[We have Win 7 Ultimate 64, SP1, current on all patches.] All the above screams to me we've been compromised... As of now, no Facebook compromises seen, no spurious emails sent on any accounts or any indication of 'bad actors' in action, yet.
My Norton 360 logs had no security events at that time and a complete system scan didn't find anything (Norton 360 20.3.1.22). Also ran the online BitDefender and online ESET scanners. BitDefender found nothing, ESET reported 4 worm instances (it repaired) on an old drive in the system that is rarely used (in pretty remote locations).
The site has a variety of opinions about it when searching online. Norton SafeWeb had no opinion, PhishTank same, Onlinelinkscan.com aggregates several other sites (including Google Safe Browsing... all had it not reporting or safe - but attempting to go to SpyEyeTracking, got a warning from Microsoft SmartScreen in IE 9 against even going to it - spyeyetracker.abuse.ch as a reported site of malware, itself - all kind of convoluted and somewhat confusing)
Actually went to the original problem site / link (above) to look at it myself today to see if there were any alerts or attempts to compromise the machine (thinking I might blow the drive away anyway), and it served up 10 ads related to searches or sites that had been visited (looking in history?). All the ads links were served up by www.googleadsservices.com, which is apparently not Google related, cannot be reached directly, but which Google Safe Browsing reports visiting >12K times in 90 days and finding 11 malware installs).
Apologies if all the above isn't helpful, but have been dilligently trying to see if I need to blow away the system or not (just did a month ago) - and have been reluctant to do my taxes in this machine until I know I'm not going to be giving all that info away by doing so...
OTL logfile created on: 4/13/2013 5:24:19 PM - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Mark\Downloads
64bit- Ultimate Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy
8.00 Gb Total Physical Memory | 5.88 Gb Available Physical Memory | 73.50% Memory free
9.00 Gb Paging File | 6.65 Gb Available in Paging File | 73.90% Paging File free
Paging file location(s): c:\pagefile.sys 1024 2048 [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 119.14 Gb Total Space | 24.86 Gb Free Space | 20.87% Space Free | Partition Type: NTFS
Drive D: | 13.56 Gb Total Space | 1.83 Gb Free Space | 13.47% Space Free | Partition Type: NTFS
Drive E: | 685.08 Gb Total Space | 419.71 Gb Free Space | 61.27% Space Free | Partition Type: NTFS
Drive K: | 465.73 Gb Total Space | 284.75 Gb Free Space | 61.14% Space Free | Partition Type: NTFS
Computer Name: PAVILION | User Name: Mark | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan | Include 64bit Scans
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days
========== Processes (SafeList) ==========
PRC - [2013/04/13 17:23:48 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Mark\Downloads\OTL.exe
PRC - [2013/04/07 19:03:03 | 000,256,600 | ---- | M] (Microsoft Corporation) -- C:\Users\Mark\AppData\Local\Microsoft\SkyDrive\SkyDrive.exe
PRC - [2013/04/04 21:31:18 | 000,308,368 | ---- | M] (Google Inc.) -- C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbarUser_32.exe
PRC - [2013/04/04 13:19:21 | 000,706,776 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_11_6_602_180_ActiveX.exe
PRC - [2013/03/14 22:53:06 | 001,266,464 | ---- | M] (NVIDIA Corporation) -- C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
PRC - [2013/03/14 22:07:46 | 000,383,264 | ---- | M] (NVIDIA Corporation) -- C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
PRC - [2013/02/13 14:03:14 | 003,524,136 | ---- | M] (Hyperionics Technology LLC) -- C:\Program Files (x86)\HyperSnap 7\HprSnap7.exe
PRC - [2013/01/29 15:10:02 | 002,496,616 | ---- | M] (Ilium Software, Inc.) -- C:\Program Files (x86)\Ilium Software\eWallet\eWallet.exe
PRC - [2012/12/23 20:33:29 | 000,144,520 | R--- | M] (Symantec Corporation) -- C:\Program Files (x86)\Norton 360\Engine\20.3.1.22\ccsvchst.exe
PRC - [2012/12/18 12:08:28 | 000,065,192 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
PRC - [2012/08/23 12:37:16 | 000,013,672 | ---- | M] (Intuit Inc.) -- C:\Program Files (x86)\Common Files\Intuit\Update Service v4\IntuitUpdateService.exe
PRC - [2012/01/18 06:44:52 | 000,450,848 | ---- | M] (Logitech Inc.) -- C:\Program Files (x86)\Common Files\logishrd\LVMVFM\UMVPFSrv.exe
========== Modules (No Company Name) ==========
MOD - [2013/04/01 11:38:46 | 000,256,000 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\PasswordGenerator\7fcb05f2f82f5126946256cc654b05e4\PasswordGenerator.ni.dll
MOD - [2013/04/01 11:38:46 | 000,135,680 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Data.DataSet#\5cf7fcba96db2ec632eda5e52fc373da\System.Data.DataSetExtensions.ni.dll
MOD - [2013/04/01 11:38:45 | 000,573,952 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Data.SQLite\96fc0f1de5adcd5f84448730caf86182\System.Data.SQLite.ni.dll
MOD - [2013/04/01 11:38:45 | 000,109,056 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\WltSQLiteConverter\6997d5ae6b336d84a33f6f1e538f1b88\WltSQLiteConverter.ni.dll
MOD - [2013/04/01 11:38:44 | 001,190,400 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\Sync\165e664553651f900f71fd5834ef2771\Sync.ni.dll
MOD - [2013/04/01 11:38:44 | 001,111,040 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\DBWallet\b441d9e250a5cd0a5c726a1bbced5e94\DBWallet.ni.dll
MOD - [2013/04/01 11:38:43 | 015,083,008 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\DevComponents.DotNe#\f596573396441b91ed21372942f7dafd\DevComponents.DotNetBar2.ni.dll
MOD - [2013/04/01 11:38:34 | 004,385,792 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\eWallet\4897a3fd73de662ef6b00cb1fd740d1a\eWallet.ni.exe
MOD - [2013/04/01 11:38:04 | 002,297,856 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Core\77dfcfed5fd5f67d0d3edc545935bb21\System.Core.ni.dll
MOD - [2013/04/01 11:30:28 | 006,611,456 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Data\dd20416f723ee13ffb4173ec1afc4ec4\System.Data.ni.dll
MOD - [2013/04/01 11:30:07 | 012,436,480 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\cb562e2e4f74ae607f1186f6ec50cec7\System.Windows.Forms.ni.dll
MOD - [2013/04/01 11:30:01 | 001,592,832 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\eead6629e384a5b69f9ae35284b7eeed\System.Drawing.ni.dll
MOD - [2013/04/01 11:29:58 | 012,237,824 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\PresentationCore\19b3d17c3ce0e264c4fb62028161adf7\PresentationCore.ni.dll
MOD - [2013/04/01 11:29:58 | 000,025,600 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\Accessibility\d908c91e24616e6b8d38c9da61038b25\Accessibility.ni.dll
MOD - [2013/04/01 11:29:49 | 003,347,968 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\WindowsBase\cf827fe7bc99d9bcf0ba3621054ef527\WindowsBase.ni.dll
MOD - [2013/04/01 11:29:44 | 005,452,800 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Xml\c1a66b44c4780c039576eaf18f4cd8dc\System.Xml.ni.dll
MOD - [2013/04/01 11:29:41 | 000,971,264 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Configuration\195a77fcc6206f8bb35d419ff2cf0d72\System.Configuration.ni.dll
MOD - [2013/04/01 11:29:40 | 007,989,760 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System\369f8bdca364e2b4936d18dea582912c\System.ni.dll
MOD - [2013/04/01 11:29:34 | 011,493,376 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\7150b9136fad5b79e88f6c7f9d3d2c39\mscorlib.ni.dll
MOD - [2013/01/02 13:30:34 | 000,014,040 | ---- | M] () -- C:\Program Files (x86)\HyperSnap 7\VistaPlus.dll
MOD - [2013/01/02 12:49:14 | 000,018,160 | ---- | M] () -- C:\Program Files (x86)\HyperSnap 7\HsSizer7.dll
MOD - [2012/05/30 07:51:08 | 000,699,280 | R--- | M] () -- C:\Program Files (x86)\Norton 360\Engine\20.3.1.22\wincfi39.dll
MOD - [2011/03/17 00:11:16 | 004,297,568 | ---- | M] () -- C:\Program Files (x86)\Common Files\microsoft shared\OFFICE14\Cultures\OFFICE.ODF
MOD - [2010/12/21 01:15:30 | 001,041,248 | ---- | M] () -- C:\Program Files (x86)\Microsoft Office\Office14\ADDINS\UmOutlookAddin.dll
MOD - [2010/11/04 18:58:05 | 002,927,616 | ---- | M] () -- C:\Windows\assembly\GAC_32\System.Data\2.0.0.0__b77a5c561934e089\System.Data.dll
========== Services (SafeList) ==========
SRV:64bit: - [2009/07/13 18:41:27 | 001,011,712 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV:64bit: - [2009/07/13 18:40:01 | 000,193,536 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\appmgmts.dll -- (AppMgmt)
SRV - [2013/04/04 13:19:22 | 000,253,656 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2013/03/14 22:53:06 | 001,266,464 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe -- (nvUpdatusService)
SRV - [2013/03/14 22:07:46 | 000,383,264 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe -- (Stereo Service)
SRV - [2013/03/07 07:30:44 | 000,115,608 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
SRV - [2012/12/23 20:33:29 | 000,144,520 | R--- | M] (Symantec Corporation) [Auto | Running] -- C:\Program Files (x86)\Norton 360\Engine\20.3.1.22\ccSvcHst.exe -- (N360)
SRV - [2012/12/18 12:08:28 | 000,065,192 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)
SRV - [2012/08/23 12:37:16 | 000,013,672 | ---- | M] (Intuit Inc.) [Auto | Running] -- C:\Program Files (x86)\Common Files\Intuit\Update Service v4\IntuitUpdateService.exe -- (IntuitUpdateServiceV4)
SRV - [2012/01/18 06:44:52 | 000,450,848 | ---- | M] (Logitech Inc.) [Auto | Running] -- C:\Program Files (x86)\Common Files\logishrd\LVMVFM\UMVPFSrv.exe -- (UMVPFSrv)
SRV - [2010/03/18 13:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2009/06/10 14:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)
========== Driver Services (SafeList) ==========
DRV:64bit: - [2013/03/24 16:30:08 | 000,177,312 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\SYMEVENT64x86.SYS -- (SymEvent)
DRV:64bit: - [2013/01/30 20:18:18 | 000,432,800 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\N360x64\1403010.016\symnets.sys -- (SymNetS)
DRV:64bit: - [2013/01/30 20:18:06 | 001,139,800 | ---- | M] (Symantec Corporation) [File_System | Boot | Running] -- C:\Windows\SysNative\drivers\N360x64\1403010.016\symefa64.sys -- (SymEFA)
DRV:64bit: - [2013/01/28 18:45:19 | 000,796,248 | ---- | M] (Symantec Corporation) [File_System | On_Demand | Running] -- C:\Windows\SysNative\drivers\N360x64\1403010.016\srtsp64.sys -- (SRTSP)
DRV:64bit: - [2013/01/28 18:45:19 | 000,036,952 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\N360x64\1403010.016\srtspx64.sys -- (SRTSPX)
DRV:64bit: - [2013/01/23 15:12:20 | 000,067,808 | ---- | M] (Mozy, Inc.) [File_System | System | Running] -- C:\Windows\SysNative\drivers\mozy.sys -- (mozyFilter)
DRV:64bit: - [2013/01/21 19:15:33 | 000,493,656 | ---- | M] (Symantec Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\N360x64\1403010.016\symds64.sys -- (SymDS)
DRV:64bit: - [2012/11/15 19:22:01 | 000,224,416 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\N360x64\1403010.016\ironx64.sys -- (SymIRON)
DRV:64bit: - [2012/11/15 19:18:04 | 000,168,096 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\N360x64\1403010.016\ccsetx64.sys -- (ccSet_N360)
DRV:64bit: - [2012/02/29 23:46:16 | 000,023,408 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\Windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec)
DRV:64bit: - [2012/01/18 06:44:36 | 004,865,568 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\lvuvc64.sys -- (LVUVC64)
DRV:64bit: - [2011/03/10 23:41:12 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:64bit: - [2011/03/10 23:41:12 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:64bit: - [2010/11/20 06:33:35 | 000,078,720 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:64bit: - [2010/11/20 04:07:05 | 000,059,392 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV:64bit: - [2010/11/20 04:03:42 | 000,020,992 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\rdpvideominiport.sys -- (RdpVideoMiniport)
DRV:64bit: - [2009/07/13 18:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:64bit: - [2009/07/13 18:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:64bit: - [2009/07/13 18:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:64bit: - [2009/06/19 19:09:57 | 001,394,688 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\athrx.sys -- (athr)
DRV:64bit: - [2009/06/10 13:35:42 | 000,187,392 | ---- | M] (Realtek Corporation ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Rt64win7.sys -- (RTL8167)
DRV:64bit: - [2009/06/10 13:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:64bit: - [2009/06/10 13:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:64bit: - [2009/06/10 13:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
DRV:64bit: - [2009/06/10 13:31:59 | 001,192,448 | ---- | M] (Hauppauge Computer Works) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\HCW85BDA.sys -- (HCW85BDA)
DRV:64bit: - [2009/06/10 13:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
DRV:64bit: - [2008/05/06 16:06:00 | 000,014,464 | ---- | M] (Western Digital Technologies) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\wdcsam64.sys -- (WDC_SAM)
DRV - [2013/03/24 09:01:36 | 002,087,664 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_20.3.0.36\Definitions\VirusDefs\20130412.024\ex64.sys -- (NAVEX15)
DRV - [2013/03/24 09:01:36 | 000,484,512 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys -- (eeCtrl)
DRV - [2013/03/24 09:01:36 | 000,138,912 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys -- (EraserUtilRebootDrv)
DRV - [2013/03/24 09:01:36 | 000,126,192 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_20.3.0.36\Definitions\VirusDefs\20130412.024\eng64.sys -- (NAVENG)
DRV - [2013/03/22 15:39:26 | 000,513,184 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_20.3.0.36\Definitions\IPSDefs\20130412.001\IDSviA64.sys -- (IDSVia64)
DRV - [2013/03/21 18:52:21 | 001,387,608 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_20.3.0.36\Definitions\BASHDefs\20130322.001\BHDrvx64.sys -- (BHDrvx64)
DRV - [2009/07/13 18:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount)
========== Standard Registry (SafeList) ==========
========== Internet Explorer ==========
IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {6A1806CD-94D4-4689-BA73-E35EA1EA9990}
IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/...ms}&FORM=IE8SRC
IE:64bit: - HKLM\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.co...g}&sourceid=ie7
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\..\SearchScopes,DefaultScope = {6A1806CD-94D4-4689-BA73-E35EA1EA9990}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/...ms}&FORM=IE8SRC
IE - HKLM\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.co...g}&sourceid=ie7
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Secondary Start Pages = http://www.google.com/ [binary data]
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.comcast.net/
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://www.msn.com/?ocid=iehp
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = en-US
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 65 15 AD 0B 0B 29 CE 01 [binary data]
IE - HKCU\..\SearchScopes,DefaultScope = {6A1806CD-94D4-4689-BA73-E35EA1EA9990}
IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/...Box&FORM=IE8SRC
IE - HKCU\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.co...1I7NDKB_enUS530
IE - HKCU\..\SearchScopes\{AFBCB7E0-F91A-4951-9F31-58FEE57A25C4}: "URL" = http://nortonsafe.se...ct=sb&qsrc=2869
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local
========== FireFox ==========
FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@canon.com/EPPEX: C:\Program Files (x86)\Canon\Easy-PhotoPrint EX\NPEZFFPI.DLL (CANON INC.)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVision: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVisionStreaming: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.21.135\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.21.135\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{BBDA0591-3099-440a-AA10-41764D9DB4DB}: C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_20.3.0.36\IPSFFPlgn\ [2013/03/24 16:30:27 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{2D3F3651-74B9-4795-BDEC-6DA2F431CB62}: C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_20.3.0.36\coFFPlgn\ [2013/04/13 13:58:19 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 19.0.2\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2013/03/25 20:49:48 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 19.0.2\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins
[2013/03/25 20:49:48 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\extensions
[2013/03/25 20:49:48 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\distribution\extensions
[2013/03/25 20:49:48 | 000,000,000 | ---D | M] (Yahoo! Toolbar) -- C:\Program Files (x86)\Mozilla Firefox\distribution\extensions\{635abd67-4fe9-1b23-4f01-e679fa7484c1}
[2013/03/07 07:31:00 | 000,263,064 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\mozilla firefox\components\browsercomps.dll
[2013/03/07 07:30:20 | 000,002,465 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\bing.xml
[2013/03/07 07:30:20 | 000,002,086 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\twitter.xml
========== Chrome ==========
CHR - default_search_provider: Google (Enabled)
CHR - default_search_provider: search_url = {google:baseURL}search?q={searchTerms}&{google:RLZ}{google:acceptedSuggestion}{google:originalQueryForSuggestion}{google:assistedQueryStats}{google:searchFieldtrialParameter}{google:searchClient}{google:sourceId}{google:instantExtendedEnabledParameter}ie={inputEncoding}
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client=chrome&q={searchTerms}&{google:cursorPosition}sugkey={google:suggestAPIKeyParameter},
CHR - homepage: https://thecore.coin...nstar.Home.aspx
CHR - plugin: Shockwave Flash (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\26.0.1410.64\PepperFlash\pepflashplayer.dll
CHR - plugin: Chrome Remote Desktop Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\26.0.1410.64\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\26.0.1410.64\pdf.dll
CHR - plugin: Microsoft Office 2010 (Enabled) = C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL
CHR - plugin: Microsoft Office 2010 (Enabled) = C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL
CHR - plugin: CANON iMAGE GATEWAY Album Plugin Utility (Enabled) = C:\Program Files (x86)\Canon\Easy-PhotoPrint EX\NPEZFFPI.DLL
CHR - plugin: Google Update (Enabled) = C:\Program Files (x86)\Google\Update\1.3.21.135\npGoogleUpdate3.dll
CHR - plugin: NVIDIA 3D Vision (Enabled) = C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll
CHR - plugin: NVIDIA 3D VISION (Enabled) = C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll
CHR - Extension: Google Docs = C:\Users\Mark\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.5_0\
CHR - Extension: Google Drive = C:\Users\Mark\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.3_0\
CHR - Extension: YouTube = C:\Users\Mark\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\
CHR - Extension: YouTube = C:\Users\Mark\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.6_0\
CHR - Extension: Google Search = C:\Users\Mark\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_0\
CHR - Extension: Norton Identity Protection = C:\Users\Mark\AppData\Local\Google\Chrome\User Data\Default\Extensions\mkfokfffehpeedafpekjeddnmnjhmcmk\2013.3.2.10_0\
CHR - Extension: Norton Identity Protection = C:\Users\Mark\AppData\Local\Google\Chrome\User Data\Default\Extensions\mkfokfffehpeedafpekjeddnmnjhmcmk\2013.3.3.19_0\
CHR - Extension: Bit.ly Shortener for Chrome = C:\Users\Mark\AppData\Local\Google\Chrome\User Data\Default\Extensions\negjghjbfgfmdjpolclpmmjmfeejolld\1.0.3_0\
CHR - Extension: Mail this link = C:\Users\Mark\AppData\Local\Google\Chrome\User Data\Default\Extensions\ngjdhjgbagpeimgpgloofkfoipgpdgdb\1.1.1_0\
CHR - Extension: Gmail = C:\Users\Mark\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\
O1 HOSTS File: ([2009/06/10 14:00:26 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O2:64bit: - BHO: (Google Toolbar Helper) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
O2 - BHO: (Norton Identity Protection) - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files (x86)\Norton 360\Engine\20.3.1.22\coieplg.dll (Symantec Corporation)
O2 - BHO: (Norton Vulnerability Protection) - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files (x86)\Norton 360\Engine\20.3.1.22\ips\ipsbho.dll (Symantec Corporation)
O3:64bit: - HKLM\..\Toolbar: (Google Toolbar) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
O3 - HKLM\..\Toolbar: (Norton Toolbar) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton 360\Engine\20.3.1.22\coieplg.dll (Symantec Corporation)
O3:64bit: - HKCU\..\Toolbar\WebBrowser: (Google Toolbar) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
O3 - HKCU\..\Toolbar\WebBrowser: (Norton Toolbar) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton 360\Engine\20.3.1.22\coieplg.dll (Symantec Corporation)
O4:64bit: - HKLM..\Run: [CanonMyPrinter] C:\Program Files\Canon\MyPrinter\BJMyPrt.exe (CANON INC.)
O4 - HKLM..\Run: [CanonSolutionMenuEx] C:\Program Files (x86)\Canon\Solution Menu EX\CNSEMAIN.EXE (CANON INC.)
O4 - HKCU..\Run: [SkyDrive] C:\Users\Mark\AppData\Local\Microsoft\SkyDrive\SkyDrive.exe (Microsoft Corporation)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000007 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.)
O1364bit: - gopher Prefix: missing
O13 - gopher Prefix: missing
O16 - DPF: {4B54A9DE-EF1C-4EBE-A328-7C28EA3B433A} http://quickscan.bit...m/qsax/qsax.cab (Bitdefender QuickScan Control)
O16 - DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} http://download.eset...lineScanner.cab (OnlineScanner Control)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1 184.16.33.54
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{98CF1F53-00CE-490E-875A-5F8AAA3848A3}: DhcpNameServer = 192.168.1.1 184.16.33.54
O18:64bit: - Protocol\Handler\ms-help - No CLSID value found
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\Windows\SysWow64\userinit.exe (Microsoft Corporation)
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)
========== Files/Folders - Created Within 30 Days ==========
[2013/04/12 21:05:28 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\ESET
[2013/04/12 21:01:25 | 000,000,000 | ---D | C] -- C:\Users\Mark\AppData\Roaming\QuickScan
[2013/04/08 21:36:44 | 000,000,000 | -H-D | C] -- C:\ProgramData\CanonIJScan
[2013/04/08 21:36:12 | 000,000,000 | ---D | C] -- C:\Users\Mark\AppData\Roaming\Canon
[2013/04/08 16:32:45 | 001,139,800 | ---- | C] (Symantec Corporation) -- C:\Windows\SysNative\drivers\N360x64\1403010.016\symefa64.sys
[2013/04/08 16:32:45 | 000,796,248 | ---- | C] (Symantec Corporation) -- C:\Windows\SysNative\drivers\N360x64\1403010.016\srtsp64.sys
[2013/04/08 16:32:45 | 000,493,656 | ---- | C] (Symantec Corporation) -- C:\Windows\SysNative\drivers\N360x64\1403010.016\symds64.sys
[2013/04/08 16:32:45 | 000,432,800 | ---- | C] (Symantec Corporation) -- C:\Windows\SysNative\drivers\N360x64\1403010.016\symnets.sys
[2013/04/08 16:32:45 | 000,224,416 | ---- | C] (Symantec Corporation) -- C:\Windows\SysNative\drivers\N360x64\1403010.016\ironx64.sys
[2013/04/08 16:32:45 | 000,168,096 | ---- | C] (Symantec Corporation) -- C:\Windows\SysNative\drivers\N360x64\1403010.016\ccsetx64.sys
[2013/04/08 16:32:45 | 000,036,952 | ---- | C] (Symantec Corporation) -- C:\Windows\SysNative\drivers\N360x64\1403010.016\srtspx64.sys
[2013/04/08 16:32:45 | 000,023,448 | R--- | C] (Symantec Corporation) -- C:\Windows\SysNative\drivers\N360x64\1403010.016\symelam.sys
[2013/04/08 16:32:37 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\drivers\N360x64\1403010.016
[2013/04/07 19:03:57 | 000,000,000 | -H-D | C] -- C:\SkyDriveTemp
[2013/04/07 19:03:11 | 000,000,000 | R--D | C] -- C:\Users\Mark\SkyDrive
[2013/04/07 19:03:11 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft SkyDrive
[2013/04/07 19:03:00 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft SkyDrive
[2013/04/07 16:45:02 | 000,000,000 | ---D | C] -- C:\Users\Mark\AppData\Local\Adobe
[2013/04/07 15:32:23 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\7-Zip
[2013/04/07 15:32:23 | 000,000,000 | ---D | C] -- C:\Program Files\7-Zip
[2013/04/07 15:30:14 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Adobe
[2013/04/07 15:30:14 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Adobe
[2013/04/07 12:48:39 | 000,000,000 | ---D | C] -- C:\Users\Mark\AppData\Local\IsolatedStorage
[2013/04/07 12:47:35 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TurboTax 2012
[2013/04/07 12:46:14 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\TurboTax
[2013/04/06 20:22:03 | 000,000,000 | ---D | C] -- C:\Users\Mark\AppData\Roaming\Google
[2013/04/06 20:20:50 | 000,000,000 | ---D | C] -- C:\Users\Mark\AppData\Roaming\Macromedia
[2013/04/06 20:20:49 | 000,000,000 | ---D | C] -- C:\Users\Mark\AppData\Roaming\Adobe
[2013/04/04 13:19:41 | 000,000,000 | ---D | C] -- C:\Program Files\Google
[2013/04/04 13:19:25 | 000,000,000 | ---D | C] -- C:\ProgramData\Google
[2013/04/04 13:19:20 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\Macromed
[2013/04/04 13:19:19 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\Macromed
[2013/04/04 13:18:57 | 000,000,000 | ---D | C] -- C:\ProgramData\Adobe
[2013/04/02 20:31:04 | 000,000,000 | ---D | C] -- C:\Users\Mark\Desktop\Diane
[2013/03/31 20:20:54 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Apple Software Update
[2013/03/28 08:30:52 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome
[2013/03/28 08:30:16 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Google
[2013/03/28 08:30:12 | 000,000,000 | ---D | C] -- C:\Users\Mark\AppData\Local\Google
[2013/03/28 08:30:04 | 000,000,000 | ---D | C] -- C:\Users\Mark\AppData\Local\Deployment
[2013/03/28 08:30:04 | 000,000,000 | ---D | C] -- C:\Users\Mark\AppData\Local\Apps
[2013/03/27 23:19:35 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\MSXML 4.0
[2013/03/27 23:19:00 | 000,000,000 | ---D | C] -- C:\Users\Mark\AppData\Roaming\Hyperionics
[2013/03/27 22:50:33 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HyperSnap 7
[2013/03/27 22:50:33 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\HyperSnap 7
[2013/03/27 22:32:13 | 000,000,000 | ---D | C] -- C:\ProgramData\Ilium Software
[2013/03/27 22:31:01 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Bonjour Print Services
[2013/03/27 22:31:00 | 000,000,000 | ---D | C] -- C:\Program Files\Bonjour Print Services
[2013/03/27 22:30:45 | 000,000,000 | ---D | C] -- C:\Users\Mark\AppData\Local\Apple
[2013/03/27 22:30:40 | 000,000,000 | ---D | C] -- C:\Program Files\Bonjour
[2013/03/27 22:30:40 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Bonjour
[2013/03/27 22:30:40 | 000,000,000 | ---D | C] -- C:\ProgramData\Apple
[2013/03/27 22:25:32 | 000,000,000 | ---D | C] -- C:\Users\Mark\AppData\Local\Ilium_Software,_Inc
[2013/03/27 21:44:31 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Ilium Software
[2013/03/27 21:44:30 | 000,000,000 | ---D | C] -- C:\Users\Mark\AppData\Roaming\Ilium Software
[2013/03/27 21:44:30 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Ilium Software
[2013/03/27 21:38:21 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\SPReview
[2013/03/27 21:38:01 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\EventProviders
[2013/03/27 21:29:22 | 000,116,224 | ---- | C] (Windows ® Codename Longhorn DDK provider) -- C:\Windows\SysNative\fms.dll
[2013/03/27 21:29:16 | 000,093,696 | ---- | C] (Windows ® Codename Longhorn DDK provider) -- C:\Windows\SysWow64\fms.dll
[2013/03/27 03:42:38 | 000,000,000 | ---D | C] -- C:\Users\Mark\Documents\eWallet
[2013/03/27 03:42:36 | 000,000,000 | ---D | C] -- C:\Users\Mark\Documents\cache
[2013/03/27 03:39:56 | 000,000,000 | ---D | C] -- C:\Users\Mark\Documents\Work
[2013/03/27 03:31:04 | 000,000,000 | ---D | C] -- C:\Users\Mark\Documents\Wedding
[2013/03/27 03:30:44 | 000,000,000 | ---D | C] -- C:\Users\Mark\Documents\TurboTax
[2013/03/27 03:30:44 | 000,000,000 | ---D | C] -- C:\Users\Mark\Documents\Travel and Vacation
[2013/03/27 03:30:36 | 000,000,000 | ---D | C] -- C:\Users\Mark\Documents\Training
[2013/03/27 03:29:51 | 000,000,000 | ---D | C] -- C:\Users\Mark\Documents\Toastmasters
[2013/03/27 03:29:18 | 000,000,000 | ---D | C] -- C:\Users\Mark\Documents\Redmond Roofing
[2013/03/27 03:28:57 | 000,000,000 | ---D | C] -- C:\Users\Mark\Documents\Rachel's files
[2013/03/27 03:28:47 | 000,000,000 | ---D | C] -- C:\Users\Mark\Documents\Rachel and Steve and Wedding
[2013/03/27 03:27:49 | 000,000,000 | ---D | C] -- C:\Users\Mark\Documents\Rachel College
[2013/03/27 03:27:09 | 000,000,000 | ---D | C] -- C:\Users\Mark\Documents\RLT Eye-Ear-Nose-Throat Doctors_files
[2013/03/27 03:12:06 | 000,000,000 | ---D | C] -- C:\Users\Mark\Documents\Project Management
[2013/03/27 03:12:03 | 000,000,000 | ---D | C] -- C:\Users\Mark\Documents\Palm OS Desktop
[2013/03/27 03:11:54 | 000,000,000 | ---D | C] -- C:\Users\Mark\Documents\OneNote Notebooks
[2013/03/27 03:11:51 | 000,000,000 | ---D | C] -- C:\Users\Mark\Documents\New Photo Print.el6.Data
[2013/03/27 03:11:36 | 000,000,000 | ---D | C] -- C:\Users\Mark\Documents\My Games
[2013/03/27 03:11:35 | 000,000,000 | ---D | C] -- C:\Users\Mark\Documents\My DocsToGo
[2013/03/27 03:09:30 | 000,000,000 | ---D | C] -- C:\Users\Mark\Documents\MedicalandHealth
[2013/03/27 03:09:30 | 000,000,000 | ---D | C] -- C:\Users\Mark\Documents\Marriage and Relationships
[2013/03/27 03:08:56 | 000,000,000 | ---D | C] -- C:\Users\Mark\Documents\ItsDeductible2006
[2013/03/27 03:08:55 | 000,000,000 | ---D | C] -- C:\Users\Mark\Documents\ITIL
[2013/03/27 03:08:49 | 000,000,000 | ---D | C] -- C:\Users\Mark\Documents\Hutch
[2013/03/27 03:08:45 | 000,000,000 | ---D | C] -- C:\Users\Mark\Documents\Home
[2013/03/27 03:08:42 | 000,000,000 | ---D | C] -- C:\Users\Mark\Documents\Health and Fitness
[2013/03/27 03:08:41 | 000,000,000 | ---D | C] -- C:\Users\Mark\Documents\HVAC
[2013/03/27 03:08:34 | 000,000,000 | ---D | C] -- C:\Users\Mark\Documents\Georgioff-Brinks
[2013/03/27 03:05:37 | 000,000,000 | ---D | C] -- C:\Users\Mark\Documents\Financial
[2013/03/27 03:05:27 | 000,000,000 | ---D | C] -- C:\Users\Mark\Documents\Financial-Trading
[2013/03/27 03:05:25 | 000,000,000 | ---D | C] -- C:\Users\Mark\Documents\Faith Church Small Groups
[2013/03/27 03:02:06 | 000,000,000 | ---D | C] -- C:\Users\Mark\Documents\Employment
[2013/03/27 02:59:51 | 000,000,000 | ---D | C] -- C:\Users\Mark\Documents\Downloads
[2013/03/27 02:59:10 | 000,000,000 | ---D | C] -- C:\Users\Mark\Documents\David
[2013/03/27 02:59:07 | 000,000,000 | ---D | C] -- C:\Users\Mark\Documents\Customer Transcript_files
[2013/03/27 02:59:04 | 000,000,000 | ---D | C] -- C:\Users\Mark\Documents\Computer Related
[2013/03/27 02:59:03 | 000,000,000 | ---D | C] -- C:\Users\Mark\Documents\Computer HW SW
[2013/03/27 02:58:58 | 000,000,000 | ---D | C] -- C:\Users\Mark\Documents\Cellular
[2013/03/27 02:58:56 | 000,000,000 | ---D | C] -- C:\Users\Mark\Documents\Car Stuff
[2013/03/27 02:57:42 | 000,000,000 | ---D | C] -- C:\Users\Mark\Documents\CPA-CITP-CMA-PMP
[2013/03/27 02:56:09 | 000,000,000 | ---D | C] -- C:\Users\Mark\Documents\Baccalaureate
[2013/03/27 02:10:12 | 000,000,000 | ---D | C] -- C:\Users\Mark\AppData\Roaming\Mozilla
[2013/03/26 21:03:24 | 000,000,000 | ---D | C] -- C:\Users\Mark\Documents\Quicken
[2013/03/26 21:02:29 | 000,000,000 | ---D | C] -- C:\Windows\pss
[2013/03/26 20:57:17 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\AnswerWorks 5.0
[2013/03/26 20:57:15 | 004,200,304 | ---- | C] (Amyuni Technologies
http://www.amyuni.com) -- C:\Windows\SysWow64\cdintf400.dll
[2013/03/26 20:57:05 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Quicken 2013
[2013/03/26 20:57:00 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Quicken
[2013/03/26 20:57:00 | 000,000,000 | ---D | C] -- C:\Users\Mark\AppData\Roaming\Intuit
[2013/03/26 20:57:00 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Intuit
[2013/03/26 20:56:40 | 000,000,000 | ---D | C] -- C:\ProgramData\Intuit
[2013/03/25 21:44:18 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\AGEIA Technologies
[2013/03/25 21:38:22 | 000,000,000 | -H-D | C] -- C:\ProgramData\CanonIJEPPEX2
[2013/03/25 21:38:22 | 000,000,000 | -H-D | C] -- C:\ProgramData\CanonEPP
[2013/03/25 21:36:52 | 000,000,000 | -H-D | C] -- C:\ProgramData\CanonIJFAX
[2013/03/25 21:36:37 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Canon MX880 series User Registration
[2013/03/25 21:36:32 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\CANON
[2013/03/25 21:36:24 | 000,000,000 | ---D | C] -- C:\ProgramData\CanonIJWSpt
[2013/03/25 21:33:57 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Canon Utilities
[2013/03/25 21:33:52 | 000,000,000 | ---D | C] -- C:\Program Files\Canon
[2013/03/25 21:32:55 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Canon MX880 series Manual
[2013/03/25 21:32:38 | 000,000,000 | -H-D | C] -- C:\ProgramData\CanonBJ
[2013/03/25 21:32:36 | 000,000,000 | -H-D | C] -- C:\Windows\SysNative\CanonIJ Uninstaller Information
[2013/03/25 21:32:36 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Canon MX880 series
[2013/03/25 21:32:02 | 000,000,000 | -H-D | C] -- C:\Program Files\CanonBJ
[2013/03/25 21:31:49 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\STRING
[2013/03/25 21:29:23 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Canon
[2013/03/25 21:05:04 | 000,067,808 | ---- | C] (Mozy, Inc.) -- C:\Windows\SysNative\drivers\mozy.sys
[2013/03/25 21:05:04 | 000,000,000 | --SD | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MozyHome
[2013/03/25 21:05:04 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\DRVSTORE
[2013/03/25 21:05:03 | 000,000,000 | ---D | C] -- C:\Program Files\MozyHome
[2013/03/25 20:49:49 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Mozilla Maintenance Service
[2013/03/25 20:49:49 | 000,000,000 | ---D | C] -- C:\ProgramData\Mozilla
[2013/03/25 20:49:47 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Mozilla Firefox
[2013/03/25 03:03:57 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\logishrd
[2013/03/25 03:03:56 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\logishrd
[2013/03/24 21:00:54 | 000,000,000 | ---D | C] -- C:\Users\Public\Documents\microsoft
[2013/03/24 20:53:56 | 000,000,000 | ---D | C] -- C:\Users\Mark\Documents\Outlook Files
[2013/03/24 20:53:10 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\MSECache
[2013/03/24 20:41:45 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office
[2013/03/24 20:41:28 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\DESIGNER
[2013/03/24 20:41:24 | 000,000,000 | ---D | C] -- C:\Windows\PCHEALTH
[2013/03/24 20:41:24 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft.NET
[2013/03/24 20:38:53 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Office
[2013/03/24 20:38:48 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft Analysis Services
[2013/03/24 20:38:34 | 000,000,000 | ---D | C] -- C:\Users\Mark\AppData\Local\Microsoft Help
[2013/03/24 20:38:33 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft Office
[2013/03/24 20:38:33 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft Help
[2013/03/24 20:38:31 | 000,000,000 | -HSD | C] -- C:\Windows\Installer
[2013/03/24 20:25:11 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation
[2013/03/24 20:06:10 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\Wat
[2013/03/24 20:06:10 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\Wat
[2013/03/24 16:52:28 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Symantec Shared
[2013/03/24 16:45:46 | 000,000,000 | ---D | C] -- C:\Windows\Panther
[2013/03/24 16:41:45 | 000,000,000 | ---D | C] -- C:\Users\Mark\Documents\Symantec
[2013/03/24 16:30:08 | 000,177,312 | ---- | C] (Symantec Corporation) -- C:\Windows\SysNative\drivers\SYMEVENT64x86.SYS
[2013/03/24 16:30:08 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Symantec Shared
[2013/03/24 16:30:08 | 000,000,000 | ---D | C] -- C:\Program Files\Symantec
[2013/03/24 16:29:45 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\drivers\N360x64
[2013/03/24 16:29:43 | 000,000,000 | R--D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Norton 360
[2013/03/24 16:29:43 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Norton 360
[2013/03/24 16:29:43 | 000,000,000 | ---D | C] -- C:\ProgramData\Norton
[2013/03/24 16:28:01 | 000,000,000 | ---D | C] -- C:\ProgramData\NortonInstaller
[2013/03/24 16:28:01 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\NortonInstaller
[2013/03/24 16:09:55 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\NVIDIA Corporation
[2013/03/24 16:09:54 | 000,000,000 | ---D | C] -- C:\ProgramData\NVIDIA
[2013/03/24 16:09:42 | 000,060,776 | ---- | C] (Khronos Group) -- C:\Windows\SysNative\OpenCL.dll
[2013/03/24 16:09:42 | 000,052,584 | ---- | C] (Khronos Group) -- C:\Windows\SysWow64\OpenCL.dll
[2013/03/24 16:09:35 | 000,000,000 | ---D | C] -- C:\ProgramData\NVIDIA Corporation
[2013/03/24 16:09:31 | 000,000,000 | ---D | C] -- C:\Program Files\NVIDIA Corporation
[2013/03/24 16:00:26 | 000,000,000 | R--D | C] -- C:\Users\Mark\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
[2013/03/24 16:00:26 | 000,000,000 | R--D | C] -- C:\Users\Mark\Searches
[2013/03/24 16:00:26 | 000,000,000 | R--D | C] -- C:\Users\Mark\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools
[2013/03/24 16:00:26 | 000,000,000 | -H-D | C] -- C:\Users\Mark\Application Data\Microsoft\Internet Explorer\Quick Launch\User Pinned
[2013/03/24 16:00:19 | 000,000,000 | ---D | C] -- C:\Users\Mark\AppData\Roaming\Identities
[2013/03/24 16:00:18 | 000,000,000 | R--D | C] -- C:\Users\Mark\Contacts
[2013/03/24 16:00:16 | 000,000,000 | ---D | C] -- C:\Users\Mark\AppData\Local\VirtualStore
[2013/03/24 16:00:14 | 000,000,000 | --SD | C] -- C:\Users\Mark\AppData\Roaming\Microsoft
[2013/03/24 16:00:14 | 000,000,000 | R--D | C] -- C:\Users\Mark\Videos
[2013/03/24 16:00:14 | 000,000,000 | R--D | C] -- C:\Users\Mark\Saved Games
[2013/03/24 16:00:14 | 000,000,000 | R--D | C] -- C:\Users\Mark\Pictures
[2013/03/24 16:00:14 | 000,000,000 | R--D | C] -- C:\Users\Mark\Music
[2013/03/24 16:00:14 | 000,000,000 | R--D | C] -- C:\Users\Mark\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
[2013/03/24 16:00:14 | 000,000,000 | R--D | C] -- C:\Users\Mark\Links
[2013/03/24 16:00:14 | 000,000,000 | R--D | C] -- C:\Users\Mark\Favorites
[2013/03/24 16:00:14 | 000,000,000 | R--D | C] -- C:\Users\Mark\Downloads
[2013/03/24 16:00:14 | 000,000,000 | R--D | C] -- C:\Users\Mark\Documents
[2013/03/24 16:00:14 | 000,000,000 | R--D | C] -- C:\Users\Mark\Desktop
[2013/03/24 16:00:14 | 000,000,000 | R--D | C] -- C:\Users\Mark\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
[2013/03/24 16:00:14 | 000,000,000 | -HSD | C] -- C:\Users\Mark\AppData\Local\Temporary Internet Files
[2013/03/24 16:00:14 | 000,000,000 | -HSD | C] -- C:\Users\Mark\Templates
[2013/03/24 16:00:14 | 000,000,000 | -HSD | C] -- C:\Users\Mark\Start Menu
[2013/03/24 16:00:14 | 000,000,000 | -HSD | C] -- C:\Users\Mark\SendTo
[2013/03/24 16:00:14 | 000,000,000 | -HSD | C] -- C:\Users\Mark\Recent
[2013/03/24 16:00:14 | 000,000,000 | -HSD | C] -- C:\Users\Mark\PrintHood
[2013/03/24 16:00:14 | 000,000,000 | -HSD | C] -- C:\Users\Mark\NetHood
[2013/03/24 16:00:14 | 000,000,000 | -HSD | C] -- C:\Users\Mark\Documents\My Videos
[2013/03/24 16:00:14 | 000,000,000 | -HSD | C] -- C:\Users\Mark\Documents\My Pictures
[2013/03/24 16:00:14 | 000,000,000 | -HSD | C] -- C:\Users\Mark\Documents\My Music
[2013/03/24 16:00:14 | 000,000,000 | -HSD | C] -- C:\Users\Mark\My Documents
[2013/03/24 16:00:14 | 000,000,000 | -HSD | C] -- C:\Users\Mark\Local Settings
[2013/03/24 16:00:14 | 000,000,000 | -HSD | C] -- C:\Users\Mark\AppData\Local\History
[2013/03/24 16:00:14 | 000,000,000 | -HSD | C] -- C:\Users\Mark\Cookies
[2013/03/24 16:00:14 | 000,000,000 | -HSD | C] -- C:\Users\Mark\Application Data
[2013/03/24 16:00:14 | 000,000,000 | -HSD | C] -- C:\Users\Mark\AppData\Local\Application Data
[2013/03/24 16:00:14 | 000,000,000 | -H-D | C] -- C:\Users\Mark\AppData
[2013/03/24 16:00:14 | 000,000,000 | ---D | C] -- C:\Users\Mark\AppData\Local\Temp
[2013/03/24 16:00:14 | 000,000,000 | ---D | C] -- C:\Users\Mark\AppData\Local\Microsoft
[2013/03/24 16:00:14 | 000,000,000 | ---D | C] -- C:\Users\Mark\AppData\Roaming\Media Center Programs
[2013/03/24 15:50:47 | 000,000,000 | ---D | C] -- C:\Windows\SoftwareDistribution
[2013/03/24 15:46:44 | 000,000,000 | ---D | C] -- C:\Windows\Prefetch
========== Files - Modified Within 30 Days ==========
[2013/04/13 17:19:53 | 000,208,384 | ---- | M] () -- C:\Users\Mark\Documents\My Wallet.wlt
[2013/04/13 17:09:51 | 000,000,890 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2013/04/13 17:09:00 | 000,000,830 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2013/04/13 16:35:00 | 000,000,894 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2013/04/13 14:04:28 | 000,013,440 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2013/04/13 14:04:28 | 000,013,440 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2013/04/13 14:01:24 | 000,726,316 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2013/04/13 14:01:24 | 000,623,940 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2013/04/13 14:01:24 | 000,106,316 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2013/04/13 13:57:14 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2013/04/13 13:57:02 | 2146,885,631 | -HS- | M] () -- C:\hiberfil.sys
[2013/04/13 09:40:24 | 000,008,600 | ---- | M] () -- C:\Windows\mozy.flt
[2013/04/13 09:40:24 | 000,007,090 | ---- | M] () -- C:\Windows\mozy.blk
[2013/04/10 20:21:09 | 000,000,000 | -H-- | M] () -- C:\Windows\SysNative\drivers\Msft_User_WpdMtpDr_01_09_00.Wdf
[2013/04/10 14:36:10 | 000,002,183 | ---- | M] () -- C:\Users\Public\Desktop\Google Chrome.lnk
[2013/04/10 08:46:15 | 000,424,872 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
[2013/04/10 08:45:09 | 001,762,019 | ---- | M] () -- C:\Windows\SysNative\drivers\N360x64\1403010.016\Cat.DB
[2013/04/08 21:36:28 | 000,002,123 | ---- | M] () -- C:\Users\Mark\Desktop\MP Navigator EX 4.1.lnk
[2013/04/08 20:33:28 | 000,014,818 | ---- | M] () -- C:\Windows\SysNative\drivers\N360x64\1403010.016\VT20130115.021
[2013/04/08 20:33:28 | 000,002,319 | ---- | M] () -- C:\Users\Public\Desktop\Norton 360.lnk
[2013/04/07 15:30:21 | 000,002,019 | ---- | M] () -- C:\Users\Public\Desktop\Adobe Reader XI.lnk
[2013/04/07 12:48:09 | 000,000,319 | ---- | M] () -- C:\ProgramData\Microsoft.SqlServer.Compact.400.32.bc
[2013/04/07 12:47:35 | 000,002,515 | ---- | M] () -- C:\Users\Public\Desktop\TurboTax 2012.lnk
[2013/04/03 01:21:26 | 000,000,172 | ---- | M] () -- C:\Windows\SysNative\drivers\N360x64\1403010.016\isolate.ini
[2013/03/31 19:54:49 | 000,002,283 | ---- | M] () -- C:\Users\Mark\Application Data\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk
[2013/03/27 22:54:17 | 000,001,026 | ---- | M] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\HyperSnap 7.lnk
[2013/03/27 22:50:33 | 000,001,008 | ---- | M] () -- C:\Users\Public\Desktop\HyperSnap 7.lnk
[2013/03/27 21:44:32 | 000,001,168 | ---- | M] () -- C:\Users\Mark\Desktop\eWallet.lnk
[2013/03/26 20:57:12 | 000,001,814 | ---- | M] () -- C:\Users\Public\Desktop\Quicken Premier 2013.lnk
[2013/03/26 20:57:06 | 000,000,126 | ---- | M] () -- C:\Windows\QUICKEN.INI
[2013/03/26 20:50:02 | 000,001,135 | ---- | M] () -- C:\Users\Mark\Application Data\Microsoft\Internet Explorer\Quick Launch\Microsoft Outlook.lnk
[2013/03/25 21:05:04 | 000,000,913 | ---- | M] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\MozyHome Status.lnk
[2013/03/25 20:49:50 | 000,001,151 | ---- | M] () -- C:\Users\Public\Desktop\Mozilla Firefox.lnk
[2013/03/24 20:25:04 | 000,001,441 | ---- | M] () -- C:\Users\Mark\Application Data\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk
[2013/03/24 16:59:04 | 000,072,822 | ---- | M] () -- C:\Windows\SysWow64\ieuinit.inf
[2013/03/24 16:59:03 | 000,072,822 | ---- | M] () -- C:\Windows\SysNative\ieuinit.inf
[2013/03/24 16:30:08 | 000,177,312 | ---- | M] (Symantec Corporation) -- C:\Windows\SysNative\drivers\SYMEVENT64x86.SYS
[2013/03/24 16:30:08 | 000,007,466 | ---- | M] () -- C:\Windows\SysNative\drivers\SYMEVENT64x86.CAT
[2013/03/24 16:30:08 | 000,000,855 | ---- | M] () -- C:\Windows\SysNative\drivers\SYMEVENT64x86.INF
[2013/03/24 15:49:33 | 000,042,045 | ---- | M] () -- C:\Windows\SysWow64\license.rtf
[2013/03/24 15:49:33 | 000,042,045 | ---- | M] () -- C:\Windows\SysNative\license.rtf
[2013/03/24 15:47:00 | 000,000,000 | -H-- | M] () -- C:\Windows\SysNative\drivers\Msft_User_WpdFs_01_09_00.Wdf
[2013/03/14 22:53:06 | 000,017,738 | ---- | M] () -- C:\Windows\SysNative\nvinfo.pb
========== Files Created - No Company Name ==========
[2013/04/10 20:21:09 | 000,000,000 | -H-- | C] () -- C:\Windows\SysNative\drivers\Msft_User_WpdMtpDr_01_09_00.Wdf
[2013/04/08 21:36:28 | 000,002,123 | ---- | C] () -- C:\Users\Mark\Desktop\MP Navigator EX 4.1.lnk
[2013/04/08 20:33:28 | 001,762,019 | ---- | C] () -- C:\Windows\SysNative\drivers\N360x64\1403010.016\Cat.DB
[2013/04/08 20:33:28 | 000,014,818 | ---- | C] () -- C:\Windows\SysNative\drivers\N360x64\1403010.016\VT20130115.021
[2013/04/08 20:33:28 | 000,002,319 | ---- | C] () -- C:\Users\Public\Desktop\Norton 360.lnk
[2013/04/08 16:32:45 | 000,009,670 | R--- | C] () -- C:\Windows\SysNative\drivers\N360x64\1403010.016\symelam64.cat
[2013/04/08 16:32:45 | 000,007,611 | ---- | C] () -- C:\Windows\SysNative\drivers\N360x64\1403010.016\ccsetx64.cat
[2013/04/08 16:32:45 | 000,007,601 | ---- | C] () -- C:\Windows\SysNative\drivers\N360x64\1403010.016\symnet64.cat
[2013/04/08 16:32:45 | 000,007,593 | ---- | C] () -- C:\Windows\SysNative\drivers\N360x64\1403010.016\iron.cat
[2013/04/08 16:32:45 | 000,007,589 | ---- | C] () -- C:\Windows\SysNative\drivers\N360x64\1403010.016\srtspx64.cat
[2013/04/08 16:32:45 | 000,007,587 | ---- | C] () -- C:\Windows\SysNative\drivers\N360x64\1403010.016\symefa64.cat
[2013/04/08 16:32:45 | 000,007,585 | ---- | C] () -- C:\Windows\SysNative\drivers\N360x64\1403010.016\srtsp64.cat
[2013/04/08 16:32:45 | 000,007,581 | ---- | C] () -- C:\Windows\SysNative\drivers\N360x64\1403010.016\symds64.cat
[2013/04/08 16:32:45 | 000,003,434 | ---- | C] () -- C:\Windows\SysNative\drivers\N360x64\1403010.016\symefa.inf
[2013/04/08 16:32:45 | 000,002,852 | ---- | C] () -- C:\Windows\SysNative\drivers\N360x64\1403010.016\symds.inf
[2013/04/08 16:32:45 | 000,001,440 | ---- | C] () -- C:\Windows\SysNative\drivers\N360x64\1403010.016\symnet.inf
[2013/04/08 16:32:45 | 000,001,438 | ---- | C] () -- C:\Windows\SysNative\drivers\N360x64\1403010.016\srtsp64.inf
[2013/04/08 16:32:45 | 000,001,420 | ---- | C] () -- C:\Windows\SysNative\drivers\N360x64\1403010.016\srtspx64.inf
[2013/04/08 16:32:45 | 000,000,996 | R--- | C] () -- C:\Windows\SysNative\drivers\N360x64\1403010.016\symelam.inf
[2013/04/08 16:32:45 | 000,000,853 | ---- | C] () -- C:\Windows\SysNative\drivers\N360x64\1403010.016\ccsetx64.inf
[2013/04/08 16:32:45 | 000,000,767 | ---- | C] () -- C:\Windows\SysNative\drivers\N360x64\1403010.016\iron.inf
[2013/04/08 16:32:37 | 000,014,818 | ---- | C] () -- C:\Windows\SysNative\drivers\N360x64\1403010.016\symvtcer.dat
[2013/04/08 16:32:37 | 000,000,172 | ---- | C] () -- C:\Windows\SysNative\drivers\N360x64\1403010.016\isolate.ini
[2013/04/07 19:03:10 | 000,002,157 | ---- | C] () -- C:\Users\Mark\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Microsoft SkyDrive.lnk
[2013/04/07 15:30:21 | 000,002,441 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader XI.lnk
[2013/04/07 15:30:21 | 000,002,019 | ---- | C] () -- C:\Users\Public\Desktop\Adobe Reader XI.lnk
[2013/04/07 12:47:38 | 000,000,319 | ---- | C] () -- C:\ProgramData\Microsoft.SqlServer.Compact.400.32.bc
[2013/04/07 12:47:35 | 000,002,515 | ---- | C] () -- C:\Users\Public\Desktop\TurboTax 2012.lnk
[2013/04/04 13:19:22 | 000,000,830 | ---- | C] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2013/03/28 08:30:52 | 000,002,283 | ---- | C] () -- C:\Users\Mark\Application Data\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk
[2013/03/28 08:30:52 | 000,002,183 | ---- | C] () -- C:\Users\Public\Desktop\Google Chrome.lnk
[2013/03/28 08:30:17 | 000,000,894 | ---- | C] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2013/03/28 08:30:17 | 000,000,890 | ---- | C] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2013/03/27 22:50:33 | 000,001,026 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\HyperSnap 7.lnk
[2013/03/27 22:50:33 | 000,001,008 | ---- | C] () -- C:\Users\Public\Desktop\HyperSnap 7.lnk
[2013/03/27 22:30:44 | 000,002,519 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Apple Software Update.lnk
[2013/03/27 21:52:06 | 000,208,384 | ---- | C] () -- C:\Users\Mark\Documents\My Wallet.wlt
[2013/03/27 21:44:32 | 000,001,168 | ---- | C] () -- C:\Users\Mark\Desktop\eWallet.lnk
[2013/03/27 21:29:47 | 000,095,744 | ---- | C] () -- C:\Windows\SysNative\RDVGHelper.exe
[2013/03/27 21:29:40 | 000,347,904 | ---- | C] () -- C:\Windows\SysNative\systemsf.ebd
[2013/03/27 21:29:10 | 000,010,429 | ---- | C] () -- C:\Windows\SysNative\ScavengeSpace.xml
[2013/03/27 21:29:07 | 000,105,559 | ---- | C] () -- C:\Windows\SysWow64\RacRules.xml
[2013/03/27 21:29:07 | 000,105,559 | ---- | C] () -- C:\Windows\SysNative\RacRules.xml
[2013/03/27 21:29:00 | 000,146,389 | ---- | C] () -- C:\Windows\SysWow64\printmanagement.msc
[2013/03/27 21:29:00 | 000,001,041 | ---- | C] () -- C:\Windows\SysWow64\tcpbidi.xml
[2013/03/26 20:57:12 | 000,001,814 | ---- | C] () -- C:\Users\Public\Desktop\Quicken Premier 2013.lnk
[2013/03/26 20:56:57 | 000,000,126 | ---- | C] () -- C:\Windows\QUICKEN.INI
[2013/03/25 21:32:32 | 000,015,872 | ---- | C] () -- C:\Windows\SysWow64\CNC1750D.TBL
[2013/03/25 21:32:32 | 000,015,872 | ---- | C] () -- C:\Windows\SysNative\CNC1750D.TBL
[2013/03/25 21:05:04 | 000,000,913 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\MozyHome Status.lnk
[2013/03/25 20:49:50 | 000,001,151 | ---- | C] () -- C:\Users\Public\Desktop\Mozilla Firefox.lnk
[2013/03/25 20:49:49 | 000,001,163 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
[2013/03/25 03:04:47 | 000,000,003 | ---- | C] () -- C:\Windows\SysNative\drivers\MsftWdf_Kernel_01011_Inbox_Critical.Wdf
[2013/03/25 03:02:46 | 000,000,003 | ---- | C] () -- C:\Windows\SysNative\drivers\MsftWdf_User_01_11_00_Inbox_Critical.Wdf
[2013/03/24 20:53:56 | 000,001,135 | ---- | C] () -- C:\Users\Mark\Application Data\Microsoft\Internet Explorer\Quick Launch\Microsoft Outlook.lnk
[2013/03/24 16:59:04 | 000,072,822 | ---- | C] () -- C:\Windows\SysWow64\ieuinit.inf
[2013/03/24 16:59:03 | 000,072,822 | ---- | C] () -- C:\Windows\SysNative\ieuinit.inf
[2013/03/24 16:30:09 | 000,007,466 | ---- | C] () -- C:\Windows\SysNative\drivers\SYMEVENT64x86.CAT
[2013/03/24 16:30:08 | 000,000,855 | ---- | C] () -- C:\Windows\SysNative\drivers\SYMEVENT64x86.INF
[2013/03/24 16:06:00 | 000,001,441 | ---- | C] () -- C:\Users\Mark\Application Data\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk
[2013/03/24 16:00:29 | 000,001,447 | ---- | C] () -- C:\Users\Mark\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
[2013/03/24 16:00:29 | 000,001,413 | ---- | C] () -- C:\Users\Mark\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer (64-bit).lnk
[2013/03/24 16:00:14 | 000,000,290 | ---- | C] () -- C:\Users\Mark\Application Data\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk
[2013/03/24 16:00:14 | 000,000,272 | ---- | C] () -- C:\Users\Mark\Application Data\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk
[2013/03/24 15:49:29 | 000,001,345 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Media Center.lnk
[2013/03/24 15:49:27 | 000,001,326 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows DVD Maker.lnk
[2013/03/24 15:47:00 | 000,000,000 | -H-- | C] () -- C:\Windows\SysNative\drivers\Msft_User_WpdFs_01_09_00.Wdf
[2013/03/24 15:46:32 | 2146,885,631 | -HS- | C] () -- C:\hiberfil.sys
[2012/01/18 06:44:00 | 010,920,984 | ---- | C] () -- C:\Windows\SysWow64\LogiDPP.dll
[2012/01/18 06:44:00 | 000,336,408 | ---- | C] () -- C:\Windows\SysWow64\DevManagerCore.dll
[2012/01/18 06:44:00 | 000,104,472 | ---- | C] () -- C:\Windows\SysWow64\LogiDPPApp.exe
========== ZeroAccess Check ==========
[2009/07/13 21:55:00 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini
[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
"" = C:\Windows\SysNative\shell32.dll -- [2012/06/08 22:43:10 | 014,172,672 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2012/06/08 21:41:00 | 012,873,728 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\fastprox.dll -- [2009/07/13 18:40:51 | 000,909,312 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2010/11/20 05:19:02 | 000,606,208 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\wbemess.dll -- [2009/07/13 18:41:56 | 000,505,856 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
========== LOP Check ==========
[2013/04/08 21:36:44 | 000,000,000 | ---D | M] -- C:\Users\Mark\AppData\Roaming\Canon
[2013/03/27 23:19:00 | 000,000,000 | ---D | M] -- C:\Users\Mark\AppData\Roaming\Hyperionics
[2013/03/27 21:44:30 | 000,000,000 | ---D | M] -- C:\Users\Mark\AppData\Roaming\Ilium Software
[2013/04/12 21:01:28 | 000,000,000 | ---D | M] -- C:\Users\Mark\AppData\Roaming\QuickScan
========== Purity Check ==========
< End of report >