TFC wouldnt run. and it was over time.
otl
OTL logfile created on: 3/10/2012 6:10:30 PM - Run 1
OTL by OldTimer - Version 3.2.36.2 Folder = C:\Documents and Settings\Owner\Desktop
Windows XP Home Edition Service Pack 2 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy
511.48 Mb Total Physical Memory | 185.71 Mb Available Physical Memory | 36.31% Memory free
1.22 Gb Paging File | 0.96 Gb Available in Paging File | 78.91% Paging File free
Paging file location(s): C:\pagefile.sys 768 1536 [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 69.27 Gb Total Space | 47.28 Gb Free Space | 68.25% Space Free | Partition Type: NTFS
Drive D: | 5.27 Gb Total Space | 0.91 Gb Free Space | 17.32% Space Free | Partition Type: FAT32
Drive G: | 14.91 Gb Total Space | 13.84 Gb Free Space | 92.83% Space Free | Partition Type: FAT32
Computer Name: RSCOMP1 | User Name: Owner | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days
========== Processes (SafeList) ========== PRC - [2012/03/10 03:21:44 | 001,049,072 | ---- | M] (Google Inc.) -- C:\Documents and Settings\Owner\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
PRC - [2012/03/09 19:57:06 | 000,593,920 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Owner\Desktop\OTL.exe
PRC - [2010/08/27 09:32:50 | 004,577,760 | ---- | M] () -- C:\Program Files\NETGEAR\WNDA3100v2\WNDA3100v2.exe
PRC - [2010/08/19 15:25:00 | 000,272,864 | ---- | M] () -- C:\Program Files\NETGEAR\WNDA3100v2\WifiSvc.exe
PRC - [2009/04/14 06:49:44 | 000,703,008 | ---- | M] (Trend Micro Inc.) -- C:\Program Files\Trend Micro\Internet Security\SfCtlCom.exe
PRC - [2008/07/29 13:57:56 | 001,398,024 | ---- | M] (Trend Micro Inc.) -- C:\Program Files\Trend Micro\Internet Security\UfSeAgnt.exe
PRC - [2007/12/24 17:41:06 | 000,333,064 | ---- | M] (Trend Micro Inc.) -- C:\Program Files\Trend Micro\BM\TMBMSRV.exe
PRC - [2007/08/09 01:27:52 | 000,073,728 | ---- | M] (HP) -- C:\WINDOWS\system32\HPZipm12.exe
PRC - [2007/06/13 04:23:07 | 001,033,216 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
PRC - [2006/10/23 06:50:35 | 000,046,640 | R--- | M] (AOL LLC) -- C:\Program Files\Common Files\AOL\ACS\AOLacsd.exe
PRC - [2003/08/27 10:27:44 | 000,065,536 | ---- | M] (America Online, Inc.) -- C:\WINDOWS\wanmpsvc.exe
PRC - [2002/04/17 19:49:16 | 000,077,824 | ---- | M] () -- c:\Program Files\Hewlett-Packard\HP Share-to-Web\hpgs2wnf.exe
========== Modules (No Company Name) ========== MOD - [2012/03/10 03:21:42 | 000,429,040 | ---- | M] () -- C:\Documents and Settings\Owner\Local Settings\Application Data\Google\Chrome\Application\17.0.963.79\ppgooglenaclpluginchrome.dll
MOD - [2012/03/10 03:21:41 | 003,772,912 | ---- | M] () -- C:\Documents and Settings\Owner\Local Settings\Application Data\Google\Chrome\Application\17.0.963.79\pdf.dll
MOD - [2012/03/10 03:20:17 | 000,122,880 | ---- | M] () -- C:\Documents and Settings\Owner\Local Settings\Application Data\Google\Chrome\Application\17.0.963.79\avutil-51.dll
MOD - [2012/03/10 03:20:16 | 000,220,672 | ---- | M] () -- C:\Documents and Settings\Owner\Local Settings\Application Data\Google\Chrome\Application\17.0.963.79\avformat-53.dll
MOD - [2012/03/10 03:20:15 | 001,747,456 | ---- | M] () -- C:\Documents and Settings\Owner\Local Settings\Application Data\Google\Chrome\Application\17.0.963.79\avcodec-53.dll
MOD - [2012/03/09 23:56:11 | 008,593,056 | ---- | M] () -- C:\Documents and Settings\Owner\Local Settings\Application Data\Google\Chrome\Application\17.0.963.79\gcswf32.dll
MOD - [2010/08/27 09:32:50 | 004,577,760 | ---- | M] () -- C:\Program Files\NETGEAR\WNDA3100v2\WNDA3100v2.exe
MOD - [2010/08/19 15:25:00 | 000,272,864 | ---- | M] () -- C:\Program Files\NETGEAR\WNDA3100v2\WifiSvc.exe
MOD - [2010/07/08 11:24:42 | 000,258,048 | ---- | M] () -- C:\Program Files\NETGEAR\WNDA3100v2\WifiSvcLib.dll
MOD - [2010/07/08 09:21:58 | 000,282,624 | ---- | M] () -- C:\Program Files\NETGEAR\WNDA3100v2\WifiLib.dll
MOD - [2007/12/16 18:57:14 | 000,161,032 | ---- | M] () -- C:\Program Files\Trend Micro\Internet Security\UfPack.dll
MOD - [2002/04/17 19:49:16 | 000,077,824 | ---- | M] () -- c:\Program Files\Hewlett-Packard\HP Share-to-Web\hpgs2wnf.exe
MOD - [2002/04/17 10:49:22 | 000,024,576 | ---- | M] () -- c:\Program Files\Hewlett-Packard\HP Share-to-Web\hpgs2wnfps.dll
========== Win32 Services (SafeList) ========== SRV - File not found [Disabled | Stopped] -- -- (HidServ)
SRV - File not found [On_Demand | Stopped] -- -- (AppMgmt)
SRV - [2010/08/19 15:25:00 | 000,272,864 | ---- | M] () [Auto | Running] -- C:\Program Files\NETGEAR\WNDA3100v2\WifiSvc.exe -- (WSWNDA3100)
SRV - [2009/04/14 06:49:44 | 000,703,008 | ---- | M] (Trend Micro Inc.) [Auto | Running] -- C:\Program Files\Trend Micro\Internet Security\SfCtlCom.exe -- (SfCtlCom)
SRV - [2008/02/26 13:19:46 | 000,648,456 | ---- | M] (Trend Micro Inc.) [On_Demand | Stopped] -- C:\Program Files\Trend Micro\Internet Security\TmProxy.exe -- (tmproxy)
SRV - [2007/12/24 17:41:06 | 000,333,064 | ---- | M] (Trend Micro Inc.) [Auto | Running] -- C:\Program Files\Trend Micro\BM\TMBMSRV.exe -- (TMBMServer)
SRV - [2007/08/09 01:27:52 | 000,073,728 | ---- | M] (HP) [Auto | Running] -- C:\WINDOWS\system32\HPZipm12.exe -- (Pml Driver HPZ12)
SRV - [2007/04/13 11:29:52 | 000,083,504 | R--- | M] (AOL LLC) [Auto | Stopped] -- C:\Program Files\Common Files\AOL\ACS\acsd.exe -- (AOL ACS)
SRV - [2003/08/27 10:27:44 | 000,065,536 | ---- | M] (America Online, Inc.) [Auto | Running] -- C:\WINDOWS\wanmpsvc.exe -- (WANMiniportService) WAN Miniport (ATW)
SRV - [2002/05/24 21:46:14 | 000,077,824 | ---- | M] (HP) [On_Demand | Stopped] -- C:\WINDOWS\system32\hphipm11.exe -- (Pml Driver HPH11)
========== Driver Services (SafeList) ========== DRV - File not found [Kernel | On_Demand | Stopped] -- -- (WDICA)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDRFRAME)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDRELI)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDFRAME)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDCOMP)
DRV - File not found [Kernel | System | Stopped] -- -- (PCIDump)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (MBAMSwissArmy)
DRV - File not found [Kernel | System | Stopped] -- -- (lbrtfdc)
DRV - File not found [Kernel | System | Stopped] -- -- (i2omgmt)
DRV - File not found [Kernel | System | Stopped] -- -- (Changer)
DRV - [2011/12/10 19:09:22 | 000,111,872 | ---- | M] () [Kernel | On_Demand | Unknown] -- C:\WINDOWS\system32\drivers\TrueSight.sys -- (TrueSight)
DRV - [2010/02/03 11:20:32 | 000,050,704 | ---- | M] (CACE Technologies, Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\npf.sys -- (NPF)
DRV - [2009/11/06 08:26:36 | 000,642,432 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\bcmwlhigh5.sys -- (BCMH43XX)
DRV - [2009/04/02 15:00:12 | 000,052,752 | ---- | M] (Trend Micro Inc.) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\tmactmon.sys -- (tmactmon)
DRV - [2009/04/02 15:00:08 | 000,052,624 | ---- | M] (Trend Micro Inc.) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\tmevtmgr.sys -- (tmevtmgr)
DRV - [2009/04/02 15:00:00 | 000,142,864 | ---- | M] (Trend Micro Inc.) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\tmcomm.sys -- (tmcomm)
DRV - [2008/11/26 17:42:42 | 000,205,328 | ---- | M] (Trend Micro Inc.) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\tmxpflt.sys -- (tmxpflt)
DRV - [2008/11/26 17:42:40 | 000,036,368 | ---- | M] (Trend Micro Inc.) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\tmpreflt.sys -- (tmpreflt)
DRV - [2008/11/26 17:39:56 | 001,195,384 | ---- | M] (Trend Micro Inc.) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\vsapint.sys -- (vsapint)
DRV - [2008/02/15 22:37:50 | 000,065,936 | ---- | M] (Trend Micro Inc.) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\tmtdi.sys -- (tmtdi)
DRV - [2005/12/12 17:27:00 | 000,019,072 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\PS2.sys -- (Ps2)
DRV - [2004/10/07 19:16:04 | 000,035,840 | ---- | M] (Oak Technology Inc.) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\AFS2K.SYS -- (AFS2K)
DRV - [2004/10/01 10:24:02 | 002,279,424 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ALCXWDM.SYS -- (ALCXWDM) Service for Realtek AC97 Audio (WDM)
DRV - [2004/08/03 22:31:34 | 000,020,992 | ---- | M] (Realtek Semiconductor Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\rtl8139.sys -- (rtl8139) Realtek RTL8139(A/B/C)
DRV - [2004/08/03 22:29:52 | 000,166,912 | ---- | M] (S3 Graphics, Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\s3gnbm.sys -- (S3Psddr)
DRV - [2004/04/13 19:20:08 | 000,015,781 | R--- | M] (Meetinghouse Data Communications) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\mdc8021x.sys -- (MDC8021X) AEGIS Protocol (IEEE 802.1x)
DRV - [2003/03/31 14:29:00 | 000,625,537 | ---- | M] (LT) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ltmdmnt.sys -- (ltmodem5)
DRV - [2003/01/10 17:13:04 | 000,033,588 | ---- | M] (America Online, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\wanatw4.sys -- (wanatw) WAN Miniport (ATW)
DRV - [2002/10/28 12:59:22 | 000,028,164 | ---- | M] (MusicMatch, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\System32\drivers\MxlW2k.sys -- (MxlW2k)
DRV - [2002/10/28 01:01:48 | 000,009,856 | R--- | M] (Padus, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\pfc.sys -- (pfc)
DRV - [2002/09/05 23:27:18 | 000,045,760 | R--- | M] (Zero-Knowledge Systems Inc.) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\FreeTdi.sys -- (FreeTdi)
DRV - [2002/09/05 23:27:12 | 000,028,416 | R--- | M] (Zero-Knowledge Systems Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\freedom.sys -- (Freedom)
DRV - [2002/05/24 21:46:14 | 000,050,896 | ---- | M] (HP) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\hphid411.sys -- (Dot4 HPH11)
DRV - [2002/05/24 21:46:14 | 000,050,276 | ---- | M] (Hewlett-Packard) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\hphs2k11.sys -- (Dot4Storage HPH11) Storage Class Driver for IEEE-1284.4 (HPH11)
DRV - [2002/05/24 21:46:14 | 000,018,928 | ---- | M] (HP) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\hphius11.sys -- (Dot4Usb HPH11)
DRV - [2002/05/24 21:46:14 | 000,016,112 | ---- | M] (HP) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\hphipr11.sys -- (Dot4Print HPH11)
DRV - [2002/03/04 13:10:00 | 000,027,648 | ---- | M] (VIA Technologies, Inc.) [Kernel | Boot | Running] -- C:\WINDOWS\System32\DRIVERS\viaagp1.sys -- (viaagp1)
========== Standard Registry (SafeList) ========== ========== Internet Explorer ========== IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar =
http://srch-us7.hpwis.com/IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL =
IE - HKLM\..\URLSearchHook: {EA756889-2338-43DB-8F07-D1CA6FB9C90D} - C:\Program Files\AOL Toolbar\aoltb.dll (AOL LLC)
IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" =
http://search.live.c...ferrer:source?} IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL =
http://srch-us7.hpwis.com/IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,SearchDefaultBranded = 1
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page =
http://att.netIE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant =
IE - HKCU\Software\Microsoft\Internet Explorer\SearchURL\CNNSI, = search.sportsillustrated.cnn.com/pages/search.jsp?query=%s
IE - HKCU\Software\Microsoft\Internet Explorer\SearchURL\Dictionary, = dictionary.reference.com/search?q=%s
IE - HKCU\Software\Microsoft\Internet Explorer\SearchURL\Google, = google.com/search?q=%s
IE - HKCU\Software\Microsoft\Internet Explorer\SearchURL\GoogleGroups, = groups-beta.google.com/groups?q=%s
IE - HKCU\Software\Microsoft\Internet Explorer\SearchURL\GoogleImages, = images.google.com/images?hl=en&lr=&q=%s
IE - HKCU\Software\Microsoft\Internet Explorer\SearchURL\GoogleNews, = news.google.com/news?tab=gn&hl=en&ie=UTF-8&q=%s&btnG=Search+News
IE - HKCU\Software\Microsoft\Internet Explorer\SearchURL\KB, = support.microsoft.com/search/default.aspx?query=%s
IE - HKCU\Software\Microsoft\Internet Explorer\SearchURL\KBDLL, = support.microsoft.com/dllhelp/default.aspx?dlltype=file&l=55&alpha=%s&S=1
IE - HKCU\Software\Microsoft\Internet Explorer\SearchURL\Movies, = fandango.com/my_box_office.asp?searchby=2&txtCityZip=%s
IE - HKCU\Software\Microsoft\Internet Explorer\SearchURL\MSN, = search.msn.com/results.asp?q=%s
IE - HKCU\Software\Microsoft\Internet Explorer\SearchURL\Thesaurus, = thesaurus.reference.com/search?q=%s
IE - HKCU\Software\Microsoft\Internet Explorer\SearchURL\Weather, = weather.com/weather/local/%s
IE - HKCU\Software\Microsoft\Internet Explorer\SearchURL\Yahoo, = search.yahoo.com/search?p=%s
IE - HKCU\..\URLSearchHook: {EA756889-2338-43DB-8F07-D1CA6FB9C90D} - C:\Program Files\AOL Toolbar\aoltb.dll (AOL LLC)
IE - HKCU\..\SearchScopes,DefaultScope = {CCABDC2F-DF9F-478E-BD7D-DB65D86A9B80}
IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" =
http://www.bing.com/...Box&FORM=IE8SRCIE - HKCU\..\SearchScopes\{87F96BB8-ED22-4C41-8BDB-C9175778D6CB}: "URL" =
http://delicious.com...p={searchTerms}IE - HKCU\..\SearchScopes\{B368B960-A79D-4A09-85B5-A27DA75B2306}: "URL" =
http://www.flickr.co...q={searchTerms}IE - HKCU\..\SearchScopes\{CCABDC2F-DF9F-478E-BD7D-DB65D86A9B80}: "URL" =
http://search.yahoo....tf-8&fr=att-ie8IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = localhost
FF - HKLM\Software\MozillaPlugins\@messenger.yahoo.com/YahooMessengerStatePlugin;version=1.0.0.1: C:\Program Files\Yahoo!\Shared\npYState.dll ( )
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@pack.google.com/Google Updater;version=11: C:\Program Files\Google\Google Updater\2.2.1111.1511\npCIDetect11.dll (Google)
FF - HKLM\Software\MozillaPlugins\@viewpoint.com/VMP: C:\Program Files\Viewpoint\Viewpoint Experience Technology\npViewpoint.dll ()
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 9.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Documents and Settings\Owner\Local Settings\Application Data\Google\Update\1.3.21.99\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Documents and Settings\Owner\Local Settings\Application Data\Google\Update\1.3.21.99\npGoogleUpdate3.dll (Google Inc.)
========== Chrome ========== CHR - default_search_provider: Google (Enabled)
CHR - default_search_provider: search_url = {google:baseURL}search?{google:RLZ}{google:acceptedSuggestion}{google:originalQueryForSuggestion}{google:searchFieldtrialParameter}{google:instantFieldTrialGroupParameter}sourceid=chrome&ie={inputEncoding}&q={searchTerms}
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}{google:instantFieldTrialGroupParameter}client=chrome&hl={language}&q={searchTerms}
CHR - plugin: Remoting Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Documents and Settings\Owner\Local Settings\Application Data\Google\Chrome\Application\17.0.963.79\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Documents and Settings\Owner\Local Settings\Application Data\Google\Chrome\Application\17.0.963.79\pdf.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Documents and Settings\Owner\Local Settings\Application Data\Google\Chrome\Application\17.0.963.79\gcswf32.dll
CHR - plugin: Adobe Acrobat (Enabled) = C:\Program Files\Adobe\Reader 9.0\Reader\Browser\nppdf32.dll
CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files\QuickTime\plugins\npqtplugin.dll
CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files\QuickTime\plugins\npqtplugin2.dll
CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files\QuickTime\plugins\npqtplugin3.dll
CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files\QuickTime\plugins\npqtplugin4.dll
CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files\QuickTime\plugins\npqtplugin5.dll
CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files\QuickTime\plugins\npqtplugin6.dll
CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files\QuickTime\plugins\npqtplugin7.dll
CHR - plugin: Microsoft\u00AE DRM (Enabled) = C:\Program Files\Windows Media Player\npdrmv2.dll
CHR - plugin: Microsoft\u00AE DRM (Enabled) = C:\Program Files\Windows Media Player\npwmsdrm.dll
CHR - plugin: Windows Media Player Plug-in Dynamic Link Library (Enabled) = C:\Program Files\Windows Media Player\npdsplay.dll
CHR - plugin: Google Update (Enabled) = C:\Documents and Settings\Owner\Local Settings\Application Data\Google\Update\1.3.21.99\npGoogleUpdate3.dll
CHR - plugin: Google Updater (Enabled) = C:\Program Files\Google\Google Updater\2.2.1111.1511\npCIDetect11.dll
CHR - plugin: MetaStream 3 Plugin (Enabled) = C:\Program Files\Viewpoint\Viewpoint Experience Technology\npViewpoint.dll
CHR - plugin: Windows Presentation Foundation (Enabled) = c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll
CHR - plugin: Default Plug-in (Enabled) = default_plugin
CHR - Extension: YouTube = C:\Documents and Settings\Owner\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2_0\
CHR - Extension: Google Search = C:\Documents and Settings\Owner\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.14_0\
CHR - Extension: Gmail = C:\Documents and Settings\Owner\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\6.1.3_0\
O1 HOSTS File: ([2012/03/10 09:36:18 | 000,440,678 | R--- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: 127.0.0.1 www.007guard.com
O1 - Hosts: 127.0.0.1 007guard.com
O1 - Hosts: 127.0.0.1 008i.com
O1 - Hosts: 127.0.0.1 www.008k.com
O1 - Hosts: 127.0.0.1 008k.com
O1 - Hosts: 127.0.0.1 www.00hq.com
O1 - Hosts: 127.0.0.1 00hq.com
O1 - Hosts: 127.0.0.1 010402.com
O1 - Hosts: 127.0.0.1 www.032439.com
O1 - Hosts: 127.0.0.1 032439.com
O1 - Hosts: 127.0.0.1 www.0scan.com
O1 - Hosts: 127.0.0.1 0scan.com
O1 - Hosts: 127.0.0.1 www.1000gratisproben.com
O1 - Hosts: 127.0.0.1 1000gratisproben.com
O1 - Hosts: 127.0.0.1 1001namen.com
O1 - Hosts: 127.0.0.1 www.1001namen.com
O1 - Hosts: 127.0.0.1 100888290cs.com
O1 - Hosts: 127.0.0.1 www.100888290cs.com
O1 - Hosts: 127.0.0.1 www.100sexlinks.com
O1 - Hosts: 127.0.0.1 100sexlinks.com
O1 - Hosts: 127.0.0.1 www.10sek.com
O1 - Hosts: 127.0.0.1 10sek.com
O1 - Hosts: 127.0.0.1 www.1-2005-search.com
O1 - Hosts: 127.0.0.1 1-2005-search.com
O1 - Hosts: 15173 more lines...
O2 - BHO: (Adobe PDF Reader Link Helper) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
O2 - BHO: (PopKill Class) - {3C060EA2-E6A9-4E49-A530-D4657B8C449A} - C:\Program Files\Zero Knowledge\Freedom\pkR.dll (Zero-Knowledge Systems Inc.)
O2 - BHO: (ZKBho Class) - {56071E0D-C61B-11D3-B41C-00E02927A304} - C:\Program Files\Zero Knowledge\Freedom\FreeBHOR.dll (Zero-Knowledge Systems Inc.)
O2 - BHO: (AOL Toolbar Loader) - {7C554162-8CB7-45A4-B8F4-8EA1C75885F9} - C:\Program Files\AOL Toolbar\aoltb.dll (AOL LLC)
O2 - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\2.1.1119.1736\swg.dll (Google Inc.)
O3 - HKLM\..\Toolbar: (hp toolkit) - {B2847E28-5D7D-4DEB-8B67-05D28BCF79F5} - C:\hp\EXPLOREBAR\HPTOOLKT.DLL (Hewlett-Packard Company)
O3 - HKLM\..\Toolbar: (AOL Toolbar) - {DE9C389F-3316-41A7-809B-AA305ED9D922} - C:\Program Files\AOL Toolbar\aoltb.dll (AOL LLC)
O3 - HKLM\..\Toolbar: (Yahoo! Toolbar) - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn0\yt.dll (Yahoo! Inc.)
O3 - HKCU\..\Toolbar\ShellBrowser: (hp toolkit) - {B2847E28-5D7D-4DEB-8B67-05D28BCF79F5} - C:\hp\EXPLOREBAR\HPTOOLKT.DLL (Hewlett-Packard Company)
O3 - HKCU\..\Toolbar\WebBrowser: (AOL Toolbar) - {DE9C389F-3316-41A7-809B-AA305ED9D922} - C:\Program Files\AOL Toolbar\aoltb.dll (AOL LLC)
O3 - HKCU\..\Toolbar\WebBrowser: (Yahoo! Toolbar) - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn0\yt.dll (Yahoo! Inc.)
O4 - HKLM..\Run: [APSDaemon] C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.)
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\NETGEAR WNDA3100v2 Smart Wizard.lnk = C:\Program Files\NETGEAR\WNDA3100v2\WNDA3100v2.exe ()
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: =
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoCDBurning = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O8 - Extra context menu item: &AOL Toolbar Search - C:\Documents and Settings\All Users\Application Data\AOL\ieToolbar\resources\en-US\local\search.html ()
O9 - Extra Button: MktBrowser - {17A27031-71FC-11d4-815C-005004D0F1FA} - C:\Program Files\MarketBrowser\lmt\MarketBrowser_Launch.xpy ()
O9 - Extra 'Tools' menuitem : MarketBrowser - {17A27031-71FC-11d4-815C-005004D0F1FA} - C:\Program Files\MarketBrowser\lmt\MarketBrowser_Launch.xpy ()
O9 - Extra Button: Yahoo! Messenger - {E5D12C4E-7B4F-11D3-B5C9-0050045C3C96} - C:\Program Files\Yahoo!\Messenger\YPager.exe ()
O9 - Extra 'Tools' menuitem : Yahoo! Messenger - {E5D12C4E-7B4F-11D3-B5C9-0050045C3C96} - C:\Program Files\Yahoo!\Messenger\YPager.exe ()
O12 - Plugin for: .spop - C:\Program Files\Internet Explorer\PLUGINS\NPDocBox.dll (InterTrust Technologies Corporation, Inc.)
O15 - HKCU\..Trusted Domains: ([]msn in My Computer)
O15 - HKCU\..Trusted Domains: aol.com ([objects] * is out of zone range - 5)
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} C:\Program Files\Yahoo!\common\yinsthelper.dll (YInstStarter Class)
O16 - DPF: {8100D56A-5661-482C-BEE8-AFECE305D968}
http://upload.facebo...oUploader55.cab (Facebook Photo Uploader 5 Control)
O16 - DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C}
http://fpdownload.ma...t/ultrashim.cab (Reg Error: Key error.)
O16 - DPF: {90C9629E-CD32-11D3-BBFB-00105A1F0D68}
http://www.lowrance....iGPS/isetup.cab (InstallShield International Setup Player)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000}
http://fpdownload.ma...ent/swflash.cab (Shockwave Flash Object)
O16 - DPF: {DE625294-70E6-45ED-B895-CFFA13AEB044}
http://66.188.141.138/activex/AMC.cab (AxisMediaControlEmb Class)
O16 - DPF: {FB298ECE-4D17-414A-A5E8-FABC938796B2}
http://www.kohlerplu...awingViewer.cab (ActiveWebParts Illustration Viewer)
O16 - DPF: DirectAnimation Java Classes file://C:\WINDOWS\Java\classes\dajava.cab (Reg Error: Key error.)
O16 - DPF: Garmin Communicator Plug-In
https://my.garmin.co...inAxControl.CAB (Reg Error: Key error.)
O16 - DPF: Microsoft XML Parser for Java file://C:\WINDOWS\Java\classes\xmldso.cab (Reg Error: Key error.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 64.233.207.8 64.233.207.9
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{F294CB96-F0AF-4494-8B49-02ACFA698C05}: DhcpNameServer = 64.233.207.8 64.233.207.9
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\WINDOWS\system32\userinit.exe) - C:\WINDOWS\system32\userinit.exe (Microsoft Corporation)
O20 - Winlogon\Notify\igfxcui: DllName - (igfxsrvc.dll) - C:\WINDOWS\System32\igfxsrvc.dll (Intel Corporation)
O20 - Winlogon\Notify\WRNotifier: DllName - (WRLogonNTF.dll) - File not found
O24 - Desktop WallPaper: C:\Documents and Settings\Owner\Application Data\Microsoft\Internet Explorer\Internet Explorer Wallpaper.bmp
O24 - Desktop BackupWallPaper: C:\Documents and Settings\Owner\Application Data\Microsoft\Internet Explorer\Internet Explorer Wallpaper.bmp
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2002/10/28 11:36:29 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O32 - AutoRun File - [2001/07/28 07:07:38 | 000,000,000 | --S- | M] () - D:\AUTOEXEC.BAT -- [ FAT32 ]
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
NetSvcs: 6to4 - File not found
NetSvcs: AppMgmt - File not found
NetSvcs: HidServ - File not found
NetSvcs: Ias - File not found
NetSvcs: Iprip - File not found
NetSvcs: Irmon - File not found
NetSvcs: NWCWorkstation - File not found
NetSvcs: Nwsapagent - File not found
NetSvcs: WmdmPmSp - File not found
CREATERESTOREPOINT
Restore point Set: OTL Restore Point
========== Files/Folders - Created Within 30 Days ========== [2012/03/10 18:10:01 | 000,593,920 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\Owner\Desktop\OTL.exe
[2012/03/10 17:36:21 | 000,446,464 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\Owner\Desktop\TFC (1).exe
[2012/03/10 17:04:13 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Owner\My Documents\Downloads
[2012/03/10 17:02:51 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Owner\Start Menu\Programs\Google Chrome
[2012/03/10 09:26:40 | 004,730,880 | ---- | C] (AVAST Software) -- C:\Documents and Settings\Owner\Desktop\aswMBR.exe
[2012/03/10 09:21:48 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Spybot - Search & Destroy
[2012/03/10 09:21:43 | 000,000,000 | ---D | C] -- C:\Program Files\Spybot - Search & Destroy
[2012/03/10 09:21:43 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy
[2012/03/10 09:20:32 | 000,000,000 | -HSD | C] -- C:\RECYCLER
[2012/03/10 09:16:51 | 000,281,104 | ---- | C] (CACE Technologies, Inc.) -- C:\WINDOWS\System32\wpcap.dll
[2012/03/10 09:16:51 | 000,100,880 | ---- | C] (CACE Technologies, Inc.) -- C:\WINDOWS\System32\Packet.dll
[2012/03/10 09:16:51 | 000,050,704 | ---- | C] (CACE Technologies, Inc.) -- C:\WINDOWS\System32\drivers\npf.sys
[2012/03/10 09:16:45 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\NETGEAR WNDA3100v2 Smart Wizard
[2012/03/10 09:16:44 | 000,000,000 | ---D | C] -- C:\Program Files\NETGEAR
[2012/03/10 09:15:58 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Owner\Application Data\InstallShield
[2012/03/09 21:27:34 | 000,000,000 | ---D | C] -- C:\WINDOWS\temp
[2012/03/09 20:57:34 | 000,000,000 | R--D | C] -- C:\Documents and Settings\Owner\Start Menu\Programs\Administrative Tools
[2012/03/05 07:12:25 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Owner\My Documents\SpidersW
[2012/02/29 06:51:23 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Owner\My Documents\Thisbeat
[2012/02/27 06:42:56 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Owner\My Documents\image001
[2 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
========== Files - Modified Within 30 Days ========== [2012/03/10 18:11:27 | 000,445,370 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
[2012/03/10 18:11:27 | 000,072,576 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
[2012/03/10 18:07:34 | 000,001,158 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2012/03/10 18:07:18 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2012/03/10 18:07:16 | 536,399,872 | -HS- | M] () -- C:\hiberfil.sys
[2012/03/10 17:36:23 | 000,446,464 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Owner\Desktop\TFC (1).exe
[2012/03/10 17:03:00 | 000,002,295 | ---- | M] () -- C:\Documents and Settings\Owner\Desktop\Google Chrome.lnk
[2012/03/10 17:03:00 | 000,002,273 | ---- | M] () -- C:\Documents and Settings\Owner\Application Data\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk
[2012/03/10 17:01:11 | 000,000,978 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-833683956-2591638331-990971094-1003UA.job
[2012/03/10 17:01:10 | 000,000,926 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-833683956-2591638331-990971094-1003Core.job
[2012/03/10 16:51:59 | 000,337,848 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2012/03/10 16:25:57 | 000,000,422 | -H-- | M] () -- C:\WINDOWS\tasks\User_Feed_Synchronization-{7845FC5C-DA19-450F-91C5-4E99ED40B844}.job
[2012/03/10 09:41:59 | 000,000,512 | ---- | M] () -- C:\Documents and Settings\Owner\Desktop\MBR.dat
[2012/03/10 09:36:18 | 000,440,678 | R--- | M] () -- C:\WINDOWS\System32\drivers\etc\hosts
[2012/03/10 09:25:06 | 004,730,880 | ---- | M] (AVAST Software) -- C:\Documents and Settings\Owner\Desktop\aswMBR.exe
[2012/03/10 09:16:46 | 000,000,633 | ---- | M] () -- C:\Documents and Settings\All Users\Start Menu\Programs\Startup\NETGEAR WNDA3100v2 Smart Wizard.lnk
[2012/03/09 20:19:32 | 000,050,334 | ---- | M] () -- C:\VETlog.dmp
[2012/03/09 19:57:06 | 000,593,920 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Owner\Desktop\OTL.exe
[2012/03/08 13:23:16 | 001,579,010 | ---- | M] () -- C:\Documents and Settings\Owner\My Documents\YellowSnow.wmv
[2012/03/07 07:00:11 | 001,569,615 | ---- | M] () -- C:\Documents and Settings\Owner\My Documents\TotalControl4.21.12.pdf
[2012/03/05 07:12:25 | 000,149,286 | ---- | M] () -- C:\Documents and Settings\Owner\My Documents\SpidersW.zip
[2012/03/05 07:11:44 | 002,679,211 | ---- | M] () -- C:\Documents and Settings\Owner\My Documents\krout_und_touchphone.wmv
[2012/03/05 07:09:12 | 003,924,529 | ---- | M] () -- C:\Documents and Settings\Owner\My Documents\gv34sq1214685307.wmv
[2012/03/03 10:16:14 | 004,159,367 | ---- | M] () -- C:\Documents and Settings\Owner\My Documents\0-Voisinage.wmv
[2012/02/29 06:52:10 | 000,071,877 | ---- | M] () -- C:\Documents and Settings\Owner\My Documents\WinterdrivingtipPSA.pdf
[2012/02/29 06:51:23 | 001,755,407 | ---- | M] () -- C:\Documents and Settings\Owner\My Documents\Thisbeat.zip
[2012/02/27 20:54:02 | 000,000,284 | ---- | M] () -- C:\WINDOWS\tasks\AppleSoftwareUpdate.job
[2012/02/27 06:42:56 | 000,252,828 | ---- | M] () -- C:\Documents and Settings\Owner\My Documents\image001.zip
[2012/02/27 06:40:28 | 010,874,880 | ---- | M] () -- C:\Documents and Settings\Owner\My Documents\girl.mpg
[2012/02/24 15:39:37 | 000,217,600 | ---- | M] () -- C:\Documents and Settings\Owner\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2012/02/18 12:56:16 | 000,020,197 | ---- | M] () -- C:\Documents and Settings\Owner\My Documents\Colvin,MorganFlyerparents.pdf
[2 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
========== Files Created - No Company Name ========== [2012/03/10 17:03:00 | 000,002,273 | ---- | C] () -- C:\Documents and Settings\Owner\Application Data\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk
[2012/03/10 17:02:59 | 000,002,295 | ---- | C] () -- C:\Documents and Settings\Owner\Desktop\Google Chrome.lnk
[2012/03/10 17:01:11 | 000,000,978 | ---- | C] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-833683956-2591638331-990971094-1003UA.job
[2012/03/10 17:01:10 | 000,000,926 | ---- | C] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-833683956-2591638331-990971094-1003Core.job
[2012/03/10 09:41:59 | 000,000,512 | ---- | C] () -- C:\Documents and Settings\Owner\Desktop\MBR.dat
[2012/03/10 09:16:51 | 000,053,299 | ---- | C] () -- C:\WINDOWS\System32\pthreadVC.dll
[2012/03/10 09:16:46 | 000,000,633 | ---- | C] () -- C:\Documents and Settings\All Users\Start Menu\Programs\Startup\NETGEAR WNDA3100v2 Smart Wizard.lnk
[2012/03/08 13:23:10 | 001,579,010 | ---- | C] () -- C:\Documents and Settings\Owner\My Documents\YellowSnow.wmv
[2012/03/07 07:00:03 | 001,569,615 | ---- | C] () -- C:\Documents and Settings\Owner\My Documents\TotalControl4.21.12.pdf
[2012/03/05 07:12:23 | 000,149,286 | ---- | C] () -- C:\Documents and Settings\Owner\My Documents\SpidersW.zip
[2012/03/05 07:11:31 | 002,679,211 | ---- | C] () -- C:\Documents and Settings\Owner\My Documents\krout_und_touchphone.wmv
[2012/03/05 07:08:52 | 003,924,529 | ---- | C] () -- C:\Documents and Settings\Owner\My Documents\gv34sq1214685307.wmv
[2012/03/03 10:15:59 | 004,159,367 | ---- | C] () -- C:\Documents and Settings\Owner\My Documents\0-Voisinage.wmv
[2012/02/29 06:52:09 | 000,071,877 | ---- | C] () -- C:\Documents and Settings\Owner\My Documents\WinterdrivingtipPSA.pdf
[2012/02/29 06:51:15 | 001,755,407 | ---- | C] () -- C:\Documents and Settings\Owner\My Documents\Thisbeat.zip
[2012/02/27 06:42:53 | 000,252,828 | ---- | C] () -- C:\Documents and Settings\Owner\My Documents\image001.zip
[2012/02/27 06:39:47 | 010,874,880 | ---- | C] () -- C:\Documents and Settings\Owner\My Documents\girl.mpg
[2012/02/18 12:56:16 | 000,020,197 | ---- | C] () -- C:\Documents and Settings\Owner\My Documents\Colvin,MorganFlyerparents.pdf
[2011/12/10 19:05:27 | 000,111,872 | ---- | C] () -- C:\WINDOWS\System32\drivers\TrueSight.sys
========== LOP Check ========== [2002/10/28 13:20:00 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Freedom
[2007/02/08 11:02:20 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Viewpoint
[2007/03/01 15:48:30 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Owner\Application Data\Freedom
[2009/10/01 22:25:46 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Owner\Application Data\GARMIN
[2002/10/28 13:13:47 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Owner\Application Data\InterTrust
[2007/03/20 05:49:07 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Owner\Application Data\InterVideo
[2002/10/28 13:30:55 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Owner\Application Data\SampleView
[2007/03/20 05:51:19 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Owner\Application Data\VERITAS
[2007/02/08 11:02:22 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Owner\Application Data\Viewpoint
[2011/11/22 12:23:25 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Owner\Application Data\WeatherBug
[2012/03/10 16:25:57 | 000,000,422 | -H-- | M] () -- C:\WINDOWS\Tasks\User_Feed_Synchronization-{7845FC5C-DA19-450F-91C5-4E99ED40B844}.job
========== Purity Check ========== ========== Custom Scans ========== < %SYSTEMDRIVE%\*.exe >[2007/09/10 16:40:43 | 000,010,920 | ---- | M] () -- C:\aolconnfix.exe
< MD5 for: EXPLORER.EXE >[2008/04/13 18:12:19 | 001,033,728 | ---- | M] (Microsoft Corporation) MD5=12896823FB95BFB3DC9B46BCAEDC9923 -- C:\WINDOWS\SoftwareDistribution\Download\9866fb57abdc0ea2f5d4e132d055ba4e\explorer.exe
[2007/06/13 05:26:03 | 001,033,216 | ---- | M] (Microsoft Corporation) MD5=7712DF0CDDE3A5AC89843E61CD5B3658 -- C:\WINDOWS\$hf_mig$\KB938828\SP2QFE\explorer.exe
[2007/06/13 04:23:07 | 001,033,216 | ---- | M] (Microsoft Corporation) MD5=97BD6515465659FF8F3B7BE375B2EA87 -- C:\WINDOWS\ERDNT\cache\explorer.exe
[2007/06/13 04:23:07 | 001,033,216 | ---- | M] (Microsoft Corporation) MD5=97BD6515465659FF8F3B7BE375B2EA87 -- C:\WINDOWS\explorer.exe
[2007/06/13 04:23:07 | 001,033,216 | ---- | M] (Microsoft Corporation) MD5=97BD6515465659FF8F3B7BE375B2EA87 -- C:\WINDOWS\system32\dllcache\explorer.exe
[2004/08/04 00:56:50 | 001,032,192 | ---- | M] (Microsoft Corporation) MD5=A0732187050030AE399B241436565E64 -- C:\WINDOWS\$NtUninstallKB938828$\explorer.exe
[2004/08/04 00:56:50 | 001,032,192 | ---- | M] (Microsoft Corporation) MD5=A0732187050030AE399B241436565E64 -- C:\WINDOWS\ServicePackFiles\i386\explorer.exe
[2002/08/29 06:00:00 | 001,004,032 | ---- | M] (Microsoft Corporation) MD5=A82B28BFC2E4455FE43022A498C0EF0A -- C:\WINDOWS\$NtServicePackUninstall$\explorer.exe
< MD5 for: SVCHOST.EXE >[2002/08/29 06:00:00 | 000,012,800 | ---- | M] (Microsoft Corporation) MD5=0F7D9C87B0CE1FA520473119752C6F79 -- C:\WINDOWS\$NtServicePackUninstall$\svchost.exe
[2008/04/13 18:12:36 | 000,014,336 | ---- | M] (Microsoft Corporation) MD5=27C6D03BCDB8CFEB96B716F3D8BE3E18 -- C:\WINDOWS\SoftwareDistribution\Download\9866fb57abdc0ea2f5d4e132d055ba4e\svchost.exe
[2004/08/04 00:56:58 | 000,014,336 | ---- | M] (Microsoft Corporation) MD5=8F078AE4ED187AAABC0A305146DE6716 -- C:\WINDOWS\ERDNT\cache\svchost.exe
[2004/08/04 00:56:58 | 000,014,336 | ---- | M] (Microsoft Corporation) MD5=8F078AE4ED187AAABC0A305146DE6716 -- C:\WINDOWS\ServicePackFiles\i386\svchost.exe
[2004/08/04 00:56:58 | 000,014,336 | ---- | M] (Microsoft Corporation) MD5=8F078AE4ED187AAABC0A305146DE6716 -- C:\WINDOWS\system32\svchost.exe
< MD5 for: USERINIT.EXE >[2004/08/04 00:56:58 | 000,024,576 | ---- | M] (Microsoft Corporation) MD5=39B1FFB03C2296323832ACBAE50D2AFF -- C:\WINDOWS\ERDNT\cache\userinit.exe
[2004/08/04 00:56:58 | 000,024,576 | ---- | M] (Microsoft Corporation) MD5=39B1FFB03C2296323832ACBAE50D2AFF -- C:\WINDOWS\ServicePackFiles\i386\userinit.exe
[2004/08/04 00:56:58 | 000,024,576 | ---- | M] (Microsoft Corporation) MD5=39B1FFB03C2296323832ACBAE50D2AFF -- C:\WINDOWS\system32\userinit.exe
[2008/04/13 18:12:38 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=A93AEE1928A9D7CE3E16D24EC7380F89 -- C:\WINDOWS\SoftwareDistribution\Download\9866fb57abdc0ea2f5d4e132d055ba4e\userinit.exe
[2002/08/29 06:00:00 | 000,022,016 | ---- | M] (Microsoft Corporation) MD5=E931E0A2B8BF0019DB902E98D03662CB -- C:\WINDOWS\$NtServicePackUninstall$\userinit.exe
< MD5 for: WINLOGON.EXE >[2004/08/04 00:56:58 | 000,502,272 | ---- | M] (Microsoft Corporation) MD5=01C3346C241652F43AED8E2149881BFE -- C:\WINDOWS\ERDNT\cache\winlogon.exe
[2004/08/04 00:56:58 | 000,502,272 | ---- | M] (Microsoft Corporation) MD5=01C3346C241652F43AED8E2149881BFE -- C:\WINDOWS\ServicePackFiles\i386\winlogon.exe
[2004/08/04 00:56:58 | 000,502,272 | ---- | M] (Microsoft Corporation) MD5=01C3346C241652F43AED8E2149881BFE -- C:\WINDOWS\system32\winlogon.exe
[2002/08/29 06:00:00 | 000,516,608 | ---- | M] (Microsoft Corporation) MD5=2246D8D8F4714A2CEDB21AB9B1849ABB -- C:\WINDOWS\$NtServicePackUninstall$\winlogon.exe
[2008/04/13 18:12:39 | 000,507,904 | ---- | M] (Microsoft Corporation) MD5=ED0EF0A136DEC83DF69F04118870003E -- C:\WINDOWS\SoftwareDistribution\Download\9866fb57abdc0ea2f5d4e132d055ba4e\winlogon.exe
< C:\Windows\assembly\tmp\U\*.* /s > < %Temp%\smtmp\1\*.* > < %Temp%\smtmp\2\*.* > < %Temp%\smtmp\3\*.* > < %Temp%\smtmp\4\*.* > ========== Drive Information ========== Physical Drives
---------------
Drive: \\\\.\\PHYSICALDRIVE0 - Fixed\thard disk media
Interface type: IDE
Media Type: Fixed\thard disk media
Model: SAMSUNG SV8004H
Partitions: 2
Status: OK
Status Info: 0
Drive: \\\\.\\PHYSICALDRIVE1 - Removable media other than\tfloppy
Interface type: USB
Media Type: Removable media other than\tfloppy
Model: Patriot Memory USB Device
Partitions: 1
Status: OK
Status Info: 0
Partitions
---------------
DeviceID: Disk #0, Partition #0
PartitionType: Unknown
Bootable: False
BootPartition: False
PrimaryPartition: True
Size: 5.00GB
Starting Offset: 32256
Hidden sectors: 0
DeviceID: Disk #0, Partition #1
PartitionType: Installable File System
Bootable: True
BootPartition: True
PrimaryPartition: True
Size: 69.00GB
Starting Offset: 5666734080
Hidden sectors: 0
DeviceID: Disk #1, Partition #0
PartitionType: Unknown
Bootable: False
BootPartition: False
PrimaryPartition: True
Size: 15.00GB
Starting Offset: 4128768
Hidden sectors: 0
< End of report >
extras from otl
OTL Extras logfile created on: 3/10/2012 6:10:30 PM - Run 1
OTL by OldTimer - Version 3.2.36.2 Folder = C:\Documents and Settings\Owner\Desktop
Windows XP Home Edition Service Pack 2 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy
511.48 Mb Total Physical Memory | 185.71 Mb Available Physical Memory | 36.31% Memory free
1.22 Gb Paging File | 0.96 Gb Available in Paging File | 78.91% Paging File free
Paging file location(s): C:\pagefile.sys 768 1536 [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 69.27 Gb Total Space | 47.28 Gb Free Space | 68.25% Space Free | Partition Type: NTFS
Drive D: | 5.27 Gb Total Space | 0.91 Gb Free Space | 17.32% Space Free | Partition Type: FAT32
Drive G: | 14.91 Gb Total Space | 13.84 Gb Free Space | 92.83% Space Free | Partition Type: FAT32
Computer Name: RSCOMP1 | User Name: Owner | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days
========== Extra Registry (SafeList) ========== ========== File Associations ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
.url [@ = InternetShortcut] -- rundll32.exe ieframe.dll,OpenURL %l
[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.html [@ = ChromeHTML] -- Reg Error: Key error. File not found
========== Shell Spawning ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
exefile [open] -- "%1" %*
InternetShortcut [open] -- rundll32.exe ieframe.dll,OpenURL %l
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /k "cd %L" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
========== Security Center Settings ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"AntiVirusDisableNotify" = 0
"FirewallDisableNotify" = 0
"UpdatesDisableNotify" = 0
"AntiVirusOverride" = 0
"FirewallOverride" = 0
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus]
"DisableMonitoring" = 1
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall]
========== System Restore Settings ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Sr]
"Start" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SrService]
"Start" = 2
========== Firewall Settings ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile]
[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1
"DoNotAllowExceptions" = 0
"DisableNotifications" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
========== Authorized Applications List ========== [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
"C:\Program Files\America Online 9.0\waol.exe" = C:\Program Files\America Online 9.0\waol.exe:*:Enabled:America Online 9.0 -- (America Online, Inc.)
"C:\Program Files\America Online 9.0a\waol.exe" = C:\Program Files\America Online 9.0a\waol.exe:*:Enabled:America Online 9.0a -- (America Online, Inc.)
"C:\Program Files\Microsoft Office Communicator\communicator.exe" = C:\Program Files\Microsoft Office Communicator\communicator.exe:*:Enabled:Microsoft Office Communicator 2007 -- (Microsoft Corporation)
"C:\Program Files\AOL 9.0\waol.exe" = C:\Program Files\AOL 9.0\waol.exe:*:Enabled:AOL9~1.0 -- (AOL, LLC.)
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"C:\Program Files\America Online 9.0\waol.exe" = C:\Program Files\America Online 9.0\waol.exe:*:Enabled:America Online 9.0 -- (America Online, Inc.)
"C:\Program Files\America Online 9.0a\waol.exe" = C:\Program Files\America Online 9.0a\waol.exe:*:Enabled:America Online 9.0a -- (America Online, Inc.)
"C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpqtra08.exe" = C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpqtra08.exe:*:Enabled:hpqtra08.exe -- (Hewlett-Packard Co.)
"C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpqste08.exe" = C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpqste08.exe:*:Enabled:hpqste08.exe -- (Hewlett-Packard Co.)
"C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpofxm08.exe" = C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpofxm08.exe:*:Enabled:hpofxm08.exe -- (Hewlett-Packard Co.)
"C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hposfx08.exe" = C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hposfx08.exe:*:Enabled:hposfx08.exe -- (Hewlett-Packard Co.)
"C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hposid01.exe" = C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hposid01.exe:*:Enabled:hposid01.exe -- (Hewlett-Packard Co.)
"C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpqscnvw.exe" = C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpqscnvw.exe:*:Enabled:hpqscnvw.exe -- ()
"C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpqkygrp.exe" = C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpqkygrp.exe:*:Enabled:hpqkygrp.exe -- (Hewlett-Packard)
"C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpqCopy.exe" = C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpqCopy.exe:*:Enabled:hpqcopy.exe -- (Hewlett-Packard Co.)
"C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpfccopy.exe" = C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpfccopy.exe:*:Enabled:hpfccopy.exe -- (Hewlett-Packard)
"C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpzwiz01.exe" = C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpzwiz01.exe:*:Enabled:hpzwiz01.exe -- (Hewlett-Packard Co.)
"C:\Program Files\Hewlett-Packard\Digital Imaging\Unload\HpqPhUnl.exe" = C:\Program Files\Hewlett-Packard\Digital Imaging\Unload\HpqPhUnl.exe:*:Enabled:hpqphunl.exe -- ()
"C:\Program Files\Hewlett-Packard\Digital Imaging\Unload\HpqDIA.exe" = C:\Program Files\Hewlett-Packard\Digital Imaging\Unload\HpqDIA.exe:*:Enabled:hpqdia.exe -- ( )
"C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpoews01.exe" = C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpoews01.exe:*:Enabled:hpoews01.exe -- (Hewlett-Packard Co.)
"C:\Program Files\Common Files\AOL\ACS\AOLDial.exe" = C:\Program Files\Common Files\AOL\ACS\AOLDial.exe:*:Enabled:AOL Connectivity Service Dialer -- (AOL LLC)
"C:\Program Files\Common Files\AOL\ACS\AOLacsd.exe" = C:\Program Files\Common Files\AOL\ACS\AOLacsd.exe:*:Enabled:AOL Connectivity Service -- (AOL LLC)
"C:\Program Files\Common Files\AOL\1187823671\ee\aolsoftware.exe" = C:\Program Files\Common Files\AOL\1187823671\ee\aolsoftware.exe:*:Enabled:AOL Shared Components -- (AOL LLC)
"C:\Program Files\Common Files\AOL\TopSpeed\3.0\aoltpsd3.exe" = C:\Program Files\Common Files\AOL\TopSpeed\3.0\aoltpsd3.exe:*:Enabled:AOL TopSpeed -- (AOL LLC)
"C:\Program Files\Common Files\AOL\Loader\aolload.exe" = C:\Program Files\Common Files\AOL\Loader\aolload.exe:*:Enabled:AOL Loader -- (America Online, Inc.)
"C:\Program Files\Common Files\AOL\System Information\sinf.exe" = C:\Program Files\Common Files\AOL\System Information\sinf.exe:*:Enabled:AOL System Information -- (AOL LLC)
"C:\Program Files\Yahoo!\Messenger\YPager.exe" = C:\Program Files\Yahoo!\Messenger\YPager.exe:*:Enabled:Yahoo! Messenger -- ()
"C:\Program Files\Yahoo!\Messenger\YServer.exe" = C:\Program Files\Yahoo!\Messenger\YServer.exe:*:Enabled:Yahoo! FT Server -- (Yahoo! Inc.)
"C:\Program Files\Microsoft Office Communicator\communicator.exe" = C:\Program Files\Microsoft Office Communicator\communicator.exe:*:Enabled:Microsoft Office Communicator 2007 -- (Microsoft Corporation)
"C:\Program Files\hp center\137903\Program\BackWeb-137903.exe" = C:\Program Files\hp center\137903\Program\BackWeb-137903.exe:*:Disabled:BackWeb-137903 -- ()
"C:\Program Files\AOL 9.0\waol.exe" = C:\Program Files\AOL 9.0\waol.exe:*:Enabled:AOL9~1.0 -- (AOL, LLC.)
"C:\Program Files\Common Files\Apple\Apple Application Support\WebKit2WebProcess.exe" = C:\Program Files\Common Files\Apple\Apple Application Support\WebKit2WebProcess.exe:*:Enabled:WebKit -- (Apple Inc.)
========== HKEY_LOCAL_MACHINE Uninstall List ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{03B1B42B-F6DE-41d9-8CFF-DC44E895C7A7}" = PhotoGallery
"{0611BD4E-4FE4-4a62-B0C0-18A4CC463428}" = CP_Package_Variety1
"{07295ABF-1245-415A-BE06-863271753443}" = ShowBiz
"{09984AEC-6B9F-4ca7-B78D-CB44D4771DA3}" = Destinations
"{09DA4F91-2A09-4232-AB8C-6BC740096DE3}" = RecordNow Update Manager
"{15EE79F4-4ED1-4267-9B0F-351009325D7D}" = HP Software Update
"{172975EB-9465-4861-95B5-C7BB6D3DE62A}" = DocumentViewer
"{1C139D7D-9FEA-468d-A9C8-2A6E3BDE564A}" = CP_Package_Variety3
"{1D14373E-7970-4F2F-A467-ACA4F0EA21E3}" = Google Earth
"{1EEE2A9F-6471-42fa-8923-E8879168CE26}" = HP Photo and Imaging 1.1 - Photosmart Cameras
"{1F7CCFA3-D926-4882-B2A5-A0217ED25597}" = PC-Doctor for Windows
"{21DB3D90-D816-4092-A260-CA3F6B55A6DD}" = Sonic_PrimoSDK
"{23A7B376-BBEC-4e76-BBD7-0F155E70D74B}" = CP_Panorama1Config
"{287ECFA4-719A-2143-A09B-D6A12DE54E40}" = Acrobat.com
"{29D88826-2AB9-11D5-8854-00902761A46D}" = WordPerfect Productivity Pack
"{2B5DDB2C-0807-47FD-9C11-80EA761902C0}" = easy Internet sign-up
"{2CADCEAB-D5DA-44D6-B5FC-7DEE87AB3C0C}" = Unload
"{30C19FF2-7FBA-4d09-B9DE-1659977F64F6}" = TrayApp
"{32BDCCB8-9DC8-496d-9DB1-F77510775BDB}" = InstantShareDevices
"{350C97B0-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP
"{35845E72-E34A-11D4-817D-005004D0F1FA}" = MarketBrowser
"{36E47DA1-10E1-45d9-8B19-14D19607CDCF}" = CP_CalendarTemplates1
"{3C7839E7-21F4-49E0-B4D5-AC8ED818CCB0}" = NETGEAR WNDA3100v2 wireless USB 2.0 adapter
"{3E386744-10FA-44b2-98C9-DF7A270DECB3}" = HP PSC & OfficeJet 5.3.A
"{47D4AF7B-EDE6-4ADB-8D2F-0BDA25C7321F}" = HP Digital Imaging Album Printing 1.0
"{4CD67A02-DF59-43f7-8E8F-86DCF40543EF}" = 2570_Help
"{4F0AE1FB-4082-4A27-8363-05D292D92FB0}" = Virtual Warfare
"{50E7BB78-02B4-469a-9D8B-B2F42835F90E}" = ProductContextNPI
"{53EE9E42-CECB-4C92-BF76-9CA65DAF8F1C}" = FullDPAppQFolder
"{5415BC25-6D6C-46C4-B34C-EA8470FE56D5}" = Blackhawk Striker
"{567C23E1-7580-4185-B8C2-30805677297C}" = NewCopy_CDA
"{56EE8B17-8274-418d-89AC-C057C5DB251E}" = RandMap
"{56F8AFC3-FA98-4ff1-9673-8A026CBF85BE}" = WebReg
"{5A01C58E-B0EC-49b9-AD71-7C0468688087}" = CP_Package_Basic1
"{5B622B7A-60FB-4630-B11D-F121D20BCCD6}" = MarketResearch
"{5F26311C-B135-4F7F-B11E-8E650F83651E}" = DeviceFunctionQFolder
"{60E971B7-51A0-48CA-8687-C6B8F094A409}" = Simple Backup for My Pictures
"{66BA8C26-AFE4-4408-807B-43E76B57EF53}" = SkinsHP1
"{66E6CE0C-5A1E-430C-B40A-0C90FF1804A8}" = eSupportQFolder
"{6BB6627C-694F-4FDC-A3E5-C7F4BED4C724}" = DocProc
"{6F5E2F4A-377D-4700-B0E3-8F7F7507EA15}" = CustomerResearchQFolder
"{718D791F-F4E8-4aa7-98A6-15FDED17BDD0}" = Trend Micro AntiVirus
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
"{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}" = Apple Software Update
"{797EE0CA-8165-405C-B5CE-F11EC20F1BB0}" = Microsoft VC9 runtime libraries
"{7BE15435-2D3E-4B58-867F-9C75BED0208C}" = QuickTime
"{7C03270C-4FAB-4F5C-B10D-52FEDA190790}" = DocumentViewerQFolder
"{7E27304E-BAA2-4d90-A34E-76641FAFABB4}" = CP_AtenaShokunin1Config
"{8214CC02-6271-4DC8-B8DD-779933450264}" = RecordNow
"{8A708DD8-A5E6-11D4-A706-000629E95E20}" = Intel® 82845G Graphics Driver Software
"{8D5D99B8-DFA2-4018-ADE9-A6B83E655C65}" =
"{90120000-0010-0409-0000-0000000FF1CE}" = Microsoft Software Update for Web Folders (English) 12
"{90120000-0015-0409-0000-0000000FF1CE}" = Microsoft Office Access MUI (English) 2007
"{90120000-0015-0409-0000-0000000FF1CE}_ENTERPRISER_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0016-0409-0000-0000000FF1CE}" = Microsoft Office Excel MUI (English) 2007
"{90120000-0016-0409-0000-0000000FF1CE}_ENTERPRISER_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0018-0409-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (English) 2007
"{90120000-0018-0409-0000-0000000FF1CE}_ENTERPRISER_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0019-0409-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (English) 2007
"{90120000-0019-0409-0000-0000000FF1CE}_ENTERPRISER_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001A-0409-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (English) 2007
"{90120000-001A-0409-0000-0000000FF1CE}_ENTERPRISER_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001B-0409-0000-0000000FF1CE}" = Microsoft Office Word MUI (English) 2007
"{90120000-001B-0409-0000-0000000FF1CE}_ENTERPRISER_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-0409-0000-0000000FF1CE}_ENTERPRISER_{1FF96026-A04A-4C3E-B50A-BB7022654D0F}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2007
"{90120000-001F-040C-0000-0000000FF1CE}_ENTERPRISER_{71F055E8-E2C6-4214-BB3D-BFE03561B89E}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-0C0A-0000-0000000FF1CE}" = Microsoft Office Proof (Spanish) 2007
"{90120000-001F-0C0A-0000-0000000FF1CE}_ENTERPRISER_{2314F9A1-126F-45CC-8A5E-DFAF866F3FBC}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-002C-0409-0000-0000000FF1CE}" = Microsoft Office Proofing (English) 2007
"{90120000-0044-0409-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (English) 2007
"{90120000-0044-0409-0000-0000000FF1CE}_ENTERPRISER_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-006E-0409-0000-0000000FF1CE}" = Microsoft Office Shared MUI (English) 2007
"{90120000-006E-0409-0000-0000000FF1CE}_ENTERPRISER_{98333358-268C-4164-B6D4-C96DF5153727}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-00A1-0409-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (English) 2007
"{90120000-00A1-0409-0000-0000000FF1CE}_ENTERPRISER_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-00BA-0409-0000-0000000FF1CE}" = Microsoft Office Groove MUI (English) 2007
"{90120000-00BA-0409-0000-0000000FF1CE}_ENTERPRISER_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0114-0409-0000-0000000FF1CE}" = Microsoft Office Groove Setup Metadata MUI (English) 2007
"{90120000-0114-0409-0000-0000000FF1CE}_ENTERPRISER_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0115-0409-0000-0000000FF1CE}" = Microsoft Office Shared Setup Metadata MUI (English) 2007
"{90120000-0115-0409-0000-0000000FF1CE}_ENTERPRISER_{98333358-268C-4164-B6D4-C96DF5153727}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0117-0409-0000-0000000FF1CE}" = Microsoft Office Access Setup Metadata MUI (English) 2007
"{90120000-0117-0409-0000-0000000FF1CE}_ENTERPRISER_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90140000-2005-0000-0000-0000000FF1CE}" = Microsoft Office File Validation Add-In
"{91120000-0030-0000-0000-0000000FF1CE}" = Microsoft Office Enterprise 2007
"{91120000-0030-0000-0000-0000000FF1CE}_ENTERPRISER_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{923A7F5A-1E8C-4FBE-8DF6-85940A60A79F}" = Readme
"{98E8A2EF-4EAE-43B8-A172-74842B764777}" = InterVideo WinDVD 4
"{A0C4079C-097C-45BA-8D85-08C9FAF290FA}" = Freedom
"{A195B13E-A5E3-4BAF-A995-7F70F445CD06}" = ScannerCopy
"{A2BCA9F1-566C-4805-97D1-7FDC93386723}" = Adobe AIR
"{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}" = Microsoft .NET Framework 3.0 Service Pack 2
"{A3BC5D37-30F9-4CF7-BD5C-0DFF063E4B6D}" = 2Wire Wireless Client
"{A5BB5365-EFB4-44c3-A7E2-EB59B7EFD23D}" = CueTour
"{A621B45A-D138-4A95-BE10-7CABA05EF94E}" = Trend Micro AntiVirus
"{A83279FD-CA4B-4206-9535-90974DE76654}" = Apple Application Support
"{A8D91906-4032-4443-8C49-69F90E38F39D}" = 2570
"{AB5D51AE-EBC3-438D-872C-705C7C2084B0}" = DeviceManagementQFolder
"{AC76BA86-7AD7-1033-7B44-A95000000001}" = Adobe Reader 9.5.0
"{B276997E-4367-4b1b-A39C-4CAE7464337A}" = AiO_Scan_CDA
"{B4092C6D-E886-4CB2-BA68-FE5A88D31DE6}_is1" = Spybot - Search & Destroy
"{B43357AA-3A6D-4D94-B56E-43C44D09E548}" = Microsoft .NET Framework (English)
"{B4D279F1-4309-49cc-A4B5-3A0D2E59C7B5}" = PanoStandAlone
"{B60E7826-F117-4d26-8165-D2DC5A494AB0}" = Fax_CDA
"{B64E3AFC-59EF-4f18-BF11-E751462450D3}" = AiOSoftwareNPI
"{B824B5C9-849F-4b9e-9EA7-6FD8CD8116DA}" = CP_Package_Variety2
"{B996AE66-10DB-4ac5-B151-E8B4BFBC42FC}" = BufferChm
"{BC0EE7F1-32DE-4EE2-BE10-AE15DB394E84}" = PigPen
"{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}" = Microsoft .NET Framework 2.0 Service Pack 2
"{C506A18C-1469-4678-B094-F4EC9DAE6DB7}" = Scan
"{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}" = Microsoft .NET Framework 1.1
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{E3F90083-80D4-4b5a-87C7-E97E12F5516D}" = HPProductAssistant
"{E5BA0430-919F-46DD-B656-0796F8A5ADFF}" = Microsoft Office Communicator 2007
"{E62C706B-1352-4DCA-B4D4-81C24750B70F}" = Detto IntelliMover Demo
"{EA103B64-C0E4-4C0E-A506-751590E1653D}" = SolutionCenter
"{EE55FD52-0D47-4c5a-96EC-48F70FF30520}" = 2570Trb
"{EEF397AC-DAEF-4C04-90A9-5B2BD31875DC}" = Simple Installer - Multilanguage Version
"{F4C2E5F5-2970-45f4-ABD3-C180C4D961C4}" = Status
"Adobe Acrobat 5.0" = Adobe Acrobat 5.0
"Adobe AIR" = Adobe AIR
"Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX
"AOL Toolbar" = AOL Toolbar
"AOL Uninstaller" = AOL Uninstaller (Choose which Products to Remove)
"AolCoach" = AOL Coach Version 1.0(Build:20030807.3)
"ArcSoft Software Suite" = ArcSoft Software Suite
"AXIS Media Control Embedded" = AXIS Media Control Embedded
"BackWeb-137903 Uninstaller" = hp center
"ENTERPRISER" = Microsoft Office Enterprise 2007
"Google Updater" = Google Updater
"HP Document Viewer" = HP Document Viewer 5.3
"HP Imaging Device Functions" = HP Imaging Device Functions 5.3
"hp instant support" = HP Instant Support
"HP Photo & Imaging" = HP Image Zone 5.3
"HP Solution Center & Imaging Support Tools" = HP Solution Center & Imaging Support Tools 5.3
"HPExtendedCapabilities" = HP Extended Capabilities 5.3
"HPTOOLKIT" = hp toolkit
"ie8" = Windows Internet Explorer 8
"Inactive HP Printer Drivers (Remove only)" = Inactive HP Printer Drivers (Remove only)
"Indeo® Software" = Indeo® Software
"InstallShield_{A0C4079C-097C-45BA-8D85-08C9FAF290FA}" = Freedom Security & Privacy
"Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware version 1.51.2.1300
"Microsoft .NET Framework 1.1 (1033)" = Microsoft .NET Framework 1.1
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"Microsoft .NET Framework Full v1.0.3705 (1033)" = Microsoft .NET Framework (English) v1.0.3705
"MUSICMATCH Jukebox" = MUSICMATCH Jukebox
"NVIDIA" = NVIDIA Windows 2000/XP Display Drivers
"Punch! Landscape, Deck && Patio Designer" = Punch! Landscape, Deck && Patio Designer
"RealPlayer 6.0" = RealPlayer Basic
"S3Display" = S3Display
"S3Gamma2" = S3Gamma2
"S3Info2" = S3Info2
"S3Overlay" = S3Overlay
"SBC Yahoo! Applications" = SBC Yahoo! Applications
"SoftwareUpdUtility" = Download Updater (AOL LLC)
"StreetPlugin" = Learn2 Player (Uninstall Only)
"tv_enua" = Lernout & Hauspie TruVoice American English TTS Engine
"ViewpointMediaPlayer" = Viewpoint Media Player
"VN_VUIns_Rhine_VIA" = VIA Rhine-Family Fast Ethernet Adapter
"WeatherBug" = WeatherBug
"WIC" = Windows Imaging Component
"WildTangentDDC" = WildTangent Channel Manager
"Windows XP Service Pack" = Windows XP Service Pack 2
"WordPerfect Productivity Pack" = WordPerfect Productivity Pack
"Yahoo! Toolbar" = Yahoo! Toolbar
========== HKEY_CURRENT_USER Uninstall List ========== [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Google Chrome" = Google Chrome
========== Last 10 Event Log Errors ========== [ Application Events ]
Error - 1/15/2012 5:14:59 AM | Computer Name = RSCOMP1 | Source = Application Error | ID = 1000
Description = Faulting application iexplore.exe, version 8.0.6001.18702, faulting
module pkr.dll, version 4.0.0.57415, fault address 0x0000fc90.
Error - 1/17/2012 12:08:36 AM | Computer Name = RSCOMP1 | Source = Application Error | ID = 1000
Description = Faulting application iexplore.exe, version 8.0.6001.18702, faulting
module pkr.dll, version 4.0.0.57415, fault address 0x0000fc90.
Error - 1/19/2012 10:58:55 PM | Computer Name = RSCOMP1 | Source = Application Error | ID = 1000
Description = Faulting application iexplore.exe, version 8.0.6001.18702, faulting
module ieframe.dll, version 8.0.6001.18928, fault address 0x000b7911.
Error - 1/20/2012 10:44:20 PM | Computer Name = RSCOMP1 | Source = Application Error | ID = 1000
Description = Faulting application iexplore.exe, version 8.0.6001.18702, faulting
module pkr.dll, version 4.0.0.57415, fault address 0x0000fc90.
Error - 2/13/2012 11:08:33 AM | Computer Name = RSCOMP1 | Source = Microsoft Office 12 | ID = 2000
Description = Accepted Safe Mode action : Microsoft Office PowerPoint.
Error - 2/21/2012 2:10:45 AM | Computer Name = RSCOMP1 | Source = Application Error | ID = 1000
Description = Faulting application iexplore.exe, version 8.0.6001.18702, faulting
module unknown, version 0.0.0.0, fault address 0x00000000.
Error - 3/10/2012 6:11:58 PM | Computer Name = RSCOMP1 | Source = Application Error | ID = 1000
Description = Faulting application iexplore.exe, version 8.0.6001.18702, faulting
module ieframe.dll, version 8.0.6001.18928, fault address 0x00125dfc.
Error - 3/10/2012 6:31:46 PM | Computer Name = RSCOMP1 | Source = Application Error | ID = 1000
Description = Faulting application iexplore.exe, version 8.0.6001.18702, faulting
module ieframe.dll, version 8.0.6001.18928, fault address 0x00125dfc.
Error - 3/10/2012 7:01:08 PM | Computer Name = RSCOMP1 | Source = Application Error | ID = 1000
Description = Faulting application iexplore.exe, version 8.0.6001.18702, faulting
module unknown, version 0.0.0.0, fault address 0xf845c7ff.
Error - 3/10/2012 7:01:19 PM | Computer Name = RSCOMP1 | Source = Application Error | ID = 1000
Description = Faulting application drwtsn32.exe, version 5.1.2600.0, faulting module
dbghelp.dll, version 5.1.2600.2180, fault address 0x0001295d.
[ OSession Events ]
Error - 1/27/2010 11:33:07 PM | Computer Name = RSCOMP1 | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 1, Application Name: Microsoft Office Excel, Application Version:
12.0.4518.1014, Microsoft Office Version: 12.0.4518.1014. This session lasted 119
seconds with 0 seconds of active time. This session ended with a crash.
Error - 9/24/2011 5:31:33 AM | Computer Name = RSCOMP1 | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 0, Application Name: Microsoft Office Word, Application Version:
12.0.6545.5000, Microsoft Office Version: 12.0.6425.1000. This session lasted 152
seconds with 120 seconds of active time. This session ended with a crash.
Error - 9/25/2011 4:03:11 AM | Computer Name = RSCOMP1 | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 0, Application Name: Microsoft Office Word, Application Version:
12.0.6545.5000, Microsoft Office Version: 12.0.6425.1000. This session lasted 6745
seconds with 3180 seconds of active time. This session ended with a crash.
[ System Events ]
Error - 3/10/2012 7:04:36 PM | Computer Name = RSCOMP1 | Source = Service Control Manager | ID = 7031
Description = The WSWNDA3100 service terminated unexpectedly. It has done this
1 time(s). The following corrective action will be taken in 5000 milliseconds:
Restart the service.
Error - 3/10/2012 7:29:57 PM | Computer Name = RSCOMP1 | Source = Service Control Manager | ID = 7009
Description = Timeout (30000 milliseconds) waiting for the AOL Connectivity Service
service to connect.
Error - 3/10/2012 7:29:57 PM | Computer Name = RSCOMP1 | Source = Service Control Manager | ID = 7000
Description = The AOL Connectivity Service service failed to start due to the following
error: %%1053
Error - 3/10/2012 7:36:45 PM | Computer Name = RSCOMP1 | Source = Service Control Manager | ID = 7034
Description = The NVIDIA Driver Helper Service service terminated unexpectedly.
It has done this 1 time(s).
Error - 3/10/2012 7:36:45 PM | Computer Name = RSCOMP1 | Source = Service Control Manager | ID = 7034
Description = The Pml Driver HPZ12 service terminated unexpectedly. It has done
this 1 time(s).
Error - 3/10/2012 7:36:45 PM | Computer Name = RSCOMP1 | Source = Service Control Manager | ID = 7034
Description = The Trend Micro Central Control Component service terminated unexpectedly.
It has done this 1 time(s).
Error - 3/10/2012 7:36:45 PM | Computer Name = RSCOMP1 | Source = Service Control Manager | ID = 7034
Description = The WAN Miniport (ATW) Service service terminated unexpectedly. It
has done this 1 time(s).
Error - 3/10/2012 8:07:24 PM | Computer Name = RSCOMP1 | Source = Service Control Manager | ID = 7009
Description = Timeout (30000 milliseconds) waiting for the AOL Connectivity Service
service to connect.
Error - 3/10/2012 8:07:24 PM | Computer Name = RSCOMP1 | Source = Service Control Manager | ID = 7000
Description = The AOL Connectivity Service service failed to start due to the following
error: %%1053
Error - 3/10/2012 8:08:51 PM | Computer Name = RSCOMP1 | Source = Service Control Manager | ID = 7011
Description = Timeout (30000 milliseconds) waiting for a transaction response from
the Dnscache service.
< End of report >
aswmbr
aswMBR version 0.9.9.1649 Copyright© 2011 AVAST Software
Run date: 2012-03-10 09:26:43
-----------------------------
09:26:43.843 OS Version: Windows 5.1.2600 Service Pack 2
09:26:43.843 Number of processors: 1 586 0x801
09:26:43.843 ComputerName: RSCOMP1 UserName: Owner
09:26:47.343 Initialize success
09:32:34.218 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IdeDeviceP0T0L0-3
09:32:34.218 Disk 0 Vendor: SAMSUNG_SV8004H QR100-07 Size: 76351MB BusType: 3
09:32:34.281 Disk 0 MBR read successfully
09:32:34.281 Disk 0 MBR scan
09:32:34.281 Disk 0 unknown MBR code
09:32:34.312 Disk 0 Partition 1 00 0B FAT32 RECOVERY 5404 MB offset 63
09:32:34.609 Disk 0 Partition 2 80 (A) 07 HPFS/NTFS NTFS 70934 MB offset 11067840
09:32:34.656 Disk 0 scanning sectors +156340800
09:32:34.984 Disk 0 scanning C:\WINDOWS\system32\drivers
09:33:55.468 Service scanning
09:35:38.796 Modules scanning
09:38:38.734 Disk 0 trace - called modules:
09:38:38.750 ntoskrnl.exe CLASSPNP.SYS disk.sys ACPI.sys hal.dll atapi.sys viaide.sys PCIIDEX.SYS
09:38:38.750 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0x82f75ab8]
09:38:38.750 3 CLASSPNP.SYS[f867705b] -> nt!IofCallDriver -> \Device\0000005d[0x82f78f18]
09:38:38.765 5 ACPI.sys[f85ed620] -> nt!IofCallDriver -> \Device\Ide\IdeDeviceP0T0L0-3[0x82f51940]
09:38:38.765 Scan finished successfully
09:41:59.156 Disk 0 MBR has been saved successfully to "C:\Documents and Settings\Owner\Desktop\MBR.dat"
09:41:59.281 The log file has been saved successfully to "C:\Documents and Settings\Owner\Desktop\aswMBR.txt"
aswMBR version 0.9.9.1649 Copyright© 2011 AVAST Software
Run date: 2012-03-10 18:29:36
-----------------------------
18:29:36.890 OS Version: Windows 5.1.2600 Service Pack 2
18:29:36.890 Number of processors: 1 586 0x801
18:29:36.921 ComputerName: RSCOMP1 UserName: Owner
18:29:38.578 Initialize success
18:29:57.312 AVAST engine defs: 12031002
18:30:33.531 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IdeDeviceP0T0L0-3
18:30:33.640 Disk 0 Vendor: SAMSUNG_SV8004H QR100-07 Size: 76351MB BusType: 3
18:30:33.687 Disk 0 MBR read successfully
18:30:33.687 Disk 0 MBR scan
18:30:33.906 Disk 0 unknown MBR code
18:30:33.953 Disk 0 Partition 1 00 0B FAT32 RECOVERY 5404 MB offset 63
18:30:33.984 Disk 0 Partition 2 80 (A) 07 HPFS/NTFS NTFS 70934 MB offset 11067840
18:30:34.046 Disk 0 scanning sectors +156340800
18:30:34.187 Disk 0 scanning C:\WINDOWS\system32\drivers
18:30:58.875 Service scanning
18:31:57.984 Modules scanning
18:32:35.640 Disk 0 trace - called modules:
18:32:35.656 ntoskrnl.exe CLASSPNP.SYS disk.sys ACPI.sys hal.dll atapi.sys viaide.sys PCIIDEX.SYS
18:32:35.671 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0x82f50ab8]
18:32:35.687 3 CLASSPNP.SYS[f867705b] -> nt!IofCallDriver -> \Device\0000005f[0x82fcff18]
18:32:35.687 5 ACPI.sys[f85ed620] -> nt!IofCallDriver -> \Device\Ide\IdeDeviceP0T0L0-3[0x82f6dd98]
18:32:36.812 AVAST engine scan C:\WINDOWS
18:32:44.093 AVAST engine scan C:\WINDOWS\system32
18:37:05.015 AVAST engine scan C:\WINDOWS\system32\drivers
18:37:29.234 AVAST engine scan C:\Documents and Settings\Owner
18:39:14.250 Disk 0 MBR has been saved successfully to "C:\Documents and Settings\Owner\Desktop\MBR.dat"
18:39:14.250 The log file has been saved successfully to "C:\Documents and Settings\Owner\Desktop\aswMBR.txt"