Jump to content

Welcome to Geeks to Go - Register now for FREE

Need help with your computer or device? Want to learn new tech skills? You're in the right place!
Geeks to Go is a friendly community of tech experts who can solve any problem you have. Just create a free account and post your question. Our volunteers will reply quickly and guide you through the steps. Don't let tech troubles stop you. Join Geeks to Go now and get the support you need!

How it Works Create Account
Photo

Not sure what the problem is

Started by redbarn , May 07 2010 11:53 AM

  • Please log in to reply

#1
redbarn
Posted 07 May 2010 - 11:53 AM

redbarn

    New Member

  • Member
  • Pip
  • 1 posts
I am posting the requested log files. I am not sure what it wrong but my wireless device program, keeps automatically connecting itself to the internet. I have looked to see if there is a place where it says connect automatically in the programs but I cannot find it anywhere. So I am trying to fine out if I have virus or other issue. I am not a computer geek so if I did something wrong please tell me what I need to do (detailed instructions please) To get it right. Thank you.
Jean

GMER 1.0.15.15281 - http://www.gmer.net
Rootkit scan 2010-05-07 10:51:32
Windows 6.0.6002 Service Pack 2
Running: gmer.exe


---- Registry - GMER 1.0.15 ----

Reg HKLM\SYSTEM\CurrentControlSet\Services\BTHPORT\Parameters\Keys\001fe2f66d82
Reg HKLM\SYSTEM\ControlSet002\Services\BTHPORT\Parameters\Keys\001fe2f66d82 (not active ControlSet)

---- EOF - GMER 1.0.15 ----



Malwarebytes' Anti-Malware 1.46
www.malwarebytes.org

Database version: 4052

Windows 6.0.6002 Service Pack 2
Internet Explorer 8.0.6001.18904

5/3/2010 9:06:27 PM
mbam-log-2010-05-03 (21-06-27).txt

Scan type: Quick scan
Objects scanned: 116136
Time elapsed: 4 minute(s), 32 second(s)

Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 0
Registry Values Infected: 0
Registry Data Items Infected: 1
Folders Infected: 0
Files Infected: 0

Memory Processes Infected:
(No malicious items detected)

Memory Modules Infected:
(No malicious items detected)

Registry Keys Infected:
(No malicious items detected)

Registry Values Infected:
(No malicious items detected)

Registry Data Items Infected:
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Start_ShowSearch (Hijack.StartMenu) -> Bad: (0) Good: (1) -> Quarantined and deleted successfully.

Folders Infected:
(No malicious items detected)

Files Infected:
(No malicious items detected)








OTL logfile created on: 5/7/2010 10:21:16 AM - Run 1
OTL by OldTimer - Version 3.2.4.1 Folder = C:\Users\Owner\Downloads
64bit-Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18904)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

4.00 Gb Total Physical Memory | 3.00 Gb Available Physical Memory | 65.00% Memory free
8.00 Gb Paging File | 6.00 Gb Available in Paging File | 79.00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 451.76 Gb Total Space | 330.59 Gb Free Space | 73.18% Space Free | Partition Type: NTFS
D: Drive not present or media not loaded
E: Drive not present or media not loaded
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded

Computer Name: JEANS
Current User Name: Owner
Logged in as Administrator.

Current Boot Mode: Normal
Scan Mode: Current user
Include 64bit Scans
Company Name Whitelist: On
Skip Microsoft Files: On
File Age = 90 Days
Output = Standard
Quick Scan

========== Processes (SafeList) ==========

PRC - [2010/05/07 09:37:11 | 000,570,880 | ---- | M] (OldTimer Tools) -- C:\Users\Owner\Downloads\OTL.exe
PRC - [2010/04/06 07:13:29 | 000,910,296 | ---- | M] (Mozilla Corporation) -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe
PRC - [2010/02/14 15:02:39 | 001,201,640 | ---- | M] (Webroot Software, Inc. ) -- C:\Program Files (x86)\Webroot\WebrootSecurity\WRConsumerService.exe
PRC - [2009/09/18 15:09:00 | 006,515,784 | ---- | M] (Webroot Software, Inc.) -- C:\Program Files (x86)\Webroot\WebrootSecurity\SpySweeperUI.exe
PRC - [2009/09/18 14:42:04 | 004,048,240 | ---- | M] (Webroot Software, Inc. (www.webroot.com)) -- C:\Program Files (x86)\Webroot\WebrootSecurity\SpySweeper.exe
PRC - [2009/09/18 14:42:02 | 000,165,232 | ---- | M] (Webroot Software, Inc. (www.webroot.com)) -- C:\Program Files (x86)\Webroot\WebrootSecurity\SSU.exe
PRC - [2008/12/01 15:23:58 | 000,033,280 | ---- | M] (ATT) -- C:\Program Files (x86)\AT&T\Communication Manager\ATTCM.exe
PRC - [2008/11/20 23:07:42 | 000,268,800 | ---- | M] (Sierra Wireless, Inc.) -- C:\Program Files (x86)\AT&T\Communication Manager\SwiApiMux.exe
PRC - [2008/11/20 23:07:42 | 000,113,152 | ---- | M] (SmithMicro Inc.) -- C:\Program Files (x86)\AT&T\Communication Manager\RcAppSvc.exe
PRC - [2008/11/20 23:07:08 | 000,125,440 | ---- | M] (SmithMicro Inc.) -- C:\Program Files (x86)\AT&T\Communication Manager\ConAppsSvc.exe
PRC - [2007/02/12 01:43:44 | 000,065,536 | ---- | M] (O2Micro International) -- C:\Program Files (x86)\O2Micro Flash Memory Card Driver\o2flash.exe


========== Modules (SafeList) ==========

MOD - [2010/05/07 09:37:11 | 000,570,880 | ---- | M] (OldTimer Tools) -- C:\Users\Owner\Downloads\OTL.exe
MOD - [2009/04/11 00:28:20 | 000,450,560 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\comdlg32.dll
MOD - [2008/01/20 19:50:01 | 000,110,592 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\msscript.ocx


========== Win32 Services (SafeList) ==========

SRV:64bit: - [2009/11/13 12:28:38 | 000,129,536 | ---- | M] (WDC) [Auto | Running] -- C:\Program Files\Western Digital\WD SmartWare\WD Drive Manager\WDDMService.exe -- (WDDMService)
SRV:64bit: - [2009/09/24 18:26:26 | 001,142,272 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\FntCache.dll -- (FontCache)
SRV:64bit: - [2009/04/11 01:11:14 | 000,053,760 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\bthserv.dll -- (BthServ)
SRV:64bit: - [2008/06/11 12:18:30 | 000,024,576 | ---- | M] () [Auto | Running] -- C:\Program Files\GATEWAY\Gateway Recovery Management\Service\ETService.exe -- (ETService)
SRV:64bit: - [2008/01/20 19:47:32 | 000,383,544 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV:64bit: - [2007/10/17 08:37:22 | 000,412,672 | ---- | M] (Conexant Systems, Inc.) [Auto | Running] -- C:\Windows\SysNative\DRIVERS\xaudio64.exe -- (XAudioService)
SRV - [2010/02/14 15:02:39 | 001,201,640 | ---- | M] (Webroot Software, Inc. ) [Auto | Running] -- C:\Program Files (x86)\Webroot\WebrootSecurity\WRConsumerService.exe -- (WRConsumerService)
SRV - [2010/02/14 13:08:19 | 000,110,576 | ---- | M] (Google Inc.) [Disabled | Stopped] -- C:\ProgramData\Partner\partner.exe -- (Partner Service)
SRV - [2009/09/18 14:42:04 | 004,048,240 | ---- | M] (Webroot Software, Inc. (www.webroot.com)) [Auto | Running] -- C:\Program Files (x86)\Webroot\WebrootSecurity\SpySweeper.exe -- (WebrootSpySweeperService)
SRV - [2009/06/16 09:58:08 | 000,020,480 | ---- | M] (Memeo) [Auto | Running] -- C:\Program Files (x86)\Western Digital\WD SmartWare\Front Parlor\WDSmartWareBackgroundService.exe -- (WDSmartWareBackgroundService)
SRV - [2009/03/29 22:39:56 | 000,089,920 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_64)
SRV - [2008/11/20 23:07:42 | 000,113,152 | ---- | M] (SmithMicro Inc.) [On_Demand | Running] -- C:\Program Files (x86)\AT&T\Communication Manager\RcAppSvc.exe -- (ATTRcAppSvc)
SRV - [2008/11/20 23:07:08 | 000,125,440 | ---- | M] (SmithMicro Inc.) [On_Demand | Running] -- C:\Program Files (x86)\AT&T\Communication Manager\ConAppsSvc.exe -- (CAATT)
SRV - [2008/11/04 04:41:00 | 000,437,248 | ---- | M] (Conexant Systems, Inc.) [Auto | Running] -- C:\Windows\SysWOW64\XAudio64.dll -- (HsfXAudioService)
SRV - [2008/07/20 18:45:06 | 000,354,840 | ---- | M] (Intel Corporation) [Disabled | Stopped] -- C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAANTmon.exe -- (IAANTMON) Intel®
SRV - [2007/02/12 01:43:44 | 000,065,536 | ---- | M] (O2Micro International) [Auto | Running] -- C:\Program Files (x86)\O2Micro Flash Memory Card Driver\o2flash.exe -- (o2flash)
SRV - [2006/11/02 06:34:14 | 000,000,000 | ---D | M] [Unknown | Stopped] -- C:\Windows\SysWOW64\Msdtc -- (MSDTC)
SRV - [2006/11/01 23:35:15 | 000,060,994 | ---- | M] () [On_Demand | Stopped] -- C:\Windows\SysWOW64\wbem\vds.mof -- (vds)
SRV - [2006/11/01 23:35:15 | 000,055,846 | ---- | M] () [On_Demand | Stopped] -- C:\Windows\SysWOW64\wbem\vss.mof -- (VSS)


========== Driver Services (SafeList) ==========

DRV:64bit: - [2009/12/02 12:14:54 | 000,031,744 | ---- | M] (Research in Motion Ltd) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\DRIVERS\RimSerial_AMD64.sys -- (RimVSerPort)
DRV:64bit: - [2009/09/30 17:51:42 | 000,046,592 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\DRIVERS\wpdusb.sys -- (WpdUsb)
DRV:64bit: - [2009/09/18 14:42:18 | 000,135,280 | ---- | M] (Webroot Software, Inc. (www.webroot.com)) [Kernel | Boot | Running] -- C:\Windows\SysNative\DRIVERS\ssidrv.sys -- (ssidrv)
DRV:64bit: - [2009/09/18 14:42:16 | 000,037,488 | ---- | M] (Webroot Software, Inc. (www.webroot.com)) [Kernel | Boot | Running] -- C:\Windows\SysNative\DRIVERS\ssfs0bbc.sys -- (ssfs0bbc)
DRV:64bit: - [2009/08/28 20:42:52 | 000,049,152 | ---- | M] (Apple, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\usbaapl64.sys -- (USBAAPL64)
DRV:64bit: - [2009/05/18 15:17:08 | 000,034,152 | ---- | M] (GEAR Software Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\GEARAspiWDM.sys -- (GEARAspiWDM)
DRV:64bit: - [2009/05/04 16:02:20 | 000,198,528 | ---- | M] (Sierra Wireless Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\DRIVERS\swumx80.sys -- (SWUMX80) Sierra Wireless USB MUX Driver (UMTS80)
DRV:64bit: - [2009/03/31 14:50:38 | 000,227,840 | ---- | M] (Sierra Wireless Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\DRIVERS\swnc8u80.sys -- (SWNC8U80) Sierra Wireless MUX NDIS Driver (UMTS80)
DRV:64bit: - [2009/02/13 12:02:52 | 000,014,464 | ---- | M] (Western Digital Technologies) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\DRIVERS\wdcsam64.sys -- (WDC_SAM)
DRV:64bit: - [2008/11/20 22:59:02 | 000,043,032 | ---- | M] (Smith Micro Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\PCTINDIS5X64.SYS -- (PCTINDIS5X64)
DRV:64bit: - [2008/11/17 16:50:30 | 004,751,360 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\DRIVERS\NETw5v64.sys -- (NETw5v64) Intel®
DRV:64bit: - [2008/11/04 04:40:46 | 000,010,240 | ---- | M] (Conexant Systems, Inc.) [Kernel | Auto | Running] -- C:\Windows\SysNative\DRIVERS\xaudio64.sys -- (XAudio)
DRV:64bit: - [2008/10/15 09:57:50 | 001,485,312 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\DRIVERS\CAX_DPV.sys -- (HSF_DPV)
DRV:64bit: - [2008/10/15 09:53:44 | 000,292,864 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\DRIVERS\CAXHWAZL.sys -- (CAXHWAZL)
DRV:64bit: - [2008/10/15 09:52:24 | 000,740,864 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\DRIVERS\CAX_CNXT.sys -- (winachsf)
DRV:64bit: - [2008/09/18 04:15:28 | 000,325,120 | ---- | M] (Conexant Systems Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\CHDRT64.sys -- (CnxtHdAudService)
DRV:64bit: - [2008/08/22 11:05:42 | 000,030,088 | R--- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\swmsflt.sys -- (swmsflt)
DRV:64bit: - [2008/07/20 18:44:54 | 000,402,456 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\DRIVERS\iaStor.sys -- (iaStor)
DRV:64bit: - [2008/07/15 01:39:24 | 000,062,296 | ---- | M] (O2Micro ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\DRIVERS\o2mdx64.sys -- (O2MDRDR)
DRV:64bit: - [2008/07/10 19:29:08 | 007,912,672 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\DRIVERS\igdkmd64.sys -- (igfx)
DRV:64bit: - [2008/07/10 02:52:38 | 000,325,680 | ---- | M] (Synaptics, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\DRIVERS\SynTP.sys -- (SynTP)
DRV:64bit: - [2008/06/29 14:52:44 | 000,126,976 | ---- | M] (Intel® Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\IntcHdmi.sys -- (IntcHdmiAddService) Intel®
DRV:64bit: - [2008/06/26 17:24:20 | 000,020,520 | ---- | M] (Chicony Electronics Co., Ltd.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\UVCFTR_S.SYS -- (UVCFTR)
DRV:64bit: - [2008/06/11 18:29:30 | 000,051,800 | ---- | M] (O2Micro ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\DRIVERS\o2sdx64.sys -- (O2SDRDR)
DRV:64bit: - [2008/04/29 01:00:00 | 000,392,192 | ---- | M] (Marvell) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\DRIVERS\yk60x64.sys -- (yukonx64)
DRV:64bit: - [2008/04/28 19:10:55 | 000,276,480 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\BTHport.sys -- (BTHPORT)
DRV:64bit: - [2008/04/28 19:10:51 | 000,034,304 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\BTHUSB.sys -- (BTHUSB)
DRV:64bit: - [2008/02/18 16:14:48 | 000,124,928 | ---- | M] (Option N.V.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\DRIVERS\Gt51Ip.sys -- (GT72NDISIPXP)
DRV:64bit: - [2008/02/08 12:00:42 | 000,080,896 | ---- | M] (Option N.V.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\DRIVERS\gt72ubus.sys -- (GT72UBUS)
DRV:64bit: - [2008/01/20 19:49:47 | 000,011,264 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\RootMdm.sys -- (ROOTMODEM)
DRV:64bit: - [2008/01/20 19:47:27 | 000,168,704 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\usbvideo.sys -- (usbvideo)
DRV:64bit: - [2008/01/20 19:47:03 | 000,023,040 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\DRIVERS\BthEnum.sys -- (BthEnum)
DRV:64bit: - [2008/01/20 19:47:02 | 000,115,712 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\DRIVERS\bthpan.sys -- (BthPan) Bluetooth Device (Personal Area Network)
DRV:64bit: - [2008/01/20 19:46:57 | 000,286,720 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\DRIVERS\VSTAZL6.SYS -- (HSFHWAZL)
DRV:64bit: - [2008/01/20 19:46:55 | 000,111,104 | ---- | M] (Microsoft Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\SysNative\DRIVERS\sdbus.sys -- (sdbus)
DRV:64bit: - [2008/01/20 19:46:52 | 000,062,976 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\DRIVERS\rfcomm.sys -- (RFCOMM) Bluetooth Device (RFCOMM Protocol TDI)
DRV:64bit: - [2008/01/20 19:46:51 | 000,017,792 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\DRIVERS\CmBatt.sys -- (CmBatt)
DRV:64bit: - [2007/03/30 12:38:16 | 000,010,624 | ---- | M] (Option N.V.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\DRIVERS\gtptser.sys -- (GTPTSER)
DRV:64bit: - [2006/11/01 22:28:10 | 000,273,920 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HdAudio.sys -- (HdAudAddService)
DRV:64bit: - [2006/06/18 07:27:24 | 000,017,024 | ---- | M] (Conexant) [Kernel | Auto | Running] -- C:\Windows\SysNative\DRIVERS\mdmxsdk.sys -- (mdmxsdk)
DRV - [2008/11/20 23:02:48 | 000,018,816 | ---- | M] (Bytemobile, Inc.) [Kernel | System | Stopped] -- C:\Windows\SysWOW64\drivers\tcpipBM.sys -- (tcpipBM)
DRV - [2008/06/11 12:13:24 | 000,017,952 | ---- | M] (Acer, Inc.) [Kernel | Auto | Running] -- C:\Windows\SysWOW64\drivers\int15_64.sys -- (int15)
DRV - [2006/09/18 14:36:40 | 000,003,066 | ---- | M] () [Kernel | Boot | Running] -- C:\Windows\SysWOW64\wbem\tcpip.mof -- (Tcpip)
DRV - [2006/09/18 14:35:23 | 000,001,088 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Windows\SysWOW64\wbem\mpsdrv.mof -- (mpsdrv)
DRV - [2006/06/18 07:26:50 | 000,094,208 | ---- | M] (Conexant) [Kernel | Auto | Running] -- C:\Windows\SysWOW64\mdmxsdk.dll -- (mdmxsdk)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://homepage.gate...G...d7818u&c=BB
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://homepage.gate...G...d7818u&c=BB
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://homepage.gate...G...d7818u&c=BB
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://homepage.gate...G...d7818u&c=BB

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://homepage.gate...G...d7818u&c=BB
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,SearchDefaultBranded = 1
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://homepage.gate...G...d7818u&c=BB
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

========== FireFox ==========

FF - prefs.js..browser.startup.homepage: "http://www.google.com/"
FF - prefs.js..extensions.enabledItems: [email protected]:1.0.0.1
FF - prefs.js..extensions.enabledItems: [email protected]:4.5

FF - HKLM\software\mozilla\Firefox\Extensions\\[email protected]: C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2010/03/26 08:44:36 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.3\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2010/04/06 07:13:39 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.3\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2010/04/06 07:13:39 | 000,000,000 | ---D | M]

[2010/02/18 09:22:45 | 000,000,000 | ---D | M] -- C:\Users\Owner\AppData\Roaming\Mozilla\Extensions
[2010/05/06 19:27:21 | 000,000,000 | ---D | M] -- C:\Users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\2aq698yl.default\extensions
[2010/02/18 10:07:15 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\2aq698yl.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}
[2010/03/09 09:21:14 | 000,000,000 | ---D | M] -- C:\Users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\2aq698yl.default\extensions\[email protected]
[2010/03/26 18:33:01 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Mozilla Firefox\extensions

O1 HOSTS File: ([2010/02/14 16:09:36 | 000,000,078 | ---- | M]) - C:\Windows\SysNative\drivers\etc\Hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: ::1 localhost
O2 - BHO: (HP Print Enhancer) - {0347C33E-8762-4905-BF09-768834316C61} - C:\Program Files (x86)\HP\Digital Imaging\smart web printing\hpswp_printenhancer.dll (Hewlett-Packard Co.)
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - No CLSID value found.
O2 - BHO: (Partner BHO Class) - {83FF80F4-8C74-4b80-B5BA-C8DDD434E5C4} - C:\ProgramData\Partner\partner.dll (Google Inc.)
O2 - BHO: (Windows Live Sign-in Helper) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\microsoft shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)
O2 - BHO: (HP Smart BHO Class) - {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} - C:\Program Files (x86)\HP\Digital Imaging\smart web printing\hpswp_BHO.dll (Hewlett-Packard Co.)
O4 - HKLM..\Run: [] File not found
O4 - HKLM..\Run: [AT&T Communication Manager] C:\Program Files (x86)\AT&T\Communication Manager\ATTCM.exe (ATT)
O4 - HKLM..\Run: [eRecoveryService] File not found
O4 - HKLM..\Run: [SpySweeper] C:\Program Files (x86)\Webroot\WebrootSecurity\SpySweeperUI.exe (Webroot Software, Inc.)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDesktopCleanupWizard = 1
O9 - Extra Button: Blog This - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : &Blog This in Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll (Microsoft Corporation)
O9 - Extra Button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office12\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office12\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra Button: Show or hide HP Smart Web Printing - {DDE87865-83C5-48c4-8357-2F5B1AA84522} - C:\Program Files (x86)\HP\Digital Imaging\smart web printing\hpswp_BHO.dll (Hewlett-Packard Co.)
O13 - gopher Prefix: missing
O13 - gopher Prefix: missing
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_18)
O16 - DPF: {CAFEEFAC-0016-0000-0018-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_18)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_18)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 209.183.54.151 209.183.54.151
O18:64bit: - Protocol\Handler\livecall {828030A1-22C1-4009-854F-8E305202313F} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\ms-itss {0A9007C0-4076-11D3-8789-0000F8105754} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\msnim {828030A1-22C1-4009-854F-8E305202313F} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\wlmailhtml {03C514A3-1EFB-4856-9F99-10D7BE1653C0} - Reg Error: Key error. File not found
O18 - Protocol\Handler\livecall {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files (x86)\Windows Live\Messenger\msgrapp.14.0.8050.1202.dll (Microsoft Corporation)
O18 - Protocol\Handler\msnim {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files (x86)\Windows Live\Messenger\msgrapp.14.0.8050.1202.dll (Microsoft Corporation)
O18 - Protocol\Handler\wlmailhtml {03C514A3-1EFB-4856-9F99-10D7BE1653C0} - C:\Program Files (x86)\Windows Live\Mail\mailcomm.dll (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20:64bit: - Winlogon\Notify\igfxcui: DllName - Reg Error: Key error. - C:\Windows\SysNative\igfxdev.dll (Intel Corporation)
O24 - Desktop WallPaper: C:\Users\Owner\AppData\Roaming\Microsoft\Windows Photo Gallery\Windows Photo Gallery Wallpaper.jpg
O24 - Desktop BackupWallPaper: C:\Users\Owner\AppData\Roaming\Microsoft\Windows Photo Gallery\Windows Photo Gallery Wallpaper.jpg
O32 - HKLM CDRom: AutoRun - 1
O33 - MountPoints2\{003dbc51-1ca4-11df-ae4e-00f1d000f1d0}\Shell - "" = AutoRun
O33 - MountPoints2\{003dbc51-1ca4-11df-ae4e-00f1d000f1d0}\Shell\AutoRun\command - "" = G:\LaunchU3.exe -- File not found
O33 - MountPoints2\{96f9fceb-2086-11df-b942-806e6f6e6963}\Shell - "" = AutoRun
O33 - MountPoints2\{96f9fceb-2086-11df-b942-806e6f6e6963}\Shell\AutoRun\command - "" = E:\WIN\setup.exe -- File not found
O33 - MountPoints2\{bfe57d5e-1bf7-11df-b938-00f1d000f1d0}\Shell - "" = AutoRun
O33 - MountPoints2\{bfe57d5e-1bf7-11df-b938-00f1d000f1d0}\Shell\AutoRun\command - "" = F:\WD SmartWare.exe -- File not found
O33 - MountPoints2\{f24a5524-2ee8-11df-9b30-00a0d5ffffa9}\Shell - "" = AutoRun
O33 - MountPoints2\{f24a5524-2ee8-11df-9b30-00a0d5ffffa9}\Shell\AutoRun\command - "" = F:\LaunchU3.exe -- File not found
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

NetSvcs:64bit: Ias - C:\Windows\SysNative\ias [2008/01/20 20:06:38 | 000,000,000 | ---D | M]
NetSvcs:64bit: Irmon - C:\Windows\SysNative\irmon.dll (Microsoft Corporation)
NetSvcs:64bit: Wmi - C:\Windows\SysNative\wmi.dll (Microsoft Corporation)
NetSvcs: Ias - C:\Windows\SysWOW64\ias [2008/01/20 20:08:35 | 000,000,000 | ---D | M]
NetSvcs: Wmi - C:\Windows\SysWOW64\wmi.dll (Microsoft Corporation)

CREATERESTOREPOINT
Restore point Set: OTL Restore Point

========== Files/Folders - Created Within 90 Days ==========

[2010/05/03 20:56:26 | 000,000,000 | ---D | C] -- C:\Users\Owner\AppData\Roaming\Malwarebytes
[2010/05/03 20:56:18 | 000,038,224 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysWow64\drivers\mbamswissarmy.sys
[2010/05/03 20:56:16 | 000,024,664 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbam.sys
[2010/05/03 20:56:16 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2010/05/03 20:56:15 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware
[2010/05/03 20:23:40 | 000,000,000 | ---D | C] -- C:\Windows\ERDNT
[2010/05/03 20:14:34 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\ERUNT
[2010/04/30 09:58:15 | 000,000,000 | ---D | C] -- C:\Users\Owner\Documents\2010-04 (Apr)
[2010/04/26 07:12:42 | 000,000,000 | ---D | C] -- C:\Users\Owner\Gmail - Notes about Marion Frances Edwards - [email protected]_files
[2010/04/24 07:09:01 | 000,000,000 | ---D | C] -- C:\Windows\Hewlett-Packard
[2010/04/21 09:46:09 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Sierra On-Line
[2010/04/21 09:42:16 | 000,000,000 | ---D | C] -- C:\Sierra
[2010/04/12 10:42:47 | 000,000,000 | ---D | C] -- C:\ProgramData\HPSSUPPLY
[2010/04/09 16:44:00 | 000,000,000 | ---D | C] -- C:\ProgramData\WindowsSearch
[2010/03/26 14:52:44 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Kodak
[2010/03/26 14:43:15 | 000,000,000 | ---D | C] -- C:\ProgramData\Kodak
[2010/03/26 08:50:09 | 000,000,000 | ---D | C] -- C:\ProgramData\WEBREG
[2010/03/26 08:49:50 | 000,000,000 | ---D | C] -- C:\Users\Owner\AppData\Local\HP
[2010/03/26 08:47:37 | 000,000,000 | ---D | C] -- C:\Users\Owner\AppData\Roaming\HP
[2010/03/26 08:42:42 | 000,000,000 | ---D | C] -- C:\ProgramData\HP Product Assistant
[2010/03/26 08:40:50 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\HP
[2010/03/26 08:39:42 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Hewlett-Packard
[2010/03/26 08:37:20 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\HP
[2010/03/26 08:37:14 | 000,000,000 | -H-D | C] -- C:\Config.Msi
[2010/03/26 08:34:56 | 000,000,000 | ---D | C] -- C:\ProgramData\HP
[2010/03/13 16:52:52 | 000,000,000 | ---D | C] -- C:\Windows\.jagex_cache_32
[2010/03/13 16:52:07 | 000,000,000 | ---D | C] -- C:\Windows\Sun
[2010/03/09 09:10:32 | 000,189,976 | ---- | C] (MyFamily.com, Inc.) -- C:\Windows\SysWow64\mfimgvwr.ocx
[2010/03/09 09:07:48 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\MFInstall
[2010/02/26 15:32:32 | 000,000,000 | ---D | C] -- C:\ProgramData\CyberLink
[2010/02/26 15:32:29 | 000,000,000 | ---D | C] -- C:\Users\Owner\Documents\CyberLink
[2010/02/26 15:32:29 | 000,000,000 | ---D | C] -- C:\Users\Owner\AppData\Roaming\CyberLink
[2010/02/25 10:57:41 | 000,000,000 | ---D | C] -- C:\Users\Owner\AppData\Roaming\Bytemobile
[2010/02/25 10:57:05 | 000,000,000 | ---D | C] -- C:\Users\Owner\AppData\Local\DBUpdater
[2010/02/25 10:57:02 | 000,000,000 | ---D | C] -- C:\Users\Owner\AppData\Local\AT&T
[2010/02/25 10:56:13 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\PctelEapPeer Authentication
[2010/02/25 10:56:02 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Research in Motion
[2010/02/25 10:56:00 | 000,000,000 | ---D | C] -- C:\ProgramData\AT&T
[2010/02/25 10:56:00 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\AT&T
[2010/02/25 10:54:47 | 000,000,000 | ---D | C] -- C:\Program Files\Option
[2010/02/24 11:08:03 | 000,000,000 | ---D | C] -- C:\Windows\Minidump
[2010/02/20 22:01:52 | 000,000,000 | ---D | C] -- C:\Users\Owner\AppData\Local\Microsoft Games
[2010/02/18 14:19:33 | 000,000,000 | ---D | C] -- C:\Users\Owner\AppData\Roaming\Apple Computer
[2010/02/18 14:19:33 | 000,000,000 | ---D | C] -- C:\Users\Owner\AppData\Local\Apple Computer
[2010/02/18 14:19:24 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\DRVSTORE
[2010/02/18 14:18:41 | 000,000,000 | ---D | C] -- C:\Program Files\iPod
[2010/02/18 14:18:39 | 000,000,000 | ---D | C] -- C:\Program Files\iTunes
[2010/02/18 14:18:39 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\iTunes
[2010/02/18 14:18:39 | 000,000,000 | ---D | C] -- C:\ProgramData\{0DD0EEEE-2A7C-411C-9243-1AE62F445FC3}
[2010/02/18 14:18:09 | 000,000,000 | ---D | C] -- C:\Program Files\Bonjour
[2010/02/18 14:18:09 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Bonjour
[2010/02/18 14:17:24 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\QuickTime
[2010/02/18 14:17:23 | 000,000,000 | ---D | C] -- C:\ProgramData\Apple Computer
[2010/02/18 14:17:11 | 000,000,000 | ---D | C] -- C:\Users\Owner\AppData\Local\Apple
[2010/02/18 14:17:08 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Apple Software Update
[2010/02/18 14:15:31 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Apple
[2010/02/18 14:14:55 | 000,000,000 | ---D | C] -- C:\ProgramData\Apple
[2010/02/18 14:14:55 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Apple
[2010/02/18 13:49:46 | 000,000,000 | ---D | C] -- C:\e40a445e61f43ce2e938baa84c
[2010/02/18 11:21:31 | 000,000,000 | ---D | C] -- C:\Users\Owner\AppData\Roaming\U3
[2010/02/18 09:43:57 | 000,000,000 | ---D | C] -- C:\Users\Owner\AppData\Roaming\Template
[2010/02/18 09:22:28 | 000,000,000 | ---D | C] -- C:\Users\Owner\AppData\Roaming\Mozilla
[2010/02/18 09:22:28 | 000,000,000 | ---D | C] -- C:\Users\Owner\AppData\Local\Mozilla
[2010/02/18 09:22:00 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Mozilla Firefox
[2010/02/18 07:01:28 | 000,000,000 | ---D | C] -- C:\Users\Owner\AppData\Roaming\FaxCtr
[2010/02/17 23:35:24 | 000,000,000 | ---D | C] -- C:\Users\Owner\AppData\Roaming\Lexmark Productivity Studio
[2010/02/17 23:34:23 | 000,000,000 | ---D | C] -- C:\Program Files\Lx_cats
[2010/02/17 23:25:23 | 000,000,000 | ---D | C] -- C:\ProgramData\FaxCtr
[2010/02/17 23:23:08 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Lexmark Toolbar
[2010/02/17 23:22:48 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Abbyy FineReader 6.0 Sprint
[2010/02/17 23:20:08 | 000,000,000 | ---D | C] -- C:\logs
[2010/02/17 14:56:02 | 000,000,000 | ---D | C] -- C:\Windows\pss
[2010/02/17 13:48:30 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\DESIGNER
[2010/02/17 13:40:58 | 000,000,000 | ---D | C] -- C:\Users\Owner\AppData\Local\Microsoft Help
[2010/02/17 13:30:06 | 000,000,000 | ---D | C] -- C:\Users\Owner\Documents\TT Math 5
[2010/02/17 13:30:02 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Teaching Textbooks
[2010/02/17 13:29:42 | 000,000,000 | -HSD | C] -- C:\Windows\ftpcache
[2010/02/17 12:55:43 | 000,000,000 | ---D | C] -- C:\Users\Owner\AppData\Local\Adobe
[2010/02/17 12:51:02 | 000,000,000 | ---D | C] -- C:\Users\Owner\AppData\Local\Western_Digital
[2010/02/17 12:49:22 | 000,000,000 | ---D | C] -- C:\Users\Owner\AppData\Roaming\Western Digital
[2010/02/17 12:49:11 | 000,000,000 | ---D | C] -- C:\ProgramData\Western Digital
[2010/02/17 12:47:57 | 000,000,000 | ---D | C] -- C:\Program Files\Western Digital
[2010/02/17 12:47:57 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Western Digital
[2010/02/17 12:45:00 | 000,000,000 | ---D | C] -- C:\Users\Owner\AppData\Local\Western Digital
[2010/02/14 19:42:55 | 000,000,000 | ---D | C] -- C:\Users\Owner\AppData\Roaming\Sierra Wireless
[2010/02/14 19:42:04 | 000,000,000 | ---D | C] -- C:\Users\Owner\{1d91a234-772d-4be2-a388-130d13a01085}
[2010/02/14 19:40:05 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Motorola Shared
[2010/02/14 19:39:31 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Research In Motion
[2010/02/14 19:39:30 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Sierra Wireless Inc
[2010/02/14 19:01:45 | 000,000,000 | ---D | C] -- C:\Users\Owner\AppData\Roaming\Macromedia
[2010/02/14 18:09:30 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Windows Portable Devices
[2010/02/14 18:09:30 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\spool
[2010/02/14 18:09:26 | 000,000,000 | ---D | C] -- C:\Program Files\Windows Portable Devices
[2010/02/14 15:33:09 | 000,000,000 | ---D | C] -- C:\Users\Owner\AppData\Roaming\Adobe
[2010/02/14 15:03:39 | 000,000,000 | ---D | C] -- C:\ProgramData\Geek Squad
[2010/02/14 15:02:14 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\MSSOAP
[2010/02/14 15:02:14 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\MSSoap
[2010/02/14 15:02:06 | 001,563,008 | ---- | C] (Webroot Software, Inc.) -- C:\Windows\WRSetup.dll
[2010/02/14 15:02:06 | 000,000,000 | ---D | C] -- C:\Users\Owner\AppData\Roaming\Webroot
[2010/02/14 15:02:06 | 000,000,000 | ---D | C] -- C:\ProgramData\Webroot
[2010/02/14 15:02:06 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Webroot
[2010/02/14 14:09:21 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\vi-VN
[2010/02/14 14:09:21 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\eu-ES
[2010/02/14 14:09:21 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\eu-ES
[2010/02/14 14:09:21 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\ca-ES
[2010/02/14 14:09:21 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\ca-ES
[2010/02/14 14:09:20 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\vi-VN
[2010/02/14 14:07:33 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\SPReview
[2010/02/14 13:38:59 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\EventProviders
[2010/02/14 13:31:38 | 000,000,000 | ---D | C] -- C:\Users\Owner\AppData\Roaming\Google
[2010/02/14 13:31:38 | 000,000,000 | ---D | C] -- C:\Users\Owner\AppData\Local\Google
[2010/02/14 13:16:25 | 000,017,952 | ---- | C] (Acer, Inc.) -- C:\Windows\SysNative\drivers\int15_64.sys
[2010/02/14 13:16:15 | 000,017,952 | ---- | C] (Acer, Inc.) -- C:\Windows\SysWow64\drivers\int15_64.sys
[2010/02/14 13:16:15 | 000,015,392 | ---- | C] (Acer, Inc.) -- C:\Windows\SysWow64\drivers\int15.sys
[2010/02/14 13:15:48 | 000,000,000 | ---D | C] -- C:\Program Files\GATEWAY
[2010/02/14 13:14:44 | 002,210,304 | ---- | C] (Chicony Electronics Co.,Ltd.) -- C:\Windows\SysWow64\CAS screensaver.scr
[2010/02/14 13:14:43 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\Skin
[2010/02/14 13:14:40 | 000,020,520 | ---- | C] (Chicony Electronics Co., Ltd.) -- C:\Windows\SysNative\drivers\UVCFTR_S.SYS
[2010/02/14 13:14:38 | 000,000,000 | ---D | C] -- C:\Program Files\Camera Assistant Software for Gateway
[2010/02/14 13:14:23 | 000,000,000 | ---D | C] -- C:\Users\Owner\AppData\Roaming\InstallShield
[2010/02/14 13:10:02 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\x64
[2010/02/14 13:10:02 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\Lang
[2010/02/14 13:09:53 | 000,000,000 | ---D | C] -- C:\Users\Owner\AppData\Roaming\Symantec
[2010/02/14 13:09:39 | 000,000,000 | R--D | C] -- C:\Users\Owner\Searches
[2010/02/14 13:09:30 | 000,000,000 | ---D | C] -- C:\Users\Owner\AppData\Roaming\Identities
[2010/02/14 13:09:28 | 000,000,000 | R--D | C] -- C:\Users\Owner\Contacts
[2010/02/14 13:09:26 | 000,000,000 | ---D | C] -- C:\Users\Owner\AppData\Local\VirtualStore
[2010/02/14 13:08:44 | 000,000,000 | ---D | C] -- C:\ProgramData\Application Data
[2010/02/14 13:08:19 | 000,000,000 | ---D | C] -- C:\ProgramData\Partner
[2010/02/14 13:08:12 | 000,000,000 | ---D | C] -- C:\Program Files\eBay
[2010/02/14 13:07:55 | 000,000,000 | ---D | C] -- C:\ProgramData\Google
[2010/02/14 13:07:48 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Google
[2010/02/14 13:07:03 | 000,000,000 | -HSD | C] -- C:\Users\Owner\AppData\Local\Temporary Internet Files
[2010/02/14 13:07:03 | 000,000,000 | -HSD | C] -- C:\Users\Owner\Templates
[2010/02/14 13:07:03 | 000,000,000 | -HSD | C] -- C:\Users\Owner\Start Menu
[2010/02/14 13:07:03 | 000,000,000 | -HSD | C] -- C:\Users\Owner\SendTo
[2010/02/14 13:07:03 | 000,000,000 | -HSD | C] -- C:\Users\Owner\Recent
[2010/02/14 13:07:03 | 000,000,000 | -HSD | C] -- C:\Users\Owner\PrintHood
[2010/02/14 13:07:03 | 000,000,000 | -HSD | C] -- C:\Users\Owner\NetHood
[2010/02/14 13:07:03 | 000,000,000 | -HSD | C] -- C:\Users\Owner\Documents\My Videos
[2010/02/14 13:07:03 | 000,000,000 | -HSD | C] -- C:\Users\Owner\Documents\My Pictures
[2010/02/14 13:07:03 | 000,000,000 | -HSD | C] -- C:\Users\Owner\Documents\My Music
[2010/02/14 13:07:03 | 000,000,000 | -HSD | C] -- C:\Users\Owner\My Documents
[2010/02/14 13:07:03 | 000,000,000 | -HSD | C] -- C:\Users\Owner\Local Settings
[2010/02/14 13:07:03 | 000,000,000 | -HSD | C] -- C:\Users\Owner\AppData\Local\History
[2010/02/14 13:07:03 | 000,000,000 | -HSD | C] -- C:\Users\Owner\Cookies
[2010/02/14 13:07:03 | 000,000,000 | -HSD | C] -- C:\Users\Owner\Application Data
[2010/02/14 13:07:03 | 000,000,000 | -HSD | C] -- C:\Users\Owner\AppData\Local\Application Data
[2010/02/14 13:07:02 | 000,000,000 | --SD | C] -- C:\Users\Owner\AppData\Roaming\Microsoft
[2010/02/14 13:07:02 | 000,000,000 | R--D | C] -- C:\Users\Owner\Videos
[2010/02/14 13:07:02 | 000,000,000 | R--D | C] -- C:\Users\Owner\Saved Games
[2010/02/14 13:07:02 | 000,000,000 | R--D | C] -- C:\Users\Owner\Pictures
[2010/02/14 13:07:02 | 000,000,000 | R--D | C] -- C:\Users\Owner\Music
[2010/02/14 13:07:02 | 000,000,000 | R--D | C] -- C:\Users\Owner\Links
[2010/02/14 13:07:02 | 000,000,000 | R--D | C] -- C:\Users\Owner\Favorites
[2010/02/14 13:07:02 | 000,000,000 | R--D | C] -- C:\Users\Owner\Downloads
[2010/02/14 13:07:02 | 000,000,000 | R--D | C] -- C:\Users\Owner\Documents
[2010/02/14 13:07:02 | 000,000,000 | R--D | C] -- C:\Users\Owner\Desktop
[2010/02/14 13:07:02 | 000,000,000 | -H-D | C] -- C:\Users\Owner\AppData
[2010/02/14 13:07:02 | 000,000,000 | ---D | C] -- C:\Users\Owner\AppData\Local\Temp
[2010/02/14 13:07:02 | 000,000,000 | ---D | C] -- C:\Users\Owner\AppData\Local\Microsoft
[2010/02/14 13:07:02 | 000,000,000 | ---D | C] -- C:\Users\Owner\AppData\Roaming\Media Center Programs
[2010/02/14 13:00:49 | 000,000,000 | ---D | C] -- C:\Windows\SoftwareDistribution
[2010/02/14 12:54:37 | 000,000,000 | -HSD | C] -- C:\System Volume Information
[1 C:\ProgramData\*.tmp files -> C:\ProgramData\*.tmp -> ]
[1 C:\ProgramData\*.tmp files -> C:\ProgramData\*.tmp -> ]

========== Files - Modified Within 90 Days ==========

[2010/05/07 10:21:52 | 003,145,728 | -HS- | M] () -- C:\Users\Owner\NTUSER.DAT
[2010/05/07 09:32:54 | 000,690,960 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2010/05/07 09:32:54 | 000,595,684 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2010/05/07 09:32:54 | 000,101,350 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2010/05/07 09:25:25 | 000,003,216 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
[2010/05/07 09:25:25 | 000,003,216 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
[2010/05/07 09:25:22 | 000,000,000 | ---- | M] () -- C:\Windows\SysNative\LogConfigTemp.xml
[2010/05/07 09:25:18 | 000,000,006 | -H-- | M] () -- C:\Windows\tasks\SA.DAT
[2010/05/07 09:25:15 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2010/05/07 09:25:11 | 4153,327,616 | -HS- | M] () -- C:\hiberfil.sys
[2010/05/07 09:24:25 | 000,000,012 | ---- | M] () -- C:\Windows\bthservsdp.dat
[2010/05/07 09:24:23 | 000,524,288 | -HS- | M] () -- C:\Users\Owner\NTUSER.DAT{e87f37f0-1e23-11df-99f1-00f1d000f1d0}.TMContainer00000000000000000001.regtrans-ms
[2010/05/07 09:24:23 | 000,065,536 | -HS- | M] () -- C:\Users\Owner\NTUSER.DAT{e87f37f0-1e23-11df-99f1-00f1d000f1d0}.TM.blf
[2010/05/07 09:24:20 | 003,121,883 | -H-- | M] () -- C:\Users\Owner\AppData\Local\IconCache.db
[2010/05/04 18:28:09 | 000,012,115 | ---- | M] () -- C:\Users\Owner\Documents\histroy document, birmingham jail.docx
[2010/05/04 17:23:21 | 000,013,247 | ---- | M] () -- C:\Users\Owner\Documents\Victoria Kennedy writing 121 argumentative paper- education.docx
[2010/05/03 20:56:21 | 000,000,850 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk
[2010/05/03 20:14:36 | 000,000,765 | ---- | M] () -- C:\Users\Owner\Desktop\NTREGOPT.lnk
[2010/05/03 20:14:36 | 000,000,746 | ---- | M] () -- C:\Users\Owner\Desktop\ERUNT.lnk
[2010/04/30 17:00:05 | 000,001,656 | ---- | M] () -- C:\Windows\tasks\wrSpySweeper_L63CB27F91A40426EB7B2E29EB9A0C5F2.job
[2010/04/30 05:46:42 | 000,331,992 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
[2010/04/29 15:39:38 | 000,038,224 | ---- | M] (Malwarebytes Corporation) -- C:\Windows\SysWow64\drivers\mbamswissarmy.sys
[2010/04/29 15:39:28 | 000,024,664 | ---- | M] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbam.sys
[2010/04/26 07:12:42 | 000,201,326 | ---- | M] () -- C:\Users\Owner\Gmail - Notes about Marion Frances Edwards - [email protected]
[2010/04/25 23:54:36 | 000,000,075 | ---- | M] () -- C:\Users\Owner\jagex_runescape_preferences2.dat
[2010/04/25 23:54:16 | 000,000,041 | ---- | M] () -- C:\Users\Owner\jagex_runescape_preferences.dat
[2010/04/21 10:53:01 | 000,088,424 | ---- | M] () -- C:\Users\Owner\AppData\Local\GDIPFONTCACHEV1.DAT
[2010/04/21 09:46:26 | 000,000,232 | ---- | M] () -- C:\Windows\Sierra.ini
[2010/04/21 09:45:52 | 000,001,501 | ---- | M] () -- C:\Users\Public\Desktop\AT&T Special Offer.lnk
[2010/04/21 09:45:44 | 000,001,606 | ---- | M] () -- C:\Users\Public\Desktop\Print Artist 15.0.lnk
[2010/04/20 17:50:10 | 000,011,076 | ---- | M] () -- C:\Users\Owner\Documents\Victoria Kennedy response paper 3.docx
[2010/04/20 17:32:23 | 000,011,704 | ---- | M] () -- C:\Users\Owner\Documents\Victoria Kennedy history paper 3.docx
[2010/04/19 06:04:30 | 000,023,552 | ---- | M] () -- C:\Users\Owner\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2010/04/18 22:57:58 | 000,016,796 | ---- | M] () -- C:\Users\Owner\Documents\Victoria wr 121 paper final.docx
[2010/04/18 21:44:11 | 000,011,729 | ---- | M] () -- C:\Users\Owner\Documents\Victoria Kennedy history2.docx
[2010/04/18 19:37:20 | 000,000,162 | -H-- | M] () -- C:\Users\Owner\Documents\~$il Pekar history paper 1.docx
[2010/04/18 19:15:03 | 000,011,323 | ---- | M] () -- C:\Users\Owner\Documents\Neil Pekar history paper 2.docx
[2010/04/18 19:06:48 | 000,012,069 | ---- | M] () -- C:\Users\Owner\Documents\Neil Pekar history paper 1.docx
[2010/04/18 18:12:25 | 000,011,526 | ---- | M] () -- C:\Users\Owner\Documents\victoria kennedy response for history.docx
[2010/04/15 21:28:58 | 000,015,648 | ---- | M] () -- C:\Users\Owner\Documents\Victoria wr 121 paper.docx
[2010/04/09 09:56:04 | 000,000,622 | ---- | M] () -- C:\Users\Owner\AppData\Roaming\wklnhst.dat
[2010/04/08 19:47:59 | 000,018,432 | ---- | M] () -- C:\Users\Owner\Documents\shaner- response paper 2.wps
[2010/04/07 15:41:53 | 000,019,456 | ---- | M] () -- C:\Users\Owner\Documents\30 hour famine.wps
[2010/04/06 07:50:24 | 000,027,955 | ---- | M] () -- C:\Users\Owner\23793608_126359122212.jpg
[2010/04/06 07:28:21 | 000,173,914 | ---- | M] () -- C:\Users\Owner\40238583_127049609368.jpg
[2010/04/01 22:16:45 | 000,017,408 | ---- | M] () -- C:\Users\Owner\Documents\wr 121 response p 1.wps
[2010/03/27 00:03:09 | 000,000,000 | ---- | M] () -- C:\Users\Owner\jagex__preferences3.dat
[2010/03/26 11:26:13 | 000,000,000 | -H-- | M] () -- C:\Windows\SysNative\drivers\Msft_User_WpdMtpDr_01_07_00.Wdf
[2010/03/26 08:50:03 | 000,161,763 | ---- | M] () -- C:\Windows\hpoins36.dat
[2010/03/26 08:47:34 | 000,000,179 | ---- | M] () -- C:\Windows\win.ini
[2010/03/26 08:43:09 | 000,001,070 | ---- | M] () -- C:\Users\Public\Desktop\Shop for HP Supplies.lnk
[2010/03/26 08:42:33 | 000,001,220 | ---- | M] () -- C:\Users\Public\Desktop\HP Solution Center.lnk
[2010/03/26 08:41:43 | 000,002,004 | ---- | M] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\HP Digital Imaging Monitor.lnk
[2010/03/26 08:40:34 | 000,002,205 | ---- | M] () -- C:\Users\Public\Desktop\Windows Live Photo Gallery.lnk
[2010/03/26 08:29:52 | 000,000,047 | ---- | M] () -- C:\Windows\WinInit.Ini
[2010/03/16 18:37:03 | 000,010,240 | ---- | M] () -- C:\Users\Owner\Documents\tors scholarship list.wps
[2010/03/13 21:07:54 | 000,011,264 | ---- | M] () -- C:\Users\Owner\Documents\wedding schedule.wps
[2010/03/04 07:26:48 | 000,081,893 | ---- | M] () -- C:\Users\Owner\Documents\Staff HF 2010.pdf
[2010/02/27 11:48:05 | 000,000,965 | ---- | M] () -- C:\Users\Owner\Desktop\Webroot AntiVirus with Spy Sweeper.lnk
[2010/02/25 10:56:22 | 000,002,035 | ---- | M] () -- C:\Users\Public\Desktop\at&t Communication Manager.lnk
[2010/02/24 21:42:26 | 390,877,159 | ---- | M] () -- C:\Windows\MEMORY.DMP
[2010/02/20 19:49:24 | 000,018,154 | ---- | M] () -- C:\Users\Owner\Documents\irth Recordsjesse.docx
[2010/02/20 18:37:24 | 000,524,288 | -HS- | M] () -- C:\Users\Owner\NTUSER.DAT{e87f37f0-1e23-11df-99f1-00f1d000f1d0}.TMContainer00000000000000000002.regtrans-ms
[2010/02/19 08:43:45 | 000,001,095 | ---- | M] () -- C:\Users\Owner\Desktop\Microsoft Office - Shortcut.lnk
[2010/02/19 07:50:30 | 000,001,048 | ---- | M] () -- C:\Users\Public\Desktop\Microsoft Works.lnk
[2010/02/18 21:38:05 | 000,524,288 | -HS- | M] () -- C:\Users\Owner\NTUSER.DAT{c328fef1-6a85-11db-9fbd-cf3689cba3de}.TMContainer00000000000000000001.regtrans-ms
[2010/02/18 21:38:05 | 000,065,536 | -HS- | M] () -- C:\Users\Owner\NTUSER.DAT{c328fef1-6a85-11db-9fbd-cf3689cba3de}.TM.blf
[2010/02/18 14:19:27 | 000,001,804 | ---- | M] () -- C:\Users\Public\Desktop\iTunes.lnk
[2010/02/18 14:17:51 | 000,001,758 | ---- | M] () -- C:\Users\Public\Desktop\QuickTime Player.lnk
[2010/02/18 09:22:30 | 000,000,000 | ---- | M] () -- C:\Windows\nsreg.dat
[2010/02/18 09:22:08 | 000,001,780 | ---- | M] () -- C:\Users\Public\Desktop\Mozilla Firefox.lnk
[2010/02/17 23:13:36 | 000,142,206 | ---- | M] () -- C:\Users\Owner\Documents\food handlers card.xps
[2010/02/17 14:13:09 | 000,000,036 | ---- | M] () -- C:\Users\Owner\AppData\Local\housecall.guid.cache
[2010/02/17 13:30:05 | 000,001,010 | ---- | M] () -- C:\Users\Owner\Desktop\TT Math 5.lnk
[2010/02/14 18:08:47 | 000,000,000 | -H-- | M] () -- C:\Windows\SysNative\drivers\Msft_User_WpdFs_01_07_00.Wdf
[2010/02/14 16:09:36 | 000,000,078 | ---- | M] () -- C:\Windows\SysNative\drivers\etc\HOSTS
[2010/02/14 15:02:07 | 000,017,264 | ---- | M] () -- C:\Windows\SysNative\SsiEfr.exe
[2010/02/14 13:28:31 | 000,000,000 | -H-- | M] () -- C:\Windows\SysNative\drivers\Msft_User_WpdFs_01_00_00.Wdf
[2010/02/14 13:22:29 | 000,016,066 | ---- | M] () -- C:\Windows\SysNative\results.xml
[2010/02/14 13:20:03 | 000,524,288 | -HS- | M] () -- C:\Users\Owner\NTUSER.DAT{c328fef1-6a85-11db-9fbd-cf3689cba3de}.TMContainer00000000000000000002.regtrans-ms
[2010/02/14 13:18:44 | 000,000,000 | ---- | M] () -- C:\Windows\SysNative\drivers\Gateway_MD7818U_Rev.1_LXW730X0069070ACFF2600.MRK
[2010/02/14 13:10:31 | 000,000,732 | ---- | M] () -- C:\Users\Owner\AppData\Local\d3d9caps64.dat
[2010/02/14 13:07:03 | 000,000,020 | -HS- | M] () -- C:\Users\Owner\ntuser.ini
[2010/02/14 13:03:51 | 000,047,092 | ---- | M] () -- C:\Windows\SysNative\license.rtf
[1 C:\ProgramData\*.tmp files -> C:\ProgramData\*.tmp -> ]
[1 C:\ProgramData\*.tmp files -> C:\ProgramData\*.tmp -> ]

========== Files Created - No Company Name ==========

[2010/05/04 18:28:09 | 000,012,115 | ---- | C] () -- C:\Users\Owner\Documents\histroy document, birmingham jail.docx
[2010/05/04 17:23:20 | 000,013,247 | ---- | C] () -- C:\Users\Owner\Documents\Victoria Kennedy writing 121 argumentative paper- education.docx
[2010/05/03 20:56:21 | 000,000,850 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk
[2010/05/03 20:14:36 | 000,000,765 | ---- | C] () -- C:\Users\Owner\Desktop\NTREGOPT.lnk
[2010/05/03 20:14:36 | 000,000,746 | ---- | C] () -- C:\Users\Owner\Desktop\ERUNT.lnk
[2010/04/26 07:10:36 | 000,201,326 | ---- | C] () -- C:\Users\Owner\Gmail - Notes about Marion Frances Edwards - [email protected]
[2010/04/21 09:45:52 | 000,001,501 | ---- | C] () -- C:\Users\Public\Desktop\AT&T Special Offer.lnk
[2010/04/21 09:45:44 | 000,001,606 | ---- | C] () -- C:\Users\Public\Desktop\Print Artist 15.0.lnk
[2010/04/21 09:44:16 | 000,000,232 | ---- | C] () -- C:\Windows\Sierra.ini
[2010/04/20 17:50:09 | 000,011,076 | ---- | C] () -- C:\Users\Owner\Documents\Victoria Kennedy response paper 3.docx
[2010/04/20 17:32:22 | 000,011,704 | ---- | C] () -- C:\Users\Owner\Documents\Victoria Kennedy history paper 3.docx
[2010/04/18 22:55:05 | 000,016,796 | ---- | C] () -- C:\Users\Owner\Documents\Victoria wr 121 paper final.docx
[2010/04/18 21:44:10 | 000,011,729 | ---- | C] () -- C:\Users\Owner\Documents\Victoria Kennedy history2.docx
[2010/04/18 19:37:20 | 000,000,162 | -H-- | C] () -- C:\Users\Owner\Documents\~$il Pekar history paper 1.docx
[2010/04/18 19:15:02 | 000,011,323 | ---- | C] () -- C:\Users\Owner\Documents\Neil Pekar history paper 2.docx
[2010/04/18 18:21:53 | 000,012,069 | ---- | C] () -- C:\Users\Owner\Documents\Neil Pekar history paper 1.docx
[2010/04/18 18:12:03 | 000,011,526 | ---- | C] () -- C:\Users\Owner\Documents\victoria kennedy response for history.docx
[2010/04/15 19:28:23 | 000,015,648 | ---- | C] () -- C:\Users\Owner\Documents\Victoria wr 121 paper.docx
[2010/04/08 19:17:43 | 000,018,432 | ---- | C] () -- C:\Users\Owner\Documents\shaner- response paper 2.wps
[2010/04/07 15:32:43 | 000,019,456 | ---- | C] () -- C:\Users\Owner\Documents\30 hour famine.wps
[2010/04/06 07:50:24 | 000,027,955 | ---- | C] () -- C:\Users\Owner\23793608_126359122212.jpg
[2010/04/06 07:28:19 | 000,173,914 | ---- | C] () -- C:\Users\Owner\40238583_127049609368.jpg
[2010/04/01 22:16:45 | 000,017,408 | ---- | C] () -- C:\Users\Owner\Documents\wr 121 response p 1.wps
[2010/03/27 00:03:09 | 000,000,000 | ---- | C] () -- C:\Users\Owner\jagex__preferences3.dat
[2010/03/26 11:26:13 | 000,000,000 | -H-- | C] () -- C:\Windows\SysNative\drivers\Msft_User_WpdMtpDr_01_07_00.Wdf
[2010/03/26 08:43:09 | 000,001,070 | ---- | C] () -- C:\Users\Public\Desktop\Shop for HP Supplies.lnk
[2010/03/26 08:42:33 | 000,001,220 | ---- | C] () -- C:\Users\Public\Desktop\HP Solution Center.lnk
[2010/03/26 08:41:43 | 000,002,004 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\HP Digital Imaging Monitor.lnk
[2010/03/26 08:40:34 | 000,002,205 | ---- | C] () -- C:\Users\Public\Desktop\Windows Live Photo Gallery.lnk
[2010/03/26 08:35:27 | 000,000,785 | ---- | C] () -- C:\ProgramData\hpzinstall.log
[2010/03/26 08:35:26 | 000,161,763 | ---- | C] () -- C:\Windows\hpoins36.dat
[2010/03/26 08:29:52 | 000,000,047 | ---- | C] () -- C:\Windows\WinInit.Ini
[2010/03/16 18:37:02 | 000,010,240 | ---- | C] () -- C:\Users\Owner\Documents\tors scholarship list.wps
[2010/03/13 21:07:53 | 000,011,264 | ---- | C] () -- C:\Users\Owner\Documents\wedding schedule.wps
[2010/03/13 17:01:49 | 000,000,075 | ---- | C] () -- C:\Users\Owner\jagex_runescape_preferences2.dat
[2010/03/13 16:54:34 | 000,000,041 | ---- | C] () -- C:\Users\Owner\jagex_runescape_preferences.dat
[2010/03/04 07:26:47 | 000,081,893 | ---- | C] () -- C:\Users\Owner\Documents\Staff HF 2010.pdf
[2010/02/27 11:48:05 | 000,000,965 | ---- | C] () -- C:\Users\Owner\Desktop\Webroot AntiVirus with Spy Sweeper.lnk
[2010/02/25 10:56:22 | 000,002,035 | ---- | C] () -- C:\Users\Public\Desktop\at&t Communication Manager.lnk
[2010/02/24 11:07:55 | 390,877,159 | ---- | C] () -- C:\Windows\MEMORY.DMP
[2010/02/20 19:49:23 | 000,018,154 | ---- | C] () -- C:\Users\Owner\Documents\irth Recordsjesse.docx
[2010/02/20 06:29:33 | 000,524,288 | -HS- | C] () -- C:\Users\Owner\NTUSER.DAT{e87f37f0-1e23-11df-99f1-00f1d000f1d0}.TMContainer00000000000000000002.regtrans-ms
[2010/02/20 06:29:33 | 000,524,288 | -HS- | C] () -- C:\Users\Owner\NTUSER.DAT{e87f37f0-1e23-11df-99f1-00f1d000f1d0}.TMContainer00000000000000000001.regtrans-ms
[2010/02/20 06:29:33 | 000,065,536 | -HS- | C] () -- C:\Users\Owner\NTUSER.DAT{e87f37f0-1e23-11df-99f1-00f1d000f1d0}.TM.blf
[2010/02/19 08:43:45 | 000,001,095 | ---- | C] () -- C:\Users\Owner\Desktop\Microsoft Office - Shortcut.lnk
[2010/02/19 07:50:30 | 000,001,048 | ---- | C] () -- C:\Users\Public\Desktop\Microsoft Works.lnk
[2010/02/18 14:19:27 | 000,001,804 | ---- | C] () -- C:\Users\Public\Desktop\iTunes.lnk
[2010/02/18 14:17:51 | 000,001,758 | ---- | C] () -- C:\Users\Public\Desktop\QuickTime Player.lnk
[2010/02/18 09:43:55 | 000,000,622 | ---- | C] () -- C:\Users\Owner\AppData\Roaming\wklnhst.dat
[2010/02/18 09:22:30 | 000,000,000 | ---- | C] () -- C:\Windows\nsreg.dat
[2010/02/18 09:22:08 | 000,001,780 | ---- | C] () -- C:\Users\Public\Desktop\Mozilla Firefox.lnk
[2010/02/17 23:25:24 | 000,036,864 | ---- | C] () -- C:\Windows\SysNative\lxf3oem.dll
[2010/02/17 23:25:24 | 000,003,584 | ---- | C] () -- C:\Windows\SysNative\LXF3PMRC.DLL
[2010/02/17 23:13:34 | 000,142,206 | ---- | C] () -- C:\Users\Owner\Documents\food handlers card.xps
[2010/02/17 14:13:09 | 000,000,036 | ---- | C] () -- C:\Users\Owner\AppData\Local\housecall.guid.cache
[2010/02/17 13:41:55 | 000,023,552 | ---- | C] () -- C:\Users\Owner\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2010/02/17 13:30:05 | 000,001,010 | ---- | C] () -- C:\Users\Owner\Desktop\TT Math 5.lnk
[2010/02/14 18:44:37 | 000,003,718 | ---- | C] () -- C:\Users\Owner\AppData\Local\Custom.Log
[2010/02/14 18:08:47 | 000,000,000 | -H-- | C] () -- C:\Windows\SysNative\drivers\Msft_User_WpdFs_01_07_00.Wdf
[2010/02/14 15:09:40 | 000,001,656 | ---- | C] () -- C:\Windows\tasks\wrSpySweeper_L63CB27F91A40426EB7B2E29EB9A0C5F2.job
[2010/02/14 15:09:27 | 000,057,667 | ---- | C] () -- C:\Windows\SysWow64\ieuinit.inf
[2010/02/14 15:09:27 | 000,057,667 | ---- | C] () -- C:\Windows\SysNative\ieuinit.inf
[2010/02/14 15:02:08 | 000,017,264 | ---- | C] () -- C:\Windows\SysNative\SsiEfr.exe
[2010/02/14 14:55:11 | 002,528,482 | ---- | C] () -- C:\Users\Owner\AppData\Local\dd_NET_Framework35_x64_MSI6F8F.txt
[2010/02/14 14:54:41 | 000,197,555 | ---- | C] () -- C:\Users\Owner\AppData\Local\dd_depcheck_NETFX_EXP_35.txt
[2010/02/14 14:54:37 | 000,192,104 | ---- | C] () -- C:\Users\Owner\AppData\Local\dd_dotnetfx35install.txt
[2010/02/14 14:54:37 | 000,043,376 | ---- | C] () -- C:\Users\Owner\AppData\Local\uxeventlog.txt
[2010/02/14 14:54:37 | 000,000,002 | ---- | C] () -- C:\Users\Owner\AppData\Local\dd_dotnetfx35error.txt
[2010/02/14 14:48:42 | 002,608,861 | ---- | C] () -- C:\Windows\SysNative\wlan.tmf
[2010/02/14 13:42:48 | 000,395,723 | ---- | C] () -- C:\Windows\SysNative\onex.tmf
[2010/02/14 13:42:45 | 000,368,640 | ---- | C] () -- C:\Windows\SysWow64\msjetoledb40.dll
[2010/02/14 13:42:43 | 000,009,212 | ---- | C] () -- C:\Windows\SysWow64\RacUR.xml
[2010/02/14 13:42:43 | 000,009,212 | ---- | C] () -- C:\Windows\SysNative\RacUR.xml
[2010/02/14 13:42:38 | 000,471,992 | ---- | C] () -- C:\Windows\SysNative\dot3.tmf
[2010/02/14 13:42:34 | 000,700,507 | ---- | C] () -- C:\Windows\SysNative\eaphost.tmf
[2010/02/14 13:42:34 | 000,121,856 | ---- | C] () -- C:\Windows\SysNative\EhStorAuthn.dll
[2010/02/14 13:42:34 | 000,117,248 | ---- | C] () -- C:\Windows\SysWow64\EhStorAuthn.dll
[2010/02/14 13:42:28 | 003,662,128 | ---- | C] () -- C:\Windows\SysWow64\locale.nls
[2010/02/14 13:42:28 | 003,662,128 | ---- | C] () -- C:\Windows\SysNative\locale.nls
[2010/02/14 13:42:09 | 000,107,612 | ---- | C] () -- C:\Windows\SysWow64\StructuredQuerySchema.bin
[2010/02/14 13:42:09 | 000,107,612 | ---- | C] () -- C:\Windows\SysNative\StructuredQuerySchema.bin
[2010/02/14 13:42:08 | 000,262,552 | ---- | C] () -- C:\Windows\SysNative\systemsf.ebd
[2010/02/14 13:42:04 | 000,207,968 | ---- | C] () -- C:\Windows\SysNative\WFP.TMF
[2010/02/14 13:42:02 | 000,092,918 | ---- | C] () -- C:\Windows\SysNative\slmgr.vbs
[2010/02/14 13:42:01 | 000,092,918 | ---- | C] () -- C:\Windows\SysWow64\slmgr.vbs
[2010/02/14 13:42:01 | 000,009,239 | ---- | C] () -- C:\Windows\SysWow64\spcinstrumentation.man
[2010/02/14 13:42:01 | 000,009,239 | ---- | C] () -- C:\Windows\SysNative\spcinstrumentation.man
[2010/02/14 13:28:31 | 000,000,000 | -H-- | C] () -- C:\Windows\SysNative\drivers\Msft_User_WpdFs_01_00_00.Wdf
[2010/02/14 13:22:29 | 000,016,066 | ---- | C] () -- C:\Windows\SysNative\results.xml
[2010/02/14 13:18:44 | 000,000,000 | ---- | C] () -- C:\Windows\SysNative\drivers\Gateway_MD7818U_Rev.1_LXW730X0069070ACFF2600.MRK
[2010/02/14 13:16:27 | 000,000,000 | ---- | C] () -- C:\Windows\SysNative\LogConfigTemp.xml
[2010/02/14 13:16:25 | 000,585,216 | ---- | C] () -- C:\Windows\SysNative\INT15_64.dll
[2010/02/14 13:07:17 | 4153,327,616 | -HS- | C] () -- C:\hiberfil.sys
[2010/02/14 13:07:06 | 000,000,732 | ---- | C] () -- C:\Users\Owner\AppData\Local\d3d9caps64.dat
[2010/02/14 13:07:03 | 000,000,020 | -HS- | C] () -- C:\Users\Owner\ntuser.ini
[2010/02/14 13:07:02 | 003,145,728 | -HS- | C] () -- C:\Users\Owner\NTUSER.DAT
[2010/02/14 13:07:02 | 000,524,288 | -HS- | C] () -- C:\Users\Owner\NTUSER.DAT{c328fef1-6a85-11db-9fbd-cf3689cba3de}.TMContainer00000000000000000002.regtrans-ms
[2010/02/14 13:07:02 | 000,524,288 | -HS- | C] () -- C:\Users\Owner\NTUSER.DAT{c328fef1-6a85-11db-9fbd-cf3689cba3de}.TMContainer00000000000000000001.regtrans-ms
[2010/02/14 13:07:02 | 000,262,144 | -H-- | C] () -- C:\Users\Owner\ntuser.dat.LOG1
[2010/02/14 13:07:02 | 000,065,536 | -HS- | C] () -- C:\Users\Owner\NTUSER.DAT{c328fef1-6a85-11db-9fbd-cf3689cba3de}.TM.blf
[2010/02/14 13:07:02 | 000,000,000 | -H-- | C] () -- C:\Users\Owner\ntuser.dat.LOG2
[2010/02/14 13:01:17 | 000,003,432 | ---- | C] () -- C:\Windows\SysNative\USBMediaReaderPatch.vbs
[2009/09/18 14:42:10 | 000,031,088 | ---- | C] () -- C:\Windows\SysWow64\wrLZMA.dll
[2008/01/20 19:50:05 | 000,060,124 | ---- | C] () -- C:\Windows\SysWow64\tcpmon.ini

========== LOP Check ==========

[2010/02/25 10:57:41 | 000,000,000 | ---D | M] -- C:\Users\Owner\AppData\Roaming\Bytemobile
[2010/02/17 23:35:24 | 000,000,000 | ---D | M] -- C:\Users\Owner\AppData\Roaming\Lexmark Productivity Studio
[2010/02/14 19:42:55 | 000,000,000 | ---D | M] -- C:\Users\Owner\AppData\Roaming\Sierra Wireless
[2010/04/29 19:45:50 | 000,000,000 | ---D | M] -- C:\Users\Owner\AppData\Roaming\Template
[2010/02/17 12:49:22 | 000,000,000 | ---D | M] -- C:\Users\Owner\AppData\Roaming\Western Digital
[2010/05/07 09:24:25 | 000,032,592 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT
[2010/04/30 17:00:05 | 000,001,656 | ---- | M] () -- C:\Windows\Tasks\wrSpySweeper_L63CB27F91A40426EB7B2E29EB9A0C5F2.job

========== Purity Check ==========



========== Custom Scans ==========


< %SYSTEMDRIVE%\*.* >
[2009/04/11 00:36:38 | 000,333,257 | RHS- | M] () -- C:\bootmgr
[2009/01/13 10:42:52 | 000,008,192 | R-S- | M] () -- C:\BOOTSECT.BAK
[2010/02/14 19:42:53 | 000,361,648 | ---- | M] () -- C:\drivers.log
[2010/05/07 09:25:11 | 4153,327,616 | -HS- | M] () -- C:\hiberfil.sys
[2009/01/13 13:19:37 | 000,000,165 | ---- | M] () -- C:\Labelprint.log
[2010/03/26 08:22:32 | 000,756,076 | ---- | M] () -- C:\lxdd.log
[2010/05/07 09:25:10 | 171,966,463 | -HS- | M] () -- C:\pagefile.sys
[2010/02/14 13:18:14 | 000,000,163 | ---- | M] () -- C:\power2go.log

< %systemroot%\*. /mp /s >

< %systemroot%\system32\*.dll /lockedfiles >
[2009/09/18 14:42:10 | 000,031,088 | ---- | M] () Unable to obtain MD5 -- C:\Windows\SysWOW64\wrLZMA.dll

< %systemroot%\Tasks\*.job /lockedfiles >

< %systemroot%\System32\config\*.sav >

< %systemroot%\system32\drivers\*.sys /90 >
[2010/04/29 15:39:38 | 000,038,224 | ---- | M] (Malwarebytes Corporation) -- C:\Windows\SysWOW64\drivers\mbamswissarmy.sys
< End of report >
  • 0

Advertisements

Back to Virus, Spyware, Malware Removal · Next Unread Topic →




Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

  1. Geeks to Go Community
  2. Security
  3. Virus, Spyware, Malware Removal

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP