Jump to content

Welcome to Geeks to Go - Register now for FREE

Need help with your computer or device? Want to learn new tech skills? You're in the right place!
Geeks to Go is a friendly community of tech experts who can solve any problem you have. Just create a free account and post your question. Our volunteers will reply quickly and guide you through the steps. Don't let tech troubles stop you. Join Geeks to Go now and get the support you need!

How it Works Create Account
Photo

very slow laptop computer

Started by greghoffman , Mar 24 2011 05:15 PM

  • Please log in to reply

#1
greghoffman
Posted 24 March 2011 - 05:15 PM

greghoffman

    Member

  • Member
  • PipPipPip
  • 439 posts
i received a used laptop from a family member who bought a new machine. she downloaded and clicked on everything tht popped up on the screen. i was the only person who ever defragged or cleaned up her temp files. i realize this is a 5 yo comp, but it was quite faster when it was new. i had some help in the xp section with increasing the performance but was hoping someone could look at the otl log and maybe help me clean up anything that is not neccessary. thank you very much, this site rocks!.i am also still running in clean boot state. is this safe? i don't see my avg anti virus ....is it running?

OTL Extras logfile created on: 3/24/2011 6:00:40 PM - Run 1
OTL by OldTimer - Version 3.2.22.3 Folder = C:\Documents and Settings\Valued Customer\Desktop
Windows XP Home Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

479.00 Mb Total Physical Memory | 182.00 Mb Available Physical Memory | 38.00% Memory free
2.00 Gb Paging File | 2.00 Gb Available in Paging File | 84.00% Paging File free
Paging file location(s): C:\pagefile.sys 1440 1440 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 74.52 Gb Total Space | 57.11 Gb Free Space | 76.64% Space Free | Partition Type: NTFS

Computer Name: VALUED-2368BA06 | User Name: Valued Customer | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

========== Extra Registry (SafeList) ==========


========== File Associations ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*

[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.html [@ = htmlfile] -- Reg Error: Key error. File not found

========== Shell Spawning ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
exefile [open] -- "%1" %*
htmlfile [edit] -- Reg Error: Key error.
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

========== Security Center Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"FirstRunDisabled" = 1
"AntiVirusOverride" = 1
"FirewallOverride" = 0
"AntiVirusDisableNotify" = 0
"FirewallDisableNotify" = 0
"UpdatesDisableNotify" = 0

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall]

========== System Restore Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Sr]
"Start" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SrService]
"Start" = 2

========== Firewall Settings ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall" = 1
"DoNotAllowExceptions" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1
"DoNotAllowExceptions" = 0

========== Authorized Applications List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"D:\Installation\Setupx.exe" = D:\Installation\Setupx.exe:*:Enabled:Nero ProductSetup
"C:\Program Files\AVG\AVG10\avgnsx.exe" = C:\Program Files\AVG\AVG10\avgnsx.exe:*:Enabled:Online Shield -- (AVG Technologies CZ, s.r.o.)
"C:\Program Files\AVG\AVG10\avgmfapx.exe" = C:\Program Files\AVG\AVG10\avgmfapx.exe:*:Enabled:AVG Installer -- (AVG Technologies CZ, s.r.o.)
"C:\Program Files\AVG\AVG10\avgemcx.exe" = C:\Program Files\AVG\AVG10\avgemcx.exe:*:Enabled:Personal E-mail Scanner -- (AVG Technologies CZ, s.r.o.)
"C:\Users\Public\Phantom EFX\OnlineCasino\Bin\Prelauncher.exe" = C:\Users\Public\Phantom EFX\OnlineCasino\Bin\Prelauncher.exe:*:Enabled:Prelauncher -- ()
"C:\Users\Public\Phantom EFX\OnlineCasino\Launcher\OLCLauncher.exe" = C:\Users\Public\Phantom EFX\OnlineCasino\Launcher\OLCLauncher.exe:*:Enabled:OLCLauncher -- ()


========== HKEY_LOCAL_MACHINE Uninstall List ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{23FB368F-1399-4EAC-817C-4B83ECBE3D83}" = mProSafe
"{26A24AE4-039D-4CA4-87B4-2F83216020FF}" = Java™ 6 Update 23
"{28DA872A-0848-48CF-B749-19A198157A2A}" = mDriver
"{350C97B0-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP
"{46C045BF-2B3F-4BC4-8E4C-00E0CF8BD9DB}" = Adobe AIR
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{56C049BE-79E9-4502-BEA7-9754A3E60F9B}" = neroxml
"{6DE14BE4-6F04-4935-8ABD-A0A19FE2E55A}" = mCore
"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
"{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable
"{8B928BA1-EDEC-4227-A2DA-DD83026C36F5}" = mPfMgr
"{90B0D222-8C21-4B35-9262-53B042F18AF9}" = mPfWiz
"{9CC89556-3578-48DD-8408-04E66EBEF401}" = mXML
"{A1960A82-DB70-474D-A86B-FA74466103C6}" = Drivers Install For Linksys Easylink Advisor
"{A276502A-8979-44FB-8090-90CF72F22ABC}" = AVG 2011
"{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}" = Microsoft .NET Framework 3.0 Service Pack 2
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{AC76BA86-7AD7-1033-7B44-A94000000001}" = Adobe Reader 9.4.3
"{AE41BE84-761C-0F5E-451B-3D145E8A8840}" = Acrobat.com
"{BAF78226-3200-4DB4-BE33-4D922A799840}" = Windows Presentation Foundation
"{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}" = Microsoft .NET Framework 2.0 Service Pack 2
"{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}" = Microsoft .NET Framework 1.1
"{CC4A73BF-938E-4C19-A553-853C035C9BA1}" = LightScribe System Software 1.10.13.1
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{E35AF511-B618-4D02-B559-0F2147341D3B}" = AVG 2011
"{F0BFC7EF-9CF8-44EE-91B0-158884CD87C5}" = mMHouse
"{FCA651F3-5BDA-4DDA-9E4A-5D87D6914CC4}" = mWlsSafe
"Adobe AIR" = Adobe AIR
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Adobe Shockwave Player" = Adobe Shockwave Player 11.5
"AVG" = AVG 2011
"CCleaner" = CCleaner
"com.adobe.mauby.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1" = Acrobat.com
"EasyLinkAdvisor" = Linksys EasyLink Advisor 1.6 (0044)
"ie8" = Windows Internet Explorer 8
"KLiteCodecPack_is1" = K-Lite Mega Codec Pack 5.5.1
"Microsoft .NET Framework 1.1 (1033)" = Microsoft .NET Framework 1.1
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"MSCompPackV1" = Microsoft Compression Client Pack 1.0 for Windows XP
"NeroMultiInstaller!UninstallKey" = Nero Suite
"PAC-MAN" = PAC-MAN (remove only)
"ProInst" = Intel® PROSet/Wireless Software
"Puran Defrag Free Edition_is1" = Puran Defrag Free Edition 7.1
"Wdf01005" = Microsoft Kernel-Mode Driver Framework Feature Pack 1.5
"Windows Media Format Runtime" = Windows Media Format 11 runtime
"Windows Media Player" = Windows Media Player 11
"WMFDist11" = Windows Media Format 11 runtime
"wmp11" = Windows Media Player 11
"Wudf01000" = Microsoft User-Mode Driver Framework Feature Pack 1.0
"XpsEPSC" = XML Paper Specification Shared Components Pack 1.0
"Yahoo! Companion" = Yahoo! Toolbar

========== HKEY_CURRENT_USER Uninstall List ==========

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]

========== Last 10 Event Log Errors ==========

[ Application Events ]
Error - 3/8/2011 11:30:16 AM | Computer Name = VALUED-2368BA06 | Source = Application Hang | ID = 1002
Description = Hanging application iexplore.exe, version 8.0.6001.18702, hang module
hungapp, version 0.0.0.0, hang address 0x00000000.

Error - 3/9/2011 9:00:16 PM | Computer Name = VALUED-2368BA06 | Source = Application Error | ID = 1000
Description = Faulting application iexplore.exe, version 8.0.6001.18702, faulting
module ntdll.dll, version 5.1.2600.6055, fault address 0x000673be.

Error - 3/15/2011 7:29:21 PM | Computer Name = VALUED-2368BA06 | Source = Application Hang | ID = 1002
Description = Hanging application iexplore.exe, version 8.0.6001.18702, hang module
hungapp, version 0.0.0.0, hang address 0x00000000.

Error - 3/15/2011 7:40:24 PM | Computer Name = VALUED-2368BA06 | Source = Application Error | ID = 1000
Description = Faulting application explorer.exe, version 6.0.2900.5512, faulting
module unknown, version 0.0.0.0, fault address 0x0156bd92.

Error - 3/16/2011 10:27:33 AM | Computer Name = VALUED-2368BA06 | Source = Application Hang | ID = 1002
Description = Hanging application iexplore.exe, version 8.0.6001.18702, hang module
hungapp, version 0.0.0.0, hang address 0x00000000.

Error - 3/17/2011 7:42:33 PM | Computer Name = VALUED-2368BA06 | Source = Application Hang | ID = 1002
Description = Hanging application iexplore.exe, version 8.0.6001.18702, hang module
hungapp, version 0.0.0.0, hang address 0x00000000.

Error - 3/18/2011 7:31:06 PM | Computer Name = VALUED-2368BA06 | Source = Application Error | ID = 1000
Description = Faulting application iexplore.exe, version 8.0.6001.18702, faulting
module unknown, version 0.0.0.0, fault address 0x02af0134.

Error - 3/18/2011 8:00:47 PM | Computer Name = VALUED-2368BA06 | Source = Application Hang | ID = 1002
Description = Hanging application iexplore.exe, version 8.0.6001.18702, hang module
hungapp, version 0.0.0.0, hang address 0x00000000.

Error - 3/19/2011 7:16:03 PM | Computer Name = VALUED-2368BA06 | Source = Application Hang | ID = 1002
Description = Hanging application rundll32.exe, version 5.1.2600.5512, hang module
hungapp, version 0.0.0.0, hang address 0x00000000.

Error - 3/20/2011 7:36:38 PM | Computer Name = VALUED-2368BA06 | Source = MsiInstaller | ID = 10005
Description = Product: LightScribe 1.4.42.1 -- Internal Error 2723. ExitBecauseNewVersionFound

[ System Events ]
Error - 3/22/2011 6:08:10 PM | Computer Name = VALUED-2368BA06 | Source = Service Control Manager | ID = 7000
Description = The LogMeIn Kernel Information Provider service failed to start due
to the following error: %%3

Error - 3/22/2011 6:08:10 PM | Computer Name = VALUED-2368BA06 | Source = Service Control Manager | ID = 7000
Description = The Secunia Update Agent service failed to start due to the following
error: %%2

Error - 3/23/2011 6:24:54 PM | Computer Name = VALUED-2368BA06 | Source = Service Control Manager | ID = 7000
Description = The LogMeIn Kernel Information Provider service failed to start due
to the following error: %%3

Error - 3/23/2011 6:24:54 PM | Computer Name = VALUED-2368BA06 | Source = Service Control Manager | ID = 7000
Description = The Secunia Update Agent service failed to start due to the following
error: %%2

Error - 3/23/2011 6:52:51 PM | Computer Name = VALUED-2368BA06 | Source = Dhcp | ID = 1002
Description = The IP address lease 192.168.1.125 for the Network Card with network
address 00166FBF0CA7 has been denied by the DHCP server 192.168.0.1 (The DHCP Server
sent a DHCPNACK message).

Error - 3/23/2011 6:53:29 PM | Computer Name = VALUED-2368BA06 | Source = Service Control Manager | ID = 7000
Description = The LogMeIn Kernel Information Provider service failed to start due
to the following error: %%3

Error - 3/23/2011 7:45:31 PM | Computer Name = VALUED-2368BA06 | Source = ACPIEC | ID = 327681
Description = \Device\ACPIEC: The embedded controller (EC) hardware didn't respond
within the timeout period. This may indicate an error in the EC hardware or firmware,
or possibly a poorly designed BIOS which accesses the EC in an unsafe manner.
The EC driver will retry the failed transaction if possible.

Error - 3/24/2011 6:21:05 PM | Computer Name = VALUED-2368BA06 | Source = Dhcp | ID = 1002
Description = The IP address lease 192.168.1.125 for the Network Card with network
address 00166FBF0CA7 has been denied by the DHCP server 192.168.0.1 (The DHCP Server
sent a DHCPNACK message).

Error - 3/24/2011 6:21:21 PM | Computer Name = VALUED-2368BA06 | Source = Service Control Manager | ID = 7000
Description = The LogMeIn Kernel Information Provider service failed to start due
to the following error: %%3

Error - 3/24/2011 6:51:26 PM | Computer Name = VALUED-2368BA06 | Source = ACPIEC | ID = 327681
Description = \Device\ACPIEC: The embedded controller (EC) hardware didn't respond
within the timeout period. This may indicate an error in the EC hardware or firmware,
or possibly a poorly designed BIOS which accesses the EC in an unsafe manner.
The EC driver will retry the failed transaction if possible.


< End of report >


OTL logfile created on: 3/24/2011 6:00:40 PM - Run 1
OTL by OldTimer - Version 3.2.22.3 Folder = C:\Documents and Settings\Valued Customer\Desktop
Windows XP Home Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

479.00 Mb Total Physical Memory | 182.00 Mb Available Physical Memory | 38.00% Memory free
2.00 Gb Paging File | 2.00 Gb Available in Paging File | 84.00% Paging File free
Paging file location(s): C:\pagefile.sys 1440 1440 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 74.52 Gb Total Space | 57.11 Gb Free Space | 76.64% Space Free | Partition Type: NTFS

Computer Name: VALUED-2368BA06 | User Name: Valued Customer | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2011/03/24 17:57:03 | 000,580,608 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Valued Customer\Desktop\OTL.exe
PRC - [2010/12/05 17:26:40 | 000,654,176 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG10\avgrsx.exe
PRC - [2010/12/05 17:26:12 | 000,650,592 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG10\avgchsvx.exe
PRC - [2008/04/14 07:00:00 | 001,033,728 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe


========== Modules (SafeList) ==========

MOD - [2011/03/24 17:57:03 | 000,580,608 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Valued Customer\Desktop\OTL.exe
MOD - [2010/08/23 11:12:02 | 001,054,208 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.6028_x-ww_61e65202\comctl32.dll


========== Win32 Services (SafeList) ==========

SRV - File not found [Disabled | Stopped] -- -- (WinkZink Service)
SRV - File not found [Disabled | Stopped] -- -- (Secunia Update Agent)
SRV - File not found [Disabled | Stopped] -- -- (ResultBrowse Service)
SRV - File not found [Disabled | Stopped] -- -- (NMIndexingService)
SRV - File not found [On_Demand | Stopped] -- -- (AppMgmt)
SRV - [2011/01/06 16:23:18 | 006,128,720 | ---- | M] (AVG Technologies CZ, s.r.o.) [Disabled | Stopped] -- C:\Program Files\AVG\AVG10\Identity Protection\Agent\Bin\AVGIDSAgent.exe -- (AVGIDSAgent)
SRV - [2010/10/22 05:58:18 | 000,265,400 | ---- | M] (AVG Technologies CZ, s.r.o.) [Disabled | Stopped] -- C:\Program Files\AVG\AVG10\avgwdsvc.exe -- (avgwd)
SRV - [2008/04/14 00:42:36 | 000,073,796 | ---- | M] (Smart Link) [Disabled | Stopped] -- C:\WINDOWS\System32\slserv.exe -- (SLService)


========== Driver Services (SafeList) ==========

DRV - [2010/12/08 05:12:38 | 000,251,728 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\avgldx86.sys -- (Avgldx86)
DRV - [2010/11/12 14:19:38 | 000,299,984 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\avgtdix.sys -- (Avgtdix)
DRV - [2010/09/13 16:27:24 | 000,025,680 | ---- | M] (AVG Technologies CZ, s.r.o. ) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\AVGIDSEH.Sys -- (AVGIDSEH)
DRV - [2010/09/07 04:48:56 | 000,034,384 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | System | Running] -- C:\WINDOWS\system32\drivers\avgmfx86.sys -- (Avgmfx86)
DRV - [2010/09/07 04:48:50 | 000,026,064 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\avgrkx86.sys -- (Avgrkx86)
DRV - [2010/08/03 16:23:36 | 000,026,192 | ---- | M] (AVG Technologies CZ, s.r.o. ) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\AVGIDSShim.sys -- (AVGIDSShim)
DRV - [2010/08/03 16:23:34 | 000,123,472 | ---- | M] (AVG Technologies CZ, s.r.o. ) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\AVGIDSDriver.sys -- (AVGIDSDriver)
DRV - [2010/08/03 16:23:32 | 000,030,288 | ---- | M] (AVG Technologies CZ, s.r.o. ) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\AVGIDSFilter.sys -- (AVGIDSFilter)
DRV - [2010/06/09 12:11:50 | 000,083,360 | ---- | M] (LogMeIn, Inc.) [File_System | Disabled | Stopped] -- C:\WINDOWS\System32\LMIRfsClientNP.dll -- (LMIRfsClientNP)
DRV - [2009/06/05 04:24:30 | 000,019,200 | ---- | M] (Silicon Integrated Systems Corporation) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\srvkp.sys -- (SiSkp)
DRV - [2009/06/05 04:02:46 | 000,323,584 | ---- | M] (Silicon Integrated Systems Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\sisgrp.sys -- (SiS315)
DRV - [2008/08/11 13:41:00 | 000,047,640 | ---- | M] (LogMeIn, Inc.) [File_System | Auto | Running] -- C:\WINDOWS\system32\drivers\LMIRfsDriver.sys -- (LMIRfsDriver)
DRV - [2008/04/13 18:53:48 | 000,095,424 | ---- | M] (Smart Link) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\slnthal.sys -- (SlNtHal)
DRV - [2008/04/13 18:53:48 | 000,013,240 | ---- | M] (Smart Link) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\slwdmsup.sys -- (SlWdmSup)
DRV - [2008/04/13 18:53:46 | 000,404,990 | ---- | M] (Smart Link) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\slntamr.sys -- (Slntamr)
DRV - [2008/04/13 18:53:44 | 000,013,776 | ---- | M] (Smart Link) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\RecAgent.sys -- (RecAgent)
DRV - [2008/04/13 18:53:42 | 000,180,360 | ---- | M] (Smart Link) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ntmtlfax.sys -- (NtMtlFax)
DRV - [2008/04/13 18:53:42 | 000,126,686 | ---- | M] (Smart Link) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\mtlmnt5.sys -- (Mtlmnt5)
DRV - [2008/04/13 18:53:40 | 001,309,184 | ---- | M] (Smart Link) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\mtlstrm.sys -- (Mtlstrm)
DRV - [2008/04/13 17:05:40 | 000,032,768 | ---- | M] (SiS Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\sisnic.sys -- (SISNIC)
DRV - [2007/04/16 22:46:00 | 000,033,792 | ---- | M] (Advanced Micro Devices) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\AmdPPM.sys -- (AmdPPM)
DRV - [2007/03/22 13:57:14 | 000,028,672 | --S- | M] (Gteko Ltd.) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\elagopro.sys -- (elagopro)
DRV - [2007/03/22 13:57:14 | 000,005,376 | --S- | M] (Gteko Ltd.) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\elaunidr.sys -- (elaunidr)
DRV - [2005/05/03 08:03:54 | 000,011,354 | ---- | M] (Intel Corporation) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\s24trans.sys -- (s24trans)
DRV - [2005/04/30 17:01:56 | 003,281,408 | ---- | M] (Intel® Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\w29n51.sys -- (w29n51) Intel®
DRV - [2005/04/08 12:48:18 | 000,179,968 | ---- | M] (VIA Technologies, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\vinyl97.sys -- (VIAudio) Vinyl AC'97 Audio Controller (WDM)
DRV - [2004/08/12 09:44:04 | 000,234,496 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\iwca.sys -- (IWCA)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://search.myheritage.com
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,CustomizeSearch = http://toolbar.inbox...aspx?tbid=80273
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://toolbar.inbox...id=80273&lng=en

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.yahoo.com/
IE - HKCU\..\URLSearchHook: {D3D233D5-9F6D-436C-B6C7-E63F77503B30} - Reg Error: Key error. File not found
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

