My internet keeps freezing up. My ISP assures me it is a computer, not a connection problem. My cpu usage shows at 100%, then 8%. It keeps sticking at 100%. Someone reccommended cleaning out the fans, which I've done with no luck. OTL logs follow:
OTL logfile created on: 7/24/2012 8:24:57 AM - Run 1
OTL by OldTimer - Version 3.2.54.1 Folder = D:\Documents and Settings\kimosabe\Desktop
Windows XP Home Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy
1.94 Gb Total Physical Memory | 1.14 Gb Available Physical Memory | 58.67% Memory free
5.29 Gb Paging File | 2.25 Gb Available in Paging File | 42.57% Paging File free
Paging file location(s): D:\pagefile.sys 2046 4092 [binary data]
%SystemDrive% = D: | %SystemRoot% = D:\WINDOWS | %ProgramFiles% = D:\Program Files
Drive C: | 28.62 Gb Total Space | 28.44 Gb Free Space | 99.36% Space Free | Partition Type: NTFS
Drive D: | 465.75 Gb Total Space | 443.39 Gb Free Space | 95.20% Space Free | Partition Type: NTFS
Drive E: | 313.66 Mb Total Space | 0.00 Mb Free Space | 0.00% Space Free | Partition Type: CDFS
Computer Name: SHEPHERD | User Name: kimosabe | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
========== Processes (SafeList) ==========
PRC - D:\Documents and Settings\kimosabe\Desktop\OTL.exe (OldTimer Tools)
PRC - D:\Program Files\Common Files\AVG Secure Search\vToolbarUpdater\11.2.0\ToolbarUpdater.exe ()
PRC - D:\Program Files\AVG Secure Search\vprot.exe ()
PRC - D:\Program Files\DriverUpdate\DriverUpdate.exe (SlimWare Utilities, Inc.)
PRC - D:\Program Files\Yahoo!\Companion\Installs\cpn1\ytbb.exe (Yahoo! Inc.)
PRC - D:\Program Files\HTC\HTC Sync 3.0\htcUPCTLoader.exe ()
PRC - C:\Java\bin\jqs.exe (Sun Microsystems, Inc.)
PRC - D:\Program Files\AVG\AVG2012\avgtray.exe (AVG Technologies CZ, s.r.o.)
PRC - D:\Program Files\PC Tools\PC Tools Security\BDT\BDTUpdateService.exe (Threat Expert Ltd.)
PRC - D:\Program Files\PC Tools\PC Tools Security\pctsGui.exe (PC Tools)
PRC - D:\Program Files\PC Tools\PC Tools Security\pctsSvc.exe (PC Tools)
PRC - D:\Program Files\PC Tools\PC Tools Security\pctsAuxs.exe (PC Tools)
PRC - D:\Program Files\PC Tools\PC Tools Security\TFEngine\TFService.exe (PC Tools)
PRC - D:\Program Files\AVG\AVG2012\avgnsx.exe (AVG Technologies CZ, s.r.o.)
PRC - D:\Program Files\AVG\AVG PC Tuneup\BoostSpeed.exe (AVG)
PRC - D:\Program Files\W3i\InstallIQUpdater\InstallIQUpdater.exe (W3i, LLC)
PRC - D:\Program Files\HTC\Internet Pass-Through\PassThruSvr.exe ()
PRC - D:\Program Files\AVG\AVG2012\avgwdsvc.exe (AVG Technologies CZ, s.r.o.)
PRC - D:\Program Files\Epson Software\Event Manager\EEventManager.exe (SEIKO EPSON CORPORATION)
PRC - D:\WINDOWS\system32\spool\drivers\w32x86\3\E_FATIGGA.EXE (SEIKO EPSON CORPORATION)
PRC - D:\Program Files\Yahoo!\SoftwareUpdate\YahooAUService.exe (Yahoo! Inc.)
PRC - D:\WINDOWS\explorer.exe (Microsoft Corporation)
PRC - D:\WINDOWS\system32\VTTimer.exe (S3 Graphics, Inc.)
========== Modules (No Company Name) ==========
MOD - D:\Program Files\Common Files\AVG Secure Search\SiteSafetyInstaller\11.2.0\SiteSafety.dll ()
MOD - D:\Program Files\Common Files\AVG Secure Search\vToolbarUpdater\11.2.0\ToolbarUpdater.exe ()
MOD - D:\Program Files\AVG Secure Search\vprot.exe ()
MOD - D:\Program Files\AVG Secure Search\11.1.0.12\AVG Secure Search_toolbar.dll ()
MOD - D:\WINDOWS\assembly\GAC_MSIL\System\2.0.0.0__b77a5c561934e089\System.dll ()
MOD - D:\WINDOWS\assembly\GAC_32\System.Data\2.0.0.0__b77a5c561934e089\System.Data.dll ()
MOD - D:\WINDOWS\assembly\GAC_MSIL\System.Configuration\2.0.0.0__b03f5f7f11d50a3a\System.Configuration.dll ()
MOD - D:\WINDOWS\assembly\GAC_MSIL\System.Xml\2.0.0.0__b77a5c561934e089\System.Xml.dll ()
MOD - D:\WINDOWS\assembly\NativeImages_v2.0.50727_32\mscorlib\e337c89bc9f81b69d7237aa70e935900\mscorlib.ni.dll ()
MOD - D:\Program Files\HTC\HTC Sync 3.0\Maps\R66Api.dll ()
MOD - D:\Program Files\HTC\HTC Sync 3.0\htcUPCTLoader.exe ()
MOD - D:\Program Files\HTC\HTC Sync 3.0\sqlite3.7.dll ()
MOD - D:\Program Files\HTC\HTC Sync 3.0\sqlite3.dll ()
MOD - D:\Program Files\HTC\HTC Sync 3.0\htcDetect.dll ()
MOD - D:\Program Files\HTC\HTC Sync 3.0\htcDetectLegend.dll ()
MOD - D:\Program Files\HTC\HTC Sync 3.0\htcDisk.dll ()
MOD - D:\Program Files\HTC\HTC Sync 3.0\OutputLog.dll ()
MOD - D:\Program Files\HTC\HTC Sync 3.0\fdHttpd.dll ()
MOD - D:\Program Files\PC Tools\PC Tools Security\BDT\BSPatch.dll ()
MOD - D:\Program Files\PC Tools\PC Tools Security\NetworkLayer\PCTCFHook.dll ()
MOD - D:\Program Files\PC Tools\PC Tools Security\avengine\sdkBSCtrl.dll ()
MOD - D:\Program Files\AVG\AVG PC Tuneup\madExcept_.bpl ()
MOD - D:\Program Files\AVG\AVG PC Tuneup\madBasic_.bpl ()
MOD - D:\Program Files\AVG\AVG PC Tuneup\madDisAsm_.bpl ()
MOD - D:\Program Files\HTC\Internet Pass-Through\PassThruSvr.exe ()
========== Win32 Services (SafeList) ==========
SRV - (AppMgmt) -- %SystemRoot%\System32\appmgmts.dll File not found
SRV - (AdobeFlashPlayerUpdateSvc) -- D:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe (Adobe Systems Incorporated)
SRV - (vToolbarUpdater11.2.0) -- D:\Program Files\Common Files\AVG Secure Search\vToolbarUpdater\11.2.0\ToolbarUpdater.exe ()
SRV - (JavaQuickStarterService) -- C:\Java\bin\jqs.exe (Sun Microsystems, Inc.)
SRV - (Browser Defender Update Service) -- D:\Program Files\PC Tools\PC Tools Security\BDT\BDTUpdateService.exe (Threat Expert Ltd.)
SRV - (sdCoreService) -- D:\Program Files\PC Tools\PC Tools Security\pctsSvc.exe (PC Tools)
SRV - (sdAuxService) -- D:\Program Files\PC Tools\PC Tools Security\pctsAuxs.exe (PC Tools)
SRV - (ThreatFire) -- D:\Program Files\PC Tools\PC Tools Security\TFEngine\TFService.exe (PC Tools)
SRV - (PassThru Service) -- D:\Program Files\HTC\Internet Pass-Through\PassThruSvr.exe ()
SRV - (avgwd) -- D:\Program Files\AVG\AVG2012\avgwdsvc.exe (AVG Technologies CZ, s.r.o.)
SRV - (YahooAUService) -- D:\Program Files\Yahoo!\SoftwareUpdate\YahooAUService.exe (Yahoo! Inc.)
========== Driver Services (SafeList) ==========
DRV - (WDICA) -- File not found
DRV - (PDRFRAME) -- File not found
DRV - (PDRELI) -- File not found
DRV - (PDFRAME) -- File not found
DRV - (PDCOMP) -- File not found
DRV - (PCIDump) -- File not found
DRV - (lbrtfdc) -- File not found
DRV - (i2omgmt) -- File not found
DRV - (Changer) -- File not found
DRV - (SWDUMon) -- D:\WINDOWS\system32\drivers\SWDUMon.sys ()
DRV - (pctplsg) -- D:\WINDOWS\system32\drivers\pctplsg.sys (PC Tools)
DRV - (PCTSD) -- D:\WINDOWS\system32\drivers\PCTSD.sys (PC Tools)
DRV - (pctgntdi) -- D:\WINDOWS\system32\drivers\pctgntdi.sys (PC Tools)
DRV - (TFSysMon) -- D:\WINDOWS\system32\drivers\TfSysMon.sys (PC Tools)
DRV - (TfFsMon) -- D:\WINDOWS\system32\drivers\TfFsMon.sys (PC Tools)
DRV - (TfNetMon) -- D:\WINDOWS\system32\drivers\TfNetMon.sys (PC Tools)
DRV - (pctEFA) -- D:\WINDOWS\system32\drivers\pctEFA.sys (PC Tools)
DRV - (pctDS) -- D:\WINDOWS\system32\drivers\pctDS.sys (PC Tools)
DRV - (PCTCore) -- D:\WINDOWS\system32\drivers\PCTCore.sys (PC Tools)
DRV - (PCTBD) -- D:\WINDOWS\system32\drivers\PCTBD.sys (PC Tools)
DRV - (Avgtdix) -- D:\WINDOWS\system32\drivers\avgtdix.sys (AVG Technologies CZ, s.r.o.)
DRV - (AVGIDSEH) -- D:\WINDOWS\system32\drivers\AVGIDSEH.sys (AVG Technologies CZ, s.r.o. )
DRV - (htcnprot) -- D:\WINDOWS\system32\drivers\htcnprot.sys (Windows ® Win 7 DDK provider)
DRV - (HTCAND32) -- D:\WINDOWS\system32\drivers\ANDROIDUSB.sys (HTC, Corporation)
DRV - (ALCXWDM) -- D:\WINDOWS\system32\drivers\ALCXWDM.SYS (Realtek Semiconductor Corp.)
DRV - (AgereSoftModem) -- D:\WINDOWS\system32\drivers\AGRSM.sys (Agere Systems)
========== Standard Registry (All) ==========
========== Internet Explorer ==========
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft....k/?LinkId=69157
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft....k/?LinkId=54896
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = [binary data]
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Extensions Off Page = about:NoAdd-ons
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = D:\WINDOWS\system32\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Page_Transitions = 1
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft....k/?LinkId=54896
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Security Risk Page = about:SecurityRisk
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft....k/?LinkId=69157
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,CustomizeSearch = http://ie.search.msn...st/srchcust.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://ie.search.msn...st/srchasst.htm
IE - HKLM\..\SearchScopes,DefaultScope = {D2BB3E5F-2358-4657-8DFA-4FB57706ABA8}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://search.live.c...ferrer:source?}
IE - HKLM\..\SearchScopes\{D2BB3E5F-2358-4657-8DFA-4FB57706ABA8}: "URL" = http://www.google.co...g}&sourceid=ie7
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = D:\WINDOWS\system32\blank.htm
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Page_Transitions = 1
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft...=ie&ar=iesearch
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.msn.com/
IE - HKCU\..\URLSearchHook: {81017EA9-9AA8-4A6A-9734-7AF40E7D593F} - D:\Program Files\Yahoo!\Companion\Installs\cpn1\yt.dll (Yahoo! Inc.)
IE - HKCU\..\URLSearchHook: {E38FA08E-F56A-4169-ABF5-5C71E3C153A1} - D:\Program Files\Freeze.com\NetAssistant\NetAssistant.dll (W3i, LLC)
IE - HKCU\..\SearchScopes,DefaultScope = {D2BB3E5F-2358-4657-8DFA-4FB57706ABA8}
IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/...Box&FORM=IE8SRC
IE - HKCU\..\SearchScopes\{68418CC1-98F1-4D11-BE34-9700CAECF054}: "URL" = http://us.yhs4.searc...417,18807,0,8,0
IE - HKCU\..\SearchScopes\{95B7759C-8C7F-4BF1-B163-73684A933233}: "URL" = http://isearch.avg.c...sa&d=2012-07-06 20:05:17&v=11.1.0.12&sap=dsp&q={searchTerms}
IE - HKCU\..\SearchScopes\{D2BB3E5F-2358-4657-8DFA-4FB57706ABA8}: "URL" = http://www.google.co...1I7RNQM_enUS485
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
========== FireFox ==========
FF - HKLM\Software\MozillaPlugins\@avg.com/AVG SiteSafety plugin,version=11.0.0.1,application/x-avg-sitesafety-plugin: D:\Program Files\Common Files\AVG Secure Search\SiteSafetyInstaller\11.2.0\\npsitesafety.dll ()
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Java\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: d:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: D:\Program Files\Google\Update\1.3.21.115\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: D:\Program Files\Google\Update\1.3.21.115\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: D:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKCU\Software\MozillaPlugins\@unity3d.com/UnityPlayer,version=1.0: D:\Documents and Settings\kimosabe\Local Settings\Application Data\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS)
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{1E73965B-8B48-48be-9C8D-68B920ABC1C4}: D:\Program Files\AVG\AVG2012\Firefox4\ [2012/02/01 10:26:00 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\avg@toolbar: D:\Documents and Settings\All Users\Application Data\AVG Secure Search\11.1.0.12\ [2012/07/06 20:05:28 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{cb84136f-9c44-433a-9048-c5cd9df1dc16}: D:\Program Files\PC Tools\PC Tools Security\BDT\Firefox\ [2012/01/28 20:49:21 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\[email protected]: C:\Java\lib\deploy\jqs\ff [2012/01/29 11:44:09 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{20a82645-c095-46ed-80e3-08825760534b}: d:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\ [2012/04/10 03:04:30 | 000,000,000 | ---D | M]
========== Chrome ==========
CHR - Extension: No name found = D:\Documents and Settings\kimosabe\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\
CHR - Extension: No name found = D:\Documents and Settings\kimosabe\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.19_0\
CHR - Extension: No name found = D:\Documents and Settings\kimosabe\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\geggofhlfbcmanadhknllmlajiafopoh\1.1_0\
CHR - Extension: No name found = D:\Documents and Settings\kimosabe\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\jmfkcklnlgedgbglfkkgedjfmejoahla\12.0.0.1901_0\
CHR - Extension: No name found = D:\Documents and Settings\kimosabe\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\
O1 HOSTS File: ([2004/08/04 06:00:00 | 000,000,734 | ---- | M]) - D:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (&Yahoo! Toolbar Helper) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - D:\Program Files\Yahoo!\Companion\Installs\cpn1\yt.dll (Yahoo! Inc.)
O2 - BHO: (no name) - {1036AD63-AEAC-460B-9060-C96005D4DC86} - No CLSID value found.
O2 - BHO: (Adobe PDF Link Helper) - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - D:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)
O2 - BHO: (Incredibar-Games EN Toolbar) - {238d4b4c-d63c-42a7-b6d8-dc96c8c0f5b9} - D:\Program Files\Incredibar-Games_EN\prxtbIncr.dll (Conduit Ltd.)
O2 - BHO: (PC Tools Browser Defender BHO) - {2A0F3D1B-0909-4FF4-B272-609CCE6054E7} - D:\Program Files\PC Tools\PC Tools Security\BDT\PCTBrowserDefender.dll (Threat Expert Ltd.)
O2 - BHO: (AVG Safe Search) - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - D:\Program Files\AVG\AVG2012\avgssie.dll (AVG Technologies CZ, s.r.o.)
O2 - BHO: (Groove GFS Browser Helper) - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - D:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll (Microsoft Corporation)
O2 - BHO: (Java Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Java\bin\ssv.dll (Sun Microsystems, Inc.)
O2 - BHO: (AVG Security Toolbar) - {95B7759C-8C7F-4BF1-B163-73684A933233} - D:\Program Files\AVG Secure Search\11.1.0.12\AVG Secure Search_toolbar.dll ()
O2 - BHO: (Privacy Safeguard BHO) - {A42D2EB4-DD31-4BB5-8AA5-8D4E04806DBE} - D:\Program Files\PrivacySafeGuard\PrivacySafeGuard.dll (PrivaceySafeguard)
O2 - BHO: (Google Toolbar Helper) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - D:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
O2 - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - D:\Program Files\Google\GoogleToolbarNotifier\5.7.7227.1100\swg.dll (Google Inc.)
O2 - BHO: (Java Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Java\bin\jp2ssv.dll (Sun Microsystems, Inc.)
O2 - BHO: (NetAssistant) - {E38FA08E-F56A-4169-ABF5-5C71E3C153A1} - D:\Program Files\Freeze.com\NetAssistant\NetAssistant.dll (W3i, LLC)
O2 - BHO: (JQSIEStartDetectorImpl Class) - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Java\lib\deploy\jqs\ie\jqs_plugin.dll (Sun Microsystems, Inc.)
O3 - HKLM\..\Toolbar: (Google Toolbar) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - D:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
O3 - HKLM\..\Toolbar: (Incredibar-Games EN Toolbar) - {238d4b4c-d63c-42a7-b6d8-dc96c8c0f5b9} - D:\Program Files\Incredibar-Games_EN\prxtbIncr.dll (Conduit Ltd.)
O3 - HKLM\..\Toolbar: (PC Tools Browser Defender) - {472734EA-242A-422B-ADF8-83D1E48CC825} - D:\Program Files\PC Tools\PC Tools Security\BDT\PCTBrowserDefender.dll (Threat Expert Ltd.)
O3 - HKLM\..\Toolbar: (AVG Security Toolbar) - {95B7759C-8C7F-4BF1-B163-73684A933233} - D:\Program Files\AVG Secure Search\11.1.0.12\AVG Secure Search_toolbar.dll ()
O3 - HKLM\..\Toolbar: (Yahoo! Toolbar) - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - D:\Program Files\Yahoo!\Companion\Installs\cpn1\yt.dll (Yahoo! Inc.)
O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (&Address) - {01E04581-4EEE-11D0-BFE9-00AA005B4383} - D:\WINDOWS\system32\browseui.dll (Microsoft Corporation)
O3 - HKCU\..\Toolbar\WebBrowser: (&Links) - {0E5CBF21-D15F-11D0-8301-00AA005B4383} - D:\WINDOWS\system32\shell32.dll (Microsoft Corporation)
O3 - HKCU\..\Toolbar\WebBrowser: (Google Toolbar) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - D:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
O3 - HKCU\..\Toolbar\WebBrowser: (Incredibar-Games EN Toolbar) - {238D4B4C-D63C-42A7-B6D8-DC96C8C0F5B9} - D:\Program Files\Incredibar-Games_EN\prxtbIncr.dll (Conduit Ltd.)
O3 - HKCU\..\Toolbar\WebBrowser: (PC Tools Browser Defender) - {472734EA-242A-422B-ADF8-83D1E48CC825} - D:\Program Files\PC Tools\PC Tools Security\BDT\PCTBrowserDefender.dll (Threat Expert Ltd.)
O4 - HKLM..\Run: [Adobe ARM] D:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [AGRSMMSG] D:\WINDOWS\AGRSMMSG.exe (Agere Systems)
O4 - HKLM..\Run: [AlcxMonitor] D:\WINDOWS\ALCXMNTR.EXE (Realtek Semiconductor Corp.)
O4 - HKLM..\Run: [AVG_TRAY] D:\Program Files\AVG\AVG2012\avgtray.exe (AVG Technologies CZ, s.r.o.)
O4 - HKLM..\Run: [EEventManager] D:\Program Files\Epson Software\Event Manager\EEventManager.exe (SEIKO EPSON CORPORATION)
O4 - HKLM..\Run: [GrooveMonitor] D:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe (Microsoft Corporation)
O4 - HKLM..\Run: [HF_G_Jul] D:\Program Files\AVG Secure Search\HF_G_Jul.exe ()
O4 - HKLM..\Run: [HTC Sync Loader] D:\Program Files\HTC\HTC Sync 3.0\htcUPCTLoader.exe ()
O4 - HKLM..\Run: [ISTray] D:\Program Files\PC Tools\PC Tools Security\pctsGui.exe (PC Tools)
O4 - HKLM..\Run: [ROC_roc_dec12] "D:\Program Files\AVG Secure Search\ROC_roc_dec12.exe" /PROMPT /CMPID=roc_dec12 File not found
O4 - HKLM..\Run: [SunJavaUpdateSched] D:\Program Files\Common Files\Java\Java Update\jusched.exe (Sun Microsystems, Inc.)
O4 - HKLM..\Run: [vProt] D:\Program Files\AVG Secure Search\vprot.exe ()
O4 - HKLM..\Run: [VTTimer] D:\WINDOWS\System32\VTTimer.exe (S3 Graphics, Inc.)
O4 - HKCU..\Run: [ctfmon.exe] D:\WINDOWS\system32\ctfmon.exe (Microsoft Corporation)
O4 - HKCU..\Run: [DriverUpdate] D:\Program Files\DriverUpdate\DriverUpdate.exe (SlimWare Utilities, Inc.)
O4 - HKCU..\Run: [EPSON NX125 NX127 Series] D:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATIGGA.EXE (SEIKO EPSON CORPORATION)
O4 - HKCU..\Run: [InstallIQUpdater] D:\Program Files\W3i\InstallIQUpdater\InstallIQUpdater.exe (W3i, LLC)
O4 - HKCU..\Run: [swg] D:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe (Google Inc.)
O4 - Startup: D:\Documents and Settings\kimosabe\Start Menu\Programs\Startup\OneNote 2007 Screen Clipper and Launcher.lnk = D:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE (Microsoft Corporation)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: dontdisplaylastusername = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticecaption =
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticetext =
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: shutdownwithoutlogon = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: undockwithoutlogon = 1
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O9 - Extra Button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - D:\Program Files\Microsoft Office\Office12\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - D:\Program Files\Microsoft Office\Office12\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - D:\Program Files\Microsoft Office\Office12\REFIEBAR.DLL (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - D:\WINDOWS\network diagnostic\xpnetdiag.exe (Microsoft Corporation)
O9 - Extra Button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - D:\Program Files\Messenger\msmsgs.exe (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - D:\Program Files\Messenger\msmsgs.exe (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000001 [] - D:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000002 [] - D:\WINDOWS\system32\winrnr.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000003 [] - D:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000001 - D:\Program Files\Common Files\PC Tools\Lsp\PCTLsp.dll (PC Tools Research Pty Ltd.)
O10 - Protocol_Catalog9\Catalog_Entries\000000000002 - D:\Program Files\Common Files\PC Tools\Lsp\PCTLsp.dll (PC Tools Research Pty Ltd.)
O10 - Protocol_Catalog9\Catalog_Entries\000000000003 - D:\Program Files\Common Files\PC Tools\Lsp\PCTLsp.dll (PC Tools Research Pty Ltd.)
O10 - Protocol_Catalog9\Catalog_Entries\000000000004 - D:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000005 - D:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000006 - D:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000007 - D:\WINDOWS\system32\rsvpsp.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000008 - D:\WINDOWS\system32\rsvpsp.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000009 - D:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000010 - D:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000011 - D:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000012 - D:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000013 - D:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000014 - D:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000015 - D:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000016 - D:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000017 - D:\Program Files\Common Files\PC Tools\Lsp\PCTLsp.dll (PC Tools Research Pty Ltd.)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_30)
O16 - DPF: {BEA7310D-06C4-4339-A784-DC3804819809} http://mywayphotos.r...veX_Control.cab (Photo Upload Plugin Class)
O16 - DPF: {CAFEEFAC-0016-0000-0030-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_30)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_30)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 75.75.76.76 75.75.75.75
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{604276C3-CEAB-4AF2-8578-D0EF202A8A9D}: DhcpNameServer = 75.75.76.76 75.75.75.75
O18 - Protocol\Handler\about {3050F406-98B5-11CF-BB82-00AA00BDCE0B} - D:\WINDOWS\system32\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\cdl {3dd53d40-7b8b-11D0-b013-00aa0059ce02} - D:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\dvd {12D51199-0DB5-46FE-A120-47A3D7D937CC} - D:\WINDOWS\system32\msvidctl.dll (Microsoft Corporation)
O18 - Protocol\Handler\file {79eac9e7-baf9-11ce-8c82-00aa004ba90b} - D:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\ftp {79eac9e3-baf9-11ce-8c82-00aa004ba90b} - D:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\gopher {79eac9e4-baf9-11ce-8c82-00aa004ba90b} - D:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\grooveLocalGWS {88FED34C-F0CA-4636-A375-3CB6248B04CD} - D:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll (Microsoft Corporation)
O18 - Protocol\Handler\http {79eac9e2-baf9-11ce-8c82-00aa004ba90b} - D:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\http\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - D:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\http\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - D:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\https {79eac9e5-baf9-11ce-8c82-00aa004ba90b} - D:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\https\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - D:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\https\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - D:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\ipp - No CLSID value found
O18 - Protocol\Handler\ipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - D:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\its {9D148291-B9C8-11D0-A4CC-0000F80149F6} - D:\WINDOWS\system32\itss.dll (Microsoft Corporation)
O18 - Protocol\Handler\javascript {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} - D:\WINDOWS\system32\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\linkscanner {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - D:\Program Files\AVG\AVG2012\avgpp.dll (AVG Technologies CZ, s.r.o.)
O18 - Protocol\Handler\local {79eac9e7-baf9-11ce-8c82-00aa004ba90b} - D:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\mailto {3050f3DA-98B5-11CF-BB82-00AA00BDCE0B} - D:\WINDOWS\system32\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\mhtml {05300401-BCBC-11d0-85E3-00C04FD85AB4} - D:\WINDOWS\system32\inetcomm.dll (Microsoft Corporation)
O18 - Protocol\Handler\mk {79eac9e6-baf9-11ce-8c82-00aa004ba90b} - D:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp - No CLSID value found
O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - D:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - D:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - D:\Program Files\Common Files\Microsoft Shared\Help\hxds.dll (Microsoft Corporation)
O18 - Protocol\Handler\ms-its {9D148291-B9C8-11D0-A4CC-0000F80149F6} - D:\WINDOWS\system32\itss.dll (Microsoft Corporation)
O18 - Protocol\Handler\res {3050F3BC-98B5-11CF-BB82-00AA00BDCE0B} - D:\WINDOWS\system32\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\sysimage {76E67A63-06E9-11D2-A840-006008059382} - D:\WINDOWS\system32\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\tv {CBD30858-AF45-11D2-B6D6-00C04FBBDE6E} - D:\WINDOWS\system32\msvidctl.dll (Microsoft Corporation)
O18 - Protocol\Handler\vbscript {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} - D:\WINDOWS\system32\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\viprotocol {B658800C-F66E-4EF3-AB85-6C0C227862A9} - D:\Program Files\Common Files\AVG Secure Search\ViProtocolInstaller\11.2.0\ViProtocol.dll ()
O18 - Protocol\Handler\wia {13F3EA8B-91D7-4F0A-AD76-D2853AC8BECE} - D:\WINDOWS\system32\wiascr.dll (Microsoft Corporation)
O18 - Protocol\Filter\application/octet-stream {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - D:\WINDOWS\System32\mscoree.dll (Microsoft Corporation)
O18 - Protocol\Filter\application/x-complus {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - D:\WINDOWS\System32\mscoree.dll (Microsoft Corporation)
O18 - Protocol\Filter\application/x-msdownload {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - D:\WINDOWS\System32\mscoree.dll (Microsoft Corporation)
O18 - Protocol\Filter\Class Install Handler {32B533BB-EDAE-11d0-BD5A-00AA00B92AF1} - D:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Filter\deflate {8f6b0360-b80d-11d0-a9b3-006097942311} - D:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Filter\gzip {8f6b0360-b80d-11d0-a9b3-006097942311} - D:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Filter\lzdhtml {8f6b0360-b80d-11d0-a9b3-006097942311} - D:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Filter\text/webviewhtml {733AC4CB-F1A4-11d0-B951-00A0C90312E1} - D:\WINDOWS\system32\shell32.dll (Microsoft Corporation)
O18 - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - D:\Program Files\Common Files\Microsoft Shared\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - D:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (D:\WINDOWS\system32\userinit.exe) - D:\WINDOWS\system32\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UIHost - (logonui.exe) - D:\WINDOWS\System32\logonui.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (rundll32 shell32) - D:\WINDOWS\System32\shell32.dll (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (Control_RunDLL "sysdm.cpl") - D:\WINDOWS\System32\sysdm.cpl (Microsoft Corporation)
O20 - Winlogon\Notify\crypt32chain: DllName - (crypt32.dll) - D:\WINDOWS\System32\crypt32.dll (Microsoft Corporation)
O20 - Winlogon\Notify\cryptnet: DllName - (cryptnet.dll) - D:\WINDOWS\System32\cryptnet.dll (Microsoft Corporation)
O20 - Winlogon\Notify\cscdll: DllName - (cscdll.dll) - D:\WINDOWS\System32\cscdll.dll (Microsoft Corporation)
O20 - Winlogon\Notify\dimsntfy: DllName - (%SystemRoot%\System32\dimsntfy.dll) - D:\WINDOWS\system32\dimsntfy.dll (Microsoft Corporation)
O20 - Winlogon\Notify\ScCertProp: DllName - (wlnotify.dll) - D:\WINDOWS\System32\wlnotify.dll (Microsoft Corporation)
O20 - Winlogon\Notify\Schedule: DllName - (wlnotify.dll) - D:\WINDOWS\System32\wlnotify.dll (Microsoft Corporation)
O20 - Winlogon\Notify\sclgntfy: DllName - (sclgntfy.dll) - D:\WINDOWS\System32\sclgntfy.dll (Microsoft Corporation)
O20 - Winlogon\Notify\SensLogn: DllName - (WlNotify.dll) - D:\WINDOWS\System32\wlnotify.dll (Microsoft Corporation)
O20 - Winlogon\Notify\termsrv: DllName - (wlnotify.dll) - D:\WINDOWS\System32\wlnotify.dll (Microsoft Corporation)
O20 - Winlogon\Notify\wlballoon: DllName - (wlnotify.dll) - D:\WINDOWS\System32\wlnotify.dll (Microsoft Corporation)
O21 - SSODL: CDBurn - {fbeb8a05-beee-4442-804e-409d6c4515e9} - D:\WINDOWS\system32\shell32.dll (Microsoft Corporation)
O21 - SSODL: PostBootReminder - {7849596a-48ea-486e-8937-a2a3009f31a9} - D:\WINDOWS\system32\shell32.dll (Microsoft Corporation)
O21 - SSODL: SysTray - {35CEC8A3-2BE6-11D2-8773-92E220524153} - D:\WINDOWS\system32\stobject.dll (Microsoft Corporation)
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - D:\WINDOWS\system32\webcheck.dll (Microsoft Corporation)
O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - D:\WINDOWS\system32\WPDShServiceObj.dll (Microsoft Corporation)
O22 - SharedTaskScheduler: {438755C2-A8BA-11D1-B96B-00A0C90312E1} - Browseui preloader - D:\WINDOWS\system32\browseui.dll (Microsoft Corporation)
O22 - SharedTaskScheduler: {8C7461EF-2B13-11d2-BE35-3078302C2030} - Component Categories cache daemon - D:\WINDOWS\system32\browseui.dll (Microsoft Corporation)
O24 - Desktop Components:0 (My Current Home Page) - About:Home
O24 - Desktop Components:1 () - http://windowsupdate.microsoft.com/
O24 - Desktop WallPaper: D:\Documents and Settings\kimosabe\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O24 - Desktop BackupWallPaper: D:\Documents and Settings\kimosabe\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O28 - HKLM ShellExecuteHooks: {AEB6717E-7E19-11d0-97EE-00C04FD91972} - D:\WINDOWS\System32\shell32.dll (Microsoft Corporation)
O28 - HKLM ShellExecuteHooks: {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - D:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll (Microsoft Corporation)
O29 - HKLM SecurityProviders - (msapsspc.dll) - D:\WINDOWS\System32\msapsspc.dll (Microsoft Corporation)
O29 - HKLM SecurityProviders - (schannel.dll) - D:\WINDOWS\System32\schannel.dll (Microsoft Corporation)
O29 - HKLM SecurityProviders - (digest.dll) - D:\WINDOWS\System32\digest.dll (Microsoft Corporation)
O29 - HKLM SecurityProviders - (msnsspc.dll) - D:\WINDOWS\System32\msnsspc.dll (Microsoft Corporation)
O30 - LSA: Authentication Packages - (msv1_0) - D:\WINDOWS\System32\msv1_0.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (kerberos) - D:\WINDOWS\System32\kerberos.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (msv1_0) - D:\WINDOWS\System32\msv1_0.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (schannel) - D:\WINDOWS\System32\schannel.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (wdigest) - D:\WINDOWS\System32\wdigest.dll (Microsoft Corporation)
O31 - SafeBoot: AlternateShell - cmd.exe
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2012/01/26 11:08:58 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O32 - AutoRun File - [2001/01/12 07:57:52 | 000,029,962 | R--- | M] () - E:\AUTOEXIT.TGA -- [ CDFS ]
O32 - AutoRun File - [2001/01/12 07:57:52 | 000,029,962 | R--- | M] () - E:\AUTOHELP.TGA -- [ CDFS ]
O32 - AutoRun File - [2001/01/12 07:57:52 | 000,029,962 | R--- | M] () - E:\AUTOINST.TGA -- [ CDFS ]
O32 - AutoRun File - [2001/01/26 08:55:26 | 000,173,612 | R--- | M] () - E:\AUTOMENU.TGA -- [ CDFS ]
O32 - AutoRun File - [2001/01/12 07:57:54 | 000,029,962 | R--- | M] () - E:\AUTOPLAY.TGA -- [ CDFS ]
O32 - AutoRun File - [2001/02/20 17:00:18 | 000,262,144 | R--- | M] () - E:\AUTORUN.EXE -- [ CDFS ]
O32 - AutoRun File - [2000/12/27 13:22:24 | 000,000,129 | R--- | M] () - E:\AUTORUN.INF -- [ CDFS ]
O32 - AutoRun File - [2001/01/12 07:58:00 | 000,029,962 | R--- | M] () - E:\AUTOWEB.TGA -- [ CDFS ]
O33 - MountPoints2\{8d08c778-47eb-11e1-8e5d-806d6172696f}\Shell - "" = AutoRun
O33 - MountPoints2\{8d08c778-47eb-11e1-8e5d-806d6172696f}\Shell\AutoRun - "" = Auto&Play
O33 - MountPoints2\{8d08c778-47eb-11e1-8e5d-806d6172696f}\Shell\AutoRun\command - "" = E:\AUTORUN.EXE -- [2001/02/20 17:00:18 | 000,262,144 | R--- | M] ()
O33 - MountPoints2\{8d08c778-47eb-11e1-8e5d-806d6172696f}\Shell\directx\command - "" = E:\DIRECTX\DXSETUP.EXE -- [2000/12/21 08:41:20 | 000,322,320 | R--- | M] (Microsoft Corporation)
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
========== Files/Folders - Created Within 30 Days ==========
[2012/07/24 08:10:15 | 000,596,480 | ---- | C] (OldTimer Tools) -- D:\Documents and Settings\kimosabe\Desktop\OTL.exe
[2012/07/23 12:59:27 | 000,000,000 | ---D | C] -- D:\Documents and Settings\LocalService\Application Data\Macromedia
[2012/07/23 12:59:24 | 000,000,000 | ---D | C] -- D:\Documents and Settings\LocalService\Application Data\Adobe
[2012/07/23 10:32:27 | 000,000,000 | ---D | C] -- D:\WINDOWS\LastGood
[2012/07/22 20:20:44 | 000,000,000 | ---D | C] -- D:\_OTM
[2012/07/22 19:59:46 | 000,000,000 | ---D | C] -- D:\WINDOWS\ERDNT
[2012/07/22 19:57:57 | 000,000,000 | ---D | C] -- D:\Documents and Settings\kimosabe\Desktop\erunt
[2012/07/15 19:07:47 | 000,000,000 | ---D | C] -- D:\Documents and Settings\NetworkService\Application Data\Macromedia
[2012/07/15 19:07:36 | 000,000,000 | ---D | C] -- D:\Documents and Settings\NetworkService\Application Data\Adobe
[2012/07/12 18:35:33 | 000,000,000 | ---D | C] -- D:\WINDOWS\Desktop
[2012/07/12 18:35:32 | 000,000,000 | ---D | C] -- D:\Documents and Settings\kimosabe\Start Menu\Programs\Hooked on Phonics Learning
[2012/07/12 18:35:29 | 000,000,000 | ---D | C] -- D:\Program Files\Hooked on Phonics Learning
[2012/07/12 18:20:54 | 000,283,648 | ---- | C] (Stirling Technologies, Inc.) -- D:\WINDOWS\uninst.exe
[2012/07/12 18:20:52 | 000,000,000 | ---D | C] -- D:\Documents and Settings\kimosabe\WINDOWS
[2012/07/07 18:08:49 | 000,574,424 | --S- | C] (PC Tools) -- D:\WINDOWS\System32\drivers\TfSysMon.sys
[2012/07/07 18:08:49 | 000,054,328 | --S- | C] (PC Tools) -- D:\WINDOWS\System32\drivers\TfFsMon.sys
[2012/07/07 18:08:49 | 000,035,264 | --S- | C] (PC Tools) -- D:\WINDOWS\System32\drivers\TfNetMon.sys
[2012/07/07 18:08:16 | 000,000,000 | ---D | C] -- D:\Documents and Settings\kimosabe\Application Data\PCTools
[2012/07/06 20:05:10 | 000,000,000 | ---D | C] -- D:\Program Files\AVG Secure Search
[2012/07/06 20:04:30 | 000,000,000 | ---D | C] -- D:\Documents and Settings\kimosabe\Local Settings\Application Data\SlimWare Utilities Inc
[2012/07/06 20:04:23 | 000,000,000 | ---D | C] -- D:\Program Files\DriverUpdate
[2012/07/06 20:04:23 | 000,000,000 | ---D | C] -- D:\Documents and Settings\All Users\Start Menu\Programs\DriverUpdate
[2012/07/06 20:04:18 | 000,000,000 | ---D | C] -- D:\Documents and Settings\All Users\Documents\Downloaded Installers
[2012/07/06 10:20:15 | 000,000,000 | ---D | C] -- D:\Documents and Settings\kimosabe\My Documents\tough kid toolbox
[2012/07/05 16:47:53 | 000,000,000 | ---D | C] -- D:\Documents and Settings\All Users\Application Data\PopCap Games
[2012/07/05 12:39:48 | 000,000,000 | ---D | C] -- D:\Documents and Settings\All Users\Application Data\Systweak
[2012/07/04 17:50:21 | 000,000,000 | ---D | C] -- D:\Documents and Settings\kimosabe\Application Data\Systweak
[2012/06/25 08:23:12 | 000,000,000 | ---D | C] -- D:\Documents and Settings\kimosabe\Desktop\Unused Desktop Shortcuts
[4 D:\WINDOWS\System32\*.tmp files -> D:\WINDOWS\System32\*.tmp -> ]
[4 D:\WINDOWS\*.tmp files -> D:\WINDOWS\*.tmp -> ]
========== Files - Modified Within 30 Days ==========
[2012/07/24 08:11:07 | 000,596,480 | ---- | M] (OldTimer Tools) -- D:\Documents and Settings\kimosabe\Desktop\OTL.exe
[2012/07/24 08:08:01 | 000,000,830 | ---- | M] () -- D:\WINDOWS\tasks\Adobe Flash Player Updater.job
[2012/07/24 07:34:05 | 000,000,890 | ---- | M] () -- D:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
[2012/07/24 01:36:53 | 000,001,324 | ---- | M] () -- D:\WINDOWS\System32\d3d9caps.dat
[2012/07/23 18:34:08 | 000,000,886 | ---- | M] () -- D:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
[2012/07/23 12:36:12 | 000,000,374 | ---- | M] () -- D:\WINDOWS\tasks\AVG PC Tuneup Integrator Start On kimosabe Logon.job
[2012/07/23 10:33:38 | 000,907,930 | ---- | M] () -- D:\WINDOWS\System32\drivers\Cat.DB
[2012/07/23 10:29:51 | 000,013,024 | ---- | M] () -- D:\WINDOWS\System32\drivers\SWDUMon.sys
[2012/07/23 10:28:44 | 000,002,048 | --S- | M] () -- D:\WINDOWS\bootstat.dat
[2012/07/22 20:02:19 | 000,013,646 | ---- | M] () -- D:\WINDOWS\System32\wpa.dbl
[2012/07/22 20:02:16 | 000,267,800 | ---- | M] () -- D:\WINDOWS\System32\FNTCACHE.DAT
[2012/07/22 19:57:48 | 000,513,320 | ---- | M] () -- D:\Documents and Settings\kimosabe\Desktop\erunt.zip
[2012/07/22 19:56:43 | 000,000,512 | ---- | M] () -- D:\Documents and Settings\kimosabe\Desktop\MBR.dat
[2012/07/16 09:16:40 | 000,230,840 | R--- | M] (Coupons, Inc.) -- D:\WINDOWS\System32\cpnprt2.cid
[2012/07/13 20:26:11 | 000,339,194 | ---- | M] () -- D:\Documents and Settings\kimosabe\Desktop\bkgetcertificate.aspx
[2012/07/12 18:58:07 | 000,000,205 | ---- | M] () -- D:\WINDOWS\Hop.ini
[2012/07/12 09:08:23 | 000,426,184 | ---- | M] (Adobe Systems Incorporated) -- D:\WINDOWS\System32\FlashPlayerApp.exe
[2012/07/12 09:08:23 | 000,070,344 | ---- | M] (Adobe Systems Incorporated) -- D:\WINDOWS\System32\FlashPlayerCPLApp.cpl
[2012/07/12 09:08:19 | 009,226,440 | ---- | M] (Adobe Systems Incorporated) -- D:\WINDOWS\System32\FlashPlayerInstaller.exe
[2012/07/12 03:06:38 | 000,001,374 | ---- | M] () -- D:\WINDOWS\imsins.BAK
[2012/07/11 15:36:46 | 000,001,813 | ---- | M] () -- D:\Documents and Settings\All Users\Desktop\Google Chrome.lnk
[2012/07/06 09:26:02 | 000,000,016 | ---- | M] () -- D:\WINDOWS\popcinfot.dat
[2012/07/05 16:47:23 | 000,000,870 | ---- | M] () -- D:\Documents and Settings\All Users\Desktop\Peggle Deluxe.lnk
[2012/07/05 16:47:23 | 000,000,194 | ---- | M] () -- D:\Documents and Settings\All Users\Desktop\Play More Great Games!.url
[2012/07/03 09:45:38 | 000,062,824 | ---- | M] () -- D:\Documents and Settings\kimosabe\Desktop\movies.jpg
[2012/06/24 10:51:28 | 000,010,478 | ---- | M] () -- D:\Documents and Settings\kimosabe\Desktop\Zombatar_3.jpg
[4 D:\WINDOWS\System32\*.tmp files -> D:\WINDOWS\System32\*.tmp -> ]
[4 D:\WINDOWS\*.tmp files -> D:\WINDOWS\*.tmp -> ]
========== Files Created - No Company Name ==========
[2012/07/22 19:57:46 | 000,513,320 | ---- | C] () -- D:\Documents and Settings\kimosabe\Desktop\erunt.zip
[2012/07/22 19:56:43 | 000,000,512 | ---- | C] () -- D:\Documents and Settings\kimosabe\Desktop\MBR.dat
[2012/07/13 20:26:05 | 000,339,194 | ---- | C] () -- D:\Documents and Settings\kimosabe\Desktop\bkgetcertificate.aspx
[2012/07/12 18:35:31 | 000,000,205 | ---- | C] () -- D:\WINDOWS\Hop.ini
[2012/07/06 20:04:33 | 000,013,024 | ---- | C] () -- D:\WINDOWS\System32\drivers\SWDUMon.sys
[2012/07/05 16:47:23 | 000,000,870 | ---- | C] () -- D:\Documents and Settings\All Users\Desktop\Peggle Deluxe.lnk
[2012/07/05 16:47:23 | 000,000,194 | ---- | C] () -- D:\Documents and Settings\All Users\Desktop\Play More Great Games!.url
[2012/07/03 09:46:24 | 000,062,824 | ---- | C] () -- D:\Documents and Settings\kimosabe\Desktop\movies.jpg
[2012/06/24 10:51:28 | 000,010,478 | ---- | C] () -- D:\Documents and Settings\kimosabe\Desktop\Zombatar_3.jpg
[2012/04/02 13:57:47 | 000,000,016 | ---- | C] () -- D:\WINDOWS\popcinfot.dat
[2012/04/02 13:57:47 | 000,000,000 | ---- | C] () -- D:\WINDOWS\popcreg.dat
[2012/02/15 02:20:33 | 000,003,072 | ---- | C] () -- D:\WINDOWS\System32\iacenc.dll
[2012/02/04 09:34:23 | 000,000,000 | ---- | C] () -- D:\WINDOWS\PowerReg.dat
[2012/01/30 15:10:32 | 000,000,439 | ---- | C] () -- D:\WINDOWS\hegames.ini
[2012/01/30 14:33:17 | 000,000,057 | ---- | C] () -- D:\WINDOWS\TONKA_GR.INI
[2012/01/28 21:13:34 | 000,000,000 | ---- | C] () -- D:\WINDOWS\EEventManager.INI
[2012/01/28 20:49:18 | 000,767,952 | ---- | C] () -- D:\WINDOWS\BDTSupport.dll
[2012/01/28 17:47:16 | 000,073,220 | ---- | C] () -- D:\WINDOWS\System32\EPPICPrinterDB.dat
[2012/01/28 17:47:16 | 000,031,053 | ---- | C] () -- D:\WINDOWS\System32\EPPICPattern131.dat
[2012/01/28 17:47:16 | 000,029,114 | ---- | C] () -- D:\WINDOWS\System32\EPPICPattern1.dat
[2012/01/28 17:47:16 | 000,027,417 | ---- | C] () -- D:\WINDOWS\System32\EPPICPattern121.dat
[2012/01/28 17:47:16 | 000,021,021 | ---- | C] () -- D:\WINDOWS\System32\EPPICPattern3.dat
[2012/01/28 17:47:16 | 000,015,670 | ---- | C] () -- D:\WINDOWS\System32\EPPICPattern5.dat
[2012/01/28 17:47:16 | 000,013,280 | ---- | C] () -- D:\WINDOWS\System32\EPPICPattern2.dat
[2012/01/28 17:47:16 | 000,010,673 | ---- | C] () -- D:\WINDOWS\System32\EPPICPattern4.dat
[2012/01/28 17:47:16 | 000,004,943 | ---- | C] () -- D:\WINDOWS\System32\EPPICPattern6.dat
[2012/01/28 17:47:16 | 000,001,140 | ---- | C] () -- D:\WINDOWS\System32\EPPICPresetData_PT.dat
[2012/01/28 17:47:16 | 000,001,140 | ---- | C] () -- D:\WINDOWS\System32\EPPICPresetData_BP.dat
[2012/01/28 17:47:16 | 000,001,137 | ---- | C] () -- D:\WINDOWS\System32\EPPICPresetData_ES.dat
[2012/01/28 17:47:16 | 000,001,130 | ---- | C] () -- D:\WINDOWS\System32\EPPICPresetData_FR.dat
[2012/01/28 17:47:16 | 000,001,130 | ---- | C] () -- D:\WINDOWS\System32\EPPICPresetData_CF.dat
[2012/01/28 17:47:16 | 000,001,104 | ---- | C] () -- D:\WINDOWS\System32\EPPICPresetData_EN.dat
[2012/01/28 17:47:16 | 000,000,097 | ---- | C] () -- D:\WINDOWS\System32\PICSDK.ini
[2012/01/28 17:45:39 | 000,000,094 | ---- | C] () -- D:\WINDOWS\ENX125_127.ini
[2012/01/28 17:37:12 | 000,001,324 | ---- | C] () -- D:\WINDOWS\System32\d3d9caps.dat
[2012/01/26 21:12:06 | 000,156,672 | ---- | C] () -- D:\WINDOWS\System32\RtlCPAPI.dll
[2012/01/26 21:12:06 | 000,040,448 | ---- | C] () -- D:\WINDOWS\System32\ChCfg.exe
[2012/01/26 11:10:49 | 000,002,048 | --S- | C] () -- D:\WINDOWS\bootstat.dat
[2012/01/26 11:05:56 | 000,021,640 | ---- | C] () -- D:\WINDOWS\System32\emptyregdb.dat
[2012/01/26 01:25:23 | 000,004,161 | ---- | C] () -- D:\WINDOWS\ODBCINST.INI
[2012/01/26 01:24:10 | 000,267,800 | ---- | C] () -- D:\WINDOWS\System32\FNTCACHE.DAT
========== LOP Check ==========
[2012/07/06 20:05:28 | 000,000,000 | ---D | M] -- D:\Documents and Settings\All Users\Application Data\AVG Secure Search
[2012/01/28 20:03:00 | 000,000,000 | ---D | M] -- D:\Documents and Settings\All Users\Application Data\AVG2012
[2012/01/28 19:55:40 | 000,000,000 | -H-D | M] -- D:\Documents and Settings\All Users\Application Data\Common Files
[2012/04/07 10:47:47 | 000,000,000 | ---D | M] -- D:\Documents and Settings\All Users\Application Data\Driver Manager
[2012/01/28 21:14:07 | 000,000,000 | ---D | M] -- D:\Documents and Settings\All Users\Application Data\EPSON
[2012/07/23 17:30:24 | 000,000,000 | ---D | M] -- D:\Documents and Settings\All Users\Application Data\MFAData
[2012/07/05 16:47:53 | 000,000,000 | ---D | M] -- D:\Documents and Settings\All Users\Application Data\PopCap Games
[2012/04/02 13:58:08 | 000,000,000 | ---D | M] -- D:\Documents and Settings\All Users\Application Data\PopCapY
[2012/07/05 12:39:48 | 000,000,000 | ---D | M] -- D:\Documents and Settings\All Users\Application Data\Systweak
[2012/07/24 08:33:36 | 000,000,000 | ---D | M] -- D:\Documents and Settings\All Users\Application Data\TEMP
[2012/04/28 07:11:52 | 000,000,000 | ---D | M] -- D:\Documents and Settings\All Users\Application Data\W3i
[2012/01/28 20:08:41 | 000,000,000 | ---D | M] -- D:\Documents and Settings\kimosabe\Application Data\AVG
[2012/01/28 19:55:53 | 000,000,000 | ---D | M] -- D:\Documents and Settings\kimosabe\Application Data\AVG Secure Search
[2012/01/28 19:56:34 | 000,000,000 | ---D | M] -- D:\Documents and Settings\kimosabe\Application Data\AVG2012
[2012/03/02 10:22:18 | 000,000,000 | ---D | M] -- D:\Documents and Settings\kimosabe\Application Data\Catalina Marketing Corp
[2012/04/03 07:22:32 | 000,000,000 | ---D | M] -- D:\Documents and Settings\kimosabe\Application Data\Epson
[2012/04/07 11:45:55 | 000,000,000 | ---D | M] -- D:\Documents and Settings\kimosabe\Application Data\HTC
[2012/04/07 12:58:33 | 000,000,000 | ---D | M] -- D:\Documents and Settings\kimosabe\Application Data\HTC.388BC06ACDAB6261375BCE37FBA2E023C0D7EE34.1
[2012/01/28 17:49:52 | 000,000,000 | ---D | M] -- D:\Documents and Settings\kimosabe\Application Data\Leadertech
[2012/01/28 22:01:08 | 000,000,000 | ---D | M] -- D:\Documents and Settings\kimosabe\Application Data\MixVibes
[2012/07/07 18:08:16 | 000,000,000 | ---D | M] -- D:\Documents and Settings\kimosabe\Application Data\PCTools
[2012/07/05 12:39:47 | 000,000,000 | ---D | M] -- D:\Documents and Settings\kimosabe\Application Data\Systweak
[2012/01/28 20:44:17 | 000,000,000 | ---D | M] -- D:\Documents and Settings\kimosabe\Application Data\TestApp
[2012/01/29 10:02:16 | 000,000,000 | ---D | M] -- D:\Documents and Settings\kimosabe\Application Data\Unity
[2012/07/23 12:36:12 | 000,000,374 | ---- | M] () -- D:\WINDOWS\Tasks\AVG PC Tuneup Integrator Start On kimosabe Logon.job
========== Purity Check ==========
========== Alternate Data Streams ==========
@Alternate Data Stream - 206 bytes -> D:\Documents and Settings\All Users\Application Data\TEMP:DFC5A2B2
@Alternate Data Stream - 145 bytes -> D:\Documents and Settings\All Users\Application Data\TEMP:0B4227B4
@Alternate Data Stream - 127 bytes -> D:\Documents and Settings\All Users\Application Data\TEMP:430C6D84
< End of report >
OTL Extras logfile created on: 7/24/2012 8:24:58 AM - Run 1
OTL by OldTimer - Version 3.2.54.1 Folder = D:\Documents and Settings\kimosabe\Desktop
Windows XP Home Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy
1.94 Gb Total Physical Memory | 1.14 Gb Available Physical Memory | 58.67% Memory free
5.29 Gb Paging File | 2.25 Gb Available in Paging File | 42.57% Paging File free
Paging file location(s): D:\pagefile.sys 2046 4092 [binary data]
%SystemDrive% = D: | %SystemRoot% = D:\WINDOWS | %ProgramFiles% = D:\Program Files
Drive C: | 28.62 Gb Total Space | 28.44 Gb Free Space | 99.36% Space Free | Partition Type: NTFS
Drive D: | 465.75 Gb Total Space | 443.39 Gb Free Space | 95.20% Space Free | Partition Type: NTFS
Drive E: | 313.66 Mb Total Space | 0.00 Mb Free Space | 0.00% Space Free | Partition Type: CDFS
Computer Name: SHEPHERD | User Name: kimosabe | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
========== Extra Registry (SafeList) ==========
========== File Associations ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
========== Shell Spawning ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
exefile [open] -- "%1" %*
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
========== Security Center Settings ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"FirstRunDisabled" = 1
"AntiVirusDisableNotify" = 0
"FirewallDisableNotify" = 0
"UpdatesDisableNotify" = 0
"AntiVirusOverride" = 0
"FirewallOverride" = 0
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall]
========== System Restore Settings ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Sr]
"Start" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SrService]
"Start" = 2
========== Firewall Settings ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall" = 1
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1
========== Authorized Applications List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
"%windir%\system32\sessmgr.exe" = %windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019 -- (Microsoft Corporation)
"%windir%\Network Diagnostic\xpnetdiag.exe" = %windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000 -- (Microsoft Corporation)
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"%windir%\system32\sessmgr.exe" = %windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019 -- (Microsoft Corporation)
"%windir%\Network Diagnostic\xpnetdiag.exe" = %windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000 -- (Microsoft Corporation)
"D:\Program Files\Epson Software\Event Manager\EEventManager.exe" = D:\Program Files\Epson Software\Event Manager\EEventManager.exe:*:Enabled:EEventManager.exe -- (SEIKO EPSON CORPORATION)
"E:\Common\Driver Update\EDUPDATE.EXE" = E:\Common\Driver Update\EDUPDATE.EXE:*:Enabled:EPSON Driver Update
"D:\Program Files\AVG\AVG2012\avgmfapx.exe" = D:\Program Files\AVG\AVG2012\avgmfapx.exe:*:Enabled:AVG Installer -- (AVG Technologies CZ, s.r.o.)
"D:\Program Files\AVG\AVG2012\avgnsx.exe" = D:\Program Files\AVG\AVG2012\avgnsx.exe:*:Enabled:Online Shield -- (AVG Technologies CZ, s.r.o.)
"D:\Program Files\AVG\AVG2012\avgdiagex.exe" = D:\Program Files\AVG\AVG2012\avgdiagex.exe:*:Enabled:AVG Diagnostics 2012 -- (AVG Technologies CZ, s.r.o.)
"D:\Program Files\Microsoft Office\Office12\OUTLOOK.EXE" = D:\Program Files\Microsoft Office\Office12\OUTLOOK.EXE:*:Enabled:Microsoft Office Outlook -- (Microsoft Corporation)
"D:\Program Files\Microsoft Office\Office12\GROOVE.EXE" = D:\Program Files\Microsoft Office\Office12\GROOVE.EXE:*:Enabled:Microsoft Office Groove -- (Microsoft Corporation)
"D:\Program Files\Microsoft Office\Office12\ONENOTE.EXE" = D:\Program Files\Microsoft Office\Office12\ONENOTE.EXE:*:Enabled:Microsoft Office OneNote -- (Microsoft Corporation)
========== HKEY_LOCAL_MACHINE Uninstall List ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{03B8AA32-F23C-4178-B8E6-09ECD07EAA47}" = Epson Event Manager
"{05891AC5-DC7A-4B6D-B144-FE0DB96B180A}" = DriverUpdate
"{18455581-E099-4BA8-BC6B-F34B2F06600C}" = Google Toolbar for Internet Explorer
"{196467F1-C11F-4F76-858B-5812ADC83B94}" = MSXML 4.0 SP3 Parser
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{2318C2B1-4965-11d4-9B18-009027A5CD4F}" = Google Toolbar for Internet Explorer
"{26A24AE4-039D-4CA4-87B4-2F83216030FF}" = Java 6 Update 30
"{2B43252C-A1E3-4C47-927C-9F2C276D3515}" = S3GSetup
"{31A559C1-9E4D-423B-9DD3-34A6C5398752}" = HTC BMP USB Driver
"{350C97B0-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP
"{47FA2C44-D148-4DBC-AF60-B91934AA4842}" = Adobe AIR
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4EFC72DA-2314-4E5D-AC8E-1C954CDB8BBF}" = AVG 2012
"{50316C0A-CC2A-460A-9EA5-F486E54AC17D}_is1" = AVG PC Tuneup
"{6D6664A9-3342-4948-9B7E-034EFE366F0F}" = HTC Driver Installer
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{72DF62BD-FF36-424E-AA5F-D89BAFF2C249}" = RollerCoaster Tycoon 2
"{8398852A-7B61-4808-8F58-D0A40D1B2CB6}" = AVG 2012
"{8E1CB0F1-67BF-4052-AA23-FA22E94804C1}" = InstallIQ Updater
"{90120000-0010-0409-0000-0000000FF1CE}" = Microsoft Software Update for Web Folders (English) 12
"{90120000-0015-0409-0000-0000000FF1CE}" = Microsoft Office Access MUI (English) 2007
"{90120000-0015-0409-0000-0000000FF1CE}_ENTERPRISE_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0016-0409-0000-0000000FF1CE}" = Microsoft Office Excel MUI (English) 2007
"{90120000-0016-0409-0000-0000000FF1CE}_ENTERPRISE_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0018-0409-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (English) 2007
"{90120000-0018-0409-0000-0000000FF1CE}_ENTERPRISE_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0019-0409-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (English) 2007
"{90120000-0019-0409-0000-0000000FF1CE}_ENTERPRISE_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001A-0409-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (English) 2007
"{90120000-001A-0409-0000-0000000FF1CE}_ENTERPRISE_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001B-0409-0000-0000000FF1CE}" = Microsoft Office Word MUI (English) 2007
"{90120000-001B-0409-0000-0000000FF1CE}_ENTERPRISE_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-0409-0000-0000000FF1CE}_ENTERPRISE_{1FF96026-A04A-4C3E-B50A-BB7022654D0F}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2007
"{90120000-001F-040C-0000-0000000FF1CE}_ENTERPRISE_{71F055E8-E2C6-4214-BB3D-BFE03561B89E}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-0C0A-0000-0000000FF1CE}" = Microsoft Office Proof (Spanish) 2007
"{90120000-001F-0C0A-0000-0000000FF1CE}_ENTERPRISE_{2314F9A1-126F-45CC-8A5E-DFAF866F3FBC}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-002C-0409-0000-0000000FF1CE}" = Microsoft Office Proofing (English) 2007
"{90120000-0030-0000-0000-0000000FF1CE}" = Microsoft Office Enterprise 2007
"{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0044-0409-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (English) 2007
"{90120000-0044-0409-0000-0000000FF1CE}_ENTERPRISE_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-006E-0409-0000-0000000FF1CE}" = Microsoft Office Shared MUI (English) 2007
"{90120000-006E-0409-0000-0000000FF1CE}_ENTERPRISE_{98333358-268C-4164-B6D4-C96DF5153727}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-00A1-0409-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (English) 2007
"{90120000-00A1-0409-0000-0000000FF1CE}_ENTERPRISE_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-00BA-0409-0000-0000000FF1CE}" = Microsoft Office Groove MUI (English) 2007
"{90120000-00BA-0409-0000-0000000FF1CE}_ENTERPRISE_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0114-0409-0000-0000000FF1CE}" = Microsoft Office Groove Setup Metadata MUI (English) 2007
"{90120000-0114-0409-0000-0000000FF1CE}_ENTERPRISE_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0115-0409-0000-0000000FF1CE}" = Microsoft Office Shared Setup Metadata MUI (English) 2007
"{90120000-0115-0409-0000-0000000FF1CE}_ENTERPRISE_{98333358-268C-4164-B6D4-C96DF5153727}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0117-0409-0000-0000000FF1CE}" = Microsoft Office Access Setup Metadata MUI (English) 2007
"{90120000-0117-0409-0000-0000000FF1CE}_ENTERPRISE_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90140000-2005-0000-0000-0000000FF1CE}" = Microsoft Office File Validation Add-In
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}" = Microsoft .NET Framework 3.0 Service Pack 2
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{AB77DFDE-9949-4AEF-B180-BE322C3E65D0}" = HTC Sync
"{AC76BA86-7AD7-1033-7B44-AA1000000001}" = Adobe Reader X (10.1.3)
"{B820C985-D9F1-45B5-A7F5-0C5863CBEA04}_is1" = Privacy SafeGuard version 1.0
"{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}" = Microsoft .NET Framework 2.0 Service Pack 2
"{C792A75A-2A1F-4991-9B85-291745478A79}" = NetAssistant
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{FB08F381-6533-4108-B7DD-039E11FBC27E}" = Realtek AC'97 Audio
"Adobe AIR" = Adobe AIR
"Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX
"Agere Systems Soft Modem" = Agere Systems PCI Soft Modem
"Amazon Kindle" = Amazon Kindle
"AVG" = AVG 2012
"AVG Secure Search" = AVG Security Toolbar
"Browser Defender_is1" = Browser Defender 4.0
"Coupon Printer for Windows5.0.0.1" = Coupon Printer for Windows
"ENTERPRISE" = Microsoft Office Enterprise 2007
"EPSON NX125 NX127 Series" = EPSON NX125 NX127 Series Printer Uninstall
"EPSON Scanner" = EPSON Scan
"Google Chrome" = Google Chrome
"HOPDKey" = Hooked on Phonics Learn to Read
"ie8" = Windows Internet Explorer 8
"Incredibar-Games_EN Toolbar" = Incredibar-Games EN Toolbar
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"MixVibes Cross - Discover DJ 1.3.2" = Cross - Discover DJ 1.3.2
"MSCompPackV1" = Microsoft Compression Client Pack 1.0 for Windows XP
"MSNINST" = MSN
"Peggle Deluxe" = Peggle Deluxe
"Plants vs. Zombies" = Plants vs. Zombies
"S3" = VIA/S3G Display Driver
"Spyware Doctor" = PC Tools Spyware Doctor 9.0
"Tonka Garage" = Tonka Garage
"VIA/S3G UniChrome Family Win2K/XP Display" = VIA/S3G Display Driver
"VN_VUIns_Rhine_VIA" = VIA Rhine-Family Fast Ethernet Adapter
"VTDisplay" = S3 S3Display
"VTGamma2" = S3 S3Gamma2
"VTInfo2" = S3 S3Info2
"VTOverlay" = S3 S3Overlay
"Wdf01007" = Microsoft Kernel-Mode Driver Framework Feature Pack 1.7
"Windows Media Format Runtime" = Windows Media Format 11 runtime
"Windows Media Player" = Windows Media Player 11
"Windows XP Service Pack" = Windows XP Service Pack 3
"WMFDist11" = Windows Media Format 11 runtime
"wmp11" = Windows Media Player 11
"Wudf01000" = Microsoft User-Mode Driver Framework Feature Pack 1.0
"Yahoo! Companion" = Yahoo! Toolbar
"Yahoo! Software Update" = Yahoo! Software Update
========== HKEY_CURRENT_USER Uninstall List ==========
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"NetAssistant 3.8.3" = Freeze.com NetAssistant
"UnityWebPlayer" = Unity Web Player
========== Last 20 Event Log Errors ==========
[ Application Events ]
Error - 5/1/2012 6:27:55 PM | Computer Name = SHEPHERD | Source = Application Hang | ID = 1002
Description = Hanging application iexplore.exe, version 8.0.6001.18702, hang module
hungapp, version 0.0.0.0, hang address 0x00000000.
Error - 5/15/2012 6:37:10 PM | Computer Name = SHEPHERD | Source = Application Hang | ID = 1002
Description = Hanging application iexplore.exe, version 8.0.6001.18702, hang module
hungapp, version 0.0.0.0, hang address 0x00000000.
Error - 5/15/2012 6:37:12 PM | Computer Name = SHEPHERD | Source = Application Hang | ID = 1002
Description = Hanging application iexplore.exe, version 8.0.6001.18702, hang module
hungapp, version 0.0.0.0, hang address 0x00000000.
Error - 5/15/2012 9:01:28 PM | Computer Name = SHEPHERD | Source = Application Hang | ID = 1002
Description = Hanging application iexplore.exe, version 8.0.6001.18702, hang module
hungapp, version 0.0.0.0, hang address 0x00000000.
Error - 5/15/2012 9:20:25 PM | Computer Name = SHEPHERD | Source = Application Hang | ID = 1002
Description = Hanging application iexplore.exe, version 8.0.6001.18702, hang module
hungapp, version 0.0.0.0, hang address 0x00000000.
Error - 5/16/2012 1:43:28 PM | Computer Name = SHEPHERD | Source = Application Hang | ID = 1002
Description = Hanging application iexplore.exe, version 8.0.6001.18702, hang module
hungapp, version 0.0.0.0, hang address 0x00000000.
Error - 5/16/2012 10:28:48 PM | Computer Name = SHEPHERD | Source = Application Hang | ID = 1002
Description = Hanging application iexplore.exe, version 8.0.6001.18702, hang module
hungapp, version 0.0.0.0, hang address 0x00000000.
Error - 5/21/2012 12:38:56 AM | Computer Name = SHEPHERD | Source = Application Error | ID = 1000
Description = Faulting application e_fatigga.exe, version 7.0.0.0, faulting module
pctlsp.dll, version 9.0.0.909, fault address 0x00004b91.
Error - 6/2/2012 7:11:46 PM | Computer Name = SHEPHERD | Source = Application Hang | ID = 1002
Description = Hanging application iexplore.exe, version 8.0.6001.18702, hang module
hungapp, version 0.0.0.0, hang address 0x00000000.
Error - 6/4/2012 11:03:29 PM | Computer Name = SHEPHERD | Source = Application Hang | ID = 1002
Description = Hanging application iexplore.exe, version 8.0.6001.18702, hang module
hungapp, version 0.0.0.0, hang address 0x00000000.
[ System Events ]
Error - 7/23/2012 2:36:37 PM | Computer Name = SHEPHERD | Source = Service Control Manager | ID = 7031
Description = The Help and Support service terminated unexpectedly. It has done
this 1 time(s). The following corrective action will be taken in 100 milliseconds:
Restart the service.
Error - 7/23/2012 2:36:37 PM | Computer Name = SHEPHERD | Source = Service Control Manager | ID = 7034
Description = The HID Input Service service terminated unexpectedly. It has done
this 1 time(s).
Error - 7/23/2012 2:36:37 PM | Computer Name = SHEPHERD | Source = Service Control Manager | ID = 7034
Description = The Server service terminated unexpectedly. It has done this 1 time(s).
Error - 7/23/2012 2:36:37 PM | Computer Name = SHEPHERD | Source = Service Control Manager | ID = 7034
Description = The Workstation service terminated unexpectedly. It has done this
1 time(s).
Error - 7/23/2012 2:36:37 PM | Computer Name = SHEPHERD | Source = Service Control Manager | ID = 7034
Description = The Network Connections service terminated unexpectedly. It has done
this 1 time(s).
Error - 7/23/2012 2:36:37 PM | Computer Name = SHEPHERD | Source = Service Control Manager | ID = 7034
Description = The Network Location Awareness (NLA) service terminated unexpectedly.
It has done this 1 time(s).
Error - 7/23/2012 2:37:06 PM | Computer Name = SHEPHERD | Source = Service Control Manager | ID = 7032
Description = The Service Control Manager tried to take a corrective action (Restart
the service) after the unexpected termination of the Windows Management Instrumentation
service, but this action failed with the following error: %%1056
Error - 7/23/2012 3:22:25 PM | Computer Name = SHEPHERD | Source = Service Control Manager | ID = 7011
Description = Timeout (30000 milliseconds) waiting for a transaction response from
the stisvc service.
Error - 7/24/2012 7:45:00 AM | Computer Name = SHEPHERD | Source = Service Control Manager | ID = 7023
Description = The Security Center service terminated with the following error: %%8
Error - 7/24/2012 7:45:07 AM | Computer Name = SHEPHERD | Source = Service Control Manager | ID = 7023
Description = The Security Center service terminated with the following error: %%8
< End of report >
Sorry. That is gigantic! TIA!
Iris