OTL logfile created on: 9/24/2014 11:39:32 AM - Run 3
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Documents and Settings\Owner.GAMECOMP\My Documents\Downloads
Windows XP Media Center Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18372)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy
1.98 Gb Total Physical Memory | 0.86 Gb Available Physical Memory | 43.44% Memory free
3.83 Gb Paging File | 2.66 Gb Available in Paging File | 69.49% Paging File free
Paging file location(s): C:\pagefile.sys 2046 4092 [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 292.70 Gb Total Space | 167.82 Gb Free Space | 57.34% Space Free | Partition Type: NTFS
Drive D: | 5.37 Gb Total Space | 0.00 Gb Free Space | 0.00% Space Free | Partition Type: FAT32
Drive J: | 7.45 Gb Total Space | 1.34 Gb Free Space | 17.97% Space Free | Partition Type: FAT32
Computer Name: GAMECOMP | User Name: Owner | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days
========== Processes (SafeList) ==========
PRC - [2014/09/24 11:31:12 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Owner.GAMECOMP\My Documents\Downloads\OTL (1).exe
PRC - [2014/09/03 20:01:19 | 000,852,808 | ---- | M] (Google Inc.) -- C:\Program Files\Google\Chrome\Application\chrome.exe
PRC - [2014/08/08 10:34:04 | 022,734,160 | ---- | M] (Google) -- C:\Program Files\Google\Drive\googledrivesync.exe
PRC - [2013/09/10 17:51:14 | 003,109,376 | ---- | M] () -- C:\Documents and Settings\Owner.GAMECOMP\Local Settings\Application Data\Amazon Cloud Player\Amazon Music Helper.exe
PRC - [2011/07/28 16:08:12 | 001,259,376 | ---- | M] () -- C:\Program Files\DivX\DivX Update\DivXUpdate.exe
PRC - [2011/04/16 17:45:11 | 000,130,008 | R--- | M] (Symantec Corporation) -- C:\Program Files\Norton Security Suite\Engine\5.2.2.3\ccsvchst.exe
PRC - [2009/07/21 11:50:02 | 000,084,464 | ---- | M] () -- C:\Program Files\Roxio 2010\5.0\CPMonitor.exe
PRC - [2008/11/09 13:48:14 | 000,602,392 | ---- | M] (Yahoo! Inc.) -- C:\Program Files\Yahoo!\SoftwareUpdate\YahooAUService.exe
PRC - [2008/09/23 22:45:00 | 001,667,072 | ---- | M] (D-Link) -- C:\Program Files\D-Link\RangeBooster G WUA-2340\AirPlusCFG.exe
PRC - [2008/04/13 17:12:19 | 001,033,728 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
PRC - [2008/01/11 17:50:16 | 000,030,312 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft Small Business\Business Contact Manager\BcmSqlStartupSvc.exe
PRC - [2007/01/19 11:49:04 | 000,049,152 | ---- | M] (Wireless Service) -- C:\Program Files\ANI\ANIWZCS2 Service\WZCSLDR2.exe
PRC - [2006/09/19 10:43:45 | 000,172,032 | ---- | M] (New Boundary Technologies, Inc.) -- C:\Program Files\Common Files\New Boundary\PrismXL\PRISMXL.SYS
PRC - [2006/07/27 09:54:22 | 000,303,104 | ---- | M] (Intel Corporation) -- C:\Program Files\Intel\IntelDH\CCU\CCU_TrayIcon.exe
PRC - [2006/07/27 09:53:24 | 000,401,408 | ---- | M] (Intel Corporation) -- C:\Program Files\Intel\IntelDH\CCU\CCU_Engine.exe
PRC - [2006/07/27 09:52:58 | 000,188,416 | ---- | M] (Intel Corporation) -- C:\Program Files\Intel\IntelDH\CCU\AlertService.exe
PRC - [2006/07/27 09:06:42 | 000,425,984 | ---- | M] (Intel Corporation) -- C:\Program Files\Intel\IntelDH\Intel Media Server\Shells\Remote UI Service.exe
PRC - [2006/07/27 09:03:24 | 000,163,840 | ---- | M] (Intel Corporation) -- C:\Program Files\Intel\IntelDH\Intel Media Server\Shells\MCLServiceATL.exe
PRC - [2006/07/27 08:39:04 | 000,196,608 | ---- | M] (Intel Corporation) -- C:\Program Files\Intel\IntelDH\Intel® Quick Resume Technology Drivers\ELService.exe
PRC - [2006/07/27 08:21:48 | 000,094,208 | ---- | M] (Intel Corporation) -- C:\Program Files\Intel\IntelDH\Intel Media Server\Media Server\bin\ISSM.exe
PRC - [2006/07/09 23:37:24 | 000,025,600 | ---- | M] () -- C:\Program Files\Intel\IntelDH\Intel Media Server\Media Server\bin\mediaserver.exe
PRC - [2006/07/06 07:15:00 | 000,151,552 | ---- | M] (Intel Corporation) -- C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe
PRC - [2006/07/06 07:14:30 | 000,090,112 | ---- | M] (Intel Corporation) -- C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTmon.exe
PRC - [2005/12/09 18:44:40 | 000,139,264 | ---- | M] (Alcor Micro, Corp.) -- C:\Program Files\Digital Media Reader\readericon45G.exe
PRC - [2005/08/02 16:19:16 | 000,058,880 | ---- | M] (Microsoft) -- C:\WINDOWS\arservice.exe
PRC - [2004/03/18 17:55:48 | 000,065,536 | ---- | M] (HP) -- C:\WINDOWS\system32\HPZipm12.exe
PRC - [2003/11/14 09:50:00 | 000,037,888 | ---- | M] (Logitech Inc.) -- C:\Program Files\Logitech\MouseWare\system\EM_EXEC.EXE
========== Modules (No Company Name) ==========
MOD - [2014/09/24 10:59:14 | 000,007,168 | ---- | M] () -- C:\Documents and Settings\Owner.GAMECOMP\Local Settings\Temp\_MEI18842\hashobjs_ext.pyd
MOD - [2014/09/24 10:59:13 | 000,805,888 | ---- | M] () -- C:\Documents and Settings\Owner.GAMECOMP\Local Settings\Temp\_MEI18842\wx._gdi_.pyd
MOD - [2014/09/24 10:59:13 | 000,027,136 | ---- | M] () -- C:\Documents and Settings\Owner.GAMECOMP\Local Settings\Temp\_MEI18842\_multiprocessing.pyd
MOD - [2014/09/24 10:59:11 | 001,160,704 | ---- | M] () -- C:\Documents and Settings\Owner.GAMECOMP\Local Settings\Temp\_MEI18842\_ssl.pyd
MOD - [2014/09/24 10:59:11 | 000,110,080 | ---- | M] () -- C:\Documents and Settings\Owner.GAMECOMP\Local Settings\Temp\_MEI18842\PyWinTypes27.dll
MOD - [2014/09/24 10:59:07 | 000,713,216 | ---- | M] () -- C:\Documents and Settings\Owner.GAMECOMP\Local Settings\Temp\_MEI18842\_hashlib.pyd
MOD - [2014/09/24 10:59:05 | 000,811,008 | ---- | M] () -- C:\Documents and Settings\Owner.GAMECOMP\Local Settings\Temp\_MEI18842\wx._windows_.pyd
MOD - [2014/09/24 10:59:03 | 000,070,656 | ---- | M] () -- C:\Documents and Settings\Owner.GAMECOMP\Local Settings\Temp\_MEI18842\wx._html2.pyd
MOD - [2014/09/24 10:59:03 | 000,025,600 | ---- | M] () -- C:\Documents and Settings\Owner.GAMECOMP\Local Settings\Temp\_MEI18842\win32pdh.pyd
MOD - [2014/09/24 10:59:03 | 000,024,064 | ---- | M] () -- C:\Documents and Settings\Owner.GAMECOMP\Local Settings\Temp\_MEI18842\win32pipe.pyd
MOD - [2014/09/24 10:58:59 | 001,062,400 | ---- | M] () -- C:\Documents and Settings\Owner.GAMECOMP\Local Settings\Temp\_MEI18842\wx._controls_.pyd
MOD - [2014/09/24 10:58:56 | 000,686,080 | ---- | M] () -- C:\Documents and Settings\Owner.GAMECOMP\Local Settings\Temp\_MEI18842\unicodedata.pyd
MOD - [2014/09/24 10:58:54 | 000,127,488 | ---- | M] () -- C:\Documents and Settings\Owner.GAMECOMP\Local Settings\Temp\_MEI18842\pyexpat.pyd
MOD - [2014/09/24 10:58:54 | 000,038,912 | ---- | M] () -- C:\Documents and Settings\Owner.GAMECOMP\Local Settings\Temp\_MEI18842\win32inet.pyd
MOD - [2014/09/24 10:58:54 | 000,018,432 | ---- | M] () -- C:\Documents and Settings\Owner.GAMECOMP\Local Settings\Temp\_MEI18842\win32event.pyd
MOD - [2014/09/24 10:58:54 | 000,010,240 | ---- | M] () -- C:\Documents and Settings\Owner.GAMECOMP\Local Settings\Temp\_MEI18842\select.pyd
MOD - [2014/09/24 10:58:53 | 000,525,640 | ---- | M] () -- C:\Documents and Settings\Owner.GAMECOMP\Local Settings\Temp\_MEI18842\windows._lib_cacheinvalidation.pyd
MOD - [2014/09/24 10:58:53 | 000,119,808 | ---- | M] () -- C:\Documents and Settings\Owner.GAMECOMP\Local Settings\Temp\_MEI18842\win32file.pyd
MOD - [2014/09/24 10:58:53 | 000,108,544 | ---- | M] () -- C:\Documents and Settings\Owner.GAMECOMP\Local Settings\Temp\_MEI18842\win32security.pyd
MOD - [2014/09/24 10:58:53 | 000,017,408 | ---- | M] () -- C:\Documents and Settings\Owner.GAMECOMP\Local Settings\Temp\_MEI18842\win32profile.pyd
MOD - [2014/09/24 10:58:51 | 000,167,936 | ---- | M] () -- C:\Documents and Settings\Owner.GAMECOMP\Local Settings\Temp\_MEI18842\win32gui.pyd
MOD - [2014/09/24 10:58:51 | 000,128,512 | ---- | M] () -- C:\Documents and Settings\Owner.GAMECOMP\Local Settings\Temp\_MEI18842\_elementtree.pyd
MOD - [2014/09/24 10:58:51 | 000,087,552 | ---- | M] () -- C:\Documents and Settings\Owner.GAMECOMP\Local Settings\Temp\_MEI18842\_ctypes.pyd
MOD - [2014/09/24 10:58:51 | 000,045,568 | ---- | M] () -- C:\Documents and Settings\Owner.GAMECOMP\Local Settings\Temp\_MEI18842\_socket.pyd
MOD - [2014/09/24 10:58:50 | 000,557,056 | ---- | M] () -- C:\Documents and Settings\Owner.GAMECOMP\Local Settings\Temp\_MEI18842\pysqlite2._sqlite.pyd
MOD - [2014/09/24 10:58:50 | 000,320,512 | ---- | M] () -- C:\Documents and Settings\Owner.GAMECOMP\Local Settings\Temp\_MEI18842\win32com.shell.shell.pyd
MOD - [2014/09/24 10:58:50 | 000,098,816 | ---- | M] () -- C:\Documents and Settings\Owner.GAMECOMP\Local Settings\Temp\_MEI18842\win32api.pyd
MOD - [2014/09/24 10:58:48 | 001,175,040 | ---- | M] () -- C:\Documents and Settings\Owner.GAMECOMP\Local Settings\Temp\_MEI18842\wx._core_.pyd
MOD - [2014/09/24 10:58:48 | 000,022,528 | ---- | M] () -- C:\Documents and Settings\Owner.GAMECOMP\Local Settings\Temp\_MEI18842\win32ts.pyd
MOD - [2014/09/24 10:58:44 | 000,364,544 | ---- | M] () -- C:\Documents and Settings\Owner.GAMECOMP\Local Settings\Temp\_MEI18842\pythoncom27.dll
MOD - [2014/09/24 10:58:43 | 000,735,232 | ---- | M] () -- C:\Documents and Settings\Owner.GAMECOMP\Local Settings\Temp\_MEI18842\wx._misc_.pyd
MOD - [2014/09/24 10:58:43 | 000,078,336 | ---- | M] () -- C:\Documents and Settings\Owner.GAMECOMP\Local Settings\Temp\_MEI18842\wx._animate.pyd
MOD - [2014/09/24 10:58:41 | 000,122,368 | ---- | M] () -- C:\Documents and Settings\Owner.GAMECOMP\Local Settings\Temp\_MEI18842\wx._wizard.pyd
MOD - [2014/09/24 10:58:41 | 000,011,264 | ---- | M] () -- C:\Documents and Settings\Owner.GAMECOMP\Local Settings\Temp\_MEI18842\win32crypt.pyd
MOD - [2014/09/24 10:58:14 | 000,035,840 | ---- | M] () -- C:\Documents and Settings\Owner.GAMECOMP\Local Settings\Temp\_MEI18842\win32process.pyd
MOD - [2014/09/03 20:01:18 | 000,331,592 | ---- | M] () -- C:\Program Files\Google\Chrome\Application\37.0.2062.120\ppgooglenaclpluginchrome.dll
MOD - [2014/09/03 20:01:16 | 008,577,864 | ---- | M] () -- C:\Program Files\Google\Chrome\Application\37.0.2062.120\pdf.dll
MOD - [2014/09/03 20:01:09 | 001,660,232 | ---- | M] () -- C:\Program Files\Google\Chrome\Application\37.0.2062.120\ffmpegsumo.dll
MOD - [2013/09/10 17:51:14 | 003,109,376 | ---- | M] () -- C:\Documents and Settings\Owner.GAMECOMP\Local Settings\Application Data\Amazon Cloud Player\Amazon Music Helper.exe
MOD - [2013/07/10 18:38:23 | 003,391,488 | ---- | M] () -- c:\windows\assembly\nativeimages1_v1.1.4322\mscorlib\1.0.5000.0__b77a5c561934e089_9a499f80\mscorlib.dll
MOD - [2013/07/10 18:38:20 | 000,843,776 | ---- | M] () -- c:\windows\assembly\nativeimages1_v1.1.4322\system.drawing\1.0.5000.0__b03f5f7f11d50a3a_b5874cae\system.drawing.dll
MOD - [2013/07/10 18:38:12 | 002,088,960 | ---- | M] () -- c:\windows\assembly\nativeimages1_v1.1.4322\system.xml\1.0.5000.0__b77a5c561934e089_414f413e\system.xml.dll
MOD - [2013/07/10 18:38:07 | 003,035,136 | ---- | M] () -- c:\windows\assembly\nativeimages1_v1.1.4322\system.windows.forms\1.0.5000.0__b77a5c561934e089_e480caac\system.windows.forms.dll
MOD - [2013/07/10 18:37:53 | 001,966,080 | ---- | M] () -- c:\windows\assembly\nativeimages1_v1.1.4322\system\1.0.5000.0__b77a5c561934e089_afdf7d5a\system.dll
MOD - [2013/07/10 18:37:43 | 001,232,896 | ---- | M] () -- c:\windows\assembly\gac\system\1.0.5000.0__b77a5c561934e089\system.dll
MOD - [2013/07/10 18:37:42 | 000,471,040 | ---- | M] () -- c:\windows\assembly\gac\system.drawing\1.0.5000.0__b03f5f7f11d50a3a\system.drawing.dll
MOD - [2013/07/10 18:37:40 | 002,064,384 | ---- | M] () -- c:\windows\assembly\gac\system.windows.forms\1.0.5000.0__b77a5c561934e089\system.windows.forms.dll
MOD - [2013/01/01 23:49:10 | 001,292,288 | ---- | M] () -- C:\WINDOWS\system32\quartz.dll
MOD - [2011/10/14 18:38:00 | 000,456,192 | ---- | M] () -- C:\WINDOWS\system32\encdec.dll
MOD - [2011/07/28 16:09:42 | 000,096,112 | ---- | M] () -- C:\Program Files\DivX\DivX Update\DivXUpdateCheck.dll
MOD - [2011/07/28 16:08:12 | 001,259,376 | ---- | M] () -- C:\Program Files\DivX\DivX Update\DivXUpdate.exe
MOD - [2011/06/16 07:55:10 | 000,925,696 | ---- | M] () -- C:\Program Files\Yahoo!\Messenger\yui.dll
MOD - [2011/02/04 18:48:30 | 000,291,840 | ---- | M] () -- C:\WINDOWS\system32\sbe.dll
MOD - [2009/07/21 11:50:02 | 000,084,464 | ---- | M] () -- C:\Program Files\Roxio 2010\5.0\CPMonitor.exe
MOD - [2009/01/29 18:14:19 | 000,032,768 | ---- | M] () -- c:\windows\assembly\gac\hpqcprsc\3.0.0.0__a53cf5803f4c3827\hpqcprsc.dll
MOD - [2009/01/29 18:14:19 | 000,006,656 | ---- | M] () -- c:\windows\assembly\gac\hpqcprsc.resources\3.0.0.0_en_a53cf5803f4c3827\hpqcprsc.resources.dll
MOD - [2009/01/29 18:14:15 | 000,614,400 | ---- | M] () -- c:\windows\assembly\gac\hpqietpz\3.0.0.0__a53cf5803f4c3827\hpqietpz.dll
MOD - [2009/01/29 18:13:45 | 000,032,768 | ---- | M] () -- c:\windows\assembly\gac\hpqisrtb\4.0.0.0__a53cf5803f4c3827\hpqisrtb.dll
MOD - [2009/01/29 18:13:16 | 000,430,080 | ---- | M] () -- c:\windows\assembly\gac\lead.wrapper\13.0.0.66__9cf889f53ea9b907\lead.wrapper.dll
MOD - [2009/01/29 18:13:16 | 000,081,920 | ---- | M] () -- c:\windows\assembly\gac\lead.drawing\13.0.0.66__9cf889f53ea9b907\lead.drawing.dll
MOD - [2009/01/29 18:13:16 | 000,081,920 | ---- | M] () -- c:\windows\assembly\gac\lead\13.0.0.66__9cf889f53ea9b907\lead.dll
MOD - [2009/01/29 18:13:16 | 000,036,864 | ---- | M] () -- c:\windows\assembly\gac\lead.windows.forms\13.0.0.66__9cf889f53ea9b907\lead.windows.forms.dll
MOD - [2009/01/29 18:13:16 | 000,010,240 | ---- | M] () -- c:\windows\assembly\gac\interop.hpqimgr\1.0.0.0__a53cf5803f4c3827\interop.hpqimgr.dll
MOD - [2009/01/29 18:13:15 | 000,368,640 | ---- | M] () -- c:\windows\assembly\gac\hpqtray\3.0.0.0__a53cf5803f4c3827\hpqtray.dll
MOD - [2009/01/29 18:13:15 | 000,249,856 | ---- | M] () -- c:\windows\assembly\gac\hpqtray.resources\3.0.0.0_en_a53cf5803f4c3827\hpqtray.resources.dll
MOD - [2009/01/29 18:13:15 | 000,163,840 | ---- | M] () -- c:\windows\assembly\gac\hpqimgrc\3.0.0.0__a53cf5803f4c3827\hpqimgrc.dll
MOD - [2009/01/29 18:13:15 | 000,151,552 | ---- | M] () -- c:\windows\assembly\gac\hpqgldlg\3.0.0.0__a53cf5803f4c3827\hpqgldlg.dll
MOD - [2009/01/29 18:13:15 | 000,045,056 | ---- | M] () -- c:\windows\assembly\gac\hpqthumb\3.0.0.0__a53cf5803f4c3827\hpqthumb.dll
MOD - [2009/01/29 18:13:15 | 000,028,672 | ---- | M] () -- c:\windows\assembly\gac\hpqfmrsc\3.0.0.0__a53cf5803f4c3827\hpqfmrsc.dll
MOD - [2009/01/29 18:13:15 | 000,024,576 | ---- | M] () -- c:\windows\assembly\gac\hpqasset\3.0.0.0__a53cf5803f4c3827\hpqasset.dll
MOD - [2009/01/29 18:13:15 | 000,016,384 | ---- | M] () -- c:\windows\assembly\gac\hpqiface\3.0.0.0__a53cf5803f4c3827\hpqiface.dll
MOD - [2009/01/29 18:13:15 | 000,007,168 | ---- | M] () -- c:\windows\assembly\gac\hpqfmrsc.resources\3.0.0.0_en_a53cf5803f4c3827\hpqfmrsc.resources.dll
MOD - [2009/01/29 18:12:10 | 000,192,512 | ---- | M] () -- c:\windows\assembly\gac\hpqccrsc\3.0.0.0__a53cf5803f4c3827\hpqccrsc.dll
MOD - [2009/01/29 18:12:10 | 000,151,552 | ---- | M] () -- c:\windows\assembly\gac\hpqutils\3.0.0.0__a53cf5803f4c3827\hpqutils.dll
MOD - [2009/01/29 18:12:10 | 000,077,824 | ---- | M] () -- c:\windows\assembly\gac\hpqgskin\3.0.0.0__a53cf5803f4c3827\hpqgskin.dll
MOD - [2009/01/29 18:12:10 | 000,036,864 | ---- | M] () -- c:\windows\assembly\gac\interop.hpqcxm08\3.0.0.0__a53cf5803f4c3827\interop.hpqcxm08.dll
MOD - [2009/01/29 18:12:10 | 000,016,384 | ---- | M] () -- c:\windows\assembly\gac\hpqptfnd\3.0.0.0__a53cf5803f4c3827\hpqptfnd.dll
MOD - [2009/01/29 18:12:09 | 000,557,056 | ---- | M] () -- c:\windows\assembly\gac\hpqcmctl\3.0.0.0__a53cf5803f4c3827\hpqcmctl.dll
MOD - [2008/09/11 11:48:38 | 000,262,144 | ---- | M] () -- C:\WINDOWS\system32\wlanapp.dll
MOD - [2008/04/13 17:11:59 | 000,014,336 | ---- | M] () -- C:\WINDOWS\system32\msdmo.dll
MOD - [2008/04/13 17:11:51 | 000,059,904 | ---- | M] () -- C:\WINDOWS\system32\devenum.dll
MOD - [2006/06/18 21:32:01 | 001,339,392 | ---- | M] () -- c:\windows\assembly\gac\system.xml\1.0.5000.0__b77a5c561934e089\system.xml.dll
MOD - [2006/06/18 21:28:42 | 000,007,680 | ---- | M] () -- c:\windows\assembly\gac\accessibility\1.0.5000.0__b03f5f7f11d50a3a\accessibility.dll
MOD - [2005/08/05 21:01:54 | 000,159,744 | ---- | M] () -- C:\WINDOWS\system32\VBICodec.ax
MOD - [2005/08/05 20:06:50 | 000,165,376 | ---- | M] () -- C:\WINDOWS\system32\mpg2splt.ax
MOD - [2005/08/02 16:19:16 | 000,050,176 | ---- | M] () -- C:\WINDOWS\armcex.dll
========== Services (SafeList) ==========
SRV - File not found [Auto | Stopped] -- -- (Skype C2C Service)
SRV - File not found [Auto | Stopped] -- -- (0147811269822765mcinstcleanup)
SRV - [2013/10/23 08:15:08 | 000,172,192 | R--- | M] (Skype Technologies) [Auto | Stopped] -- C:\Program Files\Skype\Updater\Updater.exe -- (SkypeUpdate)
SRV - [2012/12/03 08:40:50 | 001,259,880 | ---- | M] (NVIDIA Corporation) [Auto | Stopped] -- C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe -- (nvUpdatusService)
SRV - [2011/04/16 17:45:11 | 000,130,008 | R--- | M] (Symantec Corporation) [Auto | Running] -- C:\Program Files\Norton Security Suite\Engine\5.2.2.3\ccSvcHst.exe -- (N360)
SRV - [2010/11/22 05:44:42 | 001,099,248 | ---- | M] (Sonic Solutions) [On_Demand | Stopped] -- C:\Program Files\Common Files\Roxio Shared\13.0\SharedCOM\RoxMediaDB13.exe -- (RoxMediaDB13)
SRV - [2009/07/24 08:33:34 | 000,219,632 | ---- | M] (Sonic Solutions) [Auto | Stopped] -- C:\Program Files\Common Files\Roxio Shared\12.0\SharedCOM\RoxWatch12.exe -- (RoxWatch12)
SRV - [2009/07/24 08:33:10 | 001,116,656 | ---- | M] (Sonic Solutions) [On_Demand | Stopped] -- C:\Program Files\Common Files\Roxio Shared\12.0\SharedCOM\RoxMediaDB12.exe -- (RoxMediaDB12)
SRV - [2008/11/09 13:48:14 | 000,602,392 | ---- | M] (Yahoo! Inc.) [Auto | Running] -- C:\Program Files\Yahoo!\SoftwareUpdate\YahooAUService.exe -- (YahooAUService)
SRV - [2008/05/19 03:35:50 | 000,356,434 | ---- | M] (Atheros Communications, Inc.) [On_Demand | Stopped] -- C:\Program Files\D-Link\RangeBooster G WUA-2340\JSWUtil\jswpsapi.exe -- (jswpsapi)
SRV - [2008/01/11 17:50:16 | 000,030,312 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Microsoft Small Business\Business Contact Manager\BcmSqlStartupSvc.exe -- (BcmSqlStartupSvc)
SRV - [2007/01/19 11:49:26 | 000,049,152 | ---- | M] (Wireless Service) [Auto | Stopped] -- C:\Program Files\ANI\ANIWZCS2 Service\ANIWZCSdS.exe -- (ANIWZCSdService)
SRV - [2006/11/03 20:19:58 | 000,013,592 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Program Files\Windows Defender\MsMpEng.exe -- (WinDefend)
SRV - [2006/09/19 10:43:45 | 000,172,032 | ---- | M] (New Boundary Technologies, Inc.) [Auto | Running] -- C:\Program Files\Common Files\New Boundary\PrismXL\PRISMXL.SYS -- (PrismXL)
SRV - [2006/07/27 09:52:58 | 000,188,416 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files\Intel\IntelDH\CCU\AlertService.exe -- (AlertService)
SRV - [2006/07/27 09:06:42 | 000,425,984 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files\Intel\IntelDH\Intel Media Server\Shells\Remote UI Service.exe -- (Remote UI Service)
SRV - [2006/07/27 09:03:24 | 000,163,840 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files\Intel\IntelDH\Intel Media Server\Shells\MCLServiceATL.exe -- (MCLServiceATL)
SRV - [2006/07/27 08:39:04 | 000,196,608 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files\Intel\IntelDH\Intel® Quick Resume Technology Drivers\ELService.exe -- (ELService)
SRV - [2006/07/27 08:21:48 | 000,094,208 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files\Intel\IntelDH\Intel Media Server\Media Server\bin\ISSM.exe -- (ISSM)
SRV - [2006/07/09 23:37:24 | 000,025,600 | ---- | M] () [Auto | Running] -- C:\Program Files\Intel\IntelDH\Intel Media Server\Media Server\bin\mediaserver.exe -- (M1 Server)
SRV - [2006/07/06 07:14:30 | 000,090,112 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTmon.exe -- (IAANTMON)
SRV - [2005/08/02 16:19:16 | 000,058,880 | ---- | M] (Microsoft) [Auto | Running] -- C:\WINDOWS\arservice.exe -- (ARSVC)
SRV - [2004/03/18 17:55:48 | 000,065,536 | ---- | M] (HP) [On_Demand | Running] -- C:\WINDOWS\system32\HPZipm12.exe -- (Pml Driver HPZ12)
========== Driver Services (SafeList) ==========
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (WDICA)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDRFRAME)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDRELI)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDFRAME)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDCOMP)
DRV - File not found [Kernel | System | Stopped] -- -- (PCIDump)
DRV - File not found [File_System | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\MBAMSwissArmy.sys -- (MBAMSwissArmy)
DRV - File not found [Kernel | System | Stopped] -- -- (lbrtfdc)
DRV - File not found [Kernel | System | Stopped] -- -- (Changer)
DRV - [2014/09/12 15:11:20 | 001,137,368 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Documents and Settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_5.0.0.125\Definitions\BASHDefs\20140912.003\BHDrvx86.sys -- (BHDrvx86)
DRV - [2014/09/09 04:02:39 | 000,378,672 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Program Files\Common Files\Symantec Shared\EENGINE\eeCtrl.sys -- (eeCtrl)
DRV - [2014/08/26 17:16:33 | 000,448,664 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\Documents and Settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_5.0.0.125\Definitions\IPSDefs\20140923.001\IDSXpx86.sys -- (IDSxpx86)
DRV - [2014/08/21 05:45:06 | 001,636,696 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\Documents and Settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_5.0.0.125\Definitions\VirusDefs\20140923.017_c3f\NAVEX15.SYS -- (NAVEX15)
DRV - [2014/08/21 05:45:05 | 000,095,704 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\Documents and Settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_5.0.0.125\Definitions\VirusDefs\20140923.017_c3f\NAVENG.SYS -- (NAVENG)
DRV - [2012/07/31 14:23:02 | 000,059,776 | ---- | M] (Identive) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\SCR3XX2K.sys -- (SCR3XX2K)
DRV - [2012/07/03 08:25:19 | 000,124,264 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\nvhda32.sys -- (NVHDA)
DRV - [2011/07/07 00:01:58 | 000,126,584 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\SYMEVENT.SYS -- (SymEvent)
DRV - [2011/04/20 18:37:49 | 000,369,784 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\N360\0502020.003\symtdi.sys -- (SYMTDI)
DRV - [2011/03/30 20:00:09 | 000,516,216 | ---- | M] (Symantec Corporation) [File_System | On_Demand | Running] -- C:\WINDOWS\system32\drivers\N360\0502020.003\srtsp.sys -- (SRTSP)
DRV - [2011/03/30 20:00:09 | 000,050,168 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\N360\0502020.003\srtspx.sys -- (SRTSPX)
DRV - [2011/03/14 19:31:23 | 000,744,568 | ---- | M] (Symantec Corporation) [File_System | Boot | Running] -- C:\WINDOWS\system32\drivers\N360\0502020.003\symefa.sys -- (SymEFA)
DRV - [2011/01/26 23:47:10 | 000,340,088 | ---- | M] (Symantec Corporation) [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\N360\0502020.003\symds.sys -- (SymDS)
DRV - [2010/11/15 18:45:33 | 000,136,312 | R--- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\N360\0502020.003\ironx86.sys -- (SymIRON)
DRV - [2009/05/15 03:00:00 | 000,009,200 | ---- | M] (Sonic Solutions) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\cdralw2k.sys -- (Cdralw2k)
DRV - [2009/05/15 03:00:00 | 000,009,072 | ---- | M] (Sonic Solutions) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\cdr4_xp.sys -- (Cdr4_xp)
DRV - [2008/07/21 17:14:18 | 000,016,128 | ---- | M] (Digital Networks North America, Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\RIOUNIV.SYS -- (RIOUNIV)
DRV - [2008/06/13 08:50:26 | 000,386,784 | ---- | M] (D-Link Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\A5AGU.sys -- (A5AGU)
DRV - [2008/06/12 15:50:58 | 000,155,624 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\WINDOWS\System32\drivers\ar5523.bin -- (AR5523)
DRV - [2008/04/13 11:46:22 | 000,015,232 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\mpe.sys -- (MPE)
DRV - [2008/02/12 18:05:00 | 000,057,440 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\jswscimd.sys -- (JSWSCIMD)
DRV - [2007/06/29 14:47:34 | 000,034,304 | ---- | M] (AMD, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\AmdLLD.sys -- (AmdLLD)
DRV - [2007/05/12 16:39:32 | 000,028,195 | ---- | M] (Alpha Networks Inc.) [Kernel | Auto | Running] -- C:\WINDOWS\system32\ANIO.sys -- (ANIO)
DRV - [2006/09/19 10:42:59 | 000,029,184 | ---- | M] (Gteko Ltd.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\goprot51.sys -- (GoProto)
DRV - [2006/07/27 10:14:16 | 000,004,608 | ---- | M] () [File_System | On_Demand | Stopped] -- C:\Program Files\Intel\IntelDH\Intel Media Server\Media Server\bin\TSHWMDTCP.sys -- (TSHWMDTCP)
DRV - [2006/07/13 18:23:54 | 000,009,728 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ELacpi.sys -- (ELacpi)
DRV - [2006/07/13 18:23:52 | 000,007,040 | ---- | M] (Intel Corporation) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\Elmon.sys -- (ELmon)
DRV - [2006/07/13 18:23:32 | 000,006,912 | ---- | M] (Intel Corporation) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\Elkbd.sys -- (ELkbd)
DRV - [2006/07/13 18:23:30 | 000,006,400 | ---- | M] (Intel Corporation) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\Elmou.sys -- (ELmou)
DRV - [2006/07/13 18:23:28 | 000,010,112 | ---- | M] (Intel Corporation) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\Elhid.sys -- (ELhid)
DRV - [2006/06/19 14:18:56 | 000,043,264 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\HECI.sys -- (HECI)
DRV - [2006/06/15 15:28:04 | 001,179,784 | ---- | M] (SigmaTel, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\sthda.sys -- (STHDA)
DRV - [2005/12/02 17:38:04 | 000,041,728 | ---- | M] (Sonic Focus, Inc) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\sfng32.sys -- (sfng32)
DRV - [2005/09/15 22:24:38 | 000,206,080 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\atinavrr.sys -- (ATIAVPCI)
DRV - [2005/03/17 09:51:16 | 001,033,600 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\HSF_DPV.sys -- (HSF_DPV)
DRV - [2005/03/17 09:50:36 | 000,221,440 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\HSFHWBS2.sys -- (HSFHWBS2)
DRV - [2005/03/17 09:50:32 | 000,705,280 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\HSF_CNXT.sys -- (winachsf)
DRV - [2004/08/05 14:25:38 | 000,381,312 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\PRISMA02.sys -- (PRISM_A02)
DRV - [2003/11/07 02:50:00 | 000,070,798 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\LMouFlt2.Sys -- (LMouFlt2)
DRV - [2003/11/07 02:50:00 | 000,051,486 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\L8042PR2.SYS -- (L8042pr2)
DRV - [2003/11/07 02:50:00 | 000,025,502 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\LHidFlt2.Sys -- (LHidFlt2)
DRV - [2003/07/24 13:10:34 | 000,017,149 | ---- | M] (Printing Communications Assoc., Inc. (PCAUSA)) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\DNINDIS5.sys -- (DNINDIS5)
DRV - [2003/01/10 14:13:04 | 000,033,588 | ---- | M] (America Online, Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\wanatw4.sys -- (wanatw)
DRV - [2001/08/17 15:05:48 | 000,314,752 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\CamDrO21.sys -- (PhilCam8116)
========== Standard Registry (SafeList) ==========
========== Internet Explorer ==========
IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKCU\..\URLSearchHook: {81017EA9-9AA8-4A6A-9734-7AF40E7D593F} - C:\Program Files\Yahoo!\Companion\Installs\cpn0\YTNavAssist.dll (Yahoo! Inc.)
IE - HKCU\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
========== FireFox ==========
FF - prefs.js..extensions.enabledAddons: {ABDE892B-13A8-4d1b-88E6-365A6E755758}:15.0.0
FF - prefs.js..extensions.enabledAddons: {635abd67-4fe9-1b23-4f01-e679fa7484c1}:2.4.6.20120119024823
FF - prefs.js..extensions.enabledAddons: {BBDA0591-3099-440a-AA10-41764D9DB4DB}:11.1.1.5 - 2
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}:6.0.20
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}:6.0.22
FF - prefs.js..extensions.enabledItems: {635abd67-4fe9-1b23-4f01-e679fa7484c1}:2.3.5.20110120033202
FF - prefs.js..extensions.enabledItems: {ABDE892B-13A8-4d1b-88E6-365A6E755758}:14.0.3
FF - prefs.js..extensions.enabledItems: {cb84136f-9c44-433a-9048-c5cd9df1dc16}:2.0.1
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA}:6.0.26
FF - prefs.js..extensions.enabledItems: {BBDA0591-3099-440a-AA10-41764D9DB4DB}:3.1
FF - prefs.js..browser.search.selectedEngine: "Ask.com"
FF - prefs.js..browser.search.order.1: "Ask.com"
FF - prefs.js..browser.search.defaultengine: "Google"
FF - prefs.js..browser.search.defaultenginename: "Google"
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\WINDOWS\system32\Macromed\Flash\NPSWF32.dll ()
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Browser Plugin,version=1.0.0: C:\Program Files\DivX\DivX Plus Web Player\npdivx32.dll (DivX,Inc.)
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX VOD Helper,version=1.0.0: C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.15.2: C:\WINDOWS\system32\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@messenger.yahoo.com/YahooMessengerStatePlugin;version=1.0.0.6: C:\Program Files\Yahoo!\Shared\npYState.dll (Yahoo! Inc.)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/VirtualEarth3D,version=4.0: C:\Program Files\Virtual Earth 3D\ [2009/07/03 14:59:41 | 000,000,000 | ---D | M]
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@movenetworks.com/Quantum Media Player: C:\Documents and Settings\Owner.GAMECOMP\Application Data\Move Networks\plugins\npqmp071505000011.dll (Move Networks)
FF - HKLM\Software\MozillaPlugins\@real.com/nppl3260;version=15.0.0.198: c:\program files\real\realplayer\Netscape6\nppl3260.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprjplug;version=15.0.0.198: c:\program files\real\realplayer\Netscape6\nprjplug.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprpchromebrowserrecordext;version=15.0.0.198: C:\Documents and Settings\All Users\Application Data\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprpchromebrowserrecordext.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprphtml5videoshim;version=15.0.0.198: C:\Documents and Settings\All Users\Application Data\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprpjplug;version=15.0.0.198: c:\program files\real\realplayer\Netscape6\nprpjplug.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nsJSRealPlayerPlugin;version=: File not found
FF - HKLM\Software\MozillaPlugins\@real.com/RhapsodyPlayerEngine,version=1.0: C:\Program Files\Real\RhapsodyPlayerEngine\nprhapengine.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/RhapsodyPlayerEngine,version=1.1: C:\Program Files\Real\RhapsodyPlayerEngine\nprhapengine.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@viewpoint.com/VMP: C:\Program Files\Viewpoint\Viewpoint Experience Technology\npViewpoint.dll ()
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKCU\Software\MozillaPlugins\@movenetworks.com/Quantum Media Player: C:\Documents and Settings\Owner.GAMECOMP\Application Data\Move Networks\plugins\npqmp071505000011.dll (Move Networks)
FF - HKCU\Software\MozillaPlugins\@real.com/RhapsodyPlayerEngine: C:\Documents and Settings\Owner.GAMECOMP\Application Data\nprhapengine.dll File not found
FF - HKCU\Software\MozillaPlugins\@yahoo.com/BrowserPlus,version=2.9.8: C:\Documents and Settings\Owner.GAMECOMP\Local Settings\Application Data\Yahoo!\BrowserPlus\2.9.8\Plugins\npybrowserplus_2.9.8.dll (Yahoo! Inc.)
FF - HKCU\Software\MozillaPlugins\amazon.com/AmazonMP3DownloaderPlugin: C:\Program Files\Amazon\MP3 Downloader\npAmazonMP3DownloaderPlugin10171.dll (Amazon.com, Inc.)
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{BBDA0591-3099-440a-AA10-41764D9DB4DB}: C:\Documents and Settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_5.0.0.125\IPSFF [2013/10/09 09:09:03 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{2D3F3651-74B9-4795-BDEC-6DA2F431CB62}: C:\Documents and Settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_5.0.0.125\coFFPlgn_2011_7_13_2 [2014/09/24 10:52:50 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{ABDE892B-13A8-4d1b-88E6-365A6E755758}: C:\Documents and Settings\All Users\Application Data\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext [2011/11/25 17:47:29 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{1C43BAF1-00C2-40A8-A09E-F84CFD79546D}: C:\Program Files\Coupons.com CouponBar\firefox\{1C43BAF1-00C2-40A8-A09E-F84CFD79546D}\Coupons.com.xpi [2012/01/26 12:18:46 | 000,185,164 | ---- | M] ()
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 8.0.1\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2013/02/24 16:22:39 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 8.0.1\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2014/06/04 10:06:23 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Firefox\Extensions\\
[email protected]: C:\Documents and Settings\Owner.GAMECOMP\Application Data\Move Networks [2011/02/04 17:55:11 | 000,000,000 | ---D | M]
[2009/01/21 17:55:04 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Owner.GAMECOMP\Application Data\Mozilla\Extensions
[2013/04/19 10:59:13 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Owner.GAMECOMP\Application Data\Mozilla\Firefox\Profiles\upy5c7xs.default\extensions
[2009/09/14 13:06:08 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Documents and Settings\Owner.GAMECOMP\Application Data\Mozilla\Firefox\Profiles\upy5c7xs.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}
[2012/02/02 09:00:57 | 000,000,000 | ---D | M] (Yahoo! Toolbar) -- C:\Documents and Settings\Owner.GAMECOMP\Application Data\Mozilla\Firefox\Profiles\upy5c7xs.default\extensions\{635abd67-4fe9-1b23-4f01-e679fa7484c1}
[2013/03/10 16:15:19 | 000,002,308 | ---- | M] () -- C:\Documents and Settings\Owner.GAMECOMP\Application Data\Mozilla\Firefox\Profiles\upy5c7xs.default\searchplugins\askcom.xml
[2012/08/26 10:18:07 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions
[2012/11/26 09:12:24 | 000,000,000 | ---D | M] (Skype Click to Call) -- C:\Program Files\Mozilla Firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}
[2011/12/03 00:42:25 | 000,134,104 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\browsercomps.dll
[2003/03/18 22:20:00 | 001,060,864 | ---- | M] (Microsoft Corporation) -- C:\Program Files\mozilla firefox\plugins\mfc71.dll
[2003/02/21 05:42:22 | 000,348,160 | ---- | M] (Microsoft Corporation) -- C:\Program Files\mozilla firefox\plugins\msvcr71.dll
[2013/02/24 16:04:26 | 000,466,944 | ---- | M] (Catalina Marketing Corporation) -- C:\Program Files\mozilla firefox\plugins\NPcol400.dll
[2012/10/19 16:18:49 | 000,248,192 | ---- | M] (Coupons, Inc.) -- C:\Program Files\mozilla firefox\plugins\npCouponPrinter.dll
[2009/11/27 19:27:42 | 000,155,648 | ---- | M] (IBM Corporation) -- C:\Program Files\mozilla firefox\plugins\npmfv.dll
[2012/10/19 16:18:57 | 000,248,192 | ---- | M] (Coupons, Inc.) -- C:\Program Files\mozilla firefox\plugins\npMozCouponPrinter.dll
[2011/10/30 20:26:54 | 000,002,252 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\bing.xml
[2011/12/03 00:42:25 | 000,002,040 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\twitter.xml
========== Chrome ==========
CHR - default_search_provider: (Enabled)
CHR - default_search_provider: search_url =
CHR - default_search_provider: suggest_url =
CHR - plugin: Error reading preferences file
CHR - Extension: No name found = C:\Documents and Settings\Owner.GAMECOMP\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.7_1\
CHR - Extension: No name found = C:\Documents and Settings\Owner.GAMECOMP\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.3_1\
CHR - Extension: No name found = C:\Documents and Settings\Owner.GAMECOMP\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn\0.1.1.5023_0\
CHR - Extension: No name found = C:\Documents and Settings\Owner.GAMECOMP\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.6_1\
CHR - Extension: No name found = C:\Documents and Settings\Owner.GAMECOMP\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_0\
CHR - Extension: No name found = C:\Documents and Settings\Owner.GAMECOMP\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\jfmjfhklogoienhpfnppmbcbjfjnkonk\1.5_0\
CHR - Extension: No name found = C:\Documents and Settings\Owner.GAMECOMP\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.1_0\
CHR - Extension: No name found = C:\Documents and Settings\Owner.GAMECOMP\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_1\
O1 HOSTS File: ([2009/11/17 08:49:59 | 000,000,027 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (&Yahoo! Toolbar Helper) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn0\yt.dll (Yahoo! Inc.)
O2 - BHO: (PE_IE_Helper Class) - {0941C58F-E461-4E03-BD7D-44C27392ADE1} - C:\Program Files\IBM\Lotus Forms\Viewer\3.5\PEhelper.dll (IBM Corporation)
O2 - BHO: (RealPlayer Download and Record Plugin for Internet Explorer) - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Documents and Settings\All Users\Application Data\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll (RealPlayer)
O2 - BHO: (Symantec NCO BHO) - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files\Norton Security Suite\Engine\5.2.2.3\coieplg.dll (Symantec Corporation)
O2 - BHO: (Symantec Intrusion Prevention) - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files\Norton Security Suite\Engine\5.2.2.3\ips\ipsbho.dll (Symantec Corporation)
O2 - BHO: (Skype Browser Helper) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O2 - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.7.9012.1008\swg.dll (Google Inc.)
O2 - BHO: (CBrowserHelperObject Object) - {CA6319C0-31B7-401E-A518-A07C3DB8F777} - C:\WINDOWS\system32\bae.dll (Gateway Inc.)
O2 - BHO: (TBSB07898 Class) - {FCBCCB87-9224-4B8D-B117-F56D924BEB18} - C:\Program Files\Coupons.com CouponBar\tbcore3.dll ()
O2 - BHO: (SingleInstance Class) - {FDAD4DA1-61A2-4FD8-9C17-86F7AC245081} - C:\Program Files\Yahoo!\Companion\Installs\cpn0\YTSingleInstance.dll (Yahoo! Inc)
O3 - HKLM\..\Toolbar: (Norton Toolbar) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files\Norton Security Suite\Engine\5.2.2.3\coieplg.dll (Symantec Corporation)
O3 - HKLM\..\Toolbar: (Coupons.com CouponBar) - {8660E5B3-6C41-44DE-8503-98D99BBECD41} - C:\Program Files\Coupons.com CouponBar\tbcore3.dll ()
O3 - HKLM\..\Toolbar: (Yahoo! Toolbar) - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn0\yt.dll (Yahoo! Inc.)
O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {472734EA-242A-422B-ADF8-83D1E48CC825} - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (Coupons.com CouponBar) - {8660E5B3-6C41-44DE-8503-98D99BBECD41} - C:\Program Files\Coupons.com CouponBar\tbcore3.dll ()
O4 - HKLM..\Run: [amd_dc_opt] C:\Program Files\AMD\Dual-Core Optimizer\amd_dc_opt.exe (AMD)
O4 - HKLM..\Run: [ANIWZCS2Service] C:\Program Files\ANI\ANIWZCS2 Service\WZCSLDR2.exe (Wireless Service)
O4 - HKLM..\Run: [CCUTRAYICON] C:\Program Files\Intel\IntelDH\CCU\CCU_TrayIcon.exe (Intel Corporation)
O4 - HKLM..\Run: [CPMonitor] C:\Program Files\Roxio 2010\5.0\CPMonitor.exe ()
O4 - HKLM..\Run: [DivXUpdate] C:\Program Files\DivX\DivX Update\DivXUpdate.exe ()
O4 - HKLM..\Run: [D-Link RangeBooster G WUA-2340] C:\Program Files\D-Link\RangeBooster G WUA-2340\AirPlusCFG.exe (D-Link)
O4 - HKLM..\Run: [IAAnotif] C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe (Intel Corporation)
O4 - HKLM..\Run: [Logitech Utility] C:\WINDOWS\LOGI_MWX.EXE (Logitech Inc.)
O4 - HKLM..\Run: [Malwarebytes Anti-Malware (reboot)] C:\Program Files\malwarebytes\mbam.exe (Malwarebytes Corporation)
O4 - HKLM..\Run: [MSKDetectorExe] C:\Program Files\McAfee\SpamKiller\MSKDetct.exe (McAfee, Inc.)
O4 - HKLM..\Run: [NvCplDaemon] C:\WINDOWS\System32\NvCpl.dll (NVIDIA Corporation)
O4 - HKLM..\Run: [NvMediaCenter] C:\WINDOWS\System32\nvmctray.dll (NVIDIA Corporation)
O4 - HKLM..\Run: [nwiz] C:\Program Files\NVIDIA Corporation\nview\nwiz.exe ()
O4 - HKLM..\Run: [readericon] C:\Program Files\Digital Media Reader\readericon45G.exe (Alcor Micro, Corp.)
O4 - HKLM..\Run: [Recguard] C:\WINDOWS\SMINST\Recguard.exe ()
O4 - HKLM..\Run: [RoxWatchTray] C:\Program Files\Common Files\Roxio Shared\12.0\SharedCOM\RoxWatchTray12.exe (Sonic Solutions)
O4 - HKLM..\Run: [UserFaultCheck] %systemroot%\system32\dumprep 0 -u File not found
O4 - HKLM..\Run: [Windows Defender] C:\Program Files\Windows Defender\MSASCui.exe (Microsoft Corporation)
O4 - HKCU..\Run: [Amazon Cloud Player] C:\Documents and Settings\Owner.GAMECOMP\Local Settings\Application Data\Amazon Cloud Player\Amazon Music Helper.exe ()
O4 - HKCU..\Run: [GoogleDriveSync] C:\Program Files\Google\Drive\googledrivesync.exe (Google)
O4 - HKCU..\Run: [Messenger (Yahoo!)] C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe (Yahoo! Inc.)
O4 - HKCU..\Run: [Spyware Doctor] C:\Documents and Settings\Owner.GAMECOMP\Desktop\sdsetup[1].exe -min File not found
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\HP Image Zone Fast Start.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqthb08.exe (Hewlett-Packard Co.)
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Logitech Desktop Messenger.lnk = C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LDMConf.exe (Logitech)
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Main present
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\PhishingFilter present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoCDBurning = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: InstallVisualStyle = C:\WINDOWS\Resources\Themes\Royale\Royale.msstyles (Microsoft)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: InstallTheme = C:\WINDOWS\Resources\Themes\Royale.theme ()
O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = FF FF FF FF [binary data]
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O9 - Extra Button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.0.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{8D07E439-11E0-4188-849C-C3A3B5F8D9FE}: DhcpNameServer = 192.168.0.1
O18 - Protocol\Handler\cetihpz {CF184AD3-CDCB-4168-A3F7-8E447D129300} - C:\Program Files\HP\hpcoretech\comp\hpuiprot.dll (Hewlett-Packard Company)
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\WINDOWS\system32\userinit.exe) - C:\WINDOWS\system32\userinit.exe (Microsoft Corporation)
O24 - Desktop WallPaper: C:\Documents and Settings\Owner.GAMECOMP\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O24 - Desktop BackupWallPaper: C:\Documents and Settings\Owner.GAMECOMP\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O28 - HKLM ShellExecuteHooks: {091EB208-39DD-417D-A5DD-7E2C2D8FB9CB} - C:\Program Files\Windows Defender\MpShHook.dll (Microsoft Corporation)
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2006/06/17 02:41:16 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O32 - AutoRun File - [2009/11/15 22:14:51 | 000,000,000 | R--D | M] - C:\autorun.inf -- [ NTFS ]
O32 - AutoRun File - [2009/11/15 21:14:54 | 000,000,000 | R--D | M] - D:\autorun.inf -- [ FAT32 ]
O32 - AutoRun File - [2011/08/04 18:13:52 | 000,000,110 | -H-- | M] () - J:\autorun.inf -- [ FAT32 ]
O33 - MountPoints2\{7e799da0-ea8b-11e3-bdb3-001676e0d0a8}\Shell - "" = AutoRun
O33 - MountPoints2\{7e799da0-ea8b-11e3-bdb3-001676e0d0a8}\Shell\AutoRun - "" = Auto&Play
O33 - MountPoints2\{7e799da0-ea8b-11e3-bdb3-001676e0d0a8}\Shell\AutoRun\command - "" = J:\VerizonSWUpgradeAssistantLauncher.exe
O33 - MountPoints2\{cfa07712-a4b8-11de-bc15-001195dbf0ad}\Shell - "" = AutoRun
O33 - MountPoints2\{cfa07712-a4b8-11de-bc15-001195dbf0ad}\Shell\AutoRun - "" = Auto&Play
O33 - MountPoints2\{cfa07712-a4b8-11de-bc15-001195dbf0ad}\Shell\AutoRun\command - "" = K:\LaunchU3.exe -a
O33 - MountPoints2\{de3128b8-6f4f-11e3-bd9f-001676e0d0a8}\Shell - "" = AutoRun
O33 - MountPoints2\{de3128b8-6f4f-11e3-bd9f-001676e0d0a8}\Shell\AutoRun - "" = Auto&Play
O33 - MountPoints2\{de3128b8-6f4f-11e3-bd9f-001676e0d0a8}\Shell\AutoRun\command - "" = K:\TL-BootStrap.exe
O33 - MountPoints2\K\Shell - "" = AutoRun
O33 - MountPoints2\K\Shell\AutoRun - "" = Auto&Play
O33 - MountPoints2\K\Shell\AutoRun\command - "" = K:\ToolLauncher-Bootstrap.exe
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
========== Files/Folders - Created Within 30 Days ==========
[2014/09/24 10:50:06 | 000,000,000 | -HSD | C] -- C:\found.002
[2014/09/19 16:16:14 | 000,000,000 | -HSD | C] -- C:\found.001
[6 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
[1 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[1 C:\*.tmp files -> C:\*.tmp -> ]
========== Files - Modified Within 30 Days ==========
[2014/09/24 11:41:01 | 000,000,886 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
[2014/09/24 10:54:03 | 000,000,007 | ---- | M] () -- C:\WINDOWS\System32\ANIWZCSUSERNAME
[2014/09/24 10:53:56 | 000,001,158 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2014/09/24 10:53:25 | 000,000,882 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
[2014/09/24 10:53:25 | 000,000,222 | ---- | M] () -- C:\WINDOWS\tasks\Microsoft Windows XP End of Service Notification Logon.job
[2014/09/24 10:53:24 | 000,000,574 | ---- | M] () -- C:\WINDOWS\tasks\Amazon Music Helper.job
[2014/09/24 10:52:51 | 000,001,984 | ---- | M] () -- C:\WINDOWS\System32\d3d9caps.dat
[2014/09/24 10:52:35 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2014/09/24 10:52:33 | 2128,416,768 | -HS- | M] () -- C:\hiberfil.sys
[2014/09/21 14:21:00 | 000,000,286 | ---- | M] () -- C:\WINDOWS\tasks\RealUpgradeScheduledTaskS-1-5-21-1426566321-187985109-3404076147-1007.job
[2014/09/15 09:25:23 | 000,057,735 | ---- | M] () -- C:\Documents and Settings\Owner.GAMECOMP\Desktop\Family Access Gradebook.pdf
[2014/09/15 09:20:40 | 000,002,944 | ---- | M] () -- C:\Documents and Settings\Owner.GAMECOMP\Desktop\Nico English Progress report 09.14.14.pdf
[2014/09/11 15:44:05 | 000,304,496 | ---- | M] () -- C:\Documents and Settings\Owner.GAMECOMP\Local Settings\Application Data\rx_image32.Cache
[2014/09/11 15:44:05 | 000,033,728 | ---- | M] () -- C:\Documents and Settings\Owner.GAMECOMP\Local Settings\Application Data\rx_audio.Cache
[2014/09/08 15:00:12 | 000,000,216 | ---- | M] () -- C:\WINDOWS\tasks\Microsoft Windows XP End of Service Notification Monthly.job
[6 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
[1 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[1 C:\*.tmp files -> C:\*.tmp -> ]
========== Files Created - No Company Name ==========
[2014/09/15 09:25:23 | 000,057,735 | ---- | C] () -- C:\Documents and Settings\Owner.GAMECOMP\Desktop\Family Access Gradebook.pdf
[2014/09/15 09:21:12 | 000,002,944 | ---- | C] () -- C:\Documents and Settings\Owner.GAMECOMP\Desktop\Nico English Progress report 09.14.14.pdf
[2014/09/12 08:58:13 | 000,188,016 | ---- | C] () -- C:\Documents and Settings\LocalService\Local Settings\Application Data\FontCache3.0.0.0.dat
[2013/07/24 15:34:38 | 000,033,728 | ---- | C] () -- C:\Documents and Settings\Owner.GAMECOMP\Local Settings\Application Data\rx_audio.Cache
[2013/04/10 10:20:37 | 000,304,496 | ---- | C] () -- C:\Documents and Settings\Owner.GAMECOMP\Local Settings\Application Data\rx_image32.Cache
[2012/12/22 21:28:35 | 000,104,646 | ---- | C] () -- C:\WINDOWS\hpoins04.dat
[2012/12/22 21:28:35 | 000,017,176 | ---- | C] () -- C:\WINDOWS\hpomdl04.dat
[2012/12/22 19:05:13 | 002,283,884 | ---- | C] () -- C:\WINDOWS\System32\nvdata.data
[2012/12/22 12:33:49 | 003,123,272 | ---- | C] () -- C:\WINDOWS\System32\pbsvc.exe
[2012/03/04 12:06:02 | 000,000,000 | ---- | C] () -- C:\Documents and Settings\Owner.GAMECOMP\LOG
[2011/05/18 13:46:21 | 000,001,940 | ---- | C] () -- C:\Documents and Settings\Owner.GAMECOMP\Local Settings\Application Data\{96C87F53-AC72-4604-A9CC-186A49F17F3C}.ini
[2008/02/19 15:49:37 | 000,000,580 | ---- | C] () -- C:\Documents and Settings\Owner.GAMECOMP\Application Data\wklnhst.dat
[2007/10/25 18:31:21 | 000,000,001 | ---- | C] () -- C:\Documents and Settings\Owner.GAMECOMP\SI.bin
[2007/08/21 18:27:28 | 000,133,120 | ---- | C] () -- C:\Documents and Settings\Owner.GAMECOMP\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2007/04/15 13:50:58 | 000,000,137 | ---- | C] () -- C:\Documents and Settings\Owner.GAMECOMP\Local Settings\Application Data\fusioncache.dat
========== ZeroAccess Check ==========
[2006/06/17 02:37:41 | 000,000,227 | RHS- | M] () -- C:\WINDOWS\assembly\Desktop.ini
[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shdocvw.dll -- [2008/04/13 17:12:05 | 001,499,136 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = C:\WINDOWS\system32\wbem\fastprox.dll -- [2009/02/09 05:10:48 | 000,473,600 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
"" = C:\WINDOWS\system32\wbem\wbemess.dll -- [2008/04/13 17:12:08 | 000,273,920 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both
========== LOP Check ==========
[2013/03/10 16:04:44 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Ask
[2012/10/01 08:04:23 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Battle.net
[2013/05/31 12:57:26 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\ClubSanDisk
[2007/09/22 13:16:58 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Firefly Studios
[2010/10/15 18:29:24 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Napster
[2011/08/26 18:10:07 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\PhotoShow Shared Assets
[2010/12/01 11:55:04 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\PureEdge
[2011/08/26 18:19:50 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\SmartSound Software Inc
[2014/09/24 10:41:05 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\TEMP
[2010/09/12 19:01:10 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Ubisoft
[2012/05/17 15:37:08 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Uninstall
[2006/09/19 10:39:04 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Viewpoint
[2006/09/19 10:37:57 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\WildTangent
[2010/10/15 18:33:07 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\YAHOO
[2011/10/01 16:15:12 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Owner.GAMECOMP\Application Data\Amazon
[2013/02/24 16:04:26 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Owner.GAMECOMP\Application Data\Catalina Marketing Corp
[2012/12/22 16:02:31 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Owner.GAMECOMP\Application Data\FixCleaner
[2007/08/03 16:28:48 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Owner.GAMECOMP\Application Data\Leadertech
[2010/12/01 11:55:04 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Owner.GAMECOMP\Application Data\PureEdge
[2006/09/19 10:42:21 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Owner.GAMECOMP\Application Data\SampleView
[2011/08/26 18:10:08 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Owner.GAMECOMP\Application Data\Simple Star
[2008/02/19 15:49:38 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Owner.GAMECOMP\Application Data\Template
[2011/06/11 18:06:44 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Owner.GAMECOMP\Application Data\The Creative Assembly
[2010/07/31 10:14:45 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Owner.GAMECOMP\Application Data\Tific
[2013/02/24 16:23:46 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Owner.GAMECOMP\Application Data\Toolbar4
[2010/09/12 19:01:10 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Owner.GAMECOMP\Application Data\Ubisoft
[2013/06/07 14:28:11 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Owner.GAMECOMP\Application Data\VirtualStore
[2009/01/18 17:11:02 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Owner.GAMECOMP\Application Data\Yahoo
========== Purity Check ==========
========== Alternate Data Streams ==========
@Alternate Data Stream - 76 bytes -> C:\Documents and Settings\Owner.GAMECOMP\My Documents\Production 1.dmsm:Roxio EMC Stream
@Alternate Data Stream - 158 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:DFC5A2B2
@Alternate Data Stream - 127 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:430C6D84
@Alternate Data Stream - 116 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:D1B5B4F1
@Alternate Data Stream - 109 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:A8ADE5D8
< End of report >