Jump to content

Welcome to Geeks to Go - Register now for FREE

Need help with your computer or device? Want to learn new tech skills? You're in the right place!
Geeks to Go is a friendly community of tech experts who can solve any problem you have. Just create a free account and post your question. Our volunteers will reply quickly and guide you through the steps. Don't let tech troubles stop you. Join Geeks to Go now and get the support you need!

How it Works Create Account
Photo

Programs very slow to start up (OTL log)

Started by Espore , Jun 20 2012 02:48 PM

  • Please log in to reply

#1
Espore
Posted 20 June 2012 - 02:48 PM

Espore

    New Member

  • Member
  • Pip
  • 2 posts
  • Basically, my laptop seems to be very slow with starting up programs. After pressing on a program it can sometimes take 5 or more minutes.
  • It also goes through periods where it can be very slow and unresponsive.

I cannot understand why this is so, I've used Ccleaner to scan and remove rubbish and there are not many programs installed on the laptop itself.

If I monitor the CPU and ram usage, this slow or unresponsiveness doesn't seem to show any changes in CPU/RAM usage and so I don't know what to do about it.

I know the laptop isn't overheating as I've got it on a cooling mat and have checked temperatures using Speccy. I suspect I have been infected with some sort of malware or virus but I'm not sure.

Here is my OTL log:

OTL logfile created on: 20/06/2012 21:45:40 - Run 1
OTL by OldTimer - Version 3.2.50.0 Folder = C:\Documents and Settings\Owner\My Documents\Downloads
Windows XP Home Edition Service Pack 2 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 6.0.2900.2180)
Locale: 00000809 | Country: United Kingdom | Language: ENG | Date Format: dd/MM/yyyy

2.00 Gb Total Physical Memory | 1.31 Gb Available Physical Memory | 65.76% Memory free
3.85 Gb Paging File | 3.29 Gb Available in Paging File | 85.58% Paging File free
Paging file location(s): C:\pagefile.sys 2046 4092 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 149.05 Gb Total Space | 96.14 Gb Free Space | 64.50% Space Free | Partition Type: NTFS
Drive D: | 474.13 Mb Total Space | 0.00 Mb Free Space | 0.00% Space Free | Partition Type: CDFS
Drive E: | 149.04 Gb Total Space | 148.72 Gb Free Space | 99.78% Space Free | Partition Type: NTFS
Drive H: | 14.90 Gb Total Space | 10.80 Gb Free Space | 72.48% Space Free | Partition Type: FAT32

Computer Name: 0003252AA9FE | User Name: Owner | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2012/06/20 21:45:02 | 000,596,992 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Owner\My Documents\Downloads\OTL.exe
PRC - [2012/06/07 09:14:45 | 001,239,576 | ---- | M] (Google Inc.) -- C:\Program Files\Google\Chrome\Application\chrome.exe
PRC - [2012/06/06 23:44:21 | 002,346,592 | ---- | M] (Emsi Software GmbH) -- C:\Program Files\Online Armor\oaui.exe
PRC - [2012/06/06 23:39:29 | 004,382,968 | ---- | M] (Emsi Software GmbH) -- C:\Program Files\Online Armor\OAsrv.exe
PRC - [2012/06/06 23:38:00 | 001,168,296 | ---- | M] (Emsi Software GmbH) -- C:\Program Files\Online Armor\oahlp.exe
PRC - [2012/06/06 23:37:34 | 000,210,920 | ---- | M] (Emsi Software GmbH) -- C:\Program Files\Online Armor\oacat.exe
PRC - [2012/02/28 18:38:52 | 001,373,576 | ---- | M] (LogMeIn Inc.) -- C:\Program Files\LogMeIn Hamachi\hamachi-2.exe
PRC - [2006/04/19 17:27:00 | 000,675,840 | ---- | M] (Realtek Semiconductor Corp.) -- C:\Program Files\REALTEK RTL8185 Wireless LAN Driver and Utility\RtWLan.exe
PRC - [2005/06/28 14:46:00 | 000,077,824 | ---- | M] (DynTek, Inc.) -- C:\Program Files\AlienAutopsy\TEKS_Service.exe
PRC - [2004/08/04 13:00:00 | 001,032,192 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
PRC - [2004/08/04 13:00:00 | 000,419,840 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\ntvdm.exe
PRC - [2002/09/20 14:50:10 | 000,045,056 | ---- | M] (Analog Devices, Inc.) -- C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe


========== Modules (No Company Name) ==========

MOD - [2012/06/19 13:41:48 | 009,459,912 | ---- | M] () -- C:\WINDOWS\system32\Macromed\Flash\NPSWF32_11_3_300_257.dll
MOD - [2012/06/17 18:53:25 | 000,036,864 | ---- | M] () -- C:\Documents and Settings\Owner\Local Settings\Temp\CmdLineExt02.dll
MOD - [2012/06/07 09:14:43 | 000,441,880 | ---- | M] () -- C:\Program Files\Google\Chrome\Application\19.0.1084.56\ppgooglenaclpluginchrome.dll
MOD - [2012/06/07 09:14:42 | 003,922,456 | ---- | M] () -- C:\Program Files\Google\Chrome\Application\19.0.1084.56\pdf.dll
MOD - [2012/06/07 09:13:16 | 000,134,696 | ---- | M] () -- C:\Program Files\Google\Chrome\Application\19.0.1084.56\avutil-51.dll
MOD - [2012/06/07 09:13:15 | 000,250,408 | ---- | M] () -- C:\Program Files\Google\Chrome\Application\19.0.1084.56\avformat-54.dll
MOD - [2012/06/07 09:13:14 | 002,375,720 | ---- | M] () -- C:\Program Files\Google\Chrome\Application\19.0.1084.56\avcodec-54.dll
MOD - [2012/05/04 19:21:07 | 004,050,944 | ---- | M] () -- C:\Documents and Settings\Owner\Local Settings\Application Data\Google\Chrome\User Data\SwiftShader\1.0.0.2\libGLESv2.dll
MOD - [2012/05/04 19:21:07 | 000,100,864 | ---- | M] () -- C:\Documents and Settings\Owner\Local Settings\Application Data\Google\Chrome\User Data\SwiftShader\1.0.0.2\libEGL.dll
MOD - [2011/03/02 12:40:51 | 000,140,288 | ---- | M] () -- C:\Program Files\WinRAR\RarExt.dll
MOD - [2006/05/08 17:21:00 | 000,466,944 | ---- | M] () -- C:\WINDOWS\system32\nvshell.dll
MOD - [2005/11/21 17:37:42 | 000,131,072 | ---- | M] () -- C:\Program Files\REALTEK RTL8185 Wireless LAN Driver and Utility\EnumDevLib.dll
MOD - [2005/07/20 05:53:04 | 000,966,765 | ---- | M] () -- C:\Program Files\REALTEK RTL8185 Wireless LAN Driver and Utility\acAuth.dll


========== Win32 Services (SafeList) ==========

SRV - File not found [Disabled | Stopped] -- %SystemRoot%\System32\hidserv.dll -- (HidServ)
SRV - File not found [On_Demand | Stopped] -- %SystemRoot%\System32\appmgmts.dll -- (AppMgmt)
SRV - [2012/06/19 13:41:49 | 000,257,224 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2012/06/06 23:39:29 | 004,382,968 | ---- | M] (Emsi Software GmbH) [Auto | Running] -- C:\Program Files\Online Armor\OAsrv.exe -- (SvcOnlineArmor)
SRV - [2012/06/06 23:37:34 | 000,210,920 | ---- | M] (Emsi Software GmbH) [Auto | Running] -- C:\Program Files\Online Armor\oacat.exe -- (OAcat)
SRV - [2012/02/28 18:38:52 | 001,373,576 | ---- | M] (LogMeIn Inc.) [Auto | Running] -- C:\Program Files\LogMeIn Hamachi\hamachi-2.exe -- (Hamachi2Svc)
SRV - [2007/11/30 12:18:51 | 000,026,488 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\WINDOWS\system32\spupdsvc.exe -- (spupdsvc)
SRV - [2005/06/28 14:46:00 | 000,077,824 | ---- | M] (DynTek, Inc.) [Auto | Running] -- C:\Program Files\AlienAutopsy\TEKS_Service.exe -- (ProductivITService)
SRV - [2005/04/12 12:15:04 | 000,869,376 | ---- | M] (Nero AG) [Disabled | Stopped] -- C:\Program Files\Ahead\InCD\InCDsrv.exe -- (InCDsrv)
SRV - [2002/09/20 14:50:10 | 000,045,056 | ---- | M] (Analog Devices, Inc.) [Auto | Running] -- C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe -- (SoundMAX Agent Service (default))


========== Driver Services (SafeList) ==========

DRV - File not found [Kernel | On_Demand | Stopped] -- -- (WDICA)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDRFRAME)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDRELI)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDFRAME)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDCOMP)
DRV - File not found [Kernel | System | Stopped] -- -- (PCIDump)
DRV - File not found [Kernel | Auto | Stopped] -- C:\Program Files\LogMeIn\x86\RaInfo.sys -- (LMIInfo)
DRV - File not found [Kernel | System | Stopped] -- -- (lbrtfdc)
DRV - File not found [Kernel | System | Stopped] -- -- (i2omgmt)
DRV - File not found [Kernel | System | Stopped] -- -- (Changer)
DRV - File not found [Kernel | On_Demand | Unknown] -- -- (ahwn8zr5)
DRV - [2012/06/06 23:45:16 | 000,031,912 | ---- | M] (Emsisoft) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\OAnet.sys -- (OAnet)
DRV - [2012/06/06 23:38:36 | 000,027,632 | ---- | M] (Emsisoft) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\OAmon.sys -- (OAmon)
DRV - [2012/06/06 23:38:03 | 000,044,592 | ---- | M] () [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\oahlp32.sys -- (oahlpXX)
DRV - [2012/06/06 23:37:37 | 000,208,312 | ---- | M] () [File_System | System | Running] -- C:\WINDOWS\system32\drivers\OADriver.sys -- (OADevice)
DRV - [2012/04/06 15:02:00 | 000,017,488 | ---- | M] (Windows ® 2000 DDK provider) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\gdrv.sys -- (gdrv)
DRV - [2011/12/10 15:38:47 | 000,218,688 | ---- | M] (DT Soft Ltd) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\dtsoftbus01.sys -- (dtsoftbus01)
DRV - [2011/06/08 13:05:52 | 000,083,360 | ---- | M] (LogMeIn, Inc.) [File_System | Disabled | Stopped] -- C:\WINDOWS\System32\LMIRfsClientNP.dll -- (LMIRfsClientNP)
DRV - [2011/04/24 15:35:28 | 000,431,672 | ---- | M] () [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\sptd.sys -- (sptd)
DRV - [2011/01/11 19:04:04 | 000,047,640 | ---- | M] (LogMeIn, Inc.) [File_System | Auto | Running] -- C:\WINDOWS\system32\drivers\LMIRfsDriver.sys -- (LMIRfsDriver)
DRV - [2009/03/18 17:35:40 | 000,026,176 | -H-- | M] (LogMeIn, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\hamachi.sys -- (hamachi)
DRV - [2006/04/24 17:52:28 | 000,100,736 | ---- | M] (NVIDIA Corporation) [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\nvatabus.sys -- (nvatabus)
DRV - [2006/04/19 17:50:08 | 000,788,224 | ---- | M] (Bison Electronics. Inc. ) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\BisonCam.sys -- (Cam5603D)
DRV - [2006/03/14 14:21:18 | 000,328,237 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\btaudio.sys -- (btaudio)
DRV - [2006/03/14 14:19:24 | 000,023,271 | ---- | M] (Broadcom Corporation.) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\btserial.sys -- (BTSERIAL)
DRV - [2006/03/14 14:18:00 | 000,851,402 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\btkrnl.sys -- (BTKRNL)
DRV - [2006/03/14 14:15:34 | 000,030,427 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\btport.sys -- (BTDriver)
DRV - [2006/03/14 14:14:52 | 000,065,784 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\btwusb.sys -- (BTWUSB)
DRV - [2006/03/14 14:12:02 | 000,148,900 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\btwdndis.sys -- (BTWDNDIS)
DRV - [2006/03/14 14:10:56 | 000,045,683 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\btwhid.sys -- (btwhid)
DRV - [2006/02/15 15:26:18 | 001,153,728 | ---- | M] (Agere Systems) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\AGRSM.sys -- (AgereSoftModem)
DRV - [2006/01/04 16:49:00 | 000,243,712 | ---- | M] (Marvell) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\yk51x86.sys -- (yukonwxp)
DRV - [2005/09/17 12:01:50 | 000,028,672 | ---- | M] (REDC) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\rimmptsk.sys -- (rimmptsk)
DRV - [2005/09/14 13:45:24 | 000,050,560 | ---- | M] (REDC) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\rimsptsk.sys -- (rimsptsk)
DRV - [2005/08/11 21:49:28 | 000,393,088 | ---- | M] (Sensaura) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\senfilt.sys -- (senfilt)
DRV - [2005/06/28 14:37:34 | 000,009,060 | R--- | M] (DynTek, Inc.) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\TeksKernel.sys -- (TeksKernel)
DRV - [2005/04/12 12:07:54 | 000,008,704 | ---- | M] (Nero AG) [Recognizer | System | Unknown] -- C:\WINDOWS\System32\drivers\InCDrec.sys -- (InCDrec)
DRV - [2005/04/12 12:07:50 | 000,099,456 | ---- | M] (Nero AG) [File_System | Disabled | Running] -- C:\WINDOWS\System32\drivers\InCDfs.sys -- (InCDfs)
DRV - [2005/04/12 12:07:30 | 000,029,056 | ---- | M] (Nero AG) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\InCDpass.sys -- (InCDPass)
DRV - [2005/04/12 10:07:25 | 000,028,160 | ---- | M] (Nero AG) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\InCDrm.sys -- (incdrm)
DRV - [2005/03/09 16:53:00 | 000,036,352 | ---- | M] (Advanced Micro Devices) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\AmdK8.sys -- (AmdK8)
DRV - [2004/09/14 21:55:44 | 000,088,960 | ---- | M] (Analog Devices, Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\MidiSyn.sys -- (MidiSyn)
DRV - [2004/08/04 13:00:00 | 000,088,448 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\nwlnkipx.sys -- (NwlnkIpx)
DRV - [2004/08/04 13:00:00 | 000,063,232 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\nwlnknb.sys -- (NwlnkNb)
DRV - [2004/08/04 13:00:00 | 000,055,936 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\nwlnkspx.sys -- (NwlnkSpx)
DRV - [2002/10/02 10:57:12 | 000,013,532 | ---- | M] (Windows ® 2000 DDK provider) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\SjyPkt.sys -- (SjyPkt)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.alienware.co.uk
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = http://www.google.co.uk
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = www.alienware.co.uk/Mothership?Comp=AWEU&SysCode=PC-EU-LT-AURM9700&ai=636E3D4532323539373026706F3D45363530353241
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

========== FireFox ==========

FF - prefs.js..extensions.enabledItems: {FFB96CC1-7EB3-449D-B827-DB661701C6BB}:1.5.152.14
FF - user.js - File not found

FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\WINDOWS\system32\Macromed\Flash\NPSWF32_11_3_300_257.dll ()
FF - HKLM\Software\MozillaPlugins\@checkpoint.com/FFApi: C:\Program Files\CheckPoint\ZAForceField\TrustChecker\bin\npFFApi.dll File not found
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.21.111\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.21.111\npGoogleUpdate3.dll (Google Inc.)


[2011/03/14 13:36:20 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Owner\Application Data\Mozilla\Extensions
[2011/03/14 13:36:20 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\yziylf50.default\extensions
[2012/04/06 14:57:52 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions
[2012/02/16 15:11:03 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}
[2011/08/28 23:59:18 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}
[2011/09/06 18:26:16 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0027-ABCDEFFEDCBA}
File not found (No name found) -- C:\PROGRAM FILES\CHECKPOINT\ZAFORCEFIELD\TRUSTCHECKER
[2011/07/19 05:05:25 | 000,476,904 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\mozilla firefox\plugins\npdeployJava1.dll

========== Chrome ==========

CHR - default_search_provider: Google (Enabled)
CHR - default_search_provider: search_url = {google:baseURL}search?{google:RLZ}{google:acceptedSuggestion}{google:originalQueryForSuggestion}{google:searchFieldtrialParameter}{google:instantFieldTrialGroupParameter}sourceid=chrome&ie={inputEncoding}&q={searchTerms}
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}{google:instantFieldTrialGroupParameter}client=chrome&hl={language}&q={searchTerms},
CHR - plugin: Remoting Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Program Files\Google\Chrome\Application\19.0.1084.56\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Program Files\Google\Chrome\Application\19.0.1084.56\pdf.dll
CHR - plugin: Shockwave Flash (Disabled) = C:\Program Files\Google\Chrome\Application\19.0.1084.56\gcswf32.dll
CHR - plugin: Shockwave Flash (Disabled) = C:\Documents and Settings\Owner\Local Settings\Application Data\Google\Chrome\User Data\PepperFlash\11.1.31.203\pepflashplayer.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\WINDOWS\system32\Macromed\Flash\NPSWF32.dll
CHR - plugin: Java Deployment Toolkit 6.0.270.7 (Enabled) = C:\Program Files\Java\jre6\bin\new_plugin\npdeployJava1.dll
CHR - plugin: Java™ Platform SE 6 U27 (Enabled) = C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll
CHR - plugin: Microsoft\u00AE DRM (Enabled) = C:\Program Files\Windows Media Player\npdrmv2.dll
CHR - plugin: Microsoft\u00AE DRM (Enabled) = C:\Program Files\Windows Media Player\npwmsdrm.dll
CHR - plugin: Windows Media Player Plug-in Dynamic Link Library (Enabled) = C:\Program Files\Windows Media Player\npdsplay.dll
CHR - plugin: npFFApi (Enabled) = C:\Program Files\CheckPoint\ZAForceField\TrustChecker\bin\npFFApi.dll
CHR - plugin: Google Update (Enabled) = C:\Program Files\Google\Update\1.3.21.111\npGoogleUpdate3.dll
CHR - plugin: Windows Presentation Foundation (Enabled) = C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll
CHR - Extension: Cloudy Calculator = C:\Documents and Settings\Owner\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\acgimceffoceigocablmjdpebeodphgc\5.0_0\
CHR - Extension: Shredder Chess Free = C:\Documents and Settings\Owner\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\aelpbbhpcpelmnfablcbcianelefnnbg\1.0.1_0\
CHR - Extension: Atari - Lunar Lander = C:\Documents and Settings\Owner\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\aheampccjiggeiflpcjolbabpohbpclg\1.0_0\
CHR - Extension: RuneScape = C:\Documents and Settings\Owner\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\ajjblpfpopipimofkhbglcoeknpnfijj\1_0\
CHR - Extension: Angry Birds = C:\Documents and Settings\Owner\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\aknpkdffaafgjchaibgeefbgmgeghloj\1.5.0.7_0\
CHR - Extension: Session Manager = C:\Documents and Settings\Owner\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\bbcnbpafconjjigibnhbfmmgdbbkcjfi\0.4_0\
CHR - Extension: Sexy Undo Close Tab = C:\Documents and Settings\Owner\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\bcennaiejdjpomgmmohhpgnjlmpcjmbg\7.1.9_0\
CHR - Extension: Add to Amazon Wish List = C:\Documents and Settings\Owner\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\ciagpekplgpbepdgggflgmahnjgiaced\1.0.0.8_0\
CHR - Extension: YouTube to MP3 = C:\Documents and Settings\Owner\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\dajdnhmdgikmjbcggoihnbmnnkbmljlg\0.0.3_1\
CHR - Extension: Dead Frontier = C:\Documents and Settings\Owner\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\dglbaehakkaojfihjkgkpknbjldhhmmn\1.1_0\
CHR - Extension: Play Line Rider = C:\Documents and Settings\Owner\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\dhlcfgkjnpcklhdepkakebikblhcbkmg\1.0_0\
CHR - Extension: Ragdoll Avalanche 2 = C:\Documents and Settings\Owner\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\dijphmcdlkiiagnjoheephkicadkcoan\1.0_0\
CHR - Extension: Quidco Extension = C:\Documents and Settings\Owner\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\elfdpdgmnodokhbiabbcjabmhpdajcog\1.0.66_0\
CHR - Extension: KB SSL Enforcer = C:\Documents and Settings\Owner\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\flcpelgcagfhfoegekianiofphddckof\1.0.20_0\
CHR - Extension: Atari - Centipede = C:\Documents and Settings\Owner\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\gakkiekmjcipgjlnenigjfgemakojanh\1.0_0\
CHR - Extension: Spartan Warfare = C:\Documents and Settings\Owner\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\gbhoeifpbfimlcjcldnfmgglgcplockk\1.0_0\
CHR - Extension: Text4FreeOnline = C:\Documents and Settings\Owner\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\hfhiboopoofbabnfbcpolfjgbckecbcl\1_0\
CHR - Extension: Secure sites = C:\Documents and Settings\Owner\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\hllceldkphjbfpchpfmcgaeafheplfog\3.0.17_0\
CHR - Extension: Edward Monkton = C:\Documents and Settings\Owner\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\ioikoiiilnlhfgoccbloolfncbeaadpo\2_0\
CHR - Extension: Lord of Ultima = C:\Documents and Settings\Owner\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\jdheeblenjmceeppomdgokgilmkonced\1.0.12_0\
CHR - Extension: Atari - Battlezone = C:\Documents and Settings\Owner\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\kdlhdokojmnkodfdbmcmkefgomjfmemj\1.0_0\
CHR - Extension: Atari - Tempest = C:\Documents and Settings\Owner\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\kflkdjocancddgfnbhedkaefjdomdcaf\1.0_0\
CHR - Extension: eBay Extension for Google Chrome\u2122 (by eBay) = C:\Documents and Settings\Owner\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\khhckppjhonfmcpegdjdibmngahahhck\1.6.2_0\
CHR - Extension: StayFocusd = C:\Documents and Settings\Owner\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\laankejkbhbdhmipfmgcngdelahlfoji\1.2.0.15_0\
CHR - Extension: Steambirds: Survival = C:\Documents and Settings\Owner\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\lcdhpokmalcfjnfkjlfncgekebcojinn\1.0_0\
CHR - Extension: Stop Autoplay for YouTube. = C:\Documents and Settings\Owner\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\lgdfnbpkmkkdhgidgcpdkgpdlfjcgnnh\0.11.5.24_0\
CHR - Extension: Phone 2 Google Chrome\u2122 = C:\Documents and Settings\Owner\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\lnlgojabfogikedjanecphloghlegpdm\3.3_0\
CHR - Extension: Plants vs Zombies = C:\Documents and Settings\Owner\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\mmcegpfdgcoclcdfkjahiimlikdpnina\1.0.5_0\
CHR - Extension: Google Chrome to Phone Extension = C:\Documents and Settings\Owner\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\oadboiipflhobonjjffjbfekfjcgkhco\2.3.1_0\
CHR - Extension: Atari - Missile Command = C:\Documents and Settings\Owner\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\oobnopfjjndfekinfcddimnjbhjdgmbg\1.0_0\
CHR - Extension: Evernote Web Clipper = C:\Documents and Settings\Owner\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\pioclpoplcdbaefihamjohnefbikjilc\5.1.20.4691_0\
CHR - Extension: Gmail = C:\Documents and Settings\Owner\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\
CHR - Extension: Canvas Rider = C:\Documents and Settings\Owner\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\poknhlcknimnnbfcombaooklofipaibk\0.7_0\

O1 HOSTS File: ([2004/08/04 13:00:00 | 000,000,734 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O4 - HKLM..\Run: [@OnlineArmor GUI] C:\Program Files\Online Armor\OAui.exe (Emsi Software GmbH)
O4 - HKLM..\Run: [LogMeIn Hamachi Ui] C:\Program Files\LogMeIn Hamachi\hamachi-2-ui.exe (LogMeIn Inc.)
O4 - HKLM..\Run: [NvCplDaemon] C:\WINDOWS\System32\NvCpl.dll (NVIDIA Corporation)
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O8 - Extra context menu item: Send to &Bluetooth Device... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm ()
O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - C:\WINDOWS\system32\nwprovau.dll (Microsoft Corporation)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_27)
O16 - DPF: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_22)
O16 - DPF: {CAFEEFAC-0016-0000-0027-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_27)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_27)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{8F93485E-C18D-414C-A487-464607152C95}: DhcpNameServer = 192.168.1.1
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\WINDOWS\system32\userinit.exe) - C:\WINDOWS\system32\userinit.exe (Microsoft Corporation)
O20 - Winlogon\Notify\LMIinit: DllName - (LMIinit.dll) - C:\WINDOWS\System32\LMIinit.dll (LogMeIn, Inc.)
O24 - Desktop WallPaper: C:\Documents and Settings\Owner\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O24 - Desktop BackupWallPaper: C:\Documents and Settings\Owner\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O28 - HKLM ShellExecuteHooks: {4F07DA45-8170-4859-9B5F-037EF2970034} - C:\Program Files\Online Armor\oaevent.dll (Emsi Software GmbH)
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2001/10/16 10:13:46 | 000,122,880 | R--- | M] () - D:\Autorun.exe -- [ CDFS ]
O32 - AutoRun File - [2001/10/12 19:25:32 | 000,000,150 | R--- | M] () - D:\autorun.inf -- [ CDFS ]
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)

========== Files/Folders - Created Within 30 Days ==========

[2012/06/20 21:32:59 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Owner\Start Menu\Programs\Populous Reincarnated
[2012/06/20 21:32:59 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Owner\Local Settings\Application Data\Populous Reincarnated
[2012/06/20 21:32:58 | 000,000,000 | ---D | C] -- C:\Program Files\Populous Reincarnated
[2012/06/20 21:28:30 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Owner\Start Menu\Programs\Bullfrog
[2012/06/20 20:35:28 | 000,000,000 | ---D | C] -- C:\DOCUME~1\ALLUSE~1\Start Menu\Programs\Bullfrog
[2012/06/20 20:35:26 | 000,000,000 | ---D | C] -- C:\Program Files\Bullfrog
[2012/06/20 20:35:07 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Owner\WINDOWS
[2012/06/20 20:08:58 | 000,000,000 | ---D | C] -- C:\WINDOWS\LastGood
[2012/06/20 20:08:52 | 000,000,000 | ---D | C] -- C:\Program Files\Elaborate Bytes
[2012/06/20 20:08:52 | 000,000,000 | ---D | C] -- C:\DOCUME~1\ALLUSE~1\Start Menu\Programs\Elaborate Bytes
[2012/06/20 20:02:40 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Owner\Desktop\Installs
[2012/06/19 19:10:58 | 000,000,000 | ---D | C] -- C:\Program Files\zonealarm_extreme_security
[2012/06/19 19:00:15 | 000,000,000 | RH-D | C] -- C:\Documents and Settings\Owner\Recent
[2012/06/19 13:41:48 | 000,426,184 | ---- | C] (Adobe Systems Incorporated) -- C:\WINDOWS\System32\FlashPlayerApp.exe
[1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2012/06/20 21:32:59 | 000,000,906 | ---- | M] () -- C:\Documents and Settings\Owner\Desktop\Populous MatchMaker.lnk
[2012/06/20 21:28:13 | 000,000,337 | ---- | M] () -- C:\WINDOWS\EReg072.dat
[2012/06/20 21:28:05 | 000,000,831 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Populous.lnk
[2012/06/20 20:32:47 | 000,119,682 | ---- | M] () -- C:\Documents and Settings\Owner\My Documents\cc_20120620_203242.reg
[2012/06/20 20:10:20 | 000,000,903 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Virtual CloneDrive.lnk
[2012/06/20 19:52:36 | 000,428,622 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
[2012/06/20 19:52:36 | 000,066,604 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
[2012/06/20 19:48:38 | 000,051,048 | ---- | M] () -- C:\WINDOWS\System32\nvapps.xml
[2012/06/20 19:47:58 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2012/06/20 19:47:54 | 2146,750,464 | -HS- | M] () -- C:\hiberfil.sys
[2012/06/19 20:27:48 | 480,403,456 | ---- | M] () -- C:\Documents and Settings\Owner\Desktop\Populous The Beginning.iso
[2012/06/19 19:10:13 | 000,186,538 | ---- | M] () -- C:\Documents and Settings\Owner\My Documents\cc_20120619_191008.reg
[2012/06/19 18:58:29 | 000,000,210 | -HS- | M] () -- C:\boot.ini
[2012/06/19 15:49:51 | 000,000,116 | ---- | M] () -- C:\WINDOWS\NeroDigital.ini
[2012/06/19 15:49:22 | 000,030,720 | ---- | M] () -- C:\Documents and Settings\Owner\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2012/06/19 13:41:49 | 000,000,830 | ---- | M] () -- C:\WINDOWS\tasks\Adobe Flash Player Updater.job
[2012/06/19 13:41:48 | 000,426,184 | ---- | M] (Adobe Systems Incorporated) -- C:\WINDOWS\System32\FlashPlayerApp.exe
[2012/06/19 13:41:48 | 000,070,344 | ---- | M] (Adobe Systems Incorporated) -- C:\WINDOWS\System32\FlashPlayerCPLApp.cpl
[2012/06/19 13:31:40 | 000,002,206 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2012/06/17 18:34:30 | 000,001,813 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Google Chrome.lnk
[2012/06/06 23:45:16 | 000,031,912 | ---- | M] (Emsisoft) -- C:\WINDOWS\System32\drivers\OAnet.sys
[2012/06/06 23:38:36 | 000,027,632 | ---- | M] (Emsisoft) -- C:\WINDOWS\System32\drivers\OAmon.sys
[2012/06/06 23:38:03 | 000,044,592 | ---- | M] () -- C:\WINDOWS\System32\drivers\oahlp32.sys
[2012/06/06 23:37:37 | 000,208,312 | ---- | M] () -- C:\WINDOWS\System32\drivers\OADriver.sys
[1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]

========== Files Created - No Company Name ==========

[2012/06/20 21:34:11 | 480,403,456 | ---- | C] () -- C:\Documents and Settings\Owner\Desktop\Populous The Beginning.iso
[2012/06/20 21:32:59 | 000,000,906 | ---- | C] () -- C:\Documents and Settings\Owner\Desktop\Populous MatchMaker.lnk
[2012/06/20 21:28:12 | 000,000,337 | ---- | C] () -- C:\WINDOWS\EReg072.dat
[2012/06/20 21:28:05 | 000,000,831 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Populous.lnk
[2012/06/20 20:32:44 | 000,119,682 | ---- | C] () -- C:\Documents and Settings\Owner\My Documents\cc_20120620_203242.reg
[2012/06/20 20:10:20 | 000,000,903 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Virtual CloneDrive.lnk
[2012/06/19 19:10:10 | 000,186,538 | ---- | C] () -- C:\Documents and Settings\Owner\My Documents\cc_20120619_191008.reg
[2012/06/19 13:41:49 | 000,000,830 | ---- | C] () -- C:\WINDOWS\tasks\Adobe Flash Player Updater.job
[2012/05/02 15:29:56 | 000,206,694 | ---- | C] () -- C:\WINDOWS\hpoins47.dat
[2012/05/02 15:29:56 | 000,000,601 | ---- | C] () -- C:\WINDOWS\hpomdl47.dat
[2012/04/06 14:46:59 | 000,044,592 | ---- | C] () -- C:\WINDOWS\System32\drivers\oahlp32.sys
[2012/04/06 14:46:57 | 000,208,312 | ---- | C] () -- C:\WINDOWS\System32\drivers\OADriver.sys
[2011/12/22 17:41:01 | 000,207,400 | R--- | C] () -- C:\WINDOWS\GSetup.exe
[2011/12/22 17:41:01 | 000,000,021 | ---- | C] () -- C:\WINDOWS\GSetup.ini
[2011/08/19 18:22:55 | 000,024,576 | ---- | C] () -- C:\WINDOWS\System32\EALTEST.EXE
[2011/08/19 17:26:22 | 000,062,304 | ---- | C] () -- C:\Documents and Settings\LocalService\Local Settings\Application Data\FontCache3.0.0.0.dat
[2011/04/24 16:01:01 | 000,000,218 | ---- | C] () -- C:\WINDOWS\SIERRA.INI
[2011/03/14 16:03:44 | 000,043,520 | ---- | C] () -- C:\WINDOWS\System32\CmdLineExt03.dll
[2011/03/14 14:33:40 | 000,000,116 | ---- | C] () -- C:\WINDOWS\NeroDigital.ini
[2011/03/14 14:33:38 | 000,030,720 | ---- | C] () -- C:\Documents and Settings\Owner\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2011/03/14 13:59:27 | 000,000,144 | ---- | C] () -- C:\WINDOWS\System32\pdfl.dat
[2011/03/14 13:59:27 | 000,000,144 | ---- | C] () -- C:\WINDOWS\System32\lkfl.dat
[2011/03/14 13:59:27 | 000,000,080 | ---- | C] () -- C:\WINDOWS\System32\ibfl.dat
[2011/03/14 13:36:21 | 000,000,000 | ---- | C] () -- C:\WINDOWS\nsreg.dat
[2011/03/09 18:55:34 | 000,002,560 | ---- | C] () -- C:\WINDOWS\_MSRSTRT.EXE

========== Alternate Data Streams ==========

@Alternate Data Stream - 4564 bytes -> C:\WINDOWS\Alien.bmp:Q30lsldxJoudresxAaaqpcawXc
@Alternate Data Stream - 3664 bytes -> C:\WINDOWS\Alienbg.bmp:Q30lsldxJoudresxAaaqpcawXc

< End of report >

Here is the Extra log:

OTL Extras logfile created on: 20/06/2012 21:45:40 - Run 1
OTL by OldTimer - Version 3.2.50.0 Folder = C:\Documents and Settings\Owner\My Documents\Downloads
Windows XP Home Edition Service Pack 2 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 6.0.2900.2180)
Locale: 00000809 | Country: United Kingdom | Language: ENG | Date Format: dd/MM/yyyy

2.00 Gb Total Physical Memory | 1.31 Gb Available Physical Memory | 65.76% Memory free
3.85 Gb Paging File | 3.29 Gb Available in Paging File | 85.58% Paging File free
Paging file location(s): C:\pagefile.sys 2046 4092 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 149.05 Gb Total Space | 96.14 Gb Free Space | 64.50% Space Free | Partition Type: NTFS
Drive D: | 474.13 Mb Total Space | 0.00 Mb Free Space | 0.00% Space Free | Partition Type: CDFS
Drive E: | 149.04 Gb Total Space | 148.72 Gb Free Space | 99.78% Space Free | Partition Type: NTFS
Drive H: | 14.90 Gb Total Space | 10.80 Gb Free Space | 72.48% Space Free | Partition Type: FAT32

Computer Name: 0003252AA9FE | User Name: Owner | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Extra Registry (SafeList) ==========


========== File Associations ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
.html [@ = ChromeHTML] -- C:\Program Files\Google\Chrome\Application\chrome.exe (Google Inc.)
.url [@ = InternetShortcut] -- rundll32.exe shdocvw.dll,OpenURL %l

[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.html [@ = ChromeHTML] -- Reg Error: Key error. File not found

========== Shell Spawning ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
exefile [open] -- "%1" %*
htmlfile [edit] -- Reg Error: Key error.
http [open] -- "C:\Program Files\Google\Chrome\Application\chrome.exe" -- "%1" (Google Inc.)
https [open] -- "C:\Program Files\Google\Chrome\Application\chrome.exe" -- "%1" (Google Inc.)
InternetShortcut [open] -- rundll32.exe shdocvw.dll,OpenURL %l
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

========== Security Center Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"FirstRunDisabled" = 1
"AntiVirusDisableNotify" = 0
"FirewallDisableNotify" = 0
"UpdatesDisableNotify" = 0
"AntiVirusOverride" = 1
"FirewallOverride" = 0

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall]

========== System Restore Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR" = 1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Sr]
"Start" = 4

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SrService]
"Start" = 2

========== Firewall Settings ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall" = 1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 1
"EnableFirewall" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
"1900:UDP" = 1900:UDP:LocalSubNet:Disabled:@xpsp2res.dll,-22007
"2869:TCP" = 2869:TCP:LocalSubNet:Disabled:@xpsp2res.dll,-22008

========== Authorized Applications List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
"C:\Program Files\HP\Digital Imaging\bin\hposid01.exe" = C:\Program Files\HP\Digital Imaging\bin\hposid01.exe:*:Enabled:hposid01.exe -- (Hewlett-Packard Co.)
"C:\Program Files\HP\Digital Imaging\bin\hpfcCopy.exe" = C:\Program Files\HP\Digital Imaging\bin\hpfcCopy.exe:*:Enabled:hpfccopy.exe -- (Hewlett-Packard Co.)
"C:\Program Files\HP\Digital Imaging\bin\hpoews01.exe" = C:\Program Files\HP\Digital Imaging\bin\hpoews01.exe:*:Enabled:hpoews01.exe -- (Hewlett-Packard Co.)
"C:\Program Files\HP\Digital Imaging\bin\hpiscnapp.exe" = C:\Program Files\HP\Digital Imaging\bin\hpiscnapp.exe:*:Enabled:hpiscnapp.exe -- (Hewlett-Packard Co.)
"C:\Program Files\HP\Digital Imaging\bin\hpqgplgtupl.exe" = C:\Program Files\HP\Digital Imaging\bin\hpqgplgtupl.exe:*:Enabled:hpqgplgtupl.exe -- (Hewlett-Packard Co.)
"C:\Program Files\HP\Digital Imaging\bin\hpqusgm.exe" = C:\Program Files\HP\Digital Imaging\bin\hpqusgm.exe:*:Enabled:hpqusgm.exe
"C:\Program Files\HP\Digital Imaging\bin\hpqusgh.exe" = C:\Program Files\HP\Digital Imaging\bin\hpqusgh.exe:*:Enabled:hpqusgh.exe
"C:\Program Files\HP\HP Software Update\hpwucli.exe" = C:\Program Files\HP\HP Software Update\hpwucli.exe:*:Enabled:hpwucli.exe -- (Hewlett-Packard)

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"C:\WINDOWS\system32\ZoneLabs\vsmon.exe" = C:\WINDOWS\system32\ZoneLabs\vsmon.exe:*:Enabled:vsmon
"C:\Documents and Settings\Owner\Application Data\Dropbox\bin\Dropbox.exe" = C:\Documents and Settings\Owner\Application Data\Dropbox\bin\Dropbox.exe:*:Enabled:Dropbox -- (Dropbox, Inc.)
"C:\Program Files\HP\Digital Imaging\bin\hposid01.exe" = C:\Program Files\HP\Digital Imaging\bin\hposid01.exe:*:Enabled:hposid01.exe -- (Hewlett-Packard Co.)
"C:\Program Files\HP\Digital Imaging\bin\hpfcCopy.exe" = C:\Program Files\HP\Digital Imaging\bin\hpfcCopy.exe:*:Enabled:hpfccopy.exe -- (Hewlett-Packard Co.)
"C:\Program Files\HP\Digital Imaging\bin\hpoews01.exe" = C:\Program Files\HP\Digital Imaging\bin\hpoews01.exe:*:Enabled:hpoews01.exe -- (Hewlett-Packard Co.)
"C:\Program Files\HP\Digital Imaging\bin\hpiscnapp.exe" = C:\Program Files\HP\Digital Imaging\bin\hpiscnapp.exe:*:Enabled:hpiscnapp.exe -- (Hewlett-Packard Co.)
"C:\Program Files\HP\Digital Imaging\bin\hpqgplgtupl.exe" = C:\Program Files\HP\Digital Imaging\bin\hpqgplgtupl.exe:*:Enabled:hpqgplgtupl.exe -- (Hewlett-Packard Co.)
"C:\Program Files\HP\Digital Imaging\bin\hpqusgm.exe" = C:\Program Files\HP\Digital Imaging\bin\hpqusgm.exe:*:Enabled:hpqusgm.exe
"C:\Program Files\HP\Digital Imaging\bin\hpqusgh.exe" = C:\Program Files\HP\Digital Imaging\bin\hpqusgh.exe:*:Enabled:hpqusgh.exe
"C:\Program Files\HP\HP Software Update\hpwucli.exe" = C:\Program Files\HP\HP Software Update\hpwucli.exe:*:Enabled:hpwucli.exe -- (Hewlett-Packard)


========== HKEY_LOCAL_MACHINE Uninstall List ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{014E482A-0C27-47E3-BA82-307E9DCA2F47}" = HP Photosmart Wireless B110 All-In-One Driver Software 14.0 Rel. 7
"{02E89EFC-7B07-4D5A-AA03-9EC0902914EE}" = VC 9.0 Runtime
"{05D08C4D-58A2-438B-A419-EE994E64E15D}" = B110
"{0F367CA3-3B2F-43F9-A44A-25A8EE69E45D}" = Scan
"{1458BB78-1DC5-4BC0-B9A3-2B644F5A8105}" = DeviceDiscovery
"{150B6201-E9E6-4DFB-960E-CCBD53FBDDED}" = HPProductAssistant
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{2447500B-22D7-47BD-9B13-1A927F43A267}" = Empire Earth
"{26A24AE4-039D-4CA4-87B4-2F83216022F0}" = Java™ 6 Update 22
"{26A24AE4-039D-4CA4-87B4-2F83216024FF}" = Java™ 6 Update 27
"{2BA00471-0328-3743-93BD-FA813353A783}" = Microsoft .NET Framework 3.0 Service Pack 1
"{2FB9EA69-51D4-4913-9AD5-762C034DE811}" = Status
"{2FC099BD-AC9B-33EB-809C-D332E1B27C40}" = Microsoft .NET Framework 3.5
"{350C97B0-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP
"{3E171899-0175-47CC-84C4-562ACDD4C021}" = OpenOffice.org 3.3
"{3F4EC965-28EF-45C3-B063-04B25D4E9679}" = WIDCOMM Bluetooth Software
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4A57592C-FF92-4083-97A9-92783BD5AFB4}" = BisonCam
"{4F76F68F-585B-4693-8B09-5B411E265595}" = AlienAutopsy
"{565E7B0E-B76B-4EAD-9753-F1E72A5CF12E}" = HPAppStudio
"{60FFB3E0-6D5B-4D73-AE5B-07E58B83AF0C}" = 32 Bit HP CIO Components Installer
"{63E949F6-03BC-5C40-FF1F-C8B3B9A1E18E}" = Visual C++ 8.0 CRT.Policy (x86) WinSXS MSM
"{74DC0593-6BC6-4001-AD5F-D810AFB68D86}" = HP Update
"{8E4B1BE8-DCF3-4B90-A726-B28107442623}" = SolutionCenter
"{8EE94FD8-5F52-4463-A340-185D16328158}" = WebReg
"{98CB24AD-52FB-DB5F-FF1F-C8B3B9A1E18E}" = Visual C++ 8.0 CRT (x86) WinSXS MSM
"{A10F7877-4276-416C-9F22-CB56C0CB2700}" = Medieval - Total War - Gold Edition
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{AC35A885-0F8F-4857-B7DA-6E8DFB43E6B3}" = HPSSupply
"{B41F5ED6-4D67-4FAA-B787-D5DF1DD0EC80}" = REALTEK RTL8185 Wireless LAN Driver and Utility
"{B7B3E9B3-FB14-4927-894B-E9124509AF5A}" = Adobe Flash Player 10 ActiveX
"{BB3447F6-9553-4AA9-960E-0DB5310C5779}" = GPBaseService2
"{BBFB2E59-B0DB-42C8-8F4D-CF4E85471667}" = Toolbox
"{BD7204BA-DD64-499E-9B55-6A282CDF4FA4}" = Destinations
"{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}" = Microsoft .NET Framework 2.0 Service Pack 2
"{C151CE54-E7EA-4804-854B-F515368B0798}" = Athlon 64 Processor Driver
"{CD31E63D-47FD-491C-8117-CF201D0AFAB5}" = TrayApp
"{DF315348-721C-40B8-BAE2-58C6C7D935A2}" = Empire Earth II
"{E2494AD8-314D-44F8-B39C-4358A60DC184}" = LogMeIn Hamachi
"{E517094C-06B6-419F-8FFD-EF4F57972130}" = QuickTransfer
"{F0A37341-D692-11D4-A984-009027EC0A9C}" = SoundMAX
"{F80BD4BC-06B8-488E-A62E-C4755013DD71}" = Network
"{F88E2E04-7EF5-488C-8E38-C94EB808458E}" = PS_AIO_07_B110_SW_Min
"{FA0FF682-CC70-4C57-93CD-E276F3E7537E}" = BufferChm
"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin
"Agere Systems Soft Modem" = Agere Systems AC'97 Modem
"CCleaner" = CCleaner (remove only)
"DAEMON Tools Lite" = DAEMON Tools Lite
"GameSpy Arcade" = GameSpy Arcade
"Google Chrome" = Google Chrome
"Heroes of Might and Magic 3 Complete_is1" = Heroes of Might and Magic 3 Complete
"HP Imaging Device Functions" = HP Imaging Device Functions 14.0
"HP Photo Creations" = HP Photo Creations
"HP Solution Center & Imaging Support Tools" = HP Solution Center 14.0
"ImgBurn" = ImgBurn
"InCD!UninstallKey" = InCD
"LogMeIn Hamachi" = LogMeIn Hamachi
"Microsoft .NET Framework 3.5" = Microsoft .NET Framework 3.5
"Nero - Burning Rom!UninstallKey" = Nero OEM
"NeroVision!UninstallKey" = Nero Digital
"NVEContent!UninstallKey" = NeroVision Express Content
"NVIDIA Drivers" = NVIDIA Drivers
"OnlineArmor_is1" = Online Armor 5.5
"Populous MatchMaker" = Populous MatchMaker
"Populous: The Beginning" = Populous: The Beginning
"Shop for HP Supplies" = Shop for HP Supplies
"Speccy" = Speccy
"SynTPDeinstKey" = Synaptics Pointing Device Driver
"System Tweaker_is1" = Uniblue System Tweaker
"VirtualCloneDrive" = VirtualCloneDrive
"VLC media player" = VLC media player 1.1.8
"WIC" = Windows Imaging Component
"WinRAR archiver" = WinRAR 4.00 (32-bit)
"XpsEPSC" = XML Paper Specification Shared Components Pack 1.0

========== HKEY_CURRENT_USER Uninstall List ==========

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Dropbox" = Dropbox
"Flux" = F.lux

========== Last 20 Event Log Errors ==========

[ Application Events ]
Error - 09/12/2006 05:49:00 | Computer Name = 0003252AA9FE | Source = Application Hang | ID = 1002
Description = Hanging application nero.exe, version 6.6.0.13, hang module hungapp,
version 0.0.0.0, hang address 0x00000000.

Error - 14/03/2011 08:23:22 | Computer Name = 0003252AA9FE | Source = Google Update | ID = 20
Description =

Error - 05/07/2011 13:32:46 | Computer Name = 0003252AA9FE | Source = Application Hang | ID = 1002
Description = Hanging application HEROES3.EXE, version 4.0.0.0, hang module hungapp,
version 0.0.0.0, hang address 0x00000000.

Error - 05/07/2011 13:33:20 | Computer Name = 0003252AA9FE | Source = Application Hang | ID = 1002
Description = Hanging application HEROES3.EXE, version 4.0.0.0, hang module hungapp,
version 0.0.0.0, hang address 0x00000000.

Error - 13/07/2011 13:52:33 | Computer Name = 0003252AA9FE | Source = Application Hang | ID = 1002
Description = Hanging application Heroes3.exe, version 4.0.0.0, hang module hungapp,
version 0.0.0.0, hang address 0x00000000.

Error - 13/07/2011 13:52:59 | Computer Name = 0003252AA9FE | Source = Application Hang | ID = 1002
Description = Hanging application Heroes3.exe, version 4.0.0.0, hang module hungapp,
version 0.0.0.0, hang address 0x00000000.

Error - 13/07/2011 14:56:18 | Computer Name = 0003252AA9FE | Source = Application Hang | ID = 1002
Description = Hanging application Heroes3.exe, version 4.0.0.0, hang module hungapp,
version 0.0.0.0, hang address 0x00000000.

Error - 13/07/2011 14:57:22 | Computer Name = 0003252AA9FE | Source = Application Hang | ID = 1002
Description = Hanging application Heroes3.exe, version 4.0.0.0, hang module hungapp,
version 0.0.0.0, hang address 0x00000000.

Error - 13/07/2011 14:57:25 | Computer Name = 0003252AA9FE | Source = Application Hang | ID = 1002
Description = Hanging application Heroes3.exe, version 4.0.0.0, hang module hungapp,
version 0.0.0.0, hang address 0x00000000.

Error - 13/07/2011 14:58:08 | Computer Name = 0003252AA9FE | Source = Application Hang | ID = 1002
Description = Hanging application Heroes3.exe, version 4.0.0.0, hang module hungapp,
version 0.0.0.0, hang address 0x00000000.

[ System Events ]
Error - 18/05/2011 12:41:15 | Computer Name = 0003252AA9FE | Source = Service Control Manager | ID = 7023
Description = The Application Management service terminated with the following error:
%%126

Error - 18/05/2011 12:41:15 | Computer Name = 0003252AA9FE | Source = Service Control Manager | ID = 7023
Description = The Application Management service terminated with the following error:
%%126

Error - 18/05/2011 12:41:15 | Computer Name = 0003252AA9FE | Source = Service Control Manager | ID = 7023
Description = The Application Management service terminated with the following error:
%%126

Error - 18/05/2011 12:41:15 | Computer Name = 0003252AA9FE | Source = Service Control Manager | ID = 7023
Description = The Application Management service terminated with the following error:
%%126

Error - 18/05/2011 12:41:15 | Computer Name = 0003252AA9FE | Source = Service Control Manager | ID = 7023
Description = The Application Management service terminated with the following error:
%%126

Error - 18/05/2011 12:41:15 | Computer Name = 0003252AA9FE | Source = Service Control Manager | ID = 7023
Description = The Application Management service terminated with the following error:
%%126

Error - 18/05/2011 12:41:15 | Computer Name = 0003252AA9FE | Source = Service Control Manager | ID = 7023
Description = The Application Management service terminated with the following error:
%%126

Error - 18/05/2011 12:41:15 | Computer Name = 0003252AA9FE | Source = Service Control Manager | ID = 7023
Description = The Application Management service terminated with the following error:
%%126

Error - 18/05/2011 12:41:16 | Computer Name = 0003252AA9FE | Source = Service Control Manager | ID = 7023
Description = The Application Management service terminated with the following error:
%%126

Error - 18/05/2011 12:41:16 | Computer Name = 0003252AA9FE | Source = Service Control Manager | ID = 7023
Description = The Application Management service terminated with the following error:
%%126


< End of report >

Thankyou for any help you can give me!

Edited by Espore, 20 June 2012 - 02:56 PM.

  • 0

Advertisements

#2
Espore
Posted 26 June 2012 - 09:02 AM

Espore

    New Member

  • Topic Starter
  • Member
  • Pip
  • 2 posts
any help?
  • 0
Back to Virus, Spyware, Malware Removal · Next Unread Topic →




Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

  1. Geeks to Go Community
  2. Security
  3. Virus, Spyware, Malware Removal

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP