OTListIt logfile created on: 4/9/2009 3:08:42 PM - Run 2 OTListIt2 by OldTimer - Version 2.0.12.2 Folder = C:\Users\DAD\Desktop Windows Vista Home Premium Edition Service Pack 1 (Version = 6.0.6001) - Type = NTWorkstation Internet Explorer (Version = 8.0.6001.18762) Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy 4.00 Gb Total Physical Memory | 2.70 Gb Available Physical Memory | 67.45% Memory free 4.00 Gb Paging File | 4.00 Gb Available in Paging File | 100.00% Paging File free Paging file location(s): ?:\pagefile.sys; %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86) Drive C: | 283.34 Gb Total Space | 192.96 Gb Free Space | 68.10% Space Free | Partition Type: NTFS Drive D: | 14.75 Gb Total Space | 8.13 Gb Free Space | 55.15% Space Free | Partition Type: NTFS E: Drive not present or media not loaded F: Drive not present or media not loaded G: Drive not present or media not loaded H: Drive not present or media not loaded I: Drive not present or media not loaded Computer Name: DAD-PC Current User Name: DAD Logged in as Administrator. Current Boot Mode: Normal Scan Mode: All users Output = Minimal File Age = 30 Days Company Name Whitelist: On [color=orange]========== Processes (SafeList) ==========[/color] PRC - C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe (Apple Inc.) PRC - C:\Program Files (x86)\AVG\AVG8\avgwdsvc.exe (AVG Technologies CZ, s.r.o.) PRC - C:\Program Files (x86)\Bonjour\mDNSResponder.exe (Apple Inc.) PRC - C:\Windows\SysWOW64\svchost.exe (Microsoft Corporation) PRC - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe (Google Inc.) PRC - C:\Program Files (X86)\Intel\Intel Matrix Storage Manager\Iaantmon.exe (Intel Corporation) PRC - C:\Program Files (x86)\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE (Microsoft Corporation) PRC - C:\Program Files (x86)\Microsoft SQL Server\MSSQL$VECTORVEST\Binn\sqlservr.exe (Microsoft Corporation) PRC - C:\Program Files (x86)\Common Files\VMware\VMware Virtual Image Editing\vmount2.exe (VMware, Inc.) PRC - C:\Windows\SysWOW64\vmnat.exe (VMware, Inc.) PRC - C:\Program Files (x86)\AVG\AVG8\avgemc.exe (AVG Technologies CZ, s.r.o.) PRC - C:\Program Files (x86)\Common Files\Pure Networks Shared\Platform\nmsrvc.exe (Cisco Systems, Inc.) PRC - C:\Program Files (x86)\VMware\VMware Player\vmware-authd.exe (VMware, Inc.) PRC - C:\Program Files (x86)\AVG\AVG8\avgcsrvx.exe (AVG Technologies CZ, s.r.o.) PRC - C:\Windows\SysWOW64\vmnetdhcp.exe (VMware, Inc.) PRC - C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAAnotif.exe (Intel Corporation) PRC - C:\Program Files (x86)\Loonies\Actual Booster\ActlBstr.exe (Loonies Software) PRC - C:\Program Files (x86)\Siber Systems\AI RoboForm\robotaskbaricon.exe (Siber Systems) PRC - C:\Program Files (x86)\SystemScheduler\WScheduler.exe () PRC - C:\Program Files (x86)\Common Files\Pure Networks Shared\Platform\nmctxth.exe (Cisco Systems, Inc.) PRC - C:\Program Files (x86)\Pure Networks\Network Magic\nmapp.exe (Cisco Systems, Inc.) PRC - C:\Program Files (x86)\AVG\AVG8\avgtray.exe (AVG Technologies CZ, s.r.o.) PRC - C:\Users\DAD\Desktop\OTListIt2.exe (OldTimer Tools) [color=orange]========== Win32 Services (SafeList) ==========[/color] SRV - (AgereModemAudio [Auto | Running]) -- C:\Windows\sysnative\agr64svc.exe () SRV - (Apple Mobile Device [Auto | Running]) -- C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe (Apple Inc.) SRV - (aspnet_state [On_Demand | Stopped]) -- File not found SRV - (avg8emc [Auto | Running]) -- C:\Program Files (x86)\AVG\AVG8\avgemc.exe (AVG Technologies CZ, s.r.o.) SRV - (avg8wd [Auto | Running]) -- C:\Program Files (x86)\AVG\AVG8\avgwdsvc.exe (AVG Technologies CZ, s.r.o.) SRV - (Bonjour Service [Auto | Running]) -- C:\Program Files (x86)\Bonjour\mDNSResponder.exe (Apple Inc.) SRV - (BthServ [Auto | Running]) -- C:\Windows\sysnative\bthserv.dll () SRV - (clr_optimization_v2.0.50727_32 [On_Demand | Stopped]) -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe (Microsoft Corporation) SRV - (clr_optimization_v2.0.50727_64 [On_Demand | Stopped]) -- C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe (Microsoft Corporation) SRV - (cmdAgent [Auto | Running]) -- C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe () SRV - (ehRecvr [Disabled | Stopped]) -- C:\Windows\ehome\ehRecvr.exe (Microsoft Corporation) SRV - (ehSched [Disabled | Stopped]) -- C:\Windows\ehome\ehsched.exe (Microsoft Corporation) SRV - (ehstart [Disabled | Stopped]) -- C:\Windows\ehome\ehstart.dll (Microsoft Corporation) SRV - (FontCache3.0.0.0 [On_Demand | Stopped]) -- C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe (Microsoft Corporation) SRV - (GameConsoleService [On_Demand | Stopped]) -- C:\Program Files (x86)\Gateway Games\Gateway Game Console\GameConsoleService.exe (WildTangent, Inc.) SRV - (gupdate1c99e618e044e8 [Auto | Stopped]) -- C:\Program Files (x86)\Google\Update\GoogleUpdate.exe (Google Inc.) SRV - (hpqcxs08 [On_Demand | Running]) -- C:\Program Files (x86)\HP\Digital Imaging\bin\hpqcxs08.dll (Hewlett-Packard Co.) SRV - (hpqddsvc [Auto | Running]) -- C:\Program Files (x86)\HP\Digital Imaging\bin\hpqddsvc.dll (Hewlett-Packard Co.) SRV - (IAANTMON [Auto | Running]) -- C:\Program Files (X86)\Intel\Intel Matrix Storage Manager\Iaantmon.exe (Intel Corporation) SRV - (IDriverT [On_Demand | Stopped]) -- C:\Program Files (x86)\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe (Macrovision Corporation) SRV - (idsvc [Unknown | Stopped]) -- C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe (Microsoft Corporation) SRV - (iPod Service [On_Demand | Stopped]) -- C:\Program Files (x86)\iPod\bin\iPodService.exe (Apple Inc.) SRV - (MDM [Auto | Running]) -- C:\Program Files (x86)\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE (Microsoft Corporation) SRV - (Microsoft Office Groove Audit Service [On_Demand | Stopped]) -- C:\Program Files (x86)\Microsoft Office\Office12\GrooveAuditService.exe (Microsoft Corporation) SRV - (MSSQL$VECTORVEST [Auto | Running]) -- C:\Program Files (x86)\Microsoft SQL Server\MSSQL$VECTORVEST\Binn\sqlservr.exe (Microsoft Corporation) SRV - (MSSQLServerADHelper [On_Demand | Stopped]) -- C:\Program Files (x86)\Microsoft SQL Server\80\Tools\Binn\sqladhlp.exe (Microsoft Corporation) SRV - (NetTcpPortSharing [Disabled | Stopped]) -- C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\SMSvcHost.exe (Microsoft Corporation) SRV - (nmservice [Auto | Running]) -- C:\Program Files (x86)\Common Files\Pure Networks Shared\Platform\nmsrvc.exe (Cisco Systems, Inc.) SRV - (odserv [On_Demand | Stopped]) -- C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE (Microsoft Corporation) SRV - (ose [On_Demand | Stopped]) -- C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE (Microsoft Corporation) SRV - (PcaSvc [Disabled | Stopped]) -- C:\Windows\sysnative\pcasvc.dll () SRV - (PerfHost [On_Demand | Stopped]) -- C:\Windows\SysWow64\perfhost.exe (Microsoft Corporation) SRV - (SQLAgent$VECTORVEST [On_Demand | Stopped]) -- C:\Program Files (x86)\Microsoft SQL Server\MSSQL$VECTORVEST\Binn\sqlagent.EXE (Microsoft Corporation) SRV - (STacSV [Auto | Running]) -- C:\Windows\sysnative\DriverStore\FileRepository\stwrt64.inf_0dfb7520\STacSV64.exe () SRV - (Symantec Core LC [On_Demand | Stopped]) -- C:\Program Files (x86)\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe () SRV - (VMAuthdService [Auto | Running]) -- C:\Program Files (x86)\VMware\VMware Player\vmware-authd.exe (VMware, Inc.) SRV - (VMnetDHCP [Auto | Running]) -- C:\Windows\system32\vmnetdhcp.exe (VMware, Inc.) SRV - (vmount2 [Auto | Running]) -- C:\Program Files (x86)\Common Files\VMware\VMware Virtual Image Editing\vmount2.exe (VMware, Inc.) SRV - (VMware NAT Service [Auto | Running]) -- C:\Windows\system32\vmnat.exe (VMware, Inc.) SRV - (WMPNetworkSvc [Auto | Stopped]) -- C:\Program Files\Windows Media Player\wmpnetwk.exe (Microsoft Corporation) [color=orange]========== Driver Services (SafeList) ==========[/color] DRV - (AgereSoftModem [On_Demand | Running]) -- C:\Windows\sysnative\DRIVERS\agrsm64.sys () DRV - (AvgLdx64 [System | Running]) -- C:\Windows\sysnative\Drivers\avgldx64.sys () DRV - (AvgMfx64 [System | Running]) -- C:\Windows\sysnative\Drivers\avgmfx64.sys () DRV - (AvgTdiA [System | Running]) -- C:\Windows\sysnative\Drivers\avgtdia.sys () DRV - (b57nd60a [On_Demand | Stopped]) -- C:\Windows\sysnative\DRIVERS\b57nd60a.sys () DRV - (BCM43XV [On_Demand | Stopped]) -- C:\Windows\sysnative\DRIVERS\bcmwl664.sys () DRV - (BthEnum [On_Demand | Stopped]) -- C:\Windows\sysnative\DRIVERS\BthEnum.sys () DRV - (BthPan [On_Demand | Stopped]) -- C:\Windows\sysnative\DRIVERS\bthpan.sys () DRV - (BTHPORT [On_Demand | Stopped]) -- C:\Windows\sysnative\Drivers\BTHport.sys () DRV - (BTHUSB [On_Demand | Stopped]) -- C:\Windows\sysnative\Drivers\BTHUSB.sys () DRV - (btwaudio [On_Demand | Stopped]) -- C:\Windows\sysnative\drivers\btwaudio.sys () DRV - (btwavdt [On_Demand | Stopped]) -- C:\Windows\sysnative\drivers\btwavdt.sys () DRV - (btwrchid [On_Demand | Stopped]) -- C:\Windows\sysnative\DRIVERS\btwrchid.sys () DRV - (CmBatt [On_Demand | Running]) -- C:\Windows\sysnative\DRIVERS\CmBatt.sys () DRV - (GEARAspiWDM [On_Demand | Running]) -- C:\Windows\sysnative\DRIVERS\GEARAspiWDM.sys () DRV - (hcmon [Auto | Running]) -- C:\Windows\sysnative\drivers\hcmon.sys () DRV - (HdAudAddService [On_Demand | Stopped]) -- C:\Windows\sysnative\drivers\HdAudio.sys () DRV - (iaStor [Boot | Running]) -- C:\Windows\sysnative\DRIVERS\iaStor.sys () DRV - (KeyScrambler [On_Demand | Running]) -- C:\Windows\sysnative\drivers\keyscrambler.sys () DRV - (MBAMDrvService [Auto | Stopped]) -- C:\Windows\system32\drivers\mbam.sys (Malwarebytes Corporation) DRV - (mcdbus [On_Demand | Running]) -- C:\Windows\system32\DRIVERS\mcdbus.sys (MagicISO, Inc.) DRV - (NETw4v64 [On_Demand | Stopped]) -- C:\Windows\sysnative\DRIVERS\NETw4v64.sys () DRV - (NETw5v64 [On_Demand | Running]) -- C:\Windows\sysnative\DRIVERS\NETw5v64.sys () DRV - (pnarp [Auto | Running]) -- C:\Windows\sysnative\DRIVERS\pnarp.sys () DRV - (purendis [Auto | Running]) -- C:\Windows\sysnative\DRIVERS\purendis.sys () DRV - (R300 [On_Demand | Stopped]) -- C:\Windows\sysnative\DRIVERS\atikmdag.sys () DRV - (RDPDISPM [On_Demand | Stopped]) -- C:\Windows\sysnative\DRIVERS\rdpdispm.sys () DRV - (RFCOMM [On_Demand | Stopped]) -- C:\Windows\sysnative\DRIVERS\rfcomm.sys () DRV - (RTL8169 [On_Demand | Running]) -- C:\Windows\sysnative\DRIVERS\Rtlh64.sys () DRV - (RTSTOR [On_Demand | Running]) -- C:\Windows\sysnative\drivers\RTSTOR64.SYS () DRV - (sdbus [Disabled | Stopped]) -- C:\Windows\sysnative\DRIVERS\sdbus.sys () DRV - (Si3531 [Boot | Running]) -- C:\Windows\sysnative\DRIVERS\Si3531.sys () DRV - (SiFilter [Boot | Running]) -- C:\Windows\sysnative\DRIVERS\SiWinAcc.sys () DRV - (SiRemFil [Boot | Running]) -- C:\Windows\sysnative\DRIVERS\SiRemFil.sys () DRV - (STHDA [On_Demand | Running]) -- C:\Windows\sysnative\DRIVERS\stwrt64.sys () DRV - (SynTP [On_Demand | Running]) -- C:\Windows\sysnative\DRIVERS\SynTP.sys () DRV - (usbvideo [On_Demand | Running]) -- C:\Windows\sysnative\Drivers\usbvideo.sys () DRV - (UVCFTR [On_Demand | Running]) -- C:\Windows\sysnative\Drivers\UVCFTR_S.SYS () DRV - (vmkbd [On_Demand | Running]) -- C:\Windows\sysnative\drivers\VMkbd.sys () DRV - (VMnetAdapter [On_Demand | Stopped]) -- C:\Windows\sysnative\DRIVERS\vmnetadapter.sys () DRV - (VMnetBridge [Auto | Running]) -- C:\Windows\sysnative\DRIVERS\vmnetbridge.sys () DRV - (VMnetuserif [Auto | Running]) -- C:\Windows\sysnative\drivers\vmnetuserif.sys () DRV - (vmusb [On_Demand | Stopped]) -- C:\Windows\sysnative\Drivers\vmusb.sys () DRV - (vmx86 [Auto | Running]) -- C:\Windows\sysnative\drivers\vmx86.sys () DRV - (vstor2 [Auto | Running]) -- C:\Program Files (x86)\Common Files\VMware\VMware Virtual Image Editing\vstor2.sys (VMware, Inc.) [color=orange]========== Standard Registry (SafeList) ==========[/color] [color=orange]========== Internet Explorer ==========[/color] IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Extensions Off Page = about:NoAdd-ons IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SYSTEM32\blank.htm IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Security Risk Page = about:SecurityRisk IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.msn.com/ IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,CustomizeSearch = http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchcust.htm IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchasst.htm IE - URLSearchHook: {399d96ca-6f9a-4fff-95fe-284e45ebb935} - Reg Error: Key error. File not found IE - HKU\.DEFAULT\SOFTWARE\Microsoft\Internet Explorer\Main,Default_page_URL = http://www.gateway.com/g/startpage.html?Ch=Retail&SubCH=BB&Br=GTW&Loc=ENG_US&Sys=PTB&M=P-6860FX IE - HKU\.DEFAULT\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.gateway.com/g/startpage.html?Ch=Retail&SubCH=BB&Br=GTW&Loc=ENG_US&Sys=PTB&M=P-6860FX IE - HKU\.DEFAULT\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-18\SOFTWARE\Microsoft\Internet Explorer\Main,Default_page_URL = http://www.gateway.com/g/startpage.html?Ch=Retail&SubCH=BB&Br=GTW&Loc=ENG_US&Sys=PTB&M=P-6860FX IE - HKU\S-1-5-18\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.gateway.com/g/startpage.html?Ch=Retail&SubCH=BB&Br=GTW&Loc=ENG_US&Sys=PTB&M=P-6860FX IE - HKU\S-1-5-18\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-21-987286777-748312672-3327065692-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SYSTEM32\blank.htm IE - HKU\S-1-5-21-987286777-748312672-3327065692-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Page_Transitions = 1 IE - HKU\S-1-5-21-987286777-748312672-3327065692-1000\SOFTWARE\Microsoft\Internet Explorer\Main,SearchDefaultBranded = 1 IE - HKU\S-1-5-21-987286777-748312672-3327065692-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com/ IE - HKU\S-1-5-21-987286777-748312672-3327065692-1000\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 1 IE - HKU\S-1-5-21-987286777-748312672-3327065692-1000\S-1-5-21-987286777-748312672-3327065692-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 [color=orange]========== FireFox ==========[/color] FF - prefs.js..browser.search.defaultenginename: "Ask" FF - prefs.js..browser.search.order.1: "Ask" FF - prefs.js..browser.search.selectedEngine: "Google" FF - prefs.js..browser.search.useDBForOrder: true FF - prefs.js..extensions.enabledItems: {E9A1DEE0-C623-4439-8932-001E7D17607D}:2.1.0.5 FF - prefs.js..extensions.enabledItems: keyscrambler@qfx.software.corporation:2.4.1.1 FF - prefs.js..extensions.enabledItems: support@lastpass.com:1.50 FF - prefs.js..extensions.enabledItems: morningCoffee@shaneliesegang:1.33 FF - prefs.js..extensions.enabledItems: {78518e5b-4eb1-0d61-ff3e-fd645642a4e2}:1.3.2 FF - prefs.js..extensions.enabledItems: {972ce4c6-7e08-4474-a285-3208198ce6fd}:3.0.8 FF - prefs.js..keyword.URL: "http://toolbar.ask.com/toolbarv/askRedirect?o=101703&gct=&gc=1&q=" FF - HKLM\software\mozilla\Mozilla Firefox 3.0.8\extensions\\Components: C:\PROGRAM FILES (X86)\MOZILLA FIREFOX\COMPONENTS [2009/04/06 22:06:32 | 00,000,000 | ---D | M] FF - HKLM\software\mozilla\Mozilla Firefox 3.0.8\extensions\\Plugins: C:\PROGRAM FILES (X86)\MOZILLA FIREFOX\PLUGINS [2009/04/06 22:06:32 | 00,000,000 | ---D | M] [2008/06/18 20:19:57 | 00,000,000 | ---D | M] -- C:\Users\DAD\AppData\Roaming\mozilla\Extensions [2008/06/18 20:19:57 | 00,000,000 | ---D | M] -- C:\Users\DAD\AppData\Roaming\mozilla\Extensions\{ec8030f7-c20a-464f-9b0e-13a3a9e97384} [2009/04/08 16:59:39 | 00,000,000 | ---D | M] -- C:\Users\DAD\AppData\Roaming\mozilla\Firefox\Profiles\0erlpzoj.default\extensions [2009/04/03 13:22:03 | 00,000,000 | ---D | M] -- C:\Users\DAD\AppData\Roaming\mozilla\Firefox\Profiles\0erlpzoj.default\extensions\{78518e5b-4eb1-0d61-ff3e-fd645642a4e2} [2009/04/09 09:48:13 | 00,000,000 | ---D | M] -- C:\Users\DAD\AppData\Roaming\mozilla\Firefox\Profiles\0erlpzoj.default\extensions\{E9A1DEE0-C623-4439-8932-001E7D17607D} [2009/04/02 15:13:27 | 00,000,000 | ---D | M] -- C:\Users\DAD\AppData\Roaming\mozilla\Firefox\Profiles\0erlpzoj.default\extensions\keyscrambler@qfx.software.corporation [2009/04/03 09:47:57 | 00,000,000 | ---D | M] -- C:\Users\DAD\AppData\Roaming\mozilla\Firefox\Profiles\0erlpzoj.default\extensions\morningCoffee@shaneliesegang [2009/04/02 14:25:44 | 00,000,000 | ---D | M] -- C:\Users\DAD\AppData\Roaming\mozilla\Firefox\Profiles\0erlpzoj.default\extensions\support@lastpass.com [2009/04/03 09:31:28 | 00,000,682 | ---- | M] () -- C:\Users\DAD\AppData\Roaming\Mozilla\FireFox\Profiles\0erlpzoj.default\searchplugins\ask.xml [2009/04/02 14:22:30 | 00,000,000 | ---D | M] -- C:\Program Files (x86)\mozilla firefox\extensions [2009/04/02 14:22:30 | 00,000,000 | ---D | M] -- C:\Program Files (x86)\mozilla firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd} [2009/03/26 15:11:21 | 00,023,032 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\mozilla firefox\components\browserdirprovider.dll [2009/03/26 15:11:22 | 00,134,648 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\mozilla firefox\components\brwsrcmp.dll [2009/03/26 14:56:22 | 00,001,394 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\amazondotcom.xml [2009/03/26 14:56:22 | 00,002,193 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\answers.xml [2009/03/26 14:56:22 | 00,001,534 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\creativecommons.xml [2009/03/26 14:56:22 | 00,002,343 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\eBay.xml [2009/03/26 14:56:22 | 00,001,706 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\google.xml [2009/03/26 14:56:22 | 00,001,178 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\wikipedia.xml [2009/03/26 14:56:22 | 00,000,792 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\yahoo.xml O1 HOSTS File: (736 bytes) - C:\Windows\System32\drivers\etc\Hosts O1 - Hosts: ::1 localhost O2 - BHO: (KeyScramblerBHO Class) - {2B9F5787-88A5-4945-90E7-C4B18563BC5E} - C:\Program Files (x86)\KeyScrambler\KeyScramblerIE.dll (QFX Software Corporation) O2 - BHO: (AVG Safe Search) - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files (x86)\AVG\AVG8\avgssie.dll (AVG Technologies CZ, s.r.o.) O2 - BHO: (no name) - {724d43a9-0d85-11d4-9908-00400523e39a} - C:\Program Files (x86)\Siber Systems\AI RoboForm\roboform.dll (Siber Systems Inc.) O2 - BHO: (Groove GFS Browser Helper) - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll (Microsoft Corporation) O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre6\bin\ssv.dll (Sun Microsystems, Inc.) O2 - BHO: (Windows Live Sign-in Helper) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation) O2 - BHO: (AVG Security Toolbar) - {A057A204-BACC-4D26-9990-79A187E2698E} - C:\Program Files (x86)\AVG\AVG8\avgtoolbar.dll ([[[COMPANYNAME]]]----------------------------) O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll (Sun Microsystems, Inc.) O2 - BHO: (Google Gears Helper) - {E0FEFE40-FBF9-42AE-BA58-794CA7E3FB53} - C:\Program Files (x86)\Google\Google Gears\Internet Explorer\0.5.4.2\gears.dll (Google Inc.) O3 - HKLM\..\Toolbar: (&RoboForm) - {724d43a0-0d85-11d4-9908-00400523e39a} - C:\Program Files (x86)\Siber Systems\AI RoboForm\roboform.dll (Siber Systems Inc.) O3 - HKLM\..\Toolbar: (AVG Security Toolbar) - {A057A204-BACC-4D26-9990-79A187E2698E} - C:\Program Files (x86)\AVG\AVG8\avgtoolbar.dll ([[[COMPANYNAME]]]----------------------------) O3 - HKU\S-1-5-21-987286777-748312672-3327065692-1000\..\Toolbar\WebBrowser: (no name) - {3041D03E-FD4B-44E0-B742-2D9B88305F98} - C:\Program Files (x86)\AskBarDis\bar\bin\askBar.dll File not found O3 - HKU\S-1-5-21-987286777-748312672-3327065692-1000\..\Toolbar\WebBrowser: (no name) - {399D96CA-6F9A-4FFF-95FE-284E45EBB935} - Reg Error: Key error. File not found O3 - HKU\S-1-5-21-987286777-748312672-3327065692-1000\..\Toolbar\WebBrowser: (no name) - {724D43A0-0D85-11D4-9908-00400523E39A} - C:\Program Files (x86)\Siber Systems\AI RoboForm\roboform.dll (Siber Systems Inc.) O3 - HKU\S-1-5-21-987286777-748312672-3327065692-1000\..\Toolbar\WebBrowser: (no name) - {968631B6-4729-440D-9BF4-251F5593EC9A} - Reg Error: Key error. File not found O3 - HKU\S-1-5-21-987286777-748312672-3327065692-1000\..\Toolbar\WebBrowser: (no name) - {A057A204-BACC-4D26-9990-79A187E2698E} - C:\Program Files (x86)\AVG\AVG8\avgtoolbar.dll ([[[COMPANYNAME]]]----------------------------) O3 - HKU\S-1-5-21-987286777-748312672-3327065692-1000\..\Toolbar\WebBrowser: (no name) - {F2CF5485-4E02-4F68-819C-B92DE9277049} - C:\Windows\SysWOW64\ieframe.dll (Microsoft Corporation) O4 - HKLM..\Run: [AVG8_TRAY] C:\PROGRA~2\AVG\AVG8\avgtray.exe (AVG Technologies CZ, s.r.o.) O4 - HKLM..\Run: [GrooveMonitor] "C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe" (Microsoft Corporation) O4 - HKLM..\Run: [nmapp] "C:\Program Files (x86)\Pure Networks\Network Magic\nmapp.exe" -autorun -nosplash (Cisco Systems, Inc.) O4 - HKLM..\Run: [nmctxth] "C:\Program Files (x86)\Common Files\Pure Networks Shared\Platform\nmctxth.exe" (Cisco Systems, Inc.) O4 - HKLM..\Run: [WScheduler] C:\PROGRA~2\SystemScheduler\WScheduler.exe /LOGON () O4 - HKU\S-1-5-19..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (Microsoft Corporation) O4 - HKU\S-1-5-19..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (Microsoft Corporation) O4 - HKU\S-1-5-20..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (Microsoft Corporation) O4 - HKU\S-1-5-20..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (Microsoft Corporation) O4 - HKU\S-1-5-21-987286777-748312672-3327065692-1000..\Run: [Actual Booster] C:\Program Files (x86)\Loonies\Actual Booster\ActlBstr.exe (Loonies Software) O4 - HKU\S-1-5-21-987286777-748312672-3327065692-1000..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe (Microsoft Corporation) O4 - HKU\S-1-5-21-987286777-748312672-3327065692-1000..\Run: [Eraser] C:\Program Files\Eraser\Eraser.exe -hide (The Eraser Project) O4 - HKU\S-1-5-21-987286777-748312672-3327065692-1000..\Run: [RoboForm] "C:\Program Files (x86)\Siber Systems\AI RoboForm\RoboTaskBarIcon.exe" (Siber Systems) O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Control Panel present O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Infodelivery present O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\PhishingFilter present O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\TabbedBrowsing present O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: ForceActiveDesktopOn = 0 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 255 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoResolveTrack = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoPropertiesMyComputer = 0 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoViewContextMenu = 0 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoFileAssociate = 0 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoFind = 0 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoRun = 0 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoClose = 0 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: StartMenuLogoff = 0 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoSMHelp = 0 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableInstallerDetection = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableSecureUIAPaths = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableVirtualization = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ValidateAdminCodeSignatures = 0 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: dontdisplaylastusername = 0 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticecaption = O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticetext = O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: scforceoption = 0 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: undockwithoutlogon = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: FilterAdministratorToken = 0 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableUIADesktopToggle = 0 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ShutdownWithoutLogon = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: NoDispCPL = 0 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: NoDispBackgroundPage = 0 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: NoDispSettingsPage = 0 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: NoDispScrSavPage = 0 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 2 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_TEXT = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_BITMAP = 2 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_OEMTEXT = 7 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_DIB = 8 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_PALETTE = 9 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_UNICODETEXT = 13 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_DIBV5 = 17 O7 - HKU\S-1-5-21-987286777-748312672-3327065692-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoCDBurning = 0 O7 - HKU\S-1-5-21-987286777-748312672-3327065692-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoRecentDocsHistory = 0 O7 - HKU\S-1-5-21-987286777-748312672-3327065692-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: ClearRecentDocsOnExit = 0 O7 - HKU\S-1-5-21-987286777-748312672-3327065692-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HideClock = 0 O7 - HKU\S-1-5-21-987286777-748312672-3327065692-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoTrayItemsDisplay = 0 O7 - HKU\S-1-5-21-987286777-748312672-3327065692-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoLowDiskSpaceChecks = 0 O8 - Extra context menu item: Customize Menu - file://C:\Program Files (x86)\Siber Systems\AI RoboForm\RoboFormComCustomizeIEMenu.html File not found O8 - Extra context menu item: Fill Forms - file://C:\Program Files (x86)\Siber Systems\AI RoboForm\RoboFormComFillForms.html File not found O8 - Extra context menu item: RoboForm Toolbar - file://C:\Program Files (x86)\Siber Systems\AI RoboForm\RoboFormComShowToolbar.html File not found O8 - Extra context menu item: Save Forms - file://C:\Program Files (x86)\Siber Systems\AI RoboForm\RoboFormComSavePass.html File not found O9 - Extra 'Tools' menuitem : &Gears Settings - {09C04DA7-5B76-4EBC-BBEE-B25EAC5965F5} - C:\Program Files (x86)\Google\Google Gears\Internet Explorer\0.5.4.2\gears.dll (Google Inc.) O9 - Extra Button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office12\ONBttnIE.dll (Microsoft Corporation) O9 - Extra 'Tools' menuitem : S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office12\ONBttnIE.dll (Microsoft Corporation) O9 - Extra Button: Fill Forms - {320AF880-6646-11D3-ABEE-C5DBF3571F46} - File not found O9 - Extra 'Tools' menuitem : Fill Forms - {320AF880-6646-11D3-ABEE-C5DBF3571F46} - File not found O9 - Extra Button: Save - {320AF880-6646-11D3-ABEE-C5DBF3571F49} - File not found O9 - Extra 'Tools' menuitem : Save Forms - {320AF880-6646-11D3-ABEE-C5DBF3571F49} - File not found O9 - Extra 'Tools' menuitem : &KeyScrambler... - {5C106A59-CC3C-4caa-81A4-6D909B5ACE23} - C:\Program Files (x86)\KeyScrambler\KeyScramblerIE.dll (QFX Software Corporation) O9 - Extra Button: RoboForm - {724d43aa-0d85-11d4-9908-00400523e39a} - File not found O9 - Extra 'Tools' menuitem : RoboForm Toolbar - {724d43aa-0d85-11d4-9908-00400523e39a} - File not found O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\Program Files (x86)\Microsoft Office\Office12\REFIEBAR.DLL (Microsoft Corporation) O10 - NameSpace_Catalog5\Catalog_Entries\000000000001 [@%SystemRoot%\system32\nlasvc.dll,-1000] - C:\Windows\system32\NLAapi.dll (Microsoft Corporation) O10 - NameSpace_Catalog5\Catalog_Entries\000000000002 [@%SystemRoot%\system32\napinsp.dll,-1000] - C:\Windows\system32\napinsp.dll (Microsoft Corporation) O10 - NameSpace_Catalog5\Catalog_Entries\000000000003 [@%SystemRoot%\system32\pnrpnsp.dll,-1000] - C:\Windows\system32\pnrpnsp.dll (Microsoft Corporation) O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [@%SystemRoot%\system32\pnrpnsp.dll,-1001] - C:\Windows\system32\pnrpnsp.dll (Microsoft Corporation) O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [Bluetooth Namespace] - C:\Windows\system32\wshbth.dll (Microsoft Corporation) O15 - HKU\.DEFAULT\..Trusted Domains: 113 domain(s) and sub-domain(s) not assigned to a zone. O15 - HKU\S-1-5-18\..Trusted Domains: 113 domain(s) and sub-domain(s) not assigned to a zone. O15 - HKU\S-1-5-19\..Trusted Domains: 113 domain(s) and sub-domain(s) not assigned to a zone. O15 - HKU\S-1-5-20\..Trusted Domains: 113 domain(s) and sub-domain(s) not assigned to a zone. O15 - HKU\S-1-5-21-987286777-748312672-3327065692-1000\..Trusted Domains: ameritrade.com ([wwws] https in Trusted sites) O15 - HKU\S-1-5-21-987286777-748312672-3327065692-1000\..Trusted Domains: tdameritrade.com ([wwws] https in Trusted sites) O15 - HKU\S-1-5-21-987286777-748312672-3327065692-1000\..Trusted Domains: vectorvest.com ([www] http in Trusted sites) O15 - HKU\S-1-5-21-987286777-748312672-3327065692-1000\..Trusted Domains: vectorvest.com ([www] https in Trusted sites) O15 - HKU\S-1-5-21-987286777-748312672-3327065692-1000\..Trusted Domains: 122 domain(s) and sub-domain(s) not assigned to a zone. O16 - DPF: {01113300-3E00-11D2-8470-0060089874ED} http://supportcenter.rr.com/sdccommon/download/tgctlcm.cab (Support.com Configuration Class) O16 - DPF: {06305358-99CE-4C47-B59C-939B76856C2B} http://download.microsoft.com/download/A/C/4/AC43418A-8C86-4205-803E-249B637EE96B/pmupd806.exe (MSN Money Charting) O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/products/plugin/1.4/jinstall-14_07-windows-i586.cab (Java Plug-in 1.6.0_10) O16 - DPF: {A3E21079-7F41-4125-9EBB-FD44CFCC0AC1} https://www.mesh.com/0.9.3424.31/TSWeb.cab (WLCTSCControl Class) O16 - DPF: {CAFEEFAC-0014-0001-0007-ABCDEFFEDCBA} http://java.sun.com/products/plugin/1.4/jinstall-14_07-windows-i586.cab (Java Plug-in 1.4.1_07) O16 - DPF: {CAFEEFAC-0016-0000-0004-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_04-windows-i586.cab (Java Plug-in 1.6.0_04) O16 - DPF: {CAFEEFAC-0016-0000-0005-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_05-windows-i586.cab (Java Plug-in 1.6.0_05) O16 - DPF: {CAFEEFAC-0016-0000-0006-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_06-windows-i586.cab (Java Plug-in 1.6.0_06) O16 - DPF: {CAFEEFAC-0016-0000-0010-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_10-windows-i586.cab (Java Plug-in 1.6.0_10) O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_10-windows-i586.cab (Java Plug-in 1.6.0_10) O18 - Protocol\Handler\about {3050F406-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysWOW64\mshtml.dll (Microsoft Corporation) O18 - Protocol\Handler\cdl {3dd53d40-7b8b-11D0-b013-00aa0059ce02} - C:\Windows\SysWOW64\urlmon.dll (Microsoft Corporation) O18 - Protocol\Handler\dvd {12D51199-0DB5-46FE-A120-47A3D7D937CC} - C:\Windows\SysWOW64\msvidctl.dll (Microsoft Corporation) O18 - Protocol\Handler\file {79eac9e7-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysWOW64\urlmon.dll (Microsoft Corporation) O18 - Protocol\Handler\ftp {79eac9e3-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysWOW64\urlmon.dll (Microsoft Corporation) O18 - Protocol\Handler\grooveLocalGWS {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveSystemServices.dll (Microsoft Corporation) O18 - Protocol\Handler\http {79eac9e2-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysWOW64\urlmon.dll (Microsoft Corporation) O18 - Protocol\Handler\http\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation) O18 - Protocol\Handler\http\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation) O18 - Protocol\Handler\https {79eac9e5-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysWOW64\urlmon.dll (Microsoft Corporation) O18 - Protocol\Handler\https\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation) O18 - Protocol\Handler\https\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation) O18 - Protocol\Handler\javascript {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysWOW64\mshtml.dll (Microsoft Corporation) O18 - Protocol\Handler\linkscanner {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files (x86)\AVG\AVG8\avgpp.dll (AVG Technologies CZ, s.r.o.) O18 - Protocol\Handler\local {79eac9e7-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysWOW64\urlmon.dll (Microsoft Corporation) O18 - Protocol\Handler\mailto {3050f3DA-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysWOW64\mshtml.dll (Microsoft Corporation) O18 - Protocol\Handler\mk {79eac9e6-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysWOW64\urlmon.dll (Microsoft Corporation) O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation) O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation) O18 - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Program Files (x86)\Common Files\Microsoft Shared\Help\hxds.dll (Microsoft Corporation) O18 - Protocol\Handler\ms-itss {0A9007C0-4076-11D3-8789-0000F8105754} - C:\Program Files (x86)\Common Files\Microsoft Shared\Information Retrieval\msitss.dll (Microsoft Corporation) O18 - Protocol\Handler\pure-go {4746C79A-2042-4332-8650-48966E44ABA8} - C:\Program Files (x86)\Common Files\Pure Networks Shared\Platform\puresp4.dll (Cisco Systems, Inc.) O18 - Protocol\Handler\res {3050F3BC-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysWOW64\mshtml.dll (Microsoft Corporation) O18 - Protocol\Handler\tv {CBD30858-AF45-11D2-B6D6-00C04FBBDE6E} - C:\Windows\SysWOW64\msvidctl.dll (Microsoft Corporation) O18 - Protocol\Handler\vbscript {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysWOW64\mshtml.dll (Microsoft Corporation) O18 - Protocol\Filter: - deflate - C:\Windows\SysWOW64\urlmon.dll (Microsoft Corporation) O18 - Protocol\Filter: - gzip - C:\Windows\SysWOW64\urlmon.dll (Microsoft Corporation) O18 - Protocol\Filter: - text/xml - C:\Program Files (x86)\Common Files\microsoft shared\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation) O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\system32\explorer.exe (Microsoft Corporation) O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - C:\Windows\SysWOW64\webcheck.dll (Microsoft Corporation) O28 - HKLM ShellExecuteHooks: {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll (Microsoft Corporation) O31 - SafeBoot: AlternateShell - cmd.exe O32 - HKLM CDRom: AutoRun - 1 O32 - Autorun File - D:\Autorun.inf () - [ NTFS ] O33 - MountPoints2\{cb3242ec-3881-11dd-a618-001d72311cc4}\Shell\AutoRun\command - "" = H:\PortableRoboForm.exe -- File not found O33 - MountPoints2\{cb3242ec-3881-11dd-a618-001d72311cc4}\Shell\RoboForm2Go\command - "" = H:\PortableRoboForm.exe -- File not found O34 - HKLM BootExecute: (autocheck) - File not found O34 - HKLM BootExecute: (autochk) - C:\Windows\System32\autochk.exe (Microsoft Corporation) O34 - HKLM BootExecute: (/r) - File not found O34 - HKLM BootExecute: (\??\G:) - File not found O34 - HKLM BootExecute: (autocheck) - File not found O34 - HKLM BootExecute: (autochk) - C:\Windows\System32\autochk.exe (Microsoft Corporation) O34 - HKLM BootExecute: (/r) - File not found O34 - HKLM BootExecute: (\??\D:) - File not found O34 - HKLM BootExecute: (autocheck) - File not found O34 - HKLM BootExecute: (autochk) - C:\Windows\System32\autochk.exe (Microsoft Corporation) O34 - HKLM BootExecute: (/r) - File not found O34 - HKLM BootExecute: (\??\C:) - File not found O34 - HKLM BootExecute: (autocheck) - File not found O34 - HKLM BootExecute: (autochk) - C:\Windows\System32\autochk.exe (Microsoft Corporation) O34 - HKLM BootExecute: (*) - File not found O34 - HKLM BootExecute: (d6c4515e9}) - File not found O34 - HKLM BootExecute: (kinnonsbrook.org) - File not found [color=orange]========== Files/Folders - Created Within 30 Days ==========[/color] [2009/04/09 14:54:16 | 00,500,736 | ---- | C] (OldTimer Tools) -- C:\Users\DAD\Desktop\OTListIt2.exe [2009/04/09 14:51:02 | 00,000,000 | ---D | C] -- C:\Rooter$ [2009/04/09 14:42:54 | 42,933,20704 | -HS- | C] () -- C:\hiberfil.sys [2009/04/09 13:10:26 | 00,000,000 | ---D | C] -- C:\Program Files (x86)\Trend Micro [2009/04/07 22:19:49 | 00,000,000 | ---D | C] -- C:\Users\DAD\AppData\Local\Apple Computer [2009/04/07 11:36:13 | 00,059,962 | ---- | C] () -- C:\Users\DAD\Desktop\Amazon.com - Order History_...pdf [2009/04/06 14:04:48 | 00,001,972 | ---- | C] () -- C:\Users\Public\Desktop\VitalSource Bookshelf.lnk [2009/04/06 14:04:47 | 00,000,000 | ---D | C] -- C:\Program Files (x86)\VitalSource Bookshelf [2009/04/06 11:01:38 | 00,000,000 | ---D | C] -- C:\7682722d89c4c50c9899661e203fca [2009/04/06 09:45:24 | 00,443,392 | ---- | C] (IDT, Inc.) -- C:\Windows\sttray64.exe [2009/04/06 09:43:46 | 00,164,352 | ---- | C] (IDT, Inc.) -- C:\Windows\System32\staco.dll [2009/04/05 22:58:47 | 00,014,908 | ---- | C] () -- C:\Users\DAD\Desktop\Curriculum Map.xlsx [2009/04/05 17:47:16 | 00,148,480 | ---- | C] () -- C:\Users\DAD\Desktop\Grade_8th_Math_Alignment_June_30_06.doc [2009/04/04 13:48:53 | 00,059,743 | ---- | C] () -- C:\Users\DAD\Desktop\Gas Mar 2009.pdf [2009/04/03 20:51:56 | 00,000,000 | ---D | C] -- C:\Users\DAD\Documents\Schoolhouse Technologies [2009/04/03 20:51:56 | 00,000,000 | ---D | C] -- C:\Users\DAD\AppData\Roaming\Schoolhouse Technologies [2009/04/03 20:49:56 | 00,000,000 | ---D | C] -- C:\Program Files (x86)\Schoolhouse Technologies [2009/04/03 20:42:53 | 00,000,000 | ---D | C] -- C:\Users\DAD\AppData\Local\Luecky [2009/04/03 19:34:41 | 00,073,029 | ---- | C] () -- C:\Users\DAD\Desktop\VEO Access Form.pdf [2009/04/03 19:26:30 | 00,234,609 | ---- | C] () -- C:\Users\DAD\Desktop\VEO.pdf [2009/04/03 19:23:56 | 00,047,343 | ---- | C] () -- C:\Users\DAD\Desktop\9 478 0848_090307_155147060.pdf [2009/04/03 17:46:36 | 00,013,836 | ---- | C] () -- C:\Users\DAD\Desktop\American Electric Power e-Bill.pdf [2009/04/03 16:09:08 | 00,021,448 | ---- | C] () -- C:\Users\DAD\Desktop\Gmail - Post-Assessment Tes...pdf [2009/04/03 09:08:02 | 00,000,000 | ---D | C] -- C:\Program Files (x86)\AskBarDis [2009/04/03 09:07:15 | 00,000,000 | ---D | C] -- C:\Users\DAD\AppData\Roaming\Foxit [2009/04/02 22:14:55 | 00,000,000 | ---D | C] -- C:\Users\DAD\AppData\Local\Apple [2009/04/02 21:33:02 | 00,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Adobe AIR [2009/04/02 14:22:31 | 00,001,795 | ---- | C] () -- C:\Users\Public\Desktop\Mozilla Firefox.lnk [2009/04/02 14:22:15 | 00,000,000 | ---D | C] -- C:\Program Files (x86)\Mozilla Firefox [2009/04/01 07:30:26 | 00,000,000 | ---D | C] -- C:\Program Files (x86)\Smart PC Utilities [2009/04/01 06:56:59 | 00,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Windows Live [2009/03/31 14:22:30 | 00,000,000 | ---D | C] -- C:\Users\DAD\AppData\Local\Adobe [2009/03/31 13:51:22 | 00,173,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ie4uinit.exe [2009/03/31 13:51:22 | 00,071,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iesetup.dll [2009/03/31 13:51:22 | 00,055,808 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iernonce.dll [2009/03/28 14:06:20 | 00,000,000 | ---D | C] -- C:\Program Files (x86)\CrossLoop [2009/03/28 08:57:00 | 00,164,352 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieui.dll [2009/03/28 08:57:00 | 00,128,512 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\advpack.dll [2009/03/28 08:57:00 | 00,072,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\admparse.dll [2009/03/28 08:57:00 | 00,059,904 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\icardie.dll [2009/03/28 08:57:00 | 00,025,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jsproxy.dll [2009/03/28 08:56:59 | 00,125,952 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieakeng.dll [2009/03/28 08:56:59 | 00,066,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\tdc.ocx [2009/03/28 08:56:59 | 00,018,944 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\corpol.dll [2009/03/28 08:56:58 | 00,156,160 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msls31.dll [2009/03/28 08:56:58 | 00,066,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wextract.exe [2009/03/28 08:56:58 | 00,055,296 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msfeedsbs.dll [2009/03/28 08:56:58 | 00,013,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msfeedssync.exe [2009/03/28 08:56:57 | 01,638,912 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mshtml.tlb [2009/03/28 08:56:57 | 00,445,952 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieapfltr.dll [2009/03/28 08:56:57 | 00,057,667 | ---- | C] () -- C:\Windows\System32\ieuinit.inf [2009/03/28 08:56:57 | 00,046,592 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\pngfilt.dll [2009/03/28 08:56:56 | 00,611,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mstime.dll [2009/03/28 08:56:56 | 00,594,432 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msfeeds.dll [2009/03/28 08:56:56 | 00,348,160 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dxtmsft.dll [2009/03/28 08:56:56 | 00,216,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dxtrans.dll [2009/03/28 08:56:56 | 00,034,816 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\imgutil.dll [2009/03/28 08:56:55 | 00,236,544 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\webcheck.dll [2009/03/28 08:56:55 | 00,229,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieaksie.dll [2009/03/28 08:56:55 | 00,183,808 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iepeers.dll [2009/03/28 08:56:55 | 00,109,568 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\occache.dll [2009/03/28 08:56:55 | 00,094,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\inseng.dll [2009/03/28 08:56:55 | 00,066,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mshtmled.dll [2009/03/28 08:56:55 | 00,043,008 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\licmgr10.dll [2009/03/28 08:56:54 | 00,914,944 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wininet.dll [2009/03/28 08:56:54 | 00,420,352 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\vbscript.dll [2009/03/28 08:56:54 | 00,391,536 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iedkcs32.dll [2009/03/28 08:56:54 | 00,208,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WinFXDocObj.exe [2009/03/28 08:56:54 | 00,193,536 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msrating.dll [2009/03/28 08:56:54 | 00,163,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieakui.dll [2009/03/28 08:56:53 | 00,726,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jscript.dll [2009/03/28 08:56:53 | 00,105,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\url.dll [2009/03/28 08:56:53 | 00,048,128 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mshtmler.dll [2009/03/28 08:56:52 | 03,698,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieapfltr.dat [2009/03/28 08:56:52 | 00,385,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\html.iec [2009/03/28 08:56:52 | 00,169,472 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iexpress.exe [2009/03/28 08:56:52 | 00,132,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieUnatt.exe [2009/03/28 08:56:52 | 00,109,568 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\PDMSetup.exe [2009/03/28 08:56:52 | 00,109,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iesysprep.dll [2009/03/28 08:56:52 | 00,107,520 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\RegisterIEPKEYs.exe [2009/03/28 08:56:52 | 00,107,008 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\SetIEInstalledDate.exe [2009/03/28 08:56:52 | 00,103,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\SetDepNx.exe [2009/03/28 08:56:52 | 00,045,568 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mshta.exe [2009/03/28 08:56:51 | 01,985,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iertutil.dll [2009/03/28 08:56:51 | 01,469,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\inetcpl.cpl [2009/03/28 08:56:51 | 01,206,784 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\urlmon.dll [2009/03/28 08:56:50 | 11,063,808 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieframe.dll [2009/03/28 08:56:49 | 05,937,152 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mshtml.dll [2009/03/28 08:11:43 | 00,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft [2009/03/28 05:21:30 | 00,000,000 | ---D | C] -- C:\Program Files (x86)\Adeona [2009/03/27 16:00:03 | 00,000,000 | ---- | C] () -- C:\Windows\System32\w32apiw.dll [2009/03/27 16:00:01 | 00,000,000 | ---D | C] -- C:\Users\DAD\AppData\Roaming\nCleaner [2009/03/27 15:59:47 | 00,000,000 | ---D | C] -- C:\Program Files (x86)\NKProds [2009/03/27 15:41:17 | 00,000,000 | ---D | C] -- C:\Users\Public\Documents\microsoft [2009/03/27 08:49:37 | 00,000,484 | ---- | C] () -- C:\Windows\tasks\Wise Registry Cleaner 4.job [2009/03/27 08:40:58 | 00,000,000 | ---D | C] -- C:\Program Files (x86)\Wise Registry Cleaner [2009/03/26 16:04:43 | 00,032,764 | ---- | C] () -- C:\Users\DAD\Desktop\LFS 2008 Balance Sheet.pdf [2009/03/26 16:02:18 | 00,036,914 | ---- | C] () -- C:\Users\DAD\Desktop\LFS 2008 Income.pdf [2009/03/25 09:30:52 | 00,077,488 | ---- | C] () -- C:\Users\DAD\Desktop\Verizon Wireless - Pay Bill...pdf [2009/03/24 22:19:07 | 00,000,000 | ---D | C] -- C:\Users\DAD\AppData\Roaming\Move Networks [2009/03/22 23:27:43 | 00,000,000 | ---D | C] -- C:\Program Files (x86)\Ashampoo [2009/03/20 08:55:06 | 00,000,417 | ---- | C] () -- C:\Users\DAD\Desktop\Utilities - Shortcut.lnk [2009/03/20 08:54:32 | 00,000,412 | ---- | C] () -- C:\Users\DAD\Desktop\My Stuff - Shortcut.lnk [2009/03/19 11:02:12 | 00,000,000 | ---D | C] -- C:\219e415231a16e1ab36f [2009/03/19 09:46:11 | 00,012,104 | ---- | C] () -- C:\Users\DAD\Desktop\Order Sent2.pdf [2009/03/19 09:08:22 | 00,054,891 | ---- | C] () -- C:\Users\DAD\Desktop\Gmail - oplates.com confirm2.PDF [2009/03/19 09:07:33 | 00,107,999 | ---- | C] () -- C:\Users\DAD\Desktop\Gmail - oplates.com Order C...pdf [2009/03/19 07:43:32 | 00,012,690 | ---- | C] () -- C:\Users\DAD\Desktop\Jons BMV Reg.pdf [2009/03/14 23:34:32 | 00,000,134 | ---- | C] () -- C:\Windows\System32\09wutili.sys [2009/03/13 13:31:48 | 00,012,672 | ---- | C] () -- C:\Users\DAD\Desktop\Ohio BMV.pdf [2009/03/13 11:37:41 | 00,012,104 | ---- | C] () -- C:\Users\DAD\Desktop\Order Sent.pdf [2009/03/12 16:39:19 | 00,000,000 | ---D | C] -- C:\Users\DAD\AppData\Roaming\ParetoLogic [2009/03/12 16:36:44 | 00,000,000 | ---D | C] -- C:\ProgramData\ParetoLogic [2009/03/12 16:34:02 | 00,000,000 | ---D | C] -- C:\ProgramData\Downloaded Installations [2009/03/10 22:00:07 | 00,268,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\schannel.dll [2009/02/02 10:50:51 | 00,155,384 | ---- | C] () -- C:\Windows\System32\guard32.dll [2008/06/12 21:45:00 | 00,000,376 | ---- | C] () -- C:\Windows\ODBC.INI [2008/05/22 11:16:58 | 00,003,584 | ---- | C] () -- C:\Windows\System32\wceprv.dll [2006/11/02 08:34:27 | 00,000,279 | ---- | C] () -- C:\Windows\win.ini [2006/11/02 08:34:27 | 00,000,219 | ---- | C] () -- C:\Windows\system.ini [color=orange]========== Files - Modified Within 30 Days ==========[/color] [2009/04/09 14:54:25 | 00,500,736 | ---- | M] (OldTimer Tools) -- C:\Users\DAD\Desktop\OTListIt2.exe [2009/04/09 14:43:42 | 00,067,173 | ---- | M] () -- C:\Users\DAD\AppData\Roaming\nvModes.001 [2009/04/09 14:43:23 | 00,000,888 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachine.job [2009/04/09 14:43:09 | 00,000,006 | -H-- | M] () -- C:\Windows\tasks\SA.DAT [2009/04/09 14:42:58 | 00,067,584 | --S- | M] () -- C:\Windows\bootstat.dat [2009/04/09 14:42:54 | 42,933,20704 | -HS- | M] () -- C:\hiberfil.sys [2009/04/09 14:30:41 | 00,000,012 | ---- | M] () -- C:\Windows\bthservsdp.dat [2009/04/09 14:30:36 | 00,000,848 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-987286777-748312672-3327065692-1000.job [2009/04/09 09:53:09 | 00,000,000 | ---- | M] () -- C:\Windows\System32\w32apiw.dll [2009/04/08 09:23:42 | 00,073,029 | ---- | M] () -- C:\Users\DAD\Desktop\VEO Access Form.pdf [2009/04/07 11:36:16 | 00,059,962 | ---- | M] () -- C:\Users\DAD\Desktop\Amazon.com - Order History_...pdf [2009/04/06 14:04:48 | 00,001,972 | ---- | M] () -- C:\Users\Public\Desktop\VitalSource Bookshelf.lnk [2009/04/06 01:28:43 | 00,014,908 | ---- | M] () -- C:\Users\DAD\Desktop\Curriculum Map.xlsx [2009/04/05 17:47:17 | 00,148,480 | ---- | M] () -- C:\Users\DAD\Desktop\Grade_8th_Math_Alignment_June_30_06.doc [2009/04/05 15:04:08 | 00,067,173 | ---- | M] () -- C:\Users\DAD\AppData\Roaming\nvModes.dat [2009/04/04 13:48:55 | 00,059,743 | ---- | M] () -- C:\Users\DAD\Desktop\Gas Mar 2009.pdf [2009/04/03 19:26:34 | 00,234,609 | ---- | M] () -- C:\Users\DAD\Desktop\VEO.pdf [2009/04/03 19:24:00 | 00,047,343 | ---- | M] () -- C:\Users\DAD\Desktop\9 478 0848_090307_155147060.pdf [2009/04/03 17:55:58 | 00,002,003 | ---- | M] () -- C:\Users\DAD\Desktop\Google Chrome.lnk [2009/04/03 17:46:38 | 00,013,836 | ---- | M] () -- C:\Users\DAD\Desktop\American Electric Power e-Bill.pdf [2009/04/03 16:09:10 | 00,021,448 | ---- | M] () -- C:\Users\DAD\Desktop\Gmail - Post-Assessment Tes...pdf [2009/04/03 11:00:20 | 00,012,104 | ---- | M] () -- C:\Users\DAD\Desktop\Order Sent2.pdf [2009/04/03 10:58:55 | 00,012,104 | ---- | M] () -- C:\Users\DAD\Desktop\Order Sent.pdf [2009/04/02 14:22:31 | 00,001,795 | ---- | M] () -- C:\Users\Public\Desktop\Mozilla Firefox.lnk [2009/03/28 15:28:06 | 00,000,258 | RHS- | M] () -- C:\ProgramData\ntuser.pol [2009/03/27 08:49:37 | 00,000,484 | ---- | M] () -- C:\Windows\tasks\Wise Registry Cleaner 4.job [2009/03/26 16:04:47 | 00,032,764 | ---- | M] () -- C:\Users\DAD\Desktop\LFS 2008 Balance Sheet.pdf [2009/03/26 16:02:24 | 00,036,914 | ---- | M] () -- C:\Users\DAD\Desktop\LFS 2008 Income.pdf [2009/03/25 09:30:54 | 00,077,488 | ---- | M] () -- C:\Users\DAD\Desktop\Verizon Wireless - Pay Bill...pdf [2009/03/20 08:55:06 | 00,000,417 | ---- | M] () -- C:\Users\DAD\Desktop\Utilities - Shortcut.lnk [2009/03/20 08:54:32 | 00,000,412 | ---- | M] () -- C:\Users\DAD\Desktop\My Stuff - Shortcut.lnk [2009/03/19 09:08:22 | 00,054,891 | ---- | M] () -- C:\Users\DAD\Desktop\Gmail - oplates.com confirm2.PDF [2009/03/19 09:07:35 | 00,107,999 | ---- | M] () -- C:\Users\DAD\Desktop\Gmail - oplates.com Order C...pdf [2009/03/19 07:43:34 | 00,012,690 | ---- | M] () -- C:\Users\DAD\Desktop\Jons BMV Reg.pdf [2009/03/15 00:19:40 | 00,000,749 | RH-- | M] () -- C:\Windows\WindowsShell.Manifest [2009/03/15 00:19:40 | 00,000,280 | -HS- | M] () -- C:\Users\Public\Documents\desktop.ini [2009/03/15 00:19:40 | 00,000,174 | -HS- | M] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\desktop.ini [2009/03/14 23:35:08 | 00,000,134 | ---- | M] () -- C:\Windows\System32\09wutili.sys [2009/03/13 20:45:09 | 00,071,680 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\iesetup.dll [2009/03/13 20:45:07 | 00,055,808 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\iernonce.dll [2009/03/13 19:08:00 | 00,173,056 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ie4uinit.exe [2009/03/13 13:31:49 | 00,012,672 | ---- | M] () -- C:\Users\DAD\Desktop\Ohio BMV.pdf < End of report >