Solved Updates equal error, part two.

broni · 2010/08/29

Looks good

Download OTL to your Desktop.

* Double click on the icon to run it. Make sure all other windows are closed and to let it run uninterrupted.
* Under the Custom Scan box paste this in:

netsvcs
drivers32 /all
%SYSTEMDRIVE%\*.*
%systemroot%\system32\Spool\prtprocs\w32x86\*.dll
%systemroot%\system32\*.wt
%systemroot%\system32\*.ruy
%systemroot%\Fonts\*.com
%systemroot%\Fonts\*.dll
%systemroot%\system32\spool\prtprocs\w32x86\*.tmp
%systemroot%\*. /mp /s
CREATERESTOREPOINT
%systemroot%\system32\*.dll /lockedfiles
%systemroot%\Tasks\*.job /lockedfiles
%systemroot%\System32\config\*.sav
%systemroot%\system32\user32.dll /md5
%systemroot%\system32\ws2_32.dll /md5
%systemroot%\system32\ws2help.dll /md5
HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate\AU
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update\Results\Install|LastSuccessTime /rs

* Click the Quick Scan button. Do not change any settings unless otherwise told to do so. The scan wont take long.

When the scan completes, it will open two notepad windows: OTL.txt and Extras.txt. These are saved in the same location as OTL.

Please copy (Edit->Select All, Edit->Copy) the contents of these files, one at a time, and post them back here.

Bdog · 2010/08/29

Hi Broni,
my antivirus program tells me the site for the OTL download is harmful.
Please advise.
Thank you.

broni · 2010/08/29

OTL is perfectly safe. Disregard warning, or disable Shaw for downloading time.

Bdog · 2010/08/29

OTL logfile created on: 8/28/2010 10:40:48 PM - Run 1
OTL by OldTimer - Version 3.2.11.0 Folder = C:\Documents and Settings\Barry\Desktop
Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

1,023.00 Mb Total Physical Memory | 357.00 Mb Available Physical Memory | 35.00% Memory free
3.00 Gb Paging File | 2.00 Gb Available in Paging File | 80.00% Paging File free
Paging file location(s): C:\pagefile.sys 2046 4092 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 76.32 Gb Total Space | 19.29 Gb Free Space | 25.28% Space Free | Partition Type: NTFS
Drive D: | 2.36 Gb Total Space | 0.00 Gb Free Space | 0.00% Space Free | Partition Type: CDFS
E: Drive not present or media not loaded
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded

Computer Name: BARRY-ADADBF10A
Current User Name: Barry
Logged in as Administrator.

Current Boot Mode: Normal
Scan Mode: Current user
Company Name Whitelist: On
Skip Microsoft Files: On
File Age = 90 Days
Output = Standard
Quick Scan

========== Processes (SafeList) ==========

PRC - [2010/08/28 22:23:28 | 000,574,976 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Barry\Desktop\OTL.exe
PRC - [2010/08/23 04:53:17 | 000,058,024 | ---- | M] (F-Secure Corporation) -- C:\Program Files\Shaw Secure\ORSP Client\fsorsp.exe
PRC - [2010/08/20 12:45:26 | 001,164,584 | ---- | M] () -- C:\Program Files\DivX\DivX Update\DivXUpdate.exe
PRC - [2010/08/18 18:11:46 | 000,522,848 | ---- | M] (F-Secure Corporation) -- C:\Program Files\Shaw Secure\FWES\program\fsdfwd.exe
PRC - [2010/08/18 17:57:35 | 000,365,248 | ---- | M] (F-Secure Corporation) -- C:\Program Files\Shaw Secure\Anti-Virus\fsav32.exe
PRC - [2010/08/18 17:56:27 | 000,783,016 | ---- | M] (F-Secure Corporation) -- C:\Program Files\Shaw Secure\Anti-Virus\fssm32.exe
PRC - [2010/08/18 17:56:26 | 000,492,200 | ---- | M] (F-Secure Corporation) -- C:\Program Files\Shaw Secure\Anti-Virus\fsgk32.exe
PRC - [2010/03/19 10:49:20 | 000,144,672 | ---- | M] (Apple Inc.) -- C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
PRC - [2009/09/08 15:56:28 | 003,724,072 | ---- | M] (Wacom Technology, Corp.) -- C:\Program Files\WTouch\WTouchUser.exe
PRC - [2009/09/08 15:56:22 | 000,393,512 | ---- | M] (Wacom Technology, Corp.) -- C:\WINDOWS\system32\WTablet\Pen_TabletUser.exe
PRC - [2009/09/08 15:56:22 | 000,112,936 | ---- | M] (Wacom Technology, Corp.) -- C:\Program Files\WTouch\WTouchService.exe
PRC - [2009/09/08 15:56:20 | 004,410,152 | ---- | M] (Wacom Technology, Corp.) -- C:\WINDOWS\system32\Pen_Tablet.exe
PRC - [2009/08/25 09:34:16 | 001,258,792 | ---- | M] (Shaw Communications) -- C:\Program Files\shaw\bin\shawsupport.exe
PRC - [2009/08/05 08:58:52 | 000,186,976 | ---- | M] (F-Secure Corporation) -- C:\Program Files\Shaw Secure\Common\FSMA32.EXE
PRC - [2009/08/05 08:58:50 | 000,199,264 | ---- | M] (F-Secure Corporation) -- C:\Program Files\Shaw Secure\Common\FSM32.EXE
PRC - [2009/08/05 08:58:50 | 000,088,672 | ---- | M] (F-Secure Corporation) -- C:\Program Files\Shaw Secure\Common\FSHDLL32.EXE
PRC - [2009/08/05 08:56:10 | 000,215,648 | ---- | M] (F-Secure Corporation) -- C:\Program Files\Shaw Secure\Anti-Virus\fsgk32st.exe
PRC - [2008/05/02 03:44:08 | 000,805,392 | ---- | M] (Logitech, Inc.) -- C:\Program Files\Logitech\SetPoint\SetPoint.exe
PRC - [2008/05/02 03:40:56 | 000,076,304 | ---- | M] (Logitech, Inc.) -- C:\Program Files\Common Files\Logishrd\KHAL2\KHALMNPR.exe
PRC - [2008/04/13 17:12:19 | 001,033,728 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
PRC - [2007/09/07 11:40:34 | 000,132,392 | ---- | M] (Wacom Technology, Corp.) -- C:\WINDOWS\system32\WTablet\Wacom_TabletUser.exe
PRC - [2007/09/07 11:40:04 | 001,373,480 | ---- | M] (Wacom Technology, Corp.) -- C:\WINDOWS\system32\Wacom_Tablet.exe
PRC - [2007/06/05 14:20:32 | 000,177,704 | ---- | M] () -- C:\WINDOWS\system32\PSIService.exe
PRC - [2007/01/31 14:55:42 | 000,096,370 | ---- | M] (Canon Inc.) -- C:\Program Files\Canon\CAL\CALMAIN.exe
PRC - [2006/03/01 19:43:20 | 000,090,112 | ---- | M] (Nero AG) -- C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe

========== Modules (SafeList) ==========

MOD - [2010/08/28 22:23:28 | 000,574,976 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Barry\Desktop\OTL.exe
MOD - [2009/08/05 08:59:08 | 000,256,608 | ---- | M] (F-Secure Corporation) -- C:\Program Files\Shaw Secure\Spam Control\fsscoepl.dll
MOD - [2009/08/05 08:58:30 | 000,330,336 | ---- | M] () -- \\?\c:\program files\shaw secure\hips\fshook32.dll
MOD - [2009/07/12 02:12:06 | 000,632,656 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\WinSxS\x86_Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.4053_x-ww_e6967989\msvcr80.dll
MOD - [2008/05/02 03:42:50 | 000,045,584 | ---- | M] (Logitech, Inc.) -- C:\Program Files\Logitech\SetPoint\lgscroll.dll
MOD - [2008/04/13 17:10:20 | 000,110,592 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\msscript.ocx

========== Win32 Services (SafeList) ==========

SRV - File not found [Auto | Stopped] -- C:\WINDOWS\System32\PnkBstrB.exe -- (PnkBstrB)
SRV - File not found [Auto | Stopped] -- C:\WINDOWS\System32\PnkBstrA.exe -- (PnkBstrA)
SRV - File not found [On_Demand | Stopped] -- C:\Program Files\Hotspot Shield\bin\HssTrayService.EXE -- (HssTrayService)
SRV - File not found [Auto | Stopped] -- C:\Program Files\Hotspot Shield\HssWPR\hsssrv.exe -- (HssSrv)
SRV - File not found [Auto | Stopped] -- C:\Program Files\Hotspot Shield\bin\openvpnas.exe -- (HotspotShieldService)
SRV - File not found [Auto | Stopped] -- C:\PROGRA~1\EACCEL~1\FRAMEW~1\eac_notifysvc.dll -- (eac_notifysvc)
SRV - [2010/08/23 04:53:17 | 000,058,024 | ---- | M] (F-Secure Corporation) [On_Demand | Running] -- C:\Program Files\Shaw Secure\ORSP Client\fsorsp.exe -- (FSORSPClient)
SRV - [2010/08/21 00:57:51 | 002,854,488 | ---- | M] () [Auto | Running] -- c:\Program Files\Common Files\Akamai\rswin_3745.dll -- (Akamai)
SRV - [2010/08/18 18:11:46 | 000,522,848 | ---- | M] (F-Secure Corporation) [On_Demand | Running] -- C:\Program Files\Shaw Secure\FWES\Program\fsdfwd.exe -- (FSDFWD)
SRV - [2010/05/24 22:21:00 | 000,013,160 | ---- | M] (Citrix Online, a division of Citrix Systems, Inc.) [On_Demand | Stopped] -- C:\Program Files\Citrix\GoToAssist\607\g2aservice.exe -- (GoToAssist)
SRV - [2010/03/19 10:49:20 | 000,144,672 | ---- | M] (Apple Inc.) [Auto | Running] -- C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe -- (Apple Mobile Device)
SRV - [2009/09/08 15:56:22 | 000,112,936 | ---- | M] (Wacom Technology, Corp.) [Auto | Running] -- C:\Program Files\WTouch\WTouchService.exe -- (WTouchService)
SRV - [2009/09/08 15:56:20 | 004,410,152 | ---- | M] (Wacom Technology, Corp.) [Auto | Running] -- C:\WINDOWS\system32\Pen_Tablet.exe -- (TabletServicePen)
SRV - [2009/08/05 23:48:42 | 000,704,864 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Windows Live\Family Safety\fsssvc.exe -- (fsssvc)
SRV - [2009/08/05 08:58:52 | 000,186,976 | ---- | M] (F-Secure Corporation) [Auto | Running] -- C:\Program Files\Shaw Secure\Common\FSMA32.EXE -- (FSMA)
SRV - [2009/08/05 08:56:10 | 000,215,648 | ---- | M] (F-Secure Corporation) [Auto | Running] -- C:\Program Files\Shaw Secure\Anti-Virus\fsgk32st.exe -- (F-Secure Gatekeeper Handler Starter)
SRV - [2009/06/21 15:47:15 | 000,655,624 | ---- | M] (Acresso Software Inc.) [On_Demand | Stopped] -- C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe -- (FLEXnet Licensing Service)
SRV - [2009/05/19 12:36:18 | 000,240,512 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe -- (SeaPort)
SRV - [2008/05/02 03:42:06 | 000,121,360 | ---- | M] (Logitech, Inc.) [On_Demand | Stopped] -- C:\Program Files\Common Files\Logitech\Bluetooth\LBTServ.exe -- (LBTServ)
SRV - [2007/09/07 11:40:04 | 001,373,480 | ---- | M] (Wacom Technology, Corp.) [Auto | Running] -- C:\WINDOWS\system32\Wacom_Tablet.exe -- (TabletServiceWacom)
SRV - [2007/06/05 14:20:32 | 000,177,704 | ---- | M] () [Auto | Running] -- C:\WINDOWS\system32\PSIService.exe -- (ProtexisLicensing)
SRV - [2007/01/31 14:55:42 | 000,096,370 | ---- | M] (Canon Inc.) [Auto | Running] -- C:\Program Files\Canon\CAL\CALMAIN.exe -- (CCALib8)

========== Driver Services (SafeList) ==========

DRV - File not found [Kernel | On_Demand | Stopped] -- C:\WINDOWS\System32\XDva224.sys -- (XDva224)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\WINDOWS\System32\Drivers\RimUsb.sys -- (RimUsb)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\DOCUME~1\Barry\LOCALS~1\Temp\cpuz132\cpuz132_x32.sys -- (cpuz132)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\ComboFix\catchme.sys -- (catchme)
DRV - [2010/08/18 17:58:10 | 000,041,256 | ---- | M] () [Kernel | Boot | Running] -- C:\WINDOWS\system32\Drivers\fsbts.sys -- (fsbts)
DRV - [2010/08/18 17:57:11 | 000,124,072 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Program Files\Shaw Secure\Anti-Virus\minifilter\fsgk.sys -- (F-Secure Gatekeeper)
DRV - [2010/05/10 11:41:30 | 000,067,656 | ---- | M] (SUPERAdBlocker.com and SUPERAntiSpyware.com) [Kernel | System | Running] -- C:\Program Files\SUPERAntiSpyware\SASKUTIL.SYS -- (SASKUTIL)
DRV - [2010/02/17 11:25:48 | 000,012,872 | ---- | M] (SUPERAdBlocker.com and SUPERAntiSpyware.com) [Kernel | System | Running] -- C:\Program Files\SUPERAntiSpyware\sasdifsv.sys -- (SASDIFSV)
DRV - [2009/08/05 23:48:42 | 000,054,752 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\fssfltr_tdi.sys -- (fssfltr)
DRV - [2009/08/05 08:58:30 | 000,068,064 | ---- | M] (F-Secure Corporation) [Kernel | System | Running] -- C:\Program Files\Shaw Secure\HIPS\drivers\fshs.sys -- (F-Secure HIPS)
DRV - [2009/08/05 08:57:20 | 000,080,000 | ---- | M] (F-Secure Corporation) [Kernel | Boot | Running] -- C:\WINDOWS\System32\drivers\fsdfw.sys -- (FSFW)
DRV - [2009/08/05 08:56:14 | 000,039,776 | ---- | M] () [Kernel | Disabled | Stopped] -- C:\Program Files\Shaw Secure\Anti-Virus\win2k\fsfilter.sys -- (F-Secure Filter)
DRV - [2009/08/05 08:56:14 | 000,025,184 | ---- | M] () [Kernel | Disabled | Stopped] -- C:\Program Files\Shaw Secure\Anti-Virus\win2k\fsrec.sys -- (F-Secure Recognizer)
DRV - [2009/05/20 13:54:06 | 000,013,736 | ---- | M] (Wacom Technology) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\wacomvhid.sys -- (wacomvhid)
DRV - [2009/03/09 05:03:24 | 000,121,984 | ---- | M] (Realtek Semiconductor Corporation ) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\Rtnicxp.sys -- (RTL8023xp)
DRV - [2008/11/30 11:49:46 | 000,138,624 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\PnkBstrK.sys -- (PnkBstrK)
DRV - [2008/10/06 10:53:24 | 000,015,656 | ---- | M] (Wacom Technology) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\wacmoumonitor.sys -- (wacmoumonitor)
DRV - [2008/09/24 11:40:22 | 004,122,368 | R--- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\alcxwdm.sys -- (ALCXWDM) Service for Realtek AC97 Audio (WDM)
DRV - [2008/08/14 07:57:42 | 000,074,720 | ---- | M] (Adobe Systems, Inc.) [Kernel | Auto | Running] -- C:\WINDOWS\System32\drivers\adfs.sys -- (adfs)
DRV - [2008/04/13 11:45:29 | 000,010,624 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\gameenum.sys -- (gameenum)
DRV - [2008/02/29 04:13:24 | 000,036,880 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\LMouFilt.Sys -- (LMouFilt)
DRV - [2008/02/29 04:13:16 | 000,035,344 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\LHidFilt.Sys -- (LHidFilt)
DRV - [2008/02/29 04:12:48 | 000,020,240 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\L8042Kbd.sys -- (L8042Kbd)
DRV - [2008/01/23 14:25:32 | 000,027,136 | ---- | M] (The OpenVPN Project) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\tapvpn.sys -- (tapvpn)
DRV - [2007/02/16 10:12:36 | 000,011,312 | ---- | M] (Wacom Technology) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\wacommousefilter.sys -- (wacommousefilter)
DRV - [2007/02/15 15:11:28 | 000,011,440 | ---- | M] (Wacom Technology) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\WacomVKHid.sys -- (WacomVKHid)
DRV - [2006/10/31 15:35:00 | 003,964,256 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\nv4_mini.sys -- (nv)
DRV - [2005/09/29 08:34:58 | 000,056,960 | ---- | M] (OrangeWare Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ousb2hub.sys -- (ousb2hub)
DRV - [2005/09/29 08:34:50 | 000,045,824 | ---- | M] (OrangeWare Corporation) [Kernel | Auto | Stopped] -- C:\WINDOWS\system32\drivers\ousbehci.sys -- (ousbehci)
DRV - [2004/08/03 15:31:34 | 000,020,992 | ---- | M] (Realtek Semiconductor Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\RTL8139.sys -- (rtl8139) Realtek RTL8139(A/B/C)
DRV - [2003/07/18 09:58:20 | 000,036,992 | R--- | M] (Silicon Integrated Systems Corporation) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\SISAGPX.sys -- (sisagp)
DRV - [2003/03/25 17:50:46 | 000,004,096 | R--- | M] (Silicon Integrated Systems Corp.) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\siside.sys -- (SiSide)
DRV - [2002/10/17 15:14:46 | 000,049,024 | R--- | M] (Windows (R) 2000 DDK provider) [File_System | Boot | Running] -- C:\WINDOWS\system32\drivers\sisidex.sys -- (sisidex)
DRV - [2002/08/20 17:19:08 | 000,009,472 | R--- | M] (Silicon Integrated Systems Corp.) [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\sisperf.sys -- (sisperf)
DRV - [2001/08/17 07:00:04 | 000,002,944 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\msmpu401.sys -- (ms_mpu401)

========== Standard Registry (SafeList) ==========

========== Internet Explorer ==========

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.formula1.com/
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = en-us
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = E6 D9 97 F4 D2 5F CA 01 [binary data]
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = <local>

FF - HKLM\software\mozilla\Firefox\extensions\\smartwebprinting@hp.com: C:\Program Files\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2010/01/28 11:16:51 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Firefox\extensions\\litmus-ff@f-secure.com: C:\Program Files\Shaw Secure\NRS\litmus-ff@f-secure.com [2010/08/22 22:23:40 | 000,000,000 | ---D | M]

[2010/06/09 22:07:38 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Barry\Application Data\Mozilla\Extensions

