Hi Ron,
Sorry it took so long for me to get back here. I had to uninstall Zonealarm because it had expired, and install Norton to keep Security on this machine. Norton promptly quarantined Combofix as a Trojan. It also quarantined vew.exe, but I reinstalled it.
I tried to get rid of some of the old stuff on the machine as you had recommended. I haven't deleted Hitman Pro as of yet, because I am trying to figure out my license key. I had bought a license for it, and I'm debating pursuing the malware issue with them. It bugs me about their lack of support for this product.
I also haven't deleted my old Adobe Acrobat stuff. I had consciously thought about not wanting all the extra bells and whistles when they had asked me to upgrade. However, if you think it is a security risk, I could delete the old and install the new versions.
Here is the first run of vew.exe:Vino's Event Viewer v01c run on Windows XP in English
Report run at 14/02/2012 2:35:15 PM
Note: All dates below are in the format dd/mm/yyyy
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
'System' Log - error Type
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Log: 'System' Date/Time: 14/02/2012 2:04:20 PM
Type: error Category: 0
Event: 7000 Source: Service Control Manager
The Automatic LiveUpdate Scheduler service failed to start due to the following error: The system cannot find the path specified.
Log: 'System' Date/Time: 10/02/2012 5:42:32 PM
Type: error Category: 0
Event: 7000 Source: Service Control Manager
The Automatic LiveUpdate Scheduler service failed to start due to the following error: The system cannot find the path specified.
Log: 'System' Date/Time: 10/02/2012 5:29:09 PM
Type: error Category: 0
Event: 7000 Source: Service Control Manager
The Automatic LiveUpdate Scheduler service failed to start due to the following error: The system cannot find the path specified.
Log: 'System' Date/Time: 10/02/2012 4:59:19 PM
Type: error Category: 0
Event: 7000 Source: Service Control Manager
The Automatic LiveUpdate Scheduler service failed to start due to the following error: The system cannot find the path specified.
Log: 'System' Date/Time: 10/02/2012 4:49:34 PM
Type: error Category: 0
Event: 7000 Source: Service Control Manager
The Automatic LiveUpdate Scheduler service failed to start due to the following error: The system cannot find the path specified.
Log: 'System' Date/Time: 08/02/2012 6:37:27 PM
Type: error Category: 0
Event: 7000 Source: Service Control Manager
The Automatic LiveUpdate Scheduler service failed to start due to the following error: The system cannot find the path specified.
Log: 'System' Date/Time: 08/02/2012 6:35:30 PM
Type: error Category: 0
Event: 11 Source: PlugPlayManager
The device Root\LEGACY_KL2\0000 disappeared from the system without first being prepared for removal.
Log: 'System' Date/Time: 08/02/2012 6:35:30 PM
Type: error Category: 0
Event: 11 Source: PlugPlayManager
The device Root\LEGACY_F-SECURE_STANDALONE_MINIFILTER\0000 disappeared from the system without first being prepared for removal.
Log: 'System' Date/Time: 08/02/2012 6:35:30 PM
Type: error Category: 0
Event: 11 Source: PlugPlayManager
The device Root\LEGACY_BW2NDIS5\0000 disappeared from the system without first being prepared for removal.
Log: 'System' Date/Time: 08/02/2012 6:27:13 PM
Type: error Category: 0
Event: 7034 Source: Service Control Manager
The Print Spooler service terminated unexpectedly. It has done this 1 time(s).
Log: 'System' Date/Time: 08/02/2012 6:27:13 PM
Type: error Category: 0
Event: 7034 Source: Service Control Manager
The Lavasoft Ad-Aware Service service terminated unexpectedly. It has done this 1 time(s).
Log: 'System' Date/Time: 08/02/2012 6:27:13 PM
Type: error Category: 0
Event: 7031 Source: Service Control Manager
The ZoneAlarm ForceField IswSvc service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 5000 milliseconds: Restart the service.
Log: 'System' Date/Time: 08/02/2012 6:27:13 PM
Type: error Category: 0
Event: 7031 Source: Service Control Manager
The Apple Mobile Device service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 60000 milliseconds: Restart the service.
Log: 'System' Date/Time: 08/02/2012 6:27:13 PM
Type: error Category: 0
Event: 7034 Source: Service Control Manager
The Machine Debug Manager service terminated unexpectedly. It has done this 1 time(s).
Log: 'System' Date/Time: 08/02/2012 6:27:13 PM
Type: error Category: 0
Event: 7034 Source: Service Control Manager
The Application Layer Gateway Service service terminated unexpectedly. It has done this 1 time(s).
Log: 'System' Date/Time: 08/02/2012 6:27:13 PM
Type: error Category: 0
Event: 7034 Source: Service Control Manager
The SupportSoft Sprocket Service (dellsupportcenter) service terminated unexpectedly. It has done this 1 time(s).
Log: 'System' Date/Time: 08/02/2012 6:27:13 PM
Type: error Category: 0
Event: 7034 Source: Service Control Manager
The NVIDIA Driver Helper Service service terminated unexpectedly. It has done this 1 time(s).
Log: 'System' Date/Time: 08/02/2012 6:27:13 PM
Type: error Category: 0
Event: 7034 Source: Service Control Manager
The Windows Installer service terminated unexpectedly. It has done this 1 time(s).
Log: 'System' Date/Time: 08/02/2012 6:27:13 PM
Type: error Category: 0
Event: 7034 Source: Service Control Manager
The iPod Service service terminated unexpectedly. It has done this 1 time(s).
Log: 'System' Date/Time: 08/02/2012 6:27:12 PM
Type: error Category: 0
Event: 7034 Source: Service Control Manager
The Java Quick Starter service terminated unexpectedly. It has done this 1 time(s).
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
'System' Log - warning Type
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Log: 'System' Date/Time: 10/02/2012 5:45:14 PM
Type: warning Category: 0
Event: 4 Source: E100B
Adapter Intel® PRO/100 VE Network Connection: Adapter Link Down
Log: 'System' Date/Time: 10/02/2012 4:59:29 PM
Type: warning Category: 0
Event: 4 Source: E100B
Adapter Intel® PRO/100 VE Network Connection: Adapter Link Down
Log: 'System' Date/Time: 10/02/2012 4:49:26 PM
Type: warning Category: 0
Event: 4 Source: E100B
Adapter Intel® PRO/100 VE Network Connection: Adapter Link Down
Log: 'System' Date/Time: 04/02/2012 3:39:05 PM
Type: warning Category: 0
Event: 1003 Source: Dhcp
Your computer was not able to renew its address from the network (from the DHCP Server) for the Network Card with network address 000CF1E6C026. The following error occurred: The semaphore timeout period has expired. . Your computer will continue to try and obtain an address on its own from the network address (DHCP) server.
Log: 'System' Date/Time: 04/02/2012 3:36:42 PM
Type: warning Category: 0
Event: 4 Source: E100B
Adapter Intel® PRO/100 VE Network Connection: Adapter Link Down
Log: 'System' Date/Time: 04/02/2012 3:32:48 PM
Type: warning Category: 0
Event: 4 Source: E100B
Adapter Intel® PRO/100 VE Network Connection: Adapter Link Down
Log: 'System' Date/Time: 03/02/2012 5:02:16 PM
Type: warning Category: 0
Event: 4 Source: E100B
Adapter Intel® PRO/100 VE Network Connection: Adapter Link Down
Log: 'System' Date/Time: 03/02/2012 4:45:49 PM
Type: warning Category: 0
Event: 1003 Source: Dhcp
Your computer was not able to renew its address from the network (from the DHCP Server) for the Network Card with network address 000CF1E6C026. The following error occurred: The semaphore timeout period has expired. . Your computer will continue to try and obtain an address on its own from the network address (DHCP) server.
Log: 'System' Date/Time: 03/02/2012 4:17:26 PM
Type: warning Category: 0
Event: 4 Source: E100B
Adapter Intel® PRO/100 VE Network Connection: Adapter Link Down
Log: 'System' Date/Time: 01/02/2012 5:48:22 PM
Type: warning Category: 0
Event: 4 Source: E100B
Adapter Intel® PRO/100 VE Network Connection: Adapter Link Down
Log: 'System' Date/Time: 31/01/2012 11:11:36 AM
Type: warning Category: 0
Event: 4 Source: E100B
Adapter Intel® PRO/100 VE Network Connection: Adapter Link Down
Log: 'System' Date/Time: 31/01/2012 10:40:40 AM
Type: warning Category: 0
Event: 20 Source: Print
Printer Driver Microsoft XPS Document Writer for Windows NT x86 Version-3 was added or updated. Files:- mxdwdrv.dll, unidrvui.dll, mxdwdui.gpd, unidrv.hlp, mxdwdui.dll, mxdwdui.ini, stddtype.gdl, stdnames.gpd, stdschem.gdl, stdschmx.gdl, unidrv.dll, unires.dll, XpsSvcs.dll.
Log: 'System' Date/Time: 30/01/2012 8:27:56 PM
Type: warning Category: 0
Event: 4 Source: E100B
Adapter Intel® PRO/100 VE Network Connection: Adapter Link Down
Log: 'System' Date/Time: 30/01/2012 5:45:36 PM
Type: warning Category: 0
Event: 20 Source: Print
Printer Driver Microsoft Office Document Image Writer Driver for Windows NT x86 Version-3 was added or updated. Files:- mdigraph.dll, mdiui.dll, mdiui.dll.
Log: 'System' Date/Time: 30/01/2012 5:45:35 PM
Type: warning Category: 0
Event: 3 Source: Print
Printer Microsoft Office Document Image Writer was deleted.
Log: 'System' Date/Time: 30/01/2012 5:45:34 PM
Type: warning Category: 0
Event: 4 Source: Print
Printer Microsoft Office Document Image Writer is pending deletion.
Log: 'System' Date/Time: 30/01/2012 3:21:08 PM
Type: warning Category: 0
Event: 3 Source: Print
Printer HP Officejet Pro L7600 Series fax was deleted.
Log: 'System' Date/Time: 30/01/2012 3:21:06 PM
Type: warning Category: 0
Event: 4 Source: Print
Printer HP Officejet Pro L7600 Series fax is pending deletion.
Log: 'System' Date/Time: 30/01/2012 3:21:05 PM
Type: warning Category: 0
Event: 3 Source: Print
Printer HP Officejet Pro L7600 Series was deleted.
Log: 'System' Date/Time: 30/01/2012 3:21:02 PM
Type: warning Category: 0
Event: 4 Source: Print
Printer HP Officejet Pro L7600 Series is pending deletion.
Here is the application run:Vino's Event Viewer v01c run on Windows XP in English
Report run at 14/02/2012 2:50:26 PM
Note: All dates below are in the format dd/mm/yyyy
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
'Application' Log - error Type
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Log: 'Application' Date/Time: 14/02/2012 2:24:29 PM
Type: error Category: 3
Event: 3024 Source: Windows Search Service
The update cannot be started because the content sources cannot be accessed. Fix the errors and try the update again.
Context: Windows Application, SystemIndex Catalog
Log: 'Application' Date/Time: 01/02/2012 7:25:10 PM
Type: error Category: 0
Event: 100 Source: Bonjour Service
Task Scheduling Error: m->NextScheduledSPRetry 618563
Log: 'Application' Date/Time: 01/02/2012 7:25:10 PM
Type: error Category: 0
Event: 100 Source: Bonjour Service
Task Scheduling Error: m->NextScheduledEvent 618563
Log: 'Application' Date/Time: 01/02/2012 7:25:10 PM
Type: error Category: 0
Event: 100 Source: Bonjour Service
Task Scheduling Error: Continuously busy for more than a second
Log: 'Application' Date/Time: 01/02/2012 7:14:55 PM
Type: error Category: 0
Event: 100 Source: Bonjour Service
Task Scheduling Error: m->NextScheduledSPRetry 4078
Log: 'Application' Date/Time: 01/02/2012 7:14:55 PM
Type: error Category: 0
Event: 100 Source: Bonjour Service
Task Scheduling Error: m->NextScheduledEvent 4078
Log: 'Application' Date/Time: 01/02/2012 7:14:55 PM
Type: error Category: 0
Event: 100 Source: Bonjour Service
Task Scheduling Error: Continuously busy for more than a second
Log: 'Application' Date/Time: 01/02/2012 7:14:53 PM
Type: error Category: 0
Event: 100 Source: Bonjour Service
Task Scheduling Error: m->NextScheduledSPRetry 2016
Log: 'Application' Date/Time: 01/02/2012 7:14:53 PM
Type: error Category: 0
Event: 100 Source: Bonjour Service
Task Scheduling Error: m->NextScheduledEvent 2016
Log: 'Application' Date/Time: 01/02/2012 7:14:53 PM
Type: error Category: 0
Event: 100 Source: Bonjour Service
Task Scheduling Error: Continuously busy for more than a second
Log: 'Application' Date/Time: 30/01/2012 4:26:17 PM
Type: error Category: 0
Event: 11 Source: crypt32
Failed extract of third-party root list from auto update cab at: <
http://www.download....uthrootstl.cab> with error: A required certificate is not within its validity period when verifying against the current system clock or the timestamp in the signed file.
Log: 'Application' Date/Time: 30/01/2012 4:26:17 PM
Type: error Category: 0
Event: 11 Source: crypt32
Failed extract of third-party root list from auto update cab at: <
http://www.download....uthrootstl.cab> with error: A required certificate is not within its validity period when verifying against the current system clock or the timestamp in the signed file.
Log: 'Application' Date/Time: 30/01/2012 3:15:22 PM
Type: error Category: 0
Event: 11706 Source: MsiInstaller
Product: Status -- Error 1706. An installation package for the product Status cannot be found. Try the installation again using a valid copy of the installation package 'status.msi'.
Log: 'Application' Date/Time: 30/01/2012 3:11:43 PM
Type: error Category: 0
Event: 11706 Source: MsiInstaller
Product: Status -- Error 1706. An installation package for the product Status cannot be found. Try the installation again using a valid copy of the installation package 'status.msi'.
Log: 'Application' Date/Time: 30/01/2012 3:03:51 PM
Type: error Category: 1
Event: 4126 Source: Ci
Cleaning up corrupt content index metadata on c:\system volume information\catalog.wci. Index will be automatically restored by refiltering all documents.
Log: 'Application' Date/Time: 30/01/2012 3:03:51 PM
Type: error Category: 1
Event: 4124 Source: Ci
Content index on c:\system volume information\catalog.wci is corrupt. Please shutdown and restart the Indexing Service (cisvc).
Log: 'Application' Date/Time: 30/01/2012 2:52:39 PM
Type: error Category: 0
Event: 11706 Source: MsiInstaller
Product: Status -- Error 1706. An installation package for the product Status cannot be found. Try the installation again using a valid copy of the installation package 'status.msi'.
Log: 'Application' Date/Time: 30/01/2012 2:49:10 PM
Type: error Category: 0
Event: 11706 Source: MsiInstaller
Product: Status -- Error 1706. An installation package for the product Status cannot be found. Try the installation again using a valid copy of the installation package 'status.msi'.
Log: 'Application' Date/Time: 30/01/2012 2:48:59 PM
Type: error Category: 0
Event: 11706 Source: MsiInstaller
Product: Status -- Error 1706. An installation package for the product Status cannot be found. Try the installation again using a valid copy of the installation package 'status.msi'.
Log: 'Application' Date/Time: 30/01/2012 2:47:38 PM
Type: error Category: 0
Event: 11706 Source: MsiInstaller
Product: Status -- Error 1706. An installation package for the product Status cannot be found. Try the installation again using a valid copy of the installation package 'status.msi'.
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
'Application' Log - warning Type
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Log: 'Application' Date/Time: 14/02/2012 2:24:28 PM
Type: warning Category: 3
Event: 3036 Source: Windows Search Service
The content source <outlookexpress://{s-1-5-21-3563590144-3547084082-725431379-1008}/{2c7a8cd0-78fa-427f-bf86-ae333a20dc52}/> cannot be accessed.
Context: Windows Application, SystemIndex Catalog
Details:
(0x81270005)
Log: 'Application' Date/Time: 14/02/2012 2:23:44 PM
Type: warning Category: 1
Event: 1008 Source: Windows Search Service
The Windows Search Service is attempting to remove the old catalog.
Log: 'Application' Date/Time: 08/02/2012 7:01:40 PM
Type: warning Category: 0
Event: 1517 Source: Userenv
Windows saved user 2ZPRR41\Chrissie registry while an application or service was still using the registry during log off. The memory used by the user's registry has not been freed. The registry will be unloaded when it is no longer in use. This is often caused by services running as a user account, try configuring the services to run in either the LocalService or NetworkService account.
Log: 'Application' Date/Time: 08/02/2012 6:36:01 PM
Type: warning Category: 0
Event: 1517 Source: Userenv
Windows saved user 2ZPRR41\Chrissie registry while an application or service was still using the registry during log off. The memory used by the user's registry has not been freed. The registry will be unloaded when it is no longer in use. This is often caused by services running as a user account, try configuring the services to run in either the LocalService or NetworkService account.
Log: 'Application' Date/Time: 08/02/2012 5:53:20 PM
Type: warning Category: 0
Event: 1517 Source: Userenv
Windows saved user 2ZPRR41\Chrissie registry while an application or service was still using the registry during log off. The memory used by the user's registry has not been freed. The registry will be unloaded when it is no longer in use. This is often caused by services running as a user account, try configuring the services to run in either the LocalService or NetworkService account.
Log: 'Application' Date/Time: 04/02/2012 4:24:03 PM
Type: warning Category: 0
Event: 1517 Source: Userenv
Windows saved user 2ZPRR41\Chrissie registry while an application or service was still using the registry during log off. The memory used by the user's registry has not been freed. The registry will be unloaded when it is no longer in use. This is often caused by services running as a user account, try configuring the services to run in either the LocalService or NetworkService account.
Log: 'Application' Date/Time: 04/02/2012 3:53:19 PM
Type: warning Category: 0
Event: 1517 Source: Userenv
Windows saved user 2ZPRR41\Chrissie registry while an application or service was still using the registry during log off. The memory used by the user's registry has not been freed. The registry will be unloaded when it is no longer in use. This is often caused by services running as a user account, try configuring the services to run in either the LocalService or NetworkService account.
Log: 'Application' Date/Time: 04/02/2012 3:24:26 PM
Type: warning Category: 0
Event: 1517 Source: Userenv
Windows saved user 2ZPRR41\Chrissie registry while an application or service was still using the registry during log off. The memory used by the user's registry has not been freed. The registry will be unloaded when it is no longer in use. This is often caused by services running as a user account, try configuring the services to run in either the LocalService or NetworkService account.
Log: 'Application' Date/Time: 03/02/2012 7:06:49 PM
Type: warning Category: 0
Event: 1517 Source: Userenv
Windows saved user 2ZPRR41\Chrissie registry while an application or service was still using the registry during log off. The memory used by the user's registry has not been freed. The registry will be unloaded when it is no longer in use. This is often caused by services running as a user account, try configuring the services to run in either the LocalService or NetworkService account.
Log: 'Application' Date/Time: 01/02/2012 7:42:55 PM
Type: warning Category: 0
Event: 1517 Source: Userenv
Windows saved user 2ZPRR41\Chrissie registry while an application or service was still using the registry during log off. The memory used by the user's registry has not been freed. The registry will be unloaded when it is no longer in use. This is often caused by services running as a user account, try configuring the services to run in either the LocalService or NetworkService account.
Log: 'Application' Date/Time: 01/02/2012 5:20:39 PM
Type: warning Category: 0
Event: 1517 Source: Userenv
Windows saved user 2ZPRR41\Chrissie registry while an application or service was still using the registry during log off. The memory used by the user's registry has not been freed. The registry will be unloaded when it is no longer in use. This is often caused by services running as a user account, try configuring the services to run in either the LocalService or NetworkService account.
Log: 'Application' Date/Time: 01/02/2012 4:08:19 PM
Type: warning Category: 0
Event: 1517 Source: Userenv
Windows saved user 2ZPRR41\Chrissie registry while an application or service was still using the registry during log off. The memory used by the user's registry has not been freed. The registry will be unloaded when it is no longer in use. This is often caused by services running as a user account, try configuring the services to run in either the LocalService or NetworkService account.
Log: 'Application' Date/Time: 01/02/2012 4:03:36 PM
Type: warning Category: 1
Event: 1020 Source: ASP.NET 2.0.50727.0
Updates to the IIS metabase were aborted because IIS is either not installed or is disabled on this machine. To configure ASP.NET to run in IIS, please install or enable IIS and re-register ASP.NET using aspnet_regiis.exe /i.
Log: 'Application' Date/Time: 01/02/2012 3:57:26 PM
Type: warning Category: 0
Event: 1021 Source: .NET Runtime
.NET Runtime version 2.0.50727.3625 - Executable "C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe" AppDomain "DefaultDomain" deleted obsolete native image "C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\mscorlib\44ecf972f11f3c238782da31f27df7e5\mscorlib.ni.dll"
Log: 'Application' Date/Time: 01/02/2012 3:56:48 PM
Type: warning Category: 0
Event: 1021 Source: .NET Runtime
.NET Runtime version 2.0.50727.3625 - Executable "c:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\RegSvcs.exe" AppDomain "RegSvcs.exe" deleted obsolete native image "C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System\6c9d830a0a73ef95247adf6dc3f8e8da\System.ni.dll"
Log: 'Application' Date/Time: 01/02/2012 3:56:35 PM
Type: warning Category: 1
Event: 1020 Source: ASP.NET 2.0.50727.0
Updates to the IIS metabase were aborted because IIS is either not installed or is disabled on this machine. To configure ASP.NET to run in IIS, please install or enable IIS and re-register ASP.NET using aspnet_regiis.exe /i.
Log: 'Application' Date/Time: 01/02/2012 3:50:18 PM
Type: warning Category: 1
Event: 1020 Source: ASP.NET 2.0.50727.0
Updates to the IIS metabase were aborted because IIS is either not installed or is disabled on this machine. To configure ASP.NET to run in IIS, please install or enable IIS and re-register ASP.NET using aspnet_regiis.exe /i.
Log: 'Application' Date/Time: 01/02/2012 3:43:36 PM
Type: warning Category: 1
Event: 1020 Source: ASP.NET 2.0.50727.0
Updates to the IIS metabase were aborted because IIS is either not installed or is disabled on this machine. To configure ASP.NET to run in IIS, please install or enable IIS and re-register ASP.NET using aspnet_regiis.exe /i.
Log: 'Application' Date/Time: 01/02/2012 3:38:47 PM
Type: warning Category: 0
Event: 0 Source: System.ServiceModel.Install 3.0.0.0
Configuration section system.serviceModel.activation already exists in c:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\Config\machine.config.
Log: 'Application' Date/Time: 01/02/2012 3:38:47 PM
Type: warning Category: 0
Event: 0 Source: System.ServiceModel.Install 3.0.0.0
Configuration section system.runtime.serialization already exists in c:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\Config\machine.config.
Here is the OTL Log:OTL logfile created on: 2/14/2012 2:52:52 PM - Run 2
OTL by OldTimer - Version 3.2.31.0 Folder = C:\Documents and Settings\Chrissie\Desktop
Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy
1023.00 Mb Total Physical Memory | 295.10 Mb Available Physical Memory | 28.85% Memory free
2.41 Gb Paging File | 1.65 Gb Available in Paging File | 68.39% Paging File free
Paging file location(s): C:\pagefile.sys 1536 3072F:\pagefile.sys 0 0 [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 111.72 Gb Total Space | 91.57 Gb Free Space | 81.96% Space Free | Partition Type: NTFS
Computer Name: 2ZPRR41 | User Name: Chrissie | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days
========== Processes (SafeList) ========== PRC - [2012/02/01 17:32:47 | 000,584,192 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Chrissie\Desktop\OTL.exe
PRC - [2011/11/29 20:17:50 | 000,138,248 | R--- | M] (Symantec Corporation) -- C:\Program Files\Norton Internet Security\Engine\19.5.0.145\ccSvcHst.exe
PRC - [2008/07/07 07:15:18 | 000,611,664 | ---- | M] (Lavasoft) -- C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe
PRC - [2008/04/14 06:00:00 | 001,033,728 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
PRC - [2007/11/15 09:23:56 | 000,202,544 | ---- | M] (SupportSoft, Inc.) -- C:\Program Files\Dell Support Center\bin\sprtsvc.exe
PRC - [2007/11/15 09:23:56 | 000,202,544 | ---- | M] (SupportSoft, Inc.) -- C:\Program Files\Dell Support Center\bin\sprtcmd.exe
PRC - [2007/06/26 10:44:33 | 000,368,706 | ---- | M] () -- C:\Program Files\BroadJump\Client Foundation\CFD.exe
PRC - [2007/03/15 11:09:36 | 000,460,784 | ---- | M] (Gteko Ltd.) -- C:\Program Files\DellSupport\DSAgnt.exe
PRC - [2006/05/09 07:20:30 | 000,180,269 | ---- | M] (RealNetworks, Inc.) -- C:\Program Files\Common Files\Real\Update_OB\realsched.exe
PRC - [2004/11/02 16:59:50 | 000,316,544 | ---- | M] (Symantec Corporation) -- C:\Program Files\Common Files\Symantec Shared\Security Center\symwsc.exe
PRC - [2003/12/10 04:52:40 | 000,380,928 | ---- | M] (Motive Communications, Inc.) -- C:\Program Files\SBC Self Support Tool\SmartBridge\MotiveSB.exe
PRC - [2003/10/10 09:06:10 | 000,192,512 | ---- | M] () -- C:\Program Files\SBC Self Support Tool\bin\mpbtn.exe
PRC - [2003/08/13 09:27:40 | 000,028,672 | ---- | M] (Dell - Advanced Desktop Engineering) -- C:\WINDOWS\SYSTEM32\DSentry.exe
PRC - [2002/04/03 00:01:00 | 000,135,264 | ---- | M] (Creative Technology Ltd) -- C:\Program Files\Creative\SBLive\Diagnostics\diagent.exe
========== Modules (No Company Name) ========== MOD - [2012/02/01 16:07:49 | 005,450,752 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Xml\70cacc44f0b4257f6037eda7a59a0aeb\System.Xml.ni.dll
MOD - [2012/02/01 15:58:18 | 007,950,848 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System\af39f6e644af02873b9bae319f2bfb13\System.ni.dll
MOD - [2012/02/01 15:57:46 | 011,490,816 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\mscorlib\ca87ba84221991839abbe7d4bc9c6721\mscorlib.ni.dll
MOD - [2012/01/30 17:50:08 | 003,391,488 | ---- | M] () -- c:\windows\assembly\nativeimages1_v1.1.4322\mscorlib\1.0.5000.0__b77a5c561934e089_a8816e13\mscorlib.dll
MOD - [2012/01/30 17:50:02 | 000,835,584 | ---- | M] () -- c:\windows\assembly\nativeimages1_v1.1.4322\system.drawing\1.0.5000.0__b03f5f7f11d50a3a_b5556dcd\system.drawing.dll
MOD - [2012/01/30 17:49:49 | 002,088,960 | ---- | M] () -- c:\windows\assembly\nativeimages1_v1.1.4322\system.xml\1.0.5000.0__b77a5c561934e089_4bfecca8\system.xml.dll
MOD - [2012/01/30 17:49:42 | 003,035,136 | ---- | M] () -- c:\windows\assembly\nativeimages1_v1.1.4322\system.windows.forms\1.0.5000.0__b77a5c561934e089_d54e7230\system.windows.forms.dll
MOD - [2012/01/30 17:49:26 | 001,966,080 | ---- | M] () -- c:\windows\assembly\nativeimages1_v1.1.4322\system\1.0.5000.0__b77a5c561934e089_2985eee7\system.dll
MOD - [2012/01/30 17:48:53 | 001,232,896 | ---- | M] () -- c:\windows\assembly\gac\system\1.0.5000.0__b77a5c561934e089\system.dll
MOD - [2012/01/30 17:48:48 | 002,064,384 | ---- | M] () -- c:\windows\assembly\gac\system.windows.forms\1.0.5000.0__b77a5c561934e089\system.windows.forms.dll
MOD - [2010/06/03 12:46:00 | 000,067,872 | ---- | M] () -- C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
MOD - [2007/06/26 10:44:33 | 000,368,706 | ---- | M] () -- C:\Program Files\BroadJump\Client Foundation\CFD.exe
MOD - [2006/01/26 15:54:03 | 000,798,720 | ---- | M] () -- c:\windows\assembly\gac\hpqietpz\3.0.0.0__a53cf5803f4c3827\hpqietpz.dll
MOD - [2006/01/26 15:54:01 | 000,004,096 | ---- | M] () -- c:\windows\assembly\gac\interop.hprblog\3.0.0.0__a53cf5803f4c3827\interop.hprblog.dll
MOD - [2006/01/26 15:53:17 | 000,053,248 | ---- | M] () -- c:\windows\assembly\gac\hpqprrsc\3.0.0.0__a53cf5803f4c3827\hpqprrsc.dll
MOD - [2006/01/26 15:53:17 | 000,049,152 | ---- | M] () -- c:\windows\assembly\gac\hpqimlib\3.0.0.0__a53cf5803f4c3827\hpqimlib.dll
MOD - [2006/01/26 15:53:14 | 000,065,536 | ---- | M] () -- c:\windows\assembly\gac\hpqmdmr\3.0.0.0__a53cf5803f4c3827\hpqmdmr.dll
MOD - [2006/01/26 15:53:12 | 000,430,080 | ---- | M] () -- c:\windows\assembly\gac\lead.wrapper\13.0.0.89__9cf889f53ea9b907\lead.wrapper.dll
MOD - [2006/01/26 15:53:12 | 000,090,112 | ---- | M] () -- c:\windows\assembly\gac\lead.drawing.imaging.imageprocessing\13.0.0.89__9cf889f53ea9b907\lead.drawing.imaging.imageprocessing.dll
MOD - [2006/01/26 15:53:12 | 000,086,016 | ---- | M] () -- c:\windows\assembly\gac\lead.drawing\13.0.0.89__9cf889f53ea9b907\lead.drawing.dll
MOD - [2006/01/26 15:53:12 | 000,077,824 | ---- | M] () -- c:\windows\assembly\gac\lead\13.0.0.89__9cf889f53ea9b907\lead.dll
MOD - [2006/01/26 15:53:12 | 000,069,632 | ---- | M] () -- c:\windows\assembly\gac\lead.windows.forms.drawingcontainer\13.0.0.89__9cf889f53ea9b907\lead.windows.forms.drawingcontainer.dll
MOD - [2006/01/26 15:53:12 | 000,040,960 | ---- | M] () -- c:\windows\assembly\gac\lead.windows.forms\13.0.0.89__9cf889f53ea9b907\lead.windows.forms.dll
MOD - [2006/01/26 15:53:11 | 000,229,376 | ---- | M] () -- c:\windows\assembly\gac\hpqtray\3.0.0.0__a53cf5803f4c3827\hpqtray.dll
MOD - [2006/01/26 15:53:11 | 000,167,936 | ---- | M] () -- c:\windows\assembly\gac\hpqimgrc\3.0.0.0__a53cf5803f4c3827\hpqimgrc.dll
MOD - [2006/01/26 15:53:11 | 000,045,056 | ---- | M] () -- c:\windows\assembly\gac\hpqthumb\3.0.0.0__a53cf5803f4c3827\hpqthumb.dll
MOD - [2006/01/26 15:53:11 | 000,016,384 | ---- | M] () -- c:\windows\assembly\gac\hpqiface\3.0.0.0__a53cf5803f4c3827\hpqiface.dll
MOD - [2006/01/26 15:53:11 | 000,010,240 | ---- | M] () -- c:\windows\assembly\gac\interop.hpqimgr\1.0.0.0__a53cf5803f4c3827\interop.hpqimgr.dll
MOD - [2006/01/26 15:53:10 | 000,126,976 | ---- | M] () -- c:\windows\assembly\gac\hpqgldlg\3.0.0.0__a53cf5803f4c3827\hpqgldlg.dll
MOD - [2006/01/26 15:53:10 | 000,028,672 | ---- | M] () -- c:\windows\assembly\gac\hpqfmrsc\3.0.0.0__a53cf5803f4c3827\hpqfmrsc.dll
MOD - [2006/01/26 15:53:10 | 000,024,576 | ---- | M] () -- c:\windows\assembly\gac\hpqasset\3.0.0.0__a53cf5803f4c3827\hpqasset.dll
MOD - [2006/01/26 15:52:13 | 000,036,864 | ---- | M] () -- c:\windows\assembly\gac\interop.hpqcxm08\3.0.0.0__a53cf5803f4c3827\interop.hpqcxm08.dll
MOD - [2006/01/26 15:52:13 | 000,036,864 | ---- | M] () -- c:\windows\assembly\gac\interop.hpdarc\1.0.0.0__19565c63d39c2842\interop.hpdarc.dll
MOD - [2006/01/26 15:52:13 | 000,016,384 | ---- | M] () -- c:\windows\assembly\gac\hpqptfnd\3.0.0.0__a53cf5803f4c3827\hpqptfnd.dll
MOD - [2006/01/26 15:52:12 | 000,475,136 | ---- | M] () -- c:\windows\assembly\gac\hpqcmctl\3.0.0.0__a53cf5803f4c3827\hpqcmctl.dll
MOD - [2006/01/26 15:52:12 | 000,196,608 | ---- | M] () -- c:\windows\assembly\gac\hpqccrsc\3.0.0.0__a53cf5803f4c3827\hpqccrsc.dll
MOD - [2006/01/26 15:52:12 | 000,163,840 | ---- | M] () -- c:\windows\assembly\gac\hpqutils\3.0.0.0__a53cf5803f4c3827\hpqutils.dll
MOD - [2006/01/26 15:52:12 | 000,073,728 | ---- | M] () -- c:\windows\assembly\gac\hpqgskin\3.0.0.0__a53cf5803f4c3827\hpqgskin.dll
MOD - [2006/01/26 15:52:12 | 000,057,344 | ---- | M] () -- c:\windows\assembly\gac\hpqntrop\3.0.0.0__a53cf5803f4c3827\hpqntrop.dll
MOD - [2004/10/01 14:35:32 | 001,339,392 | ---- | M] () -- c:\windows\assembly\gac\system.xml\1.0.5000.0__b77a5c561934e089\system.xml.dll
MOD - [2004/10/01 14:35:31 | 000,466,944 | ---- | M] () -- c:\windows\assembly\gac\system.drawing\1.0.5000.0__b03f5f7f11d50a3a\system.drawing.dll
MOD - [2004/04/29 01:31:42 | 000,007,680 | ---- | M] () -- c:\windows\assembly\gac\accessibility\1.0.5000.0__b03f5f7f11d50a3a\accessibility.dll
MOD - [2003/10/10 09:06:12 | 000,057,344 | ---- | M] () -- C:\Program Files\SBC Self Support Tool\bin\AsstCatalog.dll
MOD - [2003/10/10 09:06:10 | 000,192,512 | ---- | M] () -- C:\Program Files\SBC Self Support Tool\bin\mpbtn.exe
MOD - [2002/07/02 15:32:00 | 000,184,431 | ---- | M] () -- C:\Program Files\BroadJump\Client Foundation\TimerManager.dll
MOD - [2002/07/02 15:22:34 | 000,122,993 | ---- | M] () -- C:\Program Files\BroadJump\Client Foundation\AppProperties.dll
MOD - [2002/07/02 15:10:42 | 000,110,695 | ---- | M] () -- C:\Program Files\BroadJump\Client Foundation\BJComBase.dll
MOD - [2002/06/04 20:33:54 | 000,106,601 | ---- | M] () -- C:\Program Files\BroadJump\Client Foundation\BJComSRCManager.dll
MOD - [2002/06/04 18:48:26 | 000,143,489 | ---- | M] () -- C:\Program Files\BroadJump\Client Foundation\BasicLoaderService.dll
MOD - [2002/06/04 18:48:10 | 000,163,951 | ---- | M] () -- C:\Program Files\BroadJump\Client Foundation\BJComRT.dll
MOD - [2001/09/26 03:23:08 | 000,196,695 | ---- | M] () -- C:\Program Files\BroadJump\Client Foundation\BJIntlCore_1_1_DDR.dll
MOD - [2001/09/23 15:41:10 | 000,524,377 | ---- | M] () -- C:\Program Files\BroadJump\Client Foundation\stlport_4_0_0_DDR.dll
========== Win32 Services (SafeList) ========== SRV - File not found [On_Demand | Stopped] -- -- (LiveUpdate)
SRV - File not found [Auto | Stopped] -- -- (Automatic LiveUpdate Scheduler)
SRV - [2011/11/29 20:17:50 | 000,138,248 | R--- | M] (Symantec Corporation) [Unknown | Running] -- C:\Program Files\Norton Internet Security\Engine\19.5.0.145\ccSvcHst.exe -- (NIS)
SRV - [2008/07/07 07:15:18 | 000,611,664 | ---- | M] (Lavasoft) [Auto | Running] -- C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe -- (aawservice)
SRV - [2007/11/15 09:23:56 | 000,202,544 | ---- | M] (SupportSoft, Inc.) [Auto | Running] -- C:\Program Files\Dell Support Center\bin\sprtsvc.exe -- (sprtsvc_dellsupportcenter) SupportSoft Sprocket Service (dellsupportcenter)
SRV - [2007/03/07 15:47:46 | 000,076,848 | ---- | M] () [On_Demand | Stopped] -- C:\Program Files\DellSupport\brkrsvc.exe -- (DSBrokerService)
SRV - [2004/11/02 16:59:50 | 000,316,544 | ---- | M] (Symantec Corporation) [Auto | Running] -- C:\Program Files\Common Files\Symantec Shared\Security Center\symwsc.exe -- (SymWSC)
SRV - [2003/03/03 12:33:40 | 000,143,360 | ---- | M] (Intel® Corporation) [On_Demand | Stopped] -- C:\Program Files\Intel\NCS\Sync\NetSvc.exe -- (NetSvc)
========== Driver Services (SafeList) ========== DRV - [2012/02/10 17:26:38 | 000,141,944 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\SYSTEM32\DRIVERS\SYMEVENT.SYS -- (SymEvent)
DRV - [2012/02/10 16:27:58 | 000,356,280 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\Documents and Settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.5.0.145\Definitions\IPSDefs\20120211.002\IDSXpx86.sys -- (IDSxpx86)
DRV - [2012/02/10 01:00:00 | 001,576,312 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\Documents and Settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.5.0.145\Definitions\VirusDefs\20120213.002\NAVEX15.SYS -- (NAVEX15)
DRV - [2012/02/10 01:00:00 | 000,374,392 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Program Files\Common Files\Symantec Shared\EENGINE\eeCtrl.sys -- (eeCtrl)
DRV - [2012/02/10 01:00:00 | 000,106,104 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\Program Files\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys -- (EraserUtilRebootDrv)
DRV - [2012/02/10 01:00:00 | 000,086,136 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\Documents and Settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.5.0.145\Definitions\VirusDefs\20120213.002\NAVENG.SYS -- (NAVENG)
DRV - [2011/11/28 22:48:55 | 000,820,344 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Documents and Settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.5.0.145\Definitions\BASHDefs\20120207.003\BHDrvx86.sys -- (BHDrvx86)
DRV - [2011/11/23 20:23:47 | 000,905,336 | R--- | M] (Symantec Corporation) [File_System | Boot | Running] -- C:\WINDOWS\system32\drivers\NIS\1305000.091\SYMEFA.SYS -- (SymEFA)
DRV - [2011/11/23 19:50:26 | 000,574,584 | R--- | M] (Symantec Corporation) [File_System | On_Demand | Running] -- C:\WINDOWS\System32\Drivers\NIS\1305000.091\SRTSP.SYS -- (SRTSP)
DRV - [2011/11/23 19:50:26 | 000,032,888 | R--- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\NIS\1305000.091\SRTSPX.SYS -- (SRTSPX) Symantec Real Time Storage Protection (PEL)
DRV - [2011/11/16 21:37:59 | 000,388,216 | R--- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\WINDOWS\System32\Drivers\NIS\1305000.091\SYMTDI.SYS -- (SYMTDI)
DRV - [2011/11/16 21:17:48 | 000,149,624 | R--- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\NIS\1305000.091\Ironx86.SYS -- (SymIRON)
DRV - [2011/11/04 17:59:35 | 000,132,744 | R--- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\NIS\1305000.091\ccSetx86.sys -- (ccSet_NIS)
DRV - [2011/08/16 00:51:40 | 000,340,088 | R--- | M] (Symantec Corporation) [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\NIS\1305000.091\SYMDS.SYS -- (SymDS)
DRV - [2008/04/14 06:00:00 | 000,010,624 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\SYSTEM32\DRIVERS\gameenum.sys -- (gameenum)
DRV - [2007/02/25 12:10:48 | 000,005,376 | --S- | M] (Gteko Ltd.) [Kernel | Auto | Running] -- C:\WINDOWS\SYSTEM32\DRIVERS\dsunidrv.sys -- (dsunidrv)
DRV - [2006/10/05 16:07:28 | 000,004,736 | ---- | M] (Gteko Ltd.) [Kernel | On_Demand | Running] -- C:\Program Files\DellSupport\GTAction\triggers\DSproct.sys -- (DSproct)
DRV - [2004/08/03 21:29:50 | 000,019,455 | ---- | M] (Intel® Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\SYSTEM32\DRIVERS\wvchntxx.sys -- (iAimFP4)
DRV - [2004/08/03 21:29:48 | 000,012,063 | ---- | M] (Intel® Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\SYSTEM32\DRIVERS\wsiintxx.sys -- (iAimFP3)
DRV - [2004/08/03 21:29:46 | 000,023,615 | ---- | M] (Intel® Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\SYSTEM32\DRIVERS\wch7xxnt.sys -- (iAimTV4)
DRV - [2004/08/03 21:29:44 | 000,033,599 | ---- | M] (Intel® Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\SYSTEM32\DRIVERS\watv04nt.sys -- (iAimTV3)
DRV - [2004/08/03 21:29:44 | 000,019,551 | ---- | M] (Intel® Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\SYSTEM32\DRIVERS\watv02nt.sys -- (iAimTV1)
DRV - [2004/08/03 21:29:42 | 000,029,311 | ---- | M] (Intel® Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\SYSTEM32\DRIVERS\watv01nt.sys -- (iAimTV0)
DRV - [2004/08/03 21:29:38 | 000,161,020 | ---- | M] (Intel® Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\SYSTEM32\DRIVERS\i81xnt5.sys -- (i81x)
DRV - [2004/08/03 21:29:38 | 000,012,415 | ---- | M] (Intel® Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\SYSTEM32\DRIVERS\wadv01nt.sys -- (iAimFP0)
DRV - [2004/08/03 21:29:38 | 000,012,127 | ---- | M] (Intel® Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\SYSTEM32\DRIVERS\wadv02nt.sys -- (iAimFP1)
DRV - [2004/08/03 21:29:38 | 000,011,775 | ---- | M] (Intel® Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\SYSTEM32\DRIVERS\wadv05nt.sys -- (iAimFP2)
DRV - [2004/08/03 21:29:28 | 000,701,440 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\SYSTEM32\DRIVERS\ati2mtag.sys -- (ati2mtag)
DRV - [2004/07/05 13:14:08 | 000,028,256 | ---- | M] (MusicMatch, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\System32\drivers\MxlW2k.sys -- (MxlW2k)
DRV - [2004/05/05 21:48:40 | 000,004,228 | ---- | M] (PowerQuest Corporation) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\PQNTDRV.sys -- (PQNTDrv)
DRV - [2004/03/05 21:15:34 | 000,647,929 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\SYSTEM32\DRIVERS\IntelC52.sys -- (IntelC52)
DRV - [2004/03/05 21:14:42 | 001,233,525 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\SYSTEM32\DRIVERS\IntelC51.sys -- (IntelC51)
DRV - [2004/03/05 21:13:52 | 000,060,949 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\SYSTEM32\DRIVERS\IntelC53.sys -- (IntelC53)
DRV - [2004/03/05 21:13:38 | 000,037,048 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\SYSTEM32\DRIVERS\mohfilt.sys -- (mohfilt)
DRV - [2003/09/22 10:43:06 | 001,330,048 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Running] -- C:\WINDOWS\SYSTEM32\DRIVERS\P16X.sys -- (P16X) Creative SB Live! Series (WDM)
DRV - [2003/09/22 06:48:06 | 000,130,192 | ---- | M] (Creative Technology Ltd) [Kernel | On_Demand | Running] -- C:\WINDOWS\SYSTEM32\DRIVERS\ctsfm2k.sys -- (ctsfm2k)
DRV - [2003/09/22 06:47:38 | 000,178,672 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Running] -- C:\WINDOWS\SYSTEM32\DRIVERS\ctoss2k.sys -- (ossrv)
DRV - [2003/08/28 17:58:40 | 000,004,272 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\WINDOWS\System32\drivers\bvrp_pci.sys -- (bvrp_pci)
DRV - [2002/11/08 12:45:06 | 000,017,217 | ---- | M] (Dell Computer Corporation) [Kernel | System | Running] -- C:\WINDOWS\SYSTEM32\DRIVERS\omci.sys -- (omci)
DRV - [2001/08/17 11:11:06 | 000,066,591 | ---- | M] (3Com Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\SYSTEM32\DRIVERS\EL90XBC5.SYS -- (EL90XBC)
DRV - [1999/12/17 00:00:00 | 000,006,752 | ---- | M] (Creative Technology Ltd.) [Kernel | Auto | Running] -- C:\WINDOWS\SYSTEM32\PFMODNT.SYS -- (PfModNT)
========== Standard Registry (SafeList) ========== ========== Internet Explorer ========== IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page =
http://www.geekstogo..._gopid__2116859IE - HKCU\..\URLSearchHook: {91da5e8a-3318-4f8c-b67e-5964de3ab546} - No CLSID value found
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = 127.0.0.1;<local>;*.local
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@checkpoint.com/FFApi: C:\Program Files\CheckPoint\ZAForceField\TrustChecker\bin\npFFApi.dll File not found
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\4.0.60831.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@movenetworks.com/Quantum Media Player: C:\Documents and Settings\Chrissie\Application Data\Move Networks\plugins\npqmp071505000011.dll (Move Networks)
FF - HKLM\Software\MozillaPlugins\@real.com/nppl3260;version=6.0.11.2321: C:\Program Files\Real\RealOne Player\Netscape6\nppl3260.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprjplug;version=1.0.2.2379: C:\Program Files\Real\RealOne Player\Netscape6\nprjplug.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprpjplug;version=6.0.12.1483: C:\Program Files\Real\RealOne Player\Netscape6\nprpjplug.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nsJSRealPlayerPlugin;version=: File not found
FF - HKLM\Software\MozillaPlugins\@real.com/RhapsodyPlayerEngine,version=1.0: C:\Program Files\Real\RhapsodyPlayerEngine\nprhapengine.dll (RealNetworks, Inc.)
FF - HKCU\Software\MozillaPlugins\@movenetworks.com/Quantum Media Player: C:\Documents and Settings\Chrissie\Application Data\Move Networks\plugins\npqmp071505000011.dll (Move Networks)
FF - HKCU\Software\MozillaPlugins\@real.com/RhapsodyPlayerEngine: C:\Documents and Settings\Chrissie\Application Data\nprhapengine.dll File not found
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\extensions\\{BBDA0591-3099-440a-AA10-41764D9DB4DB}: C:\Documents and Settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.5.0.145\IPSFFPlgn\ [2012/02/10 17:33:57 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\extensions\\{2D3F3651-74B9-4795-BDEC-6DA2F431CB62}: C:\Documents and Settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.5.0.145\coFFPlgn\ [2012/02/14 14:05:56 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Firefox\Extensions\\
[email protected]: C:\Documents and Settings\Chrissie\Application Data\Move Networks [2010/01/29 15:29:27 | 000,000,000 | ---D | M]
O1 HOSTS File: ([2012/02/08 18:38:09 | 000,000,027 | ---- | M]) - C:\WINDOWS\SYSTEM32\DRIVERS\ETC\hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (Adobe PDF Reader Link Helper) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll File not found
O2 - BHO: (DriveLetterAccess) - {5CA3D70E-1895-11CF-8E15-001234567890} - C:\WINDOWS\SYSTEM32\dla\tfswshx.dll (Sonic Solutions)
O2 - BHO: (Norton Identity Protection) - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files\Norton Internet Security\Engine\19.5.0.145\CoIEPlg.dll (Symantec Corporation)
O2 - BHO: (Norton Vulnerability Protection) - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files\Norton Internet Security\Engine\19.5.0.145\IPS\IPSBHO.dll (Symantec Corporation)
O2 - BHO: (Java Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll (Sun Microsystems, Inc.)
O3 - HKLM\..\Toolbar: (Norton Toolbar) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files\Norton Internet Security\Engine\19.5.0.145\CoIEPlg.dll (Symantec Corporation)
O3 - HKCU\..\Toolbar\ShellBrowser: (no name) - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {91DA5E8A-3318-4F8C-B67E-5964DE3AB546} - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {C7768536-96F8-4001-B1A2-90EE21279187} - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {EE2AC4E5-B0B0-4EC6-88A9-BCA1A32AB107} - No CLSID value found.
O4 - HKLM..\Run: [BJCFD] C:\Program Files\BroadJump\Client Foundation\CFD.exe ()
O4 - HKLM..\Run: [DellSupportCenter] C:\Program Files\Dell Support Center\bin\sprtcmd.exe (SupportSoft, Inc.)
O4 - HKLM..\Run: [diagent] C:\Program Files\Creative\SBLive\Diagnostics\diagent.exe (Creative Technology Ltd)
O4 - HKLM..\Run: [dscactivate] C:\Program Files\Dell Support Center\gs_agent\custom\dsca.exe ( )
O4 - HKLM..\Run: [DVDSentry] C:\WINDOWS\SYSTEM32\DSentry.exe (Dell - Advanced Desktop Engineering)
O4 - HKLM..\Run: [Motive SmartBridge] C:\Program Files\SBC Self Support Tool\SmartBridge\MotiveSB.exe (Motive Communications, Inc.)
O4 - HKLM..\Run: [NvCplDaemon] C:\WINDOWS\System32\NvCpl.dll (NVIDIA Corporation)
O4 - HKLM..\Run: [TkBellExe] C:\Program Files\Common Files\Real\Update_OB\realsched.exe (RealNetworks, Inc.)
O4 - HKLM..\Run: [UpdateManager] C:\Program Files\Common Files\Sonic\Update Manager\sgtray.exe (Sonic Solutions)
O4 - HKLM..\Run: [UpdReg] C:\WINDOWS\Updreg.EXE (Creative Technology Ltd.)
O4 - HKCU..\Run: [DellSupport] C:\Program Files\DellSupport\DSAgnt.exe (Gteko Ltd.)
O4 - HKCU..\Run: [DellSupportCenter] C:\Program Files\Dell Support Center\bin\sprtcmd.exe (SupportSoft, Inc.)
O4 - HKCU..\Run: [updateMgr] C:\Program Files\Adobe\Acrobat 7.0\Reader\AdobeUpdateManager.exe (Adobe Systems Incorporated)
O4 - HKCU..\Run: [Yahoo! Pager] 1 File not found
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe (Adobe Systems Incorporated)
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\AT&T Self Support Tool.lnk = C:\Program Files\SBC Self Support Tool\bin\matcli.exe (Motive Communications, Inc.)
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\HP Image Zone Fast Start.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqthb08.exe (Hewlett-Packard Co.)
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: =
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoCDBurning = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O15 - HKCU\..Trusted Domains: ([]msn in My Computer)
O15 - HKCU\..Trusted Domains: /// ([]money in Trusted sites)
O15 - HKCU\..Trusted Domains: dgparks.org ([dgpdwebtrac] https in Trusted sites)
O15 - HKCU\..Trusted Domains: dgparks.org ([www] http in Trusted sites)
O15 - HKCU\..Trusted Domains: entertainment.com ([www] http in Trusted sites)
O15 - HKCU\..Trusted Domains: microsoft.com ([]* in Trusted sites)
O15 - HKCU\..Trusted Domains: microsoft.com ([fdl] * in Trusted sites)
O15 - HKCU\..Trusted Domains: microsoft.com ([update] http in Trusted sites)
O15 - HKCU\..Trusted Domains: msn.com ([*.g] * in Trusted sites)
O15 - HKCU\..Trusted Domains: msn.com ([*.moneycentral] * in Trusted sites)
O15 - HKCU\..Trusted Domains: msn.com ([g] * in Trusted sites)
O15 - HKCU\..Trusted Domains: msn.com ([moneycentral] * in Trusted sites)
O15 - HKCU\..Trusted Domains: passport.com ([]* in Trusted sites)
O15 - HKCU\..Trusted Domains: passport.com ([loginnet] https in Trusted sites)
O15 - HKCU\..Trusted Domains: passport.net ([]* in Trusted sites)
O16 - DPF: {01010E00-5E80-11D8-9E86-0007E96C65AE}
http://www.symantec....trl/tgctlsi.cab (SupportSoft SmartIssue)
O16 - DPF: {01012101-5E80-11D8-9E86-0007E96C65AE}
http://www.symantec....trl/tgctlsr.cab (SupportSoft Script Runner Class)
O16 - DPF: {01118F00-3E00-11D2-8470-0060089874ED}
http://symantec.atgn...wnload/ssrc.cab (SupportSoft RemoteControl Class)
O16 - DPF: {01119400-3E00-11D2-8470-0060089874ED}
http://symantec.atgn...d/sprtctlln.cab (SupportSoft Listener Control)
O16 - DPF: {01A88BB1-1174-41EC-ACCB-963509EAE56B}
http://support.dell....iler/SysPro.CAB (SysProWmi Class)
O16 - DPF: {02BF25D5-8C17-4B23-BC80-D3488ABDDC6B}
http://www.apple.com...ex/qtplugin.cab (QuickTime Object)
O16 - DPF: {05CA9FB0-3E3E-4B36-BF41-0E3A5CAA8CD8}
http://download.micr.../OGAControl.cab (Office Genuine Advantage Validation Tool)
O16 - DPF: {0742B9EF-8C83-41CA-BFBA-830A59E23533}
https://support.micr...veX/MSDcode.cab (Microsoft Data Collection Control)
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700}
http://go.microsoft....k/?linkid=39204 (Windows Genuine Advantage Validation Tool)
O16 - DPF: {1F2F4C9E-6F09-47BC-970D-3C54734667FE}
http://www.symantec....sa/LSSupCtl.cab (LSSupCtl Class)
O16 - DPF: {31E68DE2-5548-4B23-88F0-C51E6A0F695E}
https://support.micr...ActiveX/odc.cab (Microsoft PID Sniffer)
O16 - DPF: {3DC2E31C-371A-4BD3-9A27-CDF57CE604CF}
http://download.micr...20/pmupd806.exe (MSN Money Charting)
O16 - DPF: {3E68E405-C6DE-49FF-83AE-41EE9F4C36CE}
http://office.micros...ntent/opuc3.cab (Office Update Installation Engine)
O16 - DPF: {49232000-16E4-426C-A231-62846947304B}
http://ipgweb.cce.hp...ads/sysinfo.cab (SysData Class)
O16 - DPF: {644E432F-49D3-41A1-8DD5-E099162EEEC5}
http://security.syma...n/bin/cabsa.cab (Symantec RuFSI Utility Class)
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3}
http://update.micros...b?1132768505156 (MUWebControl Class)
O16 - DPF: {89D75D39-5531-47BA-9E4F-B346BA9C362C}
http://www.callwave....DL_DownLoad.CAB (CWDL_DownLoadControl Class)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93}
http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_30)
O16 - DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C}
http://fpdownload.ma...t/ultrashim.cab (Reg Error: Key error.)
O16 - DPF: {963BE66B-121D-4E6C-BF9F-1A774D9A2E41}
http://moneycentral....bs/pmupdate.exe (Reg Error: Key error.)
O16 - DPF: {A7EA8AD2-287F-11D3-B120-006008C39542}
http://offers.e-cent...bin/actxcab.cab (CBSTIEPrint Class)
O16 - DPF: {C7DB51B4-BCF7-4923-8874-7F1A0DC92277}
http://office.micros...ntent/opuc4.cab (Office Update Installation Engine)
O16 - DPF: {CAFEEFAC-0016-0000-0030-ABCDEFFEDCBA}
http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_30)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA}
http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_30)
O16 - DPF: {CE28D5D2-60CF-4C7D-9FE8-0F47A3308078}
https://www-secure.s...rl/SymAData.cab (ActiveDataInfo Class)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000}
http://fpdownload.ma...ent/swflash.cab (Shockwave Flash Object)
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7}
http://platformdl.ad...Plus/1.6/gp.cab (Reg Error: Key error.)
O16 - DPF: {E77C0D62-882A-456F-AD8F-7C6C9569B8C7}
https://www-secure.s.../ActiveData.cab (ActiveDataObj Class)
O16 - DPF: Microsoft XML Parser for Java file://C:\WINDOWS\Java\classes\xmldso.cab (Reg Error: Key error.)
O16 - DPF: ppctlcab
http://69.44.122.156...er/ppctlcab.cab (Reg Error: Key error.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 68.94.156.1 68.94.157.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{E4E4E9F5-59D9-4341-93D2-08872E457EF5}: DhcpNameServer = 68.94.156.1 68.94.157.1
O20 - HKLM Winlogon: Shell - (Explorer.exe) -C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\WINDOWS\system32\userinit.exe) -C:\WINDOWS\SYSTEM32\userinit.exe (Microsoft Corporation)
O28 - HKLM ShellExecuteHooks: {56F9679E-7826-4C84-81F3-532071A8BCC5} - C:\Program Files\Windows Desktop Search\MSNLNamespaceMgr.dll (Microsoft Corporation)
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2002/09/03 12:36:02 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *)
O34 - HKLM BootExecute: (lsdelete)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = ComFile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
========== Files/Folders - Created Within 30 Days ========== [2012/02/14 14:39:48 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Chrissie\Application Data\Windows Search
[2012/02/14 14:33:31 | 000,061,440 | ---- | C] ( ) -- C:\Documents and Settings\Chrissie\Desktop\vew.exe
[2012/02/14 14:24:24 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Chrissie\Application Data\Windows Desktop Search
[2012/02/14 14:23:32 | 000,000,000 | ---D | C] -- C:\Program Files\Windows Desktop Search
[2012/02/14 14:23:32 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\GroupPolicy
[2012/02/14 14:21:25 | 000,000,000 | ---D | C] -- C:\WINDOWS\LastGood
[2012/02/14 14:21:01 | 000,000,000 | ---D | C] -- C:\01df9422ac69b1dad567
[2012/02/10 17:34:00 | 000,000,000 | -HSD | C] -- C:\RECYCLER
[2012/02/10 17:26:19 | 000,905,336 | R--- | C] (Symantec Corporation) -- C:\WINDOWS\System32\drivers\NIS\1305000.091\SymEFA.sys
[2012/02/10 17:26:19 | 000,574,584 | R--- | C] (Symantec Corporation) -- C:\WINDOWS\System32\drivers\NIS\1305000.091\srtsp.sys
[2012/02/10 17:26:19 | 000,388,216 | R--- | C] (Symantec Corporation) -- C:\WINDOWS\System32\drivers\NIS\1305000.091\symtdi.sys
[2012/02/10 17:26:19 | 000,345,208 | R--- | C] (Symantec Corporation) -- C:\WINDOWS\System32\drivers\NIS\1305000.091\symtdiv.sys
[2012/02/10 17:26:19 | 000,340,088 | R--- | C] (Symantec Corporation) -- C:\WINDOWS\System32\drivers\NIS\1305000.091\SymDS.sys
[2012/02/10 17:26:19 | 000,318,584 | R--- | C] (Symantec Corporation) -- C:\WINDOWS\System32\drivers\NIS\1305000.091\symnets.sys
[2012/02/10 17:26:19 | 000,149,624 | R--- | C] (Symantec Corporation) -- C:\WINDOWS\System32\drivers\NIS\1305000.091\Ironx86.sys
[2012/02/10 17:26:19 | 000,132,744 | R--- | C] (Symantec Corporation) -- C:\WINDOWS\System32\drivers\NIS\1305000.091\ccSetx86.sys
[2012/02/10 17:26:19 | 000,032,888 | R--- | C] (Symantec Corporation) -- C:\WINDOWS\System32\drivers\NIS\1305000.091\srtspx.sys
[2012/02/10 17:26:04 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\drivers\NIS\1305000.091
[2012/02/10 17:11:15 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Chrissie\Start Menu\Programs\Norton
[2012/02/10 17:11:15 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Documents\Norton
[2012/02/10 17:06:49 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Chrissie\My Documents\Symantec
[2012/02/10 17:05:11 | 000,141,944 | ---- | C] (Symantec Corporation) -- C:\WINDOWS\System32\drivers\SYMEVENT.SYS
[2012/02/10 17:05:11 | 000,060,872 | ---- | C] (Symantec Corporation) -- C:\WINDOWS\System32\S32EVNT1.DLL
[2012/02/10 17:04:32 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\drivers\NIS
[2012/02/10 17:04:28 | 000,000,000 | ---D | C] -- C:\Program Files\Windows Sidebar
[2012/02/10 17:04:28 | 000,000,000 | ---D | C] -- C:\Program Files\Norton Internet Security
[2012/02/10 17:04:28 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Norton Internet Security
[2012/02/10 17:04:27 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Norton
[2012/02/10 17:02:12 | 000,000,000 | ---D | C] -- C:\Program Files\NortonInstaller
[2012/02/10 17:02:12 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\NortonInstaller
[2012/02/08 18:24:37 | 000,000,000 | ---D | C] -- C:\ComboFix
[2012/02/08 18:23:19 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Sun
[2012/02/08 18:23:16 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Java
[2012/02/04 15:45:00 | 000,000,000 | RHSD | C] -- C:\cmdcons
[2012/02/04 15:42:06 | 000,518,144 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWREG.exe
[2012/02/04 15:42:06 | 000,406,528 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWSC.exe
[2012/02/04 15:42:06 | 000,212,480 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWXCACLS.exe
[2012/02/04 15:42:06 | 000,060,416 | ---- | C] (NirSoft) -- C:\WINDOWS\NIRCMD.exe
[2012/02/04 15:41:31 | 000,000,000 | ---D | C] -- C:\Qoobox
[2012/02/04 15:25:23 | 000,000,000 | ---D | C] -- C:\WINDOWS\CSC
[2012/02/04 15:20:54 | 000,000,000 | ---D | C] -- C:\WINDOWS\ERDNT
[2012/02/01 17:32:43 | 000,584,192 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\Chrissie\Desktop\OTL.exe
[2012/01/31 10:41:35 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\XPSViewer
[2012/01/31 10:41:27 | 000,000,000 | ---D | C] -- C:\Program Files\MSBuild
[2012/01/31 10:41:13 | 000,000,000 | ---D | C] -- C:\Program Files\Reference Assemblies
[2012/01/31 10:40:19 | 000,000,000 | ---D | C] -- C:\0c52271ce95a16b6c9cfc9e8cc
[2012/01/31 10:03:04 | 000,000,000 | ---D | C] -- C:\WINDOWS\ie8updates
[2012/01/31 09:47:53 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Chrissie\Application Data\ElevatedDiagnostics
[2012/01/31 09:40:08 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Windows PowerShell 1.0
[2012/01/31 09:39:45 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\windowspowershell
[2012/01/31 08:38:02 | 000,000,000 | -HSD | C] -- C:\Documents and Settings\Chrissie\PrivacIE
[2012/01/30 19:30:54 | 000,000,000 | -HSD | C] -- C:\Documents and Settings\Chrissie\IETldCache
[2012/01/30 19:19:04 | 000,000,000 | -H-D | C] -- C:\WINDOWS\ie8
[2012/01/30 16:18:43 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\CheckPoint
[2012/01/30 15:00:36 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Chrissie\Local Settings\Application Data\ZoneAlarm_Security
[2012/01/30 15:00:36 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Chrissie\Local Settings\Application Data\Temp
[2012/01/30 15:00:36 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Chrissie\Local Settings\Application Data\Conduit
[2012/01/25 11:06:37 | 000,000,000 | ---D | C] -- C:\WINDOWS\Prefetch
[2012/01/25 05:35:44 | 000,000,000 | ---D | C] -- C:\WINDOWS\Tmp0112
[2012/01/25 05:32:23 | 000,000,000 | ---D | C] -- C:\tmp
[2002/04/10 23:41:00 | 000,065,536 | ---- | C] ( ) -- C:\WINDOWS\System32\A3d.dll
[9 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
========== Files - Modified Within 30 Days ========== [2012/02/14 14:33:31 | 000,061,440 | ---- | M] ( ) -- C:\Documents and Settings\Chrissie\Desktop\vew.exe
[2012/02/14 14:23:42 | 000,001,787 | ---- | M] () -- C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Windows Search.lnk
[2012/02/14 14:23:39 | 000,502,786 | ---- | M] () -- C:\WINDOWS\System32\PERFH009.DAT
[2012/02/14 14:23:39 | 000,095,744 | ---- | M] () -- C:\WINDOWS\System32\PERFC009.DAT
[2012/02/14 14:23:30 | 000,650,422 | ---- | M] () -- C:\WINDOWS\System32\drivers\NIS\1305000.091\Cat.DB
[2012/02/14 14:23:06 | 000,001,374 | ---- | M] () -- C:\WINDOWS\imsins.BAK
[2012/02/14 14:04:23 | 000,012,598 | ---- | M] () -- C:\WINDOWS\System32\WPA.DBL
[2012/02/14 14:03:51 | 000,002,048 | --S- | M] () -- C:\WINDOWS\BOOTSTAT.DAT
[2012/02/14 14:03:47 | 1072,762,880 | -HS- | M] () -- C:\hiberfil.sys
[2012/02/10 17:38:56 | 000,000,113 | ---- | M] () -- C:\Documents and Settings\Chrissie\My Documents\Files named hitman.fnd
[2012/02/10 17:36:46 | 000,004,782 | ---- | M] () -- C:\WINDOWS\System32\drivers\NIS\1305000.091\VT20111023.022
[2012/02/10 17:29:43 | 000,001,984 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Norton Internet Security.LNK
[2012/02/10 17:29:08 | 000,000,756 | ---- | M] () -- C:\Documents and Settings\Chrissie\Desktop\Norton Installation Files.lnk
[2012/02/10 17:26:38 | 000,141,944 | ---- | M] (Symantec Corporation) -- C:\WINDOWS\System32\drivers\SYMEVENT.SYS
[2012/02/10 17:26:38 | 000,060,872 | ---- | M] (Symantec Corporation) -- C:\WINDOWS\System32\S32EVNT1.DLL
[2012/02/10 17:26:38 | 000,007,468 | ---- | M] () -- C:\WINDOWS\System32\drivers\SYMEVENT.CAT
[2012/02/10 17:26:38 | 000,000,806 | ---- | M] () -- C:\WINDOWS\System32\drivers\SYMEVENT.INF
[2012/02/08 18:38:09 | 000,000,027 | ---- | M] () -- C:\WINDOWS\System32\drivers\ETC\hosts
[2012/02/04 15:45:05 | 000,000,327 | RHS- | M] () -- C:\boot.ini
[2012/02/01 17:32:47 | 000,584,192 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Chrissie\Desktop\OTL.exe
[2012/02/01 14:28:40 | 000,360,936 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2012/01/31 09:30:54 | 000,000,134 | ---- | M] () -- C:\Documents and Settings\Chrissie\Desktop\Microsoft Fix it.url
[2012/01/30 19:31:21 | 000,000,815 | ---- | M] () -- C:\Documents and Settings\Chrissie\Application Data\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk
[2012/01/30 16:20:20 | 000,000,128 | ---- | M] () -- C:\WINDOWS\System32\pdfl.dat
[2012/01/30 13:09:35 | 000,012,598 | ---- | M] () -- C:\WINDOWS\System32\wpa.bak
[2012/01/26 22:25:06 | 000,000,172 | ---- | M] () -- C:\WINDOWS\System32\drivers\NIS\1305000.091\isolate.ini
[9 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
========== Files Created - No Company Name ========== [2012/02/14 14:23:42 | 000,001,803 | ---- | C] () -- C:\Documents and Settings\All Users\Start Menu\Programs\Windows Search.lnk
[2012/02/14 14:23:42 | 000,001,787 | ---- | C] () -- C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Windows Search.lnk
[2012/02/10 17:38:56 | 000,000,113 | ---- | C] () -- C:\Documents and Settings\Chrissie\My Documents\Files named hitman.fnd
[2012/02/10 17:37:22 | 000,004,782 | ---- | C] () -- C:\WINDOWS\System32\drivers\NIS\1305000.091\VT20111023.022
[2012/02/10 17:28:10 | 000,650,422 | ---- | C] () -- C:\WINDOWS\System32\drivers\NIS\1305000.091\Cat.DB
[2012/02/10 17:26:05 | 000,004,782 | R--- | C] () -- C:\WINDOWS\System32\drivers\NIS\1305000.091\SymVTcer.dat
[2012/02/10 17:26:05 | 000,003,434 | R--- | C] () -- C:\WINDOWS\System32\drivers\NIS\1305000.091\SymEFA.inf
[2012/02/10 17:26:05 | 000,002,852 | R--- | C] () -- C:\WINDOWS\System32\drivers\NIS\1305000.091\SymDS.inf
[2012/02/10 17:26:05 | 000,001,469 | R--- | C] () -- C:\WINDOWS\System32\drivers\NIS\1305000.091\SymNetV.inf
[2012/02/10 17:26:05 | 000,001,441 | R--- | C] () -- C:\WINDOWS\System32\drivers\NIS\1305000.091\SymNet.inf
[2012/02/10 17:26:05 | 000,001,389 | R--- | C] () -- C:\WINDOWS\System32\drivers\NIS\1305000.091\srtspx.inf
[2012/02/10 17:26:05 | 000,001,389 | R--- | C] () -- C:\WINDOWS\System32\drivers\NIS\1305000.091\srtsp.inf
[2012/02/10 17:26:05 | 000,000,827 | R--- | C] () -- C:\WINDOWS\System32\drivers\NIS\1305000.091\ccSetx86.inf
[2012/02/10 17:26:05 | 000,000,742 | R--- | C] () -- C:\WINDOWS\System32\drivers\NIS\1305000.091\Iron.inf
[2012/02/10 17:26:04 | 000,007,877 | R--- | C] () -- C:\WINDOWS\System32\drivers\NIS\1305000.091\symnetv.cat
[2012/02/10 17:26:04 | 000,007,492 | R--- | C] () -- C:\WINDOWS\System32\drivers\NIS\1305000.091\SymDS.cat
[2012/02/10 17:26:04 | 000,007,468 | R--- | C] () -- C:\WINDOWS\System32\drivers\NIS\1305000.091\ccSetx86.cat
[2012/02/10 17:26:04 | 000,007,458 | R--- | C] () -- C:\WINDOWS\System32\drivers\NIS\1305000.091\SymNet.cat
[2012/02/10 17:26:04 | 000,007,456 | R--- | C] () -- C:\WINDOWS\System32\drivers\NIS\1305000.091\SymEFA.cat
[2012/02/10 17:26:04 | 000,007,454 | R--- | C] () -- C:\WINDOWS\System32\drivers\NIS\1305000.091\srtspx.cat
[2012/02/10 17:26:04 | 000,007,450 | R--- | C] () -- C:\WINDOWS\System32\drivers\NIS\1305000.091\srtsp.cat
[2012/02/10 17:26:04 | 000,007,450 | R--- | C] () -- C:\WINDOWS\System32\drivers\NIS\1305000.091\iron.cat
[2012/02/10 17:26:04 | 000,000,172 | ---- | C] () -- C:\WINDOWS\System32\drivers\NIS\1305000.091\isolate.ini
[2012/02/10 17:11:15 | 000,000,756 | ---- | C] () -- C:\Documents and Settings\Chrissie\Desktop\Norton Installation Files.lnk
[2012/02/10 17:05:11 | 000,007,468 | ---- | C] () -- C:\WINDOWS\System32\drivers\SYMEVENT.CAT
[2012/02/10 17:05:11 | 000,000,806 | ---- | C] () -- C:\WINDOWS\System32\drivers\SYMEVENT.INF
[2012/02/10 17:05:03 | 000,001,984 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Norton Internet Security.LNK
[2012/02/04 15:45:05 | 000,000,210 | ---- | C] () -- C:\Boot.bak
[2012/02/04 15:45:02 | 000,260,272 | RHS- | C] () -- C:\cmldr
[2012/02/04 15:42:06 | 000,256,000 | ---- | C] () -- C:\WINDOWS\PEV.exe
[2012/02/04 15:42:06 | 000,208,896 | ---- | C] () -- C:\WINDOWS\MBR.exe
[2012/02/04 15:42:06 | 000,098,816 | ---- | C] () -- C:\WINDOWS\sed.exe
[2012/02/04 15:42:06 | 000,080,412 | ---- | C] () -- C:\WINDOWS\grep.exe
[2012/02/04 15:42:06 | 000,068,096 | ---- | C] () -- C:\WINDOWS\zip.exe
[2012/02/04 15:36:21 | 1072,762,880 | -HS- | C] () -- C:\hiberfil.sys
[2012/02/01 17:14:50 | 000,225,262 | ---- | C] () -- C:\WINDOWS\System32\dllcache\msimain.sdb
[2012/01/31 09:30:54 | 000,000,134 | ---- | C] () -- C:\Documents and Settings\Chrissie\Desktop\Microsoft Fix it.url
[2012/01/30 13:09:36 | 000,012,598 | ---- | C] () -- C:\WINDOWS\System32\wpa.bak
[2011/01/07 16:44:24 | 000,000,144 | ---- | C] () -- C:\WINDOWS\System32\lkfl.dat
[2011/01/07 16:44:24 | 000,000,128 | ---- | C] () -- C:\WINDOWS\System32\pdfl.dat
[2011/01/07 16:44:24 | 000,000,080 | ---- | C] () -- C:\WINDOWS\System32\ibfl.dat
[2010/10/22 14:18:17 | 000,089,464 | -H-- | C] () -- C:\WINDOWS\System32\mlfcache.dat
[2010/06/18 10:56:37 | 000,017,480 | ---- | C] () -- C:\WINDOWS\System32\drivers\hitmanpro35.sys
[2010/03/03 20:32:31 | 000,015,140 | -HS- | C] () -- C:\Documents and Settings\Chrissie\Local Settings\Application Data\jXP7U0T4
[2009/06/17 14:08:16 | 000,116,841 | ---- | C] () -- C:\WINDOWS\hpqins00.dat
[2008/05/26 21:59:42 | 000,018,904 | ---- | C] () -- C:\WINDOWS\System32\structuredqueryschematrivial.bin
[2008/05/26 21:59:40 | 000,106,605 | ---- | C] () -- C:\WINDOWS\System32\structuredqueryschema.bin
[2008/05/16 10:58:04 | 000,012,632 | ---- | C] () -- C:\WINDOWS\System32\lsdelete.exe
[2008/04/14 06:00:00 | 013,107,200 | ---- | C] () -- C:\WINDOWS\System32\oembios.bin
[2008/04/14 06:00:00 | 000,673,088 | ---- | C] () -- C:\WINDOWS\System32\mlang.dat
[2008/04/14 06:00:00 | 000,272,128 | ---- | C] () -- C:\WINDOWS\System32\perfi009.dat
[2008/04/14 06:00:00 | 000,218,003 | ---- | C] () -- C:\WINDOWS\System32\dssec.dat
[2008/04/14 06:00:00 | 000,046,258 | ---- | C] () -- C:\WINDOWS\System32\mib.bin
[2008/04/14 06:00:00 | 000,028,626 | ---- | C] () -- C:\WINDOWS\System32\perfd009.dat
[2008/04/14 06:00:00 | 000,004,569 | ---- | C] () -- C:\WINDOWS\System32\secupd.dat
[2008/04/14 06:00:00 | 000,004,461 | ---- | C] () -- C:\WINDOWS\System32\oembios.dat
[2008/04/14 06:00:00 | 000,001,804 | ---- | C] () -- C:\WINDOWS\System32\Dcache.bin
[2008/04/13 23:42:04 | 000,363,520 | ---- | C] () -- C:\WINDOWS\System32\psisdecd.dll
[2008/02/04 17:23:10 | 000,693,792 | ---- | C] () -- C:\WINDOWS\System32\OGACheckControl.DLL
[2008/01/14 17:57:36 | 000,001,755 | ---- | C] () -- C:\Documents and Settings\All Users\Application Data\QTSBandwidthCache
[2007/10/26 15:32:18 | 000,000,031 | -H-- | C] () -- C:\WINDOWS\uccspecc.sys
[2007/09/27 10:51:02 | 000,020,698 | ---- | C] () -- C:\WINDOWS\System32\idxcntrs.ini
[2007/09/27 10:48:48 | 000,030,628 | ---- | C] () -- C:\WINDOWS\System32\gsrvctr.ini
[2007/09/27 10:48:28 | 000,031,698 | ---- | C] () -- C:\WINDOWS\System32\gthrctr.ini
[2007/07/09 14:59:46 | 000,000,033 | ---- | C] () -- C:\WINDOWS\checkip.dat
[2007/05/28 13:00:18 | 000,016,007 | ---- | C] () -- C:\WINDOWS\hpwscr05.dat
[2006/12/03 13:13:39 | 000,000,214 | ---- | C] () -- C:\WINDOWS\HP_48BitScanUpdatePatch.ini
[2006/05/01 13:52:23 | 000,000,206 | ---- | C] () -- C:\WINDOWS\HPGdiPlus.ini
[2005/11/22 11:31:27 | 000,006,550 | ---- | C] () -- C:\WINDOWS\jautoexp.dat
[2005/11/10 13:26:12 | 000,000,220 | ---- | C] () -- C:\WINDOWS\Quicken.ini
[2005/10/04 12:15:02 | 000,795,904 | ---- | C] () -- C:\WINDOWS\System32\libeay32_0.9.6l.dll
[2005/06/03 13:47:00 | 000,000,032 | ---- | C] () -- C:\WINDOWS\AuthMgr.INI
[2004/08/12 13:46:43 | 000,004,272 | ---- | C] () -- C:\WINDOWS\System32\drivers\bvrp_pci.sys
[2004/08/12 13:27:26 | 000,001,793 | ---- | C] () -- C:\WINDOWS\System32\fxsperf.ini
[2004/07/05 13:14:37 | 000,000,733 | ---- | C] () -- C:\WINDOWS\cdPlayer.ini
[2004/06/15 10:56:05 | 000,000,592 | ---- | C] () -- C:\Documents and Settings\Chrissie\Local Settings\Application Data\FASTWiz.html
[2004/05/20 13:59:26 | 000,000,131 | ---- | C] () -- C:\Documents and Settings\Chrissie\Local Settings\Application Data\fusioncache.dat
[2004/04/29 01:50:04 | 000,000,061 | ---- | C] () -- C:\WINDOWS\smscfg.ini
[2004/04/29 01:40:06 | 000,000,376 | ---- | C] () -- C:\WINDOWS\ODBC.INI
[2004/04/29 01:37:08 | 000,149,504 | ---- | C] () -- C:\WINDOWS\UNWISE.EXE
[2004/04/29 01:35:40 | 001,048,576 | ---- | C] () -- C:\WINDOWS\System32\SFMAN.DAT
[2004/04/29 01:35:40 | 000,000,231 | ---- | C] () -- C:\WINDOWS\AC3API.INI
[2004/04/29 01:35:26 | 000,002,572 | ---- | C] () -- C:\WINDOWS\MIXDEF.INI
[2004/04/29 01:35:26 | 000,002,158 | ---- | C] () -- C:\WINDOWS\System32\P16X.ini
[2004/04/29 01:35:26 | 000,000,064 | ---- | C] () -- C:\WINDOWS\P16x.ini
[2004/04/29 01:35:26 | 000,000,026 | ---- | C] () -- C:\WINDOWS\System32\ctzapxx.ini
[2004/04/29 01:34:59 | 000,000,245 | ---- | C] () -- C:\WINDOWS\SBWIN.INI
[2004/04/29 01:33:59 | 000,000,136 | ---- | C] () -- C:\WINDOWS\wininit.ini
[2004/04/29 01:23:58 | 000,002,048 | --S- | C] () -- C:\WINDOWS\BOOTSTAT.DAT
[2004/04/29 01:22:38 | 000,502,786 | ---- | C] () -- C:\WINDOWS\System32\PERFH009.DAT
[2004/04/29 01:22:38 | 000,095,744 | ---- | C] () -- C:\WINDOWS\System32\PERFC009.DAT
[2004/04/29 01:11:08 | 000,000,546 | ---- | C] () -- C:\WINDOWS\System32\OEMINFO.INI
[2004/01/23 08:05:02 | 000,360,936 | ---- | C] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2004/01/23 08:03:50 | 000,000,791 | ---- | C] () -- C:\WINDOWS\ORUN32.INI
[2003/11/20 12:39:58 | 000,000,000 | ---- | C] () -- C:\WINDOWS\System32\px.ini
[2003/07/08 12:41:48 | 000,047,616 | ---- | C] () -- C:\WINDOWS\System32\P16X.dll
[2003/01/07 14:05:08 | 000,002,695 | ---- | C] () -- C:\WINDOWS\System32\OUTLPERF.INI
[2002/09/03 12:35:18 | 000,004,161 | ---- | C] () -- C:\WINDOWS\ODBCINST.INI
[2002/09/03 12:31:48 | 000,021,640 | ---- | C] () -- C:\WINDOWS\System32\emptyregdb.dat
[2002/08/29 04:00:00 | 000,000,741 | ---- | C] () -- C:\WINDOWS\System32\NOISE.DAT
[2002/03/13 14:46:46 | 000,053,248 | R--- | C] () -- C:\WINDOWS\System32\zlib.dll
[1979/12/31 23:00:00 | 000,012,288 | ---- | C] () -- C:\WINDOWS\System32\e100bmsg.dll
========== LOP Check ========== [2005/10/05 14:04:17 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Broderbund LLC
[2012/01/30 16:18:43 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\CheckPoint
[2005/07/28 09:59:09 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Eisenworld
[2010/02/12 16:54:19 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\F-Secure
[2010/11/17 18:55:13 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Hitman Pro
[2010/03/03 20:27:36 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Kaspersky SDK
[2008/02/20 09:23:13 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\MailFrontier
[2008/01/30 10:30:07 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\SupportSoft
[2011/03/30 16:21:06 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Trusteer
[2010/08/02 14:43:08 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\{429CAD59-35B1-4DBC-BB6D-1DB246563521}
[2011/01/07 16:56:03 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Chrissie\Application Data\CheckPoint
[2008/09/22 14:58:55 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Chrissie\Application Data\com.adobe.mauby.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1
[2005/05/27 18:41:18 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Chrissie\Application Data\Earthlink
[2012/01/31 09:47:53 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Chrissie\Application Data\ElevatedDiagnostics
[2009/07/24 12:28:11 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Chrissie\Application Data\Image Zone Express
[2004/05/26 09:57:27 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Chrissie\Application Data\Leadertech
[2008/11/17 13:57:13 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Chrissie\Application Data\MailFrontier
[2008/07/23 19:48:50 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Chrissie\Application Data\OfficeUpdate12
[2008/09/26 14:26:29 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Chrissie\Application Data\Printer Info Cache
[2010/03/08 18:06:21 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Chrissie\Application Data\Safer Networking
[2011/03/30 16:23:45 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Chrissie\Application Data\Trusteer
[2012/02/14 14:24:24 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Chrissie\Application Data\Windows Desktop Search
[2012/02/14 14:39:48 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Chrissie\Application Data\Windows Search
========== Purity Check ========== < End of report >
So how are things looking? Also, I didn't delete all my old Norton software, because I have Partition Magic installed on this computer, and I still want to be able to use it without reinstalling it.