OTL logfile created on: 9/15/2010 8:54:02 PM - Run 1
OTL by OldTimer - Version 3.2.12.1     Folder = C:\
Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy
 
3.00 Gb Total Physical Memory | 2.00 Gb Available Physical Memory | 75.00% Memory free
5.00 Gb Paging File | 4.00 Gb Available in Paging File | 86.00% Paging File free
Paging file location(s): C:\pagefile.sys 2046 4092 [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 74.53 Gb Total Space | 27.36 Gb Free Space | 36.70% Space Free | Partition Type: NTFS
D: Drive not present or media not loaded
E: Drive not present or media not loaded
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded
 
Computer Name: GCI-CACAREY
Current User Name: cacarey
NOT logged in as Administrator.
 
Current Boot Mode: Normal
Scan Mode: Current user
Company Name Whitelist: On
Skip Microsoft Files: On
File Age = 90 Days
Output = Standard
Quick Scan
 
[color=#E56717]========== Processes (SafeList) ==========[/color]
 
PRC - [2010/09/15 20:53:37 | 000,575,488 | ---- | M] (OldTimer Tools) -- C:\OTL.exe
PRC - [2010/09/15 17:10:46 | 000,864,624 | ---- | M] (Lavasoft) -- C:\Program Files\Lavasoft\Ad-Aware\AAWTray.exe
PRC - [2010/09/15 17:10:45 | 001,355,928 | ---- | M] (Lavasoft) -- C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe
PRC - [2010/06/01 16:50:00 | 000,185,664 | ---- | M] (McAfee, Inc.) -- C:\Program Files\McAfee\Common Framework\naPrdMgr.exe
PRC - [2010/06/01 16:50:00 | 000,140,608 | ---- | M] (McAfee, Inc.) -- C:\Program Files\McAfee\Common Framework\UdaterUI.exe
PRC - [2010/06/01 16:50:00 | 000,120,128 | ---- | M] (McAfee, Inc.) -- C:\Program Files\McAfee\Common Framework\FrameworkService.exe
PRC - [2010/06/01 16:50:00 | 000,075,072 | ---- | M] (McAfee, Inc.) -- C:\Program Files\McAfee\Common Framework\McTray.exe
PRC - [2010/03/25 13:20:06 | 000,226,624 | ---- | M] (McAfee, Inc.) -- C:\Program Files\McAfee\SiteAdvisor Enterprise\McSACore.exe
PRC - [2010/02/28 02:09:14 | 000,519,584 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Common Files\Microsoft Shared\DW\DWTRIG20.EXE
PRC - [2010/02/18 20:22:04 | 000,615,792 | ---- | M] (Juniper Networks) -- C:\Program Files\Juniper Networks\Common Files\dsNcService.exe
PRC - [2010/01/06 20:07:00 | 000,147,472 | ---- | M] (McAfee, Inc.) -- C:\Program Files\McAfee\VirusScan Enterprise\Mcshield.exe
PRC - [2010/01/06 20:07:00 | 000,070,728 | ---- | M] (McAfee, Inc.) -- C:\WINDOWS\system32\mfevtps.exe
PRC - [2010/01/06 20:07:00 | 000,066,896 | ---- | M] (McAfee, Inc.) -- C:\Program Files\McAfee\VirusScan Enterprise\VsTskMgr.exe
PRC - [2010/01/06 20:07:00 | 000,027,960 | ---- | M] (McAfee, Inc.) -- C:\Program Files\McAfee\VirusScan Enterprise\mfeann.exe
PRC - [2010/01/06 20:07:00 | 000,022,816 | ---- | M] (McAfee, Inc.) -- C:\Program Files\McAfee\VirusScan Enterprise\EngineServer.exe
PRC - [2009/09/18 05:00:00 | 000,764,768 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\CCM\CcmExec.exe
PRC - [2009/05/30 20:55:26 | 000,037,664 | ---- | M] (International Business Machines Corporation) -- C:\Program Files\IBM\SQLLIB\BIN\db2mgmtsvc.exe
PRC - [2009/05/27 03:27:04 | 029,262,680 | ---- | M] (Microsoft Corporation) -- c:\Program Files\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\sqlservr.exe
PRC - [2009/02/10 11:02:48 | 000,604,776 | ---- | M] (Broadcom Corporation.) -- C:\Program Files\ThinkPad\Bluetooth Software\BTTray.exe
PRC - [2009/02/10 11:02:46 | 001,456,768 | ---- | M] (Broadcom Corporation.) -- C:\Program Files\ThinkPad\Bluetooth Software\BTStackServer.exe
PRC - [2009/02/10 11:02:46 | 000,346,720 | ---- | M] (Broadcom Corporation.) -- C:\Program Files\ThinkPad\Bluetooth Software\bin\btwdins.exe
PRC - [2008/11/24 22:31:12 | 000,087,904 | ---- | M] (Microsoft Corporation) -- c:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
PRC - [2008/10/06 11:14:18 | 000,118,784 | ---- | M] (Synaptics, Inc.) -- C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
PRC - [2008/04/13 20:12:19 | 001,033,728 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
PRC - [2007/09/28 17:29:00 | 000,037,424 | ---- | M] (Lenovo.) -- C:\WINDOWS\system32\TPHDEXLG.exe
PRC - [2007/09/28 14:28:40 | 000,181,544 | ---- | M] (Lenovo.) -- C:\WINDOWS\system32\TpShocks.exe
PRC - [2007/05/31 20:02:06 | 000,036,400 | ---- | M] (Lenovo) -- C:\WINDOWS\system32\ibmpmsvc.exe
PRC - [2007/04/27 03:33:00 | 000,243,248 | ---- | M] (Lenovo Group Ltd.) -- C:\Program Files\ThinkPad\Utilities\EZEJMNAP.EXE
PRC - [2007/04/09 17:23:56 | 001,015,808 | ---- | M] (Analog Devices, Inc.) -- C:\Program Files\Analog Devices\Core\smax4pnp.exe
PRC - [2007/04/03 16:18:08 | 001,516,584 | ---- | M] (Cisco Systems, Inc.) -- C:\Program Files\Cisco Systems\VPN Client\cvpnd.exe
PRC - [2007/03/09 15:49:42 | 000,066,176 | ---- | M] (Lenovo Group Limited) -- C:\Program Files\Lenovo\HOTKEY\TPOSDSVC.exe
PRC - [2007/03/08 14:16:48 | 000,073,776 | ---- | M] (Lenovo Group Limited) -- C:\Program Files\Lenovo\HOTKEY\TPONSCR.exe
PRC - [2006/12/18 17:54:32 | 000,155,648 | ---- | M] (Sprint Spectrum, L.L.C) -- C:\Program Files\Novatel Wireless\Sprint\Sprint PCS Connection Manager\OSCMUtilityService.exe
PRC - [2006/09/06 17:39:10 | 000,091,688 | ---- | M] (Lenovo Group Limited) -- C:\Program Files\Lenovo\ZOOM\TpScrex.exe
 
 
[color=#E56717]========== Modules (SafeList) ==========[/color]
 
MOD - [2010/09/15 20:53:37 | 000,575,488 | ---- | M] (OldTimer Tools) -- C:\OTL.exe
MOD - [2009/02/09 17:47:58 | 000,094,273 | ---- | M] (Broadcom Corporation.) -- C:\WINDOWS\system32\BtMmHook.dll
MOD - [2009/02/09 17:46:06 | 000,069,697 | ---- | M] () -- C:\Program Files\ThinkPad\Bluetooth Software\BTKeyInd.dll
MOD - [2008/04/13 20:10:20 | 000,110,592 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\msscript.ocx
MOD - [2007/01/25 16:25:52 | 000,069,720 | ---- | M] () -- C:\Program Files\Lenovo\HOTKEY\HKVOLKEY.dll
 
 
[color=#E56717]========== Win32 Services (SafeList) ==========[/color]
 
SRV - [2010/09/15 17:10:45 | 001,355,928 | ---- | M] (Lavasoft) [Auto | Running] -- C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe -- (Lavasoft Ad-Aware Service)
SRV - [2010/06/01 16:50:00 | 000,120,128 | ---- | M] (McAfee, Inc.) [Unknown | Running] -- C:\Program Files\McAfee\Common Framework\FrameworkService.exe -- (McAfeeFramework)
SRV - [2010/03/25 13:20:06 | 000,226,624 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Program Files\McAfee\SiteAdvisor Enterprise\McSACore.exe -- (McAfee SiteAdvisor Enterprise Service)
SRV - [2010/03/18 16:47:22 | 000,035,160 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\aspnet_state.exe -- (aspnet_state)
SRV - [2010/03/18 13:16:28 | 000,753,504 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe -- (WPFFontCache_v0400)
SRV - [2010/03/18 13:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2010/03/18 13:16:28 | 000,124,240 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe -- (NetTcpPortSharing)
SRV - [2010/02/18 20:22:04 | 000,615,792 | ---- | M] (Juniper Networks) [Auto | Running] -- C:\Program Files\Juniper Networks\Common Files\dsNcService.exe -- (dsNcService)
SRV - [2010/01/09 21:37:50 | 004,640,000 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE -- (osppsvc)
SRV - [2010/01/06 20:07:00 | 000,147,472 | ---- | M] (McAfee, Inc.) [Unknown | Running] -- C:\Program Files\McAfee\VirusScan Enterprise\Mcshield.exe -- (McShield)
SRV - [2010/01/06 20:07:00 | 000,070,728 | ---- | M] (McAfee, Inc.) [Unknown | Running] -- C:\WINDOWS\system32\mfevtps.exe -- (mfevtp)
SRV - [2010/01/06 20:07:00 | 000,066,896 | ---- | M] (McAfee, Inc.) [Unknown | Running] -- C:\Program Files\McAfee\VirusScan Enterprise\VsTskMgr.exe -- (McTaskManager)
SRV - [2010/01/06 20:07:00 | 000,022,816 | ---- | M] (McAfee, Inc.) [Unknown | Running] -- C:\Program Files\McAfee\VirusScan Enterprise\EngineServer.exe -- (McAfeeEngineService)
SRV - [2009/09/18 05:00:00 | 000,764,768 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\WINDOWS\system32\CCM\CcmExec.exe -- (CcmExec)
SRV - [2009/09/18 05:00:00 | 000,246,624 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\WINDOWS\System32\CCM\TSManager.exe -- (smstsmgr)
SRV - [2009/07/02 15:10:16 | 003,217,744 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Program Files\Microsoft Visual Studio 9.0\Common7\IDE\Remote Debugger\x86\msvsmon.exe -- (msvsmon90)
SRV - [2009/05/30 20:55:26 | 000,037,664 | ---- | M] (International Business Machines Corporation) [Auto | Running] -- C:\Program Files\IBM\SQLLIB\BIN\db2mgmtsvc.exe -- (DB2MGMTSVC_ChadDB2) DB2 Management Service (ChadDB2)
SRV - [2009/05/27 03:27:04 | 029,262,680 | ---- | M] (Microsoft Corporation) [Auto | Running] -- c:\Program Files\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\sqlservr.exe -- (MSSQL$SQLEXPRESS) SQL Server (SQLEXPRESS)
SRV - [2009/02/10 11:02:46 | 000,346,720 | ---- | M] (Broadcom Corporation.) [Auto | Running] -- C:\Program Files\ThinkPad\Bluetooth Software\bin\btwdins.exe -- (btwdins)
SRV - [2008/11/25 02:31:07 | 000,239,968 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- c:\Program Files\Microsoft SQL Server\90\Shared\sqlbrowser.exe -- (SQLBrowser)
SRV - [2008/11/25 02:31:07 | 000,045,408 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- c:\Program Files\Microsoft SQL Server\90\Shared\sqladhlp90.exe -- (MSSQLServerADHelper)
SRV - [2008/11/24 22:31:12 | 000,087,904 | ---- | M] (Microsoft Corporation) [Auto | Running] -- c:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe -- (SQLWriter)
SRV - [2008/04/13 20:12:22 | 000,015,360 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\WINDOWS\system32\inetsrv\inetinfo.exe -- (W3SVC)
SRV - [2008/04/13 20:12:22 | 000,015,360 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\WINDOWS\system32\inetsrv\inetinfo.exe -- (SMTPSVC) Simple Mail Transfer Protocol (SMTP)
SRV - [2008/04/13 20:12:22 | 000,015,360 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\WINDOWS\system32\inetsrv\inetinfo.exe -- (IISADMIN)
SRV - [2007/09/28 17:29:00 | 000,037,424 | ---- | M] (Lenovo.) [Auto | Running] -- C:\WINDOWS\system32\TPHDEXLG.exe -- (TPHDEXLGSVC)
SRV - [2007/05/31 20:02:06 | 000,036,400 | ---- | M] (Lenovo) [Auto | Running] -- C:\WINDOWS\system32\ibmpmsvc.exe -- (IBMPMSVC)
SRV - [2007/04/03 16:18:08 | 001,516,584 | ---- | M] (Cisco Systems, Inc.) [Auto | Running] -- C:\Program Files\Cisco Systems\VPN Client\cvpnd.exe -- (CVPND)
SRV - [2006/12/18 17:54:32 | 000,155,648 | ---- | M] (Sprint Spectrum, L.L.C) [Auto | Running] -- C:\Program Files\Novatel Wireless\Sprint\Sprint PCS Connection Manager\OSCMUtilityService.exe -- (OSCM Utility Service)
SRV - [2006/11/30 18:09:32 | 001,310,720 | ---- | M] (iPass, Inc.) [On_Demand | Stopped] -- C:\Program Files\iPass\iPassConnect\iPassConnectEngine.exe -- (iPassConnectEngine)
SRV - [2006/11/29 17:47:28 | 000,126,976 | ---- | M] (iPass, Inc.) [On_Demand | Stopped] -- C:\Program Files\iPass\iPassConnect\iPassPeriodicUpdateApp.exe -- (iPassPeriodicUpdateApp)
SRV - [2006/11/29 17:47:28 | 000,086,016 | ---- | M] (iPass, Inc.) [On_Demand | Stopped] -- C:\Program Files\iPass\iPassConnect\iPassPeriodicUpdateService.exe -- (iPassPeriodicUpdateService)
SRV - [2005/06/09 05:30:00 | 000,057,344 | ---- | M] (IBM Corporation) [On_Demand | Stopped] -- C:\WINDOWS\cwbrxd.exe -- (Cwbrxd)
 
 
[color=#E56717]========== Driver Services (SafeList) ==========[/color]
 
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\WINDOWS\System32\DRIVERS\UIUSYS.SYS -- (UIUSys)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\WINDOWS\System32\DRIVERS\kbstuff5.sys -- (kbstuff)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\WINDOWS\System32\DRIVERS\idisw2km.sys -- (idisw2km)
DRV - [2010/08/12 08:15:20 | 000,064,288 | ---- | M] (Lavasoft AB) [File_System | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\Lbd.sys -- (Lbd)
DRV - [2010/06/16 10:05:00 | 000,229,224 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\VMM.sys -- (vmm)
DRV - [2010/02/18 20:07:56 | 000,026,624 | ---- | M] (Juniper Networks) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\dsNcAdpt.sys -- (dsNcAdpt)
DRV - [2010/01/06 20:07:00 | 000,343,920 | ---- | M] (McAfee, Inc.) [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\mfehidk.sys -- (mfehidk)
DRV - [2010/01/06 20:07:00 | 000,091,832 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\mfeavfk.sys -- (mfeavfk)
DRV - [2010/01/06 20:07:00 | 000,075,704 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\mfeapfk.sys -- (mfeapfk)
DRV - [2010/01/06 20:07:00 | 000,066,600 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\mferkdet.sys -- (mferkdet)
DRV - [2010/01/06 20:07:00 | 000,064,208 | ---- | M] (McAfee, Inc.) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\mfetdik.sys -- (mfetdik)
DRV - [2010/01/06 20:07:00 | 000,043,288 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\mfebopk.sys -- (mfebopk)
DRV - [2009/12/08 21:24:26 | 000,048,128 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Program Files\Microsoft Visual Studio 10.0\Team Tools\Performance Tools\VSPerfDrv100.sys -- (VSPerfDrv100)
DRV - [2009/09/18 05:00:00 | 000,020,848 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\CCM\PrepDrv.sys -- (prepdrvr)
DRV - [2009/09/01 08:10:20 | 000,721,904 | ---- | M] () [Kernel | Boot | Running] -- C:\WINDOWS\System32\Drivers\sptd.sys -- (sptd)
DRV - [2009/08/31 18:01:41 | 000,021,419 | ---- | M] (Meetinghouse Data Communications) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\iPassP.sys -- (iPassP) iPass Protocol (IEEE 802.1x)
DRV - [2009/03/31 11:08:50 | 004,202,496 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\NETw5x32.sys -- (NETw5x32) Intel(R)
DRV - [2009/03/18 11:59:56 | 000,241,296 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\e1e5132.sys -- (e1express) Intel(R)
DRV - [2009/02/16 10:32:32 | 000,156,816 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\btwdndis.sys -- (BTWDNDIS)
DRV - [2009/02/16 10:32:32 | 000,047,272 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\btwusb.sys -- (BTWUSB)
DRV - [2009/02/16 10:32:32 | 000,037,160 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\btport.sys -- (BTDriver)
DRV - [2009/02/16 10:32:30 | 000,991,784 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\btkrnl.sys -- (BTKRNL)
DRV - [2009/02/16 10:32:30 | 000,534,568 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\btaudio.sys -- (btaudio)
DRV - [2008/10/20 21:08:06 | 000,012,448 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\smsmdm.sys -- (smsmdd)
DRV - [2008/10/06 10:47:36 | 000,225,696 | ---- | M] (Synaptics, Inc.) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\SynTP.sys -- (SynTP)
DRV - [2008/08/21 23:49:58 | 000,008,320 | ---- | M] (Motorola) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\motccgpfl.sys -- (motccgpfl)
DRV - [2008/08/21 23:49:22 | 000,018,688 | ---- | M] (Motorola) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\motccgp.sys -- (motccgp)
DRV - [2008/04/13 12:36:05 | 000,144,384 | ---- | M] (Windows (R) Server 2003 DDK provider) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\hdaudbus.sys -- (HDAudBus)
DRV - [2008/02/05 01:50:44 | 000,059,960 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\VMNetSrv.sys -- (VPCNetS2)
DRV - [2007/10/12 16:04:38 | 000,099,200 | ---- | M] (Novatel Wireless Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\nwusbser2.sys -- (NWUSBPort2)
DRV - [2007/10/12 16:04:38 | 000,099,200 | ---- | M] (Novatel Wireless Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\nwusbser.sys -- (NWUSBPort)
DRV - [2007/10/12 16:04:38 | 000,099,200 | ---- | M] (Novatel Wireless Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\nwusbmdm.sys -- (NWUSBModem)
DRV - [2007/09/28 17:29:00 | 000,103,472 | ---- | M] (Lenovo.) [Kernel | Boot | Running] -- C:\WINDOWS\System32\DRIVERS\Apsx86.sys -- (Shockprf)
DRV - [2007/09/28 17:28:00 | 000,019,504 | ---- | M] (Lenovo.) [Kernel | Boot | Running] -- C:\WINDOWS\System32\DRIVERS\ApsHM86.sys -- (TPDIGIMN)
DRV - [2007/09/06 15:30:24 | 000,194,048 | ---- | M] (Novatel Wireless Inc) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\NWADIenum.sys -- (NWADI)
DRV - [2007/08/09 11:28:50 | 005,765,056 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\igxpmp32.sys -- (ialm)
DRV - [2007/06/21 05:43:26 | 002,208,512 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\NETw4x32.sys -- (NETw4x32) Intel(R)
DRV - [2007/06/08 09:36:44 | 000,081,280 | ---- | M] (Lenovo) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\LenovoRd.sys -- (LenovoRd)
DRV - [2007/05/31 20:01:30 | 000,021,424 | ---- | M] (Lenovo.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ibmpmdrv.sys -- (IBMPMDRV)
DRV - [2007/04/13 14:08:26 | 000,306,176 | ---- | M] (Analog Devices, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ADIHdAud.sys -- (ADIHdAudAddService)
DRV - [2007/04/03 16:17:08 | 000,306,295 | ---- | M] (Cisco Systems, Inc.) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\CVPNDRVA.sys -- (CVPNDRVA)
DRV - [2007/02/12 00:36:54 | 000,277,784 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\WINDOWS\System32\Drivers\iaStor.sys -- (iastor)
DRV - [2007/01/31 13:45:06 | 000,127,376 | ---- | M] (Deterministic Networks, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\dne2000.sys -- (DNE)
DRV - [2007/01/18 14:28:02 | 000,005,275 | ---- | M] (Cisco Systems, Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\CVirtA.sys -- (CVirtA)
DRV - [2006/12/22 12:56:00 | 000,988,800 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\HSF_DPV.sys -- (HSF_DPV)
DRV - [2006/12/22 12:56:00 | 000,209,664 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\HSFHWAZL.sys -- (HSFHWAZL)
DRV - [2006/12/22 12:55:00 | 000,730,112 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\HSF_CNXT.sys -- (winachsf)
DRV - [2006/12/18 17:45:18 | 000,018,560 | ---- | M] (Printing Communications Assoc., Inc. (PCAUSA)) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\PCASp50.sys -- (PCASp50)
DRV - [2006/11/02 08:00:08 | 000,039,368 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\winusb.sys -- (WinUSB)
DRV - [2006/10/23 11:23:28 | 000,017,778 | ---- | M] (IBM Corporation) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\TPHKDRV.sys -- (TPHKDRV)
DRV - [2006/09/28 15:32:14 | 000,009,472 | ---- | M] (June Fabrics Technology) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\pnetmdm.sys -- (pnetmdm)
DRV - [2006/05/26 01:13:00 | 000,004,442 | ---- | M] () [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\TPPWRIF.SYS -- (TPPWRIF)
DRV - [2005/12/08 12:39:22 | 000,028,800 | ---- | M] (UPEK Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\tcusb.sys -- (TcUsb)
DRV - [2005/05/17 11:20:06 | 000,015,872 | ---- | M] (Atmel, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\atmeltpm.sys -- (atmeltpm)
DRV - [2005/01/26 08:22:20 | 000,280,344 | ---- | M] (Zone Labs LLC) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\vsdatant.sys -- (vsdatant)
DRV - [2004/09/29 02:02:00 | 000,016,752 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ctpdusb2.sys -- (Jukebox)
DRV - [2003/09/11 00:36:54 | 000,021,060 | ---- | M] (InterVideo, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\iviaspi.sys -- (Iviaspi)
 
 
[color=#E56717]========== Standard Registry (SafeList) ==========[/color]
 
 
[color=#E56717]========== Internet Explorer ==========[/color]
 
 
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,SearchDefaultBranded = 1
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://corp.gannett.gci/
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = <local>
 
[color=#E56717]========== FireFox ==========[/color]
 
FF - prefs.js..extensions.enabledItems: firebug@software.joehewitt.com:1.5.4
FF - prefs.js..extensions.enabledItems: jqs@sun.com:1.0
FF - prefs.js..network.proxy.http: "87.252.55.26"
FF - prefs.js..network.proxy.http_port: 80
 
FF - HKLM\software\mozilla\Firefox\Extensions\\{B7082FAA-CB62-4872-9106-E42DD88EDE45}: C:\Program Files\McAfee\SiteAdvisor Enterprise\ [2010/07/01 13:41:35 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.8\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2010/09/14 12:14:09 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.8\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2010/09/14 12:14:09 | 000,000,000 | ---D | M]
 
[2009/09/15 20:49:02 | 000,000,000 | ---D | M] -- C:\Documents and Settings\cacarey\Application Data\Mozilla\Extensions
[2010/09/01 08:29:45 | 000,000,000 | ---D | M] -- C:\Documents and Settings\cacarey\Application Data\Mozilla\Firefox\Profiles\nh6r0fgo.default\extensions
[2009/09/15 20:50:11 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Documents and Settings\cacarey\Application Data\Mozilla\Firefox\Profiles\nh6r0fgo.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}
[2010/05/10 10:43:24 | 000,000,000 | ---D | M] -- C:\Documents and Settings\cacarey\Application Data\Mozilla\Firefox\Profiles\nh6r0fgo.default\extensions\firebug@software.joehewitt.com
[2010/09/01 08:29:45 | 000,000,000 | ---D | M] -- C:\Program Files\Mozilla Firefox\extensions
[2010/01/06 20:07:00 | 000,023,864 | ---- | M] (McAfee, Inc.) -- C:\Program Files\Mozilla Firefox\components\Scriptff.dll
 
O1 HOSTS File: ([2010/06/25 12:02:58 | 000,000,734 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1       localhost
O2 - BHO: (Groove GFS Browser Helper) - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll (Microsoft Corporation)
O2 - BHO: (scriptproxy) - {7DB2D5A0-7241-4E79-B68D-6309F01C5231} - C:\Program Files\McAfee\VirusScan Enterprise\scriptsn.dll (McAfee, Inc.)
O2 - BHO: (McAfee SiteAdvisor BHO) - {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - C:\Program Files\McAfee\SiteAdvisor Enterprise\McIEPlg.dll (McAfee, Inc.)
O2 - BHO: (Office Document Cache Handler) - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
O2 - BHO: (Microsoft Web Test Recorder 10.0 Helper) - {DDA57003-0068-4ed2-9D32-4D1EC707D94D} - C:\Program Files\Microsoft Visual Studio 10.0\Common7\IDE\PrivateAssemblies\Microsoft.VisualStudio.QualityTools.RecorderBarBHO100.dll (Microsoft Corporation)
O3 - HKLM\..\Toolbar: (McAfee SiteAdvisor Toolbar) - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - C:\Program Files\McAfee\SiteAdvisor Enterprise\McIEPlg.dll (McAfee, Inc.)
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {D4027C7F-154A-4066-A1AD-4243D8127440} - No CLSID value found.
O4 - HKLM..\Run: [Client Access Check Version] C:\Program Files\IBM\Client Access\cwbckver.exe (IBM Corporation)
O4 - HKLM..\Run: [Client Access Express Welcome] C:\Program Files\IBM\Client Access\cwbwlwiz.exe (IBM Corporation)
O4 - HKLM..\Run: [Client Access Help Update] C:\Program Files\IBM\Client Access\cwbinhlp.exe (IBM Corporation)
O4 - HKLM..\Run: [Client Access PC5250 Sound] C:\Program Files\IBM\Client Access\Emulator\pcssnd.exe (IBM Corporation)
O4 - HKLM..\Run: [Client Access Service] C:\Program Files\IBM\Client Access\cwbsvstr.exe (IBM Corporation)
O4 - HKLM..\Run: [Communicator] C:\Program Files\Microsoft Office Communicator\communicator.exe (Microsoft Corporation)
O4 - HKLM..\Run: [EZEJMNAP] C:\Program Files\ThinkPad\Utilities\EZEJMNAP.EXE (Lenovo Group Ltd.)
O4 - HKLM..\Run: [McAfeeUpdaterUI] C:\Program Files\McAfee\Common Framework\udaterui.exe (McAfee, Inc.)
O4 - HKLM..\Run: [NoDualHome] C:\Program Files\NoDualHome\NoDualHome.vbs ()
O4 - HKLM..\Run: [ShStatEXE] C:\Program Files\McAfee\VirusScan Enterprise\SHSTAT.EXE (McAfee, Inc.)
O4 - HKLM..\Run: [SoundMAXPnP] C:\Program Files\Analog Devices\Core\smax4pnp.exe (Analog Devices, Inc.)
O4 - HKLM..\Run: [TPHOTKEY] C:\Program Files\Lenovo\HOTKEY\TPOSDSVC.exe (Lenovo Group Limited)
O4 - HKLM..\Run: [TpShocks] C:\WINDOWS\System32\TpShocks.exe (Lenovo.)
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Bluetooth.lnk = C:\Program Files\ThinkPad\Bluetooth Software\BTTray.exe (Broadcom Corporation.)
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Microsoft Office Communicator 2007 R2.lnk = C:\WINDOWS\Installer\{0D1CBBB9-F4A8-45B6-95E7-202BA61D7AF4}\Comm.Ico ()
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\VPN Client.lnk = C:\WINDOWS\Installer\{CCBAA1F7-E5E1-48B2-9ED9-A79C6A37CE78}\Icon3E5562ED7.ico ()
O4 - Startup: C:\Documents and Settings\cacarey\Start Menu\Programs\Startup\PdaNet Desktop.lnk = C:\Program Files\PdaNet for Android\PdaNetPC.exe ()
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Infodelivery present
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\New Windows present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoMSAppLogo5ChannelNotify = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoToolbarCustomize = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoBandCustomize = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Infodelivery present
O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Persistence present
O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: Btn_Home = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: Btn_Fullscreen = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: Btn_Tools = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: Btn_Print = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: Btn_Edit = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: Btn_Cut = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: Btn_Copy = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: Btn_Paste = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: Btn_Encoding = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: ForceStartMenuLogOff = 1
O8 - Extra context menu item: E&xport to Microsoft Excel - C:\Program Files\Microsoft Office\Office14\EXCEL.EXE (Microsoft Corporation)
O8 - Extra context menu item: Se&nd to OneNote - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation)
O8 - Extra context menu item: Send to &Bluetooth Device... - C:\Program Files\ThinkPad\Bluetooth Software\btsendto_ie_ctx.htm ()
O8 - Extra context menu item: Send To Bluetooth - C:\Program Files\ThinkPad\Bluetooth Software\btsendto_ie.htm ()
O9 - Extra Button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : Se&nd to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra Button: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll (Microsoft Corporation)
O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\Program Files\Microsoft Office\Office12\REFIEBAR.DLL (Microsoft Corporation)
O9 - Extra Button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\ThinkPad\Bluetooth Software\btsendto_ie.htm ()
O9 - Extra 'Tools' menuitem : @btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\ThinkPad\Bluetooth Software\btsendto_ie.htm ()
O9 - Extra Button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe File not found
O9 - Extra 'Tools' menuitem : Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe File not found
O15 - HKLM\..Trusted Domains: eformrs.com ([]* in Trusted sites)
O15 - HKLM\..Trusted Domains: ent.gci ([as4srv10] * in Local intranet)
O15 - HKLM\..Trusted Domains: gannett.com ([*.access] * in Local intranet)
O15 - HKLM\..Trusted Domains: gannett.gci ([]* in Local intranet)
O15 - HKLM\..Trusted Domains: gannett.gci ([*.ad] * in Local intranet)
O15 - HKLM\..Trusted Domains: midrange.gci ([]* in Local intranet)
O15 - HKLM\..Trusted Domains: riag.com ([]* in Trusted sites)
O15 - HKLM\..Trusted Domains: team.usat ([]* in Local intranet)
O15 - HKLM\..Trusted Domains: usaw.gci ([]* in Local intranet)
O15 - HKLM\..Trusted Domains: web.usat ([]* in Local intranet)
O15 - HKLM\..Trusted Domains: works.com ([payment2] https in Trusted sites)
O15 - HKCU\..Trusted Domains: dev.gci ([gannett] http in Local intranet)
O15 - HKCU\..Trusted Domains: eformrs.com ([]* in Trusted sites)
O15 - HKCU\..Trusted Domains: ent.gci ([as4srv10] * in Local intranet)
O15 - HKCU\..Trusted Domains: gannett.com ([*.access] * in Local intranet)
O15 - HKCU\..Trusted Domains: gannett.com ([ftpusat.usatoday.us.ad] * in Local intranet)
O15 - HKCU\..Trusted Domains: gannett.com ([webadv.usatoday.us.ad] * in Local intranet)
O15 - HKCU\..Trusted Domains: gannett.com ([webapps.usatoday.us.ad] * in Local intranet)
O15 - HKCU\..Trusted Domains: gannett.com ([webcirc.usatoday.us.ad] * in Local intranet)
O15 - HKCU\..Trusted Domains: gannett.com ([webcom.usatoday.us.ad] * in Local intranet)
O15 - HKCU\..Trusted Domains: gannett.com ([webedit.usatoday.us.ad] * in Local intranet)
O15 - HKCU\..Trusted Domains: gannett.com ([webfin.usatoday.us.ad] * in Local intranet)
O15 - HKCU\..Trusted Domains: gannett.com ([webhr.usatoday.us.ad] * in Local intranet)
O15 - HKCU\..Trusted Domains: gannett.com ([webit.usatoday.us.ad] * in Local intranet)
O15 - HKCU\..Trusted Domains: gannett.com ([webmkt.usatoday.us.ad] * in Local intranet)
O15 - HKCU\..Trusted Domains: gannett.com ([webprod.usatoday.us.ad] * in Local intranet)
O15 - HKCU\..Trusted Domains: gannett.com ([webusat.usatoday.us.ad] * in Local intranet)
O15 - HKCU\..Trusted Domains: gannett.gci ([]* in Local intranet)
O15 - HKCU\..Trusted Domains: gannett.gci ([*.ad] * in Local intranet)
O15 - HKCU\..Trusted Domains: gannett.gci ([corp] * in Local intranet)
O15 - HKCU\..Trusted Domains: gannett.gci ([servicedesk] * in Local intranet)
O15 - HKCU\..Trusted Domains: midrange.gci ([]* in Local intranet)
O15 - HKCU\..Trusted Domains: riag.com ([]* in Trusted sites)
O15 - HKCU\..Trusted Domains: team.usat ([]* in Local intranet)
O15 - HKCU\..Trusted Domains: usaw.gci ([]* in Local intranet)
O15 - HKCU\..Trusted Domains: web.usat ([]* in Local intranet)
O15 - HKCU\..Trusted Domains: works.com ([payment2] https in Trusted sites)
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} http://www.update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1260371813271 (WUWebControl Class)
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} http://www.update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1275059777895 (MUWebControl Class)
O16 - DPF: {82774781-8F4E-11D1-AB1C-0000F8773BF0} https://transfers.ds.microsoft.com/FTM/TransferSource/grTransferCtrl.cab (DLC Class)
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab (Reg Error: Key error.)
O16 - DPF: {F27237D7-93C8-44C2-AC6E-D6057B9A918F} https://access.gannett.gci/dana-cached/sc/JuniperSetupClient.cab (JuniperSetupClientControl Class)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1 71.252.0.12
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: Domain = us.ad.gannett.com
O18 - Protocol\Handler\dssrequest {5513F07E-936B-4E52-9B00-067394E91CC5} - C:\Program Files\McAfee\SiteAdvisor Enterprise\McIEPlg.dll (McAfee, Inc.)
O18 - Protocol\Handler\grooveLocalGWS {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll (Microsoft Corporation)
O18 - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - c:\Program Files\Common Files\Microsoft Shared\Help\hxds.dll (Microsoft Corporation)
O18 - Protocol\Handler\sacore {5513F07E-936B-4E52-9B00-067394E91CC5} - C:\Program Files\McAfee\SiteAdvisor Enterprise\McIEPlg.dll (McAfee, Inc.)
O18 - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\Microsoft Shared\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - Winlogon\Notify\igfxcui: DllName - igfxdev.dll - C:\WINDOWS\System32\igfxdev.dll (Intel Corporation)
O20 - Winlogon\Notify\tpfnf2: DllName - C:\Program Files\Lenovo\HOTKEY\notifyf2.dll - C:\Program Files\Lenovo\HOTKEY\notifyf2.dll ()
O20 - Winlogon\Notify\tphotkey: DllName - C:\Program Files\Lenovo\HOTKEY\tphklock.dll - C:\Program Files\Lenovo\HOTKEY\tphklock.dll ()
O24 - Desktop WallPaper: C:\Documents and Settings\cacarey\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O24 - Desktop BackupWallPaper: C:\Documents and Settings\cacarey\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O28 - HKLM ShellExecuteHooks: {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll (Microsoft Corporation)
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2007/12/20 12:56:55 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *) -  File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
 
NetSvcs: 6to4 -  File not found
NetSvcs: Ias -  File not found
NetSvcs: Iprip -  File not found
NetSvcs: Irmon -  File not found
NetSvcs: NWCWorkstation -  File not found
NetSvcs: Nwsapagent -  File not found
NetSvcs: WmdmPmSp -  File not found
 
Drivers32: msacm.iac2 - C:\WINDOWS\system32\iac25_32.ax (Intel Corporation)
Drivers32: msacm.l3acm - C:\WINDOWS\system32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: msacm.sl_anet - C:\WINDOWS\System32\sl_anet.acm (Sipro Lab Telecom Inc.)
Drivers32: msacm.trspch - C:\WINDOWS\System32\tssoft32.acm (DSP GROUP, INC.)
Drivers32: vidc.cvid - C:\WINDOWS\System32\iccvid.dll (Radius Inc.)
Drivers32: VIDC.FPS1 - C:\WINDOWS\System32\frapsvid.dll (Beepa P/L)
Drivers32: vidc.iv31 - C:\WINDOWS\System32\ir32_32.dll ()
Drivers32: vidc.iv32 - C:\WINDOWS\System32\ir32_32.dll ()
Drivers32: vidc.iv41 - C:\WINDOWS\System32\ir41_32.ax ()
Drivers32: vidc.iv50 - C:\WINDOWS\System32\ir50_32.dll ()
Unable to start service SrService!
 
[color=#E56717]========== Files/Folders - Created Within 90 Days ==========[/color]
 
[2010/09/15 20:53:25 | 000,575,488 | ---- | C] (OldTimer Tools) -- C:\OTL.exe
[2010/09/15 17:17:04 | 000,000,000 | -HSD | C] -- C:\Config.Msi
[2010/09/15 17:10:55 | 000,064,288 | ---- | C] (Lavasoft AB) -- C:\WINDOWS\System32\drivers\Lbd.sys
[2010/09/15 17:10:52 | 000,095,024 | ---- | C] (Sunbelt Software) -- C:\WINDOWS\System32\drivers\SBREDrv.sys
[2010/09/15 17:07:48 | 000,000,000 | ---D | C] -- C:\Documents and Settings\cacarey\Local Settings\Application Data\Sunbelt Software
[2010/09/15 17:06:05 | 000,000,000 | -H-D | C] -- C:\Documents and Settings\All Users\Application Data\{ECC164E0-3133-4C70-A831-F08DB2940F70}
[2010/09/15 17:05:28 | 000,000,000 | ---D | C] -- C:\Program Files\Lavasoft
[2010/09/15 17:05:28 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Lavasoft
[2010/09/15 16:39:37 | 000,446,464 | ---- | C] (OldTimer Tools) -- C:\TFC.exe
[2010/09/15 16:15:15 | 000,157,712 | ---- | C] (Trend Micro Inc.) -- C:\WINDOWS\System32\drivers\tmcomm.sys
[2010/09/08 12:44:45 | 000,000,000 | ---D | C] -- C:\Documents and Settings\cacarey\Application Data\.minecraft
[2010/09/03 09:52:44 | 000,000,000 | ---D | C] -- C:\Article_Source
[2010/09/01 11:17:35 | 000,000,000 | ---D | C] -- C:\Documents and Settings\cacarey\Application Data\Malwarebytes
[2010/09/01 11:17:17 | 000,038,224 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbamswissarmy.sys
[2010/09/01 11:17:14 | 000,020,952 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbam.sys
[2010/09/01 11:17:14 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Malwarebytes
[2010/09/01 11:17:13 | 000,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware
[2010/09/01 11:16:49 | 006,153,352 | ---- | C] (Malwarebytes Corporation                                    ) -- C:\Documents and Settings\cacarey\Desktop\mbam-setup-1.46.exe
[2010/08/30 10:51:51 | 000,000,000 | ---D | C] -- C:\German ww2
[2010/08/27 10:32:51 | 000,000,000 | ---D | C] -- C:\Documents and Settings\cacarey\WINDOWS
[2010/08/27 10:29:03 | 000,000,000 | ---D | C] -- C:\winds
[2010/08/23 14:20:58 | 000,000,000 | ---D | C] -- C:\Documents and Settings\cacarey\My Documents\Altova
[2010/08/23 14:18:02 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Altova
[2010/08/09 08:25:53 | 000,000,000 | ---D | C] -- C:\Julian Casablancas - Phrazes for the Young (2009) (MP3-V0)
[2010/08/09 08:21:15 | 000,000,000 | ---D | C] -- C:\Program Files\PdaNet for Android
[2010/08/09 08:20:37 | 003,721,248 | ---- | C] (June Fabrics Technology Inc.                                ) -- C:\PdaNetA242.exe
[2010/08/06 07:58:15 | 000,000,000 | ---D | C] -- C:\fileuploadajax-52373
[2010/08/05 09:52:49 | 000,000,000 | ---D | C] -- C:\fileuploadajax-v1-2
[2010/08/02 08:18:34 | 000,000,000 | ---D | C] -- C:\mojoportal-2-3-4-8-mysqldatalayer-GPL
[2010/08/02 07:55:09 | 000,000,000 | ---D | C] -- C:\mojo
[2010/07/28 14:26:55 | 000,000,000 | ---D | C] -- C:\Documents and Settings\cacarey\Local Settings\Application Data\Red Gate
[2010/07/28 14:19:50 | 000,000,000 | ---D | C] -- C:\reflect
[2010/07/27 13:00:19 | 000,000,000 | ---D | C] -- C:\eee
[2010/07/27 08:15:41 | 000,000,000 | ---D | C] -- C:\Documents and Settings\cacarey\Local Settings\Application Data\Apps
[2010/07/23 11:38:19 | 000,000,000 | ---D | C] -- C:\Documents and Settings\cacarey\Application Data\.purple
[2010/07/15 09:50:26 | 000,050,176 | ---- | C] (USA TODAY) -- C:\BaswareOrderMod-WinForm.exe
[2010/07/14 10:48:49 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\DESIGNER
[2010/07/14 10:47:50 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Microsoft
[2010/07/02 07:40:57 | 000,000,000 | ---D | C] -- C:\R116840
[2010/07/01 14:38:56 | 000,000,000 | ---D | C] -- C:\Documents and Settings\cacarey\Application Data\McAfee
[2010/06/28 08:18:59 | 000,000,000 | ---D | C] -- C:\other
[2010/06/25 12:01:15 | 000,398,704 | ---- | C] (Juniper Networks) -- C:\WINDOWS\System32\dsNcSmartCardProv.dll
[2010/06/25 12:01:15 | 000,345,456 | ---- | C] (Juniper Networks) -- C:\WINDOWS\System32\dsNcCredProv.dll
[2010/06/25 12:00:40 | 000,000,000 | ---D | C] -- C:\Program Files\Juniper Networks
[2010/06/17 21:27:41 | 000,000,000 | ---D | C] -- C:\Documents and Settings\cacarey\Local Settings\Application Data\assembly
 
[color=#E56717]========== Files - Modified Within 90 Days ==========[/color]
 
[2010/09/15 21:00:00 | 000,000,408 | -H-- | M] () -- C:\WINDOWS\tasks\User_Feed_Synchronization-{D667889C-ADA0-46D8-8A01-19D3C53D452A}.job
[2010/09/15 21:00:00 | 000,000,390 | -H-- | M] () -- C:\WINDOWS\tasks\User_Feed_Synchronization-{BB8D2929-C187-4959-8109-284A9037EB64}.job
[2010/09/15 20:54:58 | 000,000,454 | ---- | M] () -- C:\WINDOWS\SMSCFG.ini
[2010/09/15 20:53:43 | 000,000,472 | ---- | M] () -- C:\WINDOWS\tasks\Ad-Aware Update (Weekly).job
[2010/09/15 20:53:37 | 000,575,488 | ---- | M] (OldTimer Tools) -- C:\OTL.exe
[2010/09/15 20:51:05 | 000,002,447 | ---- | M] () -- C:\Documents and Settings\All Users\Start Menu\Programs\Startup\VPN Client.lnk
[2010/09/15 20:51:03 | 000,002,465 | ---- | M] () -- C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Microsoft Office Communicator 2007 R2.lnk
[2010/09/15 20:50:41 | 000,002,206 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2010/09/15 20:50:41 | 000,000,236 | ---- | M] () -- C:\WINDOWS\tasks\OGALogon.job
[2010/09/15 20:50:23 | 000,000,006 | -H-- | M] () -- C:\WINDOWS\tasks\SA.DAT
[2010/09/15 20:50:21 | 000,002,048 | ---- | M] () -- C:\WINDOWS\bootstat.dat
[2010/09/15 20:23:00 | 000,000,316 | ---- | M] () -- C:\WINDOWS\tasks\PMTask.job
[2010/09/15 18:53:59 | 012,582,912 | ---- | M] () -- C:\Documents and Settings\cacarey\NTUSER.DAT
[2010/09/15 18:46:09 | 000,284,915 | ---- | M] () -- C:\gmer.zip
[2010/09/15 18:24:05 | 000,000,986 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-721170245-949946735-1205285143-3603834UA.job
[2010/09/15 17:38:55 | 000,002,451 | ---- | M] () -- C:\Documents and Settings\cacarey\Application Data\Microsoft\Internet Explorer\Quick Launch\VPN Client.lnk
[2010/09/15 17:10:51 | 000,095,024 | ---- | M] (Sunbelt Software) -- C:\WINDOWS\System32\drivers\SBREDrv.sys
[2010/09/15 17:06:03 | 000,000,885 | ---- | M] () -- C:\Documents and Settings\cacarey\Application Data\Microsoft\Internet Explorer\Quick Launch\Ad-Aware.lnk
[2010/09/15 17:06:02 | 000,000,867 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Ad-Aware.lnk
[2010/09/15 17:03:39 | 000,001,772 | -H-- | M] () -- C:\Documents and Settings\cacarey\My Documents\Default.rdp
[2010/09/15 16:41:35 | 000,000,278 | -HS- | M] () -- C:\Documents and Settings\cacarey\ntuser.ini
[2010/09/15 16:39:47 | 000,446,464 | ---- | M] (OldTimer Tools) -- C:\TFC.exe
[2010/09/15 16:19:38 | 000,001,374 | ---- | M] () -- C:\WINDOWS\imsins.BAK
[2010/09/15 16:12:15 | 000,000,036 | ---- | M] () -- C:\Documents and Settings\cacarey\Local Settings\Application Data\housecall.guid.cache
[2010/09/15 08:24:00 | 000,000,934 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-721170245-949946735-1205285143-3603834Core.job
[2010/09/13 11:57:47 | 000,002,205 | ---- | M] () -- C:\Documents and Settings\cacarey\Application Data\Microsoft\Internet Explorer\Quick Launch\Apple Safari.lnk
[2010/09/13 09:13:09 | 000,041,672 | RHS- | M] () -- C:\Documents and Settings\All Users\ntuser.pol
[2010/09/13 09:08:27 | 000,006,948 | RHS- | M] () -- C:\Documents and Settings\cacarey\ntuser.pol
[2010/09/10 07:25:16 | 000,002,300 | ---- | M] () -- C:\Documents and Settings\cacarey\Desktop\Google Chrome.lnk
[2010/09/10 07:25:16 | 000,002,278 | ---- | M] () -- C:\Documents and Settings\cacarey\Application Data\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk
[2010/09/09 16:30:25 | 000,095,958 | ---- | M] () -- C:\clip2.jpg
[2010/09/09 16:26:04 | 001,055,636 | ---- | M] () -- C:\IMAG0113.jpg
[2010/09/09 16:24:48 | 001,312,161 | ---- | M] () -- C:\P1030171.jpg
[2010/09/09 13:39:47 | 000,010,369 | ---- | M] () -- C:\GAN108_20100908104450.xml
[2010/09/09 13:06:17 | 000,000,000 | ---- | M] () -- C:\IMAG0115.jpg
[2010/09/08 15:10:04 | 000,013,004 | ---- | M] () -- C:\Tama-chan-pictures.jpg
[2010/09/08 15:08:03 | 000,000,654 | ---- | M] () -- C:\WINDOWS\win.ini
[2010/09/03 09:52:28 | 000,507,765 | ---- | M] () -- C:\Article_Source.zip
[2010/09/02 13:59:09 | 001,363,177 | ---- | M] () -- C:\IMAG0105.jpg
[2010/09/01 11:40:46 | 001,273,856 | ---- | M] () -- C:\Documents and Settings\cacarey\My Documents\Database21.mdb
[2010/09/01 11:34:38 | 001,376,256 | ---- | M] () -- C:\Documents and Settings\cacarey\My Documents\Database21.accdb
[2010/09/01 11:34:18 | 001,585,152 | ---- | M] () -- C:\Documents and Settings\cacarey\My Documents\Database2.accdb
[2010/09/01 11:17:20 | 000,000,696 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Malwarebytes' Anti-Malware.lnk
[2010/08/31 09:57:21 | 000,001,865 | ---- | M] () -- C:\exportDump.csv
[2010/08/30 13:22:39 | 000,002,190 | ---- | M] () -- C:\germanStuff.html
[2010/08/30 07:36:54 | 000,022,016 | ---- | M] () -- C:\German Gear.xls
[2010/08/25 14:07:38 | 000,005,729 | ---- | M] () -- C:\brakefix.JPG
[2010/08/25 13:43:11 | 000,277,352 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2010/08/24 12:53:59 | 000,197,060 | ---- | M] () -- C:\MR2 spoiler11.JPG
[2010/08/24 12:53:55 | 000,097,888 | ---- | M] () -- C:\Ctrim3.JPG
[2010/08/24 12:53:52 | 000,093,089 | ---- | M] () -- C:\Ctrim2.JPG
[2010/08/24 12:53:47 | 000,092,769 | ---- | M] () -- C:\Ctrim1.JPG
[2010/08/24 12:07:05 | 000,721,650 | ---- | M] () -- C:\WINDOWS\System32\PerfStringBackup.INI
[2010/08/24 12:07:05 | 000,601,468 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
[2010/08/24 12:07:05 | 000,124,740 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
[2010/08/23 14:56:16 | 000,014,854 | ---- | M] () -- C:\xmlt.xml
[2010/08/23 14:21:41 | 000,011,560 | ---- | M] () -- C:\test.xsd
[2010/08/23 14:12:15 | 000,009,092 | ---- | M] () -- C:\test.xml
[2010/08/23 10:03:42 | 000,001,634 | ---- | M] () -- C:\js.zip
[2010/08/12 09:35:00 | 000,017,442 | ---- | M] () -- C:\115623.jpg
[2010/08/12 09:12:03 | 000,166,802 | ---- | M] () -- C:\1985electrical.pdf
[2010/08/12 08:15:20 | 000,064,288 | ---- | M] (Lavasoft AB) -- C:\WINDOWS\System32\drivers\Lbd.sys
[2010/08/11 08:02:10 | 000,021,477 | ---- | M] () -- C:\Toyota-Wiring.pdf
[2010/08/10 08:08:11 | 001,027,036 | ---- | M] () -- C:\Bar Code System Instructions.pdf
[2010/08/10 08:07:57 | 000,021,395 | ---- | M] () -- C:\All Vehicle Index Bar Codes.pdf
[2010/08/10 08:07:49 | 000,021,679 | ---- | M] () -- C:\All Smallbore Vehicle Index Bar Codes.pdf
[2010/08/09 09:43:42 | 000,006,404 | ---- | M] () -- C:\Documents and Settings\cacarey\Desktop\SharePodSettings.xml
[2010/08/09 08:24:03 | 000,000,692 | ---- | M] () -- C:\Documents and Settings\cacarey\Start Menu\Programs\Startup\PdaNet Desktop.lnk
[2010/08/09 08:20:49 | 003,721,248 | ---- | M] (June Fabrics Technology Inc.                                ) -- C:\PdaNetA242.exe
[2010/08/06 08:06:04 | 002,165,761 | ---- | M] () -- C:\NeatUpload-1.3.25.zip
[2010/08/06 07:57:46 | 000,030,316 | ---- | M] () -- C:\fileuploadajax-52373.zip
[2010/08/05 09:52:39 | 000,014,512 | ---- | M] () -- C:\fileuploadajax-v1-2.zip
[2010/08/02 09:14:51 | 002,419,037 | ---- | M] () -- C:\phpBB-3.0.7-PL1.zip
[2010/07/29 12:47:59 | 000,000,279 | ---- | M] () -- C:\Shortcut to Local Disk (C).lnk
[2010/07/28 14:19:25 | 002,186,543 | ---- | M] () -- C:\reflector.zip
[2010/07/27 14:57:22 | 003,946,460 | ---- | M] () -- C:\e4772_1005HA_Linux_web.zip
[2010/07/27 13:53:15 | 001,126,304 | ---- | M] () -- C:\IMAG0040.jpg
[2010/07/27 08:15:41 | 000,002,539 | ---- | M] () -- C:\Documents and Settings\cacarey\Desktop\Windows 7 USB DVD Download Tool.lnk
[2010/07/23 11:36:39 | 009,376,815 | ---- | M] () -- C:\pidgin-2.7.2.exe
[2010/07/22 09:24:15 | 000,141,977 | ---- | M] () -- C:\Cash_Sale_23917_from_Hawkle.pdf
[2010/07/19 09:49:19 | 000,011,154 | ---- | M] () -- C:\160931.gif
[2010/07/15 09:49:38 | 000,050,176 | ---- | M] (USA TODAY) -- C:\BaswareOrderMod-WinForm.exe
[2010/07/14 11:07:31 | 000,000,790 | ---- | M] () -- C:\Documents and Settings\cacarey\Application Data\Microsoft\Internet Explorer\Quick Launch\Microsoft Outlook.lnk
[2010/07/14 09:40:43 | 000,172,661 | ---- | M] () -- C:\Documents and Settings\cacarey\Local Settings\Application Data\debuggee.mdmp
[2010/07/12 11:14:34 | 000,514,166 | ---- | M] () -- C:\June2010.csv
[2010/07/09 09:56:03 | 000,002,721 | ---- | M] () -- C:\040512 (1).zip
[2010/07/09 09:55:58 | 000,002,721 | ---- | M] () -- C:\040512.zip
[2010/07/08 15:42:43 | 000,037,685 | ---- | M] () -- C:\admin_order.zip
[2010/07/08 12:19:14 | 000,050,176 | ---- | M] () -- C:\Documents and Settings\cacarey\My Documents\Basware config and jobs.doc
[2010/07/06 10:00:37 | 000,057,811 | ---- | M] () -- C:\WSUploaderService_Src.zip
[2010/07/02 08:43:27 | 000,155,960 | ---- | M] () -- C:\image001.png
[2010/07/02 07:44:49 | 000,008,621 | ---- | M] () -- C:\R138611.zip
[2010/07/02 07:40:16 | 000,009,337 | ---- | M] () -- C:\R116840.zip
[2010/07/01 12:38:05 | 006,616,897 | ---- | M] (McAfee, Inc.) -- C:\WINDOWS\FramePkg.exe
[2010/06/30 09:10:41 | 000,147,836 | ---- | M] () -- C:\photo.jpg
[2010/06/30 07:24:17 | 000,033,656 | ---- | M] () -- C:\exhaust.GIF
[2010/06/29 09:03:25 | 000,491,506 | ---- | M] () -- C:\Picture 050.jpg
[2010/06/29 09:03:08 | 000,557,040 | ---- | M] () -- C:\Picture 049.jpg
[2010/06/26 21:23:03 | 000,077,737 | ---- | M] () -- C:\mr2.jpg
[2010/06/25 11:25:05 | 000,010,097 | ---- | M] () -- C:\Clipboard01.gif
[2010/06/25 08:22:46 | 000,022,518 | ---- | M] () -- C:\0521001123 (1).jpg
 
[color=#E56717]========== Files Created - No Company Name ==========[/color]
 
[2010/09/15 18:46:06 | 000,284,915 | ---- | C] () -- C:\gmer.zip
[2010/09/15 17:13:01 | 000,000,472 | ---- | C] () -- C:\WINDOWS\tasks\Ad-Aware Update (Weekly).job
[2010/09/15 17:06:03 | 000,000,885 | ---- | C] () -- C:\Documents and Settings\cacarey\Application Data\Microsoft\Internet Explorer\Quick Launch\Ad-Aware.lnk
[2010/09/15 17:06:02 | 000,000,867 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Ad-Aware.lnk
[2010/09/15 16:12:15 | 000,000,036 | ---- | C] () -- C:\Documents and Settings\cacarey\Local Settings\Application Data\housecall.guid.cache
[2010/09/09 16:30:25 | 000,095,958 | ---- | C] () -- C:\clip2.jpg
[2010/09/09 16:26:04 | 001,055,636 | ---- | C] () -- C:\IMAG0113.jpg
[2010/09/09 16:24:48 | 001,312,161 | ---- | C] () -- C:\P1030171.jpg
[2010/09/09 13:28:55 | 000,010,369 | ---- | C] () -- C:\GAN108_20100908104450.xml
[2010/09/09 13:06:17 | 000,000,000 | ---- | C] () -- C:\IMAG0115.jpg
[2010/09/08 15:10:04 | 000,013,004 | ---- | C] () -- C:\Tama-chan-pictures.jpg
[2010/09/03 09:52:28 | 000,507,765 | ---- | C] () -- C:\Article_Source.zip
[2010/09/02 13:59:09 | 001,363,177 | ---- | C] () -- C:\IMAG0105.jpg
[2010/09/01 11:34:37 | 001,273,856 | ---- | C] () -- C:\Documents and Settings\cacarey\My Documents\Database21.mdb
[2010/09/01 11:34:18 | 001,376,256 | ---- | C] () -- C:\Documents and Settings\cacarey\My Documents\Database21.accdb
[2010/09/01 11:30:14 | 001,585,152 | ---- | C] () -- C:\Documents and Settings\cacarey\My Documents\Database2.accdb
[2010/09/01 11:17:20 | 000,000,696 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Malwarebytes' Anti-Malware.lnk
[2010/08/30 13:02:01 | 000,002,190 | ---- | C] () -- C:\germanStuff.html
[2010/08/30 07:36:53 | 000,022,016 | ---- | C] () -- C:\German Gear.xls
[2010/08/25 14:07:37 | 000,005,729 | ---- | C] () -- C:\brakefix.JPG
[2010/08/25 09:15:34 | 000,001,865 | ---- | C] () -- C:\exportDump.csv
[2010/08/24 12:53:59 | 000,197,060 | ---- | C] () -- C:\MR2 spoiler11.JPG
[2010/08/24 12:53:55 | 000,097,888 | ---- | C] () -- C:\Ctrim3.JPG
[2010/08/24 12:53:52 | 000,093,089 | ---- | C] () -- C:\Ctrim2.JPG
[2010/08/24 12:53:47 | 000,092,769 | ---- | C] () -- C:\Ctrim1.JPG
[2010/08/23 14:55:09 | 000,014,854 | ---- | C] () -- C:\xmlt.xml
[2010/08/23 14:21:41 | 000,011,560 | ---- | C] () -- C:\test.xsd
[2010/08/23 10:03:42 | 000,001,634 | ---- | C] () -- C:\js.zip
[2010/08/12 09:35:00 | 000,017,442 | ---- | C] () -- C:\115623.jpg
[2010/08/12 09:12:03 | 000,166,802 | ---- | C] () -- C:\1985electrical.pdf
[2010/08/11 08:02:10 | 000,021,477 | ---- | C] () -- C:\Toyota-Wiring.pdf
[2010/08/10 08:08:11 | 001,027,036 | ---- | C] () -- C:\Bar Code System Instructions.pdf
[2010/08/10 08:07:57 | 000,021,395 | ---- | C] () -- C:\All Vehicle Index Bar Codes.pdf
[2010/08/10 08:07:53 | 000,021,679 | ---- | C] () -- C:\All Smallbore Vehicle Index Bar Codes.pdf
[2010/08/09 08:24:03 | 000,000,692 | ---- | C] () -- C:\Documents and Settings\cacarey\Start Menu\Programs\Startup\PdaNet Desktop.lnk
[2010/08/06 08:06:02 | 002,165,761 | ---- | C] () -- C:\NeatUpload-1.3.25.zip
[2010/08/06 07:57:46 | 000,030,316 | ---- | C] () -- C:\fileuploadajax-52373.zip
[2010/08/05 09:52:39 | 000,014,512 | ---- | C] () -- C:\fileuploadajax-v1-2.zip
[2010/08/02 09:14:51 | 002,419,037 | ---- | C] () -- C:\phpBB-3.0.7-PL1.zip
[2010/07/29 12:47:59 | 000,000,279 | ---- | C] () -- C:\Shortcut to Local Disk (C).lnk
[2010/07/28 14:19:25 | 002,186,543 | ---- | C] () -- C:\reflector.zip
[2010/07/27 14:57:17 | 003,946,460 | ---- | C] () -- C:\e4772_1005HA_Linux_web.zip
[2010/07/27 13:53:15 | 001,126,304 | ---- | C] () -- C:\IMAG0040.jpg
[2010/07/27 08:15:41 | 000,002,539 | ---- | C] () -- C:\Documents and Settings\cacarey\Desktop\Windows 7 USB DVD Download Tool.lnk
[2010/07/23 11:36:30 | 009,376,815 | ---- | C] () -- C:\pidgin-2.7.2.exe
[2010/07/22 09:24:15 | 000,141,977 | ---- | C] () -- C:\Cash_Sale_23917_from_Hawkle.pdf
[2010/07/19 09:49:19 | 000,011,154 | ---- | C] () -- C:\160931.gif
[2010/07/14 11:07:31 | 000,000,790 | ---- | C] () -- C:\Documents and Settings\cacarey\Application Data\Microsoft\Internet Explorer\Quick Launch\Microsoft Outlook.lnk
[2010/07/14 09:40:42 | 000,172,661 | ---- | C] () -- C:\Documents and Settings\cacarey\Local Settings\Application Data\debuggee.mdmp
[2010/07/12 11:14:30 | 000,514,166 | ---- | C] () -- C:\June2010.csv
[2010/07/09 09:56:03 | 000,002,721 | ---- | C] () -- C:\040512 (1).zip
[2010/07/09 09:55:58 | 000,002,721 | ---- | C] () -- C:\040512.zip
[2010/07/08 15:42:43 | 000,037,685 | ---- | C] () -- C:\admin_order.zip
[2010/07/06 10:00:37 | 000,057,811 | ---- | C] () -- C:\WSUploaderService_Src.zip
[2010/07/02 08:43:27 | 000,155,960 | ---- | C] () -- C:\image001.png
[2010/07/02 07:44:49 | 000,008,621 | ---- | C] () -- C:\R138611.zip
[2010/07/02 07:40:16 | 000,009,337 | ---- | C] () -- C:\R116840.zip
[2010/06/30 09:10:41 | 000,147,836 | ---- | C] () -- C:\photo.jpg
[2010/06/30 07:24:16 | 000,033,656 | ---- | C] () -- C:\exhaust.GIF
[2010/06/29 10:33:10 | 000,133,316 | ---- | C] () -- C:\julib.pdf
[2010/06/29 09:03:25 | 000,491,506 | ---- | C] () -- C:\Picture 050.jpg
[2010/06/29 09:03:08 | 000,557,040 | ---- | C] () -- C:\Picture 049.jpg
[2010/06/28 09:29:56 | 000,157,908 | ---- | C] () -- C:\test.jpg
[2010/06/26 21:23:03 | 000,077,737 | ---- | C] () -- C:\mr2.jpg
[2010/06/25 11:25:05 | 000,010,097 | ---- | C] () -- C:\Clipboard01.gif
[2010/06/25 08:22:46 | 000,022,518 | ---- | C] () -- C:\0521001123 (1).jpg
[2010/05/10 07:18:58 | 000,021,791 | ---- | C] () -- C:\WINDOWS\System32\smtpctrs.ini
[2010/05/10 07:18:58 | 000,001,037 | ---- | C] () -- C:\WINDOWS\System32\ntfsdrct.ini
[2010/05/10 07:18:04 | 000,038,576 | ---- | C] () -- C:\WINDOWS\System32\w3ctrs.ini
[2010/05/10 07:18:04 | 000,010,225 | ---- | C] () -- C:\WINDOWS\System32\axperf.ini
[2010/05/10 07:18:03 | 000,011,435 | ---- | C] () -- C:\WINDOWS\System32\infoctrs.ini
[2010/04/22 11:54:16 | 000,000,251 | ---- | C] () -- C:\WINDOWS\System32\drivers\hlldrvr.sys
[2010/03/01 21:11:51 | 000,752,631 | ---- | C] () -- C:\Documents and Settings\LocalService\Local Settings\Application Data\WPFFontCache_v0400-S-1-5-21-721170245-949946735-1205285143-3603834-0.dat
[2010/03/01 21:11:49 | 000,299,678 | ---- | C] () -- C:\Documents and Settings\LocalService\Local Settings\Application Data\WPFFontCache_v0400-System.dat
[2010/02/18 13:17:07 | 000,004,764 | ---- | C] () -- C:\WINDOWS\System32\CcmFramework.ini
[2010/02/12 10:45:23 | 000,172,032 | ---- | C] () -- C:\WINDOWS\System32\cwbrw.dll
[2010/02/12 10:45:23 | 000,020,480 | ---- | C] () -- C:\WINDOWS\System32\cwbwiz.dll
[2010/02/12 10:45:23 | 000,016,384 | ---- | C] () -- C:\WINDOWS\System32\cwbad.dll
[2010/02/12 10:45:22 | 000,024,576 | ---- | C] () -- C:\WINDOWS\System32\cwbsv.dll
[2010/02/12 10:45:22 | 000,020,480 | ---- | C] () -- C:\WINDOWS\System32\cwbsy.dll
[2010/02/12 10:45:22 | 000,020,480 | ---- | C] () -- C:\WINDOWS\System32\cwbnl.dll
[2010/02/12 10:45:22 | 000,020,480 | ---- | C] () -- C:\WINDOWS\System32\cwbco.dll
[2010/02/12 10:45:22 | 000,016,384 | ---- | C] () -- C:\WINDOWS\System32\cwbnldlg.dll
[2009/12/11 10:38:19 | 000,098,304 | ---- | C] () -- C:\WINDOWS\System32\PdeSrv2p.dll
[2009/11/25 09:12:53 | 000,000,095 | ---- | C] () -- C:\WINDOWS\winamp.ini
[2009/11/25 09:12:51 | 000,088,064 | ---- | C] () -- C:\WINDOWS\System32\AudioExCtl.dll
[2009/09/01 14:30:04 | 000,007,168 | ---- | C] () -- C:\Documents and Settings\cacarey\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2009/09/01 08:10:19 | 000,721,904 | ---- | C] () -- C:\WINDOWS\System32\drivers\sptd.sys
[2009/08/31 17:01:42 | 000,000,280 | ---- | C] () -- C:\WINDOWS\System32\epoPGPsdk.dll.sig
[2009/08/03 15:07:42 | 000,403,816 | ---- | C] () -- C:\WINDOWS\System32\OGACheckControl.dll
[2009/02/09 17:48:24 | 002,854,976 | ---- | C] () -- C:\WINDOWS\System32\btwicons.dll
[2008/11/05 19:19:39 | 000,004,442 | ---- | C] () -- C:\WINDOWS\System32\drivers\TPPWRIF.SYS
[2008/11/05 19:11:17 | 001,019,904 | ---- | C] () -- C:\WINDOWS\System32\nvwimg.dll
[2008/11/05 19:11:16 | 001,703,936 | ---- | C] () -- C:\WINDOWS\System32\nvwdmcpl.dll
[2008/11/05 19:11:13 | 000,466,944 | ---- | C] () -- C:\WINDOWS\System32\nvshell.dll
[2008/11/05 19:11:03 | 001,478,656 | ---- | C] () -- C:\WINDOWS\System32\nview.dll
[2008/11/05 19:10:02 | 000,200,192 | ---- | C] () -- C:\WINDOWS\System32\ir50_qc.dll
[2008/11/05 19:10:02 | 000,183,808 | ---- | C] () -- C:\WINDOWS\System32\ir50_qcx.dll
[2008/11/05 19:10:01 | 000,755,200 | ---- | C] () -- C:\WINDOWS\System32\ir50_32.dll
[2008/11/05 19:10:01 | 000,338,432 | ---- | C] () -- C:\WINDOWS\System32\ir41_qcx.dll
[2008/11/05 19:10:01 | 000,120,320 | ---- | C] () -- C:\WINDOWS\System32\ir41_qc.dll
[2008/11/05 19:09:53 | 000,910,464 | ---- | C] () -- C:\WINDOWS\System32\igmedkrn.dll
[2008/11/05 19:09:48 | 000,204,800 | ---- | C] () -- C:\WINDOWS\System32\igfxCoIn_v4860.dll
[2008/11/05 19:08:52 | 000,204,800 | ---- | C] () -- C:\WINDOWS\System32\IVIresizeW7.dll
[2008/11/05 19:08:52 | 000,188,416 | ---- | C] () -- C:\WINDOWS\System32\IVIresizePX.dll
[2008/11/05 19:08:51 | 000,200,704 | ---- | C] () -- C:\WINDOWS\System32\IVIresizeA6.dll
[2008/11/05 19:08:51 | 000,192,512 | ---- | C] () -- C:\WINDOWS\System32\IVIresizeP6.dll
[2008/11/05 19:08:51 | 000,192,512 | ---- | C] () -- C:\WINDOWS\System32\IVIresizeM6.dll
[2008/11/05 19:08:51 | 000,020,480 | ---- | C] () -- C:\WINDOWS\System32\IVIresize.dll
[2008/11/05 18:42:52 | 000,001,395 | ---- | C] () -- C:\WINDOWS\ODBC.INI
[2008/11/05 18:42:52 | 000,000,454 | ---- | C] () -- C:\WINDOWS\SMSCFG.ini
[2007/04/03 16:18:26 | 000,197,672 | ---- | C] () -- C:\WINDOWS\System32\vpnapi.dll
[2007/04/03 16:18:06 | 000,193,576 | ---- | C] () -- C:\WINDOWS\System32\CSGina.dll
[2005/02/17 11:41:32 | 000,000,603 | ---- | C] () -- C:\WINDOWS\System32\BTNeighborhood.dll.manifest
[2005/02/17 11:41:30 | 000,000,593 | ---- | C] () -- C:\WINDOWS\System32\btcss.dll.manifest
[2001/11/14 12:56:00 | 001,802,240 | ---- | C] () -- C:\WINDOWS\System32\lcppn21.dll
 
[color=#E56717]========== LOP Check ==========[/color]
 
[2010/09/15 17:14:30 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Altova
[2009/09/01 08:33:04 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\DAEMON Tools Lite
[2010/05/10 08:47:26 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\IBM
[2009/08/31 18:01:58 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\iPass
[2010/02/16 08:46:00 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\IsolatedStorage
[2009/09/25 14:40:29 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Juniper Networks
[2010/02/16 08:45:59 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\LINQPad
[2009/08/31 17:03:24 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Network Associates
[2009/09/01 10:16:20 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\PreEmptive Solutions
[2009/11/17 15:03:41 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\TEMP
[2008/11/05 18:32:37 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\UIB
[2010/09/15 17:06:08 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Application Data\{ECC164E0-3133-4C70-A831-F08DB2940F70}
[2010/09/08 12:44:51 | 000,000,000 | ---D | M] -- C:\Documents and Settings\cacarey\Application Data\.minecraft
[2010/07/23 11:47:55 | 000,000,000 | ---D | M] -- C:\Documents and Settings\cacarey\Application Data\.purple
[2009/09/14 07:08:15 | 000,000,000 | ---D | M] -- C:\Documents and Settings\cacarey\Application Data\Auslogics
[2009/09/01 09:34:50 | 000,000,000 | ---D | M] -- C:\Documents and Settings\cacarey\Application Data\DAEMON Tools Lite
[2010/05/10 09:02:38 | 000,000,000 | ---D | M] -- C:\Documents and Settings\cacarey\Application Data\IBM
[2010/06/25 12:01:19 | 000,000,000 | ---D | M] -- C:\Documents and Settings\cacarey\Application Data\Juniper Networks
[2010/02/16 08:45:59 | 000,000,000 | ---D | M] -- C:\Documents and Settings\cacarey\Application Data\LINQPad
[2009/09/18 09:58:28 | 000,000,000 | ---D | M] -- C:\Documents and Settings\cacarey\Application Data\SharePod
[2009/10/16 14:52:52 | 000,000,000 | ---D | M] -- C:\Documents and Settings\cacarey\Application Data\USA_TODAY
[2010/08/27 07:02:11 | 000,000,000 | ---D | M] -- C:\Documents and Settings\cacarey\Application Data\uTorrent
[2010/09/15 20:53:43 | 000,000,472 | ---- | M] () -- C:\WINDOWS\Tasks\Ad-Aware Update (Weekly).job
[2010/09/15 20:50:41 | 000,000,236 | ---- | M] () -- C:\WINDOWS\Tasks\OGALogon.job
[2010/09/15 20:23:00 | 000,000,316 | ---- | M] () -- C:\WINDOWS\Tasks\PMTask.job
[2010/09/15 21:00:00 | 000,000,390 | -H-- | M] () -- C:\WINDOWS\Tasks\User_Feed_Synchronization-{BB8D2929-C187-4959-8109-284A9037EB64}.job
[2010/09/15 21:00:00 | 000,000,408 | -H-- | M] () -- C:\WINDOWS\Tasks\User_Feed_Synchronization-{D667889C-ADA0-46D8-8A01-19D3C53D452A}.job
 
[color=#E56717]========== Purity Check ==========[/color]
 
 
 
[color=#E56717]========== Custom Scans ==========[/color]
 
 
[color=#A23BEC]< %SYSTEMDRIVE%\*.* >[/color]
[2010/07/09 09:56:03 | 000,002,721 | ---- | M] () -- C:\040512 (1).zip
[2010/07/09 09:55:58 | 000,002,721 | ---- | M] () -- C:\040512.zip
[2010/06/25 08:22:46 | 000,022,518 | ---- | M] () -- C:\0521001123 (1).jpg
[2010/03/01 21:11:06 | 000,002,871 | ---- | M] () -- C:\1.txt
[2010/04/29 07:35:18 | 000,011,380 | ---- | M] () -- C:\10_completed.csv
[2010/08/12 09:35:00 | 000,017,442 | ---- | M] () -- C:\115623.jpg
[2010/07/19 09:49:19 | 000,011,154 | ---- | M] () -- C:\160931.gif
[2010/08/12 09:12:03 | 000,166,802 | ---- | M] () -- C:\1985electrical.pdf
[2010/02/22 20:41:18 | 000,001,736 | ---- | M] () -- C:\2142.png
[2010/02/22 22:33:26 | 000,001,279 | ---- | M] () -- C:\2142compile
[2010/02/24 13:27:24 | 000,281,297 | ---- | M] () -- C:\2142compile.apk
[2010/02/23 12:30:40 | 000,001,221 | ---- | M] () -- C:\2142compile.key
[2010/05/28 08:52:43 | 000,000,770 | ---- | M] () -- C:\3FD11BF4E4564D5CA6247E5D7B4341A8.doc
[2009/11/21 10:40:00 | 000,178,176 | ---- | M] () -- C:\4017020000_1009.doc
[2010/02/22 21:31:11 | 000,000,775 | ---- | M] () -- C:\41.png
[2009/11/24 09:42:44 | 000,127,526 | ---- | M] () -- C:\4129312854_9445c3612a.jpg
[2009/10/30 10:46:32 | 000,001,178 | ---- | M] () -- C:\73A2715DEEBF4C4E97F1DFF61F25E09D.csv
[2010/05/28 09:21:04 | 000,000,408 | ---- | M] () -- C:\7I14NNFRD21.doc
[2009/10/09 14:13:38 | 000,190,989 | ---- | M] () -- C:\999999.jpg
[2010/01/13 17:50:54 | 012,895,180 | ---- | M] () -- C:\9Suspension.pdf
[2010/07/08 15:42:43 | 000,037,685 | ---- | M] () -- C:\admin_order.zip
[2010/05/12 11:10:28 | 005,516,800 | ---- | M] () -- C:\AjaxControlToolkit.dll
[2010/08/10 08:07:49 | 000,021,679 | ---- | M] () -- C:\All Smallbore Vehicle Index Bar Codes.pdf
[2010/08/10 08:07:57 | 000,021,395 | ---- | M] () -- C:\All Vehicle Index Bar Codes.pdf
[2010/01/17 22:10:15 | 000,001,334 | ---- | M] () -- C:\AohTest
[2010/09/03 09:52:28 | 000,507,765 | ---- | M] () -- C:\Article_Source.zip
[2007/12/20 12:56:55 | 000,000,000 | ---- | M] () -- C:\AUTOEXEC.BAT
[2009/11/25 11:18:47 | 011,363,263 | ---- | M] () -- C:\backup4.zip
[2010/01/20 08:15:06 | 000,037,855 | ---- | M] () -- C:\badcar.jpb
[2010/08/10 08:08:11 | 001,027,036 | ---- | M] () -- C:\Bar Code System Instructions.pdf
[2010/07/15 09:49:38 | 000,050,176 | ---- | M] (USA TODAY) -- C:\BaswareOrderMod-WinForm.exe
[2010/02/22 20:57:56 | 000,157,908 | ---- | M] () -- C:\battle2142pc_003-large.jpg
[2010/02/22 20:44:48 | 000,000,809 | ---- | M] () -- C:\battlefield2142.png
[2010/04/16 11:22:21 | 000,000,211 | RHS- | M] () -- C:\boot.ini
[2010/08/25 14:07:38 | 000,005,729 | ---- | M] () -- C:\brakefix.JPG
[2009/09/02 07:13:54 | 000,430,754 | ---- | M] () -- C:\car.JPG
[2009/09/02 07:14:21 | 000,580,766 | ---- | M] () -- C:\carsm.jpg
[2010/07/22 09:24:15 | 000,141,977 | ---- | M] () -- C:\Cash_Sale_23917_from_Hawkle.pdf
[2009/11/12 11:19:37 | 000,003,541 | ---- | M] () -- C:\chad-ticketCode.txt
[2010/09/09 16:30:25 | 000,095,958 | ---- | M] () -- C:\clip2.jpg
[2010/06/25 11:25:05 | 000,010,097 | ---- | M] () -- C:\Clipboard01.gif
[2010/06/15 09:38:56 | 000,666,702 | ---- | M] () -- C:\Clipboard01.ico
[2009/12/02 10:01:41 | 000,195,970 | ---- | M] () -- C:\Clipboard01.jpg
[2010/02/19 08:16:51 | 000,270,278 | ---- | M] () -- C:\Clipboard0111.jpg
[2010/02/16 16:15:03 | 000,289,453 | ---- | M] () -- C:\Clipboard011111.jpg
[2009/11/16 20:23:58 | 000,349,633 | ---- | M] () -- C:\Clipboard01dc.jpg
[2010/03/01 10:26:57 | 000,071,751 | ---- | M] () -- C:\Clipboard9.jpg
[2009/10/26 13:51:29 | 000,015,153 | ---- | M] () -- C:\companies.txt
[2007/12/20 12:56:55 | 000,000,000 | ---- | M] () -- C:\CONFIG.SYS
[2010/02/22 21:14:11 | 000,003,372 | ---- | M] () -- C:\Copy of icon.PNG
[2010/08/24 12:53:47 | 000,092,769 | ---- | M] () -- C:\Ctrim1.JPG
[2010/08/24 12:53:52 | 000,093,089 | ---- | M] () -- C:\Ctrim2.JPG
[2010/08/24 12:53:55 | 000,097,888 | ---- | M] () -- C:\Ctrim3.JPG
[2009/09/01 13:55:09 | 000,008,378 | ---- | M] () -- C:\DataFunc.vb
[2010/05/11 10:51:12 | 000,133,756 | ---- | M] () -- C:\DBCreator.jpg
[2010/01/09 10:58:39 | 000,000,000 | ---- | M] () -- C:\DBS.TXT
[2009/11/18 09:37:45 | 000,530,000 | ---- | M] () -- C:\defcon2.jpg
[2010/09/15 16:59:48 | 000,005,645 | ---- | M] () -- C:\dellbaswareLog.txt
[2010/09/15 16:54:58 | 000,058,492 | ---- | M] () -- C:\dellTrace-SSV3.txt
[2010/09/15 16:56:05 | 000,004,070 | ---- | M] () -- C:\dellTrace-TLS.txt
[2010/05/05 07:03:21 | 000,002,506 | ---- | M] () -- C:\divscroll.js
[2009/11/10 09:42:11 | 000,000,351 | ---- | M] () -- C:\drops.csv
[2010/07/27 14:57:22 | 003,946,460 | ---- | M] () -- C:\e4772_1005HA_Linux_web.zip
[2010/06/16 07:22:27 | 000,000,293 | ---- | M] () -- C:\E680B197C11F4A169599E1CF61D22F04.doc
[2009/10/26 10:53:17 | 000,000,931 | ---- | M] () -- C:\ERMap-ER110262009105209AM.csv
[2009/10/12 11:33:03 | 000,000,818 | ---- | M] () -- C:\ERMap-ER153310122009112922AM.csv
[2010/06/30 07:24:17 | 000,033,656 | ---- | M] () -- C:\exhaust.GIF
[2010/08/31 09:57:21 | 000,001,865 | ---- | M] () -- C:\exportDump.csv
[2010/08/06 07:57:46 | 000,030,316 | ---- | M] () -- C:\fileuploadajax-52373.zip
[2010/08/05 09:52:39 | 000,014,512 | ---- | M] () -- C:\fileuploadajax-v1-2.zip
[2009/12/21 15:31:45 | 000,000,078 | ---- | M] () -- C:\ftptoscanone.bat
[2009/12/21 15:31:45 | 000,000,111 | ---- | M] () -- C:\ftptoscanone.txt
[2009/12/07 14:41:22 | 000,006,244 | ---- | M] () -- C:\GAN09109_20091207014122.xml
[2010/09/09 13:39:47 | 000,010,369 | ---- | M] () -- C:\GAN108_20100908104450.xml
[2010/08/30 07:36:54 | 000,022,016 | ---- | M] () -- C:\German Gear.xls
[2010/08/30 13:22:39 | 000,002,190 | ---- | M] () -- C:\germanStuff.html
[2010/08/30 13:22:43 | 000,001,588 | ---- | M] () -- C:\germanStuff.txt
[2010/02/26 10:29:23 | 000,001,775 | ---- | M] () -- C:\GLPosting.txt
[2010/09/15 18:46:09 | 000,284,915 | ---- | M] () -- C:\gmer.zip
[2010/01/07 10:15:29 | 000,000,204 | ---- | M] () -- C:\h.html
[2010/01/18 09:03:03 | 000,010,820 | ---- | M] () -- C:\HelloAndroid.apk
[2010/04/29 17:14:36 | 000,170,650 | ---- | M] () -- C:\hocp10.jpg
[2009/10/20 10:19:32 | 000,002,848 | ---- | M] () -- C:\hqdsTicket.txt
[2010/02/22 21:16:42 | 000,002,755 | ---- | M] () -- C:\icon.PNG
[2010/01/12 08:14:38 | 000,275,429 | ---- | M] () -- C:\IMAG0005.jpg
[2010/03/07 19:02:32 | 001,960,061 | ---- | M] () -- C:\IMAG0033.jpg
[2010/07/27 13:53:15 | 001,126,304 | ---- | M] () -- C:\IMAG0040.jpg
[2010/09/02 13:59:09 | 001,363,177 | ---- | M] () -- C:\IMAG0105.jpg
[2010/09/09 16:26:04 | 001,055,636 | ---- | M] () -- C:\IMAG0113.jpg
[2010/09/09 13:06:17 | 000,000,000 | ---- | M] () -- C:\IMAG0115.jpg
[2009/10/08 08:35:04 | 000,018,731 | ---- | M] () -- C:\image.htm
[2010/07/02 08:43:27 | 000,155,960 | ---- | M] () -- C:\image001.png
[2009/09/10 10:12:26 | 000,001,543 | ---- | M] () -- C:\InstallUtil.InstallLog
[2007/12/20 12:56:55 | 000,000,000 | ---- | M] () -- C:\IO.SYS
[2010/05/10 10:40:05 | 000,163,855 | ---- | M] () -- C:\jquery-1.4.2.js
[2010/05/04 13:55:08 | 000,034,478 | ---- | M] () -- C:\jquery.chromatable-1.3.0 (1).zip
[2010/05/04 11:23:13 | 000,034,478 | ---- | M] () -- C:\jquery.chromatable-1.3.0.zip
[2010/05/04 13:05:41 | 000,002,206 | ---- | M] () -- C:\jquery.fixedtableheader-1-0-2.min.js
[2010/05/04 14:50:19 | 000,112,526 | ---- | M] () -- C:\jquery.jpg
[2010/08/23 10:03:42 | 000,001,634 | ---- | M] () -- C:\js.zip
[2010/05/25 13:13:22 | 000,133,316 | ---- | M] () -- C:\julib.pdf
[2010/07/12 11:14:34 | 000,514,166 | ---- | M] () -- C:\June2010.csv
[2009/09/01 07:59:46 | 000,045,304 | ---- | M] () -- C:\keys.xml
[2009/10/24 08:54:12 | 000,212,043 | ---- | M] () -- C:\Look.jpg
[2009/11/10 09:36:11 | 000,000,158 | ---- | M] () -- C:\manu.csv
[2009/11/10 19:37:16 | 000,470,541 | ---- | M] () -- C:\me2.jpg
[2010/01/09 10:56:47 | 040,436,183 | ---- | M] () -- C:\mpt.rar
[2010/08/24 12:53:59 | 000,197,060 | ---- | M] () -- C:\MR2 spoiler11.JPG
[2010/06/26 21:23:03 | 000,077,737 | ---- | M] () -- C:\mr2.jpg
[2007/12/20 12:56:55 | 000,000,000 | ---- | M] () -- C:\MSDOS.SYS
[2010/03/15 09:11:47 | 000,107,665 | ---- | M] () -- C:\myattempt.jpg
[2010/01/04 11:48:01 | 000,092,635 | ---- | M] () -- C:\mycomputerInfo.jpg
[2010/08/06 08:06:04 | 002,165,761 | ---- | M] () -- C:\NeatUpload-1.3.25.zip
[2010/02/12 13:38:48 | 000,000,030 | ---- | M] () -- C:\netstop.bat
[2009/09/29 17:59:56 | 000,002,601 | ---- | M] () -- C:\NewIncident.txt
[2004/08/04 08:00:00 | 000,047,564 | ---- | M] () -- C:\NTDETECT.COM
[2009/08/31 17:13:33 | 000,250,048 | ---- | M] () -- C:\ntldr
[2010/01/06 18:34:12 | 000,020,523 | ---- | M] () -- C:\order.html
[2010/09/15 20:53:37 | 000,575,488 | ---- | M] (OldTimer Tools) -- C:\OTL.exe
[2010/05/13 14:48:31 | 000,414,383 | ---- | M] () -- C:\P1030130.jpg
[2010/09/09 16:24:48 | 001,312,161 | ---- | M] () -- C:\P1030171.jpg
[2010/09/15 20:50:16 | 2145,386,496 | -HS- | M] () -- C:\pagefile.sys
[2010/08/09 08:20:49 | 003,721,248 | ---- | M] (June Fabrics Technology Inc.                                ) -- C:\PdaNetA242.exe
[2010/06/30 09:10:41 | 000,147,836 | ---- | M] () -- C:\photo.jpg
[2010/08/02 09:14:51 | 002,419,037 | ---- | M] () -- C:\phpBB-3.0.7-PL1.zip
[2010/06/29 09:03:08 | 000,557,040 | ---- | M] () -- C:\Picture 049.jpg
[2010/06/29 09:03:25 | 000,491,506 | ---- | M] () -- C:\Picture 050.jpg
[2010/07/23 11:36:39 | 009,376,815 | ---- | M] () -- C:\pidgin-2.7.2.exe
[2010/07/02 07:40:16 | 000,009,337 | ---- | M] () -- C:\R116840.zip
[2010/07/02 07:44:49 | 000,008,621 | ---- | M] () -- C:\R138611.zip
[2009/12/16 15:09:09 | 000,027,993 | ---- | M] () -- C:\rack.JPG
[2010/02/20 12:18:54 | 000,000,843 | ---- | M] () -- C:\Rank5.gif
[2010/07/28 14:19:25 | 002,186,543 | ---- | M] () -- C:\reflector.zip
[2009/10/11 20:16:15 | 000,000,883 | ---- | M] () -- C:\RequestXML.xml
[2009/11/25 10:59:29 | 000,039,981 | ---- | M] () -- C:\ro_cursors.zip
[2009/09/03 14:40:34 | 000,001,708 | ---- | M] () -- C:\SessionTest.vb
[2009/09/18 15:12:28 | 000,000,581 | ---- | M] () -- C:\SharePod.log
[2009/09/18 15:15:28 | 000,006,404 | ---- | M] () -- C:\SharePodSettings.xml
[2010/07/29 12:47:59 | 000,000,279 | ---- | M] () -- C:\Shortcut to Local Disk (C).lnk
[2009/12/22 10:20:21 | 000,003,574 | ---- | M] () -- C:\sqlGetLatestLogEntry.txt
[2010/05/26 13:33:23 | 000,000,361 | ---- | M] () -- C:\stock.html
[2010/05/04 09:18:51 | 000,000,764 | ---- | M] () -- C:\TableHoverTest.html
[2010/09/08 15:10:04 | 000,013,004 | ---- | M] () -- C:\Tama-chan-pictures.jpg
[2009/11/20 16:14:26 | 000,178,176 | ---- | M] () -- C:\template.doc
[2010/02/22 20:57:56 | 000,157,908 | ---- | M] () -- C:\test.jpg
[2010/08/23 14:12:15 | 000,009,092 | ---- | M] () -- C:\test.xml
[2010/08/23 14:21:41 | 000,011,560 | ---- | M] () -- C:\test.xsd
[2010/09/15 16:39:47 | 000,446,464 | ---- | M] (OldTimer Tools) -- C:\TFC.exe
[2010/09/07 06:54:44 | 000,232,960 | -HS- | M] () -- C:\Thumbs.db
[2006/06/05 10:36:00 | 000,002,411 | ---- | M] () -- C:\TI-CDC-w2k.inf
[2010/08/11 08:02:10 | 000,021,477 | ---- | M] () -- C:\Toyota-Wiring.pdf
[2010/09/15 20:50:23 | 000,000,720 | ---- | M] () -- C:\TPHKLOCK.TXT
[2009/10/13 09:44:07 | 000,313,344 | ---- | M] () -- C:\Unable to run reports on an AJAX plug.doc
[2010/03/15 07:13:36 | 000,017,579 | ---- | M] () -- C:\untitled.jpg
[2010/01/06 18:18:08 | 000,000,075 | ---- | M] () -- C:\verizon.txt
[2010/02/22 21:01:10 | 000,019,223 | ---- | M] () -- C:\v_pabattlewalker04.jpg
[2010/06/14 10:56:56 | 000,000,018 | ---- | M] () -- C:\WatchList.txt
[2010/07/27 07:25:56 | 002,721,168 | ---- | M] (Microsoft Corporation) -- C:\Windows7-USB-DVD-tool.exe
[2010/07/06 10:00:37 | 000,057,811 | ---- | M] () -- C:\WSUploaderService_Src.zip
[2010/01/13 14:16:48 | 000,045,056 | ---- | M] () -- C:\xml version.doc
[2010/08/23 14:56:16 | 000,014,854 | ---- | M] () -- C:\xmlt.xml
 
[color=#A23BEC]< %systemroot%\*. /mp /s >[/color]
 
[color=#A23BEC]< %systemroot%\System32\config\*.sav  >[/color]
[2007/12/20 07:49:23 | 000,094,208 | ---- | M] () -- C:\WINDOWS\system32\config\default.sav
[2007/12/20 07:49:22 | 000,659,456 | ---- | M] () -- C:\WINDOWS\system32\config\software.sav
[2007/12/20 07:49:22 | 000,917,504 | ---- | M] () -- C:\WINDOWS\system32\config\system.sav
 
[color=#A23BEC]< HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate\AU >[/color]
"NoAutoRebootWithLoggedOnUsers" = 1
"NoAutoUpdate" = 0
"AUOptions" = 4
"ScheduledInstallDay" = 0
"ScheduledInstallTime" = 12
"AutoInstallMinorUpdates" = 1
"UseWUServer" = 1
"DetectionFrequencyEnabled" = 1
"DetectionFrequency" = 15
"RebootRelaunchTimeoutEnabled" = 1
"RebootRelaunchTimeout" = 30
 
[color=#A23BEC]< HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update\Results\Install|LastSuccessTime /rs >[/color]
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update\Results\Install\\LastSuccessTime: 2010-08-24 16:09:21
 
[color=#E56717]========== Alternate Data Streams ==========[/color]
 
@Alternate Data Stream - 129 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:05EE1EEF
< End of report >