have to run in safe mode to do anything because when i try to open something a window pops up with "this application cannot be executed wuauclt.exe is infected.
I ran OLT and ill post the logs
OTL logfile created on: 4/2/2010 8:36:03 PM - Run 1
OTL by OldTimer - Version 3.1.37.3 Folder = C:\Documents and Settings\Administrator.EINGLETT\My Documents\Downloads
Windows XP Professional Edition Service Pack 2 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 6.0.2900.2180)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy
383.00 Mb Total Physical Memory | 115.00 Mb Available Physical Memory | 30.00% Memory free
922.00 Mb Paging File | 723.00 Mb Available in Paging File | 78.00% Paging File free
Paging file location(s): C:\pagefile.sys 576 1152 [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 149.04 Gb Total Space | 130.93 Gb Free Space | 87.85% Space Free | Partition Type: NTFS
D: Drive not present or media not loaded
E: Drive not present or media not loaded
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded
Computer Name: EINGLETT
Current User Name: Administrator
Logged in as Administrator.
Current Boot Mode: SafeMode with Networking
Scan Mode: Current user
Company Name Whitelist: Off
Skip Microsoft Files: Off
File Age = 30 Days
Output = Standard
========== Processes (SafeList) ==========
PRC - [2010/04/02 20:35:14 | 000,691,712 | ---- | M] (PC Tools) -- C:\Documents and Settings\Administrator.EINGLETT\Local Settings\Temp\is-81PH6.tmp\spyware-doctor.tmp
PRC - [2010/04/02 20:35:04 | 000,555,520 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Administrator.EINGLETT\My Documents\Downloads\OTL.exe
PRC - [2010/04/02 20:32:59 | 034,595,056 | ---- | M] (PC Tools ) -- C:\Documents and Settings\Administrator.EINGLETT\My Documents\Downloads\spyware-doctor.exe
PRC - [2010/02/18 17:54:15 | 000,908,248 | ---- | M] (Mozilla Corporation) -- C:\Program Files\Mozilla Firefox\firefox.exe
PRC - [2010/02/03 10:06:10 | 000,211,272 | ---- | M] (PC Tools) -- C:\Documents and Settings\Administrator.EINGLETT\Local Settings\Temp\is-2UPNV.tmp\InnoMonitor.exe
PRC - [2004/08/03 21:07:00 | 001,032,192 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
========== Modules (SafeList) ==========
MOD - [2010/04/02 20:35:04 | 000,555,520 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Administrator.EINGLETT\My Documents\Downloads\OTL.exe
MOD - [2004/08/03 21:07:00 | 001,050,624 | R--- | M] (Microsoft Corporation) -- C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.2180_x-ww_a84f1ff9\comctl32.dll
========== Win32 Services (SafeList) ==========
SRV - [2009/11/24 19:51:35 | 000,138,680 | ---- | M] (ALWIL Software) [Auto | Stopped] -- C:\Program Files\Alwil Software\Avast4\ashServ.exe -- (avast! Antivirus)
SRV - [2009/11/24 19:51:21 | 000,254,040 | ---- | M] (ALWIL Software) [On_Demand | Stopped] -- C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe -- (avast! Mail Scanner)
SRV - [2009/11/24 19:48:48 | 000,352,920 | ---- | M] (ALWIL Software) [On_Demand | Stopped] -- C:\Program Files\Alwil Software\Avast4\ashWebSv.exe -- (avast! Web Scanner)
SRV - [2009/11/24 19:43:56 | 000,018,752 | ---- | M] (ALWIL Software) [Auto | Stopped] -- C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe -- (aswUpdSv)
SRV - [2008/11/09 16:48:14 | 000,602,392 | ---- | M] (Yahoo! Inc.) [Auto | Stopped] -- C:\Program Files\Yahoo!\SoftwareUpdate\YahooAUService.exe -- (YahooAUService)
========== Driver Services (SafeList) ==========
DRV - [2009/11/24 19:50:59 | 000,094,160 | ---- | M] (ALWIL Software) [File_System | Auto | Stopped] -- C:\WINDOWS\system32\drivers\aswmon2.sys -- (aswMon2)
DRV - [2009/11/24 19:50:12 | 000,114,768 | ---- | M] (ALWIL Software) [Kernel | System | Stopped] -- C:\WINDOWS\system32\drivers\aswSP.sys -- (aswSP)
DRV - [2009/11/24 19:50:00 | 000,020,560 | ---- | M] (ALWIL Software) [File_System | Auto | Stopped] -- C:\WINDOWS\system32\drivers\aswFsBlk.sys -- (aswFsBlk)
DRV - [2009/11/24 19:49:07 | 000,048,560 | ---- | M] (ALWIL Software) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\aswTdi.sys -- (aswTdi)
DRV - [2009/11/24 19:48:57 | 000,023,120 | ---- | M] (ALWIL Software) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\aswRdr.sys -- (aswRdr)
DRV - [2009/11/24 19:47:54 | 000,027,408 | ---- | M] (ALWIL Software) [Kernel | System | Stopped] -- C:\WINDOWS\system32\drivers\aavmker4.sys -- (Aavmker4)
DRV - [2009/09/27 19:31:25 | 000,721,904 | ---- | M] () [Kernel | Boot | Running] -- C:\WINDOWS\System32\Drivers\sptd.sys -- (sptd)
DRV - [2009/09/23 16:10:06 | 000,207,280 | ---- | M] (PC Tools) [Kernel | Boot | Stopped] -- C:\WINDOWS\system32\drivers\PCTCore.sys -- (PCTCore)
DRV - [2005/09/18 11:32:00 | 003,493,984 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\nv4_mini.sys -- (nv)
DRV - [2005/09/14 14:38:00 | 003,856,896 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\RtkHDAud.sys -- (IntcAzAudAddService) Service for Realtek HD Audio (WDM)
DRV - [2005/08/12 17:31:12 | 000,098,432 | ---- | M] (NVIDIA Corporation) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\nvata.sys -- (nvata)
DRV - [2005/07/29 20:11:04 | 000,012,928 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\nvnetbus.sys -- (nvnetbus)
DRV - [2005/07/29 20:11:02 | 000,034,048 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\NVENETFD.sys -- (NVENETFD)
DRV - [2005/01/07 20:07:18 | 000,138,752 | ---- | M] (Windows (R) Server 2003 DDK provider) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\Hdaudbus.sys -- (HDAudBus)
DRV - [2005/01/07 20:07:16 | 000,145,920 | ---- | M] (Windows (R) Server 2003 DDK provider) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\Hdaudio.sys -- (HdAudAddService)
========== Standard Registry (SafeList) ==========
========== Internet Explorer ==========
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.yahoo.com/
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://us.rd.yahoo.com/customize/ie/defaults/su/msgr9/*http://www.yahoo.com
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://us.rd.yahoo.com/customize/ie/defaults/sp/msgr9/*http://www.yahoo.com
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.yahoo.com/
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,CustomSearch = http://us.rd.yahoo.com/customize/ie/defaults/cs/msgr9/*http://www.yahoo.com/ext/search/search.html
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL = http://toolbar.ask.com/toolbarv/askRedirect?o=13116&gct=&gc=1&q=
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
========== FireFox ==========
FF - prefs.js..browser.search.defaultenginename: "Fast Browser Search"
FF - prefs.js..browser.search.defaulturl: "http://www.fastbrowsersearch.com/results/results.aspx?s=DEF&v=19&q="
FF - prefs.js..browser.search.order.1: "Fast Browser Search"
FF - prefs.js..browser.search.selectedEngine: "Fast Browser Search"
FF - prefs.js..browser.search.useDBForOrder: true
FF - prefs.js..extensions.enabledItems: {B13721C7-F507-4982-B2E5-502A71474FED}:3.3.0.3971
FF - prefs.js..extensions.enabledItems: jqs@sun.com:1.0
FF - prefs.js..keyword.URL: "http://www.fastbrowsersearch.com/results/results.aspx?s=NAUS&v=19&tid={42BEC57C-C834-2AD5-14D8-6FA346A7FEB8}&q="
FF - HKLM\software\mozilla\Firefox\extensions\\m3ffxtbr@mywebsearch.com: C:\Program Files\MyWebSearch\bar\firefox\
FF - HKLM\software\mozilla\Mozilla Firefox 3.5.8\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2010/02/18 17:56:12 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.5.8\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2010/02/18 17:54:23 | 000,000,000 | ---D | M]
[2010/04/02 19:49:42 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator.EINGLETT\Application Data\Mozilla\Extensions
[2010/04/02 20:22:03 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator.EINGLETT\Application Data\Mozilla\Firefox\Profiles\4tgu3j6j.default\extensions
[2010/04/02 20:22:03 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Documents and Settings\Administrator.EINGLETT\Application Data\Mozilla\Firefox\Profiles\4tgu3j6j.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}
[2010/04/02 20:17:58 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Administrator.EINGLETT\Application Data\Mozilla\Firefox\Profiles\4tgu3j6j.default\extensions\{C2DCA7EB-22D2-4FD2-86A9-F99FCC8122BB}
[2010/04/02 20:17:54 | 000,000,000 | ---D | M] -- C:\Program Files\Mozilla Firefox\extensions
[2009/10/04 21:06:48 | 000,003,700 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\fast.png
[2009/10/04 21:06:49 | 000,001,963 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\fast.xml
[2009/12/22 09:02:48 | 000,002,197 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\google-search.xml
O1 HOSTS File: ([2009/11/19 13:01:59 | 000,000,161 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: ::1 localhost
O1 - Hosts: 91.212.127.227 winsecurepro2009.microsoft.com
O1 - Hosts: 91.212.127.227 winsecurepro2009.com
O1 - Hosts: 91.212.127.227 www.winsecurepro2009.com
O2 - BHO: (&Yahoo! Toolbar Helper) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn1\yt.dll (Yahoo! Inc.)
O3 - HKLM\..\Toolbar: (Ask Toolbar) - {3041d03e-fd4b-44e0-b742-2d9b88305f98} - C:\Program Files\AskBarDis\bar\bin\askBar.dll File not found
O3 - HKLM\..\Toolbar: (Yahoo! Toolbar) - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn1\yt.dll (Yahoo! Inc.)
O4 - HKLM..\Run: [acivbtjp] C:\Documents and Settings\Roy\Local Settings\Application Data\tdoupmkah\fwpcrgvtssd.exe ()
O4 - HKLM..\Run: [Alcmtr] C:\WINDOWS\ALCMTR.EXE (Realtek Semiconductor Corp.)
O4 - HKLM..\Run: [avast!] C:\Program Files\Alwil Software\Avast4\ashDisp.exe (ALWIL Software)
O4 - HKLM..\Run: [High Definition Audio Property Page Shortcut] C:\WINDOWS\System32\HdAShCut.exe (Windows (R) Server 2003 DDK provider)
O4 - HKLM..\Run: [ISTray] C:\Program Files\Spyware Doctor\pctsTray.exe (PC Tools)
O4 - HKLM..\Run: [My Web Search Bar] C:\PROGRA~1\MYWEBS~1\bar\1.bin\MWSBAR.DLL File not found
O4 - HKLM..\Run: [MyWebSearch Email Plugin] C:\PROGRA~1\MYWEBS~1\bar\1.bin\mwsoemon.exe File not found
O4 - HKLM..\Run: [NvCplDaemon] C:\WINDOWS\System32\NvCpl.DLL (NVIDIA Corporation)
O4 - HKLM..\Run: [NvMediaCenter] C:\WINDOWS\System32\NvMcTray.DLL (NVIDIA Corporation)
O4 - HKLM..\Run: [nwiz] C:\WINDOWS\System32\nwiz.exe ()
O4 - HKLM..\Run: [YSearchProtection] C:\Program Files\Yahoo!\Search Protection\SearchProtection.exe (Yahoo! Inc)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableTaskMgr = 1
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O9 - Extra Button: PokerStars.net - {FA9B9510-9FCB-4ca0-818C-5D0987B47C4D} - C:\Program Files\PokerStars.NET\PokerStarsUpdate.exe (PokerStars)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_16-windows-i586.cab (Java Plug-in 1.6.0_16)
O16 - DPF: {CAFEEFAC-0016-0000-0016-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_16-windows-i586.cab (Java Plug-in 1.6.0_16)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_16-windows-i586.cab (Java Plug-in 1.6.0_16)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.254
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2009/08/07 01:32:13 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
========== Files/Folders - Created Within 30 Days ==========
[2010/04/02 20:35:48 | 000,233,136 | ---- | C] (PC Tools) -- C:\WINDOWS\System32\drivers\pctgntdi.sys
[2010/04/02 20:35:42 | 000,207,280 | ---- | C] (PC Tools) -- C:\WINDOWS\System32\drivers\PCTCore.sys
[2010/04/02 20:35:42 | 000,087,784 | ---- | C] (PC Tools) -- C:\WINDOWS\System32\drivers\PCTAppEvent.sys
[2010/04/02 20:35:35 | 000,070,408 | ---- | C] (PC Tools) -- C:\WINDOWS\System32\drivers\pctplsg.sys
[2010/04/02 20:35:28 | 000,000,000 | ---D | C] -- C:\Program Files\Spyware Doctor
[2010/04/02 20:35:28 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\PC Tools
[2010/04/02 20:35:28 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\PC Tools
[2010/04/02 20:35:28 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator.EINGLETT\Application Data\PC Tools
[2010/04/02 20:35:15 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\TEMP
[2010/04/02 20:31:28 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator.EINGLETT\My Documents\Downloads
[2010/04/02 20:17:57 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator.EINGLETT\Application Data\Macromedia
[2010/04/02 20:17:57 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator.EINGLETT\Application Data\Adobe
[2010/04/02 19:46:19 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator.EINGLETT\Local Settings\Application Data\Mozilla
[2010/04/02 19:46:18 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator.EINGLETT\Application Data\Mozilla
[2010/03/17 23:35:27 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Windows Genuine Advantage
[2010/03/16 18:30:21 | 000,000,000 | ---D | M] -- C:\Documents and Settings\LocalService\Local Settings\Application Data\Microsoft
[2010/03/16 17:52:05 | 000,016,760 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\spmsg.dll
[2010/03/16 17:51:35 | 000,000,000 | ---D | C] -- C:\Program Files\Windows Media Connect 2
[2010/03/13 00:31:02 | 000,000,000 | --SD | C] -- C:\Documents and Settings\Administrator.EINGLETT\Application Data\Microsoft
[2010/03/13 00:31:02 | 000,000,000 | --SD | C] -- C:\Documents and Settings\Administrator.EINGLETT\Cookies
[2010/03/13 00:31:02 | 000,000,000 | RH-D | C] -- C:\Documents and Settings\Administrator.EINGLETT\Application Data
[2010/03/13 00:31:02 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator.EINGLETT\Favorites
[2010/03/13 00:31:02 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator.EINGLETT\Desktop
[2010/03/13 00:31:01 | 000,000,000 | RH-D | C] -- C:\Documents and Settings\Administrator.EINGLETT\SendTo
[2010/03/13 00:31:01 | 000,000,000 | R--D | C] -- C:\Documents and Settings\Administrator.EINGLETT\Start Menu
[2010/03/13 00:31:01 | 000,000,000 | -H-D | C] -- C:\Documents and Settings\Administrator.EINGLETT\Templates
[2010/03/13 00:31:01 | 000,000,000 | -H-D | C] -- C:\Documents and Settings\Administrator.EINGLETT\Recent
[2010/03/13 00:31:01 | 000,000,000 | -H-D | C] -- C:\Documents and Settings\Administrator.EINGLETT\PrintHood
[2010/03/13 00:31:01 | 000,000,000 | -H-D | C] -- C:\Documents and Settings\Administrator.EINGLETT\NetHood
[2010/03/13 00:31:01 | 000,000,000 | -H-D | C] -- C:\Documents and Settings\Administrator.EINGLETT\Local Settings
[2010/03/13 00:31:01 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator.EINGLETT\My Documents
[2010/03/13 00:31:01 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator.EINGLETT\Local Settings\Application Data\Microsoft
[2010/03/12 23:50:09 | 000,000,000 | -HSD | C] -- C:\WINDOWS\CSC
[2010/03/10 19:13:07 | 000,000,000 | ---D | C] -- C:\WINDOWS\_VOIDjwivpecvnn
[2010/03/10 18:46:24 | 000,000,000 | ---D | C] -- C:\Program Files\Dr. Guard
[2009/08/07 01:37:51 | 000,000,000 | ---D | M] -- C:\Documents and Settings\NetworkService\Local Settings\Application Data\Microsoft
[2009/08/07 01:32:00 | 000,000,000 | --SD | M] -- C:\Documents and Settings\NetworkService\Application Data\Microsoft
[2009/08/07 01:32:00 | 000,000,000 | --SD | M] -- C:\Documents and Settings\LocalService\Application Data\Microsoft
[2004/12/07 12:13:40 | 000,479,432 | ---- | C] (Microsoft Corporation) -- C:\Program Files\dxsetup.exe
[2004/12/07 12:13:38 | 002,249,416 | ---- | C] (Microsoft Corporation) -- C:\Program Files\dsetup32.dll
[2004/12/07 12:13:38 | 000,069,832 | ---- | C] (Microsoft Corporation) -- C:\Program Files\DSETUP.dll
[2004/11/24 14:25:52 | 000,335,872 | ---- | C] ( ) -- C:\WINDOWS\System32\drvc.dll
[5 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
[3 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
========== Files - Modified Within 30 Days ==========
[2010/04/02 20:35:41 | 000,524,288 | -H-- | M] () -- C:\Documents and Settings\Administrator.EINGLETT\NTUSER.DAT
[2010/04/02 20:35:39 | 000,001,637 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Spyware Doctor.lnk
[2010/04/02 20:17:03 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2010/04/02 19:51:40 | 000,000,260 | ---- | M] () -- C:\WINDOWS\tasks\WGASetup.job
[2010/04/02 19:51:31 | 000,000,006 | ---- | M] () -- C:\WINDOWS\tasks\SA.DAT
[2010/04/02 19:51:09 | 000,030,277 | ---- | M] () -- C:\WINDOWS\System32\nvapps.xml
[2010/04/02 19:43:27 | 000,002,206 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2010/03/21 21:17:23 | 000,002,265 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Skype.lnk
[2010/03/21 03:01:10 | 000,001,374 | ---- | M] () -- C:\WINDOWS\imsins.BAK
[2010/03/16 17:51:53 | 000,023,392 | ---- | M] () -- C:\WINDOWS\System32\nscompat.tlb
[2010/03/16 17:51:53 | 000,016,832 | ---- | M] () -- C:\WINDOWS\System32\amcompat.tlb
[2010/03/16 17:51:45 | 000,000,507 | ---- | M] () -- C:\WINDOWS\win.ini
[2010/03/16 17:50:39 | 000,316,640 | ---- | M] () -- C:\WINDOWS\WMSysPr9.prx
[2010/03/14 16:56:47 | 000,432,972 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
[2010/03/14 16:56:47 | 000,067,544 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
[2010/03/14 16:56:46 | 000,509,828 | ---- | M] () -- C:\WINDOWS\System32\PerfStringBackup.INI
[2010/03/13 00:34:00 | 000,000,178 | -HS- | M] () -- C:\Documents and Settings\Administrator.EINGLETT\ntuser.ini
[2010/03/13 00:33:57 | 003,184,656 | -H-- | M] () -- C:\Documents and Settings\Administrator.EINGLETT\Local Settings\Application Data\IconCache.db
[2010/03/13 00:24:48 | 000,003,668 | ---- | M] () -- C:\Documents and Settings\All Users\Application Data\fiosejgfse.dll
[2010/03/12 23:53:06 | 000,000,664 | ---- | M] () -- C:\WINDOWS\System32\d3d9caps.dat
[2010/03/10 19:32:30 | 000,010,730 | ---- | M] () -- C:\Documents and Settings\All Users\Application Data\_VOIDmainqt.dll
[2010/03/10 19:16:05 | 000,001,586 | ---- | M] () -- C:\WINDOWS\System32\_VOIDmfeklnmal.dll
[2010/03/10 19:14:53 | 000,000,271 | ---- | M] () -- C:\WINDOWS\System32\_VOIDivtvsppowy.dat
[5 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
[3 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
========== Files Created - No Company Name ==========
[2010/04/02 20:35:48 | 000,007,387 | ---- | C] () -- C:\WINDOWS\System32\drivers\pctgntdi.cat
[2010/04/02 20:35:42 | 000,007,412 | ---- | C] () -- C:\WINDOWS\System32\drivers\PCTAppEvent.cat
[2010/04/02 20:35:42 | 000,007,383 | ---- | C] () -- C:\WINDOWS\System32\drivers\pctcore.cat
[2010/04/02 20:35:39 | 000,001,637 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Spyware Doctor.lnk
[2010/04/02 20:35:35 | 000,007,383 | ---- | C] () -- C:\WINDOWS\System32\drivers\pctplsg.cat
[2010/03/13 00:31:05 | 000,000,178 | -HS- | C] () -- C:\Documents and Settings\Administrator.EINGLETT\ntuser.ini
[2010/03/13 00:31:01 | 000,524,288 | -H-- | C] () -- C:\Documents and Settings\Administrator.EINGLETT\NTUSER.DAT
[2010/03/10 19:16:05 | 000,001,586 | ---- | C] () -- C:\WINDOWS\System32\_VOIDmfeklnmal.dll
[2010/03/10 19:15:06 | 000,010,730 | ---- | C] () -- C:\Documents and Settings\All Users\Application Data\_VOIDmainqt.dll
[2010/03/10 19:13:51 | 000,000,271 | ---- | C] () -- C:\WINDOWS\System32\_VOIDivtvsppowy.dat
[2010/03/10 19:00:28 | 000,003,668 | ---- | C] () -- C:\Documents and Settings\All Users\Application Data\fiosejgfse.dll
[2009/10/19 13:15:47 | 000,000,262 | ---- | C] () -- C:\WINDOWS\{789289CA-F73A-4A16-A331-54D498CE069F}_WiseFW.ini
[2009/09/27 20:29:42 | 000,021,840 | ---- | C] () -- C:\WINDOWS\System32\SIntfNT.dll
[2009/09/27 20:29:42 | 000,017,212 | ---- | C] () -- C:\WINDOWS\System32\SIntf32.dll
[2009/09/27 20:29:41 | 000,012,067 | ---- | C] () -- C:\WINDOWS\System32\SIntf16.dll
[2009/09/27 19:31:23 | 000,721,904 | ---- | C] () -- C:\WINDOWS\System32\drivers\sptd.sys
[2008/12/19 10:15:58 | 004,338,246 | ---- | C] () -- C:\WINDOWS\System32\libavcodec.dll
[2008/12/17 12:41:18 | 000,884,237 | ---- | C] () -- C:\WINDOWS\System32\ff_x264.dll
[2008/12/17 12:22:58 | 000,093,184 | ---- | C] () -- C:\WINDOWS\System32\ff_wmv9.dll
[2008/12/17 12:22:48 | 000,057,344 | ---- | C] () -- C:\WINDOWS\System32\ff_vfw.dll
[2008/12/17 12:17:34 | 000,239,247 | ---- | C] () -- C:\WINDOWS\System32\ff_theora.dll
[2008/12/17 11:59:54 | 000,560,802 | ---- | C] () -- C:\WINDOWS\System32\libmplayer.dll
[2008/12/11 06:27:02 | 000,000,547 | ---- | C] () -- C:\WINDOWS\System32\ff_vfw.dll.manifest
[2005/09/18 11:32:00 | 001,662,976 | ---- | C] () -- C:\WINDOWS\System32\nvwdmcpl.dll
[2005/09/18 11:32:00 | 001,466,368 | ---- | C] () -- C:\WINDOWS\System32\nview.dll
[2005/09/18 11:32:00 | 001,019,904 | ---- | C] () -- C:\WINDOWS\System32\nvwimg.dll
[2005/09/18 11:32:00 | 000,573,440 | ---- | C] () -- C:\WINDOWS\System32\nvhwvid.dll
[2005/09/18 11:32:00 | 000,466,944 | ---- | C] () -- C:\WINDOWS\System32\nvshell.dll
[2005/09/18 11:32:00 | 000,286,720 | ---- | C] () -- C:\WINDOWS\System32\nvnt4cpl.dll
[2005/09/18 11:32:00 | 000,046,080 | ---- | C] () -- C:\WINDOWS\System32\nvapi.dll
[2004/12/07 12:13:42 | 003,578,547 | ---- | C] () -- C:\Program Files\ManagedDX.CAB
[2004/12/07 12:13:42 | 001,156,363 | ---- | C] () -- C:\Program Files\BDANT.cab
[2004/12/07 12:13:42 | 000,703,080 | ---- | C] () -- C:\Program Files\BDA.cab
[2004/12/07 12:13:38 | 013,265,040 | R--- | C] () -- C:\Program Files\dxnt.cab
[2004/12/07 12:13:36 | 015,493,481 | ---- | C] () -- C:\Program Files\DirectX.cab
[2004/12/07 12:13:36 | 000,976,020 | ---- | C] () -- C:\Program Files\BDAXP.cab
[2004/12/07 11:47:32 | 000,020,717 | ---- | C] () -- C:\Program Files\DirectX SDK EULA.txt
[2004/10/03 12:50:54 | 000,129,024 | ---- | C] () -- C:\WINDOWS\System32\ff_mpeg2enc.dll
[2004/08/03 21:07:00 | 000,027,440 | ---- | C] () -- C:\WINDOWS\System32\drivers\secdrv.sys
========== Alternate Data Streams ==========
@Alternate Data Stream - 146 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:DFC5A2B2
@Alternate Data Stream - 127 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:DFC5A2B2
< End of report >
OTL Extras logfile created on: 4/2/2010 8:36:03 PM - Run 1
OTL by OldTimer - Version 3.1.37.3 Folder = C:\Documents and Settings\Administrator.EINGLETT\My Documents\Downloads
Windows XP Professional Edition Service Pack 2 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 6.0.2900.2180)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy
383.00 Mb Total Physical Memory | 115.00 Mb Available Physical Memory | 30.00% Memory free
922.00 Mb Paging File | 723.00 Mb Available in Paging File | 78.00% Paging File free
Paging file location(s): C:\pagefile.sys 576 1152 [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 149.04 Gb Total Space | 130.93 Gb Free Space | 87.85% Space Free | Partition Type: NTFS
D: Drive not present or media not loaded
E: Drive not present or media not loaded
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded
Computer Name: EINGLETT
Current User Name: Administrator
Logged in as Administrator.
Current Boot Mode: SafeMode with Networking
Scan Mode: Current user
Company Name Whitelist: Off
Skip Microsoft Files: Off
File Age = 30 Days
Output = Standard
========== Extra Registry (SafeList) ==========
========== File Associations ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\]
[HKEY_CURRENT_USER\SOFTWARE\Classes\]
.html [@ = FirefoxHTML] -- C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)
========== Shell Spawning ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
htmlfile [edit] -- Reg Error: Key error.
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l (Microsoft Corporation)
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
========== Security Center Settings ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"FirstRunDisabled" = 1
"AntiVirusDisableNotify" = 0
"FirewallDisableNotify" = 0
"UpdatesDisableNotify" = 0
"AntiVirusOverride" = 0
"FirewallOverride" = 0
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
"223:TCP" = 223:TCP:*:Enabled:WarriorEpic
"223:UDP" = 223:UDP:*:Enabled:WarriorEpic
"860:TCP" = 860:TCP:*:Enabled:WarriorEpic
"860:UDP" = 860:UDP:*:Enabled:WarriorEpic
"262:TCP" = 262:TCP:*:Enabled:WarriorEpic
"262:UDP" = 262:UDP:*:Enabled:WarriorEpic
"367:TCP" = 367:TCP:*:Enabled:WarriorEpic
"367:UDP" = 367:UDP:*:Enabled:WarriorEpic
"90:TCP" = 90:TCP:*:Enabled:WarriorEpic
"90:UDP" = 90:UDP:*:Enabled:WarriorEpic
"311:TCP" = 311:TCP:*:Enabled:WarriorEpic
"311:UDP" = 311:UDP:*:Enabled:WarriorEpic
"33:TCP" = 33:TCP:*:Enabled:WarriorEpic
"33:UDP" = 33:UDP:*:Enabled:WarriorEpic
"770:TCP" = 770:TCP:*:Enabled:WarriorEpic
"770:UDP" = 770:UDP:*:Enabled:WarriorEpic
"876:TCP" = 876:TCP:*:Enabled:WarriorEpic
"876:UDP" = 876:UDP:*:Enabled:WarriorEpic
"946:TCP" = 946:TCP:*:Enabled:WarriorEpic
"946:UDP" = 946:UDP:*:Enabled:WarriorEpic
"987:TCP" = 987:TCP:*:Enabled:WarriorEpic
"987:UDP" = 987:UDP:*:Enabled:WarriorEpic
"991:TCP" = 991:TCP:*:Enabled:WarriorEpic
"991:UDP" = 991:UDP:*:Enabled:WarriorEpic
"600:TCP" = 600:TCP:*:Enabled:WarriorEpic
"600:UDP" = 600:UDP:*:Enabled:WarriorEpic
"448:TCP" = 448:TCP:*:Enabled:WarriorEpic
"448:UDP" = 448:UDP:*:Enabled:WarriorEpic
"87:TCP" = 87:TCP:*:Enabled:WarriorEpic
"87:UDP" = 87:UDP:*:Enabled:WarriorEpic
"710:TCP" = 710:TCP:*:Enabled:WarriorEpic
"710:UDP" = 710:UDP:*:Enabled:WarriorEpic
"282:TCP" = 282:TCP:*:Enabled:WarriorEpic
"282:UDP" = 282:UDP:*:Enabled:WarriorEpic
"363:TCP" = 363:TCP:*:Enabled:WarriorEpic
"363:UDP" = 363:UDP:*:Enabled:WarriorEpic
"740:TCP" = 740:TCP:*:Enabled:WarriorEpic
"740:UDP" = 740:UDP:*:Enabled:WarriorEpic
"708:TCP" = 708:TCP:*:Enabled:WarriorEpic
"708:UDP" = 708:UDP:*:Enabled:WarriorEpic
"612:TCP" = 612:TCP:*:Enabled:WarriorEpic
"612:UDP" = 612:UDP:*:Enabled:WarriorEpic
"774:TCP" = 774:TCP:*:Enabled:WarriorEpic
"774:UDP" = 774:UDP:*:Enabled:WarriorEpic
"214:TCP" = 214:TCP:*:Enabled:WarriorEpic
"214:UDP" = 214:UDP:*:Enabled:WarriorEpic
========== Authorized Applications List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"C:\Program Files\iTunes\iTunes.exe" = C:\Program Files\iTunes\iTunes.exe:*:Enabled:iTunes -- (Apple Inc.)
"C:\Program Files\Ventrilo\Ventrilo.exe" = C:\Program Files\Ventrilo\Ventrilo.exe:*:Enabled:Ventrilo.exe -- (Flagship Industries, Inc.)
"C:\Program Files\Java\jre6\bin\javaw.exe" = C:\Program Files\Java\jre6\bin\javaw.exe:*:Enabled:Java(TM) Platform SE binary -- (Sun Microsystems, Inc.)
"C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe" = C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe:*:Enabled:Yahoo! Messenger -- (Yahoo! Inc.)
"C:\Program Files\Warrior Epic\WEShell_TGI.exe" = C:\Program Files\Warrior Epic\WEShell_TGI.exe:*:Enabled:Warrior Epic -- (True Games Interactive)
========== HKEY_LOCAL_MACHINE Uninstall List ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{07287123-B8AC-41CE-8346-3D777245C35B}" = Bonjour
"{0C34B801-6AEC-4667-B053-03A67E2D0415}" = Apple Application Support
"{15F4085A-BC98-4590-AFFD-03BBBE49524E}" = Garmin Communicator Plugin
"{26A24AE4-039D-4CA4-87B4-2F83216016FF}" = Java(TM) 6 Update 16
"{350C97B0-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP
"{541DEAC0-5F3D-45E6-B7CB-94ECF3B96748}" = Skype web features
"{65F9E1F3-A2C1-4AA9-9F33-A3AEB0255F0E}" = Garmin USB Drivers
"{6956856F-B6B3-4BE0-BA0B-8F495BE32033}" = Apple Software Update
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{789289CA-F73A-4A16-A331-54D498CE069F}" = Ventrilo Client
"{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}" = Microsoft .NET Framework 3.0 Service Pack 2
"{A429C2AE-EBF1-4F81-A221-1C115CAADDAD}" = QuickTime
"{AADEA55D-C834-4BCB-98A3-4B8D1C18F4EE}" = Apple Mobile Device Support
"{AC76BA86-7AD7-1033-7B44-A92000000001}" = Adobe Reader 9.2
"{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}" = Microsoft .NET Framework 2.0 Service Pack 2
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{D103C4BA-F905-437A-8049-DB24763BBE36}" = Skype 4.1
"{D69F6DA9-46CF-3EFD-DC4B-9E38F75F5B10}" = Super Collapse 3
"{DA34FE93-5DC5-48E0-ACC8-A5389E05BB51}" = iTunes
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"49CF605F02C7954F4E139D18828DE298CD59217C" = Windows Driver Package - Garmin (grmnusb) GARMIN Devices (06/03/2009 2.3.0.0)
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"Ask Toolbar_is1" = Ask Toolbar
"avast!" = avast! Antivirus
"Browser Defender_is1" = Browser Defender 2.0.6.11
"DAEMON Tools Toolbar" = DAEMON Tools Toolbar
"Diablo II" = Diablo II
"Dr. Guard" = Dr. Guard
"FBSearchToolbar" = Fast Browser Search for Firefox (My Web Tattoo)
"Gamevance" = Gamevance
"Guild Wars" = Guild Wars
"GW Team Builder_is1" = GW Team Builder 1.2.1
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"Mozilla Firefox (3.5.8)" = Mozilla Firefox (3.5.8)
"MP3 Rocket" = MP3 Rocket
"MSCompPackV1" = Microsoft Compression Client Pack 1.0 for Windows XP
"MyWebSearch bar Uninstall" = My Web Search (Kazulah)
"NVIDIA Drivers" = NVIDIA Drivers
"PokerStars.net" = PokerStars.net
"RatingsMigration" = Windows Media Player 9 Series Power Toy - Ratings Migration
"Spyware Doctor" = Spyware Doctor 7.0
"ST5UNST #1" = Typing Tutor
"Super Collapse 3" = Super Collapse 3 (remove only)
"The Weather Channel Desktop 6" = The Weather Channel Desktop 6
"Warrior Epic" = Warrior Epic
"WIC" = Windows Imaging Component
"Windows Media Format Runtime" = Windows Media Format 11 runtime
"Windows Media Player" = Windows Media Player 11
"WinRAR archiver" = WinRAR archiver
"WMFDist11" = Windows Media Format 11 runtime
"wmp11" = Windows Media Player 11
"Wudf01000" = Microsoft User-Mode Driver Framework Feature Pack 1.0
"XP Codec Pack" = XP Codec Pack
"Yahoo! Companion" = Yahoo! Toolbar
"Yahoo! Messenger" = Yahoo! Messenger
"Yahoo! Search Defender" = Yahoo! Search Protection
"Yahoo! Software Update" = Yahoo! Software Update
========== Last 10 Event Log Errors ==========
[ Antivirus Events ]
Error - 10/11/2009 5:57:41 PM | Computer Name = EINGLETT | Source = avast! | ID = 33554522
Description = AAVM - initialization error: Unhandled exception in AavmProviderStop
[Inner], MAIL.
Error - 11/5/2009 4:26:18 PM | Computer Name = EINGLETT | Source = avast! | ID = 33554522
Description = AAVM - scanning error: x_AavmCheckFileDirectEx: avfilesScanReal of
C:\Documents and Settings\Roy\Application Data\Mozilla\Firefox\Profiles\d0o7jw35.default\sessionstore.js
failed, 0000A413.
Error - 11/5/2009 10:04:17 PM | Computer Name = EINGLETT | Source = avast! | ID = 33554522
Description = AAVM - scanning error: x_AavmCheckFileDirectEx: avfilesScanReal of
http://244.webim0028.webim.myspace.com/api/v1/events.json failed, 0000A413.
[ Application Events ]
Error - 2/7/2010 5:36:12 PM | Computer Name = EINGLETT | Source = crypt32 | ID = 131083
Description = Failed extract of third-party root list from auto update cab at:
with error: The data is invalid.
Error - 2/13/2010 10:29:39 AM | Computer Name = EINGLETT | Source = crypt32 | ID = 131083
Description = Failed extract of third-party root list from auto update cab at:
with error: The data is invalid.
Error - 2/13/2010 10:29:41 AM | Computer Name = EINGLETT | Source = crypt32 | ID = 131083
Description = Failed extract of third-party root list from auto update cab at:
with error: The data is invalid.
Error - 2/13/2010 10:29:41 AM | Computer Name = EINGLETT | Source = crypt32 | ID = 131083
Description = Failed extract of third-party root list from auto update cab at:
with error: The data is invalid.
Error - 2/13/2010 10:29:42 AM | Computer Name = EINGLETT | Source = crypt32 | ID = 131083
Description = Failed extract of third-party root list from auto update cab at:
with error: The data is invalid.
Error - 2/13/2010 10:29:43 AM | Computer Name = EINGLETT | Source = crypt32 | ID = 131083
Description = Failed extract of third-party root list from auto update cab at:
with error: The data is invalid.
Error - 2/13/2010 10:29:44 AM | Computer Name = EINGLETT | Source = crypt32 | ID = 131083
Description = Failed extract of third-party root list from auto update cab at:
with error: The data is invalid.
Error - 2/13/2010 10:29:44 AM | Computer Name = EINGLETT | Source = crypt32 | ID = 131083
Description = Failed extract of third-party root list from auto update cab at:
with error: The data is invalid.
Error - 2/13/2010 10:29:45 AM | Computer Name = EINGLETT | Source = crypt32 | ID = 131083
Description = Failed extract of third-party root list from auto update cab at:
with error: The data is invalid.
Error - 2/22/2010 1:27:36 AM | Computer Name = EINGLETT | Source = Application Hang | ID = 1002
Description = Hanging application firefox.exe, version 1.9.1.3685, hang module hungapp,
version 0.0.0.0, hang address 0x00000000.
[ System Events ]
Error - 3/11/2010 10:53:56 PM | Computer Name = EINGLETT | Source = Service Control Manager | ID = 7023
Description = The Computer Browser service terminated with the following error:
%%1460
Error - 3/12/2010 12:00:55 AM | Computer Name = EINGLETT | Source = Service Control Manager | ID = 7009
Description = Timeout (30000 milliseconds) waiting for the avast! Web Scanner service
to connect.
Error - 3/12/2010 12:00:55 AM | Computer Name = EINGLETT | Source = Service Control Manager | ID = 7000
Description = The avast! Web Scanner service failed to start due to the following
error: %%1053
Error - 3/12/2010 12:01:28 AM | Computer Name = EINGLETT | Source = Service Control Manager | ID = 7009
Description = Timeout (30000 milliseconds) waiting for the avast! Web Scanner service
to connect.
Error - 3/12/2010 12:01:28 AM | Computer Name = EINGLETT | Source = Service Control Manager | ID = 7000
Description = The avast! Web Scanner service failed to start due to the following
error: %%1053
Error - 3/12/2010 12:01:31 AM | Computer Name = EINGLETT | Source = Service Control Manager | ID = 7023
Description = The Windows Firewall/Internet Connection Sharing (ICS) service terminated
with the following error: %%2147500053
Error - 3/12/2010 12:02:01 AM | Computer Name = EINGLETT | Source = Service Control Manager | ID = 7009
Description = Timeout (30000 milliseconds) waiting for the avast! Web Scanner service
to connect.
Error - 3/12/2010 12:02:01 AM | Computer Name = EINGLETT | Source = Service Control Manager | ID = 7000
Description = The avast! Web Scanner service failed to start due to the following
error: %%1053
Error - 3/12/2010 12:03:45 AM | Computer Name = EINGLETT | Source = Service Control Manager | ID = 7034
Description = The avast! Web Scanner service terminated unexpectedly. It has done
this 1 time(s).
Error - 3/12/2010 12:05:08 AM | Computer Name = EINGLETT | Source = Service Control Manager | ID = 7023
Description = The Computer Browser service terminated with the following error:
%%1460
< End of report >
I ran OLT and ill post the logs
OTL logfile created on: 4/2/2010 8:36:03 PM - Run 1
OTL by OldTimer - Version 3.1.37.3 Folder = C:\Documents and Settings\Administrator.EINGLETT\My Documents\Downloads
Windows XP Professional Edition Service Pack 2 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 6.0.2900.2180)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy
383.00 Mb Total Physical Memory | 115.00 Mb Available Physical Memory | 30.00% Memory free
922.00 Mb Paging File | 723.00 Mb Available in Paging File | 78.00% Paging File free
Paging file location(s): C:\pagefile.sys 576 1152 [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 149.04 Gb Total Space | 130.93 Gb Free Space | 87.85% Space Free | Partition Type: NTFS
D: Drive not present or media not loaded
E: Drive not present or media not loaded
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded
Computer Name: EINGLETT
Current User Name: Administrator
Logged in as Administrator.
Current Boot Mode: SafeMode with Networking
Scan Mode: Current user
Company Name Whitelist: Off
Skip Microsoft Files: Off
File Age = 30 Days
Output = Standard
========== Processes (SafeList) ==========
PRC - [2010/04/02 20:35:14 | 000,691,712 | ---- | M] (PC Tools) -- C:\Documents and Settings\Administrator.EINGLETT\Local Settings\Temp\is-81PH6.tmp\spyware-doctor.tmp
PRC - [2010/04/02 20:35:04 | 000,555,520 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Administrator.EINGLETT\My Documents\Downloads\OTL.exe
PRC - [2010/04/02 20:32:59 | 034,595,056 | ---- | M] (PC Tools ) -- C:\Documents and Settings\Administrator.EINGLETT\My Documents\Downloads\spyware-doctor.exe
PRC - [2010/02/18 17:54:15 | 000,908,248 | ---- | M] (Mozilla Corporation) -- C:\Program Files\Mozilla Firefox\firefox.exe
PRC - [2010/02/03 10:06:10 | 000,211,272 | ---- | M] (PC Tools) -- C:\Documents and Settings\Administrator.EINGLETT\Local Settings\Temp\is-2UPNV.tmp\InnoMonitor.exe
PRC - [2004/08/03 21:07:00 | 001,032,192 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
========== Modules (SafeList) ==========
MOD - [2010/04/02 20:35:04 | 000,555,520 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Administrator.EINGLETT\My Documents\Downloads\OTL.exe
MOD - [2004/08/03 21:07:00 | 001,050,624 | R--- | M] (Microsoft Corporation) -- C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.2180_x-ww_a84f1ff9\comctl32.dll
========== Win32 Services (SafeList) ==========
SRV - [2009/11/24 19:51:35 | 000,138,680 | ---- | M] (ALWIL Software) [Auto | Stopped] -- C:\Program Files\Alwil Software\Avast4\ashServ.exe -- (avast! Antivirus)
SRV - [2009/11/24 19:51:21 | 000,254,040 | ---- | M] (ALWIL Software) [On_Demand | Stopped] -- C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe -- (avast! Mail Scanner)
SRV - [2009/11/24 19:48:48 | 000,352,920 | ---- | M] (ALWIL Software) [On_Demand | Stopped] -- C:\Program Files\Alwil Software\Avast4\ashWebSv.exe -- (avast! Web Scanner)
SRV - [2009/11/24 19:43:56 | 000,018,752 | ---- | M] (ALWIL Software) [Auto | Stopped] -- C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe -- (aswUpdSv)
SRV - [2008/11/09 16:48:14 | 000,602,392 | ---- | M] (Yahoo! Inc.) [Auto | Stopped] -- C:\Program Files\Yahoo!\SoftwareUpdate\YahooAUService.exe -- (YahooAUService)
========== Driver Services (SafeList) ==========
DRV - [2009/11/24 19:50:59 | 000,094,160 | ---- | M] (ALWIL Software) [File_System | Auto | Stopped] -- C:\WINDOWS\system32\drivers\aswmon2.sys -- (aswMon2)
DRV - [2009/11/24 19:50:12 | 000,114,768 | ---- | M] (ALWIL Software) [Kernel | System | Stopped] -- C:\WINDOWS\system32\drivers\aswSP.sys -- (aswSP)
DRV - [2009/11/24 19:50:00 | 000,020,560 | ---- | M] (ALWIL Software) [File_System | Auto | Stopped] -- C:\WINDOWS\system32\drivers\aswFsBlk.sys -- (aswFsBlk)
DRV - [2009/11/24 19:49:07 | 000,048,560 | ---- | M] (ALWIL Software) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\aswTdi.sys -- (aswTdi)
DRV - [2009/11/24 19:48:57 | 000,023,120 | ---- | M] (ALWIL Software) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\aswRdr.sys -- (aswRdr)
DRV - [2009/11/24 19:47:54 | 000,027,408 | ---- | M] (ALWIL Software) [Kernel | System | Stopped] -- C:\WINDOWS\system32\drivers\aavmker4.sys -- (Aavmker4)
DRV - [2009/09/27 19:31:25 | 000,721,904 | ---- | M] () [Kernel | Boot | Running] -- C:\WINDOWS\System32\Drivers\sptd.sys -- (sptd)
DRV - [2009/09/23 16:10:06 | 000,207,280 | ---- | M] (PC Tools) [Kernel | Boot | Stopped] -- C:\WINDOWS\system32\drivers\PCTCore.sys -- (PCTCore)
DRV - [2005/09/18 11:32:00 | 003,493,984 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\nv4_mini.sys -- (nv)
DRV - [2005/09/14 14:38:00 | 003,856,896 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\RtkHDAud.sys -- (IntcAzAudAddService) Service for Realtek HD Audio (WDM)
DRV - [2005/08/12 17:31:12 | 000,098,432 | ---- | M] (NVIDIA Corporation) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\nvata.sys -- (nvata)
DRV - [2005/07/29 20:11:04 | 000,012,928 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\nvnetbus.sys -- (nvnetbus)
DRV - [2005/07/29 20:11:02 | 000,034,048 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\NVENETFD.sys -- (NVENETFD)
DRV - [2005/01/07 20:07:18 | 000,138,752 | ---- | M] (Windows (R) Server 2003 DDK provider) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\Hdaudbus.sys -- (HDAudBus)
DRV - [2005/01/07 20:07:16 | 000,145,920 | ---- | M] (Windows (R) Server 2003 DDK provider) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\Hdaudio.sys -- (HdAudAddService)
========== Standard Registry (SafeList) ==========
========== Internet Explorer ==========
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.yahoo.com/
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://us.rd.yahoo.com/customize/ie/defaults/su/msgr9/*http://www.yahoo.com
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://us.rd.yahoo.com/customize/ie/defaults/sp/msgr9/*http://www.yahoo.com
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.yahoo.com/
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,CustomSearch = http://us.rd.yahoo.com/customize/ie/defaults/cs/msgr9/*http://www.yahoo.com/ext/search/search.html
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL = http://toolbar.ask.com/toolbarv/askRedirect?o=13116&gct=&gc=1&q=
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
========== FireFox ==========
FF - prefs.js..browser.search.defaultenginename: "Fast Browser Search"
FF - prefs.js..browser.search.defaulturl: "http://www.fastbrowsersearch.com/results/results.aspx?s=DEF&v=19&q="
FF - prefs.js..browser.search.order.1: "Fast Browser Search"
FF - prefs.js..browser.search.selectedEngine: "Fast Browser Search"
FF - prefs.js..browser.search.useDBForOrder: true
FF - prefs.js..extensions.enabledItems: {B13721C7-F507-4982-B2E5-502A71474FED}:3.3.0.3971
FF - prefs.js..extensions.enabledItems: jqs@sun.com:1.0
FF - prefs.js..keyword.URL: "http://www.fastbrowsersearch.com/results/results.aspx?s=NAUS&v=19&tid={42BEC57C-C834-2AD5-14D8-6FA346A7FEB8}&q="
FF - HKLM\software\mozilla\Firefox\extensions\\m3ffxtbr@mywebsearch.com: C:\Program Files\MyWebSearch\bar\firefox\
FF - HKLM\software\mozilla\Mozilla Firefox 3.5.8\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2010/02/18 17:56:12 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.5.8\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2010/02/18 17:54:23 | 000,000,000 | ---D | M]
[2010/04/02 19:49:42 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator.EINGLETT\Application Data\Mozilla\Extensions
[2010/04/02 20:22:03 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator.EINGLETT\Application Data\Mozilla\Firefox\Profiles\4tgu3j6j.default\extensions
[2010/04/02 20:22:03 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Documents and Settings\Administrator.EINGLETT\Application Data\Mozilla\Firefox\Profiles\4tgu3j6j.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}
[2010/04/02 20:17:58 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Administrator.EINGLETT\Application Data\Mozilla\Firefox\Profiles\4tgu3j6j.default\extensions\{C2DCA7EB-22D2-4FD2-86A9-F99FCC8122BB}
[2010/04/02 20:17:54 | 000,000,000 | ---D | M] -- C:\Program Files\Mozilla Firefox\extensions
[2009/10/04 21:06:48 | 000,003,700 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\fast.png
[2009/10/04 21:06:49 | 000,001,963 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\fast.xml
[2009/12/22 09:02:48 | 000,002,197 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\google-search.xml
O1 HOSTS File: ([2009/11/19 13:01:59 | 000,000,161 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: ::1 localhost
O1 - Hosts: 91.212.127.227 winsecurepro2009.microsoft.com
O1 - Hosts: 91.212.127.227 winsecurepro2009.com
O1 - Hosts: 91.212.127.227 www.winsecurepro2009.com
O2 - BHO: (&Yahoo! Toolbar Helper) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn1\yt.dll (Yahoo! Inc.)
O3 - HKLM\..\Toolbar: (Ask Toolbar) - {3041d03e-fd4b-44e0-b742-2d9b88305f98} - C:\Program Files\AskBarDis\bar\bin\askBar.dll File not found
O3 - HKLM\..\Toolbar: (Yahoo! Toolbar) - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn1\yt.dll (Yahoo! Inc.)
O4 - HKLM..\Run: [acivbtjp] C:\Documents and Settings\Roy\Local Settings\Application Data\tdoupmkah\fwpcrgvtssd.exe ()
O4 - HKLM..\Run: [Alcmtr] C:\WINDOWS\ALCMTR.EXE (Realtek Semiconductor Corp.)
O4 - HKLM..\Run: [avast!] C:\Program Files\Alwil Software\Avast4\ashDisp.exe (ALWIL Software)
O4 - HKLM..\Run: [High Definition Audio Property Page Shortcut] C:\WINDOWS\System32\HdAShCut.exe (Windows (R) Server 2003 DDK provider)
O4 - HKLM..\Run: [ISTray] C:\Program Files\Spyware Doctor\pctsTray.exe (PC Tools)
O4 - HKLM..\Run: [My Web Search Bar] C:\PROGRA~1\MYWEBS~1\bar\1.bin\MWSBAR.DLL File not found
O4 - HKLM..\Run: [MyWebSearch Email Plugin] C:\PROGRA~1\MYWEBS~1\bar\1.bin\mwsoemon.exe File not found
O4 - HKLM..\Run: [NvCplDaemon] C:\WINDOWS\System32\NvCpl.DLL (NVIDIA Corporation)
O4 - HKLM..\Run: [NvMediaCenter] C:\WINDOWS\System32\NvMcTray.DLL (NVIDIA Corporation)
O4 - HKLM..\Run: [nwiz] C:\WINDOWS\System32\nwiz.exe ()
O4 - HKLM..\Run: [YSearchProtection] C:\Program Files\Yahoo!\Search Protection\SearchProtection.exe (Yahoo! Inc)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableTaskMgr = 1
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O9 - Extra Button: PokerStars.net - {FA9B9510-9FCB-4ca0-818C-5D0987B47C4D} - C:\Program Files\PokerStars.NET\PokerStarsUpdate.exe (PokerStars)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_16-windows-i586.cab (Java Plug-in 1.6.0_16)
O16 - DPF: {CAFEEFAC-0016-0000-0016-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_16-windows-i586.cab (Java Plug-in 1.6.0_16)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_16-windows-i586.cab (Java Plug-in 1.6.0_16)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.254
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2009/08/07 01:32:13 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
========== Files/Folders - Created Within 30 Days ==========
[2010/04/02 20:35:48 | 000,233,136 | ---- | C] (PC Tools) -- C:\WINDOWS\System32\drivers\pctgntdi.sys
[2010/04/02 20:35:42 | 000,207,280 | ---- | C] (PC Tools) -- C:\WINDOWS\System32\drivers\PCTCore.sys
[2010/04/02 20:35:42 | 000,087,784 | ---- | C] (PC Tools) -- C:\WINDOWS\System32\drivers\PCTAppEvent.sys
[2010/04/02 20:35:35 | 000,070,408 | ---- | C] (PC Tools) -- C:\WINDOWS\System32\drivers\pctplsg.sys
[2010/04/02 20:35:28 | 000,000,000 | ---D | C] -- C:\Program Files\Spyware Doctor
[2010/04/02 20:35:28 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\PC Tools
[2010/04/02 20:35:28 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\PC Tools
[2010/04/02 20:35:28 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator.EINGLETT\Application Data\PC Tools
[2010/04/02 20:35:15 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\TEMP
[2010/04/02 20:31:28 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator.EINGLETT\My Documents\Downloads
[2010/04/02 20:17:57 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator.EINGLETT\Application Data\Macromedia
[2010/04/02 20:17:57 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator.EINGLETT\Application Data\Adobe
[2010/04/02 19:46:19 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator.EINGLETT\Local Settings\Application Data\Mozilla
[2010/04/02 19:46:18 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator.EINGLETT\Application Data\Mozilla
[2010/03/17 23:35:27 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Windows Genuine Advantage
[2010/03/16 18:30:21 | 000,000,000 | ---D | M] -- C:\Documents and Settings\LocalService\Local Settings\Application Data\Microsoft
[2010/03/16 17:52:05 | 000,016,760 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\spmsg.dll
[2010/03/16 17:51:35 | 000,000,000 | ---D | C] -- C:\Program Files\Windows Media Connect 2
[2010/03/13 00:31:02 | 000,000,000 | --SD | C] -- C:\Documents and Settings\Administrator.EINGLETT\Application Data\Microsoft
[2010/03/13 00:31:02 | 000,000,000 | --SD | C] -- C:\Documents and Settings\Administrator.EINGLETT\Cookies
[2010/03/13 00:31:02 | 000,000,000 | RH-D | C] -- C:\Documents and Settings\Administrator.EINGLETT\Application Data
[2010/03/13 00:31:02 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator.EINGLETT\Favorites
[2010/03/13 00:31:02 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator.EINGLETT\Desktop
[2010/03/13 00:31:01 | 000,000,000 | RH-D | C] -- C:\Documents and Settings\Administrator.EINGLETT\SendTo
[2010/03/13 00:31:01 | 000,000,000 | R--D | C] -- C:\Documents and Settings\Administrator.EINGLETT\Start Menu
[2010/03/13 00:31:01 | 000,000,000 | -H-D | C] -- C:\Documents and Settings\Administrator.EINGLETT\Templates
[2010/03/13 00:31:01 | 000,000,000 | -H-D | C] -- C:\Documents and Settings\Administrator.EINGLETT\Recent
[2010/03/13 00:31:01 | 000,000,000 | -H-D | C] -- C:\Documents and Settings\Administrator.EINGLETT\PrintHood
[2010/03/13 00:31:01 | 000,000,000 | -H-D | C] -- C:\Documents and Settings\Administrator.EINGLETT\NetHood
[2010/03/13 00:31:01 | 000,000,000 | -H-D | C] -- C:\Documents and Settings\Administrator.EINGLETT\Local Settings
[2010/03/13 00:31:01 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator.EINGLETT\My Documents
[2010/03/13 00:31:01 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator.EINGLETT\Local Settings\Application Data\Microsoft
[2010/03/12 23:50:09 | 000,000,000 | -HSD | C] -- C:\WINDOWS\CSC
[2010/03/10 19:13:07 | 000,000,000 | ---D | C] -- C:\WINDOWS\_VOIDjwivpecvnn
[2010/03/10 18:46:24 | 000,000,000 | ---D | C] -- C:\Program Files\Dr. Guard
[2009/08/07 01:37:51 | 000,000,000 | ---D | M] -- C:\Documents and Settings\NetworkService\Local Settings\Application Data\Microsoft
[2009/08/07 01:32:00 | 000,000,000 | --SD | M] -- C:\Documents and Settings\NetworkService\Application Data\Microsoft
[2009/08/07 01:32:00 | 000,000,000 | --SD | M] -- C:\Documents and Settings\LocalService\Application Data\Microsoft
[2004/12/07 12:13:40 | 000,479,432 | ---- | C] (Microsoft Corporation) -- C:\Program Files\dxsetup.exe
[2004/12/07 12:13:38 | 002,249,416 | ---- | C] (Microsoft Corporation) -- C:\Program Files\dsetup32.dll
[2004/12/07 12:13:38 | 000,069,832 | ---- | C] (Microsoft Corporation) -- C:\Program Files\DSETUP.dll
[2004/11/24 14:25:52 | 000,335,872 | ---- | C] ( ) -- C:\WINDOWS\System32\drvc.dll
[5 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
[3 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
========== Files - Modified Within 30 Days ==========
[2010/04/02 20:35:41 | 000,524,288 | -H-- | M] () -- C:\Documents and Settings\Administrator.EINGLETT\NTUSER.DAT
[2010/04/02 20:35:39 | 000,001,637 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Spyware Doctor.lnk
[2010/04/02 20:17:03 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2010/04/02 19:51:40 | 000,000,260 | ---- | M] () -- C:\WINDOWS\tasks\WGASetup.job
[2010/04/02 19:51:31 | 000,000,006 | ---- | M] () -- C:\WINDOWS\tasks\SA.DAT
[2010/04/02 19:51:09 | 000,030,277 | ---- | M] () -- C:\WINDOWS\System32\nvapps.xml
[2010/04/02 19:43:27 | 000,002,206 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2010/03/21 21:17:23 | 000,002,265 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Skype.lnk
[2010/03/21 03:01:10 | 000,001,374 | ---- | M] () -- C:\WINDOWS\imsins.BAK
[2010/03/16 17:51:53 | 000,023,392 | ---- | M] () -- C:\WINDOWS\System32\nscompat.tlb
[2010/03/16 17:51:53 | 000,016,832 | ---- | M] () -- C:\WINDOWS\System32\amcompat.tlb
[2010/03/16 17:51:45 | 000,000,507 | ---- | M] () -- C:\WINDOWS\win.ini
[2010/03/16 17:50:39 | 000,316,640 | ---- | M] () -- C:\WINDOWS\WMSysPr9.prx
[2010/03/14 16:56:47 | 000,432,972 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
[2010/03/14 16:56:47 | 000,067,544 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
[2010/03/14 16:56:46 | 000,509,828 | ---- | M] () -- C:\WINDOWS\System32\PerfStringBackup.INI
[2010/03/13 00:34:00 | 000,000,178 | -HS- | M] () -- C:\Documents and Settings\Administrator.EINGLETT\ntuser.ini
[2010/03/13 00:33:57 | 003,184,656 | -H-- | M] () -- C:\Documents and Settings\Administrator.EINGLETT\Local Settings\Application Data\IconCache.db
[2010/03/13 00:24:48 | 000,003,668 | ---- | M] () -- C:\Documents and Settings\All Users\Application Data\fiosejgfse.dll
[2010/03/12 23:53:06 | 000,000,664 | ---- | M] () -- C:\WINDOWS\System32\d3d9caps.dat
[2010/03/10 19:32:30 | 000,010,730 | ---- | M] () -- C:\Documents and Settings\All Users\Application Data\_VOIDmainqt.dll
[2010/03/10 19:16:05 | 000,001,586 | ---- | M] () -- C:\WINDOWS\System32\_VOIDmfeklnmal.dll
[2010/03/10 19:14:53 | 000,000,271 | ---- | M] () -- C:\WINDOWS\System32\_VOIDivtvsppowy.dat
[5 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
[3 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
========== Files Created - No Company Name ==========
[2010/04/02 20:35:48 | 000,007,387 | ---- | C] () -- C:\WINDOWS\System32\drivers\pctgntdi.cat
[2010/04/02 20:35:42 | 000,007,412 | ---- | C] () -- C:\WINDOWS\System32\drivers\PCTAppEvent.cat
[2010/04/02 20:35:42 | 000,007,383 | ---- | C] () -- C:\WINDOWS\System32\drivers\pctcore.cat
[2010/04/02 20:35:39 | 000,001,637 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Spyware Doctor.lnk
[2010/04/02 20:35:35 | 000,007,383 | ---- | C] () -- C:\WINDOWS\System32\drivers\pctplsg.cat
[2010/03/13 00:31:05 | 000,000,178 | -HS- | C] () -- C:\Documents and Settings\Administrator.EINGLETT\ntuser.ini
[2010/03/13 00:31:01 | 000,524,288 | -H-- | C] () -- C:\Documents and Settings\Administrator.EINGLETT\NTUSER.DAT
[2010/03/10 19:16:05 | 000,001,586 | ---- | C] () -- C:\WINDOWS\System32\_VOIDmfeklnmal.dll
[2010/03/10 19:15:06 | 000,010,730 | ---- | C] () -- C:\Documents and Settings\All Users\Application Data\_VOIDmainqt.dll
[2010/03/10 19:13:51 | 000,000,271 | ---- | C] () -- C:\WINDOWS\System32\_VOIDivtvsppowy.dat
[2010/03/10 19:00:28 | 000,003,668 | ---- | C] () -- C:\Documents and Settings\All Users\Application Data\fiosejgfse.dll
[2009/10/19 13:15:47 | 000,000,262 | ---- | C] () -- C:\WINDOWS\{789289CA-F73A-4A16-A331-54D498CE069F}_WiseFW.ini
[2009/09/27 20:29:42 | 000,021,840 | ---- | C] () -- C:\WINDOWS\System32\SIntfNT.dll
[2009/09/27 20:29:42 | 000,017,212 | ---- | C] () -- C:\WINDOWS\System32\SIntf32.dll
[2009/09/27 20:29:41 | 000,012,067 | ---- | C] () -- C:\WINDOWS\System32\SIntf16.dll
[2009/09/27 19:31:23 | 000,721,904 | ---- | C] () -- C:\WINDOWS\System32\drivers\sptd.sys
[2008/12/19 10:15:58 | 004,338,246 | ---- | C] () -- C:\WINDOWS\System32\libavcodec.dll
[2008/12/17 12:41:18 | 000,884,237 | ---- | C] () -- C:\WINDOWS\System32\ff_x264.dll
[2008/12/17 12:22:58 | 000,093,184 | ---- | C] () -- C:\WINDOWS\System32\ff_wmv9.dll
[2008/12/17 12:22:48 | 000,057,344 | ---- | C] () -- C:\WINDOWS\System32\ff_vfw.dll
[2008/12/17 12:17:34 | 000,239,247 | ---- | C] () -- C:\WINDOWS\System32\ff_theora.dll
[2008/12/17 11:59:54 | 000,560,802 | ---- | C] () -- C:\WINDOWS\System32\libmplayer.dll
[2008/12/11 06:27:02 | 000,000,547 | ---- | C] () -- C:\WINDOWS\System32\ff_vfw.dll.manifest
[2005/09/18 11:32:00 | 001,662,976 | ---- | C] () -- C:\WINDOWS\System32\nvwdmcpl.dll
[2005/09/18 11:32:00 | 001,466,368 | ---- | C] () -- C:\WINDOWS\System32\nview.dll
[2005/09/18 11:32:00 | 001,019,904 | ---- | C] () -- C:\WINDOWS\System32\nvwimg.dll
[2005/09/18 11:32:00 | 000,573,440 | ---- | C] () -- C:\WINDOWS\System32\nvhwvid.dll
[2005/09/18 11:32:00 | 000,466,944 | ---- | C] () -- C:\WINDOWS\System32\nvshell.dll
[2005/09/18 11:32:00 | 000,286,720 | ---- | C] () -- C:\WINDOWS\System32\nvnt4cpl.dll
[2005/09/18 11:32:00 | 000,046,080 | ---- | C] () -- C:\WINDOWS\System32\nvapi.dll
[2004/12/07 12:13:42 | 003,578,547 | ---- | C] () -- C:\Program Files\ManagedDX.CAB
[2004/12/07 12:13:42 | 001,156,363 | ---- | C] () -- C:\Program Files\BDANT.cab
[2004/12/07 12:13:42 | 000,703,080 | ---- | C] () -- C:\Program Files\BDA.cab
[2004/12/07 12:13:38 | 013,265,040 | R--- | C] () -- C:\Program Files\dxnt.cab
[2004/12/07 12:13:36 | 015,493,481 | ---- | C] () -- C:\Program Files\DirectX.cab
[2004/12/07 12:13:36 | 000,976,020 | ---- | C] () -- C:\Program Files\BDAXP.cab
[2004/12/07 11:47:32 | 000,020,717 | ---- | C] () -- C:\Program Files\DirectX SDK EULA.txt
[2004/10/03 12:50:54 | 000,129,024 | ---- | C] () -- C:\WINDOWS\System32\ff_mpeg2enc.dll
[2004/08/03 21:07:00 | 000,027,440 | ---- | C] () -- C:\WINDOWS\System32\drivers\secdrv.sys
========== Alternate Data Streams ==========
@Alternate Data Stream - 146 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:DFC5A2B2
@Alternate Data Stream - 127 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:DFC5A2B2
< End of report >
OTL Extras logfile created on: 4/2/2010 8:36:03 PM - Run 1
OTL by OldTimer - Version 3.1.37.3 Folder = C:\Documents and Settings\Administrator.EINGLETT\My Documents\Downloads
Windows XP Professional Edition Service Pack 2 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 6.0.2900.2180)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy
383.00 Mb Total Physical Memory | 115.00 Mb Available Physical Memory | 30.00% Memory free
922.00 Mb Paging File | 723.00 Mb Available in Paging File | 78.00% Paging File free
Paging file location(s): C:\pagefile.sys 576 1152 [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 149.04 Gb Total Space | 130.93 Gb Free Space | 87.85% Space Free | Partition Type: NTFS
D: Drive not present or media not loaded
E: Drive not present or media not loaded
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded
Computer Name: EINGLETT
Current User Name: Administrator
Logged in as Administrator.
Current Boot Mode: SafeMode with Networking
Scan Mode: Current user
Company Name Whitelist: Off
Skip Microsoft Files: Off
File Age = 30 Days
Output = Standard
========== Extra Registry (SafeList) ==========
========== File Associations ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\
[HKEY_CURRENT_USER\SOFTWARE\Classes\
.html [@ = FirefoxHTML] -- C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)
========== Shell Spawning ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
htmlfile [edit] -- Reg Error: Key error.
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l (Microsoft Corporation)
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
========== Security Center Settings ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"FirstRunDisabled" = 1
"AntiVirusDisableNotify" = 0
"FirewallDisableNotify" = 0
"UpdatesDisableNotify" = 0
"AntiVirusOverride" = 0
"FirewallOverride" = 0
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
"223:TCP" = 223:TCP:*:Enabled:WarriorEpic
"223:UDP" = 223:UDP:*:Enabled:WarriorEpic
"860:TCP" = 860:TCP:*:Enabled:WarriorEpic
"860:UDP" = 860:UDP:*:Enabled:WarriorEpic
"262:TCP" = 262:TCP:*:Enabled:WarriorEpic
"262:UDP" = 262:UDP:*:Enabled:WarriorEpic
"367:TCP" = 367:TCP:*:Enabled:WarriorEpic
"367:UDP" = 367:UDP:*:Enabled:WarriorEpic
"90:TCP" = 90:TCP:*:Enabled:WarriorEpic
"90:UDP" = 90:UDP:*:Enabled:WarriorEpic
"311:TCP" = 311:TCP:*:Enabled:WarriorEpic
"311:UDP" = 311:UDP:*:Enabled:WarriorEpic
"33:TCP" = 33:TCP:*:Enabled:WarriorEpic
"33:UDP" = 33:UDP:*:Enabled:WarriorEpic
"770:TCP" = 770:TCP:*:Enabled:WarriorEpic
"770:UDP" = 770:UDP:*:Enabled:WarriorEpic
"876:TCP" = 876:TCP:*:Enabled:WarriorEpic
"876:UDP" = 876:UDP:*:Enabled:WarriorEpic
"946:TCP" = 946:TCP:*:Enabled:WarriorEpic
"946:UDP" = 946:UDP:*:Enabled:WarriorEpic
"987:TCP" = 987:TCP:*:Enabled:WarriorEpic
"987:UDP" = 987:UDP:*:Enabled:WarriorEpic
"991:TCP" = 991:TCP:*:Enabled:WarriorEpic
"991:UDP" = 991:UDP:*:Enabled:WarriorEpic
"600:TCP" = 600:TCP:*:Enabled:WarriorEpic
"600:UDP" = 600:UDP:*:Enabled:WarriorEpic
"448:TCP" = 448:TCP:*:Enabled:WarriorEpic
"448:UDP" = 448:UDP:*:Enabled:WarriorEpic
"87:TCP" = 87:TCP:*:Enabled:WarriorEpic
"87:UDP" = 87:UDP:*:Enabled:WarriorEpic
"710:TCP" = 710:TCP:*:Enabled:WarriorEpic
"710:UDP" = 710:UDP:*:Enabled:WarriorEpic
"282:TCP" = 282:TCP:*:Enabled:WarriorEpic
"282:UDP" = 282:UDP:*:Enabled:WarriorEpic
"363:TCP" = 363:TCP:*:Enabled:WarriorEpic
"363:UDP" = 363:UDP:*:Enabled:WarriorEpic
"740:TCP" = 740:TCP:*:Enabled:WarriorEpic
"740:UDP" = 740:UDP:*:Enabled:WarriorEpic
"708:TCP" = 708:TCP:*:Enabled:WarriorEpic
"708:UDP" = 708:UDP:*:Enabled:WarriorEpic
"612:TCP" = 612:TCP:*:Enabled:WarriorEpic
"612:UDP" = 612:UDP:*:Enabled:WarriorEpic
"774:TCP" = 774:TCP:*:Enabled:WarriorEpic
"774:UDP" = 774:UDP:*:Enabled:WarriorEpic
"214:TCP" = 214:TCP:*:Enabled:WarriorEpic
"214:UDP" = 214:UDP:*:Enabled:WarriorEpic
========== Authorized Applications List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"C:\Program Files\iTunes\iTunes.exe" = C:\Program Files\iTunes\iTunes.exe:*:Enabled:iTunes -- (Apple Inc.)
"C:\Program Files\Ventrilo\Ventrilo.exe" = C:\Program Files\Ventrilo\Ventrilo.exe:*:Enabled:Ventrilo.exe -- (Flagship Industries, Inc.)
"C:\Program Files\Java\jre6\bin\javaw.exe" = C:\Program Files\Java\jre6\bin\javaw.exe:*:Enabled:Java(TM) Platform SE binary -- (Sun Microsystems, Inc.)
"C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe" = C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe:*:Enabled:Yahoo! Messenger -- (Yahoo! Inc.)
"C:\Program Files\Warrior Epic\WEShell_TGI.exe" = C:\Program Files\Warrior Epic\WEShell_TGI.exe:*:Enabled:Warrior Epic -- (True Games Interactive)
========== HKEY_LOCAL_MACHINE Uninstall List ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{07287123-B8AC-41CE-8346-3D777245C35B}" = Bonjour
"{0C34B801-6AEC-4667-B053-03A67E2D0415}" = Apple Application Support
"{15F4085A-BC98-4590-AFFD-03BBBE49524E}" = Garmin Communicator Plugin
"{26A24AE4-039D-4CA4-87B4-2F83216016FF}" = Java(TM) 6 Update 16
"{350C97B0-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP
"{541DEAC0-5F3D-45E6-B7CB-94ECF3B96748}" = Skype web features
"{65F9E1F3-A2C1-4AA9-9F33-A3AEB0255F0E}" = Garmin USB Drivers
"{6956856F-B6B3-4BE0-BA0B-8F495BE32033}" = Apple Software Update
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{789289CA-F73A-4A16-A331-54D498CE069F}" = Ventrilo Client
"{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}" = Microsoft .NET Framework 3.0 Service Pack 2
"{A429C2AE-EBF1-4F81-A221-1C115CAADDAD}" = QuickTime
"{AADEA55D-C834-4BCB-98A3-4B8D1C18F4EE}" = Apple Mobile Device Support
"{AC76BA86-7AD7-1033-7B44-A92000000001}" = Adobe Reader 9.2
"{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}" = Microsoft .NET Framework 2.0 Service Pack 2
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{D103C4BA-F905-437A-8049-DB24763BBE36}" = Skype 4.1
"{D69F6DA9-46CF-3EFD-DC4B-9E38F75F5B10}" = Super Collapse 3
"{DA34FE93-5DC5-48E0-ACC8-A5389E05BB51}" = iTunes
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"49CF605F02C7954F4E139D18828DE298CD59217C" = Windows Driver Package - Garmin (grmnusb) GARMIN Devices (06/03/2009 2.3.0.0)
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"Ask Toolbar_is1" = Ask Toolbar
"avast!" = avast! Antivirus
"Browser Defender_is1" = Browser Defender 2.0.6.11
"DAEMON Tools Toolbar" = DAEMON Tools Toolbar
"Diablo II" = Diablo II
"Dr. Guard" = Dr. Guard
"FBSearchToolbar" = Fast Browser Search for Firefox (My Web Tattoo)
"Gamevance" = Gamevance
"Guild Wars" = Guild Wars
"GW Team Builder_is1" = GW Team Builder 1.2.1
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"Mozilla Firefox (3.5.8)" = Mozilla Firefox (3.5.8)
"MP3 Rocket" = MP3 Rocket
"MSCompPackV1" = Microsoft Compression Client Pack 1.0 for Windows XP
"MyWebSearch bar Uninstall" = My Web Search (Kazulah)
"NVIDIA Drivers" = NVIDIA Drivers
"PokerStars.net" = PokerStars.net
"RatingsMigration" = Windows Media Player 9 Series Power Toy - Ratings Migration
"Spyware Doctor" = Spyware Doctor 7.0
"ST5UNST #1" = Typing Tutor
"Super Collapse 3" = Super Collapse 3 (remove only)
"The Weather Channel Desktop 6" = The Weather Channel Desktop 6
"Warrior Epic" = Warrior Epic
"WIC" = Windows Imaging Component
"Windows Media Format Runtime" = Windows Media Format 11 runtime
"Windows Media Player" = Windows Media Player 11
"WinRAR archiver" = WinRAR archiver
"WMFDist11" = Windows Media Format 11 runtime
"wmp11" = Windows Media Player 11
"Wudf01000" = Microsoft User-Mode Driver Framework Feature Pack 1.0
"XP Codec Pack" = XP Codec Pack
"Yahoo! Companion" = Yahoo! Toolbar
"Yahoo! Messenger" = Yahoo! Messenger
"Yahoo! Search Defender" = Yahoo! Search Protection
"Yahoo! Software Update" = Yahoo! Software Update
========== Last 10 Event Log Errors ==========
[ Antivirus Events ]
Error - 10/11/2009 5:57:41 PM | Computer Name = EINGLETT | Source = avast! | ID = 33554522
Description = AAVM - initialization error: Unhandled exception in AavmProviderStop
[Inner], MAIL.
Error - 11/5/2009 4:26:18 PM | Computer Name = EINGLETT | Source = avast! | ID = 33554522
Description = AAVM - scanning error: x_AavmCheckFileDirectEx: avfilesScanReal of
C:\Documents and Settings\Roy\Application Data\Mozilla\Firefox\Profiles\d0o7jw35.default\sessionstore.js
failed, 0000A413.
Error - 11/5/2009 10:04:17 PM | Computer Name = EINGLETT | Source = avast! | ID = 33554522
Description = AAVM - scanning error: x_AavmCheckFileDirectEx: avfilesScanReal of
http://244.webim0028.webim.myspace.com/api/v1/events.json failed, 0000A413.
[ Application Events ]
Error - 2/7/2010 5:36:12 PM | Computer Name = EINGLETT | Source = crypt32 | ID = 131083
Description = Failed extract of third-party root list from auto update cab at:
with error: The data is invalid.
Error - 2/13/2010 10:29:39 AM | Computer Name = EINGLETT | Source = crypt32 | ID = 131083
Description = Failed extract of third-party root list from auto update cab at:
with error: The data is invalid.
Error - 2/13/2010 10:29:41 AM | Computer Name = EINGLETT | Source = crypt32 | ID = 131083
Description = Failed extract of third-party root list from auto update cab at:
with error: The data is invalid.
Error - 2/13/2010 10:29:41 AM | Computer Name = EINGLETT | Source = crypt32 | ID = 131083
Description = Failed extract of third-party root list from auto update cab at:
with error: The data is invalid.
Error - 2/13/2010 10:29:42 AM | Computer Name = EINGLETT | Source = crypt32 | ID = 131083
Description = Failed extract of third-party root list from auto update cab at:
with error: The data is invalid.
Error - 2/13/2010 10:29:43 AM | Computer Name = EINGLETT | Source = crypt32 | ID = 131083
Description = Failed extract of third-party root list from auto update cab at:
with error: The data is invalid.
Error - 2/13/2010 10:29:44 AM | Computer Name = EINGLETT | Source = crypt32 | ID = 131083
Description = Failed extract of third-party root list from auto update cab at:
with error: The data is invalid.
Error - 2/13/2010 10:29:44 AM | Computer Name = EINGLETT | Source = crypt32 | ID = 131083
Description = Failed extract of third-party root list from auto update cab at:
with error: The data is invalid.
Error - 2/13/2010 10:29:45 AM | Computer Name = EINGLETT | Source = crypt32 | ID = 131083
Description = Failed extract of third-party root list from auto update cab at:
with error: The data is invalid.
Error - 2/22/2010 1:27:36 AM | Computer Name = EINGLETT | Source = Application Hang | ID = 1002
Description = Hanging application firefox.exe, version 1.9.1.3685, hang module hungapp,
version 0.0.0.0, hang address 0x00000000.
[ System Events ]
Error - 3/11/2010 10:53:56 PM | Computer Name = EINGLETT | Source = Service Control Manager | ID = 7023
Description = The Computer Browser service terminated with the following error:
%%1460
Error - 3/12/2010 12:00:55 AM | Computer Name = EINGLETT | Source = Service Control Manager | ID = 7009
Description = Timeout (30000 milliseconds) waiting for the avast! Web Scanner service
to connect.
Error - 3/12/2010 12:00:55 AM | Computer Name = EINGLETT | Source = Service Control Manager | ID = 7000
Description = The avast! Web Scanner service failed to start due to the following
error: %%1053
Error - 3/12/2010 12:01:28 AM | Computer Name = EINGLETT | Source = Service Control Manager | ID = 7009
Description = Timeout (30000 milliseconds) waiting for the avast! Web Scanner service
to connect.
Error - 3/12/2010 12:01:28 AM | Computer Name = EINGLETT | Source = Service Control Manager | ID = 7000
Description = The avast! Web Scanner service failed to start due to the following
error: %%1053
Error - 3/12/2010 12:01:31 AM | Computer Name = EINGLETT | Source = Service Control Manager | ID = 7023
Description = The Windows Firewall/Internet Connection Sharing (ICS) service terminated
with the following error: %%2147500053
Error - 3/12/2010 12:02:01 AM | Computer Name = EINGLETT | Source = Service Control Manager | ID = 7009
Description = Timeout (30000 milliseconds) waiting for the avast! Web Scanner service
to connect.
Error - 3/12/2010 12:02:01 AM | Computer Name = EINGLETT | Source = Service Control Manager | ID = 7000
Description = The avast! Web Scanner service failed to start due to the following
error: %%1053
Error - 3/12/2010 12:03:45 AM | Computer Name = EINGLETT | Source = Service Control Manager | ID = 7034
Description = The avast! Web Scanner service terminated unexpectedly. It has done
this 1 time(s).
Error - 3/12/2010 12:05:08 AM | Computer Name = EINGLETT | Source = Service Control Manager | ID = 7023
Description = The Computer Browser service terminated with the following error:
%%1460
< End of report >