Maliprog just helped me resolve a problem last week, but it appears i have another problem.
thanks
pdl2
unauthorized access blocked by norton
Started by
pdl2
, Feb 10 2011 07:02 PM
#1
Posted 10 February 2011 - 07:02 PM
pdl2
-
- Member
-
- 82 posts
Member
Maliprog just helped me resolve a problem last week, but it appears i have another problem.
thanks
pdl2
#2
Posted 10 February 2011 - 07:29 PM
pdl2
- Topic Starter
-
- Member
-
- 82 posts
Member
otl log:
OTL logfile created on: 2/10/2011 8:22:28 PM - Run 1
OTL by OldTimer - Version 3.2.20.6 Folder = C:\Documents and Settings\Owner\Desktop\doug
Windows XP Home Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy
1.00 Gb Total Physical Memory | 1.00 Gb Available Physical Memory | 54.00% Memory free
2.00 Gb Paging File | 1.00 Gb Available in Paging File | 80.00% Paging File free
Paging file location(s): C:\pagefile.sys 768 1536 [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 74.50 Gb Total Space | 50.49 Gb Free Space | 67.77% Space Free | Partition Type: NTFS
Drive D: | 296.83 Mb Total Space | 0.00 Mb Free Space | 0.00% Space Free | Partition Type: CDFS
Computer Name: ABCD | User Name: Owner | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days
========== Processes (SafeList) ==========
PRC - [2011/02/10 20:18:59 | 000,602,624 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Owner\Desktop\doug\OTL.exe
PRC - [2010/11/11 13:55:56 | 000,057,072 | ---- | M] (Microsoft Corporation) -- c:\Program Files\Zune\ZuneBusEnum.exe
PRC - [2010/08/13 11:58:56 | 000,144,672 | ---- | M] (Apple Inc.) -- C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
PRC - [2010/02/25 19:21:50 | 000,126,392 | R--- | M] (Symantec Corporation) -- C:\Program Files\Norton 360\Engine\4.3.0.5\ccsvchst.exe
PRC - [2009/07/30 16:05:58 | 000,497,000 | ---- | M] (Sony Corporation) -- C:\Program Files\Sony\Content Transfer\ContentTransferWMDetector.exe
PRC - [2008/11/09 15:48:14 | 000,602,392 | ---- | M] (Yahoo! Inc.) -- C:\Program Files\Yahoo!\SoftwareUpdate\YahooAUService.exe
PRC - [2008/04/13 19:12:19 | 001,033,728 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
PRC - [2006/04/20 07:34:26 | 001,520,688 | ---- | M] (Cisco Systems, Inc.) -- C:\Program Files\Cisco Systems\VPN Client\cvpnd.exe
PRC - [2004/10/14 13:42:54 | 001,404,928 | ---- | M] (Analog Devices, Inc.) -- C:\Program Files\Analog Devices\Core\smax4pnp.exe
========== Modules (SafeList) ==========
MOD - [2011/02/10 20:18:59 | 000,602,624 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Owner\Desktop\doug\OTL.exe
MOD - [2010/09/20 14:26:01 | 000,415,088 | R--- | M] (Symantec Corporation) -- C:\Program Files\Norton 360\Engine\4.3.0.5\asoehook.dll
MOD - [2010/08/23 11:12:02 | 001,054,208 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.6028_x-ww_61e65202\comctl32.dll
MOD - [2009/07/12 02:02:02 | 000,653,120 | R--- | M] (Microsoft Corporation) -- C:\Program Files\Norton 360\Engine\4.3.0.5\microsoft.vc90.crt\msvcr90.dll
MOD - [2009/07/12 02:02:00 | 000,569,664 | R--- | M] (Microsoft Corporation) -- C:\Program Files\Norton 360\Engine\4.3.0.5\microsoft.vc90.crt\msvcp90.dll
========== Win32 Services (SafeList) ==========
SRV - File not found [Disabled | Stopped] -- -- (HidServ)
SRV - File not found [On_Demand | Stopped] -- -- (AppMgmt)
SRV - [2010/11/11 13:57:04 | 000,268,528 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- c:\Program Files\Zune\WMZuneComm.exe -- (WMZuneComm)
SRV - [2010/11/11 13:57:02 | 000,444,656 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- c:\Program Files\Zune\ZuneWlanCfgSvc.exe -- (ZuneWlanCfgSvc)
SRV - [2010/11/11 13:55:56 | 006,351,600 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- c:\Program Files\Zune\ZuneNss.exe -- (ZuneNetworkSvc)
SRV - [2010/11/11 13:55:56 | 000,057,072 | ---- | M] (Microsoft Corporation) [Auto | Running] -- c:\Program Files\Zune\ZuneBusEnum.exe -- (ZuneBusEnum)
SRV - [2010/08/13 11:58:56 | 000,144,672 | ---- | M] (Apple Inc.) [Auto | Running] -- C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe -- (Apple Mobile Device)
SRV - [2010/02/25 19:21:50 | 000,126,392 | R--- | M] (Symantec Corporation) [Unknown | Running] -- C:\Program Files\Norton 360\Engine\4.3.0.5\ccSvcHst.exe -- (N360)
SRV - [2008/11/09 15:48:14 | 000,602,392 | ---- | M] (Yahoo! Inc.) [Auto | Running] -- C:\Program Files\Yahoo!\SoftwareUpdate\YahooAUService.exe -- (YahooAUService)
SRV - [2007/12/11 03:39:12 | 000,382,320 | ---- | M] (SupportSoft, Inc.) [On_Demand | Stopped] -- C:\Program Files\Common Files\supportsoft\bin\ssrc.exe -- (SupportSoft RemoteAssist)
SRV - [2007/09/20 16:10:02 | 000,032,768 | ---- | M] (Inter-Tel (Delaware), Inc) [Disabled | Stopped] -- C:\Documents and Settings\Owner\My Documents\Inter-Tel\Collaboration Client 2.0\lkWebLink.exe -- (LkWebLink)
SRV - [2006/04/20 07:34:26 | 001,520,688 | ---- | M] (Cisco Systems, Inc.) [Auto | Running] -- C:\Program Files\Cisco Systems\VPN Client\cvpnd.exe -- (CVPND)
========== Driver Services (SafeList) ==========
DRV - [2010/12/16 17:02:59 | 001,360,760 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\Documents and Settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_4.1.0.32\Definitions\VirusDefs\20110210.003\NAVEX15.SYS -- (NAVEX15)
DRV - [2010/12/16 17:02:59 | 000,086,008 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\Documents and Settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_4.1.0.32\Definitions\VirusDefs\20110210.003\NAVENG.SYS -- (NAVENG)
DRV - [2010/11/22 21:20:07 | 000,691,248 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Documents and Settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_4.1.0.32\Definitions\BASHDefs\20110114.001\BHDrvx86.sys -- (BHDrvx86)
DRV - [2010/11/08 19:50:31 | 000,341,944 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\Documents and Settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_4.1.0.32\Definitions\IPSDefs\20110210.001\IDSXpx86.sys -- (IDSxpx86)
DRV - [2010/06/08 23:23:00 | 000,124,976 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\SYMEVENT.SYS -- (SymEvent)
DRV - [2010/05/26 03:00:00 | 000,371,248 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Program Files\Common Files\Symantec Shared\EENGINE\eeCtrl.sys -- (eeCtrl)
DRV - [2010/05/26 03:00:00 | 000,102,448 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\Program Files\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys -- (EraserUtilRebootDrv)
DRV - [2010/05/05 23:01:59 | 000,361,904 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\WINDOWS\System32\Drivers\N360\0403000.005\SYMTDI.SYS -- (SYMTDI)
DRV - [2010/05/05 23:01:43 | 000,047,408 | R--- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\SymIM.sys -- (SymIMMP)
DRV - [2010/05/05 23:01:43 | 000,047,408 | R--- | M] (Symantec Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\SymIM.sys -- (SymIM)
DRV - [2010/04/29 00:03:51 | 000,116,784 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\N360\0403000.005\Ironx86.SYS -- (SymIRON)
DRV - [2010/04/21 22:02:20 | 000,173,104 | ---- | M] (Symantec Corporation) [File_System | Boot | Running] -- C:\WINDOWS\system32\drivers\N360\0403000.005\SYMEFA.SYS -- (SymEFA)
DRV - [2010/04/21 21:29:50 | 000,325,680 | ---- | M] (Symantec Corporation) [File_System | On_Demand | Running] -- C:\WINDOWS\System32\Drivers\N360\0403000.005\SRTSP.SYS -- (SRTSP)
DRV - [2010/04/21 21:29:50 | 000,043,696 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\N360\0403000.005\SRTSPX.SYS -- (SRTSPX) Symantec Real Time Storage Protection (PEL)
DRV - [2010/02/25 19:22:57 | 000,501,888 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\N360\0403000.005\ccHPx86.sys -- (ccHP)
DRV - [2010/02/03 20:40:47 | 000,328,752 | R--- | M] (Symantec Corporation) [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\N360\0403000.005\SYMDS.SYS -- (SymDS)
DRV - [2006/11/02 06:00:08 | 000,039,368 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\winusb.sys -- (WinUSB)
DRV - [2006/04/20 07:33:40 | 000,303,740 | ---- | M] (Cisco Systems, Inc.) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\CVPNDRVA.sys -- (CVPNDRVA)
DRV - [2005/06/29 18:50:30 | 000,110,080 | ---- | M] (Deterministic Networks, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\dne2000.sys -- (DNE)
DRV - [2005/05/17 03:51:34 | 000,005,315 | ---- | M] (Cisco Systems, Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\CVirtA.sys -- (CVirtA)
DRV - [2005/01/26 05:22:20 | 000,280,344 | ---- | M] (Zone Labs LLC) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\vsdatant.sys -- (vsdatant)
DRV - [2004/09/17 08:02:54 | 000,732,928 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\senfilt.sys -- (senfilt)
DRV - [2004/03/22 12:24:00 | 000,004,272 | R--- | M] () [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\bvrp_pci.sys -- (bvrp_pci)
DRV - [2003/11/17 15:59:20 | 000,212,224 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\HSFHWBS2.sys -- (HSFHWBS2)
DRV - [2003/11/17 15:58:02 | 000,680,704 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\HSF_CNXT.sys -- (winachsf)
DRV - [2003/11/17 15:56:26 | 001,042,432 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\HSF_DP.sys -- (HSF_DP)
========== Standard Registry (SafeList) ==========
========== Internet Explorer ==========
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Secondary Start Pages = http://news.yahoo.com/ [binary data]
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL = http://www.google.com/ie
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,SearchDefaultBranded =
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,SearchMigratedDefaultName =
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,SearchMigratedDefaultUrl =
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.yahoo.com/?ilc=1
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.google.com/ie
IE - HKCU\..\URLSearchHook: {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn3\yt.dll (Yahoo! Inc.)
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local
FF - HKLM\software\mozilla\Firefox\Extensions\\{BBDA0591-3099-440a-AA10-41764D9DB4DB}: C:\Documents and Settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_4.1.0.32\IPSFFPlgn\ [2010/06/12 05:20:07 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Firefox\Extensions\\{2D3F3651-74B9-4795-BDEC-6DA2F431CB62}: C:\Documents and Settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_4.1.0.32\coFFPlgn\ [2010/06/08 23:27:40 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Firefox\Extensions\\[email protected]: C:\Program Files\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2010/08/06 09:55:12 | 000,000,000 | ---D | M]
O1 HOSTS File: ([2011/02/04 20:19:43 | 000,000,027 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (&Yahoo! Toolbar Helper) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn3\yt.dll (Yahoo! Inc.)
O2 - BHO: (HP Print Enhancer) - {0347C33E-8762-4905-BF09-768834316C61} - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll (Hewlett-Packard Co.)
O2 - BHO: (Yahoo! IE Suggest) - {5A263CF7-56A6-4D68-A8CF-345BE45BC911} - C:\Program Files\Yahoo!\SearchSuggest\YSearchSuggest.dll (Yahoo! Inc.)
O2 - BHO: (Yahoo! IE Services Button) - {5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897} - C:\Program Files\Yahoo!\Common\yiesrvc.dll (Yahoo! Inc.)
O2 - BHO: (Symantec NCO BHO) - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files\Norton 360\Engine\4.3.0.5\coieplg.dll (Symantec Corporation)
O2 - BHO: (Symantec Intrusion Prevention) - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files\Norton 360\Engine\4.3.0.5\ipsbho.dll (Symantec Corporation)
O2 - BHO: (Yontoo Layers) - {FD72061E-9FDE-484D-A58A-0BAB4151CAD8} - C:\Program Files\Yontoo Layers Client\YontooIEClient.dll (Yontoo Technology, Inc.)
O2 - BHO: (SingleInstance Class) - {FDAD4DA1-61A2-4FD8-9C17-86F7AC245081} - C:\Program Files\Yahoo!\Companion\Installs\cpn3\YTSingleInstance.dll (Yahoo! Inc)
O2 - BHO: (HP Smart BHO Class) - {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll (Hewlett-Packard Co.)
O3 - HKLM\..\Toolbar: (Norton Toolbar) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files\Norton 360\Engine\4.3.0.5\coieplg.dll (Symantec Corporation)
O3 - HKLM\..\Toolbar: (Yahoo! Toolbar) - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn3\yt.dll (Yahoo! Inc.)
O3 - HKCU\..\Toolbar\WebBrowser: (Norton Toolbar) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files\Norton 360\Engine\4.3.0.5\coieplg.dll (Symantec Corporation)
O3 - HKCU\..\Toolbar\WebBrowser: (Yahoo! Toolbar) - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn3\yt.dll (Yahoo! Inc.)
O4 - HKLM..\Run: [AppleSyncNotifier] C:\Program Files\Common Files\Apple\Mobile Device Support\AppleSyncNotifier.exe (Apple Inc.)
O4 - HKLM..\Run: [ContentTransferWMDetector.exe] C:\Program Files\Sony\Content Transfer\ContentTransferWMDetector.exe (Sony Corporation)
O4 - HKLM..\Run: [SoundMAXPnP] C:\Program Files\Analog Devices\Core\smax4pnp.exe (Analog Devices, Inc.)
O4 - HKLM..\Run: [Zune Launcher] c:\Program Files\Zune\ZuneLauncher.exe (Microsoft Corporation)
O4 - HKCU..\Run: [Yahoo! Pager] C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe (Yahoo! Inc.)
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Cisco Systems VPN Client.lnk = C:\Program Files\Cisco Systems\VPN Client\vpngui.exe (Cisco Systems, Inc.)
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office\OSA9.EXE (Microsoft Corporation)
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Infodelivery present
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: LinkResolveIgnoreLinkInfo = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoResolveSearch = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: LinkResolveIgnoreLinkInfo = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O9 - Extra Button: OPN Client - {0D899ECB-9513-4C9A-8117-D4585C413DDD} - C:\Program Files\antepo\opnclient45\4.4.15.8\opnclient.exe (Antepo®, Inc.)
O9 - Extra 'Tools' menuitem : Opn Client - {0D899ECB-9513-4C9A-8117-D4585C413DDD} - C:\Program Files\antepo\opnclient45\4.4.15.8\opnclient.exe (Antepo®, Inc.)
O9 - Extra Button: Yahoo! Services - {5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897} - C:\Program Files\Yahoo!\Common\yiesrvc.dll (Yahoo! Inc.)
O9 - Extra Button: Show or hide HP Smart Web Printing - {DDE87865-83C5-48c4-8357-2F5B1AA84522} - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll (Hewlett-Packard Co.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O15 - HKCU\..Trusted Domains: bluemountain.com ([www] http in Trusted sites)
O15 - HKCU\..Trusted Domains: java.com ([www] http in Trusted sites)
O16 - DPF: {01113300-3E00-11D2-8470-0060089874ED} http://supportcenter...oad/tgctlcm.cab (Support.com Configuration Class)
O16 - DPF: {02A2D714-433E-46E4-B217-7C3B3FAF8EAE} http://www.worldwinn...rabblecubes.cab (ScrabbleCubes Control)
O16 - DPF: {038E2507-7A48-41E2-94AD-7F23D199AF4E} http://www.worldwinn...ems/zengems.cab (ZenGems Control)
O16 - DPF: {166B1BCA-3F9C-11CF-8075-444553540000} http://fpdownload.ma...director/sw.cab (Shockwave ActiveX Control)
O16 - DPF: {1A1F56AA-3401-46F9-B277-D57F3421F821} http://www.worldwinn...GamesLoader.cab (FunGamesLoader Object)
O16 - DPF: {1D082E71-DF20-4AAF-863B-596428C49874} http://www.worldwinn...0/tpir/tpir.cab (TPIR Control)
O16 - DPF: {2C153C75-8476-434B-B3C3-57B63A3D1939} http://www.worldwinn...ut/brickout.cab (Brickout Control)
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} C:\Program Files\Yahoo!\Common\Yinsthelper.dll (Installation Support)
O16 - DPF: {32C3FEAE-0877-4767-8C20-62A5829A0945} http://static.ak.fac...fbootloader.cab (Reg Error: Value error.)
O16 - DPF: {33E54F7F-561C-49E6-929B-D7E76D3AFEB1} http://www.worldwinn...0/pool/pool.cab (Pool Control)
O16 - DPF: {406B5949-7190-4245-91A9-30A17DE16AD0} http://photos.walmar...martActivia.cab (Snapfish Activia)
O16 - DPF: {41D1977F-4161-4720-800F-EA4903983A38} http://www.worldwinn...gsaw/jigsaw.cab (Jigsaw Genius Control)
O16 - DPF: {42FDC231-A411-45F8-B8B6-3B5026111DA8} http://www.worldwinn...litairerush.cab (SolitaireRush Control)
O16 - DPF: {555F1BBC-6EC2-474F-84AF-633EF097FF54} http://www.worldwinn...ts/wwhearts.cab (WWHearts Control)
O16 - DPF: {5ED80217-570B-4DA9-BF44-BE107C0EC166} http://cdn.scan.onec...lscbase6770.cab (Windows Live Safety Center Base Module)
O16 - DPF: {615F158E-D5CA-422F-A8E7-F6A5EED7063B} http://www.worldwinn...d/bejeweled.cab (Bejeweled Control)
O16 - DPF: {61900274-3323-4446-BDCD-91548D32AF1B} http://www.worldwinn...ersolitaire.cab (SpiderSolitaire Control)
O16 - DPF: {6A344D34-5231-452A-8A57-D064AC9B7862} https://webdl.symant...ex/symdlmgr.cab (Symantec Download Manager)
O16 - DPF: {8100D56A-5661-482C-BEE8-AFECE305D968} http://upload.facebo...oUploader55.cab (Facebook Photo Uploader 5 Control)
O16 - DPF: {8A94C905-FF9D-43B6-8708-F0F22D22B1CB} http://www.worldwinn...ed/wwlaunch.cab (Wwlaunch Control)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_13)
O16 - DPF: {8FA2192F-B95D-40E3-898F-8D7ABB8E00D0} http://download-game...mesLauncher.cab (SpinTop Games Launcher)
O16 - DPF: {94299420-321F-4FF9-A247-62A23EBB640B} http://www.worldwinn...jo/wordmojo.cab (WordMojo Control)
O16 - DPF: {95A311CD-EC8E-452A-BCEC-B844EB616D03} http://www.worldwinn...eweledtwist.cab (BejeweledTwist Control)
O16 - DPF: {A52FBD2B-7AB3-4F6B-90E3-91C772C5D00F} http://www.worldwinn...v57/wof/wof.cab (WoF Control)
O16 - DPF: {A91FB93D-7561-4524-8484-5C27C8FA8D42} http://www.worldwinn...luxor/luxor.cab (WwLuxor Control)
O16 - DPF: {AC2881FD-5760-46DB-83AE-20A5C6432A7E} http://www.worldwinn...apit/swapit.cab (SwapIt Control)
O16 - DPF: {B06CE1BC-5D9D-4676-BD28-1752DBF394E0} http://www.worldwinn...man/hangman.cab (Hangman Control)
O16 - DPF: {B516CA4E-A5BA-405C-AFCF-A97F08CC7429} http://aolsvc.aol.co...esPlayer_v4.cab (GoBit Games Player)
O16 - DPF: {BA35B9B8-DE9E-47C9-AFA7-3C77E3DDFD39} http://www.worldwinn...ly/monopoly.cab (Monopoly Control)
O16 - DPF: {BA94245D-2AA0-4953-9D9F-B0EE4CC02C43} http://www.worldwinn...ty/tilecity.cab (Tilecity Control)
O16 - DPF: {BEB82CC6-09F3-43EA-BEB1-97188E21035D} http://spi2.mttest.c...d/footpedal.cab (FootPedalCtl Class)
O16 - DPF: {BFF1950D-B1B4-4AE8-B842-B2CCF06D9A1B} http://aolsvc.aol.co...zylomplayer.cab (Zylom Games Player)
O16 - DPF: {C5326A4D-E9AA-40AD-A09A-E74304D86B47} http://www.worldwinn...h/dinerdash.cab (DinerDash Control)
O16 - DPF: {C93C1C34-CEA9-49B1-9046-040F59E0E0D8} http://www.worldwinn...paint/paint.cab (Paint Control)
O16 - DPF: {CAFEEFAC-0016-0000-0006-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_06)
O16 - DPF: {CAFEEFAC-0016-0000-0013-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_13)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_13)
O16 - DPF: {CF969D51-F764-4FBF-9E90-475248601C8A} http://www.worldwinn.../familyfeud.cab (FamilyFeud Control)
O16 - DPF: {D0C0F75C-683A-4390-A791-1ACFD5599AB8} http://gamenextus.ob...ronGameHost.cab (Oberon Flash Game Host)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.m...ent/swflash.cab (Shockwave Flash Object)
O16 - DPF: {E12EB891-D000-421B-A8ED-EDE1BDCA14A0} http://www.worldwinn...sol/golfsol.cab (GolfSol Control)
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.ad...Plus/1.6/gp.cab (Reg Error: Value error.)
O16 - DPF: {F46BD8B1-DE4C-4A4F-B6F6-8FB68D25342D} http://aolsvc.aol.co...eb.1.0.0.17.cab (CPlayFirstMahjongRoaControl Object)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 76.85.229.110 76.85.229.111
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - Winlogon\Notify\igfxcui: DllName - igfxdev.dll - C:\WINDOWS\System32\igfxdev.dll (Intel Corporation)
O24 - Desktop WallPaper: C:\Documents and Settings\Owner\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O24 - Desktop BackupWallPaper: C:\Documents and Settings\Owner\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2008/06/07 15:19:08 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O32 - AutoRun File - [2008/01/18 10:56:21 | 000,554,823 | R--- | M] () - D:\autorun.inf -- [ CDFS ]
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = ComFile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
========== Files/Folders - Created Within 30 Days ==========
[2011/02/10 19:27:49 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\HP Product Assistant
[2011/02/10 19:27:19 | 000,000,000 | ---D | C] -- C:\Program Files\Hewlett-Packard
[2011/02/10 19:26:51 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\HP
[2011/02/07 22:18:34 | 000,000,000 | -HSD | C] -- C:\RECYCLER
[2011/02/04 20:10:49 | 000,000,000 | RHSD | C] -- C:\cmdcons
[2011/02/04 20:06:11 | 000,000,000 | ---D | C] -- C:\WINDOWS\ERDNT
[2011/02/03 18:15:21 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Owner\DoctorWeb
[2011/01/30 14:37:51 | 000,047,408 | R--- | C] (Symantec Corporation) -- C:\WINDOWS\System32\drivers\SymIM.sys
[2011/01/22 13:03:13 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Owner\Desktop\doug
[2011/01/22 12:37:34 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Owner\Application Data\IObit
[2011/01/22 12:37:33 | 000,000,000 | ---D | C] -- C:\Program Files\IObit
[2011/01/21 22:35:05 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Owner\Application Data\Malwarebytes
[2011/01/21 22:34:54 | 000,038,224 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbamswissarmy.sys
[2011/01/21 22:34:54 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Malwarebytes' Anti-Malware
[2011/01/21 22:34:53 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Malwarebytes
[2011/01/21 22:34:49 | 000,020,952 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbam.sys
[2011/01/21 22:34:49 | 000,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware
[2011/01/18 16:58:34 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Owner\Application Data\Sony Corporation
[2011/01/18 16:45:12 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Content Transfer
[2011/01/18 16:44:48 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Sony Shared
[2011/01/18 16:38:13 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\WALKMAN Guide
[2011/01/18 16:16:35 | 000,000,000 | ---D | C] -- C:\Program Files\Sony
[2011/01/15 17:40:11 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Owner\Desktop\Beth's music
[2011/01/15 00:21:09 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\pt-PT
[2011/01/15 00:21:09 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\pt-BR
[2011/01/15 00:21:09 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\nl-NL
[2011/01/15 00:21:09 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\it-IT
[2011/01/15 00:21:07 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\fr-FR
[2011/01/15 00:21:07 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\es-ES
[2011/01/15 00:21:07 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\de-DE
[2011/01/14 20:45:30 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Zune
[2011/01/14 19:46:23 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Owner\Application Data\DriverCure
[2011/01/14 19:46:22 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Owner\Application Data\ParetoLogic
[2011/01/14 19:45:49 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\ParetoLogic
[2011/01/12 12:04:26 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Owner\Start Menu\Programs\WebEx Recorder & Player
[2011/01/12 09:01:30 | 000,000,000 | -HSD | C] -- C:\Documents and Settings\Owner\My Documents\cache
[3 C:\Documents and Settings\Owner\My Documents\*.tmp files -> C:\Documents and Settings\Owner\My Documents\*.tmp -> ]
========== Files - Modified Within 30 Days ==========
[2011/02/10 19:41:01 | 000,019,518 | ---- | M] () -- C:\WINDOWS\hpqins13.dat
[2011/02/10 19:40:34 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2011/02/10 19:37:37 | 000,001,870 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\HP Photosmart Essential 3.5.lnk
[2011/02/10 19:32:53 | 000,157,346 | ---- | M] () -- C:\WINDOWS\hpoins27.dat
[2011/02/10 19:28:48 | 000,001,808 | ---- | M] () -- C:\Documents and Settings\All Users\Start Menu\Programs\Startup\HP Digital Imaging Monitor.lnk
[2011/02/10 19:28:05 | 000,000,984 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\HP Solution Center.lnk
[2011/02/10 16:51:53 | 000,002,137 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\iTunes.lnk
[2011/02/10 12:12:24 | 000,002,399 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\OPN.lnk
[2011/02/10 09:24:46 | 000,002,473 | ---- | M] () -- C:\Documents and Settings\Owner\Desktop\Microsoft Word.lnk
[2011/02/10 03:50:39 | 000,000,004 | ---- | M] () -- C:\Documents and Settings\Owner\Application Data\EXText Diagnostic Upload Queue.dat
[2011/02/09 22:20:57 | 000,274,968 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2011/02/09 22:17:04 | 000,001,355 | ---- | M] () -- C:\WINDOWS\imsins.BAK
[2011/02/09 13:25:01 | 001,207,095 | ---- | M] () -- C:\Documents and Settings\Owner\Desktop\WC32.mdmp
[2011/02/09 08:13:50 | 000,020,992 | ---- | M] () -- C:\Documents and Settings\Owner\My Documents\most dangerous game..doc
[2011/02/04 20:19:43 | 000,000,027 | ---- | M] () -- C:\WINDOWS\System32\drivers\etc\hosts
[2011/02/04 20:10:57 | 000,000,327 | RHS- | M] () -- C:\boot.ini
[2011/02/04 19:22:21 | 000,000,235 | ---- | M] () -- C:\Documents and Settings\Owner\Desktop\https--admin.ichart.com.-login.aspxReturnUrl=%2fdefault.aspx.url
[2011/02/04 12:50:56 | 000,133,632 | ---- | M] () -- C:\Documents and Settings\Owner\Desktop\RKUnhookerLE.EXE
[2011/02/04 12:16:06 | 000,000,284 | ---- | M] () -- C:\WINDOWS\tasks\AppleSoftwareUpdate.job
[2011/02/03 18:12:54 | 055,951,152 | ---- | M] () -- C:\Documents and Settings\Owner\Desktop\drweb-cureit.exe
[2011/02/02 21:53:11 | 000,296,448 | ---- | M] () -- C:\xqdqok07.exe
[2011/02/01 16:29:39 | 067,615,404 | ---- | M] () -- C:\Documents and Settings\Owner\My Documents\Getting Started Guide.pdf
[2011/02/01 16:28:03 | 000,473,191 | ---- | M] () -- C:\Documents and Settings\Owner\My Documents\WW getting started11.pdf
[2011/02/01 16:27:43 | 000,354,204 | ---- | M] () -- C:\Documents and Settings\Owner\My Documents\WW getting started10.pdf
[2011/02/01 16:26:52 | 000,544,230 | ---- | M] () -- C:\Documents and Settings\Owner\My Documents\WW getting started9.pdf
[2011/02/01 16:26:31 | 000,280,865 | ---- | M] () -- C:\Documents and Settings\Owner\My Documents\WW getting started8.pdf
[2011/02/01 16:26:05 | 000,473,038 | ---- | M] () -- C:\Documents and Settings\Owner\My Documents\WW getting started7.pdf
[2011/02/01 16:25:36 | 000,258,327 | ---- | M] () -- C:\Documents and Settings\Owner\My Documents\WW getting started6.pdf
[2011/02/01 16:25:00 | 001,111,625 | ---- | M] () -- C:\Documents and Settings\Owner\My Documents\WW getting started5.pdf
[2011/02/01 16:24:24 | 000,251,073 | ---- | M] () -- C:\Documents and Settings\Owner\My Documents\WW getting started3.pdf
[2011/02/01 16:23:33 | 000,412,817 | ---- | M] () -- C:\Documents and Settings\Owner\My Documents\ww getting started2.pdf
[2011/02/01 16:22:22 | 000,506,770 | ---- | M] () -- C:\Documents and Settings\Owner\My Documents\WW getting started1.pdf
[2011/01/29 18:59:26 | 000,002,206 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2011/01/29 10:25:57 | 000,000,196 | ---- | M] () -- C:\Documents and Settings\Owner\Desktop\HRP Manager Login.url
[2011/01/28 18:32:05 | 000,058,388 | -H-- | M] () -- C:\WINDOWS\System32\mlfcache.dat
[2011/01/25 21:41:16 | 000,000,375 | ---- | M] () -- C:\WINDOWS\System32\drivers\etc\hosts.ics
[2011/01/23 11:13:15 | 000,009,265 | ---- | M] () -- C:\Documents and Settings\Owner\Desktop\Wireless Security Settings.html
[2011/01/22 17:36:41 | 000,001,729 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Adobe Reader 9.lnk
[2011/01/22 13:04:07 | 000,000,104 | ---- | M] () -- C:\Documents and Settings\Owner\Desktop\Network Magic Folders.lnk
[2011/01/18 12:39:34 | 000,239,104 | ---- | M] () -- C:\Documents and Settings\Owner\My Documents\100_FAVORITE_WEIGHTWATCHERS_RECIPES_LD.doc
[2011/01/18 12:33:56 | 000,025,207 | ---- | M] () -- C:\Documents and Settings\Owner\My Documents\Getting_started_LD.rtf
[2011/01/17 20:28:55 | 000,000,255 | ---- | M] () -- C:\Documents and Settings\Owner\Desktop\HRP Manager Login.zip
[2011/01/15 00:23:56 | 000,000,000 | -H-- | M] () -- C:\WINDOWS\System32\drivers\Msft_User_ZuneDriver_01_09_00.Wdf
[2011/01/15 00:23:56 | 000,000,000 | -H-- | M] () -- C:\WINDOWS\System32\drivers\Msft_Kernel_WinUSB_01009.Wdf
[2011/01/15 00:22:45 | 000,000,000 | -H-- | M] () -- C:\WINDOWS\System32\drivers\MsftWdf_user_01_09_00.Wdf
[2011/01/14 23:47:38 | 000,053,639 | ---- | M] () -- C:\Documents and Settings\Owner\My Documents\ashleynicolelimer.jpg
[2011/01/14 23:47:12 | 000,053,639 | ---- | M] () -- C:\Documents and Settings\Owner\My Documents\ashleynicolelimer
[2011/01/14 20:51:58 | 000,005,632 | ---- | M] () -- C:\Documents and Settings\Owner\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2011/01/14 20:46:10 | 000,000,000 | -H-- | M] () -- C:\WINDOWS\System32\drivers\Msft_Kernel_zumbus_01009.Wdf
[2011/01/14 20:46:08 | 000,000,000 | -H-- | M] () -- C:\WINDOWS\System32\drivers\MsftWdf_Kernel_01009_Coinstaller_Critical.Wdf
[2011/01/13 21:53:22 | 000,085,307 | ---- | M] () -- C:\Documents and Settings\Owner\My Documents\bestfriend 13.jpg
[2011/01/13 14:04:08 | 000,090,111 | ---- | M] () -- C:\Documents and Settings\Owner\My Documents\Copy of bestfriend 12.jpg
[2011/01/13 14:04:08 | 000,090,111 | ---- | M] () -- C:\Documents and Settings\Owner\My Documents\Copy (2) of bestfriend 12.jpg
[2011/01/13 14:04:08 | 000,090,111 | ---- | M] () -- C:\Documents and Settings\Owner\My Documents\bestfriend 12.jpg
[2011/01/13 14:03:10 | 000,083,005 | ---- | M] () -- C:\Documents and Settings\Owner\My Documents\bestfriend 11.jpg
[2011/01/13 14:02:06 | 000,090,316 | ---- | M] () -- C:\Documents and Settings\Owner\My Documents\bestfriend 10.jpg
[2011/01/13 14:01:17 | 000,081,726 | ---- | M] () -- C:\Documents and Settings\Owner\My Documents\bestfriend 9.jpg
[2011/01/13 14:00:11 | 000,082,703 | ---- | M] () -- C:\Documents and Settings\Owner\My Documents\bestfriend 8.jpg
[2011/01/13 13:58:26 | 000,080,473 | ---- | M] () -- C:\Documents and Settings\Owner\My Documents\bestfriend 7.jpg
[2011/01/13 13:57:16 | 000,086,900 | ---- | M] () -- C:\Documents and Settings\Owner\My Documents\bestfriend 6.jpg
[2011/01/13 13:56:45 | 000,080,729 | ---- | M] () -- C:\Documents and Settings\Owner\My Documents\bestfriend 5.jpg
[2011/01/13 13:55:36 | 000,085,418 | ---- | M] () -- C:\Documents and Settings\Owner\My Documents\bestfriend 4.jpg
[2011/01/13 13:54:14 | 000,081,491 | ---- | M] () -- C:\Documents and Settings\Owner\My Documents\bestfriend 3.jpg
[2011/01/13 13:53:23 | 000,087,067 | ---- | M] () -- C:\Documents and Settings\Owner\My Documents\bestfriend 2.jpg
[2011/01/13 13:52:21 | 000,065,819 | ---- | M] () -- C:\Documents and Settings\Owner\My Documents\bestfriend.jpg
[2011/01/13 13:51:50 | 000,081,106 | ---- | M] () -- C:\Documents and Settings\Owner\My Documents\bestfriend 1.jpg
[2011/01/12 12:04:26 | 000,001,668 | ---- | M] () -- C:\Documents and Settings\Owner\Desktop\WebEx Player.LNK
[3 C:\Documents and Settings\Owner\My Documents\*.tmp files -> C:\Documents and Settings\Owner\My Documents\*.tmp -> ]
========== Files Created - No Company Name ==========
[2011/02/10 19:37:36 | 000,001,870 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\HP Photosmart Essential 3.5.lnk
[2011/02/10 19:36:10 | 000,019,518 | ---- | C] () -- C:\WINDOWS\hpqins13.dat
[2011/02/10 19:28:47 | 000,001,808 | ---- | C] () -- C:\Documents and Settings\All Users\Start Menu\Programs\Startup\HP Digital Imaging Monitor.lnk
[2011/02/10 19:28:05 | 000,000,984 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\HP Solution Center.lnk
[2011/02/10 19:23:51 | 000,157,346 | ---- | C] () -- C:\WINDOWS\hpoins27.dat
[2011/02/10 19:23:51 | 000,000,932 | ---- | C] () -- C:\WINDOWS\hpomdl27.dat
[2011/02/08 22:46:57 | 000,020,992 | ---- | C] () -- C:\Documents and Settings\Owner\My Documents\most dangerous game..doc
[2011/02/04 20:10:57 | 000,000,211 | ---- | C] () -- C:\Boot.bak
[2011/02/04 20:10:54 | 000,260,272 | RHS- | C] () -- C:\cmldr
[2011/02/04 19:22:21 | 000,000,235 | ---- | C] () -- C:\Documents and Settings\Owner\Desktop\https--admin.ichart.com.-login.aspxReturnUrl=%2fdefault.aspx.url
[2011/02/04 12:50:56 | 000,133,632 | ---- | C] () -- C:\Documents and Settings\Owner\Desktop\RKUnhookerLE.EXE
[2011/02/03 18:12:52 | 055,951,152 | ---- | C] () -- C:\Documents and Settings\Owner\Desktop\drweb-cureit.exe
[2011/02/02 21:53:11 | 000,296,448 | ---- | C] () -- C:\xqdqok07.exe
[2011/02/01 16:28:03 | 000,473,191 | ---- | C] () -- C:\Documents and Settings\Owner\My Documents\WW getting started11.pdf
[2011/02/01 16:27:42 | 000,354,204 | ---- | C] () -- C:\Documents and Settings\Owner\My Documents\WW getting started10.pdf
[2011/02/01 16:26:52 | 000,544,230 | ---- | C] () -- C:\Documents and Settings\Owner\My Documents\WW getting started9.pdf
[2011/02/01 16:26:31 | 000,280,865 | ---- | C] () -- C:\Documents and Settings\Owner\My Documents\WW getting started8.pdf
[2011/02/01 16:26:04 | 000,473,038 | ---- | C] () -- C:\Documents and Settings\Owner\My Documents\WW getting started7.pdf
[2011/02/01 16:25:36 | 000,258,327 | ---- | C] () -- C:\Documents and Settings\Owner\My Documents\WW getting started6.pdf
[2011/02/01 16:25:00 | 001,111,625 | ---- | C] () -- C:\Documents and Settings\Owner\My Documents\WW getting started5.pdf
[2011/02/01 16:24:24 | 000,251,073 | ---- | C] () -- C:\Documents and Settings\Owner\My Documents\WW getting started3.pdf
[2011/02/01 16:23:33 | 000,412,817 | ---- | C] () -- C:\Documents and Settings\Owner\My Documents\ww getting started2.pdf
[2011/02/01 16:22:22 | 000,506,770 | ---- | C] () -- C:\Documents and Settings\Owner\My Documents\WW getting started1.pdf
[2011/01/23 11:13:15 | 000,009,265 | ---- | C] () -- C:\Documents and Settings\Owner\Desktop\Wireless Security Settings.html
[2011/01/22 17:35:36 | 000,002,347 | ---- | C] () -- C:\Documents and Settings\All Users\Start Menu\Programs\Adobe Reader 9.lnk
[2011/01/22 17:35:36 | 000,001,729 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Adobe Reader 9.lnk
[2011/01/22 13:04:06 | 000,000,104 | ---- | C] () -- C:\Documents and Settings\Owner\Desktop\Network Magic Folders.lnk
[2011/01/18 12:39:34 | 000,239,104 | ---- | C] () -- C:\Documents and Settings\Owner\My Documents\100_FAVORITE_WEIGHTWATCHERS_RECIPES_LD.doc
[2011/01/18 12:33:56 | 000,025,207 | ---- | C] () -- C:\Documents and Settings\Owner\My Documents\Getting_started_LD.rtf
[2011/01/18 12:16:35 | 067,615,404 | ---- | C] () -- C:\Documents and Settings\Owner\My Documents\Getting Started Guide.pdf
[2011/01/17 20:28:55 | 000,000,255 | ---- | C] () -- C:\Documents and Settings\Owner\Desktop\HRP Manager Login.zip
[2011/01/17 20:08:42 | 000,000,196 | ---- | C] () -- C:\Documents and Settings\Owner\Desktop\HRP Manager Login.url
[2011/01/15 00:23:56 | 000,000,000 | -H-- | C] () -- C:\WINDOWS\System32\drivers\Msft_User_ZuneDriver_01_09_00.Wdf
[2011/01/15 00:23:56 | 000,000,000 | -H-- | C] () -- C:\WINDOWS\System32\drivers\Msft_Kernel_WinUSB_01009.Wdf
[2011/01/15 00:22:45 | 000,000,000 | -H-- | C] () -- C:\WINDOWS\System32\drivers\MsftWdf_user_01_09_00.Wdf
[2011/01/14 23:47:38 | 000,053,639 | ---- | C] () -- C:\Documents and Settings\Owner\My Documents\ashleynicolelimer.jpg
[2011/01/14 23:47:12 | 000,053,639 | ---- | C] () -- C:\Documents and Settings\Owner\My Documents\ashleynicolelimer
[2011/01/14 20:46:10 | 000,000,000 | -H-- | C] () -- C:\WINDOWS\System32\drivers\Msft_Kernel_zumbus_01009.Wdf
[2011/01/14 20:46:08 | 000,000,000 | -H-- | C] () -- C:\WINDOWS\System32\drivers\MsftWdf_Kernel_01009_Coinstaller_Critical.Wdf
[2011/01/13 21:52:17 | 000,085,307 | ---- | C] () -- C:\Documents and Settings\Owner\My Documents\bestfriend 13.jpg
[2011/01/13 18:08:04 | 000,090,111 | ---- | C] () -- C:\Documents and Settings\Owner\My Documents\Copy (2) of bestfriend 12.jpg
[2011/01/13 18:07:58 | 000,090,111 | ---- | C] () -- C:\Documents and Settings\Owner\My Documents\Copy of bestfriend 12.jpg
[2011/01/12 09:37:06 | 000,001,668 | ---- | C] () -- C:\Documents and Settings\Owner\Desktop\WebEx Player.LNK
[2010/07/25 19:21:20 | 008,892,928 | ---- | C] () -- C:\Documents and Settings\All Users\Application Data\atscie.msi
[2010/03/29 18:18:19 | 000,000,736 | ---- | C] () -- C:\WINDOWS\SamsungMaster.INI
[2009/10/07 21:31:12 | 000,180,224 | ---- | C] () -- C:\WINDOWS\System32\xvidvfw.dll
[2009/10/07 21:31:08 | 000,765,952 | ---- | C] () -- C:\WINDOWS\System32\xvidcore.dll
[2009/05/04 15:00:28 | 000,029,752 | ---- | C] () -- C:\WINDOWS\System32\InstHelper.dll
[2009/05/04 14:58:45 | 000,197,680 | ---- | C] () -- C:\WINDOWS\System32\vpnapi.dll
[2009/02/28 23:36:53 | 000,005,632 | ---- | C] () -- C:\Documents and Settings\Owner\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2009/01/04 22:28:32 | 000,002,821 | ---- | C] () -- C:\Documents and Settings\All Users\Application Data\hpzinstall.log
[2008/06/14 11:22:41 | 000,000,049 | ---- | C] () -- C:\WINDOWS\lexstat.ini
[2008/06/09 11:04:17 | 000,000,004 | ---- | C] () -- C:\Documents and Settings\Owner\Application Data\EXText Diagnostic Upload Queue.dat
[2008/06/09 10:58:24 | 000,000,000 | ---- | C] () -- C:\WINDOWS\Wc32.INI
[2008/06/09 10:45:34 | 000,193,584 | ---- | C] () -- C:\WINDOWS\System32\CSGina.dll
[2008/06/09 09:51:58 | 000,000,376 | ---- | C] () -- C:\WINDOWS\ODBC.INI
[2008/06/08 14:08:29 | 000,004,161 | ---- | C] () -- C:\WINDOWS\ODBCINST.INI
[2008/06/07 16:14:22 | 000,000,288 | ---- | C] () -- C:\WINDOWS\dellstat.ini
[2008/06/07 15:44:31 | 000,004,272 | R--- | C] () -- C:\WINDOWS\System32\drivers\bvrp_pci.sys
[2005/10/14 15:09:48 | 000,051,304 | ---- | C] () -- C:\WINDOWS\System32\drivers\atnt40k.sys
[1999/01/22 13:46:58 | 000,065,536 | ---- | C] () -- C:\WINDOWS\System32\MSRTEDIT.DLL
========== LOP Check ==========
[2008/06/07 16:14:31 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\BVRP Software
[2009/04/27 21:53:34 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\CA
[2008/06/07 16:01:56 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Citrix
[2008/06/11 00:26:33 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\FunGames
[2008/08/16 19:24:34 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\GameHouse
[2008/12/01 11:31:21 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\GoBit Games
[2010/04/10 16:26:43 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\NCH Swift Sound
[2011/01/17 20:22:12 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\ParetoLogic
[2008/06/19 01:39:51 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\PopCap
[2008/06/09 09:49:52 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\SBT
[2008/08/07 00:45:18 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\SpinTop Games
[2010/12/24 03:25:17 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Tarma Installer
[2009/04/18 23:20:37 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\TEMP
[2008/12/03 18:13:34 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\WinZipSE
[2008/06/19 01:31:31 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Zylom
[2010/10/13 22:06:27 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\{429CAD59-35B1-4DBC-BB6D-1DB246563521}
[2009/12/27 15:31:50 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\{755AC846-7372-4AC8-8550-C52491DAA8BD}
[2009/08/18 19:29:32 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\{7B6BA59A-FB0E-4499-8536-A7420338BF3B}
[2009/05/05 14:41:58 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Owner\Application Data\Antepo-ACCEPT
[2011/01/14 19:46:23 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Owner\Application Data\DriverCure
[2010/06/07 12:52:09 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Owner\Application Data\Facebook
[2011/01/23 17:40:04 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Owner\Application Data\IObit
[2008/07/14 23:55:15 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Owner\Application Data\Jane s Hotel
[2010/04/10 16:26:42 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Owner\Application Data\NCH Swift Sound
[2011/01/14 19:46:22 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Owner\Application Data\ParetoLogic
[2008/07/21 12:08:08 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Owner\Application Data\Snapfish
[2008/06/07 17:07:58 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Owner\Application Data\SupportSoft
[2010/09/14 23:38:13 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Owner\Application Data\Tific
[2009/04/18 16:20:08 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Owner\Application Data\uniblue
[2010/11/26 21:29:42 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Owner\Application Data\Unity
[2011/01/17 19:08:28 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Owner\Application Data\webex
[2008/07/14 23:55:12 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Owner\Application Data\Zylom
[2010/04/10 16:26:49 | 000,000,288 | ---- | M] () -- C:\WINDOWS\Tasks\expressSevenDaysInit.job
[2010/04/10 16:34:31 | 000,000,284 | ---- | M] () -- C:\WINDOWS\Tasks\scribeSevenDaysInit.job
[2010/06/19 18:20:01 | 000,000,278 | ---- | M] () -- C:\WINDOWS\Tasks\scribeShakeIcon.job
========== Purity Check ==========
========== Alternate Data Streams ==========
@Alternate Data Stream - 150 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:78645FD8
@Alternate Data Stream - 142 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:5BD8B9DD
@Alternate Data Stream - 116 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:D1B5B4F1
< End of report >
OTL logfile created on: 2/10/2011 8:22:28 PM - Run 1
OTL by OldTimer - Version 3.2.20.6 Folder = C:\Documents and Settings\Owner\Desktop\doug
Windows XP Home Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy
1.00 Gb Total Physical Memory | 1.00 Gb Available Physical Memory | 54.00% Memory free
2.00 Gb Paging File | 1.00 Gb Available in Paging File | 80.00% Paging File free
Paging file location(s): C:\pagefile.sys 768 1536 [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 74.50 Gb Total Space | 50.49 Gb Free Space | 67.77% Space Free | Partition Type: NTFS
Drive D: | 296.83 Mb Total Space | 0.00 Mb Free Space | 0.00% Space Free | Partition Type: CDFS
Computer Name: ABCD | User Name: Owner | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days
========== Processes (SafeList) ==========
PRC - [2011/02/10 20:18:59 | 000,602,624 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Owner\Desktop\doug\OTL.exe
PRC - [2010/11/11 13:55:56 | 000,057,072 | ---- | M] (Microsoft Corporation) -- c:\Program Files\Zune\ZuneBusEnum.exe
PRC - [2010/08/13 11:58:56 | 000,144,672 | ---- | M] (Apple Inc.) -- C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
PRC - [2010/02/25 19:21:50 | 000,126,392 | R--- | M] (Symantec Corporation) -- C:\Program Files\Norton 360\Engine\4.3.0.5\ccsvchst.exe
PRC - [2009/07/30 16:05:58 | 000,497,000 | ---- | M] (Sony Corporation) -- C:\Program Files\Sony\Content Transfer\ContentTransferWMDetector.exe
PRC - [2008/11/09 15:48:14 | 000,602,392 | ---- | M] (Yahoo! Inc.) -- C:\Program Files\Yahoo!\SoftwareUpdate\YahooAUService.exe
PRC - [2008/04/13 19:12:19 | 001,033,728 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
PRC - [2006/04/20 07:34:26 | 001,520,688 | ---- | M] (Cisco Systems, Inc.) -- C:\Program Files\Cisco Systems\VPN Client\cvpnd.exe
PRC - [2004/10/14 13:42:54 | 001,404,928 | ---- | M] (Analog Devices, Inc.) -- C:\Program Files\Analog Devices\Core\smax4pnp.exe
========== Modules (SafeList) ==========
MOD - [2011/02/10 20:18:59 | 000,602,624 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Owner\Desktop\doug\OTL.exe
MOD - [2010/09/20 14:26:01 | 000,415,088 | R--- | M] (Symantec Corporation) -- C:\Program Files\Norton 360\Engine\4.3.0.5\asoehook.dll
MOD - [2010/08/23 11:12:02 | 001,054,208 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.6028_x-ww_61e65202\comctl32.dll
MOD - [2009/07/12 02:02:02 | 000,653,120 | R--- | M] (Microsoft Corporation) -- C:\Program Files\Norton 360\Engine\4.3.0.5\microsoft.vc90.crt\msvcr90.dll
MOD - [2009/07/12 02:02:00 | 000,569,664 | R--- | M] (Microsoft Corporation) -- C:\Program Files\Norton 360\Engine\4.3.0.5\microsoft.vc90.crt\msvcp90.dll
========== Win32 Services (SafeList) ==========
SRV - File not found [Disabled | Stopped] -- -- (HidServ)
SRV - File not found [On_Demand | Stopped] -- -- (AppMgmt)
SRV - [2010/11/11 13:57:04 | 000,268,528 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- c:\Program Files\Zune\WMZuneComm.exe -- (WMZuneComm)
SRV - [2010/11/11 13:57:02 | 000,444,656 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- c:\Program Files\Zune\ZuneWlanCfgSvc.exe -- (ZuneWlanCfgSvc)
SRV - [2010/11/11 13:55:56 | 006,351,600 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- c:\Program Files\Zune\ZuneNss.exe -- (ZuneNetworkSvc)
SRV - [2010/11/11 13:55:56 | 000,057,072 | ---- | M] (Microsoft Corporation) [Auto | Running] -- c:\Program Files\Zune\ZuneBusEnum.exe -- (ZuneBusEnum)
SRV - [2010/08/13 11:58:56 | 000,144,672 | ---- | M] (Apple Inc.) [Auto | Running] -- C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe -- (Apple Mobile Device)
SRV - [2010/02/25 19:21:50 | 000,126,392 | R--- | M] (Symantec Corporation) [Unknown | Running] -- C:\Program Files\Norton 360\Engine\4.3.0.5\ccSvcHst.exe -- (N360)
SRV - [2008/11/09 15:48:14 | 000,602,392 | ---- | M] (Yahoo! Inc.) [Auto | Running] -- C:\Program Files\Yahoo!\SoftwareUpdate\YahooAUService.exe -- (YahooAUService)
SRV - [2007/12/11 03:39:12 | 000,382,320 | ---- | M] (SupportSoft, Inc.) [On_Demand | Stopped] -- C:\Program Files\Common Files\supportsoft\bin\ssrc.exe -- (SupportSoft RemoteAssist)
SRV - [2007/09/20 16:10:02 | 000,032,768 | ---- | M] (Inter-Tel (Delaware), Inc) [Disabled | Stopped] -- C:\Documents and Settings\Owner\My Documents\Inter-Tel\Collaboration Client 2.0\lkWebLink.exe -- (LkWebLink)
SRV - [2006/04/20 07:34:26 | 001,520,688 | ---- | M] (Cisco Systems, Inc.) [Auto | Running] -- C:\Program Files\Cisco Systems\VPN Client\cvpnd.exe -- (CVPND)
========== Driver Services (SafeList) ==========
DRV - [2010/12/16 17:02:59 | 001,360,760 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\Documents and Settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_4.1.0.32\Definitions\VirusDefs\20110210.003\NAVEX15.SYS -- (NAVEX15)
DRV - [2010/12/16 17:02:59 | 000,086,008 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\Documents and Settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_4.1.0.32\Definitions\VirusDefs\20110210.003\NAVENG.SYS -- (NAVENG)
DRV - [2010/11/22 21:20:07 | 000,691,248 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Documents and Settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_4.1.0.32\Definitions\BASHDefs\20110114.001\BHDrvx86.sys -- (BHDrvx86)
DRV - [2010/11/08 19:50:31 | 000,341,944 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\Documents and Settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_4.1.0.32\Definitions\IPSDefs\20110210.001\IDSXpx86.sys -- (IDSxpx86)
DRV - [2010/06/08 23:23:00 | 000,124,976 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\SYMEVENT.SYS -- (SymEvent)
DRV - [2010/05/26 03:00:00 | 000,371,248 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Program Files\Common Files\Symantec Shared\EENGINE\eeCtrl.sys -- (eeCtrl)
DRV - [2010/05/26 03:00:00 | 000,102,448 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\Program Files\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys -- (EraserUtilRebootDrv)
DRV - [2010/05/05 23:01:59 | 000,361,904 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\WINDOWS\System32\Drivers\N360\0403000.005\SYMTDI.SYS -- (SYMTDI)
DRV - [2010/05/05 23:01:43 | 000,047,408 | R--- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\SymIM.sys -- (SymIMMP)
DRV - [2010/05/05 23:01:43 | 000,047,408 | R--- | M] (Symantec Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\SymIM.sys -- (SymIM)
DRV - [2010/04/29 00:03:51 | 000,116,784 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\N360\0403000.005\Ironx86.SYS -- (SymIRON)
DRV - [2010/04/21 22:02:20 | 000,173,104 | ---- | M] (Symantec Corporation) [File_System | Boot | Running] -- C:\WINDOWS\system32\drivers\N360\0403000.005\SYMEFA.SYS -- (SymEFA)
DRV - [2010/04/21 21:29:50 | 000,325,680 | ---- | M] (Symantec Corporation) [File_System | On_Demand | Running] -- C:\WINDOWS\System32\Drivers\N360\0403000.005\SRTSP.SYS -- (SRTSP)
DRV - [2010/04/21 21:29:50 | 000,043,696 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\N360\0403000.005\SRTSPX.SYS -- (SRTSPX) Symantec Real Time Storage Protection (PEL)
DRV - [2010/02/25 19:22:57 | 000,501,888 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\N360\0403000.005\ccHPx86.sys -- (ccHP)
DRV - [2010/02/03 20:40:47 | 000,328,752 | R--- | M] (Symantec Corporation) [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\N360\0403000.005\SYMDS.SYS -- (SymDS)
DRV - [2006/11/02 06:00:08 | 000,039,368 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\winusb.sys -- (WinUSB)
DRV - [2006/04/20 07:33:40 | 000,303,740 | ---- | M] (Cisco Systems, Inc.) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\CVPNDRVA.sys -- (CVPNDRVA)
DRV - [2005/06/29 18:50:30 | 000,110,080 | ---- | M] (Deterministic Networks, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\dne2000.sys -- (DNE)
DRV - [2005/05/17 03:51:34 | 000,005,315 | ---- | M] (Cisco Systems, Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\CVirtA.sys -- (CVirtA)
DRV - [2005/01/26 05:22:20 | 000,280,344 | ---- | M] (Zone Labs LLC) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\vsdatant.sys -- (vsdatant)
DRV - [2004/09/17 08:02:54 | 000,732,928 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\senfilt.sys -- (senfilt)
DRV - [2004/03/22 12:24:00 | 000,004,272 | R--- | M] () [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\bvrp_pci.sys -- (bvrp_pci)
DRV - [2003/11/17 15:59:20 | 000,212,224 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\HSFHWBS2.sys -- (HSFHWBS2)
DRV - [2003/11/17 15:58:02 | 000,680,704 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\HSF_CNXT.sys -- (winachsf)
DRV - [2003/11/17 15:56:26 | 001,042,432 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\HSF_DP.sys -- (HSF_DP)
========== Standard Registry (SafeList) ==========
========== Internet Explorer ==========
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Secondary Start Pages = http://news.yahoo.com/ [binary data]
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL = http://www.google.com/ie
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,SearchDefaultBranded =
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,SearchMigratedDefaultName =
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,SearchMigratedDefaultUrl =
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.yahoo.com/?ilc=1
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.google.com/ie
IE - HKCU\..\URLSearchHook: {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn3\yt.dll (Yahoo! Inc.)
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local
FF - HKLM\software\mozilla\Firefox\Extensions\\{BBDA0591-3099-440a-AA10-41764D9DB4DB}: C:\Documents and Settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_4.1.0.32\IPSFFPlgn\ [2010/06/12 05:20:07 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Firefox\Extensions\\{2D3F3651-74B9-4795-BDEC-6DA2F431CB62}: C:\Documents and Settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_4.1.0.32\coFFPlgn\ [2010/06/08 23:27:40 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Firefox\Extensions\\[email protected]: C:\Program Files\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2010/08/06 09:55:12 | 000,000,000 | ---D | M]
O1 HOSTS File: ([2011/02/04 20:19:43 | 000,000,027 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (&Yahoo! Toolbar Helper) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn3\yt.dll (Yahoo! Inc.)
O2 - BHO: (HP Print Enhancer) - {0347C33E-8762-4905-BF09-768834316C61} - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll (Hewlett-Packard Co.)
O2 - BHO: (Yahoo! IE Suggest) - {5A263CF7-56A6-4D68-A8CF-345BE45BC911} - C:\Program Files\Yahoo!\SearchSuggest\YSearchSuggest.dll (Yahoo! Inc.)
O2 - BHO: (Yahoo! IE Services Button) - {5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897} - C:\Program Files\Yahoo!\Common\yiesrvc.dll (Yahoo! Inc.)
O2 - BHO: (Symantec NCO BHO) - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files\Norton 360\Engine\4.3.0.5\coieplg.dll (Symantec Corporation)
O2 - BHO: (Symantec Intrusion Prevention) - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files\Norton 360\Engine\4.3.0.5\ipsbho.dll (Symantec Corporation)
O2 - BHO: (Yontoo Layers) - {FD72061E-9FDE-484D-A58A-0BAB4151CAD8} - C:\Program Files\Yontoo Layers Client\YontooIEClient.dll (Yontoo Technology, Inc.)
O2 - BHO: (SingleInstance Class) - {FDAD4DA1-61A2-4FD8-9C17-86F7AC245081} - C:\Program Files\Yahoo!\Companion\Installs\cpn3\YTSingleInstance.dll (Yahoo! Inc)
O2 - BHO: (HP Smart BHO Class) - {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll (Hewlett-Packard Co.)
O3 - HKLM\..\Toolbar: (Norton Toolbar) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files\Norton 360\Engine\4.3.0.5\coieplg.dll (Symantec Corporation)
O3 - HKLM\..\Toolbar: (Yahoo! Toolbar) - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn3\yt.dll (Yahoo! Inc.)
O3 - HKCU\..\Toolbar\WebBrowser: (Norton Toolbar) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files\Norton 360\Engine\4.3.0.5\coieplg.dll (Symantec Corporation)
O3 - HKCU\..\Toolbar\WebBrowser: (Yahoo! Toolbar) - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn3\yt.dll (Yahoo! Inc.)
O4 - HKLM..\Run: [AppleSyncNotifier] C:\Program Files\Common Files\Apple\Mobile Device Support\AppleSyncNotifier.exe (Apple Inc.)
O4 - HKLM..\Run: [ContentTransferWMDetector.exe] C:\Program Files\Sony\Content Transfer\ContentTransferWMDetector.exe (Sony Corporation)
O4 - HKLM..\Run: [SoundMAXPnP] C:\Program Files\Analog Devices\Core\smax4pnp.exe (Analog Devices, Inc.)
O4 - HKLM..\Run: [Zune Launcher] c:\Program Files\Zune\ZuneLauncher.exe (Microsoft Corporation)
O4 - HKCU..\Run: [Yahoo! Pager] C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe (Yahoo! Inc.)
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Cisco Systems VPN Client.lnk = C:\Program Files\Cisco Systems\VPN Client\vpngui.exe (Cisco Systems, Inc.)
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office\OSA9.EXE (Microsoft Corporation)
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Infodelivery present
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: LinkResolveIgnoreLinkInfo = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoResolveSearch = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: LinkResolveIgnoreLinkInfo = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O9 - Extra Button: OPN Client - {0D899ECB-9513-4C9A-8117-D4585C413DDD} - C:\Program Files\antepo\opnclient45\4.4.15.8\opnclient.exe (Antepo®, Inc.)
O9 - Extra 'Tools' menuitem : Opn Client - {0D899ECB-9513-4C9A-8117-D4585C413DDD} - C:\Program Files\antepo\opnclient45\4.4.15.8\opnclient.exe (Antepo®, Inc.)
O9 - Extra Button: Yahoo! Services - {5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897} - C:\Program Files\Yahoo!\Common\yiesrvc.dll (Yahoo! Inc.)
O9 - Extra Button: Show or hide HP Smart Web Printing - {DDE87865-83C5-48c4-8357-2F5B1AA84522} - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll (Hewlett-Packard Co.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O15 - HKCU\..Trusted Domains: bluemountain.com ([www] http in Trusted sites)
O15 - HKCU\..Trusted Domains: java.com ([www] http in Trusted sites)
O16 - DPF: {01113300-3E00-11D2-8470-0060089874ED} http://supportcenter...oad/tgctlcm.cab (Support.com Configuration Class)
O16 - DPF: {02A2D714-433E-46E4-B217-7C3B3FAF8EAE} http://www.worldwinn...rabblecubes.cab (ScrabbleCubes Control)
O16 - DPF: {038E2507-7A48-41E2-94AD-7F23D199AF4E} http://www.worldwinn...ems/zengems.cab (ZenGems Control)
O16 - DPF: {166B1BCA-3F9C-11CF-8075-444553540000} http://fpdownload.ma...director/sw.cab (Shockwave ActiveX Control)
O16 - DPF: {1A1F56AA-3401-46F9-B277-D57F3421F821} http://www.worldwinn...GamesLoader.cab (FunGamesLoader Object)
O16 - DPF: {1D082E71-DF20-4AAF-863B-596428C49874} http://www.worldwinn...0/tpir/tpir.cab (TPIR Control)
O16 - DPF: {2C153C75-8476-434B-B3C3-57B63A3D1939} http://www.worldwinn...ut/brickout.cab (Brickout Control)
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} C:\Program Files\Yahoo!\Common\Yinsthelper.dll (Installation Support)
O16 - DPF: {32C3FEAE-0877-4767-8C20-62A5829A0945} http://static.ak.fac...fbootloader.cab (Reg Error: Value error.)
O16 - DPF: {33E54F7F-561C-49E6-929B-D7E76D3AFEB1} http://www.worldwinn...0/pool/pool.cab (Pool Control)
O16 - DPF: {406B5949-7190-4245-91A9-30A17DE16AD0} http://photos.walmar...martActivia.cab (Snapfish Activia)
O16 - DPF: {41D1977F-4161-4720-800F-EA4903983A38} http://www.worldwinn...gsaw/jigsaw.cab (Jigsaw Genius Control)
O16 - DPF: {42FDC231-A411-45F8-B8B6-3B5026111DA8} http://www.worldwinn...litairerush.cab (SolitaireRush Control)
O16 - DPF: {555F1BBC-6EC2-474F-84AF-633EF097FF54} http://www.worldwinn...ts/wwhearts.cab (WWHearts Control)
O16 - DPF: {5ED80217-570B-4DA9-BF44-BE107C0EC166} http://cdn.scan.onec...lscbase6770.cab (Windows Live Safety Center Base Module)
O16 - DPF: {615F158E-D5CA-422F-A8E7-F6A5EED7063B} http://www.worldwinn...d/bejeweled.cab (Bejeweled Control)
O16 - DPF: {61900274-3323-4446-BDCD-91548D32AF1B} http://www.worldwinn...ersolitaire.cab (SpiderSolitaire Control)
O16 - DPF: {6A344D34-5231-452A-8A57-D064AC9B7862} https://webdl.symant...ex/symdlmgr.cab (Symantec Download Manager)
O16 - DPF: {8100D56A-5661-482C-BEE8-AFECE305D968} http://upload.facebo...oUploader55.cab (Facebook Photo Uploader 5 Control)
O16 - DPF: {8A94C905-FF9D-43B6-8708-F0F22D22B1CB} http://www.worldwinn...ed/wwlaunch.cab (Wwlaunch Control)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_13)
O16 - DPF: {8FA2192F-B95D-40E3-898F-8D7ABB8E00D0} http://download-game...mesLauncher.cab (SpinTop Games Launcher)
O16 - DPF: {94299420-321F-4FF9-A247-62A23EBB640B} http://www.worldwinn...jo/wordmojo.cab (WordMojo Control)
O16 - DPF: {95A311CD-EC8E-452A-BCEC-B844EB616D03} http://www.worldwinn...eweledtwist.cab (BejeweledTwist Control)
O16 - DPF: {A52FBD2B-7AB3-4F6B-90E3-91C772C5D00F} http://www.worldwinn...v57/wof/wof.cab (WoF Control)
O16 - DPF: {A91FB93D-7561-4524-8484-5C27C8FA8D42} http://www.worldwinn...luxor/luxor.cab (WwLuxor Control)
O16 - DPF: {AC2881FD-5760-46DB-83AE-20A5C6432A7E} http://www.worldwinn...apit/swapit.cab (SwapIt Control)
O16 - DPF: {B06CE1BC-5D9D-4676-BD28-1752DBF394E0} http://www.worldwinn...man/hangman.cab (Hangman Control)
O16 - DPF: {B516CA4E-A5BA-405C-AFCF-A97F08CC7429} http://aolsvc.aol.co...esPlayer_v4.cab (GoBit Games Player)
O16 - DPF: {BA35B9B8-DE9E-47C9-AFA7-3C77E3DDFD39} http://www.worldwinn...ly/monopoly.cab (Monopoly Control)
O16 - DPF: {BA94245D-2AA0-4953-9D9F-B0EE4CC02C43} http://www.worldwinn...ty/tilecity.cab (Tilecity Control)
O16 - DPF: {BEB82CC6-09F3-43EA-BEB1-97188E21035D} http://spi2.mttest.c...d/footpedal.cab (FootPedalCtl Class)
O16 - DPF: {BFF1950D-B1B4-4AE8-B842-B2CCF06D9A1B} http://aolsvc.aol.co...zylomplayer.cab (Zylom Games Player)
O16 - DPF: {C5326A4D-E9AA-40AD-A09A-E74304D86B47} http://www.worldwinn...h/dinerdash.cab (DinerDash Control)
O16 - DPF: {C93C1C34-CEA9-49B1-9046-040F59E0E0D8} http://www.worldwinn...paint/paint.cab (Paint Control)
O16 - DPF: {CAFEEFAC-0016-0000-0006-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_06)
O16 - DPF: {CAFEEFAC-0016-0000-0013-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_13)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_13)
O16 - DPF: {CF969D51-F764-4FBF-9E90-475248601C8A} http://www.worldwinn.../familyfeud.cab (FamilyFeud Control)
O16 - DPF: {D0C0F75C-683A-4390-A791-1ACFD5599AB8} http://gamenextus.ob...ronGameHost.cab (Oberon Flash Game Host)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.m...ent/swflash.cab (Shockwave Flash Object)
O16 - DPF: {E12EB891-D000-421B-A8ED-EDE1BDCA14A0} http://www.worldwinn...sol/golfsol.cab (GolfSol Control)
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.ad...Plus/1.6/gp.cab (Reg Error: Value error.)
O16 - DPF: {F46BD8B1-DE4C-4A4F-B6F6-8FB68D25342D} http://aolsvc.aol.co...eb.1.0.0.17.cab (CPlayFirstMahjongRoaControl Object)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 76.85.229.110 76.85.229.111
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - Winlogon\Notify\igfxcui: DllName - igfxdev.dll - C:\WINDOWS\System32\igfxdev.dll (Intel Corporation)
O24 - Desktop WallPaper: C:\Documents and Settings\Owner\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O24 - Desktop BackupWallPaper: C:\Documents and Settings\Owner\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2008/06/07 15:19:08 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O32 - AutoRun File - [2008/01/18 10:56:21 | 000,554,823 | R--- | M] () - D:\autorun.inf -- [ CDFS ]
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = ComFile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
========== Files/Folders - Created Within 30 Days ==========
[2011/02/10 19:27:49 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\HP Product Assistant
[2011/02/10 19:27:19 | 000,000,000 | ---D | C] -- C:\Program Files\Hewlett-Packard
[2011/02/10 19:26:51 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\HP
[2011/02/07 22:18:34 | 000,000,000 | -HSD | C] -- C:\RECYCLER
[2011/02/04 20:10:49 | 000,000,000 | RHSD | C] -- C:\cmdcons
[2011/02/04 20:06:11 | 000,000,000 | ---D | C] -- C:\WINDOWS\ERDNT
[2011/02/03 18:15:21 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Owner\DoctorWeb
[2011/01/30 14:37:51 | 000,047,408 | R--- | C] (Symantec Corporation) -- C:\WINDOWS\System32\drivers\SymIM.sys
[2011/01/22 13:03:13 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Owner\Desktop\doug
[2011/01/22 12:37:34 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Owner\Application Data\IObit
[2011/01/22 12:37:33 | 000,000,000 | ---D | C] -- C:\Program Files\IObit
[2011/01/21 22:35:05 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Owner\Application Data\Malwarebytes
[2011/01/21 22:34:54 | 000,038,224 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbamswissarmy.sys
[2011/01/21 22:34:54 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Malwarebytes' Anti-Malware
[2011/01/21 22:34:53 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Malwarebytes
[2011/01/21 22:34:49 | 000,020,952 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbam.sys
[2011/01/21 22:34:49 | 000,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware
[2011/01/18 16:58:34 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Owner\Application Data\Sony Corporation
[2011/01/18 16:45:12 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Content Transfer
[2011/01/18 16:44:48 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Sony Shared
[2011/01/18 16:38:13 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\WALKMAN Guide
[2011/01/18 16:16:35 | 000,000,000 | ---D | C] -- C:\Program Files\Sony
[2011/01/15 17:40:11 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Owner\Desktop\Beth's music
[2011/01/15 00:21:09 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\pt-PT
[2011/01/15 00:21:09 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\pt-BR
[2011/01/15 00:21:09 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\nl-NL
[2011/01/15 00:21:09 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\it-IT
[2011/01/15 00:21:07 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\fr-FR
[2011/01/15 00:21:07 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\es-ES
[2011/01/15 00:21:07 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\de-DE
[2011/01/14 20:45:30 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Zune
[2011/01/14 19:46:23 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Owner\Application Data\DriverCure
[2011/01/14 19:46:22 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Owner\Application Data\ParetoLogic
[2011/01/14 19:45:49 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\ParetoLogic
[2011/01/12 12:04:26 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Owner\Start Menu\Programs\WebEx Recorder & Player
[2011/01/12 09:01:30 | 000,000,000 | -HSD | C] -- C:\Documents and Settings\Owner\My Documents\cache
[3 C:\Documents and Settings\Owner\My Documents\*.tmp files -> C:\Documents and Settings\Owner\My Documents\*.tmp -> ]
========== Files - Modified Within 30 Days ==========
[2011/02/10 19:41:01 | 000,019,518 | ---- | M] () -- C:\WINDOWS\hpqins13.dat
[2011/02/10 19:40:34 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2011/02/10 19:37:37 | 000,001,870 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\HP Photosmart Essential 3.5.lnk
[2011/02/10 19:32:53 | 000,157,346 | ---- | M] () -- C:\WINDOWS\hpoins27.dat
[2011/02/10 19:28:48 | 000,001,808 | ---- | M] () -- C:\Documents and Settings\All Users\Start Menu\Programs\Startup\HP Digital Imaging Monitor.lnk
[2011/02/10 19:28:05 | 000,000,984 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\HP Solution Center.lnk
[2011/02/10 16:51:53 | 000,002,137 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\iTunes.lnk
[2011/02/10 12:12:24 | 000,002,399 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\OPN.lnk
[2011/02/10 09:24:46 | 000,002,473 | ---- | M] () -- C:\Documents and Settings\Owner\Desktop\Microsoft Word.lnk
[2011/02/10 03:50:39 | 000,000,004 | ---- | M] () -- C:\Documents and Settings\Owner\Application Data\EXText Diagnostic Upload Queue.dat
[2011/02/09 22:20:57 | 000,274,968 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2011/02/09 22:17:04 | 000,001,355 | ---- | M] () -- C:\WINDOWS\imsins.BAK
[2011/02/09 13:25:01 | 001,207,095 | ---- | M] () -- C:\Documents and Settings\Owner\Desktop\WC32.mdmp
[2011/02/09 08:13:50 | 000,020,992 | ---- | M] () -- C:\Documents and Settings\Owner\My Documents\most dangerous game..doc
[2011/02/04 20:19:43 | 000,000,027 | ---- | M] () -- C:\WINDOWS\System32\drivers\etc\hosts
[2011/02/04 20:10:57 | 000,000,327 | RHS- | M] () -- C:\boot.ini
[2011/02/04 19:22:21 | 000,000,235 | ---- | M] () -- C:\Documents and Settings\Owner\Desktop\https--admin.ichart.com.-login.aspxReturnUrl=%2fdefault.aspx.url
[2011/02/04 12:50:56 | 000,133,632 | ---- | M] () -- C:\Documents and Settings\Owner\Desktop\RKUnhookerLE.EXE
[2011/02/04 12:16:06 | 000,000,284 | ---- | M] () -- C:\WINDOWS\tasks\AppleSoftwareUpdate.job
[2011/02/03 18:12:54 | 055,951,152 | ---- | M] () -- C:\Documents and Settings\Owner\Desktop\drweb-cureit.exe
[2011/02/02 21:53:11 | 000,296,448 | ---- | M] () -- C:\xqdqok07.exe
[2011/02/01 16:29:39 | 067,615,404 | ---- | M] () -- C:\Documents and Settings\Owner\My Documents\Getting Started Guide.pdf
[2011/02/01 16:28:03 | 000,473,191 | ---- | M] () -- C:\Documents and Settings\Owner\My Documents\WW getting started11.pdf
[2011/02/01 16:27:43 | 000,354,204 | ---- | M] () -- C:\Documents and Settings\Owner\My Documents\WW getting started10.pdf
[2011/02/01 16:26:52 | 000,544,230 | ---- | M] () -- C:\Documents and Settings\Owner\My Documents\WW getting started9.pdf
[2011/02/01 16:26:31 | 000,280,865 | ---- | M] () -- C:\Documents and Settings\Owner\My Documents\WW getting started8.pdf
[2011/02/01 16:26:05 | 000,473,038 | ---- | M] () -- C:\Documents and Settings\Owner\My Documents\WW getting started7.pdf
[2011/02/01 16:25:36 | 000,258,327 | ---- | M] () -- C:\Documents and Settings\Owner\My Documents\WW getting started6.pdf
[2011/02/01 16:25:00 | 001,111,625 | ---- | M] () -- C:\Documents and Settings\Owner\My Documents\WW getting started5.pdf
[2011/02/01 16:24:24 | 000,251,073 | ---- | M] () -- C:\Documents and Settings\Owner\My Documents\WW getting started3.pdf
[2011/02/01 16:23:33 | 000,412,817 | ---- | M] () -- C:\Documents and Settings\Owner\My Documents\ww getting started2.pdf
[2011/02/01 16:22:22 | 000,506,770 | ---- | M] () -- C:\Documents and Settings\Owner\My Documents\WW getting started1.pdf
[2011/01/29 18:59:26 | 000,002,206 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2011/01/29 10:25:57 | 000,000,196 | ---- | M] () -- C:\Documents and Settings\Owner\Desktop\HRP Manager Login.url
[2011/01/28 18:32:05 | 000,058,388 | -H-- | M] () -- C:\WINDOWS\System32\mlfcache.dat
[2011/01/25 21:41:16 | 000,000,375 | ---- | M] () -- C:\WINDOWS\System32\drivers\etc\hosts.ics
[2011/01/23 11:13:15 | 000,009,265 | ---- | M] () -- C:\Documents and Settings\Owner\Desktop\Wireless Security Settings.html
[2011/01/22 17:36:41 | 000,001,729 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Adobe Reader 9.lnk
[2011/01/22 13:04:07 | 000,000,104 | ---- | M] () -- C:\Documents and Settings\Owner\Desktop\Network Magic Folders.lnk
[2011/01/18 12:39:34 | 000,239,104 | ---- | M] () -- C:\Documents and Settings\Owner\My Documents\100_FAVORITE_WEIGHTWATCHERS_RECIPES_LD.doc
[2011/01/18 12:33:56 | 000,025,207 | ---- | M] () -- C:\Documents and Settings\Owner\My Documents\Getting_started_LD.rtf
[2011/01/17 20:28:55 | 000,000,255 | ---- | M] () -- C:\Documents and Settings\Owner\Desktop\HRP Manager Login.zip
[2011/01/15 00:23:56 | 000,000,000 | -H-- | M] () -- C:\WINDOWS\System32\drivers\Msft_User_ZuneDriver_01_09_00.Wdf
[2011/01/15 00:23:56 | 000,000,000 | -H-- | M] () -- C:\WINDOWS\System32\drivers\Msft_Kernel_WinUSB_01009.Wdf
[2011/01/15 00:22:45 | 000,000,000 | -H-- | M] () -- C:\WINDOWS\System32\drivers\MsftWdf_user_01_09_00.Wdf
[2011/01/14 23:47:38 | 000,053,639 | ---- | M] () -- C:\Documents and Settings\Owner\My Documents\ashleynicolelimer.jpg
[2011/01/14 23:47:12 | 000,053,639 | ---- | M] () -- C:\Documents and Settings\Owner\My Documents\ashleynicolelimer
[2011/01/14 20:51:58 | 000,005,632 | ---- | M] () -- C:\Documents and Settings\Owner\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2011/01/14 20:46:10 | 000,000,000 | -H-- | M] () -- C:\WINDOWS\System32\drivers\Msft_Kernel_zumbus_01009.Wdf
[2011/01/14 20:46:08 | 000,000,000 | -H-- | M] () -- C:\WINDOWS\System32\drivers\MsftWdf_Kernel_01009_Coinstaller_Critical.Wdf
[2011/01/13 21:53:22 | 000,085,307 | ---- | M] () -- C:\Documents and Settings\Owner\My Documents\bestfriend 13.jpg
[2011/01/13 14:04:08 | 000,090,111 | ---- | M] () -- C:\Documents and Settings\Owner\My Documents\Copy of bestfriend 12.jpg
[2011/01/13 14:04:08 | 000,090,111 | ---- | M] () -- C:\Documents and Settings\Owner\My Documents\Copy (2) of bestfriend 12.jpg
[2011/01/13 14:04:08 | 000,090,111 | ---- | M] () -- C:\Documents and Settings\Owner\My Documents\bestfriend 12.jpg
[2011/01/13 14:03:10 | 000,083,005 | ---- | M] () -- C:\Documents and Settings\Owner\My Documents\bestfriend 11.jpg
[2011/01/13 14:02:06 | 000,090,316 | ---- | M] () -- C:\Documents and Settings\Owner\My Documents\bestfriend 10.jpg
[2011/01/13 14:01:17 | 000,081,726 | ---- | M] () -- C:\Documents and Settings\Owner\My Documents\bestfriend 9.jpg
[2011/01/13 14:00:11 | 000,082,703 | ---- | M] () -- C:\Documents and Settings\Owner\My Documents\bestfriend 8.jpg
[2011/01/13 13:58:26 | 000,080,473 | ---- | M] () -- C:\Documents and Settings\Owner\My Documents\bestfriend 7.jpg
[2011/01/13 13:57:16 | 000,086,900 | ---- | M] () -- C:\Documents and Settings\Owner\My Documents\bestfriend 6.jpg
[2011/01/13 13:56:45 | 000,080,729 | ---- | M] () -- C:\Documents and Settings\Owner\My Documents\bestfriend 5.jpg
[2011/01/13 13:55:36 | 000,085,418 | ---- | M] () -- C:\Documents and Settings\Owner\My Documents\bestfriend 4.jpg
[2011/01/13 13:54:14 | 000,081,491 | ---- | M] () -- C:\Documents and Settings\Owner\My Documents\bestfriend 3.jpg
[2011/01/13 13:53:23 | 000,087,067 | ---- | M] () -- C:\Documents and Settings\Owner\My Documents\bestfriend 2.jpg
[2011/01/13 13:52:21 | 000,065,819 | ---- | M] () -- C:\Documents and Settings\Owner\My Documents\bestfriend.jpg
[2011/01/13 13:51:50 | 000,081,106 | ---- | M] () -- C:\Documents and Settings\Owner\My Documents\bestfriend 1.jpg
[2011/01/12 12:04:26 | 000,001,668 | ---- | M] () -- C:\Documents and Settings\Owner\Desktop\WebEx Player.LNK
[3 C:\Documents and Settings\Owner\My Documents\*.tmp files -> C:\Documents and Settings\Owner\My Documents\*.tmp -> ]
========== Files Created - No Company Name ==========
[2011/02/10 19:37:36 | 000,001,870 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\HP Photosmart Essential 3.5.lnk
[2011/02/10 19:36:10 | 000,019,518 | ---- | C] () -- C:\WINDOWS\hpqins13.dat
[2011/02/10 19:28:47 | 000,001,808 | ---- | C] () -- C:\Documents and Settings\All Users\Start Menu\Programs\Startup\HP Digital Imaging Monitor.lnk
[2011/02/10 19:28:05 | 000,000,984 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\HP Solution Center.lnk
[2011/02/10 19:23:51 | 000,157,346 | ---- | C] () -- C:\WINDOWS\hpoins27.dat
[2011/02/10 19:23:51 | 000,000,932 | ---- | C] () -- C:\WINDOWS\hpomdl27.dat
[2011/02/08 22:46:57 | 000,020,992 | ---- | C] () -- C:\Documents and Settings\Owner\My Documents\most dangerous game..doc
[2011/02/04 20:10:57 | 000,000,211 | ---- | C] () -- C:\Boot.bak
[2011/02/04 20:10:54 | 000,260,272 | RHS- | C] () -- C:\cmldr
[2011/02/04 19:22:21 | 000,000,235 | ---- | C] () -- C:\Documents and Settings\Owner\Desktop\https--admin.ichart.com.-login.aspxReturnUrl=%2fdefault.aspx.url
[2011/02/04 12:50:56 | 000,133,632 | ---- | C] () -- C:\Documents and Settings\Owner\Desktop\RKUnhookerLE.EXE
[2011/02/03 18:12:52 | 055,951,152 | ---- | C] () -- C:\Documents and Settings\Owner\Desktop\drweb-cureit.exe
[2011/02/02 21:53:11 | 000,296,448 | ---- | C] () -- C:\xqdqok07.exe
[2011/02/01 16:28:03 | 000,473,191 | ---- | C] () -- C:\Documents and Settings\Owner\My Documents\WW getting started11.pdf
[2011/02/01 16:27:42 | 000,354,204 | ---- | C] () -- C:\Documents and Settings\Owner\My Documents\WW getting started10.pdf
[2011/02/01 16:26:52 | 000,544,230 | ---- | C] () -- C:\Documents and Settings\Owner\My Documents\WW getting started9.pdf
[2011/02/01 16:26:31 | 000,280,865 | ---- | C] () -- C:\Documents and Settings\Owner\My Documents\WW getting started8.pdf
[2011/02/01 16:26:04 | 000,473,038 | ---- | C] () -- C:\Documents and Settings\Owner\My Documents\WW getting started7.pdf
[2011/02/01 16:25:36 | 000,258,327 | ---- | C] () -- C:\Documents and Settings\Owner\My Documents\WW getting started6.pdf
[2011/02/01 16:25:00 | 001,111,625 | ---- | C] () -- C:\Documents and Settings\Owner\My Documents\WW getting started5.pdf
[2011/02/01 16:24:24 | 000,251,073 | ---- | C] () -- C:\Documents and Settings\Owner\My Documents\WW getting started3.pdf
[2011/02/01 16:23:33 | 000,412,817 | ---- | C] () -- C:\Documents and Settings\Owner\My Documents\ww getting started2.pdf
[2011/02/01 16:22:22 | 000,506,770 | ---- | C] () -- C:\Documents and Settings\Owner\My Documents\WW getting started1.pdf
[2011/01/23 11:13:15 | 000,009,265 | ---- | C] () -- C:\Documents and Settings\Owner\Desktop\Wireless Security Settings.html
[2011/01/22 17:35:36 | 000,002,347 | ---- | C] () -- C:\Documents and Settings\All Users\Start Menu\Programs\Adobe Reader 9.lnk
[2011/01/22 17:35:36 | 000,001,729 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Adobe Reader 9.lnk
[2011/01/22 13:04:06 | 000,000,104 | ---- | C] () -- C:\Documents and Settings\Owner\Desktop\Network Magic Folders.lnk
[2011/01/18 12:39:34 | 000,239,104 | ---- | C] () -- C:\Documents and Settings\Owner\My Documents\100_FAVORITE_WEIGHTWATCHERS_RECIPES_LD.doc
[2011/01/18 12:33:56 | 000,025,207 | ---- | C] () -- C:\Documents and Settings\Owner\My Documents\Getting_started_LD.rtf
[2011/01/18 12:16:35 | 067,615,404 | ---- | C] () -- C:\Documents and Settings\Owner\My Documents\Getting Started Guide.pdf
[2011/01/17 20:28:55 | 000,000,255 | ---- | C] () -- C:\Documents and Settings\Owner\Desktop\HRP Manager Login.zip
[2011/01/17 20:08:42 | 000,000,196 | ---- | C] () -- C:\Documents and Settings\Owner\Desktop\HRP Manager Login.url
[2011/01/15 00:23:56 | 000,000,000 | -H-- | C] () -- C:\WINDOWS\System32\drivers\Msft_User_ZuneDriver_01_09_00.Wdf
[2011/01/15 00:23:56 | 000,000,000 | -H-- | C] () -- C:\WINDOWS\System32\drivers\Msft_Kernel_WinUSB_01009.Wdf
[2011/01/15 00:22:45 | 000,000,000 | -H-- | C] () -- C:\WINDOWS\System32\drivers\MsftWdf_user_01_09_00.Wdf
[2011/01/14 23:47:38 | 000,053,639 | ---- | C] () -- C:\Documents and Settings\Owner\My Documents\ashleynicolelimer.jpg
[2011/01/14 23:47:12 | 000,053,639 | ---- | C] () -- C:\Documents and Settings\Owner\My Documents\ashleynicolelimer
[2011/01/14 20:46:10 | 000,000,000 | -H-- | C] () -- C:\WINDOWS\System32\drivers\Msft_Kernel_zumbus_01009.Wdf
[2011/01/14 20:46:08 | 000,000,000 | -H-- | C] () -- C:\WINDOWS\System32\drivers\MsftWdf_Kernel_01009_Coinstaller_Critical.Wdf
[2011/01/13 21:52:17 | 000,085,307 | ---- | C] () -- C:\Documents and Settings\Owner\My Documents\bestfriend 13.jpg
[2011/01/13 18:08:04 | 000,090,111 | ---- | C] () -- C:\Documents and Settings\Owner\My Documents\Copy (2) of bestfriend 12.jpg
[2011/01/13 18:07:58 | 000,090,111 | ---- | C] () -- C:\Documents and Settings\Owner\My Documents\Copy of bestfriend 12.jpg
[2011/01/12 09:37:06 | 000,001,668 | ---- | C] () -- C:\Documents and Settings\Owner\Desktop\WebEx Player.LNK
[2010/07/25 19:21:20 | 008,892,928 | ---- | C] () -- C:\Documents and Settings\All Users\Application Data\atscie.msi
[2010/03/29 18:18:19 | 000,000,736 | ---- | C] () -- C:\WINDOWS\SamsungMaster.INI
[2009/10/07 21:31:12 | 000,180,224 | ---- | C] () -- C:\WINDOWS\System32\xvidvfw.dll
[2009/10/07 21:31:08 | 000,765,952 | ---- | C] () -- C:\WINDOWS\System32\xvidcore.dll
[2009/05/04 15:00:28 | 000,029,752 | ---- | C] () -- C:\WINDOWS\System32\InstHelper.dll
[2009/05/04 14:58:45 | 000,197,680 | ---- | C] () -- C:\WINDOWS\System32\vpnapi.dll
[2009/02/28 23:36:53 | 000,005,632 | ---- | C] () -- C:\Documents and Settings\Owner\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2009/01/04 22:28:32 | 000,002,821 | ---- | C] () -- C:\Documents and Settings\All Users\Application Data\hpzinstall.log
[2008/06/14 11:22:41 | 000,000,049 | ---- | C] () -- C:\WINDOWS\lexstat.ini
[2008/06/09 11:04:17 | 000,000,004 | ---- | C] () -- C:\Documents and Settings\Owner\Application Data\EXText Diagnostic Upload Queue.dat
[2008/06/09 10:58:24 | 000,000,000 | ---- | C] () -- C:\WINDOWS\Wc32.INI
[2008/06/09 10:45:34 | 000,193,584 | ---- | C] () -- C:\WINDOWS\System32\CSGina.dll
[2008/06/09 09:51:58 | 000,000,376 | ---- | C] () -- C:\WINDOWS\ODBC.INI
[2008/06/08 14:08:29 | 000,004,161 | ---- | C] () -- C:\WINDOWS\ODBCINST.INI
[2008/06/07 16:14:22 | 000,000,288 | ---- | C] () -- C:\WINDOWS\dellstat.ini
[2008/06/07 15:44:31 | 000,004,272 | R--- | C] () -- C:\WINDOWS\System32\drivers\bvrp_pci.sys
[2005/10/14 15:09:48 | 000,051,304 | ---- | C] () -- C:\WINDOWS\System32\drivers\atnt40k.sys
[1999/01/22 13:46:58 | 000,065,536 | ---- | C] () -- C:\WINDOWS\System32\MSRTEDIT.DLL
========== LOP Check ==========
[2008/06/07 16:14:31 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\BVRP Software
[2009/04/27 21:53:34 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\CA
[2008/06/07 16:01:56 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Citrix
[2008/06/11 00:26:33 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\FunGames
[2008/08/16 19:24:34 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\GameHouse
[2008/12/01 11:31:21 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\GoBit Games
[2010/04/10 16:26:43 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\NCH Swift Sound
[2011/01/17 20:22:12 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\ParetoLogic
[2008/06/19 01:39:51 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\PopCap
[2008/06/09 09:49:52 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\SBT
[2008/08/07 00:45:18 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\SpinTop Games
[2010/12/24 03:25:17 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Tarma Installer
[2009/04/18 23:20:37 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\TEMP
[2008/12/03 18:13:34 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\WinZipSE
[2008/06/19 01:31:31 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Zylom
[2010/10/13 22:06:27 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\{429CAD59-35B1-4DBC-BB6D-1DB246563521}
[2009/12/27 15:31:50 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\{755AC846-7372-4AC8-8550-C52491DAA8BD}
[2009/08/18 19:29:32 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\{7B6BA59A-FB0E-4499-8536-A7420338BF3B}
[2009/05/05 14:41:58 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Owner\Application Data\Antepo-ACCEPT
[2011/01/14 19:46:23 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Owner\Application Data\DriverCure
[2010/06/07 12:52:09 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Owner\Application Data\Facebook
[2011/01/23 17:40:04 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Owner\Application Data\IObit
[2008/07/14 23:55:15 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Owner\Application Data\Jane s Hotel
[2010/04/10 16:26:42 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Owner\Application Data\NCH Swift Sound
[2011/01/14 19:46:22 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Owner\Application Data\ParetoLogic
[2008/07/21 12:08:08 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Owner\Application Data\Snapfish
[2008/06/07 17:07:58 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Owner\Application Data\SupportSoft
[2010/09/14 23:38:13 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Owner\Application Data\Tific
[2009/04/18 16:20:08 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Owner\Application Data\uniblue
[2010/11/26 21:29:42 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Owner\Application Data\Unity
[2011/01/17 19:08:28 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Owner\Application Data\webex
[2008/07/14 23:55:12 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Owner\Application Data\Zylom
[2010/04/10 16:26:49 | 000,000,288 | ---- | M] () -- C:\WINDOWS\Tasks\expressSevenDaysInit.job
[2010/04/10 16:34:31 | 000,000,284 | ---- | M] () -- C:\WINDOWS\Tasks\scribeSevenDaysInit.job
[2010/06/19 18:20:01 | 000,000,278 | ---- | M] () -- C:\WINDOWS\Tasks\scribeShakeIcon.job
========== Purity Check ==========
========== Alternate Data Streams ==========
@Alternate Data Stream - 150 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:78645FD8
@Alternate Data Stream - 142 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:5BD8B9DD
@Alternate Data Stream - 116 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:D1B5B4F1
< End of report >
Similar Topics
0 user(s) are reading this topic
0 members, 0 guests, 0 anonymous users
As Featured On:
Sign In
Create Account
