Jump to content

Welcome to Geeks to Go - Register now for FREE

Geeks To Go is a helpful hub, where thousands of volunteer geeks quickly serve friendly answers and support. Check out the forums and get free advice from the experts. Register now to gain access to all of our features, it's FREE and only takes one minute. Once registered and logged in, you will be able to create topics, post replies to existing threads, give reputation to your fellow members, get your own private messenger, post status updates, manage your profile and so much more.

Create Account How it Works
Photo

WinXP Box is slow as mud. Need help interpreting these logs for a tun


  • Please log in to reply

#1
sktx

sktx

    New Member

  • Member
  • Pip
  • 2 posts
I haven't used a Windows machine for more than a few minutes in years, but my dad recently scored a Win XP media center box from some kid who was upgrading. Problem is, he'd installed every toolbar and "spyware cleaner" he could find. A lot of it has been cleaned out, I think, but it's still running slow as mud and he's too stubborn to switch over to linux in his old age. I was just wondering if anyone could help me interpret these logs and maybe shoot me a little advice on tuning this clunker up.

OTL log:
OTL logfile created on: 2/28/2012 4:48:39 PM - Run 1
OTL by OldTimer - Version 3.2.33.2     Folder = C:\Downloads
Windows XP Media Center Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy
 
446.42 Mb Total Physical Memory | 28.10 Mb Available Physical Memory | 6.29% Memory free
1.21 Gb Paging File | 0.44 Gb Available in Paging File | 36.29% Paging File free
Paging file location(s): C:\pagefile.sys 672 1344 [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 74.50 Gb Total Space | 54.84 Gb Free Space | 73.61% Space Free | Partition Type: NTFS
Unable to calculate disk information.
 
Computer Name: GSPOT | User Name: JR | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days
 
[color=#E56717]========== Processes (SafeList) ==========[/color]
 
PRC - [2012/02/28 16:48:23 | 000,583,680 | ---- | M] (OldTimer Tools) -- C:\Downloads\OTL.exe
PRC - [2012/02/24 16:57:40 | 000,740,216 | ---- | M] (BitTorrent, Inc.) -- C:\Program Files\uTorrent\uTorrent.exe
PRC - [2012/02/14 21:03:37 | 001,049,072 | ---- | M] (Google Inc.) -- C:\Program Files\Google\Chrome\Application\chrome.exe
PRC - [2011/07/28 15:08:12 | 001,259,376 | ---- | M] () -- C:\Program Files\DivX\DivX Update\DivXUpdate.exe
PRC - [2008/12/16 21:59:50 | 000,150,040 | ---- | M] (Logitech Inc.) -- C:\Program Files\Common Files\logishrd\LVMVFM\LVPrcSrv.exe
PRC - [2008/04/14 05:42:20 | 001,033,728 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
 
 
[color=#E56717]========== Modules (No Company Name) ==========[/color]
 
MOD - [2012/02/14 21:03:36 | 000,429,040 | ---- | M] () -- C:\Program Files\Google\Chrome\Application\17.0.963.56\ppgooglenaclpluginchrome.dll
MOD - [2012/02/14 21:03:34 | 003,772,912 | ---- | M] () -- C:\Program Files\Google\Chrome\Application\17.0.963.56\pdf.dll
MOD - [2012/02/14 21:02:10 | 000,122,880 | ---- | M] () -- C:\Program Files\Google\Chrome\Application\17.0.963.56\avutil-51.dll
MOD - [2012/02/14 21:02:08 | 000,220,672 | ---- | M] () -- C:\Program Files\Google\Chrome\Application\17.0.963.56\avformat-53.dll
MOD - [2012/02/14 21:02:07 | 001,747,456 | ---- | M] () -- C:\Program Files\Google\Chrome\Application\17.0.963.56\avcodec-53.dll
MOD - [2012/02/14 18:00:24 | 008,593,568 | ---- | M] () -- C:\Program Files\Google\Chrome\Application\17.0.963.56\gcswf32.dll
MOD - [2011/07/28 15:09:42 | 000,096,112 | ---- | M] () -- C:\Program Files\DivX\DivX Update\DivXUpdateCheck.dll
MOD - [2011/07/28 15:08:12 | 001,259,376 | ---- | M] () -- C:\Program Files\DivX\DivX Update\DivXUpdate.exe
MOD - [2009/11/27 09:11:44 | 001,291,776 | ---- | M] () -- C:\WINDOWS\system32\quartz.dll
MOD - [2008/04/14 05:42:00 | 000,014,336 | ---- | M] () -- C:\WINDOWS\system32\msdmo.dll
MOD - [2008/04/14 05:41:52 | 000,059,904 | ---- | M] () -- C:\WINDOWS\system32\devenum.dll
MOD - [2007/09/20 18:34:58 | 000,129,024 | ---- | M] () -- C:\Program Files\WinRAR\RarExt.dll
MOD - [2006/08/23 14:12:44 | 000,466,944 | ---- | M] () -- C:\WINDOWS\system32\nvshell.dll
MOD - [2006/08/23 14:12:38 | 000,196,608 | ---- | M] () -- C:\WINDOWS\system32\nvapi.dll
MOD - [2004/08/10 03:00:00 | 000,268,288 | ---- | M] () -- C:\WINDOWS\system32\sbe.dll
 
 
[color=#E56717]========== Win32 Services (SafeList) ==========[/color]
 
SRV - [2010/02/19 19:30:16 | 000,067,360 | ---- | M] (NOS Microsystems Ltd.) [On_Demand | Stopped] -- C:\Program Files\NOS\bin\getPlus_Helper.dll -- (getPlusHelper) getPlus(R)
SRV - [2008/12/16 21:59:50 | 000,150,040 | ---- | M] (Logitech Inc.) [Auto | Running] -- C:\Program Files\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exe -- (LVPrcSrv)
SRV - [2008/04/14 05:42:04 | 000,105,472 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\WINDOWS\system32\p2pgasvc.dll -- (p2pgasvc)
SRV - [2006/01/05 00:06:02 | 000,163,840 | ---- | M] (Alex Feinman) [On_Demand | Stopped] -- C:\Program Files\ISO Recorder\ImapiHelper.exe -- (Imapi Helper)
 
 
[color=#E56717]========== Driver Services (SafeList) ==========[/color]
 
DRV - [2011/06/15 00:23:56 | 000,060,156 | ---- | M] (PowerISO Computing, Inc.) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\scdemu.sys -- (SCDEmu)
DRV - [2008/12/16 22:01:20 | 000,041,752 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\LVUSBSta.sys -- (LVUSBSta)
DRV - [2008/12/16 22:00:12 | 000,768,024 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\lvrs.sys -- (LVRS)
DRV - [2008/12/16 21:58:54 | 000,025,624 | ---- | M] () [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\LVPr2Mon.sys -- (LVPr2Mon)
DRV - [2008/12/16 21:53:44 | 002,686,104 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\LV302V32.SYS -- (PID_PEPI) Logitech QuickCam IM(PID_PEPI)
DRV - [2008/12/16 21:53:22 | 000,013,848 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\lv302af.sys -- (pepifilter)
DRV - [2008/06/20 03:08:27 | 000,225,856 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\tcpip6.sys -- (Tcpip6)
DRV - [2008/04/14 00:26:08 | 000,088,320 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\nwlnkipx.sys -- (NwlnkIpx)
DRV - [2007/06/18 20:18:26 | 000,023,680 | ---- | M] (Motorola) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\motmodem.sys -- (motmodem)
DRV - [2006/11/21 04:25:44 | 000,045,568 | R--- | M] (Broadcom Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\bcm4sbxp.sys -- (bcm4sbxp)
DRV - [2006/07/27 14:24:28 | 001,171,464 | ---- | M] (SigmaTel, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\sthda.sys -- (STHDA)
DRV - [2006/06/18 23:37:34 | 000,036,864 | ---- | M] (Advanced Micro Devices) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\AmdK8.sys -- (AmdK8)
DRV - [2004/08/10 03:00:00 | 000,063,232 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\nwlnknb.sys -- (NwlnkNb)
DRV - [2004/08/10 03:00:00 | 000,055,936 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\nwlnkspx.sys -- (NwlnkSpx)
DRV - [2003/11/17 15:59:20 | 000,212,224 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\HSFHWBS2.sys -- (HSFHWBS2)
DRV - [2003/11/17 15:58:02 | 000,680,704 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\HSF_CNXT.sys -- (winachsf)
DRV - [2003/11/17 15:56:26 | 001,042,432 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\HSF_DP.sys -- (HSF_DP)
 
 
[color=#E56717]========== Standard Registry (SafeList) ==========[/color]
 
 
[color=#E56717]========== Internet Explorer ==========[/color]
 
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.google.com
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Secondary Start Pages = [Binary data over 100 bytes]
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.google.com/ie
 
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.google.com
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.google.com
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com/
IE - HKCU\..\URLSearchHook: {687578b9-7132-4a7a-80e4-30ee31099e03} - C:\Program Files\uTorrentControl2\prxtbuTor.dll (Conduit Ltd.)
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\WINDOWS\system32\Macromed\Flash\NPSWF32.dll File not found
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Browser Plugin,version=1.0.0: C:\Program Files\DivX\DivX Plus Web Player\npdivx32.dll (DivX, LLC)
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Player Plugin,version=1.0.0: C:\Program Files\DivX\DivX Player\npDivxPlayerPlugin.dll File not found
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX VOD Helper,version=1.0.0: C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.21.99\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.21.99\npGoogleUpdate3.dll (Google Inc.)
 
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\extensions\\{23fcfd51-4958-4f00-80a3-ae97e717ed8b}: C:\Program Files\DivX\DivX Plus Web Player\firefox\DivXHTML5 [2012/02/20 20:58:00 | 000,000,000 | ---D | M]
 
[2009/03/28 18:33:54 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\JR\Application Data\Mozilla\Extensions
[2009/03/28 18:33:54 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\JR\Application Data\Mozilla\Extensions\[email protected]
[2012/02/20 17:39:36 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\JR\Application Data\Mozilla\Firefox\extensions
[2012/02/20 17:39:36 | 000,000,000 | ---D | M] (uTorrentControl2 Community Toolbar) -- C:\Documents and Settings\JR\Application Data\Mozilla\Firefox\extensions\{687578b9-7132-4a7a-80e4-30ee31099e03}
[2008/12/24 08:47:56 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions
 
[color=#E56717]========== Chrome  ==========[/color]
 
CHR - default_search_provider: Google (Enabled)
CHR - default_search_provider: search_url = {google:baseURL}search?{google:RLZ}{google:acceptedSuggestion}{google:originalQueryForSuggestion}{google:searchFieldtrialParameter}{google:instantFieldTrialGroupParameter}sourceid=chrome&ie={inputEncoding}&q={searchTerms}
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}{google:instantFieldTrialGroupParameter}client=chrome&hl={language}&q={searchTerms}
CHR - plugin: Shockwave Flash (Disabled) = C:\Documents and Settings\JR\Local Settings\Application Data\Google\Chrome\User Data\PepperFlash\11.1.31.203\pepflashplayer.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Program Files\Google\Chrome\Application\17.0.963.56\gcswf32.dll
CHR - plugin: Remoting Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Program Files\Google\Chrome\Application\17.0.963.56\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Program Files\Google\Chrome\Application\17.0.963.56\pdf.dll
CHR - plugin: Adobe Acrobat (Enabled) = C:\Program Files\Adobe\Reader 9.0\Reader\Browser\nppdf32.dll
CHR - plugin: QuickTime Plug-in 7.6.5 (Enabled) = C:\Program Files\QuickTime\plugins\npqtplugin.dll
CHR - plugin: QuickTime Plug-in 7.6.5 (Enabled) = C:\Program Files\QuickTime\plugins\npqtplugin2.dll
CHR - plugin: QuickTime Plug-in 7.6.5 (Enabled) = C:\Program Files\QuickTime\plugins\npqtplugin3.dll
CHR - plugin: QuickTime Plug-in 7.6.5 (Enabled) = C:\Program Files\QuickTime\plugins\npqtplugin4.dll
CHR - plugin: QuickTime Plug-in 7.6.5 (Enabled) = C:\Program Files\QuickTime\plugins\npqtplugin5.dll
CHR - plugin: QuickTime Plug-in 7.6.5 (Enabled) = C:\Program Files\QuickTime\plugins\npqtplugin6.dll
CHR - plugin: QuickTime Plug-in 7.6.5 (Enabled) = C:\Program Files\QuickTime\plugins\npqtplugin7.dll
CHR - plugin: DivX VOD Helper Plug-in (Enabled) = C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll
CHR - plugin: DivX Plus Web Player (Enabled) = C:\Program Files\DivX\DivX Plus Web Player\npdivx32.dll
CHR - plugin: Google Update (Enabled) = C:\Program Files\Google\Update\1.3.21.99\npGoogleUpdate3.dll
CHR - plugin: Windows Presentation Foundation (Enabled) = C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll
CHR - plugin: Default Plug-in (Enabled) = default_plugin
CHR - Extension: YouTube = C:\Documents and Settings\JR\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\
CHR - Extension: Google Search = C:\Documents and Settings\JR\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.17_0\
CHR - Extension: DivX Plus Web Player HTML5 \u003Cvideo\u003E = C:\Documents and Settings\JR\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\nneajnkjbffgblleaoojgaacokifdkhm\2.1.2.145_0\
CHR - Extension: 4chan Plus = C:\Documents and Settings\JR\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\pinelipedelckihohgdlpcclgocodhjj\2.3.9_0\
CHR - Extension: Gmail = C:\Documents and Settings\JR\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\
 
O1 HOSTS File: ([2009/01/03 22:51:24 | 000,290,793 | R--- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1       localhost
O1 - Hosts: 127.0.0.1	www.007guard.com
O1 - Hosts: 127.0.0.1	007guard.com
O1 - Hosts: 127.0.0.1	008i.com
O1 - Hosts: 127.0.0.1	www.008k.com
O1 - Hosts: 127.0.0.1	008k.com
O1 - Hosts: 127.0.0.1	www.00hq.com
O1 - Hosts: 127.0.0.1	00hq.com
O1 - Hosts: 127.0.0.1	010402.com
O1 - Hosts: 127.0.0.1	www.032439.com
O1 - Hosts: 127.0.0.1	032439.com
O1 - Hosts: 127.0.0.1	www.0scan.com
O1 - Hosts: 127.0.0.1	0scan.com
O1 - Hosts: 127.0.0.1	1000gratisproben.com
O1 - Hosts: 127.0.0.1	www.1000gratisproben.com
O1 - Hosts: 127.0.0.1	www.1001namen.com
O1 - Hosts: 127.0.0.1	1001namen.com
O1 - Hosts: 127.0.0.1	www.100888290cs.com
O1 - Hosts: 127.0.0.1	100888290cs.com
O1 - Hosts: 127.0.0.1	www.100sexlinks.com
O1 - Hosts: 127.0.0.1	100sexlinks.com
O1 - Hosts: 127.0.0.1	www.10sek.com
O1 - Hosts: 127.0.0.1	10sek.com
O1 - Hosts: 127.0.0.1	www.1-2005-search.com
O1 - Hosts: 127.0.0.1	1-2005-search.com
O1 - Hosts: 10016 more lines...
O2 - BHO: (DivX Plus Web Player HTML5 <video>) - {326E768D-4182-46FD-9C16-1449A49795F4} - C:\Program Files\DivX\DivX Plus Web Player\ie\DivXHTML5\DivXHTML5.dll (DivX, LLC)
O2 - BHO: (uTorrentControl2 Toolbar) - {687578b9-7132-4a7a-80e4-30ee31099e03} - C:\Program Files\uTorrentControl2\prxtbuTor.dll (Conduit Ltd.)
O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll (Sun Microsystems, Inc.)
O3 - HKLM\..\Toolbar: (uTorrentControl2 Toolbar) - {687578b9-7132-4a7a-80e4-30ee31099e03} - C:\Program Files\uTorrentControl2\prxtbuTor.dll (Conduit Ltd.)
O4 - HKLM..\Run: [DivXUpdate] C:\Program Files\DivX\DivX Update\DivXUpdate.exe ()
O4 - HKLM..\Run: [NvCplDaemon] C:\WINDOWS\System32\NvCpl.dll (NVIDIA Corporation)
O4 - HKLM..\Run: [PWRISOVM.EXE] C:\Program Files\PowerISO\PWRISOVM.EXE (PowerISO Computing, Inc.)
O4 - HKCU..\Run: [uTorrent] C:\Program Files\uTorrent\uTorrent.exe (BitTorrent, Inc.)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: InstallVisualStyle = C:\WINDOWS\Resources\Themes\Royale\Royale.msstyles (Microsoft)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: InstallTheme = C:\WINDOWS\Resources\Themes\Royale.theme ()
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - C:\WINDOWS\system32\nwprovau.dll (Microsoft Corporation)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_11-windows-i586.cab (Java Plug-in 1.6.0_11)
O16 - DPF: {CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_07-windows-i586.cab (Java Plug-in 1.6.0_07)
O16 - DPF: {CAFEEFAC-0016-0000-0011-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_11-windows-i586.cab (Java Plug-in 1.6.0_11)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_11-windows-i586.cab (Java Plug-in 1.6.0_11)
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab (get_atlcom Class)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{521FFFEB-2A17-44D2-92A9-B40FAC0FC323}: DhcpNameServer = 192.168.1.1 192.168.1.1
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\WINDOWS\system32\userinit.exe) - C:\WINDOWS\system32\userinit.exe (Microsoft Corporation)
O30 - LSA: Authentication Packages - (nwprovau) - C:\WINDOWS\System32\nwprovau.dll (Microsoft Corporation)
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2008/12/23 23:38:53 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O33 - MountPoints2\{01655488-bf77-11de-961b-001aa03feef7}\Shell\AutoRun\command - "" = G:\rcaeasyrip_setup.exe
O33 - MountPoints2\{01655488-bf77-11de-961b-001aa03feef7}\Shell\install\command - "" = G:\rcaeasyrip_setup.exe
O33 - MountPoints2\{01655488-bf77-11de-961b-001aa03feef7}\Shell\usermanualEnglish\command - "" = G:\rcaeasyrip_setup.exe /pdf_English
O33 - MountPoints2\{01655488-bf77-11de-961b-001aa03feef7}\Shell\usermanualFrench\command - "" = G:\rcaeasyrip_setup.exe /pdf_French
O33 - MountPoints2\{01655488-bf77-11de-961b-001aa03feef7}\Shell\usermanualSpanish\command - "" = G:\rcaeasyrip_setup.exe /pdf_Spanish
O33 - MountPoints2\{09877eac-de9a-11dd-9e8f-001aa03feef7}\Shell - "" = AutoRun
O33 - MountPoints2\{09877eac-de9a-11dd-9e8f-001aa03feef7}\Shell\AutoRun - "" = Auto&Play
O33 - MountPoints2\{09877eac-de9a-11dd-9e8f-001aa03feef7}\Shell\AutoRun\command - "" = C:\WINDOWS\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL PET32.EXE
O33 - MountPoints2\{7b1fb58a-ff8b-11de-9658-001aa03feef7}\Shell\AutoRun\command - "" = D:\podcastready.exe
O33 - MountPoints2\D\Shell - "" = AutoRun
O33 - MountPoints2\D\Shell\AutoRun - "" = Auto&Play
O33 - MountPoints2\D\Shell\AutoRun\command - "" = D:\INSTALL\SETUP.EXE
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
 
[color=#E56717]========== Files/Folders - Created Within 30 Days ==========[/color]
 
[2012/02/28 16:35:41 | 000,000,000 | ---D | C] -- C:\Program Files\hjt
[2012/02/28 16:35:41 | 000,000,000 | ---D | C] -- C:\Documents and Settings\JR\Start Menu\Programs\HiJackThis
[2012/02/27 17:22:08 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users.WINDOWS\Start Menu\Programs\Defcon
[2012/02/27 17:22:01 | 000,000,000 | ---D | C] -- C:\Program Files\Defcon
[2012/02/25 00:03:41 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users.WINDOWS\Start Menu\Programs\Uplink
[2012/02/25 00:03:39 | 000,000,000 | ---D | C] -- C:\Program Files\Uplink
[2012/02/25 00:03:26 | 000,000,000 | ---D | C] -- C:\Documents and Settings\JR\WINDOWS
[2012/02/24 23:57:18 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users.WINDOWS\Start Menu\Programs\PowerISO
[2012/02/24 23:57:16 | 000,000,000 | ---D | C] -- C:\Program Files\PowerISO
[2012/02/24 18:10:38 | 000,000,000 | ---D | C] -- C:\visualboy
[2012/02/20 21:21:46 | 000,000,000 | ---D | C] -- C:\Documents and Settings\JR\Application Data\DDMSettings
[2012/02/20 20:50:54 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users.WINDOWS\Start Menu\Programs\DivX Plus
[2012/02/20 20:48:59 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\DivX Shared
[2012/02/20 20:33:48 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users.WINDOWS\Application Data\DivX
[2012/02/20 17:39:28 | 000,000,000 | ---D | C] -- C:\Documents and Settings\JR\Local Settings\Application Data\uTorrentControl2
[2012/02/20 17:39:27 | 000,000,000 | ---D | C] -- C:\Documents and Settings\JR\Local Settings\Application Data\Temp
[2012/02/20 17:39:26 | 000,000,000 | ---D | C] -- C:\Program Files\uTorrentControl2
[2012/02/20 17:38:18 | 000,000,000 | ---D | C] -- C:\Program Files\uTorrent
[2012/02/20 17:37:16 | 000,000,000 | ---D | C] -- C:\Documents and Settings\JR\Application Data\uTorrent
[2012/02/20 17:32:59 | 000,000,000 | -H-D | C] -- C:\Program Files\InstallJammer Registry
[2012/02/20 17:32:59 | 000,000,000 | ---D | C] -- C:\Documents and Settings\JR\.config
[2012/02/20 17:32:58 | 000,000,000 | ---D | C] -- C:\Documents and Settings\JR\Application Data\transmission
[2012/02/20 17:32:46 | 000,000,000 | ---D | C] -- C:\Documents and Settings\JR\Start Menu\Programs\Transmission-Qt
[2012/02/20 17:32:44 | 000,000,000 | ---D | C] -- C:\Program Files\Transmission-Qt
[2012/02/19 18:34:20 | 000,000,000 | ---D | C] -- C:\Documents and Settings\JR\Application Data\Sawer
[2012/02/18 22:31:36 | 000,000,000 | ---D | C] -- C:\Program Files\ISO Recorder
[2012/02/18 22:28:31 | 000,000,000 | R--D | C] -- C:\My Music
[2012/02/18 22:27:10 | 000,000,000 | R--D | C] -- C:\Documents and Settings\All Users.WINDOWS\Documents\My Music
[5 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
 
[color=#E56717]========== Files - Modified Within 30 Days ==========[/color]
 
[2012/02/28 16:35:41 | 000,001,986 | ---- | M] () -- C:\Documents and Settings\JR\Desktop\HiJackThis.lnk
[2012/02/28 16:01:05 | 000,000,878 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
[2012/02/27 17:28:45 | 000,002,206 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2012/02/27 17:22:11 | 000,000,629 | ---- | M] () -- C:\Documents and Settings\JR\Desktop\Defcon.lnk
[2012/02/27 17:01:00 | 000,000,874 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
[2012/02/25 01:26:38 | 000,809,026 | ---- | M] () -- C:\Crass.usr
[2012/02/25 00:00:26 | 000,081,191 | ---- | M] () -- C:\WINDOWS\System32\nvapps.xml
[2012/02/25 00:00:03 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2012/02/24 23:57:18 | 000,000,657 | ---- | M] () -- C:\Documents and Settings\All Users.WINDOWS\Desktop\PowerISO.lnk
[2012/02/24 20:10:50 | 000,042,789 | ---- | M] () -- C:\Pokemon - Fire Red.sgm
[2012/02/20 20:58:37 | 000,001,732 | ---- | M] () -- C:\Documents and Settings\All Users.WINDOWS\Desktop\DivX Plus Converter.lnk
[2012/02/20 20:58:37 | 000,001,407 | ---- | M] () -- C:\Documents and Settings\JR\Desktop\DivX Movies.lnk
[2012/02/20 20:54:20 | 000,000,752 | ---- | M] () -- C:\Documents and Settings\All Users.WINDOWS\Desktop\DivX Plus Player.lnk
[2012/02/20 17:38:21 | 000,000,623 | ---- | M] () -- C:\Documents and Settings\JR\Application Data\Microsoft\Internet Explorer\Quick Launch\µTorrent.lnk
[2012/02/20 17:38:21 | 000,000,605 | ---- | M] () -- C:\Documents and Settings\All Users.WINDOWS\Desktop\µTorrent.lnk
[2012/02/20 17:32:54 | 000,000,729 | ---- | M] () -- C:\Documents and Settings\JR\Desktop\Transmission-Qt.lnk
[2012/02/20 17:32:54 | 000,000,729 | ---- | M] () -- C:\Documents and Settings\JR\Application Data\Microsoft\Internet Explorer\Quick Launch\Transmission-Qt.lnk
[2012/02/18 22:29:44 | 000,380,857 | ---- | M] () -- C:\Documents and Settings\JR\Desktop\ISORecorderV2AMD64.zip
[2012/02/18 22:04:02 | 726,970,368 | ---- | M] () -- C:\Documents and Settings\JR\Desktop\xubuntu-11.10-desktop-amd64.iso
[2012/02/17 02:53:11 | 000,001,374 | ---- | M] () -- C:\WINDOWS\imsins.BAK
[2012/02/17 00:19:34 | 009,117,760 | ---- | M] (McAfee Inc.) -- C:\Documents and Settings\JR\Desktop\stinger.exe
[5 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
 
[color=#E56717]========== Files Created - No Company Name ==========[/color]
 
[2012/02/28 16:35:41 | 000,001,986 | ---- | C] () -- C:\Documents and Settings\JR\Desktop\HiJackThis.lnk
[2012/02/27 17:22:11 | 000,000,629 | ---- | C] () -- C:\Documents and Settings\JR\Desktop\Defcon.lnk
[2012/02/25 01:27:03 | 000,809,026 | ---- | C] () -- C:\Crass.usr
[2012/02/24 23:57:18 | 000,000,657 | ---- | C] () -- C:\Documents and Settings\All Users.WINDOWS\Desktop\PowerISO.lnk
[2012/02/24 18:19:55 | 000,042,789 | ---- | C] () -- C:\Pokemon - Fire Red.sgm
[2012/02/20 20:58:37 | 000,001,407 | ---- | C] () -- C:\Documents and Settings\JR\Desktop\DivX Movies.lnk
[2012/02/20 20:54:20 | 000,000,752 | ---- | C] () -- C:\Documents and Settings\All Users.WINDOWS\Desktop\DivX Plus Player.lnk
[2012/02/20 20:52:13 | 000,001,732 | ---- | C] () -- C:\Documents and Settings\All Users.WINDOWS\Desktop\DivX Plus Converter.lnk
[2012/02/20 17:38:21 | 000,000,623 | ---- | C] () -- C:\Documents and Settings\JR\Application Data\Microsoft\Internet Explorer\Quick Launch\µTorrent.lnk
[2012/02/20 17:38:21 | 000,000,605 | ---- | C] () -- C:\Documents and Settings\All Users.WINDOWS\Desktop\µTorrent.lnk
[2012/02/20 17:32:54 | 000,000,729 | ---- | C] () -- C:\Documents and Settings\JR\Desktop\Transmission-Qt.lnk
[2012/02/20 17:32:54 | 000,000,729 | ---- | C] () -- C:\Documents and Settings\JR\Application Data\Microsoft\Internet Explorer\Quick Launch\Transmission-Qt.lnk
[2012/02/18 22:29:35 | 000,380,857 | ---- | C] () -- C:\Documents and Settings\JR\Desktop\ISORecorderV2AMD64.zip
[2012/02/18 22:02:17 | 726,970,368 | ---- | C] () -- C:\Documents and Settings\JR\Desktop\xubuntu-11.10-desktop-amd64.iso
[2012/02/17 02:52:06 | 000,003,072 | ---- | C] () -- C:\WINDOWS\System32\iacenc.dll
[2012/02/17 02:52:06 | 000,003,072 | ---- | C] () -- C:\WINDOWS\System32\dllcache\iacenc.dll
 
[color=#E56717]========== LOP Check ==========[/color]
 
[2009/02/11 15:23:23 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users.WINDOWS\Application Data\171F4
[2010/02/22 17:44:16 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users.WINDOWS\Application Data\83620120
[2009/12/30 20:24:33 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users.WINDOWS\Application Data\83951834
[2003/03/21 12:45:13 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users.WINDOWS\Application Data\ashampoo
[2010/02/16 09:52:05 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users.WINDOWS\Application Data\cbbe66d
[2010/02/27 19:33:19 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users.WINDOWS\Application Data\doubleTwist Corporation
[2009/01/17 10:35:20 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users.WINDOWS\Application Data\Graboid Inc
[2009/01/17 10:34:15 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users.WINDOWS\Application Data\Launcher
[2009/11/30 18:41:04 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users.WINDOWS\Application Data\NCH Swift Sound
[2003/03/21 12:44:51 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users.WINDOWS\Application Data\page
[2010/02/22 17:58:13 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users.WINDOWS\Application Data\TEMP
[2009/03/19 13:37:18 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users.WINDOWS\Application Data\{00D89592-F643-4D8D-8F0F-AFAE0F14D4C3}
[2009/11/23 18:58:37 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users.WINDOWS\Application Data\{755AC846-7372-4AC8-8550-C52491DAA8BD}
[2003/03/21 12:48:04 | 000,000,000 | ---D | M] -- C:\Documents and Settings\JR\Application Data\Ashampoo
[2012/02/20 21:21:46 | 000,000,000 | ---D | M] -- C:\Documents and Settings\JR\Application Data\DDMSettings
[2009/01/09 20:23:26 | 000,000,000 | ---D | M] -- C:\Documents and Settings\JR\Application Data\Leadertech
[2003/03/19 13:35:23 | 000,000,000 | ---D | M] -- C:\Documents and Settings\JR\Application Data\NCH Swift Sound
[2012/02/19 18:34:20 | 000,000,000 | ---D | M] -- C:\Documents and Settings\JR\Application Data\Sawer
[2012/02/20 17:33:06 | 000,000,000 | ---D | M] -- C:\Documents and Settings\JR\Application Data\transmission
[2009/01/24 09:01:59 | 000,000,000 | ---D | M] -- C:\Documents and Settings\JR\Application Data\Unity
[2012/02/28 16:50:20 | 000,000,000 | ---D | M] -- C:\Documents and Settings\JR\Application Data\uTorrent
[2009/10/22 18:30:49 | 000,000,000 | ---D | M] -- C:\Documents and Settings\JR\Application Data\WeatherBug
 
[color=#E56717]========== Purity Check ==========[/color]
 
 
 
[color=#E56717]========== Alternate Data Streams ==========[/color]
 
@Alternate Data Stream - 131 bytes -> C:\Documents and Settings\All Users.WINDOWS\Application Data\TEMP:ECF54A0E

< End of report >



OTL Extras file:
OTL Extras logfile created on: 2/28/2012 4:48:39 PM - Run 1
OTL by OldTimer - Version 3.2.33.2     Folder = C:\Downloads
Windows XP Media Center Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy
 
446.42 Mb Total Physical Memory | 28.10 Mb Available Physical Memory | 6.29% Memory free
1.21 Gb Paging File | 0.44 Gb Available in Paging File | 36.29% Paging File free
Paging file location(s): C:\pagefile.sys 672 1344 [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 74.50 Gb Total Space | 54.84 Gb Free Space | 73.61% Space Free | Partition Type: NTFS
Unable to calculate disk information.
 
Computer Name: GSPOT | User Name: JR | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days
 
[color=#E56717]========== Extra Registry (SafeList) ==========[/color]
 
 
[color=#E56717]========== File Associations ==========[/color]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
 
[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.html [@ = ChromeHTML] -- Reg Error: Key error. File not found
 
[color=#E56717]========== Shell Spawning ==========[/color]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
exefile [open] -- "%1" %*
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
 
[color=#E56717]========== Security Center Settings ==========[/color]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"FirstRunDisabled" = 1
"AntiVirusDisableNotify" = 0
"FirewallDisableNotify" = 0
"UpdatesDisableNotify" = 0
"AntiVirusOverride" = 1
"FirewallOverride" = 0
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall]
 
[color=#E56717]========== System Restore Settings ==========[/color]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR" = 0
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Sr]
"Start" = 0
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SrService]
"Start" = 2
 
[color=#E56717]========== Firewall Settings ==========[/color]
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List]
"1900:UDP" = 1900:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22007
"2869:TCP" = 2869:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22008
"3587:TCP" = 3587:TCP:*:Enabled:Windows Peer-to-Peer Grouping
"3540:UDP" = 3540:UDP:*:Enabled:Peer Name Resolution Protocol (PNRP)
"139:TCP" = 139:TCP:*:Enabled:@xpsp2res.dll,-22004
"445:TCP" = 445:TCP:*:Enabled:@xpsp2res.dll,-22005
"137:UDP" = 137:UDP:*:Enabled:@xpsp2res.dll,-22001
"138:UDP" = 138:UDP:*:Enabled:@xpsp2res.dll,-22002
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1
"DoNotAllowExceptions" = 0
"DisableNotifications" = 0
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
"1900:UDP" = 1900:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22007
"2869:TCP" = 2869:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22008
"3587:TCP" = 3587:TCP:*:Enabled:Windows Peer-to-Peer Grouping
"3540:UDP" = 3540:UDP:*:Enabled:Peer Name Resolution Protocol (PNRP)
"139:TCP" = 139:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22004
"445:TCP" = 445:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22005
"137:UDP" = 137:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22001
"138:UDP" = 138:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22002
 
[color=#E56717]========== Authorized Applications List ==========[/color]
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"C:\Program Files\LimeWire\LimeWire.exe" = C:\Program Files\LimeWire\LimeWire.exe:*:Enabled:LimeWire
"C:\Program Files\FrostWire\FrostWire.exe" = C:\Program Files\FrostWire\FrostWire.exe:*:Enabled:FrostWire
"C:\Program Files\BearShare Applications\BearShare\BearShare.exe" = C:\Program Files\BearShare Applications\BearShare\BearShare.exe:*:Enabled:BearShare
"C:\Program Files\Java\jre6\bin\java.exe" = C:\Program Files\Java\jre6\bin\java.exe:*:Enabled:Java(TM) Platform SE binary -- (Sun Microsystems, Inc.)
"C:\Program Files\Transmission-Qt\transmission-qt.exe" = C:\Program Files\Transmission-Qt\transmission-qt.exe:*:Enabled:A Fast, Easy, and Free BitTorrent Client -- ()
"C:\Program Files\uTorrent\uTorrent.exe" = C:\Program Files\uTorrent\uTorrent.exe:*:Enabled:µTorrent -- (BitTorrent, Inc.)
 
 
[color=#E56717]========== HKEY_LOCAL_MACHINE Uninstall List ==========[/color]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{0DFB3DE8-65B9-44FF-AA0A-3BECC5A2BFD1}" = Adobe Flash Player 10 Plugin
"{1451DE6B-ABE1-4F62-BE9A-B363A17588A2}" = QuickTime
"{26A24AE4-039D-4CA4-87B4-2F83216011FF}" = Java(TM) 6 Update 11
"{3248F0A8-6813-11D6-A77B-00B0D0160070}" = Java(TM) 6 Update 7
"{350C97B0-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP
"{45A66726-69BC-466B-A7A4-12FCBA4883D7}" = HiJackThis
"{53735ECE-E461-4FD0-B742-23A352436D3A}" = Logitech Updater
"{612B9183-67A9-4B44-9877-2F059E35B86A}" = Broadcom 440x 10/100 Integrated Controller
"{6421F085-1FAA-DE13-D02A-CFB412C522A4}" = Acrobat.com
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{90110409-6000-11D3-8CFE-0150048383C9}" = Microsoft Office Professional Edition 2003
"{933B4015-4618-4716-A828-5289FC03165F}" = VC80CRTRedist - 8.0.50727.6195
"{937B232D-9776-471E-92BD-D424E514EF14}" = Logitech QuickCam
"{9941F0AA-B903-4AF4-A055-83A9815CC011}" = Sonic Encoders
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{A2BCA9F1-566C-4805-97D1-7FDC93386723}" = Adobe AIR
"{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}" = Microsoft .NET Framework 3.0 Service Pack 2
"{A462213D-EED4-42C2-9A60-7BDD4D4B0B17}" = SigmaTel Audio
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{AC76BA86-7AD7-1033-7B44-A93000000001}" = Adobe Reader 9.3
"{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}" = Microsoft .NET Framework 2.0 Service Pack 2
"{C151CE54-E7EA-4804-854B-F515368B0798}" = Athlon 64 Processor Driver
"{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}" = Microsoft .NET Framework 1.1
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{DFC6573E-124D-4026-BFA4-B433C9D3FF21}" = ISO Recorder
"{E2883E8F-472F-4fb0-9522-AC9BF37916A7}" = Adobe Download Manager
"8538E49A-6FE5-4FDB-8649-922BB839F21F" = Transmission-Qt
"Adobe AIR" = Adobe AIR
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"ASIO4ALL" = ASIO4ALL
"CNXT_MODEM_PCI_VEN_14F1&DEV_2F20&SUBSYS_200F14F1" = Conexant D850 56K V.9x DFVc Modem
"com.adobe.mauby.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1" = Acrobat.com
"Defcon_is1" = Defcon
"DivX Setup" = DivX Setup
"ffdshow_is1" = ffdshow [rev 2527] [2008-12-19]
"Glary Registry Repair_is1" = Glary Registry Repair 3.0
"Google Chrome" = Google Chrome
"IDNMitigationAPIs" = Microsoft Internationalized Domain Names Mitigation APIs
"ie7" = Windows Internet Explorer 7
"ie8" = Windows Internet Explorer 8
"lvdrivers_11.90" = Logitech QuickCam Driver Package
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"NLSDownlevelMapping" = Microsoft National Language Support Downlevel APIs
"NVIDIA Drivers" = NVIDIA Drivers
"PowerISO" = PowerISO
"Sawer" = Sawer
"Switch" = Switch Sound File Converter
"Uplink" = Uplink
"uTorrent" = µTorrent
"uTorrentControl2 Toolbar" = uTorrentControl2 Toolbar
"VLC media player" = VideoLAN VLC media player 0.8.6d
"Wdf01005" = Microsoft Kernel-Mode Driver Framework Feature Pack 1.5
"Windows XP Service Pack" = Windows XP Service Pack 3
"WinRAR archiver" = WinRAR archiver
 
[color=#E56717]========== HKEY_CURRENT_USER Uninstall List ==========[/color]
 
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{373B1718-8CC5-4567-8EE2-9033AD08A680}" = Roblox for JR
 
[color=#E56717]========== Last 10 Event Log Errors ==========[/color]
 
[ Application Events ]
Error - 12/11/2003 5:03:18 PM | Computer Name = JR-8EF66B8E35C6 | Source = crypt32 | ID = 131083
Description = Failed extract of third-party root list from auto update cab at: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab>
 with error: A required certificate is not within its validity period when verifying
 against the current system clock or the timestamp in the signed file.  
 
Error - 12/15/2003 12:05:30 PM | Computer Name = JR-8EF66B8E35C6 | Source = Application Error | ID = 1000
Description = Faulting application iexplore.exe, version 8.0.6001.18702, faulting
 module oleacc.dll, version 4.2.5406.0, fault address 0x00008d14.
 
Error - 2/6/2004 9:16:27 PM | Computer Name = JR-8EF66B8E35C6 | Source = MsiInstaller | ID = 11706
Description = Product: Microsoft .NET Framework 1.1 -- Error 1706.No valid source
 could be found for product Microsoft .NET Framework 1.1.  The Windows installer
 cannot continue.
 
Error - 2/6/2004 9:16:28 PM | Computer Name = JR-8EF66B8E35C6 | Source = MsiInstaller | ID = 1024
Description = Product: Microsoft .NET Framework 1.1 - Update '{411EDCF7-755D-414E-A74B-3DCD6583F589}'
 could not be installed. Error code 1603. Windows Installer can create logs to help
 troubleshoot issues with installing software packages. Use the following link for
 instructions on turning on logging support: http://go.microsoft.com/fwlink/?LinkId=23127
 
Error - 2/17/2012 6:52:08 AM | Computer Name = GSPOT | Source = MsiInstaller | ID = 11706
Description = Product: Microsoft .NET Framework 1.1 -- Error 1706.No valid source
 could be found for product Microsoft .NET Framework 1.1.  The Windows installer
 cannot continue.
 
Error - 2/17/2012 6:52:08 AM | Computer Name = GSPOT | Source = MsiInstaller | ID = 1024
Description = Product: Microsoft .NET Framework 1.1 - Update '{411EDCF7-755D-414E-A74B-3DCD6583F589}'
 could not be installed. Error code 1603. Windows Installer can create logs to help
 troubleshoot issues with installing software packages. Use the following link for
 instructions on turning on logging support: http://go.microsoft.com/fwlink/?LinkId=23127
 
Error - 2/18/2012 8:24:07 PM | Computer Name = GSPOT | Source = Application Hang | ID = 1002
Description = Hanging application iexplore.exe, version 8.0.6001.18702, hang module
 hungapp, version 0.0.0.0, hang address 0x00000000.
 
Error - 2/20/2012 9:33:43 PM | Computer Name = GSPOT | Source = Application Error | ID = 1000
Description = Faulting application transmission-qt.exe, version 2.50.0.13228, faulting
 module unknown, version 0.0.0.0, fault address 0x00000fa0.
 
Error - 2/20/2012 9:34:37 PM | Computer Name = GSPOT | Source = Application Error | ID = 1000
Description = Faulting application transmission-qt.exe, version 2.50.0.13228, faulting
 module ntdll.dll, version 5.1.2600.5755, fault address 0x0001019d.
 
Error - 2/21/2012 2:17:00 AM | Computer Name = GSPOT | Source = Application Error | ID = 1000
Description = Faulting application divx plus player.exe, version 10.3.2.6, faulting
 module qtcore4.dll, version 4.5.0.0, fault address 0x000e1b16.
 
[ System Events ]
Error - 1/20/2010 10:58:53 PM | Computer Name = JR-8EF66B8E35C6 | Source = W32Time | ID = 39452701
Description = The time provider NtpClient is configured to acquire time from one
 or more  time sources, however none of the sources are currently accessible.   No attempt
 to contact a source will be made for 14 minutes.  NtpClient has no source of accurate
 time. 
 
Error - 1/20/2010 10:59:12 PM | Computer Name = JR-8EF66B8E35C6 | Source = W32Time | ID = 39452706
Description = The time service has detected that the system time needs to be   changed
 by +5093841 seconds. The time service will not change the system   time by more than
 +54000 seconds. Verify that your time and time zone   are correct, and that the time
 source time.windows.com (ntp.m|0x1|98.150.116.186:123->207.46.197.32:123) is working
 properly.
 
Error - 1/21/2010 12:50:13 AM | Computer Name = JR-8EF66B8E35C6 | Source = Dhcp | ID = 1002
Description = The IP address lease 98.150.116.186 for the Network Card with network
 address 001AA03FEEF7 has been  denied by the DHCP server 192.168.100.1 (The DHCP 
Server sent a DHCPNACK message).
 
Error - 1/21/2010 12:50:44 AM | Computer Name = JR-8EF66B8E35C6 | Source = Dhcp | ID = 1000
Description = Your computer has lost the lease to its IP address 192.168.100.2 on
 the  Network Card with network address 001AA03FEEF7.
 
Error - 1/21/2010 5:02:08 AM | Computer Name = JR-8EF66B8E35C6 | Source = Windows Update Agent | ID = 20
Description = Installation Failure: Windows failed to install the following update
 with error 0x80070643: Microsoft .NET Framework 1.1 Service Pack 1.
 
Error - 1/21/2010 1:24:48 PM | Computer Name = JR-8EF66B8E35C6 | Source = Dhcp | ID = 1002
Description = The IP address lease 98.150.116.186 for the Network Card with network
 address 001AA03FEEF7 has been  denied by the DHCP server 192.168.100.1 (The DHCP 
Server sent a DHCPNACK message).
 
Error - 1/21/2010 1:25:19 PM | Computer Name = JR-8EF66B8E35C6 | Source = Dhcp | ID = 1000
Description = Your computer has lost the lease to its IP address 192.168.100.2 on
 the  Network Card with network address 001AA03FEEF7.
 
Error - 2/17/2012 6:52:11 AM | Computer Name = GSPOT | Source = Windows Update Agent | ID = 20
Description = Installation Failure: Windows failed to install the following update
 with error 0x80070643: Microsoft .NET Framework 1.1 Service Pack 1.
 
Error - 2/19/2012 2:48:35 AM | Computer Name = GSPOT | Source = Service Control Manager | ID = 7034
Description = The IMAPI CD-Burning COM Service service terminated unexpectedly. 
 It has done this 1 time(s).
 
Error - 2/19/2012 2:48:49 AM | Computer Name = GSPOT | Source = Service Control Manager | ID = 7034
Description = The Imapi Helper service terminated unexpectedly.  It has done this
 1 time(s).
 
 
< End of report >

  • 0

Advertisements


#2
sktx

sktx

    New Member

  • Topic Starter
  • Member
  • Pip
  • 2 posts
Sorry, but... Bump!
  • 0






Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP