When I open my machine I get the message "Windows cannot find E:\Inkli-10Reminder.exe"
To remove this message I'm told to remove this iformation from the register. I don't know how to even access the registry.
This probably has something to so with installing Quicken over an already installed application, but I don't know.
gnuma
0
Newbie Poster
Recommended Answers
Jump to Posti think the program you want to find is regedit.exe
you can type it in the run line, or do a search for where it is.
the registry is huge, but it has it's own search box(find..probably)
Jump to Postthere could also be more than one place in the registry where it is.
i usually get those types of errors after migrating an operating system to a different partition. but it sounds like you don't want to still use the program, otherwise i'd say check the *.ini configuration file …
Jump to Postyou can try get a tool like CCleaner to clean the registry for redundant entries
Check also the startup folder to see if a startup shortcut for this prog exist there
Jump to PostYou can also try the following and once you post the log, I can rid the entry for you.
Download OTL to your Desktop.
* Double click on the icon to …
Jump to PostRun OTL
- Under the Custom Scans/Fixes box at the bottom, paste in the following
:OTL F3 - HKCU WinNT: Load - (E:\INKLI~10\REMINDER.EXE) - File not found F3 - HKCU WinNT: Load - (E:\INKLI~10\INKLI~22\REDBOX~2\REMINDER.EXE) - File not found O20 - Winlogon\Notify\RelevantKnowledge: DllName - Reg Error: Value error. - Reg Error: Value …
All 27 Replies
skilly
23
Posting Whiz in Training
i think the program you want to find is regedit.exe
you can type it in the run line, or do a search for where it is.
the registry is huge, but it has it's own search box(find..probably)
gnuma
0
Newbie Poster
Thank you, Skilly
I did get into the registry and found that the application is Studio V, Redbox, Remind.exe
but it is installed on the C:\ drive, I'm puzzled as to why, with no disk in any of the drives, there would be a "call" for any application.
Any further help will be appreciated.
skilly
23
Posting Whiz in Training
there could also be more than one place in the registry where it is.
i usually get those types of errors after migrating an operating system to a different partition. but it sounds like you don't want to still use the program, otherwise i'd say check the *.ini configuration file in the program's folder(if it has one. sometimes you can also fix path errors in the registry(depending on program) that's all i know for now
Ritesh_4
71
Posting Pro
you can try get a tool like CCleaner to clean the registry for redundant entries
Check also the startup folder to see if a startup shortcut for this prog exist there
skilly
commented:
i also like CCleaner
+3
crunchie
990
Most Valuable Poster
Team Colleague
Featured Poster
You can also try the following and once you post the log, I can rid the entry for you.
Download OTL to your Desktop.
* Double click on the icon to run it. Make sure all other windows are closed and to let it run uninterrupted.
* Under the Custom Scan box paste this in:
netsvcs
%SYSTEMDRIVE%\*.exe
/md5start
eventlog.dll
scecli.dll
netlogon.dll
cngaudit.dll
sceclt.dll
ntelogon.dll
logevent.dll
iaStor.sys
nvstor.sys
atapi.sys
IdeChnDr.sys
viasraid.sys
AGP440.sys
vaxscsi.sys
nvatabus.sys
viamraid.sys
nvata.sys
nvgts.sys
iastorv.sys
ViPrt.sys
eNetHook.dll
ahcix86.sys
KR10N.sys
nvstor32.sys
/md5stop
%systemroot%\*. /mp /s
%systemroot%\system32\*.dll /lockedfiles
%systemroot%\System32\config\*.sav
CREATERESTOREPOINT
* Click the Quick Scan button. Do not change any settings unless otherwise told to do so. The scan wont take long.
- When the scan completes, it will open two notepad windows: OTL.txt and Extras.txt. These are saved in the same location as OTL.
- Please copy (Edit->Select All, Edit->Copy) the contents of these files, one at a time, and post them back here.
gnuma
0
Newbie Poster
When I open my machine I get the message "Windows cannot find E:\Inkli-10Reminder.exe"
To remove this message I'm told to remove this iformation from the register. I don't know how to even access the registry.
This probably has something to so with installing Quicken over an already installed application, but I don't know.
OTL logfile created on: 6/21/2011 11:59:41 AM - Run 4
OTL by OldTimer - Version 3.2.24.1 Folder = C:\Documents and Settings\John Brown\Desktop
Windows XP Home Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy
1.44 Gb Total Physical Memory | 0.66 Gb Available Physical Memory | 46.30% Memory free
3.29 Gb Paging File | 2.66 Gb Available in Paging File | 80.89% Paging File free
Paging file location(s): C:\pagefile.sys 2046 4092 [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 74.52 Gb Total Space | 51.11 Gb Free Space | 68.59% Space Free | Partition Type: NTFS
Computer Name: KINGDOM | User Name: John Brown | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days
========== Processes (SafeList) ==========
PRC - [2011/06/21 10:57:21 | 000,579,072 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\John Brown\Desktop\OTL.exe
PRC - [2011/05/01 12:33:59 | 000,924,632 | ---- | M] (Mozilla Corporation) -- C:\Program Files\Mozilla Firefox\firefox.exe
PRC - [2011/04/11 10:04:10 | 003,466,584 | ---- | M] (IObit) -- C:\Program Files\IObit\IObit Security 360\is360.exe
PRC - [2011/03/25 10:38:26 | 002,402,512 | ---- | M] (IObit) -- C:\Program Files\IObit\Advanced SystemCare 3\AWC.exe
PRC - [2011/03/15 15:20:42 | 000,724,152 | ---- | M] (iolo technologies, LLC) -- C:\Program Files\iolo\Common\Lib\ioloServiceManager.exe
PRC - [2011/03/10 18:19:32 | 001,642,840 | ---- | M] (IObit) -- C:\Program Files\IObit\Smart Defrag 2\SmartDefrag.exe
PRC - [2010/12/09 03:45:58 | 000,074,752 | ---- | M] (Nullsoft, Inc.) -- C:\Program Files\Winamp\winampa.exe
PRC - [2010/08/27 13:13:32 | 000,789,680 | ---- | M] () -- C:\Program Files\iolo\System Mechanic Professional\System Shield\ioloSSTray.exe
PRC - [2010/07/23 13:19:26 | 000,296,808 | ---- | M] (Nuance Communications, Inc.) -- C:\Program Files\Common Files\Nuance\dgnsvc.exe
PRC - [2010/07/23 09:46:02 | 000,222,496 | ---- | M] (Acresso Corporation) -- C:\Documents and Settings\All Users\Application Data\FLEXnet\Connect\11\ISUSPM.exe
PRC - [2010/06/11 18:14:24 | 001,280,344 | ---- | M] (IObit) -- C:\Program Files\IObit\IObit Security 360\is360tray.exe
PRC - [2010/06/11 18:14:22 | 000,312,152 | ---- | M] (IObit) -- C:\Program Files\IObit\IObit Security 360\is360srv.exe
PRC - [2010/01/19 19:46:54 | 000,117,288 | ---- | M] (Authentium, Inc) -- C:\Program Files\Common Files\Authentium\AntiVirus5\vsedsps.exe
PRC - [2010/01/19 19:46:48 | 000,121,384 | ---- | M] (Authentium, Inc) -- C:\Program Files\Common Files\Authentium\AntiVirus5\vseamps.exe
PRC - [2009/11/09 01:18:00 | 000,065,216 | ---- | M] (WordWeb Software) -- C:\Program Files\WordWeb\wweb32.exe
PRC - [2008/04/14 05:00:00 | 001,033,728 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
========== Modules (SafeList) ==========
MOD - [2011/06/21 10:57:21 | 000,579,072 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\John Brown\Desktop\OTL.exe
MOD - [2011/01/19 19:53:34 | 000,238,424 | ---- | M] (IObit) -- C:\Program Files\IObit\IObit Security 360\is360mon.dll
MOD - [2010/08/23 09:12:02 | 001,054,208 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.6028_x-ww_61e65202\comctl32.dll
========== Win32 Services (SafeList) ==========
SRV - File not found [On_Demand | Stopped] -- -- (AppMgmt)
SRV - [2011/03/15 15:20:42 | 000,724,152 | ---- | M] (iolo technologies, LLC) [Auto | Running] -- C:\Program Files\iolo\Common\Lib\ioloServiceManager.exe -- (ioloSystemService)
SRV - [2011/03/15 15:20:42 | 000,724,152 | ---- | M] (iolo technologies, LLC) [Auto | Running] -- C:\Program Files\iolo\Common\Lib\ioloServiceManager.exe -- (ioloFileInfoList)
SRV - [2010/07/23 13:19:26 | 000,296,808 | ---- | M] (Nuance Communications, Inc.) [Auto | Running] -- C:\Program Files\Common Files\Nuance\dgnsvc.exe -- (DragonSvc)
SRV - [2010/06/11 18:14:22 | 000,312,152 | ---- | M] (IObit) [Auto | Running] -- C:\Program Files\IObit\IObit Security 360\is360srv.exe -- (IS360service)
