Hi handhfan......thanks! and here you go,. Oh, for whatever it's worth, I did do a system restore after this happened to get rid of something else, but I'm assuming that wouldn't matter?Just wanted to let you know.
OTListIt logfile created on: 2/9/2009 8:22:32 PM - Run
OTListIt2 by OldTimer - Version 2.0.0.10 Folder = C:\Documents and Settings\Jim Lundquist\Desktop
Windows XP Home Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 7.0.5730.11)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy
767.30 Mb Total Physical Memory | 471.43 Mb Available Physical Memory | 61.44% Memory free
1.08 Gb Paging File | 0.82 Gb Available in Paging File | 76.06% Paging File free
Paging file location(s): C:\pagefile.sys 384 768;
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 37.26 Gb Total Space | 19.33 Gb Free Space | 51.88% Space Free | Partition Type: NTFS
D: Drive not present or media not loaded
E: Drive not present or media not loaded
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded
Computer Name: JIM
Current User Name: Jim Lundquist
Logged in as Administrator.
Current Boot Mode: Normal
Scan Mode: Current user
Output = Minimal
File Age = 30 Days
Company Name Whitelist: On
========== Processes (SafeList) ========== PRC - C:\Program Files\Windows Defender\MsMpEng.exe (Microsoft Corporation)
PRC - C:\WINDOWS\explorer.exe (Microsoft Corporation)
PRC - C:\Program Files\Windows Defender\MSASCui.exe (Microsoft Corporation)
PRC - C:\Program Files\Microsoft IntelliType Pro\type32.exe (Microsoft Corporation)
PRC - C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe (ESET)
PRC - C:\Program Files\Messenger\msmsgs.exe (Microsoft Corporation)
PRC - C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe (ESET)
PRC - C:\WINDOWS\system32\devldr32.exe (Creative Technology Ltd.)
PRC - C:\Documents and Settings\Jim Lundquist\Desktop\OTListIt2.exe (OldTimer Tools)
========== Win32 Services (SafeList) ========== SRV - (aspnet_state [On_Demand | Stopped]) -- C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\aspnet_state.exe (Microsoft Corporation)
SRV - (EhttpSrv [On_Demand | Stopped]) -- C:\Program Files\ESET\ESET NOD32 Antivirus\EHttpSrv.exe (ESET)
SRV - (ekrn [Auto | Running]) -- C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe (ESET)
SRV - (helpsvc [Auto | Running]) -- C:\WINDOWS\PCHEALTH\HELPCTR\Binaries\pchsvc.dll (Microsoft Corporation)
SRV - (IDriverT [On_Demand | Stopped]) -- C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe (Macrovision Corporation)
SRV - (iPodService [Disabled | Stopped]) -- C:\Program Files\iPod\bin\iPodService.exe (Apple Computer, Inc.)
SRV - (MDM [Disabled | Stopped]) -- C:\Program Files\Common Files\Microsoft Shared\VS7Debug\MDM.EXE (Microsoft Corporation)
SRV - (ose [On_Demand | Stopped]) -- C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE (Microsoft Corporation)
SRV - (Pml Driver HPZ12 [On_Demand | Stopped]) -- C:\WINDOWS\system32\HPZipm12.exe (HP)
SRV - (Symantec Core LC [Disabled | Stopped]) -- File not found
SRV - (usnsvc [On_Demand | Stopped]) -- C:\Program Files\MSN Messenger\usnsvc.dll (Microsoft Corporation)
SRV - (WinDefend [Auto | Running]) -- C:\Program Files\Windows Defender\MsMpEng.exe (Microsoft Corporation)
SRV - (WudfSvc [On_Demand | Stopped]) -- C:\WINDOWS\system32\WudfSvc.dll (Microsoft Corporation)
========== Driver Services (SafeList) ========== DRV - (ctljystk [On_Demand | Running]) -- C:\WINDOWS\system32\drivers\ctljystk.sys (Creative Technology Ltd.)
DRV - (eamon [Auto | Running]) -- C:\WINDOWS\system32\drivers\eamon.sys (ESET)
DRV - (easdrv [System | Running]) -- C:\WINDOWS\system32\drivers\easdrv.sys (ESET)
DRV - (emu10k [On_Demand | Running]) -- C:\WINDOWS\system32\drivers\emu10k1m.sys (Creative Technology Ltd.)
DRV - (emu10k1 [On_Demand | Running]) -- C:\WINDOWS\system32\drivers\ctlfacem.sys (Creative Technology Ltd.)
DRV - (epfwtdir [System | Running]) -- C:\WINDOWS\system32\drivers\epfwtdir.sys ()
DRV - (gameenum [On_Demand | Running]) -- C:\WINDOWS\system32\drivers\gameenum.sys (Microsoft Corporation)
DRV - (HCF_MSFT [On_Demand | Running]) -- C:\WINDOWS\system32\drivers\HCF_MSFT.sys (Conexant)
DRV - (HPZid412 [On_Demand | Running]) -- C:\WINDOWS\system32\drivers\HPZid412.sys (HP)
DRV - (HPZipr12 [On_Demand | Running]) -- C:\WINDOWS\system32\drivers\HPZipr12.sys (HP)
DRV - (HPZius12 [On_Demand | Running]) -- C:\WINDOWS\system32\drivers\HPZius12.sys (HP)
DRV - (kbdhid [System | Running]) -- C:\WINDOWS\system32\drivers\kbdhid.sys (Microsoft Corporation)
DRV - (l8042pr2 [On_Demand | Running]) -- C:\WINDOWS\system32\drivers\L8042Pr2.sys (Logitech)
DRV - (LKbdFlt2 [On_Demand | Running]) -- C:\WINDOWS\system32\drivers\LKbdFlt2.sys (Logitech)
DRV - (LMouFlt2 [On_Demand | Running]) -- C:\WINDOWS\system32\drivers\LMouFlt2.sys (Logitech)
DRV - (motccgp [On_Demand | Stopped]) -- C:\WINDOWS\system32\drivers\motccgp.sys (Motorola)
DRV - (motccgpfl [On_Demand | Stopped]) -- C:\WINDOWS\system32\drivers\motccgpfl.sys (Motorola)
DRV - (MotDev [On_Demand | Stopped]) -- C:\WINDOWS\system32\drivers\motodrv.sys (Motorola Inc)
DRV - (motmodem [On_Demand | Stopped]) -- C:\WINDOWS\system32\drivers\motmodem.sys (Motorola)
DRV - (motport [On_Demand | Stopped]) -- C:\WINDOWS\system32\drivers\motport.sys (Motorola)
DRV - (nv [On_Demand | Running]) -- C:\WINDOWS\system32\drivers\nv4_mini.sys (NVIDIA Corporation)
DRV - (nv4 [On_Demand | Stopped]) -- C:\WINDOWS\system32\drivers\nv4.sys (NVIDIA Corporation)
DRV - (OMCI [System | Running]) -- C:\WINDOWS\system32\drivers\omci.sys (Dell Computer Corporation)
DRV - (Pcouffin [On_Demand | Stopped]) -- C:\WINDOWS\system32\drivers\pcouffin.sys (VSO Software)
DRV - (pfc [On_Demand | Stopped]) -- C:\WINDOWS\system32\drivers\pfc.sys (Padus, Inc.)
DRV - (Ptilink [On_Demand | Running]) -- C:\WINDOWS\system32\drivers\ptilink.sys (Parallel Technologies, Inc.)
DRV - (PxHelp20 [Boot | Running]) -- C:\WINDOWS\system32\drivers\pxhelp20.sys (Sonic Solutions)
DRV - (ROOTMODEM [On_Demand | Running]) -- C:\WINDOWS\system32\drivers\rootmdm.sys (Microsoft Corporation)
DRV - (rtl8139 [On_Demand | Running]) -- C:\WINDOWS\system32\drivers\rtl8139.sys (Realtek Semiconductor Corporation)
DRV - (SASDIFSV [System | Running]) -- C:\Program Files\SUPERAntiSpyware\sasdifsv.sys (SUPERAdBlocker.com and SUPERAntiSpyware.com)
DRV - (SASENUM [On_Demand | Stopped]) -- C:\Program Files\SUPERAntiSpyware\SASENUM.SYS ( SUPERAdBlocker.com and SUPERAntiSpyware.com)
DRV - (SASKUTIL [System | Running]) -- C:\Program Files\SUPERAntiSpyware\SASKUTIL.SYS (SUPERAdBlocker.com and SUPERAntiSpyware.com)
DRV - (Secdrv [On_Demand | Stopped]) -- C:\WINDOWS\system32\drivers\secdrv.sys (Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K.)
DRV - (sfman [On_Demand | Running]) -- C:\WINDOWS\system32\drivers\sfmanm.sys (Creative Technology Ltd.)
DRV - (symlcbrd [Auto | Running]) -- C:\WINDOWS\system32\drivers\symlcbrd.sys (Symantec Corporation)
DRV - (usbsermpt [On_Demand | Stopped]) -- C:\WINDOWS\system32\drivers\usbsermpt.sys (Microsoft Corporation)
DRV - (Wdf01000 [On_Demand | Stopped]) -- C:\WINDOWS\system32\drivers\wdf01000.sys (Microsoft Corporation)
DRV - (WS2IFSL [System | Running]) -- C:\WINDOWS\system32\drivers\ws2ifsl.sys (Microsoft Corporation)
========== Standard Registry (All) ========== ========== Internet Explorer ========== IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL =
http://go.microsoft....k/?LinkId=69157IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL =
http://go.microsoft....k/?LinkId=54896IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL =
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Extensions Off Page = about:NoAdd-ons
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page =
http://go.microsoft....k/?LinkId=54896IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Security Risk Page = about:SecurityRisk
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page =
http://yahoo.com/IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,CustomizeSearch =
http://ie.search.msn...st/srchcust.htmIE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,CustomSearch =
http://rd.yahoo.com/.../search/ie.htmlIE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant =
http://ie.search.msn...st/srchasst.htm IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\WINDOWS\system32\blank.htm
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Page_Transitions =
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page =
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,SearchMigratedDefaultName = Yahoo! Search
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,SearchMigratedDefaultURL =
http://search.yahoo....e...-8&fr=b1ie7IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page =
http://www.yahoo.com/IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = localhost
O1 HOSTS File: (734 bytes) - C:\WINDOWS\System32\drivers\etc\Hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (Adobe PDF Reader Link Helper) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
O2 - BHO: (Java Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll File not found
O3 - HKCU\..\Toolbar\ShellBrowser: (no name) - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - Reg Error: Key error. File not found
O3 - HKCU\..\Toolbar\ShellBrowser: (no name) - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - Reg Error: Key error. File not found
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {01E04581-4EEE-11D0-BFE9-00AA005B4383} - C:\WINDOWS\system32\browseui.dll (Microsoft Corporation)
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {0E5CBF21-D15F-11D0-8301-00AA005B4383} - C:\WINDOWS\system32\shell32.dll (Microsoft Corporation)
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - Reg Error: Key error. File not found
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {C4069E3A-68F1-403E-B40E-20066696354B} - Reg Error: Key error. File not found
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - Reg Error: Key error. File not found
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {F2CF5485-4E02-4F68-819C-B92DE9277049} - C:\WINDOWS\system32\ieframe.dll (Microsoft Corporation)
O4 - HKLM..\Run: [egui] "C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe" /hide /waitservice (ESET)
O4 - HKLM..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe (Ahead Software Gmbh)
O4 - HKLM..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime (Apple Inc.)
O4 - HKLM..\Run: [type32] "C:\Program Files\Microsoft IntelliType Pro\type32.exe" (Microsoft Corporation)
O4 - HKLM..\Run: [Windows Defender] "C:\Program Files\Windows Defender\MSASCui.exe" -hide (Microsoft Corporation)
O4 - HKCU..\Run: [Microsoft Works Update Detection] C:\Program Files\Microsoft Works\WkDetect.exe File not found
O4 - HKCU..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background (Microsoft Corporation)
O4 - HKCU..\Run: [P2kAutostart] File not found
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: dontdisplaylastusername = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticecaption =
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticetext =
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: shutdownwithoutlogon = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: undockwithoutlogon = 1
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O9 - Extra 'Tools' menuitem : @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\network diagnostic\xpnetdiag.exe (Microsoft Corporation)
O9 - Extra Button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000001 [Tcpip] - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000002 [NTDS] - C:\WINDOWS\system32\winrnr.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000003 [Network Location Awareness (NLA) Namespace] - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000001 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000002 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000003 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000004 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000005 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000006 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000007 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000008 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000009 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000010 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000011 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000012 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000013 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000014 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000015 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O15 - HKLM\..Trusted Domains: 1 domain(s) and sub-domain(s) not assigned to a zone.
O15 - HKCU\..Trusted Sites: ([]msn in My Computer)
O15 - HKCU\..Trusted Domains: 2 domain(s) and sub-domain(s) not assigned to a zone.
O16 - DPF: {02BCC737-B171-4746-94C9-0D8A0B2C0089}
http://office.micros...tes/ieawsdc.cab (Microsoft Office Template and Media Control)
O16 - DPF: {02BF25D5-8C17-4B23-BC80-D3488ABDDC6B}
http://www.apple.com...ex/qtplugin.cab (QuickTime Object)
O16 - DPF: {0A5FD7C5-A45C-49FC-ADB5-9952547D5715}
http://www.creative....026/CTSUEng.cab (Creative Software AutoUpdate)
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700}
http://go.microsoft....k/?linkid=39204 (Windows Genuine Advantage Validation Tool)
O16 - DPF: {3E68E405-C6DE-49FF-83AE-41EE9F4C36CE}
http://office.micros...ntent/opuc2.cab (Office Update Installation Engine)
O16 - DPF: {4C39376E-FA9D-4349-BACC-D305C1750EF3}
http://tools.ebayimg...l_v1-0-3-48.cab (EPUImageControl Class)
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C}
http://v5.windowsupd...b?1093415681217 (WUWebControl Class)
O16 - DPF: {6C269571-C6D7-4818-BCA4-32A035E8C884}
http://www.creative....101/CTSUEng.cab (Creative Software AutoUpdate)
O16 - DPF: {AB86CE53-AC9F-449F-9399-D8ABCA09EC09}
https://h17000.www1....loadManager.ocx (Get_ActiveX Control)
O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF}
http://messenger.msn...pDownloader.cab (MsnMessengerSetupDownloadControl Class)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000}
http://fpdownload.ma...ent/swflash.cab (Shockwave Flash Object)
O16 - DPF: {E56347B0-6C2B-4C2E-939F-EE513EAC80BC}
http://www.creative....ClientNoMFC.cab (Creative Product Registration ActiveX Control Module)
O16 - DPF: {EB387D2F-E27B-4D36-979E-847D1036C65D}
http://h30043.www3.h.../qdiagh.cab?322 (QDiagHUpdateObj Class)
O16 - DPF: {F6ACF75C-C32C-447B-9BEF-46B766368D29}
http://www.creative....15106/CTPID.cab (Creative Software AutoUpdate Support Package)
O16 - DPF: Microsoft XML Parser for Java file://C:\WINDOWS\Java\classes\xmldso.cab (Reg Error: Key error.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: Interfaces\{866B4473-554A-423C-9CDA-751CB3F3A5D5}\\NameServer = 68.94.156.1,68.94.157.1
O18 - Protocol\Handler\about {3050F406-98B5-11CF-BB82-00AA00BDCE0B} - C:\WINDOWS\system32\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\cdl {3dd53d40-7b8b-11D0-b013-00aa0059ce02} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\cetihpz {CF184AD3-CDCB-4168-A3F7-8E447D129300} - C:\Program Files\HP\hpcoretech\comp\hpuiprot.dll (Hewlett-Packard Company)
O18 - Protocol\Handler\dvd {12D51199-0DB5-46FE-A120-47A3D7D937CC} - C:\WINDOWS\system32\msvidctl.dll (Microsoft Corporation)
O18 - Protocol\Handler\file {79eac9e7-baf9-11ce-8c82-00aa004ba90b} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\ftp {79eac9e3-baf9-11ce-8c82-00aa004ba90b} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\gopher {79eac9e4-baf9-11ce-8c82-00aa004ba90b} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\http {79eac9e2-baf9-11ce-8c82-00aa004ba90b} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\http\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\http\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\https {79eac9e5-baf9-11ce-8c82-00aa004ba90b} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\https\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\https\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\ipp - No CLSID value found
O18 - Protocol\Handler\ipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\its {9D148291-B9C8-11D0-A4CC-0000F80149F6} - C:\WINDOWS\system32\itss.dll (Microsoft Corporation)
O18 - Protocol\Handler\javascript {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} - C:\WINDOWS\system32\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\lid {5C135180-9973-46D9-ABF4-148267CBB8BF} - C:\WINDOWS\system32\msvidctl.dll (Microsoft Corporation)
O18 - Protocol\Handler\livecall {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files\MSN Messenger\msgrapp.8.0.0792.00.dll (Microsoft Corporation)
O18 - Protocol\Handler\local {79eac9e7-baf9-11ce-8c82-00aa004ba90b} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\mailto {3050f3DA-98B5-11CF-BB82-00AA00BDCE0B} - C:\WINDOWS\system32\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\mhtml {05300401-BCBC-11d0-85E3-00C04FD85AB4} - C:\WINDOWS\system32\inetcomm.dll (Microsoft Corporation)
O18 - Protocol\Handler\mk {79eac9e6-baf9-11ce-8c82-00aa004ba90b} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp - No CLSID value found
O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\ms-its {9D148291-B9C8-11D0-A4CC-0000F80149F6} - C:\WINDOWS\system32\itss.dll (Microsoft Corporation)
O18 - Protocol\Handler\msnim {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files\MSN Messenger\msgrapp.8.0.0792.00.dll (Microsoft Corporation)
O18 - Protocol\Handler\res {3050F3BC-98B5-11CF-BB82-00AA00BDCE0B} - C:\WINDOWS\system32\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\sysimage {76E67A63-06E9-11D2-A840-006008059382} - C:\WINDOWS\system32\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\tv {CBD30858-AF45-11D2-B6D6-00C04FBBDE6E} - C:\WINDOWS\system32\msvidctl.dll (Microsoft Corporation)
O18 - Protocol\Handler\vbscript {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} - C:\WINDOWS\system32\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\wia {13F3EA8B-91D7-4F0A-AD76-D2853AC8BECE} - C:\WINDOWS\system32\wiascr.dll (Microsoft Corporation)
O18 - Protocol\Filter: - application/octet-stream - C:\WINDOWS\system32\mscoree.dll (Microsoft Corporation)
O18 - Protocol\Filter: - application/x-complus - C:\WINDOWS\system32\mscoree.dll (Microsoft Corporation)
O18 - Protocol\Filter: - application/x-msdownload - C:\WINDOWS\system32\mscoree.dll (Microsoft Corporation)
O18 - Protocol\Filter: - Class Install Handler - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Filter: - deflate - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Filter: - gzip - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Filter: - lzdhtml - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Filter: - text/webviewhtml - C:\WINDOWS\system32\shell32.dll (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\WINDOWS\system32\userinit.exe) - C:\WINDOWS\system32\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UIHost - (logonui.exe) - C:\WINDOWS\system32\logonui.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (rundll32 shell32) - C:\WINDOWS\system32\shell32.dll (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (Control_RunDLL "sysdm.cpl") - C:\WINDOWS\system32\sysdm.cpl (Microsoft Corporation)
O20 - Winlogon\Notify\!SASWinLogon: DllName - C:\Program Files\SUPERAntiSpyware\SASWINLO.dll - C:\Program Files\SUPERAntiSpyware\SASWINLO.dll (SUPERAntiSpyware.com)
O20 - Winlogon\Notify\crypt32chain: DllName - crypt32.dll - C:\WINDOWS\system32\crypt32.dll (Microsoft Corporation)
O20 - Winlogon\Notify\cryptnet: DllName - cryptnet.dll - C:\WINDOWS\system32\cryptnet.dll (Microsoft Corporation)
O20 - Winlogon\Notify\cscdll: DllName - cscdll.dll - C:\WINDOWS\system32\cscdll.dll (Microsoft Corporation)
O20 - Winlogon\Notify\dimsntfy: DllName - %SystemRoot%\System32\dimsntfy.dll - C:\WINDOWS\system32\dimsntfy.dll (Microsoft Corporation)
O20 - Winlogon\Notify\ScCertProp: DllName - wlnotify.dll - C:\WINDOWS\system32\wlnotify.dll (Microsoft Corporation)
O20 - Winlogon\Notify\Schedule: DllName - wlnotify.dll - C:\WINDOWS\system32\wlnotify.dll (Microsoft Corporation)
O20 - Winlogon\Notify\sclgntfy: DllName - sclgntfy.dll - C:\WINDOWS\system32\sclgntfy.dll (Microsoft Corporation)
O20 - Winlogon\Notify\SensLogn: DllName - WlNotify.dll - C:\WINDOWS\system32\wlnotify.dll (Microsoft Corporation)
O20 - Winlogon\Notify\termsrv: DllName - wlnotify.dll - C:\WINDOWS\system32\wlnotify.dll (Microsoft Corporation)
O20 - Winlogon\Notify\WgaLogon: DllName - WgaLogon.dll - C:\WINDOWS\system32\WgaLogon.dll (Microsoft Corporation)
O20 - Winlogon\Notify\wlballoon: DllName - wlnotify.dll - C:\WINDOWS\system32\wlnotify.dll (Microsoft Corporation)
O21 - SSODL: CDBurn - {fbeb8a05-beee-4442-804e-409d6c4515e9} - C:\WINDOWS\system32\shell32.dll (Microsoft Corporation)
O21 - SSODL: PostBootReminder - {7849596a-48ea-486e-8937-a2a3009f31a9} - C:\WINDOWS\system32\shell32.dll (Microsoft Corporation)
O21 - SSODL: SysTray - {35CEC8A3-2BE6-11D2-8773-92E220524153} - C:\WINDOWS\system32\stobject.dll (Microsoft Corporation)
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - C:\WINDOWS\system32\webcheck.dll (Microsoft Corporation)
O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll (Microsoft Corporation)
O22 - SharedTaskScheduler: {438755C2-A8BA-11D1-B96B-00A0C90312E1} - Browseui preloader - C:\WINDOWS\system32\browseui.dll (Microsoft Corporation)
O22 - SharedTaskScheduler: {8C7461EF-2B13-11d2-BE35-3078302C2030} - Component Categories cache daemon - C:\WINDOWS\system32\browseui.dll (Microsoft Corporation)
O24 - Desktop Components:0 (My Current Home Page) - About:Home
O27 - HKLM IFEO\Your Image File Name Here without a path: Debugger - C:\WINDOWS\system32\ntsd.exe (Microsoft Corporation)
O28 - HKLM ShellExecuteHooks: {091EB208-39DD-417D-A5DD-7E2C2D8FB9CB} - C:\Program Files\Windows Defender\MpShHook.dll (Microsoft Corporation)
O28 - HKLM ShellExecuteHooks: {5AE067D3-9AFB-48E0-853A-EBB7F4A000DA} - C:\Program Files\SUPERAntiSpyware\SASSEH.DLL (SuperAdBlocker.com)
O28 - HKLM ShellExecuteHooks: {AEB6717E-7E19-11d0-97EE-00C04FD91972} - C:\WINDOWS\system32\shell32.dll (Microsoft Corporation)
O29 - HKLM SecurityProviders - (msapsspc.dll) - C:\WINDOWS\system32\msapsspc.dll (Microsoft Corporation)
O29 - HKLM SecurityProviders - ( schannel.dll) - C:\WINDOWS\system32\schannel.dll (Microsoft Corporation)
O29 - HKLM SecurityProviders - ( digest.dll) - C:\WINDOWS\system32\digest.dll (Microsoft Corporation)
O29 - HKLM SecurityProviders - ( msnsspc.dll) - C:\WINDOWS\system32\msnsspc.dll (Microsoft Corporation)
O30 - LSA: Authentication Packages - (msv1_0) - C:\WINDOWS\system32\msv1_0.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (kerberos) - C:\WINDOWS\system32\kerberos.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (msv1_0) - C:\WINDOWS\system32\msv1_0.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (schannel) - C:\WINDOWS\system32\schannel.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (wdigest) - C:\WINDOWS\system32\wdigest.dll (Microsoft Corporation)
O31 - SafeBoot: AlternateShell - cmd.exe
O32 - HKLM CDRom: AutoRun - 1
O32 - Autorun File - C:\AUTOEXEC.BAT () - [ NTFS ]
========== Files/Folders - Created Within 30 Days ========== [1 C:\WINDOWS\System32\drivers\*.tmp files]
[2009/02/09 20:20:50 | 00,488,960 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\Jim Lundquist\Desktop\OTListIt2.exe
[2009/02/07 21:13:52 | 00,002,119 | ---- | C] () -- C:\Documents and Settings\Jim Lundquist\Application Data\awRL2pFxtt.gif
[2009/02/07 21:13:52 | 00,000,607 | ---- | C] () -- C:\Documents and Settings\Jim Lundquist\Application Data\awRL2pFxnn.gif
[2009/02/07 21:13:52 | 00,000,598 | ---- | C] () -- C:\Documents and Settings\Jim Lundquist\Application Data\awRL2pFxyy.gif
[2009/02/04 23:21:24 | 00,123,053 | ---- | C] () -- C:\Documents and Settings\Jim Lundquist\My Documents\Howard forums links.jpg
[2009/01/31 18:38:37 | 00,093,791 | ---- | C] () -- C:\Documents and Settings\Jim Lundquist\My Documents\DREMEL INFO.jpg
[2009/01/31 13:54:40 | 00,369,152 | ---- | C] () -- C:\Documents and Settings\Jim Lundquist\My Documents\Transponder list.xls
[2009/01/31 13:49:41 | 00,000,000 | RH-D | C] -- C:\MSOCache
[2009/01/28 00:38:51 | 00,000,000 | ---D | C] -- C:\Program Files\WinRAR
[2009/01/27 20:15:58 | 00,000,570 | ---- | C] () -- C:\Documents and Settings\Jim Lundquist\Desktop\Shortcut to P2kCommander.lnk
[2009/01/27 20:14:46 | 00,000,000 | ---D | C] -- C:\p2kcommander
[2009/01/27 07:19:52 | 00,016,760 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\spmsg.dll
[2009/01/26 23:51:12 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Jim Lundquist\My Documents\bitpim
[2009/01/26 23:50:37 | 00,000,000 | ---D | C] -- C:\Program Files\BitPim
[2009/01/26 23:12:15 | 00,018,688 | ---- | C] (Motorola) -- C:\WINDOWS\System32\drivers\motccgp.sys
[2009/01/26 23:12:15 | 00,008,320 | ---- | C] (Motorola) -- C:\WINDOWS\System32\drivers\motccgpfl.sys
[2009/01/26 23:11:28 | 00,001,775 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Motorola Software Update.lnk
[2009/01/26 23:11:20 | 00,000,000 | ---D | C] -- C:\Program Files\Common Files\Motorola Shared
[2009/01/26 18:30:54 | 00,000,000 | -H-- | C] () -- C:\WINDOWS\System32\drivers\UMDF\MsftWdf_user_01_00_00.Wdf
[2009/01/26 18:30:45 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\drivers\UMDF
[2009/01/26 17:59:04 | 00,000,000 | -H-- | C] () -- C:\WINDOWS\System32\drivers\Msft_Kernel_motport_01005.Wdf
[2009/01/26 17:58:53 | 00,000,000 | -H-- | C] () -- C:\WINDOWS\System32\drivers\Msft_Kernel_motccgpfl_01005.Wdf
[2009/01/26 17:58:51 | 00,000,000 | -H-- | C] () -- C:\WINDOWS\System32\drivers\Msft_Kernel_motccgp_01005.Wdf
[2009/01/25 00:26:18 | 00,023,680 | ---- | C] (Motorola) -- C:\WINDOWS\System32\drivers\motport.sys
[2009/01/25 00:26:18 | 00,023,680 | ---- | C] (Motorola) -- C:\WINDOWS\System32\drivers\motmodem.sys
[2009/01/25 00:26:17 | 00,006,400 | ---- | C] (Motorola) -- C:\WINDOWS\System32\drivers\motswch.sys
[2009/01/25 00:26:16 | 00,042,112 | ---- | C] (Motorola Inc) -- C:\WINDOWS\System32\drivers\motodrv.sys
[2009/01/25 00:25:42 | 00,000,000 | ---D | C] -- C:\Program Files\Motorola
[2009/01/24 20:14:30 | 00,000,426 | ---- | C] () -- C:\Documents and Settings\Jim Lundquist\Desktop\The White House - Blog Post - President Obama delivers Your Weekly Address.url
[2009/01/23 11:11:37 | 00,078,521 | ---- | C] () -- C:\Documents and Settings\Jim Lundquist\My Documents\TOSHIBA HD-A2 4.0 firmware info.jpg
[2009/01/22 22:03:06 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Jim Lundquist\Application Data\ImgBurn
[2009/01/22 22:02:35 | 00,000,000 | ---D | C] -- C:\Program Files\ImgBurn
[2009/01/17 12:51:46 | 00,000,375 | ---- | C] () -- C:\Documents and Settings\Jim Lundquist\Desktop\Amazon.com GE 29869GE2 Digital Answering System with 4 Mailboxes Electronics.url
[2009/01/11 21:34:24 | 00,000,236 | ---- | C] () -- C:\Documents and Settings\Jim Lundquist\Desktop\OPPO HM-31, Advanced 3x1 HDMI Switch, 1080P and HDMI 1.3 Certified.url
[2009/01/11 18:47:06 | 00,020,480 | ---- | C] () -- C:\Documents and Settings\Jim Lundquist\My Documents\Samsung bulb info.doc
========== Files - Modified Within 30 Days ========== [1 C:\WINDOWS\System32\drivers\*.tmp files]
[28 C:\WINDOWS\System32\*.tmp files]
[3 C:\WINDOWS\*.tmp files]
[2009/02/09 20:21:01 | 00,488,960 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Jim Lundquist\Desktop\OTListIt2.exe
[2009/02/09 18:47:00 | 00,000,332 | ---- | M] () -- C:\WINDOWS\tasks\HP Usg Daily FY04.job
[2009/02/09 18:10:53 | 00,000,330 | -H-- | M] () -- C:\WINDOWS\tasks\MP Scheduled Scan.job
[2009/02/09 18:08:02 | 00,002,206 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2009/02/09 18:07:32 | 00,000,006 | -H-- | M] () -- C:\WINDOWS\tasks\SA.DAT
[2009/02/09 18:07:27 | 00,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2009/02/09 18:07:25 | 80,463,8720 | -HS- | M] () -- C:\hiberfil.sys
[2009/02/07 23:56:14 | 00,000,572 | ---- | M] () -- C:\WINDOWS\win.ini
[2009/02/07 23:56:14 | 00,000,227 | ---- | M] () -- C:\WINDOWS\system.ini
[2009/02/07 21:13:52 | 00,002,119 | ---- | M] () -- C:\Documents and Settings\Jim Lundquist\Application Data\awRL2pFxtt.gif
[2009/02/07 21:13:52 | 00,000,607 | ---- | M] () -- C:\Documents and Settings\Jim Lundquist\Application Data\awRL2pFxnn.gif
[2009/02/07 21:13:52 | 00,000,598 | ---- | M] () -- C:\Documents and Settings\Jim Lundquist\Application Data\awRL2pFxyy.gif
[2009/02/05 17:20:25 | 00,045,056 | ---- | M] () -- C:\Documents and Settings\Jim Lundquist\My Documents\J & L Painting Invoice.doc
[2009/02/04 23:21:24 | 00,123,053 | ---- | M] () -- C:\Documents and Settings\Jim Lundquist\My Documents\Howard forums links.jpg
[2009/01/31 18:38:37 | 00,093,791 | ---- | M] () -- C:\Documents and Settings\Jim Lundquist\My Documents\DREMEL INFO.jpg
[2009/01/31 13:54:42 | 00,369,152 | ---- | M] () -- C:\Documents and Settings\Jim Lundquist\My Documents\Transponder list.xls
[2009/01/27 22:15:10 | 00,000,116 | ---- | M] () -- C:\WINDOWS\NeroDigital.ini
[2009/01/27 20:15:58 | 00,000,570 | ---- | M] () -- C:\Documents and Settings\Jim Lundquist\Desktop\Shortcut to P2kCommander.lnk
[2009/01/26 23:30:23 | 00,001,775 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Motorola Software Update.lnk
[2009/01/26 18:33:07 | 00,001,679 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Motorola Phone Tools.lnk
[2009/01/26 18:32:28 | 00,001,374 | ---- | M] () -- C:\WINDOWS\imsins.BAK
[2009/01/26 18:30:54 | 00,000,000 | -H-- | M] () -- C:\WINDOWS\System32\drivers\UMDF\MsftWdf_user_01_00_00.Wdf
[2009/01/26 17:59:04 | 00,000,000 | -H-- | M] () -- C:\WINDOWS\System32\drivers\Msft_Kernel_motport_01005.Wdf
[2009/01/26 17:58:53 | 00,000,000 | -H-- | M] () -- C:\WINDOWS\System32\drivers\Msft_Kernel_motccgpfl_01005.Wdf
[2009/01/26 17:58:51 | 00,000,000 | -H-- | M] () -- C:\WINDOWS\System32\drivers\Msft_Kernel_motccgp_01005.Wdf
[2009/01/24 20:14:31 | 00,000,426 | ---- | M] () -- C:\Documents and Settings\Jim Lundquist\Desktop\The White House - Blog Post - President Obama delivers Your Weekly Address.url
[2009/01/23 11:11:37 | 00,078,521 | ---- | M] () -- C:\Documents and Settings\Jim Lundquist\My Documents\TOSHIBA HD-A2 4.0 firmware info.jpg
[2009/01/17 12:51:46 | 00,000,375 | ---- | M] () -- C:\Documents and Settings\Jim Lundquist\Desktop\Amazon.com GE 29869GE2 Digital Answering System with 4 Mailboxes Electronics.url
[2009/01/14 16:11:32 | 00,038,496 | ---- | M] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbamswissarmy.sys
[2009/01/14 16:11:28 | 00,015,504 | ---- | M] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbam.sys
[2009/01/11 21:34:25 | 00,000,236 | ---- | M] () -- C:\Documents and Settings\Jim Lundquist\Desktop\OPPO HM-31, Advanced 3x1 HDMI Switch, 1080P and HDMI 1.3 Certified.url
[2009/01/11 18:47:06 | 00,020,480 | ---- | M] () -- C:\Documents and Settings\Jim Lundquist\My Documents\Samsung bulb info.doc
========== LOP Check ========== [2008/12/10 21:21:10 | 00,000,000 | RH-D | M] -- C:\Documents and Settings\All Users\Application Data
[2008/04/22 13:09:31 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Adobe
[2006/07/07 23:09:28 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Ahead
[2008/10/01 17:35:12 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Apple
[2008/10/01 17:36:28 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Apple Computer
[2006/01/05 22:22:39 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Broderbund LLC
[2006/01/05 22:22:28 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Broderbund Software
[2006/09/05 21:05:34 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\BVRP Software
[2008/06/15 21:07:53 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\DVD Shrink
[2008/12/10 21:21:10 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\ESET
[2004/08/25 17:45:49 | 00,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Application Data\GTek
[2005/12/01 18:46:45 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Hewlett-Packard
[2008/12/01 19:11:40 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Malwarebytes
[2008/11/30 00:27:13 | 00,000,000 | --SD | M] -- C:\Documents and Settings\All Users\Application Data\Microsoft
[2004/10/27 20:01:25 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\MSN6
[2006/06/30 20:43:53 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\NVIDIA Corporation
[2008/12/02 08:38:46 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\SUPERAntiSpyware.com
[2005/08/17 22:34:16 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Windows Genuine Advantage
[2009/02/07 21:13:52 | 00,000,000 | RH-D | M] -- C:\Documents and Settings\Jim Lundquist\Application Data
[2009/02/08 00:30:26 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Jim Lundquist\Application Data\AccurateRip
[2008/06/10 22:12:14 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Jim Lundquist\Application Data\Adobe
[2006/12/17 21:04:22 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Jim Lundquist\Application Data\AdobeUM
[2006/07/30 20:33:22 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Jim Lundquist\Application Data\Ahead
[2009/02/08 00:30:26 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Jim Lundquist\Application Data\Apple Computer
[2006/06/23 17:48:53 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Jim Lundquist\Application Data\Azureus
[2007/01/29 21:02:24 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Jim Lundquist\Application Data\Creative
[2005/08/07 22:10:52 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Jim Lundquist\Application Data\CyberLink
[2007/01/20 22:55:25 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Jim Lundquist\Application Data\FastStone
[2009/02/08 00:21:05 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Jim Lundquist\Application Data\Google
[2004/08/25 17:45:50 | 00,000,000 | -H-D | M] -- C:\Documents and Settings\Jim Lundquist\Application Data\GTek
[2005/01/06 20:37:59 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Jim Lundquist\Application Data\Help
[2004/08/24 19:22:44 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Jim Lundquist\Application Data\Identities
[2009/01/22 22:03:06 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Jim Lundquist\Application Data\ImgBurn
[2007/02/11 00:34:50 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Jim Lundquist\Application Data\InstallShield
[2004/08/24 20:36:57 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Jim Lundquist\Application Data\Macromedia
[2008/12/01 19:11:48 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Jim Lundquist\Application Data\Malwarebytes
[2008/08/05 12:39:12 | 00,000,000 | --SD | M] -- C:\Documents and Settings\Jim Lundquist\Application Data\Microsoft
[2008/11/26 15:18:49 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Jim Lundquist\Application Data\Mozilla
[2004/10/27 20:01:31 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Jim Lundquist\Application Data\MSN6
[2006/08/12 21:35:13 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Jim Lundquist\Application Data\Musicmatch
[2006/06/19 19:53:58 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Jim Lundquist\Application Data\Nero
[2006/06/11 17:46:05 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Jim Lundquist\Application Data\Real
[2004/08/26 13:46:10 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Jim Lundquist\Application Data\Share-to-Web Upload Folder
[2006/07/25 18:37:32 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Jim Lundquist\Application Data\SlySoft
[2005/05/11 23:17:21 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Jim Lundquist\Application Data\Sun
[2008/12/02 08:38:37 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Jim Lundquist\Application Data\SUPERAntiSpyware.com
[2009/02/08 00:30:25 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Jim Lundquist\Application Data\uTorrent
[2008/06/12 00:14:41 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Jim Lundquist\Application Data\Vso
[2008/09/26 17:56:18 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Jim Lundquist\Application Data\Winamp
[2005/05/19 22:21:17 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Jim Lundquist\Application Data\WinPatrol
[2008/09/20 22:24:47 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Jim Lundquist\Application Data\WinRAR
[2001/08/18 04:00:00 | 00,000,065 | RH-- | M] () -- C:\WINDOWS\Tasks\desktop.ini
[2009/02/09 18:47:00 | 00,000,332 | ---- | M] () -- C:\WINDOWS\Tasks\HP Usg Daily FY04.job
[2009/02/09 18:10:53 | 00,000,330 | -H-- | M] () -- C:\WINDOWS\Tasks\MP Scheduled Scan.job
[2009/02/09 18:07:32 | 00,000,006 | -H-- | M] () -- C:\WINDOWS\Tasks\SA.DAT
========== Purity Check ========== ========== Alternate Data Streams ========== @Alternate Data Stream - 3638 bytes -> C:\Documents and Settings\Jim Lundquist\Desktop\OPPO HM-31, Advanced 3x1 HDMI Switch, 1080P and HDMI 1.3 Certified.url:favicon
@Alternate Data Stream - 318 bytes -> C:\Documents and Settings\Jim Lundquist\Desktop\Staples® Gray Terry Manager's Chair at Staples®.url:favicon
@Alternate Data Stream - 318 bytes -> C:\Documents and Settings\Jim Lundquist\Desktop\Staples® Ellston™ Chair, Black Microsuede at Staples® (2).url:favicon
@Alternate Data Stream - 17542 bytes -> C:\Documents and Settings\Jim Lundquist\Desktop\Amazon.com GE 29869GE2 Digital Answering System with 4 Mailboxes Electronics.url:favicon
@Alternate Data Stream - 1406 bytes -> C:\Documents and Settings\Jim Lundquist\Desktop\The White House - Blog Post - President Obama delivers Your Weekly Address.url:favicon
@Alternate Data Stream - 1150 bytes -> C:\Documents and Settings\Jim Lundquist\Desktop\Woot One Day, One Deal (SM).url:favicon
@Alternate Data Stream - 0 bytes -> C:\WINDOWS\System32\Thumbs.db:encryptable
@Alternate Data Stream - 0 bytes -> C:\Documents and Settings\Jim Lundquist\My Documents\Thumbs.db:encryptable
< End of report >
I'll just post the other one in the next reply, just to be safe.
Edited by Jim45, 09 February 2009 - 10:32 PM.