extremely slow computer
Started by
greghoffman
, May 04 2011 12:00 PM
#61
Posted 07 May 2011 - 08:01 AM
#62
Posted 07 May 2011 - 08:03 AM
Short answer - NO
Did you get it down or shall I attach a copy for you
Did you get it down or shall I attach a copy for you
#63
Posted 07 May 2011 - 08:06 AM
i'm still waiting on it...it's at 3%...shall i download the zipfile instead?
#64
Posted 07 May 2011 - 08:07 AM
Yep download the zip file - methinks you have a problem with this computer
#65
Posted 07 May 2011 - 08:11 AM
mbr log
aswMBR version 0.9.5.256 Copyright© 2011 AVAST Software
Run date: 2011-05-07 09:07:45
-----------------------------
09:07:45.265 OS Version: Windows 5.1.2600 Service Pack 3
09:07:45.265 Number of processors: 1 586 0x2402
09:07:45.281 ComputerName: GREG-3BDFF4E7CC UserName: greg & jacki
09:07:47.656 Initialize success
09:08:31.234 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IdeDeviceP0T0L0-3
09:08:31.234 Disk 0 Vendor: HTS541080G9AT00 MB4OA60A Size: 76319MB BusType: 3
09:08:33.250 Disk 0 MBR read successfully
09:08:33.250 Disk 0 MBR scan
09:08:33.250 Disk 0 Windows XP default MBR code
09:08:35.250 Disk 0 scanning sectors +156280320
09:08:35.265 Disk 0 scanning C:\WINDOWS\system32\drivers
09:08:47.781 Service scanning
09:08:48.984 Disk 0 trace - called modules:
09:08:49.000 ntkrnlpa.exe CLASSPNP.SYS disk.sys ACPI.sys hal.dll atapi.sys pciide.sys PCIIDEX.SYS
09:08:49.000 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0x85192030]
09:08:49.000 3 CLASSPNP.SYS[f7542fd7] -> nt!IofCallDriver -> \Device\00000074[0x85194d80]
09:08:49.000 5 ACPI.sys[f73b9620] -> nt!IofCallDriver -> \Device\Ide\IdeDeviceP0T0L0-3[0x85195b58]
09:08:49.000 Scan finished successfully
09:09:29.312 Disk 0 MBR has been saved successfully to "C:\Documents and Settings\greg & jacki\Desktop\MBR.dat"
09:09:29.312 The log file has been saved successfully to "C:\Documents and Settings\greg & jacki\Desktop\aswMBR.txt"
aswMBR version 0.9.5.256 Copyright© 2011 AVAST Software
Run date: 2011-05-07 09:07:45
-----------------------------
09:07:45.265 OS Version: Windows 5.1.2600 Service Pack 3
09:07:45.265 Number of processors: 1 586 0x2402
09:07:45.281 ComputerName: GREG-3BDFF4E7CC UserName: greg & jacki
09:07:47.656 Initialize success
09:08:31.234 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IdeDeviceP0T0L0-3
09:08:31.234 Disk 0 Vendor: HTS541080G9AT00 MB4OA60A Size: 76319MB BusType: 3
09:08:33.250 Disk 0 MBR read successfully
09:08:33.250 Disk 0 MBR scan
09:08:33.250 Disk 0 Windows XP default MBR code
09:08:35.250 Disk 0 scanning sectors +156280320
09:08:35.265 Disk 0 scanning C:\WINDOWS\system32\drivers
09:08:47.781 Service scanning
09:08:48.984 Disk 0 trace - called modules:
09:08:49.000 ntkrnlpa.exe CLASSPNP.SYS disk.sys ACPI.sys hal.dll atapi.sys pciide.sys PCIIDEX.SYS
09:08:49.000 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0x85192030]
09:08:49.000 3 CLASSPNP.SYS[f7542fd7] -> nt!IofCallDriver -> \Device\00000074[0x85194d80]
09:08:49.000 5 ACPI.sys[f73b9620] -> nt!IofCallDriver -> \Device\Ide\IdeDeviceP0T0L0-3[0x85195b58]
09:08:49.000 Scan finished successfully
09:09:29.312 Disk 0 MBR has been saved successfully to "C:\Documents and Settings\greg & jacki\Desktop\MBR.dat"
09:09:29.312 The log file has been saved successfully to "C:\Documents and Settings\greg & jacki\Desktop\aswMBR.txt"
#66
Posted 07 May 2011 - 08:13 AM
Do you have the same download problems with OTL or is that OK
#67
Posted 07 May 2011 - 08:17 AM
its running now...this machine has a hard time running 2 programs at the same time
#68
Posted 07 May 2011 - 08:24 AM
otl logs
OTL logfile created on: 5/7/2011 9:13:22 AM - Run 1
OTL by OldTimer - Version 3.2.22.3 Folder = C:\Documents and Settings\greg & jacki\Desktop
Windows XP Home Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy
479.00 Mb Total Physical Memory | 95.00 Mb Available Physical Memory | 20.00% Memory free
1.00 Gb Paging File | 1.00 Gb Available in Paging File | 63.00% Paging File free
Paging file location(s): C:\pagefile.sys 720 1440 [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 74.52 Gb Total Space | 57.78 Gb Free Space | 77.54% Space Free | Partition Type: NTFS
Drive D: | 41.94 Mb Total Space | 0.00 Mb Free Space | 0.00% Space Free | Partition Type: CDFS
Computer Name: GREG-3BDFF4E7CC | User Name: greg & jacki | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Quick Scan
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days
========== Processes (SafeList) ==========
PRC - [2011/05/07 09:10:15 | 000,580,608 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\greg & jacki\Desktop\OTL.exe
PRC - [2011/02/17 06:21:58 | 002,190,688 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG10\avgtray.exe
PRC - [2011/02/15 05:38:06 | 007,421,280 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG10\Identity Protection\Agent\Bin\AVGIDSAgent.exe
PRC - [2011/02/11 06:25:52 | 001,080,672 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG10\avgnsx.exe
PRC - [2011/02/10 07:55:18 | 001,148,256 | ---- | M] () -- C:\Program Files\AVG\AVG10\Identity Protection\Agent\Bin\AVGIDSMonitor.exe
PRC - [2011/02/08 05:33:42 | 000,269,520 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG10\avgwdsvc.exe
PRC - [2011/02/08 05:33:20 | 000,658,784 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG10\avgrsx.exe
PRC - [2011/02/08 05:32:52 | 001,025,376 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG10\avgemcx.exe
PRC - [2011/02/08 05:32:48 | 000,351,072 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG10\avgcsrvx.exe
PRC - [2011/02/08 05:32:46 | 000,656,736 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG10\avgchsvx.exe
PRC - [2008/04/13 19:12:19 | 001,033,728 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
PRC - [2005/05/31 23:46:16 | 000,401,408 | ---- | M] (Intel Corporation) -- C:\Program Files\Intel\Wireless\Bin\ZCfgSvc.exe
========== Modules (SafeList) ==========
MOD - [2011/05/07 09:10:15 | 000,580,608 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\greg & jacki\Desktop\OTL.exe
MOD - [2010/08/23 11:12:02 | 001,054,208 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.6028_x-ww_61e65202\comctl32.dll
========== Win32 Services (SafeList) ==========
SRV - File not found [On_Demand | Stopped] -- -- (AppMgmt)
SRV - [2011/02/15 05:38:06 | 007,421,280 | ---- | M] (AVG Technologies CZ, s.r.o.) [Auto | Running] -- C:\Program Files\AVG\AVG10\Identity Protection\Agent\Bin\AVGIDSAgent.exe -- (AVGIDSAgent)
SRV - [2011/02/08 05:33:42 | 000,269,520 | ---- | M] (AVG Technologies CZ, s.r.o.) [Auto | Running] -- C:\Program Files\AVG\AVG10\avgwdsvc.exe -- (avgwd)
SRV - [2009/09/08 17:25:52 | 000,096,334 | ---- | M] (Canon Inc.) [Disabled | Stopped] -- C:\Program Files\Canon\CAL\CALMAIN.exe -- (CCALib8)
SRV - [2008/04/13 19:12:35 | 000,073,796 | ---- | M] (Smart Link) [Disabled | Stopped] -- C:\WINDOWS\System32\slserv.exe -- (SLService)
SRV - [2005/05/31 23:50:16 | 000,098,304 | ---- | M] (Intel Corporation) [Disabled | Stopped] -- C:\Program Files\Intel\Wireless\Bin\OProtSvc.exe -- (OwnershipProtocol)
========== Driver Services (SafeList) ==========
DRV - [2011/03/30 17:17:22 | 000,134,480 | ---- | M] (AVG Technologies CZ, s.r.o. ) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\AVGIDSDriver.sys -- (AVGIDSDriver)
DRV - [2011/03/01 14:25:18 | 000,034,896 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | System | Running] -- C:\WINDOWS\system32\drivers\avgmfx86.sys -- (Avgmfx86)
DRV - [2011/02/22 08:13:02 | 000,022,992 | ---- | M] (AVG Technologies CZ, s.r.o. ) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\AVGIDSEH.Sys -- (AVGIDSEH)
DRV - [2011/02/10 07:54:00 | 000,296,400 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\avgtdix.sys -- (Avgtdix)
DRV - [2011/02/10 07:53:54 | 000,027,216 | ---- | M] (AVG Technologies CZ, s.r.o. ) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\AVGIDSShim.sys -- (AVGIDSShim)
DRV - [2011/02/10 07:53:52 | 000,024,144 | ---- | M] (AVG Technologies CZ, s.r.o. ) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\AVGIDSFilter.sys -- (AVGIDSFilter)
DRV - [2011/01/19 04:32:56 | 000,032,464 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\avgrkx86.sys -- (Avgrkx86)
DRV - [2011/01/07 06:41:46 | 000,248,656 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\avgldx86.sys -- (Avgldx86)
DRV - [2010/10/26 04:12:36 | 000,019,200 | ---- | M] (Silicon Integrated Systems Corporation) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\srvkp.sys -- (SiSkp)
DRV - [2010/10/26 03:39:24 | 000,325,120 | ---- | M] (Silicon Integrated Systems Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\sisgrp.sys -- (SiS315)
DRV - [2005/05/03 08:03:54 | 000,011,354 | ---- | M] (Intel Corporation) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\s24trans.sys -- (s24trans)
DRV - [2005/04/30 17:01:56 | 003,281,408 | ---- | M] (Intel® Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\w29n51.sys -- (w29n51) Intel®
DRV - [2005/04/08 11:48:18 | 000,179,968 | ---- | M] (VIA Technologies, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\vinyl97.sys -- (VIAudio) Vinyl AC'97 Audio Controller (WDM)
DRV - [2004/08/12 09:44:04 | 000,234,496 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\iwca.sys -- (IWCA)
DRV - [2004/08/03 17:41:46 | 000,095,424 | ---- | M] (Smart Link) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\slnthal.sys -- (SlNtHal)
DRV - [2004/08/03 17:41:46 | 000,013,240 | ---- | M] (Smart Link) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\slwdmsup.sys -- (SlWdmSup)
DRV - [2004/08/03 17:41:44 | 000,404,990 | ---- | M] (Smart Link) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\slntamr.sys -- (Slntamr)
DRV - [2004/08/03 17:41:40 | 000,180,360 | ---- | M] (Smart Link) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ntmtlfax.sys -- (NtMtlFax)
DRV - [2004/08/03 17:41:40 | 000,126,686 | ---- | M] (Smart Link) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\mtlmnt5.sys -- (Mtlmnt5)
DRV - [2004/08/03 17:41:40 | 000,013,776 | ---- | M] (Smart Link) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\RecAgent.sys -- (RecAgent)
DRV - [2004/08/03 17:41:38 | 001,309,184 | ---- | M] (Smart Link) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\mtlstrm.sys -- (Mtlstrm)
DRV - [2004/08/03 17:31:36 | 000,032,768 | ---- | M] (SiS Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\sisnic.sys -- (SISNIC)
========== Standard Registry (SafeList) ==========
========== Internet Explorer ==========
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-583907252-630328440-682003330-1004\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.yahoo.com/
IE - HKU\S-1-5-21-583907252-630328440-682003330-1004\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
FF - HKLM\software\mozilla\Firefox\Extensions\\{1E73965B-8B48-48be-9C8D-68B920ABC1C4}: C:\Program Files\AVG\AVG10\Firefox4\ [2011/05/06 19:29:39 | 000,000,000 | ---D | M]
O1 HOSTS File: ([2006/02/28 07:00:00 | 000,000,734 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (AVG Safe Search) - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG10\avgssie.dll (AVG Technologies CZ, s.r.o.)
O4 - HKLM..\Run: [AVG_TRAY] C:\Program Files\AVG\AVG10\avgtray.exe (AVG Technologies CZ, s.r.o.)
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Low Rights present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-21-583907252-630328440-682003330-1004\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O16 - DPF: {233C1507-6A77-46A4-9443-F871F945D258} http://download.macr...director/sw.cab (Shockwave ActiveX Control)
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} http://www.update.mi...b?1301171736593 (MUWebControl Class)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_24)
O16 - DPF: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_24)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_24)
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.ad...Plus/1.6/gp.cab (Reg Error: Key error.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 207.217.126.81 207.217.77.82
O18 - Protocol\Handler\linkscanner {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG10\avgpp.dll (AVG Technologies CZ, s.r.o.)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - Winlogon\Notify\IntelWireless: DllName - C:\Program Files\Intel\Wireless\Bin\LgNotify.dll - C:\Program Files\Intel\Wireless\Bin\LgNotify.dll (Intel Corporation)
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2010/01/29 13:40:35 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O32 - AutoRun File - [2010/08/26 11:15:43 | 000,000,056 | R--- | M] () - D:\autorun.inf -- [ CDFS ]
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O34 - HKLM BootExecute: (C:\PROGRA~1\AVG\AVG10\avgchsvx.exe /sync) - C:\Program Files\AVG\AVG10\avgchsvx.exe (AVG Technologies CZ, s.r.o.)
O34 - HKLM BootExecute: (C:\PROGRA~1\AVG\AVG10\avgrsx.exe /sync /restart) - C:\Program Files\AVG\AVG10\avgrsx.exe (AVG Technologies CZ, s.r.o.)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
NetSvcs: 6to4 - File not found
NetSvcs: AppMgmt - File not found
NetSvcs: Ias - File not found
NetSvcs: Iprip - File not found
NetSvcs: Irmon - File not found
NetSvcs: NWCWorkstation - File not found
NetSvcs: Nwsapagent - File not found
NetSvcs: WmdmPmSp - File not found
CREATERESTOREPOINT
Restore point Set: OTL Restore Point (16902109354000384)
========== Files/Folders - Created Within 30 Days ==========
[2011/05/07 09:10:10 | 000,580,608 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\greg & jacki\Desktop\OTL.exe
[2011/05/07 08:44:13 | 000,000,000 | RH-D | C] -- C:\Documents and Settings\greg & jacki\Recent
[2011/05/04 18:31:44 | 000,000,000 | ---D | C] -- C:\Documents and Settings\greg & jacki\Local Settings\Application Data\Ahead
[2011/05/04 18:14:38 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users.WINDOWS\Application Data\Ahead
[2011/05/03 17:59:55 | 000,000,000 | ---D | C] -- C:\Documents and Settings\greg & jacki\My Documents\Slingo Quest Hawaii Documents
[2011/05/02 17:11:46 | 000,000,000 | ---D | C] -- C:\Documents and Settings\greg & jacki\My Documents\Slingo Quest Documents
[2011/05/02 17:11:46 | 000,000,000 | ---D | C] -- C:\Documents and Settings\greg & jacki\Application Data\funkitron
[2011/05/01 15:09:51 | 000,000,000 | ---D | C] -- C:\Documents and Settings\greg & jacki\Local Settings\Application Data\Identities
[2011/04/16 18:14:13 | 000,000,000 | ---D | C] -- C:\Documents and Settings\greg & jacki\Local Settings\Application Data\Temp
[2011/04/16 18:05:37 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users.WINDOWS\Application Data\Adobe
[2011/04/16 18:05:10 | 000,000,000 | ---D | C] -- C:\Documents and Settings\greg & jacki\Local Settings\Application Data\Adobe
[5 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
========== Files - Modified Within 30 Days ==========
[2011/05/07 09:10:57 | 114,392,365 | ---- | M] () -- C:\WINDOWS\System32\drivers\AVG\incavi.avm
[2011/05/07 09:10:15 | 000,580,608 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\greg & jacki\Desktop\OTL.exe
[2011/05/07 09:09:29 | 000,000,512 | ---- | M] () -- C:\Documents and Settings\greg & jacki\Desktop\MBR.dat
[2011/05/07 09:07:17 | 000,300,787 | ---- | M] () -- C:\Documents and Settings\greg & jacki\Desktop\aswMBR.zip
[2011/05/07 07:33:35 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2011/05/06 19:29:41 | 000,000,699 | ---- | M] () -- C:\Documents and Settings\All Users.WINDOWS\Desktop\AVG 2011.lnk
[2011/05/05 17:59:50 | 000,463,172 | ---- | M] () -- C:\Documents and Settings\greg & jacki\My Documents\2011-kentucky-derby-pps.pdf
[2011/05/04 18:56:20 | 000,000,813 | ---- | M] () -- C:\Documents and Settings\greg & jacki\Application Data\Microsoft\Internet Explorer\Quick Launch\Windows Media Player.lnk
[2011/05/04 18:44:20 | 000,142,068 | ---- | M] () -- C:\WINDOWS\System32\drivers\AVG\iavichjg.avm
[2011/05/04 18:16:44 | 000,316,640 | ---- | M] () -- C:\WINDOWS\WMSysPr9.prx
[2011/05/02 17:10:26 | 000,001,903 | ---- | M] () -- C:\Documents and Settings\greg & jacki\Desktop\MumboJumbo.com - Premium Casual Games.lnk
[2011/05/02 17:10:26 | 000,000,911 | ---- | M] () -- C:\Documents and Settings\greg & jacki\Desktop\Slingo Quest Hawaii.lnk
[2011/05/02 17:10:09 | 000,000,857 | ---- | M] () -- C:\Documents and Settings\greg & jacki\Desktop\Slingo Quest.lnk
[2011/04/28 20:28:32 | 000,000,664 | ---- | M] () -- C:\WINDOWS\System32\d3d9caps.dat
[2011/04/27 18:05:22 | 000,002,206 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2011/04/17 13:19:56 | 000,000,211 | -HS- | M] () -- C:\boot.ini
[2011/04/16 18:12:31 | 000,001,743 | ---- | M] () -- C:\Documents and Settings\All Users.WINDOWS\Desktop\Adobe Reader X.lnk
[2011/04/13 19:03:41 | 000,095,072 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2011/04/13 18:57:33 | 000,432,594 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
[2011/04/13 18:57:33 | 000,067,510 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
[5 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
========== Files Created - No Company Name ==========
[2011/05/07 09:09:29 | 000,000,512 | ---- | C] () -- C:\Documents and Settings\greg & jacki\Desktop\MBR.dat
[2011/05/07 09:07:15 | 000,300,787 | ---- | C] () -- C:\Documents and Settings\greg & jacki\Desktop\aswMBR.zip
[2011/05/05 17:59:50 | 000,463,172 | ---- | C] () -- C:\Documents and Settings\greg & jacki\My Documents\2011-kentucky-derby-pps.pdf
[2011/05/04 18:56:20 | 000,000,813 | ---- | C] () -- C:\Documents and Settings\greg & jacki\Application Data\Microsoft\Internet Explorer\Quick Launch\Windows Media Player.lnk
[2011/05/03 18:12:00 | 000,049,152 | ---- | C] () -- C:\WINDOWS\InstFunc.exe
[2011/05/02 17:10:26 | 000,000,911 | ---- | C] () -- C:\Documents and Settings\greg & jacki\Desktop\Slingo Quest Hawaii.lnk
[2011/05/02 17:10:10 | 000,001,903 | ---- | C] () -- C:\Documents and Settings\greg & jacki\Desktop\MumboJumbo.com - Premium Casual Games.lnk
[2011/05/02 17:10:09 | 000,000,857 | ---- | C] () -- C:\Documents and Settings\greg & jacki\Desktop\Slingo Quest.lnk
[2011/04/16 18:12:31 | 000,001,743 | ---- | C] () -- C:\Documents and Settings\All Users.WINDOWS\Desktop\Adobe Reader X.lnk
[2011/04/16 18:12:25 | 000,001,804 | ---- | C] () -- C:\Documents and Settings\All Users.WINDOWS\Start Menu\Programs\Adobe Reader X.lnk
[2011/03/26 20:14:02 | 000,000,552 | ---- | C] () -- C:\WINDOWS\System32\d3d8caps.dat
[2011/03/26 19:42:59 | 000,000,664 | ---- | C] () -- C:\WINDOWS\System32\d3d9caps.dat
[2011/03/26 15:48:07 | 000,016,384 | ---- | C] () -- C:\WINDOWS\System32\iwca.dll
[2011/03/26 15:34:37 | 000,002,048 | --S- | C] () -- C:\WINDOWS\bootstat.dat
[2011/03/26 15:25:31 | 000,021,640 | ---- | C] () -- C:\WINDOWS\System32\emptyregdb.dat
[2011/03/26 09:09:04 | 000,004,161 | ---- | C] () -- C:\WINDOWS\ODBCINST.INI
[2011/03/26 08:39:06 | 000,095,072 | ---- | C] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2011/01/25 11:55:52 | 000,000,449 | ---- | C] () -- C:\Program Files\0125201110555187.bat
[2011/01/20 11:19:05 | 000,000,434 | ---- | C] () -- C:\Program Files\0120201110190550.bat
[2010/11/14 10:39:34 | 000,000,447 | ---- | C] () -- C:\Program Files\111420109393415.bat
[2010/08/04 10:04:28 | 000,000,457 | ---- | C] () -- C:\Program Files\0804201010042773.bat
[2006/02/28 07:00:00 | 000,673,088 | ---- | C] () -- C:\WINDOWS\System32\mlang.dat
[2006/02/28 07:00:00 | 000,432,594 | ---- | C] () -- C:\WINDOWS\System32\perfh009.dat
[2006/02/28 07:00:00 | 000,272,128 | ---- | C] () -- C:\WINDOWS\System32\perfi009.dat
[2006/02/28 07:00:00 | 000,218,003 | ---- | C] () -- C:\WINDOWS\System32\dssec.dat
[2006/02/28 07:00:00 | 000,067,510 | ---- | C] () -- C:\WINDOWS\System32\perfc009.dat
[2006/02/28 07:00:00 | 000,046,258 | ---- | C] () -- C:\WINDOWS\System32\mib.bin
[2006/02/28 07:00:00 | 000,028,626 | ---- | C] () -- C:\WINDOWS\System32\perfd009.dat
[2006/02/28 07:00:00 | 000,004,569 | ---- | C] () -- C:\WINDOWS\System32\secupd.dat
[2006/02/28 07:00:00 | 000,001,804 | ---- | C] () -- C:\WINDOWS\System32\dcache.bin
[2006/02/28 07:00:00 | 000,000,741 | ---- | C] () -- C:\WINDOWS\System32\noise.dat
[2006/01/19 02:34:04 | 000,049,152 | ---- | C] () -- C:\WINDOWS\System32\sis660.bin
[2005/10/07 07:13:36 | 000,065,536 | ---- | C] () -- C:\WINDOWS\System32\sis760.bin
[2005/10/07 07:13:36 | 000,065,536 | ---- | C] () -- C:\WINDOWS\System32\sis741.bin
[2003/04/10 08:26:20 | 013,107,200 | ---- | C] () -- C:\WINDOWS\System32\oembios.bin
[2003/04/10 08:25:18 | 000,004,604 | ---- | C] () -- C:\WINDOWS\System32\oembios.dat
========== LOP Check ==========
[2010/08/06 21:09:44 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\7Wonders2
[2010/04/20 09:42:59 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Alawar Stargaze
[2010/02/02 09:42:55 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Arkadium
[2011/02/05 10:58:17 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\AVG10
[2010/12/04 20:50:13 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\avg9
[2011/03/19 17:43:12 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Big Fish Games
[2010/06/14 20:27:53 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\cerasus.media
[2010/10/16 14:56:10 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Application Data\Common Files
[2010/05/10 19:37:29 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Deadtime Stories
[2010/03/23 13:20:39 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\EdensQuest
[2010/07/18 16:04:24 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\EmailNotifier
[2010/03/30 15:52:56 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\FarmFrenzy3_Arctica
[2010/05/12 07:00:14 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Fenomen Games
[2010/12/29 17:36:39 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\FireGlow
[2010/10/12 19:05:32 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Free Ride Games
[2010/02/19 19:23:53 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Fugazo
[2010/03/20 19:00:42 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\GameBlend
[2010/02/24 19:47:43 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\GameHouse
[2010/05/21 05:53:53 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Grey Alien Games
[2010/03/01 08:02:22 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\HideAndSecret3
[2010/12/09 15:57:37 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\iWin Games
[2010/02/13 18:09:51 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\JollyBear
[2010/05/08 19:47:55 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\KrissX
[2010/01/30 18:07:04 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\LightScribe
[2010/02/18 11:22:54 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\LocusGames
[2010/10/04 15:42:22 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Ludia
[2010/02/24 11:25:56 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Merscom
[2011/02/05 10:42:27 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\MFAData
[2011/03/16 19:48:46 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\MumboJumbo
[2010/10/13 20:51:44 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\MyHeritage
[2010/01/31 17:20:36 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\n7-89-o9-3r-4t-r9
[2010/06/16 06:14:53 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\NeoEdge Networks
[2011/01/04 10:00:59 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Oberon Media
[2010/05/22 21:03:13 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\PlayFirst
[2010/03/09 11:36:03 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\PoBros
[2010/06/19 05:50:04 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\rionix
[2010/04/05 07:23:23 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Sandlot Games
[2010/10/21 16:38:11 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\SpinTop
[2010/05/23 08:54:47 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\SulusGames
[2010/07/18 05:26:27 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\T1 Games
[2010/06/23 10:41:32 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\TeleportGamesLtd
[2011/02/26 17:05:56 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\TEMP
[2010/10/04 17:37:39 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Winferno
[2010/10/01 20:37:18 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\WorldWinner
[2010/02/01 10:58:19 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Zylom
[2010/01/30 13:19:09 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\{755AC846-7372-4AC8-8550-C52491DAA8BD}
[2011/03/26 15:16:07 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users.WINDOWS\Application Data\AVG10
[2011/03/26 15:15:10 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users.WINDOWS\Application Data\Common Files
[2011/05/06 19:17:11 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users.WINDOWS\Application Data\MFAData
[2011/03/26 15:18:16 | 000,000,000 | ---D | M] -- C:\Documents and Settings\greg & jacki\Application Data\AVG10
[2011/05/03 17:59:55 | 000,000,000 | ---D | M] -- C:\Documents and Settings\greg & jacki\Application Data\funkitron
[2011/03/26 15:44:46 | 000,000,000 | ---D | M] -- C:\Documents and Settings\greg & jacki\Application Data\MSNInstaller
[2010/10/04 18:40:46 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Valued Customer\Application Data\Alawar
[2011/01/27 20:41:27 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Valued Customer\Application Data\alot
[2010/03/17 10:17:44 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Valued Customer\Application Data\Arkadium
[2010/04/24 08:05:51 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Valued Customer\Application Data\Auslogics
[2010/10/16 16:07:22 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Valued Customer\Application Data\AVG
[2010/10/16 15:22:26 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Valued Customer\Application Data\AVG10
[2010/05/25 06:36:38 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Valued Customer\Application Data\Beep Industries
[2010/05/24 10:24:55 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Valued Customer\Application Data\Big Fish Games
[2010/06/05 10:13:22 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Valued Customer\Application Data\Boomzap
[2010/02/27 16:45:16 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Valued Customer\Application Data\Camel101
[2010/06/14 20:27:49 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Valued Customer\Application Data\cerasus.media
[2010/06/02 13:49:13 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Valued Customer\Application Data\Chains
[2011/01/10 18:33:46 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Valued Customer\Application Data\Clickteam
[2010/07/18 19:04:18 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Valued Customer\Application Data\Clip Art Collection
[2010/05/13 10:54:41 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Valued Customer\Application Data\com.adobe.mauby.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1
[2010/10/04 17:33:47 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Valued Customer\Application Data\com.zoosk.Desktop.096E6A67431258A508A2446A847B240591D2C99B.1
[2010/06/21 20:39:22 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Valued Customer\Application Data\Dragon Altar Games
[2010/05/01 16:33:43 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Valued Customer\Application Data\EcoRescue
[2010/08/08 07:01:14 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Valued Customer\Application Data\Enlightenus2_BFG
[2010/02/06 11:26:25 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Valued Customer\Application Data\Enlightenus_Real
[2010/10/04 17:33:13 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Valued Customer\Application Data\facemoods.com
[2010/06/12 13:54:58 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Valued Customer\Application Data\Fugazo
[2010/10/21 19:08:47 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Valued Customer\Application Data\funkitron
[2010/03/20 19:00:42 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Valued Customer\Application Data\GameBlend
[2010/02/01 16:24:52 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Valued Customer\Application Data\GameHousev1002
[2010/04/14 17:00:17 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Valued Customer\Application Data\Gold Casual Games
[2010/03/02 21:20:53 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Valued Customer\Application Data\HiT-MM
[2011/03/17 18:44:50 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Valued Customer\Application Data\Hoyle FaceCreator
[2011/03/17 19:50:02 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Valued Customer\Application Data\Hoyle Puzzle and Board Games
[2010/12/09 15:57:39 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Valued Customer\Application Data\iWin
[2010/07/14 10:44:07 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Valued Customer\Application Data\KranX Productions
[2010/05/11 10:28:18 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Valued Customer\Application Data\Lazy Turtle Games
[2010/03/26 18:29:40 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Valued Customer\Application Data\Little Worlds Online
[2010/02/18 11:22:54 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Valued Customer\Application Data\LocusGames
[2010/10/05 21:49:27 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Valued Customer\Application Data\Ludia
[2010/02/22 19:46:36 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Valued Customer\Application Data\MagicBall4
[2010/12/09 11:37:09 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Valued Customer\Application Data\Masque
[2010/02/02 10:39:01 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Valued Customer\Application Data\MB3
[2010/02/23 13:14:07 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Valued Customer\Application Data\MB4
[2010/02/24 11:25:56 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Valued Customer\Application Data\Merscom
[2011/03/19 18:24:21 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Valued Customer\Application Data\MSNInstaller
[2011/03/16 19:48:46 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Valued Customer\Application Data\MumboJumbo
[2010/08/20 23:29:04 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Valued Customer\Application Data\myfreezetoolbar
[2010/10/13 20:51:44 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Valued Customer\Application Data\MyHeritage
[2011/01/31 15:16:41 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Valued Customer\Application Data\Namco
[2011/02/05 10:24:11 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Valued Customer\Application Data\Oberon Media
[2010/07/29 08:47:12 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Valued Customer\Application Data\Orneon
[2010/03/03 11:51:10 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Valued Customer\Application Data\Pharaohs Secret
[2010/05/10 06:59:02 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Valued Customer\Application Data\PlayFirst
[2010/03/09 11:36:03 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Valued Customer\Application Data\PoBros
[2010/06/28 10:59:03 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Valued Customer\Application Data\Pogo Games
[2011/03/26 13:06:49 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Valued Customer\Application Data\PriceGong
[2011/02/26 17:04:21 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Valued Customer\Application Data\Registry Mechanic
[2011/01/14 10:14:10 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Valued Customer\Application Data\simppulltoolbar
[2010/02/02 10:34:45 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Valued Customer\Application Data\SmashFrenzy3
[2010/02/23 12:11:30 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Valued Customer\Application Data\SmashFrenzy4
[2010/10/21 16:38:11 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Valued Customer\Application Data\SpinTop
[2010/10/21 11:47:35 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Valued Customer\Application Data\SpinTop Games
[2010/07/15 20:31:41 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Valued Customer\Application Data\SquareLogic
[2010/05/23 08:54:47 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Valued Customer\Application Data\SulusGames
[2010/06/23 10:41:32 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Valued Customer\Application Data\TeleportGamesLtd
[2010/07/19 03:16:29 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Valued Customer\Application Data\Titanium Gears
[2010/02/15 09:52:17 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Valued Customer\Application Data\VTExtra
[2010/07/18 16:04:55 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Valued Customer\Application Data\WeatherBug
[2010/04/03 14:07:37 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Valued Customer\Application Data\Western Software Technologies
[2010/07/08 18:42:45 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Valued Customer\Application Data\Zylom
========== Purity Check ==========
========== Custom Scans ==========
< %SYSTEMDRIVE%\*.exe >
< MD5 for: EXPLORER.EXE >
[2008/04/13 19:12:19 | 001,033,728 | ---- | M] (Microsoft Corporation) MD5=12896823FB95BFB3DC9B46BCAEDC9923 -- C:\WINDOWS\explorer.exe
[2008/04/13 19:12:19 | 001,033,728 | ---- | M] (Microsoft Corporation) MD5=12896823FB95BFB3DC9B46BCAEDC9923 -- C:\WINDOWS\ServicePackFiles\i386\explorer.exe
[2006/02/28 07:00:00 | 001,032,192 | ---- | M] (Microsoft Corporation) MD5=A0732187050030AE399B241436565E64 -- C:\WINDOWS\$NtServicePackUninstall$\explorer.exe
< MD5 for: SVCHOST.EXE >
[2008/04/13 19:12:36 | 000,014,336 | ---- | M] (Microsoft Corporation) MD5=27C6D03BCDB8CFEB96B716F3D8BE3E18 -- C:\WINDOWS\ServicePackFiles\i386\svchost.exe
[2008/04/13 19:12:36 | 000,014,336 | ---- | M] (Microsoft Corporation) MD5=27C6D03BCDB8CFEB96B716F3D8BE3E18 -- C:\WINDOWS\system32\svchost.exe
[2006/02/28 07:00:00 | 000,014,336 | ---- | M] (Microsoft Corporation) MD5=8F078AE4ED187AAABC0A305146DE6716 -- C:\WINDOWS\$NtServicePackUninstall$\svchost.exe
< MD5 for: USERINIT.EXE >
[2006/02/28 07:00:00 | 000,024,576 | ---- | M] (Microsoft Corporation) MD5=39B1FFB03C2296323832ACBAE50D2AFF -- C:\WINDOWS\$NtServicePackUninstall$\userinit.exe
[2008/04/13 19:12:38 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=A93AEE1928A9D7CE3E16D24EC7380F89 -- C:\WINDOWS\ServicePackFiles\i386\userinit.exe
[2008/04/13 19:12:38 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=A93AEE1928A9D7CE3E16D24EC7380F89 -- C:\WINDOWS\system32\userinit.exe
< MD5 for: WINLOGON.EXE >
[2006/02/28 07:00:00 | 000,502,272 | ---- | M] (Microsoft Corporation) MD5=01C3346C241652F43AED8E2149881BFE -- C:\WINDOWS\$NtServicePackUninstall$\winlogon.exe
[2008/04/13 19:12:39 | 000,507,904 | ---- | M] (Microsoft Corporation) MD5=ED0EF0A136DEC83DF69F04118870003E -- C:\WINDOWS\ServicePackFiles\i386\winlogon.exe
[2008/04/13 19:12:39 | 000,507,904 | ---- | M] (Microsoft Corporation) MD5=ED0EF0A136DEC83DF69F04118870003E -- C:\WINDOWS\system32\winlogon.exe
< %systemroot%\*. /mp /s >
< hklm\software\clients\startmenuinternet|command /rs >
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\InstallInfo\\ReinstallCommand: "C:\WINDOWS\system32\ie4uinit.exe" -reinstall [2011/02/18 06:49:53 | 000,173,568 | ---- | M] (Microsoft Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\InstallInfo\\HideIconsCommand: "C:\WINDOWS\system32\ie4uinit.exe" -hide [2011/02/18 06:49:53 | 000,173,568 | ---- | M] (Microsoft Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\InstallInfo\\ShowIconsCommand: "C:\WINDOWS\system32\ie4uinit.exe" -show [2011/02/18 06:49:53 | 000,173,568 | ---- | M] (Microsoft Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\shell\naom\command\\: "C:\Program Files\Internet Explorer\iexplore.exe" -extoff [2009/03/08 14:09:26 | 000,638,816 | ---- | M] (Microsoft Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\shell\open\command\\: C:\Program Files\Internet Explorer\iexplore.exe [2009/03/08 14:09:26 | 000,638,816 | ---- | M] (Microsoft Corporation)
< hklm\software\clients\startmenuinternet|command /64 /rs >
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\InstallInfo\\ReinstallCommand: "C:\WINDOWS\system32\ie4uinit.exe" -reinstall [2011/02/18 06:49:53 | 000,173,568 | ---- | M] (Microsoft Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\InstallInfo\\HideIconsCommand: "C:\WINDOWS\system32\ie4uinit.exe" -hide [2011/02/18 06:49:53 | 000,173,568 | ---- | M] (Microsoft Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\InstallInfo\\ShowIconsCommand: "C:\WINDOWS\system32\ie4uinit.exe" -show [2011/02/18 06:49:53 | 000,173,568 | ---- | M] (Microsoft Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\shell\naom\command\\: "C:\Program Files\Internet Explorer\iexplore.exe" -extoff [2009/03/08 14:09:26 | 000,638,816 | ---- | M] (Microsoft Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\shell\open\command\\: C:\Program Files\Internet Explorer\iexplore.exe [2009/03/08 14:09:26 | 000,638,816 | ---- | M] (Microsoft Corporation)
========== Alternate Data Streams ==========
@Alternate Data Stream - 96 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:52B72A7C
@Alternate Data Stream - 94 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:B7F2E188
@Alternate Data Stream - 94 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:9D7DCAE4
@Alternate Data Stream - 250 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:0B352B60
@Alternate Data Stream - 207 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:34FC1C45
@Alternate Data Stream - 195 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:F7124EAF
@Alternate Data Stream - 176 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:DA2524F0
@Alternate Data Stream - 153 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:FCB70953
@Alternate Data Stream - 151 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:3DBE461A
@Alternate Data Stream - 149 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:FEF919E6
@Alternate Data Stream - 149 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:64170090
@Alternate Data Stream - 148 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:956EC010
@Alternate Data Stream - 147 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:C8591AF9
@Alternate Data Stream - 147 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:445352A1
@Alternate Data Stream - 147 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:1A3FC1C4
@Alternate Data Stream - 146 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:CBAC4FD8
@Alternate Data Stream - 146 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:99A72E3A
@Alternate Data Stream - 144 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:DF8984AC
@Alternate Data Stream - 144 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:C76CFF82
@Alternate Data Stream - 144 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:753F86A9
@Alternate Data Stream - 144 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:24AB14E7
@Alternate Data Stream - 143 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:A2FF62A6
@Alternate Data Stream - 142 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:ED705107
@Alternate Data Stream - 141 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:6987107A
@Alternate Data Stream - 141 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:56EE2CAF
@Alternate Data Stream - 141 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:50308CED
@Alternate Data Stream - 141 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:4F7FE589
@Alternate Data Stream - 141 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:1AE68282
@Alternate Data Stream - 141 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:1079C01D
@Alternate Data Stream - 140 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:93F33FB9
@Alternate Data Stream - 139 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:E6CCB309
@Alternate Data Stream - 139 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:3AF262FC
@Alternate Data Stream - 137 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:5BDD0820
@Alternate Data Stream - 137 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:05670151
@Alternate Data Stream - 136 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:F6DD01C6
@Alternate Data Stream - 136 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:63A71C6F
@Alternate Data Stream - 136 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:5E748D4C
@Alternate Data Stream - 135 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:C43BFB01
@Alternate Data Stream - 135 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:8AD1F2E0
@Alternate Data Stream - 134 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:82C50600
@Alternate Data Stream - 133 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:FEECF2C8
@Alternate Data Stream - 132 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:0441DB7A
@Alternate Data Stream - 130 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:EAF954B6
@Alternate Data Stream - 130 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:EA1919C7
@Alternate Data Stream - 130 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:9D6EAEC3
@Alternate Data Stream - 129 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:F94CB4DD
@Alternate Data Stream - 129 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:93EB7685
@Alternate Data Stream - 127 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:DB779A93
@Alternate Data Stream - 127 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:B110897C
@Alternate Data Stream - 126 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:E7220DEE
@Alternate Data Stream - 126 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:D3A89E47
@Alternate Data Stream - 126 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:062B5EB4
@Alternate Data Stream - 125 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:93EC675B
@Alternate Data Stream - 124 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:ACCFA538
@Alternate Data Stream - 124 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:53DF4438
@Alternate Data Stream - 124 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:3F692B26
@Alternate Data Stream - 124 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:0B4227B4
@Alternate Data Stream - 124 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:029E021F
@Alternate Data Stream - 122 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:49BE0F68
@Alternate Data Stream - 122 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:21F28B00
@Alternate Data Stream - 120 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:372A7EB3
@Alternate Data Stream - 119 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:B3938129
@Alternate Data Stream - 119 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:AECF4772
@Alternate Data Stream - 118 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:F68CB977
@Alternate Data Stream - 118 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:78AFAE94
@Alternate Data Stream - 116 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:A1165550
@Alternate Data Stream - 115 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:FAEAE395
@Alternate Data Stream - 115 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:EDDF646C
@Alternate Data Stream - 114 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:4111E573
@Alternate Data Stream - 114 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:09708CB7
@Alternate Data Stream - 112 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:C25D218B
@Alternate Data Stream - 111 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:F92AD177
@Alternate Data Stream - 111 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:20E32CC7
@Alternate Data Stream - 111 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:0CE0AE44
@Alternate Data Stream - 110 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:8DFE5191
@Alternate Data Stream - 109 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:109D64EB
@Alternate Data Stream - 108 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:93F3E4C9
@Alternate Data Stream - 108 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:3572BAC0
@Alternate Data Stream - 107 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:AFFC859A
@Alternate Data Stream - 106 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:EDD903C5
@Alternate Data Stream - 105 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:3595B780
@Alternate Data Stream - 104 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:D1B5B4F1
@Alternate Data Stream - 104 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:8668AB36
@Alternate Data Stream - 103 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:BEE8C8B8
@Alternate Data Stream - 103 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:0D4A6333
@Alternate Data Stream - 101 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:DEEA5B0E
@Alternate Data Stream - 101 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:573DC2A3
@Alternate Data Stream - 101 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:00C3A74E
< End of report >
OTL Extras logfile created on: 5/7/2011 9:13:22 AM - Run 1
OTL by OldTimer - Version 3.2.22.3 Folder = C:\Documents and Settings\greg & jacki\Desktop
Windows XP Home Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy
479.00 Mb Total Physical Memory | 95.00 Mb Available Physical Memory | 20.00% Memory free
1.00 Gb Paging File | 1.00 Gb Available in Paging File | 63.00% Paging File free
Paging file location(s): C:\pagefile.sys 720 1440 [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 74.52 Gb Total Space | 57.78 Gb Free Space | 77.54% Space Free | Partition Type: NTFS
Drive D: | 41.94 Mb Total Space | 0.00 Mb Free Space | 0.00% Space Free | Partition Type: CDFS
Computer Name: GREG-3BDFF4E7CC | User Name: greg & jacki | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Quick Scan
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days
========== Extra Registry (SafeList) ==========
========== File Associations ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
========== Shell Spawning ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
exefile [open] -- "%1" %*
htmlfile [edit] -- Reg Error: Key error.
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
========== Security Center Settings ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"FirstRunDisabled" = 1
"AntiVirusDisableNotify" = 0
"FirewallDisableNotify" = 0
"UpdatesDisableNotify" = 0
"AntiVirusOverride" = 0
"FirewallOverride" = 0
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall]
========== System Restore Settings ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Sr]
"Start" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SrService]
"Start" = 2
========== Firewall Settings ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
========== Authorized Applications List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"C:\Program Files\AVG\AVG10\avgnsx.exe" = C:\Program Files\AVG\AVG10\avgnsx.exe:*:Enabled:Online Shield -- (AVG Technologies CZ, s.r.o.)
"C:\Program Files\AVG\AVG10\avgmfapx.exe" = C:\Program Files\AVG\AVG10\avgmfapx.exe:*:Enabled:AVG Installer -- (AVG Technologies CZ, s.r.o.)
"C:\Program Files\AVG\AVG10\avgemcx.exe" = C:\Program Files\AVG\AVG10\avgemcx.exe:*:Enabled:Personal E-mail Scanner -- (AVG Technologies CZ, s.r.o.)
========== HKEY_LOCAL_MACHINE Uninstall List ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{0E2B0B41-7E08-4F9F-B21F-41C4133F43B7}" = mLogView
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{23FB368F-1399-4EAC-817C-4B83ECBE3D83}" = mProSafe
"{26A24AE4-039D-4CA4-87B4-2F83216024FF}" = Java 6 Update 24
"{28DA872A-0848-48CF-B749-19A198157A2A}" = mDriver
"{350C97B0-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP
"{3E9D596A-61D4-4239-BD19-2DB984D2A16F}" = mIWA
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{6DE14BE4-6F04-4935-8ABD-A0A19FE2E55A}" = mCore
"{6FFFE74E-3FBD-4E2E-97F9-5E9A2A077626}" = mIWCA
"{7CD7A451-7224-49C8-95EF-9A1859C66607}" = mZConfig
"{8B928BA1-EDEC-4227-A2DA-DD83026C36F5}" = mPfMgr
"{8C6BB412-D3A8-4AAE-A01B-35B681789D68}" = mHelp
"{90B0D222-8C21-4B35-9262-53B042F18AF9}" = mPfWiz
"{9CC89556-3578-48DD-8408-04E66EBEF401}" = mXML
"{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}" = Microsoft .NET Framework 3.0 Service Pack 2
"{A64FF1D4-9CBC-467C-8D11-C1AFAA0B8AFF}" = AVG 2011
"{AC76BA86-7AD7-1033-7B44-AA0000000001}" = Adobe Reader X (10.0.1)
"{AFF7E080-1974-45BF-9310-10DE1A1F5ED0}" = Adobe AIR
"{B502B428-3386-40A9-98DB-079AAB72E64F}" = mEoU.msi
"{BAF78226-3200-4DB4-BE33-4D922A799840}" = Windows Presentation Foundation
"{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}" = Microsoft .NET Framework 2.0 Service Pack 2
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{D4E53304-1F6C-4111-9872-1BCD2CF5B642}" = AVG 2011
"{F0BFC7EF-9CF8-44EE-91B0-158884CD87C5}" = mMHouse
"{F6090A17-0967-4A8A-B3C3-422A1B514D49}" = mDrWiFi
"{FCA651F3-5BDA-4DDA-9E4A-5D87D6914CC4}" = mWlsSafe
"Adobe AIR" = Adobe AIR
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Adobe Shockwave Player" = Adobe Shockwave Player 11.5
"AVG" = AVG 2011
"CAL" = Canon Camera Access Library
"CameraWindowDC8" = Canon Utilities CameraWindow DC 8
"CameraWindowLauncher" = Canon Utilities CameraWindow Launcher
"CCleaner" = CCleaner
"ie8" = Windows Internet Explorer 8
"Luxor" = Luxor (remove only)
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"MyCamera Download Plugin" = CANON iMAGE GATEWAY MyCamera Download Plugin
"ProInst" = Intel® PROSet/Wireless Software
"Slingo Quest" = Slingo Quest
"Slingo Quest Hawaii" = Slingo Quest Hawaii
"Super Collapse! 3" = Super Collapse! 3
"Windows XP Service Pack" = Windows XP Service Pack 3
"XpsEPSC" = XML Paper Specification Shared Components Pack 1.0
========== Last 10 Event Log Errors ==========
[ Application Events ]
Error - 3/26/2011 9:40:41 PM | Computer Name = GREG-3BDFF4E7CC | Source = Application Error | ID = 1000
Description = Faulting application demo32.exe, version 7.53.100.1012, faulting module
demo32.exe, version 7.53.100.1012, fault address 0x00028d5f.
Error - 3/26/2011 9:40:49 PM | Computer Name = GREG-3BDFF4E7CC | Source = Application Error | ID = 1001
Description = Fault bucket 00504417.
Error - 4/17/2011 2:42:26 PM | Computer Name = GREG-3BDFF4E7CC | Source = .NET Runtime Optimization Service | ID = 1101
Description = .NET Runtime Optimization Service (clr_optimization_v2.0.50727_32)
- Failed to compile: C:\Program Files\Reference Assemblies\Microsoft\Framework\v3.0\System.ServiceModel.dll
. Error code = 0x80070020
Error - 5/4/2011 7:27:04 PM | Computer Name = GREG-3BDFF4E7CC | Source = MsiInstaller | ID = 11920
Description = Product: LightScribe 1.4.42.1 -- Error 1920.Service LightScribeService
(LightScribeService) failed to start. Verify that you have sufficient privileges
to start system services.
Error - 5/4/2011 7:29:29 PM | Computer Name = GREG-3BDFF4E7CC | Source = Application Error | ID = 1000
Description = Faulting application setup.exe, version 0.0.0.0, faulting module setup.exe,
version 0.0.0.0, fault address 0x00021e7a.
Error - 5/4/2011 7:29:38 PM | Computer Name = GREG-3BDFF4E7CC | Source = Application Error | ID = 1001
Description = Fault bucket 00502427.
Error - 5/4/2011 7:30:03 PM | Computer Name = GREG-3BDFF4E7CC | Source = Application Error | ID = 1000
Description = Faulting application install.exe, version 0.0.0.0, faulting module
, version 0.0.0.0, fault address 0x00000000.
Error - 5/6/2011 9:07:58 PM | Computer Name = GREG-3BDFF4E7CC | Source = Application Hang | ID = 1002
Description = Hanging application iexplore.exe, version 8.0.6001.18702, hang module
hungapp, version 0.0.0.0, hang address 0x00000000.
Error - 5/6/2011 9:08:00 PM | Computer Name = GREG-3BDFF4E7CC | Source = Application Hang | ID = 1002
Description = Hanging application iexplore.exe, version 8.0.6001.18702, hang module
hungapp, version 0.0.0.0, hang address 0x00000000.
Error - 5/6/2011 9:08:13 PM | Computer Name = GREG-3BDFF4E7CC | Source = Application Hang | ID = 1001
Description = Fault bucket 1180947459.
[ System Events ]
Error - 4/10/2011 3:49:53 PM | Computer Name = GREG-3BDFF4E7CC | Source = W32Time | ID = 39452701
Description = The time provider NtpClient is configured to acquire time from one
or more time sources, however none of the sources are currently accessible. No attempt
to contact a source will be made for 14 minutes. NtpClient has no source of accurate
time.
Error - 4/10/2011 3:49:53 PM | Computer Name = GREG-3BDFF4E7CC | Source = W32Time | ID = 39452689
Description = Time Provider NtpClient: An error occurred during DNS lookup of the
manually configured peer 'time.windows.com,0x1'. NtpClient will try the DNS lookup
again in 15 minutes. The error was: A socket operation was attempted to an unreachable
host. (0x80072751)
Error - 4/10/2011 3:49:53 PM | Computer Name = GREG-3BDFF4E7CC | Source = W32Time | ID = 39452701
Description = The time provider NtpClient is configured to acquire time from one
or more time sources, however none of the sources are currently accessible. No attempt
to contact a source will be made for 15 minutes. NtpClient has no source of accurate
time.
Error - 4/10/2011 4:28:32 PM | Computer Name = GREG-3BDFF4E7CC | Source = ACPIEC | ID = 327681
Description = \Device\ACPIEC: The embedded controller (EC) hardware didn't respond
within the timeout period. This may indicate an error in the EC hardware or firmware,
or possibly a poorly designed BIOS which accesses the EC in an unsafe manner.
The EC driver will retry the failed transaction if possible.
Error - 4/10/2011 4:29:02 PM | Computer Name = GREG-3BDFF4E7CC | Source = ACPIEC | ID = 327681
Description = \Device\ACPIEC: The embedded controller (EC) hardware didn't respond
within the timeout period. This may indicate an error in the EC hardware or firmware,
or possibly a poorly designed BIOS which accesses the EC in an unsafe manner.
The EC driver will retry the failed transaction if possible.
Error - 4/16/2011 7:18:48 PM | Computer Name = GREG-3BDFF4E7CC | Source = ACPIEC | ID = 327681
Description = \Device\ACPIEC: The embedded controller (EC) hardware didn't respond
within the timeout period. This may indicate an error in the EC hardware or firmware,
or possibly a poorly designed BIOS which accesses the EC in an unsafe manner.
The EC driver will retry the failed transaction if possible.
Error - 4/16/2011 10:42:04 PM | Computer Name = GREG-3BDFF4E7CC | Source = ACPIEC | ID = 327681
Description = \Device\ACPIEC: The embedded controller (EC) hardware didn't respond
within the timeout period. This may indicate an error in the EC hardware or firmware,
or possibly a poorly designed BIOS which accesses the EC in an unsafe manner.
The EC driver will retry the failed transaction if possible.
Error - 4/16/2011 11:28:13 PM | Computer Name = GREG-3BDFF4E7CC | Source = ACPIEC | ID = 327681
Description = \Device\ACPIEC: The embedded controller (EC) hardware didn't respond
within the timeout period. This may indicate an error in the EC hardware or firmware,
or possibly a poorly designed BIOS which accesses the EC in an unsafe manner.
The EC driver will retry the failed transaction if possible.
Error - 4/17/2011 2:46:15 PM | Computer Name = GREG-3BDFF4E7CC | Source = ACPIEC | ID = 327681
Description = \Device\ACPIEC: The embedded controller (EC) hardware didn't respond
within the timeout period. This may indicate an error in the EC hardware or firmware,
or possibly a poorly designed BIOS which accesses the EC in an unsafe manner.
The EC driver will retry the failed transaction if possible.
Error - 4/17/2011 3:13:02 PM | Computer Name = GREG-3BDFF4E7CC | Source = ACPIEC | ID = 327681
Description = \Device\ACPIEC: The embedded controller (EC) hardware didn't respond
within the timeout period. This may indicate an error in the EC hardware or firmware,
or possibly a poorly designed BIOS which accesses the EC in an unsafe manner.
The EC driver will retry the failed transaction if possible.
< End of report >
OTL logfile created on: 5/7/2011 9:13:22 AM - Run 1
OTL by OldTimer - Version 3.2.22.3 Folder = C:\Documents and Settings\greg & jacki\Desktop
Windows XP Home Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy
479.00 Mb Total Physical Memory | 95.00 Mb Available Physical Memory | 20.00% Memory free
1.00 Gb Paging File | 1.00 Gb Available in Paging File | 63.00% Paging File free
Paging file location(s): C:\pagefile.sys 720 1440 [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 74.52 Gb Total Space | 57.78 Gb Free Space | 77.54% Space Free | Partition Type: NTFS
Drive D: | 41.94 Mb Total Space | 0.00 Mb Free Space | 0.00% Space Free | Partition Type: CDFS
Computer Name: GREG-3BDFF4E7CC | User Name: greg & jacki | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Quick Scan
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days
========== Processes (SafeList) ==========
PRC - [2011/05/07 09:10:15 | 000,580,608 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\greg & jacki\Desktop\OTL.exe
PRC - [2011/02/17 06:21:58 | 002,190,688 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG10\avgtray.exe
PRC - [2011/02/15 05:38:06 | 007,421,280 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG10\Identity Protection\Agent\Bin\AVGIDSAgent.exe
PRC - [2011/02/11 06:25:52 | 001,080,672 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG10\avgnsx.exe
PRC - [2011/02/10 07:55:18 | 001,148,256 | ---- | M] () -- C:\Program Files\AVG\AVG10\Identity Protection\Agent\Bin\AVGIDSMonitor.exe
PRC - [2011/02/08 05:33:42 | 000,269,520 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG10\avgwdsvc.exe
PRC - [2011/02/08 05:33:20 | 000,658,784 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG10\avgrsx.exe
PRC - [2011/02/08 05:32:52 | 001,025,376 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG10\avgemcx.exe
PRC - [2011/02/08 05:32:48 | 000,351,072 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG10\avgcsrvx.exe
PRC - [2011/02/08 05:32:46 | 000,656,736 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG10\avgchsvx.exe
PRC - [2008/04/13 19:12:19 | 001,033,728 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
PRC - [2005/05/31 23:46:16 | 000,401,408 | ---- | M] (Intel Corporation) -- C:\Program Files\Intel\Wireless\Bin\ZCfgSvc.exe
========== Modules (SafeList) ==========
MOD - [2011/05/07 09:10:15 | 000,580,608 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\greg & jacki\Desktop\OTL.exe
MOD - [2010/08/23 11:12:02 | 001,054,208 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.6028_x-ww_61e65202\comctl32.dll
========== Win32 Services (SafeList) ==========
SRV - File not found [On_Demand | Stopped] -- -- (AppMgmt)
SRV - [2011/02/15 05:38:06 | 007,421,280 | ---- | M] (AVG Technologies CZ, s.r.o.) [Auto | Running] -- C:\Program Files\AVG\AVG10\Identity Protection\Agent\Bin\AVGIDSAgent.exe -- (AVGIDSAgent)
SRV - [2011/02/08 05:33:42 | 000,269,520 | ---- | M] (AVG Technologies CZ, s.r.o.) [Auto | Running] -- C:\Program Files\AVG\AVG10\avgwdsvc.exe -- (avgwd)
SRV - [2009/09/08 17:25:52 | 000,096,334 | ---- | M] (Canon Inc.) [Disabled | Stopped] -- C:\Program Files\Canon\CAL\CALMAIN.exe -- (CCALib8)
SRV - [2008/04/13 19:12:35 | 000,073,796 | ---- | M] (Smart Link) [Disabled | Stopped] -- C:\WINDOWS\System32\slserv.exe -- (SLService)
SRV - [2005/05/31 23:50:16 | 000,098,304 | ---- | M] (Intel Corporation) [Disabled | Stopped] -- C:\Program Files\Intel\Wireless\Bin\OProtSvc.exe -- (OwnershipProtocol)
========== Driver Services (SafeList) ==========
DRV - [2011/03/30 17:17:22 | 000,134,480 | ---- | M] (AVG Technologies CZ, s.r.o. ) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\AVGIDSDriver.sys -- (AVGIDSDriver)
DRV - [2011/03/01 14:25:18 | 000,034,896 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | System | Running] -- C:\WINDOWS\system32\drivers\avgmfx86.sys -- (Avgmfx86)
DRV - [2011/02/22 08:13:02 | 000,022,992 | ---- | M] (AVG Technologies CZ, s.r.o. ) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\AVGIDSEH.Sys -- (AVGIDSEH)
DRV - [2011/02/10 07:54:00 | 000,296,400 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\avgtdix.sys -- (Avgtdix)
DRV - [2011/02/10 07:53:54 | 000,027,216 | ---- | M] (AVG Technologies CZ, s.r.o. ) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\AVGIDSShim.sys -- (AVGIDSShim)
DRV - [2011/02/10 07:53:52 | 000,024,144 | ---- | M] (AVG Technologies CZ, s.r.o. ) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\AVGIDSFilter.sys -- (AVGIDSFilter)
DRV - [2011/01/19 04:32:56 | 000,032,464 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\avgrkx86.sys -- (Avgrkx86)
DRV - [2011/01/07 06:41:46 | 000,248,656 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\avgldx86.sys -- (Avgldx86)
DRV - [2010/10/26 04:12:36 | 000,019,200 | ---- | M] (Silicon Integrated Systems Corporation) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\srvkp.sys -- (SiSkp)
DRV - [2010/10/26 03:39:24 | 000,325,120 | ---- | M] (Silicon Integrated Systems Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\sisgrp.sys -- (SiS315)
DRV - [2005/05/03 08:03:54 | 000,011,354 | ---- | M] (Intel Corporation) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\s24trans.sys -- (s24trans)
DRV - [2005/04/30 17:01:56 | 003,281,408 | ---- | M] (Intel® Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\w29n51.sys -- (w29n51) Intel®
DRV - [2005/04/08 11:48:18 | 000,179,968 | ---- | M] (VIA Technologies, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\vinyl97.sys -- (VIAudio) Vinyl AC'97 Audio Controller (WDM)
DRV - [2004/08/12 09:44:04 | 000,234,496 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\iwca.sys -- (IWCA)
DRV - [2004/08/03 17:41:46 | 000,095,424 | ---- | M] (Smart Link) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\slnthal.sys -- (SlNtHal)
DRV - [2004/08/03 17:41:46 | 000,013,240 | ---- | M] (Smart Link) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\slwdmsup.sys -- (SlWdmSup)
DRV - [2004/08/03 17:41:44 | 000,404,990 | ---- | M] (Smart Link) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\slntamr.sys -- (Slntamr)
DRV - [2004/08/03 17:41:40 | 000,180,360 | ---- | M] (Smart Link) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ntmtlfax.sys -- (NtMtlFax)
DRV - [2004/08/03 17:41:40 | 000,126,686 | ---- | M] (Smart Link) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\mtlmnt5.sys -- (Mtlmnt5)
DRV - [2004/08/03 17:41:40 | 000,013,776 | ---- | M] (Smart Link) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\RecAgent.sys -- (RecAgent)
DRV - [2004/08/03 17:41:38 | 001,309,184 | ---- | M] (Smart Link) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\mtlstrm.sys -- (Mtlstrm)
DRV - [2004/08/03 17:31:36 | 000,032,768 | ---- | M] (SiS Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\sisnic.sys -- (SISNIC)
========== Standard Registry (SafeList) ==========
========== Internet Explorer ==========
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-583907252-630328440-682003330-1004\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.yahoo.com/
IE - HKU\S-1-5-21-583907252-630328440-682003330-1004\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
FF - HKLM\software\mozilla\Firefox\Extensions\\{1E73965B-8B48-48be-9C8D-68B920ABC1C4}: C:\Program Files\AVG\AVG10\Firefox4\ [2011/05/06 19:29:39 | 000,000,000 | ---D | M]
O1 HOSTS File: ([2006/02/28 07:00:00 | 000,000,734 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (AVG Safe Search) - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG10\avgssie.dll (AVG Technologies CZ, s.r.o.)
O4 - HKLM..\Run: [AVG_TRAY] C:\Program Files\AVG\AVG10\avgtray.exe (AVG Technologies CZ, s.r.o.)
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Low Rights present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-21-583907252-630328440-682003330-1004\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O16 - DPF: {233C1507-6A77-46A4-9443-F871F945D258} http://download.macr...director/sw.cab (Shockwave ActiveX Control)
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} http://www.update.mi...b?1301171736593 (MUWebControl Class)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_24)
O16 - DPF: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_24)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_24)
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.ad...Plus/1.6/gp.cab (Reg Error: Key error.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 207.217.126.81 207.217.77.82
O18 - Protocol\Handler\linkscanner {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG10\avgpp.dll (AVG Technologies CZ, s.r.o.)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - Winlogon\Notify\IntelWireless: DllName - C:\Program Files\Intel\Wireless\Bin\LgNotify.dll - C:\Program Files\Intel\Wireless\Bin\LgNotify.dll (Intel Corporation)
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2010/01/29 13:40:35 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O32 - AutoRun File - [2010/08/26 11:15:43 | 000,000,056 | R--- | M] () - D:\autorun.inf -- [ CDFS ]
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O34 - HKLM BootExecute: (C:\PROGRA~1\AVG\AVG10\avgchsvx.exe /sync) - C:\Program Files\AVG\AVG10\avgchsvx.exe (AVG Technologies CZ, s.r.o.)
O34 - HKLM BootExecute: (C:\PROGRA~1\AVG\AVG10\avgrsx.exe /sync /restart) - C:\Program Files\AVG\AVG10\avgrsx.exe (AVG Technologies CZ, s.r.o.)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
NetSvcs: 6to4 - File not found
NetSvcs: AppMgmt - File not found
NetSvcs: Ias - File not found
NetSvcs: Iprip - File not found
NetSvcs: Irmon - File not found
NetSvcs: NWCWorkstation - File not found
NetSvcs: Nwsapagent - File not found
NetSvcs: WmdmPmSp - File not found
CREATERESTOREPOINT
Restore point Set: OTL Restore Point (16902109354000384)
========== Files/Folders - Created Within 30 Days ==========
[2011/05/07 09:10:10 | 000,580,608 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\greg & jacki\Desktop\OTL.exe
[2011/05/07 08:44:13 | 000,000,000 | RH-D | C] -- C:\Documents and Settings\greg & jacki\Recent
[2011/05/04 18:31:44 | 000,000,000 | ---D | C] -- C:\Documents and Settings\greg & jacki\Local Settings\Application Data\Ahead
[2011/05/04 18:14:38 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users.WINDOWS\Application Data\Ahead
[2011/05/03 17:59:55 | 000,000,000 | ---D | C] -- C:\Documents and Settings\greg & jacki\My Documents\Slingo Quest Hawaii Documents
[2011/05/02 17:11:46 | 000,000,000 | ---D | C] -- C:\Documents and Settings\greg & jacki\My Documents\Slingo Quest Documents
[2011/05/02 17:11:46 | 000,000,000 | ---D | C] -- C:\Documents and Settings\greg & jacki\Application Data\funkitron
[2011/05/01 15:09:51 | 000,000,000 | ---D | C] -- C:\Documents and Settings\greg & jacki\Local Settings\Application Data\Identities
[2011/04/16 18:14:13 | 000,000,000 | ---D | C] -- C:\Documents and Settings\greg & jacki\Local Settings\Application Data\Temp
[2011/04/16 18:05:37 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users.WINDOWS\Application Data\Adobe
[2011/04/16 18:05:10 | 000,000,000 | ---D | C] -- C:\Documents and Settings\greg & jacki\Local Settings\Application Data\Adobe
[5 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
========== Files - Modified Within 30 Days ==========
[2011/05/07 09:10:57 | 114,392,365 | ---- | M] () -- C:\WINDOWS\System32\drivers\AVG\incavi.avm
[2011/05/07 09:10:15 | 000,580,608 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\greg & jacki\Desktop\OTL.exe
[2011/05/07 09:09:29 | 000,000,512 | ---- | M] () -- C:\Documents and Settings\greg & jacki\Desktop\MBR.dat
[2011/05/07 09:07:17 | 000,300,787 | ---- | M] () -- C:\Documents and Settings\greg & jacki\Desktop\aswMBR.zip
[2011/05/07 07:33:35 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2011/05/06 19:29:41 | 000,000,699 | ---- | M] () -- C:\Documents and Settings\All Users.WINDOWS\Desktop\AVG 2011.lnk
[2011/05/05 17:59:50 | 000,463,172 | ---- | M] () -- C:\Documents and Settings\greg & jacki\My Documents\2011-kentucky-derby-pps.pdf
[2011/05/04 18:56:20 | 000,000,813 | ---- | M] () -- C:\Documents and Settings\greg & jacki\Application Data\Microsoft\Internet Explorer\Quick Launch\Windows Media Player.lnk
[2011/05/04 18:44:20 | 000,142,068 | ---- | M] () -- C:\WINDOWS\System32\drivers\AVG\iavichjg.avm
[2011/05/04 18:16:44 | 000,316,640 | ---- | M] () -- C:\WINDOWS\WMSysPr9.prx
[2011/05/02 17:10:26 | 000,001,903 | ---- | M] () -- C:\Documents and Settings\greg & jacki\Desktop\MumboJumbo.com - Premium Casual Games.lnk
[2011/05/02 17:10:26 | 000,000,911 | ---- | M] () -- C:\Documents and Settings\greg & jacki\Desktop\Slingo Quest Hawaii.lnk
[2011/05/02 17:10:09 | 000,000,857 | ---- | M] () -- C:\Documents and Settings\greg & jacki\Desktop\Slingo Quest.lnk
[2011/04/28 20:28:32 | 000,000,664 | ---- | M] () -- C:\WINDOWS\System32\d3d9caps.dat
[2011/04/27 18:05:22 | 000,002,206 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2011/04/17 13:19:56 | 000,000,211 | -HS- | M] () -- C:\boot.ini
[2011/04/16 18:12:31 | 000,001,743 | ---- | M] () -- C:\Documents and Settings\All Users.WINDOWS\Desktop\Adobe Reader X.lnk
[2011/04/13 19:03:41 | 000,095,072 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2011/04/13 18:57:33 | 000,432,594 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
[2011/04/13 18:57:33 | 000,067,510 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
[5 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
========== Files Created - No Company Name ==========
[2011/05/07 09:09:29 | 000,000,512 | ---- | C] () -- C:\Documents and Settings\greg & jacki\Desktop\MBR.dat
[2011/05/07 09:07:15 | 000,300,787 | ---- | C] () -- C:\Documents and Settings\greg & jacki\Desktop\aswMBR.zip
[2011/05/05 17:59:50 | 000,463,172 | ---- | C] () -- C:\Documents and Settings\greg & jacki\My Documents\2011-kentucky-derby-pps.pdf
[2011/05/04 18:56:20 | 000,000,813 | ---- | C] () -- C:\Documents and Settings\greg & jacki\Application Data\Microsoft\Internet Explorer\Quick Launch\Windows Media Player.lnk
[2011/05/03 18:12:00 | 000,049,152 | ---- | C] () -- C:\WINDOWS\InstFunc.exe
[2011/05/02 17:10:26 | 000,000,911 | ---- | C] () -- C:\Documents and Settings\greg & jacki\Desktop\Slingo Quest Hawaii.lnk
[2011/05/02 17:10:10 | 000,001,903 | ---- | C] () -- C:\Documents and Settings\greg & jacki\Desktop\MumboJumbo.com - Premium Casual Games.lnk
[2011/05/02 17:10:09 | 000,000,857 | ---- | C] () -- C:\Documents and Settings\greg & jacki\Desktop\Slingo Quest.lnk
[2011/04/16 18:12:31 | 000,001,743 | ---- | C] () -- C:\Documents and Settings\All Users.WINDOWS\Desktop\Adobe Reader X.lnk
[2011/04/16 18:12:25 | 000,001,804 | ---- | C] () -- C:\Documents and Settings\All Users.WINDOWS\Start Menu\Programs\Adobe Reader X.lnk
[2011/03/26 20:14:02 | 000,000,552 | ---- | C] () -- C:\WINDOWS\System32\d3d8caps.dat
[2011/03/26 19:42:59 | 000,000,664 | ---- | C] () -- C:\WINDOWS\System32\d3d9caps.dat
[2011/03/26 15:48:07 | 000,016,384 | ---- | C] () -- C:\WINDOWS\System32\iwca.dll
[2011/03/26 15:34:37 | 000,002,048 | --S- | C] () -- C:\WINDOWS\bootstat.dat
[2011/03/26 15:25:31 | 000,021,640 | ---- | C] () -- C:\WINDOWS\System32\emptyregdb.dat
[2011/03/26 09:09:04 | 000,004,161 | ---- | C] () -- C:\WINDOWS\ODBCINST.INI
[2011/03/26 08:39:06 | 000,095,072 | ---- | C] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2011/01/25 11:55:52 | 000,000,449 | ---- | C] () -- C:\Program Files\0125201110555187.bat
[2011/01/20 11:19:05 | 000,000,434 | ---- | C] () -- C:\Program Files\0120201110190550.bat
[2010/11/14 10:39:34 | 000,000,447 | ---- | C] () -- C:\Program Files\111420109393415.bat
[2010/08/04 10:04:28 | 000,000,457 | ---- | C] () -- C:\Program Files\0804201010042773.bat
[2006/02/28 07:00:00 | 000,673,088 | ---- | C] () -- C:\WINDOWS\System32\mlang.dat
[2006/02/28 07:00:00 | 000,432,594 | ---- | C] () -- C:\WINDOWS\System32\perfh009.dat
[2006/02/28 07:00:00 | 000,272,128 | ---- | C] () -- C:\WINDOWS\System32\perfi009.dat
[2006/02/28 07:00:00 | 000,218,003 | ---- | C] () -- C:\WINDOWS\System32\dssec.dat
[2006/02/28 07:00:00 | 000,067,510 | ---- | C] () -- C:\WINDOWS\System32\perfc009.dat
[2006/02/28 07:00:00 | 000,046,258 | ---- | C] () -- C:\WINDOWS\System32\mib.bin
[2006/02/28 07:00:00 | 000,028,626 | ---- | C] () -- C:\WINDOWS\System32\perfd009.dat
[2006/02/28 07:00:00 | 000,004,569 | ---- | C] () -- C:\WINDOWS\System32\secupd.dat
[2006/02/28 07:00:00 | 000,001,804 | ---- | C] () -- C:\WINDOWS\System32\dcache.bin
[2006/02/28 07:00:00 | 000,000,741 | ---- | C] () -- C:\WINDOWS\System32\noise.dat
[2006/01/19 02:34:04 | 000,049,152 | ---- | C] () -- C:\WINDOWS\System32\sis660.bin
[2005/10/07 07:13:36 | 000,065,536 | ---- | C] () -- C:\WINDOWS\System32\sis760.bin
[2005/10/07 07:13:36 | 000,065,536 | ---- | C] () -- C:\WINDOWS\System32\sis741.bin
[2003/04/10 08:26:20 | 013,107,200 | ---- | C] () -- C:\WINDOWS\System32\oembios.bin
[2003/04/10 08:25:18 | 000,004,604 | ---- | C] () -- C:\WINDOWS\System32\oembios.dat
========== LOP Check ==========
[2010/08/06 21:09:44 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\7Wonders2
[2010/04/20 09:42:59 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Alawar Stargaze
[2010/02/02 09:42:55 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Arkadium
[2011/02/05 10:58:17 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\AVG10
[2010/12/04 20:50:13 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\avg9
[2011/03/19 17:43:12 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Big Fish Games
[2010/06/14 20:27:53 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\cerasus.media
[2010/10/16 14:56:10 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Application Data\Common Files
[2010/05/10 19:37:29 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Deadtime Stories
[2010/03/23 13:20:39 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\EdensQuest
[2010/07/18 16:04:24 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\EmailNotifier
[2010/03/30 15:52:56 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\FarmFrenzy3_Arctica
[2010/05/12 07:00:14 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Fenomen Games
[2010/12/29 17:36:39 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\FireGlow
[2010/10/12 19:05:32 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Free Ride Games
[2010/02/19 19:23:53 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Fugazo
[2010/03/20 19:00:42 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\GameBlend
[2010/02/24 19:47:43 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\GameHouse
[2010/05/21 05:53:53 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Grey Alien Games
[2010/03/01 08:02:22 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\HideAndSecret3
[2010/12/09 15:57:37 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\iWin Games
[2010/02/13 18:09:51 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\JollyBear
[2010/05/08 19:47:55 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\KrissX
[2010/01/30 18:07:04 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\LightScribe
[2010/02/18 11:22:54 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\LocusGames
[2010/10/04 15:42:22 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Ludia
[2010/02/24 11:25:56 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Merscom
[2011/02/05 10:42:27 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\MFAData
[2011/03/16 19:48:46 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\MumboJumbo
[2010/10/13 20:51:44 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\MyHeritage
[2010/01/31 17:20:36 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\n7-89-o9-3r-4t-r9
[2010/06/16 06:14:53 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\NeoEdge Networks
[2011/01/04 10:00:59 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Oberon Media
[2010/05/22 21:03:13 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\PlayFirst
[2010/03/09 11:36:03 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\PoBros
[2010/06/19 05:50:04 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\rionix
[2010/04/05 07:23:23 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Sandlot Games
[2010/10/21 16:38:11 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\SpinTop
[2010/05/23 08:54:47 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\SulusGames
[2010/07/18 05:26:27 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\T1 Games
[2010/06/23 10:41:32 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\TeleportGamesLtd
[2011/02/26 17:05:56 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\TEMP
[2010/10/04 17:37:39 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Winferno
[2010/10/01 20:37:18 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\WorldWinner
[2010/02/01 10:58:19 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Zylom
[2010/01/30 13:19:09 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\{755AC846-7372-4AC8-8550-C52491DAA8BD}
[2011/03/26 15:16:07 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users.WINDOWS\Application Data\AVG10
[2011/03/26 15:15:10 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users.WINDOWS\Application Data\Common Files
[2011/05/06 19:17:11 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users.WINDOWS\Application Data\MFAData
[2011/03/26 15:18:16 | 000,000,000 | ---D | M] -- C:\Documents and Settings\greg & jacki\Application Data\AVG10
[2011/05/03 17:59:55 | 000,000,000 | ---D | M] -- C:\Documents and Settings\greg & jacki\Application Data\funkitron
[2011/03/26 15:44:46 | 000,000,000 | ---D | M] -- C:\Documents and Settings\greg & jacki\Application Data\MSNInstaller
[2010/10/04 18:40:46 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Valued Customer\Application Data\Alawar
[2011/01/27 20:41:27 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Valued Customer\Application Data\alot
[2010/03/17 10:17:44 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Valued Customer\Application Data\Arkadium
[2010/04/24 08:05:51 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Valued Customer\Application Data\Auslogics
[2010/10/16 16:07:22 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Valued Customer\Application Data\AVG
[2010/10/16 15:22:26 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Valued Customer\Application Data\AVG10
[2010/05/25 06:36:38 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Valued Customer\Application Data\Beep Industries
[2010/05/24 10:24:55 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Valued Customer\Application Data\Big Fish Games
[2010/06/05 10:13:22 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Valued Customer\Application Data\Boomzap
[2010/02/27 16:45:16 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Valued Customer\Application Data\Camel101
[2010/06/14 20:27:49 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Valued Customer\Application Data\cerasus.media
[2010/06/02 13:49:13 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Valued Customer\Application Data\Chains
[2011/01/10 18:33:46 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Valued Customer\Application Data\Clickteam
[2010/07/18 19:04:18 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Valued Customer\Application Data\Clip Art Collection
[2010/05/13 10:54:41 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Valued Customer\Application Data\com.adobe.mauby.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1
[2010/10/04 17:33:47 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Valued Customer\Application Data\com.zoosk.Desktop.096E6A67431258A508A2446A847B240591D2C99B.1
[2010/06/21 20:39:22 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Valued Customer\Application Data\Dragon Altar Games
[2010/05/01 16:33:43 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Valued Customer\Application Data\EcoRescue
[2010/08/08 07:01:14 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Valued Customer\Application Data\Enlightenus2_BFG
[2010/02/06 11:26:25 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Valued Customer\Application Data\Enlightenus_Real
[2010/10/04 17:33:13 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Valued Customer\Application Data\facemoods.com
[2010/06/12 13:54:58 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Valued Customer\Application Data\Fugazo
[2010/10/21 19:08:47 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Valued Customer\Application Data\funkitron
[2010/03/20 19:00:42 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Valued Customer\Application Data\GameBlend
[2010/02/01 16:24:52 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Valued Customer\Application Data\GameHousev1002
[2010/04/14 17:00:17 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Valued Customer\Application Data\Gold Casual Games
[2010/03/02 21:20:53 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Valued Customer\Application Data\HiT-MM
[2011/03/17 18:44:50 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Valued Customer\Application Data\Hoyle FaceCreator
[2011/03/17 19:50:02 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Valued Customer\Application Data\Hoyle Puzzle and Board Games
[2010/12/09 15:57:39 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Valued Customer\Application Data\iWin
[2010/07/14 10:44:07 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Valued Customer\Application Data\KranX Productions
[2010/05/11 10:28:18 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Valued Customer\Application Data\Lazy Turtle Games
[2010/03/26 18:29:40 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Valued Customer\Application Data\Little Worlds Online
[2010/02/18 11:22:54 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Valued Customer\Application Data\LocusGames
[2010/10/05 21:49:27 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Valued Customer\Application Data\Ludia
[2010/02/22 19:46:36 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Valued Customer\Application Data\MagicBall4
[2010/12/09 11:37:09 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Valued Customer\Application Data\Masque
[2010/02/02 10:39:01 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Valued Customer\Application Data\MB3
[2010/02/23 13:14:07 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Valued Customer\Application Data\MB4
[2010/02/24 11:25:56 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Valued Customer\Application Data\Merscom
[2011/03/19 18:24:21 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Valued Customer\Application Data\MSNInstaller
[2011/03/16 19:48:46 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Valued Customer\Application Data\MumboJumbo
[2010/08/20 23:29:04 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Valued Customer\Application Data\myfreezetoolbar
[2010/10/13 20:51:44 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Valued Customer\Application Data\MyHeritage
[2011/01/31 15:16:41 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Valued Customer\Application Data\Namco
[2011/02/05 10:24:11 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Valued Customer\Application Data\Oberon Media
[2010/07/29 08:47:12 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Valued Customer\Application Data\Orneon
[2010/03/03 11:51:10 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Valued Customer\Application Data\Pharaohs Secret
[2010/05/10 06:59:02 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Valued Customer\Application Data\PlayFirst
[2010/03/09 11:36:03 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Valued Customer\Application Data\PoBros
[2010/06/28 10:59:03 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Valued Customer\Application Data\Pogo Games
[2011/03/26 13:06:49 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Valued Customer\Application Data\PriceGong
[2011/02/26 17:04:21 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Valued Customer\Application Data\Registry Mechanic
[2011/01/14 10:14:10 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Valued Customer\Application Data\simppulltoolbar
[2010/02/02 10:34:45 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Valued Customer\Application Data\SmashFrenzy3
[2010/02/23 12:11:30 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Valued Customer\Application Data\SmashFrenzy4
[2010/10/21 16:38:11 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Valued Customer\Application Data\SpinTop
[2010/10/21 11:47:35 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Valued Customer\Application Data\SpinTop Games
[2010/07/15 20:31:41 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Valued Customer\Application Data\SquareLogic
[2010/05/23 08:54:47 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Valued Customer\Application Data\SulusGames
[2010/06/23 10:41:32 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Valued Customer\Application Data\TeleportGamesLtd
[2010/07/19 03:16:29 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Valued Customer\Application Data\Titanium Gears
[2010/02/15 09:52:17 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Valued Customer\Application Data\VTExtra
[2010/07/18 16:04:55 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Valued Customer\Application Data\WeatherBug
[2010/04/03 14:07:37 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Valued Customer\Application Data\Western Software Technologies
[2010/07/08 18:42:45 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Valued Customer\Application Data\Zylom
========== Purity Check ==========
========== Custom Scans ==========
< %SYSTEMDRIVE%\*.exe >
< MD5 for: EXPLORER.EXE >
[2008/04/13 19:12:19 | 001,033,728 | ---- | M] (Microsoft Corporation) MD5=12896823FB95BFB3DC9B46BCAEDC9923 -- C:\WINDOWS\explorer.exe
[2008/04/13 19:12:19 | 001,033,728 | ---- | M] (Microsoft Corporation) MD5=12896823FB95BFB3DC9B46BCAEDC9923 -- C:\WINDOWS\ServicePackFiles\i386\explorer.exe
[2006/02/28 07:00:00 | 001,032,192 | ---- | M] (Microsoft Corporation) MD5=A0732187050030AE399B241436565E64 -- C:\WINDOWS\$NtServicePackUninstall$\explorer.exe
< MD5 for: SVCHOST.EXE >
[2008/04/13 19:12:36 | 000,014,336 | ---- | M] (Microsoft Corporation) MD5=27C6D03BCDB8CFEB96B716F3D8BE3E18 -- C:\WINDOWS\ServicePackFiles\i386\svchost.exe
[2008/04/13 19:12:36 | 000,014,336 | ---- | M] (Microsoft Corporation) MD5=27C6D03BCDB8CFEB96B716F3D8BE3E18 -- C:\WINDOWS\system32\svchost.exe
[2006/02/28 07:00:00 | 000,014,336 | ---- | M] (Microsoft Corporation) MD5=8F078AE4ED187AAABC0A305146DE6716 -- C:\WINDOWS\$NtServicePackUninstall$\svchost.exe
< MD5 for: USERINIT.EXE >
[2006/02/28 07:00:00 | 000,024,576 | ---- | M] (Microsoft Corporation) MD5=39B1FFB03C2296323832ACBAE50D2AFF -- C:\WINDOWS\$NtServicePackUninstall$\userinit.exe
[2008/04/13 19:12:38 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=A93AEE1928A9D7CE3E16D24EC7380F89 -- C:\WINDOWS\ServicePackFiles\i386\userinit.exe
[2008/04/13 19:12:38 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=A93AEE1928A9D7CE3E16D24EC7380F89 -- C:\WINDOWS\system32\userinit.exe
< MD5 for: WINLOGON.EXE >
[2006/02/28 07:00:00 | 000,502,272 | ---- | M] (Microsoft Corporation) MD5=01C3346C241652F43AED8E2149881BFE -- C:\WINDOWS\$NtServicePackUninstall$\winlogon.exe
[2008/04/13 19:12:39 | 000,507,904 | ---- | M] (Microsoft Corporation) MD5=ED0EF0A136DEC83DF69F04118870003E -- C:\WINDOWS\ServicePackFiles\i386\winlogon.exe
[2008/04/13 19:12:39 | 000,507,904 | ---- | M] (Microsoft Corporation) MD5=ED0EF0A136DEC83DF69F04118870003E -- C:\WINDOWS\system32\winlogon.exe
< %systemroot%\*. /mp /s >
< hklm\software\clients\startmenuinternet|command /rs >
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\InstallInfo\\ReinstallCommand: "C:\WINDOWS\system32\ie4uinit.exe" -reinstall [2011/02/18 06:49:53 | 000,173,568 | ---- | M] (Microsoft Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\InstallInfo\\HideIconsCommand: "C:\WINDOWS\system32\ie4uinit.exe" -hide [2011/02/18 06:49:53 | 000,173,568 | ---- | M] (Microsoft Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\InstallInfo\\ShowIconsCommand: "C:\WINDOWS\system32\ie4uinit.exe" -show [2011/02/18 06:49:53 | 000,173,568 | ---- | M] (Microsoft Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\shell\naom\command\\: "C:\Program Files\Internet Explorer\iexplore.exe" -extoff [2009/03/08 14:09:26 | 000,638,816 | ---- | M] (Microsoft Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\shell\open\command\\: C:\Program Files\Internet Explorer\iexplore.exe [2009/03/08 14:09:26 | 000,638,816 | ---- | M] (Microsoft Corporation)
< hklm\software\clients\startmenuinternet|command /64 /rs >
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\InstallInfo\\ReinstallCommand: "C:\WINDOWS\system32\ie4uinit.exe" -reinstall [2011/02/18 06:49:53 | 000,173,568 | ---- | M] (Microsoft Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\InstallInfo\\HideIconsCommand: "C:\WINDOWS\system32\ie4uinit.exe" -hide [2011/02/18 06:49:53 | 000,173,568 | ---- | M] (Microsoft Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\InstallInfo\\ShowIconsCommand: "C:\WINDOWS\system32\ie4uinit.exe" -show [2011/02/18 06:49:53 | 000,173,568 | ---- | M] (Microsoft Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\shell\naom\command\\: "C:\Program Files\Internet Explorer\iexplore.exe" -extoff [2009/03/08 14:09:26 | 000,638,816 | ---- | M] (Microsoft Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\shell\open\command\\: C:\Program Files\Internet Explorer\iexplore.exe [2009/03/08 14:09:26 | 000,638,816 | ---- | M] (Microsoft Corporation)
========== Alternate Data Streams ==========
@Alternate Data Stream - 96 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:52B72A7C
@Alternate Data Stream - 94 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:B7F2E188
@Alternate Data Stream - 94 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:9D7DCAE4
@Alternate Data Stream - 250 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:0B352B60
@Alternate Data Stream - 207 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:34FC1C45
@Alternate Data Stream - 195 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:F7124EAF
@Alternate Data Stream - 176 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:DA2524F0
@Alternate Data Stream - 153 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:FCB70953
@Alternate Data Stream - 151 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:3DBE461A
@Alternate Data Stream - 149 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:FEF919E6
@Alternate Data Stream - 149 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:64170090
@Alternate Data Stream - 148 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:956EC010
@Alternate Data Stream - 147 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:C8591AF9
@Alternate Data Stream - 147 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:445352A1
@Alternate Data Stream - 147 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:1A3FC1C4
@Alternate Data Stream - 146 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:CBAC4FD8
@Alternate Data Stream - 146 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:99A72E3A
@Alternate Data Stream - 144 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:DF8984AC
@Alternate Data Stream - 144 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:C76CFF82
@Alternate Data Stream - 144 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:753F86A9
@Alternate Data Stream - 144 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:24AB14E7
@Alternate Data Stream - 143 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:A2FF62A6
@Alternate Data Stream - 142 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:ED705107
@Alternate Data Stream - 141 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:6987107A
@Alternate Data Stream - 141 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:56EE2CAF
@Alternate Data Stream - 141 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:50308CED
@Alternate Data Stream - 141 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:4F7FE589
@Alternate Data Stream - 141 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:1AE68282
@Alternate Data Stream - 141 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:1079C01D
@Alternate Data Stream - 140 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:93F33FB9
@Alternate Data Stream - 139 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:E6CCB309
@Alternate Data Stream - 139 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:3AF262FC
@Alternate Data Stream - 137 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:5BDD0820
@Alternate Data Stream - 137 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:05670151
@Alternate Data Stream - 136 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:F6DD01C6
@Alternate Data Stream - 136 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:63A71C6F
@Alternate Data Stream - 136 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:5E748D4C
@Alternate Data Stream - 135 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:C43BFB01
@Alternate Data Stream - 135 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:8AD1F2E0
@Alternate Data Stream - 134 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:82C50600
@Alternate Data Stream - 133 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:FEECF2C8
@Alternate Data Stream - 132 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:0441DB7A
@Alternate Data Stream - 130 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:EAF954B6
@Alternate Data Stream - 130 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:EA1919C7
@Alternate Data Stream - 130 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:9D6EAEC3
@Alternate Data Stream - 129 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:F94CB4DD
@Alternate Data Stream - 129 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:93EB7685
@Alternate Data Stream - 127 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:DB779A93
@Alternate Data Stream - 127 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:B110897C
@Alternate Data Stream - 126 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:E7220DEE
@Alternate Data Stream - 126 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:D3A89E47
@Alternate Data Stream - 126 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:062B5EB4
@Alternate Data Stream - 125 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:93EC675B
@Alternate Data Stream - 124 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:ACCFA538
@Alternate Data Stream - 124 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:53DF4438
@Alternate Data Stream - 124 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:3F692B26
@Alternate Data Stream - 124 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:0B4227B4
@Alternate Data Stream - 124 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:029E021F
@Alternate Data Stream - 122 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:49BE0F68
@Alternate Data Stream - 122 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:21F28B00
@Alternate Data Stream - 120 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:372A7EB3
@Alternate Data Stream - 119 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:B3938129
@Alternate Data Stream - 119 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:AECF4772
@Alternate Data Stream - 118 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:F68CB977
@Alternate Data Stream - 118 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:78AFAE94
@Alternate Data Stream - 116 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:A1165550
@Alternate Data Stream - 115 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:FAEAE395
@Alternate Data Stream - 115 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:EDDF646C
@Alternate Data Stream - 114 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:4111E573
@Alternate Data Stream - 114 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:09708CB7
@Alternate Data Stream - 112 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:C25D218B
@Alternate Data Stream - 111 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:F92AD177
@Alternate Data Stream - 111 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:20E32CC7
@Alternate Data Stream - 111 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:0CE0AE44
@Alternate Data Stream - 110 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:8DFE5191
@Alternate Data Stream - 109 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:109D64EB
@Alternate Data Stream - 108 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:93F3E4C9
@Alternate Data Stream - 108 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:3572BAC0
@Alternate Data Stream - 107 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:AFFC859A
@Alternate Data Stream - 106 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:EDD903C5
@Alternate Data Stream - 105 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:3595B780
@Alternate Data Stream - 104 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:D1B5B4F1
@Alternate Data Stream - 104 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:8668AB36
@Alternate Data Stream - 103 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:BEE8C8B8
@Alternate Data Stream - 103 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:0D4A6333
@Alternate Data Stream - 101 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:DEEA5B0E
@Alternate Data Stream - 101 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:573DC2A3
@Alternate Data Stream - 101 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:00C3A74E
< End of report >
OTL Extras logfile created on: 5/7/2011 9:13:22 AM - Run 1
OTL by OldTimer - Version 3.2.22.3 Folder = C:\Documents and Settings\greg & jacki\Desktop
Windows XP Home Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy
479.00 Mb Total Physical Memory | 95.00 Mb Available Physical Memory | 20.00% Memory free
1.00 Gb Paging File | 1.00 Gb Available in Paging File | 63.00% Paging File free
Paging file location(s): C:\pagefile.sys 720 1440 [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 74.52 Gb Total Space | 57.78 Gb Free Space | 77.54% Space Free | Partition Type: NTFS
Drive D: | 41.94 Mb Total Space | 0.00 Mb Free Space | 0.00% Space Free | Partition Type: CDFS
Computer Name: GREG-3BDFF4E7CC | User Name: greg & jacki | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Quick Scan
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days
========== Extra Registry (SafeList) ==========
========== File Associations ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
========== Shell Spawning ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
exefile [open] -- "%1" %*
htmlfile [edit] -- Reg Error: Key error.
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
========== Security Center Settings ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"FirstRunDisabled" = 1
"AntiVirusDisableNotify" = 0
"FirewallDisableNotify" = 0
"UpdatesDisableNotify" = 0
"AntiVirusOverride" = 0
"FirewallOverride" = 0
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall]
========== System Restore Settings ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Sr]
"Start" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SrService]
"Start" = 2
========== Firewall Settings ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
========== Authorized Applications List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"C:\Program Files\AVG\AVG10\avgnsx.exe" = C:\Program Files\AVG\AVG10\avgnsx.exe:*:Enabled:Online Shield -- (AVG Technologies CZ, s.r.o.)
"C:\Program Files\AVG\AVG10\avgmfapx.exe" = C:\Program Files\AVG\AVG10\avgmfapx.exe:*:Enabled:AVG Installer -- (AVG Technologies CZ, s.r.o.)
"C:\Program Files\AVG\AVG10\avgemcx.exe" = C:\Program Files\AVG\AVG10\avgemcx.exe:*:Enabled:Personal E-mail Scanner -- (AVG Technologies CZ, s.r.o.)
========== HKEY_LOCAL_MACHINE Uninstall List ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{0E2B0B41-7E08-4F9F-B21F-41C4133F43B7}" = mLogView
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{23FB368F-1399-4EAC-817C-4B83ECBE3D83}" = mProSafe
"{26A24AE4-039D-4CA4-87B4-2F83216024FF}" = Java 6 Update 24
"{28DA872A-0848-48CF-B749-19A198157A2A}" = mDriver
"{350C97B0-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP
"{3E9D596A-61D4-4239-BD19-2DB984D2A16F}" = mIWA
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{6DE14BE4-6F04-4935-8ABD-A0A19FE2E55A}" = mCore
"{6FFFE74E-3FBD-4E2E-97F9-5E9A2A077626}" = mIWCA
"{7CD7A451-7224-49C8-95EF-9A1859C66607}" = mZConfig
"{8B928BA1-EDEC-4227-A2DA-DD83026C36F5}" = mPfMgr
"{8C6BB412-D3A8-4AAE-A01B-35B681789D68}" = mHelp
"{90B0D222-8C21-4B35-9262-53B042F18AF9}" = mPfWiz
"{9CC89556-3578-48DD-8408-04E66EBEF401}" = mXML
"{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}" = Microsoft .NET Framework 3.0 Service Pack 2
"{A64FF1D4-9CBC-467C-8D11-C1AFAA0B8AFF}" = AVG 2011
"{AC76BA86-7AD7-1033-7B44-AA0000000001}" = Adobe Reader X (10.0.1)
"{AFF7E080-1974-45BF-9310-10DE1A1F5ED0}" = Adobe AIR
"{B502B428-3386-40A9-98DB-079AAB72E64F}" = mEoU.msi
"{BAF78226-3200-4DB4-BE33-4D922A799840}" = Windows Presentation Foundation
"{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}" = Microsoft .NET Framework 2.0 Service Pack 2
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{D4E53304-1F6C-4111-9872-1BCD2CF5B642}" = AVG 2011
"{F0BFC7EF-9CF8-44EE-91B0-158884CD87C5}" = mMHouse
"{F6090A17-0967-4A8A-B3C3-422A1B514D49}" = mDrWiFi
"{FCA651F3-5BDA-4DDA-9E4A-5D87D6914CC4}" = mWlsSafe
"Adobe AIR" = Adobe AIR
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Adobe Shockwave Player" = Adobe Shockwave Player 11.5
"AVG" = AVG 2011
"CAL" = Canon Camera Access Library
"CameraWindowDC8" = Canon Utilities CameraWindow DC 8
"CameraWindowLauncher" = Canon Utilities CameraWindow Launcher
"CCleaner" = CCleaner
"ie8" = Windows Internet Explorer 8
"Luxor" = Luxor (remove only)
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"MyCamera Download Plugin" = CANON iMAGE GATEWAY MyCamera Download Plugin
"ProInst" = Intel® PROSet/Wireless Software
"Slingo Quest" = Slingo Quest
"Slingo Quest Hawaii" = Slingo Quest Hawaii
"Super Collapse! 3" = Super Collapse! 3
"Windows XP Service Pack" = Windows XP Service Pack 3
"XpsEPSC" = XML Paper Specification Shared Components Pack 1.0
========== Last 10 Event Log Errors ==========
[ Application Events ]
Error - 3/26/2011 9:40:41 PM | Computer Name = GREG-3BDFF4E7CC | Source = Application Error | ID = 1000
Description = Faulting application demo32.exe, version 7.53.100.1012, faulting module
demo32.exe, version 7.53.100.1012, fault address 0x00028d5f.
Error - 3/26/2011 9:40:49 PM | Computer Name = GREG-3BDFF4E7CC | Source = Application Error | ID = 1001
Description = Fault bucket 00504417.
Error - 4/17/2011 2:42:26 PM | Computer Name = GREG-3BDFF4E7CC | Source = .NET Runtime Optimization Service | ID = 1101
Description = .NET Runtime Optimization Service (clr_optimization_v2.0.50727_32)
- Failed to compile: C:\Program Files\Reference Assemblies\Microsoft\Framework\v3.0\System.ServiceModel.dll
. Error code = 0x80070020
Error - 5/4/2011 7:27:04 PM | Computer Name = GREG-3BDFF4E7CC | Source = MsiInstaller | ID = 11920
Description = Product: LightScribe 1.4.42.1 -- Error 1920.Service LightScribeService
(LightScribeService) failed to start. Verify that you have sufficient privileges
to start system services.
Error - 5/4/2011 7:29:29 PM | Computer Name = GREG-3BDFF4E7CC | Source = Application Error | ID = 1000
Description = Faulting application setup.exe, version 0.0.0.0, faulting module setup.exe,
version 0.0.0.0, fault address 0x00021e7a.
Error - 5/4/2011 7:29:38 PM | Computer Name = GREG-3BDFF4E7CC | Source = Application Error | ID = 1001
Description = Fault bucket 00502427.
Error - 5/4/2011 7:30:03 PM | Computer Name = GREG-3BDFF4E7CC | Source = Application Error | ID = 1000
Description = Faulting application install.exe, version 0.0.0.0, faulting module
, version 0.0.0.0, fault address 0x00000000.
Error - 5/6/2011 9:07:58 PM | Computer Name = GREG-3BDFF4E7CC | Source = Application Hang | ID = 1002
Description = Hanging application iexplore.exe, version 8.0.6001.18702, hang module
hungapp, version 0.0.0.0, hang address 0x00000000.
Error - 5/6/2011 9:08:00 PM | Computer Name = GREG-3BDFF4E7CC | Source = Application Hang | ID = 1002
Description = Hanging application iexplore.exe, version 8.0.6001.18702, hang module
hungapp, version 0.0.0.0, hang address 0x00000000.
Error - 5/6/2011 9:08:13 PM | Computer Name = GREG-3BDFF4E7CC | Source = Application Hang | ID = 1001
Description = Fault bucket 1180947459.
[ System Events ]
Error - 4/10/2011 3:49:53 PM | Computer Name = GREG-3BDFF4E7CC | Source = W32Time | ID = 39452701
Description = The time provider NtpClient is configured to acquire time from one
or more time sources, however none of the sources are currently accessible. No attempt
to contact a source will be made for 14 minutes. NtpClient has no source of accurate
time.
Error - 4/10/2011 3:49:53 PM | Computer Name = GREG-3BDFF4E7CC | Source = W32Time | ID = 39452689
Description = Time Provider NtpClient: An error occurred during DNS lookup of the
manually configured peer 'time.windows.com,0x1'. NtpClient will try the DNS lookup
again in 15 minutes. The error was: A socket operation was attempted to an unreachable
host. (0x80072751)
Error - 4/10/2011 3:49:53 PM | Computer Name = GREG-3BDFF4E7CC | Source = W32Time | ID = 39452701
Description = The time provider NtpClient is configured to acquire time from one
or more time sources, however none of the sources are currently accessible. No attempt
to contact a source will be made for 15 minutes. NtpClient has no source of accurate
time.
Error - 4/10/2011 4:28:32 PM | Computer Name = GREG-3BDFF4E7CC | Source = ACPIEC | ID = 327681
Description = \Device\ACPIEC: The embedded controller (EC) hardware didn't respond
within the timeout period. This may indicate an error in the EC hardware or firmware,
or possibly a poorly designed BIOS which accesses the EC in an unsafe manner.
The EC driver will retry the failed transaction if possible.
Error - 4/10/2011 4:29:02 PM | Computer Name = GREG-3BDFF4E7CC | Source = ACPIEC | ID = 327681
Description = \Device\ACPIEC: The embedded controller (EC) hardware didn't respond
within the timeout period. This may indicate an error in the EC hardware or firmware,
or possibly a poorly designed BIOS which accesses the EC in an unsafe manner.
The EC driver will retry the failed transaction if possible.
Error - 4/16/2011 7:18:48 PM | Computer Name = GREG-3BDFF4E7CC | Source = ACPIEC | ID = 327681
Description = \Device\ACPIEC: The embedded controller (EC) hardware didn't respond
within the timeout period. This may indicate an error in the EC hardware or firmware,
or possibly a poorly designed BIOS which accesses the EC in an unsafe manner.
The EC driver will retry the failed transaction if possible.
Error - 4/16/2011 10:42:04 PM | Computer Name = GREG-3BDFF4E7CC | Source = ACPIEC | ID = 327681
Description = \Device\ACPIEC: The embedded controller (EC) hardware didn't respond
within the timeout period. This may indicate an error in the EC hardware or firmware,
or possibly a poorly designed BIOS which accesses the EC in an unsafe manner.
The EC driver will retry the failed transaction if possible.
Error - 4/16/2011 11:28:13 PM | Computer Name = GREG-3BDFF4E7CC | Source = ACPIEC | ID = 327681
Description = \Device\ACPIEC: The embedded controller (EC) hardware didn't respond
within the timeout period. This may indicate an error in the EC hardware or firmware,
or possibly a poorly designed BIOS which accesses the EC in an unsafe manner.
The EC driver will retry the failed transaction if possible.
Error - 4/17/2011 2:46:15 PM | Computer Name = GREG-3BDFF4E7CC | Source = ACPIEC | ID = 327681
Description = \Device\ACPIEC: The embedded controller (EC) hardware didn't respond
within the timeout period. This may indicate an error in the EC hardware or firmware,
or possibly a poorly designed BIOS which accesses the EC in an unsafe manner.
The EC driver will retry the failed transaction if possible.
Error - 4/17/2011 3:13:02 PM | Computer Name = GREG-3BDFF4E7CC | Source = ACPIEC | ID = 327681
Description = \Device\ACPIEC: The embedded controller (EC) hardware didn't respond
within the timeout period. This may indicate an error in the EC hardware or firmware,
or possibly a poorly designed BIOS which accesses the EC in an unsafe manner.
The EC driver will retry the failed transaction if possible.
< End of report >
#69
Posted 07 May 2011 - 09:32 AM
Hmm you are a bit tight on RAM - so would you mind trying an experiment ? What I propose is removing AVG and installing a lighter anti virus programme
Meanwhile lets clear your temporary files
Clear Cache/Temp Files
Download TFC by OldTimer to your desktop
Meanwhile lets clear your temporary files
Clear Cache/Temp Files
Download TFC by OldTimer to your desktop
- Please double-click TFC.exe to run it. (Note: If you are running on Vista, right-click on the file and choose Run As Administrator).
- It will close all programs when run, so make sure you have saved all your work before you begin.
- Click the Start button to begin the process. Depending on how often you clean temp files, execution time should be anywhere from a few seconds to a minute or two. Let it run uninterrupted to completion.
- Once it's finished it should reboot your machine. If it does not, please manually reboot the machine yourself to ensure a complete clean.
#70
Posted 07 May 2011 - 09:35 AM
i understand...this is an old comp gonna run tfc now thanks.
#71
Posted 07 May 2011 - 09:40 AM
done with tfc
#72
Posted 07 May 2011 - 09:43 AM
Are you game to change AV's ? If so I would recommend that you download on the laptop and transfer across
#73
Posted 07 May 2011 - 09:48 AM
should i uninstall avg then? i have no problem with that. and i am at home..this is our only link to the internet.
#74
Posted 07 May 2011 - 09:51 AM
Yes I am looking at reducing the load on this computer, AVG is a bit heavy on resources and a lighter AV may help. However, it is a 60Mb download
#75
Posted 07 May 2011 - 09:54 AM
i will uninstall avg...let me know what you would like me to do next.unfortunatly...i live 2 miles from the horsetrack and i have been charged by numerous family members to place their bets for the kentucky derby..i promise to be back within 2 hours...i know your time is valuable!!!! thank you for eveything.
Similar Topics
0 user(s) are reading this topic
0 members, 0 guests, 0 anonymous users