OTL logfile created on: 8/16/2010 12:51:44 PM - Run 1
OTL by OldTimer - Version 3.2.10.0 Folder = C:\Documents and Settings\Mike\Desktop
Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy
2.00 Gb Total Physical Memory | 1.00 Gb Available Physical Memory | 76.00% Memory free
4.00 Gb Paging File | 4.00 Gb Available in Paging File | 92.00% Paging File free
Paging file location(s): C:\pagefile.sys 2046 4092 [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 74.52 Gb Total Space | 21.81 Gb Free Space | 29.26% Space Free | Partition Type: NTFS
D: Drive not present or media not loaded
E: Drive not present or media not loaded
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded
Computer Name: MIKE-7BB150A374
Current User Name: Mike
Logged in as Administrator.
Current Boot Mode: Normal
Scan Mode: Current user
Company Name Whitelist: On
Skip Microsoft Files: On
File Age = 90 Days
Output = Standard
Quick Scan
========== Processes (SafeList) ==========
PRC - [2010/08/16 12:01:58 | 000,575,488 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Mike\Desktop\OTL.exe
PRC - [2010/05/18 09:16:22 | 001,154,848 | ---- | M] (Intuit Inc.) -- C:\Program Files\Common Files\Intuit\QuickBooks\QBUpdate\qbupdate.exe
PRC - [2010/05/18 07:57:06 | 000,045,056 | ---- | M] (Intuit) -- c:\Program Files\Common Files\Intuit\QuickBooks\QBCFMonitorService.exe
PRC - [2010/03/28 12:47:44 | 001,692,440 | ---- | M] (ParetoLogic) -- C:\Program Files\ParetoLogic\FileCure\FileCure.exe
PRC - [2009/04/22 16:24:32 | 001,447,240 | ---- | M] (Symantec Corporation) -- C:\Program Files\Symantec\Symantec Endpoint Protection\SmcGui.exe
PRC - [2009/04/22 16:24:30 | 001,803,592 | ---- | M] (Symantec Corporation) -- C:\Program Files\Symantec\Symantec Endpoint Protection\Smc.exe
PRC - [2009/04/22 16:14:20 | 001,768,376 | ---- | M] (Symantec Corporation) -- C:\Program Files\Symantec\Symantec Endpoint Protection\Rtvscan.exe
PRC - [2009/02/12 14:02:34 | 000,108,392 | ---- | M] (Symantec Corporation) -- C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
PRC - [2008/11/09 13:48:14 | 000,602,392 | ---- | M] (Yahoo! Inc.) -- C:\Program Files\Yahoo!\SoftwareUpdate\YahooAUService.exe
PRC - [2008/04/13 16:00:00 | 001,033,728 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
========== Modules (SafeList) ==========
MOD - [2010/08/16 12:01:58 | 000,575,488 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Mike\Desktop\OTL.exe
MOD - [2008/04/13 16:00:00 | 000,110,592 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\msscript.ocx
========== Win32 Services (SafeList) ==========
SRV - File not found [Disabled | Stopped] -- C:\WINDOWS\System32\hidserv.dll -- (HidServ)
SRV - [2010/05/18 07:57:06 | 000,045,056 | ---- | M] (Intuit) [Auto | Running] -- c:\Program Files\Common Files\Intuit\QuickBooks\QBCFMonitorService.exe -- (QBCFMonitorService)
SRV - [2010/02/19 19:43:34 | 000,380,928 | ---- | M] (Spigot, Inc.) [Disabled | Stopped] -- C:\Program Files\Application Updater\ApplicationUpdater.exe -- (Application Updater)
SRV - [2009/07/23 21:10:38 | 000,061,440 | ---- | M] (Intuit Inc.) [On_Demand | Stopped] -- c:\Program Files\Common Files\Intuit\QuickBooks\FCS\Intuit.QuickBooks.FCS.exe -- (QBFCService)
SRV - [2009/04/22 16:24:30 | 001,803,592 | ---- | M] (Symantec Corporation) [Auto | Running] -- C:\Program Files\Symantec\Symantec Endpoint Protection\Smc.exe -- (SmcService)
SRV - [2009/04/22 16:14:20 | 001,768,376 | ---- | M] (Symantec Corporation) [Auto | Running] -- C:\Program Files\Symantec\Symantec Endpoint Protection\Rtvscan.exe -- (Symantec AntiVirus)
SRV - [2009/04/22 04:29:30 | 000,324,936 | ---- | M] (Symantec Corporation) [On_Demand | Stopped] -- C:\Program Files\Symantec\Symantec Endpoint Protection\SNAC.EXE -- (SNAC)
SRV - [2009/02/12 14:02:34 | 000,108,392 | ---- | M] (Symantec Corporation) [Auto | Running] -- C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe -- (ccSetMgr)
SRV - [2009/02/12 14:02:34 | 000,108,392 | ---- | M] (Symantec Corporation) [Auto | Running] -- C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe -- (ccEvtMgr)
SRV - [2009/01/29 11:11:06 | 003,093,880 | ---- | M] (Symantec Corporation) [On_Demand | Stopped] -- C:\Program Files\Symantec\LiveUpdate\LuComServer_3_3.EXE -- (LiveUpdate)
SRV - [2008/11/09 13:48:14 | 000,602,392 | ---- | M] (Yahoo! Inc.) [Auto | Running] -- C:\Program Files\Yahoo!\SoftwareUpdate\YahooAUService.exe -- (YahooAUService)
========== Driver Services (SafeList) ==========
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\ComboFix\catchme.sys -- (catchme)
DRV - [2010/03/19 17:07:34 | 000,123,952 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\SYMEVENT.SYS -- (SymEvent)
DRV - [2010/02/16 10:32:02 | 001,324,720 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\Program Files\Common Files\Symantec Shared\VirusDefs\20100510.002\NAVEX15.SYS -- (NAVEX15)
DRV - [2010/02/16 10:32:02 | 000,371,248 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Program Files\Common Files\Symantec Shared\EENGINE\eeCtrl.sys -- (eeCtrl)
DRV - [2010/02/16 10:32:02 | 000,102,448 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\Program Files\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys -- (EraserUtilRebootDrv)
DRV - [2010/02/16 10:32:02 | 000,084,912 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\Program Files\Common Files\Symantec Shared\VirusDefs\20100510.002\NAVENG.SYS -- (NAVENG)
DRV - [2010/02/12 15:21:27 | 000,023,456 | ---- | M] (Phoenix Technologies) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\DrvAgent32.sys -- (DrvAgent32)
DRV - [2010/01/12 17:57:06 | 000,162,048 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\WpsHelper.sys -- (WpsHelper)
DRV - [2009/09/18 15:32:06 | 000,045,184 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\HECI.sys -- (HECI) Intel®
DRV - [2009/09/04 12:23:48 | 000,239,120 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\e1e5132.sys -- (e1express) Intel®
DRV - [2009/04/22 16:26:04 | 000,042,312 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\WPSDRVnt.sys -- (WPS)
DRV - [2009/01/30 14:52:32 | 000,319,792 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\srtspl.sys -- (SRTSPL)
DRV - [2009/01/30 14:52:32 | 000,280,112 | ---- | M] (Symantec Corporation) [File_System | System | Running] -- C:\WINDOWS\system32\drivers\srtsp.sys -- (SRTSP)
DRV - [2009/01/30 14:52:32 | 000,043,824 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\srtspx.sys -- (SRTSPX)
DRV - [2008/12/12 11:33:58 | 006,048,768 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\igxpmp32.sys -- (ialm)
DRV - [2008/12/11 14:11:34 | 000,338,944 | ---- | M] (Analog Devices, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ADIHdAud.sys -- (ADIHdAudAddService)
DRV - [2008/11/18 19:17:08 | 000,023,888 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\COH_Mon.sys -- (COH_Mon)
DRV - [2008/10/14 13:24:18 | 000,049,536 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\Teefer2.sys -- (Teefer2)
DRV - [2008/09/09 15:54:42 | 000,421,424 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCDrv.sys -- (SPBBCDrv)
DRV - [2008/08/21 12:13:56 | 000,191,536 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\WINDOWS\System32\Drivers\SYMTDI.SYS -- (SYMTDI)
DRV - [2008/08/21 12:13:56 | 000,027,696 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\System32\Drivers\SYMREDRV.SYS -- (SYMREDRV)
DRV - [2008/04/13 16:00:00 | 000,144,384 | ---- | M] (Windows ® Server 2003 DDK provider) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\hdaudbus.sys -- (HDAudBus)
DRV - [2008/04/13 16:00:00 | 000,080,128 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\parport.sys -- (Parport)
DRV - [2008/04/13 16:00:00 | 000,024,576 | ---- | M] () [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\kbdclass.sys -- (Kbdclass)
DRV - [2008/03/28 12:14:02 | 000,024,064 | ---- | M] (Sonic Focus, Inc) [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\sfaudio.sys -- (SFAUDIO)
========== Standard Registry (SafeList) ==========
========== Internet Explorer ==========
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://us.rd.yahoo.c...//www.yahoo.com
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.yahoo.com
IE - HKCU\..\URLSearchHook: {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn0\yt.dll (Yahoo! Inc.)
