Jump to content

Welcome to Geeks to Go - Register now for FREE

Need help with your computer or device? Want to learn new tech skills? You're in the right place!
Geeks to Go is a friendly community of tech experts who can solve any problem you have. Just create a free account and post your question. Our volunteers will reply quickly and guide you through the steps. Don't let tech troubles stop you. Join Geeks to Go now and get the support you need!

How it Works Create Account
Photo

Trojan Access Trojan Gen 2 Removal Advice [Solved]


  • This topic is locked This topic is locked

#1
jmgoodwin74

jmgoodwin74

    Member

  • Member
  • PipPip
  • 15 posts
I recently contracted the Trojan Zero Access and Trojan Gen 2 virus from an e-mail that I received. I have tried removing after each Norton scan but have been unsuccessful. I am prompted that I have to remove the virus manually, but I am not sure how you do this. I am running Windows 7 64bit. I am not a computer expert by any means so please bear with me. Any assistance that you can offer is greatly appreciated.
  • 0

Advertisements


#2
jmgoodwin74

jmgoodwin74

    Member

  • Topic Starter
  • Member
  • PipPip
  • 15 posts
Attached you will find my OTL Log:

OTL logfile created on: 9/5/2012 3:38:05 PM - Run 1
OTL by OldTimer - Version 3.2.61.0 Folder = C:\Users\Matt Goodwin\Desktop
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

3.87 Gb Total Physical Memory | 1.52 Gb Available Physical Memory | 39.15% Memory free
4.37 Gb Paging File | 1.43 Gb Available in Paging File | 32.68% Paging File free
Paging file location(s): c:\pagefile.sys 256 512

%SystemDrive% = C: | %SystemRoot% = C:\windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 453.62 Gb Total Space | 4.45 Gb Free Space | 0.98% Space Free | Partition Type: NTFS

Computer Name: MATTGOODWIN-PC | User Name: Matt Goodwin | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan | Include 64bit Scans
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2012/09/05 15:36:06 | 000,599,040 | ---- | M] (OldTimer Tools) -- C:\Users\Matt Goodwin\Desktop\OTL.exe
PRC - [2012/08/15 09:48:42 | 000,686,792 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_11_3_300_271_ActiveX.exe
PRC - [2012/07/27 16:51:26 | 000,063,960 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
PRC - [2012/07/05 18:50:30 | 000,295,304 | ---- | M] (LeapFrog Enterprises, Inc.) -- C:\Program Files (x86)\LeapFrog\LeapFrog Connect\Monitor.exe
PRC - [2012/07/05 18:41:08 | 007,392,136 | ---- | M] (LeapFrog Enterprises, Inc.) -- C:\Program Files (x86)\LeapFrog\LeapFrog Connect\CommandService.exe
PRC - [2012/06/08 11:32:44 | 000,531,928 | ---- | M] (Avanquest Software) -- C:\Program Files (x86)\Avanquest\Fix-It\MXTask.exe
PRC - [2012/06/08 11:32:44 | 000,310,008 | ---- | M] (Avanquest Software) -- C:\Program Files (x86)\Avanquest\Fix-It\AVQWinMonEngine.exe
PRC - [2012/06/08 11:32:44 | 000,211,104 | ---- | M] (Avanquest Software) -- C:\Program Files (x86)\Avanquest\Fix-It\MXTask2.exe
PRC - [2012/06/05 13:16:40 | 000,080,816 | ---- | M] (Avanquest Software) -- C:\Program Files (x86)\Avanquest\Fix-It\AQFileRestoreSrv.exe
PRC - [2012/05/04 15:43:20 | 001,561,768 | ---- | M] (Ask) -- C:\Program Files (x86)\Ask.com\Updater\Updater.exe
PRC - [2012/03/02 16:48:30 | 000,494,192 | ---- | M] (VMware, Inc.) -- C:\Program Files\VMware\VMware View\Client\bin\wsnm.exe
PRC - [2012/01/17 11:07:58 | 000,505,736 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files (x86)\Common Files\Java\Java Update\jucheck.exe
PRC - [2011/11/13 07:53:42 | 002,996,592 | ---- | M] (Citrix Online, a division of Citrix Systems, Inc.) -- C:\Program Files (x86)\Citrix\GoToMyPC\g2tray.exe
PRC - [2011/11/13 07:53:40 | 000,946,032 | ---- | M] (Citrix Online, a division of Citrix Systems, Inc.) -- C:\Program Files (x86)\Citrix\GoToMyPC\g2svc.exe
PRC - [2011/11/13 07:53:36 | 002,120,048 | ---- | M] (Citrix Online, a division of Citrix Systems, Inc.) -- C:\Program Files (x86)\Citrix\GoToMyPC\g2pre.exe
PRC - [2011/11/13 07:53:28 | 001,687,408 | ---- | M] (Citrix Online, a division of Citrix Systems, Inc.) -- C:\Program Files (x86)\Citrix\GoToMyPC\g2comm.exe
PRC - [2011/11/07 15:37:20 | 000,126,392 | R--- | M] (Symantec Corporation) -- C:\Program Files (x86)\Norton PC Checkup\Engine\2.0.17.20\ccSvcHst.exe
PRC - [2011/11/07 15:36:13 | 000,135,608 | R--- | M] (Symantec Corporation) -- C:\Program Files (x86)\Norton PC Checkup\Engine\2.0.17.20\SymcPCCULaunchSvc.exe
PRC - [2011/04/16 20:45:11 | 000,130,008 | R--- | M] (Symantec Corporation) -- C:\Program Files (x86)\Norton Security Suite\Engine\5.2.2.3\ccsvchst.exe
PRC - [2010/11/20 08:17:55 | 000,257,536 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\wbem\WmiPrvSE.exe
PRC - [2010/03/03 10:41:40 | 000,053,248 | ---- | M] (HP) -- C:\Program Files (x86)\HP\ToolboxFX\bin\HPTLBXFX.exe
PRC - [2009/12/02 15:51:12 | 000,136,192 | ---- | M] (HP) -- C:\Program Files (x86)\HP\HPLaserJetService\HPLaserJetService.exe
PRC - [2009/09/22 14:30:42 | 000,632,096 | ---- | M] (Nuance Communications, Inc.) -- C:\Program Files (x86)\Nuance\PDFViewerPlus\pdfPro5Hook.exe
PRC - [2009/09/10 00:53:10 | 000,027,736 | ---- | M] (Nuance Communications, Inc.) -- C:\Program Files (x86)\Nuance\PaperPort\pptd40nt.exe
PRC - [2009/09/10 00:42:44 | 000,142,424 | ---- | M] (Nuance Communications, Inc.) -- C:\Program Files (x86)\Nuance\PaperPort\PDFProFiltSrvPP.exe
PRC - [2009/08/11 15:37:50 | 002,446,648 | ---- | M] (TOSHIBA CORPORATION.) -- C:\Program Files (x86)\TOSHIBA\TOSHIBA Web Camera Application\TWebCamera.exe
PRC - [2009/07/29 00:26:42 | 000,062,848 | ---- | M] (TOSHIBA CORPORATION) -- C:\Program Files (x86)\TOSHIBA\ConfigFree\CFSwMgr.exe
PRC - [2009/07/14 23:10:30 | 000,042,368 | ---- | M] (TOSHIBA CORPORATION) -- C:\Program Files (x86)\TOSHIBA\ConfigFree\CFProcSRVC.exe
PRC - [2009/07/13 19:24:00 | 000,304,496 | ---- | M] (TOSHIBA CORPORATION) -- C:\Program Files (x86)\TOSHIBA\ConfigFree\NDSTray.exe
PRC - [2009/03/10 22:51:20 | 000,046,448 | ---- | M] (TOSHIBA CORPORATION) -- C:\Program Files (x86)\TOSHIBA\ConfigFree\CFSvcs.exe
PRC - [2007/08/31 09:59:28 | 000,036,864 | ---- | M] () -- C:\Program Files (x86)\HP\HP UT\bin\hppusg.exe


========== Modules (No Company Name) ==========

MOD - [2012/08/02 18:09:26 | 001,051,136 | ---- | M] () -- C:\windows\assembly\NativeImages_v2.0.50727_32\System.Management\9b2f17fb61b7197f2a04108f5d1a1cc6\System.Management.ni.dll
MOD - [2012/08/02 18:08:09 | 000,212,992 | ---- | M] () -- C:\windows\assembly\NativeImages_v2.0.50727_32\System.ServiceProce#\69ca4a43ba14b66689715ad62aed70e6\System.ServiceProcess.ni.dll
MOD - [2012/08/02 18:08:06 | 001,806,848 | ---- | M] () -- C:\windows\assembly\NativeImages_v2.0.50727_32\System.Deployment\3421b96c2885b8e4137a376ff3d95fa5\System.Deployment.ni.dll
MOD - [2012/08/02 18:08:05 | 000,310,784 | ---- | M] () -- C:\windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Seri#\2ff4e90c5842525f7a7456639de090d8\System.Runtime.Serialization.Formatters.Soap.ni.dll
MOD - [2012/08/02 18:08:03 | 012,436,480 | ---- | M] () -- C:\windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\7b7fbe651c6e72f12099a298654c9594\System.Windows.Forms.ni.dll
MOD - [2012/08/02 18:07:34 | 001,591,808 | ---- | M] () -- C:\windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\6bb439b3f87736d3248ae27d43e2c0d6\System.Drawing.ni.dll
MOD - [2012/08/02 18:07:24 | 011,833,344 | ---- | M] () -- C:\windows\assembly\NativeImages_v2.0.50727_32\System.Web\a501b7960f6c6e2e39162b83f3303aaa\System.Web.ni.dll
MOD - [2012/08/02 01:45:29 | 000,771,584 | ---- | M] () -- C:\windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Remo#\03dee80574f4ec770b6f77ca030ded6c\System.Runtime.Remoting.ni.dll
MOD - [2012/08/02 01:45:17 | 007,967,232 | ---- | M] () -- C:\windows\assembly\NativeImages_v2.0.50727_32\System\ce9ff6baf9053ed2ed673d948179195c\System.ni.dll
MOD - [2012/08/02 01:45:08 | 011,492,864 | ---- | M] () -- C:\windows\assembly\NativeImages_v2.0.50727_32\mscorlib\acfc1391e45fedd2a359778ea57d914c\mscorlib.ni.dll
MOD - [2012/08/02 01:44:48 | 001,016,832 | ---- | M] () -- C:\windows\assembly\NativeImages_v2.0.50727_32\System.Configuration\ca1ff0fd5eade2211db56512252c0365\System.Configuration.ni.dll
MOD - [2012/08/02 01:44:45 | 005,767,680 | ---- | M] () -- C:\windows\assembly\NativeImages_v2.0.50727_32\System.Xml\6305ef37f34d6758947b5156121aa401\System.Xml.ni.dll
MOD - [2012/03/05 12:08:06 | 000,010,752 | ---- | M] () -- C:\windows\assembly\GAC\Interop.hpqusg\3.0.0.0__a53cf5803f4c3827\Interop.hpqusg.dll
MOD - [2010/11/20 08:19:56 | 000,232,448 | ---- | M] () -- \\?\globalroot\systemroot\syswow64\mswsock.DLL
MOD - [2010/11/20 08:19:56 | 000,232,448 | ---- | M] () -- \\.\globalroot\systemroot\syswow64\mswsock.dll
MOD - [2010/03/03 10:41:06 | 000,086,016 | ---- | M] () -- C:\Program Files (x86)\HP\ToolboxFX\bin\HPFaxUtilities.dll
MOD - [2010/03/03 10:41:04 | 000,835,584 | ---- | M] () -- C:\Program Files (x86)\HP\ToolboxFX\bin\Alerts.dll
MOD - [2010/03/03 10:40:50 | 000,516,096 | ---- | M] () -- C:\Program Files (x86)\HP\ToolboxFX\bin\HPAppTools.dll
MOD - [2010/03/03 10:40:48 | 000,840,192 | ---- | M] () -- C:\Program Files (x86)\HP\ToolboxFX\bin\PLSDMXMLObjects.dll
MOD - [2010/03/03 10:40:46 | 000,069,632 | ---- | M] () -- C:\Program Files (x86)\HP\ToolboxFX\bin\AppConstants.dll
MOD - [2010/03/03 10:40:44 | 000,130,560 | ---- | M] () -- C:\Program Files (x86)\HP\ToolboxFX\bin\DMBaseObjects.dll
MOD - [2010/03/03 10:40:44 | 000,069,632 | ---- | M] () -- C:\Program Files (x86)\HP\ToolboxFX\bin\HPToolkit.dll
MOD - [2010/03/03 10:40:42 | 000,061,440 | ---- | M] () -- C:\Program Files (x86)\HP\ToolboxFX\bin\HPTools.dll
MOD - [2009/10/15 08:25:30 | 000,364,544 | ---- | M] () -- C:\Program Files (x86)\HP\ToolboxFX\bin\NativeUtils.dll
MOD - [2007/08/31 09:59:28 | 000,057,344 | ---- | M] () -- C:\Program Files (x86)\HP\HP UT\bin\HPUsageTracking.dll
MOD - [2007/08/31 09:59:28 | 000,036,864 | ---- | M] () -- C:\Program Files (x86)\HP\HP UT\bin\hppusg.exe
MOD - [2007/08/31 09:59:26 | 000,114,688 | ---- | M] () -- C:\Program Files (x86)\HP\HP UT\bin\HPToolkit.dll
MOD - [2007/08/31 09:59:26 | 000,036,864 | ---- | M] () -- C:\Program Files (x86)\HP\HP UT\bin\Enumeration.dll
MOD - [2007/08/31 09:59:10 | 000,065,536 | ---- | M] () -- C:\Program Files (x86)\HP\HP UT\bin\HPTools.dll
MOD - [2007/08/31 09:59:04 | 000,016,384 | ---- | M] () -- C:\Program Files (x86)\HP\HP UT\bin\HPStreamsInterface.dll


========== Services (SafeList) ==========

SRV:64bit: - [2012/03/02 16:52:08 | 001,125,488 | ---- | M] (VMware, Inc.) [Auto | Running] -- C:\Program Files\VMware\VMware View\Client\bin\wsnm_usbctrl.exe -- (wsnm_usbctrl)
SRV:64bit: - [2012/03/02 16:48:30 | 000,494,192 | ---- | M] (VMware, Inc.) [Auto | Running] -- C:\Program Files\VMware\VMware View\Client\bin\wsnm.exe -- (wsnm)
SRV:64bit: - [2009/09/17 16:41:36 | 000,137,560 | ---- | M] (TOSHIBA Corporation) [On_Demand | Running] -- C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosSmartSrv.exe -- (TOSHIBA HDD SSD Alert Service)
SRV:64bit: - [2009/08/11 20:10:48 | 000,252,272 | ---- | M] (TOSHIBA Corporation) [Auto | Running] -- C:\Program Files\TOSHIBA\TECO\TecoService.exe -- (TOSHIBA eco Utility Service)
SRV:64bit: - [2009/08/05 18:20:12 | 000,488,800 | ---- | M] (TOSHIBA Corporation) [Auto | Running] -- C:\Program Files\TOSHIBA\Power Saver\TosCoSrv.exe -- (TosCoSrv)
SRV:64bit: - [2009/08/04 15:15:06 | 000,826,224 | ---- | M] (TOSHIBA Corporation) [On_Demand | Running] -- C:\Program Files\TOSHIBA\TPHM\TPCHSrv.exe -- (TPCHSrv)
SRV:64bit: - [2009/07/28 18:48:06 | 000,140,632 | ---- | M] (TOSHIBA Corporation) [Auto | Running] -- C:\Windows\SysNative\TODDSrv.exe -- (TODDSrv)
SRV:64bit: - [2009/07/08 13:41:02 | 000,531,520 | ---- | M] (TOSHIBA Corporation) [Auto | Running] -- C:\Windows\SysNative\ThpSrv.exe -- (Thpsrv)
SRV - [2012/08/15 10:48:15 | 000,250,056 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2012/07/27 16:51:26 | 000,063,960 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)
SRV - [2012/07/05 18:41:08 | 007,392,136 | ---- | M] (LeapFrog Enterprises, Inc.) [Auto | Running] -- C:\Program Files (x86)\LeapFrog\LeapFrog Connect\CommandService.exe -- (LeapFrog Connect Device Service)
SRV - [2012/06/08 11:32:44 | 000,531,928 | ---- | M] (Avanquest Software) [Auto | Running] -- C:\Program Files (x86)\Avanquest\Fix-It\MXTask.exe -- (Fix-It Task Manager)
SRV - [2012/06/08 11:32:44 | 000,310,008 | ---- | M] (Avanquest Software) [Auto | Running] -- C:\Program Files (x86)\Avanquest\Fix-It\AVQWinMonEngine.exe -- (.AVQWindowsMonitorService)
SRV - [2012/06/05 13:16:40 | 000,080,816 | ---- | M] (Avanquest Software) [Auto | Running] -- C:\Program Files (x86)\Avanquest\Fix-It\AQFileRestoreSrv.exe -- (AQFileRestoreSrv)
SRV - [2011/11/13 07:53:40 | 000,946,032 | ---- | M] (Citrix Online, a division of Citrix Systems, Inc.) [Auto | Running] -- C:\Program Files (x86)\Citrix\GoToMyPC\g2svc.exe -- (GoToMyPC)
SRV - [2011/11/07 15:37:20 | 000,126,392 | R--- | M] (Symantec Corporation) [Auto | Running] -- C:\Program Files (x86)\Norton PC Checkup\Engine\2.0.17.20\ccSvcHst.exe -- (PCCUJobMgr)
SRV - [2011/11/07 15:36:13 | 000,135,608 | R--- | M] (Symantec Corporation) [Auto | Running] -- C:\Program Files (x86)\Norton PC Checkup\Engine\2.0.17.20\SymcPCCULaunchSvc.exe -- (Norton PC Checkup Application Launcher)
SRV - [2011/04/16 20:45:11 | 000,130,008 | R--- | M] (Symantec Corporation) [Auto | Running] -- C:\Program Files (x86)\Norton Security Suite\Engine\5.2.2.3\ccSvcHst.exe -- (N360)
SRV - [2011/02/11 13:45:52 | 000,054,136 | ---- | M] (TOSHIBA Corporation) [On_Demand | Running] -- C:\Program Files (x86)\TOSHIBA\TOSHIBA Service Station\TMachInfo.exe -- (TMachInfo)
SRV - [2010/03/18 13:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2009/12/02 15:51:12 | 000,136,192 | ---- | M] (HP) [Auto | Running] -- C:\Program Files (x86)\HP\HPLaserJetService\HPLaserJetService.exe -- (HP LaserJet Service)
SRV - [2009/09/10 00:42:44 | 000,142,424 | ---- | M] (Nuance Communications, Inc.) [Auto | Running] -- C:\Program Files (x86)\Nuance\PaperPort\PDFProFiltSrvPP.exe -- (PDFProFiltSrvPP)
SRV - [2009/08/10 23:55:58 | 000,248,688 | ---- | M] (TOSHIBA CORPORATION) [Auto | Running] -- C:\Program Files (x86)\TOSHIBA\ConfigFree\CFIWmxSvcs64.exe -- (cfWiMAXService)
SRV - [2009/07/14 23:10:30 | 000,042,368 | ---- | M] (TOSHIBA CORPORATION) [Auto | Running] -- C:\Program Files (x86)\TOSHIBA\ConfigFree\CFProcSRVC.exe -- (ConfigFree Gadget Service)
SRV - [2009/06/10 17:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)
SRV - [2009/03/10 22:51:20 | 000,046,448 | ---- | M] (TOSHIBA CORPORATION) [Auto | Running] -- C:\Program Files (x86)\TOSHIBA\ConfigFree\CFSvcs.exe -- (ConfigFree Service)


========== Driver Services (SafeList) ==========

DRV:64bit: - File not found [Kernel | On_Demand | Stopped] -- C:\Program Files\Enigma Software Group\SpyHunter\esgiguard.sys -- (esgiguard)
DRV:64bit: - [2012/07/26 01:32:22 | 000,033,240 | ---- | M] (GEAR Software Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\GEARAspiWDM.sys -- (GEARAspiWDM)
DRV:64bit: - [2012/03/02 16:52:08 | 000,048,240 | ---- | M] (VMware, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\vmwvusb.sys -- (vmwvusb)
DRV:64bit: - [2012/03/01 02:46:16 | 000,023,408 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec)
DRV:64bit: - [2012/02/15 11:01:50 | 000,052,736 | ---- | M] (Apple, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\usbaapl64.sys -- (USBAAPL64)
DRV:64bit: - [2011/08/01 16:59:06 | 000,045,416 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\point64.sys -- (Point64)
DRV:64bit: - [2011/08/01 16:59:06 | 000,023,960 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\nuidfltr.sys -- (NuidFltr)
DRV:64bit: - [2011/07/21 09:16:31 | 000,174,200 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\SYMEVENT64x86.SYS -- (SymEvent)
DRV:64bit: - [2011/05/18 09:08:32 | 000,047,616 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\dc3d.sys -- (dc3d)
DRV:64bit: - [2011/04/20 21:37:49 | 000,386,168 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\N360x64\0502020.003\symnets.sys -- (SymNetS)
DRV:64bit: - [2011/03/30 23:00:09 | 000,744,568 | ---- | M] (Symantec Corporation) [File_System | System | Running] -- C:\Windows\SysNative\drivers\N360x64\0502020.003\srtsp64.sys -- (SRTSP)
DRV:64bit: - [2011/03/30 23:00:09 | 000,040,568 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\N360x64\0502020.003\srtspx64.sys -- (SRTSPX)
DRV:64bit: - [2011/03/14 22:31:23 | 000,912,504 | ---- | M] (Symantec Corporation) [File_System | Boot | Running] -- C:\Windows\SysNative\drivers\N360x64\0502020.003\symefa64.sys -- (SymEFA)
DRV:64bit: - [2011/03/11 02:41:12 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:64bit: - [2011/03/11 02:41:12 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:64bit: - [2011/01/27 02:47:10 | 000,450,680 | ---- | M] (Symantec Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\N360x64\0502020.003\symds64.sys -- (SymDS)
DRV:64bit: - [2010/11/20 09:33:35 | 000,078,720 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:64bit: - [2010/11/20 07:07:05 | 000,059,392 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV:64bit: - [2010/11/20 05:37:42 | 000,109,056 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\sdbus.sys -- (sdbus)
DRV:64bit: - [2010/11/15 21:45:33 | 000,171,128 | R--- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\N360x64\0502020.003\ironx64.sys -- (SymIRON)
DRV:64bit: - [2010/01/20 15:18:26 | 000,040,320 | ---- | M] (Belcarra Technologies) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\btblan.sys -- (Leapfrog-USBLAN)
DRV:64bit: - [2009/11/10 10:27:06 | 000,024,576 | ---- | M] (LeapFrog) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\FlyUsb.sys -- (FlyUsb)
DRV:64bit: - [2009/10/26 16:54:22 | 000,032,768 | ---- | M] (HTC, Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ANDROIDUSB.sys -- (HTCAND64)
DRV:64bit: - [2009/10/02 13:33:48 | 000,946,688 | ---- | M] (Realtek Semiconductor Corporation ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\rtl8192se.sys -- (rtl8192se)
DRV:64bit: - [2009/08/27 12:07:06 | 007,369,600 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\igdkmd64.sys -- (igfx)
DRV:64bit: - [2009/08/07 09:24:14 | 000,408,600 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\iaStor.sys -- (iaStor)
DRV:64bit: - [2009/07/30 23:58:42 | 000,236,544 | ---- | M] (Realtek ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Rt64win7.sys -- (RTL8167)
DRV:64bit: - [2009/07/30 23:22:04 | 000,027,784 | ---- | M] (TOSHIBA Corporation.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\tdcmdpst.sys -- (tdcmdpst)
DRV:64bit: - [2009/07/28 22:24:12 | 000,081,408 | ---- | M] (REDC) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\risdpe64.sys -- (risdpcie)
DRV:64bit: - [2009/07/24 19:57:08 | 000,482,384 | ---- | M] (TOSHIBA Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\tos_sps64.sys -- (tos_sps64)
DRV:64bit: - [2009/07/20 21:48:32 | 000,274,480 | ---- | M] (Synaptics Incorporated) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\SynTP.sys -- (SynTP)
DRV:64bit: - [2009/07/14 19:31:18 | 000,026,840 | ---- | M] (TOSHIBA Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\TVALZ_O.SYS -- (TVALZ)
DRV:64bit: - [2009/07/13 21:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:64bit: - [2009/07/13 21:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:64bit: - [2009/07/13 21:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:64bit: - [2009/07/13 20:10:47 | 000,011,264 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\rootmdm.sys -- (ROOTMODEM)
DRV:64bit: - [2009/07/10 10:45:12 | 000,139,264 | ---- | M] (Intel® Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\IntcHdmi.sys -- (IntcHdmiAddService)
DRV:64bit: - [2009/07/07 12:51:42 | 000,009,216 | ---- | M] (TOSHIBA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\FwLnk.sys -- (FwLnk)
DRV:64bit: - [2009/07/04 23:27:02 | 000,055,808 | ---- | M] (REDC) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\rixdpe64.sys -- (rixdpcie)
DRV:64bit: - [2009/07/02 12:54:52 | 000,060,416 | ---- | M] (REDC) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\rimspe64.sys -- (rimspci)
DRV:64bit: - [2009/06/29 20:16:20 | 000,014,784 | ---- | M] (TOSHIBA Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\Thpevm.sys -- (Thpevm)
DRV:64bit: - [2009/06/29 14:25:22 | 000,034,880 | ---- | M] (TOSHIBA Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\thpdrv.sys -- (Thpdrv)
DRV:64bit: - [2009/06/22 21:06:38 | 000,035,008 | ---- | M] (TOSHIBA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\PGEffect.sys -- (PGEffect)
DRV:64bit: - [2009/06/19 23:15:22 | 000,014,472 | ---- | M] (TOSHIBA Corporation) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\TVALZFL.sys -- (TVALZFL)
DRV:64bit: - [2009/06/19 22:09:57 | 001,394,688 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\athrx.sys -- (athr)
DRV:64bit: - [2009/06/10 17:01:06 | 001,146,880 | ---- | M] (LSI Corp) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\agrsm64.sys -- (AgereSoftModem)
DRV:64bit: - [2009/06/10 16:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:64bit: - [2009/06/10 16:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:64bit: - [2009/06/10 16:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
DRV:64bit: - [2009/06/10 16:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
DRV:64bit: - [2007/07/16 17:29:33 | 000,023,064 | ---- | M] (Hewlett Packard) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\hpfx64fax.sys -- (HPFXFAX)
DRV:64bit: - [2007/07/16 17:29:23 | 000,020,504 | ---- | M] (Hewlett Packard) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\hpfx64bulk.sys -- (HPFXBULK)
DRV:64bit: - [2007/01/18 16:10:22 | 000,030,336 | ---- | M] (Research in Motion Ltd) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\RimSerial_AMD64.sys -- (RimVSerPort)
DRV - [2012/08/31 20:27:23 | 000,513,184 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_5.0.0.125\Definitions\IPSDefs\20120901.001\IDSviA64.sys -- (IDSVia64)
DRV - [2012/08/22 09:12:27 | 002,084,000 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_5.0.0.125\Definitions\VirusDefs\20120905.002\ex64.sys -- (NAVEX15)
DRV - [2012/08/22 09:12:27 | 000,484,512 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys -- (eeCtrl)
DRV - [2012/08/22 09:12:27 | 000,125,600 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_5.0.0.125\Definitions\VirusDefs\20120905.002\eng64.sys -- (NAVENG)
DRV - [2012/08/09 08:54:10 | 000,138,912 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys -- (EraserUtilRebootDrv)
DRV - [2012/06/18 20:01:14 | 001,161,376 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_5.0.0.125\Definitions\BASHDefs\20120823.007\BHDrvx64.sys -- (BHDrvx64)
DRV - [2009/07/13 21:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {E113DADB-2393-4213-91BA-105D4072AA4E}
IE:64bit: - HKLM\..\SearchScopes\{E113DADB-2393-4213-91BA-105D4072AA4E}: "URL" = http://www.google.co...ng}&rlz=1I7TSNA
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.google.co...=TSNA&bmod=TSNA
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.co...=TSNA&bmod=TSNA
IE - HKLM\..\URLSearchHook: {8bdea9d6-6f62-45eb-8ee9-8a81af0d2f94} - C:\Program Files (x86)\Swag_Bucks\prxtbSwa2.dll (Conduit Ltd.)
IE - HKLM\..\SearchScopes,DefaultScope = {afdbddaa-5d3f-42ee-b79c-185a7020515b}
IE - HKLM\..\SearchScopes\{576E30E7-120E-47A7-80FD-42325F4B5513}: "URL" = http://www.google.co...ng}&rlz=1I7TSNA
IE - HKLM\..\SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b}: "URL" = http://search.condui...&ctid=CT2260173

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.google.co...=TSNA&bmod=TSNA
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar =
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page =
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.comcast.net/
IE - HKCU\..\URLSearchHook: {3bbd3c14-4c16-4989-8366-95bc9179779d} - No CLSID value found
IE - HKCU\..\URLSearchHook: {81017EA9-9AA8-4A6A-9734-7AF40E7D593F} - No CLSID value found
IE - HKCU\..\URLSearchHook: {8bdea9d6-6f62-45eb-8ee9-8a81af0d2f94} - C:\Program Files (x86)\Swag_Bucks\prxtbSwa2.dll (Conduit Ltd.)
IE - HKCU\..\SearchScopes,DefaultScope = {afdbddaa-5d3f-42ee-b79c-185a7020515b}
IE - HKCU\..\SearchScopes\{171DEBEB-C3D4-40b7-AC73-056A5EBA4A7E}: "URL" = http://supertoolbar....ale.underscore}
IE - HKCU\..\SearchScopes\{29311076-292B-4DB7-B34B-C01604B408CB}: "URL" = http://search.condui...&ctid=CT3201318
IE - HKCU\..\SearchScopes\{576E30E7-120E-47A7-80FD-42325F4B5513}: "URL" = http://www.google.co...&rlz=1I7TSNA_en
IE - HKCU\..\SearchScopes\{7351FD46-C273-4897-B664-A661BCE51A5E}: "URL" = http://search.freeca...p={searchTerms}
IE - HKCU\..\SearchScopes\{7545FDB5-E450-47EA-A7E0-AB1C5C1365AE}: "URL" = http://swagbucks.com...q={searchTerms}
IE - HKCU\..\SearchScopes\{A4C9B0F2-3EF3-4F88-A97A-4121A423F183}: "URL" = http://search.yahoo....33,17118,0,18,0
IE - HKCU\..\SearchScopes\{C570F98B-2728-4D63-A268-8C1F4E199788}: "URL" = http://www.mysearchr...q={searchTerms}
IE - HKCU\..\SearchScopes\{E519AA1F-E8A8-47ED-92E3-BCFB65055819}: "URL" = http://search.comcas...q={searchTerms}
IE - HKCU\..\SearchScopes\Comcast: "URL" = http://search.comcas...q={searchTerms}
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local


========== FireFox ==========

FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\windows\system32\Macromed\Flash\NPSWF64_11_3_300_271.dll File not found
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\windows\SysWOW64\Macromed\Flash\NPSWF32_11_3_300_271.dll ()
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.5.1: C:\windows\SysWOW64\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.5.1: C:\Program Files (x86)\Oracle\JavaFX 2.1 Runtime\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files (x86)\Microsoft Silverlight\4.1.10329.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3508.1109: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3555.0308: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@movenetworks.com/Quantum Media Player: C:\Users\Matt Goodwin\AppData\Roaming\Move Networks\plugins\npqmp071706000001.dll (Move Networks)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKCU\Software\MozillaPlugins\@movenetworks.com/Quantum Media Player: C:\Users\Matt Goodwin\AppData\Roaming\Move Networks\plugins\npqmp071706000001.dll (Move Networks)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{BBDA0591-3099-440a-AA10-41764D9DB4DB}: C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_5.0.0.125\IPSFFPlgn\ [2012/02/08 17:26:16 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{2D3F3651-74B9-4795-BDEC-6DA2F431CB62}: C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_5.0.0.125\coFFPlgn_2011_7_12_1 [2012/09/04 11:05:02 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Firefox\Extensions\\[email protected]: C:\Users\Matt Goodwin\AppData\Roaming\Move Networks [2010/05/24 13:48:45 | 000,000,000 | ---D | M]


========== Chrome ==========

CHR - homepage: http://www.google.com
CHR - default_search_provider: Google (Enabled)
CHR - default_search_provider: search_url = {google:baseURL}search?{google:RLZ}{google:acceptedSuggestion}{google:originalQueryForSuggestion}{google:searchFieldtrialParameter}{google:instantFieldTrialGroupParameter}sourceid=chrome&ie={inputEncoding}&q={searchTerms}
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}{google:instantFieldTrialGroupParameter}client=chrome&hl={language}&q={searchTerms},
CHR - homepage: http://www.google.com
CHR - plugin: Remoting Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\19.0.1084.52\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\19.0.1084.52\pdf.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\19.0.1084.52\gcswf32.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\windows\SysWOW64\Macromed\Flash\NPSWF32_11_2_202_235.dll
CHR - plugin: Adobe Acrobat (Disabled) = C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Browser\nppdf32.dll
CHR - plugin: Google Update (Enabled) = C:\Program Files (x86)\Google\Update\1.3.21.111\npGoogleUpdate3.dll
CHR - plugin: Java™ Platform SE 7 U4 (Enabled) = C:\Program Files (x86)\Oracle\JavaFX 2.1 Runtime\bin\plugin2\npjp2.dll
CHR - plugin: Java Deployment Toolkit 7.0.40.255 (Enabled) = C:\windows\SysWOW64\npDeployJava1.dll
CHR - plugin: WildTangent Games App Presence Detector (Enabled) = C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\2\NP_wtapp.dll
CHR - plugin: Windows Live\u0099 Photo Gallery (Enabled) = C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll
CHR - plugin: iTunes Application Detector (Enabled) = C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll
CHR - plugin: BrowserPlus (from Yahoo!) v2.9.8 (Enabled) = C:\Users\Matt Goodwin\AppData\Local\Yahoo!\BrowserPlus\2.9.8\Plugins\npybrowserplus_2.9.8.dll
CHR - plugin: Move Streaming Media Player (Enabled) = C:\Users\Matt Goodwin\AppData\Roaming\Move Networks\plugins\npqmp071706000001.dll
CHR - plugin: Silverlight Plug-In (Enabled) = c:\Program Files (x86)\Microsoft Silverlight\4.1.10329.0\npctrl.dll
CHR - Extension: Entanglement = C:\Users\Matt Goodwin\AppData\Local\Google\Chrome\User Data\Default\Extensions\aciahcmjmecflokailenpkdchphgkefd\2.7.9_1\
CHR - Extension: Angry Birds = C:\Users\Matt Goodwin\AppData\Local\Google\Chrome\User Data\Default\Extensions\aknpkdffaafgjchaibgeefbgmgeghloj\1.5.0.7_0\
CHR - Extension: 3D Baseball II = C:\Users\Matt Goodwin\AppData\Local\Google\Chrome\User Data\Default\Extensions\dlogndjagpkddpfdjehblbmkmkbpdnhh\1.0_0\
CHR - Extension: JDoodle Jump = C:\Users\Matt Goodwin\AppData\Local\Google\Chrome\User Data\Default\Extensions\feegnpclfpgemhfmgfobelglidonaopc\1.4_1\
CHR - Extension: Space Invaders = C:\Users\Matt Goodwin\AppData\Local\Google\Chrome\User Data\Default\Extensions\kkolofikfmgppihdahfkbgpdgkocapbp\1.4_0\
CHR - Extension: Poppit = C:\Users\Matt Goodwin\AppData\Local\Google\Chrome\User Data\Default\Extensions\mcbkbpnkkkipelfledbfocopglifcfmi\2.2_1\

Hosts file not found
O2 - BHO: (no name) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - No CLSID value found.
O2 - BHO: (PlusIEEventHelper Class) - {551A852F-39A6-44A7-9C13-AFBEC9185A9D} - C:\Program Files (x86)\Nuance\PDFViewerPlus\bin\PlusIEContextMenu.dll (Zeon Corporation)
O2 - BHO: (Symantec NCO BHO) - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files (x86)\Norton Security Suite\Engine\5.2.2.3\coieplg.dll (Symantec Corporation)
O2 - BHO: (Symantec Intrusion Prevention) - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files (x86)\Norton Security Suite\Engine\5.2.2.3\ips\ipsbho.dll (Symantec Corporation)
O2 - BHO: (Java™ Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Oracle\JavaFX 2.1 Runtime\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (Swag Bucks Toolbar) - {8bdea9d6-6f62-45eb-8ee9-8a81af0d2f94} - C:\Program Files (x86)\Swag_Bucks\prxtbSwa2.dll (Conduit Ltd.)
O2 - BHO: (Ask Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll (Ask)
O2 - BHO: (ZeonIEEventHelper Class) - {DA986D7D-CCAF-47B2-84FE-BFA1549BEBF9} - C:\Program Files (x86)\Nuance\PDFViewerPlus\bin\ZeonIEFavClient.dll (Zeon Corporation)
O2 - BHO: (Java™ Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Oracle\JavaFX 2.1 Runtime\bin\jp2ssv.dll (Oracle Corporation)
O2 - BHO: (TBSB07898 Class) - {FCBCCB87-9224-4B8D-B117-F56D924BEB18} - C:\Program Files (x86)\Coupons.com CouponBar\tbcore3.dll File not found
O2 - BHO: (Yontoo) - {FD72061E-9FDE-484D-A58A-0BAB4151CAD8} - C:\Program Files (x86)\Yontoo\YontooIEClient.dll File not found
O3:64bit: - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O3 - HKLM\..\Toolbar: (Norton Toolbar) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton Security Suite\Engine\5.2.2.3\coieplg.dll (Symantec Corporation)
O3 - HKLM\..\Toolbar: (Coupons.com CouponBar) - {8660E5B3-6C41-44DE-8503-98D99BBECD41} - C:\Program Files (x86)\Coupons.com CouponBar\tbcore3.dll File not found
O3 - HKLM\..\Toolbar: (Swag Bucks Toolbar) - {8bdea9d6-6f62-45eb-8ee9-8a81af0d2f94} - C:\Program Files (x86)\Swag_Bucks\prxtbSwa2.dll (Conduit Ltd.)
O3 - HKLM\..\Toolbar: (Ask Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll (Ask)
O3 - HKLM\..\Toolbar: (Nuance PDF) - {E3286BF1-E654-42FF-B4A6-5E111731DF6B} - C:\Program Files (x86)\Nuance\PDFViewerPlus\bin\ZeonIEFavClient.dll (Zeon Corporation)
O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {3BBD3C14-4C16-4989-8366-95BC9179779D} - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (Norton Toolbar) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton Security Suite\Engine\5.2.2.3\coieplg.dll (Symantec Corporation)
O3 - HKCU\..\Toolbar\WebBrowser: (Swag Bucks Toolbar) - {8BDEA9D6-6F62-45EB-8EE9-8A81AF0D2F94} - C:\Program Files (x86)\Swag_Bucks\prxtbSwa2.dll (Conduit Ltd.)
O4:64bit: - HKLM..\Run: [] File not found
O4:64bit: - HKLM..\Run: [00TCrdMain] C:\Program Files\TOSHIBA\FlashCards\TCrdMain.exe (TOSHIBA Corporation)
O4:64bit: - HKLM..\Run: [HotKeysCmds] C:\windows\SysNative\hkcmd.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [HP LaserJet M1522 MFP Series Fax] C:\Program Files (x86)\HP\hp LaserJet M1522\hppfaxprintersrv.exe (Hewlett-Packard Company)
O4:64bit: - HKLM..\Run: [HSON] C:\Program Files\TOSHIBA\TBS\HSON.exe (TOSHIBA Corporation)
O4:64bit: - HKLM..\Run: [IgfxTray] C:\windows\SysNative\igfxtray.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [IntelliPoint] c:\Program Files\Microsoft IntelliPoint\ipoint.exe (Microsoft Corporation)
O4:64bit: - HKLM..\Run: [Persistence] C:\windows\SysNative\igfxpers.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Realtek Semiconductor)
O4:64bit: - HKLM..\Run: [SmartFaceVWatcher] C:\Program Files\TOSHIBA\SmartFaceV\SmartFaceVWatcher.exe (TOSHIBA Corporation)
O4:64bit: - HKLM..\Run: [SmoothView] C:\Program Files\TOSHIBA\SmoothView\SmoothView.exe (TOSHIBA Corporation)
O4:64bit: - HKLM..\Run: [Teco] C:\Program Files\TOSHIBA\TECO\Teco.exe (TOSHIBA Corporation)
O4:64bit: - HKLM..\Run: [ThpSrv] C:\windows\SysNative\thpsrv.exe (TOSHIBA Corporation)
O4:64bit: - HKLM..\Run: [TosSENotify] C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosWaitSrv.exe (TOSHIBA Corporation)
O4:64bit: - HKLM..\Run: [TosWaitSrv] C:\Program Files\TOSHIBA\TPHM\TosWaitSrv.exe (TOSHIBA Corporation)
O4:64bit: - HKLM..\Run: [TPwrMain] C:\Program Files\TOSHIBA\Power Saver\TPwrMain.exe (TOSHIBA Corporation)
O4 - HKLM..\Run: [] File not found
O4 - HKLM..\Run: [Adobe Reader Speed Launcher] C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Reader_sl.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [ApnUpdater] C:\Program Files (x86)\Ask.com\Updater\Updater.exe (Ask)
O4 - HKLM..\Run: [APSDaemon] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.)
O4 - HKLM..\Run: [HPUsageTracking] C:\Program Files (x86)\HP\HP UT\bin\hppusg.exe ()
O4 - HKLM..\Run: [IndexSearch] C:\Program Files (x86)\Nuance\PaperPort\IndexSearch.exe (Nuance Communications, Inc.)
O4 - HKLM..\Run: [Monitor] C:\Program Files (x86)\LeapFrog\LeapFrog Connect\Monitor.exe (LeapFrog Enterprises, Inc.)
O4 - HKLM..\Run: [NortonOnlineBackupReminder] C:\Program Files (x86)\TOSHIBA\Toshiba Online Backup\Activation\TobuActivation.exe (Toshiba)
O4 - HKLM..\Run: [PaperPort PTD] C:\Program Files (x86)\Nuance\PaperPort\pptd40nt.exe (Nuance Communications, Inc.)
O4 - HKLM..\Run: [PDF5 Registry Controller] C:\Program Files (x86)\Nuance\PDFViewerPlus\RegistryController.exe (Nuance Communications, Inc.)
O4 - HKLM..\Run: [PDFHook] C:\Program Files (x86)\Nuance\PDFViewerPlus\pdfPro5Hook.exe (Nuance Communications, Inc.)
O4 - HKLM..\Run: [ToolBoxFX] C:\Program Files (x86)\HP\ToolBoxFX\bin\HPTLBXFX.exe (HP)
O4 - HKLM..\Run: [ToshibaServiceStation] C:\Program Files (x86)\TOSHIBA\TOSHIBA Service Station\ToshibaServiceStation.exe (TOSHIBA Corporation)
O4 - HKLM..\Run: [TUSBSleepChargeSrv] "%ProgramFiles(x86)%\TOSHIBA\TOSHIBA USB Sleep and Charge Utility\TUSBSleepChargeSrv.exe" File not found
O4 - HKLM..\Run: [TWebCamera] C:\Program Files (x86)\TOSHIBA\TOSHIBA Web Camera Application\TWebCamera.exe (TOSHIBA CORPORATION.)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O8:64bit: - Extra context menu item: Append the content of the link to existing PDF file - C:\Program Files (x86)\Nuance\PDFViewerPlus\Bin\ZeonIEFavClient.dll (Zeon Corporation)
O8:64bit: - Extra context menu item: Append the content of the selected links to existing PDF file - C:\Program Files (x86)\Nuance\PDFViewerPlus\Bin\ZeonIEFavClient.dll (Zeon Corporation)
O8:64bit: - Extra context menu item: Append to existing PDF file - C:\Program Files (x86)\Nuance\PDFViewerPlus\Bin\ZeonIEFavClient.dll (Zeon Corporation)
O8:64bit: - Extra context menu item: Create PDF file - C:\Program Files (x86)\Nuance\PDFViewerPlus\Bin\ZeonIEFavClient.dll (Zeon Corporation)
O8:64bit: - Extra context menu item: Create PDF file from the content of the link - C:\Program Files (x86)\Nuance\PDFViewerPlus\Bin\ZeonIEFavClient.dll (Zeon Corporation)
O8:64bit: - Extra context menu item: Create PDF files from the selected links - C:\Program Files (x86)\Nuance\PDFViewerPlus\Bin\ZeonIEFavClient.dll (Zeon Corporation)
O8 - Extra context menu item: Append the content of the link to existing PDF file - C:\Program Files (x86)\Nuance\PDFViewerPlus\Bin\ZeonIEFavClient.dll (Zeon Corporation)
O8 - Extra context menu item: Append the content of the selected links to existing PDF file - C:\Program Files (x86)\Nuance\PDFViewerPlus\Bin\ZeonIEFavClient.dll (Zeon Corporation)
O8 - Extra context menu item: Append to existing PDF file - C:\Program Files (x86)\Nuance\PDFViewerPlus\Bin\ZeonIEFavClient.dll (Zeon Corporation)
O8 - Extra context menu item: Create PDF file - C:\Program Files (x86)\Nuance\PDFViewerPlus\Bin\ZeonIEFavClient.dll (Zeon Corporation)
O8 - Extra context menu item: Create PDF file from the content of the link - C:\Program Files (x86)\Nuance\PDFViewerPlus\Bin\ZeonIEFavClient.dll (Zeon Corporation)
O8 - Extra context menu item: Create PDF files from the selected links - C:\Program Files (x86)\Nuance\PDFViewerPlus\Bin\ZeonIEFavClient.dll (Zeon Corporation)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000010 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000001 - mmswsock.dll File not found
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000002 - mmswsock.dll File not found
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000003 - mmswsock.dll File not found
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000004 - mmswsock.dll File not found
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000005 - mmswsock.dll File not found
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000006 - mmswsock.dll File not found
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000007 - mmswsock.dll File not found
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000008 - mmswsock.dll File not found
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000009 - mmswsock.dll File not found
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000010 - mmswsock.dll File not found
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000011 - mmswsock.dll File not found
O10 - NameSpace_Catalog5\Catalog_Entries\000000000010 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.)
O10 - Protocol_Catalog9\Catalog_Entries\000000000001 - C:\Program Files (x86)\Bonjour\mdnsNSP.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000002 - C:\Program Files (x86)\Bonjour\mdnsNSP.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000003 - C:\Program Files (x86)\Bonjour\mdnsNSP.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000004 - C:\Program Files (x86)\Bonjour\mdnsNSP.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000005 - C:\Program Files (x86)\Bonjour\mdnsNSP.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000006 - C:\Program Files (x86)\Bonjour\mdnsNSP.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000007 - C:\Program Files (x86)\Bonjour\mdnsNSP.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000008 - C:\Program Files (x86)\Bonjour\mdnsNSP.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000009 - C:\Program Files (x86)\Bonjour\mdnsNSP.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000010 - C:\Program Files (x86)\Bonjour\mdnsNSP.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000011 - C:\Program Files (x86)\Bonjour\mdnsNSP.dll File not found
O1364bit: - gopher Prefix: missing
O13 - gopher Prefix: missing
O16 - DPF: {106E49CF-797A-11D2-81A2-00E02C015623} http://www.alternati...x-w32-2.0.2.cab (AlternaTIFF ActiveX)
O16 - DPF: {73ECB3AA-4717-450C-A2AB-D00DAD9EE203} http://h20614.www2.h...hpdetect118.cab (Reg Error: Key error.)
O16 - DPF: {74E4A24D-5224-4F05-8A41-99445E0FC22B} http://www.gamehouse...se/ghplayer.cab (GameHouse Games Player)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/...indows-i586.cab (Java Plug-in 10.5.1)
O16 - DPF: {CAFEEFAC-0016-0000-0014-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_14)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 10.5.1)
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.ad...Plus/1.6/gp.cab (Reg Error: Key error.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 75.75.75.75 75.75.76.76
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{27ACFC9C-112C-4294-9376-BAD7D87427B2}: DhcpNameServer = 75.75.75.75 75.75.76.76
O18:64bit: - Protocol\Handler\livecall - No CLSID value found
O18:64bit: - Protocol\Handler\ms-help - No CLSID value found
O18:64bit: - Protocol\Handler\ms-itss - No CLSID value found
O18:64bit: - Protocol\Handler\msnim - No CLSID value found
O18:64bit: - Protocol\Handler\wlmailhtml - No CLSID value found
O18:64bit: - Protocol\Handler\wlpg - No CLSID value found
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\windows\system32\userinit.exe) - C:\Windows\SysWOW64\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O20:64bit: - Winlogon\Notify\igfxcui: DllName - (igfxdev.dll) - C:\windows\SysNative\igfxdev.dll (Intel Corporation)
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O30:64bit: - LSA: Security Packages - (wsauth) - C:\windows\SysNative\wsauth.dll (VMware, Inc.)
O30 - LSA: Security Packages - (wsauth) - File not found
O32 - HKLM CDRom: AutoRun - 1
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)

========== Files/Folders - Created Within 30 Days ==========

[2012/09/05 15:35:59 | 000,599,040 | ---- | C] (OldTimer Tools) -- C:\Users\Matt Goodwin\Desktop\OTL.exe
[2012/09/05 08:58:44 | 000,000,000 | ---D | C] -- C:\Users\Matt Goodwin\Documents\Searches for 09-05-2012
[2012/09/04 10:10:07 | 000,000,000 | ---D | C] -- C:\Users\Matt Goodwin\Documents\Searches for 09-04-2012
[2012/09/03 16:13:33 | 000,000,000 | ---D | C] -- C:\Firefox
[2012/09/03 16:13:33 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Ask.com
[2012/09/03 16:03:23 | 000,000,000 | ---D | C] -- C:\ProgramData\Ask
[2012/09/03 16:03:18 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Java
[2012/09/03 16:02:19 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Oracle
[2012/08/30 21:40:46 | 000,000,000 | ---D | C] -- C:\Users\Matt Goodwin\Documents\Searches for 08-31-2012
[2012/08/30 10:59:55 | 000,000,000 | ---D | C] -- C:\Users\Matt Goodwin\Documents\Searches for 08-30-2012
[2012/08/29 10:42:14 | 000,000,000 | ---D | C] -- C:\Users\Matt Goodwin\Documents\Searches for 08-29-2012
[2012/08/28 10:21:53 | 000,000,000 | ---D | C] -- C:\Users\Matt Goodwin\Documents\Searches for 08-28-2012
[2012/08/27 10:11:48 | 000,000,000 | ---D | C] -- C:\Users\Matt Goodwin\Documents\Searches for 08-27-2012
[2012/08/24 11:04:44 | 000,000,000 | ---D | C] -- C:\Users\Matt Goodwin\Documents\Searches for 08-24-2012
[2012/08/23 23:11:25 | 000,000,000 | ---D | C] -- C:\FRST
[2012/08/23 22:45:30 | 000,000,000 | ---D | C] -- C:\Users\Matt Goodwin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Norton
[2012/08/23 21:35:00 | 000,000,000 | ---D | C] -- C:\windows\pss
[2012/08/23 16:51:16 | 000,048,240 | ---- | C] (VMware, Inc.) -- C:\windows\SysNative\drivers\vmwvusb.sys
[2012/08/23 16:50:56 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\VMware
[2012/08/23 16:50:52 | 000,000,000 | ---D | C] -- C:\Program Files\VMware
[2012/08/23 16:34:05 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Citrix
[2012/08/23 16:34:04 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Citrix
[2012/08/23 10:52:42 | 000,000,000 | ---D | C] -- C:\Users\Matt Goodwin\Documents\Searches for 08-23-2012
[2012/08/22 13:45:36 | 000,000,000 | ---D | C] -- C:\Program Files\Enigma Software Group
[2012/08/22 13:41:17 | 000,000,000 | ---D | C] -- C:\Users\Matt Goodwin\AppData\Roaming\DriverCure
[2012/08/22 13:41:13 | 000,000,000 | ---D | C] -- C:\Users\Matt Goodwin\AppData\Roaming\SpeedyPC Software
[2012/08/22 13:38:27 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Wise Installation Wizard
[2012/08/22 13:37:55 | 000,000,000 | ---D | C] -- C:\ProgramData\SpeedyPC Software
[2012/08/22 10:35:36 | 000,000,000 | ---D | C] -- C:\Users\Matt Goodwin\Documents\Searches for 08-22-2012
[2012/08/21 10:38:09 | 000,000,000 | ---D | C] -- C:\Users\Matt Goodwin\Documents\Searches for 08-21-2012
[2012/08/20 10:56:16 | 000,000,000 | ---D | C] -- C:\Users\Matt Goodwin\Documents\Searches for 08-20-2012
[2012/08/16 22:51:56 | 000,000,000 | ---D | C] -- C:\Users\Matt Goodwin\Documents\Searches for 08-17-2012
[2012/08/16 09:47:39 | 000,000,000 | ---D | C] -- C:\Users\Matt Goodwin\Documents\Searches for 08-16-2012
[2012/08/15 10:31:21 | 000,000,000 | -HSD | C] -- C:\windows\SysWow64\%APPDATA%
[2012/08/15 09:58:03 | 000,000,000 | ---D | C] -- C:\Users\Matt Goodwin\Documents\Searches for 08-15-2012
[2012/08/14 15:07:44 | 000,000,000 | ---D | C] -- C:\Users\Matt Goodwin\AppData\Local\NPE
[2012/08/14 11:07:17 | 000,027,256 | ---- | C] (Symantec Corporation) -- C:\windows\SysNative\drivers\FixZeroAccess.sys
[2012/08/14 10:03:28 | 000,000,000 | ---D | C] -- C:\Users\Matt Goodwin\Documents\Searches for 08-14-2012
[2012/08/13 09:49:55 | 000,000,000 | ---D | C] -- C:\Users\Matt Goodwin\Documents\Searches for 08-13-2012
[2012/08/12 21:48:53 | 000,000,000 | ---D | C] -- C:\Users\Matt Goodwin\AppData\Local\visi_coupon
[2012/08/12 21:47:29 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Free Offers from Freeze.com
[2012/08/12 21:47:28 | 000,000,000 | -HSD | C] -- C:\windows\SysWow64\AI_RecycleBin
[2012/08/12 21:47:25 | 000,000,000 | ---D | C] -- C:\ProgramData\Tarma Installer
[2012/08/12 21:47:17 | 000,000,000 | ---D | C] -- C:\Users\Matt Goodwin\AppData\Roaming\DefaultTab
[2012/08/12 21:46:58 | 000,000,000 | ---D | C] -- C:\ProgramData\Yahoo!
[2012/08/12 21:46:54 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Yahoo!
[2012/08/10 14:27:11 | 000,000,000 | ---D | C] -- C:\Users\Matt Goodwin\Documents\My Scans
[7 C:\windows\*.tmp files -> C:\windows\*.tmp -> ]
[1 C:\windows\SysWow64\*.tmp files -> C:\windows\SysWow64\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2012/09/05 15:36:06 | 000,599,040 | ---- | M] (OldTimer Tools) -- C:\Users\Matt Goodwin\Desktop\OTL.exe
[2012/09/05 14:59:06 | 000,000,000 | ---- | M] () -- C:\Users\Matt Goodwin\Documents\Nuance Image Printer Writer Port
[2012/09/05 14:48:00 | 000,000,830 | ---- | M] () -- C:\windows\tasks\Adobe Flash Player Updater.job
[2012/09/05 14:06:13 | 000,732,477 | ---- | M] () -- C:\Users\Matt Goodwin\Desktop\211263.pdf
[2012/09/05 13:58:39 | 000,003,192 | ---- | M] () -- C:\{B5FA2FC5-682E-49AC-A9C3-1AB704E86A75}
[2012/09/05 10:10:49 | 000,003,168 | ---- | M] () -- C:\{88DC289C-1C9D-460E-8EDF-AF8D9299EDF9}
[2012/09/05 10:08:51 | 000,003,192 | ---- | M] () -- C:\{426B2890-CEB9-4AC5-93F3-EE7A28599302}
[2012/09/05 08:58:44 | 000,001,466 | -H-- | M] () -- C:\Users\Matt Goodwin\Documents\PP11Thumbs.ptn2
[2012/09/05 08:38:55 | 000,067,584 | --S- | M] () -- C:\windows\bootstat.dat
[2012/09/04 21:22:39 | 002,462,652 | ---- | M] () -- C:\windows\SysNative\perfh009.dat
[2012/09/04 21:22:39 | 000,749,042 | ---- | M] () -- C:\windows\SysNative\perfc009.dat
[2012/09/04 21:22:39 | 000,006,184 | ---- | M] () -- C:\windows\SysNative\PerfStringBackup.INI
[2012/09/04 20:22:08 | 000,003,192 | ---- | M] () -- C:\{E112FD48-CED0-4D0C-9584-FBDC49C593E2}
[2012/09/04 15:06:33 | 000,003,192 | ---- | M] () -- C:\{64F3BD50-87EC-44EB-8BEF-B97D910168B6}
[2012/09/04 13:46:19 | 000,003,192 | ---- | M] () -- C:\{388FFD71-34A4-4DB8-BCC5-75492A71FECE}
[2012/09/04 13:13:27 | 000,003,168 | ---- | M] () -- C:\{0611CB42-BF1E-4090-A2BC-C3B79E66992A}
[2012/09/04 13:07:58 | 000,003,192 | ---- | M] () -- C:\{1AEA1DB9-A387-4D2D-8FAC-A0F8B4E50159}
[2012/09/04 12:55:10 | 000,003,192 | ---- | M] () -- C:\{435B21CD-EC98-40A6-92B0-EF2C3712B64B}
[2012/09/04 11:13:49 | 000,015,568 | -H-- | M] () -- C:\windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2012/09/04 11:13:49 | 000,015,568 | -H-- | M] () -- C:\windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2012/09/04 11:12:43 | 000,003,168 | ---- | M] () -- C:\{D5D548BA-E666-4CA1-A0D2-52CF45651A45}
[2012/09/04 11:02:53 | 3117,404,160 | -HS- | M] () -- C:\hiberfil.sys
[2012/09/04 09:34:41 | 000,003,168 | ---- | M] () -- C:\{7799089E-E0B0-4429-9712-174BBCD61807}
[2012/09/03 15:51:13 | 000,003,168 | ---- | M] () -- C:\{1D2D849C-8EEB-482E-9953-F82581B13087}
[2012/08/30 15:32:01 | 000,003,168 | ---- | M] () -- C:\{93936D02-423B-4DAB-BC17-92A623552F3F}
[2012/08/30 13:17:02 | 000,003,168 | ---- | M] () -- C:\{31938262-EDFC-4ACE-AE35-6E632FB6236E}
[2012/08/30 13:07:43 | 000,003,168 | ---- | M] () -- C:\{76007194-A200-4AB9-AA21-2ECF29EEE6D4}
[2012/08/30 12:27:32 | 000,003,168 | ---- | M] () -- C:\{A5CA7C0F-9931-4115-9AEB-D88291E4125C}
[2012/08/30 10:55:19 | 000,003,168 | ---- | M] () -- C:\{345A6389-813B-4E25-A576-277D8C79AA9B}
[2012/08/30 10:53:35 | 000,003,192 | ---- | M] () -- C:\{BE03BC01-8873-41C8-900E-042464089E7F}
[2012/08/30 10:42:16 | 000,003,168 | ---- | M] () -- C:\{76B2AC76-E2A5-410A-BA81-0A11F2AE7042}
[2012/08/30 10:00:31 | 000,003,168 | ---- | M] () -- C:\{370C0DA4-BDE0-4694-BA49-3CA80E593737}
[2012/08/30 09:41:31 | 000,003,152 | ---- | M] () -- C:\{DB8E9FBC-AEA6-4143-ABED-A9E82C8275C0}
[2012/08/30 09:34:31 | 000,003,128 | ---- | M] () -- C:\{0B59A272-95DB-46F7-AF45-5DA35C51A8D4}
[2012/08/30 09:21:54 | 000,003,128 | ---- | M] () -- C:\{736B3B72-F853-4C7B-98F6-675516E28701}
[2012/08/30 08:30:25 | 000,003,128 | ---- | M] () -- C:\{02B0C4A6-F264-4142-8412-971E9285522A}
[2012/08/29 22:46:26 | 000,003,152 | ---- | M] () -- C:\{83A3C42D-5BA5-45D9-A7CF-A3BDA0062B4A}
[2012/08/29 22:32:39 | 000,003,128 | ---- | M] () -- C:\{310320F5-8E4E-4BAB-9761-AEB335A4377D}
[2012/08/29 22:17:09 | 000,003,128 | ---- | M] () -- C:\{5D9C7A1B-28CF-44EB-A362-D5689EB30C6A}
[2012/08/29 21:45:27 | 000,003,128 | ---- | M] () -- C:\{C87F3131-21BE-4CE3-993A-3215B9931ECF}
[2012/08/29 20:52:56 | 000,003,128 | ---- | M] () -- C:\{69951E90-408D-4B9C-ACA6-22D5FAE3FA3F}
[2012/08/29 18:30:22 | 000,003,128 | ---- | M] () -- C:\{F32460BE-E85B-4970-A4AC-D5EF451641A4}
[2012/08/29 18:27:07 | 000,003,128 | ---- | M] () -- C:\{89BEA620-732B-445F-8EB4-F21EE6910B96}
[2012/08/29 18:12:46 | 000,003,152 | ---- | M] () -- C:\{4F25CED8-9DB0-40A8-A1B2-395712CE4696}
[2012/08/29 17:17:57 | 000,003,152 | ---- | M] () -- C:\{1C448458-BA17-47ED-9729-2DDAA3B857F4}
[2012/08/29 17:15:11 | 000,003,128 | ---- | M] () -- C:\{38639907-009A-49AE-90A0-9D3497AC1EBA}
[2012/08/29 17:12:40 | 000,003,128 | ---- | M] () -- C:\{97A1072A-670B-4A7B-A3EF-D70320278FC9}
[2012/08/29 17:00:34 | 000,003,128 | ---- | M] () -- C:\{1CB26035-99AF-40FF-9D06-8EA2DDF2A5E8}
[2012/08/29 16:45:30 | 000,003,128 | ---- | M] () -- C:\{420C844B-F5F4-4889-83B2-46A66229C251}
[2012/08/29 14:09:26 | 000,003,128 | ---- | M] () -- C:\{C777B7B6-A64E-4B9B-9146-101458A4E4AB}
[2012/08/29 14:03:37 | 000,003,128 | ---- | M] () -- C:\{354F6235-80AD-48A7-B6D4-4C15643080C2}
[2012/08/29 13:39:47 | 000,003,128 | ---- | M] () -- C:\{5C553A34-1088-464B-8EB9-3D97A2A294E7}
[2012/08/29 13:34:34 | 000,003,128 | ---- | M] () -- C:\{57DE245F-655C-4571-95BF-2ED2761617F6}
[2012/08/29 13:19:21 | 000,002,240 | ---- | M] () -- C:\{58C725D2-43AA-49DB-8210-07FB1C940070}
[2012/08/29 13:05:55 | 000,002,240 | ---- | M] () -- C:\{B87C7F89-69F8-46E0-AAFC-1C7D80BF72A1}
[2012/08/29 12:48:55 | 000,003,128 | ---- | M] () -- C:\{B3E49D9F-C434-441C-BC3E-297085C1C81A}
[2012/08/29 08:51:41 | 000,003,128 | ---- | M] () -- C:\{854BE175-B0BA-4705-B64A-8B1F6B06A2E5}
[2012/08/29 08:49:01 | 000,003,128 | ---- | M] () -- C:\{99AFBCB0-38D5-4298-B121-91A3A338A1D4}
[2012/08/28 21:50:00 | 000,003,128 | ---- | M] () -- C:\{72DC70B9-5EF5-486B-94A7-0A2A1EF414E7}
[2012/08/28 09:36:46 | 000,154,332 | ---- | M] () -- C:\windows\hppins08.dat
[2012/08/28 09:36:43 | 000,000,733 | ---- | M] () -- C:\windows\hpbvspst.his
[2012/08/28 09:36:43 | 000,000,392 | ---- | M] () -- C:\windows\hpbvspst.ini
[2012/08/28 09:36:28 | 000,000,524 | ---- | M] () -- C:\windows\hpbvspst.hi1
[2012/08/28 09:36:28 | 000,000,316 | ---- | M] () -- C:\windows\hpbvspst.bu1
[2012/08/27 23:27:56 | 000,003,168 | ---- | M] () -- C:\{16155F60-CFE3-4366-B41F-BA3DC2D57B8B}
[2012/08/27 21:59:32 | 000,003,168 | ---- | M] () -- C:\{A4E99CD0-7A90-4480-AF40-F225BA00275E}
[2012/08/27 17:01:49 | 000,154,332 | ---- | M] () -- C:\windows\hppins08.dat.temp
[2012/08/27 17:01:46 | 000,000,733 | ---- | M] () -- C:\windows\hpbvspst.hi2
[2012/08/27 17:01:46 | 000,000,392 | ---- | M] () -- C:\windows\hpbvspst.bu2
[2012/08/27 07:34:50 | 000,003,168 | ---- | M] () -- C:\{4E10D4BD-7B04-48AC-8C14-5E6D25E2E0CC}
[2012/08/27 07:17:24 | 000,003,192 | ---- | M] () -- C:\{4CD07928-9D7F-4A93-8509-70FF9E9B5E16}
[2012/08/27 06:52:30 | 000,003,168 | ---- | M] () -- C:\{E7FD9D52-890D-4186-8F9C-1BB7B8B53815}
[2012/08/27 06:26:54 | 000,003,168 | ---- | M] () -- C:\{2ECC07C2-2376-453D-A024-3482934EEE94}
[2012/08/27 06:16:02 | 000,003,168 | ---- | M] () -- C:\{44E2112D-4926-4A22-ACC2-91F492C117C4}
[2012/08/27 06:13:14 | 000,003,192 | ---- | M] () -- C:\{552180D7-079B-470E-B925-C16E62055820}
[2012/08/27 05:58:43 | 000,003,192 | ---- | M] () -- C:\{54417B5D-1574-4975-B838-5A85BC35C44E}
[2012/08/27 05:54:55 | 000,003,168 | ---- | M] () -- C:\{59261EB2-D702-4F51-92A3-5AFCA98A6A3F}
[2012/08/27 05:31:13 | 000,003,192 | ---- | M] () -- C:\{3D46AAFC-420C-4157-941C-A9FDEC9C685E}
[2012/08/27 05:29:55 | 000,003,192 | ---- | M] () -- C:\{9FA1BCC7-7C64-4EBF-98AC-737AE7467DC9}
[2012/08/27 05:28:23 | 000,003,168 | ---- | M] () -- C:\{38EF06F8-DB97-4651-8E21-43E1368302E9}
[2012/08/27 05:20:41 | 000,003,192 | ---- | M] () -- C:\{31872568-8051-4EC4-9549-79B36D42ED72}
[2012/08/27 05:13:04 | 000,003,168 | ---- | M] () -- C:\{D264F097-922E-4D58-8A1A-E95526747BD8}
[2012/08/27 05:12:01 | 000,003,192 | ---- | M] () -- C:\{797B1DE8-5F2E-4501-9907-85C5E013420D}
[2012/08/27 05:10:58 | 000,003,168 | ---- | M] () -- C:\{790FB7C3-1CE7-42FF-AADD-63D6F6379AA6}
[2012/08/27 04:55:45 | 000,003,192 | ---- | M] () -- C:\{B9D7868D-FF08-42E6-809F-19F1E8E4A194}
[2012/08/27 04:40:44 | 000,003,168 | ---- | M] () -- C:\{3B2E1758-C42A-4DC6-A2D9-FC62CE2E1FC4}
[2012/08/27 04:27:11 | 000,003,192 | ---- | M] () -- C:\{9E016C95-8B89-4ECB-AA22-07261880BAFE}
[2012/08/27 04:11:33 | 000,003,168 | ---- | M] () -- C:\{7E5E009B-A596-45F6-91D1-C26EC30EF060}
[2012/08/27 03:58:56 | 000,003,192 | ---- | M] () -- C:\{8F9169D2-481E-4913-8E3E-117400ADF2AB}
[2012/08/27 03:43:34 | 000,003,168 | ---- | M] () -- C:\{18745425-3D5E-4CFC-A87F-72EDD710153C}
[2012/08/27 03:27:57 | 000,003,192 | ---- | M] () -- C:\{BD3D45C5-8BF7-4198-B845-A70B9CC0B163}
[2012/08/27 03:14:12 | 000,003,168 | ---- | M] () -- C:\{E4E2262B-492B-4C90-9514-EB9FF3AD4C57}
[2012/08/27 03:02:24 | 000,003,192 | ---- | M] () -- C:\{7F1DA728-5FF8-4CF0-942A-97B1AC4E8BD4}
[2012/08/27 02:54:44 | 000,003,168 | ---- | M] () -- C:\{22BF0279-E4FE-4B17-8417-D7768C8926D2}
[2012/08/27 02:42:29 | 000,002,360 | ---- | M] () -- C:\{51D68F4E-39A6-47C4-8BE4-434109A4F3F5}
[2012/08/27 02:37:59 | 000,002,256 | ---- | M] () -- C:\{85E7252F-AEE1-4889-AE03-2438BC724C94}
[2012/08/27 02:31:32 | 000,003,192 | ---- | M] () -- C:\{A1D87CF4-367A-4168-9389-F4AE1F663DD8}
[2012/08/27 02:25:08 | 000,003,168 | ---- | M] () -- C:\{007F42BC-BDD9-4CD0-8DA8-25732A07FFE3}
[2012/08/27 02:18:37 | 000,003,192 | ---- | M] () -- C:\{35D4D92D-61FC-4DE8-A2E9-6FB58000A91E}
[2012/08/27 02:11:55 | 000,003,168 | ---- | M] () -- C:\{09C6F392-9DFB-41F9-A7C2-A6E3614342AF}
[2012/08/27 02:04:09 | 000,003,192 | ---- | M] () -- C:\{E939DFD1-04B7-44EA-921A-F8634EA93F12}
[2012/08/27 02:00:27 | 000,003,168 | ---- | M] () -- C:\{AA7CE832-1273-488E-8704-0A10270793A6}
[2012/08/27 01:56:39 | 000,003,192 | ---- | M] () -- C:\{D7F31B1C-AE9F-4BBA-9F99-4DD2CEC30F55}
[2012/08/27 01:51:44 | 000,003,168 | ---- | M] () -- C:\{1B9FFD69-3BDC-4AAB-922F-9F190C0D0819}
[2012/08/27 01:43:28 | 000,002,424 | ---- | M] () -- C:\{06E94532-6D8D-4F1F-A834-94FEA44CFF4A}
[2012/08/27 01:38:23 | 000,002,856 | ---- | M] () -- C:\{0BE7830D-7895-4F8E-9013-6DCEBEBC7FB6}
[2012/08/27 01:29:32 | 000,003,192 | ---- | M] () -- C:\{61FB13D2-7940-4EF6-81ED-3391BC7BDDB8}
[2012/08/27 01:23:13 | 000,003,168 | ---- | M] () -- C:\{02A88FF2-2827-476D-A88E-474ACA1FC57F}
[2012/08/27 01:16:30 | 000,003,192 | ---- | M] () -- C:\{DAE744A3-3450-434C-BF1F-BBB1E75AEB97}
[2012/08/27 01:09:58 | 000,003,168 | ---- | M] () -- C:\{B2424844-1023-40A3-A610-1B20E331C877}
[2012/08/27 01:03:18 | 000,003,192 | ---- | M] () -- C:\{2D38A9B7-4C7A-4C7B-A97C-9F1A9D9CC54F}
[2012/08/27 00:56:11 | 000,003,168 | ---- | M] () -- C:\{32A37D5E-7E65-42DF-9787-CEA4154BFDBF}
[2012/08/27 00:49:40 | 000,003,192 | ---- | M] () -- C:\{3EBC872C-E6F7-4DE5-86DB-F9603E80443E}
[2012/08/27 00:43:02 | 000,003,168 | ---- | M] () -- C:\{663525C9-77A0-4FC2-BB3D-8C1FA26FDFD7}
[2012/08/27 00:36:11 | 000,003,192 | ---- | M] () -- C:\{7203AB3B-22C2-4535-96B1-6A0B7EA95F21}
[2012/08/27 00:29:26 | 000,003,168 | ---- | M] () -- C:\{0F348110-A2AA-4751-B4FC-4ED368625A8D}
[2012/08/27 00:22:44 | 000,003,192 | ---- | M] () -- C:\{E8FE0B1A-5490-4A9B-A993-180DBB473604}
[2012/08/27 00:16:08 | 000,003,168 | ---- | M] () -- C:\{4871B192-0475-4C77-A79B-B369005BCDE2}
[2012/08/27 00:09:22 | 000,003,192 | ---- | M] () -- C:\{44F642B2-A475-411F-92B8-7BAA68868F29}
[2012/08/27 00:02:53 | 000,003,168 | ---- | M] () -- C:\{E5EBBBA1-3C9A-4026-B072-AC8BCE3B515A}
[2012/08/26 23:56:37 | 000,003,168 | ---- | M] () -- C:\{A6BF8615-A99D-4ABF-AFA0-5F2ED58FDFD1}
[2012/08/26 23:49:49 | 000,003,192 | ---- | M] () -- C:\{13897D9B-8BF9-4C63-A49B-FA2507254154}
[2012/08/26 23:42:49 | 000,003,192 | ---- | M] () -- C:\{54C3433A-6975-49A7-B15D-4656AEC94308}
[2012/08/26 23:35:48 | 000,003,168 | ---- | M] () -- C:\{772B44D7-714D-4FD7-AE86-495986A00A2D}
[2012/08/26 23:27:41 | 000,003,192 | ---- | M] () -- C:\{4ED516C9-0012-44CB-B436-AC888FC23194}
[2012/08/26 23:21:07 | 000,003,168 | ---- | M] () -- C:\{59261146-4BF1-495C-A5EE-9A120693FD57}
[2012/08/26 23:14:29 | 000,003,168 | ---- | M] () -- C:\{3786DFB1-7BD6-4C45-88A1-9774B8F7819E}
[2012/08/26 23:08:01 | 000,003,192 | ---- | M] () -- C:\{16B81A89-5599-43B9-8E86-BCA917514A8E}
[2012/08/26 23:01:04 | 000,003,192 | ---- | M] () -- C:\{CAD94E47-E3B5-4B3E-95C3-19AF5A8CFA15}
[2012/08/26 22:54:37 | 000,003,168 | ---- | M] () -- C:\{8C26E315-CC85-457F-8335-D00D2DCFC42A}
[2012/08/26 22:47:54 | 000,003,192 | ---- | M] () -- C:\{ACDE1898-21CF-4981-90DB-07ECEA89624B}
[2012/08/26 22:41:20 | 000,003,168 | ---- | M] () -- C:\{94D683BB-5C78-42A1-A5FF-8D0EB6C9446F}
[2012/08/26 22:34:37 | 000,003,168 | ---- | M] () -- C:\{D532E393-D7FE-417D-9823-900DD64E70AA}
[2012/08/26 22:28:08 | 000,003,192 | ---- | M] () -- C:\{4E12E152-6A0D-4DBE-858A-439FDF1F04B0}
[2012/08/26 22:21:30 | 000,003,192 | ---- | M] () -- C:\{0672694C-2E3B-48CD-8E7C-8AA6D89098D7}
[2012/08/26 22:14:29 | 000,003,168 | ---- | M] () -- C:\{86FEF14E-9BB7-41AA-BAFD-7C27FD1CAAFB}
[2012/08/26 22:07:41 | 000,003,192 | ---- | M] () -- C:\{261CE2A9-3778-48EB-AC6B-40C46C91BAE0}
[2012/08/26 22:00:22 | 000,003,168 | ---- | M] () -- C:\{472BCEE4-02FA-4112-9CDA-FE41DDA63D41}
[2012/08/26 21:53:22 | 000,003,192 | ---- | M] () -- C:\{EC573A94-76B7-4370-810B-9184F395B960}
[2012/08/26 21:47:58 | 000,003,168 | ---- | M] () -- C:\{8AF87C00-6DB3-4ADE-8223-7C807D8235F0}
[2012/08/26 21:42:34 | 000,003,192 | ---- | M] () -- C:\{9B8D3CF4-96B2-42A1-BA9E-723F5AB1F36A}
[2012/08/26 21:36:19 | 000,003,168 | ---- | M] () -- C:\{937343FE-BDBE-4861-AF0D-4961C520FFDE}
[2012/08/26 21:30:22 | 000,003,192 | ---- | M] () -- C:\{988B1A48-675B-4892-B886-BF6DA6AFED62}
[2012/08/26 21:23:35 | 000,003,168 | ---- | M] () -- C:\{6DE38B91-9503-45CE-A11A-A6DF08836D0D}
[2012/08/26 21:19:22 | 000,003,168 | ---- | M] () -- C:\{F67C339E-9310-4845-A607-E4B4A3ECA116}
[2012/08/26 21:11:27 | 000,003,192 | ---- | M] () -- C:\{FB0C94E5-21F0-408B-98A1-A429A1504334}
[2012/08/26 21:05:10 | 000,003,192 | ---- | M] () -- C:\{93289DDB-CD97-419F-904B-3E8A88E2FBF7}
[2012/08/26 21:00:23 | 000,003,168 | ---- | M] () -- C:\{1A975C1E-0987-4E70-ACE9-BE0AEC32124D}
[2012/08/26 20:56:55 | 000,003,192 | ---- | M] () -- C:\{79390CA4-2F04-4D2D-95E3-5281B3D6BE5D}
[2012/08/26 20:50:33 | 000,003,168 | ---- | M] () -- C:\{79068B1D-655E-46A6-942C-067D2A9E3DFF}
[2012/08/26 20:44:22 | 000,003,192 | ---- | M] () -- C:\{B35FA9B7-A64B-4221-8799-69250DA69FD7}
[2012/08/26 20:38:05 | 000,003,168 | ---- | M] () -- C:\{BCC40A1C-50B4-4C43-AAEB-5EB1111D8270}
[2012/08/26 20:32:33 | 000,003,192 | ---- | M] () -- C:\{26634504-1B0C-4C4E-A57E-822AEA6A5733}
[2012/08/26 20:26:09 | 000,003,168 | ---- | M] () -- C:\{29A3860B-6290-46FA-A32C-D9D1CA659550}
[2012/08/24 16:15:49 | 000,003,168 | ---- | M] () -- C:\{B0FEF934-D317-4415-A26E-8B50E1706084}
[2012/08/23 23:00:11 | 000,027,256 | ---- | M] (Symantec Corporation) -- C:\windows\SysNative\drivers\FixZeroAccess.sys
[2012/08/23 16:51:01 | 000,001,325 | ---- | M] () -- C:\Users\Public\Desktop\VMware View Client.lnk
[2012/08/22 20:49:57 | 000,003,192 | ---- | M] () -- C:\{1C69F3EB-5739-4094-B10B-DBD8C5F5FF04}
[2012/08/22 20:45:39 | 000,003,168 | ---- | M] () -- C:\{A8491215-D97C-4039-88F3-27BCE0FCFABA}
[2012/08/22 20:31:29 | 000,003,168 | ---- | M] () -- C:\{A00FDA31-71E0-4CA7-94C0-B44A093559B8}
[2012/08/22 20:03:45 | 000,003,168 | ---- | M] () -- C:\{1393051B-A571-4241-AC4E-9128FA954CB7}
[2012/08/22 20:02:19 | 000,003,168 | ---- | M] () -- C:\{A17B9DAE-9BB3-469E-A6F7-C8E7D1FB269D}
[2012/08/22 19:35:55 | 000,003,160 | ---- | M] () -- C:\{B5383519-1BC3-4B65-9129-835E8F855564}
[2012/08/22 19:04:27 | 000,003,128 | ---- | M] () -- C:\{9B485D98-9770-43AD-89CE-B90FA125A568}
[2012/08/22 18:25:37 | 000,003,168 | ---- | M] () -- C:\{7C86F62B-7B97-45B0-96DA-13EA5C99F24D}
[2012/08/22 18:17:46 | 000,003,168 | ---- | M] () -- C:\{827AB113-E3E9-48D9-B368-4341AABC51BE}
[2012/08/22 17:30:01 | 000,003,160 | ---- | M] () -- C:\{7E52FE86-80AF-4BC3-B63F-451B032040A9}
[2012/08/22 17:23:33 | 000,003,192 | ---- | M] () -- C:\{AD91554F-2373-4F27-A7A6-CF68D994FA96}
[2012/08/22 17:17:28 | 000,003,168 | ---- | M] () -- C:\{882DFF59-1A98-475C-BC36-6DE64BB86B10}
[2012/08/22 17:10:59 | 000,003,472 | ---- | M] () -- C:\{8F1EA7DB-17C2-4A57-A9B6-19935AFF95BA}
[2012/08/22 17:04:15 | 000,003,320 | ---- | M] () -- C:\{3F22011B-48B3-4970-A2F9-1C4A3D0FF3E0}
[2012/08/22 16:57:28 | 000,003,160 | ---- | M] () -- C:\{06602612-1253-413A-B68C-FA3DEA19FA71}
[2012/08/22 16:49:49 | 000,003,192 | ---- | M] () -- C:\{E4ADB819-5699-49FC-AE8D-8283DBE20EF1}
[2012/08/22 16:42:59 | 000,003,168 | ---- | M] () -- C:\{0B8DA6EC-CEA7-4488-8E4F-6378B173EF1A}
[2012/08/22 16:36:10 | 000,003,168 | ---- | M] () -- C:\{CEC5649A-E6BD-4030-8E41-CFD839F28B6E}
[2012/08/22 16:29:30 | 000,003,160 | ---- | M] () -- C:\{6DFAB4FC-63DA-484F-A62D-9DA1E0966AEC}
[2012/08/22 16:20:15 | 000,003,192 | ---- | M] () -- C:\{2706DD1E-7A0D-42F9-9ECF-1BD7D17B39D7}
[2012/08/22 16:08:36 | 000,003,168 | ---- | M] () -- C:\{B9B01496-A7BF-40DC-9357-181921400CD3}
[2012/08/22 15:57:47 | 000,003,168 | ---- | M] () -- C:\{A8B8C87A-A5AD-4495-8C98-39959EE60FCF}
[2012/08/22 15:51:15 | 000,003,160 | ---- | M] () -- C:\{3B89C180-07E4-4582-A151-17FE5048CC72}
[2012/08/22 15:44:56 | 000,003,192 | ---- | M] () -- C:\{9AFD7FF8-536D-4DCE-9604-1FC1DE758EFA}
[2012/08/22 15:38:13 | 000,003,168 | ---- | M] () -- C:\{E545CE53-6B5B-49F5-89C0-96CE54C05B02}
[2012/08/22 15:30:39 | 000,003,168 | ---- | M] () -- C:\{FDAECA24-A9B5-490A-8199-FBEBA537F95E}
[2012/08/22 15:23:46 | 000,003,160 | ---- | M] () -- C:\{413E0413-521D-4349-A0E2-AEAC2A57CAE4}
[2012/08/22 15:16:47 | 000,003,168 | ---- | M] () -- C:\{3F6C5E6C-3D55-451C-A62E-C6B22EA71ED8}
[2012/08/22 15:09:36 | 000,003,192 | ---- | M] () -- C:\{95A17765-B72D-44DA-9322-F050020641D7}
[2012/08/22 15:03:01 | 000,003,160 | ---- | M] () -- C:\{E28A78EE-B56C-48C6-8D8D-19E7A5A894F8}
[2012/08/22 14:55:16 | 000,003,168 | ---- | M] () -- C:\{1CBC0AA7-79AB-440C-A01E-06D794D01E7D}
[2012/08/22 14:48:13 | 000,003,192 | ---- | M] () -- C:\{C6CC8BA4-2F12-460D-AE1A-D14C32EB34A9}
[2012/08/22 14:41:51 | 000,003,168 | ---- | M] () -- C:\{0D27268C-EB15-4FA6-8042-FB437A459BF5}
[2012/08/22 14:33:51 | 000,003,168 | ---- | M] () -- C:\{BCCDAAEF-F439-4207-975E-EB7D3227DD0F}
[2012/08/22 14:26:31 | 000,003,160 | ---- | M] () -- C:\{27A34C47-4460-4763-962D-8AF2DCAC036B}
[2012/08/22 14:16:08 | 000,003,192 | ---- | M] () -- C:\{DDF000FE-6102-433D-A4BF-3050172F3254}
[2012/08/22 14:06:41 | 000,003,168 | ---- | M] () -- C:\{CC23A4FB-F944-4415-B878-E9EC79720501}
[2012/08/22 13:55:12 | 000,002,360 | ---- | M] () -- C:\{3B8F8721-CC1B-4151-88E2-667BD7B81F92}
[2012/08/22 13:38:48 | 000,002,256 | ---- | M] () -- C:\{46271224-84D4-4DFF-B784-9A33AB3E8CD7}
[2012/08/22 13:28:48 | 000,003,168 | ---- | M] () -- C:\{55F02BA1-06A7-4B0E-9963-797109B6558E}
[2012/08/22 13:18:47 | 000,003,160 | ---- | M] () -- C:\{ECABE8D8-A484-4A25-943E-6D02EEE3A1A4}
[2012/08/22 13:09:04 | 000,003,192 | ---- | M] () -- C:\{34D6C40C-B3C8-469A-9E8E-CA46609EF1E8}
[2012/08/22 13:00:16 | 000,003,168 | ---- | M] () -- C:\{404C2799-5F6F-4D9C-8654-08574844585A}
[2012/08/22 12:50:28 | 000,003,168 | ---- | M] () -- C:\{B1D7B7CD-6B6A-4F53-BFE1-558339111CE2}
[2012/08/22 12:39:37 | 000,003,160 | ---- | M] () -- C:\{173D4F36-8402-448D-B712-FBA87FEE2C01}
[2012/08/22 12:30:34 | 000,003,192 | ---- | M] () -- C:\{0560BFBA-178E-4B01-AB78-41A31B0C331B}
[2012/08/22 12:21:18 | 000,003,168 | ---- | M] () -- C:\{EE7885EB-B2E8-49FD-9243-BC1E91D0790C}
[2012/08/22 11:57:39 | 000,003,168 | ---- | M] () -- C:\{E1C5E2EF-3F31-4A00-ADA0-6E4FDB6CF74E}
[2012/08/22 11:16:31 | 000,003,192 | ---- | M] () -- C:\{93A4726C-B5CB-4E46-94EC-A58FA89157F4}
[2012/08/22 11:14:59 | 000,003,168 | ---- | M] () -- C:\{DA801D02-C985-49F3-874E-617038975132}
[2012/08/22 11:03:54 | 000,003,192 | ---- | M] () -- C:\{683545E1-C95F-4F1A-BE62-4AC57BE7BB07}
[2012/08/22 10:58:09 | 000,003,168 | ---- | M] () -- C:\{85F3975B-3814-40DF-84D2-D6D9117803E1}
[2012/08/20 22:08:41 | 000,003,160 | ---- | M] () -- C:\{92D61E61-717D-4330-AA8D-C196C999CAC8}
[2012/08/20 22:05:18 | 000,003,168 | ---- | M] () -- C:\{D4CAAB1C-6BEC-4789-8448-6381A0CE9F0F}
[2012/08/20 21:57:00 | 000,003,192 | ---- | M] () -- C:\{C5A9D8DE-AEA0-47CC-8224-B359C6D64BB3}
[2012/08/20 21:47:42 | 000,003,168 | ---- | M] () -- C:\{81BB429E-31E4-4A02-8F6F-EB1566E8A237}
[2012/08/20 21:15:52 | 000,003,168 | ---- | M] () -- C:\{B3FE7E9C-5EAE-4CC3-98EA-43B23AA64D8A}
[2012/08/20 14:24:20 | 000,000,258 | RHS- | M] () -- C:\ProgramData\ntuser.pol
[2012/08/19 12:58:08 | 000,003,192 | ---- | M] () -- C:\{9334061B-8657-4959-9CA5-6B4AFDD6B6DB}
[2012/08/19 12:43:29 | 000,003,168 | ---- | M] () -- C:\{4B6A520C-53D3-4D1E-A555-1F13FFEE3249}
[2012/08/19 12:40:01 | 000,003,168 | ---- | M] () -- C:\{37750AEC-AA8B-4E99-85AF-18EF33B6793E}
[2012/08/19 12:14:25 | 000,003,168 | ---- | M] () -- C:\{ED1BCF3C-12BC-40B1-87A6-7B6226D930E8}
[2012/08/19 12:05:30 | 000,003,168 | ---- | M] () -- C:\{74F6E4F8-3357-4F52-BE21-C1B6585A8993}
[2012/08/19 11:25:11 | 000,003,192 | ---- | M] () -- C:\{8331D4A7-FA9A-449A-993B-8A54174B53B2}
[2012/08/18 20:28:55 | 000,003,192 | ---- | M] () -- C:\{B41BCE8B-8327-4027-9D00-19FE4A000E0D}
[2012/08/18 20:25:23 | 000,003,168 | ---- | M] () -- C:\{6A48205F-D6FA-4B2F-85A7-3A1E4F49AD87}
[2012/08/18 20:15:41 | 000,003,168 | ---- | M] () -- C:\{870E820D-4737-485E-8C20-3363AA2968CB}
[2012/08/14 14:51:56 | 000,430,672 | ---- | M] () -- C:\windows\SysNative\FNTCACHE.DAT
[2012/08/14 14:39:00 | 000,003,168 | ---- | M] () -- C:\{5F43D11C-968B-4FC2-8033-853DDA105279}
[2012/08/14 14:28:30 | 000,003,168 | ---- | M] () -- C:\{7EAA41B2-BAFC-48FF-9DD1-835736ACB458}
[2012/08/14 14:25:45 | 000,003,168 | ---- | M] () -- C:\{3BBB27CF-EF53-4C93-A8B0-4DA74AB93423}
[2012/08/14 13:03:10 | 000,003,168 | ---- | M] () -- C:\{97476F37-2466-4CA9-8208-C1E1C41AF0EF}
[2012/08/14 12:58:10 | 000,003,192 | ---- | M] () -- C:\{94C3A42A-1F86-418B-AD0A-007DCBBA01C6}
[2012/08/14 12:57:01 | 000,003,168 | ---- | M] () -- C:\{914EB9D7-E303-4BAF-8A78-4B7F10F20CEE}
[2012/08/14 12:55:32 | 000,003,168 | ---- | M] () -- C:\{1E12AFF7-C1B1-48DB-A7F9-8AF399D10CEE}
[2012/08/14 11:57:06 | 000,003,168 | ---- | M] () -- C:\{6683579B-4F07-4D42-8E1F-F2434F58F006}
[2012/08/14 11:55:39 | 000,003,168 | ---- | M] () -- C:\{0284EB07-E85C-426F-849B-2440CFF00573}
[7 C:\windows\*.tmp files -> C:\windows\*.tmp -> ]
[1 C:\windows\SysWow64\*.tmp files -> C:\windows\SysWow64\*.tmp -> ]

========== Files Created - No Company Name ==========

[2012/09/05 14:06:22 | 000,732,477 | ---- | C] () -- C:\Users\Matt Goodwin\Desktop\211263.pdf
[2012/09/05 13:58:38 | 000,003,192 | ---- | C] () -- C:\{B5FA2FC5-682E-49AC-A9C3-1AB704E86A75}
[2012/09/05 10:10:38 | 000,003,168 | ---- | C] () -- C:\{88DC289C-1C9D-460E-8EDF-AF8D9299EDF9}
[2012/09/05 10:08:46 | 000,003,192 | ---- | C] () -- C:\{426B2890-CEB9-4AC5-93F3-EE7A28599302}
[2012/09/04 20:21:55 | 000,003,192 | ---- | C] () -- C:\{E112FD48-CED0-4D0C-9584-FBDC49C593E2}
[2012/09/04 15:06:33 | 000,003,192 | ---- | C] () -- C:\{64F3BD50-87EC-44EB-8BEF-B97D910168B6}
[2012/09/04 13:46:19 | 000,003,192 | ---- | C] () -- C:\{388FFD71-34A4-4DB8-BCC5-75492A71FECE}
[2012/09/04 13:13:25 | 000,003,168 | ---- | C] () -- C:\{0611CB42-BF1E-4090-A2BC-C3B79E66992A}
[2012/09/04 13:07:56 | 000,003,192 | ---- | C] () -- C:\{1AEA1DB9-A387-4D2D-8FAC-A0F8B4E50159}
[2012/09/04 12:55:10 | 000,003,192 | ---- | C] () -- C:\{435B21CD-EC98-40A6-92B0-EF2C3712B64B}
[2012/09/04 11:12:42 | 000,003,168 | ---- | C] () -- C:\{D5D548BA-E666-4CA1-A0D2-52CF45651A45}
[2012/09/04 09:34:41 | 000,003,168 | ---- | C] () -- C:\{7799089E-E0B0-4429-9712-174BBCD61807}
[2012/09/03 15:51:13 | 000,003,168 | ---- | C] () -- C:\{1D2D849C-8EEB-482E-9953-F82581B13087}
[2012/08/30 15:32:01 | 000,003,168 | ---- | C] () -- C:\{93936D02-423B-4DAB-BC17-92A623552F3F}
[2012/08/30 13:17:02 | 000,003,168 | ---- | C] () -- C:\{31938262-EDFC-4ACE-AE35-6E632FB6236E}
[2012/08/30 13:07:42 | 000,003,168 | ---- | C] () -- C:\{76007194-A200-4AB9-AA21-2ECF29EEE6D4}
[2012/08/30 12:27:30 | 000,003,168 | ---- | C] () -- C:\{A5CA7C0F-9931-4115-9AEB-D88291E4125C}
[2012/08/30 10:55:19 | 000,003,168 | ---- | C] () -- C:\{345A6389-813B-4E25-A576-277D8C79AA9B}
[2012/08/30 10:53:34 | 000,003,192 | ---- | C] () -- C:\{BE03BC01-8873-41C8-900E-042464089E7F}
[2012/08/30 10:42:15 | 000,003,168 | ---- | C] () -- C:\{76B2AC76-E2A5-410A-BA81-0A11F2AE7042}
[2012/08/30 10:00:31 | 000,003,168 | ---- | C] () -- C:\{370C0DA4-BDE0-4694-BA49-3CA80E593737}
[2012/08/30 09:41:30 | 000,003,152 | ---- | C] () -- C:\{DB8E9FBC-AEA6-4143-ABED-A9E82C8275C0}
[2012/08/30 09:34:30 | 000,003,128 | ---- | C] () -- C:\{0B59A272-95DB-46F7-AF45-5DA35C51A8D4}
[2012/08/30 09:21:52 | 000,003,128 | ---- | C] () -- C:\{736B3B72-F853-4C7B-98F6-675516E28701}
[2012/08/30 08:30:25 | 000,003,128 | ---- | C] () -- C:\{02B0C4A6-F264-4142-8412-971E9285522A}
[2012/08/29 22:46:25 | 000,003,152 | ---- | C] () -- C:\{83A3C42D-5BA5-45D9-A7CF-A3BDA0062B4A}
[2012/08/29 22:32:37 | 000,003,128 | ---- | C] () -- C:\{310320F5-8E4E-4BAB-9761-AEB335A4377D}
[2012/08/29 22:17:08 | 000,003,128 | ---- | C] () -- C:\{5D9C7A1B-28CF-44EB-A362-D5689EB30C6A}
[2012/08/29 21:45:25 | 000,003,128 | ---- | C] () -- C:\{C87F3131-21BE-4CE3-993A-3215B9931ECF}
[2012/08/29 20:52:56 | 000,003,128 | ---- | C] () -- C:\{69951E90-408D-4B9C-ACA6-22D5FAE3FA3F}
[2012/08/29 18:30:22 | 000,003,128 | ---- | C] () -- C:\{F32460BE-E85B-4970-A4AC-D5EF451641A4}
[2012/08/29 18:27:06 | 000,003,128 | ---- | C] () -- C:\{89BEA620-732B-445F-8EB4-F21EE6910B96}
[2012/08/29 18:12:44 | 000,003,152 | ---- | C] () -- C:\{4F25CED8-9DB0-40A8-A1B2-395712CE4696}
[2012/08/29 17:17:57 | 000,003,152 | ---- | C] () -- C:\{1C448458-BA17-47ED-9729-2DDAA3B857F4}
[2012/08/29 17:15:09 | 000,003,128 | ---- | C] () -- C:\{38639907-009A-49AE-90A0-9D3497AC1EBA}
[2012/08/29 17:12:39 | 000,003,128 | ---- | C] () -- C:\{97A1072A-670B-4A7B-A3EF-D70320278FC9}
[2012/08/29 17:00:33 | 000,003,128 | ---- | C] () -- C:\{1CB26035-99AF-40FF-9D06-8EA2DDF2A5E8}
[2012/08/29 16:45:30 | 000,003,128 | ---- | C] () -- C:\{420C844B-F5F4-4889-83B2-46A66229C251}
[2012/08/29 14:09:26 | 000,003,128 | ---- | C] () -- C:\{C777B7B6-A64E-4B9B-9146-101458A4E4AB}
[2012/08/29 14:03:36 | 000,003,128 | ---- | C] () -- C:\{354F6235-80AD-48A7-B6D4-4C15643080C2}
[2012/08/29 13:39:45 | 000,003,128 | ---- | C] () -- C:\{5C553A34-1088-464B-8EB9-3D97A2A294E7}
[2012/08/29 13:34:33 | 000,003,128 | ---- | C] () -- C:\{57DE245F-655C-4571-95BF-2ED2761617F6}
[2012/08/29 13:19:19 | 000,002,240 | ---- | C] () -- C:\{58C725D2-43AA-49DB-8210-07FB1C940070}
[2012/08/29 13:05:52 | 000,002,240 | ---- | C] () -- C:\{B87C7F89-69F8-46E0-AAFC-1C7D80BF72A1}
[2012/08/29 12:48:55 | 000,003,128 | ---- | C] () -- C:\{B3E49D9F-C434-441C-BC3E-297085C1C81A}
[2012/08/29 08:51:40 | 000,003,128 | ---- | C] () -- C:\{854BE175-B0BA-4705-B64A-8B1F6B06A2E5}
[2012/08/29 08:49:00 | 000,003,128 | ---- | C] () -- C:\{99AFBCB0-38D5-4298-B121-91A3A338A1D4}
[2012/08/28 21:49:59 | 000,003,128 | ---- | C] () -- C:\{72DC70B9-5EF5-486B-94A7-0A2A1EF414E7}
[2012/08/27 23:27:56 | 000,003,168 | ---- | C] () -- C:\{16155F60-CFE3-4366-B41F-BA3DC2D57B8B}
[2012/08/27 21:59:32 | 000,003,168 | ---- | C] () -- C:\{A4E99CD0-7A90-4480-AF40-F225BA00275E}
[2012/08/27 07:34:50 | 000,003,168 | ---- | C] () -- C:\{4E10D4BD-7B04-48AC-8C14-5E6D25E2E0CC}
[2012/08/27 07:17:24 | 000,003,192 | ---- | C] () -- C:\{4CD07928-9D7F-4A93-8509-70FF9E9B5E16}
[2012/08/27 06:52:29 | 000,003,168 | ---- | C] () -- C:\{E7FD9D52-890D-4186-8F9C-1BB7B8B53815}
[2012/08/27 06:26:53 | 000,003,168 | ---- | C] () -- C:\{2ECC07C2-2376-453D-A024-3482934EEE94}
[2012/08/27 06:16:00 | 000,003,168 | ---- | C] () -- C:\{44E2112D-4926-4A22-ACC2-91F492C117C4}
[2012/08/27 06:13:12 | 000,003,192 | ---- | C] () -- C:\{552180D7-079B-470E-B925-C16E62055820}
[2012/08/27 05:58:42 | 000,003,192 | ---- | C] () -- C:\{54417B5D-1574-4975-B838-5A85BC35C44E}
[2012/08/27 05:54:54 | 000,003,168 | ---- | C] () -- C:\{59261EB2-D702-4F51-92A3-5AFCA98A6A3F}
[2012/08/27 05:31:03 | 000,003,192 | ---- | C] () -- C:\{3D46AAFC-420C-4157-941C-A9FDEC9C685E}
[2012/08/27 05:29:39 | 000,003,192 | ---- | C] () -- C:\{9FA1BCC7-7C64-4EBF-98AC-737AE7467DC9}
[2012/08/27 05:28:20 | 000,003,168 | ---- | C] () -- C:\{38EF06F8-DB97-4651-8E21-43E1368302E9}
[2012/08/27 05:20:33 | 000,003,192 | ---- | C] () -- C:\{31872568-8051-4EC4-9549-79B36D42ED72}
[2012/08/27 05:13:02 | 000,003,168 | ---- | C] () -- C:\{D264F097-922E-4D58-8A1A-E95526747BD8}
[2012/08/27 05:11:58 | 000,003,192 | ---- | C] () -- C:\{797B1DE8-5F2E-4501-9907-85C5E013420D}
[2012/08/27 05:10:55 | 000,003,168 | ---- | C] () -- C:\{790FB7C3-1CE7-42FF-AADD-63D6F6379AA6}
[2012/08/27 04:55:41 | 000,003,192 | ---- | C] () -- C:\{B9D7868D-FF08-42E6-809F-19F1E8E4A194}
[2012/08/27 04:40:43 | 000,003,168 | ---- | C] () -- C:\{3B2E1758-C42A-4DC6-A2D9-FC62CE2E1FC4}
[2012/08/27 04:27:10 | 000,003,192 | ---- | C] () -- C:\{9E016C95-8B89-4ECB-AA22-07261880BAFE}
[2012/08/27 04:11:31 | 000,003,168 | ---- | C] () -- C:\{7E5E009B-A596-45F6-91D1-C26EC30EF060}
[2012/08/27 03:58:54 | 000,003,192 | ---- | C] () -- C:\{8F9169D2-481E-4913-8E3E-117400ADF2AB}
[2012/08/27 03:43:30 | 000,003,168 | ---- | C] () -- C:\{18745425-3D5E-4CFC-A87F-72EDD710153C}
[2012/08/27 03:27:56 | 000,003,192 | ---- | C] () -- C:\{BD3D45C5-8BF7-4198-B845-A70B9CC0B163}
[2012/08/27 03:14:10 | 000,003,168 | ---- | C] () -- C:\{E4E2262B-492B-4C90-9514-EB9FF3AD4C57}
[2012/08/27 03:02:23 | 000,003,192 | ---- | C] () -- C:\{7F1DA728-5FF8-4CF0-942A-97B1AC4E8BD4}
[2012/08/27 02:54:42 | 000,003,168 | ---- | C] () -- C:\{22BF0279-E4FE-4B17-8417-D7768C8926D2}
[2012/08/27 02:42:28 | 000,002,360 | ---- | C] () -- C:\{51D68F4E-39A6-47C4-8BE4-434109A4F3F5}
[2012/08/27 02:37:58 | 000,002,256 | ---- | C] () -- C:\{85E7252F-AEE1-4889-AE03-2438BC724C94}
[2012/08/27 02:31:31 | 000,003,192 | ---- | C] () -- C:\{A1D87CF4-367A-4168-9389-F4AE1F663DD8}
[2012/08/27 02:25:07 | 000,003,168 | ---- | C] () -- C:\{007F42BC-BDD9-4CD0-8DA8-25732A07FFE3}
[2012/08/27 02:18:36 | 000,003,192 | ---- | C] () -- C:\{35D4D92D-61FC-4DE8-A2E9-6FB58000A91E}
[2012/08/27 02:11:53 | 000,003,168 | ---- | C] () -- C:\{09C6F392-9DFB-41F9-A7C2-A6E3614342AF}
[2012/08/27 02:04:08 | 000,003,192 | ---- | C] () -- C:\{E939DFD1-04B7-44EA-921A-F8634EA93F12}
[2012/08/27 02:00:26 | 000,003,168 | ---- | C] () -- C:\{AA7CE832-1273-488E-8704-0A10270793A6}
[2012/08/27 01:56:38 | 000,003,192 | ---- | C] () -- C:\{D7F31B1C-AE9F-4BBA-9F99-4DD2CEC30F55}
[2012/08/27 01:51:43 | 000,003,168 | ---- | C] () -- C:\{1B9FFD69-3BDC-4AAB-922F-9F190C0D0819}
[2012/08/27 01:43:27 | 000,002,424 | ---- | C] () -- C:\{06E94532-6D8D-4F1F-A834-94FEA44CFF4A}
[2012/08/27 01:38:22 | 000,002,856 | ---- | C] () -- C:\{0BE7830D-7895-4F8E-9013-6DCEBEBC7FB6}
[2012/08/27 01:29:31 | 000,003,192 | ---- | C] () -- C:\{61FB13D2-7940-4EF6-81ED-3391BC7BDDB8}
[2012/08/27 01:23:12 | 000,003,168 | ---- | C] () -- C:\{02A88FF2-2827-476D-A88E-474ACA1FC57F}
[2012/08/27 01:16:28 | 000,003,192 | ---- | C] () -- C:\{DAE744A3-3450-434C-BF1F-BBB1E75AEB97}
[2012/08/27 01:09:57 | 000,003,168 | ---- | C] () -- C:\{B2424844-1023-40A3-A610-1B20E331C877}
[2012/08/27 01:03:16 | 000,003,192 | ---- | C] () -- C:\{2D38A9B7-4C7A-4C7B-A97C-9F1A9D9CC54F}
[2012/08/27 00:56:10 | 000,003,168 | ---- | C] () -- C:\{32A37D5E-7E65-42DF-9787-CEA4154BFDBF}
[2012/08/27 00:49:38 | 000,003,192 | ---- | C] () -- C:\{3EBC872C-E6F7-4DE5-86DB-F9603E80443E}
[2012/08/27 00:43:01 | 000,003,168 | ---- | C] () -- C:\{663525C9-77A0-4FC2-BB3D-8C1FA26FDFD7}
[2012/08/27 00:36:10 | 000,003,192 | ---- | C] () -- C:\{7203AB3B-22C2-4535-96B1-6A0B7EA95F21}
[2012/08/27 00:29:25 | 000,003,168 | ---- | C] () -- C:\{0F348110-A2AA-4751-B4FC-4ED368625A8D}
[2012/08/27 00:22:43 | 000,003,192 | ---- | C] () -- C:\{E8FE0B1A-5490-4A9B-A993-180DBB473604}
[2012/08/27 00:16:06 | 000,003,168 | ---- | C] () -- C:\{4871B192-0475-4C77-A79B-B369005BCDE2}
[2012/08/27 00:09:21 | 000,003,192 | ---- | C] () -- C:\{44F642B2-A475-411F-92B8-7BAA68868F29}
[2012/08/27 00:02:52 | 000,003,168 | ---- | C] () -- C:\{E5EBBBA1-3C9A-4026-B072-AC8BCE3B515A}
[2012/08/26 23:56:36 | 000,003,168 | ---- | C] () -- C:\{A6BF8615-A99D-4ABF-AFA0-5F2ED58FDFD1}
[2012/08/26 23:49:48 | 000,003,192 | ---- | C] () -- C:\{13897D9B-8BF9-4C63-A49B-FA2507254154}
[2012/08/26 23:42:47 | 000,003,192 | ---- | C] () -- C:\{54C3433A-6975-49A7-B15D-4656AEC94308}
[2012/08/26 23:35:46 | 000,003,168 | ---- | C] () -- C:\{772B44D7-714D-4FD7-AE86-495986A00A2D}
[2012/08/26 23:27:40 | 000,003,192 | ---- | C] () -- C:\{4ED516C9-0012-44CB-B436-AC888FC23194}
[2012/08/26 23:21:05 | 000,003,168 | ---- | C] () -- C:\{59261146-4BF1-495C-A5EE-9A120693FD57}
[2012/08/26 23:14:28 | 000,003,168 | ---- | C] () -- C:\{3786DFB1-7BD6-4C45-88A1-9774B8F7819E}
[2012/08/26 23:07:59 | 000,003,192 | ---- | C] () -- C:\{16B81A89-5599-43B9-8E86-BCA917514A8E}
[2012/08/26 23:01:03 | 000,003,192 | ---- | C] () -- C:\{CAD94E47-E3B5-4B3E-95C3-19AF5A8CFA15}
[2012/08/26 22:54:36 | 000,003,168 | ---- | C] () -- C:\{8C26E315-CC85-457F-8335-D00D2DCFC42A}
[2012/08/26 22:47:53 | 000,003,192 | ---- | C] () -- C:\{ACDE1898-21CF-4981-90DB-07ECEA89624B}
[2012/08/26 22:41:19 | 000,003,168 | ---- | C] () -- C:\{94D683BB-5C78-42A1-A5FF-8D0EB6C9446F}
[2012/08/26 22:34:36 | 000,003,168 | ---- | C] () -- C:\{D532E393-D7FE-417D-9823-900DD64E70AA}
[2012/08/26 22:28:07 | 000,003,192 | ---- | C] () -- C:\{4E12E152-6A0D-4DBE-858A-439FDF1F04B0}
[2012/08/26 22:21:29 | 000,003,192 | ---- | C] () -- C:\{0672694C-2E3B-48CD-8E7C-8AA6D89098D7}
[2012/08/26 22:14:28 | 000,003,168 | ---- | C] () -- C:\{86FEF14E-9BB7-41AA-BAFD-7C27FD1CAAFB}
[2012/08/26 22:07:40 | 000,003,192 | ---- | C] () -- C:\{261CE2A9-3778-48EB-AC6B-40C46C91BAE0}
[2012/08/26 22:00:21 | 000,003,168 | ---- | C] () -- C:\{472BCEE4-02FA-4112-9CDA-FE41DDA63D41}
[2012/08/26 21:53:20 | 000,003,192 | ---- | C] () -- C:\{EC573A94-76B7-4370-810B-9184F395B960}
[2012/08/26 21:47:57 | 000,003,168 | ---- | C] () -- C:\{8AF87C00-6DB3-4ADE-8223-7C807D8235F0}
[2012/08/26 21:42:33 | 000,003,192 | ---- | C] () -- C:\{9B8D3CF4-96B2-42A1-BA9E-723F5AB1F36A}
[2012/08/26 21:36:17 | 000,003,168 | ---- | C] () -- C:\{937343FE-BDBE-4861-AF0D-4961C520FFDE}
[2012/08/26 21:30:21 | 000,003,192 | ---- | C] () -- C:\{988B1A48-675B-4892-B886-BF6DA6AFED62}
[2012/08/26 21:23:34 | 000,003,168 | ---- | C] () -- C:\{6DE38B91-9503-45CE-A11A-A6DF08836D0D}
[2012/08/26 21:19:19 | 000,003,168 | ---- | C] () -- C:\{F67C339E-9310-4845-A607-E4B4A3ECA116}
[2012/08/26 21:11:26 | 000,003,192 | ---- | C] () -- C:\{FB0C94E5-21F0-408B-98A1-A429A1504334}
[2012/08/26 21:05:09 | 000,003,192 | ---- | C] () -- C:\{93289DDB-CD97-419F-904B-3E8A88E2FBF7}
[2012/08/26 21:00:23 | 000,003,168 | ---- | C] () -- C:\{1A975C1E-0987-4E70-ACE9-BE0AEC32124D}
[2012/08/26 20:56:54 | 000,003,192 | ---- | C] () -- C:\{79390CA4-2F04-4D2D-95E3-5281B3D6BE5D}
[2012/08/26 20:50:32 | 000,003,168 | ---- | C] () -- C:\{79068B1D-655E-46A6-942C-067D2A9E3DFF}
[2012/08/26 20:44:21 | 000,003,192 | ---- | C] () -- C:\{B35FA9B7-A64B-4221-8799-69250DA69FD7}
[2012/08/26 20:38:04 | 000,003,168 | ---- | C] () -- C:\{BCC40A1C-50B4-4C43-AAEB-5EB1111D8270}
[2012/08/26 20:32:32 | 000,003,192 | ---- | C] () -- C:\{26634504-1B0C-4C4E-A57E-822AEA6A5733}
[2012/08/26 20:26:08 | 000,003,168 | ---- | C] () -- C:\{29A3860B-6290-46FA-A32C-D9D1CA659550}
[2012/08/24 16:15:49 | 000,003,168 | ---- | C] () -- C:\{B0FEF934-D317-4415-A26E-8B50E1706084}
[2012/08/23 16:50:57 | 000,001,325 | ---- | C] () -- C:\Users\Public\Desktop\VMware View Client.lnk
[2012/08/22 20:49:55 | 000,003,192 | ---- | C] () -- C:\{1C69F3EB-5739-4094-B10B-DBD8C5F5FF04}
[2012/08/22 20:45:37 | 000,003,168 | ---- | C] () -- C:\{A8491215-D97C-4039-88F3-27BCE0FCFABA}
[2012/08/22 20:31:25 | 000,003,168 | ---- | C] () -- C:\{A00FDA31-71E0-4CA7-94C0-B44A093559B8}
[2012/08/22 20:03:45 | 000,003,168 | ---- | C] () -- C:\{1393051B-A571-4241-AC4E-9128FA954CB7}
[2012/08/22 20:02:16 | 000,003,168 | ---- | C] () -- C:\{A17B9DAE-9BB3-469E-A6F7-C8E7D1FB269D}
[2012/08/22 19:35:52 | 000,003,160 | ---- | C] () -- C:\{B5383519-1BC3-4B65-9129-835E8F855564}
[2012/08/22 19:04:25 | 000,003,128 | ---- | C] () -- C:\{9B485D98-9770-43AD-89CE-B90FA125A568}
[2012/08/22 18:25:35 | 000,003,168 | ---- | C] () -- C:\{7C86F62B-7B97-45B0-96DA-13EA5C99F24D}
[2012/08/22 18:17:44 | 000,003,168 | ---- | C] () -- C:\{827AB113-E3E9-48D9-B368-4341AABC51BE}
[2012/08/22 17:30:00 | 000,003,160 | ---- | C] () -- C:\{7E52FE86-80AF-4BC3-B63F-451B032040A9}
[2012/08/22 17:23:31 | 000,003,192 | ---- | C] () -- C:\{AD91554F-2373-4F27-A7A6-CF68D994FA96}
[2012/08/22 17:17:27 | 000,003,168 | ---- | C] () -- C:\{882DFF59-1A98-475C-BC36-6DE64BB86B10}
[2012/08/22 17:10:58 | 000,003,472 | ---- | C] () -- C:\{8F1EA7DB-17C2-4A57-A9B6-19935AFF95BA}
[2012/08/22 17:04:14 | 000,003,320 | ---- | C] () -- C:\{3F22011B-48B3-4970-A2F9-1C4A3D0FF3E0}
[2012/08/22 16:57:27 | 000,003,160 | ---- | C] () -- C:\{06602612-1253-413A-B68C-FA3DEA19FA71}
[2012/08/22 16:49:48 | 000,003,192 | ---- | C] () -- C:\{E4ADB819-5699-49FC-AE8D-8283DBE20EF1}
[2012/08/22 16:42:58 | 000,003,168 | ---- | C] () -- C:\{0B8DA6EC-CEA7-4488-8E4F-6378B173EF1A}
[2012/08/22 16:36:10 | 000,003,168 | ---- | C] () -- C:\{CEC5649A-E6BD-4030-8E41-CFD839F28B6E}
[2012/08/22 16:29:29 | 000,003,160 | ---- | C] () -- C:\{6DFAB4FC-63DA-484F-A62D-9DA1E0966AEC}
[2012/08/22 16:20:13 | 000,003,192 | ---- | C] () -- C:\{2706DD1E-7A0D-42F9-9ECF-1BD7D17B39D7}
[2012/08/22 16:08:34 | 000,003,168 | ---- | C] () -- C:\{B9B01496-A7BF-40DC-9357-181921400CD3}
[2012/08/22 15:57:44 | 000,003,168 | ---- | C] () -- C:\{A8B8C87A-A5AD-4495-8C98-39959EE60FCF}
[2012/08/22 15:51:14 | 000,003,160 | ---- | C] () -- C:\{3B89C180-07E4-4582-A151-17FE5048CC72}
[2012/08/22 15:44:55 | 000,003,192 | ---- | C] () -- C:\{9AFD7FF8-536D-4DCE-9604-1FC1DE758EFA}
[2012/08/22 15:38:12 | 000,003,168 | ---- | C] () -- C:\{E545CE53-6B5B-49F5-89C0-96CE54C05B02}
[2012/08/22 15:30:38 | 000,003,168 | ---- | C] () -- C:\{FDAECA24-A9B5-490A-8199-FBEBA537F95E}
[2012/08/22 15:23:43 | 000,003,160 | ---- | C] () -- C:\{413E0413-521D-4349-A0E2-AEAC2A57CAE4}
[2012/08/22 15:16:46 | 000,003,168 | ---- | C] () -- C:\{3F6C5E6C-3D55-451C-A62E-C6B22EA71ED8}
[2012/08/22 15:09:35 | 000,003,192 | ---- | C] () -- C:\{95A17765-B72D-44DA-9322-F050020641D7}
[2012/08/22 15:03:00 | 000,003,160 | ---- | C] () -- C:\{E28A78EE-B56C-48C6-8D8D-19E7A5A894F8}
[2012/08/22 14:55:14 | 000,003,168 | ---- | C] () -- C:\{1CBC0AA7-79AB-440C-A01E-06D794D01E7D}
[2012/08/22 14:48:11 | 000,003,192 | ---- | C] () -- C:\{C6CC8BA4-2F12-460D-AE1A-D14C32EB34A9}
[2012/08/22 14:41:50 | 000,003,168 | ---- | C] () -- C:\{0D27268C-EB15-4FA6-8042-FB437A459BF5}
[2012/08/22 14:33:49 | 000,003,168 | ---- | C] () -- C:\{BCCDAAEF-F439-4207-975E-EB7D3227DD0F}
[2012/08/22 14:26:30 | 000,003,160 | ---- | C] () -- C:\{27A34C47-4460-4763-962D-8AF2DCAC036B}
[2012/08/22 14:16:08 | 000,003,192 | ---- | C] () -- C:\{DDF000FE-6102-433D-A4BF-3050172F3254}
[2012/08/22 14:06:40 | 000,003,168 | ---- | C] () -- C:\{CC23A4FB-F944-4415-B878-E9EC79720501}
[2012/08/22 13:55:04 | 000,002,360 | ---- | C] () -- C:\{3B8F8721-CC1B-4151-88E2-667BD7B81F92}
[2012/08/22 13:38:46 | 000,002,256 | ---- | C] () -- C:\{46271224-84D4-4DFF-B784-9A33AB3E8CD7}
[2012/08/22 13:28:45 | 000,003,168 | ---- | C] () -- C:\{55F02BA1-06A7-4B0E-9963-797109B6558E}
[2012/08/22 13:18:44 | 000,003,160 | ---- | C] () -- C:\{ECABE8D8-A484-4A25-943E-6D02EEE3A1A4}
[2012/08/22 13:09:02 | 000,003,192 | ---- | C] () -- C:\{34D6C40C-B3C8-469A-9E8E-CA46609EF1E8}
[2012/08/22 13:00:14 | 000,003,168 | ---- | C] () -- C:\{404C2799-5F6F-4D9C-8654-08574844585A}
[2012/08/22 12:50:26 | 000,003,168 | ---- | C] () -- C:\{B1D7B7CD-6B6A-4F53-BFE1-558339111CE2}
[2012/08/22 12:39:36 | 000,003,160 | ---- | C] () -- C:\{173D4F36-8402-448D-B712-FBA87FEE2C01}
[2012/08/22 12:30:33 | 000,003,192 | ---- | C] () -- C:\{0560BFBA-178E-4B01-AB78-41A31B0C331B}
[2012/08/22 12:21:16 | 000,003,168 | ---- | C] () -- C:\{EE7885EB-B2E8-49FD-9243-BC1E91D0790C}
[2012/08/22 11:57:38 | 000,003,168 | ---- | C] () -- C:\{E1C5E2EF-3F31-4A00-ADA0-6E4FDB6CF74E}
[2012/08/22 11:16:31 | 000,003,192 | ---- | C] () -- C:\{93A4726C-B5CB-4E46-94EC-A58FA89157F4}
[2012/08/22 11:14:58 | 000,003,168 | ---- | C] () -- C:\{DA801D02-C985-49F3-874E-617038975132}
[2012/08/22 11:03:53 | 000,003,192 | ---- | C] () -- C:\{683545E1-C95F-4F1A-BE62-4AC57BE7BB07}
[2012/08/22 10:58:08 | 000,003,168 | ---- | C] () -- C:\{85F3975B-3814-40DF-84D2-D6D9117803E1}
[2012/08/21 16:40:14 | 000,000,804 | ---- | C] () -- C:\windows\Installer\{679f1631-04bc-87f6-12e2-e903a5b90c5b}\L\00000004.@
[2012/08/20 22:08:39 | 000,003,160 | ---- | C] () -- C:\{92D61E61-717D-4330-AA8D-C196C999CAC8}
[2012/08/20 22:05:16 | 000,003,168 | ---- | C] () -- C:\{D4CAAB1C-6BEC-4789-8448-6381A0CE9F0F}
[2012/08/20 21:56:57 | 000,003,192 | ---- | C] () -- C:\{C5A9D8DE-AEA0-47CC-8224-B359C6D64BB3}
[2012/08/20 21:47:39 | 000,003,168 | ---- | C] () -- C:\{81BB429E-31E4-4A02-8F6F-EB1566E8A237}
[2012/08/20 21:15:51 | 000,003,168 | ---- | C] () -- C:\{B3FE7E9C-5EAE-4CC3-98EA-43B23AA64D8A}
[2012/08/19 12:58:05 | 000,003,192 | ---- | C] () -- C:\{9334061B-8657-4959-9CA5-6B4AFDD6B6DB}
[2012/08/19 12:43:25 | 000,003,168 | ---- | C] () -- C:\{4B6A520C-53D3-4D1E-A555-1F13FFEE3249}
[2012/08/19 12:39:57 | 000,003,168 | ---- | C] () -- C:\{37750AEC-AA8B-4E99-85AF-18EF33B6793E}
[2012/08/19 12:14:18 | 000,003,168 | ---- | C] () -- C:\{ED1BCF3C-12BC-40B1-87A6-7B6226D930E8}
[2012/08/19 12:05:20 | 000,003,168 | ---- | C] () -- C:\{74F6E4F8-3357-4F52-BE21-C1B6585A8993}
[2012/08/19 11:25:10 | 000,003,192 | ---- | C] () -- C:\{8331D4A7-FA9A-449A-993B-8A54174B53B2}
[2012/08/18 20:28:55 | 000,003,192 | ---- | C] () -- C:\{B41BCE8B-8327-4027-9D00-19FE4A000E0D}
[2012/08/18 20:25:19 | 000,003,168 | ---- | C] () -- C:\{6A48205F-D6FA-4B2F-85A7-3A1E4F49AD87}
[2012/08/18 20:15:38 | 000,003,168 | ---- | C] () -- C:\{870E820D-4737-485E-8C20-3363AA2968CB}
[2012/08/14 14:38:56 | 000,003,168 | ---- | C] () -- C:\{5F43D11C-968B-4FC2-8033-853DDA105279}
[2012/08/14 14:28:26 | 000,003,168 | ---- | C] () -- C:\{7EAA41B2-BAFC-48FF-9DD1-835736ACB458}
[2012/08/14 14:25:35 | 000,003,168 | ---- | C] () -- C:\{3BBB27CF-EF53-4C93-A8B0-4DA74AB93423}
[2012/08/14 13:03:08 | 000,003,168 | ---- | C] () -- C:\{97476F37-2466-4CA9-8208-C1E1C41AF0EF}
[2012/08/14 12:58:07 | 000,003,192 | ---- | C] () -- C:\{94C3A42A-1F86-418B-AD0A-007DCBBA01C6}
[2012/08/14 12:57:00 | 000,003,168 | ---- | C] () -- C:\{914EB9D7-E303-4BAF-8A78-4B7F10F20CEE}
[2012/08/14 12:55:29 | 000,003,168 | ---- | C] () -- C:\{1E12AFF7-C1B1-48DB-A7F9-8AF399D10CEE}
[2012/08/14 11:57:03 | 000,003,168 | ---- | C] () -- C:\{6683579B-4F07-4D42-8E1F-F2434F58F006}
[2012/08/14 11:55:35 | 000,003,168 | ---- | C] () -- C:\{0284EB07-E85C-426F-849B-2440CFF00573}
[2012/08/08 17:07:59 | 000,000,000 | ---- | C] () -- C:\Users\Matt Goodwin\Documents\Nuance Image Printer Writer Port
[2012/08/01 20:16:30 | 000,006,212 | ---- | C] () -- C:\windows\SysWow64\PerfStringBackup.INI
[2012/07/18 23:22:04 | 000,000,000 | ---- | C] () -- C:\ProgramData\Standard
[2012/07/18 23:22:04 | 000,000,000 | ---- | C] () -- C:\ProgramData\Soundtrack
[2012/07/15 22:43:02 | 000,000,000 | -H-- | C] () -- C:\ProgramData\PKP_DLdu.DAT
[2012/07/15 22:43:02 | 000,000,000 | ---- | C] () -- C:\Users\Matt Goodwin\AppData\Roaming\Standard Tool
[2012/07/15 22:24:56 | 000,000,000 | -H-- | C] () -- C:\ProgramData\PKP_DLes.DAT
[2012/07/15 22:23:45 | 000,000,000 | -H-- | C] () -- C:\ProgramData\PKP_DLev.DAT
[2012/07/15 22:23:45 | 000,000,000 | -H-- | C] () -- C:\ProgramData\PKP_DLet.DAT
[2012/07/15 22:23:45 | 000,000,000 | ---- | C] () -- C:\Users\Matt Goodwin\AppData\Roaming\SupportPrinters
[2012/07/15 22:23:45 | 000,000,000 | ---- | C] () -- C:\Users\Matt Goodwin\AppData\Roaming\Strings
[2012/06/05 14:04:48 | 000,021,120 | ---- | C] () -- C:\windows\SysWow64\drivers\AQFileRestore.sys
[2012/03/05 12:04:04 | 000,154,332 | ---- | C] () -- C:\windows\hppins08.dat
[2012/03/05 12:04:04 | 000,001,116 | ---- | C] () -- C:\windows\hppmdl08.dat
[2012/03/05 11:23:08 | 000,000,000 | ---- | C] () -- C:\windows\HPMProp.INI
[2012/03/05 11:22:55 | 000,316,928 | ---- | C] () -- C:\windows\SysWow64\hpcc3118.dll
[2012/01/11 09:40:58 | 000,002,048 | -HS- | C] () -- C:\windows\Installer\{679f1631-04bc-87f6-12e2-e903a5b90c5b}\@
[2012/01/11 09:40:58 | 000,002,048 | -HS- | C] () -- C:\Users\Matt Goodwin\AppData\Local\{679f1631-04bc-87f6-12e2-e903a5b90c5b}\@
[2012/01/09 18:00:31 | 000,000,376 | ---- | C] () -- C:\windows\AAA9de.ini
[2011/05/18 17:42:28 | 000,001,940 | ---- | C] () -- C:\Users\Matt Goodwin\AppData\Local\{96C87F53-AC72-4604-A9CC-186A49F17F3C}.ini
[2011/01/13 19:06:30 | 000,000,036 | -H-- | C] () -- C:\windows\SysWow64\f9t.dat
[2010/10/30 14:07:21 | 000,004,096 | ---- | C] () -- C:\windows\d3dx.dat
[2010/10/30 14:00:41 | 000,000,019 | ---- | C] () -- C:\windows\popcinfo.dat
[2010/04/04 23:03:37 | 000,004,284 | ---- | C] () -- C:\Users\Matt Goodwin\AppData\Roaming\wklnhst.dat
[2010/02/26 00:47:03 | 000,000,824 | ---- | C] () -- C:\Users\Matt Goodwin\hosts
[2010/01/03 16:35:24 | 000,000,258 | RHS- | C] () -- C:\ProgramData\ntuser.pol
[2010/01/01 21:27:01 | 000,000,056 | -H-- | C] () -- C:\ProgramData\ezsidmv.dat
[2010/01/01 21:01:05 | 008,126,464 | -HS- | C] () -- C:\Users\Matt Goodwin\NTUSER.BK1
[2010/01/01 21:01:05 | 006,299,648 | ---- | C] () -- C:\Users\Matt Goodwin\NTUSER.BAK

========== LOP Check ==========

[2012/05/12 10:03:13 | 000,000,000 | ---D | M] -- C:\Users\Matt Goodwin\AppData\Roaming\.minecraft
[2012/08/08 09:22:49 | 000,000,000 | ---D | M] -- C:\Users\Matt Goodwin\AppData\Roaming\.oit
[2012/08/01 22:42:29 | 000,000,000 | ---D | M] -- C:\Users\Matt Goodwin\AppData\Roaming\Avanquest
[2010/10/03 14:39:18 | 000,000,000 | ---D | M] -- C:\Users\Matt Goodwin\AppData\Roaming\Catalina Marketing Corp
[2010/01/21 09:48:50 | 000,000,000 | ---D | M] -- C:\Users\Matt Goodwin\AppData\Roaming\com.comcast.access.13A1FA90F0FC9DC009FB0956ADD0F13F8608561B.1
[2012/08/12 21:47:17 | 000,000,000 | ---D | M] -- C:\Users\Matt Goodwin\AppData\Roaming\DefaultTab
[2012/08/22 13:41:17 | 000,000,000 | ---D | M] -- C:\Users\Matt Goodwin\AppData\Roaming\DriverCure
[2010/02/22 18:32:18 | 000,000,000 | ---D | M] -- C:\Users\Matt Goodwin\AppData\Roaming\E-centives
[2012/07/15 22:48:19 | 000,000,000 | ---D | M] -- C:\Users\Matt Goodwin\AppData\Roaming\Nikon
[2010/01/05 10:37:04 | 000,000,000 | ---D | M] -- C:\Users\Matt Goodwin\AppData\Roaming\Nuance
[2010/04/12 21:42:24 | 000,000,000 | ---D | M] -- C:\Users\Matt Goodwin\AppData\Roaming\OverDrive
[2010/01/23 14:14:19 | 000,000,000 | ---D | M] -- C:\Users\Matt Goodwin\AppData\Roaming\Snood
[2012/08/22 13:41:13 | 000,000,000 | ---D | M] -- C:\Users\Matt Goodwin\AppData\Roaming\SpeedyPC Software
[2011/01/13 19:08:07 | 000,000,000 | ---D | M] -- C:\Users\Matt Goodwin\AppData\Roaming\Stamps.com Internet Postage
[2010/10/08 23:34:49 | 000,000,000 | ---D | M] -- C:\Users\Matt Goodwin\AppData\Roaming\Teleca
[2010/04/04 23:03:39 | 000,000,000 | ---D | M] -- C:\Users\Matt Goodwin\AppData\Roaming\Template
[2011/03/02 00:04:25 | 000,000,000 | ---D | M] -- C:\Users\Matt Goodwin\AppData\Roaming\Tific
[2010/01/06 10:09:34 | 000,000,000 | ---D | M] -- C:\Users\Matt Goodwin\AppData\Roaming\TOSHIBA
[2010/05/23 13:14:46 | 000,000,000 | ---D | M] -- C:\Users\Matt Goodwin\AppData\Roaming\Ulead Systems
[2010/01/01 21:01:38 | 000,000,000 | ---D | M] -- C:\Users\Matt Goodwin\AppData\Roaming\WinBatch
[2010/12/03 16:11:47 | 000,000,000 | ---D | M] -- C:\Users\Matt Goodwin\AppData\Roaming\Windows Live Writer
[2010/01/03 16:33:53 | 000,000,000 | ---D | M] -- C:\Users\Matt Goodwin\AppData\Roaming\Zeon
[2012/06/06 15:27:13 | 000,032,550 | ---- | M] () -- C:\windows\Tasks\SCHEDLGU.TXT

========== Purity Check ==========



< End of report >
  • 0

#3
Essexboy

Essexboy

    GeekU Moderator

  • Retired Staff
  • 69,964 posts
Hi there a few programmes to run first to clear the way and see the depth of the problem

  • Download RogueKiller and save it on your desktop.
  • Quit all programs
  • Start RogueKiller.exe.
  • Wait until Prescan has finished ...
  • Click on Scan
Posted Image
  • Wait for the end of the scan.
  • The report has been created on the desktop.
  • Click on the Delete button.
Posted Image
  • The report has been created on the desktop.

  • Next click on the ShortcutsFix
    Posted Image
  • The report has been created on the desktop.

Please post: All RKreport.txt text files located on your desktop.

THEN

Download AdwCleaner from here to your desktop
Run AdwCleaner and select Delete

Posted Image

Once done it will ask to reboot, allow this
On reboot a log will be produced please attach that

FINALLY

run farbar service scanner

Posted Image

Tick "All" options.
Press "Scan".
It will create a log (FSS.txt) in the same directory the tool is run.

Please copy and paste the log to your reply.
  • 0

#4
jmgoodwin74

jmgoodwin74

    Member

  • Topic Starter
  • Member
  • PipPip
  • 15 posts
Please see all the RKreport.txt logs listed below. Please let me know if you need anything further. I look forward to your response.

RogueKiller V8.0.2 [08/31/2012] by Tigzy
mail: tigzyRK<at>gmail<dot>com
Feedback: http://www.geekstogo...13-roguekiller/
Blog: http://tigzyrk.blogspot.com

Operating System: Windows 7 (6.1.7601 Service Pack 1) 64 bits version
Started in : Normal mode
User : Matt Goodwin [Admin rights]
Mode : Scan -- Date : 09/05/2012 17:11:09

¤¤¤ Bad processes : 3 ¤¤¤
[RESIDUE] iexplore.exe -- C:\Program Files (x86)\Internet Explorer\iexplore.exe -> KILLED [TermProc]
[RESIDUE] iexplore.exe -- C:\Program Files (x86)\Internet Explorer\iexplore.exe -> KILLED [TermProc]
[RESIDUE] iexplore.exe -- C:\Program Files (x86)\Internet Explorer\iexplore.exe -> KILLED [TermThr]

¤¤¤ Registry Entries : 5 ¤¤¤
[TASK][ROGUE ST] 0 : c:\program files (x86)\internet explorer\iexplore.exe -> FOUND
[TASK][ROGUE ST] 4816 : wscript.exe -> FOUND
[HJ DESK] HKLM\[...]\NewStartPanel : {59031a47-3f72-44a7-89c5-5595fe6b30ee} (1) -> FOUND
[HJ DESK] HKLM\[...]\NewStartPanel : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> FOUND
[FILEASSO] HKLM\[...]\command : (C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE) -> FOUND

¤¤¤ Particular Files / Folders: ¤¤¤
[ZeroAccess][FILE] @ : C:\windows\Installer\{679f1631-04bc-87f6-12e2-e903a5b90c5b}\@ --> FOUND
[ZeroAccess][FOLDER] U : C:\windows\Installer\{679f1631-04bc-87f6-12e2-e903a5b90c5b}\U --> FOUND
[ZeroAccess][FOLDER] L : C:\windows\Installer\{679f1631-04bc-87f6-12e2-e903a5b90c5b}\L --> FOUND
[ZeroAccess][FILE] @ : C:\Users\Matt Goodwin\AppData\Local\{679f1631-04bc-87f6-12e2-e903a5b90c5b}\@ --> FOUND
[ZeroAccess][FOLDER] U : C:\Users\Matt Goodwin\AppData\Local\{679f1631-04bc-87f6-12e2-e903a5b90c5b}\U --> FOUND
[ZeroAccess][FOLDER] L : C:\Users\Matt Goodwin\AppData\Local\{679f1631-04bc-87f6-12e2-e903a5b90c5b}\L --> FOUND
[ZeroAccess][FILE] Desktop.ini : C:\windows\Assembly\GAC_32\Desktop.ini --> FOUND
[ZeroAccess][FILE] Desktop.ini : C:\windows\Assembly\GAC_64\Desktop.ini --> FOUND
[Susp.ASLR][FILE] services.exe : C:\windows\system32\services.exe --> FOUND

¤¤¤ Driver : [NOT LOADED] ¤¤¤

¤¤¤ Infection : ZeroAccess ¤¤¤

¤¤¤ HOSTS File: ¤¤¤
--> C:\windows\system32\drivers\etc\hosts



¤¤¤ MBR Check: ¤¤¤

+++++ PhysicalDrive0: Hitachi HTS545050B9A300 +++++
--- User ---
[MBR] 3dc58bf13bf1226d28ff04fef707c91f
[BSP] 6b81a4f7bbdb87c02bc9f654358bd723 : Windows Vista MBR Code
Partition table:
0 - [ACTIVE] ACER (0x27) [VISIBLE] Offset (sectors): 2048 | Size: 1500 Mo
1 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 3074048 | Size: 464503 Mo
2 - [XXXXXX] NTFS (0x17) [HIDDEN!] Offset (sectors): 954376192 | Size: 10936 Mo
User = LL1 ... OK!
User = LL2 ... OK!

Finished : << RKreport[1].txt >>
RKreport[1].txt



RogueKiller V8.0.2 [08/31/2012] by Tigzy
mail: tigzyRK<at>gmail<dot>com
Feedback: http://www.geekstogo...13-roguekiller/
Blog: http://tigzyrk.blogspot.com

Operating System: Windows 7 (6.1.7601 Service Pack 1) 64 bits version
Started in : Normal mode
User : Matt Goodwin [Admin rights]
Mode : Remove -- Date : 09/05/2012 17:13:41

¤¤¤ Bad processes : 5 ¤¤¤
[RESIDUE] iexplore.exe -- C:\Program Files (x86)\Internet Explorer\iexplore.exe -> KILLED [TermProc]
[RESIDUE] iexplore.exe -- C:\Program Files (x86)\Internet Explorer\iexplore.exe -> KILLED [TermProc]
[RESIDUE] iexplore.exe -- C:\Program Files (x86)\Internet Explorer\iexplore.exe -> KILLED [TermThr]
[RESIDUE] iexplore.exe -- C:\Program Files (x86)\Internet Explorer\iexplore.exe -> KILLED [TermProc]
[RESIDUE] iexplore.exe -- C:\Program Files (x86)\Internet Explorer\iexplore.exe -> KILLED [TermProc]

¤¤¤ Registry Entries : 5 ¤¤¤
[TASK][ROGUE ST] 0 : c:\program files (x86)\internet explorer\iexplore.exe -> DELETED
[TASK][ROGUE ST] 4816 : wscript.exe -> DELETED
[HJ DESK] HKLM\[...]\NewStartPanel : {59031a47-3f72-44a7-89c5-5595fe6b30ee} (1) -> REPLACED (0)
[HJ DESK] HKLM\[...]\NewStartPanel : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> REPLACED (0)
[FILEASSO] HKLM\[...]\command : (C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE) -> REPLACED ("C:\Program Files (x86)\Internet Explorer\iexplore.exe")

¤¤¤ Particular Files / Folders: ¤¤¤
[ZeroAccess][FILE] @ : C:\windows\Installer\{679f1631-04bc-87f6-12e2-e903a5b90c5b}\@ --> REMOVED AT REBOOT
[ZeroAccess][FOLDER] ROOT : C:\windows\Installer\{679f1631-04bc-87f6-12e2-e903a5b90c5b}\U --> REMOVED
[Del.Parent][FILE] 00000004.@ : C:\windows\Installer\{679f1631-04bc-87f6-12e2-e903a5b90c5b}\L\00000004.@ --> REMOVED
[Del.Parent][FILE] 201d3dde : C:\windows\Installer\{679f1631-04bc-87f6-12e2-e903a5b90c5b}\L\201d3dde --> REMOVED
[ZeroAccess][FOLDER] ROOT : C:\windows\Installer\{679f1631-04bc-87f6-12e2-e903a5b90c5b}\L --> REMOVED
[ZeroAccess][FILE] @ : C:\Users\Matt Goodwin\AppData\Local\{679f1631-04bc-87f6-12e2-e903a5b90c5b}\@ --> REMOVED
[ZeroAccess][FOLDER] ROOT : C:\Users\Matt Goodwin\AppData\Local\{679f1631-04bc-87f6-12e2-e903a5b90c5b}\U --> REMOVED
[ZeroAccess][FOLDER] ROOT : C:\Users\Matt Goodwin\AppData\Local\{679f1631-04bc-87f6-12e2-e903a5b90c5b}\L --> REMOVED
[ZeroAccess][FILE] Desktop.ini : C:\windows\Assembly\GAC_32\Desktop.ini --> REMOVED AT REBOOT
[ZeroAccess][FILE] Desktop.ini : C:\windows\Assembly\GAC_64\Desktop.ini --> REMOVED AT REBOOT
[Susp.ASLR][FILE] services.exe : C:\windows\system32\services.exe --> REPLACED AT REBOOT (C:\windows\winsxs\amd64_microsoft-windows-s..s-servicecontroller_31bf3856ad364e35_6.1.7600.16385_none_2b54b20ee6fa07b1\services.exe)

¤¤¤ Driver : [NOT LOADED] ¤¤¤

¤¤¤ Infection : ZeroAccess ¤¤¤

¤¤¤ HOSTS File: ¤¤¤
--> C:\windows\system32\drivers\etc\hosts



¤¤¤ MBR Check: ¤¤¤

+++++ PhysicalDrive0: Hitachi HTS545050B9A300 +++++
--- User ---
[MBR] 3dc58bf13bf1226d28ff04fef707c91f
[BSP] 6b81a4f7bbdb87c02bc9f654358bd723 : Windows Vista MBR Code
Partition table:
0 - [ACTIVE] ACER (0x27) [VISIBLE] Offset (sectors): 2048 | Size: 1500 Mo
1 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 3074048 | Size: 464503 Mo
2 - [XXXXXX] NTFS (0x17) [HIDDEN!] Offset (sectors): 954376192 | Size: 10936 Mo
User = LL1 ... OK!
User = LL2 ... OK!

Finished : << RKreport[2].txt >>
RKreport[1].txt ; RKreport[2].txt



RogueKiller V8.0.2 [08/31/2012] by Tigzy
mail: tigzyRK<at>gmail<dot>com
Feedback: http://www.geekstogo...13-roguekiller/
Blog: http://tigzyrk.blogspot.com

Operating System: Windows 7 (6.1.7601 Service Pack 1) 64 bits version
Started in : Normal mode
User : Matt Goodwin [Admin rights]
Mode : Scan -- Date : 09/05/2012 17:27:08

¤¤¤ Bad processes : 0 ¤¤¤

¤¤¤ Registry Entries : 1 ¤¤¤
[FILEASSO] HKLM\[...]\command : ("C:\Program Files (x86)\Internet Explorer\iexplore.exe") -> FOUND

¤¤¤ Particular Files / Folders: ¤¤¤
[ZeroAccess][FOLDER] U : C:\windows\Installer\{679f1631-04bc-87f6-12e2-e903a5b90c5b}\U --> FOUND

¤¤¤ Driver : [NOT LOADED] ¤¤¤

¤¤¤ Infection : ZeroAccess ¤¤¤

¤¤¤ HOSTS File: ¤¤¤
--> C:\windows\system32\drivers\etc\hosts



¤¤¤ MBR Check: ¤¤¤

+++++ PhysicalDrive0: Hitachi HTS545050B9A300 +++++
--- User ---
[MBR] 3dc58bf13bf1226d28ff04fef707c91f
[BSP] 6b81a4f7bbdb87c02bc9f654358bd723 : Windows Vista MBR Code
Partition table:
0 - [ACTIVE] ACER (0x27) [VISIBLE] Offset (sectors): 2048 | Size: 1500 Mo
1 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 3074048 | Size: 464503 Mo
2 - [XXXXXX] NTFS (0x17) [HIDDEN!] Offset (sectors): 954376192 | Size: 10936 Mo
User = LL1 ... OK!
User = LL2 ... OK!

Finished : << RKreport[3].txt >>
RKreport[1].txt ; RKreport[2].txt ; RKreport[3].txt



RogueKiller V8.0.2 [08/31/2012] by Tigzy
mail: tigzyRK<at>gmail<dot>com
Feedback: http://www.geekstogo...13-roguekiller/
Blog: http://tigzyrk.blogspot.com

Operating System: Windows 7 (6.1.7601 Service Pack 1) 64 bits version
Started in : Normal mode
User : Matt Goodwin [Admin rights]
Mode : Remove -- Date : 09/05/2012 17:28:42

¤¤¤ Bad processes : 3 ¤¤¤
[RESIDUE] iexplore.exe -- C:\Program Files (x86)\Internet Explorer\iexplore.exe -> KILLED [TermProc]
[RESIDUE] iexplore.exe -- C:\Program Files (x86)\Internet Explorer\iexplore.exe -> KILLED [TermThr]
[RESIDUE] iexplore.exe -- C:\Program Files (x86)\Internet Explorer\iexplore.exe -> KILLED [TermThr]

¤¤¤ Registry Entries : 1 ¤¤¤
[FILEASSO] HKLM\[...]\command : ("C:\Program Files (x86)\Internet Explorer\iexplore.exe") -> REPLACED ("C:\Program Files (x86)\Internet Explorer\iexplore.exe")

¤¤¤ Particular Files / Folders: ¤¤¤
[ZeroAccess][FOLDER] ROOT : C:\windows\Installer\{679f1631-04bc-87f6-12e2-e903a5b90c5b}\U --> REMOVED

¤¤¤ Driver : [NOT LOADED] ¤¤¤

¤¤¤ Infection : ZeroAccess ¤¤¤

¤¤¤ HOSTS File: ¤¤¤
--> C:\windows\system32\drivers\etc\hosts



¤¤¤ MBR Check: ¤¤¤

+++++ PhysicalDrive0: Hitachi HTS545050B9A300 +++++
--- User ---
[MBR] 3dc58bf13bf1226d28ff04fef707c91f
[BSP] 6b81a4f7bbdb87c02bc9f654358bd723 : Windows Vista MBR Code
Partition table:
0 - [ACTIVE] ACER (0x27) [VISIBLE] Offset (sectors): 2048 | Size: 1500 Mo
1 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 3074048 | Size: 464503 Mo
2 - [XXXXXX] NTFS (0x17) [HIDDEN!] Offset (sectors): 954376192 | Size: 10936 Mo
User = LL1 ... OK!
User = LL2 ... OK!

Finished : << RKreport[4].txt >>
RKreport[1].txt ; RKreport[2].txt ; RKreport[3].txt ; RKreport[4].txt



RogueKiller V8.0.2 [08/31/2012] by Tigzy
mail: tigzyRK<at>gmail<dot>com
Feedback: http://www.geekstogo...13-roguekiller/
Blog: http://tigzyrk.blogspot.com

Operating System: Windows 7 (6.1.7601 Service Pack 1) 64 bits version
Started in : Normal mode
User : Matt Goodwin [Admin rights]
Mode : Shortcuts HJfix -- Date : 09/05/2012 17:44:11

¤¤¤ Bad processes : 3 ¤¤¤
[RESIDUE] iexplore.exe -- C:\Program Files (x86)\Internet Explorer\iexplore.exe -> KILLED [TermProc]
[RESIDUE] iexplore.exe -- C:\Program Files (x86)\Internet Explorer\iexplore.exe -> KILLED [TermThr]
[RESIDUE] iexplore.exe -- C:\Program Files (x86)\Internet Explorer\iexplore.exe -> KILLED [TermThr]

¤¤¤ Driver : [NOT LOADED] ¤¤¤

¤¤¤ File attributes restored: ¤¤¤
Desktop: Success 1 / Fail 0
Quick launch: Success 1 / Fail 0
Programs: Success 10 / Fail 0
Start menu: Success 1 / Fail 0
User folder: Success 283 / Fail 0
My documents: Success 454 / Fail 454
My favorites: Success 10 / Fail 0
My pictures: Success 0 / Fail 0
My music: Success 282 / Fail 0
My videos: Success 0 / Fail 0
Local drives: Success 103 / Fail 21
Backup: [NOT FOUND]

Drives:
[C:] \Device\HarddiskVolume2 -- 0x3 --> Restored
[D:] \Device\CdRom0 -- 0x5 --> Skipped

¤¤¤ Infection : ZeroAccess ¤¤¤

Finished : << RKreport[5].txt >>
RKreport[1].txt ; RKreport[2].txt ; RKreport[3].txt ; RKreport[4].txt ; RKreport[5].txt
  • 0

#5
jmgoodwin74

jmgoodwin74

    Member

  • Topic Starter
  • Member
  • PipPip
  • 15 posts
For some reason, my computer will not allow me to download AdwCleaner. I attempt to run the program and it is blocked and deleted by my Norton system. I am hoping you can provide some feedback and maybe a way around this problem.
  • 0

#6
Essexboy

Essexboy

    GeekU Moderator

  • Retired Staff
  • 69,964 posts
Could you temporarily disable Norton and use this direct link the programme is safe
  • 0

#7
jmgoodwin74

jmgoodwin74

    Member

  • Topic Starter
  • Member
  • PipPip
  • 15 posts
I will try to disable it the best way I know how. I will let you know if this is accomplished as soon as possible. Thanks again for all of your help.
  • 0

#8
Essexboy

Essexboy

    GeekU Moderator

  • Retired Staff
  • 69,964 posts
As it stands now Norton should no longer be alerting on the trojan .. Could you confirm that
  • 0

#9
jmgoodwin74

jmgoodwin74

    Member

  • Topic Starter
  • Member
  • PipPip
  • 15 posts
Norton is still alerting me that the Trojan is still there.
  • 0

#10
Essexboy

Essexboy

    GeekU Moderator

  • Retired Staff
  • 69,964 posts
Is it on the services.exe file ?

Have you rebooted after the RogueKiller run ?
  • 0

Advertisements


#11
jmgoodwin74

jmgoodwin74

    Member

  • Topic Starter
  • Member
  • PipPip
  • 15 posts
It is on the services.exe file. I have not re-booted since the RogueKiller scan.
  • 0

#12
Essexboy

Essexboy

    GeekU Moderator

  • Retired Staff
  • 69,964 posts
OK reboot please .. Run RogueKiller once more to ensure that the fix took
  • 0

#13
jmgoodwin74

jmgoodwin74

    Member

  • Topic Starter
  • Member
  • PipPip
  • 15 posts
Re-boot has been completed. I am not getting the Norton notification anymore.
  • 0

#14
Essexboy

Essexboy

    GeekU Moderator

  • Retired Staff
  • 69,964 posts
OK lets go forward with AdwCleaner then please
  • 0

#15
jmgoodwin74

jmgoodwin74

    Member

  • Topic Starter
  • Member
  • PipPip
  • 15 posts
Ok, now it is telling me that the file name or path is not specified or I don't have the proper permissions to access. I thought I disabled Norton but I guess I was unable to disable. Should I uninstall? Norton is also saying that adwcleaner is a threat.
  • 0






Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP