OTL logfile created on: 9/2/2010 2:37:39 PM - Run 1 OTL by OldTimer - Version 3.2.11.0 Folder = C:\Documents and Settings\VETERAN\Desktop Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation Internet Explorer (Version = 8.0.6001.18702) Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy 1,014.00 Mb Total Physical Memory | 491.00 Mb Available Physical Memory | 48.00% Memory free 2.00 Gb Paging File | 2.00 Gb Available in Paging File | 83.00% Paging File free Paging file location(s): C:\pagefile.sys 1524 3048 [binary data] %SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files Drive C: | 68.46 Gb Total Space | 52.72 Gb Free Space | 77.01% Space Free | Partition Type: NTFS D: Drive not present or media not loaded E: Drive not present or media not loaded F: Drive not present or media not loaded G: Drive not present or media not loaded H: Drive not present or media not loaded I: Drive not present or media not loaded Computer Name: JGN0ZC1 Current User Name: VETERAN Logged in as Administrator. Current Boot Mode: Normal Scan Mode: Current user Company Name Whitelist: On Skip Microsoft Files: On File Age = 90 Days Output = Minimal Quick Scan [color=#E56717]========== Processes (SafeList) ==========[/color] PRC - C:\Documents and Settings\VETERAN\Desktop\OTL.exe (OldTimer Tools) PRC - C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe (Apple Inc.) PRC - C:\Program Files\Webroot\WebrootSecurity\WRConsumerService.exe (Webroot Software, Inc. ) PRC - C:\Program Files\Webroot\WebrootSecurity\SpySweeperUI.exe (Webroot Software, Inc.) PRC - C:\Program Files\Webroot\WebrootSecurity\SpySweeper.exe (Webroot Software, Inc. (www.webroot.com)) PRC - C:\Program Files\Logitech\Logitech Vid\Vid.exe (Logitech Inc.) PRC - C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe (Microsoft Corporation) PRC - C:\Program Files\Logitech\Logitech WebCam Software\LWS.exe () PRC - C:\Program Files\Common Files\LogiShrd\LQCVFX\COCIManager.exe () PRC - C:\Program Files\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exe (Logitech Inc.) PRC - C:\Program Files\Yahoo!\SoftwareUpdate\YahooAUService.exe (Yahoo! Inc.) PRC - C:\WINDOWS\explorer.exe (Microsoft Corporation) PRC - C:\Program Files\Real\RealPlayer\realplay.exe (RealNetworks, Inc.) PRC - C:\WINDOWS\system32\Crypserv.exe (CrypKey (Canada) Ltd.) PRC - C:\Program Files\Analog Devices\Core\smax4pnp.exe (Analog Devices, Inc.) PRC - C:\Program Files\Broadcom\ASFIPMon\AsfIpMon.exe (Broadcom Corporation) PRC - C:\WINDOWS\system32\HPZipm12.exe (HP) PRC - C:\Program Files\EarthLink 5.0\updatemgr.exe (EarthLink, Inc.) PRC - C:\WINDOWS\system32\mrtmngr.exe (Marimba Inc.) [color=#E56717]========== Modules (SafeList) ==========[/color] MOD - C:\Documents and Settings\VETERAN\Desktop\OTL.exe (OldTimer Tools) MOD - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\pdfshell.dll (Adobe Systems, Inc.) MOD - C:\Program Files\Webroot\WebrootSecurity\Backup\CtxMenu_1_0_0_10.dll (SOS Online Backup) MOD - C:\WINDOWS\WinSxS\x86_Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.4053_x-ww_e6967989\msvcr80.dll (Microsoft Corporation) MOD - C:\WINDOWS\system32\msvcp60.dll (Microsoft Corporation) MOD - C:\WINDOWS\system32\msscript.ocx (Microsoft Corporation) MOD - C:\WINDOWS\system32\xpsp2res.dll (Microsoft Corporation) [color=#E56717]========== Win32 Services (SafeList) ==========[/color] SRV - (Apple Mobile Device) -- C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe (Apple Inc.) SRV - (WRConsumerService) -- C:\Program Files\Webroot\WebrootSecurity\WRConsumerService.exe (Webroot Software, Inc. ) SRV - (WebrootSpySweeperService) -- C:\Program Files\Webroot\WebrootSecurity\SpySweeper.exe (Webroot Software, Inc. (www.webroot.com)) SRV - (fsssvc) -- C:\Program Files\Windows Live\Family Safety\fsssvc.exe (Microsoft Corporation) SRV - (SeaPort) -- C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe (Microsoft Corporation) SRV - (LVPrcSrv) -- C:\Program Files\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exe (Logitech Inc.) SRV - (YahooAUService) -- C:\Program Files\Yahoo!\SoftwareUpdate\YahooAUService.exe (Yahoo! Inc.) SRV - (Crypkey License) -- C:\WINDOWS\System32\Crypserv.exe (CrypKey (Canada) Ltd.) SRV - (ASFIPmon) -- C:\Program Files\Broadcom\ASFIPMon\AsfIpMon.exe (Broadcom Corporation) SRV - (Pml Driver HPZ12) -- C:\WINDOWS\system32\HPZipm12.exe (HP) [color=#E56717]========== Driver Services (SafeList) ==========[/color] DRV - (MBAMSwissArmy) -- C:\WINDOWS\system32\drivers\mbamswissarmy.sys (Malwarebytes Corporation) DRV - (ssidrv) -- C:\WINDOWS\system32\DRIVERS\ssidrv.sys (Webroot Software, Inc. (www.webroot.com)) DRV - (sshrmd) -- C:\WINDOWS\system32\DRIVERS\sshrmd.sys (Webroot Software, Inc. (www.webroot.com)) DRV - (ssfs0bbc) -- C:\WINDOWS\system32\DRIVERS\ssfs0bbc.sys (Webroot Software, Inc. (www.webroot.com)) DRV - (fssfltr) -- C:\WINDOWS\system32\drivers\fssfltr_tdi.sys (Microsoft Corporation) DRV - (PID_0928) Logitech QuickCam Express(PID_0928) -- C:\WINDOWS\system32\drivers\LV561AV.SYS (Logitech Inc.) DRV - (LVPr2Mon) -- C:\WINDOWS\system32\drivers\LVPr2Mon.sys () DRV - (amdagp) -- C:\WINDOWS\system32\DRIVERS\amdagp.sys (Advanced Micro Devices, Inc.) DRV - (sisagp) -- C:\WINDOWS\system32\DRIVERS\sisagp.sys (Silicon Integrated Systems Corporation) DRV - (HDAudBus) -- C:\WINDOWS\system32\drivers\hdaudbus.sys (Windows (R) Server 2003 DDK provider) DRV - (Ai2sXP) -- C:\WINDOWS\System32\drivers\Ai2sXP.sys (Ai Squared ) DRV - (LVUSBSta) -- C:\WINDOWS\system32\drivers\LVUSBSta.sys (Logitech Inc.) DRV - (b57w2k) -- C:\WINDOWS\system32\drivers\b57xp32.sys (Broadcom Corporation) DRV - (ialm) -- C:\WINDOWS\system32\drivers\igxpmp32.sys (Intel Corporation) DRV - (ADIHdAudAddService) -- C:\WINDOWS\system32\drivers\ADIHdAud.sys (Analog Devices, Inc.) DRV - (SenFiltService) -- C:\WINDOWS\system32\drivers\senfilt.sys (Sensaura) DRV - (NetworkX) -- C:\WINDOWS\system32\ckldrv.sys () DRV - (nv) -- C:\WINDOWS\system32\drivers\nv4_mini.sys (NVIDIA Corporation) DRV - (bvrp_pci) -- C:\WINDOWS\System32\drivers\bvrp_pci.sys () DRV - (HSFHWBS2) -- C:\WINDOWS\system32\drivers\HSFHWBS2.sys (Conexant Systems, Inc.) DRV - (winachsf) -- C:\WINDOWS\system32\drivers\HSF_CNXT.sys (Conexant Systems, Inc.) DRV - (HSF_DP) -- C:\WINDOWS\system32\drivers\HSF_DP.sys (Conexant Systems, Inc.) DRV - (pfc) -- C:\WINDOWS\system32\drivers\pfc.sys (Padus, Inc.) DRV - (BASFND) -- C:\Program Files\Broadcom\ASFIPMon\BASFND.sys (Broadcom Corporation) DRV - (Sparrow) -- C:\WINDOWS\system32\DRIVERS\sparrow.sys (Adaptec, Inc.) DRV - (sym_u3) -- C:\WINDOWS\system32\DRIVERS\sym_u3.sys (LSI Logic) DRV - (sym_hi) -- C:\WINDOWS\system32\DRIVERS\sym_hi.sys (LSI Logic) DRV - (symc8xx) -- C:\WINDOWS\system32\DRIVERS\symc8xx.sys (LSI Logic) DRV - (symc810) -- C:\WINDOWS\system32\DRIVERS\symc810.sys (Symbios Logic Inc.) DRV - (MODEMCSA) -- C:\WINDOWS\system32\drivers\MODEMCSA.sys (Microsoft Corporation) DRV - (ultra) -- C:\WINDOWS\system32\DRIVERS\ultra.sys (Promise Technology, Inc.) DRV - (ql12160) -- C:\WINDOWS\system32\DRIVERS\ql12160.sys (QLogic Corporation) DRV - (ql1080) -- C:\WINDOWS\system32\DRIVERS\ql1080.sys (QLogic Corporation) DRV - (ql1280) -- C:\WINDOWS\system32\DRIVERS\ql1280.sys (QLogic Corporation) DRV - (dac2w2k) -- C:\WINDOWS\system32\DRIVERS\dac2w2k.sys (Mylex Corporation) DRV - (mraid35x) -- C:\WINDOWS\system32\DRIVERS\mraid35x.sys (American Megatrends Inc.) DRV - (asc) -- C:\WINDOWS\system32\DRIVERS\asc.sys (Advanced System Products, Inc.) DRV - (asc3550) -- C:\WINDOWS\system32\DRIVERS\asc3550.sys (Advanced System Products, Inc.) DRV - (AliIde) -- C:\WINDOWS\system32\DRIVERS\aliide.sys (Acer Laboratories Inc.) DRV - (CmdIde) -- C:\WINDOWS\system32\DRIVERS\cmdide.sys (CMD Technology, Inc.) DRV - (BrPar) -- C:\WINDOWS\System32\drivers\BrPar.sys (Brother Industries Ltd.) [color=#E56717]========== Standard Registry (SafeList) ==========[/color] [color=#E56717]========== Internet Explorer ==========[/color] IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,CustomSearch = http://us.rd.yahoo.com/customize/ie/defaults/cs/msgr9/*http://www.yahoo.com/ext/search/search.html IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://us.rd.yahoo.com/customize/ie/defaults/sp/msgr9/*http://www.yahoo.com IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,SearchDefaultBranded = 1 IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.yahoo.com/?fr=fp-yie8 IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://www.msn.com/ IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = en-us IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 1 [color=#E56717]========== FireFox ==========[/color] FF - prefs.js..extensions.enabledItems: {635abd67-4fe9-1b23-4f01-e679fa7484c1}:1.6.2.20080910 FF - prefs.js..network.proxy.no_proxies_on: "localhost,127.0.0.1" FF - prefs.js..network.proxy.type: 1 [2008/12/02 06:45:07 | 000,000,000 | ---D | M] -- C:\Documents and Settings\VETERAN\Application Data\Mozilla\Extensions [2008/12/02 06:45:07 | 000,000,000 | ---D | M] -- C:\Documents and Settings\VETERAN\Application Data\Mozilla\Firefox\Profiles\0viua6ku.default\extensions [2008/12/02 06:45:40 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\VETERAN\Application Data\Mozilla\Firefox\Profiles\0viua6ku.default\extensions\{635abd67-4fe9-1b23-4f01-e679fa7484c1} [2008/12/02 06:52:11 | 000,000,000 | ---D | M] -- C:\Program Files\Mozilla Firefox\extensions [2008/12/02 06:52:11 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions\{635abd67-4fe9-1b23-4f01-e679fa7484c1} O1 HOSTS File: ([2010/01/07 13:53:51 | 000,000,734 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\HOSTS O1 - Hosts: 127.0.0.1 localhost O2 - BHO: (&Yahoo! Toolbar Helper) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn0\yt.dll (Yahoo! Inc.) O2 - BHO: (AhIeBho Class) - {10384d0e-2bc1-48b6-844b-ad0e9e6d2511} - C:\Program Files\ZoomText 9.1\ahoi\ah_ie_bho.dll (Ai Squared ) O2 - BHO: (Search Helper) - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll (Microsoft Corporation) O2 - BHO: (SSVHelper Class) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_09\bin\ssv.dll (Sun Microsystems, Inc.) O2 - BHO: (Google Toolbar Helper) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.) O2 - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.5.5126.1836\swg.dll (Google Inc.) O2 - BHO: (Ask.com Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll (Ask.com) O2 - BHO: (Windows Live Toolbar Helper) - {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} - C:\Program Files\Windows Live\Toolbar\wltcore.dll (Microsoft Corporation) O2 - BHO: (SingleInstance Class) - {FDAD4DA1-61A2-4FD8-9C17-86F7AC245081} - C:\Program Files\Yahoo!\Companion\Installs\cpn0\YTSingleInstance.dll (Yahoo! Inc) O3 - HKLM\..\Toolbar: (&Windows Live Toolbar) - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Program Files\Windows Live\Toolbar\wltcore.dll (Microsoft Corporation) O3 - HKLM\..\Toolbar: (Google Toolbar) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.) O3 - HKLM\..\Toolbar: (AVG Security Toolbar) - {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - C:\Program Files\AVG\AVG8\Toolbar\IEToolbar.dll File not found O3 - HKLM\..\Toolbar: (Ask.com Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll (Ask.com) O3 - HKLM\..\Toolbar: (Yahoo! Toolbar) - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn0\yt.dll (Yahoo! Inc.) O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found. O3 - HKCU\..\Toolbar\WebBrowser: (&Windows Live Toolbar) - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Program Files\Windows Live\Toolbar\wltcore.dll (Microsoft Corporation) O3 - HKCU\..\Toolbar\WebBrowser: (Google Toolbar) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.) O3 - HKCU\..\Toolbar\WebBrowser: (AVG Security Toolbar) - {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - C:\Program Files\AVG\AVG8\Toolbar\IEToolbar.dll File not found O3 - HKCU\..\Toolbar\WebBrowser: (Ask.com Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll (Ask.com) O4 - HKLM..\Run: [KernelFaultCheck] File not found O4 - HKLM..\Run: [LogitechQuickCamRibbon] C:\Program Files\Logitech\Logitech WebCam Software\LWS.exe () O4 - HKLM..\Run: [RealTray] C:\Program Files\Real\RealPlayer\RealPlay.exe (RealNetworks, Inc.) O4 - HKLM..\Run: [SoundMAXPnP] C:\Program Files\Analog Devices\Core\smax4pnp.exe (Analog Devices, Inc.) O4 - HKLM..\Run: [SpySweeper] C:\Program Files\Webroot\WebrootSecurity\SpySweeperUI.exe (Webroot Software, Inc.) O4 - HKLM..\Run: [UpdateMgr.exe] C:\Program Files\EarthLink 5.0\updatemgr.exe (EarthLink, Inc.) O4 - HKCU..\Run: [Logitech Vid] C:\Program Files\Logitech\Logitech Vid\vid.exe (Logitech Inc.) O4 - HKCU..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe (Google Inc.) O4 - HKCU..\RunOnce: [Shockwave Updater] C:\WINDOWS\System32\Adobe\SHOCKW~1\SWHELP~1.EXE -Update -1103471 -Mozilla\4.0 (compatible; MSIE 7.0; Windows NT 5.1; Trident\4.0; File not found O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1 O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145 O9 - Extra 'Tools' menuitem : Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_09\bin\NPJPI150_09.dll (Sun Microsystems, Inc.) O9 - Extra Button: Blog This - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll (Microsoft Corporation) O9 - Extra 'Tools' menuitem : &Blog This in Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll (Microsoft Corporation) O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.) O15 - HKCU\..Trusted Domains: adultfriendfinder.com ([profile] https in Trusted sites) O15 - HKCU\..Trusted Domains: adultfriendfinder.com ([secure] https in Trusted sites) O15 - HKCU\..Trusted Domains: yahoo.com ([us.mg4.mail] https in Trusted sites) O15 - HKCU\..Trusted Domains: yahoo.com ([www] http in Trusted sites) O15 - HKCU\..Trusted Domains: yahoo.com ([www] https in Trusted sites) O16 - DPF: {05CA9FB0-3E3E-4B36-BF41-0E3A5CAA8CD8} http://download.microsoft.com/download/e/7/3/e7345c16-80aa-4488-ae10-9ac6be844f99/OGAControl.cab (Office Genuine Advantage Validation Tool) O16 - DPF: {166B1BCA-3F9C-11CF-8075-444553540000} http://download.macromedia.com/pub/shockwave/cabs/director/sw.cab (Shockwave ActiveX Control) O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} http://download.microsoft.com/download/3/9/8/398422c0-8d3e-40e1-a617-af65a72a0465/LegitCheckControl.cab (Windows Genuine Advantage Validation Tool) O16 - DPF: {48DD0448-9209-4F81-9F6D-D83562940134} http://lads.myspace.com/upload/MySpaceUploader1006.cab (MySpace Uploader Control) O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} http://update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1159902408703 (WUWebControl Class) O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} http://update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1159902991781 (MUWebControl Class) O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.5.0/jinstall-1_5_0_09-windows-i586.cab (Java Plug-in 1.5.0_09) O16 - DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} http://fpdownload.macromedia.com/get/flashplayer/current/polarbear/ultrashim.cab (Reg Error: Key error.) O16 - DPF: {C7DB51B4-BCF7-4923-8874-7F1A0DC92277} http://office.microsoft.com/officeupdate/content/opuc4.cab (Office Update Installation Engine) O16 - DPF: {CAFEEFAC-0015-0000-0006-ABCDEFFEDCBA} http://java.sun.com/update/1.5.0/jinstall-1_5_0_06-windows-i586.cab (Java Plug-in 1.5.0_06) O16 - DPF: {CAFEEFAC-0015-0000-0009-ABCDEFFEDCBA} http://java.sun.com/update/1.5.0/jinstall-1_5_0_09-windows-i586.cab (Java Plug-in 1.5.0_09) O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.5.0/jinstall-1_5_0_09-windows-i586.cab (Java Plug-in 1.5.0_09) O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab (Shockwave Flash Object) O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 209.18.47.61 209.18.47.62 O18 - Protocol\Handler\wlmailhtml {03C514A3-1EFB-4856-9F99-10D7BE1653C0} - C:\Program Files\Windows Live\Mail\mailcomm.dll (Microsoft Corporation) O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation) O20 - Winlogon\Notify\igfxcui: DllName - igfxdev.dll - C:\WINDOWS\System32\igfxdev.dll (Intel Corporation) O24 - Desktop WallPaper: C:\Documents and Settings\VETERAN\Local Settings\Application Data\Microsoft\Wallpaper1.bmp O24 - Desktop BackupWallPaper: C:\Documents and Settings\VETERAN\Local Settings\Application Data\Microsoft\Wallpaper1.bmp O32 - HKLM CDRom: AutoRun - 1 O32 - AutoRun File - [2004/08/11 18:15:00 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ] O33 - MountPoints2\{eb431ffd-e4af-11dd-9f41-0019b934bbff}\Shell - "" = AutoRun O33 - MountPoints2\{eb431ffd-e4af-11dd-9f41-0019b934bbff}\Shell\AutoRun - "" = Auto&Play O33 - MountPoints2\{eb431ffd-e4af-11dd-9f41-0019b934bbff}\Shell\AutoRun\command - "" = E:\DPFMate.exe -- File not found O33 - MountPoints2\E\Shell - "" = AutoRun O33 - MountPoints2\E\Shell\AutoRun - "" = Auto&Play O33 - MountPoints2\E\Shell\AutoRun\command - "" = E:\LaunchU3.exe -- File not found O34 - HKLM BootExecute: (autocheck autochk *) - File not found O35 - HKLM\..comfile [open] -- "%1" %* O35 - HKLM\..exefile [open] -- "%1" %* O37 - HKLM\...com [@ = comfile] -- "%1" %* O37 - HKLM\...exe [@ = exefile] -- "%1" %* NetSvcs: 6to4 - File not found NetSvcs: Ias - File not found NetSvcs: Iprip - File not found NetSvcs: Irmon - File not found NetSvcs: LanmanWorkstation - File not found NetSvcs: Messenger - File not found NetSvcs: NWCWorkstation - File not found NetSvcs: Nwsapagent - File not found NetSvcs: WmdmPmSp - File not found Drivers32: msacm.iac2 - C:\WINDOWS\system32\iac25_32.ax (Intel Corporation) Drivers32: msacm.l3acm - C:\WINDOWS\system32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS) Drivers32: msacm.siren - C:\WINDOWS\System32\sirenacm.dll (Microsoft Corporation) Drivers32: msacm.sl_anet - C:\WINDOWS\System32\sl_anet.acm (Sipro Lab Telecom Inc.) Drivers32: msacm.trspch - C:\WINDOWS\System32\tssoft32.acm (DSP GROUP, INC.) Drivers32: MSVideo - C:\WINDOWS\System32\vfwwdm32.dll (Microsoft Corporation) Drivers32: MSVideo8 - C:\WINDOWS\System32\vfwwdm32.dll (Microsoft Corporation) Drivers32: vidc.cvid - C:\WINDOWS\System32\iccvid.dll (Radius Inc.) Drivers32: VIDC.I420 - C:\WINDOWS\System32\lvcodec2.dll (Logitech Inc.) Drivers32: vidc.iv31 - C:\WINDOWS\System32\ir32_32.dll () Drivers32: vidc.iv32 - C:\WINDOWS\System32\ir32_32.dll () Drivers32: vidc.iv41 - C:\WINDOWS\System32\ir41_32.ax (Intel Corporation) Drivers32: vidc.iv50 - C:\WINDOWS\System32\ir50_32.dll (Intel Corporation) Drivers32: wave - C:\WINDOWS\System32\serwvdrv.dll (Microsoft Corporation) CREATERESTOREPOINT Restore point Set: OTL Restore Point (16902109354000384) [color=#E56717]========== Files/Folders - Created Within 90 Days ==========[/color] [2010/09/02 14:26:24 | 000,574,976 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\VETERAN\Desktop\OTL.exe [2010/09/02 11:06:40 | 000,000,000 | ---D | C] -- C:\Documents and Settings\VETERAN\Application Data\Malwarebytes [2010/09/02 11:06:31 | 000,038,224 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbamswissarmy.sys [2010/09/02 11:06:29 | 000,020,952 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbam.sys [2010/09/02 11:06:29 | 000,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware [2010/09/02 11:06:29 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Malwarebytes [2010/09/02 11:05:28 | 000,000,000 | ---D | C] -- C:\WINDOWS\ERDNT [2010/09/02 11:04:44 | 000,000,000 | ---D | C] -- C:\Program Files\ERUNT [2010/09/02 10:51:24 | 000,000,000 | ---D | C] -- C:\Documents and Settings\VETERAN\Desktop\Malware removal [2010/08/31 13:01:49 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy [2010/08/31 12:58:35 | 000,000,000 | ---D | C] -- C:\Documents and Settings\VETERAN\Application Data\U3 [2010/07/13 16:04:00 | 000,000,000 | ---D | C] -- C:\Documents and Settings\VETERAN\Local Settings\Application Data\Temp [2010/07/06 22:13:02 | 000,000,000 | ---D | C] -- C:\Documents and Settings\NetworkService\Local Settings\Application Data\Apple [2010/07/04 20:04:00 | 000,000,000 | ---D | C] -- C:\Documents and Settings\NetworkService\Local Settings\Application Data\Google [2010/07/04 19:59:40 | 000,000,000 | ---D | C] -- C:\Documents and Settings\LocalService\Local Settings\Application Data\Google [2010/07/03 23:19:57 | 000,000,000 | ---D | C] -- C:\Documents and Settings\VETERAN\Local Settings\Application Data\Apple [2010/07/03 23:19:42 | 000,000,000 | ---D | C] -- C:\Program Files\Apple Software Update [2010/07/03 23:17:23 | 000,000,000 | ---D | C] -- C:\Program Files\Bonjour [2010/07/03 23:15:48 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Apple [2010/07/03 23:15:48 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Apple [2010/07/03 23:11:21 | 000,000,000 | ---D | C] -- C:\Documents and Settings\VETERAN\Local Settings\Application Data\Apple Computer [2010/06/18 22:49:49 | 000,000,000 | ---D | C] -- C:\3f7fbbd9b12a51b4a70acc5371fedbdd [2010/06/18 21:13:49 | 000,000,000 | ---D | C] -- C:\Program Files\NOS [2010/06/18 20:03:31 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\McAfee [1 C:\Documents and Settings\VETERAN\My Documents\*.tmp files -> C:\Documents and Settings\VETERAN\My Documents\*.tmp -> ] [color=#E56717]========== Files - Modified Within 90 Days ==========[/color] [2010/09/02 14:36:25 | 000,001,158 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl [2010/09/02 14:34:49 | 000,000,882 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job [2010/09/02 14:34:43 | 000,000,006 | -H-- | M] () -- C:\WINDOWS\tasks\SA.DAT [2010/09/02 14:34:41 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat [2010/09/02 11:51:58 | 000,000,426 | -H-- | M] () -- C:\WINDOWS\tasks\User_Feed_Synchronization-{EDC264B8-7932-48CD-AF02-4CDEBD5F2469}.job [2010/09/02 11:49:32 | 000,574,976 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\VETERAN\Desktop\OTL.exe [2010/09/02 11:15:53 | 005,505,024 | ---- | M] () -- C:\Documents and Settings\VETERAN\ntuser.dat [2010/09/02 11:15:53 | 000,000,278 | -HS- | M] () -- C:\Documents and Settings\VETERAN\ntuser.ini [2010/09/02 11:15:28 | 006,347,184 | -H-- | M] () -- C:\Documents and Settings\VETERAN\Local Settings\Application Data\IconCache.db [2010/09/02 11:06:33 | 000,000,696 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Malwarebytes' Anti-Malware.lnk [2010/09/02 11:04:04 | 000,000,886 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job [2010/09/02 11:01:00 | 000,000,238 | ---- | M] () -- C:\WINDOWS\tasks\Scheduled Update for Ask Toolbar.job [2010/09/02 10:28:55 | 000,024,576 | ---- | M] () -- C:\Documents and Settings\VETERAN\My Documents\newcover2.doc [2010/09/02 10:26:41 | 000,064,512 | ---- | M] () -- C:\Documents and Settings\VETERAN\My Documents\Tom Hanson_mt_modssup.doc [2010/08/31 22:13:01 | 000,000,284 | ---- | M] () -- C:\WINDOWS\tasks\AppleSoftwareUpdate.job [2010/08/31 12:10:49 | 000,001,650 | ---- | M] () -- C:\WINDOWS\tasks\wrSpySweeper_L598B8299E0CC46E28CEC5398D61F2518.job [2010/08/25 12:16:16 | 000,019,968 | ---- | M] () -- C:\Documents and Settings\VETERAN\My Documents\Chase's.doc [2010/08/25 12:02:03 | 000,002,497 | ---- | M] () -- C:\Documents and Settings\VETERAN\Desktop\Word.lnk [2010/08/24 13:58:37 | 000,019,968 | ---- | M] () -- C:\Documents and Settings\VETERAN\My Documents\faxcovertom.doc [2010/08/24 13:57:59 | 000,019,968 | ---- | M] () -- C:\Documents and Settings\VETERAN\My Documents\faxresume.doc [2010/08/23 22:36:46 | 000,019,968 | ---- | M] () -- C:\Documents and Settings\VETERAN\Desktop\Chase's.doc [2010/08/23 22:36:20 | 000,019,968 | ---- | M] () -- C:\Documents and Settings\VETERAN\Desktop\Chase.doc [2010/08/23 21:49:01 | 000,019,968 | ---- | M] () -- C:\Documents and Settings\VETERAN\My Documents\Tom Hanson_mt_mods.doc [2010/08/23 21:02:31 | 000,003,584 | ---- | M] () -- C:\Documents and Settings\VETERAN\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini [2010/08/23 17:34:05 | 000,001,729 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Adobe Reader 9.lnk [2010/08/23 12:44:27 | 000,000,162 | -H-- | M] () -- C:\Documents and Settings\VETERAN\My Documents\~$m Hanson_mt_mods.doc [2010/08/12 03:25:25 | 000,414,264 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT [2010/08/12 03:09:23 | 000,001,374 | ---- | M] () -- C:\WINDOWS\imsins.BAK [2010/08/12 03:07:26 | 000,552,150 | ---- | M] () -- C:\WINDOWS\System32\PerfStringBackup.INI [2010/08/12 03:07:26 | 000,476,530 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat [2010/08/12 03:07:26 | 000,085,754 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat [2010/08/02 10:08:15 | 000,023,552 | ---- | M] () -- C:\Documents and Settings\VETERAN\My Documents\newcover.doc [2010/06/30 10:32:35 | 002,083,652 | ---- | M] () -- C:\Documents and Settings\VETERAN\My Documents\amycodmegrad.JPG [2010/06/30 10:31:09 | 002,083,652 | ---- | M] () -- C:\Documents and Settings\VETERAN\My Documents\odymegrd.JPG [1 C:\Documents and Settings\VETERAN\My Documents\*.tmp files -> C:\Documents and Settings\VETERAN\My Documents\*.tmp -> ] [color=#E56717]========== Files Created - No Company Name ==========[/color] [2010/09/02 11:06:33 | 000,000,696 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Malwarebytes' Anti-Malware.lnk [2010/08/25 12:16:16 | 000,019,968 | ---- | C] () -- C:\Documents and Settings\VETERAN\My Documents\Chase's.doc [2010/08/24 13:58:36 | 000,019,968 | ---- | C] () -- C:\Documents and Settings\VETERAN\My Documents\faxcovertom.doc [2010/08/24 13:53:04 | 000,019,968 | ---- | C] () -- C:\Documents and Settings\VETERAN\My Documents\faxresume.doc [2010/08/23 22:36:46 | 000,019,968 | ---- | C] () -- C:\Documents and Settings\VETERAN\Desktop\Chase's.doc [2010/08/23 22:35:55 | 000,019,968 | ---- | C] () -- C:\Documents and Settings\VETERAN\Desktop\Chase.doc [2010/08/23 22:12:10 | 000,002,497 | ---- | C] () -- C:\Documents and Settings\VETERAN\Desktop\Word.lnk [2010/08/23 17:34:05 | 000,001,729 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Adobe Reader 9.lnk [2010/08/23 12:44:27 | 000,000,162 | -H-- | C] () -- C:\Documents and Settings\VETERAN\My Documents\~$m Hanson_mt_mods.doc [2010/08/22 19:24:57 | 000,001,650 | ---- | C] () -- C:\WINDOWS\tasks\wrSpySweeper_L598B8299E0CC46E28CEC5398D61F2518.job [2010/07/04 19:59:36 | 000,000,886 | ---- | C] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job [2010/07/04 19:59:36 | 000,000,882 | ---- | C] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job [2010/07/03 23:20:01 | 000,000,284 | ---- | C] () -- C:\WINDOWS\tasks\AppleSoftwareUpdate.job [2010/06/30 10:32:31 | 002,083,652 | ---- | C] () -- C:\Documents and Settings\VETERAN\My Documents\amycodmegrad.JPG [2010/06/30 10:31:06 | 002,083,652 | ---- | C] () -- C:\Documents and Settings\VETERAN\My Documents\odymegrd.JPG [2010/06/09 18:04:07 | 005,505,024 | ---- | C] () -- C:\Documents and Settings\VETERAN\ntuser.dat [2009/11/06 13:00:28 | 000,031,088 | ---- | C] () -- C:\WINDOWS\System32\wrLZMA.dll [2009/08/03 15:07:42 | 000,403,816 | ---- | C] () -- C:\WINDOWS\System32\OGACheckControl.dll [2009/08/03 06:36:43 | 000,000,039 | ---- | C] () -- C:\WINDOWS\updatemgr.INI [2009/05/08 10:13:04 | 000,013,584 | ---- | C] () -- C:\WINDOWS\System32\drivers\iKeyLFT2.dll [2009/04/30 16:00:12 | 000,025,624 | ---- | C] () -- C:\WINDOWS\System32\drivers\LVPr2Mon.sys [2008/11/22 20:50:01 | 000,004,096 | -H-- | C] () -- C:\Documents and Settings\VETERAN\Local Settings\Application Data\keyfile3.drm [2008/07/05 08:26:02 | 000,003,584 | ---- | C] () -- C:\Documents and Settings\VETERAN\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini [2007/10/22 12:48:04 | 000,004,272 | ---- | C] () -- C:\WINDOWS\System32\drivers\bvrp_pci.sys [2007/10/12 02:11:58 | 000,082,289 | ---- | C] () -- C:\WINDOWS\System32\lvcoinst.ini [2007/10/02 11:12:22 | 000,000,035 | ---- | C] () -- C:\WINDOWS\Earthlink.INI [2007/10/02 10:48:56 | 000,000,026 | ---- | C] () -- C:\WINDOWS\ERegClnt.INI [2007/09/28 10:50:30 | 000,036,363 | ---- | C] () -- C:\WINDOWS\CSTBox.INI [2007/02/09 20:26:04 | 000,000,000 | ---- | C] () -- C:\WINDOWS\System32\px.ini [2007/01/25 14:25:07 | 000,000,379 | ---- | C] () -- C:\WINDOWS\pagebreeze.ini [2007/01/25 14:25:07 | 000,000,044 | ---- | C] () -- C:\WINDOWS\formbreeze.ini [2006/12/19 12:26:50 | 000,000,399 | ---- | C] () -- C:\WINDOWS\MAXLINK.INI [2006/12/18 15:49:21 | 000,000,083 | ---- | C] () -- C:\WINDOWS\Crypkey.ini [2006/12/18 15:49:18 | 000,031,846 | ---- | C] () -- C:\WINDOWS\System32\Ckldrv.sys [2006/12/18 15:49:18 | 000,018,432 | ---- | C] () -- C:\WINDOWS\Setup_ck.dll [2006/12/18 15:49:05 | 000,000,380 | ---- | C] () -- C:\WINDOWS\dcmuser.ini [2006/12/18 15:39:22 | 000,000,090 | ---- | C] () -- C:\WINDOWS\TestSupp.ini [2006/11/29 13:16:37 | 000,000,376 | ---- | C] () -- C:\WINDOWS\ODBC.INI [2006/11/28 09:51:43 | 000,000,410 | ---- | C] () -- C:\WINDOWS\BRWMARK.INI [2006/11/28 09:51:30 | 000,000,023 | ---- | C] () -- C:\WINDOWS\BRDIAG.INI [2006/11/28 09:51:30 | 000,000,012 | ---- | C] () -- C:\WINDOWS\Brownie.ini [2006/11/28 09:51:30 | 000,000,011 | ---- | C] () -- C:\WINDOWS\BRVIDEO.INI [2006/11/28 09:51:24 | 000,026,624 | ---- | C] () -- C:\WINDOWS\System32\BRGSRC32.DLL [2006/11/28 09:51:24 | 000,004,608 | ---- | C] () -- C:\WINDOWS\System32\BRGSRC16.DLL [2006/11/27 12:49:10 | 000,000,883 | ---- | C] () -- C:\Documents and Settings\All Users\Application Data\hpzinstall.log [2006/11/14 09:15:36 | 000,001,004 | ---- | C] () -- C:\WINDOWS\System32\OEMINFO.INI [2006/11/02 09:27:46 | 000,000,518 | ---- | C] () -- C:\WINDOWS\System32\SP207.ini [2006/09/25 22:19:01 | 000,000,061 | ---- | C] () -- C:\WINDOWS\smscfg.ini [2006/09/25 22:17:24 | 000,000,263 | ---- | C] () -- C:\WINDOWS\wininit.ini [2006/09/25 21:55:20 | 000,348,880 | ---- | C] () -- C:\WINDOWS\System32\igmedkrn.dll [2006/09/25 21:55:20 | 000,192,512 | ---- | C] () -- C:\WINDOWS\System32\igfxCoIn_v4642.dll [2006/05/31 17:06:18 | 000,040,960 | ---- | C] () -- C:\WINDOWS\System32\LDWaveIO.dll [2006/05/31 17:06:17 | 000,032,768 | ---- | C] () -- C:\WINDOWS\System32\IsatITC.dll [2006/05/16 02:25:43 | 000,077,824 | ---- | C] () -- C:\WINDOWS\System32\hpzids01.dll [2004/08/11 18:24:19 | 000,000,791 | ---- | C] () -- C:\WINDOWS\orun32.ini [2004/08/11 18:11:31 | 000,001,793 | ---- | C] () -- C:\WINDOWS\System32\fxsperf.ini [2004/08/11 18:00:29 | 001,291,264 | ---- | C] () -- C:\WINDOWS\System32\quartz(2).dll [2003/01/07 16:05:08 | 000,002,695 | ---- | C] () -- C:\WINDOWS\System32\OUTLPERF.INI [color=#E56717]========== LOP Check ==========[/color] [2007/06/21 15:20:19 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Acronis [2010/01/04 19:02:06 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Geek Squad [2006/12/19 12:26:49 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\ScanSoft [2007/09/13 18:09:23 | 000,000,000 | ---D | M] -- C:\Documents and Settings\VETERAN\Application Data\Ai Squared [2006/11/27 16:30:20 | 000,000,000 | ---D | M] -- C:\Documents and Settings\VETERAN\Application Data\Canon [2008/11/29 17:48:52 | 000,000,000 | ---D | M] -- C:\Documents and Settings\VETERAN\Application Data\com.adobe.mauby.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1 [2007/06/21 13:42:55 | 000,000,000 | ---D | M] -- C:\Documents and Settings\VETERAN\Application Data\Leadertech [2006/11/09 10:11:19 | 000,000,000 | ---D | M] -- C:\Documents and Settings\VETERAN\Application Data\Nvu [2007/06/21 14:11:46 | 000,000,000 | ---D | M] -- C:\Documents and Settings\VETERAN\Application Data\OfficeUpdate12 [2006/12/19 12:26:47 | 000,000,000 | ---D | M] -- C:\Documents and Settings\VETERAN\Application Data\ScanSoft [2009/12/21 20:50:27 | 000,000,000 | ---D | M] -- C:\Documents and Settings\VETERAN\Application Data\W Photo Studio Viewer [2010/09/02 11:01:00 | 000,000,238 | ---- | M] () -- C:\WINDOWS\Tasks\Scheduled Update for Ask Toolbar.job [2010/09/02 11:51:58 | 000,000,426 | -H-- | M] () -- C:\WINDOWS\Tasks\User_Feed_Synchronization-{EDC264B8-7932-48CD-AF02-4CDEBD5F2469}.job [2010/08/31 12:10:49 | 000,001,650 | ---- | M] () -- C:\WINDOWS\Tasks\wrSpySweeper_L598B8299E0CC46E28CEC5398D61F2518.job [color=#E56717]========== Purity Check ==========[/color] [color=#E56717]========== Custom Scans ==========[/color] [color=#A23BEC]< %SYSTEMDRIVE%\*.* >[/color] [2004/08/11 18:15:00 | 000,000,000 | ---- | M] () -- C:\AUTOEXEC.BAT [2010/01/05 03:53:04 | 000,000,211 | RHS- | M] () -- C:\boot.ini [2007/05/16 20:21:36 | 000,000,206 | ---- | M] () -- C:\CKINFO.TXT [2004/08/11 18:15:00 | 000,000,000 | ---- | M] () -- C:\CONFIG.SYS [2006/09/25 21:56:16 | 000,005,241 | RH-- | M] () -- C:\dell.sdr [2010/01/05 03:39:26 | 000,001,396 | ---- | M] () -- C:\detestfrag.txt [2006/10/30 16:20:31 | 000,004,128 | ---- | M] () -- C:\INFCACHE.1 [2004/08/11 18:15:00 | 000,000,000 | -H-- | M] () -- C:\IO.SYS [2004/08/11 18:15:00 | 000,000,000 | -H-- | M] () -- C:\MSDOS.SYS [2004/08/04 06:00:00 | 000,047,564 | RHS- | M] () -- C:\NTDETECT.COM [2008/09/27 10:36:30 | 000,250,048 | RHS- | M] () -- C:\ntldr [2009/08/03 21:36:10 | 000,262,144 | ---- | M] () -- C:\ntuser.dat [2009/08/03 21:36:10 | 000,001,024 | -H-- | M] () -- C:\ntuser.dat.LOG [2010/09/02 14:34:39 | 1598,029,824 | -HS- | M] () -- C:\pagefile.sys [2008/09/12 17:18:55 | 000,000,150 | ---- | M] () -- C:\YServer.txt [color=#A23BEC]< %systemroot%\Fonts\*.com >[/color] [2006/04/18 15:39:28 | 000,026,040 | ---- | M] () -- C:\WINDOWS\Fonts\GlobalMonospace.CompositeFont [2006/06/29 14:53:56 | 000,026,489 | ---- | M] () -- C:\WINDOWS\Fonts\GlobalSansSerif.CompositeFont [2006/04/18 15:39:28 | 000,029,779 | ---- | M] () -- C:\WINDOWS\Fonts\GlobalSerif.CompositeFont [2006/06/29 14:58:52 | 000,030,808 | ---- | M] () -- C:\WINDOWS\Fonts\GlobalUserInterface.CompositeFont [color=#A23BEC]< %systemroot%\Fonts\*.dll >[/color] [color=#A23BEC]< %systemroot%\Fonts\*.ini >[/color] [2004/08/11 18:14:22 | 000,000,067 | -HS- | M] () -- C:\WINDOWS\Fonts\desktop.ini [color=#A23BEC]< %systemroot%\Fonts\*.ini2 >[/color] [color=#A23BEC]< %systemroot%\Fonts\*.exe >[/color] [color=#A23BEC]< %systemroot%\system32\spool\prtprocs\w32x86\*.* >[/color] [2008/07/06 08:06:10 | 000,089,088 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\spool\prtprocs\w32x86\filterpipelineprintproc.dll [2006/06/03 22:29:06 | 000,076,288 | ---- | M] (Hewlett-Packard Corporation) -- C:\WINDOWS\system32\spool\prtprocs\w32x86\hpzpp4pi.dll [2007/04/09 13:23:54 | 000,028,552 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\spool\prtprocs\w32x86\mdippr.dll [2008/07/06 06:50:03 | 000,597,504 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\spool\prtprocs\w32x86\printfilterpipelinesvc.exe [color=#A23BEC]< %systemroot%\REPAIR\*.bak1 >[/color] [color=#A23BEC]< %systemroot%\REPAIR\*.ini >[/color] [color=#A23BEC]< %systemroot%\system32\*.jpg >[/color] [color=#A23BEC]< %systemroot%\*.jpg >[/color] [color=#A23BEC]< %systemroot%\*.png >[/color] [color=#A23BEC]< %systemroot%\*.scr >[/color] [2009/07/10 13:15:46 | 000,306,544 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\WLXPGSS.SCR [color=#A23BEC]< %systemroot%\*._sy >[/color] [color=#A23BEC]< %APPDATA%\Adobe\Update\*.* >[/color] [color=#A23BEC]< %ALLUSERSPROFILE%\Favorites\*.* >[/color] [color=#A23BEC]< %APPDATA%\Microsoft\*.* >[/color] [color=#A23BEC]< %PROGRAMFILES%\*.* >[/color] [color=#A23BEC]< %APPDATA%\Update\*.* >[/color] [color=#A23BEC]< %systemroot%\*. /mp /s >[/color] [color=#A23BEC]< %systemroot%\System32\config\*.sav >[/color] [2004/08/11 18:06:14 | 000,094,208 | ---- | M] () -- C:\WINDOWS\system32\config\default.sav [2004/08/11 18:06:14 | 000,659,456 | ---- | M] () -- C:\WINDOWS\system32\config\software.sav [2004/08/11 18:06:14 | 000,876,544 | ---- | M] () -- C:\WINDOWS\system32\config\system.sav [color=#A23BEC]< %PROGRAMFILES%\bak. /s >[/color] [color=#A23BEC]< %systemroot%\system32\bak. /s >[/color] [color=#A23BEC]< %ALLUSERSPROFILE%\Start Menu\*.lnk /x >[/color] [2008/09/27 10:44:08 | 000,000,272 | -HS- | M] () -- C:\Documents and Settings\All Users\Start Menu\desktop.ini [color=#A23BEC]< %systemroot%\system32\config\systemprofile\*.dat /x >[/color] [color=#A23BEC]< %systemroot%\*.config >[/color] [color=#A23BEC]< %systemroot%\system32\*.db >[/color] [color=#A23BEC]< %APPDATA%\Microsoft\Internet Explorer\Quick Launch\*.lnk /x >[/color] [2007/06/21 13:33:38 | 000,000,119 | -HS- | M] () -- C:\Documents and Settings\VETERAN\Application Data\Microsoft\Internet Explorer\Quick Launch\desktop.ini [2004/08/11 18:20:42 | 000,000,079 | ---- | M] () -- C:\Documents and Settings\VETERAN\Application Data\Microsoft\Internet Explorer\Quick Launch\Show Desktop.scf [color=#A23BEC]< %USERPROFILE%\Desktop\*.exe >[/color] [2010/09/02 11:49:32 | 000,574,976 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\VETERAN\Desktop\OTL.exe [color=#A23BEC]< %PROGRAMFILES%\Common Files\*.* >[/color] [color=#A23BEC]< %systemroot%\*.src >[/color] [color=#A23BEC]< %systemroot%\install\*.* >[/color] [color=#A23BEC]< %systemroot%\system32\DLL\*.* >[/color] [color=#A23BEC]< %systemroot%\system32\HelpFiles\*.* >[/color] [color=#A23BEC]< %systemroot%\system32\rundll\*.* >[/color] [color=#A23BEC]< %systemroot%\winn32\*.* >[/color] [color=#A23BEC]< %systemroot%\Java\*.* >[/color] [color=#A23BEC]< %systemroot%\system32\test\*.* >[/color] [color=#A23BEC]< %systemroot%\system32\Rundll32\*.* >[/color] [color=#A23BEC]< %systemroot%\AppPatch\Custom\*.* >[/color] [color=#A23BEC]< %APPDATA%\Roaming\Microsoft\Windows\Recent\*.lnk /x >[/color] [color=#A23BEC]< %PROGRAMFILES%\PC-Doctor\Downloads\*.* >[/color] [color=#A23BEC]< %PROGRAMFILES%\Internet Explorer\*.tmp >[/color] [color=#A23BEC]< %PROGRAMFILES%\Internet Explorer\*.dat >[/color] [color=#A23BEC]< %USERPROFILE%\My Documents\*.exe >[/color] [2008/07/05 16:12:47 | 000,449,888 | ---- | M] (Yahoo! Inc.) -- C:\Documents and Settings\VETERAN\My Documents\msgr8us.exe [2008/11/28 20:28:16 | 000,436,800 | ---- | M] (Yahoo! Inc.) -- C:\Documents and Settings\VETERAN\My Documents\msgr9us.exe [2008/09/19 21:03:07 | 016,302,636 | ---- | M] (PC Camera ) -- C:\Documents and Settings\VETERAN\My Documents\PC_Camera_1043W_070328.exe [2004/09/22 18:46:04 | 000,819,200 | ---- | M] (Microsoft Corporation) -- C:\Documents and Settings\VETERAN\My Documents\setup_wm.exe [2008/08/18 11:52:47 | 164,668,752 | ---- | M] (Ai Squared ) -- C:\Documents and Settings\VETERAN\My Documents\ZT914_KPTV.exe [1 C:\Documents and Settings\VETERAN\My Documents\*.tmp files -> C:\Documents and Settings\VETERAN\My Documents\*.tmp -> ] [color=#A23BEC]< %USERPROFILE%\*.exe >[/color] [color=#A23BEC]< %systemroot%\ADDINS\*.* >[/color] [2004/08/04 06:00:00 | 000,000,791 | ---- | M] () -- C:\WINDOWS\addins\fxsext.ecf [color=#A23BEC]< %systemroot%\assembly\*.bak2 >[/color] [color=#A23BEC]< %systemroot%\Config\*.* >[/color] [color=#A23BEC]< %systemroot%\REPAIR\*.bak2 >[/color] [color=#A23BEC]< %systemroot%\SECURITY\Database\*.sdb /x >[/color] [color=#A23BEC]< %systemroot%\SYSTEM\*.bak2 >[/color] [color=#A23BEC]< %systemroot%\Web\*.bak2 >[/color] [color=#A23BEC]< %systemroot%\Driver Cache\*.* >[/color] [color=#A23BEC]< %PROGRAMFILES%\Mozilla Firefox\0*.exe >[/color] [color=#A23BEC]< %ProgramFiles%\Microsoft Common\*.* >[/color] [color=#A23BEC]< %ProgramFiles%\TinyProxy. >[/color] [color=#A23BEC]< %USERPROFILE%\Favorites\*.url /x >[/color] [2007/06/21 13:33:38 | 000,000,122 | -HS- | M] () -- C:\Documents and Settings\VETERAN\Favorites\Desktop.ini [2010/01/02 18:14:52 | 000,002,044 | ---- | M] () -- C:\Documents and Settings\VETERAN\Favorites\FriendFinder Messenger v4.1.lnk [color=#A23BEC]< %systemroot%\system32\*.bk >[/color] [color=#A23BEC]< %systemroot%\*.te >[/color] [color=#A23BEC]< %systemroot%\system32\system32\*.* >[/color] [color=#A23BEC]< %ALLUSERSPROFILE%\*.dat /x >[/color] [color=#A23BEC]< %systemroot%\system32\drivers\*.rmv >[/color] [color=#A23BEC]< dir /b "%systemroot%\system32\*.exe" | find /i " " /c >[/color] [color=#A23BEC]< dir /b "%systemroot%\*.exe" | find /i " " /c >[/color] [color=#A23BEC]< %PROGRAMFILES%\Microsoft\*.* >[/color] [color=#A23BEC]< %systemroot%\System32\Wbem\proquota.exe >[/color] [color=#A23BEC]< %PROGRAMFILES%\Mozilla Firefox\*.dat >[/color] [color=#A23BEC]< %USERPROFILE%\Cookies\*.txt /x >[/color] [2010/09/02 14:34:43 | 000,147,456 | ---- | M] () -- C:\Documents and Settings\VETERAN\Cookies\index.dat [color=#A23BEC]< %SystemRoot%\system32\fonts\*.* >[/color] [color=#A23BEC]< %systemroot%\system32\winlog\*.* >[/color] [color=#A23BEC]< %systemroot%\system32\Language\*.* >[/color] [color=#A23BEC]< %systemroot%\system32\Settings\*.* >[/color] [color=#A23BEC]< %systemroot%\system32\*.quo >[/color] [color=#A23BEC]< %SYSTEMROOT%\AppPatch\*.exe >[/color] [color=#A23BEC]< %SYSTEMROOT%\inf\*.exe >[/color] [2007/06/26 23:10:26 | 000,317,440 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\inf\unregmp2.exe [color=#A23BEC]< %SYSTEMROOT%\Installer\*.exe >[/color] [color=#A23BEC]< %USERPROFILE%\Templates\*.* >[/color] [2004/08/04 06:00:00 | 000,004,570 | ---- | M] () -- C:\Documents and Settings\VETERAN\Templates\amipro.sam [2004/08/04 06:00:00 | 000,005,632 | ---- | M] () -- C:\Documents and Settings\VETERAN\Templates\excel.xls [2004/08/04 06:00:00 | 000,001,518 | ---- | M] () -- C:\Documents and Settings\VETERAN\Templates\excel4.xls [2004/08/04 06:00:00 | 000,002,448 | ---- | M] () -- C:\Documents and Settings\VETERAN\Templates\lotus.wk4 [2004/08/04 06:00:00 | 000,012,288 | ---- | M] () -- C:\Documents and Settings\VETERAN\Templates\powerpnt.ppt [2004/08/04 06:00:00 | 000,000,461 | ---- | M] () -- C:\Documents and Settings\VETERAN\Templates\presenta.shw [2004/08/04 06:00:00 | 000,004,017 | ---- | M] () -- C:\Documents and Settings\VETERAN\Templates\quattro.wb2 [2004/08/04 06:00:00 | 000,000,058 | ---- | M] () -- C:\Documents and Settings\VETERAN\Templates\sndrec.wav [2004/08/04 06:00:00 | 000,004,608 | ---- | M] () -- C:\Documents and Settings\VETERAN\Templates\winword.doc [2004/08/04 06:00:00 | 000,001,769 | ---- | M] () -- C:\Documents and Settings\VETERAN\Templates\winword2.doc [2004/08/04 06:00:00 | 000,000,030 | ---- | M] () -- C:\Documents and Settings\VETERAN\Templates\wordpfct.wpd [2004/08/04 06:00:00 | 000,000,057 | ---- | M] () -- C:\Documents and Settings\VETERAN\Templates\wordpfct.wpg [color=#A23BEC]< %systemroot%\system32\config\*.bak2 >[/color] [color=#A23BEC]< %systemroot%\system32\Computers\*.* >[/color] [color=#A23BEC]< %SystemRoot%\system32\Sound\*.* >[/color] [color=#A23BEC]< %SystemRoot%\system32\SpecialImg\*.* >[/color] [color=#A23BEC]< %SystemRoot%\system32\code\*.* >[/color] [color=#A23BEC]< %SystemRoot%\system32\draft\*.* >[/color] [color=#A23BEC]< %SystemRoot%\system32\MSSSys\*.* >[/color] [color=#A23BEC]< %ProgramFiles%\Javascript\*.* >[/color] [color=#A23BEC]< HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate\AU >[/color] [color=#A23BEC]< HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update\Results\Install|LastSuccessTime /rs >[/color] HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update\Results\Install\\LastSuccessTime: 2010-08-12 07:09:24 < End of report >