I had to save it to my computer, then transfer it using a usb. I did put it on the infected computers desktop and ran it from there. As soon as the log spits out I will send it to you.
Where are you located?
Moneypack Virus [Closed]
Started by
mewsick75
, Oct 08 2013 07:47 AM
-
This topic is locked
#31
Posted 13 October 2013 - 10:06 AM
mewsick75
- Topic Starter
-
- Member
-
- 292 posts
Member
I had to save it to my computer, then transfer it using a usb. I did put it on the infected computers desktop and ran it from there. As soon as the log spits out I will send it to you.
Where are you located?
#32
Posted 13 October 2013 - 10:20 AM
Essexboy
-
- Retired Staff
-
- 69,964 posts
GeekU Moderator
I be in Darkest Cornwall 
OK that figures as the reparse points were still running .. My fault
Should have used FRST to fix that prior to Combofix
OK that figures as the reparse points were still running .. My fault
Should have used FRST to fix that prior to Combofix
#33
Posted 13 October 2013 - 10:30 AM
mewsick75
- Topic Starter
-
- Member
-
- 292 posts
Member
ComboFix 13-10-13.01 - Sean 10/13/2013 12:03:00.1.2 - x86
Running from: c:\users\Sean\Desktop\ComboFix.exe
* Created a new restore point
.
.
((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\users\Sean\AppData\Roaming\Adobe\plugs
c:\users\Sean\AppData\Roaming\Adobe\plugs\KB448738045.exe
c:\users\Sean\AppData\Roaming\Adobe\plugs\KB448738077.exe
c:\users\Sean\AppData\Roaming\Adobe\plugs\KB448738201.exe
c:\users\Sean\AppData\Roaming\Adobe\plugs\KB448739075.exe
c:\users\Sean\AppData\Roaming\Adobe\plugs\KB448739106.exe
c:\users\Sean\AppData\Roaming\Adobe\plugs\KB448739122.exe
c:\users\Sean\AppData\Roaming\Adobe\shed
.
Infected copy of c:\windows\System32\autochk.exe was found and disinfected
Restored copy from - c:\windows\SoftwareDistribution\Download\cde11068f5b77b180111333ef9781925\x86_microsoft-windows-autochk_31bf3856ad364e35_6.0.6002.18005_none_e3df6655bee2ee3b\autochk.exe
.
.
((((((((((((((((((((((((( Files Created from 2013-09-13 to 2013-10-13 )))))))))))))))))))))))))))))))
.
.
2013-10-13 21:07 . 2013-10-13 21:07 -------- d-----w- C:\found.000
2013-10-13 16:08 . 2013-10-13 16:08 -------- d-----w- c:\users\Default\AppData\Local\temp
2013-10-13 15:57 . 2013-10-13 16:09 69792 ----a-w- c:\windows\system32\rpcnet.dll
2013-10-13 15:57 . 2013-10-13 15:57 69792 ------w- c:\windows\system32\rpcnet.exe
2013-10-13 02:01 . 2013-10-13 21:25 17920 ----a-w- c:\windows\system32\rpcnetp.dll
2013-10-13 02:01 . 2013-10-13 16:09 17920 ----a-w- c:\windows\system32\rpcnetp.exe
2013-10-11 16:29 . 2013-10-11 16:29 -------- d-----w- C:\_OTL
2013-10-11 16:29 . 2011-07-13 02:55 2237440 ----a-r- C:\OTLPE.exe
2013-10-10 19:57 . 2013-10-10 19:57 -------- d-----w- C:\FRST
2013-10-01 16:50 . 2009-11-03 00:51 9728 ----a-w- c:\windows\system32\wceprv.dll
2013-10-01 16:49 . 2013-05-10 16:39 39936 ----a-w- c:\windows\system32\identprv.dll
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2008-01-21 1233920]
"Aim"="c:\program files\AIM\aim.exe" [2011-01-05 4321112]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Apoint"="c:\program files\DellTPad\Apoint.exe" [2009-03-31 217088]
"SysTrayApp"="c:\program files\IDT\WDM\sttray.exe" [2009-03-31 483420]
"Broadcom Wireless Manager UI"="c:\windows\system32\WLTRAY.exe" [2008-12-11 3563520]
"dscactivate"="c:\program files\Dell Support Center\gs_agent\custom\dsca.exe" [2008-03-11 16384]
"Adobe Acrobat Speed Launcher"="c:\program files\Adobe\Acrobat 9.0\Acrobat\Acrobat_sl.exe" [2008-06-12 37232]
"Acrobat Assistant 8.0"="c:\program files\Adobe\Acrobat 9.0\Acrobat\Acrotray.exe" [2008-06-12 640376]
"Microsoft Default Manager"="c:\program files\Microsoft\Search Enhancement Pack\Default Manager\DefMgr.exe" [2009-04-24 250192]
"PDVDDXSrv"="c:\program files\CyberLink\PowerDVD DX\PDVDDXSrv.exe" [2009-02-05 128232]
"SSBkgdUpdate"="c:\program files\Common Files\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe" [2003-10-14 155648]
"PaperPort PTD"="c:\program files\ScanSoft\PaperPort\pptd40nt.exe" [2004-04-14 57393]
"IndexSearch"="c:\program files\ScanSoft\PaperPort\IndexSearch.exe" [2004-04-14 40960]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2010-08-26 136216]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2010-08-26 171032]
"Persistence"="c:\windows\system32\igfxpers.exe" [2010-08-26 170520]
"APSDaemon"="c:\program files\Common Files\Apple\Apple Application Support\APSDaemon.exe" [2012-02-21 59240]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
"mixer"=wdmaud.drv
.
S2 AESTFilters;Andrea ST Filters Service;c:\windows\System32\DriverStore\FileRepository\stwrt.inf_ec3a90dd\aestsrv.exe [2009-03-31 81920]
.
.
--- Other Services/Drivers In Memory ---
.
*NewlyCreated* - IPNAT
*NewlyCreated* - WS2IFSL
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
LocalServiceNoNetwork REG_MULTI_SZ PLA DPS BFE mpssvc
.
Contents of the 'Scheduled Tasks' folder
.
2013-10-13 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files\Google\Update\GoogleUpdate.exe [2011-03-23 22:38]
.
2013-10-13 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files\Google\Update\GoogleUpdate.exe [2011-03-23 22:38]
.
2011-06-18 c:\windows\Tasks\User_Feed_Synchronization-{0EA9F565-5B91-44F2-B6C6-C32AD86F97C1}.job
- c:\windows\system32\msfeedssync.exe [2008-01-21 02:34]
.
.
------- Supplementary Scan -------
.
uStart Page = hxxp://google.com/
uInternet Settings,ProxyOverride = *.local
IE: Append Link Target to Existing PDF - c:\program files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppendSelLinks.html
IE: Append to Existing PDF - c:\program files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppend.html
IE: Convert Link Target to Adobe PDF - c:\program files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECaptureSelLinks.html
IE: Convert to Adobe PDF - c:\program files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECapture.html
IE: E&xport to Microsoft Excel - c:\progra~1\MICROS~2\Office12\EXCEL.EXE/3000
TCP: DhcpNameServer = 192.168.1.1
.
- - - - ORPHANS REMOVED - - - -
.
SafeBoot-Wdf01000.sys
.
.
.
**************************************************************************
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2013-10-13 12:10
Windows 6.0.6001 Service Pack 1 NTFS
.
scanning hidden processes ...
.
scanning hidden autostart entries ...
.
scanning hidden files ...
.
scan completed successfully
hidden files: 0
.
**************************************************************************
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet003\Services\N360]
"ImagePath"="\"c:\program files\Norton 360\Engine\20.4.0.40\ccSvcHst.exe\" /s \"N360\" /m \"c:\program files\Norton 360\Engine\20.4.0.40\diMaster.dll\" /prefetch:1"
.
------------------------ Other Running Processes ------------------------
.
c:\windows\System32\DriverStore\FileRepository\stwrt.inf_ec3a90dd\STacSV.exe
c:\windows\System32\WLTRYSVC.EXE
c:\windows\system32\WLANExt.exe
c:\windows\System32\bcmwltry.exe
c:\program files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
c:\program files\Microsoft\BingBar\BBSvc.EXE
c:\program files\Microsoft\BingBar\SeaPort.EXE
c:\program files\Bonjour\mDNSResponder.exe
c:\program files\Norton 360\Engine\20.4.0.40\ccSvcHst.exe
c:\windows\system32\DRIVERS\o2flash.exe
c:\windows\system32\rpcnet.exe
c:\windows\system32\WUDFHost.exe
c:\program files\Norton 360\Engine\20.4.0.40\ccSvcHst.exe
c:\program files\Adobe\Acrobat 9.0\Acrobat\AcroDist.exe
c:\program files\DellTPad\ApMsgFwd.exe
c:\windows\system32\igfxsrvc.exe
c:\program files\DellTPad\Apntex.exe
c:\program files\DellTPad\HidFind.exe
c:\windows\system32\DllHost.exe
.
**************************************************************************
.
Completion time: 2013-10-13 12:14:16 - machine was rebooted
ComboFix-quarantined-files.txt 2013-10-13 16:14
.
Pre-Run: 221,641,895,936 bytes free
Post-Run: 221,483,634,688 bytes free
.
- - End Of File - - CC44FA9D755D6AF5D2737BA47876A09B
CDB4DE4BBD714F152979DA2DCBEF57EB
Running from: c:\users\Sean\Desktop\ComboFix.exe
* Created a new restore point
.
.
((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\users\Sean\AppData\Roaming\Adobe\plugs
c:\users\Sean\AppData\Roaming\Adobe\plugs\KB448738045.exe
c:\users\Sean\AppData\Roaming\Adobe\plugs\KB448738077.exe
c:\users\Sean\AppData\Roaming\Adobe\plugs\KB448738201.exe
c:\users\Sean\AppData\Roaming\Adobe\plugs\KB448739075.exe
c:\users\Sean\AppData\Roaming\Adobe\plugs\KB448739106.exe
c:\users\Sean\AppData\Roaming\Adobe\plugs\KB448739122.exe
c:\users\Sean\AppData\Roaming\Adobe\shed
.
Infected copy of c:\windows\System32\autochk.exe was found and disinfected
Restored copy from - c:\windows\SoftwareDistribution\Download\cde11068f5b77b180111333ef9781925\x86_microsoft-windows-autochk_31bf3856ad364e35_6.0.6002.18005_none_e3df6655bee2ee3b\autochk.exe
.
.
((((((((((((((((((((((((( Files Created from 2013-09-13 to 2013-10-13 )))))))))))))))))))))))))))))))
.
.
2013-10-13 21:07 . 2013-10-13 21:07 -------- d-----w- C:\found.000
2013-10-13 16:08 . 2013-10-13 16:08 -------- d-----w- c:\users\Default\AppData\Local\temp
2013-10-13 15:57 . 2013-10-13 16:09 69792 ----a-w- c:\windows\system32\rpcnet.dll
2013-10-13 15:57 . 2013-10-13 15:57 69792 ------w- c:\windows\system32\rpcnet.exe
2013-10-13 02:01 . 2013-10-13 21:25 17920 ----a-w- c:\windows\system32\rpcnetp.dll
2013-10-13 02:01 . 2013-10-13 16:09 17920 ----a-w- c:\windows\system32\rpcnetp.exe
2013-10-11 16:29 . 2013-10-11 16:29 -------- d-----w- C:\_OTL
2013-10-11 16:29 . 2011-07-13 02:55 2237440 ----a-r- C:\OTLPE.exe
2013-10-10 19:57 . 2013-10-10 19:57 -------- d-----w- C:\FRST
2013-10-01 16:50 . 2009-11-03 00:51 9728 ----a-w- c:\windows\system32\wceprv.dll
2013-10-01 16:49 . 2013-05-10 16:39 39936 ----a-w- c:\windows\system32\identprv.dll
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2008-01-21 1233920]
"Aim"="c:\program files\AIM\aim.exe" [2011-01-05 4321112]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Apoint"="c:\program files\DellTPad\Apoint.exe" [2009-03-31 217088]
"SysTrayApp"="c:\program files\IDT\WDM\sttray.exe" [2009-03-31 483420]
"Broadcom Wireless Manager UI"="c:\windows\system32\WLTRAY.exe" [2008-12-11 3563520]
"dscactivate"="c:\program files\Dell Support Center\gs_agent\custom\dsca.exe" [2008-03-11 16384]
"Adobe Acrobat Speed Launcher"="c:\program files\Adobe\Acrobat 9.0\Acrobat\Acrobat_sl.exe" [2008-06-12 37232]
"Acrobat Assistant 8.0"="c:\program files\Adobe\Acrobat 9.0\Acrobat\Acrotray.exe" [2008-06-12 640376]
"Microsoft Default Manager"="c:\program files\Microsoft\Search Enhancement Pack\Default Manager\DefMgr.exe" [2009-04-24 250192]
"PDVDDXSrv"="c:\program files\CyberLink\PowerDVD DX\PDVDDXSrv.exe" [2009-02-05 128232]
"SSBkgdUpdate"="c:\program files\Common Files\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe" [2003-10-14 155648]
"PaperPort PTD"="c:\program files\ScanSoft\PaperPort\pptd40nt.exe" [2004-04-14 57393]
"IndexSearch"="c:\program files\ScanSoft\PaperPort\IndexSearch.exe" [2004-04-14 40960]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2010-08-26 136216]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2010-08-26 171032]
"Persistence"="c:\windows\system32\igfxpers.exe" [2010-08-26 170520]
"APSDaemon"="c:\program files\Common Files\Apple\Apple Application Support\APSDaemon.exe" [2012-02-21 59240]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
"mixer"=wdmaud.drv
.
S2 AESTFilters;Andrea ST Filters Service;c:\windows\System32\DriverStore\FileRepository\stwrt.inf_ec3a90dd\aestsrv.exe [2009-03-31 81920]
.
.
--- Other Services/Drivers In Memory ---
.
*NewlyCreated* - IPNAT
*NewlyCreated* - WS2IFSL
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
LocalServiceNoNetwork REG_MULTI_SZ PLA DPS BFE mpssvc
.
Contents of the 'Scheduled Tasks' folder
.
2013-10-13 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files\Google\Update\GoogleUpdate.exe [2011-03-23 22:38]
.
2013-10-13 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files\Google\Update\GoogleUpdate.exe [2011-03-23 22:38]
.
2011-06-18 c:\windows\Tasks\User_Feed_Synchronization-{0EA9F565-5B91-44F2-B6C6-C32AD86F97C1}.job
- c:\windows\system32\msfeedssync.exe [2008-01-21 02:34]
.
.
------- Supplementary Scan -------
.
uStart Page = hxxp://google.com/
uInternet Settings,ProxyOverride = *.local
IE: Append Link Target to Existing PDF - c:\program files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppendSelLinks.html
IE: Append to Existing PDF - c:\program files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppend.html
IE: Convert Link Target to Adobe PDF - c:\program files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECaptureSelLinks.html
IE: Convert to Adobe PDF - c:\program files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECapture.html
IE: E&xport to Microsoft Excel - c:\progra~1\MICROS~2\Office12\EXCEL.EXE/3000
TCP: DhcpNameServer = 192.168.1.1
.
- - - - ORPHANS REMOVED - - - -
.
SafeBoot-Wdf01000.sys
.
.
.
**************************************************************************
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2013-10-13 12:10
Windows 6.0.6001 Service Pack 1 NTFS
.
scanning hidden processes ...
.
scanning hidden autostart entries ...
.
scanning hidden files ...
.
scan completed successfully
hidden files: 0
.
**************************************************************************
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet003\Services\N360]
"ImagePath"="\"c:\program files\Norton 360\Engine\20.4.0.40\ccSvcHst.exe\" /s \"N360\" /m \"c:\program files\Norton 360\Engine\20.4.0.40\diMaster.dll\" /prefetch:1"
.
------------------------ Other Running Processes ------------------------
.
c:\windows\System32\DriverStore\FileRepository\stwrt.inf_ec3a90dd\STacSV.exe
c:\windows\System32\WLTRYSVC.EXE
c:\windows\system32\WLANExt.exe
c:\windows\System32\bcmwltry.exe
c:\program files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
c:\program files\Microsoft\BingBar\BBSvc.EXE
c:\program files\Microsoft\BingBar\SeaPort.EXE
c:\program files\Bonjour\mDNSResponder.exe
c:\program files\Norton 360\Engine\20.4.0.40\ccSvcHst.exe
c:\windows\system32\DRIVERS\o2flash.exe
c:\windows\system32\rpcnet.exe
c:\windows\system32\WUDFHost.exe
c:\program files\Norton 360\Engine\20.4.0.40\ccSvcHst.exe
c:\program files\Adobe\Acrobat 9.0\Acrobat\AcroDist.exe
c:\program files\DellTPad\ApMsgFwd.exe
c:\windows\system32\igfxsrvc.exe
c:\program files\DellTPad\Apntex.exe
c:\program files\DellTPad\HidFind.exe
c:\windows\system32\DllHost.exe
.
**************************************************************************
.
Completion time: 2013-10-13 12:14:16 - machine was rebooted
ComboFix-quarantined-files.txt 2013-10-13 16:14
.
Pre-Run: 221,641,895,936 bytes free
Post-Run: 221,483,634,688 bytes free
.
- - End Of File - - CC44FA9D755D6AF5D2737BA47876A09B
CDB4DE4BBD714F152979DA2DCBEF57EB
#34
Posted 13 October 2013 - 10:33 AM
Essexboy
-
- Retired Staff
-
- 69,964 posts
GeekU Moderator
OK that's that fixed, now just an OTL scan to check for remnants. How is the computer behaving ?
Downloads should now work as normal
Download OTL to your Desktop
Secondary link
Downloads should now work as normal
Download OTL to your Desktop
Secondary link
- Double click on the icon to run it. Make sure all other windows are closed and to let it run uninterrupted.
- Select All Users
- Select LOP and Purity
- Under the Custom Scan box paste this in
netsvcs
BASESERVICES
%SYSTEMDRIVE%\*.exe
c:\program files (x86)\Google\Desktop
c:\program files\Google\Desktop
dir "%systemdrive%\*" /S /A:L /C
CREATERESTOREPOINT
- Click the Run Scan button. Do not change any settings unless otherwise told to do so. The scan wont take long.
- When the scan completes, it will open two notepad windows. OTL.Txt and Extras.Txt. These are saved in the same location as OTL.
- Attach both logs
#35
Posted 13 October 2013 - 11:17 AM
mewsick75
- Topic Starter
-
- Member
-
- 292 posts
Member
Downloads still arent working. Here are the posts.
Also, fyi - When i finally got onto the desktop and i connected to the Wifi in my house, it would connect to the network but I couldn't get on the internet. I have to go into the Network connections, right click on the network bridge and then click repair or diagnose and then Windows runs a scan and it works. Just was wondering if that had to do with the virus or that was another issue all together. I don't know if that was always an issue because this is my friends computer.
OTL logfile created on: 10/13/2013 12:53:18 PM - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Sean\Desktop
Windows Vista Home Basic Edition Service Pack 1 (Version = 6.0.6001) - Type = NTWorkstation
Internet Explorer (Version = 7.0.6001.18000)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy
2.96 Gb Total Physical Memory | 1.64 Gb Available Physical Memory | 55.36% Memory free
6.13 Gb Paging File | 4.95 Gb Available in Paging File | 80.69% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 283.40 Gb Total Space | 206.26 Gb Free Space | 72.78% Space Free | Partition Type: NTFS
Drive D: | 14.65 Gb Total Space | 9.12 Gb Free Space | 62.28% Space Free | Partition Type: NTFS
Drive F: | 7.44 Gb Total Space | 7.43 Gb Free Space | 99.93% Space Free | Partition Type: FAT32
Computer Name: SEAN-PC | User Name: Sean | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
========== Processes (SafeList) ==========
PRC - [2013/10/13 12:50:48 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Sean\Desktop\OTL.exe
PRC - [2013/10/13 11:57:18 | 000,069,792 | ---- | M] (Absolute Software Corp.) -- C:\Windows\System32\rpcnet.exe
PRC - [2013/06/24 01:52:17 | 000,308,816 | ---- | M] (Google Inc.) -- C:\Program Files\Google\Google Toolbar\GoogleToolbarUser_32.exe
PRC - [2013/05/21 00:44:22 | 000,144,368 | R--- | M] (Symantec Corporation) -- C:\Program Files\Norton 360\Engine\20.4.0.40\ccsvchst.exe
PRC - [2011/10/13 18:21:52 | 000,249,648 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft\BingBar\SeaPort.EXE
PRC - [2011/01/05 13:11:04 | 004,321,112 | ---- | M] (AOL Inc.) -- C:\Program Files\AIM\aim.exe
PRC - [2009/04/11 15:16:16 | 002,927,104 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe
PRC - [2009/03/31 10:28:10 | 000,483,420 | ---- | M] (IDT, Inc.) -- C:\Program Files\IDT\WDM\sttray.exe
PRC - [2009/03/31 10:28:00 | 000,249,938 | ---- | M] (IDT, Inc.) -- C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_ec3a90dd\stacsv.exe
PRC - [2009/03/31 10:27:48 | 000,081,920 | ---- | M] (Andrea Electronics Corporation) -- C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_ec3a90dd\AEstSrv.exe
PRC - [2009/03/31 10:26:12 | 000,049,250 | ---- | M] (Alps Electric Co., Ltd.) -- C:\Program Files\DellTPad\hidfind.exe
PRC - [2009/03/31 10:25:54 | 000,217,088 | ---- | M] (Alps Electric Co., Ltd.) -- C:\Program Files\DellTPad\Apoint.exe
PRC - [2009/03/31 10:25:52 | 000,049,152 | ---- | M] (Alps Electric Co., Ltd.) -- C:\Program Files\DellTPad\ApntEx.exe
PRC - [2009/03/31 10:25:50 | 000,054,568 | ---- | M] (Alps Electric Co., Ltd.) -- C:\Program Files\DellTPad\ApMsgFwd.exe
PRC - [2009/02/04 22:26:38 | 000,128,232 | ---- | M] (CyberLink Corp.) -- C:\Program Files\CyberLink\PowerDVD DX\PDVDDXSrv.exe
PRC - [2009/01/07 23:55:00 | 000,072,224 | ---- | M] (O2Micro International) -- C:\Windows\System32\drivers\o2flash.exe
PRC - [2008/06/11 23:43:26 | 000,640,376 | ---- | M] (Adobe Systems Inc.) -- C:\Program Files\Adobe\Acrobat 9.0\Acrobat\acrotray.exe
========== Modules (No Company Name) ==========
MOD - [2012/05/30 10:51:08 | 000,699,280 | R--- | M] () -- C:\Program Files\Norton 360\Engine\20.4.0.40\wincfi39.dll
MOD - [2011/07/03 08:17:07 | 000,771,584 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Remo#\dee800943eedfcd6120a7b56f0887fb0\System.Runtime.Remoting.ni.dll
MOD - [2011/07/03 08:12:52 | 007,950,848 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System\a9288099fbc6849c6c7523745b4f64f4\System.ni.dll
MOD - [2011/07/03 08:12:23 | 011,492,352 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\a189480a53deaaf80a820de30553259b\mscorlib.ni.dll
MOD - [2011/01/05 13:06:43 | 000,176,128 | ---- | M] () -- C:\Program Files\AIM\nssckbi.dll
MOD - [2008/12/11 13:47:34 | 000,055,808 | ---- | M] () -- C:\Windows\System32\bcmwlrmt.dll
========== Services (SafeList) ==========
SRV - [2013/10/13 11:57:18 | 000,069,792 | ---- | M] (Absolute Software Corp.) [Auto | Running] -- C:\Windows\System32\rpcnet.exe -- (rpcnet)
SRV - [2013/05/21 00:44:22 | 000,144,368 | R--- | M] (Symantec Corporation) [Auto | Running] -- C:\Program Files\Norton 360\Engine\20.4.0.40\ccSvcHst.exe -- (N360)
SRV - [2011/10/21 16:23:42 | 000,196,176 | ---- | M] (Microsoft Corporation.) [Auto | Stopped] -- C:\Program Files\Microsoft\BingBar\BBSvc.EXE -- (BBSvc)
SRV - [2011/10/13 18:21:52 | 000,249,648 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Microsoft\BingBar\SeaPort.EXE -- (BBUpdate)
SRV - [2009/10/16 13:15:55 | 000,651,720 | ---- | M] (Macrovision Europe Ltd.) [On_Demand | Stopped] -- C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe -- (FLEXnet Licensing Service)
SRV - [2009/03/31 10:28:00 | 000,249,938 | ---- | M] (IDT, Inc.) [Auto | Running] -- C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_ec3a90dd\stacsv.exe -- (STacSV)
SRV - [2009/03/31 10:27:48 | 000,081,920 | ---- | M] (Andrea Electronics Corporation) [Auto | Running] -- C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_ec3a90dd\AEstSrv.exe -- (AESTFilters)
SRV - [2009/01/07 23:55:00 | 000,072,224 | ---- | M] (O2Micro International) [Auto | Running] -- C:\Windows\System32\drivers\o2flash.exe -- (O2FLASH)
SRV - [2008/01/20 22:33:00 | 000,272,952 | ---- | M] () [On_Demand | Stopped] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
========== Driver Services (SafeList) ==========
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\nwlnkfwd.sys -- (NwlnkFwd)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\nwlnkflt.sys -- (NwlnkFlt)
DRV - File not found [Kernel | On_Demand | Unknown] -- C:\Users\Sean\AppData\Local\Temp\mbr.sys -- (mbr)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\ipinip.sys -- (IpInIp)
DRV - File not found [Kernel | On_Demand | Running] -- C:\ComboFix\catchme.sys -- (catchme)
DRV - [2013/10/13 11:49:52 | 000,392,792 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_20.3.1.22\Definitions\IPSDefs\20131011.001\IDSvix86.sys -- (IDSVix86)
DRV - [2013/09/24 00:37:15 | 001,097,304 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_20.3.1.22\Definitions\BASHDefs\20130924.001\BHDrvx86.sys -- (BHDrvx86)
DRV - [2013/09/21 11:29:17 | 001,612,376 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_20.3.1.22\Definitions\VirusDefs\20131012.006\NAVEX15.SYS -- (NAVEX15)
DRV - [2013/09/21 11:29:17 | 000,108,120 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Unknown] -- C:\Program Files\Common Files\Symantec Shared\EENGINE\EraserUtilDrv11311.sys -- (EraserUtilDrv11311)
DRV - [2013/09/21 11:29:17 | 000,093,272 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_20.3.1.22\Definitions\VirusDefs\20131012.006\NAVENG.SYS -- (NAVENG)
DRV - [2013/08/26 22:06:53 | 000,376,920 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Program Files\Common Files\Symantec Shared\EENGINE\eeCtrl.sys -- (eeCtrl)
DRV - [2013/06/17 17:47:40 | 000,142,496 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\SYMEVENT.SYS -- (SymEvent)
DRV - [2013/05/23 01:25:28 | 000,934,488 | ---- | M] (Symantec Corporation) [File_System | Boot | Running] -- C:\Windows\System32\drivers\N360\1404000.028\symefa.sys -- (SymEFA)
DRV - [2013/05/21 01:02:00 | 000,367,704 | ---- | M] (Symantec Corporation) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\N360\1404000.028\symds.sys -- (SymDS)
DRV - [2013/05/16 01:02:14 | 000,603,224 | ---- | M] (Symantec Corporation) [File_System | On_Demand | Running] -- C:\Windows\System32\drivers\N360\1404000.028\srtsp.sys -- (SRTSP)
DRV - [2013/04/24 20:43:56 | 000,352,344 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Windows\System32\drivers\N360\1404000.028\symtdiv.sys -- (SYMTDIv)
DRV - [2013/04/15 22:41:14 | 000,134,744 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Windows\System32\drivers\N360\1404000.028\ccsetx86.sys -- (ccSet_N360)
DRV - [2013/03/04 21:39:19 | 000,175,264 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Windows\System32\drivers\N360\1404000.028\ironx86.sys -- (SymIRON)
DRV - [2013/03/04 21:21:35 | 000,032,344 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Windows\System32\drivers\N360\1404000.028\srtspx.sys -- (SRTSPX)
DRV - [2010/07/12 14:49:18 | 000,060,104 | ---- | M] (FTDI Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ftdibus.sys -- (FTDIBUS)
DRV - [2009/03/31 10:28:14 | 000,394,240 | ---- | M] (IDT, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\stwrt.sys -- (STHDA)
DRV - [2009/03/31 10:25:48 | 000,196,144 | ---- | M] (Alps Electric Co., Ltd.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\Apfiltr.sys -- (ApfiltrService)
DRV - [2009/02/02 11:21:30 | 000,142,848 | ---- | M] (Realtek Corporation ) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\Rtlh86.sys -- (RTL8169)
DRV - [2009/01/07 23:55:00 | 000,051,616 | ---- | M] (O2Micro ) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\o2mdg.sys -- (O2MDGRDR)
DRV - [2009/01/07 23:55:00 | 000,041,760 | ---- | M] (O2Micro ) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\o2sdg.sys -- (O2SDGRDR)
DRV - [2008/12/11 13:47:16 | 000,018,424 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\bcm42rly.sys -- (BCM42RLY)
DRV - [2008/01/20 22:32:51 | 000,220,672 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\e1e6032.sys -- (e1express)
DRV - [2006/11/02 03:36:43 | 002,028,032 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\atikmdag.sys -- (R300)
========== Standard Registry (SafeList) ==========
========== Internet Explorer ==========
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm
IE - HKLM\..\SearchScopes,DefaultScope = {0B4A10D1-FBD6-451d-BFDA-F03252B05984}
IE - HKLM\..\SearchScopes\{0B4A10D1-FBD6-451d-BFDA-F03252B05984}: "URL" = http://slirsredirect...mrud=12-03-2011
IE - HKLM\..\SearchScopes\{7BB4B29D-CCC1-4EBD-82DC-E240EC8AAE53}: "URL" = http://search.live.c...ferrer:source?}
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-19\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = http://search.msn.com/spbasic.htm
IE - HKU\S-1-5-19\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://securityrespo...er/fix_homepage
IE - HKU\S-1-5-20\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = http://search.msn.com/spbasic.htm
IE - HKU\S-1-5-20\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://securityrespo...er/fix_homepage
IE - HKU\S-1-5-21-1123020354-2309276913-2768379519-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://google.com/
IE - HKU\S-1-5-21-1123020354-2309276913-2768379519-1000\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 2
IE - HKU\S-1-5-21-1123020354-2309276913-2768379519-1000\..\SearchScopes,DefaultScope = {7BB4B29D-CCC1-4EBD-82DC-E240EC8AAE53}
IE - HKU\S-1-5-21-1123020354-2309276913-2768379519-1000\..\SearchScopes\{549f497d-56b5-4723-8345-1091121b1034}: "URL" = http://slirsredirect...mrud=12-03-2011
IE - HKU\S-1-5-21-1123020354-2309276913-2768379519-1000\..\SearchScopes\{7BB4B29D-CCC1-4EBD-82DC-E240EC8AAE53}: "URL" = http://search.live.c...ferrer:source?}
IE - HKU\S-1-5-21-1123020354-2309276913-2768379519-1000\..\SearchScopes\{AFBCB7E0-F91A-4951-9F31-58FEE57A25C4}: "URL" = http://nortonsafe.se...ct=sb&qsrc=2869
IE - HKU\S-1-5-21-1123020354-2309276913-2768379519-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-1123020354-2309276913-2768379519-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local
========== FireFox ==========
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\5.1.20513.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=14.0.8051.1204: C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.21.153\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.21.153\npGoogleUpdate3.dll (Google Inc.)
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{2D3F3651-74B9-4795-BDEC-6DA2F431CB62}: C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_20.3.1.22\coFFPlgn\ [2013/10/13 12:12:32 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{BBDA0591-3099-440a-AA10-41764D9DB4DB}: C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_20.3.1.22\IPSFF [2013/10/13 11:50:04 | 000,000,000 | ---D | M]
O1 HOSTS File: ([2013/10/13 12:09:38 | 000,000,027 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - No CLSID value found.
O2 - BHO: (Norton Identity Protection) - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files\Norton 360\Engine\20.4.0.40\coieplg.dll (Symantec Corporation)
O2 - BHO: (Norton Vulnerability Protection) - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files\Norton 360\Engine\20.4.0.40\ips\ipsbho.dll (Symantec Corporation)
O2 - BHO: (Adobe PDF Conversion Toolbar Helper) - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O2 - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.7.8313.1002\swg.dll (Google Inc.)
O2 - BHO: (Bing Bar Helper) - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files\Microsoft\BingBar\BingExt.dll (Microsoft Corporation.)
O2 - BHO: (SmartSelect Class) - {F4971EE7-DAA0-4053-9964-665D8EE6A077} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O3 - HKLM\..\Toolbar: (Adobe PDF) - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O3 - HKLM\..\Toolbar: (Norton Toolbar) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files\Norton 360\Engine\20.4.0.40\coieplg.dll (Symantec Corporation)
O3 - HKLM\..\Toolbar: (Bing Bar) - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files\Microsoft\BingBar\BingExt.dll (Microsoft Corporation.)
O3 - HKU\S-1-5-21-1123020354-2309276913-2768379519-1000\..\Toolbar\WebBrowser: (no name) - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - No CLSID value found.
O3 - HKU\S-1-5-21-1123020354-2309276913-2768379519-1000\..\Toolbar\WebBrowser: (Adobe PDF) - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O3 - HKU\S-1-5-21-1123020354-2309276913-2768379519-1000\..\Toolbar\WebBrowser: (Norton Toolbar) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files\Norton 360\Engine\20.4.0.40\coieplg.dll (Symantec Corporation)
O4 - HKLM..\Run: [Acrobat Assistant 8.0] C:\Program Files\Adobe\Acrobat 9.0\Acrobat\Acrotray.exe (Adobe Systems Inc.)
O4 - HKLM..\Run: [Adobe Acrobat Speed Launcher] C:\Program Files\Adobe\Acrobat 9.0\Acrobat\Acrobat_sl.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [Apoint] C:\Program Files\DellTPad\Apoint.exe (Alps Electric Co., Ltd.)
O4 - HKLM..\Run: [APSDaemon] C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.)
O4 - HKLM..\Run: [dscactivate] C:\Program Files\Dell Support Center\gs_agent\custom\dsca.exe ( )
O4 - HKLM..\Run: [PDVDDXSrv] C:\Program Files\CyberLink\PowerDVD DX\PDVDDXSrv.exe (CyberLink Corp.)
O4 - HKLM..\Run: [SysTrayApp] C:\Program Files\IDT\WDM\sttray.exe (IDT, Inc.)
O4 - HKU\S-1-5-21-1123020354-2309276913-2768379519-1000..\Run: [Aim] C:\Program Files\AIM\aim.exe (AOL Inc.)
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O7 - HKU\.DEFAULT\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-18\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-19\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-20\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-21-1123020354-2309276913-2768379519-1000\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-21-1123020354-2309276913-2768379519-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O8 - Extra context menu item: Append Link Target to Existing PDF - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Append to Existing PDF - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Convert Link Target to Adobe PDF - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Convert to Adobe PDF - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_13)
O16 - DPF: {CAFEEFAC-0016-0000-0013-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_13)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_13)
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.ad...Plus/1.6/gp.cab (Reg Error: Key error.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{6B75D1F8-6044-44A4-AA40-8432D2BFB747}: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{E0324D21-4CAA-40E0-A2E8-C5BEEF355272}: DhcpNameServer = 207.14.188.36 71.2.28.14
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\System32\userinit.exe (Microsoft Corporation)
O24 - Desktop WallPaper: C:\Windows\Web\Wallpaper\dellwall1.jpg
O24 - Desktop BackupWallPaper: C:\Windows\Web\Wallpaper\dellwall1.jpg
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2006/09/18 17:43:36 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = ComFile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
NetSvcs: FastUserSwitchingCompatibility - File not found
NetSvcs: Ias - C:\Windows\System32\ias.dll (Microsoft Corporation)
NetSvcs: Nla - File not found
NetSvcs: Ntmssvc - File not found
NetSvcs: NWCWorkstation - File not found
NetSvcs: Nwsapagent - File not found
NetSvcs: SRService - File not found
NetSvcs: WmdmPmSp - File not found
NetSvcs: LogonHours - File not found
NetSvcs: PCAudit - File not found
NetSvcs: helpsvc - File not found
NetSvcs: uploadmgr - File not found
CREATERESTOREPOINT
System Restore Service not available.
========== Files/Folders - Created Within 30 Days ==========
[2013/10/13 17:07:27 | 000,000,000 | ---D | C] -- C:\found.000
[2013/10/13 12:51:33 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Users\Sean\Desktop\OTL.exe
[2013/10/13 12:09:40 | 000,000,000 | ---D | C] -- C:\$RECYCLE.BIN
[2013/10/13 12:08:11 | 000,000,000 | ---D | C] -- C:\Windows\temp
[2013/10/13 12:01:46 | 000,518,144 | ---- | C] (SteelWerX) -- C:\Windows\SWREG.exe
[2013/10/13 12:01:46 | 000,406,528 | ---- | C] (SteelWerX) -- C:\Windows\SWSC.exe
[2013/10/13 12:01:46 | 000,060,416 | ---- | C] (NirSoft) -- C:\Windows\NIRCMD.exe
[2013/10/13 12:01:41 | 000,000,000 | ---D | C] -- C:\ComboFix
[2013/10/13 12:01:37 | 000,000,000 | ---D | C] -- C:\Qoobox
[2013/10/13 12:01:17 | 000,000,000 | ---D | C] -- C:\Windows\erdnt
[2013/10/13 12:00:49 | 005,132,083 | R--- | C] (Swearware) -- C:\Users\Sean\Desktop\ComboFix.exe
[2013/10/13 11:57:25 | 000,069,792 | ---- | C] (Absolute Software Corp.) -- C:\Windows\System32\rpcnet.exe
[2013/10/13 11:57:25 | 000,069,792 | ---- | C] (Absolute Software Corp.) -- C:\Windows\System32\rpcnet.dll
[2013/10/11 12:29:36 | 002,237,440 | R--- | C] (OldTimer Tools) -- C:\OTLPE.exe
[2013/10/11 12:29:36 | 000,000,000 | ---D | C] -- C:\_OTL
[2013/10/10 15:57:15 | 000,000,000 | ---D | C] -- C:\FRST
[2013/10/01 12:50:34 | 000,009,728 | ---- | C] (Absolute Software Corp.) -- C:\Windows\System32\wceprv.dll
[2013/10/01 12:49:40 | 000,039,936 | ---- | C] (Absolute Software Corporation) -- C:\Windows\System32\identprv.dll
========== Files - Modified Within 30 Days ==========
[2013/10/13 17:25:55 | 000,017,920 | ---- | M] () -- C:\Windows\System32\rpcnetp.dll
[2013/10/13 17:04:54 | 000,007,052 | ---- | M] () -- C:\Users\Sean\AppData\Local\d3d9caps.dat
[2013/10/13 13:03:02 | 000,000,882 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2013/10/13 12:50:48 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Sean\Desktop\OTL.exe
[2013/10/13 12:09:38 | 000,000,027 | ---- | M] () -- C:\Windows\System32\drivers\etc\hosts
[2013/10/13 12:09:31 | 000,000,878 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2013/10/13 12:09:29 | 000,017,920 | ---- | M] () -- C:\Windows\System32\rpcnetp.exe
[2013/10/13 12:09:27 | 000,069,792 | ---- | M] (Absolute Software Corp.) -- C:\Windows\System32\rpcnet.dll
[2013/10/13 12:09:23 | 000,003,616 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
[2013/10/13 12:09:23 | 000,003,616 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
[2013/10/13 12:09:19 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2013/10/13 12:09:17 | 3180,285,952 | -HS- | M] () -- C:\hiberfil.sys
[2013/10/13 11:59:06 | 005,132,083 | R--- | M] (Swearware) -- C:\Users\Sean\Desktop\ComboFix.exe
[2013/10/13 11:57:18 | 000,069,792 | ---- | M] (Absolute Software Corp.) -- C:\Windows\System32\rpcnet.exe
[2013/09/30 19:31:12 | 000,000,076 | ---- | M] () -- C:\Windows\System32\PDFWRITR.INI
[2013/09/30 19:31:12 | 000,000,076 | ---- | M] () -- C:\Windows\System32\__PDF.INI
========== Files Created - No Company Name ==========
[2013/10/13 12:01:46 | 000,256,000 | ---- | C] () -- C:\Windows\PEV.exe
[2013/10/13 12:01:46 | 000,208,896 | ---- | C] () -- C:\Windows\MBR.exe
[2013/10/13 12:01:46 | 000,098,816 | ---- | C] () -- C:\Windows\sed.exe
[2013/10/13 12:01:46 | 000,080,412 | ---- | C] () -- C:\Windows\grep.exe
[2013/10/13 12:01:46 | 000,068,096 | ---- | C] () -- C:\Windows\zip.exe
[2013/10/12 22:01:44 | 000,017,920 | ---- | C] () -- C:\Windows\System32\rpcnetp.dll
[2013/10/12 22:01:33 | 000,017,920 | ---- | C] () -- C:\Windows\System32\rpcnetp.exe
[2013/10/10 16:00:28 | 3180,285,952 | -HS- | C] () -- C:\hiberfil.sys
[2010/12/27 21:54:55 | 000,038,430 | ---- | C] () -- C:\Users\Sean\AppData\Roaming\Comma Separated Values (Windows).ADR
[2010/11/29 19:10:09 | 000,007,052 | ---- | C] () -- C:\Users\Sean\AppData\Local\d3d9caps.dat
[2010/02/15 19:14:07 | 000,004,608 | ---- | C] () -- C:\Users\Sean\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
========== ZeroAccess Check ==========
[2006/11/02 08:51:16 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini
[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2011/01/21 11:46:32 | 011,582,464 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2009/10/16 15:44:00 | 000,615,424 | ---- | M] (Microsoft Corporation)
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
"" = %systemroot%\system32\wbem\wbemess.dll -- [2008/01/20 22:33:39 | 000,347,648 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
========== LOP Check ==========
[2011/03/12 11:02:44 | 000,000,000 | ---D | M] -- C:\Users\Sean\AppData\Roaming\acccore
[2010/02/10 12:57:55 | 000,000,000 | ---D | M] -- C:\Users\Sean\AppData\Roaming\EServices
[2010/10/01 16:02:21 | 000,000,000 | ---D | M] -- C:\Users\Sean\AppData\Roaming\PC-FAX TX
========== Purity Check ==========
========== Custom Scans ==========
========== Base Services ==========
SRV - [2006/11/02 05:46:02 | 000,024,576 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\aelupsvc.dll -- (AeLookupSvc)
SRV - [2008/01/20 22:33:54 | 000,033,280 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\System32\appinfo.dll -- (Appinfo)
SRV - [2008/01/20 22:33:53 | 000,059,392 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\System32\alg.exe -- (ALG)
SRV - [2008/01/20 22:34:49 | 000,758,272 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\System32\qmgr.dll -- (BITS)
SRV - [2008/01/20 22:33:27 | 000,328,704 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\BFE.DLL -- (BFE)
SRV - [2009/06/15 08:57:59 | 000,009,728 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\System32\lsass.exe -- (KeyIso)
SRV - [2009/04/11 15:14:33 | 000,269,312 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\es.dll -- (EventSystem)
SRV - [2008/01/20 22:34:20 | 000,081,920 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\browser.dll -- (Browser)
SRV - [2008/01/20 22:34:19 | 000,128,000 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\cryptsvc.dll -- (CryptSvc)
SRV - [2009/10/16 15:44:01 | 000,551,424 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\rpcss.dll -- (DcomLaunch)
SRV - [2008/01/20 22:33:37 | 000,204,288 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\dhcpcsvc.dll -- (Dhcp)
SRV - [2011/03/02 10:49:43 | 000,086,528 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\dnsrslvr.dll -- (Dnscache)
SRV - [2008/01/20 22:34:51 | 000,057,344 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\System32\eapsvc.dll -- (EapHost)
SRV - [2009/04/11 15:22:07 | 000,026,112 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\hidserv.dll -- (hidserv)
SRV - [2008/01/20 22:33:46 | 000,288,256 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\ipnathlp.dll -- (SharedAccess)
SRV - [2009/04/11 15:12:50 | 000,361,984 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\IPSECSVC.DLL -- (PolicyAgent)
No service found with a name of MsMpSvc
No service found with a name of NisSrv
SRV - [2008/01/20 22:34:03 | 000,310,784 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\swprv.dll -- (swprv)
SRV - [2008/01/20 22:34:43 | 000,045,056 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\mmcss.dll -- (MMCSS)
SRV - [2008/01/20 22:33:50 | 000,274,432 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\System32\netman.dll -- (Netman)
SRV - [2008/01/20 22:34:04 | 000,237,056 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\netprofm.dll -- (netprofm)
SRV - [2008/01/20 22:33:15 | 000,168,448 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\nlasvc.dll -- (NlaSvc)
SRV - [2008/01/20 22:34:35 | 000,018,432 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\nsisvc.dll -- (nsi)
SRV - [2008/01/20 22:33:36 | 000,221,696 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\umpnpmgr.dll -- (PlugPlay)
SRV - [2010/08/17 09:32:33 | 000,126,464 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\spoolsv.exe -- (Spooler)
SRV - [2009/06/15 08:57:59 | 000,009,728 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\lsass.exe -- (ProtectedStorage)
SRV - [2009/04/11 15:17:56 | 000,565,248 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\emdmgmt.dll -- (EMDMgmt)
SRV - [2008/01/20 22:34:00 | 000,090,624 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\rasauto.dll -- (RasAuto)
SRV - [2009/04/11 15:02:26 | 000,260,608 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\System32\rasmans.dll -- (RasMan)
SRV - [2009/10/16 15:44:01 | 000,551,424 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\rpcss.dll -- (RpcSs)
SRV - [2008/01/20 22:34:19 | 000,019,968 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\seclogon.dll -- (seclogon)
SRV - [2009/06/15 08:57:59 | 000,009,728 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\lsass.exe -- (SamSs)
SRV - [2008/01/20 22:33:06 | 000,061,440 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\wscsvc.dll -- (wscsvc)
SRV - [2010/09/06 12:24:40 | 000,125,952 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\srvsvc.dll -- (LanmanServer)
SRV - [2009/07/10 08:21:29 | 000,247,808 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\shsvcs.dll -- (ShellHWDetection)
SRV - [2008/01/20 22:34:50 | 002,623,488 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\SLsvc.exe -- (slsvc)
SRV - [2010/11/06 07:09:57 | 000,603,648 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\schedsvc.dll -- (Schedule)
SRV - [2008/01/20 22:34:43 | 000,242,688 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\System32\tapisrv.dll -- (TapiSrv)
SRV - [2009/07/10 08:21:29 | 000,247,808 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\shsvcs.dll -- (Themes)
SRV - [2008/01/20 22:33:40 | 000,153,600 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\profsvc.dll -- (ProfSvc)
SRV - [2008/01/20 22:33:20 | 001,054,720 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\VSSVC.exe -- (VSS)
SRV - [2008/01/20 22:34:43 | 000,314,368 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\audiosrv.dll -- (Audiosrv)
SRV - [2008/01/20 22:34:43 | 000,314,368 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\audiosrv.dll -- (AudioEndpointBuilder)
SRV - [2008/01/20 22:32:53 | 000,104,960 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\sdrsvc.dll -- (SDRSVC)
SRV - [2008/01/20 22:33:00 | 000,272,952 | ---- | M] () [On_Demand | Stopped] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV - [2008/01/20 22:33:18 | 001,013,760 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\wevtsvc.dll -- (Eventlog)
SRV - [2008/01/20 22:34:35 | 000,393,216 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\MPSSVC.dll -- (MpsSvc)
SRV - [2008/01/20 22:33:06 | 000,452,608 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\wiaservc.dll -- (stisvc)
SRV - [2008/01/20 22:34:08 | 000,071,680 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\msiexec.exe -- (msiserver)
SRV - [2008/01/20 22:34:49 | 000,161,792 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\wbem\WMIsvc.dll -- (Winmgmt)
SRV - [2009/08/06 22:23:45 | 001,929,952 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\wuaueng.dll -- (wuauserv)
SRV - [2008/01/20 22:34:03 | 000,175,104 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\dot3svc.dll -- (dot3svc)
SRV - [2009/07/11 15:32:52 | 000,513,024 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\wlansvc.dll -- (Wlansvc)
SRV - [2009/06/10 08:12:29 | 000,160,256 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\wkssvc.dll -- (LanmanWorkstation)
< %SYSTEMDRIVE%\*.exe >
[2011/07/12 22:55:05 | 002,237,440 | R--- | M] (OldTimer Tools) -- C:\OTLPE.exe
< c:\program files (x86)\Google\Desktop >
[2006/11/02 08:58:10 | 000,000,006 | -H-- | C] () -- C:\Windows\Tasks\SA.DAT
[2006/11/02 08:58:10 | 000,032,650 | ---- | C] () -- C:\Windows\Tasks\SCHEDLGU.TXT
[2009/10/21 14:09:28 | 000,000,416 | -H-- | C] () -- C:\Windows\Tasks\User_Feed_Synchronization-{0EA9F565-5B91-44F2-B6C6-C32AD86F97C1}.job
[2011/03/23 18:38:25 | 000,000,878 | ---- | C] () -- C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
[2011/03/23 18:38:25 | 000,000,882 | ---- | C] () -- C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
< c:\program files\Google\Desktop >
< dir "%systemdrive%\*" /S /A:L /C >
Volume in drive C is OS
Volume Serial Number is 9416-019E
Directory of C:\
10/21/2009 01:39 PM <JUNCTION> Documents and Settings [C:\Users]
0 File(s) 0 bytes
Directory of C:\Documents and Settings
10/21/2009 01:39 PM <SYMLINKD> All Users [C:\ProgramData]
10/21/2009 01:39 PM <JUNCTION> Default User [C:\Users\Default]
0 File(s) 0 bytes
Directory of C:\Documents and Settings\All Users
10/21/2009 01:39 PM <JUNCTION> Application Data [C:\ProgramData]
10/21/2009 01:39 PM <JUNCTION> Desktop [C:\Users\Public\Desktop]
10/21/2009 01:39 PM <JUNCTION> Documents [C:\Users\Public\Documents]
10/21/2009 01:39 PM <JUNCTION> Favorites [C:\Users\Public\Favorites]
10/21/2009 01:39 PM <JUNCTION> Start Menu [C:\ProgramData\Microsoft\Windows\Start Menu]
10/21/2009 01:39 PM <JUNCTION> Templates [C:\ProgramData\Microsoft\Windows\Templates]
0 File(s) 0 bytes
Directory of C:\Documents and Settings\All Users\Application Data
10/21/2009 01:39 PM <JUNCTION> Application Data [C:\ProgramData]
10/21/2009 01:39 PM <JUNCTION> Desktop [C:\Users\Public\Desktop]
10/21/2009 01:39 PM <JUNCTION> Documents [C:\Users\Public\Documents]
10/21/2009 01:39 PM <JUNCTION> Favorites [C:\Users\Public\Favorites]
10/21/2009 01:39 PM <JUNCTION> Start Menu [C:\ProgramData\Microsoft\Windows\Start Menu]
10/21/2009 01:39 PM <JUNCTION> Templates [C:\ProgramData\Microsoft\Windows\Templates]
0 File(s) 0 bytes
Directory of C:\Documents and Settings\All Users\Application Data\Application Data
10/21/2009 01:39 PM <JUNCTION> Application Data [C:\ProgramData]
10/21/2009 01:39 PM <JUNCTION> Desktop [C:\Users\Public\Desktop]
10/21/2009 01:39 PM <JUNCTION> Documents [C:\Users\Public\Documents]
10/21/2009 01:39 PM <JUNCTION> Favorites [C:\Users\Public\Favorites]
10/21/2009 01:39 PM <JUNCTION> Start Menu [C:\ProgramData\Microsoft\Windows\Start Menu]
10/21/2009 01:39 PM <JUNCTION> Templates [C:\ProgramData\Microsoft\Windows\Templates]
0 File(s) 0 bytes
Directory of C:\Documents and Settings\All Users\Application Data\Application Data\Application Data
10/21/2009 01:39 PM <JUNCTION> Application Data [C:\ProgramData]
10/21/2009 01:39 PM <JUNCTION> Desktop [C:\Users\Public\Desktop]
10/21/2009 01:39 PM <JUNCTION> Documents [C:\Users\Public\Documents]
10/21/2009 01:39 PM <JUNCTION> Favorites [C:\Users\Public\Favorites]
10/21/2009 01:39 PM <JUNCTION> Start Menu [C:\ProgramData\Microsoft\Windows\Start Menu]
10/21/2009 01:39 PM <JUNCTION> Templates [C:\ProgramData\Microsoft\Windows\Templates]
0 File(s) 0 bytes
Directory of C:\Documents and Settings\All Users\Application Data\Application Data\Application Data\Application Data
10/21/2009 01:39 PM <JUNCTION> Application Data [C:\ProgramData]
10/21/2009 01:39 PM <JUNCTION> Desktop [C:\Users\Public\Desktop]
10/21/2009 01:39 PM <JUNCTION> Documents [C:\Users\Public\Documents]
10/21/2009 01:39 PM <JUNCTION> Favorites [C:\Users\Public\Favorites]
10/21/2009 01:39 PM <JUNCTION> Start Menu [C:\ProgramData\Microsoft\Windows\Start Menu]
10/21/2009 01:39 PM <JUNCTION> Templates [C:\ProgramData\Microsoft\Windows\Templates]
0 File(s) 0 bytes
Directory of C:\Documents and Settings\All Users\Application Data\Application Data\Application Data\Application Data\Application Data
10/21/2009 01:39 PM <JUNCTION> Application Data [C:\ProgramData]
10/21/2009 01:39 PM <JUNCTION> Desktop [C:\Users\Public\Desktop]
10/21/2009 01:39 PM <JUNCTION> Documents [C:\Users\Public\Documents]
10/21/2009 01:39 PM <JUNCTION> Favorites [C:\Users\Public\Favorites]
10/21/2009 01:39 PM <JUNCTION> Start Menu [C:\ProgramData\Microsoft\Windows\Start Menu]
10/21/2009 01:39 PM <JUNCTION> Templates [C:\ProgramData\Microsoft\Windows\Templates]
0 File(s) 0 bytes
Directory of C:\Documents and Settings\All Users\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data
10/21/2009 01:39 PM <JUNCTION> Application Data [C:\ProgramData]
10/21/2009 01:39 PM <JUNCTION> Desktop [C:\Users\Public\Desktop]
10/21/2009 01:39 PM <JUNCTION> Documents [C:\Users\Public\Documents]
10/21/2009 01:39 PM <JUNCTION> Favorites [C:\Users\Public\Favorites]
10/21/2009 01:39 PM <JUNCTION> Start Menu [C:\ProgramData\Microsoft\Windows\Start Menu]
10/21/2009 01:39 PM <JUNCTION> Templates [C:\ProgramData\Microsoft\Windows\Templates]
0 File(s) 0 bytes
Directory of C:\Documents and Settings\All Users\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data
10/21/2009 01:39 PM <JUNCTION> Application Data [C:\ProgramData]
10/21/2009 01:39 PM <JUNCTION> Desktop [C:\Users\Public\Desktop]
10/21/2009 01:39 PM <JUNCTION> Documents [C:\Users\Public\Documents]
10/21/2009 01:39 PM <JUNCTION> Favorites [C:\Users\Public\Favorites]
10/21/2009 01:39 PM <JUNCTION> Start Menu [C:\ProgramData\Microsoft\Windows\Start Menu]
10/21/2009 01:39 PM <JUNCTION> Templates [C:\ProgramData\Microsoft\Windows\Templates]
0 File(s) 0 bytes
Directory of C:\Documents and Settings\All Users\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data
10/21/2009 01:39 PM <JUNCTION> Application Data [C:\ProgramData]
10/21/2009 01:39 PM <JUNCTION> Desktop [C:\Users\Public\Desktop]
10/21/2009 01:39 PM <JUNCTION> Documents [C:\Users\Public\Documents]
10/21/2009 01:39 PM <JUNCTION> Favorites [C:\Users\Public\Favorites]
10/21/2009 01:39 PM <JUNCTION> Start Menu [C:\ProgramData\Microsoft\Windows\Start Menu]
10/21/2009 01:39 PM <JUNCTION> Templates [C:\ProgramData\Microsoft\Windows\Templates]
0 File(s) 0 bytes
Directory of C:\Documents and Settings\All Users\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data
10/21/2009 01:39 PM <JUNCTION> Application Data [C:\ProgramData]
10/21/2009 01:39 PM <JUNCTION> Desktop [C:\Users\Public\Desktop]
10/21/2009 01:39 PM <JUNCTION> Documents [C:\Users\Public\Documents]
10/21/2009 01:39 PM <JUNCTION> Favorites [C:\Users\Public\Favorites]
10/21/2009 01:39 PM <JUNCTION> Start Menu [C:\ProgramData\Microsoft\Windows\Start Menu]
10/21/2009 01:39 PM <JUNCTION> Templates [C:\ProgramData\Microsoft\Windows\Templates]
0 File(s) 0 bytes
Directory of C:\Documents and Settings\All Users\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data
10/21/2009 01:39 PM <JUNCTION> Application Data [C:\ProgramData]
10/21/2009 01:39 PM <JUNCTION> Desktop [C:\Users\Public\Desktop]
10/21/2009 01:39 PM <JUNCTION> Documents [C:\Users\Public\Documents]
10/21/2009 01:39 PM <JUNCTION> Favorites [C:\Users\Public\Favorites]
10/21/2009 01:39 PM <JUNCTION> Start Menu [C:\ProgramData\Microsoft\Windows\Start Menu]
10/21/2009 01:39 PM <JUNCTION> Templates [C:\ProgramData\Microsoft\Windows\Templates]
0 File(s) 0 bytes
Directory of C:\Documents and Settings\All Users\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data
10/21/2009 01:39 PM <JUNCTION> Application Data [C:\ProgramData]
10/21/2009 01:39 PM <JUNCTION> Desktop [C:\Users\Public\Desktop]
10/21/2009 01:39 PM <JUNCTION> Documents [C:\Users\Public\Documents]
10/21/2009 01:39 PM <JUNCTION> Favorites [C:\Users\Public\Favorites]
10/21/2009 01:39 PM <JUNCTION> Start Menu [C:\ProgramData\Microsoft\Windows\Start Menu]
10/21/2009 01:39 PM <JUNCTION> Templates [C:\ProgramData\Microsoft\Windows\Templates]
0 File(s) 0 bytes
Directory of C:\Documents and Settings\All Users\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data
10/21/2009 01:39 PM <JUNCTION> Application Data [C:\ProgramData]
10/21/2009 01:39 PM <JUNCTION> Desktop [C:\Users\Public\Desktop]
10/21/2009 01:39 PM <JUNCTION> Documents [C:\Users\Public\Documents]
10/21/2009 01:39 PM <JUNCTION> Favorites [C:\Users\Public\Favorites]
10/21/2009 01:39 PM <JUNCTION> Start Menu [C:\ProgramData\Microsoft\Windows\Start Menu]
10/21/2009 01:39 PM <JUNCTION> Templates [C:\ProgramData\Microsoft\Windows\Templates]
0 File(s) 0 bytes
Directory of C:\Documents and Settings\All Users\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data
10/21/2009 01:39 PM <JUNCTION> Application Data [.]
10/21/2009 01:39 PM <JUNCTION> Desktop [.]
10/21/2009 01:39 PM <JUNCTION> Documents [.]
10/21/2009 01:39 PM <JUNCTION> Favorites [.]
10/21/2009 01:39 PM <JUNCTION> Start Menu [.]
10/21/2009 01:39 PM <JUNCTION> Templates [.]
0 File(s) 0 bytes
Directory of C:\Documents and Settings\Default
10/21/2009 01:39 PM <JUNCTION> Application Data [C:\Users\Default\AppData\Roaming]
10/21/2009 01:39 PM <JUNCTION> Cookies [C:\Users\Default\AppData\Roaming\Microsoft\Windows\Cookies]
10/21/2009 01:39 PM <JUNCTION> Local Settings [C:\Users\Default\AppData\Local]
10/21/2009 01:39 PM <JUNCTION> My Documents [C:\Users\Default\Documents]
10/21/2009 01:39 PM <JUNCTION> NetHood [C:\Users\Default\AppData\Roaming\Microsoft\Windows\Network Shortcuts]
10/21/2009 01:39 PM <JUNCTION> PrintHood [C:\Users\Default\AppData\Roaming\Microsoft\Windows\Printer Shortcuts]
10/21/2009 01:39 PM <JUNCTION> Recent [C:\Users\Default\AppData\Roaming\Microsoft\Windows\Recent]
10/21/2009 01:39 PM <JUNCTION> SendTo [C:\Users\Default\AppData\Roaming\Microsoft\Windows\SendTo]
10/21/2009 01:39 PM <JUNCTION> Start Menu [C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu]
10/21/2009 01:39 PM <JUNCTION> Templates [C:\Users\Default\AppData\Roaming\Microsoft\Windows\Templates]
0 File(s) 0 bytes
Directory of C:\Documents and Settings\Default\AppData\Local
10/21/2009 01:39 PM <JUNCTION> Application Data [C:\Users\Default\AppData\Local]
10/21/2009 01:39 PM <JUNCTION> History [C:\Users\Default\AppData\Local\Microsoft\Windows\History]
10/21/2009 01:39 PM <JUNCTION> Temporary Internet Files [C:\Users\Default\AppData\Local\Microsoft\Windows\Temporary Internet Files]
0 File(s) 0 bytes
Directory of C:\Documents and Settings\Default\Documents
10/21/2009 01:39 PM <JUNCTION> My Music [C:\Users\Default\Music]
10/21/2009 01:39 PM <JUNCTION> My Pictures [C:\Users\Default\Pictures]
10/21/2009 01:39 PM <JUNCTION> My Videos [C:\Users\Default\Videos]
0 File(s) 0 bytes
Directory of C:\Documents and Settings\Public\Documents
10/21/2009 01:39 PM <JUNCTION> My Music [C:\Users\Public\Music]
10/21/2009 01:39 PM <JUNCTION> My Pictures [C:\Users\Public\Pictures]
10/21/2009 01:39 PM <JUNCTION> My Videos [C:\Users\Public\Videos]
0 File(s) 0 bytes
Directory of C:\Documents and Settings\Sean
10/21/2009 01:43 PM <JUNCTION> Application Data [C:\Users\Sean\AppData\Roaming]
10/21/2009 01:43 PM <JUNCTION> Cookies [C:\Users\Sean\AppData\Roaming\Microsoft\Windows\Cookies]
10/21/2009 01:43 PM <JUNCTION> Local Settings [C:\Users\Sean\AppData\Local]
10/21/2009 01:43 PM <JUNCTION> My Documents [C:\Users\Sean\Documents]
10/21/2009 01:43 PM <JUNCTION> NetHood [C:\Users\Sean\AppData\Roaming\Microsoft\Windows\Network Shortcuts]
10/21/2009 01:43 PM <JUNCTION> PrintHood [C:\Users\Sean\AppData\Roaming\Microsoft\Windows\Printer Shortcuts]
10/21/2009 01:43 PM <JUNCTION> Recent [C:\Users\Sean\AppData\Roaming\Microsoft\Windows\Recent]
10/21/2009 01:43 PM <JUNCTION> SendTo [C:\Users\Sean\AppData\Roaming\Microsoft\Windows\SendTo]
10/21/2009 01:43 PM <JUNCTION> Start Menu [C:\Users\Sean\AppData\Roaming\Microsoft\Windows\Start Menu]
10/21/2009 01:43 PM <JUNCTION> Templates [C:\Users\Sean\AppData\Roaming\Microsoft\Windows\Templates]
0 File(s) 0 bytes
Directory of C:\Documents and Settings\Sean\AppData\Local
10/21/2009 01:43 PM <JUNCTION> Application Data [C:\Users\Sean\AppData\Local]
10/21/2009 01:43 PM <JUNCTION> History [C:\Users\Sean\AppData\Local\Microsoft\Windows\History]
10/21/2009 01:43 PM <JUNCTION> Temporary Internet Files [C:\Users\Sean\AppData\Local\Microsoft\Windows\Temporary Internet Files]
0 File(s) 0 bytes
Directory of C:\Documents and Settings\Sean\Documents
10/21/2009 01:43 PM <JUNCTION> My Music [C:\Users\Sean\Music]
10/21/2009 01:43 PM <JUNCTION> My Pictures [C:\Users\Sean\Pictures]
10/21/2009 01:43 PM <JUNCTION> My Videos [C:\Users\Sean\Videos]
0 File(s) 0 bytes
Directory of C:\Program Files\Windows Defender
11/02/2006 08:40 AM <SYMLINKD> en-US [c:\windows\system32\config]
11/02/2006 08:33 AM <SYMLINK> MpAsDesc.dll [c:\windows\system32\config]
01/20/2008 10:32 PM <SYMLINK> MpClient.dll [c:\windows\system32\config]
01/20/2008 10:33 PM <SYMLINK> MpCmdRun.exe [c:\windows\system32\config]
11/02/2006 08:33 AM <SYMLINK> MpEvMsg.dll [c:\windows\system32\config]
01/20/2008 10:33 PM <SYMLINK> MpOAV.dll [c:\windows\system32\config]
01/20/2008 10:33 PM <SYMLINK> MpRtMon.dll [c:\windows\system32\config]
01/20/2008 10:33 PM <SYMLINK> MpRtPlug.dll [c:\windows\system32\config]
01/20/2008 10:33 PM <SYMLINK> MpSigDwn.dll [c:\windows\system32\config]
01/20/2008 10:33 PM <SYMLINK> MpSoftEx.dll [c:\windows\system32\config]
01/20/2008 10:33 PM <SYMLINK> MpSvc.dll [c:\windows\system32\config]
01/20/2008 10:33 PM <SYMLINK> MSASCui.exe [c:\windows\system32\config]
01/20/2008 10:33 PM <SYMLINK> MsMpCom.dll [c:\windows\system32\config]
11/02/2006 08:33 AM <SYMLINK> MsMpLics.dll [c:\windows\system32\config]
11/02/2006 08:33 AM <SYMLINK> MsMpRes.dll [c:\windows\system32\config]
14 File(s) 4,345,808 bytes
Directory of C:\Program Files\Windows Defender\en-US\systemprofile
10/16/2009 01:11 PM <JUNCTION> Application Data [..]
10/16/2009 01:11 PM <JUNCTION> Cookies [..]
10/16/2009 01:11 PM <JUNCTION> Local Settings [..]
0 File(s) 0 bytes
Directory of C:\Program Files\Windows Defender\en-US\systemprofile\AppData\Local
10/16/2009 01:11 PM <JUNCTION> Application Data [C:\Windows\system32\config\systemprofile\AppData\Local]
10/16/2009 01:11 PM <JUNCTION> History [..]
10/16/2009 01:11 PM <JUNCTION> Temporary Internet Files [..]
0 File(s) 0 bytes
Directory of C:\Program Files\Windows Defender\en-US\systemprofile\AppData\Local\Application Data
10/16/2009 01:11 PM <JUNCTION> Application Data [C:\Windows\system32\config\systemprofile\AppData\Local]
10/16/2009 01:11 PM <JUNCTION> History [..]
10/16/2009 01:11 PM <JUNCTION> Temporary Internet Files [..]
0 File(s) 0 bytes
Directory of C:\Program Files\Windows Defender\en-US\systemprofile\AppData\Local\Application Data\Application Data
10/16/2009 01:11 PM <JUNCTION> Application Data [C:\Windows\system32\config\systemprofile\AppData\Local]
10/16/2009 01:11 PM <JUNCTION> History [..]
10/16/2009 01:11 PM <JUNCTION> Temporary Internet Files [..]
0 File(s) 0 bytes
Directory of C:\Program Files\Windows Defender\en-US\systemprofile\AppData\Local\Application Data\Application Data\Application Data
10/16/2009 01:11 PM <JUNCTION> Application Data [C:\Windows\system32\config\systemprofile\AppData\Local]
10/16/2009 01:11 PM <JUNCTION> History [..]
10/16/2009 01:11 PM <JUNCTION> Temporary Internet Files [..]
0 File(s) 0 bytes
Directory of C:\Program Files\Windows Defender\en-US\systemprofile\AppData\Local\Application Data\Application Data\Application Data\Application Data
10/16/2009 01:11 PM <JUNCTION> Application Data [C:\Windows\system32\config\systemprofile\AppData\Local]
10/16/2009 01:11 PM <JUNCTION> History [..]
10/16/2009 01:11 PM <JUNCTION> Temporary Internet Files [..]
0 File(s) 0 bytes
Directory of C:\Program Files\Windows Defender\en-US\systemprofile\AppData\Local\Application Data\Application Data\Application Data\Application Data\Application Data
10/16/2009 01:11 PM <JUNCTION> Application Data [C:\Windows\system32\config\systemprofile\AppData\Local]
10/16/2009 01:11 PM <JUNCTION> History [..]
10/16/2009 01:11 PM <JUNCTION> Temporary Internet Files [..]
0 File(s) 0 bytes
Directory of C:\Program Files\Windows Defender\en-US\systemprofile\AppData\Local\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data
10/16/2009 01:11 PM <JUNCTION> Application Data [C:\Windows\system32\config\systemprofile\AppData\Local]
10/16/2009 01:11 PM <JUNCTION> History [..]
10/16/2009 01:11 PM <JUNCTION> Temporary Internet Files [..]
0 File(s) 0 bytes
Directory of C:\Program Files\Windows Defender\en-US\systemprofile\AppData\Local\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data
10/16/2009 01:11 PM <JUNCTION> Application Data [C:\Windows\system32\config\systemprofile\AppData\Local]
10/16/2009 01:11 PM <JUNCTION> History [..]
10/16/2009 01:11 PM <JUNCTION> Temporary Internet Files [..]
0 File(s) 0 bytes
Directory of C:\Program Files\Windows Defender\en-US\systemprofile\AppData\Local\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data
10/16/2009 01:11 PM <JUNCTION> Application Data [C:\Windows\system32\config\systemprofile\AppData\Local]
10/16/2009 01:11 PM <JUNCTION> History [..]
10/16/2009 01:11 PM <JUNCTION> Temporary Internet Files [..]
0 File(s) 0 bytes
Directory of C:\Program Files\Windows Defender\en-US\systemprofile\AppData\Local\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data
10/16/2009 01:11 PM <JUNCTION> Application Data [C:\Windows\system32\config\systemprofile\AppData\Local]
10/16/2009 01:11 PM <JUNCTION> History [..]
10/16/2009 01:11 PM <JUNCTION> Temporary Internet Files [..]
0 File(s) 0 bytes
Directory of C:\Program Files\Windows Defender\en-US\systemprofile\AppData\Local\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data
10/16/2009 01:11 PM <JUNCTION> Application Data [C:\Windows\system32\config\systemprofile\AppData\Local]
10/16/2009 01:11 PM <JUNCTION> History [..]
10/16/2009 01:11 PM <JUNCTION> Temporary Internet Files [.]
0 File(s) 0 bytes
Directory of C:\Program Files\Windows Defender\en-US\systemprofile\AppData\Local\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data
10/16/2009 01:11 PM <JUNCTION> Application Data [.]
10/16/2009 01:11 PM <JUNCTION> History [.]
10/16/2009 01:11 PM <JUNCTION> Temporary Internet Files [.]
0 File(s) 0 bytes
Directory of C:\ProgramData
10/21/2009 01:39 PM <JUNCTION> Application Data [C:\ProgramData]
10/21/2009 01:39 PM <JUNCTION> Desktop [C:\Users\Public\Desktop]
10/21/2009 01:39 PM <JUNCTION> Documents [C:\Users\Public\Documents]
10/21/2009 01:39 PM <JUNCTION> Favorites [C:\Users\Public\Favorites]
10/21/2009 01:39 PM <JUNCTION> Start Menu [C:\ProgramData\Microsoft\Windows\Start Menu]
10/21/2009 01:39 PM <JUNCTION> Templates [C:\ProgramData\Microsoft\Windows\Templates]
0 File(s) 0 bytes
Directory of C:\ProgramData\Application Data
10/21/2009 01:39 PM <JUNCTION> Application Data [C:\ProgramData]
10/21/2009 01:39 PM <JUNCTION> Desktop [C:\Users\Public\Desktop]
10/21/2009 01:39 PM <JUNCTION> Documents [C:\Users\Public\Documents]
10/21/2009 01:39 PM <JUNCTION> Favorites [C:\Users\Public\Favorites]
10/21/2009 01:39 PM <JUNCTION> Start Menu [C:\ProgramData\Microsoft\Windows\Start Menu]
10/21/2009 01:39 PM <JUNCTION> Templates [C:\ProgramData\Microsoft\Windows\Templates]
0 File(s) 0 bytes
Directory of C:\ProgramData\Application Data\Application Data
10/21/2009 01:39 PM <JUNCTION> Application Data [C:\ProgramData]
10/21/2009 01:39 PM <JUNCTION> Desktop [C:\Users\Public\Desktop]
10/21/2009 01:39 PM <JUNCTION> Documents [C:\Users\Public\Documents]
10/21/2009 01:39 PM <JUNCTION> Favorites [C:\Users\Public\Favorites]
10/21/2009 01:39 PM <JUNCTION> Start Menu [C:\ProgramData\Microsoft\Windows\Start Menu]
10/21/2009 01:39 PM <JUNCTION> Templates [C:\ProgramData\Microsoft\Windows\Templates]
0 File(s) 0 bytes
Directory of C:\ProgramData\Application Data\Application Data\Application Data
10/21/2009 01:39 PM <JUNCTION> Application Data [C:\ProgramData]
10/21/2009 01:39 PM <JUNCTION> Desktop [C:\Users\Public\Desktop]
10/21/2009 01:39 PM <JUNCTION> Documents [C:\Users\Public\Documents]
10/21/2009 01:39 PM <JUNCTION> Favorites [C:\Users\Public\Favorites]
10/21/2009 01:39 PM <JUNCTION> Start Menu [C:\ProgramData\Microsoft\Windows\Start Menu]
10/21/2009 01:39 PM <JUNCTION> Templates [C:\ProgramData\Microsoft\Windows\Templates]
0 File(s) 0 bytes
Directory of C:\ProgramData\Application Data\Application Data\Application Data\Application Data
10/21/2009 01:39 PM <JUNCTION> Application Data [C:\ProgramData]
10/21/2009 01:39 PM <JUNCTION> Desktop [C:\Users\Public\Desktop]
10/21/2009 01:39 PM <JUNCTION> Documents [C:\Users\Public\Documents]
10/21/2009 01:39 PM <JUNCTION> Favorites [C:\Users\Public\Favorites]
10/21/2009 01:39 PM <JUNCTION> Start Menu [C:\ProgramData\Microsoft\Windows\Start Menu]
10/21/2009 01:39 PM <JUNCTION> Templates [C:\ProgramData\Microsoft\Windows\Templates]
0 File(s) 0 bytes
Directory of C:\ProgramData\Application Data\Application Data\Application Data\Application Data\Application Data
10/21/2009 01:39 PM <JUNCTION> Application Data [C:\ProgramData]
10/21/2009 01:39 PM <JUNCTION> Desktop [C:\Users\Public\Desktop]
10/21/2009 01:39 PM <JUNCTION> Documents [C:\Users\Public\Documents]
10/21/2009 01:39 PM <JUNCTION> Favorites [C:\Users\Public\Favorites]
10/21/2009 01:39 PM <JUNCTION> Start Menu [C:\ProgramData\Microsoft\Windows\Start Menu]
10/21/2009 01:39 PM <JUNCTION> Templates [C:\ProgramData\Microsoft\Windows\Templates]
0 File(s) 0 bytes
Directory of C:\ProgramData\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data
10/21/2009 01:39 PM <JUNCTION> Application Data [C:\ProgramData]
10/21/2009 01:39 PM <JUNCTION> Desktop [C:\Users\Public\Desktop]
10/21/2009 01:39 PM <JUNCTION> Documents [C:\Users\Public\Documents]
10/21/2009 01:39 PM <JUNCTION> Favorites [C:\Users\Public\Favorites]
10/21/2009 01:39 PM <JUNCTION> Start Menu [C:\ProgramData\Microsoft\Windows\Start Menu]
10/21/2009 01:39 PM <JUNCTION> Templates [C:\ProgramData\Microsoft\Windows\Templates]
0 File(s) 0 bytes
Directory of C:\ProgramData\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data
10/21/2009 01:39 PM <JUNCTION> Application Data [C:\ProgramData]
10/21/2009 01:39 PM <JUNCTION> Desktop [C:\Users\Public\Desktop]
10/21/2009 01:39 PM <JUNCTION> Documents [C:\Users\Public\Documents]
10/21/2009 01:39 PM <JUNCTION> Favorites [C:\Users\Public\Favorites]
10/21/2009 01:39 PM <JUNCTION> Start Menu [C:\ProgramData\Microsoft\Windows\Start Menu]
10/21/2009 01:39 PM <JUNCTION> Templates [C:\ProgramData\Microsoft\Windows\Templates]
0 File(s) 0 bytes
Directory of C:\ProgramData\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data
10/21/2009 01:39 PM <JUNCTION> Application Data [C:\ProgramData]
10/21/2009 01:39 PM <JUNCTION> Desktop [C:\Users\Public\Desktop]
10/21/2009 01:39 PM <JUNCTION> Documents [C:\Users\Public\Documents]
10/21/2009 01:39 PM <JUNCTION> Favorites [C:\Users\Public\Favorites]
10/21/2009 01:39 PM <JUNCTION> Start Menu [C:\ProgramData\Microsoft\Windows\Start Menu]
10/21/2009 01:39 PM <JUNCTION> Templates [C:\ProgramData\Microsoft\Windows\Templates]
0 File(s) 0 bytes
Directory of C:\ProgramData\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data
10/21/2009 01:39 PM <JUNCTION> Application Data [C:\ProgramData]
10/21/2009 01:39 PM <JUNCTION> Desktop [C:\Users\Public\Desktop]
10/21/2009 01:39 PM <JUNCTION> Documents [C:\Users\Public\Documents]
10/21/2009 01:39 PM <JUNCTION> Favorites [C:\Users\Public\Favorites]
10/21/2009 01:39 PM <JUNCTION> Start Menu [C:\ProgramData\Microsoft\Windows\Start Menu]
10/21/2009 01:39 PM <JUNCTION> Templates [C:\ProgramData\Microsoft\Windows\Templates]
0 File(s) 0 bytes
Directory of C:\ProgramData\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data
10/21/2009 01:39 PM <JUNCTION> Application Data [C:\ProgramData]
10/21/2009 01:39 PM <JUNCTION> Desktop [C:\Users\Public\Desktop]
10/21/2009 01:39 PM <JUNCTION> Documents [C:\Users\Public\Documents]
10/21/2009 01:39 PM <JUNCTION> Favorites [C:\Users\Public\Favorites]
10/21/2009 01:39 PM <JUNCTION> Start Menu [C:\ProgramData\Microsoft\Windows\Start Menu]
10/21/2009 01:39 PM <JUNCTION> Templates [C:\ProgramData\Microsoft\Windows\Templates]
0 File(s) 0 bytes
Directory of C:\ProgramData\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data
10/21/2009 01:39 PM <JUNCTION> Application Data [C:\ProgramData]
10/21/2009 01:39 PM <JUNCTION> Desktop [C:\Users\Public\Desktop]
10/21/2009 01:39 PM <JUNCTION> Documents [C:\Users\Public\Documents]
10/21/2009 01:39 PM <JUNCTION> Favorites [C:\Users\Public\Favorites]
10/21/2009 01:39 PM <JUNCTION> Start Menu [C:\ProgramData\Microsoft\Windows\Start Menu]
10/21/2009 01:39 PM <JUNCTION> Templates [C:\ProgramData\Microsoft\Windows\Templates]
0 File(s) 0 bytes
Directory of C:\ProgramData\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data
10/21/2009 01:39 PM <JUNCTION> Application Data [C:\ProgramData]
10/21/2009 01:39 PM <JUNCTION> Desktop [C:\Users\Public\Desktop]
10/21/2009 01:39 PM <JUNCTION> Documents [C:\Users\Public\Documents]
10/21/2009 01:39 PM <JUNCTION> Favorites [C:\Users\Public\Favorites]
10/21/2009 01:39 PM <JUNCTION> Start Menu [C:\ProgramData\Microsoft\Windows\Start Menu]
10/21/2009 01:39 PM <JUNCTION> Templates [C:\ProgramData\Microsoft\Windows\Templates]
0 File(s) 0 bytes
Directory of C:\ProgramData\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data
10/21/2009 01:39 PM <JUNCTION> Application Data [C:\ProgramData]
10/21/2009 01:39 PM <JUNCTION> Desktop [C:\Users\Public\Desktop]
10/21/2009 01:39 PM <JUNCTION> Documents [C:\Users\Public\Documents]
10/21/2009 01:39 PM <JUNCTION> Favorites [C:\Users\Public\Favorites]
10/21/2009 01:39 PM <JUNCTION> Start Menu [C:\ProgramData\Microsoft\Windows\Start Menu]
10/21/2009 01:39 PM <JUNCTION> Templates [C:\ProgramData\Microsoft\Windows\Templates]
0 File(s) 0 bytes
Directory of C:\ProgramData\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data
10/21/2009 01:39 PM <JUNCTION> Application Data [.]
10/21/2009 01:39 PM <JUNCTION> Desktop [.]
10/21/2009 01:39 PM <JUNCTION> Documents [.]
10/21/2009 01:39 PM <JUNCTION> Favorites [.]
10/21/2009 01:39 PM <JUNCTION> Start Menu [.]
10/21/2009 01:39 PM <JUNCTION> Templates [.]
0 File(s) 0 bytes
Directory of C:\Users
10/21/2009 01:39 PM <SYMLINKD> All Users [C:\ProgramData]
10/21/2009 01:39 PM <JUNCTION> Default User [C:\Users\Default]
0 File(s) 0 bytes
Directory of C:\Users\All Users
10/21/2009 01:39 PM <JUNCTION> Application Data [C:\ProgramData]
10/21/2009 01:39 PM <JUNCTION> Desktop [C:\Users\Public\Desktop]
10/21/2009 01:39 PM <JUNCTION> Documents [C:\Users\Public\Documents]
10/21/2009 01:39 PM <JUNCTION> Favorites [C:\Users\Public\Favorites]
10/21/2009 01:39 PM <JUNCTION> Start Menu [C:\ProgramData\Microsoft\Windows\Start Menu]
10/21/2009 01:39 PM <JUNCTION> Templates [C:\ProgramData\Microsoft\Windows\Templates]
0 File(s) 0 bytes
Directory of C:\Users\All Users\Application Data
10/21/2009 01:39 PM <JUNCTION> Application Data [C:\ProgramData]
10/21/2009 01:39 PM <JUNCTION> Desktop [C:\Users\Public\Desktop]
10/21/2009 01:39 PM <JUNCTION> Documents [C:\Users\Public\Documents]
10/21/2009 01:39 PM <JUNCTION> Favorites [C:\Users\Public\Favorites]
10/21/2009 01:39 PM <JUNCTION> Start Menu [C:\ProgramData\Microsoft\Windows\Start Menu]
10/21/2009 01:39 PM <JUNCTION> Templates [C:\ProgramData\Microsoft\Windows\Templates]
0 File(s) 0 bytes
Directory of C:\Users\All Users\Application Data\Application Data
10/21/2009 01:39 PM <JUNCTION> Application Data [C:\ProgramData]
10/21/2009 01:39 PM <JUNCTION> Desktop [C:\Users\Public\Desktop]
10/21/2009 01:39 PM <JUNCTION> Documents [C:\Users\Public\Documents]
10/21/2009 01:39 PM <JUNCTION> Favorites [C:\Users\Public\Favorites]
10/21/2009 01:39 PM <JUNCTION> Start Menu [C:\ProgramData\Microsoft\Windows\Start Menu]
10/21/2009 01:39 PM <JUNCTION> Templates [C:\ProgramData\Microsoft\Windows\Templates]
0 File(s) 0 bytes
Directory of C:\Users\All Users\Application Data\Application Data\Application Data
10/21/2009 01:39 PM <JUNCTION> Application Data [C:\ProgramData]
10/21/2009 01:39 PM <JUNCTION> Desktop [C:\Users\Public\Desktop]
10/21/2009 01:39 PM <JUNCTION> Documents [C:\Users\Public\Documents]
10/21/2009 01:39 PM <JUNCTION> Favorites [C:\Users\Public\Favorites]
10/21/2009 01:39 PM <JUNCTION> Start Menu [C:\ProgramData\Microsoft\Windows\Start Menu]
10/21/2009 01:39 PM <JUNCTION> Templates [C:\ProgramData\Microsoft\Windows\Templates]
0 File(s) 0 bytes
Directory of C:\Users\All Users\Application Data\Application Data\Application Data\Application Data
10/21/2009 01:39 PM <JUNCTION> Application Data [C:\ProgramData]
10/21/2009 01:39 PM <JUNCTION> Desktop [C:\Users\Public\Desktop]
10/21/2009 01:39 PM <JUNCTION> Documents [C:\Users\Public\Documents]
10/21/2009 01:39 PM <JUNCTION> Favorites [C:\Users\Public\Favorites]
10/21/2009 01:39 PM <JUNCTION> Start Menu [C:\ProgramData\Microsoft\Windows\Start Menu]
10/21/2009 01:39 PM <JUNCTION> Templates [C:\ProgramData\Microsoft\Windows\Templates]
0 File(s) 0 bytes
Directory of C:\Users\All Users\Application Data\Application Data\Application Data\Application Data\Application Data
10/21/2009 01:39 PM <JUNCTION> Application Data [C:\ProgramData]
10/21/2009 01:39 PM <JUNCTION> Desktop [C:\Users\Public\Desktop]
10/21/2009 01:39 PM <JUNCTION> Documents [C:\Users\Public\Documents]
10/21/2009 01:39 PM <JUNCTION> Favorites [C:\Users\Public\Favorites]
10/21/2009 01:39 PM <JUNCTION> Start Menu [C:\ProgramData\Microsoft\Windows\Start Menu]
10/21/2009 01:39 PM <JUNCTION> Templates [C:\ProgramData\Microsoft\Windows\Templates]
0 File(s) 0 bytes
Directory of C:\Users\All Users\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data
10/21/2009 01:39 PM <JUNCTION> Application Data [C:\ProgramData]
10/21/2009 01:39 PM <JUNCTION> Desktop [C:\Users\Public\Desktop]
10/21/2009 01:39 PM <JUNCTION> Documents [C:\Users\Public\Documents]
10/21/2009 01:39 PM <JUNCTION> Favorites [C:\Users\Public\Favorites]
10/21/2009 01:39 PM <JUNCTION> Start Menu [C:\ProgramData\Microsoft\Windows\Start Menu]
10/21/2009 01:39 PM <JUNCTION> Templates [C:\ProgramData\Microsoft\Windows\Templates]
0 File(s) 0 bytes
Directory of C:\Users\All Users\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data
10/21/2009 01:39 PM <JUNCTION> Application Data [C:\ProgramData]
10/21/2009 01:39 PM <JUNCTION> Desktop [C:\Users\Public\Desktop]
10/21/2009 01:39 PM <JUNCTION> Documents [C:\Users\Public\Documents]
10/21/2009 01:39 PM <JUNCTION> Favorites [C:\Users\Public\Favorites]
10/21/2009 01:39 PM <JUNCTION> Start Menu [C:\ProgramData\Microsoft\Windows\Start Menu]
10/21/2009 01:39 PM <JUNCTION> Templates [C:\ProgramData\Microsoft\Windows\Templates]
0 File(s) 0 bytes
Directory of C:\Users\All Users\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data
10/21/2009 01:39 PM <JUNCTION> Application Data [C:\ProgramData]
10/21/2009 01:39 PM <JUNCTION> Desktop [C:\Users\Public\Desktop]
10/21/2009 01:39 PM <JUNCTION> Documents [C:\Users\Public\Documents]
10/21/2009 01:39 PM <JUNCTION> Favorites [C:\Users\Public\Favorites]
10/21/2009 01:39 PM <JUNCTION> Start Menu [C:\ProgramData\Microsoft\Windows\Start Menu]
10/21/2009 01:39 PM <JUNCTION> Templates [C:\ProgramData\Microsoft\Windows\Templates]
0 File(s) 0 bytes
Directory of C:\Users\All Users\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data
10/21/2009 01:39 PM <JUNCTION> Application Data [C:\ProgramData]
10/21/2009 01:39 PM <JUNCTION> Desktop [C:\Users\Public\Desktop]
10/21/2009 01:39 PM <JUNCTION> Documents [C:\Users\Public\Documents]
10/21/2009 01:39 PM <JUNCTION> Favorites [C:\Users\Public\Favorites]
10/21/2009 01:39 PM <JUNCTION> Start Menu [C:\ProgramData\Microsoft\Windows\Start Menu]
10/21/2009 01:39 PM <JUNCTION> Templates [C:\ProgramData\Microsoft\Windows\Templates]
0 File(s) 0 bytes
Directory of C:\Users\All Users\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data
10/21/2009 01:39 PM <JUNCTION> Application Data [C:\ProgramData]
10/21/2009 01:39 PM <JUNCTION> Desktop [C:\Users\Public\Desktop]
10/21/2009 01:39 PM <JUNCTION> Documents [C:\Users\Public\Documents]
10/21/2009 01:39 PM <JUNCTION> Favorites [C:\Users\Public\Favorites]
10/21/2009 01:39 PM <JUNCTION> Start Menu [C:\ProgramData\Microsoft\Windows\Start Menu]
10/21/2009 01:39 PM <JUNCTION> Templates [C:\ProgramData\Microsoft\Windows\Templates]
0 File(s) 0 bytes
Directory of C:\Users\All Users\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data
10/21/2009 01:39 PM <JUNCTION> Application Data [C:\ProgramData]
10/21/2009 01:39 PM <JUNCTION> Desktop [C:\Users\Public\Desktop]
10/21/2009 01:39 PM <JUNCTION> Documents [C:\Users\Public\Documents]
10/21/2009 01:39 PM <JUNCTION> Favorites [C:\Users\Public\Favorites]
10/21/2009 01:39 PM <JUNCTION> Start Menu [C:\ProgramData\Microsoft\Windows\Start Menu]
10/21/2009 01:39 PM <JUNCTION> Templates [C:\ProgramData\Microsoft\Windows\Templates]
0 File(s) 0 bytes
Directory of C:\Users\All Users\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data
10/21/2009 01:39 PM <JUNCTION> Application Data [C:\ProgramData]
10/21/2009 01:39 PM <JUNCTION> Desktop [C:\Users\Public\Desktop]
10/21/2009 01:39 PM <JUNCTION> Documents [C:\Users\Public\Documents]
10/21/2009 01:39 PM <JUNCTION> Favorites [C:\Users\Public\Favorites]
10/21/2009 01:39 PM <JUNCTION> Start Menu [C:\ProgramData\Microsoft\Windows\Start Menu]
10/21/2009 01:39 PM <JUNCTION> Templates [C:\ProgramData\Microsoft\Windows\Templates]
0 File(s) 0 bytes
Directory of C:\Users\All Users\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data
10/21/2009 01:39 PM <JUNCTION> Application Data [C:\ProgramData]
10/21/2009 01:39 PM <JUNCTION> Desktop [C:\Users\Public\Desktop]
10/21/2009 01:39 PM <JUNCTION> Documents [C:\Users\Public\Documents]
10/21/2009 01:39 PM <JUNCTION> Favorites [C:\Users\Public\Favorites]
10/21/2009 01:39 PM <JUNCTION> Start Menu [C:\ProgramData\Microsoft\Windows\Start Menu]
10/21/2009 01:39 PM <JUNCTION> Templates [C:\ProgramData\Microsoft\Windows\Templates]
0 File(s) 0 bytes
Directory of C:\Users\All Users\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data
10/21/2009 01:39 PM <JUNCTION> Application Data [.]
10/21/2009 01:39 PM <JUNCTION> Desktop [.]
10/21/2009 01:39 PM <JUNCTION> Documents [.]
10/21/2009 01:39 PM <JUNCTION> Favorites [.]
10/21/2009 01:39 PM <JUNCTION> Start Menu [.]
10/21/2009 01:39 PM <JUNCTION> Templates [.]
0 File(s) 0 bytes
Directory of C:\Users\Default
10/21/2009 01:39 PM <JUNCTION> Application Data [C:\Users\Default\AppData\Roaming]
10/21/2009 01:39 PM <JUNCTION> Cookies [C:\Users\Default\AppData\Roaming\Microsoft\Windows\Cookies]
10/21/2009 01:39 PM <JUNCTION> Local Settings [C:\Users\Default\AppData\Local]
10/21/2009 01:39 PM <JUNCTION> My Documents [C:\Users\Default\Documents]
10/21/2009 01:39 PM <JUNCTION> NetHood [C:\Users\Default\AppData\Roaming\Microsoft\Windows\Network Shortcuts]
10/21/2009 01:39 PM <JUNCTION> PrintHood [C:\Users\Default\AppData\Roaming\Microsoft\Windows\Printer Shortcuts]
10/21/2009 01:39 PM <JUNCTION> Recent [C:\Users\Default\AppData\Roaming\Microsoft\Windows\Recent]
10/21/2009 01:39 PM <JUNCTION> SendTo [C:\Users\Default\AppData\Roaming\Microsoft\Windows\SendTo]
10/21/2009 01:39 PM <JUNCTION> Start Menu [C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu]
10/21/2009 01:39 PM <JUNCTION> Templates [C:\Users\Default\AppData\Roaming\Microsoft\Windows\Templates]
0 File(s) 0 bytes
Directory of C:\Users\Default\AppData\Local
10/21/2009 01:39 PM <JUNCTION> Application Data [C:\Users\Default\AppData\Local]
10/21/2009 01:39 PM <JUNCTION> History [C:\Users\Default\AppData\Local\Microsoft\Windows\History]
10/21/2009 01:39 PM <JUNCTION> Temporary Internet Files [C:\Users\Default\AppData\Local\Microsoft\Windows\Temporary Internet Files]
0 File(s) 0 bytes
Directory of C:\Users\Default\Documents
10/21/2009 01:39 PM <JUNCTION> My Music [C:\Users\Default\Music]
10/21/2009 01:39 PM <JUNCTION> My Pictures [C:\Users\Default\Pictures]
10/21/2009 01:39 PM <JUNCTION> My Videos [C:\Users\Default\Videos]
0 File(s) 0 bytes
Directory of C:\Users\Public\Documents
10/21/2009 01:39 PM <JUNCTION> My Music [C:\Users\Public\Music]
10/21/2009 01:39 PM <JUNCTION> My Pictures [C:\Users\Public\Pictures]
10/21/2009 01:39 PM <JUNCTION> My Videos [C:\Users\Public\Videos]
0 File(s) 0 bytes
Directory of C:\Users\Sean
10/21/2009 01:43 PM <JUNCTION> Application Data [C:\Users\Sean\AppData\Roaming]
10/21/2009 01:43 PM <JUNCTION> Cookies [C:\Users\Sean\AppData\Roaming\Microsoft\Windows\Cookies]
10/21/2009 01:43 PM <JUNCTION> Local Settings [C:\Users\Sean\AppData\Local]
10/21/2009 01:43 PM <JUNCTION> My Documents [C:\Users\Sean\Documents]
10/21/2009 01:43 PM <JUNCTION> NetHood [C:\Users\Sean\AppData\Roaming\Microsoft\Windows\Network Shortcuts]
10/21/2009 01:43 PM <JUNCTION> PrintHood [C:\Users\Sean\AppData\Roaming\Microsoft\Windows\Printer Shortcuts]
10/21/2009 01:43 PM <JUNCTION> Recent [C:\Users\Sean\AppData\Roaming\Microsoft\Windows\Recent]
10/21/2009 01:43 PM <JUNCTION> SendTo [C:\Users\Sean\AppData\Roaming\Microsoft\Windows\SendTo]
10/21/2009 01:43 PM <JUNCTION> Start Menu [C:\Users\Sean\AppData\Roaming\Microsoft\Windows\Start Menu]
10/21/2009 01:43 PM <JUNCTION> Templates [C:\Users\Sean\AppData\Roaming\Microsoft\Windows\Templates]
0 File(s) 0 bytes
Directory of C:\Users\Sean\AppData\Local
10/21/2009 01:43 PM <JUNCTION> Application Data [C:\Users\Sean\AppData\Local]
10/21/2009 01:43 PM <JUNCTION> History [C:\Users\Sean\AppData\Local\Microsoft\Windows\History]
10/21/2009 01:43 PM <JUNCTION> Temporary Internet Files [C:\Users\Sean\AppData\Local\Microsoft\Windows\Temporary Internet Files]
0 File(s) 0 bytes
Directory of C:\Users\Sean\Documents
10/21/2009 01:43 PM <JUNCTION> My Music [C:\Users\Sean\Music]
10/21/2009 01:43 PM <JUNCTION> My Pictures [C:\Users\Sean\Pictures]
10/21/2009 01:43 PM <JUNCTION> My Videos [C:\Users\Sean\Videos]
0 File(s) 0 bytes
Directory of C:\Windows\System32\config\systemprofile
10/16/2009 01:11 PM <JUNCTION> Application Data [..]
10/16/2009 01:11 PM <JUNCTION> Cookies [..]
10/16/2009 01:11 PM <JUNCTION> Local Settings [..]
0 File(s) 0 bytes
Directory of C:\Windows\System32\config\systemprofile\AppData\Local
10/16/2009 01:11 PM <JUNCTION> Application Data [C:\Windows\system32\config\systemprofile\AppData\Local]
10/16/2009 01:11 PM <JUNCTION> History [..]
10/16/2009 01:11 PM <JUNCTION> Temporary Internet Files [..]
0 File(s) 0 bytes
Directory of C:\Windows\System32\config\systemprofile\AppData\Local\Application Data
10/16/2009 01:11 PM <JUNCTION> Application Data [C:\Windows\system32\config\systemprofile\AppData\Local]
10/16/2009 01:11 PM <JUNCTION> History [..]
10/16/2009 01:11 PM <JUNCTION> Temporary Internet Files [..]
0 File(s) 0 bytes
Directory of C:\Windows\System32\config\systemprofile\AppData\Local\Application Data\Application Data
10/16/2009 01:11 PM <JUNCTION> Application Data [C:\Windows\system32\config\systemprofile\AppData\Local]
10/16/2009 01:11 PM <JUNCTION> History [..]
10/16/2009 01:11 PM <JUNCTION> Temporary Internet Files [..]
0 File(s) 0 bytes
Directory of C:\Windows\System32\config\systemprofile\AppData\Local\Application Data\Application Data\Application Data
10/16/2009 01:11 PM <JUNCTION> Application Data [C:\Windows\system32\config\systemprofile\AppData\Local]
10/16/2009 01:11 PM <JUNCTION> History [..]
10/16/2009 01:11 PM <JUNCTION> Temporary Internet Files [..]
0 File(s) 0 bytes
Directory of C:\Windows\System32\config\systemprofile\AppData\Local\Application Data\Application Data\Application Data\Application Data
10/16/2009 01:11 PM <JUNCTION> Application Data [C:\Windows\system32\config\systemprofile\AppData\Local]
10/16/2009 01:11 PM <JUNCTION> History [..]
10/16/2009 01:11 PM <JUNCTION> Temporary Internet Files [..]
0 File(s) 0 bytes
Directory of C:\Windows\System32\config\systemprofile\AppData\Local\Application Data\Application Data\Application Data\Application Data\Application Data
10/16/2009 01:11 PM <JUNCTION> Application Data [C:\Windows\system32\config\systemprofile\AppData\Local]
10/16/2009 01:11 PM <JUNCTION> History [..]
10/16/2009 01:11 PM <JUNCTION> Temporary Internet Files [..]
0 File(s) 0 bytes
Directory of C:\Windows\System32\config\systemprofile\AppData\Local\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data
10/16/2009 01:11 PM <JUNCTION> Application Data [C:\Windows\system32\config\systemprofile\AppData\Local]
10/16/2009 01:11 PM <JUNCTION> History [..]
10/16/2009 01:11 PM <JUNCTION> Temporary Internet Files [..]
0 File(s) 0 bytes
Directory of C:\Windows\System32\config\systemprofile\AppData\Local\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data
10/16/2009 01:11 PM <JUNCTION> Application Data [C:\Windows\system32\config\systemprofile\AppData\Local]
10/16/2009 01:11 PM <JUNCTION> History [..]
10/16/2009 01:11 PM <JUNCTION> Temporary Internet Files [..]
0 File(s) 0 bytes
Directory of C:\Windows\System32\config\systemprofile\AppData\Local\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data
10/16/2009 01:11 PM <JUNCTION> Application Data [C:\Windows\system32\config\systemprofile\AppData\Local]
10/16/2009 01:11 PM <JUNCTION> History [..]
10/16/2009 01:11 PM <JUNCTION> Temporary Internet Files [..]
0 File(s) 0 bytes
Directory of C:\Windows\System32\config\systemprofile\AppData\Local\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data
10/16/2009 01:11 PM <JUNCTION> Application Data [C:\Windows\system32\config\systemprofile\AppData\Local]
10/16/2009 01:11 PM <JUNCTION> History [..]
10/16/2009 01:11 PM <JUNCTION> Temporary Internet Files [..]
0 File(s) 0 bytes
Directory of C:\Windows\System32\config\systemprofile\AppData\Local\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data
10/16/2009 01:11 PM <JUNCTION> Application Data [C:\Windows\system32\config\systemprofile\AppData\Local]
10/16/2009 01:11 PM <JUNCTION> History [..]
10/16/2009 01:11 PM <JUNCTION> Temporary Internet Files [..]
0 File(s) 0 bytes
Directory of C:\Windows\System32\config\systemprofile\AppData\Local\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data
10/16/2009 01:11 PM <JUNCTION> Application Data [C:\Windows\system32\config\systemprofile\AppData\Local]
10/16/2009 01:11 PM <JUNCTION> History [..]
10/16/2009 01:11 PM <JUNCTION> Temporary Internet Files [.]
0 File(s) 0 bytes
Directory of C:\Windows\winsxs\x86_security-malware-windows-defender-events_31bf3856ad364e35_6.0.6000.16386_none_b3613e39beae266f
11/02/2006 08:33 AM <SYMLINK> MpEvMsg.dll [c:\windows\system32\config]
1 File(s) 65,640 bytes
Directory of C:\Windows\winsxs\x86_security-malware-windows-defender_31bf3856ad364e35_6.0.6001.18000_none_57bcb0ca582f18c5
11/02/2006 08:33 AM <SYMLINK> MpAsDesc.dll [c:\windows\system32\config]
01/20/2008 10:32 PM <SYMLINK> MpClient.dll [c:\windows\system32\config]
01/20/2008 10:33 PM <SYMLINK> MpCmdRun.exe [c:\windows\system32\config]
01/20/2008 10:33 PM <SYMLINK> MpOAV.dll [c:\windows\system32\config]
01/20/2008 10:33 PM <SYMLINK> MpRtMon.dll [c:\windows\system32\config]
01/20/2008 10:33 PM <SYMLINK> MpRtPlug.dll [c:\windows\system32\config]
01/20/2008 10:33 PM <SYMLINK> MpSigDwn.dll [c:\windows\system32\config]
01/20/2008 10:33 PM <SYMLINK> MpSoftEx.dll [c:\windows\system32\config]
01/20/2008 10:33 PM <SYMLINK> MpSvc.dll [c:\windows\system32\config]
01/20/2008 10:33 PM <SYMLINK> MSASCui.exe [c:\windows\system32\config]
01/20/2008 10:33 PM <SYMLINK> MsMpCom.dll [c:\windows\system32\config]
11/02/2006 08:33 AM <SYMLINK> MsMpLics.dll [c:\windows\system32\config]
11/02/2006 08:33 AM <SYMLINK> MsMpRes.dll [c:\windows\system32\config]
13 File(s) 4,280,168 bytes
Directory of C:\Windows\winsxs\x86_security-malware-windows-defender_31bf3856ad364e35_6.0.6002.18005_none_59a829d65550e411
11/02/2006 08:33 AM <SYMLINK> MpAsDesc.dll [c:\windows\system32\config]
01/20/2008 10:32 PM <SYMLINK> MpClient.dll [c:\windows\system32\config]
01/20/2008 10:33 PM <SYMLINK> MpCmdRun.exe [c:\windows\system32\config]
01/20/2008 10:33 PM <SYMLINK> MpOAV.dll [c:\windows\system32\config]
01/20/2008 10:33 PM <SYMLINK> MpRtMon.dll [c:\windows\system32\config]
01/20/2008 10:33 PM <SYMLINK> MpRtPlug.dll [c:\windows\system32\config]
01/20/2008 10:33 PM <SYMLINK> MpSigDwn.dll [c:\windows\system32\config]
01/20/2008 10:33 PM <SYMLINK> MpSvc.dll [c:\windows\system32\config]
01/20/2008 10:33 PM <SYMLINK> MSASCui.exe [c:\windows\system32\config]
01/20/2008 10:33 PM <SYMLINK> MsMpCom.dll [c:\windows\system32\config]
11/02/2006 08:33 AM <SYMLINK> MsMpLics.dll [c:\windows\system32\config]
11/02/2006 08:33 AM <SYMLINK> MsMpRes.dll [c:\windows\system32\config]
12 File(s) 3,765,552 bytes
Total Files Listed:
40 File(s) 12,457,168 bytes
418 Dir(s) 221,458,124,800 bytes free
< End of report >
OTL Extras logfile created on: 10/13/2013 12:53:18 PM - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Sean\Desktop
Windows Vista Home Basic Edition Service Pack 1 (Version = 6.0.6001) - Type = NTWorkstation
Internet Explorer (Version = 7.0.6001.18000)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy
2.96 Gb Total Physical Memory | 1.64 Gb Available Physical Memory | 55.36% Memory free
6.13 Gb Paging File | 4.95 Gb Available in Paging File | 80.69% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 283.40 Gb Total Space | 206.26 Gb Free Space | 72.78% Space Free | Partition Type: NTFS
Drive D: | 14.65 Gb Total Space | 9.12 Gb Free Space | 62.28% Space Free | Partition Type: NTFS
Drive F: | 7.44 Gb Total Space | 7.43 Gb Free Space | 99.93% Space Free | Partition Type: FAT32
Computer Name: SEAN-PC | User Name: Sean | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
========== Extra Registry (SafeList) ==========
========== File Associations ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
.hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation)
.url [@ = InternetShortcut] -- rundll32.exe ieframe.dll,OpenURL %l
========== Shell Spawning ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [open] -- rundll32.exe ieframe.dll,OpenURL %l
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe /separate,/idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /separate,/e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
========== Security Center Settings ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
"FirewallDisableNotify" = 0
"AntiVirusDisableNotify" = 0
"UpdatesDisableNotify" = 0
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
"VistaSp1" = Reg Error: Unknown registry data type -- File not found
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]
========== System Restore Settings ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR" = 0
========== Firewall Settings ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile]
[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
========== Authorized Applications List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
========== Vista Active Open Ports Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{0294BB2F-6178-459D-8C46-8D1C40D6AD6B}" = rport=445 | protocol=6 | dir=out | app=system |
"{057550CC-1C7E-4C7B-A2F8-3A8DDC978C8C}" = lport=138 | protocol=17 | dir=in | app=system |
"{08E024BB-596A-4DFF-A430-159062EB67CE}" = lport=10243 | protocol=6 | dir=in | app=system |
"{19A5737B-0BEE-43C8-BCD3-3CC714AA4FD3}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{25B9D31D-64EC-44F5-900B-17177C3E5D3C}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{295EF879-34FC-4A05-A484-51AA1443280E}" = lport=445 | protocol=6 | dir=in | app=system |
"{2FA65B31-3A9D-4C20-AFC6-469495F0EF44}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{4084E937-EAAA-47EE-9520-7BE7CE434C09}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe |
"{4BF5EB07-06A2-40E2-B5B6-244EF5C49A0F}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | [email protected],-28539 |
"{5456EA1E-AF45-48BD-9C96-AB99A6CCF1D9}" = lport=139 | protocol=6 | dir=in | app=system |
"{6364B77A-8796-4078-B3CC-5963A3E70B4F}" = rport=139 | protocol=6 | dir=out | app=system |
"{6EFD3216-D4DB-448C-81DA-E8838C66FFD2}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{7C7BD74E-D59D-40F9-8481-A74C4729E9DD}" = rport=138 | protocol=17 | dir=out | app=system |
"{86444BB3-291D-4D31-A046-BB4AA3243C28}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{AF8150A9-8B4A-4262-900E-D368942052B3}" = lport=2869 | protocol=6 | dir=in | app=system |
"{BE10AB93-C4A6-464B-BE93-069E778BFF99}" = rport=10243 | protocol=6 | dir=out | app=system |
"{C232D951-55E7-4D04-9346-F88A07FC0B22}" = lport=137 | protocol=17 | dir=in | app=system |
"{C428A183-FD79-40B5-990D-895328F43AC8}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{CF0676E6-E2EC-438A-9741-7029DEBD00CE}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{F534D21D-02A4-4E48-A237-A3745ED5E6D3}" = rport=137 | protocol=17 | dir=out | app=system |
"{F9C1EEE5-72B7-40C6-BC7C-64E9DF7DEB39}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
========== Vista Active Application Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{003C7A18-60D9-4C89-94D8-DE42C1AA1D76}" = protocol=58 | dir=in | [email protected],-28545 |
"{02A4D600-582A-4C14-ADFE-C125CF0CB18F}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{1473D86F-6F04-46A3-9153-CD04272511DC}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
"{4849799C-D8E9-4360-8F9A-6B5F2BCC7EA4}" = protocol=1 | dir=in | [email protected],-28543 |
"{56E808A1-BFD0-4B79-B567-B9FA848D697F}" = protocol=1 | dir=out | [email protected],-28544 |
"{61FB8AD2-C831-45AB-9DFB-D685C3A8300D}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{62F27534-2769-4D2F-B42F-E96E62F64F44}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{65901CFC-D156-4C8F-90EA-C26D256CA195}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{68F6992D-6E9D-4F14-88EC-3E0B8BEC7EFF}" = protocol=6 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{8642AF85-31DC-4BB3-8E9D-1E478C224084}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{A5589677-56C4-46C1-A86B-1F0B5425786F}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{AB3FBA72-52C3-4476-9A38-230DBE05659B}" = protocol=17 | dir=in | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{BC7833D1-AE4B-4CAB-BDD5-6EA587E5C763}" = protocol=6 | dir=out | app=system |
"{CE504808-152F-4073-8BB9-0F8E7C4D30C6}" = protocol=17 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{D3648D1D-2BA3-4973-9B7E-EDC907B6E342}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{E8715BB0-E132-4617-B344-62E03BFE2C1C}" = protocol=58 | dir=out | [email protected],-28546 |
"{E926E57D-011D-4F63-BCC5-FFCFDC28D091}" = protocol=6 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{EFA98652-B437-42AA-B7D3-EFFD71ED4ECD}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{F7DCF881-DB9D-4779-8D1C-CCCBAC7C73FF}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
========== HKEY_LOCAL_MACHINE Uninstall List ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{020D8396-D6D9-4B53-A9A1-83C47E2E27AA}" = Windows Live Call
"{08E81ABD-79F7-49C2-881F-FD6CB0975693}" = Roxio Creator Data
"{095B1DCF-5E8B-47EC-9B18-481918A731DB}" = Microsoft Default Manager
"{09760D42-E223-42AD-8C3E-55B47D0DDAC3}" = Roxio Creator DE 10.3
"{0AAA9C97-74D4-47CE-B089-0B147EF3553C}" = Windows Live Messenger
"{18455581-E099-4BA8-BC6B-F34B2F06600C}" = Google Toolbar for Internet Explorer
"{1A6D9B5E-9BAB-4141-85BA-2C6552FA7913}" = Dell Backup and Recovery Manager
"{1F54DAFA-9261-4A62-B59D-6C9F26B48FE4}" = Roxio Creator Tools
"{205C6BDD-7B73-42DE-8505-9A093F35A238}" = Windows Live Upload Tool
"{22B775E7-6C42-4FC5-8E10-9A5E3257BD94}" = MSVCRT
"{2318C2B1-4965-11d4-9B18-009027A5CD4F}" = Google Toolbar for Internet Explorer
"{26A24AE4-039D-4CA4-87B4-2F83216013FF}" = Java™ 6 Update 13
"{30465B6C-B53F-49A1-9EBA-A3F187AD502E}" = Roxio Update Manager
"{3138EAD3-700B-4A10-B617-B3F8096EE30D}" = Dell Edoc Viewer
"{37F964E4-9C3F-4066-B933-1747D3AC6737}" = Personal Entertainment Launcher
"{3C3901C5-3455-3E0A-A214-0B093A5070A6}" = Microsoft .NET Framework 4 Client Profile
"{4AB8B41B-3AF1-46BE-99B0-0ACD3B300C0A}" = Junk Mail filter update
"{63C1109E-D977-49ED-BCE3-D00D0BF187D6}" = Windows Live Mail
"{6675CA7F-E51B-4F6A-99D4-F8F0124C6EAA}" = Roxio Express Labeler 3
"{669C7BD8-DAA2-49B6-966C-F1E2AAE6B17E}" = Cisco PEAP Module
"{6811CAA0-BF12-11D4-9EA1-0050BAE317E1}" = PowerDVD DX
"{6A92E5C5-0578-443D-91F3-92ECE5F2CAE2}" = Windows Live Writer
"{6D3963B0-E13B-4FC3-B0FF-506A304BB043}" = Cisco EAP-FAST Module
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{73A4F29F-31AC-4EBD-AA1B-0CC5F18C8F83}" = Roxio Creator Audio
"{75685CA8-0B74-45BB-9C64-744A0FB79EDC}" = Business Tools Launcher
"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
"{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}" = Apple Software Update
"{79155F2B-9895-49D7-8612-D92580E0DE5B}" = Bonjour
"{83770D14-21B9-44B3-8689-F7B523F94560}" = Cisco LEAP Module
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8A74E887-8F0F-4017-AF53-CBA42211AAA5}" = Microsoft Sync Framework Runtime Native v1.0 (x86)
"{8FFC5648-FAF8-43A3-BC8F-42BA1E275C4E}" = Choice Guard
"{90120000-0016-0409-0000-0000000FF1CE}" = Microsoft Office Excel MUI (English) 2007
"{90120000-0016-0409-0000-0000000FF1CE}_BASICR_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001A-0409-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (English) 2007
"{90120000-001A-0409-0000-0000000FF1CE}_BASICR_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001B-0409-0000-0000000FF1CE}" = Microsoft Office Word MUI (English) 2007
"{90120000-001B-0409-0000-0000000FF1CE}_BASICR_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-0409-0000-0000000FF1CE}_BASICR_{1FF96026-A04A-4C3E-B50A-BB7022654D0F}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2007
"{90120000-001F-040C-0000-0000000FF1CE}_BASICR_{71F055E8-E2C6-4214-BB3D-BFE03561B89E}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-0C0A-0000-0000000FF1CE}" = Microsoft Office Proof (Spanish) 2007
"{90120000-001F-0C0A-0000-0000000FF1CE}_BASICR_{2314F9A1-126F-45CC-8A5E-DFAF866F3FBC}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-002C-0409-0000-0000000FF1CE}" = Microsoft Office Proofing (English) 2007
"{90120000-006E-0409-0000-0000000FF1CE}" = Microsoft Office Shared MUI (English) 2007
"{90120000-006E-0409-0000-0000000FF1CE}_BASICR_{98333358-268C-4164-B6D4-C96DF5153727}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0115-0409-0000-0000000FF1CE}" = Microsoft Office Shared Setup Metadata MUI (English) 2007
"{90120000-0115-0409-0000-0000000FF1CE}_BASICR_{98333358-268C-4164-B6D4-C96DF5153727}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90140000-2005-0000-0000-0000000FF1CE}" = Microsoft Office File Validation Add-In
"{91120000-0013-0000-0000-0000000FF1CE}" = Microsoft Office Basic 2007
"{91120000-0013-0000-0000-0000000FF1CE}_BASICR_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{9422C8EA-B0C6-4197-B8FC-DC797658CA00}" = Windows Live Sign-in Assistant
"{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting
"{9EDA3DD1-130D-4EE1-A3D2-5A3D795CC8C9}" = MFCLOC
"{9F72EF8B-AEC9-4CA5-B483-143980AFD6FD}" = Dell Touchpad
"{A17EABB6-D0C6-44E5-820C-72DC7F495064}" = PaperPort
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{AC76BA86-1033-F400-BA7E-000000000004}" = Adobe Acrobat 9 Standard - English, Français, Deutsch
"{AC76BA86-1033-F400-BA7E-000000000004}{AC76BA86-1033-F400-BA7E-000000000004}" = Adobe Acrobat 9 Standard - English, Français, Deutsch
"{B4089055-D468-45A4-A6BA-5A138DD715FC}" = Bing Bar
"{B6A26DE5-F2B5-4D58-9570-4FC760E00FCD}" = Roxio Creator Copy
"{B8ABB25D-1E30-4ED7-A3CE-0F8BED439647}" = Product Support Launcher
"{B8F9A34D-BF72-4177-8AFE-8E13F62304BE}" = ACI Desktop Additional Components
"{BD64AF4A-8C80-4152-AD77-FCDDF05208AB}" = Microsoft Sync Framework Services Native v1.0 (x86)
"{C1067095-24AB-4BCD-B64B-BE83A9186DCE}" = ACI Collection 32
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{D9D754A1-EAC5-406C-A28B-C49B1E846711}" = Windows Live Essentials
"{E3BFEE55-39E2-4BE0-B966-89FE583822C1}" = Dell Support Center
"{EB879750-CCBD-4013-BFD5-0294D4DA5BD0}" = Apple Application Support
"{ED439A64-F018-4DD4-8BA5-328D85AB09AB}" = Roxio Creator DE 10.3
"{EFC04D3F-A152-47E7-8517-EE0F6201AFEF}" = Apple Mobile Device Support
"{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]
"{F69E83CF-B440-43F8-89E6-6EA80712109B}" = Windows Live Communications Platform
"{F73A5B18-EB75-4B2C-B32D-9457576E2417}" = Windows Live Photo Gallery
"{FDD810CA-D5E3-40E9-AB7B-36440B0D41EF}" = Windows Live Sync
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"AIM_7" = AIM 7
"BASICR" = Microsoft Office Basic 2007
"Broadcom 802.11b Network Adapter" = Dell Wireless WLAN Card Utility
"HDMI" = Intel® Graphics Media Accelerator Driver
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"N360" = Norton 360
"SoftwareUpdUtility" = Download Updater (AOL LLC)
"WinLiveSuite_Wave3" = Windows Live Essentials
"WinPic800" = WinPic800
========== HKEY_USERS Uninstall List ==========
[HKEY_USERS\S-1-5-21-1123020354-2309276913-2768379519-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"576b135c0f3609c8" = 360SerAppV1
========== Last 20 Event Log Errors ==========
[ Application Events ]
Error - 10/6/2013 10:07:29 AM | Computer Name = Sean-PC | Source = WinMgmt | ID = 28
Description =
Error - 10/6/2013 10:24:07 AM | Computer Name = Sean-PC | Source = WinMgmt | ID = 28
Description =
Error - 10/6/2013 10:25:26 AM | Computer Name = Sean-PC | Source = Application Error | ID = 1000
Description = Faulting application Explorer.EXE, version 6.0.6001.18164, time stamp
0x4907e242, faulting module ntdll.dll, version 6.0.6001.22777, time stamp 0x4cb72ffe,
exception code 0xc0000005, fault offset 0x00059648, process id 0xbe4, application
start time 0x01cec29fe02986b7.
Error - 10/6/2013 10:37:21 AM | Computer Name = Sean-PC | Source = WinMgmt | ID = 28
Description =
Error - 10/6/2013 10:47:20 AM | Computer Name = Sean-PC | Source = WinMgmt | ID = 28
Description =
Error - 10/6/2013 11:01:01 AM | Computer Name = Sean-PC | Source = WinMgmt | ID = 28
Description =
Error - 10/6/2013 11:05:14 AM | Computer Name = Sean-PC | Source = Software Licensing Service | ID = 1001
Description = The Software Licensing service failed to start. hr=0x80070002, [2,
4]
Error - 10/6/2013 11:05:23 AM | Computer Name = Sean-PC | Source = WinMgmt | ID = 28
Description =
Error - 10/6/2013 11:09:24 AM | Computer Name = Sean-PC | Source = WinMgmt | ID = 28
Description =
Error - 10/6/2013 11:11:48 AM | Computer Name = Sean-PC | Source = WinMgmt | ID = 28
Description =
[ Broadcom Wireless LAN Events ]
Error - 3/19/2013 9:05:06 PM | Computer Name = Sean-PC | Source = WLAN-Tray | ID = 0
Description = 21:05:05, Tue, Mar 19, 13 Error - Unable to gain access to user store
Error - 3/29/2013 4:00:27 PM | Computer Name = Sean-PC | Source = WLAN-Tray | ID = 0
Description = 16:00:26, Fri, Mar 29, 13 Error - Unable to gain access to user store
Error - 4/27/2013 11:48:52 AM | Computer Name = Sean-PC | Source = WLAN-Tray | ID = 0
Description = 11:48:52, Sat, Apr 27, 13 Error - Unable to gain access to user store
Error - 5/1/2013 8:11:01 PM | Computer Name = Sean-PC | Source = WLAN-Tray | ID = 0
Description = 20:11:01, Wed, May 01, 13 Error - Unable to gain access to user store
Error - 5/2/2013 7:56:49 PM | Computer Name = Sean-PC | Source = WLAN-Tray | ID = 0
Description = 19:56:48, Thu, May 02, 13 Error - Unable to gain access to user store
Error - 5/27/2013 8:56:44 PM | Computer Name = Sean-PC | Source = WLAN-Tray | ID = 0
Description = 20:56:43, Mon, May 27, 13 Error - Unable to decrypt string
Error - 6/23/2013 8:06:00 PM | Computer Name = Sean-PC | Source = WLAN-Tray | ID = 0
Description = 20:06:00, Sun, Jun 23, 13 Error - Unable to gain access to user store
Error - 7/10/2013 6:06:21 PM | Computer Name = Sean-PC | Source = WLAN-Tray | ID = 0
Description = 18:06:20, Wed, Jul 10, 13 Error - Unable to gain access to user store
Error - 10/6/2013 10:39:58 AM | Computer Name = Sean-PC | Source = WLAN-Tray | ID = 0
Description = 10:39:57, Sun, Oct 06, 13 Error - Unable to gain access to user store
Error - 10/6/2013 9:54:19 PM | Computer Name = Sean-PC | Source = WLAN-Tray | ID = 0
Description = 21:54:19, Sun, Oct 06, 13 Error - Unable to gain access to user store
Error encountered while reading event logs.
< End of report >
Also, fyi - When i finally got onto the desktop and i connected to the Wifi in my house, it would connect to the network but I couldn't get on the internet. I have to go into the Network connections, right click on the network bridge and then click repair or diagnose and then Windows runs a scan and it works. Just was wondering if that had to do with the virus or that was another issue all together. I don't know if that was always an issue because this is my friends computer.
OTL logfile created on: 10/13/2013 12:53:18 PM - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Sean\Desktop
Windows Vista Home Basic Edition Service Pack 1 (Version = 6.0.6001) - Type = NTWorkstation
Internet Explorer (Version = 7.0.6001.18000)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy
2.96 Gb Total Physical Memory | 1.64 Gb Available Physical Memory | 55.36% Memory free
6.13 Gb Paging File | 4.95 Gb Available in Paging File | 80.69% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 283.40 Gb Total Space | 206.26 Gb Free Space | 72.78% Space Free | Partition Type: NTFS
Drive D: | 14.65 Gb Total Space | 9.12 Gb Free Space | 62.28% Space Free | Partition Type: NTFS
Drive F: | 7.44 Gb Total Space | 7.43 Gb Free Space | 99.93% Space Free | Partition Type: FAT32
Computer Name: SEAN-PC | User Name: Sean | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
========== Processes (SafeList) ==========
PRC - [2013/10/13 12:50:48 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Sean\Desktop\OTL.exe
PRC - [2013/10/13 11:57:18 | 000,069,792 | ---- | M] (Absolute Software Corp.) -- C:\Windows\System32\rpcnet.exe
PRC - [2013/06/24 01:52:17 | 000,308,816 | ---- | M] (Google Inc.) -- C:\Program Files\Google\Google Toolbar\GoogleToolbarUser_32.exe
PRC - [2013/05/21 00:44:22 | 000,144,368 | R--- | M] (Symantec Corporation) -- C:\Program Files\Norton 360\Engine\20.4.0.40\ccsvchst.exe
PRC - [2011/10/13 18:21:52 | 000,249,648 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft\BingBar\SeaPort.EXE
PRC - [2011/01/05 13:11:04 | 004,321,112 | ---- | M] (AOL Inc.) -- C:\Program Files\AIM\aim.exe
PRC - [2009/04/11 15:16:16 | 002,927,104 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe
PRC - [2009/03/31 10:28:10 | 000,483,420 | ---- | M] (IDT, Inc.) -- C:\Program Files\IDT\WDM\sttray.exe
PRC - [2009/03/31 10:28:00 | 000,249,938 | ---- | M] (IDT, Inc.) -- C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_ec3a90dd\stacsv.exe
PRC - [2009/03/31 10:27:48 | 000,081,920 | ---- | M] (Andrea Electronics Corporation) -- C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_ec3a90dd\AEstSrv.exe
PRC - [2009/03/31 10:26:12 | 000,049,250 | ---- | M] (Alps Electric Co., Ltd.) -- C:\Program Files\DellTPad\hidfind.exe
PRC - [2009/03/31 10:25:54 | 000,217,088 | ---- | M] (Alps Electric Co., Ltd.) -- C:\Program Files\DellTPad\Apoint.exe
PRC - [2009/03/31 10:25:52 | 000,049,152 | ---- | M] (Alps Electric Co., Ltd.) -- C:\Program Files\DellTPad\ApntEx.exe
PRC - [2009/03/31 10:25:50 | 000,054,568 | ---- | M] (Alps Electric Co., Ltd.) -- C:\Program Files\DellTPad\ApMsgFwd.exe
PRC - [2009/02/04 22:26:38 | 000,128,232 | ---- | M] (CyberLink Corp.) -- C:\Program Files\CyberLink\PowerDVD DX\PDVDDXSrv.exe
PRC - [2009/01/07 23:55:00 | 000,072,224 | ---- | M] (O2Micro International) -- C:\Windows\System32\drivers\o2flash.exe
PRC - [2008/06/11 23:43:26 | 000,640,376 | ---- | M] (Adobe Systems Inc.) -- C:\Program Files\Adobe\Acrobat 9.0\Acrobat\acrotray.exe
========== Modules (No Company Name) ==========
MOD - [2012/05/30 10:51:08 | 000,699,280 | R--- | M] () -- C:\Program Files\Norton 360\Engine\20.4.0.40\wincfi39.dll
MOD - [2011/07/03 08:17:07 | 000,771,584 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Remo#\dee800943eedfcd6120a7b56f0887fb0\System.Runtime.Remoting.ni.dll
MOD - [2011/07/03 08:12:52 | 007,950,848 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System\a9288099fbc6849c6c7523745b4f64f4\System.ni.dll
MOD - [2011/07/03 08:12:23 | 011,492,352 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\a189480a53deaaf80a820de30553259b\mscorlib.ni.dll
MOD - [2011/01/05 13:06:43 | 000,176,128 | ---- | M] () -- C:\Program Files\AIM\nssckbi.dll
MOD - [2008/12/11 13:47:34 | 000,055,808 | ---- | M] () -- C:\Windows\System32\bcmwlrmt.dll
========== Services (SafeList) ==========
SRV - [2013/10/13 11:57:18 | 000,069,792 | ---- | M] (Absolute Software Corp.) [Auto | Running] -- C:\Windows\System32\rpcnet.exe -- (rpcnet)
SRV - [2013/05/21 00:44:22 | 000,144,368 | R--- | M] (Symantec Corporation) [Auto | Running] -- C:\Program Files\Norton 360\Engine\20.4.0.40\ccSvcHst.exe -- (N360)
SRV - [2011/10/21 16:23:42 | 000,196,176 | ---- | M] (Microsoft Corporation.) [Auto | Stopped] -- C:\Program Files\Microsoft\BingBar\BBSvc.EXE -- (BBSvc)
SRV - [2011/10/13 18:21:52 | 000,249,648 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Microsoft\BingBar\SeaPort.EXE -- (BBUpdate)
SRV - [2009/10/16 13:15:55 | 000,651,720 | ---- | M] (Macrovision Europe Ltd.) [On_Demand | Stopped] -- C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe -- (FLEXnet Licensing Service)
SRV - [2009/03/31 10:28:00 | 000,249,938 | ---- | M] (IDT, Inc.) [Auto | Running] -- C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_ec3a90dd\stacsv.exe -- (STacSV)
SRV - [2009/03/31 10:27:48 | 000,081,920 | ---- | M] (Andrea Electronics Corporation) [Auto | Running] -- C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_ec3a90dd\AEstSrv.exe -- (AESTFilters)
SRV - [2009/01/07 23:55:00 | 000,072,224 | ---- | M] (O2Micro International) [Auto | Running] -- C:\Windows\System32\drivers\o2flash.exe -- (O2FLASH)
SRV - [2008/01/20 22:33:00 | 000,272,952 | ---- | M] () [On_Demand | Stopped] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
========== Driver Services (SafeList) ==========
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\nwlnkfwd.sys -- (NwlnkFwd)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\nwlnkflt.sys -- (NwlnkFlt)
DRV - File not found [Kernel | On_Demand | Unknown] -- C:\Users\Sean\AppData\Local\Temp\mbr.sys -- (mbr)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\ipinip.sys -- (IpInIp)
DRV - File not found [Kernel | On_Demand | Running] -- C:\ComboFix\catchme.sys -- (catchme)
DRV - [2013/10/13 11:49:52 | 000,392,792 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_20.3.1.22\Definitions\IPSDefs\20131011.001\IDSvix86.sys -- (IDSVix86)
DRV - [2013/09/24 00:37:15 | 001,097,304 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_20.3.1.22\Definitions\BASHDefs\20130924.001\BHDrvx86.sys -- (BHDrvx86)
DRV - [2013/09/21 11:29:17 | 001,612,376 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_20.3.1.22\Definitions\VirusDefs\20131012.006\NAVEX15.SYS -- (NAVEX15)
DRV - [2013/09/21 11:29:17 | 000,108,120 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Unknown] -- C:\Program Files\Common Files\Symantec Shared\EENGINE\EraserUtilDrv11311.sys -- (EraserUtilDrv11311)
DRV - [2013/09/21 11:29:17 | 000,093,272 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_20.3.1.22\Definitions\VirusDefs\20131012.006\NAVENG.SYS -- (NAVENG)
DRV - [2013/08/26 22:06:53 | 000,376,920 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Program Files\Common Files\Symantec Shared\EENGINE\eeCtrl.sys -- (eeCtrl)
DRV - [2013/06/17 17:47:40 | 000,142,496 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\SYMEVENT.SYS -- (SymEvent)
DRV - [2013/05/23 01:25:28 | 000,934,488 | ---- | M] (Symantec Corporation) [File_System | Boot | Running] -- C:\Windows\System32\drivers\N360\1404000.028\symefa.sys -- (SymEFA)
DRV - [2013/05/21 01:02:00 | 000,367,704 | ---- | M] (Symantec Corporation) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\N360\1404000.028\symds.sys -- (SymDS)
DRV - [2013/05/16 01:02:14 | 000,603,224 | ---- | M] (Symantec Corporation) [File_System | On_Demand | Running] -- C:\Windows\System32\drivers\N360\1404000.028\srtsp.sys -- (SRTSP)
DRV - [2013/04/24 20:43:56 | 000,352,344 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Windows\System32\drivers\N360\1404000.028\symtdiv.sys -- (SYMTDIv)
DRV - [2013/04/15 22:41:14 | 000,134,744 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Windows\System32\drivers\N360\1404000.028\ccsetx86.sys -- (ccSet_N360)
DRV - [2013/03/04 21:39:19 | 000,175,264 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Windows\System32\drivers\N360\1404000.028\ironx86.sys -- (SymIRON)
DRV - [2013/03/04 21:21:35 | 000,032,344 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Windows\System32\drivers\N360\1404000.028\srtspx.sys -- (SRTSPX)
DRV - [2010/07/12 14:49:18 | 000,060,104 | ---- | M] (FTDI Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ftdibus.sys -- (FTDIBUS)
DRV - [2009/03/31 10:28:14 | 000,394,240 | ---- | M] (IDT, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\stwrt.sys -- (STHDA)
DRV - [2009/03/31 10:25:48 | 000,196,144 | ---- | M] (Alps Electric Co., Ltd.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\Apfiltr.sys -- (ApfiltrService)
DRV - [2009/02/02 11:21:30 | 000,142,848 | ---- | M] (Realtek Corporation ) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\Rtlh86.sys -- (RTL8169)
DRV - [2009/01/07 23:55:00 | 000,051,616 | ---- | M] (O2Micro ) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\o2mdg.sys -- (O2MDGRDR)
DRV - [2009/01/07 23:55:00 | 000,041,760 | ---- | M] (O2Micro ) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\o2sdg.sys -- (O2SDGRDR)
DRV - [2008/12/11 13:47:16 | 000,018,424 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\bcm42rly.sys -- (BCM42RLY)
DRV - [2008/01/20 22:32:51 | 000,220,672 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\e1e6032.sys -- (e1express)
DRV - [2006/11/02 03:36:43 | 002,028,032 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\atikmdag.sys -- (R300)
========== Standard Registry (SafeList) ==========
========== Internet Explorer ==========
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm
IE - HKLM\..\SearchScopes,DefaultScope = {0B4A10D1-FBD6-451d-BFDA-F03252B05984}
IE - HKLM\..\SearchScopes\{0B4A10D1-FBD6-451d-BFDA-F03252B05984}: "URL" = http://slirsredirect...mrud=12-03-2011
IE - HKLM\..\SearchScopes\{7BB4B29D-CCC1-4EBD-82DC-E240EC8AAE53}: "URL" = http://search.live.c...ferrer:source?}
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-19\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = http://search.msn.com/spbasic.htm
IE - HKU\S-1-5-19\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://securityrespo...er/fix_homepage
IE - HKU\S-1-5-20\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = http://search.msn.com/spbasic.htm
IE - HKU\S-1-5-20\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://securityrespo...er/fix_homepage
IE - HKU\S-1-5-21-1123020354-2309276913-2768379519-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://google.com/
IE - HKU\S-1-5-21-1123020354-2309276913-2768379519-1000\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 2
IE - HKU\S-1-5-21-1123020354-2309276913-2768379519-1000\..\SearchScopes,DefaultScope = {7BB4B29D-CCC1-4EBD-82DC-E240EC8AAE53}
IE - HKU\S-1-5-21-1123020354-2309276913-2768379519-1000\..\SearchScopes\{549f497d-56b5-4723-8345-1091121b1034}: "URL" = http://slirsredirect...mrud=12-03-2011
IE - HKU\S-1-5-21-1123020354-2309276913-2768379519-1000\..\SearchScopes\{7BB4B29D-CCC1-4EBD-82DC-E240EC8AAE53}: "URL" = http://search.live.c...ferrer:source?}
IE - HKU\S-1-5-21-1123020354-2309276913-2768379519-1000\..\SearchScopes\{AFBCB7E0-F91A-4951-9F31-58FEE57A25C4}: "URL" = http://nortonsafe.se...ct=sb&qsrc=2869
IE - HKU\S-1-5-21-1123020354-2309276913-2768379519-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-1123020354-2309276913-2768379519-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local
========== FireFox ==========
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\5.1.20513.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=14.0.8051.1204: C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.21.153\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.21.153\npGoogleUpdate3.dll (Google Inc.)
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{2D3F3651-74B9-4795-BDEC-6DA2F431CB62}: C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_20.3.1.22\coFFPlgn\ [2013/10/13 12:12:32 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{BBDA0591-3099-440a-AA10-41764D9DB4DB}: C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_20.3.1.22\IPSFF [2013/10/13 11:50:04 | 000,000,000 | ---D | M]
O1 HOSTS File: ([2013/10/13 12:09:38 | 000,000,027 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - No CLSID value found.
O2 - BHO: (Norton Identity Protection) - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files\Norton 360\Engine\20.4.0.40\coieplg.dll (Symantec Corporation)
O2 - BHO: (Norton Vulnerability Protection) - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files\Norton 360\Engine\20.4.0.40\ips\ipsbho.dll (Symantec Corporation)
O2 - BHO: (Adobe PDF Conversion Toolbar Helper) - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O2 - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.7.8313.1002\swg.dll (Google Inc.)
O2 - BHO: (Bing Bar Helper) - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files\Microsoft\BingBar\BingExt.dll (Microsoft Corporation.)
O2 - BHO: (SmartSelect Class) - {F4971EE7-DAA0-4053-9964-665D8EE6A077} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O3 - HKLM\..\Toolbar: (Adobe PDF) - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O3 - HKLM\..\Toolbar: (Norton Toolbar) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files\Norton 360\Engine\20.4.0.40\coieplg.dll (Symantec Corporation)
O3 - HKLM\..\Toolbar: (Bing Bar) - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files\Microsoft\BingBar\BingExt.dll (Microsoft Corporation.)
O3 - HKU\S-1-5-21-1123020354-2309276913-2768379519-1000\..\Toolbar\WebBrowser: (no name) - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - No CLSID value found.
O3 - HKU\S-1-5-21-1123020354-2309276913-2768379519-1000\..\Toolbar\WebBrowser: (Adobe PDF) - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O3 - HKU\S-1-5-21-1123020354-2309276913-2768379519-1000\..\Toolbar\WebBrowser: (Norton Toolbar) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files\Norton 360\Engine\20.4.0.40\coieplg.dll (Symantec Corporation)
O4 - HKLM..\Run: [Acrobat Assistant 8.0] C:\Program Files\Adobe\Acrobat 9.0\Acrobat\Acrotray.exe (Adobe Systems Inc.)
O4 - HKLM..\Run: [Adobe Acrobat Speed Launcher] C:\Program Files\Adobe\Acrobat 9.0\Acrobat\Acrobat_sl.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [Apoint] C:\Program Files\DellTPad\Apoint.exe (Alps Electric Co., Ltd.)
O4 - HKLM..\Run: [APSDaemon] C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.)
O4 - HKLM..\Run: [dscactivate] C:\Program Files\Dell Support Center\gs_agent\custom\dsca.exe ( )
O4 - HKLM..\Run: [PDVDDXSrv] C:\Program Files\CyberLink\PowerDVD DX\PDVDDXSrv.exe (CyberLink Corp.)
O4 - HKLM..\Run: [SysTrayApp] C:\Program Files\IDT\WDM\sttray.exe (IDT, Inc.)
O4 - HKU\S-1-5-21-1123020354-2309276913-2768379519-1000..\Run: [Aim] C:\Program Files\AIM\aim.exe (AOL Inc.)
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O7 - HKU\.DEFAULT\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-18\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-19\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-20\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-21-1123020354-2309276913-2768379519-1000\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-21-1123020354-2309276913-2768379519-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O8 - Extra context menu item: Append Link Target to Existing PDF - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Append to Existing PDF - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Convert Link Target to Adobe PDF - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Convert to Adobe PDF - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_13)
O16 - DPF: {CAFEEFAC-0016-0000-0013-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_13)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_13)
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.ad...Plus/1.6/gp.cab (Reg Error: Key error.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{6B75D1F8-6044-44A4-AA40-8432D2BFB747}: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{E0324D21-4CAA-40E0-A2E8-C5BEEF355272}: DhcpNameServer = 207.14.188.36 71.2.28.14
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\System32\userinit.exe (Microsoft Corporation)
O24 - Desktop WallPaper: C:\Windows\Web\Wallpaper\dellwall1.jpg
O24 - Desktop BackupWallPaper: C:\Windows\Web\Wallpaper\dellwall1.jpg
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2006/09/18 17:43:36 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = ComFile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
NetSvcs: FastUserSwitchingCompatibility - File not found
NetSvcs: Ias - C:\Windows\System32\ias.dll (Microsoft Corporation)
NetSvcs: Nla - File not found
NetSvcs: Ntmssvc - File not found
NetSvcs: NWCWorkstation - File not found
NetSvcs: Nwsapagent - File not found
NetSvcs: SRService - File not found
NetSvcs: WmdmPmSp - File not found
NetSvcs: LogonHours - File not found
NetSvcs: PCAudit - File not found
NetSvcs: helpsvc - File not found
NetSvcs: uploadmgr - File not found
CREATERESTOREPOINT
System Restore Service not available.
========== Files/Folders - Created Within 30 Days ==========
[2013/10/13 17:07:27 | 000,000,000 | ---D | C] -- C:\found.000
[2013/10/13 12:51:33 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Users\Sean\Desktop\OTL.exe
[2013/10/13 12:09:40 | 000,000,000 | ---D | C] -- C:\$RECYCLE.BIN
[2013/10/13 12:08:11 | 000,000,000 | ---D | C] -- C:\Windows\temp
[2013/10/13 12:01:46 | 000,518,144 | ---- | C] (SteelWerX) -- C:\Windows\SWREG.exe
[2013/10/13 12:01:46 | 000,406,528 | ---- | C] (SteelWerX) -- C:\Windows\SWSC.exe
[2013/10/13 12:01:46 | 000,060,416 | ---- | C] (NirSoft) -- C:\Windows\NIRCMD.exe
[2013/10/13 12:01:41 | 000,000,000 | ---D | C] -- C:\ComboFix
[2013/10/13 12:01:37 | 000,000,000 | ---D | C] -- C:\Qoobox
[2013/10/13 12:01:17 | 000,000,000 | ---D | C] -- C:\Windows\erdnt
[2013/10/13 12:00:49 | 005,132,083 | R--- | C] (Swearware) -- C:\Users\Sean\Desktop\ComboFix.exe
[2013/10/13 11:57:25 | 000,069,792 | ---- | C] (Absolute Software Corp.) -- C:\Windows\System32\rpcnet.exe
[2013/10/13 11:57:25 | 000,069,792 | ---- | C] (Absolute Software Corp.) -- C:\Windows\System32\rpcnet.dll
[2013/10/11 12:29:36 | 002,237,440 | R--- | C] (OldTimer Tools) -- C:\OTLPE.exe
[2013/10/11 12:29:36 | 000,000,000 | ---D | C] -- C:\_OTL
[2013/10/10 15:57:15 | 000,000,000 | ---D | C] -- C:\FRST
[2013/10/01 12:50:34 | 000,009,728 | ---- | C] (Absolute Software Corp.) -- C:\Windows\System32\wceprv.dll
[2013/10/01 12:49:40 | 000,039,936 | ---- | C] (Absolute Software Corporation) -- C:\Windows\System32\identprv.dll
========== Files - Modified Within 30 Days ==========
[2013/10/13 17:25:55 | 000,017,920 | ---- | M] () -- C:\Windows\System32\rpcnetp.dll
[2013/10/13 17:04:54 | 000,007,052 | ---- | M] () -- C:\Users\Sean\AppData\Local\d3d9caps.dat
[2013/10/13 13:03:02 | 000,000,882 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2013/10/13 12:50:48 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Sean\Desktop\OTL.exe
[2013/10/13 12:09:38 | 000,000,027 | ---- | M] () -- C:\Windows\System32\drivers\etc\hosts
[2013/10/13 12:09:31 | 000,000,878 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2013/10/13 12:09:29 | 000,017,920 | ---- | M] () -- C:\Windows\System32\rpcnetp.exe
[2013/10/13 12:09:27 | 000,069,792 | ---- | M] (Absolute Software Corp.) -- C:\Windows\System32\rpcnet.dll
[2013/10/13 12:09:23 | 000,003,616 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
[2013/10/13 12:09:23 | 000,003,616 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
[2013/10/13 12:09:19 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2013/10/13 12:09:17 | 3180,285,952 | -HS- | M] () -- C:\hiberfil.sys
[2013/10/13 11:59:06 | 005,132,083 | R--- | M] (Swearware) -- C:\Users\Sean\Desktop\ComboFix.exe
[2013/10/13 11:57:18 | 000,069,792 | ---- | M] (Absolute Software Corp.) -- C:\Windows\System32\rpcnet.exe
[2013/09/30 19:31:12 | 000,000,076 | ---- | M] () -- C:\Windows\System32\PDFWRITR.INI
[2013/09/30 19:31:12 | 000,000,076 | ---- | M] () -- C:\Windows\System32\__PDF.INI
========== Files Created - No Company Name ==========
[2013/10/13 12:01:46 | 000,256,000 | ---- | C] () -- C:\Windows\PEV.exe
[2013/10/13 12:01:46 | 000,208,896 | ---- | C] () -- C:\Windows\MBR.exe
[2013/10/13 12:01:46 | 000,098,816 | ---- | C] () -- C:\Windows\sed.exe
[2013/10/13 12:01:46 | 000,080,412 | ---- | C] () -- C:\Windows\grep.exe
[2013/10/13 12:01:46 | 000,068,096 | ---- | C] () -- C:\Windows\zip.exe
[2013/10/12 22:01:44 | 000,017,920 | ---- | C] () -- C:\Windows\System32\rpcnetp.dll
[2013/10/12 22:01:33 | 000,017,920 | ---- | C] () -- C:\Windows\System32\rpcnetp.exe
[2013/10/10 16:00:28 | 3180,285,952 | -HS- | C] () -- C:\hiberfil.sys
[2010/12/27 21:54:55 | 000,038,430 | ---- | C] () -- C:\Users\Sean\AppData\Roaming\Comma Separated Values (Windows).ADR
[2010/11/29 19:10:09 | 000,007,052 | ---- | C] () -- C:\Users\Sean\AppData\Local\d3d9caps.dat
[2010/02/15 19:14:07 | 000,004,608 | ---- | C] () -- C:\Users\Sean\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
========== ZeroAccess Check ==========
[2006/11/02 08:51:16 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini
[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2011/01/21 11:46:32 | 011,582,464 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2009/10/16 15:44:00 | 000,615,424 | ---- | M] (Microsoft Corporation)
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
"" = %systemroot%\system32\wbem\wbemess.dll -- [2008/01/20 22:33:39 | 000,347,648 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
========== LOP Check ==========
[2011/03/12 11:02:44 | 000,000,000 | ---D | M] -- C:\Users\Sean\AppData\Roaming\acccore
[2010/02/10 12:57:55 | 000,000,000 | ---D | M] -- C:\Users\Sean\AppData\Roaming\EServices
[2010/10/01 16:02:21 | 000,000,000 | ---D | M] -- C:\Users\Sean\AppData\Roaming\PC-FAX TX
========== Purity Check ==========
========== Custom Scans ==========
========== Base Services ==========
SRV - [2006/11/02 05:46:02 | 000,024,576 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\aelupsvc.dll -- (AeLookupSvc)
SRV - [2008/01/20 22:33:54 | 000,033,280 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\System32\appinfo.dll -- (Appinfo)
SRV - [2008/01/20 22:33:53 | 000,059,392 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\System32\alg.exe -- (ALG)
SRV - [2008/01/20 22:34:49 | 000,758,272 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\System32\qmgr.dll -- (BITS)
SRV - [2008/01/20 22:33:27 | 000,328,704 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\BFE.DLL -- (BFE)
SRV - [2009/06/15 08:57:59 | 000,009,728 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\System32\lsass.exe -- (KeyIso)
SRV - [2009/04/11 15:14:33 | 000,269,312 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\es.dll -- (EventSystem)
SRV - [2008/01/20 22:34:20 | 000,081,920 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\browser.dll -- (Browser)
SRV - [2008/01/20 22:34:19 | 000,128,000 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\cryptsvc.dll -- (CryptSvc)
SRV - [2009/10/16 15:44:01 | 000,551,424 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\rpcss.dll -- (DcomLaunch)
SRV - [2008/01/20 22:33:37 | 000,204,288 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\dhcpcsvc.dll -- (Dhcp)
SRV - [2011/03/02 10:49:43 | 000,086,528 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\dnsrslvr.dll -- (Dnscache)
SRV - [2008/01/20 22:34:51 | 000,057,344 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\System32\eapsvc.dll -- (EapHost)
SRV - [2009/04/11 15:22:07 | 000,026,112 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\hidserv.dll -- (hidserv)
SRV - [2008/01/20 22:33:46 | 000,288,256 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\ipnathlp.dll -- (SharedAccess)
SRV - [2009/04/11 15:12:50 | 000,361,984 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\IPSECSVC.DLL -- (PolicyAgent)
No service found with a name of MsMpSvc
No service found with a name of NisSrv
SRV - [2008/01/20 22:34:03 | 000,310,784 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\swprv.dll -- (swprv)
SRV - [2008/01/20 22:34:43 | 000,045,056 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\mmcss.dll -- (MMCSS)
SRV - [2008/01/20 22:33:50 | 000,274,432 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\System32\netman.dll -- (Netman)
SRV - [2008/01/20 22:34:04 | 000,237,056 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\netprofm.dll -- (netprofm)
SRV - [2008/01/20 22:33:15 | 000,168,448 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\nlasvc.dll -- (NlaSvc)
SRV - [2008/01/20 22:34:35 | 000,018,432 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\nsisvc.dll -- (nsi)
SRV - [2008/01/20 22:33:36 | 000,221,696 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\umpnpmgr.dll -- (PlugPlay)
SRV - [2010/08/17 09:32:33 | 000,126,464 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\spoolsv.exe -- (Spooler)
SRV - [2009/06/15 08:57:59 | 000,009,728 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\lsass.exe -- (ProtectedStorage)
SRV - [2009/04/11 15:17:56 | 000,565,248 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\emdmgmt.dll -- (EMDMgmt)
SRV - [2008/01/20 22:34:00 | 000,090,624 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\rasauto.dll -- (RasAuto)
SRV - [2009/04/11 15:02:26 | 000,260,608 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\System32\rasmans.dll -- (RasMan)
SRV - [2009/10/16 15:44:01 | 000,551,424 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\rpcss.dll -- (RpcSs)
SRV - [2008/01/20 22:34:19 | 000,019,968 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\seclogon.dll -- (seclogon)
SRV - [2009/06/15 08:57:59 | 000,009,728 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\lsass.exe -- (SamSs)
SRV - [2008/01/20 22:33:06 | 000,061,440 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\wscsvc.dll -- (wscsvc)
SRV - [2010/09/06 12:24:40 | 000,125,952 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\srvsvc.dll -- (LanmanServer)
SRV - [2009/07/10 08:21:29 | 000,247,808 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\shsvcs.dll -- (ShellHWDetection)
SRV - [2008/01/20 22:34:50 | 002,623,488 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\SLsvc.exe -- (slsvc)
SRV - [2010/11/06 07:09:57 | 000,603,648 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\schedsvc.dll -- (Schedule)
SRV - [2008/01/20 22:34:43 | 000,242,688 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\System32\tapisrv.dll -- (TapiSrv)
SRV - [2009/07/10 08:21:29 | 000,247,808 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\shsvcs.dll -- (Themes)
SRV - [2008/01/20 22:33:40 | 000,153,600 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\profsvc.dll -- (ProfSvc)
SRV - [2008/01/20 22:33:20 | 001,054,720 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\VSSVC.exe -- (VSS)
SRV - [2008/01/20 22:34:43 | 000,314,368 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\audiosrv.dll -- (Audiosrv)
SRV - [2008/01/20 22:34:43 | 000,314,368 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\audiosrv.dll -- (AudioEndpointBuilder)
SRV - [2008/01/20 22:32:53 | 000,104,960 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\sdrsvc.dll -- (SDRSVC)
SRV - [2008/01/20 22:33:00 | 000,272,952 | ---- | M] () [On_Demand | Stopped] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV - [2008/01/20 22:33:18 | 001,013,760 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\wevtsvc.dll -- (Eventlog)
SRV - [2008/01/20 22:34:35 | 000,393,216 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\MPSSVC.dll -- (MpsSvc)
SRV - [2008/01/20 22:33:06 | 000,452,608 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\wiaservc.dll -- (stisvc)
SRV - [2008/01/20 22:34:08 | 000,071,680 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\msiexec.exe -- (msiserver)
SRV - [2008/01/20 22:34:49 | 000,161,792 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\wbem\WMIsvc.dll -- (Winmgmt)
SRV - [2009/08/06 22:23:45 | 001,929,952 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\wuaueng.dll -- (wuauserv)
SRV - [2008/01/20 22:34:03 | 000,175,104 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\dot3svc.dll -- (dot3svc)
SRV - [2009/07/11 15:32:52 | 000,513,024 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\wlansvc.dll -- (Wlansvc)
SRV - [2009/06/10 08:12:29 | 000,160,256 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\wkssvc.dll -- (LanmanWorkstation)
< %SYSTEMDRIVE%\*.exe >
[2011/07/12 22:55:05 | 002,237,440 | R--- | M] (OldTimer Tools) -- C:\OTLPE.exe
< c:\program files (x86)\Google\Desktop >
[2006/11/02 08:58:10 | 000,000,006 | -H-- | C] () -- C:\Windows\Tasks\SA.DAT
[2006/11/02 08:58:10 | 000,032,650 | ---- | C] () -- C:\Windows\Tasks\SCHEDLGU.TXT
[2009/10/21 14:09:28 | 000,000,416 | -H-- | C] () -- C:\Windows\Tasks\User_Feed_Synchronization-{0EA9F565-5B91-44F2-B6C6-C32AD86F97C1}.job
[2011/03/23 18:38:25 | 000,000,878 | ---- | C] () -- C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
[2011/03/23 18:38:25 | 000,000,882 | ---- | C] () -- C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
< c:\program files\Google\Desktop >
< dir "%systemdrive%\*" /S /A:L /C >
Volume in drive C is OS
Volume Serial Number is 9416-019E
Directory of C:\
10/21/2009 01:39 PM <JUNCTION> Documents and Settings [C:\Users]
0 File(s) 0 bytes
Directory of C:\Documents and Settings
10/21/2009 01:39 PM <SYMLINKD> All Users [C:\ProgramData]
10/21/2009 01:39 PM <JUNCTION> Default User [C:\Users\Default]
0 File(s) 0 bytes
Directory of C:\Documents and Settings\All Users
10/21/2009 01:39 PM <JUNCTION> Application Data [C:\ProgramData]
10/21/2009 01:39 PM <JUNCTION> Desktop [C:\Users\Public\Desktop]
10/21/2009 01:39 PM <JUNCTION> Documents [C:\Users\Public\Documents]
10/21/2009 01:39 PM <JUNCTION> Favorites [C:\Users\Public\Favorites]
10/21/2009 01:39 PM <JUNCTION> Start Menu [C:\ProgramData\Microsoft\Windows\Start Menu]
10/21/2009 01:39 PM <JUNCTION> Templates [C:\ProgramData\Microsoft\Windows\Templates]
0 File(s) 0 bytes
Directory of C:\Documents and Settings\All Users\Application Data
10/21/2009 01:39 PM <JUNCTION> Application Data [C:\ProgramData]
10/21/2009 01:39 PM <JUNCTION> Desktop [C:\Users\Public\Desktop]
10/21/2009 01:39 PM <JUNCTION> Documents [C:\Users\Public\Documents]
10/21/2009 01:39 PM <JUNCTION> Favorites [C:\Users\Public\Favorites]
10/21/2009 01:39 PM <JUNCTION> Start Menu [C:\ProgramData\Microsoft\Windows\Start Menu]
10/21/2009 01:39 PM <JUNCTION> Templates [C:\ProgramData\Microsoft\Windows\Templates]
0 File(s) 0 bytes
Directory of C:\Documents and Settings\All Users\Application Data\Application Data
10/21/2009 01:39 PM <JUNCTION> Application Data [C:\ProgramData]
10/21/2009 01:39 PM <JUNCTION> Desktop [C:\Users\Public\Desktop]
10/21/2009 01:39 PM <JUNCTION> Documents [C:\Users\Public\Documents]
10/21/2009 01:39 PM <JUNCTION> Favorites [C:\Users\Public\Favorites]
10/21/2009 01:39 PM <JUNCTION> Start Menu [C:\ProgramData\Microsoft\Windows\Start Menu]
10/21/2009 01:39 PM <JUNCTION> Templates [C:\ProgramData\Microsoft\Windows\Templates]
0 File(s) 0 bytes
Directory of C:\Documents and Settings\All Users\Application Data\Application Data\Application Data
10/21/2009 01:39 PM <JUNCTION> Application Data [C:\ProgramData]
10/21/2009 01:39 PM <JUNCTION> Desktop [C:\Users\Public\Desktop]
10/21/2009 01:39 PM <JUNCTION> Documents [C:\Users\Public\Documents]
10/21/2009 01:39 PM <JUNCTION> Favorites [C:\Users\Public\Favorites]
10/21/2009 01:39 PM <JUNCTION> Start Menu [C:\ProgramData\Microsoft\Windows\Start Menu]
10/21/2009 01:39 PM <JUNCTION> Templates [C:\ProgramData\Microsoft\Windows\Templates]
0 File(s) 0 bytes
Directory of C:\Documents and Settings\All Users\Application Data\Application Data\Application Data\Application Data
10/21/2009 01:39 PM <JUNCTION> Application Data [C:\ProgramData]
10/21/2009 01:39 PM <JUNCTION> Desktop [C:\Users\Public\Desktop]
10/21/2009 01:39 PM <JUNCTION> Documents [C:\Users\Public\Documents]
10/21/2009 01:39 PM <JUNCTION> Favorites [C:\Users\Public\Favorites]
10/21/2009 01:39 PM <JUNCTION> Start Menu [C:\ProgramData\Microsoft\Windows\Start Menu]
10/21/2009 01:39 PM <JUNCTION> Templates [C:\ProgramData\Microsoft\Windows\Templates]
0 File(s) 0 bytes
Directory of C:\Documents and Settings\All Users\Application Data\Application Data\Application Data\Application Data\Application Data
10/21/2009 01:39 PM <JUNCTION> Application Data [C:\ProgramData]
10/21/2009 01:39 PM <JUNCTION> Desktop [C:\Users\Public\Desktop]
10/21/2009 01:39 PM <JUNCTION> Documents [C:\Users\Public\Documents]
10/21/2009 01:39 PM <JUNCTION> Favorites [C:\Users\Public\Favorites]
10/21/2009 01:39 PM <JUNCTION> Start Menu [C:\ProgramData\Microsoft\Windows\Start Menu]
10/21/2009 01:39 PM <JUNCTION> Templates [C:\ProgramData\Microsoft\Windows\Templates]
0 File(s) 0 bytes
Directory of C:\Documents and Settings\All Users\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data
10/21/2009 01:39 PM <JUNCTION> Application Data [C:\ProgramData]
10/21/2009 01:39 PM <JUNCTION> Desktop [C:\Users\Public\Desktop]
10/21/2009 01:39 PM <JUNCTION> Documents [C:\Users\Public\Documents]
10/21/2009 01:39 PM <JUNCTION> Favorites [C:\Users\Public\Favorites]
10/21/2009 01:39 PM <JUNCTION> Start Menu [C:\ProgramData\Microsoft\Windows\Start Menu]
10/21/2009 01:39 PM <JUNCTION> Templates [C:\ProgramData\Microsoft\Windows\Templates]
0 File(s) 0 bytes
Directory of C:\Documents and Settings\All Users\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data
10/21/2009 01:39 PM <JUNCTION> Application Data [C:\ProgramData]
10/21/2009 01:39 PM <JUNCTION> Desktop [C:\Users\Public\Desktop]
10/21/2009 01:39 PM <JUNCTION> Documents [C:\Users\Public\Documents]
10/21/2009 01:39 PM <JUNCTION> Favorites [C:\Users\Public\Favorites]
10/21/2009 01:39 PM <JUNCTION> Start Menu [C:\ProgramData\Microsoft\Windows\Start Menu]
10/21/2009 01:39 PM <JUNCTION> Templates [C:\ProgramData\Microsoft\Windows\Templates]
0 File(s) 0 bytes
Directory of C:\Documents and Settings\All Users\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data
10/21/2009 01:39 PM <JUNCTION> Application Data [C:\ProgramData]
10/21/2009 01:39 PM <JUNCTION> Desktop [C:\Users\Public\Desktop]
10/21/2009 01:39 PM <JUNCTION> Documents [C:\Users\Public\Documents]
10/21/2009 01:39 PM <JUNCTION> Favorites [C:\Users\Public\Favorites]
10/21/2009 01:39 PM <JUNCTION> Start Menu [C:\ProgramData\Microsoft\Windows\Start Menu]
10/21/2009 01:39 PM <JUNCTION> Templates [C:\ProgramData\Microsoft\Windows\Templates]
0 File(s) 0 bytes
Directory of C:\Documents and Settings\All Users\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data
10/21/2009 01:39 PM <JUNCTION> Application Data [C:\ProgramData]
10/21/2009 01:39 PM <JUNCTION> Desktop [C:\Users\Public\Desktop]
10/21/2009 01:39 PM <JUNCTION> Documents [C:\Users\Public\Documents]
10/21/2009 01:39 PM <JUNCTION> Favorites [C:\Users\Public\Favorites]
10/21/2009 01:39 PM <JUNCTION> Start Menu [C:\ProgramData\Microsoft\Windows\Start Menu]
10/21/2009 01:39 PM <JUNCTION> Templates [C:\ProgramData\Microsoft\Windows\Templates]
0 File(s) 0 bytes
Directory of C:\Documents and Settings\All Users\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data
10/21/2009 01:39 PM <JUNCTION> Application Data [C:\ProgramData]
10/21/2009 01:39 PM <JUNCTION> Desktop [C:\Users\Public\Desktop]
10/21/2009 01:39 PM <JUNCTION> Documents [C:\Users\Public\Documents]
10/21/2009 01:39 PM <JUNCTION> Favorites [C:\Users\Public\Favorites]
10/21/2009 01:39 PM <JUNCTION> Start Menu [C:\ProgramData\Microsoft\Windows\Start Menu]
10/21/2009 01:39 PM <JUNCTION> Templates [C:\ProgramData\Microsoft\Windows\Templates]
0 File(s) 0 bytes
Directory of C:\Documents and Settings\All Users\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data
10/21/2009 01:39 PM <JUNCTION> Application Data [C:\ProgramData]
10/21/2009 01:39 PM <JUNCTION> Desktop [C:\Users\Public\Desktop]
10/21/2009 01:39 PM <JUNCTION> Documents [C:\Users\Public\Documents]
10/21/2009 01:39 PM <JUNCTION> Favorites [C:\Users\Public\Favorites]
10/21/2009 01:39 PM <JUNCTION> Start Menu [C:\ProgramData\Microsoft\Windows\Start Menu]
10/21/2009 01:39 PM <JUNCTION> Templates [C:\ProgramData\Microsoft\Windows\Templates]
0 File(s) 0 bytes
Directory of C:\Documents and Settings\All Users\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data
10/21/2009 01:39 PM <JUNCTION> Application Data [C:\ProgramData]
10/21/2009 01:39 PM <JUNCTION> Desktop [C:\Users\Public\Desktop]
10/21/2009 01:39 PM <JUNCTION> Documents [C:\Users\Public\Documents]
10/21/2009 01:39 PM <JUNCTION> Favorites [C:\Users\Public\Favorites]
10/21/2009 01:39 PM <JUNCTION> Start Menu [C:\ProgramData\Microsoft\Windows\Start Menu]
10/21/2009 01:39 PM <JUNCTION> Templates [C:\ProgramData\Microsoft\Windows\Templates]
0 File(s) 0 bytes
Directory of C:\Documents and Settings\All Users\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data
10/21/2009 01:39 PM <JUNCTION> Application Data [.]
10/21/2009 01:39 PM <JUNCTION> Desktop [.]
10/21/2009 01:39 PM <JUNCTION> Documents [.]
10/21/2009 01:39 PM <JUNCTION> Favorites [.]
10/21/2009 01:39 PM <JUNCTION> Start Menu [.]
10/21/2009 01:39 PM <JUNCTION> Templates [.]
0 File(s) 0 bytes
Directory of C:\Documents and Settings\Default
10/21/2009 01:39 PM <JUNCTION> Application Data [C:\Users\Default\AppData\Roaming]
10/21/2009 01:39 PM <JUNCTION> Cookies [C:\Users\Default\AppData\Roaming\Microsoft\Windows\Cookies]
10/21/2009 01:39 PM <JUNCTION> Local Settings [C:\Users\Default\AppData\Local]
10/21/2009 01:39 PM <JUNCTION> My Documents [C:\Users\Default\Documents]
10/21/2009 01:39 PM <JUNCTION> NetHood [C:\Users\Default\AppData\Roaming\Microsoft\Windows\Network Shortcuts]
10/21/2009 01:39 PM <JUNCTION> PrintHood [C:\Users\Default\AppData\Roaming\Microsoft\Windows\Printer Shortcuts]
10/21/2009 01:39 PM <JUNCTION> Recent [C:\Users\Default\AppData\Roaming\Microsoft\Windows\Recent]
10/21/2009 01:39 PM <JUNCTION> SendTo [C:\Users\Default\AppData\Roaming\Microsoft\Windows\SendTo]
10/21/2009 01:39 PM <JUNCTION> Start Menu [C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu]
10/21/2009 01:39 PM <JUNCTION> Templates [C:\Users\Default\AppData\Roaming\Microsoft\Windows\Templates]
0 File(s) 0 bytes
Directory of C:\Documents and Settings\Default\AppData\Local
10/21/2009 01:39 PM <JUNCTION> Application Data [C:\Users\Default\AppData\Local]
10/21/2009 01:39 PM <JUNCTION> History [C:\Users\Default\AppData\Local\Microsoft\Windows\History]
10/21/2009 01:39 PM <JUNCTION> Temporary Internet Files [C:\Users\Default\AppData\Local\Microsoft\Windows\Temporary Internet Files]
0 File(s) 0 bytes
Directory of C:\Documents and Settings\Default\Documents
10/21/2009 01:39 PM <JUNCTION> My Music [C:\Users\Default\Music]
10/21/2009 01:39 PM <JUNCTION> My Pictures [C:\Users\Default\Pictures]
10/21/2009 01:39 PM <JUNCTION> My Videos [C:\Users\Default\Videos]
0 File(s) 0 bytes
Directory of C:\Documents and Settings\Public\Documents
10/21/2009 01:39 PM <JUNCTION> My Music [C:\Users\Public\Music]
10/21/2009 01:39 PM <JUNCTION> My Pictures [C:\Users\Public\Pictures]
10/21/2009 01:39 PM <JUNCTION> My Videos [C:\Users\Public\Videos]
0 File(s) 0 bytes
Directory of C:\Documents and Settings\Sean
10/21/2009 01:43 PM <JUNCTION> Application Data [C:\Users\Sean\AppData\Roaming]
10/21/2009 01:43 PM <JUNCTION> Cookies [C:\Users\Sean\AppData\Roaming\Microsoft\Windows\Cookies]
10/21/2009 01:43 PM <JUNCTION> Local Settings [C:\Users\Sean\AppData\Local]
10/21/2009 01:43 PM <JUNCTION> My Documents [C:\Users\Sean\Documents]
10/21/2009 01:43 PM <JUNCTION> NetHood [C:\Users\Sean\AppData\Roaming\Microsoft\Windows\Network Shortcuts]
10/21/2009 01:43 PM <JUNCTION> PrintHood [C:\Users\Sean\AppData\Roaming\Microsoft\Windows\Printer Shortcuts]
10/21/2009 01:43 PM <JUNCTION> Recent [C:\Users\Sean\AppData\Roaming\Microsoft\Windows\Recent]
10/21/2009 01:43 PM <JUNCTION> SendTo [C:\Users\Sean\AppData\Roaming\Microsoft\Windows\SendTo]
10/21/2009 01:43 PM <JUNCTION> Start Menu [C:\Users\Sean\AppData\Roaming\Microsoft\Windows\Start Menu]
10/21/2009 01:43 PM <JUNCTION> Templates [C:\Users\Sean\AppData\Roaming\Microsoft\Windows\Templates]
0 File(s) 0 bytes
Directory of C:\Documents and Settings\Sean\AppData\Local
10/21/2009 01:43 PM <JUNCTION> Application Data [C:\Users\Sean\AppData\Local]
10/21/2009 01:43 PM <JUNCTION> History [C:\Users\Sean\AppData\Local\Microsoft\Windows\History]
10/21/2009 01:43 PM <JUNCTION> Temporary Internet Files [C:\Users\Sean\AppData\Local\Microsoft\Windows\Temporary Internet Files]
0 File(s) 0 bytes
Directory of C:\Documents and Settings\Sean\Documents
10/21/2009 01:43 PM <JUNCTION> My Music [C:\Users\Sean\Music]
10/21/2009 01:43 PM <JUNCTION> My Pictures [C:\Users\Sean\Pictures]
10/21/2009 01:43 PM <JUNCTION> My Videos [C:\Users\Sean\Videos]
0 File(s) 0 bytes
Directory of C:\Program Files\Windows Defender
11/02/2006 08:40 AM <SYMLINKD> en-US [c:\windows\system32\config]
11/02/2006 08:33 AM <SYMLINK> MpAsDesc.dll [c:\windows\system32\config]
01/20/2008 10:32 PM <SYMLINK> MpClient.dll [c:\windows\system32\config]
01/20/2008 10:33 PM <SYMLINK> MpCmdRun.exe [c:\windows\system32\config]
11/02/2006 08:33 AM <SYMLINK> MpEvMsg.dll [c:\windows\system32\config]
01/20/2008 10:33 PM <SYMLINK> MpOAV.dll [c:\windows\system32\config]
01/20/2008 10:33 PM <SYMLINK> MpRtMon.dll [c:\windows\system32\config]
01/20/2008 10:33 PM <SYMLINK> MpRtPlug.dll [c:\windows\system32\config]
01/20/2008 10:33 PM <SYMLINK> MpSigDwn.dll [c:\windows\system32\config]
01/20/2008 10:33 PM <SYMLINK> MpSoftEx.dll [c:\windows\system32\config]
01/20/2008 10:33 PM <SYMLINK> MpSvc.dll [c:\windows\system32\config]
01/20/2008 10:33 PM <SYMLINK> MSASCui.exe [c:\windows\system32\config]
01/20/2008 10:33 PM <SYMLINK> MsMpCom.dll [c:\windows\system32\config]
11/02/2006 08:33 AM <SYMLINK> MsMpLics.dll [c:\windows\system32\config]
11/02/2006 08:33 AM <SYMLINK> MsMpRes.dll [c:\windows\system32\config]
14 File(s) 4,345,808 bytes
Directory of C:\Program Files\Windows Defender\en-US\systemprofile
10/16/2009 01:11 PM <JUNCTION> Application Data [..]
10/16/2009 01:11 PM <JUNCTION> Cookies [..]
10/16/2009 01:11 PM <JUNCTION> Local Settings [..]
0 File(s) 0 bytes
Directory of C:\Program Files\Windows Defender\en-US\systemprofile\AppData\Local
10/16/2009 01:11 PM <JUNCTION> Application Data [C:\Windows\system32\config\systemprofile\AppData\Local]
10/16/2009 01:11 PM <JUNCTION> History [..]
10/16/2009 01:11 PM <JUNCTION> Temporary Internet Files [..]
0 File(s) 0 bytes
Directory of C:\Program Files\Windows Defender\en-US\systemprofile\AppData\Local\Application Data
10/16/2009 01:11 PM <JUNCTION> Application Data [C:\Windows\system32\config\systemprofile\AppData\Local]
10/16/2009 01:11 PM <JUNCTION> History [..]
10/16/2009 01:11 PM <JUNCTION> Temporary Internet Files [..]
0 File(s) 0 bytes
Directory of C:\Program Files\Windows Defender\en-US\systemprofile\AppData\Local\Application Data\Application Data
10/16/2009 01:11 PM <JUNCTION> Application Data [C:\Windows\system32\config\systemprofile\AppData\Local]
10/16/2009 01:11 PM <JUNCTION> History [..]
10/16/2009 01:11 PM <JUNCTION> Temporary Internet Files [..]
0 File(s) 0 bytes
Directory of C:\Program Files\Windows Defender\en-US\systemprofile\AppData\Local\Application Data\Application Data\Application Data
10/16/2009 01:11 PM <JUNCTION> Application Data [C:\Windows\system32\config\systemprofile\AppData\Local]
10/16/2009 01:11 PM <JUNCTION> History [..]
10/16/2009 01:11 PM <JUNCTION> Temporary Internet Files [..]
0 File(s) 0 bytes
Directory of C:\Program Files\Windows Defender\en-US\systemprofile\AppData\Local\Application Data\Application Data\Application Data\Application Data
10/16/2009 01:11 PM <JUNCTION> Application Data [C:\Windows\system32\config\systemprofile\AppData\Local]
10/16/2009 01:11 PM <JUNCTION> History [..]
10/16/2009 01:11 PM <JUNCTION> Temporary Internet Files [..]
0 File(s) 0 bytes
Directory of C:\Program Files\Windows Defender\en-US\systemprofile\AppData\Local\Application Data\Application Data\Application Data\Application Data\Application Data
10/16/2009 01:11 PM <JUNCTION> Application Data [C:\Windows\system32\config\systemprofile\AppData\Local]
10/16/2009 01:11 PM <JUNCTION> History [..]
10/16/2009 01:11 PM <JUNCTION> Temporary Internet Files [..]
0 File(s) 0 bytes
Directory of C:\Program Files\Windows Defender\en-US\systemprofile\AppData\Local\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data
10/16/2009 01:11 PM <JUNCTION> Application Data [C:\Windows\system32\config\systemprofile\AppData\Local]
10/16/2009 01:11 PM <JUNCTION> History [..]
10/16/2009 01:11 PM <JUNCTION> Temporary Internet Files [..]
0 File(s) 0 bytes
Directory of C:\Program Files\Windows Defender\en-US\systemprofile\AppData\Local\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data
10/16/2009 01:11 PM <JUNCTION> Application Data [C:\Windows\system32\config\systemprofile\AppData\Local]
10/16/2009 01:11 PM <JUNCTION> History [..]
10/16/2009 01:11 PM <JUNCTION> Temporary Internet Files [..]
0 File(s) 0 bytes
Directory of C:\Program Files\Windows Defender\en-US\systemprofile\AppData\Local\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data
10/16/2009 01:11 PM <JUNCTION> Application Data [C:\Windows\system32\config\systemprofile\AppData\Local]
10/16/2009 01:11 PM <JUNCTION> History [..]
10/16/2009 01:11 PM <JUNCTION> Temporary Internet Files [..]
0 File(s) 0 bytes
Directory of C:\Program Files\Windows Defender\en-US\systemprofile\AppData\Local\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data
10/16/2009 01:11 PM <JUNCTION> Application Data [C:\Windows\system32\config\systemprofile\AppData\Local]
10/16/2009 01:11 PM <JUNCTION> History [..]
10/16/2009 01:11 PM <JUNCTION> Temporary Internet Files [..]
0 File(s) 0 bytes
Directory of C:\Program Files\Windows Defender\en-US\systemprofile\AppData\Local\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data
10/16/2009 01:11 PM <JUNCTION> Application Data [C:\Windows\system32\config\systemprofile\AppData\Local]
10/16/2009 01:11 PM <JUNCTION> History [..]
10/16/2009 01:11 PM <JUNCTION> Temporary Internet Files [.]
0 File(s) 0 bytes
Directory of C:\Program Files\Windows Defender\en-US\systemprofile\AppData\Local\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data
10/16/2009 01:11 PM <JUNCTION> Application Data [.]
10/16/2009 01:11 PM <JUNCTION> History [.]
10/16/2009 01:11 PM <JUNCTION> Temporary Internet Files [.]
0 File(s) 0 bytes
Directory of C:\ProgramData
10/21/2009 01:39 PM <JUNCTION> Application Data [C:\ProgramData]
10/21/2009 01:39 PM <JUNCTION> Desktop [C:\Users\Public\Desktop]
10/21/2009 01:39 PM <JUNCTION> Documents [C:\Users\Public\Documents]
10/21/2009 01:39 PM <JUNCTION> Favorites [C:\Users\Public\Favorites]
10/21/2009 01:39 PM <JUNCTION> Start Menu [C:\ProgramData\Microsoft\Windows\Start Menu]
10/21/2009 01:39 PM <JUNCTION> Templates [C:\ProgramData\Microsoft\Windows\Templates]
0 File(s) 0 bytes
Directory of C:\ProgramData\Application Data
10/21/2009 01:39 PM <JUNCTION> Application Data [C:\ProgramData]
10/21/2009 01:39 PM <JUNCTION> Desktop [C:\Users\Public\Desktop]
10/21/2009 01:39 PM <JUNCTION> Documents [C:\Users\Public\Documents]
10/21/2009 01:39 PM <JUNCTION> Favorites [C:\Users\Public\Favorites]
10/21/2009 01:39 PM <JUNCTION> Start Menu [C:\ProgramData\Microsoft\Windows\Start Menu]
10/21/2009 01:39 PM <JUNCTION> Templates [C:\ProgramData\Microsoft\Windows\Templates]
0 File(s) 0 bytes
Directory of C:\ProgramData\Application Data\Application Data
10/21/2009 01:39 PM <JUNCTION> Application Data [C:\ProgramData]
10/21/2009 01:39 PM <JUNCTION> Desktop [C:\Users\Public\Desktop]
10/21/2009 01:39 PM <JUNCTION> Documents [C:\Users\Public\Documents]
10/21/2009 01:39 PM <JUNCTION> Favorites [C:\Users\Public\Favorites]
10/21/2009 01:39 PM <JUNCTION> Start Menu [C:\ProgramData\Microsoft\Windows\Start Menu]
10/21/2009 01:39 PM <JUNCTION> Templates [C:\ProgramData\Microsoft\Windows\Templates]
0 File(s) 0 bytes
Directory of C:\ProgramData\Application Data\Application Data\Application Data
10/21/2009 01:39 PM <JUNCTION> Application Data [C:\ProgramData]
10/21/2009 01:39 PM <JUNCTION> Desktop [C:\Users\Public\Desktop]
10/21/2009 01:39 PM <JUNCTION> Documents [C:\Users\Public\Documents]
10/21/2009 01:39 PM <JUNCTION> Favorites [C:\Users\Public\Favorites]
10/21/2009 01:39 PM <JUNCTION> Start Menu [C:\ProgramData\Microsoft\Windows\Start Menu]
10/21/2009 01:39 PM <JUNCTION> Templates [C:\ProgramData\Microsoft\Windows\Templates]
0 File(s) 0 bytes
Directory of C:\ProgramData\Application Data\Application Data\Application Data\Application Data
10/21/2009 01:39 PM <JUNCTION> Application Data [C:\ProgramData]
10/21/2009 01:39 PM <JUNCTION> Desktop [C:\Users\Public\Desktop]
10/21/2009 01:39 PM <JUNCTION> Documents [C:\Users\Public\Documents]
10/21/2009 01:39 PM <JUNCTION> Favorites [C:\Users\Public\Favorites]
10/21/2009 01:39 PM <JUNCTION> Start Menu [C:\ProgramData\Microsoft\Windows\Start Menu]
10/21/2009 01:39 PM <JUNCTION> Templates [C:\ProgramData\Microsoft\Windows\Templates]
0 File(s) 0 bytes
Directory of C:\ProgramData\Application Data\Application Data\Application Data\Application Data\Application Data
10/21/2009 01:39 PM <JUNCTION> Application Data [C:\ProgramData]
10/21/2009 01:39 PM <JUNCTION> Desktop [C:\Users\Public\Desktop]
10/21/2009 01:39 PM <JUNCTION> Documents [C:\Users\Public\Documents]
10/21/2009 01:39 PM <JUNCTION> Favorites [C:\Users\Public\Favorites]
10/21/2009 01:39 PM <JUNCTION> Start Menu [C:\ProgramData\Microsoft\Windows\Start Menu]
10/21/2009 01:39 PM <JUNCTION> Templates [C:\ProgramData\Microsoft\Windows\Templates]
0 File(s) 0 bytes
Directory of C:\ProgramData\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data
10/21/2009 01:39 PM <JUNCTION> Application Data [C:\ProgramData]
10/21/2009 01:39 PM <JUNCTION> Desktop [C:\Users\Public\Desktop]
10/21/2009 01:39 PM <JUNCTION> Documents [C:\Users\Public\Documents]
10/21/2009 01:39 PM <JUNCTION> Favorites [C:\Users\Public\Favorites]
10/21/2009 01:39 PM <JUNCTION> Start Menu [C:\ProgramData\Microsoft\Windows\Start Menu]
10/21/2009 01:39 PM <JUNCTION> Templates [C:\ProgramData\Microsoft\Windows\Templates]
0 File(s) 0 bytes
Directory of C:\ProgramData\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data
10/21/2009 01:39 PM <JUNCTION> Application Data [C:\ProgramData]
10/21/2009 01:39 PM <JUNCTION> Desktop [C:\Users\Public\Desktop]
10/21/2009 01:39 PM <JUNCTION> Documents [C:\Users\Public\Documents]
10/21/2009 01:39 PM <JUNCTION> Favorites [C:\Users\Public\Favorites]
10/21/2009 01:39 PM <JUNCTION> Start Menu [C:\ProgramData\Microsoft\Windows\Start Menu]
10/21/2009 01:39 PM <JUNCTION> Templates [C:\ProgramData\Microsoft\Windows\Templates]
0 File(s) 0 bytes
Directory of C:\ProgramData\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data
10/21/2009 01:39 PM <JUNCTION> Application Data [C:\ProgramData]
10/21/2009 01:39 PM <JUNCTION> Desktop [C:\Users\Public\Desktop]
10/21/2009 01:39 PM <JUNCTION> Documents [C:\Users\Public\Documents]
10/21/2009 01:39 PM <JUNCTION> Favorites [C:\Users\Public\Favorites]
10/21/2009 01:39 PM <JUNCTION> Start Menu [C:\ProgramData\Microsoft\Windows\Start Menu]
10/21/2009 01:39 PM <JUNCTION> Templates [C:\ProgramData\Microsoft\Windows\Templates]
0 File(s) 0 bytes
Directory of C:\ProgramData\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data
10/21/2009 01:39 PM <JUNCTION> Application Data [C:\ProgramData]
10/21/2009 01:39 PM <JUNCTION> Desktop [C:\Users\Public\Desktop]
10/21/2009 01:39 PM <JUNCTION> Documents [C:\Users\Public\Documents]
10/21/2009 01:39 PM <JUNCTION> Favorites [C:\Users\Public\Favorites]
10/21/2009 01:39 PM <JUNCTION> Start Menu [C:\ProgramData\Microsoft\Windows\Start Menu]
10/21/2009 01:39 PM <JUNCTION> Templates [C:\ProgramData\Microsoft\Windows\Templates]
0 File(s) 0 bytes
Directory of C:\ProgramData\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data
10/21/2009 01:39 PM <JUNCTION> Application Data [C:\ProgramData]
10/21/2009 01:39 PM <JUNCTION> Desktop [C:\Users\Public\Desktop]
10/21/2009 01:39 PM <JUNCTION> Documents [C:\Users\Public\Documents]
10/21/2009 01:39 PM <JUNCTION> Favorites [C:\Users\Public\Favorites]
10/21/2009 01:39 PM <JUNCTION> Start Menu [C:\ProgramData\Microsoft\Windows\Start Menu]
10/21/2009 01:39 PM <JUNCTION> Templates [C:\ProgramData\Microsoft\Windows\Templates]
0 File(s) 0 bytes
Directory of C:\ProgramData\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data
10/21/2009 01:39 PM <JUNCTION> Application Data [C:\ProgramData]
10/21/2009 01:39 PM <JUNCTION> Desktop [C:\Users\Public\Desktop]
10/21/2009 01:39 PM <JUNCTION> Documents [C:\Users\Public\Documents]
10/21/2009 01:39 PM <JUNCTION> Favorites [C:\Users\Public\Favorites]
10/21/2009 01:39 PM <JUNCTION> Start Menu [C:\ProgramData\Microsoft\Windows\Start Menu]
10/21/2009 01:39 PM <JUNCTION> Templates [C:\ProgramData\Microsoft\Windows\Templates]
0 File(s) 0 bytes
Directory of C:\ProgramData\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data
10/21/2009 01:39 PM <JUNCTION> Application Data [C:\ProgramData]
10/21/2009 01:39 PM <JUNCTION> Desktop [C:\Users\Public\Desktop]
10/21/2009 01:39 PM <JUNCTION> Documents [C:\Users\Public\Documents]
10/21/2009 01:39 PM <JUNCTION> Favorites [C:\Users\Public\Favorites]
10/21/2009 01:39 PM <JUNCTION> Start Menu [C:\ProgramData\Microsoft\Windows\Start Menu]
10/21/2009 01:39 PM <JUNCTION> Templates [C:\ProgramData\Microsoft\Windows\Templates]
0 File(s) 0 bytes
Directory of C:\ProgramData\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data
10/21/2009 01:39 PM <JUNCTION> Application Data [C:\ProgramData]
10/21/2009 01:39 PM <JUNCTION> Desktop [C:\Users\Public\Desktop]
10/21/2009 01:39 PM <JUNCTION> Documents [C:\Users\Public\Documents]
10/21/2009 01:39 PM <JUNCTION> Favorites [C:\Users\Public\Favorites]
10/21/2009 01:39 PM <JUNCTION> Start Menu [C:\ProgramData\Microsoft\Windows\Start Menu]
10/21/2009 01:39 PM <JUNCTION> Templates [C:\ProgramData\Microsoft\Windows\Templates]
0 File(s) 0 bytes
Directory of C:\ProgramData\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data
10/21/2009 01:39 PM <JUNCTION> Application Data [.]
10/21/2009 01:39 PM <JUNCTION> Desktop [.]
10/21/2009 01:39 PM <JUNCTION> Documents [.]
10/21/2009 01:39 PM <JUNCTION> Favorites [.]
10/21/2009 01:39 PM <JUNCTION> Start Menu [.]
10/21/2009 01:39 PM <JUNCTION> Templates [.]
0 File(s) 0 bytes
Directory of C:\Users
10/21/2009 01:39 PM <SYMLINKD> All Users [C:\ProgramData]
10/21/2009 01:39 PM <JUNCTION> Default User [C:\Users\Default]
0 File(s) 0 bytes
Directory of C:\Users\All Users
10/21/2009 01:39 PM <JUNCTION> Application Data [C:\ProgramData]
10/21/2009 01:39 PM <JUNCTION> Desktop [C:\Users\Public\Desktop]
10/21/2009 01:39 PM <JUNCTION> Documents [C:\Users\Public\Documents]
10/21/2009 01:39 PM <JUNCTION> Favorites [C:\Users\Public\Favorites]
10/21/2009 01:39 PM <JUNCTION> Start Menu [C:\ProgramData\Microsoft\Windows\Start Menu]
10/21/2009 01:39 PM <JUNCTION> Templates [C:\ProgramData\Microsoft\Windows\Templates]
0 File(s) 0 bytes
Directory of C:\Users\All Users\Application Data
10/21/2009 01:39 PM <JUNCTION> Application Data [C:\ProgramData]
10/21/2009 01:39 PM <JUNCTION> Desktop [C:\Users\Public\Desktop]
10/21/2009 01:39 PM <JUNCTION> Documents [C:\Users\Public\Documents]
10/21/2009 01:39 PM <JUNCTION> Favorites [C:\Users\Public\Favorites]
10/21/2009 01:39 PM <JUNCTION> Start Menu [C:\ProgramData\Microsoft\Windows\Start Menu]
10/21/2009 01:39 PM <JUNCTION> Templates [C:\ProgramData\Microsoft\Windows\Templates]
0 File(s) 0 bytes
Directory of C:\Users\All Users\Application Data\Application Data
10/21/2009 01:39 PM <JUNCTION> Application Data [C:\ProgramData]
10/21/2009 01:39 PM <JUNCTION> Desktop [C:\Users\Public\Desktop]
10/21/2009 01:39 PM <JUNCTION> Documents [C:\Users\Public\Documents]
10/21/2009 01:39 PM <JUNCTION> Favorites [C:\Users\Public\Favorites]
10/21/2009 01:39 PM <JUNCTION> Start Menu [C:\ProgramData\Microsoft\Windows\Start Menu]
10/21/2009 01:39 PM <JUNCTION> Templates [C:\ProgramData\Microsoft\Windows\Templates]
0 File(s) 0 bytes
Directory of C:\Users\All Users\Application Data\Application Data\Application Data
10/21/2009 01:39 PM <JUNCTION> Application Data [C:\ProgramData]
10/21/2009 01:39 PM <JUNCTION> Desktop [C:\Users\Public\Desktop]
10/21/2009 01:39 PM <JUNCTION> Documents [C:\Users\Public\Documents]
10/21/2009 01:39 PM <JUNCTION> Favorites [C:\Users\Public\Favorites]
10/21/2009 01:39 PM <JUNCTION> Start Menu [C:\ProgramData\Microsoft\Windows\Start Menu]
10/21/2009 01:39 PM <JUNCTION> Templates [C:\ProgramData\Microsoft\Windows\Templates]
0 File(s) 0 bytes
Directory of C:\Users\All Users\Application Data\Application Data\Application Data\Application Data
10/21/2009 01:39 PM <JUNCTION> Application Data [C:\ProgramData]
10/21/2009 01:39 PM <JUNCTION> Desktop [C:\Users\Public\Desktop]
10/21/2009 01:39 PM <JUNCTION> Documents [C:\Users\Public\Documents]
10/21/2009 01:39 PM <JUNCTION> Favorites [C:\Users\Public\Favorites]
10/21/2009 01:39 PM <JUNCTION> Start Menu [C:\ProgramData\Microsoft\Windows\Start Menu]
10/21/2009 01:39 PM <JUNCTION> Templates [C:\ProgramData\Microsoft\Windows\Templates]
0 File(s) 0 bytes
Directory of C:\Users\All Users\Application Data\Application Data\Application Data\Application Data\Application Data
10/21/2009 01:39 PM <JUNCTION> Application Data [C:\ProgramData]
10/21/2009 01:39 PM <JUNCTION> Desktop [C:\Users\Public\Desktop]
10/21/2009 01:39 PM <JUNCTION> Documents [C:\Users\Public\Documents]
10/21/2009 01:39 PM <JUNCTION> Favorites [C:\Users\Public\Favorites]
10/21/2009 01:39 PM <JUNCTION> Start Menu [C:\ProgramData\Microsoft\Windows\Start Menu]
10/21/2009 01:39 PM <JUNCTION> Templates [C:\ProgramData\Microsoft\Windows\Templates]
0 File(s) 0 bytes
Directory of C:\Users\All Users\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data
10/21/2009 01:39 PM <JUNCTION> Application Data [C:\ProgramData]
10/21/2009 01:39 PM <JUNCTION> Desktop [C:\Users\Public\Desktop]
10/21/2009 01:39 PM <JUNCTION> Documents [C:\Users\Public\Documents]
10/21/2009 01:39 PM <JUNCTION> Favorites [C:\Users\Public\Favorites]
10/21/2009 01:39 PM <JUNCTION> Start Menu [C:\ProgramData\Microsoft\Windows\Start Menu]
10/21/2009 01:39 PM <JUNCTION> Templates [C:\ProgramData\Microsoft\Windows\Templates]
0 File(s) 0 bytes
Directory of C:\Users\All Users\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data
10/21/2009 01:39 PM <JUNCTION> Application Data [C:\ProgramData]
10/21/2009 01:39 PM <JUNCTION> Desktop [C:\Users\Public\Desktop]
10/21/2009 01:39 PM <JUNCTION> Documents [C:\Users\Public\Documents]
10/21/2009 01:39 PM <JUNCTION> Favorites [C:\Users\Public\Favorites]
10/21/2009 01:39 PM <JUNCTION> Start Menu [C:\ProgramData\Microsoft\Windows\Start Menu]
10/21/2009 01:39 PM <JUNCTION> Templates [C:\ProgramData\Microsoft\Windows\Templates]
0 File(s) 0 bytes
Directory of C:\Users\All Users\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data
10/21/2009 01:39 PM <JUNCTION> Application Data [C:\ProgramData]
10/21/2009 01:39 PM <JUNCTION> Desktop [C:\Users\Public\Desktop]
10/21/2009 01:39 PM <JUNCTION> Documents [C:\Users\Public\Documents]
10/21/2009 01:39 PM <JUNCTION> Favorites [C:\Users\Public\Favorites]
10/21/2009 01:39 PM <JUNCTION> Start Menu [C:\ProgramData\Microsoft\Windows\Start Menu]
10/21/2009 01:39 PM <JUNCTION> Templates [C:\ProgramData\Microsoft\Windows\Templates]
0 File(s) 0 bytes
Directory of C:\Users\All Users\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data
10/21/2009 01:39 PM <JUNCTION> Application Data [C:\ProgramData]
10/21/2009 01:39 PM <JUNCTION> Desktop [C:\Users\Public\Desktop]
10/21/2009 01:39 PM <JUNCTION> Documents [C:\Users\Public\Documents]
10/21/2009 01:39 PM <JUNCTION> Favorites [C:\Users\Public\Favorites]
10/21/2009 01:39 PM <JUNCTION> Start Menu [C:\ProgramData\Microsoft\Windows\Start Menu]
10/21/2009 01:39 PM <JUNCTION> Templates [C:\ProgramData\Microsoft\Windows\Templates]
0 File(s) 0 bytes
Directory of C:\Users\All Users\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data
10/21/2009 01:39 PM <JUNCTION> Application Data [C:\ProgramData]
10/21/2009 01:39 PM <JUNCTION> Desktop [C:\Users\Public\Desktop]
10/21/2009 01:39 PM <JUNCTION> Documents [C:\Users\Public\Documents]
10/21/2009 01:39 PM <JUNCTION> Favorites [C:\Users\Public\Favorites]
10/21/2009 01:39 PM <JUNCTION> Start Menu [C:\ProgramData\Microsoft\Windows\Start Menu]
10/21/2009 01:39 PM <JUNCTION> Templates [C:\ProgramData\Microsoft\Windows\Templates]
0 File(s) 0 bytes
Directory of C:\Users\All Users\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data
10/21/2009 01:39 PM <JUNCTION> Application Data [C:\ProgramData]
10/21/2009 01:39 PM <JUNCTION> Desktop [C:\Users\Public\Desktop]
10/21/2009 01:39 PM <JUNCTION> Documents [C:\Users\Public\Documents]
10/21/2009 01:39 PM <JUNCTION> Favorites [C:\Users\Public\Favorites]
10/21/2009 01:39 PM <JUNCTION> Start Menu [C:\ProgramData\Microsoft\Windows\Start Menu]
10/21/2009 01:39 PM <JUNCTION> Templates [C:\ProgramData\Microsoft\Windows\Templates]
0 File(s) 0 bytes
Directory of C:\Users\All Users\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data
10/21/2009 01:39 PM <JUNCTION> Application Data [C:\ProgramData]
10/21/2009 01:39 PM <JUNCTION> Desktop [C:\Users\Public\Desktop]
10/21/2009 01:39 PM <JUNCTION> Documents [C:\Users\Public\Documents]
10/21/2009 01:39 PM <JUNCTION> Favorites [C:\Users\Public\Favorites]
10/21/2009 01:39 PM <JUNCTION> Start Menu [C:\ProgramData\Microsoft\Windows\Start Menu]
10/21/2009 01:39 PM <JUNCTION> Templates [C:\ProgramData\Microsoft\Windows\Templates]
0 File(s) 0 bytes
Directory of C:\Users\All Users\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data
10/21/2009 01:39 PM <JUNCTION> Application Data [C:\ProgramData]
10/21/2009 01:39 PM <JUNCTION> Desktop [C:\Users\Public\Desktop]
10/21/2009 01:39 PM <JUNCTION> Documents [C:\Users\Public\Documents]
10/21/2009 01:39 PM <JUNCTION> Favorites [C:\Users\Public\Favorites]
10/21/2009 01:39 PM <JUNCTION> Start Menu [C:\ProgramData\Microsoft\Windows\Start Menu]
10/21/2009 01:39 PM <JUNCTION> Templates [C:\ProgramData\Microsoft\Windows\Templates]
0 File(s) 0 bytes
Directory of C:\Users\All Users\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data
10/21/2009 01:39 PM <JUNCTION> Application Data [.]
10/21/2009 01:39 PM <JUNCTION> Desktop [.]
10/21/2009 01:39 PM <JUNCTION> Documents [.]
10/21/2009 01:39 PM <JUNCTION> Favorites [.]
10/21/2009 01:39 PM <JUNCTION> Start Menu [.]
10/21/2009 01:39 PM <JUNCTION> Templates [.]
0 File(s) 0 bytes
Directory of C:\Users\Default
10/21/2009 01:39 PM <JUNCTION> Application Data [C:\Users\Default\AppData\Roaming]
10/21/2009 01:39 PM <JUNCTION> Cookies [C:\Users\Default\AppData\Roaming\Microsoft\Windows\Cookies]
10/21/2009 01:39 PM <JUNCTION> Local Settings [C:\Users\Default\AppData\Local]
10/21/2009 01:39 PM <JUNCTION> My Documents [C:\Users\Default\Documents]
10/21/2009 01:39 PM <JUNCTION> NetHood [C:\Users\Default\AppData\Roaming\Microsoft\Windows\Network Shortcuts]
10/21/2009 01:39 PM <JUNCTION> PrintHood [C:\Users\Default\AppData\Roaming\Microsoft\Windows\Printer Shortcuts]
10/21/2009 01:39 PM <JUNCTION> Recent [C:\Users\Default\AppData\Roaming\Microsoft\Windows\Recent]
10/21/2009 01:39 PM <JUNCTION> SendTo [C:\Users\Default\AppData\Roaming\Microsoft\Windows\SendTo]
10/21/2009 01:39 PM <JUNCTION> Start Menu [C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu]
10/21/2009 01:39 PM <JUNCTION> Templates [C:\Users\Default\AppData\Roaming\Microsoft\Windows\Templates]
0 File(s) 0 bytes
Directory of C:\Users\Default\AppData\Local
10/21/2009 01:39 PM <JUNCTION> Application Data [C:\Users\Default\AppData\Local]
10/21/2009 01:39 PM <JUNCTION> History [C:\Users\Default\AppData\Local\Microsoft\Windows\History]
10/21/2009 01:39 PM <JUNCTION> Temporary Internet Files [C:\Users\Default\AppData\Local\Microsoft\Windows\Temporary Internet Files]
0 File(s) 0 bytes
Directory of C:\Users\Default\Documents
10/21/2009 01:39 PM <JUNCTION> My Music [C:\Users\Default\Music]
10/21/2009 01:39 PM <JUNCTION> My Pictures [C:\Users\Default\Pictures]
10/21/2009 01:39 PM <JUNCTION> My Videos [C:\Users\Default\Videos]
0 File(s) 0 bytes
Directory of C:\Users\Public\Documents
10/21/2009 01:39 PM <JUNCTION> My Music [C:\Users\Public\Music]
10/21/2009 01:39 PM <JUNCTION> My Pictures [C:\Users\Public\Pictures]
10/21/2009 01:39 PM <JUNCTION> My Videos [C:\Users\Public\Videos]
0 File(s) 0 bytes
Directory of C:\Users\Sean
10/21/2009 01:43 PM <JUNCTION> Application Data [C:\Users\Sean\AppData\Roaming]
10/21/2009 01:43 PM <JUNCTION> Cookies [C:\Users\Sean\AppData\Roaming\Microsoft\Windows\Cookies]
10/21/2009 01:43 PM <JUNCTION> Local Settings [C:\Users\Sean\AppData\Local]
10/21/2009 01:43 PM <JUNCTION> My Documents [C:\Users\Sean\Documents]
10/21/2009 01:43 PM <JUNCTION> NetHood [C:\Users\Sean\AppData\Roaming\Microsoft\Windows\Network Shortcuts]
10/21/2009 01:43 PM <JUNCTION> PrintHood [C:\Users\Sean\AppData\Roaming\Microsoft\Windows\Printer Shortcuts]
10/21/2009 01:43 PM <JUNCTION> Recent [C:\Users\Sean\AppData\Roaming\Microsoft\Windows\Recent]
10/21/2009 01:43 PM <JUNCTION> SendTo [C:\Users\Sean\AppData\Roaming\Microsoft\Windows\SendTo]
10/21/2009 01:43 PM <JUNCTION> Start Menu [C:\Users\Sean\AppData\Roaming\Microsoft\Windows\Start Menu]
10/21/2009 01:43 PM <JUNCTION> Templates [C:\Users\Sean\AppData\Roaming\Microsoft\Windows\Templates]
0 File(s) 0 bytes
Directory of C:\Users\Sean\AppData\Local
10/21/2009 01:43 PM <JUNCTION> Application Data [C:\Users\Sean\AppData\Local]
10/21/2009 01:43 PM <JUNCTION> History [C:\Users\Sean\AppData\Local\Microsoft\Windows\History]
10/21/2009 01:43 PM <JUNCTION> Temporary Internet Files [C:\Users\Sean\AppData\Local\Microsoft\Windows\Temporary Internet Files]
0 File(s) 0 bytes
Directory of C:\Users\Sean\Documents
10/21/2009 01:43 PM <JUNCTION> My Music [C:\Users\Sean\Music]
10/21/2009 01:43 PM <JUNCTION> My Pictures [C:\Users\Sean\Pictures]
10/21/2009 01:43 PM <JUNCTION> My Videos [C:\Users\Sean\Videos]
0 File(s) 0 bytes
Directory of C:\Windows\System32\config\systemprofile
10/16/2009 01:11 PM <JUNCTION> Application Data [..]
10/16/2009 01:11 PM <JUNCTION> Cookies [..]
10/16/2009 01:11 PM <JUNCTION> Local Settings [..]
0 File(s) 0 bytes
Directory of C:\Windows\System32\config\systemprofile\AppData\Local
10/16/2009 01:11 PM <JUNCTION> Application Data [C:\Windows\system32\config\systemprofile\AppData\Local]
10/16/2009 01:11 PM <JUNCTION> History [..]
10/16/2009 01:11 PM <JUNCTION> Temporary Internet Files [..]
0 File(s) 0 bytes
Directory of C:\Windows\System32\config\systemprofile\AppData\Local\Application Data
10/16/2009 01:11 PM <JUNCTION> Application Data [C:\Windows\system32\config\systemprofile\AppData\Local]
10/16/2009 01:11 PM <JUNCTION> History [..]
10/16/2009 01:11 PM <JUNCTION> Temporary Internet Files [..]
0 File(s) 0 bytes
Directory of C:\Windows\System32\config\systemprofile\AppData\Local\Application Data\Application Data
10/16/2009 01:11 PM <JUNCTION> Application Data [C:\Windows\system32\config\systemprofile\AppData\Local]
10/16/2009 01:11 PM <JUNCTION> History [..]
10/16/2009 01:11 PM <JUNCTION> Temporary Internet Files [..]
0 File(s) 0 bytes
Directory of C:\Windows\System32\config\systemprofile\AppData\Local\Application Data\Application Data\Application Data
10/16/2009 01:11 PM <JUNCTION> Application Data [C:\Windows\system32\config\systemprofile\AppData\Local]
10/16/2009 01:11 PM <JUNCTION> History [..]
10/16/2009 01:11 PM <JUNCTION> Temporary Internet Files [..]
0 File(s) 0 bytes
Directory of C:\Windows\System32\config\systemprofile\AppData\Local\Application Data\Application Data\Application Data\Application Data
10/16/2009 01:11 PM <JUNCTION> Application Data [C:\Windows\system32\config\systemprofile\AppData\Local]
10/16/2009 01:11 PM <JUNCTION> History [..]
10/16/2009 01:11 PM <JUNCTION> Temporary Internet Files [..]
0 File(s) 0 bytes
Directory of C:\Windows\System32\config\systemprofile\AppData\Local\Application Data\Application Data\Application Data\Application Data\Application Data
10/16/2009 01:11 PM <JUNCTION> Application Data [C:\Windows\system32\config\systemprofile\AppData\Local]
10/16/2009 01:11 PM <JUNCTION> History [..]
10/16/2009 01:11 PM <JUNCTION> Temporary Internet Files [..]
0 File(s) 0 bytes
Directory of C:\Windows\System32\config\systemprofile\AppData\Local\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data
10/16/2009 01:11 PM <JUNCTION> Application Data [C:\Windows\system32\config\systemprofile\AppData\Local]
10/16/2009 01:11 PM <JUNCTION> History [..]
10/16/2009 01:11 PM <JUNCTION> Temporary Internet Files [..]
0 File(s) 0 bytes
Directory of C:\Windows\System32\config\systemprofile\AppData\Local\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data
10/16/2009 01:11 PM <JUNCTION> Application Data [C:\Windows\system32\config\systemprofile\AppData\Local]
10/16/2009 01:11 PM <JUNCTION> History [..]
10/16/2009 01:11 PM <JUNCTION> Temporary Internet Files [..]
0 File(s) 0 bytes
Directory of C:\Windows\System32\config\systemprofile\AppData\Local\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data
10/16/2009 01:11 PM <JUNCTION> Application Data [C:\Windows\system32\config\systemprofile\AppData\Local]
10/16/2009 01:11 PM <JUNCTION> History [..]
10/16/2009 01:11 PM <JUNCTION> Temporary Internet Files [..]
0 File(s) 0 bytes
Directory of C:\Windows\System32\config\systemprofile\AppData\Local\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data
10/16/2009 01:11 PM <JUNCTION> Application Data [C:\Windows\system32\config\systemprofile\AppData\Local]
10/16/2009 01:11 PM <JUNCTION> History [..]
10/16/2009 01:11 PM <JUNCTION> Temporary Internet Files [..]
0 File(s) 0 bytes
Directory of C:\Windows\System32\config\systemprofile\AppData\Local\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data
10/16/2009 01:11 PM <JUNCTION> Application Data [C:\Windows\system32\config\systemprofile\AppData\Local]
10/16/2009 01:11 PM <JUNCTION> History [..]
10/16/2009 01:11 PM <JUNCTION> Temporary Internet Files [..]
0 File(s) 0 bytes
Directory of C:\Windows\System32\config\systemprofile\AppData\Local\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data
10/16/2009 01:11 PM <JUNCTION> Application Data [C:\Windows\system32\config\systemprofile\AppData\Local]
10/16/2009 01:11 PM <JUNCTION> History [..]
10/16/2009 01:11 PM <JUNCTION> Temporary Internet Files [.]
0 File(s) 0 bytes
Directory of C:\Windows\winsxs\x86_security-malware-windows-defender-events_31bf3856ad364e35_6.0.6000.16386_none_b3613e39beae266f
11/02/2006 08:33 AM <SYMLINK> MpEvMsg.dll [c:\windows\system32\config]
1 File(s) 65,640 bytes
Directory of C:\Windows\winsxs\x86_security-malware-windows-defender_31bf3856ad364e35_6.0.6001.18000_none_57bcb0ca582f18c5
11/02/2006 08:33 AM <SYMLINK> MpAsDesc.dll [c:\windows\system32\config]
01/20/2008 10:32 PM <SYMLINK> MpClient.dll [c:\windows\system32\config]
01/20/2008 10:33 PM <SYMLINK> MpCmdRun.exe [c:\windows\system32\config]
01/20/2008 10:33 PM <SYMLINK> MpOAV.dll [c:\windows\system32\config]
01/20/2008 10:33 PM <SYMLINK> MpRtMon.dll [c:\windows\system32\config]
01/20/2008 10:33 PM <SYMLINK> MpRtPlug.dll [c:\windows\system32\config]
01/20/2008 10:33 PM <SYMLINK> MpSigDwn.dll [c:\windows\system32\config]
01/20/2008 10:33 PM <SYMLINK> MpSoftEx.dll [c:\windows\system32\config]
01/20/2008 10:33 PM <SYMLINK> MpSvc.dll [c:\windows\system32\config]
01/20/2008 10:33 PM <SYMLINK> MSASCui.exe [c:\windows\system32\config]
01/20/2008 10:33 PM <SYMLINK> MsMpCom.dll [c:\windows\system32\config]
11/02/2006 08:33 AM <SYMLINK> MsMpLics.dll [c:\windows\system32\config]
11/02/2006 08:33 AM <SYMLINK> MsMpRes.dll [c:\windows\system32\config]
13 File(s) 4,280,168 bytes
Directory of C:\Windows\winsxs\x86_security-malware-windows-defender_31bf3856ad364e35_6.0.6002.18005_none_59a829d65550e411
11/02/2006 08:33 AM <SYMLINK> MpAsDesc.dll [c:\windows\system32\config]
01/20/2008 10:32 PM <SYMLINK> MpClient.dll [c:\windows\system32\config]
01/20/2008 10:33 PM <SYMLINK> MpCmdRun.exe [c:\windows\system32\config]
01/20/2008 10:33 PM <SYMLINK> MpOAV.dll [c:\windows\system32\config]
01/20/2008 10:33 PM <SYMLINK> MpRtMon.dll [c:\windows\system32\config]
01/20/2008 10:33 PM <SYMLINK> MpRtPlug.dll [c:\windows\system32\config]
01/20/2008 10:33 PM <SYMLINK> MpSigDwn.dll [c:\windows\system32\config]
01/20/2008 10:33 PM <SYMLINK> MpSvc.dll [c:\windows\system32\config]
01/20/2008 10:33 PM <SYMLINK> MSASCui.exe [c:\windows\system32\config]
01/20/2008 10:33 PM <SYMLINK> MsMpCom.dll [c:\windows\system32\config]
11/02/2006 08:33 AM <SYMLINK> MsMpLics.dll [c:\windows\system32\config]
11/02/2006 08:33 AM <SYMLINK> MsMpRes.dll [c:\windows\system32\config]
12 File(s) 3,765,552 bytes
Total Files Listed:
40 File(s) 12,457,168 bytes
418 Dir(s) 221,458,124,800 bytes free
< End of report >
OTL Extras logfile created on: 10/13/2013 12:53:18 PM - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Sean\Desktop
Windows Vista Home Basic Edition Service Pack 1 (Version = 6.0.6001) - Type = NTWorkstation
Internet Explorer (Version = 7.0.6001.18000)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy
2.96 Gb Total Physical Memory | 1.64 Gb Available Physical Memory | 55.36% Memory free
6.13 Gb Paging File | 4.95 Gb Available in Paging File | 80.69% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 283.40 Gb Total Space | 206.26 Gb Free Space | 72.78% Space Free | Partition Type: NTFS
Drive D: | 14.65 Gb Total Space | 9.12 Gb Free Space | 62.28% Space Free | Partition Type: NTFS
Drive F: | 7.44 Gb Total Space | 7.43 Gb Free Space | 99.93% Space Free | Partition Type: FAT32
Computer Name: SEAN-PC | User Name: Sean | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
========== Extra Registry (SafeList) ==========
========== File Associations ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
.hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation)
.url [@ = InternetShortcut] -- rundll32.exe ieframe.dll,OpenURL %l
========== Shell Spawning ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [open] -- rundll32.exe ieframe.dll,OpenURL %l
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe /separate,/idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /separate,/e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
========== Security Center Settings ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
"FirewallDisableNotify" = 0
"AntiVirusDisableNotify" = 0
"UpdatesDisableNotify" = 0
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
"VistaSp1" = Reg Error: Unknown registry data type -- File not found
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]
========== System Restore Settings ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR" = 0
========== Firewall Settings ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile]
[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
========== Authorized Applications List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
========== Vista Active Open Ports Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{0294BB2F-6178-459D-8C46-8D1C40D6AD6B}" = rport=445 | protocol=6 | dir=out | app=system |
"{057550CC-1C7E-4C7B-A2F8-3A8DDC978C8C}" = lport=138 | protocol=17 | dir=in | app=system |
"{08E024BB-596A-4DFF-A430-159062EB67CE}" = lport=10243 | protocol=6 | dir=in | app=system |
"{19A5737B-0BEE-43C8-BCD3-3CC714AA4FD3}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{25B9D31D-64EC-44F5-900B-17177C3E5D3C}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{295EF879-34FC-4A05-A484-51AA1443280E}" = lport=445 | protocol=6 | dir=in | app=system |
"{2FA65B31-3A9D-4C20-AFC6-469495F0EF44}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{4084E937-EAAA-47EE-9520-7BE7CE434C09}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe |
"{4BF5EB07-06A2-40E2-B5B6-244EF5C49A0F}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | [email protected],-28539 |
"{5456EA1E-AF45-48BD-9C96-AB99A6CCF1D9}" = lport=139 | protocol=6 | dir=in | app=system |
"{6364B77A-8796-4078-B3CC-5963A3E70B4F}" = rport=139 | protocol=6 | dir=out | app=system |
"{6EFD3216-D4DB-448C-81DA-E8838C66FFD2}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{7C7BD74E-D59D-40F9-8481-A74C4729E9DD}" = rport=138 | protocol=17 | dir=out | app=system |
"{86444BB3-291D-4D31-A046-BB4AA3243C28}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{AF8150A9-8B4A-4262-900E-D368942052B3}" = lport=2869 | protocol=6 | dir=in | app=system |
"{BE10AB93-C4A6-464B-BE93-069E778BFF99}" = rport=10243 | protocol=6 | dir=out | app=system |
"{C232D951-55E7-4D04-9346-F88A07FC0B22}" = lport=137 | protocol=17 | dir=in | app=system |
"{C428A183-FD79-40B5-990D-895328F43AC8}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{CF0676E6-E2EC-438A-9741-7029DEBD00CE}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{F534D21D-02A4-4E48-A237-A3745ED5E6D3}" = rport=137 | protocol=17 | dir=out | app=system |
"{F9C1EEE5-72B7-40C6-BC7C-64E9DF7DEB39}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
========== Vista Active Application Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{003C7A18-60D9-4C89-94D8-DE42C1AA1D76}" = protocol=58 | dir=in | [email protected],-28545 |
"{02A4D600-582A-4C14-ADFE-C125CF0CB18F}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{1473D86F-6F04-46A3-9153-CD04272511DC}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
"{4849799C-D8E9-4360-8F9A-6B5F2BCC7EA4}" = protocol=1 | dir=in | [email protected],-28543 |
"{56E808A1-BFD0-4B79-B567-B9FA848D697F}" = protocol=1 | dir=out | [email protected],-28544 |
"{61FB8AD2-C831-45AB-9DFB-D685C3A8300D}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{62F27534-2769-4D2F-B42F-E96E62F64F44}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{65901CFC-D156-4C8F-90EA-C26D256CA195}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{68F6992D-6E9D-4F14-88EC-3E0B8BEC7EFF}" = protocol=6 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{8642AF85-31DC-4BB3-8E9D-1E478C224084}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{A5589677-56C4-46C1-A86B-1F0B5425786F}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{AB3FBA72-52C3-4476-9A38-230DBE05659B}" = protocol=17 | dir=in | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{BC7833D1-AE4B-4CAB-BDD5-6EA587E5C763}" = protocol=6 | dir=out | app=system |
"{CE504808-152F-4073-8BB9-0F8E7C4D30C6}" = protocol=17 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{D3648D1D-2BA3-4973-9B7E-EDC907B6E342}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{E8715BB0-E132-4617-B344-62E03BFE2C1C}" = protocol=58 | dir=out | [email protected],-28546 |
"{E926E57D-011D-4F63-BCC5-FFCFDC28D091}" = protocol=6 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{EFA98652-B437-42AA-B7D3-EFFD71ED4ECD}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{F7DCF881-DB9D-4779-8D1C-CCCBAC7C73FF}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
========== HKEY_LOCAL_MACHINE Uninstall List ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{020D8396-D6D9-4B53-A9A1-83C47E2E27AA}" = Windows Live Call
"{08E81ABD-79F7-49C2-881F-FD6CB0975693}" = Roxio Creator Data
"{095B1DCF-5E8B-47EC-9B18-481918A731DB}" = Microsoft Default Manager
"{09760D42-E223-42AD-8C3E-55B47D0DDAC3}" = Roxio Creator DE 10.3
"{0AAA9C97-74D4-47CE-B089-0B147EF3553C}" = Windows Live Messenger
"{18455581-E099-4BA8-BC6B-F34B2F06600C}" = Google Toolbar for Internet Explorer
"{1A6D9B5E-9BAB-4141-85BA-2C6552FA7913}" = Dell Backup and Recovery Manager
"{1F54DAFA-9261-4A62-B59D-6C9F26B48FE4}" = Roxio Creator Tools
"{205C6BDD-7B73-42DE-8505-9A093F35A238}" = Windows Live Upload Tool
"{22B775E7-6C42-4FC5-8E10-9A5E3257BD94}" = MSVCRT
"{2318C2B1-4965-11d4-9B18-009027A5CD4F}" = Google Toolbar for Internet Explorer
"{26A24AE4-039D-4CA4-87B4-2F83216013FF}" = Java™ 6 Update 13
"{30465B6C-B53F-49A1-9EBA-A3F187AD502E}" = Roxio Update Manager
"{3138EAD3-700B-4A10-B617-B3F8096EE30D}" = Dell Edoc Viewer
"{37F964E4-9C3F-4066-B933-1747D3AC6737}" = Personal Entertainment Launcher
"{3C3901C5-3455-3E0A-A214-0B093A5070A6}" = Microsoft .NET Framework 4 Client Profile
"{4AB8B41B-3AF1-46BE-99B0-0ACD3B300C0A}" = Junk Mail filter update
"{63C1109E-D977-49ED-BCE3-D00D0BF187D6}" = Windows Live Mail
"{6675CA7F-E51B-4F6A-99D4-F8F0124C6EAA}" = Roxio Express Labeler 3
"{669C7BD8-DAA2-49B6-966C-F1E2AAE6B17E}" = Cisco PEAP Module
"{6811CAA0-BF12-11D4-9EA1-0050BAE317E1}" = PowerDVD DX
"{6A92E5C5-0578-443D-91F3-92ECE5F2CAE2}" = Windows Live Writer
"{6D3963B0-E13B-4FC3-B0FF-506A304BB043}" = Cisco EAP-FAST Module
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{73A4F29F-31AC-4EBD-AA1B-0CC5F18C8F83}" = Roxio Creator Audio
"{75685CA8-0B74-45BB-9C64-744A0FB79EDC}" = Business Tools Launcher
"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
"{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}" = Apple Software Update
"{79155F2B-9895-49D7-8612-D92580E0DE5B}" = Bonjour
"{83770D14-21B9-44B3-8689-F7B523F94560}" = Cisco LEAP Module
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8A74E887-8F0F-4017-AF53-CBA42211AAA5}" = Microsoft Sync Framework Runtime Native v1.0 (x86)
"{8FFC5648-FAF8-43A3-BC8F-42BA1E275C4E}" = Choice Guard
"{90120000-0016-0409-0000-0000000FF1CE}" = Microsoft Office Excel MUI (English) 2007
"{90120000-0016-0409-0000-0000000FF1CE}_BASICR_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001A-0409-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (English) 2007
"{90120000-001A-0409-0000-0000000FF1CE}_BASICR_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001B-0409-0000-0000000FF1CE}" = Microsoft Office Word MUI (English) 2007
"{90120000-001B-0409-0000-0000000FF1CE}_BASICR_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-0409-0000-0000000FF1CE}_BASICR_{1FF96026-A04A-4C3E-B50A-BB7022654D0F}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2007
"{90120000-001F-040C-0000-0000000FF1CE}_BASICR_{71F055E8-E2C6-4214-BB3D-BFE03561B89E}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-0C0A-0000-0000000FF1CE}" = Microsoft Office Proof (Spanish) 2007
"{90120000-001F-0C0A-0000-0000000FF1CE}_BASICR_{2314F9A1-126F-45CC-8A5E-DFAF866F3FBC}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-002C-0409-0000-0000000FF1CE}" = Microsoft Office Proofing (English) 2007
"{90120000-006E-0409-0000-0000000FF1CE}" = Microsoft Office Shared MUI (English) 2007
"{90120000-006E-0409-0000-0000000FF1CE}_BASICR_{98333358-268C-4164-B6D4-C96DF5153727}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0115-0409-0000-0000000FF1CE}" = Microsoft Office Shared Setup Metadata MUI (English) 2007
"{90120000-0115-0409-0000-0000000FF1CE}_BASICR_{98333358-268C-4164-B6D4-C96DF5153727}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90140000-2005-0000-0000-0000000FF1CE}" = Microsoft Office File Validation Add-In
"{91120000-0013-0000-0000-0000000FF1CE}" = Microsoft Office Basic 2007
"{91120000-0013-0000-0000-0000000FF1CE}_BASICR_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{9422C8EA-B0C6-4197-B8FC-DC797658CA00}" = Windows Live Sign-in Assistant
"{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting
"{9EDA3DD1-130D-4EE1-A3D2-5A3D795CC8C9}" = MFCLOC
"{9F72EF8B-AEC9-4CA5-B483-143980AFD6FD}" = Dell Touchpad
"{A17EABB6-D0C6-44E5-820C-72DC7F495064}" = PaperPort
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{AC76BA86-1033-F400-BA7E-000000000004}" = Adobe Acrobat 9 Standard - English, Français, Deutsch
"{AC76BA86-1033-F400-BA7E-000000000004}{AC76BA86-1033-F400-BA7E-000000000004}" = Adobe Acrobat 9 Standard - English, Français, Deutsch
"{B4089055-D468-45A4-A6BA-5A138DD715FC}" = Bing Bar
"{B6A26DE5-F2B5-4D58-9570-4FC760E00FCD}" = Roxio Creator Copy
"{B8ABB25D-1E30-4ED7-A3CE-0F8BED439647}" = Product Support Launcher
"{B8F9A34D-BF72-4177-8AFE-8E13F62304BE}" = ACI Desktop Additional Components
"{BD64AF4A-8C80-4152-AD77-FCDDF05208AB}" = Microsoft Sync Framework Services Native v1.0 (x86)
"{C1067095-24AB-4BCD-B64B-BE83A9186DCE}" = ACI Collection 32
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{D9D754A1-EAC5-406C-A28B-C49B1E846711}" = Windows Live Essentials
"{E3BFEE55-39E2-4BE0-B966-89FE583822C1}" = Dell Support Center
"{EB879750-CCBD-4013-BFD5-0294D4DA5BD0}" = Apple Application Support
"{ED439A64-F018-4DD4-8BA5-328D85AB09AB}" = Roxio Creator DE 10.3
"{EFC04D3F-A152-47E7-8517-EE0F6201AFEF}" = Apple Mobile Device Support
"{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]
"{F69E83CF-B440-43F8-89E6-6EA80712109B}" = Windows Live Communications Platform
"{F73A5B18-EB75-4B2C-B32D-9457576E2417}" = Windows Live Photo Gallery
"{FDD810CA-D5E3-40E9-AB7B-36440B0D41EF}" = Windows Live Sync
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"AIM_7" = AIM 7
"BASICR" = Microsoft Office Basic 2007
"Broadcom 802.11b Network Adapter" = Dell Wireless WLAN Card Utility
"HDMI" = Intel® Graphics Media Accelerator Driver
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"N360" = Norton 360
"SoftwareUpdUtility" = Download Updater (AOL LLC)
"WinLiveSuite_Wave3" = Windows Live Essentials
"WinPic800" = WinPic800
========== HKEY_USERS Uninstall List ==========
[HKEY_USERS\S-1-5-21-1123020354-2309276913-2768379519-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"576b135c0f3609c8" = 360SerAppV1
========== Last 20 Event Log Errors ==========
[ Application Events ]
Error - 10/6/2013 10:07:29 AM | Computer Name = Sean-PC | Source = WinMgmt | ID = 28
Description =
Error - 10/6/2013 10:24:07 AM | Computer Name = Sean-PC | Source = WinMgmt | ID = 28
Description =
Error - 10/6/2013 10:25:26 AM | Computer Name = Sean-PC | Source = Application Error | ID = 1000
Description = Faulting application Explorer.EXE, version 6.0.6001.18164, time stamp
0x4907e242, faulting module ntdll.dll, version 6.0.6001.22777, time stamp 0x4cb72ffe,
exception code 0xc0000005, fault offset 0x00059648, process id 0xbe4, application
start time 0x01cec29fe02986b7.
Error - 10/6/2013 10:37:21 AM | Computer Name = Sean-PC | Source = WinMgmt | ID = 28
Description =
Error - 10/6/2013 10:47:20 AM | Computer Name = Sean-PC | Source = WinMgmt | ID = 28
Description =
Error - 10/6/2013 11:01:01 AM | Computer Name = Sean-PC | Source = WinMgmt | ID = 28
Description =
Error - 10/6/2013 11:05:14 AM | Computer Name = Sean-PC | Source = Software Licensing Service | ID = 1001
Description = The Software Licensing service failed to start. hr=0x80070002, [2,
4]
Error - 10/6/2013 11:05:23 AM | Computer Name = Sean-PC | Source = WinMgmt | ID = 28
Description =
Error - 10/6/2013 11:09:24 AM | Computer Name = Sean-PC | Source = WinMgmt | ID = 28
Description =
Error - 10/6/2013 11:11:48 AM | Computer Name = Sean-PC | Source = WinMgmt | ID = 28
Description =
[ Broadcom Wireless LAN Events ]
Error - 3/19/2013 9:05:06 PM | Computer Name = Sean-PC | Source = WLAN-Tray | ID = 0
Description = 21:05:05, Tue, Mar 19, 13 Error - Unable to gain access to user store
Error - 3/29/2013 4:00:27 PM | Computer Name = Sean-PC | Source = WLAN-Tray | ID = 0
Description = 16:00:26, Fri, Mar 29, 13 Error - Unable to gain access to user store
Error - 4/27/2013 11:48:52 AM | Computer Name = Sean-PC | Source = WLAN-Tray | ID = 0
Description = 11:48:52, Sat, Apr 27, 13 Error - Unable to gain access to user store
Error - 5/1/2013 8:11:01 PM | Computer Name = Sean-PC | Source = WLAN-Tray | ID = 0
Description = 20:11:01, Wed, May 01, 13 Error - Unable to gain access to user store
Error - 5/2/2013 7:56:49 PM | Computer Name = Sean-PC | Source = WLAN-Tray | ID = 0
Description = 19:56:48, Thu, May 02, 13 Error - Unable to gain access to user store
Error - 5/27/2013 8:56:44 PM | Computer Name = Sean-PC | Source = WLAN-Tray | ID = 0
Description = 20:56:43, Mon, May 27, 13 Error - Unable to decrypt string
Error - 6/23/2013 8:06:00 PM | Computer Name = Sean-PC | Source = WLAN-Tray | ID = 0
Description = 20:06:00, Sun, Jun 23, 13 Error - Unable to gain access to user store
Error - 7/10/2013 6:06:21 PM | Computer Name = Sean-PC | Source = WLAN-Tray | ID = 0
Description = 18:06:20, Wed, Jul 10, 13 Error - Unable to gain access to user store
Error - 10/6/2013 10:39:58 AM | Computer Name = Sean-PC | Source = WLAN-Tray | ID = 0
Description = 10:39:57, Sun, Oct 06, 13 Error - Unable to gain access to user store
Error - 10/6/2013 9:54:19 PM | Computer Name = Sean-PC | Source = WLAN-Tray | ID = 0
Description = 21:54:19, Sun, Oct 06, 13 Error - Unable to gain access to user store
Error encountered while reading event logs.
< End of report >
#36
Posted 13 October 2013 - 12:03 PM
mewsick75
- Topic Starter
-
- Member
-
- 292 posts
Member
You think we can get this resolved today?
#37
Posted 13 October 2013 - 03:12 PM
Essexboy
-
- Retired Staff
-
- 69,964 posts
GeekU Moderator
OK I can see the problem, for some reason Combofix did not clear the reparse points
Copy FRST to the desktop
Download the attached fixlist.txt
[attachment=66982:fixlist.txt]
Run FRST and press fix
Once done then try a download it should now work
All services now appear to be repaired so could you also try windows updates
Copy FRST to the desktop
Download the attached fixlist.txt
[attachment=66982:fixlist.txt]
Run FRST and press fix
Once done then try a download it should now work
All services now appear to be repaired so could you also try windows updates
#38
Posted 14 October 2013 - 07:17 PM
mewsick75
- Topic Starter
-
- Member
-
- 292 posts
Member
I'm going to have to do it tomorrow night since its been crazy today.
I just want to thank you for all the help you've given me. My friend would be in trouble if you hadn't have helped.
Thank you!!!
I just want to thank you for all the help you've given me. My friend would be in trouble if you hadn't have helped.
Thank you!!!
#39
Posted 15 October 2013 - 06:53 AM
Essexboy
-
- Retired Staff
-
- 69,964 posts
GeekU Moderator
FRST fix should be the last run , depending on how the system is behaving
#40
Posted 02 November 2013 - 08:14 AM
Essexboy
-
- Retired Staff
-
- 69,964 posts
GeekU Moderator
Due to lack of feedback, this topic has been closed.
If you need this topic reopened, please contact a staff member. This applies only to the original topic starter. Everyone else please begin a New Topic.
If you need this topic reopened, please contact a staff member. This applies only to the original topic starter. Everyone else please begin a New Topic.
Similar Topics
0 user(s) are reading this topic
0 members, 0 guests, 0 anonymous users
As Featured On:
Sign In
Create Account
