27 13:51:25 | 000,005,364 | ---- | C] () -- C:\Documents and Settings\Miriam\Application Data\GdiplusUpgrade_MSIApproach_Wrapper.log
[2006/09/27 13:51:25 | 000,000,206 | ---- | C] () -- C:\WINDOWS\HPGdiPlus.ini
[2006/09/12 11:29:59 | 000,000,000 | ---- | C] () -- C:\Documents and Settings\Miriam\Application Data\dm.ini
[2006/09/12 11:29:58 | 000,001,763 | ---- | C] () -- C:\Documents and Settings\Miriam\Application Data\AdobeDLM.log
[2006/07/02 12:37:30 | 000,043,008 | ---- | C] () -- C:\Documents and Settings\Miriam\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2006/06/27 21:55:01 | 000,061,678 | ---- | C] () -- C:\Documents and Settings\Miriam\Application Data\PFP110JPR.{PB
[2006/06/27 21:55:01 | 000,012,358 | ---- | C] () -- C:\Documents and Settings\Miriam\Application Data\PFP110JCM.{PB
[2006/06/27 19:40:22 | 000,008,704 | ---- | C] () -- C:\WINDOWS\System32\CNMVS75.DLL
[2006/06/27 19:34:55 | 000,000,258 | ---- | C] () -- C:\WINDOWS\System32\BDEMERGE.INI
[2006/06/27 19:29:08 | 000,002,200 | ---- | C] () -- C:\WINDOWS\ACROREAD.INI
[2006/06/27 19:10:06 | 000,001,343 | ---- | C] () -- C:\Documents and Settings\All Users\Application Data\hpzinstall.log
[2006/06/27 19:07:52 | 000,000,454 | ---- | C] () -- C:\Documents and Settings\Miriam\Application Data\wklnhst.dat
[2006/03/17 18:43:10 | 000,015,669 | ---- | C] () -- C:\WINDOWS\System32\oeminfo.ini
[2006/03/17 18:31:03 | 000,204,800 | ---- | C] () -- C:\WINDOWS\System32\IVIresizeW7.dll
[2006/03/17 18:31:03 | 000,200,704 | ---- | C] () -- C:\WINDOWS\System32\IVIresizeA6.dll
[2006/03/17 18:31:03 | 000,192,512 | ---- | C] () -- C:\WINDOWS\System32\IVIresizeP6.dll
[2006/03/17 18:31:03 | 000,192,512 | ---- | C] () -- C:\WINDOWS\System32\IVIresizeM6.dll
[2006/03/17 18:31:03 | 000,188,416 | ---- | C] () -- C:\WINDOWS\System32\IVIresizePX.dll
[2006/03/17 18:31:03 | 000,020,480 | ---- | C] () -- C:\WINDOWS\System32\IVIresize.dll
[2005/06/26 00:47:08 | 000,000,000 | ---- | C] () -- C:\WINDOWS\System32\px.ini
[2002/10/06 14:42:57 | 000,237,568 | ---- | C] () -- C:\WINDOWS\System32\OggDS.dll
[2002/10/04 19:04:25 | 000,921,600 | ---- | C] () -- C:\WINDOWS\System32\vorbisenc.dll
[2002/10/04 19:04:24 | 000,188,416 | ---- | C] () -- C:\WINDOWS\System32\vorbis.dll
[2002/10/04 19:04:17 | 000,045,056 | ---- | C] () -- C:\WINDOWS\System32\ogg.dll
[2001/10/24 16:00:40 | 000,524,288 | ---- | C] () -- C:\WINDOWS\System32\TDI-SonyOMG.dll
========== LOP Check ==========
[2010/04/23 15:22:19 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\avg9
[2006/06/27 19:39:46 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Application Data\CanonBJ
[2008/02/05 00:14:45 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\EPSON
[2007/03/24 17:25:55 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\InterVideo
[2006/03/17 18:52:44 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\muvee Technologies
[2009/11/15 23:23:03 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\myitlab
[2009/04/30 11:07:49 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Seagate
[2009/12/12 00:59:32 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\{755AC846-7372-4AC8-8550-C52491DAA8BD}
[2009/11/23 17:24:44 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Miriam\Application Data\EPSON
[2010/06/22 19:40:38 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Miriam\Application Data\Facebook
[2006/11/10 20:39:32 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Miriam\Application Data\Intervideo
[2006/10/14 15:11:01 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Miriam\Application Data\Leadertech
[2009/01/26 20:50:33 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Miriam\Application Data\MyPublisher
[2006/06/27 19:07:53 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Miriam\Application Data\Template
========== Purity Check ==========
========== Custom Scans ==========
< %SYSTEMDRIVE%\*.* >
[2003/03/18 19:05:50 | 000,089,088 | ---- | M] (Microsoft Corporation) -- C:\atl71.dll
[2006/03/17 18:53:21 | 000,000,050 | ---- | M] () -- C:\AUTOEXEC.BAT
[2010/04/23 09:00:00 | 000,000,211 | ---- | M] () -- C:\Boot.bak
[2010/04/23 15:27:47 | 000,000,281 | RHS- | M] () -- C:\boot.ini
[2004/08/03 23:00:00 | 000,260,272 | ---- | M] () -- C:\cmldr
[2006/03/17 17:59:35 | 000,000,000 | ---- | M] () -- C:\CONFIG.SYS
[2006/03/17 19:05:07 | 000,015,586 | ---- | M] () -- C:\DNSP1.LOG
[2010/08/30 12:31:16 | 937,676,800 | -HS- | M] () -- C:\hiberfil.sys
[2006/03/17 17:59:35 | 000,000,000 | RHS- | M] () -- C:\IO.SYS
[2010/04/23 09:27:03 | 000,000,109 | ---- | M] () -- C:\mbam-error.txt
[2003/03/18 21:20:00 | 001,060,864 | ---- | M] (Microsoft Corporation) -- C:\mfc71.dll
[2003/03/18 21:12:12 | 001,047,552 | ---- | M] (Microsoft Corporation) -- C:\mfc71u.dll
[2006/03/17 17:59:35 | 000,000,000 | RHS- | M] () -- C:\MSDOS.SYS
[2003/02/21 04:42:22 | 000,348,160 | ---- | M] (Microsoft Corporation) -- C:\msvcr71.dll
[2004/08/04 09:00:00 | 000,047,564 | RHS- | M] () -- C:\NTDETECT.COM
[2004/08/04 09:00:00 | 000,250,032 | RHS- | M] () -- C:\ntldr
[2010/08/30 12:31:14 | 1409,286,144 | -HS- | M] () -- C:\pagefile.sys
[2010/04/13 15:28:00 | 000,000,319 | ---- | M] () -- C:\rkill.log
< %systemroot%\Fonts\*.com >
[2006/04/18 15:39:28 | 000,026,040 | ---- | M] () -- C:\WINDOWS\Fonts\GlobalMonospace.CompositeFont
[2006/06/29 14:53:56 | 000,026,489 | ---- | M] () -- C:\WINDOWS\Fonts\GlobalSansSerif.CompositeFont
[2006/04/18 15:39:28 | 000,029,779 | ---- | M] () -- C:\WINDOWS\Fonts\GlobalSerif.CompositeFont
[2006/06/29 14:58:52 | 000,030,808 | ---- | M] () -- C:\WINDOWS\Fonts\GlobalUserInterface.CompositeFont
< %systemroot%\Fonts\*.dll >
< %systemroot%\Fonts\*.ini >
[2006/03/17 17:58:59 | 000,000,067 | -HS- | M] () -- C:\WINDOWS\Fonts\desktop.ini
< %systemroot%\Fonts\*.ini2 >
< %systemroot%\Fonts\*.exe >
< %systemroot%\system32\spool\prtprocs\w32x86\*.* >
[2005/03/25 01:00:00 | 000,020,992 | ---- | M] (CANON INC.) -- C:\WINDOWS\system32\spool\prtprocs\w32x86\CNMPD75.DLL
[2007/10/22 01:00:00 | 000,027,136 | ---- | M] (CANON INC.) -- C:\WINDOWS\system32\spool\prtprocs\w32x86\CNMPD97.DLL
[2005/03/25 01:00:00 | 000,059,392 | ---- | M] (CANON INC.) -- C:\WINDOWS\system32\spool\prtprocs\w32x86\CNMPP75.DLL
[2007/10/22 01:00:00 | 000,069,632 | ---- | M] (CANON INC.) -- C:\WINDOWS\system32\spool\prtprocs\w32x86\CNMPP97.DLL
[2008/07/06 08:06:10 | 000,089,088 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\spool\prtprocs\w32x86\filterpipelineprintproc.dll
[2008/07/06 06:50:03 | 000,597,504 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\spool\prtprocs\w32x86\printfilterpipelinesvc.exe
< %systemroot%\REPAIR\*.bak1 >
< %systemroot%\REPAIR\*.ini >
< %systemroot%\system32\*.jpg >
< %systemroot%\*.jpg >
< %systemroot%\*.png >
< %systemroot%\*.scr >
[2009/07/10 13:15:46 | 000,306,544 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\WLXPGSS.SCR
< %systemroot%\*._sy >
< %APPDATA%\Adobe\Update\*.* >
< %ALLUSERSPROFILE%\Favorites\*.* >
< %APPDATA%\Microsoft\*.* >
< %PROGRAMFILES%\*.* >
< %APPDATA%\Update\*.* >
< %systemroot%\*. /mp /s >
< %systemroot%\System32\config\*.sav >
[2006/03/17 12:24:50 | 000,094,208 | ---- | M] () -- C:\WINDOWS\system32\config\default.sav
[2006/03/17 12:24:50 | 000,634,880 | ---- | M] () -- C:\WINDOWS\system32\config\software.sav
[2006/03/17 12:24:50 | 000,876,544 | ---- | M] () -- C:\WINDOWS\system32\config\system.sav
< %PROGRAMFILES%\bak. /s >
< %systemroot%\system32\bak. /s >
< %ALLUSERSPROFILE%\Start Menu\*.lnk /x >
[2006/03/17 17:59:46 | 000,000,294 | -HS- | M] () -- C:\Documents and Settings\All Users\Start Menu\desktop.ini
< %systemroot%\system32\config\systemprofile\*.dat /x >
< %systemroot%\*.config >
< %systemroot%\system32\*.db >
< %APPDATA%\Microsoft\Internet Explorer\Quick Launch\*.lnk /x >
[2006/06/27 19:05:46 | 000,000,119 | -HS- | M] () -- C:\Documents and Settings\Miriam\Application Data\Microsoft\Internet Explorer\Quick Launch\desktop.ini
[2006/06/27 19:05:45 | 000,000,079 | ---- | M] () -- C:\Documents and Settings\Miriam\Application Data\Microsoft\Internet Explorer\Quick Launch\Show Desktop.scf
< %USERPROFILE%\Desktop\*.exe >
[2010/03/31 16:39:10 | 083,010,552 | ---- | M] (AVG Technologies) -- C:\Documents and Settings\Miriam\Desktop\avg_free_stf_en_90_790a2730.exe
[2010/08/24 17:56:20 | 000,446,464 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Miriam\Desktop\TFC.exe
< %PROGRAMFILES%\Common Files\*.* >
< %systemroot%\*.src >
[2005/02/23 18:33:10 | 000,008,714 | ---- | M] () -- C:\WINDOWS\930TwSrc.src
< %systemroot%\install\*.* >
< %systemroot%\system32\DLL\*.* >
< %systemroot%\system32\HelpFiles\*.* >
< %systemroot%\system32\rundll\*.* >
< %systemroot%\winn32\*.* >
< %systemroot%\Java\*.* >
< %systemroot%\system32\test\*.* >
< %systemroot%\system32\Rundll32\*.* >
< %systemroot%\AppPatch\Custom\*.* >
< %APPDATA%\Roaming\Microsoft\Windows\Recent\*.lnk /x >
< %PROGRAMFILES%\PC-Doctor\Downloads\*.* >
< %PROGRAMFILES%\Internet Explorer\*.tmp >
< %PROGRAMFILES%\Internet Explorer\*.dat >
< %USERPROFILE%\My Documents\*.exe >
[2009/06/17 09:28:15 | 065,778,464 | ---- | M] (AVG Technologies) -- C:\Documents and Settings\Miriam\My Documents\avg_free_stf_en_85_364a1545.exe
[2009/04/29 00:49:34 | 003,190,688 | ---- | M] (Piriform Ltd) -- C:\Documents and Settings\Miriam\My Documents\ccsetup218.exe
[2009/06/17 11:57:50 | 003,371,384 | ---- | M] (Malwarebytes Corporation ) -- C:\Documents and Settings\Miriam\My Documents\mbam-setup.exe
[2009/01/31 15:58:06 | 016,320,472 | ---- | M] () -- C:\Documents and Settings\Miriam\My Documents\vlc-0.9.8a-win32.exe
< %USERPROFILE%\*.exe >
< %systemroot%\ADDINS\*.* >
< %systemroot%\assembly\*.bak2 >
< %systemroot%\Config\*.* >
< %systemroot%\REPAIR\*.bak2 >
< %systemroot%\SECURITY\Database\*.sdb /x >
< %systemroot%\SYSTEM\*.bak2 >
< %systemroot%\Web\*.bak2 >
< %systemroot%\Driver Cache\*.* >
< %PROGRAMFILES%\Mozilla Firefox\0*.exe >
< %ProgramFiles%\Microsoft Common\*.* >
< %ProgramFiles%\TinyProxy. >
< %USERPROFILE%\Favorites\*.url /x >
[2006/06/27 19:05:45 | 000,000,122 | -HS- | M] () -- C:\Documents and Settings\Miriam\Favorites\Desktop.ini
< %systemroot%\system32\*.bk >
< %systemroot%\*.te >
< %systemroot%\system32\system32\*.* >
< %ALLUSERSPROFILE%\*.dat /x >
< HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate\AU >
< HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update\Results\Install|LastSuccessTime /rs >
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update\Results\Install\\LastSuccessTime: 2010-08-11 13:43:12
< >
< End of report >
OTL Extras logfile created on: 8/30/2010 2:56:37 PM - Run 1
OTL by OldTimer - Version 3.2.11.0 Folder = C:\Documents and Settings\Miriam\My Documents\Downloads
Windows XP Home Edition Service Pack 2 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 6.0.2900.2180)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy
894.00 Mb Total Physical Memory | 240.00 Mb Available Physical Memory | 27.00% Memory free
2.00 Gb Paging File | 2.00 Gb Available in Paging File | 74.00% Paging File free
Paging file location(s): C:\pagefile.sys 1344 2688 [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 74.52 Gb Total Space | 32.80 Gb Free Space | 44.02% Space Free | Partition Type: NTFS
D: Drive not present or media not loaded
E: Drive not present or media not loaded
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded
Computer Name: OWNER-F9217377D
Current User Name: Miriam
Logged in as Administrator.
Current Boot Mode: Normal
Scan Mode: Current user
Company Name Whitelist: On
Skip Microsoft Files: On
File Age = 90 Days
Output = Minimal
Quick Scan
========== Extra Registry (SafeList) ==========
========== File Associations ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.exe [@ = exefile] -- Reg Error: Key error. File not found
.html [@ = htmlfile] -- Reg Error: Key error. File not found
========== Shell Spawning ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
htmlfile [edit] -- "C:\Program Files\Microsoft Office\Office10\msohtmed.exe" %1 (Microsoft Corporation)
htmlfile [print] -- "C:\Program Files\Microsoft Office\Office10\msohtmed.exe" /p %1 (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l (Microsoft Corporation)
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- C:\Program Files\VideoLAN\VLC\vlc.exe --started-from-file --playlist-enqueue "%1" ()
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- C:\Program Files\VideoLAN\VLC\vlc.exe --started-from-file --no-playlist-enqueue "%1" ()
Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
========== Security Center Settings ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"FirstRunDisabled" = 1
"AntiVirusOverride" = 1
"FirewallOverride" = 1
"AntiVirusDisableNotify" = 0
"FirewallDisableNotify" = 0
"UpdatesDisableNotify" = 0
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall" = 0
"DoNotAllowExceptions" = 0
"DisableNotifications" = 1
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List]
"1900:UDP" = 1900:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22007
"2869:TCP" = 2869:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22008
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 0
"DoNotAllowExceptions" = 0
"DisableNotifications" = 1
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
"1900:UDP" = 1900:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22007
"2869:TCP" = 2869:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22008
========== Authorized Applications List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
"C:\Program Files\MSN Messenger\msncall.exe" = C:\Program Files\MSN Messenger\msncall.exe:*:Enabled:Windows Live Messenger 8.0 (Phone) -- File not found
"C:\Program Files\MSN Messenger\livecall.exe" = C:\Program Files\MSN Messenger\livecall.exe:*:Enabled:Windows Live Messenger 8.1 (Phone) -- File not found
"C:\Program Files\Windows Live\Messenger\wlcsdk.exe" = C:\Program Files\Windows Live\Messenger\wlcsdk.exe:*:Enabled:Windows Live Call -- (Microsoft Corporation)
"C:\Program Files\Windows Live\Sync\WindowsLiveSync.exe" = C:\Program Files\Windows Live\Sync\WindowsLiveSync.exe:*:Enabled:Windows Live Sync -- (Microsoft Corporation)
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"C:\Program Files\Java\jre6\bin\java.exe" = C:\Program Files\Java\jre6\bin\java.exe:*:Enabled:Java Platform SE binary -- (Sun Microsystems, Inc.)
"C:\Program Files\iTunes\iTunes.exe" = C:\Program Files\iTunes\iTunes.exe:*:Enabled:iTunes -- (Apple Inc.)
"C:\Program Files\Windows Live\Messenger\wlcsdk.exe" = C:\Program Files\Windows Live\Messenger\wlcsdk.exe:*:Enabled:Windows Live Call -- (Microsoft Corporation)
"C:\Program Files\Windows Live\Sync\WindowsLiveSync.exe" = C:\Program Files\Windows Live\Sync\WindowsLiveSync.exe:*:Enabled:Windows Live Sync -- (Microsoft Corporation)
"C:\Program Files\AVG\AVG9\avgupd.exe" = C:\Program Files\AVG\AVG9\avgupd.exe:*:Enabled:avgupd.exe -- (AVG Technologies CZ, s.r.o.)
"C:\Program Files\AVG\AVG9\avgnsx.exe" = C:\Program Files\AVG\AVG9\avgnsx.exe:*:Enabled:avgnsx.exe -- (AVG Technologies CZ, s.r.o.)
========== HKEY_LOCAL_MACHINE Uninstall List ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{0684EECC-380C-4B97-8C51-5BDB9E4D679C}" = ArcSoft Software Suite
"{07287123-B8AC-41CE-8346-3D777245C35B}" = Bonjour
"{075473F5-846A-448B-BCB3-104AA1760205}" = Sonic Data Module
"{0BEDBD4E-2D34-47B5-9973-57E62B29307C}" = ATI Control Panel
"{0D6D96F4-0CAF-4522-B05F-70A88EDECDFD}" = ArcSoft Print Creations
"{0E484A60-A429-49A8-982C-D6475F1E80A9}" = HPIZplus450
"{10E1E87C-656C-4D08-86D6-5443D28583BE}" = TrayApp
"{139E303E-1050-497F-98B1-9AE87B15C463}" = Windows Live Family Safety
"{1451DE6B-ABE1-4F62-BE9A-B363A17588A2}" = QuickTime
"{15EE79F4-4ED1-4267-9B0F-351009325D7D}" = HP Software Update
"{178832DE-9DE0-4C87-9F82-9315A9B03985}" = Windows Live Writer
"{1AD5F465-8282-4DAD-B957-E09C0B783D18}" = InstantShare
"{1F4BF9EA-847E-44FB-A728-C456116E6CEF}" = InstantShareDevicesMFC
"{205C6BDD-7B73-42DE-8505-9A093F35A238}" = Windows Live Upload Tool
"{21657574-BD54-48A2-9450-EB03B2C7FC29}" = Sonic MyDVD Plus
"{22B775E7-6C42-4FC5-8E10-9A5E3257BD94}" = MSVCRT
"{2318C2B1-4965-11d4-9B18-009027A5CD4F}" = Google Toolbar for Internet Explorer
"{26A24AE4-039D-4CA4-87B4-2F83216013FF}" = Java 6 Update 15
"{272EC8BA-5A08-4ea1-A189-684466A06B02}" = cp_dwShrek2Albums1
"{28CFF19D-B92C-4109-A427-F75505E81688}" = cp_dwSharkTaleAlbums1
"{29FA38B4-0AE4-4D0D-8A51-6165BB990BB0}" = WebReg
"{2E8428AD-6CD2-4031-916A-3CF9BBF2DEC9}" = Unload
"{2F151B50-B434-4838-B51D-70442EBA093E}" = OpenMG Secure Module 4.1.00
"{30465B6C-B53F-49A1-9EBA-A3F187AD502E}" = Sonic Update Manager
"{3248F0A8-6813-11D6-A77B-00B0D0150050}" = J2SE Runtime Environment 5.0 Update 5
"{3248F0A8-6813-11D6-A77B-00B0D0150060}" = J2SE Runtime Environment 5.0 Update 6
"{32498B7B-E1F3-4ad5-A23B-F26414E94BE0}" = HP Image Zone Plus 4.8.5
"{341201D4-4F61-4ADB-987E-9CCE4D83A58D}" = Windows Live Toolbar Extension (Windows Live Toolbar)
"{350C97B0-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP
"{35E1A8C8-6646-4101-B0AA-42D1EB2AB3AE}" = Windows Live Outlook Toolbar (Windows Live Toolbar)
"{36FCD82D-1CED-436d-B33C-874EEC666D68}" = cp_dwSharkTaleCards1
"{3762DB2D-71BD-421F-9E55-C74DA7DF4D07}" = CueTour
"{3EF8B5AA-7B82-4945-941D-A6BC24325F00}" = CameraUserGuides
"{3FA365DF-2D68-45ED-8F83-8C8A33E65143}" = Apple Application Support
"{416D80BA-6F6D-4672-B7CF-F54DA2F80B44}" = Microsoft Works
"{4302B2DD-D958-40E3-BAF3-B07FFE1978CE}" = HP Wireless Assistant 1.01 C1
"{43B402B3-0027-0002-3131-3015BD2DE2CD}" = Home Theater
"{452622B2-CFF1-4373-B773-141FC10A2AB6}" = hpicamDrvQFolder
"{45338B07-A236-4270-9A77-EBB4115517B5}" = Windows Live Sign-in Assistant
"{471B83B9-29D8-41EC-9974-56BB8A457A8B}" = EPSON Stylus CX4400 Series Scanner Driver Update
"{47FBF7F9-FBD3-43EF-823B-7684D56C1962}" = Tabbed Browsing (Windows Live Toolbar)
"{4BDFD2CE-6329-42E4-9801-9B3D1F10D79B}" = Adobe® Photoshop® Album Starter Edition 3.0
"{4CBA3D4C-8F51-4D60-B27E-F6B641C571E7}" = Microsoft Search Enhancement Pack
"{534AA552-E1F1-4965-B2AA-FBDEB0730D60}" = muvee autoProducer 4.0 - SE
"{53B2CFE9-A508-4457-B2CA-5D253536BFB7}" = OneCare Advisor (Windows Live Toolbar)
"{5421155F-B033-49DB-9B33-8F80F233D4D5}" = GdiplusUpgrade
"{543E938C-BDC4-4933-A612-01293996845F}" = UnloadSupport
"{548B3DC6-2300-47E1-BA7B-74AD25F8DEBF}" = Form Fill (Windows Live Toolbar)
"{54F90B55-BEB3-4F0D-8802-228822FA5921}" = WordPerfect Office 11
"{55508A44-8225-47AB-9666-1F57A5B5CE2E}" = CP_PLSBusinessFlyers
"{57F0ED40-8F11-41AA-B926-4A66D0D1A9CC}" = Microsoft Office Live Add-in 1.3
"{5EE7D259-D137-4438-9A5F-42F432EC0421}" = VC80CRTRedist - 8.0.50727.4053
"{6412CECE-8172-4BE5-935B-6CECACD2CA87}" = Windows Live Mail
"{644D04A2-C682-4FD5-977D-03B804C4B9C5}" = CreativeProjects
"{646A65DD-23FC-418E-B9F0-E0500FB42CB1}" = PhotoGallery
"{6675CA7F-E51B-4F6A-99D4-F8F0124C6EAA}" = Sonic Express Labeler
"{6693E024-E2D3-477C-8EF9-4D484F3B3071}" = Seagate Manager Installer
"{66C018BD-6F16-4B32-B4CD-1DC1B21FBDFF}" = Zone Deluxe Games
"{66E6CE0C-5A1E-430C-B40A-0C90FF1804A8}" = eSupportQFolder
"{68108E66-D13A-4EE8-A6F4-40E4B90C2A26}" = Windows Live Toolbar Feed Detector (Windows Live Toolbar)
"{68963635-14A4-48D9-B431-DF3A74D1AAE1}" = Destinations
"{6956856F-B6B3-4BE0-BA0B-8F495BE32033}" = Apple Software Update
"{6E65247F-58F9-41CA-BE69-0316F7907170}" = Disc2Phone
"{724517BD-1DE1-4986-BFCA-C1DFD379E3BC}" = cp_dwShrek2Cards1
"{730837D4-FF5E-48DB-BA49-33E732DFF0B3}" = PanoStandAlone
"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
"{81128EE8-8EAD-4DB0-85C6-17C2CE50FF71}" = Windows Live Essentials
"{824D3839-DAA1-4315-A822-7AE3E620E528}" = VideoToolkit01
"{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable
"{8389382B-53BA-4A87-8854-91E3D80A5AC7}" = HP Photosmart Essential2.01
"{84CDF5A8-1D57-4B69-BAB6-1F11D8923375}" = SkinsHP1
"{84EBDF39-4B33-49D7-A0BD-EB6E2C4E81C1}" = Windows Live Sync
"{8777AC6D-89F9-4793-8266-DE406F343E89}" = QFolder
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8A74E887-8F0F-4017-AF53-CBA42211AAA5}" = Microsoft Sync Framework Runtime Native v1.0 (x86)
"{8C6027FD-53DC-446D-BB75-CACD7028A134}" = HP Update
"{90120000-0020-0409-0000-0000000FF1CE}" = Compatibility Pack for the 2007 Office system
"{90280409-6000-11D3-8CFE-0050048383C9}" = Microsoft Office XP Professional with FrontPage
"{91810AFC-A4F8-4EBA-A5AA-B198BBC81144}" = InterVideo WinDVD
"{93F54611-2701-454e-94AB-623F458D9E6B}" = DeviceDiscovery
"{94FB906A-CF42-4128-A509-D353026A607E}" = REALTEK Gigabit and Fast Ethernet NIC Driver
"{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting
"{981029E0-7FC9-4CF3-AB39-6F133621921A}" = Skype Toolbars
"{984DED38-AD2A-4143-8412-C3827A920BE5}" = HP User Guides 0012
"{995F1E2E-F542-4310-8E1D-9926F5A279B3}" = Windows Live Toolbar
"{99999999-9999-9999-9999-999999999999}" = HP Photosmart Cameras 9.0
"{A0EB195B-5876-48E6-879D-33D4B2102610}" = SonicStage 3.0
"{A1F66FC9-11EE-4F2F-98C9-16F8D1E69FB7}" = Segoe UI
"{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}" = Microsoft .NET Framework 3.0 Service Pack 2
"{A5B9D22C-755A-4AC6-9904-875E80838BB6}" = CP_AtenaShokunin1Config
"{A6FDF86A-F541-4E7B-AEA0-8849A2A700D5}" = iTunes
"{A85FD55B-891B-4314-97A5-EA96C0BD80B5}" = Windows Live Messenger
"{A93C4E94-1005-489D-BEAA-B873C1AA6CFC}" = HP Help and Support
"{AADEA55D-C834-4BCB-98A3-4B8D1C18F4EE}" = Apple Mobile Device Support
"{AB5D51AE-EBC3-438D-872C-705C7C2084B0}" = DeviceManagementQFolder
"{AB708C9B-97C8-4AC9-899B-DBF226AC9382}" = Sonic Audio Module
"{AC76BA86-7AD7-1033-7B44-A70800000002}" = Adobe Reader 7.0.8
"{AEA07F97-9088-497c-8821-0F36BD5DC251}" = HPProductAssistant
"{B12665F4-4E93-4AB4-B7FC-37053B524629}" = Sonic Copy Module
"{B4116BBF-DE38-491e-80E7-CBB9B6F44F30}" = CameraDrivers
"{BCD6CD1A-0DBE-412E-9F25-3B500D1E6BA1}" = SolutionCenter
"{BD64AF4A-8C80-4152-AD77-FCDDF05208AB}" = Microsoft Sync Framework Services Native v1.0 (x86)
"{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}" = Microsoft .NET Framework 2.0 Service Pack 2
"{C151CE54-E7EA-4804-854B-F515368B0798}" = Athlon 64 Processor Driver
"{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}" = Microsoft .NET Framework 1.1
"{CCBAA1F7-E5E1-48B2-9ED9-A79C6A37CE78}" = Cisco Systems VPN Client 5.0.00.0340
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{CEB326EC-8F40-47B2-BA22-BB092565D66F}" = Quick Launch Buttons 5.20 D2
"{D03E7B00-CA85-4684-9321-1888873C34BD}" = ArcSoft PhotoImpression 6
"{D0AF1483-31AD-4FEB-A961-C9327185439F}" = USB 2.0 Camera
"{D103C4BA-F905-437A-8049-DB24763BBE36}" = Skype™ 4.2
"{D6C75F0B-3BC1-4FC9-B8C5-3F7E8ED059CA}" = Windows Live Photo Gallery
"{E2662C24-B31E-4349-A084-32EB76E8B760}" = BufferChm
"{E2DFE069-083E-4631-9B6C-43C48E991DE5}" = Junk Mail filter update
"{E40CE517-0D42-4198-96B4-C8232B257EB5}" = Data Lifeguard Diagnostic for Windows
"{ED00D08A-3C5F-488D-93A0-A04F21F23956}" = Windows Live Communications Platform
"{F084395C-40FB-4DB3-981C-B51E74E1E83D}" = Smart Menus (Windows Live Toolbar)
"{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]
"{F0E12BBA-AD66-4022-A453-A1C8A0C4D570}" = Microsoft Choice Guard
"{F6BD194C-4190-4D73-B1B1-C48C99921BFE}" = Windows Live Call
"{F72E2DDC-3DB8-4190-A21D-63883D955FE7}" = PSSWCORE
"{F7514465-E5F3-48E9-A952-327DAEF33DE6}" = InterVideo Home Theater
"{FC22D020-3005-4715-8DF9-F3EDE81DEB3D}" = CreativeProjectsTemplates
"{FD8D8B04-BEAD-4A55-AA1D-62D2373E7DEA}" = Status
"{FF6F491D-BC82-4DCC-A72F-1824957C6466}" = TIxx21
"Adobe Acrobat Reader 3.01" = Adobe Acrobat Reader 3.01
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"AdobeESD" = Adobe Download Manager 2.0 (Remove Only)
"All ATI Software" = ATI - Software Uninstall Utility
"ATI Display Driver" = ATI Display Driver
"AVG9Uninstall" = AVG Free 9.0
"Broadcom 802.11b Network Adapter" = Broadcom 802.11 Wireless LAN Adapter
"CAL" = Canon Camera Access Library
"CameraWindowDC" = Canon Utilities CameraWindow DC
"CameraWindowDVC5" = Canon Utilities CameraWindow DC_DV 5 for ZoomBrowser EX
"CameraWindowDVC6" = Canon Utilities CameraWindow DC_DV 6 for ZoomBrowser EX
"CameraWindowLauncher" = Canon Utilities CameraWindow
"Canon G.726 WMP-Decoder" = Canon G.726 WMP-Decoder
"CANONBJ_Deinstall_CNMCP75.DLL" = Canon iP1600
"CNXT_AUDIO" = Conexant AC-Link Audio
"CNXT_MODEM_PCI_VEN_1002&DEV_4378" = Soft Data Fax Modem with SmartCP
"CSCLIB" = Canon Camera Support Core Library
"DivX Setup.divx.com" = DivX Setup
"Easy-PhotoPrint" = Canon Utilities Easy-PhotoPrint
"Easy-PrintToolBox" = Canon Utilities Easy-PrintToolBox
"Easy-WebPrint" = Easy-WebPrint
"EOS Utility" = Canon Utilities EOS Utility
"EPSON Printer and Utilities" = EPSON Printer Software
"EPSON Scanner" = EPSON Scan
"ERUNT_is1" = ERUNT 1.1j
"HP Imaging Device Functions" = HP Imaging Device Functions 9.0
"HP Photo & Imaging" = HP Image Zone 4.8.5
"HP Photosmart Essential" = HP Photosmart Essential 2.01
"HP Solution Center & Imaging Support Tools" = HP Solution Center 9.0
"InstallShield_{2F151B50-B434-4838-B51D-70442EBA093E}" = OpenMG Secure Module 4.1.00
"InstallShield_{6693E024-E2D3-477C-8EF9-4D484F3B3071}" = Seagate Manager Installer
"InstallShield_{FF6F491D-BC82-4DCC-A72F-1824957C6466}" = Texas Instruments PCIxx21/x515 drivers.
"InterActual Player" = InterActual Player
"Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware
"Microsoft .NET Framework 1.1 (1033)" = Microsoft .NET Framework 1.1
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"MovieEditTask" = Canon MovieEdit Task for ZoomBrowser EX
"Mozilla Firefox (3.5.11)" = Mozilla Firefox (3.5.11)
"MyCamera" = Canon Utilities MyCamera
"MyCameraDC" = Canon Utilities MyCamera DC
"MyDefrag v4.3.1_is1" = MyDefrag v4.3.1
"MyPublisher" = MyPublisher
"OggDS" = Direct Show Ogg Vorbis Filter (remove only)
"OpenMG HotFix4.1-05-13-31-01" = OpenMG Limited Patch 4.1-05-13-31-01
"PhotoStitch" = Canon Utilities PhotoStitch
"Picasa 3" = Picasa 3
"RAW Image Task" = Canon RAW Image Task for ZoomBrowser EX
"RemoteCaptureTask" = Canon Utilities RemoteCapture Task for ZoomBrowser EX
"Silent Package Run-Time Sample" = EPSON CX4400 Series User's Guide
"SynTPDeinstKey" = Synaptics Pointing Device Driver
"VLC media player" = VLC media player 0.9.8a
"WIC" = Windows Imaging Component
"Windows Media Format Runtime" = Windows Media Format Runtime
"Windows Media Player" = Windows Media Player 10
"WinLiveSuite_Wave3" = Windows Live Essentials
"ZoomBrowser EX" = Canon Utilities ZoomBrowser EX
"ZoomBrowser EX Memory Card Utility" = Canon ZoomBrowser EX Memory Card Utility
========== HKEY_CURRENT_USER Uninstall List ==========
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Facebook Plug-In" = Facebook Plug-In
========== Last 10 Event Log Errors ==========
[ Application Events ]
Error - 7/18/2010 9:23:59 PM | Computer Name = OWNER-F9217377D | Source = Application Error | ID = 1000
Description = Faulting application vlc.exe, version 0.9.8.1, faulting module libqt4_plugin.dll,
version 0.0.0.0, fault address 0x0057e3d1.
Error - 7/28/2010 7:55:31 PM | Computer Name = OWNER-F9217377D | Source = Application Hang | ID = 1002
Description = Hanging application explorer.exe, version 6.0.2900.3156, hang module
hungapp, version 0.0.0.0, hang address 0x00000000.
Error - 7/29/2010 5:21:44 PM | Computer Name = OWNER-F9217377D | Source = Application Hang | ID = 1002
Description = Hanging application explorer.exe, version 6.0.2900.3156, hang module
hungapp, version 0.0.0.0, hang address 0x00000000.
Error - 7/29/2010 5:22:04 PM | Computer Name = OWNER-F9217377D | Source = Application Hang | ID = 1002
Description = Hanging application iTunes.exe, version 9.0.2.25, hang module hungapp,
version 0.0.0.0, hang address 0x00000000.
Error - 7/29/2010 7:44:45 PM | Computer Name = OWNER-F9217377D | Source = Application Error | ID = 1000
Description = Faulting application vlc.exe, version 0.9.8.1, faulting module libvout_directx_plugin.dll,
version 0.0.0.0, fault address 0x000058ac.
Error - 7/29/2010 7:46:10 PM | Computer Name = OWNER-F9217377D | Source = Application Hang | ID = 1002
Description = Hanging application hpqgalry.exe, version 45.4.157.0, hang module
hungapp, version 0.0.0.0, hang address 0x00000000.
Error - 8/2/2010 9:43:46 PM | Computer Name = OWNER-F9217377D | Source = Application Error | ID = 1000
Description = Faulting application vlc.exe, version 0.9.8.1, faulting module libvout_directx_plugin.dll,
version 0.0.0.0, fault address 0x000058ac.
Error - 8/7/2010 4:37:34 PM | Computer Name = OWNER-F9217377D | Source = Application Error | ID = 1000
Description = Faulting application vlc.exe, version 0.9.8.1, faulting module libvout_directx_plugin.dll,
version 0.0.0.0, fault address 0x000058ac.
Error - 8/7/2010 4:39:05 PM | Computer Name = OWNER-F9217377D | Source = Application Error | ID = 1001
Description = Fault bucket 1044299939.
Error - 8/20/2010 12:41:49 PM | Computer Name = OWNER-F9217377D | Source = Application Hang | ID = 1002
Description = Hanging application firefox.exe, version 1.9.1.3834, hang module hungapp,
version 0.0.0.0, hang address 0x00000000.
[ System Events ]
Error - 8/29/2010 10:52:19 AM | Computer Name = OWNER-F9217377D | Source = Service Control Manager | ID = 7026
Description = The following boot-start or system-start driver(s) failed to load:
SASDIFSV SASKUTIL
Error - 8/30/2010 12:32:01 PM | Computer Name = OWNER-F9217377D | Source = Service Control Manager | ID = 7026
Description = The following boot-start or system-start driver(s) failed to load:
SASDIFSV SASKUTIL
< End of report >
Edited by maximem, 30 August 2010 - 01:05 PM.