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
========== FireFox ==========
FF - prefs.js..browser.search.defaultenginename: "Yahoo"
FF - prefs.js..browser.search.defaulturl: "http://search.yahoo....ch?fr=ffsp1&p="
FF - prefs.js..browser.search.order.1: "Yahoo"
FF - prefs.js..browser.search.order.2: ""
FF - prefs.js..browser.search.param.yahoo-fr: "chr-greentree_ff&type=937811"
FF - prefs.js..browser.search.selectedEngine: "Yahoo"
FF - prefs.js..browser.startup.homepage: "http://m.www.yahoo.c...14,6692,0,16,0"
FF - prefs.js..extensions.enabledItems: [email protected]:1.0
FF - prefs.js..extensions.enabledItems: {635abd67-4fe9-1b23-4f01-e679fa7484c1}:2.1.1.20091029021655
FF - prefs.js..extensions.enabledItems: [email protected]:1.2.3
FF - prefs.js..extensions.enabledItems: [email protected]:1.0
FF - prefs.js..extensions.enabledItems: {CC3C8D60-29D6-4880-B9D8-443C4CBA2BEC}:4.0
FF - prefs.js..extensions.netassistant.keyword.url: "http://click.w3i.com...93&searchterm="
FF - prefs.js..keyword.URL: "http://search.yahoo....type=937811&p="
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.8\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2010/07/26 15:07:37 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.8\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2010/07/26 15:07:37 | 000,000,000 | ---D | M]
[2010/02/19 17:52:05 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Mike\Application Data\Mozilla\Extensions
[2010/08/13 16:05:08 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Mike\Application Data\Mozilla\Firefox\Profiles\gut6ywdh.default\extensions
[2010/07/19 09:12:07 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Documents and Settings\Mike\Application Data\Mozilla\Firefox\Profiles\gut6ywdh.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}
[2010/03/29 11:42:03 | 000,000,000 | ---D | M] (Yahoo! Toolbar) -- C:\Documents and Settings\Mike\Application Data\Mozilla\Firefox\Profiles\gut6ywdh.default\extensions\{635abd67-4fe9-1b23-4f01-e679fa7484c1}
[2010/05/07 10:36:57 | 000,000,000 | ---D | M] (Freeze Toolbar) -- C:\Documents and Settings\Mike\Application Data\Mozilla\Firefox\Profiles\gut6ywdh.default\extensions\{CC3C8D60-29D6-4880-B9D8-443C4CBA2BEC}
[2010/08/13 16:05:08 | 000,000,000 | ---D | M] -- C:\Program Files\Mozilla Firefox\extensions
O1 HOSTS File: ([2010/03/19 16:40:50 | 000,001,951 | RHS- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: 74.125.45.100 4-open-davinci.com
O1 - Hosts: 74.125.45.100 securitysoftwarepayments.com
O1 - Hosts: 74.125.45.100 privatesecuredpayments.com
O1 - Hosts: 74.125.45.100 secure.privatesecuredpayments.com
O1 - Hosts: 74.125.45.100 getantivirusplusnow.com
O1 - Hosts: 74.125.45.100 secure-plus-payments.com
O1 - Hosts: 74.125.45.100 www.getantivirusplusnow.com
O1 - Hosts: 74.125.45.100 www.secure-plus-payments.com
O1 - Hosts: 74.125.45.100 www.getavplusnow.com
O1 - Hosts: 74.125.45.100 safebrowsing-cache.google.com
O1 - Hosts: 74.125.45.100 urs.microsoft.com
O1 - Hosts: 74.125.45.100 www.securesoftwarebill.com
O1 - Hosts: 74.125.45.100 secure.paysecuresystem.com
O1 - Hosts: 74.125.45.100 paysoftbillsolution.com
O1 - Hosts: 74.125.45.100 protected.maxisoftwaremart.com
O1 - Hosts: 84.19.171.6 www.google.com
O1 - Hosts: 84.19.171.6 google.com
O1 - Hosts: 84.19.171.6 google.com.au
O1 - Hosts: 84.19.171.6 www.google.com.au
O1 - Hosts: 84.19.171.6 google.be
O1 - Hosts: 84.19.171.6 www.google.be
O1 - Hosts: 84.19.171.6 google.com.br
O1 - Hosts: 84.19.171.6 www.google.com.br
O1 - Hosts: 84.19.171.6 google.ca
O1 - Hosts: 38 more lines...
O2 - BHO: (&Yahoo! Toolbar Helper) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn0\yt.dll (Yahoo! Inc.)
O2 - BHO: (Yahooo Search Protection) - {25BC7718-0BFA-40EA-B381-4B2D9732D686} - C:\Program Files\Yahoo!\Search Protection\ysp.dll (Yahoo! Inc.)
O2 - BHO: (Spybot-S&D IE Protection) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
O2 - BHO: (YouTube Downloader Toolbar) - {F3FEE66E-E034-436a-86E4-9690573BEE8A} - C:\Program Files\YouTube Downloader Toolbar\IE\1.0\youtubedownloaderToolbarIE.dll (Spigot, Inc.)
O2 - BHO: (SingleInstance Class) - {FDAD4DA1-61A2-4FD8-9C17-86F7AC245081} - C:\Program Files\Yahoo!\Companion\Installs\cpn0\YTSingleInstance.dll (Yahoo! Inc)
O3 - HKLM\..\Toolbar: (RefresherBand Class) - {B24BA06E-FB7B-4757-95C2-DC01125F750E} - C:\Program Files\YRefresher\YRefresher.dll ()
O3 - HKLM\..\Toolbar: (Yahoo! Toolbar) - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn0\yt.dll (Yahoo! Inc.)
O3 - HKLM\..\Toolbar: (YouTube Downloader Toolbar) - {F3FEE66E-E034-436a-86E4-9690573BEE8A} - C:\Program Files\YouTube Downloader Toolbar\IE\1.0\youtubedownloaderToolbarIE.dll (Spigot, Inc.)
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {472734EA-242A-422B-ADF8-83D1E48CC825} - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (RefresherBand Class) - {B24BA06E-FB7B-4757-95C2-DC01125F750E} - C:\Program Files\YRefresher\YRefresher.dll ()
O3 - HKCU\..\Toolbar\WebBrowser: (Yahoo! Toolbar) - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn0\yt.dll (Yahoo! Inc.)
O4 - HKLM..\Run: [Intuit SyncManager] c:\Program Files\Common Files\Intuit\Sync\IntuitSyncManager.exe (Intuit Inc. All rights reserved.)
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\QuickBooks Update Agent.lnk = C:\Program Files\Common Files\Intuit\QuickBooks\QBUpdate\qbupdate.exe (Intuit Inc.)
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Main present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O9 - Extra 'Tools' menuitem : Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
O16 - DPF: {02BF25D5-8C17-4B23-BC80-D3488ABDDC6B} http://www.apple.com...ex/qtplugin.cab (QuickTime Plugin Control)
O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} http://download.bitd...can8/oscan8.cab (BDSCANONLINE Control)
O16 - DPF: {83A4D5A6-E2C1-4EDD-AD48-1A1C50BD06EF} https://web02.farvv....geUploader6.cab (Image Uploader Control)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_18)
O16 - DPF: {CAFEEFAC-0016-0000-0018-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_18)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_18)
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.ad...Plus/1.6/gp.cab (Reg Error: Key error.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.254
O18 - Protocol\Handler\intu-help-qb3 {c5e479ea-0a65-4b05-8c6c-2fc8cc682eb4} - c:\Program Files\Intuit\QuickBooks 2010\HelpAsyncPluggableProtocol.dll (Intuit, Inc.)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - HKCU Winlogon: Shell - ("C:\Documents and Settings\All Users\Application Data\b5c0829\SGb5c0.exe") - C:\Documents and Settings\All Users\Application Data\b5c0829\SGb5c0.exe File not found
O20 - HKCU Winlogon: Shell - (/s /d) - File not found
O20 - Winlogon\Notify\igfxcui: DllName - igfxdev.dll - C:\WINDOWS\System32\igfxdev.dll (Intel Corporation)
O24 - Desktop WallPaper: C:\Documents and Settings\Mike\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O24 - Desktop BackupWallPaper: C:\Documents and Settings\Mike\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2010/02/12 12:58:31 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O33 - MountPoints2\{414d2286-2330-11df-9f72-001e0bae9ead}\Shell - "" = AutoRun
O33 - MountPoints2\{414d2286-2330-11df-9f72-001e0bae9ead}\Shell\AutoRun - "" = Auto&Play
O33 - MountPoints2\{414d2286-2330-11df-9f72-001e0bae9ead}\Shell\AutoRun\command - "" = E:\LaunchU3.exe -- File not found
O33 - MountPoints2\{5b064059-5222-11df-9f86-001e0bae9ead}\Shell - "" = AutoRun
O33 - MountPoints2\{5b064059-5222-11df-9f86-001e0bae9ead}\Shell\AutoRun - "" = Auto&Play
O33 - MountPoints2\{5b064059-5222-11df-9f86-001e0bae9ead}\Shell\AutoRun\command - "" = D:\LaunchU3.exe -- File not found
O33 - MountPoints2\{7d30e194-181f-11df-9f52-96af9e21b670}\Shell\AutoRun\command - "" = E:\setup.exe -- File not found
O33 - MountPoints2\{8b685186-a58a-11df-9f9a-001e0bae9ead}\Shell - "" = AutoRun
O33 - MountPoints2\{8b685186-a58a-11df-9f9a-001e0bae9ead}\Shell\AutoRun - "" = Auto&Play
O33 - MountPoints2\{8b685186-a58a-11df-9f9a-001e0bae9ead}\Shell\AutoRun\command - "" = D:\LaunchU3.exe -- File not found
O33 - MountPoints2\{93242f5c-33b4-11df-9f7d-001e0bae9ead}\Shell - "" = AutoRun
O33 - MountPoints2\{93242f5c-33b4-11df-9f7d-001e0bae9ead}\Shell\AutoRun - "" = Auto&Play
O33 - MountPoints2\{93242f5c-33b4-11df-9f7d-001e0bae9ead}\Shell\AutoRun\command - "" = F:\LaunchU3.exe -- File not found
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = ComFile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
NetSvcs: 6to4 - File not found
NetSvcs: HidServ - C:\WINDOWS\System32\hidserv.dll File not found
NetSvcs: Ias - File not found
NetSvcs: Iprip - File not found
NetSvcs: Irmon - File not found
NetSvcs: NWCWorkstation - File not found
NetSvcs: Nwsapagent - File not found
NetSvcs: WmdmPmSp - File not found
CREATERESTOREPOINT
Restore point Set: OTL Restore Point (17746534284132352)
========== Files/Folders - Created Within 90 Days ==========
[2010/08/16 12:49:34 | 000,575,488 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\Mike\Desktop\OTL.exe
[2010/08/16 12:05:13 | 000,000,000 | ---D | C] -- C:\Program Files\ERUNT
[2010/08/16 11:41:42 | 000,000,000 | RH-D | C] -- C:\Documents and Settings\Mike\Recent
[2010/08/16 11:33:12 | 000,000,000 | ---D | C] -- C:\WINDOWS\BDOSCAN8
[2010/08/16 10:34:27 | 000,000,000 | ---D | C] -- C:\Program Files\Trend Micro
[2010/08/10 14:22:56 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Mike\Desktop\13
[2010/07/29 11:51:27 | 000,000,000 | ---D | C] -- C:\Program Files\iSymphony
[2010/07/29 11:51:16 | 022,497,545 | ---- | C] (i9Technologoies) -- C:\Documents and Settings\Mike\My Documents\iSymphony client-2.1.15b-rev1678-win32.exe
[2010/07/16 03:25:57 | 000,000,000 | ---D | C] -- C:\Documents and Settings\LocalService\Local Settings\Application Data\Intuit
[2010/07/15 17:53:18 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\SWF Studio
[2010/07/15 08:30:05 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Mike\Local Settings\Application Data\Intuit
[2010/07/15 08:29:33 | 004,194,304 | ---- | C] (Amyuni Technologies
http://www.amyuni.com) -- C:\WINDOWS\System32\cdintf400.dll
[2010/07/15 08:26:04 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Nuance
[2010/07/15 08:26:04 | 000,000,000 | ---D | C] -- C:\Program Files\Intuit
[2010/07/15 08:26:04 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Intuit
[2010/07/15 08:26:04 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Documents\Intuit
[2010/07/15 08:26:04 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Intuit
[2010/07/15 08:25:28 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\SQL Anywhere 11
[2010/07/15 08:24:38 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\COMMON FILES
[2010/07/15 08:22:48 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\XPSViewer
[2010/07/15 08:22:45 | 000,000,000 | ---D | C] -- C:\Program Files\MSBuild
[2010/07/15 08:22:36 | 000,000,000 | ---D | C] -- C:\Program Files\Reference Assemblies
[2010/07/15 08:21:56 | 000,000,000 | ---D | C] -- C:\37ae3251e2e7fe374f0c9325db10d120
[2010/07/15 08:21:10 | 000,000,000 | R-SD | C] -- C:\WINDOWS\assembly
[2010/07/15 08:20:47 | 000,000,000 | ---D | C] -- C:\WINDOWS\Microsoft.NET
[2010/07/15 08:19:30 | 000,000,000 | ---D | C] -- C:\Program Files\MSXML 4.0
[2010/07/15 08:12:24 | 489,204,736 | ---- | C] (Intuit, Inc. ) -- C:\Documents and Settings\Mike\Desktop\QuickBooksSimpleStartFree2010.exe
[2010/07/15 08:12:23 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Mike\Application Data\Download Manager
[2010/07/15 08:12:22 | 000,000,000 | ---D | C] -- C:\Program Files\Akamai
[2010/07/14 19:06:52 | 000,000,000 | ---D | C] -- C:\Program Files\Spybot - Search & Destroy
[2010/07/14 19:06:52 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy
[2010/07/14 19:05:25 | 000,000,000 | ---D | C] -- C:\Program Files\CCleaner
[2010/07/14 12:21:04 | 000,000,000 | ---D | C] -- C:\WINDOWS\Intuit
[2010/07/13 15:46:03 | 000,000,000 | -HSD | C] -- C:\Documents and Settings\Mike\PrivacIE
[2010/07/13 11:18:09 | 000,000,000 | -HSD | C] -- C:\Documents and Settings\Mike\IETldCache
[2010/07/13 11:11:13 | 000,000,000 | ---D | C] -- C:\WINDOWS\ie8updates
[2010/07/13 11:10:58 | 000,000,000 | ---D | C] -- C:\WINDOWS\WBEM
[2010/07/13 11:09:52 | 000,000,000 | -H-D | C] -- C:\WINDOWS\ie8
[2010/07/13 10:56:14 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Windows Genuine Advantage
[2010/07/13 10:55:27 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\PreInstall
[2010/07/13 10:55:25 | 000,000,000 | -H-D | C] -- C:\WINDOWS\$hf_mig$
[2010/07/13 10:53:41 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\SoftwareDistribution
[2010/07/09 09:56:54 | 000,000,000 | ---D | C] -- C:\Documents and Settings\NetworkService\Application Data\Sun
[2010/06/24 14:44:57 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Mike\Desktop\Chucks show
[2010/06/24 14:44:16 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Mike\Desktop\Unused Desktop Shortcuts
[2010/06/24 09:44:57 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Mike\Local Settings\Application Data\Unity
[2010/06/18 16:58:33 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Mike\My Documents\Video Backs
[2010/06/18 16:58:32 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Mike\My Documents\tower dog
[2010/06/18 16:58:28 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Mike\My Documents\religious comm
[2010/06/18 15:24:54 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Mike\Application Data\U3
[2010/06/17 10:44:59 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\ParetoLogic
[2010/06/17 10:44:59 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\ParetoLogic
[2010/06/17 10:44:59 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\FileCure
[2010/06/17 10:44:58 | 000,000,000 | ---D | C] -- C:\Program Files\ParetoLogic
[2010/05/28 11:01:42 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Mike\Application Data\EurekaLog
[2 C:\Documents and Settings\Mike\My Documents\*.tmp files -> C:\Documents and Settings\Mike\My Documents\*.tmp -> ]
========== Files - Modified Within 90 Days ==========
[2099/01/01 12:00:00 | 000,042,496 | -HS- | M] () -- C:\WINDOWS\System32\jidegufa.exe
[2010/08/16 12:53:41 | 000,508,956 | ---- | M] () -- C:\WINDOWS\System32\PerfStringBackup.INI
[2010/08/16 12:53:41 | 000,432,686 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
[2010/08/16 12:53:41 | 000,067,516 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
[2010/08/16 12:49:23 | 000,013,646 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2010/08/16 12:49:08 | 000,000,378 | ---- | M] () -- C:\WINDOWS\tasks\FileCure Startup.job
[2010/08/16 12:49:08 | 000,000,006 | -H-- | M] () -- C:\WINDOWS\tasks\SA.DAT
[2010/08/16 12:49:04 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2010/08/16 12:12:37 | 008,126,464 | -H-- | M] () -- C:\Documents and Settings\Mike\NTUSER.DAT
[2010/08/16 12:12:15 | 000,000,178 | -HS- | M] () -- C:\Documents and Settings\Mike\ntuser.ini
[2010/08/16 12:05:17 | 000,000,611 | ---- | M] () -- C:\Documents and Settings\Mike\Desktop\NTREGOPT.lnk
[2010/08/16 12:05:17 | 000,000,592 | ---- | M] () -- C:\Documents and Settings\Mike\Desktop\ERUNT.lnk
[2010/08/16 12:01:58 | 000,575,488 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Mike\Desktop\OTL.exe
[2010/08/16 11:13:04 | 000,002,445 | ---- | M] () -- C:\Documents and Settings\Mike\Desktop\HiJackThis.lnk
[2010/08/16 11:06:11 | 000,000,036 | ---- | M] () -- C:\Documents and Settings\Mike\Local Settings\Application Data\housecall.guid.cache
[2010/08/16 10:48:27 | 000,000,645 | ---- | M] () -- C:\WINDOWS\System32\drivers\etc\hosts.new
[2010/08/16 09:56:56 | 000,000,573 | ---- | M] () -- C:\WINDOWS\win.ini
[2010/08/16 09:56:56 | 000,000,281 | RHS- | M] () -- C:\boot.ini
[2010/08/16 09:56:56 | 000,000,227 | ---- | M] () -- C:\WINDOWS\system.ini
[2010/08/15 18:00:00 | 000,000,442 | ---- | M] () -- C:\WINDOWS\tasks\ParetoLogic Registration3.job
[2010/08/15 00:56:02 | 000,000,416 | ---- | M] () -- C:\WINDOWS\tasks\ParetoLogic Update Version3.job
[2010/08/14 01:15:00 | 000,000,362 | ---- | M] () -- C:\WINDOWS\tasks\FileCure Default.job
[2010/08/13 09:40:32 | 000,166,912 | ---- | M] () -- C:\Documents and Settings\Mike\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2010/08/11 03:23:40 | 000,224,816 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2010/08/11 03:02:34 | 000,000,175 | ---- | M] () -- C:\WINDOWS\System32\MRT.INI
[2010/08/09 12:29:41 | 000,022,016 | ---- | M] () -- C:\Documents and Settings\Mike\My Documents\Hosts weekly attendance.doc
[2010/08/09 10:12:41 | 000,025,600 | ---- | M] () -- C:\Documents and Settings\Mike\My Documents\Warning letter.doc
[2010/07/29 16:31:15 | 000,019,968 | ---- | M] () -- C:\Documents and Settings\Mike\My Documents\Current Commercials.doc
[2010/07/29 11:51:19 | 022,497,545 | ---- | M] (i9Technologoies) -- C:\Documents and Settings\Mike\My Documents\iSymphony client-2.1.15b-rev1678-win32.exe
[2010/07/27 11:29:36 | 000,023,040 | ---- | M] () -- C:\Documents and Settings\Mike\My Documents\a list of all advertisiers.doc
[2010/07/20 11:23:59 | 000,020,480 | ---- | M] () -- C:\Documents and Settings\Mike\My Documents\A list of all our shows.doc
[2010/07/20 09:49:54 | 000,000,090 | ---- | M] () -- C:\WINDOWS\QBChanUtil_Trigger.ini
[2010/07/15 08:34:57 | 010,771,456 | ---- | M] () -- C:\Documents and Settings\Mike\Desktop\CC and MBP QB (Portable).QBM
[2010/07/15 08:30:14 | 000,050,424 | ---- | M] () -- C:\Documents and Settings\Mike\Local Settings\Application Data\GDIPFONTCACHEV1.DAT
[2010/07/15 08:29:24 | 000,002,109 | ---- | M] () -- C:\Documents and Settings\All Users\Start Menu\Programs\Startup\QuickBooks Update Agent.lnk
[2010/07/15 08:29:24 | 000,001,913 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\QuickBooks Simple Start Free Edition.lnk
[2010/07/15 08:16:26 | 489,204,736 | ---- | M] (Intuit, Inc. ) -- C:\Documents and Settings\Mike\Desktop\QuickBooksSimpleStartFree2010.exe
[2010/07/15 08:12:23 | 000,000,435 | ---- | M] () -- C:\Documents and Settings\Mike\Desktop\Setup_QuickBooksSimpleStartFree2010.lnk
[2010/07/14 19:06:58 | 000,000,951 | ---- | M] () -- C:\Documents and Settings\Mike\Application Data\Microsoft\Internet Explorer\Quick Launch\Spybot - Search & Destroy.lnk
[2010/07/14 19:06:58 | 000,000,933 | ---- | M] () -- C:\Documents and Settings\Mike\Desktop\Spybot - Search & Destroy.lnk
[2010/07/14 19:05:26 | 000,000,682 | ---- | M] () -- C:\Documents and Settings\Mike\Desktop\CCleaner.lnk
[2010/07/13 11:18:13 | 000,000,815 | ---- | M] () -- C:\Documents and Settings\Mike\Application Data\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk
[2010/07/13 11:16:29 | 004,835,784 | -H-- | M] () -- C:\Documents and Settings\Mike\Local Settings\Application Data\IconCache.db
[2010/07/13 11:01:26 | 000,000,664 | ---- | M] () -- C:\WINDOWS\System32\d3d9caps.dat
[2010/07/13 10:53:55 | 000,001,729 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Adobe Reader 9.lnk
[2010/07/02 15:18:04 | 000,262,144 | ---- | M] () -- C:\Documents and Settings\All Users\ntuser.dat
[2010/07/02 15:17:32 | 000,000,820 | ---- | M] () -- C:\Documents and Settings\Mike\Application Data\Microsoft\Internet Explorer\Quick Launch\Yahoo! Messenger.lnk
[2010/07/02 15:17:32 | 000,000,802 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Yahoo! Messenger.lnk
[2010/06/25 14:37:09 | 005,209,340 | ---- | M] () -- C:\Documents and Settings\Mike\Desktop\YouTube- Multiple Stab Wounds May Be Harmful To Monkeys.25&id=710ec9ed48ec46a8
[2010/06/25 14:31:43 | 009,952,494 | ---- | M] () -- C:\Documents and Settings\Mike\Desktop\YouTube- Are We Giving Robots Too Much Power.25&id=386c5d80d27f9593
[2010/06/22 12:08:25 | 000,166,503 | ---- | M] () -- C:\Documents and Settings\Mike\My Documents\sheldon 1.JPG
[2010/06/17 10:44:59 | 000,000,912 | ---- | M] () -- C:\Documents and Settings\Mike\Application Data\Microsoft\Internet Explorer\Quick Launch\ParetoLogic FileCure.lnk
[2010/06/16 15:49:42 | 000,020,480 | ---- | M] () -- C:\Documents and Settings\Mike\My Documents\The Guys Who Like to Eat.doc
[2010/06/16 12:08:44 | 220,905,469 | ---- | M] () -- C:\Documents and Settings\Mike\My Documents\Mommy Talk 6-15-10.wmv
[2010/06/11 17:37:13 | 000,038,400 | ---- | M] () -- C:\Documents and Settings\Mike\My Documents\TEMP. TIME CARD.doc
[2010/06/11 16:09:24 | 022,826,090 | ---- | M] () -- C:\Documents and Settings\Mike\My Documents\drunk history- alexander hamilton.wmv
[2010/06/11 15:44:28 | 010,895,423 | ---- | M] () -- C:\Documents and Settings\Mike\My Documents\YouTube- Drunk History vol. 1 - Featuring Michael Cera.wmv
[2010/06/11 12:29:49 | 000,022,016 | ---- | M] () -- C:\Documents and Settings\Mike\My Documents\Central Valley Talk Show Agreement.doc
[2010/06/11 10:35:51 | 000,020,992 | ---- | M] () -- C:\Documents and Settings\Mike\My Documents\James Muniz.doc
[2010/05/26 17:11:42 | 002,369,003 | ---- | M] () -- C:\Documents and Settings\Mike\My Documents\YouTube- Ardi Rizal Smoking VIDEO Sumatran 2-Year Old Smokes 40 Cigarettes A Day.wmv
[2010/05/26 11:21:48 | 003,632,985 | ---- | M] () -- C:\Documents and Settings\Mike\My Documents\Suns Top Lakers to Even Series.wmv
[2010/05/26 11:19:56 | 001,997,695 | ---- | M] () -- C:\Documents and Settings\Mike\My Documents\Owner of Chimpanzee in Conn. Mauling Dies at 72.wmv
[2010/05/26 11:17:36 | 003,866,561 | ---- | M] () -- C:\Documents and Settings\Mike\My Documents\Outdoors Super Bowl for NJ in 2014.wmv
[2010/05/26 11:15:58 | 002,871,391 | ---- | M] () -- C:\Documents and Settings\Mike\My Documents\ShowBiz Minute McCready, James, Scherzinger.wmv
[2010/05/26 11:14:22 | 003,796,269 | ---- | M] () -- C:\Documents and Settings\Mike\My Documents\Baby Lives After Stroller Hit by Train.wmv
[2010/05/26 10:23:26 | 191,681,559 | ---- | M] () -- C:\Documents and Settings\Mike\My Documents\52410 White House Press Briefing.wmv
[2010/05/25 16:39:04 | 000,021,504 | ---- | M] () -- C:\Documents and Settings\Mike\My Documents\Hardship Letter.doc
[2010/05/20 15:25:00 | 000,000,162 | -H-- | M] () -- C:\Documents and Settings\Mike\My Documents\~$ntral Valley Talk Show Agreement.doc
[2 C:\Documents and Settings\Mike\My Documents\*.tmp files -> C:\Documents and Settings\Mike\My Documents\*.tmp -> ]
========== Files Created - No Company Name ==========
[2099/01/01 12:00:00 | 000,042,496 | -HS- | C] () -- C:\WINDOWS\System32\jidegufa.exe
[2010/08/16 12:17:00 | 000,293,376 | ---- | C] () -- C:\Documents and Settings\Mike\Desktop\gmer.exe
[2010/08/16 12:05:17 | 000,000,611 | ---- | C] () -- C:\Documents and Settings\Mike\Desktop\NTREGOPT.lnk
[2010/08/16 12:05:17 | 000,000,592 | ---- | C] () -- C:\Documents and Settings\Mike\Desktop\ERUNT.lnk
[2010/08/16 11:06:11 | 000,000,036 | ---- | C] () -- C:\Documents and Settings\Mike\Local Settings\Application Data\housecall.guid.cache
[2010/08/16 10:34:27 | 000,002,445 | ---- | C] () -- C:\Documents and Settings\Mike\Desktop\HiJackThis.lnk
[2010/08/11 03:02:34 | 000,000,175 | ---- | C] () -- C:\WINDOWS\System32\MRT.INI
[2010/08/09 12:22:21 | 000,022,016 | ---- | C] () -- C:\Documents and Settings\Mike\My Documents\Hosts weekly attendance.doc
[2010/08/06 15:02:35 | 000,025,600 | ---- | C] () -- C:\Documents and Settings\Mike\My Documents\Warning letter.doc
[2010/07/29 16:31:15 | 000,019,968 | ---- | C] () -- C:\Documents and Settings\Mike\My Documents\Current Commercials.doc
[2010/07/26 16:53:17 | 000,023,040 | ---- | C] () -- C:\Documents and Settings\Mike\My Documents\a list of all advertisiers.doc
[2010/07/20 11:23:58 | 000,020,480 | ---- | C] () -- C:\Documents and Settings\Mike\My Documents\A list of all our shows.doc
[2010/07/15 08:34:57 | 010,771,456 | ---- | C] () -- C:\Documents and Settings\Mike\Desktop\CC and MBP QB (Portable).QBM
[2010/07/15 08:29:24 | 000,002,109 | ---- | C] () -- C:\Documents and Settings\All Users\Start Menu\Programs\Startup\QuickBooks Update Agent.lnk
[2010/07/15 08:29:24 | 000,001,913 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\QuickBooks Simple Start Free Edition.lnk
[2010/07/15 08:25:28 | 000,000,090 | ---- | C] () -- C:\WINDOWS\QBChanUtil_Trigger.ini
[2010/07/15 08:12:23 | 000,000,435 | ---- | C] () -- C:\Documents and Settings\Mike\Desktop\Setup_QuickBooksSimpleStartFree2010.lnk
[2010/07/14 19:06:58 | 000,000,951 | ---- | C] () -- C:\Documents and Settings\Mike\Application Data\Microsoft\Internet Explorer\Quick Launch\Spybot - Search & Destroy.lnk
[2010/07/14 19:06:58 | 000,000,933 | ---- | C] () -- C:\Documents and Settings\Mike\Desktop\Spybot - Search & Destroy.lnk
[2010/07/14 19:05:26 | 000,000,682 | ---- | C] () -- C:\Documents and Settings\Mike\Desktop\CCleaner.lnk
[2010/07/13 10:53:55 | 000,001,729 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Adobe Reader 9.lnk
[2010/07/09 09:55:40 | 000,000,664 | ---- | C] () -- C:\WINDOWS\System32\d3d9caps.dat
[2010/07/02 15:18:04 | 000,262,144 | ---- | C] () -- C:\Documents and Settings\All Users\ntuser.dat
[2010/07/02 15:18:04 | 000,001,024 | -H-- | C] () -- C:\Documents and Settings\All Users\ntuser.dat.LOG
[2010/07/02 15:17:32 | 000,000,820 | ---- | C] () -- C:\Documents and Settings\Mike\Application Data\Microsoft\Internet Explorer\Quick Launch\Yahoo! Messenger.lnk
[2010/07/02 15:17:32 | 000,000,802 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Yahoo! Messenger.lnk
[2010/06/25 14:37:09 | 005,209,340 | ---- | C] () -- C:\Documents and Settings\Mike\Desktop\YouTube- Multiple Stab Wounds May Be Harmful To Monkeys.25&id=710ec9ed48ec46a8
[2010/06/25 14:31:43 | 009,952,494 | ---- | C] () -- C:\Documents and Settings\Mike\Desktop\YouTube- Are We Giving Robots Too Much Power.25&id=386c5d80d27f9593
[2010/06/22 12:08:25 | 000,166,503 | ---- | C] () -- C:\Documents and Settings\Mike\My Documents\sheldon 1.JPG
[2010/06/18 16:59:24 | 004,161,105 | ---- | C] () -- C:\Documents and Settings\Mike\My Documents\YouTube- ShowBiz Minute Woods, Gosselin, Houston.wmv
[2010/06/18 16:59:24 | 002,369,003 | ---- | C] () -- C:\Documents and Settings\Mike\My Documents\YouTube- Ardi Rizal Smoking VIDEO Sumatran 2-Year Old Smokes 40 Cigarettes A Day.wmv
[2010/06/18 16:59:24 | 000,000,296 | ---- | C] () -- C:\Documents and Settings\Mike\My Documents\WMPInfo.xml
[2010/06/18 16:59:23 | 003,632,985 | ---- | C] () -- C:\Documents and Settings\Mike\My Documents\Suns Top Lakers to Even Series.wmv
[2010/06/18 16:59:23 | 003,070,464 | ---- | C] () -- C:\Documents and Settings\Mike\My Documents\Rob T 1.MSWMM
[2010/06/18 16:59:23 | 002,871,391 | ---- | C] () -- C:\Documents and Settings\Mike\My Documents\ShowBiz Minute McCready, James, Scherzinger.wmv
[2010/06/18 16:59:23 | 001,997,695 | ---- | C] () -- C:\Documents and Settings\Mike\My Documents\Owner of Chimpanzee in Conn. Mauling Dies at 72.wmv
[2010/06/18 16:59:23 | 000,244,224 | ---- | C] () -- C:\Documents and Settings\Mike\My Documents\tina wigs.MSWMM
[2010/06/18 16:59:23 | 000,043,008 | ---- | C] () -- C:\Documents and Settings\Mike\My Documents\top hr. comm.MSWMM
[2010/06/18 16:59:22 | 008,920,671 | ---- | C] () -- C:\Documents and Settings\Mike\My Documents\new mad town_0001.wmv
[2010/06/18 16:59:22 | 003,866,561 | ---- | C] () -- C:\Documents and Settings\Mike\My Documents\Outdoors Super Bowl for NJ in 2014.wmv
[2010/06/18 16:59:22 | 000,096,648 | ---- | C] () -- C:\Documents and Settings\Mike\My Documents\model 2.jpg
[2010/06/18 16:59:22 | 000,033,484 | ---- | C] () -- C:\Documents and Settings\Mike\My Documents\model 4.jpg
[2010/06/18 16:59:22 | 000,022,828 | ---- | C] () -- C:\Documents and Settings\Mike\My Documents\model 6.jpg
[2010/06/18 16:59:22 | 000,013,253 | ---- | C] () -- C:\Documents and Settings\Mike\My Documents\model 3.jpg
[2010/06/18 16:59:22 | 000,012,836 | ---- | C] () -- C:\Documents and Settings\Mike\My Documents\model 1.jpg
[2010/06/18 16:59:21 | 009,501,825 | ---- | C] () -- C:\Documents and Settings\Mike\My Documents\Loopme_87.wmv
[2010/06/18 16:59:21 | 001,110,016 | R--- | C] () -- C:\Documents and Settings\Mike\My Documents\LaunchU3.exe
[2010/06/18 16:59:20 | 007,233,182 | ---- | C] () -- C:\Documents and Settings\Mike\My Documents\John Warona.wmv
[2010/06/18 16:59:20 | 000,008,605 | ---- | C] () -- C:\Documents and Settings\Mike\My Documents\jade hall.jpg
[2010/06/18 16:59:19 | 012,829,981 | ---- | C] () -- C:\Documents and Settings\Mike\My Documents\Good Take.wmv
[2010/06/18 16:59:19 | 003,165,696 | ---- | C] () -- C:\Documents and Settings\Mike\My Documents\erica bummper.MSWMM
[2010/06/18 16:59:18 | 022,826,090 | ---- | C] () -- C:\Documents and Settings\Mike\My Documents\drunk history- alexander hamilton.wmv
[2010/06/18 16:59:18 | 000,041,528 | ---- | C] () -- C:\Documents and Settings\Mike\My Documents\bobbyjoeneelyomb.jpg
[2010/06/18 16:59:17 | 032,495,043 | ---- | C] () -- C:\Documents and Settings\Mike\My Documents\barbara hunt.wmv
[2010/06/18 16:59:17 | 004,304,791 | ---- | C] () -- C:\Documents and Settings\Mike\My Documents\Avadis Ad-1.wmv
[2010/06/18 16:59:17 | 003,796,269 | ---- | C] () -- C:\Documents and Settings\Mike\My Documents\Baby Lives After Stroller Hit by Train.wmv
[2010/06/18 16:59:09 | 191,681,559 | ---- | C] () -- C:\Documents and Settings\Mike\My Documents\52410 White House Press Briefing.wmv
[2010/06/18 16:59:09 | 000,081,920 | ---- | C] () -- C:\Documents and Settings\Mike\My Documents\30 min. comm.MSWMM
[2010/06/18 15:17:21 | 220,905,469 | ---- | C] () -- C:\Documents and Settings\Mike\My Documents\Mommy Talk 6-15-10.wmv
[2010/06/17 10:45:05 | 000,000,442 | ---- | C] () -- C:\WINDOWS\tasks\ParetoLogic Registration3.job
[2010/06/17 10:45:01 | 000,000,378 | ---- | C] () -- C:\WINDOWS\tasks\FileCure Startup.job
[2010/06/17 10:45:00 | 000,000,362 | ---- | C] () -- C:\WINDOWS\tasks\FileCure Default.job
[2010/06/17 10:44:59 | 000,000,912 | ---- | C] () -- C:\Documents and Settings\Mike\Application Data\Microsoft\Internet Explorer\Quick Launch\ParetoLogic FileCure.lnk
[2010/06/17 10:44:59 | 000,000,416 | ---- | C] () -- C:\WINDOWS\tasks\ParetoLogic Update Version3.job
[2010/06/16 15:48:41 | 000,020,480 | ---- | C] () -- C:\Documents and Settings\Mike\My Documents\The Guys Who Like to Eat.doc
[2010/06/11 17:29:44 | 000,038,400 | ---- | C] () -- C:\Documents and Settings\Mike\My Documents\TEMP. TIME CARD.doc
[2010/06/11 15:48:06 | 010,895,423 | ---- | C] () -- C:\Documents and Settings\Mike\My Documents\YouTube- Drunk History vol. 1 - Featuring Michael Cera.wmv
[2010/06/11 10:25:32 | 000,020,992 | ---- | C] () -- C:\Documents and Settings\Mike\My Documents\James Muniz.doc
[2010/05/25 16:31:10 | 000,021,504 | ---- | C] () -- C:\Documents and Settings\Mike\My Documents\Hardship Letter.doc
[2010/05/20 15:25:00 | 000,022,016 | ---- | C] () -- C:\Documents and Settings\Mike\My Documents\Central Valley Talk Show Agreement.doc
[2010/05/20 15:25:00 | 000,000,162 | -H-- | C] () -- C:\Documents and Settings\Mike\My Documents\~$ntral Valley Talk Show Agreement.doc
[2010/03/16 16:35:09 | 000,000,600 | ---- | C] () -- C:\Documents and Settings\Mike\Local Settings\Application Data\PUTTY.RND
[2010/02/17 12:43:06 | 000,166,912 | ---- | C] () -- C:\Documents and Settings\Mike\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2010/02/16 16:26:16 | 000,000,376 | ---- | C] () -- C:\WINDOWS\ODBC.INI
[2010/02/16 15:32:41 | 000,767,952 | ---- | C] () -- C:\WINDOWS\BDTSupport.dll.old
[2010/02/12 15:04:13 | 000,147,456 | ---- | C] () -- C:\WINDOWS\System32\igfxCoIn_v5016.dll
[2009/01/05 15:44:10 | 000,000,453 | ---- | C] () -- C:\WINDOWS\bdoscandellang.ini
[2008/04/13 17:10:12 | 000,080,128 | ---- | C] () -- C:\WINDOWS\System32\drivers\parport.sys
[2008/04/13 16:00:00 | 000,024,576 | ---- | C] () -- C:\WINDOWS\System32\drivers\kbdclass.sys
[2003/01/07 08:05:08 | 000,002,695 | ---- | C] () -- C:\WINDOWS\System32\OUTLPERF.INI
========== LOP Check ==========
[2010/07/15 08:25:27 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\COMMON FILES
[2010/05/07 10:36:54 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\EmailNotifier
[2010/06/17 10:44:59 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\FileCure
[2010/07/15 08:26:04 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Nuance
[2010/06/17 10:44:59 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\ParetoLogic
[2010/03/19 12:00:29 | 000,000,000 | -HSD | M] -- C:\Documents and Settings\All Users\Application Data\SGNSD
[2010/07/15 08:35:40 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\SQL Anywhere 11
[2010/02/16 15:47:20 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\TEMP
[2010/05/07 10:42:00 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Winferno
[2010/05/28 11:01:42 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Mike\Application Data\EurekaLog
[2010/05/07 10:37:21 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Mike\Application Data\FinalMediaPlayer
[2010/02/16 17:03:31 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Mike\Application Data\GrabIt
[2010/07/14 12:23:00 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Mike\Application Data\myfreezetoolbar
[2010/05/07 10:39:37 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Mike\Application Data\PC Speed Maximizer
[2010/04/21 18:05:13 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Mike\Application Data\Search Settings
[2010/03/29 11:42:05 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Mike\Application Data\WeatherBug
[2010/04/21 18:05:10 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Mike\Application Data\YouTube Downloader
[2010/08/14 01:15:00 | 000,000,362 | ---- | M] () -- C:\WINDOWS\Tasks\FileCure Default.job
[2010/08/16 12:49:08 | 000,000,378 | ---- | M] () -- C:\WINDOWS\Tasks\FileCure Startup.job
[2010/08/15 18:00:00 | 000,000,442 | ---- | M] () -- C:\WINDOWS\Tasks\ParetoLogic Registration3.job
[2010/08/15 00:56:02 | 000,000,416 | ---- | M] () -- C:\WINDOWS\Tasks\ParetoLogic Update Version3.job
========== Purity Check ==========
========== Custom Scans ==========
< %SYSTEMDRIVE%\*.* >
[2010/02/12 12:58:31 | 000,000,000 | ---- | M] () -- C:\AUTOEXEC.BAT
[2010/02/12 12:54:21 | 000,000,211 | ---- | M] () -- C:\Boot.bak
[2010/08/16 09:56:56 | 000,000,281 | RHS- | M] () -- C:\boot.ini
[2004/08/04 00:00:00 | 000,260,272 | ---- | M] () -- C:\cmldr
[2010/03/19 16:07:29 | 000,014,041 | ---- | M] () -- C:\ComboFix.txt
[2010/02/12 12:58:31 | 000,000,000 | ---- | M] () -- C:\CONFIG.SYS
[2010/02/12 12:58:31 | 000,000,000 | RHS- | M] () -- C:\IO.SYS
[2010/02/12 12:58:31 | 000,000,000 | RHS- | M] () -- C:\MSDOS.SYS
[2008/04/13 16:00:00 | 000,047,564 | RHS- | M] () -- C:\NTDETECT.COM
[2008/04/13 16:00:00 | 000,250,048 | RHS- | M] () -- C:\ntldr
[2010/08/16 12:49:01 | 2145,386,496 | -HS- | M] () -- C:\pagefile.sys
< %systemroot%\Fonts\*.com >
< %systemroot%\Fonts\*.dll >
< %systemroot%\Fonts\*.ini >
[2010/02/12 12:58:11 | 000,000,067 | -HS- | M] () -- C:\WINDOWS\Fonts\desktop.ini
< %systemroot%\Fonts\*.ini2 >
< %systemroot%\Fonts\*.exe >
< %systemroot%\system32\spool\prtprocs\w32x86\*.* >
[2008/07/06 05:06:10 | 000,089,088 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\spool\prtprocs\w32x86\filterpipelineprintproc.dll
[2007/04/09 06:23:54 | 000,028,552 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\spool\prtprocs\w32x86\mdippr.dll
[2008/07/06 03:50:03 | 000,597,504 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\spool\prtprocs\w32x86\printfilterpipelinesvc.exe
< %systemroot%\REPAIR\*.bak1 >
< %systemroot%\REPAIR\*.ini >
< %systemroot%\system32\*.jpg >
< %systemroot%\*.jpg >
< %systemroot%\*.png >
< %systemroot%\*.scr >
< %systemroot%\*._sy >
< %APPDATA%\Adobe\Update\*.* >
< %ALLUSERSPROFILE%\Favorites\*.* >
< %APPDATA%\Microsoft\*.* >
< %PROGRAMFILES%\*.* >
< %APPDATA%\Update\*.* >
< %systemroot%\*. /mp /s >
< %systemroot%\System32\config\*.sav >
[2010/02/12 04:47:58 | 000,094,208 | ---- | M] () -- C:\WINDOWS\system32\config\default.sav
[2010/02/12 04:47:58 | 001,089,536 | ---- | M] () -- C:\WINDOWS\system32\config\software.sav
[2010/02/12 04:47:58 | 000,921,600 | ---- | M] () -- C:\WINDOWS\system32\config\system.sav
< %PROGRAMFILES%\bak. /s >
< %systemroot%\system32\bak. /s >
< %ALLUSERSPROFILE%\Start Menu\*.lnk /x >
[2010/02/12 12:58:37 | 000,000,294 | -HS- | M] () -- C:\Documents and Settings\All Users\Start Menu\desktop.ini
< %systemroot%\system32\config\systemprofile\*.dat /x >
< %systemroot%\*.config >
< %systemroot%\system32\*.db >
< HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate\AU >
< HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update\Results\Install|LastSuccessTime /rs >
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update\Results\Install\\LastSuccessTime: 2010-08-11 10:06:39
========== Alternate Data Streams ==========
@Alternate Data Stream - 121 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:DFC5A2B2
@Alternate Data Stream - 109 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:A8ADE5D8
< End of report >
OTL Extras logfile created on: 8/16/2010 12:51:44 PM - Run 1
OTL by OldTimer - Version 3.2.10.0 Folder = C:\Documents and Settings\Mike\Desktop
Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy
2.00 Gb Total Physical Memory | 1.00 Gb Available Physical Memory | 76.00% Memory free
4.00 Gb Paging File | 4.00 Gb Available in Paging File | 92.00% Paging File free
Paging file location(s): C:\pagefile.sys 2046 4092 [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 74.52 Gb Total Space | 21.81 Gb Free Space | 29.26% Space Free | Partition Type: NTFS
D: Drive not present or media not loaded
E: Drive not present or media not loaded
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded
Computer Name: MIKE-7BB150A374
Current User Name: Mike
Logged in as Administrator.
Current Boot Mode: Normal
Scan Mode: Current user
Company Name Whitelist: On
Skip Microsoft Files: On
File Age = 90 Days
Output = Standard
Quick Scan
========== Extra Registry (SafeList) ==========
========== File Associations ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)
========== Shell Spawning ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
htmlfile [edit] -- "C:\Program Files\Microsoft Office\OFFICE11\msohtmed.exe" %1 (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l (Microsoft Corporation)
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- C:\Program Files\ParetoLogic\FileCure\FileCure_noapp.exe %1 (ParetoLogic)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
========== Security Center Settings ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"FirstRunDisabled" = 1
"AntiVirusDisableNotify" = 0
"FirewallDisableNotify" = 0
"UpdatesDisableNotify" = 0
"AntiVirusOverride" = 0
"FirewallOverride" = 0
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]
"DisableMonitoring" = 1
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List]
"139:TCP" = 139:TCP:*:Enabled:@xpsp2res.dll,-22004
"445:TCP" = 445:TCP:*:Enabled:@xpsp2res.dll,-22005
"137:UDP" = 137:UDP:*:Enabled:@xpsp2res.dll,-22001
"138:UDP" = 138:UDP:*:Enabled:@xpsp2res.dll,-22002
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
"1900:UDP" = 1900:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22007
"2869:TCP" = 2869:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22008
"139:TCP" = 139:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22004
"445:TCP" = 445:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22005
"137:UDP" = 137:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22001
"138:UDP" = 138:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22002
========== Authorized Applications List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"C:\WINDOWS\system32\wpabaln.exe" = C:\WINDOWS\system32\wpabaln.exe:*:Enabled:wpabaln -- (Microsoft Corporation)
"C:\Program Files\Telestream\Desktop Presenter\Desktop Presenter.exe" = C:\Program Files\Telestream\Desktop Presenter\Desktop Presenter.exe:*:Enabled:Desktop Presenter -- (Telestream Inc)
"C:\Documents and Settings\All Users\Application Data\b5c0829\SGb5c0.exe" = C:\Documents and Settings\All Users\Application Data\b5c0829\SGb5c0.exe:*:Enabled:Security Guard -- File not found
"C:\Program Files\Symantec\Symantec Endpoint Protection\Smc.exe" = C:\Program Files\Symantec\Symantec Endpoint Protection\Smc.exe:*:Enabled:SMC Service -- (Symantec Corporation)
"C:\Program Files\Symantec\Symantec Endpoint Protection\SNAC.EXE" = C:\Program Files\Symantec\Symantec Endpoint Protection\SNAC.EXE:*:Enabled:SNAC Service -- (Symantec Corporation)
"C:\Program Files\Common Files\Symantec Shared\ccApp.exe" = C:\Program Files\Common Files\Symantec Shared\ccApp.exe:*:Enabled:Symantec Email -- (Symantec Corporation)
"C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe" = C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe:*:Enabled:Yahoo! Messenger -- (Yahoo! Inc.)
"C:\Program Files\Intuit\QuickBooks 2010\QBDBMgrN.exe" = C:\Program Files\Intuit\QuickBooks 2010\QBDBMgrN.exe:*:Enabled:QuickBooks 2010 Data Manager -- (Intuit, Inc.)
========== HKEY_LOCAL_MACHINE Uninstall List ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{004098A1-0362-4C42-A1C3-CAD436CFF4A1}" = YouTube Downloader Toolbar v1.0
"{06A9E630-DBA6-4D92-9DE7-A235AA6496C7}" = QuickBooks
"{0700E22B-A419-40A5-BD20-04BF618CA0F9}" = QuickBooks Simple Start 2010 Free Edition
"{1a413f37-ed88-4fec-9666-5c48dc4b7bb7}" = YouTube Downloader 2.5.4
"{26A24AE4-039D-4CA4-87B4-2F83216018FF}" = Java 6 Update 18
"{350C97B0-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP
"{388E4B09-3E71-4649-8921-F44A3A2954A7}" = Microsoft Visual Studio 2005 Tools for Office Runtime
"{45A66726-69BC-466B-A7A4-12FCBA4883D7}" = HiJackThis
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{5CDC6B95-7011-4EF5-9896-3CAEE030B598}" = Desktop Presenter
"{716E0306-8318-4364-8B8F-0CC4E9376BAC}" = MSXML 4.0 SP2 Parser and SDK
"{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable
"{90110409-6000-11D3-8CFE-0150048383C9}" = Microsoft Office Professional Edition 2003
"{90120000-0020-0409-0000-0000000FF1CE}" = Compatibility Pack for the 2007 Office system
"{91490409-6000-11D3-8CFE-0150048383C9}" = Microsoft Office 2003 Primary Interop Assemblies
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}" = Microsoft .NET Framework 3.0 Service Pack 2
"{AC76BA86-7AD7-1033-7B44-A93000000001}" = Adobe Reader 9.3.3
"{B4092C6D-E886-4CB2-BA68-FE5A88D31DE6}_is1" = Spybot - Search & Destroy
"{B7B3E9B3-FB14-4927-894B-E9124509AF5A}" = Adobe Flash Player 10 ActiveX
"{BB3DE5A2-54E3-4846-8C9C-6C373CE43712}" = Symantec Endpoint Protection Small Business Edition
"{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}" = Microsoft .NET Framework 2.0 Service Pack 2
"{C1C441C4-57FA-4950-BDBA-BABFBAA2AA39}" = ParetoLogic FileCure
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{F0A37341-D692-11D4-A984-009027EC0A9C}" = SoundMAX
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"CCleaner" = CCleaner
"DriverAgent.exe" = DriverAgent by eSupport.com
"ERUNT_is1" = ERUNT 1.1j
"FinalMediaPlayer_is1" = Final Media Player 2010
"GrabIt_is1" = GrabIt 1.7.2 Beta 4 (build 997)
"HDMI" = Intel® Graphics Media Accelerator Driver
"HECI" = Intel® Management Engine Interface
"ie8" = Windows Internet Explorer 8
"iSymphony" = iSymphony
"LiveUpdate" = LiveUpdate 3.3 (Symantec Corporation)
"Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"Microsoft Visual Studio 2005 Tools for Office Runtime" = Microsoft Visual Studio 2005 Tools for Office Runtime
"Mozilla Firefox (3.6.8)" = Mozilla Firefox (3.6.8)
"PC Speed Maximizer_is1" = PC Speed Maximizer v2.1
"PROSet" = Intel® Network Connections Drivers
"SP46137" = HP Softpaq SP46137
"SumatraPDF" = Sumatra PDF reader
"The Weather Channel Desktop 6" = The Weather Channel Desktop 6
"WinRAR archiver" = WinRAR archiver
"Yahoo! Companion" = Yahoo! Toolbar
"Yahoo! Messenger" = Yahoo! Messenger
"Yahoo! Search Defender" = Yahoo! Search Protection
"Yahoo! SiteBuilder" = Yahoo! SiteBuilder
"Yahoo! Software Update" = Yahoo! Software Update
"YRefresher_is1" = Yrefresher 1.00
========== HKEY_CURRENT_USER Uninstall List ==========
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"UnityWebPlayer" = Unity Web Player
========== Last 10 Event Log Errors ==========
[ Application Events ]
Error - 8/16/2010 11:22:28 AM | Computer Name = MIKE-7BB150A374 | Source = SescLU | ID = 13
Description = LiveUpdate returned a non-critical error. Available content updates
may have failed to install.
Error - 8/16/2010 12:22:28 PM | Computer Name = MIKE-7BB150A374 | Source = SescLU | ID = 13
Description = LiveUpdate returned a non-critical error. Available content updates
may have failed to install.
Error - 8/16/2010 1:11:42 PM | Computer Name = MIKE-7BB150A374 | Source = SescLU | ID = 13
Description = LiveUpdate returned a non-critical error. Available content updates
may have failed to install.
Error - 8/16/2010 1:15:59 PM | Computer Name = MIKE-7BB150A374 | Source = SescLU | ID = 13
Description = LiveUpdate returned a non-critical error. Available content updates
may have failed to install.
Error - 8/16/2010 2:12:28 PM | Computer Name = MIKE-7BB150A374 | Source = SescLU | ID = 13
Description = LiveUpdate returned a non-critical error. Available content updates
may have failed to install.
Error - 8/16/2010 3:10:47 PM | Computer Name = MIKE-7BB150A374 | Source = SescLU | ID = 13
Description = LiveUpdate returned a non-critical error. Available content updates
may have failed to install.
Error - 8/16/2010 3:19:23 PM | Computer Name = MIKE-7BB150A374 | Source = Application Error | ID = 1000
Description = Faulting application gmer.exe, version 1.0.15.15281, faulting module
gmer.exe, version 1.0.15.15281, fault address 0x0005c887.
Error - 8/16/2010 3:29:29 PM | Computer Name = MIKE-7BB150A374 | Source = Application Hang | ID = 1002
Description = Hanging application gmer.exe, version 1.0.15.15281, hang module hungapp,
version 0.0.0.0, hang address 0x00000000.
Error - 8/16/2010 3:29:29 PM | Computer Name = MIKE-7BB150A374 | Source = Application Hang | ID = 1002
Description = Hanging application gmer.exe, version 1.0.15.15281, hang module hungapp,
version 0.0.0.0, hang address 0x00000000.
Error - 8/16/2010 3:30:52 PM | Computer Name = MIKE-7BB150A374 | Source = Application Hang | ID = 1001
Description = Fault bucket 1608518328.
[ System Events ]
Error - 8/16/2010 3:31:20 PM | Computer Name = MIKE-7BB150A374 | Source = Service Control Manager | ID = 7009
Description = Timeout (30000 milliseconds) waiting for the Symantec Management Client
service to connect.
Error - 8/16/2010 3:31:20 PM | Computer Name = MIKE-7BB150A374 | Source = Service Control Manager | ID = 7000
Description = The Symantec Management Client service failed to start due to the
following error: %%1053
Error - 8/16/2010 3:31:32 PM | Computer Name = MIKE-7BB150A374 | Source = Service Control Manager | ID = 7031
Description = The Symantec Endpoint Protection service terminated unexpectedly.
It has done this 1 time(s). The following corrective action will be taken in 10000
milliseconds: Restart the service.
Error - 8/16/2010 3:31:41 PM | Computer Name = MIKE-7BB150A374 | Source = Service Control Manager | ID = 7031
Description = The Symantec Event Manager service terminated unexpectedly. It has
done this 1 time(s). The following corrective action will be taken in 200 milliseconds:
Restart the service.
Error - 8/16/2010 3:31:41 PM | Computer Name = MIKE-7BB150A374 | Source = Service Control Manager | ID = 7031
Description = The Symantec Settings Manager service terminated unexpectedly. It
has done this 1 time(s). The following corrective action will be taken in 100
milliseconds: Restart the service.
Error - 8/16/2010 3:31:49 PM | Computer Name = MIKE-7BB150A374 | Source = Service Control Manager | ID = 7032
Description = The Service Control Manager tried to take a corrective action (Restart
the service) after the unexpected termination of the Symantec Event Manager service,
but this action failed with the following error: %%1056
Error - 8/16/2010 3:49:15 PM | Computer Name = MIKE-7BB150A374 | Source = sr | ID = 1
Description = The System Restore filter encountered the unexpected error '0xC0000043'
while processing the file 'SrtETmp' on the volume 'HarddiskVolume1'. It has stopped
monitoring the volume.
Error - 8/16/2010 3:49:15 PM | Computer Name = MIKE-7BB150A374 | Source = Ftdisk | ID = 262189
Description = The system could not sucessfully load the crash dump driver.
Error - 8/16/2010 3:49:15 PM | Computer Name = MIKE-7BB150A374 | Source = Ftdisk | ID = 262193
Description = Configuring the Page file for crash dump failed. Make sure there is
a page file on the boot partition and that is large enough to contain all physical
memory.
Error - 8/16/2010 3:49:20 PM | Computer Name = MIKE-7BB150A374 | Source = Service Control Manager | ID = 7000
Description = The Parallel port driver service failed to start due to the following
error: %%2001
< End of report >