OTListIt logfile created on: 3/9/2009 10:32:16 AM - Run 1
OTListIt2 by OldTimer - Version 2.0.3.5 Folder = C:\Documents and Settings\Dustin\Desktop
Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 6.0.2900.5512)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy
511.49 Mb Total Physical Memory | 227.56 Mb Available Physical Memory | 44.49% Memory free
1.22 Gb Paging File | 0.96 Gb Available in Paging File | 78.57% Paging File free
Paging file location(s): C:\pagefile.sys 768 1536;
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 48.83 Gb Total Space | 4.92 Gb Free Space | 10.08% Space Free | Partition Type: NTFS
Drive D: | 25.69 Gb Total Space | 25.60 Gb Free Space | 99.64% Space Free | Partition Type: NTFS
E: Drive not present or media not loaded
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded
Computer Name: TRE11-K6PF4YI72
Current User Name: Dustin
Logged in as Administrator.
Current Boot Mode: Normal
Scan Mode: Current user
Output = Minimal
File Age = 30 Days
Company Name Whitelist: On
========== Processes (SafeList) ========== PRC - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe (Apple Inc.)
PRC - C:\Program Files\Bonjour\mDNSResponder.exe (Apple Inc.)
PRC - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe (Google)
PRC - C:\Program Files\Java\jre6\bin\jqs.exe (Sun Microsystems, Inc.)
PRC - C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE (Microsoft Corporation)
PRC - C:\Program Files\Norton Internet Security\Engine\16.5.0.134\ccSvcHst.exe (Symantec Corporation)
PRC - C:\WINDOWS\System32\nvsvc32.exe (NVIDIA Corporation)
PRC - C:\WINDOWS\System32\oodag.exe (O&O Software GmbH)
PRC - C:\Program Files\Webroot\Washer\WasherSvc.exe ()
PRC - C:\WINDOWS\system32\WgaTray.exe (Microsoft Corporation)
PRC - C:\WINDOWS\Explorer.EXE (Microsoft Corporation)
PRC - C:\Program Files\Norton Internet Security\Engine\16.5.0.134\ccSvcHst.exe (Symantec Corporation)
PRC - C:\WINDOWS\SOUNDMAN.EXE (Realtek Semiconductor Corp.)
PRC - C:\Program Files\Java\jre6\bin\jusched.exe (Sun Microsystems, Inc.)
PRC - C:\Program Files\iTunes\iTunesHelper.exe (Apple Inc.)
PRC - C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe (Microsoft Corporation)
PRC - C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe (Adobe Systems Incorporated)
PRC - C:\Program Files\Common Files\Intuit\QuickBooks\QBUpdate\qbupdate.exe (Intuit, Inc.)
PRC - C:\Program Files\Yahoo!\Messenger\Ymsgr_tray.exe (Yahoo! Inc.)
PRC - C:\Program Files\iPod\bin\iPodService.exe (Apple Inc.)
PRC - C:\Documents and Settings\Dustin\Desktop\OTListIt2.exe (OldTimer Tools)
========== Win32 Services (SafeList) ========== SRV - (Adobe LM Service [On_Demand | Stopped]) -- C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe ()
SRV - (Apple Mobile Device [Auto | Running]) -- C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe (Apple Inc.)
SRV - (Bonjour Service [Auto | Running]) -- C:\Program Files\Bonjour\mDNSResponder.exe (Apple Inc.)
SRV - (gusvc [Auto | Running]) -- C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe (Google)
SRV - (helpsvc [Auto | Running]) -- C:\WINDOWS\PCHealth\HelpCtr\Binaries\pchsvc.dll (Microsoft Corporation)
SRV - (IDriverT [On_Demand | Stopped]) -- C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe (Macrovision Corporation)
SRV - (iPod Service [On_Demand | Running]) -- C:\Program Files\iPod\bin\iPodService.exe (Apple Inc.)
SRV - (JavaQuickStarterService [Auto | Running]) -- C:\Program Files\Java\jre6\bin\jqs.exe (Sun Microsystems, Inc.)
SRV - (MDM [Auto | Running]) -- C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE (Microsoft Corporation)
SRV - (Norton Internet Security [Auto | Running]) -- C:\Program Files\Norton Internet Security\Engine\16.5.0.134\ccSvcHst.exe (Symantec Corporation)
SRV - (NVSvc [Auto | Running]) -- C:\WINDOWS\System32\nvsvc32.exe (NVIDIA Corporation)
SRV - (O&O Defrag [Auto | Running]) -- C:\WINDOWS\System32\oodag.exe (O&O Software GmbH)
SRV - (ose [On_Demand | Stopped]) -- C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE (Microsoft Corporation)
SRV - (usnjsvc [On_Demand | Stopped]) -- C:\Program Files\Windows Live\Messenger\usnsvc.exe (Microsoft Corporation)
SRV - (WLSetupSvc [On_Demand | Stopped]) -- C:\Program Files\Windows Live\installer\WLSetupSvc.exe (Microsoft Corporation)
SRV - (WMPNetworkSvc [On_Demand | Stopped]) -- C:\Program Files\Windows Media Player\WMPNetwk.exe (Microsoft Corporation)
SRV - (wwEngineSvc [Auto | Running]) -- C:\Program Files\Webroot\Washer\WasherSvc.exe ()
========== Driver Services (SafeList) ========== DRV - (ALCXWDM [On_Demand | Running]) -- C:\WINDOWS\system32\drivers\ALCXWDM.SYS (Realtek Semiconductor Corp.)
DRV - (AVG Anti-Rootkit [Boot | Running]) -- C:\WINDOWS\System32\DRIVERS\avgarkt.sys (GRISOFT, s.r.o.)
DRV - (AvgArCln [System | Running]) -- C:\WINDOWS\System32\DRIVERS\AvgArCln.sys (GRISOFT, s.r.o.)
DRV - (BHDrvx86 [System | Running]) -- C:\WINDOWS\System32\Drivers\NIS\1005000.086\BHDrvx86.sys (Symantec Corporation)
DRV - (ccHP [System | Running]) -- C:\WINDOWS\System32\Drivers\NIS\1005000.086\ccHPx86.sys (Symantec Corporation)
DRV - (eeCtrl [System | Running]) -- C:\Program Files\Common Files\Symantec Shared\EENGINE\eeCtrl.sys (Symantec Corporation)
DRV - (EraserUtilRebootDrv [On_Demand | Running]) -- C:\Program Files\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys (Symantec Corporation)
DRV - (gameenum [On_Demand | Running]) -- C:\WINDOWS\System32\DRIVERS\gameenum.sys (Microsoft Corporation)
DRV - (GEARAspiWDM [On_Demand | Running]) -- C:\WINDOWS\System32\Drivers\GEARAspiWDM.sys (GEAR Software Inc.)
DRV - (IDSxpx86 [System | Running]) -- C:\Documents and Settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\Definitions\ipsdefs\20090303.001\IDSxpx86.sys (Symantec Corporation)
DRV - (NAVENG [On_Demand | Running]) -- C:\Documents and Settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\Definitions\VirusDefs\20090308.020\NAVENG.SYS (Symantec Corporation)
DRV - (NAVEX15 [On_Demand | Running]) -- C:\Documents and Settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\Definitions\VirusDefs\20090308.020\NAVEX15.SYS (Symantec Corporation)
DRV - (nv [On_Demand | Running]) -- C:\WINDOWS\System32\DRIVERS\nv4_mini.sys (NVIDIA Corporation)
DRV - (Ptilink [On_Demand | Running]) -- C:\WINDOWS\System32\DRIVERS\ptilink.sys (Parallel Technologies, Inc.)
DRV - (Secdrv [On_Demand | Stopped]) -- C:\WINDOWS\System32\DRIVERS\secdrv.sys (Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K.)
DRV - (SISNIC [On_Demand | Running]) -- C:\WINDOWS\System32\DRIVERS\sisnic.sys (SiS Corporation)
DRV - (SRTSP [System | Running]) -- C:\WINDOWS\System32\Drivers\NIS\1005000.086\SRTSP.SYS (Symantec Corporation)
DRV - (SRTSPX [System | Running]) -- C:\WINDOWS\system32\drivers\NIS\1005000.086\SRTSPX.SYS (Symantec Corporation)
DRV - (SymEFA [Boot | Running]) -- C:\WINDOWS\system32\drivers\NIS\1005000.086\SYMEFA.SYS (Symantec Corporation)
DRV - (SymEvent [On_Demand | Running]) -- C:\WINDOWS\system32\Drivers\SYMEVENT.SYS (Symantec Corporation)
DRV - (SYMFW [On_Demand | Running]) -- C:\WINDOWS\System32\Drivers\NIS\1005000.086\SYMFW.SYS (Symantec Corporation)
DRV - (SYMIDS [On_Demand | Running]) -- C:\WINDOWS\System32\Drivers\NIS\1005000.086\SYMIDS.SYS (Symantec Corporation)
DRV - (SymIM [On_Demand | Stopped]) -- C:\WINDOWS\system32\DRIVERS\SymIM.sys (Symantec Corporation)
DRV - (SymIMMP [On_Demand | Running]) -- C:\WINDOWS\system32\DRIVERS\SymIM.sys (Symantec Corporation)
DRV - (SYMNDIS [On_Demand | Running]) -- C:\WINDOWS\System32\Drivers\NIS\1005000.086\SYMNDIS.SYS (Symantec Corporation)
DRV - (SYMTDI [System | Running]) -- C:\WINDOWS\System32\Drivers\NIS\1005000.086\SYMTDI.SYS (Symantec Corporation)
DRV - (USBIO [On_Demand | Stopped]) -- C:\WINDOWS\System32\Drivers\usbio.sys (Thesycon GmbH, Germany)
========== Standard Registry (SafeList) ========== ========== Internet Explorer ========== IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL =
http://www.microsoft...p...&ar=msnhomeIE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL =
http://www.google.com/ieIE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page =
http://www.microsoft...amp;ar=iesearchIE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page =
http://www.microsoft...p...ER}&ar=homeIE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,CustomizeSearch =
http://ie.search.msn...st/srchcust.htmIE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL =
http://www.google.com/ieIE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant =
http://www.google.com/ie IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\WINDOWS\system32\blank.htm
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Page_Transitions = 1
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page =
http://www.microsoft...amp;ar=iesearchIE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page =
http://www.wissports.net/IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local
FF - prefs.js..browser.startup.homepage: "
http://sureshotters.com/"FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0005-ABCDEFFEDCBA}:6.0.05
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0003-ABCDEFFEDCBA}:6.0.03
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA}:6.0.07
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0010-ABCDEFFEDCBA}:6.0.10
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0011-ABCDEFFEDCBA}:6.0.11
FF - prefs.js..extensions.enabledItems: {972ce4c6-7e08-4474-a285-3208198ce6fd}:3.0.7
FF - HKLM\software\mozilla\Firefox\extensions\\
[email protected] -> %ProgramFiles%\JAVA\JRE6\LIB\DEPLOY\JQS\FF [C:\PROGRAM FILES\JAVA\JRE6\LIB\DEPLOY\JQS\FF] -> [2008/10/24 20:16:31 00,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.0.7\extensions\\Components -> %ProgramFiles%\MOZILLA FIREFOX\COMPONENTS [C:\PROGRAM FILES\MOZILLA FIREFOX\COMPONENTS] -> [2009/03/05 12:13:57 00,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.0.7\extensions\\Plugins -> %ProgramFiles%\MOZILLA FIREFOX\PLUGINS [C:\PROGRAM FILES\MOZILLA FIREFOX\PLUGINS] -> [2009/03/05 12:13:57 00,000,000 | ---D | M]
FF - C:\Documents and Settings\Dustin\Application Data\mozilla\Extensions [2008/06/20 18:33:23 00,000,000 | ---D | M]
FF - C:\Documents and Settings\Dustin\Application Data\mozilla\Extensions\{ec8030f7-c20a-464f-9b0e-13a3a9e97384} [2008/06/20 18:33:23 00,000,000 | ---D | M]
FF - C:\Documents and Settings\Dustin\Application Data\mozilla\Firefox\Profiles\8s9hm2x9.default\extensions [2008/06/09 18:16:20 00,000,000 | ---D | M]
FF - C:\Program Files\mozilla firefox\extensions [2009/03/08 12:41:38 00,000,000 | ---D | M]
FF - C:\Program Files\mozilla firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd} [2009/03/05 12:13:57 00,000,000 | ---D | M]
FF - C:\Program Files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0003-ABCDEFFEDCBA} [2007/10/03 18:54:42 00,000,000 | ---D | M]
FF - C:\Program Files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0005-ABCDEFFEDCBA} [2008/03/28 07:03:38 00,000,000 | ---D | M]
FF - C:\Program Files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA} [2008/07/20 00:20:36 00,000,000 | ---D | M]
FF - C:\Program Files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0010-ABCDEFFEDCBA} [2008/10/24 20:17:16 00,000,000 | ---D | M]
FF - C:\Program Files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0011-ABCDEFFEDCBA} [2008/12/03 18:35:46 00,000,000 | ---D | M]
O1 HOSTS File: (27 bytes) - C:\WINDOWS\System32\drivers\etc\Hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (Adobe PDF Reader Link Helper) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
O2 - BHO: (Watch for Browser Events) - {42A7CE31-CEE7-4CCE-A060-A44A7E52E062} - C:\Program Files\Keyboard Express 3\kie.dll (Insight Software Solutions)
O2 - BHO: (Symantec NCO BHO) - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files\Norton Internet Security\Engine\16.5.0.134\coIEPlg.dll (Symantec Corporation)
O2 - BHO: (Symantec Intrusion Prevention) - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files\Norton Internet Security\Engine\16.5.0.134\IPSBHO.DLL (Symantec Corporation)
O2 - BHO: (Java Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll (Sun Microsystems, Inc.)
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - Reg Error: Key error. File not found
O2 - BHO: (Windows Live Sign-in Helper) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)
O2 - BHO: (Google Toolbar Helper) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll (Google Inc.)
O2 - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.0.926.3450\swg.dll (Google Inc.)
O2 - BHO: (Java Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll (Sun Microsystems, Inc.)
O2 - BHO: (JQSIEStartDetectorImpl Class) - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll (Sun Microsystems, Inc.)
O3 - HKLM\..\Toolbar: (&Google) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll (Google Inc.)
O3 - HKLM\..\Toolbar: (Norton Toolbar) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files\Norton Internet Security\Engine\16.5.0.134\coIEPlg.dll (Symantec Corporation)
O3 - HKCU\..\Toolbar\ShellBrowser: (no name) - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - Reg Error: Key error. File not found
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll (Google Inc.)
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - Reg Error: Key error. File not found
O4 - HKLM..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe" (Apple Inc.)
O4 - HKLM..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\System32\NvCpl.dll,NvStartup (NVIDIA Corporation)
O4 - HKLM..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\System32\NvMcTray.dll,NvTaskbarInit (NVIDIA Corporation)
O4 - HKLM..\Run: [nwiz] nwiz.exe /install (NVIDIA Corporation)
O4 - HKLM..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime (Apple Inc.)
O4 - HKLM..\Run: [SoundMan] SOUNDMAN.EXE (Realtek Semiconductor Corp.)
O4 - HKLM..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe" (Sun Microsystems, Inc.)
O4 - HKCU..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" /background (Microsoft Corporation)
O4 - HKCU..\Run: [Yahoo! Pager] "C:\PROGRA~1\Yahoo!\MESSEN~1\YAHOOM~1.EXE" -quiet (Yahoo! Inc.)
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Adobe Gamma Loader.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe (Adobe Systems, Inc.)
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe (Adobe Systems Incorporated)
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\QuickBooks Update Agent.lnk = C:\Program Files\Common Files\Intuit\QuickBooks\QBUpdate\qbupdate.exe (Intuit, Inc.)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 255
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: dontdisplaylastusername = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticecaption =
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticetext =
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: shutdownwithoutlogon = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: undockwithoutlogon = 1
O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O8 - Extra context menu item: &Yahoo! Search - file:///C:\Program Files\Yahoo!\Common/ycsrch.htm
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O8 - Extra context menu item: Yahoo! &Dictionary - file:///C:\Program Files\Yahoo!\Common/ycdict.htm
O8 - Extra context menu item: Yahoo! &Maps - file:///C:\Program Files\Yahoo!\Common/ycmap.htm
O8 - Extra context menu item: Yahoo! &SMS - file:///C:\Program Files\Yahoo!\Common/ycsms.htm
O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\Program Files\Microsoft Office\OFFICE11\REFIEBAR.DLL (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe (Microsoft Corporation)
O9 - Extra Button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [mdnsNSP] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O15 - HKLM\..Trusted Domains: 1 domain(s) and sub-domain(s) not assigned to a zone.
O15 - HKCU\..Trusted Sites: ([]msn in My Computer)
O15 - HKCU\..Trusted Domains: 32 domain(s) and sub-domain(s) not assigned to a zone.
O16 - DPF: {02BF25D5-8C17-4B23-BC80-D3488ABDDC6B}
http://www.apple.com...ex/qtplugin.cab (QuickTime Object)
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700}
http://go.microsoft....k/?linkid=39204 (Windows Genuine Advantage Validation Tool)
O16 - DPF: {238F6F83-B8B4-11CF-8771-00A024541EE3}
http://a516.g.akamai...cat-no-eula.cab (Citrix ICA Client)
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} C:\Program Files\Yahoo!\Common\yinsthelper.dll (YInstStarter Class)
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537}
http://spaces.msn.co...ad/MsnPUpld.cab (MSN Photo Upload Tool)
O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24}
http://messenger.zon...1/GAME_UNO1.cab (UnoCtrl Class)
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C}
http://update.micros...b?1129575632154 (WUWebControl Class)
O16 - DPF: {6A344D34-5231-452A-8A57-D064AC9B7862}
https://webdl.symant...ex/symdlmgr.cab (Symantec Download Manager)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93}
http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_11)
O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D}
http://messenger.zon...nt.cab31267.cab (MessengerStatsClient Class)
O16 - DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C}
http://fpdownload.ma...t/ultrashim.cab (Reg Error: Key error.)
O16 - DPF: {97E71027-0BA2-44F2-97DB-F84D808ED0B6}
http://messenger.zon...nt.cab55762.cab (MessengerStatsClient Class)
O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592}
http://messenger.zon...ro.cab55579.cab (MSN Games - Installer)
O16 - DPF: {BD393C14-72AD-4790-A095-76522973D6B8}
http://messenger.zon...ot.cab31267.cab (CBreakshotControl Class)
O16 - DPF: {CAFEEFAC-0016-0000-0003-ABCDEFFEDCBA}
http://java.sun.com/...indows-i586.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0016-0000-0005-ABCDEFFEDCBA}
http://java.sun.com/...indows-i586.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA}
http://java.sun.com/...indows-i586.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0016-0000-0011-ABCDEFFEDCBA}
http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_11)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA}
http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_11)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000}
http://download.macr...ash/swflash.cab (Shockwave Flash Object)
O18 - Protocol\Handler\ipp Reg Error: Value error. - Reg Error: Key error. File not found
O18 - Protocol\Handler\ipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\livecall {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files\Windows Live\Messenger\msgrapp.8.5.1302.1018.dll (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp Reg Error: Value error. - Reg Error: Key error. File not found
O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\ms-itss {0A9007C0-4076-11D3-8789-0000F8105754} - C:\Program Files\Common Files\Microsoft Shared\Information Retrieval\MSITSS.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msnim {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files\Windows Live\Messenger\msgrapp.8.5.1302.1018.dll (Microsoft Corporation)
O18 - Protocol\Handler\mso-offdap {3D9F03FA-7A94-11D3-BE81-0050048385D1} - C:\Program Files\Common Files\Microsoft Shared\Web Components\10\OWC10.DLL (Microsoft Corporation)
O18 - Protocol\Handler\mso-offdap11 {32505114-5902-49B2-880A-1F7738E5A384} - C:\Program Files\Common Files\Microsoft Shared\Web Components\11\OWC11.DLL (Microsoft Corporation)
O18 - Protocol\Handler\symres {AA1061FE-6C41-421f-9344-69640C9732AB} - C:\Program Files\Norton Internet Security\Engine\16.5.0.134\coIEPlg.dll (Symantec Corporation)
O18 - Protocol\Filter: - text/xml - C:\Program Files\Common Files\Microsoft Shared\OFFICE11\MSOXMLMF.DLL (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\Explorer.exe (Microsoft Corporation)
O24 - Desktop Components:0 (My Current Home Page) - About:Home
O31 - SafeBoot: AlternateShell - cmd.exe
O32 - HKLM CDRom: AutoRun - 1
O32 - Autorun File - C:\AUTOEXEC.BAT () - [ NTFS ]
========== Files/Folders - Created Within 30 Days ========== [2009/03/09 10:31:07 | 00,497,664 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\Dustin\Desktop\OTListIt2.exe
[2009/03/04 22:53:37 | 00,401,720 | ---- | C] (Trend Micro Inc.) -- C:\Documents and Settings\Dustin\Desktop\HiJackThis.exe
[2009/03/04 22:50:29 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Documents\microsoft
[2009/03/04 20:31:58 | 00,036,400 | R--- | C] (Symantec Corporation) -- C:\WINDOWS\System32\drivers\SymIM.sys
[2009/03/04 18:48:10 | 00,035,813 | ---- | C] () -- C:\Documents and Settings\Dustin\My Documents\stock.gif
[2009/03/04 18:38:08 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Dustin\Desktop\stocktrader
[2009/03/01 16:31:02 | 01,874,416 | ---- | C] () -- C:\Documents and Settings\Dustin\Desktop\TeamViewer_Setup.exe
[2009/03/01 16:11:51 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Dustin\Application Data\TeamViewer
[2009/03/01 16:11:02 | 01,479,408 | ---- | C] () -- C:\Documents and Settings\Dustin\Desktop\TeamViewerQS.exe
[2009/02/15 22:59:04 | 00,067,072 | -HS- | C] () -- C:\Documents and Settings\Dustin\My Documents\Thumbs.db
[2009/02/12 09:30:42 | 12,342,272 | ---- | C] () -- C:\DT TRUCK REPAIR.QBW
========== Files - Modified Within 30 Days ========== [4 C:\WINDOWS\System32\*.tmp files]
[5 C:\WINDOWS\*.tmp files]
[2009/03/09 10:31:08 | 00,497,664 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Dustin\Desktop\OTListIt2.exe
[2009/03/09 10:29:24 | 00,002,262 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2009/03/09 10:28:35 | 00,029,204 | ---- | M] () -- C:\WINDOWS\System32\nvapps.xml
[2009/03/09 10:27:27 | 00,000,006 | -H-- | M] () -- C:\WINDOWS\tasks\SA.DAT
[2009/03/09 10:27:09 | 00,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2009/03/09 10:26:52 | 00,470,256 | ---- | M] () -- C:\WINDOWS\System32\OODBS.lor
[2009/03/09 09:09:51 | 00,000,566 | ---- | M] () -- C:\Documents and Settings\Dustin\My Documents\My Sharing Folders.lnk
[2009/03/08 20:20:33 | 00,000,268 | -H-- | M] () -- C:\sqmdata07.sqm
[2009/03/08 20:20:33 | 00,000,244 | -H-- | M] () -- C:\sqmnoopt07.sqm
[2009/03/08 12:30:53 | 00,314,508 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
[2009/03/08 12:30:53 | 00,040,836 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
[2009/03/08 12:30:52 | 00,360,124 | ---- | M] () -- C:\WINDOWS\System32\PerfStringBackup.INI
[2009/03/05 09:16:07 | 00,000,268 | -H-- | M] () -- C:\sqmdata06.sqm
[2009/03/05 09:16:07 | 00,000,244 | -H-- | M] () -- C:\sqmnoopt06.sqm
[2009/03/04 22:53:38 | 00,401,720 | ---- | M] (Trend Micro Inc.) -- C:\Documents and Settings\Dustin\Desktop\HiJackThis.exe
[2009/03/04 20:32:12 | 00,625,710 | ---- | M] () -- C:\WINDOWS\System32\drivers\NIS\1005000.086\Cat.DB
[2009/03/04 18:48:10 | 00,035,813 | ---- | M] () -- C:\Documents and Settings\Dustin\My Documents\stock.gif
[2009/03/04 00:13:56 | 00,124,464 | ---- | M] (Symantec Corporation) -- C:\WINDOWS\System32\drivers\SYMEVENT.SYS
[2009/03/04 00:13:56 | 00,060,808 | ---- | M] (Symantec Corporation) -- C:\WINDOWS\System32\S32EVNT1.DLL
[2009/03/04 00:13:56 | 00,007,386 | ---- | M] () -- C:\WINDOWS\System32\drivers\SYMEVENT.CAT
[2009/03/04 00:13:56 | 00,000,805 | ---- | M] () -- C:\WINDOWS\System32\drivers\SYMEVENT.INF
[2009/03/04 00:13:15 | 00,482,352 | ---- | M] (Symantec Corporation) -- C:\WINDOWS\System32\drivers\NIS\1005000.086\cchpx86.sys
[2009/03/04 00:13:08 | 00,000,172 | ---- | M] () -- C:\WINDOWS\System32\drivers\NIS\1005000.086\isolate.ini
[2009/03/02 17:54:04 | 00,000,284 | ---- | M] () -- C:\WINDOWS\tasks\AppleSoftwareUpdate.job
[2009/03/01 16:31:18 | 01,874,416 | ---- | M] () -- C:\Documents and Settings\Dustin\Desktop\TeamViewer_Setup.exe
[2009/03/01 16:11:14 | 01,479,408 | ---- | M] () -- C:\Documents and Settings\Dustin\Desktop\TeamViewerQS.exe
[2009/02/27 06:20:26 | 00,310,320 | ---- | M] (Symantec Corporation) -- C:\WINDOWS\System32\drivers\NIS\1005000.086\SymEFA.sys
[2009/02/27 06:20:26 | 00,307,760 | ---- | M] (Symantec Corporation) -- C:\WINDOWS\System32\drivers\NIS\1005000.086\srtsp.sys
[2009/02/27 06:20:26 | 00,258,608 | ---- | M] (Symantec Corporation) -- C:\WINDOWS\System32\drivers\NIS\1005000.086\BHDrvx86.sys
[2009/02/27 06:20:26 | 00,217,392 | ---- | M] (Symantec Corporation) -- C:\WINDOWS\System32\drivers\NIS\1005000.086\symtdi.sys
[2009/02/27 06:20:26 | 00,089,776 | ---- | M] (Symantec Corporation) -- C:\WINDOWS\System32\drivers\NIS\1005000.086\symfw.sys
[2009/02/27 06:20:26 | 00,043,696 | ---- | M] (Symantec Corporation) -- C:\WINDOWS\System32\drivers\NIS\1005000.086\srtspx.sys
[2009/02/27 06:20:26 | 00,039,984 | ---- | M] (Symantec Corporation) -- C:\WINDOWS\System32\drivers\NIS\1005000.086\symndisv.sys
[2009/02/27 06:20:26 | 00,037,296 | ---- | M] (Symantec Corporation) -- C:\WINDOWS\System32\drivers\NIS\1005000.086\symndis.sys
[2009/02/27 06:20:26 | 00,034,736 | ---- | M] (Symantec Corporation) -- C:\WINDOWS\System32\drivers\NIS\1005000.086\symids.sys
[2009/02/27 06:20:23 | 00,003,373 | ---- | M] () -- C:\WINDOWS\System32\drivers\NIS\1005000.086\SymEFA.inf
[2009/02/27 06:20:23 | 00,001,753 | ---- | M] () -- C:\WINDOWS\System32\drivers\NIS\1005000.086\ccHPx86.inf
[2009/02/27 06:20:23 | 00,001,528 | ---- | M] () -- C:\WINDOWS\System32\drivers\NIS\1005000.086\SymNet.inf
[2009/02/27 06:20:23 | 00,001,389 | ---- | M] () -- C:\WINDOWS\System32\drivers\NIS\1005000.086\srtspx.inf
[2009/02/27 06:20:23 | 00,001,383 | ---- | M] () -- C:\WINDOWS\System32\drivers\NIS\1005000.086\srtsp.inf
[2009/02/27 06:20:23 | 00,000,640 | ---- | M] () -- C:\WINDOWS\System32\drivers\NIS\1005000.086\BHDrvx86.inf
[2009/02/27 06:20:19 | 00,009,423 | ---- | M] () -- C:\WINDOWS\System32\drivers\NIS\1005000.086\SymNet.cat
[2009/02/27 06:20:19 | 00,007,410 | ---- | M] () -- C:\WINDOWS\System32\drivers\NIS\1005000.086\SymEFA.cat
[2009/02/27 06:20:19 | 00,007,372 | ---- | M] () -- C:\WINDOWS\System32\drivers\NIS\1005000.086\srtspx.cat
[2009/02/27 06:20:19 | 00,007,364 | ---- | M] () -- C:\WINDOWS\System32\drivers\NIS\1005000.086\BHDrvx86.CAT
[2009/02/27 06:20:19 | 00,007,355 | ---- | M] () -- C:\WINDOWS\System32\drivers\NIS\1005000.086\srtsp.cat
[2009/02/27 06:20:19 | 00,007,347 | ---- | M] () -- C:\WINDOWS\System32\drivers\NIS\1005000.086\ccHPx86.cat
[2009/02/27 06:20:18 | 00,036,400 | R--- | M] (Symantec Corporation) -- C:\WINDOWS\System32\drivers\SymIM.sys
[2009/02/25 00:31:38 | 00,000,268 | -H-- | M] () -- C:\sqmdata05.sqm
[2009/02/25 00:31:38 | 00,000,244 | -H-- | M] () -- C:\sqmnoopt05.sqm
[2009/02/24 10:38:50 | 00,000,268 | -H-- | M] () -- C:\sqmdata04.sqm
[2009/02/24 10:38:50 | 00,000,244 | -H-- | M] () -- C:\sqmnoopt04.sqm
[2009/02/22 20:25:56 | 00,000,268 | -H-- | M] () -- C:\sqmdata03.sqm
[2009/02/22 20:25:56 | 00,000,244 | -H-- | M] () -- C:\sqmnoopt03.sqm
[2009/02/22 11:07:56 | 00,000,268 | -H-- | M] () -- C:\sqmdata02.sqm
[2009/02/22 11:07:55 | 00,000,244 | -H-- | M] () -- C:\sqmnoopt02.sqm
[2009/02/20 20:12:00 | 00,000,268 | -H-- | M] () -- C:\sqmdata01.sqm
[2009/02/20 20:12:00 | 00,000,244 | -H-- | M] () -- C:\sqmnoopt01.sqm
[2009/02/19 02:00:05 | 00,000,268 | -H-- | M] () -- C:\sqmdata00.sqm
[2009/02/19 02:00:05 | 00,000,244 | -H-- | M] () -- C:\sqmnoopt00.sqm
[2009/02/18 18:00:34 | 00,000,268 | -H-- | M] () -- C:\sqmdata19.sqm
[2009/02/18 18:00:34 | 00,000,244 | -H-- | M] () -- C:\sqmnoopt19.sqm
[2009/02/15 22:59:09 | 00,067,072 | -HS- | M] () -- C:\Documents and Settings\Dustin\My Documents\Thumbs.db
[2009/02/14 05:28:54 | 00,000,268 | -H-- | M] () -- C:\sqmdata18.sqm
[2009/02/14 05:28:54 | 00,000,244 | -H-- | M] () -- C:\sqmnoopt18.sqm
[2009/02/12 22:01:38 | 00,001,374 | ---- | M] () -- C:\WINDOWS\imsins.BAK
[2009/02/12 14:14:14 | 12,342,272 | ---- | M] () -- C:\DT TRUCK REPAIR.QBW
[2009/02/11 23:56:17 | 21,244,872 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\MRT.exe
========== LOP Check ========== [2009/01/12 21:37:46 | 00,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Application Data
[2009/01/01 22:27:31 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\{3276BE95_AF08_429F_A64F_CA64CB79BCF6}
[2008/08/10 20:17:59 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Adobe
[2007/07/04 14:06:37 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Apple
[2006/12/25 11:14:08 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Apple Computer
[2007/03/27 19:23:01 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Google
[2009/03/07 12:08:23 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Google Updater
[2007/06/18 20:10:06 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Insight Software
[2007/12/15 21:48:53 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Insight Software Solutions
[2006/11/16 18:28:05 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Macromedia
[2007/06/11 20:48:10 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Macrovision
[2008/03/25 20:49:25 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Malwarebytes
[2006/01/19 16:44:19 | 00,000,000 | --SD | M] -- C:\Documents and Settings\All Users\Application Data\Microsoft
[2005/12/05 16:25:21 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\MSN6
[2008/07/16 13:28:55 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\n7-89-o9-3r-4t-r9
