Show Posts

This section allows you to view all posts made by this member. Note that you can only see posts made in areas you currently have access to.


Messages - Allan Smith

Pages: [1] 2 3
1
Tech Clinic / DCom event 10016
« on: September 12, 2011, 05:01:50 AM »
[quote name='guestolo' timestamp='1315756646' post='480201']
It definitely sounds as a permission problem,[/quote]

well - I managed to get rid of the 'greyed out'.

In regedit search for the appid. In the left column right click - select permissions.
Ownership is 'Trusted Installer' - changed to 'Administrators'
then changed permissions for Administrators to 'Full'.

Did it for both APPIDs - and hooray - greyed out disappeared.
Then went into each APPID and changed Launch and Activation settings - made sure Local Launch and Local Activation set for all listed accounts and added 'all users group' as well for good measure -

NUTS - still get the problem - cant save image from ancestry on local hard disk, but no problem on memory stick
events errors are still the same.

2
Tech Clinic / DCom event 10016
« on: September 10, 2011, 02:44:26 PM »
[quote name='guestolo' timestamp='1315669496' post='480199']
Have you checked out this link, and the comments?
http://www.itexperience.net/event-10016-the-application-specific-permission-settings-do-not-grant-local-launch-permission-for-the-com-server-application/
[/quote]
Thanks I hadnt seen that one - but it didnt help.

The comment dated Jan 6 2010 is where I am at. The comment dated 27 Apr 2011 says use regedit32 - but that is only relevent when running 64 bit Win. I am running 32bit and there is no such prog as regedit32.exe.

Just running regedit and searching for the hex strings as given in the event - both in CLSID and APPID are identical. There are 2 events and thus 2 hex strings in my problem.

D3DCB472-7261-43CE-924B-0704BD730D5F
and
145B4335-FE2A-4927-A040-7C35AD3180EF

Searching in regedit returns
Computer\HKEY_CLASSES_ROOT\AppID\{145B4335-FE2A-4927-A040-7C35AD3180EF} -
(Default) REG_SZ (value not set)
LaunchPermission REG_BINARY 01 00....... (extremely long string)
LocalService REG_SZ fdPHost

Computer\HKEY_CLASSES_ROOT\CLSID\{145B4335-FE2A-4927-A040-7C35AD3180EF}
(Default) REG_SZ SSDP Provider Class
AppID REG_SZ {145B4335-FE2A-4927-A040-7C35AD3180EF}

Computer\HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AppID\{145B4335-FE2A-4927-A040-7C35AD3180EF} -
(Default) REG_SZ (value not set)
LaunchPermission REG_BINARY 01 00....... (extremely long string)
LocalService REG_SZ fdPHost

Computer\HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{145B4335-FE2A-4927-A040-7C35AD3180EF}
(Default) REG_SZ SSDP Provider Class
AppID REG_SZ {145B4335-FE2A-4927-A040-7C35AD3180EF}

Computer\HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Function Discovery\Categories\Provider\Microsoft.Networking.SSDP
(Default) REG_SZ (value not set)
00000000 REG_SZ <provider type="{145B4335-FE2A-4927-A040-7C35AD3180EF}"/>

Computer\HKEY_CLASSES_ROOT\AppID\{D3DCB472-7261-43CE-924B-0704BD730D5F} -
(Default) REG_SZ (value not set)
LaunchPermission REG_BINARY 01 00....... (extremely long string)
LocalService REG_SZ fdPHost

Computer\HKEY_CLASSES_ROOT\CLSID\{D3DCB472-7261-43CE-924B-0704BD730D5F}
(Default) REG_SZ WS Discovery Provider Class
AppID REG_SZ {D3DCB472-7261-43CE-924B-0704BD730D5F}

Computer\HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AppID\{D3DCB472-7261-43CE-924B-0704BD730D5F} -
(Default) REG_SZ (value not set)
LaunchPermission REG_BINARY 01 00....... (extremely long string)
LocalService REG_SZ fdPHost

Computer\HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{D3DCB472-7261-43CE-924B-0704BD730D5F}
(Default) REG_SZ SSDP Provider Class
AppID REG_SZ {145B4335-FE2A-4927-A040-7C35AD3180EF}

Computer\HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Function Discovery\Categories\Provider\Microsoft.Networking.WSD
(Default) REG_SZ (value not set)
00000000 REG_SZ <provider type="{145B4335-FE2A-4927-A040-7C35AD3180EF}"/>

Running component services DCOM Config as administrator
There are icons that are named with the same 2 hex strings - but when I try to open the properties to edit the setting it is all greyed out.
There is no icon named fdPHost
There is no icon named Microsoft Networking WSD
There is no icon named microsoft Networking SSDP
There is no icon named SSDP Provider Class
There is no icon named WS Discovery Provider Class

SO I am at a loss what to do - I suspect it is something to do with the launch permission strings but theyare very long.

I take it you didnt see anything unusual in the 2 logs?

3
Tech Clinic / DCom event 10016
« on: September 09, 2011, 06:31:29 AM »
Ah - ha - did some di8gging and found out why extras.txt was missing.
Changed Extras Registry to YSe Safe list and re-ran. Here's the extra.txt

OTL Extras logfile created on: 09/09/2011 12:26:36 - Run 7
OTL by OldTimer - Version 3.2.27.0     Folder = C:\Users\allans\Desktop
 Enterprise Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000809 | Country: United Kingdom | Language: ENG | Date Format: dd/MM/yyyy
 
3.25 Gb Total Physical Memory | 2.49 Gb Available Physical Memory | 76.68% Memory free
6.50 Gb Paging File | 5.24 Gb Available in Paging File | 80.62% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 97.65 Gb Total Space | 62.93 Gb Free Space | 64.44% Space Free | Partition Type: NTFS
Drive D: | 78.13 Gb Total Space | 54.67 Gb Free Space | 69.98% Space Free | Partition Type: NTFS
Drive E: | 105.47 Gb Total Space | 46.42 Gb Free Space | 44.01% Space Free | Partition Type: NTFS
Drive F: | 106.38 Gb Total Space | 96.17 Gb Free Space | 90.40% Space Free | Partition Type: NTFS
Drive T: | 78.13 Gb Total Space | 72.63 Gb Free Space | 92.96% Space Free | Partition Type: NTFS
 
Computer Name: LEMURIA-7 | User Name: allans | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
 
========== Extra Registry (SafeList) ==========
 
 
========== File Associations ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\System32\control.exe (Microsoft Corporation)
.hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation)
 
========== Shell Spawning ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
 
========== Security Center Settings ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = Reg Error: Unknown registry data type -- File not found
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]
 
========== Firewall Settings ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 0
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 0
"DoNotAllowExceptions" = 0
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 1
"EnableFirewall" = 0
 
========== Authorized Applications List ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"C:\Program Files\BitTorrent\bittorrent.exe" = C:\Program Files\BitTorrent\bittorrent.exe:*:Enabled:BitTorrent -- (BitTorrent, Inc.)
 
 
========== HKEY_LOCAL_MACHINE Uninstall List ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"_{18355D5F-FABE-49A2-B359-92020DBD51B1}" = Corel DESIGNER Technical Suite X4 - Windows Shell Extension
"_{870DCAE9-E488-48C9-A512-F67914695750}" = Corel DESIGNER Technical Suite X4
"{0001B4FD-9EA3-4D90-A79E-FD14BA3AB01D}" = PDFCreator
"{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}" = Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148
"{010C0B4A-DC93-4BB4-893B-BDDE95355A3E}" = Freeware PDF Unlocker
"{07EA0F88-8E8F-11D9-8BDE-F66BAD1E3F3A}" = BrickStore
"{088A077A-8028-408C-AE7B-4512AE2A65A0}" = CanoScan Toolbox Ver4.6
"{0A0CADCF-78DA-33C4-A350-CD51849B9702}" = Microsoft .NET Framework 4 Extended
"{105CFC7C-6992-11D5-BD9D-000102C10FD8}" = Lizardtech DjVu Control
"{13A5E785-5197-4EAD-8EE3-D660271E49BC}" = Feedback Tool
"{143D36D2-4D24-4F7C-AA12-AE302FE084E1}" = Setup Wizard
"{1635620D-E548-406C-A74E-7492DC23AE71}" = Corel Designer Technical Suite X4 - IPM
"{18355D5F-FABE-49A2-B359-92020DBD51B1}" = Corel DESIGNER Technical Suite X4 - Windows Shell Extension
"{196BB40D-1578-3D01-B289-BEFC77A11A1E}" = Microsoft Visual C++ 2010  x86 Redistributable - 10.0.30319
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{26A24AE4-039D-4CA4-87B4-2F83216021FF}" = Java(TM) 6 Update 26
"{2EA870FA-585F-4187-903D-CB9FFD21E2E0}" = DHTML Editing Component
"{370187B9-6964-38D0-851F-6C4898B0C2B1}" = Microsoft Visual C++  Compilers 2010 Standard - enu - x86
"{37AC7F94-2C0C-3DFF-8039-4B6AB79150D0}" = Microsoft Windows SDK for Visual Studio .NET 4.0 Framework Tools
"{39556553-8C77-4C5E-8F30-4083274948A2}" = Application Verifier
"{3C3901C5-3455-3E0A-A214-0B093A5070A6}" = Microsoft .NET Framework 4 Client Profile
"{3D3E663D-4E7E-4577-A560-7ECDDD45548A}" = PVSonyDll
"{415B2719-AD3A-4944-B404-C472DB6085B3}" = Cisco EAP-FAST Module
"{46578609-AD6D-4E69-AC8F-28B89C090F3B}" = Roxio Creator 2010 Pro
"{47C39E4A-28F2-33B1-B9B7-97F24E52D917}" = Microsoft Help Viewer 1.0
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4A5073DD-B109-4B91-98C7-54260D916432}" = WinBMD
"{4A7FDA4D-F4D7-4A49-934A-066D59A43C7E}" = SmartSound Quicktracks Plugin
"{4B509F1E-BEA7-3D0E-BE94-3BBF85E8D698}" = Microsoft Windows SDK .NET Framework Tools (30514)
"{4F30BC2B-5441-3149-91D7-FAA2332E2F5F}" = Microsoft Windows SDK for Windows 7 Headers and Libraries (30514)
"{5783F2D7-9009-0409-0002-0060B0CE6BBA}" = AutoCAD LT 2011 - English
"{5783F2D7-9009-0409-1002-0060B0CE6BBA}" = AutoCAD LT 2011 Language Pack - English
"{5A06423A-210C-49FB-950E-CB0EB8C5CEC7}" = Roxio BackOnTrack
"{60B2315F-680F-4EB3-B8DD-CCDC86A7CCAB}" = Roxio File Backup
"{6421F085-1FAA-DE13-D02A-CFB412C522A4}" = Acrobat.com
"{669C7BD8-DAA2-49B6-966C-F1E2AAE6B17E}" = Cisco PEAP Module
"{699C970F-1E17-3CD8-A2EA-87AB9EDEDFF4}" = Microsoft Windows SDK for Windows 7 Samples (30514)
"{6A3F9D74-BB80-4451-8CA1-4B3A857F1359}" = Apple Application Support
"{6D63CBA6-3563-45E7-8D0C-97E92259542D}" = Visual Basic for Applications (R) Core
"{733CDF24-0A93-426E-AA89-DF281EB54793}" = Roxio CinePlayer
"{735619D4-B42A-437A-958C-199BFCAEDB38}" = Safari
"{74DC8A26-4E05-40B6-AD11-C9428A1AE150}" = Roxio Creator 2010 Pro
"{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}" = Apple Software Update
"{7AFFE35D-047A-3D27-B204-1CD849933C02}" = Microsoft Windows SDK for Windows 7 Common Utilities (30514)
"{7EACD74C-147F-478C-9389-F9F52EE3C88A}" = LightScribe System Software
"{7FD71A9E-C4D3-42ED-A998-CDA8290C39A3}" = LightScribe Template Labeler
"{83770D14-21B9-44B3-8689-F7B523F94560}" = Cisco LEAP Module
"{85C977FB-2A5B-3223-8AC5-828558EAF7D9}" = Microsoft Windows SDK for Windows 7 Utilities for Win32 Development (30514)
"{86CE85E6-DBAC-3FFD-B977-E4B79F83C909}" = Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570
"{86DDDAAD-AEB9-42E5-BE01-0E8FABD2BB29}" = Roxio Video Capture USB
"{870DCAE9-E488-48C9-A512-F67914695750}" = Corel DESIGNER Technical Suite X4 - ICA
"{87A83C6F-F53C-448A-B078-FF00E3EAEB29}" = Roxio Disaster Recovery
"{88A4002B-BDBA-49A2-927C-D81E8DF32B1B}" = LightScribe Applications
"{89A15676-78AE-4D51-BF5B-DEE3E0D46C94}" = Roxio Creator 2010 Pro
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{90024193-9F13-4877-89D5-A1CDF0CBBF28}" = Feedback Tool
"{90120000-0015-0409-0000-0000000FF1CE}" = Microsoft Office Access MUI (English) 2007
"{90120000-0015-0409-0000-0000000FF1CE}_ENTERPRISE_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0016-0409-0000-0000000FF1CE}" = Microsoft Office Excel MUI (English) 2007
"{90120000-0016-0409-0000-0000000FF1CE}_ENTERPRISE_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0018-0409-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (English) 2007
"{90120000-0018-0409-0000-0000000FF1CE}_ENTERPRISE_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0019-0409-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (English) 2007
"{90120000-0019-0409-0000-0000000FF1CE}_ENTERPRISE_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001A-0409-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (English) 2007
"{90120000-001A-0409-0000-0000000FF1CE}_ENTERPRISE_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001B-0409-0000-0000000FF1CE}" = Microsoft Office Word MUI (English) 2007
"{90120000-001B-0409-0000-0000000FF1CE}_ENTERPRISE_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-0409-0000-0000000FF1CE}_ENTERPRISE_{ABDDE972-355B-4AF1-89A8-DA50B7B5C045}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2007
"{90120000-001F-040C-0000-0000000FF1CE}_ENTERPRISE_{F580DDD5-8D37-4998-968E-EBB76BB86787}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-0C0A-0000-0000000FF1CE}" = Microsoft Office Proof (Spanish) 2007
"{90120000-001F-0C0A-0000-0000000FF1CE}_ENTERPRISE_{187308AB-5FA7-4F14-9AB9-D290383A10D9}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-002C-0409-0000-0000000FF1CE}" = Microsoft Office Proofing (English) 2007
"{90120000-0030-0000-0000-0000000FF1CE}" = Microsoft Office Enterprise 2007
"{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{0B36C6D6-F5D8-4EAF-BF94-4376A230AD5B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{3D019598-7B59-447A-80AE-815B703B84FF}" = Security Update for Microsoft Office system 2007 (972581)
"{90120000-0044-0409-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (English) 2007
"{90120000-0044-0409-0000-0000000FF1CE}_ENTERPRISE_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-006E-0409-0000-0000000FF1CE}" = Microsoft Office Shared MUI (English) 2007
"{90120000-006E-0409-0000-0000000FF1CE}_ENTERPRISE_{DE5A002D-8122-4278-A7EE-3121E7EA254E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-00A1-0409-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (English) 2007
"{90120000-00A1-0409-0000-0000000FF1CE}_ENTERPRISE_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-00BA-0409-0000-0000000FF1CE}" = Microsoft Office Groove MUI (English) 2007
"{90120000-00BA-0409-0000-0000000FF1CE}_ENTERPRISE_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0114-0409-0000-0000000FF1CE}" = Microsoft Office Groove Setup Metadata MUI (English) 2007
"{90120000-0114-0409-0000-0000000FF1CE}_ENTERPRISE_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0115-0409-0000-0000000FF1CE}" = Microsoft Office Shared Setup Metadata MUI (English) 2007
"{90120000-0115-0409-0000-0000000FF1CE}_ENTERPRISE_{DE5A002D-8122-4278-A7EE-3121E7EA254E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0117-0409-0000-0000000FF1CE}" = Microsoft Office Access Setup Metadata MUI (English) 2007
"{90120000-0117-0409-0000-0000000FF1CE}_ENTERPRISE_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90140000-2005-0000-0000-0000000FF1CE}" = Microsoft Office File Validation Add-In
"{91AFACB3-CA46-4C1E-AF2D-F72EE0B112E4}" = Personal Ancestral File Companion 5.2
"{928D2FB1-291A-362B-89A4-7075A9D904A4}" = Microsoft Windows SDK for Windows 7 (7.1)
"{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting
"{9A00EC4E-27E1-42C4-98DD-662F32AC8870}" = Roxio CinePlayer Decoder Pack
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9A9C11FA-AE85-3B48-86BE-5FA83D0384B3}" = Microsoft Windows SDK Intellisense and Reference Assemblies (30514)
"{9BB86A32-E255-40F8-97CD-F65FD7BA5180}" = Visual Basic for Applications (R) Core - English
"{9BD2DD45-8763-4F12-BDC6-958FCFEF0FCB}" = Microsoft IntelliType Pro 8.2
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{9C2F9B2C-1585-43AD-9EF9-48AAD60DFC04}" = Microsoft IntelliPoint 8.1
"{9DEABCB6-B759-4D52-92F8-51B34A2B4D40}" = Autodesk Material Library 2011
"{A121EEDE-C68F-461D-91AA-D48BA226AF1C}" = Roxio Activation Module
"{A12EA295-32EA-42BB-8442-2C2BE852D4AA}" = inSSIDer 2.0
"{A33E7B0C-B99C-4EC9-B702-8A328B161AF9}" = Roxio Burn
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{AC76BA86-7AD7-1033-7B44-AA1000000001}" = Adobe Reader X (10.1.0)
"{AF9E97C1-7431-426D-A8D5-ABE40995C0B1}" = DirectX 9 Runtime
"{B0FE14F0-85BB-4CBF-A7C5-FE95475C1D1B}" = Corel DESIGNER Technical Suite X4 - Lang EN
"{B3FED300-806C-11E0-A0D0-B8AC6F97B88E}" = Google Earth
"{B7072091-4582-396F-87E2-412C85AC7095}" = Microsoft Windows SDK MSHelp (30514)
"{C2E4B5BD-32DB-4817-A060-341AB17C3F90}" = Bonjour
"{C2F1F96A-057E-5819-B52E-FEA1D1D2933B}" = Acronis True Image Home
"{C617EC41-9E21-3915-AA7E-F156B74F7D07}" = Microsoft Windows SDK Net Fx Interop Headers And Libraries (30514)
"{C63E7C60-25EB-11D3-8EDA-00A0C911E8E5}" = Microsoft Outlook Personal Folders Backup
"{C9E14402-3631-4182-B377-6B0DFB1C0339}" = QuickTime
"{CB099890-1D5F-11D5-9EA9-0050BAE317E1}" = CyberLink PowerDirector
"{CCA5EAAD-92F4-4B7A-B5EE-14294C66AB61}" = PlayReady PC Runtime x86
"{CD95F661-A5C4-44F5-A6AA-ECDD91C240BB}" = WinZip 14.0
"{CFEF48A8-BFB8-3EAC-8BA5-DE4F8AA267CE}" = Microsoft .NET Framework 4 Multi-Targeting Pack
"{D09605BE-5587-4B0C-86C8-69B5092CB80F}" = Debugging Tools for Windows (x86)
"{D94A8E22-DF2B-4107-9E51-608A60A7671D}" = Personal Ancestral File 5
"{DED53B0B-B67C-4244-AE6A-D6FD3C28D1EF}" = Ad-Aware
"{E4197D6B-F046-33E7-ABDE-51FF373FDC76}" = Windows SDK IntellisenseNFX
"{E7F9E526-2324-437B-A609-E8C5309465CB}" = Microsoft Windows Performance Toolkit
"{E91E8912-769D-42F0-8408-0E329443BABC}" = Ralink RT7x Wireless LAN Card
"{EC421A14-0A27-44A1-BB85-21605935F15A}" = Corel DESIGNER Technical Suite X4
"{EF147A9D-D94E-4875-910D-2AF98CBDFE2E}" = Corel DESIGNER Technical Suite X4 - Lang FR
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F333A33D-125C-32A2-8DCE-5C5D14231E27}" = Visual C++ 2008 x86 Runtime - (v9.0.30729)
"{F333A33D-125C-32A2-8DCE-5C5D14231E27}.vc_x86runtime_30729_01" = Visual C++ 2008 x86 Runtime - v9.0.30729.01
"{F428D0FB-765D-40EB-BDD8-A1E7F5C597FA}" = Update Manager
"{FD95FDC1-418F-4C6A-B8B8-658707875D59}" = Corel DESIGNER Technical Suite X4 - VBA
"Ad-Aware" = Ad-Aware
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"AutoCAD LT 2011 - English" = AutoCAD LT 2011 - English
"AutoCAD LT 2011 - English Version 2.1" = AutoCAD LT 2011 - English Version 2.1
"avast" = avast! Free Antivirus
"BitTorrentBar Toolbar" = BitTorrentBar Toolbar
"CCleaner" = CCleaner
"com.adobe.mauby.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1" = Acrobat.com
"conduitEngine" = Conduit Engine
"CPUID CPU-Z_is1" = CPUID CPU-Z 1.56
"EasyBCD" = EasyBCD 1.7.2
"ENTERPRISE" = Microsoft Office Enterprise 2007
"FileZilla Client" = FileZilla Client 3.5.1
"Forte Agent" = Forté Agent
"Google Chrome" = Google Chrome
"InstallShield_{4A7FDA4D-F4D7-4A49-934A-066D59A43C7E}" = SmartSound Quicktracks Plugin
"InstallShield_{CB099890-1D5F-11D5-9EA9-0050BAE317E1}" = CyberLink PowerDirector
"Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware version 1.51.0.1200
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Extended" = Microsoft .NET Framework 4 Extended
"Microsoft Help Viewer 1.0" = Microsoft Help Viewer 1.0
"Microsoft IntelliPoint 8.1" = Microsoft IntelliPoint 8.1
"Microsoft IntelliType Pro 8.2" = Microsoft IntelliType Pro 8.2
"Mozilla Firefox 5.0 (x86 en-GB)" = Mozilla Firefox 5.0 (x86 en-GB)
"NVIDIA Display Control Panel" = NVIDIA Display Control Panel
"NVIDIA Drivers" = NVIDIA Drivers
"NVIDIAStereo" = NVIDIA Stereoscopic 3D Driver
"Opera 11.10.2092" = Opera 11.10
"Picasa 3" = Picasa 3
"Roxio PhotoShow" = Roxio PhotoShow
"SDKSetup_7.1.7600.0.30514" = Microsoft Windows SDK for Windows 7 (7.1)
"Ss Startup Manager_is1" = Ss Startup Manager 2.00
"TopStyle4_is1" = TopStyle 4
"WebCEO70_is1" = Web CEO 8.0
"WinHTTrack Website Copier_is1" = WinHTTrack Website Copier 3.43-9
 
========== HKEY_CURRENT_USER Uninstall List ==========
 
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"BitTorrent" = BitTorrent
 
========== Last 10 Event Log Errors ==========
 
[ Application Events ]
Error - 08/09/2011 10:49:32 | Computer Name = Lemuria-7 | Source = SideBySide | ID = 16842785
Description = Activation context generation failed for "D:\Windows\regedit.exe".
Dependent
 Assembly Microsoft.Windows.Common-Controls,processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0"
 could not be found.  Please use sxstrace.exe for detailed diagnosis.
 
Error - 09/09/2011 07:26:23 | Computer Name = Lemuria-7 | Source = Application Hang | ID = 1002
Description = The program OTL.exe version 3.2.27.0 stopped interacting with Windows
 and was closed. To see if more information about the problem is available, check
 the problem history in the Action Center control panel.    Process ID: 1460    Start Time:
 01cc6ee31e06afb2    Termination Time: 15    Application Path: C:\Users\allans\Desktop\OTL.exe

Report
 Id: 78970e06-dad6-11e0-a856-001d6064eb78  
 
[ System Events ]
Error - 08/09/2011 05:25:20 | Computer Name = Lemuria-7 | Source = DCOM | ID = 10016
Description =
 
Error - 08/09/2011 05:25:20 | Computer Name = Lemuria-7 | Source = DCOM | ID = 10016
Description =
 
Error - 08/09/2011 05:54:13 | Computer Name = Lemuria-7 | Source = DCOM | ID = 10016
Description =
 
Error - 08/09/2011 05:54:13 | Computer Name = Lemuria-7 | Source = DCOM | ID = 10016
Description =
 
 
< End of report >

4
Tech Clinic / DCom event 10016
« on: September 09, 2011, 02:17:58 AM »
[quote name='guestolo' timestamp='1315538558' post='480196']
 Post both logs in this thread.
[/quote]

Thanks for offering to take a look. As requested:

There is no extras.txt on the desktop, I did a file search - not found.  Here is otl.txt
OTL logfile created on: 09/09/2011 08:06:43 - Run 6
OTL by OldTimer - Version 3.2.27.0     Folder = C:\Users\allans\Desktop
 Enterprise Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000809 | Country: United Kingdom | Language: ENG | Date Format: dd/MM/yyyy
 
3.25 Gb Total Physical Memory | 1.91 Gb Available Physical Memory | 58.89% Memory free
6.50 Gb Paging File | 5.30 Gb Available in Paging File | 81.60% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 97.65 Gb Total Space | 62.97 Gb Free Space | 64.48% Space Free | Partition Type: NTFS
Drive D: | 78.13 Gb Total Space | 54.67 Gb Free Space | 69.98% Space Free | Partition Type: NTFS
Drive E: | 105.47 Gb Total Space | 46.42 Gb Free Space | 44.01% Space Free | Partition Type: NTFS
Drive F: | 106.38 Gb Total Space | 96.17 Gb Free Space | 90.40% Space Free | Partition Type: NTFS
Drive T: | 78.13 Gb Total Space | 72.63 Gb Free Space | 92.96% Space Free | Partition Type: NTFS
 
Computer Name: LEMURIA-7 | User Name: allans | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
 
========== Processes (SafeList) ==========
 
PRC - [2011/09/09 08:05:17 | 000,581,120 | ---- | M] (OldTimer Tools) -- C:\Users\allans\Desktop\OTL.exe
PRC - [2011/09/06 21:45:30 | 003,722,416 | ---- | M] (AVAST Software) -- C:\Program Files\Alwil Software\Avast5\AvastUI.exe
PRC - [2011/09/06 21:45:28 | 000,044,768 | ---- | M] (AVAST Software) -- C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
PRC - [2011/09/02 14:29:30 | 002,152,152 | ---- | M] (Lavasoft Limited) -- C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe
PRC - [2011/08/15 14:49:50 | 001,191,216 | ---- | M] (Lavasoft Limited) -- C:\Program Files\Lavasoft\Ad-Aware\AAWTray.exe
PRC - [2011/08/14 14:59:51 | 000,243,360 | ---- | M] (Adobe Systems, Inc.) -- C:\Windows\System32\Macromed\Flash\FlashUtil10v_ActiveX.exe
PRC - [2011/06/06 12:55:28 | 000,064,952 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
PRC - [2011/02/25 06:30:54 | 002,616,320 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe
PRC - [2010/11/20 13:17:47 | 000,049,152 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\taskhost.exe
PRC - [2009/12/11 17:57:21 | 002,326,920 | ---- | M] (Acronis) -- C:\Program Files\Common Files\Acronis\CDP\afcdpsrv.exe
PRC - [2009/11/20 20:17:00 | 000,240,232 | ---- | M] (NVIDIA Corporation) -- C:\Program Files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
PRC - [2009/09/12 17:31:36 | 000,357,384 | ---- | M] (Acronis) -- C:\Program Files\Common Files\Acronis\Schedule2\schedhlp.exe
PRC - [2009/09/12 17:31:30 | 000,660,520 | ---- | M] (Acronis) -- C:\Program Files\Common Files\Acronis\Schedule2\schedul2.exe
PRC - [2009/09/12 17:30:48 | 005,048,488 | ---- | M] (Acronis) -- C:\Program Files\Acronis\TrueImageHome\TrueImageMonitor.exe
PRC - [2009/08/20 18:42:38 | 001,560,576 | ---- | M] (Ralink Technology, Corp.) -- C:\Program Files\Ralink\Common\RaUI.exe
PRC - [2009/07/21 12:50:02 | 000,084,464 | ---- | M] () -- C:\Program Files\Roxio 2010\5.0\CPMonitor.exe
PRC - [2009/07/14 22:53:00 | 000,185,632 | ---- | M] (Ralink Technology, Corp.) -- C:\Program Files\Ralink\Common\RaRegistry.exe
PRC - [2009/06/23 02:18:52 | 000,494,064 | ---- | M] () -- C:\Program Files\Roxio 2010\Roxio Burn\RoxioBurnLauncher.exe
PRC - [2007/07/24 12:15:14 | 000,185,632 | ---- | M] (Protexis Inc.) -- c:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe
 
 
========== Modules (No Company Name) ==========
 
MOD - [2011/08/28 22:19:12 | 000,093,696 | ---- | M] () -- C:\Program Files\FileZilla FTP Client\fzshellext.dll
MOD - [2009/11/19 11:20:44 | 007,745,536 | ---- | M] () -- C:\Program Files\Common Files\LightScribe\QtGui4.dll
MOD - [2009/11/19 11:20:42 | 002,121,728 | ---- | M] () -- C:\Program Files\Common Files\LightScribe\QtCore4.dll
MOD - [2009/11/19 11:20:42 | 000,135,168 | ---- | M] () -- C:\Program Files\Common Files\LightScribe\plugins\imageformats\qjpeg4.dll
MOD - [2009/08/20 22:59:58 | 000,860,160 | ---- | M] () -- C:\Program Files\Ralink\Common\RaWLAPI.dll
MOD - [2009/07/21 12:50:02 | 000,084,464 | ---- | M] () -- C:\Program Files\Roxio 2010\5.0\CPMonitor.exe
MOD - [2009/06/23 02:18:52 | 000,494,064 | ---- | M] () -- C:\Program Files\Roxio 2010\Roxio Burn\RoxioBurnLauncher.exe
 
 
========== Win32 Services (SafeList) ==========
 
SRV - [2011/09/06 21:45:28 | 000,044,768 | ---- | M] (AVAST Software) [Auto | Running] -- C:\Program Files\Alwil Software\Avast5\AvastSvc.exe -- (avast! Antivirus)
SRV - [2011/09/02 14:29:30 | 002,152,152 | ---- | M] (Lavasoft Limited) [Auto | Running] -- C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe -- (Lavasoft Ad-Aware Service)
SRV - [2011/06/06 12:55:28 | 000,064,952 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)
SRV - [2010/10/11 09:56:07 | 001,045,256 | ---- | M] (Acresso Software Inc.) [On_Demand | Stopped] -- C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe -- (FLEXnet Licensing Service)
SRV - [2010/05/22 09:19:22 | 001,343,400 | ---- | M] (Microsoft Corporation) [Unknown | Stopped] -- C:\Windows\System32\Wat\WatAdminSvc.exe -- (WatAdminSvc)
SRV - [2009/12/11 17:57:21 | 002,326,920 | ---- | M] (Acronis) [Auto | Running] -- C:\Program Files\Common Files\Acronis\CDP\afcdpsrv.exe -- (afcdpsrv)
SRV - [2009/11/20 20:17:00 | 000,240,232 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe -- (Stereo Service)
SRV - [2009/09/12 17:31:30 | 000,660,520 | ---- | M] (Acronis) [Auto | Running] -- C:\Program Files\Common Files\Acronis\Schedule2\schedul2.exe -- (AcrSch2Svc)
SRV - [2009/07/24 09:33:34 | 000,219,632 | ---- | M] (Sonic Solutions) [Disabled | Stopped] -- C:\Program Files\Common Files\Roxio Shared\12.0\SharedCOM\RoxWatch12.exe -- (RoxWatch12)
SRV - [2009/07/24 09:33:10 | 001,116,656 | ---- | M] (Sonic Solutions) [Disabled | Stopped] -- C:\Program Files\Common Files\Roxio Shared\12.0\SharedCOM\RoxMediaDB12.exe -- (RoxMediaDB12)
SRV - [2009/07/14 22:53:00 | 000,185,632 | ---- | M] (Ralink Technology, Corp.) [Auto | Running] -- C:\Program Files\Ralink\Common\RaRegistry.exe -- (RalinkRegistryWriter)
SRV - [2009/07/14 02:16:15 | 000,016,384 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\StorSvc.dll -- (StorSvc)
SRV - [2009/07/14 02:16:13 | 000,025,088 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\sensrsvc.dll -- (SensrSvc)
SRV - [2009/07/14 02:16:12 | 001,004,544 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\PeerDistSvc.dll -- (PeerDistSvc)
SRV - [2009/07/14 02:15:41 | 000,680,960 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV - [2009/06/02 20:05:58 | 000,457,200 | ---- | M] () [On_Demand | Stopped] -- C:\Program Files\Roxio\BackOnTrack\Disaster Recovery\SaibSVC.exe -- (9734BF6A-2DCD-40f0-BAB0-5AAFEEBE1269)
SRV - [2007/07/24 12:15:14 | 000,185,632 | ---- | M] (Protexis Inc.) [Auto | Running] -- c:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe -- (PSI_SVC_2)
 
 
========== Driver Services (SafeList) ==========
 
DRV - [2011/09/06 21:38:05 | 000,442,200 | ---- | M] (AVAST Software) [File_System | System | Running] -- C:\Windows\System32\drivers\aswSnx.sys -- (aswSnx)
DRV - [2011/09/06 21:37:53 | 000,320,856 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\System32\drivers\aswSP.sys -- (aswSP)
DRV - [2011/09/06 21:36:38 | 000,034,392 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\System32\drivers\aswRdr.sys -- (aswRdr)
DRV - [2011/09/06 21:36:36 | 000,052,568 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\System32\drivers\aswTdi.sys -- (aswTdi)
DRV - [2011/09/06 21:36:26 | 000,054,616 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\Windows\System32\drivers\aswMonFlt.sys -- (aswMonFlt)
DRV - [2011/09/06 21:36:12 | 000,020,568 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\Windows\System32\drivers\aswFsBlk.sys -- (aswFsBlk)
DRV - [2011/07/28 18:37:10 | 000,045,288 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\dc3d.sys -- (dc3d) MS Hardware Device Detection Driver (USB)
DRV - [2011/05/29 09:11:30 | 000,039,984 | ---- | M] (Malwarebytes Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\mbamswissarmy.sys -- (MBAMSwissArmy)
DRV - [2011/02/04 15:27:14 | 000,015,232 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Program Files\Lavasoft\Ad-Aware\kernexplorer.sys -- (Lavasoft Kernexplorer)
DRV - [2010/11/20 13:30:15 | 000,175,360 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\system32\drivers\vmbus.sys -- (vmbus)
DRV - [2010/11/20 13:30:15 | 000,040,704 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\system32\drivers\vmstorfl.sys -- (storflt)
DRV - [2010/11/20 13:30:15 | 000,028,032 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\drivers\storvsc.sys -- (storvsc)
DRV - [2010/11/20 11:24:41 | 000,052,224 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV - [2010/11/20 11:21:14 | 000,015,872 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\rdpvideominiport.sys -- (RdpVideoMiniport)
DRV - [2010/11/20 10:14:45 | 000,017,920 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\drivers\VMBusHID.sys -- (VMBusHID)
DRV - [2010/11/20 10:14:41 | 000,005,632 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\drivers\vms3cap.sys -- (s3cap)
DRV - [2010/11/09 15:35:30 | 000,021,992 | ---- | M] (CPUID) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\cpuz135_x32.sys -- (cpuz135)
DRV - [2010/08/12 13:15:20 | 000,064,288 | ---- | M] (Lavasoft AB) [File_System | Boot | Running] -- C:\Windows\system32\DRIVERS\Lbd.sys -- (Lbd)
DRV - [2009/12/11 17:57:22 | 000,159,168 | ---- | M] (Acronis) [File_System | On_Demand | Running] -- C:\Windows\System32\drivers\afcdp.sys -- (afcdp)
DRV - [2009/12/11 17:57:20 | 000,902,432 | ---- | M] (Acronis) [Kernel | Boot | Running] -- C:\Windows\system32\DRIVERS\tdrpm251.sys -- (tdrpman251) Acronis Try&Decide and Restore Points filter (build 251)
DRV - [2009/12/11 17:57:20 | 000,570,016 | ---- | M] (Acronis) [Kernel | Boot | Running] -- C:\Windows\system32\DRIVERS\timntr.sys -- (timounter)
DRV - [2009/12/11 17:57:16 | 000,157,248 | ---- | M] (Acronis) [Kernel | Boot | Running] -- C:\Windows\system32\DRIVERS\snapman.sys -- (snapman)
DRV - [2009/11/21 03:34:54 | 011,515,752 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\nvlddmkm.sys -- (nvlddmkm)
DRV - [2009/07/29 18:18:20 | 000,553,472 | ---- | M] (Ralink Technology, Corp.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\netr73.sys -- (netr73)
DRV - [2009/07/14 21:44:22 | 001,443,584 | ---- | M] (Hauppauge Computer Works) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\HCW85BDA.sys -- (HCW85BDA)
DRV - [2009/07/14 00:52:10 | 000,014,336 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\vwifimp.sys -- (vwifimp)
DRV - [2009/06/05 20:12:34 | 000,219,352 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\e1e6232.sys -- (e1express) Intel(R)
DRV - [2009/06/02 02:00:00 | 000,025,584 | ---- | M] (Sonic Solutions) [Kernel | System | Running] -- C:\Windows\System32\drivers\SaibVd32.sys -- (SaibVd32)
DRV - [2009/06/02 02:00:00 | 000,021,488 | ---- | M] (Sonic Solutions) [Kernel | Boot | Running] -- C:\Windows\System32\Drivers\SahdIa32.sys -- (SahdIa32)
DRV - [2009/06/02 02:00:00 | 000,015,856 | ---- | M] (Sonic Solutions) [Kernel | Boot | Running] -- C:\Windows\System32\Drivers\SaibIa32.sys -- (SaibIa32)
DRV - [2008/05/16 13:33:14 | 000,115,752 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\s0016unic.sys -- (s0016unic) Sony Ericsson Device 0016 USB Ethernet Emulation SEMC0016 (WDM)
DRV - [2008/05/16 13:33:14 | 000,025,512 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\s0016nd5.sys -- (s0016nd5) Sony Ericsson Device 0016 USB Ethernet Emulation SEMC0016 (NDIS)
DRV - [2008/05/16 13:33:14 | 000,015,016 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\s0016mdfl.sys -- (s0016mdfl)
DRV - [2008/05/16 13:33:12 | 000,120,744 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\s0016mdm.sys -- (s0016mdm)
DRV - [2008/05/16 13:33:12 | 000,114,216 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\s0016mgmt.sys -- (s0016mgmt) Sony Ericsson Device 0016 USB WMC Device Management Drivers (WDM)
DRV - [2008/05/16 13:33:12 | 000,110,632 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\s0016obex.sys -- (s0016obex)
DRV - [2008/05/16 13:33:12 | 000,089,256 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\s0016bus.sys -- (s0016bus) Sony Ericsson Device 0016 driver (WDM)
DRV - [2008/01/09 12:28:34 | 000,027,632 | ---- | M] (Sony Ericsson Mobile Communications) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\seehcri.sys -- (seehcri)
DRV - [2007/04/03 14:57:42 | 000,083,336 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\s116bus.sys -- (s116bus) Sony Ericsson Device 116 driver (WDM)
 
 
========== Standard Registry (SafeList) ==========
 
 
========== Internet Explorer ==========
 
IE - HKLM\..\URLSearchHook: {88c7f2aa-f93f-432c-8f0e-b7d85967a527} - C:\Program Files\BitTorrentBar\tbBitT.dll (Conduit Ltd.)
 
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://telfordsteamrailway.easysearch.org.uk/
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://uk.msn.com/?ocid=iehp
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = en-gb
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 28 1A AB F3 7C 7A CA 01  [binary data]
IE - HKCU\..\URLSearchHook: {88c7f2aa-f93f-432c-8f0e-b7d85967a527} - C:\Program Files\BitTorrentBar\tbBitT.dll (Conduit Ltd.)
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local
 
========== FireFox ==========
 
FF - prefs.js..browser.search.defaultthis.engineName: "  "
FF - prefs.js..browser.search.defaulturl: "http://search.conduit.com/ResultsExt.aspx?ctid=CT2790392&SearchSource=3&q={searchTerms}"
FF - prefs.js..browser.search.param.yahoo-fr: "chr-greentree_ff&type=827316"
FF - prefs.js..browser.search.selectedEngine: "  "
FF - prefs.js..browser.startup.homepage: "http://search.conduit.com/?ctid=CT2790392&SearchSource=13"
FF - prefs.js..extensions.enabledItems: [email protected]:1.6.2
FF - prefs.js..extensions.enabledItems: {e3f6c2cc-d8db-498c-af6c-499fb211db97}:1.10.2
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}:6.0.21
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}:6.0.22
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}:6.0.23
FF - prefs.js..extensions.enabledItems: {c45c406e-ab73-11d8-be73-000a95be3b12}:1.1.9
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}:6.0.24
FF - prefs.js..extensions.enabledItems: [email protected]:20110101
FF - prefs.js..extensions.enabledItems: [email protected]:1.0.0.1
FF - prefs.js..extensions.enabledItems: [email protected]:4.3
FF - prefs.js..extensions.enabledItems: [email protected]:4.3
FF - prefs.js..keyword.URL: "http://uk.search.yahoo.com/search?fr=greentree_ff1&ei=utf-8&type=827316&p="
FF - prefs.js..network.proxy.no_proxies_on: "*.local"
 
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF32.dll ()
FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF - HKLM\Software\MozillaPlugins\@google.com/npPicasa3,version=3.0.0: C:\Program Files\Google\Picasa3\npPicasa3.dll (Google, Inc.)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files\Microsoft Silverlight\4.0.60531.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVision: C:\Program Files\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.21.65\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.21.65\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
 
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\[email protected]: C:\Program Files\Alwil Software\Avast5\WebRep\FF [2011/09/07 18:50:28 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 5.0\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2011/08/16 08:21:01 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 5.0\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2011/08/16 08:21:01 | 000,000,000 | ---D | M]
 
[2009/12/11 19:56:15 | 000,000,000 | ---D | M] (No name found) -- C:\Users\allans\AppData\Roaming\Mozilla\Extensions
[2011/08/24 20:51:41 | 000,000,000 | ---D | M] (No name found) -- C:\Users\allans\AppData\Roaming\Mozilla\Firefox\Profiles\cu0hd0b7.default\extensions
[2011/01/31 12:45:25 | 000,000,000 | ---D | M] (Web Developer) -- C:\Users\allans\AppData\Roaming\Mozilla\Firefox\Profiles\cu0hd0b7.default\extensions\{c45c406e-ab73-11d8-be73-000a95be3b12}
[2011/07/07 20:33:29 | 000,000,000 | ---D | M] (Page Speed) -- C:\Users\allans\AppData\Roaming\Mozilla\Firefox\Profiles\cu0hd0b7.default\extensions\{e3f6c2cc-d8db-498c-af6c-499fb211db97}
[2011/08/24 20:52:02 | 000,000,000 | ---D | M] (No name found) -- C:\Users\allans\AppData\Roaming\Mozilla\Firefox\Profiles\cu0hd0b7.default\extensions\staged
[2011/03/17 14:27:34 | 000,000,000 | ---D | M] (Ancestry.com Advanced Image Viewer) -- C:\Users\allans\AppData\Roaming\Mozilla\Firefox\Profiles\cu0hd0b7.default\extensions\[email protected]
[2011/01/04 20:52:10 | 000,000,863 | ---- | M] () -- C:\Users\allans\AppData\Roaming\Mozilla\Firefox\Profiles\cu0hd0b7.default\searchplugins\conduit.xml
[2011/06/16 18:59:30 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions
[2010/09/20 20:27:31 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}
[2010/10/18 08:53:56 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}
[2011/01/13 13:56:10 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}
[2011/03/05 09:58:47 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}
[2011/06/16 18:59:30 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA}
[2011/09/07 18:50:28 | 000,000,000 | ---D | M] (avast! WebRep) -- C:\PROGRAM FILES\ALWIL SOFTWARE\AVAST5\WEBREP\FF
() (No name found) -- C:\USERS\ALLANS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\CU0HD0B7.DEFAULT\EXTENSIONS\[email protected]
[2011/06/22 20:07:00 | 000,142,296 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\browsercomps.dll
[2008/01/08 01:45:16 | 000,054,600 | ---- | M] (BitTorrent, Inc.) -- C:\Program Files\mozilla firefox\plugins\npbittorrent.dll
[2011/05/04 04:52:23 | 000,476,904 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\mozilla firefox\plugins\npdeployJava1.dll
[2007/02/05 00:02:56 | 001,642,496 | ---- | M] (LizardTech) -- C:\Program Files\mozilla firefox\plugins\npdjvu.dll
[2010/01/01 09:00:00 | 000,001,538 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\amazon-en-GB.xml
[2010/01/01 09:00:00 | 000,002,252 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\bing.xml
[2010/01/01 09:00:00 | 000,000,947 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\chambers-en-GB.xml
[2010/01/01 09:00:00 | 000,001,180 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\eBay-en-GB.xml
[2010/01/01 09:00:00 | 000,001,135 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\yahoo-en-GB.xml
 
O1 HOSTS File: ([2010/05/24 18:02:20 | 000,000,872 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
O1 - Hosts: 10.0.0.9 Lemuria
O1 - Hosts: 10.0.0.8 Oleanna
O1 - Hosts: 10.0.0.7 Asgard
O1 - Hosts: 10.0.0.6 Atlantis
O1 - Hosts: 10.0.0.5 Avalon
O1 - Hosts: 10.0.0.3 Lyonesse
O2 - BHO: (no name) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - No CLSID value found.
O2 - BHO: (Conduit Engine) - {30F9B915-B755-4826-820B-08FBA6BD249D} - C:\Program Files\ConduitEngine\ConduitEngine.dll (Conduit Ltd.)
O2 - BHO: (BitTorrentBar Toolbar) - {88c7f2aa-f93f-432c-8f0e-b7d85967a527} - C:\Program Files\BitTorrentBar\tbBitT.dll (Conduit Ltd.)
O2 - BHO: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\Alwil Software\Avast5\aswWebRepIE.dll (AVAST Software)
O3 - HKLM\..\Toolbar: (Conduit Engine) - {30F9B915-B755-4826-820B-08FBA6BD249D} - C:\Program Files\ConduitEngine\ConduitEngine.dll (Conduit Ltd.)
O3 - HKLM\..\Toolbar: (BitTorrentBar Toolbar) - {88c7f2aa-f93f-432c-8f0e-b7d85967a527} - C:\Program Files\BitTorrentBar\tbBitT.dll (Conduit Ltd.)
O3 - HKLM\..\Toolbar: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\Alwil Software\Avast5\aswWebRepIE.dll (AVAST Software)
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {0E1230F8-EA50-42A9-983C-D22ABC2EED3B} - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (Conduit Engine) - {30F9B915-B755-4826-820B-08FBA6BD249D} - C:\Program Files\ConduitEngine\ConduitEngine.dll (Conduit Ltd.)
O3 - HKCU\..\Toolbar\WebBrowser: (BitTorrentBar Toolbar) - {88C7F2AA-F93F-432C-8F0E-B7D85967A527} - C:\Program Files\BitTorrentBar\tbBitT.dll (Conduit Ltd.)
O4 - HKLM..\Run: [Acronis Scheduler2 Service] C:\Program Files\Common Files\Acronis\Schedule2\schedhlp.exe (Acronis)
O4 - HKLM..\Run: [avast5] C:\Program Files\Alwil Software\Avast5\avastUI.exe (AVAST Software)
O4 - HKLM..\Run: [CPMonitor] C:\Program Files\Roxio 2010\5.0\CPMonitor.exe ()
O4 - HKLM..\Run: [Desktop Disc Tool] C:\Program Files\Roxio 2010\Roxio Burn\RoxioBurnLauncher.exe ()
O4 - HKLM..\Run: [TrueImageMonitor.exe] C:\Program Files\Acronis\TrueImageHome\TrueImageMonitor.exe (Acronis)
O4 - HKLM..\Run: [UpdatePDRShortCut] C:\Program Files\CyberLink\PowerDirector\MUITransfer\MUIStartMenu.exe (CyberLink Corp.)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O8 - Extra context menu item: Add to Google Photos Screensa&ver - C:\Windows\System32\GPhotos.scr (Google Inc.)
O9 - Extra Button: Run WinHTTrack - {36ECAF82-3300-8F84-092E-AFF36D6C7040} - C:\Program Files\WinHTTrack\WinHTTrackIEBar.dll ()
O9 - Extra 'Tools' menuitem : Launch WinHTTrack - {36ECAF82-3300-8F84-092E-AFF36D6C7040} - C:\Program Files\WinHTTrack\WinHTTrackIEBar.dll ()
O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O13 - gopher Prefix: missing
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} http://download.microsoft.com/download/C/0/C/C0CBBA88-A6F2-48D9-9B0E-1719D1177202/LegitCheckControl.cab (Windows Genuine Advantage Validation Tool)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab (Java Plug-in 1.6.0_26)
O16 - DPF: {CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab (Java Plug-in 1.6.0_26)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab (Java Plug-in 1.6.0_26)
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab (Reg Error: Key error.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{70B57719-9980-4877-9A04-298B47139643}: NameServer = 10.0.0.1,195.74.102.146
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\System32\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\System32\SystemPropertiesPerformance.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (/pagefile) -  File not found
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found.
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2009/06/10 22:42:20 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O33 - MountPoints2\{3671ac95-17c4-11df-9f64-001d6064eb78}\Shell - "" = AutoRun
O33 - MountPoints2\{3671ac95-17c4-11df-9f64-001d6064eb78}\Shell\AutoRun\command - "" = G:\LaunchU3.exe -a
O33 - MountPoints2\{5f1496a8-f853-11de-99c0-001d6064eb78}\Shell - "" = AutoRun
O33 - MountPoints2\{5f1496a8-f853-11de-99c0-001d6064eb78}\Shell\AutoRun\command - "" = G:\LaunchU3.exe
O34 - HKLM BootExecute: (autocheck autochk *) -  File not found
O34 - HKLM BootExecute: (lsdelete) - C:\Windows\System32\lsdelete.exe ()
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
 
========== Files/Folders - Created Within 30 Days ==========
 
[2011/09/09 08:05:17 | 000,581,120 | ---- | C] (OldTimer Tools) -- C:\Users\allans\Desktop\OTL.exe
[2011/09/07 10:53:07 | 000,000,000 | ---D | C] -- C:\Users\allans\Desktop\10910906
[2011/09/04 16:55:14 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PDFCreator
[2011/09/04 07:57:25 | 000,000,000 | ---D | C] -- C:\Users\allans\brickstore-cache
[2011/09/04 07:57:20 | 000,000,000 | ---D | C] -- C:\Program Files\SoftForge
[2011/09/04 07:57:20 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\BrickStore
[2011/08/16 08:20:54 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\QuickTime
[2011/08/16 08:20:47 | 000,000,000 | ---D | C] -- C:\Program Files\QuickTime
[2011/08/10 14:08:30 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Keyboard
[2011/08/10 14:08:24 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft IntelliType Pro
[2011/08/10 14:03:11 | 002,382,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mshtml.tlb
[2011/08/10 14:03:10 | 000,176,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieui.dll
[2011/08/10 14:03:09 | 001,797,632 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jscript9.dll
[2011/08/10 14:03:09 | 000,065,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jsproxy.dll
[2011/08/10 14:03:08 | 000,231,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\url.dll
[2011/08/10 13:59:36 | 003,967,872 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ntkrnlpa.exe
[2011/08/10 13:59:36 | 003,912,576 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ntoskrnl.exe
[2011/08/10 13:59:13 | 000,271,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\conhost.exe
[2011/08/10 13:59:13 | 000,169,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\winsrv.dll
[2011/08/10 13:59:13 | 000,005,120 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-file-l1-1-0.dll
[2011/08/10 13:59:13 | 000,004,608 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-processthreads-l1-1-0.dll
[2011/08/10 13:59:13 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-sysinfo-l1-1-0.dll
[2011/08/10 13:59:13 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-synch-l1-1-0.dll
[2011/08/10 13:59:13 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-misc-l1-1-0.dll
[2011/08/10 13:59:13 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-localregistry-l1-1-0.dll
[2011/08/10 13:59:13 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-processenvironment-l1-1-0.dll
[2011/08/10 13:59:13 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-memory-l1-1-0.dll
[2011/08/10 13:59:13 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-libraryloader-l1-1-0.dll
[2011/08/10 13:59:13 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-string-l1-1-0.dll
[2011/08/10 13:59:13 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-rtlsupport-l1-1-0.dll
[2011/08/10 13:59:13 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-profile-l1-1-0.dll
[2011/08/10 13:59:13 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-delayload-l1-1-0.dll
[2011/08/10 13:59:12 | 000,006,144 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-security-base-l1-1-0.dll
[2011/08/10 13:59:12 | 000,004,608 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-threadpool-l1-1-0.dll
[2011/08/10 13:59:12 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-localization-l1-1-0.dll
[2011/08/10 13:59:12 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-xstate-l1-1-0.dll
[2011/08/10 13:59:12 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-namedpipe-l1-1-0.dll
[2011/08/10 13:59:12 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-interlocked-l1-1-0.dll
[2011/08/10 13:59:12 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-heap-l1-1-0.dll
[2011/08/10 13:59:12 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-util-l1-1-0.dll
[2011/08/10 13:59:12 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-io-l1-1-0.dll
[2011/08/10 13:59:12 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-handle-l1-1-0.dll
[2011/08/10 13:59:12 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-fibers-l1-1-0.dll
[2011/08/10 13:59:12 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-errorhandling-l1-1-0.dll
[2011/08/10 13:59:12 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-debug-l1-1-0.dll
[2011/08/10 13:59:12 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-datetime-l1-1-0.dll
[2011/08/10 13:59:12 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-console-l1-1-0.dll
[2011/08/10 13:58:59 | 000,319,488 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\odbcjt32.dll
[2011/08/10 13:58:59 | 000,163,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\odbctrac.dll
[2011/08/10 13:58:59 | 000,122,880 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\odbccp32.dll
[2011/08/10 13:58:59 | 000,086,016 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\odbccu32.dll
[2011/08/10 13:58:59 | 000,081,920 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\odbccr32.dll
 
========== Files - Modified Within 30 Days ==========
 
[2011/09/09 08:05:17 | 000,581,120 | ---- | M] (OldTimer Tools) -- C:\Users\allans\Desktop\OTL.exe
[2011/09/09 08:01:28 | 000,016,960 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2011/09/09 08:01:28 | 000,016,960 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2011/09/09 07:59:20 | 000,667,224 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2011/09/09 07:59:20 | 000,125,900 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2011/09/09 07:56:34 | 000,000,064 | ---- | M] () -- C:\Windows\System32\rp_stats.dat
[2011/09/09 07:56:34 | 000,000,044 | ---- | M] () -- C:\Windows\System32\rp_rules.dat
[2011/09/09 07:54:21 | 000,000,882 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2011/09/09 07:54:10 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2011/09/09 07:54:08 | 2616,696,832 | -HS- | M] () -- C:\hiberfil.sys
[2011/09/08 20:13:00 | 000,000,886 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2011/09/07 18:50:28 | 000,002,577 | ---- | M] () -- C:\Windows\System32\config.nt
[2011/09/07 16:42:34 | 000,363,111 | ---- | M] () -- C:\Users\allans\Desktop\allans_lego.pdf
[2011/09/07 16:41:15 | 000,361,298 | ---- | M] () -- C:\Users\allans\Desktop\allans_lego_withremarks.pdf
[2011/09/07 10:56:08 | 000,002,516 | -HS- | M] () -- C:\ProgramData\KGyGaAvL.sys
[2011/09/07 10:47:20 | 232,462,559 | ---- | M] () -- C:\Windows\MEMORY.DMP
[2011/09/06 21:45:29 | 000,199,304 | ---- | M] (AVAST Software) -- C:\Windows\System32\aswBoot.exe
[2011/09/06 21:45:29 | 000,041,184 | ---- | M] (AVAST Software) -- C:\Windows\avastSS.scr
[2011/09/06 21:38:05 | 000,442,200 | ---- | M] (AVAST Software) -- C:\Windows\System32\drivers\aswSnx.sys
[2011/09/06 21:37:53 | 000,320,856 | ---- | M] (AVAST Software) -- C:\Windows\System32\drivers\aswSP.sys
[2011/09/06 21:36:38 | 000,034,392 | ---- | M] (AVAST Software) -- C:\Windows\System32\drivers\aswRdr.sys
[2011/09/06 21:36:36 | 000,052,568 | ---- | M] (AVAST Software) -- C:\Windows\System32\drivers\aswTdi.sys
[2011/09/06 21:36:26 | 000,054,616 | ---- | M] (AVAST Software) -- C:\Windows\System32\drivers\aswMonFlt.sys
[2011/09/06 21:36:12 | 000,020,568 | ---- | M] (AVAST Software) -- C:\Windows\System32\drivers\aswFsBlk.sys
[2011/09/06 14:15:19 | 000,000,600 | ---- | M] () -- C:\Users\allans\AppData\Local\PUTTY.RND
[2011/09/04 08:13:52 | 000,002,295 | ---- | M] () -- C:\Users\Public\Desktop\Google Chrome.lnk
[2011/09/04 07:57:21 | 000,002,493 | ---- | M] () -- C:\Users\Public\Desktop\BrickStore.lnk
[2011/08/17 14:20:46 | 000,123,262 | ---- | M] () -- C:\Users\allans\Desktop\Safety Management Systems - loco's and rolling stock Version 2.pdf
[2011/08/16 08:20:54 | 000,001,823 | ---- | M] () -- C:\Users\Public\Desktop\QuickTime Player.lnk
[2011/08/14 14:59:52 | 000,404,640 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\System32\FlashPlayerCPLApp.cpl
[2011/08/10 14:32:35 | 000,540,752 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT
 
========== Files Created - No Company Name ==========
 
[2011/09/07 16:40:41 | 000,361,298 | ---- | C] () -- C:\Users\allans\Desktop\allans_lego_withremarks.pdf
[2011/09/07 10:46:03 | 232,462,559 | ---- | C] () -- C:\Windows\MEMORY.DMP
[2011/09/07 09:46:27 | 000,363,111 | ---- | C] () -- C:\Users\allans\Desktop\allans_lego.pdf
[2011/09/04 07:57:21 | 000,002,493 | ---- | C] () -- C:\Users\Public\Desktop\BrickStore.lnk
[2011/08/17 14:20:44 | 000,123,262 | ---- | C] () -- C:\Users\allans\Desktop\Safety Management Systems - loco's and rolling stock Version 2.pdf
[2011/08/16 08:20:54 | 000,001,823 | ---- | C] () -- C:\Users\Public\Desktop\QuickTime Player.lnk
[2011/05/26 10:52:24 | 000,116,224 | ---- | C] () -- C:\Windows\System32\pdfcmnnt.dll
[2011/05/24 17:57:35 | 000,077,996 | ---- | C] () -- C:\Users\allans\AppData\Local\rx_audio.Cache
[2011/04/26 08:18:45 | 000,000,064 | ---- | C] () -- C:\Windows\System32\rp_stats.dat
[2011/04/26 08:18:45 | 000,000,044 | ---- | C] () -- C:\Windows\System32\rp_rules.dat
[2011/02/23 21:33:40 | 000,080,896 | ---- | C] () -- C:\Windows\System32\RDVGHelper.exe
[2011/02/23 21:32:45 | 000,066,048 | ---- | C] () -- C:\Windows\System32\PrintBrmUi.exe
[2011/02/09 15:53:28 | 000,000,600 | ---- | C] () -- C:\Users\allans\AppData\Local\PUTTY.RND
[2011/01/09 14:59:21 | 000,015,880 | ---- | C] () -- C:\Windows\System32\lsdelete.exe
[2010/11/18 21:17:45 | 000,722,757 | ---- | C] () -- C:\Windows\unins000.exe
[2010/11/18 21:17:45 | 000,025,044 | ---- | C] () -- C:\Windows\unins000.dat
[2010/02/08 07:33:04 | 000,359,320 | ---- | C] () -- C:\Windows\System32\vfprintpthelper.dll
[2009/12/24 20:54:09 | 000,002,664 | ---- | C] () -- C:\Users\allans\AppData\Local\rx_image32.Cache
[2009/12/14 07:25:23 | 000,002,516 | -HS- | C] () -- C:\ProgramData\KGyGaAvL.sys
[2009/12/14 07:25:23 | 000,000,008 | RHS- | C] () -- C:\ProgramData\4134D8FADF.sys
[2009/12/12 17:17:10 | 000,126,976 | ---- | C] () -- C:\Windows\System32\THBIni20.dll
[2009/12/12 12:53:55 | 000,002,516 | -HS- | C] () -- C:\Windows\System32\KGyGaAvL.sys
[2009/07/14 05:57:37 | 000,067,584 | --S- | C] () -- C:\Windows\bootstat.dat
[2009/07/14 05:33:53 | 000,540,752 | ---- | C] () -- C:\Windows\System32\FNTCACHE.DAT
[2009/07/14 03:05:48 | 000,667,224 | ---- | C] () -- C:\Windows\System32\perfh009.dat
[2009/07/14 03:05:48 | 000,291,294 | ---- | C] () -- C:\Windows\System32\perfi009.dat
[2009/07/14 03:05:48 | 000,125,900 | ---- | C] () -- C:\Windows\System32\perfc009.dat
[2009/07/14 03:05:48 | 000,031,548 | ---- | C] () -- C:\Windows\System32\perfd009.dat
[2009/07/14 03:05:05 | 000,000,741 | ---- | C] () -- C:\Windows\System32\NOISE.DAT
[2009/07/14 03:04:11 | 000,215,943 | ---- | C] () -- C:\Windows\System32\dssec.dat
[2009/07/14 00:55:01 | 000,043,131 | ---- | C] () -- C:\Windows\mib.bin
[2009/07/14 00:51:43 | 000,073,728 | ---- | C] () -- C:\Windows\System32\BthpanContextHandler.dll
[2009/07/14 00:42:10 | 000,064,000 | ---- | C] () -- C:\Windows\System32\BWContextHandler.dll
[2009/06/10 22:26:10 | 000,673,088 | ---- | C] () -- C:\Windows\System32\mlang.dat
[2008/11/04 15:43:46 | 000,434,176 | ---- | C] () -- C:\Windows\System32\CNQL3203.DLL
[2008/10/14 16:05:42 | 000,014,800 | ---- | C] () -- C:\Windows\System32\IMSRCIta.dll
[2008/10/14 16:05:08 | 000,014,800 | ---- | C] () -- C:\Windows\System32\IMSRCFra.dll
[2008/10/14 16:04:36 | 000,014,800 | ---- | C] () -- C:\Windows\System32\IMSRCEsp.dll
[2008/10/14 16:04:02 | 000,014,288 | ---- | C] () -- C:\Windows\System32\IMSRCEng.dll
[2008/10/14 16:03:34 | 000,014,288 | ---- | C] () -- C:\Windows\System32\IMSRCDeu.dll
[2008/10/14 15:55:20 | 000,014,288 | ---- | C] () -- C:\Windows\System32\IMGFXIta.dll
[2008/10/14 15:54:52 | 000,014,288 | ---- | C] () -- C:\Windows\System32\IMGFXFra.dll
[2008/10/14 15:54:22 | 000,014,288 | ---- | C] () -- C:\Windows\System32\IMGFXEsp.dll
[2008/10/14 15:53:48 | 000,013,776 | ---- | C] () -- C:\Windows\System32\IMGFXEng.dll
[2008/10/14 15:53:18 | 000,014,288 | ---- | C] () -- C:\Windows\System32\IMGFXDeu.dll
[2006/07/21 20:50:34 | 000,066,048 | ---- | C] () -- C:\Windows\System32\hcwxds.dll
[2004/01/30 16:07:46 | 000,245,408 | ---- | C] () -- C:\Windows\System32\unicows.dll

< End of report >

5
Tech Clinic / DCom event 10016
« on: September 08, 2011, 04:51:32 AM »
I wasnt sure about how some of the event entries in my first post related to what Iwas doing so
with a view to better identifying the problem I:-
Turned on all possible event monitoring
Cleared out all event logs
Shut down the system - power off
Re-start

No critical errors - but 4 warnings all related to profile
All in the log called Applications and Services/Microsoft/Known Folders/Operational

Error 0x80070002 occurred while verifying known folder {1777f761-68ad-4d8a-87bd-30b759fa33dd} with path 'C:\Windows\system32\config\systemprofile\Favorites'.

Error 0x80070002 occurred while verifying known folder {625b53c3-ab48-4ec1-ba1f-a1ef4146fc19} with path 'C:\Windows\system32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Start Menu'.

Error 0x80070002 occurred while verifying known folder {fdd39ad0-238f-46af-adb4-6c85480369c7} with path 'C:\Windows\system32\config\systemprofile\Documents'.

Error 0x80070002 occurred while verifying known folder {b4bfcc3a-db2c-424c-b029-7fe99a87c641} with path 'C:\Windows\system32\config\systemprofile\Desktop'.

I then left the system on but went off to do something else. When I returned there were an additional 4 warnings in the same log area timed 25mins later

Error 0x80070003 occurred while verifying known folder {b97d20bb-f46a-4c97-ba10-5e3608430854} with path 'C:\Windows\system32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup'.

Error 0x80070002 occurred while verifying known folder {625b53c3-ab48-4ec1-ba1f-a1ef4146fc19} with path 'C:\Windows\system32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Start Menu'.

Error 0x80070002 occurred while verifying known folder {fdd39ad0-238f-46af-adb4-6c85480369c7} with path 'C:\Windows\system32\config\systemprofile\Documents'.

Error 0x80070003 occurred while verifying known folder {a77f5d77-2e2b-44c3-a6a2-aba601054a51} with path 'C:\Windows\system32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Start Menu\Programs'.

Error 0x80070002 occurred while verifying known folder {b4bfcc3a-db2c-424c-b029-7fe99a87c641} with path 'C:\Windows\system32\config\systemprofile\Desktop'.

Still no critical logged entries

I tried downloading from ancestry - 2 critical errors logged
The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID
{D3DCB472-7261-43CE-924B-0704BD730D5F}
 and APPID
{D3DCB472-7261-43CE-924B-0704BD730D5F}
 to the user Lemuria-7\allans SID (S-1-5-21-2787096167-1688380633-3611798013-1001) from address LocalHost (Using LRPC). This security permission can be modified using the Component Services administrative tool.

The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID
{145B4335-FE2A-4927-A040-7C35AD3180EF}
 and APPID
{145B4335-FE2A-4927-A040-7C35AD3180EF}
 to the user Lemuria-7\allans SID (S-1-5-21-2787096167-1688380633-3611798013-1001) from address LocalHost (Using LRPC). This security permission can be modified using the Component Services administrative tool.

I ran comexp.msc as administrator
CLicked Computers/My Computer/DCOm Config
I got a warning window -  cant cut/paste the text so see attached screen grab -
I clicked Yes to record the missing entry - the warning disappeared and then reappeared a few seconds later - identical.
I clicked yes again and the right pane populated with available apps
Right click on the 145B APPID from above and properties. Then security - its all greyed out.
At this point there are no new event entries.

I will try to keep an eye on any critical or warning events that appear

6
Tech Clinic / DCom event 10016
« on: September 07, 2011, 02:49:49 PM »
Every time my pc starts I get 2 critical events logged. It doesnt stop the PC working - but when I try to save an image from ancestry.com onto my local hard drive I get an error. The error doesnt occur if I save to memory stick. It is a standalone PC running Win732bit - fully updated, with Avast, fully updated.

The error is 'You dont have permission to save in this location'. This  causes the same 2 evnts that occur during startup.

The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID
{D3DCB472-7261-43CE-924B-0704BD730D5F}
 and APPID
{D3DCB472-7261-43CE-924B-0704BD730D5F}
 to the user Lemuria-7\allans SID (S-1-5-21-2787096167-1688380633-3611798013-1001) from address LocalHost (Using LRPC). This security permission can be modified using the Component Services administrative tool.

The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID
{145B4335-FE2A-4927-A040-7C35AD3180EF}
 and APPID
{145B4335-FE2A-4927-A040-7C35AD3180EF}
 to the user Lemuria-7\allans SID (S-1-5-21-2787096167-1688380633-3611798013-1001) from address LocalHost (Using LRPC). This security permission can be modified using the Component Services administrative tool.

Checking in the registry - both these IDS relate to fdPHost

I tried running comexp.msc as adminsitrator in order to
In the left pane: click Component Services->Computers->My Computer->DCOM Config.
List of apps list show up. On the right find the name of app from the event log (APPID).
Right click->Properties->Security tab->Launch & Activation Permissions->click Edit.
So that I can add the user that is mentioned in the 10016 event and give it appropriate permission.
When I open the security tab all options are greyed out and I cannot change anything.

This occurs for both APPIDs.

Any help / advice appreciated.

Allan

7
Tech Clinic / IE wont run
« on: February 10, 2011, 01:51:27 PM »
I thought I tried this before - but slowly, step-by-step, in a logical manner....

IE has been working properly, with the occasional strange rendering, with Ancestry Toolbar, Groove Folder, Groove GFS, BitTorrent Bar, Conduit Engine, SearchCD, GrafixView and GEPluginCoClass all disabled.
1.   Enable both ‘Groove’ Add-Ons. – Clicking ‘Enable’ on both of these does nothing – they do not ‘enable’.
2.   Enable GrafixView and Search CD , close IE, open IE – no problem – disabled again
3.   Enable GEPluginCoClass, close IE, open IE – no problem – disabled again
4.   Enable BitTorrent Toolbar, close IE, open IE – no problem – disabled again
5.   Enable Conduit Engine, close IE, open IE – no problem – disabled again
6.   Enable Ancestry Toolbar, close IE, open IE – PROBLEM – IE wont open. Open IE with no add-ons, disable Ancestry Toolbar, close IE, open IE normally – no problem
Why is it always the last one? Uninstalled Ancestry Toolbar, others remain disabled for now.

Lets see how it goes

Thanks for the input - glad you didnt spot anything else.

8
Tech Clinic / IE wont run
« on: February 09, 2011, 02:20:48 PM »
Ok as requested first OTL.txt

OTL logfile created on: 09/02/2011 19:18:57 - Run 5
OTL by OldTimer - Version 3.2.20.6     Folder = C:\Users\allans\Desktop
 Enterprise Edition  (Version = 6.1.7600) - Type = NTWorkstation
Internet Explorer (Version = 9.0.7930.16406)
Locale: 00000809 | Country: United Kingdom | Language: ENG | Date Format: dd/MM/yyyy
 
3.00 Gb Total Physical Memory | 3.00 Gb Available Physical Memory | 79.00% Memory free
6.00 Gb Paging File | 5.00 Gb Available in Paging File | 81.00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 97.65 Gb Total Space | 68.54 Gb Free Space | 70.18% Space Free | Partition Type: NTFS
Drive D: | 78.13 Gb Total Space | 58.89 Gb Free Space | 75.37% Space Free | Partition Type: NTFS
Drive E: | 105.47 Gb Total Space | 56.11 Gb Free Space | 53.20% Space Free | Partition Type: NTFS
Drive F: | 106.38 Gb Total Space | 102.22 Gb Free Space | 96.09% Space Free | Partition Type: NTFS
Drive T: | 78.13 Gb Total Space | 73.13 Gb Free Space | 93.60% Space Free | Partition Type: NTFS
 
Computer Name: LEMURIA-7 | User Name: allans | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
 
========== Files/Folders - Created Within 30 Days ==========
 
[2011/02/07 12:23:14 | 000,719,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jscript.dll
[2011/02/07 12:23:14 | 000,596,480 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msfeeds.dll
[2011/02/07 12:23:14 | 000,080,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\inseng.dll
[2011/02/07 12:23:14 | 000,065,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jsproxy.dll
[2011/02/07 12:23:14 | 000,044,544 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msfeedsbs.dll
[2011/02/07 12:23:14 | 000,023,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\licmgr10.dll
[2011/02/07 12:23:13 | 002,381,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mshtml.tlb
[2011/02/07 12:23:13 | 001,355,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jscript9.dll
[2011/02/07 12:23:13 | 000,424,960 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\vbscript.dll
[2011/02/07 12:23:13 | 000,227,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieaksie.dll
[2011/02/07 12:23:13 | 000,166,400 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msrating.dll
[2011/02/07 12:23:13 | 000,163,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieakui.dll
[2011/02/07 12:23:13 | 000,160,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msls31.dll
[2011/02/07 12:23:13 | 000,130,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieakeng.dll
[2011/02/07 12:23:13 | 000,110,592 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\IEAdvpack.dll
[2011/02/07 12:23:13 | 000,109,568 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\url.dll
[2011/02/07 12:23:13 | 000,076,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\SetIEInstalledDate.exe
[2011/02/07 12:23:13 | 000,074,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\RegisterIEPKEYs.exe
[2011/02/07 12:23:13 | 000,051,200 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\admparse.dll
[2011/02/07 12:23:13 | 000,049,664 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\pngfilt.dll
[2011/02/07 12:23:13 | 000,048,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mshtmler.dll
[2011/02/07 12:23:13 | 000,010,240 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msfeedssync.exe
[2011/02/07 12:23:10 | 003,695,400 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieapfltr.dat
[2011/02/07 12:23:10 | 000,460,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iedkcs32.dll
[2011/02/07 12:23:10 | 000,441,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieapfltr.dll
[2011/02/07 12:23:10 | 000,367,104 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\html.iec
[2011/02/07 12:23:10 | 000,223,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dxtrans.dll
[2011/02/07 12:23:09 | 000,353,280 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dxtmsft.dll
[2011/02/07 12:23:07 | 001,448,448 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\inetcpl.cpl
[2011/02/07 12:23:07 | 000,193,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ie4uinit.exe
[2011/02/07 12:23:07 | 000,176,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieui.dll
[2011/02/07 12:23:07 | 000,142,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieUnatt.exe
[2011/02/07 12:23:07 | 000,114,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iesysprep.dll
[2011/02/07 12:23:07 | 000,075,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iesetup.dll
[2011/02/07 12:23:07 | 000,033,280 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\imgutil.dll
[2011/02/07 12:23:05 | 000,150,016 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iexpress.exe
[2011/02/07 12:23:02 | 000,149,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wextract.exe
[2011/02/07 12:23:02 | 000,111,104 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iepeers.dll
[2011/02/07 12:23:02 | 000,032,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iernonce.dll
[2011/02/07 12:22:53 | 000,000,000 | ---D | C] -- C:\Program Files\Feedback Tool
[2011/01/28 10:17:22 | 000,000,000 | ---D | C] -- C:\Users\allans\AppData\Local\Deployment
[2011/01/28 10:17:22 | 000,000,000 | ---D | C] -- C:\Users\allans\AppData\Local\Apps
[2011/01/19 19:26:34 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Picasa 3
[2011/01/13 09:02:43 | 000,573,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\odbc32.dll
[2011/01/13 09:02:42 | 001,170,944 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3d10warp.dll
[2011/01/13 09:02:42 | 000,739,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d2d1.dll
[2011/01/13 09:02:41 | 003,181,568 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mf.dll
[2011/01/13 09:02:41 | 001,619,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WMVDECOD.DLL
[2011/01/13 09:02:41 | 001,495,040 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ExplorerFrame.dll
[2011/01/13 09:02:41 | 001,076,736 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\DWrite.dll
[2011/01/13 09:02:41 | 000,804,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\FntCache.dll
[2011/01/13 09:02:41 | 000,442,880 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\XpsPrint.dll
[2011/01/13 09:02:41 | 000,283,648 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\XpsGdiConverter.dll
[2011/01/13 09:02:41 | 000,218,624 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3d10_1core.dll
[2011/01/13 09:02:41 | 000,211,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\dxgmms1.sys
[2011/01/13 09:02:41 | 000,196,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mfreadwrite.dll
[2011/01/13 09:02:41 | 000,135,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\XpsRasterService.dll
[2011/01/13 09:02:41 | 000,107,520 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\cdd.dll
[2011/01/13 09:02:40 | 000,161,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3d10_1.dll
 
========== Files - Modified Within 30 Days ==========
 
[2011/02/09 19:18:41 | 000,014,992 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2011/02/09 19:18:41 | 000,014,992 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2011/02/09 19:16:00 | 000,000,884 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2011/02/09 18:34:53 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2011/02/09 16:38:25 | 000,002,516 | -HS- | M] () -- C:\ProgramData\KGyGaAvL.sys
[2011/02/09 14:53:28 | 000,000,600 | ---- | M] () -- C:\Users\allans\AppData\Local\PUTTY.RND
[2011/02/09 14:33:42 | 000,662,426 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2011/02/09 14:33:42 | 000,123,300 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2011/02/09 14:29:42 | 000,000,370 | ---- | M] () -- C:\Windows\tasks\Ad-Aware Update (Weekly).job
[2011/02/09 14:29:35 | 000,000,880 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2011/02/09 14:29:20 | 2616,696,832 | -HS- | M] () -- C:\hiberfil.sys
[2011/02/09 09:16:35 | 000,002,295 | ---- | M] () -- C:\Users\Public\Desktop\Google Chrome.lnk
[2011/02/08 09:23:28 | 000,016,940 | ---- | M] () -- C:\Users\allans\Documents\cc_20110208_092324.reg
[2011/02/08 09:21:28 | 000,000,977 | ---- | M] () -- C:\Users\Public\Desktop\CCleaner.lnk
[2011/02/08 09:20:22 | 000,003,473 | ---- | M] () -- C:\Windows\System32\Init.xml
[2011/02/08 09:05:14 | 000,602,624 | ---- | M] (OldTimer Tools) -- C:\Users\allans\Desktop\OTL.exe
[2011/02/07 12:26:04 | 000,001,419 | ---- | M] () -- C:\Users\allans\Application Data\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk
[2011/01/19 19:26:46 | 000,001,076 | ---- | M] () -- C:\Users\Public\Desktop\Picasa 3.lnk
[2011/01/18 12:49:15 | 000,002,577 | ---- | M] () -- C:\Windows\System32\config.nt
[2011/01/13 08:47:32 | 000,188,216 | ---- | M] (AVAST Software) -- C:\Windows\System32\aswBoot.exe
[2011/01/13 08:41:16 | 000,294,608 | ---- | M] (AVAST Software) -- C:\Windows\System32\drivers\aswSP.sys
[2011/01/13 08:40:16 | 000,047,440 | ---- | M] (AVAST Software) -- C:\Windows\System32\drivers\aswTdi.sys
[2011/01/13 08:37:30 | 000,023,632 | ---- | M] (AVAST Software) -- C:\Windows\System32\drivers\aswRdr.sys
[2011/01/13 08:37:19 | 000,051,280 | ---- | M] (AVAST Software) -- C:\Windows\System32\drivers\aswMonFlt.sys
[2011/01/13 08:37:09 | 000,017,744 | ---- | M] (AVAST Software) -- C:\Windows\System32\drivers\aswFsBlk.sys
 
========== Files Created - No Company Name ==========
 
[2011/02/09 14:53:28 | 000,000,600 | ---- | C] () -- C:\Users\allans\AppData\Local\PUTTY.RND
[2011/02/08 09:23:26 | 000,016,940 | ---- | C] () -- C:\Users\allans\Documents\cc_20110208_092324.reg
[2011/02/08 08:55:31 | 000,000,370 | ---- | C] () -- C:\Windows\tasks\Ad-Aware Update (Weekly).job
[2011/02/07 12:23:07 | 000,072,533 | ---- | C] () -- C:\Windows\System32\ieuinit.inf
[2011/01/19 19:26:46 | 000,001,076 | ---- | C] () -- C:\Users\Public\Desktop\Picasa 3.lnk
[2010/12/24 09:06:15 | 000,116,224 | ---- | C] () -- C:\Windows\System32\pdfcmnnt.dll
[2009/12/24 19:54:09 | 000,000,000 | ---- | C] () -- C:\Users\allans\AppData\Local\rx_image32.Cache
[2009/12/14 06:25:23 | 000,002,516 | -HS- | C] () -- C:\ProgramData\KGyGaAvL.sys
[2009/12/14 06:25:23 | 000,000,008 | RHS- | C] () -- C:\ProgramData\4134D8FADF.sys
[2009/12/12 16:17:10 | 000,126,976 | ---- | C] () -- C:\Windows\System32\THBIni20.dll
[2009/12/12 11:53:55 | 000,002,516 | -HS- | C] () -- C:\Windows\System32\KGyGaAvL.sys
[2009/07/13 23:51:43 | 000,073,728 | ---- | C] () -- C:\Windows\System32\BthpanContextHandler.dll
[2009/07/13 23:42:10 | 000,064,000 | ---- | C] () -- C:\Windows\System32\BWContextHandler.dll
[2008/11/04 14:43:46 | 000,434,176 | ---- | C] () -- C:\Windows\System32\CNQL3203.DLL
[2008/10/14 15:05:42 | 000,014,800 | ---- | C] () -- C:\Windows\System32\IMSRCIta.dll
[2008/10/14 15:05:08 | 000,014,800 | ---- | C] () -- C:\Windows\System32\IMSRCFra.dll
[2008/10/14 15:04:36 | 000,014,800 | ---- | C] () -- C:\Windows\System32\IMSRCEsp.dll
[2008/10/14 15:04:02 | 000,014,288 | ---- | C] () -- C:\Windows\System32\IMSRCEng.dll
[2008/10/14 15:03:34 | 000,014,288 | ---- | C] () -- C:\Windows\System32\IMSRCDeu.dll
[2008/10/14 14:55:20 | 000,014,288 | ---- | C] () -- C:\Windows\System32\IMGFXIta.dll
[2008/10/14 14:54:52 | 000,014,288 | ---- | C] () -- C:\Windows\System32\IMGFXFra.dll
[2008/10/14 14:54:22 | 000,014,288 | ---- | C] () -- C:\Windows\System32\IMGFXEsp.dll
[2008/10/14 14:53:48 | 000,013,776 | ---- | C] () -- C:\Windows\System32\IMGFXEng.dll
[2008/10/14 14:53:18 | 000,014,288 | ---- | C] () -- C:\Windows\System32\IMGFXDeu.dll
[2006/07/21 19:50:34 | 000,066,048 | ---- | C] () -- C:\Windows\System32\hcwxds.dll
[2004/01/30 15:07:46 | 000,245,408 | ---- | C] () -- C:\Windows\System32\unicows.dll

< End of report >

Then extras
OTL Extras logfile created on: 09/02/2011 19:18:57 - Run 5
OTL by OldTimer - Version 3.2.20.6     Folder = C:\Users\allans\Desktop
 Enterprise Edition  (Version = 6.1.7600) - Type = NTWorkstation
Internet Explorer (Version = 9.0.7930.16406)
Locale: 00000809 | Country: United Kingdom | Language: ENG | Date Format: dd/MM/yyyy
 
3.00 Gb Total Physical Memory | 3.00 Gb Available Physical Memory | 79.00% Memory free
6.00 Gb Paging File | 5.00 Gb Available in Paging File | 81.00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 97.65 Gb Total Space | 68.54 Gb Free Space | 70.18% Space Free | Partition Type: NTFS
Drive D: | 78.13 Gb Total Space | 58.89 Gb Free Space | 75.37% Space Free | Partition Type: NTFS
Drive E: | 105.47 Gb Total Space | 56.11 Gb Free Space | 53.20% Space Free | Partition Type: NTFS
Drive F: | 106.38 Gb Total Space | 102.22 Gb Free Space | 96.09% Space Free | Partition Type: NTFS
Drive T: | 78.13 Gb Total Space | 73.13 Gb Free Space | 93.60% Space Free | Partition Type: NTFS
 
Computer Name: LEMURIA-7 | User Name: allans | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
 
========== Extra Registry (SafeList) ==========
 
 
========== File Associations ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\System32\control.exe (Microsoft Corporation)
.hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation)
 
========== Shell Spawning ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
 
========== Security Center Settings ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = Reg Error: Unknown registry data type -- File not found
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]
 
========== Firewall Settings ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 0
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 0
"DoNotAllowExceptions" = 0
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 1
"EnableFirewall" = 0
 
========== Authorized Applications List ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"C:\Program Files\BitTorrent\bittorrent.exe" = C:\Program Files\BitTorrent\bittorrent.exe:*:Enabled:BitTorrent -- (BitTorrent, Inc.)
 
 
========== HKEY_LOCAL_MACHINE Uninstall List ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"_{18355D5F-FABE-49A2-B359-92020DBD51B1}" = Corel DESIGNER Technical Suite X4 - Windows Shell Extension
"_{870DCAE9-E488-48C9-A512-F67914695750}" = Corel DESIGNER Technical Suite X4
"{0001B4FD-9EA3-4D90-A79E-FD14BA3AB01D}" = PDFCreator
"{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}" = Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148
"{00F93853-D9D3-4795-A89E-84CCBA0205C9}" = Microsoft IntelliPoint 8.0
"{010C0B4A-DC93-4BB4-893B-BDDE95355A3E}" = Freeware PDF Unlocker
"{07287123-B8AC-41CE-8346-3D777245C35B}" = Bonjour
"{088A077A-8028-408C-AE7B-4512AE2A65A0}" = CanoScan Toolbox Ver4.6
"{0A0CADCF-78DA-33C4-A350-CD51849B9702}" = Microsoft .NET Framework 4 Extended
"{105CFC7C-6992-11D5-BD9D-000102C10FD8}" = Lizardtech DjVu Control
"{143D36D2-4D24-4F7C-AA12-AE302FE084E1}" = Setup Wizard
"{1635620D-E548-406C-A74E-7492DC23AE71}" = Corel Designer Technical Suite X4 - IPM
"{17424F35-8B77-4ADF-BC63-BF9B81418539}" = Apple Application Support
"{18355D5F-FABE-49A2-B359-92020DBD51B1}" = Corel DESIGNER Technical Suite X4 - Windows Shell Extension
"{1EE88B84-7BE5-4FB5-8DEA-B81D5409D62E}" = Opera 11.00
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{26A24AE4-039D-4CA4-87B4-2F83216021FF}" = Java(TM) 6 Update 23
"{2EA870FA-585F-4187-903D-CB9FFD21E2E0}" = DHTML Editing Component
"{3C3901C5-3455-3E0A-A214-0B093A5070A6}" = Microsoft .NET Framework 4 Client Profile
"{3D3E663D-4E7E-4577-A560-7ECDDD45548A}" = PVSonyDll
"{415B2719-AD3A-4944-B404-C472DB6085B3}" = Cisco EAP-FAST Module
"{4286E640-B5FB-11DF-AC4B-005056C00008}" = Google Earth
"{46578609-AD6D-4E69-AC8F-28B89C090F3B}" = Roxio Creator 2010 Pro
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4A5073DD-B109-4B91-98C7-54260D916432}" = WinBMD
"{4A7FDA4D-F4D7-4A49-934A-066D59A43C7E}" = SmartSound Quicktracks Plugin
"{500C01F9-CB35-41CD-9434-64F1553CD472}" = IPView SE
"{5783F2D7-9009-0409-0002-0060B0CE6BBA}" = AutoCAD LT 2011 - English
"{5783F2D7-9009-0409-1002-0060B0CE6BBA}" = AutoCAD LT 2011 Language Pack - English
"{5A06423A-210C-49FB-950E-CB0EB8C5CEC7}" = Roxio BackOnTrack
"{60B2315F-680F-4EB3-B8DD-CCDC86A7CCAB}" = Roxio File Backup
"{6421F085-1FAA-DE13-D02A-CFB412C522A4}" = Acrobat.com
"{669C7BD8-DAA2-49B6-966C-F1E2AAE6B17E}" = Cisco PEAP Module
"{6956856F-B6B3-4BE0-BA0B-8F495BE32033}" = Apple Software Update
"{6B9B0C6F-E5FA-4633-A640-AB98A272ECCA}" = Safari
"{6D63CBA6-3563-45E7-8D0C-97E92259542D}" = Visual Basic for Applications (R) Core
"{733CDF24-0A93-426E-AA89-DF281EB54793}" = Roxio CinePlayer
"{74DC8A26-4E05-40B6-AD11-C9428A1AE150}" = Roxio Creator 2010 Pro
"{7EACD74C-147F-478C-9389-F9F52EE3C88A}" = LightScribe System Software
"{7FD71A9E-C4D3-42ED-A998-CDA8290C39A3}" = LightScribe Template Labeler
"{83770D14-21B9-44B3-8689-F7B523F94560}" = Cisco LEAP Module
"{86DDDAAD-AEB9-42E5-BE01-0E8FABD2BB29}" = Roxio Video Capture USB
"{870DCAE9-E488-48C9-A512-F67914695750}" = Corel DESIGNER Technical Suite X4 - ICA
"{87A83C6F-F53C-448A-B078-FF00E3EAEB29}" = Roxio Disaster Recovery
"{88A4002B-BDBA-49A2-927C-D81E8DF32B1B}" = LightScribe Applications
"{89A15676-78AE-4D51-BF5B-DEE3E0D46C94}" = Roxio Creator 2010 Pro
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{90024193-9F13-4877-89D5-A1CDF0CBBF28}" = Feedback Tool
"{90120000-0015-0409-0000-0000000FF1CE}" = Microsoft Office Access MUI (English) 2007
"{90120000-0015-0409-0000-0000000FF1CE}_ENTERPRISE_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0016-0409-0000-0000000FF1CE}" = Microsoft Office Excel MUI (English) 2007
"{90120000-0016-0409-0000-0000000FF1CE}_ENTERPRISE_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0018-0409-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (English) 2007
"{90120000-0018-0409-0000-0000000FF1CE}_ENTERPRISE_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0019-0409-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (English) 2007
"{90120000-0019-0409-0000-0000000FF1CE}_ENTERPRISE_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001A-0409-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (English) 2007
"{90120000-001A-0409-0000-0000000FF1CE}_ENTERPRISE_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001B-0409-0000-0000000FF1CE}" = Microsoft Office Word MUI (English) 2007
"{90120000-001B-0409-0000-0000000FF1CE}_ENTERPRISE_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-0409-0000-0000000FF1CE}_ENTERPRISE_{ABDDE972-355B-4AF1-89A8-DA50B7B5C045}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2007
"{90120000-001F-040C-0000-0000000FF1CE}_ENTERPRISE_{F580DDD5-8D37-4998-968E-EBB76BB86787}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-0C0A-0000-0000000FF1CE}" = Microsoft Office Proof (Spanish) 2007
"{90120000-001F-0C0A-0000-0000000FF1CE}_ENTERPRISE_{187308AB-5FA7-4F14-9AB9-D290383A10D9}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-002C-0409-0000-0000000FF1CE}" = Microsoft Office Proofing (English) 2007
"{90120000-0030-0000-0000-0000000FF1CE}" = Microsoft Office Enterprise 2007
"{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{0B36C6D6-F5D8-4EAF-BF94-4376A230AD5B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{3D019598-7B59-447A-80AE-815B703B84FF}" = Security Update for Microsoft Office system 2007 (972581)
"{90120000-0044-0409-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (English) 2007
"{90120000-0044-0409-0000-0000000FF1CE}_ENTERPRISE_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-006E-0409-0000-0000000FF1CE}" = Microsoft Office Shared MUI (English) 2007
"{90120000-006E-0409-0000-0000000FF1CE}_ENTERPRISE_{DE5A002D-8122-4278-A7EE-3121E7EA254E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-00A1-0409-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (English) 2007
"{90120000-00A1-0409-0000-0000000FF1CE}_ENTERPRISE_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-00BA-0409-0000-0000000FF1CE}" = Microsoft Office Groove MUI (English) 2007
"{90120000-00BA-0409-0000-0000000FF1CE}_ENTERPRISE_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0114-0409-0000-0000000FF1CE}" = Microsoft Office Groove Setup Metadata MUI (English) 2007
"{90120000-0114-0409-0000-0000000FF1CE}_ENTERPRISE_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0115-0409-0000-0000000FF1CE}" = Microsoft Office Shared Setup Metadata MUI (English) 2007
"{90120000-0115-0409-0000-0000000FF1CE}_ENTERPRISE_{DE5A002D-8122-4278-A7EE-3121E7EA254E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0117-0409-0000-0000000FF1CE}" = Microsoft Office Access Setup Metadata MUI (English) 2007
"{90120000-0117-0409-0000-0000000FF1CE}_ENTERPRISE_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{91AFACB3-CA46-4C1E-AF2D-F72EE0B112E4}" = Personal Ancestral File Companion 5.2
"{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting
"{9A00EC4E-27E1-42C4-98DD-662F32AC8870}" = Roxio CinePlayer Decoder Pack
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9BB86A32-E255-40F8-97CD-F65FD7BA5180}" = Visual Basic for Applications (R) Core - English
"{9DEABCB6-B759-4D52-92F8-51B34A2B4D40}" = Autodesk Material Library 2011
"{A121EEDE-C68F-461D-91AA-D48BA226AF1C}" = Roxio Activation Module
"{A33E7B0C-B99C-4EC9-B702-8A328B161AF9}" = Roxio Burn
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{AC76BA86-7AD7-1033-7B44-A94000000001}" = Adobe Reader 9.4.1
"{AF9E97C1-7431-426D-A8D5-ABE40995C0B1}" = DirectX 9 Runtime
"{B0FE14F0-85BB-4CBF-A7C5-FE95475C1D1B}" = Corel DESIGNER Technical Suite X4 - Lang EN
"{BA5767FE-0C78-488F-84C1-A5288647C087}" = Ancestry Toolbar
"{C2F1F96A-057E-5819-B52E-FEA1D1D2933B}" = Acronis True Image Home
"{C63E7C60-25EB-11D3-8EDA-00A0C911E8E5}" = Microsoft Outlook Personal Folders Backup
"{CB099890-1D5F-11D5-9EA9-0050BAE317E1}" = CyberLink PowerDirector
"{CCA5EAAD-92F4-4B7A-B5EE-14294C66AB61}" = PlayReady PC Runtime x86
"{CD95F661-A5C4-44F5-A6AA-ECDD91C240BB}" = WinZip 14.0
"{D4CFC5F3-481C-40AA-9944-E7E4E732136C}" = Microsoft IntelliType Pro 8.0
"{D94A8E22-DF2B-4107-9E51-608A60A7671D}" = Personal Ancestral File 5
"{DED53B0B-B67C-4244-AE6A-D6FD3C28D1EF}" = Ad-Aware
"{E7004147-2CCA-431C-AA05-2AB166B9785D}" = QuickTime
"{E91E8912-769D-42F0-8408-0E329443BABC}" = Ralink RT7x Wireless LAN Card
"{EC421A14-0A27-44A1-BB85-21605935F15A}" = Corel DESIGNER Technical Suite X4
"{EF147A9D-D94E-4875-910D-2AF98CBDFE2E}" = Corel DESIGNER Technical Suite X4 - Lang FR
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F333A33D-125C-32A2-8DCE-5C5D14231E27}" = Visual C++ 2008 x86 Runtime - (v9.0.30729)
"{F333A33D-125C-32A2-8DCE-5C5D14231E27}.vc_x86runtime_30729_01" = Visual C++ 2008 x86 Runtime - v9.0.30729.01
"{F428D0FB-765D-40EB-BDD8-A1E7F5C597FA}" = Update Manager
"{FD95FDC1-418F-4C6A-B8B8-658707875D59}" = Corel DESIGNER Technical Suite X4 - VBA
"Ad-Aware" = Ad-Aware
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"AutoCAD LT 2011 - English" = AutoCAD LT 2011 - English
"AutoCAD LT 2011 - English Version 2.1" = AutoCAD LT 2011 - English Version 2.1
"avast5" = avast! Free Antivirus
"BitTorrentBar Toolbar" = BitTorrentBar Toolbar
"CCleaner" = CCleaner
"com.adobe.mauby.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1" = Acrobat.com
"conduitEngine" = Conduit Engine
"EasyBCD" = EasyBCD 1.7.2
"ENTERPRISE" = Microsoft Office Enterprise 2007
"Forte Agent" = Forté Agent
"Google Chrome" = Google Chrome
"InstallShield_{4A7FDA4D-F4D7-4A49-934A-066D59A43C7E}" = SmartSound Quicktracks Plugin
"InstallShield_{CB099890-1D5F-11D5-9EA9-0050BAE317E1}" = CyberLink PowerDirector
"Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Extended" = Microsoft .NET Framework 4 Extended
"Mozilla Firefox (3.6.13)" = Mozilla Firefox (3.6.13)
"novaPDF Pro v5_is1" = novaPDF Pro v5 (novaPDF Professional Desktop 5.5  printer)
"NVIDIA Display Control Panel" = NVIDIA Display Control Panel
"NVIDIA Drivers" = NVIDIA Drivers
"NVIDIAStereo" = NVIDIA Stereoscopic 3D Driver
"Picasa 3" = Picasa 3
"Roxio PhotoShow" = Roxio PhotoShow
"Ss Startup Manager_is1" = Ss Startup Manager 2.00
"TopStyle4_is1" = TopStyle 4
"WebCEO70_is1" = Web CEO 8.0
"WinHTTrack Website Copier_is1" = WinHTTrack Website Copier 3.43-9
 
========== HKEY_CURRENT_USER Uninstall List ==========
 
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"BitTorrent" = BitTorrent
 
========== Last 10 Event Log Errors ==========
 
[ Application Events ]
Error - 11/07/2010 09:53:48 | Computer Name = Lemuria-7 | Source = Microsoft-Windows-CAPI2 | ID = 4107
Description = Failed extract of third-party root list from auto update cab at: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab>
 with error: A required certificate is not within its validity period when verifying
 against the current system clock or the timestamp in the signed file.  .
 
Error - 11/07/2010 09:53:48 | Computer Name = Lemuria-7 | Source = Microsoft-Windows-CAPI2 | ID = 4107
Description = Failed extract of third-party root list from auto update cab at: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab>
 with error: A required certificate is not within its validity period when verifying
 against the current system clock or the timestamp in the signed file.  .
 
Error - 11/07/2010 09:53:48 | Computer Name = Lemuria-7 | Source = Microsoft-Windows-CAPI2 | ID = 4107
Description = Failed extract of third-party root list from auto update cab at: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab>
 with error: A required certificate is not within its validity period when verifying
 against the current system clock or the timestamp in the signed file.  .
 
Error - 11/07/2010 09:53:48 | Computer Name = Lemuria-7 | Source = Microsoft-Windows-CAPI2 | ID = 4107
Description = Failed extract of third-party root list from auto update cab at: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab>
 with error: A required certificate is not within its validity period when verifying
 against the current system clock or the timestamp in the signed file.  .
 
Error - 11/07/2010 10:03:31 | Computer Name = Lemuria-7 | Source = Microsoft-Windows-CAPI2 | ID = 4107
Description = Failed extract of third-party root list from auto update cab at: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab>
 with error: A required certificate is not within its validity period when verifying
 against the current system clock or the timestamp in the signed file.  .
 
Error - 11/07/2010 10:04:54 | Computer Name = Lemuria-7 | Source = Microsoft-Windows-CAPI2 | ID = 4107
Description = Failed extract of third-party root list from auto update cab at: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab>
 with error: A required certificate is not within its validity period when verifying
 against the current system clock or the timestamp in the signed file.  .
 
Error - 12/07/2010 02:08:36 | Computer Name = Lemuria-7 | Source = Microsoft-Windows-CAPI2 | ID = 4107
Description = Failed extract of third-party root list from auto update cab at: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab>
 with error: A required certificate is not within its validity period when verifying
 against the current system clock or the timestamp in the signed file.  .
 
Error - 12/07/2010 15:16:54 | Computer Name = Lemuria-7 | Source = Application Error | ID = 1000
Description = Faulting application name: Designer.exe, version: 14.1.0.235, time
 stamp: 0x4a307486  Faulting module name: CdrCore.dll, version: 14.1.0.235, time stamp:
 0x4a3080e0  Exception code: 0xc0000005  Fault offset: 0x000fb325  Faulting process id:
 0x150c  Faulting application start time: 0x01cb21f0376de39a  Faulting application path:
 C:\Program Files\Corel\Corel DESIGNER Technical Suite X4\Programs\Designer.exe  Faulting
 module path: C:\Program Files\Corel\Corel DESIGNER Technical Suite X4\Programs\CdrCore.dll
Report
 Id: 07d5534c-8dea-11df-b23f-001d6064eb78
 
Error - 23/09/2010 08:58:56 | Computer Name = Lemuria-7 | Source = Application Hang | ID = 1002
Description = The program OUTLOOK.EXE version 12.0.6539.5000 stopped interacting
 with Windows and was closed. To see if more information about the problem is available,
 check the problem history in the Action Center control panel.    Process ID: 100c    Start
 Time: 01cb5a23f4c04d7f    Termination Time: 0    Application Path: C:\Program Files\Microsoft
 Office\Office12\OUTLOOK.EXE    Report Id:  
 
Error - 23/09/2010 09:01:17 | Computer Name = Lemuria-7 | Source = Application Hang | ID = 1002
Description = The program Designer.exe version 14.1.0.235 stopped interacting with
 Windows and was closed. To see if more information about the problem is available,
 check the problem history in the Action Center control panel.    Process ID: 1558    Start
 Time: 01cb5b039e2c810b    Termination Time: 109    Application Path: C:\Program Files\Corel\Corel
 DESIGNER Technical Suite X4\Programs\Designer.exe    Report Id: a3a7ef2c-c712-11df-ab7b-001d6064eb78

 
[ System Events ]
Error - 04/02/2011 06:28:11 | Computer Name = Lemuria-7 | Source = DCOM | ID = 10016
Description =
 
Error - 05/02/2011 06:48:19 | Computer Name = Lemuria-7 | Source = DCOM | ID = 10016
Description =
 
Error - 05/02/2011 06:48:19 | Computer Name = Lemuria-7 | Source = DCOM | ID = 10016
Description =
 
Error - 07/02/2011 08:49:50 | Computer Name = Lemuria-7 | Source = DCOM | ID = 10016
Description =
 
Error - 07/02/2011 08:49:51 | Computer Name = Lemuria-7 | Source = DCOM | ID = 10016
Description =
 
Error - 08/02/2011 05:32:06 | Computer Name = Lemuria-7 | Source = DCOM | ID = 10016
Description =
 
Error - 08/02/2011 05:32:58 | Computer Name = Lemuria-7 | Source = DCOM | ID = 10016
Description =
 
Error - 08/02/2011 05:40:09 | Computer Name = Lemuria-7 | Source = DCOM | ID = 10016
Description =
 
Error - 09/02/2011 11:14:47 | Computer Name = Lemuria-7 | Source = DCOM | ID = 10016
Description =
 
Error - 09/02/2011 11:14:47 | Computer Name = Lemuria-7 | Source = DCOM | ID = 10016
Description =
 
 
< End of report >

9
Tech Clinic / IE wont run
« on: February 08, 2011, 04:39:33 AM »
Re booted & re-ran OTL - still no 'extras'. DIsabled and re-enabled addons - IE working again

10
Tech Clinic / IE wont run
« on: February 08, 2011, 04:27:45 AM »
Updated and ran ccCleaner - IE still fails.
Downloaded and ran OTL as requested - OTL.Txt popped up - but no extras file fonud.

OTL.Txt -

OTL logfile created on: 08/02/2011 09:23:45 - Run 3
OTL by OldTimer - Version 3.2.20.6     Folder = C:\Users\allans\Desktop
 Enterprise Edition  (Version = 6.1.7600) - Type = NTWorkstation
Internet Explorer (Version = 9.0.7930.16406)
Locale: 00000809 | Country: United Kingdom | Language: ENG | Date Format: dd/MM/yyyy
 
3.00 Gb Total Physical Memory | 2.00 Gb Available Physical Memory | 66.00% Memory free
6.00 Gb Paging File | 5.00 Gb Available in Paging File | 80.00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 97.65 Gb Total Space | 66.57 Gb Free Space | 68.16% Space Free | Partition Type: NTFS
Drive D: | 78.13 Gb Total Space | 58.89 Gb Free Space | 75.37% Space Free | Partition Type: NTFS
Drive E: | 105.47 Gb Total Space | 56.11 Gb Free Space | 53.20% Space Free | Partition Type: NTFS
Drive F: | 106.38 Gb Total Space | 102.22 Gb Free Space | 96.09% Space Free | Partition Type: NTFS
Drive T: | 78.13 Gb Total Space | 73.13 Gb Free Space | 93.60% Space Free | Partition Type: NTFS
 
Computer Name: LEMURIA-7 | User Name: allans | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
 
========== Processes (SafeList) ==========
 
PRC - [2011/02/08 09:05:14 | 000,602,624 | ---- | M] (OldTimer Tools) -- C:\Users\allans\Desktop\OTL.exe
PRC - [2011/01/13 08:47:34 | 003,396,624 | ---- | M] (AVAST Software) -- C:\Program Files\Alwil Software\Avast5\AvastUI.exe
PRC - [2011/01/13 08:47:33 | 000,040,384 | ---- | M] (AVAST Software) -- C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
PRC - [2010/12/22 09:04:14 | 000,936,712 | ---- | M] (Lavasoft) -- C:\Program Files\Lavasoft\Ad-Aware\AAWTray.exe
PRC - [2010/12/22 09:04:06 | 001,402,272 | ---- | M] (Lavasoft) -- C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe
PRC - [2009/12/11 16:57:21 | 002,326,920 | ---- | M] (Acronis) -- C:\Program Files\Common Files\Acronis\CDP\afcdpsrv.exe
PRC - [2009/11/20 19:17:00 | 000,240,232 | ---- | M] (NVIDIA Corporation) -- C:\Program Files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
PRC - [2009/10/31 05:45:39 | 002,614,272 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe
PRC - [2009/09/12 16:31:36 | 000,357,384 | ---- | M] (Acronis) -- C:\Program Files\Common Files\Acronis\Schedule2\schedhlp.exe
PRC - [2009/09/12 16:31:30 | 000,660,520 | ---- | M] (Acronis) -- C:\Program Files\Common Files\Acronis\Schedule2\schedul2.exe
PRC - [2009/09/12 16:30:48 | 005,048,488 | ---- | M] (Acronis) -- C:\Program Files\Acronis\TrueImageHome\TrueImageMonitor.exe
PRC - [2009/08/20 17:42:38 | 001,560,576 | ---- | M] (Ralink Technology, Corp.) -- C:\Program Files\Ralink\Common\RaUI.exe
PRC - [2009/07/21 11:50:02 | 000,084,464 | ---- | M] () -- C:\Program Files\Roxio 2010\5.0\CPMonitor.exe
PRC - [2009/07/14 21:53:00 | 000,185,632 | ---- | M] (Ralink Technology, Corp.) -- C:\Program Files\Ralink\Common\RaRegistry.exe
PRC - [2009/07/14 01:14:42 | 000,049,152 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\taskhost.exe
PRC - [2009/06/23 01:18:52 | 000,494,064 | ---- | M] () -- C:\Program Files\Roxio 2010\Roxio Burn\RoxioBurnLauncher.exe
PRC - [2007/07/24 11:15:14 | 000,185,632 | ---- | M] (Protexis Inc.) -- c:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe
PRC - [2005/08/11 16:30:30 | 000,081,920 | ---- | M] (Macrovision Corporation) -- C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe
 
 
========== Modules (SafeList) ==========
 
MOD - [2011/02/08 09:05:14 | 000,602,624 | ---- | M] (OldTimer Tools) -- C:\Users\allans\Desktop\OTL.exe
MOD - [2011/01/13 08:47:35 | 000,189,728 | ---- | M] (AVAST Software) -- C:\Program Files\Alwil Software\Avast5\snxhk.dll
MOD - [2010/08/21 05:21:32 | 001,680,896 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_420fe3fa2b8113bd\comctl32.dll
MOD - [2009/07/14 01:16:15 | 000,099,840 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\sspicli.dll
MOD - [2009/07/14 01:16:13 | 000,092,160 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\sechost.dll
MOD - [2009/07/14 01:16:13 | 000,050,688 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\samcli.dll
MOD - [2009/07/14 01:16:12 | 000,031,744 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\profapi.dll
MOD - [2009/07/14 01:16:03 | 000,022,016 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\netutils.dll
MOD - [2009/07/14 01:15:35 | 000,288,256 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\KernelBase.dll
MOD - [2009/07/14 01:15:13 | 000,067,072 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\dwmapi.dll
MOD - [2009/07/14 01:15:11 | 000,064,512 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\devobj.dll
MOD - [2009/07/14 01:15:07 | 000,036,864 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\cryptbase.dll
MOD - [2009/07/14 01:15:02 | 000,145,920 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\cfgmgr32.dll
 
 
========== Win32 Services (SafeList) ==========
 
SRV - [2011/01/13 08:47:33 | 000,040,384 | ---- | M] (AVAST Software) [Auto | Running] -- C:\Program Files\Alwil Software\Avast5\AvastSvc.exe -- (avast! Antivirus)
SRV - [2010/12/22 09:04:06 | 001,402,272 | ---- | M] (Lavasoft) [Auto | Running] -- C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe -- (Lavasoft Ad-Aware Service)
SRV - [2010/11/02 04:26:21 | 000,804,864 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\FntCache.dll -- (FontCache)
SRV - [2010/10/11 08:56:07 | 001,045,256 | ---- | M] (Acresso Software Inc.) [On_Demand | Stopped] -- C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe -- (FLEXnet Licensing Service)
SRV - [2010/05/22 08:19:22 | 001,343,400 | ---- | M] (Microsoft Corporation) [Unknown | Stopped] -- C:\Windows\System32\Wat\WatAdminSvc.exe -- (WatAdminSvc)
SRV - [2010/03/18 16:47:22 | 000,035,160 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\aspnet_state.exe -- (aspnet_state)
SRV - [2010/03/18 12:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2010/03/18 12:16:28 | 000,124,240 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe -- (NetTcpPortSharing)
SRV - [2010/03/18 12:16:28 | 000,124,240 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe -- (NetTcpActivator)
SRV - [2010/03/18 12:16:28 | 000,124,240 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe -- (NetPipeActivator)
SRV - [2010/03/18 12:16:28 | 000,124,240 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe -- (NetMsmqActivator)
SRV - [2009/12/11 16:57:21 | 002,326,920 | ---- | M] (Acronis) [Auto | Running] -- C:\Program Files\Common Files\Acronis\CDP\afcdpsrv.exe -- (afcdpsrv)
SRV - [2009/11/20 19:17:00 | 000,240,232 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe -- (Stereo Service)
SRV - [2009/09/12 16:31:30 | 000,660,520 | ---- | M] (Acronis) [Auto | Running] -- C:\Program Files\Common Files\Acronis\Schedule2\schedul2.exe -- (AcrSch2Svc)
SRV - [2009/07/24 08:33:34 | 000,219,632 | ---- | M] (Sonic Solutions) [Disabled | Stopped] -- C:\Program Files\Common Files\Roxio Shared\12.0\SharedCOM\RoxWatch12.exe -- (RoxWatch12)
SRV - [2009/07/24 08:33:10 | 001,116,656 | ---- | M] (Sonic Solutions) [Disabled | Stopped] -- C:\Program Files\Common Files\Roxio Shared\12.0\SharedCOM\RoxMediaDB12.exe -- (RoxMediaDB12)
SRV - [2009/07/14 21:53:00 | 000,185,632 | ---- | M] (Ralink Technology, Corp.) [Auto | Running] -- C:\Program Files\Ralink\Common\RaRegistry.exe -- (RalinkRegistryWriter)
SRV - [2009/07/14 01:16:21 | 000,185,856 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\wwansvc.dll -- (WwanSvc)
SRV - [2009/07/14 01:16:17 | 000,151,552 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\wbiosrvc.dll -- (WbioSrvc)
SRV - [2009/07/14 01:16:17 | 000,119,808 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\umpo.dll -- (Power)
SRV - [2009/07/14 01:16:16 | 000,037,376 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\themeservice.dll -- (Themes)
SRV - [2009/07/14 01:16:15 | 000,053,760 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\sppuinotify.dll -- (sppuinotify)
SRV - [2009/07/14 01:16:15 | 000,016,384 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\StorSvc.dll -- (StorSvc)
SRV - [2009/07/14 01:16:13 | 000,043,520 | ---- | M] (Microsoft Corporation) [Unknown | Running] -- C:\Windows\System32\RpcEpMap.dll -- (RpcEptMapper)
SRV - [2009/07/14 01:16:13 | 000,025,088 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\sensrsvc.dll -- (SensrSvc)
SRV - [2009/07/14 01:16:12 | 001,004,544 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\PeerDistSvc.dll -- (PeerDistSvc)
SRV - [2009/07/14 01:16:12 | 000,269,824 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\pnrpsvc.dll -- (PNRPsvc)
SRV - [2009/07/14 01:16:12 | 000,269,824 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\pnrpsvc.dll -- (p2pimsvc)
SRV - [2009/07/14 01:16:12 | 000,165,376 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\System32\provsvc.dll -- (HomeGroupProvider)
SRV - [2009/07/14 01:16:12 | 000,020,480 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\pnrpauto.dll -- (PNRPAutoReg)
SRV - [2009/07/14 01:15:41 | 000,680,960 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV - [2009/07/14 01:15:36 | 000,194,560 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\ListSvc.dll -- (HomeGroupListener)
SRV - [2009/07/14 01:15:11 | 000,253,440 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\dhcpcore.dll -- (Dhcp)
SRV - [2009/07/14 01:15:10 | 000,218,624 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\defragsvc.dll -- (defragsvc)
SRV - [2009/07/14 01:14:59 | 000,076,800 | ---- | M] (Microsoft Corporation) [Unknown | Stopped] -- C:\Windows\System32\bdesvc.dll -- (BDESVC)
SRV - [2009/07/14 01:14:58 | 000,088,064 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\AxInstSv.dll -- (AxInstSV) ActiveX Installer (AxInstSV)
SRV - [2009/07/14 01:14:53 | 000,027,648 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\appidsvc.dll -- (AppIDSvc)
SRV - [2009/07/14 01:14:29 | 003,179,520 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\System32\sppsvc.exe -- (sppsvc)
SRV - [2009/06/02 19:05:58 | 000,457,200 | ---- | M] () [On_Demand | Stopped] -- C:\Program Files\Roxio\BackOnTrack\Disaster Recovery\SaibSVC.exe -- (9734BF6A-2DCD-40f0-BAB0-5AAFEEBE1269)
SRV - [2007/07/24 11:15:14 | 000,185,632 | ---- | M] (Protexis Inc.) [Auto | Running] -- c:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe -- (PSI_SVC_2)
 
 
========== Driver Services (SafeList) ==========
 
DRV - [2011/01/13 08:41:16 | 000,294,608 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\System32\drivers\aswSP.sys -- (aswSP)
DRV - [2011/01/13 08:40:16 | 000,047,440 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\System32\drivers\aswTdi.sys -- (aswTdi)
DRV - [2011/01/13 08:37:30 | 000,023,632 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\System32\drivers\aswRdr.sys -- (aswRdr)
DRV - [2011/01/13 08:37:19 | 000,051,280 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\Windows\System32\drivers\aswMonFlt.sys -- (aswMonFlt)
DRV - [2011/01/13 08:37:09 | 000,017,744 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\Windows\System32\drivers\aswFsBlk.sys -- (aswFsBlk)
DRV - [2010/11/05 08:42:46 | 000,015,264 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Program Files\Lavasoft\Ad-Aware\kernexplorer.sys -- (Lavasoft Kernexplorer)
DRV - [2010/08/12 12:15:20 | 000,064,288 | ---- | M] (Lavasoft AB) [File_System | Boot | Running] -- C:\Windows\system32\DRIVERS\Lbd.sys -- (Lbd)
DRV - [2010/07/07 17:18:56 | 000,044,432 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\dc3d.sys -- (dc3d) MS Hardware Device Detection Driver (USB)
DRV - [2009/12/11 21:50:29 | 002,971,680 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\RTKVHDA.sys -- (IntcAzAudAddService) Service for Realtek HD Audio (WDM)
DRV - [2009/12/11 16:57:22 | 000,159,168 | ---- | M] (Acronis) [File_System | On_Demand | Running] -- C:\Windows\System32\drivers\afcdp.sys -- (afcdp)
DRV - [2009/12/11 16:57:20 | 000,902,432 | ---- | M] (Acronis) [Kernel | Boot | Running] -- C:\Windows\system32\DRIVERS\tdrpm251.sys -- (tdrpman251) Acronis Try&Decide and Restore Points filter (build 251)
DRV - [2009/12/11 16:57:20 | 000,570,016 | ---- | M] (Acronis) [Kernel | Boot | Running] -- C:\Windows\system32\DRIVERS\timntr.sys -- (timounter)
DRV - [2009/12/11 16:57:16 | 000,157,248 | ---- | M] (Acronis) [Kernel | Boot | Running] -- C:\Windows\system32\DRIVERS\snapman.sys -- (snapman)
DRV - [2009/12/11 07:44:02 | 000,133,720 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\System32\Drivers\ksecpkg.sys -- (KSecPkg)
DRV - [2009/11/21 02:34:54 | 011,515,752 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\nvlddmkm.sys -- (nvlddmkm)
DRV - [2009/07/29 17:18:20 | 000,553,472 | ---- | M] (Ralink Technology, Corp.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\netr73.sys -- (netr73)
DRV - [2009/07/14 20:44:22 | 001,443,584 | ---- | M] (Hauppauge Computer Works) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\HCW85BDA.sys -- (HCW85BDA)
DRV - [2009/07/14 01:26:21 | 000,015,952 | ---- | M] (CMD Technology, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\cmdide.sys -- (cmdide)
DRV - [2009/07/14 01:26:17 | 000,297,552 | ---- | M] (Adaptec, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\adpahci.sys -- (adpahci)
DRV - [2009/07/14 01:26:15 | 000,422,976 | ---- | M] (Adaptec, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\adp94xx.sys -- (adp94xx)
DRV - [2009/07/14 01:26:15 | 000,159,312 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\amdsbs.sys -- (amdsbs)
DRV - [2009/07/14 01:26:15 | 000,146,512 | ---- | M] (Adaptec, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\adpu320.sys -- (adpu320)
DRV - [2009/07/14 01:26:15 | 000,086,608 | ---- | M] (Adaptec, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\arcsas.sys -- (arcsas)
DRV - [2009/07/14 01:26:15 | 000,079,952 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\amdsata.sys -- (amdsata)
DRV - [2009/07/14 01:26:15 | 000,076,368 | ---- | M] (Adaptec, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\arc.sys -- (arc)
DRV - [2009/07/14 01:26:15 | 000,023,616 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\system32\DRIVERS\amdxata.sys -- (amdxata)
DRV - [2009/07/14 01:26:15 | 000,014,400 | ---- | M] (Acer Laboratories Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\aliide.sys -- (aliide)
DRV - [2009/07/14 01:20:44 | 000,142,416 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\nvstor.sys -- (nvstor)
DRV - [2009/07/14 01:20:44 | 000,117,312 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\nvraid.sys -- (nvraid)
DRV - [2009/07/14 01:20:44 | 000,044,624 | ---- | M] (IBM Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\nfrd960.sys -- (nfrd960)
DRV - [2009/07/14 01:20:37 | 000,089,168 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\lsi_sas.sys -- (LSI_SAS)
DRV - [2009/07/14 01:20:36 | 000,332,352 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\iaStorV.sys -- (iaStorV)
DRV - [2009/07/14 01:20:36 | 000,235,584 | ---- | M] (LSI Corporation, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\MegaSR.sys -- (MegaSR)
DRV - [2009/07/14 01:20:36 | 000,096,848 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\lsi_scsi.sys -- (LSI_SCSI)
DRV - [2009/07/14 01:20:36 | 000,095,824 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\lsi_fc.sys -- (LSI_FC)
DRV - [2009/07/14 01:20:36 | 000,054,864 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\lsi_sas2.sys -- (LSI_SAS2)
DRV - [2009/07/14 01:20:36 | 000,041,040 | ---- | M] (Intel Corp./ICP vortex GmbH) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\iirsp.sys -- (iirsp)
DRV - [2009/07/14 01:20:36 | 000,030,800 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\megasas.sys -- (megasas)
DRV - [2009/07/14 01:20:36 | 000,013,904 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\hwpolicy.sys -- (hwpolicy)
DRV - [2009/07/14 01:20:28 | 000,453,712 | ---- | M] (Emulex) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\elxstor.sys -- (elxstor)
DRV - [2009/07/14 01:20:28 | 000,070,720 | ---- | M] (Adaptec, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\djsvs.sys -- (aic78xx)
DRV - [2009/07/14 01:20:28 | 000,067,152 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\HpSAMD.sys -- (HpSAMD)
DRV - [2009/07/14 01:20:28 | 000,046,160 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\System32\drivers\fsdepends.sys -- (FsDepends)
DRV - [2009/07/14 01:19:11 | 000,141,904 | ---- | M] (VIA Technologies Inc.,Ltd) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\vsmraid.sys -- (vsmraid)
DRV - [2009/07/14 01:19:10 | 000,175,824 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\vmbus.sys -- (vmbus)
DRV - [2009/07/14 01:19:10 | 000,159,824 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\vhdmp.sys -- (vhdmp)
DRV - [2009/07/14 01:19:10 | 000,040,896 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\system32\DRIVERS\vmstorfl.sys -- (storflt)
DRV - [2009/07/14 01:19:10 | 000,032,832 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\system32\DRIVERS\vdrvroot.sys -- (vdrvroot)
DRV - [2009/07/14 01:19:10 | 000,028,224 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\storvsc.sys -- (storvsc)
DRV - [2009/07/14 01:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\System32\drivers\wimmount.sys -- (WIMMount)
DRV - [2009/07/14 01:19:10 | 000,016,976 | ---- | M] (VIA Technologies, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\viaide.sys -- (viaide)
DRV - [2009/07/14 01:19:04 | 001,383,488 | ---- | M] (QLogic Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\ql2300.sys -- (ql2300)
DRV - [2009/07/14 01:19:04 | 000,173,648 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\rdyboost.sys -- (rdyboost)
DRV - [2009/07/14 01:19:04 | 000,106,064 | ---- | M] (QLogic Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\ql40xx.sys -- (ql40xx)
DRV - [2009/07/14 01:19:04 | 000,077,888 | ---- | M] (Silicon Integrated Systems) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\sisraid4.sys -- (SiSRaid4)
DRV - [2009/07/14 01:19:04 | 000,043,088 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\pcw.sys -- (pcw)
DRV - [2009/07/14 01:19:04 | 000,040,016 | ---- | M] (Silicon Integrated Systems Corp.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\SiSRaid2.sys -- (SiSRaid2)
DRV - [2009/07/14 01:19:04 | 000,021,072 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\stexstor.sys -- (stexstor)
DRV - [2009/07/14 01:17:54 | 000,369,568 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\System32\Drivers\cng.sys -- (CNG)
DRV - [2009/07/14 00:57:25 | 000,272,128 | ---- | M] (Brother Industries Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\Drivers\Brserid.sys -- (Brserid) Brother MFC Serial Port Interface Driver (WDM)
DRV - [2009/07/14 00:02:41 | 000,018,944 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\rdpbus.sys -- (rdpbus)
DRV - [2009/07/14 00:01:41 | 000,007,168 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\System32\drivers\RDPREFMP.sys -- (RDPREFMP)
DRV - [2009/07/13 23:55:00 | 000,049,152 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\agilevpn.sys -- (RasAgileVpn) WAN Miniport (IKEv2)
DRV - [2009/07/13 23:53:51 | 000,009,728 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\System32\drivers\wfplwf.sys -- (WfpLwf)
DRV - [2009/07/13 23:52:44 | 000,027,136 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ndiscap.sys -- (NdisCap)
DRV - [2009/07/13 23:52:10 | 000,014,336 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\vwifimp.sys -- (vwifimp)
DRV - [2009/07/13 23:52:04 | 000,048,128 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\System32\drivers\vwififlt.sys -- (vwififlt)
DRV - [2009/07/13 23:52:02 | 000,019,968 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\vwifibus.sys -- (vwifibus)
DRV - [2009/07/13 23:52:00 | 000,163,328 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\1394ohci.sys -- (1394ohci)
DRV - [2009/07/13 23:51:35 | 000,008,192 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\umpass.sys -- (UmPass)
DRV - [2009/07/13 23:51:08 | 000,004,096 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\mshidkmdf.sys -- (mshidkmdf)
DRV - [2009/07/13 23:46:55 | 000,012,288 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\MTConfig.sys -- (MTConfig)
DRV - [2009/07/13 23:45:26 | 000,031,232 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\CompositeBus.sys -- (CompositeBus)
DRV - [2009/07/13 23:36:52 | 000,050,176 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\drivers\appid.sys -- (AppID)
DRV - [2009/07/13 23:33:50 | 000,026,624 | ---- | M] (Microsoft Corporation) [Kernel | Unknown | Stopped] -- C:\Windows\System32\drivers\scfilter.sys -- (scfilter)
DRV - [2009/07/13 23:28:47 | 000,005,632 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\vms3cap.sys -- (s3cap)
DRV - [2009/07/13 23:28:45 | 000,017,920 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\VMBusHID.sys -- (VMBusHID)
DRV - [2009/07/13 23:24:05 | 000,032,256 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\System32\drivers\discache.sys -- (discache)
DRV - [2009/07/13 23:16:36 | 000,009,728 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\acpipmi.sys -- (AcpiPmi)
DRV - [2009/07/13 23:11:04 | 000,052,736 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\amdppm.sys -- (AmdPPM)
DRV - [2009/07/13 22:54:14 | 000,026,624 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\drivers\hcw85cir.sys -- (hcw85cir)
DRV - [2009/07/13 22:53:33 | 000,012,160 | ---- | M] (Brother Industries Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\Drivers\BrUsbMdm.sys -- (BrUsbMdm)
DRV - [2009/07/13 22:53:33 | 000,011,904 | ---- | M] (Brother Industries Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\Drivers\BrUsbSer.sys -- (BrUsbSer)
DRV - [2009/07/13 22:53:32 | 000,062,336 | ---- | M] (Brother Industries Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\Drivers\BrSerWdm.sys -- (BrSerWdm)
DRV - [2009/07/13 22:53:28 | 000,013,568 | ---- | M] (Brother Industries, Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\BrFiltLo.sys -- (BrFiltLo)
DRV - [2009/07/13 22:53:28 | 000,005,248 | ---- | M] (Brother Industries, Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\BrFiltUp.sys -- (BrFiltUp)
DRV - [2009/07/13 22:02:49 | 000,229,888 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\b57nd60x.sys -- (b57nd60x)
DRV - [2009/07/13 22:02:48 | 003,100,160 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\evbdx.sys -- (ebdrv)
DRV - [2009/07/13 22:02:48 | 000,430,080 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\bxvbdx.sys -- (b06bdrv)
DRV - [2009/06/05 19:12:34 | 000,219,352 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\e1e6232.sys -- (e1express) Intel(R)
DRV - [2009/06/02 01:00:00 | 000,025,584 | ---- | M] (Sonic Solutions) [Kernel | System | Running] -- C:\Windows\System32\drivers\SaibVd32.sys -- (SaibVd32)
DRV - [2009/06/02 01:00:00 | 000,021,488 | ---- | M] (Sonic Solutions) [Kernel | Boot | Running] -- C:\Windows\System32\Drivers\SahdIa32.sys -- (SahdIa32)
DRV - [2009/06/02 01:00:00 | 000,015,856 | ---- | M] (Sonic Solutions) [Kernel | Boot | Running] -- C:\Windows\System32\Drivers\SaibIa32.sys -- (SaibIa32)
DRV - [2008/05/16 12:33:14 | 000,115,752 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\s0016unic.sys -- (s0016unic) Sony Ericsson Device 0016 USB Ethernet Emulation SEMC0016 (WDM)
DRV - [2008/05/16 12:33:14 | 000,025,512 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\s0016nd5.sys -- (s0016nd5) Sony Ericsson Device 0016 USB Ethernet Emulation SEMC0016 (NDIS)
DRV - [2008/05/16 12:33:14 | 000,015,016 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\s0016mdfl.sys -- (s0016mdfl)
DRV - [2008/05/16 12:33:12 | 000,120,744 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\s0016mdm.sys -- (s0016mdm)
DRV - [2008/05/16 12:33:12 | 000,114,216 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\s0016mgmt.sys -- (s0016mgmt) Sony Ericsson Device 0016 USB WMC Device Management Drivers (WDM)
DRV - [2008/05/16 12:33:12 | 000,110,632 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\s0016obex.sys -- (s0016obex)
DRV - [2008/05/16 12:33:12 | 000,089,256 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\s0016bus.sys -- (s0016bus) Sony Ericsson Device 0016 driver (WDM)
DRV - [2008/01/09 11:28:34 | 000,027,632 | ---- | M] (Sony Ericsson Mobile Communications) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\seehcri.sys -- (seehcri)
 
 
========== Standard Registry (SafeList) ==========
 
 
========== Internet Explorer ==========
 
IE - HKLM\..\URLSearchHook: {88c7f2aa-f93f-432c-8f0e-b7d85967a527} - C:\Program Files\BitTorrentBar\tbBitT.dll (Conduit Ltd.)
 
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://telfordsteamrailway.easysearch.org.uk/
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://uk.msn.com/?ocid=iehp
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = en-gb
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 28 1A AB F3 7C 7A CA 01  [binary data]
IE - HKCU\..\URLSearchHook: {88c7f2aa-f93f-432c-8f0e-b7d85967a527} - C:\Program Files\BitTorrentBar\tbBitT.dll (Conduit Ltd.)
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local
 
========== FireFox ==========
 
FF - prefs.js..browser.search.defaultthis.engineName: "  "
FF - prefs.js..browser.search.defaulturl: "http://search.conduit.com/ResultsExt.aspx?ctid=CT2790392&SearchSource=3&q={searchTerms}"
FF - prefs.js..browser.search.param.yahoo-fr: "chr-greentree_ff&type=827316"
FF - prefs.js..browser.search.selectedEngine: "  "
FF - prefs.js..browser.startup.homepage: "http://search.conduit.com/?ctid=CT2790392&SearchSource=13"
FF - prefs.js..extensions.enabledItems: [email protected]:1.6.2
FF - prefs.js..extensions.enabledItems: {e3f6c2cc-d8db-498c-af6c-499fb211db97}:1.10.1
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}:6.0.21
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}:6.0.22
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}:6.0.23
FF - prefs.js..extensions.enabledItems: {c45c406e-ab73-11d8-be73-000a95be3b12}:1.1.9
FF - prefs.js..keyword.URL: "http://uk.search.yahoo.com/search?fr=greentree_ff1&ei=utf-8&type=827316&p="
FF - prefs.js..network.proxy.no_proxies_on: "*.local"
 
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.13\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2011/01/09 11:12:09 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.13\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2011/01/09 11:12:09 | 000,000,000 | ---D | M]
 
[2009/12/11 18:56:15 | 000,000,000 | ---D | M] (No name found) -- C:\Users\allans\AppData\Roaming\Mozilla\Extensions
[2011/02/07 12:13:56 | 000,000,000 | ---D | M] (No name found) -- C:\Users\allans\AppData\Roaming\Mozilla\Firefox\Profiles\cu0hd0b7.default\extensions
[2011/01/31 11:45:25 | 000,000,000 | ---D | M] (Web Developer) -- C:\Users\allans\AppData\Roaming\Mozilla\Firefox\Profiles\cu0hd0b7.default\extensions\{c45c406e-ab73-11d8-be73-000a95be3b12}
[2011/01/26 19:30:36 | 000,000,000 | ---D | M] (Page Speed) -- C:\Users\allans\AppData\Roaming\Mozilla\Firefox\Profiles\cu0hd0b7.default\extensions\{e3f6c2cc-d8db-498c-af6c-499fb211db97}
[2011/01/26 19:30:36 | 000,000,000 | ---D | M] (No name found) -- C:\Users\allans\AppData\Roaming\Mozilla\Firefox\Profiles\cu0hd0b7.default\extensions\{e3f6c2cc-d8db-498c-af6c-499fb211db97}-trash
[2011/02/07 12:13:56 | 000,000,000 | ---D | M] (Firebug) -- C:\Users\allans\AppData\Roaming\Mozilla\Firefox\Profiles\cu0hd0b7.default\extensions\[email protected]
[2011/01/04 19:52:10 | 000,000,863 | ---- | M] () -- C:\Users\allans\AppData\Roaming\Mozilla\Firefox\Profiles\cu0hd0b7.default\searchplugins\conduit.xml
[2011/01/13 12:56:10 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions
[2010/09/20 19:27:31 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}
[2010/10/18 07:53:56 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}
[2011/01/13 12:56:10 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}
[2008/01/08 00:45:16 | 000,054,600 | ---- | M] (BitTorrent, Inc.) -- C:\Program Files\Mozilla Firefox\plugins\npbittorrent.dll
[2010/11/12 18:53:06 | 000,472,808 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Mozilla Firefox\plugins\npdeployJava1.dll
[2007/02/04 23:02:56 | 001,642,496 | ---- | M] (LizardTech) -- C:\Program Files\Mozilla Firefox\plugins\npdjvu.dll
[2010/10/21 14:22:33 | 000,001,538 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\amazon-en-GB.xml
[2010/10/21 14:22:33 | 000,000,947 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\chambers-en-GB.xml
[2010/10/21 14:22:33 | 000,000,769 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\eBay-en-GB.xml
[2010/10/21 14:22:33 | 000,001,135 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\yahoo-en-GB.xml
 
O1 HOSTS File: ([2010/05/24 17:02:20 | 000,000,872 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
O1 - Hosts: 10.0.0.9 Lemuria
O1 - Hosts: 10.0.0.8 Oleanna
O1 - Hosts: 10.0.0.7 Asgard
O1 - Hosts: 10.0.0.6 Atlantis
O1 - Hosts: 10.0.0.5 Avalon
O1 - Hosts: 10.0.0.3 Lyonesse
O2 - BHO: (no name) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - No CLSID value found.
O2 - BHO: (Ancestry Toolbar) - {0E1230F8-EA50-42A9-983C-D22ABC2EED3B} - C:\Program Files\Ancestry Toolbar\AncestryToolbar.dll (The Generations Network Inc)
O2 - BHO: (Conduit Engine) - {30F9B915-B755-4826-820B-08FBA6BD249D} - C:\Program Files\ConduitEngine\ConduitEngine.dll (Conduit Ltd.)
O2 - BHO: (BitTorrentBar Toolbar) - {88c7f2aa-f93f-432c-8f0e-b7d85967a527} - C:\Program Files\BitTorrentBar\tbBitT.dll (Conduit Ltd.)
O3 - HKLM\..\Toolbar: (Ancestry Toolbar) - {0E1230F8-EA50-42A9-983C-D22ABC2EED3B} - C:\Program Files\Ancestry Toolbar\AncestryToolbar.dll (The Generations Network Inc)
O3 - HKLM\..\Toolbar: (Conduit Engine) - {30F9B915-B755-4826-820B-08FBA6BD249D} - C:\Program Files\ConduitEngine\ConduitEngine.dll (Conduit Ltd.)
O3 - HKLM\..\Toolbar: (BitTorrentBar Toolbar) - {88c7f2aa-f93f-432c-8f0e-b7d85967a527} - C:\Program Files\BitTorrentBar\tbBitT.dll (Conduit Ltd.)
O3 - HKCU\..\Toolbar\WebBrowser: (Ancestry Toolbar) - {0E1230F8-EA50-42A9-983C-D22ABC2EED3B} - C:\Program Files\Ancestry Toolbar\AncestryToolbar.dll (The Generations Network Inc)
O3 - HKCU\..\Toolbar\WebBrowser: (BitTorrentBar Toolbar) - {88C7F2AA-F93F-432C-8F0E-B7D85967A527} - C:\Program Files\BitTorrentBar\tbBitT.dll (Conduit Ltd.)
O4 - HKLM..\Run: [Acronis Scheduler2 Service] C:\Program Files\Common Files\Acronis\Schedule2\schedhlp.exe (Acronis)
O4 - HKLM..\Run: [avast5] C:\Program Files\Alwil Software\Avast5\avastUI.exe (AVAST Software)
O4 - HKLM..\Run: [CPMonitor] C:\Program Files\Roxio 2010\5.0\CPMonitor.exe ()
O4 - HKLM..\Run: [Desktop Disc Tool] C:\Program Files\Roxio 2010\Roxio Burn\RoxioBurnLauncher.exe ()
O4 - HKLM..\Run: [ISUSScheduler] C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe (Macrovision Corporation)
O4 - HKLM..\Run: [TrueImageMonitor.exe] C:\Program Files\Acronis\TrueImageHome\TrueImageMonitor.exe (Acronis)
O4 - HKLM..\Run: [UpdatePDRShortCut] C:\Program Files\CyberLink\PowerDirector\MUITransfer\MUIStartMenu.exe (CyberLink Corp.)
O4 - HKCU..\Run: [ISUSPM Startup] C:\Program Files\Common Files\InstallShield\UpdateService\ISUSPM.exe (Macrovision Corporation)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O8 - Extra context menu item: Add to Google Photos Screensa&ver - C:\Windows\System32\GPhotos.scr (Google Inc.)
O9 - Extra Button: Run WinHTTrack - {36ECAF82-3300-8F84-092E-AFF36D6C7040} - C:\Program Files\WinHTTrack\WinHTTrackIEBar.dll ()
O9 - Extra 'Tools' menuitem : Launch WinHTTrack - {36ECAF82-3300-8F84-092E-AFF36D6C7040} - C:\Program Files\WinHTTrack\WinHTTrackIEBar.dll ()
O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O13 - gopher Prefix: missing
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} http://download.microsoft.com/download/C/0/C/C0CBBA88-A6F2-48D9-9B0E-1719D1177202/LegitCheckControl.cab (Windows Genuine Advantage Validation Tool)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_23-windows-i586.cab (Java Plug-in 1.6.0_23)
O16 - DPF: {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_23-windows-i586.cab (Java Plug-in 1.6.0_23)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_23-windows-i586.cab (Java Plug-in 1.6.0_23)
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab (Reg Error: Key error.)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\System32\SystemPropertiesPerformance.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (/pagefile) -  File not found
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found.
O30 - LSA: Security Packages - (pku2u) - C:\Windows\System32\pku2u.dll (Microsoft Corporation)
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2009/06/10 21:42:20 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O32 - AutoRun File - [2008/10/12 09:14:00 | 000,000,000 | ---- | M] () - D:\AUTOEXEC.BAT -- [ NTFS ]
O33 - MountPoints2\{3671ac95-17c4-11df-9f64-001d6064eb78}\Shell - "" = AutoRun
O33 - MountPoints2\{3671ac95-17c4-11df-9f64-001d6064eb78}\Shell\AutoRun\command - "" = G:\LaunchU3.exe -a
O33 - MountPoints2\{5f1496a8-f853-11de-99c0-001d6064eb78}\Shell - "" = AutoRun
O33 - MountPoints2\{5f1496a8-f853-11de-99c0-001d6064eb78}\Shell\AutoRun\command - "" = G:\LaunchU3.exe
O34 - HKLM BootExecute: (autocheck autochk *) -  File not found
O34 - HKLM BootExecute: (lsdelete) - C:\Windows\System32\lsdelete.exe ()
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
 
========== Files/Folders - Created Within 30 Days ==========
 
[2011/02/07 12:23:14 | 000,719,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jscript.dll
[2011/02/07 12:23:14 | 000,596,480 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msfeeds.dll
[2011/02/07 12:23:14 | 000,080,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\inseng.dll
[2011/02/07 12:23:14 | 000,065,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jsproxy.dll
[2011/02/07 12:23:14 | 000,044,544 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msfeedsbs.dll
[2011/02/07 12:23:14 | 000,023,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\licmgr10.dll
[2011/02/07 12:23:13 | 002,381,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mshtml.tlb
[2011/02/07 12:23:13 | 001,355,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jscript9.dll
[2011/02/07 12:23:13 | 000,424,960 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\vbscript.dll
[2011/02/07 12:23:13 | 000,227,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieaksie.dll
[2011/02/07 12:23:13 | 000,166,400 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msrating.dll
[2011/02/07 12:23:13 | 000,163,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieakui.dll
[2011/02/07 12:23:13 | 000,160,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msls31.dll
[2011/02/07 12:23:13 | 000,130,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieakeng.dll
[2011/02/07 12:23:13 | 000,110,592 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\IEAdvpack.dll
[2011/02/07 12:23:13 | 000,109,568 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\url.dll
[2011/02/07 12:23:13 | 000,076,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\SetIEInstalledDate.exe
[2011/02/07 12:23:13 | 000,074,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\RegisterIEPKEYs.exe
[2011/02/07 12:23:13 | 000,051,200 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\admparse.dll
[2011/02/07 12:23:13 | 000,049,664 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\pngfilt.dll
[2011/02/07 12:23:13 | 000,048,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mshtmler.dll
[2011/02/07 12:23:13 | 000,010,240 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msfeedssync.exe
[2011/02/07 12:23:10 | 003,695,400 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieapfltr.dat
[2011/02/07 12:23:10 | 000,460,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iedkcs32.dll
[2011/02/07 12:23:10 | 000,441,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieapfltr.dll
[2011/02/07 12:23:10 | 000,367,104 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\html.iec
[2011/02/07 12:23:10 | 000,223,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dxtrans.dll
[2011/02/07 12:23:09 | 000,353,280 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dxtmsft.dll
[2011/02/07 12:23:07 | 001,448,448 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\inetcpl.cpl
[2011/02/07 12:23:07 | 000,193,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ie4uinit.exe
[2011/02/07 12:23:07 | 000,176,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieui.dll
[2011/02/07 12:23:07 | 000,142,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieUnatt.exe
[2011/02/07 12:23:07 | 000,114,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iesysprep.dll
[2011/02/07 12:23:07 | 000,075,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iesetup.dll
[2011/02/07 12:23:07 | 000,033,280 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\imgutil.dll
[2011/02/07 12:23:05 | 000,150,016 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iexpress.exe
[2011/02/07 12:23:02 | 000,149,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wextract.exe
[2011/02/07 12:23:02 | 000,111,104 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iepeers.dll
[2011/02/07 12:23:02 | 000,032,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iernonce.dll
[2011/02/07 12:22:53 | 000,000,000 | ---D | C] -- C:\Program Files\Feedback Tool
[2011/01/28 10:17:22 | 000,000,000 | ---D | C] -- C:\Users\allans\AppData\Local\Deployment
[2011/01/28 10:17:22 | 000,000,000 | ---D | C] -- C:\Users\allans\AppData\Local\Apps
[2011/01/19 19:26:34 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Picasa 3
[2011/01/13 09:02:43 | 000,573,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\odbc32.dll
[2011/01/13 09:02:42 | 001,170,944 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3d10warp.dll
[2011/01/13 09:02:42 | 000,739,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d2d1.dll
[2011/01/13 09:02:41 | 003,181,568 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mf.dll
[2011/01/13 09:02:41 | 001,619,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WMVDECOD.DLL
[2011/01/13 09:02:41 | 001,495,040 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ExplorerFrame.dll
[2011/01/13 09:02:41 | 001,076,736 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\DWrite.dll
[2011/01/13 09:02:41 | 000,804,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\FntCache.dll
[2011/01/13 09:02:41 | 000,442,880 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\XpsPrint.dll
[2011/01/13 09:02:41 | 000,283,648 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\XpsGdiConverter.dll
[2011/01/13 09:02:41 | 000,218,624 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3d10_1core.dll
[2011/01/13 09:02:41 | 000,211,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\dxgmms1.sys
[2011/01/13 09:02:41 | 000,196,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mfreadwrite.dll
[2011/01/13 09:02:41 | 000,135,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\XpsRasterService.dll
[2011/01/13 09:02:41 | 000,107,520 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\cdd.dll
[2011/01/13 09:02:40 | 000,161,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3d10_1.dll
[2011/01/09 10:59:10 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
 
========== Files - Modified Within 30 Days ==========
 
[2011/02/08 09:23:28 | 000,016,940 | ---- | M] () -- C:\Users\allans\Documents\cc_20110208_092324.reg
[2011/02/08 09:21:28 | 000,000,977 | ---- | M] () -- C:\Users\Public\Desktop\CCleaner.lnk
[2011/02/08 09:20:22 | 000,003,473 | ---- | M] () -- C:\Windows\System32\Init.xml
[2011/02/08 09:16:39 | 000,000,884 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2011/02/08 09:16:25 | 000,002,295 | ---- | M] () -- C:\Users\Public\Desktop\Google Chrome.lnk
[2011/02/08 09:16:00 | 000,000,880 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2011/02/08 09:05:14 | 000,602,624 | ---- | M] (OldTimer Tools) -- C:\Users\allans\Desktop\OTL.exe
[2011/02/08 09:02:20 | 000,014,992 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2011/02/08 09:02:20 | 000,014,992 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2011/02/08 08:59:35 | 000,662,426 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2011/02/08 08:59:35 | 000,123,300 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2011/02/08 08:55:31 | 000,000,370 | ---- | M] () -- C:\Windows\tasks\Ad-Aware Update (Weekly).job
[2011/02/08 08:55:11 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2011/02/08 08:55:09 | 2616,696,832 | -HS- | M] () -- C:\hiberfil.sys
[2011/02/07 12:26:04 | 000,001,419 | ---- | M] () -- C:\Users\allans\Application Data\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk
[2011/02/07 10:22:51 | 000,002,516 | -HS- | M] () -- C:\ProgramData\KGyGaAvL.sys
[2011/01/19 19:26:46 | 000,001,076 | ---- | M] () -- C:\Users\Public\Desktop\Picasa 3.lnk
[2011/01/18 12:49:15 | 000,002,577 | ---- | M] () -- C:\Windows\System32\config.nt
[2011/01/13 08:47:32 | 000,188,216 | ---- | M] (AVAST Software) -- C:\Windows\System32\aswBoot.exe
[2011/01/13 08:41:16 | 000,294,608 | ---- | M] (AVAST Software) -- C:\Windows\System32\drivers\aswSP.sys
[2011/01/13 08:40:16 | 000,047,440 | ---- | M] (AVAST Software) -- C:\Windows\System32\drivers\aswTdi.sys
[2011/01/13 08:37:30 | 000,023,632 | ---- | M] (AVAST Software) -- C:\Windows\System32\drivers\aswRdr.sys
[2011/01/13 08:37:19 | 000,051,280 | ---- | M] (AVAST Software) -- C:\Windows\System32\drivers\aswMonFlt.sys
[2011/01/13 08:37:09 | 000,017,744 | ---- | M] (AVAST Software) -- C:\Windows\System32\drivers\aswFsBlk.sys
[2011/01/09 11:35:11 | 000,001,079 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk
[2011/01/09 11:15:12 | 000,015,880 | ---- | M] () -- C:\Windows\System32\lsdelete.exe
[2011/01/09 11:13:09 | 000,000,835 | ---- | M] () -- C:\Users\allans\Application Data\Microsoft\Internet Explorer\Quick Launch\Opera.lnk
[2011/01/09 11:13:09 | 000,000,811 | ---- | M] () -- C:\Users\Public\Desktop\Opera.lnk
[2011/01/09 11:01:03 | 000,009,844 | ---- | M] () -- C:\Users\allans\Documents\cc_20110109_110059.reg
 
========== Files Created - No Company Name ==========
 
[2011/02/08 09:23:26 | 000,016,940 | ---- | C] () -- C:\Users\allans\Documents\cc_20110208_092324.reg
[2011/02/08 08:55:31 | 000,000,370 | ---- | C] () -- C:\Windows\tasks\Ad-Aware Update (Weekly).job
[2011/02/07 12:23:07 | 000,072,533 | ---- | C] () -- C:\Windows\System32\ieuinit.inf
[2011/01/19 19:26:46 | 000,001,076 | ---- | C] () -- C:\Users\Public\Desktop\Picasa 3.lnk
[2011/01/10 10:32:16 | 2616,696,832 | -HS- | C] () -- C:\hiberfil.sys
[2011/01/09 13:59:21 | 000,015,880 | ---- | C] () -- C:\Windows\System32\lsdelete.exe
[2011/01/09 11:01:01 | 000,009,844 | ---- | C] () -- C:\Users\allans\Documents\cc_20110109_110059.reg
[2011/01/09 10:59:10 | 000,000,977 | ---- | C] () -- C:\Users\Public\Desktop\CCleaner.lnk
[2010/12/24 09:06:15 | 000,116,224 | ---- | C] () -- C:\Windows\System32\pdfcmnnt.dll
[2009/12/24 19:54:09 | 000,000,000 | ---- | C] () -- C:\Users\allans\AppData\Local\rx_image32.Cache
[2009/12/14 06:25:23 | 000,002,516 | -HS- | C] () -- C:\ProgramData\KGyGaAvL.sys
[2009/12/14 06:25:23 | 000,000,008 | RHS- | C] () -- C:\ProgramData\4134D8FADF.sys
[2009/12/12 16:17:10 | 000,126,976 | ---- | C] () -- C:\Windows\System32\THBIni20.dll
[2009/12/12 11:53:55 | 000,002,516 | -HS- | C] () -- C:\Windows\System32\KGyGaAvL.sys
[2009/07/13 23:51:43 | 000,073,728 | ---- | C] () -- C:\Windows\System32\BthpanContextHandler.dll
[2009/07/13 23:42:10 | 000,064,000 | ---- | C] () -- C:\Windows\System32\BWContextHandler.dll
[2008/11/04 14:43:46 | 000,434,176 | ---- | C] () -- C:\Windows\System32\CNQL3203.DLL
[2008/10/14 15:05:42 | 000,014,800 | ---- | C] () -- C:\Windows\System32\IMSRCIta.dll
[2008/10/14 15:05:08 | 000,014,800 | ---- | C] () -- C:\Windows\System32\IMSRCFra.dll
[2008/10/14 15:04:36 | 000,014,800 | ---- | C] () -- C:\Windows\System32\IMSRCEsp.dll
[2008/10/14 15:04:02 | 000,014,288 | ---- | C] () -- C:\Windows\System32\IMSRCEng.dll
[2008/10/14 15:03:34 | 000,014,288 | ---- | C] () -- C:\Windows\System32\IMSRCDeu.dll
[2008/10/14 14:55:20 | 000,014,288 | ---- | C] () -- C:\Windows\System32\IMGFXIta.dll
[2008/10/14 14:54:52 | 000,014,288 | ---- | C] () -- C:\Windows\System32\IMGFXFra.dll
[2008/10/14 14:54:22 | 000,014,288 | ---- | C] () -- C:\Windows\System32\IMGFXEsp.dll
[2008/10/14 14:53:48 | 000,013,776 | ---- | C] () -- C:\Windows\System32\IMGFXEng.dll
[2008/10/14 14:53:18 | 000,014,288 | ---- | C] () -- C:\Windows\System32\IMGFXDeu.dll
[2006/07/21 19:50:34 | 000,066,048 | ---- | C] () -- C:\Windows\System32\hcwxds.dll
[2004/01/30 15:07:46 | 000,245,408 | ---- | C] () -- C:\Windows\System32\unicows.dll

< End of report >

11
Tech Clinic / IE wont run
« on: February 08, 2011, 04:15:29 AM »
Yes - I would like to investigate further - thanks. I also have some rendering issues - this computer often doesnt display pages in the same way as another with the same SO & IE versions - e.g. text with a white background instead of a coloured backgrouns, or layout issues. Just tried to open IR this morning - failed again.

I will run as requested and post shortly

12
Tech Clinic / IE wont run
« on: February 07, 2011, 07:53:25 AM »
restarted IE using start without addon in system tools - IE Runs
disabled ALL addons
restarted IE normally - IE Runs - wa hey
enabled addons one by one - problem disappeard - !!!!!!!!

oh well at least its working again

13
Tech Clinic / IE wont run
« on: February 07, 2011, 07:37:43 AM »
Using IE on Win 7.
This morning, IE was morking but I was having problems with rendering - CSS not displaying as expected. Checked page on another computer and it was perfect (same OS and same version IE). I looked through 'add-on' to see what might be interfering and removed a couple of them. Tafter that IE wouldnt start - juist the error message
IE has stopped working  microsoft will notify you if a solution is found'
Oh !!!!! I thought.
SO I figured here's a chance to test IE9 Beta - downloaded - installed - same problem.

Now I know its IE - and I normally use FF - but I need IE for website compatability checks -
any advice on getting IE running would be appreciated.

14
Tech Clinic / Unexpected 'program wants to access your address book
« on: May 25, 2010, 04:04:43 PM »
Touch wood - yes -
no futher issues since 20th

Thanks

Allan

15
Tech Clinic / Unexpected 'program wants to access your address book
« on: May 24, 2010, 02:58:04 AM »
Last Post 20th -
22nd re-enabled UAC
Still no problems. Will remove Mapi today

16
Tech Clinic / Unexpected 'program wants to access your address book
« on: May 20, 2010, 02:48:34 AM »
Re-enabled UAC and re-booted.
On opening Outlook a warning screen appeared stating that Outlook had a serious problem with the Adaware plugin and asking if I wanted to disable it. - It is now disabled.

17
Tech Clinic / Unexpected 'program wants to access your address book
« on: May 20, 2010, 02:42:45 AM »
Still no warnings abour accessing address book - but another Outlook Crash.
I will re-enable UAC, then give it a few days.
AFter that remove MApiLab, and give it a few days.

If no improvement I will bite the bullet and re-install Ofice.

18
Tech Clinic / Unexpected 'program wants to access your address book
« on: May 18, 2010, 09:48:06 AM »
[quote name='guestolo' date='18 May 2010 - 04:50 AM' timestamp='1274176237' post='469443']
The most up to date version of Avast is 5.0.545
[/quote]
Sorry - I misunderstood.
I have done as you requested - no threats found, but a couple of unusual entries in the scan log.
I cant find a way to copy  the text so I have attached screen grab - didnt want to risk mis-transcribing.

The first entry is a piece of software I thought was removed - I cant see it among installed programs - just in case I have renamed the folder
D: - is a Bootable Windows XP (this is a dual boot system, although I havent used XP for quite some time - many months)
The end entries relating to Roxio repeat for all the files in the cab, so I chopped them off the image.re-run security check:-
Quote
Results of screen317's Security Check version 0.99.4  
 Windows 7  (UAC is disabled!)
 Internet Explorer 8  
``````````````````````````````
Antivirus/Firewall Check:
 Windows Firewall Disabled!  
 avast! Free Antivirus    
 WMI entry may not exist for antivirus; attempting automatic update.
```````````````````````````````
Anti-malware/Other Utilities Check:
 Ad-Aware
 Malwarebytes' Anti-Malware    
 CCleaner    
 Adobe Flash Player 10.0.42.34  
Adobe Reader 9.3.2
 Mozilla Firefox (3.6.3)
````````````````````````````````
Process Check:  
objlist.exe by Laurent
 Ad-Aware AAWService.exe
 Ad-Aware AAWTray.exe
 Alwil Software Avast5 AvastSvc.exe  
 Alwil Software Avast5 AvastUI.exe  
````````````````````````````````
DNS Vulnerability Check:
 GREAT! (Not vulnerable to DNS cache poisoning)

``````````End of Log````````````

When updating Avast I had to re-boot. I closed Outlook and whilst closing Outlook crashed - critical
event details:-
Quote
Faulting application name: OUTLOOK.EXE, version: 12.0.6514.5000, time stamp: 0x4a89dc70
Faulting module name: OUTLOOK.EXE, version: 12.0.6514.5000, time stamp: 0x4a89dc70
Exception code: 0xc0000005
Fault offset: 0x00a54287
Faulting process id: 0x8b0
Faulting application start time: 0x01caf66e5ec77159
Faulting application path: C:\Program Files\Microsoft Office\Office12\OUTLOOK.EXE
Faulting module path: C:\Program Files\Microsoft Office\Office12\OUTLOOK.EXE
Report Id: 782cc6db-627c-11df-921a-001d6064eb78

19
Tech Clinic / Unexpected 'program wants to access your address book
« on: May 18, 2010, 03:45:16 AM »
Avast updated. Current version 4.8 is installed.
The following is displayed during 'Seurity Check' but boes not appear in the log.
Quote
Information about current update:
Total time: 6 s

- Program: Already up to date
  (current version 4.8.1368)
- Vps: Already up to date
  (current version 100517-1)

Server: ll002.avast.com (87.248.210.254)
Downloaded files: 2 (0.02 KB)
Download time: 1 s
Full scan run and nothing found

Re run Security Check as requested
Quote
layed  Results of screen317's Security Check version 0.99.4  
 Windows 7  (UAC is disabled!)
 Internet Explorer 8  
``````````````````````````````
Antivirus/Firewall Check:
 Windows Firewall Disabled!  
 avast! Antivirus    
 WMI entry may not exist for antivirus; attempting automatic update.
 avast! successfully updated!
```````````````````````````````
Anti-malware/Other Utilities Check:
 Ad-Aware
 Malwarebytes' Anti-Malware    
 CCleaner    
 Adobe Flash Player 10.0.42.34  
Adobe Reader 9.3.2
 Mozilla Firefox (3.6.3)
````````````````````````````````
Process Check:  
objlist.exe by Laurent
 Ad-Aware AAWService.exe is disabled!
 Ad-Aware AAWTray.exe is disabled!
 Alwil Software Avast4 aswUpdSv.exe
 Alwil Software Avast4 ashServ.exe
 Alwil Software Avast4 ashDisp.exe
 Alwil Software Avast4 ashMaiSv.exe
 Alwil Software Avast4 ashWebSv.exe
````````````````````````````````
DNS Vulnerability Check:
 GREAT! (Not vulnerable to DNS cache poisoning)

``````````End of Log````````````

The following 'Critical' event occurred on Boot today
Quote
Session "Homegroup Log" failed to start with the following error: 0xC0000035
Presumably this occurred because all other computers in the group are not powered on.

There have been no further warnings from Outlook about unexpected address book access.
If the the warning does not reappear it is possible that either
The Outlook Repair fixed the problem
The fact that UAC is off has had some form of impact.
I will re-enable UAC on Thursday if it does not recur.

The statement 'No Unauthorised access' was not intended to be any form of quote from the screen - simply a staemment that the error had not repeated. If/When it does you will get a verbatim transcription.

Thanks

Allan

20
Tech Clinic / Unexpected 'program wants to access your address book
« on: May 17, 2010, 05:18:34 AM »
[quote name='guestolo' date='16 May 2010 - 02:39 PM' timestamp='1274038783' post='469383']
Do you have the free version of Avast 4 installed?
[/quote]

yes

NO 'Unauthorised access' today

Pages: [1] 2 3