I have ran the OTL here are the results for the 1st file (OTL.txt)
OTL logfile created on: 12/28/2009 12:27:37 PM - Run 1
OTL by OldTimer - Version 3.1.20.1 Folder = D:\My Documents\Downloads
Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy
2.00 Gb Total Physical Memory | 1.00 Gb Available Physical Memory | 57.00% Memory free
4.00 Gb Paging File | 3.00 Gb Available in Paging File | 83.00% Paging File free
Paging file location(s): C:\pagefile.sys 2046 4092 [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 37.27 Gb Total Space | 18.81 Gb Free Space | 50.48% Space Free | Partition Type: NTFS
Drive D: | 37.26 Gb Total Space | 6.34 Gb Free Space | 17.01% Space Free | Partition Type: NTFS
Drive E: | 19.20 Mb Total Space | 0.00 Mb Free Space | 0.00% Space Free | Partition Type: CDFS
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded
Computer Name: DESLZ931938
Current User Name: HernandezEri
NOT logged in as Administrator.
Current Boot Mode: Normal
Scan Mode: Current user
Company Name Whitelist: Off
Skip Microsoft Files: Off
File Age = 30 Days
Output = Standard
========== Processes (SafeList) ========== PRC - [2009/12/28 12:26:31 | 00,513,536 | ---- | M] (OldTimer Tools) -- D:\My Documents\Downloads\OTL.exe
PRC - [2009/11/19 22:29:16 | 00,623,960 | ---- | M] (Research In Motion Limited) -- C:\Program Files\Common Files\Research in Motion\Auto Update\RIMAutoUpdate.exe
PRC - [2009/10/11 04:17:36 | 00,149,280 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Java\jre6\bin\jusched.exe
PRC - [2009/10/11 04:17:35 | 00,153,376 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Java\jre6\bin\jqs.exe
PRC - [2009/03/08 13:09:26 | 00,638,816 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Internet Explorer\iexplore.exe
PRC - [2008/10/24 08:14:36 | 00,206,112 | ---- | M] (Macrovision Corporation) -- C:\Program Files\Common Files\InstallShield\UpdateService\ISUSPM.exe
PRC - [2008/10/15 13:55:10 | 00,116,016 | ---- | M] (Hewlett-Packard Co.) -- C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_clipbook.exe
PRC - [2008/04/13 18:12:19 | 01,033,728 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
PRC - [2008/02/19 12:10:32 | 00,267,048 | ---- | M] (Apple Inc.) -- C:\Program Files\iTunes\iTunesHelper.exe
PRC - [2008/02/19 12:10:24 | 00,504,104 | ---- | M] (Apple Inc.) -- C:\Program Files\iPod\bin\iPodService.exe
PRC - [2008/02/18 10:16:30 | 00,110,592 | ---- | M] (Apple, Inc.) -- C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
PRC - [2008/01/05 11:06:02 | 00,068,856 | ---- | M] (Google Inc.) -- C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
PRC - [2007/10/12 09:49:04 | 00,069,632 | ---- | M] (Monsoon Interactive) -- C:\Program Files\OnLetterhead\hooksrvr.exe
PRC - [2007/08/22 16:31:16 | 00,080,896 | ---- | M] (Hewlett-Packard) -- C:\Program Files\HP\Digital Imaging\bin\HpqSRmon.exe
PRC - [2007/05/16 17:50:52 | 00,162,584 | ---- | M] (Intel Corporation) -- C:\WINDOWS\system32\hkcmd.exe
PRC - [2007/05/16 17:50:22 | 00,138,008 | ---- | M] (Intel Corporation) -- C:\WINDOWS\system32\igfxpers.exe
PRC - [2007/05/16 17:50:12 | 00,252,696 | ---- | M] (Intel Corporation) -- C:\WINDOWS\system32\igfxsrvc.exe
PRC - [2007/05/08 15:24:20 | 00,054,840 | ---- | M] (Hewlett-Packard) -- C:\Program Files\HP\HP Software Update\hpwuSchd2.exe
PRC - [2007/03/16 10:10:46 | 01,392,640 | ---- | M] (Dell Inc.) -- C:\WINDOWS\system32\WLTRAY.EXE
PRC - [2007/03/16 10:10:46 | 00,020,480 | ---- | M] () -- C:\WINDOWS\system32\WLTRYSVC.EXE
PRC - [2007/03/16 10:10:42 | 01,253,376 | ---- | M] (Dell Inc.) -- C:\WINDOWS\system32\BCMWLTRY.EXE
PRC - [2007/02/25 19:55:18 | 00,125,048 | ---- | M] (TOSHIBA CORPORATION) -- C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtSrv.exe
PRC - [2007/02/20 10:24:34 | 00,475,136 | ---- | M] (Dell Inc.) -- C:\Program Files\Dell\QuickSet\NicConfigSvc.exe
PRC - [2007/02/19 06:27:16 | 00,090,112 | ---- | M] (SigmaTel, Inc.) -- C:\WINDOWS\system32\stacsv.exe
PRC - [2007/02/19 06:26:32 | 00,303,104 | ---- | M] (SigmaTel, Inc.) -- C:\WINDOWS\stsystra.exe
PRC - [2007/01/28 21:07:18 | 00,050,736 | ---- | M] (Alps Electric Co., Ltd.) -- C:\Program Files\Apoint\ApMsgFwd.exe
PRC - [2007/01/24 19:34:22 | 00,159,744 | ---- | M] (Alps Electric Co., Ltd.) -- C:\Program Files\Apoint\Apoint.exe
PRC - [2006/12/20 12:29:40 | 00,125,632 | ---- | M] (Symantec Corporation) -- C:\Program Files\Symantec AntiVirus\VPTray.exe
PRC - [2006/12/20 12:29:34 | 00,116,928 | ---- | M] (symantec) -- C:\Program Files\Symantec AntiVirus\SavRoam.exe
PRC - [2006/12/20 12:29:30 | 01,814,720 | ---- | M] (Symantec Corporation) -- C:\Program Files\Symantec AntiVirus\Rtvscan.exe
PRC - [2006/12/20 12:29:20 | 00,031,424 | ---- | M] (Symantec Corporation) -- C:\Program Files\Symantec AntiVirus\DefWatch.exe
PRC - [2006/11/21 19:38:40 | 00,169,576 | ---- | M] (Symantec Corporation) -- C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
PRC - [2006/11/21 19:38:32 | 00,192,104 | ---- | M] (Symantec Corporation) -- C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
PRC - [2006/11/21 19:38:28 | 00,052,840 | ---- | M] (Symantec Corporation) -- C:\Program Files\Common Files\Symantec Shared\ccApp.exe
PRC - [2006/10/12 17:30:46 | 02,138,112 | ---- | M] (BigFix Inc.) -- C:\Program Files\BigFix Enterprise\BES Client\BESClient.exe
PRC - [2006/09/07 17:10:22 | 00,040,960 | ---- | M] (Alps Electric Co., Ltd.) -- C:\Program Files\Apoint\hidfind.exe
PRC - [2006/09/07 17:06:08 | 00,040,960 | ---- | M] (Alps Electric Co., Ltd.) -- C:\Program Files\Apoint\ApntEx.exe
PRC - [2006/08/25 11:57:42 | 00,310,368 | ---- | M] (Fiberlink Communications Corp.) -- C:\Program Files\Fiberlink\ItravelV2\ServiceMgr.exe
PRC - [2006/08/25 11:57:42 | 00,130,144 | ---- | M] (Fiberlink Communications Corp.) -- C:\Program Files\Fiberlink\ItravelV2\e360SysTray.exe
PRC - [2006/08/25 11:54:26 | 00,061,440 | ---- | M] (Fiberlink Communications Corp.) -- C:\Program Files\Fiberlink\ItravelV2\FLUtilsSvc.exe
PRC - [2006/07/07 17:15:07 | 00,600,896 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft IntelliPoint\ipoint.exe
PRC - [2006/07/07 17:14:38 | 00,576,320 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft IntelliType Pro\itype.exe
PRC - [2006/06/14 08:00:10 | 00,844,126 | ---- | M] (Internet Security Systems, Inc.) -- C:\Program Files\ISS\Proventia Desktop\RapApp.exe
PRC - [2006/06/14 08:00:10 | 00,426,333 | ---- | M] (Internet Security Systems, Inc.) -- C:\Program Files\ISS\Proventia Desktop\vpatch.exe
PRC - [2006/04/20 06:34:26 | 01,520,688 | ---- | M] (Cisco Systems, Inc.) -- C:\Program Files\Cisco Systems\VPN Client\cvpnd.exe
PRC - [2006/02/09 03:50:00 | 00,578,784 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\CCM\CcmExec.exe
PRC - [2006/02/09 03:50:00 | 00,248,544 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\CCM\clicomp\RemCtrl\Wuser32.exe
PRC - [2005/03/28 06:48:48 | 00,028,717 | ---- | M] (IBM Corp) -- C:\WINDOWS\system32\nsl.exe
PRC - [2005/03/28 06:48:48 | 00,020,530 | ---- | M] (IBM Corp) -- C:\WINDOWS\system32\nslsvice.exe
PRC - [2005/02/23 14:19:56 | 00,053,248 | ---- | M] (CyberLink Corp.) -- C:\Program Files\CyberLink\PowerDVD\DVDLauncher.exe
PRC - [2005/01/10 12:21:24 | 00,172,121 | ---- | M] (Symantec) -- C:\Program Files\Fiberlink\ItravelV2\VPNSentry.exe
PRC - [2004/05/03 14:01:02 | 00,124,416 | ---- | M] (DameWare Development LLC) -- C:\WINDOWS\system32\DWRCS.EXE
========== Modules (SafeList) ========== MOD - [2009/12/28 12:26:31 | 00,513,536 | ---- | M] (OldTimer Tools) -- D:\My Documents\Downloads\OTL.exe
MOD - [2007/10/12 09:49:06 | 00,081,920 | ---- | M] (Monsoon Interactive) -- C:\Program Files\OnLetterhead\hookldr.dll
MOD - [2007/05/16 17:49:54 | 00,102,400 | ---- | M] (Intel Corporation) -- C:\WINDOWS\system32\hccutils.dll
MOD - [2007/02/16 09:28:12 | 00,061,440 | ---- | M] (Altiris, Inc.) -- C:\WINDOWS\system32\AMInit.dll
MOD - [2006/08/25 11:45:18 | 00,041,472 | ---- | M] () -- C:\Program Files\Fiberlink\ItravelV2\e360IntApi.dll
========== Win32 Services (SafeList) ========== SRV - [2009/12/23 23:54:14 | 00,233,472 | ---- | M] () [Auto | Running] -- C:\WINDOWS\system32\sshnas.dll -- (SSHNAS)
SRV - [2009/10/11 04:17:35 | 00,153,376 | ---- | M] (Sun Microsystems, Inc.) [Auto | Running] -- C:\Program Files\Java\jre6\bin\jqs.exe -- (JavaQuickStarterService)
SRV - [2009/07/08 12:31:36 | 00,313,840 | ---- | M] (Sonic Solutions) [Auto | Stopped] -- C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxLiveShare9.exe -- (RoxLiveShare9)
SRV - [2009/07/08 12:31:32 | 00,170,480 | ---- | M] (Sonic Solutions) [Auto | Stopped] -- C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxWatch9.exe -- (RoxWatch9)
SRV - [2009/07/08 12:31:12 | 01,108,464 | ---- | M] (Sonic Solutions) [On_Demand | Stopped] -- C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxMediaDB9.exe -- (RoxMediaDB9)
SRV - [2009/05/21 20:21:18 | 00,248,832 | ---- | M] (Hewlett-Packard Co.) [On_Demand | Running] -- C:\Program Files\HP\Digital Imaging\bin\hpqcxs08.dll -- (hpqcxs08)
SRV - [2009/05/08 16:11:30 | 00,079,360 | ---- | M] (SolidWorks) [On_Demand | Stopped] -- C:\Program Files\Common Files\SolidWorks Shared\Service\SolidWorksLicensing.exe -- (SolidWorks Licensing Service)
SRV - [2009/03/24 06:04:59 | 00,183,280 | ---- | M] (Google) [Auto | Stopped] -- C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe -- (gusvc)
SRV - [2008/07/18 12:13:20 | 00,053,760 | ---- | M] (Hewlett-Packard) [Auto | Running] -- C:\WINDOWS\system32\HPZipm12.dll -- (Pml Driver HPZ12)
SRV - [2008/07/18 12:13:20 | 00,044,032 | ---- | M] (Hewlett-Packard) [Auto | Running] -- C:\WINDOWS\system32\HPZinw12.dll -- (Net Driver HPZ12)
SRV - [2008/03/25 20:27:36 | 00,135,168 | ---- | M] (Hewlett-Packard Co.) [Auto | Running] -- C:\Program Files\HP\Digital Imaging\bin\hpqddsvc.dll -- (hpqddsvc)
SRV - [2008/02/19 12:10:24 | 00,504,104 | ---- | M] (Apple Inc.) [On_Demand | Running] -- C:\Program Files\iPod\bin\iPodService.exe -- (iPod Service)
SRV - [2008/02/18 10:16:30 | 00,110,592 | ---- | M] (Apple, Inc.) [Auto | Running] -- C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe -- (Apple Mobile Device)
SRV - [2007/12/06 23:20:56 | 00,088,560 | ---- | M] (Sonic Solutions) [On_Demand | Stopped] -- C:\Program Files\Roxio\Digital Home 9\RoxioUPnPRenderer9.exe -- (Roxio UPnP Renderer 9)
SRV - [2007/12/06 23:20:52 | 00,362,992 | ---- | M] (Sonic Solutions) [Auto | Stopped] -- C:\Program Files\Roxio\Digital Home 9\RoxioUpnpService9.exe -- (Roxio Upnp Server 9)
SRV - [2007/03/16 10:10:46 | 00,020,480 | ---- | M] () [Auto | Running] -- C:\WINDOWS\System32\WLTRYSVC.EXE -- (wltrysvc)
SRV - [2007/02/25 19:55:18 | 00,125,048 | ---- | M] (TOSHIBA CORPORATION) [Auto | Running] -- C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtSrv.exe -- (TOSHIBA Bluetooth Service)
SRV - [2007/02/20 10:24:34 | 00,475,136 | ---- | M] (Dell Inc.) [Auto | Running] -- C:\Program Files\Dell\QuickSet\NicConfigSvc.exe -- (NICCONFIGSVC)
SRV - [2007/02/19 06:27:16 | 00,090,112 | ---- | M] (SigmaTel, Inc.) [Auto | Running] -- C:\WINDOWS\system32\stacsv.exe -- (STacSV)
SRV - [2006/12/20 12:29:34 | 00,116,928 | ---- | M] (symantec) [Auto | Running] -- C:\Program Files\Symantec AntiVirus\SavRoam.exe -- (SavRoam)
SRV - [2006/12/20 12:29:30 | 01,814,720 | ---- | M] (Symantec Corporation) [Auto | Running] -- C:\Program Files\Symantec AntiVirus\Rtvscan.exe -- (Symantec AntiVirus)
SRV - [2006/12/20 12:29:20 | 00,031,424 | ---- | M] (Symantec Corporation) [Auto | Running] -- C:\Program Files\Symantec AntiVirus\DefWatch.exe -- (DefWatch)
SRV - [2006/11/21 19:38:40 | 00,169,576 | ---- | M] (Symantec Corporation) [Auto | Running] -- C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe -- (ccSetMgr)
SRV - [2006/11/21 19:38:32 | 00,192,104 | ---- | M] (Symantec Corporation) [Auto | Running] -- C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe -- (ccEvtMgr)
SRV - [2006/10/12 17:30:46 | 02,138,112 | ---- | M] (BigFix Inc.) [Auto | Running] -- C:\Program Files\BigFix Enterprise\BES Client\BESClient.exe -- (BESClient)
SRV - [2006/08/25 11:57:42 | 00,310,368 | ---- | M] (Fiberlink Communications Corp.) [Unknown | Running] -- C:\Program Files\Fiberlink\ItravelV2\ServiceMgr.exe -- (ServiceMgr)
SRV - [2006/08/25 11:54:26 | 00,061,440 | ---- | M] (Fiberlink Communications Corp.) [Unknown | Running] -- C:\Program Files\Fiberlink\ItravelV2\FLUtilsSvc.exe -- (FLUtilsSvc)
SRV - [2006/08/25 10:00:38 | 02,528,960 | ---- | M] (Symantec Corporation) [On_Demand | Stopped] -- C:\Program Files\Symantec\LiveUpdate\LuComServer_3_1.EXE -- (LiveUpdate)
SRV - [2006/08/08 13:36:28 | 00,073,728 | ---- | M] (Boingo Wireless, Inc.) [On_Demand | Stopped] -- C:\Program Files\Fiberlink\ItravelV2\WENGINE2\WMonitor.exe -- (Fiberlinkcomm WMonitor)
SRV - [2006/08/08 13:33:04 | 00,823,296 | ---- | M] () [On_Demand | Stopped] -- C:\Program Files\Fiberlink\ItravelV2\WENGINE2\BWEngine.exe -- (Fiberlinkcomm Wireless Engine)
SRV - [2006/08/07 14:03:02 | 00,214,720 | ---- | M] (Symantec Corporation) [On_Demand | Stopped] -- C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe -- (SNDSrvc)
SRV - [2006/06/14 08:00:10 | 00,844,126 | ---- | M] (Internet Security Systems, Inc.) [Auto | Running] -- C:\Program Files\ISS\Proventia Desktop\RapApp.exe -- (RapApp)
SRV - [2006/06/14 08:00:10 | 00,426,333 | ---- | M] (Internet Security Systems, Inc.) [Auto | Running] -- C:\Program Files\ISS\Proventia Desktop\vpatch.exe -- (VPatch)
SRV - [2006/06/14 08:00:08 | 02,007,382 | ---- | M] (Internet Security Systems, Inc.) [Disabled | Stopped] -- C:\Program Files\ISS\Proventia Desktop\blackd.exe -- (BlackICE)
SRV - [2006/04/20 06:34:26 | 01,520,688 | ---- | M] (Cisco Systems, Inc.) [Auto | Running] -- C:\Program Files\Cisco Systems\VPN Client\cvpnd.exe -- (CVPND)
SRV - [2006/04/11 15:13:38 | 01,160,848 | ---- | M] (Symantec Corporation) [On_Demand | Stopped] -- C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCSvc.exe -- (SPBBCSvc)
SRV - [2006/02/09 03:50:00 | 00,578,784 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\WINDOWS\system32\CCM\CcmExec.exe -- (CcmExec)
SRV - [2006/02/09 03:50:00 | 00,248,544 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\WINDOWS\system32\CCM\clicomp\RemCtrl\Wuser32.exe -- (Wuser32)
SRV - [2005/05/20 09:37:12 | 00,081,920 | ---- | M] (Hewlett-Packard Company) [On_Demand | Stopped] -- C:\WINDOWS\system32\spool\drivers\w32x86\3\HPBPRO.EXE -- (HP Port Resolver)
SRV - [2005/03/28 06:48:48 | 00,020,530 | ---- | M] (IBM Corp) [Auto | Running] -- C:\WINDOWS\system32\nslsvice.exe -- (Lotus Notes Single Logon)
SRV - [2004/10/22 03:24:18 | 00,073,728 | ---- | M] (Macrovision Corporation) [On_Demand | Stopped] -- C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe -- (IDriverT)
SRV - [2004/10/16 04:31:06 | 00,073,728 | ---- | M] (Hewlett-Packard Company) [On_Demand | Stopped] -- C:\WINDOWS\system32\spool\drivers\w32x86\3\HPBOID.EXE -- (HP Status Server)
SRV - [2004/05/03 14:01:02 | 00,124,416 | ---- | M] (DameWare Development LLC) [Auto | Running] -- C:\WINDOWS\System32\DWRCS.EXE -- (DWMRCS)
SRV - [2003/07/28 10:28:22 | 00,089,136 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE -- (ose)
========== Driver Services (SafeList) ========== DRV - [2009/11/10 16:48:05 | 01,323,568 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\Program Files\Common Files\Symantec Shared\VirusDefs\20091223.003\navex15.sys -- (NAVEX15)
DRV - [2009/11/10 16:48:05 | 00,084,912 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\Program Files\Common Files\Symantec Shared\VirusDefs\20091223.003\naveng.sys -- (NAVENG)
DRV - [2009/08/17 18:15:34 | 00,102,448 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\Program Files\Common Files\Symantec Shared\eengine\EraserUtilRebootDrv.sys -- (EraserUtilRebootDrv)
DRV - [2009/08/17 18:15:31 | 00,371,248 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Program Files\Common Files\Symantec Shared\eengine\eeCtrl.sys -- (eeCtrl)
DRV - [2009/05/09 00:14:20 | 00,014,736 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\nuidfltr.sys -- (NuidFltr)
DRV - [2009/03/20 18:03:36 | 00,032,408 | ---- | M] (Smith Micro Inc.) [Kernel | On_Demand | Stopped] -- C:\Program Files\Verizon Wireless\VZAccess Manager\SMSIVZAM5.sys -- (SMSIVZAM5)
DRV - [2009/01/09 16:18:02 | 00,027,136 | R--- | M] (Research in Motion Ltd) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\RimSerial.sys -- (RimVSerPort)
DRV - [2008/05/20 19:33:50 | 00,022,784 | ---- | M] (Research In Motion Limited) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\RimUsb.sys -- (RimUsb)
DRV - [2008/04/13 12:36:39 | 00,043,008 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\amdagp.sys -- (amdagp)
DRV - [2008/04/13 12:36:39 | 00,040,960 | ---- | M] (Silicon Integrated Systems Corporation) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\sisagp.sys -- (sisagp)
DRV - [2008/04/13 10:36:05 | 00,144,384 | ---- | M] (Windows ® Server 2003 DDK provider) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\hdaudbus.sys -- (HDAudBus)
DRV - [2008/02/18 10:16:24 | 00,030,464 | ---- | M] (Apple, Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\usbaapl.sys -- (USBAAPL)
DRV - [2007/11/13 04:25:53 | 00,020,480 | ---- | M] (Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\secdrv.sys -- (Secdrv)
DRV - [2007/09/26 12:42:24 | 00,110,952 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\SYMEVENT.SYS -- (SymEvent)
DRV - [2007/05/16 19:14:58 | 05,707,744 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\igxpmp32.sys -- (ialm)
DRV - [2007/05/01 03:00:00 | 00,043,528 | ---- | M] (Sonic Solutions) [Kernel | Boot | Running] -- C:\WINDOWS\System32\Drivers\PxHelp20.sys -- (PxHelp20)
DRV - [2007/03/16 10:10:46 | 00,604,928 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\BCMWL5.SYS -- (BCM43XX)
DRV - [2007/02/22 17:47:34 | 00,056,576 | ---- | M] (O2Micro) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\oz776.sys -- (guardian2)
DRV - [2007/02/19 06:27:34 | 01,228,296 | ---- | M] (SigmaTel, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\sthda.sys -- (STHDA)
DRV - [2007/02/16 23:00:42 | 00,132,608 | ---- | M] (Alps Electric Co., Ltd.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\Apfiltr.sys -- (ApfiltrService)
DRV - [2007/02/16 15:46:00 | 00,160,256 | R--- | M] (Broadcom Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\b57xp32.sys -- (b57w2k)
DRV - [2007/01/31 11:19:04 | 00,989,696 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\HSF_DPV.sys -- (HSF_DPV)
DRV - [2007/01/31 11:19:04 | 00,012,672 | ---- | M] (Conexant) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\mdmxsdk.sys -- (mdmxsdk)
DRV - [2007/01/31 11:19:02 | 00,730,112 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\HSF_CNXT.sys -- (winachsf)
DRV - [2007/01/31 11:19:02 | 00,209,152 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\HSFHWAZL.sys -- (HSFHWAZL)
DRV - [2007/01/17 10:37:18 | 00,016,496 | R--- | M] (HP) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\HPZipr12.sys -- (HPZipr12)
DRV - [2007/01/17 10:37:17 | 00,049,920 | R--- | M] (HP) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\HPZid412.sys -- (HPZid412)
DRV - [2006/09/19 13:44:04 | 00,015,664 | ---- | M] (GEAR Software Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\GEARAspiWDM.sys -- (GEARAspiWDM)
DRV - [2006/09/06 12:41:20 | 00,337,592 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Program Files\Symantec AntiVirus\savrt.sys -- (SAVRT)
DRV - [2006/09/06 12:41:20 | 00,054,968 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Program Files\Symantec AntiVirus\Savrtpel.sys -- (SAVRTPEL)
DRV - [2006/08/07 14:02:26 | 00,195,776 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\WINDOWS\System32\Drivers\SYMTDI.SYS -- (SYMTDI)
DRV - [2006/06/30 02:51:21 | 00,021,760 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\point32.sys -- (Point32)
DRV - [2006/06/14 08:00:14 | 00,196,978 | ---- | M] (Internet Security Systems, Inc.) [Kernel | Disabled | Stopped] -- C:\WINDOWS\system32\drivers\Blackcat.sys -- (black)
DRV - [2006/06/14 08:00:14 | 00,076,849 | ---- | M] (Internet Security Systems, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\MakoNT.sys -- (MakoNT)
DRV - [2006/06/14 08:00:14 | 00,047,697 | ---- | M] (Internet Security Systems, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\RapDrv.sys -- (rap)
DRV - [2006/04/20 06:33:40 | 00,303,740 | ---- | M] (Cisco Systems, Inc.) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\CVPNDRVA.sys -- (CVPNDRVA)
DRV - [2006/04/11 15:13:34 | 00,389,776 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Stopped] -- C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCDrv.sys -- (SPBBCDrv)
DRV - [2006/02/09 03:50:00 | 00,020,704 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\CCM\PrepDrv.sys -- (prepdrvr)
DRV - [2006/02/09 03:50:00 | 00,011,744 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\kbstuff5.sys -- (kbstuff)
DRV - [2006/02/09 03:50:00 | 00,008,992 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\idisw2km.sys -- (idisw2km)
DRV - [2005/11/21 17:35:34 | 00,020,096 | ---- | M] (Printing Communications Assoc., Inc. (PCAUSA)) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\PCASp50.sys -- (PCASp50)
DRV - [2005/10/22 06:22:48 | 00,021,568 | ---- | M] (HP) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\HPZius12.sys -- (HPZius12)
DRV - [2005/08/18 17:22:30 | 00,110,080 | ---- | M] (Deterministic Networks, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\dne2000.sys -- (DNE)
DRV - [2005/08/12 14:50:46 | 00,016,128 | ---- | M] (Dell Inc) [Kernel | System | Running] -- C:\WINDOWS\SYSTEM32\DRIVERS\APPDRV.SYS -- (APPDRV)
DRV - [2005/05/17 02:51:34 | 00,005,315 | ---- | M] (Cisco Systems, Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\CVirtA.sys -- (CVirtA)
DRV - [2005/01/26 04:22:20 | 00,280,344 | ---- | M] (Zone Labs LLC) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\vsdatant.sys -- (vsdatant)
DRV - [2004/08/04 06:00:00 | 00,017,792 | ---- | M] (Parallel Technologies, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ptilink.sys -- (Ptilink)
DRV - [2004/08/04 06:00:00 | 00,005,888 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\rootmdm.sys -- (ROOTMODEM)
DRV - [2001/08/17 15:07:44 | 00,019,072 | ---- | M] (Adaptec, Inc.) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\sparrow.sys -- (Sparrow)
DRV - [2001/08/17 15:07:42 | 00,030,688 | ---- | M] (LSI Logic) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\sym_u3.sys -- (sym_u3)
DRV - [2001/08/17 15:07:40 | 00,028,384 | ---- | M] (LSI Logic) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\sym_hi.sys -- (sym_hi)
DRV - [2001/08/17 15:07:36 | 00,032,640 | ---- | M] (LSI Logic) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\symc8xx.sys -- (symc8xx)
DRV - [2001/08/17 15:07:34 | 00,016,256 | ---- | M] (Symbios Logic Inc.) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\symc810.sys -- (symc810)
DRV - [2001/08/17 14:52:22 | 00,036,736 | ---- | M] (Promise Technology, Inc.) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\ultra.sys -- (ultra)
DRV - [2001/08/17 14:52:20 | 00,045,312 | ---- | M] (QLogic Corporation) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\ql12160.sys -- (ql12160)
DRV - [2001/08/17 14:52:20 | 00,040,320 | ---- | M] (QLogic Corporation) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\ql1080.sys -- (ql1080)
DRV - [2001/08/17 14:52:18 | 00,049,024 | ---- | M] (QLogic Corporation) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\ql1280.sys -- (ql1280)
DRV - [2001/08/17 14:52:16 | 00,179,584 | ---- | M] (Mylex Corporation) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\dac2w2k.sys -- (dac2w2k)
DRV - [2001/08/17 14:52:12 | 00,017,280 | ---- | M] (American Megatrends Inc.) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\mraid35x.sys -- (mraid35x)
DRV - [2001/08/17 14:52:00 | 00,026,496 | ---- | M] (Advanced System Products, Inc.) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\asc.sys -- (asc)
DRV - [2001/08/17 14:51:58 | 00,014,848 | ---- | M] (Advanced System Products, Inc.) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\asc3550.sys -- (asc3550)
DRV - [2001/08/17 14:51:56 | 00,005,248 | ---- | M] (Acer Laboratories Inc.) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\aliide.sys -- (AliIde)
DRV - [2001/08/17 14:51:54 | 00,006,656 | ---- | M] (CMD Technology, Inc.) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\cmdide.sys -- (CmdIde)
DRV - [2001/08/17 12:53:32 | 00,006,784 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\serscan.sys -- (StillCam)
========== Standard Registry (SafeList) ========== ========== Internet Explorer ========== IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL =
http://www.google.com/ieIE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant =
http://www.google.com/ie IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page =
http://www.google.comIE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,SearchMigratedDefaultName = Google
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,SearchMigratedDefaultURL =
http://www.google.co...m...tf8&oe=utf8IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page =
http://web.pca.packaging.alcan.com/IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant =
http://www.google.com/ieIE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local
FF - HKLM\software\mozilla\Firefox\extensions\\
[email protected]: C:\Program Files\HP\Digital Imaging\Smart Web Printing\MozillaAddOn2 [2009/06/04 21:56:09 | 00,000,000 | ---D | M]
O1 HOSTS File: (2146 bytes) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 137.62.233.1 lmwsap1
O1 - Hosts: 137.62.241.1 lmwa05
O1 - Hosts: 137.62.241.2 lmwsap4
O1 - Hosts: 137.62.241.13 lmwsap6
O1 - Hosts: 137.62.241.3 lmwa01
O1 - Hosts: 137.62.241.4 lmwa02
O1 - Hosts: 137.62.241.5 lmwa03
O1 - Hosts: 137.62.241.14 lmwa04
O1 - Hosts: 137.62.241.26 lmwa06
O1 - Hosts: 137.62.241.11 lmwsap5
O1 - Hosts: 137.62.241.16 lmwsap7
O1 - Hosts: 137.62.241.17 lmwsap8
O1 - Hosts: 137.62.241.18 lmwsap9
O1 - Hosts: 137.62.241.19 lmwsap10
O1 - Hosts: 137.62.241.24 lmwad1
O1 - Hosts: 137.62.241.7 lmwmon1
O1 - Hosts: 137.62.233.28 algw_ides_ts
O1 - Hosts: 137.62.233.16 www.it.lmwheaton.com
O1 - Hosts: 137.62.233.17 www.docs.lmwheaton.com
O1 - Hosts: 137.62.233.18 www.eng.lmwheaton.com
O1 - Hosts: 137.62.0.155 wheaton_ars wheaton-ars wheaton_ars_us.algroup.net
O1 - Hosts: 137.62.0.145 wheatonits arweb wps1.us.algroup.net wheaton.helpdesk.us.algroup.net
O1 - Hosts: 10.80.99.99 millvillersa00
O1 - Hosts: 10.192.40.25 Aph025
O1 - Hosts: 10.192.40.30 Aph030
O1 - Hosts: 22 more lines...
O2 - BHO: (HP Print Enhancer) - {0347C33E-8762-4905-BF09-768834316C61} - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll (Hewlett-Packard Co.)
O2 - BHO: (AcroIEHlprObj Class) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
O2 - BHO: (Skype add-on (mastermind)) - {22BF413B-C6D2-4d91-82A9-A0F997BA588C} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Skype Technologies S.A.)
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - No CLSID value found.
O2 - BHO: (Google Toolbar Helper) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
O2 - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.4.4525.1752\swg.dll (Google Inc.)
O2 - BHO: (Java Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll (Sun Microsystems, Inc.)
O2 - BHO: (JQSIEStartDetectorImpl Class) - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll (Sun Microsystems, Inc.)
O2 - BHO: (ieefanhelper Object) - {F20C798F-04D0-44de-A59B-B34588DE9A94} - C:\Program Files\OnLetterhead\olhieplg.dll (Monsoon Interactive)
O2 - BHO: (HP Smart BHO Class) - {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll (Hewlett-Packard Co.)
O3 - HKLM\..\Toolbar: (no name) - - No CLSID value found.
O3 - HKLM\..\Toolbar: (Google Toolbar) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
O3 - HKLM\..\Toolbar: (OnLetterhead Toolbar) - {C66BE3BA-0A75-4db1-A988-ACE7087CA121} - C:\Program Files\OnLetterhead\olhieplg.dll (Monsoon Interactive)
O3 - HKCU\..\Toolbar\WebBrowser: (Google Toolbar) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
O4 - HKLM..\Run: [] File not found
O4 - HKLM..\Run: [Apoint] C:\Program Files\Apoint\Apoint.exe (Alps Electric Co., Ltd.)
O4 - HKLM..\Run: [BlackBerryAutoUpdate] C:\Program Files\Common Files\Research In Motion\Auto Update\RIMAutoUpdate.exe (Research In Motion Limited)
O4 - HKLM..\Run: [Broadcom Wireless Manager UI] C:\WINDOWS\system32\WLTRAY.EXE (Dell Inc.)
O4 - HKLM..\Run: [ccApp] C:\Program Files\Common Files\Symantec Shared\ccApp.exe (Symantec Corporation)
O4 - HKLM..\Run: [DVDLauncher] C:\Program Files\CyberLink\PowerDVD\DVDLauncher.exe (CyberLink Corp.)
O4 - HKLM..\Run: [e360SysTray] C:\Program Files\Fiberlink\ItravelV2\e360SysTray.exe (Fiberlink Communications Corp.)
O4 - HKLM..\Run: [HotKeysCmds] C:\WINDOWS\system32\hkcmd.exe (Intel Corporation)
O4 - HKLM..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\hpwuSchd2.exe (Hewlett-Packard)
O4 - HKLM..\Run: [hpqSRMon] C:\Program Files\HP\Digital Imaging\bin\HpqSRmon.exe (Hewlett-Packard)
O4 - HKLM..\Run: [IgfxTray] C:\WINDOWS\system32\igfxtray.exe (Intel Corporation)
O4 - HKLM..\Run: [IntelliPoint] C:\Program Files\Microsoft IntelliPoint\ipoint.exe (Microsoft Corporation)
O4 - HKLM..\Run: [iTunesHelper] C:\Program Files\iTunes\iTunesHelper.exe (Apple Inc.)
O4 - HKLM..\Run: [itype] C:\Program Files\Microsoft IntelliType Pro\itype.exe (Microsoft Corporation)
O4 - HKLM..\Run: [KernelFaultCheck] File not found
O4 - HKLM..\Run: [Olh OE HookSrvr] C:\Program Files\OnLetterhead\hooksrvr.exe (Monsoon Interactive)
O4 - HKLM..\Run: [Persistence] C:\WINDOWS\system32\igfxpers.exe (Intel Corporation)
O4 - HKLM..\Run: [QuickTime Task] C:\Program Files\QuickTime Alternative\qttask.exe (Apple Inc.)
O4 - HKLM..\Run: [RoxWatchTray] C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxWatchTray9.exe (Sonic Solutions)
O4 - HKLM..\Run: [SigmatelSysTrayApp] C:\WINDOWS\stsystra.exe (SigmaTel, Inc.)
O4 - HKLM..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre6\bin\jusched.exe (Sun Microsystems, Inc.)
O4 - HKLM..\Run: [Synchronization Manager] C:\WINDOWS\System32\mobsync.exe (Microsoft Corporation)
O4 - HKLM..\Run: [vptray] C:\Program Files\Symantec AntiVirus\VPTray.exe (Symantec Corporation)
O4 - HKCU..\Run: [ISUSPM] C:\Program Files\Common Files\InstallShield\UpdateService\ISUSPM.exe (Macrovision Corporation)
O4 - HKCU..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe (Google Inc.)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 255
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: NoDispScrSavPage = 1
O8 - Extra context menu item: Google Sidewiki... - C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_60D6097707281E79.dll (Google Inc.)
O9 - Extra 'Tools' menuitem : Skype add-on for Internet Explorer - {5067A26B-1337-4436-8AFE-EE169C2DA79F} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Skype Technologies S.A.)
O9 - Extra Button: Skype - {77BF5300-1474-4EC7-9980-D32B190E9B07} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Skype Technologies S.A.)
O9 - Extra Button: HP Smart Select - {DDE87865-83C5-48c4-8357-2F5B1AA84522} - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll (Hewlett-Packard Co.)
O15 - HKLM\..Trusted Domains: 1 domain(s) and sub-domain(s) not assigned to a zone.
O15 - HKCU\..Trusted Domains: //skins ([]e360zip in My Computer)
O15 - HKCU\..Trusted Domains: //skins/ ([]e360zip in My Computer)
O15 - HKCU\..Trusted Domains: alcan.biz ([]* in Local intranet)
O15 - HKCU\..Trusted Domains: alcan.biz ([]http in Trusted sites)
O15 - HKCU\..Trusted Domains: alcan.com ([]* in Local intranet)
O15 - HKCU\..Trusted Domains: alcan.com ([]http in Trusted sites)
O15 - HKCU\..Trusted Domains: pechiney.com ([]* in Local intranet)
O15 - HKCU\..Trusted Domains: riotinto.com ([]http in Trusted sites)
O15 - HKCU\..Trusted Domains: riotinto.org ([]http in Trusted sites)
O15 - HKCU\..Trusted Domains: web.edms.alcan.biz ([]http in Trusted sites)
O15 - HKCU\..Trusted Ranges: Range1 ([http] in Trusted sites)
O16 - DPF: {0DA69429-A757-4D6F-A827-DB1AF052DDAF}
https://portal.globa.../plugins/VA.cab (M6 - VA Launcher)
O16 - DPF: {125B76F0-375F-11D3-89B3-0020AFD81B6D}
http://10.80.166.41/...Files/VInfo.cab (VersionInfo Class)
O16 - DPF: {22945A69-1191-4DCF-9E6F-409BDE94D101}
http://svca.solidwor...elsStandard.cab (EModelNonVersionSpecificViewControl Class)
O16 - DPF: {3E4F6F2B-4F4E-4F45-9C67-F851CC1895CE}
http://10.80.166.41/.../LHXUDIData.cab (LHXUDIData.UDIData)
O16 - DPF: {4871A87A-BFDD-4106-8153-FFDE2BAC2967}
http://dlm.tools.aka...vex-2.2.4.8.cab (DLM Control)
O16 - DPF: {51BB7DFD-A6F5-4FAC-B8C9-E71CF84D082C}
http://millitsrv01/A...isNSConsole.cab (AeXNSConsoleContextHelp Class)
O16 - DPF: {570A613F-A31B-4D55-875B-0D6CEF47332C}
http://10.80.166.41/...HXInetcache.cab (LHInetCache Class)
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C}
http://www.update.mi...b?1190827293921 (WUWebControl Class)
O16 - DPF: {65FDEDF3-8ED9-4F5B-825E-18C2D44191A7}
https://as00.estara....313462OneCC.cab (OneCCCtl Class)
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3}
http://www.update.mi...b?1199559543390 (MUWebControl Class)
O16 - DPF: {6F15128C-E66A-490C-B848-5000B5ABEEAC}
https://h20436.www2....re/HPDEXAXO.cab (HP Download Manager)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93}
http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_17)
O16 - DPF: {8F0DF9DB-AA5A-4ED0-9176-1C4A9C762C59}
http://web.emeetings...STJNILoader.cab (JNILoader Control)
O16 - DPF: {CAFEEFAC-0013-0001-0018-ABCDEFFEDCBA}
http://java.sun.com/...indows-i586.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0014-0002-0011-ABCDEFFEDCBA}
http://java.sun.com/...indows-i586.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0016-0000-0017-ABCDEFFEDCBA}
http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_17)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA}
http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_17)
O16 - DPF: {CC49479E-93A8-455E-959A-C49BE895D87C}
https://portal.globa...ns/VMPlayer.cab (M6 - VM Player Launcher)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000}
http://fpdownload2.m...ash/swflash.cab (Shockwave Flash Object)
O16 - DPF: {E06E2E99-0AA1-11D4-ABA6-0060082AA75C}
https://attwm2.webex...bex/ieatgpc.cab (GpcContainer Class)
O16 - DPF: Microsoft XML Parser for Java file://C:\WINDOWS\Java\classes\xmldso.cab (Reg Error: Key error.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: Domain = alcan.biz
O18 - Protocol\Handler\saphtmlp {D1F8BD1E-7967-11D2-B43A-006094B9EADB} - C:\Program Files\SAP\Frontend\SAPgui\SAPHTMLP.DLL (SAP AG, Walldorf)
O18 - Protocol\Handler\sapr3 {D1F8BD1E-7967-11D2-B43A-006094B9EADB} - C:\Program Files\SAP\Frontend\SAPgui\SAPHTMLP.DLL (SAP AG, Walldorf)
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O20 - AppInit_DLLs: (AMINIT.dll) - C:\WINDOWS\System32\AMInit.dll (Altiris, Inc.)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - Winlogon\Notify\FLWLEvents: DllName - C:\WINDOWS\system32\FiberlinkNetProv.dll - C:\WINDOWS\system32\FiberlinkNetProv.dll ()
O20 - Winlogon\Notify\igfxcui: DllName - igfxdev.dll - C:\WINDOWS\System32\igfxdev.dll (Intel Corporation)
O20 - Winlogon\Notify\NavLogon: DllName - C:\WINDOWS\system32\NavLogon.dll - C:\WINDOWS\system32\NavLogon.dll (Symantec Corporation)
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2005/03/29 13:03:45 | 00,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O33 - MountPoints2\{45c3da39-a1e3-11dd-a3a8-001c2326be7c}\Shell - "" = AutoRun
O33 - MountPoints2\{45c3da39-a1e3-11dd-a3a8-001c2326be7c}\Shell\AutoRun - "" = Auto&Play
O33 - MountPoints2\{45c3da39-a1e3-11dd-a3a8-001c2326be7c}\Shell\AutoRun\command - "" = G:\LaunchU3.exe -- File not found
O33 - MountPoints2\{6966965e-c6ea-11dd-a3e2-001e4c535e81}\Shell - "" = AutoRun
O33 - MountPoints2\{6966965e-c6ea-11dd-a3e2-001e4c535e81}\Shell\AutoRun - "" = Auto&Play
O33 - MountPoints2\{6966965e-c6ea-11dd-a3e2-001e4c535e81}\Shell\AutoRun\command - "" = F:\LaunchU3.exe -- File not found
O33 - MountPoints2\{a86cea4c-e261-11dc-b67d-001c2326be7c}\Shell\AutoRun\command - "" = M:\wdsync.exe -- File not found
O33 - MountPoints2\{fef7d2ae-827a-11de-a4e4-001e4c535e81}\Shell - "" = AutoRun
O33 - MountPoints2\{fef7d2ae-827a-11de-a4e4-001e4c535e81}\Shell\AutoRun - "" = Auto&Play
O33 - MountPoints2\{fef7d2ae-827a-11de-a4e4-001e4c535e81}\Shell\AutoRun\command - "" = F:\EMP_UDSe.exe -- File not found
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35 - comfile [open] -- "%1" %*
O35 - exefile [open] -- "%1" %*
NetSvcs: 6to4 - File not found
NetSvcs: Ias - C:\WINDOWS\system32\ias [2005/03/29 13:03:15 | 00,000,000 | ---D | M]
NetSvcs: Iprip - File not found
NetSvcs: Irmon - File not found
NetSvcs: NWCWorkstation - File not found
NetSvcs: Nwsapagent - File not found
NetSvcs: WmdmPmSp - File not found
NetSvcs: SSHNAS - C:\WINDOWS\system32\sshnas.dll ()
SafeBootMin: Base - Driver Group
SafeBootMin: Boot Bus Extender - Driver Group
SafeBootMin: Boot file system - Driver Group
SafeBootMin: File system - Driver Group
SafeBootMin: Filter - Driver Group
SafeBootMin: PCI Configuration - Driver Group
SafeBootMin: PNP Filter - Driver Group
SafeBootMin: Primary disk - Driver Group
SafeBootMin: SCSI Class - Driver Group
SafeBootMin: sermouse.sys - Driver
SafeBootMin: System Bus Extender - Driver Group
SafeBootMin: vds - Service
SafeBootMin: vga.sys - Driver
SafeBootMin: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootMin: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootMin: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootMin: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootMin: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootMin: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootMin: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootMin: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootMin: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootMin: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootMin: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootMin: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy
SafeBootMin: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootMin: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices
SafeBootNet: Base - Driver Group
SafeBootNet: Boot Bus Extender - Driver Group
SafeBootNet: Boot file system - Driver Group
SafeBootNet: File system - Driver Group
SafeBootNet: Filter - Driver Group
SafeBootNet: NDIS Wrapper - Driver Group
SafeBootNet: NetBIOSGroup - Driver Group
SafeBootNet: NetDDEGroup - Driver Group
SafeBootNet: Network - Driver Group
SafeBootNet: NetworkProvider - Driver Group
SafeBootNet: PCI Configuration - Driver Group
SafeBootNet: PNP Filter - Driver Group
SafeBootNet: PNP_TDI - Driver Group
SafeBootNet: Primary disk - Driver Group
SafeBootNet: SCSI Class - Driver Group
SafeBootNet: sermouse.sys - Driver
SafeBootNet: Streams Drivers - Driver Group
SafeBootNet: System Bus Extender - Driver Group
SafeBootNet: TDI - Driver Group
SafeBootNet: vga.sys - Driver
SafeBootNet: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootNet: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootNet: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootNet: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootNet: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootNet: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootNet: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootNet: {4D36E972-E325-11CE-BFC1-08002BE10318} - Net
SafeBootNet: {4D36E973-E325-11CE-BFC1-08002BE10318} - NetClient
SafeBootNet: {4D36E974-E325-11CE-BFC1-08002BE10318} - NetService
SafeBootNet: {4D36E975-E325-11CE-BFC1-08002BE10318} - NetTrans
SafeBootNet: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootNet: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootNet: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootNet: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootNet: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootNet: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices
ActiveX: {08B0E5C0-4FCB-11CF-AAA5-00401C608500} - Microsoft VM
ActiveX: {10072CEC-8CC1-11D1-986E-00A0C955B42F} - Vector Graphics Rendering (VML)
ActiveX: {166B1BCA-3F9C-11CF-8075-444553540000} - Macromedia Shockwave Director 10.1
ActiveX: {2179C5D3-EBFF-11CF-B6FD-00AA00B4E220} - NetShow
ActiveX: {22d6f312-b0f6-11d0-94ab-0080c74c7e95} - Microsoft Windows Media Player 6.4
ActiveX: {283807B5-2C60-11D0-A31D-00AA00B92C03} - DirectAnimation
ActiveX: {2A202491-F00D-11cf-87CC-0020AFEECF20} - Macromedia Shockwave Director 10.1
ActiveX: {36f8ec70-c29a-11d1-b5c7-0000f8051515} - Dynamic HTML Data Binding for Java
ActiveX: {3af36230-a269-11d1-b5bf-0000f8051515} - Offline Browsing Pack
ActiveX: {3bf42070-b3b1-11d1-b5c5-0000f8051515} - Uniscribe
ActiveX: {411EDCF7-755D-414E-A74B-3DCD6583F589} - Microsoft .NET Framework 1.1 Service Pack 1 (KB867460)
ActiveX: {4278c270-a269-11d1-b5bf-0000f8051515} - Advanced Authoring
ActiveX: {44BBA840-CC51-11CF-AAFA-00AA00B6015C} -
ActiveX: {44BBA848-CC51-11CF-AAFA-00AA00B6015C} - DirectShow
ActiveX: {44BBA855-CC51-11CF-AAFA-00AA00B6015F} - DirectDrawEx
ActiveX: {45ea75a0-a269-11d1-b5bf-0000f8051515} - Internet Explorer Help
ActiveX: {4f216970-c90c-11d1-b5c7-0000f8051515} - DirectAnimation Java Classes
ActiveX: {4f645220-306d-11d2-995d-00c04f98bbc9} - Microsoft Windows Script 5.6
ActiveX: {5945c046-1e7d-11d1-bc44-00c04fd912be} - rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\msmsgs.inf,BLC.QuietInstall.PerUser
ActiveX: {5A8D6EE0-3E18-11D0-821E-444553540000} - ICW
ActiveX: {5fd399c0-a70a-11d1-9948-00c04f98bbc9} - Internet Explorer Setup Tools
ActiveX: {630b1da0-b465-11d1-9948-00c04f98bbc9} - Browsing Enhancements
ActiveX: {6BF52A52-394A-11d3-B153-00C04F79FAA6} - Microsoft Windows Media Player
ActiveX: {6fab99d0-bab8-11d1-994a-00c04f98bbc9} - MSN Site Access
ActiveX: {7131646D-CD3C-40F4-97B9-CD9E4E6262EF} - .NET Framework
ActiveX: {73FA19D0-2D75-11D2-995D-00C04F98BBC9} - Web Folders
ActiveX: {7790769C-0471-11d2-AF11-00C04FA35D02} -
ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4383} - C:\WINDOWS\system32\ie4uinit.exe -BaseSettings
ActiveX: {89B4C1CD-B018-4511-B0A1-5476DBF70820} - c:\WINDOWS\system32\Rundll32.exe c:\WINDOWS\system32\mscories.dll,Install
ActiveX: {9381D8F2-0288-11D0-9501-00AA00B911A5} - Dynamic HTML Data Binding
ActiveX: {C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F} - .NET Framework
ActiveX: {C9E9A340-D1F1-11D0-821E-444553540600} - Internet Explorer Core Fonts
ActiveX: {CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1} - .NET Framework
ActiveX: {CC2A9BA0-3BDD-11D0-821E-444553540000} - Task Scheduler
ActiveX: {CDD7975E-60F8-41d5-8149-19E51D6F71D0} - Windows Movie Maker v2.1
ActiveX: {D27CDB6E-AE6D-11cf-96B8-444553540000} - Adobe Flash Player
ActiveX: {DAA94A2A-2A8D-4D3B-9DB8-56FBECED082D} - Microsoft .NET Framework 1.1 Security Update (KB953297)
ActiveX: {de5aed00-a4bf-11d1-9948-00c04f98bbc9} - HTML Help
ActiveX: {E92B03AB-B707-11d2-9CBD-0000F87A369E} - Active Directory Service Interface
ActiveX: <{12d0ed0d-0ee0-4f90-8827-78cefb8f4988} - C:\WINDOWS\system32\ieudinit.exe
ActiveX: >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} - C:\WINDOWS\inf\unregmp2.exe /ShowWMP
ActiveX: >{26923b43-4d38-484f-9b9e-de460746276c} - C:\WINDOWS\system32\ie4uinit.exe -UserIconConfig
ActiveX: >{60B49E34-C7CC-11D0-8953-00A0C90347FF} - "C:\WINDOWS\system32\rundll32.exe" "C:\WINDOWS\system32\iedkcs32.dll",BrandIEActiveSetup SIGNUP
ActiveX: >{881dd1c5-3dcf-431b-b061-f3f88e8be88a} - %systemroot%\system32\shmgrate.exe OCInstallUserConfigOE
ActiveX: Microsoft Base Smart Card Crypto Provider Package -
Drivers32: msacm.iac2 - C:\WINDOWS\system32\iac25_32.ax (Intel Corporation)
Drivers32: msacm.l3acm - C:\WINDOWS\system32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: MSACM.MI-SC4 - MI-SC4.acm File not found
Drivers32: msacm.siren - C:\WINDOWS\System32\sirenacm.dll (Microsoft Corporation)
Drivers32: msacm.sl_anet - C:\WINDOWS\System32\sl_anet.acm (Sipro Lab Telecom Inc.)
Drivers32: msacm.trspch - C:\WINDOWS\System32\tssoft32.acm (DSP GROUP, INC.)
Drivers32: vidc.cvid - C:\WINDOWS\System32\iccvid.dll (Radius Inc.)
Drivers32: vidc.iv31 - C:\WINDOWS\System32\ir32_32.dll ()
Drivers32: vidc.iv32 - C:\WINDOWS\System32\ir32_32.dll ()
Drivers32: vidc.iv41 - C:\WINDOWS\System32\ir41_32.ax (Intel Corporation)
Drivers32: vidc.iv50 - C:\WINDOWS\System32\ir50_32.dll (Intel Corporation)
Drivers32: vidc.LEAD - LCODCCMP.DLL File not found
Drivers32: vidc.XVID - C:\WINDOWS\System32\m4vdrv.dll ()
========== Files/Folders - Created Within 30 Days ========== [2009/12/26 23:46:08 | 00,000,000 | RH-D | C] -- C:\Documents and Settings\hernandezeri\Recent
[2009/12/26 23:32:12 | 00,000,000 | ---D | C] -- C:\Documents and Settings\hernandezeri\.java
[2009/12/26 22:34:02 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\XoftSpySE
[2009/12/26 21:43:57 | 00,000,000 | ---D | C] -- C:\Program Files\CCleaner
[2009/12/26 21:33:29 | 00,000,000 | ---D | C] -- C:\Program Files\TrendMicro
[2009/12/26 21:32:48 | 00,000,000 | ---D | C] -- C:\Program Files\HijackThis
[2009/12/26 16:35:56 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Lavasoft
[2009/12/18 16:24:17 | 00,000,000 | ---D | C] -- C:\WINDOWS\Tools
[2009/11/28 22:09:19 | 00,000,000 | ---D | C] -- C:\DR
[2009/09/23 20:13:40 | 00,000,000 | ---D | M] -- C:\Documents and Settings\LocalService\Local Settings\Application Data\Google
[2009/09/16 09:40:30 | 00,000,000 | ---D | M] -- C:\Documents and Settings\LocalService\Local Settings\Application Data\HP
[2008/01/10 07:42:17 | 00,000,000 | ---D | M] -- C:\Documents and Settings\LocalService\Application Data\Roxio
[2006/02/19 02:28:56 | 00,012,288 | ---- | C] (Hewlett-Packard Development Company, L.P.) -- C:\WINDOWS\Fonts\RandFont.dll
[2005/03/29 13:07:35 | 00,000,000 | --SD | M] -- C:\Documents and Settings\LocalService\Application Data\Microsoft
[2005/03/29 13:07:35 | 00,000,000 | ---D | M] -- C:\Documents and Settings\LocalService\Local Settings\Application Data\Microsoft
[2005/03/29 13:07:20 | 00,000,000 | --SD | M] -- C:\Documents and Settings\NetworkService\Application Data\Microsoft
[2005/03/29 13:07:19 | 00,000,000 | ---D | M] -- C:\Documents and Settings\NetworkService\Local Settings\Application Data\Microsoft
[4 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
========== Files - Modified Within 30 Days ========== [2009/12/28 10:16:01 | 00,002,061 | ---- | M] () -- C:\WINDOWS\saplogon.ini
[2009/12/28 10:07:07 | 00,001,580 | ---- | M] () -- C:\Documents and Settings\hernandezeri\Desktop\HiJackThis.lnk
[2009/12/28 09:53:35 | 00,000,868 | ---- | M] () -- C:\WINDOWS\tasks\Google Software Updater.job
[2009/12/28 09:52:00 | 00,054,156 | -H-- | M] () -- C:\WINDOWS\QTFont.qfn
[2009/12/28 09:51:24 | 00,002,206 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2009/12/27 04:07:17 | 00,000,496 | ---- | M] () -- C:\WINDOWS\smscfg.ini
[2009/12/27 04:03:35 | 00,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2009/12/27 04:03:27 | 21,369,61024 | -HS- | M] () -- C:\hiberfil.sys
[2009/12/26 23:38:36 | 08,650,752 | -H-- | M] () -- C:\Documents and Settings\hernandezeri\ntuser.dat
[2009/12/26 18:28:18 | 00,000,256 | ---- | M] () -- C:\WINDOWS\System32\pool.bin
[2009/12/26 17:17:02 | 00,000,298 | -H-- | M] () -- C:\WINDOWS\tasks\{66BA574B-1E11-49b8-909C-8CC9E0E8E015}.job
[2009/12/26 16:43:39 | 00,000,458 | ---- | M] () -- C:\WINDOWS\tasks\Ad-Aware Update (Weekly).job
[2009/12/26 16:43:39 | 00,000,458 | ---- | M] () -- C:\WINDOWS\tasks\Ad-Aware Update (Daily 4).job
[2009/12/26 16:43:39 | 00,000,458 | ---- | M] () -- C:\WINDOWS\tasks\Ad-Aware Update (Daily 3).job
[2009/12/26 16:43:39 | 00,000,458 | ---- | M] () -- C:\WINDOWS\tasks\Ad-Aware Update (Daily 2).job
[2009/12/26 16:43:39 | 00,000,458 | ---- | M] () -- C:\WINDOWS\tasks\Ad-Aware Update (Daily 1).job
[2009/12/26 16:43:14 | 00,000,178 | -HS- | M] () -- C:\Documents and Settings\hernandezeri\ntuser.ini
[2009/12/26 16:42:52 | 02,700,072 | -H-- | M] () -- C:\Documents and Settings\hernandezeri\Local Settings\Application Data\IconCache.db
[2009/12/23 23:54:30 | 00,000,254 | -H-- | M] () -- C:\WINDOWS\tasks\{35DC3473-A719-4d14-B7C1-FD326CA84A0C}.job
[2009/12/23 23:54:14 | 00,233,472 | ---- | M] () -- C:\WINDOWS\System32\sshnas.dll
[2009/12/22 15:58:20 | 00,000,000 | -H-- | M] () -- C:\WINDOWS\System32\drivers\UMDF\Msft_User_WpdMtpDr_01_00_00.Wdf
[2009/12/21 00:19:43 | 00,000,648 | ---- | M] () -- C:\WINDOWS\win.ini
[2009/12/20 17:44:47 | 00,280,536 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2009/12/18 01:32:51 | 01,734,656 | ---- | M] () -- D:\My Documents\testplan.xls
[2009/12/18 01:32:32 | 01,734,656 | ---- | M] () -- D:\My Documents\workplan.xls
[2009/12/15 09:56:13 | 00,036,685 | RHS- | M] () -- C:\Documents and Settings\All Users\ntuser.pol
[2009/12/14 12:42:48 | 00,000,256 | ---- | M] () -- C:\Documents and Settings\hernandezeri\pool.bin
[2009/12/11 22:43:37 | 00,041,472 | ---- | M] () -- D:\My Documents\resume_9_09revision[1].doc
[2009/12/09 13:57:22 | 00,000,028 | ---- | M] () -- C:\WINDOWS\System32\wininet_dll.iss
[2009/12/09 13:57:20 | 00,000,028 | ---- | M] () -- C:\WINDOWS\System32\urlmon_dll.iss
[2009/12/03 18:32:37 | 00,164,864 | ---- | M] () -- C:\Documents and Settings\hernandezeri\Desktop\Countermeasures Material.xls
[2009/12/01 08:43:49 | 00,001,729 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Desktop Manager.lnk
[2009/11/30 20:55:34 | 00,001,409 | ---- | M] () -- C:\WINDOWS\QTFont.for
[2009/11/28 22:18:32 | 00,000,000 | ---- | M] () -- C:\WINDOWS\UNIVMGR.INI
[4 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
========== Files Created - No Company Name ========== [2009/12/26 21:33:29 | 00,001,580 | ---- | C] () -- C:\Documents and Settings\hernandezeri\Desktop\HiJackThis.lnk
[2009/12/26 16:43:39 | 00,000,458 | ---- | C] () -- C:\WINDOWS\tasks\Ad-Aware Update (Weekly).job
[2009/12/26 16:43:39 | 00,000,458 | ---- | C] () -- C:\WINDOWS\tasks\Ad-Aware Update (Daily 4).job
[2009/12/26 16:43:39 | 00,000,458 | ---- | C] () -- C:\WINDOWS\tasks\Ad-Aware Update (Daily 3).job
[2009/12/26 16:43:39 | 00,000,458 | ---- | C] () -- C:\WINDOWS\tasks\Ad-Aware Update (Daily 2).job
[2009/12/26 16:43:39 | 00,000,458 | ---- | C] () -- C:\WINDOWS\tasks\Ad-Aware Update (Daily 1).job
[2009/12/23 23:54:24 | 00,000,298 | -H-- | C] () -- C:\WINDOWS\tasks\{66BA574B-1E11-49b8-909C-8CC9E0E8E015}.job
[2009/12/23 23:54:23 | 00,000,254 | -H-- | C] () -- C:\WINDOWS\tasks\{35DC3473-A719-4d14-B7C1-FD326CA84A0C}.job
[2009/12/23 23:54:12 | 00,233,472 | ---- | C] () -- C:\WINDOWS\System32\sshnas.dll
[2009/12/18 01:32:40 | 01,734,656 | ---- | C] () -- D:\My Documents\testplan.xls
[2009/12/18 01:32:22 | 01,734,656 | ---- | C] () -- D:\My Documents\workplan.xls
[2009/12/14 12:42:48 | 00,000,256 | ---- | C] () -- C:\Documents and Settings\hernandezeri\pool.bin
[2009/12/11 22:43:36 | 00,041,472 | ---- | C] () -- D:\My Documents\resume_9_09revision[1].doc
[2009/12/03 14:35:57 | 00,164,864 | ---- | C] () -- C:\Documents and Settings\hernandezeri\Desktop\Countermeasures Material.xls
[2009/12/01 08:43:49 | 00,001,729 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Desktop Manager.lnk
[2009/11/30 20:55:34 | 00,054,156 | -H-- | C] () -- C:\WINDOWS\QTFont.qfn
[2009/11/30 20:55:34 | 00,001,409 | ---- | C] () -- C:\WINDOWS\QTFont.for
[2009/11/28 22:18:32 | 00,000,000 | ---- | C] () -- C:\WINDOWS\UNIVMGR.INI
[2009/09/17 08:39:17 | 00,765,952 | ---- | C] () -- C:\WINDOWS\System32\Avicodec.dll
[2009/09/17 08:39:17 | 00,180,224 | ---- | C] () -- C:\WINDOWS\System32\m4vdrv.dll
[2009/09/16 09:55:06 | 00,000,000 | ---- | C] () -- C:\WINDOWS\hpqEmlSz.INI
[2009/08/03 11:54:04 | 00,000,321 | ---- | C] () -- C:\WINDOWS\IH0DTG.INI
[2009/05/08 16:11:32 | 00,000,000 | ---- | C] () -- C:\WINDOWS\eDrawingOfficeAutomator.INI
[2009/04/30 07:24:59 | 00,000,065 | ---- | C] () -- C:\WINDOWS\minitab.ini
[2009/04/30 06:12:15 | 00,000,516 | ---- | C] () -- C:\WINDOWS\System32\DWRCCMDError.ini
[2009/03/08 10:27:47 | 00,000,000 | ---- | C] () -- C:\WINDOWS\MTB13GE.INI
[2009/03/04 14:02:19 | 00,000,518 | ---- | C] () -- C:\WINDOWS\MTB13.INI
[2008/11/20 07:13:28 | 00,051,392 | ---- | C] () -- C:\WINDOWS\System32\drivers\atnt40k.sys
[2008/09/26 16:08:05 | 00,000,040 | ---- | C] () -- C:\WINDOWS\sx80lc.ini
[2008/09/26 16:08:05 | 00,000,040 | ---- | C] () -- C:\WINDOWS\sx5363.ini
[2008/09/07 20:37:02 | 00,000,135 | ---- | C] () -- C:\Documents and Settings\hernandezeri\Local Settings\Application Data\fusioncache.dat
[2008/09/07 17:53:27 | 00,077,824 | ---- | C] () -- C:\WINDOWS\System32\HPZIDS01.dll
[2008/09/07 17:53:11 | 00,000,160 | ---- | C] () -- C:\WINDOWS\System32\AddPort.ini
[2008/09/07 17:52:00 | 00,000,685 | ---- | C] () -- C:\WINDOWS\hpntwksetup.ini
[2008/05/16 16:14:45 | 00,003,445 | ---- | C] () -- C:\Documents and Settings\All Users\Application Data\hpzinstall.log
[2008/04/16 12:17:04 | 00,000,113 | ---- | C] () -- C:\WINDOWS\sapgrph.ini
[2008/02/14 14:11:20 | 00,000,320 | ---- | C] () -- C:\WINDOWS\IH0ETG.INI
[2008/02/11 17:35:25 | 00,000,113 | ---- | C] () -- C:\WINDOWS\notesnsd.ini
[2008/02/05 10:25:06 | 00,014,848 | ---- | C] () -- C:\Documents and Settings\hernandezeri\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2008/02/04 10:29:06 | 00,045,056 | ---- | C] () -- C:\WINDOWS\System32\VoissUtils.dll
[2008/02/02 00:16:39 | 00,000,072 | ---- | C] () -- C:\Documents and Settings\hernandezeri\Local Settings\Application Data\rx_image.Cache
[2008/02/02 00:16:32 | 00,002,108 | ---- | C] () -- C:\Documents and Settings\hernandezeri\Local Settings\Application Data\rx_audio.Cache
[2007/09/26 12:34:12 | 00,002,401 | ---- | C] () -- C:\WINDOWS\System32\drivers\AlKernel.sys
[2007/09/26 12:33:53 | 00,008,032 | ---- | C] () -- C:\WINDOWS\dynamic.ini
[2007/09/26 11:45:00 | 00,026,544 | ---- | C] () -- C:\Documents and Settings\All Users\Application Data\ItravelV2Setup.log
[2007/09/26 10:58:42 | 00,086,016 | ---- | C] () -- C:\WINDOWS\System32\preflib.dll
[2007/09/26 10:58:38 | 00,757,760 | ---- | C] () -- C:\WINDOWS\System32\bcm1xsup.dll
[2007/06/25 17:19:05 | 00,910,304 | ---- | C] () -- C:\WINDOWS\System32\igmedkrn.dll
[2007/06/25 17:19:05 | 00,204,800 | ---- | C] () -- C:\WINDOWS\System32\igfxCoIn_v4831.dll
[2007/04/05 05:56:50 | 00,000,000 | ---- | C] () -- C:\WINDOWS\System32\px.ini
[2006/12/05 11:05:06 | 00,114,688 | ---- | C] () -- C:\WINDOWS\System32\TosBtAcc.dll
[2006/08/25 11:56:12 | 00,299,008 | ---- | C] () -- C:\WINDOWS\System32\FiberlinkNetProv.dll
[2006/08/25 11:12:22 | 00,032,916 | ---- | C] () -- C:\Documents and Settings\All Users\Application Data\DeviceManager.xml
[2006/05/17 18:57:45 | 00,036,972 | ---- | C] () -- C:\WINDOWS\System32\ActPanel.dll
[2006/05/17 18:57:11 | 00,116,224 | ---- | C] () -- C:\WINDOWS\System32\pdfcmnnt.dll
[2006/05/17 18:49:33 | 01,064,960 | ---- | C] () -- C:\WINDOWS\System32\h5krnl32.dll
[2006/05/17 18:49:33 | 00,188,928 | ---- | C] () -- C:\WINDOWS\System32\h5icon32.dll
[2006/05/17 18:49:33 | 00,175,616 | ---- | C] () -- C:\WINDOWS\System32\h5menu32.dll
[2006/05/17 18:49:33 | 00,095,744 | ---- | C] () -- C:\WINDOWS\System32\h5rtf32.dll
[2006/05/17 18:49:33 | 00,051,200 | ---- | C] () -- C:\WINDOWS\System32\h5tool32.dll
[2006/04/20 06:34:38 | 00,197,680 | ---- | C] () -- C:\WINDOWS\System32\vpnapi.dll
[2006/04/20 06:34:24 | 00,193,584 | ---- | C] () -- C:\WINDOWS\System32\CSGina.dll
[2005/07/22 19:30:20 | 00,065,536 | ---- | C] () -- C:\WINDOWS\System32\TosCommAPI.dll
[2005/04/19 09:55:24 | 00,284,248 | ---- | C] () -- C:\WINDOWS\System32\LHXInetcache.dll
[2005/03/29 18:53:40 | 00,002,061 | ---- | C] () -- C:\WINDOWS\saplogon.ini
[2005/03/29 18:53:40 | 00,000,683 | ---- | C] () -- C:\WINDOWS\sapmsg.ini
[2005/03/29 18:15:58 | 00,015,872 | ---- | C] () -- C:\WINDOWS\System32\vtssm32.dll
[2005/03/29 18:03:20 | 00,000,451 | ---- | C] () -- C:\WINDOWS\ODBC.INI
[2005/03/29 17:25:22 | 00,000,000 | ---- | C] () -- C:\WINDOWS\VPC32.INI
[2005/03/29 13:49:11 | 00,000,496 | ---- | C] () -- C:\WINDOWS\smscfg.ini
[2002/10/02 14:24:26 | 00,000,039 | ---- | C] () -- C:\WINDOWS\System32\sx80lc.ini
[2001/12/21 15:35:36 | 00,000,039 | ---- | C] () -- C:\WINDOWS\System32\sx5363.ini
[2001/10/28 18:42:30 | 00,116,224 | ---- | C] () -- C:\WINDOWS\System32\redmonnt.dll
[2001/07/07 02:00:00 | 00,003,399 | ---- | C] () -- C:\WINDOWS\System32\hptcpmon.ini
[1999/01/22 15:46:58 | 00,065,536 | ---- | C] () -- C:\WINDOWS\System32\MSRTEDIT.DLL
========== Custom Scans ========== < %SYSTEMDRIVE%\*.exe > < MD5 for: AGP440.SYS >[2008/04/13 12:36:38 | 00,042,368 | ---- | M] (Microsoft Corporation) MD5=08FD04AA961BDC77FB983F328334E3D7 -- C:\WINDOWS\ServicePackFiles\i386\agp440.sys
[2008/04/13 12:36:38 | 00,042,368 | ---- | M] (Microsoft Corporation) MD5=08FD04AA961BDC77FB983F328334E3D7 -- C:\WINDOWS\system32\drivers\agp440.sys
[2004/08/04 00:07:42 | 00,042,368 | ---- | M] (Microsoft Corporation) MD5=2C428FA0C3E3A01ED93C9B2A27D8D4BB -- C:\WINDOWS\$NtServicePackUninstall$\agp440.sys
< MD5 for: ATAPI.SYS >[2008/04/13 12:40:30 | 00,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\ServicePackFiles\i386\atapi.sys
[2008/04/13 12:40:30 | 00,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\system32\drivers\atapi.sys
[2004/08/03 23:59:44 | 00,095,360 | ---- | M] (Microsoft Corporation) MD5=CDFE4411A69C224BD1D11B2DA92DAC51 -- C:\WINDOWS\$NtServicePackUninstall$\atapi.sys
[2004/08/03 23:59:44 | 00,095,360 | ---- | M] (Microsoft Corporation) MD5=CDFE4411A69C224BD1D11B2DA92DAC51 -- C:\WINDOWS\system32\ReinstallBackups\0004\DriverFiles\i386\atapi.sys
[2004/08/03 23:59:44 | 00,095,360 | ---- | M] (Microsoft Corporation) MD5=CDFE4411A69C224BD1D11B2DA92DAC51 -- C:\WINDOWS\system32\ReinstallBackups\0015\DriverFiles\i386\atapi.sys
< MD5 for: EVENTLOG.DLL >[2008/04/13 18:11:53 | 00,056,320 | ---- | M] (Microsoft Corporation) MD5=6D4FEB43EE538FC5428CC7F0565AA656 -- C:\WINDOWS\ServicePackFiles\i386\eventlog.dll
[2008/04/13 18:11:53 | 00,056,320 | ---- | M] (Microsoft Corporation) MD5=6D4FEB43EE538FC5428CC7F0565AA656 -- C:\WINDOWS\system32\eventlog.dll
[2004/08/04 06:00:00 | 00,055,808 | ---- | M] (Microsoft Corporation) MD5=82B24CB70E5944E6E34662205A2A5B78 -- C:\WINDOWS\$NtServicePackUninstall$\eventlog.dll
< MD5 for: IASTOR.SYS >[2007/02/12 05:36:54 | 00,277,784 | ---- | M] (Intel Corporation) MD5=FD7F9D74C2B35DBDA400804A3F5ED5D8 -- C:\Drv\12\iastor.sys
[2007/02/12 05:36:54 | 00,277,784 | ---- | M] (Intel Corporation) MD5=FD7F9D74C2B35DBDA400804A3F5ED5D8 -- C:\Program Files\Sigmatel\C-Major Audio\WDM\iastor.sys
< MD5 for: NETLOGON.DLL >[2008/04/13 18:12:01 | 00,407,040 | ---- | M] (Microsoft Corporation) MD5=1B7F071C51B77C272875C3A23E1E4550 -- C:\WINDOWS\ServicePackFiles\i386\netlogon.dll
[2008/04/13 18:12:01 | 00,407,040 | ---- | M] (Microsoft Corporation) MD5=1B7F071C51B77C272875C3A23E1E4550 -- C:\WINDOWS\system32\netlogon.dll
[2004/08/04 06:00:00 | 00,407,040 | ---- | M] (Microsoft Corporation) MD5=96353FCECBA774BB8DA74A1C6507015A -- C:\WINDOWS\$NtServicePackUninstall$\netlogon.dll
< MD5 for: SCECLI.DLL >[2004/08/04 06:00:00 | 00,180,224 | ---- | M] (Microsoft Corporation) MD5=0F78E27F563F2AAF74B91A49E2ABF19A -- C:\WINDOWS\$NtServicePackUninstall$\scecli.dll
[2008/04/13 18:12:05 | 00,181,248 | ---- | M] (Microsoft Corporation) MD5=A86BB5E61BF3E39B62AB4C7E7085A084 -- C:\WINDOWS\ServicePackFiles\i386\scecli.dll
[2008/04/13 18:12:05 | 00,181,248 | ---- | M] (Microsoft Corporation) MD5=A86BB5E61BF3E39B62AB4C7E7085A084 -- C:\WINDOWS\system32\scecli.dll
< %systemroot%\*. /mp /s > < %PROGRAMFILES%\*. >[2006/05/17 18:53:36 | 00,000,000 | ---D | M] -- C:\Program Files\Adobe
[2009/10/26 09:12:07 | 00,000,000 | ---D | M] -- C:\Program Files\Altiris
[2007/09/26 10:59:05 | 00,000,000 | ---D | M] -- C:\Program Files\Apoint
[2008/03/25 18:40:58 | 00,000,000 | ---D | M] -- C:\Program Files\Apple Software Update
[2007/09/26 11:45:02 | 00,000,000 | ---D | M] -- C:\Program Files\BigFix Enterprise
[2009/02/02 11:22:15 | 00,000,000 | ---D | M] -- C:\Program Files\Broadcom
[2009/12/26 21:43:57 | 00,000,000 | ---D | M] -- C:\Program Files\CCleaner
[2005/03/29 17:57:03 | 00,000,000 | ---D | M] -- C:\Program Files\Chainsaw
[2007/09/26 11:46:28 | 00,000,000 | ---D | M] -- C:\Program Files\Cisco Systems
[2009/01/19 20:17:30 | 00,000,000 | ---D | M] -- C:\Program Files\Citrix
[2009/12/28 09:58:32 | 00,000,000 | ---D | M] -- C:\Program Files\Common Files
[2005/03/29 12:59:34 | 00,000,000 | ---D | M] -- C:\Program Files\ComPlus Applications
[2007/09/26 13:53:43 | 00,000,000 | ---D | M] -- C:\Program Files\CONEXANT
[2007/09/26 11:07:41 | 00,000,000 | ---D | M] -- C:\Program Files\CyberLink
[2007/09/26 10:59:17 | 00,000,000 | ---D | M] -- C:\Program Files\Dell
[2007/09/26 11:45:10 | 00,000,000 | ---D | M] -- C:\Program Files\Fiberlink
[2009/10/01 06:20:22 | 00,000,000 | ---D | M] -- C:\Program Files\Google
[2009/11/13 17:57:08 | 00,000,000 | ---D | M] -- C:\Program Files\Hewlett-Packard
[2009/12/28 10:07:30 | 00,000,000 | ---D | M] -- C:\Program Files\HijackThis
[2009/08/20 19:38:25 | 00,000,000 | ---D | M] -- C:\Program Files\HP
[2009/05/08 15:15:54 | 00,000,000 | ---D | M] -- C:\Program Files\IGC
[2009/09/17 08:39:16 | 00,000,000 | -H-D | M] -- C:\Program Files\InstallShield Installation Information
[2009/12/09 07:59:26 | 00,000,000 | ---D | M] -- C:\Program Files\Internet Explorer
[2008/03/25 18:42:14 | 00,000,000 | ---D | M] -- C:\Program Files\iPod
[2007/09/26 11:45:38 | 00,000,000 | ---D | M] -- C:\Program Files\ISS
[2008/03/25 18:42:17 | 00,000,000 | ---D | M] -- C:\Program Files\iTunes
[2005/03/29 17:59:11 | 00,000,000 | ---D | M] -- C:\Program Files\IZArc
[2009/11/23 07:45:38 | 00,000,000 | ---D | M] -- C:\Program Files\Java
[2006/05/17 18:57:45 | 00,000,000 | ---D | M] -- C:\Program Files\JavaSoft
[2008/02/11 08:23:02 | 00,000,000 | ---D | M] -- C:\Program Files\Lotus
[2006/05/17 18:57:23 | 00,000,000 | ---D | M] -- C:\Program Files\Media Player Classic
[2008/09/04 12:00:53 | 00,000,000 | ---D | M] -- C:\Program Files\Messenger
[2009/09/28 21:50:34 | 00,000,000 | ---D | M] -- C:\Program Files\Microsoft
[2006/05/17 18:41:09 | 00,000,000 | ---D | M] -- C:\Program Files\Microsoft ActiveSync
[2008/01/05 13:31:54 | 00,000,000 | ---D | M] -- C:\Program Files\Microsoft CAPICOM 2.1.0.2
[2005/03/29 13:04:02 | 00,000,000 | ---D | M] -- C:\Program Files\microsoft frontpage
[2008/01/04 14:01:09 | 00,000,000 | ---D | M] -- C:\Program Files\Microsoft IntelliPoint
[2008/01/04 14:00:22 | 00,000,000 | ---D | M] -- C:\Program Files\Microsoft IntelliType Pro
[2008/12/12 08:53:55 | 00,000,000 | ---D | M] -- C:\Program Files\Microsoft Office
[2009/09/27 21:21:22 | 00,000,000 | ---D | M] -- C:\Program Files\Microsoft Silverlight
[2009/03/17 15:28:22 | 00,000,000 | ---D | M] -- C:\Program Files\Microsoft SQL Server
[2005/03/29 18:01:46 | 00,000,000 | ---D | M] -- C:\Program Files\Microsoft Visual Studio
[2006/05/17 18:40:52 | 00,000,000 | ---D | M] -- C:\Program Files\Microsoft Works
[2008/09/16 08:35:59 | 00,000,000 | ---D | M] -- C:\Program Files\Microsoft.NET
[2009/04/30 07:24:49 | 00,000,000 | ---D | M] -- C:\Program Files\Minitab 15
[2008/09/03 18:54:43 | 00,000,000 | ---D | M] -- C:\Program Files\Movie Maker
[2009/08/16 12:06:15 | 00,000,000 | ---D | M] -- C:\Program Files\MSBuild
[2008/12/12 08:53:48 | 00,000,000 | ---D | M] -- C:\Program Files\MSECache
[2005/03/29 12:58:07 | 00,000,000 | ---D | M] -- C:\Program Files\MSN
[2005/03/29 12:59:10 | 00,000,000 | ---D | M] -- C:\Program Files\MSN Gaming Zone
[2007/09/26 11:38:02 | 00,000,000 | ---D | M] -- C:\Program Files\MSXML 4.0
[2008/09/18 12:01:49 | 00,000,000 | ---D | M] -- C:\Program Files\MSXML 6.0
[2008/09/03 18:53:08 | 00,000,000 | ---D | M] -- C:\Program Files\NetMeeting
[2009/07/07 21:22:47 | 00,000,000 | ---D | M] -- C:\Program Files\OfficeRecovery
[2008/09/30 23:46:00 | 00,000,000 | ---D | M] -- C:\Program Files\OnLetterhead
[2005/03/29 13:22:43 | 00,000,000 | ---D | M] -- C:\Program Files\Online Services
[2009/08/12 15:49:12 | 00,000,000 | ---D | M] -- C:\Program Files\Outlook Express
[2006/05/17 18:57:22 | 00,000,000 | ---D | M] -- C:\Program Files\PDFCreator
[2005/03/29 18:11:44 | 00,000,000 | ---D | M] -- C:\Program Files\PrintKey2000
[2008/03/25 18:41:46 | 00,000,000 | ---D | M] -- C:\Program Files\QuickTime Alternative
[2009/08/16 12:06:10 | 00,000,000 | ---D | M] -- C:\Program Files\Reference Assemblies
[2009/09/17 08:39:17 | 00,000,000 | ---D | M] -- C:\Program Files\RemoteManager
[2008/01/04 14:13:33 | 00,000,000 | ---D | M] -- C:\Program Files\Research In Motion
[2009/11/16 09:15:28 | 00,000,000 | ---D | M] -- C:\Program Files\Roxio
[2006/05/17 18:49:24 | 00,000,000 | ---D | M] -- C:\Program Files\SAP
[2008/09/16 08:31:44 | 00,000,000 | ---D | M] -- C:\Program Files\Seagate Software
[2007/09/26 13:54:23 | 00,000,000 | ---D | M] -- C:\Program Files\Sigmatel
[2009/09/23 20:13:21 | 00,000,000 | R--D | M] -- C:\Program Files\Skype
[2005/03/29 17:52:34 | 00,000,000 | ---D | M] -- C:\Program Files\Snapshot Viewer
[2007/09/26 11:07:35 | 00,000,000 | ---D | M] -- C:\Program Files\Sonic
[2007/09/26 12:42:27 | 00,000,000 | ---D | M] -- C:\Program Files\Symantec
[2009/12/27 04:07:16 | 00,000,000 | ---D | M] -- C:\Program Files\Symantec AntiVirus
[2008/09/16 22:47:19 | 00,000,000 | ---D | M] -- C:\Program Files\TeamViewer3
[2007/09/26 10:59:25 | 00,000,000 | ---D | M] -- C:\Program Files\Toshiba
[2009/12/26 21:33:29 | 00,000,000 | ---D | M] -- C:\Program Files\TrendMicro
[2005/03/29 13:07:52 | 00,000,000 | -H-D | M] -- C:\Program Files\Uninstall Information
[2009/09/29 15:07:04 | 00,000,000 | ---D | M] -- C:\Program Files\Verizon Wireless
[2009/06/11 22:53:39 | 00,000,000 | ---D | M] -- C:\Program Files\Windows Live
[2009/06/11 22:53:25 | 00,000,000 | ---D | M] -- C:\Program Files\Windows Live SkyDrive
[2008/01/06 08:51:07 | 00,000,000 | ---D | M] -- C:\Program Files\Windows Media Connect 2
[2008/09/03 18:53:05 | 00,000,000 | ---D | M] -- C:\Program Files\Windows Media Player
[2008/09/03 18:53:05 | 00,000,000 | ---D | M] -- C:\Program Files\Windows NT
[2005/03/29 13:02:28 | 00,000,000 | -H-D | M] -- C:\Program Files\WindowsUpdate
[2005/03/29 13:04:02 | 00,000,000 | ---D | M] -- C:\Program Files\xerox
[2008/01/05 12:31:59 | 00,000,000 | ---D | M] -- C:\Program Files\yepp
[2009/07/17 00:21:44 | 00,000,000 | ---D | M] -- C:\Program Files\YouTube Downloader
< HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update\Results\Install|LastSuccessTime /rs >HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update\Results\Install\\LastSuccessTime: 2009-12-21 11:20:24
< Update\Results\Install|LastSuccessTime /rs > ========== Alternate Data Streams ========== @Alternate Data Stream - 111 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:24051EFF
< End of report >