Jump to content

Welcome to Geeks to Go - Register now for FREE

Need help with your computer or device? Want to learn new tech skills? You're in the right place!
Geeks to Go is a friendly community of tech experts who can solve any problem you have. Just create a free account and post your question. Our volunteers will reply quickly and guide you through the steps. Don't let tech troubles stop you. Join Geeks to Go now and get the support you need!

How it Works Create Account
Photo

Help rat on computer


  • Please log in to reply

#1
bobofalltrades

bobofalltrades

    New Member

  • Member
  • Pip
  • 1 posts
my friend "accidentally" put a rat on my computer well a couple actually i think sooo he put it on my computer and he said that it's completely fud well the rat didn't show up for him and now he doesn't know how to uninstall and it's been slowing down my computer ALOT when i log on a couple command prompt type screens pop up and then disappear real quick since he put it on there. when i close it in command prompt it just reopens itself so idk what to do please help.


OTL logfile created on: 6/18/2011 9:10:29 PM - Run 1
OTL by OldTimer - Version 3.2.24.1 Folder = C:\Documents and Settings\Owner\Desktop
Windows XP Home Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

1023.48 Mb Total Physical Memory | 301.36 Mb Available Physical Memory | 29.44% Memory free
1.45 Gb Paging File | 0.62 Gb Available in Paging File | 42.50% Paging File free
Paging file location(s): C:\pagefile.sys 564 1128 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 270.45 Gb Total Space | 137.14 Gb Free Space | 50.71% Space Free | Partition Type: NTFS
Drive F: | 195.31 Gb Total Space | 193.99 Gb Free Space | 99.32% Space Free | Partition Type: NTFS

Computer Name: RANDY-F835253BE | User Name: Owner | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2011/06/18 21:09:10 | 000,579,072 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Owner\Desktop\OTL.exe
PRC - [2011/05/10 16:03:16 | 001,205,760 | ---- | M] (W3i, LLC) -- C:\Program Files\W3i\InstallIQUpdater\InstallIQUpdater.exe
PRC - [2011/04/16 18:45:11 | 000,130,008 | R--- | M] (Symantec Corporation) -- C:\Program Files\Norton 360\Engine\5.1.0.29\ccSvcHst.exe
PRC - [2010/01/01 02:00:00 | 000,917,504 | ---- | M] (Mozilla Corporation) -- C:\Program Files\Mozilla Firefox\firefox.exe
PRC - [2008/04/13 18:12:19 | 001,033,728 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
PRC - [2007/01/04 15:38:08 | 000,024,652 | ---- | M] (Viewpoint Corporation) -- C:\Program Files\Viewpoint\Common\ViewpointService.exe
PRC - [2006/12/23 19:05:20 | 000,143,360 | ---- | M] (Nero AG) -- C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe
PRC - [2006/12/23 19:04:42 | 000,905,216 | ---- | M] (Nero AG) -- C:\Program Files\Common Files\Ahead\Lib\NMIndexStoreSvr.exe
PRC - [2006/11/25 23:14:40 | 000,311,296 | ---- | M] () -- C:\Program Files\Mouse Driver\MouseDrv.exe


========== Modules (SafeList) ==========

MOD - [2011/06/18 21:09:10 | 000,579,072 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Owner\Desktop\OTL.exe
MOD - [2011/04/28 18:29:01 | 000,413,112 | R--- | M] (Symantec Corporation) -- C:\Program Files\Norton 360\Engine\5.1.0.29\asOEHook.dll
MOD - [2011/04/18 22:51:18 | 000,653,136 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\WinSxS\x86_Microsoft.VC90.CRT_1fc8b3b9a1e18e3b_9.0.30729.6161_x-ww_31a54e43\msvcr90.dll
MOD - [2011/04/18 22:51:18 | 000,569,680 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\WinSxS\x86_Microsoft.VC90.CRT_1fc8b3b9a1e18e3b_9.0.30729.6161_x-ww_31a54e43\msvcp90.dll
MOD - [2010/08/23 10:12:02 | 001,054,208 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.6028_x-ww_61e65202\comctl32.dll


========== Win32 Services (SafeList) ==========

SRV - File not found [On_Demand | Stopped] -- -- (UZVYIRN)
SRV - File not found [On_Demand | Stopped] -- -- (AppMgmt)
SRV - [2011/04/16 18:45:11 | 000,130,008 | R--- | M] (Symantec Corporation) [Unknown | Running] -- C:\Program Files\Norton 360\Engine\5.1.0.29\ccSvcHst.exe -- (N360)
SRV - [2007/01/04 15:38:08 | 000,024,652 | ---- | M] (Viewpoint Corporation) [Auto | Running] -- C:\Program Files\Viewpoint\Common\ViewpointService.exe -- (Viewpoint Manager Service)


========== Driver Services (SafeList) ==========

DRV - [2011/06/12 11:27:03 | 000,126,584 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\SYMEVENT.SYS -- (SymEvent)
DRV - [2011/06/12 01:00:00 | 001,542,392 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\Documents and Settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_5.1.0.29\Definitions\VirusDefs\20110618.009\NAVEX15.SYS -- (NAVEX15)
DRV - [2011/06/12 01:00:00 | 000,374,392 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Program Files\Common Files\Symantec Shared\EENGINE\eeCtrl.sys -- (eeCtrl)
DRV - [2011/06/12 01:00:00 | 000,105,592 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\Program Files\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys -- (EraserUtilRebootDrv)
DRV - [2011/06/12 01:00:00 | 000,086,008 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\Documents and Settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_5.1.0.29\Definitions\VirusDefs\20110618.009\NAVENG.SYS -- (NAVENG)
DRV - [2011/06/02 19:08:20 | 000,355,256 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\Documents and Settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_5.1.0.29\Definitions\IPSDefs\20110615.001\IDSXpx86.sys -- (IDSxpx86)
DRV - [2011/05/19 13:37:06 | 000,810,616 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Documents and Settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_5.1.0.29\Definitions\BASHDefs\20110616.003\BHDrvx86.sys -- (BHDrvx86)
DRV - [2011/03/30 21:00:09 | 000,516,216 | R--- | M] (Symantec Corporation) [File_System | System | Running] -- C:\WINDOWS\system32\drivers\N360\0501000.01D\SRTSP.SYS -- (SRTSP)
DRV - [2011/03/30 21:00:09 | 000,050,168 | R--- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\N360\0501000.01D\SRTSPX.SYS -- (SRTSPX) Symantec Real Time Storage Protection (PEL)
DRV - [2011/03/21 18:39:49 | 000,369,784 | R--- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\N360\0501000.01D\SYMTDI.SYS -- (SYMTDI)
DRV - [2011/03/14 20:31:23 | 000,744,568 | R--- | M] (Symantec Corporation) [File_System | Boot | Running] -- C:\WINDOWS\system32\drivers\N360\0501000.01D\SYMEFA.SYS -- (SymEFA)
DRV - [2011/01/27 00:47:10 | 000,340,088 | R--- | M] (Symantec Corporation) [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\N360\0501000.01D\SYMDS.SYS -- (SymDS)
DRV - [2011/01/26 23:07:05 | 000,136,312 | R--- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\N360\0501000.01D\Ironx86.SYS -- (SymIRON)
DRV - [2010/07/09 13:18:56 | 000,020,328 | ---- | M] (Windows ® Win 7 DDK provider) [Kernel | On_Demand | Stopped] -- C:\Program Files\CPUID\PC Wizard 2010\pcwiz_x32.sys -- (cpuz134)
DRV - [2009/02/24 18:42:14 | 000,116,736 | ---- | M] (MagicISO, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\mcdbus.sys -- (mcdbus)
DRV - [2008/09/24 11:40:22 | 004,122,368 | R--- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ALCXWDM.SYS -- (ALCXWDM) Service for Realtek AC97 Audio (WDM)
DRV - [2008/08/20 19:27:36 | 000,019,240 | ---- | M] (Silicon Image, Inc) [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\SiWinAcc.sys -- (SiWinAcc)
DRV - [2008/08/20 19:27:36 | 000,019,240 | ---- | M] (Silicon Image, Inc) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\SiWinAcc.sys -- (SiFilter)
DRV - [2008/08/20 19:27:26 | 000,015,400 | ---- | M] (Silicon Image, Inc) [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\SiRemFil.sys -- (SiRemFil)
DRV - [2008/08/20 19:27:08 | 000,074,280 | ---- | M] (Silicon Image, Inc) [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\si3112.sys -- (si3112)
DRV - [2005/10/17 20:50:06 | 000,245,376 | ---- | M] (Ralink Technology Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\rt2500usb.sys -- (WUSB54GPV4SRV)
DRV - [2005/02/01 19:18:38 | 000,017,992 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\bcm42rly.sys -- (BCM42RLY)
DRV - [2003/09/25 23:15:32 | 000,015,872 | ---- | M] (Printing Communications Assoc., Inc. (PCAUSA)) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\GTNDIS5.sys -- (GTNDIS5)
DRV - [2001/08/17 13:49:06 | 000,058,592 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\i740nt5.sys -- (i740)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,CustomSearch = http://us.rd.yahoo.c...rch/search.html

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://us.rd.yahoo.c...//www.yahoo.com
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.bing.com/...UGO&form=ZGAPHP
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Restore = http://www.yahoo.com/
IE - HKCU\..\URLSearchHook: {88c7f2aa-f93f-432c-8f0e-b7d85967a527} - C:\Program Files\BitTorrentBar\tbBitT.dll (Conduit Ltd.)
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyServer" = :0

========== FireFox ==========

FF - prefs.js..browser.search.defaultthis.engineName: "SearchingBar Customized Web Search"
FF - prefs.js..browser.search.defaulturl: "http://search.condui...={searchTerms}"
FF - prefs.js..browser.search.selectedEngine: "Bing"
FF - prefs.js..browser.startup.homepage: "http://www.google.com/"
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}:6.0.23
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}:6.0.24
FF - prefs.js..extensions.enabledItems: [email protected]:3.3.3.2
FF - prefs.js..extensions.enabledItems: {3e9a3920-1b27-11da-8cd6-0800200c9a66}:3.4.1
FF - prefs.js..extensions.enabledItems: {635abd67-4fe9-1b23-4f01-e679fa7484c1}:2.1.3.20100310105313
FF - prefs.js..extensions.enabledItems: {88c7f2aa-f93f-432c-8f0e-b7d85967a527}:3.2.5.2
FF - prefs.js..extensions.enabledItems: {a3d9f146-03da-4695-878c-81ef970f2f96}:3.3.3.2
FF - prefs.js..extensions.enabledItems: {a6bf16ab-42a1-4bc5-965d-5e407e449aaa}:1.0.0.0
FF - prefs.js..extensions.enabledItems: [email protected]:1.0
FF - prefs.js..extensions.enabledItems: {22C7F6C6-8D67-4534-92B5-529A0EC09405}:6.5.0.1234
FF - prefs.js..keyword.URL: "http://search.condui...SearchSource=2"
FF - prefs.js..network.proxy.ftp: ":0"
FF - prefs.js..network.proxy.gopher: ":0"
FF - prefs.js..network.proxy.http: ":0"
FF - prefs.js..network.proxy.share_proxy_settings: true
FF - prefs.js..network.proxy.socks: ":0"
FF - prefs.js..network.proxy.ssl: ":0"
FF - prefs.js..network.proxy.type: 0


FF - HKLM\software\mozilla\Firefox\extensions\\{BBDA0591-3099-440a-AA10-41764D9DB4DB}: C:\Documents and Settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_5.1.0.29\IPSFFPlgn\ [2011/06/12 11:28:38 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Firefox\extensions\\{2D3F3651-74B9-4795-BDEC-6DA2F431CB62}: C:\Documents and Settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_5.1.0.29\coFFPlgn\ [2011/06/12 11:26:31 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 4.0\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2011/04/19 11:37:34 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 4.0\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2011/06/16 01:14:23 | 000,000,000 | ---D | M]

[2008/12/26 19:39:43 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Owner\Application Data\Mozilla\Extensions
[2011/06/13 02:07:04 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\ipn2u13p.default\extensions
[2011/02/08 23:35:30 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\ipn2u13p.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}
[2011/04/01 03:11:44 | 000,000,000 | ---D | M] (Yahoo! Toolbar) -- C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\ipn2u13p.default\extensions\{635abd67-4fe9-1b23-4f01-e679fa7484c1}
[2011/04/02 23:10:05 | 000,000,000 | ---D | M] (BitTorrentBar Community Toolbar) -- C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\ipn2u13p.default\extensions\{88c7f2aa-f93f-432c-8f0e-b7d85967a527}
[2011/03/28 00:12:16 | 000,000,000 | ---D | M] (SearchingBar Community Toolbar) -- C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\ipn2u13p.default\extensions\{a3d9f146-03da-4695-878c-81ef970f2f96}
[2011/04/02 23:09:59 | 000,000,000 | ---D | M] (Conduit Engine) -- C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\ipn2u13p.default\extensions\[email protected]
[2011/03/02 01:00:33 | 000,001,919 | ---- | M] () -- C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\ipn2u13p.default\searchplugins\bing-zugo.xml
[2011/01/17 12:28:24 | 000,000,927 | ---- | M] () -- C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\ipn2u13p.default\searchplugins\conduit.xml
[2009/12/01 12:50:20 | 000,002,160 | ---- | M] () -- C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\ipn2u13p.default\searchplugins\MySpace.xml
[2011/06/13 01:53:12 | 000,002,469 | ---- | M] () -- C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\ipn2u13p.default\searchplugins\safesearch.xml
[2011/06/13 01:23:52 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions
[2011/01/24 01:58:50 | 000,000,000 | ---D | M] (Skype extension) -- C:\Program Files\Mozilla Firefox\extensions\{AB2CE124-6272-4b12-94A9-7303C7397BD1}
[2011/01/11 22:45:45 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}
[2011/03/05 02:25:55 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}
[2011/06/13 01:23:52 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA}
[2011/04/01 02:49:08 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\distribution\extensions
[2011/04/01 02:49:08 | 000,000,000 | ---D | M] (Yahoo! Toolbar) -- C:\Program Files\Mozilla Firefox\distribution\extensions\{635abd67-4fe9-1b23-4f01-e679fa7484c1}
File not found (No name found) --
[2011/06/12 11:26:31 | 000,000,000 | ---D | M] (Norton Toolbar) -- C:\DOCUMENTS AND SETTINGS\ALL USERS\APPLICATION DATA\NORTON\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_5.1.0.29\COFFPLGN
[2011/06/12 11:28:38 | 000,000,000 | ---D | M] (Symantec IPS) -- C:\DOCUMENTS AND SETTINGS\ALL USERS\APPLICATION DATA\NORTON\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_5.1.0.29\IPSFFPLGN
() (No name found) -- C:\DOCUMENTS AND SETTINGS\OWNER\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\IPN2U13P.DEFAULT\EXTENSIONS\{3E9A3920-1B27-11DA-8CD6-0800200C9A66}.XPI
[2009/03/11 10:30:33 | 000,000,000 | ---D | M] (Java Quick Starter) -- C:\PROGRAM FILES\JAVA\JRE6\LIB\DEPLOY\JQS\FF
[2010/01/01 02:00:00 | 000,135,168 | ---- | M] (Mozilla Foundation) -- C:\Program Files\Mozilla Firefox\components\browsercomps.dll
[2011/05/04 04:52:23 | 000,476,904 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Mozilla Firefox\plugins\npdeployJava1.dll
[2007/04/16 11:07:12 | 000,180,293 | ---- | M] () -- C:\Program Files\Mozilla Firefox\plugins\npViewpoint.dll
[2010/01/01 02:00:00 | 000,002,252 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\bing.xml

O1 HOSTS File: ([2006/02/28 06:00:00 | 000,000,734 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (&Yahoo! Toolbar Helper) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll (Yahoo! Inc.)
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - No CLSID value found.
O2 - BHO: (Symantec NCO BHO) - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files\Norton 360\Engine\5.1.0.29\CoIEPlg.dll (Symantec Corporation)
O2 - BHO: (Symantec Intrusion Prevention) - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files\Norton 360\Engine\5.1.0.29\IPS\IPSBHO.dll (Symantec Corporation)
O2 - BHO: (BitTorrentBar Toolbar) - {88c7f2aa-f93f-432c-8f0e-b7d85967a527} - C:\Program Files\BitTorrentBar\tbBitT.dll (Conduit Ltd.)
O2 - BHO: (Skype Plug-In) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O2 - BHO: (SingleInstance Class) - {FDAD4DA1-61A2-4FD8-9C17-86F7AC245081} - C:\Program Files\Yahoo!\Companion\Installs\cpn\YTSingleInstance.dll (Yahoo! Inc)
O3 - HKLM\..\Toolbar: (Norton Toolbar) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files\Norton 360\Engine\5.1.0.29\CoIEPlg.dll (Symantec Corporation)
O3 - HKLM\..\Toolbar: (BitTorrentBar Toolbar) - {88c7f2aa-f93f-432c-8f0e-b7d85967a527} - C:\Program Files\BitTorrentBar\tbBitT.dll (Conduit Ltd.)
O3 - HKLM\..\Toolbar: (Yahoo! Toolbar) - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll (Yahoo! Inc.)
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {472734EA-242A-422B-ADF8-83D1E48CC825} - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (Norton Toolbar) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files\Norton 360\Engine\5.1.0.29\CoIEPlg.dll (Symantec Corporation)
O3 - HKCU\..\Toolbar\WebBrowser: (BitTorrentBar Toolbar) - {88C7F2AA-F93F-432C-8F0E-B7D85967A527} - C:\Program Files\BitTorrentBar\tbBitT.dll (Conduit Ltd.)
O3 - HKCU\..\Toolbar\WebBrowser: (Yahoo! Toolbar) - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll (Yahoo! Inc.)
O4 - HKLM..\Run: [NvCplDaemon] C:\WINDOWS\System32\NvCpl.dll (NVIDIA Corporation)
O4 - HKLM..\Run: [NvMediaCenter] C:\WINDOWS\System32\NvMcTray.dll (NVIDIA Corporation)
O4 - HKLM..\Run: [nwiz] C:\Program Files\NVIDIA Corporation\nView\nwiz.exe ()
O4 - HKLM..\Run: [WireLessMouse] File not found
O4 - HKCU..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe (Nero AG)
O4 - HKCU..\Run: [InstallIQUpdater] C:\Program Files\W3i\InstallIQUpdater\InstallIQUpdater.exe (W3i, LLC)
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Infodelivery present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\Run: Policies = C:\WINDOWS\system32\WinDir\Svchost.exe (Microsoft Corporation)
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\Run: Policies = C:\WINDOWS\system32\WinDir\Svchost.exe (Microsoft Corporation)
O9 - Extra Button: Skype Plug-In - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra 'Tools' menuitem : Skype Plug-In - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} http://www.update.mi...b?1230342116250 (WUWebControl Class)
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} http://update.micros...b?1230357737968 (MUWebControl Class)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_26)
O16 - DPF: {CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_26)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_26)
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.ad...Plus/1.6/gp.cab (Reg Error: Key error.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 68.87.85.102 68.87.69.150
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - Winlogon\Notify\igfxcui: DllName - igfxsrvc.dll - C:\WINDOWS\System32\igfxsrvc.dll (Intel Corporation)
O28 - HKLM ShellExecuteHooks: {56F9679E-7826-4C84-81F3-532071A8BCC5} - C:\Program Files\Windows Desktop Search\MsnlNamespaceMgr.dll (Microsoft Corporation)
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2008/12/26 18:11:05 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O33 - MountPoints2\{34610e4d-d36c-11dd-9ed8-806d6172696f}\Shell - "" = AutoRun
O33 - MountPoints2\{34610e4d-d36c-11dd-9ed8-806d6172696f}\Shell\AutoRun - "" = Auto&Play
O33 - MountPoints2\{34610e4d-d36c-11dd-9ed8-806d6172696f}\Shell\AutoRun\command - "" = D:\SETUP.EXE
O33 - MountPoints2\{84dc0234-71a3-11de-93f4-806d6172696f}\Shell - "" = AutoRun
O33 - MountPoints2\{84dc0234-71a3-11de-93f4-806d6172696f}\Shell\AutoRun - "" = Auto&Play
O33 - MountPoints2\{84dc0234-71a3-11de-93f4-806d6172696f}\Shell\AutoRun\command - "" = D:\SETUP.EXE
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

========== Files/Folders - Created Within 30 Days ==========

[2011/06/18 21:09:06 | 000,579,072 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\Owner\Desktop\OTL.exe
[2011/06/15 12:40:07 | 000,000,000 | -HSD | C] -- C:\Config.Msi
[2011/06/15 12:21:34 | 000,000,000 | ---D | C] -- C:\WINDOWS\SxsCaPendDel
[2011/06/15 11:59:38 | 002,558,968 | ---- | C] (Symantec Corporation) -- C:\Documents and Settings\Owner\Desktop\NPE(1).exe
[2011/06/15 11:51:56 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Owner\Local Settings\Application Data\NPE
[2011/06/15 01:55:26 | 000,000,000 | -HSD | C] -- C:\Documents and Settings\Owner\IECompatCache
[2011/06/13 01:24:15 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Java
[2011/06/12 15:32:58 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\N360_BACKUP
[2011/06/12 11:29:13 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Owner\My Documents\Symantec
[2011/06/12 11:27:03 | 000,126,584 | ---- | C] (Symantec Corporation) -- C:\WINDOWS\System32\drivers\SYMEVENT.SYS
[2011/06/12 11:27:03 | 000,060,872 | ---- | C] (Symantec Corporation) -- C:\WINDOWS\System32\S32EVNT1.DLL
[2011/06/12 11:27:03 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Symantec Shared
[2011/06/12 11:27:03 | 000,000,000 | ---D | C] -- C:\Program Files\Symantec
[2011/06/12 11:26:52 | 000,744,568 | R--- | C] (Symantec Corporation) -- C:\WINDOWS\System32\drivers\N360\0501000.01D\SymEFA.sys
[2011/06/12 11:26:52 | 000,516,216 | R--- | C] (Symantec Corporation) -- C:\WINDOWS\System32\drivers\N360\0501000.01D\srtsp.sys
[2011/06/12 11:26:52 | 000,369,784 | R--- | C] (Symantec Corporation) -- C:\WINDOWS\System32\drivers\N360\0501000.01D\symtdi.sys
[2011/06/12 11:26:52 | 000,340,088 | R--- | C] (Symantec Corporation) -- C:\WINDOWS\System32\drivers\N360\0501000.01D\SymDS.sys
[2011/06/12 11:26:52 | 000,331,384 | R--- | C] (Symantec Corporation) -- C:\WINDOWS\System32\drivers\N360\0501000.01D\symtdiv.sys
[2011/06/12 11:26:52 | 000,296,568 | R--- | C] (Symantec Corporation) -- C:\WINDOWS\System32\drivers\N360\0501000.01D\symnets.sys
[2011/06/12 11:26:52 | 000,136,312 | R--- | C] (Symantec Corporation) -- C:\WINDOWS\System32\drivers\N360\0501000.01D\Ironx86.sys
[2011/06/12 11:26:52 | 000,050,168 | R--- | C] (Symantec Corporation) -- C:\WINDOWS\System32\drivers\N360\0501000.01D\srtspx.sys
[2011/06/12 11:26:34 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\drivers\N360
[2011/06/12 11:26:34 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\drivers\N360\0501000.01D
[2011/06/12 11:26:31 | 000,000,000 | ---D | C] -- C:\Program Files\Windows Sidebar
[2011/06/12 11:26:31 | 000,000,000 | ---D | C] -- C:\Program Files\Norton 360
[2011/06/12 11:26:31 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Norton 360
[2011/06/12 11:23:36 | 000,000,000 | ---D | C] -- C:\Program Files\NortonInstaller
[2011/06/12 11:23:36 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\NortonInstaller
[2011/06/12 11:17:59 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Owner\Start Menu\Programs\Norton
[2011/06/12 11:17:53 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Documents\Norton
[2011/06/12 11:17:52 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Norton
[2011/06/12 02:09:05 | 000,056,400 | ---- | C] (trend_company_name) -- C:\WINDOWS\System32\drivers\tmrkb.sys
[7 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[2 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2011/06/18 21:09:10 | 000,579,072 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Owner\Desktop\OTL.exe
[2011/06/17 23:36:04 | 000,000,280 | ---- | M] () -- C:\WINDOWS\tasks\SmartDefrag_Startup.job
[2011/06/17 23:35:38 | 000,001,374 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2011/06/17 23:35:31 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2011/06/17 03:41:52 | 000,000,129 | ---- | M] () -- C:\Documents and Settings\Owner\jagex_runescape_preferences2.dat
[2011/06/17 03:41:51 | 000,000,034 | ---- | M] () -- C:\Documents and Settings\Owner\jagex_runescape_preferences.dat
[2011/06/16 18:46:57 | 000,232,968 | ---- | M] () -- C:\WINDOWS\System32\nvdrsdb1.bin
[2011/06/16 18:46:57 | 000,000,001 | ---- | M] () -- C:\WINDOWS\System32\nvdrssel.bin
[2011/06/16 01:14:23 | 000,001,729 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Adobe Reader 9.lnk
[2011/06/15 12:41:42 | 000,465,302 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
[2011/06/15 12:41:42 | 000,079,444 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
[2011/06/15 12:28:57 | 000,660,480 | ---- | M] () -- C:\WINDOWS\System32\drivers\N360\0501000.01D\Cat.DB
[2011/06/15 12:28:46 | 000,001,374 | ---- | M] () -- C:\WINDOWS\imsins.BAK
[2011/06/15 12:12:11 | 000,000,223 | RHS- | M] () -- C:\boot.ini
[2011/06/15 11:59:39 | 002,558,968 | ---- | M] (Symantec Corporation) -- C:\Documents and Settings\Owner\Desktop\NPE(1).exe
[2011/06/14 00:39:42 | 000,142,032 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2011/06/13 01:48:12 | 000,001,532 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\EpicBot.lnk
[2011/06/13 01:07:55 | 004,851,085 | -H-- | M] () -- C:\Documents and Settings\Owner\Application Data\Ownerlog.dat
[2011/06/12 11:27:03 | 000,126,584 | ---- | M] (Symantec Corporation) -- C:\WINDOWS\System32\drivers\SYMEVENT.SYS
[2011/06/12 11:27:03 | 000,060,872 | ---- | M] (Symantec Corporation) -- C:\WINDOWS\System32\S32EVNT1.DLL
[2011/06/12 11:27:03 | 000,007,468 | ---- | M] () -- C:\WINDOWS\System32\drivers\SYMEVENT.CAT
[2011/06/12 11:27:03 | 000,000,806 | ---- | M] () -- C:\WINDOWS\System32\drivers\SYMEVENT.INF
[2011/06/12 11:26:57 | 000,001,900 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Norton 360.LNK
[2011/06/12 11:17:59 | 000,000,770 | ---- | M] () -- C:\Documents and Settings\Owner\Desktop\Norton Installation Files.lnk
[2011/06/12 02:09:05 | 000,056,400 | ---- | M] (trend_company_name) -- C:\WINDOWS\System32\drivers\tmrkb.sys
[2011/06/12 02:06:24 | 003,914,387 | ---- | M] () -- C:\WINDOWS\System32\DZPX
[2011/06/02 21:36:39 | 000,587,702 | ---- | M] () -- C:\WINDOWS\umcat_01.db
[2011/06/02 14:59:42 | 000,655,356 | ---- | M] () -- C:\WINDOWS\System32\drivers\Cat.DB
[7 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[2 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]

========== Files Created - No Company Name ==========

[2011/06/13 01:48:12 | 000,001,532 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\EpicBot.lnk
[2011/06/12 11:27:15 | 000,660,480 | ---- | C] () -- C:\WINDOWS\System32\drivers\N360\0501000.01D\Cat.DB
[2011/06/12 11:27:03 | 000,007,468 | ---- | C] () -- C:\WINDOWS\System32\drivers\SYMEVENT.CAT
[2011/06/12 11:27:03 | 000,000,806 | ---- | C] () -- C:\WINDOWS\System32\drivers\SYMEVENT.INF
[2011/06/12 11:26:57 | 000,001,900 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Norton 360.LNK
[2011/06/12 11:26:53 | 000,000,000 | R--- | C] () -- C:\WINDOWS\System32\drivers\N360\0501000.01D\SymDS.cat
[2011/06/12 11:26:35 | 000,003,373 | R--- | C] () -- C:\WINDOWS\System32\drivers\N360\0501000.01D\SymEFA.inf
[2011/06/12 11:26:35 | 000,002,792 | R--- | C] () -- C:\WINDOWS\System32\drivers\N360\0501000.01D\SymDS.inf
[2011/06/12 11:26:35 | 000,001,474 | R--- | C] () -- C:\WINDOWS\System32\drivers\N360\0501000.01D\SymNetV.inf
[2011/06/12 11:26:35 | 000,001,446 | R--- | C] () -- C:\WINDOWS\System32\drivers\N360\0501000.01D\SymNet.inf
[2011/06/12 11:26:35 | 000,001,389 | R--- | C] () -- C:\WINDOWS\System32\drivers\N360\0501000.01D\srtspx.inf
[2011/06/12 11:26:35 | 000,001,383 | R--- | C] () -- C:\WINDOWS\System32\drivers\N360\0501000.01D\srtsp.inf
[2011/06/12 11:26:35 | 000,000,742 | R--- | C] () -- C:\WINDOWS\System32\drivers\N360\0501000.01D\Iron.inf
[2011/06/12 11:26:34 | 000,007,877 | R--- | C] () -- C:\WINDOWS\System32\drivers\N360\0501000.01D\symnetv.cat
[2011/06/12 11:26:34 | 000,007,528 | R--- | C] () -- C:\WINDOWS\System32\drivers\N360\0501000.01D\iron.cat
[2011/06/12 11:26:34 | 000,007,458 | R--- | C] () -- C:\WINDOWS\System32\drivers\N360\0501000.01D\SymNet.cat
[2011/06/12 11:26:34 | 000,007,456 | R--- | C] () -- C:\WINDOWS\System32\drivers\N360\0501000.01D\SymEFA.cat
[2011/06/12 11:26:34 | 000,007,454 | R--- | C] () -- C:\WINDOWS\System32\drivers\N360\0501000.01D\srtspx.cat
[2011/06/12 11:26:34 | 000,007,450 | R--- | C] () -- C:\WINDOWS\System32\drivers\N360\0501000.01D\srtsp.cat
[2011/06/12 11:26:34 | 000,000,172 | ---- | C] () -- C:\WINDOWS\System32\drivers\N360\0501000.01D\isolate.ini
[2011/06/12 11:17:59 | 000,000,770 | ---- | C] () -- C:\Documents and Settings\Owner\Desktop\Norton Installation Files.lnk
[2011/06/12 02:02:42 | 003,914,387 | ---- | C] () -- C:\WINDOWS\System32\DZPX
[2011/06/02 16:47:25 | 000,587,702 | ---- | C] () -- C:\WINDOWS\umcat_01.db
[2011/05/13 01:07:03 | 000,232,968 | ---- | C] () -- C:\WINDOWS\System32\nvdrsdb0.bin
[2011/05/13 01:06:52 | 000,232,968 | ---- | C] () -- C:\WINDOWS\System32\nvdrsdb1.bin
[2011/05/13 01:06:52 | 000,000,001 | ---- | C] () -- C:\WINDOWS\System32\nvdrssel.bin
[2011/04/21 19:43:54 | 000,026,788 | -H-- | C] () -- C:\WINDOWS\System32\mlfcache.dat
[2011/03/16 02:25:12 | 000,058,717 | ---- | C] () -- C:\Documents and Settings\Owner\Application Data\Owner3SQLite3.dll
[2011/03/11 12:19:44 | 000,000,664 | ---- | C] () -- C:\WINDOWS\System32\d3d9caps.dat
[2011/03/09 04:04:57 | 000,102,400 | ---- | C] () -- C:\WINDOWS\RegBootClean.exe
[2011/01/24 01:59:42 | 000,000,056 | -H-- | C] () -- C:\WINDOWS\System32\ezsidmv.dat
[2010/08/27 20:46:42 | 000,003,584 | ---- | C] () -- C:\Documents and Settings\Owner\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2010/08/16 22:39:11 | 000,172,032 | ---- | C] () -- C:\WINDOWS\System32\binkw32.dll
[2010/08/11 10:42:16 | 000,000,050 | ---- | C] () -- C:\WINDOWS\studt.ini
[2010/08/11 09:47:47 | 000,000,004 | ---- | C] () -- C:\WINDOWS\storedt.ini
[2010/07/10 05:38:00 | 002,195,030 | ---- | C] () -- C:\WINDOWS\System32\nvdata.bin
[2009/08/07 20:51:34 | 000,178,430 | ---- | C] () -- C:\WINDOWS\System32\xlive.dll.cat
[2009/07/22 21:10:29 | 001,970,176 | ---- | C] () -- C:\WINDOWS\System32\d3dx9.dll
[2009/07/22 01:22:47 | 000,000,151 | ---- | C] () -- C:\WINDOWS\PhotoSnapViewer.INI
[2009/03/22 16:17:33 | 000,021,840 | ---- | C] () -- C:\WINDOWS\System32\SIntfNT.dll
[2009/03/22 16:17:33 | 000,017,212 | ---- | C] () -- C:\WINDOWS\System32\SIntf32.dll
[2009/03/22 16:17:33 | 000,012,067 | ---- | C] () -- C:\WINDOWS\System32\SIntf16.dll
[2009/03/22 16:08:18 | 000,036,741 | ---- | C] () -- C:\WINDOWS\DIIUnin.dat
[2009/03/22 15:52:56 | 000,000,693 | ---- | C] () -- C:\WINDOWS\SIERRA.INI
[2009/03/22 15:51:40 | 000,005,406 | ---- | C] () -- C:\WINDOWS\DiabUnin.dat
[2009/03/16 23:00:39 | 000,000,698 | ---- | C] () -- C:\WINDOWS\eReg.dat
[2009/02/26 21:02:29 | 000,000,021 | ---- | C] () -- C:\WINDOWS\atid.ini
[2009/02/02 15:41:09 | 000,000,376 | ---- | C] () -- C:\WINDOWS\ODBC.INI
[2009/01/26 07:20:32 | 000,035,382 | ---- | C] () -- C:\WINDOWS\scunin.dat
[2009/01/14 20:01:56 | 000,000,000 | ---- | C] () -- C:\WINDOWS\PowerReg.dat
[2009/01/14 19:04:08 | 000,010,240 | ---- | C] () -- C:\WINDOWS\System32\vidx16.dll
[2009/01/14 14:58:37 | 000,000,069 | ---- | C] () -- C:\WINDOWS\NeroDigital.ini
[2008/12/26 19:39:43 | 000,000,000 | ---- | C] () -- C:\WINDOWS\nsreg.dat
[2008/12/26 19:29:52 | 000,147,456 | ---- | C] () -- C:\WINDOWS\System32\RTLCPAPI.dll
[2008/12/26 18:26:45 | 000,094,208 | ---- | C] () -- C:\WINDOWS\System32\GTW32N50.dll
[2008/12/26 18:26:34 | 000,001,668 | ---- | C] () -- C:\WINDOWS\System32\WLAN.INI
[2008/12/26 18:13:43 | 000,002,048 | --S- | C] () -- C:\WINDOWS\bootstat.dat
[2008/12/26 18:08:24 | 000,021,640 | ---- | C] () -- C:\WINDOWS\System32\emptyregdb.dat
[2008/12/26 11:03:35 | 000,004,161 | ---- | C] () -- C:\WINDOWS\ODBCINST.INI
[2008/12/26 11:02:33 | 000,142,032 | ---- | C] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2008/05/26 22:59:42 | 000,018,904 | ---- | C] () -- C:\WINDOWS\System32\structuredqueryschematrivial.bin
[2008/05/26 22:59:40 | 000,106,605 | ---- | C] () -- C:\WINDOWS\System32\structuredqueryschema.bin
[2007/09/27 11:51:02 | 000,020,698 | ---- | C] () -- C:\WINDOWS\System32\idxcntrs.ini
[2007/09/27 11:48:48 | 000,030,628 | ---- | C] () -- C:\WINDOWS\System32\gsrvctr.ini
[2007/09/27 11:48:28 | 000,031,698 | ---- | C] () -- C:\WINDOWS\System32\gthrctr.ini
[2007/06/28 22:43:00 | 001,018,772 | ---- | C] () -- C:\WINDOWS\System32\nvucode.bin
[2007/06/28 22:43:00 | 000,286,720 | ---- | C] () -- C:\WINDOWS\System32\nvnt4cpl.dll
[2006/02/28 06:00:00 | 013,107,200 | ---- | C] () -- C:\WINDOWS\System32\oembios.bin
[2006/02/28 06:00:00 | 000,673,088 | ---- | C] () -- C:\WINDOWS\System32\mlang.dat
[2006/02/28 06:00:00 | 000,465,302 | ---- | C] () -- C:\WINDOWS\System32\perfh009.dat
[2006/02/28 06:00:00 | 000,272,128 | ---- | C] () -- C:\WINDOWS\System32\perfi009.dat
[2006/02/28 06:00:00 | 000,218,003 | ---- | C] () -- C:\WINDOWS\System32\dssec.dat
[2006/02/28 06:00:00 | 000,079,444 | ---- | C] () -- C:\WINDOWS\System32\perfc009.dat
[2006/02/28 06:00:00 | 000,046,258 | ---- | C] () -- C:\WINDOWS\System32\mib.bin
[2006/02/28 06:00:00 | 000,028,626 | ---- | C] () -- C:\WINDOWS\System32\perfd009.dat
[2006/02/28 06:00:00 | 000,004,569 | ---- | C] () -- C:\WINDOWS\System32\secupd.dat
[2006/02/28 06:00:00 | 000,004,461 | ---- | C] () -- C:\WINDOWS\System32\oembios.dat
[2006/02/28 06:00:00 | 000,001,804 | ---- | C] () -- C:\WINDOWS\System32\dcache.bin
[2006/02/28 06:00:00 | 000,000,741 | ---- | C] () -- C:\WINDOWS\System32\noise.dat
[2005/10/18 23:50:27 | 004,851,085 | -H-- | C] () -- C:\Documents and Settings\Owner\Application Data\Ownerlog.dat

========== LOP Check ==========

[2009/02/26 21:01:58 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\acccore
[2011/01/24 02:26:16 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\AIM
[2011/01/24 00:43:12 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Fallout3
[2011/03/02 01:00:49 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\InstallMate
[2011/03/17 00:45:49 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\IObit
[2008/12/26 19:14:27 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\PC Drivers Headquarters
[2011/06/18 03:24:53 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\PMB Files
[2011/03/21 23:53:42 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Simply Super Software
[2011/06/12 11:03:25 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\TEMP
[2009/03/11 21:54:49 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Tencent
[2009/02/26 21:02:04 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Viewpoint
[2011/03/10 12:02:33 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\W3i
[2008/12/26 23:55:30 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\WinZip
[2010/07/01 02:12:48 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\{429CAD59-35B1-4DBC-BB6D-1DB246563521}
[2008/12/27 14:53:04 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Owner\Application Data\Abra Academy2
[2009/02/26 21:07:09 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Owner\Application Data\acccore
[2011/04/26 02:35:55 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Owner\Application Data\BitTorrent
[2010/06/28 00:48:31 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Owner\Application Data\Charles
[2008/12/26 22:19:36 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Owner\Application Data\com.adobe.mauby.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1
[2011/03/10 12:04:42 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Owner\Application Data\EpicBot
[2011/03/18 21:42:56 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Owner\Application Data\IObit
[2011/03/31 00:23:09 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Owner\Application Data\LolClient
[2011/06/12 02:10:03 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Owner\Application Data\MP3Rocket
[2011/05/16 01:19:55 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Owner\Application Data\PriceGong
[2009/02/26 21:07:52 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Owner\Application Data\QQ Games Plugin
[2011/03/21 23:53:41 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Owner\Application Data\Simply Super Software
[2011/03/10 01:32:55 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Owner\Application Data\vmntemplate
[2008/12/26 20:25:04 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Owner\Application Data\Windows Desktop Search
[2008/12/26 21:26:47 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Owner\Application Data\Windows Search
[2011/06/17 23:36:04 | 000,000,280 | ---- | M] () -- C:\WINDOWS\Tasks\SmartDefrag_Startup.job

========== Purity Check ==========



========== Alternate Data Streams ==========

@Alternate Data Stream - 145 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:DFC5A2B2
@Alternate Data Stream - 127 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:430C6D84

< End of report >
  • 0

Advertisements







Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP