OTL logfile created on: 6/9/2010 10:41:50 PM - Run 1
OTL by OldTimer - Version 3.2.6.0 Folder = C:\Documents and Settings\Owner\Desktop
Windows XP Home Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy
1.00 Gb Total Physical Memory | 1.00 Gb Available Physical Memory | 52.00% Memory free
3.00 Gb Paging File | 2.00 Gb Available in Paging File | 78.00% Paging File free
Paging file location(s): C:\pagefile.sys 1536 3072 [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 18.64 Gb Total Space | 8.51 Gb Free Space | 45.67% Space Free | Partition Type: NTFS
D: Drive not present or media not loaded
E: Drive not present or media not loaded
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded
Computer Name: MOM-4D5NV8QZZNC
Current User Name: Owner
Logged in as Administrator.
Current Boot Mode: Normal
Scan Mode: Current user
Company Name Whitelist: On
Skip Microsoft Files: On
File Age = 90 Days
Output = Standard
Quick Scan
========== Processes (SafeList) ========== PRC - [2010/06/09 22:40:53 | 000,572,416 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Owner\Desktop\OTL.exe
PRC - [2010/06/03 08:07:58 | 002,065,248 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG9\avgtray.exe
PRC - [2010/06/03 08:07:54 | 000,515,424 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG9\avgrsx.exe
PRC - [2010/06/03 08:07:53 | 000,620,896 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG9\avgnsx.exe
PRC - [2010/06/03 08:05:35 | 000,722,784 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG9\avgcsrvx.exe
PRC - [2010/06/03 08:05:30 | 001,101,152 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG9\avgchsvx.exe
PRC - [2010/03/22 01:00:36 | 002,643,128 | ---- | M] (LiveZilla GmbH) -- C:\Program Files\LiveZilla\LiveZilla.exe
PRC - [2010/03/12 10:10:23 | 000,308,064 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG9\avgwdsvc.exe
PRC - [2010/03/12 10:08:38 | 000,916,760 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG9\avgemc.exe
PRC - [2009/03/05 16:07:20 | 002,260,480 | RHS- | M] (Safer-Networking Ltd.) -- C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
PRC - [2008/04/13 17:12:36 | 000,033,280 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\snmp.exe
PRC - [2008/04/13 17:12:19 | 001,033,728 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
PRC - [2006/10/11 12:45:12 | 000,075,304 | ---- | M] (ScanSoft, Inc.) -- C:\Program Files\ScanSoft\OmniPageSE4.0\OpWareSE4.exe
PRC - [2002/10/15 19:00:20 | 001,818,624 | ---- | M] (C-Media Electronic Inc. (
www.cmedia.com.tw)) -- C:\WINDOWS\mixer.exe
========== Modules (SafeList) ========== MOD - [2010/06/09 22:40:53 | 000,572,416 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Owner\Desktop\OTL.exe
MOD - [2008/04/13 17:10:20 | 000,110,592 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\msscript.ocx
MOD - [2006/10/04 22:07:12 | 000,144,936 | ---- | M] (ScanSoft, Inc.) -- C:\Program Files\ScanSoft\OmniPageSE4.0\OpHookSE4.dll
========== Win32 Services (SafeList) ========== SRV - [2010/03/12 10:10:23 | 000,308,064 | ---- | M] (AVG Technologies CZ, s.r.o.) [Auto | Running] -- C:\Program Files\AVG\AVG9\avgwdsvc.exe -- (avg9wd)
SRV - [2010/03/12 10:08:38 | 000,916,760 | ---- | M] (AVG Technologies CZ, s.r.o.) [Auto | Running] -- C:\Program Files\AVG\AVG9\avgemc.exe -- (avg9emc)
SRV - [2008/04/13 17:12:36 | 000,033,280 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\WINDOWS\system32\snmp.exe -- (SNMP)
SRV - [2003/03/31 05:00:00 | 000,019,456 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\WINDOWS\system32\tcpsvcs.exe -- (LPDSVC)
========== Driver Services (SafeList) ========== DRV - [2010/06/03 08:07:55 | 000,242,896 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | System | Running] -- C:\WINDOWS\System32\Drivers\avgtdix.sys -- (AvgTdiX)
DRV - [2010/06/03 08:07:53 | 000,029,584 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | System | Running] -- C:\WINDOWS\System32\Drivers\avgmfx86.sys -- (AvgMfx86)
DRV - [2010/04/29 15:39:38 | 000,038,224 | ---- | M] (Malwarebytes Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\mbamswissarmy.sys -- (MBAMSwissArmy)
DRV - [2010/03/12 10:08:34 | 000,216,200 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | System | Running] -- C:\WINDOWS\System32\Drivers\avgldx86.sys -- (AvgLdx86)
DRV - [2010/01/12 13:03:34 | 010,276,768 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\nv4_mini.sys -- (nv)
DRV - [2009/03/17 15:24:06 | 000,030,560 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\nx6000.sys -- (MSHUSBVideo)
DRV - [2008/04/13 11:45:30 | 000,010,624 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\gameenum.sys -- (gameenum)
DRV - [2008/04/13 10:45:12 | 000,060,032 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\USBAUDIO.sys -- (usbaudio) USB Audio Driver (WDM)
DRV - [2004/08/03 22:31:32 | 000,020,992 | ---- | M] (Realtek Semiconductor Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\rtl8139.sys -- (rtl8139) Realtek RTL8139(A/B/C)
DRV - [2002/11/18 16:51:40 | 000,377,358 | ---- | M] (C-Media Inc) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\cmaudio.sys -- (cmpci) C-Media PCI Audio Driver (WDM)
DRV - [2001/08/17 06:28:12 | 000,488,383 | ---- | M] (Conexant) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\HSF_V124.sys -- (V124)
DRV - [2001/08/17 06:28:12 | 000,050,751 | ---- | M] (Conexant) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\HSF_TONE.sys -- (Tones)
DRV - [2001/08/17 06:28:10 | 000,542,879 | ---- | M] (Conexant) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\HSF_MSFT.sys -- (hsf_msft)
DRV - [2001/08/17 06:28:10 | 000,057,471 | ---- | M] (Conexant) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\HSF_SAMP.sys -- (Rksample)
DRV - [2001/08/17 06:28:08 | 000,391,199 | ---- | M] (Conexant) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\HSF_K56K.sys -- (K56)
DRV - [2001/08/17 06:28:06 | 000,289,887 | ---- | M] (Conexant) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\HSF_FALL.sys -- (Fallback)
DRV - [2001/08/17 06:28:06 | 000,199,711 | ---- | M] (Conexant) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\HSF_FAXX.sys -- (SoftFax)
DRV - [2001/08/17 06:28:06 | 000,115,807 | ---- | M] (Conexant) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\HSF_FSKS.sys -- (Fsks)
DRV - [2001/08/17 06:28:04 | 000,067,167 | ---- | M] (Conexant) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\HSF_BSC2.sys -- (basic2)
DRV - [2001/08/17 05:19:20 | 000,003,712 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ctljystk.sys -- (ctljystk)
========== Standard Registry (SafeList) ========== ========== Internet Explorer ========== IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page =
http://blingmyhomepage.com/homepages/12 ... e_Jackson/IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache =
http://ca.msn.com/?rd=1IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = en-us
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 76 DB 40 DC 4C AF CA 01 [binary data]
IE - HKCU\..\URLSearchHook: {4e95529d-cfdb-4bc7-940a-ef827c759ac9} - C:\Program Files\ilivememories\tbili1.dll (Conduit Ltd.)
IE - HKCU\..\URLSearchHook: {cb3bede2-e6c0-4a82-9cdd-5d088ccef420} - C:\Program Files\LynCam\tbLyn1.dll (Conduit Ltd.)
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
O1 HOSTS File: ([2003/03/31 05:00:00 | 000,000,734 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (AVG Safe Search) - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG9\avgssie.dll (AVG Technologies CZ, s.r.o.)
O2 - BHO: (ilivememories Toolbar) - {4e95529d-cfdb-4bc7-940a-ef827c759ac9} - C:\Program Files\ilivememories\tbili1.dll (Conduit Ltd.)
O2 - BHO: (Spybot-S&D IE Protection) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - No CLSID value found.
O2 - BHO: (EWPBrowseObject Class) - {68F9551E-0411-48E4-9AAF-4BC42A6A46BE} - C:\Program Files\Canon\Easy-WebPrint\EWPBrowseLoader.dll ()
O2 - BHO: (LynCam Toolbar) - {cb3bede2-e6c0-4a82-9cdd-5d088ccef420} - C:\Program Files\LynCam\tbLyn1.dll (Conduit Ltd.)
O3 - HKLM\..\Toolbar: (Easy-WebPrint) - {327C2873-E90D-4c37-AA9D-10AC9BABA46C} - C:\Program Files\Canon\Easy-WebPrint\Toolband.dll ()
O3 - HKLM\..\Toolbar: (ilivememories Toolbar) - {4e95529d-cfdb-4bc7-940a-ef827c759ac9} - C:\Program Files\ilivememories\tbili1.dll (Conduit Ltd.)
O3 - HKLM\..\Toolbar: (LynCam Toolbar) - {cb3bede2-e6c0-4a82-9cdd-5d088ccef420} - C:\Program Files\LynCam\tbLyn1.dll (Conduit Ltd.)
O3 - HKCU\..\Toolbar\WebBrowser: (ilivememories Toolbar) - {4E95529D-CFDB-4BC7-940A-EF827C759AC9} - C:\Program Files\ilivememories\tbili1.dll (Conduit Ltd.)
O3 - HKCU\..\Toolbar\WebBrowser: (LynCam Toolbar) - {CB3BEDE2-E6C0-4A82-9CDD-5D088CCEF420} - C:\Program Files\LynCam\tbLyn1.dll (Conduit Ltd.)
O4 - HKLM..\Run: [AVG9_TRAY] C:\Program Files\AVG\AVG9\avgtray.exe (AVG Technologies CZ, s.r.o.)
O4 - HKLM..\Run: [C-Media Mixer] C:\WINDOWS\mixer.exe (C-Media Electronic Inc. (
www.cmedia.com.tw))
O4 - HKLM..\Run: [LiveZilla] C:\Program Files\LiveZilla\LiveZilla.exe (LiveZilla GmbH)
O4 - HKLM..\Run: [NvCplDaemon] C:\WINDOWS\System32\NvCpl.DLL (NVIDIA Corporation)
O4 - HKLM..\Run: [NvMediaCenter] C:\WINDOWS\System32\NvMcTray.DLL (NVIDIA Corporation)
O4 - HKLM..\Run: [nwiz] File not found
O4 - HKLM..\Run: [OpwareSE4] C:\Program Files\ScanSoft\OmniPageSE4.0\OpwareSE4.exe (ScanSoft, Inc.)
O4 - HKLM..\Run: [SSBkgdUpdate] C:\Program Files\Common Files\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe (Nuance Communications, Inc.)
O4 - HKCU..\Run: [DRL Sheduler] C:\Program Files\TrafficSeeker 8.0\TrafficSeeker 8.0.exe ()
O4 - HKCU..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe (Safer-Networking Ltd.)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O9 - Extra 'Tools' menuitem : Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
O16 - DPF: {166B1BCA-3F9C-11CF-8075-444553540000}
http://download.macromedia.com/pub/shoc ... tor/sw.cab (Shockwave ActiveX Control)
O16 - DPF: {20A60F0D-9AFA-4515-A0FD-83BD84642501}
http://messenger.zone.msn.com/binary/ms ... b56986.cab (Checkers Class)
O16 - DPF: {5852F5ED-8BF4-11D4-A245-0080C6F74284}
http://javadl-esd.sun.com/update/1.6.0/ ... s-i586.cab (isInstalled Class)
O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24}
http://messenger.zone.msn.com/Messenger ... E_UNO1.cab (UnoCtrl Class)
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C}
http://update.microsoft.com/microsoftup ... 9874265046 (WUWebControl Class)
O16 - DPF: {67DABFBF-D0AB-41FA-9C46-CC0F21721616}
http://download.divx.com/player/DivXBrowserPlugin.cab (Reg Error: Key error.)
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3}
http://update.microsoft.com/microsoftup ... 9874258343 (MUWebControl Class)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93}
http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_18)
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072}
http://messenger.zone.msn.com/binary/Me ... b56907.cab (MessengerStatsClient Class)
O16 - DPF: {CAFEEFAC-0016-0000-0018-ABCDEFFEDCBA}
http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_18)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA}
http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_18)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000}
http://download.macromedia.com/pub/shoc ... wflash.cab (Shockwave Flash Object)
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7}
http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab (Reg Error: Key error.)
O16 - DPF: {E77F23EB-E7AB-4502-8F37-247DBAF1A147}
http://gfx1.hotmail.com/mail/w4/pr01/ph ... NPUpld.cab (Windows Live Hotmail Photo Upload Tool)
O16 - DPF: {F7EDBBEA-1AD2-4EBF-AA07-D453CC29EE65}
https://plugins.valueactive.eu/flashax/iefax.cab (Flash Casino Helper Control)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 24.226.1.93 24.226.10.193 24.226.10.194 24.226.1.94
O18 - Protocol\Handler\linkscanner {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG9\avgpp.dll (AVG Technologies CZ, s.r.o.)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - Winlogon\Notify\avgrsstarter: DllName - avgrsstx.dll - C:\WINDOWS\System32\avgrsstx.dll (AVG Technologies CZ, s.r.o.)
O24 - Desktop WallPaper: C:\Documents and Settings\Owner\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O24 - Desktop BackupWallPaper: C:\Documents and Settings\Owner\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2010/02/16 22:25:56 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O33 - MountPoints2\{5910b839-26ff-11df-990b-0050fc575b41}\Shell - "" = AutoRun
O33 - MountPoints2\{5910b839-26ff-11df-990b-0050fc575b41}\Shell\AutoRun - "" = Auto&Play
O33 - MountPoints2\{5910b839-26ff-11df-990b-0050fc575b41}\Shell\AutoRun\command - "" = F:\MI.exe -- File not found
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
NetSvcs: 6to4 - File not found
NetSvcs: Ias - C:\WINDOWS\system32\ias [2010/02/16 22:25:24 | 000,000,000 | ---D | M]
NetSvcs: Iprip - File not found
NetSvcs: Irmon - File not found
NetSvcs: NWCWorkstation - File not found
NetSvcs: Nwsapagent - File not found
NetSvcs: Wmi - C:\WINDOWS\system32\wmi.dll (Microsoft Corporation)
NetSvcs: WmdmPmSp - File not found
Drivers32: msacm.l3acm - C:\WINDOWS\system32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: msacm.siren - C:\WINDOWS\System32\sirenacm.dll (Microsoft Corporation)
Drivers32: msacm.sl_anet - C:\WINDOWS\System32\sl_anet.acm (Sipro Lab Telecom Inc.)
Drivers32: msacm.trspch - C:\WINDOWS\System32\tssoft32.acm (DSP GROUP, INC.)
Drivers32: MSVideo8 - C:\WINDOWS\System32\vfwwdm32.dll (Microsoft Corporation)
Drivers32: vidc.cvid - C:\WINDOWS\System32\iccvid.dll (Radius Inc.)
Drivers32: vidc.iv31 - C:\WINDOWS\System32\ir32_32.dll ()
Drivers32: vidc.iv32 - C:\WINDOWS\System32\ir32_32.dll ()
Drivers32: VIDC.SP54 - SP5X_32.DLL File not found
CREATERESTOREPOINT
Restore point Set: OTL Restore Point (16902053519425536)
========== Files/Folders - Created Within 90 Days ========== [2010/06/09 22:40:53 | 000,572,416 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\Owner\Desktop\OTL.exe
[2010/06/07 23:38:28 | 000,000,000 | ---D | C] -- C:\Program Files\TrendMicro
[2010/06/07 23:32:55 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\TEMP
[2010/06/07 23:32:41 | 000,000,000 | ---D | C] -- C:\Program Files\SpywareBlaster
[2010/06/07 23:22:24 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Owner\Application Data\Malwarebytes
[2010/06/07 23:22:13 | 000,038,224 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbamswissarmy.sys
[2010/06/07 23:22:12 | 000,020,952 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbam.sys
[2010/06/07 23:22:12 | 000,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware
[2010/06/07 23:22:12 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Malwarebytes
[2010/06/07 21:29:54 | 000,000,000 | ---D | C] -- C:\Program Files\Spybot - Search & Destroy
[2010/06/07 21:29:54 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy
[2010/06/06 14:56:15 | 000,000,000 | ---D | C] -- C:\WINDOWS\SETUP536
[2010/05/31 22:21:50 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Owner\Desktop\Re_ ___783254-4624325
[2010/05/20 00:27:53 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Owner\Desktop\daveresumes
[2010/05/15 22:42:02 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Sling Media
[2010/05/12 13:28:24 | 000,000,000 | R--D | C] -- C:\Documents and Settings\Owner\Desktop\mp3
[2010/05/12 12:10:09 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Owner\My Documents\BearShare
[2010/05/12 12:09:14 | 000,483,328 | ---- | C] (SoftShape Development) -- C:\WINDOWS\System32\actskn45.ocx
[2010/04/25 23:03:14 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Owner\Desktop\templates
[2010/04/25 23:01:27 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Owner\My Documents\templates
[2010/04/20 16:33:24 | 000,000,000 | ---D | C] -- C:\Program Files\Mozilla Firefox
[2010/04/18 18:16:23 | 000,000,000 | ---D | C] -- C:\Program Files\Ahau Casino Games
[2010/04/17 23:37:37 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\{AE01F120-F4D3-4BE7-B93B-5D4404416C1E}
[2010/04/17 23:37:32 | 000,000,000 | ---D | C] -- C:\Program Files\LiveZilla
[2010/03/31 09:54:18 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Owner\Local Settings\Application Data\Mozilla
[2010/03/29 16:30:21 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Owner\My Documents\My Web CEO Projects
[2010/03/28 23:28:52 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Owner\Local Settings\Application Data\ilivememories
[2010/03/28 23:28:50 | 000,000,000 | ---D | C] -- C:\Program Files\ilivememories
[2010/03/26 18:49:45 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Owner\Desktop\Flags
[2010/03/25 20:16:55 | 000,000,000 | ---D | C] -- C:\Program Files\Windows Live Safety Center
[2010/03/25 09:33:42 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Owner\My Documents\LiveZilla
[2010/03/25 00:23:39 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Owner\Application Data\GetRightToGo
[2010/03/19 15:51:03 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Owner\Desktop\self
[2010/03/18 15:50:33 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Owner\My Documents\Insight Software
[2010/03/18 15:50:22 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Documents\Insight Software Solutions
[2010/03/18 15:50:22 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Insight Software Solutions
[2010/03/18 15:50:22 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Documents\Insight Software
[2010/03/18 15:50:22 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Insight Software
[2010/03/18 00:02:15 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Owner\Desktop\Greenemotion
[2010/03/17 11:50:40 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Owner\Local Settings\Application Data\Scansoft
[2010/03/14 11:23:20 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\InstallShield
[2010/03/14 11:23:17 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Owner\Application Data\ScanSoft
[2010/03/14 11:23:04 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\ScanSoft Shared
[2010/03/14 11:23:04 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\ScanSoft
[2010/03/14 11:22:31 | 000,000,000 | ---D | C] -- C:\Program Files\ScanSoft
[2010/03/12 10:10:31 | 000,012,464 | ---- | C] (AVG Technologies CZ, s.r.o.) -- C:\WINDOWS\System32\avgrsstx.dll
[6 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
[4 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
========== Files - Modified Within 90 Days ========== [2010/06/09 22:40:53 | 000,572,416 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Owner\Desktop\OTL.exe
[2010/06/09 22:37:26 | 004,718,592 | -H-- | M] () -- C:\Documents and Settings\Owner\NTUSER.DAT
[2010/06/09 22:37:13 | 000,272,239 | ---- | M] () -- C:\WINDOWS\System32\NvApps.xml
[2010/06/09 22:36:45 | 000,012,662 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2010/06/09 22:36:38 | 000,000,304 | -HS- | M] () -- C:\WINDOWS\tasks\Zghtbernp.job
[2010/06/09 22:36:38 | 000,000,006 | -H-- | M] () -- C:\WINDOWS\tasks\SA.DAT
[2010/06/09 22:36:34 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2010/06/09 22:30:36 | 000,002,441 | ---- | M] () -- C:\Documents and Settings\Owner\Desktop\HiJackThis.lnk
[2010/06/09 17:05:53 | 060,871,309 | ---- | M] () -- C:\WINDOWS\System32\drivers\Avg\incavi.avm
[2010/06/09 11:19:09 | 000,000,260 | ---- | M] () -- C:\WINDOWS\tasks\Volume Control.job
[2010/06/07 23:32:47 | 000,000,690 | ---- | M] () -- C:\Documents and Settings\Owner\Desktop\SpywareBlaster.lnk
[2010/06/07 00:24:04 | 000,048,493 | ---- | M] () -- C:\Documents and Settings\Owner\Desktop\bev3.jpg
[2010/06/06 22:53:29 | 000,005,120 | ---- | M] () -- C:\Documents and Settings\Owner\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2010/06/06 02:55:00 | 000,000,354 | ---- | M] () -- C:\WINDOWS\tasks\Driver Fetch.job
[2010/06/03 22:28:26 | 000,001,324 | ---- | M] () -- C:\WINDOWS\System32\d3d9caps.dat
[2010/06/03 08:07:55 | 000,242,896 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\WINDOWS\System32\drivers\avgtdix.sys
[2010/06/03 08:07:53 | 000,029,584 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\WINDOWS\System32\drivers\avgmfx86.sys
[2010/06/02 08:21:50 | 000,432,356 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
[2010/06/02 08:21:50 | 000,067,312 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
[2010/06/02 08:21:47 | 000,508,956 | ---- | M] () -- C:\WINDOWS\System32\PerfStringBackup.INI
[2010/06/01 08:15:25 | 000,085,504 | RHS- | M] () -- C:\WINDOWS\System32\proquotan.dll
[2010/05/23 12:02:16 | 000,000,541 | ---- | M] () -- C:\WINDOWS\win.ini
[2010/05/17 14:35:23 | 000,000,326 | ---- | M] () -- C:\Documents and Settings\Owner\Desktop\Cashcade Affiliate Program - NetRefer 4.1 - Media Gallery.url
[2010/05/15 01:23:52 | 000,000,043 | ---- | M] () -- C:\Documents and Settings\Owner\Desktop\spaceout.gif
[2010/05/12 21:03:47 | 000,000,588 | ---- | M] () -- C:\Documents and Settings\Owner\My Documents\BRANDON BEING BRANDON.rtf
[2010/05/05 20:07:18 | 000,000,075 | ---- | M] () -- C:\Documents and Settings\Owner\jagex_runescape_preferences2.dat
[2010/05/05 19:33:31 | 000,000,041 | ---- | M] () -- C:\Documents and Settings\Owner\jagex_runescape_preferences.dat
[2010/05/05 15:14:06 | 000,022,176 | ---- | M] () -- C:\Documents and Settings\Owner\Local Settings\Application Data\GDIPFONTCACHEV1.DAT
[2010/05/05 15:13:05 | 000,114,968 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2010/05/05 15:11:18 | 000,000,178 | -HS- | M] () -- C:\Documents and Settings\Owner\ntuser.ini
[2010/05/03 11:33:29 | 000,001,729 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Adobe Reader 9.lnk
[2010/05/03 00:06:20 | 000,026,059 | ---- | M] () -- C:\Documents and Settings\Owner\Desktop\Tiger_Growl.jpg
[2010/04/29 15:39:38 | 000,038,224 | ---- | M] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbamswissarmy.sys
[2010/04/29 15:39:26 | 000,020,952 | ---- | M] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbam.sys
[2010/04/26 23:54:35 | 036,718,081 | ---- | M] () -- C:\Documents and Settings\Owner\Desktop\lion1010.pspimage
[2010/04/26 22:02:27 | 000,546,405 | ---- | M] () -- C:\Documents and Settings\Owner\Desktop\lion1010.jpg
[2010/04/25 11:08:59 | 000,000,211 | ---- | M] () -- C:\Documents and Settings\Owner\Desktop\LynCam Casino - Poker Baccarat Blackjack Slots Bingo Craps Roulette Freeplay.url
[2010/04/24 00:10:34 | 000,054,140 | ---- | M] () -- C:\Documents and Settings\Owner\Desktop\150cafe.png
[2010/04/14 16:44:25 | 000,000,000 | ---- | M] () -- C:\Documents and Settings\Owner\jagex__preferences3.dat
[2010/04/13 15:50:04 | 004,169,301 | ---- | M] () -- C:\Program Files\FileZilla_3.3.2.1_win32-setup.exe
[2010/04/05 23:45:29 | 018,694,218 | ---- | M] () -- C:\Documents and Settings\Owner\Desktop\Image1.pspimage
[2010/03/31 09:54:28 | 000,000,000 | ---- | M] () -- C:\WINDOWS\nsreg.dat
[2010/03/29 15:32:35 | 000,000,754 | ---- | M] () -- C:\WINDOWS\WORDPAD.INI
[2010/03/24 20:24:33 | 000,000,233 | ---- | M] () -- C:\Documents and Settings\Owner\Desktop\Free Games Download free Games. Secure Games for PC in Free Ride Games.url
[2010/03/24 18:59:13 | 000,154,596 | ---- | M] () -- C:\Documents and Settings\Owner\My Documents\LynCamCasinoScreenshot.jpg
[2010/03/23 22:03:32 | 000,004,777 | ---- | M] () -- C:\Documents and Settings\Owner\My Documents\lynbE.jpg
[2010/03/16 19:30:25 | 000,000,839 | ---- | M] () -- C:\Documents and Settings\Owner\Desktop\ilivememories.com Secure WebDisk.lnk
[2010/03/14 11:23:23 | 000,000,416 | ---- | M] () -- C:\WINDOWS\MAXLINK.INI
[2010/03/12 10:42:29 | 006,412,378 | -H-- | M] () -- C:\Documents and Settings\Owner\Local Settings\Application Data\IconCache.db
[2010/03/12 10:10:31 | 000,012,464 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\WINDOWS\System32\avgrsstx.dll
[2010/03/12 10:08:34 | 000,216,200 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\WINDOWS\System32\drivers\avgldx86.sys
[6 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
[4 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
========== Files Created - No Company Name ========== [2010/06/07 23:38:28 | 000,002,441 | ---- | C] () -- C:\Documents and Settings\Owner\Desktop\HiJackThis.lnk
[2010/06/07 23:32:47 | 000,000,690 | ---- | C] () -- C:\Documents and Settings\Owner\Desktop\SpywareBlaster.lnk
[2010/06/07 00:23:55 | 000,048,493 | ---- | C] () -- C:\Documents and Settings\Owner\Desktop\bev3.jpg
[2010/06/06 19:59:43 | 000,052,236 | ---- | C] () -- C:\Documents and Settings\Owner\Desktop\PICT0026.JPG
[2010/06/06 15:46:30 | 000,050,792 | ---- | C] () -- C:\Documents and Settings\Owner\Desktop\PICT0010.JPG
[2010/06/06 15:46:18 | 000,051,713 | ---- | C] () -- C:\Documents and Settings\Owner\Desktop\PICT0016.JPG
[2010/06/06 15:46:01 | 000,052,143 | ---- | C] () -- C:\Documents and Settings\Owner\Desktop\PICT0021.JPG
[2010/06/06 15:45:36 | 000,052,241 | ---- | C] () -- C:\Documents and Settings\Owner\Desktop\PICT0019.JPG
[2010/06/06 15:45:28 | 000,051,891 | ---- | C] () -- C:\Documents and Settings\Owner\Desktop\PICT0017.JPG
[2010/06/06 14:56:15 | 000,000,679 | ---- | C] () -- C:\WINDOWS\Remove.ini
[2010/06/01 08:15:29 | 000,000,304 | -HS- | C] () -- C:\WINDOWS\tasks\Zghtbernp.job
[2010/06/01 08:15:25 | 000,085,504 | RHS- | C] () -- C:\WINDOWS\System32\proquotan.dll
[2010/05/31 17:50:35 | 000,051,290 | ---- | C] () -- C:\Documents and Settings\Owner\Desktop\PICT0004.JPG
[2010/05/17 14:35:23 | 000,000,326 | ---- | C] () -- C:\Documents and Settings\Owner\Desktop\Cashcade Affiliate Program - NetRefer 4.1 - Media Gallery.url
[2010/05/15 22:42:02 | 000,021,996 | ---- | C] () -- C:\Documents and Settings\All Users\Application Data\SlingSetup.log
[2010/05/15 01:27:04 | 000,000,043 | ---- | C] () -- C:\Documents and Settings\Owner\Desktop\spaceout.gif
[2010/05/14 13:37:19 | 000,052,999 | ---- | C] () -- C:\Documents and Settings\Owner\My Documents\coftbl3.JPG
[2010/05/14 13:36:52 | 000,052,522 | ---- | C] () -- C:\Documents and Settings\Owner\My Documents\coftble2.JPG
[2010/05/14 13:36:24 | 000,051,880 | ---- | C] () -- C:\Documents and Settings\Owner\My Documents\coftbl.JPG
[2010/05/14 13:33:11 | 000,052,578 | ---- | C] () -- C:\Documents and Settings\Owner\My Documents\PICT2750.JPG
[2010/05/14 13:33:00 | 000,052,257 | ---- | C] () -- C:\Documents and Settings\Owner\My Documents\PICT2748.JPG
[2010/05/14 13:32:29 | 000,052,439 | ---- | C] () -- C:\Documents and Settings\Owner\My Documents\PICT2749.JPG
[2010/05/12 21:03:47 | 000,000,588 | ---- | C] () -- C:\Documents and Settings\Owner\My Documents\BRANDON BEING BRANDON.rtf
[2010/05/03 11:33:29 | 000,001,729 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Adobe Reader 9.lnk
[2010/05/03 00:06:32 | 000,026,059 | ---- | C] () -- C:\Documents and Settings\Owner\Desktop\Tiger_Growl.jpg
[2010/04/26 22:02:26 | 000,546,405 | ---- | C] () -- C:\Documents and Settings\Owner\Desktop\lion1010.jpg
[2010/04/26 20:16:38 | 036,718,081 | ---- | C] () -- C:\Documents and Settings\Owner\Desktop\lion1010.pspimage
[2010/04/25 11:08:59 | 000,000,211 | ---- | C] () -- C:\Documents and Settings\Owner\Desktop\LynCam Casino - Poker Baccarat Blackjack Slots Bingo Craps Roulette Freeplay.url
[2010/04/23 23:50:53 | 000,054,140 | ---- | C] () -- C:\Documents and Settings\Owner\Desktop\150cafe.png
[2010/04/14 16:44:25 | 000,000,000 | ---- | C] () -- C:\Documents and Settings\Owner\jagex__preferences3.dat
[2010/04/13 15:49:52 | 004,169,301 | ---- | C] () -- C:\Program Files\FileZilla_3.3.2.1_win32-setup.exe
[2010/04/05 23:39:51 | 018,694,218 | ---- | C] () -- C:\Documents and Settings\Owner\Desktop\Image1.pspimage
[2010/03/31 09:54:28 | 000,000,000 | ---- | C] () -- C:\WINDOWS\nsreg.dat
[2010/03/29 15:32:35 | 000,000,754 | ---- | C] () -- C:\WINDOWS\WORDPAD.INI
[2010/03/24 18:59:13 | 000,154,596 | ---- | C] () -- C:\Documents and Settings\Owner\My Documents\LynCamCasinoScreenshot.jpg
[2010/03/23 22:03:32 | 000,004,777 | ---- | C] () -- C:\Documents and Settings\Owner\My Documents\lynbE.jpg
[2010/03/18 15:12:51 | 000,502,559 | ---- | C] () -- C:\Documents and Settings\Owner\My Documents\15a8.jpg
[2010/03/16 19:30:25 | 000,000,839 | ---- | C] () -- C:\Documents and Settings\Owner\Desktop\ilivememories.com Secure WebDisk.lnk
[2010/03/14 11:23:23 | 000,000,416 | ---- | C] () -- C:\WINDOWS\MAXLINK.INI
[2010/02/16 20:53:58 | 000,000,025 | ---- | C] () -- C:\WINDOWS\mixerdef.ini
[2010/02/16 14:56:18 | 000,135,168 | ---- | C] () -- C:\WINDOWS\System32\RtlCPAPI.dll
========== LOP Check ========== [2010/06/02 08:19:56 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\avg9
[2010/02/21 12:47:43 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Application Data\CanonBJ
[2010/03/18 15:50:22 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Insight Software
[2010/03/18 15:50:24 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Insight Software Solutions
[2010/03/14 11:23:14 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\ScanSoft
[2010/05/15 22:42:02 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Sling Media
[2010/06/07 23:32:55 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\TEMP
[2010/04/17 23:37:37 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\{AE01F120-F4D3-4BE7-B93B-5D4404416C1E}
[2010/06/09 14:42:26 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Owner\Application Data\FileZilla
[2010/03/25 01:04:58 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Owner\Application Data\GetRightToGo
[2010/03/14 11:23:17 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Owner\Application Data\ScanSoft
[2010/06/06 02:55:00 | 000,000,354 | ---- | M] () -- C:\WINDOWS\Tasks\Driver Fetch.job
[2010/06/09 11:19:09 | 000,000,260 | ---- | M] () -- C:\WINDOWS\Tasks\Volume Control.job
[2010/06/09 22:36:38 | 000,000,304 | -HS- | M] () -- C:\WINDOWS\Tasks\Zghtbernp.job
========== Purity Check ========== ========== Custom Scans ========== < %SYSTEMDRIVE%\*.* >[2010/02/16 22:25:56 | 000,000,000 | ---- | M] () -- C:\AUTOEXEC.BAT
[2002/01/01 12:12:15 | 000,000,215 | -HS- | M] () -- C:\boot.ini
[2010/02/16 22:25:56 | 000,000,000 | ---- | M] () -- C:\CONFIG.SYS
[2010/02/16 22:25:56 | 000,000,000 | RHS- | M] () -- C:\IO.SYS
[2010/02/16 22:25:56 | 000,000,000 | RHS- | M] () -- C:\MSDOS.SYS
[2003/03/31 05:00:00 | 000,024,448 | RHS- | M] (Microsoft Corporation) -- C:\NTBOOTDD.SYS
[2010/02/16 13:22:01 | 000,047,564 | RHS- | M] () -- C:\NTDETECT.COM
[2010/02/16 15:26:12 | 000,250,048 | RHS- | M] () -- C:\ntldr
[2010/06/09 22:36:30 | 1610,612,736 | -HS- | M] () -- C:\pagefile.sys
< %systemroot%\*. /mp /s > < %systemroot%\system32\*.dll /lockedfiles >[2010/06/01 08:15:25 | 000,085,504 | RHS- | M] ()
Unable to obtain MD5 -- C:\WINDOWS\system32\proquotan.dll
[6 C:\WINDOWS\system32\*.tmp files -> C:\WINDOWS\system32\*.tmp -> ]
< %systemroot%\Tasks\*.job /lockedfiles >[2010/06/09 22:36:38 | 000,000,304 | -HS- | M] ()
Unable to obtain MD5 -- C:\WINDOWS\Tasks\Zghtbernp.job
< %systemroot%\System32\config\*.sav >[2010/02/16 14:05:33 | 000,094,208 | ---- | M] () -- C:\WINDOWS\system32\config\default.sav
[2010/02/16 14:05:33 | 000,602,112 | ---- | M] () -- C:\WINDOWS\system32\config\software.sav
[2010/02/16 14:05:33 | 000,397,312 | ---- | M] () -- C:\WINDOWS\system32\config\system.sav
< %systemroot%\system32\user32.dll /md5 >[2008/04/13 17:12:08 | 000,578,560 | ---- | M] (Microsoft Corporation) MD5=B26B135FF1B9F60C9388B4A7D16F600B -- C:\WINDOWS\system32\user32.dll
[6 C:\WINDOWS\system32\*.tmp files -> C:\WINDOWS\system32\*.tmp -> ]
< %systemroot%\system32\ws2_32.dll /md5 >[2008/04/13 17:12:10 | 000,082,432 | ---- | M] (Microsoft Corporation) MD5=2CCC474EB85CEAA3E1FA1726580A3E5A -- C:\WINDOWS\system32\ws2_32.dll
[6 C:\WINDOWS\system32\*.tmp files -> C:\WINDOWS\system32\*.tmp -> ]
< End of report >
Extras.txt is below
OTL Extras logfile created on: 6/9/2010 10:41:50 PM - Run 1
OTL by OldTimer - Version 3.2.6.0 Folder = C:\Documents and Settings\Owner\Desktop
Windows XP Home Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy
1.00 Gb Total Physical Memory | 1.00 Gb Available Physical Memory | 52.00% Memory free
3.00 Gb Paging File | 2.00 Gb Available in Paging File | 78.00% Paging File free
Paging file location(s): C:\pagefile.sys 1536 3072 [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 18.64 Gb Total Space | 8.51 Gb Free Space | 45.67% Space Free | Partition Type: NTFS
D: Drive not present or media not loaded
E: Drive not present or media not loaded
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded
Computer Name: MOM-4D5NV8QZZNC
Current User Name: Owner
Logged in as Administrator.
Current Boot Mode: Normal
Scan Mode: Current user
Company Name Whitelist: On
Skip Microsoft Files: On
File Age = 90 Days
Output = Standard
Quick Scan
========== Extra Registry (SafeList) ========== ========== File Associations ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
========== Shell Spawning ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
jsfile [edit] -- "C:\Program Files\Macromedia\Dreamweaver 8\dreamweaver.exe" "%1" (Macromedia, Inc.)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l (Microsoft Corporation)
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
========== Security Center Settings ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"AntiVirusDisableNotify" = 0
"FirewallDisableNotify" = 0
"UpdatesDisableNotify" = 0
"AntiVirusOverride" = 0
"FirewallOverride" = 0
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
========== Authorized Applications List ========== [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
"C:\Program Files\Windows Live\Messenger\wlcsdk.exe" = C:\Program Files\Windows Live\Messenger\wlcsdk.exe:*:Enabled:Windows Live Call -- (Microsoft Corporation)
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"C:\Program Files\Windows Live\Messenger\wlcsdk.exe" = C:\Program Files\Windows Live\Messenger\wlcsdk.exe:*:Enabled:Windows Live Call -- (Microsoft Corporation)
"C:\Program Files\AVG\AVG9\avgemc.exe" = C:\Program Files\AVG\AVG9\avgemc.exe:*:Enabled:avgemc.exe -- (AVG Technologies CZ, s.r.o.)
"C:\Program Files\AVG\AVG9\avgupd.exe" = C:\Program Files\AVG\AVG9\avgupd.exe:*:Enabled:avgupd.exe -- (AVG Technologies CZ, s.r.o.)
"C:\Program Files\AVG\AVG9\avgnsx.exe" = C:\Program Files\AVG\AVG9\avgnsx.exe:*:Enabled:avgnsx.exe -- (AVG Technologies CZ, s.r.o.)
"C:\WINDOWS\system32\mmc.exe" = C:\WINDOWS\system32\mmc.exe:*:Enabled:Microsoft Management Console -- (Microsoft Corporation)
"C:\WINDOWS\system32\dpvsetup.exe" = C:\WINDOWS\system32\dpvsetup.exe:*:Enabled:Microsoft DirectPlay Voice Test -- (Microsoft Corporation)
"C:\WINDOWS\system32\rtcshare.exe" = C:\WINDOWS\system32\rtcshare.exe:*:Enabled:RTC App Sharing -- (Microsoft Corporation)
"C:\Program Files\NetMeeting\conf.exe" = C:\Program Files\NetMeeting\conf.exe:*:Enabled:Windows® NetMeeting® -- (Microsoft Corporation)
"C:\Program Files\LiveZilla\LiveZilla Server Admin.exe" = C:\Program Files\LiveZilla\LiveZilla Server Admin.exe:*:Enabled:LiveZilla Server Admin -- (LiveZilla GmbH)
"C:\Program Files\BearShare Applications\BearShare\BearShare.exe" = C:\Program Files\BearShare Applications\BearShare\BearShare.exe:*:Enabled:BearShare -- File not found
========== HKEY_LOCAL_MACHINE Uninstall List ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{0761C9A8-8F3A-4216-B4A7-B7AFBF24A24A}" = HiJackThis
"{0837A661-FEC3-48B3-876C-91E7D32048A9}" = Macromedia Dreamweaver 8
"{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MP460" = Canon MP460
"{205C6BDD-7B73-42DE-8505-9A093F35A238}" = Windows Live Upload Tool
"{22B775E7-6C42-4FC5-8E10-9A5E3257BD94}" = MSVCRT
"{26A24AE4-039D-4CA4-87B4-2F83216018FF}" = Java(TM) 6 Update 18
"{350C97B0-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP
"{45338B07-A236-4270-9A77-EBB4115517B5}" = Windows Live Sign-in Assistant
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{5546CDB5-2CE2-498B-B059-5B3BF81FC41F}" = Macromedia Extension Manager
"{7B08D306-7266-4647-A926-2F78817ED1E0}" = Microsoft Corporation
"{81128EE8-8EAD-4DB0-85C6-17C2CE50FF71}" = Windows Live Essentials
"{81A34902-9D0B-4920-A25C-4CDC5D14B328}" = Jasc Paint Shop Pro 8
"{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting
"{A1F66FC9-11EE-4F2F-98C9-16F8D1E69FB7}" = Segoe UI
"{A2BCA9F1-566C-4805-97D1-7FDC93386723}" = Adobe AIR
"{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}" = Microsoft .NET Framework 3.0 Service Pack 2
"{A85FD55B-891B-4314-97A5-EA96C0BD80B5}" = Windows Live Messenger
"{AC76BA86-7AD7-1033-7B44-A93000000001}" = Adobe Reader 9.3.2
"{B4092C6D-E886-4CB2-BA68-FE5A88D31DE6}_is1" = Spybot - Search & Destroy
"{B43357AA-3A6D-4D94-B56E-43C44D09E548}" = Microsoft .NET Framework (English)
"{BAF78226-3200-4DB4-BE33-4D922A799840}" = Windows Presentation Foundation
"{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}" = Microsoft .NET Framework 2.0 Service Pack 2
"{C1E693A4-B1D5-4DCD-B68D-2087835B7184}" = ScanSoft OmniPage SE 4.0
"{C4C91E02-D4E2-481E-BCBA-7D90CC8D43E1}" = LiveZilla
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{D4CB7852-8308-4BBB-AF7D-48F073B58507}" = Polaroid Digital Cam
"{DF7CFCDF-08ED-4BFA-8980-9F8F3A9596B3}" = TrafficSeeker 8.0
"{ED00D08A-3C5F-488D-93A0-A04F21F23956}" = Windows Live Communications Platform
"{F0E12BBA-AD66-4022-A453-A1C8A0C4D570}" = Microsoft Choice Guard
"{F6BD194C-4190-4D73-B1B1-C48C99921BFE}" = Windows Live Call
"{FB08F381-6533-4108-B7DD-039E11FBC27E}" = Realtek AC'97 Audio
"Adobe AIR" = Adobe AIR
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"Adobe Shockwave Player" = Adobe Shockwave Player 11.5
"AVG9Uninstall" = AVG Free 9.0
"Easy-PhotoPrint" = Canon Utilities Easy-PhotoPrint
"Easy-WebPrint" = Easy-WebPrint
"FileZilla Client" = FileZilla Client 3.3.2.1
"ie8" = Windows Internet Explorer 8
"ilivememories Toolbar" = ilivememories Toolbar
"LiveZilla" = LiveZilla
"LynCam Toolbar" = LynCam Toolbar
"Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"Microsoft .NET Framework Full v1.0.3705 (1033)" = Microsoft .NET Framework (English) v1.0.3705
"NVIDIA Display Control Panel" = NVIDIA Display Control Panel
"NVIDIA Drivers" = NVIDIA Drivers
"NVIDIA nView Desktop Manager" = NVIDIA nView Desktop Manager
"PCI Audio Driver" = PCI Audio Driver
"SpywareBlaster_is1" = SpywareBlaster 4.3
"SWiSHmax" = SWiSHmax
"WebCEO70_is1" = Web CEO 8.1
"Windows Live OneCare safety scanner" = Windows Live OneCare safety scanner
"Windows Media Format Runtime" = Windows Media Format 11 runtime
"Windows XP Service Pack" = Windows XP Service Pack 3
"WinLiveSuite_Wave3" = Windows Live Essentials
"WMFDist11" = Windows Media Format 11 runtime
"XpsEPSC" = XML Paper Specification Shared Components Pack 1.0
========== Last 10 Event Log Errors ========== [ Application Events ]
Error - 4/4/2010 3:38:01 PM | Computer Name = MOM-4D5NV8QZZNC | Source = Application Hang | ID = 1002
Description = Hanging application iexplore.exe, version 8.0.6001.18702, hang module
hungapp, version 0.0.0.0, hang address 0x00000000.
Error - 4/8/2010 8:17:24 PM | Computer Name = MOM-4D5NV8QZZNC | Source = Application Hang | ID = 1002
Description = Hanging application iexplore.exe, version 8.0.6001.18702, hang module
hungapp, version 0.0.0.0, hang address 0x00000000.
Error - 4/8/2010 8:17:35 PM | Computer Name = MOM-4D5NV8QZZNC | Source = Application Hang | ID = 1002
Description = Hanging application iexplore.exe, version 8.0.6001.18702, hang module
hungapp, version 0.0.0.0, hang address 0x00000000.
Error - 4/8/2010 8:17:39 PM | Computer Name = MOM-4D5NV8QZZNC | Source = Application Hang | ID = 1002
Description = Hanging application iexplore.exe, version 8.0.6001.18702, hang module
hungapp, version 0.0.0.0, hang address 0x00000000.
Error - 4/8/2010 8:37:24 PM | Computer Name = MOM-4D5NV8QZZNC | Source = Application Hang | ID = 1002
Description = Hanging application rundll32.exe, version 5.1.2600.5512, hang module
hungapp, version 0.0.0.0, hang address 0x00000000.
Error - 4/8/2010 8:37:24 PM | Computer Name = MOM-4D5NV8QZZNC | Source = Application Hang | ID = 1002
Description = Hanging application rundll32.exe, version 5.1.2600.5512, hang module
hungapp, version 0.0.0.0, hang address 0x00000000.
Error - 4/8/2010 8:37:24 PM | Computer Name = MOM-4D5NV8QZZNC | Source = Application Hang | ID = 1002
Description = Hanging application rundll32.exe, version 5.1.2600.5512, hang module
hungapp, version 0.0.0.0, hang address 0x00000000.
Error - 4/8/2010 8:38:09 PM | Computer Name = MOM-4D5NV8QZZNC | Source = Application Hang | ID = 1002
Description = Hanging application iexplore.exe, version 8.0.6001.18702, hang module
hungapp, version 0.0.0.0, hang address 0x00000000.
Error - 4/8/2010 8:38:09 PM | Computer Name = MOM-4D5NV8QZZNC | Source = Application Hang | ID = 1002
Description = Hanging application iexplore.exe, version 8.0.6001.18702, hang module
hungapp, version 0.0.0.0, hang address 0x00000000.
Error - 4/8/2010 8:40:00 PM | Computer Name = MOM-4D5NV8QZZNC | Source = Application Hang | ID = 1002
Description = Hanging application iexplore.exe, version 8.0.6001.18702, hang module
hungapp, version 0.0.0.0, hang address 0x00000000.
[ System Events ]
Error - 4/18/2010 9:20:33 PM | Computer Name = MOM-4D5NV8QZZNC | Source = Service Control Manager | ID = 7023
Description = The Application Management service terminated with the following error:
%%126
Error - 4/18/2010 9:20:33 PM | Computer Name = MOM-4D5NV8QZZNC | Source = Service Control Manager | ID = 7023
Description = The Application Management service terminated with the following error:
%%126
Error - 4/18/2010 9:20:33 PM | Computer Name = MOM-4D5NV8QZZNC | Source = Service Control Manager | ID = 7023
Description = The Application Management service terminated with the following error:
%%126
Error - 4/18/2010 9:20:33 PM | Computer Name = MOM-4D5NV8QZZNC | Source = Service Control Manager | ID = 7023
Description = The Application Management service terminated with the following error:
%%126
Error - 4/18/2010 9:20:34 PM | Computer Name = MOM-4D5NV8QZZNC | Source = Service Control Manager | ID = 7023
Description = The Application Management service terminated with the following error:
%%126
Error - 4/18/2010 9:20:34 PM | Computer Name = MOM-4D5NV8QZZNC | Source = Service Control Manager | ID = 7023
Description = The Application Management service terminated with the following error:
%%126
Error - 4/18/2010 9:20:34 PM | Computer Name = MOM-4D5NV8QZZNC | Source = Service Control Manager | ID = 7023
Description = The Application Management service terminated with the following error:
%%126
Error - 1/1/2002 3:04:50 AM | Computer Name = MOM-4D5NV8QZZNC | Source = W32Time | ID = 39452706
Description = The time service has detected that the system time needs to be changed
by +264538492 seconds. The time service will not change the system time by more
than +54000 seconds. Verify that your time and time zone are correct, and that
the time source time.windows.com (ntp.m|0x1|72.39.118.234:123->207.46.232.182:123)
is working properly.
Error - 5/23/2010 9:13:37 PM | Computer Name = MOM-4D5NV8QZZNC | Source = Ntfs | ID = 262199
Description = The file system structure on the disk is corrupt and unusable. Please
run the chkdsk utility on the volume C:.
Error - 5/28/2010 10:07:58 AM | Computer Name = MOM-4D5NV8QZZNC | Source = Dhcp | ID = 1000
Description = Your computer has lost the lease to its IP address 72.39.118.234 on
the Network Card with network address 0050FC575B41.
< End of report >