I thought, hmm maybe it got a virus, and I installed the first "pay for" antivirus I have ever bought, Norton. And it only got slower! I was using AVG or AVAST I forget now which one since I believe I had one on this computer and AVAST on the laptop. Anyhow. Since finding this forum in my search for a trojan removal tool for my laptop (which I successfully removed using several tools described by the forum! THANK YOU!!) I have started to look into how to help/fix this computer. I have run Goored.exe and TDSSkiller.exe and aswMBR.exe (this one crashed and did not complete)
I currently still have Norton antivirus running, but have uninstalled the Norton Utilities.
It literally can take me hours just to open Outlook to download, read and reply to email messages. And it took 20minutes just to open Quickbooks the other day. I really can't afford that amount of time for such basic tasks and at the same time hate to "dump" this machine and be forced to buy a new computer.
the OTL extras file is below and below that is the OTL.txt file
Thank you very much in advance for any assistance! Please help me get through the winter with this machine.
OTL Extras logfile created on: 10/7/2011 6:04:19 PM - Run 1
OTL by OldTimer - Version 3.2.29.1 Folder = C:\Documents and Settings\Kathy\My Documents\Downloads
Windows XP Home Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy
1022.10 Mb Total Physical Memory | 164.22 Mb Available Physical Memory | 16.07% Memory free
2.55 Gb Paging File | 1.10 Gb Available in Paging File | 43.23% Paging File free
Paging file location(s): C:\pagefile.sys 1536 3072 [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 148.95 Gb Total Space | 84.12 Gb Free Space | 56.47% Space Free | Partition Type: NTFS
Drive I: | 0.86 Mb Total Space | 0.00 Mb Free Space | 0.00% Space Free | Partition Type: CDFS
Drive J: | 930.86 Gb Total Space | 841.25 Gb Free Space | 90.37% Space Free | Partition Type: NTFS
Computer Name: 5L4NRD1 | User Name: Kathy | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days
========== Extra Registry (SafeList) ==========
========== File Associations ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)
========== Shell Spawning ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
exefile [open] -- "%1" %*
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
========== Security Center Settings ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"FirstRunDisabled" = 1
"AntiVirusDisableNotify" = 0
"FirewallDisableNotify" = 0
"UpdatesDisableNotify" = 0
"AntiVirusOverride" = 0
"FirewallOverride" = 0
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall]
========== System Restore Settings ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Sr]
"Start" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SrService]
"Start" = 2
========== Firewall Settings ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List]
"1900:UDP" = 1900:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22007
"2869:TCP" = 2869:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22008
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 0
"DoNotAllowExceptions" = 0
"DisableNotifications" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
"139:TCP" = 139:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22004
"445:TCP" = 445:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22005
"137:UDP" = 137:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22001
"138:UDP" = 138:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22002
"10421:UDP" = 10421:UDP:*:Enabled:SingleClick Discovery Protocol
"10426:UDP" = 10426:UDP:*:Enabled:SingleClick ICC
"1900:UDP" = 1900:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22007
"2869:TCP" = 2869:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22008
========== Authorized Applications List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
"C:\Program Files\Roxio\Digital Home 9\RoxioUPnPRenderer9.exe" = C:\Program Files\Roxio\Digital Home 9\RoxioUPnPRenderer9.exe:*:Enabled:RoxioUPnPRenderer9
"C:\Program Files\Roxio\Digital Home 9\RoxioUpnpService9.exe" = C:\Program Files\Roxio\Digital Home 9\RoxioUpnpService9.exe:*:Enabled:RoxioUpnpService9
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"C:\Program Files\Dell AIO Printer 948\dldfmon.exe" = C:\Program Files\Dell AIO Printer 948\dldfmon.exe:*:Enabled:Printer Device Monitor -- ()
"C:\Documents and Settings\Kathy\Local Settings\Application Data\Abacast\Abaclient.exe" = C:\Documents and Settings\Kathy\Local Settings\Application Data\Abacast\Abaclient.exe:*:Enabled:Abaclient -- (Abacast, Inc.)
"C:\Program Files\Roxio\Media Manager 9\MediaManager9.exe" = C:\Program Files\Roxio\Media Manager 9\MediaManager9.exe:*:Enabled:MediaManager9 Module
"C:\Program Files\Roxio\Digital Home 9\RoxioUPnPRenderer9.exe" = C:\Program Files\Roxio\Digital Home 9\RoxioUPnPRenderer9.exe:*:Enabled:RoxioUPnPRenderer9
"C:\Program Files\Roxio\Digital Home 9\RoxioUpnpService9.exe" = C:\Program Files\Roxio\Digital Home 9\RoxioUpnpService9.exe:*:Enabled:RoxioUpnpService9
"C:\WINDOWS\system32\dpvsetup.exe" = C:\WINDOWS\system32\dpvsetup.exe:*:Enabled:Microsoft DirectPlay Voice Test -- (Microsoft Corporation)
"C:\Program Files\Nokia\Nokia Software Updater\nsu_ui_client.exe" = C:\Program Files\Nokia\Nokia Software Updater\nsu_ui_client.exe:*:Enabled:Nokia Software Updater
"C:\Program Files\Common Files\Nokia\Service Layer\A\nsl_host_process.exe" = C:\Program Files\Common Files\Nokia\Service Layer\A\nsl_host_process.exe:*:Enabled:Nokia Service Layer Host Process
"C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe" = C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe:*:Enabled:Yahoo! Messenger -- (Yahoo! Inc.)
"C:\Program Files\Yahoo!\Messenger\YServer.exe" = C:\Program Files\Yahoo!\Messenger\YServer.exe:*:Enabled:Yahoo! FT Server -- (Yahoo! Inc.)
"C:\WINDOWS\system32\spool\drivers\w32x86\3\dldfpswx.exe" = C:\WINDOWS\system32\spool\drivers\w32x86\3\dldfpswx.exe:*:Enabled:Printer Status Window Interface -- ()
"C:\Program Files\uTorrent\uTorrent.exe" = C:\Program Files\uTorrent\uTorrent.exe:*:Enabled:µTorrent -- ()
"C:\Program Files\Shareaza\Shareaza.exe" = C:\Program Files\Shareaza\Shareaza.exe:*:Enabled:Shareaza Ultimate File Sharing -- (Shareaza Development Team)
"C:\Program Files\Dell AIO Printer 948\dldfafcn.exe" = C:\Program Files\Dell AIO Printer 948\dldfafcn.exe:*:Enabled: -- ()
"C:\Program Files\AVG\AVG8\avgupd.exe" = C:\Program Files\AVG\AVG8\avgupd.exe:*:Enabled:avgupd.exe
"C:\Program Files\Dell Network Assistant\ezi_hnm2.exe" = C:\Program Files\Dell Network Assistant\ezi_hnm2.exe:*:Enabled:Dell Network Assistant -- (SingleClick Systems)
"C:\Program Files\Dell AIO Printer 948\dldfaiox.exe" = C:\Program Files\Dell AIO Printer 948\dldfaiox.exe:*:Enabled:AIOC exe -- ()
"C:\Program Files\Intuit\QuickBooks 2008\QBDBMgrN.exe" = C:\Program Files\Intuit\QuickBooks 2008\QBDBMgrN.exe:*:Enabled:QuickBooks 2011 Data Manager -- (Intuit, Inc.)
"C:\WINDOWS\system32\lxeccoms.exe" = C:\WINDOWS\system32\lxeccoms.exe:*:Enabled:Pro800-Pro900 Series Server -- ( )
"C:\Program Files\Abbyy FineReader 6.0 Sprint\Scan\ScanMan6.exe" = C:\Program Files\Abbyy FineReader 6.0 Sprint\Scan\ScanMan6.exe:*:Enabled:ABBYY FineReader -- (ABBYY (BIT Software))
========== HKEY_LOCAL_MACHINE Uninstall List ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{00106F6E-29AA-4F6A-B5F2-04A13DFEF6A5}" = RSDLite
"{0240BDFB-2995-4A3F-8C96-18D41282B716}" = Dell Network Assistant
"{0394CDC8-FABD-4ed8-B104-03393876DFDF}" = Roxio Creator Tools
"{0C2AF762-0565-4C91-9F55-B8B53BB82A38}" = Microsoft Office Accounting 2008 Equifax Addin
"{0D397393-9B50-4c52-84D5-77E344289F87}" = Roxio Creator Data
"{10812DE7-2E57-4740-B226-6B3BE34AF9D7}" = Lexmark Tools for Office
"{11E0AC7D-6822-4F67-865F-EE1C13D28C38}" = QuickBooks Pro 2011
"{1D70AABC-CB59-4700-A708-EA56D1CA07B0}" = QuickBooks
"{1D76A52C-87A6-4AB0-A7B0-08C8D5DF1D75}" = Motorola Mobile Drivers Installation 5.2.0
"{1DD81E7D-0D28-4CEB-87B2-C041A4FCB215}" = Rapport
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{212748BB-0DA5-46DE-82A1-403736DC9F27}" = MSVC80_x86
"{26A24AE4-039D-4CA4-87B4-2F83216010FF}" = Java™ 6 Update 22
"{270940EA-C235-40D9-B2AE-2D450356DF8E}" = Microsoft Office Accounting 2008
"{2750B389-A2D2-4953-99CA-27C1F2A8E6FD}" = Microsoft SQL Server 2005 Tools Express Edition
"{281ECE39-F043-492B-8337-F2E546B5604A}" = PowerDVD
"{2AFA5FC0-2166-11D6-B294-00B0D0B36B37}" = Otter32
"{2AFFFDD7-ED85-4A90-8C52-5DA9EBDC9B8F}" = Microsoft SQL Server 2005 Express Edition (MSSMLBIZ)
"{2CD2C0DB-81C3-416B-9FA6-589B9235359B}" = OpenOffice.org 2.4
"{2CE5A2E7-3437-4CE7-BCF4-85ED6EEFF9E4}" = iTunes
"{2F4C24E6-CBD4-4AAC-B56F-C9FD44DE5668}" = Roxio Drag-to-Disc
"{30465B6C-B53F-49A1-9EBA-A3F187AD502E}" = Roxio Update Manager
"{3248F0A8-6813-11D6-A77B-00B0D0150060}" = J2SE Runtime Environment 5.0 Update 6
"{3248F0A8-6813-11D6-A77B-00B0D0160030}" = Java™ 6 Update 3
"{3248F0A8-6813-11D6-A77B-00B0D0160040}" = Java™ 6 Update 4
"{3248F0A8-6813-11D6-A77B-00B0D0160050}" = Java™ 6 Update 5
"{3248F0A8-6813-11D6-A77B-00B0D0160070}" = Java™ 6 Update 7
"{350C97B0-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP
"{35E1EC43-D4FC-4E4A-AAB3-20DDA27E8BB0}" = Sonic Activation Module
"{388E4B09-3E71-4649-8921-F44A3A2954A7}" = Microsoft Visual Studio 2005 Tools for Office Runtime
"{3AC54383-31D1-4907-961B-B12CBB1D0AE8}" = MobileMe Control Panel
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{50120000-1105-0000-0000-0000000FF1CE}" = Microsoft Office 2007 Primary Interop Assemblies
"{508CE775-4BA4-4748-82DF-FE28DA9F03B0}" = Windows Live Messenger
"{53F5C3EE-05ED-4830-994B-50B2F0D50FCE}" = Microsoft SQL Server Setup Support Files (English)
"{56C049BE-79E9-4502-BEA7-9754A3E60F9B}" = neroxml
"{5905F42D-3F5F-4916-ADA6-94A3646AEE76}" = Dell Driver Reset Tool
"{5A0C892E-FD1C-4203-941E-0956AED20A6A}" = APC PowerChute Personal Edition
"{5A3F6A80-7913-475E-8B96-477A952CFA43}" = SupportSoft Assisted Service
"{5C82DAE5-6EB0-4374-9254-BE3319BA4E82}" = Skype™ 3.8
"{5FA793A6-0071-42C1-9355-8F69A428C44F}" = Microsoft Office Accounting ADP Payroll Addin
"{619CDD8A-14B6-43a1-AB6C-0F4EE48CE048}" = Roxio Creator Copy
"{6675CA7F-E51B-4F6A-99D4-F8F0124C6EAA}" = Roxio Express Labeler
"{6956856F-B6B3-4BE0-BA0B-8F495BE32033}" = Apple Software Update
"{6D52C408-B09A-4520-9B18-475B81D393F1}" = Microsoft Works
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{716E0306-8318-4364-8B8F-0CC4E9376BAC}" = MSXML 4.0 SP2 Parser and SDK
"{7670D32F-DAE6-4E49-8C8B-B3F08B5B1686}" = Microsoft SQL Server Native Client
"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
"{777CA40C-0206-4EF6-A0FC-618BF06BF8D0}" = Intel® PRO Network Connections 12.1.8.0
"{7EFA5E6F-74F7-4AFB-8AEA-AA790BD3A76D}" = DellSupport
"{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable
"{83FFCFC7-88C6-41c6-8752-958A45325C82}" = Roxio Creator Audio
"{86CE85E6-DBAC-3FFD-B977-E4B79F83C909}" = Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570
"{880AF49C-34F7-4285-A8AD-8F7A3D1C33DC}" = Roxio Creator BDAV Plugin
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{90120000-0010-0409-0000-0000000FF1CE}" = Microsoft Software Update for Web Folders (English) 12
"{90120000-0016-0409-0000-0000000FF1CE}" = Microsoft Office Excel MUI (English) 2007
"{90120000-0016-0409-0000-0000000FF1CE}_BASICR_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0016-0409-0000-0000000FF1CE}_SMALLBUSINESSR_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0018-0409-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (English) 2007
"{90120000-0018-0409-0000-0000000FF1CE}_SMALLBUSINESSR_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0019-0409-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (English) 2007
"{90120000-0019-0409-0000-0000000FF1CE}_SMALLBUSINESSR_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001A-0409-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (English) 2007
"{90120000-001A-0409-0000-0000000FF1CE}_BASICR_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001A-0409-0000-0000000FF1CE}_SMALLBUSINESSR_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001B-0409-0000-0000000FF1CE}" = Microsoft Office Word MUI (English) 2007
"{90120000-001B-0409-0000-0000000FF1CE}_BASICR_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001B-0409-0000-0000000FF1CE}_SMALLBUSINESSR_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-0409-0000-0000000FF1CE}_BASICR_{ABDDE972-355B-4AF1-89A8-DA50B7B5C045}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2007
"{90120000-001F-040C-0000-0000000FF1CE}_BASICR_{F580DDD5-8D37-4998-968E-EBB76BB86787}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-0C0A-0000-0000000FF1CE}" = Microsoft Office Proof (Spanish) 2007
"{90120000-001F-0C0A-0000-0000000FF1CE}_BASICR_{187308AB-5FA7-4F14-9AB9-D290383A10D9}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-002C-0409-0000-0000000FF1CE}" = Microsoft Office Proofing (English) 2007
"{90120000-006E-0409-0000-0000000FF1CE}" = Microsoft Office Shared MUI (English) 2007
"{90120000-006E-0409-0000-0000000FF1CE}_BASICR_{DE5A002D-8122-4278-A7EE-3121E7EA254E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-006E-0409-0000-0000000FF1CE}_SMALLBUSINESSR_{DE5A002D-8122-4278-A7EE-3121E7EA254E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0115-0409-0000-0000000FF1CE}" = Microsoft Office Shared Setup Metadata MUI (English) 2007
"{90120000-0115-0409-0000-0000000FF1CE}_BASICR_{DE5A002D-8122-4278-A7EE-3121E7EA254E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90140000-2005-0000-0000-0000000FF1CE}" = Microsoft Office File Validation Add-In
"{90A40409-6000-11D3-8CFE-0150048383C9}" = Microsoft Office 2003 Web Components
"{91120000-0013-0000-0000-0000000FF1CE}" = Microsoft Office Basic 2007
"{91120000-0013-0000-0000-0000000FF1CE}_BASICR_{0B36C6D6-F5D8-4EAF-BF94-4376A230AD5B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{91120000-0013-0000-0000-0000000FF1CE}_BASICR_{3D019598-7B59-447A-80AE-815B703B84FF}" = Security Update for Microsoft Office system 2007 (972581)
"{91120000-00CA-0000-0000-0000000FF1CE}" = Microsoft Office Small Business 2007
"{91120000-00CA-0000-0000-0000000FF1CE}_SMALLBUSINESSR_{0B36C6D6-F5D8-4EAF-BF94-4376A230AD5B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{91120000-00CA-0000-0000-0000000FF1CE}_SMALLBUSINESSR_{3D019598-7B59-447A-80AE-815B703B84FF}" = Security Update for Microsoft Office system 2007 (972581)
"{9422C8EA-B0C6-4197-B8FC-DC797658CA00}" = Windows Live Sign-in Assistant
"{94CAC2F1-C856-47F4-AF24-65A1E75AEDB9}" = MotoHelper MergeModules
"{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting
"{9692FD03-6662-4E62-B08C-30DFF51651E1}" = Actiontec Gateway
"{98B672F2-857C-4CC9-A25D-6B218077F4F6}" = Yahoo! Autosync
"{9922FE96-6803-498D-A6AD-4EB5A3B956A5}" = Belkin Wireless G Plus MIMO USB Network Adapter
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{A06275F4-324B-4E85-95E6-87B2CD729401}" = Windows Defender
"{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}" = Microsoft .NET Framework 3.0 Service Pack 2
"{A7E4ECCA-4A8E-4258-8EC8-2DCCF5B11320}" = Windows Live installer
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{A939D341-5A04-4E0A-BB55-3E65B386432D}" = Microsoft Office Small Business Connectivity Components
"{AC76BA86-7AD7-1033-7B44-AA1000000001}" = Adobe Reader X (10.1.1)
"{ACF60000-22B9-4CE9-98D6-2CCF359BAC07}" = ABBYY FineReader 6.0 Sprint
"{B194272D-1F92-46DF-99EB-8D5CE91CB4EC}" = Adobe AIR
"{B3276CB1-20B6-4AF9-AAEC-E72C83816495}" = IKEA Home Planner
"{B32C4059-6E7A-41EF-AD20-56DF1872B923}" = Business Contact Manager for Outlook 2007 SP2
"{B391EECE-DFEA-4FC5-9D40-47FA43E2DBE6}" = Microsoft Office Accounting 2008 PayPal Addin
"{B3FED300-806C-11E0-A0D0-B8AC6F97B88E}" = Google Earth
"{B4092C6D-E886-4CB2-BA68-FE5A88D31DE6}_is1" = Spybot - Search & Destroy
"{B8C54AB1-7E1A-40E8-B794-EDB6E8921F3A}" = Dell Support Center
"{BAF78226-3200-4DB4-BE33-4D922A799840}" = Windows Presentation Foundation
"{BE282C23-5484-47FF-B2C1-EBEA5C891033}" = Nero 8 Trial
"{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}" = Microsoft .NET Framework 2.0 Service Pack 2
"{C8B0680B-CDAE-4809-9F91-387B6DE00F7C}" = Roxio Creator DE
"{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}" = Microsoft .NET Framework 1.1
"{CCA1EEA3-555E-4D05-AC46-4B49C6C5D887}" = Apple Mobile Device Support
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{CEBCD291-46DB-4EBD-A0F3-D805C9A5785E}" = Miller Paint ColorVisualizer - Virtual Painting Software
"{D01653EF-9F9F-41D6-B879-654A6BF5892C}" = Digital Locker Assistant
"{D2C5E510-BE6D-42CC-9F61-E4F939078474}" = Lexmark Printable Web
"{D639085F-4B6E-4105-9F37-A0DBB023E2FB}" = Roxio MyDVD DE
"{D848D140-41C3-4A53-86D8-E866A100B4CD}" = PC Connectivity Solution
"{DAEAFD68-BB4A-4507-A241-C8804D2EA66D}" = Apple Application Support
"{DF49D66D-D2D3-46DA-878B-F0BFC7795276}" = Flip
"{E3DF6916-2472-43D9-8B3C-9F2F0AAB01B5}" = Microsoft Office Accounting 2008 Fixed Asset Manager
"{E7004147-2CCA-431C-AA05-2AB166B9785D}" = QuickTime
"{E7084B89-69E0-46B3-A118-8F99D06988CD}" = Microsoft SQL Server VSS Writer
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{FF1C31AE-0CDC-40CE-AB85-406F8B70D643}" = Bonjour
"{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022
"7-Zip" = 7-Zip 9.20
"Adobe AIR" = Adobe AIR
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"ATI Display Driver" = ATI Display Driver
"Audacity_is1" = Audacity 1.2.6
"AudibleManager" = AudibleManager
"BASICR" = Microsoft Office Basic 2007
"Business Contact Manager" = Business Contact Manager for Outlook 2007 SP2
"CCleaner" = CCleaner (remove only)
"Citi Virtual Account Numbers" = Citi Virtual Account Numbers
"Dell AIO Printer 948" = Dell AIO Printer 948
"Google Updater" = Google Updater
"IDNMitigationAPIs" = Microsoft Internationalized Domain Names Mitigation APIs
"ie7" = Windows Internet Explorer 7
"ie8" = Windows Internet Explorer 8
"IrfanView" = IrfanView (remove only)
"Lexmark Pro800-Pro900 Series" = Lexmark Pro800-Pro900 Series
"Microsoft .NET Framework 1.1 (1033)" = Microsoft .NET Framework 1.1
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"Microsoft Office Accounting 2008" = Microsoft Office Accounting 2008
"Microsoft SQL Server 2005" = Microsoft SQL Server 2005
"Microsoft Visual Studio 2005 Tools for Office Runtime" = Microsoft Visual Studio 2005 Tools for Office Runtime
"MotoHelper" = MotoHelper 2.0.51 Driver 5.2.0
"Mozilla Firefox 5.0 (x86 en-US)" = Mozilla Firefox 5.0 (x86 en-US)
"Mozilla Thunderbird (2.0.0.12)" = Mozilla Thunderbird (2.0.0.12)
"MSCompPackV1" = Microsoft Compression Client Pack 1.0 for Windows XP
"NIS" = Norton Internet Security
"NLSDownlevelMapping" = Microsoft National Language Support Downlevel APIs
"Picasa 3" = Picasa 3
"Quicken WillMaker Plus 2008" = Quicken WillMaker Plus 2008
"Rapport_msi" = Rapport
"SearchAssist" = SearchAssist
"Shareaza_is1" = Shareaza 2.3.1.0
"SMALLBUSINESSR" = Microsoft Office Small Business 2007
"Wdf01005" = Microsoft Kernel-Mode Driver Framework Feature Pack 1.5
"Wdf01007" = Microsoft Kernel-Mode Driver Framework Feature Pack 1.7
"WIC" = Windows Imaging Component
"Windows Media Format Runtime" = Windows Media Format 11 runtime
"Windows Media Player" = Windows Media Player 11
"Windows XP Service Pack" = Windows XP Service Pack 3
"WMFDist11" = Windows Media Format 11 runtime
"wmp11" = Windows Media Player 11
"Wudf01005" = Microsoft User-Mode Driver Framework Feature Pack 1.5
"XpsEPSC" = XML Paper Specification Shared Components Pack 1.0
"Yahoo! Messenger" = Yahoo! Messenger
========== HKEY_CURRENT_USER Uninstall List ==========
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Abacast Client" = Abacast Client
"Google Chrome" = Google Chrome
"uTorrent" = µTorrent
"Yahoo! BrowserPlus" = Yahoo! BrowserPlus 2.9.8
========== Last 10 Event Log Errors ==========
[ Application Events ]
Error - 9/27/2011 6:36:19 PM | Computer Name = 5L4NRD1 | Source = QuickBooks | ID = 4
Description = An unexpected error has occured in "QuickBooks": Returning NULL QBWinInstance
Hand
Error - 9/27/2011 6:36:19 PM | Computer Name = 5L4NRD1 | Source = QuickBooks | ID = 4
Description = An unexpected error has occured in "QuickBooks": Returning NULL QBWinInstance
Hand
Error - 10/4/2011 8:19:15 PM | Computer Name = 5L4NRD1 | Source = QuickBooks | ID = 4
Description = An unexpected error has occured in "QuickBooks": Returning NULL QBWinInstance
Hand
Error - 10/4/2011 8:19:15 PM | Computer Name = 5L4NRD1 | Source = QuickBooks | ID = 4
Description = An unexpected error has occured in "QuickBooks": Returning NULL QBWinInstance
Hand
Error - 10/4/2011 8:19:16 PM | Computer Name = 5L4NRD1 | Source = QuickBooks | ID = 4
Description = An unexpected error has occured in "QuickBooks": Returning NULL QBWinInstance
Hand
Error - 10/4/2011 8:31:23 PM | Computer Name = 5L4NRD1 | Source = QuickBooks | ID = 4
Description = An unexpected error has occured in "QuickBooks": Returning NULL QBWinInstance
Hand
Error - 10/4/2011 8:31:23 PM | Computer Name = 5L4NRD1 | Source = QuickBooks | ID = 4
Description = An unexpected error has occured in "QuickBooks": Returning NULL QBWinInstance
Hand
Error - 10/4/2011 8:31:23 PM | Computer Name = 5L4NRD1 | Source = QuickBooks | ID = 4
Description = An unexpected error has occured in "QuickBooks": Returning NULL QBWinInstance
Hand
Error - 10/6/2011 3:18:15 PM | Computer Name = 5L4NRD1 | Source = Application Error | ID = 1000
Description = Faulting application chrome.exe, version 14.0.835.187, faulting module
unknown, version 0.0.0.0, fault address 0x00000000.
Error - 10/7/2011 5:26:01 PM | Computer Name = 5L4NRD1 | Source = Application Error | ID = 1000
Description = Faulting application aswmbr.exe, version 0.9.8.986, faulting module
ntdll.dll, version 5.1.2600.6055, fault address 0x000192f9.
[ OSession Events ]
Error - 3/11/2010 5:57:45 PM | Computer Name = 5L4NRD1 | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 6, Application Name: Microsoft Office Outlook, Application Version:
12.0.6514.5000, Microsoft Office Version: 12.0.6425.1000. This session lasted 91425
seconds with 300 seconds of active time. This session ended with a crash.
Error - 3/18/2010 10:37:28 PM | Computer Name = 5L4NRD1 | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 6, Application Name: Microsoft Office Outlook, Application Version:
12.0.6514.5000, Microsoft Office Version: 12.0.6425.1000. This session lasted 534372
seconds with 480 seconds of active time. This session ended with a crash.
Error - 3/28/2010 12:48:59 AM | Computer Name = 5L4NRD1 | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 6, Application Name: Microsoft Office Outlook, Application Version:
12.0.6514.5000, Microsoft Office Version: 12.0.6425.1000. This session lasted 131195
seconds with 480 seconds of active time. This session ended with a crash.
Error - 4/9/2010 10:48:57 PM | Computer Name = 5L4NRD1 | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 6, Application Name: Microsoft Office Outlook, Application Version:
12.0.6514.5000, Microsoft Office Version: 12.0.6425.1000. This session lasted 632766
seconds with 2220 seconds of active time. This session ended with a crash.
Error - 7/13/2010 4:02:06 PM | Computer Name = 5L4NRD1 | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 6, Application Name: Microsoft Office Outlook, Application Version:
12.0.6514.5000, Microsoft Office Version: 12.0.6425.1000. This session lasted 9707
seconds with 660 seconds of active time. This session ended with a crash.
Error - 3/10/2011 3:16:57 PM | Computer Name = 5L4NRD1 | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 6, Application Name: Microsoft Office Outlook, Application Version:
12.0.6550.5003, Microsoft Office Version: 12.0.6425.1000. This session lasted 248058
seconds with 2160 seconds of active time. This session ended with a crash.
Error - 3/31/2011 2:43:55 PM | Computer Name = 5L4NRD1 | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 6, Application Name: Microsoft Office Outlook, Application Version:
12.0.6550.5003, Microsoft Office Version: 12.0.6425.1000. This session lasted 1789110
seconds with 4740 seconds of active time. This session ended with a crash.
Error - 4/23/2011 11:16:34 PM | Computer Name = 5L4NRD1 | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 6, Application Name: Microsoft Office Outlook, Application Version:
12.0.6555.5000, Microsoft Office Version: 12.0.6425.1000. This session lasted 722731
seconds with 540 seconds of active time. This session ended with a crash.
Error - 5/12/2011 8:28:10 AM | Computer Name = 5L4NRD1 | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 6, Application Name: Microsoft Office Outlook, Application Version:
12.0.6555.5000, Microsoft Office Version: 12.0.6425.1000. This session lasted 163291
seconds with 360 seconds of active time. This session ended with a crash.
Error - 5/27/2011 6:35:56 PM | Computer Name = 5L4NRD1 | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 6, Application Name: Microsoft Office Outlook, Application Version:
12.0.6557.5001, Microsoft Office Version: 12.0.6425.1000. This session lasted 967319
seconds with 3780 seconds of active time. This session ended with a crash.
[ System Events ]
Error - 9/15/2011 9:13:48 AM | Computer Name = 5L4NRD1 | Source = Service Control Manager | ID = 7000
Description = The Windows Search service failed to start due to the following error:
%%1053
Error - 9/16/2011 8:49:20 PM | Computer Name = 5L4NRD1 | Source = Service Control Manager | ID = 7009
Description = Timeout (30000 milliseconds) waiting for the dldfCATSCustConnectService
service to connect.
Error - 9/16/2011 8:49:20 PM | Computer Name = 5L4NRD1 | Source = Service Control Manager | ID = 7000
Description = The dldfCATSCustConnectService service failed to start due to the
following error: %%1053
Error - 9/16/2011 8:50:50 PM | Computer Name = 5L4NRD1 | Source = Service Control Manager | ID = 7022
Description = The Windows Image Acquisition (WIA) service hung on starting.
Error - 9/22/2011 2:26:32 PM | Computer Name = 5L4NRD1 | Source = DCOM | ID = 10010
Description = The server {FFF2D28F-E4EE-44D9-8104-8E71556757F6} did not register
with DCOM within the required timeout.
Error - 9/23/2011 2:13:23 PM | Computer Name = 5L4NRD1 | Source = NetBT | ID = 4321
Description = The name "GUEST-1 :0" could not be registered on the Interface
with IP address 192.168.0.9. The machine with the IP address 192.168.0.8 did not
allow the name to be claimed by this machine.
Error - 10/6/2011 10:47:05 AM | Computer Name = 5L4NRD1 | Source = DCOM | ID = 10010
Description = The server {FFF2D28F-E4EE-44D9-8104-8E71556757F6} did not register
with DCOM within the required timeout.
Error - 10/6/2011 12:23:58 PM | Computer Name = 5L4NRD1 | Source = DCOM | ID = 10010
Description = The server {73E709EA-5D93-4B2E-BBB0-99B7938DA9E4} did not register
with DCOM within the required timeout.
Error - 10/6/2011 12:26:44 PM | Computer Name = 5L4NRD1 | Source = DCOM | ID = 10010
Description = The server {9E14B23B-5D8A-447F-B962-6D6D6897861E} did not register
with DCOM within the required timeout.
Error - 10/6/2011 10:36:28 PM | Computer Name = 5L4NRD1 | Source = DCOM | ID = 10010
Description = The server {1F87137D-0E7C-44D5-8C73-4EFFB68962F2} did not register
with DCOM within the required timeout.
< End of report >
OTL.txt follows-----------------------------------------------------------------------------------------------
OTL logfile created on: 10/7/2011 6:04:19 PM - Run 1
OTL by OldTimer - Version 3.2.29.1 Folder = C:\Documents and Settings\Kathy\My Documents\Downloads
Windows XP Home Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy
1022.10 Mb Total Physical Memory | 164.22 Mb Available Physical Memory | 16.07% Memory free
2.55 Gb Paging File | 1.10 Gb Available in Paging File | 43.23% Paging File free
Paging file location(s): C:\pagefile.sys 1536 3072 [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 148.95 Gb Total Space | 84.12 Gb Free Space | 56.47% Space Free | Partition Type: NTFS
Drive I: | 0.86 Mb Total Space | 0.00 Mb Free Space | 0.00% Space Free | Partition Type: CDFS
Drive J: | 930.86 Gb Total Space | 841.25 Gb Free Space | 90.37% Space Free | Partition Type: NTFS
Computer Name: 5L4NRD1 | User Name: Kathy | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days
========== Processes (SafeList) ==========
PRC - [2011/10/07 18:00:43 | 000,582,656 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Kathy\My Documents\Downloads\OTL.exe
PRC - [2011/09/30 08:12:41 | 001,030,200 | ---- | M] (Google Inc.) -- C:\Documents and Settings\Kathy\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
PRC - [2011/08/21 10:00:28 | 001,550,136 | ---- | M] (Trusteer Ltd.) -- C:\Program Files\Trusteer\Rapport\bin\RapportService.exe
PRC - [2011/08/21 10:00:28 | 000,870,200 | ---- | M] (Trusteer Ltd.) -- C:\Program Files\Trusteer\Rapport\bin\RapportMgmtService.exe
PRC - [2011/07/06 10:47:16 | 001,156,968 | ---- | M] (Intuit Inc.) -- C:\Program Files\Common Files\Intuit\QuickBooks\QBUpdate\qbupdate.exe
PRC - [2011/07/06 09:39:58 | 000,045,056 | ---- | M] (Intuit) -- C:\Program Files\Common Files\Intuit\QuickBooks\QBCFMonitorService.exe
PRC - [2011/06/30 13:25:52 | 001,248,256 | ---- | M] (Intuit Inc.) -- C:\Program Files\Common Files\Intuit\DataProtect\QBIDPService.exe
PRC - [2011/04/26 13:23:02 | 000,223,088 | ---- | M] () -- C:\Program Files\Motorola\MotoHelper\MotoHelperService.exe
PRC - [2011/04/26 13:22:44 | 000,681,840 | ---- | M] () -- C:\Program Files\Motorola\MotoHelper\MotoHelperAgent.exe
PRC - [2011/04/16 17:45:11 | 000,130,008 | R--- | M] (Symantec Corporation) -- C:\Program Files\Norton Internet Security\Engine\18.6.0.29\ccsvchst.exe
PRC - [2010/07/01 10:39:18 | 000,071,224 | ---- | M] (ArcSoft, Inc.) -- C:\Documents and Settings\Kathy\Application Data\HP SimpleSave Application\VSSUACToken.exe
PRC - [2010/07/01 10:38:26 | 000,083,512 | ---- | M] (ArcSoft, Inc.) -- C:\Documents and Settings\Kathy\Application Data\HP SimpleSave Application\uUACTokenSvc.exe
PRC - [2010/05/17 07:14:11 | 000,148,280 | ---- | M] () -- C:\Program Files\Lexmark Pro800-Pro900 Series\ezprint.exe
PRC - [2010/05/17 07:14:09 | 000,770,728 | ---- | M] () -- C:\Program Files\Lexmark Pro800-Pro900 Series\lxecmon.exe
PRC - [2010/04/14 13:08:12 | 000,598,696 | ---- | M] ( ) -- C:\WINDOWS\system32\lxeccoms.exe
PRC - [2010/04/14 13:08:05 | 000,193,192 | ---- | M] (Lexmark International, Inc.) -- C:\WINDOWS\system32\spool\drivers\w32x86\3\lxecserv.exe
PRC - [2009/02/20 09:46:52 | 000,030,312 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft Small Business\Business Contact Manager\BcmSqlStartupSvc.exe
PRC - [2008/04/13 17:12:19 | 001,033,728 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
PRC - [2007/08/21 15:28:52 | 000,391,680 | ---- | M] (Nokia Corporation.) -- C:\Program Files\Yahoo!\Yahoo! Autosync\AutosyncForYahoo.exe
PRC - [2007/07/10 03:15:28 | 000,368,640 | ---- | M] (Nokia Corporation.) -- C:\Program Files\Common Files\Intellisync\PushSyncService\PushSyncService.exe
PRC - [2007/07/03 06:36:40 | 000,410,248 | ---- | M] () -- C:\Program Files\Dell AIO Printer 948\memcard.exe
PRC - [2007/07/03 06:36:34 | 000,455,304 | ---- | M] () -- C:\Program Files\Dell AIO Printer 948\dldfmon.exe
PRC - [2007/06/25 23:56:06 | 000,598,664 | ---- | M] ( ) -- C:\WINDOWS\system32\dldfcoms.exe
PRC - [2007/05/25 09:38:46 | 000,112,176 | ---- | M] (SingleClick Systems) -- C:\Program Files\Dell Network Assistant\hnm_svc.exe
PRC - [2006/11/03 20:20:12 | 000,866,584 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Windows Defender\MSASCui.exe
PRC - [2006/11/03 20:19:58 | 000,013,592 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Windows Defender\MsMpEng.exe
PRC - [2006/11/02 21:40:12 | 000,174,656 | ---- | M] () -- C:\WINDOWS\system32\PSIService.exe
PRC - [2006/10/20 15:23:38 | 000,118,784 | ---- | M] (CyberLink Corp.) -- C:\Program Files\CyberLink\PowerDVD DX\PDVDDXSrv.exe
PRC - [2005/12/12 16:03:54 | 000,417,855 | ---- | M] (American Power Conversion Corporation) -- C:\Program Files\APC\APC PowerChute Personal Edition\apcsystray.exe
PRC - [2005/12/12 16:02:24 | 000,176,193 | ---- | M] (American Power Conversion Corporation) -- C:\Program Files\APC\APC PowerChute Personal Edition\mainserv.exe
PRC - [2004/08/12 15:51:02 | 000,192,512 | ---- | M] (Orbiscom Ltd. All rights reserved.) -- C:\Program Files\Citi Virtual Account Numbers\CitiVAN.exe
========== Modules (No Company Name) ==========
MOD - [2011/09/30 08:12:40 | 000,412,728 | ---- | M] () -- C:\Documents and Settings\Kathy\Local Settings\Application Data\Google\Chrome\Application\14.0.835.202\ppgooglenaclpluginchrome.dll
MOD - [2011/09/30 08:12:39 | 003,696,184 | ---- | M] () -- C:\Documents and Settings\Kathy\Local Settings\Application Data\Google\Chrome\Application\14.0.835.202\pdf.dll
MOD - [2011/09/30 08:11:39 | 000,309,304 | ---- | M] () -- C:\Documents and Settings\Kathy\Local Settings\Application Data\Google\Chrome\Application\14.0.835.202\Locales\en-US.dll
MOD - [2011/09/30 08:11:13 | 000,142,568 | ---- | M] () -- C:\Documents and Settings\Kathy\Local Settings\Application Data\Google\Chrome\Application\14.0.835.202\avutil-51.dll
MOD - [2011/09/30 08:11:12 | 000,253,320 | ---- | M] () -- C:\Documents and Settings\Kathy\Local Settings\Application Data\Google\Chrome\Application\14.0.835.202\avformat-53.dll
MOD - [2011/09/30 08:11:10 | 002,403,240 | ---- | M] () -- C:\Documents and Settings\Kathy\Local Settings\Application Data\Google\Chrome\Application\14.0.835.202\avcodec-53.dll
MOD - [2011/09/29 13:06:57 | 008,587,936 | ---- | M] () -- C:\Documents and Settings\Kathy\Local Settings\Application Data\Google\Chrome\Application\14.0.835.202\gcswf32.dll
MOD - [2011/08/17 13:09:46 | 000,557,056 | ---- | M] () -- C:\Program Files\Trusteer\Rapport\bin\js32.dll
MOD - [2011/08/10 06:40:51 | 000,212,992 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.ServiceProce#\70a1400affdc775d7c7398e036359286\System.ServiceProcess.ni.dll
MOD - [2011/08/10 06:15:46 | 005,450,752 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Xml\10154dcad2d62f226af2fd4211460a4b\System.Xml.ni.dll
MOD - [2011/08/10 06:15:38 | 000,971,264 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Configuration\77df2cd21a5b85a1605b335aa9ad9d44\System.Configuration.ni.dll
MOD - [2011/08/10 06:15:05 | 007,950,848 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System\e6c79e1d71b0c9000afd7e5e439b5c54\System.ni.dll
MOD - [2011/08/07 05:46:00 | 000,516,368 | ---- | M] () -- C:\Documents and Settings\All Users\Application Data\Trusteer\Rapport\store\exts\RapportMS\28896\RapportMS.dll
MOD - [2011/07/06 10:45:38 | 000,268,648 | ---- | M] () -- C:\Program Files\Intuit\QuickBooks 2008\boost_regex-vc90-mt-p-1_33.dll
MOD - [2011/06/19 05:07:06 | 011,490,816 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\mscorlib\0309936a8e1672d39b9cf14463ce69f9\mscorlib.ni.dll
MOD - [2011/04/26 13:23:02 | 000,223,088 | ---- | M] () -- C:\Program Files\Motorola\MotoHelper\MotoHelperService.exe
MOD - [2011/04/26 13:22:44 | 000,681,840 | ---- | M] () -- C:\Program Files\Motorola\MotoHelper\MotoHelperAgent.exe
MOD - [2010/05/17 07:14:11 | 000,148,280 | ---- | M] () -- C:\Program Files\Lexmark Pro800-Pro900 Series\ezprint.exe
MOD - [2010/05/17 07:14:09 | 000,770,728 | ---- | M] () -- C:\Program Files\Lexmark Pro800-Pro900 Series\lxecmon.exe
MOD - [2010/04/05 03:56:20 | 000,094,359 | ---- | M] () -- C:\Program Files\Lexmark Pro800-Pro900 Series\epoemdll.dll
MOD - [2010/04/05 03:56:19 | 000,045,221 | ---- | M] () -- C:\Program Files\Lexmark Pro800-Pro900 Series\epstring.dll
MOD - [2010/04/05 03:56:17 | 002,203,803 | ---- | M] () -- C:\Program Files\Lexmark Pro800-Pro900 Series\epwizres.dll
MOD - [2010/04/05 03:56:07 | 000,716,954 | ---- | M] () -- C:\Program Files\Lexmark Pro800-Pro900 Series\epwizard.dll
MOD - [2010/04/05 03:55:15 | 000,159,890 | ---- | M] () -- C:\Program Files\Lexmark Pro800-Pro900 Series\customui.dll
MOD - [2010/04/05 03:55:04 | 000,061,604 | ---- | M] () -- C:\Program Files\Lexmark Pro800-Pro900 Series\epfunct.dll
MOD - [2010/04/05 03:54:59 | 000,123,033 | ---- | M] () -- C:\Program Files\Lexmark Pro800-Pro900 Series\eputil.dll
MOD - [2010/04/05 03:54:52 | 000,143,502 | ---- | M] () -- C:\Program Files\Lexmark Pro800-Pro900 Series\imagutil.dll
MOD - [2010/04/01 10:24:28 | 001,159,168 | ---- | M] () -- C:\Program Files\Lexmark Pro800-Pro900 Series\lxecdrs.dll
MOD - [2010/04/01 10:23:27 | 000,389,120 | ---- | M] () -- C:\Program Files\Lexmark Pro800-Pro900 Series\lxecscw.dll
MOD - [2010/02/05 11:27:45 | 001,291,776 | ---- | M] () -- C:\WINDOWS\system32\quartz.dll
MOD - [2009/11/25 23:08:23 | 000,049,152 | ---- | M] () -- C:\WINDOWS\system32\LXECPMON.DLL
MOD - [2009/11/09 01:06:45 | 000,159,744 | ---- | M] () -- C:\WINDOWS\system32\spool\drivers\w32x86\3\lxecprpr.dll
MOD - [2009/11/04 06:14:38 | 000,165,376 | ---- | M] () -- C:\WINDOWS\system32\spool\drivers\w32x86\3\lxecdrui.dll
MOD - [2009/11/04 06:14:19 | 000,157,696 | ---- | M] () -- C:\WINDOWS\system32\spool\prtprocs\w32x86\lxecdrpp.dll
MOD - [2009/11/04 06:14:06 | 000,236,032 | ---- | M] () -- C:\WINDOWS\system32\spool\drivers\w32x86\3\lxecdr.dll
MOD - [2009/10/30 10:47:14 | 001,003,520 | ---- | M] () -- C:\WINDOWS\system32\spool\drivers\w32x86\3\lxechpec.dll
MOD - [2009/05/27 05:16:50 | 000,192,512 | ---- | M] () -- C:\WINDOWS\system32\spool\drivers\w32x86\3\lxecdatr.dll
MOD - [2009/05/18 06:29:08 | 000,819,200 | ---- | M] () -- C:\WINDOWS\system32\spool\drivers\w32x86\3\lxecptpc.dll
MOD - [2009/04/07 12:25:27 | 000,409,600 | ---- | M] () -- C:\Program Files\Lexmark Pro800-Pro900 Series\iptk.dll
MOD - [2009/03/09 22:43:49 | 000,155,648 | ---- | M] () -- C:\Program Files\Lexmark Pro800-Pro900 Series\lxeccaps.dll
MOD - [2009/03/02 07:25:47 | 000,151,552 | ---- | M] () -- C:\Program Files\Lexmark Pro800-Pro900 Series\lxecptp.dll
MOD - [2009/02/20 01:48:43 | 000,023,552 | ---- | M] () -- C:\WINDOWS\system32\LXECsmr.dll
MOD - [2009/02/20 01:48:03 | 000,299,008 | ---- | M] () -- C:\WINDOWS\system32\LXECsm.dll
MOD - [2009/01/13 06:15:12 | 004,485,120 | ---- | M] () -- C:\WINDOWS\system32\LXECoem.dll
MOD - [2007/08/21 15:27:22 | 000,139,264 | ---- | M] () -- C:\Program Files\Yahoo!\Yahoo! Autosync\AutosyncWizard.dll
MOD - [2007/08/21 15:25:24 | 000,037,376 | ---- | M] () -- C:\Program Files\Yahoo!\Yahoo! Autosync\PimDetection.dll
MOD - [2007/07/10 03:18:26 | 000,077,824 | ---- | M] () -- C:\Program Files\Common Files\Intellisync\PushSyncService\PushSyncServicePS.dll
MOD - [2007/07/03 06:36:40 | 000,410,248 | ---- | M] () -- C:\Program Files\Dell AIO Printer 948\memcard.exe
MOD - [2007/07/03 06:36:34 | 000,455,304 | ---- | M] () -- C:\Program Files\Dell AIO Printer 948\dldfmon.exe
MOD - [2007/06/22 06:29:43 | 000,045,056 | ---- | M] () -- C:\WINDOWS\system32\DLDFPMON.DLL
MOD - [2007/06/22 06:27:16 | 000,032,768 | ---- | M] () -- C:\Program Files\Dell AIO Printer 948\ipcmt.dll
MOD - [2007/05/08 11:44:28 | 000,278,528 | ---- | M] () -- C:\Program Files\Dell AIO Printer 948\dldfscw.dll
MOD - [2007/05/03 23:23:33 | 000,049,152 | ---- | M] () -- C:\WINDOWS\system32\dldfoem.dll
MOD - [2007/05/03 08:39:31 | 000,589,824 | ---- | M] () -- C:\Program Files\Dell AIO Printer 948\dldfdatr.dll
MOD - [2007/05/02 20:38:35 | 000,113,664 | ---- | M] () -- C:\WINDOWS\system32\spool\prtprocs\w32x86\dldfdrpp.dll
MOD - [2007/04/16 06:47:47 | 000,077,906 | ---- | M] () -- C:\Program Files\Dell AIO Printer 948\dldfcfg.dll
MOD - [2007/04/09 06:16:00 | 000,147,456 | ---- | M] () -- C:\Program Files\Dell AIO Printer 948\DLDFptp.dll
MOD - [2006/12/28 08:47:42 | 000,073,728 | ---- | M] () -- C:\Program Files\Dell AIO Printer 948\dldfcats.dll
MOD - [2006/11/02 21:40:12 | 000,174,656 | ---- | M] () -- C:\WINDOWS\system32\PSIService.exe
MOD - [2006/10/26 16:21:22 | 000,056,056 | ---- | M] () -- C:\WINDOWS\system32\DLAAPI_W.DLL
MOD - [2004/08/05 12:07:34 | 000,040,960 | ---- | M] () -- C:\Program Files\Citi Virtual Account Numbers\VANRes.dll
========== Win32 Services (SafeList) ==========
SRV - File not found [Auto | Stopped] -- -- (RoxLiveShare9)
SRV - File not found [On_Demand | Stopped] -- -- (AppMgmt)
SRV - [2011/08/21 10:00:28 | 000,870,200 | ---- | M] (Trusteer Ltd.) [Auto | Running] -- C:\Program Files\Trusteer\Rapport\bin\RapportMgmtService.exe -- (RapportMgmtService)
SRV - [2011/07/06 09:39:58 | 000,045,056 | ---- | M] (Intuit) [Auto | Running] -- C:\Program Files\Common Files\Intuit\QuickBooks\QBCFMonitorService.exe -- (QBCFMonitorService)
SRV - [2011/06/30 13:25:52 | 001,248,256 | ---- | M] (Intuit Inc.) [Auto | Running] -- C:\Program Files\Common Files\Intuit\DataProtect\QBIDPService.exe -- (QBVSS)
SRV - [2011/04/26 13:23:02 | 000,223,088 | ---- | M] () [Auto | Running] -- C:\Program Files\Motorola\MotoHelper\MotoHelperService.exe -- (MotoHelper)
SRV - [2011/04/16 17:45:11 | 000,130,008 | R--- | M] (Symantec Corporation) [Unknown | Running] -- C:\Program Files\Norton Internet Security\Engine\18.6.0.29\ccSvcHst.exe -- (NIS)
SRV - [2010/07/01 10:38:26 | 000,083,512 | ---- | M] (ArcSoft, Inc.) [Auto | Running] -- C:\Documents and Settings\Kathy\Application Data\HP SimpleSave Application\uUACTokenSvc.exe -- (BackupService)
SRV - [2010/04/14 13:08:12 | 000,598,696 | ---- | M] ( ) [Auto | Running] -- C:\WINDOWS\System32\lxeccoms.exe -- (lxec_device)
SRV - [2010/04/14 13:08:05 | 000,193,192 | ---- | M] () [Auto | Running] -- C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\\lxecserv.exe -- (lxecCATSCustConnectService)
SRV - [2009/07/23 21:10:38 | 000,061,440 | ---- | M] (Intuit Inc.) [On_Demand | Stopped] -- C:\Program Files\Common Files\Intuit\QuickBooks\FCS\Intuit.QuickBooks.FCS.exe -- (QBFCService)
SRV - [2009/02/20 09:46:52 | 000,030,312 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Microsoft Small Business\Business Contact Manager\BcmSqlStartupSvc.exe -- (BcmSqlStartupSvc)
SRV - [2008/11/11 10:38:06 | 000,620,544 | ---- | M] (Nokia.) [On_Demand | Stopped] -- C:\Program Files\PC Connectivity Solution\ServiceLayer.exe -- (ServiceLayer)
SRV - [2007/06/25 23:56:08 | 000,098,952 | ---- | M] () [Auto | Stopped] -- C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\\dldfserv.exe -- (dldfCATSCustConnectService)
SRV - [2007/06/25 23:56:06 | 000,598,664 | ---- | M] ( ) [Auto | Running] -- C:\WINDOWS\System32\dldfcoms.exe -- (dldf_device)
SRV - [2007/05/25 09:38:46 | 000,112,176 | ---- | M] (SingleClick Systems) [Auto | Running] -- C:\Program Files\Dell Network Assistant\hnm_svc.exe -- (hnmsvc)
SRV - [2007/03/19 10:44:44 | 000,070,656 | ---- | M] () [On_Demand | Stopped] -- C:\Program Files\DellSupport\brkrsvc.exe -- (DSBrokerService)
SRV - [2006/11/03 20:19:58 | 000,013,592 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\MsMpEng.exe -- (WinDefend)
SRV - [2006/11/02 21:40:12 | 000,174,656 | ---- | M] () [Auto | Running] -- C:\WINDOWS\system32\PSIService.exe -- (ProtexisLicensing)
SRV - [2005/12/12 16:02:24 | 000,176,193 | ---- | M] (American Power Conversion Corporation) [Auto | Running] -- C:\Program Files\APC\APC PowerChute Personal Edition\mainserv.exe -- (APC UPS Service)
SRV - [2004/10/22 03:24:18 | 000,073,728 | ---- | M] (Macrovision Corporation) [On_Demand | Stopped] -- C:\Program Files\Roxio\Roxio MyDVD DE\InstallShield\Driver\1050\Intel 32\IDriverT.exe -- (IDriverT)
========== Driver Services (SafeList) ==========
DRV - [2011/09/29 14:35:11 | 000,816,760 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Documents and Settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_18.1.0.37\Definitions\BASHDefs\20110929.001\BHDrvx86.sys -- (BHDrvx86)
DRV - [2011/09/23 12:37:57 | 001,576,312 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\Documents and Settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_18.1.0.37\Definitions\VirusDefs\20111006.032\NAVEX15.SYS -- (NAVEX15)
DRV - [2011/09/23 12:37:56 | 000,086,136 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\Documents and Settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_18.1.0.37\Definitions\VirusDefs\20111006.032\NAVENG.SYS -- (NAVENG)
DRV - [2011/08/23 00:17:32 | 000,356,280 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\Documents and Settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_18.1.0.37\Definitions\IPSDefs\20111007.030\IDSXpx86.sys -- (IDSxpx86)
DRV - [2011/08/21 10:00:36 | 000,158,904 | ---- | M] (Trusteer Ltd.) [Kernel | System | Running] -- C:\Program Files\Trusteer\Rapport\bin\RapportPG.sys -- (RapportPG)
DRV - [2011/08/21 10:00:36 | 000,066,360 | ---- | M] (Trusteer Ltd.) [Kernel | System | Running] -- C:\Program Files\Trusteer\Rapport\bin\RapportEI.sys -- (RapportEI)
DRV - [2011/08/21 10:00:36 | 000,053,816 | ---- | M] (Trusteer Ltd.) [Kernel | Boot | Running] -- C:\WINDOWS\System32\Drivers\RapportKELL.sys -- (RapportKELL)
DRV - [2011/08/07 05:46:12 | 000,021,520 | ---- | M] (Trusteer Ltd.) [Kernel | Disabled | Stopped] -- c:\Documents and Settings\All Users\Application Data\Trusteer\Rapport\store\exts\RapportMS\28896\RapportIaso.sys -- (RapportIaso)
DRV - [2011/08/03 00:53:19 | 000,216,912 | ---- | M] () [Kernel | System | Running] -- C:\Documents and Settings\All Users\Application Data\Trusteer\Rapport\store\exts\RapportCerberus\29574\RapportCerberus32_29574.sys -- (RapportCerberus_29574)
DRV - [2011/07/27 16:32:00 | 000,374,392 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Program Files\Common Files\Symantec Shared\EENGINE\eeCtrl.sys -- (eeCtrl)
DRV - [2011/07/27 16:32:00 | 000,105,592 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\Program Files\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys -- (EraserUtilRebootDrv)
DRV - [2011/06/10 11:18:47 | 000,126,584 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\SYMEVENT.SYS -- (SymEvent)
DRV - [2011/04/04 14:55:38 | 000,020,480 | ---- | M] (Motorola) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\motccgp.sys -- (motccgp)
DRV - [2011/03/31 14:53:22 | 000,024,064 | ---- | M] (Motorola) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\motmodem.sys -- (motmodem)
DRV - [2011/03/30 20:00:09 | 000,516,216 | ---- | M] (Symantec Corporation) [File_System | On_Demand | Running] -- C:\WINDOWS\system32\drivers\NIS\1206000.01D\SRTSP.SYS -- (SRTSP)
DRV - [2011/03/30 20:00:09 | 000,050,168 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\NIS\1206000.01D\SRTSPX.SYS -- (SRTSPX) Symantec Real Time Storage Protection (PEL)
DRV - [2011/03/21 17:39:49 | 000,369,784 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\NIS\1206000.01D\SYMTDI.SYS -- (SYMTDI)
DRV - [2011/03/14 19:31:23 | 000,744,568 | ---- | M] (Symantec Corporation) [File_System | Boot | Running] -- C:\WINDOWS\system32\drivers\NIS\1206000.01D\SYMEFA.SYS -- (SymEFA)
DRV - [2011/01/26 23:47:10 | 000,340,088 | ---- | M] (Symantec Corporation) [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\NIS\1206000.01D\SYMDS.SYS -- (SymDS)
DRV - [2011/01/26 22:07:05 | 000,136,312 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\NIS\1206000.01D\Ironx86.SYS -- (SymIRON)
DRV - [2010/04/01 14:31:50 | 000,023,424 | ---- | M] (Motorola) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\Motousbnet.sys -- (Motousbnet)
DRV - [2009/07/10 13:01:06 | 000,025,856 | ---- | M] (Motorola) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\motoandroid.sys -- (motandroidusb)
DRV - [2009/05/08 11:56:12 | 000,042,752 | ---- | M] (Motorola Inc) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\motodrv.sys -- (MotDev)
DRV - [2009/01/29 17:18:00 | 000,008,320 | ---- | M] (Motorola) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\motccgpfl.sys -- (motccgpfl)
DRV - [2009/01/29 17:11:20 | 000,006,016 | ---- | M] (Motorola Inc) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\motfilt.sys -- (BTCFilterService)
DRV - [2008/04/13 11:56:49 | 000,012,800 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\usb8023.sys -- (USB_RNDIS)
DRV - [2007/11/02 15:51:30 | 000,006,400 | ---- | M] (Motorola) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\motswch.sys -- (MotoSwitchService)
DRV - [2007/06/13 18:41:44 | 004,403,712 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\RtkHDAud.sys -- (IntcAzAudAddService) Service for Realtek HD Audio (WDM)
DRV - [2007/05/27 20:32:28 | 001,580,544 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ati2mtag.sys -- (ati2mtag)
DRV - [2007/02/25 10:10:48 | 000,005,376 | --S- | M] (Gteko Ltd.) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\dsunidrv.sys -- (dsunidrv)
DRV - [2007/02/08 20:05:30 | 000,028,120 | ---- | M] (Roxio) [File_System | System | Running] -- C:\WINDOWS\system32\drivers\DLARTL_M.SYS -- (DLARTL_M)
DRV - [2007/02/08 20:05:30 | 000,012,856 | ---- | M] (Roxio) [File_System | System | Running] -- C:\WINDOWS\system32\drivers\DLACDBHM.SYS -- (DLACDBHM)
DRV - [2006/12/18 17:01:20 | 000,012,672 | ---- | M] (SingleClick Systems) [Kernel | Auto | Stopped] -- C:\WINDOWS\system32\drivers\packet.sys -- (Packet)
DRV - [2006/10/26 16:22:02 | 000,009,400 | ---- | M] (Roxio) [File_System | Auto | Running] -- C:\WINDOWS\system32\DLA\DLADResM.SYS -- (DLADResM)
DRV - [2006/10/26 16:21:34 | 000,094,648 | ---- | M] (Roxio) [File_System | Auto | Running] -- C:\WINDOWS\system32\DLA\DLAUDFAM.SYS -- (DLAUDFAM)
DRV - [2006/10/26 16:21:34 | 000,035,096 | ---- | M] (Roxio) [File_System | Auto | Running] -- C:\WINDOWS\system32\DLA\DLABMFSM.SYS -- (DLABMFSM)
DRV - [2006/10/26 16:21:32 | 000,097,848 | ---- | M] (Roxio) [File_System | Auto | Running] -- C:\WINDOWS\system32\DLA\DLAUDF_M.SYS -- (DLAUDF_M)
DRV - [2006/10/26 16:21:30 | 000,026,296 | ---- | M] (Roxio) [File_System | Auto | Running] -- C:\WINDOWS\system32\DLA\DLAOPIOM.SYS -- (DLAOPIOM)
DRV - [2006/10/26 16:21:28 | 000,032,472 | ---- | M] (Roxio) [File_System | Auto | Running] -- C:\WINDOWS\system32\DLA\DLABOIOM.SYS -- (DLABOIOM)
DRV - [2006/10/26 16:21:26 | 000,014,520 | ---- | M] (Roxio) [File_System | Auto | Running] -- C:\WINDOWS\system32\DLA\DLAPoolM.SYS -- (DLAPoolM)
DRV - [2006/10/26 16:21:24 | 000,104,536 | ---- | M] (Roxio) [File_System | Auto | Running] -- C:\WINDOWS\system32\DLA\DLAIFS_M.SYS -- (DLAIFS_M)
DRV - [2006/10/05 15:07:28 | 000,004,736 | ---- | M] (Gteko Ltd.) [Kernel | On_Demand | Stopped] -- C:\Program Files\DellSupport\GTAction\triggers\DSproct.sys -- (DSproct)
DRV - [2005/06/18 02:48:46 | 000,019,968 | ---- | M] (WikiTek Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ss.sys -- (StreamSurge)
========== Standard Registry (SafeList) ==========
========== Internet Explorer ==========
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = http://us.rd.yahoo.c...rch/search.html
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,CustomSearch = http://us.rd.yahoo.c...rch/search.html
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Page_URL = partnerpage.google.com/smallbiz.dell.com/en_us?hl=en&client=dell-usuk&channel=us-smb&ibd=1071023
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.google.co...?channel=us-smb
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,Start Page = partnerpage.google.com/smallbiz.dell.com/en_us?hl=en&client=dell-usuk&channel=us-smb&ibd=1071023
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = partnerpage.google.com/smallbiz.dell.com/en_us?hl=en&client=dell-usuk&channel=us-smb&ibd=1071023
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = http://www.google.co...?channel=us-smb
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.google.co...?channel=us-smb
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.lalunaloca.com/
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local;192.168.*.*
========== FireFox ==========
FF - prefs.js..browser.startup.homepage: "http://www.lalunaloca.com/"
FF - prefs.js..extensions.enabledItems: {d37dc5d0-431d-44e5-8c91-49419370caa1}:2.7.82
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}:6.0.21
FF - prefs.js..extensions.enabledItems: [email protected]:1.0
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}:6.0.22
FF - prefs.js..extensions.enabledItems: [email protected]:1.4
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\WINDOWS\system32\Macromed\Flash\NPSWF32.dll ()
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF - HKLM\Software\MozillaPlugins\@google.com/npPicasa3,version=3.0.0: C:\Program Files\Google\Picasa3\npPicasa3.dll (Google, Inc.)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@messenger.yahoo.com/YahooMessengerStatePlugin;version=1.0.0.3: C:\Program Files\Yahoo!\Shared\npYState.dll (Yahoo! Inc.)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\4.0.60531.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@pack.google.com/Google Updater;version=13: C:\Program Files\Google\Google Updater\2.4.1636.7222\npCIDetect13.dll (Google)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.21.69\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.21.69\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKCU\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\WINDOWS\system32\Macromed\Flash\NPSWF32.dll ()
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Documents and Settings\Kathy\Local Settings\Application Data\Google\Update\1.3.21.69\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Documents and Settings\Kathy\Local Settings\Application Data\Google\Update\1.3.21.69\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@yahoo.com/BrowserPlus,version=2.9.8: C:\Documents and Settings\Kathy\Local Settings\Application Data\Yahoo!\BrowserPlus\2.9.8\Plugins\npybrowserplus_2.9.8.dll (Yahoo! Inc.)
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{BBDA0591-3099-440a-AA10-41764D9DB4DB}: C:\Documents and Settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_18.1.0.37\IPSFFPlgn\ [2011/09/07 17:25:52 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{2D3F3651-74B9-4795-BDEC-6DA2F431CB62}: C:\Documents and Settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_18.1.0.37\coFFPlgn_2011_7_1_3 [2011/09/16 17:49:18 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 5.0\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2011/07/06 19:13:56 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 5.0\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2011/09/15 09:14:27 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Thunderbird 2.0.0.12\extensions\\Components: C:\Program Files\Mozilla Thunderbird\components [2010/10/27 11:26:30 | 000,000,000 | ---D | M]
[2008/08/27 16:57:31 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Kathy\Application Data\Mozilla\Extensions
[2011/07/28 10:22:24 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Kathy\Application Data\Mozilla\Firefox\Profiles\o5rl9uys.default\extensions
[2010/05/09 19:39:35 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Documents and Settings\Kathy\Application Data\Mozilla\Firefox\Profiles\o5rl9uys.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}
[2011/07/18 12:07:04 | 000,000,000 | ---D | M] (FoxClocks) -- C:\Documents and Settings\Kathy\Application Data\Mozilla\Firefox\Profiles\o5rl9uys.default\extensions\{d37dc5d0-431d-44e5-8c91-49419370caa1}
[2008/07/29 12:51:30 | 000,001,733 | ---- | M] () -- C:\Documents and Settings\Kathy\Application Data\Mozilla\Firefox\Profiles\o5rl9uys.default\searchplugins\live-search.xml
[2011/05/02 11:44:27 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions
[2010/07/27 21:46:51 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}
[2010/10/27 10:38:40 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}
[2011/09/16 17:49:18 | 000,000,000 | ---D | M] (Norton Toolbar) -- C:\DOCUMENTS AND SETTINGS\ALL USERS\APPLICATION DATA\NORTON\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_18.1.0.37\COFFPLGN_2011_7_1_3
[2011/09/07 17:25:52 | 000,000,000 | ---D | M] (Symantec IPS) -- C:\DOCUMENTS AND SETTINGS\ALL USERS\APPLICATION DATA\NORTON\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_18.1.0.37\IPSFFPLGN
() (No name found) -- C:\DOCUMENTS AND SETTINGS\KATHY\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\O5RL9UYS.DEFAULT\EXTENSIONS\[email protected]
[2008/11/30 22:28:29 | 000,000,000 | ---D | M] (Java Quick Starter) -- C:\PROGRAM FILES\JAVA\JRE6\LIB\DEPLOY\JQS\FF
[2011/07/06 19:13:54 | 000,142,296 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\browsercomps.dll
[2010/09/15 04:50:38 | 000,472,808 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\mozilla firefox\plugins\npdeployJava1.dll
[2010/01/01 01:00:00 | 000,002,252 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\bing.xml
========== Chrome ==========
CHR - default_search_provider: Google (Enabled)
CHR - default_search_provider: search_url = {google:baseURL}search?{google:RLZ}{google:acceptedSuggestion}{google:originalQueryForSuggestion}{google:searchFieldtrialParameter}{google:instantFieldTrialGroupParameter}sourceid=chrome&ie={inputEncoding}&q={searchTerms}
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}{google:instantFieldTrialGroupParameter}client=chrome&hl={language}&q={searchTerms}
CHR - plugin: Shockwave Flash (Enabled) = C:\Documents and Settings\Kathy\Local Settings\Application Data\Google\Chrome\Application\14.0.835.202\gcswf32.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\WINDOWS\system32\Macromed\Flash\NPSWF32.dll
CHR - plugin: QuickTime Plug-in 7.6.8 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin.dll
CHR - plugin: QuickTime Plug-in 7.6.8 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin2.dll
CHR - plugin: QuickTime Plug-in 7.6.8 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin3.dll
CHR - plugin: QuickTime Plug-in 7.6.8 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin4.dll
CHR - plugin: QuickTime Plug-in 7.6.8 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin5.dll
CHR - plugin: QuickTime Plug-in 7.6.8 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin6.dll
CHR - plugin: QuickTime Plug-in 7.6.8 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin7.dll
CHR - plugin: Java Deployment Toolkit 6.0.220.4 (Enabled) = C:\Program Files\Java\jre6\bin\new_plugin\npdeployJava1.dll
CHR - plugin: Java™ Platform SE 6 U22 (Enabled) = C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll
CHR - plugin: Adobe Acrobat (Disabled) = C:\Program Files\Adobe\Reader 10.0\Reader\Browser\nppdf32.dll
CHR - plugin: Silverlight Plug-In (Enabled) = c:\Program Files\Microsoft Silverlight\4.0.60531.0\npctrl.dll
CHR - plugin: Windows Media Player Plug-in Dynamic Link Library (Enabled) = C:\Program Files\Windows Media Player\npdsplay.dll
CHR - plugin: Remoting Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Documents and Settings\Kathy\Local Settings\Application Data\Google\Chrome\Application\14.0.835.202\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Documents and Settings\Kathy\Local Settings\Application Data\Google\Chrome\Application\14.0.835.202\pdf.dll
CHR - plugin: Abacast v2.1b3 (Enabled) = C:\Documents and Settings\Kathy\Application Data\Mozilla\plugins\NPAbacheck.dll
CHR - plugin: Microsoft\u00AE DRM (Enabled) = C:\Program Files\Windows Media Player\npdrmv2.dll
CHR - plugin: Microsoft\u00AE DRM (Enabled) = C:\Program Files\Windows Media Player\npwmsdrm.dll
CHR - plugin: Google Update (Enabled) = C:\Documents and Settings\Kathy\Local Settings\Application Data\Google\Update\1.3.21.69\npGoogleUpdate3.dll
CHR - plugin: Google Updater (Enabled) = C:\Program Files\Google\Google Updater\2.4.1636.7222\npCIDetect13.dll
CHR - plugin: BrowserPlus (from Yahoo!) v2.9.8 (Enabled) = C:\Documents and Settings\Kathy\Local Settings\Application Data\Yahoo!\BrowserPlus\2.9.8\Plugins\npybrowserplus_2.9.8.dll
CHR - plugin: Google Earth Plugin (Enabled) = C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll
CHR - plugin: Picasa (Enabled) = C:\Program Files\Google\Picasa3\npPicasa3.dll
CHR - plugin: iTunes Application Detector (Enabled) = C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll
CHR - plugin: Windows Presentation Foundation (Enabled) = c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll
CHR - plugin: Default Plug-in (Enabled) = default_plugin
CHR - Extension: Zen Spring = C:\Documents and Settings\Kathy\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\iccigcodfkejfabfbepnfoddhnlmimgo\1.0_0\
O1 HOSTS File: ([2011/07/13 12:09:25 | 000,312,920 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (no name) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - No CLSID value found.
O2 - BHO: (Skype add-on (mastermind)) - {22BF413B-C6D2-4d91-82A9-A0F997BA588C} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Skype Technologies S.A.)
O2 - BHO: (CitiUSBrowserHelper Class) - {387EDF53-1CF2-4523-BC2F-13462651BE8C} - C:\WINDOWS\system32\BhoCitUS.dll (Orbiscom Ltd. All rights reserved.)
O2 - BHO: (AVG Safe Search) - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - Reg Error: Value error. File not found
O2 - BHO: (Spybot-S&D IE Protection) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
O2 - BHO: (Symantec NCO BHO) - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files\Norton Internet Security\Engine\18.6.0.29\coieplg.dll (Symantec Corporation)
O2 - BHO: (Symantec Intrusion Prevention) - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files\Norton Internet Security\Engine\18.6.0.29\ips\ipsbho.dll (Symantec Corporation)
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - No CLSID value found.
O2 - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.1.1309.3572\swg.dll (Google Inc.)
O2 - BHO: (Lexmark Printable Web) - {D2C5E510-BE6D-42CC-9F61-E4F939078474} - C:\Program Files\Lexmark Printable Web\bho.dll ()
O3 - HKLM\..\Toolbar: (Norton Toolbar) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files\Norton Internet Security\Engine\18.6.0.29\coieplg.dll (Symantec Corporation)
O3 - HKLM\..\Toolbar: (no name) - {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (Norton Toolbar) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files\Norton Internet Security\Engine\18.6.0.29\coieplg.dll (Symantec Corporation)
O4 - HKLM..\Run: [Alcmtr] C:\WINDOWS\ALCMTR.EXE (Realtek Semiconductor Corp.)
O4 - HKLM..\Run: [CitiVAN] C:\Program Files\Citi Virtual Account Numbers\CitiVAN.exe (Orbiscom Ltd. All rights reserved.)
O4 - HKLM..\Run: [Dell AIO Printer 948 Fax Server] C:\Program Files\Dell AIO Printer 948\fm3032.exe ()
O4 - HKLM..\Run: [dldfmon.exe] C:\Program Files\Dell AIO Printer 948\dldfmon.exe ()
O4 - HKLM..\Run: [dscactivate] c:\dell\dsca.exe ( )
O4 - HKLM..\Run: [EzPrint] C:\Program Files\Lexmark Pro800-Pro900 Series\ezprint.exe ()
O4 - HKLM..\Run: [Intuit SyncManager] C:\Program Files\Common Files\Intuit\Sync\IntuitSyncManager.exe (Intuit Inc. All rights reserved.)
O4 - HKLM..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k File not found
O4 - HKLM..\Run: [Lexmark Pro800-Pro900 Series Fax Server] C:\Program Files\Lexmark Pro800-Pro900 Series\fm3032.exe ()
O4 - HKLM..\Run: [lxecmon.exe] C:\Program Files\Lexmark Pro800-Pro900 Series\lxecmon.exe ()
O4 - HKLM..\Run: [MemoryCardManager] C:\Program Files\Dell AIO Printer 948\memcard.exe ()
O4 - HKLM..\Run: [PDVDDXSrv] C:\Program Files\CyberLink\PowerDVD DX\PDVDDXSrv.exe (CyberLink Corp.)
O4 - HKLM..\Run: [Windows Defender] C:\Program Files\Windows Defender\MSASCui.exe (Microsoft Corporation)
O4 - HKLM..\RunOnce\Setup: [Registering ActiveScan 2.0 Components] C:\WINDOWS\system32\regsvr32.exe /s "C:\Program Files\Panda Security\ActiveScan 2.0\as2guiie.dll" File not found
O4 - HKLM..\RunOnce\Setup: [Registering ActiveScan 2.0 Components.] C:\WINDOWS\system32\regsvr32.exe /s "C:\Program Files\Panda Security\ActiveScan 2.0\npwrapper.dll" File not found
O4 - HKLM..\RunOnce\Setup: [Registering ActiveScan 2.0 Components..] C:\WINDOWS\system32\regsvr32.exe /s "C:\Program Files\Panda Security\ActiveScan 2.0\libcomm.dll" File not found
O4 - HKLM..\RunOnce\Setup: [Registering ActiveScan 2.0 Components...] C:\WINDOWS\system32\regsvr32.exe /s "C:\Program Files\Panda Security\ActiveScan 2.0\as2inst.dll" File not found
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\APC UPS Status.lnk = C:\Program Files\APC\APC PowerChute Personal Edition\Display.exe (American Power Conversion Corporation)
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Dell Network Assistant.lnk = C:\WINDOWS\Installer\{0240BDFB-2995-4A3F-8C96-18D41282B716}\Icon0240BDFB3.exe ()
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Intuit Data Protect.lnk = C:\Program Files\Common Files\Intuit\DataProtect\IntuitDataProtect.exe (Intuit Inc.)
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\QuickBooks Update Agent.lnk = C:\Program Files\Common Files\Intuit\QuickBooks\QBUpdate\qbupdate.exe (Intuit Inc.)
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\QuickBooks_Standard_21.lnk = C:\Program Files\Intuit\QuickBooks 2008\QBW32.EXE (Intuit Inc.)
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Yahoo! Autosync.lnk = C:\Program Files\Yahoo!\Yahoo! Autosync\AutosyncForYahoo.exe (Nokia Corporation.)
O4 - Startup: C:\Documents and Settings\Kathy\Start Menu\Programs\Startup\HP SimpleSave Monitor.lnk = C:\Documents and Settings\Kathy\Application Data\HP SimpleSave Application\StartHelper.exe ()
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoCDBurning = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O8 - Extra context menu item: Add to Google Photos Screensa&ver - C:\WINDOWS\System32\GPhotos.scr (Google Inc.)
O9 - Extra Button: Citi - {4C730913-3961-439b-83D5-F4E445520422} - C:\Program Files\Citi Virtual Account Numbers\CitiVAN.exe (Orbiscom Ltd. All rights reserved.)
O9 - Extra Button: Skype - {77BF5300-1474-4EC7-9980-D32B190E9B07} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Skype Technologies S.A.)
O9 - Extra 'Tools' menuitem : Spybot - Search && Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O16 - DPF: {00A7BD45-3D5C-11D4-BDA7-00C0F02C56AB} http://209.210.230.8...ages/DMWebX.ocx (DMSrvPushX Control)
O16 - DPF: {10DE6CF7-3E36-445B-985D-07603082B36B} https://forms.orefon...Loader_RMLS.CAB (FormLoader.Loader)
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} http://download.micr...heckControl.cab (Windows Genuine Advantage Validation Tool)
O16 - DPF: {30528230-99F7-4BB4-88D8-FA1D4F56A2AB} C:\Program Files\Yahoo!\Common\Yinsthelper.dll (Installation Support)
O16 - DPF: {7E980B9B-8AE5-466A-B6D6-DA8CF814E78A} http://www.shockwave...mjolauncher.cab (MJLauncherCtrl Class)
O16 - DPF: {7FE26BE2-B923-4B41-9834-E84DA1CC1F96} http://vsp.closetmai..._downloader.cab (Maid Control)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_22)
O16 - DPF: {CAFEEFAC-0015-0000-0006-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0016-0000-0003-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0016-0000-0004-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0016-0000-0005-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0016-0000-0017-ABCDEFFEDCBA} Reg Error: Value error. (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_22)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_22)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.m...ash/swflash.cab (Shockwave Flash Object)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{2BA3FC76-A180-4E3A-9A52-74FB1DE45414}: DhcpNameServer = 192.168.0.1 216.99.193.2
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{8BBE53FD-0E14-4D23-80EF-AB932D9DCB26}: DhcpNameServer = 192.168.0.1 216.99.193.2
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{984634FD-8A5B-4D18-BE6F-DC69DAF009D6}: NameServer = 205.171.3.65,205.171.2.65
O18 - Protocol\Handler\intu-help-qb4 {ACE22922-D07C-4860-B51B-8CF472FEC2CB} - C:\Program Files\Intuit\QuickBooks 2008\HelpAsyncPluggableProtocol.dll (Intuit, Inc.)
O18 - Protocol\Handler\mctp - No CLSID value found
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O20 - AppInit_DLLs: (WIKI.DLL) - File not found
O20 - HKLM Winlogon: Shell - (Explorer.exe) -C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\WINDOWS\system32\userinit.exe) -C:\WINDOWS\system32\userinit.exe (Microsoft Corporation)
O24 - Desktop WallPaper: C:\Documents and Settings\Kathy\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O24 - Desktop BackupWallPaper: C:\Documents and Settings\Kathy\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O28 - HKLM ShellExecuteHooks: {091EB208-39DD-417D-A5DD-7E2C2D8FB9CB} - C:\Program Files\Windows Defender\MpShHook.dll (Microsoft Corporation)
O28 - HKLM ShellExecuteHooks: {56F9679E-7826-4C84-81F3-532071A8BCC5} - C:\Program Files\Windows Desktop Search\MsnlNamespaceMgr.dll (Microsoft Corporation)
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2004/08/10 11:04:08 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O32 - AutoRun File - [2009/06/12 14:56:58 | 000,000,030 | RH-- | M] () - I:\autorun.inf -- [ CDFS ]
O32 - AutoRun File - [2006/07/14 12:04:48 | 000,000,011 | ---- | M] () - J:\AUTOEXEC.BAT -- [ NTFS ]
O32 - AutoRun File - [2009/06/01 10:55:11 | 000,000,038 | -H-- | M] () - J:\autorun.inf -- [ NTFS ]
O33 - MountPoints2\{3c4bef26-cd44-11dd-b317-000fb388b7d1}\Shell - "" = AutoRun
O33 - MountPoints2\{3c4bef26-cd44-11dd-b317-000fb388b7d1}\Shell\AutoRun - "" = Auto&Play
O33 - MountPoints2\{3c4bef26-cd44-11dd-b317-000fb388b7d1}\Shell\AutoRun\command - "" = J:\LaunchU3.exe -a
O33 - MountPoints2\{64ce6971-f34b-11df-b3aa-001aa093ddf9}\Shell - "" = AutoRun
O33 - MountPoints2\{64ce6971-f34b-11df-b3aa-001aa093ddf9}\Shell\AutoRun - "" = Auto&Play
O33 - MountPoints2\{64ce6971-f34b-11df-b3aa-001aa093ddf9}\Shell\AutoRun\command - "" = J:\setup.exe -a
O33 - MountPoints2\{97bf4e7d-0344-11de-b327-000fb388b7d1}\Shell - "" = AutoRun
O33 - MountPoints2\{97bf4e7d-0344-11de-b327-000fb388b7d1}\Shell\AutoRun - "" = Auto&Play
O33 - MountPoints2\{97bf4e7d-0344-11de-b327-000fb388b7d1}\Shell\AutoRun\command - "" = K:\LaunchU3.exe -a
O33 - MountPoints2\{e1c59d8f-e157-11e0-b3ed-001aa093ddf9}\Shell - "" = AutoRun
O33 - MountPoints2\{e1c59d8f-e157-11e0-b3ed-001aa093ddf9}\Shell\AutoRun - "" = Auto&Play
O33 - MountPoints2\{e1c59d8f-e157-11e0-b3ed-001aa093ddf9}\Shell\AutoRun\command - "" = I:\HPLauncher.exe -- [2009/05/18 10:46:50 | 000,565,248 | R--- | M] ()
O33 - MountPoints2\J\Shell - "" = AutoRun
O33 - MountPoints2\J\Shell\AutoRun - "" = Auto&Play
O33 - MountPoints2\J\Shell\AutoRun\command - "" = J:\LaunchU3.exe -a
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
========== Files/Folders - Created Within 30 Days ==========
[2011/10/07 12:46:24 | 001,558,320 | ---- | C] (Kaspersky Lab ZAO) -- C:\Documents and Settings\Kathy\Desktop\TDSSKiller.exe
[2011/10/07 10:37:00 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Kathy\Desktop\GooredFix Backups
[2011/09/23 10:58:21 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\HPSS
[2011/09/23 10:54:03 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Kathy\Application Data\HP SimpleSave Application
[2011/09/23 10:54:00 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Kathy\Application Data\HPSS
[2011/09/20 10:04:11 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Lexmark Pro800-Pro900 Series
[2011/09/16 10:44:27 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Kathy\Local Settings\Application Data\Intuit_Inc
[2011/09/08 22:45:28 | 000,000,000 | ---D | C] -- C:\VRZ_A956_2.4.33_1FF_01
[2011/09/08 22:09:27 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\7-Zip
[2011/09/08 22:09:23 | 000,000,000 | ---D | C] -- C:\Program Files\7-Zip
[2011/09/08 12:02:54 | 000,025,856 | ---- | C] (Motorola) -- C:\WINDOWS\System32\drivers\motoandroid.sys
[2011/09/08 12:02:50 | 000,023,424 | ---- | C] (Motorola) -- C:\WINDOWS\System32\drivers\Motousbnet.sys
[2011/09/08 12:02:50 | 000,006,016 | ---- | C] (Motorola Inc) -- C:\WINDOWS\System32\drivers\motfilt.sys
[2011/09/08 12:02:44 | 000,024,064 | ---- | C] (Motorola) -- C:\WINDOWS\System32\drivers\motmodem.sys
[2011/09/08 12:02:39 | 000,020,480 | ---- | C] (Motorola) -- C:\WINDOWS\System32\drivers\motccgp.sys
[2011/09/08 12:02:39 | 000,008,320 | ---- | C] (Motorola) -- C:\WINDOWS\System32\drivers\motccgpfl.sys
[2011/09/08 12:02:39 | 000,006,400 | ---- | C] (Motorola) -- C:\WINDOWS\System32\drivers\motswch.sys
[2011/09/08 12:02:21 | 000,042,752 | ---- | C] (Motorola Inc) -- C:\WINDOWS\System32\drivers\motodrv.sys
[2011/09/08 12:02:21 | 000,015,616 | ---- | C] (Motorola) -- C:\WINDOWS\System32\mot_ci.dll
[2011/09/08 11:58:28 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Motorola
[2011/08/21 11:27:56 | 000,442,368 | ---- | C] ( ) -- C:\WINDOWS\System32\lxeccoin.dll
[2011/08/21 11:23:13 | 000,847,872 | ---- | C] ( ) -- C:\WINDOWS\System32\lxecusb1.dll
[2011/08/21 11:23:13 | 000,364,544 | ---- | C] ( ) -- C:\WINDOWS\System32\lxecinpa.dll
[2011/08/21 11:23:13 | 000,356,352 | ---- | C] ( ) -- C:\WINDOWS\System32\LXEChcp.dll
[2011/08/21 11:23:13 | 000,344,064 | ---- | C] ( ) -- C:\WINDOWS\System32\lxeciesc.dll
[2011/08/21 11:23:12 | 001,048,576 | ---- | C] ( ) -- C:\WINDOWS\System32\lxecserv.dll
[2011/08/21 11:23:12 | 000,643,072 | ---- | C] ( ) -- C:\WINDOWS\System32\lxecpmui.dll
[2011/08/21 11:23:12 | 000,577,536 | ---- | C] ( ) -- C:\WINDOWS\System32\lxeclmpm.dll
[2011/08/21 11:23:11 | 000,324,264 | ---- | C] ( ) -- C:\WINDOWS\System32\lxecih.exe
[2011/08/21 11:23:10 | 000,688,128 | ---- | C] ( ) -- C:\WINDOWS\System32\lxechbn3.dll
[2011/08/21 11:23:09 | 000,802,816 | ---- | C] ( ) -- C:\WINDOWS\System32\lxeccomc.dll
[2011/08/21 11:23:09 | 000,598,696 | ---- | C] ( ) -- C:\WINDOWS\System32\lxeccoms.exe
[2011/08/21 11:23:09 | 000,372,736 | ---- | C] ( ) -- C:\WINDOWS\System32\lxeccomm.dll
[2011/08/21 11:23:08 | 000,373,416 | ---- | C] ( ) -- C:\WINDOWS\System32\lxeccfg.exe
[2007/11/05 20:53:57 | 000,950,272 | ---- | C] ( ) -- C:\WINDOWS\System32\dldfusb1.dll
[2007/11/05 20:53:57 | 000,434,176 | ---- | C] ( ) -- C:\WINDOWS\System32\dldfhcp.dll
[2007/11/05 20:53:57 | 000,356,352 | ---- | C] ( ) -- C:\WINDOWS\System32\dldfinpa.dll
[2007/11/05 20:53:57 | 000,339,968 | ---- | C] ( ) -- C:\WINDOWS\System32\dldfiesc.dll
[2007/11/05 20:53:56 | 001,200,128 | ---- | C] ( ) -- C:\WINDOWS\System32\dldfserv.dll
[2007/11/05 20:53:55 | 000,647,168 | ---- | C] ( ) -- C:\WINDOWS\System32\dldfpmui.dll
[2007/11/05 20:53:55 | 000,565,248 | ---- | C] ( ) -- C:\WINDOWS\System32\dldflmpm.dll
[2007/11/05 20:53:55 | 000,053,248 | ---- | C] ( ) -- C:\WINDOWS\System32\dldfprox.dll
[2007/11/05 20:53:54 | 000,320,136 | ---- | C] ( ) -- C:\WINDOWS\System32\dldfih.exe
[2007/11/05 20:53:53 | 000,663,552 | ---- | C] ( ) -- C:\WINDOWS\System32\dldfhbn3.dll
[2007/11/05 20:53:52 | 000,598,664 | ---- | C] ( ) -- C:\WINDOWS\System32\dldfcoms.exe
[2007/11/05 20:53:51 | 000,860,160 | ---- | C] ( ) -- C:\WINDOWS\System32\dldfcomc.dll
[2007/11/05 20:53:51 | 000,365,192 | ---- | C] ( ) -- C:\WINDOWS\System32\dldfcfg.exe
[2007/11/05 20:53:51 | 000,364,544 | ---- | C] ( ) -- C:\WINDOWS\System32\dldfcomm.dll
[8 C:\Documents and Settings\All Users\*.tmp files -> C:\Documents and Settings\All Users\*.tmp -> ]
[2 C:\*.tmp files -> C:\*.tmp -> ]
[10 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
[1 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
========== Files - Modified Within 30 Days ==========
[2011/10/07 18:13:00 | 000,000,886 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
[2011/10/07 18:10:00 | 000,000,868 | ---- | M] () -- C:\WINDOWS\tasks\Google Software Updater.job
[2011/10/07 18:00:00 | 000,000,978 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-3374815200-2078185018-761824760-1006UA.job
[2011/10/07 16:48:08 | 000,000,330 | -H-- | M] () -- C:\WINDOWS\tasks\MP Scheduled Scan.job
[2011/10/07 16:02:29 | 000,010,728 | ---- | M] () -- C:\{26C24092-B088-4EF8-902B-444844C4ADEF}
[2011/10/07 13:07:40 | 001,922,048 | ---- | M] () -- C:\{AF50E1E0-7715-46CF-8CEC-69711B1455FE}
[2011/10/07 12:16:00 | 000,000,284 | ---- | M] () -- C:\WINDOWS\tasks\AppleSoftwareUpdate.job
[2011/10/07 11:57:27 | 000,000,296 | ---- | M] () -- C:\{61E73244-E6A3-4706-AC4C-FEA118B5B531}
[2011/10/07 10:40:45 | 001,558,320 | ---- | M] (Kaspersky Lab ZAO) -- C:\Documents and Settings\Kathy\Desktop\TDSSKiller.exe
[2011/10/07 00:46:00 | 000,000,926 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-3374815200-2078185018-761824760-1006Core1cc70563dcd8ce2.job
[2011/10/06 19:23:15 | 000,009,136 | ---- | M] () -- C:\{24B5DDEA-9F00-4DEE-9613-B0679247A052}
[2011/10/06 18:40:00 | 000,000,882 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore1cc6e90cc65c28e.job
[2011/10/06 13:47:22 | 000,001,376 | ---- | M] () -- C:\{9CBACB72-C9C1-45BE-9DFC-009C2A40761D}
[2011/10/06 13:40:47 | 000,000,296 | ---- | M] () -- C:\{4FC4A69F-2B08-459E-96C0-EBD4972F8DF3}
[2011/10/06 13:39:18 | 000,000,296 | ---- | M] () -- C:\{122146C9-3513-4481-AD49-47F848EEA08D}
[2011/10/06 11:03:23 | 000,002,448 | ---- | M] () -- C:\{7EED70E2-A0E2-42AA-A422-0AD3AB788934}
[2011/10/05 14:26:47 | 000,000,296 | ---- | M] () -- C:\{4F867343-0E18-47AB-8805-309897EA6689}
[2011/10/05 04:22:34 | 000,000,296 | ---- | M] () -- C:\{3039E611-7CD2-4021-8382-12D069D6B98A}
[2011/10/05 03:05:08 | 000,002,262 | ---- | M] () -- C:\Documents and Settings\Kathy\Application Data\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk
[2011/10/05 03:05:05 | 000,002,284 | ---- | M] () -- C:\Documents and Settings\Kathy\Desktop\Google Chrome.lnk
[2011/10/05 01:10:14 | 000,007,928 | ---- | M] () -- C:\{2FE393BE-776E-412C-8E29-B55BE5F6799D}
[2011/10/05 01:10:14 | 000,002,448 | ---- | M] () -- C:\{7709D819-AE28-44A1-8BA1-A6780F43C381}
[2011/10/04 18:52:30 | 000,002,448 | ---- | M] () -- C:\{AA03BB75-D476-47F4-9A74-43FE33050114}
[2011/10/04 06:11:22 | 000,035,544 | ---- | M] () -- C:\{D19E22EE-EF78-497A-B355-DE2DD6688D45}
[2011/10/04 01:09:29 | 000,035,544 | ---- | M] () -- C:\{ACC7C9F1-C9E5-4A6B-8F80-614DD76BF59C}
[2011/10/03 23:48:00 | 000,000,260 | ---- | M] () -- C:\WINDOWS\tasks\Disk Cleanup.job
[2011/10/03 20:04:49 | 000,000,288 | ---- | M] () -- C:\{6A158DC8-1FD3-4DCB-86BB-DCD3C2DCD6FC}
[2011/10/03 20:04:47 | 000,014,344 | ---- | M] () -- C:\{A3A90C59-2767-4D1E-A854-EEA19104BD92}
[2011/10/03 19:58:53 | 000,000,288 | ---- | M] () -- C:\{CAACAAF6-0C77-493D-A307-19399CF2100D}
[2011/10/03 19:56:08 | 000,000,288 | ---- | M] () -- C:\{CC8DEA04-30ED-4C94-B619-9C57585E9DF3}
[2011/10/03 19:55:02 | 000,000,288 | ---- | M] () -- C:\{07D2075A-4A81-4905-B121-0F640826AA24}
[2011/10/03 19:49:22 | 000,000,288 | ---- | M] () -- C:\{FF845C20-5132-41F3-8C14-0139B52E56DC}
[2011/10/03 18:04:15 | 000,000,288 | ---- | M] () -- C:\{8C924817-2BB2-4C92-8ED4-FB513283FA0C}
[2011/10/03 17:40:37 | 000,000,288 | ---- | M] () -- C:\{59DD765E-33E8-4036-BD24-C87C02BF58ED}
[2011/10/03 17:23:02 | 000,000,288 | ---- | M] () -- C:\{2F12235D-B5BC-4681-8B51-176C675FD956}
[2011/10/03 12:55:41 | 000,000,288 | ---- | M] () -- C:\{158B9E29-0F8C-41D6-8C26-A95109EC0D0F}
[2011/10/01 23:26:02 | 000,002,448 | ---- | M] () -- C:\{42B8E2EE-31DB-4EE5-8E2B-21C2D3EB81FC}
[2011/09/30 18:34:03 | 000,000,296 | ---- | M] () -- C:\{30D24D8E-FBE3-485B-8E77-E915B4A68270}
[2011/09/30 18:34:00 | 000,014,344 | ---- | M] () -- C:\{A96148D0-8DB7-4CD9-BE92-A84BE1025864}
[2011/09/30 18:30:13 | 000,000,296 | ---- | M] () -- C:\{29008C19-D8D7-4876-903A-0B483CD392D3}
[2011/09/30 18:22:28 | 000,000,288 | ---- | M] () -- C:\{70FDB491-6502-4B76-AFFD-A090AC096EAE}
[2011/09/30 18:14:20 | 000,000,288 | ---- | M] () -- C:\{A7DB542F-9F00-4D0E-B5FB-A4B7A4889A51}
[2011/09/29 15:07:04 | 000,002,448 | ---- | M] () -- C:\{2B9011EF-3955-448F-B38D-9095C9358926}
[2011/09/29 14:35:41 | 000,000,288 | ---- | M] () -- C:\{B26206A1-7B47-4B77-A04E-393A1879AA5B}
[2011/09/29 14:28:13 | 000,000,288 | ---- | M] () -- C:\{93B3FB39-3F4F-453E-8D82-C5534E86906E}
[2011/09/29 14:26:57 | 000,000,288 | ---- | M] () -- C:\{640CAD3E-2D56-4247-B60E-B354DAEA42AC}
[2011/09/29 14:26:54 | 000,009,352 | ---- | M] () -- C:\{F313A9B1-CAFB-4D96-8537-FC9D6C582945}
[2011/09/27 17:37:36 | 000,002,448 | ---- | M] () -- C:\{F7CEF049-C474-4FC9-8A10-8634C2E2E1C8}
[2011/09/26 12:08:01 | 000,000,288 | ---- | M] () -- C:\{64FC40D4-0248-4B25-BAA6-D603C38E423F}
[2011/09/26 11:38:10 | 000,002,448 | ---- | M] () -- C:\{C37B45C9-5842-4D11-A872-BAB20B4D46B0}
[2011/09/23 17:52:53 | 000,009,072 | ---- | M] () -- C:\{7B0C592A-C011-41B7-8329-C86935BA6D45}
[2011/09/23 11:28:54 | 000,004,776 | ---- | M] () -- C:\{5F53F71B-E18E-4F99-BC75-2360A5AC1340}
[2011/09/23 11:01:56 | 000,001,956 | ---- | M] () -- C:\Documents and Settings\Kathy\Start Menu\Programs\Startup\HP SimpleSave Monitor.lnk
[2011/09/23 10:40:46 | 000,002,448 | ---- | M] () -- C:\{5F86BF88-787D-4E15-92A8-710626590AC9}
[2011/09/23 10:07:34 | 000,000,296 | ---- | M] () -- C:\{8EAF3D76-35ED-4E2E-8C11-C114CC49A5E5}
[2011/09/23 10:06:01 | 000,000,288 | ---- | M] () -- C:\{20968484-0983-42A7-8DFA-974BF20124B2}
[2011/09/22 23:26:33 | 000,000,296 | ---- | M] () -- C:\{CDE8B153-9F53-4674-B83A-C60D6AA97052}
[2011/09/22 23:26:30 | 000,000,672 | ---- | M] () -- C:\{0E7569C3-5707-4AEE-99A7-38AD21ECFFE1}
[2011/09/22 23:22:36 | 000,000,296 | ---- | M] () -- C:\{50443CC1-4CEF-4C4A-A77F-12A8689B1B45}
[2011/09/22 23:19:33 | 000,000,288 | ---- | M] () -- C:\{FDCA4C37-9051-450A-AEC1-A1C60F1F1E16}
[2011/09/22 23:02:43 | 000,000,288 | ---- | M] () -- C:\{ED84564A-C2C0-4258-923F-A98432297A3A}
[2011/09/22 17:40:05 | 000,000,288 | ---- | M] () -- C:\{396C9EDD-C9D8-4562-AB48-DE57323078A7}
[2011/09/22 13:59:30 | 000,002,608 | ---- | M] () -- C:\{B34817A0-AC57-4598-A245-6722F27E2445}
[2011/09/22 12:30:37 | 000,000,288 | ---- | M] () -- C:\{0D18B13D-FF11-49C3-9A6A-FD8254DB58A1}
[2011/09/22 11:43:39 | 000,002,088 | ---- | M] () -- C:\{E8D61894-0F09-46FE-BC97-8F1C9294B615}
[2011/09/22 08:48:11 | 000,002,456 | ---- | M] () -- C:\{C3789E8B-8BE8-4A3A-B738-CE6982D43B3D}
[2011/09/16 18:47:30 | 000,003,072 | ---- | M] () -- C:\Documents and Settings\Kathy\Cache.db
[2011/09/16 17:53:21 | 000,002,333 | ---- | M] () -- C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Dell Network Assistant.lnk
[2011/09/16 17:49:00 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2011/09/16 17:48:55 | 1071,824,896 | -HS- | M] () -- C:\hiberfil.sys
[2011/09/16 11:05:50 | 000,012,360 | ---- | M] () -- C:\{0866507E-4E25-49A0-94DC-387E9023A637}
[2011/09/15 05:19:28 | 000,001,374 | ---- | M] () -- C:\WINDOWS\imsins.BAK
[2011/09/13 08:01:32 | 000,000,288 | ---- | M] () -- C:\{6601C554-09D7-4FC8-B312-3E0B607024A6}
[2011/09/10 11:57:09 | 000,000,288 | ---- | M] () -- C:\{09563A29-EAA2-4C6A-BDFA-2D59FC51C316}
[2011/09/10 11:51:09 | 000,001,512 | ---- | M] () -- C:\{47FE058D-7C3E-45B6-B8BA-895E8B1216CF}
[2011/09/09 22:41:58 | 000,008,568 | ---- | M] () -- C:\{2221B0BB-DAE1-4992-864C-DCB875154AF0}
[2011/09/09 22:39:17 | 000,008,560 | ---- | M] () -- C:\{F8F1D4A6-E39F-429D-B7D7-F7267F756413}
[2011/09/09 22:33:49 | 000,008,560 | ---- | M] () -- C:\{67552ECB-0D49-464C-B947-5207E291C768}
[2011/09/09 22:27:49 | 000,008,576 | ---- | M] () -- C:\{2B5D4A88-0606-4EFD-A112-B07713990EA9}
[2011/09/09 22:19:50 | 000,008,712 | ---- | M] () -- C:\{8D4A9B49-8CE9-450A-A703-5A9BD6B6758D}
[2011/09/09 22:17:47 | 000,009,400 | ---- | M] () -- C:\{62D6C976-4F4E-4D2E-8576-C4970EAC7FD8}
[2011/09/09 22:13:45 | 000,009,616 | ---- | M] () -- C:\{364211C2-EA5F-43C8-B553-E7DF4B5DFDE6}
[2011/09/08 23:15:14 | 000,002,313 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\RSD Lite.lnk
[2011/09/08 23:10:14 | 000,000,000 | -H-- | M] () -- C:\WINDOWS\System32\drivers\Msft_Kernel_motoandroid_01007.Wdf
[2011/09/08 23:08:00 | 000,000,000 | -H-- | M] () -- C:\WINDOWS\System32\drivers\UMDF\Msft_User_WpdMtpDr_01_00_00.Wdf
[2011/09/08 23:04:57 | 000,514,518 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
[2011/09/08 23:04:57 | 000,098,422 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
[2011/09/08 23:03:51 | 000,000,000 | -H-- | M] () -- C:\WINDOWS\System32\drivers\Msft_Kernel_motfilt_01007.Wdf
[2011/09/08 23:03:40 | 000,000,000 | -H-- | M] () -- C:\WINDOWS\System32\drivers\Msft_Kernel_Motousbnet_01007.Wdf
[2011/09/08 23:01:14 | 000,000,000 | -H-- | M] () -- C:\WINDOWS\System32\drivers\Msft_Kernel_motmodem_01007.Wdf
[2011/09/08 23:01:04 | 000,000,000 | -H-- | M] () -- C:\WINDOWS\System32\drivers\Msft_Kernel_motccgpfl_01007.Wdf
[2011/09/08 23:01:03 | 000,000,000 | -H-- | M] () -- C:\WINDOWS\System32\drivers\Msft_Kernel_motccgp_01007.Wdf
[2011/09/08 11:52:57 | 000,000,288 | ---- | M] () -- C:\{AF03D527-1A25-4441-8B8C-BDF3DB7C2858}
[2011/09/08 10:36:29 | 000,031,592 | ---- | M] () -- C:\{748EB044-6C17-4C8D-BB49-4B7ABCC44691}
[2011/09/08 10:13:03 | 000,031,432 | ---- | M] () -- C:\{28625D5A-2EAA-4C00-AE64-65DD1428A870}
[2011/09/08 10:11:31 | 000,031,840 | ---- | M] () -- C:\{21ECB2F6-2BA8-4FEF-AE40-54D14D14C4EF}
[8 C:\Documents and Settings\All Users\*.tmp files -> C:\Documents and Settings\All Users\*.tmp -> ]
[2 C:\*.tmp files -> C:\*.tmp -> ]
[10 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
[1 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
========== Files Created - No Company Name ==========
[2011/10/07 16:02:29 | 000,010,728 | ---- | C] () -- C:\{26C24092-B088-4EF8-902B-444844C4ADEF}
[2011/10/07 13:07:39 | 001,922,048 | ---- | C] () -- C:\{AF50E1E0-7715-46CF-8CEC-69711B1455FE}
[2011/10/07 11:57:27 | 000,000,296 | ---- | C] () -- C:\{61E73244-E6A3-4706-AC4C-FEA118B5B531}
[2011/10/06 19:23:15 | 000,009,136 | ---- | C] () -- C:\{24B5DDEA-9F00-4DEE-9613-B0679247A052}
[2011/10/06 13:47:22 | 000,001,376 | ---- | C] () -- C:\{9CBACB72-C9C1-45BE-9DFC-009C2A40761D}
[2011/10/06 13:40:47 | 000,000,296 | ---- | C] () -- C:\{4FC4A69F-2B08-459E-96C0-EBD4972F8DF3}
[2011/10/06 13:39:18 | 000,000,296 | ---- | C] () -- C:\{122146C9-3513-4481-AD49-47F848EEA08D}
[2011/10/06 11:03:23 | 000,002,448 | ---- | C] () -- C:\{7EED70E2-A0E2-42AA-A422-0AD3AB788934}
[2011/10/05 14:26:46 | 000,000,296 | ---- | C] () -- C:\{4F867343-0E18-47AB-8805-309897EA6689}
[2011/10/05 04:22:34 | 000,000,296 | ---- | C] () -- C:\{3039E611-7CD2-4021-8382-12D069D6B98A}
[2011/10/05 01:10:14 | 000,007,928 | ---- | C] () -- C:\{2FE393BE-776E-412C-8E29-B55BE5F6799D}
[2011/10/05 01:10:14 | 000,002,448 | ---- | C] () -- C:\{7709D819-AE28-44A1-8BA1-A6780F43C381}
[2011/10/04 18:52:30 | 000,002,448 | ---- | C] () -- C:\{AA03BB75-D476-47F4-9A74-43FE33050114}
[2011/10/04 06:11:22 | 000,035,544 | ---- | C] () -- C:\{D19E22EE-EF78-497A-B355-DE2DD6688D45}
[2011/10/04 01:09:29 | 000,035,544 | ---- | C] () -- C:\{ACC7C9F1-C9E5-4A6B-8F80-614DD76BF59C}
[2011/10/03 20:04:49 | 000,000,288 | ---- | C] () -- C:\{6A158DC8-1FD3-4DCB-86BB-DCD3C2DCD6FC}
[2011/10/03 20:04:47 | 000,014,344 | ---- | C] () -- C:\{A3A90C59-2767-4D1E-A854-EEA19104BD92}
[2011/10/03 19:58:53 | 000,000,288 | ---- | C] () -- C:\{CAACAAF6-0C77-493D-A307-19399CF2100D}
[2011/10/03 19:56:08 | 000,000,288 | ---- | C] () -- C:\{CC8DEA04-30ED-4C94-B619-9C57585E9DF3}
[2011/10/03 19:55:02 | 000,000,288 | ---- | C] () -- C:\{07D2075A-4A81-4905-B121-0F640826AA24}
[2011/10/03 19:49:22 | 000,000,288 | ---- | C] () -- C:\{FF845C20-5132-41F3-8C14-0139B52E56DC}
[2011/10/03 18:04:15 | 000,000,288 | ---- | C] () -- C:\{8C924817-2BB2-4C92-8ED4-FB513283FA0C}
[2011/10/03 17:40:37 | 000,000,288 | ---- | C] () -- C:\{59DD765E-33E8-4036-BD24-C87C02BF58ED}
[2011/10/03 17:23:02 | 000,000,288 | ---- | C] () -- C:\{2F12235D-B5BC-4681-8B51-176C675FD956}
[2011/10/03 12:55:41 | 000,000,288 | ---- | C] () -- C:\{158B9E29-0F8C-41D6-8C26-A95109EC0D0F}
[2011/10/01 23:26:02 | 000,002,448 | ---- | C] () -- C:\{42B8E2EE-31DB-4EE5-8E2B-21C2D3EB81FC}
[2011/09/30 18:34:03 | 000,000,296 | ---- | C] () -- C:\{30D24D8E-FBE3-485B-8E77-E915B4A68270}
[2011/09/30 18:33:59 | 000,014,344 | ---- | C] () -- C:\{A96148D0-8DB7-4CD9-BE92-A84BE1025864}
[2011/09/30 18:30:12 | 000,000,296 | ---- | C] () -- C:\{29008C19-D8D7-4876-903A-0B483CD392D3}
[2011/09/30 18:22:28 | 000,000,288 | ---- | C] () -- C:\{70FDB491-6502-4B76-AFFD-A090AC096EAE}
[2011/09/30 18:14:20 | 000,000,288 | ---- | C] () -- C:\{A7DB542F-9F00-4D0E-B5FB-A4B7A4889A51}
[2011/09/29 15:07:04 | 000,002,448 | ---- | C] () -- C:\{2B9011EF-3955-448F-B38D-9095C9358926}
[2011/09/29 14:35:41 | 000,000,288 | ---- | C] () -- C:\{B26206A1-7B47-4B77-A04E-393A1879AA5B}
[2011/09/29 14:28:13 | 000,000,288 | ---- | C] () -- C:\{93B3FB39-3F4F-453E-8D82-C5534E86906E}
[2011/09/29 14:26:57 | 000,000,288 | ---- | C] () -- C:\{640CAD3E-2D56-4247-B60E-B354DAEA42AC}
[2011/09/29 14:26:54 | 000,009,352 | ---- | C] () -- C:\{F313A9B1-CAFB-4D96-8537-FC9D6C582945}
[2011/09/27 17:37:36 | 000,002,448 | ---- | C] () -- C:\{F7CEF049-C474-4FC9-8A10-8634C2E2E1C8}
[2011/09/26 12:08:01 | 000,000,288 | ---- | C] () -- C:\{64FC40D4-0248-4B25-BAA6-D603C38E423F}
[2011/09/26 11:38:09 | 000,002,448 | ---- | C] () -- C:\{C37B45C9-5842-4D11-A872-BAB20B4D46B0}
[2011/09/23 17:52:53 | 000,009,072 | ---- | C] () -- C:\{7B0C592A-C011-41B7-8329-C86935BA6D45}
[2011/09/23 11:28:54 | 000,004,776 | ---- | C] () -- C:\{5F53F71B-E18E-4F99-BC75-2360A5AC1340}
[2011/09/23 11:00:59 | 000,001,956 | ---- | C] () -- C:\Documents and Settings\Kathy\Start Menu\Programs\Startup\HP SimpleSave Monitor.lnk
[2011/09/23 10:40:46 | 000,002,448 | ---- | C] () -- C:\{5F86BF88-787D-4E15-92A8-710626590AC9}
[2011/09/23 10:07:34 | 000,000,296 | ---- | C] () -- C:\{8EAF3D76-35ED-4E2E-8C11-C114CC49A5E5}
[2011/09/23 10:06:01 | 000,000,288 | ---- | C] () -- C:\{20968484-0983-42A7-8DFA-974BF20124B2}
[2011/09/22 23:26:33 | 000,000,296 | ---- | C] () -- C:\{CDE8B153-9F53-4674-B83A-C60D6AA97052}
[2011/09/22 23:26:30 | 000,000,672 | ---- | C] () -- C:\{0E7569C3-5707-4AEE-99A7-38AD21ECFFE1}
[2011/09/22 23:22:35 | 000,000,296 | ---- | C] () -- C:\{50443CC1-4CEF-4C4A-A77F-12A8689B1B45}
[2011/09/22 23:19:33 | 000,000,288 | ---- | C] () -- C:\{FDCA4C37-9051-450A-AEC1-A1C60F1F1E16}
[2011/09/22 23:02:43 | 000,000,288 | ---- | C] () -- C:\{ED84564A-C2C0-4258-923F-A98432297A3A}
[2011/09/22 17:40:04 | 000,000,288 | ---- | C] () -- C:\{396C9EDD-C9D8-4562-AB48-DE57323078A7}
[2011/09/22 13:59:29 | 000,002,608 | ---- | C] () -- C:\{B34817A0-AC57-4598-A245-6722F27E2445}
[2011/09/22 12:30:37 | 000,000,288 | ---- | C] () -- C:\{0D18B13D-FF11-49C3-9A6A-FD8254DB58A1}
[2011/09/22 11:43:38 | 000,002,088 | ---- | C] () -- C:\{E8D61894-0F09-46FE-BC97-8F1C9294B615}
[2011/09/22 08:48:11 | 000,002,456 | ---- | C] () -- C:\{C3789E8B-8BE8-4A3A-B738-CE6982D43B3D}
[2011/09/16 11:05:49 | 000,012,360 | ---- | C] () -- C:\{0866507E-4E25-49A0-94DC-387E9023A637}
[2011/09/15 09:14:27 | 000,002,347 | ---- | C] () -- C:\Documents and Settings\All Users\Start Menu\Programs\Adobe Reader X.lnk
[2011/09/15 06:11:05 | 000,243,272 | ---- | C] () -- C:\Documents and Settings\LocalService\Local Settings\Application Data\FontCache3.0.0.0.dat
[2011/09/13 08:01:32 | 000,000,288 | ---- | C] () -- C:\{6601C554-09D7-4FC8-B312-3E0B607024A6}
[2011/09/11 00:41:39 | 000,000,926 | ---- | C] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-3374815200-2078185018-761824760-1006Core1cc70563dcd8ce2.job
[2011/09/10 11:56:59 | 000,000,288 | ---- | C] () -- C:\{09563A29-EAA2-4C6A-BDFA-2D59FC51C316}
[2011/09/10 11:51:09 | 000,001,512 | ---- | C] () -- C:\{47FE058D-7C3E-45B6-B8BA-895E8B1216CF}
[2011/09/09 22:41:58 | 000,008,568 | ---- | C] () -- C:\{2221B0BB-DAE1-4992-864C-DCB875154AF0}
[2011/09/09 22:39:15 | 000,008,560 | ---- | C] () -- C:\{F8F1D4A6-E39F-429D-B7D7-F7267F756413}
[2011/09/09 22:33:49 | 000,008,560 | ---- | C] () -- C:\{67552ECB-0D49-464C-B947-5207E291C768}
[2011/09/09 22:27:47 | 000,008,576 | ---- | C] () -- C:\{2B5D4A88-0606-4EFD-A112-B07713990EA9}
[2011/09/09 22:19:49 | 000,008,712 | ---- | C] () -- C:\{8D4A9B49-8CE9-450A-A703-5A9BD6B6758D}
[2011/09/09 22:17:46 | 000,009,400 | ---- | C] () -- C:\{62D6C976-4F4E-4D2E-8576-C4970EAC7FD8}
[2011/09/09 22:13:44 | 000,009,616 | ---- | C] () -- C:\{364211C2-EA5F-43C8-B553-E7DF4B5DFDE6}
[2011/09/08 23:10:14 | 000,000,000 | -H-- | C] () -- C:\WINDOWS\System32\drivers\Msft_Kernel_motoandroid_01007.Wdf
[2011/09/08 23:03:51 | 000,000,000 | -H-- | C] () -- C:\WINDOWS\System32\drivers\Msft_Kernel_motfilt_01007.Wdf
[2011/09/08 23:03:40 | 000,000,000 | -H-- | C] () -- C:\WINDOWS\System32\drivers\Msft_Kernel_Motousbnet_01007.Wdf
[2011/09/08 23:01:14 | 000,000,000 | -H-- | C] () -- C:\WINDOWS\System32\drivers\Msft_Kernel_motmodem_01007.Wdf
[2011/09/08 23:01:04 | 000,000,000 | -H-- | C] () -- C:\WINDOWS\System32\drivers\Msft_Kernel_motccgpfl_01007.Wdf
[2011/09/08 23:01:03 | 000,000,000 | -H-- | C] () -- C:\WINDOWS\System32\drivers\Msft_Kernel_motccgp_01007.Wdf
[2011/09/08 22:17:55 | 000,002,313 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\RSD Lite.lnk
[2011/09/08 22:17:55 | 000,001,904 | ---- | C] () -- C:\Documents and Settings\All Users\Start Menu\Programs\RSD Lite.lnk
[2011/09/08 18:35:47 | 000,000,882 | ---- | C] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore1cc6e90cc65c28e.job
[2011/09/08 11:52:56 | 000,000,288 | ---- | C] () -- C:\{AF03D527-1A25-4441-8B8C-BDF3DB7C2858}
[2011/09/08 10:36:28 | 000,031,592 | ---- | C] () -- C:\{748EB044-6C17-4C8D-BB49-4B7ABCC44691}
[2011/09/08 10:13:03 | 000,031,432 | ---- | C] () -- C:\{28625D5A-2EAA-4C00-AE64-65DD1428A870}
[2011/09/08 10:11:28 | 000,031,840 | ---- | C] () -- C:\{21ECB2F6-2BA8-4FEF-AE40-54D14D14C4EF}
[2011/08/21 11:27:59 | 000,040,960 | ---- | C] () -- C:\WINDOWS\System32\lxecvs.dll
[2011/08/21 11:27:46 | 000,086,016 | ---- | C] () -- C:\WINDOWS\System32\lxecgcfg.dll
[2011/08/21 11:27:45 | 000,294,912 | ---- | C] () -- C:\WINDOWS\System32\lxeccui.dll
[2011/08/21 11:27:45 | 000,110,592 | ---- | C] () -- C:\WINDOWS\System32\lxeccuir.dll
[2011/08/21 11:26:30 | 000,049,152 | ---- | C] () -- C:\WINDOWS\System32\LXECPMON.DLL
[2011/08/21 11:26:30 | 000,032,768 | ---- | C] () -- C:\WINDOWS\System32\LXECFXPU.DLL
[2011/08/21 11:26:10 | 004,485,120 | ---- | C] () -- C:\WINDOWS\System32\LXECoem.dll
[2011/08/21 11:23:42 | 000,000,044 | -H-- | C] () -- C:\WINDOWS\System32\lxecrwrd.ini
[2011/08/21 11:23:14 | 000,331,776 | ---- | C] () -- C:\WINDOWS\System32\LXECinst.dll
[2011/08/21 11:23:11 | 000,323,584 | ---- | C] () -- C:\WINDOWS\System32\lxecins.dll
[2011/08/21 11:23:11 | 000,262,144 | ---- | C] () -- C:\WINDOWS\System32\lxecinsb.dll
[2011/08/21 11:23:11 | 000,106,496 | ---- | C] () -- C:\WINDOWS\System32\lxecinsr.dll
[2011/08/21 11:23:11 | 000,057,344 | ---- | C] () -- C:\WINDOWS\System32\lxecjswr.dll
[2011/08/21 11:23:10 | 000,208,896 | ---- | C] () -- C:\WINDOWS\System32\lxecgrd.dll
[2011/08/21 11:23:10 | 000,090,112 | ---- | C] () -- C:\WINDOWS\System32\lxeccub.dll
[2011/08/21 11:23:09 | 000,253,952 | ---- | C] () -- C:\WINDOWS\System32\lxeccu.dll
[2011/08/21 11:23:09 | 000,036,864 | ---- | C] () -- C:\WINDOWS\System32\lxeccur.dll
[2011/08/21 11:04:47 | 000,023,552 | ---- | C] () -- C:\WINDOWS\System32\LXECsmr.dll
[2011/08/21 11:04:45 | 000,299,008 | ---- | C] () -- C:\WINDOWS\System32\LXECsm.dll
[2011/06/08 07:56:54 | 000,000,090 | ---- | C] () -- C:\WINDOWS\QBChanUtil_Trigger.ini
[2011/03/11 04:25:03 | 000,000,088 | ---- | C] () -- C:\Documents and Settings\Kathy\Application Data\usb.inf
[2011/01/03 09:55:14 | 000,000,028 | ---- | C] () -- C:\WINDOWS\ODBC.INI
[2010/11/20 23:36:47 | 000,038,481 | ---- | C] () -- C:\Documents and Settings\Kathy\Application Data\Comma Separated Values (Windows).ADR
[2010/09/13 21:58:39 | 000,000,240 | ---- | C] () -- C:\Documents and Settings\Kathy\Application Data\wklnhst.dat
[2010/09/13 19:59:14 | 000,040,960 | ---- | C] () -- C:\WINDOWS\System32\F5D9050.dll
[2010/08/05 08:22:25 | 000,000,664 | ---- | C] () -- C:\WINDOWS\System32\d3d9caps.dat
[2010/03/03 14:13:29 | 000,000,000 | ---- | C] () -- C:\Documents and Settings\Kathy\Local Settings\Application Data\prvlcl.dat
[2009/01/08 23:10:21 | 000,000,056 | -H-- | C] () -- C:\WINDOWS\System32\ezsidmv.dat
[2009/01/08 20:45:11 | 000,010,283 | ---- | C] () -- C:\Documents and Settings\Kathy\Application Data\Comma Separated Values (Windows).CAL
[2008/12/19 11:35:58 | 000,000,069 | ---- | C] () -- C:\WINDOWS\NeroDigital.ini
[2008/05/26 22:59:42 | 000,018,904 | ---- | C] () -- C:\WINDOWS\System32\structuredqueryschematrivial.bin
[2008/05/26 22:59:40 | 000,106,605 | ---- | C] () -- C:\WINDOWS\System32\structuredqueryschema.bin
[2008/04/02 16:13:28 | 000,056,056 | ---- | C] () -- C:\WINDOWS\System32\DLAAPI_W.DLL
[2008/03/26 12:46:38 | 000,001,745 | ---- | C] () -- C:\Documents and Settings\All Users\Application Data\QTSBandwidthCache
[2008/03/03 10:25:52 | 000,001,158 | ---- | C] () -- C:\WINDOWS\mozver.dat
[2008/02/29 11:42:07 | 000,000,000 | ---- | C] () -- C:\WINDOWS\nsreg.dat
[2007/12/27 15:47:31 | 000,000,032 | ---- | C] () -- C:\Documents and Settings\All Users\Application Data\ezsid.dat
[2007/12/14 18:49:44 | 000,000,256 | ---- | C] () -- C:\WINDOWS\System32\pool.bin
[2007/11/14 12:21:13 | 000,002,828 | -HS- | C] () -- C:\WINDOWS\System32\KGyGaAvL.sys
[2007/11/14 12:21:13 | 000,000,088 | RHS- | C] () -- C:\WINDOWS\System32\D9351C0789.sys
[2007/11/13 19:54:45 | 000,002,528 | ---- | C] () -- C:\Documents and Settings\Kathy\Application Data\$_hpcst$.hpc
[2007/11/07 23:20:24 | 000,015,872 | ---- | C] () -- C:\Documents and Settings\Kathy\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2007/11/05 21:01:26 | 000,040,960 | ---- | C] () -- C:\WINDOWS\System32\dldfvs.dll
[2007/11/05 21:01:21 | 000,348,160 | ---- | C] () -- C:\WINDOWS\System32\dldfcoin.dll
[2007/11/05 21:00:55 | 000,692,224 | ---- | C] () -- C:\WINDOWS\System32\dldfdrs.dll
[2007/11/05 21:00:55 | 000,065,536 | ---- | C] () -- C:\WINDOWS\System32\dldfcaps.dll
[2007/11/05 21:00:54 | 000,069,632 | ---- | C] () -- C:\WINDOWS\System32\dldfcnv4.dll
[2007/11/05 20:58:19 | 000,045,056 | ---- | C] () -- C:\WINDOWS\System32\DLDFPMON.DLL
[2007/11/05 20:58:19 | 000,032,768 | ---- | C] () -- C:\WINDOWS\System32\DLDFFXPU.DLL
[2007/11/05 20:57:59 | 000,049,152 | ---- | C] () -- C:\WINDOWS\System32\dldfoem.dll
[2007/11/05 20:57:59 | 000,012,288 | ---- | C] () -- C:\WINDOWS\System32\DLDFPMRC.DLL
[2007/11/05 20:53:58 | 000,348,160 | ---- | C] () -- C:\WINDOWS\System32\dldfinst.dll
[2007/11/05 20:53:57 | 000,499,712 | ---- | C] () -- C:\WINDOWS\System32\dldfutil.dll
[2007/11/05 20:53:54 | 000,176,128 | ---- | C] () -- C:\WINDOWS\System32\dldfinsb.dll
[2007/11/05 20:53:54 | 000,176,128 | ---- | C] () -- C:\WINDOWS\System32\dldfins.dll
[2007/11/05 20:53:54 | 000,143,360 | ---- | C] () -- C:\WINDOWS\System32\dldfjswr.dll
[2007/11/05 20:53:54 | 000,106,496 | ---- | C] () -- C:\WINDOWS\System32\dldfinsr.dll
[2007/11/05 20:53:53 | 000,208,896 | ---- | C] () -- C:\WINDOWS\System32\dldfgrd.dll
[2007/11/05 20:53:52 | 000,086,016 | ---- | C] () -- C:\WINDOWS\System32\dldfcub.dll
[2007/11/05 20:53:52 | 000,077,824 | ---- | C] () -- C:\WINDOWS\System32\dldfcu.dll
[2007/11/05 20:53:52 | 000,036,864 | ---- | C] () -- C:\WINDOWS\System32\dldfcur.dll
[2007/11/05 20:53:50 | 000,077,906 | ---- | C] () -- C:\WINDOWS\System32\dldfcfg.dll
[2007/11/05 20:31:44 | 000,008,704 | ---- | C] () -- C:\WINDOWS\System32\CNMVS75.DLL
[2007/11/05 20:29:31 | 000,000,128 | ---- | C] () -- C:\Documents and Settings\Kathy\Local Settings\Application Data\fusioncache.dat
[2007/10/22 21:36:20 | 000,000,061 | ---- | C] () -- C:\WINDOWS\smscfg.ini
[2007/10/22 21:33:28 | 000,000,859 | ---- | C] () -- C:\WINDOWS\{0240BDFB-2995-4A3F-8C96-18D41282B716}_WiseFW.ini
[2007/10/22 21:28:54 | 000,000,284 | ---- | C] () -- C:\WINDOWS\wininit.ini
[2007/10/22 21:02:12 | 000,129,112 | ---- | C] () -- C:\WINDOWS\System32\atiicdxx.dat
[2007/10/22 21:01:57 | 000,077,824 | ---- | C] () -- C:\WINDOWS\setpwr32.exe
[2007/10/22 21:00:45 | 000,001,124 | ---- | C] () -- C:\WINDOWS\System32\OEMINFO.INI
[2007/09/27 11:51:02 | 000,020,698 | ---- | C] () -- C:\WINDOWS\System32\idxcntrs.ini
[2007/09/27 11:48:48 | 000,030,628 | ---- | C] () -- C:\WINDOWS\System32\gsrvctr.ini
[2007/09/27 11:48:28 | 000,031,698 | ---- | C] () -- C:\WINDOWS\System32\gthrctr.ini
[2007/08/06 16:22:15 | 000,000,000 | ---- | C] () -- C:\WINDOWS\System32\px.ini
[2006/11/02 21:40:12 | 000,174,656 | ---- | C] () -- C:\WINDOWS\System32\PSIService.exe
[2006/09/16 23:36:50 | 000,520,192 | ---- | C] () -- C:\WINDOWS\System32\CddbPlaylist2Roxio.dll
[2006/09/16 23:36:50 | 000,204,800 | ---- | C] () -- C:\WINDOWS\System32\CddbFileTaggerRoxio.dll
[2004/08/10 11:12:05 | 000,000,780 | ---- | C] () -- C:\WINDOWS\orun32.ini
[2004/08/10 11:07:31 | 000,002,048 | --S- | C] () -- C:\WINDOWS\bootstat.dat
[2004/08/10 11:02:15 | 000,021,640 | ---- | C] () -- C:\WINDOWS\System32\emptyregdb.dat
[2004/08/10 11:01:18 | 000,001,793 | ---- | C] () -- C:\WINDOWS\System32\fxsperf.ini
[2004/08/10 10:57:52 | 000,004,161 | ---- | C] () -- C:\WINDOWS\ODBCINST.INI
[2004/08/10 10:57:15 | 000,356,160 | ---- | C] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2004/08/10 10:51:21 | 000,004,569 | ---- | C] () -- C:\WINDOWS\System32\secupd.dat
[2004/08/10 10:51:20 | 000,514,518 | ---- | C] () -- C:\WINDOWS\System32\perfh009.dat
[2004/08/10 10:51:20 | 000,272,128 | ---- | C] () -- C:\WINDOWS\System32\perfi009.dat
[2004/08/10 10:51:20 | 000,098,422 | ---- | C] () -- C:\WINDOWS\System32\perfc009.dat
[2004/08/10 10:51:20 | 000,028,626 | ---- | C] () -- C:\WINDOWS\System32\perfd009.dat
[2004/08/10 10:51:18 | 000,004,627 | ---- | C] () -- C:\WINDOWS\System32\oembios.dat
[2004/08/10 10:51:17 | 013,107,200 | ---- | C] () -- C:\WINDOWS\System32\oembios.bin
[2004/08/10 10:51:16 | 000,000,741 | ---- | C] () -- C:\WINDOWS\System32\noise.dat
[2004/08/10 10:51:12 | 000,673,088 | ---- | C] () -- C:\WINDOWS\System32\mlang.dat
[2004/08/10 10:51:11 | 000,046,258 | ---- | C] () -- C:\WINDOWS\System32\mib.bin
[2004/08/10 10:51:05 | 000,218,003 | ---- | C] () -- C:\WINDOWS\System32\dssec.dat
[2004/08/10 10:50:56 | 000,001,804 | ---- | C] () -- C:\WINDOWS\System32\dcache.bin
========== LOP Check ==========
[2007/11/05 20:57:52 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\948 Series
[2010/10/31 13:24:38 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Alwil Software
[2008/05/06 08:39:00 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\AVG7
[2010/10/31 13:01:17 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\avg9
[2007/11/05 20:31:46 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Application Data\CanonBJ
[2008/06/27 08:28:48 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\COMMON FILES
[2007/11/07 10:42:50 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Grisoft
[2009/11/21 14:11:11 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Installations
[2011/09/20 10:04:11 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Lexmark Pro800-Pro900 Series
[2010/10/31 12:32:04 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\MFAData
[2008/10/05 19:25:55 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\MumboJumbo
[2007/11/14 20:52:34 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Nokia
[2011/06/08 07:57:26 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Nuance
[2007/11/14 20:41:45 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\PC Suite
[2011/08/21 11:26:08 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Pro800-Pro900 Series
[2010/05/13 08:58:47 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Qwest
[2007/10/22 21:33:30 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\SingleClick Systems
[2011/06/08 11:48:09 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\SQL Anywhere 11
[2007/10/22 21:32:45 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\SupportSoft
[2011/09/27 16:04:03 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\TEMP
[2011/05/02 12:33:09 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Trusteer
[2010/10/27 11:30:57 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\{429CAD59-35B1-4DBC-BB6D-1DB246563521}
[2009/09/25 12:47:24 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\{755AC846-7372-4AC8-8550-C52491DAA8BD}
[2011/06/08 11:40:55 | 000,000,000 | -HSD | M] -- C:\Documents and Settings\Kathy\Application Data\.#
[2010/05/24 11:28:25 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Kathy\Application Data\948 Series
[2009/12/02 09:34:31 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Kathy\Application Data\AutoSync for Yahoo
[2007/11/07 10:45:17 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Kathy\Application Data\Grisoft
[2007/11/14 20:42:30 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Kathy\Application Data\Nokia
[2009/01/17 13:47:02 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Kathy\Application Data\PC Suite
[2011/09/06 20:35:27 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Kathy\Application Data\Pro800-Pro900 Series
[2009/11/22 22:15:42 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Kathy\Application Data\PushSyncData
[2008/03/05 11:51:02 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Kathy\Application Data\Shareaza
[2010/09/13 21:58:54 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Kathy\Application Data\Template
[2008/02/29 11:53:37 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Kathy\Application Data\Thunderbird
[2011/07/13 10:00:45 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Kathy\Application Data\Tific
[2011/05/03 11:27:30 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Kathy\Application Data\Trusteer
[2008/03/05 14:24:58 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Kathy\Application Data\uTorrent
[2009/11/14 11:12:08 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Kathy\Application Data\Windows Desktop Search
[2010/01/07 20:25:36 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Kathy\Application Data\Windows Search
[2011/10/03 23:48:00 | 000,000,260 | ---- | M] () -- C:\WINDOWS\Tasks\Disk Cleanup.job
[2011/10/07 16:48:08 | 000,000,330 | -H-- | M] () -- C:\WINDOWS\Tasks\MP Scheduled Scan.job
[2011/07/13 11:57:11 | 000,000,106 | ---- | M] () -- C:\WINDOWS\Tasks\UPS System Shutdown Program.job
========== Purity Check ==========
========== Alternate Data Streams ==========
@Alternate Data Stream - 76 bytes -> C:\Documents and Settings\Kathy\My Documents\OROQ06302009.pdf:Roxio EMC Stream
@Alternate Data Stream - 76 bytes -> C:\Documents and Settings\Kathy\My Documents\OROQ06302008.pdf:Roxio EMC Stream
@Alternate Data Stream - 76 bytes -> C:\Documents and Settings\Kathy\My Documents\OROQ03312009.pdf:Roxio EMC Stream
@Alternate Data Stream - 76 bytes -> C:\Documents and Settings\Kathy\My Documents\NUHIREOR06302009.pdf:Roxio EMC Stream
@Alternate Data Stream - 76 bytes -> C:\Documents and Settings\Kathy\My Documents\NUHIREOR03312009.pdf:Roxio EMC Stream
@Alternate Data Stream - 76 bytes -> C:\Documents and Settings\Kathy\My Documents\MiguelStyleNames REVISED 6-1.xls:Roxio EMC Stream
@Alternate Data Stream - 76 bytes -> C:\Documents and Settings\Kathy\My Documents\INWKS94106302009.pdf:Roxio EMC Stream
@Alternate Data Stream - 76 bytes -> C:\Documents and Settings\Kathy\My Documents\INWKS94106302008.pdf:Roxio EMC Stream
@Alternate Data Stream - 76 bytes -> C:\Documents and Settings\Kathy\My Documents\INWKS94103312009.pdf:Roxio EMC Stream
@Alternate Data Stream - 76 bytes -> C:\Documents and Settings\Kathy\My Documents\clatsop heating and cooling contact info.doc:Roxio EMC Stream
@Alternate Data Stream - 168 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:D287FACF
@Alternate Data Stream - 119 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:62E2D794
< End of report >
Sign In
Create Account