SRV - [2010/01/19 19:46:56 | 000,158,248 | ---- | M] (Authentium, Inc) [On_Demand | Stopped] -- C:\Program Files\Common Files\Authentium\AntiVirus5\vseqrts.exe -- (vseqrts)
SRV - [2010/01/19 19:46:54 | 000,117,288 | ---- | M] (Authentium, Inc) [Auto | Running] -- C:\Program Files\Common Files\Authentium\AntiVirus5\vsedsps.exe -- (vsedsps)
SRV - [2010/01/19 19:46:48 | 000,121,384 | ---- | M] (Authentium, Inc) [Auto | Running] -- C:\Program Files\Common Files\Authentium\AntiVirus5\vseamps.exe -- (vseamps)
========== Driver Services (SafeList) ==========
DRV - [2011/02/23 17:04:32 | 000,013,496 | ---- | M] () [Kernel | Boot | Running] -- C:\WINDOWS\System32\Drivers\SmartDefragDriver.sys -- (SmartDefragDriver)
DRV - [2010/06/29 19:30:08 | 000,009,341 | ---- | M] (iolo technologies, LLC (based on original work by Bo Brantén)) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\filedisk.sys -- (FileDisk)
DRV - [2010/01/19 19:53:46 | 000,127,016 | ---- | M] (Authentium, Inc) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\amp.sys -- (AMP)
DRV - [2010/01/19 19:53:44 | 001,118,248 | ---- | M] (Authentium, Inc) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\ampse.sys -- (AMPSE)
DRV - [2008/04/13 15:05:40 | 000,020,992 | ---- | M] (Realtek Semiconductor Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\RTL8139.sys -- (rtl8139) Realtek RTL8139(A/B/C)
DRV - [2007/10/11 18:40:00 | 000,009,096 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\amdide.sys -- (amdide)
DRV - [2005/10/18 14:15:42 | 004,034,048 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\RtkHDAud.Sys -- (IntcAzAudAddService) Service for Realtek HD Audio (WDM)
DRV - [2005/08/30 22:42:36 | 001,333,760 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ati2mtag.sys -- (ati2mtag)
DRV - [2005/08/24 13:56:28 | 000,074,752 | ---- | M] (Realtek Semiconductor Corporation ) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\Rtnicxp.sys -- (RTL8023xp)
========== Standard Registry (SafeList) ==========
========== Internet Explorer ==========
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.msn.com/
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.google.com/ie
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.google.com
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,SearchDefaultBranded = 1
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.rr.com/
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL = http://www.google.com/ie
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.google.com/ie
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = <local>
========== FireFox ==========
FF - prefs.js..browser.search.defaultenginename: "Bing"
FF - prefs.js..browser.search.defaultthis.engineName: "NCH EN Customized Web Search"
FF - prefs.js..browser.search.defaulturl: "http://search.conduit.com/ResultsExt.aspx?ctid=CT2801948&SearchSource=3&q={searchTerms}"
FF - prefs.js..browser.search.selectedEngine: "NCH EN Customized Web Search"
FF - prefs.js..browser.search.useDBForOrder: true
FF - prefs.js..browser.startup.homepage: "www.rr.com"
FF - prefs.js..extensions.enabledItems: {6E19037A-12E3-4295-8915-ED48BC341614}:1.3.328.4
FF - prefs.js..extensions.enabledItems: DefaultManager@Microsoft:2.1
FF - prefs.js..keyword.URL: "http://search.conduit.com/ResultsExt.aspx?ctid=CT2801948&q="
FF - prefs.js..network.proxy.no_proxies_on: "localhost,127.0.0.1"
FF - prefs.js..network.proxy.type: 0
FF - HKLM\software\mozilla\Mozilla Firefox 4.0\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2011/05/01 12:34:12 | 000,000,000 | ---D | M]
[2011/01/03 15:01:57 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\John Brown\Application Data\Mozilla\Extensions
[2011/05/18 12:04:16 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\John Brown\Application Data\Mozilla\Firefox\Profiles\5j02vci3.default\extensions
[2011/03/29 23:20:08 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Documents and Settings\John Brown\Application Data\Mozilla\Firefox\Profiles\5j02vci3.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}
[2011/05/18 12:04:16 | 000,000,000 | ---D | M] (NCH EN Community Toolbar) -- C:\Documents and Settings\John Brown\Application Data\Mozilla\Firefox\Profiles\5j02vci3.default\extensions\{37483b40-c254-4a72-bda4-22ee90182c1e}
[2011/05/14 11:07:55 | 000,000,000 | ---D | M] (Translator 3 Community Toolbar) -- C:\Documents and Settings\John Brown\Application Data\Mozilla\Firefox\Profiles\5j02vci3.default\extensions\{c4fadfd7-ed49-4bc9-bef6-ad0099fa3911}
[2011/03/21 14:05:42 | 000,000,000 | ---D | M] (Microsoft Default Manager) -- C:\Documents and Settings\John Brown\Application Data\Mozilla\Firefox\Profiles\5j02vci3.default\extensions\DefaultManager@Microsoft
[2011/05/18 12:04:08 | 000,000,000 | ---D | M] (Conduit Engine) -- C:\Documents and Settings\John Brown\Application Data\Mozilla\Firefox\Profiles\5j02vci3.default\extensions\engine@conduit.com
[2011/03/21 16:32:57 | 000,001,832 | ---- | M] () -- C:\Documents and Settings\John Brown\Application Data\Mozilla\Firefox\Profiles\5j02vci3.default\searchplugins\bing.xml
[2011/03/21 14:51:06 | 000,000,915 | ---- | M] () -- C:\Documents and Settings\John Brown\Application Data\Mozilla\Firefox\Profiles\5j02vci3.default\searchplugins\conduit.xml
[2011/04/10 18:19:42 | 000,009,946 | ---- | M] () -- C:\Documents and Settings\John Brown\Application Data\Mozilla\Firefox\Profiles\5j02vci3.default\searchplugins\HeadlineAlley_29.xml
[2011/04/01 16:20:21 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions
File not found (No name found) --
[2011/05/01 12:33:58 | 000,142,296 | ---- | M] (Mozilla Foundation) -- C:\Program Files\Mozilla Firefox\components\browsercomps.dll
[2010/01/01 01:00:00 | 000,002,252 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\bing.xml
O1 HOSTS File: ([2008/04/14 05:00:00 | 000,000,734 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O3 - HKLM\..\Toolbar: (RedBox Toolbar) - {e6d87380-6e47-11db-9fe1-0800200c9a66} - C:\Program Files\Studio V5\RedBox7\RedBoxBar.dll ()
O4 - HKLM..\Run: [Alcmtr] C:\WINDOWS\Alcmtr.exe (Realtek Semiconductor Corp.)
O4 - HKLM..\Run: [DNS7reminder] C:\Program Files\Nuance\NaturallySpeaking11\Ereg\Ereg.exe (Nuance Communications, Inc.)
O4 - HKLM..\Run: [IObit Security 360] C:\Program Files\IObit\IObit Security 360\IS360tray.exe (IObit)
O4 - HKLM..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe (Ahead Software Gmbh)
O4 - HKLM..\Run: [Nuance.ctfmngr] C:\Program Files\Nuance\NaturallySpeaking11\Program\ctfmngr.exe (Nuance Communications, Inc.)
O4 - HKLM..\Run: [WinampAgent] C:\Program Files\Winamp\winampa.exe (Nullsoft, Inc.)
O4 - HKCU..\Run: [Advanced SystemCare 3] C:\Program Files\IObit\Advanced SystemCare 3\AWC.exe (IObit)
O4 - HKCU..\Run: [ISUSPM] C:\Documents and Settings\All Users\Application Data\FLEXnet\Connect\11\ISUSPM.exe (Acresso Corporation)
O4 - HKCU..\Run: [WordWeb] C:\Program Files\WordWeb\wweb32.exe (WordWeb Software)
F3 - HKCU WinNT: Load - (E:\INKLI~10\REMINDER.EXE) - File not found
F3 - HKCU WinNT: Load - (E:\INKLI~10\INKLI~22\REDBOX~2\REMINDER.EXE) - File not found
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Infodelivery present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: LinkResolveIgnoreLinkInfo = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoResolveSearch = 1
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: LinkResolveIgnoreLinkInfo = 0
O8 - Extra context menu item: Add to Google Photos Screensa&ver - C:\WINDOWS\System32\GPhotos.scr (Google Inc.)
O10 - Protocol_Catalog9\Catalog_Entries\000000000001 - C:\WINDOWS\System32\iavlsp.dll (iolo technologies, LLC)
O10 - Protocol_Catalog9\Catalog_Entries\000000000002 - C:\WINDOWS\System32\iavlsp.dll (iolo technologies, LLC)
O10 - Protocol_Catalog9\Catalog_Entries\000000000014 - C:\WINDOWS\System32\iavlsp.dll (iolo technologies, LLC)
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab (Reg Error: Value error.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 209.18.47.61 209.18.47.62
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - Winlogon\Notify\AtiExtEvent: DllName - Ati2evxx.dll - C:\WINDOWS\System32\ati2evxx.dll (ATI Technologies Inc.)
O20 - Winlogon\Notify\RelevantKnowledge: DllName - Reg Error: Value error. - Reg Error: Value error. File not found
O24 - Desktop WallPaper: C:\Documents and Settings\John Brown\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O24 - Desktop BackupWallPaper: C:\Documents and Settings\John Brown\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2010/12/30 15:20:21 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O33 - MountPoints2\{55b8ed9d-141c-11e0-b947-806d6172696f}\Shell - "" = AutoRun
O33 - MountPoints2\{55b8ed9d-141c-11e0-b947-806d6172696f}\Shell\AutoRun - "" = Auto&Play
O33 - MountPoints2\{55b8ed9d-141c-11e0-b947-806d6172696f}\Shell\AutoRun\command - "" = G:\LOCKv2.34.exe
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
========== Files/Folders - Created Within 30 Days ==========
[2011/06/21 10:57:20 | 000,579,072 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\John Brown\Desktop\OTL.exe
[2011/06/13 10:34:24 | 000,000,000 | ---D | C] -- C:\Documents and Settings\John Brown\Application Data\RapidBackup 2
[2011/06/13 10:29:30 | 000,000,000 | ---D | C] -- C:\WINDOWS\SaveMyFiles
[2011/06/13 10:29:29 | 000,000,000 | ---D | C] -- C:\Program Files\Summitsoft
[2011/06/07 18:28:29 | 000,000,000 | ---D | C] -- C:\Documents and Settings\John Brown\My Documents\Health
[2011/05/30 07:19:30 | 000,000,000 | ---D | C] -- C:\Documents and Settings\John Brown\Application Data\Titanium Gears
[4 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
========== Files - Modified Within 30 Days ==========
[2011/06/21 10:57:21 | 000,579,072 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\John Brown\Desktop\OTL.exe
[2011/06/21 10:40:42 | 000,000,448 | ---- | M] () -- C:\WINDOWS\System32\iolo.ini
[2011/06/21 10:40:33 | 000,000,386 | ---- | M] () -- C:\WINDOWS\tasks\AWC AutoSweep.job
[2011/06/21 10:39:22 | 000,000,290 | ---- | M] () -- C:\WINDOWS\tasks\SmartDefrag_Startup.job
[2011/06/21 10:38:54 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2011/06/20 10:27:40 | 000,000,696 | ---- | M] () -- C:\Documents and Settings\John Brown\Desktop\Canopy.lnk
[2011/06/20 07:14:33 | 000,000,654 | ---- | M] () -- C:\Documents and Settings\John Brown\Desktop\Winamp.lnk
[2011/06/20 07:12:07 | 000,001,734 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Adobe Reader X.lnk
[2011/06/19 19:41:27 | 000,000,165 | ---- | M] () -- C:\WINDOWS\QUICKEN.INI
[2011/06/19 00:50:01 | 000,492,944 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
[2011/06/19 00:50:01 | 000,083,466 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
[2011/06/16 16:35:42 | 000,000,987 | ---- | M] () -- C:\Documents and Settings\John Brown\Desktop\Encyclopedia_EBook_SECURE_PCREG_0819935.lnk
[2011/06/16 14:27:11 | 000,000,852 | ---- | M] () -- C:\Documents and Settings\John Brown\Desktop\ArticleIndex_3.lnk
[2011/06/16 10:04:44 | 000,001,374 | ---- | M] () -- C:\WINDOWS\imsins.BAK
[2011/06/15 17:55:56 | 000,000,116 | ---- | M] () -- C:\WINDOWS\NeroDigital.ini
[2011/06/14 16:50:45 | 002,938,099 | ---- | M] () -- C:\Documents and Settings\John Brown\My Documents\Encyclopedia_EBook_SECURE_PCREG_0819935.pdf
[2011/06/13 11:01:46 | 000,026,719 | ---- | M] () -- C:\Documents and Settings\John Brown\My Documents\DataDVD.cdm
[2011/06/13 10:29:36 | 000,001,855 | ---- | M] () -- C:\Documents and Settings\John Brown\Application Data\Microsoft\Internet Explorer\Quick Launch\SaveMyFiles.lnk
[2011/06/13 10:29:36 | 000,001,837 | ---- | M] () -- C:\Documents and Settings\John Brown\Desktop\SaveMyFiles.lnk
[2011/06/13 09:28:30 | 000,000,799 | ---- | M] () -- C:\Documents and Settings\John Brown\Desktop\PhotoPad Image Editor.lnk
[2011/06/13 09:28:07 | 000,000,290 | ---- | M] () -- C:\WINDOWS\tasks\photopadShakeIcon.job
[2011/06/13 09:27:36 | 000,000,874 | ---- | M] () -- C:\Documents and Settings\John Brown\Desktop\Advanced SystemCare.lnk
[2011/06/12 14:28:00 | 000,000,308 | ---- | M] () -- C:\WINDOWS\tasks\expressburnDowngrade.job
[2011/06/11 16:31:38 | 000,001,577 | ---- | M] () -- C:\Documents and Settings\John Brown\Desktop\Quicken Deluxe 2009.lnk
[2011/06/11 16:29:37 | 000,000,945 | ---- | M] () -- C:\Documents and Settings\John Brown\Desktop\Cdmkr32.lnk
[2011/06/11 16:29:10 | 000,001,467 | ---- | M] () -- C:\Documents and Settings\John Brown\Desktop\ISA 2 basic.lnk
[2011/06/11 16:28:27 | 000,000,828 | ---- | M] () -- C:\Documents and Settings\John Brown\Desktop\MSPUB.lnk
[2011/06/11 16:28:04 | 000,000,759 | ---- | M] () -- C:\Documents and Settings\John Brown\Desktop\Picasa 3.lnk
[2011/06/11 15:21:20 | 000,000,789 | ---- | M] () -- C:\Documents and Settings\John Brown\Desktop\RedBox.lnk
[2011/06/11 15:21:01 | 000,000,808 | ---- | M] () -- C:\Documents and Settings\John Brown\Desktop\Photoshop.lnk
[2011/06/07 18:38:44 | 000,001,714 | ---- | M] () -- C:\Documents and Settings\John Brown\My Documents\DataCD.cdm
[2011/06/05 09:45:54 | 000,013,646 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2011/06/01 17:32:03 | 000,000,777 | ---- | M] () -- C:\Documents and Settings\John Brown\Application Data\Microsoft\Internet Explorer\Quick Launch\Picasa 3.lnk
[4 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
========== Files Created - No Company Name ==========
[2011/06/21 09:33:25 | 000,000,448 | ---- | C] () -- C:\WINDOWS\System32\iolo.ini
[2011/06/20 10:27:40 | 000,000,696 | ---- | C] () -- C:\Documents and Settings\John Brown\Desktop\Canopy.lnk
[2011/06/20 07:14:33 | 000,000,654 | ---- | C] () -- C:\Documents and Settings\John Brown\Desktop\Winamp.lnk
[2011/06/20 07:12:07 | 000,001,804 | ---- | C] () -- C:\Documents and Settings\All Users\Start Menu\Programs\Adobe Reader X.lnk
[2011/06/20 07:12:07 | 000,001,734 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Adobe Reader X.lnk
[2011/06/16 16:35:42 | 000,000,987 | ---- | C] () -- C:\Documents and Settings\John Brown\Desktop\Encyclopedia_EBook_SECURE_PCREG_0819935.lnk
[2011/06/16 14:27:10 | 000,000,852 | ---- | C] () -- C:\Documents and Settings\John Brown\Desktop\ArticleIndex_3.lnk
[2011/06/14 16:50:45 | 002,938,099 | ---- | C] () -- C:\Documents and Settings\John Brown\My Documents\Encyclopedia_EBook_SECURE_PCREG_0819935.pdf
[2011/06/13 11:01:46 | 000,026,719 | ---- | C] () -- C:\Documents and Settings\John Brown\My Documents\DataDVD.cdm
[2011/06/13 10:29:36 | 000,001,855 | ---- | C] () -- C:\Documents and Settings\John Brown\Application Data\Microsoft\Internet Explorer\Quick Launch\SaveMyFiles.lnk
[2011/06/13 10:29:36 | 000,001,837 | ---- | C] () -- C:\Documents and Settings\John Brown\Desktop\SaveMyFiles.lnk
[2011/06/13 09:28:30 | 000,000,799 | ---- | C] () -- C:\Documents and Settings\John Brown\Desktop\PhotoPad Image Editor.lnk
[2011/06/13 09:27:36 | 000,000,874 | ---- | C] () -- C:\Documents and Settings\John Brown\Desktop\Advanced SystemCare.lnk
[2011/06/11 16:31:38 | 000,001,577 | ---- | C] () -- C:\Documents and Settings\John Brown\Desktop\Quicken Deluxe 2009.lnk
[2011/06/11 16:29:37 | 000,000,945 | ---- | C] () -- C:\Documents and Settings\John Brown\Desktop\Cdmkr32.lnk
[2011/06/11 16:29:10 | 000,001,467 | ---- | C] () -- C:\Documents and Settings\John Brown\Desktop\ISA 2 basic.lnk
[2011/06/11 16:28:27 | 000,000,828 | ---- | C] () -- C:\Documents and Settings\John Brown\Desktop\MSPUB.lnk
[2011/06/11 16:28:04 | 000,000,759 | ---- | C] () -- C:\Documents and Settings\John Brown\Desktop\Picasa 3.lnk
[2011/06/11 15:21:20 | 000,000,789 | ---- | C] () -- C:\Documents and Settings\John Brown\Desktop\RedBox.lnk
[2011/06/11 15:21:01 | 000,000,808 | ---- | C] () -- C:\Documents and Settings\John Brown\Desktop\Photoshop.lnk
[2011/06/01 17:23:06 | 000,000,290 | ---- | C] () -- C:\WINDOWS\tasks\photopadShakeIcon.job
[2011/04/15 07:46:33 | 000,000,125 | ---- | C] () -- C:\WINDOWS\help.INI
[2011/04/01 17:22:34 | 000,003,584 | ---- | C] () -- C:\Documents and Settings\John Brown\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2011/03/25 12:57:00 | 000,002,075 | ---- | C] () -- C:\Documents and Settings\John Brown\Application Data\SAS7_000.DAT
[2011/03/23 17:09:38 | 000,029,520 | ---- | C] () -- C:\WINDOWS\System32\SmartDefragBootTime.exe
[2011/03/23 17:09:38 | 000,013,496 | ---- | C] () -- C:\WINDOWS\System32\drivers\SmartDefragDriver.sys
[2011/03/17 17:40:30 | 000,000,116 | ---- | C] () -- C:\WINDOWS\NeroDigital.ini
[2011/03/16 13:39:35 | 000,000,128 | ---- | C] () -- C:\WINDOWS\{EFFA53BC-8C04-2E21-3D90-A13B1697B0CA}.ini
[2011/03/13 00:42:54 | 000,000,011 | ---- | C] () -- C:\WINDOWS\nextsteps.ini
[2011/02/04 14:59:03 | 000,000,165 | ---- | C] () -- C:\WINDOWS\QUICKEN.INI
[2011/01/26 16:07:30 | 000,000,020 | ---- | C] () -- C:\WINDOWS\LANG.INI
[2011/01/03 15:01:37 | 000,000,000 | ---- | C] () -- C:\WINDOWS\nsreg.dat
[2011/01/03 10:23:19 | 000,013,952 | ---- | C] () -- C:\WINDOWS\System32\drivers\UBHelper.sys
[2011/01/02 18:00:02 | 000,000,078 | ---- | C] () -- C:\WINDOWS\LOTUS.INI
[2011/01/02 18:00:02 | 000,000,073 | ---- | C] () -- C:\WINDOWS\ORG2.INI
[2011/01/01 19:05:42 | 000,098,304 | ---- | C] () -- C:\WINDOWS\System32\redmonnt.dll
[2010/12/31 08:30:56 | 000,056,320 | ---- | C] () -- C:\WINDOWS\System32\iyvu9_32.dll
[2010/12/30 19:30:41 | 000,006,550 | ---- | C] () -- C:\WINDOWS\jautoexp.dat
[2010/12/30 18:44:16 | 000,001,024 | ---- | C] () -- C:\WINDOWS\System32\NTIBUN4.dll
[2010/12/30 18:42:37 | 000,001,024 | RH-- | C] () -- C:\WINDOWS\System32\NTICDMK7.dll
[2010/12/30 18:41:31 | 000,001,024 | RH-- | C] () -- C:\WINDOWS\System32\NTIJCMK5.dll
[2010/12/30 18:41:31 | 000,001,024 | RH-- | C] () -- C:\WINDOWS\System32\NTIFCD3.dll
[2010/12/30 18:41:30 | 000,001,024 | RH-- | C] () -- C:\WINDOWS\System32\NTIMPEG2.dll
[2010/12/30 18:41:30 | 000,001,024 | RH-- | C] () -- C:\WINDOWS\System32\NTIMP3.dll
[2010/12/30 18:26:26 | 000,001,024 | RH-- | C] () -- C:\WINDOWS\System32\NTICDMK32.dll
[2010/12/30 18:07:14 | 000,135,192 | ---- | C] () -- C:\WINDOWS\hpwins10.dat
[2010/12/30 17:59:59 | 000,102,400 | ---- | C] () -- C:\WINDOWS\System32\PMLJNI.dll
[2010/12/30 17:59:59 | 000,074,752 | ---- | C] () -- C:\WINDOWS\System32\jst.dll
[2010/12/30 17:42:38 | 000,006,941 | ---- | C] () -- C:\WINDOWS\hplj24x0.ini
[2010/12/30 17:42:21 | 000,002,763 | ---- | C] () -- C:\WINDOWS\mariner.ini
[2010/12/30 17:00:46 | 000,000,376 | ---- | C] () -- C:\WINDOWS\ODBC.INI
[2010/12/30 15:53:53 | 000,074,703 | ---- | C] () -- C:\WINDOWS\System32\mfc45.dll
[2010/12/30 15:40:31 | 000,157,184 | ---- | C] () -- C:\WINDOWS\System32\RtlCPAPI.dll
[2010/12/30 15:40:31 | 000,040,960 | ---- | C] () -- C:\WINDOWS\System32\ChCfg.exe
[2010/12/30 15:37:43 | 000,516,096 | ---- | C] () -- C:\WINDOWS\System32\ati2sgag.exe
[2010/12/30 15:37:39 | 000,104,373 | ---- | C] () -- C:\WINDOWS\System32\atiicdxx.dat
[2010/12/30 15:22:47 | 000,002,048 | --S- | C] () -- C:\WINDOWS\bootstat.dat
[2010/12/30 15:17:15 | 000,021,640 | ---- | C] () -- C:\WINDOWS\System32\emptyregdb.dat
[2010/12/30 07:08:40 | 000,004,161 | ---- | C] () -- C:\WINDOWS\ODBCINST.INI
[2010/12/30 07:07:12 | 000,375,264 | ---- | C] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2008/04/14 05:00:00 | 013,107,200 | ---- | C] () -- C:\WINDOWS\System32\oembios.bin
[2008/04/14 05:00:00 | 000,673,088 | ---- | C] () -- C:\WINDOWS\System32\mlang.dat
[2008/04/14 05:00:00 | 000,492,944 | ---- | C] () -- C:\WINDOWS\System32\perfh009.dat
[2008/04/14 05:00:00 | 000,272,128 | ---- | C] () -- C:\WINDOWS\System32\perfi009.dat
[2008/04/14 05:00:00 | 000,218,003 | ---- | C] () -- C:\WINDOWS\System32\dssec.dat
[2008/04/14 05:00:00 | 000,083,466 | ---- | C] () -- C:\WINDOWS\System32\perfc009.dat
[2008/04/14 05:00:00 | 000,046,258 | ---- | C] () -- C:\WINDOWS\System32\mib.bin
[2008/04/14 05:00:00 | 000,028,626 | ---- | C] () -- C:\WINDOWS\System32\perfd009.dat
[2008/04/14 05:00:00 | 000,004,569 | ---- | C] () -- C:\WINDOWS\System32\secupd.dat
[2008/04/14 05:00:00 | 000,004,461 | ---- | C] () -- C:\WINDOWS\System32\oembios.dat
[2008/04/14 05:00:00 | 000,001,804 | ---- | C] () -- C:\WINDOWS\System32\Dcache.bin
[2008/04/14 05:00:00 | 000,000,741 | ---- | C] () -- C:\WINDOWS\System32\noise.dat
[2008/01/15 05:31:00 | 000,000,530 | ---- | C] () -- C:\WINDOWS\System32\tx14_ic.ini
[2007/03/08 03:43:03 | 000,010,335 | ---- | C] () -- C:\WINDOWS\hpwscr10.dat
[2007/02/27 19:19:55 | 000,001,042 | ---- | C] () -- C:\WINDOWS\hpwmdl10.dat
[2003/02/24 22:49:56 | 000,094,274 | ---- | C] () -- C:\WINDOWS\System32\HPBHEALR.DLL
[2003/01/07 16:05:08 | 000,002,695 | ---- | C] () -- C:\WINDOWS\System32\OUTLPERF.INI
[2001/12/26 17:12:30 | 000,065,536 | ---- | C] () -- C:\WINDOWS\System32\multiplex_vcd.dll
[2001/09/04 00:46:38 | 000,110,592 | ---- | C] () -- C:\WINDOWS\System32\Hmpg12.dll
[2001/07/30 17:33:56 | 000,118,784 | ---- | C] () -- C:\WINDOWS\System32\HMPV2_ENC.dll
[2001/07/23 23:04:36 | 000,118,784 | ---- | C] () -- C:\WINDOWS\System32\HMPV2_ENC_MMX.dll
========== LOP Check ==========
[2011/05/02 18:12:41 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\FileCure
[2011/04/13 17:55:06 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\IObit
[2011/03/23 20:27:47 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\iolo
[2011/04/08 12:24:36 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\NCH Swift Sound
[2011/03/17 13:06:39 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Nuance
[2011/03/21 13:54:03 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\PC Drivers HeadQuarters
[2011/05/30 22:10:25 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\TEMP
[2011/03/21 13:54:49 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\UAB
[2011/01/30 16:14:16 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\{429CAD59-35B1-4DBC-BB6D-1DB246563521}
[2011/03/13 00:31:54 | 000,000,000 | ---D | M] -- C:\Documents and Settings\John Brown\Application Data\facemoods.com
[2011/01/09 14:55:55 | 000,000,000 | ---D | M] -- C:\Documents and Settings\John Brown\Application Data\FUJIFILM
[2011/05/31 21:20:05 | 000,000,000 | ---D | M] -- C:\Documents and Settings\John Brown\Application Data\Image Zone Express
[2011/04/13 17:55:08 | 000,000,000 | ---D | M] -- C:\Documents and Settings\John Brown\Application Data\IObit
[2011/02/04 17:52:09 | 000,000,000 | ---D | M] -- C:\Documents and Settings\John Brown\Application Data\iolo
[2011/03/17 13:21:39 | 000,000,000 | ---D | M] -- C:\Documents and Settings\John Brown\Application Data\Nuance
[2011/05/08 17:04:21 | 000,000,000 | ---D | M] -- C:\Documents and Settings\John Brown\Application Data\Printer Info Cache
[2011/06/13 10:41:28 | 000,000,000 | ---D | M] -- C:\Documents and Settings\John Brown\Application Data\RapidBackup 2
[2011/05/15 14:24:20 | 000,000,000 | ---D | M] -- C:\Documents and Settings\John Brown\Application Data\RegistryKeys
[2011/05/30 07:19:30 | 000,000,000 | ---D | M] -- C:\Documents and Settings\John Brown\Application Data\Titanium Gears
[2011/01/10 23:55:54 | 000,000,000 | ---D | M] -- C:\Documents and Settings\John Brown\Application Data\Transparent
[2011/02/23 19:00:48 | 000,000,000 | ---D | M] -- C:\Documents and Settings\John Brown\Application Data\Uniblue
[2011/06/21 10:40:33 | 000,000,386 | ---- | M] () -- C:\WINDOWS\Tasks\AWC AutoSweep.job
[2011/06/12 14:28:00 | 000,000,308 | ---- | M] () -- C:\WINDOWS\Tasks\expressburnDowngrade.job
[2011/05/21 14:28:00 | 000,000,308 | ---- | M] () -- C:\WINDOWS\Tasks\expressburnShakeIcon.job
[2011/06/13 09:28:07 | 000,000,290 | ---- | M] () -- C:\WINDOWS\Tasks\photopadShakeIcon.job
[2011/06/21 10:39:22 | 000,000,290 | ---- | M] () -- C:\WINDOWS\Tasks\SmartDefrag_Startup.job
========== Purity Check ==========
This was the only window that opened-Standard Registry. There was no Extra.txt and when I tried to click Extra Registry it apparently is default (none).
I don't know how long ago I may have tried to run the app from the disk so I don't know how old the file might be.
crunchie
990
Most Valuable Poster
Team Colleague
Featured Poster
Run OTL
- Under the Custom Scans/Fixes box at the bottom, paste in the following
:OTL F3 - HKCU WinNT: Load - (E:\INKLI~10\REMINDER.EXE) - File not found F3 - HKCU WinNT: Load - (E:\INKLI~10\INKLI~22\REDBOX~2\REMINDER.EXE) - File not found O20 - Winlogon\Notify\RelevantKnowledge: DllName - Reg Error: Value error. - Reg Error: Value error. File not found :Commands [purity] [emptyflash] [emptytemp] [Reboot] - Then click the Run Fix button at the top.
- Let the program run unhindered, reboot the PC when it is done.
- Post log from this run.
- Open OTL again and click the Quick Scan button. Post the log it produces in your next reply.
gnuma
0
Newbie Poster
OTL logfile created on: 6/21/2011 4:25:13 PM - Run 5
OTL by OldTimer - Version 3.2.24.1 Folder = C:\Documents and Settings\John Brown\Desktop\Systsems
Windows XP Home Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy
1.44 Gb Total Physical Memory | 0.70 Gb Available Physical Memory | 49.06% Memory free
3.29 Gb Paging File | 2.70 Gb Available in Paging File | 81.96% Paging File free
Paging file location(s): C:\pagefile.sys 2046 4092 [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 74.52 Gb Total Space | 51.91 Gb Free Space | 69.65% Space Free | Partition Type: NTFS
Computer Name: KINGDOM | User Name: John Brown | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days
========== Processes (SafeList) ==========
PRC - [2011/06/21 10:57:21 | 000,579,072 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\John Brown\Desktop\Systsems\OTL.exe
PRC - [2011/05/01 12:33:59 | 000,924,632 | ---- | M] (Mozilla Corporation) -- C:\Program Files\Mozilla Firefox\firefox.exe
PRC - [2011/03/25 10:38:26 | 002,402,512 | ---- | M] (IObit) -- C:\Program Files\IObit\Advanced SystemCare 3\AWC.exe
PRC - [2011/03/15 15:20:42 | 000,724,152 | ---- | M] (iolo technologies, LLC) -- C:\Program Files\iolo\Common\Lib\ioloServiceManager.exe
PRC - [2011/03/10 18:19:32 | 001,642,840 | ---- | M] (IObit) -- C:\Program Files\IObit\Smart Defrag 2\SmartDefrag.exe
PRC - [2010/12/09 03:45:58 | 000,074,752 | ---- | M] (Nullsoft, Inc.) -- C:\Program Files\Winamp\winampa.exe
PRC - [2010/08/27 13:13:32 | 000,789,680 | ---- | M] () -- C:\Program Files\iolo\System Mechanic Professional\System Shield\ioloSSTray.exe
PRC - [2010/07/23 13:19:26 | 000,296,808 | ---- | M] (Nuance Communications, Inc.) -- C:\Program Files\Common Files\Nuance\dgnsvc.exe
PRC - [2010/07/23 09:46:02 | 000,222,496 | ---- | M] (Acresso Corporation) -- C:\Documents and Settings\All Users\Application Data\FLEXnet\Connect\11\ISUSPM.exe
PRC - [2010/06/11 18:14:24 | 001,280,344 | ---- | M] (IObit) -- C:\Program Files\IObit\IObit Security 360\is360tray.exe
PRC - [2010/06/11 18:14:22 | 000,312,152 | ---- | M] (IObit) -- C:\Program Files\IObit\IObit Security 360\is360srv.exe
PRC - [2010/01/19 19:46:54 | 000,117,288 | ---- | M] (Authentium, Inc) -- C:\Program Files\Common Files\Authentium\AntiVirus5\vsedsps.exe
PRC - [2010/01/19 19:46:48 | 000,121,384 | ---- | M] (Authentium, Inc) -- C:\Program Files\Common Files\Authentium\AntiVirus5\vseamps.exe
PRC - [2009/11/09 01:18:00 | 000,065,216 | ---- | M] (WordWeb Software) -- C:\Program Files\WordWeb\wweb32.exe
PRC - [2008/04/14 05:00:00 | 001,033,728 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
========== Modules (SafeList) ==========
MOD - [2011/06/21 10:57:21 | 000,579,072 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\John Brown\Desktop\Systsems\OTL.exe
MOD - [2011/01/19 19:53:34 | 000,238,424 | ---- | M] (IObit) -- C:\Program Files\IObit\IObit Security 360\is360mon.dll
MOD - [2010/08/23 09:12:02 | 001,054,208 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.6028_x-ww_61e65202\comctl32.dll
========== Win32 Services (SafeList) ==========
SRV - File not found [On_Demand | Stopped] -- -- (AppMgmt)
SRV - [2011/03/15 15:20:42 | 000,724,152 | ---- | M] (iolo technologies, LLC) [Auto | Running] -- C:\Program Files\iolo\Common\Lib\ioloServiceManager.exe -- (ioloSystemService)
SRV - [2011/03/15 15:20:42 | 000,724,152 | ---- | M] (iolo technologies, LLC) [Auto | Running] -- C:\Program Files\iolo\Common\Lib\ioloServiceManager.exe -- (ioloFileInfoList)
SRV - [2010/07/23 13:19:26 | 000,296,808 | ---- | M] (Nuance Communications, Inc.) [Auto | Running] -- C:\Program Files\Common Files\Nuance\dgnsvc.exe -- (DragonSvc)
SRV - [2010/06/11 18:14:22 | 000,312,152 | ---- | M] (IObit) [Auto | Running] -- C:\Program Files\IObit\IObit Security 360\is360srv.exe -- (IS360service)
SRV - [2010/01/19 19:46:56 | 000,158,248 | ---- | M] (Authentium, Inc) [On_Demand | Stopped] -- C:\Program Files\Common Files\Authentium\AntiVirus5\vseqrts.exe -- (vseqrts)
SRV - [2010/01/19 19:46:54 | 000,117,288 | ---- | M] (Authentium, Inc) [Auto | Running] -- C:\Program Files\Common Files\Authentium\AntiVirus5\vsedsps.exe -- (vsedsps)
SRV - [2010/01/19 19:46:48 | 000,121,384 | ---- | M] (Authentium, Inc) [Auto | Running] -- C:\Program Files\Common Files\Authentium\AntiVirus5\vseamps.exe -- (vseamps)
========== Driver Services (SafeList) ==========
DRV - [2011/02/23 17:04:32 | 000,013,496 | ---- | M] () [Kernel | Boot | Running] -- C:\WINDOWS\System32\Drivers\SmartDefragDriver.sys -- (SmartDefragDriver)
DRV - [2010/06/29 19:30:08 | 000,009,341 | ---- | M] (iolo technologies, LLC (based on original work by Bo Brantén)) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\filedisk.sys -- (FileDisk)
DRV - [2010/01/19 19:53:46 | 000,127,016 | ---- | M] (Authentium, Inc) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\amp.sys -- (AMP)
DRV - [2010/01/19 19:53:44 | 001,118,248 | ---- | M] (Authentium, Inc) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\ampse.sys -- (AMPSE)
DRV - [2008/04/13 15:05:40 | 000,020,992 | ---- | M] (Realtek Semiconductor Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\RTL8139.sys -- (rtl8139) Realtek RTL8139(A/B/C)
DRV - [2007/10/11 18:40:00 | 000,009,096 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\amdide.sys -- (amdide)
DRV - [2005/10/18 14:15:42 | 004,034,048 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\RtkHDAud.Sys -- (IntcAzAudAddService) Service for Realtek HD Audio (WDM)
DRV - [2005/08/30 22:42:36 | 001,333,760 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ati2mtag.sys -- (ati2mtag)
DRV - [2005/08/24 13:56:28 | 000,074,752 | ---- | M] (Realtek Semiconductor Corporation ) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\Rtnicxp.sys -- (RTL8023xp)
========== Standard Registry (SafeList) ==========
========== Internet Explorer ==========
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.msn.com/
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.google.com/ie
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.google.com
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,SearchDefaultBranded = 1
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.rr.com/
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL = http://www.google.com/ie
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.google.com/ie
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = <local>
========== FireFox ==========
FF - prefs.js..browser.search.defaultenginename: "Bing"
FF - prefs.js..browser.search.defaultthis.engineName: "NCH EN Customized Web Search"
FF - prefs.js..browser.search.defaulturl: "http://search.conduit.com/ResultsExt.aspx?ctid=CT2801948&SearchSource=3&q={searchTerms}"
FF - prefs.js..browser.search.selectedEngine: "NCH EN Customized Web Search"
FF - prefs.js..browser.search.useDBForOrder: true
FF - prefs.js..browser.startup.homepage: "www.rr.com"
FF - prefs.js..extensions.enabledItems: {6E19037A-12E3-4295-8915-ED48BC341614}:1.3.328.4
FF - prefs.js..extensions.enabledItems: DefaultManager@Microsoft:2.1
FF - prefs.js..keyword.URL: "http://www.bing.com/search?FORM=BABTDF&PC=BBLN&q="
FF - prefs.js..network.proxy.no_proxies_on: "localhost,127.0.0.1"
FF - prefs.js..network.proxy.type: 0
FF - HKLM\software\mozilla\Mozilla Firefox 4.0\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2011/05/01 12:34:12 | 000,000,000 | ---D | M]
[2011/01/03 15:01:57 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\John Brown\Application Data\Mozilla\Extensions
[2011/05/18 12:04:16 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\John Brown\Application Data\Mozilla\Firefox\Profiles\5j02vci3.default\extensions
[2011/03/29 23:20:08 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Documents and Settings\John Brown\Application Data\Mozilla\Firefox\Profiles\5j02vci3.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}
[2011/05/18 12:04:16 | 000,000,000 | ---D | M] (NCH EN Community Toolbar) -- C:\Documents and Settings\John Brown\Application Data\Mozilla\Firefox\Profiles\5j02vci3.default\extensions\{37483b40-c254-4a72-bda4-22ee90182c1e}
[2011/05/14 11:07:55 | 000,000,000 | ---D | M] (Translator 3 Community Toolbar) -- C:\Documents and Settings\John Brown\Application Data\Mozilla\Firefox\Profiles\5j02vci3.default\extensions\{c4fadfd7-ed49-4bc9-bef6-ad0099fa3911}
[2011/03/21 14:05:42 | 000,000,000 | ---D | M] (Microsoft Default Manager) -- C:\Documents and Settings\John Brown\Application Data\Mozilla\Firefox\Profiles\5j02vci3.default\extensions\DefaultManager@Microsoft
[2011/05/18 12:04:08 | 000,000,000 | ---D | M] (Conduit Engine) -- C:\Documents and Settings\John Brown\Application Data\Mozilla\Firefox\Profiles\5j02vci3.default\extensions\engine@conduit.com
[2011/03/21 16:32:57 | 000,001,832 | ---- | M] () -- C:\Documents and Settings\John Brown\Application Data\Mozilla\Firefox\Profiles\5j02vci3.default\searchplugins\bing.xml
[2011/03/21 14:51:06 | 000,000,915 | ---- | M] () -- C:\Documents and Settings\John Brown\Application Data\Mozilla\Firefox\Profiles\5j02vci3.default\searchplugins\conduit.xml
[2011/04/10 18:19:42 | 000,009,946 | ---- | M] () -- C:\Documents and Settings\John Brown\Application Data\Mozilla\Firefox\Profiles\5j02vci3.default\searchplugins\HeadlineAlley_29.xml
[2011/04/01 16:20:21 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions
File not found (No name found) --
[2011/05/01 12:33:58 | 000,142,296 | ---- | M] (Mozilla Foundation) -- C:\Program Files\Mozilla Firefox\components\browsercomps.dll
[2010/01/01 01:00:00 | 000,002,252 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\bing.xml
O1 HOSTS File: ([2008/04/14 05:00:00 | 000,000,734 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O3 - HKLM\..\Toolbar: (RedBox Toolbar) - {e6d87380-6e47-11db-9fe1-0800200c9a66} - C:\Program Files\Studio V5\RedBox7\RedBoxBar.dll ()
O4 - HKLM..\Run: [Alcmtr] C:\WINDOWS\Alcmtr.exe (Realtek Semiconductor Corp.)
O4 - HKLM..\Run: [DNS7reminder] C:\Program Files\Nuance\NaturallySpeaking11\Ereg\Ereg.exe (Nuance Communications, Inc.)
O4 - HKLM..\Run: [IObit Security 360] C:\Program Files\IObit\IObit Security 360\IS360tray.exe (IObit)
O4 - HKLM..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe (Ahead Software Gmbh)
O4 - HKLM..\Run: [Nuance.ctfmngr] C:\Program Files\Nuance\NaturallySpeaking11\Program\ctfmngr.exe (Nuance Communications, Inc.)
O4 - HKLM..\Run: [WinampAgent] C:\Program Files\Winamp\winampa.exe (Nullsoft, Inc.)
O4 - HKCU..\Run: [Advanced SystemCare 3] C:\Program Files\IObit\Advanced SystemCare 3\AWC.exe (IObit)
O4 - HKCU..\Run: [ISUSPM] C:\Documents and Settings\All Users\Application Data\FLEXnet\Connect\11\ISUSPM.exe (Acresso Corporation)
O4 - HKCU..\Run: [WordWeb] C:\Program Files\WordWeb\wweb32.exe (WordWeb Software)
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Infodelivery present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: LinkResolveIgnoreLinkInfo = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoResolveSearch = 1
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: LinkResolveIgnoreLinkInfo = 0
O8 - Extra context menu item: Add to Google Photos Screensa&ver - C:\WINDOWS\System32\GPhotos.scr (Google Inc.)
O10 - Protocol_Catalog9\Catalog_Entries\000000000001 - C:\WINDOWS\System32\iavlsp.dll (iolo technologies, LLC)
O10 - Protocol_Catalog9\Catalog_Entries\000000000002 - C:\WINDOWS\System32\iavlsp.dll (iolo technologies, LLC)
O10 - Protocol_Catalog9\Catalog_Entries\000000000014 - C:\WINDOWS\System32\iavlsp.dll (iolo technologies, LLC)
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab (Reg Error: Value error.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 209.18.47.61 209.18.47.62
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - Winlogon\Notify\AtiExtEvent: DllName - Ati2evxx.dll - C:\WINDOWS\System32\ati2evxx.dll (ATI Technologies Inc.)
O24 - Desktop WallPaper: C:\Documents and Settings\John Brown\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O24 - Desktop BackupWallPaper: C:\Documents and Settings\John Brown\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2010/12/30 15:20:21 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O33 - MountPoints2\{55b8ed9d-141c-11e0-b947-806d6172696f}\Shell - "" = AutoRun
O33 - MountPoints2\{55b8ed9d-141c-11e0-b947-806d6172696f}\Shell\AutoRun - "" = Auto&Play
O33 - MountPoints2\{55b8ed9d-141c-11e0-b947-806d6172696f}\Shell\AutoRun\command - "" = G:\LOCKv2.34.exe
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
========== Files/Folders - Created Within 30 Days ==========
[2011/06/21 16:13:45 | 000,000,000 | ---D | C] -- C:\_OTL
[2011/06/13 10:34:24 | 000,000,000 | ---D | C] -- C:\Documents and Settings\John Brown\Application Data\RapidBackup 2
[2011/06/13 10:29:30 | 000,000,000 | ---D | C] -- C:\WINDOWS\SaveMyFiles
[2011/06/13 10:29:29 | 000,000,000 | ---D | C] -- C:\Program Files\Summitsoft
[2011/06/07 18:28:29 | 000,000,000 | ---D | C] -- C:\Documents and Settings\John Brown\My Documents\Health
[2011/05/30 07:19:30 | 000,000,000 | ---D | C] -- C:\Documents and Settings\John Brown\Application Data\Titanium Gears
========== Files - Modified Within 30 Days ==========
[2011/06/21 16:22:00 | 000,000,448 | ---- | M] () -- C:\WINDOWS\System32\iolo.ini
[2011/06/21 16:21:56 | 000,000,386 | ---- | M] () -- C:\WINDOWS\tasks\AWC AutoSweep.job
[2011/06/21 16:21:24 | 000,000,290 | ---- | M] () -- C:\WINDOWS\tasks\SmartDefrag_Startup.job
[2011/06/21 16:20:51 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2011/06/20 10:27:40 | 000,000,696 | ---- | M] () -- C:\Documents and Settings\John Brown\Desktop\Canopy.lnk
[2011/06/20 07:14:33 | 000,000,654 | ---- | M] () -- C:\Documents and Settings\John Brown\Desktop\Winamp.lnk
[2011/06/20 07:12:07 | 000,001,734 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Adobe Reader X.lnk
[2011/06/19 19:41:27 | 000,000,165 | ---- | M] () -- C:\WINDOWS\QUICKEN.INI
[2011/06/19 00:50:01 | 000,492,944 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
[2011/06/19 00:50:01 | 000,083,466 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
[2011/06/16 16:35:42 | 000,000,987 | ---- | M] () -- C:\Documents and Settings\John Brown\Desktop\Encyclopedia_EBook_SECURE_PCREG_0819935.lnk
[2011/06/16 14:27:11 | 000,000,852 | ---- | M] () -- C:\Documents and Settings\John Brown\Desktop\ArticleIndex_3.lnk
[2011/06/16 10:04:44 | 000,001,374 | ---- | M] () -- C:\WINDOWS\imsins.BAK
[2011/06/15 17:55:56 | 000,000,116 | ---- | M] () -- C:\WINDOWS\NeroDigital.ini
[2011/06/14 16:50:45 | 002,938,099 | ---- | M] () -- C:\Documents and Settings\John Brown\My Documents\Encyclopedia_EBook_SECURE_PCREG_0819935.pdf
[2011/06/13 11:01:46 | 000,026,719 | ---- | M] () -- C:\Documents and Settings\John Brown\My Documents\DataDVD.cdm
[2011/06/13 10:29:36 | 000,001,855 | ---- | M] () -- C:\Documents and Settings\John Brown\Application Data\Microsoft\Internet Explorer\Quick Launch\SaveMyFiles.lnk
[2011/06/13 10:29:36 | 000,001,837 | ---- | M] () -- C:\Documents and Settings\John Brown\Desktop\SaveMyFiles.lnk
[2011/06/13 09:28:30 | 000,000,799 | ---- | M] () -- C:\Documents and Settings\John Brown\Desktop\PhotoPad Image Editor.lnk
[2011/06/13 09:28:07 | 000,000,290 | ---- | M] () -- C:\WINDOWS\tasks\photopadShakeIcon.job
[2011/06/13 09:27:36 | 000,000,874 | ---- | M] () -- C:\Documents and Settings\John Brown\Desktop\Advanced SystemCare.lnk
[2011/06/12 14:28:00 | 000,000,308 | ---- | M] () -- C:\WINDOWS\tasks\expressburnDowngrade.job
[2011/06/11 16:31:38 | 000,001,577 | ---- | M] () -- C:\Documents and Settings\John Brown\Desktop\Quicken Deluxe 2009.lnk
[2011/06/11 16:29:37 | 000,000,945 | ---- | M] () -- C:\Documents and Settings\John Brown\Desktop\Cdmkr32.lnk
[2011/06/11 16:29:10 | 000,001,467 | ---- | M] () -- C:\Documents and Settings\John Brown\Desktop\ISA 2 basic.lnk
[2011/06/11 16:28:27 | 000,000,828 | ---- | M] () -- C:\Documents and Settings\John Brown\Desktop\MSPUB.lnk
[2011/06/11 16:28:04 | 000,000,759 | ---- | M] () -- C:\Documents and Settings\John Brown\Desktop\Picasa 3.lnk
[2011/06/11 15:21:20 | 000,000,789 | ---- | M] () -- C:\Documents and Settings\John Brown\Desktop\RedBox.lnk
[2011/06/11 15:21:01 | 000,000,808 | ---- | M] () -- C:\Documents and Settings\John Brown\Desktop\Photoshop.lnk
[2011/06/07 18:38:44 | 000,001,714 | ---- | M] () -- C:\Documents and Settings\John Brown\My Documents\DataCD.cdm
[2011/06/05 09:45:54 | 000,013,646 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2011/06/01 17:32:03 | 000,000,777 | ---- | M] () -- C:\Documents and Settings\John Brown\Application Data\Microsoft\Internet Explorer\Quick Launch\Picasa 3.lnk
========== Files Created - No Company Name ==========
[2011/06/21 09:33:25 | 000,000,448 | ---- | C] () -- C:\WINDOWS\System32\iolo.ini
[2011/06/20 10:27:40 | 000,000,696 | ---- | C] () -- C:\Documents and Settings\John Brown\Desktop\Canopy.lnk
[2011/06/20 07:14:33 | 000,000,654 | ---- | C] () -- C:\Documents and Settings\John Brown\Desktop\Winamp.lnk
[2011/06/20 07:12:07 | 000,001,804 | ---- | C] () -- C:\Documents and Settings\All Users\Start Menu\Programs\Adobe Reader X.lnk
[2011/06/20 07:12:07 | 000,001,734 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Adobe Reader X.lnk
[2011/06/16 16:35:42 | 000,000,987 | ---- | C] () -- C:\Documents and Settings\John Brown\Desktop\Encyclopedia_EBook_SECURE_PCREG_0819935.lnk
[2011/06/16 14:27:10 | 000,000,852 | ---- | C] () -- C:\Documents and Settings\John Brown\Desktop\ArticleIndex_3.lnk
[2011/06/14 16:50:45 | 002,938,099 | ---- | C] () -- C:\Documents and Settings\John Brown\My Documents\Encyclopedia_EBook_SECURE_PCREG_0819935.pdf
[2011/06/13 11:01:46 | 000,026,719 | ---- | C] () -- C:\Documents and Settings\John Brown\My Documents\DataDVD.cdm
[2011/06/13 10:29:36 | 000,001,855 | ---- | C] () -- C:\Documents and Settings\John Brown\Application Data\Microsoft\Internet Explorer\Quick Launch\SaveMyFiles.lnk
[2011/06/13 10:29:36 | 000,001,837 | ---- | C] () -- C:\Documents and Settings\John Brown\Desktop\SaveMyFiles.lnk
[2011/06/13 09:28:30 | 000,000,799 | ---- | C] () -- C:\Documents and Settings\John Brown\Desktop\PhotoPad Image Editor.lnk
[2011/06/13 09:27:36 | 000,000,874 | ---- | C] () -- C:\Documents and Settings\John Brown\Desktop\Advanced SystemCare.lnk
[2011/06/11 16:31:38 | 000,001,577 | ---- | C] () -- C:\Documents and Settings\John Brown\Desktop\Quicken Deluxe 2009.lnk
[2011/06/11 16:29:37 | 000,000,945 | ---- | C] () -- C:\Documents and Settings\John Brown\Desktop\Cdmkr32.lnk
[2011/06/11 16:29:10 | 000,001,467 | ---- | C] () -- C:\Documents and Settings\John Brown\Desktop\ISA 2 basic.lnk
[2011/06/11 16:28:27 | 000,000,828 | ---- | C] () -- C:\Documents and Settings\John Brown\Desktop\MSPUB.lnk
[2011/06/11 16:28:04 | 000,000,759 | ---- | C] () -- C:\Documents and Settings\John Brown\Desktop\Picasa 3.lnk
[2011/06/11 15:21:20 | 000,000,789 | ---- | C] () -- C:\Documents and Settings\John Brown\Desktop\RedBox.lnk
[2011/06/11 15:21:01 | 000,000,808 | ---- | C] () -- C:\Documents and Settings\John Brown\Desktop\Photoshop.lnk
[2011/06/01 17:23:06 | 000,000,290 | ---- | C] () -- C:\WINDOWS\tasks\photopadShakeIcon.job
[2011/04/15 07:46:33 | 000,000,125 | ---- | C] () -- C:\WINDOWS\help.INI
[2011/04/01 17:22:34 | 000,003,584 | ---- | C] () -- C:\Documents and Settings\John Brown\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2011/03/25 12:57:00 | 000,002,075 | ---- | C] () -- C:\Documents and Settings\John Brown\Application Data\SAS7_000.DAT
[2011/03/23 17:09:38 | 000,029,520 | ---- | C] () -- C:\WINDOWS\System32\SmartDefragBootTime.exe
[2011/03/23 17:09:38 | 000,013,496 | ---- | C] () -- C:\WINDOWS\System32\drivers\SmartDefragDriver.sys
[2011/03/17 17:40:30 | 000,000,116 | ---- | C] () -- C:\WINDOWS\NeroDigital.ini
[2011/03/16 13:39:35 | 000,000,128 | ---- | C] () -- C:\WINDOWS\{EFFA53BC-8C04-2E21-3D90-A13B1697B0CA}.ini
[2011/03/13 00:42:54 | 000,000,011 | ---- | C] () -- C:\WINDOWS\nextsteps.ini
[2011/02/04 14:59:03 | 000,000,165 | ---- | C] () -- C:\WINDOWS\QUICKEN.INI
[2011/01/26 16:07:30 | 000,000,020 | ---- | C] () -- C:\WINDOWS\LANG.INI
[2011/01/03 15:01:37 | 000,000,000 | ---- | C] () -- C:\WINDOWS\nsreg.dat
[2011/01/03 10:23:19 | 000,013,952 | ---- | C] () -- C:\WINDOWS\System32\drivers\UBHelper.sys
[2011/01/02 18:00:02 | 000,000,078 | ---- | C] () -- C:\WINDOWS\LOTUS.INI
[2011/01/02 18:00:02 | 000,000,073 | ---- | C] () -- C:\WINDOWS\ORG2.INI
[2011/01/01 19:05:42 | 000,098,304 | ---- | C] () -- C:\WINDOWS\System32\redmonnt.dll
[2010/12/31 08:30:56 | 000,056,320 | ---- | C] () -- C:\WINDOWS\System32\iyvu9_32.dll
[2010/12/30 19:30:41 | 000,006,550 | ---- | C] () -- C:\WINDOWS\jautoexp.dat
[2010/12/30 18:44:16 | 000,001,024 | ---- | C] () -- C:\WINDOWS\System32\NTIBUN4.dll
[2010/12/30 18:42:37 | 000,001,024 | RH-- | C] () -- C:\WINDOWS\System32\NTICDMK7.dll
[2010/12/30 18:41:31 | 000,001,024 | RH-- | C] () -- C:\WINDOWS\System32\NTIJCMK5.dll
[2010/12/30 18:41:31 | 000,001,024 | RH-- | C] () -- C:\WINDOWS\System32\NTIFCD3.dll
[2010/12/30 18:41:30 | 000,001,024 | RH-- | C] () -- C:\WINDOWS\System32\NTIMPEG2.dll
[2010/12/30 18:41:30 | 000,001,024 | RH-- | C] () -- C:\WINDOWS\System32\NTIMP3.dll
[2010/12/30 18:26:26 | 000,001,024 | RH-- | C] () -- C:\WINDOWS\System32\NTICDMK32.dll
[2010/12/30 18:07:14 | 000,135,192 | ---- | C] () -- C:\WINDOWS\hpwins10.dat
[2010/12/30 17:59:59 | 000,102,400 | ---- | C] () -- C:\WINDOWS\System32\PMLJNI.dll
[2010/12/30 17:59:59 | 000,074,752 | ---- | C] () -- C:\WINDOWS\System32\jst.dll
[2010/12/30 17:42:38 | 000,006,941 | ---- | C] () -- C:\WINDOWS\hplj24x0.ini
[2010/12/30 17:42:21 | 000,002,763 | ---- | C] () -- C:\WINDOWS\mariner.ini
[2010/12/30 17:00:46 | 000,000,376 | ---- | C] () -- C:\WINDOWS\ODBC.INI
[2010/12/30 15:53:53 | 000,074,703 | ---- | C] () -- C:\WINDOWS\System32\mfc45.dll
[2010/12/30 15:40:31 | 000,157,184 | ---- | C] () -- C:\WINDOWS\System32\RtlCPAPI.dll
[2010/12/30 15:40:31 | 000,040,960 | ---- | C] () -- C:\WINDOWS\System32\ChCfg.exe
[2010/12/30 15:37:43 | 000,516,096 | ---- | C] () -- C:\WINDOWS\System32\ati2sgag.exe
[2010/12/30 15:37:39 | 000,104,373 | ---- | C] () -- C:\WINDOWS\System32\atiicdxx.dat
[2010/12/30 15:22:47 | 000,002,048 | --S- | C] () -- C:\WINDOWS\bootstat.dat
[2010/12/30 15:17:15 | 000,021,640 | ---- | C] () -- C:\WINDOWS\System32\emptyregdb.dat
[2010/12/30 07:08:40 | 000,004,161 | ---- | C] () -- C:\WINDOWS\ODBCINST.INI
[2010/12/30 07:07:12 | 000,375,264 | ---- | C] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2008/04/14 05:00:00 | 013,107,200 | ---- | C] () -- C:\WINDOWS\System32\oembios.bin
[2008/04/14 05:00:00 | 000,673,088 | ---- | C] () -- C:\WINDOWS\System32\mlang.dat
[2008/04/14 05:00:00 | 000,492,944 | ---- | C] () -- C:\WINDOWS\System32\perfh009.dat
[2008/04/14 05:00:00 | 000,272,128 | ---- | C] () -- C:\WINDOWS\System32\perfi009.dat
[2008/04/14 05:00:00 | 000,218,003 | ---- | C] () -- C:\WINDOWS\System32\dssec.dat
[2008/04/14 05:00:00 | 000,083,466 | ---- | C] () -- C:\WINDOWS\System32\perfc009.dat
[2008/04/14 05:00:00 | 000,046,258 | ---- | C] () -- C:\WINDOWS\System32\mib.bin
[2008/04/14 05:00:00 | 000,028,626 | ---- | C] () -- C:\WINDOWS\System32\perfd009.dat
[2008/04/14 05:00:00 | 000,004,569 | ---- | C] () -- C:\WINDOWS\System32\secupd.dat
[2008/04/14 05:00:00 | 000,004,461 | ---- | C] () -- C:\WINDOWS\System32\oembios.dat
[2008/04/14 05:00:00 | 000,001,804 | ---- | C] () -- C:\WINDOWS\System32\Dcache.bin
[2008/04/14 05:00:00 | 000,000,741 | ---- | C] () -- C:\WINDOWS\System32\noise.dat
[2008/01/15 05:31:00 | 000,000,530 | ---- | C] () -- C:\WINDOWS\System32\tx14_ic.ini
[2007/03/08 03:43:03 | 000,010,335 | ---- | C] () -- C:\WINDOWS\hpwscr10.dat
[2007/02/27 19:19:55 | 000,001,042 | ---- | C] () -- C:\WINDOWS\hpwmdl10.dat
[2003/02/24 22:49:56 | 000,094,274 | ---- | C] () -- C:\WINDOWS\System32\HPBHEALR.DLL
[2003/01/07 16:05:08 | 000,002,695 | ---- | C] () -- C:\WINDOWS\System32\OUTLPERF.INI
[2001/12/26 17:12:30 | 000,065,536 | ---- | C] () -- C:\WINDOWS\System32\multiplex_vcd.dll
[2001/09/04 00:46:38 | 000,110,592 | ---- | C] () -- C:\WINDOWS\System32\Hmpg12.dll
[2001/07/30 17:33:56 | 000,118,784 | ---- | C] () -- C:\WINDOWS\System32\HMPV2_ENC.dll
[2001/07/23 23:04:36 | 000,118,784 | ---- | C] () -- C:\WINDOWS\System32\HMPV2_ENC_MMX.dll
========== LOP Check ==========
[2011/05/02 18:12:41 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\FileCure
[2011/04/13 17:55:06 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\IObit
[2011/03/23 20:27:47 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\iolo
[2011/04/08 12:24:36 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\NCH Swift Sound
[2011/03/17 13:06:39 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Nuance
[2011/03/21 13:54:03 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\PC Drivers HeadQuarters
[2011/05/30 22:10:25 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\TEMP
[2011/03/21 13:54:49 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\UAB
[2011/01/30 16:14:16 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\{429CAD59-35B1-4DBC-BB6D-1DB246563521}
[2011/03/13 00:31:54 | 000,000,000 | ---D | M] -- C:\Documents and Settings\John Brown\Application Data\facemoods.com
[2011/01/09 14:55:55 | 000,000,000 | ---D | M] -- C:\Documents and Settings\John Brown\Application Data\FUJIFILM
[2011/05/31 21:20:05 | 000,000,000 | ---D | M] -- C:\Documents and Settings\John Brown\Application Data\Image Zone Express
[2011/04/13 17:55:08 | 000,000,000 | ---D | M] -- C:\Documents and Settings\John Brown\Application Data\IObit
[2011/02/04 17:52:09 | 000,000,000 | ---D | M] -- C:\Documents and Settings\John Brown\Application Data\iolo
[2011/03/17 13:21:39 | 000,000,000 | ---D | M] -- C:\Documents and Settings\John Brown\Application Data\Nuance
[2011/05/08 17:04:21 | 000,000,000 | ---D | M] -- C:\Documents and Settings\John Brown\Application Data\Printer Info Cache
[2011/06/13 10:41:28 | 000,000,000 | ---D | M] -- C:\Documents and Settings\John Brown\Application Data\RapidBackup 2
[2011/05/15 14:24:20 | 000,000,000 | ---D | M] -- C:\Documents and Settings\John Brown\Application Data\RegistryKeys
[2011/05/30 07:19:30 | 000,000,000 | ---D | M] -- C:\Documents and Settings\John Brown\Application Data\Titanium Gears
[2011/01/10 23:55:54 | 000,000,000 | ---D | M] -- C:\Documents and Settings\John Brown\Application Data\Transparent
[2011/02/23 19:00:48 | 000,000,000 | ---D | M] -- C:\Documents and Settings\John Brown\Application Data\Uniblue
[2011/06/21 16:21:56 | 000,000,386 | ---- | M] () -- C:\WINDOWS\Tasks\AWC AutoSweep.job
[2011/06/12 14:28:00 | 000,000,308 | ---- | M] () -- C:\WINDOWS\Tasks\expressburnDowngrade.job
[2011/05/21 14:28:00 | 000,000,308 | ---- | M] () -- C:\WINDOWS\Tasks\expressburnShakeIcon.job
[2011/06/13 09:28:07 | 000,000,290 | ---- | M] () -- C:\WINDOWS\Tasks\photopadShakeIcon.job
[2011/06/21 16:21:24 | 000,000,290 | ---- | M] () -- C:\WINDOWS\Tasks\SmartDefrag_Startup.job
========== Purity Check ==========
========== Alternate Data Streams ==========
@Alternate Data Stream - 232 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:0FF263E8
< End of report >
crunchie
990
Most Valuable Poster
Team Colleague
Featured Poster
Are you still getting that message?
gnuma
0
Newbie Poster
Hi, crunchie
No, the problem sa solved. Sorry I did not reply. I thought I had marked the problem as solved. Thanks for all your help.
John
crunchie
990
Most Valuable Poster
Team Colleague
Featured Poster
No worries :)
To remove all of the tools we used and the files and folders they created, please do the following:
Please download OTC by OldTimer:
Save it to your Desktop.
Double click OTC.exe.
Click the CleanUp! button.
If you are prompted to Reboot during the cleanup, select Yes. The tool will delete itself once it finishes.
gnuma
0
Newbie Poster
Hi, crunchie
Took care of deleting files from OTC. That is a neat program. I'm not sure exactly
what it does, but it looks like I should have it, if I knew what to do with it.
Since I'm talking to you, maybe you can help with another problem.
Recently I upgraded to Windows XP. When I got through with everything: when I boot up I get a screen that gives me two options for booting, both Windows XP. The first option gets me in OK but the other takes me to a screen that says:
Windows could not start because of a computer disk hardware configuration problem. Could not read from selected boot disk. Check path and disk hardware. I have no disk in the machine.
John
crunchie
990
Most Valuable Poster
Team Colleague
Featured Poster
How did you install XP? Seems like the mbr thinks there are 2 setups on the PC. You can edit the mbr to delete the one that is not working by using easybcd or something similar.
How much space on the drive did XP take up?
gnuma
0
Newbie Poster
Hi, crunchie
I installed from my cd.
I downloaded easycbd and ran it. It takes me to a window that tells me to locate a valid BCD store.
Where do I go from here
gerbil
216
Industrious Poster
Crunchie had a brainstorm... he'll be okay again in a while.. :)
He meant the boot.ini file, not the mbr. Start Windows, then go CP > System > advanced tab, Startup n Recovery Settings button. Click the Edit button. A notepad should pop with your boot.ini file. You can post it here for our guidance on editing it.
[Just occasionally, during installation Setup will leave an entry that controls its automatic restart during installation; it may be that..or a spurious entry with a misconfigured disk parameter, all fixable]
crunchie
990
Most Valuable Poster
Team Colleague
Featured Poster
lol. I had only just got out of bed. Listen to gerbil as it appears that he has been awake for a while :).
gnuma.
EasyBCD is free for all private, non-commercial use.
<< Straight from their website.
gnuma
0
Newbie Poster
Hi, crunchie
This is the message I just receibed
lol. I had only just got out of bed. Listen to gerbil as it appears that he has been awake for a while .
gnuma.
Quote ...
EasyBCD is free for all private, non-commercial use.
<< Straight from their website.
gnuma
gnuma
0
Newbie Poster
Hi, caruanchie
An getting error windows that is interfering with following instructions.
Window=msfeedsync.exe
"The instruction at "0x0000004195cS". The memory could not be "read".
Click on OK
get window "Microsoft Feeds Synchronization has incountered a problem and needs to close."
gnuma
crunchie
990
Most Valuable Poster
Team Colleague
Featured Poster
Which instructions are you talking about?
gnuma
0
Newbie Poster
We were working on how to delete duplicate "boot line" offered machine opens.
gnuma
crunchie
990
Most Valuable Poster
Team Colleague
Featured Poster
Did you download easybcd? It is free.
skilly
23
Posting Whiz in Training
that is easy
type 'msconfig' into the 'run' line, click 'boot' tab
took me a long time to answer because i don't want another
infraction for posting in a solved thread
crunchie
990
Most Valuable Poster
Team Colleague
Featured Poster
that is easy
type 'msconfig' into the 'run' line, click 'boot' tab
took me a long time to answer because i don't want another
infraction for posting in a solved thread
You did not receive an infraction for posting to a solved thread. You received a 'Keep it organised' infraction for an off-topic remark, by the looks.
gerbil
216
Industrious Poster
An off-topic remark infraction? I probably have hundreds of those.
Good ol M$ for having them, and skilly, for pointing out yet another way to edit the boot.ini file. To advance his instruction: Run msconfig, select Boot.ini tab, press Check All Boot Paths button; the genie will throw up paths that are not valid, remove them. With a dab of commonsense applied, because the Recovery Console, if installed, is not seen as a valid opsys. Yeah, good ol M$.
This error:
"Window=msfeedsync.exe
"The instruction at "0x0000004195cS". The memory could not be "read"."
probably originates from corruption in its temp data store.
Paste this into Run:
"%userprofile%\Local Settings\Application Data\Microsoft\Feeds"
-delete all files inside, including index.dat
gnuma
0
Newbie Poster
I will address this to Skilly because I apparently created a problem with my unfamiliarity with protocol on posting to tech support. In any event Gerbil and Skilly, thank for your inpur which solved my problem. They look so difficult until I get someone that knows what the problem is.
Once again, Thanks everyone.
gerbil
216
Industrious Poster
Ah, you did okay, gnuma. All problems fixed, now?
gnuma
0
Newbie Poster
Hi, gerbil
Yes, that pesky error message went away with the help of the cnfig run.
Thanks for your and Skilly's help. I need to become better acquainted with support side of the internet. I put up with a lot of problems that I don't need to. My computing experience would be so much better without them.
Be a part of the DaniWeb community
We're a friendly, industry-focused community of developers, IT pros, digital marketers, and technology enthusiasts meeting, networking, learning, and sharing knowledge.