[code] OTS logfile created on: 7/31/2011 6:09:13 PM - Run 1 OTS by OldTimer - Version 3.1.44.0 Folder = C:\Documents and Settings\NEVILLE\Desktop Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation Internet Explorer (Version = 8.0.6001.18702) Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy 2.00 Gb Total Physical Memory | 1.00 Gb Available Physical Memory | 63.00% Memory free 4.00 Gb Paging File | 3.00 Gb Available in Paging File | 85.00% Paging File free Paging file location(s): C:\pagefile.sys 2046 4092 [binary data] %SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files Drive C: | 214.84 Gb Total Space | 193.31 Gb Free Space | 89.98% Space Free | Partition Type: NTFS Drive D: | 18.03 Gb Total Space | 16.36 Gb Free Space | 90.72% Space Free | Partition Type: NTFS E: Drive not present or media not loaded F: Drive not present or media not loaded G: Drive not present or media not loaded H: Drive not present or media not loaded I: Drive not present or media not loaded Computer Name: NEVILLE-F5FFDC7 Current User Name: NEVILLE Logged in as Administrator. Current Boot Mode: Normal Scan Mode: All users Company Name Whitelist: Off Skip Microsoft Files: Off File Age = 30 Days [Processes - Safe List] ots.exe -> C:\Documents and Settings\NEVILLE\Desktop\OTS.exe -> [2011/07/31 18:05:50 | 000,645,120 | ---- | M] (OldTimer Tools) winpatrol.exe -> C:\Program Files\BillP Studios\WinPatrol\WinPatrol.exe -> [2011/05/16 01:23:20 | 000,325,512 | ---- | M] (BillP Studios) avgtray.exe -> C:\Program Files\AVG\AVG10\avgtray.exe -> [2011/04/18 17:40:08 | 002,334,560 | ---- | M] (AVG Technologies CZ, s.r.o.) avgidsagent.exe -> C:\Program Files\AVG\AVG10\Identity Protection\Agent\Bin\AVGIDSAgent.exe -> [2011/04/18 17:39:42 | 007,398,752 | ---- | M] (AVG Technologies CZ, s.r.o.) avgnsx.exe -> C:\Program Files\AVG\AVG10\avgnsx.exe -> [2011/04/14 05:36:42 | 001,080,672 | ---- | M] (AVG Technologies CZ, s.r.o.) avgcsrvx.exe -> C:\Program Files\AVG\AVG10\avgcsrvx.exe -> [2011/03/28 03:00:52 | 000,351,072 | ---- | M] (AVG Technologies CZ, s.r.o.) avgemcx.exe -> C:\Program Files\AVG\AVG10\avgemcx.exe -> [2011/03/16 16:05:20 | 001,025,888 | ---- | M] (AVG Technologies CZ, s.r.o.) avgchsvx.exe -> C:\Program Files\AVG\AVG10\avgchsvx.exe -> [2011/03/16 16:05:14 | 000,656,736 | ---- | M] (AVG Technologies CZ, s.r.o.) avgfws.exe -> C:\Program Files\AVG\AVG10\avgfws.exe -> [2011/03/09 19:24:44 | 002,708,024 | ---- | M] (AVG Technologies CZ, s.r.o.) avgidsmonitor.exe -> C:\Program Files\AVG\AVG10\Identity Protection\Agent\Bin\AVGIDSMonitor.exe -> [2011/02/10 07:55:18 | 001,148,256 | ---- | M] () avgwdsvc.exe -> C:\Program Files\AVG\AVG10\avgwdsvc.exe -> [2011/02/08 05:33:42 | 000,269,520 | ---- | M] (AVG Technologies CZ, s.r.o.) avgrsx.exe -> C:\Program Files\AVG\AVG10\avgrsx.exe -> [2011/02/08 05:33:20 | 000,658,784 | ---- | M] (AVG Technologies CZ, s.r.o.) avgam.exe -> C:\Program Files\AVG\AVG10\avgam.exe -> [2011/02/08 05:32:42 | 000,750,432 | ---- | M] (AVG Technologies CZ, s.r.o.) explorer.exe -> C:\WINDOWS\explorer.exe -> [2008/04/14 11:12:20 | 001,033,728 | ---- | M] (Microsoft Corporation) rambooster.exe -> C:\Program Files\RamBooster 2.0\Rambooster.exe -> [2005/11/17 07:32:54 | 000,561,664 | ---- | M] (J.Pajula) powermenu.exe -> C:\Program Files\PowerMenu\PowerMenu.exe -> [2002/12/20 04:47:56 | 000,057,344 | ---- | M] (Thong Nguyen) [Modules - Safe List] ots.exe -> C:\Documents and Settings\NEVILLE\Desktop\OTS.exe -> [2011/07/31 18:05:50 | 000,645,120 | ---- | M] (OldTimer Tools) patrolpro.dll -> C:\Program Files\BillP Studios\WinPatrol\patrolpro.dll -> [2011/05/16 01:23:34 | 000,064,600 | ---- | M] (BillP Studios) comctl32.dll -> C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.6028_x-ww_61e65202\comctl32.dll -> [2010/08/23 21:42:02 | 001,054,208 | ---- | M] (Microsoft Corporation) powermenuhook.dll -> C:\Program Files\PowerMenu\PowerMenuHook.dll -> [2002/12/20 04:46:50 | 000,073,728 | ---- | M] (Thong Nguyen) [Win32 Services - Safe List] (HidServ) Human Interface Device Access [Disabled | Stopped] -> -> File not found (MBAMService) MBAMService [Disabled | Stopped] -> C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe -> [2011/07/06 19:52:38 | 000,366,640 | ---- | M] (Malwarebytes Corporation) (AVGIDSAgent) AVGIDSAgent [Auto | Running] -> C:\Program Files\AVG\AVG10\Identity Protection\Agent\Bin\AVGIDSAgent.exe -> [2011/04/18 17:39:42 | 007,398,752 | ---- | M] (AVG Technologies CZ, s.r.o.) (avgfws) AVG Firewall [Auto | Running] -> C:\Program Files\AVG\AVG10\avgfws.exe -> [2011/03/09 19:24:44 | 002,708,024 | ---- | M] (AVG Technologies CZ, s.r.o.) (avgwd) AVG WatchDog [Auto | Running] -> C:\Program Files\AVG\AVG10\avgwdsvc.exe -> [2011/02/08 05:33:42 | 000,269,520 | ---- | M] (AVG Technologies CZ, s.r.o.) (postgresql-8.4) postgresql-8.4 - PostgreSQL Server 8.4 [On_Demand | Stopped] -> C:\Program Files\PostgreSQL\8.4\bin\pg_ctl.exe -> [2011/01/28 10:45:33 | 000,066,048 | ---- | M] (PostgreSQL Global Development Group) [Driver Services - Safe List] (uzmwmze2) AVZ-RK Kernel Driver [Kernel | System | Running] -> C:\WINDOWS\system32\drivers\uzmwmze2.sys -> [2011/07/31 00:50:34 | 000,011,264 | ---- | M] () (79037428) 79037428 [Kernel | System | Running] -> C:\WINDOWS\system32\drivers\79037428.sys -> [2011/07/30 13:26:28 | 000,133,208 | ---- | M] (Kaspersky Lab ZAO) (28530074) 28530074 [Kernel | System | Running] -> C:\WINDOWS\system32\drivers\28530074.sys -> [2011/07/30 13:26:28 | 000,133,208 | ---- | M] (Kaspersky Lab ZAO) (26173193) 26173193 [Kernel | System | Running] -> C:\WINDOWS\system32\drivers\26173193.sys -> [2011/07/30 13:26:28 | 000,133,208 | ---- | M] (Kaspersky Lab ZAO) (66011389) 66011389 [Kernel | System | Stopped] -> C:\WINDOWS\system32\drivers\66011389.sys -> [2011/07/30 13:26:28 | 000,133,208 | ---- | M] () (MBAMSwissArmy) MBAMSwissArmy [Kernel | On_Demand | Stopped] -> C:\WINDOWS\system32\drivers\mbamswissarmy.sys -> [2011/07/06 19:52:42 | 000,041,272 | ---- | M] (Malwarebytes Corporation) (MBAMProtector) MBAMProtector [File_System | On_Demand | Stopped] -> C:\WINDOWS\system32\drivers\mbam.sys -> [2011/07/06 19:52:42 | 000,022,712 | ---- | M] (Malwarebytes Corporation) (AVGIDSDriver) AVGIDSDriver [Kernel | On_Demand | Running] -> C:\WINDOWS\system32\drivers\AVGIDSDriver.sys -> [2011/04/14 21:28:42 | 000,134,480 | ---- | M] (AVG Technologies CZ, s.r.o. ) (Avgtdix) AVG TDI Driver [Kernel | System | Running] -> C:\WINDOWS\system32\drivers\avgtdix.sys -> [2011/04/05 00:59:56 | 000,297,168 | ---- | M] (AVG Technologies CZ, s.r.o.) (Avgrkx86) AVG Anti-Rootkit Driver [File_System | Boot | Running] -> C:\WINDOWS\system32\DRIVERS\avgrkx86.sys -> [2011/03/16 16:03:20 | 000,032,592 | ---- | M] (AVG Technologies CZ, s.r.o.) (Avgmfx86) AVG Mini-Filter Resident Anti-Virus Shield [File_System | System | Running] -> C:\WINDOWS\system32\drivers\avgmfx86.sys -> [2011/03/01 14:25:18 | 000,034,896 | ---- | M] (AVG Technologies CZ, s.r.o.) (SmartDefragDriver) SmartDefragDriver [Kernel | Boot | Running] -> C:\WINDOWS\System32\Drivers\SmartDefragDriver.sys -> [2011/02/23 17:04:32 | 000,013,496 | ---- | M] () (AVGIDSEH) AVGIDSEH [Kernel | Boot | Running] -> C:\WINDOWS\system32\DRIVERS\AVGIDSEH.Sys -> [2011/02/22 08:13:02 | 000,022,992 | ---- | M] (AVG Technologies CZ, s.r.o. ) (AVGIDSShim) AVGIDSShim [Kernel | On_Demand | Running] -> C:\WINDOWS\system32\drivers\AVGIDSShim.sys -> [2011/02/10 07:53:54 | 000,027,216 | ---- | M] (AVG Technologies CZ, s.r.o. ) (AVGIDSFilter) AVGIDSFilter [Kernel | On_Demand | Running] -> C:\WINDOWS\system32\drivers\AVGIDSFilter.sys -> [2011/02/10 07:53:52 | 000,024,144 | ---- | M] (AVG Technologies CZ, s.r.o. ) (Avgldx86) AVG AVI Loader Driver [Kernel | System | Running] -> C:\WINDOWS\system32\drivers\avgldx86.sys -> [2011/01/07 06:41:46 | 000,248,656 | ---- | M] (AVG Technologies CZ, s.r.o.) (Avgfwfd) AVG network filter service [Kernel | On_Demand | Stopped] -> C:\WINDOWS\system32\drivers\avgfwdx.sys -> [2010/07/12 04:33:54 | 000,030,432 | ---- | M] (AVG Technologies CZ, s.r.o.) (Avgfwdx) Avgfwdx [Kernel | On_Demand | Running] -> C:\WINDOWS\system32\drivers\avgfwdx.sys -> [2010/07/12 04:33:54 | 000,030,432 | ---- | M] (AVG Technologies CZ, s.r.o.) (nvnetbus) NVIDIA Network Bus Enumerator [Kernel | On_Demand | Running] -> C:\WINDOWS\system32\drivers\nvnetbus.sys -> [2007/09/20 16:37:40 | 000,022,016 | R--- | M] (NVIDIA Corporation) (NVENETFD) NVIDIA nForce Networking Controller Driver [Kernel | On_Demand | Running] -> C:\WINDOWS\system32\drivers\NVENETFD.sys -> [2007/09/20 16:37:38 | 000,053,632 | R--- | M] (NVIDIA Corporation) (IntcAzAudAddService) Service for Realtek HD Audio (WDM) [Kernel | On_Demand | Running] -> C:\WINDOWS\system32\drivers\RtkHDAud.sys -> [2007/05/10 15:58:08 | 004,419,584 | R--- | M] (Realtek Semiconductor Corp.) (CCCP106) CIF USB Camera (2110A) [Kernel | On_Demand | Stopped] -> C:\WINDOWS\system32\drivers\cccp106.sys -> [2003/04/09 11:17:14 | 000,227,200 | ---- | M] () [Registry - Safe List] < Internet Explorer Settings [HKEY_LOCAL_MACHINE\] > -> -> < Internet Explorer Settings [HKEY_USERS\.DEFAULT\] > -> -> HKEY_USERS\.DEFAULT\: "ProxyEnable" -> 0 -> < Internet Explorer Settings [HKEY_USERS\S-1-5-18\] > -> -> HKEY_USERS\S-1-5-18\: "ProxyEnable" -> 0 -> < Internet Explorer Settings [HKEY_USERS\S-1-5-19\] > -> -> < Internet Explorer Settings [HKEY_USERS\S-1-5-20\] > -> -> < Internet Explorer Settings [HKEY_USERS\S-1-5-21-1757981266-861567501-1606980848-1003\] > -> -> HKEY_USERS\S-1-5-21-1757981266-861567501-1606980848-1003\: Main\\"Start Page" -> http://www.google.co.in/ -> HKEY_USERS\S-1-5-21-1757981266-861567501-1606980848-1003\: SearchURL\\"" -> http://www.google.com/search/?q=%s -> HKEY_USERS\S-1-5-21-1757981266-861567501-1606980848-1003\: "ProxyEnable" -> 0 -> < FireFox Settings [Prefs.js] > -> C:\Documents and Settings\NEVILLE\Application Data\Mozilla\FireFox\Profiles\98oqxj7j.default\prefs.js -> browser.startup.homepage -> "http://www.google.co.in/" -> < FireFox Extensions [HKLM] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Mozilla HKLM\software\mozilla\Firefox\Extensions -> -> HKLM\software\mozilla\Firefox\Extensions\\{1E73965B-8B48-48be-9C8D-68B920ABC1C4} -> C:\PROGRAM FILES\AVG\AVG10\FIREFOX4\ [C:\PROGRAM FILES\AVG\AVG10\FIREFOX4\] -> [2011/07/12 17:26:52 | 000,000,000 | ---D | M] HKLM\software\mozilla\Mozilla Firefox 5.0.1\extensions -> -> HKLM\software\mozilla\Mozilla Firefox 5.0.1\extensions\\Components -> C:\Program Files\Mozilla Firefox\components [C:\PROGRAM FILES\MOZILLA FIREFOX\COMPONENTS] -> [2011/07/30 07:59:52 | 000,000,000 | ---D | M] HKLM\software\mozilla\Mozilla Firefox 5.0.1\extensions\\Plugins -> C:\Program Files\Mozilla Firefox\plugins [C:\PROGRAM FILES\MOZILLA FIREFOX\PLUGINS] -> [2011/07/31 02:26:09 | 000,000,000 | ---D | M] < FireFox Extensions [User Folders] > -> -> C:\Documents and Settings\NEVILLE\Application Data\Mozilla\Extensions -> [2011/07/30 08:00:00 | 000,000,000 | ---D | M] -> C:\Documents and Settings\NEVILLE\Application Data\Mozilla\Firefox\Profiles\98oqxj7j.default\extensions -> [2011/07/30 09:57:21 | 000,000,000 | ---D | M] Qualys BrowserCheck -> C:\Documents and Settings\NEVILLE\Application Data\Mozilla\Firefox\Profiles\98oqxj7j.default\extensions\{7D2FB79E-E58C-4DB5-A36F-AC1C73967F4D} -> [2011/07/30 09:57:21 | 000,000,000 | ---D | M] < FireFox Extensions [Program Folders] > -> -> C:\Program Files\Mozilla Firefox\extensions -> [2011/07/31 05:18:15 | 000,000,000 | ---D | M] Java Console -> C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA} -> [2011/06/17 04:47:26 | 000,000,000 | ---D | M] No name found -> -> File not found No name found -> C:\DOCUMENTS AND SETTINGS\NEVILLE\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\98OQXJ7J.DEFAULT\EXTENSIONS\{73A6FE31-595D-460B-A920-FCC0F8843232}.XPI -> () No name found -> C:\DOCUMENTS AND SETTINGS\NEVILLE\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\98OQXJ7J.DEFAULT\EXTENSIONS\{B9615918-D3DE-44A4-AB65-76DF7EA1F1C1}.XPI -> () No name found -> C:\DOCUMENTS AND SETTINGS\NEVILLE\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\98OQXJ7J.DEFAULT\EXTENSIONS\{D10D0BF8-F5B5-C8B4-A8B2-2B9879E08C5D}.XPI -> () < HOSTS File > ([2011/07/31 03:03:41 | 000,000,027 | R--- | M] - 1 lines) -> C:\WINDOWS\system32\drivers\etc\hosts -> Reset Hosts 127.0.0.1 localhost < BHO's [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\ -> {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} [HKLM] -> C:\Program Files\AVG\AVG10\avgssie.dll [AVG Safe Search] -> [2011/07/08 22:26:40 | 002,274,144 | ---- | M] (AVG Technologies CZ, s.r.o.) < Run [HKEY_LOCAL_MACHINE\] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run -> "AVG_TRAY" -> C:\Program Files\AVG\AVG10\avgtray.exe [C:\Program Files\AVG\AVG10\avgtray.exe] -> [2011/04/18 17:40:08 | 002,334,560 | ---- | M] (AVG Technologies CZ, s.r.o.) "KernelFaultCheck" -> [%systemroot%\system32\dumprep 0 -k] -> File not found "WinPatrol" -> C:\Program Files\BillP Studios\WinPatrol\winpatrol.exe [C:\Program Files\BillP Studios\WinPatrol\winpatrol.exe -expressboot] -> [2011/05/16 01:23:20 | 000,325,512 | ---- | M] (BillP Studios) < Run [HKEY_USERS\S-1-5-21-1757981266-861567501-1606980848-1003\] > -> HKEY_USERS\S-1-5-21-1757981266-861567501-1606980848-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\Run -> "RamBooster" -> C:\Program Files\RamBooster 2.0\Rambooster.exe [C:\Program Files\RamBooster 2.0\Rambooster.exe] -> [2005/11/17 07:32:54 | 000,561,664 | ---- | M] (J.Pajula) < All Users Startup Folder > -> C:\Documents and Settings\All Users\Start Menu\Programs\Startup -> < Default User Startup Folder > -> C:\Documents and Settings\Default User\Start Menu\Programs\Startup -> < NEVILLE Startup Folder > -> C:\Documents and Settings\NEVILLE\Start Menu\Programs\Startup -> C:\Documents and Settings\NEVILLE\Start Menu\Programs\Startup\PowerMenu.lnk -> C:\Program Files\PowerMenu\PowerMenu.exe -> [2002/12/20 04:47:56 | 000,057,344 | ---- | M] (Thong Nguyen) < postgres Startup Folder > -> C:\Documents and Settings\postgres\Start Menu\Programs\Startup -> < Software Policy Settings [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Internet Explorer -> < Software Policy Settings [HKEY_USERS\S-1-5-21-1757981266-861567501-1606980848-1003] > -> HKEY_USERS\S-1-5-21-1757981266-861567501-1606980848-1003\SOFTWARE\Policies\Microsoft\Internet Explorer -> < CurrentVersion Policy Settings - Explorer [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer \\"HonorAutoRunSetting" -> [1] -> File not found \\"NoDriveAutoRun" -> [67108863] -> File not found \\"NoDriveTypeAutoRun" -> [323] -> File not found \\"NoDrives" -> [0] -> File not found < CurrentVersion Policy Settings - System [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System < CurrentVersion Policy Settings [HKEY_USERS\.DEFAULT] > -> HKEY_USERS\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer -> HKEY_USERS\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer \\"NoDriveTypeAutoRun" -> [323] -> File not found \\"NoDriveAutoRun" -> [67108863] -> File not found < CurrentVersion Policy Settings [HKEY_USERS\.DEFAULT] > -> HKEY_USERS\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System -> < CurrentVersion Policy Settings [HKEY_USERS\S-1-5-18] > -> HKEY_USERS\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer -> HKEY_USERS\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer \\"NoDriveTypeAutoRun" -> [323] -> File not found \\"NoDriveAutoRun" -> [67108863] -> File not found < CurrentVersion Policy Settings [HKEY_USERS\S-1-5-18] > -> HKEY_USERS\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System -> < CurrentVersion Policy Settings [HKEY_USERS\S-1-5-19] > -> HKEY_USERS\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer -> HKEY_USERS\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer \\"NoDriveTypeAutoRun" -> [145] -> File not found < CurrentVersion Policy Settings [HKEY_USERS\S-1-5-20] > -> HKEY_USERS\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer -> HKEY_USERS\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer \\"NoDriveTypeAutoRun" -> [145] -> File not found < CurrentVersion Policy Settings [HKEY_USERS\S-1-5-21-1757981266-861567501-1606980848-1003] > -> HKEY_USERS\S-1-5-21-1757981266-861567501-1606980848-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer -> HKEY_USERS\S-1-5-21-1757981266-861567501-1606980848-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer \\"NoDriveTypeAutoRun" -> [323] -> File not found \\"NoDrives" -> [0] -> File not found \\"NoLogoff" -> [0] -> File not found \\"NoDriveAutoRun" -> [67108863] -> File not found < CurrentVersion Policy Settings [HKEY_USERS\S-1-5-21-1757981266-861567501-1606980848-1003] > -> HKEY_USERS\S-1-5-21-1757981266-861567501-1606980848-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System -> < Internet Explorer Menu Extensions [HKEY_USERS\S-1-5-19\] > -> HKEY_USERS\S-1-5-19\Software\Microsoft\Internet Explorer\MenuExt\ -> Add to Google Photos Screensa&ver -> C:\WINDOWS\System32\GPhotos.scr [res://C:\WINDOWS\system32\GPhotos.scr/200] -> [2011/04/14 04:10:10 | 004,284,416 | ---- | M] (Google Inc.) < Internet Explorer Menu Extensions [HKEY_USERS\S-1-5-20\] > -> HKEY_USERS\S-1-5-20\Software\Microsoft\Internet Explorer\MenuExt\ -> Add to Google Photos Screensa&ver -> C:\WINDOWS\System32\GPhotos.scr [res://C:\WINDOWS\system32\GPhotos.scr/200] -> [2011/04/14 04:10:10 | 004,284,416 | ---- | M] (Google Inc.) < Internet Explorer Menu Extensions [HKEY_USERS\S-1-5-21-1757981266-861567501-1606980848-1003\] > -> HKEY_USERS\S-1-5-21-1757981266-861567501-1606980848-1003\Software\Microsoft\Internet Explorer\MenuExt\ -> Add to Google Photos Screensa&ver -> C:\WINDOWS\System32\GPhotos.scr [res://C:\WINDOWS\system32\GPhotos.scr/200] -> [2011/04/14 04:10:10 | 004,284,416 | ---- | M] (Google Inc.) < Internet Explorer Extensions [HKEY_USERS\.DEFAULT\] > -> HKEY_USERS\.DEFAULT\Software\Microsoft\Internet Explorer\Extensions\ -> CmdMapping\\"{FB5F1910-F110-11d2-BB9E-00C04F795683}" [HKLM] -> [Reg Error: Key error.] -> File not found < Internet Explorer Extensions [HKEY_USERS\S-1-5-18\] > -> HKEY_USERS\S-1-5-18\Software\Microsoft\Internet Explorer\Extensions\ -> CmdMapping\\"{FB5F1910-F110-11d2-BB9E-00C04F795683}" [HKLM] -> [Reg Error: Key error.] -> File not found < Internet Explorer Extensions [HKEY_USERS\S-1-5-21-1757981266-861567501-1606980848-1003\] > -> HKEY_USERS\S-1-5-21-1757981266-861567501-1606980848-1003\Software\Microsoft\Internet Explorer\Extensions\ -> {1FBA04EE-3024-11d2-8F1F-0000F87ABD16}\\"ButtonText" [HKLM] -> [Reg Error: Key error.] -> File not found {1FBA04EE-3024-11d2-8F1F-0000F87ABD16}\\"CLSID" [HKLM] -> [{0000031A-0000-0000-C000-000000000046}] -> File not found {1FBA04EE-3024-11d2-8F1F-0000F87ABD16}\\"Default Visible" [HKLM] -> [Reg Error: Key error.] -> File not found {1FBA04EE-3024-11d2-8F1F-0000F87ABD16}\\"Exec" [HKLM] -> [Reg Error: Key error.] -> File not found {1FBA04EE-3024-11d2-8F1F-0000F87ABD16}\\"HotIcon" [HKLM] -> [Reg Error: Key error.] -> File not found {1FBA04EE-3024-11d2-8F1F-0000F87ABD16}\\"Icon" [HKLM] -> [Reg Error: Key error.] -> File not found {1FBA04EE-3024-11d2-8F1F-0000F87ABD16}\\"MenuStatusBar" [HKLM] -> [Reg Error: Key error.] -> File not found {1FBA04EE-3024-11d2-8F1F-0000F87ABD16}\\"MenuText" [HKLM] -> [Reg Error: Key error.] -> File not found CmdMapping\\"{FB5F1910-F110-11d2-BB9E-00C04F795683}" [HKLM] -> [Reg Error: Key error.] -> File not found < Internet Explorer Plugins [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Plugins\ -> < Default Prefix > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\URL\DefaultPrefix "" -> http:// < Trusted Sites Domains [HKEY_LOCAL_MACHINE\] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ -> [Key] 1 domain(s) found. -> < Trusted Sites Ranges [HKEY_LOCAL_MACHINE\] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ -> [Key] 0 range(s) found. -> < Trusted Sites Domains [HKEY_USERS\.DEFAULT\] > -> HKEY_USERS\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ -> HKEY_USERS\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ -> [Key] 0 domain(s) found. -> < Trusted Sites Ranges [HKEY_USERS\.DEFAULT\] > -> HKEY_USERS\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ -> HKEY_USERS\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ -> [Key] 0 range(s) found. -> < Trusted Sites Domains [HKEY_USERS\S-1-5-18\] > -> HKEY_USERS\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ -> HKEY_USERS\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ -> [Key] 0 domain(s) found. -> < Trusted Sites Ranges [HKEY_USERS\S-1-5-18\] > -> HKEY_USERS\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ -> HKEY_USERS\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ -> [Key] 0 range(s) found. -> < Trusted Sites Domains [HKEY_USERS\S-1-5-19\] > -> HKEY_USERS\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ -> HKEY_USERS\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ -> [Key] 0 domain(s) found. -> < Trusted Sites Ranges [HKEY_USERS\S-1-5-19\] > -> HKEY_USERS\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ -> HKEY_USERS\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ -> [Key] 0 range(s) found. -> < Trusted Sites Domains [HKEY_USERS\S-1-5-20\] > -> HKEY_USERS\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ -> HKEY_USERS\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ -> [Key] 0 domain(s) found. -> < Trusted Sites Ranges [HKEY_USERS\S-1-5-20\] > -> HKEY_USERS\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ -> HKEY_USERS\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ -> [Key] 0 range(s) found. -> < Trusted Sites Domains [HKEY_USERS\S-1-5-21-1757981266-861567501-1606980848-1003\] > -> HKEY_USERS\S-1-5-21-1757981266-861567501-1606980848-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ -> HKEY_USERS\S-1-5-21-1757981266-861567501-1606980848-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ -> [Key] 4948 domain(s) found. -> < Trusted Sites Ranges [HKEY_USERS\S-1-5-21-1757981266-861567501-1606980848-1003\] > -> HKEY_USERS\S-1-5-21-1757981266-861567501-1606980848-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ -> HKEY_USERS\S-1-5-21-1757981266-861567501-1606980848-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ -> [Key] 0 range(s) found. -> < Downloaded Program Files > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\ -> {7530BFB8-7293-4D34-9923-61A11451AFC5} [HKLM] -> http://download.eset.com/special/eos/OnlineScanner.cab [Reg Error: Key error.] -> {7D2FB79E-E58C-4DB5-A36F-AC1C73967F4D} [HKLM] -> https://browsercheck.qualys.com/qbc_ax.cab [Qualys BrowserCheck] -> {8AD9C840-044E-11D1-B3E9-00805F499D93} [HKLM] -> http://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab [Java Plug-in 1.6.0_26] -> {CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA} [HKLM] -> http://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab [Java Plug-in 1.6.0_26] -> {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} [HKLM] -> http://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab [Java Plug-in 1.6.0_26] -> < Name Servers [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters\Adapters\ -> {F3F4529B-486A-495D-9B36-F1BDE61424DD}\\NameServer -> 59.185.0.50,59.185.0.23 (NVIDIA nForce Networking Controller) -> < Winlogon settings [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon -> *Shell* -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\\Shell -> Explorer.exe -> C:\WINDOWS\explorer.exe -> [2008/04/14 11:12:20 | 001,033,728 | ---- | M] (Microsoft Corporation) *MultiFile Done* -> -> < Domain Profile Authorized Applications List > -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List -> < Standard Profile Authorized Applications List > -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List -> "C:\Program Files\AIM\aim.exe" -> C:\Program Files\AIM\aim.exe [C:\Program Files\AIM\aim.exe:*:Enabled:AIM] -> [2011/05/03 21:13:14 | 004,321,112 | ---- | M] (AOL Inc.) "C:\Program Files\AVG\AVG10\avgam.exe" -> C:\Program Files\AVG\AVG10\avgam.exe [C:\Program Files\AVG\AVG10\avgam.exe:*:Enabled:AVG Alert manager] -> [2011/02/08 05:32:42 | 000,750,432 | ---- | M] (AVG Technologies CZ, s.r.o.) "C:\Program Files\AVG\AVG10\avgdiagex.exe" -> C:\Program Files\AVG\AVG10\avgdiagex.exe [C:\Program Files\AVG\AVG10\avgdiagex.exe:*:Enabled:AVG Diagnostics 2011] -> [2011/04/13 05:39:04 | 003,832,672 | ---- | M] (AVG Technologies CZ, s.r.o.) "C:\Program Files\AVG\AVG10\avgemcx.exe" -> C:\Program Files\AVG\AVG10\avgemcx.exe [C:\Program Files\AVG\AVG10\avgemcx.exe:*:Enabled:Personal E-mail Scanner] -> [2011/03/16 16:05:20 | 001,025,888 | ---- | M] (AVG Technologies CZ, s.r.o.) "C:\Program Files\AVG\AVG10\avgmfapx.exe" -> C:\Program Files\AVG\AVG10\avgmfapx.exe [C:\Program Files\AVG\AVG10\avgmfapx.exe:*:Enabled:AVG Installer] -> [2011/06/24 13:21:48 | 004,358,496 | ---- | M] (AVG Technologies CZ, s.r.o.) "C:\Program Files\AVG\AVG10\avgnsx.exe" -> C:\Program Files\AVG\AVG10\avgnsx.exe [C:\Program Files\AVG\AVG10\avgnsx.exe:*:Enabled:Online Shield] -> [2011/04/14 05:36:42 | 001,080,672 | ---- | M] (AVG Technologies CZ, s.r.o.) "C:\Program Files\BitTorrent\BitTorrent.exe" -> C:\Program Files\BitTorrent\BitTorrent.exe [C:\Program Files\BitTorrent\BitTorrent.exe:*:Enabled:BitTorrent] -> [2011/05/15 02:48:15 | 004,769,136 | ---- | M] (BitTorrent, Inc.) "C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe" -> C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe [C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe:*:Enabled:Yahoo! Messenger] -> [2011/06/16 07:55:12 | 006,276,408 | ---- | M] (Yahoo! Inc.) < SafeBoot AlternateShell [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot -> < CDROM Autorun Setting [HKEY_LOCAL_MACHINE]> -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Cdrom -> "AutoRun" -> 1 -> "DisplayName" -> CD-ROM Driver -> "ImagePath" -> [system32\DRIVERS\cdrom.sys] -> File not found < Drives with AutoRun files > -> -> C:\AUTOEXEC.BAT [] -> C:\AUTOEXEC.BAT [ NTFS ] -> [2011/05/15 02:12:53 | 000,000,000 | ---- | M] () < MountPoints2 [HKEY_CURRENT_USER] > -> HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2 -> < Registry Shell Spawning - Select to Repair > -> HKEY_LOCAL_MACHINE\SOFTWARE\Classes\\shell\[command]\command -> comfile [open] -> "%1" %* -> exefile [open] -> "%1" %* -> < File Associations - Select to Repair > -> HKEY_LOCAL_MACHINE\SOFTWARE\Classes\\ -> .com [@ = ComFile] -> "%1" %* -> .exe [@ = exefile] -> "%1" %* -> [Registry - Additional Scans - Safe List] < Disabled MSConfig Registry Items [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\ -> Google Desktop Search hkey=HKLM key=SOFTWARE\Microsoft\Windows\CurrentVersion\Run -> -> File not found RTHDCPL hkey=HKLM key=SOFTWARE\Microsoft\Windows\CurrentVersion\Run -> C:\WINDOWS\RTHDCPL.exe -> [2007/05/10 15:38:06 | 016,342,528 | R--- | M] (Realtek Semiconductor Corp.) < Disabled MSConfig State [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\state -> "bootini" -> 0 -> "services" -> 0 -> "startup" -> 2 -> "system.ini" -> 0 -> "win.ini" -> 0 -> < Drivers32 [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32 -> "msacm.iac2" -> C:\WINDOWS\system32\iac25_32.ax [C:\WINDOWS\system32\iac25_32.ax] -> [2008/04/14 11:12:44 | 000,199,680 | ---- | M] (Intel Corporation) "msacm.l3acm" -> C:\WINDOWS\System32\l3codeca.acm [l3codeca.acm] -> [2010/01/29 20:13:39 | 000,307,260 | ---- | M] (Fraunhofer Institut Integrierte Schaltungen IIS) "msacm.sl_anet" -> C:\WINDOWS\System32\sl_anet.acm [sl_anet.acm] -> [2008/04/14 11:10:52 | 000,086,016 | ---- | M] (Sipro Lab Telecom Inc.) "msacm.trspch" -> C:\WINDOWS\System32\tssoft32.acm [tssoft32.acm] -> [2001/08/23 17:30:00 | 000,008,192 | ---- | M] (DSP GROUP, INC.) "MSVideo8" -> C:\WINDOWS\System32\vfwwdm32.dll [VfWWDM32.dll] -> [2008/04/14 05:42:10 | 000,053,760 | ---- | M] (Microsoft Corporation) "vidc.cvid" -> C:\WINDOWS\System32\iccvid.dll [iccvid.dll] -> [2010/06/17 19:33:00 | 000,080,384 | ---- | M] (Radius Inc.) "vidc.iv31" -> C:\WINDOWS\System32\ir32_32.dll [ir32_32.dll] -> [2001/08/23 17:30:00 | 000,199,168 | ---- | M] () "vidc.iv32" -> C:\WINDOWS\System32\ir32_32.dll [ir32_32.dll] -> [2001/08/23 17:30:00 | 000,199,168 | ---- | M] () "vidc.iv41" -> C:\WINDOWS\System32\ir41_32.ax [ir41_32.ax] -> [2008/04/14 11:12:44 | 000,848,384 | ---- | M] (Intel Corporation) "vidc.iv50" -> C:\WINDOWS\System32\ir50_32.dll [ir50_32.dll] -> [2008/04/14 11:11:56 | 000,755,200 | ---- | M] (Intel Corporation) "vidc.XVID" -> [xvidvfw.dll] -> File not found < HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost > -> -> *netsvcs* -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\\netsvcs -> 6to4 -> -> File not found HidServ -> -> File not found Ias -> -> File not found Iprip -> -> File not found Irmon -> -> File not found NWCWorkstation -> -> File not found Nwsapagent -> -> File not found WmdmPmSp -> -> File not found *MultiFile Done* -> -> < SafeBoot-Minimal Settings > -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\ -> {36FC9E60-C465-11CF-8056-444553540000} -> Universal Serial Bus controllers {4D36E965-E325-11CE-BFC1-08002BE10318} -> CD-ROM Drive {4D36E967-E325-11CE-BFC1-08002BE10318} -> DiskDrive {4D36E969-E325-11CE-BFC1-08002BE10318} -> Standard floppy disk controller {4D36E96A-E325-11CE-BFC1-08002BE10318} -> Hdc {4D36E96B-E325-11CE-BFC1-08002BE10318} -> Keyboard {4D36E96F-E325-11CE-BFC1-08002BE10318} -> Mouse {4D36E977-E325-11CE-BFC1-08002BE10318} -> PCMCIA Adapters {4D36E97B-E325-11CE-BFC1-08002BE10318} -> SCSIAdapter {4D36E97D-E325-11CE-BFC1-08002BE10318} -> System {4D36E980-E325-11CE-BFC1-08002BE10318} -> Floppy disk drive {71A27CDD-812A-11D0-BEC7-08002BE2092F} -> Volume {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} -> Human Interface Devices Base -> Driver Group Boot Bus Extender -> Driver Group Boot file system -> Driver Group File system -> Driver Group Filter -> Driver Group PCI Configuration -> Driver Group PNP Filter -> Driver Group Primary disk -> Driver Group SCSI Class -> Driver Group sermouse.sys -> Driver System Bus Extender -> Driver Group vga.sys -> Driver < Registry Shell Spawning - Select to Repair > -> HKEY_LOCAL_MACHINE\SOFTWARE\Classes\\shell\[command]\command -> batfile [open] -> "%1" %* -> cmdfile [open] -> "%1" %* -> comfile [open] -> "%1" %* -> cplfile [cplopen] -> rundll32.exe shell32.dll,Control_RunDLL "%1",%* -> exefile [open] -> "%1" %* -> piffile [open] -> "%1" %* -> scrfile [config] -> "%1" -> scrfile [install] -> rundll32.exe desk.cpl,InstallScreenSaver %l -> scrfile [open] -> "%1" /S -> Unknown [openas] -> %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1 -> Directory [AddToPlaylistVLC] -> "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" -> [2011/06/06 05:56:40 | 000,108,032 | ---- | M] () Directory [find] -> %SystemRoot%\Explorer.exe -> [2008/04/14 11:12:20 | 001,033,728 | ---- | M] (Microsoft Corporation) Directory [PlayWithVLC] -> "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" -> [2011/06/06 05:56:40 | 000,108,032 | ---- | M] () Folder [open] -> %SystemRoot%\Explorer.exe /idlist,%I,%L -> [2008/04/14 11:12:20 | 001,033,728 | ---- | M] (Microsoft Corporation) Folder [explore] -> %SystemRoot%\Explorer.exe /e,/idlist,%I,%L -> [2008/04/14 11:12:20 | 001,033,728 | ---- | M] (Microsoft Corporation) Drive [find] -> %SystemRoot%\Explorer.exe -> [2008/04/14 11:12:20 | 001,033,728 | ---- | M] (Microsoft Corporation) < EventViewer Logs - Last 10 Errors > -> Event Information -> Description Application [ Error ] 7/30/2011 3:58:57 AM Computer Name = NEVILLE-F5FFDC7 | Source = PostgreSQL | ID = 0 -> Description = 2011-07-30 13:28:57 ISTERROR: duplicate key value violates unique constraint "uniqueserial" 2011-07-30 13:28:57 ISTSTATEMENT: EXECUTE PKHEXECUTE(504671292,5,to_timestamp('07/29/2011 20:27:27','MM/DD/YYYY HH24:MI:SS'),4314,25,2,0,0,0,0,4,0,0,0,0,0,800,0,800,0,0,0,-1,-1,-1,-1,-1,False,-1,0,0,0,-1,-1,-1,-1,0,-1,0); select currval('pokerhands_pokerhand_id_seq') Application [ Error ] 7/30/2011 3:58:57 AM Computer Name = NEVILLE-F5FFDC7 | Source = PostgreSQL | ID = 0 -> Description = 2011-07-30 13:28:57 ISTERROR: duplicate key value violates unique constraint "uniqueserial" 2011-07-30 13:28:57 ISTSTATEMENT: EXECUTE PKHEXECUTE(504671336,5,to_timestamp('07/29/2011 20:27:37','MM/DD/YYYY HH24:MI:SS'),4314,25,2,0,0,0,0,6,0,0,0,0,0,2400,0,2400,0,0,0,-1,-1,-1,-1,-1,False,-1,0,0,0,-1,-1,-1,-1,0,1,0); select currval('pokerhands_pokerhand_id_seq') Application [ Error ] 7/30/2011 3:58:57 AM Computer Name = NEVILLE-F5FFDC7 | Source = PostgreSQL | ID = 0 -> Description = 2011-07-30 13:28:57 ISTERROR: duplicate key value violates unique constraint "uniqueserial" 2011-07-30 13:28:57 ISTSTATEMENT: EXECUTE PKHEXECUTE(504671406,5,to_timestamp('07/29/2011 20:27:51','MM/DD/YYYY HH24:MI:SS'),4314,25,2,0,0,0,0,4,0,0,0,0,0,800,0,800,0,0,0,-1,-1,-1,-1,-1,False,-1,0,0,0,-1,-1,-1,-1,0,-1,0); select currval('pokerhands_pokerhand_id_seq') Application [ Error ] 7/30/2011 3:58:57 AM Computer Name = NEVILLE-F5FFDC7 | Source = PostgreSQL | ID = 0 -> Description = 2011-07-30 13:28:57 ISTERROR: duplicate key value violates unique constraint "uniqueserial" 2011-07-30 13:28:57 ISTSTATEMENT: EXECUTE PKHEXECUTE(504671466,5,to_timestamp('07/29/2011 20:28:02','MM/DD/YYYY HH24:MI:SS'),4314,25,2,2,2,2,2,6,11,50,26,3,29,2400,50,2400,2400,2400,2400,32,32,49,1,2,False,2,0,0,0,13,13,13,-1,0,-1,0); select currval('pokerhands_pokerhand_id_seq') Application [ Error ] 7/30/2011 3:58:57 AM Computer Name = NEVILLE-F5FFDC7 | Source = PostgreSQL | ID = 0 -> Description = 2011-07-30 13:28:57 ISTERROR: duplicate key value violates unique constraint "uniqueserial" 2011-07-30 13:28:57 ISTSTATEMENT: EXECUTE PKHEXECUTE(504671549,5,to_timestamp('07/29/2011 20:28:19','MM/DD/YYYY HH24:MI:SS'),4314,25,2,2,2,0,0,4,39,16,35,27,0,2400,50,800,2400,0,0,0,0,-1,2,3,False,-1,0,0,0,13,14,-1,0,-1,-1,0); select currval('pokerhands_pokerhand_id_seq') Application [ Error ] 7/30/2011 3:58:57 AM Computer Name = NEVILLE-F5FFDC7 | Source = PostgreSQL | ID = 0 -> Description = 2011-07-30 13:28:57 ISTERROR: duplicate key value violates unique constraint "uniqueserial" 2011-07-30 13:28:57 ISTSTATEMENT: EXECUTE PKHEXECUTE(504671661,5,to_timestamp('07/29/2011 20:28:42','MM/DD/YYYY HH24:MI:SS'),4314,25,2,2,2,2,2,6,44,34,18,3,51,800,40,800,800,800,800,32,32,32,1,1,False,2,0,0,0,8,8,12,0,-1,-1,0); select currval('pokerhands_pokerhand_id_seq') Application [ Error ] 7/30/2011 3:59:03 AM Computer Name = NEVILLE-F5FFDC7 | Source = PostgreSQL | ID = 0 -> Description = 2011-07-30 13:29:03 ISTERROR: smallint out of range 2011-07-30 13:29:03 ISTSTATEMENT: EXECUTE PKHEXECUTE(2216480234,7,to_timestamp('07/30/2011 12:22:54','MM/DD/YYYY HH24:MI:SS'),4173,1,2,2,2,2,2,993082171,21,25,19,33,31,1600,80,200,400,800,1600,0,0,0,3,3,False,3,0,0,0,12,12,12,0,-1,-1,0); select currval('pokerhands_pokerhand_id_seq') Application [ Error ] 7/30/2011 4:21:17 PM Computer Name = NEVILLE-F5FFDC7 | Source = Application Hang | ID = 1002 -> Description = Hanging application Au_.exe, version 2.7.37.0, hang module hungapp, version 0.0.0.0, hang address 0x00000000. Application [ Error ] 7/30/2011 4:21:17 PM Computer Name = NEVILLE-F5FFDC7 | Source = Application Hang | ID = 1002 -> Description = Hanging application Au_.exe, version 2.7.37.0, hang module hungapp, version 0.0.0.0, hang address 0x00000000. Application [ Error ] 7/30/2011 5:35:51 PM Computer Name = NEVILLE-F5FFDC7 | Source = Application Error | ID = 1000 -> Description = Faulting application teatimer.exe, version 1.6.6.32, faulting module kernel32.dll, version 5.1.2600.5781, fault address 0x00012afb. System [ Error ] 7/6/2011 8:47:59 AM Computer Name = NEVILLE-F5FFDC7 | Source = Dhcp | ID = 1002 -> Description = The IP address lease 27.4.83.99 for the Network Card with network address 001B2207096F has been denied by the DHCP server 192.168.1.1 (The DHCP Server sent a DHCPNACK message). System [ Error ] 7/6/2011 10:13:26 AM Computer Name = NEVILLE-F5FFDC7 | Source = Dhcp | ID = 1002 -> Description = The IP address lease 192.168.1.2 for the Network Card with network address 001B2207096F has been denied by the DHCP server 202.88.130.40 (The DHCP Server sent a DHCPNACK message). System [ Error ] 7/6/2011 10:33:55 AM Computer Name = NEVILLE-F5FFDC7 | Source = Dhcp | ID = 1002 -> Description = The IP address lease 27.4.83.99 for the Network Card with network address 001B2207096F has been denied by the DHCP server 192.168.1.1 (The DHCP Server sent a DHCPNACK message). System [ Error ] 7/8/2011 8:51:12 AM Computer Name = NEVILLE-F5FFDC7 | Source = Dhcp | ID = 1002 -> Description = The IP address lease 192.168.1.2 for the Network Card with network address 001B2207096F has been denied by the DHCP server 202.88.130.40 (The DHCP Server sent a DHCPNACK message). [Files/Folders - Created Within 30 Days] OTS.exe -> C:\Documents and Settings\NEVILLE\Desktop\OTS.exe -> [2011/07/31 18:05:42 | 000,645,120 | ---- | C] (OldTimer Tools) Recent -> C:\Documents and Settings\NEVILLE\Recent -> [2011/07/31 05:49:46 | 000,000,000 | RH-D | C] 26173193.sys -> C:\WINDOWS\System32\drivers\26173193.sys -> [2011/07/31 05:46:07 | 000,133,208 | ---- | C] (Kaspersky Lab ZAO) 28530074.sys -> C:\WINDOWS\System32\drivers\28530074.sys -> [2011/07/31 05:36:54 | 000,133,208 | ---- | C] (Kaspersky Lab ZAO) Minidump -> C:\WINDOWS\Minidump -> [2011/07/31 05:35:44 | 000,000,000 | ---D | C] 79037428.sys -> C:\WINDOWS\System32\drivers\79037428.sys -> [2011/07/31 05:34:54 | 000,133,208 | ---- | C] (Kaspersky Lab ZAO) SBREDrv.sys -> C:\WINDOWS\System32\drivers\SBREDrv.sys -> [2011/07/31 03:19:10 | 000,101,720 | ---- | C] (Sunbelt Software) Lavasoft -> C:\Documents and Settings\All Users\Application Data\Lavasoft -> [2011/07/31 03:17:42 | 000,000,000 | ---D | C] TEMP -> C:\Documents and Settings\All Users\Application Data\TEMP -> [2011/07/31 03:10:25 | 000,000,000 | ---D | C] MSSTDFMT.DLL -> C:\WINDOWS\System32\MSSTDFMT.DLL -> [2011/07/31 03:10:16 | 000,118,784 | ---- | C] (Microsoft Corporation) Spybot - Search & Destroy -> C:\Program Files\Spybot - Search & Destroy -> [2011/07/31 02:36:38 | 000,000,000 | ---D | C] Spybot - Search & Destroy -> C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy -> [2011/07/31 02:36:38 | 000,000,000 | ---D | C] SUPERAntiSpyware.com -> C:\Documents and Settings\All Users\Application Data\SUPERAntiSpyware.com -> [2011/07/31 01:59:31 | 000,000,000 | ---D | C] QuestScan -> C:\Program Files\QuestScan -> [2011/07/31 01:44:54 | 000,000,000 | ---D | C] QuestScan -> C:\Documents and Settings\All Users\Application Data\QuestScan -> [2011/07/31 01:44:54 | 000,000,000 | ---D | C] Xvid -> C:\Program Files\Xvid -> [2011/07/31 01:42:06 | 000,000,000 | ---D | C] ujmwmze2.sys -> C:\WINDOWS\System32\drivers\ujmwmze2.sys -> [2011/07/31 00:50:34 | 000,010,240 | ---- | C] (Zaitsev Oleg, 2006) Mozilla -> C:\Documents and Settings\NEVILLE\Application Data\Mozilla -> [2011/07/30 07:59:57 | 000,000,000 | ---D | C] FileHippo UpdateChecker.exe -> C:\Documents and Settings\NEVILLE\Start Menu\Programs\FileHippo UpdateChecker.exe -> [2011/07/30 00:40:50 | 000,248,832 | ---- | C] (FileHippo.com) DRVSTORE -> C:\WINDOWS\System32\DRVSTORE -> [2011/07/30 00:03:44 | 000,000,000 | ---D | C] IObit -> C:\Documents and Settings\NEVILLE\Application Data\IObit -> [2011/07/29 23:01:33 | 000,000,000 | ---D | C] Smart Defrag 2 -> C:\Documents and Settings\All Users\Start Menu\Programs\Smart Defrag 2 -> [2011/07/29 23:01:31 | 000,000,000 | ---D | C] IObit -> C:\Program Files\IObit -> [2011/07/29 23:01:29 | 000,000,000 | ---D | C] RECYCLER -> C:\RECYCLER -> [2011/07/29 22:57:20 | 000,000,000 | -HSD | C] temp -> C:\WINDOWS\temp -> [2011/07/29 22:30:17 | 000,000,000 | ---D | C] cmdcons -> C:\cmdcons -> [2011/07/29 22:22:29 | 000,000,000 | RHSD | C] SWREG.exe -> C:\WINDOWS\SWREG.exe -> [2011/07/29 22:19:35 | 000,518,144 | ---- | C] (SteelWerX) SWSC.exe -> C:\WINDOWS\SWSC.exe -> [2011/07/29 22:19:35 | 000,406,528 | ---- | C] (SteelWerX) SWXCACLS.exe -> C:\WINDOWS\SWXCACLS.exe -> [2011/07/29 22:19:35 | 000,212,480 | ---- | C] (SteelWerX) NIRCMD.exe -> C:\WINDOWS\NIRCMD.exe -> [2011/07/29 22:19:35 | 000,060,416 | ---- | C] (NirSoft) ERDNT -> C:\WINDOWS\ERDNT -> [2011/07/29 22:19:29 | 000,000,000 | ---D | C] Qoobox -> C:\Qoobox -> [2011/07/29 22:19:24 | 000,000,000 | ---D | C] Administrative Tools -> C:\Documents and Settings\NEVILLE\Start Menu\Programs\Administrative Tools -> [2011/07/29 22:19:22 | 000,000,000 | R--D | C] pss -> C:\WINDOWS\pss -> [2011/07/23 03:40:10 | 000,000,000 | ---D | C] MSCOMCTL.OCX -> C:\WINDOWS\System32\MSCOMCTL.OCX -> [2011/07/22 03:22:10 | 001,071,088 | ---- | C] (Microsoft Corporation) MSCOMCT2.OCX -> C:\WINDOWS\System32\MSCOMCT2.OCX -> [2011/07/22 03:14:11 | 000,647,872 | ---- | C] (Microsoft Corporation) Help -> C:\Documents and Settings\NEVILLE\Local Settings\Application Data\Help -> [2011/07/22 02:34:01 | 000,000,000 | ---D | C] Help -> C:\Documents and Settings\NEVILLE\Application Data\Help -> [2011/07/22 02:34:01 | 000,000,000 | ---D | C] RamBooster 2.0 -> C:\Program Files\RamBooster 2.0 -> [2011/07/22 02:30:06 | 000,000,000 | ---D | C] Google -> C:\Documents and Settings\NEVILLE\Application Data\Google -> [2011/07/20 17:33:52 | 000,000,000 | ---D | C] WMTools Downloaded Files -> C:\Documents and Settings\NEVILLE\Local Settings\Application Data\WMTools Downloaded Files -> [2011/07/20 17:09:48 | 000,000,000 | ---D | C] fdco1.dll -> C:\WINDOWS\System32\fdco1.dll -> [2011/07/05 20:15:21 | 000,195,072 | R--- | C] (NVIDIA Corporation) NVENETFD.sys -> C:\WINDOWS\System32\drivers\NVENETFD.sys -> [2011/07/05 20:15:20 | 000,053,632 | R--- | C] (NVIDIA Corporation) nvunrm.exe -> C:\WINDOWS\System32\nvunrm.exe -> [2011/07/05 20:15:18 | 000,356,352 | ---- | C] (NVIDIA Corporation) nvconrm.dll -> C:\WINDOWS\System32\nvconrm.dll -> [2011/07/05 20:14:48 | 000,037,376 | R--- | C] (NVIDIA Corporation) bdco1.dll -> C:\WINDOWS\System32\bdco1.dll -> [2011/07/05 20:14:48 | 000,009,216 | R--- | C] (NVIDIA Corporation) nvnrm.sys -> C:\WINDOWS\System32\drivers\nvnrm.sys -> [2011/07/05 20:14:47 | 000,888,064 | R--- | C] (NVIDIA Corporation) nvnetbus.sys -> C:\WINDOWS\System32\drivers\nvnetbus.sys -> [2011/07/05 20:14:47 | 000,022,016 | R--- | C] (NVIDIA Corporation) Alcmtr.exe -> C:\WINDOWS\Alcmtr.exe -> [2011/07/05 20:08:57 | 000,069,632 | R--- | C] (Realtek Semiconductor Corp.) 3 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> 1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> [Files/Folders - Modified Within 30 Days] incavi.avm -> C:\WINDOWS\System32\drivers\AVG\incavi.avm -> [2011/07/31 18:08:55 | 126,402,229 | ---- | M] () OTS.exe -> C:\Documents and Settings\NEVILLE\Desktop\OTS.exe -> [2011/07/31 18:05:50 | 000,645,120 | ---- | M] (OldTimer Tools) perfh009.dat -> C:\WINDOWS\System32\perfh009.dat -> [2011/07/31 13:36:17 | 000,493,384 | ---- | M] () perfc009.dat -> C:\WINDOWS\System32\perfc009.dat -> [2011/07/31 13:36:17 | 000,083,802 | ---- | M] () bootstat.dat -> C:\WINDOWS\bootstat.dat -> [2011/07/31 13:31:59 | 000,002,048 | --S- | M] () setup_11.0.0.1245.x01_2011_07_31_03_08.exe.part -> C:\Documents and Settings\NEVILLE\Desktop\setup_11.0.0.1245.x01_2011_07_31_03_08.exe.part -> [2011/07/31 06:24:56 | 055,895,658 | ---- | M] () Ad-Aware Update (Weekly).job -> C:\WINDOWS\tasks\Ad-Aware Update (Weekly).job -> [2011/07/31 05:47:33 | 000,000,486 | ---- | M] () SBREDrv.sys -> C:\WINDOWS\System32\drivers\SBREDrv.sys -> [2011/07/31 03:18:53 | 000,101,720 | ---- | M] (Sunbelt Software) hosts -> C:\WINDOWS\System32\drivers\etc\hosts -> [2011/07/31 03:03:41 | 000,000,027 | R--- | M] () wininit.ini -> C:\WINDOWS\wininit.ini -> [2011/07/31 02:56:31 | 000,000,139 | ---- | M] () Songs.lnk -> C:\Documents and Settings\NEVILLE\Desktop\Songs.lnk -> [2011/07/31 02:16:21 | 000,000,467 | ---- | M] () uzmwmze2.sys -> C:\WINDOWS\System32\drivers\uzmwmze2.sys -> [2011/07/31 00:50:34 | 000,011,264 | ---- | M] () ujmwmze2.sys -> C:\WINDOWS\System32\drivers\ujmwmze2.sys -> [2011/07/31 00:50:34 | 000,010,240 | ---- | M] (Zaitsev Oleg, 2006) 79037428.sys -> C:\WINDOWS\System32\drivers\79037428.sys -> [2011/07/30 13:26:28 | 000,133,208 | ---- | M] (Kaspersky Lab ZAO) 28530074.sys -> C:\WINDOWS\System32\drivers\28530074.sys -> [2011/07/30 13:26:28 | 000,133,208 | ---- | M] (Kaspersky Lab ZAO) 26173193.sys -> C:\WINDOWS\System32\drivers\26173193.sys -> [2011/07/30 13:26:28 | 000,133,208 | ---- | M] (Kaspersky Lab ZAO) 66011389.sys -> C:\WINDOWS\System32\drivers\66011389.sys -> [2011/07/30 13:26:28 | 000,133,208 | ---- | M] () Mozilla Firefox.lnk -> C:\Documents and Settings\NEVILLE\Application Data\Microsoft\Internet Explorer\Quick Launch\Mozilla Firefox.lnk -> [2011/07/30 07:59:54 | 000,000,742 | ---- | M] () iavifw.avm -> C:\WINDOWS\System32\drivers\AVG\iavifw.avm -> [2011/07/30 02:08:39 | 000,658,608 | ---- | M] () CCleaner.lnk -> C:\Documents and Settings\All Users\Desktop\CCleaner.lnk -> [2011/07/30 00:01:04 | 000,000,682 | ---- | M] () Smart Defrag 2.lnk -> C:\Documents and Settings\All Users\Desktop\Smart Defrag 2.lnk -> [2011/07/29 23:01:31 | 000,000,823 | ---- | M] () hosts.20110731-030341.backup -> C:\WINDOWS\System32\drivers\etc\hosts.20110731-030341.backup -> [2011/07/29 22:27:28 | 000,000,027 | ---- | M] () boot.ini -> C:\boot.ini -> [2011/07/29 22:22:35 | 000,000,327 | RHS- | M] () iavichjg.avm -> C:\WINDOWS\System32\drivers\AVG\iavichjg.avm -> [2011/07/25 02:08:31 | 000,104,642 | ---- | M] () Boot.bak -> C:\Boot.bak -> [2011/07/23 03:40:31 | 000,000,211 | ---- | M] () MSCOMCT2.OCX -> C:\WINDOWS\System32\MSCOMCT2.OCX -> [2011/07/22 03:14:20 | 000,647,872 | ---- | M] (Microsoft Corporation) Songs.lnk -> C:\Documents and Settings\NEVILLE\Application Data\Microsoft\Internet Explorer\Quick Launch\Songs.lnk -> [2011/07/21 04:04:03 | 000,001,251 | ---- | M] () PokerRatings.lnk -> C:\Documents and Settings\NEVILLE\Application Data\Microsoft\Internet Explorer\Quick Launch\PokerRatings.lnk -> [2011/07/21 00:03:31 | 000,001,611 | ---- | M] () DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini -> C:\Documents and Settings\NEVILLE\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini -> [2011/07/20 19:32:15 | 000,007,168 | ---- | M] () _vmtxp.ini -> C:\WINDOWS\_vmtxp.ini -> [2011/07/20 16:13:29 | 000,000,122 | ---- | M] () Names.lnk -> C:\Documents and Settings\NEVILLE\Application Data\Microsoft\Internet Explorer\Quick Launch\Names.lnk -> [2011/07/19 21:21:22 | 000,001,614 | ---- | M] () FNTCACHE.DAT -> C:\WINDOWS\System32\FNTCACHE.DAT -> [2011/07/13 23:35:23 | 000,120,544 | ---- | M] () wpa.dbl -> C:\WINDOWS\System32\wpa.dbl -> [2011/07/12 17:19:27 | 000,002,206 | ---- | M] () mbamswissarmy.sys -> C:\WINDOWS\System32\drivers\mbamswissarmy.sys -> [2011/07/06 19:52:42 | 000,041,272 | ---- | M] (Malwarebytes Corporation) mbam.sys -> C:\WINDOWS\System32\drivers\mbam.sys -> [2011/07/06 19:52:42 | 000,022,712 | ---- | M] (Malwarebytes Corporation) Yahoo! Messenger.lnk -> C:\Documents and Settings\All Users\Desktop\Yahoo! Messenger.lnk -> [2011/07/05 15:54:22 | 000,000,812 | ---- | M] () FlashPlayerCPLApp.cpl -> C:\WINDOWS\System32\FlashPlayerCPLApp.cpl -> [2011/07/05 15:37:18 | 000,404,640 | ---- | M] (Adobe Systems Incorporated) 36 C:\WINDOWS\Temp\*.tmp files -> C:\WINDOWS\Temp\*.tmp -> 3 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> 1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> [Files - No Company Name] setup_11.0.0.1245.x01_2011_07_31_03_08.exe.part -> C:\Documents and Settings\NEVILLE\Desktop\setup_11.0.0.1245.x01_2011_07_31_03_08.exe.part -> [2011/07/31 06:13:36 | 055,895,658 | ---- | C] () 66011389.sys -> C:\WINDOWS\System32\drivers\66011389.sys -> [2011/07/31 05:40:20 | 000,133,208 | ---- | C] () Ad-Aware Update (Weekly).job -> C:\WINDOWS\tasks\Ad-Aware Update (Weekly).job -> [2011/07/31 03:18:02 | 000,000,486 | ---- | C] () wininit.ini -> C:\WINDOWS\wininit.ini -> [2011/07/31 02:56:31 | 000,000,139 | ---- | C] () Songs.lnk -> C:\Documents and Settings\NEVILLE\Desktop\Songs.lnk -> [2011/07/31 02:15:54 | 000,000,467 | ---- | C] () xvid.ax -> C:\WINDOWS\System32\xvid.ax -> [2011/07/31 01:42:14 | 000,152,064 | ---- | C] () uzmwmze2.sys -> C:\WINDOWS\System32\drivers\uzmwmze2.sys -> [2011/07/31 00:50:34 | 000,011,264 | ---- | C] () Mozilla Firefox.lnk -> C:\Documents and Settings\NEVILLE\Application Data\Microsoft\Internet Explorer\Quick Launch\Mozilla Firefox.lnk -> [2011/07/30 07:59:54 | 000,000,742 | ---- | C] () SmartDefragBootTime.exe -> C:\WINDOWS\System32\SmartDefragBootTime.exe -> [2011/07/29 23:01:33 | 000,029,520 | ---- | C] () SmartDefragDriver.sys -> C:\WINDOWS\System32\drivers\SmartDefragDriver.sys -> [2011/07/29 23:01:33 | 000,013,496 | ---- | C] () Smart Defrag 2.lnk -> C:\Documents and Settings\All Users\Desktop\Smart Defrag 2.lnk -> [2011/07/29 23:01:31 | 000,000,823 | ---- | C] () Boot.bak -> C:\Boot.bak -> [2011/07/29 22:22:35 | 000,000,211 | ---- | C] () cmldr -> C:\cmldr -> [2011/07/29 22:22:31 | 000,260,272 | RHS- | C] () PEV.exe -> C:\WINDOWS\PEV.exe -> [2011/07/29 22:19:35 | 000,256,000 | ---- | C] () MBR.exe -> C:\WINDOWS\MBR.exe -> [2011/07/29 22:19:35 | 000,208,896 | ---- | C] () sed.exe -> C:\WINDOWS\sed.exe -> [2011/07/29 22:19:35 | 000,098,816 | ---- | C] () grep.exe -> C:\WINDOWS\grep.exe -> [2011/07/29 22:19:35 | 000,080,412 | ---- | C] () zip.exe -> C:\WINDOWS\zip.exe -> [2011/07/29 22:19:35 | 000,068,096 | ---- | C] () Launch RamBooster 2.0.lnk -> C:\Documents and Settings\All Users\Start Menu\Programs\Launch RamBooster 2.0.lnk -> [2011/07/22 02:30:07 | 000,001,626 | ---- | C] () Songs.lnk -> C:\Documents and Settings\NEVILLE\Application Data\Microsoft\Internet Explorer\Quick Launch\Songs.lnk -> [2011/07/21 04:03:27 | 000,001,251 | ---- | C] () PokerRatings.lnk -> C:\Documents and Settings\NEVILLE\Application Data\Microsoft\Internet Explorer\Quick Launch\PokerRatings.lnk -> [2011/07/20 16:23:06 | 000,001,611 | ---- | C] () _vmtxp.ini -> C:\WINDOWS\_vmtxp.ini -> [2011/07/20 16:07:13 | 000,000,122 | ---- | C] () Names.lnk -> C:\Documents and Settings\NEVILLE\Application Data\Microsoft\Internet Explorer\Quick Launch\Names.lnk -> [2011/07/19 21:21:22 | 000,001,614 | ---- | C] () BitTorrent.lnk -> C:\Documents and Settings\NEVILLE\Start Menu\Programs\BitTorrent.lnk -> [2011/07/19 00:44:24 | 000,000,706 | ---- | C] () nvnrm.nvu -> C:\WINDOWS\System32\nvnrm.nvu -> [2011/07/05 20:15:19 | 000,004,805 | ---- | C] () nvdrsdb1.bin -> C:\WINDOWS\System32\nvdrsdb1.bin -> [2011/06/18 01:32:47 | 000,273,344 | ---- | C] () nvdrsdb0.bin -> C:\WINDOWS\System32\nvdrsdb0.bin -> [2011/06/18 01:32:47 | 000,273,344 | ---- | C] () nvdrssel.bin -> C:\WINDOWS\System32\nvdrssel.bin -> [2011/06/18 01:32:47 | 000,000,001 | ---- | C] () nvdata.data -> C:\WINDOWS\System32\nvdata.data -> [2011/06/18 01:32:26 | 002,123,582 | ---- | C] () DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini -> C:\Documents and Settings\NEVILLE\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini -> [2011/05/29 23:31:01 | 000,007,168 | ---- | C] () cccp106.sys -> C:\WINDOWS\System32\drivers\cccp106.sys -> [2011/05/28 17:25:16 | 000,227,200 | ---- | C] () JPGL.DLL -> C:\WINDOWS\JPGL.DLL -> [2011/05/28 17:25:16 | 000,036,864 | ---- | C] () DIV_IYUV.DLL -> C:\WINDOWS\DIV_IYUV.DLL -> [2011/05/28 17:25:16 | 000,032,768 | ---- | C] () select.exe -> C:\WINDOWS\select.exe -> [2011/05/28 17:25:15 | 002,093,106 | ---- | C] () select2.exe -> C:\WINDOWS\select2.exe -> [2011/05/28 17:25:15 | 000,192,512 | ---- | C] () Clement.exe -> C:\WINDOWS\Clement.exe -> [2011/05/28 17:25:15 | 000,127,038 | ---- | C] () dcccp106.dll -> C:\WINDOWS\System32\dcccp106.dll -> [2011/05/28 17:25:15 | 000,061,440 | ---- | C] () vcccp106.dll -> C:\WINDOWS\System32\vcccp106.dll -> [2011/05/28 17:25:15 | 000,045,056 | ---- | C] () CleanDev.exe -> C:\WINDOWS\CleanDev.exe -> [2011/05/28 17:25:15 | 000,036,864 | ---- | C] () cccp106.ini -> C:\WINDOWS\cccp106.ini -> [2011/05/28 17:25:15 | 000,015,542 | ---- | C] () DC2110a.ini -> C:\WINDOWS\DC2110a.ini -> [2011/05/28 17:25:15 | 000,000,321 | ---- | C] () ezsidmv.dat -> C:\WINDOWS\System32\ezsidmv.dat -> [2011/05/18 23:15:03 | 000,000,056 | -H-- | C] () YAHELITE_BUDDY.INI -> C:\WINDOWS\YAHELITE_BUDDY.INI -> [2011/05/16 02:51:16 | 000,000,011 | ---- | C] () YAHELITE_cookie.INI -> C:\WINDOWS\YAHELITE_cookie.INI -> [2011/05/16 02:45:00 | 000,000,000 | ---- | C] () ODBCINST.INI -> C:\WINDOWS\ODBCINST.INI -> [2011/05/15 07:35:19 | 000,004,161 | ---- | C] () HMHud.INI -> C:\WINDOWS\HMHud.INI -> [2011/05/15 07:34:43 | 000,000,000 | ---- | C] () FNTCACHE.DAT -> C:\WINDOWS\System32\FNTCACHE.DAT -> [2011/05/15 07:32:44 | 000,120,544 | ---- | C] () ChCfg.exe -> C:\WINDOWS\System32\ChCfg.exe -> [2011/05/15 05:18:13 | 000,049,152 | R--- | C] () nsreg.dat -> C:\WINDOWS\nsreg.dat -> [2011/05/15 03:02:36 | 000,000,000 | ---- | C] () nvphy.bin -> C:\WINDOWS\System32\drivers\nvphy.bin -> [2011/05/15 02:19:14 | 000,001,732 | R--- | C] () bootstat.dat -> C:\WINDOWS\bootstat.dat -> [2011/05/15 02:14:31 | 000,002,048 | --S- | C] () emptyregdb.dat -> C:\WINDOWS\System32\emptyregdb.dat -> [2011/05/15 02:10:28 | 000,021,640 | ---- | C] () Dcache.bin -> C:\WINDOWS\System32\Dcache.bin -> [2008/04/14 11:25:28 | 000,001,804 | ---- | C] () nvnt4cpl.dll -> C:\WINDOWS\System32\nvnt4cpl.dll -> [2007/10/04 14:44:00 | 000,286,720 | ---- | C] () secupd.dat -> C:\WINDOWS\System32\secupd.dat -> [2006/12/31 13:27:08 | 000,004,569 | ---- | C] () oembios.bin -> C:\WINDOWS\System32\oembios.bin -> [2001/08/23 17:30:00 | 013,107,200 | ---- | C] () mlang.dat -> C:\WINDOWS\System32\mlang.dat -> [2001/08/23 17:30:00 | 000,673,088 | ---- | C] () perfh009.dat -> C:\WINDOWS\System32\perfh009.dat -> [2001/08/23 17:30:00 | 000,493,384 | ---- | C] () perfi009.dat -> C:\WINDOWS\System32\perfi009.dat -> [2001/08/23 17:30:00 | 000,272,128 | ---- | C] () dssec.dat -> C:\WINDOWS\System32\dssec.dat -> [2001/08/23 17:30:00 | 000,218,003 | ---- | C] () perfc009.dat -> C:\WINDOWS\System32\perfc009.dat -> [2001/08/23 17:30:00 | 000,083,802 | ---- | C] () mib.bin -> C:\WINDOWS\System32\mib.bin -> [2001/08/23 17:30:00 | 000,046,258 | ---- | C] () perfd009.dat -> C:\WINDOWS\System32\perfd009.dat -> [2001/08/23 17:30:00 | 000,028,626 | ---- | C] () oembios.dat -> C:\WINDOWS\System32\oembios.dat -> [2001/08/23 17:30:00 | 000,004,463 | ---- | C] () noise.dat -> C:\WINDOWS\System32\noise.dat -> [2001/08/23 17:30:00 | 000,000,741 | ---- | C] () [File - Lop Check] AIM -> C:\Documents and Settings\All Users\Application Data\AIM -> [2011/05/15 04:07:41 | 000,000,000 | ---D | M] AVG10 -> C:\Documents and Settings\All Users\Application Data\AVG10 -> [2011/07/31 01:46:43 | 000,000,000 | ---D | M] Common Files -> C:\Documents and Settings\All Users\Application Data\Common Files -> [2011/05/15 03:10:34 | 000,000,000 | -H-D | M] InstallMate -> C:\Documents and Settings\All Users\Application Data\InstallMate -> [2011/06/18 02:11:42 | 000,000,000 | ---D | M] MFAData -> C:\Documents and Settings\All Users\Application Data\MFAData -> [2011/05/15 03:08:59 | 000,000,000 | ---D | M] QuestScan -> C:\Documents and Settings\All Users\Application Data\QuestScan -> [2011/07/31 01:46:36 | 000,000,000 | ---D | M] TEMP -> C:\Documents and Settings\All Users\Application Data\TEMP -> [2011/07/31 03:10:25 | 000,000,000 | ---D | M] XHEO INC -> C:\Documents and Settings\All Users\Application Data\XHEO INC -> [2011/05/15 06:45:02 | 000,000,000 | ---D | M] Absolute Poker -> C:\Documents and Settings\NEVILLE\Application Data\Absolute Poker -> [2011/05/15 04:20:44 | 000,000,000 | ---D | M] acccore -> C:\Documents and Settings\NEVILLE\Application Data\acccore -> [2011/05/15 04:08:04 | 000,000,000 | ---D | M] AVG10 -> C:\Documents and Settings\NEVILLE\Application Data\AVG10 -> [2011/05/15 03:11:22 | 000,000,000 | ---D | M] BitTorrent -> C:\Documents and Settings\NEVILLE\Application Data\BitTorrent -> [2011/07/31 06:55:09 | 000,000,000 | ---D | M] Foxit Software -> C:\Documents and Settings\NEVILLE\Application Data\Foxit Software -> [2011/06/29 15:19:53 | 000,000,000 | ---D | M] HEM Data -> C:\Documents and Settings\NEVILLE\Application Data\HEM Data -> [2011/06/15 02:40:06 | 000,000,000 | ---D | M] IObit -> C:\Documents and Settings\NEVILLE\Application Data\IObit -> [2011/07/29 23:01:33 | 000,000,000 | ---D | M] OpenOffice.org -> C:\Documents and Settings\NEVILLE\Application Data\OpenOffice.org -> [2011/05/15 04:30:43 | 000,000,000 | ---D | M] Qualys -> C:\Documents and Settings\NEVILLE\Application Data\Qualys -> [2011/05/22 08:06:18 | 000,000,000 | ---D | M] Roaming -> C:\Documents and Settings\NEVILLE\Application Data\Roaming -> [2011/05/15 07:41:24 | 000,000,000 | ---D | M] UBNet -> C:\Documents and Settings\NEVILLE\Application Data\UBNet -> [2011/05/29 02:52:22 | 000,000,000 | ---D | M] WinPatrol -> C:\Documents and Settings\NEVILLE\Application Data\WinPatrol -> [2011/05/15 02:29:57 | 000,000,000 | ---D | M] Ad-Aware Update (Weekly).job -> C:\WINDOWS\Tasks\Ad-Aware Update (Weekly).job -> [2011/07/31 05:47:33 | 000,000,486 | ---- | M] () [Custom Scans] < %USERPROFILE%\..|smtmp;true;true;true /FP > < %SYSTEMDRIVE%\*.exe > < MD5 Scans Start> < %systemdrive%\EXPLORER.EXE /md5 /s > explorer.exe : MD5=12896823FB95BFB3DC9B46BCAEDC9923 -> C:\WINDOWS\ERDNT\cache\explorer.exe -> [2008/04/14 11:12:20 | 001,033,728 | ---- | M] (Microsoft Corporation) explorer.exe : MD5=12896823FB95BFB3DC9B46BCAEDC9923 -> C:\WINDOWS\explorer.exe -> [2008/04/14 11:12:20 | 001,033,728 | ---- | M] (Microsoft Corporation) explorer.exe : MD5=12896823FB95BFB3DC9B46BCAEDC9923 -> C:\WINDOWS\system32\dllcache\explorer.exe -> [2008/04/14 11:12:20 | 001,033,728 | ---- | M] (Microsoft Corporation) < %systemdrive%\SVCHOST.EXE /md5 /s > svchost.exe : MD5=27C6D03BCDB8CFEB96B716F3D8BE3E18 -> C:\WINDOWS\ERDNT\cache\svchost.exe -> [2008/04/14 11:12:38 | 000,014,336 | ---- | M] (Microsoft Corporation) svchost.exe : MD5=27C6D03BCDB8CFEB96B716F3D8BE3E18 -> C:\WINDOWS\system32\dllcache\svchost.exe -> [2008/04/14 11:12:38 | 000,014,336 | ---- | M] (Microsoft Corporation) svchost.exe : MD5=27C6D03BCDB8CFEB96B716F3D8BE3E18 -> C:\WINDOWS\system32\svchost.exe -> [2008/04/14 11:12:38 | 000,014,336 | ---- | M] (Microsoft Corporation) < %systemdrive%\USERINIT.EXE /md5 /s > userinit.exe : MD5=A93AEE1928A9D7CE3E16D24EC7380F89 -> C:\WINDOWS\ERDNT\cache\userinit.exe -> [2008/04/14 11:12:40 | 000,026,112 | ---- | M] (Microsoft Corporation) userinit.exe : MD5=A93AEE1928A9D7CE3E16D24EC7380F89 -> C:\WINDOWS\system32\dllcache\userinit.exe -> [2008/04/14 11:12:40 | 000,026,112 | ---- | M] (Microsoft Corporation) userinit.exe : MD5=A93AEE1928A9D7CE3E16D24EC7380F89 -> C:\WINDOWS\system32\userinit.exe -> [2008/04/14 11:12:40 | 000,026,112 | ---- | M] (Microsoft Corporation) < %systemdrive%\VOLSNAP.INF /md5 /s > volsnap.inf : MD5=1C43F4D998567C9D2463E18669F33A3C -> C:\WINDOWS\inf\volsnap.inf -> [2001/08/23 17:30:00 | 000,001,095 | ---- | M] () < %systemdrive%\VOLSNAP.PNF /md5 /s > volsnap.PNF : MD5=70217B056F65579268C1EBEFC1032FF8 -> C:\WINDOWS\inf\volsnap.PNF -> [2011/05/15 07:35:01 | 000,004,964 | ---- | M] () < %systemdrive%\VOLSNAP.SYS /md5 /s > volsnap.sys : MD5=4C8FCB5CC53AAB716D810740FE59D025 -> C:\WINDOWS\system32\dllcache\volsnap.sys -> [2008/04/14 05:41:02 | 000,052,352 | ---- | M] (Microsoft Corporation) volsnap.sys : MD5=4C8FCB5CC53AAB716D810740FE59D025 -> C:\WINDOWS\system32\drivers\volsnap.sys -> [2008/04/14 05:41:02 | 000,052,352 | ---- | M] (Microsoft Corporation) < %systemdrive%\WINLOGON.EXE /md5 /s > winlogon.exe : MD5=ED0EF0A136DEC83DF69F04118870003E -> C:\WINDOWS\ERDNT\cache\winlogon.exe -> [2008/04/14 11:12:40 | 000,507,904 | ---- | M] (Microsoft Corporation) winlogon.exe : MD5=ED0EF0A136DEC83DF69F04118870003E -> C:\WINDOWS\system32\dllcache\winlogon.exe -> [2008/04/14 11:12:40 | 000,507,904 | ---- | M] (Microsoft Corporation) winlogon.exe : MD5=ED0EF0A136DEC83DF69F04118870003E -> C:\WINDOWS\system32\winlogon.exe -> [2008/04/14 11:12:40 | 000,507,904 | ---- | M] (Microsoft Corporation) < MD5 Scans End> < %systemroot%\*. /mp /s > < hklm\software\clients\startmenuinternet|command /rs > HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FIREFOX.EXE\InstallInfo -> -> HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FIREFOX.EXE\InstallInfo\\HideIconsCommand -> C:\PROGRAM FILES\MOZILLA FIREFOX\UNINSTALL\HELPER.EXE ["C:\PROGRAM FILES\MOZILLA FIREFOX\UNINSTALL\HELPER.EXE" /HIDESHORTCUTS] -> [2011/07/08 12:46:28 | 000,713,016 | ---- | M] (Mozilla Corporation) HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FIREFOX.EXE\InstallInfo\\ShowIconsCommand -> C:\PROGRAM FILES\MOZILLA FIREFOX\UNINSTALL\HELPER.EXE ["C:\PROGRAM FILES\MOZILLA FIREFOX\UNINSTALL\HELPER.EXE" /SHOWSHORTCUTS] -> [2011/07/08 12:46:28 | 000,713,016 | ---- | M] (Mozilla Corporation) HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FIREFOX.EXE\InstallInfo\\ReinstallCommand -> C:\PROGRAM FILES\MOZILLA FIREFOX\UNINSTALL\HELPER.EXE ["C:\PROGRAM FILES\MOZILLA FIREFOX\UNINSTALL\HELPER.EXE" /SETASDEFAULTAPPGLOBAL] -> [2011/07/08 12:46:28 | 000,713,016 | ---- | M] (Mozilla Corporation) HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FIREFOX.EXE\shell\open\command -> -> HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FIREFOX.EXE\shell\open\command\\ -> C:\Program Files\Mozilla Firefox\firefox.exe [C:\PROGRAM FILES\MOZILLA FIREFOX\FIREFOX.EXE] -> [2011/07/08 12:46:28 | 000,924,632 | ---- | M] (Mozilla Corporation) HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FIREFOX.EXE\shell\properties\command -> -> HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FIREFOX.EXE\shell\properties\command\\ -> C:\PROGRAM FILES\MOZILLA FIREFOX\FIREFOX.EXE ["C:\PROGRAM FILES\MOZILLA FIREFOX\FIREFOX.EXE" -PREFERENCES] -> [2011/07/08 12:46:28 | 000,924,632 | ---- | M] (Mozilla Corporation) HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FIREFOX.EXE\shell\safemode\command -> -> HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FIREFOX.EXE\shell\safemode\command\\ -> C:\PROGRAM FILES\MOZILLA FIREFOX\FIREFOX.EXE ["C:\PROGRAM FILES\MOZILLA FIREFOX\FIREFOX.EXE" -SAFE-MODE] -> [2011/07/08 12:46:28 | 000,924,632 | ---- | M] (Mozilla Corporation) HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\InstallInfo -> -> HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\InstallInfo\\ReinstallCommand -> C:\WINDOWS\System32\IE4UINIT.EXE ["C:\WINDOWS\SYSTEM32\IE4UINIT.EXE" -REINSTALL] -> [2011/04/25 17:31:34 | 000,173,568 | ---- | M] (Microsoft Corporation) HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\InstallInfo\\HideIconsCommand -> C:\WINDOWS\System32\IE4UINIT.EXE ["C:\WINDOWS\SYSTEM32\IE4UINIT.EXE" -HIDE] -> [2011/04/25 17:31:34 | 000,173,568 | ---- | M] (Microsoft Corporation) HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\InstallInfo\\ShowIconsCommand -> C:\WINDOWS\System32\IE4UINIT.EXE ["C:\WINDOWS\SYSTEM32\IE4UINIT.EXE" -SHOW] -> [2011/04/25 17:31:34 | 000,173,568 | ---- | M] (Microsoft Corporation) HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\shell\naom\command -> -> HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\shell\naom\command\\ -> C:\PROGRAM FILES\INTERNET EXPLORER\IEXPLORE.EXE ["C:\PROGRAM FILES\INTERNET EXPLORER\IEXPLORE.EXE" -EXTOFF] -> [2009/03/08 14:09:26 | 000,638,816 | ---- | M] (Microsoft Corporation) HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\shell\open\command -> -> HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\shell\open\command\\ -> C:\PROGRAM FILES\INTERNET EXPLORER\IEXPLORE.EXE ["C:\PROGRAM FILES\INTERNET EXPLORER\IEXPLORE.EXE"] -> [2009/03/08 14:09:26 | 000,638,816 | ---- | M] (Microsoft Corporation) Restore point Set: OTS Restore Point (0) < End of report > [/code]