My problems began when my PC picked up Live Platinum Security,which immediately played havoc with the comp,preventing programs,including Firefox and even task manager from running.After booting in safe mode,I was able to run an Avira scan which detected and quarantined several infections.Once back in normal mode everything seemed fine,except my desktop icons wouldnt remain in place,and my folder views were all messed up,and wouldn't 'remember'. Restoring the registry from an ERUNT file made a week earlier,however,fixed this issue and all was well..for a couple of hours when Avira suddenly - and briefly - alerted the presence of a rootkit,before shutting down by itself.Zone Alarm also shutdown,and neither would respond.
A reboot took a long time before any desktop appeared,and a look at task manager showed two items running I've never seen before - nxwainsm.exe and vscfglqg.exe - both of these eventually disappeared from taskmanager,although the former keeps returning to the temp folder with very reboot,even after deleting,and the latter remains on the msconfig startup list even after disabling.
As of this posting,a tdss killer scan showed an anomaly which it cleared,and the comp now boots faster,malwarebytes wont run unless I open the program folder and rename the mbam exe to something else - it then updates but a full scan showed nothing.
Superantispyware will open normally,but fails to update and again a scan shows nothing.Spybot will not open and Avira doesnt run automatically,has to be started manually at boot up.Finally,unable to access the home sites of malwarebytes,superantispyware,etc.
Your help would be greatly appreciated! OTL logs follow (for some reason two logs were created,one called extras,so both are provided)
Many thanks.
OTL logfile created on: 09/08/2012 22:34:21 - Run 1
OTL by OldTimer - Version 3.2.56.0 Folder = C:\Documents and Settings\CHRIS\Desktop
Windows XP Home Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000809 | Country: United Kingdom | Language: ENG | Date Format: dd/MM/yyyy
1023.48 Mb Total Physical Memory | 364.27 Mb Available Physical Memory | 35.59% Memory free
2.41 Gb Paging File | 1.69 Gb Available in Paging File | 70.11% Paging File free
Paging file location(s): C:\pagefile.sys 1536 3072 [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 111.80 Gb Total Space | 42.88 Gb Free Space | 38.36% Space Free | Partition Type: NTFS
Computer Name: CHRIS-3961AAA10 | User Name: CHRIS | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days
========== Processes (SafeList) ==========
PRC - [2012/08/09 22:28:36 | 000,596,480 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\CHRIS\Desktop\OTL.exe
PRC - [2012/08/08 21:48:47 | 000,348,664 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Program Files\Avira\AntiVir Desktop\avgnt.exe
PRC - [2012/06/14 23:20:13 | 000,913,888 | ---- | M] (Mozilla Corporation) -- C:\Program Files\Mozilla Firefox\firefox.exe
PRC - [2012/05/08 22:20:08 | 000,086,224 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Program Files\Avira\AntiVir Desktop\sched.exe
PRC - [2012/05/08 22:20:06 | 000,110,032 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Program Files\Avira\AntiVir Desktop\avguard.exe
PRC - [2012/05/08 22:20:06 | 000,080,336 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Program Files\Avira\AntiVir Desktop\avshadow.exe
PRC - [2011/12/21 00:41:44 | 006,676,808 | ---- | M] (COMODO) -- C:\Program Files\Comodo\COMODO Internet Security\cfp.exe
PRC - [2011/12/19 18:59:00 | 001,960,584 | ---- | M] (COMODO) -- C:\Program Files\Comodo\COMODO Internet Security\cmdagent.exe
PRC - [2011/11/23 11:27:04 | 001,052,472 | ---- | M] (COMODO) -- C:\Program Files\Comodo\COMODO GeekBuddy\CLPSLS.exe
PRC - [2011/11/23 11:27:04 | 000,992,056 | ---- | M] (COMODO) -- C:\Program Files\Comodo\COMODO GeekBuddy\CLPS.exe
PRC - [2010/04/15 19:01:58 | 001,732,960 | ---- | M] (Diskeeper Corporation) -- C:\Program Files\Diskeeper Corporation\Diskeeper\DkService.exe
PRC - [2008/04/14 01:12:19 | 001,033,728 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
========== Modules (No Company Name) ==========
MOD - [2012/08/09 16:05:06 | 009,465,032 | ---- | M] () -- C:\WINDOWS\system32\Macromed\Flash\NPSWF32_11_3_300_270.dll
MOD - [2012/06/14 23:20:15 | 002,042,848 | ---- | M] () -- C:\Program Files\Mozilla Firefox\mozjs.dll
MOD - [2012/05/08 22:20:08 | 000,398,288 | ---- | M] () -- C:\Program Files\Avira\AntiVir Desktop\sqlite3.dll
MOD - [2011/11/23 11:27:10 | 004,284,728 | ---- | M] () -- C:\Program Files\Comodo\COMODO GeekBuddy\Components\Core\Socket\Adaptor.dll
MOD - [2011/11/23 11:27:10 | 002,085,688 | ---- | M] () -- C:\Program Files\Comodo\COMODO GeekBuddy\Components\Core\GuiListener\export.dll
MOD - [2011/11/23 11:27:10 | 001,764,664 | ---- | M] () -- C:\Program Files\Comodo\COMODO GeekBuddy\Components\Core\Socket\Export.dll
MOD - [2011/11/23 11:27:10 | 000,339,768 | ---- | M] () -- C:\Program Files\Comodo\COMODO GeekBuddy\Components\Core\RemoteDesktop\Export.dll
MOD - [2011/11/23 11:27:10 | 000,049,976 | ---- | M] () -- C:\Program Files\Comodo\COMODO GeekBuddy\Components\Core\RemoteDesktop\ShHook.dll
MOD - [2011/11/23 11:27:08 | 000,464,184 | ---- | M] () -- C:\Program Files\Comodo\COMODO GeekBuddy\Components\Core\CRF\export.dll
MOD - [2011/11/23 11:27:08 | 000,328,504 | ---- | M] () -- C:\Program Files\Comodo\COMODO GeekBuddy\Components\Core\EventMonitor\export.dll
MOD - [2011/11/23 11:27:08 | 000,126,776 | ---- | M] () -- C:\Program Files\Comodo\COMODO GeekBuddy\Components\Core\EventMonitor\EventMonitor.dll
MOD - [2011/11/23 11:27:06 | 001,131,320 | ---- | M] () -- C:\Program Files\Comodo\COMODO GeekBuddy\CLPS_RES.dll
MOD - [2011/11/23 11:27:06 | 000,020,280 | ---- | M] () -- C:\Program Files\Comodo\COMODO GeekBuddy\CLPSLANG.dll
MOD - [2010/03/15 11:28:22 | 000,141,824 | ---- | M] () -- C:\Program Files\WinRAR\RarExt.dll
MOD - [2007/09/19 20:15:00 | 000,161,792 | ---- | M] () -- C:\Program Files\Audio Converter Plus\audioconverter.dll
========== Win32 Services (SafeList) ==========
SRV - File not found [Disabled | Stopped] -- %SystemRoot%\System32\hidserv.dll -- (HidServ)
SRV - File not found [Disabled | Stopped] -- %SystemRoot%\System32\appmgmts.dll -- (AppMgmt)
SRV - [2012/08/09 16:05:14 | 000,250,056 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2012/06/14 23:20:14 | 000,113,120 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
SRV - [2012/05/08 22:20:08 | 000,086,224 | ---- | M] (Avira Operations GmbH & Co. KG) [Auto | Running] -- C:\Program Files\Avira\AntiVir Desktop\sched.exe -- (AntiVirSchedulerService)
SRV - [2012/05/08 22:20:06 | 000,110,032 | ---- | M] (Avira Operations GmbH & Co. KG) [Auto | Running] -- C:\Program Files\Avira\AntiVir Desktop\avguard.exe -- (AntiVirService)
SRV - [2011/12/19 18:59:00 | 001,960,584 | ---- | M] (COMODO) [Auto | Running] -- C:\Program Files\Comodo\COMODO Internet Security\cmdagent.exe -- (cmdAgent)
SRV - [2011/11/23 11:27:04 | 001,052,472 | ---- | M] (COMODO) [Auto | Running] -- C:\Program Files\Comodo\COMODO GeekBuddy\CLPSLS.exe -- (CLPSLS)
SRV - [2011/08/21 17:28:48 | 000,116,608 | ---- | M] (SUPERAntiSpyware.com) [Disabled | Stopped] -- C:\Program Files\SUPERAntiSpyware\SASCORE.EXE -- (!SASCORE)
SRV - [2011/07/13 15:00:16 | 000,036,352 | ---- | M] () [On_Demand | Stopped] -- C:\Program Files\HMA! Pro VPN\bin\openvpnserv.exe -- (OpenVPNService)
SRV - [2010/04/15 19:01:58 | 001,732,960 | ---- | M] (Diskeeper Corporation) [Auto | Running] -- C:\Program Files\Diskeeper Corporation\Diskeeper\DkService.exe -- (Diskeeper)
SRV - [2010/04/08 09:14:22 | 000,632,792 | ---- | M] (PC Tools) [Disabled | Stopped] -- C:\Program Files\Common Files\PC Tools\sMonitor\StartManSvc.exe -- (PCToolsSSDMonitorSvc)
SRV - [2008/11/11 09:38:06 | 000,620,544 | ---- | M] (Nokia.) [On_Demand | Stopped] -- C:\Program Files\PC Connectivity Solution\ServiceLayer.exe -- (ServiceLayer)
SRV - [2003/05/14 18:45:04 | 000,065,795 | R--- | M] (HP) [On_Demand | Stopped] -- C:\WINDOWS\system32\HPZipm12.exe -- (Pml Driver HPZ12)
========== Driver Services (SafeList) ==========
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (WDICA)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDRFRAME)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDRELI)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDFRAME)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDCOMP)
DRV - File not found [Kernel | System | Stopped] -- -- (PCIDump)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\DOCUME~1\CHRIS\LOCALS~1\Temp\dhamjims.sys -- (Micorsoft Windows Service)
DRV - File not found [Kernel | System | Stopped] -- -- (lbrtfdc)
DRV - File not found [Kernel | System | Stopped] -- -- (i2omgmt)
DRV - File not found [Kernel | System | Stopped] -- -- (Changer)
DRV - [2012/08/09 17:53:14 | 000,040,776 | ---- | M] (Malwarebytes Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\mbamswissarmy.sys -- (MBAMSwissArmy)
DRV - [2012/05/08 22:20:08 | 000,137,928 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\avipbb.sys -- (avipbb)
DRV - [2012/05/08 22:20:08 | 000,083,392 | ---- | M] (Avira GmbH) [File_System | Auto | Running] -- C:\WINDOWS\system32\drivers\avgntflt.sys -- (avgntflt)
DRV - [2012/03/28 22:11:02 | 000,020,032 | ---- | M] (Devguru Co., Ltd) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\dgderdrv.sys -- (dgderdrv)
DRV - [2012/02/24 10:14:42 | 000,181,432 | ---- | M] (DEVGURU Co., LTD.(www.devguru.co.kr)) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ssudmdm.sys -- (ssudmdm)
DRV - [2012/02/24 10:14:42 | 000,080,824 | ---- | M] (DEVGURU Co., LTD.(www.devguru.co.kr)) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ssudbus.sys -- (dg_ssudbus)
DRV - [2011/12/20 08:39:28 | 000,100,368 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\AtihdXP3.sys -- (AtiHDAudioService)
DRV - [2011/12/19 18:59:24 | 000,097,760 | ---- | M] (COMODO) [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\inspect.sys -- (Inspect)
DRV - [2011/12/19 18:59:22 | 000,494,816 | ---- | M] (COMODO) [File_System | System | Running] -- C:\WINDOWS\system32\drivers\cmdGuard.sys -- (cmdGuard)
DRV - [2011/12/19 18:59:22 | 000,031,704 | ---- | M] (COMODO) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\cmdhlp.sys -- (cmdHlp)
DRV - [2011/12/06 04:42:18 | 007,490,560 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ati2mtag.sys -- (ati2mtag)
DRV - [2011/10/11 15:00:32 | 000,036,000 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\avkmgr.sys -- (avkmgr)
DRV - [2011/08/07 13:00:05 | 000,067,664 | ---- | M] (SUPERAdBlocker.com and SUPERAntiSpyware.com) [Kernel | System | Running] -- C:\Program Files\SUPERAntiSpyware\SASKUTIL.SYS -- (SASKUTIL)
DRV - [2011/08/07 13:00:04 | 000,012,880 | ---- | M] (SUPERAdBlocker.com and SUPERAntiSpyware.com) [Kernel | System | Running] -- C:\Program Files\SUPERAntiSpyware\SASDIFSV.SYS -- (SASDIFSV)
DRV - [2011/07/13 15:00:14 | 000,026,112 | ---- | M] (The OpenVPN Project) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\tap0901.sys -- (tap0901)
DRV - [2011/04/01 00:14:06 | 000,023,608 | ---- | M] (Windows ® Codename Longhorn DDK provider) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\DrmRAudio.sys -- (DrmRAudio)
DRV - [2010/07/16 01:45:44 | 000,035,088 | ---- | M] (CACE Technologies, Inc.) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\npf.sys -- (npf)
DRV - [2010/06/17 15:14:27 | 000,028,520 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\ssmdrv.sys -- (ssmdrv)
DRV - [2010/05/01 07:51:28 | 000,036,640 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\FsUsbExDisk.Sys -- (FsUsbExDisk)
DRV - [2010/03/10 11:29:24 | 000,042,144 | ---- | M] (Diskeeper Corporation) [File_System | On_Demand | Running] -- C:\WINDOWS\system32\drivers\DKRtWrt.sys -- (DKRtWrt)
DRV - [2008/11/07 17:35:54 | 000,455,168 | ---- | M] (eMPIA Technology, Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\emOEM.sys -- (USB28xxOEM)
DRV - [2008/11/07 17:35:52 | 000,561,536 | ---- | M] (eMPIA Technology, Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\emBDA.sys -- (USB28xxBGA)
DRV - [2008/09/24 10:40:22 | 004,122,368 | R--- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\alcxwdm.sys -- (ALCXWDM)
DRV - [2008/08/26 09:26:12 | 000,018,816 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\pccsmcfd.sys -- (pccsmcfd)
DRV - [2008/04/13 19:46:22 | 000,015,232 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\MPE.sys -- (MPE)
DRV - [2005/11/14 07:19:28 | 000,027,264 | R--- | M] (Saitek) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\SaiU5F0D.sys -- (SaiU5F0D)
DRV - [2005/11/14 07:19:26 | 000,176,640 | R--- | M] (Saitek) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\SaiH5F0D.sys -- (SaiH5F0D)
DRV - [2005/07/22 03:38:20 | 000,033,792 | R--- | M] (Saitek) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\SaiBus.sys -- (SaiNtBus)
DRV - [2005/07/22 03:38:20 | 000,013,312 | R--- | M] (Saitek) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\SaiMini.sys -- (SaiMini)
DRV - [2004/10/08 12:59:11 | 000,326,656 | R--- | M] (Logitech Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\Camdrl.sys -- (CamDrL)
DRV - [2004/10/08 12:57:48 | 000,022,016 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\LVUSBSta.sys -- (LVUSBSta)
DRV - [2004/10/08 02:16:04 | 000,035,840 | ---- | M] (Oak Technology Inc.) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\AFS2K.SYS -- (AFS2K)
DRV - [2004/08/03 23:31:36 | 000,032,768 | ---- | M] (SiS Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\sisnic.sys -- (SISNIC)
========== Standard Registry (SafeList) ==========
========== Internet Explorer ==========
IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://search.live.c...ferrer:source?}
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.trle.net/
IE - HKCU\..\URLSearchHook: {1392b8d2-5c05-419f-a8f6-b9f15a596612} - C:\Program Files\Freecorder\prxtbFree.dll (Conduit Ltd.)
IE - HKCU\..\SearchScopes,DefaultScope = {afdbddaa-5d3f-42ee-b79c-185a7020515b}
IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://search.live.c...Box&Form=IE8SRC
IE - HKCU\..\SearchScopes\{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}: "URL" = http://search.babylo...search&AF=10588
IE - HKCU\..\SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b}: "URL" = http://search.condui...3&SSPV=IEAUTOBR
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
========== FireFox ==========
FF - user.js - File not found
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\WINDOWS\system32\Macromed\Flash\NPSWF32_11_3_300_270.dll ()
FF - HKLM\Software\MozillaPlugins\@checkpoint.com/FFApi: File not found
FF - HKLM\Software\MozillaPlugins\@emusic.com/dlm-plugin: C:\Program Files\eMusic Download Manager\plugin\npemusic.dll (eMusic.com)
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.4.1: C:\WINDOWS\system32\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre6\bin\plugin2\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@real.com/nppl3260;version=6.0.12.450: C:\Program Files\Real Alternative\browser\plugins\nppl3260.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprpjplug;version=6.0.12.448: C:\Program Files\Real Alternative\browser\plugins\nprpjplug.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nsJSRealPlayerPlugin;version=: File not found
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKCU\Software\MozillaPlugins\@emusic.com/dlm-plugin: C:\Program Files\eMusic Download Manager\plugin\npemusic.dll (eMusic.com)
FF - HKEY_LOCAL_MACHINE\software\mozilla\eMusic Download Manager\Extensions\\Components: C:\Program Files\eMusic Download Manager\xulrunner\components [2010/09/15 17:03:24 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\eMusic Download Manager\Extensions\\Plugins: C:\Program Files\eMusic Download Manager\xulrunner\plugins [2012/02/22 23:08:04 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 13.0.1\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2012/06/28 19:07:56 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 13.0.1\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2012/05/12 19:23:15 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Firefox\Extensions\\[email protected]:
[2010/07/25 19:22:23 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\CHRIS\Application Data\Mozilla\Extensions
[2012/07/29 22:18:10 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\CHRIS\Application Data\Mozilla\Firefox\Profiles\v7gq7w42.default\extensions
[2012/07/16 14:40:17 | 000,000,000 | ---D | M] (Freecorder Community Toolbar) -- C:\Documents and Settings\CHRIS\Application Data\Mozilla\Firefox\Profiles\v7gq7w42.default\extensions\{1392b8d2-5c05-419f-a8f6-b9f15a596612}
[2010/07/31 18:39:04 | 000,000,000 | ---D | M] (IP Changer) -- C:\Documents and Settings\CHRIS\Application Data\Mozilla\Firefox\Profiles\v7gq7w42.default\extensions\Proxybar@Proxy
[2012/06/28 19:07:56 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions
[2010/09/15 17:03:25 | 000,000,000 | ---D | M] (eMusic - Apple iTunes Support) -- C:\PROGRAM FILES\EMUSIC DOWNLOAD MANAGER\XULRUNNER\EXTENSIONS\[email protected]
[2010/09/15 17:03:25 | 000,000,000 | ---D | M] (eMusic - Nullsoft Winamp Support) -- C:\PROGRAM FILES\EMUSIC DOWNLOAD MANAGER\XULRUNNER\EXTENSIONS\[email protected]
[2010/09/15 17:03:25 | 000,000,000 | ---D | M] (eMusic - Microsoft Media Player Support) -- C:\PROGRAM FILES\EMUSIC DOWNLOAD MANAGER\XULRUNNER\EXTENSIONS\[email protected]
[2012/06/14 23:20:49 | 000,085,472 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\browsercomps.dll
[2010/06/27 11:23:03 | 000,226,816 | ---- | M] (Microsoft Corporation) -- C:\Program Files\mozilla firefox\plugins\npdrmv2.dll
[2010/06/27 11:22:32 | 000,364,544 | ---- | M] (Microsoft Corporation (written by Digital Renaissance Inc.)) -- C:\Program Files\mozilla firefox\plugins\npdsplay.dll
[2010/06/27 11:22:51 | 000,010,240 | ---- | M] (Microsoft Corporation) -- C:\Program Files\mozilla firefox\plugins\npwmsdrm.dll
[2011/01/16 21:13:11 | 000,002,226 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\babylon.xml
[2012/06/14 23:19:40 | 000,002,252 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\bing.xml
[2012/06/14 23:19:40 | 000,002,040 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\twitter.xml
========== Chrome ==========
CHR - default_search_provider: Google (Enabled)
CHR - default_search_provider: search_url = {google:baseURL}search?{google:RLZ}{google:acceptedSuggestion}{google:originalQueryForSuggestion}sourceid=chrome&ie={inputEncoding}&q={searchTerms}
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?client=chrome&hl={language}&q={searchTerms}
CHR - homepage: http://www.google.com/
CHR - Extension: New Tab, New Window = C:\Documents and Settings\CHRIS\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\dndlcbaomdoggooaficldplkcmkfpgff\2.0_0\
CHR - Extension: AdBlock = C:\Documents and Settings\CHRIS\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.4.27_0\
O1 HOSTS File: ([2012/08/08 18:36:40 | 000,443,278 | R--- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 www.007guard.com
O1 - Hosts: 127.0.0.1 007guard.com
O1 - Hosts: 127.0.0.1 008i.com
O1 - Hosts: 127.0.0.1 www.008k.com
O1 - Hosts: 127.0.0.1 008k.com
O1 - Hosts: 127.0.0.1 www.00hq.com
O1 - Hosts: 127.0.0.1 00hq.com
O1 - Hosts: 127.0.0.1 010402.com
O1 - Hosts: 127.0.0.1 www.032439.com
O1 - Hosts: 127.0.0.1 032439.com
O1 - Hosts: 127.0.0.1 www.0scan.com
O1 - Hosts: 127.0.0.1 0scan.com
O1 - Hosts: 127.0.0.1 1000gratisproben.com
O1 - Hosts: 127.0.0.1 www.1000gratisproben.com
O1 - Hosts: 127.0.0.1 1001namen.com
O1 - Hosts: 127.0.0.1 www.1001namen.com
O1 - Hosts: 127.0.0.1 100888290cs.com
O1 - Hosts: 127.0.0.1 www.100888290cs.com
O1 - Hosts: 127.0.0.1 www.100sexlinks.com
O1 - Hosts: 127.0.0.1 100sexlinks.com
O1 - Hosts: 127.0.0.1 10sek.com
O1 - Hosts: 127.0.0.1 www.10sek.com
O1 - Hosts: 127.0.0.1 www.1-2005-search.com
O1 - Hosts: 127.0.0.1 1-2005-search.com
O1 - Hosts: 127.0.0.1 123fporn.info
O1 - Hosts: 15251 more lines...
O2 - BHO: (Freecorder Toolbar) - {1392b8d2-5c05-419f-a8f6-b9f15a596612} - C:\Program Files\Freecorder\prxtbFree.dll (Conduit Ltd.)
O2 - BHO: (Java Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll (Sun Microsystems, Inc.)
O3 - HKLM\..\Toolbar: (Freecorder Toolbar) - {1392b8d2-5c05-419f-a8f6-b9f15a596612} - C:\Program Files\Freecorder\prxtbFree.dll (Conduit Ltd.)
O3 - HKCU\..\Toolbar\WebBrowser: (Freecorder Toolbar) - {1392B8D2-5C05-419F-A8F6-B9F15A596612} - C:\Program Files\Freecorder\prxtbFree.dll (Conduit Ltd.)
O4 - HKLM..\Run: [avgnt] C:\Program Files\Avira\AntiVir Desktop\avgnt.exe (Avira Operations GmbH & Co. KG)
O4 - HKLM..\Run: [COMODO] C:\Program Files\Comodo\COMODO GeekBuddy\CLPSLA.exe (COMODO)
O4 - HKLM..\Run: [COMODO Internet Security] C:\Program Files\COMODO\COMODO Internet Security\cfp.exe (COMODO)
O4 - HKLM..\Run: [CPA] C:\Program Files\Comodo\COMODO GeekBuddy\VALA.exe (COMODO)
O4 - HKCU..\Run: [VscFglqg] C:\Documents and Settings\CHRIS\Local Settings\Application Data\nmksvlhp\vscfglqg.exe File not found
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = DF 00 00 00 [binary data]
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} http://www.update.mi...b?1280082859593 (MUWebControl Class)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_32)
O16 - DPF: {CAFEEFAC-0016-0000-0032-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_32)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_32)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.254
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{75ECFB8D-C3CD-4CA0-9932-871912AAC4E2}: DhcpNameServer = 192.168.1.254
O18 - Protocol\Handler\cetihpz {CF184AD3-CDCB-4168-A3F7-8E447D129300} - C:\Program Files\HP\hpcoretech\comp\hpuiprot.dll (Hewlett-Packard Company)
O20 - AppInit_DLLs: (WLControl.dll) - File not found
O20 - AppInit_DLLs: (C:\WINDOWS\system32\guard32.dll) - C:\WINDOWS\system32\guard32.dll (COMODO)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\WINDOWS\system32\userinit.exe) - C:\WINDOWS\system32\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\DOCUME~1\CHRIS\LOCALS~1\Temp\nxwainsm.exe) - File not found
O20 - HKLM Winlogon: UserInit - (C:\Documents and Settings\CHRIS\Local Settings\Application Data\nmksvlhp\vscfglqg.exe) - C:\Documents and Settings\CHRIS\Local Settings\Application Data\nmksvlhp\vscfglqg.exe File not found
O20 - Winlogon\Notify\!SASWinLogon: DllName - (C:\Program Files\SUPERAntiSpyware\SASWINLO.DLL) - C:\Program Files\SUPERAntiSpyware\SASWINLO.DLL (SUPERAntiSpyware.com)
O20 - Winlogon\Notify\AtiExtEvent: DllName - (Ati2evxx.dll) - C:\WINDOWS\System32\ati2evxx.dll (ATI Technologies Inc.)
O24 - Desktop WallPaper: C:\Documents and Settings\CHRIS\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O24 - Desktop BackupWallPaper: C:\Documents and Settings\CHRIS\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O28 - HKLM ShellExecuteHooks: {5AE067D3-9AFB-48E0-853A-EBB7F4A000DA} - C:\Program Files\SUPERAntiSpyware\SASSEH.DLL (SuperAdBlocker.com)
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2010/07/25 16:36:28 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
========== Files/Folders - Created Within 30 Days ==========
[2012/08/09 22:28:35 | 000,596,480 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\CHRIS\Desktop\OTL.exe
[2012/08/09 22:23:22 | 000,000,000 | ---D | C] -- C:\32788R22FWJFW
[2012/08/09 22:07:21 | 000,000,000 | ---D | C] -- C:\Documents and Settings\CHRIS\Local Settings\Application Data\Comodo
[2012/08/09 22:05:18 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users.WINDOWS\Application Data\CPA_VA
[2012/08/09 22:04:12 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users.WINDOWS\Documents\COMODO
[2012/08/09 21:58:36 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users.WINDOWS\Application Data\Comodo
[2012/08/09 21:58:25 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users.WINDOWS\Start Menu\Programs\Comodo
[2012/08/09 21:58:20 | 000,000,000 | ---D | C] -- C:\Program Files\Comodo
[2012/08/09 17:52:15 | 000,040,776 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbamswissarmy.sys
[2012/08/09 15:46:47 | 000,000,000 | ---D | C] -- C:\Documents and Settings\CHRIS\DoctorWeb
[2012/08/09 00:09:08 | 000,000,000 | ---D | C] -- C:\TDSSKiller_Quarantine
[2012/08/08 14:27:47 | 000,000,000 | ---D | C] -- C:\Documents and Settings\CHRIS\Desktop\tdsskiller
[2012/08/07 16:32:40 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users.WINDOWS\Application Data\6F638BBA00449709F212F0ED7B07D329
[2012/07/22 22:15:16 | 000,000,000 | ---D | C] -- C:\Documents and Settings\CHRIS\Desktop\Concrete Wave Evolutions 6
[2012/07/19 21:32:57 | 000,000,000 | ---D | C] -- C:\Documents and Settings\CHRIS\Application Data\PriceGong
[2012/07/18 15:53:38 | 000,000,000 | ---D | C] -- C:\Documents and Settings\CHRIS\Desktop\Concrete Wave Evolutions 4
[2012/07/12 23:55:22 | 000,000,000 | ---D | C] -- C:\Documents and Settings\CHRIS\Desktop\atlantis
[2010/07/26 11:15:03 | 000,047,360 | ---- | C] (VSO Software) -- C:\Documents and Settings\CHRIS\Application Data\pcouffin.sys
========== Files - Modified Within 30 Days ==========
[2012/08/09 22:28:36 | 000,596,480 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\CHRIS\Desktop\OTL.exe
[2012/08/09 22:25:36 | 001,552,896 | ---- | M] () -- C:\Documents and Settings\CHRIS\Desktop\RogueKiller.exe
[2012/08/09 22:21:48 | 003,868,001 | ---- | M] () -- C:\Documents and Settings\CHRIS\Desktop\ComboFix.exe
[2012/08/09 22:14:51 | 000,000,000 | -HS- | M] () -- C:\DkHyperbootSync
[2012/08/09 22:04:22 | 000,000,830 | ---- | M] () -- C:\WINDOWS\tasks\Adobe Flash Player Updater.job
[2012/08/09 22:02:48 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2012/08/09 21:59:08 | 000,001,653 | ---- | M] () -- C:\Documents and Settings\All Users.WINDOWS\Desktop\COMODO Firewall.lnk
[2012/08/09 21:58:36 | 000,000,933 | ---- | M] () -- C:\Documents and Settings\CHRIS\Application Data\Microsoft\Internet Explorer\Quick Launch\COMODO GeekBuddy.lnk
[2012/08/09 21:58:36 | 000,000,915 | ---- | M] () -- C:\Documents and Settings\All Users.WINDOWS\Desktop\COMODO GeekBuddy.lnk
[2012/08/09 21:58:25 | 000,000,763 | ---- | M] () -- C:\Documents and Settings\All Users.WINDOWS\Desktop\Comodo Dragon.lnk
[2012/08/09 19:24:03 | 000,000,342 | ---- | M] () -- C:\WINDOWS\tasks\HP Usg Daily.job
[2012/08/09 17:53:14 | 000,040,776 | ---- | M] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbamswissarmy.sys
[2012/08/09 01:03:43 | 000,000,232 | -HS- | M] () -- C:\boot.ini
[2012/08/08 23:44:56 | 019,922,944 | ---- | M] () -- C:\Documents and Settings\CHRIS\NTUSER.bak
[2012/08/08 23:20:43 | 000,094,292 | ---- | M] () -- C:\Documents and Settings\CHRIS\0.641622245941756.exe
[2012/08/08 19:45:36 | 000,013,646 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2012/08/08 18:36:40 | 000,443,278 | R--- | M] () -- C:\WINDOWS\System32\drivers\etc\hosts
[2012/08/08 15:04:35 | 000,000,784 | ---- | M] () -- C:\Documents and Settings\All Users.WINDOWS\Desktop\Malwarebytes Anti-Malware.lnk
[2012/08/06 16:00:27 | 000,231,936 | ---- | M] () -- C:\Documents and Settings\CHRIS\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2012/08/02 03:14:06 | 000,002,473 | ---- | M] () -- C:\Documents and Settings\All Users.WINDOWS\Desktop\Movavi Video Converter 10.lnk
[2012/07/31 23:00:25 | 000,000,069 | ---- | M] () -- C:\WINDOWS\NeroDigital.ini
[2012/07/30 00:06:51 | 000,000,675 | ---- | M] () -- C:\Documents and Settings\All Users.WINDOWS\Desktop\FLV Video Player.lnk
[2012/07/29 17:57:26 | 000,443,098 | R--- | M] () -- C:\WINDOWS\System32\drivers\etc\hosts.20120808-183640.backup
[2012/07/24 18:19:58 | 500,372,760 | ---- | M] () -- C:\Documents and Settings\CHRIS\Desktop\Rising Son - The Legend Of Skateboarder Christian Hosoi.flv
[2012/07/15 18:26:34 | 000,442,739 | R--- | M] () -- C:\WINDOWS\System32\drivers\etc\hosts.20120729-175726.backup
========== Files Created - No Company Name ==========
[2012/08/09 22:25:34 | 001,552,896 | ---- | C] () -- C:\Documents and Settings\CHRIS\Desktop\RogueKiller.exe
[2012/08/09 22:21:45 | 003,868,001 | ---- | C] () -- C:\Documents and Settings\CHRIS\Desktop\ComboFix.exe
[2012/08/09 22:14:51 | 000,000,000 | -HS- | C] () -- C:\DkHyperbootSync
[2012/08/09 21:59:08 | 000,001,653 | ---- | C] () -- C:\Documents and Settings\All Users.WINDOWS\Desktop\COMODO Firewall.lnk
[2012/08/09 21:58:36 | 000,000,933 | ---- | C] () -- C:\Documents and Settings\CHRIS\Application Data\Microsoft\Internet Explorer\Quick Launch\COMODO GeekBuddy.lnk
[2012/08/09 21:58:36 | 000,000,915 | ---- | C] () -- C:\Documents and Settings\All Users.WINDOWS\Desktop\COMODO GeekBuddy.lnk
[2012/08/09 21:58:25 | 000,000,763 | ---- | C] () -- C:\Documents and Settings\All Users.WINDOWS\Desktop\Comodo Dragon.lnk
[2012/08/08 23:20:42 | 000,094,292 | ---- | C] () -- C:\Documents and Settings\CHRIS\0.641622245941756.exe
[2012/07/25 15:18:53 | 500,372,760 | ---- | C] () -- C:\Documents and Settings\CHRIS\Desktop\Rising Son - The Legend Of Skateboarder Christian Hosoi.flv
[2012/07/22 16:30:21 | 612,424,266 | ---- | C] () -- C:\Documents and Settings\CHRIS\Desktop\Concrete_Wave_Evolutions_5.mp4
[2012/03/28 22:11:08 | 000,030,568 | ---- | C] () -- C:\WINDOWS\MusiccityDownload.exe
[2012/03/11 15:51:23 | 000,000,770 | ---- | C] () -- C:\WINDOWS\wininit.ini
[2012/01/30 16:53:27 | 000,000,000 | ---- | C] () -- C:\WINDOWS\ativpsrm.bin
[2012/01/30 16:52:04 | 000,887,724 | ---- | C] () -- C:\WINDOWS\System32\ativva6x.dat
[2012/01/30 16:52:02 | 000,608,507 | ---- | C] () -- C:\WINDOWS\System32\atiicdxx.dat
[2012/01/30 16:52:02 | 000,000,003 | ---- | C] () -- C:\WINDOWS\System32\ativva5x.dat
[2011/12/09 21:22:53 | 000,079,872 | ---- | C] () -- C:\WINDOWS\System32\ff_vfw.dll
[2011/12/05 23:04:00 | 000,059,904 | ---- | C] () -- C:\WINDOWS\System32\OpenVideo.dll
[2011/12/05 23:03:52 | 000,054,784 | ---- | C] () -- C:\WINDOWS\System32\OVDecode.dll
[2011/12/01 19:39:09 | 000,000,926 | ---- | C] () -- C:\WINDOWS\CDRipper.ini
[2011/11/14 16:39:35 | 000,004,212 | -H-- | C] () -- C:\WINDOWS\System32\zllictbl.dat
[2011/09/25 22:27:56 | 000,172,032 | ---- | C] () -- C:\WINDOWS\System32\binkw32.dll
[2011/06/27 23:28:00 | 000,000,427 | ---- | C] () -- C:\WINDOWS\ULEAD32.INI
[2011/06/27 22:46:34 | 000,004,972 | ---- | C] () -- C:\Documents and Settings\All Users.WINDOWS\Application Data\ojobkspa.ako
[2011/05/24 22:53:24 | 000,180,624 | ---- | C] () -- C:\WINDOWS\System32\Primomonnt.dll
[2011/02/18 17:40:44 | 000,000,028 | ---- | C] () -- C:\WINDOWS\ODBC.INI
[2011/01/29 17:00:22 | 000,974,848 | ---- | C] () -- C:\WINDOWS\System32\cis-2.4.dll
[2011/01/29 17:00:22 | 000,081,920 | ---- | C] () -- C:\WINDOWS\System32\issacapi_bs-2.3.dll
[2011/01/29 17:00:22 | 000,065,536 | ---- | C] () -- C:\WINDOWS\System32\issacapi_pe-2.3.dll
[2011/01/29 17:00:22 | 000,057,344 | ---- | C] () -- C:\WINDOWS\System32\issacapi_se-2.3.dll
[2011/01/17 20:38:53 | 000,177,152 | ---- | C] () -- C:\WINDOWS\Res2_uninst.exe
[2010/10/08 16:24:32 | 000,380,928 | ---- | C] () -- C:\WINDOWS\System32\GTTunerCard.dll
[2010/10/08 16:24:32 | 000,175,104 | ---- | C] () -- C:\WINDOWS\System32\lame_enc.dll
[2010/10/08 16:24:32 | 000,151,552 | ---- | C] () -- C:\WINDOWS\System32\ThumbExtract.dll
[2010/10/08 15:00:49 | 000,363,520 | ---- | C] () -- C:\WINDOWS\System32\PsisDecd.dll
[2010/09/02 15:12:47 | 000,020,801 | ---- | C] () -- C:\WINDOWS\HPHins02.dat
[2010/09/02 15:12:47 | 000,004,308 | ---- | C] () -- C:\WINDOWS\hphmdl02.dat
[2010/09/02 15:09:33 | 000,020,826 | ---- | C] () -- C:\WINDOWS\HPHins02.dat.temp
[2010/09/02 15:09:32 | 000,004,308 | ---- | C] () -- C:\WINDOWS\hphmdl02.dat.temp
[2010/08/30 15:53:22 | 000,003,728 | ---- | C] () -- C:\Documents and Settings\CHRIS\Application Data\wklnhst.dat
[2010/07/30 19:05:16 | 000,000,600 | ---- | C] () -- C:\Documents and Settings\CHRIS\Local Settings\Application Data\PUTTY.RND
[2010/07/30 17:55:18 | 000,002,528 | ---- | C] () -- C:\Documents and Settings\CHRIS\Application Data\$_hpcst$.hpc
[2010/07/27 11:49:11 | 000,231,936 | ---- | C] () -- C:\Documents and Settings\CHRIS\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2010/07/27 11:47:18 | 000,004,896 | ---- | C] () -- C:\Documents and Settings\All Users.WINDOWS\Application Data\kbkwknay.ayh
[2010/07/26 11:15:03 | 000,087,608 | ---- | C] () -- C:\Documents and Settings\CHRIS\Application Data\inst.exe
[2010/07/26 11:15:03 | 000,007,887 | ---- | C] () -- C:\Documents and Settings\CHRIS\Application Data\pcouffin.cat
[2010/07/26 11:15:03 | 000,001,144 | ---- | C] () -- C:\Documents and Settings\CHRIS\Application Data\pcouffin.inf
[2010/07/26 10:17:08 | 000,001,057 | ---- | C] () -- C:\Documents and Settings\CHRIS\Application Data\vso_ts_preview.xml
[2010/07/25 18:22:05 | 019,922,944 | ---- | C] () -- C:\Documents and Settings\CHRIS\NTUSER.bak
[2010/06/24 20:13:16 | 000,167,360 | ---- | C] () -- C:\Documents and Settings\LocalService\Local Settings\Application Data\FontCache3.0.0.0.dat
[2007/10/05 11:05:05 | 002,293,712 | ---- | C] () -- C:\Program Files\FLV PlayerFCSetup.exe
[2004/08/04 13:00:00 | 000,002,048 | -HS- | C] () -- C:\WINDOWS\Installer\{fbbe1b3c-81a7-ed04-4c48-d2d5689f1126}\@
[2004/08/04 13:00:00 | 000,002,048 | -HS- | C] () -- C:\Documents and Settings\CHRIS\Local Settings\Application Data\{fbbe1b3c-81a7-ed04-4c48-d2d5689f1126}\@
========== LOP Check ==========
[2011/08/07 13:00:09 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users.WINDOWS\Application Data\!SASCORE
[2012/08/08 14:36:01 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users.WINDOWS\Application Data\6F638BBA00449709F212F0ED7B07D329
[2012/08/09 00:22:18 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users.WINDOWS\Application Data\CheckPoint
[2012/08/09 22:05:18 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users.WINDOWS\Application Data\CPA_VA
[2010/07/27 15:57:00 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users.WINDOWS\Application Data\Diskeeper Corporation
[2010/07/31 18:15:23 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users.WINDOWS\Application Data\EPS
[2010/07/30 17:59:05 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users.WINDOWS\Application Data\PC Suite
[2012/04/15 21:53:43 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users.WINDOWS\Application Data\Samsung
[2012/07/29 18:48:22 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users.WINDOWS\Application Data\TEMP
[2010/07/27 11:24:47 | 000,000,000 | ---D | M] -- C:\Documents and Settings\CHRIS\Application Data\AnvSoft
[2012/07/06 15:34:40 | 000,000,000 | ---D | M] -- C:\Documents and Settings\CHRIS\Application Data\Aqyn
[2012/03/21 01:10:59 | 000,000,000 | ---D | M] -- C:\Documents and Settings\CHRIS\Application Data\Binreader
[2012/01/09 22:32:26 | 000,000,000 | ---D | M] -- C:\Documents and Settings\CHRIS\Application Data\calibre
[2011/03/18 01:26:06 | 000,000,000 | ---D | M] -- C:\Documents and Settings\CHRIS\Application Data\cYo
[2010/09/12 19:09:21 | 000,000,000 | ---D | M] -- C:\Documents and Settings\CHRIS\Application Data\dream-amr-converter
[2010/09/15 17:03:33 | 000,000,000 | ---D | M] -- C:\Documents and Settings\CHRIS\Application Data\eMusic
[2012/04/22 20:47:48 | 000,000,000 | ---D | M] -- C:\Documents and Settings\CHRIS\Application Data\GetRightToGo
[2010/07/27 10:45:48 | 000,000,000 | ---D | M] -- C:\Documents and Settings\CHRIS\Application Data\iPodder
[2012/07/08 23:41:07 | 000,000,000 | ---D | M] -- C:\Documents and Settings\CHRIS\Application Data\Kukuge
[2012/04/11 18:38:13 | 000,000,000 | ---D | M] -- C:\Documents and Settings\CHRIS\Application Data\Leawo
[2011/06/27 22:46:41 | 000,000,000 | ---D | M] -- C:\Documents and Settings\CHRIS\Application Data\MOVAVI
[2012/05/12 19:23:17 | 000,000,000 | ---D | M] -- C:\Documents and Settings\CHRIS\Application Data\Oracle
[2010/07/30 17:58:59 | 000,000,000 | ---D | M] -- C:\Documents and Settings\CHRIS\Application Data\PC Suite
[2012/07/19 21:32:58 | 000,000,000 | ---D | M] -- C:\Documents and Settings\CHRIS\Application Data\PriceGong
[2011/07/16 14:58:10 | 000,000,000 | ---D | M] -- C:\Documents and Settings\CHRIS\Application Data\PrimoPDF
[2010/08/08 17:26:45 | 000,000,000 | ---D | M] -- C:\Documents and Settings\CHRIS\Application Data\Registry Mechanic
[2012/04/15 21:58:02 | 000,000,000 | ---D | M] -- C:\Documents and Settings\CHRIS\Application Data\Samsung
[2010/08/30 15:53:24 | 000,000,000 | ---D | M] -- C:\Documents and Settings\CHRIS\Application Data\Template
[2012/04/11 18:38:30 | 000,000,000 | ---D | M] -- C:\Documents and Settings\CHRIS\Application Data\tiger-k
[2012/07/23 17:01:12 | 000,000,000 | ---D | M] -- C:\Documents and Settings\CHRIS\Application Data\uTorrent
[2012/05/01 18:04:35 | 000,000,000 | ---D | M] -- C:\Documents and Settings\CHRIS\Application Data\Vso
========== Purity Check ==========
========== Alternate Data Streams ==========
@Alternate Data Stream - 165 bytes -> C:\Documents and Settings\All Users.WINDOWS\Application Data\TEMP:DFC5A2B2
@Alternate Data Stream - 158 bytes -> C:\Documents and Settings\All Users.WINDOWS\Application Data\TEMP:D1B5B4F1
@Alternate Data Stream - 122 bytes -> C:\Documents and Settings\All Users.WINDOWS\Application Data\TEMP:A8ADE5D8
@Alternate Data Stream - 122 bytes -> C:\Documents and Settings\All Users.WINDOWS\Application Data\TEMP:85AA7074
< End of report >
OTL Extras logfile created on: 09/08/2012 22:34:21 - Run 1
OTL by OldTimer - Version 3.2.56.0 Folder = C:\Documents and Settings\CHRIS\Desktop
Windows XP Home Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000809 | Country: United Kingdom | Language: ENG | Date Format: dd/MM/yyyy
1023.48 Mb Total Physical Memory | 364.27 Mb Available Physical Memory | 35.59% Memory free
2.41 Gb Paging File | 1.69 Gb Available in Paging File | 70.11% Paging File free
Paging file location(s): C:\pagefile.sys 1536 3072 [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 111.80 Gb Total Space | 42.88 Gb Free Space | 38.36% Space Free | Partition Type: NTFS
Computer Name: CHRIS-3961AAA10 | User Name: CHRIS | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days
========== Extra Registry (SafeList) ==========
========== File Associations ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)
========== Shell Spawning ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
exefile [open] -- "%1" %*
htmlfile [edit] -- Reg Error: Key error.
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
========== Security Center Settings ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"FirstRunDisabled" = 1
"AntiVirusOverride" = 0
"FirewallOverride" = 0
"AntiVirusDisableNotify" = 0
"FirewallDisableNotify" = 0
"UpdatesDisableNotify" = 0
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall]
"DisableMonitoring" = 1
========== System Restore Settings ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Sr]
"Start" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SrService]
"Start" = 2
========== Firewall Settings ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
========== Authorized Applications List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"C:\WINDOWS\system32\ZoneLabs\vsmon.exe" = C:\WINDOWS\system32\ZoneLabs\vsmon.exe:*:Enabled:vsmon
"C:\WINDOWS\system32\muzapp.exe" = C:\WINDOWS\system32\muzapp.exe:*:Enabled:MUZ AOD APP player -- (Musiccity Co.Ltd.)
"C:\Program Files\uTorrent\uTorrent.exe" = C:\Program Files\uTorrent\uTorrent.exe:*:Enabled:µTorrent -- (BitTorrent, Inc.)
========== HKEY_LOCAL_MACHINE Uninstall List ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{02D5CE9B-6013-9D44-7C72-9D19A3878966}" = ccc-utility
"{02E89EFC-7B07-4D5A-AA03-9EC0902914EE}" = VC 9.0 Runtime
"{04AA1207-D8C6-45DC-A96D-48358EBE09F3}" = PSShortcuts
"{0A0CADCF-78DA-33C4-A350-CD51849B9702}" = Microsoft .NET Framework 4 Extended
"{1CB92574-96F2-467B-B793-5CEB35C40C29}" = Image Resizer Powertoy for Windows XP
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{236BB7C4-4419-42FD-0409-1E257A25E34D}" = Adobe Photoshop CS2
"{26A24AE4-039D-4CA4-87B4-2F83216032FF}" = Java 6 Update 32
"{28450FDB-2FA1-7B62-D172-239C195180BE}" = CCC Help German
"{2ECA81CA-D932-4AD3-AD59-BF5CCF099C83}" = Catalyst Control Center - Branding
"{312FD9DA-E8DD-ED75-5F79-768AD2A4ECC1}" = CCC Help Chinese Standard
"{34610DE0-3C13-42CA-8E32-01FFA38AB6E8}" = PC Connectivity Solution
"{350C97B0-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP
"{3C3901C5-3455-3E0A-A214-0B093A5070A6}" = Microsoft .NET Framework 4 Client Profile
"{416D80BA-6F6D-4672-B7CF-F54DA2F80B44}" = Microsoft Works
"{42FAD1F9-6170-992A-80AF-D320119AABEA}" = CCC Help Czech
"{441F3C2E-96AC-6E09-14F4-5C5195500B84}" = CCC Help Thai
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4B8AC992-363F-722E-7AB0-27509ABCAA8F}" = CCC Help Turkish
"{512C8C5F-2BC4-1D04-56EF-DDDBBB38D2E6}" = CCC Help Danish
"{517B8FB2-26EE-43B0-AE1B-07408860AA69}" = DigitImg
"{532296F3-2B86-869E-6330-63B8658C83FA}" = CCC Help Russian
"{5DAAD148-7E3B-EFA4-00E3-F3BED24FA7F7}" = CCC Help Japanese
"{5EE7D259-D137-4438-9A5F-42F432EC0421}" = VC80CRTRedist - 8.0.50727.4053
"{655EE3B7-0113-4C5E-B147-B82BA325643F}" = Saitek SST Programming Software
"{66712EEE-ECBC-4CA4-A474-dream-amr-converter}_is1" = Dream AMR Converter 3.0.3.2
"{67B988E3-8B5F-E19F-1F4E-8813237E3541}" = CCC Help Polish
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{71B358E3-3DA0-5DF5-F262-B47EC020246F}" = CCC Help Norwegian
"{758C8301-2696-4855-AF45-534B1200980A}" = Samsung Kies
"{75DC48BD-4273-E710-0C2F-8C037FE9D16C}" = CCC Help Italian
"{786C5747-1033-0000-B58E-000000000001}" = Adobe Stock Photos 1.0
"{799C0C2B-6F66-5A39-EA5A-78955D590BC9}" = CCC Help Dutch
"{7AEBFFF0-15A1-48A9-88F3-06604486C7C9}" = WMPTagSupportExtender
"{8543A572-5993-4101-BACC-C83884E183A4}" = One Touch Grabber
"{86CE85E6-DBAC-3FFD-B977-E4B79F83C909}" = Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570
"{8777AC6D-89F9-4793-8266-DE406F343E89}" = QFolder
"{8AF3E926-ED59-11D4-A44B-0000E86D2305}" = Ulead GIF Animator 5
"{8EDBA74D-0686-4C99-BFDD-F894678E5B39}" = Adobe Common File Installer
"{90481BEA-8F52-4FE7-A0D6-BBFAB003D997}" = Movavi Video Converter 10
"{930399D6-7458-76C6-B13A-BAB70C9C9929}" = CCC Help Spanish
"{987AADD6-425E-545D-043E-D10CE7B12DDE}" = CCC Help Chinese Traditional
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9B1BABA2-F38E-4C6B-A1EF-B83221FBB7A6}" = Private Proxy
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{9ECE13D2-C028-44CB-8A96-A65196E7BBE7}_is1" = Convert AVI to MP4 1.3
"{9FF24774-6E3A-47E3-ABA4-02B1B44910C5}" = USB Video Capture Device x86
"{A25FF1C0-80B6-4B8B-A551-DC525697A408}" = AMD APP SDK Runtime
"{A2763F0F-F905-3BA6-13EB-75713E7526E5}" = CCC Help Swedish
"{A2BD371F-54B4-48D1-A211-59B0567E8F26}_is1" = FLV Video Player 1.0
"{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}" = Microsoft .NET Framework 3.0 Service Pack 2
"{A309171A-87A4-52B0-6426-A581F7274FF9}" = CCC Help English
"{A49F249F-0C91-497F-86DF-B2585E8E76B7}" = Microsoft Visual C++ 2005 Redistributable
"{A67FC347-8673-3B77-1103-65C4AEDE3779}" = Catalyst Control Center Graphics Previews Common
"{AC76BA86-7AD7-1033-7B44-AA1000000001}" = Adobe Reader X (10.1.2)
"{B376402D-58EA-45EA-BD50-DD924EB67A70}" = HP Memories Disc
"{B4092C6D-E886-4CB2-BA68-FE5A88D31DE6}_is1" = Spybot - Search & Destroy
"{B43A3B44-2FBE-45A4-86A3-1CB9D3BC230A}" = PS7200
"{B74D4E10-1033-0000-0000-000000000001}" = Adobe Bridge 1.0
"{B971E11B-DFEB-3D69-E03C-0932FA01B0E6}" = Catalyst Control Center
"{BE073173-C12B-2D33-2C50-E5875BB56CEC}" = CCC Help French
"{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}" = Microsoft .NET Framework 2.0 Service Pack 2
"{C18F32CD-780C-BD89-C077-5D093D05171B}" = CCC Help Greek
"{C43048A9-742C-4DAD-90D2-E3B53C9DB825}" = Logitech QuickCam Software
"{C4C843CE-5851-41BC-A17B-E158B996B50D}" = Diskeeper 2010
"{C852EC6B-97DA-FF9F-D633-2EA375C3A799}" = AMD Catalyst Install Manager
"{CB100A6A-06BE-BBC1-9BCE-79A1013A91E1}" = CCC Help Korean
"{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}" = Microsoft .NET Framework 1.1
"{CDDCBBF1-2703-46BC-938B-BCC81A1EEAAA}" = SUPERAntiSpyware
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}" = SAMSUNG USB Driver for Mobile Phones
"{D6AB1F5B-FED6-49A9-9747-327BD28FB3C7}" = COMODO Internet Security
"{D7B82BB6-1B8B-236E-7FB7-CB8CAD5FD228}" = CCC Help Portuguese
"{D946675D-1D6C-4dc8-9E0D-B4B8EAA30EAA}" = Photosmart 140,240,7200,7600,7700,7900 Series
"{DB6AB705-C9BD-40E3-8929-2EA57F36A4FF}_is1" = ConvertXtoDVD 4.0.12.327
"{DBAEDA31-4857-0CCF-13EC-D3EC8718010A}" = Catalyst Control Center InstallProxy
"{DDA2B32F-EB16-4C96-A130-4E4A4C1E6B12}" = HP Software Update
"{E1D3C91C-A7BB-A4D9-CBC8-897A01352EE4}" = CCC Help Hungarian
"{E9787678-1033-0000-8E67-000000000001}" = Adobe Help Center 1.0
"{EAEA47E5-18C4-442D-33C0-8901F313405E}" = CCC Help Finnish
"{EFE26D3B-2789-4068-A5BB-77E389FAEB98}" = PSUsage
"{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219
"{F904C173-ADC8-AC9B-9FFF-3AAABF093D1F}" = Catalyst Control Center Localization All
"{FB08F381-6533-4108-B7DD-039E11FBC27E}" = Realtek AC'97 Audio
"504244733D18C8F63FF584AEB290E3904E791693" = Windows Driver Package - Nokia pccsmcfd (08/22/2008 7.0.0.0)
"7-Zip" = 7-Zip 9.20
"AACDecoder_is1" = AACDEcoder 2.10
"AC3Filter_is1" = AC3Filter 1.63b
"Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin
"Adobe Photoshop CS2 - {236BB7C4-4419-42FD-0409-1E257A25E34D}" = Adobe Photoshop CS2
"ALUpdate_is1" = ALTools Update
"Any Video Converter Professional_is1" = Any Video Converter Professional 3.0.5
"Audio Converter Plus_is1" = Audio Converter Plus 4.0.0.4
"Avira AntiVir Desktop" = Avira Free Antivirus
"bitRipper" = bitRipper
"CCleaner" = CCleaner
"CD-DA X-Tractor_is1" = CD-DA X-Tractor v0.24
"C-Media Audio Driver" = C-Media WDM Audio Driver
"ComicRack" = ComicRack v0.9.136
"Comodo Dragon" = Comodo Dragon
"COMODO GeekBuddy" = COMODO GeekBuddy
"DivX Setup.divx.com" = DivX Setup
"DVD Shrink_is1" = DVD Shrink 3.2
"eMusic Download Manager" = eMusic Download Manager 4.1.4
"ERUNT_is1" = ERUNT 1.1j
"Eye Candy 4000" = Eye Candy 4000
"ffdshow_is1" = ffdshow v1.1.4096 [2011-11-29]
"FLV Player" = FLV Player 2.0 (build 25)
"Free M4a to MP3 Converter_is1" = Free M4a to MP3 Converter 7.0
"Freecorder Toolbar" = Freecorder Toolbar
"Freecorder4.01" = Freecorder 4.01 Application
"Freecorder5.11" = Freecorder 5
"HMA! Pro VPN" = HMA! Pro VPN 2.6.9
"ie8" = Windows Internet Explorer 8
"InstallShield_{758C8301-2696-4855-AF45-534B1200980A}" = Samsung Kies
"InstallShield_{9FF24774-6E3A-47E3-ABA4-02B1B44910C5}" = USB Video Capture Device x86
"LAME for Audacity_is1" = LAME v3.98.2 for Audacity
"Malwarebytes' Anti-Malware_is1" = Malwarebytes Anti-Malware version 1.62.0.1300
"Microsoft .NET Framework 1.1 (1033)" = Microsoft .NET Framework 1.1
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Extended" = Microsoft .NET Framework 4 Extended
"Mozilla Firefox 13.0.1 (x86 en-US)" = Mozilla Firefox 13.0.1 (x86 en-US)
"MozillaMaintenanceService" = Mozilla Maintenance Service
"MSCompPackV1" = Microsoft Compression Client Pack 1.0 for Windows XP
"Nero - Burning Rom!UninstallKey" = Nero 6 Enterprise Edition
"Playlist Creator 3.6" = Playlist Creator 3.6
"QcDrv" = Logitech® Camera Driver
"QuicktimeAlt_is1" = QuickTime Alternative 3.2.2
"RadLight APE DirectShow filter" = RadLight APE DirectShow filter (remove only)
"RealAlt_is1" = Real Alternative 2.0.2
"Registry Mechanic_is1" = Registry Mechanic 9.0
"RESIDENT EVIL2" = RESIDENT EVIL2
"ST6UNST #1" = TRLevelManager
"Syberia 1 1.00" = Syberia 1 1.00
"Tomb Raider - The Last Revelation" = Tomb Raider - The Last Revelation
"Tomb Raider Chronicles" = Tomb Raider Chronicles
"Tomb Raider Level Editor" = Tomb Raider Level Editor XP
"uTorrent" = µTorrent
"Windows Media Format Runtime" = Windows Media Format 11 runtime
"Windows Media Player" = Windows Media Player 11
"Windows XP Service Pack" = Windows XP Service Pack 3
"WinPcapInst" = WinPcap 4.1.2
"WinRAR archiver" = WinRAR archiver
"WMFDist11" = Windows Media Format 11 runtime
"wmp11" = Windows Media Player 11
"Wudf01000" = Microsoft User-Mode Driver Framework Feature Pack 1.0
"Xvid_is1" = Xvid 1.2.2 final uninstall
========== HKEY_CURRENT_USER Uninstall List ==========
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"AddonChat" = AddonChat
"Google Chrome" = Google Chrome
========== Last 20 Event Log Errors ==========
[ Application Events ]
Error - 08/08/2012 09:38:58 | Computer Name = CHRIS-3961AAA10 | Source = WinMgmt | ID = 28
Description = WinMgmt could not initialize the core parts. This could be due to
a badly installed version of WinMgmt, WinMgmt repository upgrade failure, insufficient
disk space or insufficient memory.
Error - 08/08/2012 10:54:19 | Computer Name = CHRIS-3961AAA10 | Source = WinMgmt | ID = 28
Description = WinMgmt could not initialize the core parts. This could be due to
a badly installed version of WinMgmt, WinMgmt repository upgrade failure, insufficient
disk space or insufficient memory.
Error - 08/08/2012 11:34:09 | Computer Name = CHRIS-3961AAA10 | Source = WinMgmt | ID = 28
Description = WinMgmt could not initialize the core parts. This could be due to
a badly installed version of WinMgmt, WinMgmt repository upgrade failure, insufficient
disk space or insufficient memory.
Error - 08/08/2012 12:17:43 | Computer Name = CHRIS-3961AAA10 | Source = WinMgmt | ID = 28
Description = WinMgmt could not initialize the core parts. This could be due to
a badly installed version of WinMgmt, WinMgmt repository upgrade failure, insufficient
disk space or insufficient memory.
Error - 09/08/2012 12:48:10 | Computer Name = CHRIS-3961AAA10 | Source = VSS | ID = 12292
Description = Volume Shadow Copy Service error: Error creating the Shadow Copy Provider
COM class with CLSID {65ee1dba-8ff4-4a58-ac1c-3470ee2f376a} [0x80070422].
Error - 09/08/2012 13:31:07 | Computer Name = CHRIS-3961AAA10 | Source = VSS | ID = 12292
Description = Volume Shadow Copy Service error: Error creating the Shadow Copy Provider
COM class with CLSID {65ee1dba-8ff4-4a58-ac1c-3470ee2f376a} [0x80070422].
Error - 09/08/2012 13:37:46 | Computer Name = CHRIS-3961AAA10 | Source = VSS | ID = 12292
Description = Volume Shadow Copy Service error: Error creating the Shadow Copy Provider
COM class with CLSID {65ee1dba-8ff4-4a58-ac1c-3470ee2f376a} [0x80070422].
Error - 09/08/2012 13:37:46 | Computer Name = CHRIS-3961AAA10 | Source = Diskeeper | ID = 5
Description = Diskeeper Control Center - ERROR Unable to check the VSS Shadow Copy
status for volume C:\ .
Error - 09/08/2012 17:00:01 | Computer Name = CHRIS-3961AAA10 | Source = crypt32 | ID = 131083
Description = Failed extract of third-party root list from auto update cab at: <http://www.download....uthrootstl.cab>
with error: A required certificate is not within its validity period when verifying
against the current system clock or the timestamp in the signed file.
Error - 09/08/2012 17:00:01 | Computer Name = CHRIS-3961AAA10 | Source = crypt32 | ID = 131083
Description = Failed extract of third-party root list from auto update cab at: <http://www.download....uthrootstl.cab>
with error: A required certificate is not within its validity period when verifying
against the current system clock or the timestamp in the signed file.
[ System Events ]
Error - 09/08/2012 17:08:16 | Computer Name = CHRIS-3961AAA10 | Source = Disk | ID = 262151
Description = The device, \Device\Harddisk0\D, has a bad block.
Error - 09/08/2012 17:08:17 | Computer Name = CHRIS-3961AAA10 | Source = Disk | ID = 262151
Description = The device, \Device\Harddisk0\D, has a bad block.
Error - 09/08/2012 17:08:18 | Computer Name = CHRIS-3961AAA10 | Source = Disk | ID = 262151
Description = The device, \Device\Harddisk0\D, has a bad block.
Error - 09/08/2012 17:08:19 | Computer Name = CHRIS-3961AAA10 | Source = Disk | ID = 262151
Description = The device, \Device\Harddisk0\D, has a bad block.
Error - 09/08/2012 17:08:20 | Computer Name = CHRIS-3961AAA10 | Source = Disk | ID = 262151
Description = The device, \Device\Harddisk0\D, has a bad block.
Error - 09/08/2012 17:20:59 | Computer Name = CHRIS-3961AAA10 | Source = Disk | ID = 262151
Description = The device, \Device\Harddisk0\D, has a bad block.
Error - 09/08/2012 17:21:01 | Computer Name = CHRIS-3961AAA10 | Source = Disk | ID = 262151
Description = The device, \Device\Harddisk0\D, has a bad block.
Error - 09/08/2012 17:21:03 | Computer Name = CHRIS-3961AAA10 | Source = Disk | ID = 262151
Description = The device, \Device\Harddisk0\D, has a bad block.
Error - 09/08/2012 17:21:05 | Computer Name = CHRIS-3961AAA10 | Source = Disk | ID = 262151
Description = The device, \Device\Harddisk0\D, has a bad block.
Error - 09/08/2012 17:21:07 | Computer Name = CHRIS-3961AAA10 | Source = Disk | ID = 262151
Description = The device, \Device\Harddisk0\D, has a bad block.
< End of report >