O1 HOSTS File: ([2010/08/28 21:35:28 | 000,000,027 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (SnagIt Toolbar Loader) - {00C6482D-C502-44C8-8409-FCE54AD9C208} - C:\Program Files\TechSmith\Snagit 9\SnagitBHO.dll (TechSmith Corporation)
O2 - BHO: (HP Print Enhancer) - {0347C33E-8762-4905-BF09-768834316C61} - C:\Program Files\HP\Digital Imaging\smart web printing\hpswp_printenhancer.dll (Hewlett-Packard Co.)
O2 - BHO: (no name) - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - No CLSID value found.
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - No CLSID value found.
O2 - BHO: (Search Helper) - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll (Microsoft Corporation)
O2 - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.3.4501.1418\swg.dll (Google Inc.)
O2 - BHO: (Browsing Protection Class) - {C6867EB7-8350-4856-877F-93CF8AE3DC9C} - C:\Program Files\Shaw Secure\NRS\iescript\baselitmus.dll (F-Secure Corporation)
O2 - BHO: (Windows Live Toolbar Helper) - {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} - C:\Program Files\Windows Live\Toolbar\wltcore.dll (Microsoft Corporation)
O2 - BHO: (HP Smart BHO Class) - {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} - C:\Program Files\HP\Digital Imaging\smart web printing\hpswp_BHO.dll (Hewlett-Packard Co.)
O3 - HKLM\..\Toolbar: (&Windows Live Toolbar) - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Program Files\Windows Live\Toolbar\wltcore.dll (Microsoft Corporation)
O3 - HKLM\..\Toolbar: (Browsing Protection Toolbar) - {265EEE8E-3228-44D3-AEA5-F7FDF5860049} - C:\Program Files\Shaw Secure\NRS\iescript\baselitmus.dll (F-Secure Corporation)
O3 - HKLM\..\Toolbar: (Snagit) - {8FF5E183-ABDE-46EB-B09E-D2AAB95CABE3} - C:\Program Files\TechSmith\Snagit 9\SnagitIEAddin.dll (TechSmith Corporation)
O3 - HKCU\..\Toolbar\WebBrowser: (&Windows Live Toolbar) - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Program Files\Windows Live\Toolbar\wltcore.dll (Microsoft Corporation)
O4 - HKLM..\Run: [AdobeCS4ServiceManager] C:\Program Files\Common Files\Adobe\CS4ServiceManager\CS4ServiceManager.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [DivXUpdate] C:\Program Files\DivX\DivX Update\DivXUpdate.exe ()
O4 - HKLM..\Run: [F-Secure Manager] C:\Program Files\Shaw Secure\Common\FSM32.EXE (F-Secure Corporation)
O4 - HKLM..\Run: [F-Secure TNB] C:\Program Files\Shaw Secure\FSGUI\TNBUtil.exe (F-Secure Corporation)
O4 - HKLM..\Run: [HitmanPro35] C:\Program Files\Hitman Pro 3.5\HitmanPro35.exe (SurfRight B.V.)
O4 - HKLM..\Run: [Kernel and Hardware Abstraction Layer] C:\WINDOWS\KHALMNPR.Exe (Logitech, Inc.)
O4 - HKLM..\Run: [NeroFilterCheck] C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe (Nero AG)
O4 - HKLM..\Run: [NvCplDaemon] C:\WINDOWS\System32\NvCpl.DLL (NVIDIA Corporation)
O4 - HKLM..\Run: [NvMediaCenter] C:\WINDOWS\System32\nvmctray.dll (NVIDIA Corporation)
O4 - HKLM..\Run: [nwiz] C:\WINDOWS\System32\nwiz.exe ()
O4 - HKLM..\Run: [SoundMan] C:\WINDOWS\soundman.exe (Realtek Semiconductor Corp.)
O4 - HKCU..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] C:\Program Files\Common Files\Ahead\lib\NMBgMonitor.exe (Nero AG)
O4 - HKCU..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe (Google Inc.)
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Logitech Desktop Messenger.lnk = C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe File not found
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Logitech SetPoint.lnk = C:\Program Files\Logitech\SetPoint\SetPoint.exe (Logitech, Inc.)
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Shaw Support.lnk = C:\Program Files\shaw\bin\shawsupport.exe (Shaw Communications)
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O8 - Extra context menu item: &ieSpell Options - C:\Program Files\ieSpell\iespell.dll (Red Egg Software)
O8 - Extra context menu item: Check &Spelling - C:\Program Files\ieSpell\iespell.dll (Red Egg Software)
O8 - Extra context menu item: E&xport to Microsoft Excel - C:\Program Files\Microsoft Office\Office10\EXCEL.EXE (Microsoft Corporation)
O8 - Extra context menu item: Lookup on Merriam Webster - C:\Program Files\ieSpell\Merriam Webster.HTM ()
O8 - Extra context menu item: Lookup on Wikipedia - C:\Program Files\ieSpell\wikipedia.HTM ()
O9 - Extra Button: ieSpell - {0E17D5B7-9F5D-4fee-9DF6-CA6EE38B68A8} - C:\Program Files\ieSpell\iespell.dll (Red Egg Software)
O9 - Extra 'Tools' menuitem : ieSpell - {0E17D5B7-9F5D-4fee-9DF6-CA6EE38B68A8} - C:\Program Files\ieSpell\iespell.dll (Red Egg Software)
O9 - Extra 'Tools' menuitem : ieSpell Options - {1606D6F9-9D3B-4aea-A025-ED5B2FD488E7} - C:\Program Files\ieSpell\iespell.dll (Red Egg Software)
O9 - Extra Button: Blog This - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : &Blog This in Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll (Microsoft Corporation)
O9 - Extra Button: Show or hide HP Smart Web Printing - {DDE87865-83C5-48c4-8357-2F5B1AA84522} - C:\Program Files\HP\Digital Imaging\smart web printing\hpswp_BHO.dll (Hewlett-Packard Co.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O10 - Protocol_Catalog9\Catalog_Entries\000000000001 - C:\Program Files\Shaw Secure\FSPS\program\FSLSP.DLL (F-Secure Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000002 - C:\Program Files\Shaw Secure\FSPS\program\FSLSP.DLL (F-Secure Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000003 - C:\Program Files\Shaw Secure\FSPS\program\FSLSP.DLL (F-Secure Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000017 - C:\Program Files\Shaw Secure\FSPS\program\FSLSP.DLL (F-Secure Corporation)
O16 - DPF: {0EC4C9E3-EC6A-11CF-8E3B-444553540000} file:///D:/setup/RiffLick.cab (WaveTab Control)
O16 - DPF: {166B1BCA-3F9C-11CF-8075-444553540000} http://download.macromedia.com/pub/shockwave/cabs/director/sw.cab (Shockwave ActiveX Control)
O16 - DPF: {1E54D648-B804-468d-BC78-4AFFED8E262E} http://www.nvidia.com/content/DriverDownload/srl/3.0.0.0/srl_bin/sysreqlab3.cab (System Requirements Lab Class)
O16 - DPF: {215B8138-A3CF-44C5-803F-8226143CFC0A} http://housecall65.trendmicro.com/housecall/applet/html/native/x86/win32/activex/hcImpl.cab (Trend Micro ActiveX Scan Agent 6.6)
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} http://update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1222477489593 (WUWebControl Class)
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} http://update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1222982035703 (MUWebControl Class)
O16 - DPF: {6EBC6744-5383-4213-AD5E-66434ECA1812} http://download.sp.f-secure.com/ols/shaw/fs/resources/fslauncher.cab (F-Secure Online Scanner Launcher)
O16 - DPF: {6F15128C-E66A-490C-B848-5000B5ABEEAC} https://h20436.www2.hp.com/ediags/dex/secure/HPDEXAXO.cab (HP Download Manager)
O16 - DPF: {74DBCB52-F298-4110-951D-AD2FF67BC8AB} http://www.nvidia.com/content/DriverDownload/nforce/NvidiaSmartScan.cab (NVIDIA Smart Scan)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_21-windows-i586.cab (Java Plug-in 1.6.0_21)
O16 - DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} http://fpdownload.macromedia.com/get/flashplayer/current/ultrashim.cab (Reg Error: Key error.)
O16 - DPF: {A9F8D9EC-3D0A-4A60-BD82-FBD64BAD370D} http://h20264.www2.hp.com/ediags/dd/install/HPDriverDiagnosticsxp2k.cab (DDRevision Class)
O16 - DPF: {B9F79165-A264-4C4A-A211-133A5E8D647F} http://www.shawsecure.ca/pchealthcheck/fscax.cab (F-Secure Health Check 1.1)
O16 - DPF: {BDBDE413-7B1C-4C68-A8FF-C5B2B4090876} http://shawsecure.ca//virusscanner/fscax.cab (F-Secure Online Scanner 3.3)
O16 - DPF: {CAFEEFAC-0015-0000-0001-ABCDEFFEDCBA} http://java.sun.com/update/1.5.0/jinstall-1_5_0_01-windows-i586.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0015-0000-0017-ABCDEFFEDCBA} http://java.sun.com/update/1.5.0/jinstall-1_5_0_17-windows-i586.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_07-windows-i586.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_21-windows-i586.cab (Java Plug-in 1.6.0_21)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_21-windows-i586.cab (Java Plug-in 1.6.0_21)
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab (Reg Error: Key error.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.0.1
O18 - Protocol\Handler\linkscanner {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - Reg Error: Key error. File not found
O18 - Protocol\Handler\wlmailhtml {03C514A3-1EFB-4856-9F99-10D7BE1653C0} - C:\Program Files\Windows Live\Mail\mailcomm.dll (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - Winlogon\Notify\!SASWinLogon: DllName - C:\Program Files\SUPERAntiSpyware\SASWINLO.DLL - C:\Program Files\SUPERAntiSpyware\SASWINLO.DLL (SUPERAntiSpyware.com)
O20 - Winlogon\Notify\GoToAssist: DllName - C:\Program Files\Citrix\GoToAssist\607\G2AWinLogon.dll - C:\Program Files\Citrix\GoToAssist\607\g2awinlogon.dll (Citrix Online, a division of Citrix Systems, Inc.)
O20 - Winlogon\Notify\LBTWlgn: DllName - c:\program files\common files\logitech\bluetooth\LBTWlgn.dll - c:\Program Files\Common Files\Logitech\Bluetooth\LBTWLgn.dll (Logitech, Inc.)
O24 - Desktop WallPaper: C:\Documents and Settings\Barry\Application Data\Microsoft\Internet Explorer\Internet Explorer Wallpaper.bmp
O24 - Desktop BackupWallPaper: C:\Documents and Settings\Barry\Application Data\Microsoft\Internet Explorer\Internet Explorer Wallpaper.bmp
O28 - HKLM ShellExecuteHooks: {56F9679E-7826-4C84-81F3-532071A8BCC5} - C:\Program Files\Windows Desktop Search\MsnlNamespaceMgr.dll (Microsoft Corporation)
O28 - HKLM ShellExecuteHooks: {5AE067D3-9AFB-48E0-853A-EBB7F4A000DA} - C:\Program Files\SUPERAntiSpyware\SASSEH.DLL (SuperAdBlocker.com)
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2008/09/26 15:51:19 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = ComFile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

NetSvcs: 6to4 - File not found
NetSvcs: Ias - File not found
NetSvcs: Iprip - File not found
NetSvcs: Irmon - File not found
NetSvcs: NWCWorkstation - File not found
NetSvcs: Nwsapagent - File not found
NetSvcs: WmdmPmSp - File not found

Drivers32: midi - C:\WINDOWS\System32\wdmaud.drv (Microsoft Corporation)
Drivers32: midi1 - C:\WINDOWS\System32\wdmaud.drv (Microsoft Corporation)
Drivers32: midi2 - C:\WINDOWS\System32\wdmaud.drv (Microsoft Corporation)
Drivers32: midimapper - C:\WINDOWS\System32\midimap.dll (Microsoft Corporation)
Drivers32: mixer - C:\WINDOWS\System32\wdmaud.drv (Microsoft Corporation)
Drivers32: mixer1 - C:\WINDOWS\System32\wdmaud.drv (Microsoft Corporation)
Drivers32: msacm.iac2 - C:\WINDOWS\system32\iac25_32.ax (Intel Corporation)
Drivers32: msacm.imaadpcm - C:\WINDOWS\System32\imaadp32.acm (Microsoft Corporation)
Drivers32: msacm.l3acm - C:\WINDOWS\system32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: msacm.msadpcm - C:\WINDOWS\System32\msadp32.acm (Microsoft Corporation)
Drivers32: msacm.msaudio1 - C:\WINDOWS\System32\msaud32.acm (Microsoft Corporation)
Drivers32: msacm.msg711 - C:\WINDOWS\System32\msg711.acm (Microsoft Corporation)
Drivers32: msacm.msg723 - C:\WINDOWS\System32\msg723.acm (Microsoft Corporation)
Drivers32: msacm.msgsm610 - C:\WINDOWS\System32\msgsm32.acm (Microsoft Corporation)
Drivers32: msacm.siren - C:\WINDOWS\System32\sirenacm.dll (Microsoft Corporation)
Drivers32: msacm.sl_anet - C:\WINDOWS\System32\sl_anet.acm (Sipro Lab Telecom Inc.)
Drivers32: msacm.trspch - C:\WINDOWS\System32\tssoft32.acm (DSP GROUP, INC.)
Drivers32: msacm.vorbis - C:\WINDOWS\System32\vorbis.acm (HMS http://hp.vector.co.jp/authors/VA012897/)
Drivers32: vidc.cvid - C:\WINDOWS\System32\iccvid.dll (Radius Inc.)
Drivers32: vidc.DIVX - C:\WINDOWS\System32\DivX.dll (DivX, Inc.)
Drivers32: vidc.I420 - C:\WINDOWS\System32\msh263.drv (Microsoft Corporation)
Drivers32: vidc.iv31 - C:\WINDOWS\System32\ir32_32.dll ()
Drivers32: vidc.iv32 - C:\WINDOWS\System32\ir32_32.dll ()
Drivers32: vidc.iv41 - C:\WINDOWS\System32\ir41_32.ax (Intel Corporation)
Drivers32: vidc.iv50 - C:\WINDOWS\System32\ir50_32.dll (Intel Corporation)
Drivers32: vidc.iyuv - C:\WINDOWS\System32\iyuv_32.dll (Microsoft Corporation)
Drivers32: vidc.M261 - C:\WINDOWS\System32\msh261.drv (Microsoft Corporation)
Drivers32: vidc.M263 - C:\WINDOWS\System32\msh263.drv (Microsoft Corporation)
Drivers32: VIDC.MP42 - C:\WINDOWS\System32\MPG4C32.DLL (Microsoft Corporation)
Drivers32: VIDC.MPG4 - C:\WINDOWS\System32\MPG4C32.DLL (Microsoft Corporation)
Drivers32: vidc.mrle - C:\WINDOWS\System32\msrle32.dll (Microsoft Corporation)
Drivers32: vidc.msvc - C:\WINDOWS\System32\msvidc32.dll (Microsoft Corporation)
Drivers32: vidc.uyvy - C:\WINDOWS\System32\msyuv.dll (Microsoft Corporation)
Drivers32: vidc.yuy2 - C:\WINDOWS\System32\msyuv.dll (Microsoft Corporation)
Drivers32: vidc.yv12 - C:\WINDOWS\System32\DivX.dll (DivX, Inc.)
Drivers32: vidc.yvu9 - C:\WINDOWS\System32\tsbyuv.dll (Microsoft Corporation)
Drivers32: vidc.yvyu - C:\WINDOWS\System32\msyuv.dll (Microsoft Corporation)
Drivers32: wave - C:\WINDOWS\System32\wdmaud.drv (Microsoft Corporation)
Drivers32: wave1 - C:\WINDOWS\System32\wdmaud.drv (Microsoft Corporation)
Drivers32: wavemapper - C:\WINDOWS\System32\msacm32.drv (Microsoft Corporation)

CREATERESTOREPOINT
Restore point Set: OTL Restore Point (17746478449557504)

========== Files/Folders - Created Within 90 Days ==========

[2010/08/28 22:29:44 | 000,000,000 | -HSD | C] -- C:\RECYCLER
[2010/08/28 22:23:25 | 000,574,976 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\Barry\Desktop\OTL.exe
[2010/08/28 19:25:36 | 000,000,000 | RHSD | C] -- C:\cmdcons
[2010/08/28 19:19:39 | 000,212,480 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWXCACLS.exe
[2010/08/28 19:19:39 | 000,161,792 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWREG.exe
[2010/08/28 19:19:39 | 000,136,704 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWSC.exe
[2010/08/28 19:19:39 | 000,031,232 | ---- | C] (NirSoft) -- C:\WINDOWS\NIRCMD.exe
[2010/08/28 19:19:12 | 000,000,000 | ---D | C] -- C:\WINDOWS\ERDNT
[2010/08/28 19:18:07 | 000,000,000 | ---D | C] -- C:\Qoobox
[2010/08/28 13:06:43 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Barry\Desktop\Log files for BBS
[2010/08/28 10:13:06 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Barry\Application Data\SUPERAntiSpyware.com
[2010/08/28 10:13:06 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\SUPERAntiSpyware.com
[2010/08/28 10:12:49 | 000,000,000 | ---D | C] -- C:\Program Files\SUPERAntiSpyware
[2010/08/28 09:13:03 | 000,000,000 | ---D | C] -- C:\Program Files\QuickTime
[2010/08/28 08:56:15 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Sun
[2010/08/26 18:07:47 | 000,000,000 | RH-D | C] -- C:\Documents and Settings\Barry\Recent
[2010/08/25 22:47:22 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\CatRoot2
[2010/08/25 15:52:06 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Barry\Application Data\ieSpell
[2010/08/25 15:39:42 | 000,000,000 | ---D | C] -- C:\Program Files\ieSpell
[2010/08/21 11:34:56 | 000,000,000 | ---D | C] -- C:\Program Files\SIW
[2010/08/20 19:57:44 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\WinFast
[2010/08/20 03:30:01 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Barry\Application Data\F-Secure
[2010/08/18 17:47:18 | 000,080,000 | ---- | C] (F-Secure Corporation) -- C:\WINDOWS\System32\drivers\fsdfw.sys
[2010/08/18 17:46:31 | 000,000,000 | ---D | C] -- C:\Program Files\Shaw Secure
[2010/08/18 16:38:17 | 000,012,872 | ---- | C] (SurfRight B.V.) -- C:\WINDOWS\System32\bootdelete.exe
[2010/08/18 16:30:22 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Hitman Pro
[2010/08/18 16:30:21 | 000,000,000 | ---D | C] -- C:\Program Files\Hitman Pro 3.5
[2010/07/31 16:21:58 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Barry\Local Settings\Application Data\ManyCam
[2010/07/31 16:20:35 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Barry\Application Data\ManyCam
[2010/07/15 22:07:35 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\QuickMediaConverter
[2010/07/15 22:06:28 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Barry\Application Data\CocoonSoftware
[2010/07/15 22:05:56 | 000,000,000 | ---D | C] -- C:\Program Files\QuickMediaConverter
[2010/07/15 22:05:44 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Barry\Local Settings\Application Data\WDSetup
[2010/07/11 14:53:35 | 000,094,208 | ---- | C] (Blizzard Entertainment) -- C:\WINDOWS\DIIUnin.exe
[2010/07/11 14:38:22 | 000,000,000 | ---D | C] -- C:\Program Files\Diablo II
[2010/07/11 14:23:40 | 000,000,000 | ---D | C] -- C:\Program Files\Diablo
[2010/06/11 21:19:38 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Barry\Desktop\Brenda
[2010/06/09 22:07:38 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Barry\Application Data\Mozilla
[1 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]

cont......

Bdog · 2010/08/29

part two of OTL log.....
========== Files - Modified Within 90 Days ==========

[2010/08/28 22:23:28 | 000,574,976 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Barry\Desktop\OTL.exe
[2010/08/28 22:01:01 | 000,000,886 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
[2010/08/28 21:58:48 | 000,016,968 | ---- | M] () -- C:\WINDOWS\System32\drivers\hitmanpro35.sys
[2010/08/28 21:55:43 | 000,013,646 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2010/08/28 21:53:55 | 000,081,506 | ---- | M] () -- C:\WINDOWS\System32\nvapps.xml
[2010/08/28 21:53:53 | 000,000,868 | ---- | M] () -- C:\WINDOWS\tasks\Google Software Updater.job
[2010/08/28 21:53:37 | 000,000,882 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore1cb0c5785bcd828.job
[2010/08/28 21:53:33 | 000,000,006 | -H-- | M] () -- C:\WINDOWS\tasks\SA.DAT
[2010/08/28 21:53:30 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2010/08/28 21:52:10 | 008,650,752 | ---- | M] () -- C:\Documents and Settings\Barry\ntuser.dat
[2010/08/28 21:52:04 | 000,000,278 | -HS- | M] () -- C:\Documents and Settings\Barry\ntuser.ini
[2010/08/28 21:35:41 | 000,000,227 | ---- | M] () -- C:\WINDOWS\system.ini
[2010/08/28 21:35:28 | 000,000,027 | ---- | M] () -- C:\WINDOWS\System32\drivers\etc\hosts
[2010/08/28 21:18:54 | 003,830,806 | R--- | M] () -- C:\Documents and Settings\Barry\Desktop\ComboFix.exe
[2010/08/28 19:25:46 | 000,000,281 | RHS- | M] () -- C:\boot.ini
[2010/08/28 15:50:33 | 000,133,632 | ---- | M] () -- C:\Documents and Settings\Barry\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2010/08/28 10:12:55 | 000,001,678 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\SUPERAntiSpyware Free Edition.lnk
[2010/08/28 10:05:44 | 000,001,469 | ---- | M] () -- C:\Documents and Settings\Barry\Desktop\DivX Movies.lnk
[2010/08/28 10:04:42 | 000,000,777 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\DivX Plus Player.lnk
[2010/08/28 03:30:44 | 000,000,508 | ---- | M] () -- C:\WINDOWS\tasks\Scheduled scanning task.job
[2010/08/27 12:38:46 | 000,002,137 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\iTunes.lnk
[2010/08/26 14:39:04 | 000,000,284 | ---- | M] () -- C:\WINDOWS\tasks\AppleSoftwareUpdate.job
[2010/08/25 20:25:22 | 000,000,116 | ---- | M] () -- C:\WINDOWS\NeroDigital.ini
[2010/08/25 12:13:08 | 000,001,956 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\BlackBerry Desktop Software.lnk
[2010/08/22 23:46:00 | 002,641,964 | -H-- | M] () -- C:\Documents and Settings\Barry\Local Settings\Application Data\IconCache.db
[2010/08/22 22:08:01 | 000,001,374 | ---- | M] () -- C:\WINDOWS\imsins.BAK
[2010/08/22 22:02:09 | 000,250,048 | ---- | M] () -- C:\ntldr
[2010/08/22 21:34:08 | 000,002,198 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Driver Detective.lnk
[2010/08/19 13:48:06 | 000,000,789 | ---- | M] () -- C:\WINDOWS\win.ini
[2010/08/18 17:58:10 | 000,041,256 | ---- | M] () -- C:\WINDOWS\System32\drivers\fsbts.sys
[2010/08/18 17:48:24 | 000,001,877 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Shaw Secure.lnk
[2010/08/18 17:47:20 | 000,590,438 | ---- | M] () -- C:\WINDOWS\System32\PerfStringBackup.INI
[2010/08/18 17:47:20 | 000,489,712 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
[2010/08/18 17:47:20 | 000,090,368 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
[2010/08/18 17:37:51 | 000,000,211 | ---- | M] () -- C:\Boot.bak
[2010/08/18 17:20:21 | 000,000,664 | ---- | M] () -- C:\WINDOWS\System32\d3d9caps.dat
[2010/08/18 16:38:17 | 000,012,872 | ---- | M] (SurfRight B.V.) -- C:\WINDOWS\System32\bootdelete.exe
[2010/08/11 06:21:42 | 000,000,817 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\DivX Plus Converter.lnk
[2010/08/11 03:31:15 | 002,158,488 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2010/07/31 16:04:54 | 000,000,010 | ---- | M] () -- C:\WINDOWS\wininit.ini
[2010/07/11 15:03:47 | 000,035,665 | ---- | M] () -- C:\WINDOWS\DIIUnin.dat
[2010/07/11 15:02:21 | 000,021,840 | ---- | M] () -- C:\WINDOWS\System32\SIntfNT.dll
[2010/07/11 15:02:21 | 000,017,212 | ---- | M] () -- C:\WINDOWS\System32\SIntf32.dll
[2010/07/11 15:02:21 | 000,012,067 | ---- | M] () -- C:\WINDOWS\System32\SIntf16.dll
[2010/07/11 15:00:40 | 000,001,564 | ---- | M] () -- C:\Documents and Settings\Barry\Desktop\Diablo II - Lord of Destruction.lnk
[2010/07/11 14:53:41 | 000,001,564 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Diablo II.lnk
[2010/07/11 14:53:36 | 000,002,829 | ---- | M] () -- C:\WINDOWS\DIIUnin.pif
[2010/07/11 14:53:35 | 000,094,208 | ---- | M] (Blizzard Entertainment) -- C:\WINDOWS\DIIUnin.exe
[1 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]

========== Files Created - No Company Name ==========

[2010/08/28 19:25:46 | 000,000,211 | ---- | C] () -- C:\Boot.bak
[2010/08/28 19:25:43 | 000,260,272 | ---- | C] () -- C:\cmldr
[2010/08/28 19:19:39 | 000,256,512 | ---- | C] () -- C:\WINDOWS\PEV.exe
[2010/08/28 19:19:39 | 000,098,816 | ---- | C] () -- C:\WINDOWS\sed.exe
[2010/08/28 19:19:39 | 000,080,412 | ---- | C] () -- C:\WINDOWS\grep.exe
[2010/08/28 19:19:39 | 000,077,312 | ---- | C] () -- C:\WINDOWS\MBR.exe
[2010/08/28 19:19:39 | 000,068,096 | ---- | C] () -- C:\WINDOWS\zip.exe
[2010/08/28 18:53:00 | 003,830,806 | R--- | C] () -- C:\Documents and Settings\Barry\Desktop\ComboFix.exe
[2010/08/28 10:12:55 | 000,001,678 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\SUPERAntiSpyware Free Edition.lnk
[2010/08/28 10:04:42 | 000,000,777 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\DivX Plus Player.lnk
[2010/08/25 12:13:26 | 000,000,759 | ---- | C] () -- C:\Documents and Settings\Barry\Application Data\Rim.Desktop.HttpServerSetup.log
[2010/08/25 12:13:08 | 000,001,956 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\BlackBerry Desktop Software.lnk
[2010/08/22 21:34:08 | 000,002,198 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Driver Detective.lnk
[2010/08/18 17:48:24 | 000,001,877 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Shaw Secure.lnk
[2010/08/18 16:30:54 | 000,016,968 | ---- | C] () -- C:\WINDOWS\System32\drivers\hitmanpro35.sys
[2010/07/31 16:04:54 | 000,000,010 | ---- | C] () -- C:\WINDOWS\wininit.ini
[2010/07/11 15:00:40 | 000,001,564 | ---- | C] () -- C:\Documents and Settings\Barry\Desktop\Diablo II - Lord of Destruction.lnk
[2010/07/11 14:53:41 | 000,035,665 | ---- | C] () -- C:\WINDOWS\DIIUnin.dat
[2010/07/11 14:53:41 | 000,001,564 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Diablo II.lnk
[2010/07/11 14:53:36 | 000,002,829 | ---- | C] () -- C:\WINDOWS\DIIUnin.pif
[2010/06/14 23:53:55 | 000,000,882 | ---- | C] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore1cb0c5785bcd828.job
[2009/09/27 04:31:39 | 000,072,192 | ---- | C] () -- C:\WINDOWS\System32\zlib.dll
[2009/08/31 14:00:22 | 000,021,504 | ---- | C] () -- C:\WINDOWS\System32\WBCustomizer.dll
[2009/08/31 14:00:21 | 000,185,344 | ---- | C] () -- C:\WINDOWS\System32\MemWarp.dll
[2009/08/05 19:00:24 | 000,021,840 | ---- | C] () -- C:\WINDOWS\System32\SIntfNT.dll
[2009/08/05 19:00:23 | 000,017,212 | ---- | C] () -- C:\WINDOWS\System32\SIntf32.dll
[2009/08/05 19:00:23 | 000,012,067 | ---- | C] () -- C:\WINDOWS\System32\SIntf16.dll
[2009/06/12 03:04:19 | 000,000,118 | ---- | C] () -- C:\WINDOWS\System32\MRT.INI
[2009/05/10 18:40:37 | 000,040,960 | ---- | C] () -- C:\WINDOWS\System32\IPPCPUID.DLL
[2009/04/19 13:51:44 | 000,001,417 | ---- | C] () -- C:\WINDOWS\mgutil_reg.ini
[2009/04/19 13:50:42 | 000,000,030 | ---- | C] () -- C:\WINDOWS\mgutil_win.ini
[2008/12/10 10:40:54 | 000,000,151 | ---- | C] () -- C:\WINDOWS\PhotoSnapViewer.INI
[2008/11/17 21:05:14 | 000,041,256 | ---- | C] () -- C:\WINDOWS\System32\drivers\fsbts.sys
[2008/10/30 14:58:08 | 000,000,116 | ---- | C] () -- C:\WINDOWS\NeroDigital.ini
[2008/10/28 18:22:23 | 000,000,754 | ---- | C] () -- C:\WINDOWS\WORDPAD.INI
[2008/10/12 15:33:36 | 000,000,026 | ---- | C] () -- C:\WINDOWS\WAR2R.INI
[2008/10/10 17:28:16 | 000,147,456 | ---- | C] () -- C:\WINDOWS\System32\RtlCPAPI.dll
[2008/10/10 17:24:01 | 000,139,264 | R--- | C] () -- C:\WINDOWS\System32\IDEproperty.dll
[2008/10/10 09:40:29 | 000,000,376 | ---- | C] () -- C:\WINDOWS\ODBC.INI
[2008/10/10 09:37:21 | 000,000,052 | ---- | C] () -- C:\WINDOWS\CMISETUP.ini
[2008/09/30 14:03:29 | 000,138,624 | ---- | C] () -- C:\WINDOWS\System32\drivers\PnkBstrK.sys
[2008/09/27 20:57:21 | 000,133,632 | ---- | C] () -- C:\Documents and Settings\Barry\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2008/09/27 14:58:34 | 000,000,204 | ---- | C] () -- C:\WINDOWS\RtlRack.ini
[2008/09/26 19:32:17 | 000,027,308 | ---- | C] () -- C:\Documents and Settings\All Users\Application Data\hpzinstall.log
[2008/09/26 19:32:17 | 000,005,567 | ---- | C] () -- C:\Documents and Settings\All Users\Application Data\LUUnInstall.LiveUpdate
[2008/09/26 19:32:17 | 000,001,753 | ---- | C] () -- C:\Documents and Settings\All Users\Application Data\QTSBandwidthCache
[2008/07/21 16:14:10 | 000,073,728 | ---- | C] () -- C:\WINDOWS\System32\RtNicProp32.dll
[2007/09/27 10:51:02 | 000,020,698 | ---- | C] () -- C:\WINDOWS\System32\idxcntrs.ini
[2007/09/27 10:48:48 | 000,030,628 | ---- | C] () -- C:\WINDOWS\System32\gsrvctr.ini
[2007/09/27 10:48:28 | 000,031,698 | ---- | C] () -- C:\WINDOWS\System32\gthrctr.ini
[2007/07/22 17:39:26 | 000,053,248 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelTraditionalChinese.dll
[2007/07/22 17:39:26 | 000,053,248 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelSwedish.dll
[2007/07/22 17:39:26 | 000,053,248 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelSpanish.dll
[2007/07/22 17:39:26 | 000,053,248 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelSimplifiedChinese.dll
[2007/07/22 17:39:26 | 000,053,248 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelPortugese.dll
[2007/07/22 17:39:26 | 000,053,248 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelKorean.dll
[2007/07/22 17:39:26 | 000,053,248 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelJapanese.dll
[2007/07/22 17:39:26 | 000,053,248 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelGerman.dll
[2007/07/22 17:39:26 | 000,053,248 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelFrench.dll
[2007/06/25 20:34:26 | 000,070,400 | ---- | C] () -- C:\WINDOWS\System32\PhysXLoader.dll
[2006/10/22 13:22:00 | 001,662,976 | ---- | C] () -- C:\WINDOWS\System32\nvwdmcpl.dll
[2006/10/22 13:22:00 | 001,470,464 | ---- | C] () -- C:\WINDOWS\System32\nview.dll
[2006/10/22 13:22:00 | 001,019,904 | ---- | C] () -- C:\WINDOWS\System32\nvwimg.dll
[2006/10/22 13:22:00 | 000,581,632 | ---- | C] () -- C:\WINDOWS\System32\nvhwvid.dll
[2006/10/22 13:22:00 | 000,466,944 | ---- | C] () -- C:\WINDOWS\System32\nvshell.dll
[2006/10/22 13:22:00 | 000,286,720 | ---- | C] () -- C:\WINDOWS\System32\nvnt4cpl.dll
[2006/10/22 13:22:00 | 000,196,608 | ---- | C] () -- C:\WINDOWS\System32\nvapi.dll
[2003/02/19 01:26:28 | 000,028,672 | ---- | C] () -- C:\WINDOWS\System32\cmirmdrv.dll
[1999/01/22 06:46:58 | 000,065,536 | ---- | C] () -- C:\WINDOWS\System32\MSRTEDIT.DLL

========== LOP Check ==========

[2008/10/10 19:56:04 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\DriverScanner
[2010/08/18 17:46:56 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\f-secure
[2010/08/18 17:43:12 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\fssg
[2010/08/18 16:38:16 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Hitman Pro
[2009/05/10 18:39:44 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Newsoft
[2008/10/10 15:50:36 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\PC Drivers HeadQuarters
[2009/02/11 17:12:03 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\PopCap
[2010/07/15 22:07:35 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\QuickMediaConverter
[2010/08/25 12:14:33 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Research In Motion
[2009/09/02 01:09:42 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\TechSmith
[2009/07/26 14:57:23 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\TEMP
[2008/09/26 19:32:17 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\{3276BE95_AF08_429F_A64F_CA64CB79BCF6}
[2010/04/10 14:33:38 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\{429CAD59-35B1-4DBC-BB6D-1DB246563521}
[2009/11/11 10:43:21 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\{755AC846-7372-4AC8-8550-C52491DAA8BD}
[2009/05/14 14:50:56 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\{8CD7F5AF-ECFA-4793-BF40-D8F42DBFF906}
[2010/07/15 22:06:28 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Barry\Application Data\CocoonSoftware
[2010/08/20 03:30:01 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Barry\Application Data\F-Secure
[2009/01/23 13:08:28 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Barry\Application Data\GetRightToGo
[2010/08/25 15:52:06 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Barry\Application Data\ieSpell
[2010/07/31 16:21:58 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Barry\Application Data\ManyCam
[2009/07/22 14:24:42 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Barry\Application Data\Publish Providers
[2009/07/06 16:19:22 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Barry\Application Data\Research In Motion
[2009/07/22 14:22:04 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Barry\Application Data\Sony
[2008/09/27 13:19:40 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Barry\Application Data\Windows Desktop Search
[2008/10/05 10:49:56 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Barry\Application Data\Windows Search
[2009/12/25 15:39:25 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Barry\Application Data\WTouch
[2010/08/28 03:30:44 | 000,000,508 | ---- | M] () -- C:\WINDOWS\Tasks\Scheduled scanning task.job

========== Purity Check ==========

========== Custom Scans ==========

< %SYSTEMDRIVE%\*.* >
[2008/09/26 15:51:19 | 000,000,000 | ---- | M] () -- C:\AUTOEXEC.BAT
[2010/08/18 17:37:51 | 000,000,211 | ---- | M] () -- C:\Boot.bak
[2010/08/28 19:25:46 | 000,000,281 | RHS- | M] () -- C:\boot.ini
[2004/08/03 23:00:00 | 000,260,272 | ---- | M] () -- C:\cmldr
[2010/08/28 21:43:41 | 000,026,993 | ---- | M] () -- C:\ComboFix.txt
[2008/09/26 15:51:19 | 000,000,000 | ---- | M] () -- C:\CONFIG.SYS
[2007/11/07 08:00:40 | 000,017,734 | ---- | M] () -- C:\eula.1028.txt
[2007/11/07 08:00:40 | 000,017,734 | ---- | M] () -- C:\eula.1031.txt
[2007/11/07 08:00:40 | 000,010,134 | ---- | M] () -- C:\eula.1033.txt
[2007/11/07 08:00:40 | 000,017,734 | ---- | M] () -- C:\eula.1036.txt
[2007/11/07 08:00:40 | 000,017,734 | ---- | M] () -- C:\eula.1040.txt
[2007/11/07 08:00:40 | 000,000,118 | ---- | M] () -- C:\eula.1041.txt
[2007/11/07 08:00:40 | 000,017,734 | ---- | M] () -- C:\eula.1042.txt
[2007/11/07 08:00:40 | 000,017,734 | ---- | M] () -- C:\eula.2052.txt
[2007/11/07 08:00:40 | 000,017,734 | ---- | M] () -- C:\eula.3082.txt
[2007/11/07 08:00:40 | 000,001,110 | ---- | M] () -- C:\globdata.ini
[2008/09/26 16:11:12 | 1610,141,696 | -HS- | M] () -- C:\hiberfil.sys
[2007/11/07 08:00:40 | 000,000,843 | ---- | M] () -- C:\install.ini
[2007/11/07 08:03:18 | 000,076,304 | ---- | M] (Microsoft Corporation) -- C:\install.res.1028.dll
[2007/11/07 08:03:18 | 000,096,272 | ---- | M] (Microsoft Corporation) -- C:\install.res.1031.dll
[2007/11/07 08:03:18 | 000,091,152 | ---- | M] (Microsoft Corporation) -- C:\install.res.1033.dll
[2007/11/07 08:03:18 | 000,097,296 | ---- | M] (Microsoft Corporation) -- C:\install.res.1036.dll
[2007/11/07 08:03:18 | 000,095,248 | ---- | M] (Microsoft Corporation) -- C:\install.res.1040.dll
[2007/11/07 08:03:18 | 000,081,424 | ---- | M] (Microsoft Corporation) -- C:\install.res.1041.dll
[2007/11/07 08:03:18 | 000,079,888 | ---- | M] (Microsoft Corporation) -- C:\install.res.1042.dll
[2007/11/07 08:03:18 | 000,075,792 | ---- | M] (Microsoft Corporation) -- C:\install.res.2052.dll
[2007/11/07 08:03:18 | 000,096,272 | ---- | M] (Microsoft Corporation) -- C:\install.res.3082.dll
[2008/09/26 15:51:19 | 000,000,000 | RHS- | M] () -- C:\IO.SYS
[2008/09/26 15:51:19 | 000,000,000 | RHS- | M] () -- C:\MSDOS.SYS
[2006/02/28 05:00:00 | 000,047,564 | ---- | M] () -- C:\ntdetect.com
[2010/08/22 22:02:09 | 000,250,048 | ---- | M] () -- C:\ntldr
[2010/08/28 21:53:25 | 2145,386,496 | -HS- | M] () -- C:\pagefile.sys
[2010/05/24 22:23:39 | 000,000,369 | ---- | M] () -- C:\rkill.log
[2009/09/29 10:51:17 | 000,028,672 | ---- | M] () -- C:\scsprem.dat
[2009/08/25 10:19:13 | 000,000,232 | -H-- | M] () -- C:\sqmdata00.sqm
[2009/09/10 09:06:55 | 000,000,268 | -H-- | M] () -- C:\sqmdata01.sqm
[2009/09/25 07:33:44 | 000,000,232 | -H-- | M] () -- C:\sqmdata02.sqm
[2009/09/26 11:44:42 | 000,000,268 | -H-- | M] () -- C:\sqmdata03.sqm
[2009/09/26 13:33:16 | 000,000,268 | -H-- | M] () -- C:\sqmdata04.sqm
[2009/09/27 04:10:30 | 000,000,268 | -H-- | M] () -- C:\sqmdata05.sqm
[2009/09/27 18:28:22 | 000,000,268 | -H-- | M] () -- C:\sqmdata06.sqm
[2009/09/27 18:47:44 | 000,000,268 | -H-- | M] () -- C:\sqmdata07.sqm
[2009/09/28 13:06:59 | 000,000,268 | -H-- | M] () -- C:\sqmdata08.sqm
[2009/09/28 14:29:30 | 000,000,268 | -H-- | M] () -- C:\sqmdata09.sqm
[2009/09/29 10:21:04 | 000,000,268 | -H-- | M] () -- C:\sqmdata10.sqm
[2009/09/29 10:35:12 | 000,000,268 | -H-- | M] () -- C:\sqmdata11.sqm
[2009/09/29 11:43:35 | 000,000,268 | -H-- | M] () -- C:\sqmdata12.sqm
[2009/09/29 11:48:26 | 000,000,268 | -H-- | M] () -- C:\sqmdata13.sqm
[2009/09/29 12:45:59 | 000,000,268 | -H-- | M] () -- C:\sqmdata14.sqm
[2009/09/29 16:01:56 | 000,000,268 | -H-- | M] () -- C:\sqmdata15.sqm
[2009/09/29 21:33:13 | 000,000,268 | -H-- | M] () -- C:\sqmdata16.sqm
[2009/09/29 22:57:06 | 000,000,268 | -H-- | M] () -- C:\sqmdata17.sqm
[2009/09/29 23:51:01 | 000,000,268 | -H-- | M] () -- C:\sqmdata18.sqm
[2009/10/15 06:27:15 | 000,000,268 | -H-- | M] () -- C:\sqmdata19.sqm
[2009/08/25 10:19:13 | 000,000,244 | -H-- | M] () -- C:\sqmnoopt00.sqm
[2009/09/10 09:06:55 | 000,000,244 | -H-- | M] () -- C:\sqmnoopt01.sqm
[2009/09/25 07:33:44 | 000,000,244 | -H-- | M] () -- C:\sqmnoopt02.sqm
[2009/09/26 11:44:41 | 000,000,244 | -H-- | M] () -- C:\sqmnoopt03.sqm
[2009/09/26 13:33:15 | 000,000,244 | -H-- | M] () -- C:\sqmnoopt04.sqm
[2009/09/27 04:10:30 | 000,000,244 | -H-- | M] () -- C:\sqmnoopt05.sqm
[2009/09/27 18:28:22 | 000,000,244 | -H-- | M] () -- C:\sqmnoopt06.sqm
[2009/09/27 18:47:44 | 000,000,244 | -H-- | M] () -- C:\sqmnoopt07.sqm
[2009/09/28 13:06:59 | 000,000,244 | -H-- | M] () -- C:\sqmnoopt08.sqm
[2009/09/28 14:29:30 | 000,000,244 | -H-- | M] () -- C:\sqmnoopt09.sqm
[2009/09/29 10:21:04 | 000,000,244 | -H-- | M] () -- C:\sqmnoopt10.sqm
[2009/09/29 10:35:12 | 000,000,244 | -H-- | M] () -- C:\sqmnoopt11.sqm
[2009/09/29 11:43:35 | 000,000,244 | -H-- | M] () -- C:\sqmnoopt12.sqm
[2009/09/29 11:48:26 | 000,000,244 | -H-- | M] () -- C:\sqmnoopt13.sqm
[2009/09/29 12:45:59 | 000,000,244 | -H-- | M] () -- C:\sqmnoopt14.sqm
[2009/09/29 16:01:56 | 000,000,244 | -H-- | M] () -- C:\sqmnoopt15.sqm
[2009/09/29 21:33:12 | 000,000,244 | -H-- | M] () -- C:\sqmnoopt16.sqm
[2009/09/29 22:57:05 | 000,000,244 | -H-- | M] () -- C:\sqmnoopt17.sqm
[2009/09/29 23:51:01 | 000,000,244 | -H-- | M] () -- C:\sqmnoopt18.sqm
[2009/10/15 06:27:14 | 000,000,244 | -H-- | M] () -- C:\sqmnoopt19.sqm
[2009/08/30 13:35:58 | 000,000,330 | ---- | M] () -- C:\updatedatfix.log
[2007/11/07 08:00:40 | 000,005,686 | ---- | M] () -- C:\vcredist.bmp
[2007/11/07 08:09:22 | 001,442,522 | ---- | M] () -- C:\VC_RED.cab
[2007/11/07 08:12:28 | 000,232,960 | ---- | M] () -- C:\VC_RED.MSI

< %systemroot%\system32\Spool\prtprocs\w32x86\*.dll >
[2008/07/06 05:06:10 | 000,089,088 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\spool\prtprocs\w32x86\filterpipelineprintproc.dll
[2007/03/15 15:32:10 | 000,274,944 | ---- | M] (Hewlett-Packard Corporation) -- C:\WINDOWS\system32\spool\prtprocs\w32x86\hpzpp5ha.dll

< %systemroot%\system32\*.wt >

< %systemroot%\system32\*.ruy >

< %systemroot%\Fonts\*.com >
[2006/04/18 15:39:28 | 000,026,040 | ---- | M] () -- C:\WINDOWS\Fonts\GlobalMonospace.CompositeFont
[2006/06/29 14:53:56 | 000,026,489 | ---- | M] () -- C:\WINDOWS\Fonts\GlobalSansSerif.CompositeFont
[2006/04/18 15:39:28 | 000,029,779 | ---- | M] () -- C:\WINDOWS\Fonts\GlobalSerif.CompositeFont
[2006/06/29 14:58:52 | 000,030,808 | ---- | M] () -- C:\WINDOWS\Fonts\GlobalUserInterface.CompositeFont

< %systemroot%\Fonts\*.dll >

< %systemroot%\system32\spool\prtprocs\w32x86\*.tmp >

< %systemroot%\*. /mp /s >

< %systemroot%\system32\*.dll /lockedfiles >
[2009/03/08 04:31:44 | 000,348,160 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\WINDOWS\system32\dxtmsft.dll
[2009/03/08 04:31:38 | 000,216,064 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\WINDOWS\system32\dxtrans.dll
[2008/04/13 17:12:00 | 001,384,479 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\WINDOWS\system32\msvbvm60.dll

< %systemroot%\Tasks\*.job /lockedfiles >

< %systemroot%\System32\config\*.sav >
[2008/09/26 08:14:44 | 000,094,208 | ---- | M] () -- C:\WINDOWS\system32\config\default.sav
[2008/09/26 08:14:44 | 000,659,456 | ---- | M] () -- C:\WINDOWS\system32\config\software.sav
[2008/09/26 08:14:44 | 000,880,640 | ---- | M] () -- C:\WINDOWS\system32\config\system.sav

< %systemroot%\system32\user32.dll /md5 >
[2008/04/13 17:12:08 | 000,578,560 | ---- | M] (Microsoft Corporation) MD5=B26B135FF1B9F60C9388B4A7D16F600B -- C:\WINDOWS\system32\user32.dll

< %systemroot%\system32\ws2_32.dll /md5 >
[2008/04/13 17:12:10 | 000,082,432 | ---- | M] (Microsoft Corporation) MD5=2CCC474EB85CEAA3E1FA1726580A3E5A -- C:\WINDOWS\system32\ws2_32.dll

< %systemroot%\system32\ws2help.dll /md5 >
[2008/04/13 17:12:10 | 000,019,968 | ---- | M] (Microsoft Corporation) MD5=9789E95E1D88EEB4B922BF3EA7779C28 -- C:\WINDOWS\system32\ws2help.dll

< HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate\AU >

< HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\ Auto Update\Results\Install|LastSuccessTime /rs >

========== Hard Links - Junction Points - Mount Points - Symbolic Links ==========
[C:\WINDOWS\$hf_mig$\KB873339\KB873339] -> \Device\__max++>\^ -> Mount Point
[C:\WINDOWS\$hf_mig$\KB885835\KB885835] -> \Device\__max++>\^ -> Mount Point
[C:\WINDOWS\$hf_mig$\KB885836\KB885836] -> \Device\__max++>\^ -> Mount Point
[C:\WINDOWS\$hf_mig$\KB887472\KB887472] -> \Device\__max++>\^ -> Mount Point
[C:\WINDOWS\$hf_mig$\KB888302\KB888302] -> \Device\__max++>\^ -> Mount Point
[C:\WINDOWS\$hf_mig$\KB890046\KB890046] -> \Device\__max++>\^ -> Mount Point
[C:\WINDOWS\$hf_mig$\KB890859\KB890859] -> \Device\__max++>\^ -> Mount Point
[C:\WINDOWS\$hf_mig$\KB891781\KB891781] -> \Device\__max++>\^ -> Mount Point
[C:\WINDOWS\$hf_mig$\KB893756\KB893756] -> \Device\__max++>\^ -> Mount Point
[C:\WINDOWS\$hf_mig$\KB894391\KB894391] -> \Device\__max++>\^ -> Mount Point
[C:\WINDOWS\$hf_mig$\KB896358\KB896358] -> \Device\__max++>\^ -> Mount Point
[C:\WINDOWS\$hf_mig$\KB896423\KB896423] -> \Device\__max++>\^ -> Mount Point
[C:\WINDOWS\$hf_mig$\KB896428\KB896428] -> \Device\__max++>\^ -> Mount Point
[C:\WINDOWS\$hf_mig$\KB899587\KB899587] -> \Device\__max++>\^ -> Mount Point
[C:\WINDOWS\$hf_mig$\KB899591\KB899591] -> \Device\__max++>\^ -> Mount Point
[C:\WINDOWS\$hf_mig$\KB900485\KB900485] -> \Device\__max++>\^ -> Mount Point
[C:\WINDOWS\$hf_mig$\KB900725\KB900725] -> \Device\__max++>\^ -> Mount Point
[C:\WINDOWS\$hf_mig$\KB901017\KB901017] -> \Device\__max++>\^ -> Mount Point
[C:\WINDOWS\$hf_mig$\KB901214\KB901214] -> \Device\__max++>\^ -> Mount Point
[C:\WINDOWS\$hf_mig$\KB902400\KB902400] -> \Device\__max++>\^ -> Mount Point
[C:\WINDOWS\$hf_mig$\KB905414\KB905414] -> \Device\__max++>\^ -> Mount Point
[C:\WINDOWS\$hf_mig$\KB905749\KB905749] -> \Device\__max++>\^ -> Mount Point
[C:\WINDOWS\$hf_mig$\KB908519\KB908519] -> \Device\__max++>\^ -> Mount Point
[C:\WINDOWS\$hf_mig$\KB908531\KB908531] -> \Device\__max++>\^ -> Mount Point
[C:\WINDOWS\$hf_mig$\KB911280\KB911280] -> \Device\__max++>\^ -> Mount Point
[C:\WINDOWS\$hf_mig$\KB911562\KB911562] -> \Device\__max++>\^ -> Mount Point
[C:\WINDOWS\$hf_mig$\KB911927\KB911927] -> \Device\__max++>\^ -> Mount Point
[C:\WINDOWS\$hf_mig$\KB913580\KB913580] -> \Device\__max++>\^ -> Mount Point
[C:\WINDOWS\$hf_mig$\KB914388\KB914388] -> \Device\__max++>\^ -> Mount Point
[C:\WINDOWS\$hf_mig$\KB914389\KB914389] -> \Device\__max++>\^ -> Mount Point
[C:\WINDOWS\$hf_mig$\KB915865\KB915865] -> \Device\__max++>\^ -> Mount Point
[C:\WINDOWS\$hf_mig$\KB916595\KB916595] -> \Device\__max++>\^ -> Mount Point
[C:\WINDOWS\$hf_mig$\KB918118\KB918118] -> \Device\__max++>\^ -> Mount Point
[C:\WINDOWS\$hf_mig$\KB918439\KB918439] -> \Device\__max++>\^ -> Mount Point
[C:\WINDOWS\$hf_mig$\KB920213\KB920213] -> \Device\__max++>\^ -> Mount Point
[C:\WINDOWS\$hf_mig$\KB920670\KB920670] -> \Device\__max++>\^ -> Mount Point
[C:\WINDOWS\$hf_mig$\KB920683\KB920683] -> \Device\__max++>\^ -> Mount Point
[C:\WINDOWS\$hf_mig$\KB920685\KB920685] -> \Device\__max++>\^ -> Mount Point
[C:\WINDOWS\$hf_mig$\KB920872\KB920872] -> \Device\__max++>\^ -> Mount Point
[C:\WINDOWS\$hf_mig$\KB923414\KB923414] -> \Device\__max++>\^ -> Mount Point
[C:\WINDOWS\$hf_mig$\KB923980\KB923980] -> \Device\__max++>\^ -> Mount Point
[C:\WINDOWS\$hf_mig$\KB924270\KB924270] -> \Device\__max++>\^ -> Mount Point
[C:\WINDOWS\$hf_mig$\KB924496\KB924496] -> \Device\__max++>\^ -> Mount Point
[C:\WINDOWS\$hf_mig$\KB925902\KB925902] -> \Device\__max++>\^ -> Mount Point
[C:\WINDOWS\$hf_mig$\KB926255\KB926255] -> \Device\__max++>\^ -> Mount Point
[C:\WINDOWS\$hf_mig$\KB926436\KB926436] -> \Device\__max++>\^ -> Mount Point
[C:\WINDOWS\$hf_mig$\KB927779\KB927779] -> \Device\__max++>\^ -> Mount Point
[C:\WINDOWS\$hf_mig$\KB927802\KB927802] -> \Device\__max++>\^ -> Mount Point
[C:\WINDOWS\$hf_mig$\KB928255\KB928255] -> \Device\__max++>\^ -> Mount Point
[C:\WINDOWS\$hf_mig$\KB928843\KB928843] -> \Device\__max++>\^ -> Mount Point
[C:\WINDOWS\$hf_mig$\KB929123\KB929123] -> \Device\__max++>\^ -> Mount Point
[C:\WINDOWS\$hf_mig$\KB930178\KB930178] -> \Device\__max++>\^ -> Mount Point
[C:\WINDOWS\$hf_mig$\KB930916\KB930916] -> \Device\__max++>\^ -> Mount Point
[C:\WINDOWS\$hf_mig$\KB931261\KB931261] -> \Device\__max++>\^ -> Mount Point
[C:\WINDOWS\$hf_mig$\KB931784\KB931784] -> \Device\__max++>\^ -> Mount Point
[C:\WINDOWS\$hf_mig$\KB932168\KB932168] -> \Device\__max++>\^ -> Mount Point
[C:\WINDOWS\$hf_mig$\KB935839\KB935839] -> \Device\__max++>\^ -> Mount Point
[C:\WINDOWS\$hf_mig$\KB935840\KB935840] -> \Device\__max++>\^ -> Mount Point
[C:\WINDOWS\$hf_mig$\KB936021\KB936021] -> \Device\__max++>\^ -> Mount Point
[C:\WINDOWS\$hf_mig$\KB936357\KB936357] -> \Device\__max++>\^ -> Mount Point
[C:\WINDOWS\$hf_mig$\KB937894\KB937894] -> \Device\__max++>\^ -> Mount Point
[C:\WINDOWS\$hf_mig$\KB938127\KB938127] -> \Device\__max++>\^ -> Mount Point
[C:\WINDOWS\$hf_mig$\KB938828\KB938828] -> \Device\__max++>\^ -> Mount Point
[C:\WINDOWS\$hf_mig$\KB941693\KB941693] -> \Device\__max++>\^ -> Mount Point
[C:\WINDOWS\$hf_mig$\KB943055\KB943055] -> \Device\__max++>\^ -> Mount Point
[C:\WINDOWS\$hf_mig$\KB943485\KB943485] -> \Device\__max++>\^ -> Mount Point
[C:\WINDOWS\$hf_mig$\KB944653\KB944653] -> \Device\__max++>\^ -> Mount Point
[C:\WINDOWS\$hf_mig$\KB945553\KB945553] -> \Device\__max++>\^ -> Mount Point
[C:\WINDOWS\$hf_mig$\KB946026\KB946026] -> \Device\__max++>\^ -> Mount Point
[C:\WINDOWS\$hf_mig$\KB948590\KB948590] -> \Device\__max++>\^ -> Mount Point
[C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP876.tmp\ZAP876.tmp] -> \Device\__max++>\^ -> Mount Point
[C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP963.tmp\ZAP963.tmp] -> \Device\__max++>\^ -> Mount Point
[C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP995.tmp\ZAP995.tmp] -> \Device\__max++>\^ -> Mount Point
[C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAPA4.tmp\ZAPA4.tmp] -> \Device\__max++>\^ -> Mount Point
[C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAPA4F.tmp\ZAPA4F.tmp] -> \Device\__max++>\^ -> Mount Point
[C:\WINDOWS\assembly\tmp\tmp] -> \Device\__max++>\^ -> Mount Point
[C:\WINDOWS\Config\Config] -> \Device\__max++>\^ -> Mount Point
[C:\WINDOWS\Connection Wizard\Connection Wizard] -> \Device\__max++>\^ -> Mount Point
[C:\WINDOWS\CSC\d1\d1] -> \Device\__max++>\^ -> Mount Point
[C:\WINDOWS\CSC\d2\d2] -> \Device\__max++>\^ -> Mount Point
[C:\WINDOWS\CSC\d3\d3] -> \Device\__max++>\^ -> Mount Point
[C:\WINDOWS\CSC\d4\d4] -> \Device\__max++>\^ -> Mount Point
[C:\WINDOWS\CSC\d5\d5] -> \Device\__max++>\^ -> Mount Point
[C:\WINDOWS\CSC\d6\d6] -> \Device\__max++>\^ -> Mount Point
[C:\WINDOWS\CSC\d7\d7] -> \Device\__max++>\^ -> Mount Point
[C:\WINDOWS\CSC\d8\d8] -> \Device\__max++>\^ -> Mount Point
[C:\WINDOWS\ftpcache\ftpcache] -> \Device\__max++>\^ -> Mount Point
[C:\WINDOWS\ime\imejp\applets\applets] -> \Device\__max++>\^ -> Mount Point
[C:\WINDOWS\ime\imejp98\imejp98] -> \Device\__max++>\^ -> Mount Point
[C:\WINDOWS\ime\imkr6_1\dicts\dicts] -> \Device\__max++>\^ -> Mount Point
[C:\WINDOWS\Installer\$PatchCache$\Managed\0DC1503A46F231838AD88BCDDC8E8F7C\3.2.30729\3.2.30729] -> \Device\__max++>\^ -> Mount Point
[C:\WINDOWS\Installer\$PatchCache$\Managed\D7314F9862C648A4DB8BE2A5B47BE100\1.0.0\1.0.0] -> \Device\__max++>\^ -> Mount Point
[C:\WINDOWS\Installer\$PatchCache$\Managed\DC3BF90CC0D3D2F398A9A6D1762F70F3\2.2.30729\2.2.30729] -> \Device\__max++>\^ -> Mount Point
[C:\WINDOWS\java\classes\classes] -> \Device\__max++>\^ -> Mount Point
[C:\WINDOWS\java\trustlib\trustlib] -> \Device\__max++>\^ -> Mount Point
[C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\Temporary ASP.NET Files\Bind Logs\Bind Logs] -> \Device\__max++>\^ -> Mount Point
[C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\Temporary ASP.NET Files\Temporary ASP.NET Files] -> \Device\__max++>\^ -> Mount Point
[C:\WINDOWS\msapps\msinfo\msinfo] -> \Device\__max++>\^ -> Mount Point
[C:\WINDOWS\pchealth\ERRORREP\ERRORREP] -> \Device\__max++>\^ -> Mount Point
[C:\WINDOWS\pchealth\helpctr\BATCH\BATCH] -> \Device\__max++>\^ -> Mount Point
[C:\WINDOWS\pchealth\helpctr\Config\CheckPoint\CheckPoint] -> \Device\__max++>\^ -> Mount Point
[C:\WINDOWS\pchealth\helpctr\HelpFiles\HelpFiles] -> \Device\__max++>\^ -> Mount Point
[C:\WINDOWS\pchealth\helpctr\InstalledSKUs\InstalledSKUs] -> \Device\__max++>\^ -> Mount Point
[C:\WINDOWS\pchealth\helpctr\System\DFS\DFS] -> \Device\__max++>\^ -> Mount Point
[C:\WINDOWS\pchealth\helpctr\System\News\News] -> \Device\__max++>\^ -> Mount Point
[C:\WINDOWS\pchealth\helpctr\System_OEM\System_OEM] -> \Device\__max++>\^ -> Mount Point
[C:\WINDOWS\pchealth\helpctr\Temp\Temp] -> \Device\__max++>\^ -> Mount Point
[C:\WINDOWS\Prefetch\Prefetch] -> \Device\__max++>\^ -> Mount Point
[C:\WINDOWS\Registration\CRMLog\CRMLog] -> \Device\__max++>\^ -> Mount Point
[C:\WINDOWS\SoftwareDistribution\AuthCabs\Downloaded\Downloaded] -> \Device\__max++>\^ -> Mount Point
[C:\WINDOWS\Sun\Java\Deployment\Deployment] -> \Device\__max++>\^ -> Mount Point
[C:\WINDOWS\SxsCaPendDel\SxsCaPendDel] -> \Device\__max++>\^ -> Mount Point
[C:\WINDOWS\WinSxS\InstallTemp\InstallTemp] -> \Device\__max++>\^ -> Mount Point
[C:\WINDOWS\WinSxS\x86_Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.1433_x-ww_5cf844d2\x86_Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.1433_x-ww_5cf844d2] -> \Device\__max++>\^ -> Mount Point

========== Alternate Data Streams ==========

@Alternate Data Stream - 88 bytes -> C:\WINDOWS\System\SOUND.DRV:SummaryInformation
@Alternate Data Stream - 128 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:5B132D3E
@Alternate Data Stream - 103 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:9B285B76
< End of report >

Bdog · 2010/08/29

OTL Extras logfile created on: 8/28/2010 10:40:48 PM - Run 1
OTL by OldTimer - Version 3.2.11.0 Folder = C:\Documents and Settings\Barry\Desktop
Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

1,023.00 Mb Total Physical Memory | 357.00 Mb Available Physical Memory | 35.00% Memory free
3.00 Gb Paging File | 2.00 Gb Available in Paging File | 80.00% Paging File free
Paging file location(s): C:\pagefile.sys 2046 4092 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 76.32 Gb Total Space | 19.29 Gb Free Space | 25.28% Space Free | Partition Type: NTFS
Drive D: | 2.36 Gb Total Space | 0.00 Gb Free Space | 0.00% Space Free | Partition Type: CDFS
E: Drive not present or media not loaded
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded

Computer Name: BARRY-ADADBF10A
Current User Name: Barry
Logged in as Administrator.

Current Boot Mode: Normal
Scan Mode: Current user
Company Name Whitelist: On
Skip Microsoft Files: On
File Age = 90 Days
Output = Standard
Quick Scan

========== Extra Registry (SafeList) ==========

========== File Associations ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]

========== Shell Spawning ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
htmlfile [edit] -- "C:\Program Files\Microsoft Office\Office10\msohtmed.exe" %1 (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1 "
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l (Microsoft Corporation)
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

========== Security Center Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"FirstRunDisabled" = 1
"AntiVirusOverride" = 0
"FirewallOverride" = 0
"UpdatesDisableNotify" = 0
"AntiVirusDisableNotify" = 0
"FirewallDisableNotify" = 0

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall" = 1
"DoNotAllowExceptions" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List]
"1900:UDP" = 1900:UDP:LocalSubNet:Enabledxpsp2res.dll,-22007
"2869:TCP" = 2869:TCP:LocalSubNet:Enabledxpsp2res.dll,-22008
"10243:TCP" = 10243:TCP:LocalSubNet:Enabled:Windows Media Player Network Sharing Service
"10280:UDP" = 10280:UDP:LocalSubNet:Enabled:Windows Media Player Network Sharing Service
"10281:UDP" = 10281:UDP:LocalSubNet:Enabled:Windows Media Player Network Sharing Service
"10282:UDP" = 10282:UDP:LocalSubNet:Enabled:Windows Media Player Network Sharing Service
"10283:UDP" = 10283:UDP:LocalSubNet:Enabled:Windows Media Player Network Sharing Service
"10284:UDP" = 10284:UDP:LocalSubNet:Enabled:Windows Media Player Network Sharing Service

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 0
"DoNotAllowExceptions" = 0
"DisableNotifications" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
"1900:UDP" = 1900:UDP:LocalSubNet:Enabledxpsp2res.dll,-22007
"2869:TCP" = 2869:TCP:LocalSubNet:Enabledxpsp2res.dll,-22008
"10243:TCP" = 10243:TCP:LocalSubNet:Enabled:Windows Media Player Network Sharing Service
"10280:UDP" = 10280:UDP:LocalSubNet:Enabled:Windows Media Player Network Sharing Service
"10281:UDP" = 10281:UDP:LocalSubNet:Enabled:Windows Media Player Network Sharing Service
"10282:UDP" = 10282:UDP:LocalSubNet:Enabled:Windows Media Player Network Sharing Service
"10283:UDP" = 10283:UDP:LocalSubNet:Enabled:Windows Media Player Network Sharing Service
"10284:UDP" = 10284:UDP:LocalSubNet:Enabled:Windows Media Player Network Sharing Service
"5353:TCP" = 5353:TCP:*:Enabled:Adobe CSI CS4
"5353:UDP" = 5353:UDP:*:Enabled:Bonjour
"4481:TCP" = 4481:TCP:LocalSubNet:Enabled:BlackBerry Desktop Software music sync service data transfer
"4481:UDP" = 4481:UDP:LocalSubNet:Enabled:BlackBerry Desktop Software music sync service discovery
"4482:TCP" = 4482:TCP:LocalSubNet:Enabled:BlackBerry Desktop Software music sync service data transfer
"4482:UDP" = 4482:UDP:LocalSubNet:Enabled:BlackBerry Desktop Software music sync service discovery
"1034:TCP" = 1034:TCP:*:Enabled:Akamai NetSession Interface
"5000:UDP" = 5000:UDP:*:Enabled:Akamai NetSession Interface

========== Authorized Applications List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
"C:\Program Files\Windows Live\Messenger\wlcsdk.exe" = C:\Program Files\Windows Live\Messenger\wlcsdk.exe:*:Enabled:Windows Live Call -- (Microsoft Corporation)
"C:\Program Files\Windows Live\Sync\WindowsLiveSync.exe" = C:\Program Files\Windows Live\Sync\WindowsLiveSync.exe:*:Enabled:Windows Live Sync -- (Microsoft Corporation)
"C:\Program Files\HP\Digital Imaging\bin\hpofxm08.exe" = C:\Program Files\HP\Digital Imaging\bin\hpofxm08.exe:*:Enabled:hpofxm08.exe -- (Hewlett-Packard Co.)
"C:\Program Files\HP\Digital Imaging\bin\hposfx08.exe" = C:\Program Files\HP\Digital Imaging\bin\hposfx08.exe:*:Enabled:hposfx08.exe -- (Hewlett-Packard Co.)
"C:\Program Files\HP\Digital Imaging\bin\hposid01.exe" = C:\Program Files\HP\Digital Imaging\bin\hposid01.exe:*:Enabled:hposid01.exe -- (Hewlett-Packard Co.)
"C:\Program Files\HP\Digital Imaging\bin\hpqcopy2.exe" = C:\Program Files\HP\Digital Imaging\bin\hpqcopy2.exe:*:Enabled:hpqcopy2.exe -- (Hewlett-Packard Co.)
"C:\Program Files\HP\Digital Imaging\bin\hpzwiz01.exe" = C:\Program Files\HP\Digital Imaging\bin\hpzwiz01.exe:*:Enabled:hpzwiz01.exe -- (Hewlett-Packard Co.)
"C:\Program Files\HP\Digital Imaging\bin\hpoews01.exe" = C:\Program Files\HP\Digital Imaging\bin\hpoews01.exe:*:Enabled:hpoews01.exe -- (Hewlett-Packard Co.)
"C:\Program Files\HP\Digital Imaging\bin\hpiscnapp.exe" = C:\Program Files\HP\Digital Imaging\bin\hpiscnapp.exe:*:Enabled:hpiscnapp.exe -- (Hewlett-Packard)
"C:\Program Files\Common Files\HP\Digital Imaging\bin\hpqPhotoCrm.exe" = C:\Program Files\Common Files\HP\Digital Imaging\bin\hpqPhotoCrm.exe:*:Enabled:hpqphotocrm.exe -- (Hewlett-Packard Development Co. L.P.)
"C:\Program Files\HP\Digital Imaging\bin\hpqsudi.exe" = C:\Program Files\HP\Digital Imaging\bin\hpqsudi.exe:*:Enabled:hpqsudi.exe -- (Hewlett-Packard Development Co. L.P.)
"C:\Program Files\HP\Digital Imaging\bin\hpqpsapp.exe" = C:\Program Files\HP\Digital Imaging\bin\hpqpsapp.exe:*:Enabled:hpqpsapp.exe -- (Hewlett-Packard Development Co. L.P.)
"C:\Program Files\HP\Digital Imaging\bin\hpofxs08.exe" = C:\Program Files\HP\Digital Imaging\bin\hpofxs08.exe:*:Enabled:hpofxs08.exe -- (Hewlett-Packard Co.)
"C:\Program Files\HP\Digital Imaging\bin\hpqfxt08.exe" = C:\Program Files\HP\Digital Imaging\bin\hpqfxt08.exe:*:Enabled:hpqfxt08.exe -- (TODO: <Company name>)
"C:\Program Files\HP\Digital Imaging\bin\hpqpse.exe" = C:\Program Files\HP\Digital Imaging\bin\hpqpse.exe:*:Enabled:hpqpse.exe -- (Hewlett-Packard Development Co. L.P.)
"C:\Program Files\HP\Digital Imaging\bin\hpqgplgtupl.exe" = C:\Program Files\HP\Digital Imaging\bin\hpqgplgtupl.exe:*:Enabled:hpqgplgtupl.exe -- (Hewlett-Packard Co.)
"C:\Program Files\HP\Digital Imaging\bin\hpqusgm.exe" = C:\Program Files\HP\Digital Imaging\bin\hpqusgm.exe:*:Enabled:hpqusgm.exe -- (Hewlett-Packard Co.)
"C:\Program Files\HP\Digital Imaging\bin\hpqusgh.exe" = C:\Program Files\HP\Digital Imaging\bin\hpqusgh.exe:*:Enabled:hpqusgh.exe -- (Hewlett-Packard Co.)
"C:\Program Files\HP\HP Software Update\hpwucli.exe" = C:\Program Files\HP\HP Software Update\hpwucli.exe:*:Enabled:hpwucli.exe -- (Hewlett-Packard)
"C:\Program Files\HP\Digital Imaging\smart web printing\SmartWebPrintExe.exe" = C:\Program Files\HP\Digital Imaging\smart web printing\SmartWebPrintExe.exe:*:Enabled:smartwebprintexe.exe -- (Hewlett-Packard Co.)

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"C:\Program Files\BitLord\BitLord.exe" = C:\Program Files\BitLord\BitLord.exe:*:Enabled:BitLord -- (www.BitLord.com)
"C:\Program Files\LimeWire\LimeWire.exe" = C:\Program Files\LimeWire\LimeWire.exe:*:Enabled:LimeWire -- (Lime Wire, LLC)
"C:\Program Files\Common Files\Adobe\CS4ServiceManager\CS4ServiceManager.exe" = C:\Program Files\Common Files\Adobe\CS4ServiceManager\CS4ServiceManager.exe:*:Enabled:Adobe CSI CS4 -- (Adobe Systems Incorporated)
"C:\Program Files\Windows Live\Messenger\wlcsdk.exe" = C:\Program Files\Windows Live\Messenger\wlcsdk.exe:*:Enabled:Windows Live Call -- (Microsoft Corporation)
"C:\Program Files\Windows Live\Sync\WindowsLiveSync.exe" = C:\Program Files\Windows Live\Sync\WindowsLiveSync.exe:*:Enabled:Windows Live Sync -- (Microsoft Corporation)
"C:\Program Files\HP\Digital Imaging\bin\hpofxm08.exe" = C:\Program Files\HP\Digital Imaging\bin\hpofxm08.exe:*:Enabled:hpofxm08.exe -- (Hewlett-Packard Co.)
"C:\Program Files\HP\Digital Imaging\bin\hposfx08.exe" = C:\Program Files\HP\Digital Imaging\bin\hposfx08.exe:*:Enabled:hposfx08.exe -- (Hewlett-Packard Co.)
"C:\Program Files\HP\Digital Imaging\bin\hposid01.exe" = C:\Program Files\HP\Digital Imaging\bin\hposid01.exe:*:Enabled:hposid01.exe -- (Hewlett-Packard Co.)
"C:\Program Files\HP\Digital Imaging\bin\hpqcopy2.exe" = C:\Program Files\HP\Digital Imaging\bin\hpqcopy2.exe:*:Enabled:hpqcopy2.exe -- (Hewlett-Packard Co.)
"C:\Program Files\HP\Digital Imaging\bin\hpzwiz01.exe" = C:\Program Files\HP\Digital Imaging\bin\hpzwiz01.exe:*:Enabled:hpzwiz01.exe -- (Hewlett-Packard Co.)
"C:\Program Files\HP\Digital Imaging\bin\hpoews01.exe" = C:\Program Files\HP\Digital Imaging\bin\hpoews01.exe:*:Enabled:hpoews01.exe -- (Hewlett-Packard Co.)
"C:\Program Files\HP\Digital Imaging\bin\hpiscnapp.exe" = C:\Program Files\HP\Digital Imaging\bin\hpiscnapp.exe:*:Enabled:hpiscnapp.exe -- (Hewlett-Packard)
"C:\Program Files\Common Files\HP\Digital Imaging\bin\hpqPhotoCrm.exe" = C:\Program Files\Common Files\HP\Digital Imaging\bin\hpqPhotoCrm.exe:*:Enabled:hpqphotocrm.exe -- (Hewlett-Packard Development Co. L.P.)
"C:\Program Files\HP\Digital Imaging\bin\hpqsudi.exe" = C:\Program Files\HP\Digital Imaging\bin\hpqsudi.exe:*:Enabled:hpqsudi.exe -- (Hewlett-Packard Development Co. L.P.)
"C:\Program Files\HP\Digital Imaging\bin\hpqpsapp.exe" = C:\Program Files\HP\Digital Imaging\bin\hpqpsapp.exe:*:Enabled:hpqpsapp.exe -- (Hewlett-Packard Development Co. L.P.)
"C:\Program Files\HP\Digital Imaging\bin\hpofxs08.exe" = C:\Program Files\HP\Digital Imaging\bin\hpofxs08.exe:*:Enabled:hpofxs08.exe -- (Hewlett-Packard Co.)
"C:\Program Files\HP\Digital Imaging\bin\hpqfxt08.exe" = C:\Program Files\HP\Digital Imaging\bin\hpqfxt08.exe:*:Enabled:hpqfxt08.exe -- (TODO: <Company name>)
"C:\Program Files\HP\Digital Imaging\bin\hpqpse.exe" = C:\Program Files\HP\Digital Imaging\bin\hpqpse.exe:*:Enabled:hpqpse.exe -- (Hewlett-Packard Development Co. L.P.)
"C:\Program Files\HP\Digital Imaging\bin\hpqgplgtupl.exe" = C:\Program Files\HP\Digital Imaging\bin\hpqgplgtupl.exe:*:Enabled:hpqgplgtupl.exe -- (Hewlett-Packard Co.)
"C:\Program Files\HP\Digital Imaging\bin\hpqusgm.exe" = C:\Program Files\HP\Digital Imaging\bin\hpqusgm.exe:*:Enabled:hpqusgm.exe -- (Hewlett-Packard Co.)
"C:\Program Files\HP\Digital Imaging\bin\hpqusgh.exe" = C:\Program Files\HP\Digital Imaging\bin\hpqusgh.exe:*:Enabled:hpqusgh.exe -- (Hewlett-Packard Co.)
"C:\Program Files\HP\HP Software Update\hpwucli.exe" = C:\Program Files\HP\HP Software Update\hpwucli.exe:*:Enabled:hpwucli.exe -- (Hewlett-Packard)
"C:\Program Files\HP\Digital Imaging\smart web printing\SmartWebPrintExe.exe" = C:\Program Files\HP\Digital Imaging\smart web printing\SmartWebPrintExe.exe:*:Enabled:smartwebprintexe.exe -- (Hewlett-Packard Co.)
"C:\Program Files\iTunes\iTunes.exe" = C:\Program Files\iTunes\iTunes.exe:*:Enabled:iTunes -- (Apple Inc.)
"C:\Program Files\Research In Motion\BlackBerry Desktop\Rim.Desktop.exe" = C:\Program Files\Research In Motion\BlackBerry Desktop\Rim.Desktop.exe:*:Enabled:BlackBerry Desktop Software -- (Research In Motion)

========== HKEY_LOCAL_MACHINE Uninstall List ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}" = Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148
"{00ADFB20-AE75-46F4-AD2C-F48B15AC3100}" = Adobe Color NA Recommended Settings CS4
"{0289B35E-DC07-4c7a-9710-BBD686EA4B7D}" = Status
"{05308C4E-7285-4066-BAE3-6B50DA6ED755}" = Adobe Update Manager CS4
"{054EFA56-2AC1-48F4-A883-0AB89874B972}" = Adobe Extension Manager CS4
"{070B059B-F742-4532-B9D1-11E1E3887C6C}" = BlackBerry Device Software Updater
"{098727E1-775A-4450-B573-3F441F1CA243}" = kuler
"{0C826C5B-B131-423A-A229-C71B3CACCD6A}" = CDDRV_Installer
"{0D6013AB-A0C7-41DC-973C-E93129C9A29F}" = Adobe Color JA Extra Settings CS4
"{0D67A4E4-5BE0-4C9A-8AD8-AB552B433F23}" = Adobe Setup
"{0D9E1F52-CE29-B03B-D79F-8EC434821033}" = Nero 7 Demo
"{0EE11800-A1BD-11D3-BFEB-005004AF2D32}" = Risk II
"{0F723FC1-7606-4867-866C-CE80AD292DAF}" = Adobe CSI CS4
"{12A76360-388E-4B27-ABEB-D5FC5378DD2A}" = HPPhotoSmartPhotobookWebPack1
"{139E303E-1050-497F-98B1-9AE87B15C463}" = Windows Live Family Safety
"{1618734A-3957-4ADD-8199-F973763109A8}" = Adobe Anchor Service CS4
"{162d74e4-7d6d-4949-8018-50e96e314696}" = C6200_Help
"{16E16F01-2E2D-4248-A42F-76261C147B6C}" = Adobe Drive CS4
"{16E6D2C1-7C90-4309-8EC4-D2212690AAA4}" = AdobeColorCommonSetRGB
"{178832DE-9DE0-4C87-9F82-9315A9B03985}" = Windows Live Writer
"{18669FF9-C8FE-407a-9F70-E674896B1DB4}" = GPBaseService
"{1a413f37-ed88-4fec-9666-5c48dc4b7bb7}" = YouTube Downloader 2.5.1
"{205C6BDD-7B73-42DE-8505-9A093F35A238}" = Windows Live Upload Tool
"{20B30DC1-E423-4939-B51D-05C58B0F9BBB}" = HP Photosmart All-In-One Driver Software 10.0 Rel .2
"{22B775E7-6C42-4FC5-8E10-9A5E3257BD94}" = MSVCRT
"{2614F54E-A828-49FA-93BA-45A3F756BFAA}" = 32 Bit HP CIO Components Installer
"{26A24AE4-039D-4CA4-87B4-2F83216015FF}" = Java(TM) 6 Update 21
"{287ECFA4-719A-2143-A09B-D6A12DE54E40}" = Acrobat.com
"{3101CB58-3482-4D21-AF1A-7057FC935355}" = KhalInstallWrapper
"{3248F0A8-6813-11D6-A77B-00B0D0150010}" = J2SE Runtime Environment 5.0 Update 1
"{3248F0A8-6813-11D6-A77B-00B0D0150170}" = J2SE Runtime Environment 5.0 Update 17
"{3248F0A8-6813-11D6-A77B-00B0D0160070}" = Java(TM) 6 Update 7
"{32A3A4F4-B792-11D6-A78A-00B0D0150170}" = J2SE Development Kit 5.0 Update 17
"{34BFB099-07B2-4E95-A673-7362D60866A2}" = PSSWCORE
"{350C97B0-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP
"{35D94F92-1D3A-43C5-8605-EA268B1A7BD9}" = PDF Settings CS4
"{3700194C-C5DD-439A-BE06-A66960CA4C70}" = MSVCSetup
"{39F6E2B4-CFE8-C30A-66E8-489651F0F34C}" = Adobe Media Player
"{3A4E8896-C2E7-4084-A4A4-B8FD1894E739}" = Adobe XMP Panels CS4
"{3D2C9DE6-9ADE-4252-A241-E43723B0CE02}" = Adobe Color - Photoshop Specific CS4
"{3DA8DF9A-044E-46C4-8531-DEDBB0EE37FF}" = Adobe WinSoft Linguistics Plugin
"{3E8DD348-4174-4fe8-8FDC-238AAFBD2488}" = HP Photosmart All-In-One Software 9.0
"{4640FDE1-B83A-4376-84ED-86F86BEE2D41}" = Driver Detective
"{4943EFF5-229F-435D-BEA9-BE3CAEA783A7}" = Adobe Service Manager Extension
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4A70EF07-7F88-4434-BB61-D1DE8AE93DD4}" = SolutionCenter
"{4CACFCD9-F71B-413A-8DF5-1A6419D5CDC6}" = Cards_Calendar_OrderGift_DoMorePlugout
"{4CBA3D4C-8F51-4D60-B27E-F6B641C571E7}" = Microsoft Search Enhancement Pack
"{4CCC7F68-A437-4559-A840-F5E010934951}" = HP Driver Diagnostics
"{5570C7F0-43D0-4916-8A9E-AEDD52FA86F4}" = Adobe Color EU Extra Settings CS4
"{57F0ED40-8F11-41AA-B926-4A66D0D1A9CC}" = Microsoft Office Live Add-in 1.3
"{5EE7D259-D137-4438-9A5F-42F432EC0421}" = VC80CRTRedist - 8.0.50727.4053
"{63C24A08-70F3-4C8E-B9FB-9F21A903801D}" = Adobe Color Video Profiles CS CS4
"{63E5CDBF-8214-4F03-84F8-CD3CE48639AD}" = Adobe Photoshop CS4 Support
"{63FF21C9-A810-464F-B60A-3111747B1A6D}" = GPBaseService2
"{6412CECE-8172-4BE5-935B-6CECACD2CA87}" = Windows Live Mail
"{679EC478-3FF9-4987-B2FF-C2C2B27532A2}" = DocProc
"{67F0E67A-8E93-4C2C-B29D-47C48262738A}" = Adobe Device Central CS4
"{68243FF8-83CA-466B-B2B8-9F99DA5479C4}" = AdobeColorCommonSetCMYK
"{687FEF8A-8597-40b4-832C-297EA3F35817}" = BufferChm
"{6956856F-B6B3-4BE0-BA0B-8F495BE32033}" = Apple Software Update
"{6B437F94-056F-4791-AF2C-0D10E2706AF0}" = PanoStandAlone
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{72E3FF67-450F-4ADD-99A7-4147780F6C7B}_is1" = Shaw Support 3.0
"{76BC2442-0002-47FA-9617-43BAD82BEF4C}" = Bonjour
"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
"{787D1A33-A97B-4245-87C0-7174609A540C}" = HP Update
"{81128EE8-8EAD-4DB0-85C6-17C2CE50FF71}" = Windows Live Essentials
"{820D3F45-F6EE-4AAF-81EF-CE21FF21D230}" = Adobe Type Support CS4
"{83877DB1-8B77-45BC-AB43-2BAC22E093E0}" = Adobe Bridge CS4
"{842B4B72-9E8F-4962-B3C1-1C422A5C4434}" = Suite Shared Configuration CS4
"{84EBDF39-4B33-49D7-A0BD-EB6E2C4E81C1}" = Windows Live Sync
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8A558B0C-541D-47e0-A177-8635CE723B07}" = HP Photosmart C5500 All-In-One Driver 11.0 Rel .4
"{8A74E887-8F0F-4017-AF53-CBA42211AAA5}" = Microsoft Sync Framework Runtime Native v1.0 (x86)
"{8A85DEAD-7C1F-4368-881C-72AC74CB2E91}" = UnloadSupport
"{8E37A0C8-C0E7-4E7A-8739-ACF20D02E70C}" = PS_AIO_04_C5500_Software_Min
"{8FF6F5CA-4E30-4E3B-B951-204CAAA2716A}" = SmartWebPrinting
"{90120000-0020-0409-0000-0000000FF1CE}" = Compatibility Pack for the 2007 Office system
"{90120000-00B2-0409-0000-0000000FF1CE}" = Microsoft Save as PDF or XPS Add-in for 2007 Microsoft Office programs
"{90260409-6000-11D3-8CFE-0050048383C9}" = Microsoft Office XP Web Components
"{90280409-6000-11D3-8CFE-0050048383C9}" = Microsoft Office XP Professional with FrontPage
"{931AB7EA-3656-4BB7-864D-022B09E3DD67}" = Adobe Linguistics CS4
"{9422C8EA-B0C6-4197-B8FC-DC797658CA00}" = Windows Live Sign-in Assistant
"{94D398EB-D2FD-4FD1-B8C4-592635E8A191}" = Adobe CMaps CS4
"{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting
"{995F1E2E-F542-4310-8E1D-9926F5A279B3}" = Windows Live Toolbar
"{996A2FAA-7514-4628-9D12-A8FC34A0016E}" = iTunes
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9C2D4047-0E40-499a-AC7A-C4B9BB12FE03}" = TrayApp
"{A07840FC-CE63-4CB8-8030-EF4B9805925A}" = HPPhotoSmartDiscLabel_PaperLabel
"{A1F66FC9-11EE-4F2F-98C9-16F8D1E69FB7}" = Segoe UI
"{A2BCA9F1-566C-4805-97D1-7FDC93386723}" = Adobe AIR
"{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}" = Microsoft .NET Framework 3.0 Service Pack 2
"{A85FD55B-891B-4314-97A5-EA96C0BD80B5}" = Windows Live Messenger
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{A93944F2-D2D4-4750-BFE7-9A288FEAF2CF}" = Apple Application Support
"{AB67580-257C-45FF-B8F4-C8C30682091A}_is1" = SIW version 2010.07.14
"{AC76BA86-7AD7-1033-7B44-A91000000001}" = Adobe Reader 9.1.3
"{AC76BA86-7AD7-1033-7B44-A93000000001}" = Adobe Reader 9.3.2
"{ACCA20B0-C4D1-4BF5-BF21-0A0EB5EF9730}" = REALTEK GbE & FE Ethernet PCI NIC Driver
"{ADFB9653-F44C-460C-BF58-189CC552DFFE}" = hpphotosmartdisclabelplugin
"{AF7FC1CA-79DF-43c3-90A3-33EFEB9294CE}" = AIO_Scan
"{B041ABD7-4A10-482a-A525-577A7AAD8EC7}" = C6200_Help
"{B29AD377-CC12-490A-A480-1452337C618D}" = Connect
"{B440D659-FECA-4BDD-A12B-5C9F05790FF3}" = Snagit 9.1.2
"{B4E91E95-A5BA-4E50-A465-DB7EFEB176E8}" = HPPhotoSmartDiscLabel_PrintOnDisc
"{B5C3B892-0849-476C-9F46-B12F84819D57}" = Apple Mobile Device Support
"{B65BA85C-0A27-4BC0-A22D-A66F0E5B9494}" = Adobe Photoshop CS4
"{B8DBED1E-8BC3-4d08-B94A-F9D7D88E9BBF}" = HPSSupply
"{b9be267c-e096-4cce-a4fd-f24eec004938}" = PS_AIO_02_ProductContext
"{BAD0FA60-09CF-4411-AE6A-C2844C8812FA}" = HP Photosmart Essential 2.5
"{BB4E33EC-8181-4685-96F7-8554293DEC6A}" = Adobe Output Module
"{BD64AF4A-8C80-4152-AD77-FCDDF05208AB}" = Microsoft Sync Framework Services Native v1.0 (x86)
"{BDD8B3C0-0877-418D-ACC9-2AB0064B901A}" = Presto! Mr. Photo 3
"{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}" = Microsoft .NET Framework 2.0 Service Pack 2
"{C43326F5-F135-4551-8270-7F7ABA0462E1}" = HPProductAssistant
"{c4549405-195f-4450-8865-6be9dc5ad136}" = PS_AIO_02_Software_Min
"{C52E3EC1-048C-45E1-8D53-10B0C6509683}" = Adobe Default Language CS4
"{C89B5E3A-690F-4CEE-909A-BF869E198B0A}" = Scan
"{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}" = Microsoft .NET Framework 1.1
"{CC75AB5C-2110-4A7F-AF52-708680D22FE8}" = Photoshop Camera Raw
"{CCB9B81A-167F-4832-B305-D2A0430840B3}" = WebReg
"{cd0b9359-b716-4fd0-8e0a-09b3e312e8a4}" = PS_AIO_02_Software
"{CDDCBBF1-2703-46BC-938B-BCC81A1EEAAA}" = SUPERAntiSpyware
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{D25F26E6-7F37-4580-9E83-2BDD9BE9E0CE}" = BlackBerry Desktop Software 6.0
"{D2A0F8F4-CE50-4857-A21C-3061682B2E87}" = Sansa Media Converter
"{D2E0F0CC-6BE0-490b-B08B-9267083E34C9}" = MarketResearch
"{D4C9692E-4EFA-4DA0-8B7F-9439466D9E31}" = Full Tilt Poker
"{D6C75F0B-3BC1-4FC9-B8C5-3F7E8ED059CA}" = Windows Live Photo Gallery
"{D99A8E3A-AE5A-4692-8B19-6F16D454E240}" = Destination Component
"{DC226AC9-0314-496C-BE6A-B6A132628466}" = SiSAGP driver
"{DD3C88A0-C53C-41D0-A21B-6D021981D23E}" = HPPhotoSmartDiscLabelContent1
"{E08DC77E-D09A-4e36-8067-D6DBBCC5F8DC}" = VideoToolkit01
"{E2DFE069-083E-4631-9B6C-43C48E991DE5}" = Junk Mail filter update
"{E2E7A0E8-77C4-495F-8FA3-63DAEDAA2DB3}" = F-Secure PSC Prerequisites
"{E4848436-0345-47E2-B648-8B522FCDA623}" = Adobe Photoshop CS4
"{E96B0085-6659-486b-A221-5042A042728D}" = Toolbox
"{EB900AF8-CC61-4E15-871B-98D1EA3E8025}" = QuickTime
"{ED00D08A-3C5F-488D-93A0-A04F21F23956}" = Windows Live Communications Platform
"{EEEB604C-C1A7-4f8c-B03F-56F9C1C9C45F}" = Fax
"{EF0D2E55-6FE2-4e35-BE22-A742E85D84E3}" = PS_AIO_02_Software_min
"{EF1ADA5A-0B1A-4662-8C55-7475A61D8B65}" = DeviceDiscovery
"{EFC1B35C-FFF2-41D8-A70A-CE6037F8040B}" = AGEIA PhysX v7.07.24
"{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]
"{F0E12BBA-AD66-4022-A453-A1C8A0C4D570}" = Microsoft Choice Guard
"{F0E64E2E-3A60-40D8-A55D-92F6831875DA}" = Adobe Search for Help
"{F29B21BD-CAA6-445F-8EF7-A7E2B9D8B14E}" = Logitech SetPoint
"{F333A33D-125C-32A2-8DCE-5C5D14231E27}" = Visual C++ 2008 x86 Runtime - (v9.0.30729)
"{F333A33D-125C-32A2-8DCE-5C5D14231E27}.vc_x86runtime_30729_01" = Visual C++ 2008 x86 Runtime - v9.0.30729.01
"{F42CD69D-E393-47c8-B2CD-B139C4ADA9A8}" = Copy
"{F69FD33C-8815-46BF-9134-A643DE68F3C0}" = WinFast(R) Display Driver
"{F6BD194C-4190-4D73-B1B1-C48C99921BFE}" = Windows Live Call
"{F7B0939E-58DF-11DF-B3A6-005056806466}" = Google Earth
"{F8EF2B3F-C345-4F20-8FE4-791A20333CD5}" = Adobe ExtendScript Toolkit CS4
"{F93C84A6-0DC6-42AF-89FA-776F7C377353}" = Adobe PDF Library Files CS4
"{FB08F381-6533-4108-B7DD-039E11FBC27E}" = Realtek AC'97 Audio
"{FCDD51BB-CAD0-4BB1-B7DF-CE86D1032794}" = Adobe Fonts All
"{FE54D686-ACC0-42db-A46B-987A5B6D8325}" = C6200
"{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022
"Adobe AIR" = Adobe AIR
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"Adobe Illustrator 9.0" = Adobe Illustrator 9.0
"Adobe Photoshop 6.0" = Adobe Photoshop 6.0
"Adobe Shockwave Player" = Adobe Shockwave Player 11.5
"Adobe_faf656ef605427ee2f42989c3ad31b8" = Adobe Photoshop CS4
"Akamai" = Akamai NetSession Interface
"BitLord" = BitLord 1.1
"BlackBerry_Desktop" = BlackBerry Desktop Software 6.0
"CAL" = Canon Camera Access Library
"CameraWindowDC" = Canon Utilities CameraWindow DC
"CameraWindowDVC5" = Canon Utilities CameraWindow DC_DV 5 for ZoomBrowser EX
"CameraWindowDVC6" = Canon Utilities CameraWindow DC_DV 6 for ZoomBrowser EX
"CameraWindowLauncher" = Canon Utilities CameraWindow
"Canon G.726 WMP-Decoder" = Canon G.726 WMP-Decoder
"C-Media Audio" = C-Media Audio
"C-Media Audio Driver" = C-Media WDM Audio Driver
"com.adobe.amp.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1" = Adobe Media Player
"CSCLIB" = Canon Camera Support Core Library
"DivX Setup.divx.com" = DivX Setup
"EOS Utility" = Canon Utilities EOS Utility
"FL Studio_is1" = FL Studio v7.0
"F-Secure Product 444" = Shaw Secure
"Google Updater" = Google Updater
"GoToAssist" = GoToAssist Corporate
"HitmanPro35" = Hitman Pro 3.5
"HP Imaging Device Functions" = HP Imaging Device Functions 10.0
"HP Photosmart Essential" = HP Photosmart Essential 2.5
"HP Smart Web Printing" = HP Smart Web Printing 4.60
"HP Solution Center & Imaging Support Tools" = HP Solution Center 13.0
"HPExtendedCapabilities" = HP Customer Participation Program 10.0
"HPOCR" = OCR Software by I.R.I.S. 10.0
"IDNMitigationAPIs" = Microsoft Internationalized Domain Names Mitigation APIs
"ie7" = Windows Internet Explorer 7
"ie8" = Windows Internet Explorer 8
"ieSpell" = ieSpell
"LimeWire" = LimeWire PRO 4.8.0
"Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware
"Microsoft .NET Framework 1.1 (1033)" = Microsoft .NET Framework 1.1
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"MovieEditTask" = Canon MovieEdit Task for ZoomBrowser EX
"MSCompPackV1" = Microsoft Compression Client Pack 1.0 for Windows XP
"MSNINST" = MSN
"MyCamera" = Canon Utilities MyCamera
"MyCameraDC" = Canon Utilities MyCamera DC
"NLSDownlevelMapping" = Microsoft National Language Support Downlevel APIs
"Pen Tablet Driver" = Pen Tablet
"PhotoStitch" = Canon Utilities PhotoStitch
"RAW Image Task" = Canon RAW Image Task for ZoomBrowser EX
"RemoteCaptureTask" = Canon Utilities RemoteCapture Task for ZoomBrowser EX
"Shaw Internet Update_is1" = Shaw Internet Update 3.2.2
"Shop for HP Supplies" = Shop for HP Supplies
"ST6UNST #1" = Hero Editor V0.96
"ST6UNST #2" = Hero Editor V0.96 (C:\Program Files\Hero Editor\)
"SystemRequirementsLab" = System Requirements Lab
"V4000 Digital Camera Driver" = V4000 Digital Camera Driver
"VLC media player" = VLC media player 1.0.5
"Wacom Tablet Driver" = Wacom Tablet
"Wdf01005" = Microsoft Kernel-Mode Driver Framework Feature Pack 1.5
"Windows Media Format Runtime" = Windows Media Format 11 runtime
"Windows Media Player" = Windows Media Player 11
"Windows XP Service Pack" = Windows XP Service Pack 3
"WinLiveSuite_Wave3" = Windows Live Essentials
"WinRAR archiver" = WinRAR archiver
"WMFDist11" = Windows Media Format 11 runtime
"wmp11" = Windows Media Player 11
"Wudf01000" = Microsoft User-Mode Driver Framework Feature Pack 1.0
"XpsEPSC" = XML Paper Specification Shared Components Pack 1.0
"ZoomBrowser EX" = Canon Utilities ZoomBrowser EX
"ZoomBrowser EX Memory Card Utility" = Canon ZoomBrowser EX Memory Card Utility

========== HKEY_CURRENT_USER Uninstall List ==========

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"QUICKMEDIACONVERTER" = QMC

========== Last 10 Event Log Errors ==========

[ Application Events ]
Error - 8/28/2010 12:49:11 PM | Computer Name = BARRY-ADADBF10A | Source = F-Secure Anti-Virus | ID = 103
Description = 2 2010-08-28 09:49:11-07:00 BARRY-ADADBF10A\Barry F-Secure Anti-Virus

E-Mail scanning initialization failed, reason: MirrorMain::Initialize(): InitMessageLoop()
failed..

Error - 8/28/2010 12:49:12 PM | Computer Name = BARRY-ADADBF10A | Source = F-Secure Anti-Virus | ID = 103
Description = 3 2010-08-28 09:49:11-07:00 BARRY-ADADBF10A\Barry F-Secure Anti-Virus

E-Mail scanning is not functioning due to a severe error. If the problem persists,
please contact the system administrator.

Error - 8/28/2010 4:24:42 PM | Computer Name = BARRY-ADADBF10A | Source = Application Hang | ID = 1002
Description = Hanging application notepad.exe, version 5.1.2600.5512, hang module
hungapp, version 0.0.0.0, hang address 0x00000000.

Error - 8/28/2010 9:13:03 PM | Computer Name = BARRY-ADADBF10A | Source = Application Error | ID = 1000
Description = Faulting application iexplore.exe, version 8.0.6001.18702, faulting
module unknown, version 0.0.0.0, fault address 0x7ffa0000.

Error - 8/28/2010 9:15:15 PM | Computer Name = BARRY-ADADBF10A | Source = Application Error | ID = 1000
Description = Faulting application iexplore.exe, version 8.0.6001.18702, faulting
module unknown, version 0.0.0.0, fault address 0x7ffa0000.

Error - 8/28/2010 9:15:30 PM | Computer Name = BARRY-ADADBF10A | Source = Application Error | ID = 1000
Description = Faulting application iexplore.exe, version 8.0.6001.18702, faulting
module unknown, version 0.0.0.0, fault address 0x7ffa0000.

Error - 8/28/2010 9:17:24 PM | Computer Name = BARRY-ADADBF10A | Source = Application Error | ID = 1000
Description = Faulting application iexplore.exe, version 8.0.6001.18702, faulting
module unknown, version 0.0.0.0, fault address 0x7ffa0000.

Error - 8/28/2010 9:18:20 PM | Computer Name = BARRY-ADADBF10A | Source = Application Error | ID = 1000
Description = Faulting application iexplore.exe, version 8.0.6001.18702, faulting
module unknown, version 0.0.0.0, fault address 0x7ffa0000.

Error - 8/28/2010 9:19:25 PM | Computer Name = BARRY-ADADBF10A | Source = Application Error | ID = 1000
Description = Faulting application iexplore.exe, version 8.0.6001.18702, faulting
module unknown, version 0.0.0.0, fault address 0x7ffa0000.

Error - 8/28/2010 9:19:55 PM | Computer Name = BARRY-ADADBF10A | Source = Application Error | ID = 1000
Description = Faulting application iexplore.exe, version 8.0.6001.18702, faulting
module unknown, version 0.0.0.0, fault address 0x7ffa0000.

[ OSession Events ]
Error - 1/28/2009 9:23:46 PM | Computer Name = BARRY-ADADBF10A | Source = Microsoft Office 12 Sessions | ID = 7001
Description =

Error - 2/9/2009 3:47:17 AM | Computer Name = BARRY-ADADBF10A | Source = Microsoft Office 12 Sessions | ID = 7001
Description =

Error - 2/18/2009 3:50:08 PM | Computer Name = BARRY-ADADBF10A | Source = Microsoft Office 12 Sessions | ID = 7001
Description =

Error - 3/7/2009 12:20:25 AM | Computer Name = BARRY-ADADBF10A | Source = Microsoft Office 12 Sessions | ID = 7001
Description =

[ System Events ]
Error - 8/29/2010 12:53:58 AM | Computer Name = BARRY-ADADBF10A | Source = Service Control Manager | ID = 7000
Description = The Hotspot Shield Service service failed to start due to the following
error: %%2

Error - 8/29/2010 12:53:58 AM | Computer Name = BARRY-ADADBF10A | Source = Service Control Manager | ID = 7023
Description = The HID Input Service service terminated with the following error:
%%126

Error - 8/29/2010 12:53:58 AM | Computer Name = BARRY-ADADBF10A | Source = Service Control Manager | ID = 7000
Description = The Hotspot Shield Helper Service service failed to start due to the
following error: %%2

Error - 8/29/2010 12:53:58 AM | Computer Name = BARRY-ADADBF10A | Source = Service Control Manager | ID = 7000
Description = The PnkBstrA service failed to start due to the following error: %%2

Error - 8/29/2010 12:53:58 AM | Computer Name = BARRY-ADADBF10A | Source = Service Control Manager | ID = 7000
Description = The PnkBstrB service failed to start due to the following error: %%2

Error - 8/29/2010 12:53:58 AM | Computer Name = BARRY-ADADBF10A | Source = Service Control Manager | ID = 7000
Description = The eAcceleration Notification Service service failed to start due
to the following error: %%3

Error - 8/29/2010 12:54:33 AM | Computer Name = BARRY-ADADBF10A | Source = WMPNetworkSvc | ID = 866312
Description = A new media server was not initialized because WMCreateDeviceRegistration()
encountered error '0xc00d2781'. The Windows Media DRM components on your computer
might be corrupted. Verify that protected files play correctly in Windows Media
Player, and then restart the WMPNetworkSvc service.

Error - 8/29/2010 12:54:33 AM | Computer Name = BARRY-ADADBF10A | Source = WMPNetworkSvc | ID = 866312
Description = A new media server was not initialized because WMCreateDeviceRegistration()
encountered error '0xc00d2781'. The Windows Media DRM components on your computer
might be corrupted. Verify that protected files play correctly in Windows Media
Player, and then restart the WMPNetworkSvc service.

Error - 8/29/2010 12:55:41 AM | Computer Name = BARRY-ADADBF10A | Source = Service Control Manager | ID = 7022
Description = The HP CUE DeviceDiscovery Service service hung on starting.

Error - 8/29/2010 1:01:09 AM | Computer Name = BARRY-ADADBF10A | Source = DCOM | ID = 10005
Description = DCOM got error "%1058" attempting to start the service SeaPort with
arguments "-Service" in order to run the server: {D6381B4A-D254-46EB-9018-A62E0F4BA6BA}

< End of report >

Ok Broni...... next?

broni · 2010/08/29

We need to remove old Java version and its remnants...

Download JavaRa to your desktop and unzip it to its own folder

Run JavaRa.exe (Vista users! Right click on JavaRa.exe, click Run As Administrator), pick the language of your choice and click Select. Then click Remove Older Versions.
Accept any prompts.

===============================================================

I suggest, you uninstall HitmanPro, as it's nothing, but as a bunch of a free tools and on atop of it, it has a copyright issues.

=================================================================

Run OTL

Under the [color= "#0000FF"]Custom Scans/Fixes[/color] box at the bottom, paste in the following

Code:

:OTL
O2 - BHO: (no name) - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - No CLSID value found.
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - No CLSID value found.\
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O16 - DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} http://fpdownload.macromedia.com/get.../ultrashim.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0015-0000-0001-ABCDEFFEDCBA} http://java.sun.com/update/1.5.0/jin...ndows-i586.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0015-0000-0017-ABCDEFFEDCBA} http://java.sun.com/update/1.5.0/jin...ndows-i586.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jin...ndows-i586.cab (Reg Error: Key error.)
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab (Reg Error: Key error.)
O18 - Protocol\Handler\linkscanner {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - Reg Error: Key error. File not found
[1 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
@Alternate Data Stream - 88 bytes -> C:\WINDOWS\System\SOUND.DRV:SummaryInformation
@Alternate Data Stream - 128 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:5B132D3E
@Alternate Data Stream - 103 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:9B285B76
[C:\WINDOWS\$hf_mig$\KB873339\KB873339] -> \Device\__max++>\^ -> Mount Point
[C:\WINDOWS\$hf_mig$\KB885835\KB885835] -> \Device\__max++>\^ -> Mount Point
[C:\WINDOWS\$hf_mig$\KB885836\KB885836] -> \Device\__max++>\^ -> Mount Point
[C:\WINDOWS\$hf_mig$\KB887472\KB887472] -> \Device\__max++>\^ -> Mount Point
[C:\WINDOWS\$hf_mig$\KB888302\KB888302] -> \Device\__max++>\^ -> Mount Point
[C:\WINDOWS\$hf_mig$\KB890046\KB890046] -> \Device\__max++>\^ -> Mount Point
[C:\WINDOWS\$hf_mig$\KB890859\KB890859] -> \Device\__max++>\^ -> Mount Point
[C:\WINDOWS\$hf_mig$\KB891781\KB891781] -> \Device\__max++>\^ -> Mount Point
[C:\WINDOWS\$hf_mig$\KB893756\KB893756] -> \Device\__max++>\^ -> Mount Point
[C:\WINDOWS\$hf_mig$\KB894391\KB894391] -> \Device\__max++>\^ -> Mount Point
[C:\WINDOWS\$hf_mig$\KB896358\KB896358] -> \Device\__max++>\^ -> Mount Point
[C:\WINDOWS\$hf_mig$\KB896423\KB896423] -> \Device\__max++>\^ -> Mount Point
[C:\WINDOWS\$hf_mig$\KB896428\KB896428] -> \Device\__max++>\^ -> Mount Point
[C:\WINDOWS\$hf_mig$\KB899587\KB899587] -> \Device\__max++>\^ -> Mount Point
[C:\WINDOWS\$hf_mig$\KB899591\KB899591] -> \Device\__max++>\^ -> Mount Point
[C:\WINDOWS\$hf_mig$\KB900485\KB900485] -> \Device\__max++>\^ -> Mount Point
[C:\WINDOWS\$hf_mig$\KB900725\KB900725] -> \Device\__max++>\^ -> Mount Point
[C:\WINDOWS\$hf_mig$\KB901017\KB901017] -> \Device\__max++>\^ -> Mount Point
[C:\WINDOWS\$hf_mig$\KB901214\KB901214] -> \Device\__max++>\^ -> Mount Point
[C:\WINDOWS\$hf_mig$\KB902400\KB902400] -> \Device\__max++>\^ -> Mount Point
[C:\WINDOWS\$hf_mig$\KB905414\KB905414] -> \Device\__max++>\^ -> Mount Point
[C:\WINDOWS\$hf_mig$\KB905749\KB905749] -> \Device\__max++>\^ -> Mount Point
[C:\WINDOWS\$hf_mig$\KB908519\KB908519] -> \Device\__max++>\^ -> Mount Point
[C:\WINDOWS\$hf_mig$\KB908531\KB908531] -> \Device\__max++>\^ -> Mount Point
[C:\WINDOWS\$hf_mig$\KB911280\KB911280] -> \Device\__max++>\^ -> Mount Point
[C:\WINDOWS\$hf_mig$\KB911562\KB911562] -> \Device\__max++>\^ -> Mount Point
[C:\WINDOWS\$hf_mig$\KB911927\KB911927] -> \Device\__max++>\^ -> Mount Point
[C:\WINDOWS\$hf_mig$\KB913580\KB913580] -> \Device\__max++>\^ -> Mount Point
[C:\WINDOWS\$hf_mig$\KB914388\KB914388] -> \Device\__max++>\^ -> Mount Point
[C:\WINDOWS\$hf_mig$\KB914389\KB914389] -> \Device\__max++>\^ -> Mount Point
[C:\WINDOWS\$hf_mig$\KB915865\KB915865] -> \Device\__max++>\^ -> Mount Point
[C:\WINDOWS\$hf_mig$\KB916595\KB916595] -> \Device\__max++>\^ -> Mount Point
[C:\WINDOWS\$hf_mig$\KB918118\KB918118] -> \Device\__max++>\^ -> Mount Point
[C:\WINDOWS\$hf_mig$\KB918439\KB918439] -> \Device\__max++>\^ -> Mount Point
[C:\WINDOWS\$hf_mig$\KB920213\KB920213] -> \Device\__max++>\^ -> Mount Point
[C:\WINDOWS\$hf_mig$\KB920670\KB920670] -> \Device\__max++>\^ -> Mount Point
[C:\WINDOWS\$hf_mig$\KB920683\KB920683] -> \Device\__max++>\^ -> Mount Point
[C:\WINDOWS\$hf_mig$\KB920685\KB920685] -> \Device\__max++>\^ -> Mount Point
[C:\WINDOWS\$hf_mig$\KB920872\KB920872] -> \Device\__max++>\^ -> Mount Point
[C:\WINDOWS\$hf_mig$\KB923414\KB923414] -> \Device\__max++>\^ -> Mount Point
[C:\WINDOWS\$hf_mig$\KB923980\KB923980] -> \Device\__max++>\^ -> Mount Point
[C:\WINDOWS\$hf_mig$\KB924270\KB924270] -> \Device\__max++>\^ -> Mount Point
[C:\WINDOWS\$hf_mig$\KB924496\KB924496] -> \Device\__max++>\^ -> Mount Point
[C:\WINDOWS\$hf_mig$\KB925902\KB925902] -> \Device\__max++>\^ -> Mount Point
[C:\WINDOWS\$hf_mig$\KB926255\KB926255] -> \Device\__max++>\^ -> Mount Point
[C:\WINDOWS\$hf_mig$\KB926436\KB926436] -> \Device\__max++>\^ -> Mount Point
[C:\WINDOWS\$hf_mig$\KB927779\KB927779] -> \Device\__max++>\^ -> Mount Point
[C:\WINDOWS\$hf_mig$\KB927802\KB927802] -> \Device\__max++>\^ -> Mount Point
[C:\WINDOWS\$hf_mig$\KB928255\KB928255] -> \Device\__max++>\^ -> Mount Point
[C:\WINDOWS\$hf_mig$\KB928843\KB928843] -> \Device\__max++>\^ -> Mount Point
[C:\WINDOWS\$hf_mig$\KB929123\KB929123] -> \Device\__max++>\^ -> Mount Point
[C:\WINDOWS\$hf_mig$\KB930178\KB930178] -> \Device\__max++>\^ -> Mount Point
[C:\WINDOWS\$hf_mig$\KB930916\KB930916] -> \Device\__max++>\^ -> Mount Point
[C:\WINDOWS\$hf_mig$\KB931261\KB931261] -> \Device\__max++>\^ -> Mount Point
[C:\WINDOWS\$hf_mig$\KB931784\KB931784] -> \Device\__max++>\^ -> Mount Point
[C:\WINDOWS\$hf_mig$\KB932168\KB932168] -> \Device\__max++>\^ -> Mount Point
[C:\WINDOWS\$hf_mig$\KB935839\KB935839] -> \Device\__max++>\^ -> Mount Point
[C:\WINDOWS\$hf_mig$\KB935840\KB935840] -> \Device\__max++>\^ -> Mount Point
[C:\WINDOWS\$hf_mig$\KB936021\KB936021] -> \Device\__max++>\^ -> Mount Point
[C:\WINDOWS\$hf_mig$\KB936357\KB936357] -> \Device\__max++>\^ -> Mount Point
[C:\WINDOWS\$hf_mig$\KB937894\KB937894] -> \Device\__max++>\^ -> Mount Point
[C:\WINDOWS\$hf_mig$\KB938127\KB938127] -> \Device\__max++>\^ -> Mount Point
[C:\WINDOWS\$hf_mig$\KB938828\KB938828] -> \Device\__max++>\^ -> Mount Point
[C:\WINDOWS\$hf_mig$\KB941693\KB941693] -> \Device\__max++>\^ -> Mount Point
[C:\WINDOWS\$hf_mig$\KB943055\KB943055] -> \Device\__max++>\^ -> Mount Point
[C:\WINDOWS\$hf_mig$\KB943485\KB943485] -> \Device\__max++>\^ -> Mount Point
[C:\WINDOWS\$hf_mig$\KB944653\KB944653] -> \Device\__max++>\^ -> Mount Point
[C:\WINDOWS\$hf_mig$\KB945553\KB945553] -> \Device\__max++>\^ -> Mount Point
[C:\WINDOWS\$hf_mig$\KB946026\KB946026] -> \Device\__max++>\^ -> Mount Point
[C:\WINDOWS\$hf_mig$\KB948590\KB948590] -> \Device\__max++>\^ -> Mount Point
[C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP876.tmp\ZAP876.tmp] -> \Device\__max++>\^ -> Mount Point
[C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP963.tmp\ZAP963.tmp] -> \Device\__max++>\^ -> Mount Point
[C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP995.tmp\ZAP995.tmp] -> \Device\__max++>\^ -> Mount Point
[C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAPA4.tmp\ZAPA4.tmp] -> \Device\__max++>\^ -> Mount Point
[C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAPA4F.tmp\ZAPA4F.tmp] -> \Device\__max++>\^ -> Mount Point
[C:\WINDOWS\assembly\tmp\tmp] -> \Device\__max++>\^ -> Mount Point
[C:\WINDOWS\Config\Config] -> \Device\__max++>\^ -> Mount Point
[C:\WINDOWS\Connection Wizard\Connection Wizard] -> \Device\__max++>\^ -> Mount Point
[C:\WINDOWS\CSC\d1\d1] -> \Device\__max++>\^ -> Mount Point
[C:\WINDOWS\CSC\d2\d2] -> \Device\__max++>\^ -> Mount Point
[C:\WINDOWS\CSC\d3\d3] -> \Device\__max++>\^ -> Mount Point
[C:\WINDOWS\CSC\d4\d4] -> \Device\__max++>\^ -> Mount Point
[C:\WINDOWS\CSC\d5\d5] -> \Device\__max++>\^ -> Mount Point
[C:\WINDOWS\CSC\d6\d6] -> \Device\__max++>\^ -> Mount Point
[C:\WINDOWS\CSC\d7\d7] -> \Device\__max++>\^ -> Mount Point
[C:\WINDOWS\CSC\d8\d8] -> \Device\__max++>\^ -> Mount Point
[C:\WINDOWS\ftpcache\ftpcache] -> \Device\__max++>\^ -> Mount Point
[C:\WINDOWS\ime\imejp\applets\applets] -> \Device\__max++>\^ -> Mount Point
[C:\WINDOWS\ime\imejp98\imejp98] -> \Device\__max++>\^ -> Mount Point
[C:\WINDOWS\ime\imkr6_1\dicts\dicts] -> \Device\__max++>\^ -> Mount Point
[C:\WINDOWS\Installer\$PatchCache$\Managed\0DC1503A46F231838AD88BCDDC8E8F7C\ 3.2.30729\3.2.30729] -> \Device\__max++>\^ -> Mount Point
[C:\WINDOWS\Installer\$PatchCache$\Managed\D7314F9862C648A4DB8BE2A5B47BE100\ 1.0.0\1.0.0] -> \Device\__max++>\^ -> Mount Point
[C:\WINDOWS\Installer\$PatchCache$\Managed\DC3BF90CC0D3D2F398A9A6D1762F70F3\ 2.2.30729\2.2.30729] -> \Device\__max++>\^ -> Mount Point
[C:\WINDOWS\java\classes\classes] -> \Device\__max++>\^ -> Mount Point
[C:\WINDOWS\java\trustlib\trustlib] -> \Device\__max++>\^ -> Mount Point
[C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\Temporary ASP.NET Files\Bind Logs\Bind Logs] -> \Device\__max++>\^ -> Mount Point
[C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\Temporary ASP.NET Files\Temporary ASP.NET Files] -> \Device\__max++>\^ -> Mount Point
[C:\WINDOWS\msapps\msinfo\msinfo] -> \Device\__max++>\^ -> Mount Point
[C:\WINDOWS\pchealth\ERRORREP\ERRORREP] -> \Device\__max++>\^ -> Mount Point
[C:\WINDOWS\pchealth\helpctr\BATCH\BATCH] -> \Device\__max++>\^ -> Mount Point
[C:\WINDOWS\pchealth\helpctr\Config\CheckPoint\CheckPoint] -> \Device\__max++>\^ -> Mount Point
[C:\WINDOWS\pchealth\helpctr\HelpFiles\HelpFiles] -> \Device\__max++>\^ -> Mount Point
[C:\WINDOWS\pchealth\helpctr\InstalledSKUs\InstalledSKUs] -> \Device\__max++>\^ -> Mount Point
[C:\WINDOWS\pchealth\helpctr\System\DFS\DFS] -> \Device\__max++>\^ -> Mount Point
[C:\WINDOWS\pchealth\helpctr\System\News\News] -> \Device\__max++>\^ -> Mount Point
[C:\WINDOWS\pchealth\helpctr\System_OEM\System_OEM] -> \Device\__max++>\^ -> Mount Point
[C:\WINDOWS\pchealth\helpctr\Temp\Temp] -> \Device\__max++>\^ -> Mount Point
[C:\WINDOWS\Prefetch\Prefetch] -> \Device\__max++>\^ -> Mount Point
[C:\WINDOWS\Registration\CRMLog\CRMLog] -> \Device\__max++>\^ -> Mount Point
[C:\WINDOWS\SoftwareDistribution\AuthCabs\Downloaded\Downloaded] -> \Device\__max++>\^ -> Mount Point
[C:\WINDOWS\Sun\Java\Deployment\Deployment] -> \Device\__max++>\^ -> Mount Point
[C:\WINDOWS\SxsCaPendDel\SxsCaPendDel] -> \Device\__max++>\^ -> Mount Point
[C:\WINDOWS\WinSxS\InstallTemp\InstallTemp] -> \Device\__max++>\^ -> Mount Point
[C:\WINDOWS\WinSxS\x86_Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.1433_x-ww_5cf844d2\x86_Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.1433_x-ww_5cf844d2] -> \Device\__max++>\^ -> Mount Point


:Services

:Reg

:Files

:Commands
[purity]
[emptytemp]
[emptyflash]
[Reboot]

Then click the [color= "#FF0000"]Run Fix[/color] button at the top
Let the program run unhindered, reboot the PC when it is done
You will get a log that shows the results of the fix. Please post it.

==============================================================

Last scans....

1. Download Security Check from HERE, and save it to your Desktop.

Double-click SecurityCheck.exe
Follow the onscreen instructions inside of the black box.
A Notepad document should open automatically called checkup.txt; please post the contents of that document.

2. Download Temp File Cleaner (TFC)

Double click on TFC.exe to run the program.
Click on Start button to begin cleaning process.
TFC will close all running programs, and it may ask you to restart computer.

3. Go to Kaspersky website and perform an online antivirus scan.

Disable your active antivirus program.
Read through the requirements and privacy statement and click on Accept button.
It will start downloading and installing the scanner and virus definitions. You will be prompted to install an application from Kaspersky. Click Run.
When the downloads have finished, click on Settings.
Make sure these boxes are checked (ticked). If they are not, please tick them and click on the Save button:
- Spyware, Adware, Dialers, and other potentially dangerous programs
- Archives
- Mail databases
Click on My Computer under Scan.
Once the scan is complete, it will display the results. Click on View Scan Report.
You will see a list of infected items there. Click on Save Report As....
Save this report to a convenient place. Change the Files of type to Text file (.txt) before clicking on the Save button. Then post it here.

Bdog · 2010/08/29

Hi Broni,
The process of elimination continues..... thank you for your continuing help.
I am enjoying this process, in truth, as your guidance is very clear and straight forward for this noob.
Cheers, Barry.

broni · 2010/08/29

You're welcome

Bdog · 2010/08/29

All processes killed
========== OTL ==========
Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0}\ not found.
Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{5C255C8A-E604-49b4-9D64-90988571CECB}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{5C255C8A-E604-49b4-9D64-90988571CECB}\ not found.
Registry key HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Internet Explorer\Restrictions\ deleted successfully.
Registry key HKEY_CURRENT_USER\Software\Policies\Microsoft\Internet Explorer\Control Panel\ deleted successfully.
Starting removal of ActiveX control {8FFBE65D-2C9C-4669-84BD-5829DC0B603C}
C:\WINDOWS\Downloaded Program Files\erma.inf moved successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{8FFBE65D-2C9C-4669-84BD-5829DC0B603C}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{8FFBE65D-2C9C-4669-84BD-5829DC0B603C}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{8FFBE65D-2C9C-4669-84BD-5829DC0B603C}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{8FFBE65D-2C9C-4669-84BD-5829DC0B603C}\ not found.
Starting removal of ActiveX control {CAFEEFAC-0015-0000-0001-ABCDEFFEDCBA}
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{CAFEEFAC-0015-0000-0001-ABCDEFFEDCBA}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0001-ABCDEFFEDCBA}\ not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0001-ABCDEFFEDCBA}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{CAFEEFAC-0015-0000-0001-ABCDEFFEDCBA}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0001-ABCDEFFEDCBA}\ not found.
Starting removal of ActiveX control {CAFEEFAC-0015-0000-0017-ABCDEFFEDCBA}
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{CAFEEFAC-0015-0000-0017-ABCDEFFEDCBA}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0017-ABCDEFFEDCBA}\ not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0017-ABCDEFFEDCBA}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{CAFEEFAC-0015-0000-0017-ABCDEFFEDCBA}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0017-ABCDEFFEDCBA}\ not found.
Starting removal of ActiveX control {CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA}
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA}\ not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA}\ not found.
Starting removal of ActiveX control {E2883E8F-472F-4FB0-9522-AC9BF37916A7}
C:\WINDOWS\Downloaded Program Files\gp.inf not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{E2883E8F-472F-4FB0-9522-AC9BF37916A7}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{E2883E8F-472F-4FB0-9522-AC9BF37916A7}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{E2883E8F-472F-4FB0-9522-AC9BF37916A7}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{E2883E8F-472F-4FB0-9522-AC9BF37916A7}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\linkscanner\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{F274614C-63F8-47D5-A4D1-FBDDE494F8D1}\ not found.
File {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - Reg Error: Key error. File not found not found.
C:\WINDOWS\000001_.tmp deleted successfully.
ADS C:\WINDOWS\System\SOUND.DRV:SummaryInformation deleted successfully.
ADS C:\Documents and Settings\All Users\Application Data\TEMP:5B132D3E deleted successfully.
ADS C:\Documents and Settings\All Users\Application Data\TEMP:9B285B76 deleted successfully.
Mount Point C:\WINDOWS\$hf_mig$\KB873339\KB873339 removed successfully!
Mount Point C:\WINDOWS\$hf_mig$\KB885835\KB885835 removed successfully!
Mount Point C:\WINDOWS\$hf_mig$\KB885836\KB885836 removed successfully!
Mount Point C:\WINDOWS\$hf_mig$\KB887472\KB887472 removed successfully!
Mount Point C:\WINDOWS\$hf_mig$\KB888302\KB888302 removed successfully!
Mount Point C:\WINDOWS\$hf_mig$\KB890046\KB890046 removed successfully!
Mount Point C:\WINDOWS\$hf_mig$\KB890859\KB890859 removed successfully!
Mount Point C:\WINDOWS\$hf_mig$\KB891781\KB891781 removed successfully!
Mount Point C:\WINDOWS\$hf_mig$\KB893756\KB893756 removed successfully!
Mount Point C:\WINDOWS\$hf_mig$\KB894391\KB894391 removed successfully!
Mount Point C:\WINDOWS\$hf_mig$\KB896358\KB896358 removed successfully!
Mount Point C:\WINDOWS\$hf_mig$\KB896423\KB896423 removed successfully!
Mount Point C:\WINDOWS\$hf_mig$\KB896428\KB896428 removed successfully!
Mount Point C:\WINDOWS\$hf_mig$\KB899587\KB899587 removed successfully!
Mount Point C:\WINDOWS\$hf_mig$\KB899591\KB899591 removed successfully!
Mount Point C:\WINDOWS\$hf_mig$\KB900485\KB900485 removed successfully!
Mount Point C:\WINDOWS\$hf_mig$\KB900725\KB900725 removed successfully!
Mount Point C:\WINDOWS\$hf_mig$\KB901017\KB901017 removed successfully!
Mount Point C:\WINDOWS\$hf_mig$\KB901214\KB901214 removed successfully!
Mount Point C:\WINDOWS\$hf_mig$\KB902400\KB902400 removed successfully!
Mount Point C:\WINDOWS\$hf_mig$\KB905414\KB905414 removed successfully!
Mount Point C:\WINDOWS\$hf_mig$\KB905749\KB905749 removed successfully!
Mount Point C:\WINDOWS\$hf_mig$\KB908519\KB908519 removed successfully!
Mount Point C:\WINDOWS\$hf_mig$\KB908531\KB908531 removed successfully!
Mount Point C:\WINDOWS\$hf_mig$\KB911280\KB911280 removed successfully!
Mount Point C:\WINDOWS\$hf_mig$\KB911562\KB911562 removed successfully!
Mount Point C:\WINDOWS\$hf_mig$\KB911927\KB911927 removed successfully!
Mount Point C:\WINDOWS\$hf_mig$\KB913580\KB913580 removed successfully!
Mount Point C:\WINDOWS\$hf_mig$\KB914388\KB914388 removed successfully!
Mount Point C:\WINDOWS\$hf_mig$\KB914389\KB914389 removed successfully!
Mount Point C:\WINDOWS\$hf_mig$\KB915865\KB915865 removed successfully!
Mount Point C:\WINDOWS\$hf_mig$\KB916595\KB916595 removed successfully!
Mount Point C:\WINDOWS\$hf_mig$\KB918118\KB918118 removed successfully!
Mount Point C:\WINDOWS\$hf_mig$\KB918439\KB918439 removed successfully!
Mount Point C:\WINDOWS\$hf_mig$\KB920213\KB920213 removed successfully!
Mount Point C:\WINDOWS\$hf_mig$\KB920670\KB920670 removed successfully!
Mount Point C:\WINDOWS\$hf_mig$\KB920683\KB920683 removed successfully!
Mount Point C:\WINDOWS\$hf_mig$\KB920685\KB920685 removed successfully!
Mount Point C:\WINDOWS\$hf_mig$\KB920872\KB920872 removed successfully!
Mount Point C:\WINDOWS\$hf_mig$\KB923414\KB923414 removed successfully!
Mount Point C:\WINDOWS\$hf_mig$\KB923980\KB923980 removed successfully!
Mount Point C:\WINDOWS\$hf_mig$\KB924270\KB924270 removed successfully!
Mount Point C:\WINDOWS\$hf_mig$\KB924496\KB924496 removed successfully!
Mount Point C:\WINDOWS\$hf_mig$\KB925902\KB925902 removed successfully!
Mount Point C:\WINDOWS\$hf_mig$\KB926255\KB926255 removed successfully!
Mount Point C:\WINDOWS\$hf_mig$\KB926436\KB926436 removed successfully!
Mount Point C:\WINDOWS\$hf_mig$\KB927779\KB927779 removed successfully!
Mount Point C:\WINDOWS\$hf_mig$\KB927802\KB927802 removed successfully!
Mount Point C:\WINDOWS\$hf_mig$\KB928255\KB928255 removed successfully!
Mount Point C:\WINDOWS\$hf_mig$\KB928843\KB928843 removed successfully!
Mount Point C:\WINDOWS\$hf_mig$\KB929123\KB929123 removed successfully!
Mount Point C:\WINDOWS\$hf_mig$\KB930178\KB930178 removed successfully!
Mount Point C:\WINDOWS\$hf_mig$\KB930916\KB930916 removed successfully!
Mount Point C:\WINDOWS\$hf_mig$\KB931261\KB931261 removed successfully!
Mount Point C:\WINDOWS\$hf_mig$\KB931784\KB931784 removed successfully!
Mount Point C:\WINDOWS\$hf_mig$\KB932168\KB932168 removed successfully!
Mount Point C:\WINDOWS\$hf_mig$\KB935839\KB935839 removed successfully!
Mount Point C:\WINDOWS\$hf_mig$\KB935840\KB935840 removed successfully!
Mount Point C:\WINDOWS\$hf_mig$\KB936021\KB936021 removed successfully!
Mount Point C:\WINDOWS\$hf_mig$\KB936357\KB936357 removed successfully!
Mount Point C:\WINDOWS\$hf_mig$\KB937894\KB937894 removed successfully!
Mount Point C:\WINDOWS\$hf_mig$\KB938127\KB938127 removed successfully!
Mount Point C:\WINDOWS\$hf_mig$\KB938828\KB938828 removed successfully!
Mount Point C:\WINDOWS\$hf_mig$\KB941693\KB941693 removed successfully!
Mount Point C:\WINDOWS\$hf_mig$\KB943055\KB943055 removed successfully!
Mount Point C:\WINDOWS\$hf_mig$\KB943485\KB943485 removed successfully!
Mount Point C:\WINDOWS\$hf_mig$\KB944653\KB944653 removed successfully!
Mount Point C:\WINDOWS\$hf_mig$\KB945553\KB945553 removed successfully!
Mount Point C:\WINDOWS\$hf_mig$\KB946026\KB946026 removed successfully!
Mount Point C:\WINDOWS\$hf_mig$\KB948590\KB948590 removed successfully!
Mount Point C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP876.tmp\ZAP876.tmp removed successfully!
Mount Point C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP963.tmp\ZAP963.tmp removed successfully!
Mount Point C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP995.tmp\ZAP995.tmp removed successfully!
Mount Point C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAPA4.tmp\ZAPA4.tmp removed successfully!
Mount Point C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAPA4F.tmp\ZAPA4F.tmp removed successfully!
Mount Point C:\WINDOWS\assembly\tmp\tmp removed successfully!
Mount Point C:\WINDOWS\Config\Config removed successfully!
Mount Point C:\WINDOWS\Connection Wizard\Connection Wizard removed successfully!
Mount Point C:\WINDOWS\CSC\d1\d1 removed successfully!
Mount Point C:\WINDOWS\CSC\d2\d2 removed successfully!
Mount Point C:\WINDOWS\CSC\d3\d3 removed successfully!
Mount Point C:\WINDOWS\CSC\d4\d4 removed successfully!
Mount Point C:\WINDOWS\CSC\d5\d5 removed successfully!
Mount Point C:\WINDOWS\CSC\d6\d6 removed successfully!
Mount Point C:\WINDOWS\CSC\d7\d7 removed successfully!
Mount Point C:\WINDOWS\CSC\d8\d8 removed successfully!
Mount Point C:\WINDOWS\ftpcache\ftpcache removed successfully!
Mount Point C:\WINDOWS\ime\imejp\applets\applets removed successfully!
Mount Point C:\WINDOWS\ime\imejp98\imejp98 removed successfully!
Mount Point C:\WINDOWS\ime\imkr6_1\dicts\dicts removed successfully!
Mount Point C:\WINDOWS\Installer\$PatchCache$\Managed\0DC1503A46F231838AD88BCDDC8E8F7C\ 3.2.30729\3.2.3 not found!
Mount Point C:\WINDOWS\Installer\$PatchCache$\Managed\D7314F9862C648A4DB8BE2A5B47BE100\ 1.0.0\1.0.0 not found!
Mount Point C:\WINDOWS\Installer\$PatchCache$\Managed\DC3BF90CC0D3D2F398A9A6D1762F70F3\ 2.2.30729\2.2.3 not found!
Mount Point C:\WINDOWS\java\classes\classes removed successfully!
Mount Point C:\WINDOWS\java\trustlib\trustlib removed successfully!
Mount Point C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\Temporary ASP.NET Files\Bind Logs\Bind Logs removed successfully!
Mount Point C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\Temporary ASP.NET Files\Temporary ASP.NET Files removed successfully!
Mount Point C:\WINDOWS\msapps\msinfo\msinfo removed successfully!
Mount Point C:\WINDOWS\pchealth\ERRORREP\ERRORREP removed successfully!
Mount Point C:\WINDOWS\pchealth\helpctr\BATCH\BATCH removed successfully!
Mount Point C:\WINDOWS\pchealth\helpctr\Config\CheckPoint\CheckPoint removed successfully!
Mount Point C:\WINDOWS\pchealth\helpctr\HelpFiles\HelpFiles removed successfully!
Mount Point C:\WINDOWS\pchealth\helpctr\InstalledSKUs\InstalledSKUs removed successfully!
Mount Point C:\WINDOWS\pchealth\helpctr\System\DFS\DFS removed successfully!
Mount Point C:\WINDOWS\pchealth\helpctr\System\News\News removed successfully!
Mount Point C:\WINDOWS\pchealth\helpctr\System_OEM\System_OEM removed successfully!
Mount Point C:\WINDOWS\pchealth\helpctr\Temp\Temp removed successfully!
Mount Point C:\WINDOWS\Prefetch\Prefetch removed successfully!
Mount Point C:\WINDOWS\Registration\CRMLog\CRMLog removed successfully!
Mount Point C:\WINDOWS\SoftwareDistribution\AuthCabs\Downloaded\Downloaded removed successfully!
Mount Point C:\WINDOWS\Sun\Java\Deployment\Deployment removed successfully!
Mount Point C:\WINDOWS\SxsCaPendDel\SxsCaPendDel removed successfully!
Mount Point C:\WINDOWS\WinSxS\InstallTemp\InstallTemp removed successfully!
Mount Point C:\WINDOWS\WinSxS\x86_Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.1433_x-ww_5cf844d2\x86_Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.1433_x-ww_5cf844d2 removed successfully!
========== SERVICES/DRIVERS ==========
========== REGISTRY ==========
========== FILES ==========
========== COMMANDS ==========

[EMPTYTEMP]

User: Administrator
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 67 bytes
->Java cache emptied: 124845 bytes
->Flash cache emptied: 630 bytes

User: All Users

User: Barry
->Temp folder emptied: 259010 bytes
->Temporary Internet Files folder emptied: 12020904 bytes
->Java cache emptied: 7178013 bytes
->Flash cache emptied: 560607 bytes

User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33170 bytes
->Flash cache emptied: 41 bytes

User: Grady
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes

User: LocalService
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 32902 bytes

User: NetworkService
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 688262 bytes
->Flash cache emptied: 2093 bytes

User: Zune
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes

%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32\dllcache .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 21227040 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temp folder emptied: 0 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temporary Internet Files folder emptied: 34894 bytes
RecycleBin emptied: 27983 bytes

Total Files Cleaned = 40.00 mb

[EMPTYFLASH]

User: Administrator
->Flash cache emptied: 0 bytes

User: All Users

User: Barry
->Flash cache emptied: 0 bytes

User: Default User
->Flash cache emptied: 0 bytes

User: Grady

User: LocalService

User: NetworkService
->Flash cache emptied: 0 bytes

User: Zune

Total Flash Files Cleaned = 0.00 mb

OTL by OldTimer - Version 3.2.11.0 log created on 08292010_123530

Files\Folders moved on Reboot...
C:\Documents and Settings\Barry\Local Settings\Temporary Internet Files\Content.IE5\SX0GMPRI\00b42e3a-b809-49b2-b433-cc45b2bc89d33rd_party_BBS[1].htm moved successfully.
C:\Documents and Settings\Barry\Local Settings\Temporary Internet Files\Content.IE5\SX0GMPRI\ads[1].htm moved successfully.
C:\Documents and Settings\Barry\Local Settings\Temporary Internet Files\Content.IE5\RHETFMIS\p-01-0VIaSjnOLg[1].gif moved successfully.
C:\Documents and Settings\Barry\Local Settings\Temporary Internet Files\Content.IE5\HZK4PFIR\p-01-0VIaSjnOLg[1].gif moved successfully.
C:\Documents and Settings\Barry\Local Settings\Temporary Internet Files\Content.IE5\1DYOHBKO\94808-active-updates-equal-error-part-two-2[1].html moved successfully.
File\Folder C:\WINDOWS\temp\Perflib_Perfdata_254.dat not found!

Registry entries deleted on Reboot...

Ok Broni.... moving on.

Bdog · 2010/08/29

Results of screen317's Security Check version 0.99.5
Windows XP Service Pack 3
Internet Explorer 8
Error creating install.txt after 3 tries! Trying alternate method...
``````````````````````````````
Antivirus/Firewall Check:
Windows Firewall Disabled!
Antivirus up to date!
```````````````````````````````
Anti-malware/Other Utilities Check:
Malwarebytes' Anti-Malware
Java(TM) 6 Update 21
Adobe Flash Player 10.1.82.76
Adobe Reader 9.1.3
Adobe Reader 9.3.2
````````````````````````````````
Process Check:
objlist.exe by Laurent
Shaw Secure Anti-Virus fsgk32st.exe
Shaw Secure Anti-Virus fsav32.exe
Shaw Secure Anti-Virus fssm32.exe
Shaw Secure Anti-Virus FSGK32.EXE
````````````````````````````````
DNS Vulnerability Check:
GREAT! (Not vulnerable to DNS cache poisoning)

``````````End of Log````````````

....next.

broni · 2010/08/29

Ok

Bdog · 2010/08/29

Hi Broni,
A couple of questions;

1. Disable Anti-Virus using the "right click on lower right hand shield and select unload" method or do you require another means?

2. I do this before I go to the Kaspersky site and if so, am I not hanging out in the breeze... so as to speak?

broni · 2010/08/29

1. Good enough
2. Not sure, what you're saying...

Bdog · 2010/08/29

um...disabling the antivirus, in this step, will it leave my computer vulnerable?
(hahaha.. I must be gun shy now)
Cheers.

broni · 2010/08/29

As long, as your firewall is up, you're fine.
...and leave the computer alone...

Bdog · 2010/08/29

Okay.... thank you.

broni · 2010/08/29

...

Bdog · 2010/08/29

It would appear this will take some time Broni... 01:44:40 and it is at 35%.
Overall, was the computer a real mess? Some deep rooted gremlins?

broni · 2010/08/29

No problem. Take your time

Your computer wasn't that bad. Just some trojans.
I've seen worse

Log in or Sign up

Solved Updates equal error, part two.

broni Moderator Malware Analyst

Bdog Inactive Thread Starter

broni Moderator Malware Analyst

Bdog Inactive Thread Starter

Bdog Inactive Thread Starter

Bdog Inactive Thread Starter

broni Moderator Malware Analyst

Bdog Inactive Thread Starter

broni Moderator Malware Analyst

Bdog Inactive Thread Starter

Bdog Inactive Thread Starter

broni Moderator Malware Analyst

Bdog Inactive Thread Starter

broni Moderator Malware Analyst

Bdog Inactive Thread Starter

broni Moderator Malware Analyst

Bdog Inactive Thread Starter

broni Moderator Malware Analyst

Bdog Inactive Thread Starter

broni Moderator Malware Analyst

Share This Page

Log in or Sign up

Solved Updates equal error, part two.

broni Moderator Malware Analyst

Bdog Inactive Thread Starter

broni Moderator Malware Analyst

Bdog Inactive Thread Starter

Bdog Inactive Thread Starter

Bdog Inactive Thread Starter

broni Moderator Malware Analyst

Bdog Inactive Thread Starter

broni Moderator Malware Analyst

Bdog Inactive Thread Starter

Bdog Inactive Thread Starter

broni Moderator Malware Analyst

Bdog Inactive Thread Starter

broni Moderator Malware Analyst

Bdog Inactive Thread Starter

broni Moderator Malware Analyst

Bdog Inactive Thread Starter

broni Moderator Malware Analyst

Bdog Inactive Thread Starter

broni Moderator Malware Analyst

Share This Page

Useful Searches