OTL logfile created on: 8/20/2010 5:00:35 AM - Run 2 OTL by OldTimer - Version 3.2.10.0 Folder = C:\Documents and Settings\JIM\Desktop Windows XP Home Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation Internet Explorer (Version = 8.0.6001.18702) Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy 767.00 Mb Total Physical Memory | 136.00 Mb Available Physical Memory | 18.00% Memory free 2.00 Gb Paging File | 1.00 Gb Available in Paging File | 69.00% Paging File free Paging file location(s): C:\pagefile.sys 1152 2304 [binary data] %SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files Drive C: | 55.87 Gb Total Space | 15.61 Gb Free Space | 27.95% Space Free | Partition Type: NTFS D: Drive not present or media not loaded E: Drive not present or media not loaded F: Drive not present or media not loaded G: Drive not present or media not loaded H: Drive not present or media not loaded I: Drive not present or media not loaded Computer Name: RAGAN-WZJI7K8KD Current User Name: JIM Logged in as Administrator. Current Boot Mode: Normal Scan Mode: Current user Company Name Whitelist: On Skip Microsoft Files: On File Age = 90 Days Output = Standard Quick Scan [color=#E56717]========== Processes (SafeList) ==========[/color] PRC - [2010/08/20 03:56:31 | 000,575,488 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\JIM\desktop\OTL.exe PRC - [2010/07/24 05:53:19 | 000,910,296 | ---- | M] (Mozilla Corporation) -- C:\Program Files\Mozilla Firefox\firefox.exe PRC - [2010/06/25 20:15:32 | 001,311,312 | ---- | M] (Logitech, Inc.) -- C:\Program Files\Logitech\SetPointP\SetPoint.exe PRC - [2010/06/22 15:09:20 | 000,112,208 | ---- | M] (Logitech, Inc.) -- C:\Program Files\Common Files\Logishrd\KHAL3\KHALMNPR.exe PRC - [2010/06/10 06:58:32 | 001,218,008 | ---- | M] (McAfee, Inc.) -- C:\Program Files\McAfee.com\Agent\mcagent.exe PRC - [2010/06/10 06:58:32 | 000,865,832 | ---- | M] (McAfee, Inc.) -- C:\Program Files\McAfee\MSC\mcmscsvc.exe PRC - [2010/05/31 07:18:16 | 000,323,976 | ---- | M] (BillP Studios) -- C:\Program Files\BillP Studios\WinPatrol\WinPatrol.exe PRC - [2010/04/29 15:39:32 | 001,090,952 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe PRC - [2010/02/17 16:52:00 | 000,144,704 | ---- | M] (McAfee, Inc.) -- C:\Program Files\McAfee\VirusScan\Mcshield.exe PRC - [2010/02/17 15:53:26 | 000,606,736 | ---- | M] (McAfee, Inc.) -- C:\Program Files\McAfee\VirusScan\mcsysmon.exe PRC - [2009/10/27 11:19:46 | 000,895,696 | ---- | M] (McAfee, Inc.) -- C:\Program Files\McAfee\MPF\MpfSrv.exe PRC - [2009/07/08 11:54:34 | 000,359,952 | ---- | M] (McAfee, Inc.) -- c:\Program Files\Common Files\McAfee\McProxy\McProxy.exe PRC - [2009/07/07 19:10:02 | 002,482,848 | ---- | M] (McAfee, Inc.) -- c:\Program Files\Common Files\McAfee\MNA\McNASvc.exe PRC - [2009/07/07 17:45:22 | 000,436,752 | ---- | M] (McAfee, Inc.) -- C:\Program Files\Common Files\McAfee\MSC\McUICnt.exe PRC - [2009/05/08 06:53:34 | 000,174,424 | ---- | M] (Yahoo! Inc.) -- C:\Program Files\Yahoo!\Common\YMailAdvisor.exe PRC - [2009/05/07 23:30:22 | 000,192,128 | ---- | M] (McAfee, Inc.) -- C:\Program Files\McAfee\MSM\McSmtFwk.exe PRC - [2009/01/23 10:46:14 | 000,203,280 | ---- | M] () -- C:\Program Files\McAfee\SiteAdvisor\McSACore.exe PRC - [2008/11/09 16:48:14 | 000,602,392 | ---- | M] (Yahoo! Inc.) -- C:\Program Files\Yahoo!\SoftwareUpdate\YahooAUService.exe PRC - [2008/04/13 20:12:19 | 001,033,728 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe PRC - [2003/06/11 02:52:26 | 000,122,880 | ---- | M] (Visual Networks) -- C:\Program Files\Visual Networks\Visual IP InSight\SBC\ipmon32.exe PRC - [2002/09/10 22:26:26 | 000,368,706 | ---- | M] () -- C:\Program Files\BroadJump\Client Foundation\CFD.exe [color=#E56717]========== Modules (SafeList) ==========[/color] MOD - [2010/08/20 03:56:31 | 000,575,488 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\JIM\desktop\OTL.exe MOD - [2009/01/23 10:46:18 | 000,013,840 | ---- | M] () -- C:\Program Files\McAfee\SiteAdvisor\sahook.dll MOD - [2008/10/09 11:53:03 | 000,062,776 | ---- | M] (BillP Studios) -- C:\Program Files\BillP Studios\WinPatrol\patrolpro.dll MOD - [2008/04/13 20:10:20 | 000,110,592 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\msscript.ocx MOD - [2003/06/11 02:52:24 | 000,098,304 | ---- | M] (Visual Networks) -- C:\Program Files\Visual Networks\Visual IP InSight\SBC\IPHk2KS2.dll [color=#E56717]========== Win32 Services (SafeList) ==========[/color] SRV - File not found [Auto | Stopped] -- C:\WINDOWS\System32\appmgmts.dll -- (AppMgmt) SRV - File not found [Disabled | Stopped] -- C:\Program Files\Common Files\Acronis\Schedule2\schedul2.exe -- (AcrSch2Svc) SRV - File not found [Auto | Stopped] -- C:\WINDOWS\TEMP\015877~1.EXE -- (0158771279847427mcinstcleanup) McAfee Application Installer Cleanup (0158771279847427) SRV - [2010/06/10 06:58:32 | 000,865,832 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Program Files\McAfee\MSC\mcmscsvc.exe -- (mcmscsvc) SRV - [2010/05/06 13:23:56 | 000,090,296 | ---- | M] (PC Pitstop LLC) [Disabled | Stopped] -- C:\Program Files\PCPitstop\PCPitstopScheduleService.exe -- (PCPitstop Scheduling) SRV - [2010/05/06 05:29:12 | 000,293,456 | ---- | M] (Logitech, Inc.) [On_Demand | Stopped] -- C:\Program Files\Common Files\Logishrd\Bluetooth\LBTServ.exe -- (LBTServ) SRV - [2010/04/10 17:05:58 | 000,266,544 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Microsoft Fix it Center\Matsvc.exe -- (MatSvc) SRV - [2010/03/04 23:38:00 | 000,071,096 | ---- | M] () [On_Demand | Stopped] -- C:\Program Files\CDBurnerXP\NMSAccessU.exe -- (NMSAccess) SRV - [2010/02/24 13:16:08 | 000,365,072 | ---- | M] (McAfee, Inc.) [On_Demand | Stopped] -- C:\Program Files\McAfee\VirusScan\mcods.exe -- (McODS) SRV - [2010/02/17 16:52:00 | 000,144,704 | ---- | M] (McAfee, Inc.) [Unknown | Running] -- C:\Program Files\McAfee\VirusScan\Mcshield.exe -- (McShield) SRV - [2010/02/17 15:53:26 | 000,606,736 | ---- | M] (McAfee, Inc.) [On_Demand | Running] -- C:\Program Files\McAfee\VirusScan\mcsysmon.exe -- (McSysmon) SRV - [2009/10/27 11:19:46 | 000,895,696 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Program Files\McAfee\MPF\MPFSrv.exe -- (MpfService) SRV - [2009/07/08 11:54:34 | 000,359,952 | ---- | M] (McAfee, Inc.) [Auto | Running] -- c:\Program Files\Common Files\McAfee\McProxy\McProxy.exe -- (McProxy) SRV - [2009/07/07 19:10:02 | 002,482,848 | ---- | M] (McAfee, Inc.) [Auto | Running] -- c:\Program Files\Common Files\McAfee\MNA\McNASvc.exe -- (McNASvc) SRV - [2009/01/23 10:46:14 | 000,203,280 | ---- | M] () [Auto | Running] -- C:\Program Files\McAfee\SiteAdvisor\McSACore.exe -- (McAfee SiteAdvisor Service) SRV - [2008/11/09 16:48:14 | 000,602,392 | ---- | M] (Yahoo! Inc.) [Auto | Running] -- C:\Program Files\Yahoo!\SoftwareUpdate\YahooAUService.exe -- (YahooAUService) [color=#E56717]========== Driver Services (SafeList) ==========[/color] DRV - File not found [Kernel | On_Demand | Stopped] -- C:\WINDOWS\System32\Drivers\usbaapl.sys -- (USBAAPL) DRV - File not found [Kernel | On_Demand | Stopped] -- C:\WINDOWS\System32\DRIVERS\hamachi.sys -- (hamachi) DRV - File not found [Kernel | On_Demand | Stopped] -- C:\WINDOWS\System32\drivers\aeaudio.sys -- (aeaudio) DRV - [2010/07/15 15:18:22 | 000,120,136 | ---- | M] (McAfee, Inc.) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\Mpfp.sys -- (MPFP) DRV - [2010/05/31 20:32:58 | 000,385,880 | ---- | M] (McAfee, Inc.) [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\mfehidk.sys -- (mfehidk) DRV - [2010/04/29 15:39:38 | 000,038,224 | ---- | M] (Malwarebytes Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\mbamswissarmy.sys -- (MBAMSwissArmy) DRV - [2010/04/27 16:57:28 | 000,066,632 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\WmXlCore.sys -- (WmXlCore) DRV - [2010/04/27 16:57:28 | 000,015,048 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\WmVirHid.sys -- (WmVirHid) DRV - [2010/04/27 16:57:22 | 000,022,856 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\WmBEnum.sys -- (WmBEnum) DRV - [2010/04/27 14:01:26 | 000,037,704 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\WmFilter.sys -- (WmFilter) DRV - [2010/03/18 05:02:08 | 000,037,328 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\LMouFilt.Sys -- (LMouFilt) DRV - [2010/03/18 05:01:52 | 000,038,864 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\LHidFilt.Sys -- (LHidFilt) DRV - [2010/03/18 05:01:12 | 000,010,448 | ---- | M] (Logitech, Inc.) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\LBeepKE.sys -- (LBeepKE) DRV - [2010/02/17 16:52:48 | 000,079,816 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\mfeavfk.sys -- (mfeavfk) DRV - [2010/02/17 16:52:48 | 000,040,552 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\mfesmfk.sys -- (mfesmfk) DRV - [2010/02/17 16:52:48 | 000,035,272 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\mfebopk.sys -- (mfebopk) DRV - [2010/02/17 16:52:10 | 000,034,248 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\mferkdk.sys -- (mferkdk) DRV - [2009/11/12 14:48:56 | 000,007,168 | ---- | M] () [File_System | On_Demand | Stopped] -- C:\WINDOWS\System32\drivers\StarOpen.sys -- (StarOpen) DRV - [2009/06/17 12:55:18 | 000,020,240 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\L8042Kbd.sys -- (L8042Kbd) DRV - [2009/01/30 08:24:01 | 000,085,969 | ---- | M] (GMER) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\gmer.sys -- (gmer) DRV - [2008/12/18 23:43:54 | 000,079,248 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\LMouKE.Sys -- (LMouKE) DRV - [2008/12/18 23:43:12 | 000,063,248 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\L8042mou.Sys -- (L8042mou) DRV - [2008/08/19 12:49:37 | 000,020,096 | ---- | M] (Printing Communications Assoc., Inc. (PCAUSA)) [Kernel | On_Demand | Stopped] -- C:\Program Files\Common Files\Motive\MRESP50.sys -- (MRESP50) DRV - [2008/08/19 12:49:36 | 000,021,248 | ---- | M] (Printing Communications Assoc., Inc. (PCAUSA)) [Kernel | On_Demand | Stopped] -- C:\Program Files\Common Files\Motive\MREMP50.sys -- (MREMP50) DRV - [2008/04/13 14:45:30 | 000,010,624 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\gameenum.sys -- (gameenum) DRV - [2008/04/13 14:45:12 | 000,060,032 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\usbaudio.sys -- (usbaudio) USB Audio Driver (WDM) DRV - [2006/10/22 12:22:00 | 003,994,624 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\nv4_mini.sys -- (nv) DRV - [2006/05/10 10:56:54 | 000,027,264 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\LHidKE.Sys -- (LHidKe) DRV - [2005/08/28 22:04:04 | 000,044,032 | ---- | M] (Reality XP) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\rxpvbus.sys -- (rxpvbus) DRV - [2004/09/17 09:02:54 | 000,732,928 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\senfilt.sys -- (senfilt) DRV - [2003/09/22 11:43:06 | 001,330,048 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\P16X.sys -- (P16X) Creative SB Live! Series (WDM) DRV - [2003/09/22 07:48:06 | 000,130,192 | ---- | M] (Creative Technology Ltd) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ctsfm2k.sys -- (ctsfm2k) DRV - [2003/09/22 07:47:38 | 000,178,672 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ctoss2k.sys -- (ossrv) DRV - [2003/08/29 05:59:24 | 001,101,696 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\BCMSM.sys -- (BCMModem) DRV - [2003/03/05 13:19:28 | 000,015,840 | ---- | M] (Creative Technology Ltd.) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\PFMODNT.SYS -- (PfModNT) DRV - [2002/07/17 10:05:10 | 000,016,512 | ---- | M] (Adaptec) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ASPI32.SYS -- (ASPI) DRV - [2001/08/22 09:42:58 | 000,013,632 | ---- | M] (Dell Computer Corporation) [Kernel | System | Running] -- C:\WINDOWS\SYSTEM32\DRIVERS\OMCI.SYS -- (OMCI) DRV - [2001/08/17 09:57:38 | 000,016,128 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\MODEMCSA.sys -- (MODEMCSA) [color=#E56717]========== Standard Registry (SafeList) ==========[/color] [color=#E56717]========== Internet Explorer ==========[/color] IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.yahoo.com IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.yahoo.com IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,CustomSearch = http://red.clientapps.yahoo.com/customize/ie/defaults/cs/sbcydsl/*http://www.yahoo.com/search/ie.html IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL = IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,SearchDefaultBranded = 1 IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Secondary Start Pages = [binary data] IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.yahoo.com IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = 127.0.0.1 [color=#E56717]========== FireFox ==========[/color] FF - prefs.js..browser.search.defaultEngine: "Yahoo" FF - prefs.js..browser.search.defaultenginename: "Google" FF - prefs.js..browser.search.param.yahoo-fr: "chrf-spt_gen" FF - prefs.js..browser.search.param.yahoo-fr-cjkt: "chrf-spt_gen" FF - prefs.js..browser.search.param.yahoo-type: "" FF - prefs.js..browser.startup.homepage: "about:blank" FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}:6.0.21 FF - prefs.js..extensions.enabledItems: {d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}:1.2.2 FF - prefs.js..extensions.enabledItems: {73a6fe31-595d-460b-a920-fcc0f8843232}:2.0.1 FF - prefs.js..extensions.enabledItems: {635abd67-4fe9-1b23-4f01-e679fa7484c1}:2.2.3.20100629024429 FF - prefs.js..extensions.enabledItems: personas@christopher.beard:1.5.3 FF - prefs.js..extensions.enabledItems: {B7082FAA-CB62-4872-9106-E42DD88EDE45}:2.8 FF - prefs.js..keyword.URL: "http://search.yahoo.com/search?ei=UTF-8&fr=ytff-spt_gen&p=" FF - prefs.js..network.proxy.no_proxies_on: "127.0.0.1" FF - prefs.js..network.proxy.type: 0 FF - user.js..browser.startup.homepage: "about:blank" FF - user.js..browser.search.defaultenginename: "Google" FF - HKLM\software\mozilla\Firefox\Extensions\\{B7082FAA-CB62-4872-9106-E42DD88EDE45}: C:\Program Files\McAfee\SiteAdvisor [2010/08/19 17:53:13 | 000,000,000 | ---D | M] FF - HKLM\software\mozilla\Mozilla Firefox 3.6.8\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2010/08/13 08:12:35 | 000,000,000 | ---D | M] FF - HKLM\software\mozilla\Mozilla Firefox 3.6.8\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2010/08/11 16:31:59 | 000,000,000 | ---D | M] [2010/07/21 07:44:31 | 000,000,000 | ---D | M] -- C:\Documents and Settings\JIM\Application Data\Mozilla\Extensions [2010/08/19 05:12:48 | 000,000,000 | ---D | M] -- C:\Documents and Settings\JIM\Application Data\Mozilla\Firefox\Profiles\fri2e1fl.default\extensions [2010/08/03 14:16:07 | 000,000,000 | ---D | M] (Yahoo! Toolbar) -- C:\Documents and Settings\JIM\Application Data\Mozilla\Firefox\Profiles\fri2e1fl.default\extensions\{635abd67-4fe9-1b23-4f01-e679fa7484c1} [2010/08/09 09:06:09 | 000,000,000 | ---D | M] (NoScript) -- C:\Documents and Settings\JIM\Application Data\Mozilla\Firefox\Profiles\fri2e1fl.default\extensions\{73a6fe31-595d-460b-a920-fcc0f8843232} [2010/08/17 19:52:53 | 000,000,000 | ---D | M] (Adblock Plus) -- C:\Documents and Settings\JIM\Application Data\Mozilla\Firefox\Profiles\fri2e1fl.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d} [2010/07/21 09:32:22 | 000,000,000 | ---D | M] -- C:\Documents and Settings\JIM\Application Data\Mozilla\Firefox\Profiles\fri2e1fl.default\extensions\personas@christopher.beard [2010/08/19 05:12:48 | 000,000,000 | ---D | M] -- C:\Program Files\Mozilla Firefox\extensions [2010/07/11 09:00:02 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA} [2010/07/11 08:59:08 | 000,423,656 | ---- | M] (Oracle) -- C:\Program Files\Mozilla Firefox\plugins\npdeployJava1.dll O1 HOSTS File: ([2010/08/20 03:07:22 | 000,000,098 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\Hosts O1 - Hosts: 127.0.0.1 localhost O1 - Hosts: ::1 localhost O2 - BHO: (&Yahoo! Toolbar Helper) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn1\yt.dll (Yahoo! Inc.) O2 - BHO: (Spybot-S&D IE Protection) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited) O2 - BHO: (Yahoo! IE Services Button) - {5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897} - C:\Program Files\Yahoo!\Common\yiesrvc.dll (Yahoo! Inc.) O2 - BHO: (scriptproxy) - {7DB2D5A0-7241-4E79-B68D-6309F01C5231} - C:\Program Files\McAfee\VirusScan\scriptsn.dll (McAfee, Inc.) O2 - BHO: (McAfee SiteAdvisor BHO) - {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - c:\Program Files\McAfee\SiteAdvisor\McIEPlg.dll () O2 - BHO: (SingleInstance Class) - {FDAD4DA1-61A2-4FD8-9C17-86F7AC245081} - C:\Program Files\Yahoo!\Companion\Installs\cpn1\YTSingleInstance.dll (Yahoo! Inc) O3 - HKLM\..\Toolbar: (McAfee SiteAdvisor Toolbar) - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\Program Files\McAfee\SiteAdvisor\McIEPlg.dll () O3 - HKLM\..\Toolbar: (AT&&T Toolbar) - {4E7BD74F-2B8D-469E-94BE-FD60BB9AAE29} - C:\Program Files\ATTToolbar\ATTToolbar.dll (AT&T) O3 - HKLM\..\Toolbar: (Yahoo! Toolbar) - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn1\yt.dll (Yahoo! Inc.) O3 - HKCU\..\Toolbar\WebBrowser: (Yahoo! Toolbar) - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn1\yt.dll (Yahoo! Inc.) O4 - HKLM..\Run: [BJCFD] C:\Program Files\BroadJump\Client Foundation\CFD.exe () O4 - HKLM..\Run: [EvtMgr6] C:\Program Files\Logitech\SetPointP\SetPoint.exe (Logitech, Inc.) O4 - HKLM..\Run: [IPInSightMonitor 02] C:\Program Files\Visual Networks\Visual IP InSight\SBC\ipmon32.exe (Visual Networks) O4 - HKLM..\Run: [mcagent_exe] C:\Program Files\McAfee.com\Agent\mcagent.exe (McAfee, Inc.) O4 - HKLM..\Run: [McENUI] C:\Program Files\McAfee\MHN\McENUI.exe (McAfee, Inc.) O4 - HKLM..\Run: [UpdReg] C:\WINDOWS\Updreg.EXE (Creative Technology Ltd.) O4 - HKLM..\Run: [WinPatrol] C:\Program Files\BillP Studios\WinPatrol\winpatrol.exe (BillP Studios) O4 - HKLM..\Run: [YMailAdvisor] C:\Program Files\Yahoo!\Common\YMailAdvisor.exe (Yahoo! Inc.) O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\control panel present O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\restrictions present O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: = O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0 O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\restrictions present O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 327 O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863 O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0 O9 - Extra Button: AT&T Yahoo! Services - {5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897} - C:\Program Files\Yahoo!\Common\yiesrvc.dll (Yahoo! Inc.) O9 - Extra 'Tools' menuitem : Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited) O15 - HKCU\..Trusted Domains: 0.0.0.0 ([]https in Trusted sites) O15 - HKCU\..Trusted Domains: internet ([]about in Trusted sites) O15 - HKCU\..Trusted Domains: mcafee.com ([]http in Trusted sites) O15 - HKCU\..Trusted Domains: mcafee.com ([]https in Trusted sites) O15 - HKCU\..Trusted Domains: motive.com ([pattta.att] https in Trusted sites) O15 - HKCU\..Trusted Domains: motive.com ([patttbc.att] https in Trusted sites) O15 - HKCU\..Trusted Domains: myloweslife.com ([pmf] https in Trusted sites) O15 - HKCU\..Trusted Domains: yahoo.com ([]* in Trusted sites) O15 - HKCU\..Trusted Domains: yahoo.com ([]http in Trusted sites) O15 - HKCU\..Trusted Domains: yahoo.com ([]https in Trusted sites) O16 - DPF: {0067DBFC-A752-458C-AE6E-B9C7E63D4824} http://www.logitech.com/devicedetector/plugins/LogitechDeviceDetection32.cab (Device Detection) O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} http://go.microsoft.com/fwlink/?linkid=39204 (Windows Genuine Advantage Validation Tool) O16 - DPF: {1842B0EE-B597-11D4-8997-00104BD12D94} http://www.pcpitstop.com/internet/pcpConnCheck.cab (iCC Class) O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} C:\Program Files\Yahoo!\Common\Yinsthelper.dll (Installation Support) O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} http://download.bitdefender.com/resources/scanner/sources/en/scan8/oscan8.cab (BDSCANONLINE Control) O16 - DPF: {5ED80217-570B-4DA9-BF44-BE107C0EC166} http://cdn.scan.onecare.live.com/resource/download/scanner/wlscbase6087.cab (Windows Live Safety Center Base Module) O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} http://www.update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1229963374640 (WUWebControl Class) O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} http://www.update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1254574834343 (MUWebControl Class) O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_21-windows-i586.cab (Java Plug-in 1.6.0_21) O16 - DPF: {9732FB42-C321-11D1-836F-00A0C993F125} http://pcpitstop.com/mhLbl.cab (mhLabel Class) O16 - DPF: {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_21-windows-i586.cab (Java Plug-in 1.6.0_21) O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_21-windows-i586.cab (Java Plug-in 1.6.0_21) O16 - DPF: {EF791A6B-FC12-4C68-99EF-FB9E207A39E6} http://download.mcafee.com/molbin/iss-loc/mcfscan/2,2,0,5483/mcfscan.cab (McFreeScan Class) O16 - DPF: DirectAnimation Java Classes file://C:\WINDOWS\Java\classes\dajava.cab (Reg Error: Key error.) O16 - DPF: Microsoft XML Parser for Java file://C:\WINDOWS\Java\classes\xmldso.cab (Reg Error: Key error.) O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.0.1 192.168.0.1 O18 - Protocol\Handler\sacore {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files\McAfee\SiteAdvisor\McIEPlg.dll () O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation) O20 - Winlogon\Notify\LBTWlgn: DllName - c:\program files\common files\logishrd\bluetooth\LBTWlgn.dll - c:\Program Files\Common Files\Logishrd\Bluetooth\LBTWLgn.dll (Logitech, Inc.) O24 - Desktop WallPaper: C:\Documents and Settings\JIM\Application Data\FastStone\FSIV\FSViewerWallPaper.bmp O24 - Desktop BackupWallPaper: C:\Documents and Settings\JIM\Application Data\FastStone\FSIV\FSViewerWallPaper.bmp O28 - HKLM ShellExecuteHooks: {5AE067D3-9AFB-48E0-853A-EBB7F4A000DA} - Reg Error: Key error. File not found O32 - HKLM CDRom: AutoRun - 1 O32 - AutoRun File - [2008/12/16 13:25:08 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ] O34 - HKLM BootExecute: (autocheck autochk *) - File not found O35 - HKLM\..comfile [open] -- "%1" %* O35 - HKLM\..exefile [open] -- "%1" %* O37 - HKLM\...com [@ = comfile] -- "%1" %* O37 - HKLM\...exe [@ = exefile] -- "%1" %* O37 - HKCU\...exe [@ = exefile] -- Reg Error: Key error. File not found NetSvcs: 6to4 - File not found NetSvcs: AppMgmt - C:\WINDOWS\System32\appmgmts.dll File not found NetSvcs: Ias - File not found NetSvcs: Iprip - File not found NetSvcs: Irmon - File not found NetSvcs: NWCWorkstation - File not found NetSvcs: Nwsapagent - File not found NetSvcs: Wmi - C:\WINDOWS\System32\wmi.dll (Microsoft Corporation) NetSvcs: WmdmPmSp - File not found Drivers32: aux - C:\WINDOWS\System32\wdmaud.drv (Microsoft Corporation) Drivers32: aux1 - C:\WINDOWS\System32\wdmaud.drv (Microsoft Corporation) Drivers32: midi - C:\WINDOWS\System32\wdmaud.drv (Microsoft Corporation) Drivers32: midi1 - C:\WINDOWS\System32\wdmaud.drv (Microsoft Corporation) Drivers32: midi2 - C:\WINDOWS\System32\wdmaud.drv (Microsoft Corporation) Drivers32: midi3 - C:\WINDOWS\System32\wdmaud.drv (Microsoft Corporation) Drivers32: midi4 - C:\WINDOWS\System32\wdmaud.drv (Microsoft Corporation) Drivers32: midimapper - C:\WINDOWS\System32\midimap.dll (Microsoft Corporation) Drivers32: mixer - C:\WINDOWS\System32\wdmaud.drv (Microsoft Corporation) Drivers32: mixer1 - C:\WINDOWS\System32\wdmaud.drv (Microsoft Corporation) Drivers32: mixer2 - C:\WINDOWS\System32\wdmaud.drv (Microsoft Corporation) Drivers32: mixer3 - C:\WINDOWS\System32\wdmaud.drv (Microsoft Corporation) Drivers32: mixer4 - C:\WINDOWS\System32\wdmaud.drv (Microsoft Corporation) Drivers32: msacm.ctmp3 - C:\WINDOWS\system32\ctmp3.acm (Creative Technology Ltd.) Drivers32: msacm.imaadpcm - C:\WINDOWS\System32\imaadp32.acm (Microsoft Corporation) Drivers32: msacm.l3acm - C:\WINDOWS\system32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS) Drivers32: msacm.lhacm - C:\WINDOWS\System32\lhacm.acm (Microsoft Corporation) Drivers32: msacm.msadpcm - C:\WINDOWS\System32\msadp32.acm (Microsoft Corporation) Drivers32: msacm.msaudio1 - C:\WINDOWS\System32\msaud32.acm (Microsoft Corporation) Drivers32: msacm.msg711 - C:\WINDOWS\System32\msg711.acm (Microsoft Corporation) Drivers32: msacm.msg723 - C:\WINDOWS\System32\msg723.acm (Microsoft Corporation) Drivers32: msacm.msgsm610 - C:\WINDOWS\System32\msgsm32.acm (Microsoft Corporation) Drivers32: msacm.sl_anet - C:\WINDOWS\System32\sl_anet.acm (Sipro Lab Telecom Inc.) Drivers32: msacm.trspch - C:\WINDOWS\System32\tssoft32.acm (DSP GROUP, INC.) Drivers32: vidc.cvid - C:\WINDOWS\System32\iccvid.dll (Radius Inc.) Drivers32: vidc.I420 - C:\WINDOWS\System32\msh263.drv (Microsoft Corporation) Drivers32: vidc.iv31 - C:\WINDOWS\System32\ir32_32.dll () Drivers32: vidc.iv32 - C:\WINDOWS\System32\ir32_32.dll () Drivers32: vidc.iyuv - C:\WINDOWS\System32\iyuv_32.dll (Microsoft Corporation) Drivers32: vidc.M261 - C:\WINDOWS\System32\msh261.drv (Microsoft Corporation) Drivers32: vidc.M263 - C:\WINDOWS\System32\msh263.drv (Microsoft Corporation) Drivers32: vidc.mrle - C:\WINDOWS\System32\msrle32.dll (Microsoft Corporation) Drivers32: vidc.msvc - C:\WINDOWS\System32\msvidc32.dll (Microsoft Corporation) Drivers32: vidc.uyvy - C:\WINDOWS\System32\msyuv.dll (Microsoft Corporation) Drivers32: vidc.yuy2 - C:\WINDOWS\System32\msyuv.dll (Microsoft Corporation) Drivers32: vidc.yvu9 - C:\WINDOWS\System32\tsbyuv.dll (Microsoft Corporation) Drivers32: vidc.yvyu - C:\WINDOWS\System32\msyuv.dll (Microsoft Corporation) Drivers32: wave - C:\WINDOWS\System32\serwvdrv.dll (Microsoft Corporation) Drivers32: wave1 - C:\WINDOWS\System32\wdmaud.drv (Microsoft Corporation) Drivers32: wave2 - C:\WINDOWS\System32\wdmaud.drv (Microsoft Corporation) Drivers32: wave3 - C:\WINDOWS\System32\wdmaud.drv (Microsoft Corporation) Drivers32: wave4 - C:\WINDOWS\System32\wdmaud.drv (Microsoft Corporation) Drivers32: wave5 - C:\WINDOWS\System32\wdmaud.drv (Microsoft Corporation) Drivers32: wavemapper - C:\WINDOWS\System32\msacm32.drv (Microsoft Corporation) CREATERESTOREPOINT Restore point Set: OTL Restore Point (16902109354000384) [color=#E56717]========== Files/Folders - Created Within 90 Days ==========[/color] [2010/08/20 03:56:18 | 000,575,488 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\JIM\Desktop\OTL.exe [2010/08/20 03:39:38 | 000,000,000 | ---D | C] -- C:\Program Files\WinRAR [2010/08/20 03:20:02 | 001,170,256 | ---- | C] (Kaspersky Lab ZAO) -- C:\Documents and Settings\JIM\Desktop\TDSSKiller.exe [2010/08/20 03:19:02 | 000,000,000 | ---D | C] -- C:\Documents and Settings\JIM\Desktop\GooredFix Backups [2010/08/20 03:14:23 | 000,071,398 | ---- | C] (jpshortstuff) -- C:\Documents and Settings\JIM\Desktop\GooredFix.exe [2010/08/20 03:07:20 | 000,000,000 | ---D | C] -- C:\_OTM [2010/08/19 12:31:03 | 000,000,000 | RH-D | C] -- C:\Documents and Settings\JIM\Recent [2010/08/19 07:39:06 | 000,000,000 | ---D | C] -- C:\Program Files\PCPitstop [2010/08/19 05:18:47 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\SUPERAntiSpyware.com [2010/08/12 06:55:14 | 000,991,232 | ---- | C] (Sensaura) -- C:\WINDOWS\System32\virtear.dll [2010/08/12 06:55:14 | 000,000,000 | ---D | C] -- C:\WINDOWS\VirtualEar [2010/08/12 06:54:33 | 000,311,296 | ---- | C] (Analog Devices Incorporated) -- C:\WINDOWS\System32\Edcrypt.dll [2010/08/01 18:25:55 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\TEMP [2010/08/01 17:56:50 | 000,000,000 | ---D | C] -- C:\Documents and Settings\JIM\Local Settings\Application Data\Full_Multimedia [2010/08/01 17:55:59 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\FLAC to MP3 [2010/08/01 17:54:50 | 000,000,000 | ---D | C] -- C:\Program Files\Flac to MP3 [2010/08/01 12:24:46 | 000,000,000 | ---D | C] -- C:\Documents and Settings\JIM\My Documents\Vuze Downloads [2010/08/01 10:10:32 | 000,000,000 | ---D | C] -- C:\Program Files\SystemRequirementsLab [2010/08/01 10:10:02 | 000,000,000 | ---D | C] -- C:\Documents and Settings\JIM\Application Data\SystemRequirementsLab [2010/07/31 13:55:29 | 000,133,440 | ---- | C] (SurfRight B.V.) -- C:\WINDOWS\System32\LnkProtect.dll [2010/07/27 07:31:19 | 000,000,000 | ---D | C] -- C:\Documents and Settings\JIM\My Documents\Foley [2010/07/27 07:23:46 | 000,000,000 | ---D | C] -- C:\Documents and Settings\JIM\Local Settings\Application Data\Batchwork [2010/07/25 07:07:06 | 000,000,000 | ---D | C] -- C:\WINDOWS\SxsCaPendDel [2010/07/21 17:40:35 | 000,079,816 | ---- | C] (McAfee, Inc.) -- C:\WINDOWS\System32\drivers\mfeavfk.sys [2010/07/21 17:40:35 | 000,040,552 | ---- | C] (McAfee, Inc.) -- C:\WINDOWS\System32\drivers\mfesmfk.sys [2010/07/21 17:40:35 | 000,035,272 | ---- | C] (McAfee, Inc.) -- C:\WINDOWS\System32\drivers\mfebopk.sys [2010/07/21 17:40:28 | 000,120,136 | ---- | C] (McAfee, Inc.) -- C:\WINDOWS\System32\drivers\Mpfp.sys [2010/07/21 17:39:51 | 000,000,000 | ---D | C] -- C:\Program Files\McAfee.com [2010/07/21 17:34:35 | 000,034,248 | ---- | C] (McAfee, Inc.) -- C:\WINDOWS\System32\drivers\mferkdk.sys [2010/07/21 08:49:46 | 000,000,000 | ---D | C] -- C:\Documents and Settings\JIM\Local Settings\Application Data\ATTYToolbar [2010/07/21 08:49:46 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\ATTYToolbar [2010/07/15 07:55:11 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\PCPitstop [2010/07/14 09:55:09 | 000,000,000 | ---D | C] -- C:\Documents and Settings\JIM\My Documents\Council Site [2010/07/11 09:00:53 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Java [2010/07/11 08:59:55 | 000,153,376 | ---- | C] (Oracle) -- C:\WINDOWS\System32\javaws.exe [2010/07/11 08:59:55 | 000,145,184 | ---- | C] (Oracle) -- C:\WINDOWS\System32\javaw.exe [2010/07/11 08:59:55 | 000,073,728 | ---- | C] (Oracle) -- C:\WINDOWS\System32\javacpl.cpl [2010/07/11 08:59:54 | 000,145,184 | ---- | C] (Oracle) -- C:\WINDOWS\System32\java.exe [2010/07/11 08:58:29 | 000,000,000 | ---D | C] -- C:\Program Files\Java [2010/07/10 08:51:06 | 000,000,000 | ---D | C] -- C:\Documents and Settings\LocalService\Application Data\McAfee [2010/07/09 14:44:23 | 000,000,000 | ---D | C] -- C:\Qoobox [2010/07/01 19:36:40 | 000,000,000 | ---D | C] -- C:\WINDOWS\ERUNT [2010/07/01 03:51:27 | 000,000,000 | ---D | C] -- C:\Program Files\ESET [2010/06/30 07:53:22 | 000,000,000 | ---D | C] -- C:\Documents and Settings\JIM\Local Settings\Application Data\Mil Incorporated [2010/06/29 18:24:19 | 000,000,000 | ---D | C] -- C:\clamWin [2010/06/29 12:43:57 | 000,000,000 | ---D | C] -- C:\Program Files\FileHippo.com [2010/06/29 11:03:01 | 000,000,000 | ---D | C] -- C:\Documents and Settings\JIM\Local Settings\Application Data\FreeFixer [2010/06/29 11:03:01 | 000,000,000 | ---D | C] -- C:\Documents and Settings\JIM\Application Data\FreeFixer [2010/06/29 11:02:54 | 000,000,000 | ---D | C] -- C:\Program Files\FreeFixer [2010/06/29 08:32:31 | 000,000,000 | ---D | C] -- C:\Documents and Settings\JIM\Application Data\Creative [2010/06/28 22:40:35 | 000,000,000 | ---D | C] -- C:\WINDOWS\BDOSCAN8 [2010/06/28 21:58:47 | 000,000,000 | ---D | C] -- C:\Documents and Settings\JIM\Local Settings\Application Data\FixItCenter [2010/06/28 21:53:02 | 000,000,000 | ---D | C] -- C:\WINDOWS\MATS [2010/06/28 21:53:00 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Fix it Center [2010/06/28 21:51:55 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\windowspowershell [2010/06/28 20:57:48 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\SITEguard [2010/06/28 20:56:23 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\iS3 [2010/06/28 17:47:19 | 000,000,000 | -HSD | C] -- C:\RECYCLER [2010/06/28 12:21:54 | 000,031,232 | ---- | C] (NirSoft) -- C:\WINDOWS\NIRCMD.exe [2010/06/28 12:21:47 | 000,000,000 | ---D | C] -- C:\WINDOWS\ERDNT [2010/06/22 05:23:09 | 000,000,000 | ---D | C] -- C:\Documents and Settings\JIM\Application Data\Canneverbe Limited [2010/06/22 05:23:08 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Canneverbe Limited [2010/06/22 05:22:47 | 000,000,000 | ---D | C] -- C:\Program Files\CDBurnerXP [2010/06/10 06:31:09 | 000,012,872 | ---- | C] (SurfRight B.V.) -- C:\WINDOWS\System32\bootdelete.exe [2010/06/04 07:07:50 | 000,000,000 | ---D | C] -- C:\Documents and Settings\JIM\My Documents\council 6-3 [2010/05/26 18:18:56 | 000,000,000 | ---D | C] -- C:\Documents and Settings\JIM\My Documents\council 5-25 [2009/01/28 10:24:17 | 000,065,536 | ---- | C] ( ) -- C:\WINDOWS\System32\A3d.dll [2004/03/17 18:13:46 | 001,028,368 | ---- | C] (Microsoft Corporation) -- C:\Program Files\vbrun60sp6.exe [color=#E56717]========== Files - Modified Within 90 Days ==========[/color] [2010/08/20 03:56:31 | 000,575,488 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\JIM\Desktop\OTL.exe [2010/08/20 03:48:02 | 000,000,250 | ---- | M] () -- C:\WINDOWS\gmer.ini [2010/08/20 03:28:22 | 000,016,965 | ---- | M] () -- C:\WINDOWS\System32\Config.MPF [2010/08/20 03:27:14 | 000,000,006 | -H-- | M] () -- C:\WINDOWS\tasks\SA.DAT [2010/08/20 03:27:06 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat [2010/08/20 03:25:55 | 014,680,064 | ---- | M] () -- C:\Documents and Settings\JIM\ntuser.dat [2010/08/20 03:25:55 | 000,000,178 | -HS- | M] () -- C:\Documents and Settings\JIM\ntuser.ini [2010/08/20 03:15:08 | 000,071,398 | ---- | M] (jpshortstuff) -- C:\Documents and Settings\JIM\Desktop\GooredFix.exe [2010/08/20 03:07:22 | 000,000,098 | ---- | M] () -- C:\WINDOWS\System32\drivers\etc\Hosts [2010/08/19 16:52:01 | 004,314,672 | -H-- | M] () -- C:\Documents and Settings\JIM\Local Settings\Application Data\IconCache.db [2010/08/19 07:49:41 | 000,000,719 | ---- | M] () -- C:\Documents and Settings\JIM\Desktop\PC Matic.lnk [2010/08/18 12:17:30 | 000,073,216 | ---- | M] () -- C:\Documents and Settings\JIM\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini [2010/08/18 10:01:32 | 000,001,632 | ---- | M] () -- C:\Documents and Settings\JIM\Desktop\Update Checker.lnk [2010/08/18 06:06:19 | 000,002,206 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl [2010/08/18 05:36:43 | 002,359,350 | ---- | M] () -- C:\Documents and Settings\JIM\My Documents\services logitech.bmp [2010/08/18 05:30:00 | 000,016,400 | ---- | M] (Logitech, Inc.) -- C:\WINDOWS\System32\drivers\LNonPnP.sys [2010/08/17 20:29:32 | 000,088,566 | ---- | M] () -- C:\WINDOWS\System32\nvapps.xml [2010/08/17 15:07:15 | 002,359,350 | ---- | M] () -- C:\Documents and Settings\JIM\My Documents\1st entry for Logitech drv details.bmp [2010/08/17 15:05:14 | 002,359,350 | ---- | M] () -- C:\Documents and Settings\JIM\My Documents\2nd entry for Logitech drv details.bmp [2010/08/17 15:03:27 | 002,359,350 | ---- | M] () -- C:\Documents and Settings\JIM\My Documents\3rd entry for Logitech drv details.bmp [2010/08/17 14:58:52 | 002,359,350 | ---- | M] () -- C:\Documents and Settings\JIM\My Documents\device mgr for Logitech.bmp [2010/08/16 17:33:25 | 000,685,736 | ---- | M] () -- C:\Documents and Settings\JIM\device manager [2010/08/13 14:00:07 | 000,710,462 | ---- | M] () -- C:\Documents and Settings\JIM\My Documents\04.jpg [2010/08/11 23:46:41 | 000,186,608 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT [2010/08/11 23:37:46 | 000,501,230 | ---- | M] () -- C:\WINDOWS\System32\PerfStringBackup.INI [2010/08/11 23:37:46 | 000,441,124 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat [2010/08/11 23:37:46 | 000,071,060 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat [2010/08/11 22:34:25 | 000,000,040 | ---- | M] () -- C:\WINDOWS\WeatherSet2.ini [2010/08/10 14:44:49 | 000,016,968 | ---- | M] () -- C:\WINDOWS\System32\drivers\hitmanpro35.sys [2010/08/09 11:39:40 | 000,000,675 | ---- | M] () -- C:\Documents and Settings\JIM\Desktop\Glary Utilities.lnk [2010/08/09 09:23:32 | 000,001,562 | ---- | M] () -- C:\WINDOWS\uninstall_bootracer [2010/08/06 08:07:06 | 000,000,385 | -H-- | M] () -- C:\Documents and Settings\All Users\Documents\bootracer.ini [2010/08/04 16:50:51 | 000,001,563 | ---- | M] () -- C:\WINDOWS\bootracer [2010/07/31 13:55:29 | 000,133,440 | ---- | M] (SurfRight B.V.) -- C:\WINDOWS\System32\LnkProtect.dll [2010/07/31 10:56:14 | 000,000,517 | ---- | M] () -- C:\WINDOWS\win.ini [2010/07/31 10:56:14 | 000,000,227 | ---- | M] () -- C:\WINDOWS\system.ini [2010/07/31 10:56:14 | 000,000,211 | -HS- | M] () -- C:\boot.ini [2010/07/30 21:44:39 | 000,000,032 | ---- | M] () -- C:\WINDOWS\vb_mconf.ini [2010/07/28 08:09:13 | 000,001,604 | ---- | M] () -- C:\Documents and Settings\JIM\Desktop\CDBurnerXP.lnk [2010/07/28 08:03:14 | 000,000,682 | ---- | M] () -- C:\Documents and Settings\JIM\Desktop\CCleaner.lnk [2010/07/22 16:11:12 | 001,170,256 | ---- | M] (Kaspersky Lab ZAO) -- C:\Documents and Settings\JIM\Desktop\TDSSKiller.exe [2010/07/21 17:44:38 | 000,000,671 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\McAfee Security Center.lnk [2010/07/21 17:40:08 | 000,000,336 | ---- | M] () -- C:\WINDOWS\tasks\McDefragTask.job [2010/07/21 17:40:07 | 000,000,314 | ---- | M] () -- C:\WINDOWS\tasks\McQcTask.job [2010/07/21 17:01:30 | 000,000,782 | ---- | M] () -- C:\Documents and Settings\JIM\Desktop\Shortcut to CAYahooAntispy.lnk [2010/07/21 07:43:59 | 000,001,620 | ---- | M] () -- C:\Documents and Settings\JIM\Application Data\Microsoft\Internet Explorer\Quick Launch\Mozilla Firefox.lnk [2010/07/21 07:43:59 | 000,001,602 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Mozilla Firefox.lnk [2010/07/18 05:27:18 | 000,000,664 | ---- | M] () -- C:\WINDOWS\System32\d3d9caps.dat [2010/07/15 15:18:22 | 000,120,136 | ---- | M] (McAfee, Inc.) -- C:\WINDOWS\System32\drivers\Mpfp.sys [2010/07/14 13:59:59 | 000,000,708 | ---- | M] () -- C:\Documents and Settings\JIM\Desktop\Malwarebytes' Anti-Malware.lnk [2010/07/12 05:39:44 | 000,000,963 | ---- | M] () -- C:\Documents and Settings\JIM\Desktop\Spybot - Search & Destroy.lnk [2010/07/11 08:59:05 | 000,153,376 | ---- | M] (Oracle) -- C:\WINDOWS\System32\javaws.exe [2010/07/11 08:59:05 | 000,145,184 | ---- | M] (Oracle) -- C:\WINDOWS\System32\javaw.exe [2010/07/11 08:59:05 | 000,145,184 | ---- | M] (Oracle) -- C:\WINDOWS\System32\java.exe [2010/07/11 08:59:05 | 000,073,728 | ---- | M] (Oracle) -- C:\WINDOWS\System32\javacpl.cpl [2010/07/11 08:59:04 | 000,423,656 | ---- | M] (Oracle) -- C:\WINDOWS\System32\deployJava1.dll [2010/07/10 06:53:22 | 000,000,090 | -HS- | M] () -- C:\WINDOWS\cnerolf.dat [2010/07/01 19:41:37 | 000,000,686 | ---- | M] () -- C:\WINDOWS\System32\drivers\etc\hosts.20100711-102301.backup [2010/07/01 12:12:14 | 000,003,922 | ---- | M] () -- C:\Documents and Settings\JIM\My Documents\Ohlman work history June.wpd [2010/07/01 03:09:04 | 000,003,501 | ---- | M] () -- C:\Documents and Settings\JIM\all [2010/06/30 08:04:07 | 000,001,729 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Adobe Reader 9.lnk [2010/06/29 13:05:25 | 000,000,800 | ---- | M] () -- C:\Documents and Settings\JIM\Application Data\Microsoft\Internet Explorer\Quick Launch\Windows Media Player.lnk [2010/06/28 21:10:54 | 000,000,520 | ---- | M] () -- C:\WINDOWS\System32\drivers\kgpcpy.cfg [2010/06/24 06:26:41 | 000,000,338 | ---- | M] () -- C:\WINDOWS\wininit.ini [2010/06/23 08:20:22 | 000,000,697 | ---- | M] () -- C:\Documents and Settings\JIM\Desktop\Shortcut to ATF-Cleaner.exe.lnk [2010/06/10 08:45:14 | 000,008,472 | ---- | M] () -- C:\Documents and Settings\JIM\My Documents\James M.wpd [2010/06/10 06:31:09 | 000,012,872 | ---- | M] (SurfRight B.V.) -- C:\WINDOWS\System32\bootdelete.exe [2010/05/31 20:32:58 | 000,385,880 | ---- | M] (McAfee, Inc.) -- C:\WINDOWS\System32\drivers\mfehidk.sys [2010/05/23 13:25:44 | 000,025,992 | ---- | M] (Sysinternals - www.sysinternals.com) -- C:\WINDOWS\System32\pgdfgsvc.exe [color=#E56717]========== Files Created - No Company Name ==========[/color] [2010/08/19 07:49:41 | 000,000,719 | ---- | C] () -- C:\Documents and Settings\JIM\Desktop\PC Matic.lnk [2010/08/18 05:36:43 | 002,359,350 | ---- | C] () -- C:\Documents and Settings\JIM\My Documents\services logitech.bmp [2010/08/17 15:07:15 | 002,359,350 | ---- | C] () -- C:\Documents and Settings\JIM\My Documents\1st entry for Logitech drv details.bmp [2010/08/17 15:05:14 | 002,359,350 | ---- | C] () -- C:\Documents and Settings\JIM\My Documents\2nd entry for Logitech drv details.bmp [2010/08/17 15:01:50 | 002,359,350 | ---- | C] () -- C:\Documents and Settings\JIM\My Documents\3rd entry for Logitech drv details.bmp [2010/08/17 14:58:52 | 002,359,350 | ---- | C] () -- C:\Documents and Settings\JIM\My Documents\device mgr for Logitech.bmp [2010/08/16 17:33:22 | 000,685,736 | ---- | C] () -- C:\Documents and Settings\JIM\device manager [2010/08/13 14:00:02 | 000,710,462 | ---- | C] () -- C:\Documents and Settings\JIM\My Documents\04.jpg [2010/08/09 09:23:28 | 000,001,562 | ---- | C] () -- C:\WINDOWS\uninstall_bootracer [2010/08/04 16:50:53 | 000,000,385 | -H-- | C] () -- C:\Documents and Settings\All Users\Documents\bootracer.ini [2010/08/04 16:50:45 | 000,001,563 | ---- | C] () -- C:\WINDOWS\bootracer [2010/08/03 13:25:55 | 000,018,226 | ---- | C] () -- C:\Documents and Settings\JIM\My Documents\vid12_edited.jpg [2010/08/03 13:25:31 | 000,077,633 | ---- | C] () -- C:\Documents and Settings\JIM\My Documents\pic45.jpg [2010/08/03 13:25:23 | 000,017,627 | ---- | C] () -- C:\Documents and Settings\JIM\My Documents\vid14_edited.jpg [2010/08/03 13:25:12 | 000,022,875 | ---- | C] () -- C:\Documents and Settings\JIM\My Documents\vid10_edited.jpg [2010/08/03 12:58:25 | 000,034,346 | ---- | C] () -- C:\Documents and Settings\JIM\My Documents\prod_1523_3.jpg [2010/08/03 12:57:44 | 000,073,576 | ---- | C] () -- C:\Documents and Settings\JIM\My Documents\9357_Pink_Girdle_600.jpg [2010/08/03 12:54:35 | 000,031,102 | ---- | C] () -- C:\Documents and Settings\JIM\My Documents\earlathlf4.jpg [2010/08/02 04:38:44 | 000,109,864 | ---- | C] () -- C:\Documents and Settings\LocalService\Local Settings\Application Data\FontCache3.0.0.0.dat [2010/07/21 17:45:14 | 000,016,965 | ---- | C] () -- C:\WINDOWS\System32\Config.MPF [2010/07/21 17:44:38 | 000,000,671 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\McAfee Security Center.lnk [2010/07/21 17:40:08 | 000,000,336 | ---- | C] () -- C:\WINDOWS\tasks\McDefragTask.job [2010/07/21 17:40:06 | 000,000,314 | ---- | C] () -- C:\WINDOWS\tasks\McQcTask.job [2010/07/21 17:01:30 | 000,000,782 | ---- | C] () -- C:\Documents and Settings\JIM\Desktop\Shortcut to CAYahooAntispy.lnk [2010/07/21 07:43:59 | 000,001,620 | ---- | C] () -- C:\Documents and Settings\JIM\Application Data\Microsoft\Internet Explorer\Quick Launch\Mozilla Firefox.lnk [2010/07/21 07:43:59 | 000,001,602 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Mozilla Firefox.lnk [2010/07/21 07:04:29 | 000,364,870 | ---- | C] () -- C:\Documents and Settings\JIM\My Documents\Desktop Background.bmp [2010/07/14 13:59:59 | 000,000,708 | ---- | C] () -- C:\Documents and Settings\JIM\Desktop\Malwarebytes' Anti-Malware.lnk [2010/07/10 06:53:22 | 000,000,090 | -HS- | C] () -- C:\WINDOWS\cnerolf.dat [2010/07/01 12:12:14 | 000,003,922 | ---- | C] () -- C:\Documents and Settings\JIM\My Documents\Ohlman work history June.wpd [2010/07/01 03:09:03 | 000,003,501 | ---- | C] () -- C:\Documents and Settings\JIM\all [2010/06/30 07:53:12 | 000,000,032 | ---- | C] () -- C:\WINDOWS\vb_mconf.ini [2010/06/29 18:14:27 | 000,160,217 | ---- | C] () -- C:\WINDOWS\System32\PowerToysLicense.rtf [2010/06/29 13:05:24 | 000,000,800 | ---- | C] () -- C:\Documents and Settings\JIM\Application Data\Microsoft\Internet Explorer\Quick Launch\Windows Media Player.lnk [2010/06/29 12:43:57 | 000,001,632 | ---- | C] () -- C:\Documents and Settings\JIM\Desktop\Update Checker.lnk [2010/06/28 21:10:27 | 000,000,520 | ---- | C] () -- C:\WINDOWS\System32\drivers\kgpcpy.cfg [2010/06/24 07:24:54 | 000,811,008 | ---- | C] () -- C:\WINDOWS\gmer.exe [2010/06/23 08:20:22 | 000,000,697 | ---- | C] () -- C:\Documents and Settings\JIM\Desktop\Shortcut to ATF-Cleaner.exe.lnk [2010/06/22 05:22:49 | 000,001,604 | ---- | C] () -- C:\Documents and Settings\JIM\Desktop\CDBurnerXP.lnk [2010/06/22 05:22:48 | 000,007,168 | ---- | C] () -- C:\WINDOWS\System32\drivers\StarOpen.sys [2010/06/10 08:45:14 | 000,008,472 | ---- | C] () -- C:\Documents and Settings\JIM\My Documents\James M.wpd [2010/06/10 06:13:56 | 000,016,968 | ---- | C] () -- C:\WINDOWS\System32\drivers\hitmanpro35.sys [2010/02/17 19:00:02 | 000,000,040 | ---- | C] () -- C:\WINDOWS\WeatherSet2.ini [2010/01/28 07:21:07 | 000,000,107 | ---- | C] () -- C:\WINDOWS\RFP.ini [2009/11/29 07:02:30 | 000,000,005 | ---- | C] () -- C:\Program Files\Vickers F.B.27A Vimyran.fca [2009/11/29 07:02:30 | 000,000,005 | ---- | C] () -- C:\Program Files\Vickers F.B.27A Vimympg.fca [2009/11/29 07:02:29 | 000,000,007 | ---- | C] () -- C:\Program Files\Piper J-3C-65 Cubmpg.fca [2009/11/29 07:02:29 | 000,000,007 | ---- | C] () -- C:\Program Files\Bombardier LearJet 45ran.fca [2009/11/29 07:02:29 | 000,000,006 | ---- | C] () -- C:\Program Files\Ryan NYP Spirit of St. Louismpg.fca [2009/11/29 07:02:29 | 000,000,006 | ---- | C] () -- C:\Program Files\Robinson R22 Beta IIran.fca [2009/11/29 07:02:29 | 000,000,006 | ---- | C] () -- C:\Program Files\Robinson R22 Beta IImpg.fca [2009/11/29 07:02:29 | 000,000,006 | ---- | C] () -- C:\Program Files\Mooney M20M Bravompg.fca [2009/11/29 07:02:29 | 000,000,006 | ---- | C] () -- C:\Program Files\Model 5C Vegampg.fca [2009/11/29 07:02:29 | 000,000,006 | ---- | C] () -- C:\Program Files\Model 5B Vegampg.fca [2009/11/29 07:02:29 | 000,000,006 | ---- | C] () -- C:\Program Files\Ford 4-AT-E Tri-Motormpg.fca [2009/11/29 07:02:29 | 000,000,006 | ---- | C] () -- C:\Program Files\Bombardier LearJet 45mpg.fca [2009/11/29 07:02:29 | 000,000,005 | ---- | C] () -- C:\Program Files\Ryan NYP Spirit of St. Louisran.fca [2009/11/29 07:02:29 | 000,000,005 | ---- | C] () -- C:\Program Files\Model 5C Vegaran.fca [2009/11/29 07:02:29 | 000,000,005 | ---- | C] () -- C:\Program Files\Model 5B Vegaran.fca [2009/11/29 07:02:29 | 000,000,005 | ---- | C] () -- C:\Program Files\Ford 4-AT-E Tri-Motorran.fca [2009/11/29 07:02:29 | 000,000,004 | ---- | C] () -- C:\Program Files\Piper J-3C-65 Cubran.fca [2009/11/29 07:02:29 | 000,000,004 | ---- | C] () -- C:\Program Files\Mooney M20M Bravoran.fca [2009/11/29 07:02:28 | 000,000,007 | ---- | C] () -- C:\Program Files\Cessna Skylane Model 182Smpg.fca [2009/11/29 07:02:28 | 000,000,007 | ---- | C] () -- C:\Program Files\Cessna Skyhawk SP Model 172mpg.fca [2009/11/29 07:02:28 | 000,000,007 | ---- | C] () -- C:\Program Files\Boeing 777-300ran.fca [2009/11/29 07:02:28 | 000,000,006 | ---- | C] () -- C:\Program Files\Extra 300Sran.fca [2009/11/29 07:02:28 | 000,000,006 | ---- | C] () -- C:\Program Files\Extra 300Smpg.fca [2009/11/29 07:02:28 | 000,000,006 | ---- | C] () -- C:\Program Files\Douglas DC-3mpg.fca [2009/11/29 07:02:28 | 000,000,006 | ---- | C] () -- C:\Program Files\de Havilland DH-88 Cometmpg.fca [2009/11/29 07:02:28 | 000,000,006 | ---- | C] () -- C:\Program Files\Curtiss JN-4D Jennympg.fca [2009/11/29 07:02:28 | 000,000,006 | ---- | C] () -- C:\Program Files\Cessna Grand Caravanmpg.fca [2009/11/29 07:02:28 | 000,000,006 | ---- | C] () -- C:\Program Files\Cessna Caravan Amphibianmpg.fca [2009/11/29 07:02:28 | 000,000,005 | ---- | C] () -- C:\Program Files\Douglas DC-3ran.fca [2009/11/29 07:02:28 | 000,000,005 | ---- | C] () -- C:\Program Files\de Havilland DH-88 Cometran.fca [2009/11/29 07:02:28 | 000,000,005 | ---- | C] () -- C:\Program Files\Cessna Grand Caravanran.fca [2009/11/29 07:02:28 | 000,000,005 | ---- | C] () -- C:\Program Files\Cessna Caravan Amphibianran.fca [2009/11/29 07:02:28 | 000,000,004 | ---- | C] () -- C:\Program Files\Curtiss JN-4D Jennyran.fca [2009/11/29 07:02:28 | 000,000,004 | ---- | C] () -- C:\Program Files\Cessna Skylane Model 182Sran.fca [2009/11/29 07:02:28 | 000,000,004 | ---- | C] () -- C:\Program Files\Cessna Skyhawk SP Model 172ran.fca [2009/11/29 07:02:27 | 000,000,484 | ---- | C] () -- C:\Program Files\aircraft.lfc [2009/11/29 07:02:27 | 000,000,360 | ---- | C] () -- C:\Program Files\avsim.diz [2009/11/29 07:02:27 | 000,000,020 | ---- | C] () -- C:\Program Files\g21engn2.DT3 [2009/11/29 07:02:27 | 000,000,007 | ---- | C] () -- C:\Program Files\Boeing 747-400ran.fca [2009/11/29 07:02:27 | 000,000,007 | ---- | C] () -- C:\Program Files\Beechcraft Baron 58mpg.fca [2009/11/29 07:02:27 | 000,000,006 | ---- | C] () -- C:\Program Files\Boeing 777-300mpg.fca [2009/11/29 07:02:27 | 000,000,006 | ---- | C] () -- C:\Program Files\Boeing 747-400mpg.fca [2009/11/29 07:02:27 | 000,000,006 | ---- | C] () -- C:\Program Files\Boeing 737-400ran.fca [2009/11/29 07:02:27 | 000,000,006 | ---- | C] () -- C:\Program Files\Boeing 737-400mpg.fca [2009/11/29 07:02:27 | 000,000,006 | ---- | C] () -- C:\Program Files\Bell 106B JetRanger IIImpg.fca [2009/11/29 07:02:27 | 000,000,006 | ---- | C] () -- C:\Program Files\Beechcraft King Air 350mpg.fca [2009/11/29 07:02:27 | 000,000,005 | ---- | C] () -- C:\Program Files\Beechcraft King Air 350ran.fca [2009/11/29 07:02:27 | 000,000,005 | ---- | C] () -- C:\Program Files\Beechcraft Baron 58ran.fca [2009/11/29 07:02:27 | 000,000,004 | ---- | C] () -- C:\Program Files\Bell 106B JetRanger IIIran.fca [2009/11/29 07:02:26 | 000,000,152 | ---- | C] () -- C:\Program Files\sound2.txt [2009/11/29 07:02:26 | 000,000,020 | ---- | C] () -- C:\Program Files\g21engn1.DT3 [2009/11/29 07:02:26 | 000,000,004 | ---- | C] () -- C:\Program Files\SceneryStatus.DAT [2009/11/29 07:02:26 | 000,000,004 | ---- | C] () -- C:\Program Files\pc12ddl.hobbs [2009/11/22 15:49:52 | 000,000,760 | ---- | C] () -- C:\Documents and Settings\JIM\Application Data\setup_ldm.iss [2009/05/14 17:49:11 | 000,306,688 | ---- | C] () -- C:\WINDOWS\System32\Lffpx7.dll [2009/05/14 17:49:11 | 000,095,232 | ---- | C] () -- C:\WINDOWS\System32\Lfkodak.dll [2009/05/14 17:21:44 | 000,089,088 | ---- | C] () -- C:\WINDOWS\System32\hpgt33.dll [2009/03/24 13:50:32 | 000,061,678 | ---- | C] () -- C:\Documents and Settings\JIM\Application Data\PFP100JPR.{PB [2009/03/24 13:50:32 | 000,012,358 | ---- | C] () -- C:\Documents and Settings\JIM\Application Data\PFP100JCM.{PB [2009/01/30 08:24:06 | 000,000,250 | ---- | C] () -- C:\WINDOWS\gmer.ini [2009/01/30 08:24:01 | 000,884,736 | ---- | C] () -- C:\WINDOWS\gmer.dll [2009/01/28 10:24:54 | 000,000,231 | ---- | C] () -- C:\WINDOWS\AC3API.INI [2009/01/28 10:24:19 | 000,002,092 | ---- | C] () -- C:\WINDOWS\System32\P16X.ini [2009/01/28 10:24:19 | 000,000,026 | ---- | C] () -- C:\WINDOWS\System32\ctzapxx.ini [2009/01/28 10:24:18 | 000,047,616 | ---- | C] () -- C:\WINDOWS\System32\P16X.dll [2009/01/28 10:24:13 | 000,006,175 | ---- | C] () -- C:\WINDOWS\MIXDEF.INI [2009/01/28 10:24:13 | 000,005,917 | ---- | C] () -- C:\WINDOWS\SBMIXDEF.INI [2009/01/28 10:24:11 | 000,000,064 | ---- | C] () -- C:\WINDOWS\P16x.ini [2009/01/20 13:45:04 | 000,000,754 | ---- | C] () -- C:\WINDOWS\WORDPAD.INI [2009/01/16 10:11:54 | 000,037,888 | ---- | C] () -- C:\WINDOWS\System32\setupnt.dll [2009/01/05 15:44:10 | 000,000,453 | ---- | C] () -- C:\WINDOWS\bdoscandellang.ini [2009/01/05 11:22:53 | 000,006,048 | ---- | C] () -- C:\WINDOWS\System32\MCC16.dll [2009/01/04 14:59:56 | 000,000,338 | ---- | C] () -- C:\WINDOWS\wininit.ini [2008/12/19 17:01:15 | 000,073,216 | ---- | C] () -- C:\Documents and Settings\JIM\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini [2008/12/16 14:18:58 | 000,000,245 | ---- | C] () -- C:\WINDOWS\SBWIN.INI [2008/12/16 13:57:30 | 000,065,536 | ---- | C] () -- C:\WINDOWS\System32\YCRWin32.dll [2008/12/16 13:43:06 | 000,012,288 | ---- | C] () -- C:\WINDOWS\System32\e100bmsg.dll [2008/02/18 12:58:32 | 000,041,472 | ---- | C] () -- C:\WINDOWS\System32\esftchk2.dll [2006/10/22 13:22:00 | 001,662,976 | ---- | C] () -- C:\WINDOWS\System32\nvwdmcpl.dll [2006/10/22 13:22:00 | 001,019,904 | ---- | C] () -- C:\WINDOWS\System32\nvwimg.dll [2006/10/22 13:22:00 | 000,581,632 | ---- | C] () -- C:\WINDOWS\System32\nvhwvid.dll [2006/10/22 13:22:00 | 000,286,720 | ---- | C] () -- C:\WINDOWS\System32\nvnt4cpl.dll [2006/10/22 13:22:00 | 000,212,992 | ---- | C] () -- C:\WINDOWS\System32\nvapi.dll [2005/08/28 22:04:04 | 000,001,257 | ---- | C] () -- C:\WINDOWS\GARMINWT.INI [2003/07/28 16:19:00 | 001,470,464 | ---- | C] () -- C:\WINDOWS\System32\nview.dll [2003/07/28 16:19:00 | 000,466,944 | ---- | C] () -- C:\WINDOWS\System32\nvshell.dll [2003/07/14 15:30:28 | 000,197,120 | ---- | C] () -- C:\WINDOWS\patchw32.dll [2000/05/13 02:05:08 | 000,000,025 | ---- | C] () -- C:\WINDOWS\Sett.ini [color=#E56717]========== LOP Check ==========[/color] [2010/06/08 09:55:37 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\ATTToolbar [2010/08/03 14:11:37 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\ATTYToolbar [2008/12/16 16:07:19 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Azureus [2010/06/22 05:23:08 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Canneverbe Limited [2008/12/16 14:07:11 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Citrix [2009/05/13 15:34:45 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\DriverCure [2010/08/01 17:55:59 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\FLAC to MP3 [2010/06/28 20:46:38 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\ParetoLogic [2010/08/19 07:39:51 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\PCPitstop [2010/06/28 20:57:48 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\SITEguard [2009/08/26 06:33:18 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Stardock [2010/08/01 18:25:55 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\TEMP [2008/12/16 13:58:51 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Visual Networks [2009/03/20 05:55:15 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\WinZip [2009/08/26 15:14:00 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\{8CD7F5AF-ECFA-4793-BF40-D8F42DBFF906} [2009/01/04 12:54:18 | 000,000,000 | ---D | M] -- C:\Documents and Settings\JIM\Application Data\ATTToolbar [2010/06/22 05:23:09 | 000,000,000 | ---D | M] -- C:\Documents and Settings\JIM\Application Data\Canneverbe Limited [2009/03/26 10:29:27 | 000,000,000 | ---D | M] -- C:\Documents and Settings\JIM\Application Data\com.adobe.mauby.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1 [2009/05/13 14:25:41 | 000,000,000 | ---D | M] -- C:\Documents and Settings\JIM\Application Data\DriverCure [2010/06/29 12:30:41 | 000,000,000 | ---D | M] -- C:\Documents and Settings\JIM\Application Data\FreeFixer [2009/01/05 09:41:53 | 000,000,000 | ---D | M] -- C:\Documents and Settings\JIM\Application Data\GlarySoft [2010/03/23 06:50:47 | 000,000,000 | ---D | M] -- C:\Documents and Settings\JIM\Application Data\HiFi [2009/10/29 05:07:58 | 000,000,000 | ---D | M] -- C:\Documents and Settings\JIM\Application Data\Leadertech [2009/05/13 14:54:34 | 000,000,000 | ---D | M] -- C:\Documents and Settings\JIM\Application Data\OfficeUpdate12 [2009/05/21 21:47:26 | 000,000,000 | ---D | M] -- C:\Documents and Settings\JIM\Application Data\SCAP Conversion Tool for DCM [2010/08/01 10:10:03 | 000,000,000 | ---D | M] -- C:\Documents and Settings\JIM\Application Data\SystemRequirementsLab [2010/02/06 11:42:48 | 000,000,000 | ---D | M] -- C:\Documents and Settings\JIM\Application Data\TS3Client [2009/12/05 06:27:17 | 000,000,000 | ---D | M] -- C:\Documents and Settings\JIM\Application Data\Windows Search [2010/08/02 04:53:29 | 000,000,000 | ---D | M] -- C:\Documents and Settings\JIM\Application Data\WinPatrol [2010/07/21 17:40:08 | 000,000,336 | ---- | M] () -- C:\WINDOWS\Tasks\McDefragTask.job [2010/07/21 17:40:07 | 000,000,314 | ---- | M] () -- C:\WINDOWS\Tasks\McQcTask.job [color=#E56717]========== Purity Check ==========[/color] [color=#E56717]========== Custom Scans ==========[/color] [color=#A23BEC]< >[/color] [color=#A23BEC]< %SYSTEMDRIVE%\*.* >[/color] [2008/12/16 13:25:08 | 000,000,000 | ---- | M] () -- C:\AUTOEXEC.BAT [2009/03/14 07:21:11 | 3032,550,400 | ---- | M] () -- C:\Backup.bkf [2010/07/31 10:56:14 | 000,000,211 | -HS- | M] () -- C:\boot.ini [2008/12/16 13:25:08 | 000,000,000 | ---- | M] () -- C:\CONFIG.SYS [2009/01/28 08:00:00 | 000,000,016 | ---- | M] () -- C:\h.txt [2009/01/27 07:46:08 | 000,020,254 | ---- | M] () -- C:\HijackPatrol.log [2008/12/16 13:25:08 | 000,000,000 | RHS- | M] () -- C:\IO.SYS [2010/08/13 10:27:39 | 000,038,196 | ---- | M] () -- C:\JavaRa.log [2009/11/21 12:53:01 | 000,000,053 | ---- | M] () -- C:\loc.CFG [2008/12/16 13:25:08 | 000,000,000 | RHS- | M] () -- C:\MSDOS.SYS [2003/05/28 18:10:12 | 000,656,107 | ---- | M] () -- C:\msxml4.cab [2003/04/21 22:49:48 | 000,669,184 | ---- | M] () -- C:\msxml4sxs32.msm [2003/04/21 22:49:44 | 000,679,424 | ---- | M] () -- C:\msxml4sys32.msm [2008/12/16 14:50:46 | 000,047,564 | RHS- | M] () -- C:\NTDETECT.COM [2009/01/26 23:03:31 | 000,250,048 | RHS- | M] () -- C:\ntldr [2008/12/16 14:13:55 | 000,000,000 | ---- | M] () -- C:\nvlog.txt [2010/08/20 03:27:02 | 1207,959,552 | -HS- | M] () -- C:\pagefile.sys [2010/07/01 18:54:29 | 000,037,028 | ---- | M] () -- C:\TDSSKiller.2.3.2.0_01.07.2010_18.54.04_log.txt [2010/07/04 11:54:04 | 000,037,024 | ---- | M] () -- C:\TDSSKiller.2.3.2.0_04.07.2010_11.52.59_log.txt [2010/07/07 07:42:32 | 000,037,024 | ---- | M] () -- C:\TDSSKiller.2.3.2.0_07.07.2010_07.41.24_log.txt [2010/06/28 23:14:25 | 000,036,814 | ---- | M] () -- C:\TDSSKiller.2.3.2.0_28.06.2010_23.13.57_log.txt [2010/06/29 07:24:17 | 000,036,810 | ---- | M] () -- C:\TDSSKiller.2.3.2.0_29.06.2010_07.23.09_log.txt [2010/08/20 03:21:10 | 000,039,316 | ---- | M] () -- C:\TDSSKiller.2.4.0.0_20.08.2010_03.20.17_log.txt [2010/07/30 19:33:39 | 000,039,550 | ---- | M] () -- C:\TDSSKiller.2.4.0.0_30.07.2010_19.32.52_log.txt [2009/03/08 08:12:22 | 000,000,249 | ---- | M] () -- C:\tempwp.log [2009/01/05 09:36:08 | 000,000,191 | ---- | M] () -- C:\UpdateSC.LOG [2009/11/21 12:53:01 | 000,000,005 | ---- | M] () -- C:\user.CFG [2004/03/17 18:13:46 | 001,028,368 | ---- | M] (Microsoft Corporation) -- C:\vbrun60sp6.exe [2010/06/24 07:02:41 | 000,000,136 | ---- | M] () -- C:\VundoFix.txt [2003/04/21 22:49:40 | 003,433,472 | ---- | M] () -- C:\xmlsdkdoc.msm [color=#A23BEC]< %systemroot%\system32\*.wt >[/color] [color=#A23BEC]< %systemroot%\system32\*.ruy >[/color] [color=#A23BEC]< %systemroot%\Fonts\*.com >[/color] [2006/04/18 15:39:28 | 000,026,040 | ---- | M] () -- C:\WINDOWS\Fonts\GlobalMonospace.CompositeFont [2006/06/29 14:53:56 | 000,026,489 | ---- | M] () -- C:\WINDOWS\Fonts\GlobalSansSerif.CompositeFont [2006/04/18 15:39:28 | 000,029,779 | ---- | M] () -- C:\WINDOWS\Fonts\GlobalSerif.CompositeFont [2006/06/29 14:58:52 | 000,030,808 | ---- | M] () -- C:\WINDOWS\Fonts\GlobalUserInterface.CompositeFont [color=#A23BEC]< %systemroot%\Fonts\*.dll >[/color] [color=#A23BEC]< %systemroot%\Fonts\*.ini >[/color] [2008/12/16 13:24:44 | 000,000,067 | -HS- | M] () -- C:\WINDOWS\Fonts\desktop.ini [color=#A23BEC]< %systemroot%\Fonts\*.ini2 >[/color] [color=#A23BEC]< %systemroot%\system32\spool\prtprocs\w32x86\*.* >[/color] [2008/07/06 08:06:10 | 000,089,088 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\spool\prtprocs\w32x86\filterpipelineprintproc.dll [2008/07/06 06:50:03 | 000,597,504 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\spool\prtprocs\w32x86\printfilterpipelinesvc.exe [color=#A23BEC]< %systemroot%\REPAIR\*.bak1 >[/color] [color=#A23BEC]< %systemroot%\REPAIR\*.ini >[/color] [color=#A23BEC]< %systemroot%\system32\*.jpg >[/color] [color=#A23BEC]< %systemroot%\*.scr >[/color] [color=#A23BEC]< %systemroot%\*._sy >[/color] [color=#A23BEC]< %APPDATA%\Adobe\Update\*.* >[/color] [color=#A23BEC]< %ALLUSERSPROFILE%\Favorites\*.* >[/color] [color=#A23BEC]< %APPDATA%\Microsoft\*.* >[/color] [color=#A23BEC]< %PROGRAMFILES%\*.* >[/color] [2009/11/29 07:02:27 | 000,000,484 | ---- | M] () -- C:\Program Files\aircraft.lfc [2009/11/29 07:02:27 | 000,000,360 | ---- | M] () -- C:\Program Files\avsim.diz [2009/11/29 07:02:27 | 000,000,007 | ---- | M] () -- C:\Program Files\Beechcraft Baron 58mpg.fca [2009/11/29 07:02:27 | 000,000,005 | ---- | M] () -- C:\Program Files\Beechcraft Baron 58ran.fca [2009/11/29 07:02:27 | 000,000,006 | ---- | M] () -- C:\Program Files\Beechcraft King Air 350mpg.fca [2009/11/29 07:02:27 | 000,000,005 | ---- | M] () -- C:\Program Files\Beechcraft King Air 350ran.fca [2009/11/29 07:02:27 | 000,000,006 | ---- | M] () -- C:\Program Files\Bell 106B JetRanger IIImpg.fca [2009/11/29 07:02:27 | 000,000,004 | ---- | M] () -- C:\Program Files\Bell 106B JetRanger IIIran.fca [2009/11/29 07:02:27 | 000,000,006 | ---- | M] () -- C:\Program Files\Boeing 737-400mpg.fca [2009/11/29 07:02:27 | 000,000,006 | ---- | M] () -- C:\Program Files\Boeing 737-400ran.fca [2009/11/29 07:02:27 | 000,000,006 | ---- | M] () -- C:\Program Files\Boeing 747-400mpg.fca [2009/11/29 07:02:27 | 000,000,007 | ---- | M] () -- C:\Program Files\Boeing 747-400ran.fca [2009/11/29 07:02:28 | 000,000,006 | ---- | M] () -- C:\Program Files\Boeing 777-300mpg.fca [2009/11/29 07:02:28 | 000,000,007 | ---- | M] () -- C:\Program Files\Boeing 777-300ran.fca [2009/11/29 07:02:29 | 000,000,006 | ---- | M] () -- C:\Program Files\Bombardier LearJet 45mpg.fca [2009/11/29 07:02:29 | 000,000,007 | ---- | M] () -- C:\Program Files\Bombardier LearJet 45ran.fca [2009/11/29 07:02:28 | 000,000,006 | ---- | M] () -- C:\Program Files\Cessna Caravan Amphibianmpg.fca [2009/11/29 07:02:28 | 000,000,005 | ---- | M] () -- C:\Program Files\Cessna Caravan Amphibianran.fca [2009/11/29 07:02:28 | 000,000,006 | ---- | M] () -- C:\Program Files\Cessna Grand Caravanmpg.fca [2009/11/29 07:02:28 | 000,000,005 | ---- | M] () -- C:\Program Files\Cessna Grand Caravanran.fca [2009/11/29 07:02:28 | 000,000,007 | ---- | M] () -- C:\Program Files\Cessna Skyhawk SP Model 172mpg.fca [2009/11/29 07:02:28 | 000,000,004 | ---- | M] () -- C:\Program Files\Cessna Skyhawk SP Model 172ran.fca [2009/11/29 07:02:28 | 000,000,007 | ---- | M] () -- C:\Program Files\Cessna Skylane Model 182Smpg.fca [2009/11/29 07:02:28 | 000,000,004 | ---- | M] () -- C:\Program Files\Cessna Skylane Model 182Sran.fca [2009/11/29 07:02:28 | 000,000,006 | ---- | M] () -- C:\Program Files\Curtiss JN-4D Jennympg.fca [2009/11/29 07:02:28 | 000,000,004 | ---- | M] () -- C:\Program Files\Curtiss JN-4D Jennyran.fca [2009/11/29 07:02:28 | 000,000,006 | ---- | M] () -- C:\Program Files\de Havilland DH-88 Cometmpg.fca [2009/11/29 07:02:28 | 000,000,005 | ---- | M] () -- C:\Program Files\de Havilland DH-88 Cometran.fca [2009/11/29 07:02:28 | 000,000,006 | ---- | M] () -- C:\Program Files\Douglas DC-3mpg.fca [2009/11/29 07:02:28 | 000,000,005 | ---- | M] () -- C:\Program Files\Douglas DC-3ran.fca [2009/11/29 07:02:28 | 000,000,006 | ---- | M] () -- C:\Program Files\Extra 300Smpg.fca [2009/11/29 07:02:29 | 000,000,006 | ---- | M] () -- C:\Program Files\Extra 300Sran.fca [2009/11/29 07:02:29 | 000,000,006 | ---- | M] () -- C:\Program Files\Ford 4-AT-E Tri-Motormpg.fca [2009/11/29 07:02:29 | 000,000,005 | ---- | M] () -- C:\Program Files\Ford 4-AT-E Tri-Motorran.fca [2009/11/29 07:02:27 | 000,000,020 | ---- | M] () -- C:\Program Files\g21engn1.DT3 [2009/11/29 07:02:27 | 000,000,020 | ---- | M] () -- C:\Program Files\g21engn2.DT3 [2009/11/29 07:02:29 | 000,000,006 | ---- | M] () -- C:\Program Files\Model 5B Vegampg.fca [2009/11/29 07:02:29 | 000,000,005 | ---- | M] () -- C:\Program Files\Model 5B Vegaran.fca [2009/11/29 07:02:29 | 000,000,006 | ---- | M] () -- C:\Program Files\Model 5C Vegampg.fca [2009/11/29 07:02:29 | 000,000,005 | ---- | M] () -- C:\Program Files\Model 5C Vegaran.fca [2009/11/29 07:02:29 | 000,000,006 | ---- | M] () -- C:\Program Files\Mooney M20M Bravompg.fca [2009/11/29 07:02:29 | 000,000,004 | ---- | M] () -- C:\Program Files\Mooney M20M Bravoran.fca [2009/11/29 07:02:26 | 000,000,004 | ---- | M] () -- C:\Program Files\pc12ddl.hobbs [2009/11/29 07:02:29 | 000,000,007 | ---- | M] () -- C:\Program Files\Piper J-3C-65 Cubmpg.fca [2009/11/29 07:02:29 | 000,000,004 | ---- | M] () -- C:\Program Files\Piper J-3C-65 Cubran.fca [2009/11/29 07:02:29 | 000,000,006 | ---- | M] () -- C:\Program Files\Robinson R22 Beta IImpg.fca [2009/11/29 07:02:29 | 000,000,006 | ---- | M] () -- C:\Program Files\Robinson R22 Beta IIran.fca [2009/11/29 07:02:29 | 000,000,006 | ---- | M] () -- C:\Program Files\Ryan NYP Spirit of St. Louismpg.fca [2009/11/29 07:02:30 | 000,000,005 | ---- | M] () -- C:\Program Files\Ryan NYP Spirit of St. Louisran.fca [2009/11/29 07:02:26 | 000,000,004 | ---- | M] () -- C:\Program Files\SceneryStatus.DAT [2009/11/29 07:02:26 | 000,000,152 | ---- | M] () -- C:\Program Files\sound2.txt [2004/03/17 18:13:46 | 001,028,368 | ---- | M] (Microsoft Corporation) -- C:\Program Files\vbrun60sp6.exe [2009/11/29 07:02:30 | 000,000,005 | ---- | M] () -- C:\Program Files\Vickers F.B.27A Vimympg.fca [2009/11/29 07:02:30 | 000,000,005 | ---- | M] () -- C:\Program Files\Vickers F.B.27A Vimyran.fca [color=#A23BEC]< %APPDATA%\Update\*.* >[/color] [color=#A23BEC]< %systemroot%\*. /mp /s >[/color] [color=#A23BEC]< %systemroot%\system32\*.dll /lockedfiles >[/color] [2008/04/13 20:11:51 | 001,267,200 | ---- | M] (Microsoft Corporation)[b] Unable to obtain MD5[/b] -- C:\WINDOWS\system32\comsvcs.dll [color=#A23BEC]< %systemroot%\Tasks\*.job /lockedfiles >[/color] [color=#A23BEC]< %systemroot%\System32\config\*.sav >[/color] [2008/12/16 07:57:45 | 000,094,208 | ---- | M] () -- C:\WINDOWS\system32\config\default.sav [2008/12/16 07:57:45 | 000,602,112 | ---- | M] () -- C:\WINDOWS\system32\config\software.sav [2008/12/16 07:57:45 | 000,409,600 | ---- | M] () -- C:\WINDOWS\system32\config\system.sav [color=#A23BEC]< %systemroot%\system32\user32.dll /md5 >[/color] [2008/04/13 20:12:08 | 000,578,560 | ---- | M] (Microsoft Corporation) MD5=B26B135FF1B9F60C9388B4A7D16F600B -- C:\WINDOWS\system32\user32.dll [color=#A23BEC]< %systemroot%\system32\ws2_32.dll /md5 >[/color] [2008/04/13 20:12:10 | 000,082,432 | ---- | M] (Microsoft Corporation) MD5=853EF0AA50AB0FDB0605E6C686EB0A94 -- C:\WINDOWS\system32\ws2_32.dll [color=#A23BEC]< %systemroot%\system32\ws2help.dll /md5 >[/color] [2008/04/13 20:12:10 | 000,019,968 | ---- | M] (Microsoft Corporation) MD5=9789E95E1D88EEB4B922BF3EA7779C28 -- C:\WINDOWS\system32\ws2help.dll [color=#A23BEC]< HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate\AU >[/color] [color=#A23BEC]< HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update\Results\Install|LastSuccessTime /rs >[/color] HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update\Results\Install\\LastSuccessTime: 2010-08-12 03:49:55 < End of report >