OTL logfile created on: 7/9/2010 12:12:33 AM - Run 1
OTL by OldTimer - Version 3.2.8.1     Folder = C:\Documents and Settings\Owner.JohnTabor\Desktop
Windows XP Media Center Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy
 
894.00 Mb Total Physical Memory | 135.00 Mb Available Physical Memory | 15.00% Memory free
2.00 Gb Paging File | 1.00 Gb Available in Paging File | 65.00% Paging File free
Paging file location(s): C:\pagefile.sys 1344 2688 [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 143.75 Gb Total Space | 98.20 Gb Free Space | 68.31% Space Free | Partition Type: NTFS
Drive D: | 5.28 Gb Total Space | 2.24 Gb Free Space | 42.48% Space Free | Partition Type: FAT32
E: Drive not present or media not loaded
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded
 
Computer Name: JOHNTABOR
Current User Name: Owner
Logged in as Administrator.
 
Current Boot Mode: Normal
Scan Mode: Current user
Company Name Whitelist: On
Skip Microsoft Files: On
File Age = 90 Days
Output = Standard
Quick Scan
 
[color=#E56717]========== Processes (SafeList) ==========[/color]
 
PRC - [2010/07/08 12:42:32 | 000,574,976 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Owner.JohnTabor\Desktop\OTL.exe
PRC - [2010/06/27 23:10:57 | 000,014,808 | ---- | M] (Mozilla Corporation) -- C:\Program Files\Mozilla Firefox\plugin-container.exe
PRC - [2010/06/27 23:10:40 | 000,910,296 | ---- | M] (Mozilla Corporation) -- C:\Program Files\Mozilla Firefox\firefox.exe
PRC - [2010/05/14 11:00:26 | 000,249,136 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
PRC - [2010/03/19 10:49:20 | 000,144,672 | ---- | M] (Apple Inc.) -- C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
PRC - [2010/03/18 11:19:26 | 000,207,360 | ---- | M] (ArcSoft Inc.) -- C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe
PRC - [2010/03/18 11:19:26 | 000,113,152 | ---- | M] (ArcSoft Inc.) -- C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACService.exe
PRC - [2010/03/17 16:55:42 | 001,565,696 | ---- | M] (Alcatel-Lucent) -- C:\Program Files\Verizon\McciTrayApp.exe
PRC - [2010/03/10 22:32:26 | 000,648,536 | ---- | M] (Research In Motion Limited) -- C:\Program Files\Common Files\Research In Motion\Auto Update\RIMAutoUpdate.exe
PRC - [2010/02/25 20:21:50 | 000,126,392 | R--- | M] (Symantec Corporation) -- C:\Program Files\Norton Internet Security\Engine\17.7.0.12\ccsvchst.exe
PRC - [2009/07/10 14:49:24 | 000,323,584 | ---- | M] (Eastman Kodak Company) -- C:\Program Files\Kodak\Kodak EasyShare software\bin\EasyShare.exe
PRC - [2009/01/30 21:21:41 | 000,172,032 | ---- | M] (New Boundary Technologies, Inc.) -- C:\Program Files\Common Files\New Boundary\PrismXL\PRISMXL.SYS
PRC - [2008/04/13 20:12:19 | 001,033,728 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
PRC - [2008/01/29 17:38:31 | 000,583,048 | ---- | M] (Symantec Corporation) -- C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe
PRC - [2007/08/30 11:50:42 | 000,205,480 | ---- | M] (Macrovision Corporation) -- C:\Program Files\Common Files\InstallShield\UpdateService\ISUSPM.exe
PRC - [2007/08/30 11:50:28 | 000,975,528 | ---- | M] (Macrovision Corporation) -- C:\Program Files\Common Files\InstallShield\UpdateService\agent.exe
PRC - [2007/07/11 16:31:14 | 000,569,344 | ---- | M] (Sonix) -- C:\WINDOWS\vsnp2uvc.exe
PRC - [2006/11/03 20:20:12 | 000,866,584 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Windows Defender\MSASCui.exe
PRC - [2006/11/03 20:19:58 | 000,013,592 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Windows Defender\MsMpEng.exe
PRC - [2006/09/02 20:36:34 | 000,198,336 | ---- | M] (Symantec Corporation) -- C:\Program Files\Symantec\LiveUpdate\AluSchedulerSvc.exe
PRC - [2005/12/09 22:44:40 | 000,139,264 | ---- | M] (Alcor Micro, Corp.) -- C:\Program Files\Digital Media Reader\readericon45G.exe
 
 
[color=#E56717]========== Modules (SafeList) ==========[/color]
 
MOD - [2010/07/08 12:42:32 | 000,574,976 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Owner.JohnTabor\Desktop\OTL.exe
MOD - [2010/05/14 01:35:01 | 000,415,088 | R--- | M] (Symantec Corporation) -- C:\Program Files\Norton Internet Security\Engine\17.7.0.12\asoehook.dll
MOD - [2010/03/17 16:53:28 | 000,198,656 | ---- | M] (Alcatel-Lucent) -- C:\Program Files\Common Files\Motive\McciContextHook_DSR.dll
MOD - [2009/07/12 03:02:02 | 000,653,120 | R--- | M] (Microsoft Corporation) -- C:\Program Files\Norton Internet Security\Engine\17.7.0.12\microsoft.vc90.crt\msvcr90.dll
MOD - [2009/07/12 03:02:00 | 000,569,664 | R--- | M] (Microsoft Corporation) -- C:\Program Files\Norton Internet Security\Engine\17.7.0.12\microsoft.vc90.crt\msvcp90.dll
MOD - [2008/04/13 20:10:20 | 000,110,592 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\msscript.ocx
 
 
[color=#E56717]========== Win32 Services (SafeList) ==========[/color]
 
SRV - File not found [Auto | Stopped] -- C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe -- (LiveUpdate Notice Ex)
SRV - File not found [Auto | Stopped] -- C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe -- (CLTNetCnService)
SRV - [2010/05/14 11:00:26 | 000,249,136 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe -- (SeaPort)
SRV - [2010/03/19 10:49:20 | 000,144,672 | ---- | M] (Apple Inc.) [Auto | Running] -- C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe -- (Apple Mobile Device)
SRV - [2010/03/18 11:19:26 | 000,113,152 | ---- | M] (ArcSoft Inc.) [Auto | Running] -- C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACService.exe -- (ACDaemon)
SRV - [2010/02/25 20:21:50 | 000,126,392 | R--- | M] (Symantec Corporation) [Unknown | Running] -- C:\Program Files\Norton Internet Security\Engine\17.7.0.12\ccSvcHst.exe -- (NIS)
SRV - [2009/08/05 22:48:42 | 000,704,864 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Windows Live\Family Safety\fsssvc.exe -- (fsssvc)
SRV - [2009/04/25 21:18:54 | 000,655,624 | ---- | M] (Acresso Software Inc.) [On_Demand | Stopped] -- C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe -- (FLEXnet Licensing Service)
SRV - [2009/01/30 21:21:41 | 000,172,032 | ---- | M] (New Boundary Technologies, Inc.) [Auto | Running] -- C:\Program Files\Common Files\New Boundary\PrismXL\PRISMXL.SYS -- (PrismXL)
SRV - [2008/01/29 17:38:31 | 000,583,048 | ---- | M] (Symantec Corporation) [Auto | Running] -- C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe -- (LiveUpdate Notice Service)
SRV - [2006/11/03 20:19:58 | 000,013,592 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\MsMpEng.exe -- (WinDefend)
SRV - [2006/09/02 20:36:34 | 002,528,960 | ---- | M] (Symantec Corporation) [On_Demand | Stopped] -- C:\Program Files\Symantec\LiveUpdate\LuComServer_3_1.EXE -- (LiveUpdate)
SRV - [2006/09/02 20:36:34 | 000,198,336 | ---- | M] (Symantec Corporation) [Auto | Running] -- C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe -- (Automatic LiveUpdate Scheduler)
 
 
[color=#E56717]========== Driver Services (SafeList) ==========[/color]
 
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\PROGRA~1\COMMON~1\Motive\MRENDIS5.SYS -- (MRENDIS5)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\PROGRA~1\COMMON~1\Motive\MREMPR5.SYS -- (MREMPR5)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\robofix\catchme.sys -- (catchme)
DRV - [2010/07/01 01:02:35 | 000,124,976 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\SYMEVENT.SYS -- (SymEvent)
DRV - [2010/06/30 01:00:00 | 001,347,504 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\Documents and Settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_17.6.0.32\Definitions\VirusDefs\20100707.048\NAVEX15.SYS -- (NAVEX15)
DRV - [2010/06/30 01:00:00 | 000,371,248 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Program Files\Common Files\Symantec Shared\EENGINE\eeCtrl.sys -- (eeCtrl)
DRV - [2010/06/30 01:00:00 | 000,102,448 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\Program Files\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys -- (EraserUtilRebootDrv)
DRV - [2010/06/30 01:00:00 | 000,085,552 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\Documents and Settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_17.6.0.32\Definitions\VirusDefs\20100707.048\NAVENG.SYS -- (NAVENG)
DRV - [2010/06/19 00:46:00 | 000,691,248 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Documents and Settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_17.6.0.32\Definitions\BASHDefs\20100619.001\BHDrvx86.sys -- (BHDrvx86)
DRV - [2010/05/28 15:33:19 | 000,331,640 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\Documents and Settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_17.6.0.32\Definitions\IPSDefs\20100707.001\IDSXpx86.sys -- (IDSxpx86)
DRV - [2010/05/06 00:01:59 | 000,361,904 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\WINDOWS\System32\Drivers\NIS\1107000.00C\SYMTDI.SYS -- (SYMTDI)
DRV - [2010/04/29 01:03:51 | 000,116,784 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\NIS\1107000.00C\Ironx86.SYS -- (SymIRON)
DRV - [2010/04/21 23:02:20 | 000,173,104 | ---- | M] (Symantec Corporation) [File_System | Boot | Running] -- C:\WINDOWS\system32\drivers\NIS\1107000.00C\SYMEFA.SYS -- (SymEFA)
DRV - [2010/04/21 22:29:50 | 000,325,680 | ---- | M] (Symantec Corporation) [File_System | System | Running] -- C:\WINDOWS\System32\Drivers\NIS\1107000.00C\SRTSP.SYS -- (SRTSP)
DRV - [2010/04/21 22:29:50 | 000,043,696 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\NIS\1107000.00C\SRTSPX.SYS -- (SRTSPX) Symantec Real Time Storage Protection (PEL)
DRV - [2010/03/17 16:53:38 | 000,021,248 | ---- | M] (Printing Communications Assoc., Inc. (PCAUSA)) [Kernel | On_Demand | Stopped] -- C:\Program Files\Common Files\Motive\MREMP50.sys -- (MREMP50)
DRV - [2010/03/17 16:53:22 | 000,020,096 | ---- | M] (Printing Communications Assoc., Inc. (PCAUSA)) [Kernel | On_Demand | Stopped] -- C:\Program Files\Common Files\Motive\MRESP50.sys -- (MRESP50)
DRV - [2010/02/25 20:22:57 | 000,501,888 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\NIS\1107000.00C\ccHPx86.sys -- (ccHP)
DRV - [2010/02/03 21:40:47 | 000,328,752 | R--- | M] (Symantec Corporation) [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\NIS\1107000.00C\SYMDS.SYS -- (SymDS)
DRV - [2009/09/16 10:22:48 | 000,214,664 | ---- | M] (McAfee, Inc.) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\mfehidk.sys -- (mfehidk)
DRV - [2009/09/16 10:22:48 | 000,079,816 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\mfeavfk.sys -- (mfeavfk)
DRV - [2009/09/16 10:22:48 | 000,040,552 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\mfesmfk.sys -- (mfesmfk)
DRV - [2009/09/16 10:22:48 | 000,035,272 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\mfebopk.sys -- (mfebopk)
DRV - [2009/09/16 10:22:14 | 000,034,248 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\mferkdk.sys -- (mferkdk)
DRV - [2009/08/05 22:48:42 | 000,054,752 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\fssfltr_tdi.sys -- (fssfltr)
DRV - [2009/06/30 09:37:16 | 000,028,552 | ---- | M] (Panda Security, S.L.) [File_System | Boot | Running] -- C:\WINDOWS\system32\drivers\pavboot.sys -- (pavboot)
DRV - [2009/02/01 15:01:47 | 000,038,176 | ---- | M] () [Kernel | Auto | Running] -- C:\WINDOWS\System32\drivers\HPFECP06.SYS -- (HPFECP06)
DRV - [2009/01/30 21:40:33 | 000,008,552 | ---- | M] (Windows (R) 2000 DDK provider) [Kernel | Auto | Running] -- C:\WINDOWS\System32\drivers\asctrm.sys -- (ASCTRM)
DRV - [2008/04/13 14:36:39 | 000,043,008 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\amdagp.sys -- (amdagp)
DRV - [2008/04/13 14:36:39 | 000,040,960 | ---- | M] (Silicon Integrated Systems Corporation) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\sisagp.sys -- (sisagp)
DRV - [2008/04/13 13:45:12 | 000,060,032 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\USBAUDIO.sys -- (usbaudio) USB Audio Driver (WDM)
DRV - [2008/04/13 12:36:05 | 000,144,384 | ---- | M] (Windows (R) Server 2003 DDK provider) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\hdaudbus.sys -- (HDAudBus)
DRV - [2007/10/17 02:00:00 | 000,009,200 | ---- | M] (Sonic Solutions) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\cdralw2k.sys -- (Cdralw2k)
DRV - [2007/10/17 02:00:00 | 000,009,072 | ---- | M] (Sonic Solutions) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\cdr4_xp.sys -- (Cdr4_xp)
DRV - [2007/08/22 20:51:28 | 009,611,520 | ---- | M] () [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\snp2uvc.sys -- (SNP2UVC) USB2.0 PC Camera (SNP2UVC)
DRV - [2006/04/06 18:20:44 | 004,258,816 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\RtkHDAud.Sys -- (IntcAzAudAddService) Service for Realtek HD Audio (WDM)
DRV - [2006/01/18 22:41:00 | 000,080,512 | ---- | M] (Realtek Semiconductor Corporation                           ) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\Rtnicxp.sys -- (RTL8023xp)
DRV - [2006/01/16 01:48:08 | 001,477,632 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ati2mtag.sys -- (ati2mtag)
DRV - [2005/10/12 16:07:12 | 000,874,240 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\WINDOWS\SYSTEM32\DRIVERS\IASTOR.SYS -- (iaStor)
DRV - [2005/03/17 12:51:16 | 001,033,600 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\HSF_DPV.sys -- (HSF_DPV)
DRV - [2005/03/17 12:50:36 | 000,221,440 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\HSFHWBS2.sys -- (HSFHWBS2)
DRV - [2005/03/17 12:50:32 | 000,705,280 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\HSF_CNXT.sys -- (winachsf)
DRV - [2004/08/10 15:00:00 | 000,179,584 | ---- | M] (Mylex Corporation) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\dac2w2k.sys -- (dac2w2k)
DRV - [2004/08/10 15:00:00 | 000,049,024 | ---- | M] (QLogic Corporation) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\ql1280.sys -- (ql1280)
DRV - [2004/08/10 15:00:00 | 000,045,312 | ---- | M] (QLogic Corporation) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\ql12160.sys -- (ql12160)
DRV - [2004/08/10 15:00:00 | 000,040,320 | ---- | M] (QLogic Corporation) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\ql1080.sys -- (ql1080)
DRV - [2004/08/10 15:00:00 | 000,036,736 | ---- | M] (Promise Technology, Inc.) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\ultra.sys -- (ultra)
DRV - [2004/08/10 15:00:00 | 000,032,640 | ---- | M] (LSI Logic) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\symc8xx.sys -- (symc8xx)
DRV - [2004/08/10 15:00:00 | 000,030,688 | ---- | M] (LSI Logic) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\sym_u3.sys -- (sym_u3)
DRV - [2004/08/10 15:00:00 | 000,028,384 | ---- | M] (LSI Logic) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\sym_hi.sys -- (sym_hi)
DRV - [2004/08/10 15:00:00 | 000,026,496 | ---- | M] (Advanced System Products, Inc.) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\asc.sys -- (asc)
DRV - [2004/08/10 15:00:00 | 000,019,072 | ---- | M] (Adaptec, Inc.) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\sparrow.sys -- (Sparrow)
DRV - [2004/08/10 15:00:00 | 000,017,280 | ---- | M] (American Megatrends Inc.) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\mraid35x.sys -- (mraid35x)
DRV - [2004/08/10 15:00:00 | 000,016,256 | ---- | M] (Symbios Logic Inc.) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\symc810.sys -- (symc810)
DRV - [2004/08/10 15:00:00 | 000,014,848 | ---- | M] (Advanced System Products, Inc.) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\asc3550.sys -- (asc3550)
DRV - [2004/08/10 15:00:00 | 000,006,656 | ---- | M] (CMD Technology, Inc.) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\cmdide.sys -- (CmdIde)
DRV - [2004/08/10 15:00:00 | 000,005,248 | ---- | M] (Acer Laboratories Inc.) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\aliide.sys -- (AliIde)
DRV - [2004/08/04 02:31:34 | 000,020,992 | ---- | M] (Realtek Semiconductor Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\RTL8139.sys -- (rtl8139) Realtek RTL8139(A/B/C)
DRV - [2003/01/10 17:13:04 | 000,033,588 | ---- | M] (America Online, Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\wanatw4.sys -- (wanatw) WAN Miniport (ATW)
DRV - [2001/08/17 15:05:16 | 000,028,032 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\OVCD.sys -- (QCDonner)
 
 
[color=#E56717]========== Standard Registry (SafeList) ==========[/color]
 
 
[color=#E56717]========== Internet Explorer ==========[/color]
 
 
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://www.msn.com/
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = en-us
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 7E D8 7F 3E A0 19 CB 01  [binary data]
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local
 
[color=#E56717]========== FireFox ==========[/color]
 
FF - prefs.js..browser.search.selectedEngine: "Yahoo"
FF - prefs.js..browser.startup.homepage: "http://go.microsoft.com/fwlink/?LinkId=69157"
FF - prefs.js..extensions.enabledItems: {B13721C7-F507-4982-B2E5-502A71474FED}:3.3.0.3971
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}:6.0.20
FF - prefs.js..extensions.enabledItems: info@youtube-mp3.org:1.0.0
FF - prefs.js..extensions.enabledItems: youtube2mp3@mondayx.de:1.0.7
FF - prefs.js..extensions.enabledItems: jqs@sun.com:1.0
FF - prefs.js..extensions.enabledItems: {C12D9DEB-40D4-49D5-A834-130244FF76EC}:1.9.1
FF - prefs.js..extensions.enabledItems: {BBDA0591-3099-440a-AA10-41764D9DB4DB}:2.0
FF - prefs.js..extensions.enabledItems: {2D3F3651-74B9-4795-BDEC-6DA2F431CB62}:4.6
FF - prefs.js..extensions.enabledItems: moveplayer@movenetworks.com:7
FF - prefs.js..extensions.enabledItems: {C03A545C-8C01-450A-817D-6D5D88820184}:1.9.1
FF - prefs.js..extensions.enabledItems: {09044FFC-07A7-42FF-AD04-83C5CAF960FA}:1.9.1
FF - prefs.js..keyword.URL: "http://ca.search.yahoo.com/search?fr=panda&type=panda1_0yatb&p="
FF - prefs.js..network.proxy.no_proxies_on: "*.local"
 
 
FF - HKLM\software\mozilla\Firefox\Extensions\\{C12D9DEB-40D4-49D5-A834-130244FF76EC}: C:\Documents and Settings\Owner.JohnTabor\Local Settings\Application Data\{C12D9DEB-40D4-49D5-A834-130244FF76EC} [2010/06/23 03:31:57 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Firefox\Extensions\\{BBDA0591-3099-440a-AA10-41764D9DB4DB}: C:\Documents and Settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_17.6.0.32\IPSFFPlgn\ [2010/07/03 00:01:25 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Firefox\Extensions\\{2D3F3651-74B9-4795-BDEC-6DA2F431CB62}: C:\Documents and Settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_17.6.0.32\coFFPlgn\ [2010/07/01 01:05:05 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Firefox\Extensions\\{F3808F32-03DD-4740-9FF2-1AD1ED756B1A}: C:\Documents and Settings\Owner.JohnTabor\Local Settings\Application Data\{F3808F32-03DD-4740-9FF2-1AD1ED756B1A}\ [2010/07/02 23:51:05 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Firefox\Extensions\\{AFDF1168-218F-4E1A-BD0D-C3421F9EDC8F}: C:\Documents and Settings\Owner.JohnTabor\Local Settings\Application Data\{AFDF1168-218F-4E1A-BD0D-C3421F9EDC8F}\ [2010/07/04 03:40:28 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Firefox\Extensions\\{C03A545C-8C01-450A-817D-6D5D88820184}: C:\Documents and Settings\Owner.JohnTabor\Local Settings\Application Data\{C03A545C-8C01-450A-817D-6D5D88820184}\ [2010/07/04 13:57:08 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Firefox\Extensions\\{09044FFC-07A7-42FF-AD04-83C5CAF960FA}: C:\Documents and Settings\Owner.JohnTabor\Local Settings\Application Data\{09044FFC-07A7-42FF-AD04-83C5CAF960FA}\ [2010/07/04 14:00:44 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.6\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2010/06/27 23:11:27 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.6\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2010/06/27 23:11:27 | 000,000,000 | ---D | M]
 
[2009/11/11 02:14:44 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Owner.JohnTabor\Application Data\Mozilla\Extensions
[2009/11/11 02:14:44 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Owner.JohnTabor\Application Data\Mozilla\Extensions\mozswing@mozswing.org
[2010/07/08 11:17:01 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Owner.JohnTabor\Application Data\Mozilla\Firefox\Profiles\t1f3gfes.default\extensions
[2010/04/27 11:42:13 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Documents and Settings\Owner.JohnTabor\Application Data\Mozilla\Firefox\Profiles\t1f3gfes.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}
[2010/04/16 11:08:38 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Owner.JohnTabor\Application Data\Mozilla\Firefox\Profiles\t1f3gfes.default\extensions\info@youtube-mp3.org
[2010/04/27 11:42:12 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Owner.JohnTabor\Application Data\Mozilla\Firefox\Profiles\t1f3gfes.default\extensions\youtube2mp3@mondayx.de
[2010/07/08 12:26:15 | 000,000,000 | ---D | M] -- C:\Program Files\Mozilla Firefox\extensions
[2010/04/24 19:00:39 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}
[2010/04/24 19:00:15 | 000,411,368 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Mozilla Firefox\plugins\npdeployJava1.dll
[2009/02/03 14:45:48 | 000,151,552 | ---- | M] (PopCap Games) -- C:\Program Files\Mozilla Firefox\plugins\nppopcaploader.dll
 
O1 HOSTS File: ([2009/10/22 13:59:42 | 000,000,698 | R--- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (AcroIEHlprObj Class) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - No CLSID value found.
O2 - BHO: (Symantec NCO BHO) - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files\Norton Internet Security\Engine\17.7.0.12\coieplg.dll (Symantec Corporation)
O2 - BHO: (Symantec Intrusion Prevention) - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files\Norton Internet Security\Engine\17.7.0.12\ipsbho.dll (Symantec Corporation)
O2 - BHO: (Search Helper) - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll (Microsoft Corporation)
O2 - BHO: (Windows Live Toolbar Helper) - {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} - C:\Program Files\Windows Live\Toolbar\wltcore.dll (Microsoft Corporation)
O3 - HKLM\..\Toolbar: (&Windows Live Toolbar) - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Program Files\Windows Live\Toolbar\wltcore.dll (Microsoft Corporation)
O3 - HKLM\..\Toolbar: (Norton Toolbar) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files\Norton Internet Security\Engine\17.7.0.12\coieplg.dll (Symantec Corporation)
O3 - HKCU\..\Toolbar\WebBrowser: (&Windows Live Toolbar) - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Program Files\Windows Live\Toolbar\wltcore.dll (Microsoft Corporation)
O3 - HKCU\..\Toolbar\WebBrowser: (Norton Toolbar) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files\Norton Internet Security\Engine\17.7.0.12\coieplg.dll (Symantec Corporation)
O4 - HKLM..\Run: [ArcSoft Connection Service] C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe (ArcSoft Inc.)
O4 - HKLM..\Run: [BlackBerryAutoUpdate] C:\Program Files\Common Files\Research In Motion\Auto Update\RIMAutoUpdate.exe (Research In Motion Limited)
O4 - HKLM..\Run: [Pwozule] C:\WINDOWS\owiramiyaparo.DLL File not found
O4 - HKLM..\Run: [readericon] C:\Program Files\Digital Media Reader\readericon45G.exe (Alcor Micro, Corp.)
O4 - HKLM..\Run: [snp2uvc] C:\WINDOWS\vsnp2uvc.exe (Sonix)
O4 - HKLM..\Run: [Symantec PIF AlertEng] C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe (Symantec Corporation)
O4 - HKLM..\Run: [Verizon_McciTrayApp] C:\Program Files\Verizon\McciTrayApp.exe (Alcatel-Lucent)
O4 - HKLM..\Run: [Windows Defender] C:\Program Files\Windows Defender\MSASCui.exe (Microsoft Corporation)
O4 - HKCU..\Run: [{3B7AD320-9BD0-B04F-6280-ADCD15345BCD}] C:\Documents and Settings\Owner.JohnTabor\Application Data\Ehmoh\ywic.exe ()
O4 - HKCU..\Run: [{C4745DBE-F917-79FC-405D-E9A0B048EAD9}] C:\Documents and Settings\Owner.JohnTabor\Application Data\Oneq\huusf.exe ()
O4 - HKCU..\Run: [ISUSPM] C:\Program Files\Common Files\InstallShield\UpdateService\ISUSPM.exe (Macrovision Corporation)
O4 - HKCU..\Run: [Power2GoExpress]  File not found
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Kodak EasyShare software.lnk = C:\Program Files\Kodak\Kodak EasyShare software\bin\EasyShare.exe (Eastman Kodak Company)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoCDBurning = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: InstallVisualStyle = C:\WINDOWS\Resources\Themes\Royale\Royale.msstyles (Microsoft)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: InstallTheme = C:\WINDOWS\Resources\Themes\Royale.theme ()
O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O9 - Extra Button: Blog This - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : &Blog This in Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O15 - HKCU\..Trusted Domains: internet ([]about in Trusted sites)
O15 - HKCU\..Trusted Domains: mcafee.com ([]http in Trusted sites)
O15 - HKCU\..Trusted Domains: mcafee.com ([]https in Trusted sites)
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} http://go.microsoft.com/fwlink/?linkid=39204 (Windows Genuine Advantage Validation Tool)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab (Java Plug-in 1.6.0_20)
O16 - DPF: {CAFEEFAC-0015-0000-0002-ABCDEFFEDCBA} http://java.sun.com/update/1.5.0/jinstall-1_5_0_02-windows-i586.cab (Java Plug-in 1.5.0_02)
O16 - DPF: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab (Java Plug-in 1.6.0_20)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab (Java Plug-in 1.6.0_20)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1 71.243.0.12
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O18 - Protocol\Handler\wlmailhtml {03C514A3-1EFB-4856-9F99-10D7BE1653C0} - C:\Program Files\Windows Live\Mail\mailcomm.dll (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - Winlogon\Notify\AtiExtEvent: DllName - Ati2evxx.dll - C:\WINDOWS\System32\ati2evxx.dll (ATI Technologies Inc.)
O21 - SSODL: PostBootReminder - {7849596a-48ea-486e-8937-a2a3009f31a9} - C:\WINDOWS\System32\andgtog.dll File not found
O24 - Desktop WallPaper: C:\Documents and Settings\Owner.JohnTabor\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O24 - Desktop BackupWallPaper: C:\Documents and Settings\Owner.JohnTabor\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O28 - HKLM ShellExecuteHooks: {091EB208-39DD-417D-A5DD-7E2C2D8FB9CB} - C:\Program Files\Windows Defender\MpShHook.dll (Microsoft Corporation)
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2006/06/17 05:41:16 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O33 - MountPoints2\{936ff9ba-c287-11de-8bd7-001676ba530f}\Shell - "" = AutoRun
O33 - MountPoints2\{936ff9ba-c287-11de-8bd7-001676ba530f}\Shell\AutoRun - "" = Auto&Play
O33 - MountPoints2\{936ff9ba-c287-11de-8bd7-001676ba530f}\Shell\AutoRun\command - "" = J:\LaunchU3.exe -- File not found
O34 - HKLM BootExecute: (autocheck autochk *) -  File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = ComFile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
 
NetSvcs: 6to4 -  File not found
NetSvcs: Ias -  File not found
NetSvcs: Iprip -  File not found
NetSvcs: Irmon -  File not found
NetSvcs: NWCWorkstation -  File not found
NetSvcs: Nwsapagent -  File not found
NetSvcs: WmdmPmSp -  File not found
 
Drivers32: aux - C:\WINDOWS\System32\wdmaud.drv (Microsoft Corporation)
Drivers32: aux1 - C:\WINDOWS\System32\wdmaud.drv (Microsoft Corporation)
Drivers32: aux2 - C:\WINDOWS\System32\wdmaud.drv (Microsoft Corporation)
Drivers32: midi - C:\WINDOWS\System32\wdmaud.drv (Microsoft Corporation)
Drivers32: midi1 - C:\WINDOWS\System32\wdmaud.drv (Microsoft Corporation)
Drivers32: midi2 - C:\WINDOWS\System32\wdmaud.drv (Microsoft Corporation)
Drivers32: midimapper - C:\WINDOWS\System32\midimap.dll (Microsoft Corporation)
Drivers32: mixer - C:\WINDOWS\System32\wdmaud.drv (Microsoft Corporation)
Drivers32: mixer1 - C:\WINDOWS\System32\wdmaud.drv (Microsoft Corporation)
Drivers32: mixer2 - C:\WINDOWS\System32\wdmaud.drv (Microsoft Corporation)
Drivers32: msacm.clmp3enc - C:\Program Files\CyberLink\Power2Go\CLMP3Enc.ACM (CyberLink Corp.)
Drivers32: msacm.iac2 - C:\WINDOWS\system32\iac25_32.ax (Intel Corporation)
Drivers32: msacm.imaadpcm - C:\WINDOWS\System32\imaadp32.acm (Microsoft Corporation)
Drivers32: msacm.l3acm - C:\WINDOWS\system32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: msacm.msadpcm - C:\WINDOWS\System32\msadp32.acm (Microsoft Corporation)
Drivers32: msacm.msaudio1 - C:\WINDOWS\System32\msaud32.acm (Microsoft Corporation)
Drivers32: msacm.msg711 - C:\WINDOWS\System32\msg711.acm (Microsoft Corporation)
Drivers32: msacm.msg723 - C:\WINDOWS\System32\msg723.acm (Microsoft Corporation)
Drivers32: msacm.msgsm610 - C:\WINDOWS\System32\msgsm32.acm (Microsoft Corporation)
Drivers32: msacm.siren - C:\WINDOWS\System32\sirenacm.dll (Microsoft Corporation)
Drivers32: msacm.sl_anet - C:\WINDOWS\System32\sl_anet.acm (Sipro Lab Telecom Inc.)
Drivers32: msacm.trspch - C:\WINDOWS\System32\tssoft32.acm (DSP GROUP, INC.)
Drivers32: MSVideo8 - C:\WINDOWS\System32\vfwwdm32.dll (Microsoft Corporation)
Drivers32: vidc.cvid - C:\WINDOWS\System32\iccvid.dll (Radius Inc.)
Drivers32: VIDC.I420 - C:\WINDOWS\System32\msh263.drv (Microsoft Corporation)
Drivers32: vidc.iv31 - C:\WINDOWS\System32\ir32_32.dll ()
Drivers32: vidc.iv32 - C:\WINDOWS\System32\ir32_32.dll ()
Drivers32: vidc.iv41 - C:\WINDOWS\System32\ir41_32.ax (Intel Corporation)
Drivers32: vidc.iv50 - C:\WINDOWS\System32\ir50_32.dll (Intel Corporation)
Drivers32: VIDC.IYUV - C:\WINDOWS\System32\iyuv_32.dll (Microsoft Corporation)
Drivers32: vidc.M261 - C:\WINDOWS\System32\msh261.drv (Microsoft Corporation)
Drivers32: vidc.M263 - C:\WINDOWS\System32\msh263.drv (Microsoft Corporation)
Drivers32: vidc.mrle - C:\WINDOWS\System32\msrle32.dll (Microsoft Corporation)
Drivers32: vidc.msvc - C:\WINDOWS\System32\msvidc32.dll (Microsoft Corporation)
Drivers32: VIDC.UYVY - C:\WINDOWS\System32\msyuv.dll (Microsoft Corporation)
Drivers32: VIDC.YUY2 - C:\WINDOWS\System32\msyuv.dll (Microsoft Corporation)
Drivers32: VIDC.YVU9 - C:\WINDOWS\System32\tsbyuv.dll (Microsoft Corporation)
Drivers32: VIDC.YVYU - C:\WINDOWS\System32\msyuv.dll (Microsoft Corporation)
Drivers32: wave - C:\WINDOWS\System32\wdmaud.drv (Microsoft Corporation)
Drivers32: wave1 - C:\WINDOWS\System32\wdmaud.drv (Microsoft Corporation)
Drivers32: wave2 - C:\WINDOWS\System32\wdmaud.drv (Microsoft Corporation)
Drivers32: wavemapper - C:\WINDOWS\System32\msacm32.drv (Microsoft Corporation)
 
CREATERESTOREPOINT
Restore point Set: OTL Restore Point (5318561081851904)
 
[color=#E56717]========== Files/Folders - Created Within 90 Days ==========[/color]
 
[2010/07/08 12:42:38 | 000,574,976 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\Owner.JohnTabor\Desktop\OTL.exe
[2010/07/08 11:43:58 | 000,000,000 | ---D | C] -- C:\Program Files\ERUNT
[2010/07/05 20:02:32 | 000,000,000 | ---D | C] -- C:\Program Files\trend micro
[2010/07/05 20:02:26 | 000,000,000 | ---D | C] -- C:\rsit
[2010/07/05 19:17:43 | 000,000,000 | ---D | C] -- C:\Documents and Settings\NetworkService\Application Data\AdobeUM
[2010/07/05 18:47:14 | 000,038,224 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbamswissarmy.sys
[2010/07/05 18:47:04 | 000,020,952 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbam.sys
[2010/07/05 18:47:02 | 000,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware
[2010/07/04 14:00:44 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Owner.JohnTabor\Local Settings\Application Data\{09044FFC-07A7-42FF-AD04-83C5CAF960FA}
[2010/07/04 13:57:07 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Owner.JohnTabor\Local Settings\Application Data\{C03A545C-8C01-450A-817D-6D5D88820184}
[2010/07/04 03:40:28 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Owner.JohnTabor\Local Settings\Application Data\{AFDF1168-218F-4E1A-BD0D-C3421F9EDC8F}
[2010/07/03 13:40:12 | 000,000,000 | ---D | C] -- C:\WINDOWS\pss
[2010/07/03 07:55:51 | 000,000,000 | ---D | C] -- C:\Documents and Settings\NetworkService\Local Settings\Application Data\Adobe
[2010/07/03 07:55:20 | 000,000,000 | ---D | C] -- C:\Documents and Settings\NetworkService\Application Data\Sun
[2010/07/02 23:51:03 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Owner.JohnTabor\Local Settings\Application Data\{F3808F32-03DD-4740-9FF2-1AD1ED756B1A}
[2010/07/02 00:15:14 | 000,361,904 | ---- | C] (Symantec Corporation) -- C:\WINDOWS\System32\drivers\NIS\1107000.00C\symtdi.sys
[2010/07/02 00:15:14 | 000,339,504 | ---- | C] (Symantec Corporation) -- C:\WINDOWS\System32\drivers\NIS\1107000.00C\symtdiv.sys
[2010/07/02 00:15:13 | 000,328,752 | R--- | C] (Symantec Corporation) -- C:\WINDOWS\System32\drivers\NIS\1107000.00C\symds.sys
[2010/07/02 00:15:13 | 000,325,680 | ---- | C] (Symantec Corporation) -- C:\WINDOWS\System32\drivers\NIS\1107000.00C\srtsp.sys
[2010/07/02 00:15:13 | 000,173,104 | ---- | C] (Symantec Corporation) -- C:\WINDOWS\System32\drivers\NIS\1107000.00C\symefa.sys
[2010/07/02 00:15:13 | 000,043,696 | ---- | C] (Symantec Corporation) -- C:\WINDOWS\System32\drivers\NIS\1107000.00C\srtspx.sys
[2010/07/02 00:15:12 | 000,501,888 | ---- | C] (Symantec Corporation) -- C:\WINDOWS\System32\drivers\NIS\1107000.00C\cchpx86.sys
[2010/07/02 00:15:12 | 000,116,784 | ---- | C] (Symantec Corporation) -- C:\WINDOWS\System32\drivers\NIS\1107000.00C\ironx86.sys
[2010/07/02 00:12:44 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\drivers\NIS\1107000.00C
[2010/07/01 12:33:38 | 000,000,000 | -HSD | C] -- C:\Config.Msi
[2010/07/01 01:06:17 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Owner.JohnTabor\My Documents\Symantec
[2010/07/01 01:02:35 | 000,124,976 | ---- | C] (Symantec Corporation) -- C:\WINDOWS\System32\drivers\SYMEVENT.SYS
[2010/07/01 01:02:35 | 000,060,808 | ---- | C] (Symantec Corporation) -- C:\WINDOWS\System32\S32EVNT1.DLL
[2010/07/01 00:59:46 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\drivers\NIS
[2010/07/01 00:59:38 | 000,000,000 | ---D | C] -- C:\Program Files\Norton Internet Security
[2010/07/01 00:46:20 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\PCSettings
[2010/07/01 00:30:13 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\drivers\N360
[2010/07/01 00:30:13 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\drivers\N360\0400000.07F
[2010/07/01 00:30:07 | 000,000,000 | ---D | C] -- C:\Program Files\Windows Sidebar
[2010/07/01 00:29:41 | 000,000,000 | ---D | C] -- C:\Program Files\NortonInstaller
[2010/06/30 23:52:41 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\NortonInstaller
[2010/06/29 10:53:16 | 000,000,000 | -H-D | C] -- C:\WINDOWS\PIF
[2010/06/29 02:14:04 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Documents\Norton
[2010/06/29 02:00:45 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Norton
[2010/06/29 00:36:40 | 000,000,000 | ---D | C] -- C:\Program Files\Symantec
[2010/06/29 00:36:37 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Symantec
[2010/06/29 00:33:50 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Symantec Shared
[2010/06/27 23:20:49 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\Registry Patrol
[2010/06/27 23:20:17 | 000,000,000 | ---D | C] -- C:\Program Files\Registry Patrol
[2010/06/27 21:24:50 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Owner.JohnTabor\Application Data\SurfSecret Privacy Suite
[2010/06/27 21:24:09 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Owner.JohnTabor\Application Data\Panda Security
[2010/06/27 21:20:26 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Panda Security
[2010/06/27 19:00:54 | 000,028,552 | ---- | C] (Panda Security, S.L.) -- C:\WINDOWS\System32\drivers\pavboot.sys
[2010/06/27 19:00:01 | 000,000,000 | ---D | C] -- C:\Program Files\Panda Security
[2010/06/27 14:17:38 | 000,000,000 | ---D | C] -- C:\Documents and Settings\LocalService\Application Data\Macromedia
[2010/06/27 14:17:37 | 000,000,000 | ---D | C] -- C:\Documents and Settings\LocalService\Application Data\Adobe
[2010/06/25 00:39:17 | 000,000,000 | ---D | C] -- C:\Documents and Settings\NetworkService\Application Data\Macromedia
[2010/06/25 00:39:16 | 000,000,000 | ---D | C] -- C:\Documents and Settings\NetworkService\Application Data\Adobe
[2010/06/25 00:26:11 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Owner.JohnTabor\Local Settings\Application Data\nfeptnmkt
[2010/06/23 03:31:57 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Owner.JohnTabor\Local Settings\Application Data\{C12D9DEB-40D4-49D5-A834-130244FF76EC}
[2010/04/26 16:05:22 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Owner.JohnTabor\Local Settings\Application Data\SupportSoft
[2010/04/26 15:55:18 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Owner.JohnTabor\Application Data\Motive
[2010/04/26 15:52:45 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Motive
[2010/04/26 15:52:41 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Motive
[2010/04/26 15:48:59 | 000,000,000 | ---D | C] -- C:\Program Files\Verizon
[2010/04/24 14:35:43 | 000,000,000 | ---D | C] -- C:\Program Files\iPod
[2010/04/24 14:34:58 | 000,000,000 | ---D | C] -- C:\Program Files\iTunes
[2010/04/24 14:34:58 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\{429CAD59-35B1-4DBC-BB6D-1DB246563521}
[2010/04/24 14:27:23 | 000,000,000 | ---D | C] -- C:\Program Files\QuickTime
[2010/04/24 14:21:31 | 000,000,000 | ---D | C] -- C:\Program Files\Bonjour
[2010/04/11 19:05:20 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Owner.JohnTabor\My Documents\GRACE
[2010/01/01 17:12:39 | 000,176,128 | ---- | C] ( ) -- C:\WINDOWS\System32\csnp2uvc.dll
[2010/01/01 17:12:34 | 000,184,320 | ---- | C] ( ) -- C:\WINDOWS\System32\rsnp2uvc.dll
[1 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
 
[color=#E56717]========== Files - Modified Within 90 Days ==========[/color]
 
[2010/07/09 00:03:21 | 000,000,330 | -H-- | M] () -- C:\WINDOWS\tasks\MP Scheduled Scan.job
[2010/07/09 00:00:07 | 000,000,006 | -H-- | M] () -- C:\WINDOWS\tasks\SA.DAT
[2010/07/08 23:59:44 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2010/07/08 23:59:14 | 937,066,496 | -HS- | M] () -- C:\hiberfil.sys
[2010/07/08 23:57:41 | 004,980,736 | -H-- | M] () -- C:\Documents and Settings\Owner.JohnTabor\NTUSER.DAT
[2010/07/08 23:57:41 | 000,000,178 | -HS- | M] () -- C:\Documents and Settings\Owner.JohnTabor\ntuser.ini
[2010/07/08 23:57:35 | 004,768,656 | -H-- | M] () -- C:\Documents and Settings\Owner.JohnTabor\Local Settings\Application Data\IconCache.db
[2010/07/08 12:42:32 | 000,574,976 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Owner.JohnTabor\Desktop\OTL.exe
[2010/07/08 10:55:23 | 000,001,324 | ---- | M] () -- C:\WINDOWS\System32\d3d9caps.dat
[2010/07/08 10:40:00 | 000,001,158 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2010/07/05 18:47:30 | 000,000,696 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Malwarebytes' Anti-Malware.lnk
[2010/07/04 03:40:40 | 000,000,000 | ---- | M] () -- C:\WINDOWS\Vlepe.bin
[2010/07/04 03:40:39 | 000,000,120 | ---- | M] () -- C:\WINDOWS\Fjolijevula.dat
[2010/07/03 14:39:05 | 000,000,628 | ---- | M] () -- C:\WINDOWS\win.ini
[2010/07/03 14:39:05 | 000,000,282 | ---- | M] () -- C:\WINDOWS\system.ini
[2010/07/03 14:39:05 | 000,000,197 | -HS- | M] () -- C:\boot.ini
[2010/07/02 23:49:39 | 000,000,538 | ---- | M] () -- C:\WINDOWS\tasks\Norton Internet Security - Owner - Full System Scan.job
[2010/07/02 23:49:30 | 000,001,973 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Norton Internet Security.LNK
[2010/07/02 23:47:05 | 000,627,338 | ---- | M] () -- C:\WINDOWS\System32\drivers\NIS\1107000.00C\Cat.DB
[2010/07/01 12:33:55 | 000,001,880 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Vz In-Home Agent.lnk
[2010/07/01 01:02:35 | 000,124,976 | ---- | M] (Symantec Corporation) -- C:\WINDOWS\System32\drivers\SYMEVENT.SYS
[2010/07/01 01:02:35 | 000,007,443 | ---- | M] () -- C:\WINDOWS\System32\drivers\SYMEVENT.CAT
[2010/07/01 01:02:35 | 000,000,805 | ---- | M] () -- C:\WINDOWS\System32\drivers\SYMEVENT.INF
[2010/07/01 01:02:34 | 000,060,808 | ---- | M] (Symantec Corporation) -- C:\WINDOWS\System32\S32EVNT1.DLL
[2010/07/01 00:59:05 | 000,000,755 | ---- | M] () -- C:\Documents and Settings\Owner.JohnTabor\My Documents\Norton Installation Files.lnk
[2010/07/01 00:32:09 | 000,627,338 | ---- | M] () -- C:\WINDOWS\System32\drivers\N360\0400000.07F\Cat.DB
[2010/06/30 23:26:57 | 000,001,917 | ---- | M] () -- C:\WINDOWS\imsins.BAK
[2010/06/29 11:19:29 | 000,000,284 | ---- | M] () -- C:\WINDOWS\tasks\AppleSoftwareUpdate.job
[2010/06/29 01:59:28 | 000,000,000 | ---- | M] () -- C:\WINDOWS\WinInit.ini
[2010/06/27 21:28:41 | 000,000,264 | ---- | M] () -- C:\WINDOWS\pimdbey.dll.nanflmrkxtns
[2010/06/23 03:42:36 | 000,501,770 | ---- | M] () -- C:\WINDOWS\System32\PerfStringBackup.INI
[2010/06/23 03:42:36 | 000,441,456 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
[2010/06/23 03:42:36 | 000,071,408 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
[2010/06/09 01:33:58 | 000,164,320 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2010/05/27 20:35:54 | 000,001,430 | ---- | M] () -- C:\Documents and Settings\Owner.JohnTabor\Application Data\wklnhst.dat
[2010/05/18 11:50:16 | 000,000,256 | ---- | M] () -- C:\WINDOWS\System32\pool.bin
[2010/05/14 02:32:01 | 000,000,172 | ---- | M] () -- C:\WINDOWS\System32\drivers\NIS\1107000.00C\isolate.ini
[2010/05/06 06:41:54 | 001,678,531 | ---- | M] () -- C:\WINDOWS\System32\hjmcrato.dll
[2010/05/06 00:01:59 | 000,361,904 | ---- | M] (Symantec Corporation) -- C:\WINDOWS\System32\drivers\NIS\1107000.00C\symtdi.sys
[2010/05/06 00:01:59 | 000,339,504 | ---- | M] (Symantec Corporation) -- C:\WINDOWS\System32\drivers\NIS\1107000.00C\symtdiv.sys
[2010/05/06 00:01:43 | 000,001,473 | ---- | M] () -- C:\WINDOWS\System32\drivers\NIS\1107000.00C\symnetv.inf
[2010/05/06 00:01:43 | 000,001,445 | ---- | M] () -- C:\WINDOWS\System32\drivers\NIS\1107000.00C\symnet.inf
[2010/05/02 01:47:21 | 000,641,024 | R--- | M] () -- C:\Documents and Settings\All Users\Documents\ESBK.mb
[2010/04/29 15:39:38 | 000,038,224 | ---- | M] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbamswissarmy.sys
[2010/04/29 15:39:26 | 000,020,952 | ---- | M] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbam.sys
[2010/04/29 01:03:51 | 000,116,784 | ---- | M] (Symantec Corporation) -- C:\WINDOWS\System32\drivers\NIS\1107000.00C\ironx86.sys
[2010/04/29 01:03:51 | 000,007,438 | ---- | M] () -- C:\WINDOWS\System32\drivers\NIS\1107000.00C\iron.cat
[2010/04/29 01:03:51 | 000,000,741 | ---- | M] () -- C:\WINDOWS\System32\drivers\NIS\1107000.00C\iron.inf
[2010/04/26 04:18:40 | 000,007,873 | ---- | M] () -- C:\WINDOWS\System32\drivers\NIS\1107000.00C\symefa.cat
[2010/04/25 17:43:19 | 001,208,320 | R--- | M] () -- C:\Documents and Settings\All Users\Documents\ESBK.mbb
[2010/04/24 21:30:40 | 000,002,137 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\iTunes.lnk
[2010/04/24 07:31:04 | 000,003,373 | ---- | M] () -- C:\WINDOWS\System32\drivers\NIS\1107000.00C\symefa.inf
[2010/04/21 23:02:36 | 000,007,787 | ---- | M] () -- C:\WINDOWS\System32\drivers\NIS\1107000.00C\symnetv.cat
[2010/04/21 23:02:36 | 000,007,368 | ---- | M] () -- C:\WINDOWS\System32\drivers\NIS\1107000.00C\symnet.cat
[2010/04/21 23:02:20 | 000,173,104 | ---- | M] (Symantec Corporation) -- C:\WINDOWS\System32\drivers\NIS\1107000.00C\symefa.sys
[2010/04/21 23:01:56 | 000,007,425 | ---- | M] () -- C:\WINDOWS\System32\drivers\NIS\1107000.00C\symds.cat
[2010/04/21 22:29:50 | 000,325,680 | ---- | M] (Symantec Corporation) -- C:\WINDOWS\System32\drivers\NIS\1107000.00C\srtsp.sys
[2010/04/21 22:29:50 | 000,043,696 | ---- | M] (Symantec Corporation) -- C:\WINDOWS\System32\drivers\NIS\1107000.00C\srtspx.sys
[2010/04/21 22:29:50 | 000,007,442 | ---- | M] () -- C:\WINDOWS\System32\drivers\NIS\1107000.00C\srtspx.cat
[2010/04/21 22:29:50 | 000,007,438 | ---- | M] () -- C:\WINDOWS\System32\drivers\NIS\1107000.00C\srtsp.cat
[2010/04/21 22:29:50 | 000,001,388 | ---- | M] () -- C:\WINDOWS\System32\drivers\NIS\1107000.00C\srtspx.inf
[2010/04/21 22:29:50 | 000,001,382 | ---- | M] () -- C:\WINDOWS\System32\drivers\NIS\1107000.00C\srtsp.inf
[2010/04/19 18:54:13 | 000,002,267 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Skype.lnk
[1 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
 
[color=#E56717]========== Files Created - No Company Name ==========[/color]
 
[2010/07/08 23:59:14 | 937,066,496 | -HS- | C] () -- C:\hiberfil.sys
[2010/07/05 18:47:29 | 000,000,696 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Malwarebytes' Anti-Malware.lnk
[2010/07/03 14:39:04 | 000,001,837 | ---- | C] () -- C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Kodak EasyShare software.lnk
[2010/07/02 23:46:43 | 000,627,338 | ---- | C] () -- C:\WINDOWS\System32\drivers\NIS\1107000.00C\Cat.DB
[2010/07/02 00:15:14 | 000,007,787 | ---- | C] () -- C:\WINDOWS\System32\drivers\NIS\1107000.00C\symnetv.cat
[2010/07/02 00:15:14 | 000,007,368 | ---- | C] () -- C:\WINDOWS\System32\drivers\NIS\1107000.00C\symnet.cat
[2010/07/02 00:15:14 | 000,001,473 | ---- | C] () -- C:\WINDOWS\System32\drivers\NIS\1107000.00C\symnetv.inf
[2010/07/02 00:15:14 | 000,001,445 | ---- | C] () -- C:\WINDOWS\System32\drivers\NIS\1107000.00C\symnet.inf
[2010/07/02 00:15:13 | 000,007,873 | ---- | C] () -- C:\WINDOWS\System32\drivers\NIS\1107000.00C\symefa.cat
[2010/07/02 00:15:13 | 000,007,442 | ---- | C] () -- C:\WINDOWS\System32\drivers\NIS\1107000.00C\srtspx.cat
[2010/07/02 00:15:13 | 000,007,425 | ---- | C] () -- C:\WINDOWS\System32\drivers\NIS\1107000.00C\symds.cat
[2010/07/02 00:15:13 | 000,003,373 | ---- | C] () -- C:\WINDOWS\System32\drivers\NIS\1107000.00C\symefa.inf
[2010/07/02 00:15:13 | 000,002,793 | R--- | C] () -- C:\WINDOWS\System32\drivers\NIS\1107000.00C\symds.inf
[2010/07/02 00:15:13 | 000,001,388 | ---- | C] () -- C:\WINDOWS\System32\drivers\NIS\1107000.00C\srtspx.inf
[2010/07/02 00:15:12 | 000,007,438 | ---- | C] () -- C:\WINDOWS\System32\drivers\NIS\1107000.00C\srtsp.cat
[2010/07/02 00:15:12 | 000,007,438 | ---- | C] () -- C:\WINDOWS\System32\drivers\NIS\1107000.00C\iron.cat
[2010/07/02 00:15:12 | 000,007,396 | ---- | C] () -- C:\WINDOWS\System32\drivers\NIS\1107000.00C\cchpx86.cat
[2010/07/02 00:15:12 | 000,001,754 | ---- | C] () -- C:\WINDOWS\System32\drivers\NIS\1107000.00C\cchpx86.inf
[2010/07/02 00:15:12 | 000,001,382 | ---- | C] () -- C:\WINDOWS\System32\drivers\NIS\1107000.00C\srtsp.inf
[2010/07/02 00:15:12 | 000,000,741 | ---- | C] () -- C:\WINDOWS\System32\drivers\NIS\1107000.00C\iron.inf
[2010/07/02 00:12:44 | 000,000,172 | ---- | C] () -- C:\WINDOWS\System32\drivers\NIS\1107000.00C\isolate.ini
[2010/07/01 12:33:55 | 000,001,880 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Vz In-Home Agent.lnk
[2010/07/01 01:23:28 | 000,000,538 | ---- | C] () -- C:\WINDOWS\tasks\Norton Internet Security - Owner - Full System Scan.job
[2010/07/01 01:13:38 | 000,000,755 | ---- | C] () -- C:\Documents and Settings\Owner.JohnTabor\My Documents\Norton Installation Files.lnk
[2010/07/01 01:02:35 | 000,007,443 | ---- | C] () -- C:\WINDOWS\System32\drivers\SYMEVENT.CAT
[2010/07/01 01:02:35 | 000,000,805 | ---- | C] () -- C:\WINDOWS\System32\drivers\SYMEVENT.INF
[2010/07/01 01:01:03 | 000,001,973 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Norton Internet Security.LNK
[2010/07/01 00:31:42 | 000,627,338 | ---- | C] () -- C:\WINDOWS\System32\drivers\N360\0400000.07F\Cat.DB
[2010/06/29 01:59:28 | 000,000,000 | ---- | C] () -- C:\WINDOWS\WinInit.ini
[2010/06/27 21:28:40 | 000,000,264 | ---- | C] () -- C:\WINDOWS\pimdbey.dll.nanflmrkxtns
[2010/06/23 03:31:58 | 000,000,120 | ---- | C] () -- C:\WINDOWS\Fjolijevula.dat
[2010/06/23 03:31:58 | 000,000,000 | ---- | C] () -- C:\WINDOWS\Vlepe.bin
[2010/05/06 06:41:54 | 001,678,531 | ---- | C] () -- C:\WINDOWS\System32\hjmcrato.dll
[2010/04/24 14:37:23 | 000,002,137 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\iTunes.lnk
[2010/01/01 17:12:39 | 000,028,160 | ---- | C] () -- C:\WINDOWS\System32\drivers\sncduvc.sys
[2010/01/01 17:12:39 | 000,015,497 | ---- | C] () -- C:\WINDOWS\snp2uvc.ini
[2010/01/01 17:12:38 | 009,611,520 | ---- | C] () -- C:\WINDOWS\System32\drivers\snp2uvc.sys
[2009/08/31 14:00:22 | 000,021,504 | ---- | C] () -- C:\WINDOWS\System32\WBCustomizer.dll
[2009/08/31 14:00:21 | 000,185,344 | ---- | C] () -- C:\WINDOWS\System32\MemWarp.dll
[2009/02/01 15:02:04 | 000,000,130 | ---- | C] () -- C:\WINDOWS\HPFTBX06.INI
[2009/02/01 15:01:54 | 000,134,112 | ---- | C] () -- C:\WINDOWS\System32\hpfmlc06.dll
[2009/02/01 15:01:51 | 000,067,380 | ---- | C] () -- C:\WINDOWS\System32\hpfpml06.dll
[2009/02/01 15:01:49 | 000,088,064 | ---- | C] () -- C:\WINDOWS\System32\hpf24r06.dll
[2009/02/01 15:01:47 | 000,038,176 | ---- | C] () -- C:\WINDOWS\System32\drivers\hpfecp06.sys
[2009/02/01 15:01:47 | 000,027,164 | ---- | C] () -- C:\WINDOWS\System32\hpfiop06.dll
[2009/02/01 15:01:46 | 000,056,060 | ---- | C] () -- C:\WINDOWS\System32\hpfmem06.dll
[2009/02/01 15:01:44 | 000,068,700 | ---- | C] () -- C:\WINDOWS\System32\hpfcom06.dll
[2009/02/01 15:01:44 | 000,044,856 | ---- | C] () -- C:\WINDOWS\System32\hpflpm06.dll
[2009/02/01 15:01:43 | 001,184,768 | ---- | C] () -- C:\WINDOWS\System32\hpftrl06.dll
[2009/02/01 15:01:43 | 000,195,584 | ---- | C] () -- C:\WINDOWS\System32\hpfscp06.dll
[2009/02/01 15:01:40 | 000,028,160 | ---- | C] () -- C:\WINDOWS\System32\hpfrsu06.dll
[2009/02/01 15:01:39 | 000,152,064 | ---- | C] () -- C:\WINDOWS\System32\hpfdat06.dll
[2009/02/01 15:01:38 | 000,007,680 | ---- | C] () -- C:\WINDOWS\System32\hpfhrl06.dll
[2009/02/01 15:01:37 | 000,189,440 | ---- | C] () -- C:\WINDOWS\System32\hpfmrl06.dll
[2009/02/01 15:01:35 | 000,246,784 | ---- | C] () -- C:\WINDOWS\System32\hpfwin06.dll
[2009/02/01 15:01:34 | 000,033,792 | ---- | C] () -- C:\WINDOWS\System32\hpfmon06.dll
[2009/02/01 15:01:33 | 000,711,168 | ---- | C] () -- C:\WINDOWS\System32\hpfimg06.dll
[2009/02/01 15:01:32 | 000,103,936 | ---- | C] () -- C:\WINDOWS\System32\hpfcnt06.dll
[2009/02/01 15:01:31 | 000,276,480 | ---- | C] () -- C:\WINDOWS\System32\hpfcps06.dll
[2009/02/01 15:01:29 | 000,002,850 | ---- | C] () -- C:\WINDOWS\System32\hpflnk06.ini
[2009/02/01 15:01:26 | 000,117,760 | ---- | C] () -- C:\WINDOWS\System32\hpfrsa06.dll
[2009/01/30 23:16:37 | 000,000,002 | ---- | C] () -- C:\WINDOWS\msoffice.ini
[2009/01/30 21:36:30 | 000,135,168 | ---- | C] () -- C:\WINDOWS\System32\RtlCPAPI.dll
[2009/01/30 21:28:59 | 000,000,376 | ---- | C] () -- C:\WINDOWS\ODBC.INI
[2006/06/21 05:48:15 | 000,000,061 | ---- | C] () -- C:\WINDOWS\smscfg.ini
[2006/06/17 05:24:58 | 000,001,436 | ---- | C] () -- C:\WINDOWS\System32\oeminfo.ini
[2006/06/17 05:24:57 | 000,000,492 | ---- | C] () -- C:\WINDOWS\System32\emver.ini
[2005/08/06 00:01:54 | 000,235,008 | ---- | C] () -- C:\WINDOWS\System32\psisdecd.dll
[2003/01/07 19:05:08 | 000,002,695 | ---- | C] () -- C:\WINDOWS\System32\OUTLPERF.INI
 
[color=#E56717]========== LOP Check ==========[/color]
 
[2010/04/30 00:31:38 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Napster
[2010/06/27 21:20:26 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Panda Security
[2010/07/01 00:46:20 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\PCSettings
[2009/02/03 14:47:04 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\PopCap
[2010/01/20 21:04:39 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Research In Motion
[2009/08/09 19:03:04 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Rosetta Stone
[2009/10/26 20:14:33 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Uninstall
[2009/01/30 21:40:15 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Viewpoint
[2009/01/30 21:35:17 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\WildTangent
[2010/04/24 14:37:18 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\{429CAD59-35B1-4DBC-BB6D-1DB246563521}
[2009/09/22 11:28:38 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\{755AC846-7372-4AC8-8550-C52491DAA8BD}
[2009/04/21 11:54:26 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\{8CD7F5AF-ECFA-4793-BF40-D8F42DBFF906}
[2010/07/09 00:10:40 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Owner.JohnTabor\Application Data\Aqgua
[2009/05/05 21:47:38 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Owner.JohnTabor\Application Data\Ehmoh
[2009/07/11 02:19:12 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Owner.JohnTabor\Application Data\Emcoe
[2010/07/08 11:05:51 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Owner.JohnTabor\Application Data\Irco
[2010/07/02 00:02:53 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Owner.JohnTabor\Application Data\LimeWire
[2009/08/14 10:37:36 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Owner.JohnTabor\Application Data\Meboru
[2009/05/03 14:12:32 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Owner.JohnTabor\Application Data\Mubuaw
[2009/02/07 12:32:21 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Owner.JohnTabor\Application Data\Oneq
[2010/06/27 21:24:09 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Owner.JohnTabor\Application Data\Panda Security
[2010/01/20 20:54:06 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Owner.JohnTabor\Application Data\Research In Motion
[2009/01/30 21:49:35 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Owner.JohnTabor\Application Data\SampleView
[2010/01/27 22:29:08 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Owner.JohnTabor\Application Data\Skinux
[2010/06/27 21:24:50 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Owner.JohnTabor\Application Data\SurfSecret Privacy Suite
[2010/02/14 14:31:45 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Owner.JohnTabor\Application Data\Template
[2009/08/24 20:30:31 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Owner.JohnTabor\Application Data\Uhkae
[2010/01/27 22:11:26 | 000,000,436 | ---- | M] () -- C:\WINDOWS\Tasks\EasyShare Registration Task.job
[2010/07/09 00:03:21 | 000,000,330 | -H-- | M] () -- C:\WINDOWS\Tasks\MP Scheduled Scan.job
 
[color=#E56717]========== Purity Check ==========[/color]
 
 
 
[color=#E56717]========== Custom Scans ==========[/color]
 
 
[color=#A23BEC]< %SYSTEMDRIVE%\*.* >[/color]
[2006/06/17 05:41:16 | 000,000,000 | ---- | M] () -- C:\AUTOEXEC.BAT
[2010/07/03 14:39:05 | 000,000,197 | -HS- | M] () -- C:\boot.ini
[2006/06/17 05:41:16 | 000,000,000 | ---- | M] () -- C:\CONFIG.SYS
[2010/07/08 23:59:14 | 937,066,496 | -HS- | M] () -- C:\hiberfil.sys
[2006/06/17 05:41:16 | 000,000,000 | RHS- | M] () -- C:\IO.SYS
[2009/01/30 21:41:10 | 000,001,208 | -H-- | M] () -- C:\IPH.PH
[2009/01/30 20:58:42 | 000,000,064 | ---- | M] () -- C:\MOVE_RECOVERY
[2006/06/17 05:41:16 | 000,000,000 | RHS- | M] () -- C:\MSDOS.SYS
[2004/08/10 15:00:00 | 000,047,564 | RHS- | M] () -- C:\NTDETECT.COM
[2009/02/04 13:24:15 | 000,250,048 | RHS- | M] () -- C:\ntldr
[2010/07/08 23:59:13 | 1409,286,144 | -HS- | M] () -- C:\pagefile.sys
[2009/01/30 21:26:50 | 000,000,090 | ---- | M] () -- C:\powerdvd.log
[2009/10/19 13:59:09 | 000,002,295 | ---- | M] () -- C:\rapport.txt
[2009/01/30 21:36:34 | 000,000,499 | ---- | M] () -- C:\RHDSetup.log
[2009/10/16 09:14:38 | 000,000,268 | -H-- | M] () -- C:\sqmdata00.sqm
[2009/10/16 17:03:40 | 000,000,268 | -H-- | M] () -- C:\sqmdata01.sqm
[2009/10/17 12:33:07 | 000,000,268 | -H-- | M] () -- C:\sqmdata02.sqm
[2009/10/17 16:50:35 | 000,000,268 | -H-- | M] () -- C:\sqmdata03.sqm
[2009/10/19 06:01:13 | 000,000,268 | -H-- | M] () -- C:\sqmdata04.sqm
[2009/10/19 13:44:43 | 000,000,268 | -H-- | M] () -- C:\sqmdata05.sqm
[2009/10/19 13:47:04 | 000,000,232 | -H-- | M] () -- C:\sqmdata06.sqm
[2009/10/19 15:00:15 | 000,000,268 | -H-- | M] () -- C:\sqmdata07.sqm
[2009/10/19 15:57:24 | 000,000,268 | -H-- | M] () -- C:\sqmdata08.sqm
[2009/10/20 19:12:13 | 000,000,268 | -H-- | M] () -- C:\sqmdata09.sqm
[2009/10/22 13:12:48 | 000,000,268 | -H-- | M] () -- C:\sqmdata10.sqm
[2009/10/22 14:13:59 | 000,000,268 | -H-- | M] () -- C:\sqmdata11.sqm
[2009/10/12 13:17:49 | 000,000,268 | -H-- | M] () -- C:\sqmdata12.sqm
[2009/10/13 02:31:36 | 000,000,268 | -H-- | M] () -- C:\sqmdata13.sqm
[2009/10/13 12:20:36 | 000,000,268 | -H-- | M] () -- C:\sqmdata14.sqm
[2009/10/14 05:43:06 | 000,000,268 | -H-- | M] () -- C:\sqmdata15.sqm
[2009/10/14 14:52:56 | 000,000,268 | -H-- | M] () -- C:\sqmdata16.sqm
[2009/10/14 15:27:21 | 000,000,268 | -H-- | M] () -- C:\sqmdata17.sqm
[2009/10/15 07:55:28 | 000,000,268 | -H-- | M] () -- C:\sqmdata18.sqm
[2009/10/15 16:18:49 | 000,000,268 | -H-- | M] () -- C:\sqmdata19.sqm
[2009/10/16 09:14:38 | 000,000,244 | -H-- | M] () -- C:\sqmnoopt00.sqm
[2009/10/16 17:03:40 | 000,000,244 | -H-- | M] () -- C:\sqmnoopt01.sqm
[2009/10/17 12:33:07 | 000,000,244 | -H-- | M] () -- C:\sqmnoopt02.sqm
[2009/10/17 16:50:35 | 000,000,244 | -H-- | M] () -- C:\sqmnoopt03.sqm
[2009/10/19 06:01:13 | 000,000,244 | -H-- | M] () -- C:\sqmnoopt04.sqm
[2009/10/19 13:44:43 | 000,000,244 | -H-- | M] () -- C:\sqmnoopt05.sqm
[2009/10/19 13:47:04 | 000,000,244 | -H-- | M] () -- C:\sqmnoopt06.sqm
[2009/10/19 15:00:15 | 000,000,244 | -H-- | M] () -- C:\sqmnoopt07.sqm
[2009/10/19 15:57:24 | 000,000,244 | -H-- | M] () -- C:\sqmnoopt08.sqm
[2009/10/20 19:12:13 | 000,000,244 | -H-- | M] () -- C:\sqmnoopt09.sqm
[2009/10/22 13:12:48 | 000,000,244 | -H-- | M] () -- C:\sqmnoopt10.sqm
[2009/10/22 14:13:59 | 000,000,244 | -H-- | M] () -- C:\sqmnoopt11.sqm
[2009/10/12 13:17:49 | 000,000,244 | -H-- | M] () -- C:\sqmnoopt12.sqm
[2009/10/13 02:31:36 | 000,000,244 | -H-- | M] () -- C:\sqmnoopt13.sqm
[2009/10/13 12:20:36 | 000,000,244 | -H-- | M] () -- C:\sqmnoopt14.sqm
[2009/10/14 05:43:06 | 000,000,244 | -H-- | M] () -- C:\sqmnoopt15.sqm
[2009/10/14 14:52:56 | 000,000,244 | -H-- | M] () -- C:\sqmnoopt16.sqm
[2009/10/14 15:27:21 | 000,000,244 | -H-- | M] () -- C:\sqmnoopt17.sqm
[2009/10/15 07:55:28 | 000,000,244 | -H-- | M] () -- C:\sqmnoopt18.sqm
[2009/10/15 16:18:49 | 000,000,244 | -H-- | M] () -- C:\sqmnoopt19.sqm
[2009/01/30 21:17:32 | 000,000,002 | RHS- | M] () -- C:\USER
 
[color=#A23BEC]< %systemroot%\system32\*.wt >[/color]
 
[color=#A23BEC]< %systemroot%\system32\*.ruy >[/color]
 
[color=#A23BEC]< %systemroot%\Fonts\*.com >[/color]
[2006/04/18 15:39:28 | 000,026,040 | ---- | M] () -- C:\WINDOWS\Fonts\GlobalMonospace.CompositeFont
[2006/06/29 14:53:56 | 000,026,489 | ---- | M] () -- C:\WINDOWS\Fonts\GlobalSansSerif.CompositeFont
[2006/04/18 15:39:28 | 000,029,779 | ---- | M] () -- C:\WINDOWS\Fonts\GlobalSerif.CompositeFont
[2006/06/29 14:58:52 | 000,030,808 | ---- | M] () -- C:\WINDOWS\Fonts\GlobalUserInterface.CompositeFont
 
[color=#A23BEC]< %systemroot%\Fonts\*.dll >[/color]
 
[color=#A23BEC]< %systemroot%\Fonts\*.ini >[/color]
[2004/08/10 15:00:00 | 000,000,067 | ---- | M] () -- C:\WINDOWS\Fonts\desktop.ini
 
[color=#A23BEC]< %systemroot%\Fonts\*.ini2 >[/color]
 
[color=#A23BEC]< %systemroot%\system32\spool\prtprocs\w32x86\*.tmp >[/color]
 
[color=#A23BEC]< %systemroot%\system32\Spool\prtprocs\w32x86\*.dll >[/color]
[2008/07/06 08:06:10 | 000,089,088 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\spool\prtprocs\w32x86\filterpipelineprintproc.dll
[2007/04/09 14:23:54 | 000,028,552 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\spool\prtprocs\w32x86\mdippr.dll
 
[color=#A23BEC]< %systemroot%\REPAIR\*.bak1 >[/color]
 
[color=#A23BEC]< %systemroot%\REPAIR\*.ini >[/color]
 
[color=#A23BEC]< %systemroot%\system32\*.jpg >[/color]
 
[color=#A23BEC]< %systemroot%\*.scr >[/color]
[2009/07/10 12:15:46 | 000,306,544 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\WLXPGSS.SCR
[1 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
 
[color=#A23BEC]< %systemroot%\*._sy >[/color]
 
[color=#A23BEC]< %APPDATA%\Adobe\Update\*.* >[/color]
 
[color=#A23BEC]< %systemroot%\*. /mp /s >[/color]
 
[color=#A23BEC]< %systemroot%\system32\*.dll /lockedfiles >[/color]
[2008/04/13 20:11:51 | 001,267,200 | ---- | M] (Microsoft Corporation)[b] Unable to obtain MD5[/b] -- C:\WINDOWS\system32\comsvcs.dll
 
[color=#A23BEC]< %systemroot%\Tasks\*.job /lockedfiles >[/color]
 
[color=#A23BEC]< %systemroot%\System32\config\*.sav >[/color]
[2006/06/16 22:30:11 | 000,094,208 | ---- | M] () -- C:\WINDOWS\system32\config\default.sav
[2006/06/16 22:30:11 | 000,659,456 | ---- | M] () -- C:\WINDOWS\system32\config\software.sav
[2006/06/16 22:30:11 | 000,897,024 | ---- | M] () -- C:\WINDOWS\system32\config\system.sav
 
[color=#A23BEC]< %systemroot%\system32\user32.dll /md5 >[/color]
[2008/04/13 20:12:08 | 000,578,560 | ---- | M] (Microsoft Corporation) MD5=B26B135FF1B9F60C9388B4A7D16F600B -- C:\WINDOWS\system32\user32.dll
 
[color=#A23BEC]< %systemroot%\system32\ws2_32.dll /md5 >[/color]
[2008/04/13 20:12:10 | 000,082,432 | ---- | M] (Microsoft Corporation) MD5=2CCC474EB85CEAA3E1FA1726580A3E5A -- C:\WINDOWS\system32\ws2_32.dll
 
[color=#A23BEC]< %systemroot%\system32\ws2help.dll /md5 >[/color]
[2008/04/13 20:12:10 | 000,019,968 | ---- | M] (Microsoft Corporation) MD5=9789E95E1D88EEB4B922BF3EA7779C28 -- C:\WINDOWS\system32\ws2help.dll
 
[color=#A23BEC]< HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate\AU >[/color]
 
[color=#A23BEC]< HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update\Results\Install|LastSuccessTime /rs >[/color]
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update\Results\Install\\LastSuccessTime: 2010-06-23 07:47:04
< End of report >