========== FireFox ==========

FF - prefs.js..browser.search.defaultengine: "Ask.com"
FF - prefs.js..browser.search.defaultenginename: "Ask.com"
FF - prefs.js..browser.search.order.1: "Ask.com"
FF - prefs.js..browser.search.selectedEngine: "Search"
FF - prefs.js..browser.search.useDBForOrder: true
FF - prefs.js..browser.startup.homepage: "http://search.myheritage.com/"
FF - prefs.js..keyword.URL: "http://search.myheri...om/?orig=ds&q="
FF - prefs.js..keyword.enabled: "true"

FF - HKLM\software\mozilla\Firefox\extensions\\{3f963a5b-e555-4543-90e2-c3908898db71}: C:\Program Files\AVG\AVG10\Firefox\ [2011/02/05 10:58:39 | 000,000,000 | ---D | M]

[2010/01/30 12:20:42 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Valued Customer\Application Data\Mozilla\Extensions
[2011/03/19 18:26:27 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Valued Customer\Application Data\Mozilla\Firefox\Profiles\caq38897.default\extensions
[2010/10/04 17:30:45 | 000,000,000 | ---D | M] (Facemoods) -- C:\Documents and Settings\Valued Customer\Application Data\Mozilla\Firefox\Profiles\caq38897.default\extensions\[email protected]
[2010/07/19 19:58:30 | 000,000,000 | ---D | M] (ALOT Toolbar) -- C:\Documents and Settings\Valued Customer\Application Data\Mozilla\Firefox\Profiles\caq38897.default\extensions\[email protected]
[2010/06/06 10:39:09 | 000,002,257 | ---- | M] () -- C:\Documents and Settings\Valued Customer\Application Data\Mozilla\Firefox\Profiles\caq38897.default\searchplugins\askcom.xml

O1 HOSTS File: ([2010/01/30 13:50:42 | 000,377,755 | R--- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: 127.0.0.1 www.007guard.com
O1 - Hosts: 127.0.0.1 007guard.com
O1 - Hosts: 127.0.0.1 008i.com
O1 - Hosts: 127.0.0.1 www.008k.com
O1 - Hosts: 127.0.0.1 008k.com
O1 - Hosts: 127.0.0.1 www.00hq.com
O1 - Hosts: 127.0.0.1 00hq.com
O1 - Hosts: 127.0.0.1 010402.com
O1 - Hosts: 127.0.0.1 www.032439.com
O1 - Hosts: 127.0.0.1 032439.com
O1 - Hosts: 127.0.0.1 www.0scan.com
O1 - Hosts: 127.0.0.1 0scan.com
O1 - Hosts: 127.0.0.1 www.1000gratisproben.com
O1 - Hosts: 127.0.0.1 1000gratisproben.com
O1 - Hosts: 127.0.0.1 www.1001namen.com
O1 - Hosts: 127.0.0.1 1001namen.com
O1 - Hosts: 127.0.0.1 www.100888290cs.com
O1 - Hosts: 127.0.0.1 100888290cs.com
O1 - Hosts: 127.0.0.1 www.100sexlinks.com
O1 - Hosts: 127.0.0.1 100sexlinks.com
O1 - Hosts: 127.0.0.1 10sek.com
O1 - Hosts: 127.0.0.1 www.10sek.com
O1 - Hosts: 127.0.0.1 1-2005-search.com
O1 - Hosts: 127.0.0.1 www.1-2005-search.com
O1 - Hosts: 13022 more lines...
O2 - BHO: (&Yahoo! Toolbar Helper) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll (Yahoo! Inc.)
O2 - BHO: (PriceGongBHO Class) - {1631550F-191D-4826-B069-D9439253D926} - C:\Program Files\PriceGong\2.1.0\PriceGongIE.dll (PriceGong)
O2 - BHO: (AVG Safe Search) - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG10\avgssie.dll (AVG Technologies CZ, s.r.o.)
O2 - BHO: (no name) - {C26CD490-5F01-41E3-B150-EB29F19DA056} - No CLSID value found.
O2 - BHO: (no name) - {C4B8BAB4-1667-11DF-A242-BA9455D89593} - No CLSID value found.
O2 - BHO: (SingleInstance Class) - {FDAD4DA1-61A2-4FD8-9C17-86F7AC245081} - C:\Program Files\Yahoo!\Companion\Installs\cpn\YTSingleInstance.dll (Yahoo! Inc)
O3 - HKLM\..\Toolbar: (no name) - {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - No CLSID value found.
O3 - HKLM\..\Toolbar: (Yahoo! Toolbar) - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll (Yahoo! Inc.)
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {4B3803EA-5230-4DC3-A7FC-33638F3D3542} - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {98279C38-DE4B-4BCF-93C9-8EC26069D6F4} - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {D4027C7F-154A-4066-A1AD-4243D8127440} - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {D7E97865-918F-41E4-9CD0-25AB1C574CE8} - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {FD2FD708-1F6F-4B68-B141-C5778F0C19BB} - No CLSID value found.
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Low Rights present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O16 - DPF: {149E45D8-163E-4189-86FC-45022AB2B6C9} file:///C:/Program%20Files/Vacation%20Quest%20-%20The%20Hawaiian%20Islands/Images/stg_drm.ocx (SpinTop DRM Control)
O16 - DPF: {233C1507-6A77-46A4-9443-F871F945D258} http://download.macr...director/sw.cab (Shockwave ActiveX Control)
O16 - DPF: {33E54F7F-561C-49E6-929B-D7E76D3AFEB1} http://www.worldwinn...0/pool/pool.cab (Reg Error: Key error.)
O16 - DPF: {38A5F6F0-0B64-421B-A553-3D49A76ECDCD} http://cdn.exent.com...les.1.0.0.3.cab (Reg Error: Key error.)
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} http://update.micros...b?1264792763093 (WUWebControl Class)
O16 - DPF: {6A060448-60F9-11D5-A6CD-0002B31F7455} (ExentInf Class)
O16 - DPF: {8A94C905-FF9D-43B6-8708-F0F22D22B1CB} http://www.worldwinn...ed/wwlaunch.cab (Reg Error: Key error.)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_23)
O16 - DPF: {8F6E7FB2-E56B-4F66-A4E1-9765D2565280} http://www.worldwinn....0/iewwload.cab (Reg Error: Key error.)
O16 - DPF: {A52FBD2B-7AB3-4F6B-90E3-91C772C5D00F} http://www.worldwinn...v57/wof/wof.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_23)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_23)
O16 - DPF: {CC450D71-CC90-424C-8638-1F2DBAC87A54} file:///C:/Program%20Files/Jigsaw%20Puzzle%20Platinum/Images/armhelper.ocx (ArmHelper Control)
O16 - DPF: {D0C0F75C-683A-4390-A791-1ACFD5599AB8} http://bestbuy.obero...ronGameHost.cab (Reg Error: Key error.)
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.ad...Plus/1.6/gp.cab (Reg Error: Key error.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 207.217.126.81 207.217.77.82
O18 - Protocol\Handler\linkscanner {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG10\avgpp.dll (AVG Technologies CZ, s.r.o.)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - Winlogon\Notify\LMIinit: DllName - LMIinit.dll - C:\WINDOWS\System32\LMIinit.dll (LogMeIn, Inc.)
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2010/01/29 13:40:35 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O34 - HKLM BootExecute: (C:\PROGRA~1\AVG\AVG10\avgchsvx.exe /sync) - C:\Program Files\AVG\AVG10\avgchsvx.exe (AVG Technologies CZ, s.r.o.)
O34 - HKLM BootExecute: (C:\PROGRA~1\AVG\AVG10\avgrsx.exe /sync /restart) - C:\Program Files\AVG\AVG10\avgrsx.exe (AVG Technologies CZ, s.r.o.)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

========== Files/Folders - Created Within 30 Days ==========

[2011/03/24 17:56:59 | 000,580,608 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\Valued Customer\Desktop\OTL.exe
[2011/03/23 17:48:23 | 000,000,000 | ---D | C] -- C:\WINDOWS\pss
[2011/03/22 17:32:34 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\NtmsData
[2011/03/20 18:45:25 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Valued Customer\My Documents\NeroVision
[2011/03/20 18:32:21 | 000,155,648 | ---- | C] (Ahead Software Gmbh) -- C:\WINDOWS\System32\NeroCheck.exe
[2011/03/20 18:31:38 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Nero
[2011/03/20 18:28:09 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Nero
[2011/03/20 18:25:46 | 000,364,544 | ---- | C] (Pegasus Imaging Corp.) -- C:\WINDOWS\System32\TwnLib4.dll
[2011/03/20 18:25:45 | 000,476,320 | ---- | C] (Pegasus Imaging Corp.) -- C:\WINDOWS\System32\ImagXpr7.dll
[2011/03/20 18:25:45 | 000,471,040 | ---- | C] (Pegasus Imaging Corp.) -- C:\WINDOWS\System32\ImagXRA7.dll
[2011/03/20 18:25:45 | 000,262,144 | ---- | C] (Pegasus Imaging Corp.) -- C:\WINDOWS\System32\ImagXR7.dll
[2011/03/20 18:25:44 | 001,568,768 | ---- | C] (Pegasus Imaging Corp.) -- C:\WINDOWS\System32\ImagX7.dll
[2011/03/20 18:25:43 | 000,106,496 | ---- | C] (Pegasus Software) -- C:\WINDOWS\System32\TwnLib20.dll
[2011/03/20 18:25:43 | 000,038,912 | ---- | C] (Pegasus Imaging Corp.) -- C:\WINDOWS\System32\picn20.dll
[2011/03/20 18:25:32 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Ahead
[2011/03/20 18:25:30 | 000,000,000 | ---D | C] -- C:\Program Files\Ahead
[2011/03/19 18:45:53 | 000,000,000 | R--D | C] -- C:\Documents and Settings\Valued Customer\My Documents\Copy of My Pictures
[2011/03/19 18:32:17 | 000,000,000 | RH-D | C] -- C:\Documents and Settings\Valued Customer\Recent
[2011/03/19 18:24:21 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Valued Customer\Application Data\MSNInstaller
[2011/03/16 19:48:46 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Valued Customer\Application Data\MumboJumbo
[2011/03/06 16:33:36 | 000,000,000 | R--D | C] -- C:\Documents and Settings\Valued Customer\My Documents\My Music
[2011/02/26 17:04:21 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Valued Customer\Application Data\Registry Mechanic
[2011/02/26 12:19:06 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\PC Tools
[2011/02/26 12:08:31 | 000,000,000 | ---D | C] -- C:\095289e9c102d39855be
[2011/02/26 11:28:08 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Valued Customer\Application Data\CANON INC
[2011/02/26 11:15:51 | 000,000,000 | ---D | C] -- C:\Program Files\MSBuild
[2011/02/26 11:06:32 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\XPSViewer
[2011/02/26 11:04:42 | 000,000,000 | ---D | C] -- C:\Program Files\Reference Assemblies
[2011/02/26 10:16:24 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Canon
[2 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
[1 C:\Documents and Settings\Valued Customer\My Documents\*.tmp files -> C:\Documents and Settings\Valued Customer\My Documents\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2011/03/24 17:57:03 | 000,580,608 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Valued Customer\Desktop\OTL.exe
[2011/03/24 17:49:42 | 000,446,464 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Valued Customer\Desktop\TFC.exe
[2011/03/24 17:22:41 | 000,000,442 | -H-- | M] () -- C:\WINDOWS\tasks\User_Feed_Synchronization-{8586235F-F18F-4050-9786-44E52D441117}.job
[2011/03/24 17:21:12 | 000,000,900 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
[2011/03/24 17:21:01 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2011/03/23 18:11:00 | 000,000,904 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
[2011/03/23 17:50:16 | 000,000,210 | -HS- | M] () -- C:\boot.ini
[2011/03/23 17:36:53 | 000,001,738 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Adobe Reader 9.lnk
[2011/03/23 17:31:42 | 109,662,389 | ---- | M] () -- C:\WINDOWS\System32\drivers\AVG\incavi.avm
[2011/03/23 17:28:11 | 000,125,607 | ---- | M] () -- C:\WINDOWS\System32\drivers\AVG\iavichjg.avm
[2011/03/23 17:24:13 | 000,013,646 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2011/03/20 19:35:48 | 000,008,535 | ---- | M] () -- C:\Documents and Settings\Valued Customer\My Documents\ISO1.nri
[2011/03/20 19:24:35 | 000,000,069 | ---- | M] () -- C:\WINDOWS\NeroDigital.ini
[2011/03/20 19:00:00 | 000,000,274 | ---- | M] () -- C:\WINDOWS\tasks\RMSchedule.job
[2011/03/20 18:36:47 | 000,001,266 | ---- | M] () -- C:\Documents and Settings\Valued Customer\Application Data\Microsoft\Internet Explorer\Quick Launch\Nero StartSmart.lnk
[2011/03/20 18:36:47 | 000,001,248 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Nero StartSmart.lnk
[2011/03/20 18:36:47 | 000,000,941 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Nero Online Upgrade.lnk
[2011/03/20 08:40:26 | 000,000,104 | ---- | M] () -- C:\Documents and Settings\Valued Customer\Desktop\Internet.lnk
[2011/03/19 18:26:08 | 000,098,256 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2011/03/15 20:16:25 | 000,000,660 | ---- | M] () -- C:\WINDOWS\dellstat.ini
[2011/03/13 07:15:38 | 000,441,362 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
[2011/03/13 07:15:38 | 000,071,258 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
[2 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
[1 C:\Documents and Settings\Valued Customer\My Documents\*.tmp files -> C:\Documents and Settings\Valued Customer\My Documents\*.tmp -> ]

========== Files Created - No Company Name ==========

[2011/03/20 19:35:48 | 000,008,535 | ---- | C] () -- C:\Documents and Settings\Valued Customer\My Documents\ISO1.nri
[2011/03/20 18:37:46 | 000,049,870 | ---- | C] () -- C:\WINDOWS\UNNMP.cfg
[2011/03/20 18:36:47 | 000,001,266 | ---- | C] () -- C:\Documents and Settings\Valued Customer\Application Data\Microsoft\Internet Explorer\Quick Launch\Nero StartSmart.lnk
[2011/03/20 18:36:47 | 000,001,248 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Nero StartSmart.lnk
[2011/03/20 18:32:13 | 000,000,941 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Nero Online Upgrade.lnk
[2011/03/20 18:27:06 | 000,154,581 | ---- | C] () -- C:\WINDOWS\UNNeroVision.cfg
[2011/03/20 08:40:25 | 000,000,104 | ---- | C] () -- C:\Documents and Settings\Valued Customer\Desktop\Internet.lnk
[2011/02/26 12:20:39 | 000,000,274 | ---- | C] () -- C:\WINDOWS\tasks\RMSchedule.job
[2011/01/25 11:55:52 | 000,000,449 | ---- | C] () -- C:\Program Files\0125201110555187.bat
[2011/01/20 11:19:05 | 000,000,434 | ---- | C] () -- C:\Program Files\0120201110190550.bat
[2010/11/14 10:39:34 | 000,000,447 | ---- | C] () -- C:\Program Files\111420109393415.bat
[2010/10/04 09:43:34 | 000,000,138 | ---- | C] () -- C:\Documents and Settings\Valued Customer\Local Settings\Application Data\fusioncache.dat
[2010/08/27 07:48:25 | 000,000,405 | ---- | C] () -- C:\Documents and Settings\Valued Customer\Local Settings\Application Data\Big Bang Checkers Preferences
[2010/08/27 07:44:40 | 000,000,406 | ---- | C] () -- C:\Documents and Settings\Valued Customer\Local Settings\Application Data\Big Bang 4-In-A-Row
[2010/08/22 11:02:31 | 000,000,000 | ---- | C] () -- C:\Documents and Settings\Valued Customer\Local Settings\Application Data\Big Bang Mancala Preferences
[2010/08/22 10:48:20 | 000,000,406 | ---- | C] () -- C:\Documents and Settings\Valued Customer\Local Settings\Application Data\Big Bang Tic-Tac-Toe
[2010/08/04 10:04:28 | 000,000,457 | ---- | C] () -- C:\Program Files\0804201010042773.bat
[2010/07/03 06:34:04 | 000,000,064 | ---- | C] () -- C:\WINDOWS\GPlrLanc.dat
[2010/02/27 16:44:37 | 000,004,096 | ---- | C] () -- C:\WINDOWS\d3dx.dat
[2010/02/21 10:23:59 | 000,000,754 | ---- | C] () -- C:\WINDOWS\WORDPAD.INI
[2010/02/16 14:05:41 | 000,000,151 | ---- | C] () -- C:\WINDOWS\PhotoSnapViewer.INI
[2010/02/09 11:41:07 | 000,000,069 | ---- | C] () -- C:\WINDOWS\NeroDigital.ini
[2010/01/30 23:24:53 | 000,000,660 | ---- | C] () -- C:\WINDOWS\dellstat.ini
[2010/01/30 19:55:06 | 000,016,384 | ---- | C] () -- C:\WINDOWS\System32\iwca.dll
[2010/01/30 13:24:06 | 000,178,176 | ---- | C] () -- C:\WINDOWS\System32\unrar.dll
[2010/01/30 13:24:05 | 000,000,038 | ---- | C] () -- C:\WINDOWS\avisplitter.ini
[2010/01/30 13:24:01 | 003,596,288 | ---- | C] () -- C:\WINDOWS\System32\qt-dx331.dll
[2010/01/30 13:23:57 | 000,085,504 | ---- | C] () -- C:\WINDOWS\System32\ff_vfw.dll
[2010/01/30 12:20:39 | 000,000,000 | ---- | C] () -- C:\WINDOWS\nsreg.dat
[2010/01/29 13:43:53 | 000,002,048 | --S- | C] () -- C:\WINDOWS\bootstat.dat
[2010/01/29 13:36:37 | 000,021,640 | ---- | C] () -- C:\WINDOWS\System32\emptyregdb.dat
[2010/01/29 07:26:28 | 000,004,161 | ---- | C] () -- C:\WINDOWS\ODBCINST.INI
[2010/01/29 07:25:00 | 000,098,256 | ---- | C] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2008/04/14 07:00:00 | 013,107,200 | ---- | C] () -- C:\WINDOWS\System32\oembios.bin
[2008/04/14 07:00:00 | 000,673,088 | ---- | C] () -- C:\WINDOWS\System32\mlang.dat
[2008/04/14 07:00:00 | 000,441,362 | ---- | C] () -- C:\WINDOWS\System32\perfh009.dat
[2008/04/14 07:00:00 | 000,272,128 | ---- | C] () -- C:\WINDOWS\System32\perfi009.dat
[2008/04/14 07:00:00 | 000,218,003 | ---- | C] () -- C:\WINDOWS\System32\dssec.dat
[2008/04/14 07:00:00 | 000,071,258 | ---- | C] () -- C:\WINDOWS\System32\perfc009.dat
[2008/04/14 07:00:00 | 000,046,258 | ---- | C] () -- C:\WINDOWS\System32\mib.bin
[2008/04/14 07:00:00 | 000,028,626 | ---- | C] () -- C:\WINDOWS\System32\perfd009.dat
[2008/04/14 07:00:00 | 000,004,569 | ---- | C] () -- C:\WINDOWS\System32\secupd.dat
[2008/04/14 07:00:00 | 000,004,461 | ---- | C] () -- C:\WINDOWS\System32\oembios.dat
[2008/04/14 07:00:00 | 000,001,804 | ---- | C] () -- C:\WINDOWS\System32\Dcache.bin
[2008/04/14 07:00:00 | 000,000,741 | ---- | C] () -- C:\WINDOWS\System32\noise.dat
[2006/01/19 03:34:04 | 000,049,152 | ---- | C] () -- C:\WINDOWS\System32\sis660.bin
[2005/10/07 08:13:36 | 000,065,536 | ---- | C] () -- C:\WINDOWS\System32\sis760.bin
[2005/10/07 08:13:36 | 000,065,536 | ---- | C] () -- C:\WINDOWS\System32\sis741.bin
[2001/04/02 20:21:52 | 000,413,760 | ---- | C] () -- C:\WINDOWS\System32\MPG4c32.dll

========== LOP Check ==========

[2010/08/06 21:09:44 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\7Wonders2
[2010/04/20 09:42:59 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Alawar Stargaze
[2010/02/02 09:42:55 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Arkadium
[2011/02/05 10:58:17 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\AVG10
[2010/12/04 20:50:13 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\avg9
[2011/03/19 17:43:12 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Big Fish Games
[2010/06/14 20:27:53 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\cerasus.media
[2010/10/16 14:56:10 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Application Data\Common Files
[2010/05/10 19:37:29 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Deadtime Stories
[2010/03/23 13:20:39 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\EdensQuest
[2010/07/18 16:04:24 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\EmailNotifier
[2010/03/30 15:52:56 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\FarmFrenzy3_Arctica
[2010/05/12 07:00:14 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Fenomen Games
[2010/12/29 17:36:39 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\FireGlow
[2010/10/12 19:05:32 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Free Ride Games
[2010/02/19 19:23:53 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Fugazo
[2010/03/20 19:00:42 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\GameBlend
[2010/02/24 19:47:43 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\GameHouse
[2010/05/21 05:53:53 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Grey Alien Games
[2010/03/01 08:02:22 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\HideAndSecret3
[2010/12/09 15:57:37 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\iWin Games
[2010/02/13 18:09:51 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\JollyBear
[2010/05/08 19:47:55 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\KrissX
[2010/01/30 18:07:04 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\LightScribe
[2010/02/18 11:22:54 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\LocusGames
[2010/10/04 15:42:22 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Ludia
[2010/02/24 11:25:56 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Merscom
[2011/02/05 10:42:27 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\MFAData
[2011/03/16 19:48:46 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\MumboJumbo
[2010/10/13 20:51:44 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\MyHeritage
[2010/01/31 17:20:36 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\n7-89-o9-3r-4t-r9
[2010/06/16 06:14:53 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\NeoEdge Networks
[2011/01/04 10:00:59 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Oberon Media
[2010/05/22 21:03:13 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\PlayFirst
[2010/03/09 11:36:03 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\PoBros
[2010/06/19 05:50:04 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\rionix
[2010/04/05 07:23:23 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Sandlot Games
[2010/10/21 16:38:11 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\SpinTop
[2010/05/23 08:54:47 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\SulusGames
[2010/07/18 05:26:27 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\T1 Games
[2010/06/23 10:41:32 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\TeleportGamesLtd
[2011/02/26 17:05:56 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\TEMP
[2010/10/04 17:37:39 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Winferno
[2010/10/01 20:37:18 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\WorldWinner
[2010/02/01 10:58:19 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Zylom
[2010/01/30 13:19:09 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\{755AC846-7372-4AC8-8550-C52491DAA8BD}
[2010/10/04 18:40:46 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Valued Customer\Application Data\Alawar
[2011/01/27 20:41:27 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Valued Customer\Application Data\alot
[2010/03/17 10:17:44 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Valued Customer\Application Data\Arkadium
[2010/04/24 08:05:51 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Valued Customer\Application Data\Auslogics
[2010/10/16 16:07:22 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Valued Customer\Application Data\AVG
[2010/10/16 15:22:26 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Valued Customer\Application Data\AVG10
[2010/05/25 06:36:38 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Valued Customer\Application Data\Beep Industries
[2010/05/24 10:24:55 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Valued Customer\Application Data\Big Fish Games
[2010/06/05 10:13:22 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Valued Customer\Application Data\Boomzap
[2010/02/27 16:45:16 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Valued Customer\Application Data\Camel101
[2010/06/14 20:27:49 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Valued Customer\Application Data\cerasus.media
[2010/06/02 13:49:13 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Valued Customer\Application Data\Chains
[2011/01/10 18:33:46 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Valued Customer\Application Data\Clickteam
[2010/07/18 19:04:18 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Valued Customer\Application Data\Clip Art Collection
[2010/05/13 10:54:41 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Valued Customer\Application Data\com.adobe.mauby.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1
[2010/10/04 17:33:47 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Valued Customer\Application Data\com.zoosk.Desktop.096E6A67431258A508A2446A847B240591D2C99B.1
[2010/06/21 20:39:22 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Valued Customer\Application Data\Dragon Altar Games
[2010/05/01 16:33:43 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Valued Customer\Application Data\EcoRescue
[2010/08/08 07:01:14 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Valued Customer\Application Data\Enlightenus2_BFG
[2010/02/06 11:26:25 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Valued Customer\Application Data\Enlightenus_Real
[2010/10/04 17:33:13 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Valued Customer\Application Data\facemoods.com
[2010/06/12 13:54:58 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Valued Customer\Application Data\Fugazo
[2010/10/21 19:08:47 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Valued Customer\Application Data\funkitron
[2010/03/20 19:00:42 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Valued Customer\Application Data\GameBlend
[2010/02/01 16:24:52 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Valued Customer\Application Data\GameHousev1002
[2010/04/14 17:00:17 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Valued Customer\Application Data\Gold Casual Games
[2010/03/02 21:20:53 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Valued Customer\Application Data\HiT-MM
[2011/03/17 18:44:50 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Valued Customer\Application Data\Hoyle FaceCreator
[2011/03/17 19:50:02 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Valued Customer\Application Data\Hoyle Puzzle and Board Games
[2010/12/09 15:57:39 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Valued Customer\Application Data\iWin
[2010/07/14 10:44:07 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Valued Customer\Application Data\KranX Productions
[2010/05/11 10:28:18 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Valued Customer\Application Data\Lazy Turtle Games
[2010/03/26 18:29:40 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Valued Customer\Application Data\Little Worlds Online
[2010/02/18 11:22:54 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Valued Customer\Application Data\LocusGames
[2010/10/05 21:49:27 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Valued Customer\Application Data\Ludia
[2010/02/22 19:46:36 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Valued Customer\Application Data\MagicBall4
[2010/12/09 11:37:09 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Valued Customer\Application Data\Masque
[2010/02/02 10:39:01 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Valued Customer\Application Data\MB3
[2010/02/23 13:14:07 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Valued Customer\Application Data\MB4
[2010/02/24 11:25:56 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Valued Customer\Application Data\Merscom
[2011/03/19 18:24:21 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Valued Customer\Application Data\MSNInstaller
[2011/03/16 19:48:46 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Valued Customer\Application Data\MumboJumbo
[2010/08/20 23:29:04 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Valued Customer\Application Data\myfreezetoolbar
[2010/10/13 20:51:44 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Valued Customer\Application Data\MyHeritage
[2011/01/31 15:16:41 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Valued Customer\Application Data\Namco
[2011/02/05 10:24:11 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Valued Customer\Application Data\Oberon Media
[2010/07/29 08:47:12 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Valued Customer\Application Data\Orneon
[2010/03/03 11:51:10 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Valued Customer\Application Data\Pharaohs Secret
[2010/05/10 06:59:02 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Valued Customer\Application Data\PlayFirst
[2010/03/09 11:36:03 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Valued Customer\Application Data\PoBros
[2010/06/28 10:59:03 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Valued Customer\Application Data\Pogo Games
[2011/03/24 17:58:35 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Valued Customer\Application Data\PriceGong
[2011/02/26 17:04:21 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Valued Customer\Application Data\Registry Mechanic
[2011/01/14 10:14:10 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Valued Customer\Application Data\simppulltoolbar
[2010/02/02 10:34:45 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Valued Customer\Application Data\SmashFrenzy3
[2010/02/23 12:11:30 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Valued Customer\Application Data\SmashFrenzy4
[2010/10/21 16:38:11 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Valued Customer\Application Data\SpinTop
[2010/10/21 11:47:35 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Valued Customer\Application Data\SpinTop Games
[2010/07/15 20:31:41 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Valued Customer\Application Data\SquareLogic
[2010/05/23 08:54:47 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Valued Customer\Application Data\SulusGames
[2010/06/23 10:41:32 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Valued Customer\Application Data\TeleportGamesLtd
[2010/07/19 03:16:29 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Valued Customer\Application Data\Titanium Gears
[2010/02/15 09:52:17 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Valued Customer\Application Data\VTExtra
[2010/07/18 16:04:55 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Valued Customer\Application Data\WeatherBug
[2010/04/03 14:07:37 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Valued Customer\Application Data\Western Software Technologies
[2010/07/08 18:42:45 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Valued Customer\Application Data\Zylom
[2011/03/20 19:00:00 | 000,000,274 | ---- | M] () -- C:\WINDOWS\Tasks\RMSchedule.job
[2011/03/24 17:22:41 | 000,000,442 | -H-- | M] () -- C:\WINDOWS\Tasks\User_Feed_Synchronization-{8586235F-F18F-4050-9786-44E52D441117}.job

