Jump to content

Welcome to Geeks to Go - Register now for FREE

Need help with your computer or device? Want to learn new tech skills? You're in the right place!
Geeks to Go is a friendly community of tech experts who can solve any problem you have. Just create a free account and post your question. Our volunteers will reply quickly and guide you through the steps. Don't let tech troubles stop you. Join Geeks to Go now and get the support you need!

How it Works Create Account
Photo

win32heur, cannot run anti virus or anti malware, have OTL .txt

Started by nobbyburton , Mar 08 2012 04:33 PM

  • Please log in to reply

#1
nobbyburton
Posted 08 March 2012 - 04:33 PM

nobbyburton

    Member

  • Member
  • PipPipPip
  • 173 posts
not sure what son has done to home pc but getting constant problems with pc, avg detects win32 heur but is not removing it properly despite asking whether i want to move to vault, anti malaware not able to run at all

have read advice on forums and enclose OTL.txt and Extras.txt

OTL logfile created on: 08/03/2012 22:24:44 - Run 1
OTL by OldTimer - Version 3.2.36.1 Folder = H:\Documents and Settings\Andy & Joanna\My Documents\Torrents
Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 7.0.5730.13)
Locale: 00000809 | Country: United Kingdom | Language: ENG | Date Format: dd/MM/yyyy

2.00 Gb Total Physical Memory | 1.10 Gb Available Physical Memory | 55.15% Memory free
2.85 Gb Paging File | 2.14 Gb Available in Paging File | 75.14% Paging File free
Paging file location(s): H:\pagefile.sys 1024 2048 [binary data]

%SystemDrive% = H: | %SystemRoot% = H:\WINDOWS | %ProgramFiles% = H:\Program Files
Drive F: | 970.63 Mb Total Space | 699.63 Mb Free Space | 72.08% Space Free | Partition Type: FAT
Drive H: | 232.88 Gb Total Space | 4.01 Gb Free Space | 1.72% Space Free | Partition Type: NTFS

Computer Name: ANDY-38AF1A8D42 | User Name: Andy & Joanna | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - H:\Documents and Settings\Andy & Joanna\My Documents\Torrents\OTL.exe (OldTimer Tools)
PRC - H:\Documents and Settings\Andy & Joanna\Application Data\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
PRC - H:\Program Files\AVG\AVG10\Identity Protection\Agent\Bin\AVGIDSAgent.exe (AVG Technologies CZ, s.r.o.)
PRC - H:\Program Files\AVG\AVG10\avgtray.exe (AVG Technologies CZ, s.r.o.)
PRC - H:\Program Files\Common Files\AVG Secure Search\vToolbarUpdater\10.0.6\ToolbarUpdater.exe ()
PRC - H:\Program Files\AVG Secure Search\vprot.exe ()
PRC - H:\Program Files\AVG\AVG10\avgnsx.exe (AVG Technologies CZ, s.r.o.)
PRC - H:\Program Files\AVG\AVG10\avgrsx.exe (AVG Technologies CZ, s.r.o.)
PRC - H:\Program Files\AVG\AVG10\avgchsvx.exe (AVG Technologies CZ, s.r.o.)
PRC - H:\Program Files\AVG\AVG10\avgcsrvx.exe (AVG Technologies CZ, s.r.o.)
PRC - H:\Program Files\DivX\DivX Update\DivXUpdate.exe ()
PRC - H:\Program Files\AVG\AVG10\Identity Protection\Agent\Bin\AVGIDSMonitor.exe ()
PRC - H:\Program Files\AVG\AVG10\avgwdsvc.exe (AVG Technologies CZ, s.r.o.)
PRC - H:\Program Files\Clarus\Samsung Auto Backup\ISFTimerD.exe (Clarus, Inc.)
PRC - H:\Program Files\Clarus\Samsung Auto Backup\ISFRealTimeD.exe (Clarus, Inc.)
PRC - H:\Program Files\Clarus\Samsung Auto Backup\ISFGuage.exe (Clarus, Inc.)
PRC - H:\Program Files\Clarus\Samsung SecretZone\MSSvc.exe ()
PRC - H:\Program Files\Canon\CAL\CALMAIN.exe (Canon Inc.)
PRC - H:\Program Files\TeamViewer\Version4\TeamViewer_Service.exe (TeamViewer GmbH)
PRC - H:\WINDOWS\explorer.exe (Microsoft Corporation)
PRC - H:\Program Files\TVersity\Media Server\MediaServer.exe ()
PRC - H:\Program Files\XpertVision\TBPANEL.exe (Xpertvision, Inc.)
PRC - H:\WINDOWS\vVX3000.exe (Microsoft Corporation)
PRC - H:\Program Files\Microsoft LifeCam\MSCamS32.exe (Microsoft Corporation)
PRC - H:\Program Files\Creative\MediaSource\Detector\CTDetect.exe (Creative Technology Ltd)


========== Modules (No Company Name) ==========

MOD - H:\Program Files\Common Files\AVG Secure Search\vToolbarUpdater\10.0.6\ToolbarUpdater.exe ()
MOD - H:\Program Files\AVG Secure Search\vprot.exe ()
MOD - H:\Program Files\AVG Secure Search\10.0.0.7\AVG Secure Search_toolbar.dll ()
MOD - H:\WINDOWS\system32\quartz.dll ()
MOD - H:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll ()
MOD - H:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll ()
MOD - H:\Program Files\DivX\DivX Update\DivXUpdateCheck.dll ()
MOD - H:\Program Files\DivX\DivX Update\DivXUpdate.exe ()
MOD - H:\Program Files\AVG\AVG10\Identity Protection\Agent\Bin\AVGIDSMonitor.exe ()
MOD - H:\Program Files\Clarus\Samsung SecretZone\MSMgrSDK.dll ()
MOD - H:\Program Files\Clarus\Samsung SecretZone\MSSvc.exe ()
MOD - H:\Program Files\Clarus\Samsung SecretZone\MSMgrSDK.EN ()
MOD - H:\Program Files\Clarus\Samsung SecretZone\MSUtilSDK.dll ()
MOD - H:\Program Files\TVersity\Media Server\X11.dll ()
MOD - H:\Program Files\TVersity\Media Server\sqlite3.dll ()
MOD - H:\Program Files\TVersity\Media Server\taglib.dll ()
MOD - H:\Program Files\TVersity\Media Server\log4cxx.dll ()
MOD - H:\Program Files\TVersity\Media Server\avformat-51.dll ()
MOD - H:\Program Files\TVersity\Media Server\libcurl.dll ()
MOD - H:\Program Files\TVersity\Media Server\CORE_RL_lcms_.dll ()
MOD - H:\Program Files\TVersity\Media Server\avutil-49.dll ()
MOD - H:\Program Files\TVersity\Media Server\avcodec-51.dll ()
MOD - H:\Program Files\TVersity\Media Server\MediaServer.exe ()
MOD - H:\WINDOWS\system32\cpwmon2k.dll ()
MOD - H:\Program Files\Common Files\LightScribe\QtGui4.dll ()
MOD - H:\Program Files\Common Files\LightScribe\QtCore4.dll ()
MOD - H:\Program Files\TVersity\Media Server\ImageMagickCoders\IM_MOD_RL_magick_.dll ()
MOD - H:\Program Files\XpertVision\TBMANAGE.DLL ()


========== Win32 Services (SafeList) ==========

SRV - (AVGIDSAgent) -- H:\Program Files\AVG\AVG10\Identity Protection\Agent\Bin\AVGIDSAgent.exe (AVG Technologies CZ, s.r.o.)
SRV - (vToolbarUpdater) -- H:\Program Files\Common Files\AVG Secure Search\vToolbarUpdater\10.0.6\ToolbarUpdater.exe ()
SRV - (AVG Security Toolbar Service) -- H:\Program Files\AVG\AVG10\Toolbar\ToolbarBroker.exe ()
SRV - (avgwd) -- H:\Program Files\AVG\AVG10\avgwdsvc.exe (AVG Technologies CZ, s.r.o.)
SRV - (ServiceLayer) -- H:\Program Files\PC Connectivity Solution\ServiceLayer.exe (Nokia)
SRV - (MSR Service) -- H:\Program Files\Clarus\Samsung SecretZone\MSSvc.exe ()
SRV - (CCALib8) -- H:\Program Files\Canon\CAL\CALMAIN.exe (Canon Inc.)
SRV - (TeamViewer4) -- H:\Program Files\TeamViewer\Version4\TeamViewer_Service.exe (TeamViewer GmbH)
SRV - (TVersityMediaServer) -- H:\Program Files\TVersity\Media Server\MediaServer.exe ()
SRV - (MSCamSvc) -- H:\Program Files\Microsoft LifeCam\MSCamS32.exe (Microsoft Corporation)


========== Driver Services (SafeList) ==========

DRV - (WDICA) -- File not found
DRV - (PDRFRAME) -- File not found
DRV - (PDRELI) -- File not found
DRV - (PDFRAME) -- File not found
DRV - (PDCOMP) -- File not found
DRV - (PCIDump) -- File not found
DRV - (lbrtfdc) -- File not found
DRV - (i2omgmt) -- File not found
DRV - (Changer) -- File not found
DRV - (MBAMSwissArmy) -- H:\WINDOWS\system32\drivers\mbamswissarmy.sys (Malwarebytes Corporation)
DRV - (AVGIDSDriver) -- H:\WINDOWS\system32\drivers\AVGIDSDriver.sys (AVG Technologies CZ, s.r.o. )
DRV - (Avgtdix) -- H:\WINDOWS\system32\drivers\avgtdix.sys (AVG Technologies CZ, s.r.o.)
DRV - (Avgrkx86) -- H:\WINDOWS\system32\DRIVERS\avgrkx86.sys (AVG Technologies CZ, s.r.o.)
DRV - (Avgmfx86) -- H:\WINDOWS\system32\drivers\avgmfx86.sys (AVG Technologies CZ, s.r.o.)
DRV - (AVGIDSEH) -- H:\WINDOWS\system32\DRIVERS\AVGIDSEH.Sys (AVG Technologies CZ, s.r.o. )
DRV - (AVGIDSShim) -- H:\WINDOWS\system32\drivers\AVGIDSShim.sys (AVG Technologies CZ, s.r.o. )
DRV - (AVGIDSFilter) -- H:\WINDOWS\system32\drivers\AVGIDSFilter.sys (AVG Technologies CZ, s.r.o. )
DRV - (Avgldx86) -- H:\WINDOWS\system32\drivers\avgldx86.sys (AVG Technologies CZ, s.r.o.)
DRV - (ivusb) -- H:\WINDOWS\system32\drivers\ivusb.sys (Initio Corporation)
DRV - (UsbserFilt) -- H:\WINDOWS\system32\drivers\usbser_lowerfltj.sys (Nokia)
DRV - (upperdev) -- H:\WINDOWS\system32\drivers\usbser_lowerflt.sys (Nokia)
DRV - (nmwcdc) -- H:\WINDOWS\system32\drivers\ccdcmbo.sys (Nokia)
DRV - (nmwcd) -- H:\WINDOWS\system32\drivers\ccdcmb.sys (Nokia)
DRV - (mvd20) -- H:\Program Files\Clarus\Samsung SecretZone\mvd20.sys ()
DRV - (fssfltr) -- H:\WINDOWS\system32\drivers\fssfltr_tdi.sys (Microsoft Corporation)
DRV - (mdf15) -- H:\Program Files\Clarus\Samsung SecretZone\mdf15.sys ()
DRV - (pccsmcfd) -- H:\WINDOWS\system32\drivers\pccsmcfd.sys (Nokia)
DRV - (gameenum) -- H:\WINDOWS\system32\drivers\gameenum.sys (Microsoft Corporation)
DRV - (TBPanel) -- H:\WINDOWS\System32\drivers\TBPanel.sys (Windows ® 2000 DDK provider)
DRV - (VX3000) -- H:\WINDOWS\system32\drivers\VX3000.sys (Microsoft Corporation)
DRV - (SE26obex) -- H:\WINDOWS\system32\drivers\SE26obex.sys (MCCI)
DRV - (SE26mgmt) Sony Ericsson Device 038 USB WMC Device Management Drivers (WDM) -- H:\WINDOWS\system32\drivers\SE26mgmt.sys (MCCI)
DRV - (SE26mdm) -- H:\WINDOWS\system32\drivers\SE26mdm.sys (MCCI)
DRV - (SE26mdfl) -- H:\WINDOWS\system32\drivers\SE26mdfl.sys (MCCI)
DRV - (SE26bus) Sony Ericsson Device 038 Driver driver (WDM) -- H:\WINDOWS\system32\drivers\SE26bus.sys (MCCI)
DRV - (se26nd5) Sony Ericsson Device 038 USB Ethernet Emulation SEMC38 (NDIS) -- H:\WINDOWS\system32\drivers\se26nd5.sys (MCCI)
DRV - (se26unic) Sony Ericsson Device 038 USB Ethernet Emulation SEMC38 (WDM) -- H:\WINDOWS\system32\drivers\se26unic.sys (MCCI)
DRV - (RTLE8023xp) -- H:\WINDOWS\system32\drivers\Rtenicxp.sys (Realtek Semiconductor Corporation )
DRV - (w810obex) -- H:\WINDOWS\system32\drivers\w810obex.sys (MCCI)
DRV - (w810mdm) -- H:\WINDOWS\system32\drivers\w810mdm.sys (MCCI)
DRV - (w810mgmt) Sony Ericsson W810 USB WMC Device Management Drivers (WDM) -- H:\WINDOWS\system32\drivers\w810mgmt.sys (MCCI)
DRV - (w810mdfl) -- H:\WINDOWS\system32\drivers\w810mdfl.sys (MCCI)
DRV - (w810bus) Sony Ericsson W810 Driver driver (WDM) -- H:\WINDOWS\system32\drivers\w810bus.sys (MCCI)
DRV - (Jukebox3) -- H:\WINDOWS\system32\drivers\ctpdusb.sys (Creative Technology Ltd.)
DRV - (SenFiltService) -- H:\WINDOWS\system32\drivers\senfilt.sys (Sensaura)
DRV - (BCM43XX) -- H:\WINDOWS\system32\drivers\BCMWL5.SYS (Broadcom Corporation)
DRV - (HdAudAddService) -- H:\WINDOWS\system32\drivers\Hdaudio.sys (Windows ® Server 2003 DDK provider)
DRV - (MTsensor) -- H:\WINDOWS\system32\drivers\ASACPI.sys ()
DRV - (ElbyDelay) -- H:\WINDOWS\system32\drivers\ElbyDelay.sys (Elaborate Bytes AG)
DRV - (PfModNT) -- H:\WINDOWS\system32\drivers\PfModNT.sys (Creative Technology Ltd.)
DRV - (ASNDIS5) -- H:\WINDOWS\system32\ASNDIS5.sys (Printing Communications Assoc., Inc. (PCAUSA))
DRV - (ms_mpu401) -- H:\WINDOWS\system32\drivers\msmpu401.sys (Microsoft Corporation)


========== Standard Registry (All) ==========


========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft....k/?LinkId=69157
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft....k/?LinkId=54896
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = [binary data]
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Extensions Off Page = about:NoAdd-ons
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft....k/?LinkId=54896
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Security Risk Page = about:SecurityRisk
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft....k/?LinkId=69157
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,CustomizeSearch = http://ie.search.msn...st/srchcust.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://ie.search.msn...st/srchasst.htm
IE - HKLM\..\SearchScopes,DefaultScope = {6A1806CD-94D4-4689-BA73-E35EA1EA9990}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://search.live.c...ferrer:source?}
IE - HKLM\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.co...g}&sourceid=ie7
IE - HKLM\..\SearchScopes\{CCC7A320-B3CA-4199-B1A6-9F516DD69829}: "URL" = http://us.yhs.search...p={searchTerms}

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.sky.com
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = H:\WINDOWS\system32\blank.htm
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft...=ie&ar=iesearch
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.newsnow.c...pur/All Sources
IE - HKCU\..\URLSearchHook: {CFBFAE00-17A6-11D0-99CB-00C04FD64497} - H:\WINDOWS\system32\ieframe.dll (Microsoft Corporation)
IE - HKCU\..\SearchScopes,DefaultScope = {6A1806CD-94D4-4689-BA73-E35EA1EA9990}
IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://search.live.c...ferrer:source?}
IE - HKCU\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.co...1I7GZAZ_enGB259
IE - HKCU\..\SearchScopes\{95B7759C-8C7F-4BF1-B163-73684A933233}: "URL" = http://isearch.avg.c...fr&d=2011-12-16 09:13:45&v=9.0.0.18&sap=dsp&q={searchTerms}
IE - HKCU\..\SearchScopes\{CCC7A320-B3CA-4199-B1A6-9F516DD69829}: "URL" = http://uk.yhs.search...p={searchTerms}
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = <local>;*.local

FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: H:\Program Files\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@canon.com/MycameraPlugin: H:\Program Files\Canon\ZoomBrowser EX\Program\NPCIG.dll (CANON INC.)
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Browser Plugin,version=1.0.0: H:\Program Files\DivX\DivX Plus Web Player\npdivx32.dll (DivX,Inc.)
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX VOD Helper,version=1.0.0: H:\Program Files\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: H:\Program Files\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF - HKLM\Software\MozillaPlugins\@google.com/npPicasa2,version=2.0.0: H:\Program Files\Picasa2\npPicasa2.dll (Google, Inc.)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: H:\Program Files\Microsoft Silverlight\4.1.10111.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeLive,version=1.3: H:\Program Files\Microsoft\Office Live\npOLW.dll (Microsoft Corp.)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=14.0.8117.0416: H:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: H:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@pack.google.com/Google Updater;version=13: H:\Program Files\Google\Google Updater\2.4.1368.5602\npCIDetect13.dll (Google)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: H:\Program Files\Google\Update\1.3.21.99\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: H:\Program Files\Google\Update\1.3.21.99\npGoogleUpdate3.dll (Google Inc.)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\extensions\\[email protected]: H:\Program Files\Java\jre6\lib\deploy\jqs\ff [2008/12/07 16:00:47 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\extensions\\{20a82645-c095-46ed-80e3-08825760534b}: h:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\ [2009/08/10 21:57:57 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\extensions\\{B73DC3E6-5AA7-4F69-A6DA-F8F00F7AEE36}: H:\Documents and Settings\Andy & Joanna\Local Settings\Application Data\{B73DC3E6-5AA7-4F69-A6DA-F8F00F7AEE36} [2010/07/19 17:38:07 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\extensions\\{1E73965B-8B48-48be-9C8D-68B920ABC1C4}: H:\Program Files\AVG\AVG10\Firefox4\ [2012/02/02 22:30:48 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\extensions\\avg@toolbar: H:\Documents and Settings\All Users\Application Data\AVG Secure Search\10.0.0.7\ [2012/01/16 21:04:21 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Firefox\Extensions\\{8A9386B4-E958-4c4c-ADF4-8F26DB3E4829}: H:\Program Files\PriceGong\2.1.0\FF [2010/05/11 21:13:13 | 000,000,000 | ---D | M]


========== Chrome ==========

CHR - plugin: Shockwave Flash (Enabled) = H:\Program Files\Google\Chrome\Application\13.0.782.215\gcswf32.dll
CHR - plugin: QuickTime Plug-in 7.6.9 (Enabled) = H:\Program Files\QuickTime\plugins\npqtplugin.dll
CHR - plugin: QuickTime Plug-in 7.6.9 (Enabled) = H:\Program Files\QuickTime\plugins\npqtplugin2.dll
CHR - plugin: QuickTime Plug-in 7.6.9 (Enabled) = H:\Program Files\QuickTime\plugins\npqtplugin3.dll
CHR - plugin: QuickTime Plug-in 7.6.9 (Enabled) = H:\Program Files\QuickTime\plugins\npqtplugin4.dll
CHR - plugin: QuickTime Plug-in 7.6.9 (Enabled) = H:\Program Files\QuickTime\plugins\npqtplugin5.dll
CHR - plugin: QuickTime Plug-in 7.6.9 (Enabled) = H:\Program Files\QuickTime\plugins\npqtplugin6.dll
CHR - plugin: QuickTime Plug-in 7.6.9 (Enabled) = H:\Program Files\QuickTime\plugins\npqtplugin7.dll
CHR - plugin: Java™ Platform SE 6 U15 (Enabled) = H:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll
CHR - plugin: Adobe Acrobat (Disabled) = H:\Program Files\Adobe\Reader 8.0\Reader\Browser\nppdf32.dll
CHR - plugin: Silverlight Plug-In (Enabled) = H:\Program Files\Microsoft Silverlight\4.0.60531.0\npctrl.dll
CHR - plugin: DivX Web Player (Enabled) = H:\Program Files\DivX\DivX Plus Web Player\npdivx32.dll
CHR - plugin: Windows Media Player Plug-in Dynamic Link Library (Enabled) = H:\Program Files\Windows Media Player\npdsplay.dll
CHR - plugin: Microsoft Office Live Plug-in for Firefox (Enabled) = H:\Program Files\Microsoft\Office Live\npOLW.dll
CHR - plugin: Chrome NaCl (Disabled) = H:\Program Files\Google\Chrome\Application\13.0.782.215\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = H:\Program Files\Google\Chrome\Application\13.0.782.215\pdf.dll
CHR - plugin: AVG Internet Security (Enabled) = H:\Documents and Settings\Andy & Joanna\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\jmfkcklnlgedgbglfkkgedjfmejoahla\10.0.0.1390_0\plugins/avgnpss.dll
CHR - plugin: Microsoft\u00AE DRM (Enabled) = H:\Program Files\Windows Media Player\npdrmv2.dll
CHR - plugin: Microsoft\u00AE DRM (Enabled) = H:\Program Files\Windows Media Player\npwmsdrm.dll
CHR - plugin: NPCIG.dll (Enabled) = H:\Program Files\Canon\ZoomBrowser EX\Program\NPCIG.dll
CHR - plugin: DivX VOD Helper Plug-in (Enabled) = H:\Program Files\DivX\DivX OVS Helper\npovshelper.dll
CHR - plugin: Google Earth Plugin (Enabled) = H:\Program Files\Google\Google Earth\plugin\npgeplugin.dll
CHR - plugin: Google Updater (Enabled) = H:\Program Files\Google\Google Updater\2.4.1368.5602\npCIDetect13.dll
CHR - plugin: Google Update (Enabled) = H:\Program Files\Google\Update\1.3.21.67\npGoogleUpdate3.dll
CHR - plugin: Picasa (Enabled) = H:\Program Files\Picasa2\npPicasa2.dll
CHR - plugin: Windows Live\u00AE Photo Gallery (Enabled) = H:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll
CHR - plugin: iTunes Application Detector (Enabled) = H:\Program Files\iTunes\Mozilla Plugins\npitunes.dll
CHR - plugin: Windows Presentation Foundation (Enabled) = h:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll
CHR - plugin: Default Plug-in (Enabled) = default_plugin
CHR - Extension: AVG Safe Search = H:\Documents and Settings\Andy & Joanna\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\jmfkcklnlgedgbglfkkgedjfmejoahla\10.0.0.1390_0\

O1 HOSTS File: ([2010/07/20 21:00:35 | 000,000,734 | ---- | M]) - H:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (HP Print Enhancer) - {0347C33E-8762-4905-BF09-768834316C61} - H:\Program Files\HP\Smart Web Printing\hpswp_printenhancer.dll (Hewlett-Packard Co.)
O2 - BHO: (HP Print Clips) - {053F9267-DC04-4294-A72C-58F732D338C0} - H:\Program Files\HP\Smart Web Printing\hpswp_framework.dll (Hewlett-Packard Co.)
O2 - BHO: (Adobe PDF Reader Link Helper) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - H:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
O2 - BHO: (ALOT Toolbar Helper) - {14CEEAFF-96DD-4101-AE37-D5ECDC23C3F6} - H:\Program Files\alot\bin\alot.dll (Vertro)
O2 - BHO: (Spybot-S&D IE Protection) - {53707962-6F74-2D53-2644-206D7942484F} - H:\Program Files\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - No CLSID value found.
O2 - BHO: (no name) - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - No CLSID value found.
O2 - BHO: (Groove GFS Browser Helper) - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - H:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll (Microsoft Corporation)
O2 - BHO: (SSVHelper Class) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - H:\Program Files\Java\jre6\bin\ssv.dll (Sun Microsystems, Inc.)
O2 - BHO: (Windows Live Sign-in Helper) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - H:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)
O2 - BHO: (AVG Security Toolbar) - {95B7759C-8C7F-4BF1-B163-73684A933233} - H:\Program Files\AVG Secure Search\10.0.0.7\AVG Secure Search_toolbar.dll ()
O2 - BHO: (Google Toolbar Helper) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - H:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
O2 - BHO: (Skype Browser Helper) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - H:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O2 - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - H:\Program Files\Google\GoogleToolbarNotifier\5.7.7227.1100\swg.dll (Google Inc.)
O2 - BHO: (Ask Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - H:\Program Files\Ask.com\GenericAskToolbar.dll (Ask.com)
O2 - BHO: (Java™ Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - H:\Program Files\Java\jre6\bin\jp2ssv.dll (Sun Microsystems, Inc.)
O2 - BHO: (Windows Live Toolbar Helper) - {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} - H:\Program Files\Windows Live\Toolbar\wltcore.dll (Microsoft Corporation)
O2 - BHO: (JQSIEStartDetectorImpl Class) - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - H:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll (Sun Microsystems, Inc.)
O3 - HKLM\..\Toolbar: (&Windows Live Toolbar) - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - H:\Program Files\Windows Live\Toolbar\wltcore.dll (Microsoft Corporation)
O3 - HKLM\..\Toolbar: (Google Toolbar) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - H:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
O3 - HKLM\..\Toolbar: (ALOT Toolbar) - {5AA2BA46-9913-4dc7-9620-69AB0FA17AE7} - H:\Program Files\alot\bin\alot.dll (Vertro)
O3 - HKLM\..\Toolbar: (AVG Security Toolbar) - {95B7759C-8C7F-4BF1-B163-73684A933233} - H:\Program Files\AVG Secure Search\10.0.0.7\AVG Secure Search_toolbar.dll ()
O3 - HKLM\..\Toolbar: (no name) - {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - No CLSID value found.
O3 - HKLM\..\Toolbar: (Ask Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - H:\Program Files\Ask.com\GenericAskToolbar.dll (Ask.com)
O3 - HKCU\..\Toolbar\ShellBrowser: (&Address) - {01E04581-4EEE-11D0-BFE9-00AA005B4383} - H:\WINDOWS\system32\browseui.dll (Microsoft Corporation)
O3 - HKCU\..\Toolbar\WebBrowser: (&Address) - {01E04581-4EEE-11D0-BFE9-00AA005B4383} - H:\WINDOWS\system32\browseui.dll (Microsoft Corporation)
O3 - HKCU\..\Toolbar\WebBrowser: (&Links) - {0E5CBF21-D15F-11D0-8301-00AA005B4383} - H:\WINDOWS\system32\shell32.dll (Microsoft Corporation)
O3 - HKCU\..\Toolbar\WebBrowser: (&Windows Live Toolbar) - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - H:\Program Files\Windows Live\Toolbar\wltcore.dll (Microsoft Corporation)
O3 - HKCU\..\Toolbar\WebBrowser: (Google Toolbar) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - H:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
O3 - HKCU\..\Toolbar\WebBrowser: (Ask Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - H:\Program Files\Ask.com\GenericAskToolbar.dll (Ask.com)
O4 - HKLM..\Run: [Adobe ARM] H:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [Adobe Reader Speed Launcher] H:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [AppleSyncNotifier] H:\Program Files\Common Files\Apple\Mobile Device Support\AppleSyncNotifier.exe (Apple Inc.)
O4 - HKLM..\Run: [APSDaemon] H:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.)
O4 - HKLM..\Run: [AVG_TRAY] H:\Program Files\AVG\AVG10\avgtray.exe (AVG Technologies CZ, s.r.o.)
O4 - HKLM..\Run: [DivXUpdate] H:\Program Files\DivX\DivX Update\DivXUpdate.exe ()
O4 - HKLM..\Run: [EPSON Stylus Photo R300 Series] H:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_S4I0F2.EXE (SEIKO EPSON CORPORATION)
O4 - HKLM..\Run: [Gainward] H:\Program Files\XpertVision\TBPanel.exe (Xpertvision, Inc.)
O4 - HKLM..\Run: [Google Desktop Search] H:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe (Google)
O4 - HKLM..\Run: [GrooveMonitor] H:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe (Microsoft Corporation)
O4 - HKLM..\Run: [High Definition Audio Property Page Shortcut] H:\WINDOWS\System32\HdAShCut.exe (Windows ® Server 2003 DDK provider)
O4 - HKLM..\Run: [HP Software Update] H:\Program Files\HP\HP Software Update\hpwuSchd2.exe (Hewlett-Packard Co.)
O4 - HKLM..\Run: [iTunesHelper] H:\Program Files\iTunes\iTunesHelper.exe (Apple Inc.)
O4 - HKLM..\Run: [LanguageShortcut] H:\Program Files\CyberLink\PowerDVD\Language\Language.exe ()
O4 - HKLM..\Run: [LifeCam] H:\Program Files\Microsoft LifeCam\LifeExp.exe (Microsoft Corporation)
O4 - HKLM..\Run: [NeroFilterCheck] H:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe (Nero AG)
O4 - HKLM..\Run: [NvCplDaemon] H:\WINDOWS\System32\NvCpl.dll (NVIDIA Corporation)
O4 - HKLM..\Run: [NvMediaCenter] H:\WINDOWS\System32\NvMcTray.dll (NVIDIA Corporation)
O4 - HKLM..\Run: [nwiz] H:\WINDOWS\System32\nwiz.exe ()
O4 - HKLM..\Run: [RemoteControl] H:\Program Files\CyberLink\PowerDVD\PDVDServ.exe (Cyberlink Corp.)
O4 - HKLM..\Run: [ROC_roc_dec12] H:\Program Files\AVG Secure Search\ROC_roc_dec12.exe ()
O4 - HKLM..\Run: [SoundMAX] H:\Program Files\Analog Devices\SoundMAX\Smax4.exe (Analog Devices, Inc.)
O4 - HKLM..\Run: [SoundMAXPnP] H:\Program Files\Analog Devices\Core\smax4pnp.exe (Analog Devices, Inc.)
O4 - HKLM..\Run: [vProt] H:\Program Files\AVG Secure Search\vprot.exe ()
O4 - HKLM..\Run: [VX3000] H:\WINDOWS\vVX3000.exe (Microsoft Corporation)
O4 - HKCU..\Run: [Creative Detector] H:\Program Files\Creative\MediaSource\Detector\CTDetect.exe (Creative Technology Ltd)
O4 - HKCU..\Run: [ctfmon.exe] H:\WINDOWS\system32\ctfmon.exe (Microsoft Corporation)
O4 - HKCU..\Run: [H/PC Connection Agent] H:\Program Files\Microsoft ActiveSync\wcescomm.exe (Microsoft Corporation)
O4 - HKCU..\Run: [HorAtbfq] H:\Documents and Settings\Andy & Joanna\Local Settings\Application Data\yiangwkb\horatbfq.exe File not found
O4 - HKCU..\Run: [LightScribe Control Panel] H:\Program Files\Common Files\LightScribe\LightScribeControlPanel.exe (Hewlett-Packard Company)
O4 - HKCU..\Run: [SpybotSD TeaTimer] H:\Program Files\Spybot - Search & Destroy\TeaTimer.exe (Safer-Networking Ltd.)
O4 - HKCU..\Run: [swg] H:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe (Google Inc.)
O4 - Startup: H:\Documents and Settings\All Users\Start Menu\Programs\Startup\Audible Download Manager.lnk = H:\Program Files\Audible\Bin\AudibleDownloadHelper.exe (Audible, Inc.)
O4 - Startup: H:\Documents and Settings\All Users\Start Menu\Programs\Startup\HP Digital Imaging Monitor.lnk = H:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe (Hewlett-Packard Co.)
O4 - Startup: H:\Documents and Settings\Andy & Joanna\Start Menu\Programs\Startup\Dropbox.lnk = H:\Documents and Settings\Andy & Joanna\Application Data\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
O4 - Startup: H:\Documents and Settings\Andy & Joanna\Start Menu\Programs\Startup\OneNote 2007 Screen Clipper and Launcher.lnk = H:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE (Microsoft Corporation)
O4 - Startup: H:\Documents and Settings\Andy & Joanna\Start Menu\Programs\Startup\Samsung Auto Backup Guage.lnk = H:\Program Files\Clarus\Samsung Auto Backup\ISFGuage.exe (Clarus, Inc.)
O4 - Startup: H:\Documents and Settings\Andy & Joanna\Start Menu\Programs\Startup\Samsung Auto Backup Real-Time Daemon.lnk = H:\Program Files\Clarus\Samsung Auto Backup\ISFRealTimeD.exe (Clarus, Inc.)
O4 - Startup: H:\Documents and Settings\Andy & Joanna\Start Menu\Programs\Startup\Samsung Auto Backup Scheduler.lnk = H:\Program Files\Clarus\Samsung Auto Backup\ISFTimerD.exe (Clarus, Inc.)
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Low Rights present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoCDBurning = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: dontdisplaylastusername = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticecaption =
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticetext =
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: shutdownwithoutlogon = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: undockwithoutlogon = 1
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O8 - Extra context menu item: E&xport to Microsoft Excel - H:\Program Files\Microsoft Office\Office12\EXCEL.EXE (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - H:\Program Files\Java\jre6\bin\npjpi160_15.dll (Sun Microsystems, Inc.)
O9 - Extra Button: Sky - {08E730A4-FB02-45BD-A900-01E4AD8016F6} - http://www.sky.com File not found
O9 - Extra Button: Blog This - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - H:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : &Blog This in Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - H:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll (Microsoft Corporation)
O9 - Extra Button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - H:\Program Files\Microsoft Office\Office12\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - H:\Program Files\Microsoft Office\Office12\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra Button: Create Mobile Favorite - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - H:\Program Files\Microsoft ActiveSync\INetRepl.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : Create Mobile Favorite... - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - H:\Program Files\Microsoft ActiveSync\INetRepl.dll (Microsoft Corporation)
O9 - Extra Button: HP Clipbook - {58ECB495-38F0-49cb-A538-10282ABF65E7} - H:\Program Files\HP\Smart Web Printing\hpswp_extensions.dll (Hewlett-Packard Co.)
O9 - Extra Button: HP Smart Select - {700259D7-1666-479a-93B1-3250410481E8} - H:\Program Files\HP\Smart Web Printing\hpswp_extensions.dll (Hewlett-Packard Co.)
O9 - Extra Button: Skype Plug-In - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - H:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra 'Tools' menuitem : Skype Plug-In - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - H:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - H:\Program Files\Microsoft Office\Office12\REFIEBAR.DLL (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : Spybot - Search && Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - H:\Program Files\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
O9 - Extra 'Tools' menuitem : @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - H:\WINDOWS\network diagnostic\xpnetdiag.exe (Microsoft Corporation)
O9 - Extra Button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - H:\Program Files\Messenger\msmsgs.exe (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - H:\Program Files\Messenger\msmsgs.exe (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000001 [] - H:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000002 [] - H:\WINDOWS\system32\winrnr.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000003 [] - H:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - H:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O10 - Protocol_Catalog9\Catalog_Entries\000000000001 - H:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000002 - H:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000003 - H:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000004 - H:\WINDOWS\system32\rsvpsp.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000005 - H:\WINDOWS\system32\rsvpsp.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000006 - H:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000007 - H:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000008 - H:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000009 - H:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000010 - H:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000011 - H:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000012 - H:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000013 - H:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000014 - H:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000015 - H:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000016 - H:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000017 - H:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000018 - H:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000019 - H:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O15 - HKCU\..Trusted Domains: nhs.uk ([www.togethertwecan] https in Trusted sites)
O16 - DPF: {0CCA191D-13A6-4E29-B746-314DEE697D83} http://upload.facebo...toUploader5.cab (Facebook Photo Uploader 5 Control)
O16 - DPF: {166B1BCA-3F9C-11CF-8075-444553540000} http://fpdownload.ma...director/sw.cab (Shockwave ActiveX Control)
O16 - DPF: {233C1507-6A77-46A4-9443-F871F945D258} http://fpdownload.ma...director/sw.cab (Shockwave ActiveX Control)
O16 - DPF: {4871A87A-BFDD-4106-8153-FFDE2BAC2967} http://dlm.tools.aka...vex-2.2.5.0.cab (DLM Control)
O16 - DPF: {4E62C4DE-627D-4604-B157-4B7D6B09F02E} https://moneymanager...unttracking.cab (Egg Money Manager Digital Safe)
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} http://www.update.mi...b?1199526417500 (WUWebControl Class)
O16 - DPF: {67DABFBF-D0AB-41FA-9C46-CC0F21721616} http://download.divx...owserPlugin.cab (DivXBrowserPlugin Object)
O16 - DPF: {7ECB1A47-6647-4B2C-A8DA-675569C9FF15} http://services.soft...geUploader7.cab (Image Uploader Control)
O16 - DPF: {8100D56A-5661-482C-BEE8-AFECE305D968} http://upload.facebo...oUploader55.cab (Facebook Photo Uploader 5 Control)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_15)
O16 - DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} http://fpdownload.ma...t/ultrashim.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0016-0000-0014-ABCDEFFEDCBA} Reg Error: Value error. (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0016-0000-0015-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_15)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_15)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://download.macr...ash/swflash.cab (Shockwave Flash Object)
O16 - DPF: {D6E7CFB5-C074-4D1C-B647-663D1A8D96BF} http://upload.facebo...Uploader4_5.cab (Facebook Photo Uploader 4)
O16 - DPF: {FF1CD9A3-00CD-45C1-8182-4EEC229A182D} https://www.plaxo.co...upldr-2k-xp.cab (Plaxo Auto-Import Utility)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 90.207.238.97 90.207.238.99
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{6EFCB436-CE30-4096-96DC-190682815772}: DhcpNameServer = 90.207.238.97 90.207.238.99
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{DF4B3AC5-15D4-4328-9E55-47F62CFD92A1}: NameServer = 192.168.0.1
O18 - Protocol\Handler\about {3050F406-98B5-11CF-BB82-00AA00BDCE0B} - H:\WINDOWS\system32\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\cdl {3dd53d40-7b8b-11D0-b013-00aa0059ce02} - H:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\dvd {12D51199-0DB5-46FE-A120-47A3D7D937CC} - H:\WINDOWS\system32\msvidctl.dll (Microsoft Corporation)
O18 - Protocol\Handler\file {79eac9e7-baf9-11ce-8c82-00aa004ba90b} - H:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\ftp {79eac9e3-baf9-11ce-8c82-00aa004ba90b} - H:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\gopher {79eac9e4-baf9-11ce-8c82-00aa004ba90b} - H:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\grooveLocalGWS {88FED34C-F0CA-4636-A375-3CB6248B04CD} - H:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll (Microsoft Corporation)
O18 - Protocol\Handler\http {79eac9e2-baf9-11ce-8c82-00aa004ba90b} - H:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\http\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - H:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\http\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - H:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\https {79eac9e5-baf9-11ce-8c82-00aa004ba90b} - H:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\https\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - H:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\https\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - H:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\ipp - No CLSID value found
O18 - Protocol\Handler\ipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - H:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\its {9D148291-B9C8-11D0-A4CC-0000F80149F6} - H:\WINDOWS\system32\itss.dll (Microsoft Corporation)
O18 - Protocol\Handler\javascript {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} - H:\WINDOWS\system32\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\linkscanner {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - H:\Program Files\AVG\AVG10\avgpp.dll (AVG Technologies CZ, s.r.o.)
O18 - Protocol\Handler\livecall {828030A1-22C1-4009-854F-8E305202313F} - H:\Program Files\Windows Live\Messenger\msgrapp.14.0.8117.0416.dll (Microsoft Corporation)
O18 - Protocol\Handler\local {79eac9e7-baf9-11ce-8c82-00aa004ba90b} - H:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\mailto {3050f3DA-98B5-11CF-BB82-00AA00BDCE0B} - H:\WINDOWS\system32\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\mhtml {05300401-BCBC-11d0-85E3-00C04FD85AB4} - H:\WINDOWS\system32\inetcomm.dll (Microsoft Corporation)
O18 - Protocol\Handler\mk {79eac9e6-baf9-11ce-8c82-00aa004ba90b} - H:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp - No CLSID value found
O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - H:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - H:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - H:\Program Files\Common Files\Microsoft Shared\Help\hxds.dll (Microsoft Corporation)
O18 - Protocol\Handler\ms-its {9D148291-B9C8-11D0-A4CC-0000F80149F6} - H:\WINDOWS\system32\itss.dll (Microsoft Corporation)
O18 - Protocol\Handler\msnim {828030A1-22C1-4009-854F-8E305202313F} - H:\Program Files\Windows Live\Messenger\msgrapp.14.0.8117.0416.dll (Microsoft Corporation)
O18 - Protocol\Handler\res {3050F3BC-98B5-11CF-BB82-00AA00BDCE0B} - H:\WINDOWS\system32\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - H:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O18 - Protocol\Handler\sysimage {76E67A63-06E9-11D2-A840-006008059382} - H:\WINDOWS\system32\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\tv {CBD30858-AF45-11D2-B6D6-00C04FBBDE6E} - H:\WINDOWS\system32\msvidctl.dll (Microsoft Corporation)
O18 - Protocol\Handler\vbscript {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} - H:\WINDOWS\system32\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\viprotocol {B658800C-F66E-4EF3-AB85-6C0C227862A9} - H:\Program Files\Common Files\AVG Secure Search\ViProtocolInstaller\10.0.6\ViProtocol.dll ()
O18 - Protocol\Handler\wia {13F3EA8B-91D7-4F0A-AD76-D2853AC8BECE} - H:\WINDOWS\system32\wiascr.dll (Microsoft Corporation)
O18 - Protocol\Handler\wlmailhtml {03C514A3-1EFB-4856-9F99-10D7BE1653C0} - H:\Program Files\Windows Live\Mail\mailcomm.dll (Microsoft Corporation)
O18 - Protocol\Filter\application/octet-stream {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - H:\WINDOWS\System32\mscoree.dll (Microsoft Corporation)
O18 - Protocol\Filter\application/x-complus {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - H:\WINDOWS\System32\mscoree.dll (Microsoft Corporation)
O18 - Protocol\Filter\application/x-msdownload {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - H:\WINDOWS\System32\mscoree.dll (Microsoft Corporation)
O18 - Protocol\Filter\Class Install Handler {32B533BB-EDAE-11d0-BD5A-00AA00B92AF1} - H:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Filter\deflate {8f6b0360-b80d-11d0-a9b3-006097942311} - H:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Filter\gzip {8f6b0360-b80d-11d0-a9b3-006097942311} - H:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Filter\lzdhtml {8f6b0360-b80d-11d0-a9b3-006097942311} - H:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Filter\text/webviewhtml {733AC4CB-F1A4-11d0-B951-00A0C90312E1} - H:\WINDOWS\system32\shell32.dll (Microsoft Corporation)
O18 - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - H:\Program Files\Common Files\Microsoft Shared\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)
O20 - AppInit_DLLs: (H:\PROGRA~1\Google\GOOGLE~4\GOEC62~1.DLL) - H:\Program Files\Google\Google Desktop Search\GoogleDesktopNetwork3.dll (Google)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - H:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (H:\WINDOWS\system32\userinit.exe) - H:\WINDOWS\system32\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (H:\Documents and Settings\Andy & Joanna\Local Settings\Application Data\yiangwkb\horatbfq.exe) - H:\Documents and Settings\Andy & Joanna\Local Settings\Application Data\yiangwkb\horatbfq.exe File not found
O20 - HKLM Winlogon: UIHost - (logonui.exe) - H:\WINDOWS\System32\logonui.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (rundll32 shell32) - H:\WINDOWS\System32\shell32.dll (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (Control_RunDLL "sysdm.cpl") - H:\WINDOWS\System32\sysdm.cpl (Microsoft Corporation)
O20 - Winlogon\Notify\crypt32chain: DllName - (crypt32.dll) - H:\WINDOWS\System32\crypt32.dll (Microsoft Corporation)
O20 - Winlogon\Notify\cryptnet: DllName - (cryptnet.dll) - H:\WINDOWS\System32\cryptnet.dll (Microsoft Corporation)
O20 - Winlogon\Notify\cscdll: DllName - (cscdll.dll) - H:\WINDOWS\System32\cscdll.dll (Microsoft Corporation)
O20 - Winlogon\Notify\dimsntfy: DllName - (%SystemRoot%\System32\dimsntfy.dll) - H:\WINDOWS\system32\dimsntfy.dll (Microsoft Corporation)
O20 - Winlogon\Notify\ScCertProp: DllName - (wlnotify.dll) - H:\WINDOWS\System32\wlnotify.dll (Microsoft Corporation)
O20 - Winlogon\Notify\Schedule: DllName - (wlnotify.dll) - H:\WINDOWS\System32\wlnotify.dll (Microsoft Corporation)
O20 - Winlogon\Notify\sclgntfy: DllName - (sclgntfy.dll) - H:\WINDOWS\System32\sclgntfy.dll (Microsoft Corporation)
O20 - Winlogon\Notify\SensLogn: DllName - (WlNotify.dll) - H:\WINDOWS\System32\wlnotify.dll (Microsoft Corporation)
O20 - Winlogon\Notify\termsrv: DllName - (wlnotify.dll) - H:\WINDOWS\System32\wlnotify.dll (Microsoft Corporation)
O20 - Winlogon\Notify\WgaLogon: DllName - (WgaLogon.dll) - H:\WINDOWS\System32\WgaLogon.dll (Microsoft Corporation)
O20 - Winlogon\Notify\wlballoon: DllName - (wlnotify.dll) - H:\WINDOWS\System32\wlnotify.dll (Microsoft Corporation)
O21 - SSODL: CDBurn - {fbeb8a05-beee-4442-804e-409d6c4515e9} - H:\WINDOWS\system32\shell32.dll (Microsoft Corporation)
O21 - SSODL: PostBootReminder - {7849596a-48ea-486e-8937-a2a3009f31a9} - H:\WINDOWS\system32\shell32.dll (Microsoft Corporation)
O21 - SSODL: SysTray - {35CEC8A3-2BE6-11D2-8773-92E220524153} - H:\WINDOWS\system32\stobject.dll (Microsoft Corporation)
O21 - SSODL: UPnPMonitor - {e57ce738-33e8-4c51-8354-bb4de9d215d1} - H:\WINDOWS\system32\upnpui.dll (Microsoft Corporation)
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - H:\WINDOWS\system32\webcheck.dll (Microsoft Corporation)
O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - H:\WINDOWS\system32\WPDShServiceObj.dll (Microsoft Corporation)
O22 - SharedTaskScheduler: {438755C2-A8BA-11D1-B96B-00A0C90312E1} - Browseui preloader - H:\WINDOWS\system32\browseui.dll (Microsoft Corporation)
O22 - SharedTaskScheduler: {8C7461EF-2B13-11d2-BE35-3078302C2030} - Component Categories cache daemon - H:\WINDOWS\system32\browseui.dll (Microsoft Corporation)
O24 - Desktop Components:0 (My Current Home Page) - About:Home
O24 - Desktop WallPaper: H:\Documents and Settings\Andy & Joanna\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O24 - Desktop BackupWallPaper: H:\Documents and Settings\Andy & Joanna\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O28 - HKLM ShellExecuteHooks: {AEB6717E-7E19-11d0-97EE-00C04FD91972} - H:\WINDOWS\System32\shell32.dll (Microsoft Corporation)
O28 - HKLM ShellExecuteHooks: {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - H:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll (Microsoft Corporation)
O29 - HKLM SecurityProviders - (msapsspc.dll) - H:\WINDOWS\System32\msapsspc.dll (Microsoft Corporation)
O29 - HKLM SecurityProviders - (schannel.dll) - H:\WINDOWS\System32\schannel.dll (Microsoft Corporation)
O29 - HKLM SecurityProviders - (digest.dll) - H:\WINDOWS\System32\digest.dll (Microsoft Corporation)
O29 - HKLM SecurityProviders - (msnsspc.dll) - H:\WINDOWS\System32\msnsspc.dll (Microsoft Corporation)
O30 - LSA: Authentication Packages - (msv1_0) - H:\WINDOWS\System32\msv1_0.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (kerberos) - H:\WINDOWS\System32\kerberos.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (msv1_0) - H:\WINDOWS\System32\msv1_0.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (schannel) - H:\WINDOWS\System32\schannel.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (wdigest) - H:\WINDOWS\System32\wdigest.dll (Microsoft Corporation)
O32 - HKLM CDRom: AutoRun - 1
O33 - MountPoints2\{0fcca0c9-1439-11e0-9900-001d6030268b}\Shell - "" = AutoRun
O33 - MountPoints2\{0fcca0c9-1439-11e0-9900-001d6030268b}\Shell\AutoRun - "" = Auto&Play
O33 - MountPoints2\{0fcca0c9-1439-11e0-9900-001d6030268b}\Shell\AutoRun\command - "" = J:\DPFMate.exe
O33 - MountPoints2\{433a36a8-9f5b-11e0-9986-001d6030268b}\Shell - "" = AutoRun
O33 - MountPoints2\{433a36a8-9f5b-11e0-9986-001d6030268b}\Shell\AutoRun - "" = Auto&Play
O33 - MountPoints2\{433a36a8-9f5b-11e0-9986-001d6030268b}\Shell\AutoRun\command - "" = K:\laucher.exe
O33 - MountPoints2\{a30bc684-7709-11de-8693-001d6030268b}\Shell - "" = AutoRun
O33 - MountPoints2\{a30bc684-7709-11de-8693-001d6030268b}\Shell\AutoRun - "" = Auto&Play
O33 - MountPoints2\{a30bc684-7709-11de-8693-001d6030268b}\Shell\AutoRun\command - "" = L:\SafeStick.exe
O33 - MountPoints2\{dc787f38-8a52-11de-86b1-001d6030268b}\Shell - "" = AutoRun
O33 - MountPoints2\{dc787f38-8a52-11de-86b1-001d6030268b}\Shell\AutoRun - "" = Auto&Play
O33 - MountPoints2\{dc787f38-8a52-11de-86b1-001d6030268b}\Shell\AutoRun\command - "" = J:\SafeStick.exe
O33 - MountPoints2\{e2a00edf-bb7d-11dc-9b70-001d6030268b}\Shell\AutoRun\command - "" = C:\setupSNK.exe
O33 - MountPoints2\{e2a00ee0-bb7d-11dc-9b70-001d6030268b}\Shell\AutoRun\command - "" = J:\Blackwell.exe
O34 - HKLM BootExecute: (autocheck autochk *)
O34 - HKLM BootExecute: (H:\PROGRA~1\AVG\AVG10\avgchsvx.exe /sync)
O34 - HKLM BootExecute: (H:\PROGRA~1\AVG\AVG10\avgrsx.exe /sync /restart)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

========== Files/Folders - Created Within 30 Days ==========

[2012/03/08 22:01:25 | 000,000,000 | ---D | C] -- H:\Documents and Settings\Andy & Joanna\Start Menu\Programs\CyberLink PowerDVD
[2012/03/07 23:31:27 | 000,000,000 | ---D | C] -- H:\Program Files\Common Files\Wise Installation Wizard
[2012/03/07 19:49:16 | 000,000,000 | ---D | C] -- H:\Documents and Settings\Andy & Joanna\Local Settings\Application Data\yiangwkb
[5 H:\WINDOWS\*.tmp files -> H:\WINDOWS\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2012/03/08 22:26:50 | 000,000,558 | ---- | M] () -- H:\WINDOWS\DFC.INI
[2012/03/08 22:20:43 | 000,040,776 | ---- | M] (Malwarebytes Corporation) -- H:\WINDOWS\System32\drivers\mbamswissarmy.sys
[2012/03/08 22:06:39 | 000,000,886 | ---- | M] () -- H:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
[2012/03/08 22:06:36 | 000,001,813 | ---- | M] () -- H:\Documents and Settings\All Users\Desktop\Google Chrome.lnk
[2012/03/08 22:05:40 | 000,445,144 | ---- | M] () -- H:\WINDOWS\System32\perfh009.dat
[2012/03/08 22:05:40 | 000,072,910 | ---- | M] () -- H:\WINDOWS\System32\perfc009.dat
[2012/03/08 22:02:08 | 000,013,646 | ---- | M] () -- H:\WINDOWS\System32\wpa.dbl
[2012/03/08 22:01:07 | 000,000,250 | ---- | M] () -- H:\WINDOWS\tasks\Scheduled Update for Ask Toolbar.job
[2012/03/08 22:00:26 | 000,000,882 | ---- | M] () -- H:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
[2012/03/08 22:00:08 | 000,002,048 | --S- | M] () -- H:\WINDOWS\bootstat.dat
[2012/03/07 22:27:10 | 000,000,784 | ---- | M] () -- H:\Documents and Settings\All Users\Desktop\Malwarebytes Anti-Malware.lnk
[2012/03/07 19:46:39 | 091,023,286 | ---- | M] () -- H:\WINDOWS\System32\drivers\AVG\incavi.avm
[2012/03/05 20:32:36 | 000,032,256 | ---- | M] () -- H:\Documents and Settings\Andy & Joanna\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2012/02/29 20:15:01 | 000,000,069 | ---- | M] () -- H:\WINDOWS\NeroDigital.ini
[2012/02/23 18:40:29 | 000,414,368 | ---- | M] (Adobe Systems Incorporated) -- H:\WINDOWS\System32\FlashPlayerCPLApp.cpl
[2012/02/17 18:08:56 | 000,000,458 | ---- | M] () -- H:\WINDOWS\tasks\ParetoLogic Registration.job
[2012/02/17 17:01:53 | 000,318,675 | ---- | M] () -- H:\WINDOWS\System32\drivers\AVG\iavichjg.avm
[2012/02/17 12:34:36 | 000,277,352 | ---- | M] () -- H:\WINDOWS\System32\FNTCACHE.DAT
[2012/02/16 22:40:15 | 000,001,374 | ---- | M] () -- H:\WINDOWS\imsins.BAK
[2012/02/16 19:55:28 | 000,001,052 | ---- | M] () -- H:\Documents and Settings\Andy & Joanna\Start Menu\Programs\Startup\Dropbox.lnk
[2012/02/16 19:55:28 | 000,001,052 | ---- | M] () -- H:\Documents and Settings\Andy & Joanna\Desktop\Dropbox.lnk
[5 H:\WINDOWS\*.tmp files -> H:\WINDOWS\*.tmp -> ]

========== Files Created - No Company Name ==========

[2012/03/07 22:27:10 | 000,000,784 | ---- | C] () -- H:\Documents and Settings\All Users\Desktop\Malwarebytes Anti-Malware.lnk
[2012/02/16 19:55:09 | 000,003,072 | ---- | C] () -- H:\WINDOWS\System32\iacenc.dll
[2012/02/16 19:55:09 | 000,003,072 | ---- | C] () -- H:\WINDOWS\System32\dllcache\iacenc.dll
[2011/08/07 12:25:11 | 000,000,020 | ---- | C] () -- H:\WINDOWS\System32\MSWYXTND.DLL
[2010/08/16 18:32:27 | 000,590,816 | ---- | C] () -- H:\Documents and Settings\LocalService\Local Settings\Application Data\FontCache3.0.0.0.dat
[2010/08/13 21:28:39 | 000,000,186 | ---- | C] () -- H:\WINDOWS\System32\MRT.INI
[2010/07/19 22:23:29 | 000,000,000 | ---- | C] () -- H:\WINDOWS\Ijoguko.bin
[2010/07/19 20:20:28 | 000,000,120 | ---- | C] () -- H:\WINDOWS\Sqese.dat
[2010/03/12 17:01:09 | 000,000,056 | -H-- | C] () -- H:\WINDOWS\System32\ezsidmv.dat

========== LOP Check ==========

[2012/01/16 21:04:20 | 000,000,000 | ---D | M] -- H:\Documents and Settings\All Users\Application Data\AVG Secure Search
[2010/12/06 20:45:24 | 000,000,000 | ---D | M] -- H:\Documents and Settings\All Users\Application Data\AVG Security Toolbar
[2012/03/07 19:52:43 | 000,000,000 | ---D | M] -- H:\Documents and Settings\All Users\Application Data\AVG10
[2010/12/06 20:38:18 | 000,000,000 | ---D | M] -- H:\Documents and Settings\All Users\Application Data\avg9
[2009/01/21 00:17:11 | 000,000,000 | ---D | M] -- H:\Documents and Settings\All Users\Application Data\Cached Installations
[2011/02/17 22:48:17 | 000,000,000 | ---D | M] -- H:\Documents and Settings\All Users\Application Data\Clarus
[2010/12/06 20:45:35 | 000,000,000 | -H-D | M] -- H:\Documents and Settings\All Users\Application Data\Common Files
[2010/08/04 19:27:06 | 000,000,000 | ---D | M] -- H:\Documents and Settings\All Users\Application Data\Installations
[2011/02/27 19:33:25 | 000,000,000 | ---D | M] -- H:\Documents and Settings\All Users\Application Data\kAmNoBc06308
[2008/02/03 14:09:41 | 000,000,000 | ---D | M] -- H:\Documents and Settings\All Users\Application Data\LightScribe
[2011/05/07 16:06:11 | 000,000,000 | ---D | M] -- H:\Documents and Settings\All Users\Application Data\MFAData
[2008/01/03 23:48:40 | 000,000,000 | ---D | M] -- H:\Documents and Settings\All Users\Application Data\muvee Technologies
[2009/09/28 17:42:09 | 000,000,000 | ---D | M] -- H:\Documents and Settings\All Users\Application Data\Nokia
[2009/01/21 00:17:34 | 000,000,000 | ---D | M] -- H:\Documents and Settings\All Users\Application Data\ParetoLogic
[2009/07/04 10:53:43 | 000,000,000 | ---D | M] -- H:\Documents and Settings\All Users\Application Data\PC Suite
[2008/01/05 00:22:22 | 000,000,000 | ---D | M] -- H:\Documents and Settings\All Users\Application Data\TEMP
[2008/01/29 20:54:37 | 000,000,000 | ---D | M] -- H:\Documents and Settings\All Users\Application Data\UDL
[2010/05/29 11:47:34 | 000,000,000 | ---D | M] -- H:\Documents and Settings\All Users\Application Data\{429CAD59-35B1-4DBC-BB6D-1DB246563521}
[2009/09/14 12:56:37 | 000,000,000 | ---D | M] -- H:\Documents and Settings\All Users\Application Data\{755AC846-7372-4AC8-8550-C52491DAA8BD}
[2009/04/11 11:58:48 | 000,000,000 | ---D | M] -- H:\Documents and Settings\All Users\Application Data\{8CD7F5AF-ECFA-4793-BF40-D8F42DBFF906}
[2010/07/27 17:28:55 | 000,000,000 | ---D | M] -- H:\Documents and Settings\Andy & Joanna\Application Data\4C5A5FEE6EA00812DBE8AB71C400E3A0
[2010/05/11 21:13:17 | 000,000,000 | ---D | M] -- H:\Documents and Settings\Andy & Joanna\Application Data\alot
[2011/12/16 09:50:41 | 000,000,000 | ---D | M] -- H:\Documents and Settings\Andy & Joanna\Application Data\AVG Secure Search
[2010/12/06 20:46:19 | 000,000,000 | ---D | M] -- H:\Documents and Settings\Andy & Joanna\Application Data\AVG10
[2012/03/08 22:03:06 | 000,000,000 | ---D | M] -- H:\Documents and Settings\Andy & Joanna\Application Data\Dropbox
[2009/07/23 21:41:02 | 000,000,000 | ---D | M] -- H:\Documents and Settings\Andy & Joanna\Application Data\ICAClient
[2008/01/05 00:23:34 | 000,000,000 | ---D | M] -- H:\Documents and Settings\Andy & Joanna\Application Data\muvee Technologies
[2010/12/29 14:48:50 | 000,000,000 | ---D | M] -- H:\Documents and Settings\Andy & Joanna\Application Data\Nokia
[2009/07/04 10:54:11 | 000,000,000 | ---D | M] -- H:\Documents and Settings\Andy & Joanna\Application Data\Nseries
[2009/07/04 10:38:05 | 000,000,000 | ---D | M] -- H:\Documents and Settings\Andy & Joanna\Application Data\PC Suite
[2012/03/07 22:45:26 | 000,000,000 | ---D | M] -- H:\Documents and Settings\Andy & Joanna\Application Data\PriceGong
[2009/12/13 16:49:19 | 000,000,000 | ---D | M] -- H:\Documents and Settings\Andy & Joanna\Application Data\Printer Info Cache
[2011/07/28 19:07:14 | 000,000,000 | ---D | M] -- H:\Documents and Settings\Andy & Joanna\Application Data\Red Kawa
[2009/02/13 08:20:11 | 000,000,000 | ---D | M] -- H:\Documents and Settings\Andy & Joanna\Application Data\TeamViewer
[2008/01/26 09:21:49 | 000,000,000 | ---D | M] -- H:\Documents and Settings\Andy & Joanna\Application Data\Teleca
[2012/03/05 22:30:06 | 000,000,000 | ---D | M] -- H:\Documents and Settings\Andy & Joanna\Application Data\uTorrent
[2009/09/19 10:15:50 | 000,000,000 | ---D | M] -- H:\Documents and Settings\Andy & Joanna\Application Data\YouSendIt
[2012/02/17 18:08:56 | 000,000,458 | ---- | M] () -- H:\WINDOWS\Tasks\ParetoLogic Registration.job
[2012/03/08 22:01:07 | 000,000,250 | ---- | M] () -- H:\WINDOWS\Tasks\Scheduled Update for Ask Toolbar.job

========== Purity Check ==========



< End of report >


OTL Extras logfile created on: 08/03/2012 22:24:44 - Run 1
OTL by OldTimer - Version 3.2.36.1 Folder = H:\Documents and Settings\Andy & Joanna\My Documents\Torrents
Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 7.0.5730.13)
Locale: 00000809 | Country: United Kingdom | Language: ENG | Date Format: dd/MM/yyyy

2.00 Gb Total Physical Memory | 1.10 Gb Available Physical Memory | 55.15% Memory free
2.85 Gb Paging File | 2.14 Gb Available in Paging File | 75.14% Paging File free
Paging file location(s): H:\pagefile.sys 1024 2048 [binary data]

%SystemDrive% = H: | %SystemRoot% = H:\WINDOWS | %ProgramFiles% = H:\Program Files
Drive F: | 970.63 Mb Total Space | 699.63 Mb Free Space | 72.08% Space Free | Partition Type: FAT
Drive H: | 232.88 Gb Total Space | 4.01 Gb Free Space | 1.72% Space Free | Partition Type: NTFS

Computer Name: ANDY-38AF1A8D42 | User Name: Andy & Joanna | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Extra Registry (SafeList) ==========


========== File Associations ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
.html [@ = ChromeHTML] -- H:\Program Files\Google\Chrome\Application\chrome.exe (Google Inc.)
.url [@ = InternetShortcut] -- rundll32.exe ieframe.dll,OpenURL %l

[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.html [@ = htmlfile] -- Reg Error: Key error. File not found

========== Shell Spawning ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
exefile [open] -- "%1" %*
htafile [open] -- "%1" %*
http [open] -- "H:\Program Files\Google\Chrome\Application\chrome.exe" -- "%1" (Google Inc.)
https [open] -- "H:\Program Files\Google\Chrome\Application\chrome.exe" -- "%1" (Google Inc.)
InternetShortcut [open] -- rundll32.exe ieframe.dll,OpenURL %l
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [TVersity] -- "H:\Program Files\TVersity\Media Server\GUILaunch.exe" -type "folder" -url "%1" -title "" -tags "" ()
Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

========== Security Center Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"FirstRunDisabled" = 1
"AntiVirusDisableNotify" = 0
"FirewallDisableNotify" = 0
"UpdatesDisableNotify" = 0
"AntiVirusOverride" = 0
"FirewallOverride" = 0

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall]

========== System Restore Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows NT\SystemRestore]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Sr]
"Start" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SrService]
"Start" = 2

========== Firewall Settings ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List]
"26675:TCP" = 26675:TCP:169.254.2.0/255.255.255.0:Enabled:ActiveSync Service
"1900:UDP" = 1900:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22007
"2869:TCP" = 2869:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22008

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
"26675:TCP" = 26675:TCP:169.254.2.0/255.255.255.0:Enabled:ActiveSync Service
"1900:UDP" = 1900:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22007
"2869:TCP" = 2869:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22008

========== Authorized Applications List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
"%windir%\system32\sessmgr.exe" = %windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019 -- (Microsoft Corporation)
"%windir%\Network Diagnostic\xpnetdiag.exe" = %windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000 -- (Microsoft Corporation)
"H:\Program Files\Microsoft ActiveSync\rapimgr.exe" = H:\Program Files\Microsoft ActiveSync\rapimgr.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync RAPI Manager -- (Microsoft Corporation)
"H:\Program Files\Microsoft ActiveSync\wcescomm.exe" = H:\Program Files\Microsoft ActiveSync\wcescomm.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync Connection Manager -- (Microsoft Corporation)
"H:\Program Files\Microsoft ActiveSync\WCESMgr.exe" = H:\Program Files\Microsoft ActiveSync\WCESMgr.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync Application -- (Microsoft Corporation)
"H:\Program Files\Windows Live\Messenger\msnmsgr.exe" = H:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger -- (Microsoft Corporation)
"H:\Program Files\Windows Live\Sync\WindowsLiveSync.exe" = H:\Program Files\Windows Live\Sync\WindowsLiveSync.exe:*:Enabled:Windows Live Sync -- (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"%windir%\system32\sessmgr.exe" = %windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019 -- (Microsoft Corporation)
"%windir%\Network Diagnostic\xpnetdiag.exe" = %windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000 -- (Microsoft Corporation)
"H:\Program Files\Microsoft LifeCam\LifeExp.exe" = H:\Program Files\Microsoft LifeCam\LifeExp.exe:*:Enabled:LifeExp.exe -- (Microsoft Corporation)
"H:\Program Files\Microsoft LifeCam\LifeCam.exe" = H:\Program Files\Microsoft LifeCam\LifeCam.exe:*:Enabled:LifeCam.exe -- (Microsoft Corporation)
"H:\Program Files\uTorrent\uTorrent.exe" = H:\Program Files\uTorrent\uTorrent.exe:*:Enabled:µTorrent -- (BitTorrent, Inc.)
"H:\Program Files\Messenger\msmsgs.exe" = H:\Program Files\Messenger\msmsgs.exe:*:Enabled:Windows Messenger -- (Microsoft Corporation)
"H:\Documents and Settings\Andy & Joanna\Application Data\U3\00001626737200E1\0DE4F643-C398-46ec-9339-2362F2311932\Exec\Skype.exe" = H:\Documents and Settings\Andy & Joanna\Application Data\U3\00001626737200E1\0DE4F643-C398-46ec-9339-2362F2311932\Exec\Skype.exe:*:Enabled:Skype
"H:\Program Files\TeamViewer\Version4\TeamViewer.exe" = H:\Program Files\TeamViewer\Version4\TeamViewer.exe:*:Enabled:TeamViewer Remote Control Application -- (TeamViewer GmbH)
"H:\Documents and Settings\Andy & Joanna\temp\TeamViewer\Version4\TeamViewer.exe" = H:\Documents and Settings\Andy & Joanna\temp\TeamViewer\Version4\TeamViewer.exe:*:Enabled:TeamViewer Remote Control Application -- (TeamViewer GmbH)
"H:\Program Files\AVG\AVG8\avgupd.exe" = H:\Program Files\AVG\AVG8\avgupd.exe:*:Enabled:avgupd.exe
"H:\Program Files\AVG\AVG8\avgnsx.exe" = H:\Program Files\AVG\AVG8\avgnsx.exe:*:Enabled:avgnsx.exe
"H:\Program Files\Microsoft ActiveSync\rapimgr.exe" = H:\Program Files\Microsoft ActiveSync\rapimgr.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync RAPI Manager -- (Microsoft Corporation)
"H:\Program Files\Microsoft ActiveSync\wcescomm.exe" = H:\Program Files\Microsoft ActiveSync\wcescomm.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync Connection Manager -- (Microsoft Corporation)
"H:\Program Files\Microsoft ActiveSync\WCESMgr.exe" = H:\Program Files\Microsoft ActiveSync\WCESMgr.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync Application -- (Microsoft Corporation)
"H:\Program Files\Nero\Nero 7\Nero Home\NeroHome.exe" = H:\Program Files\Nero\Nero 7\Nero Home\NeroHome.exe:*:Enabled:Nero Home -- (Nero AG)
"H:\Program Files\Common Files\Nokia\Service Layer\A\nsl_host_process.exe" = H:\Program Files\Common Files\Nokia\Service Layer\A\nsl_host_process.exe:*:Enabled:Nokia Service Layer Host Process -- (Nokia Corporation)
"H:\Program Files\Nokia\Nokia Software Updater\nsu_ui_client.exe" = H:\Program Files\Nokia\Nokia Software Updater\nsu_ui_client.exe:*:Enabled:Nokia Software Updater
"H:\Program Files\Microsoft Office\Office12\OUTLOOK.EXE" = H:\Program Files\Microsoft Office\Office12\OUTLOOK.EXE:*:Enabled:Microsoft Office Outlook -- (Microsoft Corporation)
"H:\Program Files\Microsoft Office\Office12\GROOVE.EXE" = H:\Program Files\Microsoft Office\Office12\GROOVE.EXE:*:Enabled:Microsoft Office Groove -- (Microsoft Corporation)
"H:\Program Files\Microsoft Office\Office12\ONENOTE.EXE" = H:\Program Files\Microsoft Office\Office12\ONENOTE.EXE:*:Enabled:Microsoft Office OneNote -- (Microsoft Corporation)
"H:\Program Files\Skype\Plugin Manager\skypePM.exe" = H:\Program Files\Skype\Plugin Manager\skypePM.exe:*:Enabled:Skype Extras Manager
"H:\Program Files\Skype\Phone\Skype.exe" = H:\Program Files\Skype\Phone\Skype.exe:*:Enabled:Skype -- (Skype Technologies S.A.)
"H:\Program Files\Windows Live\Messenger\msnmsgr.exe" = H:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger -- (Microsoft Corporation)
"H:\Program Files\Windows Live\Sync\WindowsLiveSync.exe" = H:\Program Files\Windows Live\Sync\WindowsLiveSync.exe:*:Enabled:Windows Live Sync -- (Microsoft Corporation)
"H:\Documents and Settings\Andy & Joanna\Application Data\Dropbox\bin\Dropbox.exe" = H:\Documents and Settings\Andy & Joanna\Application Data\Dropbox\bin\Dropbox.exe:*:Enabled:Dropbox -- (Dropbox, Inc.)
"H:\Program Files\Common Files\Apple\Apple Application Support\WebKit2WebProcess.exe" = H:\Program Files\Common Files\Apple\Apple Application Support\WebKit2WebProcess.exe:*:Enabled:WebKit -- (Apple Inc.)
"H:\Program Files\Bonjour\mDNSResponder.exe" = H:\Program Files\Bonjour\mDNSResponder.exe:*:Enabled:Bonjour Service -- (Apple Inc.)
"H:\Program Files\iTunes\iTunes.exe" = H:\Program Files\iTunes\iTunes.exe:*:Enabled:iTunes -- (Apple Inc.)
"H:\Program Files\AVG\AVG10\avgdiagex.exe" = H:\Program Files\AVG\AVG10\avgdiagex.exe:*:Enabled:AVG Diagnostics 2011 -- (AVG Technologies CZ, s.r.o.)
"H:\Program Files\AVG\AVG10\avgnsx.exe" = H:\Program Files\AVG\AVG10\avgnsx.exe:*:Enabled:Online Shield -- (AVG Technologies CZ, s.r.o.)
"H:\Program Files\AVG\AVG10\avgemcx.exe" = H:\Program Files\AVG\AVG10\avgemcx.exe:*:Enabled:Personal E-mail Scanner -- (AVG Technologies CZ, s.r.o.)


========== HKEY_LOCAL_MACHINE Uninstall List ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{001E7FB6-BB6B-4ED0-BEDC-B5404ED96D4E}" = DocProc
"{001EB665-D9EC-415E-9E13-AD2125B2B992}" = RAW Image Task 2.1
"{109D28C7-FB38-483A-9C91-001CB59E2699}" = EPSON CardMonitor
"{10E1E87C-656C-4D08-86D6-5443D28583BE}" = TrayApp
"{1103112B-513D-4DEF-96B4-9889774E0118}" = Creative Zen Touch
"{14C35072-D7D0-4B29-B5BF-C94E426D77E9}" = Sky Broadband
"{172423F9-522A-483A-AD65-03600CE4CA4F}" = Microsoft Works 6-9 Converter
"{1753255A-0AEB-4220-8C75-607B73F0C133}" = Copy
"{178832DE-9DE0-4C87-9F82-9315A9B03985}" = Windows Live Writer
"{18455581-E099-4BA8-BC6B-F34B2F06600C}" = Google Toolbar for Internet Explorer
"{1B9B5B3B-28E7-4E59-A80D-D670AA984514}" = Nokia Connectivity Cable Driver
"{1BD07DF4-FB06-41BA-B896-B2DA59000C96}" = Windows Live Toolbar
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{205C6BDD-7B73-42DE-8505-9A093F35A238}" = Windows Live Upload Tool
"{20DFF861-31EE-41F6-98D5-0A992AE7D116}" = YouSendIt Plug-in for Outlook
"{22B775E7-6C42-4FC5-8E10-9A5E3257BD94}" = MSVCRT
"{2318C2B1-4965-11d4-9B18-009027A5CD4F}" = Google Toolbar for Internet Explorer
"{23B59B9F-C360-11D7-875B-0090CC005647}" = PIF DESIGNER2.1
"{23B59ED4-C360-11D7-875B-0090CC005647}" = EPSON PRINT Image Framer Tool2.1
"{26A24AE4-039D-4CA4-87B4-2F83216010FF}" = Java™ 6 Update 15
"{29FA38B4-0AE4-4D0D-8A51-6165BB990BB0}" = WebReg
"{2E0C1913-886B-4C5C-8DAF-D1E649CE5FCC}" = Creative MediaSource
"{2F28B3C9-2C89-4206-8B33-8ADC9577C49B}" = Scan
"{3175E049-F9A9-4A3D-8F19-AC9FB04514D1}" = Windows Live Communications Platform
"{3248F0A8-6813-11D6-A77B-00B0D0160070}" = Java™ 6 Update 7
"{343666E2-A059-48AC-AD67-230BF74E2DB2}" = Apple Application Support
"{350C97B0-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP
"{36FDBE6E-6684-462B-AE98-9A39A1B200CC}" = HP Product Assistant
"{415CDA53-9100-476F-A7B2-476691E117C7}" = HP Smart Web Printing
"{474F25F5-BDC9-40E5-B1B6-F6BF23FC106F}" = Windows Live Essentials
"{487B0B9B-DCD4-440D-89A0-A6EDE1A545A3}" = HPSSupply
"{543E938C-BDC4-4933-A612-01293996845F}" = UnloadSupport
"{57F0ED40-8F11-41AA-B926-4A66D0D1A9CC}" = Microsoft Office Live Add-in 1.3
"{5A3C1721-F8ED-11E0-8AFB-B8AC6F97B88E}" = Google Earth
"{5EE7D259-D137-4438-9A5F-42F432EC0421}" = VC80CRTRedist - 8.0.50727.4053
"{6412CECE-8172-4BE5-935B-6CECACD2CA87}" = Windows Live Mail
"{65F5B7AF-3363-11D7-BB6B-00018021113F}" = EPSON PhotoQuicker3.5
"{66491E5A-7899-4863-A2E9-057E10BCB578}" = Samsung SecretZone
"{6693BD7C-CB4E-43AC-A0D6-10D1A1B88DCF}" = Canon PhotoRecord
"{66E6CE0C-5A1E-430C-B40A-0C90FF1804A8}" = eSupportQFolder
"{6811CAA0-BF12-11D4-9EA1-0050BAE317E1}" = PowerDVD
"{6B4AD1A9-E73A-4184-9D6B-072F8A3C5EBA}" = VoiceOver Kit
"{7059BDA7-E1DB-442C-B7A1-6144596720A4}" = HP Update
"{710BF966-43C8-4216-A8EC-BC4E169FF7C1}" = MobileMe Control Panel
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
"{79155F2B-9895-49D7-8612-D92580E0DE5B}" = Bonjour
"{7BE15435-2D3E-4B58-867F-9C75BED0208C}" = QuickTime
"{8153ED9A-C94A-426E-9880-5E6775C08B62}" = Apple Mobile Device Support
"{821D6F49-1B20-4809-8C73-286CFC52B1B1}" = Samsung Auto Backup
"{824D3839-DAA1-4315-A822-7AE3E620E528}" = VideoToolkit01
"{8389382B-53BA-4A87-8854-91E3D80A5AC7}" = HP Photosmart Essential2.01
"{86D4B82A-ABED-442A-BE86-96357B70F4FE}" = Ask Toolbar
"{87E2B986-07E8-477a-93DC-AF0B6758B192}" = DocProcQFolder
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8A74E887-8F0F-4017-AF53-CBA42211AAA5}" = Microsoft Sync Framework Runtime Native v1.0 (x86)
"{8CFC7570-DD90-486E-A239-E31D455BDE93}" = Microsoft LifeCam
"{8E5233E1-7495-44FB-8DEB-4BE906D59619}" = Junk Mail filter update
"{8F722FA9-B994-4C9B-B292-FD32D6206EDF}" = ASUS WLAN Card Utilities/Driver
"{90120000-0010-0409-0000-0000000FF1CE}" = Microsoft Software Update for Web Folders (English) 12
"{90120000-0015-0409-0000-0000000FF1CE}" = Microsoft Office Access MUI (English) 2007
"{90120000-0015-0409-0000-0000000FF1CE}_ENTERPRISER_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0016-0409-0000-0000000FF1CE}" = Microsoft Office Excel MUI (English) 2007
"{90120000-0016-0409-0000-0000000FF1CE}_ENTERPRISER_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0018-0409-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (English) 2007
"{90120000-0018-0409-0000-0000000FF1CE}_ENTERPRISER_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0019-0409-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (English) 2007
"{90120000-0019-0409-0000-0000000FF1CE}_ENTERPRISER_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001A-0409-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (English) 2007
"{90120000-001A-0409-0000-0000000FF1CE}_ENTERPRISER_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001B-0409-0000-0000000FF1CE}" = Microsoft Office Word MUI (English) 2007
"{90120000-001B-0409-0000-0000000FF1CE}_ENTERPRISER_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-0409-0000-0000000FF1CE}_ENTERPRISER_{1FF96026-A04A-4C3E-B50A-BB7022654D0F}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2007
"{90120000-001F-040C-0000-0000000FF1CE}_ENTERPRISER_{71F055E8-E2C6-4214-BB3D-BFE03561B89E}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-0C0A-0000-0000000FF1CE}" = Microsoft Office Proof (Spanish) 2007
"{90120000-001F-0C0A-0000-0000000FF1CE}_ENTERPRISER_{2314F9A1-126F-45CC-8A5E-DFAF866F3FBC}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-0020-0409-0000-0000000FF1CE}" = Compatibility Pack for the 2007 Office system
"{90120000-002C-0409-0000-0000000FF1CE}" = Microsoft Office Proofing (English) 2007
"{90120000-0044-0409-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (English) 2007
"{90120000-0044-0409-0000-0000000FF1CE}_ENTERPRISER_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-006E-0409-0000-0000000FF1CE}" = Microsoft Office Shared MUI (English) 2007
"{90120000-006E-0409-0000-0000000FF1CE}_ENTERPRISER_{98333358-268C-4164-B6D4-C96DF5153727}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-00A1-0409-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (English) 2007
"{90120000-00A1-0409-0000-0000000FF1CE}_ENTERPRISER_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-00BA-0409-0000-0000000FF1CE}" = Microsoft Office Groove MUI (English) 2007
"{90120000-00BA-0409-0000-0000000FF1CE}_ENTERPRISER_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0114-0409-0000-0000000FF1CE}" = Microsoft Office Groove Setup Metadata MUI (English) 2007
"{90120000-0114-0409-0000-0000000FF1CE}_ENTERPRISER_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0115-0409-0000-0000000FF1CE}" = Microsoft Office Shared Setup Metadata MUI (English) 2007
"{90120000-0115-0409-0000-0000000FF1CE}_ENTERPRISER_{98333358-268C-4164-B6D4-C96DF5153727}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0117-0409-0000-0000000FF1CE}" = Microsoft Office Access Setup Metadata MUI (English) 2007
"{90120000-0117-0409-0000-0000000FF1CE}_ENTERPRISER_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90140000-2005-0000-0000-0000000FF1CE}" = Microsoft Office File Validation Add-In
"{91120000-0030-0000-0000-0000000FF1CE}" = Microsoft Office Enterprise 2007
"{91120000-0030-0000-0000-0000000FF1CE}_ENTERPRISER_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{93F54611-2701-454e-94AB-623F458D9E6B}" = DeviceDiscovery
"{9422C8EA-B0C6-4197-B8FC-DC797658CA00}" = Windows Live Sign-in Assistant
"{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting
"{95120000-0122-0409-0000-0000000FF1CE}" = Microsoft Office Outlook Connector
"{99052DB7-9592-4522-A558-5417BBAD48EE}" = Microsoft ActiveSync
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{9DBCAEDF-4853-437F-8B62-9C3B1267E9A4}" = AVG 2011
"{A036E231-5A03-4d63-94F6-7864CC77EC48}" = PS_AIO_ProductContext
"{A1F66FC9-11EE-4F2F-98C9-16F8D1E69FB7}" = Segoe UI
"{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}" = Microsoft .NET Framework 3.0 Service Pack 2
"{A43BF6A5-D5F0-4AAA-BF41-65995063EC44}" = MSXML 6.0 Parser
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{AB5D51AE-EBC3-438D-872C-705C7C2084B0}" = DeviceManagementQFolder
"{AC76BA86-7AD7-1033-7B44-A83000000003}" = Adobe Reader 8.3.1
"{AC76BA86-7AD7-5464-3428-800000000003}" = Spelling Dictionaries Support For Adobe Reader 8
"{AEA07F97-9088-497c-8821-0F36BD5DC251}" = HPProductAssistant
"{AF7FC1CA-79DF-43c3-90A3-33EFEB9294CE}" = AIO_Scan
"{B040FEFE-B45F-4e30-B3C6-035F53F544A9}" = c4200_Help
"{B10914FD-8812-47A4-85A1-50FCDE7F1F33}" = Windows Live Sync
"{B22C19AE-6A67-4f28-B541-5AE72FB17A25}" = HP Photosmart All-In-One Software 9.0
"{B2544A03-10D0-4E5E-BA69-0362FFC20D18}" = OGA Notifier 2.0.0048.0
"{B4092C6D-E886-4CB2-BA68-FE5A88D31DE6}_is1" = Spybot - Search & Destroy
"{B57EAFF2-D6EE-4C6C-9175-ED9F17BFC1BC}" = Windows Live Messenger
"{B6CF2967-C81E-40C0-9815-C05774FEF120}" = Skype Toolbars
"{B9F3A6E6-9C77-4535-9ED9-B16C1EBDFEC2}" = C4200
"{BAF78226-3200-4DB4-BE33-4D922A799840}" = Windows Presentation Foundation
"{BCD6CD1A-0DBE-412E-9F25-3B500D1E6BA1}" = SolutionCenter
"{BD64AF4A-8C80-4152-AD77-FCDDF05208AB}" = Microsoft Sync Framework Services Native v1.0 (x86)
"{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}" = Microsoft .NET Framework 2.0 Service Pack 2
"{C48817E7-AA05-4151-A99D-1E1E550CE801}" = EPSON PhotoStarter3.1
"{C6579A65-9CAE-4B31-8B6B-3306E0630A66}" = Apple Software Update
"{C9BED750-1211-4480-B1A5-718A3BE15525}" = REALTEK GbE & FE Ethernet PCI-E NIC Driver
"{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}" = Microsoft .NET Framework 1.1
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{D0E39A1D-0CEE-4D85-B4A2-E3BE990D075E}" = Destination Component
"{D6F879CC-59D6-4D4B-AE9B-D761E48D25ED}" = Skype™ 5.3
"{D719E8F1-6931-40b4-AC0B-5FE2C097F995}" = C4200_doccd
"{D92FF8EB-BD77-40AE-B68B-A6BFC6F8661D}" = Windows Live Family Safety
"{D9B4D7EE-481C-4C36-86AB-A8F7417725FF}" = LightScribe 1.6.43.1
"{DCD22647-6D31-479D-8F97-16D0AA934D9E}" = PC Connectivity Solution
"{E2662C24-B31E-4349-A084-32EB76E8B760}" = BufferChm
"{E39A3770-3DDE-404c-B91F-3522947874A3}" = PS_AIO_Software_min
"{E533E637-FB3E-4F28-8B18-449CC9AB7235}" = AVG 2011
"{E6158D07-2637-4ECF-B576-37C489669174}" = Windows Live Call
"{E9C18EBD-85BE-47D0-AA73-3FEDCC976B04}" = Toolbox
"{EBAE381B-60A6-4863-AA9F-FCAB755BC9E5}" = ScanToWeb
"{EBFEEB3F-3E3B-4725-A4E0-376144CE4F76}" = Citrix XenApp Web Plugin
"{EE39FFBD-544E-49E4-A999-6819828EAE91}" = Windows Live Photo Gallery
"{F0A37341-D692-11D4-A984-009027EC0A9C}" = SoundMAX
"{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]
"{F0E12BBA-AD66-4022-A453-A1C8A0C4D570}" = Microsoft Choice Guard
"{F1E63043-54FC-429B-AB2C-31AF9FBA4BC7}" = 32 Bit HP CIO Components Installer
"{F2AF3E5D-9697-485C-A5AC-E2B9468C446A}" = Safari
"{F61DD673-0030-4BB2-A382-7E57E97F1033}" = Nero 7 Essentials
"{F6D6B258-E3CA-4AAC-965A-68D3E3140A8C}" = iTunes
"{F72E2DDC-3DB8-4190-A21D-63883D955FE7}" = PSSWCORE
"{FA4FA322-5C90-4d2b-A019-9E588273DED5}" = PS_AIO_Software
"{FD8D8B04-BEAD-4A55-AA1D-62D2373E7DEA}" = Status
"{FF477885-5EA8-40D0-ADF3-D4C1B86FAEA4}" = EPSON Print CD
"0222-0618-0114-4896" = Review Manager 5.1.2
"504244733D18C8F63FF584AEB290E3904E791693" = Windows Driver Package - Nokia pccsmcfd (08/22/2008 7.0.0.0)
"Active@ File Recovery 7.3" = Active@ File Recovery 7.3
"Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX
"Adobe Shockwave Player" = Adobe Shockwave Player
"alotToolbar" = ALOT Toolbar
"Audacity_is1" = Audacity 1.2.6
"AudibleDownloadManager" = Audible Download Manager
"AVG" = AVG 2011
"AviSynth" = AviSynth 2.5
"CAL" = Canon Camera Access Library
"CameraWindowDC" = Canon Utilities CameraWindow DC
"CameraWindowDC8" = Canon Utilities CameraWindow DC 8
"CameraWindowDVC5" = Canon Utilities CameraWindow DC_DV 5 for ZoomBrowser EX
"CameraWindowDVC6" = Canon Utilities CameraWindow DC_DV 6 for ZoomBrowser EX
"CameraWindowLauncher" = Canon Utilities CameraWindow
"CANON iMAGE GATEWAY Task" = CANON iMAGE GATEWAY Task for ZoomBrowser EX
"Canon Internet Library for ZoomBrowser EX" = Canon Internet Library for ZoomBrowser EX
"Canon MOV Decoder" = Canon MOV Decoder
"Canon MOV Encoder" = Canon MOV Encoder
"Championship Manager 01-02" = Championship Manager 01-02
"CloneDVD2" = CloneDVD2
"coverXP" = coverXP (remove only)
"Creative Jukebox Driver" = Creative Jukebox Driver
"CSCLIB" = Canon Camera Support Core Library
"Cucusoft DVD to iPod + iPod Video Converter Suite_is1" = Cucusoft DVD to iPod + iPod Video Converter Suite 3.16.3.29
"CutePDF Writer Installation" = CutePDF Writer 2.7
"Direct WAV MP3 Splitter_is1" = Direct WAV MP3 Splitter version 2.6.0.21
"DivX Setup.divx.com" = DivX Setup
"ENTERPRISER" = Microsoft Office Enterprise 2007
"EOS Utility" = Canon Utilities EOS Utility
"EPSON Printer and Utilities" = EPSON Printer Software
"ESPR300 Reference Guide" = ESPR300 Reference Guide
"ESPR300 Software Guide" = ESPR300 Software Guide
"ESPR300 Standalone Guide" = ESPR300 Standalone Guide
"Google Chrome" = Google Chrome
"Google Desktop" = Google Desktop
"Google Updater" = Google Updater
"HijackThis" = HijackThis 1.99.1
"HP Imaging Device Functions" = HP Imaging Device Functions 9.0
"HP Photosmart Essential" = HP Photosmart Essential 2.01
"HP Solution Center & Imaging Support Tools" = HP Solution Center 9.0
"HPOCR" = HP OCR Software 9.0
"IDNMitigationAPIs" = Microsoft Internationalized Domain Names Mitigation APIs
"ie7" = Windows Internet Explorer 7
"InstallShield_{001EB665-D9EC-415E-9E13-AD2125B2B992}" = Canon RAW Image Task for ZoomBrowser EX
"InstallShield_{20DFF861-31EE-41F6-98D5-0A992AE7D116}" = YouSendIt Plug-in for Outlook
"KLiteCodecPack_is1" = K-Lite Codec Pack 4.9.0 (Full)
"Malwarebytes' Anti-Malware_is1" = Malwarebytes Anti-Malware version 1.60.1.1000
"Microsoft .NET Framework 1.1 (1033)" = Microsoft .NET Framework 1.1
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"MovieEditTask" = Canon MovieEdit Task for ZoomBrowser EX
"MovieUploaderForYouTube" = Canon Utilities Movie Uploader for YouTube
"MP3 To Ringtone Gold_is1" = MP3 To Ringtone Gold 3.16
"Mp3_File_Editor_5" = Mp3 File Editor 5.11 (standard)
"MP3MyMP3_is1" = MP3MyMP3 3.1
"MSCompPackV1" = Microsoft Compression Client Pack 1.0 for Windows XP
"MSNINST" = MSN
"MyCamera" = Canon Utilities MyCamera
"MyCameraDC" = Canon Utilities MyCamera DC
"NLSDownlevelMapping" = Microsoft National Language Support Downlevel APIs
"NVIDIA Drivers" = NVIDIA Drivers
"Photo Viewer" = Photo Viewer
"PhotoStitch" = Canon Utilities PhotoStitch
"Picasa2" = Picasa 2
"PriceGong" = PriceGong 2.1.0
"RemoteCaptureTask" = Canon Utilities RemoteCapture Task for ZoomBrowser EX
"SysInfo" = Creative System Information
"TeamViewer 4" = TeamViewer 4
"TVersity Codec Pack" = TVersity Codec Pack 1.1
"TVersity Media Server " = TVersity Media Server 0.9.11.4 beta
"uTorrent" = µTorrent
"Videora iPad Converter" = Videora iPad Converter 6
"Videora iPod Converter" = Videora iPod Converter 6
"VLC media player" = VideoLAN VLC media player 0.8.6f
"Wdf01005" = Microsoft Kernel-Mode Driver Framework Feature Pack 1.5
"Wdf01007" = Microsoft Kernel-Mode Driver Framework Feature Pack 1.7
"Wdf01009" = Microsoft Kernel-Mode Driver Framework Feature Pack 1.9
"WinAVI Video Converter_is1" = WinAVI Video Converter
"WinAVIVideoConverter_is1" = WinAVIVideoConverter
"Windows Media Format Runtime" = Windows Media Format 11 runtime
"Windows Media Player" = Windows Media Player 11
"Windows Mobile Device Handbook" = Windows Mobile® Device Handbook
"Windows XP Service Pack" = Windows XP Service Pack 3
"WinLiveSuite_Wave3" = Windows Live Essentials
"WinRAR archiver" = WinRAR archiver
"WMFDist11" = Windows Media Format 11 runtime
"wmp11" = Windows Media Player 11
"Wudf01005" = Microsoft User-Mode Driver Framework Feature Pack 1.5
"Xilisoft Audio Maker" = Xilisoft Audio Maker
"XpertVision_is1" = XpertVision 5.7
"XpsEPSC" = XML Paper Specification Shared Components Pack 1.0
"YouTube Downloader App" = YouTube Downloader App 1.01
"ZoomBrowser EX" = Canon Utilities ZoomBrowser EX
"ZoomBrowser EX Memory Card Utility" = Canon ZoomBrowser EX Memory Card Utility

========== HKEY_CURRENT_USER Uninstall List ==========

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{22BBE99C-4A0D-4EB4-A139-14CFD848C0F8}_is1" = Bonusprint
"Dropbox" = Dropbox
"uTorrent" = µTorrent

========== Last 10 Event Log Errors ==========

[ Application Events ]
Error - 01/01/2012 12:37:32 | Computer Name = ANDY-38AF1A8D42 | Source = Bonjour Service | ID = 100
Description = 204: ERROR: read_msg errno 10054 (An existing connection was forcibly
closed by the remote host.)

Error - 01/01/2012 12:37:32 | Computer Name = ANDY-38AF1A8D42 | Source = Bonjour Service | ID = 100
Description = 220: ERROR: read_msg errno 10054 (An existing connection was forcibly
closed by the remote host.)

Error - 01/01/2012 12:37:32 | Computer Name = ANDY-38AF1A8D42 | Source = Bonjour Service | ID = 100
Description = 404: ERROR: read_msg errno 10054 (An existing connection was forcibly
closed by the remote host.)

Error - 01/01/2012 12:37:32 | Computer Name = ANDY-38AF1A8D42 | Source = Bonjour Service | ID = 100
Description = 420: ERROR: read_msg errno 10054 (An existing connection was forcibly
closed by the remote host.)

Error - 04/01/2012 15:12:39 | Computer Name = ANDY-38AF1A8D42 | Source = Application Error | ID = 1000
Description = Faulting application spoolsv.exe, version 5.1.2600.6024, faulting
module msxml3.dll, version 8.100.1052.0, fault address 0x00005c90.

Error - 25/01/2012 15:19:16 | Computer Name = ANDY-38AF1A8D42 | Source = Bonjour Service | ID = 100
Description = Excessive update rate for Andy\032&\032Joanna’s\032Library._home-sharing._tcp.local.;
delaying announcement by 1 second

Error - 25/01/2012 15:19:19 | Computer Name = ANDY-38AF1A8D42 | Source = Bonjour Service | ID = 100
Description = Excessive update rate for Andy\032&\032Joanna’s\032Library._home-sharing._tcp.local.;
delaying announcement by 1 second

Error - 31/01/2012 06:38:20 | Computer Name = ANDY-38AF1A8D42 | Source = Application Hang | ID = 1002
Description = Hanging application ZoomBrowser.exe, version 6.5.0.14, hang module
hungapp, version 0.0.0.0, hang address 0x00000000.

Error - 07/03/2012 18:30:55 | Computer Name = ANDY-38AF1A8D42 | Source = Application Error | ID = 1000
Description = Faulting application cleanmgr.exe, version 6.0.2900.5512, faulting
module unknown, version 0.0.0.0, fault address 0x20026c5b.

Error - 07/03/2012 18:30:59 | Computer Name = ANDY-38AF1A8D42 | Source = Application Error | ID = 1000
Description = Faulting application cleanmgr.exe, version 6.0.2900.5512, faulting
module unknown, version 0.0.0.0, fault address 0x20026c5b.

[ OSession Events ]
Error - 12/05/2010 15:18:12 | Computer Name = ANDY-38AF1A8D42 | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 6, Application Name: Microsoft Office Outlook, Application Version:
12.0.6514.5000, Microsoft Office Version: 12.0.6425.1000. This session lasted 311
seconds with 60 seconds of active time. This session ended with a crash.

Error - 24/05/2010 07:10:08 | Computer Name = ANDY-38AF1A8D42 | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 6, Application Name: Microsoft Office Outlook, Application Version:
12.0.6514.5000, Microsoft Office Version: 12.0.6425.1000. This session lasted 7841
seconds with 240 seconds of active time. This session ended with a crash.

Error - 29/05/2010 07:32:09 | Computer Name = ANDY-38AF1A8D42 | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 6, Application Name: Microsoft Office Outlook, Application Version:
12.0.6514.5000, Microsoft Office Version: 12.0.6425.1000. This session lasted 1089
seconds with 240 seconds of active time. This session ended with a crash.

Error - 14/06/2010 15:36:26 | Computer Name = ANDY-38AF1A8D42 | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 6, Application Name: Microsoft Office Outlook, Application Version:
12.0.6514.5000, Microsoft Office Version: 12.0.6425.1000. This session lasted 72
seconds with 60 seconds of active time. This session ended with a crash.

Error - 15/06/2010 17:15:20 | Computer Name = ANDY-38AF1A8D42 | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 6, Application Name: Microsoft Office Outlook, Application Version:
12.0.6514.5000, Microsoft Office Version: 12.0.6425.1000. This session lasted 74
seconds with 60 seconds of active time. This session ended with a crash.

Error - 20/07/2010 17:24:53 | Computer Name = ANDY-38AF1A8D42 | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 6, Application Name: Microsoft Office Outlook, Application Version:
12.0.6535.5005, Microsoft Office Version: 12.0.6425.1000. This session lasted 174
seconds with 60 seconds of active time. This session ended with a crash.

Error - 20/08/2010 17:56:52 | Computer Name = ANDY-38AF1A8D42 | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 3, Application Name: Microsoft Office PowerPoint, Application
Version: 12.0.6500.5000, Microsoft Office Version: 12.0.6425.1000. This session
lasted 90 seconds with 60 seconds of active time. This session ended with a crash.

Error - 05/09/2010 05:45:53 | Computer Name = ANDY-38AF1A8D42 | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 6, Application Name: Microsoft Office Outlook, Application Version:
12.0.6535.5005, Microsoft Office Version: 12.0.6425.1000. This session lasted 687
seconds with 180 seconds of active time. This session ended with a crash.

Error - 06/09/2010 14:56:37 | Computer Name = ANDY-38AF1A8D42 | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 6, Application Name: Microsoft Office Outlook, Application Version:
12.0.6535.5005, Microsoft Office Version: 12.0.6425.1000. This session lasted 30185
seconds with 1260 seconds of active time. This session ended with a crash.

Error - 03/08/2011 14:21:25 | Computer Name = ANDY-38AF1A8D42 | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 6, Application Name: Microsoft Office Outlook, Application Version:
12.0.6557.5001, Microsoft Office Version: 12.0.6425.1000. This session lasted 50
seconds with 0 seconds of active time. This session ended with a crash.

[ System Events ]
Error - 07/01/2012 13:20:50 | Computer Name = ANDY-38AF1A8D42 | Source = Service Control Manager | ID = 7009
Description = Timeout (30000 milliseconds) waiting for the TVersityMediaServer service
to connect.

Error - 11/01/2012 13:50:41 | Computer Name = ANDY-38AF1A8D42 | Source = Service Control Manager | ID = 7009
Description = Timeout (30000 milliseconds) waiting for the TVersityMediaServer service
to connect.

Error - 20/01/2012 13:07:01 | Computer Name = ANDY-38AF1A8D42 | Source = Service Control Manager | ID = 7009
Description = Timeout (30000 milliseconds) waiting for the TVersityMediaServer service
to connect.

Error - 27/01/2012 04:51:18 | Computer Name = ANDY-38AF1A8D42 | Source = Service Control Manager | ID = 7022
Description = The AVGIDSAgent service hung on starting.

Error - 28/01/2012 04:50:00 | Computer Name = ANDY-38AF1A8D42 | Source = Service Control Manager | ID = 7022
Description = The AVGIDSAgent service hung on starting.

Error - 30/01/2012 10:19:30 | Computer Name = ANDY-38AF1A8D42 | Source = Service Control Manager | ID = 7011
Description = Timeout (30000 milliseconds) waiting for a transaction response from
the NVSvc service.

Error - 05/02/2012 14:03:35 | Computer Name = ANDY-38AF1A8D42 | Source = Service Control Manager | ID = 7009
Description = Timeout (30000 milliseconds) waiting for the TVersityMediaServer service
to connect.

Error - 16/02/2012 15:51:19 | Computer Name = ANDY-38AF1A8D42 | Source = Service Control Manager | ID = 7009
Description = Timeout (30000 milliseconds) waiting for the TVersityMediaServer service
to connect.

Error - 23/02/2012 08:54:20 | Computer Name = ANDY-38AF1A8D42 | Source = Service Control Manager | ID = 7009
Description = Timeout (30000 milliseconds) waiting for the TVersityMediaServer service
to connect.

Error - 08/03/2012 18:02:05 | Computer Name = ANDY-38AF1A8D42 | Source = Service Control Manager | ID = 7022
Description = The AVGIDSAgent service hung on starting.


< End of report >
  • 0

Advertisements

#2
Nedklaw
Posted 17 March 2012 - 01:46 PM

Nedklaw

    Trusted Helper

  • Malware Removal
  • 1,652 posts
Hello, nobbyburton! :wave:
Sorry for the delay!!! Our volunteers are very busy.

:welcome: I'm Nedklaw and I'll be glad to help you with your malware issues. :)

I am currently still in training and my posts have to be approved by an expert so please expect a delay between my posts.

These instructions are specifically designed for nobbyburton only. No one else should follow these instructions because it can cause serious damage to your computer.

Before we start to clean your computer of malware, please read through the following points to help me and you, and prevent damage to your computer:
  • Please completely read through all of the instructions given to you before attempting to follow them. Reading too lightly will cause you to miss important steps, which could have DESTRUCTIVE effects. If you can't perform a certain step or you are unsure about what to do, let me know!
  • Don't be afraid to ask questions! If you are unsure about anything, ask me! No question is considered stupid here!
  • Be patient with me, logs can take some time to research and my life can mean that I'm busy.
  • Please copy and paste all logs into your reply. Do not attach logs to a post unless I tell you to or if they don't fit in the post.
  • If I instruct you to download a specific tool in which you already have, please delete the copy that you have and re-download the tool. The reason I ask you to do this is because these tools are updated fairly regularly.
  • NEVER fix anything in OTL or other programs on your own! This can be very dangerous and cause harm to your system.
  • Refrain from running any other tools apart from the ones I tell you to.
Note: You should save or print out my instructions for easy reference, as part of the fix may be in Safe Mode and you won't be able to access GeeksToGo.


Do you still require assistance with your problem?
  • 0
Back to Can't Run Any Antivirus or Malware Removal Programs · Next Unread Topic →




Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

  1. Geeks to Go Community
  2. Security
  3. Can't Run Any Antivirus or Malware Removal Programs

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP