Hi deltalima
Thread at devshed closed, Spybot removed, here are the OTL logs: (due to max character limit GMER will be posted separately)
OTL logfile created on: 10/13/2010 7:46:41 PM - Run 1
OTL by OldTimer - Version 3.2.15.2 Folder = C:\Documents and Settings\Administrator\Desktop
Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy
511.00 Mb Total Physical Memory | 139.00 Mb Available Physical Memory | 27.00% Memory free
1.00 Gb Paging File | 1.00 Gb Available in Paging File | 69.00% Paging File free
Paging file location(s): C:\pagefile.sys 768 1536 [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 14.65 Gb Total Space | 6.47 Gb Free Space | 44.19% Space Free | Partition Type: NTFS
Drive D: | 451.11 Gb Total Space | 17.91 Gb Free Space | 3.97% Space Free | Partition Type: NTFS
Drive H: | 1863.02 Gb Total Space | 579.78 Gb Free Space | 31.12% Space Free | Partition Type: NTFS
Drive J: | 931.51 Gb Total Space | 908.53 Gb Free Space | 97.53% Space Free | Partition Type: NTFS
Computer Name: DESK | User Name: Administrator | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
========== Processes (SafeList) ========== PRC - C:\Documents and Settings\Administrator\Desktop\OTL.exe (OldTimer Tools)
PRC - C:\Program Files\AVG\AVG9\avgtray.exe (AVG Technologies CZ, s.r.o.)
PRC - C:\Program Files\AVG\AVG9\avgnsx.exe (AVG Technologies CZ, s.r.o.)
PRC - C:\Program Files\AVG\AVG9\avgchsvx.exe (AVG Technologies CZ, s.r.o.)
PRC - C:\Program Files\AVG\AVG9\avgcsrvx.exe (AVG Technologies CZ, s.r.o.)
PRC - C:\Program Files\AVG\AVG9\avgrsx.exe (AVG Technologies CZ, s.r.o.)
PRC - C:\Program Files\AVG\AVG9\avgemc.exe (AVG Technologies CZ, s.r.o.)
PRC - C:\Program Files\AVG\AVG9\avgwdsvc.exe (AVG Technologies CZ, s.r.o.)
PRC - C:\WINDOWS\explorer.exe (Microsoft Corporation)
PRC - C:\Program Files\BasicISP HiSpeed\hispeedcore.exe (SlipStream Data Inc.)
PRC - C:\Program Files\BasicISP HiSpeed\hispeedgui.exe (SlipStream Data Inc.)
PRC - C:\Program Files\Sunbelt Software\Personal Firewall\SbPFSvc.exe (Sunbelt Software, Inc.)
PRC - C:\Program Files\Sunbelt Software\Personal Firewall\SbPFLnch.exe (Sunbelt Software, Inc.)
PRC - C:\Program Files\Sunbelt Software\Personal Firewall\SbPFCl.exe (Sunbelt Software, Inc.)
PRC - C:\Program Files\Hard Drive Inspector\HDInspector.exe (Altrixsoft)
PRC - C:\Program Files\Diskeeper Corporation\Diskeeper\DkService.exe (Diskeeper Corporation)
PRC - C:\WINDOWS\system32\HDDSvc.exe (AltrixSoft (
http://www.altrixsoft.com/))
========== Modules (SafeList) ========== MOD - C:\Documents and Settings\Administrator\Desktop\OTL.exe (OldTimer Tools)
MOD - C:\WINDOWS\system32\msscript.ocx (Microsoft Corporation)
========== Win32 Services (SafeList) ========== SRV - (HidServ) -- C:\WINDOWS\System32\hidserv.dll File not found
SRV - (avg9emc) -- C:\Program Files\AVG\AVG9\avgemc.exe (AVG Technologies CZ, s.r.o.)
SRV - (avg9wd) -- C:\Program Files\AVG\AVG9\avgwdsvc.exe (AVG Technologies CZ, s.r.o.)
SRV - (aspnet_state) -- C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\aspnet_state.exe (Microsoft Corporation)
SRV - (WPFFontCache_v0400) -- C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe (Microsoft Corporation)
SRV - (clr_optimization_v4.0.30319_32) -- C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe (Microsoft Corporation)
SRV - (SPF4) -- C:\Program Files\Sunbelt Software\Personal Firewall\SbPFSvc.exe (Sunbelt Software, Inc.)
SRV - (SbPF.Launcher) -- C:\Program Files\Sunbelt Software\Personal Firewall\SbPFLnch.exe (Sunbelt Software, Inc.)
SRV - (Diskeeper) -- C:\Program Files\Diskeeper Corporation\Diskeeper\DkService.exe (Diskeeper Corporation)
SRV - (HDDSvc) -- C:\WINDOWS\system32\HDDSvc.exe (AltrixSoft (
http://www.altrixsoft.com/))
========== Driver Services (SafeList) ========== DRV - (AvgTdiX) -- C:\WINDOWS\system32\drivers\avgtdix.sys (AVG Technologies CZ, s.r.o.)
DRV - (AvgLdx86) -- C:\WINDOWS\system32\drivers\avgldx86.sys (AVG Technologies CZ, s.r.o.)
DRV - (AvgMfx86) -- C:\WINDOWS\system32\drivers\avgmfx86.sys (AVG Technologies CZ, s.r.o.)
DRV - (epmntdrv) -- C:\WINDOWS\system32\epmntdrv.sys ()
DRV - (EuGdiDrv) -- C:\WINDOWS\system32\EuGdiDrv.sys ()
DRV - (SASKUTIL) -- C:\Program Files\SUPERAntiSpyware\SASKUTIL.SYS (SUPERAdBlocker.com and SUPERAntiSpyware.com)
DRV - (SASDIFSV) -- C:\Program Files\SUPERAntiSpyware\sasdifsv.sys (SUPERAdBlocker.com and SUPERAntiSpyware.com)
DRV - (AnyDVD) -- C:\WINDOWS\system32\drivers\AnyDVD.sys (SlySoft, Inc.)
DRV - (ElbyCDIO) -- C:\WINDOWS\system32\drivers\ElbyCDIO.sys (Elaborate Bytes AG)
DRV - (videX32) -- C:\WINDOWS\system32\DRIVERS\videX32.sys (VIA Technologies, Inc.)
DRV - (SbFw) -- C:\WINDOWS\system32\drivers\SbFw.sys (Sunbelt Software, Inc.)
DRV - (sbhips) -- C:\WINDOWS\system32\drivers\sbhips.sys (Sunbelt Software, Inc.)
DRV - (SBFWIMCL) -- C:\WINDOWS\system32\drivers\SbFwIm.sys (Sunbelt Software, Inc.)
DRV - (nv) -- C:\WINDOWS\system32\drivers\nv4_mini.sys (NVIDIA Corporation)
DRV - (rtl8139) Realtek RTL8139(A/B/C) -- C:\WINDOWS\system32\drivers\RTL8139.sys (Realtek Semiconductor Corporation)
DRV - (gameenum) -- C:\WINDOWS\system32\drivers\gameenum.sys (Microsoft Corporation)
DRV - (atapi) -- C:\WINDOWS\system32\DRIVERS\atapi.sys ()
DRV - (SiFilter) -- C:\WINDOWS\system32\DRIVERS\SiWinAcc.sys (Silicon Image, Inc.)
DRV - (SiRemFil) -- C:\WINDOWS\system32\DRIVERS\SiRemFil.sys (Silicon Image, Inc.)
DRV - (Si3112) -- C:\WINDOWS\system32\DRIVERS\SI3112.sys (Silicon Image, Inc.)
DRV - (FileDisk) -- C:\WINDOWS\System32\drivers\filedisk.sys (iolo technologies, LLC (based on original work by Bo Brantén))
DRV - (d346prt) -- C:\WINDOWS\System32\Drivers\d346prt.sys ( )
DRV - (d346bus) -- C:\WINDOWS\system32\DRIVERS\d346bus.sys ( )
DRV - (ltmodem5) -- C:\WINDOWS\system32\drivers\ltmdmnt.sys (Agere Systems)
DRV - (ultra) -- C:\WINDOWS\system32\DRIVERS\ultra.sys (Promise Technology, Inc.)
DRV - (amdagpxp) -- C:\WINDOWS\system32\DRIVERS\amdagpxp.sys (AMD)
DRV - (sbpci) Sound Blaster PCI128 Audio Driver (WDM) -- C:\WINDOWS\system32\drivers\sbpci.sys (Creative Technology Ltd.)
DRV - (es1371) Creative AudioPCI (ES1371,ES1373) (WDM) -- C:\WINDOWS\system32\drivers\es1371mp.sys (Creative Technology Ltd.)
========== Standard Registry (SafeList) ========== ========== Internet Explorer ========== IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-606747145-1677128483-842925246-500\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page =
http://www.google.com/firefoxIE - HKU\S-1-5-21-606747145-1677128483-842925246-500\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
========== FireFox ========== FF - prefs.js..browser.startup.homepage: "http://www.google.com/firefox"
FF - prefs.js..extensions.enabledItems: {d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}:1.2.2
FF - prefs.js..extensions.enabledItems: {3f963a5b-e555-4543-90e2-c3908898db71}:9.0.0.855
FF - prefs.js..extensions.enabledItems: {29852C08-1E91-4889-A6BF-C77F91D6A8F3}:1.8.62
FF - HKLM\software\mozilla\Firefox\Extensions\\{3f963a5b-e555-4543-90e2-c3908898db71}: C:\Program Files\AVG\AVG9\Firefox [2010/10/09 17:35:41 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.8\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2010/09/14 09:24:25 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.8\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2010/08/08 11:23:42 | 000,000,000 | ---D | M]
[2010/07/03 18:45:54 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Application Data\Mozilla\Extensions
[2010/10/11 10:11:01 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\j7g7pul3.default\extensions
[2010/07/05 21:10:48 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\j7g7pul3.default\extensions\{29852C08-1E91-4889-A6BF-C77F91D6A8F3}
[2010/08/28 16:59:43 | 000,000,000 | ---D | M] (Adblock Plus) -- C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\j7g7pul3.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}
[2010/10/11 10:11:01 | 000,000,000 | ---D | M] -- C:\Program Files\Mozilla Firefox\extensions
[2010/07/05 20:59:23 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions\{41697025-CA0B-4687-99DE-ABC82C5A630B}
[2010/07/05 20:59:22 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions\{9d613b03-9b7c-4fa0-b2f8-32f7cc24873f}
O1 HOSTS File: ([2010/10/08 23:02:41 | 000,421,609 | R--- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: 127.0.0.1
www.007guard.comO1 - Hosts: 127.0.0.1 007guard.com
O1 - Hosts: 127.0.0.1 008i.com
O1 - Hosts: 127.0.0.1
www.008k.comO1 - Hosts: 127.0.0.1 008k.com
O1 - Hosts: 127.0.0.1
www.00hq.comO1 - Hosts: 127.0.0.1 00hq.com
O1 - Hosts: 127.0.0.1 010402.com
O1 - Hosts: 127.0.0.1
www.032439.comO1 - Hosts: 127.0.0.1 032439.com
O1 - Hosts: 127.0.0.1
www.0scan.comO1 - Hosts: 127.0.0.1 0scan.com
O1 - Hosts: 127.0.0.1 1000gratisproben.com
O1 - Hosts: 127.0.0.1
www.1000gratisproben.comO1 - Hosts: 127.0.0.1 1001namen.com
O1 - Hosts: 127.0.0.1
www.1001namen.comO1 - Hosts: 127.0.0.1 100888290cs.com
O1 - Hosts: 127.0.0.1
www.100888290cs.comO1 - Hosts: 127.0.0.1
www.100sexlinks.comO1 - Hosts: 127.0.0.1 100sexlinks.com
O1 - Hosts: 127.0.0.1 10sek.com
O1 - Hosts: 127.0.0.1
www.10sek.comO1 - Hosts: 127.0.0.1
www.1-2005-search.comO1 - Hosts: 127.0.0.1 1-2005-search.com
O1 - Hosts: 14540 more lines...
O2 - BHO: (AVG Safe Search) - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG9\avgssie.dll (AVG Technologies CZ, s.r.o.)
O2 - BHO: (NOW!Imaging) - {9AA2F14F-E956-44B8-8694-A5B615CDF341} - C:\Program Files\BasicISP HiSpeed\components\NOWImaging.dll (SlipStream Data Inc.)
O2 - BHO: (Prefetch) - {A66AA08A-9BF0-4e87-99E6-6972731D6B99} - C:\Program Files\BasicISP HiSpeed\Prefetch.dll (SlipStream Data Inc.)
O3 - HKLM\..\Toolbar: (BasicISP HiSpeed) - {8B79EE88-E62D-4AA8-B530-CC357BA112B7} - C:\Program Files\BasicISP HiSpeed\Toolband.dll (SlipStream Data Inc.)
O3 - HKU\S-1-5-21-606747145-1677128483-842925246-500\..\Toolbar\WebBrowser: (BasicISP HiSpeed) - {8B79EE88-E62D-4AA8-B530-CC357BA112B7} - C:\Program Files\BasicISP HiSpeed\Toolband.dll (SlipStream Data Inc.)
O4 - HKLM..\Run: [AVG9_TRAY] C:\Program Files\AVG\AVG9\avgtray.exe (AVG Technologies CZ, s.r.o.)
O4 - HKLM..\Run: [HDInspector.exe] C:\Program Files\Hard Drive Inspector\HDInspector.exe (Altrixsoft)
O4 - HKLM..\Run: [KernelFaultCheck] File not found
O4 - HKLM..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe (Ahead Software Gmbh)
O4 - HKLM..\Run: [NvCplDaemon] C:\WINDOWS\System32\NvCpl.DLL (NVIDIA Corporation)
O4 - HKLM..\Run: [NvMediaCenter] C:\WINDOWS\System32\NvMcTray.DLL (NVIDIA Corporation)
O4 - HKLM..\Run: [nwiz] C:\WINDOWS\System32\nwiz.exe ()
O4 - HKLM..\Run: [SlipStream] C:\Program Files\BasicISP HiSpeed\hispeedcore.exe (SlipStream Data Inc.)
O4 - HKU\S-1-5-21-606747145-1677128483-842925246-500..\Run: [DriverMax] File not found
O4 - HKU\S-1-5-21-606747145-1677128483-842925246-500..\Run: [DriverMax_RESTART] File not found
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\BasicISP HiSpeed.lnk = C:\Program Files\BasicISP HiSpeed\hispeedgui.exe (SlipStream Data Inc.)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoRemoteRecursiveEvents = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 255
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: NoInternetOpenWith = 1
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 255
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoStartMenuPinnedList = 1
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 255
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoStartMenuPinnedList = 1
O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 255
O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoStartMenuPinnedList = 1
O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 255
O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoStartMenuPinnedList = 1
O7 - HKU\S-1-5-21-606747145-1677128483-842925246-500\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 255
O7 - HKU\S-1-5-21-606747145-1677128483-842925246-500\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoStartMenuPinnedList = 1
O7 - HKU\S-1-5-21-606747145-1677128483-842925246-500\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoSaveSettings = 0
O10 - Protocol_Catalog9\Catalog_Entries\000000000001 - C:\Program Files\BasicISP HiSpeed\sliplsp.dll (SlipStream Data Inc.)
O10 - Protocol_Catalog9\Catalog_Entries\000000000007 - C:\Program Files\BasicISP HiSpeed\sliplsp.dll (SlipStream Data Inc.)
O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499}
http://download.bitdefender.com/resourc ... oscan8.cab (BDSCANONLINE Control)
O18 - Protocol\Handler\linkscanner {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG9\avgpp.dll (AVG Technologies CZ, s.r.o.)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - Winlogon\Notify\!SASWinLogon: DllName - C:\Program Files\SUPERAntiSpyware\SASWINLO.DLL - C:\Program Files\SUPERAntiSpyware\SASWINLO.DLL (SUPERAntiSpyware.com)
O20 - Winlogon\Notify\avgrsstarter: DllName - avgrsstx.dll - C:\WINDOWS\System32\avgrsstx.dll (AVG Technologies CZ, s.r.o.)
O24 - Desktop WallPaper: C:\Documents and Settings\Administrator\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O24 - Desktop BackupWallPaper: C:\Documents and Settings\Administrator\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O28 - HKLM ShellExecuteHooks: {5AE067D3-9AFB-48E0-853A-EBB7F4A000DA} - C:\Program Files\SUPERAntiSpyware\SASSEH.DLL (SuperAdBlocker.com)
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2010/07/03 12:03:45 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O33 - MountPoints2\{04571cc5-86f0-11df-a772-85a748831497}\Shell - "" = AutoRun
O33 - MountPoints2\{04571cc5-86f0-11df-a772-85a748831497}\Shell\AutoRun - "" = Auto&Play
O33 - MountPoints2\{04571cc5-86f0-11df-a772-85a748831497}\Shell\AutoRun\command - "" = J:\LaunchU3.exe -- File not found
O33 - MountPoints2\{448e51a6-c13c-11df-9c2a-ec644ec9bf9a}\Shell - "" = AutoRun
O33 - MountPoints2\{448e51a6-c13c-11df-9c2a-ec644ec9bf9a}\Shell\AutoRun - "" = Auto&Play
O33 - MountPoints2\{448e51a6-c13c-11df-9c2a-ec644ec9bf9a}\Shell\AutoRun\command - "" = J:\EasyCopy.exe -- File not found
O33 - MountPoints2\{71ef9b8f-b7d0-11df-9c17-0010b560d939}\Shell - "" = AutoRun
O33 - MountPoints2\{71ef9b8f-b7d0-11df-9c17-0010b560d939}\Shell\AutoRun - "" = Auto&Play
O33 - MountPoints2\{71ef9b8f-b7d0-11df-9c17-0010b560d939}\Shell\AutoRun\command - "" = J:\EasyCopy.exe -- File not found
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
========== Files/Folders - Created Within 30 Days ========== [2010/10/13 08:58:04 | 000,574,464 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\Administrator\Desktop\OTL.exe
[2010/10/10 14:54:54 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Application Data\AVI ReComp
[2010/10/10 14:54:20 | 000,000,000 | ---D | C] -- C:\Program Files\Gabest
[2010/10/10 14:54:09 | 000,000,000 | ---D | C] -- C:\Program Files\Xvid
[2010/10/10 14:53:39 | 000,000,000 | ---D | C] -- C:\Program Files\AviSynth 2.5
[2010/10/10 14:52:59 | 000,000,000 | ---D | C] -- C:\Program Files\AVI ReComp
[2010/10/10 14:51:27 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Desktop\progs
[2010/10/10 14:42:55 | 000,000,000 | ---D | C] -- C:\Program Files\7-Zip
[2010/10/09 15:41:48 | 000,243,024 | ---- | C] (AVG Technologies CZ, s.r.o.) -- C:\WINDOWS\System32\drivers\avgtdix.sys
[2010/10/09 15:41:48 | 000,012,536 | ---- | C] (AVG Technologies CZ, s.r.o.) -- C:\WINDOWS\System32\avgrsstx.dll
[2010/10/09 15:41:27 | 000,216,400 | ---- | C] (AVG Technologies CZ, s.r.o.) -- C:\WINDOWS\System32\drivers\avgldx86.sys
[2010/10/09 15:41:27 | 000,029,584 | ---- | C] (AVG Technologies CZ, s.r.o.) -- C:\WINDOWS\System32\drivers\avgmfx86.sys
[2010/10/09 15:41:24 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\drivers\Avg
[2010/10/09 15:41:09 | 000,000,000 | ---D | C] -- C:\Program Files\AVG
[2010/10/09 15:41:08 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\avg9
[2010/10/09 13:44:24 | 000,000,000 | ---D | C] -- C:\Program Files\Trend Micro
[2010/10/08 22:33:51 | 000,000,000 | ---D | C] -- C:\Program Files\Spybot - Search & Destroy
[2010/10/08 22:33:51 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy
[2010/10/08 21:31:19 | 000,000,000 | ---D | C] -- C:\WINDOWS\BDOSCAN8
[2010/10/08 21:24:01 | 000,000,000 | ---D | C] -- C:\Documents and Settings\NetworkService\Application Data\Real
[2010/10/08 18:38:12 | 000,000,000 | RH-D | C] -- C:\Documents and Settings\Administrator\Recent
[2010/10/08 17:40:30 | 000,050,688 | ---- | C] (Atribune.org) -- C:\Documents and Settings\Administrator\Desktop\ATF-Cleaner.exe
[2010/10/07 21:22:15 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Application Data\Malwarebytes
[2010/10/07 21:22:02 | 000,038,224 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbamswissarmy.sys
[2010/10/07 21:21:56 | 000,020,952 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbam.sys
[2010/10/07 21:21:56 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Malwarebytes
[2010/10/07 21:21:55 | 000,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware
[2010/10/07 19:36:42 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\SUPERAntiSpyware.com
[2010/10/07 19:36:42 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Application Data\SUPERAntiSpyware.com
[2010/10/07 19:36:18 | 000,000,000 | ---D | C] -- C:\Program Files\SUPERAntiSpyware
[2010/10/07 16:12:31 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Application Data\Help
[2010/10/03 13:48:54 | 000,000,000 | ---D | C] -- C:\Documents and Settings\NetworkService\Application Data\Macromedia
[2010/10/03 13:47:15 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Desktop\FileScavenger
[2010/10/03 13:15:50 | 000,000,000 | ---D | C] -- C:\Documents and Settings\NetworkService\Application Data\Adobe
[2010/10/02 14:15:24 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Desktop\HV335T_Flash_D2.09_20100607_Beta.rar
[2010/09/21 19:01:57 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Desktop\HV335T_Flash_V2.0
[2010/09/21 18:56:06 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Local Settings\Application Data\HandBrake
[2010/09/21 18:55:54 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Application Data\HandBrake
[2010/09/21 18:55:44 | 000,000,000 | ---D | C] -- C:\Program Files\Handbrake
[2010/09/19 22:31:52 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Desktop\QPShell3.0
[2010/09/19 19:58:04 | 000,000,000 | ---D | C] -- C:\Program Files\Canon
[2010/09/19 17:13:35 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\ptpusb.dll
[2010/09/19 17:13:32 | 000,015,104 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\usbscan.sys
[2010/09/19 17:13:31 | 000,159,232 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\ptpusd.dll
[2010/07/05 19:45:30 | 000,156,800 | ---- | C] ( ) -- C:\WINDOWS\System32\drivers\d346bus.sys
[2010/07/05 19:45:30 | 000,005,248 | ---- | C] ( ) -- C:\WINDOWS\System32\drivers\d346prt.sys
[2010/07/03 18:51:10 | 000,047,360 | ---- | C] (VSO Software) -- C:\Documents and Settings\Administrator\Application Data\pcouffin.sys
[8 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
[3 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
========== Files - Modified Within 30 Days ========== [2010/10/13 19:44:12 | 000,186,500 | ---- | M] () -- C:\WINDOWS\System32\nvapps.xml
[2010/10/13 19:42:38 | 000,002,206 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2010/10/13 19:42:33 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2010/10/13 19:24:57 | 280,134,344 | ---- | M] () -- C:\Documents and Settings\Administrator\Desktop\gdb 1.st3
[2010/10/13 09:03:47 | 000,293,376 | ---- | M] () -- C:\Documents and Settings\Administrator\Desktop\ike6nz0w.exe
[2010/10/13 09:01:52 | 000,574,464 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Administrator\Desktop\OTL.exe
[2010/10/12 18:26:44 | 066,162,207 | ---- | M] () -- C:\WINDOWS\System32\drivers\Avg\incavi.avm
[2010/10/12 18:13:43 | 000,002,463 | ---- | M] () -- C:\Documents and Settings\Administrator\Desktop\HiJackThis.lnk
[2010/10/12 18:00:27 | 000,005,576 | ---- | M] () -- C:\Documents and Settings\Administrator\My Documents\mine.Theme
[2010/10/12 09:34:03 | 000,110,080 | ---- | M] () -- C:\Documents and Settings\Administrator\Desktop\12.doc
[2010/10/10 21:50:58 | 000,000,116 | ---- | M] () -- C:\WINDOWS\NeroDigital.ini
[2010/10/10 14:53:05 | 000,001,667 | ---- | M] () -- C:\Documents and Settings\Administrator\Desktop\AVI ReComp.lnk
[2010/10/09 15:41:49 | 000,001,507 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\AVG Free 9.0.lnk
[2010/10/09 15:41:48 | 000,243,024 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\WINDOWS\System32\drivers\avgtdix.sys
[2010/10/09 15:41:48 | 000,012,536 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\WINDOWS\System32\avgrsstx.dll
[2010/10/09 15:41:27 | 000,216,400 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\WINDOWS\System32\drivers\avgldx86.sys
[2010/10/09 15:41:27 | 000,113,461 | ---- | M] () -- C:\WINDOWS\System32\drivers\Avg\iavichjw.avm
[2010/10/09 15:41:27 | 000,029,584 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\WINDOWS\System32\drivers\avgmfx86.sys
[2010/10/08 23:02:41 | 000,421,609 | R--- | M] () -- C:\WINDOWS\System32\drivers\etc\hosts
[2010/10/08 17:30:06 | 000,050,688 | ---- | M] (Atribune.org) -- C:\Documents and Settings\Administrator\Desktop\ATF-Cleaner.exe
[2010/10/07 21:22:06 | 000,000,696 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Malwarebytes' Anti-Malware.lnk
[2010/10/07 19:36:26 | 000,001,678 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\SUPERAntiSpyware Free Edition.lnk
[2010/10/07 18:13:37 | 000,002,048 | ---- | M] () -- C:\Uninstall.dat
[2010/10/03 22:23:07 | 393,239,080 | ---- | M] () -- C:\Documents and Settings\Administrator\Desktop\10-3.fss
[2010/10/03 15:31:07 | 000,000,229 | ---- | M] () -- C:\Documents and Settings\Administrator\My Documents\License.reg
[2010/10/02 22:17:11 | 000,002,423 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Diskeeper 2008.lnk
[2010/09/29 16:03:37 | 000,002,473 | ---- | M] () -- C:\Documents and Settings\Administrator\Desktop\Microsoft Word.lnk
[2010/09/21 18:55:45 | 000,000,694 | ---- | M] () -- C:\Documents and Settings\Administrator\Desktop\Handbrake.lnk
[2010/09/19 19:58:31 | 000,000,832 | ---- | M] () -- C:\Documents and Settings\Administrator\Desktop\Easy-PhotoPrint.lnk
[8 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
[3 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
========== Files Created - No Company Name ========== [2010/10/13 19:09:40 | 280,134,344 | ---- | C] () -- C:\Documents and Settings\Administrator\Desktop\gdb 1.st3
[2010/10/13 09:02:20 | 000,293,376 | ---- | C] () -- C:\Documents and Settings\Administrator\Desktop\ike6nz0w.exe
[2010/10/12 18:13:35 | 000,002,463 | ---- | C] () -- C:\Documents and Settings\Administrator\Desktop\HiJackThis.lnk
[2010/10/12 09:03:02 | 000,110,080 | ---- | C] () -- C:\Documents and Settings\Administrator\Desktop\12.doc
[2010/10/10 14:53:05 | 000,001,667 | ---- | C] () -- C:\Documents and Settings\Administrator\Desktop\AVI ReComp.lnk
[2010/10/09 15:41:49 | 000,001,507 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\AVG Free 9.0.lnk
[2010/10/09 15:41:27 | 000,113,461 | ---- | C] () -- C:\WINDOWS\System32\drivers\Avg\iavichjw.avm
[2010/10/09 15:41:24 | 066,162,207 | ---- | C] () -- C:\WINDOWS\System32\drivers\Avg\incavi.avm
[2010/10/07 21:22:06 | 000,000,696 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Malwarebytes' Anti-Malware.lnk
[2010/10/07 19:36:26 | 000,001,678 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\SUPERAntiSpyware Free Edition.lnk
[2010/10/07 18:08:55 | 000,002,048 | ---- | C] () -- C:\Uninstall.dat
[2010/10/06 08:52:42 | 000,005,576 | ---- | C] () -- C:\Documents and Settings\Administrator\My Documents\mine.Theme
[2010/10/03 22:21:01 | 393,239,080 | ---- | C] () -- C:\Documents and Settings\Administrator\Desktop\10-3.fss
[2010/10/03 15:31:07 | 000,000,229 | ---- | C] () -- C:\Documents and Settings\Administrator\My Documents\License.reg
[2010/09/21 18:55:45 | 000,000,694 | ---- | C] () -- C:\Documents and Settings\Administrator\Desktop\Handbrake.lnk
[2010/09/19 19:58:31 | 000,000,832 | ---- | C] () -- C:\Documents and Settings\Administrator\Desktop\Easy-PhotoPrint.lnk
[2010/08/20 18:47:05 | 000,696,320 | ---- | C] () -- C:\WINDOWS\System32\libeay32.dll
[2010/08/20 18:47:05 | 000,155,648 | ---- | C] () -- C:\WINDOWS\System32\ssleay32.dll
[2010/08/20 18:46:48 | 000,075,417 | ---- | C] () -- C:\WINDOWS\System32\mfc45.dll
[2010/08/20 18:46:02 | 000,044,544 | ---- | C] () -- C:\WINDOWS\System32\Gif89.dll
[2010/07/06 07:08:47 | 000,005,632 | ---- | C] () -- C:\WINDOWS\System32\CNMVS3i.DLL
[2010/07/06 00:05:24 | 000,000,116 | ---- | C] () -- C:\WINDOWS\NeroDigital.ini
[2010/07/05 21:34:28 | 000,000,376 | ---- | C] () -- C:\WINDOWS\ODBC.INI
[2010/07/03 18:51:14 | 000,000,034 | ---- | C] () -- C:\Documents and Settings\Administrator\Application Data\pcouffin.log
[2010/07/03 18:51:10 | 000,087,608 | ---- | C] () -- C:\Documents and Settings\Administrator\Application Data\inst.exe
[2010/07/03 18:51:10 | 000,007,887 | ---- | C] () -- C:\Documents and Settings\Administrator\Application Data\pcouffin.cat
[2010/07/03 18:51:10 | 000,001,144 | ---- | C] () -- C:\Documents and Settings\Administrator\Application Data\pcouffin.inf
[2010/07/03 18:32:16 | 000,014,848 | ---- | C] () -- C:\WINDOWS\System32\EuEpmGdi.dll
[2010/07/03 18:32:16 | 000,013,192 | ---- | C] () -- C:\WINDOWS\System32\epmntdrv.sys
[2010/07/03 18:32:16 | 000,008,456 | ---- | C] () -- C:\WINDOWS\System32\EuGdiDrv.sys
[2010/07/03 01:37:50 | 000,004,161 | ---- | C] () -- C:\WINDOWS\ODBCINST.INI
[2009/06/07 04:24:04 | 000,180,224 | ---- | C] () -- C:\WINDOWS\System32\xvidvfw.dll
[2009/06/07 04:16:12 | 000,819,200 | ---- | C] () -- C:\WINDOWS\System32\xvidcore.dll
[2009/01/28 08:50:44 | 000,153,088 | ---- | C] () -- C:\WINDOWS\System32\unrar.dll
[2009/01/05 15:44:10 | 000,000,453 | ---- | C] () -- C:\WINDOWS\bdoscandellang.ini
[2008/05/16 08:31:00 | 001,703,936 | ---- | C] () -- C:\WINDOWS\System32\nvwdmcpl.dll
[2008/05/16 08:31:00 | 001,486,848 | ---- | C] () -- C:\WINDOWS\System32\nview.dll
[2008/05/16 08:31:00 | 001,019,904 | ---- | C] () -- C:\WINDOWS\System32\nvwimg.dll
[2008/05/16 08:31:00 | 000,466,944 | ---- | C] () -- C:\WINDOWS\System32\nvshell.dll
[2008/05/16 08:31:00 | 000,286,720 | ---- | C] () -- C:\WINDOWS\System32\nvnt4cpl.dll
[2008/04/14 00:10:32 | 000,096,512 | ---- | C] () -- C:\WINDOWS\System32\drivers\atapi.sys
[2004/03/15 19:28:50 | 000,069,120 | ---- | C] () -- C:\WINDOWS\daemon.dll
========== Alternate Data Streams ========== @Alternate Data Stream - 101 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:0CE7F3C9
< End of report >
OTL Extras logfile created on: 10/13/2010 7:46:41 PM - Run 1
OTL by OldTimer - Version 3.2.15.2 Folder = C:\Documents and Settings\Administrator\Desktop
Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy
511.00 Mb Total Physical Memory | 139.00 Mb Available Physical Memory | 27.00% Memory free
1.00 Gb Paging File | 1.00 Gb Available in Paging File | 69.00% Paging File free
Paging file location(s): C:\pagefile.sys 768 1536 [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 14.65 Gb Total Space | 6.47 Gb Free Space | 44.19% Space Free | Partition Type: NTFS
Drive D: | 451.11 Gb Total Space | 17.91 Gb Free Space | 3.97% Space Free | Partition Type: NTFS
Drive H: | 1863.02 Gb Total Space | 579.78 Gb Free Space | 31.12% Space Free | Partition Type: NTFS
Drive J: | 931.51 Gb Total Space | 908.53 Gb Free Space | 97.53% Space Free | Partition Type: NTFS
Computer Name: DESK | User Name: Administrator | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
========== Extra Registry (SafeList) ========== ========== File Associations ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
[HKEY_USERS\S-1-5-21-606747145-1677128483-842925246-500\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)
========== Shell Spawning ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
htmlfile [edit] -- Reg Error: Key error.
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l (Microsoft Corporation)
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
========== Security Center Settings ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"FirstRunDisabled" = 1
"AntiVirusOverride" = 0
"FirewallOverride" = 0
"AntiVirusDisableNotify" = 1
"FirewallDisableNotify" = 1
"UpdatesDisableNotify" = 1
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall]
========== System Restore Settings ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows NT\SystemRestore]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Sr]
"Start" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SrService]
"Start" = 2
========== Firewall Settings ========== [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall" = 0
"DoNotAllowExceptions" = 0
"DisableNotifications" = 0
"DisableUnicastResponsesToMulticastBroadcast" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List]
"139:TCP" = 139:TCP:*:Enabled:@xpsp2res.dll,-22004
"445:TCP" = 445:TCP:*:Enabled:@xpsp2res.dll,-22005
"137:UDP" = 137:UDP:*:Enabled:@xpsp2res.dll,-22001
"138:UDP" = 138:UDP:*:Enabled:@xpsp2res.dll,-22002
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 0
"DoNotAllowExceptions" = 0
"DisableNotifications" = 0
"DisableUnicastResponsesToMulticastBroadcast" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
"1900:UDP" = 1900:UDP:LocalSubNet:Disabled:@xpsp2res.dll,-22007
"2869:TCP" = 2869:TCP:LocalSubNet:Disabled:@xpsp2res.dll,-22008
"139:TCP" = 139:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22004
"445:TCP" = 445:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22005
"137:UDP" = 137:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22001
"138:UDP" = 138:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22002
========== Authorized Applications List ========== [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"C:\Program Files\AVG\AVG9\avgemc.exe" = C:\Program Files\AVG\AVG9\avgemc.exe:*:Enabled:avgemc.exe -- (AVG Technologies CZ, s.r.o.)
"C:\Program Files\AVG\AVG9\avgupd.exe" = C:\Program Files\AVG\AVG9\avgupd.exe:*:Enabled:avgupd.exe -- (AVG Technologies CZ, s.r.o.)
"C:\Program Files\AVG\AVG9\avgnsx.exe" = C:\Program Files\AVG\AVG9\avgnsx.exe:*:Enabled:avgnsx.exe -- (AVG Technologies CZ, s.r.o.)
========== HKEY_LOCAL_MACHINE Uninstall List ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{00030409-78E1-11D2-B60F-006097C998E7}" = Microsoft Office 2000 SR-1 Small Business
"{0A0CADCF-78DA-33C4-A350-CD51849B9702}" = Microsoft .NET Framework 4 Extended
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{2624B969-7135-4EB1-B0F6-2D8C397B45F7}_is1" = Media Player Classic - Home Cinema v. 1.3.1249.0
"{268723B7-A994-4286-9F85-B974D5CAFC7B}" = EasyRecovery Professional
"{2C0A655C-61E7-428A-8ED2-23A3D20E7DD2}" = Data Lifeguard Tools
"{350C97B0-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP
"{3C3901C5-3455-3E0A-A214-0B093A5070A6}" = Microsoft .NET Framework 4 Client Profile
"{45A66726-69BC-466B-A7A4-12FCBA4883D7}" = HiJackThis
"{56582EEA-3AEF-4D84-8B9D-C87A3CD9250F}" = GetDataBack for NTFS
"{56CA5D3B-3002-4E7B-90FE-071D8FDF3814}" =
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{82B1150E-9B37-49FC-83EB-D52197D900D0}" = Sunbelt Personal Firewall
"{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable
"{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}" = Microsoft .NET Framework 3.0 Service Pack 2
"{B695F0BF-D610-4C5E-B7AC-C9FF6C172CC0}" = Diskeeper 2008 Pro Premier
"{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}" = Microsoft .NET Framework 2.0 Service Pack 2
"{C9A87D86-FDFD-418B-BF96-EF09320973B3}" = PC Inspector smart recovery
"{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}" = Microsoft .NET Framework 1.1
"{CDDCBBF1-2703-46BC-938B-BCC81A1EEAAA}" = SUPERAntiSpyware
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"7-Zip" = 7-Zip 4.65
"AnyDVD" = AnyDVD
"AutoUnpack_is1" = AutoUnpack 4.5.2
"AVG9Uninstall" = AVG Free 9.0
"AVI ReComp" = AVI ReComp 1.5.1
"Avisynth" = AviSynth 2.5
"Better File Rename_is1" = Better File Rename 4.5.5
"BNR2 0.14.6 Beta_is1" = Binary News Reaper 0.14.6 Beta
"CANONBJ_Deinstall_CNMCP3i.DLL" = Canon S9000
"CCleaner" = CCleaner
"CDisplay_is1" = CDisplay 1.8
"DMX5_is1" = DriverMax 5
"DVDFab 7_is1" = DVDFab 7.0.7.0 (08/06/2010)
"DVDFab Platinum 4_is1" = DVDFab Platinum 4.1.2.0
"EASEUS Partition Master Home Edition_is1" = EASEUS Partition Master 6.0.1 Home Edition
"Easy-PhotoPrint" = Canon Utilities Easy-PhotoPrint
"Handbrake" = Handbrake 0.9.4
"Hard Drive Inspector" = Hard Drive Inspector Professional 2.90 build # 467
"ie8" = Windows Internet Explorer 8
"ImgBurn" = ImgBurn
"InstallShield_{268723B7-A994-4286-9F85-B974D5CAFC7B}" = EasyRecovery Professional
"IrfanView" = IrfanView (remove only)
"Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware
"Microsoft .NET Framework 1.1 (1033)" = Microsoft .NET Framework 1.1
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Extended" = Microsoft .NET Framework 4 Extended
"Mozilla Firefox (3.6.
" = Mozilla Firefox (3.6.
"Nero - Burning Rom!UninstallKey" = Nero 6 Ultra Edition
"Nero 6.x Audio + Video Plugins1.0.0.0" = Nero 6.x Audio + Video Plugins
"NeroVision!UninstallKey" = NeroVision Express 3
"NVIDIA Drivers" = NVIDIA Drivers
"PAR Buddy_is1" = PAR Buddy 2.60 (32 bit)
"QuickPar" = QuickPar 0.9
"QuicktimeAlt_is1" = QuickTime Alternative 3.2.2
"RealAlt_is1" = Real Alternative 2.0.2
"Revo Uninstaller" = Revo Uninstaller 1.83
"Search and Recover 4_is1" = iolo technologies' Search and Recover 4
"SlipStream" = BasicISP HiSpeed
"Unlocker" = Unlocker 1.9.0
"VobSub" = VobSub 2.23
"WinRAR archiver" = WinRAR archiver
"Xvid_is1" = Xvid 1.2.2
========== Last 10 Event Log Errors ========== [ Application Events ]
Error - 8/4/2010 9:53:52 PM | Computer Name = DESK | Source = Diskeeper | ID = 5
Description = Diskeeper Control Center - ERROR The Diskeeper News and Information
feature was unable to contact the Diskeeper Corporation web server. Ensure this
computer has Internet access. The Error Code is 5.
Error - 8/7/2010 2:36:19 AM | Computer Name = DESK | Source = Diskeeper | ID = 5
Description = Diskeeper Control Center - ERROR The Diskeeper News and Information
feature was unable to contact the Diskeeper Corporation web server. Ensure this
computer has Internet access. The Error Code is 5.
Error - 8/15/2010 11:48:28 PM | Computer Name = DESK | Source = Diskeeper | ID = 5
Description = Diskeeper Control Center - ERROR The Diskeeper News and Information
feature was unable to contact the Diskeeper Corporation web server. Ensure this
computer has Internet access. The Error Code is 5.
Error - 8/18/2010 5:29:11 AM | Computer Name = DESK | Source = Diskeeper | ID = 5
Description = Diskeeper Control Center - ERROR The Diskeeper News and Information
feature was unable to contact the Diskeeper Corporation web server. Ensure this
computer has Internet access. The Error Code is 5.
[ System Events ]
Error - 10/3/2010 9:16:02 PM | Computer Name = DESK | Source = W32Time | ID = 39452689
Description = Time Provider NtpClient: An error occurred during DNS lookup of the
manually configured peer 'time.windows.com,0x1'. NtpClient will try the DNS lookup
again in 15 minutes. The error was: A socket operation was attempted to an unreachable
host. (0x80072751)
Error - 10/3/2010 9:16:02 PM | Computer Name = DESK | Source = W32Time | ID = 39452701
Description = The time provider NtpClient is configured to acquire time from one
or more time sources, however none of the sources are currently accessible. No attempt
to contact a source will be made for 14 minutes. NtpClient has no source of accurate
time.
Error - 10/7/2010 11:31:17 PM | Computer Name = DESK | Source = Service Control Manager | ID = 7032
Description = The Service Control Manager tried to take a corrective action (Restart
the service) after the unexpected termination of the Windows Management Instrumentation
service, but this action failed with the following error: %%1056
Error - 10/8/2010 10:57:32 PM | Computer Name = DESK | Source = Print | ID = 6161
Description = The document If you have infection issue... owned by Administrator
failed to print on printer Canon S9000. Data type: NT EMF 1.008. Size of the spool
file in bytes: 589824. Number of bytes printed: 223412. Total number of pages in
the document: 4. Number of pages printed: 3. Client machine: \\DESK. Win32 error
code returned by the print processor: 122 (0x7a).
Error - 10/9/2010 6:26:21 PM | Computer Name = DESK | Source = Service Control Manager | ID = 7011
Description = Timeout (30000 milliseconds) waiting for a transaction response from
the Dnscache service.
Error - 10/10/2010 6:35:43 PM | Computer Name = DESK | Source = Service Control Manager | ID = 7011
Description = Timeout (30000 milliseconds) waiting for a transaction response from
the Dnscache service.
Error - 10/11/2010 4:12:08 PM | Computer Name = DESK | Source = Service Control Manager | ID = 7011
Description = Timeout (30000 milliseconds) waiting for a transaction response from
the Dnscache service.
Error - 10/12/2010 3:07:34 PM | Computer Name = DESK | Source = Service Control Manager | ID = 7011
Description = Timeout (30000 milliseconds) waiting for a transaction response from
the Dnscache service.
Error - 10/13/2010 12:01:52 AM | Computer Name = DESK | Source = Service Control Manager | ID = 7011
Description = Timeout (30000 milliseconds) waiting for a transaction response from
the Dnscache service.
Error - 10/13/2010 2:43:35 PM | Computer Name = DESK | Source = Service Control Manager | ID = 7011
Description = Timeout (30000 milliseconds) waiting for a transaction response from
the Dnscache service.
< End of report >