========== Purity Check ==========



========== Alternate Data Streams ==========

@Alternate Data Stream - 96 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:52B72A7C
@Alternate Data Stream - 94 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:B7F2E188
@Alternate Data Stream - 94 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:9D7DCAE4
@Alternate Data Stream - 250 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:0B352B60
@Alternate Data Stream - 207 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:34FC1C45
@Alternate Data Stream - 195 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:F7124EAF
@Alternate Data Stream - 176 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:DA2524F0
@Alternate Data Stream - 153 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:FCB70953
@Alternate Data Stream - 151 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:3DBE461A
@Alternate Data Stream - 149 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:FEF919E6
@Alternate Data Stream - 149 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:64170090
@Alternate Data Stream - 148 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:956EC010
@Alternate Data Stream - 147 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:C8591AF9
@Alternate Data Stream - 147 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:445352A1
@Alternate Data Stream - 147 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:1A3FC1C4
@Alternate Data Stream - 146 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:CBAC4FD8
@Alternate Data Stream - 146 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:99A72E3A
@Alternate Data Stream - 144 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:DF8984AC
@Alternate Data Stream - 144 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:C76CFF82
@Alternate Data Stream - 144 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:753F86A9
@Alternate Data Stream - 144 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:24AB14E7
@Alternate Data Stream - 143 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:A2FF62A6
@Alternate Data Stream - 142 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:ED705107
@Alternate Data Stream - 141 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:6987107A
@Alternate Data Stream - 141 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:56EE2CAF
@Alternate Data Stream - 141 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:50308CED
@Alternate Data Stream - 141 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:4F7FE589
@Alternate Data Stream - 141 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:1AE68282
@Alternate Data Stream - 141 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:1079C01D
@Alternate Data Stream - 140 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:93F33FB9
@Alternate Data Stream - 139 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:E6CCB309
@Alternate Data Stream - 139 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:3AF262FC
@Alternate Data Stream - 137 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:5BDD0820
@Alternate Data Stream - 137 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:05670151
@Alternate Data Stream - 136 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:F6DD01C6
@Alternate Data Stream - 136 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:63A71C6F
@Alternate Data Stream - 136 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:5E748D4C
@Alternate Data Stream - 135 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:C43BFB01
@Alternate Data Stream - 135 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:8AD1F2E0
@Alternate Data Stream - 134 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:82C50600
@Alternate Data Stream - 133 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:FEECF2C8
@Alternate Data Stream - 132 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:0441DB7A
@Alternate Data Stream - 130 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:EAF954B6
@Alternate Data Stream - 130 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:EA1919C7
@Alternate Data Stream - 130 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:9D6EAEC3
@Alternate Data Stream - 129 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:F94CB4DD
@Alternate Data Stream - 129 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:93EB7685
@Alternate Data Stream - 127 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:DB779A93
@Alternate Data Stream - 127 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:B110897C
@Alternate Data Stream - 126 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:E7220DEE
@Alternate Data Stream - 126 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:D3A89E47
@Alternate Data Stream - 126 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:062B5EB4
@Alternate Data Stream - 125 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:93EC675B
@Alternate Data Stream - 124 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:ACCFA538
@Alternate Data Stream - 124 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:53DF4438
@Alternate Data Stream - 124 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:3F692B26
@Alternate Data Stream - 124 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:0B4227B4
@Alternate Data Stream - 124 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:029E021F
@Alternate Data Stream - 122 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:49BE0F68
@Alternate Data Stream - 122 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:21F28B00
@Alternate Data Stream - 120 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:372A7EB3
@Alternate Data Stream - 119 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:B3938129
@Alternate Data Stream - 119 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:AECF4772
@Alternate Data Stream - 118 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:F68CB977
@Alternate Data Stream - 118 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:78AFAE94
@Alternate Data Stream - 116 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:A1165550
@Alternate Data Stream - 115 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:FAEAE395
@Alternate Data Stream - 115 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:EDDF646C
@Alternate Data Stream - 114 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:4111E573
@Alternate Data Stream - 114 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:09708CB7
@Alternate Data Stream - 112 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:C25D218B
@Alternate Data Stream - 111 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:F92AD177
@Alternate Data Stream - 111 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:20E32CC7
@Alternate Data Stream - 111 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:0CE0AE44
@Alternate Data Stream - 110 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:8DFE5191
@Alternate Data Stream - 109 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:109D64EB
@Alternate Data Stream - 108 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:93F3E4C9
@Alternate Data Stream - 108 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:3572BAC0
@Alternate Data Stream - 107 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:AFFC859A
@Alternate Data Stream - 106 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:EDD903C5
@Alternate Data Stream - 105 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:3595B780
@Alternate Data Stream - 104 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:D1B5B4F1
@Alternate Data Stream - 104 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:8668AB36
@Alternate Data Stream - 103 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:BEE8C8B8
@Alternate Data Stream - 103 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:0D4A6333
@Alternate Data Stream - 101 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:DEEA5B0E
@Alternate Data Stream - 101 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:573DC2A3
@Alternate Data Stream - 101 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:00C3A74E

< End of report >

Edited by greghoffman, 24 March 2011 - 05:19 PM.

  • 0

Advertisements

Back to Virus, Spyware, Malware Removal · Next Unread Topic →




Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

  1. Geeks to Go Community
  2. Security
  3. Virus, Spyware, Malware Removal

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP