This topic is locked
Chuck
OTL logfile created on: 3/29/2011 12:28:04 AM - Run 1
OTL by OldTimer - Version 3.2.22.3 Folder = C:\Documents and Settings\os342a\Desktop
Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy
2.00 Gb Total Physical Memory | 1.00 Gb Available Physical Memory | 51.00% Memory free
3.00 Gb Paging File | 2.00 Gb Available in Paging File | 69.00% Paging File free
Paging file location(s): C:\pagefile.sys 768 1536 [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 55.89 Gb Total Space | 2.07 Gb Free Space | 3.70% Space Free | Partition Type: NTFS
Computer Name: 342L-CSHELNUTT | User Name: os342a | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days
========== Processes (SafeList) ==========
PRC - [2011/03/29 00:09:30 | 000,580,608 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\os342a\Desktop\OTL.exe
PRC - [2009/03/05 16:07:20 | 002,260,480 | RHS- | M] (Safer-Networking Ltd.) -- C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
PRC - [2009/01/15 22:12:06 | 000,024,576 | ---- | M] (Intuit) -- C:\Program Files\Common Files\Intuit\QuickBooks\QBCFMonitorService.exe
PRC - [2008/12/30 09:30:59 | 000,382,384 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Java\jre6\bin\jucheck.exe
PRC - [2008/08/19 09:58:34 | 000,108,392 | ---- | M] (Symantec Corporation) -- C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
PRC - [2008/08/19 09:58:32 | 000,115,560 | ---- | M] (Symantec Corporation) -- C:\Program Files\Common Files\Symantec Shared\ccApp.exe
PRC - [2008/08/19 09:58:30 | 002,479,488 | ---- | M] (Symantec Corporation) -- C:\Program Files\Symantec AntiVirus\Smc.exe
PRC - [2008/08/19 09:58:30 | 001,660,288 | ---- | M] (Symantec Corporation) -- C:\Program Files\Symantec AntiVirus\SmcGui.exe
PRC - [2008/08/19 09:58:28 | 002,240,944 | ---- | M] (Symantec Corporation) -- C:\Program Files\Symantec AntiVirus\Rtvscan.exe
PRC - [2008/04/13 19:12:19 | 001,033,728 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
PRC - [2007/02/21 11:19:58 | 000,819,200 | ---- | M] (Intel Corporation) -- C:\Program Files\Intel\Wireless\Bin\ZCfgSvc.exe
PRC - [2007/02/21 11:19:40 | 000,294,912 | ---- | M] (Intel® Corporation) -- C:\Program Files\Intel\Wireless\Bin\WLKEEPER.exe
PRC - [2007/02/21 11:17:42 | 000,970,752 | ---- | M] (Intel Corporation) -- C:\Program Files\Intel\Wireless\Bin\iFrmewrk.exe
PRC - [2007/02/21 11:13:26 | 000,487,424 | ---- | M] (Intel Corporation) -- C:\Program Files\Intel\Wireless\Bin\Dot1XCfg.exe
PRC - [2006/09/16 00:18:06 | 001,037,312 | ---- | M] () -- C:\Program Files\Free Desktop Clock\DesktopClock.exe
PRC - [2006/06/29 12:13:32 | 001,032,192 | ---- | M] (Dell Inc) -- C:\Program Files\Dell\QuickSet\quickset.exe
PRC - [2006/06/29 12:12:34 | 000,376,832 | ---- | M] (Dell Inc.) -- C:\Program Files\Dell\QuickSet\NicConfigSvc.exe
PRC - [2006/05/12 15:04:08 | 000,439,248 | ---- | M] (RealVNC Ltd.) -- C:\Program Files\RealVNC\VNC4\winvnc4.exe
PRC - [2006/04/20 08:34:26 | 001,520,688 | ---- | M] (Cisco Systems, Inc.) -- C:\Program Files\Cisco Systems\VPN Client\cvpnd.exe
PRC - [2001/07/03 09:17:04 | 000,065,536 | ---- | M] () -- C:\Program Files\Hewlett-Packard\HP Share-to-Web\hpgs2wnf.exe
PRC - [2001/07/03 09:11:52 | 000,057,344 | ---- | M] (Hewlett-Packard) -- C:\Program Files\Hewlett-Packard\HP Share-to-Web\hpgs2wnd.exe
========== Modules (SafeList) ==========
MOD - [2011/03/29 00:09:30 | 000,580,608 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\os342a\Desktop\OTL.exe
MOD - [2010/08/23 11:12:02 | 001,054,208 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.6028_x-ww_61e65202\comctl32.dll
MOD - [2008/08/19 09:58:36 | 000,357,760 | ---- | M] (Symantec Corporation) -- C:\WINDOWS\system32\sysfer.dll
========== Win32 Services (SafeList) ==========
SRV - File not found [Disabled | Stopped] -- -- (HidServ)
SRV - [2009/01/15 22:12:06 | 000,024,576 | ---- | M] (Intuit) [Auto | Running] -- C:\Program Files\Common Files\Intuit\QuickBooks\QBCFMonitorService.exe -- (QBCFMonitorService)
SRV - [2008/08/19 09:58:34 | 000,108,392 | ---- | M] (Symantec Corporation) [Auto | Running] -- C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe -- (ccSetMgr)
SRV - [2008/08/19 09:58:34 | 000,108,392 | ---- | M] (Symantec Corporation) [Auto | Running] -- C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe -- (ccEvtMgr)
SRV - [2008/08/19 09:58:30 | 002,479,488 | ---- | M] (Symantec Corporation) [Auto | Running] -- C:\Program Files\Symantec AntiVirus\Smc.exe -- (SmcService)
SRV - [2008/08/19 09:58:30 | 000,288,136 | ---- | M] (Symantec Corporation) [On_Demand | Stopped] -- C:\Program Files\Symantec AntiVirus\SNAC.EXE -- (SNAC)
SRV - [2008/08/19 09:58:28 | 002,240,944 | ---- | M] (Symantec Corporation) [Auto | Running] -- C:\Program Files\Symantec AntiVirus\Rtvscan.exe -- (Symantec AntiVirus)
SRV - [2008/08/08 22:10:46 | 000,061,440 | ---- | M] (Intuit Inc.) [On_Demand | Stopped] -- C:\Program Files\Common Files\Intuit\QuickBooks\FCS\Intuit.QuickBooks.FCS.exe -- (QBFCService)
SRV - [2007/08/11 20:05:27 | 003,093,872 | ---- | M] (Symantec Corporation) [On_Demand | Stopped] -- C:\Program Files\Symantec\LiveUpdate\LuComServer_3_3.EXE -- (LiveUpdate)
SRV - [2007/02/21 11:19:40 | 000,294,912 | ---- | M] (Intel® Corporation) [Auto | Running] -- C:\Program Files\Intel\Wireless\Bin\WLKEEPER.exe -- (WLANKEEPER) Intel®
SRV - [2006/06/29 12:12:34 | 000,376,832 | ---- | M] (Dell Inc.) [Auto | Running] -- C:\Program Files\Dell\QuickSet\NicConfigSvc.exe -- (NICCONFIGSVC)
SRV - [2006/05/12 15:04:08 | 000,439,248 | ---- | M] (RealVNC Ltd.) [Auto | Running] -- C:\Program Files\RealVNC\VNC4\WinVNC4.exe -- (WinVNC4)
SRV - [2006/04/20 08:34:26 | 001,520,688 | ---- | M] (Cisco Systems, Inc.) [Auto | Running] -- C:\Program Files\Cisco Systems\VPN Client\cvpnd.exe -- (CVPND)
========== Driver Services (SafeList) ==========
DRV - [2011/02/15 11:33:34 | 001,360,760 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\Program Files\Common Files\Symantec Shared\VirusDefs\20110328.032\NAVEX15.SYS -- (NAVEX15)
DRV - [2011/02/15 11:33:34 | 000,086,008 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\Program Files\Common Files\Symantec Shared\VirusDefs\20110328.032\NAVENG.SYS -- (NAVENG)
DRV - [2010/09/10 22:32:20 | 000,167,936 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\WpsHelper.sys -- (WpsHelper)
DRV - [2010/05/26 03:00:00 | 000,371,248 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Program Files\Common Files\Symantec Shared\EENGINE\eeCtrl.sys -- (eeCtrl)
DRV - [2010/05/26 03:00:00 | 000,102,448 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\Program Files\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys -- (EraserUtilRebootDrv)
DRV - [2008/10/28 13:36:12 | 000,023,888 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\COH_Mon.sys -- (COH_Mon)
DRV - [2008/10/28 10:54:05 | 000,123,952 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\SYMEVENT.SYS -- (SymEvent)
DRV - [2008/08/19 09:58:36 | 000,040,832 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\WPSDRVnt.sys -- (WPS)
DRV - [2008/08/19 09:58:34 | 000,317,616 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\srtspl.sys -- (SRTSPL)
DRV - [2008/08/19 09:58:34 | 000,279,088 | ---- | M] (Symantec Corporation) [File_System | System | Running] -- C:\WINDOWS\system32\drivers\srtsp.sys -- (SRTSP)
DRV - [2008/08/19 09:58:34 | 000,043,696 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\srtspx.sys -- (SRTSPX)
DRV - [2008/08/19 09:58:32 | 000,091,520 | ---- | M] (Symantec Corporation) [Kernel | Boot | Running] -- C:\WINDOWS\SYSTEM32\Drivers\SysPlant.sys -- (SysPlant)
DRV - [2008/08/19 09:58:32 | 000,049,536 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\Teefer2.sys -- (Teefer2)
DRV - [2008/08/19 09:58:24 | 000,420,400 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCDrv.sys -- (SPBBCDrv)
DRV - [2008/08/19 09:58:24 | 000,191,536 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\WINDOWS\System32\Drivers\SYMTDI.SYS -- (SYMTDI)
DRV - [2008/08/19 09:58:24 | 000,027,696 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\System32\Drivers\SYMREDRV.SYS -- (SYMREDRV)
DRV - [2007/10/10 00:56:20 | 000,101,120 | ---- | M] (Huawei Technologies Co., Ltd.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ewusbmdm.sys -- (hwdatacard)
DRV - [2007/02/21 11:16:12 | 000,012,416 | ---- | M] (Intel Corporation) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\s24trans.sys -- (s24trans)
DRV - [2007/02/08 13:51:16 | 002,209,408 | ---- | M] (Intel® Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\w29n51.sys -- (w29n51) Intel®
DRV - [2006/05/10 15:00:16 | 000,156,160 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\b57xp32.sys -- (b57w2k)
DRV - [2006/04/20 08:33:40 | 000,303,740 | ---- | M] (Cisco Systems, Inc.) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\CVPNDRVA.sys -- (CVPNDRVA)
DRV - [2005/11/10 22:49:24 | 001,406,464 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ati2mtag.sys -- (ati2mtag)
DRV - [2005/08/18 19:22:30 | 000,110,080 | ---- | M] (Deterministic Networks, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\dne2000.sys -- (DNE)
DRV - [2005/08/12 17:50:46 | 000,016,128 | ---- | M] (Dell Inc) [Kernel | System | Running] -- C:\WINDOWS\SYSTEM32\DRIVERS\APPDRV.SYS -- (APPDRV)
DRV - [2005/05/17 04:51:34 | 000,005,315 | ---- | M] (Cisco Systems, Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\CVirtA.sys -- (CVirtA)
DRV - [2005/05/03 15:09:28 | 001,033,728 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\HSF_DPV.SYS -- (HSF_DPV)
DRV - [2005/05/03 15:08:50 | 000,208,384 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\HSFHWICH.sys -- (HSFHWICH)
DRV - [2005/05/03 15:08:44 | 000,705,408 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\HSF_CNXT.sys -- (winachsf)
DRV - [2005/04/21 21:58:38 | 000,092,550 | ---- | M] (O2Micro) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ozscr.sys -- (OZSCR)
DRV - [2004/11/15 15:37:52 | 000,264,440 | ---- | M] (SigmaTel, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\stac97.sys -- (STAC97) Audio Driver (WDM)
DRV - [2004/04/20 11:05:00 | 000,057,404 | ---- | M] (FTDI Ltd.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ftser2k.sys -- (FTSER2K)
DRV - [2004/04/20 11:04:00 | 000,024,209 | ---- | M] (FTDI Ltd.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ftdibus.sys -- (FTDIBUS)
========== Standard Registry (SafeList) ==========
========== Internet Explorer ==========
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://yahoo.com/
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = <local>
========== FireFox ==========
FF - prefs.js..browser.search.defaultenginename: "Ask"
FF - prefs.js..browser.search.order.1: "Ask"
FF - prefs.js..browser.search.selectedEngine: "search"
FF - prefs.js..browser.search.useDBForOrder: true
FF - prefs.js..browser.startup.homepage: "http://www.yahoo.com/"
FF - prefs.js..extensions.enabledItems: {6236BA26-C117-4007-928C-DE0716C7FA79}:1.0.21
FF - prefs.js..extensions.enabledItems: [email protected]:1.0
FF - prefs.js..extensions.enabledItems: {5dbe1e30-a3d9-3e74-dd4e-8221a2b19282}:4.6.6.9
FF - prefs.js..extensions.enabledItems: [email protected]:1.2
FF - prefs.js..keyword.URL: "http://www.bing.com/...form=ZGAADF&q="
FF - HKLM\software\mozilla\Mozilla Firefox 3.0.11\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2010/11/26 19:48:33 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.0.11\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins
FF - HKLM\software\mozilla\Mozilla Firefox 3.0.19\extensions\\Components: C:\Program Files\MSA Cache\install\components [2010/11/26 19:48:33 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.0.19\extensions\\Plugins: C:\Program Files\MSA Cache\install\plugins [2011/02/26 15:03:54 | 000,000,000 | ---D | M]
[2009/06/19 17:43:55 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\os342a\Application Data\Mozilla\Extensions
[2010/10/02 14:57:11 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\os342a\Application Data\Mozilla\Firefox\Profiles\anbsmvhc.default\extensions
[2009/07/23 19:08:56 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Documents and Settings\os342a\Application Data\Mozilla\Firefox\Profiles\anbsmvhc.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}
[2010/05/23 15:17:51 | 000,000,000 | ---D | M] (Chameleon Tom) -- C:\Documents and Settings\os342a\Application Data\Mozilla\Firefox\Profiles\anbsmvhc.default\extensions\{6236BA26-C117-4007-928C-DE0716C7FA79}
[2010/09/20 19:26:09 | 000,000,000 | ---D | M] (Search Toolbar) -- C:\Documents and Settings\os342a\Application Data\Mozilla\Firefox\Profiles\anbsmvhc.default\extensions\[email protected]
[2009/11/03 20:38:56 | 000,000,681 | ---- | M] () -- C:\Documents and Settings\os342a\Application Data\Mozilla\Firefox\Profiles\anbsmvhc.default\searchplugins\ask.xml
[2010/09/20 19:26:09 | 000,001,919 | ---- | M] () -- C:\Documents and Settings\os342a\Application Data\Mozilla\Firefox\Profiles\anbsmvhc.default\searchplugins\bing-zugo.xml
[2008/12/30 09:31:02 | 000,000,000 | ---D | M] (Java Quick Starter) -- C:\PROGRAM FILES\JAVA\JRE6\LIB\DEPLOY\JQS\FF
[2010/05/23 15:18:07 | 000,000,000 | ---D | M] (LoudMo Contextual Ad Assistant) -- C:\PROGRAM FILES\MSA CACHE\INSTALL\EXTENSIONS\{5DBE1E30-A3D9-3E74-DD4E-8221A2B19282}
O1 HOSTS File: ([2011/02/12 22:27:13 | 000,251,328 | RHS- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: 127.0.0.1 www.007guard.com
O1 - Hosts: 127.0.0.1 007guard.com
O1 - Hosts: 127.0.0.1 008i.com
O1 - Hosts: 127.0.0.1 www.008k.com
O1 - Hosts: 127.0.0.1 008k.com
O1 - Hosts: 127.0.0.1 www.00hq.com
O1 - Hosts: 127.0.0.1 00hq.com
O1 - Hosts: 127.0.0.1 010402.com
O1 - Hosts: 127.0.0.1 www.032439.com
O1 - Hosts: 127.0.0.1 032439.com
O1 - Hosts: 127.0.0.1 www.1001-search.info
O1 - Hosts: 127.0.0.1 1001-search.info
O1 - Hosts: 127.0.0.1 www.100888290cs.com
O1 - Hosts: 127.0.0.1 100888290cs.com
O1 - Hosts: 127.0.0.1 www.100sexlinks.com
O1 - Hosts: 127.0.0.1 100sexlinks.com
O1 - Hosts: 127.0.0.1 www.10sek.com
O1 - Hosts: 127.0.0.1 10sek.com
O1 - Hosts: 127.0.0.1 www.123topsearch.com
O1 - Hosts: 127.0.0.1 123topsearch.com
O1 - Hosts: 127.0.0.1 www.132.com
O1 - Hosts: 127.0.0.1 132.com
O1 - Hosts: 127.0.0.1 www.136136.net
O1 - Hosts: 127.0.0.1 136136.net
O1 - Hosts: 8757 more lines...
O2 - BHO: (no name) - {0b3150e4-6bfb-4d05-a1c3-0e61a284eb2a} - No CLSID value found.
O2 - BHO: (Spybot-S&D IE Protection) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
O2 - BHO: (Java™ Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll (Sun Microsystems, Inc.)
O2 - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.6.6209.1142\swg.dll (Google Inc.)
O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O4 - HKLM..\Run: [ccApp] C:\Program Files\Common Files\Symantec Shared\ccApp.exe (Symantec Corporation)
O4 - HKLM..\Run: [Dell QuickSet] C:\Program Files\Dell\QuickSet\quickset.exe (Dell Inc)
O4 - HKLM..\Run: [IntelWireless] C:\Program Files\Intel\Wireless\Bin\ifrmewrk.exe (Intel Corporation)
O4 - HKLM..\Run: [IntelZeroConfig] C:\Program Files\Intel\Wireless\bin\ZCfgSvc.exe (Intel Corporation)
O4 - HKLM..\Run: [Intuit SyncManager] C:\Program Files\Common Files\Intuit\Sync\IntuitSyncManager.exe (Intuit Inc. All rights reserved.)
O4 - HKLM..\Run: [Share-to-Web Namespace Daemon] C:\Program Files\Hewlett-Packard\HP Share-to-Web\hpgs2wnd.exe (Hewlett-Packard)
O4 - HKCU..\Run: [D:\setup.exe] File not found
O4 - HKCU..\Run: [DriverCure] File not found
O4 - HKCU..\Run: [DW6] File not found
O4 - HKCU..\Run: [SkinClock] C:\Program Files\Free Desktop Clock\DesktopClock.exe ()
O4 - HKCU..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe (Safer-Networking Ltd.)
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\QuickBooks Update Agent.lnk = C:\Program Files\Common Files\Intuit\QuickBooks\QBUpdate\qbupdate.exe (Intuit Inc.)
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\VPN Client.lnk = C:\WINDOWS\Installer\{D25122BC-A60E-4663-B602-B01718F12044}\Icon3E5562ED7.ico ()
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 255
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: disablecad = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 149
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDesktopCleanupWizard = 1
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoSMConfigurePrograms = 1
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoFind = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoLogOff = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoSetFolders = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: DisallowRun = 0
O8 - Extra context menu item: Google Sidewiki... - C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_D183CA64F05FDD98.dll (Google Inc.)
O9 - Extra 'Tools' menuitem : Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O15 - HKCU\..Trusted Domains: ra-training.com ([]* in Trusted sites)
O15 - HKCU\..Trusted Domains: rockwell.com ([]* in Trusted sites)
O15 - HKCU\..Trusted Domains: rockwellautomation.com ([]* in Trusted sites)
O16 - DPF: {02BCC737-B171-4746-94C9-0D8A0B2C0089} http://office.micros...n/ieawsdc32.cab (Microsoft Office Template and Media Control)
O16 - DPF: {166B1BCA-3F9C-11CF-8075-444553540000} http://download.macr...director/sw.cab (Shockwave ActiveX Control)
O16 - DPF: {1A1F0774-EDE6-4255-A411-B2A730D6A6DD} http://raiseinstall....1-dvd/setup.exe (InstallShield Setup Player 2K2)
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} http://www.update.mi...b?1209392131351 (MUWebControl Class)
O16 - DPF: {8100D56A-5661-482C-BEE8-AFECE305D968} http://upload.facebo...oUploader55.cab (Facebook Photo Uploader 5 Control)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_11)
O16 - DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} http://fpdownload.ma...t/ultrashim.cab (Reg Error: Key error.)
O16 - DPF: {91B29AFF-E4FF-11D6-8C88-00A0C9D7BBEB} http://www.ab.com/su...veWebUpdate.cab (RADriveWebUpdateCtrl Class)
O16 - DPF: {CAFEEFAC-0015-0000-0006-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.5.0_06)
O16 - DPF: {CAFEEFAC-0016-0000-0005-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_05)
O16 - DPF: {CAFEEFAC-0016-0000-0006-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_06)
O16 - DPF: {CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_07)
O16 - DPF: {CAFEEFAC-0016-0000-0011-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_11)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_11)
O16 - DPF: {E06E2E99-0AA1-11D4-ABA6-0060082AA75C} https://rockwellauto...bex/ieatgpc.cab (GpcContainer Class)
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.ad...Plus/1.6/gp.cab (Reg Error: Key error.)
O16 - DPF: {FFBB3F3B-0A5A-4106-BE53-DFE1E2340CB1} http://dlm.tools.aka...ivex-latest.cab (DownloadManager Control)
O16 - DPF: Microsoft XML Parser for Java file:///C:/WINDOWS/Java/classes/xmldso.cab (Reg Error: Key error.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.254
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: Domain = irby.com
O18 - Protocol\Handler\intu-help-qb2 {84D77A00-41B5-4b8b-8ADF-86486D72E749} - C:\Program Files\Intuit\QuickBooks 2009\HelpAsyncPluggableProtocol.dll (Intuit, Inc.)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: GinaDLL - (palgina.dll) - C:\WINDOWS\System32\palgina.dll (WorldCom, Inc.)
O20 - Winlogon\Notify\AtiExtEvent: DllName - Ati2evxx.dll - C:\WINDOWS\System32\ati2evxx.dll (ATI Technologies Inc.)
O20 - Winlogon\Notify\NavLogon: DllName - Reg Error: Value error. - Reg Error: Value error. File not found
O24 - Desktop WallPaper: C:\Documents and Settings\os342a\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O24 - Desktop BackupWallPaper: C:\Documents and Settings\os342a\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2008/04/25 16:24:20 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O33 - MountPoints2\{43254820-9199-11de-807a-000e35e60b0f}\Shell - "" = AutoRun
O33 - MountPoints2\{43254820-9199-11de-807a-000e35e60b0f}\Shell\AutoRun - "" = Auto&Play
O33 - MountPoints2\{43254820-9199-11de-807a-000e35e60b0f}\Shell\AutoRun\command - "" = C:\WINDOWS\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL Practica-1.doc.exe
O33 - MountPoints2\{c3c00bd0-29bc-11de-bfd5-000e35e60b0f}\Shell - "" = AutoRun
O33 - MountPoints2\{c3c00bd0-29bc-11de-bfd5-000e35e60b0f}\Shell\AutoRun - "" = Auto&Play
O33 - MountPoints2\{c3c00bd0-29bc-11de-bfd5-000e35e60b0f}\Shell\AutoRun\command - "" = E:\LaunchU3.exe -a
O33 - MountPoints2\{ddcc1a7e-52a0-11dd-be58-000e35e60b0f}\Shell - "" = AutoRun
O33 - MountPoints2\{ddcc1a7e-52a0-11dd-be58-000e35e60b0f}\Shell\AutoRun - "" = Auto&Play
O33 - MountPoints2\{ddcc1a7e-52a0-11dd-be58-000e35e60b0f}\Shell\AutoRun\command - "" = E:\LaunchU3.exe -a
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
========== Files/Folders - Created Within 30 Days ==========
[2011/03/29 00:09:28 | 000,580,608 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\os342a\Desktop\OTL.exe
[2011/03/28 18:18:18 | 000,000,000 | ---D | C] -- C:\Documents and Settings\os342a\My Documents\Electronic Arts
[2011/03/28 18:12:11 | 000,000,000 | ---D | C] -- C:\Documents and Settings\os342a\Local Settings\Application Data\Electronic Arts
[2011/03/28 18:09:19 | 000,000,000 | ---D | C] -- C:\ProgramData
[2011/03/28 18:09:19 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Electronic Arts
[2011/03/28 18:08:39 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft WSE
[2011/03/28 18:07:33 | 000,000,000 | ---D | C] -- C:\WINDOWS\LastGood
[2011/03/28 18:07:22 | 000,000,000 | ---D | C] -- C:\WINDOWS\Logs
[2011/03/28 18:07:17 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Electronic Arts
[2011/03/28 17:58:53 | 000,000,000 | ---D | C] -- C:\Documents and Settings\os342a\My Documents\Downloads
[2011/03/28 17:58:43 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\UAB
[2011/03/28 17:58:30 | 000,000,000 | ---D | C] -- C:\Documents and Settings\os342a\Local Settings\Application Data\PC_Drivers_Headquarters
[2011/03/28 17:58:17 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Driver Boost
[2011/03/28 17:56:21 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\DriverBoost
[2011/03/28 17:56:10 | 000,000,000 | ---D | C] -- C:\Program Files\DriverBoost
[2011/03/28 17:40:11 | 000,000,000 | ---D | C] -- C:\Program Files\Electronic Arts
[2011/03/28 09:39:08 | 000,000,000 | ---D | C] -- C:\Documents and Settings\os342a\Desktop\engagement
[2011/03/12 21:32:13 | 000,000,000 | ---D | C] -- C:\Documents and Settings\os342a\My Documents\HRBlock
[2011/03/06 21:18:12 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\H&R Block 2010
[2011/03/06 21:17:30 | 000,000,000 | ---D | C] -- C:\Program Files\HRBlock2010
[2011/02/27 23:43:15 | 000,000,000 | -H-D | C] -- C:\WINDOWS\ie8
[7 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
========== Files - Modified Within 30 Days ==========
[2011/11/06 18:16:48 | 000,204,547 | ---- | M] (Sheridan Software Systems, Inc.) -- C:\WINDOWS\System32\THREED32.OCX
[2011/03/29 00:09:30 | 000,580,608 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\os342a\Desktop\OTL.exe
[2011/03/29 00:08:04 | 000,000,886 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
[2011/03/28 18:11:51 | 000,000,889 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\EA Download Manager.lnk
[2011/03/28 18:07:17 | 000,001,723 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\The Sims™ 3.lnk
[2011/03/28 17:56:22 | 000,001,974 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\DriverBoost.lnk
[2011/03/28 17:08:00 | 000,000,882 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
[2011/03/28 12:37:30 | 000,000,424 | -H-- | M] () -- C:\WINDOWS\tasks\User_Feed_Synchronization-{DE1E8578-012B-4A5A-9316-4D0975C50657}.job
[2011/03/28 08:44:00 | 000,002,206 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2011/03/28 08:43:05 | 000,002,447 | ---- | M] () -- C:\Documents and Settings\All Users\Start Menu\Programs\Startup\VPN Client.lnk
[2011/03/28 08:40:46 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2011/03/24 23:58:29 | 000,000,792 | ---- | M] () -- C:\Documents and Settings\os342a\Application Data\Microsoft\Internet Explorer\Quick Launch\Launch Microsoft Office Outlook.lnk
[2011/03/14 15:40:42 | 000,444,156 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
[2011/03/14 15:40:42 | 000,072,248 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
[2011/03/10 04:06:55 | 000,001,374 | ---- | M] () -- C:\WINDOWS\imsins.BAK
[2011/03/06 21:19:02 | 000,001,682 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\H&R Block 2010.lnk
[2011/02/27 23:50:54 | 000,000,815 | ---- | M] () -- C:\Documents and Settings\os342a\Application Data\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk
[7 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
========== Files Created - No Company Name ==========
[2011/03/28 18:11:51 | 000,000,889 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\EA Download Manager.lnk
[2011/03/28 18:07:17 | 000,001,723 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\The Sims™ 3.lnk
[2011/03/28 17:56:22 | 000,001,974 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\DriverBoost.lnk
[2011/03/06 21:19:02 | 000,001,682 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\H&R Block 2010.lnk
[2011/02/27 23:50:54 | 000,000,803 | ---- | C] () -- C:\Documents and Settings\os342a\Start Menu\Programs\Internet Explorer.lnk
[2011/01/03 19:36:59 | 000,354,816 | ---- | C] () -- C:\WINDOWS\System32\psisdecd.dll
[2011/01/01 23:35:57 | 000,000,064 | ---- | C] () -- C:\WINDOWS\GPlrLanc.dat
[2010/03/01 18:20:13 | 000,000,091 | ---- | C] () -- C:\WINDOWS\CIV.INI
[2010/03/01 18:19:49 | 000,056,832 | ---- | C] () -- C:\WINDOWS\System32\IYVU9_32.DLL
[2009/12/02 21:12:13 | 000,000,664 | ---- | C] () -- C:\WINDOWS\System32\d3d9caps.dat
[2009/08/03 16:07:42 | 000,403,816 | ---- | C] () -- C:\WINDOWS\System32\OGACheckControl.dll
[2009/08/03 16:07:42 | 000,230,768 | ---- | C] () -- C:\WINDOWS\System32\OGAEXEC.exe
[2009/07/08 21:10:19 | 000,000,839 | ---- | C] () -- C:\WINDOWS\wininit.ini
[2009/06/19 17:43:56 | 000,000,000 | ---- | C] () -- C:\WINDOWS\nsreg.dat
[2009/06/08 20:10:44 | 000,002,528 | ---- | C] () -- C:\Documents and Settings\LocalService\Application Data\$_hpcst$.hpc
[2009/05/01 13:36:01 | 000,087,800 | ---- | C] () -- C:\WINDOWS\System32\cpwmon2k.dll
[2008/12/29 16:49:59 | 000,000,090 | ---- | C] () -- C:\WINDOWS\QBChanUtil_Trigger.ini
[2008/12/16 23:38:56 | 001,294,336 | ---- | C] () -- C:\WINDOWS\System32\MGIIpl2A6.dll
[2008/12/16 23:38:26 | 000,000,002 | ---- | C] () -- C:\WINDOWS\PhotoSuite.ini
[2008/12/16 23:38:22 | 001,093,632 | ---- | C] () -- C:\WINDOWS\System32\MGIIpl2PX.dll
[2008/12/16 23:38:21 | 000,332,800 | ---- | C] () -- C:\WINDOWS\System32\FPXLIB.DLL
[2008/12/16 23:38:21 | 000,122,880 | ---- | C] () -- C:\WINDOWS\System32\JPEGLIB.DLL
[2008/12/16 23:38:21 | 000,122,880 | ---- | C] () -- C:\WINDOWS\System32\EnrouteStitch.dll
[2008/12/16 23:38:21 | 000,020,480 | ---- | C] () -- C:\WINDOWS\System32\MGIIpl2.dll
[2008/12/16 23:38:21 | 000,019,968 | ---- | C] () -- C:\WINDOWS\System32\CPUINF32.DLL
[2008/12/16 23:28:32 | 000,026,112 | R--- | C] () -- C:\WINDOWS\RunUnDrv.exe
[2008/10/20 16:52:16 | 000,000,012 | ---- | C] () -- C:\WINDOWS\explorer.exe.local
[2008/09/19 17:02:49 | 000,002,528 | ---- | C] () -- C:\Documents and Settings\os342a\Application Data\$_hpcst$.hpc
[2008/07/25 14:53:08 | 000,000,058 | ---- | C] () -- C:\WINDOWS\XWORKS.INI
[2008/07/17 09:32:06 | 000,000,028 | ---- | C] () -- C:\WINDOWS\pdf995.ini
[2008/07/15 15:22:57 | 000,000,060 | ---- | C] () -- C:\WINDOWS\wpd99.drv
[2008/07/15 15:22:55 | 000,051,716 | ---- | C] () -- C:\WINDOWS\System32\pdf995mon.dll
[2008/06/03 14:52:08 | 000,000,092 | ---- | C] () -- C:\WINDOWS\System32\ftdiun2k.ini
[2008/05/20 10:14:54 | 000,006,550 | ---- | C] () -- C:\WINDOWS\jautoexp.dat
[2008/04/30 12:27:47 | 000,161,792 | ---- | C] () -- C:\WINDOWS\System32\Apicall.dll
[2008/04/30 12:08:34 | 000,000,070 | ---- | C] () -- C:\WINDOWS\MA.INI
[2008/04/30 10:29:39 | 000,000,069 | ---- | C] () -- C:\WINDOWS\webcdprotocol.ini
[2008/04/30 10:27:36 | 000,000,124 | ---- | C] () -- C:\WINDOWS\udat.INI
[2008/04/30 10:27:36 | 000,000,057 | ---- | C] () -- C:\WINDOWS\MB4.2.INI
[2008/04/30 10:26:59 | 000,122,880 | ---- | C] () -- C:\WINDOWS\System32\MAProjectHandler.dll
[2008/04/30 10:26:59 | 000,036,864 | ---- | C] () -- C:\WINDOWS\System32\Bfa.dll
[2008/04/30 10:17:54 | 000,007,168 | ---- | C] () -- C:\WINDOWS\System32\Dtctrace.dll
[2008/04/30 09:59:34 | 000,000,013 | ---- | C] () -- C:\WINDOWS\MFIMPORT.INI
[2008/04/30 09:59:29 | 000,000,000 | ---- | C] () -- C:\WINDOWS\Dialregi.INI
[2008/04/30 09:57:31 | 000,009,958 | ---- | C] () -- C:\WINDOWS\PropBldr.INI
[2008/04/30 09:49:06 | 000,000,075 | ---- | C] () -- C:\WINDOWS\abecadcb.ini
[2008/04/30 09:16:39 | 000,002,001 | ---- | C] () -- C:\WINDOWS\fw.ini
[2008/04/29 10:43:12 | 000,023,040 | ---- | C] () -- C:\Documents and Settings\os342a\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2008/04/28 12:27:19 | 000,000,000 | ---- | C] () -- C:\WINDOWS\VPC32.INI
[2008/04/28 12:19:37 | 000,000,041 | ---- | C] () -- C:\WINDOWS\CSERVE.INI
[2008/04/28 08:21:14 | 000,000,376 | ---- | C] () -- C:\WINDOWS\ODBC.INI
[2008/04/25 17:04:58 | 000,000,004 | -H-- | C] () -- C:\Documents and Settings\All Users\Application Data\QSLLPSVCShare
[2008/04/25 16:53:38 | 000,104,376 | ---- | C] () -- C:\WINDOWS\System32\atiicdxx.dat
[2008/04/25 16:27:54 | 000,002,048 | --S- | C] () -- C:\WINDOWS\bootstat.dat
[2008/04/25 16:20:56 | 000,021,640 | ---- | C] () -- C:\WINDOWS\System32\emptyregdb.dat
[2008/04/25 11:14:38 | 000,004,161 | ---- | C] () -- C:\WINDOWS\ODBCINST.INI
[2008/04/25 11:13:20 | 000,318,744 | ---- | C] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2006/04/20 08:34:38 | 000,197,680 | ---- | C] () -- C:\WINDOWS\System32\vpnapi.dll
[2006/04/20 08:34:24 | 000,193,584 | ---- | C] () -- C:\WINDOWS\System32\CSGina.dll
[2005/03/21 18:48:05 | 013,107,200 | ---- | C] () -- C:\WINDOWS\System32\oembios.bin
[2005/03/21 18:48:05 | 000,004,627 | ---- | C] () -- C:\WINDOWS\System32\oembios.dat
[2004/08/04 05:00:00 | 000,673,088 | ---- | C] () -- C:\WINDOWS\System32\mlang.dat
[2004/08/04 05:00:00 | 000,444,156 | ---- | C] () -- C:\WINDOWS\System32\perfh009.dat
[2004/08/04 05:00:00 | 000,272,128 | ---- | C] () -- C:\WINDOWS\System32\perfi009.dat
[2004/08/04 05:00:00 | 000,218,003 | ---- | C] () -- C:\WINDOWS\System32\dssec.dat
[2004/08/04 05:00:00 | 000,072,248 | ---- | C] () -- C:\WINDOWS\System32\perfc009.dat
[2004/08/04 05:00:00 | 000,046,258 | ---- | C] () -- C:\WINDOWS\System32\mib.bin
[2004/08/04 05:00:00 | 000,028,626 | ---- | C] () -- C:\WINDOWS\System32\perfd009.dat
[2004/08/04 05:00:00 | 000,004,569 | ---- | C] () -- C:\WINDOWS\System32\secupd.dat
[2004/08/04 05:00:00 | 000,001,804 | ---- | C] () -- C:\WINDOWS\System32\dcache.bin
[2004/08/04 05:00:00 | 000,000,741 | ---- | C] () -- C:\WINDOWS\System32\noise.dat
[2003/01/07 15:05:08 | 000,002,695 | ---- | C] () -- C:\WINDOWS\System32\OUTLPERF.INI
[2001/08/07 18:59:54 | 000,012,288 | ---- | C] () -- C:\WINDOWS\System32\HPNVRRes.dll
[2001/01/24 01:31:18 | 000,151,552 | ---- | C] () -- C:\WINDOWS\System32\prntfix.exe
[2000/04/14 16:50:02 | 000,343,040 | ---- | C] () -- C:\WINDOWS\System32\Lffpx7.dll
[1998/06/11 14:08:06 | 000,095,232 | ---- | C] () -- C:\WINDOWS\System32\Lfkodak.dll
========== LOP Check ==========
[2011/02/12 22:30:13 | 000,000,000 | -HSD | M] -- C:\Documents and Settings\All Users\Application Data\9edb11
[2008/07/08 08:55:27 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Applications
[2008/08/16 20:22:38 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Application Data\CanonBJ
[2008/12/29 16:49:57 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\COMMON FILES
[2011/03/28 17:58:17 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Driver Boost
[2009/02/06 16:15:41 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\DriverCure
[2011/03/28 18:11:50 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Electronic Arts
[2009/02/06 15:25:46 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\ParetoLogic
[2009/04/30 16:17:06 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\pdf995
[2011/02/12 22:25:34 | 000,000,000 | -HSD | M] -- C:\Documents and Settings\All Users\Application Data\SIXENEKUP
[2009/01/12 15:47:27 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\SQL Anywhere 10
[2011/03/06 21:05:24 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\TaxCut
[2011/03/28 17:58:43 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\UAB
[2010/11/26 19:51:00 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\{429CAD59-35B1-4DBC-BB6D-1DB246563521}
[2010/05/15 17:52:51 | 000,000,000 | -HSD | M] -- C:\Documents and Settings\os342a\Application Data\.#
[2010/06/02 22:03:39 | 000,000,000 | ---D | M] -- C:\Documents and Settings\os342a\Application Data\com.adobe.mauby.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1
[2009/02/06 15:26:37 | 000,000,000 | ---D | M] -- C:\Documents and Settings\os342a\Application Data\DriverCure
[2011/02/26 01:57:04 | 000,000,000 | ---D | M] -- C:\Documents and Settings\os342a\Application Data\ElevatedDiagnostics
[2009/06/19 16:02:00 | 000,000,000 | ---D | M] -- C:\Documents and Settings\os342a\Application Data\GetRightToGo
[2009/01/12 10:09:42 | 000,000,000 | ---D | M] -- C:\Documents and Settings\os342a\Application Data\HorizonWimba
[2010/06/01 19:47:55 | 000,000,000 | ---D | M] -- C:\Documents and Settings\os342a\Application Data\Leadertech
[2010/06/10 22:48:27 | 000,000,000 | ---D | M] -- C:\Documents and Settings\os342a\Application Data\LegalSounds
[2008/07/17 09:32:06 | 000,000,000 | ---D | M] -- C:\Documents and Settings\os342a\Application Data\pdf995
[2008/07/10 08:08:29 | 000,000,000 | ---D | M] -- C:\Documents and Settings\os342a\Application Data\Rockwell Automation
[2008/08/12 20:32:41 | 000,000,000 | ---D | M] -- C:\Documents and Settings\os342a\Application Data\Smith Micro
[2010/07/14 13:57:59 | 000,000,000 | ---D | M] -- C:\Documents and Settings\os342a\Application Data\Sony Online Entertainment
[2011/03/06 21:19:37 | 000,000,000 | ---D | M] -- C:\Documents and Settings\os342a\Application Data\TaxCut
[2008/12/16 10:53:34 | 000,000,000 | ---D | M] -- C:\Documents and Settings\os342a\Application Data\webex
[2009/12/19 19:07:27 | 000,000,000 | ---D | M] -- C:\Documents and Settings\os342a\Application Data\Wildlife Zoo
[2011/03/28 12:37:30 | 000,000,424 | -H-- | M] () -- C:\WINDOWS\Tasks\User_Feed_Synchronization-{DE1E8578-012B-4A5A-9316-4D0975C50657}.job
========== Purity Check ==========
< End of report >
Sign In
Create Account
