I have ran Malwarebytes,SuperAntispyware and TDSSKiller all which show I'm clean of any virus, yet Norton continues to post I have Boot.Tidserv MBR Virus.
I also re-wrote my MBR using Spotmau.
Any help on how to get rid of this would be appreciated.
TDSSKiller and OLT Logs attached.
TDSSKiller Log:
18:52:27.0468 3872 TDSS rootkit removing tool 2.7.33.0 Apr 24 2012 18:43:43
18:52:29.0468 3872 ============================================================
18:52:29.0468 3872 Current date / time: 2012/04/25 18:52:29.0468
18:52:29.0468 3872 SystemInfo:
18:52:29.0468 3872
18:52:29.0468 3872 OS Version: 5.1.2600 ServicePack: 3.0
18:52:29.0468 3872 Product type: Workstation
18:52:29.0468 3872 ComputerName: YOUR-B27FB1C401
18:52:29.0468 3872 UserName: HP_Administrator
18:52:29.0468 3872 Windows directory: C:\WINDOWS
18:52:29.0468 3872 System windows directory: C:\WINDOWS
18:52:29.0468 3872 Processor architecture: Intel x86
18:52:29.0468 3872 Number of processors: 1
18:52:29.0468 3872 Page size: 0x1000
18:52:29.0468 3872 Boot type: Normal boot
18:52:29.0468 3872 ============================================================
18:52:37.0406 3872 Drive \Device\Harddisk0\DR0 - Size: 0x2E93E36000 (186.31 Gb), SectorSize: 0x200, Cylinders: 0x64F1, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xF0, Type 'K0', Flags 0x00000054
18:52:37.0546 3872 Drive \Device\Harddisk5\DR12 - Size: 0x7446E00000 (465.11 Gb), SectorSize: 0x200, Cylinders: 0xED2B, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'W'
18:52:37.0546 3872 ============================================================
18:52:37.0546 3872 \Device\Harddisk0\DR0:
18:52:37.0546 3872 MBR partitions:
18:52:37.0546 3872 \Device\Harddisk0\DR0\Partition0: MBR, Type 0xC, StartLBA 0x3F, BlocksNum 0x1005231
18:52:37.0546 3872 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x1005270, BlocksNum 0x164987A0
18:52:37.0546 3872 \Device\Harddisk5\DR12:
18:52:37.0546 3872 MBR partitions:
18:52:37.0546 3872 \Device\Harddisk5\DR12\Partition0: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x3A236800
18:52:37.0546 3872 ============================================================
18:52:37.0656 3872 C: <-> \Device\Harddisk0\DR0\Partition1
18:52:37.0656 3872 D: <-> \Device\Harddisk0\DR0\Partition0
18:52:38.0187 3872 L: <-> \Device\Harddisk5\DR12\Partition0
18:52:38.0187 3872 ============================================================
18:52:38.0187 3872 Initialize success
18:52:38.0187 3872 ============================================================
18:52:45.0015 2740 ============================================================
18:52:45.0015 2740 Scan started
18:52:45.0015 2740 Mode: Manual;
18:52:45.0015 2740 ============================================================
18:52:45.0343 2740 !SASCORE (c0393eb99a6c72c6bef9bfc4a72b33a6) C:\Program Files\SUPERAntiSpyware\SASCORE.EXE
18:52:45.0343 2740 !SASCORE - ok
18:52:45.0500 2740 Abiosdsk - ok
18:52:45.0500 2740 abp480n5 - ok
18:52:45.0546 2740 ACPI (8fd99680a539792a30e97944fdaecf17) C:\WINDOWS\system32\DRIVERS\ACPI.sys
18:52:45.0562 2740 ACPI - ok
18:52:45.0578 2740 ACPIEC (9859c0f6936e723e4892d7141b1327d5) C:\WINDOWS\system32\drivers\ACPIEC.sys
18:52:45.0593 2740 ACPIEC - ok
18:52:45.0687 2740 AcrSch2Svc (d5a40b566b6bf947b2e643de621b1bde) C:\Program Files\Common Files\Acronis\Schedule2\schedul2.exe
18:52:45.0687 2740 AcrSch2Svc - ok
18:52:45.0703 2740 adpu160m - ok
18:52:45.0734 2740 aec (8bed39e3c35d6a489438b8141717a557) C:\WINDOWS\system32\drivers\aec.sys
18:52:45.0750 2740 aec - ok
18:52:45.0812 2740 AFD (1e44bc1e83d8fd2305f8d452db109cf9) C:\WINDOWS\System32\drivers\afd.sys
18:52:45.0828 2740 AFD - ok
18:52:45.0828 2740 Aha154x - ok
18:52:45.0843 2740 aic78u2 - ok
18:52:45.0843 2740 aic78xx - ok
18:52:45.0890 2740 Alerter (a9a3daa780ca6c9671a19d52456705b4) C:\WINDOWS\system32\alrsvc.dll
18:52:45.0890 2740 Alerter - ok
18:52:45.0937 2740 ALG (8c515081584a38aa007909cd02020b3d) C:\WINDOWS\System32\alg.exe
18:52:45.0937 2740 ALG - ok
18:52:45.0953 2740 AliIde - ok
18:52:45.0968 2740 amsint - ok
18:52:46.0062 2740 AOL ACS (85180cf88c5ebad73b452a43a004ca51) C:\Program Files\Common Files\AOL\ACS\AOLAcsd.exe
18:52:46.0062 2740 AOL ACS - ok
18:52:46.0109 2740 AppMgmt (d8849f77c0b66226335a59d26cb4edc6) C:\WINDOWS\System32\appmgmts.dll
18:52:46.0109 2740 AppMgmt - ok
18:52:46.0140 2740 Arp1394 (b5b8a80875c1dededa8b02765642c32f) C:\WINDOWS\system32\DRIVERS\arp1394.sys
18:52:46.0140 2740 Arp1394 - ok
18:52:46.0156 2740 asc - ok
18:52:46.0171 2740 asc3350p - ok
18:52:46.0171 2740 asc3550 - ok
18:52:46.0343 2740 aspnet_state (0e5e4957549056e2bf2c49f4f6b601ad) C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe
18:52:46.0343 2740 aspnet_state - ok
18:52:46.0390 2740 AsyncMac (b153affac761e7f5fcfa822b9c4e97bc) C:\WINDOWS\system32\DRIVERS\asyncmac.sys
18:52:46.0390 2740 AsyncMac - ok
18:52:46.0421 2740 atapi (9f3a2f5aa6875c72bf062c712cfa2674) C:\WINDOWS\system32\DRIVERS\atapi.sys
18:52:46.0421 2740 atapi - ok
18:52:46.0437 2740 Atdisk - ok
18:52:46.0468 2740 Atmarpc (9916c1225104ba14794209cfa8012159) C:\WINDOWS\system32\DRIVERS\atmarpc.sys
18:52:46.0468 2740 Atmarpc - ok
18:52:46.0500 2740 AudioSrv (def7a7882bec100fe0b2ce2549188f9d) C:\WINDOWS\System32\audiosrv.dll
18:52:46.0515 2740 AudioSrv - ok
18:52:46.0546 2740 audstub (d9f724aa26c010a217c97606b160ed68) C:\WINDOWS\system32\DRIVERS\audstub.sys
18:52:46.0546 2740 audstub - ok
18:52:46.0562 2740 bb-run (7270d070173b20ac9487ea16bb08b45f) C:\WINDOWS\system32\DRIVERS\bb-run.sys
18:52:46.0578 2740 bb-run - ok
18:52:46.0578 2740 Beep (da1f27d85e0d1525f6621372e7b685e9) C:\WINDOWS\system32\drivers\Beep.sys
18:52:46.0593 2740 Beep - ok
18:52:46.0906 2740 BHDrvx86 (a503d32ae26f77cb942aed530112edaa) C:\Documents and Settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.6.2.10\Definitions\BASHDefs\20120413.001\BHDrvx86.sys
18:52:46.0921 2740 BHDrvx86 - ok
18:52:46.0984 2740 BITS (574738f61fca2935f5265dc4e5691314) C:\WINDOWS\system32\qmgr.dll
18:52:47.0015 2740 BITS - ok
18:52:47.0078 2740 Browser (a06ce3399d16db864f55faeb1f1927a9) C:\WINDOWS\System32\browser.dll
18:52:47.0078 2740 Browser - ok
18:52:47.0140 2740 cbidf2k (90a673fc8e12a79afbed2576f6a7aaf9) C:\WINDOWS\system32\drivers\cbidf2k.sys
18:52:47.0156 2740 cbidf2k - ok
18:52:47.0265 2740 ccSet_NIS (599e7f6259a127c174c49938d2aa6a60) C:\WINDOWS\system32\drivers\NIS\1307000.009\ccSetx86.sys
18:52:47.0265 2740 ccSet_NIS - ok
18:52:47.0281 2740 cd20xrnt - ok
18:52:47.0312 2740 Cdaudio (c1b486a7658353d33a10cc15211a873b) C:\WINDOWS\system32\drivers\Cdaudio.sys
18:52:47.0312 2740 Cdaudio - ok
18:52:47.0375 2740 Cdfs (c885b02847f5d2fd45a24e219ed93b32) C:\WINDOWS\system32\drivers\Cdfs.sys
18:52:47.0375 2740 Cdfs - ok
18:52:47.0390 2740 Cdrom (1f4260cc5b42272d71f79e570a27a4fe) C:\WINDOWS\system32\DRIVERS\cdrom.sys
18:52:47.0390 2740 Cdrom - ok
18:52:47.0406 2740 Changer - ok
18:52:47.0453 2740 CiSvc (1cfe720eb8d93a7158a4ebc3ab178bde) C:\WINDOWS\system32\cisvc.exe
18:52:47.0453 2740 CiSvc - ok
18:52:47.0484 2740 ClipSrv (34cbe729f38138217f9c80212a2a0c82) C:\WINDOWS\system32\clipsrv.exe
18:52:47.0484 2740 ClipSrv - ok
18:52:47.0625 2740 clr_optimization_v2.0.50727_32 (d87acaed61e417bba546ced5e7e36d9c) C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
18:52:47.0640 2740 clr_optimization_v2.0.50727_32 - ok
18:52:47.0656 2740 CmdIde - ok
18:52:47.0671 2740 COMSysApp - ok
18:52:47.0687 2740 Cpqarray - ok
18:52:47.0718 2740 CryptSvc (3d4e199942e29207970e04315d02ad3b) C:\WINDOWS\System32\cryptsvc.dll
18:52:47.0718 2740 CryptSvc - ok
18:52:47.0750 2740 dac2w2k - ok
18:52:47.0750 2740 dac960nt - ok
18:52:47.0921 2740 DcomLaunch (6b27a5c03dfb94b4245739065431322c) C:\WINDOWS\system32\rpcss.dll
18:52:47.0953 2740 DcomLaunch - ok
18:52:48.0015 2740 Dhcp (5e38d7684a49cacfb752b046357e0589) C:\WINDOWS\System32\dhcpcsvc.dll
18:52:48.0031 2740 Dhcp - ok
18:52:48.0046 2740 Disk (044452051f3e02e7963599fc8f4f3e25) C:\WINDOWS\system32\DRIVERS\disk.sys
18:52:48.0046 2740 Disk - ok
18:52:48.0062 2740 dmadmin - ok
18:52:48.0171 2740 dmboot (d992fe1274bde0f84ad826acae022a41) C:\WINDOWS\system32\drivers\dmboot.sys
18:52:48.0203 2740 dmboot - ok
18:52:48.0218 2740 dmio (7c824cf7bbde77d95c08005717a95f6f) C:\WINDOWS\system32\drivers\dmio.sys
18:52:48.0218 2740 dmio - ok
18:52:48.0250 2740 dmload (e9317282a63ca4d188c0df5e09c6ac5f) C:\WINDOWS\system32\drivers\dmload.sys
18:52:48.0250 2740 dmload - ok
18:52:48.0312 2740 dmserver (57edec2e5f59f0335e92f35184bc8631) C:\WINDOWS\System32\dmserver.dll
18:52:48.0312 2740 dmserver - ok
18:52:48.0343 2740 DMusic (8a208dfcf89792a484e76c40e5f50b45) C:\WINDOWS\system32\drivers\DMusic.sys
18:52:48.0343 2740 DMusic - ok
18:52:48.0406 2740 Dnscache (5f7e24fa9eab896051ffb87f840730d2) C:\WINDOWS\System32\dnsrslvr.dll
18:52:48.0406 2740 Dnscache - ok
18:52:48.0453 2740 Dot3svc (0f0f6e687e5e15579ef4da8dd6945814) C:\WINDOWS\System32\dot3svc.dll
18:52:48.0453 2740 Dot3svc - ok
18:52:48.0468 2740 dpti2o - ok
18:52:48.0484 2740 drmkaud (8f5fcff8e8848afac920905fbd9d33c8) C:\WINDOWS\system32\drivers\drmkaud.sys
18:52:48.0484 2740 drmkaud - ok
18:52:48.0515 2740 EapHost (2187855a7703adef0cef9ee4285182cc) C:\WINDOWS\System32\eapsvc.dll
18:52:48.0531 2740 EapHost - ok
18:52:48.0656 2740 eeCtrl (579a6b6135d32b857faf0e3a974535d8) C:\Program Files\Common Files\Symantec Shared\EENGINE\eeCtrl.sys
18:52:48.0671 2740 eeCtrl - ok
18:52:48.0750 2740 ehRecvr (63f371f0248e3732a4821f86e6d0e370) C:\WINDOWS\eHome\ehRecvr.exe
18:52:48.0765 2740 ehRecvr - ok
18:52:48.0781 2740 ehSched (16910f8b482919bb6035ed053b691692) C:\WINDOWS\eHome\ehSched.exe
18:52:48.0781 2740 ehSched - ok
18:52:48.0828 2740 EraserUtilRebootDrv (028d50f059bd0d2ccb209e9011b9a9a4) C:\Program Files\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys
18:52:48.0828 2740 EraserUtilRebootDrv - ok
18:52:48.0875 2740 ERSvc (bc93b4a066477954555966d77fec9ecb) C:\WINDOWS\System32\ersvc.dll
18:52:48.0875 2740 ERSvc - ok
18:52:48.0921 2740 Eventlog (65df52f5b8b6e9bbd183505225c37315) C:\WINDOWS\system32\services.exe
18:52:48.0937 2740 Eventlog - ok
18:52:49.0000 2740 EventSystem (d4991d98f2db73c60d042f1aef79efae) C:\WINDOWS\system32\es.dll
18:52:49.0015 2740 EventSystem - ok
18:52:49.0109 2740 Fastfat (38d332a6d56af32635675f132548343e) C:\WINDOWS\system32\drivers\Fastfat.sys
18:52:49.0140 2740 Fastfat - ok
18:52:49.0187 2740 FastUserSwitchingCompatibility (99bc0b50f511924348be19c7c7313bbf) C:\WINDOWS\System32\shsvcs.dll
18:52:49.0203 2740 FastUserSwitchingCompatibility - ok
18:52:49.0265 2740 Fax (e97d6a8684466df94ff3bc24fb787a07) C:\WINDOWS\system32\fxssvc.exe
18:52:49.0281 2740 Fax - ok
18:52:49.0296 2740 Fdc (92cdd60b6730b9f50f6a1a0c1f8cdc81) C:\WINDOWS\system32\DRIVERS\fdc.sys
18:52:49.0296 2740 Fdc - ok
18:52:49.0343 2740 Fips (d45926117eb9fa946a6af572fbe1caa3) C:\WINDOWS\system32\drivers\Fips.sys
18:52:49.0343 2740 Fips - ok
18:52:49.0375 2740 Flpydisk (9d27e7b80bfcdf1cdd9b555862d5e7f0) C:\WINDOWS\system32\DRIVERS\flpydisk.sys
18:52:49.0375 2740 Flpydisk - ok
18:52:49.0406 2740 FltMgr (b2cf4b0786f8212cb92ed2b50c6db6b0) C:\WINDOWS\system32\drivers\fltmgr.sys
18:52:49.0406 2740 FltMgr - ok
18:52:49.0531 2740 FontCache3.0.0.0 (8ba7c024070f2b7fdd98ed8a4ba41789) C:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe
18:52:49.0531 2740 FontCache3.0.0.0 - ok
18:52:49.0562 2740 Fs_Rec (3e1e2bd4f39b0e2b7dc4f4d2bcc2779a) C:\WINDOWS\system32\drivers\Fs_Rec.sys
18:52:49.0562 2740 Fs_Rec - ok
18:52:49.0593 2740 Ftdisk (6ac26732762483366c3969c9e4d2259d) C:\WINDOWS\system32\DRIVERS\ftdisk.sys
18:52:49.0593 2740 Ftdisk - ok
18:52:49.0609 2740 ftsata2 (92e8443c7bf5c0137671cde080655dfc) C:\WINDOWS\system32\DRIVERS\ftsata2.sys
18:52:49.0625 2740 ftsata2 - ok
18:52:49.0671 2740 GEARAspiWDM (6f55305289a0765bd8ae8e8d32f17117) C:\WINDOWS\system32\DRIVERS\GEARAspiWDM.sys
18:52:49.0671 2740 GEARAspiWDM - ok
18:52:49.0671 2740 Gpc (0a02c63c8b144bd8c86b103dee7c86a2) C:\WINDOWS\system32\DRIVERS\msgpc.sys
18:52:49.0687 2740 Gpc - ok
18:52:49.0718 2740 HdAudAddService (2a013e7530beab6e569faa83f517e836) C:\WINDOWS\system32\drivers\HdAudio.sys
18:52:49.0718 2740 HdAudAddService - ok
18:52:49.0765 2740 HDAudBus (573c7d0a32852b48f3058cfd8026f511) C:\WINDOWS\system32\DRIVERS\HDAudBus.sys
18:52:49.0781 2740 HDAudBus - ok
18:52:49.0859 2740 helpsvc (4fcca060dfe0c51a09dd5c3843888bcd) C:\WINDOWS\PCHealth\HelpCtr\Binaries\pchsvc.dll
18:52:49.0859 2740 helpsvc - ok
18:52:49.0921 2740 HidServ (deb04da35cc871b6d309b77e1443c796) C:\WINDOWS\System32\hidserv.dll
18:52:49.0921 2740 HidServ - ok
18:52:49.0937 2740 HidUsb (ccf82c5ec8a7326c3066de870c06daf1) C:\WINDOWS\system32\DRIVERS\hidusb.sys
18:52:49.0937 2740 HidUsb - ok
18:52:49.0984 2740 hkmsvc (8878bd685e490239777bfe51320b88e9) C:\WINDOWS\System32\kmsvc.dll
18:52:49.0984 2740 hkmsvc - ok
18:52:50.0000 2740 hpn - ok
18:52:50.0171 2740 hpqcxs08 (ce0fcec4d4d860f36d972759b11eaf0f) C:\Program Files\HP\Digital Imaging\bin\hpqcxs08.dll
18:52:50.0187 2740 hpqcxs08 - ok
18:52:50.0218 2740 hpqddsvc (7da3211ac63edd90b8eca1ca1abfd43b) C:\Program Files\HP\Digital Imaging\bin\hpqddsvc.dll
18:52:50.0218 2740 hpqddsvc - ok
18:52:50.0312 2740 HPSLPSVC (14229263aa19c704e0d6d2e7404a8455) C:\Program Files\HP\Digital Imaging\bin\HPSLPSVC32.DLL
18:52:50.0328 2740 HPSLPSVC - ok
18:52:50.0390 2740 HPZid412 (d03d10f7ded688fecf50f8fbf1ea9b8a) C:\WINDOWS\system32\DRIVERS\HPZid412.sys
18:52:50.0390 2740 HPZid412 - ok
18:52:50.0390 2740 HPZipr12 (89f41658929393487b6b7d13c8528ce3) C:\WINDOWS\system32\DRIVERS\HPZipr12.sys
18:52:50.0406 2740 HPZipr12 - ok
18:52:50.0453 2740 HPZius12 (abcb05ccdbf03000354b9553820e39f8) C:\WINDOWS\system32\DRIVERS\HPZius12.sys
18:52:50.0453 2740 HPZius12 - ok
18:52:50.0515 2740 HTTP (f80a415ef82cd06ffaf0d971528ead38) C:\WINDOWS\system32\Drivers\HTTP.sys
18:52:50.0531 2740 HTTP - ok
18:52:50.0562 2740 HTTPFilter (6100a808600f44d999cebdef8841c7a3) C:\WINDOWS\System32\w3ssl.dll
18:52:50.0562 2740 HTTPFilter - ok
18:52:50.0578 2740 i2omgmt - ok
18:52:50.0593 2740 i2omp - ok
18:52:50.0640 2740 i8042prt (4a0b06aa8943c1e332520f7440c0aa30) C:\WINDOWS\system32\DRIVERS\i8042prt.sys
18:52:50.0640 2740 i8042prt - ok
18:52:50.0750 2740 ialm (4007984827e19e6a5b6faf8532eaefba) C:\WINDOWS\system32\DRIVERS\ialmnt5.sys
18:52:50.0781 2740 ialm - ok
18:52:50.0843 2740 iaStor (79ae2a97c120f282845d854d0f070ea9) C:\WINDOWS\system32\DRIVERS\iaStor.sys
18:52:50.0875 2740 iaStor - ok
18:52:50.0968 2740 IDriverT (6f95324909b502e2651442c1548ab12f) C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe
18:52:50.0984 2740 IDriverT - ok
18:52:51.0265 2740 idsvc (c01ac32dc5c03076cfb852cb5da5229c) C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
18:52:51.0312 2740 idsvc - ok
18:52:51.0562 2740 IDSxpx86 (cfbc1ce72e5353d428704659199147b1) C:\Documents and Settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.6.2.10\Definitions\IPSDefs\20120424.001\IDSxpx86.sys
18:52:51.0562 2740 IDSxpx86 - ok
18:52:51.0703 2740 Imapi (083a052659f5310dd8b6a6cb05edcf8e) C:\WINDOWS\system32\DRIVERS\imapi.sys
18:52:51.0703 2740 Imapi - ok
18:52:51.0750 2740 ImapiService (30deaf54a9755bb8546168cfe8a6b5e1) C:\WINDOWS\system32\imapi.exe
18:52:51.0765 2740 ImapiService - ok
18:52:51.0781 2740 ini910u - ok
18:52:52.0046 2740 IntcAzAudAddService (a30685283f90ae02f1cd50972c6065e3) C:\WINDOWS\system32\drivers\RtkHDAud.sys
18:52:52.0156 2740 IntcAzAudAddService - ok
18:52:52.0234 2740 IntelIde (b5466a9250342a7aa0cd1fba13420678) C:\WINDOWS\system32\DRIVERS\intelide.sys
18:52:52.0234 2740 IntelIde - ok
18:52:52.0250 2740 intelppm (8c953733d8f36eb2133f5bb58808b66b) C:\WINDOWS\system32\DRIVERS\intelppm.sys
18:52:52.0250 2740 intelppm - ok
18:52:52.0281 2740 Ip6Fw (3bb22519a194418d5fec05d800a19ad0) C:\WINDOWS\system32\drivers\ip6fw.sys
18:52:52.0281 2740 Ip6Fw - ok
18:52:52.0328 2740 IpFilterDriver (731f22ba402ee4b62748adaf6363c182) C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys
18:52:52.0328 2740 IpFilterDriver - ok
18:52:52.0359 2740 IpInIp (b87ab476dcf76e72010632b5550955f5) C:\WINDOWS\system32\DRIVERS\ipinip.sys
18:52:52.0359 2740 IpInIp - ok
18:52:52.0390 2740 IpNat (cc748ea12c6effde940ee98098bf96bb) C:\WINDOWS\system32\DRIVERS\ipnat.sys
18:52:52.0406 2740 IpNat - ok
18:52:52.0500 2740 iPodService (50f2e042c33ed8d11264be5c4d533c7f) C:\Program Files\iPod\bin\iPodService.exe
18:52:52.0515 2740 iPodService - ok
18:52:52.0562 2740 IPSec (23c74d75e36e7158768dd63d92789a91) C:\WINDOWS\system32\DRIVERS\ipsec.sys
18:52:52.0562 2740 IPSec - ok
18:52:52.0593 2740 IRENUM (c93c9ff7b04d772627a3646d89f7bf89) C:\WINDOWS\system32\DRIVERS\irenum.sys
18:52:52.0593 2740 IRENUM - ok
18:52:52.0625 2740 isapnp (05a299ec56e52649b1cf2fc52d20f2d7) C:\WINDOWS\system32\DRIVERS\isapnp.sys
18:52:52.0625 2740 isapnp - ok
18:52:52.0671 2740 Kbdclass (463c1ec80cd17420a542b7f36a36f128) C:\WINDOWS\system32\DRIVERS\kbdclass.sys
18:52:52.0671 2740 Kbdclass - ok
18:52:52.0703 2740 kmixer (692bcf44383d056aed41b045a323d378) C:\WINDOWS\system32\drivers\kmixer.sys
18:52:52.0718 2740 kmixer - ok
18:52:52.0750 2740 KSecDD (b467646c54cc746128904e1654c750c1) C:\WINDOWS\system32\drivers\KSecDD.sys
18:52:52.0750 2740 KSecDD - ok
18:52:52.0796 2740 lanmanserver (3a7c3cbe5d96b8ae96ce81f0b22fb527) C:\WINDOWS\System32\srvsvc.dll
18:52:52.0812 2740 lanmanserver - ok
18:52:52.0859 2740 lanmanworkstation (a8888a5327621856c0cec4e385f69309) C:\WINDOWS\System32\wkssvc.dll
18:52:52.0875 2740 lanmanworkstation - ok
18:52:52.0890 2740 lbrtfdc - ok
18:52:52.0984 2740 LightScribeService (00944d59948596721d17510c94cd3e4f) C:\Program Files\Common Files\LightScribe\LSSrvc.exe
18:52:52.0984 2740 LightScribeService - ok
18:52:53.0031 2740 LmHosts (a7db739ae99a796d91580147e919cc59) C:\WINDOWS\System32\lmhsvc.dll
18:52:53.0031 2740 LmHosts - ok
18:52:53.0109 2740 ltmodem5 (9ee18a5a45552673a67532ea37370377) C:\WINDOWS\system32\DRIVERS\ltmdmnt.sys
18:52:53.0125 2740 ltmodem5 - ok
18:52:53.0203 2740 MDM (11f714f85530a2bd134074dc30e99fca) C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
18:52:53.0234 2740 MDM - ok
18:52:53.0265 2740 Messenger (986b1ff5814366d71e0ac5755c88f2d3) C:\WINDOWS\System32\msgsvc.dll
18:52:53.0265 2740 Messenger - ok
18:52:53.0328 2740 MHN (b7521f69c0a9b29d356157229376fb21) C:\WINDOWS\System32\mhn.dll
18:52:53.0343 2740 MHN - ok
18:52:53.0359 2740 MHNDRV (7f2f1d2815a6449d346fcccbc569fbd6) C:\WINDOWS\system32\DRIVERS\mhndrv.sys
18:52:53.0359 2740 MHNDRV - ok
18:52:53.0390 2740 mnmdd (4ae068242760a1fb6e1a44bf4e16afa6) C:\WINDOWS\system32\drivers\mnmdd.sys
18:52:53.0390 2740 mnmdd - ok
18:52:53.0437 2740 mnmsrvc (d18f1f0c101d06a1c1adf26eed16fcdd) C:\WINDOWS\system32\mnmsrvc.exe
18:52:53.0437 2740 mnmsrvc - ok
18:52:53.0453 2740 Modem (dfcbad3cec1c5f964962ae10e0bcc8e1) C:\WINDOWS\system32\drivers\Modem.sys
18:52:53.0453 2740 Modem - ok
18:52:53.0500 2740 MODEMCSA (1992e0d143b09653ab0f9c5e04b0fd65) C:\WINDOWS\system32\drivers\MODEMCSA.sys
18:52:53.0500 2740 MODEMCSA - ok
18:52:53.0515 2740 Mouclass (35c9e97194c8cfb8430125f8dbc34d04) C:\WINDOWS\system32\DRIVERS\mouclass.sys
18:52:53.0515 2740 Mouclass - ok
18:52:53.0562 2740 mouhid (b1c303e17fb9d46e87a98e4ba6769685) C:\WINDOWS\system32\DRIVERS\mouhid.sys
18:52:53.0562 2740 mouhid - ok
18:52:53.0578 2740 MountMgr (a80b9a0bad1b73637dbcbba7df72d3fd) C:\WINDOWS\system32\drivers\MountMgr.sys
18:52:53.0578 2740 MountMgr - ok
18:52:53.0593 2740 mraid35x - ok
18:52:53.0609 2740 MRxDAV (11d42bb6206f33fbb3ba0288d3ef81bd) C:\WINDOWS\system32\DRIVERS\mrxdav.sys
18:52:53.0625 2740 MRxDAV - ok
18:52:53.0703 2740 MRxSmb (7d304a5eb4344ebeeab53a2fe3ffb9f0) C:\WINDOWS\system32\DRIVERS\mrxsmb.sys
18:52:53.0718 2740 MRxSmb - ok
18:52:53.0765 2740 MSDTC (a137f1470499a205abbb9aafb3b6f2b1) C:\WINDOWS\system32\msdtc.exe
18:52:53.0781 2740 MSDTC - ok
18:52:53.0796 2740 Msfs (c941ea2454ba8350021d774daf0f1027) C:\WINDOWS\system32\drivers\Msfs.sys
18:52:53.0796 2740 Msfs - ok
18:52:53.0812 2740 MSIServer - ok
18:52:53.0843 2740 MSKSSRV (d1575e71568f4d9e14ca56b7b0453bf1) C:\WINDOWS\system32\drivers\MSKSSRV.sys
18:52:53.0843 2740 MSKSSRV - ok
18:52:53.0859 2740 MSPCLOCK (325bb26842fc7ccc1fcce2c457317f3e) C:\WINDOWS\system32\drivers\MSPCLOCK.sys
18:52:53.0859 2740 MSPCLOCK - ok
18:52:53.0875 2740 MSPQM (bad59648ba099da4a17680b39730cb3d) C:\WINDOWS\system32\drivers\MSPQM.sys
18:52:53.0875 2740 MSPQM - ok
18:52:53.0906 2740 mssmbios (af5f4f3f14a8ea2c26de30f7a1e17136) C:\WINDOWS\system32\DRIVERS\mssmbios.sys
18:52:53.0906 2740 mssmbios - ok
18:52:53.0953 2740 Mup (de6a75f5c270e756c5508d94b6cf68f5) C:\WINDOWS\system32\drivers\Mup.sys
18:52:53.0968 2740 Mup - ok
18:52:54.0015 2740 napagent (0102140028fad045756796e1c685d695) C:\WINDOWS\System32\qagentrt.dll
18:52:54.0046 2740 napagent - ok
18:52:54.0265 2740 NAVENG (862f55824ac81295837b0ab63f91071f) C:\Documents and Settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.6.2.10\Definitions\VirusDefs\20120425.002\NAVENG.SYS
18:52:54.0265 2740 NAVENG - ok
18:52:54.0375 2740 NAVEX15 (529d571b551cb9da44237389b936f1ae) C:\Documents and Settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.6.2.10\Definitions\VirusDefs\20120425.002\NAVEX15.SYS
18:52:54.0437 2740 NAVEX15 - ok
18:52:54.0593 2740 NDIS (1df7f42665c94b825322fae71721130d) C:\WINDOWS\system32\drivers\NDIS.sys
18:52:54.0609 2740 NDIS - ok
18:52:54.0671 2740 NdisTapi (0109c4f3850dfbab279542515386ae22) C:\WINDOWS\system32\DRIVERS\ndistapi.sys
18:52:54.0671 2740 NdisTapi - ok
18:52:54.0703 2740 Ndisuio (f927a4434c5028758a842943ef1a3849) C:\WINDOWS\system32\DRIVERS\ndisuio.sys
18:52:54.0718 2740 Ndisuio - ok
18:52:54.0734 2740 NdisWan (edc1531a49c80614b2cfda43ca8659ab) C:\WINDOWS\system32\DRIVERS\ndiswan.sys
18:52:54.0734 2740 NdisWan - ok
18:52:54.0765 2740 NDProxy (9282bd12dfb069d3889eb3fcc1000a9b) C:\WINDOWS\system32\drivers\NDProxy.sys
18:52:54.0765 2740 NDProxy - ok
18:52:54.0812 2740 Net Driver HPZ12 (2969d26eee289be7422aa46fc55f4e38) C:\WINDOWS\system32\HPZinw12.dll
18:52:54.0812 2740 Net Driver HPZ12 - ok
18:52:54.0843 2740 NetBIOS (5d81cf9a2f1a3a756b66cf684911cdf0) C:\WINDOWS\system32\DRIVERS\netbios.sys
18:52:54.0843 2740 NetBIOS - ok
18:52:54.0859 2740 NetBT (74b2b2f5bea5e9a3dc021d685551bd3d) C:\WINDOWS\system32\DRIVERS\netbt.sys
18:52:54.0875 2740 NetBT - ok
18:52:54.0921 2740 NetDDE (b857ba82860d7ff85ae29b095645563b) C:\WINDOWS\system32\netdde.exe
18:52:54.0937 2740 NetDDE - ok
18:52:54.0953 2740 NetDDEdsdm (b857ba82860d7ff85ae29b095645563b) C:\WINDOWS\system32\netdde.exe
18:52:54.0953 2740 NetDDEdsdm - ok
18:52:55.0015 2740 Netlogon (bf2466b3e18e970d8a976fb95fc1ca85) C:\WINDOWS\system32\lsass.exe
18:52:55.0015 2740 Netlogon - ok
18:52:55.0031 2740 Netman (13e67b55b3abd7bf3fe7aae5a0f9a9de) C:\WINDOWS\System32\netman.dll
18:52:55.0046 2740 Netman - ok
18:52:55.0234 2740 NetTcpPortSharing (d34612c5d02d026535b3095d620626ae) C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe
18:52:55.0250 2740 NetTcpPortSharing - ok
18:52:55.0296 2740 NIC1394 (e9e47cfb2d461fa0fc75b7a74c6383ea) C:\WINDOWS\system32\DRIVERS\nic1394.sys
18:52:55.0312 2740 NIC1394 - ok
18:52:55.0718 2740 NIS (c6948f034d7edabcfa2234d399fc78bc) C:\Program Files\Norton Internet Security\Engine\19.7.0.9\ccSvcHst.exe
18:52:55.0718 2740 NIS - ok
18:52:55.0796 2740 Nla (943337d786a56729263071623bbb9de5) C:\WINDOWS\System32\mswsock.dll
18:52:55.0812 2740 Nla - ok
18:52:55.0859 2740 Npfs (3182d64ae053d6fb034f44b6def8034a) C:\WINDOWS\system32\drivers\Npfs.sys
18:52:55.0859 2740 Npfs - ok
18:52:55.0906 2740 Ntfs (78a08dd6a8d65e697c18e1db01c5cdca) C:\WINDOWS\system32\drivers\Ntfs.sys
18:52:55.0953 2740 Ntfs - ok
18:52:56.0015 2740 NtLmSsp (bf2466b3e18e970d8a976fb95fc1ca85) C:\WINDOWS\system32\lsass.exe
18:52:56.0015 2740 NtLmSsp - ok
18:52:56.0093 2740 NtmsSvc (156f64a3345bd23c600655fb4d10bc08) C:\WINDOWS\system32\ntmssvc.dll
18:52:56.0140 2740 NtmsSvc - ok
18:52:56.0187 2740 Null (73c1e1f395918bc2c6dd67af7591a3ad) C:\WINDOWS\system32\drivers\Null.sys
18:52:56.0203 2740 Null - ok
18:52:56.0234 2740 NwlnkFlt (b305f3fad35083837ef46a0bbce2fc57) C:\WINDOWS\system32\DRIVERS\nwlnkflt.sys
18:52:56.0234 2740 NwlnkFlt - ok
18:52:56.0250 2740 NwlnkFwd (c99b3415198d1aab7227f2c88fd664b9) C:\WINDOWS\system32\DRIVERS\nwlnkfwd.sys
18:52:56.0250 2740 NwlnkFwd - ok
18:52:56.0296 2740 ohci1394 (ca33832df41afb202ee7aeb05145922f) C:\WINDOWS\system32\DRIVERS\ohci1394.sys
18:52:56.0296 2740 ohci1394 - ok
18:52:56.0390 2740 ose (7a56cf3e3f12e8af599963b16f50fb6a) C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE
18:52:56.0390 2740 ose - ok
18:52:56.0437 2740 Parport (5575faf8f97ce5e713d108c2a58d7c7c) C:\WINDOWS\system32\DRIVERS\parport.sys
18:52:56.0437 2740 Parport - ok
18:52:56.0453 2740 PartMgr (beb3ba25197665d82ec7065b724171c6) C:\WINDOWS\system32\drivers\PartMgr.sys
18:52:56.0453 2740 PartMgr - ok
18:52:56.0500 2740 ParVdm (70e98b3fd8e963a6a46a2e6247e0bea1) C:\WINDOWS\system32\drivers\ParVdm.sys
18:52:56.0500 2740 ParVdm - ok
18:52:56.0515 2740 PCI (a219903ccf74233761d92bef471a07b1) C:\WINDOWS\system32\DRIVERS\pci.sys
18:52:56.0515 2740 PCI - ok
18:52:56.0531 2740 PCIDump - ok
18:52:56.0546 2740 PCIIde (ccf5f451bb1a5a2a522a76e670000ff0) C:\WINDOWS\system32\DRIVERS\pciide.sys
18:52:56.0546 2740 PCIIde - ok
18:52:56.0562 2740 Pcmcia (9e89ef60e9ee05e3f2eef2da7397f1c1) C:\WINDOWS\system32\drivers\Pcmcia.sys
18:52:56.0578 2740 Pcmcia - ok
18:52:56.0593 2740 PDCOMP - ok
18:52:56.0593 2740 PDFRAME - ok
18:52:56.0609 2740 PDRELI - ok
18:52:56.0625 2740 PDRFRAME - ok
18:52:56.0625 2740 perc2 - ok
18:52:56.0640 2740 perc2hib - ok
18:52:56.0703 2740 PlugPlay (65df52f5b8b6e9bbd183505225c37315) C:\WINDOWS\system32\services.exe
18:52:56.0718 2740 PlugPlay - ok
18:52:56.0765 2740 Pml Driver HPZ12 (bafc9706bdf425a02b66468ab2605c59) C:\WINDOWS\system32\HPZipm12.dll
18:52:56.0765 2740 Pml Driver HPZ12 - ok
18:52:56.0765 2740 PolicyAgent (bf2466b3e18e970d8a976fb95fc1ca85) C:\WINDOWS\system32\lsass.exe
18:52:56.0781 2740 PolicyAgent - ok
18:52:56.0828 2740 PptpMiniport (efeec01b1d3cf84f16ddd24d9d9d8f99) C:\WINDOWS\system32\DRIVERS\raspptp.sys
18:52:56.0828 2740 PptpMiniport - ok
18:52:56.0843 2740 ProtectedStorage (bf2466b3e18e970d8a976fb95fc1ca85) C:\WINDOWS\system32\lsass.exe
18:52:56.0843 2740 ProtectedStorage - ok
18:52:56.0875 2740 Ps2 (bffdb363485501a38f0bca83aec810db) C:\WINDOWS\system32\DRIVERS\PS2.sys
18:52:56.0875 2740 Ps2 - ok
18:52:56.0890 2740 PSched (09298ec810b07e5d582cb3a3f9255424) C:\WINDOWS\system32\DRIVERS\psched.sys
18:52:56.0906 2740 PSched - ok
18:52:56.0906 2740 Ptilink (80d317bd1c3dbc5d4fe7b1678c60cadd) C:\WINDOWS\system32\DRIVERS\ptilink.sys
18:52:56.0906 2740 Ptilink - ok
18:52:56.0953 2740 PxHelp20 (86724469cd077901706854974cd13c3e) C:\WINDOWS\system32\Drivers\PxHelp20.sys
18:52:56.0953 2740 PxHelp20 - ok
18:52:56.0953 2740 ql1080 - ok
18:52:56.0968 2740 Ql10wnt - ok
18:52:56.0984 2740 ql12160 - ok
18:52:56.0984 2740 ql1240 - ok
18:52:57.0000 2740 ql1280 - ok
18:52:57.0015 2740 RasAcd (fe0d99d6f31e4fad8159f690d68ded9c) C:\WINDOWS\system32\DRIVERS\rasacd.sys
18:52:57.0015 2740 RasAcd - ok
18:52:57.0046 2740 RasAuto (ad188be7bdf94e8df4ca0a55c00a5073) C:\WINDOWS\System32\rasauto.dll
18:52:57.0062 2740 RasAuto - ok
18:52:57.0078 2740 Rasl2tp (11b4a627bc9614b885c4969bfa5ff8a6) C:\WINDOWS\system32\DRIVERS\rasl2tp.sys
18:52:57.0078 2740 Rasl2tp - ok
18:52:57.0125 2740 RasMan (76a9a3cbeadd68cc57cda5e1d7448235) C:\WINDOWS\System32\rasmans.dll
18:52:57.0125 2740 RasMan - ok
18:52:57.0140 2740 RasPppoe (5bc962f2654137c9909c3d4603587dee) C:\WINDOWS\system32\DRIVERS\raspppoe.sys
18:52:57.0140 2740 RasPppoe - ok
18:52:57.0156 2740 Raspti (fdbb1d60066fcfbb7452fd8f9829b242) C:\WINDOWS\system32\DRIVERS\raspti.sys
18:52:57.0156 2740 Raspti - ok
18:52:57.0187 2740 Rdbss (7ad224ad1a1437fe28d89cf22b17780a) C:\WINDOWS\system32\DRIVERS\rdbss.sys
18:52:57.0203 2740 Rdbss - ok
18:52:57.0203 2740 RDPCDD (4912d5b403614ce99c28420f75353332) C:\WINDOWS\system32\DRIVERS\RDPCDD.sys
18:52:57.0203 2740 RDPCDD - ok
18:52:57.0250 2740 rdpdr (15cabd0f7c00c47c70124907916af3f1) C:\WINDOWS\system32\DRIVERS\rdpdr.sys
18:52:57.0250 2740 rdpdr - ok
18:52:57.0312 2740 RDPWD (5b3055daa788bd688594d2f5981f2a83) C:\WINDOWS\system32\drivers\RDPWD.sys
18:52:57.0312 2740 RDPWD - ok
18:52:57.0390 2740 RDSessMgr (3c37bf86641bda977c3bf8a840f3b7fa) C:\WINDOWS\system32\sessmgr.exe
18:52:57.0421 2740 RDSessMgr - ok
18:52:57.0468 2740 redbook (f828dd7e1419b6653894a8f97a0094c5) C:\WINDOWS\system32\DRIVERS\redbook.sys
18:52:57.0468 2740 redbook - ok
18:52:57.0515 2740 RemoteAccess (7e699ff5f59b5d9de5390e3c34c67cf5) C:\WINDOWS\System32\mprdim.dll
18:52:57.0515 2740 RemoteAccess - ok
18:52:57.0562 2740 RemoteRegistry (5b19b557b0c188210a56a6b699d90b8f) C:\WINDOWS\system32\regsvc.dll
18:52:57.0562 2740 RemoteRegistry - ok
18:52:57.0578 2740 RpcLocator (aaed593f84afa419bbae8572af87cf6a) C:\WINDOWS\system32\locator.exe
18:52:57.0578 2740 RpcLocator - ok
18:52:57.0656 2740 RpcSs (6b27a5c03dfb94b4245739065431322c) C:\WINDOWS\system32\rpcss.dll
18:52:57.0671 2740 RpcSs - ok
18:52:57.0718 2740 RSVP (471b3f9741d762abe75e9deea4787e47) C:\WINDOWS\system32\rsvp.exe
18:52:57.0718 2740 RSVP - ok
18:52:57.0750 2740 RTL8023xp (3529828ec571fb2f64f6b142f9109993) C:\WINDOWS\system32\DRIVERS\Rtnicxp.sys
18:52:57.0765 2740 RTL8023xp - ok
18:52:57.0796 2740 rtl8139 (d507c1400284176573224903819ffda3) C:\WINDOWS\system32\DRIVERS\RTL8139.SYS
18:52:57.0796 2740 rtl8139 - ok
18:52:57.0843 2740 SamSs (bf2466b3e18e970d8a976fb95fc1ca85) C:\WINDOWS\system32\lsass.exe
18:52:57.0843 2740 SamSs - ok
18:52:57.0953 2740 SASDIFSV (39763504067962108505bff25f024345) C:\Program Files\SUPERAntiSpyware\SASDIFSV.SYS
18:52:57.0953 2740 SASDIFSV - ok
18:52:57.0968 2740 SASKUTIL (77b9fc20084b48408ad3e87570eb4a85) C:\Program Files\SUPERAntiSpyware\SASKUTIL.SYS
18:52:57.0968 2740 SASKUTIL - ok
18:52:57.0984 2740 SCardSvr (86d007e7a654b9a71d1d7d856b104353) C:\WINDOWS\System32\SCardSvr.exe
18:52:58.0000 2740 SCardSvr - ok
18:52:58.0046 2740 Schedule (0a9a7365a1ca4319aa7c1d6cd8e4eafa) C:\WINDOWS\system32\schedsvc.dll
18:52:58.0062 2740 Schedule - ok
18:52:58.0109 2740 Secdrv (90a3935d05b494a5a39d37e71f09a677) C:\WINDOWS\system32\DRIVERS\secdrv.sys
18:52:58.0109 2740 Secdrv - ok
18:52:58.0156 2740 seclogon (cbe612e2bb6a10e3563336191eda1250) C:\WINDOWS\System32\seclogon.dll
18:52:58.0156 2740 seclogon - ok
18:52:58.0171 2740 SENS (7fdd5d0684eca8c1f68b4d99d124dcd0) C:\WINDOWS\system32\sens.dll
18:52:58.0171 2740 SENS - ok
18:52:58.0187 2740 Serenum (0f29512ccd6bead730039fb4bd2c85ce) C:\WINDOWS\system32\DRIVERS\serenum.sys
18:52:58.0187 2740 Serenum - ok
18:52:58.0218 2740 Serial (cca207a8896d4c6a0c9ce29a4ae411a7) C:\WINDOWS\system32\DRIVERS\serial.sys
18:52:58.0218 2740 Serial - ok
18:52:58.0250 2740 Sfloppy (8e6b8c671615d126fdc553d1e2de5562) C:\WINDOWS\system32\drivers\Sfloppy.sys
18:52:58.0250 2740 Sfloppy - ok
18:52:58.0312 2740 SharedAccess (83f41d0d89645d7235c051ab1d9523ac) C:\WINDOWS\System32\ipnathlp.dll
18:52:58.0328 2740 SharedAccess - ok
18:52:58.0390 2740 ShellHWDetection (99bc0b50f511924348be19c7c7313bbf) C:\WINDOWS\System32\shsvcs.dll
18:52:58.0406 2740 ShellHWDetection - ok
18:52:58.0406 2740 Simbad - ok
18:52:58.0500 2740 smserial (0c81c75a42a4e920a91a8bb729b10449) C:\WINDOWS\system32\DRIVERS\smserial.sys
18:52:58.0531 2740 smserial - ok
18:52:58.0609 2740 snapman (90257773f4b4065bd0c6cc2164fd52e5) C:\WINDOWS\system32\DRIVERS\snapman.sys
18:52:58.0609 2740 snapman - ok
18:52:58.0625 2740 Sparrow - ok
18:52:58.0671 2740 splitter (ab8b92451ecb048a4d1de7c3ffcb4a9f) C:\WINDOWS\system32\drivers\splitter.sys
18:52:58.0671 2740 splitter - ok
18:52:58.0734 2740 Spooler (60784f891563fb1b767f70117fc2428f) C:\WINDOWS\system32\spoolsv.exe
18:52:58.0734 2740 Spooler - ok
18:52:58.0781 2740 sr (76bb022c2fb6902fd5bdd4f78fc13a5d) C:\WINDOWS\system32\DRIVERS\sr.sys
18:52:58.0781 2740 sr - ok
18:52:58.0828 2740 srservice (3805df0ac4296a34ba4bf93b346cc378) C:\WINDOWS\system32\srsvc.dll
18:52:58.0828 2740 srservice - ok
18:52:58.0937 2740 SRTSP (9dd258ee034afd36259cb7357e19d0b1) C:\WINDOWS\System32\Drivers\NIS\1307000.009\SRTSP.SYS
18:52:59.0000 2740 SRTSP - ok
18:52:59.0015 2740 SRTSPX (0cc3a10f363436c7b478419eb73f8d91) C:\WINDOWS\system32\drivers\NIS\1307000.009\SRTSPX.SYS
18:52:59.0031 2740 SRTSPX - ok
18:52:59.0078 2740 Srv (47ddfc2f003f7f9f0592c6874962a2e7) C:\WINDOWS\system32\DRIVERS\srv.sys
18:52:59.0093 2740 Srv - ok
18:52:59.0140 2740 SSDPSRV (0a5679b3714edab99e357057ee88fca6) C:\WINDOWS\System32\ssdpsrv.dll
18:52:59.0140 2740 SSDPSRV - ok
18:52:59.0203 2740 stisvc (8bad69cbac032d4bbacfce0306174c30) C:\WINDOWS\system32\wiaservc.dll
18:52:59.0218 2740 stisvc - ok
18:52:59.0250 2740 swenum (3941d127aef12e93addf6fe6ee027e0f) C:\WINDOWS\system32\DRIVERS\swenum.sys
18:52:59.0250 2740 swenum - ok
18:52:59.0312 2740 swmidi (8ce882bcc6cf8a62f2b2323d95cb3d01) C:\WINDOWS\system32\drivers\swmidi.sys
18:52:59.0312 2740 swmidi - ok
18:52:59.0328 2740 SwPrv - ok
18:52:59.0343 2740 symc810 - ok
18:52:59.0343 2740 symc8xx - ok
18:52:59.0406 2740 SymDS (690fa0e61b90084c4d9a721bd4f3d779) C:\WINDOWS\system32\drivers\NIS\1307000.009\SYMDS.SYS
18:52:59.0421 2740 SymDS - ok
18:52:59.0531 2740 SymEFA (4e55148a2e044d02245cbcdbb266b98c) C:\WINDOWS\system32\drivers\NIS\1307000.009\SYMEFA.SYS
18:52:59.0562 2740 SymEFA - ok
18:52:59.0609 2740 SymEvent (74e2521e96176a4449570e50be91954d) C:\WINDOWS\system32\Drivers\SYMEVENT.SYS
18:52:59.0625 2740 SymEvent - ok
18:52:59.0656 2740 SymIRON (2c356cca706505cf63cbe39d532b9236) C:\WINDOWS\system32\drivers\NIS\1307000.009\Ironx86.SYS
18:52:59.0671 2740 SymIRON - ok
18:52:59.0703 2740 SYMTDI (508bd882040f9cb12319e3a4fc78edb9) C:\WINDOWS\System32\Drivers\NIS\1307000.009\SYMTDI.SYS
18:52:59.0718 2740 SYMTDI - ok
18:52:59.0734 2740 sym_hi - ok
18:52:59.0734 2740 sym_u3 - ok
18:52:59.0781 2740 sysaudio (8b83f3ed0f1688b4958f77cd6d2bf290) C:\WINDOWS\system32\drivers\sysaudio.sys
18:52:59.0781 2740 sysaudio - ok
18:52:59.0828 2740 SysmonLog (c7abbc59b43274b1109df6b24d617051) C:\WINDOWS\system32\smlogsvc.exe
18:52:59.0843 2740 SysmonLog - ok
18:52:59.0890 2740 TapiSrv (3cb78c17bb664637787c9a1c98f79c38) C:\WINDOWS\System32\tapisrv.dll
18:52:59.0906 2740 TapiSrv - ok
18:52:59.0984 2740 Tcpip (9aefa14bd6b182d61e3119fa5f436d3d) C:\WINDOWS\system32\DRIVERS\tcpip.sys
18:53:00.0000 2740 Tcpip - ok
18:53:00.0031 2740 TDPIPE (6471a66807f5e104e4885f5b67349397) C:\WINDOWS\system32\drivers\TDPIPE.sys
18:53:00.0031 2740 TDPIPE - ok
18:53:00.0046 2740 TDTCP (c56b6d0402371cf3700eb322ef3aaf61) C:\WINDOWS\system32\drivers\TDTCP.sys
18:53:00.0046 2740 TDTCP - ok
18:53:00.0078 2740 TermDD (88155247177638048422893737429d9e) C:\WINDOWS\system32\DRIVERS\termdd.sys
18:53:00.0078 2740 TermDD - ok
18:53:00.0156 2740 TermService (ff3477c03be7201c294c35f684b3479f) C:\WINDOWS\System32\termsrv.dll
18:53:00.0171 2740 TermService - ok
18:53:00.0218 2740 Themes (99bc0b50f511924348be19c7c7313bbf) C:\WINDOWS\System32\shsvcs.dll
18:53:00.0234 2740 Themes - ok
18:53:00.0281 2740 tifsfilter (7369f74dd9172c6527a8aceb010e28f1) C:\WINDOWS\system32\DRIVERS\tifsfilt.sys
18:53:00.0281 2740 tifsfilter - ok
18:53:00.0328 2740 timounter (53fec95b844c46489f6683dc0a606e01) C:\WINDOWS\system32\DRIVERS\timntr.sys
18:53:00.0343 2740 timounter - ok
18:53:00.0406 2740 TlntSvr (db7205804759ff62c34e3efd8a4cc76a) C:\WINDOWS\system32\tlntsvr.exe
18:53:00.0406 2740 TlntSvr - ok
18:53:00.0421 2740 TosIde - ok
18:53:00.0468 2740 TrkWks (55bca12f7f523d35ca3cb833c725f54e) C:\WINDOWS\system32\trkwks.dll
18:53:00.0468 2740 TrkWks - ok
18:53:00.0500 2740 Udfs (5787b80c2e3c5e2f56c2a233d91fa2c9) C:\WINDOWS\system32\drivers\Udfs.sys
18:53:00.0500 2740 Udfs - ok
18:53:00.0515 2740 ultra - ok
18:53:00.0546 2740 UMWdf (ab0a7ca90d9e3d6a193905dc1715ded0) C:\WINDOWS\system32\wdfmgr.exe
18:53:00.0546 2740 UMWdf - ok
18:53:00.0593 2740 Update (402ddc88356b1bac0ee3dd1580c76a31) C:\WINDOWS\system32\DRIVERS\update.sys
18:53:00.0609 2740 Update - ok
18:53:00.0656 2740 upnphost (1ebafeb9a3fbdc41b8d9c7f0f687ad91) C:\WINDOWS\System32\upnphost.dll
18:53:00.0671 2740 upnphost - ok
18:53:00.0687 2740 UPS (05365fb38fca1e98f7a566aaaf5d1815) C:\WINDOWS\System32\ups.exe
18:53:00.0687 2740 UPS - ok
18:53:00.0734 2740 usbccgp (173f317ce0db8e21322e71b7e60a27e8) C:\WINDOWS\system32\DRIVERS\usbccgp.sys
18:53:00.0734 2740 usbccgp - ok
18:53:00.0765 2740 usbehci (65dcf09d0e37d4c6b11b5b0b76d470a7) C:\WINDOWS\system32\DRIVERS\usbehci.sys
18:53:00.0765 2740 usbehci - ok
18:53:00.0812 2740 usbhub (1ab3cdde553b6e064d2e754efe20285c) C:\WINDOWS\system32\DRIVERS\usbhub.sys
18:53:00.0812 2740 usbhub - ok
18:53:00.0828 2740 usbprint (a717c8721046828520c9edf31288fc00) C:\WINDOWS\system32\DRIVERS\usbprint.sys
18:53:00.0828 2740 usbprint - ok
18:53:00.0859 2740 usbscan (a0b8cf9deb1184fbdd20784a58fa75d4) C:\WINDOWS\system32\DRIVERS\usbscan.sys
18:53:00.0859 2740 usbscan - ok
18:53:00.0875 2740 USBSTOR (a32426d9b14a089eaa1d922e0c5801a9) C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS
18:53:00.0875 2740 USBSTOR - ok
18:53:00.0906 2740 usbuhci (26496f9dee2d787fc3e61ad54821ffe6) C:\WINDOWS\system32\DRIVERS\usbuhci.sys
18:53:00.0906 2740 usbuhci - ok
18:53:00.0921 2740 VgaSave (0d3a8fafceacd8b7625cd549757a7df1) C:\WINDOWS\System32\drivers\vga.sys
18:53:00.0937 2740 VgaSave - ok
18:53:00.0968 2740 ViaIde (3b3efcda263b8ac14fdf9cbdd0791b2e) C:\WINDOWS\system32\DRIVERS\viaide.sys
18:53:00.0968 2740 ViaIde - ok
18:53:00.0984 2740 VolSnap (4c8fcb5cc53aab716d810740fe59d025) C:\WINDOWS\system32\drivers\VolSnap.sys
18:53:00.0984 2740 VolSnap - ok
18:53:01.0046 2740 VSS (7a9db3a67c333bf0bd42e42b8596854b) C:\WINDOWS\System32\vssvc.exe
18:53:01.0062 2740 VSS - ok
18:53:01.0093 2740 W32Time (54af4b1d5459500ef0937f6d33b1914f) C:\WINDOWS\system32\w32time.dll
18:53:01.0109 2740 W32Time - ok
18:53:01.0125 2740 Wanarp (e20b95baedb550f32dd489265c1da1f6) C:\WINDOWS\system32\DRIVERS\wanarp.sys
18:53:01.0125 2740 Wanarp - ok
18:53:01.0171 2740 wanatw (0a716c08cb13c3a8f4f51e882dbf7416) C:\WINDOWS\system32\DRIVERS\wanatw4.sys
18:53:01.0171 2740 wanatw - ok
18:53:01.0203 2740 WDC_SAM (d6efaf429fd30c5df613d220e344cce7) C:\WINDOWS\system32\DRIVERS\wdcsam.sys
18:53:01.0203 2740 WDC_SAM - ok
18:53:01.0312 2740 WDDMService (8530b35284aa20d9c614ccb3725cef37) C:\Program Files\Western Digital\WD SmartWare\WD Drive Manager\WDDMService.exe
18:53:01.0312 2740 WDDMService - ok
18:53:01.0328 2740 WDICA - ok
18:53:01.0359 2740 wdmaud (6768acf64b18196494413695f0c3a00f) C:\WINDOWS\system32\drivers\wdmaud.sys
18:53:01.0375 2740 wdmaud - ok
18:53:01.0390 2740 WDSmartWareBackgroundService (138ab06adbbf300aa804d7974a5aec82) C:\Program Files\Western Digital\WD SmartWare\Front Parlor\WDSmartWareBackgroundService.exe
18:53:01.0390 2740 WDSmartWareBackgroundService - ok
18:53:01.0453 2740 WebClient (77a354e28153ad2d5e120a5a8687bc06) C:\WINDOWS\System32\webclnt.dll
18:53:01.0453 2740 WebClient - ok
18:53:01.0562 2740 winmgmt (2d0e4ed081963804ccc196a0929275b5) C:\WINDOWS\system32\wbem\WMIsvc.dll
18:53:01.0578 2740 winmgmt - ok
18:53:01.0625 2740 WmdmPmSN (140ef97b64f560fd78643cae2cdad838) C:\WINDOWS\system32\MsPMSNSv.dll
18:53:01.0640 2740 WmdmPmSN - ok
18:53:01.0703 2740 Wmi (e76f8807070ed04e7408a86d6d3a6137) C:\WINDOWS\System32\advapi32.dll
18:53:01.0734 2740 Wmi - ok
18:53:01.0750 2740 WmiApSrv (e0673f1106e62a68d2257e376079f821) C:\WINDOWS\system32\wbem\wmiapsrv.exe
18:53:01.0765 2740 WmiApSrv - ok
18:53:01.0828 2740 wscsvc (7c278e6408d1dce642230c0585a854d5) C:\WINDOWS\system32\wscsvc.dll
18:53:01.0828 2740 wscsvc - ok
18:53:01.0875 2740 wuauserv (35321fb577cdc98ce3eb3a3eb9e4610a) C:\WINDOWS\system32\wuauserv.dll
18:53:01.0875 2740 wuauserv - ok
18:53:01.0953 2740 WZCSVC (81dc3f549f44b1c1fff022dec9ecf30b) C:\WINDOWS\System32\wzcsvc.dll
18:53:02.0000 2740 WZCSVC - ok
18:53:02.0046 2740 xmlprov (295d21f14c335b53cb8154e5b1f892b9) C:\WINDOWS\System32\xmlprov.dll
18:53:02.0062 2740 xmlprov - ok
18:53:02.0093 2740 MBR (0x1B8) (8f558eb6672622401da993e1e865c861) \Device\Harddisk0\DR0
18:53:02.0296 2740 \Device\Harddisk0\DR0 - ok
18:53:02.0312 2740 MBR (0x1B8) (8f558eb6672622401da993e1e865c861) \Device\Harddisk5\DR12
18:53:02.0312 2740 \Device\Harddisk5\DR12 - ok
18:53:02.0328 2740 Boot (0x1200) (752ef521f76f6772d4171c6f74556e2c) \Device\Harddisk0\DR0\Partition0
18:53:02.0328 2740 \Device\Harddisk0\DR0\Partition0 - ok
18:53:02.0328 2740 Boot (0x1200) (824a5c4b9c04dbb8cddde769d9bf9693) \Device\Harddisk0\DR0\Partition1
18:53:02.0328 2740 \Device\Harddisk0\DR0\Partition1 - ok
18:53:02.0343 2740 Boot (0x1200) (12465cb012d0ff36e8a8e89b655ef92a) \Device\Harddisk5\DR12\Partition0
18:53:02.0343 2740 \Device\Harddisk5\DR12\Partition0 - ok
18:53:02.0343 2740 ============================================================
18:53:02.0343 2740 Scan finished
18:53:02.0343 2740 ============================================================
18:53:02.0359 2996 Detected object count: 0
18:53:02.0359 2996 Actual detected object count: 0
18:53:44.0890 3864 Deinitialize success
OTL Log:
OTL logfile created on: 4/25/2012 7:01:03 PM - Run 3
OTL by OldTimer - Version 3.2.42.0 Folder = C:\ATemp
Windows XP Media Center Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy
1015.29 Mb Total Physical Memory | 481.61 Mb Available Physical Memory | 47.44% Memory free
2.38 Gb Paging File | 1.43 Gb Available in Paging File | 59.87% Paging File free
Paging file location(s): C:\pagefile.sys 1524 3048 [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 178.30 Gb Total Space | 153.73 Gb Free Space | 86.22% Space Free | Partition Type: NTFS
Drive D: | 8.00 Gb Total Space | 0.79 Gb Free Space | 9.88% Space Free | Partition Type: FAT32
Drive K: | 644.12 Mb Total Space | 0.00 Mb Free Space | 0.00% Space Free | Partition Type: UDF
Drive L: | 465.11 Gb Total Space | 422.99 Gb Free Space | 90.94% Space Free | Partition Type: NTFS
Computer Name: YOUR-B27FB1C401 | User Name: HP_Administrator | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Quick Scan
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days
========== Processes (SafeList) ==========
PRC - [2012/04/25 18:08:32 | 000,595,968 | ---- | M] (OldTimer Tools) -- C:\ATemp\OTL.exe
PRC - [2012/04/12 03:37:36 | 001,224,176 | ---- | M] (Google Inc.) -- C:\Documents and Settings\HP_Administrator\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
PRC - [2012/03/27 19:14:06 | 000,138,232 | R--- | M] (Symantec Corporation) -- C:\Program Files\Norton Internet Security\Engine\19.7.0.9\ccsvchst.exe
PRC - [2012/02/14 19:03:14 | 024,246,216 | ---- | M] (Dropbox, Inc.) -- C:\Documents and Settings\HP_Administrator\Application Data\Dropbox\bin\Dropbox.exe
PRC - [2011/08/11 19:38:07 | 000,116,608 | ---- | M] (SUPERAntiSpyware.com) -- C:\Program Files\SUPERAntiSpyware\SASCore.exe
PRC - [2010/03/08 03:27:49 | 000,041,800 | ---- | M] (AOL Inc.) -- C:\Program Files\Common Files\AOL\1334879659\ee\aolsoftware.exe
PRC - [2009/10/14 14:32:46 | 009,085,760 | ---- | M] (Western Digital) -- C:\Program Files\Western Digital\WD SmartWare\Front Parlor\WDSmartWare.exe
PRC - [2009/10/14 14:32:46 | 002,049,344 | ---- | M] (WDC) -- C:\Program Files\Western Digital\WD SmartWare\WD Drive Manager\WDDMStatus.exe
PRC - [2009/10/14 14:31:02 | 000,098,304 | ---- | M] (WDC) -- C:\Program Files\Western Digital\WD SmartWare\WD Drive Manager\WDDMService.exe
PRC - [2009/06/16 09:58:08 | 000,020,480 | ---- | M] (Memeo) -- C:\Program Files\Western Digital\WD SmartWare\Front Parlor\WDSmartWareBackgroundService.exe
PRC - [2008/04/13 20:12:19 | 001,033,728 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
PRC - [2006/10/23 08:50:35 | 000,046,640 | R--- | M] (AOL LLC) -- C:\Program Files\Common Files\AOL\acs\AOLacsd.exe
PRC - [2005/11/28 14:02:54 | 000,172,032 | ---- | M] (Acronis) -- C:\Program Files\Common Files\Acronis\Schedule2\schedul2.exe
PRC - [2005/09/21 15:32:56 | 002,807,808 | ---- | M] (RealTek Semicoductor Corp.) -- C:\WINDOWS\ALCWZRD.EXE
PRC - [2005/09/21 10:24:02 | 000,086,016 | ---- | M] (Realtek Semiconductor Corp.) -- C:\WINDOWS\SOUNDMAN.EXE
PRC - [2005/05/03 18:43:28 | 000,069,632 | ---- | M] (Realtek Semiconductor Corp.) -- C:\WINDOWS\ALCMTR.EXE
========== Modules (No Company Name) ==========
MOD - [2012/04/19 22:42:11 | 011,817,472 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Web\db1d2470de43ffcb6f562277208d56e5\System.Web.ni.dll
MOD - [2012/04/19 22:41:52 | 000,212,992 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.ServiceProce#\56e433394df8d44e43690a855e403555\System.ServiceProcess.ni.dll
MOD - [2012/04/19 22:41:09 | 001,712,128 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Microsoft.VisualBas#\3ec4a3f74cb80c9b9581d778e8645b2c\Microsoft.VisualBasic.ni.dll
MOD - [2012/04/19 19:19:42 | 012,430,848 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\d96906db18e87ffe2e08f6cda7e2be0f\System.Windows.Forms.ni.dll
MOD - [2012/04/19 19:18:03 | 001,591,808 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Drawing\8d886cdc2ca5f0ff97cd1afe8773bb6e\System.Drawing.ni.dll
MOD - [2012/04/19 19:10:51 | 002,933,248 | ---- | M] () -- C:\WINDOWS\assembly\GAC_32\System.Data\2.0.0.0__b77a5c561934e089\System.Data.dll
MOD - [2012/04/19 19:10:09 | 000,303,104 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\System.Runtime.Remoting\2.0.0.0__b77a5c561934e089\System.Runtime.Remoting.dll
MOD - [2012/04/19 18:20:00 | 000,998,400 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Management\a2a14380e8c9149d5b212d0100ef588a\System.Management.ni.dll
MOD - [2012/04/19 18:18:24 | 000,971,264 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Configuration\94a40f415bfa947e251888bbe88bb973\System.Configuration.ni.dll
MOD - [2012/04/19 18:15:56 | 005,450,752 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Xml\77e1279cbf4eecfb0284b63316fe43fe\System.Xml.ni.dll
MOD - [2012/04/19 18:15:07 | 006,616,576 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Data\ae888f8633fce3ff1de98e32bce0abbf\System.Data.ni.dll
MOD - [2012/04/19 18:11:30 | 007,953,408 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System\9e3803cd2a11f056291862e306a8e2b2\System.ni.dll
MOD - [2012/04/19 18:10:55 | 011,490,816 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\mscorlib\ca87ba84221991839abbe7d4bc9c6721\mscorlib.ni.dll
MOD - [2012/04/12 03:37:34 | 000,444,400 | ---- | M] () -- C:\Documents and Settings\HP_Administrator\Local Settings\Application Data\Google\Chrome\Application\18.0.1025.162\ppgooglenaclpluginchrome.dll
MOD - [2012/04/12 03:37:33 | 003,915,248 | ---- | M] () -- C:\Documents and Settings\HP_Administrator\Local Settings\Application Data\Google\Chrome\Application\18.0.1025.162\pdf.dll
MOD - [2012/04/12 03:36:08 | 000,122,880 | ---- | M] () -- C:\Documents and Settings\HP_Administrator\Local Settings\Application Data\Google\Chrome\Application\18.0.1025.162\avutil-51.dll
MOD - [2012/04/12 03:36:06 | 000,220,672 | ---- | M] () -- C:\Documents and Settings\HP_Administrator\Local Settings\Application Data\Google\Chrome\Application\18.0.1025.162\avformat-53.dll
MOD - [2012/04/12 03:36:05 | 001,747,456 | ---- | M] () -- C:\Documents and Settings\HP_Administrator\Local Settings\Application Data\Google\Chrome\Application\18.0.1025.162\avcodec-53.dll
MOD - [2012/04/12 02:51:55 | 008,743,584 | ---- | M] () -- C:\Documents and Settings\HP_Administrator\Local Settings\Application Data\Google\Chrome\Application\18.0.1025.162\gcswf32.dll
MOD - [2011/11/03 11:28:36 | 001,292,288 | ---- | M] () -- C:\WINDOWS\system32\quartz.dll
MOD - [2009/08/19 16:49:08 | 000,049,152 | ---- | M] () -- C:\Program Files\Western Digital\WD SmartWare\Front Parlor\Memeo.API.dll
MOD - [2009/07/29 16:24:14 | 000,504,293 | ---- | M] () -- C:\Program Files\Western Digital\WD SmartWare\Front Parlor\sqlite3.dll
MOD - [2008/04/13 20:11:59 | 000,014,336 | ---- | M] () -- C:\WINDOWS\system32\msdmo.dll
MOD - [2008/04/13 20:11:51 | 000,059,904 | ---- | M] () -- C:\WINDOWS\system32\devenum.dll
MOD - [2004/09/28 11:54:48 | 000,269,824 | ---- | M] () -- C:\WINDOWS\system32\sbe.dll
MOD - [2002/07/04 09:38:00 | 000,053,248 | ---- | M] () -- C:\Program Files\ArcSoft\PhotoImpression 5\Share\PIHook.dll
========== Win32 Services (SafeList) ==========
SRV - [2012/03/27 19:14:06 | 000,138,232 | R--- | M] (Symantec Corporation) [Auto | Running] -- C:\Program Files\Norton Internet Security\Engine\19.7.0.9\ccSvcHst.exe -- (NIS)
SRV - [2011/08/11 19:38:07 | 000,116,608 | ---- | M] (SUPERAntiSpyware.com) [Auto | Running] -- C:\Program Files\SUPERAntiSpyware\SASCore.exe -- (!SASCORE)
SRV - [2009/10/14 14:31:02 | 000,098,304 | ---- | M] (WDC) [Auto | Running] -- C:\Program Files\Western Digital\WD SmartWare\WD Drive Manager\WDDMService.exe -- (WDDMService)
SRV - [2009/06/16 09:58:08 | 000,020,480 | ---- | M] (Memeo) [Auto | Running] -- C:\Program Files\Western Digital\WD SmartWare\Front Parlor\WDSmartWareBackgroundService.exe -- (WDSmartWareBackgroundService)
SRV - [2006/10/23 08:50:35 | 000,046,640 | R--- | M] (AOL LLC) [On_Demand | Running] -- C:\Program Files\Common Files\AOL\acs\AOLacsd.exe -- (AOL ACS)
SRV - [2005/11/28 14:02:54 | 000,172,032 | ---- | M] (Acronis) [Auto | Running] -- C:\Program Files\Common Files\Acronis\Schedule2\schedul2.exe -- (AcrSch2Svc)
========== Driver Services (SafeList) ==========
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (WDICA)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDRFRAME)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDRELI)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDFRAME)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDCOMP)
DRV - File not found [Kernel | System | Stopped] -- -- (PCIDump)
DRV - File not found [Kernel | System | Stopped] -- -- (lbrtfdc)
DRV - File not found [Kernel | System | Stopped] -- -- (i2omgmt)
DRV - File not found [Kernel | System | Stopped] -- -- (Changer)
DRV - [2012/04/19 19:40:23 | 000,249,152 | ---- | M] (Acronis) [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\timntr.sys -- (timounter)
DRV - [2012/04/19 19:40:23 | 000,030,688 | ---- | M] (Acronis) [File_System | Auto | Running] -- C:\WINDOWS\system32\drivers\tifsfilt.sys -- (tifsfilter)
DRV - [2012/04/19 19:40:15 | 000,096,320 | ---- | M] (Acronis) [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\snapman.sys -- (snapman)
DRV - [2012/04/18 22:10:23 | 000,141,944 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\SYMEVENT.SYS -- (SymEvent)
DRV - [2012/04/18 01:00:00 | 001,576,312 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\Documents and Settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.6.2.10\Definitions\VirusDefs\20120425.002\NAVEX15.SYS -- (NAVEX15)
DRV - [2012/04/18 01:00:00 | 000,374,392 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Program Files\Common Files\Symantec Shared\EENGINE\eeCtrl.sys -- (eeCtrl)
DRV - [2012/04/18 01:00:00 | 000,106,104 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\Program Files\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys -- (EraserUtilRebootDrv)
DRV - [2012/04/18 01:00:00 | 000,086,136 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\Documents and Settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.6.2.10\Definitions\VirusDefs\20120425.002\NAVENG.SYS -- (NAVENG)
DRV - [2012/04/18 00:56:02 | 000,356,280 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\Documents and Settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.6.2.10\Definitions\IPSDefs\20120424.001\IDSXpx86.sys -- (IDSxpx86)
DRV - [2012/04/02 23:39:56 | 000,821,880 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Documents and Settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.6.2.10\Definitions\BASHDefs\20120413.001\BHDrvx86.sys -- (BHDrvx86)
DRV - [2012/03/29 02:28:38 | 000,388,216 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\NIS\1307000.009\symtdi.sys -- (SYMTDI)
DRV - [2012/03/29 02:28:30 | 000,905,336 | ---- | M] (Symantec Corporation) [File_System | Boot | Running] -- C:\WINDOWS\system32\drivers\NIS\1307000.009\symefa.sys -- (SymEFA)
DRV - [2012/03/29 02:06:25 | 000,149,624 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\NIS\1307000.009\ironx86.sys -- (SymIRON)
DRV - [2012/03/29 02:03:27 | 000,574,072 | ---- | M] (Symantec Corporation) [File_System | On_Demand | Running] -- C:\WINDOWS\system32\drivers\NIS\1307000.009\srtsp.sys -- (SRTSP)
DRV - [2012/03/29 02:03:27 | 000,032,888 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\NIS\1307000.009\srtspx.sys -- (SRTSPX) Symantec Real Time Storage Protection (PEL)
DRV - [2012/01/17 18:45:55 | 000,340,088 | R--- | M] (Symantec Corporation) [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\NIS\1307000.009\symds.sys -- (SymDS)
DRV - [2011/11/29 18:44:14 | 000,132,744 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\NIS\1307000.009\ccsetx86.sys -- (ccSet_NIS)
DRV - [2011/07/22 12:27:02 | 000,012,880 | ---- | M] (SUPERAdBlocker.com and SUPERAntiSpyware.com) [Kernel | System | Running] -- C:\Program Files\SUPERAntiSpyware\sasdifsv.sys -- (SASDIFSV)
DRV - [2011/07/12 17:55:22 | 000,067,664 | ---- | M] (SUPERAdBlocker.com and SUPERAntiSpyware.com) [Kernel | System | Running] -- C:\Program Files\SUPERAntiSpyware\SASKUTIL.SYS -- (SASKUTIL)
DRV - [2008/05/06 16:06:00 | 000,011,520 | ---- | M] (Western Digital Technologies) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\wdcsam.sys -- (WDC_SAM)
DRV - [2008/02/25 12:54:56 | 000,105,088 | ---- | M] (Realtek Semiconductor Corporation ) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\Rtnicxp.sys -- (RTL8023xp)
DRV - [2005/09/23 18:56:28 | 003,966,976 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\RtkHDAud.sys -- (IntcAzAudAddService) Service for Realtek HD Audio (WDM)
DRV - [2005/04/15 00:12:12 | 000,175,616 | ---- | M] (Promise Technology, Inc.) [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\ftsata2.sys -- (ftsata2)
DRV - [2005/01/25 09:56:00 | 000,923,863 | ---- | M] (Motorola Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\smserial.sys -- (smserial)
DRV - [2005/01/08 03:07:16 | 000,145,920 | ---- | M] (Windows ® Server 2003 DDK provider) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\Hdaudio.sys -- (HdAudAddService)
DRV - [2004/08/04 08:41:36 | 000,606,684 | ---- | M] (LT) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ltmdmnt.sys -- (ltmodem5)
DRV - [2004/08/04 08:31:34 | 000,020,992 | ---- | M] (Realtek Semiconductor Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\RTL8139.sys -- (rtl8139) Realtek RTL8139(A/B/C)
DRV - [2003/11/05 18:45:12 | 000,017,408 | ---- | M] (Promise Technology, Inc.) [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\bb-run.sys -- (bb-run)
DRV - [2003/01/10 17:13:04 | 000,033,588 | R--- | M] (America Online, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\wanatw4.sys -- (wanatw) WAN Miniport (ATW)
DRV - [2001/06/04 10:00:00 | 000,014,112 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\PS2.sys -- (Ps2)
========== Standard Registry (SafeList) ==========
========== Internet Explorer ==========
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = http://ie.redirect.h...arm1=seconduser
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://ie.redirect.h...arm1=seconduser
IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://search.live.c...ferrer:source?}
IE - HKU\.DEFAULT\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://ie.redirect.h...arm1=seconduser
IE - HKU\.DEFAULT\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://ie.redirect.h...arm1=seconduser
IE - HKU\.DEFAULT\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = http://ie.redirect.h...arm1=seconduser
IE - HKU\.DEFAULT\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://ie.redirect.h...arm1=seconduser
IE - HKU\.DEFAULT\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://ie.redirect.h...arm1=seconduser
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-18\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://ie.redirect.h...arm1=seconduser
IE - HKU\S-1-5-18\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://ie.redirect.h...arm1=seconduser
IE - HKU\S-1-5-18\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = http://ie.redirect.h...arm1=seconduser
IE - HKU\S-1-5-18\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://ie.redirect.h...arm1=seconduser
IE - HKU\S-1-5-18\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://ie.redirect.h...arm1=seconduser
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-3156204540-1018871048-2593910535-1008\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://ie.redirect.h...arm1=seconduser
IE - HKU\S-1-5-21-3156204540-1018871048-2593910535-1008\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://ie.redirect.h...arm1=seconduser
IE - HKU\S-1-5-21-3156204540-1018871048-2593910535-1008\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = http://ie.redirect.h...arm1=seconduser
IE - HKU\S-1-5-21-3156204540-1018871048-2593910535-1008\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://ie.redirect.h...arm1=seconduser
IE - HKU\S-1-5-21-3156204540-1018871048-2593910535-1008\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://ie.redirect.h...arm1=seconduser
IE - HKU\S-1-5-21-3156204540-1018871048-2593910535-1008\..\URLSearchHook: {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll (Yahoo! Inc.)
IE - HKU\S-1-5-21-3156204540-1018871048-2593910535-1008\..\SearchScopes,DefaultScope = {8C70B2AB-58B4-49E0-A431-DE6860028817}
IE - HKU\S-1-5-21-3156204540-1018871048-2593910535-1008\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://search.live.c...Box&Form=IE8SRC
IE - HKU\S-1-5-21-3156204540-1018871048-2593910535-1008\..\SearchScopes\{8C70B2AB-58B4-49E0-A431-DE6860028817}: "URL" = http://www.google.co...ie=utf8&oe=utf8
IE - HKU\S-1-5-21-3156204540-1018871048-2593910535-1008\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-3156204540-1018871048-2593910535-1008\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyServer" = :0
========== FireFox ==========
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@real.com/nppl3260;version=6.0.11.2061: C:\Program Files\Real\RealPlayer\Netscape6\nppl3260.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprjplug;version=1.0.2.2122: C:\Program Files\Real\RealPlayer\Netscape6\nprjplug.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprpjplug;version=6.0.12.1059: C:\Program Files\Real\RealPlayer\Netscape6\nprpjplug.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nsJSRealPlayerPlugin;version=: File not found
FF - HKLM\Software\MozillaPlugins\@viewpoint.com/VMP: C:\Program Files\Viewpoint\Viewpoint Experience Technology\npViewpoint.dll ()
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Documents and Settings\HP_Administrator\Local Settings\Application Data\Google\Update\1.3.21.111\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Documents and Settings\HP_Administrator\Local Settings\Application Data\Google\Update\1.3.21.111\npGoogleUpdate3.dll (Google Inc.)
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\[email protected]: C:\Program Files\HP\Digital Imaging\Smart Web Printing\MozillaAddOn2 [2012/04/18 21:05:55 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{BBDA0591-3099-440a-AA10-41764D9DB4DB}: C:\Documents and Settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.6.2.10\IPSFFPlgn\ [2012/04/18 22:12:01 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{2D3F3651-74B9-4795-BDEC-6DA2F431CB62}: C:\Documents and Settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.6.2.10\coFFPlgn\ [2012/04/25 18:04:42 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Firefox\Extensions\\[email protected]: C:\Program Files\HP\Digital Imaging\Smart Web Printing\MozillaAddOn2 [2012/04/18 21:05:55 | 000,000,000 | ---D | M]
========== Chrome ==========
CHR - default_search_provider: Google (Enabled)
CHR - default_search_provider: search_url = {google:baseURL}search?{google:RLZ}{google:acceptedSuggestion}{google:originalQueryForSuggestion}{google:searchFieldtrialParameter}{google:instantFieldTrialGroupParameter}sourceid=chrome&ie={inputEncoding}&q={searchTerms}
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}{google:instantFieldTrialGroupParameter}client=chrome&hl={language}&q={searchTerms}
CHR - plugin: Remoting Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Documents and Settings\HP_Administrator\Local Settings\Application Data\Google\Chrome\Application\18.0.1025.162\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Documents and Settings\HP_Administrator\Local Settings\Application Data\Google\Chrome\Application\18.0.1025.162\pdf.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Documents and Settings\HP_Administrator\Local Settings\Application Data\Google\Chrome\Application\18.0.1025.162\gcswf32.dll
CHR - plugin: Adobe Acrobat (Enabled) = C:\Program Files\Adobe\Acrobat 7.0\Reader\Browser\nppdf32.dll
CHR - plugin: Google Update (Enabled) = C:\Documents and Settings\HP_Administrator\Local Settings\Application Data\Google\Update\1.3.21.111\npGoogleUpdate3.dll
CHR - plugin: RealPlayer G2 LiveConnect-Enabled Plug-In (32-bit) (Enabled) = C:\Program Files\Real\RealPlayer\Netscape6\nppl3260.dll
CHR - plugin: RealPlayer Version Plugin (Enabled) = C:\Program Files\Real\RealPlayer\Netscape6\nprpjplug.dll
CHR - plugin: RealJukebox NS Plugin (Enabled) = C:\Program Files\Real\RealPlayer\Netscape6\nprjplug.dll
CHR - Extension: YouTube = C:\Documents and Settings\HP_Administrator\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\
CHR - Extension: YouTube = C:\Documents and Settings\HP_Administrator\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2_0\
CHR - Extension: Google Search = C:\Documents and Settings\HP_Administrator\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.14_0\
CHR - Extension: Google Search = C:\Documents and Settings\HP_Administrator\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.19_0\
CHR - Extension: Norton Identity Protection = C:\Documents and Settings\HP_Administrator\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\mkfokfffehpeedafpekjeddnmnjhmcmk\2012.5.2.6_0\
CHR - Extension: Norton Identity Protection = C:\Documents and Settings\HP_Administrator\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\mkfokfffehpeedafpekjeddnmnjhmcmk\2012.5.3.7_0\
CHR - Extension: Gmail = C:\Documents and Settings\HP_Administrator\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\6.1.3_0\
CHR - Extension: Gmail = C:\Documents and Settings\HP_Administrator\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\
O1 HOSTS File: ([2004/08/10 22:00:00 | 000,000,734 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (&Yahoo! Toolbar Helper) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll (Yahoo! Inc.)
O2 - BHO: (Norton Identity Protection) - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files\Norton Internet Security\Engine\19.7.0.9\coieplg.dll (Symantec Corporation)
O2 - BHO: (Norton Vulnerability Protection) - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files\Norton Internet Security\Engine\19.7.0.9\ips\ipsbho.dll (Symantec Corporation)
O3 - HKLM\..\Toolbar: (Norton Toolbar) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files\Norton Internet Security\Engine\19.7.0.9\coieplg.dll (Symantec Corporation)
O3 - HKLM\..\Toolbar: (Yahoo! Toolbar) - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll (Yahoo! Inc.)
O3 - HKU\S-1-5-21-3156204540-1018871048-2593910535-1008\..\Toolbar\WebBrowser: (no name) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No CLSID value found.
O3 - HKU\S-1-5-21-3156204540-1018871048-2593910535-1008\..\Toolbar\WebBrowser: (no name) - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - No CLSID value found.
O3 - HKU\S-1-5-21-3156204540-1018871048-2593910535-1008\..\Toolbar\WebBrowser: (Norton Toolbar) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files\Norton Internet Security\Engine\19.7.0.9\coieplg.dll (Symantec Corporation)
O4 - HKLM..\Run: [Alcmtr] C:\WINDOWS\ALCMTR.EXE (Realtek Semiconductor Corp.)
O4 - HKLM..\Run: [AlcWzrd] C:\WINDOWS\ALCWZRD.EXE (RealTek Semicoductor Corp.)
O4 - HKLM..\Run: [High Definition Audio Property Page Shortcut] C:\WINDOWS\System32\HdAShCut.exe (Windows ® Server 2003 DDK provider)
O4 - HKLM..\Run: [SoundMan] C:\WINDOWS\SOUNDMAN.EXE (Realtek Semiconductor Corp.)
O4 - HKLM..\Run: [TkBellExe] C:\Program Files\Common Files\Real\Update_OB\realsched.exe (RealNetworks, Inc.)
O4 - HKU\S-1-5-21-3156204540-1018871048-2593910535-1008..\Run: [Second Copy 2000] C:\Program Files\SecCopy\SecCopy.exe (Centered Systems)
O4 - HKU\S-1-5-21-3156204540-1018871048-2593910535-1008..\Run: [SUPERAntiSpyware] C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe (SUPERAntiSpyware.com)
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\WDDMStatus.lnk = C:\Program Files\Western Digital\WD SmartWare\WD Drive Manager\WDDMStatus.exe (WDC)
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\WDSmartWare.lnk = C:\Program Files\Western Digital\WD SmartWare\Front Parlor\WDSmartWare.exe (Western Digital)
O4 - Startup: C:\Documents and Settings\HP_Administrator\Start Menu\Programs\Startup\Dropbox.lnk = C:\Documents and Settings\HP_Administrator\Application Data\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: InstallVisualStyle = C:\WINDOWS\Resources\Themes\Royale\Royale.msstyles (Microsoft)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: InstallTheme = C:\WINDOWS\Resources\Themes\Royale.theme ()
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-21-3156204540-1018871048-2593910535-1008\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O9 - Extra 'Tools' menuitem : Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0\bin\NPJPI150.dll (Sun Microsystems, Inc.)
O9 - Extra Button: Connection Help - {E2D4D26B-0180-43a4-B05F-462D6D54C789} - C:\WINDOWS\pchealth\helpctr\Vendors\CN=Hewlett-Packard,L=Cupertino,S=Ca,C=US\IEButton\support.htm ()
O9 - Extra 'Tools' menuitem : Connection Help - {E2D4D26B-0180-43a4-B05F-462D6D54C789} - C:\WINDOWS\pchealth\helpctr\Vendors\CN=Hewlett-Packard,L=Cupertino,S=Ca,C=US\IEButton\support.htm ()
O15 - HKU\S-1-5-21-3156204540-1018871048-2593910535-1008\..Trusted Domains: aol.com ([objects] * is out of zone range - 5)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.5.0)
O16 - DPF: {CAFEEFAC-0015-0000-0000-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.5.0)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.254
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{714AE337-3357-49AC-863B-4594B44FA7F0}: DhcpNameServer = 192.168.1.254
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\WINDOWS\system32\userinit.exe) - C:\WINDOWS\system32\userinit.exe (Microsoft Corporation)
O20 - Winlogon\Notify\!SASWinLogon: DllName - (C:\Program Files\SUPERAntiSpyware\SASWINLO.DLL) - C:\Program Files\SUPERAntiSpyware\SASWINLO.DLL (SUPERAntiSpyware.com)
O24 - Desktop WallPaper: C:\Documents and Settings\HP_Administrator\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O24 - Desktop BackupWallPaper: C:\Documents and Settings\HP_Administrator\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O28 - HKLM ShellExecuteHooks: {5AE067D3-9AFB-48E0-853A-EBB7F4A000DA} - C:\Program Files\SUPERAntiSpyware\SASSEH.DLL (SuperAdBlocker.com)
O30 - LSA: Authentication Packages - (relog_ap) - C:\WINDOWS\System32\relog_ap.dll (Acronis)
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2005/08/20 20:55:47 | 000,000,100 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O32 - AutoRun File - [2001/07/28 05:07:38 | 000,000,000 | -HS- | M] () - D:\AUTOEXEC.BAT -- [ FAT32 ]
O32 - AutoRun File - [2004/04/30 21:01:14 | 000,000,053 | -HS- | M] () - D:\Autorun.inf -- [ FAT32 ]
O32 - AutoRun File - [2009/06/18 17:12:18 | 000,000,088 | R--- | M] () - K:\autorun.inf -- [ UDF ]
O33 - MountPoints2\{2468f7ce-89c3-11e1-869e-0013d4ce9761}\Shell - "" = AutoRun
O33 - MountPoints2\{2468f7ce-89c3-11e1-869e-0013d4ce9761}\Shell\AutoRun - "" = Auto&Play
O33 - MountPoints2\{2468f7ce-89c3-11e1-869e-0013d4ce9761}\Shell\AutoRun\command - "" = M:\LaunchU3.exe -a
O33 - MountPoints2\{90c5dba4-8a6c-11e1-86a6-0013d4ce9761}\Shell - "" = AutoRun
O33 - MountPoints2\{90c5dba4-8a6c-11e1-86a6-0013d4ce9761}\Shell\AutoRun - "" = Auto&Play
O33 - MountPoints2\{90c5dba4-8a6c-11e1-86a6-0013d4ce9761}\Shell\AutoRun\command - "" = M:\LaunchU3.exe -a
O33 - MountPoints2\{a6f3e0c3-89b9-11e1-869b-0013d4ce9761}\Shell - "" = AutoRun
O33 - MountPoints2\{a6f3e0c3-89b9-11e1-869b-0013d4ce9761}\Shell\AutoRun - "" = Auto&Play
O33 - MountPoints2\{a6f3e0c3-89b9-11e1-869b-0013d4ce9761}\Shell\AutoRun\command - "" = K:\WD SmartWare.exe -- [2009/10/14 17:28:45 | 003,271,968 | R--- | M] (Western Digital)
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
========== Files/Folders - Created Within 30 Days ==========
[2012/04/25 16:15:34 | 000,000,000 | ---D | C] -- C:\WINDOWS\Minidump
[2012/04/23 19:09:09 | 000,388,216 | ---- | C] (Symantec Corporation) -- C:\WINDOWS\System32\drivers\NIS\1307000.009\symtdi.sys
[2012/04/23 19:09:09 | 000,345,208 | ---- | C] (Symantec Corporation) -- C:\WINDOWS\System32\drivers\NIS\1307000.009\symtdiv.sys
[2012/04/23 19:09:08 | 000,318,584 | ---- | C] (Symantec Corporation) -- C:\WINDOWS\System32\drivers\NIS\1307000.009\symnets.sys
[2012/04/23 19:09:07 | 000,905,336 | ---- | C] (Symantec Corporation) -- C:\WINDOWS\System32\drivers\NIS\1307000.009\symefa.sys
[2012/04/23 19:09:07 | 000,340,088 | R--- | C] (Symantec Corporation) -- C:\WINDOWS\System32\drivers\NIS\1307000.009\symds.sys
[2012/04/23 19:09:07 | 000,032,888 | ---- | C] (Symantec Corporation) -- C:\WINDOWS\System32\drivers\NIS\1307000.009\srtspx.sys
[2012/04/23 19:09:06 | 000,574,072 | ---- | C] (Symantec Corporation) -- C:\WINDOWS\System32\drivers\NIS\1307000.009\srtsp.sys
[2012/04/23 19:09:06 | 000,149,624 | ---- | C] (Symantec Corporation) -- C:\WINDOWS\System32\drivers\NIS\1307000.009\ironx86.sys
[2012/04/23 19:09:06 | 000,132,744 | ---- | C] (Symantec Corporation) -- C:\WINDOWS\System32\drivers\NIS\1307000.009\ccsetx86.sys
[2012/04/23 19:06:14 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\drivers\NIS\1307000.009
[2012/04/22 19:56:43 | 000,000,000 | ---D | C] -- C:\Documents and Settings\HP_Administrator\Application Data\EPSON
[2012/04/22 19:54:38 | 000,000,000 | ---D | C] -- C:\Documents and Settings\HP_Administrator\Application Data\ArcSoft
[2012/04/22 19:49:34 | 000,000,000 | ---D | C] -- C:\Documents and Settings\HP_Administrator\Application Data\Smart Panel
[2012/04/19 21:43:15 | 000,000,000 | ---D | C] -- C:\Documents and Settings\HP_Administrator\Local Settings\Application Data\Help
[2012/04/19 21:43:15 | 000,000,000 | ---D | C] -- C:\Documents and Settings\HP_Administrator\Application Data\Help
[2012/04/19 21:42:01 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Second Copy 2000
[2012/04/19 21:41:54 | 000,000,000 | ---D | C] -- C:\Program Files\SecCopy
[2012/04/19 21:38:35 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\WD_SmartWareCommon
[2012/04/19 21:34:03 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Acronis
[2012/04/19 19:56:26 | 000,000,000 | ---D | C] -- C:\Documents and Settings\LocalService\Local Settings\Application Data\AOL
[2012/04/19 19:56:15 | 000,000,000 | ---D | C] -- C:\Documents and Settings\HP_Administrator\Application Data\AOL
[2012/04/19 19:56:04 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Macromedia
[2012/04/19 19:56:01 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\AOL
[2012/04/19 19:55:41 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Viewpoint
[2012/04/19 19:55:38 | 000,000,000 | ---D | C] -- C:\Program Files\Viewpoint
[2012/04/19 19:55:37 | 000,058,696 | ---- | C] (AOL Inc.) -- C:\WINDOWS\System32\AOLParconLink.exe
[2012/04/19 19:55:06 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Documents\AOL Downloads
[2012/04/19 19:54:45 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\AOL OCP
[2012/04/19 19:54:45 | 000,000,000 | ---D | C] -- C:\Documents and Settings\HP_Administrator\Local Settings\Application Data\AOL
[2012/04/19 19:54:13 | 000,000,000 | ---D | C] -- C:\Program Files\AOL
[2012/04/19 19:54:05 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\AOL
[2012/04/19 19:54:04 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\aolshare
[2012/04/19 19:54:04 | 000,000,000 | ---D | C] -- C:\Program Files\AOL Desktop 9.7
[2012/04/19 19:54:04 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\AOL
[2012/04/19 19:45:25 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\AOL Downloads
[2012/04/19 19:40:11 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Acronis
[2012/04/19 19:40:09 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Acronis
[2012/04/19 19:40:09 | 000,000,000 | ---D | C] -- C:\Program Files\Acronis
[2012/04/19 19:33:50 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\OLYMPUS CAMEDIA Master
[2012/04/19 19:33:44 | 000,000,000 | ---D | C] -- C:\Program Files\OLYMPUS
[2012/04/19 19:30:54 | 000,000,000 | ---D | C] -- C:\Documents and Settings\HP_Administrator\Local Settings\Application Data\ABBYY
[2012/04/19 19:26:31 | 000,000,000 | ---D | C] -- C:\Documents and Settings\HP_Administrator\Application Data\Leadertech
[2012/04/19 19:26:27 | 000,000,000 | ---D | C] -- C:\EPSONREG
[2012/04/19 19:25:55 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Epson
[2012/04/19 19:24:34 | 000,212,480 | ---- | C] (Eastman Kodak) -- C:\WINDOWS\PCDLIB32.DLL
[2012/04/19 19:24:33 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\ArcSoft PhotoImpression 5
[2012/04/19 19:24:32 | 000,000,000 | ---D | C] -- C:\Program Files\ArcSoft
[2012/04/19 19:23:05 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Presto! BizCard 4.1 (English Version)
[2012/04/19 19:22:44 | 000,000,000 | ---D | C] -- C:\Program Files\NewSoft
[2012/04/19 19:22:12 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\ABBYY FineReader Tools
[2012/04/19 19:22:05 | 000,000,000 | ---D | C] -- C:\Program Files\ABBYY FineReader 5.0 Sprint
[2012/04/19 19:21:39 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\EPSON Scan to Web
[2012/04/19 19:20:59 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\EPSON Utility Suite
[2012/04/19 19:19:12 | 000,000,000 | ---D | C] -- C:\Documents and Settings\HP_Administrator\My Documents\PeachTree
[2012/04/19 19:18:07 | 000,000,000 | ---D | C] -- C:\Program Files\Smart Panel
[2012/04/19 19:18:07 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\EPSON Smart Panel
[2012/04/19 19:17:39 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\EPSON Scan
[2012/04/19 19:17:38 | 000,000,000 | ---D | C] -- C:\Program Files\epson
[2012/04/19 18:59:52 | 000,000,000 | ---D | C] -- C:\Documents and Settings\HP_Administrator\Application Data\Peachtree
[2012/04/19 18:58:52 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Peachtree Complete Accounting 2006
[2012/04/19 18:57:59 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Stamps.com
[2012/04/19 18:57:36 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Intuit
[2012/04/19 18:57:25 | 000,090,112 | ---- | C] (Stamps.com Inc.) -- C:\WINDOWS\System32\SDCCInfo.dll
[2012/04/19 18:57:19 | 000,000,000 | ---D | C] -- C:\Program Files\Stamps.com Internet Postage
[2012/04/19 18:56:18 | 000,000,000 | ---D | C] -- C:\WINDOWS\Crystal
[2012/04/19 18:56:11 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Peach
[2012/04/19 18:55:10 | 000,000,000 | ---D | C] -- C:\Program Files\Sage Software
[2012/04/19 18:11:34 | 000,000,000 | -HSD | C] -- C:\Documents and Settings\HP_Administrator\PrivacIE
[2012/04/19 18:11:06 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Yahoo! Companion
[2012/04/19 18:11:06 | 000,000,000 | ---D | C] -- C:\Documents and Settings\HP_Administrator\Application Data\Yahoo!
[2012/04/19 18:11:06 | 000,000,000 | ---D | C] -- C:\Documents and Settings\HP_Administrator\Application Data\HPAppData
[2012/04/19 17:35:27 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Microsoft Office
[2012/04/19 17:35:15 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft ActiveSync
[2012/04/19 17:34:43 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\DESIGNER
[2012/04/19 17:34:18 | 000,000,000 | ---D | C] -- C:\WINDOWS\SHELLNEW
[2012/04/19 17:33:46 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft.NET
[2012/04/19 17:32:15 | 000,000,000 | RH-D | C] -- C:\MSOCache
[2012/04/19 16:52:27 | 000,000,000 | -HSD | C] -- C:\Documents and Settings\HP_Administrator\IECompatCache
[2012/04/19 16:30:57 | 000,000,000 | ---D | C] -- C:\Documents and Settings\HP_Administrator\Application Data\SUPERAntiSpyware.com
[2012/04/19 16:30:32 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\SUPERAntiSpyware
[2012/04/19 16:30:28 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\SUPERAntiSpyware.com
[2012/04/19 16:30:28 | 000,000,000 | ---D | C] -- C:\Program Files\SUPERAntiSpyware
[2012/04/19 03:10:12 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\XPSViewer
[2012/04/19 03:10:06 | 000,000,000 | ---D | C] -- C:\Program Files\MSBuild
[2012/04/19 03:09:56 | 000,000,000 | ---D | C] -- C:\Program Files\Reference Assemblies
[2012/04/18 22:46:19 | 000,000,000 | ---D | C] -- C:\WINDOWS\ie8updates
[2012/04/18 22:18:44 | 000,000,000 | ---D | C] -- C:\Documents and Settings\HP_Administrator\Application Data\U3
[2012/04/18 22:10:23 | 000,141,944 | ---- | C] (Symantec Corporation) -- C:\WINDOWS\System32\drivers\SYMEVENT.SYS
[2012/04/18 22:10:23 | 000,060,872 | ---- | C] (Symantec Corporation) -- C:\WINDOWS\System32\S32EVNT1.DLL
[2012/04/18 22:10:23 | 000,000,000 | ---D | C] -- C:\Program Files\Symantec
[2012/04/18 22:09:32 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\drivers\NIS
[2012/04/18 22:09:30 | 000,000,000 | ---D | C] -- C:\Program Files\Windows Sidebar
[2012/04/18 22:09:30 | 000,000,000 | ---D | C] -- C:\Program Files\Norton Internet Security
[2012/04/18 22:09:30 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Norton Internet Security
[2012/04/18 22:09:21 | 000,000,000 | ---D | C] -- C:\Program Files\NortonInstaller
[2012/04/18 22:09:21 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\NortonInstaller
[2012/04/18 22:08:49 | 000,000,000 | ---D | C] -- C:\Documents and Settings\HP_Administrator\Application Data\Malwarebytes
[2012/04/18 22:08:46 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Malwarebytes' Anti-Malware
[2012/04/18 22:08:45 | 000,022,344 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbam.sys
[2012/04/18 22:08:45 | 000,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware
[2012/04/18 22:08:45 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Malwarebytes
[2012/04/18 22:08:13 | 000,000,000 | ---D | C] -- C:\Documents and Settings\HP_Administrator\Start Menu\Programs\Dropbox
[2012/04/18 22:07:42 | 000,000,000 | ---D | C] -- C:\Documents and Settings\HP_Administrator\Application Data\Dropbox
[2012/04/18 22:05:03 | 000,000,000 | ---D | C] -- C:\Documents and Settings\HP_Administrator\Start Menu\Programs\Norton
[2012/04/18 22:05:02 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Documents\Norton
[2012/04/18 22:05:02 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Norton
[2012/04/18 21:57:44 | 000,000,000 | -HSD | C] -- C:\Documents and Settings\HP_Administrator\IETldCache
[2012/04/18 21:50:45 | 000,000,000 | --SD | C] -- C:\Documents and Settings\HP_Administrator\Application Data\Microsoft
[2012/04/18 21:50:45 | 000,000,000 | RH-D | C] -- C:\Documents and Settings\HP_Administrator\Application Data
[2012/04/18 21:50:45 | 000,000,000 | R--D | C] -- C:\Documents and Settings\HP_Administrator\Favorites
[2012/04/18 21:50:45 | 000,000,000 | -HSD | C] -- C:\Documents and Settings\HP_Administrator\Cookies
[2012/04/18 21:50:45 | 000,000,000 | ---D | C] -- C:\Documents and Settings\HP_Administrator\Application Data\Symantec
[2012/04/18 21:50:45 | 000,000,000 | ---D | C] -- C:\Documents and Settings\HP_Administrator\Application Data\SampleView
[2012/04/18 21:50:45 | 000,000,000 | ---D | C] -- C:\Documents and Settings\HP_Administrator\Application Data\Real
[2012/04/18 21:50:45 | 000,000,000 | ---D | C] -- C:\Documents and Settings\HP_Administrator\Application Data\Intuit
[2012/04/18 21:50:45 | 000,000,000 | ---D | C] -- C:\Documents and Settings\HP_Administrator\Application Data\Identities
[2012/04/18 21:50:45 | 000,000,000 | ---D | C] -- C:\Documents and Settings\HP_Administrator\Local Settings\Application Data\Google
[2012/04/18 21:50:45 | 000,000,000 | ---D | C] -- C:\Documents and Settings\HP_Administrator\Desktop
[2012/04/18 21:50:45 | 000,000,000 | ---D | C] -- C:\Documents and Settings\HP_Administrator\Local Settings\Application Data\ApplicationHistory
[2012/04/18 21:50:45 | 000,000,000 | ---D | C] -- C:\Documents and Settings\HP_Administrator\Local Settings\Application Data\Apple Computer
[2012/04/18 21:50:45 | 000,000,000 | ---D | C] -- C:\Documents and Settings\HP_Administrator\Application Data\Apple Computer
[2012/04/18 21:50:44 | 000,000,000 | RH-D | C] -- C:\Documents and Settings\HP_Administrator\SendTo
[2012/04/18 21:50:44 | 000,000,000 | R--D | C] -- C:\Documents and Settings\HP_Administrator\Start Menu\Programs\Startup
[2012/04/18 21:50:44 | 000,000,000 | R--D | C] -- C:\Documents and Settings\HP_Administrator\Start Menu
[2012/04/18 21:50:44 | 000,000,000 | R--D | C] -- C:\Documents and Settings\HP_Administrator\My Documents\My Videos
[2012/04/18 21:50:44 | 000,000,000 | R--D | C] -- C:\Documents and Settings\HP_Administrator\My Documents\My Pictures
[2012/04/18 21:50:44 | 000,000,000 | R--D | C] -- C:\Documents and Settings\HP_Administrator\My Documents\My Music
[2012/04/18 21:50:44 | 000,000,000 | R--D | C] -- C:\Documents and Settings\HP_Administrator\My Documents
[2012/04/18 21:50:44 | 000,000,000 | R--D | C] -- C:\Documents and Settings\HP_Administrator\Start Menu\Programs\Accessories
[2012/04/18 21:50:44 | 000,000,000 | -H-D | C] -- C:\Documents and Settings\HP_Administrator\Templates
[2012/04/18 21:50:44 | 000,000,000 | -H-D | C] -- C:\Documents and Settings\HP_Administrator\PrintHood
[2012/04/18 21:50:44 | 000,000,000 | -H-D | C] -- C:\Documents and Settings\HP_Administrator\NetHood
[2012/04/18 21:50:44 | 000,000,000 | -H-D | C] -- C:\Documents and Settings\HP_Administrator\Local Settings
[2012/04/18 21:50:44 | 000,000,000 | ---D | C] -- C:\Documents and Settings\HP_Administrator\WINDOWS
[2012/04/18 21:50:44 | 000,000,000 | ---D | C] -- C:\Documents and Settings\HP_Administrator\Local Settings\Application Data\Microsoft
[2012/04/18 21:50:44 | 000,000,000 | ---D | C] -- C:\Documents and Settings\HP_Administrator\Local Settings\Application Data\{3248F0A6-6813-11D6-A77B-00B0D0150000}
[2012/04/18 21:48:35 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\SoftwareDistribution
[2012/04/18 21:48:09 | 000,000,000 | ---D | C] -- C:\WINDOWS\WBEM
[2012/04/18 21:47:14 | 000,000,000 | ---D | C] -- C:\Documents and Settings\HP_Administrator\Desktop\Trollbeads General
[2012/04/18 21:47:00 | 000,000,000 | -H-D | C] -- C:\WINDOWS\ie8
[2012/04/18 21:46:48 | 000,000,000 | ---D | C] -- C:\WINDOWS\Motorola
[2012/04/18 21:46:46 | 000,000,000 | ---D | C] -- C:\Documents and Settings\HP_Administrator\Desktop\Trollbead Images
[2012/04/18 21:46:46 | 000,000,000 | ---D | C] -- C:\Documents and Settings\HP_Administrator\Desktop\Seldom Used Files
[2012/04/18 21:46:45 | 000,000,000 | ---D | C] -- C:\Documents and Settings\HP_Administrator\Desktop\SC-Inventory
[2012/04/18 21:46:44 | 000,000,000 | ---D | C] -- C:\Documents and Settings\HP_Administrator\Desktop\SC-Fin. Support 10
[2012/04/18 21:46:44 | 000,000,000 | ---D | C] -- C:\Documents and Settings\HP_Administrator\Desktop\SC-Ebay Store
[2012/04/18 21:45:59 | 000,000,000 | -HSD | C] -- C:\System Volume Information
[2012/04/18 21:45:46 | 000,000,000 | ---D | C] -- C:\Documents and Settings\HP_Administrator\Desktop\SC Folders
[2012/04/18 21:45:36 | 000,000,000 | ---D | C] -- C:\Documents and Settings\HP_Administrator\Desktop\SC Financial Support
[2012/04/18 21:45:35 | 000,000,000 | ---D | C] -- C:\Documents and Settings\HP_Administrator\Desktop\SC 2011 Taxes
[2012/04/18 21:45:35 | 000,000,000 | ---D | C] -- C:\Documents and Settings\HP_Administrator\Desktop\Sales Tax
[2012/04/18 21:45:34 | 000,000,000 | ---D | C] -- C:\Documents and Settings\HP_Administrator\Desktop\Paypal 2012
[2012/04/18 21:45:32 | 000,000,000 | ---D | C] -- C:\Documents and Settings\HP_Administrator\Desktop\Paypal 2011
[2012/04/18 21:45:23 | 000,000,000 | ---D | C] -- C:\Documents and Settings\HP_Administrator\Desktop\Jule
[2012/04/18 21:45:20 | 000,000,000 | ---D | C] -- C:\Documents and Settings\HP_Administrator\Desktop\JFS Taxes
[2012/04/18 21:44:49 | 000,000,000 | ---D | C] -- C:\Documents and Settings\HP_Administrator\Desktop\JFS
[2012/04/18 21:44:34 | 000,000,000 | ---D | C] -- C:\Documents and Settings\HP_Administrator\Desktop\Invoices-Jule
[2012/04/18 21:44:34 | 000,000,000 | ---D | C] -- C:\Documents and Settings\HP_Administrator\Desktop\games
[2012/04/18 21:44:33 | 000,000,000 | ---D | C] -- C:\Documents and Settings\HP_Administrator\Desktop\Competitor info
[2012/04/18 21:43:37 | 000,000,000 | ---D | C] -- C:\Documents and Settings\HP_Administrator\Desktop\Chamilia Master
[2012/04/18 21:43:05 | 000,000,000 | ---D | C] -- C:\Documents and Settings\HP_Administrator\Desktop\Chamilia Images new
[2012/04/18 21:43:01 | 000,000,000 | ---D | C] -- C:\Documents and Settings\HP_Administrator\Desktop\Chamilia Images
[2012/04/18 21:43:01 | 000,000,000 | ---D | C] -- C:\Documents and Settings\HP_Administrator\Desktop\CB Receiving Report
[2012/04/18 21:42:57 | 000,000,000 | ---D | C] -- C:\WINDOWS\I386
[2012/04/18 21:42:39 | 000,000,000 | ---D | C] -- C:\Documents and Settings\HP_Administrator\Desktop\Biagi Receiving Reports
[2012/04/18 21:41:36 | 000,000,000 | ---D | C] -- C:\Documents and Settings\HP_Administrator\Desktop\Biagi Master
[2012/04/18 21:41:01 | 000,000,000 | ---D | C] -- C:\Documents and Settings\HP_Administrator\Desktop\Biagi Images-Full
[2012/04/18 21:40:47 | 000,000,000 | ---D | C] -- C:\Documents and Settings\HP_Administrator\Desktop\Biagi Images
[2012/04/18 21:40:39 | 000,000,000 | ---D | C] -- C:\Documents and Settings\HP_Administrator\Desktop\Biagi Catalogs Order Forms
[2012/04/18 21:40:35 | 000,000,000 | ---D | C] -- C:\Documents and Settings\HP_Administrator\Desktop\Bead Reemer Invoices
[2012/04/18 21:39:16 | 000,000,000 | ---D | C] -- C:\Documents and Settings\HP_Administrator\Desktop\Bead Box
[2012/04/18 21:37:38 | 000,000,000 | ---D | C] -- C:\Documents and Settings\HP_Administrator\Desktop\AOL Saved PFC
[2012/04/18 21:37:38 | 000,000,000 | ---D | C] -- C:\Documents and Settings\HP_Administrator\Desktop\Active Resale Programs
[2012/04/18 21:37:38 | 000,000,000 | ---D | C] -- C:\Documents and Settings\HP_Administrator\Desktop\2012 Expense Reports
[2012/04/18 21:37:38 | 000,000,000 | ---D | C] -- C:\Documents and Settings\HP_Administrator\Desktop\2011 Expense Reports
[2012/04/18 21:37:38 | 000,000,000 | ---D | C] -- C:\Documents and Settings\HP_Administrator\Desktop\2010Summary
[2012/04/18 21:37:38 | 000,000,000 | ---D | C] -- C:\Documents and Settings\HP_Administrator\Desktop\2010 Exp. reports
[2012/04/18 21:36:03 | 000,000,000 | R--D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Games
[2012/04/18 21:36:03 | 000,000,000 | R--D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Administrative Tools
[2012/04/18 21:36:03 | 000,000,000 | R--D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Accessories
[2012/04/18 21:36:02 | 000,000,000 | R--D | C] -- C:\Documents and Settings\All Users\Start Menu
[2012/04/18 21:35:53 | 000,000,000 | R--D | C] -- C:\Documents and Settings\All Users\Documents\My Videos
[2012/04/18 21:35:51 | 000,000,000 | R--D | C] -- C:\Documents and Settings\All Users\Documents\My Pictures
[2012/04/18 21:35:36 | 000,000,000 | R--D | C] -- C:\Documents and Settings\All Users\Documents\My Music
[2012/04/18 21:35:36 | 000,000,000 | R--D | C] -- C:\Documents and Settings\All Users\Documents
[2012/04/18 21:35:32 | 000,000,000 | RH-D | C] -- C:\Documents and Settings\All Users\Application Data
[2012/04/18 21:34:38 | 000,000,000 | R-SD | C] -- C:\WINDOWS\assembly
[2012/04/18 21:34:34 | 000,000,000 | R--D | C] -- C:\WINDOWS\Offline Web Pages
[2012/04/18 21:33:15 | 000,000,000 | RHSD | C] -- C:\WINDOWS\System32\dllcache
[2012/04/18 21:28:22 | 004,502,280 | ---- | C] (Lime Wire LLC) -- C:\Documents and Settings\HP_Administrator\My Documents\LimeWireWin.exe
[2012/04/18 21:28:19 | 000,000,000 | ---D | C] -- C:\Documents and Settings\HP_Administrator\My Documents\The Print Shop Small Business Center Forms
[2012/04/18 21:28:19 | 000,000,000 | ---D | C] -- C:\Documents and Settings\HP_Administrator\My Documents\TaxCut
[2012/04/18 21:28:19 | 000,000,000 | ---D | C] -- C:\Documents and Settings\HP_Administrator\My Documents\Symantec
[2012/04/18 21:28:19 | 000,000,000 | ---D | C] -- C:\Documents and Settings\HP_Administrator\My Documents\Roxio
[2012/04/18 21:27:23 | 000,000,000 | ---D | C] -- C:\Documents and Settings\HP_Administrator\My Documents\My Albums
[2012/04/18 21:27:21 | 000,000,000 | ---D | C] -- C:\Documents and Settings\HP_Administrator\My Documents\Model Railroad
[2012/04/18 21:27:20 | 000,000,000 | ---D | C] -- C:\Documents and Settings\HP_Administrator\My Documents\HRBlock
[2012/04/18 21:27:20 | 000,000,000 | ---D | C] -- C:\Documents and Settings\HP_Administrator\My Documents\filelib
[2012/04/18 21:25:35 | 000,000,000 | R--D | C] -- C:\Documents and Settings\HP_Administrator\My Documents\Dropbox
[2012/04/18 21:25:35 | 000,000,000 | ---D | C] -- C:\Documents and Settings\HP_Administrator\My Documents\BlackBerry
[2012/04/18 21:25:34 | 000,000,000 | ---D | C] -- C:\Documents and Settings\HP_Administrator\My Documents\My eBooks
[2012/04/18 21:25:34 | 000,000,000 | ---D | C] -- C:\Documents and Settings\HP_Administrator\My Documents\BarnyardInvasionSaveData
[2012/04/18 21:25:34 | 000,000,000 | ---D | C] -- C:\Documents and Settings\HP_Administrator\My Documents\AOL Downloads
[2012/04/18 21:24:42 | 000,000,000 | ---D | C] -- C:\Program Files\MSXML 4.0
[2012/04/18 21:17:03 | 000,000,000 | ---D | C] -- C:\Documents and Settings\HP_Administrator\Local Settings\Application Data\Temp
[2012/04/18 21:17:03 | 000,000,000 | ---D | C] -- C:\Documents and Settings\HP_Administrator\Local Settings\Application Data\Adobe
[2012/04/18 21:07:28 | 000,000,000 | ---D | C] -- C:\Documents and Settings\HP_Administrator\Application Data\HP
[2012/04/18 21:06:56 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\WEBREG
[2012/04/18 21:06:04 | 000,000,000 | ---D | C] -- C:\Program Files\Yahoo!
[2012/04/18 21:05:09 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\HP Product Assistant
[2012/04/18 21:05:01 | 000,000,000 | ---D | C] -- C:\Documents and Settings\HP_Administrator\Local Settings\Application Data\Western_Digital
[2012/04/18 21:02:24 | 000,000,000 | ---D | C] -- C:\WINDOWS\hpojp8000a809
[2012/04/18 20:59:38 | 000,000,000 | ---D | C] -- C:\Documents and Settings\HP_Administrator\Application Data\Western Digital
[2012/04/18 20:59:21 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Western Digital
[2012/04/18 20:59:04 | 000,000,000 | ---D | C] -- C:\Documents and Settings\LocalService\Local Settings\Application Data\ServiceTest
[2012/04/18 20:58:50 | 000,011,520 | ---- | C] (Western Digital Technologies) -- C:\WINDOWS\System32\drivers\wdcsam.sys
[2012/04/18 20:58:50 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\DRVSTORE
[2012/04/18 20:58:16 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\WD SmartWare
[2012/04/18 20:58:15 | 000,000,000 | ---D | C] -- C:\Program Files\Western Digital
[2012/04/18 20:55:30 | 000,000,000 | ---D | C] -- C:\ATemp
[2012/04/18 20:52:27 | 000,000,000 | ---D | C] -- C:\Documents and Settings\HP_Administrator\Local Settings\Application Data\Western Digital
[2012/04/18 20:49:56 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Adobe
[2012/04/18 20:49:02 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Adobe
[2012/04/18 20:36:18 | 000,000,000 | -HSD | C] -- C:\RECYCLER
[2012/04/18 20:22:30 | 000,000,000 | ---D | C] -- C:\Documents and Settings\HP_Administrator\My Documents\Downloads
[2012/04/18 20:22:00 | 000,000,000 | ---D | C] -- C:\Documents and Settings\HP_Administrator\Application Data\Adobe
[2012/04/18 20:18:52 | 000,000,000 | ---D | C] -- C:\WINDOWS\Prefetch
[2012/04/18 20:11:13 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\en-us
[2012/04/18 20:11:12 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\scripting
[2012/04/18 20:11:12 | 000,000,000 | ---D | C] -- C:\WINDOWS\l2schemas
[2012/04/18 20:11:11 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\en
[2012/04/18 20:11:11 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\bits
[2012/04/18 20:07:56 | 000,000,000 | ---D | C] -- C:\WINDOWS\ServicePackFiles
[2012/04/18 20:05:44 | 000,000,000 | ---D | C] -- C:\WINDOWS\network diagnostic
[2012/04/18 20:00:29 | 000,000,000 | -H-D | C] -- C:\WINDOWS\$NtServicePackUninstall$
[2012/04/18 19:50:43 | 000,000,000 | ---D | C] -- C:\Documents and Settings\HP_Administrator\Start Menu\Programs\Google Chrome
[2012/04/18 19:41:02 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\appmgmt
[2012/04/18 19:39:09 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Windows Genuine Advantage
[2012/04/18 19:37:04 | 000,000,000 | RHSD | C] -- C:\cmdcons
[2012/04/18 19:37:02 | 000,000,000 | ---D | C] -- C:\WINDOWS\setup.pss
[2012/04/18 19:36:51 | 000,000,000 | ---D | C] -- C:\Documents and Settings\HP_Administrator\Application Data\Macromedia
[2012/04/18 19:35:30 | 000,000,000 | RH-D | C] -- C:\Documents and Settings\HP_Administrator\Recent
[2012/04/18 19:34:32 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\PreInstall
[2012/04/18 19:33:52 | 000,000,000 | -H-D | C] -- C:\WINDOWS\$MSI31Uninstall_KB893803v2$
[2012/04/18 19:32:43 | 000,000,000 | -HSD | C] -- C:\Documents and Settings\HP_Administrator\UserData
[1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
[1 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
========== Files - Modified Within 30 Days ==========
[2012/04/25 19:06:18 | 000,000,444 | -H-- | M] () -- C:\WINDOWS\tasks\User_Feed_Synchronization-{090DBC64-2D6C-46FE-A72E-0DFD89F9BABB}.job
[2012/04/25 18:47:02 | 000,001,022 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-3156204540-1018871048-2593910535-1008UA.job
[2012/04/25 18:02:39 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2012/04/25 18:02:37 | 1064,685,568 | -HS- | M] () -- C:\hiberfil.sys
[2012/04/24 19:47:13 | 000,000,970 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-3156204540-1018871048-2593910535-1008Core.job
[2012/04/24 07:47:30 | 000,001,975 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Norton Internet Security.LNK
[2012/04/24 07:45:40 | 000,566,677 | ---- | M] () -- C:\WINDOWS\System32\drivers\NIS\1307000.009\Cat.DB
[2012/04/24 07:45:22 | 000,008,942 | ---- | M] () -- C:\WINDOWS\System32\drivers\NIS\1307000.009\VT20120410.034
[2012/04/22 20:19:29 | 000,054,156 | -H-- | M] () -- C:\WINDOWS\QTFont.qfn
[2012/04/22 20:19:29 | 000,001,409 | ---- | M] () -- C:\WINDOWS\QTFont.for
[2012/04/22 19:50:03 | 000,000,029 | ---- | M] () -- C:\WINDOWS\DEBUGSM.INI
[2012/04/19 19:56:01 | 000,000,767 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\AOL Desktop 9.7.lnk
[2012/04/19 19:56:01 | 000,000,755 | ---- | M] () -- C:\Documents and Settings\HP_Administrator\Application Data\Microsoft\Internet Explorer\Quick Launch\AOL Desktop 9.7.lnk
[2012/04/19 19:46:37 | 000,058,696 | ---- | M] (AOL Inc.) -- C:\WINDOWS\System32\AOLParconLink.exe
[2012/04/19 19:45:21 | 000,000,335 | ---- | M] () -- C:\WINDOWS\nsreg.dat
[2012/04/19 19:42:19 | 000,257,456 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2012/04/19 19:11:17 | 000,443,098 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
[2012/04/19 19:11:17 | 000,072,238 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
[2012/04/19 19:00:15 | 000,001,158 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2012/04/19 18:59:42 | 000,001,616 | ---- | M] () -- C:\WINDOWS\PCW130.ini
[2012/04/19 18:59:42 | 000,000,793 | ---- | M] () -- C:\WINDOWS\BTI.INI
[2012/04/19 18:59:00 | 000,001,638 | ---- | M] () -- C:\Documents and Settings\HP_Administrator\Application Data\Microsoft\Internet Explorer\Quick Launch\Peachtree Complete Accounting 2006.lnk
[2012/04/19 18:58:58 | 000,001,620 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Peachtree Complete Accounting 2006.lnk
[2012/04/19 18:00:40 | 000,001,374 | ---- | M] () -- C:\WINDOWS\imsins.BAK
[2012/04/19 17:36:59 | 000,000,376 | ---- | M] () -- C:\WINDOWS\ODBC.INI
[2012/04/19 16:51:36 | 000,173,082 | ---- | M] () -- C:\WINDOWS\hpwins21.dat
[2012/04/18 23:43:27 | 000,000,172 | ---- | M] () -- C:\WINDOWS\System32\drivers\NIS\1307000.009\isolate.ini
[2012/04/18 22:10:23 | 000,141,944 | ---- | M] (Symantec Corporation) -- C:\WINDOWS\System32\drivers\SYMEVENT.SYS
[2012/04/18 22:10:23 | 000,060,872 | ---- | M] (Symantec Corporation) -- C:\WINDOWS\System32\S32EVNT1.DLL
[2012/04/18 22:10:23 | 000,007,468 | ---- | M] () -- C:\WINDOWS\System32\drivers\SYMEVENT.CAT
[2012/04/18 22:10:23 | 000,000,806 | ---- | M] () -- C:\WINDOWS\System32\drivers\SYMEVENT.INF
[2012/04/18 22:09:51 | 000,001,042 | ---- | M] () -- C:\Documents and Settings\HP_Administrator\Desktop\Dropbox.lnk
[2012/04/18 22:08:31 | 000,001,042 | ---- | M] () -- C:\Documents and Settings\HP_Administrator\Start Menu\Programs\Startup\Dropbox.lnk
[2012/04/18 21:58:23 | 000,000,826 | ---- | M] () -- C:\Documents and Settings\HP_Administrator\Application Data\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk
[2012/04/18 21:49:47 | 000,001,063 | ---- | M] () -- C:\WINDOWS\System32\$winnt$.inf
[2012/04/18 21:49:06 | 000,000,211 | RHS- | M] () -- C:\BOOT.BAK
[2012/04/18 21:30:33 | 000,000,129 | ---- | M] () -- C:\WINDOWS\System32\MRT.INI
[2012/04/18 21:15:29 | 000,000,249 | ---- | M] () -- C:\WINDOWS\System\hpsysdrv.dat
[2012/04/18 20:58:59 | 000,001,129 | ---- | M] () -- C:\Documents and Settings\All Users\Start Menu\Programs\Startup\WDSmartWare.lnk
[2012/04/18 20:58:59 | 000,001,068 | ---- | M] () -- C:\Documents and Settings\All Users\Start Menu\Programs\Startup\WDDMStatus.lnk
[2012/04/18 20:22:13 | 000,316,640 | ---- | M] () -- C:\WINDOWS\WMSysPr9.prx
[2012/04/18 20:05:23 | 000,250,048 | RHS- | M] () -- C:\ntldr
[2012/04/18 19:50:49 | 000,002,354 | ---- | M] () -- C:\Documents and Settings\HP_Administrator\Application Data\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk
[2012/04/18 19:37:20 | 000,000,281 | RHS- | M] () -- C:\boot.ini
[2012/04/18 19:31:17 | 000,001,851 | RHS- | M] () -- C:\WINDOWS\System32\drivers\103C_HP_CPC_ED906AA-ABA a1224n_YC_0Pavi_QCNH539_E54NAsyMPC1_48_IGoldfish3_SASUSTeK Computer INC._V1.xx_B3.25_T050906_WXP2_L409_M1016_J200_7Intel_8Pentium 4_93.06_#051208_N10EC8139_Z10573052_G80862582.MRK
[2012/04/13 19:09:36 | 000,027,320 | ---- | M] () -- C:\Documents and Settings\HP_Administrator\Desktop\Cincinnati Ref. Express.jpg
[2012/04/11 01:15:11 | 000,051,800 | ---- | M] () -- C:\Documents and Settings\HP_Administrator\Desktop\Order2104117818.pdf
[2012/04/10 16:06:49 | 000,090,263 | ---- | M] () -- C:\Documents and Settings\HP_Administrator\Desktop\Joseph Smith 2011 Tax Return.T11
[2012/04/10 10:32:22 | 000,224,613 | ---- | M] () -- C:\Documents and Settings\HP_Administrator\Desktop\1099K_2011[1].pdf
[2012/04/07 08:59:26 | 000,442,048 | ---- | M] () -- C:\Documents and Settings\HP_Administrator\Desktop\Joseph Smith 2011 Tax Return_T11_For_Records.pdf
[2012/04/07 08:59:09 | 000,297,305 | ---- | M] () -- C:\Documents and Settings\HP_Administrator\Desktop\Joseph Smith 2011 Tax Return_T11_For_Filing.pdf
[2012/04/04 15:56:40 | 000,022,344 | ---- | M] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbam.sys
[2012/04/03 21:43:49 | 000,007,454 | ---- | M] () -- C:\WINDOWS\System32\drivers\NIS\1307000.009\srtspx.cat
[2012/04/03 21:43:49 | 000,007,450 | ---- | M] () -- C:\WINDOWS\System32\drivers\NIS\1307000.009\srtsp.cat
[2012/04/03 21:43:49 | 000,001,388 | ---- | M] () -- C:\WINDOWS\System32\drivers\NIS\1307000.009\srtspx.inf
[2012/04/03 21:43:49 | 000,001,388 | ---- | M] () -- C:\WINDOWS\System32\drivers\NIS\1307000.009\srtsp.inf
[2012/03/30 23:12:27 | 000,127,322 | ---- | M] () -- C:\Documents and Settings\HP_Administrator\Desktop\2012-03-3022.59.51.jpg
[2012/03/29 02:28:38 | 000,388,216 | ---- | M] (Symantec Corporation) -- C:\WINDOWS\System32\drivers\NIS\1307000.009\symtdi.sys
[2012/03/29 02:28:38 | 000,318,584 | ---- | M] (Symantec Corporation) -- C:\WINDOWS\System32\drivers\NIS\1307000.009\symnets.sys
[2012/03/29 02:28:37 | 000,345,208 | ---- | M] (Symantec Corporation) -- C:\WINDOWS\System32\drivers\NIS\1307000.009\symtdiv.sys
[2012/03/29 02:28:34 | 000,007,877 | ---- | M] () -- C:\WINDOWS\System32\drivers\NIS\1307000.009\symnetv.cat
[2012/03/29 02:28:34 | 000,007,458 | ---- | M] () -- C:\WINDOWS\System32\drivers\NIS\1307000.009\symnet.cat
[2012/03/29 02:28:34 | 000,001,469 | ---- | M] () -- C:\WINDOWS\System32\drivers\NIS\1307000.009\symnetv.inf
[2012/03/29 02:28:34 | 000,001,441 | ---- | M] () -- C:\WINDOWS\System32\drivers\NIS\1307000.009\symnet.inf
[2012/03/29 02:28:30 | 000,905,336 | ---- | M] (Symantec Corporation) -- C:\WINDOWS\System32\drivers\NIS\1307000.009\symefa.sys
[2012/03/29 02:28:30 | 000,007,456 | ---- | M] () -- C:\WINDOWS\System32\drivers\NIS\1307000.009\symefa.cat
[2012/03/29 02:28:30 | 000,004,782 | ---- | M] () -- C:\WINDOWS\System32\drivers\NIS\1307000.009\symvtcer.dat
[2012/03/29 02:28:30 | 000,003,434 | ---- | M] () -- C:\WINDOWS\System32\drivers\NIS\1307000.009\symefa.inf
[2012/03/29 02:06:25 | 000,149,624 | ---- | M] (Symantec Corporation) -- C:\WINDOWS\System32\drivers\NIS\1307000.009\ironx86.sys
[2012/03/29 02:06:25 | 000,007,450 | ---- | M] () -- C:\WINDOWS\System32\drivers\NIS\1307000.009\iron.cat
[2012/03/29 02:06:25 | 000,000,742 | ---- | M] () -- C:\WINDOWS\System32\drivers\NIS\1307000.009\iron.inf
[2012/03/29 02:03:27 | 000,574,072 | ---- | M] (Symantec Corporation) -- C:\WINDOWS\System32\drivers\NIS\1307000.009\srtsp.sys
[2012/03/29 02:03:27 | 000,032,888 | ---- | M] (Symantec Corporation) -- C:\WINDOWS\System32\drivers\NIS\1307000.009\srtspx.sys
[1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
[1 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
========== Files Created - No Company Name ==========
[2012/04/24 07:47:30 | 000,001,975 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Norton Internet Security.LNK
[2012/04/24 07:45:22 | 000,566,677 | ---- | C] () -- C:\WINDOWS\System32\drivers\NIS\1307000.009\Cat.DB
[2012/04/24 07:45:22 | 000,008,942 | ---- | C] () -- C:\WINDOWS\System32\drivers\NIS\1307000.009\VT20120410.034
[2012/04/23 19:09:08 | 000,007,877 | ---- | C] () -- C:\WINDOWS\System32\drivers\NIS\1307000.009\symnetv.cat
[2012/04/23 19:09:08 | 000,007,458 | ---- | C] () -- C:\WINDOWS\System32\drivers\NIS\1307000.009\symnet.cat
[2012/04/23 19:09:08 | 000,001,469 | ---- | C] () -- C:\WINDOWS\System32\drivers\NIS\1307000.009\symnetv.inf
[2012/04/23 19:09:08 | 000,001,441 | ---- | C] () -- C:\WINDOWS\System32\drivers\NIS\1307000.009\symnet.inf
[2012/04/23 19:09:07 | 000,007,492 | R--- | C] () -- C:\WINDOWS\System32\drivers\NIS\1307000.009\symds.cat
[2012/04/23 19:09:07 | 000,007,456 | ---- | C] () -- C:\WINDOWS\System32\drivers\NIS\1307000.009\symefa.cat
[2012/04/23 19:09:07 | 000,007,454 | ---- | C] () -- C:\WINDOWS\System32\drivers\NIS\1307000.009\srtspx.cat
[2012/04/23 19:09:07 | 000,003,434 | ---- | C] () -- C:\WINDOWS\System32\drivers\NIS\1307000.009\symefa.inf
[2012/04/23 19:09:07 | 000,002,852 | R--- | C] () -- C:\WINDOWS\System32\drivers\NIS\1307000.009\symds.inf
[2012/04/23 19:09:07 | 000,001,388 | ---- | C] () -- C:\WINDOWS\System32\drivers\NIS\1307000.009\srtspx.inf
[2012/04/23 19:09:06 | 000,007,450 | ---- | C] () -- C:\WINDOWS\System32\drivers\NIS\1307000.009\srtsp.cat
[2012/04/23 19:09:06 | 000,007,450 | ---- | C] () -- C:\WINDOWS\System32\drivers\NIS\1307000.009\iron.cat
[2012/04/23 19:09:06 | 000,001,388 | ---- | C] () -- C:\WINDOWS\System32\drivers\NIS\1307000.009\srtsp.inf
[2012/04/23 19:09:06 | 000,000,827 | ---- | C] () -- C:\WINDOWS\System32\drivers\NIS\1307000.009\ccsetx86.inf
[2012/04/23 19:09:06 | 000,000,742 | ---- | C] () -- C:\WINDOWS\System32\drivers\NIS\1307000.009\iron.inf
[2012/04/23 19:09:05 | 000,007,468 | ---- | C] () -- C:\WINDOWS\System32\drivers\NIS\1307000.009\ccsetx86.cat
[2012/04/23 19:06:14 | 000,004,782 | ---- | C] () -- C:\WINDOWS\System32\drivers\NIS\1307000.009\symvtcer.dat
[2012/04/23 19:06:14 | 000,000,172 | ---- | C] () -- C:\WINDOWS\System32\drivers\NIS\1307000.009\isolate.ini
[2012/04/22 20:19:29 | 000,054,156 | -H-- | C] () -- C:\WINDOWS\QTFont.qfn
[2012/04/22 20:19:29 | 000,001,409 | ---- | C] () -- C:\WINDOWS\QTFont.for
[2012/04/22 19:50:03 | 000,000,029 | ---- | C] () -- C:\WINDOWS\DEBUGSM.INI
[2012/04/19 19:56:01 | 000,000,755 | ---- | C] () -- C:\Documents and Settings\HP_Administrator\Application Data\Microsoft\Internet Explorer\Quick Launch\AOL Desktop 9.7.lnk
[2012/04/19 19:56:00 | 000,000,767 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\AOL Desktop 9.7.lnk
[2012/04/19 19:45:21 | 000,000,335 | ---- | C] () -- C:\WINDOWS\nsreg.dat
[2012/04/19 19:23:21 | 000,029,521 | ---- | C] () -- C:\WINDOWS\System32\EPPICPrinterDB.dat
[2012/04/19 19:23:21 | 000,020,910 | ---- | C] () -- C:\WINDOWS\System32\EPPICPattern2.dat
[2012/04/19 19:23:21 | 000,020,869 | ---- | C] () -- C:\WINDOWS\System32\EPPICPattern1.dat
[2012/04/19 19:23:21 | 000,012,585 | ---- | C] () -- C:\WINDOWS\System32\EPPICLocal_EN.cfg
[2012/04/19 19:23:21 | 000,000,022 | ---- | C] () -- C:\WINDOWS\System32\PICSDK.ini
[2012/04/19 19:22:56 | 000,098,304 | R--- | C] () -- C:\WINDOWS\StiRegstEng.dll
[2012/04/19 19:22:12 | 000,001,681 | ---- | C] () -- C:\Documents and Settings\All Users\Start Menu\Programs\ABBYY FineReader 5.0 Sprint.lnk
[2012/04/19 19:18:34 | 000,096,768 | ---- | C] () -- C:\WINDOWS\SlantAdj.dll
[2012/04/19 19:18:34 | 000,003,136 | ---- | C] () -- C:\WINDOWS\Ade001.bin
[2012/04/19 19:18:34 | 000,000,072 | ---- | C] () -- C:\WINDOWS\System32\epDPE.ini
[2012/04/19 19:17:37 | 000,064,000 | ---- | C] () -- C:\WINDOWS\System32\esfw41.bin
[2012/04/19 18:59:00 | 000,001,638 | ---- | C] () -- C:\Documents and Settings\HP_Administrator\Application Data\Microsoft\Internet Explorer\Quick Launch\Peachtree Complete Accounting 2006.lnk
[2012/04/19 18:58:57 | 000,001,620 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Peachtree Complete Accounting 2006.lnk
[2012/04/19 18:57:28 | 000,172,032 | ---- | C] () -- C:\WINDOWS\System32\rsUtil.dll
[2012/04/19 18:56:09 | 000,000,444 | -H-- | C] () -- C:\WINDOWS\tasks\User_Feed_Synchronization-{090DBC64-2D6C-46FE-A72E-0DFD89F9BABB}.job
[2012/04/19 16:39:47 | 000,000,428 | ---- | C] () -- C:\WINDOWS\hpwmdl21.dat.temp
[2012/04/18 22:10:23 | 000,007,468 | ---- | C] () -- C:\WINDOWS\System32\drivers\SYMEVENT.CAT
[2012/04/18 22:10:23 | 000,000,806 | ---- | C] () -- C:\WINDOWS\System32\drivers\SYMEVENT.INF
[2012/04/18 22:09:51 | 000,001,042 | ---- | C] () -- C:\Documents and Settings\HP_Administrator\Desktop\Dropbox.lnk
[2012/04/18 22:08:31 | 000,001,042 | ---- | C] () -- C:\Documents and Settings\HP_Administrator\Start Menu\Programs\Startup\Dropbox.lnk
[2012/04/18 21:50:48 | 000,000,079 | ---- | C] () -- C:\Documents and Settings\HP_Administrator\Application Data\Microsoft\Internet Explorer\Quick Launch\Show Desktop.scf
[2012/04/18 21:50:47 | 000,000,136 | ---- | C] () -- C:\Documents and Settings\HP_Administrator\Local Settings\Application Data\fusioncache.dat
[2012/04/18 21:50:45 | 000,001,599 | ---- | C] () -- C:\Documents and Settings\HP_Administrator\Start Menu\Programs\Remote Assistance.lnk
[2012/04/18 21:50:45 | 000,000,803 | ---- | C] () -- C:\Documents and Settings\HP_Administrator\Start Menu\Programs\Windows Media Player.lnk
[2012/04/18 21:50:45 | 000,000,749 | ---- | C] () -- C:\Documents and Settings\HP_Administrator\Start Menu\Programs\Outlook Express.lnk
[2012/04/18 21:47:23 | 000,044,450 | ---- | C] () -- C:\Documents and Settings\HP_Administrator\Desktop\Trollbeads Direct Order-OE-10008.pdf
[2012/04/18 21:47:22 | 000,051,800 | ---- | C] () -- C:\Documents and Settings\HP_Administrator\Desktop\Order2104117818.pdf
[2012/04/18 21:47:22 | 000,014,319 | ---- | C] () -- C:\Documents and Settings\HP_Administrator\Desktop\SMITH1receipt.pdf
[2012/04/18 21:47:22 | 000,009,448 | ---- | C] () -- C:\Documents and Settings\HP_Administrator\Desktop\Norton Internet Security_Key.pdf
[2012/04/18 21:47:20 | 007,496,411 | ---- | C] () -- C:\Documents and Settings\HP_Administrator\Desktop\Kidz Catalog.pdf
[2012/04/18 21:47:20 | 000,442,048 | ---- | C] () -- C:\Documents and Settings\HP_Administrator\Desktop\Joseph Smith 2011 Tax Return_T11_For_Records.pdf
[2012/04/18 21:47:20 | 000,297,305 | ---- | C] () -- C:\Documents and Settings\HP_Administrator\Desktop\Joseph Smith 2011 Tax Return_T11_For_Filing.pdf
[2012/04/18 21:47:20 | 000,247,453 | ---- | C] () -- C:\Documents and Settings\HP_Administrator\Desktop\CBKidzIOF100711-US.pdf
[2012/04/18 21:47:20 | 000,100,527 | ---- | C] () -- C:\Documents and Settings\HP_Administrator\Desktop\CBCharmPriceList010311US.pdf
[2012/04/18 21:47:20 | 000,090,263 | ---- | C] () -- C:\Documents and Settings\HP_Administrator\Desktop\Joseph Smith 2011 Tax Return.T11
[2012/04/18 21:47:20 | 000,027,320 | ---- | C] () -- C:\Documents and Settings\HP_Administrator\Desktop\Cincinnati Ref. Express.jpg
[2012/04/18 21:47:19 | 001,068,116 | ---- | C] () -- C:\Documents and Settings\HP_Administrator\Desktop\CBBeadIOF101211-US.pdf
[2012/04/18 21:47:19 | 000,224,613 | ---- | C] () -- C:\Documents and Settings\HP_Administrator\Desktop\1099K_2011[1].pdf
[2012/04/18 21:47:19 | 000,127,322 | ---- | C] () -- C:\Documents and Settings\HP_Administrator\Desktop\2012-03-3022.59.51.jpg
[2012/04/18 21:47:19 | 000,065,160 | ---- | C] () -- C:\Documents and Settings\HP_Administrator\Desktop\5 Rod Box.jpg
[2012/04/18 21:47:19 | 000,064,533 | ---- | C] () -- C:\Documents and Settings\HP_Administrator\Desktop\9 Rod Box.jpg
[2012/04/18 21:47:19 | 000,057,077 | ---- | C] () -- C:\Documents and Settings\HP_Administrator\Desktop\9 Rod Open Box.jpg
[2012/04/18 21:47:19 | 000,049,417 | ---- | C] () -- C:\Documents and Settings\HP_Administrator\Desktop\5 Rod Open Box.JPG
[2012/04/18 21:44:24 | 000,000,249 | ---- | C] () -- C:\WINDOWS\System\hpsysdrv.dat
[2012/04/18 21:30:33 | 000,000,129 | ---- | C] () -- C:\WINDOWS\System32\MRT.INI
[2012/04/18 21:28:22 | 004,401,467 | ---- | C] () -- C:\Documents and Settings\HP_Administrator\My Documents\LoaderBackup-(2010-09-22)-1.ipd
[2012/04/18 21:28:22 | 004,401,353 | ---- | C] () -- C:\Documents and Settings\HP_Administrator\My Documents\LoaderBackup-(2010-09-22).ipd
[2012/04/18 21:28:22 | 000,024,977 | ---- | C] () -- C:\Documents and Settings\HP_Administrator\My Documents\MyTaxes.T03
[2012/04/18 21:28:22 | 000,001,357 | ---- | C] () -- C:\Documents and Settings\HP_Administrator\My Documents\MyTaxes.sbr
[2012/04/18 21:28:22 | 000,000,312 | ---- | C] () -- C:\Documents and Settings\HP_Administrator\My Documents\spider.sav
[2012/04/18 21:28:19 | 000,013,824 | ---- | C] () -- C:\Documents and Settings\HP_Administrator\My Documents\55CC0000
[2012/04/18 21:28:19 | 000,000,210 | ---- | C] () -- C:\Documents and Settings\HP_Administrator\My Documents\Yahoo! Briefcase.url
[2012/04/18 20:58:59 | 000,001,129 | ---- | C] () -- C:\Documents and Settings\All Users\Start Menu\Programs\Startup\WDSmartWare.lnk
[2012/04/18 20:58:59 | 000,001,068 | ---- | C] () -- C:\Documents and Settings\All Users\Start Menu\Programs\Startup\WDDMStatus.lnk
[2012/04/18 20:53:12 | 000,173,082 | ---- | C] () -- C:\WINDOWS\hpwins21.dat
[2012/04/18 20:53:11 | 000,000,428 | ---- | C] () -- C:\WINDOWS\hpwmdl21.dat
[2012/04/18 20:50:27 | 000,001,804 | ---- | C] () -- C:\Documents and Settings\All Users\Start Menu\Programs\Adobe Reader X.lnk
[2012/04/18 20:47:20 | 000,003,072 | ---- | C] () -- C:\WINDOWS\System32\iacenc.dll
[2012/04/18 20:47:20 | 000,003,072 | ---- | C] () -- C:\WINDOWS\System32\dllcache\iacenc.dll
[2012/04/18 20:41:52 | 000,081,920 | ---- | C] () -- C:\WINDOWS\System32\Startup.cpl
[2012/04/18 20:19:37 | 000,000,814 | ---- | C] () -- C:\Documents and Settings\HP_Administrator\Start Menu\Programs\Internet Explorer.lnk
[2012/04/18 20:19:35 | 000,000,826 | ---- | C] () -- C:\Documents and Settings\HP_Administrator\Application Data\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk
[2012/04/18 19:53:35 | 000,067,866 | ---- | C] () -- C:\WINDOWS\System32\drivers\netwlan5.img
[2012/04/18 19:53:23 | 000,129,045 | ---- | C] () -- C:\WINDOWS\System32\drivers\cxthsfs2.cty
[2012/04/18 19:52:00 | 000,064,352 | ---- | C] () -- C:\WINDOWS\System32\drivers\ativmc20.cod
[2012/04/18 19:50:49 | 000,002,354 | ---- | C] () -- C:\Documents and Settings\HP_Administrator\Application Data\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk
[2012/04/18 19:42:54 | 000,001,022 | ---- | C] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-3156204540-1018871048-2593910535-1008UA.job
[2012/04/18 19:42:53 | 000,000,970 | ---- | C] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-3156204540-1018871048-2593910535-1008Core.job
[2012/04/18 19:37:18 | 000,000,211 | RHS- | C] () -- C:\BOOT.BAK
[2012/04/18 19:37:14 | 000,260,272 | RHS- | C] () -- C:\cmldr
[2012/04/18 19:31:13 | 000,001,851 | RHS- | C] () -- C:\WINDOWS\System32\drivers\103C_HP_CPC_ED906AA-ABA a1224n_YC_0Pavi_QCNH539_E54NAsyMPC1_48_IGoldfish3_SASUSTeK Computer INC._V1.xx_B3.25_T050906_WXP2_L409_M1016_J200_7Intel_8Pentium 4_93.06_#051208_N10EC8139_Z10573052_G80862582.MRK
[2012/04/18 19:31:06 | 1064,685,568 | -HS- | C] () -- C:\hiberfil.sys
========== LOP Check ==========
[2005/08/20 20:58:06 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Application Data\SampleView
[2012/04/19 21:34:03 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Acronis
[2012/04/19 19:55:41 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Viewpoint
[2012/04/19 21:38:35 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\WD_SmartWareCommon
[2012/04/18 20:59:21 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Western Digital
[2005/08/20 20:58:06 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Default User\Application Data\SampleView
[2012/04/25 19:06:18 | 000,000,444 | -H-- | M] () -- C:\WINDOWS\Tasks\User_Feed_Synchronization-{090DBC64-2D6C-46FE-A72E-0DFD89F9BABB}.job
========== Purity Check ==========
< End of report >