Jump to content

Welcome to Geeks to Go - Register now for FREE

Need help with your computer or device? Want to learn new tech skills? You're in the right place!
Geeks to Go is a friendly community of tech experts who can solve any problem you have. Just create a free account and post your question. Our volunteers will reply quickly and guide you through the steps. Don't let tech troubles stop you. Join Geeks to Go now and get the support you need!

How it Works Create Account
Photo

Help not sure if I have a virus, or malware, or ? [Closed]

Started by cheryll00 , Jul 04 2012 11:37 AM

  • This topic is locked This topic is locked

#1
cheryll00
Posted 04 July 2012 - 11:37 AM

cheryll00

    New Member

  • Member
  • Pip
  • 1 posts
Windows XP professional Service Pack 3 Intel Xeon Quad Processors 3.20Ghz

PC is acting very weird and doing strange things.
Such as I have 4 external WD(Western Digital)hard drives attached for backup and saving files because my hard drive is small, and last week, one of them had a changed drive letter - it went from I to O so I had to change all my preprogrammed backups (Quickbooks) for all my company files because otherwise no automatic backups
also, I have Malwarebytes' Anti-Malware installed and it is supposed to run everyday, when updates are available, it is supposed to automaticvally update, then run a flash scan. There has been nothing found by the software.
I decided to run Microsoft Safety Scanner on Monday July 2, 2012 and it found 2 threats which it removed:
1- Exploit:Java/CVE-2012-0507.AX
and
2- Exploit:Java/CVE-2011-3544.DO.

I also cannot open PDF files in the internet explorer window. Internet explorer Version 8.0.6001.18702 and Adobe Reader X Version 10.1.3
Please tell me what is wrong, and how I can fix this??
Thank You
Cheryll


OTL logfile created on: 7/4/2012 12:55:51 PM - Run 2
OTL by OldTimer - Version 3.2.53.1 Folder = C:\Documents and Settings\Cheryll\Desktop\GeekstoGo
Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

3.25 Gb Total Physical Memory | 0.68 Gb Available Physical Memory | 20.99% Memory free
5.09 Gb Paging File | 2.47 Gb Available in Paging File | 48.58% Paging File free
Paging file location(s): C:\pagefile.sys 2046 4092 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 67.98 Gb Total Space | 1.51 Gb Free Space | 2.22% Space Free | Partition Type: NTFS
Unable to calculate disk information.
Drive F: | 633.47 Mb Total Space | 0.00 Mb Free Space | 0.00% Space Free | Partition Type: UDF
Drive G: | 614.91 Mb Total Space | 0.00 Mb Free Space | 0.00% Space Free | Partition Type: UDF
Drive H: | 569.83 Mb Total Space | 0.00 Mb Free Space | 0.00% Space Free | Partition Type: UDF
Drive J: | 297.44 Gb Total Space | 179.10 Gb Free Space | 60.21% Space Free | Partition Type: NTFS
Drive K: | 297.44 Gb Total Space | 151.26 Gb Free Space | 50.86% Space Free | Partition Type: NTFS
Drive L: | 465.73 Gb Total Space | 434.01 Gb Free Space | 93.19% Space Free | Partition Type: NTFS
Drive O: | 930.86 Gb Total Space | 832.54 Gb Free Space | 89.44% Space Free | Partition Type: NTFS
Drive S: | 67.98 Gb Total Space | 1.51 Gb Free Space | 2.22% Space Free | Partition Type: NTFS
Drive Z: | 67.98 Gb Total Space | 1.51 Gb Free Space | 2.22% Space Free | Partition Type: NTFS

Computer Name: BOOKKEEPING | User Name: Cheryll | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2012/07/04 12:47:27 | 000,595,968 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Cheryll\Desktop\GeekstoGo\OTL.exe
PRC - [2012/06/28 08:42:23 | 000,426,184 | ---- | M] (Adobe Systems Incorporated) -- C:\WINDOWS\system32\FlashPlayerApp.exe
PRC - [2012/06/04 09:31:40 | 001,466,760 | ---- | M] (Garmin) -- C:\Program Files\Garmin\Lifetime Updater\GarminLifetime.exe
PRC - [2012/05/20 09:18:00 | 000,136,584 | ---- | M] (LogMeIn, Inc.) -- C:\Program Files\LogMeIn\x86\ramaint.exe
PRC - [2012/05/20 09:17:53 | 000,374,152 | ---- | M] (LogMeIn, Inc.) -- C:\Program Files\LogMeIn\x86\LMIGuardianSvc.exe
PRC - [2012/05/14 15:09:32 | 001,178,984 | ---- | M] (Intuit Inc.) -- C:\Program Files\Intuit\QuickBooks 2011\QBW32.EXE
PRC - [2012/05/14 14:07:42 | 000,045,056 | ---- | M] (Intuit) -- C:\Program Files\Common Files\Intuit\QuickBooks\QBCFMonitorService.exe
PRC - [2012/05/04 19:29:46 | 000,161,664 | ---- | M] (Oracle Corporation) -- C:\Program Files\Oracle\JavaFX 2.1 Runtime\bin\jqs.exe
PRC - [2012/04/30 17:18:00 | 005,235,608 | R--- | M] (Western Digital Technologies, Inc.) -- C:\Program Files\Western Digital\WD Quick View\WDDMStatus.exe
PRC - [2012/04/24 10:31:34 | 001,150,368 | R--- | M] (Western Digital ) -- C:\Program Files\Western Digital\WD SmartWare\WDBackupEngine.exe
PRC - [2012/04/11 13:09:14 | 001,177,496 | R--- | M] (Western Digital ) -- C:\Program Files\Western Digital\WD SmartWare\WDRulesEngine.exe
PRC - [2012/04/11 13:01:46 | 000,247,704 | R--- | M] (Western Digital) -- C:\Program Files\Western Digital\WD Drive Manager\WDDriveService.exe
PRC - [2012/04/04 16:56:40 | 000,654,408 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
PRC - [2012/03/15 18:50:51 | 001,492,816 | ---- | M] (Billeo, Inc.) -- C:\Program Files\Billeo\billeo.exe
PRC - [2011/11/02 03:00:44 | 000,090,448 | ---- | M] (Research In Motion Limited) -- C:\Program Files\Common Files\Research In Motion\USB Drivers\RIMBBLaunchAgent.exe
PRC - [2011/08/22 05:39:44 | 002,995,568 | ---- | M] (Citrix Online, a division of Citrix Systems, Inc.) -- C:\Program Files\Citrix\GoToMyPC\g2tray.exe
PRC - [2011/08/22 05:39:42 | 000,946,032 | ---- | M] (Citrix Online, a division of Citrix Systems, Inc.) -- C:\Program Files\Citrix\GoToMyPC\g2svc.exe
PRC - [2011/08/22 05:39:36 | 002,120,048 | ---- | M] (Citrix Online, a division of Citrix Systems, Inc.) -- C:\Program Files\Citrix\GoToMyPC\g2pre.exe
PRC - [2011/08/22 05:39:28 | 001,686,384 | ---- | M] (Citrix Online, a division of Citrix Systems, Inc.) -- C:\Program Files\Citrix\GoToMyPC\g2comm.exe
PRC - [2011/06/30 13:25:52 | 001,248,256 | ---- | M] (Intuit Inc.) -- C:\Program Files\Common Files\Intuit\DataProtect\QBIDPService.exe
PRC - [2011/01/11 19:04:04 | 000,390,528 | ---- | M] (LogMeIn, Inc.) -- C:\Program Files\LogMeIn\x86\LogMeIn.exe
PRC - [2011/01/11 19:04:04 | 000,063,048 | ---- | M] (LogMeIn, Inc.) -- C:\Program Files\LogMeIn\x86\LogMeInSystray.exe
PRC - [2010/04/27 23:36:44 | 000,679,936 | ---- | M] (Intuit, Inc.) -- C:\Program Files\Intuit\QuickBooks 2011\QBDBMgrN.exe
PRC - [2009/03/19 11:16:22 | 001,451,384 | ---- | M] (Broadcom Corporation.) -- C:\Program Files\WIDCOMM\Bluetooth Software\BTStackServer.exe
PRC - [2009/03/19 11:16:22 | 000,603,488 | ---- | M] (Broadcom Corporation.) -- C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
PRC - [2008/04/14 03:00:00 | 001,033,728 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
PRC - [2008/04/14 03:00:00 | 000,015,360 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\inetsrv\inetinfo.exe
PRC - [2007/07/24 12:15:14 | 000,185,632 | ---- | M] (Protexis Inc.) -- c:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe
PRC - [2006/12/12 10:46:54 | 000,020,480 | ---- | M] (Creative Technology Ltd) -- C:\WINDOWS\system32\Ctxfihlp.exe
PRC - [2006/12/12 10:43:58 | 000,842,240 | ---- | M] (Creative Technology Ltd) -- C:\WINDOWS\system32\CTxfispi.exe


========== Modules (No Company Name) ==========

MOD - [2012/06/13 11:19:13 | 000,212,992 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.ServiceProce#\8b84bb74d7724e147a642a1d5358feb7\System.ServiceProcess.ni.dll
MOD - [2012/06/13 10:36:06 | 013,198,336 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System.Windows.Forms\3971e166cf827b6726e142f344061dc9\System.Windows.Forms.ni.dll
MOD - [2012/06/13 10:29:36 | 018,000,896 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\PresentationFramewo#\199683f6e79076b634ee6cc0a82c0654\PresentationFramework.ni.dll
MOD - [2012/06/13 10:29:10 | 011,451,904 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\PresentationCore\e7dc084827f8df2dbdc819db5c633a0d\PresentationCore.ni.dll
MOD - [2012/06/13 10:28:50 | 003,858,432 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\WindowsBase\21f37f9f5162af7efb52169012bd111e\WindowsBase.ni.dll
MOD - [2012/06/13 10:28:48 | 001,666,048 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System.Drawing\8c40f40ef36622109793788049fbe9ab\System.Drawing.ni.dll
MOD - [2012/06/05 10:33:44 | 000,254,680 | ---- | M] () -- C:\Program Files\Auslogics\Auslogics BoostSpeed\ausshellext.dll
MOD - [2012/05/14 15:10:26 | 000,125,800 | ---- | M] () -- C:\Program Files\Intuit\QuickBooks 2011\QBMAPILibrary.dll
MOD - [2012/05/14 15:10:22 | 000,020,840 | ---- | M] () -- C:\Program Files\Intuit\QuickBooks 2011\QBCompressor.DLL
MOD - [2012/05/14 15:10:10 | 000,042,344 | ---- | M] () -- C:\Program Files\Intuit\QuickBooks 2011\mbpopup.dll
MOD - [2012/05/14 15:09:42 | 000,176,488 | ---- | M] () -- C:\Program Files\Intuit\QuickBooks 2011\boost_serialization-vc90-mt-p-1_33.dll
MOD - [2012/05/14 15:09:40 | 000,268,648 | ---- | M] () -- C:\Program Files\Intuit\QuickBooks 2011\boost_regex-vc90-mt-p-1_33.dll
MOD - [2012/05/14 15:09:38 | 000,348,008 | ---- | M] () -- C:\Program Files\Intuit\QuickBooks 2011\BackupLib.dll
MOD - [2012/05/11 09:28:35 | 000,787,456 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System.EnterpriseSe#\bb40644f323a93fa9bc09be350918ef3\System.EnterpriseServices.ni.dll
MOD - [2012/05/11 09:28:35 | 000,236,032 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System.EnterpriseSe#\bb40644f323a93fa9bc09be350918ef3\System.EnterpriseServices.Wrapper.dll
MOD - [2012/05/11 09:28:34 | 000,649,728 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System.Transactions\67a386434938003bceb0752e979dabb3\System.Transactions.ni.dll
MOD - [2012/05/11 09:28:24 | 000,393,216 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System.Xml.Linq\4837a5c6204d53e7aa4f7dd94b98207c\System.Xml.Linq.ni.dll
MOD - [2012/05/11 09:28:23 | 001,782,272 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System.Xaml\d234eceae699d070b5a5712ce776c01f\System.Xaml.ni.dll
MOD - [2012/05/11 09:22:53 | 000,011,776 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\Microsoft.VisualC\46f273930666397a8cb538ffe9190eef\Microsoft.VisualC.ni.dll
MOD - [2012/05/11 07:36:48 | 000,755,712 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\PresentationFramewo#\141f0a8fbfb83604fa3dd43dbe8fa0f4\PresentationFramework.Luna.ni.dll
MOD - [2012/05/11 07:32:24 | 006,815,232 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System.Data\99d0f7ba920eea1117e45dcd9fec0eb5\System.Data.ni.dll
MOD - [2012/05/11 07:32:24 | 000,736,768 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System.Security\5a3beae8b211b91bfc620c029cf4c2d4\System.Security.ni.dll
MOD - [2012/05/11 07:32:12 | 007,069,184 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System.Core\ed91b57205429a23bb91f4499059a459\System.Core.ni.dll
MOD - [2012/05/11 07:32:08 | 000,982,528 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System.Configuration\623d2a0f11dd82bb9bc13d1cb981b239\System.Configuration.ni.dll
MOD - [2012/05/11 07:32:05 | 005,617,664 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System.Xml\d1f299160424bad90fe9f658661389e2\System.Xml.ni.dll
MOD - [2012/05/11 07:31:50 | 009,091,584 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System\6f9f0467e8b2dd3f69b015c8e30ac945\System.ni.dll
MOD - [2012/05/11 07:31:41 | 000,145,408 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System.Numerics\7b7719d46a4da2e91e8c501347e48ab9\System.Numerics.ni.dll
MOD - [2012/05/11 07:31:38 | 014,412,800 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\mscorlib\3953b1d8b9b57e4957bff8f58145384e\mscorlib.ni.dll
MOD - [2012/05/11 05:29:19 | 000,998,400 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Management\9080c8e8e7b6dfb502c1328673d636f8\System.Management.ni.dll
MOD - [2012/05/11 05:26:00 | 000,971,264 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Configuration\3d5b7368bde0f65aa15d9f46b498cc89\System.Configuration.ni.dll
MOD - [2012/05/11 02:33:29 | 005,450,752 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Xml\3bba1b8b0b5ef0be238b011cc7a0575e\System.Xml.ni.dll
MOD - [2012/05/11 02:31:01 | 007,953,408 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System\e4b5afc4da43b1c576f9322f9f2e1bfe\System.ni.dll
MOD - [2012/05/11 02:30:48 | 011,492,352 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\mscorlib\e337c89bc9f81b69d7237aa70e935900\mscorlib.ni.dll
MOD - [2011/09/27 07:23:00 | 000,087,912 | ---- | M] () -- C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
MOD - [2011/09/27 07:22:40 | 001,242,472 | ---- | M] () -- C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll
MOD - [2009/03/19 11:15:04 | 002,854,976 | ---- | M] () -- C:\WINDOWS\system32\btwicons.dll
MOD - [2009/03/19 11:12:40 | 000,069,697 | ---- | M] () -- C:\Program Files\WIDCOMM\Bluetooth Software\BTKeyInd.dll
MOD - [2008/04/14 03:00:00 | 000,376,832 | ---- | M] () -- C:\WINDOWS\pchealth\helpctr\binaries\msinfo.dll
MOD - [2005/11/08 20:30:00 | 000,003,072 | ---- | M] () -- C:\WINDOWS\CTXFIRES.DLL
MOD - [2005/07/19 23:18:00 | 000,059,904 | ---- | M] () -- C:\Program Files\Intuit\QuickBooks 2011\zlib1.dll


========== Win32 Services (SafeList) ==========

SRV - [2012/05/20 09:18:00 | 000,136,584 | ---- | M] (LogMeIn, Inc.) [Auto | Running] -- C:\Program Files\LogMeIn\x86\ramaint.exe -- (LMIMaint)
SRV - [2012/05/20 09:17:53 | 000,374,152 | ---- | M] (LogMeIn, Inc.) [Auto | Running] -- C:\Program Files\LogMeIn\x86\LMIGuardianSvc.exe -- (LMIGuardianSvc)
SRV - [2012/05/14 14:07:42 | 000,045,056 | ---- | M] (Intuit) [Auto | Running] -- C:\Program Files\Common Files\Intuit\QuickBooks\QBCFMonitorService.exe -- (QBCFMonitorService)
SRV - [2012/05/04 19:29:46 | 000,161,664 | ---- | M] (Oracle Corporation) [Auto | Running] -- C:\Program Files\Oracle\JavaFX 2.1 Runtime\bin\jqs.exe -- (JavaQuickStarterService)
SRV - [2012/04/24 10:31:34 | 001,150,368 | R--- | M] (Western Digital ) [Auto | Running] -- C:\Program Files\Western Digital\WD SmartWare\WDBackupEngine.exe -- (WDBackup)
SRV - [2012/04/11 13:09:14 | 001,177,496 | R--- | M] (Western Digital ) [Auto | Running] -- C:\Program Files\Western Digital\WD SmartWare\WDRulesEngine.exe -- (WDRulesService)
SRV - [2012/04/11 13:01:46 | 000,247,704 | R--- | M] (Western Digital) [Auto | Running] -- C:\Program Files\Western Digital\WD Drive Manager\WDDriveService.exe -- (WDDriveService)
SRV - [2012/04/04 16:56:40 | 000,654,408 | ---- | M] (Malwarebytes Corporation) [Auto | Running] -- C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe -- (MBAMService)
SRV - [2011/08/22 05:39:42 | 000,946,032 | ---- | M] (Citrix Online, a division of Citrix Systems, Inc.) [Auto | Running] -- C:\Program Files\Citrix\GoToMyPC\g2svc.exe -- (gotomypc)
SRV - [2011/06/30 13:25:52 | 001,248,256 | ---- | M] (Intuit Inc.) [Auto | Running] -- C:\Program Files\Common Files\Intuit\DataProtect\QBIDPService.exe -- (QBVSS)
SRV - [2011/06/21 19:32:30 | 000,013,160 | ---- | M] (Citrix Online, a division of Citrix Systems, Inc.) [On_Demand | Stopped] -- C:\Program Files\Citrix\GoToAssist\615\g2aservice.exe -- (GoToAssist)
SRV - [2011/01/11 19:04:04 | 000,390,528 | ---- | M] (LogMeIn, Inc.) [Auto | Running] -- C:\Program Files\LogMeIn\x86\LogMeIn.exe -- (LogMeIn)
SRV - [2010/04/27 23:36:44 | 000,679,936 | ---- | M] (Intuit, Inc.) [On_Demand | Running] -- C:\Program Files\Intuit\QuickBooks 2011\QBDBMgrN.exe -- (QuickBooksDB21)
SRV - [2009/07/23 21:10:38 | 000,061,440 | ---- | M] (Intuit Inc.) [On_Demand | Stopped] -- C:\Program Files\Common Files\Intuit\QuickBooks\FCS\Intuit.QuickBooks.FCS.exe -- (QBFCService)
SRV - [2008/04/14 03:00:00 | 000,105,472 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\WINDOWS\system32\p2pgasvc.dll -- (p2pgasvc)
SRV - [2008/04/14 03:00:00 | 000,035,328 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\WINDOWS\system32\iprip.dll -- (Iprip)
SRV - [2008/04/14 03:00:00 | 000,015,360 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\WINDOWS\system32\inetsrv\inetinfo.exe -- (W3SVC)
SRV - [2008/04/14 03:00:00 | 000,015,360 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\WINDOWS\system32\inetsrv\inetinfo.exe -- (SMTPSVC) Simple Mail Transfer Protocol (SMTP)
SRV - [2008/04/14 03:00:00 | 000,015,360 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\WINDOWS\system32\inetsrv\inetinfo.exe -- (MSFtpsvc)
SRV - [2008/04/14 03:00:00 | 000,015,360 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\WINDOWS\system32\inetsrv\inetinfo.exe -- (IISADMIN)
SRV - [2007/07/24 12:15:14 | 000,185,632 | ---- | M] (Protexis Inc.) [Auto | Running] -- c:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe -- (PSI_SVC_2)


========== Driver Services (SafeList) ==========

DRV - File not found [Kernel | On_Demand | Stopped] -- -- (WDICA)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\TMPassthru.sys -- (TMPassthruMP)
DRV - File not found [File_System | On_Demand | Stopped] -- system32\DRIVERS\psi_mf.sys -- (PSI)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\Drivers\PROCEXP151.SYS -- (PROCEXP151)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDRFRAME)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDRELI)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDFRAME)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDCOMP)
DRV - File not found [Kernel | System | Stopped] -- -- (PCIDump)
DRV - File not found [Kernel | Auto | Stopped] -- -- (MCSTRM)
DRV - File not found [Kernel | System | Stopped] -- -- (lbrtfdc)
DRV - File not found [Kernel | System | Stopped] -- -- (i2omgmt)
DRV - File not found [Kernel | System | Stopped] -- -- (Changer)
DRV - File not found [Kernel | Boot | Stopped] -- -- (cerc6)
DRV - [2012/05/20 09:17:53 | 000,083,360 | ---- | M] (LogMeIn, Inc.) [File_System | Disabled | Stopped] -- C:\WINDOWS\System32\LMIRfsClientNP.dll -- (LMIRfsClientNP)
DRV - [2012/04/04 16:56:40 | 000,022,344 | ---- | M] (Malwarebytes Corporation) [File_System | On_Demand | Running] -- C:\WINDOWS\system32\drivers\mbam.sys -- (MBAMProtector)
DRV - [2011/03/15 01:11:10 | 000,010,112 | ---- | M] (support.com, Inc) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ssmirrdr.sys -- (ssmirrdr)
DRV - [2011/01/11 19:04:04 | 000,047,640 | ---- | M] (LogMeIn, Inc.) [File_System | Auto | Running] -- C:\WINDOWS\system32\drivers\LMIRfsDriver.sys -- (LMIRfsDriver)
DRV - [2011/01/11 19:04:04 | 000,012,856 | ---- | M] (LogMeIn, Inc.) [Kernel | Auto | Running] -- C:\Program Files\LogMeIn\x86\rainfo.sys -- (LMIInfo)
DRV - [2011/01/11 19:04:00 | 000,013,408 | ---- | M] (LogMeIn, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\radpms.sys -- (radpms)
DRV - [2010/04/14 21:29:22 | 000,032,408 | ---- | M] (Smith Micro Inc.) [Kernel | On_Demand | Stopped] -- C:\Program Files\Verizon Wireless\VZAccess Manager\SMSIVZAM5.sys -- (SMSIVZAM5)
DRV - [2010/02/11 08:02:15 | 000,226,880 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\tcpip6.sys -- (Tcpip6)
DRV - [2009/12/30 12:20:56 | 000,027,064 | ---- | M] (VS Revo Group) [File_System | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\revoflt.sys -- (Revoflt)
DRV - [2009/03/19 20:22:26 | 000,991,136 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\btkrnl.sys -- (btkrnl)
DRV - [2009/02/18 17:46:56 | 000,534,312 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\btaudio.sys -- (btaudio)
DRV - [2008/10/31 05:19:14 | 000,047,272 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\btwusb.sys -- (BTWUSB)
DRV - [2008/07/24 17:37:10 | 000,156,816 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\btwdndis.sys -- (BTWDNDIS)
DRV - [2008/06/05 07:34:34 | 000,106,880 | ---- | M] (LSI Corporation) [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\symmpi.sys -- (symmpi)
DRV - [2008/05/08 10:02:52 | 000,203,136 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\rmcast.sys -- (RMCAST)
DRV - [2008/05/06 16:06:00 | 000,011,520 | ---- | M] (Western Digital Technologies) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\wdcsam.sys -- (WDC_SAM)
DRV - [2008/04/14 03:00:00 | 000,092,544 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\mqac.sys -- (MQAC)
DRV - [2008/04/14 03:00:00 | 000,040,320 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\nmnt.sys -- (nm)
DRV - [2008/03/10 18:18:42 | 000,057,384 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\btwhid.sys -- (btwhid)
DRV - [2008/02/04 17:57:44 | 000,037,160 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\btport.sys -- (BTDriver)
DRV - [2008/02/04 17:57:30 | 000,037,032 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\btwmodem.sys -- (btwmodem)
DRV - [2007/06/20 12:08:20 | 000,987,904 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\HSF_DPV.sys -- (HSF_DPV)
DRV - [2007/06/20 12:07:42 | 000,268,032 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\HSFHWBS2.sys -- (HSFHWBS2)
DRV - [2007/06/20 12:07:38 | 000,731,136 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\HSF_CNXT.sys -- (winachsf)
DRV - [2007/06/18 03:01:28 | 000,514,560 | ---- | M] (Creative Technology Ltd) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ctaud2k.sys -- (ctaud2k) Creative Audio Driver (WDM)
DRV - [2007/01/19 14:14:00 | 000,054,016 | ---- | M] (HTL) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\TSUSB2.sys -- (TSUSB2)
DRV - [2006/12/19 08:36:54 | 001,160,504 | ---- | M] (Creative Technology Ltd) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ha20x2k.sys -- (ha20x2k)
DRV - [2006/12/19 08:36:46 | 000,090,936 | ---- | M] (Creative Technology Ltd) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\emupia2k.sys -- (emupia)
DRV - [2006/12/19 08:36:42 | 000,156,984 | ---- | M] (Creative Technology Ltd) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ctsfm2k.sys -- (ctsfm2k)
DRV - [2006/12/19 08:36:36 | 000,014,648 | ---- | M] (Creative Technology Ltd) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ctprxy2k.sys -- (ctprxy2k)
DRV - [2006/12/19 08:36:32 | 000,128,312 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ctoss2k.sys -- (ossrv)
DRV - [2006/12/19 08:35:40 | 000,511,288 | ---- | M] (Creative Technology Ltd) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ctac32k.sys -- (ctac32k)
DRV - [2006/05/25 14:40:00 | 001,156,808 | ---- | M] (SigmaTel, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\sthda.sys -- (STHDA)
DRV - [2006/03/09 14:25:54 | 000,143,872 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\b57xp32.sys -- (b57w2k)
DRV - [2005/07/13 17:18:00 | 000,340,704 | ---- | M] (Creative Technology Ltd) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ctdvda2k.sys -- (ctdvda2k)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE - HKLM\..\SearchScopes,DefaultScope = {30203BFC-D655-4101-B5A1-25AF0735FF9E}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://search.live.c...ferrer:source?}
IE - HKLM\..\SearchScopes\{30203BFC-D655-4101-B5A1-25AF0735FF9E}: "URL" = http://www.google.co...g}&sourceid=ie7

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.google.com/ie
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = http://www.google.com/ie
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.google.com
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,SearchMigratedDefaultName = Google
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,SearchMigratedDefaultURL = http://www.google.co...q={searchTerms}
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = https://www.google.com/
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://www.msn.com/?ocid=iehp
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = en-us
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = D6 52 F0 58 EA 48 CC 01 [binary data]
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL = http://www.google.com/ie
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.google.com/ie
IE - HKCU\..\URLSearchHook: {81017EA9-9AA8-4A6A-9734-7AF40E7D593F} - No CLSID value found
IE - HKCU\..\SearchScopes,DefaultScope = {30203BFC-D655-4101-B5A1-25AF0735FF9E}
IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/...ferrer:source?}
IE - HKCU\..\SearchScopes\{24C219D1-BBA7-43DB-8A9B-6B1E9D7A7FF9}: "URL" = http://en.wikipedia....h={searchTerms}
IE - HKCU\..\SearchScopes\{30203BFC-D655-4101-B5A1-25AF0735FF9E}: "URL" = http://www.google.co...1I7ADSA_enUS489
IE - HKCU\..\SearchScopes\{3367CC72-428C-4974-B192-4B01A6DEAABE}: "URL" = http://search.yahoo....ei=utf-8&fr=ie8
IE - HKCU\..\SearchScopes\{3C0341FB-D163-471E-B01B-C5CA17D44929}: "URL" = http://www.facebook....q={searchTerms}
IE - HKCU\..\SearchScopes\{53F2F16D-F87C-478C-BFFA-B7AACE3C9060}: "URL" = http://www.bing.com/...rc=IE-SearchBox
IE - HKCU\..\SearchScopes\{9B80904B-53EB-4F06-9366-8C1BF3EE1DFD}: "URL" = http://www.amazon.co...s={searchTerms}
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local;127.0.0.1:9421;

========== FireFox ==========

FF - user.js - File not found

FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\WINDOWS\system32\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.)
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@garmin.com/GpsControl: C:\Program Files\Garmin GPS Plugin\npGarmin.dll (GARMIN Corp.)
FF - HKLM\Software\MozillaPlugins\@google.com/npPicasa3,version=3.0.0: C:\Program Files\Google\Picasa3\npPicasa3.dll (Google, Inc.)
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.5.1: C:\WINDOWS\system32\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.5.1: C:\Program Files\Oracle\JavaFX 2.1 Runtime\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files\Microsoft Silverlight\5.1.10411.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpWinExt,version=5.0: C:\Program Files\MSN Toolbar\Platform\5.0.1449.0\npwinext.dll File not found
FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeLive,version=1.5: C:\Program Files\Microsoft\Office Live\npOLW.dll (Microsoft Corp.)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=14.0.8117.0416: C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@rim.com/npappworld: C:\Program Files\Research In Motion Limited\BlackBerry App World Browser Plugin\npappworld.dll ()
FF - HKLM\Software\MozillaPlugins\@RIM.com/WebSLLauncher,version=1.0: C:\Program Files\Common Files\Research In Motion\BBWebSLLauncher\NPWebSLLauncher.dll ()
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.21.111\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.21.111\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\Adobe Acrobat: C:\Program Files\Adobe\Acrobat 10.0\Acrobat\Air\nppdf32.dll (Adobe Systems Inc.)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\[email protected]: C:\Program Files\MSN Toolbar\Platform\5.0.1449.0\Firefox
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{27182e60-b5f3-411c-b545-b44205977502}: C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\firefoxextension\SearchHelperExtension\
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\[email protected]: C:\Program Files\Hewlett-Packard\SmartPrint\QPExtension [2012/06/01 21:04:51 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\[email protected]: C:\Program Files\Adobe\Acrobat 10.0\Acrobat\Browser\WCFirefoxExtn [2012/07/04 01:21:23 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 11.0\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2012/05/21 13:01:44 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 11.0\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2012/07/04 01:21:43 | 000,000,000 | ---D | M]

[2012/04/18 17:23:21 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Cheryll\Application Data\Mozilla\Extensions
[2012/04/25 00:45:51 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Cheryll\Application Data\Mozilla\Firefox\Profiles\ygr2pzn9.default\extensions
[2012/05/17 12:15:16 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions
[2012/04/25 00:45:51 | 000,123,970 | ---- | M] () (No name found) -- C:\DOCUMENTS AND SETTINGS\CHERYLL\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\YGR2PZN9.DEFAULT\EXTENSIONS\[email protected]
[2012/03/13 00:39:39 | 000,097,208 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\browsercomps.dll
[2011/03/18 14:32:12 | 000,091,552 | ---- | M] (Coupons, Inc.) -- C:\Program Files\mozilla firefox\plugins\npCouponPrinter.dll
[2011/03/18 14:32:14 | 000,091,552 | ---- | M] (Coupons, Inc.) -- C:\Program Files\mozilla firefox\plugins\npMozCouponPrinter.dll
[2012/03/13 00:38:32 | 000,002,252 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\bing.xml
[2012/03/13 00:38:32 | 000,002,040 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\twitter.xml

========== Chrome ==========

CHR - default_search_provider: Google (Enabled)
CHR - default_search_provider: search_url = {google:baseURL}search?{google:RLZ}{google:acceptedSuggestion}{google:originalQueryForSuggestion}{google:searchFieldtrialParameter}{google:instantFieldTrialGroupParameter}sourceid=chrome&ie={inputEncoding}&q={searchTerms}
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}{google:instantFieldTrialGroupParameter}client=chrome&hl={language}&q={searchTerms}
CHR - plugin: Remoting Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Program Files\Google\Chrome\Application\18.0.1025.162\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Program Files\Google\Chrome\Application\18.0.1025.162\pdf.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Documents and Settings\Cheryll\Local Settings\Application Data\Google\Chrome\User Data\NPAPIFlash\gcswf32.dll
CHR - plugin: Shockwave Flash (Disabled) = C:\Documents and Settings\Cheryll\Local Settings\Application Data\Google\Chrome\User Data\PepperFlash\11.1.31.203\pepflashplayer.dll
CHR - plugin: Adobe Acrobat (Enabled) = C:\Program Files\Adobe\Reader 10.0\Reader\Browser\nppdf32.dll
CHR - plugin: Coupons Inc., Coupon Printer Manager (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npCouponPrinter.dll
CHR - plugin: Coupons Inc., Coupon Printer Manager (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npMozCouponPrinter.dll
CHR - plugin: QuickTime Plug-in 7.7.2 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin.dll
CHR - plugin: QuickTime Plug-in 7.7.2 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin2.dll
CHR - plugin: QuickTime Plug-in 7.7.2 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin3.dll
CHR - plugin: QuickTime Plug-in 7.7.2 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin4.dll
CHR - plugin: QuickTime Plug-in 7.7.2 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin5.dll
CHR - plugin: QuickTime Plug-in 7.7.2 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin6.dll
CHR - plugin: QuickTime Plug-in 7.7.2 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin7.dll
CHR - plugin: Microsoft\u00AE DRM (Enabled) = C:\Program Files\Windows Media Player\npdrmv2.dll
CHR - plugin: Microsoft\u00AE DRM (Enabled) = C:\Program Files\Windows Media Player\npwmsdrm.dll
CHR - plugin: Windows Media Player Plug-in Dynamic Link Library (Enabled) = C:\Program Files\Windows Media Player\npdsplay.dll
CHR - plugin: Google Update (Enabled) = C:\Documents and Settings\Cheryll\Local Settings\Application Data\Google\Update\1.3.21.111\npGoogleUpdate3.dll
CHR - plugin: RIM Handheld Application Loader (Enabled) = C:\Program Files\Common Files\Research In Motion\BBWebSLLauncher\NPWebSLLauncher.dll
CHR - plugin: Picasa (Enabled) = C:\Program Files\Google\Picasa3\npPicasa3.dll
CHR - plugin: Silverlight Plug-In (Enabled) = C:\Program Files\Microsoft Silverlight\5.1.10411.0\npctrl.dll
CHR - plugin: Microsoft Office Live Plug-in for Firefox (Enabled) = C:\Program Files\Microsoft\Office Live\npOLW.dll
CHR - plugin: Java™ Platform SE 7 U5 (Enabled) = C:\Program Files\Oracle\JavaFX 2.1 Runtime\bin\plugin2\npjp2.dll
CHR - plugin: Java Deployment Toolkit 7.0.50.255 (Enabled) = C:\WINDOWS\system32\npDeployJava1.dll
CHR - plugin: BlackBerry AppWorld (Enabled) = C:\Program Files\Research In Motion Limited\BlackBerry App World Browser Plugin\npappworld.dll
CHR - plugin: Windows Live\u00AE Photo Gallery (Enabled) = C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll
CHR - plugin: iTunes Application Detector (Enabled) = C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll
CHR - plugin: Windows Presentation Foundation (Enabled) = C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll
CHR - plugin: Shockwave for Director (Enabled) = C:\WINDOWS\system32\Adobe\Director\np32dsw.dll
CHR - Extension: Entanglement = C:\Documents and Settings\Cheryll\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\aciahcmjmecflokailenpkdchphgkefd\2.7.9_0\
CHR - Extension: Offer Assistant = C:\Documents and Settings\Cheryll\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\fdbbfnpbamaaclhbdbkggbnhpheepmoo\0.5.1.2_0\
CHR - Extension: Poppit = C:\Documents and Settings\Cheryll\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\mcbkbpnkkkipelfledbfocopglifcfmi\2.2_0\
CHR - Extension: Google Mail Checker = C:\Documents and Settings\Cheryll\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\mihcahmgecmbnbcchbopgniflfhgnkff\3.2_0\

O1 HOSTS File: ([2012/05/15 06:33:15 | 000,000,736 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (no name) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - No CLSID value found.
O2 - BHO: (HP Smart Print BHO) - {1658D3A1-9E13-4196-A82A-D70D70880F36} - C:\Program Files\Hewlett-Packard\SmartPrint\QuickPrintBHO.dll (Hewlett-Packard)
O2 - BHO: (Billeo) - {465E08E7-F005-4389-980F-1D8764B3486C} - c:\Program Files\Billeo\billeo.dll (Billeo, Inc.)
O2 - BHO: (Java™ Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Oracle\JavaFX 2.1 Runtime\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (Adobe PDF Conversion Toolbar Helper) - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O2 - BHO: (Java™ Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Oracle\JavaFX 2.1 Runtime\bin\jp2ssv.dll (Oracle Corporation)
O2 - BHO: (SmartSelect Class) - {F4971EE7-DAA0-4053-9964-665D8EE6A077} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O3 - HKLM\..\Toolbar: (Adobe PDF) - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O3 - HKLM\..\Toolbar: (Billeo) - {6ADB0F93-1AA5-4BCF-9DF4-CEA689A3C111} - c:\Program Files\Billeo\billeo.dll (Billeo, Inc.)
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {0123B506-0AD9-43AA-B0CF-916C122AD4C5} - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (Adobe PDF) - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O3 - HKCU\..\Toolbar\WebBrowser: (Billeo) - {6ADB0F93-1AA5-4BCF-9DF4-CEA689A3C111} - c:\Program Files\Billeo\billeo.dll (Billeo, Inc.)
O4 - HKLM..\Run: [] File not found
O4 - HKLM..\Run: [Acrobat Assistant 8.0] C:\Program Files\Adobe\Acrobat 10.0\Acrobat\Acrotray.exe (Adobe Systems Inc.)
O4 - HKLM..\Run: [Adobe Acrobat Speed Launcher] C:\Program Files\Adobe\Acrobat 10.0\Acrobat\Acrobat_sl.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [APSDaemon] C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.)
O4 - HKLM..\Run: [CTxfiHlp] C:\WINDOWS\System32\Ctxfihlp.exe (Creative Technology Ltd)
O4 - HKLM..\Run: [Garmin Lifetime Updater] C:\Program Files\Garmin\Lifetime Updater\GarminLifetime.exe (Garmin)
O4 - HKLM..\Run: [Intuit SyncManager] C:\Program Files\Common Files\Intuit\Sync\IntuitSyncManager.exe (Intuit Inc. All rights reserved.)
O4 - HKLM..\Run: [LogMeIn GUI] C:\Program Files\LogMeIn\x86\LogMeInSystray.exe (LogMeIn, Inc.)
O4 - HKLM..\Run: [Malwarebytes' Anti-Malware] C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation)
O4 - HKLM..\Run: [NvCplDaemon] C:\WINDOWS\System32\NvCpl.dll (NVIDIA Corporation)
O4 - HKLM..\Run: [RIMBBLaunchAgent.exe] C:\Program Files\Common Files\Research In Motion\USB Drivers\RIMBBLaunchAgent.exe (Research In Motion Limited)
O4 - HKLM..\Run: [WD Quick View] C:\Program Files\Western Digital\WD Quick View\WDDMStatus.exe (Western Digital Technologies, Inc.)
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\AutorunsDisabled [2012/06/09 03:08:27 | 000,000,000 | -H-D | M]
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Billeo.lnk = C:\Program Files\Billeo\billeo.exe (Billeo, Inc.)
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Bluetooth.lnk = C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe (Broadcom Corporation.)
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Intuit Data Protect.lnk = C:\Program Files\Common Files\Intuit\DataProtect\IntuitDataProtect.exe (Intuit Inc.)
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\QuickBooks_Standard_21.lnk = C:\Program Files\Intuit\QuickBooks 2011\QBW32.EXE (Intuit Inc.)
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\control panel present
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\restrictions present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoCDBurning = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\control panel present
O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\restrictions present
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O8 - Extra context menu item: Add to Google Photos Screensa&ver - C:\WINDOWS\System32\GPhotos.scr (Google Inc.)
O8 - Extra context menu item: Append Link Target to Existing PDF - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Append to Existing PDF - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Convert Link Target to Adobe PDF - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Convert to Adobe PDF - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Open with WordPerfect - c:\Program Files\Corel\WordPerfect Office X5\Programs\WPLauncher.hta ()
O8 - Extra context menu item: Send to &Bluetooth Device... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm ()
O8 - Extra context menu item: Send To Bluetooth - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O9 - Extra Button: HP Smart Print - {22CC3EBD-C286-43aa-B8E6-06B115F74162} - C:\Program Files\Hewlett-Packard\SmartPrint\HPQuickPrintLauncher.exe (Hewlett-Packard)
O9 - Extra 'Tools' menuitem : SmartPrint - {22CC3EBD-C286-43aa-B8E6-06B115F74162} - C:\Program Files\Hewlett-Packard\SmartPrint\HPQuickPrintLauncher.exe (Hewlett-Packard)
O9 - Extra Button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O9 - Extra 'Tools' menuitem : @btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O10 - NameSpace_Catalog5\Catalog_Entries\000000000006 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O15 - HKCU\..Trusted Domains: adobe.com ([]* in Trusted sites)
O15 - HKCU\..Trusted Domains: adobeconnect.com ([adda] http in Trusted sites)
O15 - HKCU\..Trusted Domains: adp.com ([]https in Trusted sites)
O15 - HKCU\..Trusted Domains: apple.com ([itunes] http in Trusted sites)
O15 - HKCU\..Trusted Domains: apple.com ([p40-buy.itunes] https in Trusted sites)
O15 - HKCU\..Trusted Domains: blackberry.com ([appworld] https in Trusted sites)
O15 - HKCU\..Trusted Domains: blackberry.com ([us] http in Trusted sites)
O15 - HKCU\..Trusted Domains: citibank.com ([online] https in Trusted sites)
O15 - HKCU\..Trusted Domains: dell.com ([ecomm] http in Trusted sites)
O15 - HKCU\..Trusted Domains: fedex.com ([www] https in Trusted sites)
O15 - HKCU\..Trusted Domains: firstrehab.com ([www] https in Trusted sites)
O15 - HKCU\..Trusted Domains: ford.com ([credit] https in Trusted sites)
O15 - HKCU\..Trusted Domains: google.com ([]https in Trusted sites)
O15 - HKCU\..Trusted Domains: gpsidental.com ([www] http in Trusted sites)
O15 - HKCU\..Trusted Domains: healerslibrary.com ([www] http in Trusted sites)
O15 - HKCU\..Trusted Domains: hp.com ([h30136.www3] https in Trusted sites)
O15 - HKCU\..Trusted Domains: hp.com ([www8] http in Trusted sites)
O15 - HKCU\..Trusted Domains: impact-e.com ([secure] https in Trusted sites)
O15 - HKCU\..Trusted Domains: live.com ([snt144.mail] https in Trusted sites)
O15 - HKCU\..Trusted Domains: medcohealth.com ([host1] https in Trusted sites)
O15 - HKCU\..Trusted Domains: microsoft.com ([www.update] http in Trusted sites)
O15 - HKCU\..Trusted Domains: pandora.com ([www] http in Trusted sites)
O15 - HKCU\..Trusted Domains: redeposit.com ([]* in Trusted sites)
O15 - HKCU\..Trusted Domains: redeposit.com ([www] https in Trusted sites)
O15 - HKCU\..Trusted Domains: sedonatalkradio.com ([www] http in Trusted sites)
O15 - HKCU\..Trusted Domains: sharebuilder.com ([]* in Trusted sites)
O15 - HKCU\..Trusted Domains: sony.com ([store] http in Trusted sites)
O15 - HKCU\..Trusted Domains: staples.com ([]* in Trusted sites)
O15 - HKCU\..Trusted Domains: staples.com ([]https in Trusted sites)
O15 - HKCU\..Trusted Domains: tomrush.com. ([www] http in Trusted sites)
O15 - HKCU\..Trusted Domains: tonyrobbins.com ([www] http in Trusted sites)
O15 - HKCU\..Trusted Domains: usps.com ([pay] https in Trusted sites)
O15 - HKCU\..Trusted Domains: usps.com ([reg] https in Trusted sites)
O15 - HKCU\..Trusted Domains: usps.com ([sss-web] https in Trusted sites)
O15 - HKCU\..Trusted Domains: usps.com ([store] https in Trusted sites)
O15 - HKCU\..Trusted Domains: usps.com ([www] https in Trusted sites)
O15 - HKCU\..Trusted Domains: verizonwireless.com ([ics] https in Trusted sites)
O15 - HKCU\..Trusted Domains: verizonwireless.com ([mediastore] https in Trusted sites)
O15 - HKCU\..Trusted Domains: verizonwireless.com ([nbillpay] https in Trusted sites)
O15 - HKCU\..Trusted Domains: verizonwireless.com ([www] https in Trusted sites)
O15 - HKCU\..Trusted Domains: vimovo.com ([www] http in Trusted sites)
O15 - HKCU\..Trusted Domains: yahoo.com ([us.mg2.mail] http in Trusted sites)
O15 - HKCU\..Trusted Ranges: Range1 ([https] in Local intranet)
O15 - HKCU\..Trusted Ranges: Range2 ([https] in Trusted sites)
O15 - HKCU\..Trusted Ranges: Range3 ([http] in Trusted sites)
O15 - HKCU\..Trusted Ranges: Range3 ([https] in Trusted sites)
O16 - DPF: {02BCC737-B171-4746-94C9-0D8A0B2C0089} http://office.micros...n/ieawsdc32.cab (Microsoft Office Template and Media Control)
O16 - DPF: {036F8A56-0BC8-4607-8F98-D3231E6FF5ED} https://vc.adp.com/S...raUpdaterAx.cab (CentraUpdaterAxCtl Class)
O16 - DPF: {166B1BCA-3F9C-11CF-8075-444553540000} http://download.macr...director/sw.cab (Shockwave ActiveX Control)
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} http://download.micr...heckControl.cab (Windows Genuine Advantage Validation Tool)
O16 - DPF: {19807432-0B1E-41E9-8719-07B78BBA2DA9} https://www.redeposi...urboScan681.CAB (Reg Error: Key error.)
O16 - DPF: {233C1507-6A77-46A4-9443-F871F945D258} http://download.macr...director/sw.cab (Shockwave ActiveX Control)
O16 - DPF: {33415AC7-AFFA-4D55-B41C-C64C0D07DFCA} http://h50203.www5.h...SWebManager.CAB (Reg Error: Key error.)
O16 - DPF: {4871A87A-BFDD-4106-8153-FFDE2BAC2967} http://dlm.tools.aka...vex-2.2.6.0.cab (Reg Error: Key error.)
O16 - DPF: {49312E18-AA92-4CC2-BB97-55DEA7BCADD6} https://support.dell...r/SysProExe.CAB (WMI Class)
O16 - DPF: {578935AC-D59C-4CB6-A595-B9FA624A30C4} https://www.redeposi...urboScan640.CAB (Reg Error: Key error.)
O16 - DPF: {588031A3-94BF-4CDD-86D0-939F6F93910F} https://fixit.suppor...FixItClient.CAB (Reg Error: Key error.)
O16 - DPF: {5EE6F903-293F-4383-9C71-E774A3CB798F} https://www.redeposi...ARCUtils111.CAB (EFTARCUtils111.ScannerManager)
O16 - DPF: {682C59F5-478C-4421-9070-AD170D143B77} http://www.dell.com/...t/Ode/pcd86.cab (Launcher Class)
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} http://www.update.mi...b?1341282486597 (MUWebControl Class)
O16 - DPF: {73ECB3AA-4717-450C-A2AB-D00DAD9EE203} http://h20270.www2.h...tDetection2.cab (GMNRev Class)
O16 - DPF: {83A4D5A6-E2C1-4EDD-AD48-1A1C50BD06EF} https://mediamanager...geUploader6.cab (Reg Error: Key error.)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.7.0_04)
O16 - DPF: {A796D216-2DE1-4EA8-BABB-FE6E7C959098} http://www.hp.com/cp...ddObjSigned.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.7.0_04)
O16 - DPF: {D3C71C0D-BDCC-4A35-8660-0BF82860481D} https://www.redeposi...urboScan671.CAB (EFTTurboScan671.TurboScan)
O16 - DPF: {FD0B6769-6490-4A91-AA0A-B5AE0DC75AC9} https://secure.logme...trl.cab?lmi=724 (Performance Viewer Activex Control)
O16 - DPF: Garmin Communicator Plug-In https://static.garmi...xControl_32.CAB (Reg Error: Key error.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{B78F4F02-4501-46A9-9FFB-D5ECF5AD56D4}: DhcpNameServer = 192.168.1.1
O18 - Protocol\Handler\intu-help-qb4 {ACE22922-D07C-4860-B51B-8CF472FEC2CB} - C:\Program Files\Intuit\QuickBooks 2011\HelpAsyncPluggableProtocol.dll (Intuit, Inc.)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\WINDOWS\system32\userinit.exe) - C:\WINDOWS\system32\userinit.exe (Microsoft Corporation)
O20 - Winlogon\Notify\AutorunsDisabled: DllName - (Reg Error: Value error.) - Reg Error: Value error. File not found
O20 - Winlogon\Notify\GoToAssist: DllName - (C:\Program Files\Citrix\GoToAssist\615\G2AWinLogon.dll) - C:\Program Files\Citrix\GoToAssist\615\g2awinlogon.dll (Citrix Online, a division of Citrix Systems, Inc.)
O20 - Winlogon\Notify\gotomypc: DllName - (C:\Program Files\Citrix\GoToMyPC\G2WinLogon.dll) - C:\Program Files\Citrix\GoToMyPC\G2WinLogon.dll (Citrix Online, a division of Citrix Systems, Inc.)
O20 - Winlogon\Notify\LMIinit: DllName - (LMIinit.dll) - C:\WINDOWS\System32\LMIinit.dll (LogMeIn, Inc.)
O20 - Winlogon\Notify\PFW: DllName - (Reg Error: Value error.) - Reg Error: Value error. File not found
O24 - Desktop WallPaper: C:\Documents and Settings\Cheryll\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O24 - Desktop BackupWallPaper: C:\Documents and Settings\Cheryll\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2011/06/21 19:18:48 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O32 - AutoRun File - [2009/06/18 17:12:18 | 000,000,088 | R--- | M] () - F:\autorun.inf -- [ UDF ]
O32 - AutoRun File - [2009/06/18 17:12:18 | 000,000,088 | R--- | M] () - G:\autorun.inf -- [ UDF ]
O32 - AutoRun File - [2009/06/18 17:12:18 | 000,000,088 | R--- | M] () - H:\autorun.inf -- [ UDF ]
O32 - AutoRun File - [2010/10/16 09:49:06 | 000,000,105 | -H-- | M] () - O:\autorun.inf -- [ NTFS ]
O33 - MountPoints2\{632df9fa-b9a1-11e1-9aff-001e4fa833ca}\Shell - "" = AutoRun
O33 - MountPoints2\{632df9fa-b9a1-11e1-9aff-001e4fa833ca}\Shell\AutoRun - "" = Auto&Play
O33 - MountPoints2\{632df9fa-b9a1-11e1-9aff-001e4fa833ca}\Shell\AutoRun\command - "" = M:\VZAccess_Manager.exe /z detect
O33 - MountPoints2\{9568a6bd-9c7c-11e0-9942-001e4fa833ca}\Shell - "" = AutoRun
O33 - MountPoints2\{9568a6bd-9c7c-11e0-9942-001e4fa833ca}\Shell\AutoRun - "" = Auto&Play
O33 - MountPoints2\{9568a6bd-9c7c-11e0-9942-001e4fa833ca}\Shell\AutoRun\command - "" = O:\LaunchU3.exe -a
O33 - MountPoints2\{e3b089a8-a47f-11e1-9ad9-001e4fa833ca}\Shell - "" = AutoRun
O33 - MountPoints2\{e3b089a8-a47f-11e1-9ad9-001e4fa833ca}\Shell\AutoRun - "" = Auto&Play
O33 - MountPoints2\{e3b089a8-a47f-11e1-9ad9-001e4fa833ca}\Shell\AutoRun\command - "" = M:\LaunchU3.exe -a
O33 - MountPoints2\D\Shell - "" = AutoRun
O33 - MountPoints2\D\Shell\AutoRun - "" = Auto&Play
O33 - MountPoints2\D\Shell\AutoRun\command - "" = D:\Setup.exe
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)

========== Files/Folders - Created Within 30 Days ==========

[2012/07/04 12:46:40 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Cheryll\Desktop\GeekstoGo
[2012/07/04 01:24:51 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Cheryll\Application Data\AIM1
[2012/07/04 01:24:47 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\AIM for Acrobat
[2012/07/04 01:24:45 | 000,000,000 | ---D | C] -- C:\Program Files\AIM
[2012/07/04 01:10:56 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\regid.1986-12.com.adobe
[2012/07/03 23:49:06 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Adobe LiveCycle ES2
[2012/07/03 23:09:45 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Cheryll\Desktop\Adobe Acrobat X
[2012/06/27 21:32:41 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Cheryll\Local Settings\Application Data\Garmin
[2012/06/27 09:49:01 | 000,000,000 | ---D | C] -- C:\Program Files\Garmin GPS Plugin
[2012/06/27 09:42:02 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Garmin
[2012/06/27 09:35:49 | 000,000,000 | ---D | C] -- C:\Program Files\Garmin
[2012/06/27 09:35:48 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Garmin
[2012/06/27 07:46:28 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Cheryll\Application Data\Garmin
[2012/06/25 20:05:38 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Documents\Sys
[2012/06/25 20:05:38 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Cheryll\Local Settings\Application Data\BFE
[2012/06/25 20:02:43 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\EZ-AIR PLUS
[2012/06/25 20:02:41 | 000,000,000 | ---D | C] -- C:\Program Files\EZ-AIR
[2012/06/22 22:13:51 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Cheryll\Desktop\BlackBerryDeviceSupport
[2012/06/21 06:37:31 | 000,000,000 | ---D | C] -- C:\Program Files\Oracle
[2012/06/21 06:27:52 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Google
[2012/06/18 20:00:41 | 000,000,000 | ---D | C] -- C:\Program Files\Novatel Wireless
[2012/06/15 01:02:39 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\iTunes
[2012/06/15 01:01:00 | 000,000,000 | ---D | C] -- C:\Program Files\iPod
[2012/06/15 01:00:54 | 000,000,000 | ---D | C] -- C:\Program Files\iTunes
[2012/06/13 20:29:05 | 000,000,000 | RH-D | C] -- C:\Documents and Settings\Cheryll\Recent
[2012/06/08 05:51:09 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\XCPCSync.OEM
[2012/06/08 02:51:26 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\WEngineLite
[2012/06/08 02:51:25 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Verizon Wireless
[2012/06/06 07:26:55 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Powertoys for Windows XP
[2012/04/21 21:25:33 | 001,445,888 | ---- | C] (Option^Explicit Software Solutions) -- C:\Documents and Settings\Cheryll\DesktopWinsockxpFix.exe
[2012/04/21 21:25:32 | 000,186,368 | ---- | C] (CEXX.ORG) -- C:\Documents and Settings\Cheryll\DesktopLSPFix.exe
[2012/04/21 21:25:32 | 000,036,864 | ---- | C] (Rock Systems & Development) -- C:\Documents and Settings\Cheryll\DesktopSafeMSI.exe
[2011/07/26 16:04:58 | 001,062,984 | ---- | C] (Citrix Online, a division of Citrix Systems, Inc.) -- C:\Documents and Settings\Cheryll\gotomypc_540.exe
[2011/07/26 15:47:02 | 007,053,264 | ---- | C] (Citrix Online, a division of Citrix Systems, Inc.) -- C:\Documents and Settings\Cheryll\gosetup.exe
[578 C:\WINDOWS\System32\dllcache\*.tmp files -> C:\WINDOWS\System32\dllcache\*.tmp -> ]
[41 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2012/07/04 12:49:48 | 000,000,426 | -H-- | M] () -- C:\WINDOWS\tasks\User_Feed_Synchronization-{A18BC548-82D5-48A5-9018-A3C6D17E47B5}.job
[2012/07/04 12:08:34 | 000,002,206 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2012/07/04 11:18:44 | 000,000,404 | -H-- | M] () -- C:\WINDOWS\tasks\{F897AA24-BDC3-11D1-B85B-00C04FB93981}_BOOKKEEPING_Cheryll.job
[2012/07/04 07:00:00 | 000,001,324 | ---- | M] () -- C:\WINDOWS\System32\d3d9caps.dat
[2012/07/04 04:50:46 | 000,000,414 | -H-- | M] () -- C:\WINDOWS\tasks\WEST NYACK 1308767959.job
[2012/07/04 03:31:13 | 000,000,418 | -H-- | M] () -- C:\WINDOWS\tasks\B & B DENTAL 1308846574.job
[2012/07/04 03:30:59 | 000,000,408 | -H-- | M] () -- C:\WINDOWS\tasks\ASTORIA 1308846881.job
[2012/07/04 03:10:46 | 000,000,430 | -H-- | M] () -- C:\WINDOWS\tasks\FLORAL PARK DENTAL 1308766581.job
[2012/07/04 03:00:01 | 000,000,410 | -H-- | M] () -- C:\WINDOWS\tasks\MGA, LLC 1311819602.job
[2012/07/04 02:40:41 | 000,000,440 | -H-- | M] () -- C:\WINDOWS\tasks\HYLAN DENTAL ASSOCIATES 1308766276.job
[2012/07/04 02:31:00 | 000,000,452 | -H-- | M] () -- C:\WINDOWS\tasks\EAST FORDHAM MANAGEMENT GROUP 1308762999.job
[2012/07/04 02:10:49 | 000,000,442 | -H-- | M] () -- C:\WINDOWS\tasks\EXECUTIVE ASSOCIATES(EF) 1308767400.job
[2012/07/04 01:43:42 | 000,000,230 | ---- | M] () -- C:\Documents and Settings\Cheryll\Desktop\yahoo mail.url
[2012/07/04 01:36:39 | 000,000,650 | ---- | M] () -- C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Billeo.lnk
[2012/07/04 01:36:34 | 000,000,000 | ---- | M] () -- C:\WINDOWS\System32\NvwsApps.xml
[2012/07/04 01:35:07 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2012/07/04 01:35:04 | 000,435,760 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2012/07/04 01:33:33 | 000,064,756 | ---- | M] () -- C:\WINDOWS\System32\DVCState-{00000006-00000000-00000005-00001102-00000005-10031102}.rfx
[2012/07/04 01:33:33 | 000,054,328 | ---- | M] () -- C:\WINDOWS\System32\BMXStateBkp-{00000006-00000000-00000005-00001102-00000005-10031102}.rfx
[2012/07/04 01:33:33 | 000,054,328 | ---- | M] () -- C:\WINDOWS\System32\BMXState-{00000006-00000000-00000005-00001102-00000005-10031102}.rfx
[2012/07/04 01:33:33 | 000,001,080 | ---- | M] () -- C:\WINDOWS\System32\settingsbkup.sfm
[2012/07/04 01:33:33 | 000,001,080 | ---- | M] () -- C:\WINDOWS\System32\settings.sfm
[2012/07/04 01:28:30 | 000,000,314 | ---- | M] () -- C:\Documents and Settings\Cheryll\Desktop\Adobe - Acrobat For Windows Adobe Acrobat 10.1.3 Pro and Standard update - All languages Thank You.url
[2012/07/04 01:24:47 | 000,000,568 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\AIM.lnk
[2012/07/04 01:21:44 | 000,001,741 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Adobe Acrobat X Pro.lnk
[2012/07/04 01:21:14 | 000,000,408 | -H-- | M] () -- C:\WINDOWS\tasks\HORIZON 1308846442.job
[2012/07/03 23:09:12 | 000,001,734 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Adobe Reader X.lnk
[2012/07/03 18:53:54 | 000,000,187 | ---- | M] () -- C:\Documents and Settings\Cheryll\Application Data\Microsoft\Internet Explorer\Quick Launch\ADP Payroll (2).url
[2012/07/03 18:06:42 | 000,087,356 | ---- | M] () -- C:\Documents and Settings\Cheryll\Desktop\RDSpas_GardenCityNY1011sp.pdf
[2012/07/03 14:00:03 | 000,000,452 | ---- | M] () -- C:\WINDOWS\tasks\At4.job
[2012/07/03 13:56:53 | 000,002,461 | ---- | M] () -- C:\Documents and Settings\Cheryll\Application Data\Microsoft\Internet Explorer\Quick Launch\Open Office Document.lnk
[2012/07/02 19:55:49 | 000,047,297 | ---- | M] () -- C:\Documents and Settings\Cheryll\My Documents\iTunes Diagnostics070212.spx
[2012/07/02 19:55:49 | 000,003,545 | ---- | M] () -- C:\Documents and Settings\Cheryll\My Documents\iTunes Diagnostics070212.rtf
[2012/07/02 17:51:58 | 000,000,154 | ---- | M] () -- C:\Documents and Settings\Cheryll\Desktop\Pivotal logon.url
[2012/07/02 16:13:35 | 000,002,451 | ---- | M] () -- C:\Documents and Settings\Cheryll\Application Data\Microsoft\Internet Explorer\Quick Launch\New Office Document.lnk
[2012/07/02 14:32:21 | 000,000,162 | ---- | M] () -- C:\Documents and Settings\Cheryll\Desktop\Central Parking.url
[2012/07/01 11:21:40 | 000,000,432 | ---- | M] () -- C:\WINDOWS\tasks\Auslogics BoostSpeed Disk Defrag Sheduled Defragmentation.job
[2012/06/30 08:05:01 | 000,000,284 | ---- | M] () -- C:\WINDOWS\tasks\AppleSoftwareUpdate.job
[2012/06/30 02:05:14 | 000,000,498 | ---- | M] () -- C:\WINDOWS\tasks\Auslogics BoostSpeed Integrator Scan and Repair.job
[2012/06/28 08:28:23 | 000,000,403 | ---- | M] () -- C:\Documents and Settings\Cheryll\Desktop\Installation problems Flash Player Windows.url
[2012/06/27 09:48:51 | 000,001,709 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Garmin Lifetime Updater.lnk
[2012/06/25 22:19:50 | 000,065,077 | ---- | M] () -- C:\Documents and Settings\Cheryll\Desktop\PGS week 19 register.pdf
[2012/06/25 22:19:42 | 000,016,515 | ---- | M] () -- C:\Documents and Settings\Cheryll\Desktop\PGS week 19 Stat Summary.pdf
[2012/06/25 20:02:43 | 000,001,512 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\EZ-AIR PLUS.lnk
[2012/06/23 18:22:11 | 000,000,187 | ---- | M] () -- C:\Documents and Settings\Cheryll\Desktop\cheryll yahoo calendar.url
[2012/06/23 16:48:34 | 000,000,910 | ---- | M] () -- C:\Documents and Settings\Cheryll\Application Data\Microsoft\Internet Explorer\Quick Launch\Auslogics BoostSpeed.lnk
[2012/06/23 12:44:51 | 002,430,839 | ---- | M] () -- C:\Documents and Settings\Cheryll\My Documents\LoaderBackup-(2012-06-23)-5.bbb
[2012/06/23 12:39:48 | 002,432,890 | ---- | M] () -- C:\Documents and Settings\Cheryll\My Documents\LoaderBackup-(2012-06-23)-4.bbb
[2012/06/23 11:39:25 | 002,422,728 | ---- | M] () -- C:\Documents and Settings\Cheryll\My Documents\LoaderBackup-(2012-06-23)-3.bbb
[2012/06/23 11:32:52 | 002,422,598 | ---- | M] () -- C:\Documents and Settings\Cheryll\My Documents\LoaderBackup-(2012-06-23)-2.bbb
[2012/06/23 11:22:43 | 000,001,956 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\BlackBerry Desktop Software.lnk
[2012/06/23 10:56:14 | 000,000,234 | ---- | M] () -- C:\Documents and Settings\Cheryll\Desktop\BlackBerry® Software Updates.url
[2012/06/23 10:45:45 | 002,421,122 | ---- | M] () -- C:\Documents and Settings\Cheryll\My Documents\LoaderBackup-(2012-06-23)-1.bbb
[2012/06/23 10:39:38 | 002,420,878 | ---- | M] () -- C:\Documents and Settings\Cheryll\My Documents\LoaderBackup-(2012-06-23).bbb
[2012/06/23 09:55:43 | 000,000,175 | ---- | M] () -- C:\Documents and Settings\Cheryll\Desktop\ThermiPaq Online Store - Hot & Cold Pain Relief Clay Therapy by Thermionics Corp..url
[2012/06/23 07:58:47 | 000,000,415 | ---- | M] () -- C:\Documents and Settings\Cheryll\Desktop\Why is My Computer Slow to Load and Shut Down-Fix Slow Computer.url
[2012/06/23 07:55:58 | 000,000,923 | ---- | M] () -- C:\Documents and Settings\Cheryll\Desktop\Auslogics File Recovery.lnk
[2012/06/23 02:41:25 | 000,000,990 | ---- | M] () -- C:\Documents and Settings\Cheryll\Desktop\Auslogics Disk Defrag Professional.lnk
[2012/06/22 22:19:42 | 003,678,259 | ---- | M] () -- C:\Documents and Settings\Cheryll\My Documents\LoaderBackup-(2012-06-22)-2.bbb
[2012/06/22 20:45:15 | 000,153,864 | ---- | M] () -- C:\Documents and Settings\Cheryll\My Documents\1005.pdf
[2012/06/22 20:36:48 | 000,544,752 | ---- | M] () -- C:\Documents and Settings\Cheryll\My Documents\Scan0005.pdf
[2012/06/22 20:35:24 | 001,175,324 | ---- | M] () -- C:\Documents and Settings\Cheryll\My Documents\Scan0004.pdf
[2012/06/22 19:39:44 | 000,073,435 | ---- | M] () -- C:\Documents and Settings\Cheryll\My Documents\Scan0003.pdf
[2012/06/22 19:39:25 | 000,001,338 | ---- | M] () -- C:\Documents and Settings\Cheryll\Desktop\HP Scan Diagnostic Utility - HP Customer Care (United States - English).url
[2012/06/22 19:28:23 | 000,146,039 | ---- | M] () -- C:\Documents and Settings\Cheryll\My Documents\Scan0002.pdf
[2012/06/22 18:10:26 | 000,000,092 | -H-- | M] () -- C:\Documents and Settings\All Users\Documents\msdrls.dat
[2012/06/22 15:21:45 | 001,030,074 | ---- | M] () -- C:\Documents and Settings\Cheryll\Desktop\BlackBerry_Curve_-9370_Smartphones-Safety_and_Product_Information--1334716-1214115052-001-US.pdf
[2012/06/22 01:17:37 | 003,532,496 | ---- | M] () -- C:\Documents and Settings\Cheryll\My Documents\LoaderBackup-(2012-06-22)-1.bbb
[2012/06/22 01:13:18 | 003,531,129 | ---- | M] () -- C:\Documents and Settings\Cheryll\My Documents\LoaderBackup-(2012-06-22).bbb
[2012/06/21 23:53:54 | 000,000,090 | ---- | M] () -- C:\WINDOWS\QBChanUtil_Trigger.ini
[2012/06/21 19:51:23 | 003,654,771 | ---- | M] () -- C:\Documents and Settings\Cheryll\My Documents\LoaderBackup-(2012-06-21)-5.bbb
[2012/06/21 19:49:13 | 003,654,632 | ---- | M] () -- C:\Documents and Settings\Cheryll\My Documents\LoaderBackup-(2012-06-21)-4.bbb
[2012/06/21 19:35:25 | 003,654,474 | ---- | M] () -- C:\Documents and Settings\Cheryll\My Documents\LoaderBackup-(2012-06-21)-3.bbb
[2012/06/21 19:31:10 | 003,653,234 | ---- | M] () -- C:\Documents and Settings\Cheryll\My Documents\LoaderBackup-(2012-06-21)-2.bbb
[2012/06/21 18:45:52 | 006,444,642 | ---- | M] () -- C:\Documents and Settings\Cheryll\My Documents\LoaderBackup-(2012-06-21)-1.bbb
[2012/06/21 18:35:55 | 003,909,902 | ---- | M] () -- C:\Documents and Settings\Cheryll\My Documents\LoaderBackup-(2012-06-21).bbb
[2012/06/21 17:59:18 | 000,073,216 | ---- | M] () -- C:\Documents and Settings\Cheryll\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2012/06/20 20:11:04 | 000,070,150 | ---- | M] () -- C:\Documents and Settings\Cheryll\Application Data\HDU_temp.bmp
[2012/06/20 16:50:04 | 000,254,027 | ---- | M] () -- C:\Documents and Settings\Cheryll\Desktop\Scan_96PGS_040 case 019540048.pdf
[2012/06/20 16:39:33 | 000,249,488 | ---- | M] () -- C:\Documents and Settings\Cheryll\My Documents\Scan0001.pdf
[2012/06/20 15:11:19 | 000,695,295 | ---- | M] () -- C:\Documents and Settings\Cheryll\Desktop\Label-235358507-352481622[1].pdf
[2012/06/19 07:59:36 | 000,034,737 | ---- | M] () -- C:\ads_err.adt
[2012/06/19 02:10:32 | 003,695,600 | ---- | M] () -- C:\Documents and Settings\Cheryll\My Documents\LoaderBackup-(2012-06-19)-2.bbb
[2012/06/19 01:35:28 | 003,680,860 | ---- | M] () -- C:\Documents and Settings\Cheryll\My Documents\LoaderBackup-(2012-06-19)-1.bbb
[2012/06/19 00:47:31 | 003,628,378 | ---- | M] () -- C:\Documents and Settings\Cheryll\My Documents\LoaderBackup-(2012-06-19).bbb
[2012/06/19 00:14:59 | 000,002,170 | ---- | M] () -- C:\WINDOWS\imsins.BAK
[2012/06/18 22:47:04 | 000,003,072 | ---- | M] () -- C:\ads_err.adi
[2012/06/18 22:46:45 | 000,012,547 | ---- | M] () -- C:\ads_err.dbf
[2012/06/18 20:02:39 | 000,728,244 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
[2012/06/18 20:02:39 | 000,144,788 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
[2012/06/18 14:42:42 | 000,000,792 | ---- | M] () -- C:\Documents and Settings\Cheryll\Application Data\Microsoft\Internet Explorer\Quick Launch\Launch Microsoft Office Outlook.lnk
[2012/06/16 11:44:07 | 000,165,502 | ---- | M] () -- C:\Documents and Settings\Cheryll\My Documents\nqa.org-Influence_of_forward_leaning_and_incentive_spirometry_on_inspired_volumes_and_inspiratory_electromyog[1].pdf
[2012/06/16 03:04:01 | 000,000,214 | ---- | M] () -- C:\Documents and Settings\Cheryll\Desktop\National Fibromyalgia Association Welcome to the national fibromyalgia association.url
[2012/06/15 18:09:54 | 000,013,122 | ---- | M] () -- C:\Documents and Settings\Cheryll\Desktop\TCT SOD 1st Qrtr 2012_statement of deposits _Filings.pdf
[2012/06/14 18:06:42 | 000,000,301 | ---- | M] () -- C:\Documents and Settings\Cheryll\Desktop\NYCProperty - Account History Report.url
[2012/06/13 21:09:57 | 003,212,424 | ---- | M] () -- C:\Documents and Settings\Cheryll\My Documents\LoaderBackup-(2012-06-13).bbb
[2012/06/12 17:20:58 | 068,532,201 | ---- | M] () -- C:\Documents and Settings\Cheryll\My Documents\LoaderBackup-(2012-06-12)-2.bbb
[2012/06/12 17:06:06 | 000,000,277 | ---- | M] () -- C:\Documents and Settings\Cheryll\Desktop\Curve 9300 Phone - New BlackBerry Curve 3G Smartphone.url
[2012/06/12 16:09:37 | 068,504,615 | ---- | M] () -- C:\Documents and Settings\Cheryll\My Documents\LoaderBackup-(2012-06-12)-1.bbb
[2012/06/12 15:24:19 | 068,498,236 | ---- | M] () -- C:\Documents and Settings\Cheryll\My Documents\LoaderBackup-(2012-06-12).bbb
[2012/06/11 16:17:22 | 000,000,312 | ---- | M] () -- C:\Documents and Settings\Cheryll\Desktop\Migration Training Plans for SEMA-Midwest Pilot - Features On (2.0-1).url
[2012/06/08 08:36:44 | 000,004,559 | ---- | M] () -- C:\ads_err.adm
[2012/06/07 02:23:55 | 000,000,561 | ---- | M] () -- C:\Documents and Settings\Cheryll\Desktop\Money for College - Upromise.url
[2012/06/07 01:31:27 | 000,000,486 | ---- | M] () -- C:\Documents and Settings\Cheryll\Desktop\Personal Scanned Docs.lnk
[2012/06/06 20:38:44 | 000,949,776 | ---- | M] () -- C:\Documents and Settings\Cheryll\Desktop\Dr Sperandio Credit card Bill.pdf
[2012/06/06 08:55:54 | 000,065,048 | -H-- | M] () -- C:\WINDOWS\System32\mlfcache.dat
[578 C:\WINDOWS\System32\dllcache\*.tmp files -> C:\WINDOWS\System32\dllcache\*.tmp -> ]
[41 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]

========== Files Created - No Company Name ==========

[2012/07/04 01:28:30 | 000,000,314 | ---- | C] () -- C:\Documents and Settings\Cheryll\Desktop\Adobe - Acrobat For Windows Adobe Acrobat 10.1.3 Pro and Standard update - All languages Thank You.url
[2012/07/04 01:24:47 | 000,000,568 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\AIM.lnk
[2012/07/03 23:49:06 | 000,002,359 | ---- | C] () -- C:\Documents and Settings\All Users\Start Menu\Programs\Adobe Acrobat X Pro.lnk
[2012/07/03 23:49:06 | 000,001,741 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Adobe Acrobat X Pro.lnk
[2012/07/03 23:49:05 | 000,002,371 | ---- | C] () -- C:\Documents and Settings\All Users\Start Menu\Programs\Adobe Acrobat Distiller X.lnk
[2012/07/03 18:06:39 | 000,087,356 | ---- | C] () -- C:\Documents and Settings\Cheryll\Desktop\RDSpas_GardenCityNY1011sp.pdf
[2012/07/02 19:55:49 | 000,047,297 | ---- | C] () -- C:\Documents and Settings\Cheryll\My Documents\iTunes Diagnostics070212.spx
[2012/07/02 19:55:49 | 000,003,545 | ---- | C] () -- C:\Documents and Settings\Cheryll\My Documents\iTunes Diagnostics070212.rtf
[2012/07/02 17:51:58 | 000,000,154 | ---- | C] () -- C:\Documents and Settings\Cheryll\Desktop\Pivotal logon.url
[2012/07/02 14:32:07 | 000,000,162 | ---- | C] () -- C:\Documents and Settings\Cheryll\Desktop\Central Parking.url
[2012/06/28 08:28:23 | 000,000,403 | ---- | C] () -- C:\Documents and Settings\Cheryll\Desktop\Installation problems Flash Player Windows.url
[2012/06/27 09:48:51 | 000,001,709 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Garmin Lifetime Updater.lnk
[2012/06/25 22:21:26 | 000,065,077 | ---- | C] () -- C:\Documents and Settings\Cheryll\Desktop\PGS week 19 register.pdf
[2012/06/25 22:19:45 | 000,016,515 | ---- | C] () -- C:\Documents and Settings\Cheryll\Desktop\PGS week 19 Stat Summary.pdf
[2012/06/25 20:02:43 | 000,001,512 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\EZ-AIR PLUS.lnk
[2012/06/23 16:48:34 | 000,000,910 | ---- | C] () -- C:\Documents and Settings\Cheryll\Application Data\Microsoft\Internet Explorer\Quick Launch\Auslogics BoostSpeed.lnk
[2012/06/23 12:44:50 | 002,430,839 | ---- | C] () -- C:\Documents and Settings\Cheryll\My Documents\LoaderBackup-(2012-06-23)-5.bbb
[2012/06/23 12:39:47 | 002,432,890 | ---- | C] () -- C:\Documents and Settings\Cheryll\My Documents\LoaderBackup-(2012-06-23)-4.bbb
[2012/06/23 11:39:24 | 002,422,728 | ---- | C] () -- C:\Documents and Settings\Cheryll\My Documents\LoaderBackup-(2012-06-23)-3.bbb
[2012/06/23 11:32:51 | 002,422,598 | ---- | C] () -- C:\Documents and Settings\Cheryll\My Documents\LoaderBackup-(2012-06-23)-2.bbb
[2012/06/23 11:22:43 | 000,001,956 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\BlackBerry Desktop Software.lnk
[2012/06/23 10:56:14 | 000,000,234 | ---- | C] () -- C:\Documents and Settings\Cheryll\Desktop\BlackBerry® Software Updates.url
[2012/06/23 10:45:44 | 002,421,122 | ---- | C] () -- C:\Documents and Settings\Cheryll\My Documents\LoaderBackup-(2012-06-23)-1.bbb
[2012/06/23 10:39:30 | 002,420,878 | ---- | C] () -- C:\Documents and Settings\Cheryll\My Documents\LoaderBackup-(2012-06-23).bbb
[2012/06/23 09:55:43 | 000,000,175 | ---- | C] () -- C:\Documents and Settings\Cheryll\Desktop\ThermiPaq Online Store - Hot & Cold Pain Relief Clay Therapy by Thermionics Corp..url
[2012/06/23 07:58:47 | 000,000,415 | ---- | C] () -- C:\Documents and Settings\Cheryll\Desktop\Why is My Computer Slow to Load and Shut Down-Fix Slow Computer.url
[2012/06/23 07:55:58 | 000,000,923 | ---- | C] () -- C:\Documents and Settings\Cheryll\Desktop\Auslogics File Recovery.lnk
[2012/06/23 02:41:25 | 000,000,990 | ---- | C] () -- C:\Documents and Settings\Cheryll\Desktop\Auslogics Disk Defrag Professional.lnk
[2012/06/22 22:19:41 | 003,678,259 | ---- | C] () -- C:\Documents and Settings\Cheryll\My Documents\LoaderBackup-(2012-06-22)-2.bbb
[2012/06/22 20:45:15 | 000,153,864 | ---- | C] () -- C:\Documents and Settings\Cheryll\My Documents\1005.pdf
[2012/06/22 20:36:48 | 000,544,752 | ---- | C] () -- C:\Documents and Settings\Cheryll\My Documents\Scan0005.pdf
[2012/06/22 20:35:23 | 001,175,324 | ---- | C] () -- C:\Documents and Settings\Cheryll\My Documents\Scan0004.pdf
[2012/06/22 19:39:44 | 000,073,435 | ---- | C] () -- C:\Documents and Settings\Cheryll\My Documents\Scan0003.pdf
[2012/06/22 19:28:22 | 000,146,039 | ---- | C] () -- C:\Documents and Settings\Cheryll\My Documents\Scan0002.pdf
[2012/06/22 18:10:26 | 000,000,092 | -H-- | C] () -- C:\Documents and Settings\All Users\Documents\msdrls.dat
[2012/06/22 15:21:44 | 001,030,074 | ---- | C] () -- C:\Documents and Settings\Cheryll\Desktop\BlackBerry_Curve_-9370_Smartphones-Safety_and_Product_Information--1334716-1214115052-001-US.pdf
[2012/06/22 01:17:36 | 003,532,496 | ---- | C] () -- C:\Documents and Settings\Cheryll\My Documents\LoaderBackup-(2012-06-22)-1.bbb
[2012/06/22 01:13:17 | 003,531,129 | ---- | C] () -- C:\Documents and Settings\Cheryll\My Documents\LoaderBackup-(2012-06-22).bbb
[2012/06/21 19:51:22 | 003,654,771 | ---- | C] () -- C:\Documents and Settings\Cheryll\My Documents\LoaderBackup-(2012-06-21)-5.bbb
[2012/06/21 19:49:12 | 003,654,632 | ---- | C] () -- C:\Documents and Settings\Cheryll\My Documents\LoaderBackup-(2012-06-21)-4.bbb
[2012/06/21 19:35:25 | 003,654,474 | ---- | C] () -- C:\Documents and Settings\Cheryll\My Documents\LoaderBackup-(2012-06-21)-3.bbb
[2012/06/21 19:31:09 | 003,653,234 | ---- | C] () -- C:\Documents and Settings\Cheryll\My Documents\LoaderBackup-(2012-06-21)-2.bbb
[2012/06/21 18:45:03 | 006,444,642 | ---- | C] () -- C:\Documents and Settings\Cheryll\My Documents\LoaderBackup-(2012-06-21)-1.bbb
[2012/06/21 18:35:42 | 003,909,902 | ---- | C] () -- C:\Documents and Settings\Cheryll\My Documents\LoaderBackup-(2012-06-21).bbb
[2012/06/20 20:06:06 | 000,070,150 | ---- | C] () -- C:\Documents and Settings\Cheryll\Application Data\HDU_temp.bmp
[2012/06/20 16:50:04 | 000,254,027 | ---- | C] () -- C:\Documents and Settings\Cheryll\Desktop\Scan_96PGS_040 case 019540048.pdf
[2012/06/20 16:39:33 | 000,249,488 | ---- | C] () -- C:\Documents and Settings\Cheryll\My Documents\Scan0001.pdf
[2012/06/20 15:11:19 | 000,695,295 | ---- | C] () -- C:\Documents and Settings\Cheryll\Desktop\Label-235358507-352481622[1].pdf
[2012/06/19 02:10:31 | 003,695,600 | ---- | C] () -- C:\Documents and Settings\Cheryll\My Documents\LoaderBackup-(2012-06-19)-2.bbb
[2012/06/19 01:35:28 | 003,680,860 | ---- | C] () -- C:\Documents and Settings\Cheryll\My Documents\LoaderBackup-(2012-06-19)-1.bbb
[2012/06/19 00:47:31 | 003,628,378 | ---- | C] () -- C:\Documents and Settings\Cheryll\My Documents\LoaderBackup-(2012-06-19).bbb
[2012/06/16 11:44:07 | 000,165,502 | ---- | C] () -- C:\Documents and Settings\Cheryll\My Documents\nqa.org-Influence_of_forward_leaning_and_incentive_spirometry_on_inspired_volumes_and_inspiratory_electromyog[1].pdf
[2012/06/15 18:09:54 | 000,013,122 | ---- | C] () -- C:\Documents and Settings\Cheryll\Desktop\TCT SOD 1st Qrtr 2012_statement of deposits _Filings.pdf
[2012/06/15 14:17:49 | 000,000,214 | ---- | C] () -- C:\Documents and Settings\Cheryll\Desktop\National Fibromyalgia Association Welcome to the national fibromyalgia association.url
[2012/06/14 18:06:42 | 000,000,301 | ---- | C] () -- C:\Documents and Settings\Cheryll\Desktop\NYCProperty - Account History Report.url
[2012/06/13 21:09:56 | 003,212,424 | ---- | C] () -- C:\Documents and Settings\Cheryll\My Documents\LoaderBackup-(2012-06-13).bbb
[2012/06/13 14:49:51 | 000,001,734 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Adobe Reader X.lnk
[2012/06/12 17:20:30 | 068,532,201 | ---- | C] () -- C:\Documents and Settings\Cheryll\My Documents\LoaderBackup-(2012-06-12)-2.bbb
[2012/06/12 16:08:56 | 068,504,615 | ---- | C] () -- C:\Documents and Settings\Cheryll\My Documents\LoaderBackup-(2012-06-12)-1.bbb
[2012/06/12 15:23:58 | 068,498,236 | ---- | C] () -- C:\Documents and Settings\Cheryll\My Documents\LoaderBackup-(2012-06-12).bbb
[2012/06/11 23:11:45 | 000,000,277 | ---- | C] () -- C:\Documents and Settings\Cheryll\Desktop\Curve 9300 Phone - New BlackBerry Curve 3G Smartphone.url
[2012/06/11 16:17:22 | 000,000,312 | ---- | C] () -- C:\Documents and Settings\Cheryll\Desktop\Migration Training Plans for SEMA-Midwest Pilot - Features On (2.0-1).url
[2012/06/08 08:36:24 | 000,034,737 | ---- | C] () -- C:\ads_err.adt
[2012/06/08 08:36:24 | 000,012,547 | ---- | C] () -- C:\ads_err.dbf
[2012/06/08 08:36:24 | 000,004,559 | ---- | C] () -- C:\ads_err.adm
[2012/06/08 08:36:24 | 000,003,072 | ---- | C] () -- C:\ads_err.adi
[2012/06/08 02:51:30 | 000,001,019 | ---- | C] () -- C:\Documents and Settings\All Users\Start Menu\Programs\VZAccess Manager.lnk
[2012/06/07 01:31:27 | 000,000,486 | ---- | C] () -- C:\Documents and Settings\Cheryll\Desktop\Personal Scanned Docs.lnk
[2012/06/06 23:39:26 | 000,000,404 | -H-- | C] () -- C:\WINDOWS\tasks\{F897AA24-BDC3-11D1-B85B-00C04FB93981}_BOOKKEEPING_Cheryll.job
[2012/06/06 21:39:47 | 000,001,338 | ---- | C] () -- C:\Documents and Settings\Cheryll\Desktop\HP Scan Diagnostic Utility - HP Customer Care (United States - English).url
[2012/06/06 20:38:44 | 000,949,776 | ---- | C] () -- C:\Documents and Settings\Cheryll\Desktop\Dr Sperandio Credit card Bill.pdf
[2012/06/05 19:18:14 | 000,880,513 | ---- | C] () -- C:\Documents and Settings\Cheryll\My Documents\Cheryll Weiner Pain and Fatigue Study Center CFS Patient Intake Form.xps
[2012/05/31 02:16:53 | 000,001,294 | ---- | C] () -- C:\WINDOWS\wsnk.ini
[2012/05/24 11:15:38 | 000,232,457 | ---- | C] () -- C:\WINDOWS\hpwins22.dat.temp
[2012/05/19 08:15:32 | 000,813,414 | ---- | C] () -- C:\Documents and Settings\LocalService\Local Settings\Application Data\WPFFontCache_v0400-S-1-5-21-343818398-484061587-842925246-1003-0.dat
[2012/05/11 09:07:54 | 002,172,200 | ---- | C] () -- C:\Documents and Settings\LocalService\Local Settings\Application Data\FontCache3.0.0.0.dat
[2012/05/09 11:09:00 | 000,007,338 | ---- | C] () -- C:\Documents and Settings\Cheryll\Application Data\SMRResults250.dat
[2012/05/05 01:22:48 | 000,000,057 | ---- | C] () -- C:\Documents and Settings\All Users\Application Data\Ament.ini
[2012/04/22 11:55:29 | 000,274,022 | ---- | C] () -- C:\Documents and Settings\LocalService\Local Settings\Application Data\WPFFontCache_v0400-System.dat
[2012/04/21 20:48:32 | 000,256,000 | ---- | C] () -- C:\WINDOWS\PEV.exe
[2012/04/21 20:48:32 | 000,208,896 | ---- | C] () -- C:\WINDOWS\MBR.exe
[2012/04/21 20:48:32 | 000,098,816 | ---- | C] () -- C:\WINDOWS\sed.exe
[2012/04/21 20:48:32 | 000,080,412 | ---- | C] () -- C:\WINDOWS\grep.exe
[2012/04/21 20:48:32 | 000,068,096 | ---- | C] () -- C:\WINDOWS\zip.exe
[2012/04/02 21:48:02 | 000,002,828 | -HS- | C] () -- C:\Documents and Settings\All Users\Application Data\KGyGaAvL.sys
[2012/04/02 21:48:02 | 000,000,088 | RHS- | C] () -- C:\Documents and Settings\All Users\Application Data\51193B7D6F.sys
[2012/03/26 19:54:04 | 000,027,212 | ---- | C] () -- C:\Documents and Settings\Cheryll\Application Data\Personal Address Book.ADR
[2012/02/23 18:38:32 | 000,000,286 | ---- | C] () -- C:\WINDOWS\reimage.ini
[2012/02/23 18:19:46 | 000,000,552 | ---- | C] () -- C:\WINDOWS\System32\d3d8caps.dat
[2012/02/14 18:19:24 | 000,003,072 | ---- | C] () -- C:\WINDOWS\System32\iacenc.dll
[2012/01/11 19:30:07 | 000,014,496 | -HS- | C] () -- C:\Documents and Settings\All Users\Application Data\246v64h215474mq3ss686mn
[2011/11/17 08:11:05 | 000,870,128 | ---- | C] () -- C:\Documents and Settings\Cheryll\Application Data\mcs.rma
[2011/11/17 08:11:05 | 000,000,004 | ---- | C] () -- C:\Documents and Settings\Cheryll\Application Data\74BA57
[2011/11/05 13:42:12 | 000,000,000 | ---- | C] () -- C:\WINDOWS\evntwin.INI
[2011/10/05 19:43:02 | 000,000,000 | ---- | C] () -- C:\Documents and Settings\Cheryll\Application Data\bibstats
[2011/09/10 00:53:10 | 000,000,000 | ---- | C] () -- C:\WINDOWS\System32\imblacklist.dat
[2011/09/09 21:15:16 | 000,523,870 | ---- | C] () -- C:\Documents and Settings\All Users\Application Data\bdinstall.bin
[2011/08/22 14:21:06 | 000,002,979 | ---- | C] () -- C:\WINDOWS\hpwmdl22.dat.temp
[2011/08/21 09:47:57 | 000,165,376 | ---- | C] () -- C:\WINDOWS\System32\unrar.dll
[2011/08/16 11:55:33 | 000,260,114 | ---- | C] () -- C:\Documents and Settings\Cheryll\Local Settings\Application Data\WPFFontCache_v0400-System.dat
[2011/08/09 18:11:18 | 000,000,141 | ---- | C] () -- C:\Documents and Settings\All Users\Application Data\Microsoft.SqlServer.Compact.351.32.bc
[2011/07/24 16:08:56 | 000,000,047 | ---- | C] () -- C:\Documents and Settings\Cheryll\.jupload.properties
[2011/07/24 15:45:58 | 000,000,170 | ---- | C] () -- C:\WINDOWS\WININIT.INI
[2011/07/12 02:11:09 | 000,000,036 | ---- | C] () -- C:\Documents and Settings\Cheryll\Local Settings\Application Data\housecall.guid.cache
[2011/06/30 21:27:28 | 000,000,543 | ---- | C] () -- C:\WINDOWS\hpntwksetup.ini
[2011/06/30 19:31:04 | 000,000,173 | ---- | C] () -- C:\WINDOWS\System32\AddPort.ini
[2011/06/30 19:30:02 | 000,000,011 | ---- | C] () -- C:\WINDOWS\hpljp300xg.ini
[2011/06/30 19:11:35 | 000,000,011 | ---- | C] () -- C:\WINDOWS\hpljp300xm.ini
[2011/06/30 17:21:49 | 000,000,535 | ---- | C] () -- C:\WINDOWS\KPUNINST.INI
[2011/06/30 17:21:48 | 000,001,246 | ---- | C] () -- C:\WINDOWS\KPFLIST.INI
[2011/06/29 22:45:33 | 000,000,598 | ---- | C] () -- C:\WINDOWS\KM3035ns.ini
[2011/06/29 00:12:28 | 000,065,048 | -H-- | C] () -- C:\WINDOWS\System32\mlfcache.dat
[2011/06/28 18:25:07 | 000,000,000 | ---- | C] () -- C:\WINDOWS\HPMProp.INI
[2011/06/28 15:48:44 | 000,060,304 | ---- | C] () -- C:\Documents and Settings\Cheryll\g2mdlhlpx.exe
[2011/06/27 06:39:47 | 000,382,384 | ---- | C] () -- C:\Documents and Settings\Cheryll\Local Settings\Application Data\rx_image32.Cache
[2011/06/27 06:39:47 | 000,010,540 | ---- | C] () -- C:\Documents and Settings\Cheryll\Local Settings\Application Data\rx_audio.Cache
[2011/06/25 23:12:44 | 000,021,791 | ---- | C] () -- C:\WINDOWS\System32\smtpctrs.ini
[2011/06/25 23:12:44 | 000,001,037 | ---- | C] () -- C:\WINDOWS\System32\ntfsdrct.ini
[2011/06/25 23:12:25 | 000,007,909 | ---- | C] () -- C:\WINDOWS\System32\ftpctrs.ini
[2011/06/25 23:12:22 | 000,038,576 | ---- | C] () -- C:\WINDOWS\System32\w3ctrs.ini
[2011/06/25 23:12:22 | 000,010,225 | ---- | C] () -- C:\WINDOWS\System32\axperf.ini
[2011/06/25 23:12:20 | 000,011,435 | ---- | C] () -- C:\WINDOWS\System32\infoctrs.ini
[2011/06/25 21:59:57 | 000,073,216 | ---- | C] () -- C:\Documents and Settings\Cheryll\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2011/06/25 20:18:14 | 000,000,223 | ---- | C] () -- C:\WINDOWS\KcMV3DGD.ini
[2011/06/25 20:18:13 | 000,049,152 | ---- | C] () -- C:\WINDOWS\System32\LMServer.exe
[2011/06/25 20:18:13 | 000,024,576 | ---- | C] () -- C:\WINDOWS\System32\LMServerps.dll
[2011/06/25 19:14:22 | 000,000,066 | ---- | C] () -- C:\WINDOWS\JcAdmin32.ini
[2011/06/25 18:05:37 | 000,000,027 | ---- | C] () -- C:\WINDOWS\EZSET_SP.INI
[2011/06/25 17:53:52 | 000,000,040 | ---- | C] () -- C:\WINDOWS\nscatch.ini
[2011/06/24 20:41:58 | 000,000,000 | ---- | C] () -- C:\WINDOWS\hpqEmlSz.INI
[2011/06/22 23:37:35 | 000,001,324 | ---- | C] () -- C:\WINDOWS\System32\d3d9caps.dat
[2011/06/22 01:38:53 | 000,000,090 | ---- | C] () -- C:\WINDOWS\QBChanUtil_Trigger.ini
[2011/06/22 00:30:28 | 000,000,376 | ---- | C] () -- C:\WINDOWS\ODBC.INI
[2011/06/21 21:51:12 | 000,081,737 | ---- | C] () -- C:\WINDOWS\hpqins13.dat
[2011/06/21 19:53:10 | 000,050,432 | ---- | C] () -- C:\WINDOWS\System32\claptn.ini
[2011/06/21 19:53:10 | 000,003,072 | ---- | C] () -- C:\WINDOWS\CTXFIRES.DLL
[2011/06/21 19:53:10 | 000,000,054 | ---- | C] () -- C:\WINDOWS\System32\ctzapxx.ini
[2011/06/21 19:52:46 | 000,366,255 | ---- | C] () -- C:\WINDOWS\System32\ctdlang.dat
[2011/06/21 19:52:46 | 000,313,207 | ---- | C] () -- C:\WINDOWS\System32\ctstatic.dat
[2011/06/21 19:52:46 | 000,265,066 | ---- | C] () -- C:\WINDOWS\System32\CTSBAS2W.DAT
[2011/06/21 19:52:46 | 000,231,821 | ---- | C] () -- C:\WINDOWS\System32\CTSBASW.DAT
[2011/06/21 19:52:46 | 000,140,643 | ---- | C] () -- C:\WINDOWS\System32\CTBAS2W.DAT
[2011/06/21 19:52:46 | 000,113,221 | ---- | C] () -- C:\WINDOWS\System32\CTBASICW.DAT
[2011/06/21 19:52:46 | 000,053,932 | ---- | C] () -- C:\WINDOWS\System32\ctdaught.dat
[2011/06/21 19:52:45 | 000,035,328 | ---- | C] () -- C:\WINDOWS\System32\regplib.exe
[2011/06/21 19:52:45 | 000,034,304 | ---- | C] () -- C:\WINDOWS\PSCONV.EXE
[2011/06/21 19:52:45 | 000,009,216 | ---- | C] ( ) -- C:\WINDOWS\System32\KILLAPPS.EXE
[2011/06/21 19:52:45 | 000,000,194 | ---- | C] () -- C:\WINDOWS\System32\KILL.INI
[2011/06/21 19:52:44 | 000,043,520 | ---- | C] () -- C:\WINDOWS\System32\CTBurst.dll
[2011/06/21 19:52:44 | 000,034,816 | ---- | C] ( ) -- C:\WINDOWS\System32\a3d.dll
[2011/06/21 19:47:14 | 000,110,592 | ---- | C] () -- C:\WINDOWS\System32\nvapi.dll
[2011/06/21 19:22:11 | 000,002,048 | --S- | C] () -- C:\WINDOWS\bootstat.dat
[2011/06/21 19:13:43 | 000,021,640 | ---- | C] () -- C:\WINDOWS\System32\emptyregdb.dat
[2011/06/21 15:05:30 | 000,004,161 | ---- | C] () -- C:\WINDOWS\ODBCINST.INI
[2011/06/21 15:03:50 | 000,435,760 | ---- | C] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2011/04/27 17:18:18 | 000,704,652 | ---- | C] () -- C:\WINDOWS\HPISExe.dat
[2011/01/11 18:05:18 | 000,008,592 | ---- | C] () -- C:\WINDOWS\System32\ractrlkeyhook.dll
[2010/07/08 10:37:14 | 000,101,544 | ---- | C] () -- C:\Program Files\Common Files\LinkInstaller.exe

========== LOP Check ==========

[2011/09/23 13:52:03 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Applications
[2011/09/09 21:24:20 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Auslogics
[2011/08/04 18:56:48 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\AVG10
[2011/09/10 19:36:37 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\bdch
[2012/07/04 01:43:37 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\billeo
[2011/09/09 21:25:06 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\BitDefender
[2012/04/02 21:43:53 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Borland
[2012/04/21 21:29:34 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\CA-SupportBridge
[2011/06/21 19:32:51 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Citrix
[2011/06/22 02:05:01 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\CitrixLogs
[2011/11/04 17:27:31 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\ClubSanDisk
[2011/06/22 01:38:53 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\COMMON FILES
[2011/06/21 22:44:24 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\dL41203DaGgM41203
[2012/06/27 09:35:48 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Garmin
[2012/01/27 05:37:56 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\iolo
[2012/07/04 01:33:28 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\LogMeIn
[2012/02/14 18:09:48 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\MFAData
[2011/12/09 18:02:38 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Nuance
[2012/05/26 22:04:53 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\PCDr
[2012/04/18 17:37:20 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\PrevxCSI
[2012/07/04 01:10:56 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\regid.1986-12.com.adobe
[2012/01/06 02:05:06 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Research In Motion
[2011/12/12 15:43:20 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Samsung
[2012/04/26 16:36:27 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\SpeedyPC Software
[2011/06/23 18:01:07 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\SQL Anywhere 11
[2011/06/21 23:43:36 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\STOPzilla!
[2012/07/01 11:21:40 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\TEMP
[2011/06/25 01:55:16 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Uninstall
[2011/11/22 06:31:14 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\VirtualizedApplications
[2012/05/15 22:45:20 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\WD_SmartWareCommon
[2012/06/08 02:51:26 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\WEngineLite
[2012/05/18 11:22:58 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Western Digital
[2012/04/02 21:47:17 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\WordPerfect Office X5
[2011/06/23 23:39:42 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\{429CAD59-35B1-4DBC-BB6D-1DB246563521}
[2012/07/04 01:24:51 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Cheryll\Application Data\AIM1
[2012/06/13 21:49:55 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Cheryll\Application Data\Amazon
[2012/06/23 02:41:27 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Cheryll\Application Data\Auslogics
[2011/08/10 03:14:41 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Cheryll\Application Data\Avery
[2011/09/02 12:51:47 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Cheryll\Application Data\Blackberry Desktop
[2011/07/20 05:05:03 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Cheryll\Application Data\Centra
[2011/09/22 23:16:44 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Cheryll\Application Data\com.amazon.music.uploader
[2011/10/14 09:08:14 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Cheryll\Application Data\com.appblender.core.diarypro.appid-88408.CA2864DB6027149AA7F3A9DCA44F6E098EBDE61D.1
[2012/02/10 20:39:11 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Cheryll\Application Data\com.focusboosterapp.focusbooster.8E5F79C899747AD22E21DB62AA496926DA6BBC64.1
[2011/09/03 16:02:15 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Cheryll\Application Data\com.pandora.desktop.FB9956FD96E03239939108614098AD95535EE674.1
[2012/05/15 03:43:33 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Cheryll\Application Data\com.verizon.mediastore.vzwdownloadmanager.BEEF85639ECFAE88C004EA3A5F976EE5386C7526.1
[2012/04/21 21:46:47 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Cheryll\Application Data\DriverCure
[2012/04/22 02:16:36 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Cheryll\Application Data\ElevatedDiagnostics
[2012/02/03 14:16:07 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Cheryll\Application Data\EurekaLog
[2012/06/27 21:18:20 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Cheryll\Application Data\Garmin
[2012/02/18 21:20:43 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Cheryll\Application Data\Mobipocket
[2012/05/10 23:45:04 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Cheryll\Application Data\Oracle
[2012/01/17 13:51:22 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Cheryll\Application Data\Password Solutions
[2012/05/26 22:01:55 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Cheryll\Application Data\PCDr
[2012/02/13 18:56:37 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Cheryll\Application Data\QuickScan
[2012/01/24 18:06:17 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Cheryll\Application Data\Research In Motion
[2012/05/16 21:51:26 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Cheryll\Application Data\RoadRunner
[2011/12/12 19:53:47 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Cheryll\Application Data\Saba
[2012/01/09 02:05:43 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Cheryll\Application Data\Sammsoft
[2011/11/25 11:43:05 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Cheryll\Application Data\Simple Adblock
[2012/06/08 22:30:32 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Cheryll\Application Data\Smith Micro
[2011/11/22 11:35:31 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Cheryll\Application Data\SoftGrid Client
[2012/01/11 20:57:03 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Cheryll\Application Data\supportdotcom
[2011/06/29 22:07:01 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Cheryll\Application Data\Tific
[2011/11/22 04:24:55 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Cheryll\Application Data\TP
[2012/05/15 22:36:24 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Cheryll\Application Data\Western Digital
[2012/05/03 19:16:50 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Cheryll\Application Data\Windows Search
[2012/07/04 03:30:59 | 000,000,408 | -H-- | M] () -- C:\WINDOWS\Tasks\ASTORIA 1308846881.job
[2012/07/03 14:00:03 | 000,000,452 | ---- | M] () -- C:\WINDOWS\Tasks\At4.job
[2012/07/01 11:21:40 | 000,000,432 | ---- | M] () -- C:\WINDOWS\Tasks\Auslogics BoostSpeed Disk Defrag Sheduled Defragmentation.job
[2012/06/30 02:05:14 | 000,000,498 | ---- | M] () -- C:\WINDOWS\Tasks\Auslogics BoostSpeed Integrator Scan and Repair.job
[2012/07/04 03:31:13 | 000,000,418 | -H-- | M] () -- C:\WINDOWS\Tasks\B & B DENTAL 1308846574.job
[2012/07/04 02:31:00 | 000,000,452 | -H-- | M] () -- C:\WINDOWS\Tasks\EAST FORDHAM MANAGEMENT GROUP 1308762999.job
[2012/07/04 02:10:49 | 000,000,442 | -H-- | M] () -- C:\WINDOWS\Tasks\EXECUTIVE ASSOCIATES(EF) 1308767400.job
[2012/07/04 03:10:46 | 000,000,430 | -H-- | M] () -- C:\WINDOWS\Tasks\FLORAL PARK DENTAL 1308766581.job
[2012/07/04 01:21:14 | 000,000,408 | -H-- | M] () -- C:\WINDOWS\Tasks\HORIZON 1308846442.job
[2012/07/04 02:40:41 | 000,000,440 | -H-- | M] () -- C:\WINDOWS\Tasks\HYLAN DENTAL ASSOCIATES 1308766276.job
[2012/07/04 03:00:01 | 000,000,410 | -H-- | M] () -- C:\WINDOWS\Tasks\MGA, LLC 1311819602.job
[2012/07/04 12:49:48 | 000,000,426 | -H-- | M] () -- C:\WINDOWS\Tasks\User_Feed_Synchronization-{A18BC548-82D5-48A5-9018-A3C6D17E47B5}.job
[2012/07/04 04:50:46 | 000,000,414 | -H-- | M] () -- C:\WINDOWS\Tasks\WEST NYACK 1308767959.job
[2012/07/04 11:18:44 | 000,000,404 | -H-- | M] () -- C:\WINDOWS\Tasks\{F897AA24-BDC3-11D1-B85B-00C04FB93981}_BOOKKEEPING_Cheryll.job

========== Purity Check ==========



========== Alternate Data Streams ==========

@Alternate Data Stream - 88 bytes -> C:\131561_ENU_i386_zip.exe:SummaryInformation
@Alternate Data Stream - 193 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:07BF512B
@Alternate Data Stream - 168 bytes -> C:\Documents and Settings\Cheryll\Application Data\Microsoft\Internet Explorer\Quick Launch\[email protected]:SummaryInformation
@Alternate Data Stream - 145 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:E9EB8C3A

< End of report >
  • 0

Advertisements

#2
godawgs
Posted 10 July 2012 - 09:25 AM

godawgs

    Teacher

  • Retired Staff
  • 8,228 posts
Hi cheryll00,

Do you still need help?
  • 0

#3
Essexboy
Posted 14 July 2012 - 09:21 AM

Essexboy

    GeekU Moderator

  • Retired Staff
  • 69,964 posts
Due to lack of feedback, this topic has been closed.

If you need this topic reopened, please contact a staff member. This applies only to the original topic starter. Everyone else please begin a New Topic.
  • 0
Back to Virus, Spyware, Malware Removal · Next Unread Topic →




Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

  1. Geeks to Go Community
  2. Security
  3. Virus, Spyware, Malware Removal

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP