[code] OTS logfile created on: 6/3/2010 1:21:32 PM - Run 1 OTS by OldTimer - Version 3.1.31.2 Folder = E:\ Windows XP Home Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation Internet Explorer (Version = 8.0.6001.18702) Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy 1,014.00 Mb Total Physical Memory | 822.00 Mb Available Physical Memory | 81.00% Memory free 2.00 Gb Paging File | 2.00 Gb Available in Paging File | 97.00% Paging File free Paging file location(s): C:\pagefile.sys 1524 3048 [binary data] %SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files Drive C: | 71.95 Gb Total Space | 55.52 Gb Free Space | 77.16% Space Free | Partition Type: NTFS D: Drive not present or media not loaded Drive E: | 249.72 Mb Total Space | 245.20 Mb Free Space | 98.19% Space Free | Partition Type: FAT F: Drive not present or media not loaded G: Drive not present or media not loaded H: Drive not present or media not loaded I: Drive not present or media not loaded Computer Name: JULES Current User Name: JUELS Logged in as Administrator. Current Boot Mode: SafeMode Scan Mode: All users Company Name Whitelist: Off Skip Microsoft Files: Off File Age = 30 Days [Processes - Safe List] ots.exe -> E:\OTS.exe -> [2010/06/03 12:55:36 | 000,640,000 | ---- | M] (OldTimer Tools) explorer.exe -> C:\WINDOWS\explorer.exe -> [2008/04/13 17:12:19 | 001,033,728 | ---- | M] (Microsoft Corporation) [Modules - Safe List] ots.exe -> E:\OTS.exe -> [2010/06/03 12:55:36 | 000,640,000 | ---- | M] (OldTimer Tools) msscript.ocx -> C:\WINDOWS\system32\msscript.ocx -> [2008/04/13 17:10:20 | 000,110,592 | ---- | M] (Microsoft Corporation) [Win32 Services - Safe List] (Apple Mobile Device) Apple Mobile Device [Auto | Stopped] -> C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe -> [2010/04/16 08:33:40 | 000,144,672 | ---- | M] (Apple Inc.) (ATTRcAppSvc) AT&T RcAppSvc [On_Demand | Stopped] -> C:\Program Files\AT&T\Connection Software\RcAppSvc.exe -> [2008/07/10 11:54:58 | 000,111,896 | ---- | M] (PCTEL) (bmwebcfg) Bytemobile Web Configurator [Auto | Stopped] -> C:\WINDOWS\System32\bmwebcfg.exe -> [2008/07/10 11:51:34 | 000,118,784 | ---- | M] (Bytemobile, Inc.) (STacSV) SigmaTel Audio Service [Auto | Stopped] -> C:\WINDOWS\system32\stacsv.exe -> [2007/09/16 13:44:50 | 000,094,208 | ---- | M] (SigmaTel, Inc.) (SavRoam) SavRoam [On_Demand | Stopped] -> C:\Program Files\Symantec AntiVirus\SavRoam.exe -> [2006/09/27 21:33:38 | 000,116,464 | ---- | M] (symantec) (Symantec AntiVirus) Symantec AntiVirus [Auto | Stopped] -> C:\Program Files\Symantec AntiVirus\Rtvscan.exe -> [2006/09/27 21:33:32 | 001,813,232 | ---- | M] (Symantec Corporation) (DefWatch) Symantec AntiVirus Definition Watcher [Auto | Stopped] -> C:\Program Files\Symantec AntiVirus\DefWatch.exe -> [2006/09/27 21:33:22 | 000,031,472 | ---- | M] (Symantec Corporation) (LiveUpdate) LiveUpdate [On_Demand | Stopped] -> C:\Program Files\Symantec\LiveUpdate\LuComServer_3_1.EXE -> [2006/09/02 17:36:33 | 002,528,960 | ---- | M] (Symantec Corporation) (SNDSrvc) Symantec Network Drivers Service [On_Demand | Stopped] -> C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe -> [2006/08/07 17:03:02 | 000,214,720 | ---- | M] (Symantec Corporation) (ccSetMgr) Symantec Settings Manager [Auto | Stopped] -> C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe -> [2006/07/19 20:26:12 | 000,169,632 | ---- | M] (Symantec Corporation) (ccEvtMgr) Symantec Event Manager [Auto | Stopped] -> C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe -> [2006/07/19 20:26:06 | 000,192,160 | ---- | M] (Symantec Corporation) (SPBBCSvc) Symantec SPBBCSvc [Auto | Stopped] -> C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCSvc.exe -> [2006/04/11 18:13:38 | 001,160,848 | ---- | M] (Symantec Corporation) [Driver Services - Safe List] (NAVEX15) NAVEX15 [Kernel | On_Demand | Stopped] -> C:\Program Files\Common Files\Symantec Shared\VirusDefs\20100524.002\NAVEX15.SYS -> [2010/05/17 01:00:00 | 001,347,504 | ---- | M] (Symantec Corporation) (NAVENG) NAVENG [Kernel | On_Demand | Stopped] -> C:\Program Files\Common Files\Symantec Shared\VirusDefs\20100524.002\NAVENG.SYS -> [2010/05/17 01:00:00 | 000,085,552 | ---- | M] (Symantec Corporation) (eeCtrl) Symantec Eraser Control driver [Kernel | System | Stopped] -> C:\Program Files\Common Files\Symantec Shared\EENGINE\eeCtrl.sys -> [2010/04/22 01:00:00 | 000,371,248 | ---- | M] (Symantec Corporation) (EraserUtilRebootDrv) EraserUtilRebootDrv [Kernel | On_Demand | Stopped] -> C:\Program Files\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys -> [2010/04/22 01:00:00 | 000,102,448 | ---- | M] (Symantec Corporation) (tcpipBM) Bytemobile Kernel Network Provider [Kernel | System | Stopped] -> C:\WINDOWS\system32\drivers\tcpipBM.sys -> [2008/07/10 11:51:34 | 000,018,816 | ---- | M] (Bytemobile, Inc.) (PCTINDIS5) PCTINDIS5 NDIS Protocol Driver [Kernel | On_Demand | Stopped] -> C:\WINDOWS\system32\PCTINDIS5.sys -> [2008/07/10 11:45:36 | 000,032,160 | ---- | M] (PCTEL Inc.) (PCASp50) PCASp50 NDIS Protocol Driver [Kernel | On_Demand | Stopped] -> C:\WINDOWS\system32\drivers\PCASp50.sys -> [2008/07/10 11:45:34 | 000,027,072 | ---- | M] (Printing Communications Assoc., Inc. (PCAUSA)) (amdagp) AMD AGP Bus Filter Driver [Kernel | Disabled | Stopped] -> C:\WINDOWS\system32\DRIVERS\amdagp.sys -> [2008/04/13 11:36:39 | 000,043,008 | ---- | M] (Advanced Micro Devices, Inc.) (sisagp) SIS AGP Bus Filter [Kernel | Disabled | Stopped] -> C:\WINDOWS\system32\DRIVERS\sisagp.sys -> [2008/04/13 11:36:39 | 000,040,960 | ---- | M] (Silicon Integrated Systems Corporation) (HDAudBus) Microsoft UAA Bus Driver for High Definition Audio [Kernel | On_Demand | Running] -> C:\WINDOWS\system32\drivers\hdaudbus.sys -> [2008/04/13 09:36:05 | 000,144,384 | ---- | M] (Windows (R) Server 2003 DDK provider) (swmsflt) swmsflt [Kernel | On_Demand | Running] -> C:\WINDOWS\System32\drivers\swmsflt.sys -> [2008/01/03 16:21:32 | 000,026,504 | ---- | M] () (ialm) ialm [Kernel | On_Demand | Stopped] -> C:\WINDOWS\system32\drivers\igxpmp32.sys -> [2007/09/23 20:09:18 | 005,776,864 | ---- | M] (Intel Corporation) (ApfiltrService) Alps Touch Pad Filter Driver for Windows 2000/XP/Vista [Kernel | On_Demand | Running] -> C:\WINDOWS\system32\drivers\Apfiltr.sys -> [2007/09/23 17:27:26 | 000,155,136 | ---- | M] (Alps Electric Co., Ltd.) (STHDA) SigmaTel High Definition Audio CODEC [Kernel | On_Demand | Stopped] -> C:\WINDOWS\system32\drivers\sthda.sys -> [2007/09/16 13:44:52 | 001,222,840 | ---- | M] (SigmaTel, Inc.) (rismxdp) Ricoh xD-Picture Card Driver [Kernel | Auto | Running] -> C:\WINDOWS\system32\drivers\rixdptsk.sys -> [2007/08/26 19:13:32 | 000,037,376 | ---- | M] (REDC) (rimsptsk) rimsptsk [Kernel | Auto | Running] -> C:\WINDOWS\system32\drivers\rimsptsk.sys -> [2007/08/26 19:13:30 | 000,056,832 | ---- | M] (REDC) (rimmptsk) rimmptsk [Kernel | Auto | Running] -> C:\WINDOWS\system32\drivers\rimmptsk.sys -> [2007/08/26 19:13:30 | 000,039,936 | ---- | M] (REDC) (iaStor) Intel AHCI Controller [Kernel | Boot | Running] -> C:\WINDOWS\system32\drivers\iaStor.sys -> [2007/08/07 14:04:38 | 000,277,784 | ---- | M] (Intel Corporation) (b57w2k) Broadcom NetXtreme Gigabit Ethernet [Kernel | On_Demand | Stopped] -> C:\WINDOWS\system32\drivers\b57xp32.sys -> [2007/08/07 14:02:56 | 000,160,256 | ---- | M] (Broadcom Corporation) (BCM43XX) Dell Wireless WLAN Card Driver [Kernel | On_Demand | Stopped] -> C:\WINDOWS\system32\drivers\BCMWL5.SYS -> [2007/05/09 13:59:42 | 000,604,928 | ---- | M] (Broadcom Corporation) (HSF_DPV) HSF_DPV [Kernel | On_Demand | Stopped] -> C:\WINDOWS\system32\drivers\HSF_DPV.sys -> [2007/04/23 20:15:46 | 000,989,696 | ---- | M] (Conexant Systems, Inc.) (winachsf) winachsf [Kernel | On_Demand | Stopped] -> C:\WINDOWS\system32\drivers\HSF_CNXT.sys -> [2007/04/23 20:15:46 | 000,730,112 | ---- | M] (Conexant Systems, Inc.) (HSFHWAZL) HSFHWAZL [Kernel | On_Demand | Stopped] -> C:\WINDOWS\system32\drivers\HSFHWAZL.sys -> [2007/04/23 20:15:44 | 000,209,152 | ---- | M] (Conexant Systems, Inc.) (DXEC02) DXEC02 [Kernel | On_Demand | Stopped] -> C:\WINDOWS\system32\drivers\dxec02.sys -> [2006/11/02 11:31:38 | 000,103,168 | ---- | M] (Knowles Acoustics) (SymEvent) SymEvent [Kernel | On_Demand | Stopped] -> C:\Program Files\Symantec\SYMEVENT.SYS -> [2006/09/18 18:55:28 | 000,109,744 | ---- | M] (Symantec Corporation) (SAVRT) SAVRT [Kernel | System | Stopped] -> C:\Program Files\Symantec AntiVirus\savrt.sys -> [2006/09/06 15:41:20 | 000,337,592 | ---- | M] (Symantec Corporation) (SAVRTPEL) SAVRTPEL [Kernel | System | Stopped] -> C:\Program Files\Symantec AntiVirus\Savrtpel.sys -> [2006/09/06 15:41:20 | 000,054,968 | ---- | M] (Symantec Corporation) (SYMTDI) SYMTDI [Kernel | System | Stopped] -> C:\WINDOWS\System32\Drivers\SYMTDI.SYS -> [2006/08/07 17:02:26 | 000,195,776 | ---- | M] (Symantec Corporation) (SYMREDRV) SYMREDRV [Kernel | On_Demand | Stopped] -> C:\WINDOWS\System32\Drivers\SYMREDRV.SYS -> [2006/08/07 17:02:22 | 000,024,768 | ---- | M] (Symantec Corporation) (SPBBCDrv) SPBBCDrv [Kernel | System | Stopped] -> C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCDrv.sys -> [2006/04/11 18:13:34 | 000,389,776 | ---- | M] (Symantec Corporation) (nv) nv [Kernel | On_Demand | Stopped] -> C:\WINDOWS\system32\drivers\nv4_mini.sys -> [2004/08/03 21:29:56 | 001,897,408 | ---- | M] (NVIDIA Corporation) (Sparrow) Sparrow [Kernel | Disabled | Stopped] -> C:\WINDOWS\system32\DRIVERS\sparrow.sys -> [2001/08/17 13:07:44 | 000,019,072 | ---- | M] (Adaptec, Inc.) (sym_u3) sym_u3 [Kernel | Disabled | Stopped] -> C:\WINDOWS\system32\DRIVERS\sym_u3.sys -> [2001/08/17 13:07:42 | 000,030,688 | ---- | M] (LSI Logic) (sym_hi) sym_hi [Kernel | Disabled | Stopped] -> C:\WINDOWS\system32\DRIVERS\sym_hi.sys -> [2001/08/17 13:07:40 | 000,028,384 | ---- | M] (LSI Logic) (symc8xx) symc8xx [Kernel | Disabled | Stopped] -> C:\WINDOWS\system32\DRIVERS\symc8xx.sys -> [2001/08/17 13:07:36 | 000,032,640 | ---- | M] (LSI Logic) (symc810) symc810 [Kernel | Disabled | Stopped] -> C:\WINDOWS\system32\DRIVERS\symc810.sys -> [2001/08/17 13:07:34 | 000,016,256 | ---- | M] (Symbios Logic Inc.) (ultra) ultra [Kernel | Disabled | Stopped] -> C:\WINDOWS\system32\DRIVERS\ultra.sys -> [2001/08/17 12:52:22 | 000,036,736 | ---- | M] (Promise Technology, Inc.) (ql12160) ql12160 [Kernel | Disabled | Stopped] -> C:\WINDOWS\system32\DRIVERS\ql12160.sys -> [2001/08/17 12:52:20 | 000,045,312 | ---- | M] (QLogic Corporation) (ql1080) ql1080 [Kernel | Disabled | Stopped] -> C:\WINDOWS\system32\DRIVERS\ql1080.sys -> [2001/08/17 12:52:20 | 000,040,320 | ---- | M] (QLogic Corporation) (ql1280) ql1280 [Kernel | Disabled | Stopped] -> C:\WINDOWS\system32\DRIVERS\ql1280.sys -> [2001/08/17 12:52:18 | 000,049,024 | ---- | M] (QLogic Corporation) (dac2w2k) dac2w2k [Kernel | Disabled | Stopped] -> C:\WINDOWS\system32\DRIVERS\dac2w2k.sys -> [2001/08/17 12:52:16 | 000,179,584 | ---- | M] (Mylex Corporation) (mraid35x) mraid35x [Kernel | Disabled | Stopped] -> C:\WINDOWS\system32\DRIVERS\mraid35x.sys -> [2001/08/17 12:52:12 | 000,017,280 | ---- | M] (American Megatrends Inc.) (asc) asc [Kernel | Disabled | Stopped] -> C:\WINDOWS\system32\DRIVERS\asc.sys -> [2001/08/17 12:52:00 | 000,026,496 | ---- | M] (Advanced System Products, Inc.) (asc3550) asc3550 [Kernel | Disabled | Stopped] -> C:\WINDOWS\system32\DRIVERS\asc3550.sys -> [2001/08/17 12:51:58 | 000,014,848 | ---- | M] (Advanced System Products, Inc.) (AliIde) AliIde [Kernel | Disabled | Stopped] -> C:\WINDOWS\system32\DRIVERS\aliide.sys -> [2001/08/17 12:51:56 | 000,005,248 | ---- | M] (Acer Laboratories Inc.) (CmdIde) CmdIde [Kernel | Disabled | Stopped] -> C:\WINDOWS\system32\DRIVERS\cmdide.sys -> [2001/08/17 12:51:54 | 000,006,656 | ---- | M] (CMD Technology, Inc.) [Registry - Safe List] < Internet Explorer Settings [HKEY_LOCAL_MACHINE\] > -> -> HKEY_LOCAL_MACHINE\: Search\\"Default_Page_URL" -> www.google.com/ig/dell?hl=en&client=dell-usuk&channel=us&ibd=2071213 -> HKEY_LOCAL_MACHINE\: Search\\"SearchAssistant" -> http://www.google.com/hws/sb/dell-usuk/en/side.html?channel=us -> HKEY_LOCAL_MACHINE\: Search\\"Start Page" -> www.google.com/ig/dell?hl=en&client=dell-usuk&channel=us&ibd=2071213 -> < Internet Explorer Settings [HKEY_USERS\.DEFAULT\] > -> -> HKEY_USERS\.DEFAULT\: Main\\"Default_Page_URL" -> www.google.com/ig/dell?hl=en&client=dell-usuk&channel=us&ibd=2071213 -> HKEY_USERS\.DEFAULT\: Main\\"Start Page" -> www.google.com/ig/dell?hl=en&client=dell-usuk&channel=us&ibd=2071213 -> HKEY_USERS\.DEFAULT\: "ProxyEnable" -> 0 -> < Internet Explorer Settings [HKEY_USERS\S-1-5-18\] > -> -> HKEY_USERS\S-1-5-18\: Main\\"Default_Page_URL" -> www.google.com/ig/dell?hl=en&client=dell-usuk&channel=us&ibd=2071213 -> HKEY_USERS\S-1-5-18\: Main\\"Start Page" -> www.google.com/ig/dell?hl=en&client=dell-usuk&channel=us&ibd=2071213 -> HKEY_USERS\S-1-5-18\: "ProxyEnable" -> 0 -> < Internet Explorer Settings [HKEY_USERS\S-1-5-20\] > -> -> < Internet Explorer Settings [HKEY_USERS\S-1-5-21-1195492579-1499592111-4157199112-1006\] > -> -> HKEY_USERS\S-1-5-21-1195492579-1499592111-4157199112-1006\: Main\\"Default_Page_URL" -> www.google.com/ig/dell?hl=en&client=dell-usuk&channel=us&ibd=2071213 -> HKEY_USERS\S-1-5-21-1195492579-1499592111-4157199112-1006\: Main\\"Search Page" -> http://www.google.com/hws/sb/dell-usuk/en/side.html?channel=us -> HKEY_USERS\S-1-5-21-1195492579-1499592111-4157199112-1006\: Main\\"Start Page" -> http://www.google.com/ -> HKEY_USERS\S-1-5-21-1195492579-1499592111-4157199112-1006\: "ProxyEnable" -> 1 -> HKEY_USERS\S-1-5-21-1195492579-1499592111-4157199112-1006\: "ProxyOverride" -> -> HKEY_USERS\S-1-5-21-1195492579-1499592111-4157199112-1006\: "ProxyServer" -> http=127.0.0.1:5555 -> < FireFox Settings [Prefs.js] > -> C:\Documents and Settings\JUELS\Application Data\Mozilla\FireFox\Profiles\zwouyic4.default\prefs.js -> extensions.enabledItems -> jqs@sun.com:1.0 -> < FireFox Settings [User.js] > -> C:\Documents and Settings\JUELS\Application Data\Mozilla\FireFox\Profiles\zwouyic4.default\user.js -> < FireFox Extensions [HKLM] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Mozilla HKLM\software\mozilla\Firefox\extensions -> -> < FireFox Extensions [User Folders] > -> -> C:\Documents and Settings\JUELS\Application Data\Mozilla\Extensions -> [2010/05/28 13:41:44 | 000,000,000 | ---D | M] -> C:\Documents and Settings\JUELS\Application Data\Mozilla\Firefox\Profiles\zwouyic4.default\extensions -> [2010/06/02 11:50:25 | 000,000,000 | ---D | M] Yahoo! Toolbar -> C:\Documents and Settings\JUELS\Application Data\Mozilla\Firefox\Profiles\zwouyic4.default\extensions\{635abd67-4fe9-1b23-4f01-e679fa7484c1} -> [2008/12/27 17:51:17 | 000,000,000 | ---D | M] < HOSTS File > ([2004/08/04 04:00:00 | 000,000,734 | ---- | M] - 19 lines) -> C:\WINDOWS\system32\drivers\etc\hosts -> Reset Hosts 127.0.0.1 localhost < BHO's [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\ -> {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} [HKLM] -> C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll [Adobe PDF Reader Link Helper] -> [2006/10/22 23:08:42 | 000,062,080 | ---- | M] (Adobe Systems Incorporated) {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} [HKLM] -> C:\Program Files\Java\jre6\bin\ssv.dll [Java(tm) Plug-In SSV Helper] -> [2008/12/27 13:44:20 | 000,320,920 | ---- | M] (Sun Microsystems, Inc.) {CA6319C0-31B7-401E-A518-A07C3DB8F777} [HKLM] -> C:\Program Files\Dell\BAE\BAE.dll [CBrowserHelperObject Object] -> [2006/11/09 08:56:48 | 000,098,304 | ---- | M] (Dell Inc.) < Internet Explorer ToolBars [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\ToolBar -> "Locked" [HKLM] -> Reg Error: Key error. [Reg Error: Key error.] -> File not found < Run [HKEY_LOCAL_MACHINE\] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run -> "" -> [] -> File not found "Adobe Reader Speed Launcher" -> C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe ["C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"] -> [2008/01/11 22:16:38 | 000,039,792 | ---- | M] (Adobe Systems Incorporated) "Apoint" -> C:\Program Files\DellTPad\Apoint.exe [C:\Program Files\DellTPad\Apoint.exe] -> [2007/09/23 17:27:30 | 000,159,744 | ---- | M] (Alps Electric Co., Ltd.) "AT&T Communication Manager" -> C:\Program Files\AT&T\Connection Software\ATTCM.exe ["C:\Program Files\AT&T\Connection Software\ATTCM.exe" -a] -> File not found "ccApp" -> C:\Program Files\Common Files\Symantec Shared\ccApp.exe ["C:\Program Files\Common Files\Symantec Shared\ccApp.exe"] -> [2006/07/19 20:26:04 | 000,052,896 | ---- | M] (Symantec Corporation) "ECenter" -> C:\dell\E-Center\EULALauncher.exe [C:\Dell\E-Center\EULALauncher.exe] -> [2007/05/24 06:03:00 | 000,017,920 | ---- | M] ( ) "jqxrriap" -> C:\Documents and Settings\JUELS\Local Settings\Application Data\jrkdffdax\smqbqcvtssd.exe [C:\Documents and Settings\JUELS\Local Settings\Application Data\jrkdffdax\smqbqcvtssd.exe] -> [2010/06/02 12:01:47 | 000,282,144 | ---- | M] () "KADxMain" -> C:\WINDOWS\system32\KADxMain.exe [C:\WINDOWS\system32\KADxMain.exe] -> [2006/11/02 13:05:50 | 000,282,624 | ---- | M] (Knowles Acoustics) "PCMService" -> C:\Program Files\Dell\MediaDirect\PCMService.exe ["C:\Program Files\Dell\MediaDirect\PCMService.exe"] -> [2007/04/16 15:10:26 | 000,184,320 | ---- | M] (CyberLink Corp.) "SigmatelSysTrayApp" -> C:\WINDOWS\stsystra.exe [stsystra.exe] -> [2007/09/16 13:44:54 | 000,405,504 | ---- | M] (SigmaTel, Inc.) "vptray" -> C:\Program Files\Symantec AntiVirus\VPTray.exe [C:\PROGRA~1\SYMANT~1\VPTray.exe] -> [2006/09/27 21:33:44 | 000,125,168 | ---- | M] (Symantec Corporation) < Run [HKEY_USERS\S-1-5-21-1195492579-1499592111-4157199112-1006\] > -> HKEY_USERS\S-1-5-21-1195492579-1499592111-4157199112-1006\SOFTWARE\Microsoft\Windows\CurrentVersion\Run -> "jqxrriap" -> C:\Documents and Settings\JUELS\Local Settings\Application Data\jrkdffdax\smqbqcvtssd.exe [C:\Documents and Settings\JUELS\Local Settings\Application Data\jrkdffdax\smqbqcvtssd.exe] -> [2010/06/02 12:01:47 | 000,282,144 | ---- | M] () < Administrator Startup Folder > -> C:\Documents and Settings\Administrator\Start Menu\Programs\Startup -> < All Users Startup Folder > -> C:\Documents and Settings\All Users\Start Menu\Programs\Startup -> C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Digital Line Detect.lnk -> C:\Program Files\Digital Line Detect\DLG.exe -> [2006/11/03 17:02:14 | 000,050,688 | ---- | M] (Avanquest Software ) < Default User Startup Folder > -> C:\Documents and Settings\Default User\Start Menu\Programs\Startup -> < JUELS Startup Folder > -> C:\Documents and Settings\JUELS\Start Menu\Programs\Startup -> < CurrentVersion Policy Settings - Explorer [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer \\"HonorAutoRunSetting" -> [1] -> File not found HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\Run \Run\\"RTHDBPL" -> C:\Documents and Settings\JUELS\Application Data\SystemProc\lsass.exe [C:\Documents and Settings\JUELS\Application Data\SystemProc\lsass.exe] -> [2010/06/02 11:46:35 | 000,066,560 | -HS- | M] (Usvgknc) < CurrentVersion Policy Settings - System [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System < CurrentVersion Policy Settings [HKEY_USERS\.DEFAULT] > -> HKEY_USERS\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer -> HKEY_USERS\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer \\"NoDriveTypeAutoRun" -> [145] -> File not found < CurrentVersion Policy Settings [HKEY_USERS\S-1-5-18] > -> HKEY_USERS\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer -> HKEY_USERS\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer \\"NoDriveTypeAutoRun" -> [145] -> File not found < CurrentVersion Policy Settings [HKEY_USERS\S-1-5-20] > -> HKEY_USERS\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer -> HKEY_USERS\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer \\"NoDriveTypeAutoRun" -> [145] -> File not found < CurrentVersion Policy Settings [HKEY_USERS\S-1-5-21-1195492579-1499592111-4157199112-1006] > -> HKEY_USERS\S-1-5-21-1195492579-1499592111-4157199112-1006\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer -> HKEY_USERS\S-1-5-21-1195492579-1499592111-4157199112-1006\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer \\"NoDriveTypeAutoRun" -> [145] -> File not found < Internet Explorer Menu Extensions [HKEY_USERS\S-1-5-21-1195492579-1499592111-4157199112-1006\] > -> HKEY_USERS\S-1-5-21-1195492579-1499592111-4157199112-1006\Software\Microsoft\Internet Explorer\MenuExt\ -> E&xport to Microsoft Excel -> C:\Program Files\Microsoft Office\Office12\EXCEL.EXE [res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000] -> [2010/01/15 00:57:10 | 018,343,272 | ---- | M] (Microsoft Corporation) < Internet Explorer Extensions [HKEY_USERS\.DEFAULT\] > -> HKEY_USERS\.DEFAULT\Software\Microsoft\Internet Explorer\Extensions\ -> CmdMapping\\"{08B0E5C0-4FCB-11CF-AAA5-00401C608501}" [HKLM] -> [Reg Error: Value error.] -> File not found < Internet Explorer Extensions [HKEY_USERS\S-1-5-18\] > -> HKEY_USERS\S-1-5-18\Software\Microsoft\Internet Explorer\Extensions\ -> CmdMapping\\"{08B0E5C0-4FCB-11CF-AAA5-00401C608501}" [HKLM] -> [Reg Error: Value error.] -> File not found < Default Prefix > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\URL\DefaultPrefix "" -> http:// < Trusted Sites Domains [HKEY_LOCAL_MACHINE\] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ -> [Key] 0 domain(s) found. -> < Trusted Sites Ranges [HKEY_LOCAL_MACHINE\] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ -> [Key] 0 range(s) found. -> < Trusted Sites Domains [HKEY_USERS\.DEFAULT\] > -> HKEY_USERS\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ -> HKEY_USERS\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ -> [Key] 0 domain(s) found. -> < Trusted Sites Ranges [HKEY_USERS\.DEFAULT\] > -> HKEY_USERS\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ -> HKEY_USERS\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ -> [Key] 0 range(s) found. -> < Trusted Sites Domains [HKEY_USERS\S-1-5-18\] > -> HKEY_USERS\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ -> HKEY_USERS\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ -> [Key] 0 domain(s) found. -> < Trusted Sites Ranges [HKEY_USERS\S-1-5-18\] > -> HKEY_USERS\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ -> HKEY_USERS\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ -> [Key] 0 range(s) found. -> < Trusted Sites Domains [HKEY_USERS\S-1-5-20\] > -> HKEY_USERS\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ -> HKEY_USERS\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ -> [Key] 0 domain(s) found. -> < Trusted Sites Ranges [HKEY_USERS\S-1-5-20\] > -> HKEY_USERS\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ -> HKEY_USERS\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ -> [Key] 0 range(s) found. -> < Trusted Sites Domains [HKEY_USERS\S-1-5-21-1195492579-1499592111-4157199112-1006\] > -> HKEY_USERS\S-1-5-21-1195492579-1499592111-4157199112-1006\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ -> HKEY_USERS\S-1-5-21-1195492579-1499592111-4157199112-1006\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ -> [Key] 0 domain(s) found. -> < Trusted Sites Ranges [HKEY_USERS\S-1-5-21-1195492579-1499592111-4157199112-1006\] > -> HKEY_USERS\S-1-5-21-1195492579-1499592111-4157199112-1006\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ -> HKEY_USERS\S-1-5-21-1195492579-1499592111-4157199112-1006\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ -> [Key] 0 range(s) found. -> < Downloaded Program Files > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\ -> {8AD9C840-044E-11D1-B3E9-00805F499D93} [HKLM] -> http://java.sun.com/update/1.6.0/jinstall-1_6_0_11-windows-i586.cab [Java Plug-in 1.6.0_11] -> {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} [HKLM] -> http://fpdownload.macromedia.com/get/flashplayer/current/polarbear/ultrashim.cab [Reg Error: Key error.] -> {CAFEEFAC-0015-0000-0006-ABCDEFFEDCBA} [HKLM] -> http://java.sun.com/update/1.5.0/jinstall-1_5_0_06-windows-i586.cab [Java Plug-in 1.5.0_06] -> {CAFEEFAC-0016-0000-0003-ABCDEFFEDCBA} [HKLM] -> http://java.sun.com/update/1.6.0/jinstall-1_6_0_03-windows-i586.cab [Java Plug-in 1.6.0_03] -> {CAFEEFAC-0016-0000-0011-ABCDEFFEDCBA} [HKLM] -> http://java.sun.com/update/1.6.0/jinstall-1_6_0_11-windows-i586.cab [Java Plug-in 1.6.0_11] -> {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} [HKLM] -> http://java.sun.com/update/1.6.0/jinstall-1_6_0_11-windows-i586.cab [Java Plug-in 1.6.0_11] -> < Name Servers [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters\Adapters\ -> {71037D81-5AC5-4D47-9D54-4F22ED6C967F}\\DhcpNameServer -> 192.168.1.1 (Dell Wireless 1390 WLAN Mini-Card) -> < Winlogon settings [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon -> *Shell* -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\\Shell -> Explorer.exe -> C:\WINDOWS\explorer.exe -> [2008/04/13 17:12:19 | 001,033,728 | ---- | M] (Microsoft Corporation) *MultiFile Done* -> -> < Winlogon\Notify settings [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\ -> igfxcui -> C:\WINDOWS\System32\igfxdev.dll -> [2007/09/23 20:09:08 | 000,208,896 | ---- | M] (Intel Corporation) NavLogon -> C:\WINDOWS\system32\NavLogon.dll -> [2006/09/27 21:33:54 | 000,043,760 | ---- | M] (Symantec Corporation) < Domain Profile Authorized Applications List > -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List -> < Standard Profile Authorized Applications List > -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List -> "C:\Documents and Settings\JUELS\Local Settings\Application Data\Abacast\Abaclient2.exe" -> C:\Documents and Settings\JUELS\Local Settings\Application Data\Abacast\Abaclient2.exe [C:\Documents and Settings\JUELS\Local Settings\Application Data\Abacast\Abaclient2.exe:*:Enabled:Abaclient] -> [2010/04/16 13:37:00 | 001,815,992 | ---- | M] (Abacast, Inc.) "C:\Program Files\Dell\MediaDirect\PCMService.exe" -> C:\Program Files\Dell\MediaDirect\PCMService.exe [C:\Program Files\Dell\MediaDirect\PCMService.exe:*:Enabled:CyberLink PowerCinema Resident Program] -> [2007/04/16 15:10:26 | 000,184,320 | ---- | M] (CyberLink Corp.) "C:\Program Files\iTunes\iTunes.exe" -> C:\Program Files\iTunes\iTunes.exe [C:\Program Files\iTunes\iTunes.exe:*:Enabled:iTunes] -> [2010/04/24 17:54:44 | 010,358,568 | ---- | M] (Apple Inc.) "C:\Program Files\Microsoft Office\Office12\OUTLOOK.EXE" -> C:\Program Files\Microsoft Office\Office12\OUTLOOK.EXE [C:\Program Files\Microsoft Office\Office12\OUTLOOK.EXE:*:Enabled:Microsoft Office Outlook] -> [2009/08/17 22:54:54 | 012,957,536 | ---- | M] (Microsoft Corporation) < SafeBoot AlternateShell [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot -> < CDROM Autorun Setting [HKEY_LOCAL_MACHINE]> -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Cdrom -> "AutoRun" -> 1 -> "DisplayName" -> CD-ROM Driver -> "ImagePath" -> [system32\DRIVERS\cdrom.sys] -> File not found < Drives with AutoRun files > -> -> C:\AUTOEXEC.BAT [] -> C:\AUTOEXEC.BAT [ NTFS ] -> [2004/08/10 12:04:08 | 000,000,000 | ---- | M] () < MountPoints2 [HKEY_CURRENT_USER] > -> HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2 -> < Registry Shell Spawning - Select to Repair > -> HKEY_LOCAL_MACHINE\SOFTWARE\Classes\\shell\[command]\command -> comfile [open] -> "%1" %* -> exefile [open] -> "%1" %* -> < File Associations - Select to Repair > -> HKEY_LOCAL_MACHINE\SOFTWARE\Classes\\ -> .com [@ = comfile] -> "%1" %* -> .exe [@ = exefile] -> "%1" %* -> [Registry - Additional Scans - Safe List] < Security Center Settings > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center \\"FirstRunDisabled" -> [1] -> File not found \\"AntiVirusDisableNotify" -> [0] -> File not found \\"FirewallDisableNotify" -> [0] -> File not found \\"UpdatesDisableNotify" -> [0] -> File not found \\"AntiVirusOverride" -> [1] -> File not found \\"FirewallOverride" -> [0] -> File not found HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ -> -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus\ -> -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus\ -> -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus\ -> -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus\ -> -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall\ -> -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus\ -> -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall\ -> -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus\ -> -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus\ -> -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus \Monitoring\SymantecAntiVirus\\"DisableMonitoring" -> [1] -> File not found HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall\ -> -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall\ -> -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus\ -> -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall\ -> -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall\ -> -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\ -> -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\ -> -> < Registry Shell Spawning - Select to Repair > -> HKEY_LOCAL_MACHINE\SOFTWARE\Classes\\shell\[command]\command -> batfile [open] -> "%1" %* -> cmdfile [open] -> "%1" %* -> comfile [open] -> "%1" %* -> exefile [open] -> "%1" %* -> htmlfile [edit] -> "C:\Program Files\Microsoft Office\OFFICE11\msohtmed.exe" %1 -> [2007/04/19 14:07:38 | 000,061,280 | ---- | M] (Microsoft Corporation) piffile [open] -> "%1" %* -> scrfile [config] -> "%1" -> scrfile [install] -> rundll32.exe desk.cpl,InstallScreenSaver %l -> [2008/04/13 17:12:41 | 000,135,168 | ---- | M] (Microsoft Corporation) scrfile [open] -> "%1" /S -> Unknown [openas] -> %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1 -> Directory [find] -> %SystemRoot%\Explorer.exe -> [2008/04/13 17:12:19 | 001,033,728 | ---- | M] (Microsoft Corporation) Folder [open] -> %SystemRoot%\Explorer.exe /idlist,%I,%L -> [2008/04/13 17:12:19 | 001,033,728 | ---- | M] (Microsoft Corporation) Folder [explore] -> %SystemRoot%\Explorer.exe /e,/idlist,%I,%L -> [2008/04/13 17:12:19 | 001,033,728 | ---- | M] (Microsoft Corporation) Drive [find] -> %SystemRoot%\Explorer.exe -> [2008/04/13 17:12:19 | 001,033,728 | ---- | M] (Microsoft Corporation) < Winsock2 Catalogs [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\WinSock2\Parameters\ -> NameSpace_Catalog5\Catalog_Entries\000000000004 [mdnsNSP] -> C:\Program Files\Bonjour\mdnsNSP.dll -> [2010/04/08 13:20:00 | 000,152,864 | ---- | M] (Apple Inc.) Protocol_Catalog9\Catalog_Entries\000000000001 -> -> File not found Protocol_Catalog9\Catalog_Entries\000000000002 -> -> File not found Protocol_Catalog9\Catalog_Entries\000000000003 -> -> File not found < Uninstall List [HKEY_LOCAL_MACHINE\] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\ -> {26A24AE4-039D-4CA4-87B4-2F83216011FF} -> Java(TM) 6 Update 11 {28BE306E-5DA6-4F9C-BDB0-DBA3C8C6FFFD} -> QuickTime {3248F0A8-6813-11D6-A77B-00B0D0150060} -> J2SE Runtime Environment 5.0 Update 6 {3248F0A8-6813-11D6-A77B-00B0D0160030} -> Java(TM) 6 Update 3 {33CFCF98-F8D6-4549-B469-6F4295676D83} -> Symantec AntiVirus {350C97B0-3D7C-4EE8-BAA9-00BCB3D54227} -> WebFldrs XP {4FB120F8-622C-4260-AB49-0F43A59CCF2A} -> iTunes {553255F3-78FD-40F1-A6F8-6882140265FE} -> Apple Application Support {62230596-37E5-4618-A329-0D21F529A86F} -> Browser Address Error Redirector {753D852A-D86D-42C9-9978-40AE66FB8985} -> Driver Installer {89F4137D-6C26-4A84-BDB8-2E5A4BB71E00} -> Microsoft Silverlight {8A253629-0511-4854-8B4E-46E57E66005C} -> Bonjour {8FD11A03-5319-45CE-832F-CEA24CDD745F} -> AT&T Connection Software {90110409-6000-11D3-8CFE-0150048383C9} -> Microsoft Office Professional Edition 2003 {90120000-0010-0409-0000-0000000FF1CE} -> Microsoft Software Update for Web Folders (English) 12 {90120000-0015-0409-0000-0000000FF1CE} -> Microsoft Office Access MUI (English) 2007 {90120000-0015-0409-0000-0000000FF1CE}_PROR_{2FC4457D-409E-466F-861F-FB0CB796B53E} -> Microsoft Office 2007 Service Pack 2 (SP2) {90120000-0016-0409-0000-0000000FF1CE} -> Microsoft Office Excel MUI (English) 2007 {90120000-0016-0409-0000-0000000FF1CE}_PROR_{2FC4457D-409E-466F-861F-FB0CB796B53E} -> Microsoft Office 2007 Service Pack 2 (SP2) {90120000-0018-0409-0000-0000000FF1CE} -> Microsoft Office PowerPoint MUI (English) 2007 {90120000-0018-0409-0000-0000000FF1CE}_PROR_{2FC4457D-409E-466F-861F-FB0CB796B53E} -> Microsoft Office 2007 Service Pack 2 (SP2) {90120000-0019-0409-0000-0000000FF1CE} -> Microsoft Office Publisher MUI (English) 2007 {90120000-0019-0409-0000-0000000FF1CE}_PROR_{2FC4457D-409E-466F-861F-FB0CB796B53E} -> Microsoft Office 2007 Service Pack 2 (SP2) {90120000-001A-0409-0000-0000000FF1CE} -> Microsoft Office Outlook MUI (English) 2007 {90120000-001A-0409-0000-0000000FF1CE}_PROR_{2FC4457D-409E-466F-861F-FB0CB796B53E} -> Microsoft Office 2007 Service Pack 2 (SP2) {90120000-001B-0409-0000-0000000FF1CE} -> Microsoft Office Word MUI (English) 2007 {90120000-001B-0409-0000-0000000FF1CE}_PROR_{2FC4457D-409E-466F-861F-FB0CB796B53E} -> Microsoft Office 2007 Service Pack 2 (SP2) {90120000-001F-0409-0000-0000000FF1CE} -> Microsoft Office Proof (English) 2007 {90120000-001F-0409-0000-0000000FF1CE}_PROR_{ABDDE972-355B-4AF1-89A8-DA50B7B5C045} -> Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2) {90120000-001F-040C-0000-0000000FF1CE} -> Microsoft Office Proof (French) 2007 {90120000-001F-040C-0000-0000000FF1CE}_PROR_{F580DDD5-8D37-4998-968E-EBB76BB86787} -> Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2) {90120000-001F-0C0A-0000-0000000FF1CE} -> Microsoft Office Proof (Spanish) 2007 {90120000-001F-0C0A-0000-0000000FF1CE}_PROR_{187308AB-5FA7-4F14-9AB9-D290383A10D9} -> Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2) {90120000-002C-0409-0000-0000000FF1CE} -> Microsoft Office Proofing (English) 2007 {90120000-006E-0409-0000-0000000FF1CE} -> Microsoft Office Shared MUI (English) 2007 {90120000-006E-0409-0000-0000000FF1CE}_PROR_{DE5A002D-8122-4278-A7EE-3121E7EA254E} -> Microsoft Office 2007 Service Pack 2 (SP2) {90120000-0115-0409-0000-0000000FF1CE} -> Microsoft Office Shared Setup Metadata MUI (English) 2007 {90120000-0115-0409-0000-0000000FF1CE}_PROR_{DE5A002D-8122-4278-A7EE-3121E7EA254E} -> Microsoft Office 2007 Service Pack 2 (SP2) {90120000-0117-0409-0000-0000000FF1CE} -> Microsoft Office Access Setup Metadata MUI (English) 2007 {90120000-0117-0409-0000-0000000FF1CE}_PROR_{2FC4457D-409E-466F-861F-FB0CB796B53E} -> Microsoft Office 2007 Service Pack 2 (SP2) {91120000-0014-0000-0000-0000000FF1CE} -> Microsoft Office Professional 2007 {91120000-0014-0000-0000-0000000FF1CE}_PROR_{0B36C6D6-F5D8-4EAF-BF94-4376A230AD5B} -> Microsoft Office 2007 Service Pack 2 (SP2) {91120000-0014-0000-0000-0000000FF1CE}_PROR_{3D019598-7B59-447A-80AE-815B703B84FF} -> Security Update for Microsoft Office system 2007 (972581) {9455959E-D588-EFAE-329C-F66CC797F32A} -> Adobe Media Player {9BDEF074-020E-458D-ADC5-8FF68E0C9B56} -> OutlookAddinSetup {9C6978E8-B6D0-4AB7-A7A0-D81A74FBF745} -> MediaDirect {9DE1BE03-AFE2-4CDB-BFEB-D06D736CD01A} -> Apple Mobile Device Support {9F72EF8B-AEC9-4CA5-B483-143980AFD6FD} -> Dell Touchpad {A2BCA9F1-566C-4805-97D1-7FDC93386723} -> Adobe AIR {AC76BA86-7AD7-1033-7B44-A81200000003} -> Adobe Reader 8.1.2 {C41300B9-185D-475E-BFEC-39EF732F19B1} -> Apple Software Update {C99C0593-3B48-41D9-B42F-6E035B320449} -> Broadcom Management Programs {CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1} -> Microsoft .NET Framework 1.1 {D1B5E9C8-4CCF-44E3-87D6-7C00D7DA5370} -> IntelliSonic Speech Enhancement {E646DCF0-5A68-11D5-B229-002078017FBF} -> Digital Line Detect {E7562EF2-0CD1-E1DD-31F1-AD5B805A22FC} -> Times Reader {F1BA3CD5-89DC-4273-8603-A75F33E9B335} -> Nokia Connectivity Adapter Cable DKU-5 Adobe AIR -> Adobe AIR Adobe Flash Player ActiveX -> Adobe Flash Player 10 ActiveX Adobe Flash Player Plugin -> Adobe Flash Player 10 Plugin Broadcom 802.11b Network Adapter -> Dell Wireless WLAN Card CNXT_MODEM_HDAUDIO_VEN_14F1&DEV_2C06&SUBSYS_14F1000F -> Conexant HDA D330 MDC V.92 Modem HDMI -> Intel(R) Graphics Media Accelerator Driver IDNMitigationAPIs -> Microsoft Internationalized Domain Names Mitigation APIs ie7 -> Windows Internet Explorer 7 ie8 -> Windows Internet Explorer 8 LiveUpdate -> LiveUpdate 3.1 (Symantec Corporation) Microsoft .NET Framework 1.1 (1033) -> Microsoft .NET Framework 1.1 MSCompPackV1 -> Microsoft Compression Client Pack 1.0 for Windows XP NLSDownlevelMapping -> Microsoft National Language Support Downlevel APIs PROR -> Microsoft Office Professional 2007 SearchAssist -> SearchAssist Wdf01005 -> Microsoft Kernel-Mode Driver Framework Feature Pack 1.5 Windows Media Format Runtime -> Windows Media Format 11 runtime Windows Media Player -> Windows Media Player 11 Windows XP Service Pack -> Windows XP Service Pack 3 WMFDist11 -> Windows Media Format 11 runtime wmp11 -> Windows Media Player 11 Wudf01000 -> Microsoft User-Mode Driver Framework Feature Pack 1.0 < Uninstall List [HKEY_USERS\S-1-5-21-1195492579-1499592111-4157199112-1006\] > -> HKEY_USERS\S-1-5-21-1195492579-1499592111-4157199112-1006\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\ -> Abacast Distributed Live -> Abacast Distributed Live < EventViewer Logs - Last 10 Errors > -> Event Information -> Description Application [ Error ] 3/12/2009 12:29:46 AM Computer Name = JULES | Source = crypt32 | ID = 131083 -> Description = Failed extract of third-party root list from auto update cab at: with error: The data is invalid. Application [ Error ] 8/3/2009 8:56:35 PM Computer Name = JULES | Source = crypt32 | ID = 131080 -> Description = Failed auto update retrieval of third-party root list sequence number from: with error: This operation returned because the timeout period expired. Application [ Error ] 8/3/2009 8:56:35 PM Computer Name = JULES | Source = crypt32 | ID = 131080 -> Description = Failed auto update retrieval of third-party root list sequence number from: with error: The specified server cannot perform the requested operation. Application [ Error ] 8/3/2009 8:56:38 PM Computer Name = JULES | Source = crypt32 | ID = 131077 -> Description = Failed auto update retrieval of third-party root certificate from: with error: Cannot find the requested object. Application [ Error ] 8/3/2009 8:56:38 PM Computer Name = JULES | Source = crypt32 | ID = 131080 -> Description = Failed auto update retrieval of third-party root list sequence number from: with error: This network connection does not exist. Application [ Error ] 8/3/2009 8:56:38 PM Computer Name = JULES | Source = crypt32 | ID = 131080 -> Description = Failed auto update retrieval of third-party root list sequence number from: with error: This network connection does not exist. Application [ Error ] 8/3/2009 8:56:41 PM Computer Name = JULES | Source = crypt32 | ID = 131077 -> Description = Failed auto update retrieval of third-party root certificate from: with error: Cannot find the requested object. Application [ Error ] 8/3/2009 8:56:41 PM Computer Name = JULES | Source = crypt32 | ID = 131080 -> Description = Failed auto update retrieval of third-party root list sequence number from: with error: This network connection does not exist. Application [ Error ] 4/20/2010 6:16:33 PM Computer Name = JULES | Source = Application Hang | ID = 1002 -> Description = Hanging application OUTLOOK.EXE, version 11.0.5510.0, hang module hungapp, version 0.0.0.0, hang address 0x00000000. Application [ Error ] 4/21/2010 3:23:44 PM Computer Name = JULES | Source = crypt32 | ID = 131083 -> Description = Failed extract of third-party root list from auto update cab at: with error: A required certificate is not within its validity period when verifying against the current system clock or the timestamp in the signed file. System [ Error ] 6/3/2010 4:06:37 PM Computer Name = JULES | Source = DCOM | ID = 10005 -> Description = DCOM got error "%1084" attempting to start the service netman with arguments "" in order to run the server: {BA126AE5-2166-11D1-B1D0-00805FC1270E} System [ Error ] 6/3/2010 4:06:47 PM Computer Name = JULES | Source = DCOM | ID = 10005 -> Description = DCOM got error "%1084" attempting to start the service StiSvc with arguments "" in order to run the server: {A1F4E726-8CF1-11D1-BF92-0060081ED811} System [ Error ] 6/3/2010 4:06:47 PM Computer Name = JULES | Source = DCOM | ID = 10005 -> Description = DCOM got error "%1084" attempting to start the service EventSystem with arguments "" in order to run the server: {1BE1F766-5536-11D1-B726-00C04FB926AF} System [ Error ] 6/3/2010 4:07:57 PM Computer Name = JULES | Source = Service Control Manager | ID = 7001 -> Description = The DHCP Client service depends on the NetBios over Tcpip service which failed to start because of the following error: %%31 System [ Error ] 6/3/2010 4:07:57 PM Computer Name = JULES | Source = Service Control Manager | ID = 7001 -> Description = The DNS Client service depends on the TCP/IP Protocol Driver service which failed to start because of the following error: %%31 System [ Error ] 6/3/2010 4:07:57 PM Computer Name = JULES | Source = Service Control Manager | ID = 7001 -> Description = The TCP/IP NetBIOS Helper service depends on the AFD service which failed to start because of the following error: %%31 System [ Error ] 6/3/2010 4:07:57 PM Computer Name = JULES | Source = Service Control Manager | ID = 7001 -> Description = The Apple Mobile Device service depends on the TCP/IP Protocol Driver service which failed to start because of the following error: %%31 System [ Error ] 6/3/2010 4:07:57 PM Computer Name = JULES | Source = Service Control Manager | ID = 7001 -> Description = The Bonjour Service service depends on the TCP/IP Protocol Driver service which failed to start because of the following error: %%31 System [ Error ] 6/3/2010 4:07:57 PM Computer Name = JULES | Source = Service Control Manager | ID = 7001 -> Description = The IPSEC Services service depends on the IPSEC driver service which failed to start because of the following error: %%31 System [ Error ] 6/3/2010 4:07:57 PM Computer Name = JULES | Source = Service Control Manager | ID = 7026 -> Description = The following boot-start or system-start driver(s) failed to load: AFD eeCtrl Fips intelppm IPSec MRxSmb NetBIOS NetBT RasAcd Rdbss SAVRT SAVRTPEL SPBBCDrv SYMTDI Tcpip tcpipBM WS2IFSL [Files/Folders - Created Within 30 Days] Mozilla Firefox -> C:\Program Files\Mozilla Firefox -> [2010/06/02 17:06:45 | 000,000,000 | ---D | C] Malwarebytes' Anti-Malware -> C:\Program Files\Malwarebytes' Anti-Malware -> [2010/06/02 13:26:37 | 000,000,000 | ---D | C] New Folder -> C:\Documents and Settings\JUELS\Desktop\New Folder -> [2010/06/02 12:45:22 | 000,000,000 | ---D | C] jrkdffdax -> C:\Documents and Settings\JUELS\Local Settings\Application Data\jrkdffdax -> [2010/06/02 12:02:10 | 000,000,000 | ---D | C] SystemProc -> C:\Documents and Settings\JUELS\Application Data\SystemProc -> [2010/06/02 11:46:38 | 000,000,000 | -HSD | C] NOS -> C:\Documents and Settings\All Users\Application Data\NOS -> [2010/05/26 13:53:46 | 000,000,000 | ---D | C] New Folder (3) -> C:\Documents and Settings\All Users\Documents\New Folder (3) -> [2010/05/25 12:50:46 | 000,000,000 | ---D | C] New Folder (2) -> C:\Documents and Settings\All Users\Documents\New Folder (2) -> [2010/05/25 12:50:25 | 000,000,000 | ---D | C] New Folder -> C:\Documents and Settings\All Users\Documents\New Folder -> [2010/05/25 12:50:14 | 000,000,000 | ---D | C] Articles -> C:\Documents and Settings\All Users\Documents\Articles -> [2010/05/25 12:46:50 | 000,000,000 | ---D | C] mouhid.sys -> C:\WINDOWS\System32\dllcache\mouhid.sys -> [2010/05/24 11:33:50 | 000,012,160 | ---- | C] (Microsoft Corporation) hidserv.dll -> C:\WINDOWS\System32\dllcache\hidserv.dll -> [2010/05/24 11:29:03 | 000,021,504 | ---- | C] (Microsoft Corporation) kbdhid.sys -> C:\WINDOWS\System32\dllcache\kbdhid.sys -> [2010/05/24 11:29:02 | 000,014,592 | ---- | C] (Microsoft Corporation) hidusb.sys -> C:\WINDOWS\System32\dllcache\hidusb.sys -> [2010/05/24 11:28:52 | 000,010,368 | ---- | C] (Microsoft Corporation) usbccgp.sys -> C:\WINDOWS\System32\dllcache\usbccgp.sys -> [2010/05/24 11:28:48 | 000,032,128 | ---- | C] (Microsoft Corporation) Brother -> C:\Documents and Settings\All Users\Application Data\Brother -> [2010/05/19 10:22:45 | 000,000,000 | ---D | C] Spreadsheets -> C:\Documents and Settings\All Users\Documents\Spreadsheets -> [2010/05/13 13:07:20 | 000,000,000 | ---D | C] Sales Company Info -> C:\Documents and Settings\All Users\Documents\Sales Company Info -> [2010/05/13 12:15:43 | 000,000,000 | ---D | C] Iced Coffee Imagery -> C:\Documents and Settings\All Users\Documents\Iced Coffee Imagery -> [2010/05/07 13:42:25 | 000,000,000 | ---D | C] Prefetch -> C:\WINDOWS\Prefetch -> [2010/05/04 15:19:09 | 000,000,000 | ---D | C] scripting -> C:\WINDOWS\System32\scripting -> [2010/05/04 15:00:28 | 000,000,000 | ---D | C] l2schemas -> C:\WINDOWS\l2schemas -> [2010/05/04 15:00:27 | 000,000,000 | ---D | C] en -> C:\WINDOWS\System32\en -> [2010/05/04 15:00:27 | 000,000,000 | ---D | C] bits -> C:\WINDOWS\System32\bits -> [2010/05/04 15:00:27 | 000,000,000 | ---D | C] $NtServicePackUninstall$ -> C:\WINDOWS\$NtServicePackUninstall$ -> [2010/05/04 14:54:02 | 000,000,000 | -H-D | C] EHome -> C:\WINDOWS\EHome -> [2010/05/04 14:54:00 | 000,000,000 | ---D | C] [Files/Folders - Modified Within 30 Days] PerfStringBackup.INI -> C:\WINDOWS\System32\PerfStringBackup.INI -> [2010/06/03 13:10:21 | 000,445,630 | ---- | M] () perfh009.dat -> C:\WINDOWS\System32\perfh009.dat -> [2010/06/03 13:10:21 | 000,384,596 | ---- | M] () perfc009.dat -> C:\WINDOWS\System32\perfc009.dat -> [2010/06/03 13:10:21 | 000,054,280 | ---- | M] () bootstat.dat -> C:\WINDOWS\bootstat.dat -> [2010/06/03 13:06:12 | 000,002,048 | --S- | M] () NTUSER.DAT -> C:\Documents and Settings\JUELS\NTUSER.DAT -> [2010/06/03 13:01:08 | 004,980,736 | -H-- | M] () SA.DAT -> C:\WINDOWS\tasks\SA.DAT -> [2010/06/03 13:01:08 | 000,000,006 | -H-- | M] () ntuser.ini -> C:\Documents and Settings\JUELS\ntuser.ini -> [2010/06/03 13:00:52 | 000,000,278 | -HS- | M] () IconCache.db -> C:\Documents and Settings\JUELS\Local Settings\Application Data\IconCache.db -> [2010/06/03 13:00:33 | 002,152,686 | -H-- | M] () Microsoft Office Excel 2007.lnk -> C:\Documents and Settings\JUELS\Desktop\Microsoft Office Excel 2007.lnk -> [2010/06/02 13:44:06 | 000,002,473 | ---- | M] () Microsoft Office Outlook 2007.lnk -> C:\Documents and Settings\JUELS\Desktop\Microsoft Office Outlook 2007.lnk -> [2010/06/02 13:43:17 | 000,002,521 | ---- | M] () confin.sys -> C:\confin.sys -> [2010/06/02 11:46:39 | 000,000,009 | ---- | M] () iTunes.lnk -> C:\Documents and Settings\All Users\Desktop\iTunes.lnk -> [2010/06/02 11:32:38 | 000,002,137 | ---- | M] () Microsoft Office Word 2007.lnk -> C:\Documents and Settings\JUELS\Desktop\Microsoft Office Word 2007.lnk -> [2010/06/01 15:53:20 | 000,002,515 | ---- | M] () thai iced coffee.docx -> C:\Documents and Settings\All Users\Documents\thai iced coffee.docx -> [2010/06/01 15:25:01 | 000,011,844 | ---- | M] () BRPP2KA.INI -> C:\WINDOWS\BRPP2KA.INI -> [2010/06/01 13:57:38 | 000,000,026 | ---- | M] () wpa.dbl -> C:\WINDOWS\System32\wpa.dbl -> [2010/06/01 11:16:07 | 000,002,206 | ---- | M] () Next text recipe page.docx -> C:\Documents and Settings\JUELS\My Documents\Next text recipe page.docx -> [2010/05/26 15:18:12 | 000,011,602 | ---- | M] () BRWMARK.INI -> C:\WINDOWS\BRWMARK.INI -> [2010/05/19 13:53:01 | 000,000,426 | ---- | M] () Microsoft Office PowerPoint 2007.lnk -> C:\Documents and Settings\JUELS\Desktop\Microsoft Office PowerPoint 2007.lnk -> [2010/05/19 13:51:50 | 000,002,483 | ---- | M] () bo407cdw.ini -> C:\WINDOWS\bo407cdw.ini -> [2010/05/19 10:23:16 | 000,000,023 | ---- | M] () Shortcut to Sales.lnk -> C:\Documents and Settings\JUELS\Desktop\Shortcut to Sales.lnk -> [2010/05/13 11:29:05 | 000,000,457 | ---- | M] () imsins.BAK -> C:\WINDOWS\imsins.BAK -> [2010/05/11 15:18:47 | 000,001,374 | ---- | M] () Ethical Energy.docx -> C:\Documents and Settings\JUELS\My Documents\Ethical Energy.docx -> [2010/05/11 12:37:30 | 000,014,326 | ---- | M] () GDIPFONTCACHEV1.DAT -> C:\Documents and Settings\JUELS\Local Settings\Application Data\GDIPFONTCACHEV1.DAT -> [2010/05/04 15:20:57 | 000,069,232 | ---- | M] () FNTCACHE.DAT -> C:\WINDOWS\System32\FNTCACHE.DAT -> [2010/05/04 15:18:34 | 000,264,616 | ---- | M] () ntldr -> C:\ntldr -> [2010/05/04 14:56:44 | 000,250,048 | RHS- | M] () [Files - No Company Name] confin.sys -> C:\confin.sys -> [2010/06/02 11:46:39 | 000,000,009 | ---- | C] () thai iced coffee.docx -> C:\Documents and Settings\All Users\Documents\thai iced coffee.docx -> [2010/06/01 15:18:56 | 000,011,844 | ---- | C] () Next text recipe page.docx -> C:\Documents and Settings\JUELS\My Documents\Next text recipe page.docx -> [2010/05/26 14:30:58 | 000,011,602 | ---- | C] () Microsoft Office PowerPoint 2007.lnk -> C:\Documents and Settings\JUELS\Desktop\Microsoft Office PowerPoint 2007.lnk -> [2010/05/19 13:51:44 | 000,002,483 | ---- | C] () bo407cdw.ini -> C:\WINDOWS\bo407cdw.ini -> [2010/05/19 10:23:16 | 000,000,023 | ---- | C] () BRWMARK.INI -> C:\WINDOWS\BRWMARK.INI -> [2010/05/19 10:22:45 | 000,000,426 | ---- | C] () BRPP2KA.INI -> C:\WINDOWS\BRPP2KA.INI -> [2010/05/19 10:22:45 | 000,000,026 | ---- | C] () Shortcut to Sales.lnk -> C:\Documents and Settings\JUELS\Desktop\Shortcut to Sales.lnk -> [2010/05/13 11:29:05 | 000,000,457 | ---- | C] () Ethical Energy.docx -> C:\Documents and Settings\JUELS\My Documents\Ethical Energy.docx -> [2010/05/11 11:12:26 | 000,014,326 | ---- | C] () VPC32.INI -> C:\WINDOWS\VPC32.INI -> [2008/09/30 13:44:22 | 000,000,000 | ---- | C] () swmsflt.sys -> C:\WINDOWS\System32\drivers\swmsflt.sys -> [2008/09/08 10:06:36 | 000,026,504 | ---- | C] () ODBC.INI -> C:\WINDOWS\ODBC.INI -> [2007/12/20 12:17:15 | 000,000,376 | ---- | C] () smscfg.ini -> C:\WINDOWS\smscfg.ini -> [2007/12/13 01:16:55 | 000,000,061 | ---- | C] () _psisdecd.dll -> C:\WINDOWS\System32\_psisdecd.dll -> [2007/12/13 01:12:38 | 000,198,144 | ---- | C] () preflib.dll -> C:\WINDOWS\System32\preflib.dll -> [2007/12/13 01:09:04 | 000,086,016 | ---- | C] () bcm1xsup.dll -> C:\WINDOWS\System32\bcm1xsup.dll -> [2007/12/13 01:09:03 | 000,757,760 | ---- | C] () igmedkrn.dll -> C:\WINDOWS\System32\igmedkrn.dll -> [2007/12/13 00:49:38 | 001,174,000 | ---- | C] () igfxCoIn_v4859.dll -> C:\WINDOWS\System32\igfxCoIn_v4859.dll -> [2007/12/13 00:49:38 | 000,147,456 | ---- | C] () igmedcompkrn.dll -> C:\WINDOWS\System32\igmedcompkrn.dll -> [2007/12/13 00:49:38 | 000,104,636 | ---- | C] () rixdicon.dll -> C:\WINDOWS\System32\rixdicon.dll -> [2007/12/13 00:49:36 | 000,016,480 | ---- | C] () OEMINFO.INI -> C:\WINDOWS\System32\OEMINFO.INI -> [2007/12/13 00:47:54 | 000,001,125 | ---- | C] () orun32.ini -> C:\WINDOWS\orun32.ini -> [2004/08/10 12:12:05 | 000,000,780 | ---- | C] () fxsperf.ini -> C:\WINDOWS\System32\fxsperf.ini -> [2004/08/10 12:01:18 | 000,001,793 | ---- | C] () [File - Lop Check] AT&T -> C:\Documents and Settings\Administrator\Application Data\AT&T -> [2010/06/02 15:37:56 | 000,000,000 | ---D | M] AT&T -> C:\Documents and Settings\All Users\Application Data\AT&T -> [2008/09/08 10:05:53 | 000,000,000 | ---D | M] {429CAD59-35B1-4DBC-BB6D-1DB246563521} -> C:\Documents and Settings\All Users\Application Data\{429CAD59-35B1-4DBC-BB6D-1DB246563521} -> [2010/04/28 10:18:23 | 000,000,000 | ---D | M] AT&T -> C:\Documents and Settings\JUELS\Application Data\AT&T -> [2008/09/08 10:14:23 | 000,000,000 | ---D | M] com.nyt.timesreader.78C54164786ADE80CB31E1C5D95607D0938C987A.1 -> C:\Documents and Settings\JUELS\Application Data\com.nyt.timesreader.78C54164786ADE80CB31E1C5D95607D0938C987A.1 -> [2009/08/11 17:22:44 | 000,000,000 | ---D | M] DBUpdater -> C:\Documents and Settings\JUELS\Application Data\DBUpdater -> [2008/09/08 10:11:33 | 000,000,000 | ---D | M] Sierra Wireless -> C:\Documents and Settings\JUELS\Application Data\Sierra Wireless -> [2008/09/08 10:06:36 | 000,000,000 | ---D | M] SystemProc -> C:\Documents and Settings\JUELS\Application Data\SystemProc -> [2010/06/02 11:46:38 | 000,000,000 | -HSD | M] Bytemobile -> C:\Documents and Settings\NetworkService\Application Data\Bytemobile -> [2008/09/08 10:12:44 | 000,000,000 | ---D | M] [File - Purity Scan] < End of report > [/code]