Jump to content

Welcome to Geeks to Go - Register now for FREE

Geeks To Go is a helpful hub, where thousands of volunteer geeks quickly serve friendly answers and support. Check out the forums and get free advice from the experts. Register now to gain access to all of our features, it's FREE and only takes one minute. Once registered and logged in, you will be able to create topics, post replies to existing threads, give reputation to your fellow members, get your own private messenger, post status updates, manage your profile and so much more.

Create Account How it Works
Photo

Can someone please check my OTL report? Thanks [Solved]


  • This topic is locked This topic is locked

#1
rogerbid

rogerbid

    Member

  • Member
  • PipPipPip
  • 161 posts
Hi,

I do not want to waste anyone's time unecessarily but below is my OTL report. I would be very grateful if somone could check the report and tell me if there is anything I should be concerned about.

I am currently helping a friend who has some pop-ups interferring with his computer functions and have helped him prepare a report to send you. While helping him it seemed sensible to submit my own report in case I have issues I am not aware of.

I hope this will not be seen as an abuse of your excellent service which has helped me on a number of times in the past.

I am also attaching a report titled Extras.txt, I am not sure if this is necesary, or what it signifies but it might be important!

Thanks and best wishes,

Roger

OTL logfile created on: 23/01/2012 12:07:27 PM - Run 1
OTL by OldTimer - Version 3.2.31.0 Folder = C:\Users\Roger\Desktop
Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000c09 | Country: Australia | Language: ENA | Date Format: d/MM/yyyy

3.25 Gb Total Physical Memory | 2.10 Gb Available Physical Memory | 64.64% Memory free
6.50 Gb Paging File | 4.51 Gb Available in Paging File | 69.50% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 931.41 Gb Total Space | 741.27 Gb Free Space | 79.59% Space Free | Partition Type: NTFS
Drive D: | 100.00 Mb Total Space | 31.83 Mb Free Space | 31.83% Space Free | Partition Type: NTFS
Drive E: | 465.76 Gb Total Space | 351.23 Gb Free Space | 75.41% Space Free | Partition Type: NTFS
Drive F: | 324.49 Gb Total Space | 295.06 Gb Free Space | 90.93% Space Free | Partition Type: NTFS
Drive I: | 607.03 Gb Total Space | 348.86 Gb Free Space | 57.47% Space Free | Partition Type: NTFS

Computer Name: ASUSWIN7 | User Name: Roger | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2012/01/23 12:06:18 | 000,584,192 | ---- | M] (OldTimer Tools) -- C:\Users\Roger\Desktop\OTL.exe
PRC - [2012/01/17 06:15:54 | 000,909,152 | ---- | M] () -- C:\Program Files\Common Files\AVG Secure Search\vToolbarUpdater\10.0.6\ToolbarUpdater.exe
PRC - [2012/01/17 06:15:53 | 000,939,872 | ---- | M] () -- C:\Program Files\AVG Secure Search\vprot.exe
PRC - [2012/01/04 02:47:44 | 006,497,592 | ---- | M] (Yahoo! Inc.) -- C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe
PRC - [2012/01/04 00:10:42 | 000,063,928 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
PRC - [2011/12/14 13:13:28 | 000,748,440 | ---- | M] (Spigot, Inc.) -- C:\Program Files\Application Updater\ApplicationUpdater.exe
PRC - [2011/12/13 17:42:08 | 000,922,976 | ---- | M] (Spigot, Inc.) -- C:\Program Files\Common Files\Spigot\Search Settings\SearchSettings.exe
PRC - [2011/12/05 09:20:54 | 000,247,968 | ---- | M] (Adobe Systems, Inc.) -- C:\Windows\System32\Macromed\Flash\FlashUtil11e_ActiveX.exe
PRC - [2011/12/03 01:22:12 | 002,415,456 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG2012\avgtray.exe
PRC - [2011/12/02 14:17:38 | 000,074,752 | ---- | M] (Freemake) -- C:\ProgramData\Freemake\FreemakeUtilsService\FreemakeUtilsService.exe
PRC - [2011/11/28 01:19:04 | 001,229,664 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG2012\avgnsx.exe
PRC - [2011/10/12 06:25:22 | 004,433,248 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG2012\AVGIDSAgent.exe
PRC - [2011/10/10 06:23:34 | 000,973,664 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG2012\avgemcx.exe
PRC - [2011/09/08 20:53:26 | 000,743,264 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG2012\avgrsx.exe
PRC - [2011/08/15 06:21:40 | 000,337,760 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG2012\avgcsrvx.exe
PRC - [2011/08/02 06:09:08 | 000,192,776 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG2012\avgwdsvc.exe
PRC - [2011/05/21 06:01:00 | 002,214,504 | ---- | M] (NVIDIA Corporation) -- C:\Program Files\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe
PRC - [2011/05/21 06:01:00 | 000,839,272 | ---- | M] (NVIDIA Corporation) -- C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
PRC - [2011/05/21 06:01:00 | 000,373,864 | ---- | M] (NVIDIA Corporation) -- C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
PRC - [2011/02/25 16:30:54 | 002,616,320 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe
PRC - [2011/02/16 15:49:08 | 000,088,176 | ---- | M] (McAfee, Inc.) -- c:\Program Files\McAfee\SiteAdvisor\McSACore.exe
PRC - [2010/12/13 15:37:46 | 000,135,536 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft LifeCam\MSCamS32.exe
PRC - [2010/11/20 23:17:47 | 000,049,152 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\taskhost.exe
PRC - [2010/11/11 13:31:54 | 000,334,448 | ---- | M] (VMware, Inc.) -- C:\Windows\System32\vmnetdhcp.exe
PRC - [2010/11/11 13:31:50 | 000,404,080 | ---- | M] (VMware, Inc.) -- C:\Windows\System32\vmnat.exe
PRC - [2010/11/11 13:30:44 | 000,113,264 | ---- | M] (VMware, Inc.) -- C:\Program Files\VMware\VMware Player\vmware-authd.exe
PRC - [2010/11/11 12:31:44 | 000,539,248 | ---- | M] (VMware, Inc.) -- C:\Program Files\Common Files\VMware\USB\vmware-usbarbitrator.exe
PRC - [2010/01/15 23:49:20 | 000,255,536 | ---- | M] (McAfee, Inc.) -- C:\Program Files\McAfee Security Scan\2.0.181\SSScheduler.exe
PRC - [2009/08/22 01:42:10 | 002,886,656 | ---- | M] (Lifsoft,INC) -- I:\DOWNLOADS\AutoPowerOn\WinScheduler.exe
PRC - [2008/11/10 07:48:14 | 000,602,392 | ---- | M] (Yahoo! Inc.) -- C:\Program Files\Yahoo!\SoftwareUpdate\YahooAUService.exe


========== Modules (No Company Name) ==========

MOD - [2012/01/17 06:15:53 | 001,811,296 | ---- | M] () -- C:\Program Files\AVG Secure Search\10.0.0.7\AVG Secure Search_toolbar.dll
MOD - [2012/01/17 06:15:53 | 000,939,872 | ---- | M] () -- C:\Program Files\AVG Secure Search\vprot.exe
MOD - [2012/01/04 02:47:42 | 000,921,600 | ---- | M] () -- C:\Program Files\Yahoo!\Messenger\yui.dll
MOD - [2012/01/04 02:47:42 | 000,078,336 | ---- | M] () -- C:\Program Files\Yahoo!\Messenger\pcre.dll
MOD - [2011/11/09 07:46:02 | 000,093,696 | ---- | M] () -- I:\Program Files\FileZilla FTP Client\fzshellext.dll
MOD - [2011/06/24 23:56:36 | 000,087,328 | ---- | M] () -- C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
MOD - [2011/06/24 23:56:14 | 001,241,888 | ---- | M] () -- C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll


========== Win32 Services (SafeList) ==========

SRV - File not found [Auto | Stopped] -- -- (hpqddsvc)
SRV - File not found [On_Demand | Stopped] -- -- (hpqcxs08)
SRV - [2012/01/17 06:15:54 | 000,909,152 | ---- | M] () [Auto | Running] -- C:\Program Files\Common Files\AVG Secure Search\vToolbarUpdater\10.0.6\ToolbarUpdater.exe -- (vToolbarUpdater)
SRV - [2012/01/04 00:10:42 | 000,063,928 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)
SRV - [2011/12/14 13:13:28 | 000,748,440 | ---- | M] (Spigot, Inc.) [Auto | Running] -- C:\Program Files\Application Updater\ApplicationUpdater.exe -- (Application Updater)
SRV - [2011/12/02 14:17:38 | 000,074,752 | ---- | M] (Freemake) [Auto | Running] -- C:\ProgramData\Freemake\FreemakeUtilsService\FreemakeUtilsService.exe -- (Freemake Improver)
SRV - [2011/10/12 06:25:22 | 004,433,248 | ---- | M] (AVG Technologies CZ, s.r.o.) [Auto | Running] -- C:\Program Files\AVG\AVG2012\AVGIDSAgent.exe -- (AVGIDSAgent)
SRV - [2011/08/02 06:09:08 | 000,192,776 | ---- | M] (AVG Technologies CZ, s.r.o.) [Auto | Running] -- C:\Program Files\AVG\AVG2012\avgwdsvc.exe -- (avgwd)
SRV - [2011/05/21 06:01:00 | 002,214,504 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe -- (nvUpdatusService)
SRV - [2011/02/16 15:49:08 | 000,088,176 | ---- | M] (McAfee, Inc.) [Auto | Running] -- c:\Program Files\McAfee\SiteAdvisor\McSACore.exe -- (McAfee SiteAdvisor Service)
SRV - [2010/12/13 15:37:46 | 000,135,536 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Microsoft LifeCam\MSCamS32.exe -- (MSCamSvc)
SRV - [2010/11/11 13:31:54 | 000,334,448 | ---- | M] (VMware, Inc.) [Auto | Running] -- C:\Windows\System32\vmnetdhcp.exe -- (VMnetDHCP)
SRV - [2010/11/11 13:31:50 | 000,404,080 | ---- | M] (VMware, Inc.) [Auto | Running] -- C:\Windows\System32\vmnat.exe -- (VMware NAT Service)
SRV - [2010/11/11 13:30:44 | 000,113,264 | ---- | M] (VMware, Inc.) [Auto | Running] -- C:\Program Files\VMware\VMware Player\vmware-authd.exe -- (VMAuthdService)
SRV - [2010/11/11 12:31:44 | 000,539,248 | ---- | M] (VMware, Inc.) [Auto | Running] -- C:\Program Files\Common Files\VMware\USB\vmware-usbarbitrator.exe -- (VMUSBArbService)
SRV - [2010/10/04 03:01:51 | 001,343,400 | ---- | M] (Microsoft Corporation) [Unknown | Stopped] -- C:\Windows\System32\Wat\WatAdminSvc.exe -- (WatAdminSvc)
SRV - [2010/08/19 13:57:14 | 000,191,024 | ---- | M] (VMware, Inc.) [On_Demand | Stopped] -- C:\Program Files\VMware\VMware Player\vmware-ufad.exe -- (ufad-ws60)
SRV - [2010/01/15 23:49:20 | 000,227,232 | ---- | M] (McAfee, Inc.) [On_Demand | Stopped] -- C:\Program Files\McAfee Security Scan\2.0.181\McCHSvc.exe -- (McComponentHostService)
SRV - [2009/10/21 05:19:48 | 000,117,264 | ---- | M] (CACE Technologies, Inc.) [On_Demand | Stopped] -- C:\Program Files\WinPcap\rpcapd.exe -- (rpcapd) Remote Packet Capture Protocol v.0 (experimental)
SRV - [2009/08/24 22:16:36 | 000,406,016 | ---- | M] (mst software GmbH, Germany) [On_Demand | Stopped] -- C:\Program Files\Ashampoo\Ashampoo WinOptimizer 7\Dfsdks.exe -- (DfSdkS)
SRV - [2009/07/14 12:16:13 | 000,025,088 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\sensrsvc.dll -- (SensrSvc)
SRV - [2009/07/14 12:15:41 | 000,680,960 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV - [2008/11/10 07:48:14 | 000,602,392 | ---- | M] (Yahoo! Inc.) [Auto | Running] -- C:\Program Files\Yahoo!\SoftwareUpdate\YahooAUService.exe -- (YahooAUService)


========== Driver Services (SafeList) ==========

DRV - [2011/10/07 06:23:48 | 000,230,608 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | System | Running] -- C:\Windows\System32\drivers\avgldx86.sys -- (Avgldx86)
DRV - [2011/10/04 06:21:28 | 000,016,720 | ---- | M] (AVG Technologies CZ, s.r.o. ) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\AVGIDSShim.sys -- (AVGIDSShim)
DRV - [2011/09/13 06:30:10 | 000,032,592 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | Boot | Running] -- C:\Windows\system32\DRIVERS\avgrkx86.sys -- (Avgrkx86)
DRV - [2011/08/08 06:08:58 | 000,040,016 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | System | Running] -- C:\Windows\System32\drivers\avgmfx86.sys -- (Avgmfx86)
DRV - [2011/07/15 11:20:36 | 000,006,504 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\ASACPI.sys -- (MTsensor)
DRV - [2011/07/11 01:14:38 | 000,295,248 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | System | Running] -- C:\Windows\System32\drivers\avgtdix.sys -- (Avgtdix)
DRV - [2011/07/11 01:14:14 | 000,024,272 | ---- | M] (AVG Technologies CZ, s.r.o. ) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\AVGIDSFilter.sys -- (AVGIDSFilter)
DRV - [2011/07/11 01:14:12 | 000,134,736 | ---- | M] (AVG Technologies CZ, s.r.o. ) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\AVGIDSDriver.sys -- (AVGIDSDriver)
DRV - [2011/07/11 01:14:12 | 000,023,120 | ---- | M] (AVG Technologies CZ, s.r.o. ) [Kernel | Boot | Running] -- C:\Windows\system32\DRIVERS\AVGIDSEH.Sys -- (AVGIDSEH)
DRV - [2011/05/21 06:01:00 | 010,589,800 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\nvlddmkm.sys -- (nvlddmkm)
DRV - [2010/12/13 15:37:46 | 000,030,576 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\nx6000.sys -- (MSHUSBVideo)
DRV - [2010/11/20 21:24:41 | 000,052,224 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV - [2010/11/11 13:32:10 | 000,070,768 | ---- | M] (VMware, Inc.) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\vmci.sys -- (vmci)
DRV - [2010/11/11 13:32:08 | 000,854,128 | ---- | M] (VMware, Inc.) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\vmx86.sys -- (vmx86)
DRV - [2010/11/11 13:30:34 | 000,024,688 | ---- | M] (VMware, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\VMkbd.sys -- (vmkbd)
DRV - [2010/11/11 13:29:26 | 000,026,352 | ---- | M] (VMware, Inc.) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\vmnetuserif.sys -- (VMnetuserif)
DRV - [2010/11/11 12:31:28 | 000,032,368 | ---- | M] (VMware, Inc.) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\hcmon.sys -- (hcmon)
DRV - [2010/11/11 10:04:54 | 000,031,280 | ---- | M] (VMware, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\vmusb.sys -- (vmusb)
DRV - [2010/11/11 10:04:52 | 000,036,400 | ---- | M] (VMware, Inc.) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\vmnetbridge.sys -- (VMnetBridge)
DRV - [2010/11/11 10:04:52 | 000,016,560 | ---- | M] (VMware, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\vmnetadapter.sys -- (VMnetAdapter)
DRV - [2010/11/09 14:35:30 | 000,021,992 | ---- | M] (CPUID) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\cpuz135_x32.sys -- (cpuz135)
DRV - [2010/10/04 14:29:03 | 000,044,704 | ---- | M] (Acronis) [File_System | Auto | Running] -- C:\Windows\System32\drivers\tifsfilt.sys -- (tifsfilter)
DRV - [2010/08/19 13:56:38 | 000,022,448 | ---- | M] (VMware, Inc.) [Kernel | Auto | Running] -- C:\Program Files\VMware\VMware Player\vstor2-ws60.sys -- (vstor2-ws60)
DRV - [2010/04/12 17:13:04 | 000,091,216 | ---- | M] (High Criteria inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\TotRec8.sys -- (TotRec8)
DRV - [2010/04/12 17:12:58 | 000,131,152 | ---- | M] (High Criteria inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\TotRec7.sys -- (TotRec7)
DRV - [2009/10/21 05:19:44 | 000,050,704 | ---- | M] (CACE Technologies, Inc.) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\npf.sys -- (NPF)
DRV - [2009/10/05 16:31:50 | 001,221,632 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\athr.sys -- (athr)
DRV - [2009/08/23 05:06:38 | 000,048,640 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\L1E62x86.sys -- (L1E)
DRV - [2009/05/12 09:47:54 | 000,154,664 | ---- | M] (Marvell Semiconductor, Inc.) [Kernel | Boot | Running] -- C:\Windows\system32\DRIVERS\mv61xx.sys -- (mv61xx)
DRV - [2007/03/20 15:22:18 | 001,056,384 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\PKWCap.sys -- (PKWCap)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://start.facemoo...earchTerms}&f=4

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.google.com/ie
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = http://www.google.com/ie
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.google.com
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com.au/
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://ninemsn.com.au/?ocid=iehp
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = en-au
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = E6 42 61 78 B2 61 CB 01 [binary data]
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL = http://www.google.com/ie
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.google.com/ie
IE - HKCU\..\URLSearchHook: {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\Program Files\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
IE - HKCU\..\URLSearchHook: {F3FEE66E-E034-436a-86E4-9690573BEE8A} - C:\Program Files\YouTube Downloader Toolbar\IE\4.9\youtubedownloaderToolbarIE.dll (Spigot, Inc.)
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local

FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@google.com/npPicasa3,version=3.0.0: I:\Program Files\Picasa\Picasa3\npPicasa3.dll (Google, Inc.)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@messenger.yahoo.com/YahooMessengerStatePlugin;version=1.0.0.6: C:\Program Files\Yahoo!\Shared\npYState.dll (Yahoo! Inc.)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\4.0.60831.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3508.1109: C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3538.0513: C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@nosltd.com/getPlus+®,version=1.6.2.91: C:\Program Files\NOS\bin\np_gp.dll File not found
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.21.79\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.21.79\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKCU\Software\MozillaPlugins\@talk.google.com/GoogleTalkPlugin: C:\Users\Roger\AppData\Roaming\Mozilla\plugins\npgoogletalk.dll (Google)
FF - HKCU\Software\MozillaPlugins\@talk.google.com/O3DPlugin: C:\Users\Roger\AppData\Roaming\Mozilla\plugins\npgtpo3dautoplugin.dll ()
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Users\Roger\AppData\Local\Google\Update\1.3.21.79\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Users\Roger\AppData\Local\Google\Update\1.3.21.79\npGoogleUpdate3.dll (Google Inc.)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\[email protected]: I:\Program Files\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2010/11/07 14:16:21 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{B7082FAA-CB62-4872-9106-E42DD88EDE45}: C:\Program Files\McAfee\SiteAdvisor [2011/04/02 21:34:41 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{1E73965B-8B48-48be-9C8D-68B920ABC1C4}: C:\Program Files\AVG\AVG2012\Firefox4\ [2011/12/24 13:44:16 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\[email protected]: C:\Program Files\Freemake\Freemake Video Converter\BrowserPlugin\Firefox\ [2011/12/03 17:50:07 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\[email protected]: C:\ProgramData\AVG Secure Search\10.0.0.7\ [2012/01/17 06:16:17 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Firefox\Extensions\\[email protected]: I:\Program Files\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2010/11/07 14:16:21 | 000,000,000 | ---D | M]

[2011/12/03 17:51:31 | 000,002,047 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\fcmdSrch.xml

O1 HOSTS File: ([2009/06/11 08:39:37 | 000,000,824 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
O2 - BHO: (&Yahoo! Toolbar Helper) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn0\yt.dll (Yahoo! Inc.)
O2 - BHO: (AVG Safe Search) - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG2012\avgssie.dll (AVG Technologies CZ, s.r.o.)
O2 - BHO: (CescrtHlpr Object) - {64182481-4F71-486b-A045-B233BD0DA8FC} - C:\Program Files\facemoods.com\facemoods\1.4.17.11\bh\facemoods.dll (facemoods.com BHO)
O2 - BHO: (AVG Security Toolbar) - {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Program Files\AVG Secure Search\10.0.0.7\AVG Secure Search_toolbar.dll ()
O2 - BHO: (Skype Browser Helper) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O2 - BHO: (McAfee SiteAdvisor BHO) - {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - c:\Program Files\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
O2 - BHO: (YouTube Downloader Toolbar) - {F3FEE66E-E034-436a-86E4-9690573BEE8A} - C:\Program Files\YouTube Downloader Toolbar\IE\4.9\youtubedownloaderToolbarIE.dll (Spigot, Inc.)
O2 - BHO: (SingleInstance Class) - {FDAD4DA1-61A2-4FD8-9C17-86F7AC245081} - C:\Program Files\Yahoo!\Companion\Installs\cpn0\YTSingleInstance.dll (Yahoo! Inc)
O3 - HKLM\..\Toolbar: (McAfee SiteAdvisor Toolbar) - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\Program Files\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
O3 - HKLM\..\Toolbar: (AVG Security Toolbar) - {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Program Files\AVG Secure Search\10.0.0.7\AVG Secure Search_toolbar.dll ()
O3 - HKLM\..\Toolbar: (no name) - {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - No CLSID value found.
O3 - HKLM\..\Toolbar: (facemoods Toolbar) - {DB4E9724-F518-4dfd-9C7C-78B52103CAB9} - C:\Program Files\facemoods.com\facemoods\1.4.17.11\facemoodsTlbr.dll (facemoods.com)
O3 - HKLM\..\Toolbar: (Yahoo!7 Toolbar) - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn0\yt.dll (Yahoo! Inc.)
O3 - HKLM\..\Toolbar: (YouTube Downloader Toolbar) - {F3FEE66E-E034-436a-86E4-9690573BEE8A} - C:\Program Files\YouTube Downloader Toolbar\IE\4.9\youtubedownloaderToolbarIE.dll (Spigot, Inc.)
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {4A1C6093-14F9-44D7-860E-5D265CFCA9D9} - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {D4027C7F-154A-4066-A1AD-4243D8127440} - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39} - No CLSID value found.
O4 - HKLM..\Run: [] File not found
O4 - HKLM..\Run: [APSDaemon] C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.)
O4 - HKLM..\Run: [AVG_TRAY] C:\Program Files\AVG\AVG2012\avgtray.exe (AVG Technologies CZ, s.r.o.)
O4 - HKLM..\Run: [ROC_roc_dec12] C:\Program Files\AVG Secure Search\ROC_roc_dec12.exe ()
O4 - HKLM..\Run: [SearchSettings] C:\Program Files\Common Files\Spigot\Search Settings\SearchSettings.exe (Spigot, Inc.)
O4 - HKLM..\Run: [vProt] C:\Program Files\AVG Secure Search\vprot.exe ()
O4 - HKCU..\Run: [AutoPowerOn] I:\DOWNLOADS\AutoPowerOn\WinScheduler.exe (Lifsoft,INC)
O4 - HKCU..\Run: [Messenger (Yahoo!)] C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe (Yahoo! Inc.)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLinkedConnections = 1
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O8 - Extra context menu item: Add to Google Photos Screensa&ver - C:\Windows\System32\GPhotos.scr (Google Inc.)
O8 - Extra context menu item: Google Sidewiki... - res://C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_950DF09FAB501E03.dll/cmsidewiki.html File not found
O9 - Extra Button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra 'Tools' menuitem : Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000009 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O10 - Protocol_Catalog9\Catalog_Entries\000000000011 - C:\Program Files\VMware\VMware Player\vsocklib.dll (VMware, Inc.)
O10 - Protocol_Catalog9\Catalog_Entries\000000000012 - C:\Program Files\VMware\VMware Player\vsocklib.dll (VMware, Inc.)
O13 - gopher Prefix: missing
O16 - DPF: {02BF25D5-8C17-4B23-BC80-D3488ABDDC6B} http://appldnld.appl...ex/qtplugin.cab (QuickTime Object)
O16 - DPF: {0D41B8C5-2599-4893-8183-00195EC8D5F9} http://support.asus....k_sys_ctrl3.cab (asusTek_sysctrl Class)
O16 - DPF: {1E54D648-B804-468d-BC78-4AFFED8E262F} http://www.nvidia.co...sreqlab_nvd.cab (System Requirements Lab Class)
O16 - DPF: {74DBCB52-F298-4110-951D-AD2FF67BC8AB} http://www.nvidia.co...iaSmartScan.cab (NVIDIA Smart Scan)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_29)
O16 - DPF: {CAFEEFAC-0016-0000-0029-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_29)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_29)
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.ad...Plus/1.6/gp.cab (Reg Error: Key error.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{2E28A1D1-7DDB-4547-B6E4-64478D788640}: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{92EFEF13-D0D7-471D-84B5-B8499FF31EE2}: DhcpNameServer = 192.168.1.1
O18 - Protocol\Handler\dssrequest {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
O18 - Protocol\Handler\linkscanner {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG2012\avgpp.dll (AVG Technologies CZ, s.r.o.)
O18 - Protocol\Handler\sacore {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O18 - Protocol\Handler\viprotocol {B658800C-F66E-4EF3-AB85-6C0C227862A9} - C:\Program Files\Common Files\AVG Secure Search\ViProtocolInstaller\10.0.6\ViProtocol.dll ()
O20 - HKLM Winlogon: Shell - (explorer.exe) -C:\Windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) -C:\Windows\System32\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) -C:\Windows\System32\SystemPropertiesPerformance.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2009/06/11 08:42:20 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *)
O34 - HKLM BootExecute: (C:\PROGRA~1\AVG\AVG2012\avgrsx.exe /sync /restart)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

========== Files/Folders - Created Within 30 Days ==========

[2029/01/01 01:02:28 | 000,000,000 | ---D | C] -- C:\Users\Roger\AppData\Local\{A674C75E-E10E-4AD4-8C52-14C3C6C6B6DF}
[2012/01/23 12:06:16 | 000,584,192 | ---- | C] (OldTimer Tools) -- C:\Users\Roger\Desktop\OTL.exe
[2012/01/23 11:25:34 | 000,000,000 | ---D | C] -- C:\ProgramData\Yahoo! Companion
[2012/01/23 11:25:23 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Yahoo! Messenger
[2012/01/23 11:25:21 | 000,000,000 | ---D | C] -- C:\ProgramData\Yahoo!
[2012/01/23 10:21:56 | 000,000,000 | ---D | C] -- C:\Users\Roger\AppData\Local\{9B22613F-1229-4B4E-ACED-896215F536D2}
[2012/01/23 10:21:44 | 000,000,000 | ---D | C] -- C:\Users\Roger\AppData\Local\{10C0C3CB-ADB7-4F65-9516-DEE7B8A69388}
[2012/01/22 10:56:08 | 000,000,000 | ---D | C] -- C:\Users\Roger\AppData\Local\{8D9CAA59-5EEC-4FD8-AF61-D0982A872B46}
[2012/01/22 10:55:56 | 000,000,000 | ---D | C] -- C:\Users\Roger\AppData\Local\{C8E2B49B-B62E-4B2A-9573-19C8ED4F0A29}
[2012/01/22 08:07:57 | 000,000,000 | ---D | C] -- C:\Users\Roger\AppData\Local\{0263B721-090E-417C-A4EA-D493BACDE893}
[2012/01/21 09:20:24 | 000,000,000 | ---D | C] -- C:\Users\Roger\AppData\Local\{99E0E42B-37F3-4EEE-9409-02EACC2AD38C}
[2012/01/21 09:20:08 | 000,000,000 | ---D | C] -- C:\Users\Roger\AppData\Local\{C4CE1637-96E6-4772-BC7A-838B7A141F0A}
[2012/01/20 09:31:21 | 000,000,000 | ---D | C] -- C:\Users\Roger\AppData\Local\{A850D4C1-F064-4C6E-872B-F487D549958E}
[2012/01/20 09:31:09 | 000,000,000 | ---D | C] -- C:\Users\Roger\AppData\Local\{398527DE-F872-4DF0-A7E9-C403D06F5BC6}
[2012/01/19 21:30:40 | 000,000,000 | ---D | C] -- C:\Users\Roger\AppData\Local\{11E6BCF1-B676-4B77-8489-B7B0342F92DF}
[2012/01/19 21:30:27 | 000,000,000 | ---D | C] -- C:\Users\Roger\AppData\Local\{1E5EA69A-73F2-4380-965D-F46BF3ADA20C}
[2012/01/18 20:12:48 | 000,000,000 | ---D | C] -- C:\Users\Roger\AppData\Local\{B0C599A8-D61F-446C-ABB3-BF7045884694}
[2012/01/18 20:12:32 | 000,000,000 | ---D | C] -- C:\Users\Roger\AppData\Local\{17DAC513-E0BE-48C2-8606-9613794F90EA}
[2012/01/18 06:36:58 | 000,000,000 | ---D | C] -- C:\Users\Roger\AppData\Local\{2FB946BF-1399-46A5-A8D5-04B02FC68BF5}
[2012/01/18 06:36:45 | 000,000,000 | ---D | C] -- C:\Users\Roger\AppData\Local\{AE65C684-22FC-4ADE-9493-00BC30463454}
[2012/01/17 18:36:16 | 000,000,000 | ---D | C] -- C:\Users\Roger\AppData\Local\{919720D2-CF96-4A82-8A8E-4BCEDF3B6823}
[2012/01/17 18:36:04 | 000,000,000 | ---D | C] -- C:\Users\Roger\AppData\Local\{DF9D805E-36E6-408C-A84E-EFD1A63BD814}
[2012/01/17 06:16:50 | 000,000,000 | ---D | C] -- C:\Users\Roger\AppData\Local\{CC4C7B04-2E8F-46F9-959A-1DAE0700A523}
[2012/01/17 06:16:35 | 000,000,000 | ---D | C] -- C:\Users\Roger\AppData\Local\{C64B18BE-CC67-42F4-9130-A7BE1C7B1ABD}
[2012/01/16 10:20:09 | 000,000,000 | ---D | C] -- C:\Users\Roger\AppData\Local\{23DDB89E-60A0-413A-BDFF-18BC3AED53CB}
[2012/01/16 10:19:56 | 000,000,000 | ---D | C] -- C:\Users\Roger\AppData\Local\{E8AF4F65-A344-4743-800F-D660730FF1F6}
[2012/01/15 11:16:17 | 000,000,000 | ---D | C] -- C:\Users\Roger\AppData\Local\{1FD1B37D-2A4A-453F-A836-CD1E60A3A5EA}
[2012/01/15 11:15:50 | 000,000,000 | ---D | C] -- C:\Users\Roger\AppData\Local\{8F0FBCE4-2304-44FA-82C0-94C083684813}
[2012/01/14 09:56:47 | 000,000,000 | ---D | C] -- C:\Users\Roger\AppData\Local\{8616E302-F284-44C5-80A1-143D463142F5}
[2012/01/14 09:56:30 | 000,000,000 | ---D | C] -- C:\Users\Roger\AppData\Local\{D4A6AB00-B2B1-4ED5-863B-9103640C7118}
[2012/01/13 11:14:02 | 000,000,000 | ---D | C] -- C:\Users\Roger\AppData\Local\{6A6F40DB-523D-4FA9-92D0-88A33C5110CC}
[2012/01/13 11:13:46 | 000,000,000 | ---D | C] -- C:\Users\Roger\AppData\Local\{641D6A91-55FD-471E-AEF2-EAC7D4A5F1BF}
[2012/01/12 20:31:27 | 000,000,000 | ---D | C] -- C:\Users\Roger\AppData\Local\{251D8969-6482-4FFF-8C68-67DEC48A854E}
[2012/01/12 20:31:03 | 000,000,000 | ---D | C] -- C:\Users\Roger\AppData\Local\{77799D12-167E-43BF-A5AF-96D643C4E4EE}
[2012/01/12 06:08:25 | 000,000,000 | ---D | C] -- C:\Users\Roger\AppData\Local\{51702051-47FE-41BB-873F-FA6B0868AAB4}
[2012/01/12 06:08:09 | 000,000,000 | ---D | C] -- C:\Users\Roger\AppData\Local\{0CEE99A9-7501-4F4A-9A95-4D8E9D800FBB}
[2012/01/11 17:51:34 | 000,000,000 | ---D | C] -- C:\Users\Roger\AppData\Local\{7FEBCD70-D9E6-4B14-B69D-BC4BE0626A70}
[2012/01/11 17:51:14 | 000,000,000 | ---D | C] -- C:\Users\Roger\AppData\Local\{E39C4D7B-59B8-456F-8E06-7FD99B9CB525}
[2012/01/10 22:08:58 | 000,000,000 | ---D | C] -- C:\Users\Roger\AppData\Local\{511B95E9-8B4B-40F9-B152-669CE4078D98}
[2012/01/10 22:08:42 | 000,000,000 | ---D | C] -- C:\Users\Roger\AppData\Local\{FEC29DA7-2D6C-413F-9B54-6AE2CF324BF2}
[2012/01/10 05:47:34 | 000,000,000 | ---D | C] -- C:\Users\Roger\AppData\Local\{D6124DCC-DB91-4E62-B62F-F82F2AFF11AF}
[2012/01/10 05:47:18 | 000,000,000 | ---D | C] -- C:\Users\Roger\AppData\Local\{F2C526BC-CE62-46CC-9FD5-3AF2DF1B1FB4}
[2012/01/05 19:47:34 | 000,000,000 | ---D | C] -- C:\Users\Roger\AppData\Local\{40C2024F-5B63-4375-8F39-5D6F4E2E4226}
[2012/01/05 19:47:22 | 000,000,000 | ---D | C] -- C:\Users\Roger\AppData\Local\{A490C0C3-E089-47D9-8C7C-435CC56ABCE3}
[2012/01/04 21:18:37 | 000,000,000 | ---D | C] -- C:\Users\Roger\AppData\Local\{A42713EF-8566-48D5-83CD-CB0F5EC354C4}
[2012/01/04 21:18:11 | 000,000,000 | ---D | C] -- C:\Users\Roger\AppData\Local\{7D6E188A-EAB9-48BB-82FE-D94969BB1D15}
[2012/01/04 05:58:27 | 000,000,000 | ---D | C] -- C:\Users\Roger\AppData\Local\{89C81CC8-DFA1-4A12-9792-1DEBFA04FFFE}
[2012/01/04 05:58:09 | 000,000,000 | ---D | C] -- C:\Users\Roger\AppData\Local\{16065EF8-DBB5-4E1F-BDC9-CDA14BEFE30E}
[2012/01/03 06:13:08 | 000,000,000 | ---D | C] -- C:\Users\Roger\AppData\Local\{B6053D6B-C103-4052-A9D2-33D79E8C29B0}
[2012/01/03 06:12:56 | 000,000,000 | ---D | C] -- C:\Users\Roger\AppData\Local\{D86DA4F0-A85E-42EA-8B18-1970181D4D4D}
[2012/01/02 09:40:59 | 000,000,000 | ---D | C] -- C:\Users\Roger\AppData\Local\{C1F71AF9-526D-485D-9555-B10B74EE5DBA}
[2012/01/02 09:40:46 | 000,000,000 | ---D | C] -- C:\Users\Roger\AppData\Local\{AEF5540B-C9BB-4F6D-B13E-005B20D0067D}
[2012/01/01 15:25:06 | 000,000,000 | ---D | C] -- C:\Users\Roger\AppData\Local\{765300ED-2E8B-435E-B7B1-B673E398C1D7}
[2012/01/01 15:24:42 | 000,000,000 | ---D | C] -- C:\Users\Roger\AppData\Local\{266658D4-B224-47FF-814B-901069012625}
[2011/12/31 14:19:47 | 000,000,000 | ---D | C] -- C:\Users\Roger\AppData\Local\{1274865E-183E-41D0-9064-5C40D34F53D4}
[2011/12/31 14:19:30 | 000,000,000 | ---D | C] -- C:\Users\Roger\AppData\Local\{B73331A4-8C0E-470B-A6C3-B5F9057187C7}
[2011/12/30 09:01:09 | 000,000,000 | ---D | C] -- C:\Users\Roger\AppData\Local\{B6E1D878-671F-48BD-A075-5574088B972D}
[2011/12/30 09:00:47 | 000,000,000 | ---D | C] -- C:\Users\Roger\AppData\Local\{E35D1D1A-E111-484C-BDBA-6C87B5D2F63F}
[2011/12/29 18:03:42 | 000,000,000 | ---D | C] -- C:\Users\Roger\AppData\Local\{62D710C6-7D2C-446F-A65B-246DAE307054}
[2011/12/29 18:03:27 | 000,000,000 | ---D | C] -- C:\Users\Roger\AppData\Local\{2FC2CBA6-AC9B-45DD-B0DD-EB7CAD1CB29D}
[2011/12/28 13:35:44 | 000,000,000 | ---D | C] -- C:\Users\Roger\AppData\Local\{FF77DAE8-52F1-4048-8953-9F0F0EB0FB95}
[2011/12/28 13:35:25 | 000,000,000 | ---D | C] -- C:\Users\Roger\AppData\Local\{8FE05437-E420-456B-9DE9-329D168160FD}
[2011/12/27 21:38:56 | 000,000,000 | ---D | C] -- C:\Users\Roger\AppData\Local\{A4D85B20-7013-419A-B4F5-9CEA266EC3EB}
[2011/12/27 21:38:33 | 000,000,000 | ---D | C] -- C:\Users\Roger\AppData\Local\{003B9EEE-FD4F-48C4-BC03-ACE2D8677AAC}
[2011/12/27 09:37:56 | 000,000,000 | ---D | C] -- C:\Users\Roger\AppData\Local\{A507A267-AAD2-49A3-97D7-DBBF64E26656}
[2011/12/27 09:37:43 | 000,000,000 | ---D | C] -- C:\Users\Roger\AppData\Local\{012C6D9B-4F44-4609-BFB3-803AD2724D6B}
[2011/12/27 08:07:49 | 000,000,000 | ---D | C] -- C:\Users\Roger\AppData\Local\{F4B7D3B8-DAE5-4731-A731-DCF4C296B84F}
[2011/12/26 18:32:17 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
[2011/12/26 18:31:31 | 000,000,000 | ---D | C] -- C:\Program Files\iPod
[2011/12/26 18:31:30 | 000,000,000 | ---D | C] -- C:\Program Files\iTunes
[2011/12/26 11:35:08 | 000,000,000 | ---D | C] -- C:\Users\Roger\AppData\Local\{3F94DDBF-A3C5-4B51-8732-5A69FE889704}
[2011/12/26 11:34:50 | 000,000,000 | ---D | C] -- C:\Users\Roger\AppData\Local\{4A690A96-BD13-4205-9007-EFD9A4F79CC2}
[2011/12/25 10:26:35 | 000,000,000 | ---D | C] -- C:\Program Files\YouTube Downloader Toolbar
[2011/12/25 10:26:35 | 000,000,000 | ---D | C] -- C:\Program Files\Application Updater
[2011/12/25 08:30:44 | 000,000,000 | ---D | C] -- C:\Users\Roger\AppData\Local\{3D04D6C1-0460-46FC-90FF-E5678158F14D}
[2011/12/25 08:30:21 | 000,000,000 | ---D | C] -- C:\Users\Roger\AppData\Local\{E189A282-6362-4E4C-A3E8-5A2D7D44F6A8}
[2011/12/24 14:23:40 | 000,000,000 | ---D | C] -- C:\Users\Roger\AppData\Local\{C1B159FC-83AD-4661-B7D9-24023D50AE52}
[2011/12/24 14:23:17 | 000,000,000 | ---D | C] -- C:\Users\Roger\AppData\Local\{941C46F2-0C66-4F6A-99A5-1BC4AB382E8C}

========== Files - Modified Within 30 Days ==========

[2012/01/23 12:06:18 | 000,584,192 | ---- | M] (OldTimer Tools) -- C:\Users\Roger\Desktop\OTL.exe
[2012/01/23 11:36:00 | 000,000,908 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-3345017777-2939274015-3433995129-1001UA.job
[2012/01/23 11:36:00 | 000,000,884 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2012/01/23 11:31:02 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2012/01/23 11:25:23 | 000,001,144 | ---- | M] () -- C:\Users\Roger\Application Data\Microsoft\Internet Explorer\Quick Launch\Yahoo! Messenger.lnk
[2012/01/23 11:25:23 | 000,001,120 | ---- | M] () -- C:\Users\Public\Desktop\Yahoo! Messenger.lnk
[2012/01/23 10:59:14 | 000,015,168 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2012/01/23 10:59:14 | 000,015,168 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2012/01/23 10:26:38 | 087,204,930 | ---- | M] () -- C:\Windows\System32\drivers\AVG\incavi.avm
[2012/01/23 10:20:42 | 000,000,880 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2012/01/23 10:20:36 | 2616,500,224 | -HS- | M] () -- C:\hiberfil.sys
[2012/01/22 17:26:28 | 000,351,639 | ---- | M] () -- C:\Users\Roger\Desktop\Back - Copy.jpg
[2012/01/22 17:00:38 | 004,416,556 | ---- | M] () -- C:\Users\Roger\Desktop\Back.jpg
[2012/01/22 16:56:38 | 008,117,404 | ---- | M] () -- C:\Users\Roger\Desktop\Front .jpg
[2012/01/22 15:21:07 | 759,885,824 | ---- | M] () -- C:\Users\Roger\Desktop\Potter S2 E2.mpeg
[2012/01/21 11:48:45 | 704,389,120 | ---- | M] () -- C:\Users\Roger\Desktop\Potter S2 E1.mpeg
[2012/01/21 11:28:04 | 764,948,480 | ---- | M] () -- C:\Users\Roger\Desktop\Potter S1 E6.mpeg
[2012/01/21 11:14:31 | 812,158,976 | ---- | M] () -- C:\Users\Roger\Desktop\Potter S1 E5.mpeg
[2012/01/21 11:10:59 | 016,097,177 | ---- | M] () -- C:\Users\Roger\Desktop\videoplayback[1]
[2012/01/21 11:00:54 | 765,069,312 | ---- | M] () -- C:\Users\Roger\Desktop\Potter S1 E4.mpeg
[2012/01/21 10:46:31 | 756,256,768 | ---- | M] () -- C:\Users\Roger\Desktop\Potter S1 E3.mpeg
[2012/01/21 09:31:30 | 738,068,480 | ---- | M] () -- C:\Users\Roger\Desktop\Potter S1 E2.mpeg
[2012/01/20 18:43:02 | 000,316,381 | ---- | M] () -- C:\Windows\System32\drivers\AVG\iavichjg.avm
[2012/01/20 18:31:26 | 000,021,671 | ---- | M] () -- C:\Users\Roger\Desktop\photo.JPG
[2012/01/20 16:53:19 | 745,052,160 | ---- | M] () -- C:\Users\Roger\Desktop\Potter S1 E1.mpeg
[2012/01/20 06:36:00 | 000,000,856 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-3345017777-2939274015-3433995129-1001Core.job
[2012/01/19 20:26:13 | 000,630,708 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2012/01/19 20:26:13 | 000,111,418 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2012/01/18 20:58:36 | 000,213,504 | ---- | M] () -- C:\Users\Roger\Desktop\Vietnam booking.bak
[2012/01/18 20:28:46 | 000,070,144 | ---- | M] () -- C:\Users\Roger\Desktop\Vietnamonline conditions.bak
[2012/01/14 10:32:34 | 000,869,213 | ---- | M] () -- C:\Users\Roger\Desktop\Jasmin costing.jpg
[2012/01/13 20:53:18 | 000,025,088 | ---- | M] () -- C:\Users\Roger\Desktop\Modules.bak
[2012/01/12 21:16:43 | 000,029,184 | ---- | M] () -- C:\Users\Roger\Desktop\night by night accom.bak
[2012/01/12 20:54:29 | 000,433,274 | ---- | M] () -- C:\Users\Roger\Desktop\Jasmine Hotel.jpg
[2012/01/12 20:13:51 | 000,713,293 | ---- | M] () -- C:\Users\Roger\Desktop\Wotif comparison.jpg
[2012/01/12 20:13:35 | 001,109,494 | ---- | M] () -- C:\Users\Roger\Desktop\Wotif comparison.psd
[2012/01/05 21:41:42 | 002,136,925 | ---- | M] () -- C:\Users\Roger\Desktop\Canon Ad.jpg
[2011/12/27 22:12:09 | 000,014,336 | ---- | M] () -- C:\Users\Roger\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2011/12/26 18:32:17 | 000,001,762 | ---- | M] () -- C:\Users\Public\Desktop\iTunes.lnk
[2011/12/24 13:44:22 | 000,000,944 | ---- | M] () -- C:\Users\Public\Desktop\AVG 2012.lnk

========== Files Created - No Company Name ==========

[2012/01/23 11:25:23 | 000,001,144 | ---- | C] () -- C:\Users\Roger\Application Data\Microsoft\Internet Explorer\Quick Launch\Yahoo! Messenger.lnk
[2012/01/23 11:25:23 | 000,001,120 | ---- | C] () -- C:\Users\Public\Desktop\Yahoo! Messenger.lnk
[2012/01/22 17:25:51 | 000,351,639 | ---- | C] () -- C:\Users\Roger\Desktop\Back - Copy.jpg
[2012/01/22 17:00:35 | 004,416,556 | ---- | C] () -- C:\Users\Roger\Desktop\Back.jpg
[2012/01/22 16:56:35 | 008,117,404 | ---- | C] () -- C:\Users\Roger\Desktop\Front .jpg
[2012/01/22 15:11:01 | 759,885,824 | ---- | C] () -- C:\Users\Roger\Desktop\Potter S2 E2.mpeg
[2012/01/21 11:37:59 | 704,389,120 | ---- | C] () -- C:\Users\Roger\Desktop\Potter S2 E1.mpeg
[2012/01/21 11:17:44 | 016,097,177 | ---- | C] () -- C:\Users\Roger\Desktop\videoplayback[1]
[2012/01/21 11:16:22 | 764,948,480 | ---- | C] () -- C:\Users\Roger\Desktop\Potter S1 E6.mpeg
[2012/01/21 11:02:11 | 812,158,976 | ---- | C] () -- C:\Users\Roger\Desktop\Potter S1 E5.mpeg
[2012/01/21 10:49:41 | 765,069,312 | ---- | C] () -- C:\Users\Roger\Desktop\Potter S1 E4.mpeg
[2012/01/21 10:35:01 | 756,256,768 | ---- | C] () -- C:\Users\Roger\Desktop\Potter S1 E3.mpeg
[2012/01/21 09:19:46 | 738,068,480 | ---- | C] () -- C:\Users\Roger\Desktop\Potter S1 E2.mpeg
[2012/01/20 18:31:33 | 000,021,671 | ---- | C] () -- C:\Users\Roger\Desktop\photo.JPG
[2012/01/20 16:44:16 | 745,052,160 | ---- | C] () -- C:\Users\Roger\Desktop\Potter S1 E1.mpeg
[2012/01/18 20:57:34 | 000,213,504 | ---- | C] () -- C:\Users\Roger\Desktop\Vietnam booking.bak
[2012/01/18 20:25:29 | 000,070,144 | ---- | C] () -- C:\Users\Roger\Desktop\Vietnamonline conditions.bak
[2012/01/14 10:32:32 | 000,869,213 | ---- | C] () -- C:\Users\Roger\Desktop\Jasmin costing.jpg
[2012/01/13 18:22:32 | 000,025,088 | ---- | C] () -- C:\Users\Roger\Desktop\Modules.bak
[2012/01/12 20:54:27 | 000,433,274 | ---- | C] () -- C:\Users\Roger\Desktop\Jasmine Hotel.jpg
[2012/01/12 20:13:49 | 000,713,293 | ---- | C] () -- C:\Users\Roger\Desktop\Wotif comparison.jpg
[2012/01/12 20:13:35 | 001,109,494 | ---- | C] () -- C:\Users\Roger\Desktop\Wotif comparison.psd
[2012/01/10 22:05:32 | 000,029,184 | ---- | C] () -- C:\Users\Roger\Desktop\night by night accom.bak
[2012/01/05 21:41:41 | 002,136,925 | ---- | C] () -- C:\Users\Roger\Desktop\Canon Ad.jpg
[2011/12/31 16:11:24 | 002,745,742 | ---- | C] () -- C:\Users\Roger\Desktop\WFWS.mp3
[2011/12/26 18:32:17 | 000,001,762 | ---- | C] () -- C:\Users\Public\Desktop\iTunes.lnk
[2011/12/05 09:31:20 | 000,175,616 | ---- | C] () -- C:\Windows\System32\unrar.dll
[2011/12/05 09:31:19 | 000,074,752 | ---- | C] () -- C:\Windows\System32\ff_vfw.dll
[2011/07/15 11:07:23 | 000,001,769 | ---- | C] () -- C:\Windows\Language_trs.ini
[2011/02/21 22:19:31 | 000,000,047 | ---- | C] () -- C:\Users\Roger\AppData\Roaming\AVSMediaPlayer.m3u
[2011/02/20 21:40:47 | 000,650,752 | ---- | C] () -- C:\Windows\System32\xvidcore.dll
[2011/02/20 21:40:47 | 000,243,200 | ---- | C] () -- C:\Windows\System32\xvidvfw.dll
[2011/01/29 12:03:27 | 000,000,093 | ---- | C] () -- C:\Users\Roger\AppData\Local\fusioncache.dat
[2010/12/25 09:45:01 | 000,014,336 | ---- | C] () -- C:\Users\Roger\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2010/11/07 14:14:54 | 000,169,186 | ---- | C] () -- C:\Windows\hpoins14.dat
[2010/11/07 14:14:54 | 000,001,498 | ---- | C] () -- C:\Windows\hpomdl14.dat
[2010/10/25 17:06:11 | 000,000,056 | -H-- | C] () -- C:\ProgramData\ezsidmv.dat
[2010/10/04 12:16:59 | 000,001,057 | ---- | C] () -- C:\Users\Roger\AppData\Roaming\vso_ts_preview.xml
[2010/10/03 19:42:55 | 000,169,186 | ---- | C] () -- C:\Windows\hpoins14.dat.temp
[2010/10/03 19:42:55 | 000,001,498 | ---- | C] () -- C:\Windows\hpomdl14.dat.temp
[2009/10/21 05:19:30 | 000,053,299 | ---- | C] () -- C:\Windows\System32\pthreadVC.dll
[2009/07/14 15:57:37 | 000,067,584 | --S- | C] () -- C:\Windows\bootstat.dat
[2009/07/14 15:33:53 | 000,331,296 | ---- | C] () -- C:\Windows\System32\FNTCACHE.DAT
[2009/07/14 13:05:48 | 000,630,708 | ---- | C] () -- C:\Windows\System32\perfh009.dat
[2009/07/14 13:05:48 | 000,291,294 | ---- | C] () -- C:\Windows\System32\perfi009.dat
[2009/07/14 13:05:48 | 000,111,418 | ---- | C] () -- C:\Windows\System32\perfc009.dat
[2009/07/14 13:05:48 | 000,031,548 | ---- | C] () -- C:\Windows\System32\perfd009.dat
[2009/07/14 13:05:05 | 000,000,741 | ---- | C] () -- C:\Windows\System32\NOISE.DAT
[2009/07/14 13:04:11 | 000,215,943 | ---- | C] () -- C:\Windows\System32\dssec.dat
[2009/07/14 10:55:01 | 000,043,131 | ---- | C] () -- C:\Windows\mib.bin
[2009/07/14 10:51:43 | 000,073,728 | ---- | C] () -- C:\Windows\System32\BthpanContextHandler.dll
[2009/07/14 10:42:10 | 000,064,000 | ---- | C] () -- C:\Windows\System32\BWContextHandler.dll
[2009/06/11 08:26:10 | 000,673,088 | ---- | C] () -- C:\Windows\System32\mlang.dat
[2009/05/13 20:11:34 | 000,006,504 | ---- | C] () -- C:\Windows\System32\drivers\ASACPI.sys
[2007/03/20 15:22:18 | 001,056,384 | ---- | C] () -- C:\Windows\System32\drivers\PKWCap.sys
[2003/02/27 17:07:20 | 000,003,072 | ---- | C] () -- C:\Windows\System32\716xCoInstaller.dll

========== LOP Check ==========

[2011/04/18 18:37:29 | 000,000,000 | ---D | M] -- C:\Users\Roger\AppData\Roaming\12ADDA46-245E-47B4-AA7C-59BDEDEB5BAB
[2011/04/02 11:03:36 | 000,000,000 | ---D | M] -- C:\Users\Roger\AppData\Roaming\A454F83F-B9FE-475C-AD87-FE0F673B0C9D
[2010/10/22 22:00:33 | 000,000,000 | ---D | M] -- C:\Users\Roger\AppData\Roaming\Acronis
[2011/01/31 11:55:29 | 000,000,000 | ---D | M] -- C:\Users\Roger\AppData\Roaming\Ashampoo
[2011/10/24 11:02:37 | 000,000,000 | ---D | M] -- C:\Users\Roger\AppData\Roaming\AVG2012
[2011/01/12 21:01:59 | 000,000,000 | ---D | M] -- C:\Users\Roger\AppData\Roaming\avidemux
[2011/11/19 00:51:51 | 000,000,000 | ---D | M] -- C:\Users\Roger\AppData\Roaming\AVSMedia
[2010/12/27 14:53:08 | 000,000,000 | ---D | M] -- C:\Users\Roger\AppData\Roaming\Copernic
[2012/01/04 17:58:56 | 000,000,000 | ---D | M] -- C:\Users\Roger\AppData\Roaming\FileZilla
[2011/07/31 15:00:44 | 000,000,000 | ---D | M] -- C:\Users\Roger\AppData\Roaming\FLVPlayer4Free
[2010/10/03 18:16:39 | 000,000,000 | ---D | M] -- C:\Users\Roger\AppData\Roaming\Handy Address Book
[2011/10/07 18:38:23 | 000,000,000 | ---D | M] -- C:\Users\Roger\AppData\Roaming\ImgBurn
[2011/12/11 15:33:09 | 000,000,000 | ---D | M] -- C:\Users\Roger\AppData\Roaming\Momento
[2011/07/17 18:45:41 | 000,000,000 | ---D | M] -- C:\Users\Roger\AppData\Roaming\Moyea
[2010/11/07 13:44:09 | 000,000,000 | ---D | M] -- C:\Users\Roger\AppData\Roaming\OpenOffice.org
[2011/12/15 18:45:06 | 000,000,000 | ---D | M] -- C:\Users\Roger\AppData\Roaming\SoftMaker
[2010/10/23 00:36:21 | 000,000,000 | ---D | M] -- C:\Users\Roger\AppData\Roaming\TotalRecorder
[2011/02/11 20:59:57 | 000,000,000 | ---D | M] -- C:\Users\Roger\AppData\Roaming\Trusteer
[2011/03/18 11:15:39 | 000,000,000 | ---D | M] -- C:\Users\Roger\AppData\Roaming\Uniblue
[2011/12/12 21:25:37 | 000,000,000 | ---D | M] -- C:\Users\Roger\AppData\Roaming\Vso
[2010/10/21 16:55:48 | 000,000,000 | ---D | M] -- C:\Users\Roger\AppData\Roaming\Windows Live Writer
[2011/11/26 11:37:14 | 000,032,586 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT

========== Purity Check ==========



========== Alternate Data Streams ==========

@Alternate Data Stream - 530 bytes -> C:\Users\Roger\Documents\Big W.eml:OECustomProperty
@Alternate Data Stream - 123 bytes -> C:\ProgramData\TEMP:8CE646EE

< End of report >


Additional Report


OTL Extras logfile created on: 23/01/2012 12:07:27 PM - Run 1
OTL by OldTimer - Version 3.2.31.0 Folder = C:\Users\Roger\Desktop
Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000c09 | Country: Australia | Language: ENA | Date Format: d/MM/yyyy

3.25 Gb Total Physical Memory | 2.10 Gb Available Physical Memory | 64.64% Memory free
6.50 Gb Paging File | 4.51 Gb Available in Paging File | 69.50% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 931.41 Gb Total Space | 741.27 Gb Free Space | 79.59% Space Free | Partition Type: NTFS
Drive D: | 100.00 Mb Total Space | 31.83 Mb Free Space | 31.83% Space Free | Partition Type: NTFS
Drive E: | 465.76 Gb Total Space | 351.23 Gb Free Space | 75.41% Space Free | Partition Type: NTFS
Drive F: | 324.49 Gb Total Space | 295.06 Gb Free Space | 90.93% Space Free | Partition Type: NTFS
Drive I: | 607.03 Gb Total Space | 348.86 Gb Free Space | 57.47% Space Free | Partition Type: NTFS

Computer Name: ASUSWIN7 | User Name: Roger | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

========== Extra Registry (SafeList) ==========


========== File Associations ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\System32\control.exe (Microsoft Corporation)
.hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation)

========== Shell Spawning ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation)
htmlfile [edit] -- Reg Error: Key error.
htmlfile [print] -- rundll32.exe %windir%\system32\mshtml.dll,PrintHTML "%1"
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [Browse with &IrfanView] -- "I:\Program Files\Irfanview\i_view32.exe" "%1 /thumbs" (Irfan Skiljan)
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

========== Security Center Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = Reg Error: Unknown registry data type -- File not found
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]

========== Firewall Settings ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1

========== Authorized Applications List ==========


========== HKEY_LOCAL_MACHINE Uninstall List ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{0B0F231F-CE6A-483D-AA23-77B364F75917}" = Windows Live Installer
"{0EF5BEA9-B9D3-46d7-8958-FB69A0BAEACC}" = Status
"{0F367CA3-3B2F-43F9-A44A-25A8EE69E45D}" = Scan
"{175F0111-2968-4935-8F70-33108C6A4DE3}" = MarketResearch
"{18455581-E099-4BA8-BC6B-F34B2F06600C}" = Google Toolbar for Internet Explorer
"{19BA08F7-C728-469C-8A35-BFBD3633BE08}" = Windows Live Movie Maker
"{1a413f37-ed88-4fec-9666-5c48dc4b7bb7}" = YouTube Downloader 3.4
"{1EC71BFB-01A3-4239-B6AF-B1AE656B15C0}" = TrayApp
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{1F6AB0E7-8CDD-4B93-8A23-AA9EB2FEFCE4}" = Junk Mail filter update
"{200FEC62-3C34-4D60-9CE8-EC372E01C08F}" = Windows Live SOXE Definitions
"{2318C2B1-4965-11d4-9B18-009027A5CD4F}" = Google Toolbar for Internet Explorer
"{26A24AE4-039D-4CA4-87B4-2F83216020FF}" = Java™ 6 Update 29
"{2A3FC24C-6EC0-4519-A52B-FDA4EA9B2D24}" = Windows Live Messenger
"{2C73154B-F7F9-4B53-AF56-D06846C99EC4}_is1" = VAP11G
"{2EEA7AA4-C203-4b90-A34F-19FB7EF1C81C}" = BufferChm
"{2FF8C687-DB7D-4adc-A5DC-57983EC25046}" = DeviceDiscovery
"{32DACAC3-6538-405D-915E-8F2D026F199C}" = DJ_AIO_Software_min
"{3336F667-9049-4D46-98B6-4C743EEBC5B1}" = Windows Live Photo Gallery
"{343666E2-A059-48AC-AD67-230BF74E2DB2}" = Apple Application Support
"{34F4D9A4-42C2-4348-BEF4-E553C84549E7}" = Windows Live Photo Gallery
"{35ED3F83-4BDC-4c44-8EC6-6A8301C7413A}" = McAfee SiteAdvisor
"{3C3901C5-3455-3E0A-A214-0B093A5070A6}" = Microsoft .NET Framework 4 Client Profile
"{3C92B2E6-380D-4fef-B4DF-4A3B4B669771}" = Copy
"{3D3E663D-4E7E-4577-A560-7ECDDD45548A}" = PVSonyDll
"{43CDF946-F5D9-4292-B006-BA0D92013021}" = WebReg
"{49369237-6712-4376-8497-D9666BB2D34D}" = OpdiTracker
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4A70EF07-7F88-4434-BB61-D1DE8AE93DD4}" = SolutionCenter
"{4E7C28C7-D5DA-4E9F-A1CA-60490B54AE35}" = UnloadSupport
"{527BBE2F-1FED-3D8B-91CB-4DB0F838E69E}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729
"{579684A4-DDD5-4CA3-9EA8-7BE7D9593DB4}" = Windows Live UX Platform Language Pack
"{5A13987D-55F4-4271-A40E-76AC9B1B38FD}" = OpenOffice.org 3.2
"{63FF21C9-A810-464F-B60A-3111747B1A6D}" = GPBaseService2
"{681B698F-C997-42C3-B184-B489C6CA24C9}" = HPPhotoSmartDiscLabelContent1
"{682B3E4F-696A-42DE-A41C-4C07EA1678B4}" = Windows Live SOXE
"{6B2FFB21-AC88-45C3-9A7D-4BB3E744EC91}" = HPSSupply
"{6BBA26E9-AB03-4FE7-831A-3535584CA002}" = Toolbox
"{7059BDA7-E1DB-442C-B7A1-6144596720A4}" = HP Update
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
"{79155F2B-9895-49D7-8612-D92580E0DE5B}" = Bonjour
"{7BE15435-2D3E-4B58-867F-9C75BED0208C}" = QuickTime
"{8153ED9A-C94A-426E-9880-5E6775C08B62}" = Apple Mobile Device Support
"{81A6F461-0DBA-4F12-B56F-0E977EC10576}_is1" = PDF24 Creator 3.4.0
"{8398852A-7B61-4808-8F58-D0A40D1B2CB6}" = AVG 2012
"{83C292B7-38A5-440B-A731-07070E81A64F}" = Windows Live PIMT Platform
"{86CE85E6-DBAC-3FFD-B977-E4B79F83C909}" = Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8DD46C6A-0056-4FEC-B70A-28BB16A1F11F}" = MSVCRT
"{8E3F691A-4972-47FF-9E09-1981B62A5D5A}_is1" = Moyea FLV Editor Lite version: 1.1.1.846
"{92127AF5-FDD8-4ADF-BC40-C356C9EE0B7D}" = 32 Bit HP CIO Components Installer
"{92EA4134-10D1-418A-91E1-5A0453131A38}" = Windows Live Movie Maker
"{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting
"{9B362566-EC1B-4700-BB9C-EC661BDE2175}" = DocProc
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{9D56775A-93F3-44A3-8092-840E3826DE30}" = Windows Live Mail
"{A49F249F-0C91-497F-86DF-B2585E8E76B7}" = Microsoft Visual C++ 2005 Redistributable
"{A53A11EA-0095-493F-86FA-A15E8A86A405}" = VMware Player
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{A9BDCA6B-3653-467B-AC83-94367DA3BFE3}" = Windows Live Photo Common
"{AA59DDE4-B672-4621-A016-4C248204957A}" = Skype™ 5.5
"{AAAFC670-569B-4A2F-82B4-42945E0DE3EF}" = Windows Live Writer
"{AC76BA86-7AD7-1033-7B44-AA1000000001}" = Adobe Reader X (10.1.2)
"{AD99B476-6FB7-4985-A3C3-E40595A7E6DE}" = DJ_AIO_Software
"{AF844339-2F8A-4593-81B3-9F4C54038C4E}" = Windows Live MIME IFilter
"{B10914FD-8812-47A4-85A1-50FCDE7F1F33}" = Windows Live Sync
"{B194272D-1F92-46DF-99EB-8D5CE91CB4EC}" = Adobe AIR
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.ControlPanel" = NVIDIA Control Panel 275.33
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver" = NVIDIA Graphics Driver 275.33
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update" = NVIDIA Update 1.3.5
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_installer" = NVIDIA Install Application
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NVIDIA.Update" = NVIDIA Update Components
"{B3BC9DB1-0B0A-48B0-B86B-EA77CAA7F800}" = Microsoft Corporation
"{B6CF2967-C81E-40C0-9815-C05774FEF120}" = Skype Click to Call
"{B7DBF6E8-0D17-4BE4-853B-ACD6EFBD4A1F}" = iTunes
"{BD71B413-9FEE-49BB-A6D1-2C0BFB99BDFE}" = Microsoft LifeCam
"{BD7204BA-DD64-499E-9B55-6A282CDF4FA4}" = Destinations
"{C078C299-C2C2-4110-A6EF-8D5E66C228DA}" = e-tax 2011
"{C43326F5-F135-4551-8270-7F7ABA0462E1}" = HPProductAssistant
"{C6150D8A-86ED-41D3-87BB-F3BB51B0B77F}" = Windows Live ID Sign-in Assistant
"{C6579A65-9CAE-4B31-8B6B-3306E0630A66}" = Apple Software Update
"{C66824E4-CBB3-4851-BB3F-E8CFD6350923}" = Windows Live Mail
"{CAE4213F-F797-439D-BD9E-79B71D115BE3}" = HPPhotoGadget
"{CCA5EAAD-92F4-4B7A-B5EE-14294C66AB61}" = PlayReady PC Runtime x86
"{CCF13D13-A87B-34E8-B689-1896D0C2DBA2}" = Google Talk Plugin
"{CE95A79E-E4FC-4FFF-8A75-29F04B942FF2}" = Windows Live UX Platform
"{D436F577-1695-4D2F-8B44-AC76C99E0002}" = Windows Live Photo Common
"{D45240D3-B6B3-4FF9-B243-54ECE3E10066}" = Windows Live Communications Platform
"{D79113E7-274C-470B-BD46-01B10219DF6A}" = HPPhotosmartEssential
"{D86B0E2E-DF9A-441C-AF77-8D1A0FF00FA6}" = AIO_Scan
"{DB6AB705-C9BD-40E3-8929-2EA57F36A4FF}_is1" = ConvertXtoDVD 4.1.19.365
"{DC635845-46D3-404B-BCB1-FC4A91091AFA}" = SmartWebPrinting
"{DDC8BDEE-DCAC-404D-8257-3E8D4B782467}" = Windows Live Writer Resources
"{E09C4DB7-630C-4F06-A631-8EA7239923AF}" = D3DX10
"{E171F5DA-6F17-472D-A223-92468142C5E8}" = AVG 2012
"{E5B21F11-6933-4E0B-A25C-7963E3C07D11}" = Windows Live Messenger
"{EB773820-0871-46A8-9B96-F2B04F8B34F0}" = HP Deskjet All-In-One Driver Software 13.0 Rel. 1
"{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{FD66AF34-C18A-4cea-8421-2F3B39E9B07E}" = YouTube Downloader Toolbar v4.9
"{FE044230-9CA5-43F7-9B58-5AC5A28A1F33}" = Windows Live Essentials
"{FFD9383C-01D5-4897-A954-43AF599AED30}" = tools-windows
"Adobe AIR" = Adobe AIR
"Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX
"Adobe Photoshop 7.0" = Adobe Photoshop 7.0
"Ashampoo Burning Studio 2010 Advanced_is1" = Ashampoo Burning Studio 2010 Advanced
"Ashampoo Burning Studio 9_is1" = Ashampoo Burning Studio 9.03
"Ashampoo Photo Optimizer 3_is1" = Ashampoo Photo Optimizer 3.03
"Ashampoo WinOptimizer 7_is1" = Ashampoo WinOptimizer 7 v.7.26
"AtomTime Pro_is1" = AtomTime Pro 3.1a
"Auto Power-on & Shut-down_is1" = Auto Power-on & Shut-down 2.50
"AVG" = AVG 2012
"AVG Secure Search" = AVG Security Toolbar
"Avidemux 2.5" = Avidemux 2.5
"AVS Audio Converter 6.1_is1" = AVS Audio Converter version 6.1
"AVS Audio Editor 5.2_is1" = AVS Audio Editor version 5.2
"AVS Audio Recorder 3.9_is1" = AVS Audio Recorder version 3.9
"AVS Disc Creator_is1" = AVS Disc Creator version 3.5
"AVS DVD Authoring_is1" = AVS DVD Authoring
"AVS DVD Copy_is1" = AVS DVD Copy version 4.1.1
"AVS DVDMenu Editor_is1" = AVS DVDMenu Editor 1.2.1.19
"AVS Media Player_is1" = AVS Media Player 3.1
"AVS Registry Cleaner 1.1_is1" = AVS Registry Cleaner version 1.1
"AVS Ringtone Maker 1.6_is1" = AVS Ringtone Maker version 1.6
"AVS Screen Capture_is1" = AVS Screen Capture version 2.0.1
"AVS SystemInfo_is1" = AVS System Info
"AVS TV Recorder_is1" = AVS TV Recorder 2.1.2
"AVS Update Manager_is1" = AVS Update Manager 1.0
"AVS Video Editor_is1" = AVS Video Editor 6
"AVS Video Recorder_is1" = AVS Video Recorder 2.4
"AVS Video ReMaker_is1" = AVS Video ReMaker 4.0.8.140
"AVS Video Tools 5_is1" = AVS Video Tools 5.6
"AVS4YOU Software Navigator_is1" = AVS4YOU Software Navigator 1.4
"AVS4YOU Video Converter 6_is1" = AVS Video Converter 6
"AVSCoverEditor_AVS4YOU_is1" = AVS Cover Editor 1.3.1.96 (AVS4YOU)
"CPUID CPU-Z_is1" = CPUID CPU-Z 1.56
"facemoods" = Facemoods Toolbar
"FileZilla Client" = FileZilla Client 3.5.2
"FLV Player" = FLV Player 2.0 (build 25)
"FLVPlayer4Free Free FLV Player_is1" = FLVPlayer4Free Free FLV Player 4.0.0.0
"Freemake Video Converter_is1" = Freemake Video Converter version 3.0.0
"Handy Address Book" = Handy Address Book
"HP Smart Web Printing" = HP Smart Web Printing 4.51
"ImgBurn" = ImgBurn
"IrfanView" = IrfanView (remove only)
"Karen's Replicator" = Karen's Replicator
"KLiteCodecPack_is1" = K-Lite Codec Pack 8.0.0 (Full)
"McAfee Security Scan" = McAfee Security Scan Plus
"MediaInfo" = MediaInfo 0.7.38
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Momento" = Momento 5.6.1
"mv61xxDriver" = marvell 61xx
"NVIDIA Display Control Panel" = NVIDIA Display Control Panel
"Picasa 3" = Picasa 3
"Recuva" = Recuva
"sm-un1.u32" = Ashampoo Office 2008 (I:\Program Files\Ashampoo Office 2008)
"SystemRequirementsLab" = System Requirements Lab
"TotalRecorder" = Total Recorder 8.1
"VMware_Player" = VMware Player
"WinLiveSuite" = Windows Live Essentials
"WinPcapInst" = WinPcap 4.1.1
"Yahoo! Companion" = Yahoo!7 Toolbar
"Yahoo! Messenger" = Yahoo! Messenger
"Yahoo! Software Update" = Yahoo! Software Update

========== Last 10 Event Log Errors ==========

Error reading Event Logs: The Event Service is not operating properly or the Event Logs are corrupt!

Edited by rogerbid, 22 January 2012 - 08:47 PM.

  • 0

Advertisements


#2
maliprog

maliprog

    Trusted Helper

  • Malware Removal
  • 6,172 posts
Hello rogerbid and welcome to my office here at G2G! :)

My nick is maliprog and I'll will be your technical support on this issue. Before we start please read my notes carefully:

NOTE:
  • Malware removal is NOT instantaneous, most infections require several courses of action to completely eradicate.
  • Absence of symptoms does not always mean the computer is clean
  • Kindly follow my instructions in the order posted. Order is crucial in cleaning process.
  • Please DO NOT run any scans or fix on your own without my direction.
  • Please read all of my response through at least once before attempting to follow the procedures described.
  • If there's anything you don't understand or isn't totally clear, please come back to me for clarification.
  • Please do not attach any log files to your replies unless I specifically ask you. Instead please copy and paste so as to include the log in your reply.
  • You must reply within 3 days or your topic will be closed

Is this log from your PC or from your friends PC?

I don't see any trace of malware in this log. Do you have any problems with this PC?
  • 0

#3
rogerbid

rogerbid

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 161 posts
Hi maliprog

Thanks so much for taking the time to read through my OTL report, and thanks for the good news.

This was the report from my PC. I note no-one has yet responded to my friends post but I am sure it will be looked at very soon. If you would care to give his report a look, here is the link :), http://www.geekstogo...ections-please/

I cannot say I have any major concerns about my computer though there are a few niggles that bother me from time to time - hard to put a finger on any one thing in particular but as a whole they are enough to have made me wonder if there was something that needed attention. I can certainly live with things as they are and maybe next time a glitch occurs I will create a thread to look at the single issue concerned and one by one I will solve the mionor problems that exist.

Thanks again for your kind attention,

Best wishes,

Roger
  • 0

#4
maliprog

maliprog

    Trusted Helper

  • Malware Removal
  • 6,172 posts
Glad I could help. Goodbye and stay safe :thumbsup:
  • 0

#5
maliprog

maliprog

    Trusted Helper

  • Malware Removal
  • 6,172 posts
Since this issue appears to be resolved ... this Topic has been closed. Glad we could help. :)

If you're the topic starter, and need this topic reopened, please contact a staff member with the address of the thread.

Everyone else please begin a New Topic.
  • 0






Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP