My windows PC was running fine before I left out of town for work. My son played League Of Legends on it while I was away and when I came back a week later, my Norton Scan said it has blocked unauthorized access from many sources the past week, namely this League Of Legends game. Also was blocked the following intrusions that said my own PC was the attacking computer: Web Attack: Blackhole Toolkit Website, Web Attack: Malicious Toolkit Website 8, and C:WINDOWS\SYSTEM32\CTFMON.EXE.
I would really appreciate any help in clearing my PC because I had a Java update that was a trojan Byte.Verify that Norton found so I just removed my Java thinking it would help, but non e the less, it is worse...slow, freezes, etc...I'm not sure if my son's playing of the Riot Games on League Of Legends did anything, but I believe that my Norton scan is not producing all the results since I am aware that hijacking/worms/viruses/trojans are very sophisticated these days and can be layered under programs. I work from home so it is of utmost importance for me and my son's "pending" grounding. Thank you inadvacne.
I ran OTL and posting the extras results and later the regular results:
Extras.txt
OTL Extras logfile created on: 3/25/2011 3:19:01 PM - Run 1
OTL by OldTimer - Version 3.2.22.3 Folder = C:\Documents and Settings\House Guest\Desktop
Windows XP Home Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy
1,022.00 Mb Total Physical Memory | 197.00 Mb Available Physical Memory | 19.00% Memory free
2.00 Gb Paging File | 2.00 Gb Available in Paging File | 64.00% Paging File free
Paging file location(s): c:\pagefile.sys 1524 3048 [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 232.82 Gb Total Space | 115.20 Gb Free Space | 49.48% Space Free | Partition Type: NTFS
Computer Name: MIDWESTHOME | User Name: House Guest | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days
========== Extra Registry (SafeList) ==========
========== File Associations ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
========== Shell Spawning ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
exefile [open] -- "%1" %*
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
========== Security Center Settings ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"FirstRunDisabled" = 1
"AntiVirusDisableNotify" = 0
"FirewallDisableNotify" = 0
"UpdatesDisableNotify" = 0
"AntiVirusOverride" = 0
"FirewallOverride" = 0
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall]
========== System Restore Settings ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Sr]
"Start" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SrService]
"Start" = 2
========== Firewall Settings ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List]
"1900:UDP" = 1900:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22007
"2869:TCP" = 2869:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22008
"10243:TCP" = 10243:TCP:LocalSubNet:Enabled:Windows Media Player Network Sharing Service
"10280:UDP" = 10280:UDP:LocalSubNet:Enabled:Windows Media Player Network Sharing Service
"10281:UDP" = 10281:UDP:LocalSubNet:Enabled:Windows Media Player Network Sharing Service
"10282:UDP" = 10282:UDP:LocalSubNet:Enabled:Windows Media Player Network Sharing Service
"10283:UDP" = 10283:UDP:LocalSubNet:Enabled:Windows Media Player Network Sharing Service
"10284:UDP" = 10284:UDP:LocalSubNet:Enabled:Windows Media Player Network Sharing Service
"139:TCP" = 139:TCP:*:Enabled:@xpsp2res.dll,-22004
"445:TCP" = 445:TCP:*:Enabled:@xpsp2res.dll,-22005
"137:UDP" = 137:UDP:*:Enabled:@xpsp2res.dll,-22001
"138:UDP" = 138:UDP:*:Enabled:@xpsp2res.dll,-22002
"56829:TCP" = 56829:TCP:*:Enabled:Pando Media Booster
"56829:UDP" = 56829:UDP:*:Enabled:Pando Media Booster
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 0
"DoNotAllowExceptions" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
"1900:UDP" = 1900:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22007
"2869:TCP" = 2869:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22008
"10243:TCP" = 10243:TCP:LocalSubNet:Enabled:Windows Media Player Network Sharing Service
"10280:UDP" = 10280:UDP:LocalSubNet:Enabled:Windows Media Player Network Sharing Service
"10281:UDP" = 10281:UDP:LocalSubNet:Enabled:Windows Media Player Network Sharing Service
"10282:UDP" = 10282:UDP:LocalSubNet:Enabled:Windows Media Player Network Sharing Service
"10283:UDP" = 10283:UDP:LocalSubNet:Enabled:Windows Media Player Network Sharing Service
"10284:UDP" = 10284:UDP:LocalSubNet:Enabled:Windows Media Player Network Sharing Service
"139:TCP" = 139:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22004
"445:TCP" = 445:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22005
"137:UDP" = 137:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22001
"138:UDP" = 138:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22002
"8381:TCP" = 8381:TCP:*:Enabled:League of Legends Launcher
"8381:UDP" = 8381:UDP:*:Enabled:League of Legends Launcher
"5985:TCP" = 5985:TCP:*:Disabled:Windows Remote Management
"80:TCP" = 80:TCP:*:Disabled:Windows Remote Management - Compatibility Mode (HTTP-In)
"56829:TCP" = 56829:TCP:*:Enabled:Pando Media Booster
"56829:UDP" = 56829:UDP:*:Enabled:Pando Media Booster
"6919:TCP" = 6919:TCP:*:Enabled:League of Legends Launcher
"6919:UDP" = 6919:UDP:*:Enabled:League of Legends Launcher
========== Authorized Applications List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
"C:\Program Files\CyberLink\PowerDVD DX\PowerDVD.exe" = C:\Program Files\CyberLink\PowerDVD DX\PowerDVD.exe:*:Enabled:CyberLink PowerDVD DX -- (CyberLink Corp.)
"C:\Program Files\CyberLink\PowerDVD DX\PDVDDXSrv.exe" = C:\Program Files\CyberLink\PowerDVD DX\PDVDDXSrv.exe:*:Enabled:CyberLink PowerDVD DX Resident Program -- (CyberLink Corp.)
"C:\Program Files\Pando Networks\Media Booster\PMB.exe" = C:\Program Files\Pando Networks\Media Booster\PMB.exe:*:Enabled:Pando Media Booster -- ()
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"C:\Program Files\CyberLink\PowerDVD DX\PowerDVD.exe" = C:\Program Files\CyberLink\PowerDVD DX\PowerDVD.exe:*:Enabled:CyberLink PowerDVD DX -- (CyberLink Corp.)
"C:\Program Files\CyberLink\PowerDVD DX\PDVDDXSrv.exe" = C:\Program Files\CyberLink\PowerDVD DX\PDVDDXSrv.exe:*:Enabled:CyberLink PowerDVD DX Resident Program -- (CyberLink Corp.)
"C:\Program Files\LimeWire\LimeWire.exe" = C:\Program Files\LimeWire\LimeWire.exe:*:Enabled:LimeWire
"C:\Documents and Settings\House Guest\Desktop\TF2\BitTorrent-7.0.exe" = C:\Documents and Settings\House Guest\Desktop\TF2\BitTorrent-7.0.exe:*:Enabled:BitTorrent -- (BitTorrent, Inc.)
"C:\Program Files\SopCast\adv\SopAdver.exe" = C:\Program Files\SopCast\adv\SopAdver.exe:*:Enabled:SopCast Adver
"C:\Program Files\SopCast\SopCast.exe" = C:\Program Files\SopCast\SopCast.exe:*:Enabled:SopCast Main Application
"C:\Program Files\SmartFTP Client\SmartFTP.exe" = C:\Program Files\SmartFTP Client\SmartFTP.exe:*:Enabled:SmartFTP Client -- (SmartSoft Ltd.)
"C:\Riot Games\League of Legends\air\LolClient.exe" = C:\Riot Games\League of Legends\air\LolClient.exe:*:Enabled:League of Legends Lobby -- (Adobe Systems Inc.)
"C:\Riot Games\League of Legends\game\League of Legends.exe" = C:\Riot Games\League of Legends\game\League of Legends.exe:*:Enabled:League of Legends Game Client -- ()
"C:\Program Files\Java\jre6\bin\javaw.exe" = C:\Program Files\Java\jre6\bin\javaw.exe:*:Enabled:Java Platform SE binary
"C:\Program Files\Pando Networks\Media Booster\PMB.exe" = C:\Program Files\Pando Networks\Media Booster\PMB.exe:*:Enabled:Pando Media Booster -- ()
"C:\Riot Games\Ventrilo.exe" = C:\Riot Games\Ventrilo.exe:*:Enabled:Ventrilo.exe -- (Flagship Industries, Inc.)
"G:\Riot Games\League of Legends\air\LolClient.exe" = G:\Riot Games\League of Legends\air\LolClient.exe:*:Enabled:League of Legends Lobby
"G:\Riot Games\League of Legends\game\League of Legends.exe" = G:\Riot Games\League of Legends\game\League of Legends.exe:*:Enabled:League of Legends Game Client
"C:\Program Files\uTorrent\uTorrent.exe" = C:\Program Files\uTorrent\uTorrent.exe:*:Enabled:µTorrent -- (BitTorrent, Inc.)
========== HKEY_LOCAL_MACHINE Uninstall List ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}" = Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148
"{0746324A-74A1-DD6E-3DC7-89FF5432D29D}" = CCC Help Thai
"{08E81ABD-79F7-49C2-881F-FD6CB0975693}" = Roxio Creator Data
"{098122AB-C605-4853-B441-C0A4EB359B75}" = DirectXInstallService
"{0A2D1DFE-5362-6CCF-46D7-07006D726383}" = CCC Help Russian
"{0DA693CA-9AE8-0780-E49C-3D49E099077B}" = Catalyst Control Center Localization All
"{0DFB3DE8-65B9-44FF-AA0A-3BECC5A2BFD1}" = Adobe Flash Player 10 Plugin
"{0E2B767B-EA6A-489B-BF83-8083FE1DB661}" = Pcsx2 0.9.6
"{0E3673BA-262D-61D0-3F2F-D6DE0F687F62}" = ATI AVIVO Codecs
"{10BC9ED1-5D41-54C6-862C-2C00E5C434EF}" = CCC Help Portuguese
"{13F3917B56CD4C25848BDC69916971BB}" = DivX Converter
"{1BE326D9-BA06-A574-72AA-C428C6F09549}" = CCC Help German
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{1F4814EB-4453-B4ED-29C9-C7F1AE76152F}" = Catalyst Control Center Core Implementation
"{1F54DAFA-9261-4A62-B59D-6C9F26B48FE4}" = Roxio Creator Tools
"{1FDDECB1-702D-C574-295B-BC9CCE51C795}" = CCC Help Italian
"{205C6BDD-7B73-42DE-8505-9A093F35A238}" = Windows Live Upload Tool
"{22B775E7-6C42-4FC5-8E10-9A5E3257BD94}" = MSVCRT
"{246DB002-665C-CD60-390A-DE2BE952C7CC}" = CCC Help Dutch
"{25EF00BE-F17B-11D6-88EA-000476CD2443}" = Verizon Online
"{28C2DED6-325B-4CC7-983A-1777C8F7FBAB}" = RealUpgrade 1.1
"{2A697B53-0DE3-42DA-B41D-C3F804B1C538}" = iTunes
"{2A981294-F14C-4F0F-9627-D793270922F8}" = Bonjour
"{2DC94AFD-A6E2-4AB4-9132-4A3F8E07B386}" = Apple Application Support
"{30465B6C-B53F-49A1-9EBA-A3F187AD502E}" = Roxio Update Manager
"{3175E049-F9A9-4A3D-8F19-AC9FB04514D1}" = Windows Live Communications Platform
"{33D322FB-0F56-79B5-13A5-B72C901AB4AB}" = Catalyst Control Center Graphics Light
"{350C97B0-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP
"{3A9D04F7-80CA-4755-97EC-6025B515A6B8}" = League of Legends
"{3C3901C5-3455-3E0A-A214-0B093A5070A6}" = Microsoft .NET Framework 4 Client Profile
"{3FC7CBBC4C1E11DCA1A752EA55D89593}" = DivX Version Checker
"{408018E8-85F0-832D-851F-11C31FF939BD}" = ccc-core-static
"{4192EAC0-6B36-4723-B216-D0E86E7757AC}" = Jasc Paint Shop Photo Album 5
"{427E8045-62BF-DD85-079C-21AE345BA815}" = CCC Help Finnish
"{45338B07-A236-4270-9A77-EBB4115517B5}" = Windows Live Sign-in Assistant
"{469EF13B-4AD0-48D7-AF89-6B92278293E2}" = Roxio Creator Premier
"{46DCE6DC-6C9B-0E3F-F9F0-662B8BAFDCA5}" = CCC Help English
"{474F25F5-BDC9-40E5-B1B6-F6BF23FC106F}" = Windows Live Essentials
"{57752979-A1C9-4C02-856B-FBB27AC4E02C}" = QuickTime
"{5EE7D259-D137-4438-9A5F-42F432EC0421}" = VC80CRTRedist - 8.0.50727.4053
"{62A7970B-2586-D420-AC6D-F8CA0E7B5B81}" = Catalyst Control Center Graphics Full Existing
"{6421F085-1FAA-DE13-D02A-CFB412C522A4}" = Acrobat.com
"{651E63E0-772C-CC4F-2C2E-9AF3114925F0}" = CCC Help Spanish
"{6675CA7F-E51B-4F6A-99D4-F8F0124C6EAA}" = Roxio Express Labeler
"{66D171AA-670F-4309-9C74-5BA7F7DBA0B3}" = Roxio Media Manager
"{6811CAA0-BF12-11D4-9EA1-0050BAE317E1}" = PowerDVD
"{6956856F-B6B3-4BE0-BA0B-8F495BE32033}" = Apple Software Update
"{732A305A-88E0-D5ED-EA88-5D9A9B9B8783}" = CCC Help Greek
"{73A4F29F-31AC-4EBD-AA1B-0CC5F18C8F83}" = Roxio Creator Audio
"{75C659EA-EA00-AC02-9F97-5EFDC53AB699}" = ccc-utility
"{7770E71B-2D43-4800-9CB3-5B6CAAEBEBEA}" = RealNetworks - Microsoft Visual C++ 2008 Runtime
"{777A1FE5-9C56-F3D6-A387-79BBE18030DB}" = CCC Help Hungarian
"{789289CA-F73A-4A16-A331-54D498CE069F}" = Ventrilo Client
"{7B63B2922B174135AFC0E1377DD81EC2}" =
"{7BECB8AC-C406-0434-509F-351A17000E8F}" = CCC Help Japanese
"{85EC876D-27B4-D811-1419-BB021AEA351C}" = CCC Help Danish
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8A211E60-DD55-FF66-1C10-FFA05BB32CDA}" = CCC Help Chinese Traditional
"{8A708DD8-A5E6-11D4-A706-000629E95E20}" = Intel® Graphics Media Accelerator Driver
"{8C2690CF-5B74-4F93-8139-7B5644CD6A3B}" = MobileMe Control Panel
"{8D337F77-BE7F-41A2-A7CB-D5A63FD7049B}" = Roxio CinePlayer Decoder Pack
"{8D7133DE-27D2-47E5-B248-4180278D32AA}" = Catalyst Control Center - Branding
"{91CA0409-6000-11D3-8CFE-0150048383C9}" = Microsoft Office Small Business Edition 2003
"{92606477-9366-4D3B-8AE3-6BE4B29727AB}" = League of Legends
"{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting
"{980A182F-E0A2-4A40-94C1-AE0C1235902E}" = Pando Media Booster
"{98605CAA-5F52-44EC-8AF7-2EC1A4C35F2D}" = BlackBerry Desktop Software 4.2.2
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9E2BD6FF-CE8D-47B5-AD9C-0A5C2D54EB3C}" = League of Legends
"{A1F66FC9-11EE-4F2F-98C9-16F8D1E69FB7}" = Segoe UI
"{A2BCA9F1-566C-4805-97D1-7FDC93386723}" = Adobe AIR
"{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}" = Microsoft .NET Framework 3.0 Service Pack 2
"{A462213D-EED4-42C2-9A60-7BDD4D4B0B17}" = SigmaTel Audio
"{A4646CC8-905B-4E6D-A094-4C9FB1621042}" = ArcSoft MediaImpression
"{A57C8520-5970-3FE0-9BC2-520FB6D447D1}" = Catalyst Control Center HydraVision Full
"{AC76BA86-7AD7-1033-7B44-A94000000001}" = Adobe Reader 9.4.3
"{ADB458D8-A0E2-FC9E-6271-DD22CA464A6F}" = CCC Help Polish
"{B13A7C41581B411290FBC0395694E2A9}" = DivX Converter
"{B1C4983E-7720-3970-5F21-5AFF18AEF5BD}" = CCC Help Swedish
"{B57EAFF2-D6EE-4C6C-9175-ED9F17BFC1BC}" = Windows Live Messenger
"{B6A26DE5-F2B5-4D58-9570-4FC760E00FCD}" = Roxio Creator Copy
"{B6E14B01-0C5F-6509-0F27-C92F44DBF34C}" = CCC Help Chinese Standard
"{B98898CD-9097-6D0E-C5B8-418433A00717}" = CCC Help Turkish
"{C07B4B1F-0BD1-7C1A-5765-FAC354EB9AD7}" = CCC Help Korean
"{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}" = Microsoft .NET Framework 2.0 Service Pack 2
"{C388FB07-1679-E1EF-7DE4-172E3FDB595E}" = CCC Help Norwegian
"{CACAEB5F-174D-4C7C-AC56-A33289A807CA}" = Apple Mobile Device Support
"{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}" = Microsoft .NET Framework 1.1
"{CDDCBBF1-2703-46BC-938B-BCC81A1EEAAA}" = SUPERAntiSpyware
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{D32E70CD-819B-6196-0319-42AC224A8982}" = ATI Catalyst Install Manager
"{D6900D91-35A7-5DC4-07D4-AF3123BB3422}" = ATI Problem Report Wizard
"{D8318C33-701B-2E7B-AAE7-9DB37D367D65}" = ccc-core-preinstall
"{E6158D07-2637-4ECF-B576-37C489669174}" = Windows Live Call
"{E854BB9B-BB37-498E-A9F9-DCE5C2EF61FE}" = SmartFTP Client
"{E896DA69-F993-440E-8515-EB197EFB284F}" = BlackBerry Device Software v4.5.0 for the BlackBerry 8320 smartphone
"{E940C734-8AFB-4F22-F102-A00AC8B3069B}" = CCC Help French
"{EA7CFDF5-3C98-7906-E7F6-9758C1415622}" = Catalyst Control Center Graphics Previews Common
"{EC877639-07AB-495C-BFD1-D63AF9140810}" = Roxio Activation Module
"{ED439A64-F018-4DD4-8BA5-328D85AB09AB}" = Roxio Creator Premier
"{EFBF0779-93EE-4261-9CF3-EA68FA7E1152}" = CCC Help Czech
"{F0E12BBA-AD66-4022-A453-A1C8A0C4D570}" = Microsoft Choice Guard
"{F4F4F84E-804F-4E9A-84D7-C34283F0088F}" = RealUpgrade 1.0
"{F989A261-EA16-C585-D081-DEB21EF6784A}" = Catalyst Control Center InstallProxy
"{FCD92A32-25B2-D2C1-7B7B-DFA2E78AD3AC}" = Catalyst Control Center Graphics Full New
"{FCD9CD52-7222-4672-94A0-A722BA702FD0}" = Dell Resource CD
"{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022
"7-Zip" = 7-Zip 4.65
"Adobe AIR" = Adobe AIR
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"BlackBerry_{98605CAA-5F52-44EC-8AF7-2EC1A4C35F2D}" = BlackBerry Desktop Software 4.2.2
"CAL" = Canon Camera Access Library
"CameraWindowDVC5" = Canon Camera Window DC_DV 5 for ZoomBrowser EX
"CameraWindowDVC6" = Canon Camera Window DC_DV 6 for ZoomBrowser EX
"CameraWindowMC" = Canon Camera Window MC 6 for ZoomBrowser EX
"Canon G.726 WMP-Decoder" = Canon G.726 WMP-Decoder
"Card Reader Driver and USIM Editor Program_is1" = USIM Editor 1.0.28.0
"com.adobe.mauby.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1" = Acrobat.com
"CSCLIB" = Canon Camera Support Core Library
"DivX Plus DirectShow Filters" = DivX Plus DirectShow Filters
"DivX Setup.divx.com" = DivX Setup
"doubleTwist" = doubleTwist
"EOS Utility" = Canon Utilities EOS Utility
"EPSON NX110 Series" = EPSON NX110 Series Printer Uninstall
"EPSON Scanner" = EPSON Scan
"ffdshow_is1" = ffdshow [rev 2527] [2008-12-19]
"Handbrake" = Handbrake 0.9.4
"HTMLExecutableIERuntimeSetup44" = HTML Executable IERuntime
"ie7" = Windows Internet Explorer 7
"ie8" = Windows Internet Explorer 8
"Intel® 537EP V9x DF PCI Modem" = Intel® 537EP V9x DF PCI Modem
"Kaiba Corp VDS_is1" = Kaiba Corp Virtual Duel System 1.26
"Microsoft .NET Framework 1.1 (1033)" = Microsoft .NET Framework 1.1
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"MovieEditTask" = Canon MovieEdit Task for ZoomBrowser EX
"MSCompPackV1" = Microsoft Compression Client Pack 1.0 for Windows XP
"MSNINST" = MSN
"N360" = Norton 360
"NirSoft VideoCacheView" = NirSoft VideoCacheView
"NSS" = Norton Security Scan
"PROSet" = Intel® PRO Network Connections Drivers
"RAW Image Task" = Canon RAW Image Task for ZoomBrowser EX
"RealPlayer 12.0" = RealPlayer
"RemoteCaptureTask" = Canon RemoteCapture Task for ZoomBrowser EX
"Security Task Manager" = Security Task Manager 1.8c
"SmartFTP Client 4.0 Setup Files" = SmartFTP Client 4.0 Setup Files (remove only)
"SMPlayer" = SMPlayer 0.6.9
"uTorrent" = µTorrent
"Windows Media Format Runtime" = Windows Media Format 11 runtime
"Windows Media Player" = Windows Media Player 11
"Windows XP Service Pack" = Windows XP Service Pack 3
"WinLiveSuite_Wave3" = Windows Live Essentials
"WMFDist11" = Windows Media Format 11 runtime
"wmp11" = Windows Media Player 11
"Wudf01000" = Microsoft User-Mode Driver Framework Feature Pack 1.0
"ZoomBrowser EX" = Canon Utilities ZoomBrowser EX
========== HKEY_CURRENT_USER Uninstall List ==========
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"BitZipper_is1" = BitZipper 2009
========== Last 10 Event Log Errors ==========
[ Application Events ]
Error - 3/9/2011 4:47:34 PM | Computer Name = MIDWESTHOME | Source = MsiInstaller | ID = 11706
Description = Product: Jasc Paint Shop Photo Album 5 -- Error 1706.No valid source
could be found for product Jasc Paint Shop Photo Album 5. The Windows Installer
cannot continue.
Error - 3/9/2011 4:47:43 PM | Computer Name = MIDWESTHOME | Source = MsiInstaller | ID = 11706
Description = Product: Jasc Paint Shop Photo Album 5 -- Error 1706.No valid source
could be found for product Jasc Paint Shop Photo Album 5. The Windows Installer
cannot continue.
Error - 3/12/2011 10:28:35 PM | Computer Name = MIDWESTHOME | Source = Windows Search Service | ID = 3013
Description = The entry <C:\DOCUMENTS AND SETTINGS\OWNER\MY DOCUMENTS\MY MUSIC\ITUNES\ITUNES
LIBRARY EXTRAS.ITDB-JOURNAL> in the hash map cannot be updated. Context: Application,
SystemIndex Catalog Details: A device attached to the system is not functioning.
(0x8007001f)
Error - 3/12/2011 10:28:35 PM | Computer Name = MIDWESTHOME | Source = Windows Search Service | ID = 3013
Description = The entry <C:\DOCUMENTS AND SETTINGS\OWNER\MY DOCUMENTS\MY MUSIC\ITUNES\ITUNES
LIBRARY GENIUS.ITDB-JOURNAL> in the hash map cannot be updated. Context: Application,
SystemIndex Catalog Details: A device attached to the system is not functioning.
(0x8007001f)
Error - 3/12/2011 10:28:37 PM | Computer Name = MIDWESTHOME | Source = Windows Search Service | ID = 3013
Description = The entry <C:\DOCUMENTS AND SETTINGS\OWNER\MY DOCUMENTS\MY MUSIC\ITUNES\ITUNES
LIBRARY EXTRAS.ITDB-JOURNAL> in the hash map cannot be updated. Context: Application,
SystemIndex Catalog Details: A device attached to the system is not functioning.
(0x8007001f)
Error - 3/20/2011 7:43:44 PM | Computer Name = MIDWESTHOME | Source = Windows Search Service | ID = 3024
Description = The update cannot be started because the content sources cannot be
accessed. Fix the errors and try the update again. Context: Application, SystemIndex
Catalog
Error - 3/22/2011 4:55:09 PM | Computer Name = MIDWESTHOME | Source = Windows Search Service | ID = 3024
Description = The update cannot be started because the content sources cannot be
accessed. Fix the errors and try the update again. Context: Application, SystemIndex
Catalog
Error - 3/22/2011 4:55:09 PM | Computer Name = MIDWESTHOME | Source = Windows Search Service | ID = 3024
Description = The update cannot be started because the content sources cannot be
accessed. Fix the errors and try the update again. Context: Application, SystemIndex
Catalog
Error - 3/25/2011 1:42:17 PM | Computer Name = MIDWESTHOME | Source = Windows Search Service | ID = 3024
Description = The update cannot be started because the content sources cannot be
accessed. Fix the errors and try the update again. Context: Application, SystemIndex
Catalog
Error - 3/25/2011 1:42:17 PM | Computer Name = MIDWESTHOME | Source = Windows Search Service | ID = 3024
Description = The update cannot be started because the content sources cannot be
accessed. Fix the errors and try the update again. Context: Application, SystemIndex
Catalog
[ System Events ]
Error - 3/25/2011 1:54:11 PM | Computer Name = MIDWESTHOME | Source = SideBySide | ID = 16842784
Description = Dependent Assembly Microsoft.VC90.DebugCRT could not be found and
Last Error was The referenced assembly is not installed on your system.
Error - 3/25/2011 1:54:11 PM | Computer Name = MIDWESTHOME | Source = SideBySide | ID = 16842811
Description = Resolve Partial Assembly failed for Microsoft.VC90.DebugCRT. Reference
error message: The referenced assembly is not installed on your system. .
Error - 3/25/2011 1:54:11 PM | Computer Name = MIDWESTHOME | Source = SideBySide | ID = 16842811
Description = Generate Activation Context failed for c:\program files\real\realplayer\plugins\rmxrend.dll.
Reference
error message: The operation completed successfully. .
Error - 3/25/2011 1:56:37 PM | Computer Name = MIDWESTHOME | Source = SideBySide | ID = 16842784
Description = Dependent Assembly Microsoft.VC90.DebugCRT could not be found and
Last Error was The referenced assembly is not installed on your system.
Error - 3/25/2011 1:56:37 PM | Computer Name = MIDWESTHOME | Source = SideBySide | ID = 16842811
Description = Resolve Partial Assembly failed for Microsoft.VC90.DebugCRT. Reference
error message: The referenced assembly is not installed on your system. .
Error - 3/25/2011 1:56:37 PM | Computer Name = MIDWESTHOME | Source = SideBySide | ID = 16842811
Description = Generate Activation Context failed for c:\program files\real\realplayer\plugins\rmxrend.dll.
Reference
error message: The operation completed successfully. .
Error - 3/25/2011 1:57:36 PM | Computer Name = MIDWESTHOME | Source = Service Control Manager | ID = 7034
Description = The iPod Service service terminated unexpectedly. It has done this
1 time(s).
Error - 3/25/2011 1:58:43 PM | Computer Name = MIDWESTHOME | Source = SideBySide | ID = 16842784
Description = Dependent Assembly Microsoft.VC90.DebugCRT could not be found and
Last Error was The referenced assembly is not installed on your system.
Error - 3/25/2011 1:58:43 PM | Computer Name = MIDWESTHOME | Source = SideBySide | ID = 16842811
Description = Resolve Partial Assembly failed for Microsoft.VC90.DebugCRT. Reference
error message: The referenced assembly is not installed on your system. .
Error - 3/25/2011 1:58:43 PM | Computer Name = MIDWESTHOME | Source = SideBySide | ID = 16842811
Description = Generate Activation Context failed for c:\program files\real\realplayer\plugins\rmxrend.dll.
Reference
error message: The operation completed successfully. .
< End of report >
OTL logfile created on: 3/25/2011 3:19:01 PM - Run 1
OTL by OldTimer - Version 3.2.22.3 Folder = C:\Documents and Settings\House Guest\Desktop
Windows XP Home Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy
1,022.00 Mb Total Physical Memory | 197.00 Mb Available Physical Memory | 19.00% Memory free
2.00 Gb Paging File | 2.00 Gb Available in Paging File | 64.00% Paging File free
Paging file location(s): c:\pagefile.sys 1524 3048 [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 232.82 Gb Total Space | 115.20 Gb Free Space | 49.48% Space Free | Partition Type: NTFS
Computer Name: MIDWESTHOME | User Name: House Guest | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days
========== Processes (SafeList) ==========
PRC - [2011/03/25 15:17:23 | 000,580,608 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\House Guest\Desktop\OTL.exe
PRC - [2010/11/19 16:07:13 | 000,274,608 | ---- | M] (RealNetworks, Inc.) -- C:\Program Files\Real\realplayer\Update\realsched.exe
PRC - [2010/10/27 20:17:52 | 000,207,424 | ---- | M] (ArcSoft Inc.) -- C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe
PRC - [2010/10/07 17:29:44 | 007,041,024 | ---- | M] () -- C:\Program Files\USIM Editor\iconcs222643781.exe
PRC - [2010/08/25 11:27:44 | 000,309,824 | ---- | M] (ArcSoft Inc.) -- C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ArcCon.ac
PRC - [2010/03/18 11:19:26 | 000,113,152 | ---- | M] (ArcSoft Inc.) -- C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACService.exe
PRC - [2010/02/25 17:21:50 | 000,126,392 | R--- | M] (Symantec Corporation) -- C:\Program Files\Norton 360 Premier Edition\Engine\4.3.0.5\ccsvchst.exe
PRC - [2008/04/13 17:12:19 | 001,033,728 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
PRC - [2007/12/16 21:00:00 | 000,143,872 | ---- | M] (SEIKO EPSON CORPORATION) -- C:\Documents and Settings\All Users\Application Data\EPSON\EPW!3 SSRP\E_S40ST7.EXE
PRC - [2007/09/17 12:56:08 | 000,124,200 | ---- | M] (CyberLink Corp.) -- C:\Program Files\CyberLink\PowerDVD DX\PDVDDXSrv.exe
PRC - [2007/01/10 21:02:00 | 000,113,664 | ---- | M] (SEIKO EPSON CORPORATION) -- C:\Documents and Settings\All Users\Application Data\EPSON\EPW!3 SSRP\E_S40RP7.EXE
PRC - [2005/09/30 20:22:50 | 000,096,341 | ---- | M] (Canon Inc.) -- C:\Program Files\Canon\CAL\CALMAIN.exe
PRC - [2005/03/22 18:20:44 | 000,339,968 | ---- | M] (SigmaTel, Inc.) -- C:\WINDOWS\stsystra.exe
========== Modules (SafeList) ==========
MOD - [2011/03/25 15:17:23 | 000,580,608 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\House Guest\Desktop\OTL.exe
MOD - [2010/09/20 12:26:01 | 000,415,088 | R--- | M] (Symantec Corporation) -- C:\Program Files\Norton 360 Premier Edition\Engine\4.3.0.5\asoehook.dll
MOD - [2010/08/23 09:12:02 | 001,054,208 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.6028_x-ww_61e65202\comctl32.dll
MOD - [2009/07/12 00:02:02 | 000,653,120 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\WinSxS\x86_Microsoft.VC90.CRT_1fc8b3b9a1e18e3b_9.0.30729.4148_x-ww_d495ac4e\msvcr90.dll
MOD - [2009/07/12 00:02:00 | 000,569,664 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\WinSxS\x86_Microsoft.VC90.CRT_1fc8b3b9a1e18e3b_9.0.30729.4148_x-ww_d495ac4e\msvcp90.dll
========== Win32 Services (SafeList) ==========
SRV - File not found [Auto | Stopped] -- -- (SessionLauncher)
SRV - File not found [On_Demand | Stopped] -- -- (rpcapd) Remote Packet Capture Protocol v.0 (experimental)
SRV - File not found [Auto | Stopped] -- -- (RoxLiveShare10)
SRV - File not found [On_Demand | Stopped] -- -- (AppMgmt)
SRV - File not found [Auto | Stopped] -- -- (AfaService)
SRV - [2010/03/18 11:19:26 | 000,113,152 | ---- | M] (ArcSoft Inc.) [Auto | Running] -- C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACService.exe -- (ACDaemon)
SRV - [2010/02/25 17:21:50 | 000,126,392 | R--- | M] (Symantec Corporation) [Unknown | Running] -- C:\Program Files\Norton 360 Premier Edition\Engine\4.3.0.5\ccSvcHst.exe -- (N360)
SRV - [2007/12/16 21:00:00 | 000,143,872 | ---- | M] (SEIKO EPSON CORPORATION) [Auto | Running] -- C:\Documents and Settings\All Users\Application Data\EPSON\EPW!3 SSRP\E_S40ST7.EXE -- (EPSON_EB_RPCV4_01) EPSON V5 Service4(01)
SRV - [2007/01/10 21:02:00 | 000,113,664 | ---- | M] (SEIKO EPSON CORPORATION) [Auto | Running] -- C:\Documents and Settings\All Users\Application Data\EPSON\EPW!3 SSRP\E_S40RP7.EXE -- (EPSON_PM_RPCV4_01) EPSON V3 Service4(01)
SRV - [2005/09/30 20:22:50 | 000,096,341 | ---- | M] (Canon Inc.) [Auto | Running] -- C:\Program Files\Canon\CAL\CALMAIN.exe -- (CCALib8)
========== Driver Services (SafeList) ==========
DRV - [2011/02/25 14:59:12 | 000,800,376 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Documents and Settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_4.0.0.127\Definitions\BASHDefs\20110309.001\BHDrvx86.sys -- (BHDrvx86)
DRV - [2011/01/12 14:36:01 | 001,360,760 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\Documents and Settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_4.0.0.127\Definitions\VirusDefs\20110325.002\NAVEX15.SYS -- (NAVEX15)
DRV - [2011/01/12 14:36:01 | 000,371,248 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Program Files\Common Files\Symantec Shared\EENGINE\eeCtrl.sys -- (eeCtrl)
DRV - [2011/01/12 14:36:01 | 000,102,448 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\Program Files\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys -- (EraserUtilRebootDrv)
DRV - [2011/01/12 14:36:01 | 000,086,008 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\Documents and Settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_4.0.0.127\Definitions\VirusDefs\20110325.002\NAVENG.SYS -- (NAVENG)
DRV - [2011/01/12 14:20:46 | 000,124,976 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\SYMEVENT.SYS -- (SymEvent)
DRV - [2010/12/17 13:05:10 | 000,006,656 | ---- | M] (Windows ® Codename Longhorn DDK provider) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\iPodDrv.sys -- (iPodDrv)
DRV - [2010/12/01 02:03:34 | 000,341,944 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\Documents and Settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_4.0.0.127\Definitions\IPSDefs\20110324.001\IDSXpx86.sys -- (IDSxpx86)
DRV - [2010/08/04 03:20:14 | 005,243,392 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ati2mtag.sys -- (ati2mtag)
DRV - [2010/05/10 11:41:30 | 000,067,656 | ---- | M] (SUPERAdBlocker.com and SUPERAntiSpyware.com) [Kernel | System | Running] -- C:\Program Files\SUPERAntiSpyware\SASKUTIL.SYS -- (SASKUTIL)
DRV - [2010/05/05 21:01:59 | 000,361,904 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\WINDOWS\System32\Drivers\N360\0403000.005\SYMTDI.SYS -- (SYMTDI)
DRV - [2010/04/28 22:03:51 | 000,116,784 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\N360\0403000.005\Ironx86.SYS -- (SymIRON)
DRV - [2010/04/21 20:02:20 | 000,173,104 | ---- | M] (Symantec Corporation) [File_System | Boot | Running] -- C:\WINDOWS\system32\drivers\N360\0403000.005\SYMEFA.SYS -- (SymEFA)
DRV - [2010/04/21 19:29:50 | 000,325,680 | ---- | M] (Symantec Corporation) [File_System | System | Running] -- C:\WINDOWS\System32\Drivers\N360\0403000.005\SRTSP.SYS -- (SRTSP)
DRV - [2010/04/21 19:29:50 | 000,043,696 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\N360\0403000.005\SRTSPX.SYS -- (SRTSPX) Symantec Real Time Storage Protection (PEL)
DRV - [2010/02/25 17:22:57 | 000,501,888 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\N360\0403000.005\ccHPx86.sys -- (ccHP)
DRV - [2010/02/17 11:25:48 | 000,012,872 | ---- | M] (SUPERAdBlocker.com and SUPERAntiSpyware.com) [Kernel | System | Running] -- C:\Program Files\SUPERAntiSpyware\sasdifsv.sys -- (SASDIFSV)
DRV - [2010/01/28 07:12:02 | 000,095,232 | R--- | M] (ATI Technologies, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\AtiHdmi.sys -- (AtiHdmiService)
DRV - [2009/10/14 20:50:05 | 000,328,752 | R--- | M] (Symantec Corporation) [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\N360\0403000.005\SYMDS.SYS -- (SymDS)
DRV - [2008/05/27 10:52:18 | 000,051,072 | ---- | M] (Generic USB smartcard reader) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\MHIKEY10.sys -- (MHIKEY10)
DRV - [2006/11/10 16:05:00 | 000,018,688 | ---- | M] (Arcsoft, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\afc.sys -- (Afc)
DRV - [2005/03/31 14:22:16 | 000,180,096 | ---- | M] (SigmaTel, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\sthda.sys -- (STHDA) High Definition Audio Driver (WDM)
DRV - [2004/06/15 23:52:40 | 000,061,157 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\IntelC53.sys -- (IntelC53)
DRV - [2004/03/05 23:15:34 | 000,647,929 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\IntelC52.sys -- (IntelC52)
DRV - [2004/03/05 23:14:42 | 001,233,525 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\IntelC51.sys -- (IntelC51)
DRV - [2004/03/05 23:13:38 | 000,037,048 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\mohfilt.sys -- (mohfilt)
DRV - [2001/08/22 08:42:58 | 000,013,632 | ---- | M] (Dell Computer Corporation) [Kernel | System | Running] -- C:\WINDOWS\SYSTEM32\DRIVERS\OMCI.SYS -- (OMCI)
========== Standard Registry (SafeList) ==========
========== Internet Explorer ==========
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local
FF - HKLM\software\mozilla\Firefox\extensions\\{ABDE892B-13A8-4d1b-88E6-365A6E755758}: C:\Documents and Settings\All Users\Application Data\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext [2010/11/19 16:07:57 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Firefox\extensions\\{BBDA0591-3099-440a-AA10-41764D9DB4DB}: C:\Documents and Settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_4.0.0.127\IPSFFPlgn\ [2011/01/12 18:58:04 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Firefox\extensions\\{2D3F3651-74B9-4795-BDEC-6DA2F431CB62}: C:\Documents and Settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_4.0.0.127\coFFPlgn\ [2011/01/12 14:26:08 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Firefox\extensions\\{23fcfd51-4958-4f00-80a3-ae97e717ed8b}: C:\Program Files\DivX\DivX Plus Web Player\firefox\html5video [2011/03/02 17:49:18 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Firefox\extensions\\{6904342A-8307-11DF-A508-4AE2DFD72085}: C:\Program Files\DivX\DivX Plus Web Player\firefox\wpa [2011/03/02 17:49:18 | 000,000,000 | ---D | M]
Hosts file not found
O2 - BHO: (RealPlayer Download and Record Plugin for Internet Explorer) - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Documents and Settings\All Users\Application Data\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll (RealPlayer)
O2 - BHO: (DivX Plus Web Player HTML5 <video>) - {326E768D-4182-46FD-9C16-1449A49795F4} - C:\Program Files\DivX\DivX Plus Web Player\npdivx32.dll (DivX, LLC)
O2 - BHO: (DivX HiQ) - {593DDEC6-7468-4cdd-90E1-42DADAA222E9} - C:\Program Files\DivX\DivX Plus Web Player\npdivx32.dll (DivX, LLC)
O2 - BHO: (Symantec NCO BHO) - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files\Norton 360 Premier Edition\Engine\4.3.0.5\coieplg.dll (Symantec Corporation)
O2 - BHO: (PodcastBHO Class) - {65134FDF-F8A5-4B3D-91D9-CDF273CFD578} - C:\Program Files\Common Files\doubleTwist\IEPodcastPlugin.dll (doubleTwist Corporation)
O2 - BHO: (Symantec Intrusion Prevention) - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files\Norton 360 Premier Edition\Engine\4.3.0.5\ipsbho.dll (Symantec Corporation)
O2 - BHO: (Java Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - File not found
O3 - HKLM\..\Toolbar: (Norton Toolbar) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files\Norton 360 Premier Edition\Engine\4.3.0.5\coieplg.dll (Symantec Corporation)
O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (Norton Toolbar) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files\Norton 360 Premier Edition\Engine\4.3.0.5\coieplg.dll (Symantec Corporation)
O4 - HKLM..\Run: [ArcSoft Connection Service] C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe (ArcSoft Inc.)
O4 - HKLM..\Run: [DivXUpdate] C:\Program Files\DivX\DivX Update\DivXUpdate.exe ()
O4 - HKLM..\Run: [PDVDDXSrv] C:\Program Files\CyberLink\PowerDVD DX\PDVDDXSrv.exe (CyberLink Corp.)
O4 - HKLM..\Run: [RoxWatchTray] C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxWatchTray9.exe (Sonic Solutions)
O4 - HKLM..\Run: [SigmatelSysTrayApp] C:\WINDOWS\stsystra.exe (SigmaTel, Inc.)
O4 - HKLM..\Run: [StartCCC] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.)
O4 - HKLM..\Run: [TkBellExe] C:\program files\real\realplayer\update\realsched.exe (RealNetworks, Inc.)
O4 - HKLM..\Run: [USBestCR] C:\Program Files\USIM Editor\iconcs222643781.exe ()
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoCDBurning = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O16 - DPF: {44990301-3C9D-426D-81DF-AAB636FA4345} https://www-secure.s...abs/tgctlsr.cab (Symantec Script Runner Class)
O16 - DPF: {67DABFBF-D0AB-41FA-9C46-CC0F21721616} http://download.divx...owserPlugin.cab (DivXBrowserPlugin Object)
O16 - DPF: {A3256902-51FA-45A0-8A97-FC1143C169D9} http://support.micro...gWebControl.cab (Diagnostics ActiveX WebControl)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload.ma...ash/swflash.cab (Shockwave Flash Object)
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.ad...Plus/1.6/gp.cab (Reg Error: Key error.)
O16 - DPF: Microsoft XML Parser for Java file://C:\WINDOWS\Java\classes\xmldso.cab (Reg Error: Key error.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1 192.168.1.1
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - Winlogon\Notify\!SASWinLogon: DllName - C:\Program Files\SUPERAntiSpyware\SASWINLO.DLL - C:\Program Files\SUPERAntiSpyware\SASWINLO.DLL (SUPERAntiSpyware.com)
O20 - Winlogon\Notify\AtiExtEvent: DllName - Ati2evxx.dll - C:\WINDOWS\System32\ati2evxx.dll (ATI Technologies Inc.)
O24 - Desktop WallPaper: C:\WINDOWS\Web\Wallpaper\Bliss.bmp
O24 - Desktop BackupWallPaper: C:\WINDOWS\Web\Wallpaper\Bliss.bmp
O28 - HKLM ShellExecuteHooks: {56F9679E-7826-4C84-81F3-532071A8BCC5} - C:\Program Files\Windows Desktop Search\MsnlNamespaceMgr.dll (Microsoft Corporation)
O28 - HKLM ShellExecuteHooks: {5AE067D3-9AFB-48E0-853A-EBB7F4A000DA} - C:\Program Files\SUPERAntiSpyware\SASSEH.DLL (SuperAdBlocker.com)
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2009/12/16 15:04:03 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
========== Files/Folders - Created Within 30 Days ==========
[2011/03/25 15:17:20 | 000,580,608 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\House Guest\Desktop\OTL.exe
[2011/03/25 12:41:41 | 000,000,000 | ---D | C] -- C:\Documents and Settings\House Guest\Desktop\Gears 2
[2011/03/25 12:41:35 | 000,000,000 | ---D | C] -- C:\Documents and Settings\House Guest\Desktop\Student Exercise Files
[2011/03/25 10:45:40 | 000,000,000 | ---D | C] -- C:\Documents and Settings\House Guest\My Documents\New Folder (2)
[2011/03/17 16:26:25 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\McAfee
[2011/03/17 16:20:06 | 000,000,000 | ---D | C] -- C:\Program Files\uTorrent
[2011/03/14 16:14:10 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\iTunes
[2011/03/14 16:12:32 | 000,000,000 | ---D | C] -- C:\Program Files\iPod
[2011/03/04 23:09:51 | 000,000,000 | ---D | C] -- C:\Documents and Settings\House Guest\Start Menu\Programs\Ventrilo
[2011/03/04 23:09:07 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Wise Installation Wizard
[2011/03/04 14:35:53 | 000,000,000 | ---D | C] -- C:\Program Files\iTunes
[2011/03/04 14:31:27 | 000,000,000 | ---D | C] -- C:\Program Files\Bonjour
[2011/03/02 18:02:19 | 000,000,000 | ---D | C] -- C:\Documents and Settings\House Guest\Application Data\DDMSettings
[2011/02/26 12:25:39 | 000,000,000 | ---D | C] -- C:\Documents and Settings\House Guest\Desktop\E0000314FA661940
[2011/02/26 12:20:30 | 000,000,000 | ---D | C] -- C:\Documents and Settings\House Guest\Desktop\USB XTAF Xplorer
[2011/02/26 12:19:37 | 000,000,000 | ---D | C] -- C:\Documents and Settings\House Guest\Desktop\Splinter Cell Conviction
[2010/11/14 21:08:31 | 041,487,388 | ---- | C] (Zyda-Capital Ltd.) -- C:\Program Files\ebayreplaygbook.exe
[2010/11/12 19:04:53 | 009,991,650 | ---- | C] (Zyd-Capital) -- C:\Program Files\EBay Replay Book Preview.exe
[2010/11/09 13:45:41 | 014,056,000 | ---- | C] (SmartSoft Ltd) -- C:\Program Files\SFTPMSI.exe
[7 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
[2 C:\WINDOWS\System32\dllcache\*.tmp files -> C:\WINDOWS\System32\dllcache\*.tmp -> ]
[13 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
========== Files - Modified Within 30 Days ==========
[2011/03/25 15:17:23 | 000,580,608 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\House Guest\Desktop\OTL.exe
[2011/03/25 12:10:46 | 000,000,298 | ---- | M] () -- C:\WINDOWS\tasks\RealUpgradeScheduledTaskS-1-5-21-1229272821-1677128483-839522115-1004.job
[2011/03/25 12:10:46 | 000,000,290 | ---- | M] () -- C:\WINDOWS\tasks\RealUpgradeLogonTaskS-1-5-21-1229272821-1677128483-839522115-1004.job
[2011/03/25 10:29:49 | 000,000,278 | ---- | M] () -- C:\WINDOWS\tasks\RealUpgradeLogonTaskS-1-5-21-1229272821-1677128483-839522115-1003.job
[2011/03/25 10:29:48 | 000,000,282 | ---- | M] () -- C:\WINDOWS\tasks\RealUpgradeLogonTaskS-1-5-21-1229272821-1677128483-839522115-1006.job
[2011/03/25 10:28:57 | 000,013,646 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2011/03/25 10:28:47 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2011/03/24 17:08:28 | 000,000,474 | -H-- | M] () -- C:\WINDOWS\tasks\Norton Security Scan for Owner.job
[2011/03/23 09:25:28 | 000,000,286 | ---- | M] () -- C:\WINDOWS\tasks\RealUpgradeScheduledTaskS-1-5-21-1229272821-1677128483-839522115-1003.job
[2011/03/22 09:33:55 | 000,001,729 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Adobe Reader 9.lnk
[2011/03/21 21:57:21 | 000,000,290 | ---- | M] () -- C:\WINDOWS\tasks\RealUpgradeScheduledTaskS-1-5-21-1229272821-1677128483-839522115-1006.job
[2011/03/16 03:00:54 | 000,001,374 | ---- | M] () -- C:\WINDOWS\imsins.BAK
[2011/03/14 16:14:11 | 000,001,542 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\iTunes.lnk
[2011/03/13 09:39:40 | 000,504,508 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
[2011/03/13 09:39:40 | 000,086,914 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
[2011/03/04 23:09:52 | 000,000,250 | ---- | M] () -- C:\WINDOWS\{789289CA-F73A-4A16-A331-54D498CE069F}_WiseFW.ini
[7 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
[2 C:\WINDOWS\System32\dllcache\*.tmp files -> C:\WINDOWS\System32\dllcache\*.tmp -> ]
[13 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
========== Files Created - No Company Name ==========
[2011/03/22 09:33:54 | 000,001,729 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Adobe Reader 9.lnk
[2011/03/17 15:45:03 | 000,000,282 | ---- | C] () -- C:\WINDOWS\tasks\RealUpgradeLogonTaskS-1-5-21-1229272821-1677128483-839522115-1006.job
[2011/03/17 15:45:02 | 000,000,290 | ---- | C] () -- C:\WINDOWS\tasks\RealUpgradeScheduledTaskS-1-5-21-1229272821-1677128483-839522115-1006.job
[2011/03/14 16:14:10 | 000,001,542 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\iTunes.lnk
[2011/03/08 23:43:44 | 000,000,290 | ---- | C] () -- C:\WINDOWS\tasks\RealUpgradeLogonTaskS-1-5-21-1229272821-1677128483-839522115-1004.job
[2011/03/04 23:09:40 | 000,000,250 | ---- | C] () -- C:\WINDOWS\{789289CA-F73A-4A16-A331-54D498CE069F}_WiseFW.ini
[2011/02/20 21:48:23 | 000,000,000 | ---- | C] () -- C:\WINDOWS\nsreg.dat
[2011/02/08 01:19:37 | 000,152,184 | ---- | C] () -- C:\Documents and Settings\LocalService\Local Settings\Application Data\FontCache3.0.0.0.dat
[2011/01/29 09:44:01 | 000,000,127 | ---- | C] () -- C:\Documents and Settings\All Users\Application Data\Microsoft.SqlServer.Compact.351.32.bc
[2011/01/29 09:43:30 | 000,057,344 | ---- | C] () -- C:\WINDOWS\System32\ff_vfw.dll
[2010/12/16 23:13:18 | 000,000,025 | ---- | C] () -- C:\WINDOWS\popcinfot.dat
[2010/12/11 20:42:11 | 014,838,814 | ---- | C] () -- C:\Program Files\smplayer-0.6.9-win32.exe
[2010/11/02 19:33:48 | 000,000,000 | ---- | C] () -- C:\WINDOWS\ativpsrm.bin
[2010/11/02 19:33:35 | 000,887,724 | ---- | C] () -- C:\WINDOWS\System32\ativva6x.dat
[2010/11/02 19:33:35 | 000,219,348 | ---- | C] () -- C:\WINDOWS\System32\atiicdxx.dat
[2010/11/02 19:33:35 | 000,000,003 | ---- | C] () -- C:\WINDOWS\System32\ativva5x.dat
[2010/11/02 19:28:23 | 000,001,324 | ---- | C] () -- C:\WINDOWS\System32\d3d9caps.dat
[2010/06/27 17:19:58 | 000,000,256 | ---- | C] () -- C:\WINDOWS\System32\pool.bin
[2010/06/11 22:09:23 | 000,000,176 | ---- | C] () -- C:\WINDOWS\System32\MRT.INI
[2010/05/29 17:35:11 | 000,014,336 | ---- | C] () -- C:\Documents and Settings\House Guest\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2009/12/27 14:38:42 | 000,000,376 | ---- | C] () -- C:\WINDOWS\ODBC.INI
[2009/12/16 17:01:29 | 000,006,550 | ---- | C] () -- C:\WINDOWS\jautoexp.dat
[2009/12/16 15:06:01 | 000,002,048 | --S- | C] () -- C:\WINDOWS\bootstat.dat
[2009/12/16 15:01:44 | 000,022,720 | ---- | C] () -- C:\WINDOWS\System32\emptyregdb.dat
[2009/12/16 05:47:02 | 000,004,161 | ---- | C] () -- C:\WINDOWS\ODBCINST.INI
[2009/12/16 05:45:58 | 000,246,312 | ---- | C] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2009/02/18 11:55:20 | 000,294,912 | ---- | C] () -- C:\WINDOWS\System32\ATIODE.exe
[2009/02/03 14:52:02 | 000,045,056 | ---- | C] () -- C:\WINDOWS\System32\ATIODCLI.exe
[2008/05/26 22:59:42 | 000,018,904 | ---- | C] () -- C:\WINDOWS\System32\structuredqueryschematrivial.bin
[2008/05/26 22:59:40 | 000,106,605 | ---- | C] () -- C:\WINDOWS\System32\structuredqueryschema.bin
[2007/09/27 11:51:02 | 000,020,698 | ---- | C] () -- C:\WINDOWS\System32\idxcntrs.ini
[2007/09/27 11:48:48 | 000,030,628 | ---- | C] () -- C:\WINDOWS\System32\gsrvctr.ini
[2007/09/27 11:48:28 | 000,031,698 | ---- | C] () -- C:\WINDOWS\System32\gthrctr.ini
[2005/03/22 11:48:43 | 013,107,200 | ---- | C] () -- C:\WINDOWS\System32\oembios.bin
[2005/03/22 11:48:43 | 000,004,627 | ---- | C] () -- C:\WINDOWS\System32\oembios.dat
[2004/08/04 03:00:00 | 000,673,088 | ---- | C] () -- C:\WINDOWS\System32\mlang.dat
[2004/08/04 03:00:00 | 000,504,508 | ---- | C] () -- C:\WINDOWS\System32\perfh009.dat
[2004/08/04 03:00:00 | 000,272,128 | ---- | C] () -- C:\WINDOWS\System32\perfi009.dat
[2004/08/04 03:00:00 | 000,218,003 | ---- | C] () -- C:\WINDOWS\System32\dssec.dat
[2004/08/04 03:00:00 | 000,086,914 | ---- | C] () -- C:\WINDOWS\System32\perfc009.dat
[2004/08/04 03:00:00 | 000,046,258 | ---- | C] () -- C:\WINDOWS\System32\mib.bin
[2004/08/04 03:00:00 | 000,028,626 | ---- | C] () -- C:\WINDOWS\System32\perfd009.dat
[2004/08/04 03:00:00 | 000,004,569 | ---- | C] () -- C:\WINDOWS\System32\secupd.dat
[2004/08/04 03:00:00 | 000,001,804 | ---- | C] () -- C:\WINDOWS\System32\dcache.bin
[2004/08/04 03:00:00 | 000,000,741 | ---- | C] () -- C:\WINDOWS\System32\noise.dat
[2003/01/07 16:05:08 | 000,002,695 | ---- | C] () -- C:\WINDOWS\System32\OUTLPERF.INI
========== LOP Check ==========
[2009/12/20 21:04:31 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Citrix
[2009/12/16 17:52:31 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\EPSON
[2011/01/26 00:22:21 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\PMB Files
[2010/12/15 22:23:15 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\PopCap Games
[2011/01/13 20:19:58 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\SecTaskMan
[2010/10/07 18:57:09 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\TEMP
[2009/12/18 19:18:12 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Uninstall
[2010/05/16 18:25:36 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\WinZip
[2010/04/07 10:19:44 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\{429CAD59-35B1-4DBC-BB6D-1DB246563521}
[2009/12/27 13:14:31 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\{755AC846-7372-4AC8-8550-C52491DAA8BD}
[2010/08/31 21:46:22 | 000,000,000 | ---D | M] -- C:\Documents and Settings\House Guest\Application Data\.minecraft
[2010/10/06 17:50:02 | 000,000,000 | ---D | M] -- C:\Documents and Settings\House Guest\Application Data\AnvSoft
[2010/10/10 10:12:14 | 000,000,000 | ---D | M] -- C:\Documents and Settings\House Guest\Application Data\Any Flv Converter
[2010/12/15 22:31:39 | 000,000,000 | ---D | M] -- C:\Documents and Settings\House Guest\Application Data\BitTorrent
[2010/03/30 22:07:55 | 000,000,000 | ---D | M] -- C:\Documents and Settings\House Guest\Application Data\BitZipper
[2010/06/27 16:33:08 | 000,000,000 | ---D | M] -- C:\Documents and Settings\House Guest\Application Data\Blackberry Desktop
[2011/03/02 18:02:19 | 000,000,000 | ---D | M] -- C:\Documents and Settings\House Guest\Application Data\DDMSettings
[2011/01/07 20:55:57 | 000,000,000 | ---D | M] -- C:\Documents and Settings\House Guest\Application Data\EPSON
[2010/11/03 22:49:30 | 000,000,000 | ---D | M] -- C:\Documents and Settings\House Guest\Application Data\FixCleaner
[2011/01/16 16:18:15 | 000,000,000 | ---D | M] -- C:\Documents and Settings\House Guest\Application Data\GameTuts
[2010/10/10 10:17:00 | 000,000,000 | ---D | M] -- C:\Documents and Settings\House Guest\Application Data\HandBrake
[2010/11/12 19:05:12 | 000,000,000 | ---D | M] -- C:\Documents and Settings\House Guest\Application Data\HTML Executable
[2010/12/02 18:42:43 | 000,000,000 | ---D | M] -- C:\Documents and Settings\House Guest\Application Data\LolClient
[2010/11/17 14:13:40 | 000,000,000 | ---D | M] -- C:\Documents and Settings\House Guest\Application Data\main.542EE8ACF7F339584A023BE012CB4512BACF448C.1
[2010/06/27 17:19:59 | 000,000,000 | ---D | M] -- C:\Documents and Settings\House Guest\Application Data\Research In Motion
[2010/12/12 12:12:49 | 000,000,000 | ---D | M] -- C:\Documents and Settings\House Guest\Application Data\Windows Desktop Search
[2010/12/21 23:46:01 | 000,000,000 | ---D | M] -- C:\Documents and Settings\House Guest\Application Data\Windows Search
[2010/11/06 16:13:02 | 000,000,000 | ---D | M] -- C:\Documents and Settings\House Guest\Application Data\WinMount
========== Purity Check ==========
========== Alternate Data Streams ==========
@Alternate Data Stream - 137 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:0CB6E0BD
< End of report >