OTL logfile created on: 7/14/2010 12:23:38 PM - Run 1 OTL by OldTimer - Version 3.2.9.0 Folder = C:\Documents and Settings\JMW\My Documents\Downloads Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation Internet Explorer (Version = 8.0.6001.18702) Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy 3.00 Gb Total Physical Memory | 2.00 Gb Available Physical Memory | 60.00% Memory free 5.00 Gb Paging File | 3.00 Gb Available in Paging File | 74.00% Paging File free Paging file location(s): C:\pagefile.sys 2046 4092 [binary data] %SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files Drive C: | 465.75 Gb Total Space | 370.86 Gb Free Space | 79.63% Space Free | Partition Type: NTFS Drive D: | 265.31 Mb Total Space | 0.00 Mb Free Space | 0.00% Space Free | Partition Type: CDFS E: Drive not present or media not loaded F: Drive not present or media not loaded G: Drive not present or media not loaded H: Drive not present or media not loaded I: Drive not present or media not loaded Computer Name: JMW-FTX Current User Name: JMW Logged in as Administrator. Current Boot Mode: Normal Scan Mode: Current user Company Name Whitelist: On Skip Microsoft Files: On File Age = 90 Days Output = Standard Quick Scan [color=#E56717]========== Processes (SafeList) ==========[/color] PRC - [2010/07/14 12:21:26 | 000,574,976 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\JMW\My Documents\Downloads\OTL.exe PRC - [2010/06/27 23:50:18 | 000,014,808 | ---- | M] (Mozilla Corporation) -- C:\Program Files\Mozilla Firefox\plugin-container.exe PRC - [2010/06/27 23:50:16 | 000,910,296 | ---- | M] (Mozilla Corporation) -- C:\Program Files\Mozilla Firefox\firefox.exe PRC - [2010/06/15 14:24:47 | 000,134,808 | ---- | M] (Google Inc.) -- C:\Program Files\Google\Update\1.2.183.29\GoogleCrashHandler.exe PRC - [2010/05/07 07:36:10 | 000,092,008 | ---- | M] (TomTom) -- C:\Program Files\TomTom HOME 2\TomTomHOMEService.exe PRC - [2010/05/07 07:36:08 | 000,247,144 | ---- | M] (TomTom) -- C:\Program Files\TomTom HOME 2\TomTomHOMERunner.exe PRC - [2010/04/29 15:39:32 | 001,090,952 | ---- | M] (Malwarebytes Corporation) -- C:\Malwarebytes' Anti-Malware\mbam.exe PRC - [2010/04/26 15:01:54 | 001,615,688 | ---- | M] (BitDefender S.R.L.) -- C:\Program Files\BitDefender\BitDefender 2010\vsserv.exe PRC - [2010/03/26 11:16:04 | 000,093,320 | ---- | M] (McAfee, Inc.) -- c:\Program Files\McAfee\SiteAdvisor\McSACore.exe PRC - [2010/03/18 16:25:08 | 001,123,360 | ---- | M] (BitDefender S.R.L.) -- C:\Program Files\BitDefender\BitDefender 2010\bdagent.exe PRC - [2010/03/18 16:04:52 | 001,091,984 | ---- | M] (BitDefender S.R.L.) -- C:\Program Files\BitDefender\BitDefender 2010\seccenter.exe PRC - [2010/03/18 11:19:26 | 000,113,152 | ---- | M] (ArcSoft Inc.) -- C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACService.exe PRC - [2010/03/10 22:32:26 | 000,648,536 | ---- | M] (Research In Motion Limited) -- C:\Program Files\Common Files\Research In Motion\Auto Update\RIMAutoUpdate.exe PRC - [2010/03/04 13:00:56 | 000,025,704 | R--- | M] (Amazon.com) -- C:\Program Files\Amazon\Amazon Unbox Video\ADVWindowsClientService.exe PRC - [2010/01/11 14:02:46 | 000,308,552 | ---- | M] (BitDefender S.R.L.) -- C:\Program Files\Common Files\BitDefender\BitDefender Update Service\livesrv.exe PRC - [2009/09/08 17:25:52 | 000,096,334 | ---- | M] (Canon Inc.) -- C:\Program Files\Canon\CAL\CALMAIN.exe PRC - [2009/07/20 13:30:50 | 000,813,584 | ---- | M] (Logitech, Inc.) -- C:\Program Files\Logitech\SetPoint\SetPoint.exe PRC - [2009/07/10 13:42:32 | 000,055,824 | ---- | M] (Logitech, Inc.) -- C:\Program Files\Common Files\Logishrd\KHAL2\KHALMNPR.exe PRC - [2009/07/08 03:53:36 | 000,472,112 | ---- | M] (Cisco Systems, Inc.) -- C:\Program Files\Pure Networks\Network Magic\nmapp.exe PRC - [2009/07/07 15:48:44 | 000,647,216 | ---- | M] (Cisco Systems, Inc.) -- C:\Program Files\Common Files\Pure Networks Shared\Platform\nmsrvc.exe PRC - [2009/07/07 15:48:44 | 000,647,216 | ---- | M] (Cisco Systems, Inc.) -- C:\Program Files\Common Files\Pure Networks Shared\Platform\nmctxth.exe PRC - [2009/06/20 20:28:23 | 000,079,872 | ---- | M] (SanDisk Corporation) -- C:\Documents and Settings\JMW\Application Data\SanDisk\Sansa Updater\SansaDispatch.exe PRC - [2009/05/15 07:35:52 | 000,935,208 | ---- | M] (Nero AG) -- C:\Program Files\Common Files\Nero\Nero BackItUp 4\NBService.exe PRC - [2009/03/30 16:28:36 | 001,533,808 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE PRC - [2009/03/30 16:28:36 | 000,183,152 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE PRC - [2008/10/24 09:14:36 | 000,206,112 | ---- | M] (Macrovision Corporation) -- C:\Program Files\Common Files\InstallShield\UpdateService\ISUSPM.exe PRC - [2008/04/13 19:12:19 | 001,033,728 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe PRC - [2006/11/03 19:20:12 | 000,866,584 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Windows Defender\MSASCui.exe PRC - [2006/11/03 19:19:58 | 000,013,592 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Windows Defender\MsMpEng.exe PRC - [2004/12/13 04:34:32 | 000,049,152 | ---- | M] (Ulead Systems, Inc.) -- C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe [color=#E56717]========== Modules (SafeList) ==========[/color] MOD - [2010/07/14 12:21:26 | 000,574,976 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\JMW\My Documents\Downloads\OTL.exe MOD - [2010/06/29 06:20:47 | 000,225,152 | ---- | M] (BitDefender S.R.L. Bucharest, ROMANIA) -- C:\Program Files\BitDefender\BitDefender 2010\Active Virus Control\midas32-v2_66\midas32.dll MOD - [2010/04/22 16:27:24 | 000,176,128 | ---- | M] (BitDefender S.R.L. Bucharest, ROMANIA) -- C:\Program Files\BitDefender\BitDefender 2010\Active Virus Control\midas32-v2_66\plugin_extra.m32 MOD - [2010/04/22 16:27:12 | 000,266,240 | ---- | M] (BitDefender S.R.L. Bucharest, ROMANIA) -- C:\Program Files\BitDefender\BitDefender 2010\Active Virus Control\midas32-v2_66\plugin_nt.m32 MOD - [2010/04/22 16:26:50 | 000,098,304 | ---- | M] (BitDefender S.R.L. Bucharest, ROMANIA) -- C:\Program Files\BitDefender\BitDefender 2010\Active Virus Control\midas32-v2_66\plugin_net.m32 MOD - [2010/04/22 16:26:42 | 000,319,488 | ---- | M] (BitDefender S.R.L. Bucharest, ROMANIA) -- C:\Program Files\BitDefender\BitDefender 2010\Active Virus Control\midas32-v2_66\plugin_fragments.m32 MOD - [2010/04/22 16:26:26 | 000,126,976 | ---- | M] (BitDefender S.R.L. Bucharest, ROMANIA) -- C:\Program Files\BitDefender\BitDefender 2010\Active Virus Control\midas32-v2_66\plugin_registry.m32 MOD - [2010/04/22 16:26:18 | 000,151,552 | ---- | M] (BitDefender S.R.L. Bucharest, ROMANIA) -- C:\Program Files\BitDefender\BitDefender 2010\Active Virus Control\midas32-v2_66\plugin_base.m32 MOD - [2009/07/20 13:29:06 | 000,045,584 | ---- | M] (Logitech, Inc.) -- C:\Program Files\Logitech\SetPoint\lgscroll.dll MOD - [2009/07/12 02:12:06 | 000,632,656 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\WinSxS\x86_Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.4053_x-ww_e6967989\msvcr80.dll MOD - [2008/04/13 19:10:20 | 000,110,592 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\msscript.ocx [color=#E56717]========== Win32 Services (SafeList) ==========[/color] SRV - [2010/06/23 10:39:01 | 002,561,624 | ---- | M] () [Auto | Running] -- c:\Program Files\Common Files\Akamai\rswin_3725.dll -- (Akamai) SRV - [2010/05/07 07:36:10 | 000,092,008 | ---- | M] (TomTom) [Auto | Running] -- C:\Program Files\TomTom HOME 2\TomTomHOMEService.exe -- (TomTomHOMEService) SRV - [2010/04/26 15:01:54 | 001,615,688 | ---- | M] (BitDefender S.R.L.) [Auto | Running] -- C:\Program Files\BitDefender\BitDefender 2010\vsserv.exe -- (VSSERV) SRV - [2010/03/26 11:16:04 | 000,093,320 | ---- | M] (McAfee, Inc.) [Auto | Running] -- c:\Program Files\McAfee\SiteAdvisor\McSACore.exe -- (McAfee SiteAdvisor Service) SRV - [2010/03/18 11:19:26 | 000,113,152 | ---- | M] (ArcSoft Inc.) [Auto | Running] -- C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACService.exe -- (ACDaemon) SRV - [2010/03/12 16:40:10 | 000,315,392 | ---- | M] (S.C. BitDefender S.R.L) [On_Demand | Stopped] -- C:\Program Files\Common Files\BitDefender\BitDefender Threat Scanner\scan.dll -- (scan) SRV - [2010/03/04 13:00:56 | 000,025,704 | R--- | M] (Amazon.com) [Auto | Running] -- C:\Program Files\Amazon\Amazon Unbox Video\ADVWindowsClientService.exe -- (ADVService) SRV - [2010/01/11 14:02:46 | 000,308,552 | ---- | M] (BitDefender S.R.L.) [Auto | Running] -- C:\Program Files\Common Files\BitDefender\BitDefender Update Service\livesrv.exe -- (LIVESRV) SRV - [2009/10/20 13:19:48 | 000,117,264 | ---- | M] (CACE Technologies, Inc.) [On_Demand | Stopped] -- C:\Program Files\WinPcap\rpcapd.exe -- (rpcapd) Remote Packet Capture Protocol v.0 (experimental) SRV - [2009/10/19 17:06:10 | 000,183,880 | ---- | M] (BitDefender S.R.L. http://www.bitdefender.com) [On_Demand | Stopped] -- C:\Program Files\Common Files\BitDefender\BitDefender Arrakis Server\bin\arrakis3.exe -- (Arrakis3) SRV - [2009/09/08 17:25:52 | 000,096,334 | ---- | M] (Canon Inc.) [Auto | Running] -- C:\Program Files\Canon\CAL\CALMAIN.exe -- (CCALib8) SRV - [2009/07/20 13:28:10 | 000,121,360 | ---- | M] (Logitech, Inc.) [On_Demand | Stopped] -- C:\Program Files\Common Files\Logishrd\Bluetooth\LBTServ.exe -- (LBTServ) SRV - [2009/07/07 15:48:44 | 000,647,216 | ---- | M] (Cisco Systems, Inc.) [Auto | Running] -- C:\Program Files\Common Files\Pure Networks Shared\Platform\nmsrvc.exe -- (nmservice) SRV - [2009/05/15 07:35:52 | 000,935,208 | ---- | M] (Nero AG) [Auto | Running] -- C:\Program Files\Common Files\Nero\Nero BackItUp 4\NBService.exe -- (Nero BackItUp Scheduler 4.0) SRV - [2009/03/30 16:28:36 | 001,533,808 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE -- (wlidsvc) SRV - [2009/02/06 18:08:58 | 000,533,360 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Windows Live\Family Safety\fsssvc.exe -- (fsssvc) SRV - [2006/11/03 19:19:58 | 000,013,592 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\MsMpEng.exe -- (WinDefend) SRV - [2004/12/13 04:34:32 | 000,049,152 | ---- | M] (Ulead Systems, Inc.) [Auto | Running] -- C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe -- (UleadBurningHelper) [color=#E56717]========== Driver Services (SafeList) ==========[/color] DRV - [2010/06/02 21:41:59 | 000,119,504 | ---- | M] (BitDefender LLC) [Kernel | System | Running] -- C:\Program Files\Common Files\BitDefender\BitDefender Firewall\bdftdif.sys -- (bdftdif) DRV - [2010/06/02 21:41:59 | 000,111,312 | ---- | M] (BitDefender LLC) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\bdfndisf.sys -- (Bdfndisf) DRV - [2010/06/02 21:41:59 | 000,039,808 | ---- | M] (BitDefender S.R.L.) [Kernel | On_Demand | Stopped] -- C:\Program Files\Common Files\BitDefender\BitDefender Threat Scanner\trufos.sys -- (Trufos) DRV - [2010/06/02 21:41:59 | 000,014,720 | ---- | M] (BitDefender S.R.L.) [Kernel | On_Demand | Stopped] -- C:\Program Files\Common Files\BitDefender\BitDefender Threat Scanner\profos.sys -- (Profos) DRV - [2010/04/29 15:39:38 | 000,038,224 | ---- | M] (Malwarebytes Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\mbamswissarmy.sys -- (MBAMSwissArmy) DRV - [2010/04/23 17:43:52 | 000,058,368 | ---- | M] (BitDefender) [Kernel | On_Demand | Running] -- C:\Program Files\BitDefender\BitDefender 2010\bdselfpr.sys -- (BDSelfPr) DRV - [2010/02/22 14:58:40 | 000,291,352 | ---- | M] (BitDefender) [File_System | Boot | Running] -- C:\WINDOWS\system32\drivers\bdfsfltr.sys -- (bdfsfltr) DRV - [2010/02/03 13:57:36 | 000,153,448 | ---- | M] (BitDefender S.R.L. Bucharest, ROMANIA) [File_System | On_Demand | Running] -- C:\WINDOWS\system32\drivers\bdfm.sys -- (bdfm) DRV - [2010/01/20 16:53:06 | 000,013,192 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\epmntdrv.sys -- (epmntdrv) DRV - [2010/01/20 16:53:04 | 000,008,456 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\EuGdiDrv.sys -- (EuGdiDrv) DRV - [2010/01/19 19:32:40 | 000,085,128 | ---- | M] (BitDefender) [Kernel | Auto | Running] -- C:\Program Files\BitDefender\BitDefender 2010\bdvedisk.sys -- (BDVEDISK) DRV - [2009/10/20 13:19:44 | 000,050,704 | ---- | M] (CACE Technologies, Inc.) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\npf.sys -- (NPF) DRV - [2009/07/07 15:48:44 | 000,026,672 | ---- | M] (Cisco Systems, Inc.) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\purendis.sys -- (purendis) DRV - [2009/07/07 15:48:44 | 000,025,392 | ---- | M] (Cisco Systems, Inc.) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\pnarp.sys -- (pnarp) DRV - [2009/06/17 11:56:16 | 000,037,392 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\LMouFilt.Sys -- (LMouFilt) DRV - [2009/06/17 11:56:06 | 000,035,472 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\LHidFilt.Sys -- (LHidFilt) DRV - [2009/06/10 06:03:00 | 008,087,712 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\nv4_mini.sys -- (nv) DRV - [2009/02/13 11:02:52 | 000,011,520 | ---- | M] (Western Digital Technologies) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\wdcsam.sys -- (WDC_SAM) DRV - [2009/02/06 18:08:42 | 000,055,152 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\fssfltr_tdi.sys -- (fssfltr) DRV - [2008/12/18 23:43:18 | 000,010,384 | ---- | M] (Logitech, Inc.) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\LBeepKE.sys -- (LBeepKE) DRV - [2008/11/25 03:37:50 | 004,952,576 | R--- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\RtkHDAud.sys -- (IntcAzAudAddService) Service for Realtek HD Audio (WDM) DRV - [2008/08/18 05:54:24 | 000,145,952 | R--- | M] (NVIDIA Corporation) [Kernel | Boot | Running] -- C:\WINDOWS\System32\DRIVERS\nvgts.sys -- (nvgts) DRV - [2008/07/31 22:36:26 | 000,022,016 | R--- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\nvnetbus.sys -- (nvnetbus) DRV - [2008/07/31 22:36:20 | 000,054,784 | R--- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\NVENETFD.sys -- (NVENETFD) DRV - [2008/04/13 13:45:12 | 000,060,032 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\USBAUDIO.sys -- (usbaudio) USB Audio Driver (WDM) DRV - [2008/02/27 13:49:00 | 000,003,840 | ---- | M] () [Kernel | System | Running] -- C:\WINDOWS\System32\Drivers\BANTExt.sys -- (BANTExt) DRV - [2007/08/15 07:27:18 | 000,009,600 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\n558.sys -- (n558) DRV - [2007/04/16 21:46:00 | 000,033,792 | ---- | M] (Advanced Micro Devices) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\AmdPPM.sys -- (AmdPPM) DRV - [2006/10/18 11:38:38 | 000,009,728 | ---- | M] (Leadtek Research Inc.) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\cxavxbar.sys -- (CXAVXBAR) DRV - [2006/10/18 11:37:56 | 000,050,816 | ---- | M] (Leadtek Research Inc.) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\cx88tune.sys -- (CXTUNE) DRV - [2006/10/18 11:37:26 | 000,162,944 | ---- | M] (Leadtek Research Inc.) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\cx88vid.sys -- (CX23880) DRV - [2005/01/07 17:07:18 | 000,138,752 | ---- | M] (Windows (R) Server 2003 DDK provider) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\Hdaudbus.sys -- (HDAudBus) DRV - [2004/08/14 13:56:20 | 000,005,810 | R--- | M] () [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ASACPI.sys -- (MTsensor) [color=#E56717]========== Standard Registry (SafeList) ==========[/color] [color=#E56717]========== Internet Explorer ==========[/color] IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL = http://www.google.com/ie IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.google.com/ie IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://google.com/ IE - HKCU\..\URLSearchHook: {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\Program Files\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.) IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local; [color=#E56717]========== FireFox ==========[/color] FF - prefs.js..browser.search.defaultenginename: "Secure Search" FF - prefs.js..browser.search.selectedEngine: "Secure Search" FF - prefs.js..browser.search.useDBForOrder: true FF - prefs.js..browser.startup.homepage: "http://townhall.com/" FF - prefs.js..extensions.enabledItems: FFToolbar@bitdefender.com:2.0 FF - prefs.js..extensions.enabledItems: jqs@sun.com:1.0 FF - prefs.js..extensions.enabledItems: personas@christopher.beard:1.5.3 FF - prefs.js..extensions.enabledItems: foxmarks@kei.com:3.7.8 FF - prefs.js..extensions.enabledItems: {635abd67-4fe9-1b23-4f01-e679fa7484c1}:2.1.3.20100310105313 FF - prefs.js..extensions.enabledItems: runtime@panda3d.org:0.9.11 FF - prefs.js..extensions.enabledItems: {B7082FAA-CB62-4872-9106-E42DD88EDE45}:3.1 FF - prefs.js..extensions.enabledItems: {000a9d1c-beef-4f90-9363-039d445309b8}:0.5.36.0 FF - prefs.js..extensions.enabledItems: YoutubeDownloader@PeterOlayev.com:1.4 FF - prefs.js..extensions.enabledItems: {9CE11043-9A15-4207-A565-0C94C42D590D}:2.0 FF - prefs.js..keyword.URL: "http://search.yahoo.com/search?fr=mcafee&p=" FF - HKLM\software\mozilla\Firefox\Extensions\\FFToolbar@bitdefender.com: C:\Program Files\BitDefender\BitDefender 2010\bdaphffext\ [2010/07/12 14:05:29 | 000,000,000 | ---D | M] FF - HKLM\software\mozilla\Firefox\Extensions\\{B7082FAA-CB62-4872-9106-E42DD88EDE45}: C:\Program Files\McAfee\SiteAdvisor [2010/06/03 08:47:08 | 000,000,000 | ---D | M] FF - HKLM\software\mozilla\Firefox\Extensions\\{000a9d1c-beef-4f90-9363-039d445309b8}: C:\Program Files\Google\Google Gears\Firefox\ [2010/04/12 13:44:39 | 000,000,000 | ---D | M] FF - HKLM\software\mozilla\Mozilla Firefox 3.6.6\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2010/07/12 16:50:07 | 000,000,000 | ---D | M] FF - HKLM\software\mozilla\Mozilla Firefox 3.6.6\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2010/07/13 21:21:57 | 000,000,000 | ---D | M] [2010/06/18 20:34:42 | 000,000,000 | ---D | M] -- C:\Documents and Settings\JMW\Application Data\Mozilla\Extensions [2010/06/18 20:34:42 | 000,000,000 | ---D | M] -- C:\Documents and Settings\JMW\Application Data\Mozilla\Extensions\home2@tomtom.com [2010/07/13 21:26:25 | 000,000,000 | ---D | M] -- C:\Documents and Settings\JMW\Application Data\Mozilla\Firefox\Profiles\zy36msn7.default\extensions [2010/04/27 10:28:01 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Documents and Settings\JMW\Application Data\Mozilla\Firefox\Profiles\zy36msn7.default\extensions\{20a82645-c095-46ed-80e3-08825760534b} [2010/06/17 14:40:55 | 000,000,000 | ---D | M] (Google Toolbar for Firefox) -- C:\Documents and Settings\JMW\Application Data\Mozilla\Firefox\Profiles\zy36msn7.default\extensions\{3112ca9c-de6d-4884-a869-9855de68056c} [2010/04/05 19:48:16 | 000,000,000 | ---D | M] (Yahoo! Toolbar) -- C:\Documents and Settings\JMW\Application Data\Mozilla\Firefox\Profiles\zy36msn7.default\extensions\{635abd67-4fe9-1b23-4f01-e679fa7484c1} [2009/06/09 21:25:10 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\JMW\Application Data\Mozilla\Firefox\Profiles\zy36msn7.default\extensions\{CF40ACC5-E1BB-4aff-AC72-04C2F616BCA7} [2010/07/11 21:50:09 | 000,000,000 | ---D | M] -- C:\Documents and Settings\JMW\Application Data\Mozilla\Firefox\Profiles\zy36msn7.default\extensions\foxmarks@kei.com [2010/04/13 19:48:05 | 000,000,000 | ---D | M] -- C:\Documents and Settings\JMW\Application Data\Mozilla\Firefox\Profiles\zy36msn7.default\extensions\personas@christopher.beard [2010/02/23 17:16:15 | 000,000,000 | ---D | M] -- C:\Documents and Settings\JMW\Application Data\Mozilla\Firefox\Profiles\zy36msn7.default\extensions\runtime@panda3d.org [2010/05/19 21:32:58 | 000,000,000 | ---D | M] -- C:\Documents and Settings\JMW\Application Data\Mozilla\Firefox\Profiles\zy36msn7.default\extensions\YoutubeDownloader@PeterOlayev.com [2009/08/20 10:26:11 | 000,002,172 | ---- | M] () -- C:\Documents and Settings\JMW\Application Data\Mozilla\Firefox\Profiles\zy36msn7.default\searchplugins\bing.xml [2010/07/13 21:26:25 | 000,000,000 | ---D | M] -- C:\Program Files\Mozilla Firefox\extensions [2010/07/01 12:16:11 | 000,000,000 | ---D | M] (Firefox security) -- C:\Program Files\Mozilla Firefox\extensions\{9CE11043-9A15-4207-A565-0C94C42D590D} [2010/04/06 09:44:09 | 000,442,368 | ---- | M] (Invenda Corporation) -- C:\Program Files\Mozilla Firefox\plugins\NPcol308.dll [2009/11/19 16:16:28 | 000,091,552 | ---- | M] (Coupons, Inc.) -- C:\Program Files\Mozilla Firefox\plugins\npCouponPrinter.dll [2009/11/19 16:16:29 | 000,091,552 | ---- | M] (Coupons, Inc.) -- C:\Program Files\Mozilla Firefox\plugins\npMozCouponPrinter.dll [2010/06/19 19:28:49 | 000,002,024 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\McSiteAdvisor.xml O1 HOSTS File: ([2009/06/18 23:41:42 | 000,307,172 | R--- | M]) - C:\WINDOWS\system32\drivers\etc\hosts O1 - Hosts: 127.0.0.1 localhost O1 - Hosts: 127.0.0.1 www.007guard.com O1 - Hosts: 127.0.0.1 007guard.com O1 - Hosts: 127.0.0.1 008i.com O1 - Hosts: 127.0.0.1 www.008k.com O1 - Hosts: 127.0.0.1 008k.com O1 - Hosts: 127.0.0.1 www.00hq.com O1 - Hosts: 127.0.0.1 00hq.com O1 - Hosts: 127.0.0.1 010402.com O1 - Hosts: 127.0.0.1 www.032439.com O1 - Hosts: 127.0.0.1 032439.com O1 - Hosts: 127.0.0.1 www.0scan.com O1 - Hosts: 127.0.0.1 0scan.com O1 - Hosts: 127.0.0.1 www.1000gratisproben.com O1 - Hosts: 127.0.0.1 1000gratisproben.com O1 - Hosts: 127.0.0.1 www.1001namen.com O1 - Hosts: 127.0.0.1 1001namen.com O1 - Hosts: 127.0.0.1 100888290cs.com O1 - Hosts: 127.0.0.1 www.100888290cs.com O1 - Hosts: 127.0.0.1 100sexlinks.com O1 - Hosts: 127.0.0.1 www.100sexlinks.com O1 - Hosts: 127.0.0.1 10sek.com O1 - Hosts: 127.0.0.1 www.10sek.com O1 - Hosts: 127.0.0.1 www.1-2005-search.com O1 - Hosts: 127.0.0.1 1-2005-search.com O1 - Hosts: 10574 more lines... O2 - BHO: (Solid Converter PDF) - {259F616C-A300-44F5-B04A-ED001A26C85C} - C:\Program Files\SolidDocuments\SolidConverterPDF\SCPDF\ExploreExtPDF.dll (VoyagerSoft, LLC) O2 - BHO: (Spybot-S&D IE Protection) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited) O2 - BHO: (Google Toolbar Helper) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.) O2 - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.5.5126.1836\swg.dll (Google Inc.) O2 - BHO: (McAfee SiteAdvisor BHO) - {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - c:\Program Files\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.) O2 - BHO: (no name) - {CF070CB8-F02F-4af4-A7B7-8D45CAD4BB54} - No CLSID value found. O2 - BHO: (no name) - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - No CLSID value found. O2 - BHO: (no name) - AutorunsDisabled - No CLSID value found. O3 - HKLM\..\Toolbar: (McAfee SiteAdvisor Toolbar) - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\Program Files\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.) O3 - HKLM\..\Toolbar: (no name) - {1E61ED7C-7CB8-49d6-B9E9-AB4C880C8414} - No CLSID value found. O3 - HKLM\..\Toolbar: (Google Toolbar) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.) O3 - HKLM\..\Toolbar: (Solid Converter PDF) - {259F616C-A300-44F5-B04A-ED001A26C85C} - C:\Program Files\SolidDocuments\SolidConverterPDF\SCPDF\ExploreExtPDF.dll (VoyagerSoft, LLC) O3 - HKLM\..\Toolbar: (BitDefender Toolbar) - {381FFDE8-2394-4f90-B10D-FC6124A40F8C} - C:\Program Files\BitDefender\BitDefender 2010\ietoolbar.dll (BitDefender S.R.L.) O3 - HKCU\..\Toolbar\WebBrowser: (Google Toolbar) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.) O4 - HKLM..\Run: [] File not found O4 - HKLM..\Run: [BDAgent] C:\Program Files\BitDefender\BitDefender 2010\bdagent.exe (BitDefender S.R.L.) O4 - HKLM..\Run: [BitDefender Antiphishing Helper] C:\Program Files\BitDefender\BitDefender 2010\IEShow.exe (BitDefender S.R.L.) O4 - HKLM..\Run: [BlackBerryAutoUpdate] C:\Program Files\Common Files\Research In Motion\Auto Update\RIMAutoUpdate.exe (Research In Motion Limited) O4 - HKLM..\Run: [Kernel and Hardware Abstraction Layer] C:\WINDOWS\KHALMNPR.Exe (Logitech, Inc.) O4 - HKLM..\Run: [nmapp] C:\Program Files\Pure Networks\Network Magic\nmapp.exe (Cisco Systems, Inc.) O4 - HKLM..\Run: [nmctxth] C:\Program Files\Common Files\Pure Networks Shared\Platform\nmctxth.exe (Cisco Systems, Inc.) O4 - HKLM..\Run: [Nuance PDF Reader-reminder] C:\Program Files\Nuance\PDF Reader\Ereg\Ereg.exe (Nuance Communications, Inc.) O4 - HKLM..\Run: [NvCplDaemon] C:\WINDOWS\System32\NvCpl.DLL (NVIDIA Corporation) O4 - HKLM..\Run: [NvMediaCenter] C:\WINDOWS\System32\NvMcTray.DLL (NVIDIA Corporation) O4 - HKLM..\Run: [nwiz] C:\WINDOWS\System32\nwiz.exe () O4 - HKLM..\Run: [RoxWatchTray] C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxWatchTray9.exe (Sonic Solutions) O4 - HKLM..\Run: [Windows Defender] C:\Program Files\Windows Defender\MSASCui.exe (Microsoft Corporation) O4 - HKCU..\Run: [ISUSPM] C:\Program Files\Common Files\InstallShield\UpdateService\ISUSPM.exe (Macrovision Corporation) O4 - HKCU..\Run: [SansaDispatch] C:\Documents and Settings\JMW\Application Data\SanDisk\Sansa Updater\SansaDispatch.exe (SanDisk Corporation) O4 - HKCU..\Run: [TomTomHOME.exe] C:\Program Files\TomTom HOME 2\TomTomHOMERunner.exe (TomTom) O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Logitech SetPoint.lnk = C:\Program Files\Logitech\SetPoint\SetPoint.exe (Logitech, Inc.) O4 - Startup: C:\Documents and Settings\JMW\Start Menu\Programs\Startup\ERUNT AutoBackup.lnk = C:\Program Files\ERUNT\AUTOBACK.EXE () O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Low Rights present O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1 O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145 O8 - Extra context menu item: E&xport to Microsoft Excel - C:\Program Files\Microsoft Office\Office12\EXCEL.EXE (Microsoft Corporation) O8 - Extra context menu item: Google Sidewiki... - C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_89D8574934B26AC4.dll (Google Inc.) O8 - Extra context menu item: Save Page As PDF ... - C:\Program Files\Nitro PDF\PDF Download\nitroweb.htm () O9 - Extra 'Tools' menuitem : &Gears Settings - {09C04DA7-5B76-4EBC-BBEE-B25EAC5965F5} - C:\Program Files\Google\Google Gears\Internet Explorer\0.5.36.0\gears.dll (Google Inc.) O9 - Extra Button: Blog This - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll (Microsoft Corporation) O9 - Extra 'Tools' menuitem : &Blog This in Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll (Microsoft Corporation) O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\Program Files\Microsoft Office\Office12\REFIEBAR.DLL (Microsoft Corporation) O9 - Extra 'Tools' menuitem : PDF Download - Options - {AD9E6088-E00B-42f9-9F0C-8480525D234E} - Reg Error: Key error. File not found O9 - Extra 'Tools' menuitem : Spybot - Search && Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited) O16 - DPF: {166B1BCA-3F9C-11CF-8075-444553540000} http://download.macromedia.com/pub/shockwave/cabs/director/sw.cab (Shockwave ActiveX Control) O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} http://download.bitdefender.com/resources/scanner/sources/en/scan8/oscan8.cab (BDSCANONLINE Control) O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} http://update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1244323326000 (WUWebControl Class) O16 - DPF: {73ECB3AA-4717-450C-A2AB-D00DAD9EE203} http://h20270.www2.hp.com/ediags/gmn2/install/HPProductDetection2.cab (GMNRev Class) O16 - DPF: {74DBCB52-F298-4110-951D-AD2FF67BC8AB} http://www.nvidia.com/content/DriverDownload/nforce/NvidiaSmartScan.cab (NVIDIA Smart Scan) O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_15-windows-i586.cab (Java Plug-in 1.6.0_15) O16 - DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} http://fpdownload.macromedia.com/get/flashplayer/current/polarbear/ultrashim.cab (Reg Error: Key error.) O16 - DPF: {A90A5822-F108-45AD-8482-9BC8B12DD539} http://www.crucial.com/controls/cpcScanner.cab (Crucial cpcScan) O16 - DPF: {CAFEEFAC-0016-0000-0015-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_15-windows-i586.cab (Java Plug-in 1.6.0_15) O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_15-windows-i586.cab (Java Plug-in 1.6.0_15) O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab (Shockwave Flash Object) O16 - DPF: {EF791A6B-FC12-4C68-99EF-FB9E207A39E6} http://download.mcafee.com/molbin/iss-loc/mcfscan/3,0,0,6025/mcfscan.cab (McFreeScan Class) O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 209.18.47.61 209.18.47.62 O18 - Protocol\Handler\belarc {6318E0AB-2E93-11D1-B8ED-00608CC9A71F} - C:\Program Files\Belarc\Advisor\System\BAVoilaX.dll (Belarc, Inc.) O18 - Protocol\Handler\dssrequest {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.) O18 - Protocol\Handler\livecall {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files\Windows Live\Messenger\msgrapp.14.0.8064.0206.dll (Microsoft Corporation) O18 - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Program Files\Common Files\Microsoft Shared\Help\hxds.dll (Microsoft Corporation) O18 - Protocol\Handler\msnim {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files\Windows Live\Messenger\msgrapp.14.0.8064.0206.dll (Microsoft Corporation) O18 - Protocol\Handler\pure-go {4746C79A-2042-4332-8650-48966E44ABA8} - C:\Program Files\Common Files\Pure Networks Shared\Platform\puresp4.dll (Cisco Systems, Inc.) O18 - Protocol\Handler\sacore {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.) O18 - Protocol\Handler\wlmailhtml {03C514A3-1EFB-4856-9F99-10D7BE1653C0} - C:\Program Files\Windows Live\Mail\mailcomm.dll (Microsoft Corporation) O18 - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\Microsoft Shared\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation) O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation) O20 - Winlogon\Notify\LBTWlgn: DllName - c:\program files\common files\logishrd\bluetooth\LBTWlgn.dll - c:\Program Files\Common Files\Logishrd\Bluetooth\LBTWLgn.dll (Logitech, Inc.) O24 - Desktop WallPaper: C:\Documents and Settings\JMW\Local Settings\Application Data\Microsoft\Wallpaper1.bmp O24 - Desktop BackupWallPaper: C:\Documents and Settings\JMW\Local Settings\Application Data\Microsoft\Wallpaper1.bmp O28 - HKLM ShellExecuteHooks: {091EB208-39DD-417D-A5DD-7E2C2D8FB9CB} - C:\Program Files\Windows Defender\MpShHook.dll (Microsoft Corporation) O28 - HKLM ShellExecuteHooks: {56F9679E-7826-4C84-81F3-532071A8BCC5} - C:\Program Files\Windows Desktop Search\MsnlNamespaceMgr.dll (Microsoft Corporation) O32 - HKLM CDRom: AutoRun - 1 O32 - AutoRun File - [2009/06/05 21:33:02 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ] O32 - AutoRun File - [2006/09/05 16:13:14 | 000,000,025 | R--- | M] () - D:\Autorun.inf -- [ CDFS ] O33 - MountPoints2\{26ef52d8-315c-11df-b2e4-00248cc5c731}\Shell - "" = AutoRun O33 - MountPoints2\{26ef52d8-315c-11df-b2e4-00248cc5c731}\Shell\AutoRun - "" = Auto&Play O33 - MountPoints2\{26ef52d8-315c-11df-b2e4-00248cc5c731}\Shell\AutoRun\command - "" = E:\WD SmartWare.exe -- File not found O33 - MountPoints2\{50202fc2-520e-11de-b1e5-806d6172696f}\Shell - "" = AutoRun O33 - MountPoints2\{50202fc2-520e-11de-b1e5-806d6172696f}\Shell\AutoRun - "" = Auto&Play O33 - MountPoints2\{50202fc2-520e-11de-b1e5-806d6172696f}\Shell\AutoRun\command - "" = D:\start.exe -- [2006/09/05 16:13:18 | 002,775,170 | R--- | M] (RIM) O33 - MountPoints2\{81e0ef35-65b1-11de-b20d-00248cc5c731}\Shell - "" = AutoRun O33 - MountPoints2\{81e0ef35-65b1-11de-b20d-00248cc5c731}\Shell\AutoRun - "" = Auto&Play O33 - MountPoints2\{81e0ef35-65b1-11de-b20d-00248cc5c731}\Shell\AutoRun\command - "" = E:\LaunchU3.exe -- File not found O33 - MountPoints2\{9a0d64d2-7b42-11df-b376-00248cc5c731}\Shell\AutoRun\command - "" = E:\InstallTomTomHOME.exe -- File not found O33 - MountPoints2\{b6084679-8370-11de-b225-0002720cea49}\Shell\AutoRun - "" = Auto&Play O33 - MountPoints2\{b6084679-8370-11de-b225-0002720cea49}\Shell\AutoRun\command - "" = E:\autorun.exe -- File not found O33 - MountPoints2\{b6084679-8370-11de-b225-0002720cea49}\Shell\phone\command - "" = E:\autorun.exe -- File not found O34 - HKLM BootExecute: (autocheck autochk *) - File not found O35 - HKLM\..comfile [open] -- "%1" %* O35 - HKLM\..exefile [open] -- "%1" %* O37 - HKLM\...com [@ = comfile] -- "%1" %* O37 - HKLM\...exe [@ = exefile] -- "%1" %* NetSvcs: 6to4 - File not found NetSvcs: Ias - File not found NetSvcs: Iprip - File not found NetSvcs: NWCWorkstation - File not found NetSvcs: Nwsapagent - File not found NetSvcs: WmdmPmSp - File not found Drivers32: aux - C:\WINDOWS\System32\wdmaud.drv (Microsoft Corporation) Drivers32: aux1 - C:\WINDOWS\System32\wdmaud.drv (Microsoft Corporation) Drivers32: midi - C:\WINDOWS\System32\wdmaud.drv (Microsoft Corporation) Drivers32: midi1 - C:\WINDOWS\System32\wdmaud.drv (Microsoft Corporation) Drivers32: midimapper - C:\WINDOWS\System32\midimap.dll (Microsoft Corporation) Drivers32: mixer - C:\WINDOWS\System32\wdmaud.drv (Microsoft Corporation) Drivers32: mixer1 - C:\WINDOWS\System32\wdmaud.drv (Microsoft Corporation) Drivers32: msacm.dvacm - C:\Program Files\Common Files\Ulead Systems\vio\DVACM.acm (Ulead Systems, Inc.) Drivers32: msacm.iac2 - C:\WINDOWS\system32\Iac25_32.ax (Intel Corporation) Drivers32: msacm.imaadpcm - C:\WINDOWS\System32\imaadp32.acm (Microsoft Corporation) Drivers32: msacm.l3acm - C:\WINDOWS\system32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS) Drivers32: msacm.msadpcm - C:\WINDOWS\System32\msadp32.acm (Microsoft Corporation) Drivers32: msacm.msaudio1 - C:\WINDOWS\System32\msaud32.acm (Microsoft Corporation) Drivers32: msacm.msg711 - C:\WINDOWS\System32\msg711.acm (Microsoft Corporation) Drivers32: msacm.msg723 - C:\WINDOWS\System32\msg723.acm (Microsoft Corporation) Drivers32: msacm.msgsm610 - C:\WINDOWS\System32\msgsm32.acm (Microsoft Corporation) Drivers32: msacm.siren - C:\WINDOWS\System32\sirenacm.dll (Microsoft Corporation) Drivers32: msacm.sl_anet - C:\WINDOWS\System32\sl_anet.acm (Sipro Lab Telecom Inc.) Drivers32: msacm.trspch - C:\WINDOWS\System32\tssoft32.acm (DSP GROUP, INC.) Drivers32: MSVideo8 - C:\WINDOWS\System32\vfwwdm32.dll (Microsoft Corporation) Drivers32: vidc.cvid - C:\WINDOWS\System32\iccvid.dll (Radius Inc.) Drivers32: VIDC.I420 - C:\WINDOWS\System32\msh263.drv (Microsoft Corporation) Drivers32: vidc.iv31 - C:\WINDOWS\System32\Ir32_32.dll () Drivers32: vidc.iv32 - C:\WINDOWS\System32\Ir32_32.dll () Drivers32: VIDC.IV41 - C:\WINDOWS\System32\ir41_32.ax (Intel Corporation) Drivers32: vidc.iv50 - C:\WINDOWS\System32\Ir50_32.dll (Intel Corporation) Drivers32: VIDC.IYUV - C:\WINDOWS\System32\iyuv_32.dll (Microsoft Corporation) Drivers32: vidc.M261 - C:\WINDOWS\System32\msh261.drv (Microsoft Corporation) Drivers32: vidc.M263 - C:\WINDOWS\System32\msh263.drv (Microsoft Corporation) Drivers32: vidc.mrle - C:\WINDOWS\System32\msrle32.dll (Microsoft Corporation) Drivers32: vidc.msvc - C:\WINDOWS\System32\msvidc32.dll (Microsoft Corporation) Drivers32: VIDC.UYVY - C:\WINDOWS\System32\msyuv.dll (Microsoft Corporation) Drivers32: VIDC.YUY2 - C:\WINDOWS\System32\msyuv.dll (Microsoft Corporation) Drivers32: VIDC.YVU9 - C:\WINDOWS\System32\Iyvu9_32.dll () Drivers32: VIDC.YVYU - C:\WINDOWS\System32\msyuv.dll (Microsoft Corporation) Drivers32: wave - C:\WINDOWS\System32\wdmaud.drv (Microsoft Corporation) Drivers32: wave1 - C:\WINDOWS\System32\wdmaud.drv (Microsoft Corporation) Drivers32: wavemapper - C:\WINDOWS\System32\msacm32.drv (Microsoft Corporation) CREATERESTOREPOINT Restore point Set: OTL Restore Point (66441649420500992) [color=#E56717]========== Files/Folders - Created Within 90 Days ==========[/color] [2010/07/14 12:19:28 | 000,000,000 | ---D | C] -- C:\WINDOWS\ERDNT [2010/07/14 12:18:37 | 000,000,000 | ---D | C] -- C:\Program Files\ERUNT [2010/07/13 21:25:05 | 000,000,000 | ---D | C] -- C:\Documents and Settings\JMW\Desktop\TEXT FILES-NOTES [2010/07/13 20:41:21 | 000,000,000 | ---D | C] -- C:\Documents and Settings\JMW\Application Data\Auslogics [2010/07/13 20:41:17 | 000,000,000 | ---D | C] -- C:\Program Files\Auslogics [2010/07/12 22:07:17 | 000,000,000 | ---D | C] -- C:\Program Files\iTunes [2010/07/12 16:49:50 | 000,000,000 | ---D | C] -- C:\Program Files\QuickTime [2010/07/12 16:49:01 | 000,000,000 | ---D | C] -- C:\Program Files\Apple Software Update [2010/07/01 22:13:23 | 001,056,768 | ---- | C] (Blue Sky Software Corporation.) -- C:\WINDOWS\System32\ROBOEX32.DLL [2010/07/01 22:13:23 | 000,049,152 | ---- | C] (Blue Sky Software Corporation.) -- C:\WINDOWS\System32\INETWH32.DLL [2010/07/01 22:13:19 | 000,000,000 | ---D | C] -- C:\Program Files\NetObjects [2010/07/01 12:16:13 | 000,000,000 | -HSD | C] -- C:\Documents and Settings\JMW\Application Data\SystemProc [2010/06/27 12:44:23 | 000,000,000 | ---D | C] -- C:\Documents and Settings\JMW\Application Data\Blackberry Desktop [2010/06/27 11:09:45 | 000,000,000 | ---D | C] -- C:\Documents and Settings\JMW\Application Data\Research In Motion [2010/06/27 11:04:35 | 000,000,000 | ---D | C] -- C:\WINDOWS\McAfee.com [2010/06/27 10:48:39 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\InstallShield [2010/06/27 10:48:13 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Sonic [2010/06/27 10:43:23 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Sonic Shared [2010/06/27 10:43:22 | 000,000,000 | ---D | C] -- C:\Program Files\Roxio [2010/06/27 10:43:22 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Roxio [2010/06/27 10:38:56 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Research In Motion [2010/06/27 10:38:54 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Roxio Shared [2010/06/27 10:38:47 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Research In Motion [2010/06/27 10:38:46 | 000,000,000 | ---D | C] -- C:\Program Files\Research In Motion [2010/06/18 20:35:10 | 000,000,000 | ---D | C] -- C:\Documents and Settings\JMW\My Documents\TomTom [2010/06/18 20:35:07 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\TomTom [2010/06/18 20:34:41 | 000,000,000 | ---D | C] -- C:\Documents and Settings\JMW\Local Settings\Application Data\TomTom [2010/06/18 20:34:41 | 000,000,000 | ---D | C] -- C:\Documents and Settings\JMW\Application Data\TomTom [2010/06/18 20:34:34 | 000,000,000 | ---D | C] -- C:\Program Files\TomTom International B.V [2010/06/18 20:34:24 | 000,000,000 | ---D | C] -- C:\Program Files\TomTom HOME 2 [2010/06/18 20:33:24 | 000,000,000 | ---D | C] -- C:\Program Files\TomTom DesktopSuite [2010/06/18 15:52:31 | 000,000,000 | ---D | C] -- C:\Documents and Settings\JMW\Application Data\ZoomBrowser EX [2010/06/18 15:52:25 | 000,000,000 | ---D | C] -- C:\Documents and Settings\JMW\Local Settings\Application Data\CANON_INC [2010/06/18 15:44:34 | 000,000,000 | ---D | C] -- C:\Documents and Settings\JMW\Application Data\Canon [2010/06/17 22:34:01 | 000,000,000 | R--D | C] -- C:\Documents and Settings\JMW\Desktop\Canon REBEL Apps & Manuals [2010/06/17 19:46:41 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\ZoomBrowser [2010/06/17 19:27:26 | 000,000,000 | ---D | C] -- C:\Program Files\Canon [2010/06/17 16:50:09 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Canon [2010/06/13 15:46:28 | 000,000,000 | ---D | C] -- C:\Documents and Settings\JMW\My Documents\my games [2010/06/10 10:43:05 | 000,000,000 | ---D | C] -- C:\M2N68-AM-SE2-1409 [2010/06/10 10:41:39 | 000,000,000 | ---D | C] -- C:\Documents and Settings\JMW\Application Data\Download Manager [2010/06/09 21:42:06 | 000,000,000 | ---D | C] -- C:\Program Files\Belarc [2010/06/09 19:50:16 | 000,000,000 | RH-D | C] -- C:\Documents and Settings\JMW\Recent [2010/06/02 21:33:24 | 000,000,000 | ---D | C] -- C:\Documents and Settings\JMW\Application Data\BitDefender [2010/06/02 21:32:48 | 000,000,000 | ---D | C] -- C:\Binaries [2010/06/02 21:19:20 | 000,000,000 | ---D | C] -- C:\Documents and Settings\JMW\Application Data\BD_TEMP [2010/05/25 20:56:19 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Nexon [2010/05/25 08:57:09 | 000,000,000 | ---D | C] -- C:\Documents and Settings\JMW\Desktop\HP USB-5-24-10 [2010/05/24 20:41:32 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\NexonUS [2010/05/24 20:41:32 | 000,000,000 | ---D | C] -- C:\Nexon [2010/05/24 20:18:52 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\PMB Files [2010/05/24 20:18:36 | 000,000,000 | ---D | C] -- C:\Program Files\Pando Networks [2010/05/23 20:06:11 | 000,000,000 | ---D | C] -- C:\Documents and Settings\JMW\My Documents\Nero Collections [2010/05/23 18:08:23 | 000,000,000 | ---D | C] -- C:\Documents and Settings\JMW\My Documents\Ulead DVD MovieFactory [2010/05/21 21:32:44 | 000,000,000 | ---D | C] -- C:\Documents and Settings\JMW\My Documents\BroodWar Temp [2010/05/21 10:22:07 | 000,000,000 | ---D | C] -- C:\Malwarebytes' Anti-Malware [2010/05/19 21:34:56 | 000,000,000 | ---D | C] -- C:\Documents and Settings\JMW\My Documents\Music-YouTube [2010/05/17 15:00:03 | 000,000,000 | ---D | C] -- C:\Documents and Settings\JMW\Local Settings\Application Data\Help [2010/05/17 15:00:03 | 000,000,000 | ---D | C] -- C:\Documents and Settings\JMW\Application Data\Help [2010/05/12 10:01:28 | 000,000,000 | ---D | C] -- C:\Documents and Settings\JMW\Application Data\Wireshark [2010/05/12 08:55:50 | 000,000,000 | ---D | C] -- C:\Program Files\WinPcap [2010/05/12 08:55:26 | 000,000,000 | ---D | C] -- C:\Program Files\Wireshark [2010/05/07 12:52:06 | 000,000,000 | ---D | C] -- C:\Documents and Settings\JMW\Local Settings\Application Data\Yahoo! [2010/05/07 12:18:33 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Motorola Shared [2010/05/07 12:18:32 | 000,000,000 | ---D | C] -- C:\Mobile2Mobile [2010/04/27 11:46:22 | 000,000,000 | ---D | C] -- C:\Program Files\LSoft Technologies [2010/04/25 12:53:48 | 000,156,672 | ---- | C] (Radioactive) -- C:\WINDOWS\System32\rmc_fixasf.exe [2010/04/25 12:53:46 | 000,000,000 | ---D | C] -- C:\Documents and Settings\JMW\My Documents\My Recordings [2010/04/25 12:42:16 | 000,000,000 | ---D | C] -- C:\WINDOWS\Replay Video Capture [2010/04/25 12:42:16 | 000,000,000 | ---D | C] -- C:\Program Files\Replay Video Capture [2010/04/25 12:15:24 | 000,000,000 | ---D | C] -- C:\Documents and Settings\JMW\Local Settings\Application Data\mdnslib [2010/04/25 12:15:09 | 000,000,000 | ---D | C] -- C:\WINDOWS\Applian Director [2010/04/25 12:15:09 | 000,000,000 | ---D | C] -- C:\Program Files\Applian Director [2010/04/25 12:13:46 | 000,000,000 | ---D | C] -- C:\Documents and Settings\JMW\My Documents\Ask and Record Toolbar [2010/04/25 12:13:45 | 000,000,000 | ---D | C] -- C:\Documents and Settings\JMW\Local Settings\Application Data\FLVService [2010/04/25 12:13:39 | 000,000,000 | ---D | C] -- C:\WINDOWS\Replay Media Catcher [2010/04/25 12:13:39 | 000,000,000 | ---D | C] -- C:\Program Files\Replay Media Catcher [2010/04/25 10:13:07 | 000,000,000 | ---D | C] -- C:\Documents and Settings\LocalService\Local Settings\Application Data\IsolatedStorage [2010/04/25 10:11:49 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Amazon [2010/04/25 10:11:29 | 000,000,000 | ---D | C] -- C:\Program Files\Amazon [2010/04/25 10:11:26 | 000,000,000 | ---D | C] -- C:\7b8b96151ab4a0c05c35ab41 [2010/04/25 10:10:30 | 000,000,000 | ---D | C] -- C:\WINDOWS\Downloaded Installations [2010/04/18 21:17:04 | 000,000,000 | ---D | C] -- C:\Program Files\Sierra On-Line [2010/04/18 21:16:36 | 000,000,000 | ---D | C] -- C:\Sierra [2 C:\Documents and Settings\JMW\My Documents\*.tmp files -> C:\Documents and Settings\JMW\My Documents\*.tmp -> ] [11 C:\Documents and Settings\LocalService\Local Settings\Application Data\*.tmp files -> C:\Documents and Settings\LocalService\Local Settings\Application Data\*.tmp -> ] [color=#E56717]========== Files - Modified Within 90 Days ==========[/color] [2010/07/14 12:30:00 | 000,000,880 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job [2010/07/14 12:30:00 | 000,000,418 | -H-- | M] () -- C:\WINDOWS\tasks\User_Feed_Synchronization-{194327A4-4ECC-45E4-A847-899025A50FFC}.job [2010/07/14 12:29:00 | 000,000,424 | -H-- | M] () -- C:\WINDOWS\tasks\User_Feed_Synchronization-{78104FA3-1D58-4491-8AD7-BA18CA270E67}.job [2010/07/14 12:26:00 | 000,000,420 | -H-- | M] () -- C:\WINDOWS\tasks\User_Feed_Synchronization-{144E8221-0BB1-4CEA-B600-889736AF4FA0}.job [2010/07/14 12:18:48 | 000,000,767 | ---- | M] () -- C:\Documents and Settings\JMW\Start Menu\Programs\Startup\ERUNT AutoBackup.lnk [2010/07/14 12:18:38 | 000,000,611 | ---- | M] () -- C:\Documents and Settings\JMW\Desktop\NTREGOPT.lnk [2010/07/14 12:18:38 | 000,000,592 | ---- | M] () -- C:\Documents and Settings\JMW\Desktop\ERUNT.lnk [2010/07/14 09:17:30 | 000,000,330 | -H-- | M] () -- C:\WINDOWS\tasks\MP Scheduled Scan.job [2010/07/14 09:16:55 | 000,013,646 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl [2010/07/14 09:14:40 | 000,207,962 | ---- | M] () -- C:\WINDOWS\System32\nvapps.xml [2010/07/14 09:14:37 | 000,000,876 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job [2010/07/14 09:14:28 | 000,000,006 | -H-- | M] () -- C:\WINDOWS\tasks\SA.DAT [2010/07/14 09:14:25 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat [2010/07/13 22:37:51 | 000,000,052 | ---- | M] () -- C:\WINDOWS\System32\ashttpstats.csv [2010/07/13 22:37:49 | 000,000,178 | -HS- | M] () -- C:\Documents and Settings\JMW\ntuser.ini [2010/07/13 22:37:48 | 009,175,040 | ---- | M] () -- C:\Documents and Settings\JMW\ntuser.dat [2010/07/13 21:21:44 | 000,001,604 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\QuickTime Player.lnk [2010/07/13 20:09:48 | 000,001,052 | ---- | M] () -- C:\Documents and Settings\JMW\Desktop\Shortcut to autorunsc.exe.lnk [2010/07/13 15:47:08 | 000,001,835 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Nero Move it.lnk [2010/07/13 14:17:22 | 000,000,418 | -H-- | M] () -- C:\WINDOWS\tasks\User_Feed_Synchronization-{48E394E2-053F-4363-A576-8C9D621BDA10}.job [2010/07/13 05:32:54 | 000,000,664 | ---- | M] () -- C:\WINDOWS\System32\d3d9caps.dat [2010/07/12 23:26:41 | 000,016,519 | -H-- | M] () -- C:\Documents and Settings\JMW\My Documents\~$nce Obama took office.docx [2010/07/12 21:22:31 | 000,001,917 | ---- | M] () -- C:\WINDOWS\imsins.BAK [2010/07/12 15:02:37 | 000,022,752 | ---- | M] () -- C:\Documents and Settings\JMW\My Documents\Customer ID.docx [2010/07/12 14:34:26 | 000,001,036 | ---- | M] () -- C:\WINDOWS\System32\AddPort.ini [2010/07/12 14:34:25 | 000,000,689 | ---- | M] () -- C:\WINDOWS\hpntwksetup.ini [2010/07/12 14:28:45 | 000,002,379 | ---- | M] () -- C:\Documents and Settings\JMW\Desktop\HP Managed Printing Admin.lnk [2010/07/11 09:22:50 | 000,016,228 | ---- | M] () -- C:\Documents and Settings\JMW\My Documents\Since Obama took office.docx [2010/07/05 22:52:40 | 000,010,488 | ---- | M] () -- C:\Documents and Settings\JMW\My Documents\Foods.docx [2010/07/04 11:21:33 | 000,000,376 | ---- | M] () -- C:\Documents and Settings\JMW\Application Dataprivacy.xml [2010/07/03 21:54:34 | 000,000,284 | ---- | M] () -- C:\WINDOWS\tasks\Spybot - Search & Destroy - Scheduled Task.job [2010/07/02 19:31:09 | 000,001,813 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Google Chrome.lnk [2010/07/01 22:14:07 | 000,001,857 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\NetObjects Fusion Essentials.lnk [2010/06/30 22:33:30 | 000,011,291 | ---- | M] () -- C:\Documents and Settings\JMW\My Documents\To Whom it May Concern.docx [2010/06/27 12:47:48 | 000,000,256 | ---- | M] () -- C:\WINDOWS\System32\pool.bin [2010/06/27 11:13:38 | 000,026,832 | ---- | M] () -- C:\Documents and Settings\JMW\My Documents\LoaderBackup-(2010-06-27).ipd [2010/06/27 10:51:47 | 000,111,336 | ---- | M] () -- C:\Documents and Settings\JMW\Local Settings\Application Data\GDIPFONTCACHEV1.DAT [2010/06/27 10:51:07 | 000,399,936 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT [2010/06/27 10:38:57 | 000,001,729 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Desktop Manager.lnk [2010/06/27 03:03:11 | 000,011,295 | ---- | M] () -- C:\Documents and Settings\JMW\My Documents\Reverse Osmosis water filtration unit2.docx [2010/06/22 22:51:11 | 000,536,324 | ---- | M] () -- C:\WINDOWS\System32\PerfStringBackup.INI [2010/06/22 22:51:11 | 000,466,044 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat [2010/06/22 22:51:11 | 000,079,770 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat [2010/06/17 12:19:12 | 000,152,897 | ---- | M] () -- C:\Documents and Settings\JMW\Desktop\rub-n-sauce.pdf [2010/06/13 12:27:55 | 002,646,344 | -H-- | M] () -- C:\Documents and Settings\JMW\Local Settings\Application Data\IconCache.db [2010/06/12 18:47:38 | 000,139,152 | ---- | M] () -- C:\WINDOWS\System32\drivers\PnkBstrK.sys [2010/06/12 18:47:38 | 000,139,152 | ---- | M] () -- C:\Documents and Settings\JMW\Application Data\PnkBstrK.sys [2010/06/12 18:47:21 | 000,794,408 | ---- | M] () -- C:\WINDOWS\System32\pbsvc.exe [2010/06/10 10:42:13 | 000,545,996 | ---- | M] () -- C:\M2N68-AM-SE2-1409.zip [2010/06/10 09:02:43 | 000,000,618 | ---- | M] () -- C:\M2N68-AM-0504.zip.lnk [2010/06/09 21:42:15 | 000,001,766 | ---- | M] () -- C:\Documents and Settings\JMW\Application Data\Microsoft\Internet Explorer\Quick Launch\Belarc Advisor.lnk [2010/06/09 21:42:15 | 000,001,748 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Belarc Advisor.lnk [2010/06/09 19:58:46 | 000,000,638 | ---- | M] () -- C:\WINDOWS\win.ini [2010/06/09 19:58:46 | 000,000,227 | ---- | M] () -- C:\WINDOWS\system.ini [2010/06/09 19:58:46 | 000,000,211 | RHS- | M] () -- C:\boot.ini [2010/06/08 16:23:21 | 000,008,544 | ---- | M] () -- C:\Documents and Settings\JMW\My Documents\billsdue-6-9-10.xlsx [2010/06/02 21:41:59 | 000,111,312 | ---- | M] (BitDefender LLC) -- C:\WINDOWS\System32\drivers\bdfndisf.sys [2010/06/02 21:33:27 | 000,001,869 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\BitDefender Total Security 2010.lnk [2010/05/28 15:17:58 | 000,056,940 | ---- | M] () -- C:\WINDOWS\scunin.dat [2010/05/28 15:17:57 | 000,094,208 | ---- | M] (Blizzard Entertainment) -- C:\WINDOWS\ScUnin.exe [2010/05/28 15:17:57 | 000,000,967 | ---- | M] () -- C:\WINDOWS\ScUnin.pif [2010/05/27 08:57:41 | 000,000,812 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Paint.NET.lnk [2010/05/26 12:57:30 | 000,167,109 | ---- | M] () -- C:\Documents and Settings\JMW\My Documents\vital statistics 1940.xlsx [2010/05/25 09:03:43 | 000,020,992 | ---- | M] () -- C:\Documents and Settings\JMW\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini [2010/05/24 19:38:13 | 000,000,420 | ---- | M] () -- C:\WINDOWS\HEGAMES.INI [2010/05/23 20:43:27 | 000,018,566 | ---- | M] () -- C:\Documents and Settings\JMW\My Documents\BREAKINGNEWS.jpg [2010/05/23 20:33:24 | 000,100,134 | ---- | M] () -- C:\Documents and Settings\JMW\My Documents\mathew brady4.jpg [2010/05/23 20:29:02 | 000,039,556 | ---- | M] () -- C:\Documents and Settings\JMW\My Documents\mathew brady3.jpg [2010/05/23 20:28:44 | 000,192,425 | ---- | M] () -- C:\Documents and Settings\JMW\My Documents\mathew brady2.jpg [2010/05/23 20:28:11 | 000,083,293 | ---- | M] () -- C:\Documents and Settings\JMW\My Documents\mathew brady.jpg [2010/05/23 20:08:37 | 000,000,173 | ---- | M] () -- C:\Documents and Settings\JMW\Application Data\default.rss [2010/05/23 20:07:37 | 000,000,069 | ---- | M] () -- C:\WINDOWS\NeroDigital.ini [2010/05/23 20:06:11 | 000,000,000 | ---- | M] () -- C:\Documents and Settings\JMW\Application Data\downloads.m3u [2010/05/23 19:49:39 | 000,148,844 | R--- | M] () -- C:\Documents and Settings\JMW\Desktop\0523101944-00.wav [2010/05/23 19:48:30 | 000,211,851 | ---- | M] () -- C:\Documents and Settings\JMW\Desktop\0523101943-01.3gp [2010/05/23 19:48:24 | 000,202,985 | ---- | M] () -- C:\Documents and Settings\JMW\Desktop\0523101944-00.3gp [2010/05/23 18:16:36 | 000,000,696 | ---- | M] () -- C:\Documents and Settings\JMW\Desktop\Shortcut to moviemk.exe.lnk [2010/05/22 18:06:45 | 002,111,281 | ---- | M] () -- C:\Documents and Settings\JMW\My Documents\hpsysdig.htm [2010/05/22 18:06:45 | 000,099,848 | ---- | M] () -- C:\Documents and Settings\JMW\My Documents\hpsysdig.gz [2010/05/22 18:06:45 | 000,000,497 | ---- | M] () -- C:\Documents and Settings\JMW\Desktop\hpsysdig.lnk [2010/05/21 21:05:40 | 000,054,005 | ---- | M] () -- C:\WINDOWS\hppins01.dat.temp [2010/05/21 10:22:12 | 000,000,582 | ---- | M] () -- C:\Documents and Settings\JMW\Application Data\Microsoft\Internet Explorer\Quick Launch\Malwarebytes' Anti-Malware.lnk [2010/05/21 10:22:12 | 000,000,564 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Malwarebytes' Anti-Malware.lnk [2010/05/18 16:58:17 | 000,053,946 | ---- | M] () -- C:\Documents and Settings\JMW\My Documents\kate.docx [2010/05/17 15:31:40 | 000,007,208 | ---- | M] () -- C:\Documents and Settings\JMW\My Documents\Triggers.trg [2010/05/16 18:27:05 | 000,001,915 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Google Earth.lnk [2010/05/12 08:55:51 | 000,000,073 | ---- | M] () -- C:\WINDOWS\System32\-1 [2010/05/12 08:55:34 | 000,001,489 | ---- | M] () -- C:\Documents and Settings\JMW\Application Data\Microsoft\Internet Explorer\Quick Launch\Wireshark.lnk [2010/05/07 12:18:47 | 000,001,580 | ---- | M] () -- C:\Documents and Settings\JMW\Desktop\Mobile2Mobile Unlocker.lnk [2010/05/04 08:56:32 | 000,226,728 | R--- | M] (Coupons, Inc.) -- C:\WINDOWS\System32\cpnprt2.cid [2010/05/02 00:36:43 | 000,107,056 | ---- | M] () -- C:\Documents and Settings\JMW\workforce filings 5-1-2010 [2010/04/29 15:39:38 | 000,038,224 | ---- | M] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbamswissarmy.sys [2010/04/29 15:39:26 | 000,020,952 | ---- | M] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbam.sys [2010/04/25 12:53:48 | 000,237,568 | ---- | M] () -- C:\WINDOWS\System32\rmc_rtspdl.dll [2010/04/25 12:53:48 | 000,156,672 | ---- | M] (Radioactive) -- C:\WINDOWS\System32\rmc_fixasf.exe [2010/04/25 12:42:20 | 000,001,631 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Replay Video Capture.lnk [2010/04/25 12:41:11 | 008,825,144 | ---- | M] () -- C:\Program Files\RVCSetup.exe [2010/04/25 12:15:09 | 000,001,620 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Applian Director.lnk [2010/04/25 12:13:43 | 000,001,684 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Replay Media Catcher.lnk [2010/04/25 11:49:13 | 000,000,002 | ---- | M] () -- C:\WINDOWS\System32\Dvbpws.dll [2010/04/25 10:11:25 | 000,001,671 | ---- | M] () -- C:\Documents and Settings\JMW\Application Data\Microsoft\Internet Explorer\Quick Launch\Launch Amazon Unbox Video.lnk [2010/04/25 10:11:25 | 000,001,653 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Amazon Unbox.lnk [2010/04/18 21:32:47 | 000,021,840 | ---- | M] () -- C:\WINDOWS\System32\SIntfNT.dll [2010/04/18 21:32:46 | 000,017,212 | ---- | M] () -- C:\WINDOWS\System32\SIntf32.dll [2010/04/18 21:32:46 | 000,012,067 | ---- | M] () -- C:\WINDOWS\System32\SIntf16.dll [2010/04/18 21:19:23 | 000,000,100 | ---- | M] () -- C:\WINDOWS\SIERRA.INI [2 C:\Documents and Settings\JMW\My Documents\*.tmp files -> C:\Documents and Settings\JMW\My Documents\*.tmp -> ] [color=#E56717]========== Files Created - No Company Name ==========[/color] [2010/07/14 12:18:48 | 000,000,767 | ---- | C] () -- C:\Documents and Settings\JMW\Start Menu\Programs\Startup\ERUNT AutoBackup.lnk [2010/07/14 12:18:38 | 000,000,611 | ---- | C] () -- C:\Documents and Settings\JMW\Desktop\NTREGOPT.lnk [2010/07/14 12:18:38 | 000,000,592 | ---- | C] () -- C:\Documents and Settings\JMW\Desktop\ERUNT.lnk [2010/07/13 21:21:44 | 000,001,604 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\QuickTime Player.lnk [2010/07/13 20:09:48 | 000,001,052 | ---- | C] () -- C:\Documents and Settings\JMW\Desktop\Shortcut to autorunsc.exe.lnk [2010/07/13 15:47:08 | 000,001,835 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Nero Move it.lnk [2010/07/12 15:02:36 | 000,022,752 | ---- | C] () -- C:\Documents and Settings\JMW\My Documents\Customer ID.docx [2010/07/05 22:52:40 | 000,010,488 | ---- | C] () -- C:\Documents and Settings\JMW\My Documents\Foods.docx [2010/07/02 08:57:13 | 000,016,519 | -H-- | C] () -- C:\Documents and Settings\JMW\My Documents\~$nce Obama took office.docx [2010/07/01 22:14:07 | 000,001,857 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\NetObjects Fusion Essentials.lnk [2010/06/30 16:00:07 | 000,011,291 | ---- | C] () -- C:\Documents and Settings\JMW\My Documents\To Whom it May Concern.docx [2010/06/29 17:03:05 | 000,016,228 | ---- | C] () -- C:\Documents and Settings\JMW\My Documents\Since Obama took office.docx [2010/06/27 11:13:38 | 000,026,832 | ---- | C] () -- C:\Documents and Settings\JMW\My Documents\LoaderBackup-(2010-06-27).ipd [2010/06/27 11:09:48 | 000,000,256 | ---- | C] () -- C:\WINDOWS\System32\pool.bin [2010/06/27 10:38:57 | 000,001,729 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Desktop Manager.lnk [2010/06/27 03:03:11 | 000,011,295 | ---- | C] () -- C:\Documents and Settings\JMW\My Documents\Reverse Osmosis water filtration unit2.docx [2010/06/17 12:19:12 | 000,152,897 | ---- | C] () -- C:\Documents and Settings\JMW\Desktop\rub-n-sauce.pdf [2010/06/10 10:42:11 | 000,545,996 | ---- | C] () -- C:\M2N68-AM-SE2-1409.zip [2010/06/10 09:11:27 | 000,000,618 | ---- | C] () -- C:\M2N68-AM-0504.zip.lnk [2010/06/09 21:42:15 | 000,001,766 | ---- | C] () -- C:\Documents and Settings\JMW\Application Data\Microsoft\Internet Explorer\Quick Launch\Belarc Advisor.lnk [2010/06/09 21:42:15 | 000,001,748 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Belarc Advisor.lnk [2010/06/09 21:42:08 | 000,003,840 | ---- | C] () -- C:\WINDOWS\System32\drivers\BANTExt.sys [2010/06/08 16:23:19 | 000,008,544 | ---- | C] () -- C:\Documents and Settings\JMW\My Documents\billsdue-6-9-10.xlsx [2010/06/02 21:33:27 | 000,001,869 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\BitDefender Total Security 2010.lnk [2010/05/27 08:57:41 | 000,000,812 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Paint.NET.lnk [2010/05/26 12:57:30 | 000,167,109 | ---- | C] () -- C:\Documents and Settings\JMW\My Documents\vital statistics 1940.xlsx [2010/05/23 20:43:23 | 000,018,566 | ---- | C] () -- C:\Documents and Settings\JMW\My Documents\BREAKINGNEWS.jpg [2010/05/23 20:33:24 | 000,100,134 | ---- | C] () -- C:\Documents and Settings\JMW\My Documents\mathew brady4.jpg [2010/05/23 20:29:02 | 000,039,556 | ---- | C] () -- C:\Documents and Settings\JMW\My Documents\mathew brady3.jpg [2010/05/23 20:28:44 | 000,192,425 | ---- | C] () -- C:\Documents and Settings\JMW\My Documents\mathew brady2.jpg [2010/05/23 20:28:10 | 000,083,293 | ---- | C] () -- C:\Documents and Settings\JMW\My Documents\mathew brady.jpg [2010/05/23 20:06:11 | 000,000,000 | ---- | C] () -- C:\Documents and Settings\JMW\Application Data\downloads.m3u [2010/05/23 20:00:48 | 000,211,851 | ---- | C] () -- C:\Documents and Settings\JMW\Desktop\0523101943-01.3gp [2010/05/23 20:00:48 | 000,202,985 | ---- | C] () -- C:\Documents and Settings\JMW\Desktop\0523101944-00.3gp [2010/05/23 19:57:58 | 000,148,844 | R--- | C] () -- C:\Documents and Settings\JMW\Desktop\0523101944-00.wav [2010/05/23 18:16:36 | 000,000,696 | ---- | C] () -- C:\Documents and Settings\JMW\Desktop\Shortcut to moviemk.exe.lnk [2010/05/22 18:08:23 | 000,002,379 | ---- | C] () -- C:\Documents and Settings\JMW\Desktop\HP Managed Printing Admin.lnk [2010/05/22 18:06:36 | 001,414,615 | ---- | C] () -- C:\Documents and Settings\JMW\My Documents\hpsysdig.old [2010/05/21 10:22:12 | 000,000,582 | ---- | C] () -- C:\Documents and Settings\JMW\Application Data\Microsoft\Internet Explorer\Quick Launch\Malwarebytes' Anti-Malware.lnk [2010/05/21 10:22:12 | 000,000,564 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Malwarebytes' Anti-Malware.lnk [2010/05/18 16:58:05 | 000,053,946 | ---- | C] () -- C:\Documents and Settings\JMW\My Documents\kate.docx [2010/05/17 15:31:40 | 000,007,208 | ---- | C] () -- C:\Documents and Settings\JMW\My Documents\Triggers.trg [2010/05/17 13:31:38 | 000,000,284 | ---- | C] () -- C:\WINDOWS\tasks\Spybot - Search & Destroy - Scheduled Task.job [2010/05/16 18:27:05 | 000,001,915 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Google Earth.lnk [2010/05/12 08:55:51 | 000,000,073 | ---- | C] () -- C:\WINDOWS\System32\-1 [2010/05/12 08:55:34 | 000,001,489 | ---- | C] () -- C:\Documents and Settings\JMW\Application Data\Microsoft\Internet Explorer\Quick Launch\Wireshark.lnk [2010/05/07 12:18:47 | 000,001,580 | ---- | C] () -- C:\Documents and Settings\JMW\Desktop\Mobile2Mobile Unlocker.lnk [2010/05/02 00:36:43 | 000,107,056 | ---- | C] () -- C:\Documents and Settings\JMW\workforce filings 5-1-2010 [2010/04/25 12:53:47 | 000,237,568 | ---- | C] () -- C:\WINDOWS\System32\rmc_rtspdl.dll [2010/04/25 12:42:20 | 000,001,631 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Replay Video Capture.lnk [2010/04/25 12:41:01 | 008,825,144 | ---- | C] () -- C:\Program Files\RVCSetup.exe [2010/04/25 12:15:09 | 000,001,620 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Applian Director.lnk [2010/04/25 12:13:43 | 000,001,684 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Replay Media Catcher.lnk [2010/04/25 10:11:25 | 000,001,671 | ---- | C] () -- C:\Documents and Settings\JMW\Application Data\Microsoft\Internet Explorer\Quick Launch\Launch Amazon Unbox Video.lnk [2010/04/25 10:11:25 | 000,001,653 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Amazon Unbox.lnk [2010/04/18 21:32:47 | 000,021,840 | ---- | C] () -- C:\WINDOWS\System32\SIntfNT.dll [2010/04/18 21:32:46 | 000,017,212 | ---- | C] () -- C:\WINDOWS\System32\SIntf32.dll [2010/04/18 21:32:46 | 000,012,067 | ---- | C] () -- C:\WINDOWS\System32\SIntf16.dll [2010/04/18 21:18:51 | 000,000,100 | ---- | C] () -- C:\WINDOWS\SIERRA.INI [2010/04/04 15:16:48 | 000,000,109 | ---- | C] () -- C:\WINDOWS\Sansa Media Converter.INI [2010/03/16 02:14:15 | 000,014,848 | ---- | C] () -- C:\WINDOWS\System32\EuEpmGdi.dll [2010/03/16 02:14:15 | 000,013,192 | ---- | C] () -- C:\WINDOWS\System32\epmntdrv.sys [2010/03/16 02:14:15 | 000,008,456 | ---- | C] () -- C:\WINDOWS\System32\EuGdiDrv.sys [2010/03/16 01:26:33 | 000,000,232 | ---- | C] () -- C:\WINDOWS\reimage.ini [2010/01/11 23:05:51 | 000,102,400 | ---- | C] () -- C:\WINDOWS\System32\PMLJNI.dll [2010/01/11 23:05:51 | 000,074,752 | ---- | C] () -- C:\WINDOWS\System32\jst.dll [2010/01/11 23:05:51 | 000,032,768 | ---- | C] () -- C:\WINDOWS\System32\compJNI.dll [2010/01/07 23:02:22 | 000,000,689 | ---- | C] () -- C:\WINDOWS\hpntwksetup.ini [2009/11/30 11:50:25 | 000,000,032 | ---- | C] () -- C:\WINDOWS\wininit.ini [2009/11/26 21:56:32 | 000,000,420 | ---- | C] () -- C:\WINDOWS\HEGAMES.INI [2009/10/20 13:19:30 | 000,053,299 | ---- | C] () -- C:\WINDOWS\System32\pthreadVC.dll [2009/09/19 22:31:19 | 000,000,028 | ---- | C] () -- C:\WINDOWS\ODBC.INI [2009/08/20 12:05:23 | 000,000,121 | ---- | C] () -- C:\WINDOWS\bdagent.INI [2009/08/20 07:50:13 | 000,139,152 | ---- | C] () -- C:\WINDOWS\System32\drivers\PnkBstrK.sys [2009/08/20 07:49:57 | 000,000,316 | ---- | C] () -- C:\WINDOWS\game.ini [2009/08/06 16:20:48 | 000,003,399 | R--- | C] () -- C:\WINDOWS\System32\hptcpmon.ini [2009/08/06 16:20:48 | 000,001,036 | ---- | C] () -- C:\WINDOWS\System32\AddPort.ini [2009/08/03 15:07:42 | 000,403,816 | ---- | C] () -- C:\WINDOWS\System32\OGACheckControl.dll [2009/06/27 16:40:42 | 000,000,043 | ---- | C] () -- C:\WINDOWS\hpfccopy.INI [2009/06/27 09:28:01 | 000,000,000 | ---- | C] () -- C:\WINDOWS\hpqemlsz.INI [2009/06/13 10:54:02 | 000,000,116 | ---- | C] () -- C:\WINDOWS\ConverterCore.INI [2009/06/12 11:27:44 | 000,000,120 | ---- | C] () -- C:\WINDOWS\QUICKEN.INI [2009/06/11 18:09:54 | 000,000,069 | ---- | C] () -- C:\WINDOWS\NeroDigital.ini [2009/06/11 18:03:02 | 000,004,757 | ---- | C] () -- C:\WINDOWS\Irremote.ini [2009/06/10 22:35:16 | 000,354,816 | ---- | C] () -- C:\WINDOWS\System32\psisdecd.dll [2009/06/10 08:29:34 | 001,724,416 | ---- | C] () -- C:\WINDOWS\System32\nvwdmcpl.dll [2009/06/10 08:29:34 | 001,101,824 | ---- | C] () -- C:\WINDOWS\System32\nvwimg.dll [2009/06/10 08:29:34 | 000,466,944 | ---- | C] () -- C:\WINDOWS\System32\nvshell.dll [2009/06/10 08:29:32 | 001,507,328 | ---- | C] () -- C:\WINDOWS\System32\nview.dll [2009/06/07 20:38:12 | 000,056,832 | ---- | C] () -- C:\WINDOWS\System32\Iyvu9_32.dll [2009/06/07 19:23:52 | 000,000,002 | ---- | C] () -- C:\WINDOWS\System32\Dvbpws.dll [2009/06/05 22:57:17 | 000,094,208 | ---- | C] () -- C:\WINDOWS\System32\GTW32N50.dll [2009/06/05 21:56:24 | 000,001,746 | ---- | C] () -- C:\WINDOWS\Language_trs.ini [2009/06/05 21:48:20 | 000,028,191 | ---- | C] () -- C:\WINDOWS\Ascd_log.ini [2009/06/05 21:47:18 | 000,005,810 | R--- | C] () -- C:\WINDOWS\System32\drivers\ASACPI.sys [2009/06/05 21:47:10 | 000,023,629 | ---- | C] () -- C:\WINDOWS\Ascd_tmp.ini [2009/06/05 21:47:10 | 000,010,296 | ---- | C] () -- C:\WINDOWS\System32\drivers\ASUSHWIO.SYS [2009/01/15 13:45:34 | 000,181,248 | ---- | C] () -- C:\WINDOWS\System32\txmlutil.dll [2009/01/05 15:44:10 | 000,000,453 | ---- | C] () -- C:\WINDOWS\bdoscandellang.ini [2008/08/29 14:58:26 | 000,197,408 | ---- | C] () -- C:\WINDOWS\System32\vpnapi.dll [2008/08/29 14:58:16 | 000,193,312 | ---- | C] () -- C:\WINDOWS\System32\CSGina.dll [2007/09/27 10:51:02 | 000,020,698 | ---- | C] () -- C:\WINDOWS\System32\idxcntrs.ini [2007/09/27 10:48:48 | 000,030,628 | ---- | C] () -- C:\WINDOWS\System32\gsrvctr.ini [2007/09/27 10:48:28 | 000,031,698 | ---- | C] () -- C:\WINDOWS\System32\gthrctr.ini [2007/08/15 07:27:18 | 000,009,600 | ---- | C] () -- C:\WINDOWS\System32\drivers\n558.sys [2007/01/31 14:50:32 | 000,913,408 | ---- | C] () -- C:\WINDOWS\System32\xreglib.dll [2006/03/20 14:43:15 | 000,045,056 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelTraditionalChinese.dll [2006/03/20 14:43:15 | 000,045,056 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelSwedish.dll [2006/03/20 14:43:15 | 000,045,056 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelSpanish.dll [2006/03/20 14:43:15 | 000,045,056 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelSimplifiedChinese.dll [2006/03/20 14:43:15 | 000,045,056 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelPortugese.dll [2006/03/20 14:43:15 | 000,045,056 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelKorean.dll [2006/03/20 14:43:15 | 000,045,056 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelJapanese.dll [2006/03/20 14:43:15 | 000,045,056 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelGerman.dll [2006/03/20 14:43:15 | 000,045,056 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelFrench.dll [2005/12/21 01:39:34 | 000,012,288 | R--- | C] () -- C:\WINDOWS\System32\hpnvr82.dll [2005/01/21 13:41:26 | 000,208,896 | ---- | C] () -- C:\WINDOWS\System32\HPP2800V.DLL [2001/03/28 13:37:14 | 000,000,033 | ---- | C] () -- C:\WINDOWS\hppcap.ini [color=#E56717]========== LOP Check ==========[/color] [2010/04/25 10:11:49 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Amazon [2010/06/02 21:32:37 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\BitDefender [2010/02/23 13:22:55 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Downloaded Installations [2009/06/21 12:38:59 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\EPSON [2010/03/14 02:43:53 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\GoodSync [2009/06/12 09:10:09 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\LightScribe [2010/05/25 20:56:19 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Nexon [2010/05/25 20:56:20 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\NexonUS [2010/02/23 13:36:58 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Nuance [2009/08/29 20:48:56 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Oberon Media [2010/05/24 20:19:45 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\PMB Files [2010/06/27 10:38:56 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Research In Motion [2010/02/23 13:25:18 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\ScanSoft [2010/03/12 16:42:31 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\TEMP [2010/06/18 20:35:07 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\TomTom [2009/06/07 20:26:28 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Ulead Systems [2009/10/02 21:18:11 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\{755AC846-7372-4AC8-8550-C52491DAA8BD} [2009/07/22 21:01:59 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\{8CD7F5AF-ECFA-4793-BF40-D8F42DBFF906} [2009/12/15 21:49:49 | 000,000,000 | ---D | M] -- C:\Documents and Settings\JMW\Application Data\Ace [2010/07/13 20:41:21 | 000,000,000 | ---D | M] -- C:\Documents and Settings\JMW\Application Data\Auslogics [2010/06/02 21:19:20 | 000,000,000 | ---D | M] -- C:\Documents and Settings\JMW\Application Data\BD_TEMP [2010/06/02 21:33:24 | 000,000,000 | ---D | M] -- C:\Documents and Settings\JMW\Application Data\BitDefender [2010/06/27 12:44:25 | 000,000,000 | ---D | M] -- C:\Documents and Settings\JMW\Application Data\Blackberry Desktop [2010/06/18 15:44:34 | 000,000,000 | ---D | M] -- C:\Documents and Settings\JMW\Application Data\Canon [2010/03/24 23:35:18 | 000,000,000 | ---D | M] -- C:\Documents and Settings\JMW\Application Data\GoodSync [2010/05/21 21:54:38 | 000,000,000 | ---D | M] -- C:\Documents and Settings\JMW\Application Data\Image Zone Express [2009/08/19 07:40:27 | 000,000,000 | ---D | M] -- C:\Documents and Settings\JMW\Application Data\mjusbsp [2010/02/23 13:36:58 | 000,000,000 | ---D | M] -- C:\Documents and Settings\JMW\Application Data\Nuance [2009/10/23 15:31:52 | 000,000,000 | ---D | M] -- C:\Documents and Settings\JMW\Application Data\PowerChallenge [2009/08/10 14:14:22 | 000,000,000 | ---D | M] -- C:\Documents and Settings\JMW\Application Data\Printer Info Cache [2009/06/12 11:37:18 | 000,000,000 | ---D | M] -- C:\Documents and Settings\JMW\Application Data\Quicken WillMaker [2010/06/27 11:09:45 | 000,000,000 | ---D | M] -- C:\Documents and Settings\JMW\Application Data\Research In Motion [2009/06/20 20:28:03 | 000,000,000 | ---D | M] -- C:\Documents and Settings\JMW\Application Data\SanDisk [2010/07/14 12:17:30 | 000,000,000 | ---D | M] -- C:\Documents and Settings\JMW\Application Data\SolidDocuments [2010/07/02 08:59:16 | 000,000,000 | -HSD | M] -- C:\Documents and Settings\JMW\Application Data\SystemProc [2009/11/06 19:36:15 | 000,000,000 | ---D | M] -- C:\Documents and Settings\JMW\Application Data\The Goalkeeper [2010/06/18 20:34:41 | 000,000,000 | ---D | M] -- C:\Documents and Settings\JMW\Application Data\TomTom [2010/01/16 16:17:12 | 000,000,000 | ---D | M] -- C:\Documents and Settings\JMW\Application Data\Ulead Systems [2009/10/29 19:31:42 | 000,000,000 | ---D | M] -- C:\Documents and Settings\JMW\Application Data\Unity [2009/12/15 21:49:41 | 000,000,000 | ---D | M] -- C:\Documents and Settings\JMW\Application Data\UP Downloadable Demo [2009/07/10 19:54:52 | 000,000,000 | ---D | M] -- C:\Documents and Settings\JMW\Application Data\Windows Desktop Search [2009/07/21 19:02:08 | 000,000,000 | ---D | M] -- C:\Documents and Settings\JMW\Application Data\Windows Search [2010/05/12 10:01:28 | 000,000,000 | ---D | M] -- C:\Documents and Settings\JMW\Application Data\Wireshark [2010/02/23 13:25:27 | 000,000,000 | ---D | M] -- C:\Documents and Settings\JMW\Application Data\Zeon [2010/07/14 09:17:30 | 000,000,330 | -H-- | M] () -- C:\WINDOWS\Tasks\MP Scheduled Scan.job [2010/07/14 12:26:00 | 000,000,420 | -H-- | M] () -- C:\WINDOWS\Tasks\User_Feed_Synchronization-{144E8221-0BB1-4CEA-B600-889736AF4FA0}.job [2010/07/14 12:30:00 | 000,000,418 | -H-- | M] () -- C:\WINDOWS\Tasks\User_Feed_Synchronization-{194327A4-4ECC-45E4-A847-899025A50FFC}.job [2010/07/13 14:17:22 | 000,000,418 | -H-- | M] () -- C:\WINDOWS\Tasks\User_Feed_Synchronization-{48E394E2-053F-4363-A576-8C9D621BDA10}.job [2010/07/14 12:29:00 | 000,000,424 | -H-- | M] () -- C:\WINDOWS\Tasks\User_Feed_Synchronization-{78104FA3-1D58-4491-8AD7-BA18CA270E67}.job [color=#E56717]========== Purity Check ==========[/color] [color=#E56717]========== Custom Scans ==========[/color] [color=#A23BEC]< %SYSTEMDRIVE%\*.* >[/color] [2009/06/05 21:33:02 | 000,000,000 | ---- | M] () -- C:\AUTOEXEC.BAT [2010/07/13 07:32:23 | 000,153,436 | ---- | M] () -- C:\bdlog.txt [2010/01/10 02:35:49 | 000,080,086 | ---- | M] () -- C:\BdUninstallTool2010.01.10-01.35.29.log [2010/01/10 02:35:49 | 000,000,038 | ---- | M] () -- C:\BdUninstallTool2010.01.10-01.35.29.reg [2010/01/10 02:37:33 | 012,669,174 | ---- | M] () -- C:\BdUninstallTool2010.01.10-01.35.52.log [2010/01/10 02:37:33 | 001,139,664 | ---- | M] () -- C:\BdUninstallTool2010.01.10-01.35.52.reg [2010/01/13 10:53:15 | 012,179,843 | ---- | M] () -- C:\BdUninstallTool2010.01.13-09.48.46.log [2010/01/13 10:53:15 | 000,057,458 | ---- | M] () -- C:\BdUninstallTool2010.01.13-09.48.46.reg [2010/01/13 11:03:41 | 012,176,456 | ---- | M] () -- C:\BdUninstallTool2010.01.13-09.59.15.log [2010/01/13 11:03:41 | 000,000,592 | ---- | M] () -- C:\BdUninstallTool2010.01.13-09.59.15.reg [2010/01/13 11:47:12 | 012,176,456 | ---- | M] () -- C:\BdUninstallTool2010.01.13-10.46.15.log [2010/01/13 11:47:12 | 000,001,478 | ---- | M] () -- C:\BdUninstallTool2010.01.13-10.46.15.reg [2010/06/09 19:58:46 | 000,000,211 | RHS- | M] () -- C:\boot.ini [2009/06/05 21:33:02 | 000,000,000 | ---- | M] () -- C:\CONFIG.SYS [2010/05/23 18:07:16 | 000,000,000 | ---- | M] () -- C:\DMF2_WKLog.txt [2009/11/06 19:37:39 | 000,000,000 | ---- | M] () -- C:\error.txt [2009/06/19 07:51:15 | 000,396,288 | ---- | M] (Trend Micro Inc.) -- C:\HijackThis.exe [2010/06/15 06:22:17 | 000,014,263 | ---- | M] () -- C:\hijackthis.log [2009/06/05 21:33:02 | 000,000,000 | RHS- | M] () -- C:\IO.SYS [2010/06/10 09:02:43 | 000,000,618 | ---- | M] () -- C:\M2N68-AM-0504.zip.lnk [2010/06/10 10:42:13 | 000,545,996 | ---- | M] () -- C:\M2N68-AM-SE2-1409.zip [2009/06/05 21:33:02 | 000,000,000 | RHS- | M] () -- C:\MSDOS.SYS [2009/06/06 17:43:31 | 000,047,564 | RHS- | M] () -- C:\NTDETECT.COM [2009/06/06 18:38:16 | 000,250,048 | RHS- | M] () -- C:\ntldr [2010/07/14 09:14:22 | 2145,386,496 | -HS- | M] () -- C:\pagefile.sys [2009/06/05 21:50:53 | 000,001,589 | ---- | M] () -- C:\RHDSetup.log [2010/03/11 16:45:55 | 000,000,794 | ---- | M] () -- C:\rkill.log [2010/06/15 06:51:12 | 000,038,842 | ---- | M] () -- C:\TDSSKiller.2.3.2.0_15.06.2010_06.51.07_log.txt [2009/12/13 03:45:35 | 000,000,858 | ---- | M] () -- C:\test.txt [2009/06/29 21:04:51 | 000,000,594 | ---- | M] () -- C:\updatedatfix.log [color=#A23BEC]< %systemroot%\system32\*.wt >[/color] [color=#A23BEC]< %systemroot%\system32\*.ruy >[/color] [color=#A23BEC]< %systemroot%\Fonts\*.com >[/color] [2006/04/18 15:39:28 | 000,026,040 | ---- | M] () -- C:\WINDOWS\Fonts\GlobalMonospace.CompositeFont [2006/06/29 14:53:56 | 000,026,489 | ---- | M] () -- C:\WINDOWS\Fonts\GlobalSansSerif.CompositeFont [2006/04/18 15:39:28 | 000,029,779 | ---- | M] () -- C:\WINDOWS\Fonts\GlobalSerif.CompositeFont [2006/06/29 14:58:52 | 000,030,808 | ---- | M] () -- C:\WINDOWS\Fonts\GlobalUserInterface.CompositeFont [color=#A23BEC]< %systemroot%\Fonts\*.dll >[/color] [color=#A23BEC]< %systemroot%\Fonts\*.ini >[/color] [2009/06/05 21:32:53 | 000,000,067 | -HS- | M] () -- C:\WINDOWS\Fonts\desktop.ini [color=#A23BEC]< %systemroot%\Fonts\*.ini2 >[/color] [color=#A23BEC]< %systemroot%\system32\spool\prtprocs\w32x86\*.* >[/color] [2008/07/06 07:06:10 | 000,089,088 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\spool\prtprocs\w32x86\filterpipelineprintproc.dll [2004/05/13 12:40:56 | 000,051,712 | ---- | M] (Hewlett-Packard Corporation) -- C:\WINDOWS\system32\spool\prtprocs\w32x86\HPZPP034.DLL [2008/07/06 05:50:03 | 000,597,504 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\spool\prtprocs\w32x86\printfilterpipelinesvc.exe [color=#A23BEC]< %systemroot%\REPAIR\*.bak1 >[/color] [color=#A23BEC]< %systemroot%\REPAIR\*.ini >[/color] [color=#A23BEC]< %systemroot%\system32\*.jpg >[/color] [color=#A23BEC]< %systemroot%\*.scr >[/color] [2009/02/06 19:03:18 | 000,307,576 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\WLXPGSS.SCR [color=#A23BEC]< %systemroot%\*._sy >[/color] [color=#A23BEC]< %APPDATA%\Adobe\Update\*.* >[/color] [color=#A23BEC]< %ALLUSERSPROFILE%\Favorites\*.* >[/color] [color=#A23BEC]< %APPDATA%\Microsoft\*.* >[/color] [color=#A23BEC]< %PROGRAMFILES%\*.* >[/color] [2010/04/25 12:41:11 | 008,825,144 | ---- | M] () -- C:\Program Files\RVCSetup.exe [color=#A23BEC]< %APPDATA%\Update\*.* >[/color] [color=#A23BEC]< %systemroot%\*. /mp /s >[/color] [color=#A23BEC]< %systemroot%\system32\*.dll /lockedfiles >[/color] [color=#A23BEC]< %systemroot%\Tasks\*.job /lockedfiles >[/color] [color=#A23BEC]< %systemroot%\System32\config\*.sav >[/color] [2009/06/05 15:19:54 | 000,094,208 | ---- | M] () -- C:\WINDOWS\system32\config\default.sav [2009/06/05 15:19:54 | 000,626,688 | ---- | M] () -- C:\WINDOWS\system32\config\software.sav [2009/06/05 15:19:53 | 000,430,080 | ---- | M] () -- C:\WINDOWS\system32\config\system.sav [color=#A23BEC]< %systemroot%\system32\user32.dll /md5 >[/color] [2008/04/13 19:12:08 | 000,578,560 | ---- | M] (Microsoft Corporation)[b] Unable to obtain MD5[/b] -- C:\WINDOWS\system32\user32.dll [color=#A23BEC]< %systemroot%\system32\ws2_32.dll /md5 >[/color] [2008/04/13 19:12:10 | 000,082,432 | ---- | M] (Microsoft Corporation) MD5=2CCC474EB85CEAA3E1FA1726580A3E5A -- C:\WINDOWS\system32\ws2_32.dll [color=#A23BEC]< %systemroot%\system32\ws2help.dll /md5 >[/color] [2008/04/13 19:12:10 | 000,019,968 | ---- | M] (Microsoft Corporation) MD5=9789E95E1D88EEB4B922BF3EA7779C28 -- C:\WINDOWS\system32\ws2help.dll [color=#A23BEC]< HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate\AU >[/color] [color=#A23BEC]< HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update\Results\Install|LastSuccessTime /rs >[/color] HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update\Results\Install\\LastSuccessTime: 2010-07-14 02:06:54 [color=#E56717]========== Alternate Data Streams ==========[/color] @Alternate Data Stream - 142 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:D1B5B4F1 @Alternate Data Stream - 138 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:81405BF2 < End of report >