[code] OTS logfile created on: 11/28/2011 4:46:29 PM - Run 1 OTS by OldTimer - Version 3.1.46.0 Folder = G:\ Windows Vista Home Basic Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation Internet Explorer (Version = 9.0.8112.16421) Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy 3.00 Gb Total Physical Memory | 2.00 Gb Available Physical Memory | 55.00% Memory free 6.00 Gb Paging File | 5.00 Gb Available in Paging File | 81.00% Paging File free Paging file location(s): ?:\pagefile.sys [binary data] %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files Drive C: | 139.73 Gb Total Space | 5.67 Gb Free Space | 4.06% Space Free | Partition Type: NTFS Drive D: | 9.32 Gb Total Space | 1.69 Gb Free Space | 18.18% Space Free | Partition Type: NTFS E: Drive not present or media not loaded F: Drive not present or media not loaded Drive G: | 7.53 Gb Total Space | 4.50 Gb Free Space | 59.79% Space Free | Partition Type: FAT32 H: Drive not present or media not loaded I: Drive not present or media not loaded Computer Name: LAPTOP Current User Name: cody Logged in as Administrator. Current Boot Mode: Normal Scan Mode: Current user Company Name Whitelist: On Skip Microsoft Files: On File Age = 30 Days Quick Scan [Processes - Safe List] ots.exe -> G:\OTS.exe -> [2011/11/28 16:39:06 | 000,646,144 | ---- | M] (OldTimer Tools) xti.exe -> C:\Users\cody\AppData\Local\xti.exe -> [2011/11/28 09:12:36 | 000,289,280 | ---- | M] (Microsoft Corporation) tbhdaemon.exe -> c:\Program Files\tbh\base\bin\tbhDaemon.exe -> [2011/11/21 22:28:27 | 000,070,952 | ---- | M] () netsession_win.exe -> C:\Users\cody\AppData\Local\Akamai\netsession_win.exe -> [2011/11/17 06:58:04 | 003,303,000 | ---- | M] (Akamai Technologies, Inc) ccsvchst.exe -> C:\Program Files\Norton Online\Engine\2.2.0.26\ccSvcHst.exe -> [2011/08/10 12:52:54 | 000,138,760 | R--- | M] (Symantec Corporation) zunelauncher.exe -> C:\Program Files\Zune\ZuneLauncher.exe -> [2011/08/05 11:29:56 | 000,159,456 | ---- | M] (Microsoft Corporation) dropbox.exe -> C:\Users\cody\AppData\Roaming\Dropbox\bin\Dropbox.exe -> [2011/05/25 12:07:14 | 024,176,560 | ---- | M] (Dropbox, Inc.) evernoteclipper.exe -> C:\Program Files\Evernote\Evernote\EvernoteClipper.exe -> [2011/03/07 14:42:42 | 000,969,216 | ---- | M] (Evernote Corp., 333 W Evelyn Ave. Mountain View, CA 94041) tbhmonitor.exe -> C:\Program Files\tbh\monitor\bin\tbhMonitor.exe -> [2009/10/22 13:57:44 | 000,070,952 | ---- | M] () freeagentservice.exe -> C:\Program Files\iTunes\Sync\FreeAgentService.exe -> [2009/05/01 13:35:54 | 000,181,544 | ---- | M] (Seagate Technology LLC) wmiadap.exe -> \\?\C:\Windows\System32\wbem\WMIADAP.EXE -> [2009/04/10 22:28:15 | 000,117,248 | ---- | M] () explorer.exe -> C:\Windows\explorer.exe -> [2009/04/10 22:27:36 | 002,926,592 | ---- | M] (Microsoft Corporation) blservice.exe -> C:\Windows\SMINST\BLService.exe -> [2008/04/26 00:15:26 | 000,361,808 | ---- | M] () viewpointservice.exe -> C:\Program Files\Viewpoint\Common\ViewpointService.exe -> [2007/01/04 13:38:08 | 000,024,652 | ---- | M] (Viewpoint Corporation) [Modules - No Company Name] libtidy.dll -> C:\Program Files\Evernote\Evernote\libtidy.dll -> [2011/03/07 14:21:06 | 000,315,392 | ---- | M] () libxml2.dll -> C:\Program Files\Evernote\Evernote\libxml2.dll -> [2011/03/07 14:21:02 | 000,433,664 | ---- | M] () zlib1.dll -> C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll -> [2009/09/04 22:15:06 | 000,067,872 | ---- | M] () [Win32 Services - Safe List] (RelevantKnowledge) RelevantKnowledge [Auto | Stopped] -> -> File not found (Akamai) Akamai NetSession Interface [Auto | Running] -> c:\program files\common files\akamai/netsession_win_d768ebc.dll -> [2011/11/17 19:45:47 | 003,313,752 | ---- | M] () (NOF) Norton Online [Unknown | Running] -> C:\Program Files\Norton Online\Engine\2.2.0.26\ccSvcHst.exe -> [2011/08/10 12:52:54 | 000,138,760 | R--- | M] (Symantec Corporation) (ZuneWlanCfgSvc) Zune Wireless Configuration Service [On_Demand | Stopped] -> c:\Program Files\Zune\ZuneWlanCfgSvc.exe -> [2011/08/05 11:30:02 | 000,444,640 | ---- | M] (Microsoft Corporation) (WMZuneComm) Zune Windows Mobile Connectivity Service [On_Demand | Stopped] -> c:\Program Files\Zune\WMZuneComm.exe -> [2011/08/05 11:30:02 | 000,268,512 | ---- | M] (Microsoft Corporation) (ZuneNetworkSvc) Zune Network Sharing Service [On_Demand | Stopped] -> c:\Program Files\Zune\ZuneNss.exe -> [2011/08/05 11:29:56 | 006,363,872 | ---- | M] (Microsoft Corporation) (InventoriaService) Inventoria Stock Manager [On_Demand | Stopped] -> C:\Program Files\NCH Software\Inventoria\inventoria.exe -> [2010/12/07 13:10:27 | 001,363,972 | ---- | M] (NCH Software) (N360) Norton Security Suite [Unknown | Stopped] -> C:\Program Files\Norton Security Suite\Engine\5.0.0.125\ccSvcHst.exe -> [2010/11/23 18:21:18 | 000,130,000 | R--- | M] (Symantec Corporation) (tbhMonitor.exe) The Browser Highlighter Monitor [Auto | Running] -> C:\Program Files\tbh\monitor\bin\tbhMonitor.exe -> [2009/10/22 13:57:44 | 000,070,952 | ---- | M] () (FreeAgentGoNext Service) Seagate Service [Auto | Running] -> C:\Program Files\iTunes\Sync\FreeAgentService.exe -> [2009/05/01 13:35:54 | 000,181,544 | ---- | M] (Seagate Technology LLC) (Recovery Service for Windows) Recovery Service for Windows [Auto | Running] -> C:\Windows\SMINST\BLService.exe -> [2008/04/26 00:15:26 | 000,361,808 | ---- | M] () (WinDefend) Windows Defender [Auto | Stopped] -> C:\Program Files\Windows Defender\MpSvc.dll -> [2008/01/20 18:33:00 | 000,272,952 | ---- | M] (Microsoft Corporation) (Viewpoint Manager Service) Viewpoint Manager Service [Auto | Running] -> C:\Program Files\Viewpoint\Common\ViewpointService.exe -> [2007/01/04 13:38:08 | 000,024,652 | ---- | M] (Viewpoint Corporation) [Driver Services - Safe List] (SymEvent) SymEvent [Kernel | On_Demand | Running] -> C:\Windows\System32\drivers\SYMEVENT.SYS -> [2011/10/26 15:09:11 | 000,127,096 | ---- | M] (Symantec Corporation) (BHDrvx86) BHDrvx86 [Kernel | On_Demand | Stopped] -> C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_4.0.0.127\Definitions\BASHDefs\20110929.001\BHDrvx86.sys -> [2011/09/29 13:35:11 | 000,816,760 | ---- | M] (Symantec Corporation) (IDSVix86) IDSVix86 [Kernel | On_Demand | Stopped] -> C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_4.0.0.127\Definitions\IPSDefs\20111007.030\IDSvix86.sys -> [2011/08/22 23:17:32 | 000,368,248 | ---- | M] (Symantec Corporation) (ccSet_NOF) Norton Online Settings Manager [Kernel | System | Running] -> C:\Windows\system32\drivers\NOF\0202000.01A\ccSetx86.sys -> [2011/08/08 15:38:11 | 000,132,744 | R--- | M] (Symantec Corporation) (NAVEX15) NAVEX15 [Kernel | On_Demand | Stopped] -> C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_4.0.0.127\Definitions\VirusDefs\20111008.008\NAVEX15.SYS -> [2011/08/04 16:04:28 | 001,576,312 | ---- | M] (Symantec Corporation) (NAVENG) NAVENG [Kernel | On_Demand | Stopped] -> C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_4.0.0.127\Definitions\VirusDefs\20111008.008\NAVENG.SYS -> [2011/08/04 16:04:28 | 000,086,136 | ---- | M] (Symantec Corporation) (eeCtrl) Symantec Eraser Control driver [Kernel | System | Running] -> C:\Program Files\Common Files\Symantec Shared\EENGINE\eeCtrl.sys -> [2011/07/28 05:27:21 | 000,374,392 | ---- | M] (Symantec Corporation) (EraserUtilRebootDrv) EraserUtilRebootDrv [Kernel | On_Demand | Running] -> C:\Program Files\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys -> [2011/07/28 05:27:21 | 000,105,592 | ---- | M] (Symantec Corporation) (SYMRDR_{78CA3BF0-9C3B-40e1-B46D-38C877EF059A}) Symantec Redirector - Norton Safety Minder [Kernel | On_Demand | Running] -> C:\Windows\System32\Drivers\NSM\0202000.028\SymRdr.SYS -> [2011/05/09 18:42:52 | 000,196,600 | ---- | M] (Symantec Corporation) (SRTSPX) Symantec Real Time Storage Protection (PEL) [Kernel | System | Running] -> C:\Windows\system32\drivers\N360\0500000.07D\SRTSPX.SYS -> [2010/11/22 20:08:31 | 000,050,168 | R--- | M] (Symantec Corporation) (SymEFA) Symantec Extended File Attributes [File_System | Boot | Running] -> C:\Windows\system32\drivers\N360\0500000.07D\SYMEFA.SYS -> [2010/11/17 18:59:55 | 000,652,336 | R--- | M] (Symantec Corporation) (SymIRON) Symantec Iron Driver [Kernel | System | Running] -> C:\Windows\system32\drivers\N360\0500000.07D\Ironx86.SYS -> [2010/11/15 17:45:33 | 000,136,312 | R--- | M] (Symantec Corporation) (SymDS) Symantec Data Store [Kernel | Boot | Running] -> C:\Windows\system32\drivers\N360\0500000.07D\SYMDS.SYS -> [2010/10/20 18:28:36 | 000,340,016 | R--- | M] (Symantec Corporation) (SYMTDIv) Symantec Vista Network Dispatch Driver [Kernel | On_Demand | Stopped] -> C:\Windows\System32\Drivers\N360\0403000.005\SYMTDIV.SYS -> [2010/05/05 20:01:59 | 000,339,504 | ---- | M] (Symantec Corporation) (SRTSP) Symantec Real Time Storage Protection [File_System | On_Demand | Stopped] -> C:\Windows\System32\Drivers\N360\0403000.005\SRTSP.SYS -> [2010/04/21 18:29:50 | 000,325,680 | ---- | M] (Symantec Corporation) (motport) Motorola USB Diagnostic Port [Kernel | On_Demand | Stopped] -> C:\Windows\System32\drivers\motport.sys -> [2009/10/27 11:02:14 | 000,023,936 | ---- | M] (Motorola) (motmodem) Motorola USB CDC ACM Driver [Kernel | On_Demand | Stopped] -> C:\Windows\System32\drivers\motmodem.sys -> [2009/10/27 11:02:14 | 000,023,936 | ---- | M] (Motorola) (NVHDA) Service for NVIDIA High Definition Audio Driver [Kernel | On_Demand | Running] -> C:\Windows\System32\drivers\nvhda32v.sys -> [2009/08/21 20:24:04 | 000,066,592 | ---- | M] (NVIDIA Corporation) (nvlddmkm) nvlddmkm [Kernel | On_Demand | Running] -> C:\Windows\System32\drivers\nvlddmkm.sys -> [2009/07/23 21:01:00 | 009,791,072 | ---- | M] (NVIDIA Corporation) (motccgp) Motorola USB Composite Device Driver [Kernel | On_Demand | Stopped] -> C:\Windows\System32\drivers\motccgp.sys -> [2009/06/19 15:59:34 | 000,019,712 | ---- | M] (Motorola) (WinUSB) WinUSB [Kernel | On_Demand | Stopped] -> C:\Windows\System32\drivers\winusb.sys -> [2009/04/10 20:42:52 | 000,031,616 | ---- | M] (Microsoft Corporation) (motccgpfl) MotCcgpFlService [Kernel | On_Demand | Stopped] -> C:\Windows\System32\drivers\motccgpfl.sys -> [2009/01/29 16:18:00 | 000,008,320 | ---- | M] (Motorola) (CnxtHdAudService) Conexant UAA Function Driver for High Definition Audio Service [Kernel | On_Demand | Running] -> C:\Windows\System32\drivers\CHDRT32.sys -> [2008/10/03 03:39:28 | 000,222,208 | ---- | M] (Conexant Systems Inc.) (nvsmu) nvsmu [Kernel | On_Demand | Running] -> C:\Windows\System32\drivers\nvsmu.sys -> [2008/04/24 14:51:46 | 000,014,848 | ---- | M] (NVIDIA Corporation) (ISODrive) ISO DVD/CD-ROM Device Driver [File_System | System | Running] -> C:\Program Files\UltraISO\drivers\ISODrive.sys -> [2008/02/26 14:07:54 | 000,073,728 | ---- | M] (EZB Systems, Inc.) (NVENETFD) NVIDIA nForce Networking Controller Driver [Kernel | On_Demand | Running] -> C:\Windows\System32\drivers\nvmfdx32.sys -> [2008/01/29 05:55:00 | 001,042,464 | ---- | M] (NVIDIA Corporation) (XAudio) XAudio [Kernel | Auto | Running] -> C:\Windows\System32\drivers\XAudio.sys -> [2007/10/17 15:36:54 | 000,008,704 | ---- | M] (Conexant Systems, Inc.) (HpqRemHid) HP Remote Control HID Device [Kernel | On_Demand | Stopped] -> C:\Windows\System32\drivers\HpqRemHid.sys -> [2007/07/11 09:30:22 | 000,007,168 | ---- | M] (Hewlett-Packard Development Company, L.P.) (HpqKbFiltr) HpqKbFilter Driver [Kernel | On_Demand | Running] -> C:\Windows\System32\drivers\HpqKbFiltr.sys -> [2007/06/18 16:12:04 | 000,016,768 | ---- | M] (Hewlett-Packard Development Company, L.P.) [Registry - Safe List] < Internet Explorer Settings [HKEY_LOCAL_MACHINE\] > -> -> HKEY_LOCAL_MACHINE\: Main\\"Default_Page_URL" -> http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=en_us&c=83&bd=Presario&pf=cnnb -> HKEY_LOCAL_MACHINE\: Main\\"Start Page" -> http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=en_us&c=83&bd=Presario&pf=cnnb -> HKEY_LOCAL_MACHINE\: URLSearchHooks\\"{bf7380fa-e3b4-4db2-af3e-9d8783a45bfc}" [HKLM] -> C:\Program Files\uTorrentBar\tbuTor.dll [uTorrentBar Toolbar] -> [2010/12/09 12:51:30 | 003,911,776 | ---- | M] (Conduit Ltd.) < Internet Explorer Settings [HKEY_CURRENT_USER\] > -> -> HKEY_CURRENT_USER\: Main\\"Default_Page_URL" -> http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=en_us&c=83&bd=Presario&pf=cnnb -> HKEY_CURRENT_USER\: Main\\"Search Page" -> -> HKEY_CURRENT_USER\: Main\\"Start Page" -> http://search.conduit.com?SearchSource=10&ctid=CT2418376 -> HKEY_CURRENT_USER\: Main\\"StartPageCache" -> 1 -> HKEY_CURRENT_USER\: URLSearchHooks\\"{bf7380fa-e3b4-4db2-af3e-9d8783a45bfc}" [HKLM] -> C:\Program Files\uTorrentBar\tbuTor.dll [uTorrentBar Toolbar] -> [2010/12/09 12:51:30 | 003,911,776 | ---- | M] (Conduit Ltd.) HKEY_CURRENT_USER\: URLSearchHooks\\"{EF99BD32-C1FB-11D2-892F-0090271D4F88}" [HKLM] -> [Yahoo! Toolbar] -> File not found HKEY_CURRENT_USER\: "ProxyEnable" -> 0 -> HKEY_CURRENT_USER\: "ProxyOverride" -> *.local -> < FireFox Settings [Prefs.js] > -> C:\Users\cody\AppData\Roaming\Mozilla\FireFox\Profiles\cr28hxdp.default\prefs.js -> browser.search.defaultengine -> "Ask.com" -> browser.search.defaultenginename -> "Ask.com" -> browser.search.defaultthis.engineName -> "PageRage Customized Web Search" -> browser.search.defaulturl -> "http://search.conduit.com/ResultsExt.aspx?ctid=CT2418376&SearchSource=3&q={searchTerms}" -> browser.search.order.1 -> "Ask.com" -> browser.search.selectedEngine -> "PageRage Customized Web Search" -> browser.search.useDBForOrder -> true -> browser.startup.homepage -> "http://www.comcast.net?cid=NET_mmhpset" -> extensions.enabledItems -> {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}:6.0.20 -> extensions.enabledItems -> {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}:6.0.21 -> extensions.enabledItems -> {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}:6.0.22 -> extensions.enabledItems -> {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}:6.0.23 -> extensions.enabledItems -> {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}:6.0.24 -> extensions.enabledItems -> {DFF722C4-4A11-41A7-9939-C83A06B09897}:1.0 -> extensions.enabledItems -> support@lastpass.com:1.72.0 -> extensions.enabledItems -> {195A3098-0BD5-4e90-AE22-BA1C540AFD1E}:2.9.3 -> extensions.enabledItems -> {b9db16a4-6edc-47ec-a1f4-b86292ed211d}:4.8.6 -> extensions.enabledItems -> {e4a8a97b-f2ed-450b-b12d-ee082ba24781}:0.9.2 -> extensions.enabledItems -> {BBDA0591-3099-440a-AA10-41764D9DB4DB}:2.0 -> extensions.enabledItems -> {2D3F3651-74B9-4795-BDEC-6DA2F431CB62}:4.6 -> extensions.enabledItems -> moveplayer@movenetworks.com:1.0.0.%(version)s -> extensions.enabledItems -> {c0c9a2c7-2e5c-4444-bc53-97718bc91e1b}:1.4 -> keyword.URL -> "chrome://browser-region/locale/region.properties" -> network.proxy.no_proxies_on -> "*.local" -> < FireFox Extensions [HKLM] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Mozilla HKLM\software\mozilla\Firefox\Extensions -> -> HKLM\software\mozilla\Firefox\Extensions\\smartwebprinting@hp.com -> C:\Program Files\HP\Digital Imaging\Smart Web Printing\MozillaAddOn2 [C:\PROGRAM FILES\HP\DIGITAL IMAGING\SMART WEB PRINTING\MOZILLAADDON2] -> [2008/08/11 05:37:30 | 000,000,000 | ---D | M] HKLM\software\mozilla\Firefox\Extensions\\{BBDA0591-3099-440a-AA10-41764D9DB4DB} -> C:\PROGRAMDATA\NORTON\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_4.0.0.127\IPSFFPLGN\ [C:\PROGRAMDATA\NORTON\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_4.0.0.127\IPSFFPLGN\] -> [2011/07/30 18:43:54 | 000,000,000 | ---D | M] HKLM\software\mozilla\Firefox\Extensions\\{2D3F3651-74B9-4795-BDEC-6DA2F431CB62} -> C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_4.0.0.127\coFFPlgn_2010_9_0_6 [C:\PROGRAMDATA\NORTON\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_4.0.0.127\COFFPLGN_2010_9_0_6] -> [2011/08/24 06:28:34 | 000,000,000 | ---D | M] HKLM\software\mozilla\Firefox\Extensions\\{6D5C8FC4-DE46-41bf-9092-93F0F78E9115} -> C:\PROGRAMDATA\NORTON\{78CA3BF0-9C3B-40E1-B46D-38C877EF059A}\NSM_2.2.0.38\COFFFW\ [C:\PROGRAMDATA\NORTON\{78CA3BF0-9C3B-40E1-B46D-38C877EF059A}\NSM_2.2.0.38\COFFFW\] -> [2011/11/21 22:29:17 | 000,000,000 | ---D | M] HKLM\software\mozilla\Mozilla Firefox 8.0\extensions -> -> HKLM\software\mozilla\Mozilla Firefox 8.0\extensions\\Components -> C:\Program Files\Mozilla Firefox\components [C:\PROGRAM FILES\MOZILLA FIREFOX\COMPONENTS] -> [2011/11/13 13:38:58 | 000,000,000 | ---D | M] HKLM\software\mozilla\Mozilla Firefox 8.0\extensions\\Plugins -> C:\Program Files\Mozilla Firefox\plugins [C:\PROGRAM FILES\MOZILLA FIREFOX\PLUGINS] -> [2011/06/21 15:29:48 | 000,000,000 | ---D | M] < FireFox Extensions [User Folders] > -> -> C:\Users\cody\AppData\Roaming\mozilla\Extensions -> [2009/08/25 21:03:29 | 000,000,000 | ---D | M] -> C:\Users\cody\AppData\Roaming\mozilla\Firefox\Profiles\cr28hxdp.default\extensions -> [2011/11/18 16:18:56 | 000,000,000 | ---D | M] Garmin Communicator -> C:\Users\cody\AppData\Roaming\mozilla\Firefox\Profiles\cr28hxdp.default\extensions\{195A3098-0BD5-4e90-AE22-BA1C540AFD1E} -> [2011/08/24 22:35:29 | 000,000,000 | ---D | M] Microsoft .NET Framework Assistant -> C:\Users\cody\AppData\Roaming\mozilla\Firefox\Profiles\cr28hxdp.default\extensions\{20a82645-c095-46ed-80e3-08825760534b} -> [2010/04/27 14:09:22 | 000,000,000 | ---D | M] DownloadHelper -> C:\Users\cody\AppData\Roaming\mozilla\Firefox\Profiles\cr28hxdp.default\extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d} -> [2011/11/13 13:39:01 | 000,000,000 | ---D | M] uTorrentBar Community Toolbar -> C:\Users\cody\AppData\Roaming\mozilla\Firefox\Profiles\cr28hxdp.default\extensions\{bf7380fa-e3b4-4db2-af3e-9d8783a45bfc} -> [2011/11/10 18:11:01 | 000,000,000 | ---D | M] Total Youtube Downloader -> C:\Users\cody\AppData\Roaming\mozilla\Firefox\Profiles\cr28hxdp.default\extensions\{c0c9a2c7-2e5c-4444-bc53-97718bc91e1b} -> [2010/06/18 10:50:32 | 000,000,000 | ---D | M] Greasemonkey -> C:\Users\cody\AppData\Roaming\mozilla\Firefox\Profiles\cr28hxdp.default\extensions\{e4a8a97b-f2ed-450b-b12d-ee082ba24781} -> [2011/11/16 21:29:40 | 000,000,000 | ---D | M] -> C:\Users\cody\AppData\Roaming\mozilla\Firefox\Profiles\cr28hxdp.default\extensions\support@lastpass.com -> [2011/11/18 16:18:56 | 000,000,000 | ---D | M] < FireFox SearchPlugins [User Folders] > -> askcom.xml -> C:\Users\cody\AppData\Roaming\Mozilla\FireFox\Profiles\cr28hxdp.default\searchplugins\askcom.xml -> [2010/02/18 17:32:33 | 000,002,426 | ---- | M] () < FireFox Extensions [Program Folders] > -> -> C:\Program Files\Mozilla Firefox\extensions -> [2011/11/13 13:39:00 | 000,000,000 | ---D | M] Zwangi -> C:\Program Files\Mozilla Firefox\extensions\{DFF722C4-4A11-41A7-9939-C83A06B09897} -> [2009/09/22 04:25:34 | 000,000,000 | ---D | M] LastPass -> C:\USERS\CODY\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\CR28HXDP.DEFAULT\EXTENSIONS\SUPPORT@LASTPASS.COM -> [2011/11/18 16:18:56 | 000,000,000 | ---D | M] < FireFox Components [Program Folders] > -> < HOSTS File > ([2006/09/18 13:41:30 | 000,000,761 | ---- | M] - 20 lines) -> C:\Windows\System32\drivers\etc\hosts -> Reset Hosts 127.0.0.1 localhost ::1 localhost < BHO's [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\ -> {02478D38-C3F9-4efb-9B51-7695ECA05670} [HKLM] -> [&Yahoo! Toolbar Helper] -> File not found {30F9B915-B755-4826-820B-08FBA6BD249D} [HKLM] -> C:\Program Files\ConduitEngine\ConduitEngine.dll [Conduit Engine] -> [2010/12/09 12:51:30 | 003,911,776 | ---- | M] (Conduit Ltd.) {5C255C8A-E604-49b4-9D64-90988571CECB} [HKLM] -> Reg Error: Key error. [Reg Error: Key error.] -> File not found {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} [HKLM] -> C:\Program Files\Norton Security Suite\Engine\4.3.0.5\coIEplg.dll [Symantec NCO BHO] -> [2011/07/13 13:37:46 | 000,419,768 | ---- | M] (Symantec Corporation) {6D53EC84-6AAE-4787-AEEE-F4628F01010C} [HKLM] -> C:\Program Files\Norton Security Suite\Engine\4.3.0.5\ipsbho.dll [Symantec Intrusion Prevention] -> [2009/11/16 16:51:14 | 000,079,224 | R--- | M] (Symantec Corporation) {B8E07826-0971-4f16-B133-047B88034E89} [HKLM] -> C:\Program Files\Norton Online\AddOns\Norton Safety Minder\Engine\2.2.0.40\coieplg.dll [Norton Safety Minder BHO] -> [2011/11/10 17:13:28 | 000,492,984 | R--- | M] (Symantec Corporation) {bf7380fa-e3b4-4db2-af3e-9d8783a45bfc} [HKLM] -> C:\Program Files\uTorrentBar\tbuTor.dll [uTorrentBar Toolbar] -> [2010/12/09 12:51:30 | 003,911,776 | ---- | M] (Conduit Ltd.) < Internet Explorer ToolBars [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\ToolBar -> "{30F9B915-B755-4826-820B-08FBA6BD249D}" [HKLM] -> C:\Program Files\ConduitEngine\ConduitEngine.dll [Conduit Engine] -> [2010/12/09 12:51:30 | 003,911,776 | ---- | M] (Conduit Ltd.) "{7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA}" [HKLM] -> C:\Program Files\Norton Security Suite\Engine\4.3.0.5\coIEplg.dll [Norton Toolbar] -> [2011/07/13 13:37:46 | 000,419,768 | ---- | M] (Symantec Corporation) "{bf7380fa-e3b4-4db2-af3e-9d8783a45bfc}" [HKLM] -> C:\Program Files\uTorrentBar\tbuTor.dll [uTorrentBar Toolbar] -> [2010/12/09 12:51:30 | 003,911,776 | ---- | M] (Conduit Ltd.) "{EF99BD32-C1FB-11D2-892F-0090271D4F88}" [HKLM] -> [Yahoo! Toolbar] -> File not found < Internet Explorer ToolBars [HKEY_CURRENT_USER\] > -> HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\ -> WebBrowser\\"{7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA}" [HKLM] -> C:\Program Files\Norton Security Suite\Engine\4.3.0.5\coIEplg.dll [Norton Toolbar] -> [2011/07/13 13:37:46 | 000,419,768 | ---- | M] (Symantec Corporation) WebBrowser\\"{D0523BB4-21E7-11DD-9AB7-415B56D89593}" [HKLM] -> Reg Error: Key error. [Reg Error: Key error.] -> File not found WebBrowser\\"{D4027C7F-154A-4066-A1AD-4243D8127440}" [HKLM] -> Reg Error: Key error. [Reg Error: Key error.] -> File not found < Run [HKEY_LOCAL_MACHINE\] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run -> "NvCplDaemon" -> C:\Windows\System32\NvCpl.dll [RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup] -> [2009/07/23 15:39:04 | 013,797,920 | ---- | M] (NVIDIA Corporation) "Zune Launcher" -> c:\Program Files\Zune\ZuneLauncher.exe ["c:\Program Files\Zune\ZuneLauncher.exe"] -> [2011/08/05 11:29:56 | 000,159,456 | ---- | M] (Microsoft Corporation) < Run [HKEY_CURRENT_USER\] > -> HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run -> "2395814551" -> C:\Users\cody\AppData\Local\xti.exe [C:\Users\cody\AppData\Local\xti.exe] -> [2011/11/28 09:12:36 | 000,289,280 | ---- | M] (Microsoft Corporation) "Akamai NetSession Interface" -> C:\Users\cody\AppData\Local\Akamai\netsession_win.exe [C:\Users\cody\AppData\Local\Akamai\netsession_win.exe] -> [2011/11/17 06:58:04 | 003,303,000 | ---- | M] (Akamai Technologies, Inc) "ISUSPM" -> [C:\ProgramData\FLEXnet\Connect\11\ISUSPM.exe -scheduler] -> File not found < RunOnce [HKEY_CURRENT_USER\] > -> HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce -> "FlashPlayerUpdate" -> C:\Windows\System32\Macromed\Flash\FlashUtil10w_Plugin.exe [C:\Windows\system32\Macromed\Flash\FlashUtil10w_Plugin.exe -update plugin] -> [2011/09/08 16:58:35 | 000,243,360 | ---- | M] (Adobe Systems, Inc.) < CurrentVersion Policy Settings - Explorer [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer < CurrentVersion Policy Settings - System [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats < Internet Explorer Menu Extensions [HKEY_CURRENT_USER\] > -> HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\MenuExt\ -> Add to Evernote 4.0 -> C:\Program Files\Evernote\Evernote\EvernoteIE.dll [res://C:\Program Files\Evernote\Evernote\EvernoteIE.dll/204] -> [2011/03/07 14:44:04 | 000,247,808 | ---- | M] (Evernote Corp., 333 W Evelyn Ave. Mountain View, CA 94041) < Internet Explorer Extensions [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extensions\ -> {A95fe080-8f5d-11d2-a20b-00aa003c157a}:res://C:\Program Files\Evernote\Evernote\EvernoteIE.dll/204 [HKLM] -> C:\Program Files\Evernote\Evernote\EvernoteIE.dll [Button: @C:\Program Files\Evernote\Evernote\Resource.dll,-101] -> [2011/03/07 14:44:04 | 000,247,808 | ---- | M] (Evernote Corp., 333 W Evelyn Ave. Mountain View, CA 94041) {A95fe080-8f5d-11d2-a20b-00aa003c157a}:res://C:\Program Files\Evernote\Evernote\EvernoteIE.dll/204 [HKLM] -> C:\Program Files\Evernote\Evernote\EvernoteIE.dll [Menu: @C:\Program Files\Evernote\Evernote\Resource.dll,-101] -> [2011/03/07 14:44:04 | 000,247,808 | ---- | M] (Evernote Corp., 333 W Evelyn Ave. Mountain View, CA 94041) < Internet Explorer Plugins [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Plugins\ -> < Default Prefix > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\URL\DefaultPrefix "" -> http:// < Trusted Sites Domains [HKEY_LOCAL_MACHINE\] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ -> [Key] 0 domain(s) found. -> < Trusted Sites Ranges [HKEY_LOCAL_MACHINE\] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ -> [Key] 0 range(s) found. -> < Trusted Sites Domains [HKEY_CURRENT_USER\] > -> HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ -> HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ -> [Key] 0 domain(s) found. -> < Trusted Sites Ranges [HKEY_CURRENT_USER\] > -> HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ -> HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ -> [Key] 1 range(s) found. -> Range1 [:Range = 127.0.0.1] -> http = Local intranet | -> < Downloaded Program Files > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\ -> {8AD9C840-044E-11D1-B3E9-00805F499D93} [HKLM] -> http://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab [Java Plug-in 1.6.0_26] -> {CAFEEFAC-0016-0000-0005-ABCDEFFEDCBA} [HKLM] -> http://java.sun.com/update/1.6.0/jinstall-1_6_0_05-windows-i586.cab [Java Plug-in 1.6.0_05] -> {CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA} [HKLM] -> http://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab [Java Plug-in 1.6.0_26] -> {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} [HKLM] -> http://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab [Java Plug-in 1.6.0_26] -> < Name Servers [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters\ -> DhcpNameServer -> 192.168.1.1 -> < Name Servers [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters\Adapters\ -> {60104CE9-178F-4E24-8651-158030760E47}\\DhcpNameServer -> 192.168.1.1 (Broadcom 802.11b/g WLAN) -> {C47239CA-4B3B-4A9A-85E7-59F72C372C2A}\\DhcpNameServer -> 192.168.1.1 (NVIDIA nForce Networking Controller) -> < Winlogon settings [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon -> *Shell* -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\\Shell -> explorer.exe -> explorer.exe -> [2011/11/28 16:30:16 | 000,294,400 | ---- | M] () *MultiFile Done* -> -> *UserInit* -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\\UserInit -> C:\Windows\system32\userinit.exe -> C:\Windows\System32\userinit.exe -> [2008/01/20 18:34:37 | 000,025,088 | ---- | M] (Microsoft Corporation) *MultiFile Done* -> -> < SafeBoot AlternateShell [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot -> < CDROM Autorun Setting [HKEY_LOCAL_MACHINE]> -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Cdrom -> "AutoRun" -> 1 -> "DisplayName" -> CD-ROM Driver -> "ImagePath" -> [system32\DRIVERS\cdrom.sys] -> File not found < Drives with AutoRun files > -> -> C:\autoexec.bat [REM Dummy file for NTVDMPATH=%PATH%;C:\PROGRA~1\COMMON~1\MUVEET~1\030625 | ] -> C:\autoexec.bat [ NTFS ] -> [2008/08/11 05:06:15 | 000,000,074 | ---- | M] () < MountPoints2 [HKEY_CURRENT_USER] > -> HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2 -> \{9bdabf0c-9871-11de-9b83-001f1655757f} HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{9bdabf0c-9871-11de-9b83-001f1655757f}\shell\AutoRun\command \{9bdabf0c-9871-11de-9b83-001f1655757f}\shell\AutoRun\command\\"" -> [F:\Setup.exe] -> File not found \{9bdabf0c-9871-11de-9b83-001f1655757f} HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{9bdabf0c-9871-11de-9b83-001f1655757f}\shell\Install\command \{9bdabf0c-9871-11de-9b83-001f1655757f}\shell\Install\command\\"" -> [F:\Setup.exe] -> File not found < Registry Shell Spawning - Select to Repair > -> HKEY_LOCAL_MACHINE\SOFTWARE\Classes\\shell\[command]\command -> comfile [open] -> "%1" %* -> exefile [open] -> "%1" %* -> < Registry Shell Spawning - Select to Repair > -> HKEY_CURRENT_USER\SOFTWARE\Classes\\shell\[command]\command -> exefile [open] -> "C:\Users\cody\AppData\Local\xti.exe" -a "%1" %* -> [2011/11/28 09:12:36 | 000,289,280 | ---- | M] (Microsoft Corporation) < File Associations - Select to Repair > -> HKEY_LOCAL_MACHINE\SOFTWARE\Classes\\ -> .com [@ = comfile] -> "%1" %* -> .exe [@ = exefile] -> "%1" %* -> < File Associations - Select to Repair > -> HKEY_CURRENT_USER\SOFTWARE\Classes\\ -> .exe [@ = exefile] -> C:\Users\cody\AppData\Local\xti.exe -> [2011/11/28 09:12:36 | 000,289,280 | ---- | M] (Microsoft Corporation) [Files/Folders - Created Within 30 Days] xti.exe -> C:\Users\cody\AppData\Local\xti.exe -> [2011/11/28 09:12:36 | 000,289,280 | ---- | C] (Microsoft Corporation) 2011-11-18 Overlap Agreement -> C:\Users\cody\Desktop\2011-11-18 Overlap Agreement -> [2011/11/18 16:05:27 | 000,000,000 | ---D | C] lpuninstall.exe -> C:\Program Files\Common Files\lpuninstall.exe -> [2011/11/16 21:31:38 | 010,112,544 | ---- | C] (LastPass) LastPass -> C:\Users\cody\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\LastPass -> [2011/11/16 21:31:29 | 000,000,000 | ---D | C] LastPass -> C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LastPass -> [2011/11/16 21:31:29 | 000,000,000 | ---D | C] LastPass -> C:\Program Files\LastPass -> [2011/11/16 21:31:28 | 000,000,000 | ---D | C] lastpass.exe -> C:\Users\cody\Desktop\lastpass.exe -> [2011/11/16 21:30:20 | 010,112,544 | ---- | C] (LastPass) Akamai -> C:\Users\cody\AppData\Local\Akamai -> [2011/11/09 21:39:06 | 000,000,000 | ---D | C] vlc -> C:\Users\cody\AppData\Roaming\vlc -> [2011/10/31 16:33:05 | 000,000,000 | ---D | C] VideoLAN -> C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN -> [2011/10/31 16:32:45 | 000,000,000 | ---D | C] VideoLAN -> C:\Program Files\VideoLAN -> [2011/10/31 16:32:31 | 000,000,000 | ---D | C] 2 C:\Windows\System32\*.tmp files -> C:\Windows\System32\*.tmp -> [Files/Folders - Modified Within 30 Days] perfh009.dat -> C:\Windows\System32\perfh009.dat -> [2011/11/28 16:47:03 | 000,604,502 | ---- | M] () perfc009.dat -> C:\Windows\System32\perfc009.dat -> [2011/11/28 16:47:03 | 000,104,170 | ---- | M] () DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini -> C:\Users\cody\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini -> [2011/11/28 16:45:07 | 000,143,872 | ---- | M] () PCConfidential.job -> C:\Windows\tasks\PCConfidential.job -> [2011/11/28 16:44:15 | 000,000,416 | ---- | M] () w4bv85b1ha6atq -> C:\ProgramData\w4bv85b1ha6atq -> [2011/11/28 16:44:12 | 000,009,634 | -HS- | M] () w4bv85b1ha6atq -> C:\Users\cody\AppData\Local\w4bv85b1ha6atq -> [2011/11/28 16:44:11 | 000,009,634 | -HS- | M] () bootstat.dat -> C:\Windows\bootstat.dat -> [2011/11/28 16:44:02 | 000,067,584 | --S- | M] () nvModes.dat -> C:\ProgramData\nvModes.dat -> [2011/11/28 16:44:01 | 000,356,078 | ---- | M] () nvModes.001 -> C:\ProgramData\nvModes.001 -> [2011/11/28 16:44:01 | 000,356,078 | ---- | M] () Norton Security Scan for cody.job -> C:\Windows\tasks\Norton Security Scan for cody.job -> [2011/11/27 14:49:53 | 000,000,472 | -H-- | M] () 7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0 -> C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0 -> [2011/11/26 17:44:27 | 000,003,216 | -H-- | M] () 7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0 -> C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0 -> [2011/11/26 17:44:27 | 000,003,216 | -H-- | M] () namebench-1.3.1-Windows.exe -> C:\Users\cody\Desktop\namebench-1.3.1-Windows.exe -> [2011/11/26 16:03:34 | 005,227,019 | ---- | M] () Norton Online Family.lnk -> C:\Users\Public\Desktop\Norton Online Family.lnk -> [2011/11/21 22:28:40 | 000,002,578 | ---- | M] () hiberfil.sys -> C:\hiberfil.sys -> [2011/11/21 22:27:25 | 2951,127,040 | -HS- | M] () Overlap_Agreement_001.zip -> C:\Users\cody\Desktop\Overlap_Agreement_001.zip -> [2011/11/18 16:09:26 | 000,342,102 | ---- | M] () Overlap_Agreement_001.pdf -> C:\Users\cody\Desktop\Overlap_Agreement_001.pdf -> [2011/11/18 16:09:12 | 000,421,442 | ---- | M] () lpuninstall.exe -> C:\Program Files\Common Files\lpuninstall.exe -> [2011/11/16 21:31:38 | 010,112,544 | ---- | M] (LastPass) My LastPass Vault.lnk -> C:\Users\cody\Application Data\Microsoft\Internet Explorer\Quick Launch\My LastPass Vault.lnk -> [2011/11/16 21:31:38 | 000,001,128 | ---- | M] () My LastPass Vault.lnk -> C:\Users\Public\Desktop\My LastPass Vault.lnk -> [2011/11/16 21:31:29 | 000,001,128 | ---- | M] () lastpass.exe -> C:\Users\cody\Desktop\lastpass.exe -> [2011/11/16 21:30:22 | 010,112,544 | ---- | M] (LastPass) Norton Internet Security - Run Full System Scan - cody.job -> C:\Windows\tasks\Norton Internet Security - Run Full System Scan - cody.job -> [2011/11/15 11:41:15 | 000,000,642 | ---- | M] () 2 C:\Windows\System32\*.tmp files -> C:\Windows\System32\*.tmp -> 11 C:\Windows\Temp\*.tmp files -> C:\Windows\Temp\*.tmp -> [Files - No Company Name] w4bv85b1ha6atq -> C:\Users\cody\AppData\Local\w4bv85b1ha6atq -> [2011/11/28 09:12:37 | 000,009,634 | -HS- | C] () w4bv85b1ha6atq -> C:\ProgramData\w4bv85b1ha6atq -> [2011/11/28 09:12:37 | 000,009,634 | -HS- | C] () namebench-1.3.1-Windows.exe -> C:\Users\cody\Desktop\namebench-1.3.1-Windows.exe -> [2011/11/26 16:03:33 | 005,227,019 | ---- | C] () Overlap_Agreement_001.pdf -> C:\Users\cody\Desktop\Overlap_Agreement_001.pdf -> [2011/11/18 16:10:22 | 000,421,442 | ---- | C] () Overlap_Agreement_001.zip -> C:\Users\cody\Desktop\Overlap_Agreement_001.zip -> [2011/11/18 16:09:15 | 000,342,102 | ---- | C] () My LastPass Vault.lnk -> C:\Users\cody\Application Data\Microsoft\Internet Explorer\Quick Launch\My LastPass Vault.lnk -> [2011/11/16 21:31:38 | 000,001,128 | ---- | C] () My LastPass Vault.lnk -> C:\Users\Public\Desktop\My LastPass Vault.lnk -> [2011/11/16 21:31:29 | 000,001,128 | ---- | C] () hpoins19.dat -> C:\Windows\hpoins19.dat -> [2011/10/23 14:03:24 | 000,148,840 | ---- | C] () hpomdl19.dat -> C:\Windows\hpomdl19.dat -> [2011/10/23 14:00:56 | 000,026,952 | ---- | C] () {96C87F53-AC72-4604-A9CC-186A49F17F3C}.ini -> C:\Users\cody\AppData\Local\{96C87F53-AC72-4604-A9CC-186A49F17F3C}.ini -> [2011/05/18 17:03:40 | 000,001,940 | ---- | C] () PowerReg.dat -> C:\Windows\PowerReg.dat -> [2011/04/27 09:20:37 | 000,000,000 | ---- | C] () AVSredirect.dll -> C:\Windows\System32\AVSredirect.dll -> [2010/12/10 16:45:27 | 000,027,648 | ---- | C] () QUICKEN.INI -> C:\Windows\QUICKEN.INI -> [2010/12/02 13:25:28 | 000,000,165 | ---- | C] () xvidvfw.dll -> C:\Windows\System32\xvidvfw.dll -> [2010/11/20 17:08:55 | 000,180,224 | ---- | C] () hppins22.dat -> C:\Windows\hppins22.dat -> [2010/08/16 07:20:21 | 000,127,901 | ---- | C] () hppmdl22.dat -> C:\Windows\hppmdl22.dat -> [2010/08/16 07:20:03 | 000,001,504 | ---- | C] () easyicon.ini -> C:\Windows\easyicon.ini -> [2010/01/01 13:28:43 | 000,000,076 | ---- | C] () iconeasl.ini -> C:\Windows\iconeasl.ini -> [2010/01/01 13:28:43 | 000,000,030 | ---- | C] () ezsidmv.dat -> C:\ProgramData\ezsidmv.dat -> [2009/11/07 22:23:24 | 000,000,056 | -H-- | C] () EhStorAuthn.dll -> C:\Windows\System32\EhStorAuthn.dll -> [2009/09/18 11:32:28 | 000,117,248 | ---- | C] () StructuredQuerySchema.bin -> C:\Windows\System32\StructuredQuerySchema.bin -> [2009/09/18 11:32:28 | 000,107,612 | ---- | C] () OGACheckControl.dll -> C:\Windows\System32\OGACheckControl.dll -> [2009/08/03 15:07:42 | 000,403,816 | ---- | C] () OGAEXEC.exe -> C:\Windows\System32\OGAEXEC.exe -> [2009/08/03 15:07:42 | 000,230,768 | ---- | C] () d3d9caps.dat -> C:\Users\cody\AppData\Local\d3d9caps.dat -> [2009/01/15 18:38:12 | 000,000,680 | ---- | C] () DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini -> C:\Users\cody\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini -> [2008/12/27 11:48:18 | 000,143,872 | ---- | C] () nvModes.001 -> C:\ProgramData\nvModes.001 -> [2008/12/26 00:37:39 | 000,356,078 | ---- | C] () wklnhst.dat -> C:\Users\cody\AppData\Roaming\wklnhst.dat -> [2008/12/25 23:43:07 | 000,000,798 | ---- | C] () nvModes.dat -> C:\ProgramData\nvModes.dat -> [2008/12/25 23:42:51 | 000,356,078 | ---- | C] () StructuredQuerySchemaTrivial.bin -> C:\Windows\System32\StructuredQuerySchemaTrivial.bin -> [2008/12/25 21:06:05 | 000,018,904 | ---- | C] () nvphy.bin -> C:\Windows\System32\drivers\nvphy.bin -> [2008/12/03 06:13:17 | 000,003,948 | ---- | C] () hpqins13.dat -> C:\Windows\hpqins13.dat -> [2008/08/11 05:20:54 | 000,101,605 | ---- | C] () bootstat.dat -> C:\Windows\bootstat.dat -> [2006/11/02 04:53:49 | 000,067,584 | --S- | C] () FNTCACHE.DAT -> C:\Windows\System32\FNTCACHE.DAT -> [2006/11/02 04:44:53 | 000,426,296 | ---- | C] () perfh009.dat -> C:\Windows\System32\perfh009.dat -> [2006/11/02 02:33:01 | 000,604,502 | ---- | C] () perfi009.dat -> C:\Windows\System32\perfi009.dat -> [2006/11/02 02:33:01 | 000,287,440 | ---- | C] () perfc009.dat -> C:\Windows\System32\perfc009.dat -> [2006/11/02 02:33:01 | 000,104,170 | ---- | C] () perfd009.dat -> C:\Windows\System32\perfd009.dat -> [2006/11/02 02:33:01 | 000,030,674 | ---- | C] () dssec.dat -> C:\Windows\System32\dssec.dat -> [2006/11/02 02:23:21 | 000,215,943 | ---- | C] () mib.bin -> C:\Windows\mib.bin -> [2006/11/02 00:58:30 | 000,043,131 | ---- | C] () NOISE.DAT -> C:\Windows\System32\NOISE.DAT -> [2006/11/02 00:19:00 | 000,000,741 | ---- | C] () pacerprf.ini -> C:\Windows\System32\pacerprf.ini -> [2006/11/01 23:40:29 | 000,013,750 | ---- | C] () mlang.dat -> C:\Windows\System32\mlang.dat -> [2006/11/01 23:25:31 | 000,673,088 | ---- | C] () WdfCoInstaller01000.dll -> C:\Windows\System32\WdfCoInstaller01000.dll -> [2006/03/09 01:58:00 | 001,060,424 | ---- | C] () qt-dx331.dll -> C:\Windows\System32\qt-dx331.dll -> [2005/10/14 01:56:50 | 003,596,288 | ---- | C] () VorbisEnc.dll -> C:\Windows\System32\VorbisEnc.dll -> [2005/10/14 01:56:50 | 000,921,600 | ---- | C] () xvidcore.dll -> C:\Windows\System32\xvidcore.dll -> [2005/10/14 01:56:50 | 000,815,104 | ---- | C] () DivXsm.exe -> C:\Windows\System32\DivXsm.exe -> [2005/10/14 01:56:50 | 000,778,240 | ---- | C] () xvid.dll -> C:\Windows\System32\xvid.dll -> [2005/10/14 01:56:50 | 000,344,064 | ---- | C] () OggDS.dll -> C:\Windows\System32\OggDS.dll -> [2005/10/14 01:56:50 | 000,237,568 | ---- | C] () vorbis.dll -> C:\Windows\System32\vorbis.dll -> [2005/10/14 01:56:50 | 000,188,416 | ---- | C] () unrar.dll -> C:\Windows\System32\unrar.dll -> [2005/10/14 01:56:50 | 000,155,136 | ---- | C] () ogg.dll -> C:\Windows\System32\ogg.dll -> [2005/10/14 01:56:50 | 000,045,056 | ---- | C] () [File - Lop Check] .minecraft -> C:\Users\cody\AppData\Roaming\.minecraft -> [2011/09/19 19:07:24 | 000,000,000 | ---D | M] Bullzip -> C:\Users\cody\AppData\Roaming\Bullzip -> [2011/02/21 17:49:04 | 000,000,000 | ---D | M] Catalina Marketing Corp -> C:\Users\cody\AppData\Roaming\Catalina Marketing Corp -> [2011/05/04 17:45:45 | 000,000,000 | ---D | M] Dropbox -> C:\Users\cody\AppData\Roaming\Dropbox -> [2011/11/22 13:12:19 | 000,000,000 | ---D | M] GARMIN -> C:\Users\cody\AppData\Roaming\GARMIN -> [2010/05/23 15:31:27 | 000,000,000 | ---D | M] gtk-2.0 -> C:\Users\cody\AppData\Roaming\gtk-2.0 -> [2010/07/03 18:35:33 | 000,000,000 | ---D | M] IObit -> C:\Users\cody\AppData\Roaming\IObit -> [2010/04/08 11:19:58 | 000,000,000 | ---D | M] IrfanView -> C:\Users\cody\AppData\Roaming\IrfanView -> [2010/03/23 11:48:22 | 000,000,000 | ---D | M] Leadertech -> C:\Users\cody\AppData\Roaming\Leadertech -> [2009/09/06 19:40:54 | 000,000,000 | ---D | M] muvee Technologies -> C:\Users\cody\AppData\Roaming\muvee Technologies -> [2010/04/27 13:22:41 | 000,000,000 | ---D | M] Nexon -> C:\Users\cody\AppData\Roaming\Nexon -> [2009/02/22 20:03:21 | 000,000,000 | ---D | M] OpenOffice.org -> C:\Users\cody\AppData\Roaming\OpenOffice.org -> [2010/03/08 10:23:49 | 000,000,000 | ---D | M] PandoraRecovery -> C:\Users\cody\AppData\Roaming\PandoraRecovery -> [2011/06/02 11:47:16 | 000,000,000 | ---D | M] RadarSync -> C:\Users\cody\AppData\Roaming\RadarSync -> [2011/02/09 10:04:32 | 000,000,000 | ---D | M] Template -> C:\Users\cody\AppData\Roaming\Template -> [2009/01/03 23:41:07 | 000,000,000 | ---D | M] Tific -> C:\Users\cody\AppData\Roaming\Tific -> [2010/04/05 15:19:09 | 000,000,000 | ---D | M] UBitMenu -> C:\Users\cody\AppData\Roaming\UBitMenu -> [2010/05/21 12:12:06 | 000,000,000 | ---D | M] uTorrent -> C:\Users\cody\AppData\Roaming\uTorrent -> [2011/11/04 17:20:35 | 000,000,000 | ---D | M] WeatherBug -> C:\Users\cody\AppData\Roaming\WeatherBug -> [2009/07/20 12:21:22 | 000,000,000 | ---D | M] webex -> C:\Users\cody\AppData\Roaming\webex -> [2010/05/12 14:59:16 | 000,000,000 | ---D | M] PCConfidential.job -> C:\Windows\Tasks\PCConfidential.job -> [2011/11/28 16:44:15 | 000,000,416 | ---- | M] () SCHEDLGU.TXT -> C:\Windows\Tasks\SCHEDLGU.TXT -> [2011/11/21 22:26:18 | 000,032,582 | ---- | M] () [File - Purity Scan] [Alternate Data Streams] @Alternate Data Stream - 121 bytes -> C:\ProgramData\TEMP:206E2596 @Alternate Data Stream - 127 bytes -> C:\ProgramData\TEMP:0FF263E8 < End of report > [/code]