[2008/09/14 23:23:53 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Norton
[2008/09/14 23:13:53 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\NortonInstaller
[2008/02/02 15:15:31 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\nView_Profiles
[2008/09/14 23:14:28 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\PCSettings
[2007/02/11 20:50:57 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\pixelStorm
[2007/11/23 11:05:16 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy
[2007/11/23 17:10:49 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\SUPERAntiSpyware.com
[2008/09/14 23:26:32 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Symantec
[2009/01/02 19:40:27 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\TEMP
[2007/11/30 21:41:11 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Webroot
[2006/08/16 20:32:27 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Windows Genuine Advantage
[2008/09/18 17:17:55 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\WLInstaller
[2006/08/30 10:12:39 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Yahoo!
[2009/03/01 16:11:51 | 00,000,000 | RH-D | M] -- C:\Documents and Settings\Dustin\Application Data
[2008/07/11 20:46:51 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Dustin\Application Data\Adobe
[2008/07/05 12:09:17 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Dustin\Application Data\AdobeUM
[2007/08/16 11:15:35 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Dustin\Application Data\Apple Computer
[2008/12/02 19:34:13 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Dustin\Application Data\CyberLink
[2007/06/11 19:53:01 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Dustin\Application Data\GlobalSCAPE
[2007/01/06 12:06:02 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Dustin\Application Data\Google
[2006/11/17 16:33:01 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Dustin\Application Data\ICAClient
[2005/10/16 19:03:30 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Dustin\Application Data\Identities
[2008/09/15 18:47:04 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Dustin\Application Data\Macromedia
[2008/03/25 20:49:33 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Dustin\Application Data\Malwarebytes
[2008/04/23 10:10:09 | 00,000,000 | --SD | M] -- C:\Documents and Settings\Dustin\Application Data\Microsoft
[2008/06/20 18:33:23 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Dustin\Application Data\Mozilla
[2005/12/05 16:26:28 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Dustin\Application Data\MSN6
[2007/03/14 19:25:51 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Dustin\Application Data\Screenshot Sender
[2005/11/22 20:17:36 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Dustin\Application Data\Sun
[2008/03/26 16:07:17 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Dustin\Application Data\SUPERAntiSpyware.com
[2006/10/12 18:28:54 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Dustin\Application Data\Symantec
[2007/11/16 09:28:52 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Dustin\Application Data\Talkback
[2009/03/01 16:11:53 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Dustin\Application Data\TeamViewer
[2008/02/23 19:23:26 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Dustin\Application Data\Yahoo!
[2009/03/02 17:54:04 | 00,000,284 | ---- | M] () -- C:\WINDOWS\Tasks\AppleSoftwareUpdate.job
[2001/08/23 02:00:00 | 00,000,065 | RH-- | M] () -- C:\WINDOWS\Tasks\desktop.ini
[2009/03/09 10:27:27 | 00,000,006 | -H-- | M] () -- C:\WINDOWS\Tasks\SA.DAT
========== Purity Check ========== ========== Alternate Data Streams ========== @Alternate Data Stream - 120 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:5C321E34
@Alternate Data Stream - 0 bytes -> C:\Documents and Settings\Dustin\My Documents\Thumbs.db:encryptable
< End of report >