heavily infected laptop
Started by
greghoffman
, Aug 20 2010 11:31 PM
#1
Posted 20 August 2010 - 11:31 PM
greghoffman
-
- Member
-
- 439 posts
Member
#2
Posted 21 August 2010 - 12:20 AM
greghoffman
- Topic Starter
-
- Member
-
- 439 posts
Member
my mother n law has had a stroke and her only source of outside interaction is via internet. i noticed her laptop getting slower but lately it keeps having warning popups of viruses and malware in it. she downloads all sorts of games to keepher occupied and i'm sure she downloaded the wrong thing. the problem is this...she is not able to do this on her own...i will need to do it for her and i live 130 miles away. i am here now placing a cry for help. we are in the midwest usa and i hope someone can come to her rescue. i thank you all from the bottom of my heart for any help you can give.
OTL logfile created on: 8/21/2010 1:02:44 AM - Run 1
OTL by OldTimer - Version 3.2.10.0 Folder = C:\Documents and Settings\Valued Customer\Desktop
Windows XP Home Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy
479.00 Mb Total Physical Memory | 126.00 Mb Available Physical Memory | 26.00% Memory free
2.00 Gb Paging File | 1.00 Gb Available in Paging File | 69.00% Paging File free
Paging file location(s): C:\pagefile.sys 1440 1440 [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 74.52 Gb Total Space | 45.46 Gb Free Space | 61.01% Space Free | Partition Type: NTFS
Drive D: | 616.79 Mb Total Space | 0.00 Mb Free Space | 0.00% Space Free | Partition Type: CDFS
E: Drive not present or media not loaded
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded
Computer Name: VALUED-2368BA06
Current User Name: Valued Customer
Logged in as Administrator.
Current Boot Mode: Normal
Scan Mode: Current user
Company Name Whitelist: On
Skip Microsoft Files: On
File Age = 90 Days
Output = Standard
Quick Scan
========== Processes (SafeList) ==========
PRC - [2010/08/21 00:51:21 | 000,575,488 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Valued Customer\Desktop\OTL.exe
PRC - [2010/08/11 18:35:20 | 002,002,432 | ---- | M] (SecurityCoverage Inc.) -- C:\Program Files\SecureIT\SCMonitor\SCUpdateService.exe
PRC - [2010/06/21 16:35:42 | 000,655,360 | ---- | M] (SecurityCoverage Inc.) -- C:\Program Files\SecureIT\SCMonitor\SCMonitorService.exe
PRC - [2010/06/15 12:33:28 | 004,131,328 | ---- | M] (SecurityCoverage Inc.) -- C:\Program Files\SecureIT\SCControlPanel.exe
PRC - [2010/06/09 12:11:16 | 000,378,248 | ---- | M] (LogMeIn, Inc.) -- C:\Program Files\LogMeIn\x86\LMIGuardian.exe
PRC - [2010/03/20 07:39:03 | 000,202,256 | ---- | M] (RealNetworks, Inc.) -- C:\Program Files\Common Files\Real\Update_OB\realsched.exe
PRC - [2009/12/21 14:15:04 | 000,818,288 | ---- | M] (The Weather Channel Interactive, Inc.) -- C:\Program Files\The Weather Channel FW\Desktop\DesktopWeather.exe
PRC - [2009/09/30 20:58:42 | 000,026,464 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Windows Live\Contacts\wlcomm.exe
PRC - [2009/08/21 03:15:32 | 000,900,816 | ---- | M] (Secunia) -- C:\Program Files\Secunia\PSI\psi.exe
PRC - [2008/08/11 13:41:00 | 000,063,048 | ---- | M] (LogMeIn, Inc.) -- C:\Program Files\LogMeIn\x86\LogMeInSystray.exe
PRC - [2008/04/14 07:00:00 | 001,033,728 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
PRC - [2008/04/14 00:42:36 | 000,073,796 | ---- | M] (Smart Link) -- C:\WINDOWS\system32\slserv.exe
PRC - [2007/06/25 09:47:12 | 001,552,680 | ---- | M] (Nero AG) -- C:\Program Files\Nero\Nero 7\InCD\InCDsrv.exe
PRC - [2007/03/15 18:16:42 | 000,454,784 | ---- | M] (Linksys, a Division of Cisco Systems, Inc.) -- C:\Program Files\Linksys EasyLink Advisor\LinksysAgent.exe
PRC - [2005/06/03 02:28:34 | 000,372,809 | ---- | M] (Intel Corporation ) -- C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe
PRC - [2005/06/03 02:25:56 | 000,086,016 | ---- | M] (Intel Corporation) -- C:\Program Files\Intel\Wireless\Bin\EvtEng.exe
PRC - [2005/06/03 02:25:20 | 000,139,264 | ---- | M] (Intel Corporation) -- C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe
========== Modules (SafeList) ==========
MOD - [2010/08/21 00:51:21 | 000,575,488 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Valued Customer\Desktop\OTL.exe
MOD - [2008/04/14 07:00:00 | 000,110,592 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\msscript.ocx
========== Win32 Services (SafeList) ==========
SRV - File not found [On_Demand | Stopped] -- C:\WINDOWS\System32\appmgmts.dll -- (AppMgmt)
SRV - [2010/08/11 18:35:20 | 002,002,432 | ---- | M] (SecurityCoverage Inc.) [Auto | Running] -- C:\Program Files\SecureIT\SCMonitor\SCUpdateService.exe -- (scupdateservice)
SRV - [2010/06/21 16:35:42 | 000,655,360 | ---- | M] (SecurityCoverage Inc.) [Auto | Running] -- C:\Program Files\SecureIT\SCMonitor\SCMonitorService.exe -- (SCMonitor)
SRV - [2010/06/09 12:12:40 | 000,116,104 | ---- | M] (LogMeIn, Inc.) [Disabled | Stopped] -- C:\Program Files\LogMeIn\x86\RaMaint.exe -- (LMIMaint)
SRV - [2010/05/17 12:11:40 | 000,229,376 | ---- | M] (Puran Software) [Disabled | Stopped] -- C:\WINDOWS\System32\PuranDefragS.exe -- (PuranDefrag)
SRV - [2008/08/11 13:41:00 | 000,063,040 | ---- | M] (LogMeIn, Inc.) [Disabled | Stopped] -- C:\Program Files\LogMeIn\x86\LogMeIn.exe -- (LogMeIn)
SRV - [2008/04/14 00:42:36 | 000,073,796 | ---- | M] (Smart Link) [Auto | Running] -- C:\WINDOWS\System32\slserv.exe -- (SLService)
SRV - [2007/06/25 09:47:12 | 001,552,680 | ---- | M] (Nero AG) [Auto | Running] -- C:\Program Files\Nero\Nero 7\InCD\InCDsrv.exe -- (InCDsrv)
SRV - [2005/06/03 02:28:34 | 000,372,809 | ---- | M] (Intel Corporation ) [Auto | Running] -- C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe -- (S24EventMonitor)
SRV - [2005/06/03 02:25:56 | 000,086,016 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files\Intel\Wireless\Bin\EvtEng.exe -- (EvtEng)
SRV - [2005/06/03 02:25:20 | 000,139,264 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe -- (RegSrvc)
SRV - [2004/10/25 16:01:52 | 000,421,888 | ---- | M] (Dell) [On_Demand | Stopped] -- C:\WINDOWS\System32\dlbtcoms.exe -- (dlbt_device)
========== Driver Services (SafeList) ==========
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\PROGRA~1\COMMON~1\SYMANT~1\SymcData\IDS-DI~1\20100218.001\symidsco.sys -- (SYMIDSCO)
DRV - [2010/07/07 10:17:00 | 000,074,880 | ---- | M] () [File_System | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\scfltr.sys -- (securitf)
DRV - [2010/06/09 12:11:50 | 000,083,360 | ---- | M] (LogMeIn, Inc.) [File_System | Disabled | Stopped] -- C:\WINDOWS\System32\LMIRfsClientNP.dll -- (LMIRfsClientNP)
DRV - [2009/10/19 10:06:18 | 000,108,800 | ---- | M] () [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\ipfrwl.sys -- (ipfrwl)
DRV - [2009/06/17 07:20:34 | 000,012,648 | ---- | M] (Secunia) [File_System | On_Demand | Running] -- C:\WINDOWS\system32\drivers\psi_mf.sys -- (PSI)
DRV - [2009/06/05 04:24:30 | 000,019,200 | ---- | M] (Silicon Integrated Systems Corporation) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\srvkp.sys -- (SiSkp)
DRV - [2009/06/05 04:02:46 | 000,323,584 | ---- | M] (Silicon Integrated Systems Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\sisgrp.sys -- (SiS315)
DRV - [2009/05/09 02:14:20 | 000,014,736 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\nuidfltr.sys -- (NuidFltr)
DRV - [2008/08/11 13:41:00 | 000,047,640 | ---- | M] (LogMeIn, Inc.) [File_System | Auto | Running] -- C:\WINDOWS\system32\drivers\LMIRfsDriver.sys -- (LMIRfsDriver)
DRV - [2008/08/11 13:41:00 | 000,012,856 | ---- | M] (LogMeIn, Inc.) [Kernel | Auto | Running] -- C:\Program Files\LogMeIn\x86\rainfo.sys -- (LMIInfo)
DRV - [2008/04/13 18:53:48 | 000,095,424 | ---- | M] (Smart Link) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\slnthal.sys -- (SlNtHal)
DRV - [2008/04/13 18:53:48 | 000,013,240 | ---- | M] (Smart Link) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\slwdmsup.sys -- (SlWdmSup)
DRV - [2008/04/13 18:53:46 | 000,404,990 | ---- | M] (Smart Link) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\slntamr.sys -- (Slntamr)
DRV - [2008/04/13 18:53:44 | 000,013,776 | ---- | M] (Smart Link) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\RecAgent.sys -- (RecAgent)
DRV - [2008/04/13 18:53:42 | 000,180,360 | ---- | M] (Smart Link) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ntmtlfax.sys -- (NtMtlFax)
DRV - [2008/04/13 18:53:42 | 000,126,686 | ---- | M] (Smart Link) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\mtlmnt5.sys -- (Mtlmnt5)
DRV - [2008/04/13 18:53:40 | 001,309,184 | ---- | M] (Smart Link) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\mtlstrm.sys -- (Mtlstrm)
DRV - [2008/04/13 17:05:40 | 000,032,768 | ---- | M] (SiS Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\sisnic.sys -- (SISNIC)
DRV - [2007/06/25 09:47:12 | 000,038,440 | ---- | M] (Nero AG) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\InCDRm.sys -- (incdrm)
DRV - [2007/06/25 09:47:12 | 000,036,776 | ---- | M] (Nero AG) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\InCDPass.sys -- (InCDPass)
DRV - [2007/06/25 09:47:02 | 000,119,080 | ---- | M] (Nero AG) [File_System | Disabled | Running] -- C:\WINDOWS\system32\drivers\InCDfs.sys -- (InCDfs)
DRV - [2007/04/16 22:46:00 | 000,033,792 | ---- | M] (Advanced Micro Devices) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\AmdPPM.sys -- (AmdPPM)
DRV - [2007/03/22 13:57:14 | 000,028,672 | --S- | M] (Gteko Ltd.) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\elagopro.sys -- (elagopro)
DRV - [2007/03/22 13:57:14 | 000,005,376 | --S- | M] (Gteko Ltd.) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\elaunidr.sys -- (elaunidr)
DRV - [2005/05/03 08:03:54 | 000,011,354 | ---- | M] (Intel Corporation) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\s24trans.sys -- (s24trans)
DRV - [2005/04/30 17:01:56 | 003,281,408 | ---- | M] (Intel® Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\w29n51.sys -- (w29n51) Intel®
DRV - [2005/04/08 12:48:18 | 000,179,968 | ---- | M] (VIA Technologies, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\vinyl97.sys -- (VIAudio) Vinyl AC'97 Audio Controller (WDM)
DRV - [2004/08/12 09:44:04 | 000,234,496 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\iwca.sys -- (IWCA)
DRV - [2001/08/17 08:57:38 | 000,016,128 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\MODEMCSA.sys -- (MODEMCSA)
========== Standard Registry (SafeList) ==========
========== Internet Explorer ==========
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.yahoo.com/
IE - HKCU\..\URLSearchHook: - Reg Error: Key error. File not found
IE - HKCU\..\URLSearchHook: {f92a9fe4-2850-4198-b9d5-279880e49b16} - Reg Error: Key error. File not found
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local
========== FireFox ==========
FF - prefs.js..browser.search.defaultengine: "Ask.com"
FF - prefs.js..browser.search.defaultenginename: "Ask.com"
FF - prefs.js..browser.search.order.1: "Ask.com"
FF - prefs.js..browser.search.selectedEngine: "Ask.com"
FF - prefs.js..browser.search.useDBForOrder: true
FF - prefs.js..browser.startup.homepage: "http://start.iplay.com/?o=shp"
FF - prefs.js..extensions.enabledItems: [email protected]:1.0
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}:6.0.20
FF - prefs.js..extensions.enabledItems: [email protected]:1.2.1
FF - prefs.js..extensions.enabledItems: [email protected]:3.5.5.104
FF - prefs.js..extensions.enabledItems: {ABDE892B-13A8-4d1b-88E6-365A6E755758}:1.1.3
FF - prefs.js..keyword.URL: "http://supertoolbar....ocale=en_US&q="
FF - HKLM\software\mozilla\Firefox\extensions\\{ABDE892B-13A8-4d1b-88E6-365A6E755758}: C:\Documents and Settings\All Users\Application Data\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext [2010/03/20 07:41:16 | 000,000,000 | ---D | M]
[2010/01/30 12:20:42 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Valued Customer\Application Data\Mozilla\Extensions
[2010/08/20 10:44:11 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Valued Customer\Application Data\Mozilla\Firefox\Profiles\caq38897.default\extensions
[2010/02/23 22:04:38 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Valued Customer\Application Data\Mozilla\Firefox\Profiles\caq38897.default\extensions\[email protected]
[2010/07/19 19:58:30 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Valued Customer\Application Data\Mozilla\Firefox\Profiles\caq38897.default\extensions\[email protected]
[2010/06/06 10:39:09 | 000,002,257 | ---- | M] () -- C:\Documents and Settings\Valued Customer\Application Data\Mozilla\Firefox\Profiles\caq38897.default\searchplugins\askcom.xml
[2010/06/06 10:43:36 | 000,000,000 | ---D | M] -- C:\Program Files\Mozilla Firefox\extensions
[2010/04/23 22:08:28 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}
[2010/04/23 22:08:04 | 000,411,368 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Mozilla Firefox\plugins\npdeployJava1.dll
[2009/08/31 10:28:34 | 000,147,456 | ---- | M] (Oberon Media) -- C:\Program Files\Mozilla Firefox\plugins\npMyGames.dll
[2009/10/26 16:53:52 | 000,102,400 | ---- | M] (Zylom) -- C:\Program Files\Mozilla Firefox\plugins\npzylomgamesplayer.dll
[2009/11/08 07:55:12 | 000,000,609 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\WebSearchober10799234.gif
[2010/05/03 09:46:38 | 000,000,175 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\WebSearchober10799234.src
[2009/11/08 07:55:12 | 000,000,609 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\WebSearchober10966484.gif
[2010/05/03 09:49:26 | 000,000,175 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\WebSearchober10966484.src
[2009/04/07 13:59:38 | 000,000,872 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\Yahooober19048078.gif
[2010/03/20 18:57:55 | 000,000,200 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\Yahooober19048078.src
O1 HOSTS File: ([2010/01/30 13:50:42 | 000,377,755 | R--- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: 127.0.0.1 www.007guard.com
O1 - Hosts: 127.0.0.1 007guard.com
O1 - Hosts: 127.0.0.1 008i.com
O1 - Hosts: 127.0.0.1 www.008k.com
O1 - Hosts: 127.0.0.1 008k.com
O1 - Hosts: 127.0.0.1 www.00hq.com
O1 - Hosts: 127.0.0.1 00hq.com
O1 - Hosts: 127.0.0.1 010402.com
O1 - Hosts: 127.0.0.1 www.032439.com
O1 - Hosts: 127.0.0.1 032439.com
O1 - Hosts: 127.0.0.1 www.0scan.com
O1 - Hosts: 127.0.0.1 0scan.com
O1 - Hosts: 127.0.0.1 www.1000gratisproben.com
O1 - Hosts: 127.0.0.1 1000gratisproben.com
O1 - Hosts: 127.0.0.1 www.1001namen.com
O1 - Hosts: 127.0.0.1 1001namen.com
O1 - Hosts: 127.0.0.1 www.100888290cs.com
O1 - Hosts: 127.0.0.1 100888290cs.com
O1 - Hosts: 127.0.0.1 www.100sexlinks.com
O1 - Hosts: 127.0.0.1 100sexlinks.com
O1 - Hosts: 127.0.0.1 10sek.com
O1 - Hosts: 127.0.0.1 www.10sek.com
O1 - Hosts: 127.0.0.1 1-2005-search.com
O1 - Hosts: 127.0.0.1 www.1-2005-search.com
O1 - Hosts: 13022 more lines...
O2 - BHO: (&Yahoo! Toolbar Helper) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll (Yahoo! Inc.)
O2 - BHO: (PriceGongBHO Class) - {1631550F-191D-4826-B069-D9439253D926} - C:\Program Files\PriceGong\2.1.0\PriceGongIE.dll (PriceGong)
O2 - BHO: (PlaySushi) - {21608B66-026F-4DCB-9244-0DACA328DCED} - C:\Program Files\PlaySushi\PSText.dll ()
O2 - BHO: (RealPlayer Download and Record Plugin for Internet Explorer) - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Documents and Settings\All Users\Application Data\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll (RealPlayer)
O2 - BHO: (Spybot-S&D IE Protection) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
O2 - BHO: (Google Toolbar Helper) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
O2 - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.5.5126.1836\swg.dll (Google Inc.)
O2 - BHO: (Updater For My.Freeze.com Toolbar) - {C26CD490-5F01-41E3-B150-EB29F19DA056} - C:\Program Files\myfreezetoolbar\auxi\myfreezetoolbAu.dll File not found
O2 - BHO: (CPub Object) - {C68AE9C0-0909-4DDC-B661-C1AFB9F5AE53} - C:\Program Files\SecureIT\PopupBlocker.dll (SecurityCoverage Inc.)
O2 - BHO: (no name) - {CC3C8D60-29D6-4880-B9D8-443C4CBA2BEC} - No CLSID value found.
O2 - BHO: (SingleInstance Class) - {FDAD4DA1-61A2-4FD8-9C17-86F7AC245081} - C:\Program Files\Yahoo!\Companion\Installs\cpn\YTSingleInstance.dll (Yahoo! Inc)
O3 - HKLM\..\Toolbar: (Google Toolbar) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
O3 - HKLM\..\Toolbar: (Yahoo! Toolbar) - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll (Yahoo! Inc.)
O3 - HKCU\..\Toolbar\WebBrowser: (Google Toolbar) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
O4 - HKLM..\Run: [DLBTCATS] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\DLBTtime.DLL ()
O4 - HKLM..\Run: [LogMeIn GUI] C:\Program Files\LogMeIn\x86\LogMeInSystray.exe (LogMeIn, Inc.)
O4 - HKLM..\Run: [SCControlPanel] C:\Program Files\SecureIT\SCControlPanel.exe (SecurityCoverage Inc.)
O4 - HKLM..\Run: [TkBellExe] C:\Program Files\Common Files\Real\Update_OB\realsched.exe (RealNetworks, Inc.)
O4 - HKCU..\Run: [DW6] C:\Program Files\The Weather Channel FW\Desktop\DesktopWeather.exe (The Weather Channel Interactive, Inc.)
O4 - HKCU..\Run: [EasyLinkAdvisor] C:\Program Files\Linksys EasyLink Advisor\LinksysAgent.exe (Linksys, a Division of Cisco Systems, Inc.)
O4 - HKCU..\Run: [PC Speed Maximizer] C:\Program Files\PC Speed Maximizer\SPMStarter.exe File not found
O4 - HKCU..\Run: [SPMTray] C:\Program Files\PC Speed Maximizer\SPMTray.exe (Avanquest Software)
O4 - HKCU..\Run: [Startw3i] C:\Program Files\PC Speed Maximizer\Startw3i.exe File not found
O4 - HKCU..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe (Google Inc.)
O4 - HKCU..\Run: [Weather] C:\Program Files\AWS\WeatherBug\Weather.exe (AWS Convergence Technologies, Inc.)
O4 - Startup: C:\Documents and Settings\Valued Customer\Start Menu\Programs\Startup\Secunia PSI.lnk = C:\Program Files\Secunia\PSI\psi.exe (Secunia)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O8 - Extra context menu item: Google Sidewiki... - C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_89D8574934B26AC4.dll (Google Inc.)
O9 - Extra 'Tools' menuitem : Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
O9 - Extra Button: Go to PlaySushi web site - {EBD24BD3-E272-4FA3-A8BA-C5D709757CAB} - C:\Program Files\PlaySushi\PSText.dll ()
O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O16 - DPF: {149E45D8-163E-4189-86FC-45022AB2B6C9} file:///C:/Program%20Files/Sparkle/Images/stg_drm.ocx (SpinTop DRM Control)
O16 - DPF: {233C1507-6A77-46A4-9443-F871F945D258} http://download.macr...director/sw.cab (Shockwave ActiveX Control)
O16 - DPF: {33E54F7F-561C-49E6-929B-D7E76D3AFEB1} http://www.worldwinn...0/pool/pool.cab (Pool Control)
O16 - DPF: {38A5F6F0-0B64-421B-A553-3D49A76ECDCD} http://cdn.exent.com...les.1.0.0.3.cab (CPlayFirstMythicMarblesControl Object)
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} http://update.micros...b?1264792763093 (WUWebControl Class)
O16 - DPF: {6A060448-60F9-11D5-A6CD-0002B31F7455} (ExentInf Class)
O16 - DPF: {8A94C905-FF9D-43B6-8708-F0F22D22B1CB} http://www.worldwinn...ed/wwlaunch.cab (Wwlaunch Control)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_20)
O16 - DPF: {8F6E7FB2-E56B-4F66-A4E1-9765D2565280} http://www.worldwinn....0/iewwload.cab (WorldWinner ActiveX Launcher Control)
O16 - DPF: {A52FBD2B-7AB3-4F6B-90E3-91C772C5D00F} http://www.worldwinn...v57/wof/wof.cab (WoF Control)
O16 - DPF: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_20)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_20)
O16 - DPF: {CC450D71-CC90-424C-8638-1F2DBAC87A54} file:///C:/Program%20Files/Jigsaw%20Puzzle%20Platinum/Images/armhelper.ocx (ArmHelper Control)
O16 - DPF: {D0C0F75C-683A-4390-A791-1ACFD5599AB8} http://bestbuy.obero...ronGameHost.cab (Oberon Flash Game Host)
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.ad...Plus/1.6/gp.cab (Reg Error: Key error.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 167.142.225.3 167.142.225.5 167.142.225.4
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - Winlogon\Notify\LMIinit: DllName - LMIinit.dll - C:\WINDOWS\System32\LMIinit.dll (LogMeIn, Inc.)
O24 - Desktop WallPaper: C:\WINDOWS\Web\Wallpaper\Bliss.bmp
O24 - Desktop BackupWallPaper: C:\WINDOWS\Web\Wallpaper\Bliss.bmp
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2010/01/29 13:40:35 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O32 - AutoRun File - [2003/07/01 14:23:12 | 000,000,041 | R--- | M] () - D:\AUTORUN.INF -- [ CDFS ]
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O34 - HKLM BootExecute: (MACHINE BootExecut) - File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
NetSvcs: 6to4 - File not found
NetSvcs: AppMgmt - C:\WINDOWS\System32\appmgmts.dll File not found
NetSvcs: Ias - File not found
NetSvcs: Iprip - File not found
NetSvcs: Irmon - File not found
NetSvcs: NWCWorkstation - File not found
NetSvcs: Nwsapagent - File not found
NetSvcs: Wmi - C:\WINDOWS\System32\wmi.dll (Microsoft Corporation)
NetSvcs: WmdmPmSp - File not found
Drivers32: msacm.ac3acm - C:\WINDOWS\System32\ac3acm.acm (fccHandler)
Drivers32: msacm.iac2 - C:\WINDOWS\system32\iac25_32.ax (Intel Corporation)
Drivers32: msacm.l3acm - C:\WINDOWS\system32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: msacm.lameacm - C:\WINDOWS\System32\lameACM.acm (http://www.mp3dev.org/)
Drivers32: msacm.siren - C:\WINDOWS\System32\sirenacm.dll (Microsoft Corporation)
Drivers32: msacm.sl_anet - C:\WINDOWS\System32\sl_anet.acm (Sipro Lab Telecom Inc.)
Drivers32: msacm.trspch - C:\WINDOWS\System32\tssoft32.acm (DSP GROUP, INC.)
Drivers32: vidc.cvid - C:\WINDOWS\System32\iccvid.dll (Radius Inc.)
Drivers32: VIDC.DIVX - C:\WINDOWS\System32\divx.dll (DivX, Inc.)
Drivers32: VIDC.FFDS - C:\WINDOWS\System32\ff_vfw.dll ()
Drivers32: vidc.iv31 - C:\WINDOWS\System32\ir32_32.dll ()
Drivers32: vidc.iv32 - C:\WINDOWS\System32\ir32_32.dll ()
Drivers32: vidc.iv41 - C:\WINDOWS\System32\ir41_32.ax (Intel Corporation)
Drivers32: vidc.iv50 - C:\WINDOWS\System32\ir50_32.dll (Intel Corporation)
Drivers32: vidc.MP42 - C:\WINDOWS\System32\MPG4c32.dll ()
Drivers32: vidc.MP43 - C:\WINDOWS\System32\MPG4c32.dll ()
Drivers32: vidc.MPG4 - C:\WINDOWS\System32\MPG4c32.dll ()
Drivers32: VIDC.XVID - C:\WINDOWS\System32\xvidvfw.dll ()
Drivers32: VIDC.YV12 - C:\WINDOWS\System32\yv12vfw.dll (www.helixcommunity.org)
Drivers32: wave - C:\WINDOWS\System32\serwvdrv.dll (Microsoft Corporation)
CREATERESTOREPOINT
Restore point Set: OTL Restore Point (16902109354000384)
========== Files/Folders - Created Within 90 Days ==========
[2010/08/21 00:51:18 | 000,575,488 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\Valued Customer\Desktop\OTL.exe
[2010/08/20 23:44:39 | 001,110,016 | ---- | C] (Puran Software) -- C:\WINDOWS\System32\PuranFD.exe
[2010/08/20 23:44:39 | 000,229,376 | ---- | C] (Puran Software) -- C:\WINDOWS\System32\PuranDefragS.exe
[2010/08/20 23:44:39 | 000,221,184 | ---- | C] (Puran Software) -- C:\WINDOWS\System32\PuranDC.exe
[2010/08/20 23:44:39 | 000,212,992 | ---- | C] (Puran Software) -- C:\WINDOWS\System32\PuranDefrag.dll
[2010/08/20 23:44:39 | 000,107,008 | ---- | C] (Puran Software) -- C:\WINDOWS\System32\PuranDefragBT.exe
[2010/08/20 23:44:38 | 000,000,000 | ---D | C] -- C:\Program Files\Puran Defrag
[2010/08/20 23:42:41 | 002,512,043 | ---- | C] (Puran Software ) -- C:\Documents and Settings\Valued Customer\Desktop\PuranDefragFreeSetup.exe
[2010/08/20 23:29:04 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Valued Customer\Application Data\myfreezetoolbar
[2010/08/20 22:30:17 | 000,446,464 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\Valued Customer\Desktop\TFC.exe
[2010/08/20 10:35:24 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Valued Customer\Application Data\InstallShield
[2010/08/19 20:13:47 | 000,000,000 | ---D | C] -- C:\Program Files\AWS
[2010/08/17 08:57:04 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\WorldWinner
[2010/08/17 06:32:03 | 000,000,000 | ---D | C] -- C:\Program Files\Echoes of the Past - The Castle of Shadows
[2010/08/10 12:51:12 | 000,000,000 | ---D | C] -- C:\spoolerlogs
[2010/08/09 08:54:26 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Valued Customer\My Documents\Press Your Luck™
[2010/08/08 07:00:26 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Valued Customer\Application Data\Enlightenus2_BFG
[2010/08/06 21:09:44 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\7Wonders2
[2010/08/02 14:03:35 | 000,000,000 | ---D | C] -- C:\Program Files\GamesBar
[2010/07/31 20:21:54 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Valued Customer\My Documents\Slingo Quest Egypt Documents
[2010/07/28 17:17:46 | 000,000,000 | ---D | C] -- C:\Program Files\Trymedia
[2010/07/28 08:25:28 | 000,000,000 | ---D | C] -- C:\Games
[2010/07/27 21:12:23 | 000,000,000 | ---D | C] -- C:\Program Files\ReflexiveArcade
[2010/07/27 10:01:28 | 000,000,000 | ---D | C] -- C:\WINDOWS\Minidump
[2010/07/26 18:30:49 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Desktop\Downloads
[2010/07/23 19:13:06 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Valued Customer\My Documents\Poker Superstars III - Gold Chip Challenge Documents
[2010/07/23 19:13:06 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Valued Customer\Application Data\funkitron
[2010/07/21 09:52:20 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Valued Customer\Local Settings\Application Data\WorldWinner.com
[2010/07/19 20:04:14 | 000,000,000 | ---D | C] -- C:\Program Files\Atrinsic
[2010/07/19 20:04:12 | 000,000,000 | ---D | C] -- C:\Program Files\PriceGong
[2010/07/19 20:04:12 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Valued Customer\Application Data\PriceGong
[2010/07/19 03:16:29 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Valued Customer\Application Data\Titanium Gears
[2010/07/19 03:15:44 | 000,000,000 | ---D | C] -- C:\Program Files\Playalot Games
[2010/07/19 03:13:02 | 000,000,000 | ---D | C] -- C:\Program Files\PC Speed Maximizer
[2010/07/18 16:16:00 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Valued Customer\Application Data\Clip Art Collection
[2010/07/18 16:05:18 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Valued Customer\Local Settings\Application Data\WeatherBug
[2010/07/18 16:04:55 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Valued Customer\Application Data\WeatherBug
[2010/07/18 16:04:22 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\EmailNotifier
[2010/07/18 16:02:04 | 000,000,000 | ---D | C] -- C:\Program Files\Free Offers from Freeze.com
[2010/07/18 16:01:48 | 000,000,000 | ---D | C] -- C:\Program Files\BarQuery
[2010/07/18 16:01:48 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\BarQuery
[2010/07/18 05:26:27 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\T1 Games
[2010/07/15 19:53:58 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Valued Customer\Application Data\SquareLogic
[2010/07/14 10:44:07 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Valued Customer\Application Data\KranX Productions
[2010/07/11 06:15:12 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Valued Customer\Local Settings\Application Data\Game Mill Files
[2010/07/10 15:33:48 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Valued Customer\My Documents\Caribbean Explorer
[2010/07/10 15:32:41 | 000,000,000 | ---D | C] -- C:\Program Files\GameMill Entertainment
[2010/07/10 15:29:59 | 000,000,000 | ---D | C] -- C:\Program Files\Caribbean Explorer
[2010/07/09 16:25:08 | 000,000,000 | ---D | C] -- C:\Program Files\RoyalAceCasino.com
[2010/07/03 06:33:29 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Free Ride Games
[2010/06/30 21:15:02 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Valued Customer\My Documents\PureHidden
[2010/06/30 21:11:59 | 000,000,000 | ---D | C] -- C:\Program Files\MumboJumbo
[2010/06/28 10:59:03 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Valued Customer\Application Data\Pogo Games
[2010/06/23 10:41:32 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Valued Customer\Application Data\TeleportGamesLtd
[2010/06/23 10:41:32 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\TeleportGamesLtd
[2010/06/21 20:39:22 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Valued Customer\Application Data\Dragon Altar Games
[2010/06/19 05:50:04 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\rionix
[2010/06/16 06:14:53 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\NeoEdge Networks
[2010/06/14 20:27:53 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\cerasus.media
[2010/06/14 20:27:49 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Valued Customer\Application Data\cerasus.media
[2010/06/12 13:54:58 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Valued Customer\Application Data\Fugazo
[2010/06/12 13:11:29 | 000,000,000 | ---D | C] -- C:\Program Files\SpinTime
[2010/06/10 20:40:14 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Valued Customer\Application Data\Hoyle FaceCreator
[2010/06/10 20:40:13 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Valued Customer\Application Data\Hoyle Puzzle and Board Games
[2010/06/10 20:34:12 | 000,000,000 | ---D | C] -- C:\Program Files\Hoyle Puzzle & Board Games 2009
[2010/06/10 06:37:36 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Valued Customer\Local Settings\Application Data\PCHealth
[2010/06/05 10:13:21 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Valued Customer\Application Data\Boomzap
[2010/06/02 13:49:07 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Valued Customer\Application Data\Chains
[2010/05/25 06:36:38 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Valued Customer\Application Data\Beep Industries
[2010/05/24 10:24:55 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Valued Customer\Application Data\Big Fish Games
[2010/05/23 08:54:47 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Valued Customer\Application Data\SulusGames
[2010/05/23 08:54:47 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\SulusGames
[1 C:\Documents and Settings\Valued Customer\My Documents\*.tmp files -> C:\Documents and Settings\Valued Customer\My Documents\*.tmp -> ]
========== Files - Modified Within 90 Days ==========
[2010/08/21 01:03:09 | 000,000,306 | ---- | M] () -- C:\WINDOWS\tasks\RealUpgradeScheduledTaskS-1-5-21-1645522239-220523388-1644491937-1004.job
[2010/08/21 01:03:09 | 000,000,298 | ---- | M] () -- C:\WINDOWS\tasks\RealUpgradeLogonTaskS-1-5-21-1645522239-220523388-1644491937-1004.job
[2010/08/21 00:51:21 | 000,575,488 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Valued Customer\Desktop\OTL.exe
[2010/08/21 00:34:11 | 000,284,915 | ---- | M] () -- C:\Documents and Settings\Valued Customer\Desktop\gmer.zip
[2010/08/21 00:27:10 | 000,000,886 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
[2010/08/20 23:44:40 | 000,000,689 | ---- | M] () -- C:\Documents and Settings\Valued Customer\Desktop\Puran Defrag.lnk
[2010/08/20 23:42:54 | 002,512,043 | ---- | M] (Puran Software ) -- C:\Documents and Settings\Valued Customer\Desktop\PuranDefragFreeSetup.exe
[2010/08/20 23:20:24 | 000,000,882 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
[2010/08/20 23:20:17 | 000,000,006 | -H-- | M] () -- C:\WINDOWS\tasks\SA.DAT
[2010/08/20 23:19:55 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2010/08/20 23:18:43 | 008,388,608 | ---- | M] () -- C:\Documents and Settings\Valued Customer\NTUSER.DAT
[2010/08/20 23:18:43 | 000,000,178 | -HS- | M] () -- C:\Documents and Settings\Valued Customer\ntuser.ini
[2010/08/20 22:30:19 | 000,446,464 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Valued Customer\Desktop\TFC.exe
[2010/08/20 16:23:08 | 000,000,151 | ---- | M] () -- C:\WINDOWS\PhotoSnapViewer.INI
[2010/08/19 20:13:50 | 000,001,762 | ---- | M] () -- C:\Documents and Settings\Valued Customer\Desktop\WeatherBug.lnk
[2010/08/18 21:56:56 | 002,114,658 | -H-- | M] () -- C:\Documents and Settings\Valued Customer\Local Settings\Application Data\IconCache.db
[2010/08/18 21:55:49 | 000,000,069 | ---- | M] () -- C:\WINDOWS\NeroDigital.ini
[2010/08/18 14:50:16 | 000,001,605 | ---- | M] () -- C:\Documents and Settings\Valued Customer\Application Data\Microsoft\Internet Explorer\Quick Launch\Game Manager.lnk
[2010/08/18 14:50:15 | 000,001,587 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Game Manager.lnk
[2010/08/18 14:50:13 | 000,001,184 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\More Great Games.lnk
[2010/08/18 06:38:46 | 000,013,646 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2010/08/17 06:34:26 | 000,001,941 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Play Echoes of the Past - The Castle of Shadows.lnk
[2010/08/13 20:47:18 | 000,000,636 | ---- | M] () -- C:\WINDOWS\dellstat.ini
[2010/08/13 05:18:05 | 000,001,374 | ---- | M] () -- C:\WINDOWS\imsins.BAK
[2010/08/12 07:06:29 | 000,095,072 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2010/08/07 15:22:38 | 000,001,820 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Hoyle Puzzle & Board Games 2009.lnk
[2010/08/06 21:09:36 | 000,001,752 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\7 Wonders II.lnk
[2010/08/04 10:04:29 | 000,000,457 | ---- | M] () -- C:\Program Files\0804201010042773.bat
[2010/08/02 14:08:38 | 000,001,108 | ---- | M] () -- C:\Documents and Settings\Valued Customer\Desktop\Pogo Games.lnk
[2010/07/30 19:36:44 | 000,000,008 | ---- | M] () -- C:\Documents and Settings\Valued Customer\My Documents\New Rich Text Document.rtf
[2010/07/23 18:32:28 | 000,001,734 | ---- | M] () -- C:\Documents and Settings\Valued Customer\Desktop\HighRoller.lnk
[2010/07/23 16:50:37 | 000,001,734 | ---- | M] () -- C:\Documents and Settings\Valued Customer\Desktop\PowerChips.lnk
[2010/07/23 15:45:14 | 003,670,016 | ---- | M] () -- C:\HarddiskVolume1
[2010/07/21 09:52:40 | 000,000,541 | ---- | M] () -- C:\WINDOWS\win.ini
[2010/07/19 20:04:17 | 000,000,212 | ---- | M] () -- C:\Documents and Settings\Valued Customer\Application Data\Microsoft\Internet Explorer\Quick Launch\FREE GAMES!.url
[2010/07/19 20:04:17 | 000,000,208 | ---- | M] () -- C:\Documents and Settings\Valued Customer\Application Data\Microsoft\Internet Explorer\Quick Launch\1000 Free Songs!.url
[2010/07/18 05:13:49 | 000,001,738 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Adobe Reader 9.lnk
[2010/07/15 20:40:17 | 000,001,831 | ---- | M] () -- C:\Documents and Settings\Valued Customer\Desktop\MumboJumbo.com - Premium Casual Games.lnk
[2010/07/15 20:40:15 | 000,000,811 | ---- | M] () -- C:\Documents and Settings\Valued Customer\Desktop\Pure Hidden.lnk
[2010/07/10 15:33:24 | 000,000,958 | ---- | M] () -- C:\Documents and Settings\Valued Customer\Desktop\Lost Secrets Bermuda Triangle.lnk
[2010/07/10 15:30:49 | 000,000,757 | ---- | M] () -- C:\Documents and Settings\Valued Customer\Application Data\Microsoft\Internet Explorer\Quick Launch\Caribbean Explorer.lnk
[2010/07/10 15:30:49 | 000,000,739 | ---- | M] () -- C:\Documents and Settings\Valued Customer\Desktop\Caribbean Explorer.lnk
[2010/07/07 10:17:00 | 000,074,880 | ---- | M] () -- C:\WINDOWS\System32\drivers\SCFltr.sys
[2010/07/03 06:34:04 | 000,000,064 | ---- | M] () -- C:\WINDOWS\GPlrLanc.dat
[2010/06/24 10:23:57 | 000,000,191 | ---- | M] () -- C:\Documents and Settings\Valued Customer\Desktop\More SpinTop Games.url
[2010/06/20 17:29:33 | 000,001,130 | ---- | M] () -- C:\Documents and Settings\Valued Customer\Desktop\Game Center.lnk
[2010/06/09 12:11:50 | 000,083,360 | ---- | M] (LogMeIn, Inc.) -- C:\WINDOWS\System32\LMIRfsClientNP.dll
[2010/06/09 12:11:25 | 000,029,568 | ---- | M] (LogMeIn, Inc.) -- C:\WINDOWS\System32\LMIport.dll
[2010/06/09 12:11:22 | 000,087,424 | ---- | M] (LogMeIn, Inc.) -- C:\WINDOWS\System32\LMIinit.dll
[1 C:\Documents and Settings\Valued Customer\My Documents\*.tmp files -> C:\Documents and Settings\Valued Customer\My Documents\*.tmp -> ]
========== Files Created - No Company Name ==========
[2010/08/21 00:34:05 | 000,284,915 | ---- | C] () -- C:\Documents and Settings\Valued Customer\Desktop\gmer.zip
[2010/08/20 23:44:40 | 000,000,689 | ---- | C] () -- C:\Documents and Settings\Valued Customer\Desktop\Puran Defrag.lnk
[2010/08/19 20:13:49 | 000,001,762 | ---- | C] () -- C:\Documents and Settings\Valued Customer\Desktop\WeatherBug.lnk
[2010/08/18 14:50:15 | 000,001,605 | ---- | C] () -- C:\Documents and Settings\Valued Customer\Application Data\Microsoft\Internet Explorer\Quick Launch\Game Manager.lnk
[2010/08/18 14:50:15 | 000,001,587 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Game Manager.lnk
[2010/08/17 06:34:26 | 000,001,941 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Play Echoes of the Past - The Castle of Shadows.lnk
[2010/08/17 06:34:26 | 000,001,184 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\More Great Games.lnk
[2010/08/06 21:09:36 | 000,001,752 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\7 Wonders II.lnk
[2010/08/04 10:04:28 | 000,000,457 | ---- | C] () -- C:\Program Files\0804201010042773.bat
[2010/07/30 19:36:44 | 000,000,008 | ---- | C] () -- C:\Documents and Settings\Valued Customer\My Documents\New Rich Text Document.rtf
[2010/07/23 18:32:28 | 000,001,734 | ---- | C] () -- C:\Documents and Settings\Valued Customer\Desktop\HighRoller.lnk
[2010/07/23 16:50:37 | 000,001,734 | ---- | C] () -- C:\Documents and Settings\Valued Customer\Desktop\PowerChips.lnk
[2010/07/19 20:04:17 | 000,000,212 | ---- | C] () -- C:\Documents and Settings\Valued Customer\Application Data\Microsoft\Internet Explorer\Quick Launch\FREE GAMES!.url
[2010/07/19 20:04:17 | 000,000,208 | ---- | C] () -- C:\Documents and Settings\Valued Customer\Application Data\Microsoft\Internet Explorer\Quick Launch\1000 Free Songs!.url
[2010/07/10 15:33:24 | 000,000,958 | ---- | C] () -- C:\Documents and Settings\Valued Customer\Desktop\Lost Secrets Bermuda Triangle.lnk
[2010/07/10 15:30:49 | 000,000,757 | ---- | C] () -- C:\Documents and Settings\Valued Customer\Application Data\Microsoft\Internet Explorer\Quick Launch\Caribbean Explorer.lnk
[2010/07/10 15:30:49 | 000,000,739 | ---- | C] () -- C:\Documents and Settings\Valued Customer\Desktop\Caribbean Explorer.lnk
[2010/07/03 06:34:04 | 000,037,033 | ---- | C] () -- C:\WINDOWS\FRGT.ico
[2010/07/03 06:34:04 | 000,000,064 | ---- | C] () -- C:\WINDOWS\GPlrLanc.dat
[2010/06/30 21:14:17 | 000,001,831 | ---- | C] () -- C:\Documents and Settings\Valued Customer\Desktop\MumboJumbo.com - Premium Casual Games.lnk
[2010/06/30 21:14:16 | 000,000,811 | ---- | C] () -- C:\Documents and Settings\Valued Customer\Desktop\Pure Hidden.lnk
[2010/06/28 10:33:14 | 000,001,108 | ---- | C] () -- C:\Documents and Settings\Valued Customer\Desktop\Pogo Games.lnk
[2010/06/11 15:22:09 | 000,000,886 | ---- | C] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
[2010/06/11 15:22:07 | 000,000,882 | ---- | C] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
[2010/06/10 20:37:23 | 000,001,820 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Hoyle Puzzle & Board Games 2009.lnk
[2010/05/25 06:32:38 | 000,001,130 | ---- | C] () -- C:\Documents and Settings\Valued Customer\Desktop\Game Center.lnk
[2010/05/21 17:50:23 | 000,002,061 | ---- | C] () -- C:\Documents and Settings\Valued Customer\Application Data\seed.log
[2010/02/21 10:23:59 | 000,000,754 | ---- | C] () -- C:\WINDOWS\WORDPAD.INI
[2010/02/20 13:07:16 | 000,108,800 | ---- | C] () -- C:\WINDOWS\System32\drivers\ipfrwl.sys
[2010/02/20 13:07:16 | 000,074,880 | ---- | C] () -- C:\WINDOWS\System32\drivers\SCFltr.sys
[2010/02/20 13:06:31 | 000,684,032 | ---- | C] () -- C:\WINDOWS\System32\libeay32.dll
[2010/02/20 13:06:30 | 000,155,648 | ---- | C] () -- C:\WINDOWS\System32\ssleay32.dll
[2010/02/16 14:05:41 | 000,000,151 | ---- | C] () -- C:\WINDOWS\PhotoSnapViewer.INI
[2010/02/09 11:41:07 | 000,000,069 | ---- | C] () -- C:\WINDOWS\NeroDigital.ini
[2010/01/30 23:24:53 | 000,000,636 | ---- | C] () -- C:\WINDOWS\dellstat.ini
[2010/01/30 23:23:51 | 000,143,360 | R--- | C] () -- C:\WINDOWS\System32\dlbtcoin.dll
[2010/01/30 23:23:51 | 000,131,072 | R--- | C] () -- C:\WINDOWS\System32\dlbtsnls.dll
[2010/01/30 23:23:00 | 000,040,960 | ---- | C] () -- C:\WINDOWS\System32\dlbtvs.dll
[2010/01/30 23:22:57 | 000,114,688 | ---- | C] () -- C:\WINDOWS\System32\dlbtcur.dll
[2010/01/30 23:22:57 | 000,069,632 | ---- | C] () -- C:\WINDOWS\System32\dlbtcu.dll
[2010/01/30 23:22:50 | 000,573,440 | ---- | C] () -- C:\WINDOWS\System32\dlbtjswr.dll
[2010/01/30 23:22:42 | 000,405,504 | ---- | C] () -- C:\WINDOWS\System32\dlbtutil.dll
[2010/01/30 19:55:06 | 000,016,384 | ---- | C] () -- C:\WINDOWS\System32\iwca.dll
[2010/01/30 13:24:06 | 000,178,176 | ---- | C] () -- C:\WINDOWS\System32\unrar.dll
[2010/01/30 13:24:05 | 000,000,038 | ---- | C] () -- C:\WINDOWS\avisplitter.ini
[2010/01/30 13:24:02 | 000,881,664 | ---- | C] () -- C:\WINDOWS\System32\xvidcore.dll
[2010/01/30 13:24:02 | 000,205,824 | ---- | C] () -- C:\WINDOWS\System32\xvidvfw.dll
[2010/01/30 13:24:01 | 003,596,288 | ---- | C] () -- C:\WINDOWS\System32\qt-dx331.dll
[2010/01/30 13:23:57 | 000,085,504 | ---- | C] () -- C:\WINDOWS\System32\ff_vfw.dll
[2010/01/30 13:23:57 | 000,000,547 | ---- | C] () -- C:\WINDOWS\System32\ff_vfw.dll.manifest
[2001/04/02 20:21:52 | 000,413,760 | ---- | C] () -- C:\WINDOWS\System32\MPG4c32.dll
========== LOP Check ==========
[2010/08/06 21:09:44 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\7Wonders2
[2010/04/20 09:42:59 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Alawar Stargaze
[2010/02/02 09:42:55 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Arkadium
[2010/08/21 00:41:21 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\BarQuery
[2010/06/14 20:27:53 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\cerasus.media
[2010/05/10 19:37:29 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Deadtime Stories
[2010/03/23 13:20:39 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\EdensQuest
[2010/07/18 16:04:24 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\EmailNotifier
[2010/03/30 15:52:56 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\FarmFrenzy3_Arctica
[2010/05/12 07:00:14 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Fenomen Games
[2010/07/03 06:34:04 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Free Ride Games
[2010/02/19 19:23:53 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Fugazo
[2010/03/20 19:00:42 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\GameBlend
[2010/02/24 19:47:43 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\GameHouse
[2010/05/21 05:53:53 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Grey Alien Games
[2010/03/01 08:02:22 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\HideAndSecret3
[2010/02/13 18:09:51 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\JollyBear
[2010/05/08 19:47:55 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\KrissX
[2010/01/30 18:07:04 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\LightScribe
[2010/02/18 11:22:54 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\LocusGames
[2010/01/29 14:17:40 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\LogMeIn
[2010/08/09 09:14:50 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Ludia
[2010/02/24 11:25:56 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Merscom
[2010/08/03 16:56:22 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\MumboJumbo
[2010/01/31 17:20:36 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\n7-89-o9-3r-4t-r9
[2010/06/16 06:14:53 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\NeoEdge Networks
[2010/03/01 07:54:12 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Oberon Media
[2010/05/22 21:03:13 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\PlayFirst
[2010/03/09 11:36:03 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\PoBros
[2010/06/19 05:50:04 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\rionix
[2010/04/05 07:23:23 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Sandlot Games
[2010/04/06 10:16:43 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\SpinTop
[2010/05/23 08:54:47 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\SulusGames
[2010/07/18 05:26:27 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\T1 Games
[2010/06/23 10:41:32 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\TeleportGamesLtd
[2010/08/19 20:36:24 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\TEMP
[2010/08/17 09:59:32 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\WorldWinner
[2010/02/01 10:58:19 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Zylom
[2010/01/30 13:19:09 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\{755AC846-7372-4AC8-8550-C52491DAA8BD}
[2010/03/17 10:17:44 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Valued Customer\Application Data\Arkadium
[2010/04/24 08:05:51 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Valued Customer\Application Data\Auslogics
[2010/05/25 06:36:38 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Valued Customer\Application Data\Beep Industries
[2010/05/24 10:24:55 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Valued Customer\Application Data\Big Fish Games
[2010/06/05 10:13:22 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Valued Customer\Application Data\Boomzap
[2010/02/27 16:45:16 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Valued Customer\Application Data\Camel101
[2010/06/14 20:27:49 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Valued Customer\Application Data\cerasus.media
[2010/06/02 13:49:13 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Valued Customer\Application Data\Chains
[2010/07/18 19:04:18 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Valued Customer\Application Data\Clip Art Collection
[2010/05/13 10:54:41 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Valued Customer\Application Data\com.adobe.mauby.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1
[2010/06/21 20:39:22 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Valued Customer\Application Data\Dragon Altar Games
[2010/05/01 16:33:43 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Valued Customer\Application Data\EcoRescue
[2010/08/08 07:01:14 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Valued Customer\Application Data\Enlightenus2_BFG
[2010/02/06 11:26:25 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Valued Customer\Application Data\Enlightenus_Real
[2010/06/12 13:54:58 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Valued Customer\Application Data\Fugazo
[2010/08/05 11:06:37 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Valued Customer\Application Data\funkitron
[2010/03/20 19:00:42 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Valued Customer\Application Data\GameBlend
[2010/02/01 16:24:52 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Valued Customer\Application Data\GameHousev1002
[2010/04/14 17:00:17 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Valued Customer\Application Data\Gold Casual Games
[2010/03/02 21:20:53 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Valued Customer\Application Data\HiT-MM
[2010/06/22 08:24:07 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Valued Customer\Application Data\Hoyle FaceCreator
[2010/08/07 15:30:05 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Valued Customer\Application Data\Hoyle Puzzle and Board Games
[2010/07/14 10:44:07 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Valued Customer\Application Data\KranX Productions
[2010/05/11 10:28:18 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Valued Customer\Application Data\Lazy Turtle Games
[2010/03/26 18:29:40 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Valued Customer\Application Data\Little Worlds Online
[2010/02/18 11:22:54 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Valued Customer\Application Data\LocusGames
[2010/08/09 09:14:50 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Valued Customer\Application Data\Ludia
[2010/02/22 19:46:36 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Valued Customer\Application Data\MagicBall4
[2010/02/02 10:39:01 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Valued Customer\Application Data\MB3
[2010/02/23 13:14:07 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Valued Customer\Application Data\MB4
[2010/02/24 11:25:56 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Valued Customer\Application Data\Merscom
[2010/08/20 23:29:04 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Valued Customer\Application Data\myfreezetoolbar
[2010/07/29 08:47:12 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Valued Customer\Application Data\Orneon
[2010/03/03 11:51:10 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Valued Customer\Application Data\Pharaohs Secret
[2010/05/10 06:59:02 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Valued Customer\Application Data\PlayFirst
[2010/03/09 11:36:03 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Valued Customer\Application Data\PoBros
[2010/06/28 10:59:03 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Valued Customer\Application Data\Pogo Games
[2010/08/21 00:21:46 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Valued Customer\Application Data\PriceGong
[2010/02/02 10:34:45 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Valued Customer\Application Data\SmashFrenzy3
[2010/02/23 12:11:30 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Valued Customer\Application Data\SmashFrenzy4
[2010/04/06 10:16:43 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Valued Customer\Application Data\SpinTop
[2010/07/15 20:31:41 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Valued Customer\Application Data\SquareLogic
[2010/05/23 08:54:47 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Valued Customer\Application Data\SulusGames
[2010/06/23 10:41:32 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Valued Customer\Application Data\TeleportGamesLtd
[2010/07/19 03:16:29 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Valued Customer\Application Data\Titanium Gears
[2010/02/15 09:52:17 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Valued Customer\Application Data\VTExtra
[2010/07/18 16:04:55 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Valued Customer\Application Data\WeatherBug
[2010/04/03 14:07:37 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Valued Customer\Application Data\Western Software Technologies
[2010/07/08 18:42:45 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Valued Customer\Application Data\Zylom
[2010/05/22 06:27:03 | 000,000,412 | ---- | M] () -- C:\WINDOWS\Tasks\Install.job
========== Purity Check ==========
========== Custom Scans ==========
< %SYSTEMDRIVE%\*.* >
[2010/01/29 14:17:29 | 000,001,024 | ---- | M] () -- C:\.rnd
[2010/01/29 13:40:35 | 000,000,000 | ---- | M] () -- C:\AUTOEXEC.BAT
[2010/01/30 15:21:14 | 000,000,210 | -HS- | M] () -- C:\boot.ini
[2010/01/29 13:40:35 | 000,000,000 | ---- | M] () -- C:\CONFIG.SYS
[2010/01/30 23:24:55 | 000,000,200 | ---- | M] () -- C:\dlbt.log
[2010/07/23 15:45:14 | 003,670,016 | ---- | M] () -- C:\HarddiskVolume1
[2010/01/29 13:40:35 | 000,000,000 | RHS- | M] () -- C:\IO.SYS
[2010/01/29 13:40:35 | 000,000,000 | RHS- | M] () -- C:\MSDOS.SYS
[2008/04/14 07:00:00 | 000,047,564 | RHS- | M] () -- C:\NTDETECT.COM
[2008/04/14 07:00:00 | 000,250,048 | RHS- | M] () -- C:\ntldr
[2010/08/20 23:19:52 | 1509,949,440 | -HS- | M] () -- C:\pagefile.sys
[2010/08/19 20:19:05 | 000,009,676 | ---- | M] () -- C:\scramble.log
< %systemroot%\Fonts\*.com >
< %systemroot%\Fonts\*.dll >
< %systemroot%\Fonts\*.ini >
[2010/01/29 13:39:52 | 000,000,067 | -HS- | M] () -- C:\WINDOWS\Fonts\desktop.ini
< %systemroot%\Fonts\*.ini2 >
< %systemroot%\Fonts\*.exe >
< %systemroot%\system32\spool\prtprocs\w32x86\*.* >
[2004/10/08 13:49:02 | 000,075,264 | ---- | M] () -- C:\WINDOWS\system32\spool\prtprocs\w32x86\DLBTPP5C.DLL
[2010/06/09 12:11:48 | 000,053,632 | ---- | M] (LogMeIn, Inc.) -- C:\WINDOWS\system32\spool\prtprocs\w32x86\LMIproc.dll
< %systemroot%\REPAIR\*.bak1 >
< %systemroot%\REPAIR\*.ini >
< %systemroot%\system32\*.jpg >
< %systemroot%\*.jpg >
< %systemroot%\*.png >
< %systemroot%\*.scr >
< %systemroot%\*._sy >
< %APPDATA%\Adobe\Update\*.* >
< %ALLUSERSPROFILE%\Favorites\*.* >
< %APPDATA%\Microsoft\*.* >
< %PROGRAMFILES%\*.* >
[2010/08/04 10:04:29 | 000,000,457 | ---- | M] () -- C:\Program Files\0804201010042773.bat
< %APPDATA%\Update\*.* >
< %systemroot%\*. /mp /s >
< %systemroot%\System32\config\*.sav >
[2010/01/29 07:24:20 | 000,094,208 | ---- | M] () -- C:\WINDOWS\system32\config\default.sav
[2010/01/29 07:24:19 | 001,064,960 | ---- | M] () -- C:\WINDOWS\system32\config\software.sav
[2010/01/29 07:24:19 | 000,897,024 | ---- | M] () -- C:\WINDOWS\system32\config\system.sav
< %PROGRAMFILES%\bak. /s >
< %systemroot%\system32\bak. /s >
< %ALLUSERSPROFILE%\Start Menu\*.lnk /x >
[2010/01/29 13:40:42 | 000,000,294 | -HS- | M] () -- C:\Documents and Settings\All Users\Start Menu\desktop.ini
< %systemroot%\system32\config\systemprofile\*.dat /x >
< %systemroot%\*.config >
< %systemroot%\system32\*.db >
< %PROGRAMFILES%\Internet Explorer\*.dat >
< %APPDATA%\Microsoft\Internet Explorer\Quick Launch\*.lnk /x >
[2010/07/19 20:04:17 | 000,000,208 | ---- | M] () -- C:\Documents and Settings\Valued Customer\Application Data\Microsoft\Internet Explorer\Quick Launch\1000 Free Songs!.url
[2010/01/29 13:47:12 | 000,000,119 | -HS- | M] () -- C:\Documents and Settings\Valued Customer\Application Data\Microsoft\Internet Explorer\Quick Launch\desktop.ini
[2010/07/19 20:04:17 | 000,000,212 | ---- | M] () -- C:\Documents and Settings\Valued Customer\Application Data\Microsoft\Internet Explorer\Quick Launch\FREE GAMES!.url
[2010/01/29 13:47:10 | 000,000,079 | ---- | M] () -- C:\Documents and Settings\Valued Customer\Application Data\Microsoft\Internet Explorer\Quick Launch\Show Desktop.scf
< %USERPROFILE%\Desktop\*.exe >
[2010/08/21 00:51:21 | 000,575,488 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Valued Customer\Desktop\OTL.exe
[2010/08/20 23:42:54 | 002,512,043 | ---- | M] (Puran Software ) -- C:\Documents and Settings\Valued Customer\Desktop\PuranDefragFreeSetup.exe
[2008/09/12 08:37:25 | 000,946,494 | ---- | M] () -- C:\Documents and Settings\Valued Customer\Desktop\scremote.exe
[2010/08/20 22:30:19 | 000,446,464 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Valued Customer\Desktop\TFC.exe
< %PROGRAMFILES%\Common Files\*.* >
< %systemroot%\*.src >
< %systemroot%\install\*.* >
< %systemroot%\system32\DLL\*.* >
< %systemroot%\system32\HelpFiles\*.* >
< %systemroot%\system32\rundll\*.* >
< %systemroot%\winn32\*.* >
< %systemroot%\Java\*.* >
< %systemroot%\system32\test\*.* >
< %systemroot%\system32\Rundll32\*.* >
< HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate\AU >
< HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update\Results\Install|LastSuccessTime /rs >
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update\Results\Install\\LastSuccessTime: 2010-08-13 10:18:06
========== Alternate Data Streams ==========
@Alternate Data Stream - 96 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:52B72A7C
@Alternate Data Stream - 94 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:9D7DCAE4
@Alternate Data Stream - 250 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:0B352B60
@Alternate Data Stream - 207 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:34FC1C45
@Alternate Data Stream - 195 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:F7124EAF
@Alternate Data Stream - 176 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:DA2524F0
@Alternate Data Stream - 153 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:FCB70953
@Alternate Data Stream - 151 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:3DBE461A
@Alternate Data Stream - 149 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:FEF919E6
@Alternate Data Stream - 149 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:64170090
@Alternate Data Stream - 148 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:956EC010
@Alternate Data Stream - 147 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:C8591AF9
@Alternate Data Stream - 147 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:445352A1
@Alternate Data Stream - 147 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:1A3FC1C4
@Alternate Data Stream - 146 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:CBAC4FD8
@Alternate Data Stream - 146 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:99A72E3A
@Alternate Data Stream - 144 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:DF8984AC
@Alternate Data Stream - 144 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:C76CFF82
@Alternate Data Stream - 144 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:753F86A9
@Alternate Data Stream - 144 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:24AB14E7
@Alternate Data Stream - 143 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:A2FF62A6
@Alternate Data Stream - 142 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:ED705107
@Alternate Data Stream - 141 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:50308CED
@Alternate Data Stream - 141 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:4F7FE589
@Alternate Data Stream - 141 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:1AE68282
@Alternate Data Stream - 139 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:E6CCB309
@Alternate Data Stream - 139 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:3AF262FC
@Alternate Data Stream - 137 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:5BDD0820
@Alternate Data Stream - 137 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:05670151
@Alternate Data Stream - 136 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:63A71C6F
@Alternate Data Stream - 136 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:5E748D4C
@Alternate Data Stream - 135 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:C43BFB01
@Alternate Data Stream - 135 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:8AD1F2E0
@Alternate Data Stream - 133 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:FEECF2C8
@Alternate Data Stream - 130 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:EAF954B6
@Alternate Data Stream - 130 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:EA1919C7
@Alternate Data Stream - 130 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:9D6EAEC3
@Alternate Data Stream - 129 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:F94CB4DD
@Alternate Data Stream - 129 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:93EB7685
@Alternate Data Stream - 127 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:DB779A93
@Alternate Data Stream - 126 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:E7220DEE
@Alternate Data Stream - 126 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:D3A89E47
@Alternate Data Stream - 125 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:93EC675B
@Alternate Data Stream - 124 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:ACCFA538
@Alternate Data Stream - 124 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:53DF4438
@Alternate Data Stream - 122 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:21F28B00
@Alternate Data Stream - 120 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:372A7EB3
@Alternate Data Stream - 119 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:AECF4772
@Alternate Data Stream - 118 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:F68CB977
@Alternate Data Stream - 118 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:78AFAE94
@Alternate Data Stream - 115 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:FAEAE395
@Alternate Data Stream - 114 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:4111E573
@Alternate Data Stream - 114 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:09708CB7
@Alternate Data Stream - 112 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:C25D218B
@Alternate Data Stream - 111 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:F92AD177
@Alternate Data Stream - 111 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:20E32CC7
@Alternate Data Stream - 110 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:8DFE5191
@Alternate Data Stream - 109 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:109D64EB
@Alternate Data Stream - 108 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:93F3E4C9
@Alternate Data Stream - 107 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:AFFC859A
@Alternate Data Stream - 106 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:EDD903C5
@Alternate Data Stream - 105 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:3595B780
@Alternate Data Stream - 104 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:8668AB36
@Alternate Data Stream - 103 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:BEE8C8B8
@Alternate Data Stream - 101 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:DEEA5B0E
< End of report >
OTL Extras logfile created on: 8/21/2010 1:02:44 AM - Run 1
OTL by OldTimer - Version 3.2.10.0 Folder = C:\Documents and Settings\Valued Customer\Desktop
Windows XP Home Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy
479.00 Mb Total Physical Memory | 126.00 Mb Available Physical Memory | 26.00% Memory free
2.00 Gb Paging File | 1.00 Gb Available in Paging File | 69.00% Paging File free
Paging file location(s): C:\pagefile.sys 1440 1440 [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 74.52 Gb Total Space | 45.46 Gb Free Space | 61.01% Space Free | Partition Type: NTFS
Drive D: | 616.79 Mb Total Space | 0.00 Mb Free Space | 0.00% Space Free | Partition Type: CDFS
E: Drive not present or media not loaded
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded
Computer Name: VALUED-2368BA06
Current User Name: Valued Customer
Logged in as Administrator.
Current Boot Mode: Normal
Scan Mode: Current user
Company Name Whitelist: On
Skip Microsoft Files: On
File Age = 90 Days
Output = Standard
Quick Scan
========== Extra Registry (SafeList) ==========
========== File Associations ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.html [@ = htmlfile] -- Reg Error: Key error. File not found
========== Shell Spawning ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
htmlfile [edit] -- Reg Error: Key error.
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l (Microsoft Corporation)
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
========== Security Center Settings ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"FirstRunDisabled" = 1
"AntiVirusOverride" = 0
"FirewallOverride" = 0
"AntiVirusDisableNotify" = 0
"FirewallDisableNotify" = 0
"UpdatesDisableNotify" = 0
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall" = 0
"DoNotAllowExceptions" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 0
"DoNotAllowExceptions" = 0
========== Authorized Applications List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
"C:\Program Files\Windows Live\Messenger\wlcsdk.exe" = C:\Program Files\Windows Live\Messenger\wlcsdk.exe:*:Enabled:Windows Live Call -- (Microsoft Corporation)
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"C:\Program Files\Windows Live\Messenger\wlcsdk.exe" = C:\Program Files\Windows Live\Messenger\wlcsdk.exe:*:Enabled:Windows Live Call -- (Microsoft Corporation)
"D:\Installation\Setupx.exe" = D:\Installation\Setupx.exe:*:Enabled:Nero ProductSetup -- File not found
"C:\Program Files\SecureIT\tools\cleverassist\sccleverclient.exe" = C:\Program Files\SecureIT\tools\cleverassist\sccleverclient.exe:*:Enabled:TVNCClient -- (SecurityCoverage Inc.)
"C:\Program Files\SecureIT\tools\cleverassist\SCRemote.exe" = C:\Program Files\SecureIT\tools\cleverassist\SCRemote.exe:*:Enabled:TVNCClient -- (SecurityCoverage Inc.)
========== HKEY_LOCAL_MACHINE Uninstall List ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{07287123-B8AC-41CE-8346-3D777245C35B}" = Bonjour
"{18455581-E099-4BA8-BC6B-F34B2F06600C}" = Google Toolbar for Internet Explorer
"{205C6BDD-7B73-42DE-8505-9A093F35A238}" = Windows Live Upload Tool
"{22B775E7-6C42-4FC5-8E10-9A5E3257BD94}" = MSVCRT
"{2318C2B1-4965-11d4-9B18-009027A5CD4F}" = Google Toolbar for Internet Explorer
"{23FB368F-1399-4EAC-817C-4B83ECBE3D83}" = mProSafe
"{26A24AE4-039D-4CA4-87B4-2F83216020FF}" = Java™ 6 Update 20
"{28DA872A-0848-48CF-B749-19A198157A2A}" = mDriver
"{2AAFE1D7-9066-4183-B267-0398A3533E88}" = MysticForest
"{34F93E31-E1A0-421C-8E86-BCF7C4193A91}" = LogMeIn
"{350C97B0-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP
"{45338B07-A236-4270-9A77-EBB4115517B5}" = Windows Live Sign-in Assistant
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{553255F3-78FD-40F1-A6F8-6882140265FE}" = Apple Application Support
"{56C049BE-79E9-4502-BEA7-9754A3E60F9B}" = neroxml
"{6956856F-B6B3-4BE0-BA0B-8F495BE32033}" = Apple Software Update
"{6DE14BE4-6F04-4935-8ABD-A0A19FE2E55A}" = mCore
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
"{81128EE8-8EAD-4DB0-85C6-17C2CE50FF71}" = Windows Live Essentials
"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-110028110}" = Ricochet
"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-11010543}" = UltraBall
"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-11318463}" = Secrets of Great Art
"{8B928BA1-EDEC-4227-A2DA-DD83026C36F5}" = mPfMgr
"{8E72B982-D54F-486F-B35A-C24B6F171033}" = Nero 7 Essentials
"{8F018A9E-56DE-4A79-A5EF-25F413F1D538}" = WeatherBug
"{90B0D222-8C21-4B35-9262-53B042F18AF9}" = mPfWiz
"{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting
"{9CC89556-3578-48DD-8408-04E66EBEF401}" = mXML
"{A1960A82-DB70-474D-A86B-FA74466103C6}" = Drivers Install For Linksys Easylink Advisor
"{A1F66FC9-11EE-4F2F-98C9-16F8D1E69FB7}" = Segoe UI
"{A2BCA9F1-566C-4805-97D1-7FDC93386723}" = Adobe AIR
"{A85FD55B-891B-4314-97A5-EA96C0BD80B5}" = Windows Live Messenger
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{AC76BA86-7AD7-1033-7B44-A93000000001}" = Adobe Reader 9.3.3
"{AE41BE84-761C-0F5E-451B-3D145E8A8840}" = Acrobat.com
"{B4092C6D-E886-4CB2-BA68-FE5A88D31DE6}_is1" = Spybot - Search & Destroy
"{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}" = Microsoft .NET Framework 1.1
"{CC4A73BF-938E-4C19-A553-853C035C9BA1}" = LightScribe System Software 1.10.13.1
"{DD74F997-797A-4CC7-B56E-A5540F5A6917}" = EnglishHarbourCasino
"{ED00D08A-3C5F-488D-93A0-A04F21F23956}" = Windows Live Communications Platform
"{F0BFC7EF-9CF8-44EE-91B0-158884CD87C5}" = mMHouse
"{F0E12BBA-AD66-4022-A453-A1C8A0C4D570}" = Microsoft Choice Guard
"{F4F4F84E-804F-4E9A-84D7-C34283F0088F}" = RealUpgrade 1.0
"{F6BD194C-4190-4D73-B1B1-C48C99921BFE}" = Windows Live Call
"{FCA651F3-5BDA-4DDA-9E4A-5D87D6914CC4}" = mWlsSafe
"395aeefb7c0cc762d77ee1064a245ca7" = NatGeo Games Earth Day Pack
"7 Wonders II" = 7 Wonders II (remove only)
"a5e69a1eb8018d65d9a37940c9f1ec73" = Press Your Luck™
"Adobe AIR" = Adobe AIR
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Adobe Shockwave Player" = Adobe Shockwave Player 11.5
"am-carambadeluxe" = Caramba Deluxe
"am-chainz2relinked" = Chainz 2 - Relinked
"am-edensquestthehuntforakua" = Eden's Quest - The Hunt for Akua
"am-heartwildtmsolitairebooktwo" = Heartwild™ Solitaire - Book Two
"am-jigsawworld" = Jigsaw World
"am-lillywuandtheterracottamystery" = Lilly Wu and the Terra Cotta Mystery
"am-luxoradventures" = LUXOR Adventures
"am-magicball4" = Magic Ball 4
"am-mahjonggdimensionsdeluxe" = Mahjongg Dimensions Deluxe
"am-mortimerbeckettandthelostkingpremiumedition" = Mortimer Beckett and the Lost King Premium Edition
"am-natgeotravelerpack" = Nat Geo Traveler Pack
"am-shutterisland" = Shutter Island
"am-superbounceout" = Super Bounce Out
"am-thedreamvoyagers" = The Dream Voyagers
"am-thepinisocietyrtheremarkabletruth" = The Pini Society® - The Remarkable Truth
"BarQuery" = BarQuery 1.0 build 157
"BFGC" = Big Fish Games: Game Manager
"BFG-Echoes of the Past - The Castle of Shadows" = Echoes of the Past: The Castle of Shadows
"Born Into Darkness Deluxe" = Born Into Darkness Deluxe
"Caribbean Explorer_is1" = Caribbean Explorer 1.0.0.9
"com.adobe.mauby.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1" = Acrobat.com
"Dell Photo AIO Printer 922" = Dell Photo AIO Printer 922
"EasyLinkAdvisor" = Linksys EasyLink Advisor 1.6 (0044)
"ERUNT_is1" = ERUNT 1.1j
"Farm Frenzy 3 - Ice Age Deluxe" = Farm Frenzy 3 - Ice Age Deluxe
"Hardwood Solitaire Deluxe" = Hardwood Solitaire Deluxe
"HighRoller" = High Roller (remove only)
"Hoyle Puzzle & Board Games 2009" = Hoyle Puzzle & Board Games 2009
"ie8" = Windows Internet Explorer 8
"Jigs@w Puzzle 2 Mix" = Jigs@w Puzzle 2 Mix
"Jigsaw Medley" = Jigsaw Medley (remove only)
"KLiteCodecPack_is1" = K-Lite Mega Codec Pack 5.5.1
"Lost Secrets Bermuda Triangle" = Lost Secrets Bermuda Triangle
"Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware
"Microsoft .NET Framework 1.1 (1033)" = Microsoft .NET Framework 1.1
"MSCompPackV1" = Microsoft Compression Client Pack 1.0 for Windows XP
"Playsushi" = Playsushi
"PowerChips" = Power Chips (remove only)
"PriceGong" = PriceGong 2.1.0
"ProInst" = Intel® PROSet/Wireless Software
"Puran Defrag Free Edition_is1" = Puran Defrag Free Edition 7.1
"Pure Hidden" = Pure Hidden
"RealPlayer 12.0" = RealPlayer
"Reel Deal Slots Nickel Alley_is1" = Reel Deal Slots Nickel Alley
"RoyalAceCasino.com" = RoyalAceCasino.com
"Samantha Swift and the Golden Touch" = Samantha Swift and the Golden Touch (remove only)
"Secunia PSI" = Secunia PSI
"SecureIT_is1" = SecureIT
"Super Jigsaw Beach Holiday 2" = Super Jigsaw Beach Holiday 2
"Super Jigsaw Kittens" = Super Jigsaw Kittens
"The Lost Inca Prophecy Deluxe" = The Lost Inca Prophecy Deluxe
"The Weather Channel Desktop 6" = The Weather Channel Desktop 6
"VLC media player" = VLC media player 1.0.3
"Wdf01005" = Microsoft Kernel-Mode Driver Framework Feature Pack 1.5
"Web Games Player Plugin" = Web Games Player Plugin
"Windows Media Format Runtime" = Windows Media Format 11 runtime
"Windows Media Player" = Windows Media Player 11
"WinLiveSuite_Wave3" = Windows Live Essentials
"WinRAR archiver" = WinRAR archiver
"WMFDist11" = Windows Media Format 11 runtime
"wmp11" = Windows Media Player 11
"Wudf01000" = Microsoft User-Mode Driver Framework Feature Pack 1.0
"Yahoo! Companion" = Yahoo! Toolbar
"Zombie Bowl-O-Rama" = Zombie Bowl-O-Rama (remove only)
========== HKEY_CURRENT_USER Uninstall List ==========
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Yahoo! BrowserPlus" = Yahoo! BrowserPlus 2.9.8
========== Last 10 Event Log Errors ==========
[ Application Events ]
Error - 4/19/2010 2:23:38 PM | Computer Name = VALUED-2368BA06 | Source = Application Hang | ID = 1002
Description = Hanging application iexplore.exe, version 8.0.6001.18702, hang module
hungapp, version 0.0.0.0, hang address 0x00000000.
Error - 4/19/2010 2:26:52 PM | Computer Name = VALUED-2368BA06 | Source = Application Error | ID = 1000
Description = Faulting application iexplore.exe, version 8.0.6001.18702, faulting
module unknown, version 0.0.0.0, fault address 0x02a00340.
Error - 4/19/2010 10:27:36 PM | Computer Name = VALUED-2368BA06 | Source = Application Error | ID = 1000
Description = Faulting application iexplore.exe, version 8.0.6001.18702, faulting
module unknown, version 0.0.0.0, fault address 0x032b7238.
Error - 4/21/2010 5:50:13 PM | Computer Name = VALUED-2368BA06 | Source = Application Hang | ID = 1002
Description = Hanging application iexplore.exe, version 8.0.6001.18702, hang module
hungapp, version 0.0.0.0, hang address 0x00000000.
Error - 4/21/2010 5:50:13 PM | Computer Name = VALUED-2368BA06 | Source = Application Hang | ID = 1002
Description = Hanging application iexplore.exe, version 8.0.6001.18702, hang module
hungapp, version 0.0.0.0, hang address 0x00000000.
Error - 4/21/2010 5:50:13 PM | Computer Name = VALUED-2368BA06 | Source = Application Hang | ID = 1002
Description = Hanging application iexplore.exe, version 8.0.6001.18702, hang module
hungapp, version 0.0.0.0, hang address 0x00000000.
Error - 4/22/2010 5:57:49 AM | Computer Name = VALUED-2368BA06 | Source = Application Error | ID = 1000
Description = Faulting application iexplore.exe, version 8.0.6001.18702, faulting
module unknown, version 0.0.0.0, fault address 0x03bea150.
Error - 4/22/2010 6:01:13 AM | Computer Name = VALUED-2368BA06 | Source = Application Error | ID = 1000
Description = Faulting application iexplore.exe, version 8.0.6001.18702, faulting
module yt.dll, version 2008.7.28.1, fault address 0x00056d54.
Error - 4/22/2010 1:52:14 PM | Computer Name = VALUED-2368BA06 | Source = Application Hang | ID = 1002
Description = Hanging application iexplore.exe, version 8.0.6001.18702, hang module
hungapp, version 0.0.0.0, hang address 0x00000000.
Error - 4/22/2010 8:59:31 PM | Computer Name = VALUED-2368BA06 | Source = Application Hang | ID = 1002
Description = Hanging application iexplore.exe, version 8.0.6001.18702, hang module
hungapp, version 0.0.0.0, hang address 0x00000000.
[ System Events ]
Error - 8/20/2010 11:31:12 PM | Computer Name = VALUED-2368BA06 | Source = Service Control Manager | ID = 7034
Description = The InCD Helper service terminated unexpectedly. It has done this
1 time(s).
Error - 8/20/2010 11:31:12 PM | Computer Name = VALUED-2368BA06 | Source = Service Control Manager | ID = 7034
Description = The LightScribeService Direct Disc Labeling Service service terminated
unexpectedly. It has done this 1 time(s).
Error - 8/20/2010 11:31:12 PM | Computer Name = VALUED-2368BA06 | Source = Service Control Manager | ID = 7034
Description = The SmartLinkService service terminated unexpectedly. It has done
this 1 time(s).
Error - 8/20/2010 11:31:12 PM | Computer Name = VALUED-2368BA06 | Source = Service Control Manager | ID = 7034
Description = The RegSrvc service terminated unexpectedly. It has done this 1 time(s).
Error - 8/20/2010 11:31:12 PM | Computer Name = VALUED-2368BA06 | Source = Service Control Manager | ID = 7034
Description = The Java Quick Starter service terminated unexpectedly. It has done
this 1 time(s).
Error - 8/20/2010 11:31:12 PM | Computer Name = VALUED-2368BA06 | Source = Service Control Manager | ID = 7034
Description = The SecureIT Update Service service terminated unexpectedly. It has
done this 1 time(s).
Error - 8/20/2010 11:45:07 PM | Computer Name = VALUED-2368BA06 | Source = Dhcp | ID = 1002
Description = The IP address lease 192.168.1.100 for the Network Card with network
address 00166FBF0CA7 has been denied by the DHCP server 0.0.0.0 (The DHCP Server
sent a DHCPNACK message).
Error - 8/20/2010 11:52:11 PM | Computer Name = VALUED-2368BA06 | Source = Dhcp | ID = 1002
Description = The IP address lease 192.168.1.100 for the Network Card with network
address 00166FBF0CA7 has been denied by the DHCP server 0.0.0.0 (The DHCP Server
sent a DHCPNACK message).
Error - 8/20/2010 11:59:27 PM | Computer Name = VALUED-2368BA06 | Source = Dhcp | ID = 1002
Description = The IP address lease 192.168.1.100 for the Network Card with network
address 00166FBF0CA7 has been denied by the DHCP server 0.0.0.0 (The DHCP Server
sent a DHCPNACK message).
Error - 8/20/2010 11:59:33 PM | Computer Name = VALUED-2368BA06 | Source = Dhcp | ID = 1001
Description = Your computer was not assigned an address from the network (by the
DHCP Server) for the Network Card with network address 00166FBF0CA7. The following
error occurred: %%1223. Your computer will continue to try and obtain an address
on its own from the network address (DHCP) server.
< End of report >
Similar Topics
0 user(s) are reading this topic
0 members, 0 guests, 0 anonymous users
As Featured On:
Sign In
Create Account
