Here are the logs you requested.
OTL logfile created on: 7/8/2010 7:08:30 AM - Run 1
OTL by OldTimer - Version 3.2.8.1 Folder = E:\
Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy
1,022.00 Mb Total Physical Memory | 636.00 Mb Available Physical Memory | 62.00% Memory free
2.00 Gb Paging File | 2.00 Gb Available in Paging File | 87.00% Paging File free
Paging file location(s): C:\pagefile.sys 1536 3072 [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 69.79 Gb Total Space | 11.15 Gb Free Space | 15.98% Space Free | Partition Type: NTFS
D: Drive not present or media not loaded
Drive E: | 7.46 Gb Total Space | 4.79 Gb Free Space | 64.11% Space Free | Partition Type: FAT32
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded
Computer Name: JWOZNEY
Current User Name: Jwozney
Logged in as Administrator.
Current Boot Mode: Normal
Scan Mode: All users
Company Name Whitelist: Off
Skip Microsoft Files: Off
File Age = 90 Days
Output = Minimal
========== Processes (SafeList) ========== PRC - E:\OTL.exe (OldTimer Tools)
PRC - C:\Program Files\DivX\DivX Update\DivXUpdate.exe ()
PRC - C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe (Google Inc.)
PRC - C:\Program Files\Common Files\Intuit\Update Service\IntuitUpdateService.exe (Intuit Inc.)
PRC - C:\Program Files\WinZip\WZQKPICK.EXE (WinZip Computing, S.L.)
PRC - C:\WINDOWS\explorer.exe (Microsoft Corporation)
PRC - C:\Program Files\Intel\Wireless\Bin\EvtEng.exe (Intel Corporation)
PRC - C:\Program Files\Intel\Wireless\Bin\ZCfgSvc.exe (Intel Corporation)
PRC - C:\Program Files\Intel\Wireless\Bin\WLKEEPER.exe (Intel Corporation)
PRC - C:\Program Files\Intel\Wireless\Bin\iFrmewrk.exe (Intel Corporation)
PRC - C:\Program Files\Intel\Wireless\Bin\Dot1XCfg.exe (Intel Corporation)
PRC - C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe (Intel Corporation )
PRC - C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe (Intel Corporation)
PRC - C:\Program Files\SigmaTel\C-Major Audio\WDM\stsystra.exe (SigmaTel, Inc.)
PRC - C:\WINDOWS\system32\UStorSrv.exe (OTi)
========== Modules (SafeList) ========== MOD - E:\OTL.exe (OldTimer Tools)
MOD - C:\WINDOWS\system32\msscript.ocx (Microsoft Corporation)
MOD - C:\WINDOWS\system32\cewmdm.dll (Microsoft Corporation)
========== Win32 Services (SafeList) ========== SRV - (IntuitUpdateService) -- C:\Program Files\Common Files\Intuit\Update Service\IntuitUpdateService.exe (Intuit Inc.)
SRV - (EvtEng) Intel(R) -- C:\Program Files\Intel\Wireless\Bin\EvtEng.exe (Intel Corporation)
SRV - (WLANKEEPER) Intel(R) -- C:\Program Files\Intel\Wireless\Bin\WLKEEPER.exe (Intel Corporation)
SRV - (S24EventMonitor) Intel(R) -- C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe (Intel Corporation )
SRV - (RegSrvc) Intel(R) -- C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe (Intel Corporation)
SRV - (UStorage Server Service) -- C:\WINDOWS\System32\UStorSrv.exe (OTi)
========== Driver Services (SafeList) ========== DRV - (ffcvryx) -- C:\WINDOWS\System32\drivers\ffcvryx.sys ()
DRV - (HDAudBus) -- C:\WINDOWS\system32\drivers\hdaudbus.sys (Windows (R) Server 2003 DDK provider)
DRV - (NETw4x32) Intel(R) -- C:\WINDOWS\system32\drivers\NETw4x32.sys (Intel Corporation)
DRV - (s24trans) -- C:\WINDOWS\system32\drivers\s24trans.sys (Intel Corporation)
DRV - (STHDA) -- C:\WINDOWS\system32\drivers\sthda.sys (SigmaTel, Inc.)
DRV - (nv) -- C:\WINDOWS\system32\drivers\nv4_mini.sys (NVIDIA Corporation)
DRV - (bcm4sbxp) -- C:\WINDOWS\system32\drivers\bcm4sbxp.sys (Broadcom Corporation)
DRV - (rimmptsk) -- C:\WINDOWS\system32\drivers\rimmptsk.sys (REDC)
DRV - (rimsptsk) -- C:\WINDOWS\system32\drivers\rimsptsk.sys (REDC)
DRV - (rismxdp) -- C:\WINDOWS\system32\drivers\rixdptsk.sys (REDC)
DRV - (monfilt) -- C:\WINDOWS\system32\drivers\monfilt.sys (Creative Technology Ltd.)
DRV - (HSF_DPV) -- C:\WINDOWS\system32\drivers\HSF_DPV.sys (Conexant Systems, Inc.)
DRV - (HSFHWAZL) -- C:\WINDOWS\system32\drivers\HSFHWAZL.sys (Conexant Systems, Inc.)
DRV - (winachsf) -- C:\WINDOWS\system32\drivers\HSF_CNXT.sys (Conexant Systems, Inc.)
DRV - (CTUSFSYN) -- C:\WINDOWS\system32\drivers\ctusfsyn.sys (Creative Technology Ltd.)
DRV - (ctsfm2k) -- C:\WINDOWS\system32\drivers\ctsfm2k.sys (Creative Technology Ltd)
DRV - (ossrv) -- C:\WINDOWS\system32\drivers\ctoss2k.sys (Creative Technology Ltd.)
========== Standard Registry (SafeList) ========== ========== Internet Explorer ========== IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 1
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = <local>
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyServer" = http=127.0.0.1:5555
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 1
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = <local>
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyServer" = http=127.0.0.1:5555
IE - HKU\S-1-5-21-856469676-1127877537-354656731-1118\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page =
http://www.google.com/IE - HKU\S-1-5-21-856469676-1127877537-354656731-1118\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 1
IE - HKU\S-1-5-21-856469676-1127877537-354656731-1118\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = <local>
IE - HKU\S-1-5-21-856469676-1127877537-354656731-1118\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyServer" = http=127.0.0.1:5555
========== FireFox ========== FF - prefs.js..extensions.enabledItems:
jqs@sun.com:1.0
FF - HKLM\software\mozilla\Mozilla Firefox 3.5.9\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2010/06/03 16:25:21 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.5.9\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2010/06/03 16:25:26 | 000,000,000 | ---D | M]
[2009/04/10 06:48:15 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jwozney\Application Data\Mozilla\Extensions
[2010/06/21 09:26:23 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jwozney\Application Data\Mozilla\Firefox\Profiles\rq9luuzd.default\extensions
[2010/04/28 00:06:09 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Documents and Settings\Jwozney\Application Data\Mozilla\Firefox\Profiles\rq9luuzd.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}
[2010/06/21 09:26:23 | 000,000,000 | ---D | M] -- C:\Program Files\Mozilla Firefox\extensions
O1 HOSTS File: ([2010/06/26 23:25:44 | 000,000,098 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\Hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: ::1 localhost
O2 - BHO: (no name) - {5d2b8007-1aaf-44f5-856c-632b9fda28e0} - File not found
O3 - HKLM\..\Toolbar: (Google Toolbar) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
O3 - HKU\S-1-5-21-856469676-1127877537-354656731-1118\..\Toolbar\WebBrowser: (Google Toolbar) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
O4 - HKLM..\Run: [DivXUpdate] C:\Program Files\DivX\DivX Update\DivXUpdate.exe ()
O4 - HKLM..\Run: [gohasilipa] File not found
O4 - HKLM..\Run: [IntelWireless] C:\Program Files\Intel\Wireless\Bin\ifrmewrk.exe (Intel Corporation)
O4 - HKLM..\Run: [IntelZeroConfig] C:\Program Files\Intel\Wireless\bin\ZCfgSvc.exe (Intel Corporation)
O4 - HKLM..\Run: [NvCplDaemon] C:\WINDOWS\System32\NvCpl.DLL (NVIDIA Corporation)
O4 - HKLM..\Run: [NVHotkey] C:\WINDOWS\System32\nvhotkey.dll (NVIDIA Corporation)
O4 - HKLM..\Run: [NvMediaCenter] C:\WINDOWS\System32\NvMcTray.DLL (NVIDIA Corporation)
O4 - HKLM..\Run: [nwiz] C:\WINDOWS\System32\nwiz.exe ()
O4 - HKLM..\Run: [SigmatelSysTrayApp] C:\Program Files\SigmaTel\C-Major Audio\WDM\stsystra.exe (SigmaTel, Inc.)
O4 - HKU\.DEFAULT..\Run: [ccagent.exe] C:\Documents and Settings\Jwozney\Application Data\ACommander\ccagent.exe File not found
O4 - HKU\.DEFAULT..\Run: [hsf87efjhdsf87f3jfsdi7fhsujfd] C:\WINDOWS\TEMP\debug.exe File not found
O4 - HKU\.DEFAULT..\Run: [mpfkdeua] C:\Documents and Settings\NetworkService\Local Settings\Application Data\yktetftpk\fohurwdtssd.exe File not found
O4 - HKU\S-1-5-18..\Run: [ccagent.exe] C:\Documents and Settings\Jwozney\Application Data\ACommander\ccagent.exe File not found
O4 - HKU\S-1-5-18..\Run: [hsf87efjhdsf87f3jfsdi7fhsujfd] C:\WINDOWS\TEMP\debug.exe File not found
O4 - HKU\S-1-5-18..\Run: [mpfkdeua] C:\Documents and Settings\NetworkService\Local Settings\Application Data\yktetftpk\fohurwdtssd.exe File not found
O4 - HKU\S-1-5-19..\Run: [gohasilipa] File not found
O4 - HKU\S-1-5-20..\Run: [gohasilipa] File not found
O4 - HKU\S-1-5-21-856469676-1127877537-354656731-1118..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe (Google Inc.)
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\WinZip Quick Pick.lnk = C:\Program Files\WinZip\WZQKPICK.EXE (WinZip Computing, S.L.)
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Main present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoFolderOptions = 1
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableRegistryTools = 1
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoFolderOptions = 1
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableRegistryTools = 1
O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-21-856469676-1127877537-354656731-1118\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O8 - Extra context menu item: Google Sidewiki... - C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_96D6FF0C6D236BF8.dll (Google Inc.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O15 - HKU\S-1-5-21-856469676-1127877537-354656731-1118\..Trusted Domains: intuit.com ([ttlc] https in Trusted sites)
O16 - DPF: {4871A87A-BFDD-4106-8153-FFDE2BAC2967}
http://dlm.tools.akamai.com/dlmanager/v ... .2.4.1.cab (DLM Control)
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C}
http://update.microsoft.com/windowsupda ... 7582207376 (WUWebControl Class)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93}
http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_15)
O16 - DPF: {CAFEEFAC-0016-0000-0015-ABCDEFFEDCBA}
http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_15)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA}
http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_15)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000}
http://fpdownload2.macromedia.com/get/s ... wflash.cab (Shockwave Flash Object)
O16 - DPF: {FD0B6769-6490-4A91-AA0A-B5AE0DC75AC9}
https://secure.logmein.com/activex/ractrl.cab?lmi=100 (Performance Viewer Activex Control)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: Domain = Jwozney.local
O20 - AppInit_DLLs: (rurafele.dll) - File not found
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - HKU\.DEFAULT Winlogon: Shell - (C:\Documents and Settings\Jwozney\Application Data\ACommander\ccmain.exe) - C:\Documents and Settings\Jwozney\Application Data\ACommander\ccmain.exe File not found
O20 - HKU\S-1-5-18 Winlogon: Shell - (C:\Documents and Settings\Jwozney\Application Data\ACommander\ccmain.exe) - C:\Documents and Settings\Jwozney\Application Data\ACommander\ccmain.exe File not found
O20 - HKU\S-1-5-21-856469676-1127877537-354656731-1118 Winlogon: Shell - (explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O24 - Desktop WallPaper: C:\WINDOWS\Web\Wallpaper\Bliss.bmp
O24 - Desktop BackupWallPaper: C:\WINDOWS\Web\Wallpaper\Bliss.bmp
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2009/03/20 17:28:52 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O33 - MountPoints2\{14b198f0-56bb-11de-81a6-001422f0e05b}\Shell\AutoRun - "" = Auto&Play
O33 - MountPoints2\{14b198f0-56bb-11de-81a6-001422f0e05b}\Shell\Explore\command - "" = autorun.exe
O33 - MountPoints2\{14b198f0-56bb-11de-81a6-001422f0e05b}\Shell\Open\command - "" = autorun.exe
O33 - MountPoints2\{a96c57ef-2905-11de-819a-001422f0e05b}\Shell - "" = AutoRun
O33 - MountPoints2\{a96c57ef-2905-11de-819a-001422f0e05b}\Shell\AutoRun - "" = Auto&Play
O33 - MountPoints2\{a96c57ef-2905-11de-819a-001422f0e05b}\Shell\AutoRun\command - "" = E:\LaunchU3.exe -- File not found
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
========== Files/Folders - Created Within 90 Days ========== [2010/06/26 23:21:37 | 000,000,000 | ---D | C] -- C:\WINDOWS\ERDNT
[2010/06/26 23:19:58 | 000,000,000 | ---D | C] -- C:\Program Files\ERUNT
[2010/06/23 15:41:18 | 000,038,224 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbamswissarmy.sys
[2010/06/23 15:41:16 | 000,020,952 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbam.sys
[2010/06/18 18:14:56 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Jwozney\Application Data\vlc
[2010/06/18 17:55:58 | 000,000,000 | ---D | C] -- C:\Program Files\VideoLAN
[2010/06/03 01:53:20 | 000,000,000 | -HSD | C] -- C:\Config.Msi
[2010/05/26 01:36:49 | 000,000,000 | -H-D | C] -- C:\WINDOWS\System32\Settings
[2010/05/10 21:15:13 | 000,000,000 | RH-D | C] -- C:\Documents and Settings\Jwozney\Recent
[2010/05/10 21:07:45 | 000,000,000 | ---D | C] -- C:\rsit
[2010/05/09 23:41:28 | 000,000,000 | ---D | C] -- C:\Documents and Settings\NetworkService\Local Settings\Application Data\yktetftpk
[2010/05/07 00:43:05 | 000,000,000 | ---D | C] -- C:\Documents and Settings\NetworkService\Local Settings\Application Data\Adobe
[2010/05/07 00:42:59 | 000,000,000 | ---D | C] -- C:\Documents and Settings\NetworkService\Application Data\Sun
[2010/05/06 10:56:15 | 000,000,000 | ---D | C] -- C:\Program Files\Trend Micro
[2010/05/06 10:31:41 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\appmgmt
[2010/05/06 10:15:28 | 000,000,000 | ---D | C] -- C:\WINDOWS\pss
[2010/05/06 08:06:33 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\PC Tools
[2010/05/06 08:06:03 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\TEMP
[2010/05/05 23:53:41 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Jwozney\Local Settings\Application Data\hcnvedvsn
[2010/05/04 07:14:23 | 006,153,376 | ---- | C] (Malwarebytes Corporation ) -- C:\Documents and Settings\Jwozney\Desktop\myapp.exe
[2010/05/04 07:04:21 | 000,178,000 | ---- | C] (Kaspersky Lab) -- C:\Documents and Settings\Jwozney\Desktop\TDSSKiller.exe
[2010/05/02 16:33:01 | 000,000,000 | ---D | C] -- C:\Documents and Settings\LocalService\Application Data\Real
[2010/04/29 11:48:56 | 000,000,000 | ---D | C] -- C:\Documents and Settings\LocalService\Application Data\Macromedia
[2010/04/28 16:42:41 | 000,000,000 | ---D | C] -- C:\Program Files\CCleaner
[2010/04/28 16:37:54 | 003,382,520 | ---- | C] (Piriform Ltd) -- C:\Documents and Settings\Jwozney\Desktop\ccsetup231.exe
[2010/04/28 11:40:33 | 000,000,000 | -H-D | C] -- C:\WINDOWS\System32\GroupPolicy
[2010/04/28 11:12:02 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Jwozney\Application Data\Malwarebytes
[2010/04/28 11:10:48 | 000,000,000 | ---D | C] -- C:\Documents and Settings\NetworkService\Application Data\Macromedia
[2010/04/28 11:10:48 | 000,000,000 | ---D | C] -- C:\Documents and Settings\NetworkService\Application Data\Adobe
[2010/04/28 10:56:11 | 000,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware
[2010/04/28 10:56:11 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Malwarebytes
[2010/04/28 10:25:40 | 000,000,000 | ---D | C] -- C:\Documents and Settings\LocalService\Application Data\Adobe
[2010/04/28 10:18:58 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Jwozney\Application Data\00313E5C56B80F9D2C1B235040946104
[2010/04/27 12:05:42 | 000,000,000 | ---D | C] -- C:\WINDOWS\Sun
[2010/04/19 17:27:43 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Jwozney\Desktop\backups
[2010/04/13 18:13:19 | 000,000,000 | ---D | C] -- C:\WINDOWS\SchCache
[2010/04/09 10:10:31 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\custom matrices
[2010/04/09 10:10:24 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\C2MP
[2010/04/09 10:01:59 | 000,000,000 | ---D | C] -- C:\Program Files\AVI Codec Pack
[2010/04/09 10:01:50 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\quicktime
[1 C:\Documents and Settings\Jwozney\My Documents\*.tmp files -> C:\Documents and Settings\Jwozney\My Documents\*.tmp -> ]
========== Files - Modified Within 90 Days ========== [2010/07/08 06:50:50 | 000,512,960 | ---- | M] () -- C:\WINDOWS\System32\PerfStringBackup.INI
[2010/07/08 06:50:50 | 000,435,828 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
[2010/07/08 06:50:50 | 000,068,558 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
[2010/07/08 06:46:52 | 000,030,356 | ---- | M] () -- C:\WINDOWS\System32\nvModes.001
[2010/07/08 06:46:52 | 000,002,206 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2010/07/08 06:46:10 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2010/07/06 15:24:29 | 000,025,088 | ---- | M] () -- C:\Documents and Settings\Jwozney\My Documents\Argyle.doc
[2010/07/06 14:18:38 | 000,000,364 | ---- | M] () -- C:\WINDOWS\hpbafd.ini
[2010/07/06 01:41:49 | 000,158,720 | ---- | M] () -- C:\Documents and Settings\Jwozney\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2010/06/29 16:35:50 | 004,456,448 | ---- | M] () -- C:\Documents and Settings\Jwozney\ntuser.dat
[2010/06/29 16:35:38 | 004,839,476 | -H-- | M] () -- C:\Documents and Settings\Jwozney\Local Settings\Application Data\IconCache.db
[2010/06/29 16:30:41 | 000,008,421 | ---- | M] () -- C:\Documents and Settings\Jwozney\Desktop\hijackthis_new
[2010/06/29 16:29:28 | 000,002,457 | ---- | M] () -- C:\Documents and Settings\Jwozney\Desktop\HiJackThis.lnk
[2010/06/26 23:19:59 | 000,000,592 | ---- | M] () -- C:\Documents and Settings\Jwozney\Desktop\ERUNT.lnk
[2010/06/23 17:10:14 | 000,008,359 | ---- | M] () -- C:\Documents and Settings\Jwozney\Desktop\hijackthis2
[2010/06/23 16:48:44 | 000,000,006 | -H-- | M] () -- C:\WINDOWS\tasks\SA.DAT
[2010/06/23 16:28:09 | 000,000,886 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
[2010/06/23 15:28:04 | 000,000,882 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
[2010/06/13 07:54:11 | 000,049,152 | ---- | M] () -- C:\Documents and Settings\Jwozney\Desktop\Senseless World 30 minutes.doc
[2010/06/07 23:48:59 | 000,025,088 | ---- | M] () -- C:\Documents and Settings\Jwozney\My Documents\One day back in 1994.doc
[2010/06/05 16:23:53 | 000,049,152 | ---- | M] () -- C:\Documents and Settings\Jwozney\My Documents\Do You Harbor Resentment or Do You Forgive (revised).doc
[2010/05/27 17:57:04 | 000,000,284 | ---- | M] () -- C:\WINDOWS\tasks\AppleSoftwareUpdate.job
[2010/05/19 12:54:24 | 002,132,672 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2010/05/18 22:45:27 | 000,030,356 | ---- | M] () -- C:\WINDOWS\System32\nvModes.dat
[2010/05/15 02:26:24 | 000,068,544 | ---- | M] () -- C:\Documents and Settings\Jwozney\Local Settings\Application Data\GDIPFONTCACHEV1.DAT
[2010/05/14 11:42:29 | 000,031,232 | ---- | M] () -- C:\Documents and Settings\Jwozney\My Documents\JWozneyResume.doc
[2010/05/12 11:11:20 | 000,000,162 | -H-- | M] () -- C:\Documents and Settings\Jwozney\My Documents\~$jwozneyResume.doc
[2010/05/10 19:54:08 | 000,824,681 | ---- | M] () -- C:\Documents and Settings\Jwozney\Desktop\RSIT.exe
[2010/05/10 19:50:31 | 000,451,584 | ---- | M] () -- C:\Documents and Settings\Jwozney\Desktop\CKScanner.exe
[2010/05/10 19:24:06 | 000,013,824 | -HS- | M] () -- C:\Documents and Settings\All Users\Application Data\kXk1e8cNYr5
[2010/05/10 19:24:05 | 000,013,824 | -HS- | M] () -- C:\Documents and Settings\Jwozney\Local Settings\Application Data\kXk1e8cNYr5
[2010/05/07 07:03:04 | 000,001,324 | ---- | M] () -- C:\WINDOWS\System32\d3d9caps.dat
[2010/05/06 10:54:43 | 001,402,880 | ---- | M] () -- C:\Documents and Settings\Jwozney\Desktop\HiJackThis.msi
[2010/05/06 10:16:13 | 000,000,603 | ---- | M] () -- C:\WINDOWS\win.ini
[2010/05/06 10:16:13 | 000,000,227 | ---- | M] () -- C:\WINDOWS\system.ini
[2010/05/06 10:16:13 | 000,000,211 | -HS- | M] () -- C:\boot.ini
[2010/05/06 10:14:26 | 000,000,376 | ---- | M] () -- C:\WINDOWS\ODBC.INI
[2010/05/06 08:12:15 | 000,000,278 | -HS- | M] () -- C:\Documents and Settings\Jwozney\ntuser.ini
[2010/05/04 07:14:23 | 006,153,376 | ---- | M] (Malwarebytes Corporation ) -- C:\Documents and Settings\Jwozney\Desktop\myapp.exe
[2010/05/04 07:03:33 | 000,154,469 | ---- | M] () -- C:\Documents and Settings\Jwozney\Desktop\tdsskiller.zip
[2010/05/04 06:42:58 | 000,000,370 | ---- | M] () -- C:\Documents and Settings\Jwozney\Desktop\fix.inf
[2010/05/03 09:38:15 | 000,000,000 | ---- | M] () -- C:\WINDOWS\System32\drivers\ffcvryx.sys
[2010/05/03 09:33:17 | 000,000,000 | ---- | M] () -- C:\Settings.ini
[2010/04/29 15:39:38 | 000,038,224 | ---- | M] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbamswissarmy.sys
[2010/04/29 15:39:26 | 000,020,952 | ---- | M] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbam.sys
[2010/04/29 11:45:18 | 000,013,586 | -HS- | M] () -- C:\Documents and Settings\Jwozney\Local Settings\Application Data\860882149
[2010/04/29 11:45:18 | 000,013,586 | -HS- | M] () -- C:\Documents and Settings\All Users\Application Data\860882149
[2010/04/28 22:56:29 | 000,000,360 | ---- | M] () -- C:\Documents and Settings\Jwozney\Desktop\fix.reg
[2010/04/28 16:41:00 | 003,382,520 | ---- | M] (Piriform Ltd) -- C:\Documents and Settings\Jwozney\Desktop\ccsetup231.exe
[2010/04/28 16:38:11 | 000,000,552 | ---- | M] () -- C:\WINDOWS\System32\d3d8caps.dat
[2010/04/28 13:20:32 | 000,000,000 | ---- | M] () -- C:\Documents and Settings\Jwozney\defogger_reenable
[2010/04/28 10:44:04 | 000,363,520 | ---- | M] () -- C:\Documents and Settings\Jwozney\Desktop\rkill.com
[2010/04/28 10:30:57 | 000,017,006 | -HS- | M] () -- C:\Documents and Settings\Jwozney\Local Settings\Application Data\KLry0l
[2010/04/28 10:30:57 | 000,017,006 | -HS- | M] () -- C:\Documents and Settings\All Users\Application Data\KLry0l
[2010/04/16 14:21:20 | 000,030,720 | ---- | M] () -- C:\Documents and Settings\Jwozney\My Documents\JWozney_Resume.doc
[2010/04/14 01:37:48 | 000,015,840 | -HS- | M] () -- C:\Documents and Settings\Jwozney\Local Settings\Application Data\40e2
[2010/04/14 01:37:48 | 000,015,840 | -HS- | M] () -- C:\Documents and Settings\All Users\Application Data\40e2
[2010/04/13 20:04:03 | 000,024,064 | ---- | M] () -- C:\Documents and Settings\Jwozney\My Documents\April PNC Payment.doc
[2010/04/13 17:32:20 | 000,108,883 | ---- | M] () -- C:\Documents and Settings\Jwozney\My Documents\JWozney-2009.pdf
[2010/04/11 15:58:55 | 000,017,322 | -HS- | M] () -- C:\Documents and Settings\Jwozney\Local Settings\Application Data\0CMR8yFmkXh
[2010/04/11 15:58:55 | 000,017,322 | -HS- | M] () -- C:\Documents and Settings\All Users\Application Data\0CMR8yFmkXh
[1 C:\Documents and Settings\Jwozney\My Documents\*.tmp files -> C:\Documents and Settings\Jwozney\My Documents\*.tmp -> ]
========== Files Created - No Company Name ========== [2010/07/06 14:23:07 | 000,025,088 | ---- | C] () -- C:\Documents and Settings\Jwozney\My Documents\Argyle.doc
[2010/06/29 16:30:41 | 000,008,421 | ---- | C] () -- C:\Documents and Settings\Jwozney\Desktop\hijackthis_new
[2010/06/26 23:19:59 | 000,000,592 | ---- | C] () -- C:\Documents and Settings\Jwozney\Desktop\ERUNT.lnk
[2010/06/23 17:10:13 | 000,008,359 | ---- | C] () -- C:\Documents and Settings\Jwozney\Desktop\hijackthis2
[2010/06/07 23:48:59 | 000,025,088 | ---- | C] () -- C:\Documents and Settings\Jwozney\My Documents\One day back in 1994.doc
[2010/06/05 10:15:46 | 000,049,152 | ---- | C] () -- C:\Documents and Settings\Jwozney\My Documents\Do You Harbor Resentment or Do You Forgive (revised).doc
[2010/05/12 11:11:20 | 000,000,162 | -H-- | C] () -- C:\Documents and Settings\Jwozney\My Documents\~$jwozneyResume.doc
[2010/05/10 19:53:58 | 000,824,681 | ---- | C] () -- C:\Documents and Settings\Jwozney\Desktop\RSIT.exe
[2010/05/10 19:50:27 | 000,451,584 | ---- | C] () -- C:\Documents and Settings\Jwozney\Desktop\CKScanner.exe
[2010/05/06 10:56:18 | 000,002,457 | ---- | C] () -- C:\Documents and Settings\Jwozney\Desktop\HiJackThis.lnk
[2010/05/06 10:54:42 | 001,402,880 | ---- | C] () -- C:\Documents and Settings\Jwozney\Desktop\HiJackThis.msi
[2010/05/04 07:03:32 | 000,154,469 | ---- | C] () -- C:\Documents and Settings\Jwozney\Desktop\tdsskiller.zip
[2010/05/04 06:42:55 | 000,000,370 | ---- | C] () -- C:\Documents and Settings\Jwozney\Desktop\fix.inf
[2010/05/03 09:33:17 | 000,000,000 | ---- | C] () -- C:\Settings.ini
[2010/04/29 11:45:07 | 000,013,586 | -HS- | C] () -- C:\Documents and Settings\Jwozney\Local Settings\Application Data\860882149
[2010/04/29 11:45:07 | 000,013,586 | -HS- | C] () -- C:\Documents and Settings\All Users\Application Data\860882149
[2010/04/28 22:56:29 | 000,000,360 | ---- | C] () -- C:\Documents and Settings\Jwozney\Desktop\fix.reg
[2010/04/28 16:38:11 | 000,000,552 | ---- | C] () -- C:\WINDOWS\System32\d3d8caps.dat
[2010/04/28 16:37:59 | 000,013,824 | -HS- | C] () -- C:\Documents and Settings\Jwozney\Local Settings\Application Data\kXk1e8cNYr5
[2010/04/28 16:37:59 | 000,013,824 | -HS- | C] () -- C:\Documents and Settings\All Users\Application Data\kXk1e8cNYr5
[2010/04/28 13:20:32 | 000,000,000 | ---- | C] () -- C:\Documents and Settings\Jwozney\defogger_reenable
[2010/04/28 10:43:58 | 000,363,520 | ---- | C] () -- C:\Documents and Settings\Jwozney\Desktop\rkill.com
[2010/04/28 10:19:57 | 000,000,000 | ---- | C] () -- C:\WINDOWS\System32\drivers\ffcvryx.sys
[2010/04/28 10:19:28 | 000,017,006 | -HS- | C] () -- C:\Documents and Settings\Jwozney\Local Settings\Application Data\KLry0l
[2010/04/28 10:19:28 | 000,017,006 | -HS- | C] () -- C:\Documents and Settings\All Users\Application Data\KLry0l
[2010/04/16 14:21:20 | 000,030,720 | ---- | C] () -- C:\Documents and Settings\Jwozney\My Documents\JWozney_Resume.doc
[2010/04/14 01:35:37 | 000,015,840 | -HS- | C] () -- C:\Documents and Settings\Jwozney\Local Settings\Application Data\40e2
[2010/04/14 01:35:37 | 000,015,840 | -HS- | C] () -- C:\Documents and Settings\All Users\Application Data\40e2
[2010/04/13 20:04:02 | 000,024,064 | ---- | C] () -- C:\Documents and Settings\Jwozney\My Documents\April PNC Payment.doc
[2010/04/13 17:32:20 | 000,108,883 | ---- | C] () -- C:\Documents and Settings\Jwozney\My Documents\JWozney-2009.pdf
[2010/04/11 15:56:40 | 000,017,322 | -HS- | C] () -- C:\Documents and Settings\Jwozney\Local Settings\Application Data\0CMR8yFmkXh
[2010/04/11 15:56:40 | 000,017,322 | -HS- | C] () -- C:\Documents and Settings\All Users\Application Data\0CMR8yFmkXh
[2010/03/02 20:00:00 | 004,555,278 | ---- | C] () -- C:\WINDOWS\System32\libavcodec.dll
[2010/03/02 20:00:00 | 001,449,935 | ---- | C] () -- C:\WINDOWS\System32\ffmpegmt.dll
[2010/03/02 20:00:00 | 000,877,385 | ---- | C] () -- C:\WINDOWS\System32\ff_x264.dll
[2010/03/02 20:00:00 | 000,556,491 | ---- | C] () -- C:\WINDOWS\System32\libmplayer.dll
[2010/03/02 20:00:00 | 000,336,384 | ---- | C] () -- C:\WINDOWS\System32\ff_libfaad2.dll
[2010/03/02 20:00:00 | 000,324,096 | ---- | C] () -- C:\WINDOWS\System32\TomsMoComp_ff.dll
[2010/03/02 20:00:00 | 000,248,320 | ---- | C] () -- C:\WINDOWS\System32\ff_kernelDeint.dll
[2010/03/02 20:00:00 | 000,216,576 | ---- | C] () -- C:\WINDOWS\System32\ff_libdts.dll
[2010/03/02 20:00:00 | 000,169,984 | ---- | C] () -- C:\WINDOWS\System32\ff_samplerate.dll
[2010/03/02 20:00:00 | 000,151,552 | ---- | C] () -- C:\WINDOWS\System32\ff_libmad.dll
[2010/03/02 20:00:00 | 000,145,408 | ---- | C] () -- C:\WINDOWS\System32\libmpeg2_ff.dll
[2010/03/02 20:00:00 | 000,121,856 | ---- | C] () -- C:\WINDOWS\System32\ff_liba52.dll
[2010/03/02 20:00:00 | 000,116,736 | ---- | C] () -- C:\WINDOWS\System32\ff_tremor.dll
[2010/03/02 20:00:00 | 000,100,864 | ---- | C] () -- C:\WINDOWS\System32\ff_wmv9.dll
[2010/03/02 20:00:00 | 000,097,792 | ---- | C] () -- C:\WINDOWS\System32\ff_unrar.dll
[2010/03/02 20:00:00 | 000,085,504 | ---- | C] () -- C:\WINDOWS\System32\ff_vfw.dll
[2009/11/19 22:39:54 | 000,000,025 | ---- | C] () -- C:\WINDOWS\cdplayer.ini
[2009/11/14 14:37:08 | 000,154,112 | ---- | C] () -- C:\WINDOWS\System32\ts.dll
[2009/11/14 14:33:38 | 000,249,856 | ---- | C] () -- C:\WINDOWS\System32\dxr.dll
[2009/11/14 14:11:50 | 000,093,184 | ---- | C] () -- C:\WINDOWS\System32\avss.dll
[2009/11/14 14:11:42 | 000,150,016 | ---- | C] () -- C:\WINDOWS\System32\mkx.dll
[2009/11/14 14:11:42 | 000,141,824 | ---- | C] () -- C:\WINDOWS\System32\mp4.dll
[2009/11/14 14:11:40 | 000,123,392 | ---- | C] () -- C:\WINDOWS\System32\ogm.dll
[2009/11/14 14:11:40 | 000,109,568 | ---- | C] () -- C:\WINDOWS\System32\avi.dll
[2009/11/14 14:11:38 | 000,097,792 | ---- | C] () -- C:\WINDOWS\System32\avs.dll
[2009/11/14 14:11:32 | 000,080,384 | ---- | C] () -- C:\WINDOWS\System32\mkzlib.dll
[2009/11/14 14:11:32 | 000,024,576 | ---- | C] () -- C:\WINDOWS\System32\mkunicode.dll
[2009/09/12 20:45:26 | 000,139,264 | ---- | C] () -- C:\WINDOWS\System32\OPDSL.DLL
[2009/06/07 12:24:04 | 000,180,224 | ---- | C] () -- C:\WINDOWS\System32\xvidvfw.dll
[2009/04/15 14:00:39 | 001,703,936 | ---- | C] () -- C:\WINDOWS\System32\nvwdmcpl.dll
[2009/04/15 14:00:39 | 001,019,904 | ---- | C] () -- C:\WINDOWS\System32\nvwimg.dll
[2009/04/15 14:00:39 | 000,466,944 | ---- | C] () -- C:\WINDOWS\System32\nvshell.dll
[2009/04/15 14:00:38 | 001,474,560 | ---- | C] () -- C:\WINDOWS\System32\nview.dll
[2009/04/15 13:27:17 | 000,022,629 | ---- | C] () -- C:\WINDOWS\System32\CiFilter.ini
[2009/04/02 10:33:13 | 000,000,364 | ---- | C] () -- C:\WINDOWS\hpbafd.ini
[2009/03/31 13:04:40 | 000,000,376 | ---- | C] () -- C:\WINDOWS\ODBC.INI
[2009/03/25 12:14:45 | 000,016,480 | ---- | C] () -- C:\WINDOWS\System32\rixdicon.dll
[2009/01/10 18:15:44 | 000,159,744 | ---- | C] () -- C:\WINDOWS\System32\mmfinfo.dll
[2008/11/06 12:37:32 | 003,596,288 | ---- | C] () -- C:\WINDOWS\System32\qt-dx331.dll
[2007/10/13 05:30:20 | 000,000,137 | ---- | C] () -- C:\WINDOWS\System32\Registration.ini
[2007/08/06 11:07:30 | 000,008,520 | ---- | C] () -- C:\WINDOWS\System32\ractrlkeyhook.dll
[2004/12/19 09:17:10 | 000,614,400 | ---- | C] () -- C:\WINDOWS\System32\xvidcore.dll
[2003/01/07 15:05:08 | 000,002,695 | ---- | C] () -- C:\WINDOWS\System32\OUTLPERF.INI
[2002/10/06 14:42:56 | 000,237,568 | ---- | C] () -- C:\WINDOWS\System32\OggDS.dll
[2002/10/04 19:04:24 | 000,921,600 | ---- | C] () -- C:\WINDOWS\System32\VorbisEnc.dll
[2002/10/04 19:04:24 | 000,188,416 | ---- | C] () -- C:\WINDOWS\System32\vorbis.dll
[2002/10/04 19:04:16 | 000,045,056 | ---- | C] () -- C:\WINDOWS\System32\ogg.dll
[2002/05/15 19:38:40 | 000,091,136 | ---- | C] () -- C:\WINDOWS\System32\mp4fil32.dll
========== Alternate Data Streams ========== @Alternate Data Stream - 121 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:DFC5A2B2
@Alternate Data Stream - 115 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:A8ADE5D8
< End of report >
OTL Extras logfile created on: 7/8/2010 7:08:30 AM - Run 1
OTL by OldTimer - Version 3.2.8.1 Folder = E:\
Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy
1,022.00 Mb Total Physical Memory | 636.00 Mb Available Physical Memory | 62.00% Memory free
2.00 Gb Paging File | 2.00 Gb Available in Paging File | 87.00% Paging File free
Paging file location(s): C:\pagefile.sys 1536 3072 [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 69.79 Gb Total Space | 11.15 Gb Free Space | 15.98% Space Free | Partition Type: NTFS
D: Drive not present or media not loaded
Drive E: | 7.46 Gb Total Space | 4.79 Gb Free Space | 64.11% Space Free | Partition Type: FAT32
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded
Computer Name: JWOZNEY
Current User Name: Jwozney
Logged in as Administrator.
Current Boot Mode: Normal
Scan Mode: All users
Company Name Whitelist: Off
Skip Microsoft Files: Off
File Age = 90 Days
Output = Minimal
========== Extra Registry (SafeList) ========== ========== File Associations ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
========== Shell Spawning ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
htmlfile [edit] -- "C:\Program Files\Microsoft Office\OFFICE11\msohtmed.exe" %1 (Microsoft Corporation)
htmlfile [print] -- "C:\Program Files\Microsoft Office\OFFICE11\msohtmed.exe" /p %1 (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l (Microsoft Corporation)
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
========== Security Center Settings ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"FirstRunDisabled" = 1
"AntiVirusOverride" = 1
"FirewallOverride" = 1
"AntiVirusDisableNotify" = 0
"FirewallDisableNotify" = 0
"UpdatesDisableNotify" = 1
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall" = 0
"DoNotAllowExceptions" = 0
"DisableNotifications" = 1
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 0
"DisableNotifications" = 1
"DoNotAllowExceptions" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
"5353:TCP" = 5353:TCP:*:Enabled:Adobe CSI CS4
========== Authorized Applications List ========== [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"C:\Program Files\Common Files\Adobe\CS4ServiceManager\CS4ServiceManager.exe" = C:\Program Files\Common Files\Adobe\CS4ServiceManager\CS4ServiceManager.exe:*:Enabled:Adobe CSI CS4 -- File not found
"C:\Program Files\iTunes\iTunes.exe" = C:\Program Files\iTunes\iTunes.exe:*:Enabled:iTunes -- (Apple Inc.)
"C:\Program Files\Common Files\Intuit\Update Service\IntuitUpdateService.exe" = C:\Program Files\Common Files\Intuit\Update Service\IntuitUpdateService.exe:LocalSubNet:Disabled:Intuit Update Shared Downloads Server -- (Intuit Inc.)
"C:\WINDOWS\explorer.exe" = C:\WINDOWS\explorer.exe:*:Enabled:Explorer -- (Microsoft Corporation)
"C:\Documents and Settings\Jwozney\Local Settings\Temp\Vcg.exe" = C:\Documents and Settings\Jwozney\Local Settings\Temp\Vcg.exe:*:Enabled:Vcg -- File not found
========== HKEY_LOCAL_MACHINE Uninstall List ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{06BE8AFD-A8E2-4B63-BAE7-287016D16ACB}" = mSSO
"{07287123-B8AC-41CE-8346-3D777245C35B}" = Bonjour
"{0E2B0B41-7E08-4F9F-B21F-41C4133F43B7}" = mLogView
"{13F3917B56CD4C25848BDC69916971BB}" = DivX Converter
"{1451DE6B-ABE1-4F62-BE9A-B363A17588A2}" = QuickTime
"{18455581-E099-4BA8-BC6B-F34B2F06600C}" = Google Toolbar for Internet Explorer
"{18D10072035C4515918F7E37EAFAACFC}" = AutoUpdate
"{2318C2B1-4965-11d4-9B18-009027A5CD4F}" = Google Toolbar for Internet Explorer
"{23FB368F-1399-4EAC-817C-4B83ECBE3D83}" = mProSafe
"{26A24AE4-039D-4CA4-87B4-2F83216015FF}" = Java(TM) 6 Update 15
"{287ECFA4-719A-2143-A09B-D6A12DE54E40}" = Acrobat.com
"{350C97B0-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP
"{3881DB80-EAA2-012B-ADAE-000000000000}" = TurboTax 2009 WinPerFedFormset
"{38975F50-EAA2-012B-ADB4-000000000000}" = TurboTax 2009 WinPerReleaseEngine
"{38A34630-EAA2-012B-ADB6-000000000000}" = TurboTax 2009 WinPerTaxSupport
"{39F6E2B4-CFE8-C30A-66E8-489651F0F34C}" = Adobe Media Player
"{3C5A81D0-EAA2-012B-AE9F-000000000000}" = TurboTax 2009 wrapper
"{3D29DFC0-EAA2-012B-AED3-000000000000}" = TurboTax 2009 wvaiper
"{3E9D596A-61D4-4239-BD19-2DB984D2A16F}" = mIWA
"{3FA365DF-2D68-45ED-8F83-8C8A33E65143}" = Apple Application Support
"{3FC7CBBC4C1E11DCA1A752EA55D89593}" = DivX Version Checker
"{45A66726-69BC-466B-A7A4-12FCBA4883D7}" = HiJackThis
"{49D687E5-6784-431B-A0A2-2F23B8CC5A1B}" = mHlpDell
"{5EE7D259-D137-4438-9A5F-42F432EC0421}" = VC80CRTRedist - 8.0.50727.4053
"{612B9183-67A9-4B44-9877-2F059E35B86A}" = Broadcom 440x 10/100 Integrated Controller
"{63DB9CCD-2B56-4217-9A3D-507AC78320CA}" = mWMI
"{6956856F-B6B3-4BE0-BA0B-8F495BE32033}" = Apple Software Update
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{7B63B2922B174135AFC0E1377DD81EC2}" =
"{829CD169-E692-48E8-9BDE-A3E8D8B65538}" = mSCfg
"{8B928BA1-EDEC-4227-A2DA-DD83026C36F5}" = mPfMgr
"{90B0D222-8C21-4B35-9262-53B042F18AF9}" = mPfWiz
"{91110409-6000-11D3-8CFE-0150048383C9}" = Microsoft Office Professional Edition 2003
"{94658027-9F16-4509-BBD7-A59FE57C3023}" = mZConfig
"{9E5A03E3-6246-4920-9630-0527D5DA9B07}" = iSEEK AnswerWorks English Runtime
"{A0F925BF-5C55-44C2-A4E7-5A4C59791C29}" = mDriver
"{A2BCA9F1-566C-4805-97D1-7FDC93386723}" = Adobe AIR
"{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}" = Microsoft .NET Framework 3.0 Service Pack 2
"{A462213D-EED4-42C2-9A60-7BDD4D4B0B17}" = SigmaTel Audio
"{A6FDF86A-F541-4E7B-AEA0-8849A2A700D5}" = iTunes
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{AADEA55D-C834-4BCB-98A3-4B8D1C18F4EE}" = Apple Mobile Device Support
"{AC76BA86-7AD7-1033-7B44-A91000000001}" = Adobe Reader 9.1
"{AEB9948B-4FF2-47C9-990E-47014492A0FE}" = MSXML 6.0 Parser
"{B13A7C41581B411290FBC0395694E2A9}" = DivX Converter
"{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}" = Microsoft .NET Framework 2.0 Service Pack 2
"{CD95F661-A5C4-44F5-A6AA-ECDD91C240B7}" = WinZip 12.0
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{DE5BFF9C-84D1-4B09-9C20-54633044CB85}" = Watchtower Library 2008 - English
"{E81667C6-2856-46D6-ABEA-6A2F42166779}" = mCore
"{F0BFC7EF-9CF8-44EE-91B0-158884CD87C5}" = mMHouse
"{F6090A17-0967-4A8A-B3C3-422A1B514D49}" = mDrWiFi
"{FCA651F3-5BDA-4DDA-9E4A-5D87D6914CC4}" = mWlsSafe
"4569969E1360D2854474C661EF9B4D54F143EB16" = Windows Driver Package - Ricoh Company (rimsptsk) hdc (11/14/2006 6.00.01.04)
"Adobe AIR" = Adobe AIR
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"Adobe SVG Viewer" = Adobe SVG Viewer 3.0
"AVI Codec Pack" = AVI Codec Pack
"CCleaner" = CCleaner
"CNXT_MODEM_HDAUDIO_VEN_14F1&DEV_2BFA&SUBSYS_14F100C3" = Conexant HDA D110 MDC V.92 Modem
"com.adobe.amp.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1" = Adobe Media Player
"DivX Plus DirectShow Filters" = DivX Plus DirectShow Filters
"DivX Setup.divx.com" = DivX Setup
"ERUNT_is1" = ERUNT 1.1j
"HOTLLAMA Media Player" = HOTLLAMA Media Player
"IDNMitigationAPIs" = Microsoft Internationalized Domain Names Mitigation APIs
"ie7" = Windows Internet Explorer 7
"ie8" = Windows Internet Explorer 8
"IrfanView" = IrfanView (remove only)
"JDownloader" = JDownloader
"Macromedia Shockwave Player" = Macromedia Shockwave Player
"Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware
"Media Player - Codec Pack" = Media Player Codec Pack 3.9.5
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"Mozilla Firefox (3.5.9)" = Mozilla Firefox (3.5.9)
"MSCompPackV1" = Microsoft Compression Client Pack 1.0 for Windows XP
"MSNINST" = MSN
"NLSDownlevelMapping" = Microsoft National Language Support Downlevel APIs
"NVIDIA Drivers" = NVIDIA Drivers
"ProInst" = Intel(R) PROSet/Wireless Software
"SAMB_ADVMB_FILTER_DRV" = Sound Blaster ADVANCED MB Drivers
"ShockwaveFlash" = Adobe Flash Player 9 ActiveX
"TurboTax 2009" = TurboTax 2009
"U-Storage Service" = U-Storage Service
"VLC media player" = VLC media player 1.0.5
"Windows Media Format Runtime" = Windows Media Format 11 runtime
"Windows Media Player" = Windows Media Player 11
"WinRAR archiver" = WinRAR archiver
"WMFDist11" = Windows Media Format 11 runtime
"wmp11" = Windows Media Player 11
"Wudf01000" = Microsoft User-Mode Driver Framework Feature Pack 1.0
========== HKEY_USERS Uninstall List ========== [HKEY_USERS\S-1-5-21-856469676-1127877537-354656731-1118\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"uTorrent" = µTorrent
========== Last 10 Event Log Errors ========== [ Application Events ]
Error - 7/7/2010 10:09:42 PM | Computer Name = JWOZNEY | Source = Userenv | ID = 1054
Description = Windows cannot obtain the domain controller name for your computer
network. (The workstation driver is not installed. ). Group Policy processing aborted.
Error - 7/7/2010 10:09:42 PM | Computer Name = JWOZNEY | Source = Userenv | ID = 1054
Description = Windows cannot obtain the domain controller name for your computer
network. (The workstation driver is not installed. ). Group Policy processing aborted.
Error - 7/7/2010 10:09:45 PM | Computer Name = JWOZNEY | Source = AutoEnrollment | ID = 15
Description = Automatic certificate enrollment for local system failed to contact
the active directory (0x80070836). The workstation driver is not installed. Enrollment
will not be performed.
Error - 7/7/2010 10:09:49 PM | Computer Name = JWOZNEY | Source = Google Update | ID = 20
Description =
Error - 7/7/2010 10:16:43 PM | Computer Name = JWOZNEY | Source = Google Update | ID = 20
Description =
Error - 7/8/2010 6:46:29 AM | Computer Name = JWOZNEY | Source = Userenv | ID = 1054
Description = Windows cannot obtain the domain controller name for your computer
network. (The workstation driver is not installed. ). Group Policy processing aborted.
Error - 7/8/2010 6:46:31 AM | Computer Name = JWOZNEY | Source = Userenv | ID = 1054
Description = Windows cannot obtain the domain controller name for your computer
network. (The workstation driver is not installed. ). Group Policy processing aborted.
Error - 7/8/2010 6:46:33 AM | Computer Name = JWOZNEY | Source = Google Update | ID = 20
Description =
Error - 7/8/2010 6:46:33 AM | Computer Name = JWOZNEY | Source = AutoEnrollment | ID = 15
Description = Automatic certificate enrollment for local system failed to contact
the active directory (0x80070836). The workstation driver is not installed. Enrollment
will not be performed.
Error - 7/8/2010 6:59:48 AM | Computer Name = JWOZNEY | Source = Google Update | ID = 20
Description =
[ System Events ]
Error - 6/23/2010 4:51:17 PM | Computer Name = JWOZNEY | Source = Service Control Manager | ID = 7009
Description = Timeout (30000 milliseconds) waiting for the Error Reporting Service
service to connect.
Error - 6/23/2010 4:51:17 PM | Computer Name = JWOZNEY | Source = Service Control Manager | ID = 7009
Description = Timeout (30000 milliseconds) waiting for the COM+ Event System service
to connect.
Error - 6/23/2010 4:51:17 PM | Computer Name = JWOZNEY | Source = Service Control Manager | ID = 7000
Description = The COM+ Event System service failed to start due to the following
error: %%1053
Error - 6/23/2010 4:51:17 PM | Computer Name = JWOZNEY | Source = Service Control Manager | ID = 7009
Description = Timeout (30000 milliseconds) waiting for the Help and Support service
to connect.
Error - 6/23/2010 4:51:17 PM | Computer Name = JWOZNEY | Source = Service Control Manager | ID = 7000
Description = The Help and Support service failed to start due to the following
error: %%1053
Error - 6/23/2010 4:51:17 PM | Computer Name = JWOZNEY | Source = Service Control Manager | ID = 7009
Description = Timeout (30000 milliseconds) waiting for the HID Input Service service
to connect.
Error - 6/23/2010 4:51:17 PM | Computer Name = JWOZNEY | Source = Service Control Manager | ID = 7000
Description = The HID Input Service service failed to start due to the following
error: %%1053
Error - 6/23/2010 4:51:17 PM | Computer Name = JWOZNEY | Source = Service Control Manager | ID = 7001
Description = The System Event Notification service depends on the COM+ Event System
service which failed to start because of the following error: %%1053
Error - 6/24/2010 12:05:51 AM | Computer Name = JWOZNEY | Source = Ftdisk | ID = 262189
Description = The system could not sucessfully load the crash dump driver.
Error - 6/24/2010 12:05:51 AM | Computer Name = JWOZNEY | Source = Ftdisk | ID = 262193
Description = Configuring the Page file for crash dump failed. Make sure there is
a page file on the boot partition and that is large enough to contain all physical
memory.
< End of report >