Internet Security 2010

View previous topic View next topic Go down

Internet Security 2010

Post by nstnewell on Sun Jan 24, 2010 3:22 pm

Please let me know how to remove this virus. Thanks.

nstnewell
Novice
Novice

Posts Posts : 11
Joined Joined : 2010-01-24
OS OS : Windows XP
Points Points : 25233
# Likes # Likes : 0

View user profile

Back to top Go down

Re: Internet Security 2010

Post by Belahzur on Sun Jan 24, 2010 5:28 pm

Download [You must be registered and logged in to see this link.] by OldTimer to your Desktop.

  • Close all windows and double click OTL.exe
  • Click Run Scan and let the program run uninterrupted
  • It will produce two logs for you, one will pop up - OTL.txt, the other will be saved on your Desktop - Extras.txt. Post both logs in this thread.
  • You may need to use two posts to get it all.


[You must be registered and logged in to see this link.] - [You must be registered and logged in to see this link.] - Please PM me if I fail to respond within 24hrs.


Belahzur
Administrator
Administrator

Posts Posts : 34916
Joined Joined : 2008-08-03
Gender Gender : Male
OS OS : XP SP3 Media Centre
Points Points : 245069
# Likes # Likes : 1

View user profile

Back to top Go down

Re: Internet Security 2010

Post by nstnewell on Sun Jan 24, 2010 6:47 pm

No logs appear. Instead a warning window comes up telling me application can not be run and to activate my anti-virus software. The scan appears to be complete, however.

nstnewell
Novice
Novice

Posts Posts : 11
Joined Joined : 2010-01-24
OS OS : Windows XP
Points Points : 25233
# Likes # Likes : 0

View user profile

Back to top Go down

Re: Internet Security 2010

Post by Belahzur on Sun Jan 24, 2010 11:30 pm

Hello.

Please then reboot your computer in Safe Mode by doing the following :

  • Restart your computer
  • After hearing your computer beep once during startup, but before the Windows icon appears, tap the F8 key continually;
  • Instead of Windows loading as normal, the Advanced Options Menu should appear;
  • Select the first option, to run Windows in Safe Mode, then press Enter.
  • Choose your usual account.

Can you try running OTL in Safe Mode now?


[You must be registered and logged in to see this link.] - [You must be registered and logged in to see this link.] - Please PM me if I fail to respond within 24hrs.


Belahzur
Administrator
Administrator

Posts Posts : 34916
Joined Joined : 2008-08-03
Gender Gender : Male
OS OS : XP SP3 Media Centre
Points Points : 245069
# Likes # Likes : 1

View user profile

Back to top Go down

Re: Internet Security 2010

Post by nstnewell on Mon Jan 25, 2010 1:51 am

I was able to do it in safe mode. Is there any use to Norton? Is there better anti-virus out there?

I'll post the pop-up one first, in multiple parts

Part 1

OTL logfile created on: 1/24/2010 8:17:31 PM - Run 3
OTL by OldTimer - Version 3.1.26.0 Folder = C:\Documents and Settings\Administrator\My Documents\Downloads
Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

503.00 Mb Total Physical Memory | 343.00 Mb Available Physical Memory | 68.00% Memory free
1.00 Gb Paging File | 1.00 Gb Available in Paging File | 93.00% Paging File free
Paging file location(s): C:\pagefile.sys 756 1512 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 74.52 Gb Total Space | 25.22 Gb Free Space | 33.84% Space Free | Partition Type: NTFS
D: Drive not present or media not loaded
E: Drive not present or media not loaded
Drive F: | 931.51 Gb Total Space | 886.72 Gb Free Space | 95.19% Space Free | Partition Type: NTFS
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded

Computer Name: HP21763218672
Current User Name: Administrator
Logged in as Administrator.

Current Boot Mode: SafeMode
Scan Mode: Current user
Company Name Whitelist: Off
Skip Microsoft Files: Off
File Age = 30 Days
Output = Standard
Quick Scan

========== Processes (SafeList) ==========

PRC - [2010/01/24 13:20:11 | 00,547,328 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Administrator\My Documents\Downloads\OTL.exe
PRC - [2010/01/23 18:13:31 | 00,020,480 | ---- | M] (IpVOPqgs) -- C:\WINDOWS\system32\smss32.exe
PRC - [2008/04/13 19:12:19 | 01,033,728 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe


========== Modules (SafeList) ==========

MOD - [2010/01/24 13:20:11 | 00,547,328 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Administrator\My Documents\Downloads\OTL.exe
MOD - [2008/04/13 19:11:56 | 00,019,968 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\linkinfo.dll


========== Win32 Services (SafeList) ==========

SRV - File not found [Disabled | Stopped] -- -- (NMIndexingService)
SRV - File not found [Auto | Stopped] -- -- ($sys$DRMServer)
SRV - [2009/10/28 20:21:14 | 00,545,568 | ---- | M] (Apple Inc.) [On_Demand | Stopped] -- C:\Program Files\iPod\bin\iPodService.exe -- (iPod Service)
SRV - [2009/09/28 08:42:50 | 00,109,056 | ---- | M] (ArcSoft Inc.) [Auto | Stopped] -- C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACService.exe -- (ACDaemon)
SRV - [2009/06/05 10:48:14 | 00,144,712 | ---- | M] (Apple Inc.) [Auto | Stopped] -- C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe -- (Apple Mobile Device)
SRV - [2008/12/12 11:17:38 | 00,238,888 | ---- | M] (Apple Inc.) [Auto | Stopped] -- C:\Program Files\Bonjour\mDNSResponder.exe -- (Bonjour Service)
SRV - [2008/10/17 14:52:10 | 00,149,352 | ---- | M] (Symantec Corporation) [Auto | Stopped] -- C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe -- (LiveUpdate Notice)
SRV - [2008/10/17 14:52:10 | 00,149,352 | ---- | M] (Symantec Corporation) [Auto | Stopped] -- C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe -- (CLTNetCnService)
SRV - [2008/10/17 14:52:10 | 00,149,352 | ---- | M] (Symantec Corporation) [Auto | Stopped] -- C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe -- (ccSetMgr)
SRV - [2008/10/17 14:52:10 | 00,149,352 | ---- | M] (Symantec Corporation) [Auto | Stopped] -- C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe -- (ccEvtMgr)
SRV - [2008/10/10 05:45:26 | 00,013,088 | ---- | M] (Intuit Inc.) [Auto | Stopped] -- C:\Program Files\Common Files\Intuit\Update Service\IntuitUpdateService.exe -- (IntuitUpdateService)
SRV - [2008/01/23 15:59:05 | 01,251,720 | ---- | M] () [On_Demand | Stopped] -- C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe -- (Symantec Core LC)
SRV - [2007/11/07 16:41:48 | 00,071,168 | ---- | M] () [Auto | Stopped] -- C:\WINDOWS\System32\LxrJD31s.exe -- (LxrJD31s)
SRV - [2007/08/31 10:49:50 | 00,243,064 | ---- | M] (Symantec Corporation) [Auto | Stopped] -- C:\Program Files\Symantec\LiveUpdate\AluSchedulerSvc.exe -- (Automatic LiveUpdate Scheduler)
SRV - [2007/08/23 15:35:22 | 03,192,184 | ---- | M] (Symantec Corporation) [On_Demand | Stopped] -- C:\Program Files\Symantec\LiveUpdate\LuComServer_3_4.EXE -- (LiveUpdate)
SRV - [2007/08/22 02:21:30 | 00,055,640 | ---- | M] (Symantec Corporation) [On_Demand | Stopped] -- C:\Program Files\Common Files\Symantec Shared\VAScanner\comHost.exe -- (comHost)
SRV - [2007/01/03 20:40:21 | 00,136,120 | ---- | M] (Google) [On_Demand | Stopped] -- C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe -- (gusvc)
SRV - [2004/10/07 09:42:57 | 00,167,936 | ---- | M] () [Auto | Stopped] -- C:\WINDOWS\CDProxyServ.exe -- (CD_Proxy)
SRV - [2004/08/23 08:31:34 | 04,845,644 | ---- | M] (Altiris, Inc.) [Auto | Stopped] -- C:\Program Files\Aclient\AClient.exe -- (AClient)
SRV - [2002/09/20 17:50:10 | 00,045,056 | ---- | M] (Analog Devices, Inc.) [Auto | Stopped] -- C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe -- (SoundMAX Agent Service (default))


========== Driver Services (SafeList) ==========

DRV - [2009/11/19 22:02:58 | 00,268,664 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Stopped] -- C:\Program Files\Common Files\Symantec Shared\SymcData\ipsdefs\20100119.001\SymIDSCo.sys -- (SYMIDSCO)
DRV - [2009/08/28 18:42:52 | 00,040,448 | ---- | M] (Apple, Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\usbaapl.sys -- (USBAAPL)
DRV - [2009/08/27 03:00:00 | 00,371,248 | ---- | M] (Symantec Corporation) [Kernel | System | Stopped] -- C:\Program Files\Common Files\Symantec Shared\EENGINE\eeCtrl.sys -- (eeCtrl)
DRV - [2009/08/27 03:00:00 | 00,102,448 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Stopped] -- C:\Program Files\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys -- (EraserUtilRebootDrv)
DRV - [2009/08/25 03:00:00 | 01,323,568 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Stopped] -- C:\Program Files\Common Files\Symantec Shared\VirusDefs\20100123.003\NAVEX15.SYS -- (NAVEX15)
DRV - [2009/08/25 03:00:00 | 00,084,912 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Stopped] -- C:\Program Files\Common Files\Symantec Shared\VirusDefs\20100123.003\NAVENG.SYS -- (NAVENG)
DRV - [2009/05/18 13:17:00 | 00,026,600 | ---- | M] (GEAR Software Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\GEARAspiWDM.sys -- (GEARAspiWDM)
DRV - [2009/02/19 11:31:42 | 00,031,280 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\SymIM.sys -- (SymIMMP)
DRV - [2009/02/19 11:31:42 | 00,031,280 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\SymIM.sys -- (SymIM)
DRV - [2009/02/19 11:31:16 | 00,184,496 | ---- | M] (Symantec Corporation) [Kernel | System | Stopped] -- C:\WINDOWS\System32\Drivers\SYMTDI.SYS -- (SYMTDI)
DRV - [2009/02/19 11:31:16 | 00,096,560 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\System32\Drivers\SYMFW.SYS -- (SYMFW)
DRV - [2009/02/19 11:31:16 | 00,038,576 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\System32\Drivers\SYMIDS.SYS -- (SYMIDS)
DRV - [2009/02/19 11:31:16 | 00,037,424 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\System32\Drivers\SYMNDIS.SYS -- (SYMNDIS)
DRV - [2009/02/19 11:31:16 | 00,022,320 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\System32\Drivers\SYMREDRV.SYS -- (SYMREDRV)
DRV - [2009/02/19 11:31:16 | 00,013,616 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\System32\Drivers\SYMDNS.SYS -- (SYMDNS)
DRV - [2009/01/09 09:54:07 | 00,124,464 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\SYMEVENT.SYS -- (SymEvent)
DRV - [2008/11/20 14:19:06 | 00,043,872 | ---- | M] (Sonic Solutions) [Kernel | Boot | Running] -- C:\WINDOWS\System32\Drivers\PxHelp20.sys -- (PxHelp20)
DRV - [2008/09/05 13:31:42 | 00,447,024 | ---- | M] (Symantec Corporation) [Kernel | System | Stopped] -- C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCDrv.sys -- (SPBBCDrv)
DRV - [2008/07/30 16:42:12 | 00,023,888 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\COH_Mon.sys -- (COH_Mon)
DRV - [2007/11/30 23:57:12 | 00,317,616 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\srtspl.sys -- (SRTSPL)
DRV - [2007/11/30 23:57:12 | 00,279,088 | ---- | M] (Symantec Corporation) [File_System | System | Stopped] -- C:\WINDOWS\system32\drivers\srtsp.sys -- (SRTSP)
DRV - [2007/11/30 23:57:12 | 00,043,696 | ---- | M] (Symantec Corporation) [Kernel | System | Stopped] -- C:\WINDOWS\system32\drivers\srtspx.sys -- (SRTSPX)
DRV - [2007/11/13 05:25:53 | 00,020,480 | ---- | M] (Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\secdrv.sys -- (Secdrv)
DRV - [2007/11/07 16:41:48 | 00,069,824 | ---- | M] () [Kernel | Auto | Stopped] -- C:\WINDOWS\system32\drivers\LxrJD31d.sys -- (LxrJD31d)
DRV - [2007/08/08 18:39:56 | 00,036,056 | ---- | M] (Symantec Corporation) [Kernel | Auto | Stopped] -- C:\WINDOWS\system32\drivers\CO_Mon.sys -- (CO_Mon)
DRV - [2007/05/18 11:41:30 | 00,037,760 | ---- | M] (Service & Quality Technology.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\Capt905c.sys -- (SQTECH905C)
DRV - [2005/11/10 00:34:45 | 00,010,344 | ---- | M] (Symantec Corporation) [Kernel | Auto | Stopped] -- C:\WINDOWS\system32\drivers\symlcbrd.sys -- (symlcbrd)
DRV - [2005/07/04 07:52:50 | 00,018,432 | ---- | M] (First 4 Internet) [Kernel | Boot | Running] -- C:\WINDOWS\System32\Drivers\$sys$cor.sys -- ($sys$cor)
DRV - [2005/07/04 05:51:37 | 00,011,904 | ---- | M] (First 4 Internet) [Kernel | System | Running] -- C:\WINDOWS\system32\$sys$filesystem\crater.sys -- ($sys$crater)
DRV - [2005/04/21 00:33:12 | 00,112,384 | R--- | M] (NETGEAR Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\wg111v2.sys -- (RTLWUSB)
DRV - [2004/11/16 08:46:38 | 00,190,592 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\b57xp32.sys -- (b57w2k)
DRV - [2004/09/30 12:05:12 | 00,752,093 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ialmnt5.sys -- (ialm)
DRV - [2004/08/04 03:00:00 | 00,017,792 | ---- | M] (Parallel Technologies, Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ptilink.sys -- (Ptilink)
DRV - [2004/08/03 22:31:20 | 00,036,224 | ---- | M] (ADMtek Incorporated.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\an983.sys -- (AN983)
DRV - [2004/08/03 12:29:50 | 00,019,455 | ---- | M] (Intel(R) Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\wVchNTxx.sys -- (iAimFP4)
DRV - [2004/08/03 12:29:48 | 00,012,063 | ---- | M] (Intel(R) Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\wSiINTxx.sys -- (iAimFP3)
DRV - [2004/08/03 12:29:46 | 00,025,471 | ---- | M] (Intel(R) Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\wATV10nt.sys -- (iAimTV5)
DRV - [2004/08/03 12:29:46 | 00,023,615 | ---- | M] (Intel(R) Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\wCh7xxNT.sys -- (iAimTV4)
DRV - [2004/08/03 12:29:46 | 00,022,271 | ---- | M] (Intel(R) Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\wATV06nt.sys -- (iAimTV6)
DRV - [2004/08/03 12:29:44 | 00,033,599 | ---- | M] (Intel(R) Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\wATV04nt.sys -- (iAimTV3)
DRV - [2004/08/03 12:29:44 | 00,019,551 | ---- | M] (Intel(R) Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\wATV02NT.sys -- (iAimTV1)
DRV - [2004/08/03 12:29:42 | 00,029,311 | ---- | M] (Intel(R) Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\wATV01nt.sys -- (iAimTV0)
DRV - [2004/08/03 12:29:42 | 00,011,871 | ---- | M] (Intel(R) Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\wADV09NT.sys -- (iAimFP7)
DRV - [2004/08/03 12:29:40 | 00,011,807 | ---- | M] (Intel(R) Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\wADV07nt.sys -- (iAimFP5)
DRV - [2004/08/03 12:29:40 | 00,011,295 | ---- | M] (Intel(R) Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\wADV08NT.sys -- (iAimFP6)
DRV - [2004/08/03 12:29:38 | 00,161,020 | ---- | M] (Intel(R) Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\i81xnt5.sys -- (i81x)
DRV - [2004/08/03 12:29:38 | 00,012,415 | ---- | M] (Intel(R) Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\wADV01nt.sys -- (iAimFP0)
DRV - [2004/08/03 12:29:38 | 00,012,127 | ---- | M] (Intel(R) Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\wADV02NT.sys -- (iAimFP1)
DRV - [2004/08/03 12:29:38 | 00,011,775 | ---- | M] (Intel(R) Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\wADV05NT.sys -- (iAimFP2)
DRV - [2004/04/15 13:20:36 | 00,612,416 | ---- | M] (Analog Devices, Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\smwdm.sys -- (smwdm)
DRV - [2004/02/04 13:34:16 | 00,051,584 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\baspxp32.sys -- (Blfp)
DRV - [2003/10/23 06:17:10 | 00,100,384 | ---- | M] (Andrea Electronics Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\aeaudio.sys -- (aeaudio)
DRV - [2002/05/08 13:44:42 | 00,105,472 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\WINDOWS\system32\DRIVERS\adpu320.sys -- (adpu320)
DRV - [2002/04/04 01:32:06 | 00,028,416 | R--- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\WINDOWS\system32\DRIVERS\symmpi.sys -- (Symmpi)
DRV - [2001/10/24 19:16:10 | 00,036,224 | R--- | M] (LinkSys Group Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\lne100v5.sys -- (LNE100) Linksys LNE100TX(v5)
DRV - [2001/08/30 10:15:36 | 00,019,968 | ---- | M] (Handspring, Inc) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\VisorUsb.sys -- (VisorUsb)
DRV - [2001/08/17 12:56:16 | 00,007,552 | ---- | M] (Sony Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\SONYPVU1.SYS -- (SONYPVU1) Sony USB Filter Driver (SONYPVU1)
DRV - [2001/08/17 11:07:42 | 00,030,688 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\WINDOWS\system32\DRIVERS\sym_u3.sys -- (sym_u3)
DRV - [2001/08/17 11:07:40 | 00,028,384 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\WINDOWS\system32\DRIVERS\sym_hi.sys -- (sym_hi)
DRV - [2001/08/17 11:07:36 | 00,032,640 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\WINDOWS\system32\DRIVERS\symc8xx.sys -- (symc8xx)
DRV - [2001/08/17 11:07:34 | 00,016,256 | ---- | M] (Symbios Logic Inc.) [Kernel | Disabled | Stopped] -- C:\WINDOWS\system32\DRIVERS\symc810.sys -- (symc810)
DRV - [2001/08/17 02:20:04 | 00,096,256 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ac97intc.sys -- (ac97intc) Intel(r) 82801 Audio Driver Install Service (WDM)
DRV - [2001/08/17 02:12:10 | 00,117,760 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\e100b325.sys -- (E100B) Intel(R)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,CustomSearch = [You must be registered and logged in to see this link.]

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,SearchMigratedDefaultName = Yahoo! Search
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,SearchMigratedDefaultURL = [You must be registered and logged in to see this link.]
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = [You must be registered and logged in to see this link.]
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local

========== FireFox ==========

FF - prefs.js..browser.search.defaultenginename: "Yahoo! Search"
FF - prefs.js..browser.search.defaulturl: "http://www.google.com/search?lr=&ie=UTF-8&oe=UTF-8&q="
FF - prefs.js..browser.search.selectedEngine: "Yahoo! Search"
FF - prefs.js..keyword.URL: "http://us.yhs.search.yahoo.com/avg/search?fr=yhs-avgb&type=yahoo_avg_hs2-tb-web_us&p="

FF - HKLM\software\mozilla\Mozilla Firefox 3.5.7\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2010/01/20 12:31:40 | 00,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.5.7\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2010/01/20 12:31:40 | 00,000,000 | ---D | M]

[2009/01/13 11:38:39 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Application Data\Mozilla\Extensions
[2010/01/24 13:56:24 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\cldhl1pz.default\extensions
[2008/08/09 12:31:12 | 00,000,000 | ---D | M] (Yahoo! Toolbar) -- C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\cldhl1pz.default\extensions\{635abd67-4fe9-1b23-4f01-e679fa7484c1}
[2010/01/24 13:56:24 | 00,000,000 | ---D | M] -- C:\Program Files\Mozilla Firefox\extensions
[2007/05/24 20:16:01 | 00,000,000 | ---D | M] (Google Toolbar for Firefox) -- C:\Program Files\Mozilla Firefox\extensions\{3112ca9c-de6d-4884-a869-9855de68056c}
[2007/08/24 22:52:00 | 00,300,400 | ---- | M] (Symantec Corporation) -- C:\Program Files\Mozilla Firefox\components\coFFPlgn.dll
[2006/01/18 11:50:00 | 00,319,488 | ---- | M] ( ) -- C:\Program Files\Mozilla Firefox\plugins\npsnapfish.dll

O1 HOSTS File: ([2004/08/04 03:00:00 | 00,000,734 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (no name) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - No CLSID value found.
O2 - BHO: (Adobe PDF Reader Link Helper) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
O2 - BHO: (AVG Safe Search) - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG8\avgssie.dll File not found
O2 - BHO: (no name) - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files\Common Files\Symantec Shared\coShared\Browser\2.0\CoIEPlg.dll (Symantec Corporation)
O2 - BHO: (Symantec Intrusion Prevention) - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files\Common Files\Symantec Shared\IDS\IPSBHO.dll (Symantec Corporation)
O2 - BHO: (SSVHelper Class) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll (Sun Microsystems, Inc.)
O2 - BHO: (DCA BHO) - {B49699FC-1665-4414-A1CB-C4A2A4A13EEC} - C:\Program Files\Upromise\dca-bho.dll (Compete, Inc.)
O2 - BHO: (Upromise TurboSaver) - {EDC0F17F-F4B7-47e4-B73E-887FAEB376FA} - C:\Program Files\Upromise\upromisetoolbar.dll (Upromise, Inc.)
O3 - HKLM\..\Toolbar: (Upromise TurboSaver) - {06E58E5E-F8CB-4049-991E-A41C03BD419E} - C:\Program Files\Upromise\upromisetoolbar.dll (Upromise, Inc.)
O3 - HKLM\..\Toolbar: (Show Norton Toolbar) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files\Common Files\Symantec Shared\coShared\Browser\2.0\CoIEPlg.dll (Symantec Corporation)
O3 - HKLM\..\Toolbar: (no name) - {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - No CLSID value found.
O3 - HKCU\..\Toolbar\ShellBrowser: (no name) - {C4069E3A-68F1-403E-B40E-20066696354B} - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (Show Norton Toolbar) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files\Common Files\Symantec Shared\coShared\Browser\2.0\CoIEPlg.dll (Symantec Corporation)
O4 - HKLM..\Run: [AClntUsr] C:\Program Files\Aclient\AClntUsr.EXE ()
O4 - HKLM..\Run: [AppleSyncNotifier] C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleSyncNotifier.exe (Apple Inc.)
O4 - HKLM..\Run: [ArcSoft Connection Service] C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe (ArcSoft Inc.)
O4 - HKLM..\Run: [bacstray] C:\Program Files\Broadcom\BACS\BacsTray.exe (Broadcom Corporation)
O4 - HKLM..\Run: [BJCFD] C:\Program Files\BroadJump\Client Foundation\CFD.exe ()
O4 - HKLM..\Run: [ccApp] C:\Program Files\Common Files\Symantec Shared\ccApp.exe (Symantec Corporation)
O4 - HKLM..\Run: [HotKeysCmds] C:\WINDOWS\system32\hkcmd.exe (Intel Corporation)
O4 - HKLM..\Run: [IgfxTray] C:\WINDOWS\system32\igfxtray.exe (Intel Corporation)
O4 - HKLM..\Run: [IPInSightLAN 02] C:\Program Files\Visual Networks\Visual IP InSight\SBC\IPClient.exe (Visual Networks)
O4 - HKLM..\Run: [IPInSightMonitor 02] C:\Program Files\Visual Networks\Visual IP InSight\SBC\IPMon32.exe (Visual Networks)
O4 - HKLM..\Run: [iTunesHelper] C:\Program Files\iTunes\iTunesHelper.exe (Apple Inc.)
O4 - HKLM..\Run: [MAKTray] C:\WINDOWS\MAKTray.exe (Hewlett-Packard Development Company, L.P.)
O4 - HKLM..\Run: [osCheck] C:\Program Files\Norton Internet Security\osCheck.exe (Symantec Corporation)
O4 - HKLM..\Run: [PDF Complete] C:\Program Files\PDF Complete\pdfsty.exe (PDF Complete Inc)
O4 - HKLM..\Run: [QuickTime Task] C:\Program Files\QuickTime\QTTask.exe (Apple Inc.)
O4 - HKLM..\Run: [SetRefresh] C:\Program Files\Compaq\SetRefresh\SetRefresh.exe (Hewlett-Packard Company)
O4 - HKLM..\Run: [Smapp] C:\Program Files\Analog Devices\SoundMAX\SMTray.exe (Analog Devices, Inc.)
O4 - HKLM..\Run: [smss32.exe] C:\WINDOWS\system32\smss32.exe (IpVOPqgs)
O4 - HKLM..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe (Sun Microsystems, Inc.)
O4 - HKCU..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe File not found
O4 - HKCU..\Run: [Google Update] C:\Documents and Settings\Administrator\Local Settings\Application Data\Google\Update\GoogleUpdate.exe (Google Inc.)
O4 - HKCU..\Run: [Internet Security 2010] C:\Program Files\InternetSecurity2010\IS2010.exe (Internet Security)
O4 - HKCU..\Run: [Reminder] C:\Program Files\Microsoft Money\System\REMINDER.EXE (Microsoft Corporation)
O4 - HKCU..\Run: [updateMgr] C:\Program Files\Adobe\Acrobat 7.0\Reader\AdobeUpdateManager.exe (Adobe Systems Incorporated)
O4 - HKCU..\Run: [Upromise Tray] C:\Program Files\Upromise\UpromiseTray.exe ()
O4 - HKCU..\Run: [Upromise Update] C:\Program Files\Upromise\dca-ua.exe (Compete Inc)
O4 - HKCU..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\wmpnscfg.exe (Microsoft Corporation)
O4 - HKCU..\Run: [XPAgent] C:\WINDOWS\System32\XPAgent.exe File not found
O4 - Startup: C:\Documents and Settings\Administrator\Start Menu\Programs\Startup\GoZone iSync.lnk = C:\Program Files\GoZone\GoZone_iSync.exe (Virgin HealthMiles Inc.)
O4 - Startup: C:\Documents and Settings\Administrator\Start Menu\Programs\Startup\HotSync Manager.lnk = C:\Program Files\Handspring\HOTSYNC.EXE (Palm Computing, Inc.)
O4 - Startup: C:\Documents and Settings\Administrator\Start Menu\Programs\Startup\OpenOffice.org 2.2.lnk = C:\Program Files\OpenOffice.org 2.2\program\quickstart.exe ()
O4 - Startup: C:\Documents and Settings\Administrator\Start Menu\Programs\Startup\Picture Motion Browser Media Check Tool.lnk = C:\Program Files\Sony\Sony Picture Utility\VolumeWatcher\SPUVolumeWatcher.exe (Sony Corporation)
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe (Adobe Systems Incorporated)
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\ImageMixer for HDD Camcorder.lnk = C:\Program Files\PIXELA\ImageMixer for HDD Camcorder\IMx3Launcher.exe (PIXELA CORPORATION)
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Kodak EasyShare software.lnk = C:\Program Files\Kodak\Kodak EasyShare software\bin\EasyShare.exe (Eastman Kodak Company)
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Microsoft Find Fast.lnk = C:\Program Files\Microsoft Office\FINDFAST.EXE ()
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office\OSA9.EXE (Microsoft Corporation)
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Office Startup.lnk = C:\Program Files\Microsoft Office\OSA.EXE ()
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Philips GoGear VIBE Device Manager.lnk = C:\Program Files\Philips\GoGear VIBE Device Manager\GoGear_Vibe_DeviceManager.exe (Philips)
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Snapfish PictureMover.lnk = C:\Program Files\Snapfish PictureMover\PictureMover.exe ()
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoSetActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoSetActiveDesktop = 1
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableTaskMgr = 1
O8 - Extra context menu item: Add to Google Photos Screensa&ver - C:\WINDOWS\System32\GPhotos.scr (Google Inc.)
O9 - Extra Button: Upromise TurboSaver - {06E58E5E-F8CB-4049-991E-A41C03BD419E} - C:\Program Files\Upromise\upromisetoolbar.dll (Upromise, Inc.)
O9 - Extra 'Tools' menuitem : Upromise TurboSaver - {06E58E5E-F8CB-4049-991E-A41C03BD419E} - C:\Program Files\Upromise\upromisetoolbar.dll (Upromise, Inc.)
O9 - Extra 'Tools' menuitem : Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\npjpi160_07.dll (Sun Microsystems, Inc.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O10 - Protocol_Catalog9\Catalog_Entries\000000000001 - C:\WINDOWS\System32\helper32.dll ()
O10 - Protocol_Catalog9\Catalog_Entries\000000000019 - C:\WINDOWS\System32\helper32.dll ()
O15 - HKLM\..Trusted Domains: 1 domain(s) and sub-domain(s) not assigned to a zone.
O15 - HKCU\..Trusted Domains: e-rewards.com ([www] https in Trusted sites)
O15 - HKCU\..Trusted Domains: turbotax.com ([]https in Trusted sites)
O15 - HKCU\..Trusted Domains: 1 domain(s) and sub-domain(s) not assigned to a zone.
O16 - DPF: {0C92900E-4D5A-4F04-ACC9-729E1767BBAE} [You must be registered and logged in to see this link.] (Image Uploader Control)
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} [You must be registered and logged in to see this link.] (Windows Genuine Advantage Validation Tool)
O16 - DPF: {1E2941E3-8E63-11D4-9D5A-00902742D6E0} [You must be registered and logged in to see this link.] (iNotes Class)
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} C:\Program Files\Yahoo!\Common\Yinsthelper.dll (Installation Support)
O16 - DPF: {3BFFE033-BF43-11D5-A271-00A024A51325} [You must be registered and logged in to see this link.] (iNotes6 Class)
O16 - DPF: {406B5949-7190-4245-91A9-30A17DE16AD0} [You must be registered and logged in to see this link.] (Snapfish Activia)
O16 - DPF: {895D1291-D5BD-4982-BA84-AD11D29C1D6A} [You must be registered and logged in to see this link.] (Image Uploader Control)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} [You must be registered and logged in to see this link.] (Java Plug-in 1.6.0_07)
O16 - DPF: {9600F64D-755F-11D4-A47F-0001023E6D5A} [You must be registered and logged in to see this link.] (Shutterfly Picture Upload Plugin)
O16 - DPF: {AE6C4705-0F11-4ACB-BDD4-37F138BEF289} [You must be registered and logged in to see this link.] (Image Uploader Control)
O16 - DPF: {CAFEEFAC-0015-0000-0000-ABCDEFFEDCBA} [You must be registered and logged in to see this link.] (Java Plug-in 1.5.0)
O16 - DPF: {CAFEEFAC-0016-0000-0000-ABCDEFFEDCBA} [You must be registered and logged in to see this link.] (Java Plug-in 1.6.0)
O16 - DPF: {CAFEEFAC-0016-0000-0001-ABCDEFFEDCBA} [You must be registered and logged in to see this link.] (Java Plug-in 1.6.0_01)
O16 - DPF: {CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA} [You must be registered and logged in to see this link.] (Java Plug-in 1.6.0_07)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} [You must be registered and logged in to see this link.] (Java Plug-in 1.6.0_07)
O16 - DPF: {CF40ACC5-E1BB-4AFF-AC72-04C2F616BCA7} [You must be registered and logged in to see this link.] (get_atlcom Class)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} [You must be registered and logged in to see this link.] (Shockwave Flash Object)
O16 - DPF: {F127B9BA-89EA-4B04-9C67-2074A9DF61FD} [You must be registered and logged in to see this link.] (Photo Upload Plugin Class)
O16 - DPF: Microsoft XML Parser for Java [You must be registered and logged in to see this link.] (Reg Error: Key error.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 68.94.156.1 68.94.157.1
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\WINDOWS\system32\winlogon32.exe) - C:\WINDOWS\system32\winlogon32.exe (IpVOPqgs)
O20 - Winlogon\Notify\igfxcui: DllName - igfxsrvc.dll - C:\WINDOWS\System32\igfxsrvc.dll (Intel Corporation)
O24 - Desktop WallPaper:
O24 - Desktop BackupWallPaper: C:\Documents and Settings\Administrator\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O32 - HKLM CDRom: AutoRun - 1
O33 - MountPoints2\{37ceba36-8d7a-11dc-bc87-000c41f04185}\Shell\AutoRun\command - "" = F:\JDSecure\Windows\JDSecure31.exe -- File not found
O33 - MountPoints2\{fdd7fc96-e9db-11de-be7c-000c41f04185}\Shell - "" = AutoRun
O33 - MountPoints2\{fdd7fc96-e9db-11de-be7c-000c41f04185}\Shell\AutoRun - "" = Auto&Play
O33 - MountPoints2\{fdd7fc96-e9db-11de-be7c-000c41f04185}\Shell\AutoRun\command - "" = G:\PhotoViewer.exe -- File not found
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35 - comfile [open] -- "%1" %*
O35 - exefile [open] -- "%1" %*

========== Files/Folders - Created Within 30 Days ==========

[2010/01/24 10:20:09 | 00,000,000 | ---D | C] -- C:\Program Files\TrendMicro
[2010/01/24 09:49:54 | 00,000,000 | ---D | C] -- C:\Program Files\InternetSecurity2010
[2010/01/23 22:08:56 | 00,000,000 | ---D | M] -- C:\Documents and Settings\NetworkService\Local Settings\Application Data\Microsoft
[2010/01/23 22:08:56 | 00,000,000 | ---D | M] -- C:\Documents and Settings\LocalService\Local Settings\Application Data\Microsoft
[2010/01/23 22:08:55 | 00,000,000 | --SD | M] -- C:\Documents and Settings\NetworkService\Application Data\Microsoft
[2010/01/23 22:08:55 | 00,000,000 | --SD | M] -- C:\Documents and Settings\LocalService\Application Data\Microsoft
[2010/01/23 18:13:34 | 00,020,480 | ---- | C] (IpVOPqgs) -- C:\WINDOWS\System32\winlogon32.exe
[2010/01/23 18:13:34 | 00,020,480 | ---- | C] (IpVOPqgs) -- C:\WINDOWS\System32\smss32.exe
[2010/01/12 19:12:18 | 00,471,552 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\aclayers.dll
[2009/12/30 19:47:29 | 00,005,504 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mstee.sys
[2009/12/30 19:44:38 | 00,010,880 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ndisip.sys
[2009/12/30 19:44:28 | 00,015,232 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\streamip.sys
[2009/12/30 19:44:27 | 00,016,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\ipsink.ax
[2009/12/30 19:44:27 | 00,016,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ipsink.ax
[2009/12/30 19:44:21 | 00,011,136 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\slip.sys
[2009/12/30 19:44:14 | 00,019,200 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wstcodec.sys
[2009/12/30 19:44:09 | 00,085,248 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\nabtsfec.sys
[2009/12/30 19:44:03 | 00,017,024 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ccdecode.sys
[2009/12/30 19:43:24 | 00,053,760 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\vfwwdm32.dll
[2009/12/30 19:43:24 | 00,053,760 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\vfwwdm32.dll
[2009/12/30 19:43:24 | 00,043,008 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\ksxbar.ax
[2009/12/30 19:43:24 | 00,043,008 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ksxbar.ax
[2009/12/30 19:43:23 | 00,091,136 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kswdmcap.ax
[2009/12/30 19:43:23 | 00,091,136 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kswdmcap.ax
[2009/12/30 19:43:23 | 00,061,952 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kstvtune.ax
[2009/12/30 19:43:23 | 00,061,952 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kstvtune.ax
[2009/12/30 19:42:43 | 00,037,760 | ---- | C] (Service & Quality Technology.) -- C:\WINDOWS\System32\drivers\Capt905c.sys
[2009/12/30 19:42:43 | 00,025,216 | ---- | C] (Service & Quality Technology.) -- C:\WINDOWS\System32\drivers\Camd905c.sys
[2009/12/30 19:42:37 | 00,000,000 | ---D | C] -- C:\Program Files\DB CIF Cam
[2009/12/30 19:41:30 | 00,000,000 | ---D | C] -- C:\Program Files\Disney Pix Micro Downloader
[2009/12/30 18:57:52 | 00,000,000 | ---D | C] -- C:\Program Files\Disney Pix 2.2
[2009/12/27 14:17:06 | 00,000,000 | ---D | C] -- C:\Program Files\Common Files\Wise Installation Wizard
[2008/12/05 14:35:07 | 00,000,000 | ---D | M] -- C:\Documents and Settings\LocalService\Local Settings\Application Data\Google
[2007/08/28 13:55:02 | 00,000,000 | ---D | M] -- C:\Documents and Settings\NetworkService\Local Settings\Application Data\Apple
[2005/11/22 21:38:06 | 20,921,040 | ---- | C] ( ) -- C:\Program Files\AdbeRdr705_enu_full.exe
[2005/09/12 20:21:12 | 00,000,000 | ---D | M] -- C:\Documents and Settings\NetworkService\Application Data\Symantec
[4 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
[1 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2010/01/24 20:14:21 | 00,000,000 | ---- | M] () -- C:\WINDOWS\System32\41.exe
[2010/01/24 20:14:17 | 00,002,931 | ---- | M] () -- C:\WINDOWS\System32\warning.html
[2010/01/24 20:14:01 | 00,001,158 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2010/01/24 20:13:30 | 00,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2010/01/24 20:12:19 | 00,000,006 | -H-- | M] () -- C:\WINDOWS\tasks\SA.DAT
[2010/01/24 20:10:49 | 04,718,592 | -H-- | M] () -- C:\Documents and Settings\Administrator\ntuser.dat
[2010/01/24 20:10:49 | 00,000,178 | -HS- | M] () -- C:\Documents and Settings\Administrator\ntuser.ini
[2010/01/24 20:07:17 | 00,001,010 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-421591467-158189010-1035158585-500UA.job
[2010/01/24 20:06:52 | 00,000,631 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\ImageMixer destination folder.lnk
[2010/01/24 20:04:21 | 00,001,280 | ---- | M] () -- C:\AClient.cfg
[2010/01/24 18:15:54 | 00,000,438 | -H-- | M] () -- C:\WINDOWS\tasks\User_Feed_Synchronization-{A599B464-9115-4E09-AE36-54CBFCC55CA5}.job
[2010/01/24 14:32:59 | 00,000,000 | ---- | M] () -- C:\WINDOWS\System32\19169.exe
[2010/01/24 14:24:32 | 00,039,363 | ---- | M] () -- C:\Documents and Settings\Administrator\My Documents\10ALAuction.ods
[2010/01/24 14:24:24 | 00,043,442 | ---- | M] () -- C:\Documents and Settings\Administrator\My Documents\10NLAuction.ods
[2010/01/24 14:12:58 | 00,000,000 | ---- | M] () -- C:\WINDOWS\System32\26500.exe
[2010/01/24 13:52:58 | 00,000,000 | ---- | M] () -- C:\WINDOWS\System32\6334.exe
[2010/01/24 13:32:58 | 00,000,000 | ---- | M] () -- C:\WINDOWS\System32\18467.exe
[2010/01/24 10:03:24 | 03,952,746 | -H-- | M] () -- C:\Documents and Settings\Administrator\Local Settings\Application Data\IconCache.db
[2010/01/23 22:00:35 | 00,000,000 | ---- | M] () -- C:\WINDOWS\System32\28145.exe
[2010/01/23 21:40:25 | 00,000,000 | ---- | M] () -- C:\WINDOWS\System32\5705.exe
[2010/01/23 21:20:16 | 00,000,000 | ---- | M] () -- C:\WINDOWS\System32\24464.exe
[2010/01/23 21:00:12 | 00,000,000 | ---- | M] () -- C:\WINDOWS\System32\26962.exe
[2010/01/23 20:39:47 | 00,000,000 | ---- | M] () -- C:\WINDOWS\System32\29358.exe
[2010/01/23 20:26:07 | 00,004,806 | -H-- | M] () -- C:\ffastun.ffa
[2010/01/23 20:26:06 | 00,315,392 | -H-- | M] () -- C:\ffastun.ffo
[2010/01/23 20:25:58 | 02,797,568 | -H-- | M] () -- C:\ffastun0.ffx
[2010/01/23 20:25:58 | 01,671,168 | -H-- | M] () -- C:\ffastun.ffl
[2010/01/23 20:19:32 | 00,000,000 | ---- | M] () -- C:\WINDOWS\System32\11478.exe
[2010/01/23 19:59:31 | 00,000,000 | ---- | M] () -- C:\WINDOWS\System32\15724.exe
[2010/01/23 18:18:47 | 00,018,432 | ---- | M] () -- C:\WINDOWS\System32\helper32.dll
[2010/01/23 18:13:36 | 00,000,001 | ---- | M] () -- C:\s
[2010/01/23 18:13:31 | 00,020,480 | ---- | M] (IpVOPqgs) -- C:\WINDOWS\System32\winlogon32.exe
[2010/01/23 18:13:31 | 00,020,480 | ---- | M] (IpVOPqgs) -- C:\WINDOWS\System32\smss32.exe
[2010/01/22 23:14:27 | 00,026,624 | ---- | M] () -- C:\Documents and Settings\Administrator\My Documents\012210lnnchoop.doc
[2010/01/22 22:16:52 | 00,002,473 | ---- | M] () -- C:\Documents and Settings\Administrator\Desktop\Microsoft Word.lnk
[2010/01/21 19:15:40 | 00,002,137 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\iTunes.lnk
[2010/01/19 08:07:33 | 00,000,638 | ---- | M] () -- C:\WINDOWS\tasks\Norton Internet Security - Run Full System Scan - Administrator.job
[2010/01/19 04:07:04 | 00,000,958 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-421591467-158189010-1035158585-500Core.job
[2010/01/13 03:07:50 | 00,001,374 | ---- | M] () -- C:\WINDOWS\imsins.BAK
[2010/01/11 12:12:41 | 00,000,284 | ---- | M] () -- C:\WINDOWS\tasks\AppleSoftwareUpdate.job
[2009/12/30 19:42:45 | 00,000,531 | ---- | M] () -- C:\WINDOWS\win.ini
[2009/12/30 19:41:57 | 00,000,949 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Disney Pix Micro Downloader.lnk
[2009/12/30 19:01:07 | 00,000,734 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Disney Pix 2.lnk
[4 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
[1 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]

========== Files Created - No Company Name ==========

[2010/01/24 20:14:17 | 00,002,931 | ---- | C] () -- C:\WINDOWS\System32\warning.html
[2010/01/24 20:06:43 | 00,000,000 | ---- | C] () -- C:\WINDOWS\System32\41.exe
[2010/01/23 22:00:35 | 00,000,000 | ---- | C] () -- C:\WINDOWS\System32\28145.exe
[2010/01/23 21:40:25 | 00,000,000 | ---- | C] () -- C:\WINDOWS\System32\5705.exe
[2010/01/23 21:20:16 | 00,000,000 | ---- | C] () -- C:\WINDOWS\System32\24464.exe
[2010/01/23 21:00:12 | 00,000,000 | ---- | C] () -- C:\WINDOWS\System32\26962.exe
[2010/01/23 20:39:47 | 00,000,000 | ---- | C] () -- C:\WINDOWS\System32\29358.exe
[2010/01/23 20:19:32 | 00,000,000 | ---- | C] () -- C:\WINDOWS\System32\11478.exe
[2010/01/23 19:59:31 | 00,000,000 | ---- | C] () -- C:\WINDOWS\System32\15724.exe
[2010/01/23 19:39:28 | 00,000,000 | ---- | C] () -- C:\WINDOWS\System32\19169.exe
[2010/01/23 19:19:25 | 00,000,000 | ---- | C] () -- C:\WINDOWS\System32\26500.exe
[2010/01/23 18:59:21 | 00,000,000 | ---- | C] () -- C:\WINDOWS\System32\6334.exe
[2010/01/23 18:39:18 | 00,000,000 | ---- | C] () -- C:\WINDOWS\System32\18467.exe
[2010/01/23 18:18:47 | 00,018,432 | ---- | C] () -- C:\WINDOWS\System32\helper32.dll
[2010/01/23 18:13:36 | 00,000,001 | ---- | C] () -- C:\s
[2010/01/22 22:49:17 | 00,026,624 | ---- | C] () -- C:\Documents and Settings\Administrator\My Documents\012210lnnchoop.doc
[2009/12/30 19:41:57 | 00,000,949 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Disney Pix Micro Downloader.lnk
[2009/12/30 19:01:07 | 00,000,734 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Disney Pix 2.lnk
[2009/10/10 12:47:16 | 00,000,000 | ---- | C] () -- C:\WINDOWS\OPPRIN~1.INI
[2008/09/08 18:49:25 | 00,053,760 | ---- | C] () -- C:\WINDOWS\System32\Zlib.dll
[2008/04/07 15:48:10 | 00,003,654 | ---- | C] () -- C:\WINDOWS\System32\drivers\Sonyhcp.dll
[2008/01/26 15:34:55 | 00,000,812 | ---- | C] () -- C:\WINDOWS\ka.ini
[2007/11/07 16:41:53 | 00,000,000 | ---- | C] () -- C:\WINDOWS\JDSecure31.INI
[2007/11/07 16:41:49 | 00,061,440 | ---- | C] () -- C:\WINDOWS\System32\LxrJD20Sat.dll
[2007/11/07 16:41:48 | 00,249,856 | ---- | C] () -- C:\WINDOWS\System32\LxrJD31.dll
[2007/11/07 16:41:48 | 00,069,824 | ---- | C] () -- C:\WINDOWS\System32\drivers\LxrJD31d.sys
[2007/10/03 10:19:23 | 00,000,069 | ---- | C] () -- C:\WINDOWS\NeroDigital.ini
[2006/11/06 21:34:57 | 00,001,747 | ---- | C] () -- C:\Documents and Settings\All Users\Application Data\QTSBandwidthCache
[2006/04/30 19:21:38 | 00,000,109 | ---- | C] () -- C:\WINDOWS\webica.ini
[2006/03/24 14:09:50 | 00,972,800 | ---- | C] () -- C:\Program Files\PECOTA_03_21_2006.xls
[2006/02/05 12:32:58 | 00,674,304 | ---- | C] () -- C:\Program Files\PECOTA_01_25_2006.xls
[2006/01/19 10:32:48 | 00,029,696 | ---- | C] () -- C:\Program Files\ALOF_1_.xlr
[2006/01/18 18:25:29 | 00,024,064 | ---- | C] () -- C:\Program Files\ALC.xls
[2006/01/18 18:22:47 | 00,000,893 | ---- | C] () -- C:\WINDOWS\wizards.ini
[2005/11/10 00:27:46 | 42,068,374 | ---- | C] () -- C:\Program Files\NIS06900_2YR.exe
[2005/09/25 11:29:47 | 00,007,812 | ---- | C] () -- C:\WINDOWS\System32\visorusb.dll
[2005/09/24 09:01:28 | 00,098,304 | ---- | C] () -- C:\Documents and Settings\Administrator\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2005/09/23 14:21:06 | 00,000,061 | ---- | C] () -- C:\WINDOWS\ma_Tales.ini
[2005/09/23 14:20:39 | 00,012,074 | ---- | C] () -- C:\WINDOWS\MA_BB.INI
[2005/09/16 09:08:41 | 00,000,113 | ---- | C] () -- C:\WINDOWS\WININIT.INI
[2005/09/13 01:27:13 | 00,000,063 | ---- | C] () -- C:\WINDOWS\mdm.ini
[2005/09/13 01:00:22 | 00,000,376 | ---- | C] () -- C:\WINDOWS\ODBC.INI
[2005/09/12 20:58:01 | 00,040,960 | ---- | C] () -- C:\WINDOWS\System32\IsUser11b.dll
[2005/09/08 22:06:04 | 00,065,536 | ---- | C] () -- C:\WINDOWS\System32\YCRWin32.dll
[2005/08/31 11:43:32 | 00,098,304 | ---- | C] () -- C:\WINDOWS\System32\resourceGeneric.dll
[2005/08/03 13:01:23 | 00,000,061 | ---- | C] () -- C:\WINDOWS\smscfg.ini
[2005/08/03 12:53:02 | 00,049,152 | ---- | C] () -- C:\WINDOWS\EAKUSB.dll
[2005/08/03 12:53:02 | 00,024,576 | ---- | C] () -- C:\WINDOWS\MAKHkdll.dll
[2005/08/03 12:51:10 | 00,000,044 | ---- | C] () -- C:\WINDOWS\System32\msssc.dll
[2003/07/14 14:30:28 | 00,197,120 | ---- | C] () -- C:\WINDOWS\patchw32.dll
[2002/05/08 04:12:22 | 00,001,065 | ---- | C] () -- C:\WINDOWS\System32\oeminfo.ini
[1998/05/14 00:00:00 | 00,116,736 | ---- | C] () -- C:\WINDOWS\System32\PCDLIB32.DLL
[1997/11/10 15:18:48 | 00,010,240 | ---- | C] () -- C:\WINDOWS\System32\vidx16.dll
[1997/08/19 00:00:00 | 00,022,016 | ---- | C] () -- C:\WINDOWS\System32\DOCOBJ.DLL
[1997/08/19 00:00:00 | 00,012,288 | ---- | C] () -- C:\WINDOWS\System32\HLINKPRX.DLL
< End of report >
[2010/01/24 20:16:26 | 00,000,000 | ---D | M] -- C:\Program Files\Mozilla Firefox
[2010/01/24 20:14:17 | 00,002,931 | ---- | M] () -- C:\WINDOWS\System32\warning.html
[2010/01/24 20:14:01 | 00,001,158 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2010/01/24 20:13:30 | 00,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2010/01/24 20:12:19 | 00,000,006 | -H-- | M] () -- C:\WINDOWS\tasks\SA.DAT
[2010/01/24 20:10:49 | 04,718,592 | -H-- | M] () -- C:\Documents and Settings\Administrator\ntuser.dat
[2010/01/24 20:10:49 | 00,000,178 | -HS- | M] () -- C:\Documents and Settings\Administrator\ntuser.ini
[2010/01/24 20:10:42 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Application Data\OpenOffice.org2
[2010/01/24 20:07:17 | 00,001,010 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-421591467-158189010-1035158585-500UA.job
[2010/01/24 20:06:52 | 00,000,631 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\ImageMixer destination folder.lnk
[2010/01/24 18:15:54 | 00,000,438 | -H-- | M] () -- C:\WINDOWS\tasks\User_Feed_Synchronization-{A599B464-9115-4E09-AE36-54CBFCC55CA5}.job
[2010/01/24 14:24:32 | 00,039,363 | ---- | M] () -- C:\Documents and Settings\Administrator\My Documents\10ALAuction.ods
[2010/01/24 14:24:24 | 00,043,442 | ---- | M] () -- C:\Documents and Settings\Administrator\My Documents\10NLAuction.ods
[2010/01/24 10:20:09 | 00,000,000 | ---D | M] -- C:\Program Files\TrendMicro
[2010/01/24 10:03:24 | 03,952,746 | -H-- | M] () -- C:\Documents and Settings\Administrator\Local Settings\Application Data\IconCache.db
[2010/01/24 09:49:54 | 00,000,000 | ---D | M] -- C:\Program Files\InternetSecurity2010
[2010/01/23 22:08:56 | 00,000,000 | ---D | M] -- C:\Documents and Settings\NetworkService\Local Settings\Application Data\Microsoft
[2010/01/23 22:08:56 | 00,000,000 | ---D | M] -- C:\Documents and Settings\LocalService\Local Settings\Application Data\Microsoft
[2010/01/23 22:08:56 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Local Settings\Application Data\Microsoft
[2010/01/23 22:08:55 | 00,000,000 | --SD | M] -- C:\Documents and Settings\NetworkService\Application Data\Microsoft
[2010/01/23 22:08:55 | 00,000,000 | --SD | M] -- C:\Documents and Settings\LocalService\Application Data\Microsoft
[2010/01/23 22:08:55 | 00,000,000 | --SD | M] -- C:\Documents and Settings\Administrator\Application Data\Microsoft
[2010/01/23 22:07:01 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\avg8
[2010/01/23 21:00:11 | 00,000,000 | ---D | M] -- C:\Program Files\Common Files\Symantec Shared
[2010/01/23 18:18:47 | 00,018,432 | ---- | M] () -- C:\WINDOWS\System32\helper32.dll
[2010/01/23 18:13:31 | 00,020,480 | ---- | M] (IpVOPqgs) -- C:\WINDOWS\System32\winlogon32.exe
[2010/01/23 18:13:31 | 00,020,480 | ---- | M] (IpVOPqgs) -- C:\WINDOWS\System32\smss32.exe
[2010/01/22 23:14:27 | 00,026,624 | ---- | M] () -- C:\Documents and Settings\Administrator\My Documents\012210lnnchoop.doc
[2010/01/22 22:16:52 | 00,002,473 | ---- | M] () -- C:\Documents and Settings\Administrator\Desktop\Microsoft Word.lnk
[2010/01/21 19:58:58 | 00,000,000 | ---D | M] -- C:\Program Files\Internet Explorer
[2010/01/21 19:22:33 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Local Settings\Application Data\Apple Computer
[2010/01/21 19:15:40 | 00,002,137 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\iTunes.lnk
[2010/01/19 08:07:33 | 00,000,638 | ---- | M] () -- C:\WINDOWS\tasks\Norton Internet Security - Run Full System Scan - Administrator.job
[2010/01/19 04:07:04 | 00,000,958 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-421591467-158189010-1035158585-500Core.job
[2010/01/13 03:07:50 | 00,001,374 | ---- | M] () -- C:\WINDOWS\imsins.BAK
[2010/01/12 19:01:27 | 00,000,000 | ---D | M] -- C:\Program Files\Aclient
[2010/01/12 18:59:34 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Symantec
[2010/01/11 12:12:41 | 00,000,284 | ---- | M] () -- C:\WINDOWS\tasks\AppleSoftwareUpdate.job
[2009/12/30 19:42:45 | 00,000,531 | ---- | M] () -- C:\WINDOWS\win.ini
[2009/12/30 19:41:57 | 00,000,949 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Disney Pix Micro Downloader.lnk
[2009/12/30 19:01:07 | 00,000,734 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Disney Pix 2.lnk
[2009/11/15 19:54:16 | 00,098,304 | ---- | M] () -- C:\Documents and Settings\Administrator\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2009/09/15 06:38:15 | 00,027,944 | ---- | M] () -- C:\Documents and Settings\Administrator\Local Settings\Application Data\GDIPFONTCACHEV1.DAT
[2008/12/05 14:35:07 | 00,000,000 | ---D | M] -- C:\Documents and Settings\LocalService\Local Settings\Application Data\Google
[2007/08/28 13:55:02 | 00,000,000 | ---D | M] -- C:\Documents and Settings\NetworkService\Local Settings\Application Data\Apple
[2006/11/06 21:34:57 | 00,001,747 | ---- | M] () -- C:\Documents and Settings\All Users\Application Data\QTSBandwidthCache
[2006/09/25 23:01:04 | 00,972,800 | ---- | M] () -- C:\Program Files\PECOTA_03_21_2006.xls
[2006/06/29 13:58:52 | 00,030,808 | ---- | M] () -- C:\WINDOWS\Fonts\GlobalUserInterface.CompositeFont
[2006/06/29 13:53:56 | 00,026,489 | ---- | M] () -- C:\WINDOWS\Fonts\GlobalSansSerif.CompositeFont
[2006/04/18 14:39:28 | 00,029,779 | ---- | M] () -- C:\WINDOWS\Fonts\GlobalSerif.CompositeFont
[2006/04/18 14:39:28 | 00,026,040 | ---- | M] () -- C:\WINDOWS\Fonts\GlobalMonospace.CompositeFont
[2006/02/05 12:33:01 | 00,674,304 | ---- | M] () -- C:\Program Files\PECOTA_01_25_2006.xls
[2006/01/19 10:32:48 | 00,029,696 | ---- | M] () -- C:\Program Files\ALOF_1_.xlr
[2006/01/18 18:25:38 | 00,024,064 | ---- | M] () -- C:\Program Files\ALC.xls
[2005/11/22 21:40:14 | 20,921,040 | ---- | M] ( ) -- C:\Program Files\AdbeRdr705_enu_full.exe
[2005/11/10 00:27:47 | 42,068,374 | ---- | M] () -- C:\Program Files\NIS06900_2YR.exe
[2005/09/12 20:21:12 | 00,000,000 | ---D | M] -- C:\Documents and Settings\NetworkService\Application Data\Symantec
[2004/08/09 01:21:18 | 00,000,062 | -HS- | M] () -- C:\Documents and Settings\All Users\Application Data\desktop.ini
[2004/08/09 01:21:18 | 00,000,062 | -HS- | M] () -- C:\Documents and Settings\Administrator\Application Data\desktop.ini
[1 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2010/01/24 20:14:21 | 00,000,000 | ---- | M] () -- C:\WINDOWS\System32\41.exe
[2010/01/24 20:14:17 | 00,002,931 | ---- | M] () -- C:\WINDOWS\System32\warning.html
[2010/01/24 20:14:01 | 00,001,158 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2010/01/24 20:13:30 | 00,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2010/01/24 20:12:19 | 00,000,006 | -H-- | M] () -- C:\WINDOWS\tasks\SA.DAT
[2010/01/24 20:10:49 | 04,718,592 | -H-- | M] () -- C:\Documents and Settings\Administrator\ntuser.dat
[2010/01/24 20:10:49 | 00,000,178 | -HS- | M] () -- C:\Documents and Settings\Administrator\ntuser.ini
[2010/01/24 20:07:17 | 00,001,010 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-421591467-158189010-1035158585-500UA.job
[2010/01/24 20:06:52 | 00,000,631 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\ImageMixer destination folder.lnk
[2010/01/24 20:04:21 | 00,001,280 | ---- | M] () -- C:\AClient.cfg
[2010/01/24 18:15:54 | 00,000,438 | -H-- | M] () -- C:\WINDOWS\tasks\User_Feed_Synchronization-{A599B464-9115-4E09-AE36-54CBFCC55CA5}.job
[2010/01/24 14:32:59 | 00,000,000 | ---- | M] () -- C:\WINDOWS\System32\19169.exe
[2010/01/24 14:24:32 | 00,039,363 | ---- | M] () -- C:\Documents and Settings\Administrator\My Documents\10ALAuction.ods
[2010/01/24 14:24:24 | 00,043,442 | ---- | M] () -- C:\Documents and Settings\Administrator\My Documents\10NLAuction.ods
[2010/01/24 14:12:58 | 00,000,000 | ---- | M] () -- C:\WINDOWS\System32\26500.exe
[2010/01/24 13:52:58 | 00,000,000 | ---- | M] () -- C:\WINDOWS\System32\6334.exe
[2010/01/24 13:32:58 | 00,000,000 | ---- | M] () -- C:\WINDOWS\System32\18467.exe
[2010/01/24 10:03:24 | 03,952,746 | -H-- | M] () -- C:\Documents and Settings\Administrator\Local Settings\Application Data\IconCache.db
[2010/01/23 22:00:35 | 00,000,000 | ---- | M] () -- C:\WINDOWS\System32\28145.exe
[2010/01/23 21:40:25 | 00,000,000 | ---- | M] () -- C:\WINDOWS\System32\5705.exe
[2010/01/23 21:20:16 | 00,000,000 | ---- | M] () -- C:\WINDOWS\System32\24464.exe
[2010/01/23 21:00:12 | 00,000,000 | ---- | M] () -- C:\WINDOWS\System32\26962.exe
[2010/01/23 20:39:47 | 00,000,000 | ---- | M] () -- C:\WINDOWS\System32\29358.exe
[2010/01/23 20:26:07 | 00,004,806 | -H-- | M] () -- C:\ffastun.ffa
[2010/01/23 20:26:06 | 00,315,392 | -H-- | M] () -- C:\ffastun.ffo
[2010/01/23 20:25:58 | 02,797,568 | -H-- | M] () -- C:\ffastun0.ffx
[2010/01/23 20:25:58 | 01,671,168 | -H-- | M] () -- C:\ffastun.ffl
[2010/01/23 20:19:32 | 00,000,000 | ---- | M] () -- C:\WINDOWS\System32\11478.exe
[2010/01/23 19:59:31 | 00,000,000 | ---- | M] () -- C:\WINDOWS\System32\15724.exe
[2010/01/23 18:18:47 | 00,018,432 | ---- | M] () -- C:\WINDOWS\System32\helper32.dll
[2010/01/23 18:13:36 | 00,000,001 | ---- | M] () -- C:\s
[2010/01/23 18:13:31 | 00,020,480 | ---- | M] (IpVOPqgs) -- C:\WINDOWS\System32\winlogon32.exe
[2010/01/23 18:13:31 | 00,020,480 | ---- | M] (IpVOPqgs) -- C:\WINDOWS\System32\smss32.exe
[2010/01/22 23:14:27 | 00,026,624 | ---- | M] () -- C:\Documents and Settings\Administrator\My Documents\012210lnnchoop.doc
[2010/01/22 22:16:52 | 00,002,473 | ---- | M] () -- C:\Documents and Settings\Administrator\Desktop\Microsoft Word.lnk
[2010/01/21 19:15:40 | 00,002,137 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\iTunes.lnk
[2010/01/19 08:07:33 | 00,000,638 | ---- | M] () -- C:\WINDOWS\tasks\Norton Internet Security - Run Full System Scan - Administrator.job
[2010/01/19 04:07:04 | 00,000,958 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-421591467-158189010-1035158585-500Core.job
[2010/01/13 03:07:50 | 00,001,374 | ---- | M] () -- C:\WINDOWS\imsins.BAK
[2010/01/11 12:12:41 | 00,000,284 | ---- | M] () -- C:\WINDOWS\tasks\AppleSoftwareUpdate.job
[2009/12/30 19:42:45 | 00,000,531 | ---- | M] () -- C:\WINDOWS\win.ini
[2009/12/30 19:41:57 | 00,000,949 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Disney Pix Micro Downloader.lnk
[2009/12/30 19:01:07 | 00,000,734 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Disney Pix 2.lnk
[4 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
[1 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]

< End of report >
SRV - File not found [Disabled | Stopped] -- -- (NMIndexingService)
SRV - File not found [Auto | Stopped] -- -- ($sys$DRMServer)
SRV - [2009/10/28 20:21:14 | 00,545,568 | ---- | M] (Apple Inc.) [On_Demand | Stopped] -- C:\Program Files\iPod\bin\iPodService.exe -- (iPod Service)
SRV - [2009/09/28 08:42:50 | 00,109,056 | ---- | M] (ArcSoft Inc.) [Auto | Stopped] -- C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACService.exe -- (ACDaemon)
SRV - [2009/06/05 10:48:14 | 00,144,712 | ---- | M] (Apple Inc.) [Auto | Stopped] -- C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe -- (Apple Mobile Device)
SRV - [2008/12/12 11:17:38 | 00,238,888 | ---- | M] (Apple Inc.) [Auto | Stopped] -- C:\Program Files\Bonjour\mDNSResponder.exe -- (Bonjour Service)
SRV - [2008/10/17 14:52:10 | 00,149,352 | ---- | M] (Symantec Corporation) [Auto | Stopped] -- C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe -- (LiveUpdate Notice)
SRV - [2008/10/17 14:52:10 | 00,149,352 | ---- | M] (Symantec Corporation) [Auto | Stopped] -- C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe -- (CLTNetCnService)
SRV - [2008/10/17 14:52:10 | 00,149,352 | ---- | M] (Symantec Corporation) [Auto | Stopped] -- C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe -- (ccSetMgr)
SRV - [2008/10/17 14:52:10 | 00,149,352 | ---- | M] (Symantec Corporation) [Auto | Stopped] -- C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe -- (ccEvtMgr)
SRV - [2008/10/10 05:45:26 | 00,013,088 | ---- | M] (Intuit Inc.) [Auto | Stopped] -- C:\Program Files\Common Files\Intuit\Update Service\IntuitUpdateService.exe -- (IntuitUpdateService)
SRV - [2008/01/23 15:59:05 | 01,251,720 | ---- | M] () [On_Demand | Stopped] -- C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe -- (Symantec Core LC)
SRV - [2007/11/07 16:41:48 | 00,071,168 | ---- | M] () [Auto | Stopped] -- C:\WINDOWS\System32\LxrJD31s.exe -- (LxrJD31s)
SRV - [2007/08/31 10:49:50 | 00,243,064 | ---- | M] (Symantec Corporation) [Auto | Stopped] -- C:\Program Files\Symantec\LiveUpdate\AluSchedulerSvc.exe -- (Automatic LiveUpdate Scheduler)
SRV - [2007/08/23 15:35:22 | 03,192,184 | ---- | M] (Symantec Corporation) [On_Demand | Stopped] -- C:\Program Files\Symantec\LiveUpdate\LuComServer_3_4.EXE -- (LiveUpdate)
SRV - [2007/08/22 02:21:30 | 00,055,640 | ---- | M] (Symantec Corporation) [On_Demand | Stopped] -- C:\Program Files\Common Files\Symantec Shared\VAScanner\comHost.exe -- (comHost)
SRV - [2007/01/03 20:40:21 | 00,136,120 | ---- | M] (Google) [On_Demand | Stopped] -- C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe -- (gusvc)
SRV - [2004/10/07 09:42:57 | 00,167,936 | ---- | M] () [Auto | Stopped] -- C:\WINDOWS\CDProxyServ.exe -- (CD_Proxy)
SRV - [2004/08/23 08:31:34 | 04,845,644 | ---- | M] (Altiris, Inc.) [Auto | Stopped] -- C:\Program Files\Aclient\AClient.exe -- (AClient)
SRV - [2002/09/20 17:50:10 | 00,045,056 | ---- | M] (Analog Devices, Inc.) [Auto | Stopped] -- C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe -- (SoundMAX Agent Service (default))

nstnewell
Novice
Novice

Posts Posts : 11
Joined Joined : 2010-01-24
OS OS : Windows XP
Points Points : 25233
# Likes # Likes : 0

View user profile

Back to top Go down

Re: Internet Security 2010

Post by nstnewell on Mon Jan 25, 2010 1:52 am

Part 2

========== Driver Services (SafeList) ==========

DRV - [2009/11/19 22:02:58 | 00,268,664 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Stopped] -- C:\Program Files\Common Files\Symantec Shared\SymcData\ipsdefs\20100119.001\SymIDSCo.sys -- (SYMIDSCO)
DRV - [2009/08/28 18:42:52 | 00,040,448 | ---- | M] (Apple, Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\usbaapl.sys -- (USBAAPL)
DRV - [2009/08/27 03:00:00 | 00,371,248 | ---- | M] (Symantec Corporation) [Kernel | System | Stopped] -- C:\Program Files\Common Files\Symantec Shared\EENGINE\eeCtrl.sys -- (eeCtrl)
DRV - [2009/08/27 03:00:00 | 00,102,448 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Stopped] -- C:\Program Files\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys -- (EraserUtilRebootDrv)
DRV - [2009/08/25 03:00:00 | 01,323,568 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Stopped] -- C:\Program Files\Common Files\Symantec Shared\VirusDefs\20100123.003\NAVEX15.SYS -- (NAVEX15)
DRV - [2009/08/25 03:00:00 | 00,084,912 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Stopped] -- C:\Program Files\Common Files\Symantec Shared\VirusDefs\20100123.003\NAVENG.SYS -- (NAVENG)
DRV - [2009/05/18 13:17:00 | 00,026,600 | ---- | M] (GEAR Software Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\GEARAspiWDM.sys -- (GEARAspiWDM)
DRV - [2009/02/19 11:31:42 | 00,031,280 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\SymIM.sys -- (SymIMMP)
DRV - [2009/02/19 11:31:42 | 00,031,280 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\SymIM.sys -- (SymIM)
DRV - [2009/02/19 11:31:16 | 00,184,496 | ---- | M] (Symantec Corporation) [Kernel | System | Stopped] -- C:\WINDOWS\System32\Drivers\SYMTDI.SYS -- (SYMTDI)
DRV - [2009/02/19 11:31:16 | 00,096,560 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\System32\Drivers\SYMFW.SYS -- (SYMFW)
DRV - [2009/02/19 11:31:16 | 00,038,576 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\System32\Drivers\SYMIDS.SYS -- (SYMIDS)
DRV - [2009/02/19 11:31:16 | 00,037,424 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\System32\Drivers\SYMNDIS.SYS -- (SYMNDIS)
DRV - [2009/02/19 11:31:16 | 00,022,320 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\System32\Drivers\SYMREDRV.SYS -- (SYMREDRV)
DRV - [2009/02/19 11:31:16 | 00,013,616 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\System32\Drivers\SYMDNS.SYS -- (SYMDNS)
DRV - [2009/01/09 09:54:07 | 00,124,464 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\SYMEVENT.SYS -- (SymEvent)
DRV - [2008/11/20 14:19:06 | 00,043,872 | ---- | M] (Sonic Solutions) [Kernel | Boot | Running] -- C:\WINDOWS\System32\Drivers\PxHelp20.sys -- (PxHelp20)
DRV - [2008/09/05 13:31:42 | 00,447,024 | ---- | M] (Symantec Corporation) [Kernel | System | Stopped] -- C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCDrv.sys -- (SPBBCDrv)
DRV - [2008/07/30 16:42:12 | 00,023,888 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\COH_Mon.sys -- (COH_Mon)
DRV - [2007/11/30 23:57:12 | 00,317,616 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\srtspl.sys -- (SRTSPL)
DRV - [2007/11/30 23:57:12 | 00,279,088 | ---- | M] (Symantec Corporation) [File_System | System | Stopped] -- C:\WINDOWS\system32\drivers\srtsp.sys -- (SRTSP)
DRV - [2007/11/30 23:57:12 | 00,043,696 | ---- | M] (Symantec Corporation) [Kernel | System | Stopped] -- C:\WINDOWS\system32\drivers\srtspx.sys -- (SRTSPX)
DRV - [2007/11/13 05:25:53 | 00,020,480 | ---- | M] (Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\secdrv.sys -- (Secdrv)
DRV - [2007/11/07 16:41:48 | 00,069,824 | ---- | M] () [Kernel | Auto | Stopped] -- C:\WINDOWS\system32\drivers\LxrJD31d.sys -- (LxrJD31d)
DRV - [2007/08/08 18:39:56 | 00,036,056 | ---- | M] (Symantec Corporation) [Kernel | Auto | Stopped] -- C:\WINDOWS\system32\drivers\CO_Mon.sys -- (CO_Mon)
DRV - [2007/05/18 11:41:30 | 00,037,760 | ---- | M] (Service & Quality Technology.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\Capt905c.sys -- (SQTECH905C)
DRV - [2005/11/10 00:34:45 | 00,010,344 | ---- | M] (Symantec Corporation) [Kernel | Auto | Stopped] -- C:\WINDOWS\system32\drivers\symlcbrd.sys -- (symlcbrd)
DRV - [2005/07/04 07:52:50 | 00,018,432 | ---- | M] (First 4 Internet) [Kernel | Boot | Running] -- C:\WINDOWS\System32\Drivers\$sys$cor.sys -- ($sys$cor)
DRV - [2005/07/04 05:51:37 | 00,011,904 | ---- | M] (First 4 Internet) [Kernel | System | Running] -- C:\WINDOWS\system32\$sys$filesystem\crater.sys -- ($sys$crater)
DRV - [2005/04/21 00:33:12 | 00,112,384 | R--- | M] (NETGEAR Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\wg111v2.sys -- (RTLWUSB)
DRV - [2004/11/16 08:46:38 | 00,190,592 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\b57xp32.sys -- (b57w2k)
DRV - [2004/09/30 12:05:12 | 00,752,093 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ialmnt5.sys -- (ialm)
DRV - [2004/08/04 03:00:00 | 00,017,792 | ---- | M] (Parallel Technologies, Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ptilink.sys -- (Ptilink)
DRV - [2004/08/03 22:31:20 | 00,036,224 | ---- | M] (ADMtek Incorporated.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\an983.sys -- (AN983)
DRV - [2004/08/03 12:29:50 | 00,019,455 | ---- | M] (Intel(R) Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\wVchNTxx.sys -- (iAimFP4)
DRV - [2004/08/03 12:29:48 | 00,012,063 | ---- | M] (Intel(R) Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\wSiINTxx.sys -- (iAimFP3)
DRV - [2004/08/03 12:29:46 | 00,025,471 | ---- | M] (Intel(R) Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\wATV10nt.sys -- (iAimTV5)
DRV - [2004/08/03 12:29:46 | 00,023,615 | ---- | M] (Intel(R) Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\wCh7xxNT.sys -- (iAimTV4)
DRV - [2004/08/03 12:29:46 | 00,022,271 | ---- | M] (Intel(R) Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\wATV06nt.sys -- (iAimTV6)
DRV - [2004/08/03 12:29:44 | 00,033,599 | ---- | M] (Intel(R) Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\wATV04nt.sys -- (iAimTV3)
DRV - [2004/08/03 12:29:44 | 00,019,551 | ---- | M] (Intel(R) Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\wATV02NT.sys -- (iAimTV1)
DRV - [2004/08/03 12:29:42 | 00,029,311 | ---- | M] (Intel(R) Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\wATV01nt.sys -- (iAimTV0)
DRV - [2004/08/03 12:29:42 | 00,011,871 | ---- | M] (Intel(R) Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\wADV09NT.sys -- (iAimFP7)
DRV - [2004/08/03 12:29:40 | 00,011,807 | ---- | M] (Intel(R) Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\wADV07nt.sys -- (iAimFP5)
DRV - [2004/08/03 12:29:40 | 00,011,295 | ---- | M] (Intel(R) Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\wADV08NT.sys -- (iAimFP6)
DRV - [2004/08/03 12:29:38 | 00,161,020 | ---- | M] (Intel(R) Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\i81xnt5.sys -- (i81x)
DRV - [2004/08/03 12:29:38 | 00,012,415 | ---- | M] (Intel(R) Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\wADV01nt.sys -- (iAimFP0)
DRV - [2004/08/03 12:29:38 | 00,012,127 | ---- | M] (Intel(R) Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\wADV02NT.sys -- (iAimFP1)
DRV - [2004/08/03 12:29:38 | 00,011,775 | ---- | M] (Intel(R) Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\wADV05NT.sys -- (iAimFP2)
DRV - [2004/04/15 13:20:36 | 00,612,416 | ---- | M] (Analog Devices, Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\smwdm.sys -- (smwdm)
DRV - [2004/02/04 13:34:16 | 00,051,584 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\baspxp32.sys -- (Blfp)
DRV - [2003/10/23 06:17:10 | 00,100,384 | ---- | M] (Andrea Electronics Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\aeaudio.sys -- (aeaudio)
DRV - [2002/05/08 13:44:42 | 00,105,472 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\WINDOWS\system32\DRIVERS\adpu320.sys -- (adpu320)
DRV - [2002/04/04 01:32:06 | 00,028,416 | R--- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\WINDOWS\system32\DRIVERS\symmpi.sys -- (Symmpi)
DRV - [2001/10/24 19:16:10 | 00,036,224 | R--- | M] (LinkSys Group Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\lne100v5.sys -- (LNE100) Linksys LNE100TX(v5)
DRV - [2001/08/30 10:15:36 | 00,019,968 | ---- | M] (Handspring, Inc) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\VisorUsb.sys -- (VisorUsb)
DRV - [2001/08/17 12:56:16 | 00,007,552 | ---- | M] (Sony Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\SONYPVU1.SYS -- (SONYPVU1) Sony USB Filter Driver (SONYPVU1)
DRV - [2001/08/17 11:07:42 | 00,030,688 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\WINDOWS\system32\DRIVERS\sym_u3.sys -- (sym_u3)
DRV - [2001/08/17 11:07:40 | 00,028,384 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\WINDOWS\system32\DRIVERS\sym_hi.sys -- (sym_hi)
DRV - [2001/08/17 11:07:36 | 00,032,640 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\WINDOWS\system32\DRIVERS\symc8xx.sys -- (symc8xx)
DRV - [2001/08/17 11:07:34 | 00,016,256 | ---- | M] (Symbios Logic Inc.) [Kernel | Disabled | Stopped] -- C:\WINDOWS\system32\DRIVERS\symc810.sys -- (symc810)
DRV - [2001/08/17 02:20:04 | 00,096,256 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ac97intc.sys -- (ac97intc) Intel(r) 82801 Audio Driver Install Service (WDM)
DRV - [2001/08/17 02:12:10 | 00,117,760 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\e100b325.sys -- (E100B) Intel(R)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,CustomSearch = [You must be registered and logged in to see this link.]

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,SearchMigratedDefaultName = Yahoo! Search
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,SearchMigratedDefaultURL = [You must be registered and logged in to see this link.]
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = [You must be registered and logged in to see this link.]
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local

========== FireFox ==========

FF - prefs.js..browser.search.defaultenginename: "Yahoo! Search"
FF - prefs.js..browser.search.defaulturl: "http://www.google.com/search?lr=&ie=UTF-8&oe=UTF-8&q="
FF - prefs.js..browser.search.selectedEngine: "Yahoo! Search"
FF - prefs.js..keyword.URL: "http://us.yhs.search.yahoo.com/avg/search?fr=yhs-avgb&type=yahoo_avg_hs2-tb-web_us&p="

FF - HKLM\software\mozilla\Mozilla Firefox 3.5.7\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2010/01/20 12:31:40 | 00,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.5.7\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2010/01/20 12:31:40 | 00,000,000 | ---D | M]

[2009/01/13 11:38:39 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Application Data\Mozilla\Extensions
[2010/01/24 13:56:24 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\cldhl1pz.default\extensions
[2008/08/09 12:31:12 | 00,000,000 | ---D | M] (Yahoo! Toolbar) -- C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\cldhl1pz.default\extensions\{635abd67-4fe9-1b23-4f01-e679fa7484c1}
[2010/01/24 13:56:24 | 00,000,000 | ---D | M] -- C:\Program Files\Mozilla Firefox\extensions
[2007/05/24 20:16:01 | 00,000,000 | ---D | M] (Google Toolbar for Firefox) -- C:\Program Files\Mozilla Firefox\extensions\{3112ca9c-de6d-4884-a869-9855de68056c}
[2007/08/24 22:52:00 | 00,300,400 | ---- | M] (Symantec Corporation) -- C:\Program Files\Mozilla Firefox\components\coFFPlgn.dll
[2006/01/18 11:50:00 | 00,319,488 | ---- | M] ( ) -- C:\Program Files\Mozilla Firefox\plugins\npsnapfish.dll

O1 HOSTS File: ([2004/08/04 03:00:00 | 00,000,734 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (no name) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - No CLSID value found.
O2 - BHO: (Adobe PDF Reader Link Helper) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
O2 - BHO: (AVG Safe Search) - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG8\avgssie.dll File not found
O2 - BHO: (no name) - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files\Common Files\Symantec Shared\coShared\Browser\2.0\CoIEPlg.dll (Symantec Corporation)
O2 - BHO: (Symantec Intrusion Prevention) - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files\Common Files\Symantec Shared\IDS\IPSBHO.dll (Symantec Corporation)
O2 - BHO: (SSVHelper Class) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll (Sun Microsystems, Inc.)
O2 - BHO: (DCA BHO) - {B49699FC-1665-4414-A1CB-C4A2A4A13EEC} - C:\Program Files\Upromise\dca-bho.dll (Compete, Inc.)
O2 - BHO: (Upromise TurboSaver) - {EDC0F17F-F4B7-47e4-B73E-887FAEB376FA} - C:\Program Files\Upromise\upromisetoolbar.dll (Upromise, Inc.)
O3 - HKLM\..\Toolbar: (Upromise TurboSaver) - {06E58E5E-F8CB-4049-991E-A41C03BD419E} - C:\Program Files\Upromise\upromisetoolbar.dll (Upromise, Inc.)
O3 - HKLM\..\Toolbar: (Show Norton Toolbar) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files\Common Files\Symantec Shared\coShared\Browser\2.0\CoIEPlg.dll (Symantec Corporation)
O3 - HKLM\..\Toolbar: (no name) - {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - No CLSID value found.
O3 - HKCU\..\Toolbar\ShellBrowser: (no name) - {C4069E3A-68F1-403E-B40E-20066696354B} - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (Show Norton Toolbar) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files\Common Files\Symantec Shared\coShared\Browser\2.0\CoIEPlg.dll (Symantec Corporation)
O4 - HKLM..\Run: [AClntUsr] C:\Program Files\Aclient\AClntUsr.EXE ()
O4 - HKLM..\Run: [AppleSyncNotifier] C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleSyncNotifier.exe (Apple Inc.)
O4 - HKLM..\Run: [ArcSoft Connection Service] C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe (ArcSoft Inc.)
O4 - HKLM..\Run: [bacstray] C:\Program Files\Broadcom\BACS\BacsTray.exe (Broadcom Corporation)
O4 - HKLM..\Run: [BJCFD] C:\Program Files\BroadJump\Client Foundation\CFD.exe ()
O4 - HKLM..\Run: [ccApp] C:\Program Files\Common Files\Symantec Shared\ccApp.exe (Symantec Corporation)
O4 - HKLM..\Run: [HotKeysCmds] C:\WINDOWS\system32\hkcmd.exe (Intel Corporation)
O4 - HKLM..\Run: [IgfxTray] C:\WINDOWS\system32\igfxtray.exe (Intel Corporation)
O4 - HKLM..\Run: [IPInSightLAN 02] C:\Program Files\Visual Networks\Visual IP InSight\SBC\IPClient.exe (Visual Networks)
O4 - HKLM..\Run: [IPInSightMonitor 02] C:\Program Files\Visual Networks\Visual IP InSight\SBC\IPMon32.exe (Visual Networks)
O4 - HKLM..\Run: [iTunesHelper] C:\Program Files\iTunes\iTunesHelper.exe (Apple Inc.)
O4 - HKLM..\Run: [MAKTray] C:\WINDOWS\MAKTray.exe (Hewlett-Packard Development Company, L.P.)
O4 - HKLM..\Run: [osCheck] C:\Program Files\Norton Internet Security\osCheck.exe (Symantec Corporation)
O4 - HKLM..\Run: [PDF Complete] C:\Program Files\PDF Complete\pdfsty.exe (PDF Complete Inc)
O4 - HKLM..\Run: [QuickTime Task] C:\Program Files\QuickTime\QTTask.exe (Apple Inc.)
O4 - HKLM..\Run: [SetRefresh] C:\Program Files\Compaq\SetRefresh\SetRefresh.exe (Hewlett-Packard Company)
O4 - HKLM..\Run: [Smapp] C:\Program Files\Analog Devices\SoundMAX\SMTray.exe (Analog Devices, Inc.)
O4 - HKLM..\Run: [smss32.exe] C:\WINDOWS\system32\smss32.exe (IpVOPqgs)
O4 - HKLM..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe (Sun Microsystems, Inc.)
O4 - HKCU..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe File not found
O4 - HKCU..\Run: [Google Update] C:\Documents and Settings\Administrator\Local Settings\Application Data\Google\Update\GoogleUpdate.exe (Google Inc.)
O4 - HKCU..\Run: [Internet Security 2010] C:\Program Files\InternetSecurity2010\IS2010.exe (Internet Security)
O4 - HKCU..\Run: [Reminder] C:\Program Files\Microsoft Money\System\REMINDER.EXE (Microsoft Corporation)
O4 - HKCU..\Run: [updateMgr] C:\Program Files\Adobe\Acrobat 7.0\Reader\AdobeUpdateManager.exe (Adobe Systems Incorporated)
O4 - HKCU..\Run: [Upromise Tray] C:\Program Files\Upromise\UpromiseTray.exe ()
O4 - HKCU..\Run: [Upromise Update] C:\Program Files\Upromise\dca-ua.exe (Compete Inc)
O4 - HKCU..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\wmpnscfg.exe (Microsoft Corporation)
O4 - HKCU..\Run: [XPAgent] C:\WINDOWS\System32\XPAgent.exe File not found
O4 - Startup: C:\Documents and Settings\Administrator\Start Menu\Programs\Startup\GoZone iSync.lnk = C:\Program Files\GoZone\GoZone_iSync.exe (Virgin HealthMiles Inc.)
O4 - Startup: C:\Documents and Settings\Administrator\Start Menu\Programs\Startup\HotSync Manager.lnk = C:\Program Files\Handspring\HOTSYNC.EXE (Palm Computing, Inc.)
O4 - Startup: C:\Documents and Settings\Administrator\Start Menu\Programs\Startup\OpenOffice.org 2.2.lnk = C:\Program Files\OpenOffice.org 2.2\program\quickstart.exe ()
O4 - Startup: C:\Documents and Settings\Administrator\Start Menu\Programs\Startup\Picture Motion Browser Media Check Tool.lnk = C:\Program Files\Sony\Sony Picture Utility\VolumeWatcher\SPUVolumeWatcher.exe (Sony Corporation)
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe (Adobe Systems Incorporated)
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\ImageMixer for HDD Camcorder.lnk = C:\Program Files\PIXELA\ImageMixer for HDD Camcorder\IMx3Launcher.exe (PIXELA CORPORATION)
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Kodak EasyShare software.lnk = C:\Program Files\Kodak\Kodak EasyShare software\bin\EasyShare.exe (Eastman Kodak Company)
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Microsoft Find Fast.lnk = C:\Program Files\Microsoft Office\FINDFAST.EXE ()
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office\OSA9.EXE (Microsoft Corporation)
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Office Startup.lnk = C:\Program Files\Microsoft Office\OSA.EXE ()
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Philips GoGear VIBE Device Manager.lnk = C:\Program Files\Philips\GoGear VIBE Device Manager\GoGear_Vibe_DeviceManager.exe (Philips)
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Snapfish PictureMover.lnk = C:\Program Files\Snapfish PictureMover\PictureMover.exe ()
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoSetActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoSetActiveDesktop = 1
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableTaskMgr = 1
O8 - Extra context menu item: Add to Google Photos Screensa&ver - C:\WINDOWS\System32\GPhotos.scr (Google Inc.)
O9 - Extra Button: Upromise TurboSaver - {06E58E5E-F8CB-4049-991E-A41C03BD419E} - C:\Program Files\Upromise\upromisetoolbar.dll (Upromise, Inc.)
O9 - Extra 'Tools' menuitem : Upromise TurboSaver - {06E58E5E-F8CB-4049-991E-A41C03BD419E} - C:\Program Files\Upromise\upromisetoolbar.dll (Upromise, Inc.)
O9 - Extra 'Tools' menuitem : Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\npjpi160_07.dll (Sun Microsystems, Inc.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O10 - Protocol_Catalog9\Catalog_Entries\000000000001 - C:\WINDOWS\System32\helper32.dll ()
O10 - Protocol_Catalog9\Catalog_Entries\000000000019 - C:\WINDOWS\System32\helper32.dll ()
O15 - HKLM\..Trusted Domains: 1 domain(s) and sub-domain(s) not assigned to a zone.
O15 - HKCU\..Trusted Domains: e-rewards.com ([www] https in Trusted sites)
O15 - HKCU\..Trusted Domains: turbotax.com ([]https in Trusted sites)
O15 - HKCU\..Trusted Domains: 1 domain(s) and sub-domain(s) not assigned to a zone.
O16 - DPF: {0C92900E-4D5A-4F04-ACC9-729E1767BBAE} [You must be registered and logged in to see this link.] (Image Uploader Control)
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} [You must be registered and logged in to see this link.] (Windows Genuine Advantage Validation Tool)
O16 - DPF: {1E2941E3-8E63-11D4-9D5A-00902742D6E0} [You must be registered and logged in to see this link.] (iNotes Class)
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} C:\Program Files\Yahoo!\Common\Yinsthelper.dll (Installation Support)
O16 - DPF: {3BFFE033-BF43-11D5-A271-00A024A51325} [You must be registered and logged in to see this link.] (iNotes6 Class)
O16 - DPF: {406B5949-7190-4245-91A9-30A17DE16AD0} [You must be registered and logged in to see this link.] (Snapfish Activia)
O16 - DPF: {895D1291-D5BD-4982-BA84-AD11D29C1D6A} [You must be registered and logged in to see this link.] (Image Uploader Control)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} [You must be registered and logged in to see this link.] (Java Plug-in 1.6.0_07)
O16 - DPF: {9600F64D-755F-11D4-A47F-0001023E6D5A} [You must be registered and logged in to see this link.] (Shutterfly Picture Upload Plugin)
O16 - DPF: {AE6C4705-0F11-4ACB-BDD4-37F138BEF289} [You must be registered and logged in to see this link.] (Image Uploader Control)
O16 - DPF: {CAFEEFAC-0015-0000-0000-ABCDEFFEDCBA} [You must be registered and logged in to see this link.] (Java Plug-in 1.5.0)
O16 - DPF: {CAFEEFAC-0016-0000-0000-ABCDEFFEDCBA} [You must be registered and logged in to see this link.] (Java Plug-in 1.6.0)
O16 - DPF: {CAFEEFAC-0016-0000-0001-ABCDEFFEDCBA} [You must be registered and logged in to see this link.] (Java Plug-in 1.6.0_01)
O16 - DPF: {CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA} [You must be registered and logged in to see this link.] (Java Plug-in 1.6.0_07)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} [You must be registered and logged in to see this link.] (Java Plug-in 1.6.0_07)
O16 - DPF: {CF40ACC5-E1BB-4AFF-AC72-04C2F616BCA7} [You must be registered and logged in to see this link.] (get_atlcom Class)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} [You must be registered and logged in to see this link.] (Shockwave Flash Object)
O16 - DPF: {F127B9BA-89EA-4B04-9C67-2074A9DF61FD} [You must be registered and logged in to see this link.] (Photo Upload Plugin Class)
O16 - DPF: Microsoft XML Parser for Java [You must be registered and logged in to see this link.] (Reg Error: Key error.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 68.94.156.1 68.94.157.1
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\WINDOWS\system32\winlogon32.exe) - C:\WINDOWS\system32\winlogon32.exe (IpVOPqgs)
O20 - Winlogon\Notify\igfxcui: DllName - igfxsrvc.dll - C:\WINDOWS\System32\igfxsrvc.dll (Intel Corporation)
O24 - Desktop WallPaper:
O24 - Desktop BackupWallPaper: C:\Documents and Settings\Administrator\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O32 - HKLM CDRom: AutoRun - 1
O33 - MountPoints2\{37ceba36-8d7a-11dc-bc87-000c41f04185}\Shell\AutoRun\command - "" = F:\JDSecure\Windows\JDSecure31.exe -- File not found
O33 - MountPoints2\{fdd7fc96-e9db-11de-be7c-000c41f04185}\Shell - "" = AutoRun
O33 - MountPoints2\{fdd7fc96-e9db-11de-be7c-000c41f04185}\Shell\AutoRun - "" = Auto&Play
O33 - MountPoints2\{fdd7fc96-e9db-11de-be7c-000c41f04185}\Shell\AutoRun\command - "" = G:\PhotoViewer.exe -- File not found
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35 - comfile [open] -- "%1" %*
O35 - exefile [open] -- "%1" %*

========== Files/Folders - Created Within 30 Days ==========

[2010/01/24 10:20:09 | 00,000,000 | ---D | C] -- C:\Program Files\TrendMicro
[2010/01/24 09:49:54 | 00,000,000 | ---D | C] -- C:\Program Files\InternetSecurity2010
[2010/01/23 22:08:56 | 00,000,000 | ---D | M] -- C:\Documents and Settings\NetworkService\Local Settings\Application Data\Microsoft
[2010/01/23 22:08:56 | 00,000,000 | ---D | M] -- C:\Documents and Settings\LocalService\Local Settings\Application Data\Microsoft
[2010/01/23 22:08:55 | 00,000,000 | --SD | M] -- C:\Documents and Settings\NetworkService\Application Data\Microsoft
[2010/01/23 22:08:55 | 00,000,000 | --SD | M] -- C:\Documents and Settings\LocalService\Application Data\Microsoft
[2010/01/23 18:13:34 | 00,020,480 | ---- | C] (IpVOPqgs) -- C:\WINDOWS\System32\winlogon32.exe
[2010/01/23 18:13:34 | 00,020,480 | ---- | C] (IpVOPqgs) -- C:\WINDOWS\System32\smss32.exe
[2010/01/12 19:12:18 | 00,471,552 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\aclayers.dll
[2009/12/30 19:47:29 | 00,005,504 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mstee.sys
[2009/12/30 19:44:38 | 00,010,880 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ndisip.sys
[2009/12/30 19:44:28 | 00,015,232 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\streamip.sys
[2009/12/30 19:44:27 | 00,016,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\ipsink.ax
[2009/12/30 19:44:27 | 00,016,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ipsink.ax
[2009/12/30 19:44:21 | 00,011,136 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\slip.sys
[2009/12/30 19:44:14 | 00,019,200 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wstcodec.sys
[2009/12/30 19:44:09 | 00,085,248 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\nabtsfec.sys
[2009/12/30 19:44:03 | 00,017,024 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ccdecode.sys
[2009/12/30 19:43:24 | 00,053,760 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\vfwwdm32.dll
[2009/12/30 19:43:24 | 00,053,760 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\vfwwdm32.dll
[2009/12/30 19:43:24 | 00,043,008 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\ksxbar.ax
[2009/12/30 19:43:24 | 00,043,008 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ksxbar.ax
[2009/12/30 19:43:23 | 00,091,136 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kswdmcap.ax
[2009/12/30 19:43:23 | 00,091,136 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kswdmcap.ax
[2009/12/30 19:43:23 | 00,061,952 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kstvtune.ax
[2009/12/30 19:43:23 | 00,061,952 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kstvtune.ax
[2009/12/30 19:42:43 | 00,037,760 | ---- | C] (Service & Quality Technology.) -- C:\WINDOWS\System32\drivers\Capt905c.sys
[2009/12/30 19:42:43 | 00,025,216 | ---- | C] (Service & Quality Technology.) -- C:\WINDOWS\System32\drivers\Camd905c.sys
[2008/12/05 14:35:07 | 00,000,000 | ---D | M] -- C:\Documents and Settings\LocalService\Local Settings\Application Data\Google
[2007/08/28 13:55:02 | 00,000,000 | ---D | M] -- C:\Documents and Settings\NetworkService\Local Settings\Application Data\Apple
[2005/11/22 21:38:06 | 20,921,040 | ---- | C] ( ) -- C:\Program Files\AdbeRdr705_enu_full.exe
[2005/09/12 20:21:12 | 00,000,000 | ---D | M] -- C:\Documents and Settings\NetworkService\Application Data\Symantec
[4 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
[1 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2010/01/24 20:14:21 | 00,000,000 | ---- | M] () -- C:\WINDOWS\System32\41.exe
[2010/01/24 20:14:17 | 00,002,931 | ---- | M] () -- C:\WINDOWS\System32\warning.html
[2010/01/24 20:14:01 | 00,001,158 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2010/01/24 20:13:30 | 00,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2010/01/24 20:12:19 | 00,000,006 | -H-- | M] () -- C:\WINDOWS\tasks\SA.DAT
[2010/01/24 20:10:49 | 04,718,592 | -H-- | M] () -- C:\Documents and Settings\Administrator\ntuser.dat
[2010/01/24 20:10:49 | 00,000,178 | -HS- | M] () -- C:\Documents and Settings\Administrator\ntuser.ini
[2010/01/24 20:07:17 | 00,001,010 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-421591467-158189010-1035158585-500UA.job
[2010/01/24 20:06:52 | 00,000,631 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\ImageMixer destination folder.lnk
[2010/01/24 20:04:21 | 00,001,280 | ---- | M] () -- C:\AClient.cfg
[2010/01/24 18:15:54 | 00,000,438 | -H-- | M] () -- C:\WINDOWS\tasks\User_Feed_Synchronization-{A599B464-9115-4E09-AE36-54CBFCC55CA5}.job
[2010/01/24 14:32:59 | 00,000,000 | ---- | M] () -- C:\WINDOWS\System32\19169.exe
[2010/01/24 14:24:32 | 00,039,363 | ---- | M] () -- C:\Documents and Settings\Administrator\My Documents\10ALAuction.ods
[2010/01/24 14:24:24 | 00,043,442 | ---- | M] () -- C:\Documents and Settings\Administrator\My Documents\10NLAuction.ods
[2010/01/24 14:12:58 | 00,000,000 | ---- | M] () -- C:\WINDOWS\System32\26500.exe
[2010/01/24 13:52:58 | 00,000,000 | ---- | M] () -- C:\WINDOWS\System32\6334.exe
[2010/01/24 13:32:58 | 00,000,000 | ---- | M] () -- C:\WINDOWS\System32\18467.exe
[2010/01/24 10:03:24 | 03,952,746 | -H-- | M] () -- C:\Documents and Settings\Administrator\Local Settings\Application Data\IconCache.db
[2010/01/23 22:00:35 | 00,000,000 | ---- | M] () -- C:\WINDOWS\System32\28145.exe
[2010/01/23 21:40:25 | 00,000,000 | ---- | M] () -- C:\WINDOWS\System32\5705.exe
[2010/01/23 21:20:16 | 00,000,000 | ---- | M] () -- C:\WINDOWS\System32\24464.exe
[2010/01/23 21:00:12 | 00,000,000 | ---- | M] () -- C:\WINDOWS\System32\26962.exe
[2010/01/23 20:39:47 | 00,000,000 | ---- | M] () -- C:\WINDOWS\System32\29358.exe
[2010/01/23 20:26:07 | 00,004,806 | -H-- | M] () -- C:\ffastun.ffa
[2010/01/23 20:26:06 | 00,315,392 | -H-- | M] () -- C:\ffastun.ffo
[2010/01/23 20:25:58 | 02,797,568 | -H-- | M] () -- C:\ffastun0.ffx
[2010/01/23 20:25:58 | 01,671,168 | -H-- | M] () -- C:\ffastun.ffl
[2010/01/23 20:19:32 | 00,000,000 | ---- | M] () -- C:\WINDOWS\System32\11478.exe
[2010/01/23 19:59:31 | 00,000,000 | ---- | M] () -- C:\WINDOWS\System32\15724.exe
[2010/01/23 18:18:47 | 00,018,432 | ---- | M] () -- C:\WINDOWS\System32\helper32.dll
[2010/01/23 18:13:36 | 00,000,001 | ---- | M] () -- C:\s
[2010/01/23 18:13:31 | 00,020,480 | ---- | M] (IpVOPqgs) -- C:\WINDOWS\System32\winlogon32.exe
[2010/01/23 18:13:31 | 00,020,480 | ---- | M] (IpVOPqgs) -- C:\WINDOWS\System32\smss32.exe
[2010/01/22 23:14:27 | 00,026,624 | ---- | M] () -- C:\Documents and Settings\Administrator\My Documents\012210lnnchoop.doc
[2010/01/22 22:16:52 | 00,002,473 | ---- | M] () -- C:\Documents and Settings\Administrator\Desktop\Microsoft Word.lnk
[2010/01/21 19:15:40 | 00,002,137 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\iTunes.lnk
[2010/01/19 08:07:33 | 00,000,638 | ---- | M] () -- C:\WINDOWS\tasks\Norton Internet Security - Run Full System Scan - Administrator.job
[2010/01/19 04:07:04 | 00,000,958 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-421591467-158189010-1035158585-500Core.job
[2010/01/13 03:07:50 | 00,001,374 | ---- | M] () -- C:\WINDOWS\imsins.BAK
[2010/01/11 12:12:41 | 00,000,284 | ---- | M] () -- C:\WINDOWS\tasks\AppleSoftwareUpdate.job
[2009/12/30 19:42:45 | 00,000,531 | ---- | M] () -- C:\WINDOWS\win.ini
[2009/12/30 19:41:57 | 00,000,949 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Disney Pix Micro Downloader.lnk
[2009/12/30 19:01:07 | 00,000,734 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Disney Pix 2.lnk
[4 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
[1 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]

========== Files Created - No Company Name ==========

nstnewell
Novice
Novice

Posts Posts : 11
Joined Joined : 2010-01-24
OS OS : Windows XP
Points Points : 25233
# Likes # Likes : 0

View user profile

Back to top Go down

Re: Internet Security 2010

Post by nstnewell on Mon Jan 25, 2010 1:53 am

Part 3


[2010/01/24 20:14:17 | 00,002,931 | ---- | C] () -- C:\WINDOWS\System32\warning.html
[2010/01/24 20:06:43 | 00,000,000 | ---- | C] () -- C:\WINDOWS\System32\41.exe
[2010/01/23 22:00:35 | 00,000,000 | ---- | C] () -- C:\WINDOWS\System32\28145.exe
[2010/01/23 21:40:25 | 00,000,000 | ---- | C] () -- C:\WINDOWS\System32\5705.exe
[2010/01/23 21:20:16 | 00,000,000 | ---- | C] () -- C:\WINDOWS\System32\24464.exe
[2010/01/23 21:00:12 | 00,000,000 | ---- | C] () -- C:\WINDOWS\System32\26962.exe
[2010/01/23 20:39:47 | 00,000,000 | ---- | C] () -- C:\WINDOWS\System32\29358.exe
[2010/01/23 20:19:32 | 00,000,000 | ---- | C] () -- C:\WINDOWS\System32\11478.exe
[2010/01/23 19:59:31 | 00,000,000 | ---- | C] () -- C:\WINDOWS\System32\15724.exe
[2010/01/23 19:39:28 | 00,000,000 | ---- | C] () -- C:\WINDOWS\System32\19169.exe
[2010/01/23 19:19:25 | 00,000,000 | ---- | C] () -- C:\WINDOWS\System32\26500.exe
[2010/01/23 18:59:21 | 00,000,000 | ---- | C] () -- C:\WINDOWS\System32\6334.exe
[2010/01/23 18:39:18 | 00,000,000 | ---- | C] () -- C:\WINDOWS\System32\18467.exe
[2010/01/23 18:18:47 | 00,018,432 | ---- | C] () -- C:\WINDOWS\System32\helper32.dll
[2010/01/23 18:13:36 | 00,000,001 | ---- | C] () -- C:\s
[2010/01/22 22:49:17 | 00,026,624 | ---- | C] () -- C:\Documents and Settings\Administrator\My Documents\012210lnnchoop.doc
[2009/12/30 19:41:57 | 00,000,949 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Disney Pix Micro Downloader.lnk
[2009/12/30 19:01:07 | 00,000,734 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Disney Pix 2.lnk
[2009/10/10 12:47:16 | 00,000,000 | ---- | C] () -- C:\WINDOWS\OPPRIN~1.INI
[2008/09/08 18:49:25 | 00,053,760 | ---- | C] () -- C:\WINDOWS\System32\Zlib.dll
[2008/04/07 15:48:10 | 00,003,654 | ---- | C] () -- C:\WINDOWS\System32\drivers\Sonyhcp.dll
[2008/01/26 15:34:55 | 00,000,812 | ---- | C] () -- C:\WINDOWS\ka.ini
[2007/11/07 16:41:53 | 00,000,000 | ---- | C] () -- C:\WINDOWS\JDSecure31.INI
[2007/11/07 16:41:49 | 00,061,440 | ---- | C] () -- C:\WINDOWS\System32\LxrJD20Sat.dll
[2007/11/07 16:41:48 | 00,249,856 | ---- | C] () -- C:\WINDOWS\System32\LxrJD31.dll
[2007/11/07 16:41:48 | 00,069,824 | ---- | C] () -- C:\WINDOWS\System32\drivers\LxrJD31d.sys
[2007/10/03 10:19:23 | 00,000,069 | ---- | C] () -- C:\WINDOWS\NeroDigital.ini
[2006/11/06 21:34:57 | 00,001,747 | ---- | C] () -- C:\Documents and Settings\All Users\Application Data\QTSBandwidthCache
[2006/04/30 19:21:38 | 00,000,109 | ---- | C] () -- C:\WINDOWS\webica.ini
[2006/03/24 14:09:50 | 00,972,800 | ---- | C] () -- C:\Program Files\PECOTA_03_21_2006.xls
[2006/02/05 12:32:58 | 00,674,304 | ---- | C] () -- C:\Program Files\PECOTA_01_25_2006.xls
[2006/01/19 10:32:48 | 00,029,696 | ---- | C] () -- C:\Program Files\ALOF_1_.xlr
[2006/01/18 18:25:29 | 00,024,064 | ---- | C] () -- C:\Program Files\ALC.xls
[2006/01/18 18:22:47 | 00,000,893 | ---- | C] () -- C:\WINDOWS\wizards.ini
[2005/11/10 00:27:46 | 42,068,374 | ---- | C] () -- C:\Program Files\NIS06900_2YR.exe
[2005/09/25 11:29:47 | 00,007,812 | ---- | C] () -- C:\WINDOWS\System32\visorusb.dll
[2005/09/24 09:01:28 | 00,098,304 | ---- | C] () -- C:\Documents and Settings\Administrator\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2005/09/23 14:21:06 | 00,000,061 | ---- | C] () -- C:\WINDOWS\ma_Tales.ini
[2005/09/23 14:20:39 | 00,012,074 | ---- | C] () -- C:\WINDOWS\MA_BB.INI
[2005/09/16 09:08:41 | 00,000,113 | ---- | C] () -- C:\WINDOWS\WININIT.INI
[2005/09/13 01:27:13 | 00,000,063 | ---- | C] () -- C:\WINDOWS\mdm.ini
[2005/09/13 01:00:22 | 00,000,376 | ---- | C] () -- C:\WINDOWS\ODBC.INI
[2005/09/12 20:58:01 | 00,040,960 | ---- | C] () -- C:\WINDOWS\System32\IsUser11b.dll
[2005/09/08 22:06:04 | 00,065,536 | ---- | C] () -- C:\WINDOWS\System32\YCRWin32.dll
[2005/08/31 11:43:32 | 00,098,304 | ---- | C] () -- C:\WINDOWS\System32\resourceGeneric.dll
[2005/08/03 13:01:23 | 00,000,061 | ---- | C] () -- C:\WINDOWS\smscfg.ini
[2005/08/03 12:53:02 | 00,049,152 | ---- | C] () -- C:\WINDOWS\EAKUSB.dll
[2005/08/03 12:53:02 | 00,024,576 | ---- | C] () -- C:\WINDOWS\MAKHkdll.dll
[2005/08/03 12:51:10 | 00,000,044 | ---- | C] () -- C:\WINDOWS\System32\msssc.dll
[2003/07/14 14:30:28 | 00,197,120 | ---- | C] () -- C:\WINDOWS\patchw32.dll
[2002/05/08 04:12:22 | 00,001,065 | ---- | C] () -- C:\WINDOWS\System32\oeminfo.ini
[1998/05/14 00:00:00 | 00,116,736 | ---- | C] () -- C:\WINDOWS\System32\PCDLIB32.DLL
[1997/11/10 15:18:48 | 00,010,240 | ---- | C] () -- C:\WINDOWS\System32\vidx16.dll
[1997/08/19 00:00:00 | 00,022,016 | ---- | C] () -- C:\WINDOWS\System32\DOCOBJ.DLL
[1997/08/19 00:00:00 | 00,012,288 | ---- | C] () -- C:\WINDOWS\System32\HLINKPRX.DLL

< End of report >
SRV - File not found [Disabled | Stopped] -- -- (NMIndexingService)
SRV - File not found [Auto | Stopped] -- -- ($sys$DRMServer)
SRV - [2009/10/28 20:21:14 | 00,545,568 | ---- | M] (Apple Inc.) [On_Demand | Stopped] -- C:\Program Files\iPod\bin\iPodService.exe -- (iPod Service)
SRV - [2009/09/28 08:42:50 | 00,109,056 | ---- | M] (ArcSoft Inc.) [Auto | Stopped] -- C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACService.exe -- (ACDaemon)
SRV - [2009/06/05 10:48:14 | 00,144,712 | ---- | M] (Apple Inc.) [Auto | Stopped] -- C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe -- (Apple Mobile Device)
SRV - [2008/12/12 11:17:38 | 00,238,888 | ---- | M] (Apple Inc.) [Auto | Stopped] -- C:\Program Files\Bonjour\mDNSResponder.exe -- (Bonjour Service)
SRV - [2008/10/17 14:52:10 | 00,149,352 | ---- | M] (Symantec Corporation) [Auto | Stopped] -- C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe -- (LiveUpdate Notice)
SRV - [2008/10/17 14:52:10 | 00,149,352 | ---- | M] (Symantec Corporation) [Auto | Stopped] -- C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe -- (CLTNetCnService)
SRV - [2008/10/17 14:52:10 | 00,149,352 | ---- | M] (Symantec Corporation) [Auto | Stopped] -- C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe -- (ccSetMgr)
SRV - [2008/10/17 14:52:10 | 00,149,352 | ---- | M] (Symantec Corporation) [Auto | Stopped] -- C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe -- (ccEvtMgr)
SRV - [2008/10/10 05:45:26 | 00,013,088 | ---- | M] (Intuit Inc.) [Auto | Stopped] -- C:\Program Files\Common Files\Intuit\Update Service\IntuitUpdateService.exe -- (IntuitUpdateService)
SRV - [2008/01/23 15:59:05 | 01,251,720 | ---- | M] () [On_Demand | Stopped] -- C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe -- (Symantec Core LC)
SRV - [2007/11/07 16:41:48 | 00,071,168 | ---- | M] () [Auto | Stopped] -- C:\WINDOWS\System32\LxrJD31s.exe -- (LxrJD31s)
SRV - [2007/08/31 10:49:50 | 00,243,064 | ---- | M] (Symantec Corporation) [Auto | Stopped] -- C:\Program Files\Symantec\LiveUpdate\AluSchedulerSvc.exe -- (Automatic LiveUpdate Scheduler)
SRV - [2007/08/23 15:35:22 | 03,192,184 | ---- | M] (Symantec Corporation) [On_Demand | Stopped] -- C:\Program Files\Symantec\LiveUpdate\LuComServer_3_4.EXE -- (LiveUpdate)
SRV - [2007/08/22 02:21:30 | 00,055,640 | ---- | M] (Symantec Corporation) [On_Demand | Stopped] -- C:\Program Files\Common Files\Symantec Shared\VAScanner\comHost.exe -- (comHost)
SRV - [2007/01/03 20:40:21 | 00,136,120 | ---- | M] (Google) [On_Demand | Stopped] -- C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe -- (gusvc)
SRV - [2004/10/07 09:42:57 | 00,167,936 | ---- | M] () [Auto | Stopped] -- C:\WINDOWS\CDProxyServ.exe -- (CD_Proxy)
SRV - [2004/08/23 08:31:34 | 04,845,644 | ---- | M] (Altiris, Inc.) [Auto | Stopped] -- C:\Program Files\Aclient\AClient.exe -- (AClient)
SRV - [2002/09/20 17:50:10 | 00,045,056 | ---- | M] (Analog Devices, Inc.) [Auto | Stopped] -- C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe -- (SoundMAX Agent Service (default))


========== Driver Services (SafeList) ==========

DRV - [2009/11/19 22:02:58 | 00,268,664 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Stopped] -- C:\Program Files\Common Files\Symantec Shared\SymcData\ipsdefs\20100119.001\SymIDSCo.sys -- (SYMIDSCO)
DRV - [2009/08/28 18:42:52 | 00,040,448 | ---- | M] (Apple, Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\usbaapl.sys -- (USBAAPL)
DRV - [2009/08/27 03:00:00 | 00,371,248 | ---- | M] (Symantec Corporation) [Kernel | System | Stopped] -- C:\Program Files\Common Files\Symantec Shared\EENGINE\eeCtrl.sys -- (eeCtrl)
DRV - [2009/08/27 03:00:00 | 00,102,448 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Stopped] -- C:\Program Files\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys -- (EraserUtilRebootDrv)
DRV - [2009/08/25 03:00:00 | 01,323,568 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Stopped] -- C:\Program Files\Common Files\Symantec Shared\VirusDefs\20100123.003\NAVEX15.SYS -- (NAVEX15)
DRV - [2009/08/25 03:00:00 | 00,084,912 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Stopped] -- C:\Program Files\Common Files\Symantec Shared\VirusDefs\20100123.003\NAVENG.SYS -- (NAVENG)
DRV - [2009/05/18 13:17:00 | 00,026,600 | ---- | M] (GEAR Software Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\GEARAspiWDM.sys -- (GEARAspiWDM)
DRV - [2009/02/19 11:31:42 | 00,031,280 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\SymIM.sys -- (SymIMMP)
DRV - [2009/02/19 11:31:42 | 00,031,280 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\SymIM.sys -- (SymIM)
DRV - [2009/02/19 11:31:16 | 00,184,496 | ---- | M] (Symantec Corporation) [Kernel | System | Stopped] -- C:\WINDOWS\System32\Drivers\SYMTDI.SYS -- (SYMTDI)
DRV - [2009/02/19 11:31:16 | 00,096,560 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\System32\Drivers\SYMFW.SYS -- (SYMFW)
DRV - [2009/02/19 11:31:16 | 00,038,576 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\System32\Drivers\SYMIDS.SYS -- (SYMIDS)
DRV - [2009/02/19 11:31:16 | 00,037,424 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\System32\Drivers\SYMNDIS.SYS -- (SYMNDIS)
DRV - [2009/02/19 11:31:16 | 00,022,320 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\System32\Drivers\SYMREDRV.SYS -- (SYMREDRV)
DRV - [2009/02/19 11:31:16 | 00,013,616 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\System32\Drivers\SYMDNS.SYS -- (SYMDNS)
DRV - [2009/01/09 09:54:07 | 00,124,464 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\SYMEVENT.SYS -- (SymEvent)
DRV - [2008/11/20 14:19:06 | 00,043,872 | ---- | M] (Sonic Solutions) [Kernel | Boot | Running] -- C:\WINDOWS\System32\Drivers\PxHelp20.sys -- (PxHelp20)
DRV - [2008/09/05 13:31:42 | 00,447,024 | ---- | M] (Symantec Corporation) [Kernel | System | Stopped] -- C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCDrv.sys -- (SPBBCDrv)
DRV - [2008/07/30 16:42:12 | 00,023,888 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\COH_Mon.sys -- (COH_Mon)
DRV - [2007/11/30 23:57:12 | 00,317,616 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\srtspl.sys -- (SRTSPL)
DRV - [2007/11/30 23:57:12 | 00,279,088 | ---- | M] (Symantec Corporation) [File_System | System | Stopped] -- C:\WINDOWS\system32\drivers\srtsp.sys -- (SRTSP)
DRV - [2007/11/30 23:57:12 | 00,043,696 | ---- | M] (Symantec Corporation) [Kernel | System | Stopped] -- C:\WINDOWS\system32\drivers\srtspx.sys -- (SRTSPX)
DRV - [2007/11/13 05:25:53 | 00,020,480 | ---- | M] (Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\secdrv.sys -- (Secdrv)
DRV - [2007/11/07 16:41:48 | 00,069,824 | ---- | M] () [Kernel | Auto | Stopped] -- C:\WINDOWS\system32\drivers\LxrJD31d.sys -- (LxrJD31d)
DRV - [2007/08/08 18:39:56 | 00,036,056 | ---- | M] (Symantec Corporation) [Kernel | Auto | Stopped] -- C:\WINDOWS\system32\drivers\CO_Mon.sys -- (CO_Mon)
DRV - [2007/05/18 11:41:30 | 00,037,760 | ---- | M] (Service & Quality Technology.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\Capt905c.sys -- (SQTECH905C)
DRV - [2005/11/10 00:34:45 | 00,010,344 | ---- | M] (Symantec Corporation) [Kernel | Auto | Stopped] -- C:\WINDOWS\system32\drivers\symlcbrd.sys -- (symlcbrd)
DRV - [2005/07/04 07:52:50 | 00,018,432 | ---- | M] (First 4 Internet) [Kernel | Boot | Running] -- C:\WINDOWS\System32\Drivers\$sys$cor.sys -- ($sys$cor)
DRV - [2005/07/04 05:51:37 | 00,011,904 | ---- | M] (First 4 Internet) [Kernel | System | Running] -- C:\WINDOWS\system32\$sys$filesystem\crater.sys -- ($sys$crater)
DRV - [2005/04/21 00:33:12 | 00,112,384 | R--- | M] (NETGEAR Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\wg111v2.sys -- (RTLWUSB)
DRV - [2004/11/16 08:46:38 | 00,190,592 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\b57xp32.sys -- (b57w2k)
DRV - [2004/09/30 12:05:12 | 00,752,093 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ialmnt5.sys -- (ialm)
DRV - [2004/08/04 03:00:00 | 00,017,792 | ---- | M] (Parallel Technologies, Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ptilink.sys -- (Ptilink)
DRV - [2004/08/03 22:31:20 | 00,036,224 | ---- | M] (ADMtek Incorporated.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\an983.sys -- (AN983)
DRV - [2004/08/03 12:29:50 | 00,019,455 | ---- | M] (Intel(R) Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\wVchNTxx.sys -- (iAimFP4)
DRV - [2004/08/03 12:29:48 | 00,012,063 | ---- | M] (Intel(R) Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\wSiINTxx.sys -- (iAimFP3)
DRV - [2004/08/03 12:29:46 | 00,025,471 | ---- | M] (Intel(R) Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\wATV10nt.sys -- (iAimTV5)
DRV - [2004/08/03 12:29:46 | 00,023,615 | ---- | M] (Intel(R) Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\wCh7xxNT.sys -- (iAimTV4)
DRV - [2004/08/03 12:29:46 | 00,022,271 | ---- | M] (Intel(R) Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\wATV06nt.sys -- (iAimTV6)
DRV - [2004/08/03 12:29:44 | 00,033,599 | ---- | M] (Intel(R) Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\wATV04nt.sys -- (iAimTV3)
DRV - [2004/08/03 12:29:44 | 00,019,551 | ---- | M] (Intel(R) Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\wATV02NT.sys -- (iAimTV1)
DRV - [2004/08/03 12:29:42 | 00,029,311 | ---- | M] (Intel(R) Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\wATV01nt.sys -- (iAimTV0)
DRV - [2004/08/03 12:29:42 | 00,011,871 | ---- | M] (Intel(R) Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\wADV09NT.sys -- (iAimFP7)
DRV - [2004/08/03 12:29:40 | 00,011,807 | ---- | M] (Intel(R) Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\wADV07nt.sys -- (iAimFP5)
DRV - [2004/08/03 12:29:40 | 00,011,295 | ---- | M] (Intel(R) Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\wADV08NT.sys -- (iAimFP6)
DRV - [2004/08/03 12:29:38 | 00,161,020 | ---- | M] (Intel(R) Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\i81xnt5.sys -- (i81x)
DRV - [2004/08/03 12:29:38 | 00,012,415 | ---- | M] (Intel(R) Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\wADV01nt.sys -- (iAimFP0)
DRV - [2004/08/03 12:29:38 | 00,012,127 | ---- | M] (Intel(R) Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\wADV02NT.sys -- (iAimFP1)
DRV - [2004/08/03 12:29:38 | 00,011,775 | ---- | M] (Intel(R) Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\wADV05NT.sys -- (iAimFP2)
DRV - [2004/04/15 13:20:36 | 00,612,416 | ---- | M] (Analog Devices, Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\smwdm.sys -- (smwdm)
DRV - [2004/02/04 13:34:16 | 00,051,584 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\baspxp32.sys -- (Blfp)
DRV - [2003/10/23 06:17:10 | 00,100,384 | ---- | M] (Andrea Electronics Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\aeaudio.sys -- (aeaudio)
DRV - [2002/05/08 13:44:42 | 00,105,472 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\WINDOWS\system32\DRIVERS\adpu320.sys -- (adpu320)
DRV - [2002/04/04 01:32:06 | 00,028,416 | R--- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\WINDOWS\system32\DRIVERS\symmpi.sys -- (Symmpi)
DRV - [2001/10/24 19:16:10 | 00,036,224 | R--- | M] (LinkSys Group Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\lne100v5.sys -- (LNE100) Linksys LNE100TX(v5)
DRV - [2001/08/30 10:15:36 | 00,019,968 | ---- | M] (Handspring, Inc) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\VisorUsb.sys -- (VisorUsb)
DRV - [2001/08/17 12:56:16 | 00,007,552 | ---- | M] (Sony Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\SONYPVU1.SYS -- (SONYPVU1) Sony USB Filter Driver (SONYPVU1)
DRV - [2001/08/17 11:07:42 | 00,030,688 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\WINDOWS\system32\DRIVERS\sym_u3.sys -- (sym_u3)
DRV - [2001/08/17 11:07:40 | 00,028,384 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\WINDOWS\system32\DRIVERS\sym_hi.sys -- (sym_hi)
DRV - [2001/08/17 11:07:36 | 00,032,640 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\WINDOWS\system32\DRIVERS\symc8xx.sys -- (symc8xx)
DRV - [2001/08/17 11:07:34 | 00,016,256 | ---- | M] (Symbios Logic Inc.) [Kernel | Disabled | Stopped] -- C:\WINDOWS\system32\DRIVERS\symc810.sys -- (symc810)
DRV - [2001/08/17 02:20:04 | 00,096,256 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ac97intc.sys -- (ac97intc) Intel(r) 82801 Audio Driver Install Service (WDM)
DRV - [2001/08/17 02:12:10 | 00,117,760 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\e100b325.sys -- (E100B) Intel(R)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,CustomSearch = [You must be registered and logged in to see this link.]

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,SearchMigratedDefaultName = Yahoo! Search
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,SearchMigratedDefaultURL = [You must be registered and logged in to see this link.]
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = [You must be registered and logged in to see this link.]
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local

========== FireFox ==========

FF - prefs.js..browser.search.defaultenginename: "Yahoo! Search"
FF - prefs.js..browser.search.defaulturl: "http://www.google.com/search?lr=&ie=UTF-8&oe=UTF-8&q="
FF - prefs.js..browser.search.selectedEngine: "Yahoo! Search"
FF - prefs.js..keyword.URL: "http://us.yhs.search.yahoo.com/avg/search?fr=yhs-avgb&type=yahoo_avg_hs2-tb-web_us&p="

FF - HKLM\software\mozilla\Mozilla Firefox 3.5.7\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2010/01/20 12:31:40 | 00,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.5.7\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2010/01/20 12:31:40 | 00,000,000 | ---D | M]

[2009/01/13 11:38:39 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Application Data\Mozilla\Extensions
[2010/01/24 13:56:24 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\cldhl1pz.default\extensions
[2008/08/09 12:31:12 | 00,000,000 | ---D | M] (Yahoo! Toolbar) -- C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\cldhl1pz.default\extensions\{635abd67-4fe9-1b23-4f01-e679fa7484c1}
[2010/01/24 13:56:24 | 00,000,000 | ---D | M] -- C:\Program Files\Mozilla Firefox\extensions
[2007/05/24 20:16:01 | 00,000,000 | ---D | M] (Google Toolbar for Firefox) -- C:\Program Files\Mozilla Firefox\extensions\{3112ca9c-de6d-4884-a869-9855de68056c}
[2007/08/24 22:52:00 | 00,300,400 | ---- | M] (Symantec Corporation) -- C:\Program Files\Mozilla Firefox\components\coFFPlgn.dll
[2006/01/18 11:50:00 | 00,319,488 | ---- | M] ( ) -- C:\Program Files\Mozilla Firefox\plugins\npsnapfish.dll

O1 HOSTS File: ([2004/08/04 03:00:00 | 00,000,734 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (no name) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - No CLSID value found.
O2 - BHO: (Adobe PDF Reader Link Helper) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
O2 - BHO: (AVG Safe Search) - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG8\avgssie.dll File not found
O2 - BHO: (no name) - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files\Common Files\Symantec Shared\coShared\Browser\2.0\CoIEPlg.dll (Symantec Corporation)
O2 - BHO: (Symantec Intrusion Prevention) - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files\Common Files\Symantec Shared\IDS\IPSBHO.dll (Symantec Corporation)
O2 - BHO: (SSVHelper Class) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll (Sun Microsystems, Inc.)
O2 - BHO: (DCA BHO) - {B49699FC-1665-4414-A1CB-C4A2A4A13EEC} - C:\Program Files\Upromise\dca-bho.dll (Compete, Inc.)
O2 - BHO: (Upromise TurboSaver) - {EDC0F17F-F4B7-47e4-B73E-887FAEB376FA} - C:\Program Files\Upromise\upromisetoolbar.dll (Upromise, Inc.)
O3 - HKLM\..\Toolbar: (Upromise TurboSaver) - {06E58E5E-F8CB-4049-991E-A41C03BD419E} - C:\Program Files\Upromise\upromisetoolbar.dll (Upromise, Inc.)
O3 - HKLM\..\Toolbar: (Show Norton Toolbar) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files\Common Files\Symantec Shared\coShared\Browser\2.0\CoIEPlg.dll (Symantec Corporation)
O3 - HKLM\..\Toolbar: (no name) - {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - No CLSID value found.
O3 - HKCU\..\Toolbar\ShellBrowser: (no name) - {C4069E3A-68F1-403E-B40E-20066696354B} - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (Show Norton Toolbar) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files\Common Files\Symantec Shared\coShared\Browser\2.0\CoIEPlg.dll (Symantec Corporation)
O4 - HKLM..\Run: [AClntUsr] C:\Program Files\Aclient\AClntUsr.EXE ()
O4 - HKLM..\Run: [AppleSyncNotifier] C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleSyncNotifier.exe (Apple Inc.)
O4 - HKLM..\Run: [ArcSoft Connection Service] C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe (ArcSoft Inc.)
O4 - HKLM..\Run: [bacstray] C:\Program Files\Broadcom\BACS\BacsTray.exe (Broadcom Corporation)
O4 - HKLM..\Run: [BJCFD] C:\Program Files\BroadJump\Client Foundation\CFD.exe ()
O4 - HKLM..\Run: [ccApp] C:\Program Files\Common Files\Symantec Shared\ccApp.exe (Symantec Corporation)
O4 - HKLM..\Run: [HotKeysCmds] C:\WINDOWS\system32\hkcmd.exe (Intel Corporation)
O4 - HKLM..\Run: [IgfxTray] C:\WINDOWS\system32\igfxtray.exe (Intel Corporation)
O4 - HKLM..\Run: [IPInSightLAN 02] C:\Program Files\Visual Networks\Visual IP InSight\SBC\IPClient.exe (Visual Networks)
O4 - HKLM..\Run: [IPInSightMonitor 02] C:\Program Files\Visual Networks\Visual IP InSight\SBC\IPMon32.exe (Visual Networks)
O4 - HKLM..\Run: [iTunesHelper] C:\Program Files\iTunes\iTunesHelper.exe (Apple Inc.)
O4 - HKLM..\Run: [MAKTray] C:\WINDOWS\MAKTray.exe (Hewlett-Packard Development Company, L.P.)
O4 - HKLM..\Run: [osCheck] C:\Program Files\Norton Internet Security\osCheck.exe (Symantec Corporation)
O4 - HKLM..\Run: [PDF Complete] C:\Program Files\PDF Complete\pdfsty.exe (PDF Complete Inc)
O4 - HKLM..\Run: [QuickTime Task] C:\Program Files\QuickTime\QTTask.exe (Apple Inc.)
O4 - HKLM..\Run: [SetRefresh] C:\Program Files\Compaq\SetRefresh\SetRefresh.exe (Hewlett-Packard Company)
O4 - HKLM..\Run: [Smapp] C:\Program Files\Analog Devices\SoundMAX\SMTray.exe (Analog Devices, Inc.)
O4 - HKLM..\Run: [smss32.exe] C:\WINDOWS\system32\smss32.exe (IpVOPqgs)
O4 - HKLM..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe (Sun Microsystems, Inc.)
O4 - HKCU..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe File not found
O4 - HKCU..\Run: [Google Update] C:\Documents and Settings\Administrator\Local Settings\Application Data\Google\Update\GoogleUpdate.exe (Google Inc.)
O4 - HKCU..\Run: [Internet Security 2010] C:\Program Files\InternetSecurity2010\IS2010.exe (Internet Security)
O4 - HKCU..\Run: [Reminder] C:\Program Files\Microsoft Money\System\REMINDER.EXE (Microsoft Corporation)
O4 - HKCU..\Run: [updateMgr] C:\Program Files\Adobe\Acrobat 7.0\Reader\AdobeUpdateManager.exe (Adobe Systems Incorporated)
O4 - HKCU..\Run: [Upromise Tray] C:\Program Files\Upromise\UpromiseTray.exe ()
O4 - HKCU..\Run: [Upromise Update] C:\Program Files\Upromise\dca-ua.exe (Compete Inc)
O4 - HKCU..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\wmpnscfg.exe (Microsoft Corporation)
O4 - HKCU..\Run: [XPAgent] C:\WINDOWS\System32\XPAgent.exe File not found
O4 - Startup: C:\Documents and Settings\Administrator\Start Menu\Programs\Startup\GoZone iSync.lnk = C:\Program Files\GoZone\GoZone_iSync.exe (Virgin HealthMiles Inc.)
O4 - Startup: C:\Documents and Settings\Administrator\Start Menu\Programs\Startup\HotSync Manager.lnk = C:\Program Files\Handspring\HOTSYNC.EXE (Palm Computing, Inc.)
O4 - Startup: C:\Documents and Settings\Administrator\Start Menu\Programs\Startup\OpenOffice.org 2.2.lnk = C:\Program Files\OpenOffice.org 2.2\program\quickstart.exe ()
O4 - Startup: C:\Documents and Settings\Administrator\Start Menu\Programs\Startup\Picture Motion Browser Media Check Tool.lnk = C:\Program Files\Sony\Sony Picture Utility\VolumeWatcher\SPUVolumeWatcher.exe (Sony Corporation)
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe (Adobe Systems Incorporated)
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\ImageMixer for HDD Camcorder.lnk = C:\Program Files\PIXELA\ImageMixer for HDD Camcorder\IMx3Launcher.exe (PIXELA CORPORATION)
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Kodak EasyShare software.lnk = C:\Program Files\Kodak\Kodak EasyShare software\bin\EasyShare.exe (Eastman Kodak Company)
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Microsoft Find Fast.lnk = C:\Program Files\Microsoft Office\FINDFAST.EXE ()
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office\OSA9.EXE (Microsoft Corporation)
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Office Startup.lnk = C:\Program Files\Microsoft Office\OSA.EXE ()
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Philips GoGear VIBE Device Manager.lnk = C:\Program Files\Philips\GoGear VIBE Device Manager\GoGear_Vibe_DeviceManager.exe (Philips)
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Snapfish PictureMover.lnk = C:\Program Files\Snapfish PictureMover\PictureMover.exe ()
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoSetActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoSetActiveDesktop = 1
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableTaskMgr = 1
O8 - Extra context menu item: Add to Google Photos Screensa&ver - C:\WINDOWS\System32\GPhotos.scr (Google Inc.)
O9 - Extra Button: Upromise TurboSaver - {06E58E5E-F8CB-4049-991E-A41C03BD419E} - C:\Program Files\Upromise\upromisetoolbar.dll (Upromise, Inc.)
O9 - Extra 'Tools' menuitem : Upromise TurboSaver - {06E58E5E-F8CB-4049-991E-A41C03BD419E} - C:\Program Files\Upromise\upromisetoolbar.dll (Upromise, Inc.)
O9 - Extra 'Tools' menuitem : Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\npjpi160_07.dll (Sun Microsystems, Inc.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O10 - Protocol_Catalog9\Catalog_Entries\000000000001 - C:\WINDOWS\System32\helper32.dll ()
O10 - Protocol_Catalog9\Catalog_Entries\000000000019 - C:\WINDOWS\System32\helper32.dll ()
O15 - HKLM\..Trusted Domains: 1 domain(s) and sub-domain(s) not assigned to a zone.
O15 - HKCU\..Trusted Domains: e-rewards.com ([www] https in Trusted sites)
O15 - HKCU\..Trusted Domains: turbotax.com ([]https in Trusted sites)
O15 - HKCU\..Trusted Domains: 1 domain(s) and sub-domain(s) not assigned to a zone.
O16 - DPF: {0C92900E-4D5A-4F04-ACC9-729E1767BBAE} [You must be registered and logged in to see this link.] (Image Uploader Control)
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} [You must be registered and logged in to see this link.] (Windows Genuine Advantage Validation Tool)
O16 - DPF: {1E2941E3-8E63-11D4-9D5A-00902742D6E0} [You must be registered and logged in to see this link.] (iNotes Class)
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} C:\Program Files\Yahoo!\Common\Yinsthelper.dll (Installation Support)
O16 - DPF: {3BFFE033-BF43-11D5-A271-00A024A51325} [You must be registered and logged in to see this link.] (iNotes6 Class)
O16 - DPF: {406B5949-7190-4245-91A9-30A17DE16AD0} [You must be registered and logged in to see this link.] (Snapfish Activia)
O16 - DPF: {895D1291-D5BD-4982-BA84-AD11D29C1D6A} [You must be registered and logged in to see this link.] (Image Uploader Control)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} [You must be registered and logged in to see this link.] (Java Plug-in 1.6.0_07)
O16 - DPF: {9600F64D-755F-11D4-A47F-0001023E6D5A} [You must be registered and logged in to see this link.] (Shutterfly Picture Upload Plugin)
O16 - DPF: {AE6C4705-0F11-4ACB-BDD4-37F138BEF289} [You must be registered and logged in to see this link.] (Image Uploader Control)
O16 - DPF: {CAFEEFAC-0015-0000-0000-ABCDEFFEDCBA} [You must be registered and logged in to see this link.] (Java Plug-in 1.5.0)
O16 - DPF: {CAFEEFAC-0016-0000-0000-ABCDEFFEDCBA} [You must be registered and logged in to see this link.] (Java Plug-in 1.6.0)
O16 - DPF: {CAFEEFAC-0016-0000-0001-ABCDEFFEDCBA} [You must be registered and logged in to see this link.] (Java Plug-in 1.6.0_01)
O16 - DPF: {CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA} [You must be registered and logged in to see this link.] (Java Plug-in 1.6.0_07)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} [You must be registered and logged in to see this link.] (Java Plug-in 1.6.0_07)
O16 - DPF: {CF40ACC5-E1BB-4AFF-AC72-04C2F616BCA7} [You must be registered and logged in to see this link.] (get_atlcom Class)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} [You must be registered and logged in to see this link.] (Shockwave Flash Object)
O16 - DPF: {F127B9BA-89EA-4B04-9C67-2074A9DF61FD} [You must be registered and logged in to see this link.] (Photo Upload Plugin Class)
O16 - DPF: Microsoft XML Parser for Java [You must be registered and logged in to see this link.] (Reg Error: Key error.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 68.94.156.1 68.94.157.1
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\WINDOWS\system32\winlogon32.exe) - C:\WINDOWS\system32\winlogon32.exe (IpVOPqgs)
O20 - Winlogon\Notify\igfxcui: DllName - igfxsrvc.dll - C:\WINDOWS\System32\igfxsrvc.dll (Intel Corporation)
O24 - Desktop WallPaper:
O24 - Desktop BackupWallPaper: C:\Documents and Settings\Administrator\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O32 - HKLM CDRom: AutoRun - 1
O33 - MountPoints2\{37ceba36-8d7a-11dc-bc87-000c41f04185}\Shell\AutoRun\command - "" = F:\JDSecure\Windows\JDSecure31.exe -- File not found
O33 - MountPoints2\{fdd7fc96-e9db-11de-be7c-000c41f04185}\Shell - "" = AutoRun
O33 - MountPoints2\{fdd7fc96-e9db-11de-be7c-000c41f04185}\Shell\AutoRun - "" = Auto&Play
O33 - MountPoints2\{fdd7fc96-e9db-11de-be7c-000c41f04185}\Shell\AutoRun\command - "" = G:\PhotoViewer.exe -- File not found
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35 - comfile [open] -- "%1" %*
O35 - exefile [open] -- "%1" %*

========== Files/Folders - Created Within 30 Days ==========

[2010/01/24 10:20:09 | 00,000,000 | ---D | C] -- C:\Program Files\TrendMicro
[2010/01/24 09:49:54 | 00,000,000 | ---D | C] -- C:\Program Files\InternetSecurity2010
[2010/01/23 22:08:56 | 00,000,000 | ---D | M] -- C:\Documents and Settings\NetworkService\Local Settings\Application Data\Microsoft
[2010/01/23 22:08:56 | 00,000,000 | ---D | M] -- C:\Documents and Settings\LocalService\Local Settings\Application Data\Microsoft
[2010/01/23 22:08:55 | 00,000,000 | --SD | M] -- C:\Documents and Settings\NetworkService\Application Data\Microsoft
[2010/01/23 22:08:55 | 00,000,000 | --SD | M] -- C:\Documents and Settings\LocalService\Application Data\Microsoft
[2010/01/23 18:13:34 | 00,020,480 | ---- | C] (IpVOPqgs) -- C:\WINDOWS\System32\winlogon32.exe
[2010/01/23 18:13:34 | 00,020,480 | ---- | C] (IpVOPqgs) -- C:\WINDOWS\System32\smss32.exe
[2010/01/12 19:12:18 | 00,471,552 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\aclayers.dll
[2009/12/30 19:47:29 | 00,005,504 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mstee.sys
[2009/12/30 19:44:38 | 00,010,880 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ndisip.sys
[2009/12/30 19:44:28 | 00,015,232 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\streamip.sys
[2009/12/30 19:44:27 | 00,016,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\ipsink.ax
[2009/12/30 19:44:27 | 00,016,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ipsink.ax
[2009/12/30 19:44:21 | 00,011,136 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\slip.sys
[2009/12/30 19:44:14 | 00,019,200 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wstcodec.sys
[2009/12/30 19:44:09 | 00,085,248 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\nabtsfec.sys
[2009/12/30 19:44:03 | 00,017,024 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ccdecode.sys
[2009/12/30 19:43:24 | 00,053,760 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\vfwwdm32.dll
[2009/12/30 19:43:24 | 00,053,760 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\vfwwdm32.dll
[2009/12/30 19:43:24 | 00,043,008 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\ksxbar.ax
[2009/12/30 19:43:24 | 00,043,008 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ksxbar.ax
[2009/12/30 19:43:23 | 00,091,136 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kswdmcap.ax
[2009/12/30 19:43:23 | 00,091,136 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kswdmcap.ax
[2009/12/30 19:43:23 | 00,061,952 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kstvtune.ax
[2009/12/30 19:43:23 | 00,061,952 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kstvtune.ax
[2009/12/30 19:42:43 | 00,037,760 | ---- | C] (Service & Quality Technology.) -- C:\WINDOWS\System32\drivers\Capt905c.sys
[2009/12/30 19:42:43 | 00,025,216 | ---- | C] (Service & Quality Technology.) -- C:\WINDOWS\System32\drivers\Camd905c.sys
[2008/12/05 14:35:07 | 00,000,000 | ---D | M] -- C:\Documents and Settings\LocalService\Local Settings\Application Data\Google
[2007/08/28 13:55:02 | 00,000,000 | ---D | M] -- C:\Documents and Settings\NetworkService\Local Settings\Application Data\Apple
[2005/11/22 21:38:06 | 20,921,040 | ---- | C] ( ) -- C:\Program Files\AdbeRdr705_enu_full.exe
[2005/09/12 20:21:12 | 00,000,000 | ---D | M] -- C:\Documents and Settings\NetworkService\Application Data\Symantec
[4 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
[1 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2010/01/24 20:14:21 | 00,000,000 | ---- | M] () -- C:\WINDOWS\System32\41.exe
[2010/01/24 20:14:17 | 00,002,931 | ---- | M] () -- C:\WINDOWS\System32\warning.html
[2010/01/24 20:14:01 | 00,001,158 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2010/01/24 20:13:30 | 00,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2010/01/24 20:12:19 | 00,000,006 | -H-- | M] () -- C:\WINDOWS\tasks\SA.DAT
[2010/01/24 20:10:49 | 04,718,592 | -H-- | M] () -- C:\Documents and Settings\Administrator\ntuser.dat
[2010/01/24 20:10:49 | 00,000,178 | -HS- | M] () -- C:\Documents and Settings\Administrator\ntuser.ini
[2010/01/24 20:07:17 | 00,001,010 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-421591467-158189010-1035158585-500UA.job
[2010/01/24 20:06:52 | 00,000,631 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\ImageMixer destination folder.lnk
[2010/01/24 20:04:21 | 00,001,280 | ---- | M] () -- C:\AClient.cfg
[2010/01/24 18:15:54 | 00,000,438 | -H-- | M] () -- C:\WINDOWS\tasks\User_Feed_Synchronization-{A599B464-9115-4E09-AE36-54CBFCC55CA5}.job
[2010/01/24 14:32:59 | 00,000,000 | ---- | M] () -- C:\WINDOWS\System32\19169.exe
[2010/01/24 14:24:32 | 00,039,363 | ---- | M] () -- C:\Documents and Settings\Administrator\My Documents\10ALAuction.ods
[2010/01/24 14:24:24 | 00,043,442 | ---- | M] () -- C:\Documents and Settings\Administrator\My Documents\10NLAuction.ods
[2010/01/24 14:12:58 | 00,000,000 | ---- | M] () -- C:\WINDOWS\System32\26500.exe
[2010/01/24 13:52:58 | 00,000,000 | ---- | M] () -- C:\WINDOWS\System32\6334.exe
[2010/01/24 13:32:58 | 00,000,000 | ---- | M] () -- C:\WINDOWS\System32\18467.exe
[2010/01/24 10:03:24 | 03,952,746 | -H-- | M] () -- C:\Documents and Settings\Administrator\Local Settings\Application Data\IconCache.db
[2010/01/23 22:00:35 | 00,000,000 | ---- | M] () -- C:\WINDOWS\System32\28145.exe
[2010/01/23 21:40:25 | 00,000,000 | ---- | M] () -- C:\WINDOWS\System32\5705.exe
[2010/01/23 21:20:16 | 00,000,000 | ---- | M] () -- C:\WINDOWS\System32\24464.exe
[2010/01/23 21:00:12 | 00,000,000 | ---- | M] () -- C:\WINDOWS\System32\26962.exe
[2010/01/23 20:39:47 | 00,000,000 | ---- | M] () -- C:\WINDOWS\System32\29358.exe
[2010/01/23 20:26:07 | 00,004,806 | -H-- | M] () -- C:\ffastun.ffa
[2010/01/23 20:26:06 | 00,315,392 | -H-- | M] () -- C:\ffastun.ffo
[2010/01/23 20:25:58 | 02,797,568 | -H-- | M] () -- C:\ffastun0.ffx
[2010/01/23 20:25:58 | 01,671,168 | -H-- | M] () -- C:\ffastun.ffl
[2010/01/23 20:19:32 | 00,000,000 | ---- | M] () -- C:\WINDOWS\System32\11478.exe
[2010/01/23 19:59:31 | 00,000,000 | ---- | M] () -- C:\WINDOWS\System32\15724.exe
[2010/01/23 18:18:47 | 00,018,432 | ---- | M] () -- C:\WINDOWS\System32\helper32.dll
[2010/01/23 18:13:36 | 00,000,001 | ---- | M] () -- C:\s
[2010/01/23 18:13:31 | 00,020,480 | ---- | M] (IpVOPqgs) -- C:\WINDOWS\System32\winlogon32.exe
[2010/01/23 18:13:31 | 00,020,480 | ---- | M] (IpVOPqgs) -- C:\WINDOWS\System32\smss32.exe
[2010/01/22 23:14:27 | 00,026,624 | ---- | M] () -- C:\Documents and Settings\Administrator\My Documents\012210lnnchoop.doc
[2010/01/22 22:16:52 | 00,002,473 | ---- | M] () -- C:\Documents and Settings\Administrator\Desktop\Microsoft Word.lnk
[2010/01/21 19:15:40 | 00,002,137 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\iTunes.lnk
[2010/01/19 08:07:33 | 00,000,638 | ---- | M] () -- C:\WINDOWS\tasks\Norton Internet Security - Run Full System Scan - Administrator.job
[2010/01/19 04:07:04 | 00,000,958 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-421591467-158189010-1035158585-500Core.job
[2010/01/13 03:07:50 | 00,001,374 | ---- | M] () -- C:\WINDOWS\imsins.BAK
[2010/01/11 12:12:41 | 00,000,284 | ---- | M] () -- C:\WINDOWS\tasks\AppleSoftwareUpdate.job
[2009/12/30 19:42:45 | 00,000,531 | ---- | M] () -- C:\WINDOWS\win.ini
[2009/12/30 19:41:57 | 00,000,949 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Disney Pix Micro Downloader.lnk
[2009/12/30 19:01:07 | 00,000,734 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Disney Pix 2.lnk
[4 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
[1 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]

========== Files Created - No Company Name ==========

[2010/01/24 20:14:17 | 00,002,931 | ---- | C] () -- C:\WINDOWS\System32\warning.html
[2010/01/24 20:06:43 | 00,000,000 | ---- | C] () -- C:\WINDOWS\System32\41.exe
[2010/01/23 22:00:35 | 00,000,000 | ---- | C] () -- C:\WINDOWS\System32\28145.exe
[2010/01/23 21:40:25 | 00,000,000 | ---- | C] () -- C:\WINDOWS\System32\5705.exe
[2010/01/23 21:20:16 | 00,000,000 | ---- | C] () -- C:\WINDOWS\System32\24464.exe
[2010/01/23 21:00:12 | 00,000,000 | ---- | C] () -- C:\WINDOWS\System32\26962.exe
[2010/01/23 20:39:47 | 00,000,000 | ---- | C] () -- C:\WINDOWS\System32\29358.exe
[2010/01/23 20:19:32 | 00,000,000 | ---- | C] () -- C:\WINDOWS\System32\11478.exe
[2010/01/23 19:59:31 | 00,000,000 | ---- | C] () -- C:\WINDOWS\System32\15724.exe
[2010/01/23 19:39:28 | 00,000,000 | ---- | C] () -- C:\WINDOWS\System32\19169.exe
[2010/01/23 19:19:25 | 00,000,000 | ---- | C] () -- C:\WINDOWS\System32\26500.exe
[2010/01/23 18:59:21 | 00,000,000 | ---- | C] () -- C:\WINDOWS\System32\6334.exe
[2010/01/23 18:39:18 | 00,000,000 | ---- | C] () -- C:\WINDOWS\System32\18467.exe
[2010/01/23 18:18:47 | 00,018,432 | ---- | C] () -- C:\WINDOWS\System32\helper32.dll
[2010/01/23 18:13:36 | 00,000,001 | ---- | C] () -- C:\s
[2010/01/22 22:49:17 | 00,026,624 | ---- | C] () -- C:\Documents and Settings\Administrator\My Documents\012210lnnchoop.doc
[2009/12/30 19:41:57 | 00,000,949 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Disney Pix Micro Downloader.lnk
[2009/12/30 19:01:07 | 00,000,734 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Disney Pix 2.lnk
[2009/10/10 12:47:16 | 00,000,000 | ---- | C] () -- C:\WINDOWS\OPPRIN~1.INI
[2008/09/08 18:49:25 | 00,053,760 | ---- | C] () -- C:\WINDOWS\System32\Zlib.dll
[2008/04/07 15:48:10 | 00,003,654 | ---- | C] () -- C:\WINDOWS\System32\drivers\Sonyhcp.dll
[2008/01/26 15:34:55 | 00,000,812 | ---- | C] () -- C:\WINDOWS\ka.ini
[2007/11/07 16:41:53 | 00,000,000 | ---- | C] () -- C:\WINDOWS\JDSecure31.INI
[2007/11/07 16:41:49 | 00,061,440 | ---- | C] () -- C:\WINDOWS\System32\LxrJD20Sat.dll
[2007/11/07 16:41:48 | 00,249,856 | ---- | C] () -- C:\WINDOWS\System32\LxrJD31.dll
[2007/11/07 16:41:48 | 00,069,824 | ---- | C] () -- C:\WINDOWS\System32\drivers\LxrJD31d.sys
[2007/10/03 10:19:23 | 00,000,069 | ---- | C] () -- C:\WINDOWS\NeroDigital.ini
[2006/11/06 21:34:57 | 00,001,747 | ---- | C] () -- C:\Documents and Settings\All Users\Application Data\QTSBandwidthCache
[2006/04/30 19:21:38 | 00,000,109 | ---- | C] () -- C:\WINDOWS\webica.ini
[2006/03/24 14:09:50 | 00,972,800 | ---- | C] () -- C:\Program Files\PECOTA_03_21_2006.xls
[2006/02/05 12:32:58 | 00,674,304 | ---- | C] () -- C:\Program Files\PECOTA_01_25_2006.xls
[2006/01/19 10:32:48 | 00,029,696 | ---- | C] () -- C:\Program Files\ALOF_1_.xlr
[2006/01/18 18:25:29 | 00,024,064 | ---- | C] () -- C:\Program Files\ALC.xls
[2006/01/18 18:22:47 | 00,000,893 | ---- | C] () -- C:\WINDOWS\wizards.ini
[2005/11/10 00:27:46 | 42,068,374 | ---- | C] () -- C:\Program Files\NIS06900_2YR.exe
[2005/09/25 11:29:47 | 00,007,812 | ---- | C] () -- C:\WINDOWS\System32\visorusb.dll
[2005/09/24 09:01:28 | 00,098,304 | ---- | C] () -- C:\Documents and Settings\Administrator\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2005/09/23 14:21:06 | 00,000,061 | ---- | C] () -- C:\WINDOWS\ma_Tales.ini
[2005/09/23 14:20:39 | 00,012,074 | ---- | C] () -- C:\WINDOWS\MA_BB.INI
[2005/09/16 09:08:41 | 00,000,113 | ---- | C] () -- C:\WINDOWS\WININIT.INI
[2005/09/13 01:27:13 | 00,000,063 | ---- | C] () -- C:\WINDOWS\mdm.ini
[2005/09/13 01:00:22 | 00,000,376 | ---- | C] () -- C:\WINDOWS\ODBC.INI
[2005/09/12 20:58:01 | 00,040,960 | ---- | C] () -- C:\WINDOWS\System32\IsUser11b.dll
[2005/09/08 22:06:04 | 00,065,536 | ---- | C] () -- C:\WINDOWS\System32\YCRWin32.dll
[2005/08/31 11:43:32 | 00,098,304 | ---- | C] () -- C:\WINDOWS\System32\resourceGeneric.dll
[2005/08/03 13:01:23 | 00,000,061 | ---- | C] () -- C:\WINDOWS\smscfg.ini
[2005/08/03 12:53:02 | 00,049,152 | ---- | C] () -- C:\WINDOWS\EAKUSB.dll
[2005/08/03 12:53:02 | 00,024,576 | ---- | C] () -- C:\WINDOWS\MAKHkdll.dll
[2005/08/03 12:51:10 | 00,000,044 | ---- | C] () -- C:\WINDOWS\System32\msssc.dll
[2003/07/14 14:30:28 | 00,197,120 | ---- | C] () -- C:\WINDOWS\patchw32.dll
[2002/05/08 04:12:22 | 00,001,065 | ---- | C] () -- C:\WINDOWS\System32\oeminfo.ini
[1998/05/14 00:00:00 | 00,116,736 | ---- | C] () -- C:\WINDOWS\System32\PCDLIB32.DLL
[1997/11/10 15:18:48 | 00,010,240 | ---- | C] () -- C:\WINDOWS\System32\vidx16.dll
[1997/08/19 00:00:00 | 00,022,016 | ---- | C] () -- C:\WINDOWS\System32\DOCOBJ.DLL
[1997/08/19 00:00:00 | 00,012,288 | ---- | C] () -- C:\WINDOWS\System32\HLINKPRX.DLL

< End of report >
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoSetActiveDesktop = 1
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableTaskMgr = 1
O8 - Extra context menu item: Add to Google Photos Screensa&ver - C:\WINDOWS\System32\GPhotos.scr (Google Inc.)
O9 - Extra Button: Upromise TurboSaver - {06E58E5E-F8CB-4049-991E-A41C03BD419E} - C:\Program Files\Upromise\upromisetoolbar.dll (Upromise, Inc.)
O9 - Extra 'Tools' menuitem : Upromise TurboSaver - {06E58E5E-F8CB-4049-991E-A41C03BD419E} - C:\Program Files\Upromise\upromisetoolbar.dll (Upromise, Inc.)
O9 - Extra 'Tools' menuitem : Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\npjpi160_07.dll (Sun Microsystems, Inc.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O10 - Protocol_Catalog9\Catalog_Entries\000000000001 - C:\WINDOWS\System32\helper32.dll ()
O10 - Protocol_Catalog9\Catalog_Entries\000000000019 - C:\WINDOWS\System32\helper32.dll ()
O15 - HKLM\..Trusted Domains: 1 domain(s) and sub-domain(s) not assigned to a zone.
O15 - HKCU\..Trusted Domains: e-rewards.com ([www] https in Trusted sites)
O15 - HKCU\..Trusted Domains: turbotax.com ([]https in Trusted sites)
O15 - HKCU\..Trusted Domains: 1 domain(s) and sub-domain(s) not assigned to a zone.
O16 - DPF: {0C92900E-4D5A-4F04-ACC9-729E1767BBAE} [You must be registered and logged in to see this link.] (Image Uploader Control)
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} [You must be registered and logged in to see this link.] (Windows Genuine Advantage Validation Tool)
O16 - DPF: {1E2941E3-8E63-11D4-9D5A-00902742D6E0} [You must be registered and logged in to see this link.] (iNotes Class)
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} C:\Program Files\Yahoo!\Common\Yinsthelper.dll (Installation Support)
O16 - DPF: {3BFFE033-BF43-11D5-A271-00A024A51325} [You must be registered and logged in to see this link.] (iNotes6 Class)
O16 - DPF: {406B5949-7190-4245-91A9-30A17DE16AD0} [You must be registered and logged in to see this link.] (Snapfish Activia)
O16 - DPF: {895D1291-D5BD-4982-BA84-AD11D29C1D6A} [You must be registered and logged in to see this link.] (Image Uploader Control)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} [You must be registered and logged in to see this link.] (Java Plug-in 1.6.0_07)
O16 - DPF: {9600F64D-755F-11D4-A47F-0001023E6D5A} [You must be registered and logged in to see this link.] (Shutterfly Picture Upload Plugin)
O16 - DPF: {AE6C4705-0F11-4ACB-BDD4-37F138BEF289} [You must be registered and logged in to see this link.] (Image Uploader Control)
O16 - DPF: {CAFEEFAC-0015-0000-0000-ABCDEFFEDCBA} [You must be registered and logged in to see this link.] (Java Plug-in 1.5.0)
O16 - DPF: {CAFEEFAC-0016-0000-0000-ABCDEFFEDCBA} [You must be registered and logged in to see this link.] (Java Plug-in 1.6.0)
O16 - DPF: {CAFEEFAC-0016-0000-0001-ABCDEFFEDCBA} [You must be registered and logged in to see this link.] (Java Plug-in 1.6.0_01)
O16 - DPF: {CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA} [You must be registered and logged in to see this link.] (Java Plug-in 1.6.0_07)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} [You must be registered and logged in to see this link.] (Java Plug-in 1.6.0_07)
O16 - DPF: {CF40ACC5-E1BB-4AFF-AC72-04C2F616BCA7} [You must be registered and logged in to see this link.] (get_atlcom Class)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} [You must be registered and logged in to see this link.] (Shockwave Flash Object)
O16 - DPF: {F127B9BA-89EA-4B04-9C67-2074A9DF61FD} [You must be registered and logged in to see this link.] (Photo Upload Plugin Class)
O16 - DPF: Microsoft XML Parser for Java [You must be registered and logged in to see this link.] (Reg Error: Key error.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 68.94.156.1 68.94.157.1
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\WINDOWS\system32\winlogon32.exe) - C:\WINDOWS\system32\winlogon32.exe (IpVOPqgs)
O20 - Winlogon\Notify\igfxcui: DllName - igfxsrvc.dll - C:\WINDOWS\System32\igfxsrvc.dll (Intel Corporation)
O24 - Desktop WallPaper:
O24 - Desktop BackupWallPaper: C:\Documents and Settings\Administrator\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O32 - HKLM CDRom: AutoRun - 1
O33 - MountPoints2\{37ceba36-8d7a-11dc-bc87-000c41f04185}\Shell\AutoRun\command - "" = F:\JDSecure\Windows\JDSecure31.exe -- File not found
O33 - MountPoints2\{fdd7fc96-e9db-11de-be7c-000c41f04185}\Shell - "" = AutoRun
O33 - MountPoints2\{fdd7fc96-e9db-11de-be7c-000c41f04185}\Shell\AutoRun - "" = Auto&Play
O33 - MountPoints2\{fdd7fc96-e9db-11de-be7c-000c41f04185}\Shell\AutoRun\command - "" = G:\PhotoViewer.exe -- File not found
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35 - comfile [open] -- "%1" %*
O35 - exefile [open] -- "%1" %*
SRV - File not found [Disabled | Stopped] -- -- (NMIndexingService)
SRV - File not found [Auto | Stopped] -- -- ($sys$DRMServer)
SRV - [2009/10/28 20:21:14 | 00,545,568 | ---- | M] (Apple Inc.) [On_Demand | Stopped] -- C:\Program Files\iPod\bin\iPodService.exe -- (iPod Service)
SRV - [2009/09/28 08:42:50 | 00,109,056 | ---- | M] (ArcSoft Inc.) [Auto | Stopped] -- C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACService.exe -- (ACDaemon)
SRV - [2009/06/05 10:48:14 | 00,144,712 | ---- | M] (Apple Inc.) [Auto | Stopped] -- C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe -- (Apple Mobile Device)
SRV - [2008/12/12 11:17:38 | 00,238,888 | ---- | M] (Apple Inc.) [Auto | Stopped] -- C:\Program Files\Bonjour\mDNSResponder.exe -- (Bonjour Service)
SRV - [2008/10/17 14:52:10 | 00,149,352 | ---- | M] (Symantec Corporation) [Auto | Stopped] -- C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe -- (LiveUpdate Notice)
SRV - [2008/10/17 14:52:10 | 00,149,352 | ---- | M] (Symantec Corporation) [Auto | Stopped] -- C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe -- (CLTNetCnService)
SRV - [2008/10/17 14:52:10 | 00,149,352 | ---- | M] (Symantec Corporation) [Auto | Stopped] -- C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe -- (ccSetMgr)
SRV - [2008/10/17 14:52:10 | 00,149,352 | ---- | M] (Symantec Corporation) [Auto | Stopped] -- C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe -- (ccEvtMgr)
SRV - [2008/10/10 05:45:26 | 00,013,088 | ---- | M] (Intuit Inc.) [Auto | Stopped] -- C:\Program Files\Common Files\Intuit\Update Service\IntuitUpdateService.exe -- (IntuitUpdateService)
SRV - [2008/01/23 15:59:05 | 01,251,720 | ---- | M] () [On_Demand | Stopped] -- C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe -- (Symantec Core LC)
SRV - [2007/11/07 16:41:48 | 00,071,168 | ---- | M] () [Auto | Stopped] -- C:\WINDOWS\System32\LxrJD31s.exe -- (LxrJD31s)
SRV - [2007/08/31 10:49:50 | 00,243,064 | ---- | M] (Symantec Corporation) [Auto | Stopped] -- C:\Program Files\Symantec\LiveUpdate\AluSchedulerSvc.exe -- (Automatic LiveUpdate Scheduler)
SRV - [2007/08/23 15:35:22 | 03,192,184 | ---- | M] (Symantec Corporation) [On_Demand | Stopped] -- C:\Program Files\Symantec\LiveUpdate\LuComServer_3_4.EXE -- (LiveUpdate)
SRV - [2007/08/22 02:21:30 | 00,055,640 | ---- | M] (Symantec Corporation) [On_Demand | Stopped] -- C:\Program Files\Common Files\Symantec Shared\VAScanner\comHost.exe -- (comHost)
SRV - [2007/01/03 20:40:21 | 00,136,120 | ---- | M] (Google) [On_Demand | Stopped] -- C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe -- (gusvc)
SRV - [2004/10/07 09:42:57 | 00,167,936 | ---- | M] () [Auto | Stopped] -- C:\WINDOWS\CDProxyServ.exe -- (CD_Proxy)
SRV - [2004/08/23 08:31:34 | 04,845,644 | ---- | M] (Altiris, Inc.) [Auto | Stopped] -- C:\Program Files\Aclient\AClient.exe -- (AClient)
SRV - [2002/09/20 17:50:10 | 00,045,056 | ---- | M] (Analog Devices, Inc.) [Auto | Stopped] -- C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe -- (SoundMAX Agent Service (default))


========== Driver Services (SafeList) ==========

nstnewell
Novice
Novice

Posts Posts : 11
Joined Joined : 2010-01-24
OS OS : Windows XP
Points Points : 25233
# Likes # Likes : 0

View user profile

Back to top Go down

Re: Internet Security 2010

Post by nstnewell on Mon Jan 25, 2010 1:55 am

Part 4


DRV - [2009/11/19 22:02:58 | 00,268,664 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Stopped] -- C:\Program Files\Common Files\Symantec Shared\SymcData\ipsdefs\20100119.001\SymIDSCo.sys -- (SYMIDSCO)
DRV - [2009/08/28 18:42:52 | 00,040,448 | ---- | M] (Apple, Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\usbaapl.sys -- (USBAAPL)
DRV - [2009/08/27 03:00:00 | 00,371,248 | ---- | M] (Symantec Corporation) [Kernel | System | Stopped] -- C:\Program Files\Common Files\Symantec Shared\EENGINE\eeCtrl.sys -- (eeCtrl)
DRV - [2009/08/27 03:00:00 | 00,102,448 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Stopped] -- C:\Program Files\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys -- (EraserUtilRebootDrv)
DRV - [2009/08/25 03:00:00 | 01,323,568 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Stopped] -- C:\Program Files\Common Files\Symantec Shared\VirusDefs\20100123.003\NAVEX15.SYS -- (NAVEX15)
DRV - [2009/08/25 03:00:00 | 00,084,912 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Stopped] -- C:\Program Files\Common Files\Symantec Shared\VirusDefs\20100123.003\NAVENG.SYS -- (NAVENG)
DRV - [2009/05/18 13:17:00 | 00,026,600 | ---- | M] (GEAR Software Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\GEARAspiWDM.sys -- (GEARAspiWDM)
DRV - [2009/02/19 11:31:42 | 00,031,280 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\SymIM.sys -- (SymIMMP)
DRV - [2009/02/19 11:31:42 | 00,031,280 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\SymIM.sys -- (SymIM)
DRV - [2009/02/19 11:31:16 | 00,184,496 | ---- | M] (Symantec Corporation) [Kernel | System | Stopped] -- C:\WINDOWS\System32\Drivers\SYMTDI.SYS -- (SYMTDI)
DRV - [2009/02/19 11:31:16 | 00,096,560 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\System32\Drivers\SYMFW.SYS -- (SYMFW)
DRV - [2009/02/19 11:31:16 | 00,038,576 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\System32\Drivers\SYMIDS.SYS -- (SYMIDS)
DRV - [2009/02/19 11:31:16 | 00,037,424 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\System32\Drivers\SYMNDIS.SYS -- (SYMNDIS)
DRV - [2009/02/19 11:31:16 | 00,022,320 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\System32\Drivers\SYMREDRV.SYS -- (SYMREDRV)
DRV - [2009/02/19 11:31:16 | 00,013,616 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\System32\Drivers\SYMDNS.SYS -- (SYMDNS)
DRV - [2009/01/09 09:54:07 | 00,124,464 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\SYMEVENT.SYS -- (SymEvent)
DRV - [2008/11/20 14:19:06 | 00,043,872 | ---- | M] (Sonic Solutions) [Kernel | Boot | Running] -- C:\WINDOWS\System32\Drivers\PxHelp20.sys -- (PxHelp20)
DRV - [2008/09/05 13:31:42 | 00,447,024 | ---- | M] (Symantec Corporation) [Kernel | System | Stopped] -- C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCDrv.sys -- (SPBBCDrv)
DRV - [2008/07/30 16:42:12 | 00,023,888 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\COH_Mon.sys -- (COH_Mon)
DRV - [2007/11/30 23:57:12 | 00,317,616 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\srtspl.sys -- (SRTSPL)
DRV - [2007/11/30 23:57:12 | 00,279,088 | ---- | M] (Symantec Corporation) [File_System | System | Stopped] -- C:\WINDOWS\system32\drivers\srtsp.sys -- (SRTSP)
DRV - [2007/11/30 23:57:12 | 00,043,696 | ---- | M] (Symantec Corporation) [Kernel | System | Stopped] -- C:\WINDOWS\system32\drivers\srtspx.sys -- (SRTSPX)
DRV - [2007/11/13 05:25:53 | 00,020,480 | ---- | M] (Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\secdrv.sys -- (Secdrv)
DRV - [2007/11/07 16:41:48 | 00,069,824 | ---- | M] () [Kernel | Auto | Stopped] -- C:\WINDOWS\system32\drivers\LxrJD31d.sys -- (LxrJD31d)
DRV - [2007/08/08 18:39:56 | 00,036,056 | ---- | M] (Symantec Corporation) [Kernel | Auto | Stopped] -- C:\WINDOWS\system32\drivers\CO_Mon.sys -- (CO_Mon)
DRV - [2007/05/18 11:41:30 | 00,037,760 | ---- | M] (Service & Quality Technology.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\Capt905c.sys -- (SQTECH905C)
DRV - [2005/11/10 00:34:45 | 00,010,344 | ---- | M] (Symantec Corporation) [Kernel | Auto | Stopped] -- C:\WINDOWS\system32\drivers\symlcbrd.sys -- (symlcbrd)
DRV - [2005/07/04 07:52:50 | 00,018,432 | ---- | M] (First 4 Internet) [Kernel | Boot | Running] -- C:\WINDOWS\System32\Drivers\$sys$cor.sys -- ($sys$cor)
DRV - [2005/07/04 05:51:37 | 00,011,904 | ---- | M] (First 4 Internet) [Kernel | System | Running] -- C:\WINDOWS\system32\$sys$filesystem\crater.sys -- ($sys$crater)
DRV - [2005/04/21 00:33:12 | 00,112,384 | R--- | M] (NETGEAR Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\wg111v2.sys -- (RTLWUSB)
DRV - [2004/11/16 08:46:38 | 00,190,592 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\b57xp32.sys -- (b57w2k)
DRV - [2004/09/30 12:05:12 | 00,752,093 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ialmnt5.sys -- (ialm)
DRV - [2004/08/04 03:00:00 | 00,017,792 | ---- | M] (Parallel Technologies, Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ptilink.sys -- (Ptilink)
DRV - [2004/08/03 22:31:20 | 00,036,224 | ---- | M] (ADMtek Incorporated.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\an983.sys -- (AN983)
DRV - [2004/08/03 12:29:50 | 00,019,455 | ---- | M] (Intel(R) Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\wVchNTxx.sys -- (iAimFP4)
DRV - [2004/08/03 12:29:48 | 00,012,063 | ---- | M] (Intel(R) Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\wSiINTxx.sys -- (iAimFP3)
DRV - [2004/08/03 12:29:46 | 00,025,471 | ---- | M] (Intel(R) Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\wATV10nt.sys -- (iAimTV5)
DRV - [2004/08/03 12:29:46 | 00,023,615 | ---- | M] (Intel(R) Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\wCh7xxNT.sys -- (iAimTV4)
DRV - [2004/08/03 12:29:46 | 00,022,271 | ---- | M] (Intel(R) Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\wATV06nt.sys -- (iAimTV6)
DRV - [2004/08/03 12:29:44 | 00,033,599 | ---- | M] (Intel(R) Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\wATV04nt.sys -- (iAimTV3)
DRV - [2004/08/03 12:29:44 | 00,019,551 | ---- | M] (Intel(R) Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\wATV02NT.sys -- (iAimTV1)
DRV - [2004/08/03 12:29:42 | 00,029,311 | ---- | M] (Intel(R) Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\wATV01nt.sys -- (iAimTV0)
DRV - [2004/08/03 12:29:42 | 00,011,871 | ---- | M] (Intel(R) Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\wADV09NT.sys -- (iAimFP7)
DRV - [2004/08/03 12:29:40 | 00,011,807 | ---- | M] (Intel(R) Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\wADV07nt.sys -- (iAimFP5)
DRV - [2004/08/03 12:29:40 | 00,011,295 | ---- | M] (Intel(R) Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\wADV08NT.sys -- (iAimFP6)
DRV - [2004/08/03 12:29:38 | 00,161,020 | ---- | M] (Intel(R) Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\i81xnt5.sys -- (i81x)
DRV - [2004/08/03 12:29:38 | 00,012,415 | ---- | M] (Intel(R) Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\wADV01nt.sys -- (iAimFP0)
DRV - [2004/08/03 12:29:38 | 00,012,127 | ---- | M] (Intel(R) Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\wADV02NT.sys -- (iAimFP1)
DRV - [2004/08/03 12:29:38 | 00,011,775 | ---- | M] (Intel(R) Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\wADV05NT.sys -- (iAimFP2)
DRV - [2004/04/15 13:20:36 | 00,612,416 | ---- | M] (Analog Devices, Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\smwdm.sys -- (smwdm)
DRV - [2004/02/04 13:34:16 | 00,051,584 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\baspxp32.sys -- (Blfp)
DRV - [2003/10/23 06:17:10 | 00,100,384 | ---- | M] (Andrea Electronics Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\aeaudio.sys -- (aeaudio)
DRV - [2002/05/08 13:44:42 | 00,105,472 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\WINDOWS\system32\DRIVERS\adpu320.sys -- (adpu320)
DRV - [2002/04/04 01:32:06 | 00,028,416 | R--- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\WINDOWS\system32\DRIVERS\symmpi.sys -- (Symmpi)
DRV - [2001/10/24 19:16:10 | 00,036,224 | R--- | M] (LinkSys Group Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\lne100v5.sys -- (LNE100) Linksys LNE100TX(v5)
DRV - [2001/08/30 10:15:36 | 00,019,968 | ---- | M] (Handspring, Inc) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\VisorUsb.sys -- (VisorUsb)
DRV - [2001/08/17 12:56:16 | 00,007,552 | ---- | M] (Sony Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\SONYPVU1.SYS -- (SONYPVU1) Sony USB Filter Driver (SONYPVU1)
DRV - [2001/08/17 11:07:42 | 00,030,688 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\WINDOWS\system32\DRIVERS\sym_u3.sys -- (sym_u3)
DRV - [2001/08/17 11:07:40 | 00,028,384 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\WINDOWS\system32\DRIVERS\sym_hi.sys -- (sym_hi)
DRV - [2001/08/17 11:07:36 | 00,032,640 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\WINDOWS\system32\DRIVERS\symc8xx.sys -- (symc8xx)
DRV - [2001/08/17 11:07:34 | 00,016,256 | ---- | M] (Symbios Logic Inc.) [Kernel | Disabled | Stopped] -- C:\WINDOWS\system32\DRIVERS\symc810.sys -- (symc810)
DRV - [2001/08/17 02:20:04 | 00,096,256 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ac97intc.sys -- (ac97intc) Intel(r) 82801 Audio Driver Install Service (WDM)
DRV - [2001/08/17 02:12:10 | 00,117,760 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\e100b325.sys -- (E100B) Intel(R)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,CustomSearch = [You must be registered and logged in to see this link.]

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,SearchMigratedDefaultName = Yahoo! Search
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,SearchMigratedDefaultURL = [You must be registered and logged in to see this link.]
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = [You must be registered and logged in to see this link.]
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local

========== FireFox ==========

FF - prefs.js..browser.search.defaultenginename: "Yahoo! Search"
FF - prefs.js..browser.search.defaulturl: "http://www.google.com/search?lr=&ie=UTF-8&oe=UTF-8&q="
FF - prefs.js..browser.search.selectedEngine: "Yahoo! Search"
FF - prefs.js..keyword.URL: "http://us.yhs.search.yahoo.com/avg/search?fr=yhs-avgb&type=yahoo_avg_hs2-tb-web_us&p="

FF - HKLM\software\mozilla\Mozilla Firefox 3.5.7\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2010/01/20 12:31:40 | 00,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.5.7\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2010/01/20 12:31:40 | 00,000,000 | ---D | M]

[2009/01/13 11:38:39 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Application Data\Mozilla\Extensions
[2010/01/24 13:56:24 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\cldhl1pz.default\extensions
[2008/08/09 12:31:12 | 00,000,000 | ---D | M] (Yahoo! Toolbar) -- C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\cldhl1pz.default\extensions\{635abd67-4fe9-1b23-4f01-e679fa7484c1}
[2010/01/24 13:56:24 | 00,000,000 | ---D | M] -- C:\Program Files\Mozilla Firefox\extensions
[2007/05/24 20:16:01 | 00,000,000 | ---D | M] (Google Toolbar for Firefox) -- C:\Program Files\Mozilla Firefox\extensions\{3112ca9c-de6d-4884-a869-9855de68056c}
[2007/08/24 22:52:00 | 00,300,400 | ---- | M] (Symantec Corporation) -- C:\Program Files\Mozilla Firefox\components\coFFPlgn.dll
[2006/01/18 11:50:00 | 00,319,488 | ---- | M] ( ) -- C:\Program Files\Mozilla Firefox\plugins\npsnapfish.dll

O1 HOSTS File: ([2004/08/04 03:00:00 | 00,000,734 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (no name) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - No CLSID value found.
O2 - BHO: (Adobe PDF Reader Link Helper) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
O2 - BHO: (AVG Safe Search) - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG8\avgssie.dll File not found
O2 - BHO: (no name) - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files\Common Files\Symantec Shared\coShared\Browser\2.0\CoIEPlg.dll (Symantec Corporation)
O2 - BHO: (Symantec Intrusion Prevention) - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files\Common Files\Symantec Shared\IDS\IPSBHO.dll (Symantec Corporation)
O2 - BHO: (SSVHelper Class) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll (Sun Microsystems, Inc.)
O2 - BHO: (DCA BHO) - {B49699FC-1665-4414-A1CB-C4A2A4A13EEC} - C:\Program Files\Upromise\dca-bho.dll (Compete, Inc.)
O2 - BHO: (Upromise TurboSaver) - {EDC0F17F-F4B7-47e4-B73E-887FAEB376FA} - C:\Program Files\Upromise\upromisetoolbar.dll (Upromise, Inc.)
O3 - HKLM\..\Toolbar: (Upromise TurboSaver) - {06E58E5E-F8CB-4049-991E-A41C03BD419E} - C:\Program Files\Upromise\upromisetoolbar.dll (Upromise, Inc.)
O3 - HKLM\..\Toolbar: (Show Norton Toolbar) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files\Common Files\Symantec Shared\coShared\Browser\2.0\CoIEPlg.dll (Symantec Corporation)
O3 - HKLM\..\Toolbar: (no name) - {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - No CLSID value found.
O3 - HKCU\..\Toolbar\ShellBrowser: (no name) - {C4069E3A-68F1-403E-B40E-20066696354B} - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (Show Norton Toolbar) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files\Common Files\Symantec Shared\coShared\Browser\2.0\CoIEPlg.dll (Symantec Corporation)
O4 - HKLM..\Run: [AClntUsr] C:\Program Files\Aclient\AClntUsr.EXE ()
O4 - HKLM..\Run: [AppleSyncNotifier] C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleSyncNotifier.exe (Apple Inc.)
O4 - HKLM..\Run: [ArcSoft Connection Service] C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe (ArcSoft Inc.)
O4 - HKLM..\Run: [bacstray] C:\Program Files\Broadcom\BACS\BacsTray.exe (Broadcom Corporation)
O4 - HKLM..\Run: [BJCFD] C:\Program Files\BroadJump\Client Foundation\CFD.exe ()
O4 - HKLM..\Run: [ccApp] C:\Program Files\Common Files\Symantec Shared\ccApp.exe (Symantec Corporation)
O4 - HKLM..\Run: [HotKeysCmds] C:\WINDOWS\system32\hkcmd.exe (Intel Corporation)
O4 - HKLM..\Run: [IgfxTray] C:\WINDOWS\system32\igfxtray.exe (Intel Corporation)
O4 - HKLM..\Run: [IPInSightLAN 02] C:\Program Files\Visual Networks\Visual IP InSight\SBC\IPClient.exe (Visual Networks)
O4 - HKLM..\Run: [IPInSightMonitor 02] C:\Program Files\Visual Networks\Visual IP InSight\SBC\IPMon32.exe (Visual Networks)
O4 - HKLM..\Run: [iTunesHelper] C:\Program Files\iTunes\iTunesHelper.exe (Apple Inc.)
O4 - HKLM..\Run: [MAKTray] C:\WINDOWS\MAKTray.exe (Hewlett-Packard Development Company, L.P.)
O4 - HKLM..\Run: [osCheck] C:\Program Files\Norton Internet Security\osCheck.exe (Symantec Corporation)
O4 - HKLM..\Run: [PDF Complete] C:\Program Files\PDF Complete\pdfsty.exe (PDF Complete Inc)
O4 - HKLM..\Run: [QuickTime Task] C:\Program Files\QuickTime\QTTask.exe (Apple Inc.)
O4 - HKLM..\Run: [SetRefresh] C:\Program Files\Compaq\SetRefresh\SetRefresh.exe (Hewlett-Packard Company)
O4 - HKLM..\Run: [Smapp] C:\Program Files\Analog Devices\SoundMAX\SMTray.exe (Analog Devices, Inc.)
O4 - HKLM..\Run: [smss32.exe] C:\WINDOWS\system32\smss32.exe (IpVOPqgs)
O4 - HKLM..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe (Sun Microsystems, Inc.)
O4 - HKCU..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe File not found
O4 - HKCU..\Run: [Google Update] C:\Documents and Settings\Administrator\Local Settings\Application Data\Google\Update\GoogleUpdate.exe (Google Inc.)
O4 - HKCU..\Run: [Internet Security 2010] C:\Program Files\InternetSecurity2010\IS2010.exe (Internet Security)
O4 - HKCU..\Run: [Reminder] C:\Program Files\Microsoft Money\System\REMINDER.EXE (Microsoft Corporation)
O4 - HKCU..\Run: [updateMgr] C:\Program Files\Adobe\Acrobat 7.0\Reader\AdobeUpdateManager.exe (Adobe Systems Incorporated)
O4 - HKCU..\Run: [Upromise Tray] C:\Program Files\Upromise\UpromiseTray.exe ()
O4 - HKCU..\Run: [Upromise Update] C:\Program Files\Upromise\dca-ua.exe (Compete Inc)
O4 - HKCU..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\wmpnscfg.exe (Microsoft Corporation)
O4 - HKCU..\Run: [XPAgent] C:\WINDOWS\System32\XPAgent.exe File not found
O4 - Startup: C:\Documents and Settings\Administrator\Start Menu\Programs\Startup\GoZone iSync.lnk = C:\Program Files\GoZone\GoZone_iSync.exe (Virgin HealthMiles Inc.)
O4 - Startup: C:\Documents and Settings\Administrator\Start Menu\Programs\Startup\HotSync Manager.lnk = C:\Program Files\Handspring\HOTSYNC.EXE (Palm Computing, Inc.)
O4 - Startup: C:\Documents and Settings\Administrator\Start Menu\Programs\Startup\OpenOffice.org 2.2.lnk = C:\Program Files\OpenOffice.org 2.2\program\quickstart.exe ()
O4 - Startup: C:\Documents and Settings\Administrator\Start Menu\Programs\Startup\Picture Motion Browser Media Check Tool.lnk = C:\Program Files\Sony\Sony Picture Utility\VolumeWatcher\SPUVolumeWatcher.exe (Sony Corporation)
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe (Adobe Systems Incorporated)
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\ImageMixer for HDD Camcorder.lnk = C:\Program Files\PIXELA\ImageMixer for HDD Camcorder\IMx3Launcher.exe (PIXELA CORPORATION)
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Kodak EasyShare software.lnk = C:\Program Files\Kodak\Kodak EasyShare software\bin\EasyShare.exe (Eastman Kodak Company)
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Microsoft Find Fast.lnk = C:\Program Files\Microsoft Office\FINDFAST.EXE ()
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office\OSA9.EXE (Microsoft Corporation)
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Office Startup.lnk = C:\Program Files\Microsoft Office\OSA.EXE ()
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Philips GoGear VIBE Device Manager.lnk = C:\Program Files\Philips\GoGear VIBE Device Manager\GoGear_Vibe_DeviceManager.exe (Philips)
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Snapfish PictureMover.lnk = C:\Program Files\Snapfish PictureMover\PictureMover.exe ()
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoSetActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoSetActiveDesktop = 1
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableTaskMgr = 1
O8 - Extra context menu item: Add to Google Photos Screensa&ver - C:\WINDOWS\System32\GPhotos.scr (Google Inc.)
O9 - Extra Button: Upromise TurboSaver - {06E58E5E-F8CB-4049-991E-A41C03BD419E} - C:\Program Files\Upromise\upromisetoolbar.dll (Upromise, Inc.)
O9 - Extra 'Tools' menuitem : Upromise TurboSaver - {06E58E5E-F8CB-4049-991E-A41C03BD419E} - C:\Program Files\Upromise\upromisetoolbar.dll (Upromise, Inc.)
O9 - Extra 'Tools' menuitem : Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\npjpi160_07.dll (Sun Microsystems, Inc.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O10 - Protocol_Catalog9\Catalog_Entries\000000000001 - C:\WINDOWS\System32\helper32.dll ()
O10 - Protocol_Catalog9\Catalog_Entries\000000000019 - C:\WINDOWS\System32\helper32.dll ()
O15 - HKLM\..Trusted Domains: 1 domain(s) and sub-domain(s) not assigned to a zone.
O15 - HKCU\..Trusted Domains: e-rewards.com ([www] https in Trusted sites)
O15 - HKCU\..Trusted Domains: turbotax.com ([]https in Trusted sites)
O15 - HKCU\..Trusted Domains: 1 domain(s) and sub-domain(s) not assigned to a zone.
O16 - DPF: {0C92900E-4D5A-4F04-ACC9-729E1767BBAE} [You must be registered and logged in to see this link.] (Image Uploader Control)
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} [You must be registered and logged in to see this link.] (Windows Genuine Advantage Validation Tool)
O16 - DPF: {1E2941E3-8E63-11D4-9D5A-00902742D6E0} [You must be registered and logged in to see this link.] (iNotes Class)
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} C:\Program Files\Yahoo!\Common\Yinsthelper.dll (Installation Support)
O16 - DPF: {3BFFE033-BF43-11D5-A271-00A024A51325} [You must be registered and logged in to see this link.] (iNotes6 Class)
O16 - DPF: {406B5949-7190-4245-91A9-30A17DE16AD0} [You must be registered and logged in to see this link.] (Snapfish Activia)
O16 - DPF: {895D1291-D5BD-4982-BA84-AD11D29C1D6A} [You must be registered and logged in to see this link.] (Image Uploader Control)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} [You must be registered and logged in to see this link.] (Java Plug-in 1.6.0_07)
O16 - DPF: {9600F64D-755F-11D4-A47F-0001023E6D5A} [You must be registered and logged in to see this link.] (Shutterfly Picture Upload Plugin)
O16 - DPF: {AE6C4705-0F11-4ACB-BDD4-37F138BEF289} [You must be registered and logged in to see this link.] (Image Uploader Control)
O16 - DPF: {CAFEEFAC-0015-0000-0000-ABCDEFFEDCBA} [You must be registered and logged in to see this link.] (Java Plug-in 1.5.0)
O16 - DPF: {CAFEEFAC-0016-0000-0000-ABCDEFFEDCBA} [You must be registered and logged in to see this link.] (Java Plug-in 1.6.0)
O16 - DPF: {CAFEEFAC-0016-0000-0001-ABCDEFFEDCBA} [You must be registered and logged in to see this link.] (Java Plug-in 1.6.0_01)
O16 - DPF: {CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA} [You must be registered and logged in to see this link.] (Java Plug-in 1.6.0_07)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} [You must be registered and logged in to see this link.] (Java Plug-in 1.6.0_07)
O16 - DPF: {CF40ACC5-E1BB-4AFF-AC72-04C2F616BCA7} [You must be registered and logged in to see this link.] (get_atlcom Class)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} [You must be registered and logged in to see this link.] (Shockwave Flash Object)
O16 - DPF: {F127B9BA-89EA-4B04-9C67-2074A9DF61FD} [You must be registered and logged in to see this link.] (Photo Upload Plugin Class)
O16 - DPF: Microsoft XML Parser for Java [You must be registered and logged in to see this link.] (Reg Error: Key error.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 68.94.156.1 68.94.157.1
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\WINDOWS\system32\winlogon32.exe) - C:\WINDOWS\system32\winlogon32.exe (IpVOPqgs)
O20 - Winlogon\Notify\igfxcui: DllName - igfxsrvc.dll - C:\WINDOWS\System32\igfxsrvc.dll (Intel Corporation)
O24 - Desktop WallPaper:
O24 - Desktop BackupWallPaper: C:\Documents and Settings\Administrator\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O32 - HKLM CDRom: AutoRun - 1
O33 - MountPoints2\{37ceba36-8d7a-11dc-bc87-000c41f04185}\Shell\AutoRun\command - "" = F:\JDSecure\Windows\JDSecure31.exe -- File not found
O33 - MountPoints2\{fdd7fc96-e9db-11de-be7c-000c41f04185}\Shell - "" = AutoRun
O33 - MountPoints2\{fdd7fc96-e9db-11de-be7c-000c41f04185}\Shell\AutoRun - "" = Auto&Play
O33 - MountPoints2\{fdd7fc96-e9db-11de-be7c-000c41f04185}\Shell\AutoRun\command - "" = G:\PhotoViewer.exe -- File not found
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35 - comfile [open] -- "%1" %*
O35 - exefile [open] -- "%1" %*

========== Files/Folders - Created Within 30 Days ==========

[2010/01/24 10:20:09 | 00,000,000 | ---D | C] -- C:\Program Files\TrendMicro
[2010/01/24 09:49:54 | 00,000,000 | ---D | C] -- C:\Program Files\InternetSecurity2010
[2010/01/23 22:08:56 | 00,000,000 | ---D | M] -- C:\Documents and Settings\NetworkService\Local Settings\Application Data\Microsoft
[2010/01/23 22:08:56 | 00,000,000 | ---D | M] -- C:\Documents and Settings\LocalService\Local Settings\Application Data\Microsoft
[2010/01/23 22:08:55 | 00,000,000 | --SD | M] -- C:\Documents and Settings\NetworkService\Application Data\Microsoft
[2010/01/23 22:08:55 | 00,000,000 | --SD | M] -- C:\Documents and Settings\LocalService\Application Data\Microsoft
[2010/01/23 18:13:34 | 00,020,480 | ---- | C] (IpVOPqgs) -- C:\WINDOWS\System32\winlogon32.exe
[2010/01/23 18:13:34 | 00,020,480 | ---- | C] (IpVOPqgs) -- C:\WINDOWS\System32\smss32.exe
[2010/01/12 19:12:18 | 00,471,552 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\aclayers.dll
[2009/12/30 19:47:29 | 00,005,504 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mstee.sys
[2009/12/30 19:44:38 | 00,010,880 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ndisip.sys
[2009/12/30 19:44:28 | 00,015,232 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\streamip.sys
[2009/12/30 19:44:27 | 00,016,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\ipsink.ax
[2009/12/30 19:44:27 | 00,016,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ipsink.ax
[2009/12/30 19:44:21 | 00,011,136 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\slip.sys
[2009/12/30 19:44:14 | 00,019,200 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wstcodec.sys
[2009/12/30 19:44:09 | 00,085,248 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\nabtsfec.sys
[2009/12/30 19:44:03 | 00,017,024 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ccdecode.sys
[2009/12/30 19:43:24 | 00,053,760 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\vfwwdm32.dll
[2009/12/30 19:43:24 | 00,053,760 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\vfwwdm32.dll
[2009/12/30 19:43:24 | 00,043,008 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\ksxbar.ax
[2009/12/30 19:43:24 | 00,043,008 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ksxbar.ax
[2009/12/30 19:43:23 | 00,091,136 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kswdmcap.ax
[2009/12/30 19:43:23 | 00,091,136 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kswdmcap.ax
[2009/12/30 19:43:23 | 00,061,952 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kstvtune.ax
[2009/12/30 19:43:23 | 00,061,952 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kstvtune.ax
[2009/12/30 19:42:43 | 00,037,760 | ---- | C] (Service & Quality Technology.) -- C:\WINDOWS\System32\drivers\Capt905c.sys
[2009/12/30 19:42:43 | 00,025,216 | ---- | C] (Service & Quality Technology.) -- C:\WINDOWS\System32\drivers\Camd905c.sys
[2008/12/05 14:35:07 | 00,000,000 | ---D | M] -- C:\Documents and Settings\LocalService\Local Settings\Application Data\Google
[2007/08/28 13:55:02 | 00,000,000 | ---D | M] -- C:\Documents and Settings\NetworkService\Local Settings\Application Data\Apple
[2005/11/22 21:38:06 | 20,921,040 | ---- | C] ( ) -- C:\Program Files\AdbeRdr705_enu_full.exe
[2005/09/12 20:21:12 | 00,000,000 | ---D | M] -- C:\Documents and Settings\NetworkService\Application Data\Symantec
[4 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
[1 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2010/01/24 20:14:21 | 00,000,000 | ---- | M] () -- C:\WINDOWS\System32\41.exe
[2010/01/24 20:14:17 | 00,002,931 | ---- | M] () -- C:\WINDOWS\System32\warning.html
[2010/01/24 20:14:01 | 00,001,158 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2010/01/24 20:13:30 | 00,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2010/01/24 20:12:19 | 00,000,006 | -H-- | M] () -- C:\WINDOWS\tasks\SA.DAT
[2010/01/24 20:10:49 | 04,718,592 | -H-- | M] () -- C:\Documents and Settings\Administrator\ntuser.dat
[2010/01/24 20:10:49 | 00,000,178 | -HS- | M] () -- C:\Documents and Settings\Administrator\ntuser.ini
[2010/01/24 20:07:17 | 00,001,010 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-421591467-158189010-1035158585-500UA.job
[2010/01/24 20:06:52 | 00,000,631 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\ImageMixer destination folder.lnk
[2010/01/24 20:04:21 | 00,001,280 | ---- | M] () -- C:\AClient.cfg
[2010/01/24 18:15:54 | 00,000,438 | -H-- | M] () -- C:\WINDOWS\tasks\User_Feed_Synchronization-{A599B464-9115-4E09-AE36-54CBFCC55CA5}.job
[2010/01/24 14:32:59 | 00,000,000 | ---- | M] () -- C:\WINDOWS\System32\19169.exe
[2010/01/24 14:24:32 | 00,039,363 | ---- | M] () -- C:\Documents and Settings\Administrator\My Documents\10ALAuction.ods
[2010/01/24 14:24:24 | 00,043,442 | ---- | M] () -- C:\Documents and Settings\Administrator\My Documents\10NLAuction.ods
[2010/01/24 14:12:58 | 00,000,000 | ---- | M] () -- C:\WINDOWS\System32\26500.exe
[2010/01/24 13:52:58 | 00,000,000 | ---- | M] () -- C:\WINDOWS\System32\6334.exe
[2010/01/24 13:32:58 | 00,000,000 | ---- | M] () -- C:\WINDOWS\System32\18467.exe
[2010/01/24 10:03:24 | 03,952,746 | -H-- | M] () -- C:\Documents and Settings\Administrator\Local Settings\Application Data\IconCache.db
[2010/01/23 22:00:35 | 00,000,000 | ---- | M] () -- C:\WINDOWS\System32\28145.exe
[2010/01/23 21:40:25 | 00,000,000 | ---- | M] () -- C:\WINDOWS\System32\5705.exe
[2010/01/23 21:20:16 | 00,000,000 | ---- | M] () -- C:\WINDOWS\System32\24464.exe
[2010/01/23 21:00:12 | 00,000,000 | ---- | M] () -- C:\WINDOWS\System32\26962.exe
[2010/01/23 20:39:47 | 00,000,000 | ---- | M] () -- C:\WINDOWS\System32\29358.exe
[2010/01/23 20:26:07 | 00,004,806 | -H-- | M] () -- C:\ffastun.ffa
[2010/01/23 20:26:06 | 00,315,392 | -H-- | M] () -- C:\ffastun.ffo
[2010/01/23 20:25:58 | 02,797,568 | -H-- | M] () -- C:\ffastun0.ffx
[2010/01/23 20:25:58 | 01,671,168 | -H-- | M] () -- C:\ffastun.ffl
[2010/01/23 20:19:32 | 00,000,000 | ---- | M] () -- C:\WINDOWS\System32\11478.exe
[2010/01/23 19:59:31 | 00,000,000 | ---- | M] () -- C:\WINDOWS\System32\15724.exe
[2010/01/23 18:18:47 | 00,018,432 | ---- | M] () -- C:\WINDOWS\System32\helper32.dll
[2010/01/23 18:13:36 | 00,000,001 | ---- | M] () -- C:\s
[2010/01/23 18:13:31 | 00,020,480 | ---- | M] (IpVOPqgs) -- C:\WINDOWS\System32\winlogon32.exe
[2010/01/23 18:13:31 | 00,020,480 | ---- | M] (IpVOPqgs) -- C:\WINDOWS\System32\smss32.exe
[2010/01/22 23:14:27 | 00,026,624 | ---- | M] () -- C:\Documents and Settings\Administrator\My Documents\012210lnnchoop.doc
[2010/01/22 22:16:52 | 00,002,473 | ---- | M] () -- C:\Documents and Settings\Administrator\Desktop\Microsoft Word.lnk
[2010/01/21 19:15:40 | 00,002,137 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\iTunes.lnk
[2010/01/19 08:07:33 | 00,000,638 | ---- | M] () -- C:\WINDOWS\tasks\Norton Internet Security - Run Full System Scan - Administrator.job
[2010/01/19 04:07:04 | 00,000,958 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-421591467-158189010-1035158585-500Core.job
[2010/01/13 03:07:50 | 00,001,374 | ---- | M] () -- C:\WINDOWS\imsins.BAK
[2010/01/11 12:12:41 | 00,000,284 | ---- | M] () -- C:\WINDOWS\tasks\AppleSoftwareUpdate.job
[2009/12/30 19:42:45 | 00,000,531 | ---- | M] () -- C:\WINDOWS\win.ini
[2009/12/30 19:41:57 | 00,000,949 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Disney Pix Micro Downloader.lnk
[2009/12/30 19:01:07 | 00,000,734 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Disney Pix 2.lnk
[4 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
[1 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]

========== Files Created - No Company Name ==========

[2010/01/24 20:14:17 | 00,002,931 | ---- | C] () -- C:\WINDOWS\System32\warning.html
[2010/01/24 20:06:43 | 00,000,000 | ---- | C] () -- C:\WINDOWS\System32\41.exe
[2010/01/23 22:00:35 | 00,000,000 | ---- | C] () -- C:\WINDOWS\System32\28145.exe
[2010/01/23 21:40:25 | 00,000,000 | ---- | C] () -- C:\WINDOWS\System32\5705.exe
[2010/01/23 21:20:16 | 00,000,000 | ---- | C] () -- C:\WINDOWS\System32\24464.exe
[2010/01/23 21:00:12 | 00,000,000 | ---- | C] () -- C:\WINDOWS\System32\26962.exe
[2010/01/23 20:39:47 | 00,000,000 | ---- | C] () -- C:\WINDOWS\System32\29358.exe
[2010/01/23 20:19:32 | 00,000,000 | ---- | C] () -- C:\WINDOWS\System32\11478.exe
[2010/01/23 19:59:31 | 00,000,000 | ---- | C] () -- C:\WINDOWS\System32\15724.exe
[2010/01/23 19:39:28 | 00,000,000 | ---- | C] () -- C:\WINDOWS\System32\19169.exe
[2010/01/23 19:19:25 | 00,000,000 | ---- | C] () -- C:\WINDOWS\System32\26500.exe
[2010/01/23 18:59:21 | 00,000,000 | ---- | C] () -- C:\WINDOWS\System32\6334.exe
[2010/01/23 18:39:18 | 00,000,000 | ---- | C] () -- C:\WINDOWS\System32\18467.exe
[2010/01/23 18:18:47 | 00,018,432 | ---- | C] () -- C:\WINDOWS\System32\helper32.dll
[2010/01/23 18:13:36 | 00,000,001 | ---- | C] () -- C:\s
[2010/01/22 22:49:17 | 00,026,624 | ---- | C] () -- C:\Documents and Settings\Administrator\My Documents\012210lnnchoop.doc
[2009/12/30 19:41:57 | 00,000,949 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Disney Pix Micro Downloader.lnk
[2009/12/30 19:01:07 | 00,000,734 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Disney Pix 2.lnk
[2009/10/10 12:47:16 | 00,000,000 | ---- | C] () -- C:\WINDOWS\OPPRIN~1.INI
[2008/09/08 18:49:25 | 00,053,760 | ---- | C] () -- C:\WINDOWS\System32\Zlib.dll
[2008/04/07 15:48:10 | 00,003,654 | ---- | C] () -- C:\WINDOWS\System32\drivers\Sonyhcp.dll
[2008/01/26 15:34:55 | 00,000,812 | ---- | C] () -- C:\WINDOWS\ka.ini
[2007/11/07 16:41:53 | 00,000,000 | ---- | C] () -- C:\WINDOWS\JDSecure31.INI
[2007/11/07 16:41:49 | 00,061,440 | ---- | C] () -- C:\WINDOWS\System32\LxrJD20Sat.dll
[2007/11/07 16:41:48 | 00,249,856 | ---- | C] () -- C:\WINDOWS\System32\LxrJD31.dll
[2007/11/07 16:41:48 | 00,069,824 | ---- | C] () -- C:\WINDOWS\System32\drivers\LxrJD31d.sys
[2007/10/03 10:19:23 | 00,000,069 | ---- | C] () -- C:\WINDOWS\NeroDigital.ini
[2006/11/06 21:34:57 | 00,001,747 | ---- | C] () -- C:\Documents and Settings\All Users\Application Data\QTSBandwidthCache
[2006/04/30 19:21:38 | 00,000,109 | ---- | C] () -- C:\WINDOWS\webica.ini
[2006/03/24 14:09:50 | 00,972,800 | ---- | C] () -- C:\Program Files\PECOTA_03_21_2006.xls
[2006/02/05 12:32:58 | 00,674,304 | ---- | C] () -- C:\Program Files\PECOTA_01_25_2006.xls
[2006/01/19 10:32:48 | 00,029,696 | ---- | C] () -- C:\Program Files\ALOF_1_.xlr
[2006/01/18 18:25:29 | 00,024,064 | ---- | C] () -- C:\Program Files\ALC.xls
[2006/01/18 18:22:47 | 00,000,893 | ---- | C] () -- C:\WINDOWS\wizards.ini
[2005/11/10 00:27:46 | 42,068,374 | ---- | C] () -- C:\Program Files\NIS06900_2YR.exe
[2005/09/25 11:29:47 | 00,007,812 | ---- | C] () -- C:\WINDOWS\System32\visorusb.dll
[2005/09/24 09:01:28 | 00,098,304 | ---- | C] () -- C:\Documents and Settings\Administrator\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2005/09/23 14:21:06 | 00,000,061 | ---- | C] () -- C:\WINDOWS\ma_Tales.ini
[2005/09/23 14:20:39 | 00,012,074 | ---- | C] () -- C:\WINDOWS\MA_BB.INI
[2005/09/16 09:08:41 | 00,000,113 | ---- | C] () -- C:\WINDOWS\WININIT.INI
[2005/09/13 01:27:13 | 00,000,063 | ---- | C] () -- C:\WINDOWS\mdm.ini
[2005/09/13 01:00:22 | 00,000,376 | ---- | C] () -- C:\WINDOWS\ODBC.INI
[2005/09/12 20:58:01 | 00,040,960 | ---- | C] () -- C:\WINDOWS\System32\IsUser11b.dll
[2005/09/08 22:06:04 | 00,065,536 | ---- | C] () -- C:\WINDOWS\System32\YCRWin32.dll
[2005/08/31 11:43:32 | 00,098,304 | ---- | C] () -- C:\WINDOWS\System32\resourceGeneric.dll
[2005/08/03 13:01:23 | 00,000,061 | ---- | C] () -- C:\WINDOWS\smscfg.ini
[2005/08/03 12:53:02 | 00,049,152 | ---- | C] () -- C:\WINDOWS\EAKUSB.dll
[2005/08/03 12:53:02 | 00,024,576 | ---- | C] () -- C:\WINDOWS\MAKHkdll.dll
[2005/08/03 12:51:10 | 00,000,044 | ---- | C] () -- C:\WINDOWS\System32\msssc.dll
[2003/07/14 14:30:28 | 00,197,120 | ---- | C] () -- C:\WINDOWS\patchw32.dll
[2002/05/08 04:12:22 | 00,001,065 | ---- | C] () -- C:\WINDOWS\System32\oeminfo.ini
[1998/05/14 00:00:00 | 00,116,736 | ---- | C] () -- C:\WINDOWS\System32\PCDLIB32.DLL
[1997/11/10 15:18:48 | 00,010,240 | ---- | C] () -- C:\WINDOWS\System32\vidx16.dll
[1997/08/19 00:00:00 | 00,022,016 | ---- | C] () -- C:\WINDOWS\System32\DOCOBJ.DLL
[1997/08/19 00:00:00 | 00,012,288 | ---- | C] () -- C:\WINDOWS\System32\HLINKPRX.DLL

< End of report >
SRV - File not found [Disabled | Stopped] -- -- (NMIndexingService)
SRV - File not found [Auto | Stopped] -- -- ($sys$DRMServer)
SRV - [2009/10/28 20:21:14 | 00,545,568 | ---- | M] (Apple Inc.) [On_Demand | Stopped] -- C:\Program Files\iPod\bin\iPodService.exe -- (iPod Service)
SRV - [2009/09/28 08:42:50 | 00,109,056 | ---- | M] (ArcSoft Inc.) [Auto | Stopped] -- C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACService.exe -- (ACDaemon)
SRV - [2009/06/05 10:48:14 | 00,144,712 | ---- | M] (Apple Inc.) [Auto | Stopped] -- C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe -- (Apple Mobile Device)
SRV - [2008/12/12 11:17:38 | 00,238,888 | ---- | M] (Apple Inc.) [Auto | Stopped] -- C:\Program Files\Bonjour\mDNSResponder.exe -- (Bonjour Service)
SRV - [2008/10/17 14:52:10 | 00,149,352 | ---- | M] (Symantec Corporation) [Auto | Stopped] -- C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe -- (LiveUpdate Notice)
SRV - [2008/10/17 14:52:10 | 00,149,352 | ---- | M] (Symantec Corporation) [Auto | Stopped] -- C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe -- (CLTNetCnService)
SRV - [2008/10/17 14:52:10 | 00,149,352 | ---- | M] (Symantec Corporation) [Auto | Stopped] -- C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe -- (ccSetMgr)
SRV - [2008/10/17 14:52:10 | 00,149,352 | ---- | M] (Symantec Corporation) [Auto | Stopped] -- C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe -- (ccEvtMgr)
SRV - [2008/10/10 05:45:26 | 00,013,088 | ---- | M] (Intuit Inc.) [Auto | Stopped] -- C:\Program Files\Common Files\Intuit\Update Service\IntuitUpdateService.exe -- (IntuitUpdateService)
SRV - [2008/01/23 15:59:05 | 01,251,720 | ---- | M] () [On_Demand | Stopped] -- C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe -- (Symantec Core LC)
SRV - [2007/11/07 16:41:48 | 00,071,168 | ---- | M] () [Auto | Stopped] -- C:\WINDOWS\System32\LxrJD31s.exe -- (LxrJD31s)
SRV - [2007/08/31 10:49:50 | 00,243,064 | ---- | M] (Symantec Corporation) [Auto | Stopped] -- C:\Program Files\Symantec\LiveUpdate\AluSchedulerSvc.exe -- (Automatic LiveUpdate Scheduler)
SRV - [2007/08/23 15:35:22 | 03,192,184 | ---- | M] (Symantec Corporation) [On_Demand | Stopped] -- C:\Program Files\Symantec\LiveUpdate\LuComServer_3_4.EXE -- (LiveUpdate)
SRV - [2007/08/22 02:21:30 | 00,055,640 | ---- | M] (Symantec Corporation) [On_Demand | Stopped] -- C:\Program Files\Common Files\Symantec Shared\VAScanner\comHost.exe -- (comHost)
SRV - [2007/01/03 20:40:21 | 00,136,120 | ---- | M] (Google) [On_Demand | Stopped] -- C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe -- (gusvc)
SRV - [2004/10/07 09:42:57 | 00,167,936 | ---- | M] () [Auto | Stopped] -- C:\WINDOWS\CDProxyServ.exe -- (CD_Proxy)
SRV - [2004/08/23 08:31:34 | 04,845,644 | ---- | M] (Altiris, Inc.) [Auto | Stopped] -- C:\Program Files\Aclient\AClient.exe -- (AClient)
SRV - [2002/09/20 17:50:10 | 00,045,056 | ---- | M] (Analog Devices, Inc.) [Auto | Stopped] -- C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe -- (SoundMAX Agent Service (default))


========== Driver Services (SafeList) ==========

DRV - [2009/11/19 22:02:58 | 00,268,664 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Stopped] -- C:\Program Files\Common Files\Symantec Shared\SymcData\ipsdefs\20100119.001\SymIDSCo.sys -- (SYMIDSCO)
DRV - [2009/08/28 18:42:52 | 00,040,448 | ---- | M] (Apple, Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\usbaapl.sys -- (USBAAPL)
DRV - [2009/08/27 03:00:00 | 00,371,248 | ---- | M] (Symantec Corporation) [Kernel | System | Stopped] -- C:\Program Files\Common Files\Symantec Shared\EENGINE\eeCtrl.sys -- (eeCtrl)
DRV - [2009/08/27 03:00:00 | 00,102,448 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Stopped] -- C:\Program Files\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys -- (EraserUtilRebootDrv)
DRV - [2009/08/25 03:00:00 | 01,323,568 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Stopped] -- C:\Program Files\Common Files\Symantec Shared\VirusDefs\20100123.003\NAVEX15.SYS -- (NAVEX15)
DRV - [2009/08/25 03:00:00 | 00,084,912 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Stopped] -- C:\Program Files\Common Files\Symantec Shared\VirusDefs\20100123.003\NAVENG.SYS -- (NAVENG)
DRV - [2009/05/18 13:17:00 | 00,026,600 | ---- | M] (GEAR Software Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\GEARAspiWDM.sys -- (GEARAspiWDM)
DRV - [2009/02/19 11:31:42 | 00,031,280 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\SymIM.sys -- (SymIMMP)
DRV - [2009/02/19 11:31:42 | 00,031,280 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\SymIM.sys -- (SymIM)
DRV - [2009/02/19 11:31:16 | 00,184,496 | ---- | M] (Symantec Corporation) [Kernel | System | Stopped] -- C:\WINDOWS\System32\Drivers\SYMTDI.SYS -- (SYMTDI)
DRV - [2009/02/19 11:31:16 | 00,096,560 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\System32\Drivers\SYMFW.SYS -- (SYMFW)
DRV - [2009/02/19 11:31:16 | 00,038,576 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\System32\Drivers\SYMIDS.SYS -- (SYMIDS)
DRV - [2009/02/19 11:31:16 | 00,037,424 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\System32\Drivers\SYMNDIS.SYS -- (SYMNDIS)
DRV - [2009/02/19 11:31:16 | 00,022,320 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\System32\Drivers\SYMREDRV.SYS -- (SYMREDRV)
DRV - [2009/02/19 11:31:16 | 00,013,616 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\System32\Drivers\SYMDNS.SYS -- (SYMDNS)
DRV - [2009/01/09 09:54:07 | 00,124,464 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\SYMEVENT.SYS -- (SymEvent)
DRV - [2008/11/20 14:19:06 | 00,043,872 | ---- | M] (Sonic Solutions) [Kernel | Boot | Running] -- C:\WINDOWS\System32\Drivers\PxHelp20.sys -- (PxHelp20)
DRV - [2008/09/05 13:31:42 | 00,447,024 | ---- | M] (Symantec Corporation) [Kernel | System | Stopped] -- C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCDrv.sys -- (SPBBCDrv)
DRV - [2008/07/30 16:42:12 | 00,023,888 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\COH_Mon.sys -- (COH_Mon)
DRV - [2007/11/30 23:57:12 | 00,317,616 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\srtspl.sys -- (SRTSPL)
DRV - [2007/11/30 23:57:12 | 00,279,088 | ---- | M] (Symantec Corporation) [File_System | System | Stopped] -- C:\WINDOWS\system32\drivers\srtsp.sys -- (SRTSP)
DRV - [2007/11/30 23:57:12 | 00,043,696 | ---- | M] (Symantec Corporation) [Kernel | System | Stopped] -- C:\WINDOWS\system32\drivers\srtspx.sys -- (SRTSPX)
DRV - [2007/11/13 05:25:53 | 00,020,480 | ---- | M] (Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\secdrv.sys -- (Secdrv)
DRV - [2007/11/07 16:41:48 | 00,069,824 | ---- | M] () [Kernel | Auto | Stopped] -- C:\WINDOWS\system32\drivers\LxrJD31d.sys -- (LxrJD31d)
DRV - [2007/08/08 18:39:56 | 00,036,056 | ---- | M] (Symantec Corporation) [Kernel | Auto | Stopped] -- C:\WINDOWS\system32\drivers\CO_Mon.sys -- (CO_Mon)
DRV - [2007/05/18 11:41:30 | 00,037,760 | ---- | M] (Service & Quality Technology.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\Capt905c.sys -- (SQTECH905C)
DRV - [2005/11/10 00:34:45 | 00,010,344 | ---- | M] (Symantec Corporation) [Kernel | Auto | Stopped] -- C:\WINDOWS\system32\drivers\symlcbrd.sys -- (symlcbrd)
DRV - [2005/07/04 07:52:50 | 00,018,432 | ---- | M] (First 4 Internet) [Kernel | Boot | Running] -- C:\WINDOWS\System32\Drivers\$sys$cor.sys -- ($sys$cor)
DRV - [2005/07/04 05:51:37 | 00,011,904 | ---- | M] (First 4 Internet) [Kernel | System | Running] -- C:\WINDOWS\system32\$sys$filesystem\crater.sys -- ($sys$crater)
DRV - [2005/04/21 00:33:12 | 00,112,384 | R--- | M] (NETGEAR Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\wg111v2.sys -- (RTLWUSB)
DRV - [2004/11/16 08:46:38 | 00,190,592 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\b57xp32.sys -- (b57w2k)
DRV - [2004/09/30 12:05:12 | 00,752,093 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ialmnt5.sys -- (ialm)
DRV - [2004/08/04 03:00:00 | 00,017,792 | ---- | M] (Parallel Technologies, Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ptilink.sys -- (Ptilink)
DRV - [2004/08/03 22:31:20 | 00,036,224 | ---- | M] (ADMtek Incorporated.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\an983.sys -- (AN983)
DRV - [2004/08/03 12:29:50 | 00,019,455 | ---- | M] (Intel(R) Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\wVchNTxx.sys -- (iAimFP4)
DRV - [2004/08/03 12:29:48 | 00,012,063 | ---- | M] (Intel(R) Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\wSiINTxx.sys -- (iAimFP3)
DRV - [2004/08/03 12:29:46 | 00,025,471 | ---- | M] (Intel(R) Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\wATV10nt.sys -- (iAimTV5)
DRV - [2004/08/03 12:29:46 | 00,023,615 | ---- | M] (Intel(R) Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\wCh7xxNT.sys -- (iAimTV4)
DRV - [2004/08/03 12:29:46 | 00,022,271 | ---- | M] (Intel(R) Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\wATV06nt.sys -- (iAimTV6)
DRV - [2004/08/03 12:29:44 | 00,033,599 | ---- | M] (Intel(R) Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\wATV04nt.sys -- (iAimTV3)
DRV - [2004/08/03 12:29:44 | 00,019,551 | ---- | M] (Intel(R) Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\wATV02NT.sys -- (iAimTV1)
DRV - [2004/08/03 12:29:42 | 00,029,311 | ---- | M] (Intel(R) Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\wATV01nt.sys -- (iAimTV0)
DRV - [2004/08/03 12:29:42 | 00,011,871 | ---- | M] (Intel(R) Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\wADV09NT.sys -- (iAimFP7)
DRV - [2004/08/03 12:29:40 | 00,011,807 | ---- | M] (Intel(R) Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\wADV07nt.sys -- (iAimFP5)
DRV - [2004/08/03 12:29:40 | 00,011,295 | ---- | M] (Intel(R) Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\wADV08NT.sys -- (iAimFP6)
DRV - [2004/08/03 12:29:38 | 00,161,020 | ---- | M] (Intel(R) Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\i81xnt5.sys -- (i81x)
DRV - [2004/08/03 12:29:38 | 00,012,415 | ---- | M] (Intel(R) Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\wADV01nt.sys -- (iAimFP0)
DRV - [2004/08/03 12:29:38 | 00,012,127 | ---- | M] (Intel(R) Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\wADV02NT.sys -- (iAimFP1)
DRV - [2004/08/03 12:29:38 | 00,011,775 | ---- | M] (Intel(R) Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\wADV05NT.sys -- (iAimFP2)
DRV - [2004/04/15 13:20:36 | 00,612,416 | ---- | M] (Analog Devices, Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\smwdm.sys -- (smwdm)
DRV - [2004/02/04 13:34:16 | 00,051,584 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\baspxp32.sys -- (Blfp)
DRV - [2003/10/23 06:17:10 | 00,100,384 | ---- | M] (Andrea Electronics Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\aeaudio.sys -- (aeaudio)
DRV - [2002/05/08 13:44:42 | 00,105,472 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\WINDOWS\system32\DRIVERS\adpu320.sys -- (adpu320)
DRV - [2002/04/04 01:32:06 | 00,028,416 | R--- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\WINDOWS\system32\DRIVERS\symmpi.sys -- (Symmpi)
DRV - [2001/10/24 19:16:10 | 00,036,224 | R--- | M] (LinkSys Group Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\lne100v5.sys -- (LNE100) Linksys LNE100TX(v5)
DRV - [2001/08/30 10:15:36 | 00,019,968 | ---- | M] (Handspring, Inc) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\VisorUsb.sys -- (VisorUsb)
DRV - [2001/08/17 12:56:16 | 00,007,552 | ---- | M] (Sony Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\SONYPVU1.SYS -- (SONYPVU1) Sony USB Filter Driver (SONYPVU1)
DRV - [2001/08/17 11:07:42 | 00,030,688 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\WINDOWS\system32\DRIVERS\sym_u3.sys -- (sym_u3)
DRV - [2001/08/17 11:07:40 | 00,028,384 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\WINDOWS\system32\DRIVERS\sym_hi.sys -- (sym_hi)
DRV - [2001/08/17 11:07:36 | 00,032,640 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\WINDOWS\system32\DRIVERS\symc8xx.sys -- (symc8xx)
DRV - [2001/08/17 11:07:34 | 00,016,256 | ---- | M] (Symbios Logic Inc.) [Kernel | Disabled | Stopped] -- C:\WINDOWS\system32\DRIVERS\symc810.sys -- (symc810)
DRV - [2001/08/17 02:20:04 | 00,096,256 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ac97intc.sys -- (ac97intc) Intel(r) 82801 Audio Driver Install Service (WDM)
DRV - [2001/08/17 02:12:10 | 00,117,760 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\e100b325.sys -- (E100B) Intel(R)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,CustomSearch = [You must be registered and logged in to see this link.]

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,SearchMigratedDefaultName = Yahoo! Search
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,SearchMigratedDefaultURL = [You must be registered and logged in to see this link.]
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = [You must be registered and logged in to see this link.]
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local

========== FireFox ==========

FF - prefs.js..browser.search.defaultenginename: "Yahoo! Search"
FF - prefs.js..browser.search.defaulturl: "http://www.google.com/search?lr=&ie=UTF-8&oe=UTF-8&q="
FF - prefs.js..browser.search.selectedEngine: "Yahoo! Search"
FF - prefs.js..keyword.URL: "http://us.yhs.search.yahoo.com/avg/search?fr=yhs-avgb&type=yahoo_avg_hs2-tb-web_us&p="

FF - HKLM\software\mozilla\Mozilla Firefox 3.5.7\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2010/01/20 12:31:40 | 00,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.5.7\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2010/01/20 12:31:40 | 00,000,000 | ---D | M]

[2009/01/13 11:38:39 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Application Data\Mozilla\Extensions
[2010/01/24 13:56:24 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\cldhl1pz.default\extensions
[2008/08/09 12:31:12 | 00,000,000 | ---D | M] (Yahoo! Toolbar) -- C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\cldhl1pz.default\extensions\{635abd67-4fe9-1b23-4f01-e679fa7484c1}
[2010/01/24 13:56:24 | 00,000,000 | ---D | M] -- C:\Program Files\Mozilla Firefox\extensions
[2007/05/24 20:16:01 | 00,000,000 | ---D | M] (Google Toolbar for Firefox) -- C:\Program Files\Mozilla Firefox\extensions\{3112ca9c-de6d-4884-a869-9855de68056c}
[2007/08/24 22:52:00 | 00,300,400 | ---- | M] (Symantec Corporation) -- C:\Program Files\Mozilla Firefox\components\coFFPlgn.dll
[2006/01/18 11:50:00 | 00,319,488 | ---- | M] ( ) -- C:\Program Files\Mozilla Firefox\plugins\npsnapfish.dll

O1 HOSTS File: ([2004/08/04 03:00:00 | 00,000,734 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (no name) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - No CLSID value found.
O2 - BHO: (Adobe PDF Reader Link Helper) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
O2 - BHO: (AVG Safe Search) - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG8\avgssie.dll File not found
O2 - BHO: (no name) - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files\Common Files\Symantec Shared\coShared\Browser\2.0\CoIEPlg.dll (Symantec Corporation)
O2 - BHO: (Symantec Intrusion Prevention) - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files\Common Files\Symantec Shared\IDS\IPSBHO.dll (Symantec Corporation)
O2 - BHO: (SSVHelper Class) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll (Sun Microsystems, Inc.)
O2 - BHO: (DCA BHO) - {B49699FC-1665-4414-A1CB-C4A2A4A13EEC} - C:\Program Files\Upromise\dca-bho.dll (Compete, Inc.)
O2 - BHO: (Upromise TurboSaver) - {EDC0F17F-F4B7-47e4-B73E-887FAEB376FA} - C:\Program Files\Upromise\upromisetoolbar.dll (Upromise, Inc.)
O3 - HKLM\..\Toolbar: (Upromise TurboSaver) - {06E58E5E-F8CB-4049-991E-A41C03BD419E} - C:\Program Files\Upromise\upromisetoolbar.dll (Upromise, Inc.)
O3 - HKLM\..\Toolbar: (Show Norton Toolbar) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files\Common Files\Symantec Shared\coShared\Browser\2.0\CoIEPlg.dll (Symantec Corporation)
O3 - HKLM\..\Toolbar: (no name) - {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - No CLSID value found.
O3 - HKCU\..\Toolbar\ShellBrowser: (no name) - {C4069E3A-68F1-403E-B40E-20066696354B} - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (Show Norton Toolbar) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files\Common Files\Symantec Shared\coShared\Browser\2.0\CoIEPlg.dll (Symantec Corporation)
O4 - HKLM..\Run: [AClntUsr] C:\Program Files\Aclient\AClntUsr.EXE ()
O4 - HKLM..\Run: [AppleSyncNotifier] C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleSyncNotifier.exe (Apple Inc.)
O4 - HKLM..\Run: [ArcSoft Connection Service] C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe (ArcSoft Inc.)
O4 - HKLM..\Run: [bacstray] C:\Program Files\Broadcom\BACS\BacsTray.exe (Broadcom Corporation)
O4 - HKLM..\Run: [BJCFD] C:\Program Files\BroadJump\Client Foundation\CFD.exe ()
O4 - HKLM..\Run: [ccApp] C:\Program Files\Common Files\Symantec Shared\ccApp.exe (Symantec Corporation)
O4 - HKLM..\Run: [HotKeysCmds] C:\WINDOWS\system32\hkcmd.exe (Intel Corporation)
O4 - HKLM..\Run: [IgfxTray] C:\WINDOWS\system32\igfxtray.exe (Intel Corporation)
O4 - HKLM..\Run: [IPInSightLAN 02] C:\Program Files\Visual Networks\Visual IP InSight\SBC\IPClient.exe (Visual Networks)
O4 - HKLM..\Run: [IPInSightMonitor 02] C:\Program Files\Visual Networks\Visual IP InSight\SBC\IPMon32.exe (Visual Networks)
O4 - HKLM..\Run: [iTunesHelper] C:\Program Files\iTunes\iTunesHelper.exe (Apple Inc.)
O4 - HKLM..\Run: [MAKTray] C:\WINDOWS\MAKTray.exe (Hewlett-Packard Development Company, L.P.)
O4 - HKLM..\Run: [osCheck] C:\Program Files\Norton Internet Security\osCheck.exe (Symantec Corporation)
O4 - HKLM..\Run: [PDF Complete] C:\Program Files\PDF Complete\pdfsty.exe (PDF Complete Inc)
O4 - HKLM..\Run: [QuickTime Task] C:\Program Files\QuickTime\QTTask.exe (Apple Inc.)
O4 - HKLM..\Run: [SetRefresh] C:\Program Files\Compaq\SetRefresh\SetRefresh.exe (Hewlett-Packard Company)
O4 - HKLM..\Run: [Smapp] C:\Program Files\Analog Devices\SoundMAX\SMTray.exe (Analog Devices, Inc.)
O4 - HKLM..\Run: [smss32.exe] C:\WINDOWS\system32\smss32.exe (IpVOPqgs)
O4 - HKLM..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe (Sun Microsystems, Inc.)
O4 - HKCU..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe File not found
O4 - HKCU..\Run: [Google Update] C:\Documents and Settings\Administrator\Local Settings\Application Data\Google\Update\GoogleUpdate.exe (Google Inc.)
O4 - HKCU..\Run: [Internet Security 2010] C:\Program Files\InternetSecurity2010\IS2010.exe (Internet Security)
O4 - HKCU..\Run: [Reminder] C:\Program Files\Microsoft Money\System\REMINDER.EXE (Microsoft Corporation)
O4 - HKCU..\Run: [updateMgr] C:\Program Files\Adobe\Acrobat 7.0\Reader\AdobeUpdateManager.exe (Adobe Systems Incorporated)
O4 - HKCU..\Run: [Upromise Tray] C:\Program Files\Upromise\UpromiseTray.exe ()
O4 - HKCU..\Run: [Upromise Update] C:\Program Files\Upromise\dca-ua.exe (Compete Inc)
O4 - HKCU..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\wmpnscfg.exe (Microsoft Corporation)
O4 - HKCU..\Run: [XPAgent] C:\WINDOWS\System32\XPAgent.exe File not found
O4 - Startup: C:\Documents and Settings\Administrator\Start Menu\Programs\Startup\GoZone iSync.lnk = C:\Program Files\GoZone\GoZone_iSync.exe (Virgin HealthMiles Inc.)
O4 - Startup: C:\Documents and Settings\Administrator\Start Menu\Programs\Startup\HotSync Manager.lnk = C:\Program Files\Handspring\HOTSYNC.EXE (Palm Computing, Inc.)
O4 - Startup: C:\Documents and Settings\Administrator\Start Menu\Programs\Startup\OpenOffice.org 2.2.lnk = C:\Program Files\OpenOffice.org 2.2\program\quickstart.exe ()
O4 - Startup: C:\Documents and Settings\Administrator\Start Menu\Programs\Startup\Picture Motion Browser Media Check Tool.lnk = C:\Program Files\Sony\Sony Picture Utility\VolumeWatcher\SPUVolumeWatcher.exe (Sony Corporation)
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe (Adobe Systems Incorporated)
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\ImageMixer for HDD Camcorder.lnk = C:\Program Files\PIXELA\ImageMixer for HDD Camcorder\IMx3Launcher.exe (PIXELA CORPORATION)
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Kodak EasyShare software.lnk = C:\Program Files\Kodak\Kodak EasyShare software\bin\EasyShare.exe (Eastman Kodak Company)
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Microsoft Find Fast.lnk = C:\Program Files\Microsoft Office\FINDFAST.EXE ()
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office\OSA9.EXE (Microsoft Corporation)
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Office Startup.lnk = C:\Program Files\Microsoft Office\OSA.EXE ()
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Philips GoGear VIBE Device Manager.lnk = C:\Program Files\Philips\GoGear VIBE Device Manager\GoGear_Vibe_DeviceManager.exe (Philips)
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Snapfish PictureMover.lnk = C:\Program Files\Snapfish PictureMover\PictureMover.exe ()
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoSetActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoSetActiveDesktop = 1
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableTaskMgr = 1

nstnewell
Novice
Novice

Posts Posts : 11
Joined Joined : 2010-01-24
OS OS : Windows XP
Points Points : 25233
# Likes # Likes : 0

View user profile

Back to top Go down

Re: Internet Security 2010

Post by nstnewell on Mon Jan 25, 2010 1:56 am

Part 5

O8 - Extra context menu item: Add to Google Photos Screensa&ver - C:\WINDOWS\System32\GPhotos.scr (Google Inc.)
O9 - Extra Button: Upromise TurboSaver - {06E58E5E-F8CB-4049-991E-A41C03BD419E} - C:\Program Files\Upromise\upromisetoolbar.dll (Upromise, Inc.)
O9 - Extra 'Tools' menuitem : Upromise TurboSaver - {06E58E5E-F8CB-4049-991E-A41C03BD419E} - C:\Program Files\Upromise\upromisetoolbar.dll (Upromise, Inc.)
O9 - Extra 'Tools' menuitem : Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\npjpi160_07.dll (Sun Microsystems, Inc.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O10 - Protocol_Catalog9\Catalog_Entries\000000000001 - C:\WINDOWS\System32\helper32.dll ()
O10 - Protocol_Catalog9\Catalog_Entries\000000000019 - C:\WINDOWS\System32\helper32.dll ()
O15 - HKLM\..Trusted Domains: 1 domain(s) and sub-domain(s) not assigned to a zone.
O15 - HKCU\..Trusted Domains: e-rewards.com ([www] https in Trusted sites)
O15 - HKCU\..Trusted Domains: turbotax.com ([]https in Trusted sites)
O15 - HKCU\..Trusted Domains: 1 domain(s) and sub-domain(s) not assigned to a zone.
O16 - DPF: {0C92900E-4D5A-4F04-ACC9-729E1767BBAE} [You must be registered and logged in to see this link.] (Image Uploader Control)
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} [You must be registered and logged in to see this link.] (Windows Genuine Advantage Validation Tool)
O16 - DPF: {1E2941E3-8E63-11D4-9D5A-00902742D6E0} [You must be registered and logged in to see this link.] (iNotes Class)
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} C:\Program Files\Yahoo!\Common\Yinsthelper.dll (Installation Support)
O16 - DPF: {3BFFE033-BF43-11D5-A271-00A024A51325} [You must be registered and logged in to see this link.] (iNotes6 Class)
O16 - DPF: {406B5949-7190-4245-91A9-30A17DE16AD0} [You must be registered and logged in to see this link.] (Snapfish Activia)
O16 - DPF: {895D1291-D5BD-4982-BA84-AD11D29C1D6A} [You must be registered and logged in to see this link.] (Image Uploader Control)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} [You must be registered and logged in to see this link.] (Java Plug-in 1.6.0_07)
O16 - DPF: {9600F64D-755F-11D4-A47F-0001023E6D5A} [You must be registered and logged in to see this link.] (Shutterfly Picture Upload Plugin)
O16 - DPF: {AE6C4705-0F11-4ACB-BDD4-37F138BEF289} [You must be registered and logged in to see this link.] (Image Uploader Control)
O16 - DPF: {CAFEEFAC-0015-0000-0000-ABCDEFFEDCBA} [You must be registered and logged in to see this link.] (Java Plug-in 1.5.0)
O16 - DPF: {CAFEEFAC-0016-0000-0000-ABCDEFFEDCBA} [You must be registered and logged in to see this link.] (Java Plug-in 1.6.0)
O16 - DPF: {CAFEEFAC-0016-0000-0001-ABCDEFFEDCBA} [You must be registered and logged in to see this link.] (Java Plug-in 1.6.0_01)
O16 - DPF: {CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA} [You must be registered and logged in to see this link.] (Java Plug-in 1.6.0_07)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} [You must be registered and logged in to see this link.] (Java Plug-in 1.6.0_07)
O16 - DPF: {CF40ACC5-E1BB-4AFF-AC72-04C2F616BCA7} [You must be registered and logged in to see this link.] (get_atlcom Class)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} [You must be registered and logged in to see this link.] (Shockwave Flash Object)
O16 - DPF: {F127B9BA-89EA-4B04-9C67-2074A9DF61FD} [You must be registered and logged in to see this link.] (Photo Upload Plugin Class)
O16 - DPF: Microsoft XML Parser for Java [You must be registered and logged in to see this link.] (Reg Error: Key error.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 68.94.156.1 68.94.157.1
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\WINDOWS\system32\winlogon32.exe) - C:\WINDOWS\system32\winlogon32.exe (IpVOPqgs)
O20 - Winlogon\Notify\igfxcui: DllName - igfxsrvc.dll - C:\WINDOWS\System32\igfxsrvc.dll (Intel Corporation)
O24 - Desktop WallPaper:
O24 - Desktop BackupWallPaper: C:\Documents and Settings\Administrator\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O32 - HKLM CDRom: AutoRun - 1
O33 - MountPoints2\{37ceba36-8d7a-11dc-bc87-000c41f04185}\Shell\AutoRun\command - "" = F:\JDSecure\Windows\JDSecure31.exe -- File not found
O33 - MountPoints2\{fdd7fc96-e9db-11de-be7c-000c41f04185}\Shell - "" = AutoRun
O33 - MountPoints2\{fdd7fc96-e9db-11de-be7c-000c41f04185}\Shell\AutoRun - "" = Auto&Play
O33 - MountPoints2\{fdd7fc96-e9db-11de-be7c-000c41f04185}\Shell\AutoRun\command - "" = G:\PhotoViewer.exe -- File not found
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35 - comfile [open] -- "%1" %*
O35 - exefile [open] -- "%1" %*

========== Files/Folders - Created Within 30 Days ==========

[2010/01/24 10:20:09 | 00,000,000 | ---D | C] -- C:\Program Files\TrendMicro
[2010/01/24 09:49:54 | 00,000,000 | ---D | C] -- C:\Program Files\InternetSecurity2010
[2010/01/23 22:08:56 | 00,000,000 | ---D | M] -- C:\Documents and Settings\NetworkService\Local Settings\Application Data\Microsoft
[2010/01/23 22:08:56 | 00,000,000 | ---D | M] -- C:\Documents and Settings\LocalService\Local Settings\Application Data\Microsoft
[2010/01/23 22:08:55 | 00,000,000 | --SD | M] -- C:\Documents and Settings\NetworkService\Application Data\Microsoft
[2010/01/23 22:08:55 | 00,000,000 | --SD | M] -- C:\Documents and Settings\LocalService\Application Data\Microsoft
[2010/01/23 18:13:34 | 00,020,480 | ---- | C] (IpVOPqgs) -- C:\WINDOWS\System32\winlogon32.exe
[2010/01/23 18:13:34 | 00,020,480 | ---- | C] (IpVOPqgs) -- C:\WINDOWS\System32\smss32.exe
[2010/01/12 19:12:18 | 00,471,552 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\aclayers.dll
[2009/12/30 19:47:29 | 00,005,504 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mstee.sys
[2009/12/30 19:44:38 | 00,010,880 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ndisip.sys
[2009/12/30 19:44:28 | 00,015,232 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\streamip.sys
[2009/12/30 19:44:27 | 00,016,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\ipsink.ax
[2009/12/30 19:44:27 | 00,016,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ipsink.ax
[2009/12/30 19:44:21 | 00,011,136 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\slip.sys
[2009/12/30 19:44:14 | 00,019,200 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wstcodec.sys
[2009/12/30 19:44:09 | 00,085,248 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\nabtsfec.sys
[2009/12/30 19:44:03 | 00,017,024 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ccdecode.sys
[2009/12/30 19:43:24 | 00,053,760 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\vfwwdm32.dll
[2009/12/30 19:43:24 | 00,053,760 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\vfwwdm32.dll
[2009/12/30 19:43:24 | 00,043,008 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\ksxbar.ax
[2009/12/30 19:43:24 | 00,043,008 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ksxbar.ax
[2009/12/30 19:43:23 | 00,091,136 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kswdmcap.ax
[2009/12/30 19:43:23 | 00,091,136 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kswdmcap.ax
[2009/12/30 19:43:23 | 00,061,952 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kstvtune.ax
[2009/12/30 19:43:23 | 00,061,952 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kstvtune.ax
[2009/12/30 19:42:43 | 00,037,760 | ---- | C] (Service & Quality Technology.) -- C:\WINDOWS\System32\drivers\Capt905c.sys
[2009/12/30 19:42:43 | 00,025,216 | ---- | C] (Service & Quality Technology.) -- C:\WINDOWS\System32\drivers\Camd905c.sys
[2008/12/05 14:35:07 | 00,000,000 | ---D | M] -- C:\Documents and Settings\LocalService\Local Settings\Application Data\Google
[2007/08/28 13:55:02 | 00,000,000 | ---D | M] -- C:\Documents and Settings\NetworkService\Local Settings\Application Data\Apple
[2005/11/22 21:38:06 | 20,921,040 | ---- | C] ( ) -- C:\Program Files\AdbeRdr705_enu_full.exe
[2005/09/12 20:21:12 | 00,000,000 | ---D | M] -- C:\Documents and Settings\NetworkService\Application Data\Symantec
[4 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
[1 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2010/01/24 20:14:21 | 00,000,000 | ---- | M] () -- C:\WINDOWS\System32\41.exe
[2010/01/24 20:14:17 | 00,002,931 | ---- | M] () -- C:\WINDOWS\System32\warning.html
[2010/01/24 20:14:01 | 00,001,158 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2010/01/24 20:13:30 | 00,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2010/01/24 20:12:19 | 00,000,006 | -H-- | M] () -- C:\WINDOWS\tasks\SA.DAT
[2010/01/24 20:10:49 | 04,718,592 | -H-- | M] () -- C:\Documents and Settings\Administrator\ntuser.dat
[2010/01/24 20:10:49 | 00,000,178 | -HS- | M] () -- C:\Documents and Settings\Administrator\ntuser.ini
[2010/01/24 20:07:17 | 00,001,010 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-421591467-158189010-1035158585-500UA.job
[2010/01/24 20:06:52 | 00,000,631 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\ImageMixer destination folder.lnk
[2010/01/24 20:04:21 | 00,001,280 | ---- | M] () -- C:\AClient.cfg
[2010/01/24 18:15:54 | 00,000,438 | -H-- | M] () -- C:\WINDOWS\tasks\User_Feed_Synchronization-{A599B464-9115-4E09-AE36-54CBFCC55CA5}.job
[2010/01/24 14:32:59 | 00,000,000 | ---- | M] () -- C:\WINDOWS\System32\19169.exe
[2010/01/24 14:24:32 | 00,039,363 | ---- | M] () -- C:\Documents and Settings\Administrator\My Documents\10ALAuction.ods
[2010/01/24 14:24:24 | 00,043,442 | ---- | M] () -- C:\Documents and Settings\Administrator\My Documents\10NLAuction.ods
[2010/01/24 14:12:58 | 00,000,000 | ---- | M] () -- C:\WINDOWS\System32\26500.exe
[2010/01/24 13:52:58 | 00,000,000 | ---- | M] () -- C:\WINDOWS\System32\6334.exe
[2010/01/24 13:32:58 | 00,000,000 | ---- | M] () -- C:\WINDOWS\System32\18467.exe
[2010/01/24 10:03:24 | 03,952,746 | -H-- | M] () -- C:\Documents and Settings\Administrator\Local Settings\Application Data\IconCache.db
[2010/01/23 22:00:35 | 00,000,000 | ---- | M] () -- C:\WINDOWS\System32\28145.exe
[2010/01/23 21:40:25 | 00,000,000 | ---- | M] () -- C:\WINDOWS\System32\5705.exe
[2010/01/23 21:20:16 | 00,000,000 | ---- | M] () -- C:\WINDOWS\System32\24464.exe
[2010/01/23 21:00:12 | 00,000,000 | ---- | M] () -- C:\WINDOWS\System32\26962.exe
[2010/01/23 20:39:47 | 00,000,000 | ---- | M] () -- C:\WINDOWS\System32\29358.exe
[2010/01/23 20:26:07 | 00,004,806 | -H-- | M] () -- C:\ffastun.ffa
[2010/01/23 20:26:06 | 00,315,392 | -H-- | M] () -- C:\ffastun.ffo
[2010/01/23 20:25:58 | 02,797,568 | -H-- | M] () -- C:\ffastun0.ffx
[2010/01/23 20:25:58 | 01,671,168 | -H-- | M] () -- C:\ffastun.ffl
[2010/01/23 20:19:32 | 00,000,000 | ---- | M] () -- C:\WINDOWS\System32\11478.exe
[2010/01/23 19:59:31 | 00,000,000 | ---- | M] () -- C:\WINDOWS\System32\15724.exe
[2010/01/23 18:18:47 | 00,018,432 | ---- | M] () -- C:\WINDOWS\System32\helper32.dll
[2010/01/23 18:13:36 | 00,000,001 | ---- | M] () -- C:\s
[2010/01/23 18:13:31 | 00,020,480 | ---- | M] (IpVOPqgs) -- C:\WINDOWS\System32\winlogon32.exe
[2010/01/23 18:13:31 | 00,020,480 | ---- | M] (IpVOPqgs) -- C:\WINDOWS\System32\smss32.exe
[2010/01/22 23:14:27 | 00,026,624 | ---- | M] () -- C:\Documents and Settings\Administrator\My Documents\012210lnnchoop.doc
[2010/01/22 22:16:52 | 00,002,473 | ---- | M] () -- C:\Documents and Settings\Administrator\Desktop\Microsoft Word.lnk
[2010/01/21 19:15:40 | 00,002,137 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\iTunes.lnk
[2010/01/19 08:07:33 | 00,000,638 | ---- | M] () -- C:\WINDOWS\tasks\Norton Internet Security - Run Full System Scan - Administrator.job
[2010/01/19 04:07:04 | 00,000,958 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-421591467-158189010-1035158585-500Core.job
[2010/01/13 03:07:50 | 00,001,374 | ---- | M] () -- C:\WINDOWS\imsins.BAK
[2010/01/11 12:12:41 | 00,000,284 | ---- | M] () -- C:\WINDOWS\tasks\AppleSoftwareUpdate.job
[2009/12/30 19:42:45 | 00,000,531 | ---- | M] () -- C:\WINDOWS\win.ini
[2009/12/30 19:41:57 | 00,000,949 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Disney Pix Micro Downloader.lnk
[2009/12/30 19:01:07 | 00,000,734 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Disney Pix 2.lnk
[4 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
[1 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]

========== Files Created - No Company Name ==========

[2010/01/24 20:14:17 | 00,002,931 | ---- | C] () -- C:\WINDOWS\System32\warning.html
[2010/01/24 20:06:43 | 00,000,000 | ---- | C] () -- C:\WINDOWS\System32\41.exe
[2010/01/23 22:00:35 | 00,000,000 | ---- | C] () -- C:\WINDOWS\System32\28145.exe
[2010/01/23 21:40:25 | 00,000,000 | ---- | C] () -- C:\WINDOWS\System32\5705.exe
[2010/01/23 21:20:16 | 00,000,000 | ---- | C] () -- C:\WINDOWS\System32\24464.exe
[2010/01/23 21:00:12 | 00,000,000 | ---- | C] () -- C:\WINDOWS\System32\26962.exe
[2010/01/23 20:39:47 | 00,000,000 | ---- | C] () -- C:\WINDOWS\System32\29358.exe
[2010/01/23 20:19:32 | 00,000,000 | ---- | C] () -- C:\WINDOWS\System32\11478.exe
[2010/01/23 19:59:31 | 00,000,000 | ---- | C] () -- C:\WINDOWS\System32\15724.exe
[2010/01/23 19:39:28 | 00,000,000 | ---- | C] () -- C:\WINDOWS\System32\19169.exe
[2010/01/23 19:19:25 | 00,000,000 | ---- | C] () -- C:\WINDOWS\System32\26500.exe
[2010/01/23 18:59:21 | 00,000,000 | ---- | C] () -- C:\WINDOWS\System32\6334.exe
[2010/01/23 18:39:18 | 00,000,000 | ---- | C] () -- C:\WINDOWS\System32\18467.exe
[2010/01/23 18:18:47 | 00,018,432 | ---- | C] () -- C:\WINDOWS\System32\helper32.dll
[2010/01/23 18:13:36 | 00,000,001 | ---- | C] () -- C:\s
[2010/01/22 22:49:17 | 00,026,624 | ---- | C] () -- C:\Documents and Settings\Administrator\My Documents\012210lnnchoop.doc
[2009/12/30 19:41:57 | 00,000,949 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Disney Pix Micro Downloader.lnk
[2009/12/30 19:01:07 | 00,000,734 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Disney Pix 2.lnk
[2009/10/10 12:47:16 | 00,000,000 | ---- | C] () -- C:\WINDOWS\OPPRIN~1.INI
[2008/09/08 18:49:25 | 00,053,760 | ---- | C] () -- C:\WINDOWS\System32\Zlib.dll
[2008/04/07 15:48:10 | 00,003,654 | ---- | C] () -- C:\WINDOWS\System32\drivers\Sonyhcp.dll
[2008/01/26 15:34:55 | 00,000,812 | ---- | C] () -- C:\WINDOWS\ka.ini
[2007/11/07 16:41:53 | 00,000,000 | ---- | C] () -- C:\WINDOWS\JDSecure31.INI
[2007/11/07 16:41:49 | 00,061,440 | ---- | C] () -- C:\WINDOWS\System32\LxrJD20Sat.dll
[2007/11/07 16:41:48 | 00,249,856 | ---- | C] () -- C:\WINDOWS\System32\LxrJD31.dll
[2007/11/07 16:41:48 | 00,069,824 | ---- | C] () -- C:\WINDOWS\System32\drivers\LxrJD31d.sys
[2007/10/03 10:19:23 | 00,000,069 | ---- | C] () -- C:\WINDOWS\NeroDigital.ini
[2006/11/06 21:34:57 | 00,001,747 | ---- | C] () -- C:\Documents and Settings\All Users\Application Data\QTSBandwidthCache
[2006/04/30 19:21:38 | 00,000,109 | ---- | C] () -- C:\WINDOWS\webica.ini
[2006/03/24 14:09:50 | 00,972,800 | ---- | C] () -- C:\Program Files\PECOTA_03_21_2006.xls
[2006/02/05 12:32:58 | 00,674,304 | ---- | C] () -- C:\Program Files\PECOTA_01_25_2006.xls
[2006/01/19 10:32:48 | 00,029,696 | ---- | C] () -- C:\Program Files\ALOF_1_.xlr
[2006/01/18 18:25:29 | 00,024,064 | ---- | C] () -- C:\Program Files\ALC.xls
[2006/01/18 18:22:47 | 00,000,893 | ---- | C] () -- C:\WINDOWS\wizards.ini
[2005/11/10 00:27:46 | 42,068,374 | ---- | C] () -- C:\Program Files\NIS06900_2YR.exe
[2005/09/25 11:29:47 | 00,007,812 | ---- | C] () -- C:\WINDOWS\System32\visorusb.dll
[2005/09/24 09:01:28 | 00,098,304 | ---- | C] () -- C:\Documents and Settings\Administrator\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2005/09/23 14:21:06 | 00,000,061 | ---- | C] () -- C:\WINDOWS\ma_Tales.ini
[2005/09/23 14:20:39 | 00,012,074 | ---- | C] () -- C:\WINDOWS\MA_BB.INI
[2005/09/16 09:08:41 | 00,000,113 | ---- | C] () -- C:\WINDOWS\WININIT.INI
[2005/09/13 01:27:13 | 00,000,063 | ---- | C] () -- C:\WINDOWS\mdm.ini
[2005/09/13 01:00:22 | 00,000,376 | ---- | C] () -- C:\WINDOWS\ODBC.INI
[2005/09/12 20:58:01 | 00,040,960 | ---- | C] () -- C:\WINDOWS\System32\IsUser11b.dll
[2005/09/08 22:06:04 | 00,065,536 | ---- | C] () -- C:\WINDOWS\System32\YCRWin32.dll
[2005/08/31 11:43:32 | 00,098,304 | ---- | C] () -- C:\WINDOWS\System32\resourceGeneric.dll
[2005/08/03 13:01:23 | 00,000,061 | ---- | C] () -- C:\WINDOWS\smscfg.ini
[2005/08/03 12:53:02 | 00,049,152 | ---- | C] () -- C:\WINDOWS\EAKUSB.dll
[2005/08/03 12:53:02 | 00,024,576 | ---- | C] () -- C:\WINDOWS\MAKHkdll.dll
[2005/08/03 12:51:10 | 00,000,044 | ---- | C] () -- C:\WINDOWS\System32\msssc.dll
[2003/07/14 14:30:28 | 00,197,120 | ---- | C] () -- C:\WINDOWS\patchw32.dll
[2002/05/08 04:12:22 | 00,001,065 | ---- | C] () -- C:\WINDOWS\System32\oeminfo.ini
[1998/05/14 00:00:00 | 00,116,736 | ---- | C] () -- C:\WINDOWS\System32\PCDLIB32.DLL
[1997/11/10 15:18:48 | 00,010,240 | ---- | C] () -- C:\WINDOWS\System32\vidx16.dll
[1997/08/19 00:00:00 | 00,022,016 | ---- | C] () -- C:\WINDOWS\System32\DOCOBJ.DLL
[1997/08/19 00:00:00 | 00,012,288 | ---- | C] () -- C:\WINDOWS\System32\HLINKPRX.DLL

< End of report >
SRV - File not found [Disabled | Stopped] -- -- (NMIndexingService)
SRV - File not found [Auto | Stopped] -- -- ($sys$DRMServer)
SRV - [2009/10/28 20:21:14 | 00,545,568 | ---- | M] (Apple Inc.) [On_Demand | Stopped] -- C:\Program Files\iPod\bin\iPodService.exe -- (iPod Service)
SRV - [2009/09/28 08:42:50 | 00,109,056 | ---- | M] (ArcSoft Inc.) [Auto | Stopped] -- C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACService.exe -- (ACDaemon)
SRV - [2009/06/05 10:48:14 | 00,144,712 | ---- | M] (Apple Inc.) [Auto | Stopped] -- C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe -- (Apple Mobile Device)
SRV - [2008/12/12 11:17:38 | 00,238,888 | ---- | M] (Apple Inc.) [Auto | Stopped] -- C:\Program Files\Bonjour\mDNSResponder.exe -- (Bonjour Service)
SRV - [2008/10/17 14:52:10 | 00,149,352 | ---- | M] (Symantec Corporation) [Auto | Stopped] -- C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe -- (LiveUpdate Notice)
SRV - [2008/10/17 14:52:10 | 00,149,352 | ---- | M] (Symantec Corporation) [Auto | Stopped] -- C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe -- (CLTNetCnService)
SRV - [2008/10/17 14:52:10 | 00,149,352 | ---- | M] (Symantec Corporation) [Auto | Stopped] -- C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe -- (ccSetMgr)
SRV - [2008/10/17 14:52:10 | 00,149,352 | ---- | M] (Symantec Corporation) [Auto | Stopped] -- C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe -- (ccEvtMgr)
SRV - [2008/10/10 05:45:26 | 00,013,088 | ---- | M] (Intuit Inc.) [Auto | Stopped] -- C:\Program Files\Common Files\Intuit\Update Service\IntuitUpdateService.exe -- (IntuitUpdateService)
SRV - [2008/01/23 15:59:05 | 01,251,720 | ---- | M] () [On_Demand | Stopped] -- C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe -- (Symantec Core LC)
SRV - [2007/11/07 16:41:48 | 00,071,168 | ---- | M] () [Auto | Stopped] -- C:\WINDOWS\System32\LxrJD31s.exe -- (LxrJD31s)
SRV - [2007/08/31 10:49:50 | 00,243,064 | ---- | M] (Symantec Corporation) [Auto | Stopped] -- C:\Program Files\Symantec\LiveUpdate\AluSchedulerSvc.exe -- (Automatic LiveUpdate Scheduler)
SRV - [2007/08/23 15:35:22 | 03,192,184 | ---- | M] (Symantec Corporation) [On_Demand | Stopped] -- C:\Program Files\Symantec\LiveUpdate\LuComServer_3_4.EXE -- (LiveUpdate)
SRV - [2007/08/22 02:21:30 | 00,055,640 | ---- | M] (Symantec Corporation) [On_Demand | Stopped] -- C:\Program Files\Common Files\Symantec Shared\VAScanner\comHost.exe -- (comHost)
SRV - [2007/01/03 20:40:21 | 00,136,120 | ---- | M] (Google) [On_Demand | Stopped] -- C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe -- (gusvc)
SRV - [2004/10/07 09:42:57 | 00,167,936 | ---- | M] () [Auto | Stopped] -- C:\WINDOWS\CDProxyServ.exe -- (CD_Proxy)
SRV - [2004/08/23 08:31:34 | 04,845,644 | ---- | M] (Altiris, Inc.) [Auto | Stopped] -- C:\Program Files\Aclient\AClient.exe -- (AClient)
SRV - [2002/09/20 17:50:10 | 00,045,056 | ---- | M] (Analog Devices, Inc.) [Auto | Stopped] -- C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe -- (SoundMAX Agent Service (default))


========== Driver Services (SafeList) ==========

DRV - [2009/11/19 22:02:58 | 00,268,664 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Stopped] -- C:\Program Files\Common Files\Symantec Shared\SymcData\ipsdefs\20100119.001\SymIDSCo.sys -- (SYMIDSCO)
DRV - [2009/08/28 18:42:52 | 00,040,448 | ---- | M] (Apple, Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\usbaapl.sys -- (USBAAPL)
DRV - [2009/08/27 03:00:00 | 00,371,248 | ---- | M] (Symantec Corporation) [Kernel | System | Stopped] -- C:\Program Files\Common Files\Symantec Shared\EENGINE\eeCtrl.sys -- (eeCtrl)
DRV - [2009/08/27 03:00:00 | 00,102,448 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Stopped] -- C:\Program Files\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys -- (EraserUtilRebootDrv)
DRV - [2009/08/25 03:00:00 | 01,323,568 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Stopped] -- C:\Program Files\Common Files\Symantec Shared\VirusDefs\20100123.003\NAVEX15.SYS -- (NAVEX15)
DRV - [2009/08/25 03:00:00 | 00,084,912 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Stopped] -- C:\Program Files\Common Files\Symantec Shared\VirusDefs\20100123.003\NAVENG.SYS -- (NAVENG)
DRV - [2009/05/18 13:17:00 | 00,026,600 | ---- | M] (GEAR Software Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\GEARAspiWDM.sys -- (GEARAspiWDM)
DRV - [2009/02/19 11:31:42 | 00,031,280 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\SymIM.sys -- (SymIMMP)
DRV - [2009/02/19 11:31:42 | 00,031,280 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\SymIM.sys -- (SymIM)
DRV - [2009/02/19 11:31:16 | 00,184,496 | ---- | M] (Symantec Corporation) [Kernel | System | Stopped] -- C:\WINDOWS\System32\Drivers\SYMTDI.SYS -- (SYMTDI)
DRV - [2009/02/19 11:31:16 | 00,096,560 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\System32\Drivers\SYMFW.SYS -- (SYMFW)
DRV - [2009/02/19 11:31:16 | 00,038,576 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\System32\Drivers\SYMIDS.SYS -- (SYMIDS)
DRV - [2009/02/19 11:31:16 | 00,037,424 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\System32\Drivers\SYMNDIS.SYS -- (SYMNDIS)
DRV - [2009/02/19 11:31:16 | 00,022,320 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\System32\Drivers\SYMREDRV.SYS -- (SYMREDRV)
DRV - [2009/02/19 11:31:16 | 00,013,616 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\System32\Drivers\SYMDNS.SYS -- (SYMDNS)
DRV - [2009/01/09 09:54:07 | 00,124,464 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\SYMEVENT.SYS -- (SymEvent)
DRV - [2008/11/20 14:19:06 | 00,043,872 | ---- | M] (Sonic Solutions) [Kernel | Boot | Running] -- C:\WINDOWS\System32\Drivers\PxHelp20.sys -- (PxHelp20)
DRV - [2008/09/05 13:31:42 | 00,447,024 | ---- | M] (Symantec Corporation) [Kernel | System | Stopped] -- C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCDrv.sys -- (SPBBCDrv)
DRV - [2008/07/30 16:42:12 | 00,023,888 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\COH_Mon.sys -- (COH_Mon)
DRV - [2007/11/30 23:57:12 | 00,317,616 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\srtspl.sys -- (SRTSPL)
DRV - [2007/11/30 23:57:12 | 00,279,088 | ---- | M] (Symantec Corporation) [File_System | System | Stopped] -- C:\WINDOWS\system32\drivers\srtsp.sys -- (SRTSP)
DRV - [2007/11/30 23:57:12 | 00,043,696 | ---- | M] (Symantec Corporation) [Kernel | System | Stopped] -- C:\WINDOWS\system32\drivers\srtspx.sys -- (SRTSPX)
DRV - [2007/11/13 05:25:53 | 00,020,480 | ---- | M] (Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\secdrv.sys -- (Secdrv)
DRV - [2007/11/07 16:41:48 | 00,069,824 | ---- | M] () [Kernel | Auto | Stopped] -- C:\WINDOWS\system32\drivers\LxrJD31d.sys -- (LxrJD31d)
DRV - [2007/08/08 18:39:56 | 00,036,056 | ---- | M] (Symantec Corporation) [Kernel | Auto | Stopped] -- C:\WINDOWS\system32\drivers\CO_Mon.sys -- (CO_Mon)
DRV - [2007/05/18 11:41:30 | 00,037,760 | ---- | M] (Service & Quality Technology.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\Capt905c.sys -- (SQTECH905C)
DRV - [2005/11/10 00:34:45 | 00,010,344 | ---- | M] (Symantec Corporation) [Kernel | Auto | Stopped] -- C:\WINDOWS\system32\drivers\symlcbrd.sys -- (symlcbrd)
DRV - [2005/07/04 07:52:50 | 00,018,432 | ---- | M] (First 4 Internet) [Kernel | Boot | Running] -- C:\WINDOWS\System32\Drivers\$sys$cor.sys -- ($sys$cor)
DRV - [2005/07/04 05:51:37 | 00,011,904 | ---- | M] (First 4 Internet) [Kernel | System | Running] -- C:\WINDOWS\system32\$sys$filesystem\crater.sys -- ($sys$crater)
DRV - [2005/04/21 00:33:12 | 00,112,384 | R--- | M] (NETGEAR Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\wg111v2.sys -- (RTLWUSB)
DRV - [2004/11/16 08:46:38 | 00,190,592 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\b57xp32.sys -- (b57w2k)
DRV - [2004/09/30 12:05:12 | 00,752,093 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ialmnt5.sys -- (ialm)
DRV - [2004/08/04 03:00:00 | 00,017,792 | ---- | M] (Parallel Technologies, Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ptilink.sys -- (Ptilink)
DRV - [2004/08/03 22:31:20 | 00,036,224 | ---- | M] (ADMtek Incorporated.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\an983.sys -- (AN983)
DRV - [2004/08/03 12:29:50 | 00,019,455 | ---- | M] (Intel(R) Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\wVchNTxx.sys -- (iAimFP4)
DRV - [2004/08/03 12:29:48 | 00,012,063 | ---- | M] (Intel(R) Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\wSiINTxx.sys -- (iAimFP3)
DRV - [2004/08/03 12:29:46 | 00,025,471 | ---- | M] (Intel(R) Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\wATV10nt.sys -- (iAimTV5)
DRV - [2004/08/03 12:29:46 | 00,023,615 | ---- | M] (Intel(R) Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\wCh7xxNT.sys -- (iAimTV4)
DRV - [2004/08/03 12:29:46 | 00,022,271 | ---- | M] (Intel(R) Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\wATV06nt.sys -- (iAimTV6)
DRV - [2004/08/03 12:29:44 | 00,033,599 | ---- | M] (Intel(R) Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\wATV04nt.sys -- (iAimTV3)
DRV - [2004/08/03 12:29:44 | 00,019,551 | ---- | M] (Intel(R) Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\wATV02NT.sys -- (iAimTV1)
DRV - [2004/08/03 12:29:42 | 00,029,311 | ---- | M] (Intel(R) Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\wATV01nt.sys -- (iAimTV0)
DRV - [2004/08/03 12:29:42 | 00,011,871 | ---- | M] (Intel(R) Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\wADV09NT.sys -- (iAimFP7)
DRV - [2004/08/03 12:29:40 | 00,011,807 | ---- | M] (Intel(R) Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\wADV07nt.sys -- (iAimFP5)
DRV - [2004/08/03 12:29:40 | 00,011,295 | ---- | M] (Intel(R) Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\wADV08NT.sys -- (iAimFP6)
DRV - [2004/08/03 12:29:38 | 00,161,020 | ---- | M] (Intel(R) Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\i81xnt5.sys -- (i81x)
DRV - [2004/08/03 12:29:38 | 00,012,415 | ---- | M] (Intel(R) Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\wADV01nt.sys -- (iAimFP0)
DRV - [2004/08/03 12:29:38 | 00,012,127 | ---- | M] (Intel(R) Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\wADV02NT.sys -- (iAimFP1)
DRV - [2004/08/03 12:29:38 | 00,011,775 | ---- | M] (Intel(R) Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\wADV05NT.sys -- (iAimFP2)
DRV - [2004/04/15 13:20:36 | 00,612,416 | ---- | M] (Analog Devices, Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\smwdm.sys -- (smwdm)
DRV - [2004/02/04 13:34:16 | 00,051,584 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\baspxp32.sys -- (Blfp)
DRV - [2003/10/23 06:17:10 | 00,100,384 | ---- | M] (Andrea Electronics Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\aeaudio.sys -- (aeaudio)
DRV - [2002/05/08 13:44:42 | 00,105,472 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\WINDOWS\system32\DRIVERS\adpu320.sys -- (adpu320)
DRV - [2002/04/04 01:32:06 | 00,028,416 | R--- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\WINDOWS\system32\DRIVERS\symmpi.sys -- (Symmpi)
DRV - [2001/10/24 19:16:10 | 00,036,224 | R--- | M] (LinkSys Group Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\lne100v5.sys -- (LNE100) Linksys LNE100TX(v5)
DRV - [2001/08/30 10:15:36 | 00,019,968 | ---- | M] (Handspring, Inc) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\VisorUsb.sys -- (VisorUsb)
DRV - [2001/08/17 12:56:16 | 00,007,552 | ---- | M] (Sony Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\SONYPVU1.SYS -- (SONYPVU1) Sony USB Filter Driver (SONYPVU1)
DRV - [2001/08/17 11:07:42 | 00,030,688 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\WINDOWS\system32\DRIVERS\sym_u3.sys -- (sym_u3)
DRV - [2001/08/17 11:07:40 | 00,028,384 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\WINDOWS\system32\DRIVERS\sym_hi.sys -- (sym_hi)
DRV - [2001/08/17 11:07:36 | 00,032,640 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\WINDOWS\system32\DRIVERS\symc8xx.sys -- (symc8xx)
DRV - [2001/08/17 11:07:34 | 00,016,256 | ---- | M] (Symbios Logic Inc.) [Kernel | Disabled | Stopped] -- C:\WINDOWS\system32\DRIVERS\symc810.sys -- (symc810)
DRV - [2001/08/17 02:20:04 | 00,096,256 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ac97intc.sys -- (ac97intc) Intel(r) 82801 Audio Driver Install Service (WDM)
DRV - [2001/08/17 02:12:10 | 00,117,760 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\e100b325.sys -- (E100B) Intel(R)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,CustomSearch = [You must be registered and logged in to see this link.]

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,SearchMigratedDefaultName = Yahoo! Search
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,SearchMigratedDefaultURL = [You must be registered and logged in to see this link.]
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = [You must be registered and logged in to see this link.]
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local

========== FireFox ==========

FF - prefs.js..browser.search.defaultenginename: "Yahoo! Search"
FF - prefs.js..browser.search.defaulturl: "http://www.google.com/search?lr=&ie=UTF-8&oe=UTF-8&q="
FF - prefs.js..browser.search.selectedEngine: "Yahoo! Search"
FF - prefs.js..keyword.URL: "http://us.yhs.search.yahoo.com/avg/search?fr=yhs-avgb&type=yahoo_avg_hs2-tb-web_us&p="

FF - HKLM\software\mozilla\Mozilla Firefox 3.5.7\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2010/01/20 12:31:40 | 00,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.5.7\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2010/01/20 12:31:40 | 00,000,000 | ---D | M]

[2009/01/13 11:38:39 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Application Data\Mozilla\Extensions
[2010/01/24 13:56:24 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\cldhl1pz.default\extensions
[2008/08/09 12:31:12 | 00,000,000 | ---D | M] (Yahoo! Toolbar) -- C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\cldhl1pz.default\extensions\{635abd67-4fe9-1b23-4f01-e679fa7484c1}
[2010/01/24 13:56:24 | 00,000,000 | ---D | M] -- C:\Program Files\Mozilla Firefox\extensions
[2007/05/24 20:16:01 | 00,000,000 | ---D | M] (Google Toolbar for Firefox) -- C:\Program Files\Mozilla Firefox\extensions\{3112ca9c-de6d-4884-a869-9855de68056c}
[2007/08/24 22:52:00 | 00,300,400 | ---- | M] (Symantec Corporation) -- C:\Program Files\Mozilla Firefox\components\coFFPlgn.dll
[2006/01/18 11:50:00 | 00,319,488 | ---- | M] ( ) -- C:\Program Files\Mozilla Firefox\plugins\npsnapfish.dll

O1 HOSTS File: ([2004/08/04 03:00:00 | 00,000,734 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (no name) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - No CLSID value found.
O2 - BHO: (Adobe PDF Reader Link Helper) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
O2 - BHO: (AVG Safe Search) - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG8\avgssie.dll File not found
O2 - BHO: (no name) - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files\Common Files\Symantec Shared\coShared\Browser\2.0\CoIEPlg.dll (Symantec Corporation)
O2 - BHO: (Symantec Intrusion Prevention) - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files\Common Files\Symantec Shared\IDS\IPSBHO.dll (Symantec Corporation)
O2 - BHO: (SSVHelper Class) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll (Sun Microsystems, Inc.)
O2 - BHO: (DCA BHO) - {B49699FC-1665-4414-A1CB-C4A2A4A13EEC} - C:\Program Files\Upromise\dca-bho.dll (Compete, Inc.)
O2 - BHO: (Upromise TurboSaver) - {EDC0F17F-F4B7-47e4-B73E-887FAEB376FA} - C:\Program Files\Upromise\upromisetoolbar.dll (Upromise, Inc.)
O3 - HKLM\..\Toolbar: (Upromise TurboSaver) - {06E58E5E-F8CB-4049-991E-A41C03BD419E} - C:\Program Files\Upromise\upromisetoolbar.dll (Upromise, Inc.)
O3 - HKLM\..\Toolbar: (Show Norton Toolbar) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files\Common Files\Symantec Shared\coShared\Browser\2.0\CoIEPlg.dll (Symantec Corporation)
O3 - HKLM\..\Toolbar: (no name) - {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - No CLSID value found.
O3 - HKCU\..\Toolbar\ShellBrowser: (no name) - {C4069E3A-68F1-403E-B40E-20066696354B} - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (Show Norton Toolbar) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files\Common Files\Symantec Shared\coShared\Browser\2.0\CoIEPlg.dll (Symantec Corporation)
O4 - HKLM..\Run: [AClntUsr] C:\Program Files\Aclient\AClntUsr.EXE ()
O4 - HKLM..\Run: [AppleSyncNotifier] C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleSyncNotifier.exe (Apple Inc.)
O4 - HKLM..\Run: [ArcSoft Connection Service] C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe (ArcSoft Inc.)
O4 - HKLM..\Run: [bacstray] C:\Program Files\Broadcom\BACS\BacsTray.exe (Broadcom Corporation)
O4 - HKLM..\Run: [BJCFD] C:\Program Files\BroadJump\Client Foundation\CFD.exe ()
O4 - HKLM..\Run: [ccApp] C:\Program Files\Common Files\Symantec Shared\ccApp.exe (Symantec Corporation)
O4 - HKLM..\Run: [HotKeysCmds] C:\WINDOWS\system32\hkcmd.exe (Intel Corporation)
O4 - HKLM..\Run: [IgfxTray] C:\WINDOWS\system32\igfxtray.exe (Intel Corporation)
O4 - HKLM..\Run: [IPInSightLAN 02] C:\Program Files\Visual Networks\Visual IP InSight\SBC\IPClient.exe (Visual Networks)
O4 - HKLM..\Run: [IPInSightMonitor 02] C:\Program Files\Visual Networks\Visual IP InSight\SBC\IPMon32.exe (Visual Networks)
O4 - HKLM..\Run: [iTunesHelper] C:\Program Files\iTunes\iTunesHelper.exe (Apple Inc.)
O4 - HKLM..\Run: [MAKTray] C:\WINDOWS\MAKTray.exe (Hewlett-Packard Development Company, L.P.)
O4 - HKLM..\Run: [osCheck] C:\Program Files\Norton Internet Security\osCheck.exe (Symantec Corporation)
O4 - HKLM..\Run: [PDF Complete] C:\Program Files\PDF Complete\pdfsty.exe (PDF Complete Inc)
O4 - HKLM..\Run: [QuickTime Task] C:\Program Files\QuickTime\QTTask.exe (Apple Inc.)
O4 - HKLM..\Run: [SetRefresh] C:\Program Files\Compaq\SetRefresh\SetRefresh.exe (Hewlett-Packard Company)
O4 - HKLM..\Run: [Smapp] C:\Program Files\Analog Devices\SoundMAX\SMTray.exe (Analog Devices, Inc.)
O4 - HKLM..\Run: [smss32.exe] C:\WINDOWS\system32\smss32.exe (IpVOPqgs)
O4 - HKLM..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe (Sun Microsystems, Inc.)
O4 - HKCU..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe File not found
O4 - HKCU..\Run: [Google Update] C:\Documents and Settings\Administrator\Local Settings\Application Data\Google\Update\GoogleUpdate.exe (Google Inc.)
O4 - HKCU..\Run: [Internet Security 2010] C:\Program Files\InternetSecurity2010\IS2010.exe (Internet Security)
O4 - HKCU..\Run: [Reminder] C:\Program Files\Microsoft Money\System\REMINDER.EXE (Microsoft Corporation)
O4 - HKCU..\Run: [updateMgr] C:\Program Files\Adobe\Acrobat 7.0\Reader\AdobeUpdateManager.exe (Adobe Systems Incorporated)
O4 - HKCU..\Run: [Upromise Tray] C:\Program Files\Upromise\UpromiseTray.exe ()
O4 - HKCU..\Run: [Upromise Update] C:\Program Files\Upromise\dca-ua.exe (Compete Inc)
O4 - HKCU..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\wmpnscfg.exe (Microsoft Corporation)
O4 - HKCU..\Run: [XPAgent] C:\WINDOWS\System32\XPAgent.exe File not found
O4 - Startup: C:\Documents and Settings\Administrator\Start Menu\Programs\Startup\GoZone iSync.lnk = C:\Program Files\GoZone\GoZone_iSync.exe (Virgin HealthMiles Inc.)
O4 - Startup: C:\Documents and Settings\Administrator\Start Menu\Programs\Startup\HotSync Manager.lnk = C:\Program Files\Handspring\HOTSYNC.EXE (Palm Computing, Inc.)
O4 - Startup: C:\Documents and Settings\Administrator\Start Menu\Programs\Startup\OpenOffice.org 2.2.lnk = C:\Program Files\OpenOffice.org 2.2\program\quickstart.exe ()
O4 - Startup: C:\Documents and Settings\Administrator\Start Menu\Programs\Startup\Picture Motion Browser Media Check Tool.lnk = C:\Program Files\Sony\Sony Picture Utility\VolumeWatcher\SPUVolumeWatcher.exe (Sony Corporation)
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe (Adobe Systems Incorporated)
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\ImageMixer for HDD Camcorder.lnk = C:\Program Files\PIXELA\ImageMixer for HDD Camcorder\IMx3Launcher.exe (PIXELA CORPORATION)
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Kodak EasyShare software.lnk = C:\Program Files\Kodak\Kodak EasyShare software\bin\EasyShare.exe (Eastman Kodak Company)
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Microsoft Find Fast.lnk = C:\Program Files\Microsoft Office\FINDFAST.EXE ()
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office\OSA9.EXE (Microsoft Corporation)
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Office Startup.lnk = C:\Program Files\Microsoft Office\OSA.EXE ()
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Philips GoGear VIBE Device Manager.lnk = C:\Program Files\Philips\GoGear VIBE Device Manager\GoGear_Vibe_DeviceManager.exe (Philips)
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Snapfish PictureMover.lnk = C:\Program Files\Snapfish PictureMover\PictureMover.exe ()
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoSetActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoSetActiveDesktop = 1
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableTaskMgr = 1
O8 - Extra context menu item: Add to Google Photos Screensa&ver - C:\WINDOWS\System32\GPhotos.scr (Google Inc.)
O9 - Extra Button: Upromise TurboSaver - {06E58E5E-F8CB-4049-991E-A41C03BD419E} - C:\Program Files\Upromise\upromisetoolbar.dll (Upromise, Inc.)
O9 - Extra 'Tools' menuitem : Upromise TurboSaver - {06E58E5E-F8CB-4049-991E-A41C03BD419E} - C:\Program Files\Upromise\upromisetoolbar.dll (Upromise, Inc.)
O9 - Extra 'Tools' menuitem : Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\npjpi160_07.dll (Sun Microsystems, Inc.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O10 - Protocol_Catalog9\Catalog_Entries\000000000001 - C:\WINDOWS\System32\helper32.dll ()
O10 - Protocol_Catalog9\Catalog_Entries\000000000019 - C:\WINDOWS\System32\helper32.dll ()
O15 - HKLM\..Trusted Domains: 1 domain(s) and sub-domain(s) not assigned to a zone.
O15 - HKCU\..Trusted Domains: e-rewards.com ([www] https in Trusted sites)
O15 - HKCU\..Trusted Domains: turbotax.com ([]https in Trusted sites)
O15 - HKCU\..Trusted Domains: 1 domain(s) and sub-domain(s) not assigned to a zone.
O16 - DPF: {0C92900E-4D5A-4F04-ACC9-729E1767BBAE} [You must be registered and logged in to see this link.] (Image Uploader Control)
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} [You must be registered and logged in to see this link.] (Windows Genuine Advantage Validation Tool)
O16 - DPF: {1E2941E3-8E63-11D4-9D5A-00902742D6E0} [You must be registered and logged in to see this link.] (iNotes Class)
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} C:\Program Files\Yahoo!\Common\Yinsthelper.dll (Installation Support)
O16 - DPF: {3BFFE033-BF43-11D5-A271-00A024A51325} [You must be registered and logged in to see this link.] (iNotes6 Class)
O16 - DPF: {406B5949-7190-4245-91A9-30A17DE16AD0} [You must be registered and logged in to see this link.] (Snapfish Activia)
O16 - DPF: {895D1291-D5BD-4982-BA84-AD11D29C1D6A} [You must be registered and logged in to see this link.] (Image Uploader Control)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} [You must be registered and logged in to see this link.] (Java Plug-in 1.6.0_07)
O16 - DPF: {9600F64D-755F-11D4-A47F-0001023E6D5A} [You must be registered and logged in to see this link.] (Shutterfly Picture Upload Plugin)
O16 - DPF: {AE6C4705-0F11-4ACB-BDD4-37F138BEF289} [You must be registered and logged in to see this link.] (Image Uploader Control)
O16 - DPF: {CAFEEFAC-0015-0000-0000-ABCDEFFEDCBA} [You must be registered and logged in to see this link.] (Java Plug-in 1.5.0)
O16 - DPF: {CAFEEFAC-0016-0000-0000-ABCDEFFEDCBA} [You must be registered and logged in to see this link.] (Java Plug-in 1.6.0)
O16 - DPF: {CAFEEFAC-0016-0000-0001-ABCDEFFEDCBA} [You must be registered and logged in to see this link.] (Java Plug-in 1.6.0_01)
O16 - DPF: {CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA} [You must be registered and logged in to see this link.] (Java Plug-in 1.6.0_07)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} [You must be registered and logged in to see this link.] (Java Plug-in 1.6.0_07)
O16 - DPF: {CF40ACC5-E1BB-4AFF-AC72-04C2F616BCA7} [You must be registered and logged in to see this link.] (get_atlcom Class)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} [You must be registered and logged in to see this link.] (Shockwave Flash Object)
O16 - DPF: {F127B9BA-89EA-4B04-9C67-2074A9DF61FD} [You must be registered and logged in to see this link.] (Photo Upload Plugin Class)
O16 - DPF: Microsoft XML Parser for Java [You must be registered and logged in to see this link.] (Reg Error: Key error.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 68.94.156.1 68.94.157.1
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\WINDOWS\system32\winlogon32.exe) - C:\WINDOWS\system32\winlogon32.exe (IpVOPqgs)
O20 - Winlogon\Notify\igfxcui: DllName - igfxsrvc.dll - C:\WINDOWS\System32\igfxsrvc.dll (Intel Corporation)
O24 - Desktop WallPaper:
O24 - Desktop BackupWallPaper: C:\Documents and Settings\Administrator\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O32 - HKLM CDRom: AutoRun - 1
O33 - MountPoints2\{37ceba36-8d7a-11dc-bc87-000c41f04185}\Shell\AutoRun\command - "" = F:\JDSecure\Windows\JDSecure31.exe -- File not found
O33 - MountPoints2\{fdd7fc96-e9db-11de-be7c-000c41f04185}\Shell - "" = AutoRun
O33 - MountPoints2\{fdd7fc96-e9db-11de-be7c-000c41f04185}\Shell\AutoRun - "" = Auto&Play
O33 - MountPoints2\{fdd7fc96-e9db-11de-be7c-000c41f04185}\Shell\AutoRun\command - "" = G:\PhotoViewer.exe -- File not found
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35 - comfile [open] -- "%1" %*
O35 - exefile [open] -- "%1" %*

========== Files/Folders - Created Within 30 Days ==========

[2010/01/24 10:20:09 | 00,000,000 | ---D | C] -- C:\Program Files\TrendMicro
[2010/01/24 09:49:54 | 00,000,000 | ---D | C] -- C:\Program Files\InternetSecurity2010
[2010/01/23 22:08:56 | 00,000,000 | ---D | M] -- C:\Documents and Settings\NetworkService\Local Settings\Application Data\Microsoft
[2010/01/23 22:08:56 | 00,000,000 | ---D | M] -- C:\Documents and Settings\LocalService\Local Settings\Application Data\Microsoft
[2010/01/23 22:08:55 | 00,000,000 | --SD | M] -- C:\Documents and Settings\NetworkService\Application Data\Microsoft
[2010/01/23 22:08:55 | 00,000,000 | --SD | M] -- C:\Documents and Settings\LocalService\Application Data\Microsoft
[2010/01/23 18:13:34 | 00,020,480 | ---- | C] (IpVOPqgs) -- C:\WINDOWS\System32\winlogon32.exe
[2010/01/23 18:13:34 | 00,020,480 | ---- | C] (IpVOPqgs) -- C:\WINDOWS\System32\smss32.exe
[2010/01/12 19:12:18 | 00,471,552 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\aclayers.dll
[2009/12/30 19:47:29 | 00,005,504 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mstee.sys
[2009/12/30 19:44:38 | 00,010,880 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ndisip.sys
[2009/12/30 19:44:28 | 00,015,232 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\streamip.sys
[2009/12/30 19:44:27 | 00,016,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\ipsink.ax
[2009/12/30 19:44:27 | 00,016,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ipsink.ax
[2009/12/30 19:44:21 | 00,011,136 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\slip.sys
[2009/12/30 19:44:14 | 00,019,200 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wstcodec.sys
[2009/12/30 19:44:09 | 00,085,248 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\nabtsfec.sys
[2009/12/30 19:44:03 | 00,017,024 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ccdecode.sys
[2009/12/30 19:43:24 | 00,053,760 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\vfwwdm32.dll
[2009/12/30 19:43:24 | 00,053,760 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\vfwwdm32.dll
[2009/12/30 19:43:24 | 00,043,008 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\ksxbar.ax
[2009/12/30 19:43:24 | 00,043,008 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ksxbar.ax
[2009/12/30 19:43:23 | 00,091,136 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kswdmcap.ax
[2009/12/30 19:43:23 | 00,091,136 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kswdmcap.ax
[2009/12/30 19:43:23 | 00,061,952 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kstvtune.ax
[2009/12/30 19:43:23 | 00,061,952 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kstvtune.ax
[2009/12/30 19:42:43 | 00,037,760 | ---- | C] (Service & Quality Technology.) -- C:\WINDOWS\System32\drivers\Capt905c.sys
[2009/12/30 19:42:43 | 00,025,216 | ---- | C] (Service & Quality Technology.) -- C:\WINDOWS\System32\drivers\Camd905c.sys
[2008/12/05 14:35:07 | 00,000,000 | ---D | M] -- C:\Documents and Settings\LocalService\Local Settings\Application Data\Google
[2007/08/28 13:55:02 | 00,000,000 | ---D | M] -- C:\Documents and Settings\NetworkService\Local Settings\Application Data\Apple
[2005/11/22 21:38:06 | 20,921,040 | ---- | C] ( ) -- C:\Program Files\AdbeRdr705_enu_full.exe
[2005/09/12 20:21:12 | 00,000,000 | ---D | M] -- C:\Documents and Settings\NetworkService\Application Data\Symantec
[4 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
[1 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2010/01/24 20:14:21 | 00,000,000 | ---- | M] () -- C:\WINDOWS\System32\41.exe
[2010/01/24 20:14:17 | 00,002,931 | ---- | M] () -- C:\WINDOWS\System32\warning.html
[2010/01/24 20:14:01 | 00,001,158 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2010/01/24 20:13:30 | 00,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2010/01/24 20:12:19 | 00,000,006 | -H-- | M] () -- C:\WINDOWS\tasks\SA.DAT
[2010/01/24 20:10:49 | 04,718,592 | -H-- | M] () -- C:\Documents and Settings\Administrator\ntuser.dat
[2010/01/24 20:10:49 | 00,000,178 | -HS- | M] () -- C:\Documents and Settings\Administrator\ntuser.ini
[2010/01/24 20:07:17 | 00,001,010 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-421591467-158189010-1035158585-500UA.job
[2010/01/24 20:06:52 | 00,000,631 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\ImageMixer destination folder.lnk
[2010/01/24 20:04:21 | 00,001,280 | ---- | M] () -- C:\AClient.cfg
[2010/01/24 18:15:54 | 00,000,438 | -H-- | M] () -- C:\WINDOWS\tasks\User_Feed_Synchronization-{A599B464-9115-4E09-AE36-54CBFCC55CA5}.job
[2010/01/24 14:32:59 | 00,000,000 | ---- | M] () -- C:\WINDOWS\System32\19169.exe
[2010/01/24 14:24:32 | 00,039,363 | ---- | M] () -- C:\Documents and Settings\Administrator\My Documents\10ALAuction.ods
[2010/01/24 14:24:24 | 00,043,442 | ---- | M] () -- C:\Documents and Settings\Administrator\My Documents\10NLAuction.ods
[2010/01/24 14:12:58 | 00,000,000 | ---- | M] () -- C:\WINDOWS\System32\26500.exe
[2010/01/24 13:52:58 | 00,000,000 | ---- | M] () -- C:\WINDOWS\System32\6334.exe
[2010/01/24 13:32:58 | 00,000,000 | ---- | M] () -- C:\WINDOWS\System32\18467.exe
[2010/01/24 10:03:24 | 03,952,746 | -H-- | M] () -- C:\Documents and Settings\Administrator\Local Settings\Application Data\IconCache.db
[2010/01/23 22:00:35 | 00,000,000 | ---- | M] () -- C:\WINDOWS\System32\28145.exe
[2010/01/23 21:40:25 | 00,000,000 | ---- | M] () -- C:\WINDOWS\System32\5705.exe
[2010/01/23 21:20:16 | 00,000,000 | ---- | M] () -- C:\WINDOWS\System32\24464.exe
[2010/01/23 21:00:12 | 00,000,000 | ---- | M] () -- C:\WINDOWS\System32\26962.exe
[2010/01/23 20:39:47 | 00,000,000 | ---- | M] () -- C:\WINDOWS\System32\29358.exe
[2010/01/23 20:26:07 | 00,004,806 | -H-- | M] () -- C:\ffastun.ffa
[2010/01/23 20:26:06 | 00,315,392 | -H-- | M] () -- C:\ffastun.ffo
[2010/01/23 20:25:58 | 02,797,568 | -H-- | M] () -- C:\ffastun0.ffx
[2010/01/23 20:25:58 | 01,671,168 | -H-- | M] () -- C:\ffastun.ffl
[2010/01/23 20:19:32 | 00,000,000 | ---- | M] () -- C:\WINDOWS\System32\11478.exe
[2010/01/23 19:59:31 | 00,000,000 | ---- | M] () -- C:\WINDOWS\System32\15724.exe
[2010/01/23 18:18:47 | 00,018,432 | ---- | M] () -- C:\WINDOWS\System32\helper32.dll
[2010/01/23 18:13:36 | 00,000,001 | ---- | M] () -- C:\s
[2010/01/23 18:13:31 | 00,020,480 | ---- | M] (IpVOPqgs) -- C:\WINDOWS\System32\winlogon32.exe
[2010/01/23 18:13:31 | 00,020,480 | ---- | M] (IpVOPqgs) -- C:\WINDOWS\System32\smss32.exe
[2010/01/22 23:14:27 | 00,026,624 | ---- | M] () -- C:\Documents and Settings\Administrator\My Documents\012210lnnchoop.doc
[2010/01/22 22:16:52 | 00,002,473 | ---- | M] () -- C:\Documents and Settings\Administrator\Desktop\Microsoft Word.lnk
[2010/01/21 19:15:40 | 00,002,137 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\iTunes.lnk
[2010/01/19 08:07:33 | 00,000,638 | ---- | M] () -- C:\WINDOWS\tasks\Norton Internet Security - Run Full System Scan - Administrator.job
[2010/01/19 04:07:04 | 00,000,958 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-421591467-158189010-1035158585-500Core.job
[2010/01/13 03:07:50 | 00,001,374 | ---- | M] () -- C:\WINDOWS\imsins.BAK
[2010/01/11 12:12:41 | 00,000,284 | ---- | M] () -- C:\WINDOWS\tasks\AppleSoftwareUpdate.job
[2009/12/30 19:42:45 | 00,000,531 | ---- | M] () -- C:\WINDOWS\win.ini
[2009/12/30 19:41:57 | 00,000,949 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Disney Pix Micro Downloader.lnk
[2009/12/30 19:01:07 | 00,000,734 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Disney Pix 2.lnk
[4 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
[1 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]

========== Files Created - No Company Name ==========

[2010/01/24 20:14:17 | 00,002,931 | ---- | C] () -- C:\WINDOWS\System32\warning.html
[2010/01/24 20:06:43 | 00,000,000 | ---- | C] () -- C:\WINDOWS\System32\41.exe
[2010/01/23 22:00:35 | 00,000,000 | ---- | C] () -- C:\WINDOWS\System32\28145.exe
[2010/01/23 21:40:25 | 00,000,000 | ---- | C] () -- C:\WINDOWS\System32\5705.exe
[2010/01/23 21:20:16 | 00,000,000 | ---- | C] () -- C:\WINDOWS\System32\24464.exe
[2010/01/23 21:00:12 | 00,000,000 | ---- | C] () -- C:\WINDOWS\System32\26962.exe
[2010/01/23 20:39:47 | 00,000,000 | ---- | C] () -- C:\WINDOWS\System32\29358.exe
[2010/01/23 20:19:32 | 00,000,000 | ---- | C] () -- C:\WINDOWS\System32\11478.exe
[2010/01/23 19:59:31 | 00,000,000 | ---- | C] () -- C:\WINDOWS\System32\15724.exe
[2010/01/23 19:39:28 | 00,000,000 | ---- | C] () -- C:\WINDOWS\System32\19169.exe
[2010/01/23 19:19:25 | 00,000,000 | ---- | C] () -- C:\WINDOWS\System32\26500.exe
[2010/01/23 18:59:21 | 00,000,000 | ---- | C] () -- C:\WINDOWS\System32\6334.exe
[2010/01/23 18:39:18 | 00,000,000 | ---- | C] () -- C:\WINDOWS\System32\18467.exe
[2010/01/23 18:18:47 | 00,018,432 | ---- | C] () -- C:\WINDOWS\System32\helper32.dll
[2010/01/23 18:13:36 | 00,000,001 | ---- | C] () -- C:\s
[2010/01/22 22:49:17 | 00,026,624 | ---- | C] () -- C:\Documents and Settings\Administrator\My Documents\012210lnnchoop.doc
[2009/12/30 19:41:57 | 00,000,949 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Disney Pix Micro Downloader.lnk
[2009/12/30 19:01:07 | 00,000,734 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Disney Pix 2.lnk
[2009/10/10 12:47:16 | 00,000,000 | ---- | C] () -- C:\WINDOWS\OPPRIN~1.INI
[2008/09/08 18:49:25 | 00,053,760 | ---- | C] () -- C:\WINDOWS\System32\Zlib.dll
[2008/04/07 15:48:10 | 00,003,654 | ---- | C] () -- C:\WINDOWS\System32\drivers\Sonyhcp.dll
[2008/01/26 15:34:55 | 00,000,812 | ---- | C] () -- C:\WINDOWS\ka.ini
[2007/11/07 16:41:53 | 00,000,000 | ---- | C] () -- C:\WINDOWS\JDSecure31.INI
[2007/11/07 16:41:49 | 00,061,440 | ---- | C] () -- C:\WINDOWS\System32\LxrJD20Sat.dll
[2007/11/07 16:41:48 | 00,249,856 | ---- | C] () -- C:\WINDOWS\System32\LxrJD31.dll
[2007/11/07 16:41:48 | 00,069,824 | ---- | C] () -- C:\WINDOWS\System32\drivers\LxrJD31d.sys
[2007/10/03 10:19:23 | 00,000,069 | ---- | C] () -- C:\WINDOWS\NeroDigital.ini
[2006/11/06 21:34:57 | 00,001,747 | ---- | C] () -- C:\Documents and Settings\All Users\Application Data\QTSBandwidthCache
[2006/04/30 19:21:38 | 00,000,109 | ---- | C] () -- C:\WINDOWS\webica.ini
[2006/03/24 14:09:50 | 00,972,800 | ---- | C] () -- C:\Program Files\PECOTA_03_21_2006.xls
[2006/02/05 12:32:58 | 00,674,304 | ---- | C] () -- C:\Program Files\PECOTA_01_25_2006.xls
[2006/01/19 10:32:48 | 00,029,696 | ---- | C] () -- C:\Program Files\ALOF_1_.xlr
[2006/01/18 18:25:29 | 00,024,064 | ---- | C] () -- C:\Program Files\ALC.xls
[2006/01/18 18:22:47 | 00,000,893 | ---- | C] () -- C:\WINDOWS\wizards.ini
[2005/11/10 00:27:46 | 42,068,374 | ---- | C] () -- C:\Program Files\NIS06900_2YR.exe
[2005/09/25 11:29:47 | 00,007,812 | ---- | C] () -- C:\WINDOWS\System32\visorusb.dll
[2005/09/24 09:01:28 | 00,098,304 | ---- | C] () -- C:\Documents and Settings\Administrator\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2005/09/23 14:21:06 | 00,000,061 | ---- | C] () -- C:\WINDOWS\ma_Tales.ini
[2005/09/23 14:20:39 | 00,012,074 | ---- | C] () -- C:\WINDOWS\MA_BB.INI
[2005/09/16 09:08:41 | 00,000,113 | ---- | C] () -- C:\WINDOWS\WININIT.INI
[2005/09/13 01:27:13 | 00,000,063 | ---- | C] () -- C:\WINDOWS\mdm.ini
[2005/09/13 01:00:22 | 00,000,376 | ---- | C] () -- C:\WINDOWS\ODBC.INI
[2005/09/12 20:58:01 | 00,040,960 | ---- | C] () -- C:\WINDOWS\System32\IsUser11b.dll
[2005/09/08 22:06:04 | 00,065,536 | ---- | C] () -- C:\WINDOWS\System32\YCRWin32.dll
[2005/08/31 11:43:32 | 00,098,304 | ---- | C] () -- C:\WINDOWS\System32\resourceGeneric.dll
[2005/08/03 13:01:23 | 00,000,061 | ---- | C] () -- C:\WINDOWS\smscfg.ini
[2005/08/03 12:53:02 | 00,049,152 | ---- | C] () -- C:\WINDOWS\EAKUSB.dll
[2005/08/03 12:53:02 | 00,024,576 | ---- | C] () -- C:\WINDOWS\MAKHkdll.dll
[2005/08/03 12:51:10 | 00,000,044 | ---- | C] () -- C:\WINDOWS\System32\msssc.dll
[2003/07/14 14:30:28 | 00,197,120 | ---- | C] () -- C:\WINDOWS\patchw32.dll
[2002/05/08 04:12:22 | 00,001,065 | ---- | C] () -- C:\WINDOWS\System32\oeminfo.ini
[1998/05/14 00:00:00 | 00,116,736 | ---- | C] () -- C:\WINDOWS\System32\PCDLIB32.DLL
[1997/11/10 15:18:48 | 00,010,240 | ---- | C] () -- C:\WINDOWS\System32\vidx16.dll
[1997/08/19 00:00:00 | 00,022,016 | ---- | C] () -- C:\WINDOWS\System32\DOCOBJ.DLL
[1997/08/19 00:00:00 | 00,012,288 | ---- | C] () -- C:\WINDOWS\System32\HLINKPRX.DLL

nstnewell
Novice
Novice

Posts Posts : 11
Joined Joined : 2010-01-24
OS OS : Windows XP
Points Points : 25233
# Likes # Likes : 0

View user profile

Back to top Go down

Re: Internet Security 2010

Post by nstnewell on Mon Jan 25, 2010 1:57 am

Part 6

< End of report >
SRV - File not found [Disabled | Stopped] -- -- (NMIndexingService)
SRV - File not found [Auto | Stopped] -- -- ($sys$DRMServer)
SRV - [2009/10/28 20:21:14 | 00,545,568 | ---- | M] (Apple Inc.) [On_Demand | Stopped] -- C:\Program Files\iPod\bin\iPodService.exe -- (iPod Service)
SRV - [2009/09/28 08:42:50 | 00,109,056 | ---- | M] (ArcSoft Inc.) [Auto | Stopped] -- C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACService.exe -- (ACDaemon)
SRV - [2009/06/05 10:48:14 | 00,144,712 | ---- | M] (Apple Inc.) [Auto | Stopped] -- C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe -- (Apple Mobile Device)
SRV - [2008/12/12 11:17:38 | 00,238,888 | ---- | M] (Apple Inc.) [Auto | Stopped] -- C:\Program Files\Bonjour\mDNSResponder.exe -- (Bonjour Service)
SRV - [2008/10/17 14:52:10 | 00,149,352 | ---- | M] (Symantec Corporation) [Auto | Stopped] -- C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe -- (LiveUpdate Notice)
SRV - [2008/10/17 14:52:10 | 00,149,352 | ---- | M] (Symantec Corporation) [Auto | Stopped] -- C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe -- (CLTNetCnService)
SRV - [2008/10/17 14:52:10 | 00,149,352 | ---- | M] (Symantec Corporation) [Auto | Stopped] -- C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe -- (ccSetMgr)
SRV - [2008/10/17 14:52:10 | 00,149,352 | ---- | M] (Symantec Corporation) [Auto | Stopped] -- C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe -- (ccEvtMgr)
SRV - [2008/10/10 05:45:26 | 00,013,088 | ---- | M] (Intuit Inc.) [Auto | Stopped] -- C:\Program Files\Common Files\Intuit\Update Service\IntuitUpdateService.exe -- (IntuitUpdateService)
SRV - [2008/01/23 15:59:05 | 01,251,720 | ---- | M] () [On_Demand | Stopped] -- C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe -- (Symantec Core LC)
SRV - [2007/11/07 16:41:48 | 00,071,168 | ---- | M] () [Auto | Stopped] -- C:\WINDOWS\System32\LxrJD31s.exe -- (LxrJD31s)
SRV - [2007/08/31 10:49:50 | 00,243,064 | ---- | M] (Symantec Corporation) [Auto | Stopped] -- C:\Program Files\Symantec\LiveUpdate\AluSchedulerSvc.exe -- (Automatic LiveUpdate Scheduler)
SRV - [2007/08/23 15:35:22 | 03,192,184 | ---- | M] (Symantec Corporation) [On_Demand | Stopped] -- C:\Program Files\Symantec\LiveUpdate\LuComServer_3_4.EXE -- (LiveUpdate)
SRV - [2007/08/22 02:21:30 | 00,055,640 | ---- | M] (Symantec Corporation) [On_Demand | Stopped] -- C:\Program Files\Common Files\Symantec Shared\VAScanner\comHost.exe -- (comHost)
SRV - [2007/01/03 20:40:21 | 00,136,120 | ---- | M] (Google) [On_Demand | Stopped] -- C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe -- (gusvc)
SRV - [2004/10/07 09:42:57 | 00,167,936 | ---- | M] () [Auto | Stopped] -- C:\WINDOWS\CDProxyServ.exe -- (CD_Proxy)
SRV - [2004/08/23 08:31:34 | 04,845,644 | ---- | M] (Altiris, Inc.) [Auto | Stopped] -- C:\Program Files\Aclient\AClient.exe -- (AClient)
SRV - [2002/09/20 17:50:10 | 00,045,056 | ---- | M] (Analog Devices, Inc.) [Auto | Stopped] -- C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe -- (SoundMAX Agent Service (default))


========== Driver Services (SafeList) ==========

DRV - [2009/11/19 22:02:58 | 00,268,664 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Stopped] -- C:\Program Files\Common Files\Symantec Shared\SymcData\ipsdefs\20100119.001\SymIDSCo.sys -- (SYMIDSCO)
DRV - [2009/08/28 18:42:52 | 00,040,448 | ---- | M] (Apple, Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\usbaapl.sys -- (USBAAPL)
DRV - [2009/08/27 03:00:00 | 00,371,248 | ---- | M] (Symantec Corporation) [Kernel | System | Stopped] -- C:\Program Files\Common Files\Symantec Shared\EENGINE\eeCtrl.sys -- (eeCtrl)
DRV - [2009/08/27 03:00:00 | 00,102,448 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Stopped] -- C:\Program Files\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys -- (EraserUtilRebootDrv)
DRV - [2009/08/25 03:00:00 | 01,323,568 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Stopped] -- C:\Program Files\Common Files\Symantec Shared\VirusDefs\20100123.003\NAVEX15.SYS -- (NAVEX15)
DRV - [2009/08/25 03:00:00 | 00,084,912 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Stopped] -- C:\Program Files\Common Files\Symantec Shared\VirusDefs\20100123.003\NAVENG.SYS -- (NAVENG)
DRV - [2009/05/18 13:17:00 | 00,026,600 | ---- | M] (GEAR Software Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\GEARAspiWDM.sys -- (GEARAspiWDM)
DRV - [2009/02/19 11:31:42 | 00,031,280 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\SymIM.sys -- (SymIMMP)
DRV - [2009/02/19 11:31:42 | 00,031,280 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\SymIM.sys -- (SymIM)
DRV - [2009/02/19 11:31:16 | 00,184,496 | ---- | M] (Symantec Corporation) [Kernel | System | Stopped] -- C:\WINDOWS\System32\Drivers\SYMTDI.SYS -- (SYMTDI)
DRV - [2009/02/19 11:31:16 | 00,096,560 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\System32\Drivers\SYMFW.SYS -- (SYMFW)
DRV - [2009/02/19 11:31:16 | 00,038,576 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\System32\Drivers\SYMIDS.SYS -- (SYMIDS)
DRV - [2009/02/19 11:31:16 | 00,037,424 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\System32\Drivers\SYMNDIS.SYS -- (SYMNDIS)
DRV - [2009/02/19 11:31:16 | 00,022,320 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\System32\Drivers\SYMREDRV.SYS -- (SYMREDRV)
DRV - [2009/02/19 11:31:16 | 00,013,616 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\System32\Drivers\SYMDNS.SYS -- (SYMDNS)
DRV - [2009/01/09 09:54:07 | 00,124,464 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\SYMEVENT.SYS -- (SymEvent)
DRV - [2008/11/20 14:19:06 | 00,043,872 | ---- | M] (Sonic Solutions) [Kernel | Boot | Running] -- C:\WINDOWS\System32\Drivers\PxHelp20.sys -- (PxHelp20)
DRV - [2008/09/05 13:31:42 | 00,447,024 | ---- | M] (Symantec Corporation) [Kernel | System | Stopped] -- C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCDrv.sys -- (SPBBCDrv)
DRV - [2008/07/30 16:42:12 | 00,023,888 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\COH_Mon.sys -- (COH_Mon)
DRV - [2007/11/30 23:57:12 | 00,317,616 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\srtspl.sys -- (SRTSPL)
DRV - [2007/11/30 23:57:12 | 00,279,088 | ---- | M] (Symantec Corporation) [File_System | System | Stopped] -- C:\WINDOWS\system32\drivers\srtsp.sys -- (SRTSP)
DRV - [2007/11/30 23:57:12 | 00,043,696 | ---- | M] (Symantec Corporation) [Kernel | System | Stopped] -- C:\WINDOWS\system32\drivers\srtspx.sys -- (SRTSPX)
DRV - [2007/11/13 05:25:53 | 00,020,480 | ---- | M] (Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\secdrv.sys -- (Secdrv)
DRV - [2007/11/07 16:41:48 | 00,069,824 | ---- | M] () [Kernel | Auto | Stopped] -- C:\WINDOWS\system32\drivers\LxrJD31d.sys -- (LxrJD31d)
DRV - [2007/08/08 18:39:56 | 00,036,056 | ---- | M] (Symantec Corporation) [Kernel | Auto | Stopped] -- C:\WINDOWS\system32\drivers\CO_Mon.sys -- (CO_Mon)
DRV - [2007/05/18 11:41:30 | 00,037,760 | ---- | M] (Service & Quality Technology.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\Capt905c.sys -- (SQTECH905C)
DRV - [2005/11/10 00:34:45 | 00,010,344 | ---- | M] (Symantec Corporation) [Kernel | Auto | Stopped] -- C:\WINDOWS\system32\drivers\symlcbrd.sys -- (symlcbrd)
DRV - [2005/07/04 07:52:50 | 00,018,432 | ---- | M] (First 4 Internet) [Kernel | Boot | Running] -- C:\WINDOWS\System32\Drivers\$sys$cor.sys -- ($sys$cor)
DRV - [2005/07/04 05:51:37 | 00,011,904 | ---- | M] (First 4 Internet) [Kernel | System | Running] -- C:\WINDOWS\system32\$sys$filesystem\crater.sys -- ($sys$crater)
DRV - [2005/04/21 00:33:12 | 00,112,384 | R--- | M] (NETGEAR Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\wg111v2.sys -- (RTLWUSB)
DRV - [2004/11/16 08:46:38 | 00,190,592 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\b57xp32.sys -- (b57w2k)
DRV - [2004/09/30 12:05:12 | 00,752,093 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ialmnt5.sys -- (ialm)
DRV - [2004/08/04 03:00:00 | 00,017,792 | ---- | M] (Parallel Technologies, Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ptilink.sys -- (Ptilink)
DRV - [2004/08/03 22:31:20 | 00,036,224 | ---- | M] (ADMtek Incorporated.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\an983.sys -- (AN983)
DRV - [2004/08/03 12:29:50 | 00,019,455 | ---- | M] (Intel(R) Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\wVchNTxx.sys -- (iAimFP4)
DRV - [2004/08/03 12:29:48 | 00,012,063 | ---- | M] (Intel(R) Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\wSiINTxx.sys -- (iAimFP3)
DRV - [2004/08/03 12:29:46 | 00,025,471 | ---- | M] (Intel(R) Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\wATV10nt.sys -- (iAimTV5)
DRV - [2004/08/03 12:29:46 | 00,023,615 | ---- | M] (Intel(R) Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\wCh7xxNT.sys -- (iAimTV4)
DRV - [2004/08/03 12:29:46 | 00,022,271 | ---- | M] (Intel(R) Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\wATV06nt.sys -- (iAimTV6)
DRV - [2004/08/03 12:29:44 | 00,033,599 | ---- | M] (Intel(R) Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\wATV04nt.sys -- (iAimTV3)
DRV - [2004/08/03 12:29:44 | 00,019,551 | ---- | M] (Intel(R) Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\wATV02NT.sys -- (iAimTV1)
DRV - [2004/08/03 12:29:42 | 00,029,311 | ---- | M] (Intel(R) Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\wATV01nt.sys -- (iAimTV0)
DRV - [2004/08/03 12:29:42 | 00,011,871 | ---- | M] (Intel(R) Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\wADV09NT.sys -- (iAimFP7)
DRV - [2004/08/03 12:29:40 | 00,011,807 | ---- | M] (Intel(R) Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\wADV07nt.sys -- (iAimFP5)
DRV - [2004/08/03 12:29:40 | 00,011,295 | ---- | M] (Intel(R) Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\wADV08NT.sys -- (iAimFP6)
DRV - [2004/08/03 12:29:38 | 00,161,020 | ---- | M] (Intel(R) Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\i81xnt5.sys -- (i81x)
DRV - [2004/08/03 12:29:38 | 00,012,415 | ---- | M] (Intel(R) Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\wADV01nt.sys -- (iAimFP0)
DRV - [2004/08/03 12:29:38 | 00,012,127 | ---- | M] (Intel(R) Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\wADV02NT.sys -- (iAimFP1)
DRV - [2004/08/03 12:29:38 | 00,011,775 | ---- | M] (Intel(R) Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\wADV05NT.sys -- (iAimFP2)
DRV - [2004/04/15 13:20:36 | 00,612,416 | ---- | M] (Analog Devices, Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\smwdm.sys -- (smwdm)
DRV - [2004/02/04 13:34:16 | 00,051,584 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\baspxp32.sys -- (Blfp)
DRV - [2003/10/23 06:17:10 | 00,100,384 | ---- | M] (Andrea Electronics Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\aeaudio.sys -- (aeaudio)
DRV - [2002/05/08 13:44:42 | 00,105,472 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\WINDOWS\system32\DRIVERS\adpu320.sys -- (adpu320)
DRV - [2002/04/04 01:32:06 | 00,028,416 | R--- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\WINDOWS\system32\DRIVERS\symmpi.sys -- (Symmpi)
DRV - [2001/10/24 19:16:10 | 00,036,224 | R--- | M] (LinkSys Group Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\lne100v5.sys -- (LNE100) Linksys LNE100TX(v5)
DRV - [2001/08/30 10:15:36 | 00,019,968 | ---- | M] (Handspring, Inc) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\VisorUsb.sys -- (VisorUsb)
DRV - [2001/08/17 12:56:16 | 00,007,552 | ---- | M] (Sony Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\SONYPVU1.SYS -- (SONYPVU1) Sony USB Filter Driver (SONYPVU1)
DRV - [2001/08/17 11:07:42 | 00,030,688 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\WINDOWS\system32\DRIVERS\sym_u3.sys -- (sym_u3)
DRV - [2001/08/17 11:07:40 | 00,028,384 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\WINDOWS\system32\DRIVERS\sym_hi.sys -- (sym_hi)
DRV - [2001/08/17 11:07:36 | 00,032,640 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\WINDOWS\system32\DRIVERS\symc8xx.sys -- (symc8xx)
DRV - [2001/08/17 11:07:34 | 00,016,256 | ---- | M] (Symbios Logic Inc.) [Kernel | Disabled | Stopped] -- C:\WINDOWS\system32\DRIVERS\symc810.sys -- (symc810)
DRV - [2001/08/17 02:20:04 | 00,096,256 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ac97intc.sys -- (ac97intc) Intel(r) 82801 Audio Driver Install Service (WDM)
DRV - [2001/08/17 02:12:10 | 00,117,760 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\e100b325.sys -- (E100B) Intel(R)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,CustomSearch = [You must be registered and logged in to see this link.]

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,SearchMigratedDefaultName = Yahoo! Search
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,SearchMigratedDefaultURL = [You must be registered and logged in to see this link.]
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = [You must be registered and logged in to see this link.]
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local

========== FireFox ==========

FF - prefs.js..browser.search.defaultenginename: "Yahoo! Search"
FF - prefs.js..browser.search.defaulturl: "http://www.google.com/search?lr=&ie=UTF-8&oe=UTF-8&q="
FF - prefs.js..browser.search.selectedEngine: "Yahoo! Search"
FF - prefs.js..keyword.URL: "http://us.yhs.search.yahoo.com/avg/search?fr=yhs-avgb&type=yahoo_avg_hs2-tb-web_us&p="

FF - HKLM\software\mozilla\Mozilla Firefox 3.5.7\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2010/01/20 12:31:40 | 00,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.5.7\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2010/01/20 12:31:40 | 00,000,000 | ---D | M]

[2009/01/13 11:38:39 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Application Data\Mozilla\Extensions
[2010/01/24 13:56:24 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\cldhl1pz.default\extensions
[2008/08/09 12:31:12 | 00,000,000 | ---D | M] (Yahoo! Toolbar) -- C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\cldhl1pz.default\extensions\{635abd67-4fe9-1b23-4f01-e679fa7484c1}
[2010/01/24 13:56:24 | 00,000,000 | ---D | M] -- C:\Program Files\Mozilla Firefox\extensions
[2007/05/24 20:16:01 | 00,000,000 | ---D | M] (Google Toolbar for Firefox) -- C:\Program Files\Mozilla Firefox\extensions\{3112ca9c-de6d-4884-a869-9855de68056c}
[2007/08/24 22:52:00 | 00,300,400 | ---- | M] (Symantec Corporation) -- C:\Program Files\Mozilla Firefox\components\coFFPlgn.dll
[2006/01/18 11:50:00 | 00,319,488 | ---- | M] ( ) -- C:\Program Files\Mozilla Firefox\plugins\npsnapfish.dll

O1 HOSTS File: ([2004/08/04 03:00:00 | 00,000,734 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (no name) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - No CLSID value found.
O2 - BHO: (Adobe PDF Reader Link Helper) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
O2 - BHO: (AVG Safe Search) - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG8\avgssie.dll File not found
O2 - BHO: (no name) - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files\Common Files\Symantec Shared\coShared\Browser\2.0\CoIEPlg.dll (Symantec Corporation)
O2 - BHO: (Symantec Intrusion Prevention) - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files\Common Files\Symantec Shared\IDS\IPSBHO.dll (Symantec Corporation)
O2 - BHO: (SSVHelper Class) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll (Sun Microsystems, Inc.)
O2 - BHO: (DCA BHO) - {B49699FC-1665-4414-A1CB-C4A2A4A13EEC} - C:\Program Files\Upromise\dca-bho.dll (Compete, Inc.)
O2 - BHO: (Upromise TurboSaver) - {EDC0F17F-F4B7-47e4-B73E-887FAEB376FA} - C:\Program Files\Upromise\upromisetoolbar.dll (Upromise, Inc.)
O3 - HKLM\..\Toolbar: (Upromise TurboSaver) - {06E58E5E-F8CB-4049-991E-A41C03BD419E} - C:\Program Files\Upromise\upromisetoolbar.dll (Upromise, Inc.)
O3 - HKLM\..\Toolbar: (Show Norton Toolbar) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files\Common Files\Symantec Shared\coShared\Browser\2.0\CoIEPlg.dll (Symantec Corporation)
O3 - HKLM\..\Toolbar: (no name) - {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - No CLSID value found.
O3 - HKCU\..\Toolbar\ShellBrowser: (no name) - {C4069E3A-68F1-403E-B40E-20066696354B} - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (Show Norton Toolbar) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files\Common Files\Symantec Shared\coShared\Browser\2.0\CoIEPlg.dll (Symantec Corporation)
O4 - HKLM..\Run: [AClntUsr] C:\Program Files\Aclient\AClntUsr.EXE ()
O4 - HKLM..\Run: [AppleSyncNotifier] C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleSyncNotifier.exe (Apple Inc.)
O4 - HKLM..\Run: [ArcSoft Connection Service] C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe (ArcSoft Inc.)
O4 - HKLM..\Run: [bacstray] C:\Program Files\Broadcom\BACS\BacsTray.exe (Broadcom Corporation)
O4 - HKLM..\Run: [BJCFD] C:\Program Files\BroadJump\Client Foundation\CFD.exe ()
O4 - HKLM..\Run: [ccApp] C:\Program Files\Common Files\Symantec Shared\ccApp.exe (Symantec Corporation)
O4 - HKLM..\Run: [HotKeysCmds] C:\WINDOWS\system32\hkcmd.exe (Intel Corporation)
O4 - HKLM..\Run: [IgfxTray] C:\WINDOWS\system32\igfxtray.exe (Intel Corporation)
O4 - HKLM..\Run: [IPInSightLAN 02] C:\Program Files\Visual Networks\Visual IP InSight\SBC\IPClient.exe (Visual Networks)
O4 - HKLM..\Run: [IPInSightMonitor 02] C:\Program Files\Visual Networks\Visual IP InSight\SBC\IPMon32.exe (Visual Networks)
O4 - HKLM..\Run: [iTunesHelper] C:\Program Files\iTunes\iTunesHelper.exe (Apple Inc.)
O4 - HKLM..\Run: [MAKTray] C:\WINDOWS\MAKTray.exe (Hewlett-Packard Development Company, L.P.)
O4 - HKLM..\Run: [osCheck] C:\Program Files\Norton Internet Security\osCheck.exe (Symantec Corporation)
O4 - HKLM..\Run: [PDF Complete] C:\Program Files\PDF Complete\pdfsty.exe (PDF Complete Inc)
O4 - HKLM..\Run: [QuickTime Task] C:\Program Files\QuickTime\QTTask.exe (Apple Inc.)
O4 - HKLM..\Run: [SetRefresh] C:\Program Files\Compaq\SetRefresh\SetRefresh.exe (Hewlett-Packard Company)
O4 - HKLM..\Run: [Smapp] C:\Program Files\Analog Devices\SoundMAX\SMTray.exe (Analog Devices, Inc.)
O4 - HKLM..\Run: [smss32.exe] C:\WINDOWS\system32\smss32.exe (IpVOPqgs)
O4 - HKLM..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe (Sun Microsystems, Inc.)
O4 - HKCU..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe File not found
O4 - HKCU..\Run: [Google Update] C:\Documents and Settings\Administrator\Local Settings\Application Data\Google\Update\GoogleUpdate.exe (Google Inc.)
O4 - HKCU..\Run: [Internet Security 2010] C:\Program Files\InternetSecurity2010\IS2010.exe (Internet Security)
O4 - HKCU..\Run: [Reminder] C:\Program Files\Microsoft Money\System\REMINDER.EXE (Microsoft Corporation)
O4 - HKCU..\Run: [updateMgr] C:\Program Files\Adobe\Acrobat 7.0\Reader\AdobeUpdateManager.exe (Adobe Systems Incorporated)
O4 - HKCU..\Run: [Upromise Tray] C:\Program Files\Upromise\UpromiseTray.exe ()
O4 - HKCU..\Run: [Upromise Update] C:\Program Files\Upromise\dca-ua.exe (Compete Inc)
O4 - HKCU..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\wmpnscfg.exe (Microsoft Corporation)
O4 - HKCU..\Run: [XPAgent] C:\WINDOWS\System32\XPAgent.exe File not found
O4 - Startup: C:\Documents and Settings\Administrator\Start Menu\Programs\Startup\GoZone iSync.lnk = C:\Program Files\GoZone\GoZone_iSync.exe (Virgin HealthMiles Inc.)
O4 - Startup: C:\Documents and Settings\Administrator\Start Menu\Programs\Startup\HotSync Manager.lnk = C:\Program Files\Handspring\HOTSYNC.EXE (Palm Computing, Inc.)
O4 - Startup: C:\Documents and Settings\Administrator\Start Menu\Programs\Startup\OpenOffice.org 2.2.lnk = C:\Program Files\OpenOffice.org 2.2\program\quickstart.exe ()
O4 - Startup: C:\Documents and Settings\Administrator\Start Menu\Programs\Startup\Picture Motion Browser Media Check Tool.lnk = C:\Program Files\Sony\Sony Picture Utility\VolumeWatcher\SPUVolumeWatcher.exe (Sony Corporation)
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe (Adobe Systems Incorporated)
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\ImageMixer for HDD Camcorder.lnk = C:\Program Files\PIXELA\ImageMixer for HDD Camcorder\IMx3Launcher.exe (PIXELA CORPORATION)
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Kodak EasyShare software.lnk = C:\Program Files\Kodak\Kodak EasyShare software\bin\EasyShare.exe (Eastman Kodak Company)
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Microsoft Find Fast.lnk = C:\Program Files\Microsoft Office\FINDFAST.EXE ()
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office\OSA9.EXE (Microsoft Corporation)
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Office Startup.lnk = C:\Program Files\Microsoft Office\OSA.EXE ()
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Philips GoGear VIBE Device Manager.lnk = C:\Program Files\Philips\GoGear VIBE Device Manager\GoGear_Vibe_DeviceManager.exe (Philips)
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Snapfish PictureMover.lnk = C:\Program Files\Snapfish PictureMover\PictureMover.exe ()
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoSetActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoSetActiveDesktop = 1
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableTaskMgr = 1
O8 - Extra context menu item: Add to Google Photos Screensa&ver - C:\WINDOWS\System32\GPhotos.scr (Google Inc.)
O9 - Extra Button: Upromise TurboSaver - {06E58E5E-F8CB-4049-991E-A41C03BD419E} - C:\Program Files\Upromise\upromisetoolbar.dll (Upromise, Inc.)
O9 - Extra 'Tools' menuitem : Upromise TurboSaver - {06E58E5E-F8CB-4049-991E-A41C03BD419E} - C:\Program Files\Upromise\upromisetoolbar.dll (Upromise, Inc.)
O9 - Extra 'Tools' menuitem : Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\npjpi160_07.dll (Sun Microsystems, Inc.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O10 - Protocol_Catalog9\Catalog_Entries\000000000001 - C:\WINDOWS\System32\helper32.dll ()
O10 - Protocol_Catalog9\Catalog_Entries\000000000019 - C:\WINDOWS\System32\helper32.dll ()
O15 - HKLM\..Trusted Domains: 1 domain(s) and sub-domain(s) not assigned to a zone.
O15 - HKCU\..Trusted Domains: e-rewards.com ([www] https in Trusted sites)
O15 - HKCU\..Trusted Domains: turbotax.com ([]https in Trusted sites)
O15 - HKCU\..Trusted Domains: 1 domain(s) and sub-domain(s) not assigned to a zone.
O16 - DPF: {0C92900E-4D5A-4F04-ACC9-729E1767BBAE} [You must be registered and logged in to see this link.] (Image Uploader Control)
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} [You must be registered and logged in to see this link.] (Windows Genuine Advantage Validation Tool)
O16 - DPF: {1E2941E3-8E63-11D4-9D5A-00902742D6E0} [You must be registered and logged in to see this link.] (iNotes Class)
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} C:\Program Files\Yahoo!\Common\Yinsthelper.dll (Installation Support)
O16 - DPF: {3BFFE033-BF43-11D5-A271-00A024A51325} [You must be registered and logged in to see this link.] (iNotes6 Class)
O16 - DPF: {406B5949-7190-4245-91A9-30A17DE16AD0} [You must be registered and logged in to see this link.] (Snapfish Activia)
O16 - DPF: {895D1291-D5BD-4982-BA84-AD11D29C1D6A} [You must be registered and logged in to see this link.] (Image Uploader Control)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} [You must be registered and logged in to see this link.] (Java Plug-in 1.6.0_07)
O16 - DPF: {9600F64D-755F-11D4-A47F-0001023E6D5A} [You must be registered and logged in to see this link.] (Shutterfly Picture Upload Plugin)
O16 - DPF: {AE6C4705-0F11-4ACB-BDD4-37F138BEF289} [You must be registered and logged in to see this link.] (Image Uploader Control)
O16 - DPF: {CAFEEFAC-0015-0000-0000-ABCDEFFEDCBA} [You must be registered and logged in to see this link.] (Java Plug-in 1.5.0)
O16 - DPF: {CAFEEFAC-0016-0000-0000-ABCDEFFEDCBA} [You must be registered and logged in to see this link.] (Java Plug-in 1.6.0)
O16 - DPF: {CAFEEFAC-0016-0000-0001-ABCDEFFEDCBA} [You must be registered and logged in to see this link.] (Java Plug-in 1.6.0_01)
O16 - DPF: {CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA} [You must be registered and logged in to see this link.] (Java Plug-in 1.6.0_07)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} [You must be registered and logged in to see this link.] (Java Plug-in 1.6.0_07)
O16 - DPF: {CF40ACC5-E1BB-4AFF-AC72-04C2F616BCA7} [You must be registered and logged in to see this link.] (get_atlcom Class)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} [You must be registered and logged in to see this link.] (Shockwave Flash Object)
O16 - DPF: {F127B9BA-89EA-4B04-9C67-2074A9DF61FD} [You must be registered and logged in to see this link.] (Photo Upload Plugin Class)
O16 - DPF: Microsoft XML Parser for Java [You must be registered and logged in to see this link.] (Reg Error: Key error.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 68.94.156.1 68.94.157.1
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\WINDOWS\system32\winlogon32.exe) - C:\WINDOWS\system32\winlogon32.exe (IpVOPqgs)
O20 - Winlogon\Notify\igfxcui: DllName - igfxsrvc.dll - C:\WINDOWS\System32\igfxsrvc.dll (Intel Corporation)
O24 - Desktop WallPaper:
O24 - Desktop BackupWallPaper: C:\Documents and Settings\Administrator\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O32 - HKLM CDRom: AutoRun - 1
O33 - MountPoints2\{37ceba36-8d7a-11dc-bc87-000c41f04185}\Shell\AutoRun\command - "" = F:\JDSecure\Windows\JDSecure31.exe -- File not found
O33 - MountPoints2\{fdd7fc96-e9db-11de-be7c-000c41f04185}\Shell - "" = AutoRun
O33 - MountPoints2\{fdd7fc96-e9db-11de-be7c-000c41f04185}\Shell\AutoRun - "" = Auto&Play
O33 - MountPoints2\{fdd7fc96-e9db-11de-be7c-000c41f04185}\Shell\AutoRun\command - "" = G:\PhotoViewer.exe -- File not found
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35 - comfile [open] -- "%1" %*
O35 - exefile [open] -- "%1" %*

========== Files/Folders - Created Within 30 Days ==========

[2010/01/24 10:20:09 | 00,000,000 | ---D | C] -- C:\Program Files\TrendMicro
[2010/01/24 09:49:54 | 00,000,000 | ---D | C] -- C:\Program Files\InternetSecurity2010
[2010/01/23 22:08:56 | 00,000,000 | ---D | M] -- C:\Documents and Settings\NetworkService\Local Settings\Application Data\Microsoft
[2010/01/23 22:08:56 | 00,000,000 | ---D | M] -- C:\Documents and Settings\LocalService\Local Settings\Application Data\Microsoft
[2010/01/23 22:08:55 | 00,000,000 | --SD | M] -- C:\Documents and Settings\NetworkService\Application Data\Microsoft
[2010/01/23 22:08:55 | 00,000,000 | --SD | M] -- C:\Documents and Settings\LocalService\Application Data\Microsoft
[2010/01/23 18:13:34 | 00,020,480 | ---- | C] (IpVOPqgs) -- C:\WINDOWS\System32\winlogon32.exe
[2010/01/23 18:13:34 | 00,020,480 | ---- | C] (IpVOPqgs) -- C:\WINDOWS\System32\smss32.exe
[2010/01/12 19:12:18 | 00,471,552 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\aclayers.dll
[2009/12/30 19:47:29 | 00,005,504 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mstee.sys
[2009/12/30 19:44:38 | 00,010,880 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ndisip.sys
[2009/12/30 19:44:28 | 00,015,232 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\streamip.sys
[2009/12/30 19:44:27 | 00,016,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\ipsink.ax
[2009/12/30 19:44:27 | 00,016,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ipsink.ax
[2009/12/30 19:44:21 | 00,011,136 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\slip.sys
[2009/12/30 19:44:14 | 00,019,200 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wstcodec.sys
[2009/12/30 19:44:09 | 00,085,248 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\nabtsfec.sys
[2009/12/30 19:44:03 | 00,017,024 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ccdecode.sys
[2009/12/30 19:43:24 | 00,053,760 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\vfwwdm32.dll
[2009/12/30 19:43:24 | 00,053,760 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\vfwwdm32.dll
[2009/12/30 19:43:24 | 00,043,008 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\ksxbar.ax
[2009/12/30 19:43:24 | 00,043,008 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ksxbar.ax
[2009/12/30 19:43:23 | 00,091,136 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kswdmcap.ax
[2009/12/30 19:43:23 | 00,091,136 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kswdmcap.ax
[2009/12/30 19:43:23 | 00,061,952 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kstvtune.ax
[2009/12/30 19:43:23 | 00,061,952 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kstvtune.ax
[2009/12/30 19:42:43 | 00,037,760 | ---- | C] (Service & Quality Technology.) -- C:\WINDOWS\System32\drivers\Capt905c.sys
[2009/12/30 19:42:43 | 00,025,216 | ---- | C] (Service & Quality Technology.) -- C:\WINDOWS\System32\drivers\Camd905c.sys
[2009/12/30 19:42:37 | 00,000,000 | ---D | C] -- C:\Program Files\DB CIF Cam
[2009/12/30 19:41:30 | 00,000,000 | ---D | C] -- C:\Program Files\Disney Pix Micro Downloader
[2009/12/30 18:57:52 | 00,000,000 | ---D | C] -- C:\Program Files\Disney Pix 2.2
[2009/12/27 14:17:06 | 00,000,000 | ---D | C] -- C:\Program Files\Common Files\Wise Installation Wizard
[2008/12/05 14:35:07 | 00,000,000 | ---D | M] -- C:\Documents and Settings\LocalService\Local Settings\Application Data\Google
[2007/08/28 13:55:02 | 00,000,000 | ---D | M] -- C:\Documents and Settings\NetworkService\Local Settings\Application Data\Apple
[2005/11/22 21:38:06 | 20,921,040 | ---- | C] ( ) -- C:\Program Files\AdbeRdr705_enu_full.exe
[2005/09/12 20:21:12 | 00,000,000 | ---D | M] -- C:\Documents and Settings\NetworkService\Application Data\Symantec
[4 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
[1 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2010/01/24 20:14:21 | 00,000,000 | ---- | M] () -- C:\WINDOWS\System32\41.exe
[2010/01/24 20:14:17 | 00,002,931 | ---- | M] () -- C:\WINDOWS\System32\warning.html
[2010/01/24 20:14:01 | 00,001,158 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2010/01/24 20:13:30 | 00,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2010/01/24 20:12:19 | 00,000,006 | -H-- | M] () -- C:\WINDOWS\tasks\SA.DAT
[2010/01/24 20:10:49 | 04,718,592 | -H-- | M] () -- C:\Documents and Settings\Administrator\ntuser.dat
[2010/01/24 20:10:49 | 00,000,178 | -HS- | M] () -- C:\Documents and Settings\Administrator\ntuser.ini
[2010/01/24 20:07:17 | 00,001,010 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-421591467-158189010-1035158585-500UA.job
[2010/01/24 20:06:52 | 00,000,631 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\ImageMixer destination folder.lnk
[2010/01/24 20:04:21 | 00,001,280 | ---- | M] () -- C:\AClient.cfg
[2010/01/24 18:15:54 | 00,000,438 | -H-- | M] () -- C:\WINDOWS\tasks\User_Feed_Synchronization-{A599B464-9115-4E09-AE36-54CBFCC55CA5}.job
[2010/01/24 14:32:59 | 00,000,000 | ---- | M] () -- C:\WINDOWS\System32\19169.exe
[2010/01/24 14:24:32 | 00,039,363 | ---- | M] () -- C:\Documents and Settings\Administrator\My Documents\10ALAuction.ods
[2010/01/24 14:24:24 | 00,043,442 | ---- | M] () -- C:\Documents and Settings\Administrator\My Documents\10NLAuction.ods
[2010/01/24 14:12:58 | 00,000,000 | ---- | M] () -- C:\WINDOWS\System32\26500.exe
[2010/01/24 13:52:58 | 00,000,000 | ---- | M] () -- C:\WINDOWS\System32\6334.exe
[2010/01/24 13:32:58 | 00,000,000 | ---- | M] () -- C:\WINDOWS\System32\18467.exe
[2010/01/24 10:03:24 | 03,952,746 | -H-- | M] () -- C:\Documents and Settings\Administrator\Local Settings\Application Data\IconCache.db
[2010/01/23 22:00:35 | 00,000,000 | ---- | M] () -- C:\WINDOWS\System32\28145.exe
[2010/01/23 21:40:25 | 00,000,000 | ---- | M] () -- C:\WINDOWS\System32\5705.exe
[2010/01/23 21:20:16 | 00,000,000 | ---- | M] () -- C:\WINDOWS\System32\24464.exe
[2010/01/23 21:00:12 | 00,000,000 | ---- | M] () -- C:\WINDOWS\System32\26962.exe
[2010/01/23 20:39:47 | 00,000,000 | ---- | M] () -- C:\WINDOWS\System32\29358.exe
[2010/01/23 20:26:07 | 00,004,806 | -H-- | M] () -- C:\ffastun.ffa
[2010/01/23 20:26:06 | 00,315,392 | -H-- | M] () -- C:\ffastun.ffo
[2010/01/23 20:25:58 | 02,797,568 | -H-- | M] () -- C:\ffastun0.ffx
[2010/01/23 20:25:58 | 01,671,168 | -H-- | M] () -- C:\ffastun.ffl
[2010/01/23 20:19:32 | 00,000,000 | ---- | M] () -- C:\WINDOWS\System32\11478.exe
[2010/01/23 19:59:31 | 00,000,000 | ---- | M] () -- C:\WINDOWS\System32\15724.exe
[2010/01/23 18:18:47 | 00,018,432 | ---- | M] () -- C:\WINDOWS\System32\helper32.dll
[2010/01/23 18:13:36 | 00,000,001 | ---- | M] () -- C:\s
[2010/01/23 18:13:31 | 00,020,480 | ---- | M] (IpVOPqgs) -- C:\WINDOWS\System32\winlogon32.exe
[2010/01/23 18:13:31 | 00,020,480 | ---- | M] (IpVOPqgs) -- C:\WINDOWS\System32\smss32.exe
[2010/01/22 23:14:27 | 00,026,624 | ---- | M] () -- C:\Documents and Settings\Administrator\My Documents\012210lnnchoop.doc
[2010/01/22 22:16:52 | 00,002,473 | ---- | M] () -- C:\Documents and Settings\Administrator\Desktop\Microsoft Word.lnk
[2010/01/21 19:15:40 | 00,002,137 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\iTunes.lnk
[2010/01/19 08:07:33 | 00,000,638 | ---- | M] () -- C:\WINDOWS\tasks\Norton Internet Security - Run Full System Scan - Administrator.job
[2010/01/19 04:07:04 | 00,000,958 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-421591467-158189010-1035158585-500Core.job
[2010/01/13 03:07:50 | 00,001,374 | ---- | M] () -- C:\WINDOWS\imsins.BAK
[2010/01/11 12:12:41 | 00,000,284 | ---- | M] () -- C:\WINDOWS\tasks\AppleSoftwareUpdate.job
[2009/12/30 19:42:45 | 00,000,531 | ---- | M] () -- C:\WINDOWS\win.ini
[2009/12/30 19:41:57 | 00,000,949 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Disney Pix Micro Downloader.lnk
[2009/12/30 19:01:07 | 00,000,734 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Disney Pix 2.lnk
[4 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
[1 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]

========== Files Created - No Company Name ==========

[2010/01/24 20:14:17 | 00,002,931 | ---- | C] () -- C:\WINDOWS\System32\warning.html
[2010/01/24 20:06:43 | 00,000,000 | ---- | C] () -- C:\WINDOWS\System32\41.exe
[2010/01/23 22:00:35 | 00,000,000 | ---- | C] () -- C:\WINDOWS\System32\28145.exe
[2010/01/23 21:40:25 | 00,000,000 | ---- | C] () -- C:\WINDOWS\System32\5705.exe
[2010/01/23 21:20:16 | 00,000,000 | ---- | C] () -- C:\WINDOWS\System32\24464.exe
[2010/01/23 21:00:12 | 00,000,000 | ---- | C] () -- C:\WINDOWS\System32\26962.exe
[2010/01/23 20:39:47 | 00,000,000 | ---- | C] () -- C:\WINDOWS\System32\29358.exe
[2010/01/23 20:19:32 | 00,000,000 | ---- | C] () -- C:\WINDOWS\System32\11478.exe
[2010/01/23 19:59:31 | 00,000,000 | ---- | C] () -- C:\WINDOWS\System32\15724.exe
[2010/01/23 19:39:28 | 00,000,000 | ---- | C] () -- C:\WINDOWS\System32\19169.exe
[2010/01/23 19:19:25 | 00,000,000 | ---- | C] () -- C:\WINDOWS\System32\26500.exe
[2010/01/23 18:59:21 | 00,000,000 | ---- | C] () -- C:\WINDOWS\System32\6334.exe
[2010/01/23 18:39:18 | 00,000,000 | ---- | C] () -- C:\WINDOWS\System32\18467.exe
[2010/01/23 18:18:47 | 00,018,432 | ---- | C] () -- C:\WINDOWS\System32\helper32.dll
[2010/01/23 18:13:36 | 00,000,001 | ---- | C] () -- C:\s
[2010/01/22 22:49:17 | 00,026,624 | ---- | C] () -- C:\Documents and Settings\Administrator\My Documents\012210lnnchoop.doc
[2009/12/30 19:41:57 | 00,000,949 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Disney Pix Micro Downloader.lnk
[2009/12/30 19:01:07 | 00,000,734 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Disney Pix 2.lnk
[2009/10/10 12:47:16 | 00,000,000 | ---- | C] () -- C:\WINDOWS\OPPRIN~1.INI
[2008/09/08 18:49:25 | 00,053,760 | ---- | C] () -- C:\WINDOWS\System32\Zlib.dll
[2008/04/07 15:48:10 | 00,003,654 | ---- | C] () -- C:\WINDOWS\System32\drivers\Sonyhcp.dll
[2008/01/26 15:34:55 | 00,000,812 | ---- | C] () -- C:\WINDOWS\ka.ini
[2007/11/07 16:41:53 | 00,000,000 | ---- | C] () -- C:\WINDOWS\JDSecure31.INI
[2007/11/07 16:41:49 | 00,061,440 | ---- | C] () -- C:\WINDOWS\System32\LxrJD20Sat.dll
[2007/11/07 16:41:48 | 00,249,856 | ---- | C] () -- C:\WINDOWS\System32\LxrJD31.dll
[2007/11/07 16:41:48 | 00,069,824 | ---- | C] () -- C:\WINDOWS\System32\drivers\LxrJD31d.sys
[2007/10/03 10:19:23 | 00,000,069 | ---- | C] () -- C:\WINDOWS\NeroDigital.ini
[2006/11/06 21:34:57 | 00,001,747 | ---- | C] () -- C:\Documents and Settings\All Users\Application Data\QTSBandwidthCache
[2006/04/30 19:21:38 | 00,000,109 | ---- | C] () -- C:\WINDOWS\webica.ini
[2006/03/24 14:09:50 | 00,972,800 | ---- | C] () -- C:\Program Files\PECOTA_03_21_2006.xls
[2006/02/05 12:32:58 | 00,674,304 | ---- | C] () -- C:\Program Files\PECOTA_01_25_2006.xls
[2006/01/19 10:32:48 | 00,029,696 | ---- | C] () -- C:\Program Files\ALOF_1_.xlr
[2006/01/18 18:25:29 | 00,024,064 | ---- | C] () -- C:\Program Files\ALC.xls
[2006/01/18 18:22:47 | 00,000,893 | ---- | C] () -- C:\WINDOWS\wizards.ini
[2005/11/10 00:27:46 | 42,068,374 | ---- | C] () -- C:\Program Files\NIS06900_2YR.exe
[2005/09/25 11:29:47 | 00,007,812 | ---- | C] () -- C:\WINDOWS\System32\visorusb.dll
[2005/09/24 09:01:28 | 00,098,304 | ---- | C] () -- C:\Documents and Settings\Administrator\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2005/09/23 14:21:06 | 00,000,061 | ---- | C] () -- C:\WINDOWS\ma_Tales.ini
[2005/09/23 14:20:39 | 00,012,074 | ---- | C] () -- C:\WINDOWS\MA_BB.INI
[2005/09/16 09:08:41 | 00,000,113 | ---- | C] () -- C:\WINDOWS\WININIT.INI
[2005/09/13 01:27:13 | 00,000,063 | ---- | C] () -- C:\WINDOWS\mdm.ini
[2005/09/13 01:00:22 | 00,000,376 | ---- | C] () -- C:\WINDOWS\ODBC.INI
[2005/09/12 20:58:01 | 00,040,960 | ---- | C] () -- C:\WINDOWS\System32\IsUser11b.dll
[2005/09/08 22:06:04 | 00,065,536 | ---- | C] () -- C:\WINDOWS\System32\YCRWin32.dll
[2005/08/31 11:43:32 | 00,098,304 | ---- | C] () -- C:\WINDOWS\System32\resourceGeneric.dll
[2005/08/03 13:01:23 | 00,000,061 | ---- | C] () -- C:\WINDOWS\smscfg.ini
[2005/08/03 12:53:02 | 00,049,152 | ---- | C] () -- C:\WINDOWS\EAKUSB.dll
[2005/08/03 12:53:02 | 00,024,576 | ---- | C] () -- C:\WINDOWS\MAKHkdll.dll
[2005/08/03 12:51:10 | 00,000,044 | ---- | C] () -- C:\WINDOWS\System32\msssc.dll
[2003/07/14 14:30:28 | 00,197,120 | ---- | C] () -- C:\WINDOWS\patchw32.dll
[2002/05/08 04:12:22 | 00,001,065 | ---- | C] () -- C:\WINDOWS\System32\oeminfo.ini
[1998/05/14 00:00:00 | 00,116,736 | ---- | C] () -- C:\WINDOWS\System32\PCDLIB32.DLL
[1997/11/10 15:18:48 | 00,010,240 | ---- | C] () -- C:\WINDOWS\System32\vidx16.dll
[1997/08/19 00:00:00 | 00,022,016 | ---- | C] () -- C:\WINDOWS\System32\DOCOBJ.DLL
[1997/08/19 00:00:00 | 00,012,288 | ---- | C] () -- C:\WINDOWS\System32\HLINKPRX.DLL

< End of report >
[2010/01/24 20:16:26 | 00,000,000 | ---D | M] -- C:\Program Files\Mozilla Firefox
[2010/01/24 20:14:21 | 00,000,000 | ---- | M] () -- C:\WINDOWS\System32\41.exe
[2010/01/24 20:14:17 | 00,002,931 | ---- | M] () -- C:\WINDOWS\System32\warning.html
[2010/01/24 20:14:01 | 00,001,158 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2010/01/24 20:13:30 | 00,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2010/01/24 20:12:19 | 00,000,006 | -H-- | M] () -- C:\WINDOWS\tasks\SA.DAT
[2010/01/24 20:10:49 | 04,718,592 | -H-- | M] () -- C:\Documents and Settings\Administrator\ntuser.dat
[2010/01/24 20:10:49 | 00,000,178 | -HS- | M] () -- C:\Documents and Settings\Administrator\ntuser.ini
[2010/01/24 20:10:42 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Application Data\OpenOffice.org2
[2010/01/24 20:07:17 | 00,001,010 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-421591467-158189010-1035158585-500UA.job
[2010/01/24 20:06:52 | 00,000,631 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\ImageMixer destination folder.lnk
[2010/01/24 18:15:54 | 00,000,438 | -H-- | M] () -- C:\WINDOWS\tasks\User_Feed_Synchronization-{A599B464-9115-4E09-AE36-54CBFCC55CA5}.job
[2010/01/24 14:32:59 | 00,000,000 | ---- | M] () -- C:\WINDOWS\System32\19169.exe
[2010/01/24 14:24:32 | 00,039,363 | ---- | M] () -- C:\Documents and Settings\Administrator\My Documents\10ALAuction.ods
[2010/01/24 14:24:24 | 00,043,442 | ---- | M] () -- C:\Documents and Settings\Administrator\My Documents\10NLAuction.ods
[2010/01/24 14:12:58 | 00,000,000 | ---- | M] () -- C:\WINDOWS\System32\26500.exe
[2010/01/24 13:52:58 | 00,000,000 | ---- | M] () -- C:\WINDOWS\System32\6334.exe
[2010/01/24 13:32:58 | 00,000,000 | ---- | M] () -- C:\WINDOWS\System32\18467.exe
[2010/01/24 10:20:09 | 00,000,000 | ---D | M] -- C:\Program Files\TrendMicro
[2010/01/24 10:03:24 | 03,952,746 | -H-- | M] () -- C:\Documents and Settings\Administrator\Local Settings\Application Data\IconCache.db
[2010/01/24 09:49:54 | 00,000,000 | ---D | M] -- C:\Program Files\InternetSecurity2010
[2010/01/23 22:08:56 | 00,000,000 | ---D | M] -- C:\Documents and Settings\NetworkService\Local Settings\Application Data\Microsoft
[2010/01/23 22:08:56 | 00,000,000 | ---D | M] -- C:\Documents and Settings\LocalService\Local Settings\Application Data\Microsoft
[2010/01/23 22:08:56 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Local Settings\Application Data\Microsoft
[2010/01/23 22:08:55 | 00,000,000 | --SD | M] -- C:\Documents and Settings\NetworkService\Application Data\Microsoft
[2010/01/23 22:08:55 | 00,000,000 | --SD | M] -- C:\Documents and Settings\LocalService\Application Data\Microsoft
[2010/01/23 22:08:55 | 00,000,000 | --SD | M] -- C:\Documents and Settings\Administrator\Application Data\Microsoft
[2010/01/23 22:07:01 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\avg8
[2010/01/23 22:00:35 | 00,000,000 | ---- | M] () -- C:\WINDOWS\System32\28145.exe
[2010/01/23 21:40:25 | 00,000,000 | ---- | M] () -- C:\WINDOWS\System32\5705.exe
[2010/01/23 21:20:16 | 00,000,000 | ---- | M] () -- C:\WINDOWS\System32\24464.exe
[2010/01/23 21:00:12 | 00,000,000 | ---- | M] () -- C:\WINDOWS\System32\26962.exe
[2010/01/23 21:00:11 | 00,000,000 | ---D | M] -- C:\Program Files\Common Files\Symantec Shared
[2010/01/23 20:39:47 | 00,000,000 | ---- | M] () -- C:\WINDOWS\System32\29358.exe
[2010/01/23 20:19:32 | 00,000,000 | ---- | M] () -- C:\WINDOWS\System32\11478.exe
[2010/01/23 19:59:31 | 00,000,000 | ---- | M] () -- C:\WINDOWS\System32\15724.exe
[2010/01/23 18:18:47 | 00,018,432 | ---- | M] () -- C:\WINDOWS\System32\helper32.dll
[2010/01/23 18:13:31 | 00,020,480 | ---- | M] (IpVOPqgs) -- C:\WINDOWS\System32\winlogon32.exe
[2010/01/23 18:13:31 | 00,020,480 | ---- | M] (IpVOPqgs) -- C:\WINDOWS\System32\smss32.exe
[2010/01/22 23:14:27 | 00,026,624 | ---- | M] () -- C:\Documents and Settings\Administrator\My Documents\012210lnnchoop.doc
[2010/01/22 22:16:52 | 00,002,473 | ---- | M] () -- C:\Documents and Settings\Administrator\Desktop\Microsoft Word.lnk
[2010/01/21 19:58:58 | 00,000,000 | ---D | M] -- C:\Program Files\Internet Explorer
[2010/01/21 19:22:33 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Local Settings\Application Data\Apple Computer
[2010/01/21 19:15:40 | 00,002,137 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\iTunes.lnk
[2010/01/19 08:07:33 | 00,000,638 | ---- | M] () -- C:\WINDOWS\tasks\Norton Internet Security - Run Full System Scan - Administrator.job
[2010/01/19 04:07:04 | 00,000,958 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-421591467-158189010-1035158585-500Core.job
[2010/01/13 03:07:50 | 00,001,374 | ---- | M] () -- C:\WINDOWS\imsins.BAK
[2010/01/12 19:01:27 | 00,000,000 | ---D | M] -- C:\Program Files\Aclient
[2010/01/12 18:59:34 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Symantec
[2010/01/11 12:12:41 | 00,000,284 | ---- | M] () -- C:\WINDOWS\tasks\AppleSoftwareUpdate.job
[2009/12/30 19:44:37 | 00,000,000 | --SD | M] -- C:\Documents and Settings\All Users\Application Data\Microsoft
[2009/12/30 19:44:30 | 00,000,000 | ---D | M] -- C:\Program Files\DB CIF Cam
[2009/12/30 19:42:45 | 00,000,531 | ---- | M] () -- C:\WINDOWS\win.ini
[2009/12/30 19:42:36 | 00,000,000 | -H-D | M] -- C:\Program Files\InstallShield Installation Information
[2009/12/30 19:41:57 | 00,000,949 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Disney Pix Micro Downloader.lnk
[2009/12/30 19:41:31 | 00,000,000 | ---D | M] -- C:\Program Files\Disney Pix Micro Downloader
[2009/12/30 19:01:07 | 00,000,734 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Disney Pix 2.lnk
[2009/12/30 19:00:27 | 00,000,000 | ---D | M] -- C:\Program Files\Disney Pix 2.2
[2009/12/27 16:36:37 | 00,000,000 | ---D | M] -- C:\Program Files\Common Files\Wise Installation Wizard
[2009/12/27 14:17:06 | 00,000,000 | ---D | M] -- C:\Program Files\Common Files
[2009/12/26 17:35:48 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Application Data\Apple Computer
[2009/12/26 17:35:19 | 00,000,000 | ---D | M] -- C:\Program Files\iTunes
[2009/11/15 19:54:16 | 00,098,304 | ---- | M] () -- C:\Documents and Settings\Administrator\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2009/09/15 06:38:15 | 00,027,944 | ---- | M] () -- C:\Documents and Settings\Administrator\Local Settings\Application Data\GDIPFONTCACHEV1.DAT
[2008/12/05 14:35:07 | 00,000,000 | ---D | M] -- C:\Documents and Settings\LocalService\Local Settings\Application Data\Google
[2007/08/28 13:55:02 | 00,000,000 | ---D | M] -- C:\Documents and Settings\NetworkService\Local Settings\Application Data\Apple
[2006/11/06 21:34:57 | 00,001,747 | ---- | M] () -- C:\Documents and Settings\All Users\Application Data\QTSBandwidthCache
[2006/09/25 23:01:04 | 00,972,800 | ---- | M] () -- C:\Program Files\PECOTA_03_21_2006.xls
[2006/06/29 13:58:52 | 00,030,808 | ---- | M] () -- C:\WINDOWS\Fonts\GlobalUserInterface.CompositeFont
[2006/06/29 13:53:56 | 00,026,489 | ---- | M] () -- C:\WINDOWS\Fonts\GlobalSansSerif.CompositeFont
[2006/04/18 14:39:28 | 00,029,779 | ---- | M] () -- C:\WINDOWS\Fonts\GlobalSerif.CompositeFont
[2006/04/18 14:39:28 | 00,026,040 | ---- | M] () -- C:\WINDOWS\Fonts\GlobalMonospace.CompositeFont
[2006/02/05 12:33:01 | 00,674,304 | ---- | M] () -- C:\Program Files\PECOTA_01_25_2006.xls
[2006/01/19 10:32:48 | 00,029,696 | ---- | M] () -- C:\Program Files\ALOF_1_.xlr
[2006/01/18 18:25:38 | 00,024,064 | ---- | M] () -- C:\Program Files\ALC.xls
[2005/11/22 21:40:14 | 20,921,040 | ---- | M] ( ) -- C:\Program Files\AdbeRdr705_enu_full.exe
[2005/11/10 00:27:47 | 42,068,374 | ---- | M] () -- C:\Program Files\NIS06900_2YR.exe
[2005/09/12 20:21:12 | 00,000,000 | ---D | M] -- C:\Documents and Settings\NetworkService\Application Data\Symantec
[2004/08/09 01:21:18 | 00,000,062 | -HS- | M] () -- C:\Documents and Settings\All Users\Application Data\desktop.ini
[2004/08/09 01:21:18 | 00,000,062 | -HS- | M] () -- C:\Documents and Settings\Administrator\Application Data\desktop.ini
[4 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
[1 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2010/01/24 20:14:21 | 00,000,000 | ---- | M] () -- C:\WINDOWS\System32\41.exe
[2010/01/24 20:14:17 | 00,002,931 | ---- | M] () -- C:\WINDOWS\System32\warning.html
[2010/01/24 20:14:01 | 00,001,158 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2010/01/24 20:13:30 | 00,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2010/01/24 20:12:19 | 00,000,006 | -H-- | M] () -- C:\WINDOWS\tasks\SA.DAT
[2010/01/24 20:10:49 | 04,718,592 | -H-- | M] () -- C:\Documents and Settings\Administrator\ntuser.dat
[2010/01/24 20:10:49 | 00,000,178 | -HS- | M] () -- C:\Documents and Settings\Administrator\ntuser.ini
[2010/01/24 20:07:17 | 00,001,010 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-421591467-158189010-1035158585-500UA.job
[2010/01/24 20:06:52 | 00,000,631 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\ImageMixer destination folder.lnk
[2010/01/24 20:04:21 | 00,001,280 | ---- | M] () -- C:\AClient.cfg
[2010/01/24 18:15:54 | 00,000,438 | -H-- | M] () -- C:\WINDOWS\tasks\User_Feed_Synchronization-{A599B464-9115-4E09-AE36-54CBFCC55CA5}.job
[2010/01/24 14:32:59 | 00,000,000 | ---- | M] () -- C:\WINDOWS\System32\19169.exe
[2010/01/24 14:24:32 | 00,039,363 | ---- | M] () -- C:\Documents and Settings\Administrator\My Documents\10ALAuction.ods
[2010/01/24 14:24:24 | 00,043,442 | ---- | M] () -- C:\Documents and Settings\Administrator\My Documents\10NLAuction.ods
[2010/01/24 14:12:58 | 00,000,000 | ---- | M] () -- C:\WINDOWS\System32\26500.exe
[2010/01/24 13:52:58 | 00,000,000 | ---- | M] () -- C:\WINDOWS\System32\6334.exe
[2010/01/24 13:32:58 | 00,000,000 | ---- | M] () -- C:\WINDOWS\System32\18467.exe
[2010/01/24 10:03:24 | 03,952,746 | -H-- | M] () -- C:\Documents and Settings\Administrator\Local Settings\Application Data\IconCache.db
[2010/01/23 22:00:35 | 00,000,000 | ---- | M] () -- C:\WINDOWS\System32\28145.exe
[2010/01/23 21:40:25 | 00,000,000 | ---- | M] () -- C:\WINDOWS\System32\5705.exe
[2010/01/23 21:20:16 | 00,000,000 | ---- | M] () -- C:\WINDOWS\System32\24464.exe
[2010/01/23 21:00:12 | 00,000,000 | ---- | M] () -- C:\WINDOWS\System32\26962.exe
[2010/01/23 20:39:47 | 00,000,000 | ---- | M] () -- C:\WINDOWS\System32\29358.exe
[2010/01/23 20:26:07 | 00,004,806 | -H-- | M] () -- C:\ffastun.ffa
[2010/01/23 20:26:06 | 00,315,392 | -H-- | M] () -- C:\ffastun.ffo
[2010/01/23 20:25:58 | 02,797,568 | -H-- | M] () -- C:\ffastun0.ffx
[2010/01/23 20:25:58 | 01,671,168 | -H-- | M] () -- C:\ffastun.ffl
[2010/01/23 20:19:32 | 00,000,000 | ---- | M] () -- C:\WINDOWS\System32\11478.exe
[2010/01/23 19:59:31 | 00,000,000 | ---- | M] () -- C:\WINDOWS\System32\15724.exe
[2010/01/23 18:18:47 | 00,018,432 | ---- | M] () -- C:\WINDOWS\System32\helper32.dll
[2010/01/23 18:13:36 | 00,000,001 | ---- | M] () -- C:\s
[2010/01/23 18:13:31 | 00,020,480 | ---- | M] (IpVOPqgs) -- C:\WINDOWS\System32\winlogon32.exe
[2010/01/23 18:13:31 | 00,020,480 | ---- | M] (IpVOPqgs) -- C:\WINDOWS\System32\smss32.exe
[2010/01/22 23:14:27 | 00,026,624 | ---- | M] () -- C:\Documents and Settings\Administrator\My Documents\012210lnnchoop.doc
[2010/01/22 22:16:52 | 00,002,473 | ---- | M] () -- C:\Documents and Settings\Administrator\Desktop\Microsoft Word.lnk
[2010/01/21 19:15:40 | 00,002,137 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\iTunes.lnk
[2010/01/19 08:07:33 | 00,000,638 | ---- | M] () -- C:\WINDOWS\tasks\Norton Internet Security - Run Full System Scan - Administrator.job
[2010/01/19 04:07:04 | 00,000,958 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-421591467-158189010-1035158585-500Core.job
[2010/01/13 03:07:50 | 00,001,374 | ---- | M] () -- C:\WINDOWS\imsins.BAK
[2010/01/11 12:12:41 | 00,000,284 | ---- | M] () -- C:\WINDOWS\tasks\AppleSoftwareUpdate.job
[2009/12/30 19:42:45 | 00,000,531 | ---- | M] () -- C:\WINDOWS\win.ini
[2009/12/30 19:41:57 | 00,000,949 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Disney Pix Micro Downloader.lnk
[2009/12/30 19:01:07 | 00,000,734 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Disney Pix 2.lnk
[4 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]

nstnewell
Novice
Novice

Posts Posts : 11
Joined Joined : 2010-01-24
OS OS : Windows XP
Points Points : 25233
# Likes # Likes : 0

View user profile

Back to top Go down

Re: Internet Security 2010

Post by nstnewell on Mon Jan 25, 2010 1:59 am

Part 7


[1 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]

< End of report >
[2010/01/24 20:16:26 | 00,000,000 | ---D | M] -- C:\Program Files\Mozilla Firefox
[2010/01/24 20:14:21 | 00,000,000 | ---- | M] () -- C:\WINDOWS\System32\41.exe
[2010/01/24 20:14:17 | 00,002,931 | ---- | M] () -- C:\WINDOWS\System32\warning.html
[2010/01/24 20:14:01 | 00,001,158 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2010/01/24 20:13:30 | 00,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2010/01/24 20:12:19 | 00,000,006 | -H-- | M] () -- C:\WINDOWS\tasks\SA.DAT
[2010/01/24 20:10:49 | 04,718,592 | -H-- | M] () -- C:\Documents and Settings\Administrator\ntuser.dat
[2010/01/24 20:10:49 | 00,000,178 | -HS- | M] () -- C:\Documents and Settings\Administrator\ntuser.ini
[2010/01/24 20:10:42 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Application Data\OpenOffice.org2
[2010/01/24 20:07:17 | 00,001,010 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-421591467-158189010-1035158585-500UA.job
[2010/01/24 20:06:52 | 00,000,631 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\ImageMixer destination folder.lnk
[2010/01/24 18:15:54 | 00,000,438 | -H-- | M] () -- C:\WINDOWS\tasks\User_Feed_Synchronization-{A599B464-9115-4E09-AE36-54CBFCC55CA5}.job
[2010/01/24 14:32:59 | 00,000,000 | ---- | M] () -- C:\WINDOWS\System32\19169.exe
[2010/01/24 14:24:32 | 00,039,363 | ---- | M] () -- C:\Documents and Settings\Administrator\My Documents\10ALAuction.ods
[2010/01/24 14:24:24 | 00,043,442 | ---- | M] () -- C:\Documents and Settings\Administrator\My Documents\10NLAuction.ods
[2010/01/24 14:12:58 | 00,000,000 | ---- | M] () -- C:\WINDOWS\System32\26500.exe
[2010/01/24 13:52:58 | 00,000,000 | ---- | M] () -- C:\WINDOWS\System32\6334.exe
[2010/01/24 13:32:58 | 00,000,000 | ---- | M] () -- C:\WINDOWS\System32\18467.exe
[2010/01/24 10:20:09 | 00,000,000 | ---D | M] -- C:\Program Files\TrendMicro
[2010/01/24 10:03:24 | 03,952,746 | -H-- | M] () -- C:\Documents and Settings\Administrator\Local Settings\Application Data\IconCache.db
[2010/01/24 09:49:54 | 00,000,000 | ---D | M] -- C:\Program Files\InternetSecurity2010
[2010/01/23 22:08:56 | 00,000,000 | ---D | M] -- C:\Documents and Settings\NetworkService\Local Settings\Application Data\Microsoft
[2010/01/23 22:08:56 | 00,000,000 | ---D | M] -- C:\Documents and Settings\LocalService\Local Settings\Application Data\Microsoft
[2010/01/23 22:08:56 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Local Settings\Application Data\Microsoft
[2010/01/23 22:08:55 | 00,000,000 | --SD | M] -- C:\Documents and Settings\NetworkService\Application Data\Microsoft
[2010/01/23 22:08:55 | 00,000,000 | --SD | M] -- C:\Documents and Settings\LocalService\Application Data\Microsoft
[2010/01/23 22:08:55 | 00,000,000 | --SD | M] -- C:\Documents and Settings\Administrator\Application Data\Microsoft
[2010/01/23 22:07:01 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\avg8
[2010/01/23 22:00:35 | 00,000,000 | ---- | M] () -- C:\WINDOWS\System32\28145.exe
[2010/01/23 21:40:25 | 00,000,000 | ---- | M] () -- C:\WINDOWS\System32\5705.exe
[2010/01/23 21:20:16 | 00,000,000 | ---- | M] () -- C:\WINDOWS\System32\24464.exe
[2010/01/23 21:00:12 | 00,000,000 | ---- | M] () -- C:\WINDOWS\System32\26962.exe
[2010/01/23 21:00:11 | 00,000,000 | ---D | M] -- C:\Program Files\Common Files\Symantec Shared
[2010/01/23 20:39:47 | 00,000,000 | ---- | M] () -- C:\WINDOWS\System32\29358.exe
[2010/01/23 20:19:32 | 00,000,000 | ---- | M] () -- C:\WINDOWS\System32\11478.exe
[2010/01/23 19:59:31 | 00,000,000 | ---- | M] () -- C:\WINDOWS\System32\15724.exe
[2010/01/23 18:18:47 | 00,018,432 | ---- | M] () -- C:\WINDOWS\System32\helper32.dll
[2010/01/23 18:13:31 | 00,020,480 | ---- | M] (IpVOPqgs) -- C:\WINDOWS\System32\winlogon32.exe
[2010/01/23 18:13:31 | 00,020,480 | ---- | M] (IpVOPqgs) -- C:\WINDOWS\System32\smss32.exe
[2010/01/22 23:14:27 | 00,026,624 | ---- | M] () -- C:\Documents and Settings\Administrator\My Documents\012210lnnchoop.doc
[2010/01/22 22:16:52 | 00,002,473 | ---- | M] () -- C:\Documents and Settings\Administrator\Desktop\Microsoft Word.lnk
[2010/01/21 19:58:58 | 00,000,000 | ---D | M] -- C:\Program Files\Internet Explorer
[2010/01/21 19:22:33 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Local Settings\Application Data\Apple Computer
[2010/01/21 19:15:40 | 00,002,137 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\iTunes.lnk
[2010/01/19 08:07:33 | 00,000,638 | ---- | M] () -- C:\WINDOWS\tasks\Norton Internet Security - Run Full System Scan - Administrator.job
[2010/01/19 04:07:04 | 00,000,958 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-421591467-158189010-1035158585-500Core.job
[2010/01/13 03:07:50 | 00,001,374 | ---- | M] () -- C:\WINDOWS\imsins.BAK
[2010/01/12 19:01:27 | 00,000,000 | ---D | M] -- C:\Program Files\Aclient
[2010/01/12 18:59:34 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Symantec
[2010/01/11 12:12:41 | 00,000,284 | ---- | M] () -- C:\WINDOWS\tasks\AppleSoftwareUpdate.job
[2009/12/30 19:44:37 | 00,000,000 | --SD | M] -- C:\Documents and Settings\All Users\Application Data\Microsoft
[2009/12/30 19:44:30 | 00,000,000 | ---D | M] -- C:\Program Files\DB CIF Cam
[2009/12/30 19:42:45 | 00,000,531 | ---- | M] () -- C:\WINDOWS\win.ini
[2009/12/30 19:42:36 | 00,000,000 | -H-D | M] -- C:\Program Files\InstallShield Installation Information
[2009/12/30 19:41:57 | 00,000,949 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Disney Pix Micro Downloader.lnk
[2009/12/30 19:41:31 | 00,000,000 | ---D | M] -- C:\Program Files\Disney Pix Micro Downloader
[2009/12/30 19:01:07 | 00,000,734 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Disney Pix 2.lnk
[2009/12/30 19:00:27 | 00,000,000 | ---D | M] -- C:\Program Files\Disney Pix 2.2
[2009/12/27 16:36:37 | 00,000,000 | ---D | M] -- C:\Program Files\Common Files\Wise Installation Wizard
[2009/12/27 14:17:06 | 00,000,000 | ---D | M] -- C:\Program Files\Common Files
[2009/12/26 17:35:48 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Application Data\Apple Computer
[2009/12/26 17:35:19 | 00,000,000 | ---D | M] -- C:\Program Files\iTunes
[2009/11/15 19:54:16 | 00,098,304 | ---- | M] () -- C:\Documents and Settings\Administrator\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2009/09/15 06:38:15 | 00,027,944 | ---- | M] () -- C:\Documents and Settings\Administrator\Local Settings\Application Data\GDIPFONTCACHEV1.DAT
[2008/12/05 14:35:07 | 00,000,000 | ---D | M] -- C:\Documents and Settings\LocalService\Local Settings\Application Data\Google
[2007/08/28 13:55:02 | 00,000,000 | ---D | M] -- C:\Documents and Settings\NetworkService\Local Settings\Application Data\Apple
[2006/11/06 21:34:57 | 00,001,747 | ---- | M] () -- C:\Documents and Settings\All Users\Application Data\QTSBandwidthCache
[2006/09/25 23:01:04 | 00,972,800 | ---- | M] () -- C:\Program Files\PECOTA_03_21_2006.xls
[2006/06/29 13:58:52 | 00,030,808 | ---- | M] () -- C:\WINDOWS\Fonts\GlobalUserInterface.CompositeFont
[2006/06/29 13:53:56 | 00,026,489 | ---- | M] () -- C:\WINDOWS\Fonts\GlobalSansSerif.CompositeFont
[2006/04/18 14:39:28 | 00,029,779 | ---- | M] () -- C:\WINDOWS\Fonts\GlobalSerif.CompositeFont
[2006/04/18 14:39:28 | 00,026,040 | ---- | M] () -- C:\WINDOWS\Fonts\GlobalMonospace.CompositeFont
[2006/02/05 12:33:01 | 00,674,304 | ---- | M] () -- C:\Program Files\PECOTA_01_25_2006.xls
[2006/01/19 10:32:48 | 00,029,696 | ---- | M] () -- C:\Program Files\ALOF_1_.xlr
[2006/01/18 18:25:38 | 00,024,064 | ---- | M] () -- C:\Program Files\ALC.xls
[2005/11/22 21:40:14 | 20,921,040 | ---- | M] ( ) -- C:\Program Files\AdbeRdr705_enu_full.exe
[2005/11/10 00:27:47 | 42,068,374 | ---- | M] () -- C:\Program Files\NIS06900_2YR.exe
[2005/09/12 20:21:12 | 00,000,000 | ---D | M] -- C:\Documents and Settings\NetworkService\Application Data\Symantec
[2004/08/09 01:21:18 | 00,000,062 | -HS- | M] () -- C:\Documents and Settings\All Users\Application Data\desktop.ini
[2004/08/09 01:21:18 | 00,000,062 | -HS- | M] () -- C:\Documents and Settings\Administrator\Application Data\desktop.ini
[4 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
[1 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2010/01/24 20:14:21 | 00,000,000 | ---- | M] () -- C:\WINDOWS\System32\41.exe
[2010/01/24 20:14:17 | 00,002,931 | ---- | M] () -- C:\WINDOWS\System32\warning.html
[2010/01/24 20:14:01 | 00,001,158 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2010/01/24 20:13:30 | 00,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2010/01/24 20:12:19 | 00,000,006 | -H-- | M] () -- C:\WINDOWS\tasks\SA.DAT
[2010/01/24 20:10:49 | 04,718,592 | -H-- | M] () -- C:\Documents and Settings\Administrator\ntuser.dat
[2010/01/24 20:10:49 | 00,000,178 | -HS- | M] () -- C:\Documents and Settings\Administrator\ntuser.ini
[2010/01/24 20:07:17 | 00,001,010 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-421591467-158189010-1035158585-500UA.job
[2010/01/24 20:06:52 | 00,000,631 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\ImageMixer destination folder.lnk
[2010/01/24 20:04:21 | 00,001,280 | ---- | M] () -- C:\AClient.cfg
[2010/01/24 18:15:54 | 00,000,438 | -H-- | M] () -- C:\WINDOWS\tasks\User_Feed_Synchronization-{A599B464-9115-4E09-AE36-54CBFCC55CA5}.job
[2010/01/24 14:32:59 | 00,000,000 | ---- | M] () -- C:\WINDOWS\System32\19169.exe
[2010/01/24 14:24:32 | 00,039,363 | ---- | M] () -- C:\Documents and Settings\Administrator\My Documents\10ALAuction.ods
[2010/01/24 14:24:24 | 00,043,442 | ---- | M] () -- C:\Documents and Settings\Administrator\My Documents\10NLAuction.ods
[2010/01/24 14:12:58 | 00,000,000 | ---- | M] () -- C:\WINDOWS\System32\26500.exe
[2010/01/24 13:52:58 | 00,000,000 | ---- | M] () -- C:\WINDOWS\System32\6334.exe
[2010/01/24 13:32:58 | 00,000,000 | ---- | M] () -- C:\WINDOWS\System32\18467.exe
[2010/01/24 10:03:24 | 03,952,746 | -H-- | M] () -- C:\Documents and Settings\Administrator\Local Settings\Application Data\IconCache.db
[2010/01/23 22:00:35 | 00,000,000 | ---- | M] () -- C:\WINDOWS\System32\28145.exe
[2010/01/23 21:40:25 | 00,000,000 | ---- | M] () -- C:\WINDOWS\System32\5705.exe
[2010/01/23 21:20:16 | 00,000,000 | ---- | M] () -- C:\WINDOWS\System32\24464.exe
[2010/01/23 21:00:12 | 00,000,000 | ---- | M] () -- C:\WINDOWS\System32\26962.exe
[2010/01/23 20:39:47 | 00,000,000 | ---- | M] () -- C:\WINDOWS\System32\29358.exe
[2010/01/23 20:26:07 | 00,004,806 | -H-- | M] () -- C:\ffastun.ffa
[2010/01/23 20:26:06 | 00,315,392 | -H-- | M] () -- C:\ffastun.ffo
[2010/01/23 20:25:58 | 02,797,568 | -H-- | M] () -- C:\ffastun0.ffx
[2010/01/23 20:25:58 | 01,671,168 | -H-- | M] () -- C:\ffastun.ffl
[2010/01/23 20:19:32 | 00,000,000 | ---- | M] () -- C:\WINDOWS\System32\11478.exe
[2010/01/23 19:59:31 | 00,000,000 | ---- | M] () -- C:\WINDOWS\System32\15724.exe
[2010/01/23 18:18:47 | 00,018,432 | ---- | M] () -- C:\WINDOWS\System32\helper32.dll
[2010/01/23 18:13:36 | 00,000,001 | ---- | M] () -- C:\s
[2010/01/23 18:13:31 | 00,020,480 | ---- | M] (IpVOPqgs) -- C:\WINDOWS\System32\winlogon32.exe
[2010/01/23 18:13:31 | 00,020,480 | ---- | M] (IpVOPqgs) -- C:\WINDOWS\System32\smss32.exe
[2010/01/22 23:14:27 | 00,026,624 | ---- | M] () -- C:\Documents and Settings\Administrator\My Documents\012210lnnchoop.doc
[2010/01/22 22:16:52 | 00,002,473 | ---- | M] () -- C:\Documents and Settings\Administrator\Desktop\Microsoft Word.lnk
[2010/01/21 19:15:40 | 00,002,137 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\iTunes.lnk
[2010/01/19 08:07:33 | 00,000,638 | ---- | M] () -- C:\WINDOWS\tasks\Norton Internet Security - Run Full System Scan - Administrator.job
[2010/01/19 04:07:04 | 00,000,958 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-421591467-158189010-1035158585-500Core.job
[2010/01/13 03:07:50 | 00,001,374 | ---- | M] () -- C:\WINDOWS\imsins.BAK
[2010/01/11 12:12:41 | 00,000,284 | ---- | M] () -- C:\WINDOWS\tasks\AppleSoftwareUpdate.job
[2009/12/30 19:42:45 | 00,000,531 | ---- | M] () -- C:\WINDOWS\win.ini
[2009/12/30 19:41:57 | 00,000,949 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Disney Pix Micro Downloader.lnk
[2009/12/30 19:01:07 | 00,000,734 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Disney Pix 2.lnk
[4 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
[1 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]

< End of report >

========== Processes (SafeList) ==========

PRC - [2010/01/24 13:20:11 | 00,547,328 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Administrator\My Documents\Downloads\OTL.exe
PRC - [2010/01/24 09:49:00 | 01,050,624 | ---- | M] (Internet Security) -- C:\Program Files\InternetSecurity2010\IS2010.exe
PRC - [2010/01/23 18:13:31 | 00,020,480 | ---- | M] (IpVOPqgs) -- C:\WINDOWS\system32\smss32.exe
PRC - [2008/04/13 19:12:19 | 01,033,728 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe


========== Modules (SafeList) ==========

MOD - [2010/01/24 13:20:11 | 00,547,328 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Administrator\My Documents\Downloads\OTL.exe
MOD - [2008/04/13 19:11:56 | 00,019,968 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\linkinfo.dll


========== Win32 Services (SafeList) ==========

SRV - File not found [Disabled | Stopped] -- -- (NMIndexingService)
SRV - File not found [Auto | Stopped] -- -- ($sys$DRMServer)
SRV - [2009/10/28 20:21:14 | 00,545,568 | ---- | M] (Apple Inc.) [On_Demand | Stopped] -- C:\Program Files\iPod\bin\iPodService.exe -- (iPod Service)
SRV - [2009/09/28 08:42:50 | 00,109,056 | ---- | M] (ArcSoft Inc.) [Auto | Stopped] -- C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACService.exe -- (ACDaemon)
SRV - [2009/06/05 10:48:14 | 00,144,712 | ---- | M] (Apple Inc.) [Auto | Stopped] -- C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe -- (Apple Mobile Device)
SRV - [2008/12/12 11:17:38 | 00,238,888 | ---- | M] (Apple Inc.) [Auto | Stopped] -- C:\Program Files\Bonjour\mDNSResponder.exe -- (Bonjour Service)
SRV - [2008/10/17 14:52:10 | 00,149,352 | ---- | M] (Symantec Corporation) [Auto | Stopped] -- C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe -- (LiveUpdate Notice)
SRV - [2008/10/17 14:52:10 | 00,149,352 | ---- | M] (Symantec Corporation) [Auto | Stopped] -- C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe -- (CLTNetCnService)
SRV - [2008/10/17 14:52:10 | 00,149,352 | ---- | M] (Symantec Corporation) [Auto | Stopped] -- C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe -- (ccSetMgr)
SRV - [2008/10/17 14:52:10 | 00,149,352 | ---- | M] (Symantec Corporation) [Auto | Stopped] -- C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe -- (ccEvtMgr)
SRV - [2008/10/10 05:45:26 | 00,013,088 | ---- | M] (Intuit Inc.) [Auto | Stopped] -- C:\Program Files\Common Files\Intuit\Update Service\IntuitUpdateService.exe -- (IntuitUpdateService)
SRV - [2008/01/23 15:59:05 | 01,251,720 | ---- | M] () [On_Demand | Stopped] -- C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe -- (Symantec Core LC)
SRV - [2007/11/07 16:41:48 | 00,071,168 | ---- | M] () [Auto | Stopped] -- C:\WINDOWS\System32\LxrJD31s.exe -- (LxrJD31s)
SRV - [2007/08/31 10:49:50 | 00,243,064 | ---- | M] (Symantec Corporation) [Auto | Stopped] -- C:\Program Files\Symantec\LiveUpdate\AluSchedulerSvc.exe -- (Automatic LiveUpdate Scheduler)
SRV - [2007/08/23 15:35:22 | 03,192,184 | ---- | M] (Symantec Corporation) [On_Demand | Stopped] -- C:\Program Files\Symantec\LiveUpdate\LuComServer_3_4.EXE -- (LiveUpdate)
SRV - [2007/08/22 02:21:30 | 00,055,640 | ---- | M] (Symantec Corporation) [On_Demand | Stopped] -- C:\Program Files\Common Files\Symantec Shared\VAScanner\comHost.exe -- (comHost)
SRV - [2007/01/03 20:40:21 | 00,136,120 | ---- | M] (Google) [On_Demand | Stopped] -- C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe -- (gusvc)
SRV - [2004/10/07 09:42:57 | 00,167,936 | ---- | M] () [Auto | Stopped] -- C:\WINDOWS\CDProxyServ.exe -- (CD_Proxy)
SRV - [2004/08/23 08:31:34 | 04,845,644 | ---- | M] (Altiris, Inc.) [Auto | Stopped] -- C:\Program Files\Aclient\AClient.exe -- (AClient)
SRV - [2002/09/20 17:50:10 | 00,045,056 | ---- | M] (Analog Devices, Inc.) [Auto | Stopped] -- C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe -- (SoundMAX Agent Service (default))


========== Driver Services (SafeList) ==========

DRV - [2009/11/19 22:02:58 | 00,268,664 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Stopped] -- C:\Program Files\Common Files\Symantec Shared\SymcData\ipsdefs\20100119.001\SymIDSCo.sys -- (SYMIDSCO)
DRV - [2009/08/28 18:42:52 | 00,040,448 | ---- | M] (Apple, Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\usbaapl.sys -- (USBAAPL)
DRV - [2009/08/27 03:00:00 | 00,371,248 | ---- | M] (Symantec Corporation) [Kernel | System | Stopped] -- C:\Program Files\Common Files\Symantec Shared\EENGINE\eeCtrl.sys -- (eeCtrl)
DRV - [2009/08/27 03:00:00 | 00,102,448 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Stopped] -- C:\Program Files\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys -- (EraserUtilRebootDrv)
DRV - [2009/08/25 03:00:00 | 01,323,568 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Stopped] -- C:\Program Files\Common Files\Symantec Shared\VirusDefs\20100123.003\NAVEX15.SYS -- (NAVEX15)
DRV - [2009/08/25 03:00:00 | 00,084,912 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Stopped] -- C:\Program Files\Common Files\Symantec Shared\VirusDefs\20100123.003\NAVENG.SYS -- (NAVENG)
DRV - [2009/05/18 13:17:00 | 00,026,600 | ---- | M] (GEAR Software Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\GEARAspiWDM.sys -- (GEARAspiWDM)
DRV - [2009/02/19 11:31:42 | 00,031,280 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\SymIM.sys -- (SymIMMP)
DRV - [2009/02/19 11:31:42 | 00,031,280 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\SymIM.sys -- (SymIM)
DRV - [2009/02/19 11:31:16 | 00,184,496 | ---- | M] (Symantec Corporation) [Kernel | System | Stopped] -- C:\WINDOWS\System32\Drivers\SYMTDI.SYS -- (SYMTDI)
DRV - [2009/02/19 11:31:16 | 00,096,560 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\System32\Drivers\SYMFW.SYS -- (SYMFW)
DRV - [2009/02/19 11:31:16 | 00,038,576 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\System32\Drivers\SYMIDS.SYS -- (SYMIDS)
DRV - [2009/02/19 11:31:16 | 00,037,424 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\System32\Drivers\SYMNDIS.SYS -- (SYMNDIS)
DRV - [2009/02/19 11:31:16 | 00,022,320 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\System32\Drivers\SYMREDRV.SYS -- (SYMREDRV)
DRV - [2009/02/19 11:31:16 | 00,013,616 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\System32\Drivers\SYMDNS.SYS -- (SYMDNS)
DRV - [2009/01/09 09:54:07 | 00,124,464 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\SYMEVENT.SYS -- (SymEvent)
DRV - [2008/11/20 14:19:06 | 00,043,872 | ---- | M] (Sonic Solutions) [Kernel | Boot | Running] -- C:\WINDOWS\System32\Drivers\PxHelp20.sys -- (PxHelp20)
DRV - [2008/09/05 13:31:42 | 00,447,024 | ---- | M] (Symantec Corporation) [Kernel | System | Stopped] -- C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCDrv.sys -- (SPBBCDrv)
DRV - [2008/07/30 16:42:12 | 00,023,888 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\COH_Mon.sys -- (COH_Mon)
DRV - [2007/11/30 23:57:12 | 00,317,616 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\srtspl.sys -- (SRTSPL)
DRV - [2007/11/30 23:57:12 | 00,279,088 | ---- | M] (Symantec Corporation) [File_System | System | Stopped] -- C:\WINDOWS\system32\drivers\srtsp.sys -- (SRTSP)
DRV - [2007/11/30 23:57:12 | 00,043,696 | ---- | M] (Symantec Corporation) [Kernel | System | Stopped] -- C:\WINDOWS\system32\drivers\srtspx.sys -- (SRTSPX)
DRV - [2007/11/13 05:25:53 | 00,020,480 | ---- | M] (Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\secdrv.sys -- (Secdrv)
DRV - [2007/11/07 16:41:48 | 00,069,824 | ---- | M] () [Kernel | Auto | Stopped] -- C:\WINDOWS\system32\drivers\LxrJD31d.sys -- (LxrJD31d)
DRV - [2007/08/08 18:39:56 | 00,036,056 | ---- | M] (Symantec Corporation) [Kernel | Auto | Stopped] -- C:\WINDOWS\system32\drivers\CO_Mon.sys -- (CO_Mon)
DRV - [2007/05/18 11:41:30 | 00,037,760 | ---- | M] (Service & Quality Technology.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\Capt905c.sys -- (SQTECH905C)
DRV - [2005/11/10 00:34:45 | 00,010,344 | ---- | M] (Symantec Corporation) [Kernel | Auto | Stopped] -- C:\WINDOWS\system32\drivers\symlcbrd.sys -- (symlcbrd)
DRV - [2005/07/04 07:52:50 | 00,018,432 | ---- | M] (First 4 Internet) [Kernel | Boot | Running] -- C:\WINDOWS\System32\Drivers\$sys$cor.sys -- ($sys$cor)
DRV - [2005/07/04 05:51:37 | 00,011,904 | ---- | M] (First 4 Internet) [Kernel | System | Running] -- C:\WINDOWS\system32\$sys$filesystem\crater.sys -- ($sys$crater)
DRV - [2005/04/21 00:33:12 | 00,112,384 | R--- | M] (NETGEAR Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\wg111v2.sys -- (RTLWUSB)
DRV - [2004/11/16 08:46:38 | 00,190,592 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\b57xp32.sys -- (b57w2k)
DRV - [2004/09/30 12:05:12 | 00,752,093 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ialmnt5.sys -- (ialm)
DRV - [2004/08/04 03:00:00 | 00,017,792 | ---- | M] (Parallel Technologies, Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ptilink.sys -- (Ptilink)
DRV - [2004/08/03 22:31:20 | 00,036,224 | ---- | M] (ADMtek Incorporated.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\an983.sys -- (AN983)
DRV - [2004/08/03 12:29:50 | 00,019,455 | ---- | M] (Intel(R) Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\wVchNTxx.sys -- (iAimFP4)
DRV - [2004/08/03 12:29:48 | 00,012,063 | ---- | M] (Intel(R) Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\wSiINTxx.sys -- (iAimFP3)
DRV - [2004/08/03 12:29:46 | 00,025,471 | ---- | M] (Intel(R) Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\wATV10nt.sys -- (iAimTV5)
DRV - [2004/08/03 12:29:46 | 00,023,615 | ---- | M] (Intel(R) Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\wCh7xxNT.sys -- (iAimTV4)
DRV - [2004/08/03 12:29:46 | 00,022,271 | ---- | M] (Intel(R) Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\wATV06nt.sys -- (iAimTV6)
DRV - [2004/08/03 12:29:44 | 00,033,599 | ---- | M] (Intel(R) Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\wATV04nt.sys -- (iAimTV3)
DRV - [2004/08/03 12:29:44 | 00,019,551 | ---- | M] (Intel(R) Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\wATV02NT.sys -- (iAimTV1)
DRV - [2004/08/03 12:29:42 | 00,029,311 | ---- | M] (Intel(R) Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\wATV01nt.sys -- (iAimTV0)
DRV - [2004/08/03 12:29:42 | 00,011,871 | ---- | M] (Intel(R) Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\wADV09NT.sys -- (iAimFP7)
DRV - [2004/08/03 12:29:40 | 00,011,807 | ---- | M] (Intel(R) Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\wADV07nt.sys -- (iAimFP5)
DRV - [2004/08/03 12:29:40 | 00,011,295 | ---- | M] (Intel(R) Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\wADV08NT.sys -- (iAimFP6)
DRV - [2004/08/03 12:29:38 | 00,161,020 | ---- | M] (Intel(R) Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\i81xnt5.sys -- (i81x)
DRV - [2004/08/03 12:29:38 | 00,012,415 | ---- | M] (Intel(R) Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\wADV01nt.sys -- (iAimFP0)
DRV - [2004/08/03 12:29:38 | 00,012,127 | ---- | M] (Intel(R) Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\wADV02NT.sys -- (iAimFP1)
DRV - [2004/08/03 12:29:38 | 00,011,775 | ---- | M] (Intel(R) Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\wADV05NT.sys -- (iAimFP2)
DRV - [2004/04/15 13:20:36 | 00,612,416 | ---- | M] (Analog Devices, Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\smwdm.sys -- (smwdm)
DRV - [2004/02/04 13:34:16 | 00,051,584 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\baspxp32.sys -- (Blfp)
DRV - [2003/10/23 06:17:10 | 00,100,384 | ---- | M] (Andrea Electronics Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\aeaudio.sys -- (aeaudio)
DRV - [2002/05/08 13:44:42 | 00,105,472 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\WINDOWS\system32\DRIVERS\adpu320.sys -- (adpu320)
DRV - [2002/04/04 01:32:06 | 00,028,416 | R--- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\WINDOWS\system32\DRIVERS\symmpi.sys -- (Symmpi)
DRV - [2001/10/24 19:16:10 | 00,036,224 | R--- | M] (LinkSys Group Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\lne100v5.sys -- (LNE100) Linksys LNE100TX(v5)
DRV - [2001/08/30 10:15:36 | 00,019,968 | ---- | M] (Handspring, Inc) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\VisorUsb.sys -- (VisorUsb)
DRV - [2001/08/17 12:56:16 | 00,007,552 | ---- | M] (Sony Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\SONYPVU1.SYS -- (SONYPVU1) Sony USB Filter Driver (SONYPVU1)
DRV - [2001/08/17 11:07:42 | 00,030,688 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\WINDOWS\system32\DRIVERS\sym_u3.sys -- (sym_u3)
DRV - [2001/08/17 11:07:40 | 00,028,384 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\WINDOWS\system32\DRIVERS\sym_hi.sys -- (sym_hi)
DRV - [2001/08/17 11:07:36 | 00,032,640 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\WINDOWS\system32\DRIVERS\symc8xx.sys -- (symc8xx)
DRV - [2001/08/17 11:07:34 | 00,016,256 | ---- | M] (Symbios Logic Inc.) [Kernel | Disabled | Stopped] -- C:\WINDOWS\system32\DRIVERS\symc810.sys -- (symc810)
DRV - [2001/08/17 02:20:04 | 00,096,256 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ac97intc.sys -- (ac97intc) Intel(r) 82801 Audio Driver Install Service (WDM)
DRV - [2001/08/17 02:12:10 | 00,117,760 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\e100b325.sys -- (E100B) Intel(R)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,CustomSearch = [You must be registered and logged in to see this link.]

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,SearchMigratedDefaultName = Yahoo! Search
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,SearchMigratedDefaultURL = [You must be registered and logged in to see this link.]
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = [You must be registered and logged in to see this link.]
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local

========== FireFox ==========

FF - prefs.js..browser.search.defaultenginename: "Yahoo! Search"
FF - prefs.js..browser.search.defaulturl: "http://www.google.com/search?lr=&ie=UTF-8&oe=UTF-8&q="
FF - prefs.js..browser.search.selectedEngine: "Yahoo! Search"
FF - prefs.js..keyword.URL: "http://us.yhs.search.yahoo.com/avg/search?fr=yhs-avgb&type=yahoo_avg_hs2-tb-web_us&p="

FF - HKLM\software\mozilla\Mozilla Firefox 3.5.7\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2010/01/20 12:31:40 | 00,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.5.7\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2010/01/20 12:31:40 | 00,000,000 | ---D | M]

[2009/01/13 11:38:39 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Application Data\Mozilla\Extensions
[2010/01/24 13:56:24 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\cldhl1pz.default\extensions
[2008/08/09 12:31:12 | 00,000,000 | ---D | M] (Yahoo! Toolbar) -- C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\cldhl1pz.default\extensions\{635abd67-4fe9-1b23-4f01-e679fa7484c1}
[2010/01/24 13:56:24 | 00,000,000 | ---D | M] -- C:\Program Files\Mozilla Firefox\extensions
[2007/05/24 20:16:01 | 00,000,000 | ---D | M] (Google Toolbar for Firefox) -- C:\Program Files\Mozilla Firefox\extensions\{3112ca9c-de6d-4884-a869-9855de68056c}
[2007/08/24 22:52:00 | 00,300,400 | ---- | M] (Symantec Corporation) -- C:\Program Files\Mozilla Firefox\components\coFFPlgn.dll
[2006/01/18 11:50:00 | 00,319,488 | ---- | M] ( ) -- C:\Program Files\Mozilla Firefox\plugins\npsnapfish.dll

O1 HOSTS File: ([2004/08/04 03:00:00 | 00,000,734 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (no name) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - No CLSID value found.
O2 - BHO: (Adobe PDF Reader Link Helper) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
O2 - BHO: (AVG Safe Search) - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG8\avgssie.dll File not found
O2 - BHO: (no name) - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files\Common Files\Symantec Shared\coShared\Browser\2.0\CoIEPlg.dll (Symantec Corporation)
O2 - BHO: (Symantec Intrusion Prevention) - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files\Common Files\Symantec Shared\IDS\IPSBHO.dll (Symantec Corporation)
O2 - BHO: (SSVHelper Class) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll (Sun Microsystems, Inc.)
O2 - BHO: (DCA BHO) - {B49699FC-1665-4414-A1CB-C4A2A4A13EEC} - C:\Program Files\Upromise\dca-bho.dll (Compete, Inc.)
O2 - BHO: (Upromise TurboSaver) - {EDC0F17F-F4B7-47e4-B73E-887FAEB376FA} - C:\Program Files\Upromise\upromisetoolbar.dll (Upromise, Inc.)
O3 - HKLM\..\Toolbar: (Upromise TurboSaver) - {06E58E5E-F8CB-4049-991E-A41C03BD419E} - C:\Program Files\Upromise\upromisetoolbar.dll (Upromise, Inc.)
O3 - HKLM\..\Toolbar: (Show Norton Toolbar) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files\Common Files\Symantec Shared\coShared\Browser\2.0\CoIEPlg.dll (Symantec Corporation)
O3 - HKLM\..\Toolbar: (no name) - {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - No CLSID value found.
O3 - HKCU\..\Toolbar\ShellBrowser: (no name) - {C4069E3A-68F1-403E-B40E-20066696354B} - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (Show Norton Toolbar) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files\Common Files\Symantec Shared\coShared\Browser\2.0\CoIEPlg.dll (Symantec Corporation)
O4 - HKLM..\Run: [AClntUsr] C:\Program Files\Aclient\AClntUsr.EXE ()
O4 - HKLM..\Run: [AppleSyncNotifier] C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleSyncNotifier.exe (Apple Inc.)
O4 - HKLM..\Run: [ArcSoft Connection Service] C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe (ArcSoft Inc.)
O4 - HKLM..\Run: [bacstray] C:\Program Files\Broadcom\BACS\BacsTray.exe (Broadcom Corporation)
O4 - HKLM..\Run: [BJCFD] C:\Program Files\BroadJump\Client Foundation\CFD.exe ()
O4 - HKLM..\Run: [ccApp] C:\Program Files\Common Files\Symantec Shared\ccApp.exe (Symantec Corporation)
O4 - HKLM..\Run: [HotKeysCmds] C:\WINDOWS\system32\hkcmd.exe (Intel Corporation)
O4 - HKLM..\Run: [IgfxTray] C:\WINDOWS\system32\igfxtray.exe (Intel Corporation)
O4 - HKLM..\Run: [IPInSightLAN 02] C:\Program Files\Visual Networks\Visual IP InSight\SBC\IPClient.exe (Visual Networks)
O4 - HKLM..\Run: [IPInSightMonitor 02] C:\Program Files\Visual Networks\Visual IP InSight\SBC\IPMon32.exe (Visual Networks)
O4 - HKLM..\Run: [iTunesHelper] C:\Program Files\iTunes\iTunesHelper.exe (Apple Inc.)
O4 - HKLM..\Run: [MAKTray] C:\WINDOWS\MAKTray.exe (Hewlett-Packard Development Company, L.P.)
O4 - HKLM..\Run: [osCheck] C:\Program Files\Norton Internet Security\osCheck.exe (Symantec Corporation)
O4 - HKLM..\Run: [PDF Complete] C:\Program Files\PDF Complete\pdfsty.exe (PDF Complete Inc)
O4 - HKLM..\Run: [QuickTime Task] C:\Program Files\QuickTime\QTTask.exe (Apple Inc.)
O4 - HKLM..\Run: [SetRefresh] C:\Program Files\Compaq\SetRefresh\SetRefresh.exe (Hewlett-Packard Company)
O4 - HKLM..\Run: [Smapp] C:\Program Files\Analog Devices\SoundMAX\SMTray.exe (Analog Devices, Inc.)
O4 - HKLM..\Run: [smss32.exe] C:\WINDOWS\system32\smss32.exe (IpVOPqgs)
O4 - HKLM..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe (Sun Microsystems, Inc.)
O4 - HKCU..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe File not found
O4 - HKCU..\Run: [Google Update] C:\Documents and Settings\Administrator\Local Settings\Application Data\Google\Update\GoogleUpdate.exe (Google Inc.)
O4 - HKCU..\Run: [Internet Security 2010] C:\Program Files\InternetSecurity2010\IS2010.exe (Internet Security)
O4 - HKCU..\Run: [Reminder] C:\Program Files\Microsoft Money\System\REMINDER.EXE (Microsoft Corporation)
O4 - HKCU..\Run: [updateMgr] C:\Program Files\Adobe\Acrobat 7.0\Reader\AdobeUpdateManager.exe (Adobe Systems Incorporated)
O4 - HKCU..\Run: [Upromise Tray] C:\Program Files\Upromise\UpromiseTray.exe ()
O4 - HKCU..\Run: [Upromise Update] C:\Program Files\Upromise\dca-ua.exe (Compete Inc)
O4 - HKCU..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\wmpnscfg.exe (Microsoft Corporation)
O4 - HKCU..\Run: [XPAgent] C:\WINDOWS\System32\XPAgent.exe File not found
O4 - Startup: C:\Documents and Settings\Administrator\Start Menu\Programs\Startup\GoZone iSync.lnk = C:\Program Files\GoZone\GoZone_iSync.exe (Virgin HealthMiles Inc.)
O4 - Startup: C:\Documents and Settings\Administrator\Start Menu\Programs\Startup\HotSync Manager.lnk = C:\Program Files\Handspring\HOTSYNC.EXE (Palm Computing, Inc.)
O4 - Startup: C:\Documents and Settings\Administrator\Start Menu\Programs\Startup\OpenOffice.org 2.2.lnk = C:\Program Files\OpenOffice.org 2.2\program\quickstart.exe ()
O4 - Startup: C:\Documents and Settings\Administrator\Start Menu\Programs\Startup\Picture Motion Browser Media Check Tool.lnk = C:\Program Files\Sony\Sony Picture Utility\VolumeWatcher\SPUVolumeWatcher.exe (Sony Corporation)
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe (Adobe Systems Incorporated)
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\ImageMixer for HDD Camcorder.lnk = C:\Program Files\PIXELA\ImageMixer for HDD Camcorder\IMx3Launcher.exe (PIXELA CORPORATION)
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Kodak EasyShare software.lnk = C:\Program Files\Kodak\Kodak EasyShare software\bin\EasyShare.exe (Eastman Kodak Company)
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Microsoft Find Fast.lnk = C:\Program Files\Microsoft Office\FINDFAST.EXE ()
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office\OSA9.EXE (Microsoft Corporation)
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Office Startup.lnk = C:\Program Files\Microsoft Office\OSA.EXE ()
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Philips GoGear VIBE Device Manager.lnk = C:\Program Files\Philips\GoGear VIBE Device Manager\GoGear_Vibe_DeviceManager.exe (Philips)
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Snapfish PictureMover.lnk = C:\Program Files\Snapfish PictureMover\PictureMover.exe ()
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoSetActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoSetActiveDesktop = 1
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableTaskMgr = 1
O8 - Extra context menu item: Add to Google Photos Screensa&ver - C:\WINDOWS\System32\GPhotos.scr (Google Inc.)
O9 - Extra Button: Upromise TurboSaver - {06E58E5E-F8CB-4049-991E-A41C03BD419E} - C:\Program Files\Upromise\upromisetoolbar.dll (Upromise, Inc.)
O9 - Extra 'Tools' menuitem : Upromise TurboSaver - {06E58E5E-F8CB-4049-991E-A41C03BD419E} - C:\Program Files\Upromise\upromisetoolbar.dll (Upromise, Inc.)
O9 - Extra 'Tools' menuitem : Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\npjpi160_07.dll (Sun Microsystems, Inc.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O10 - Protocol_Catalog9\Catalog_Entries\000000000001 - C:\WINDOWS\System32\helper32.dll ()
O10 - Protocol_Catalog9\Catalog_Entries\000000000019 - C:\WINDOWS\System32\helper32.dll ()
O15 - HKLM\..Trusted Domains: 1 domain(s) and sub-domain(s) not assigned to a zone.
O15 - HKCU\..Trusted Domains: e-rewards.com ([www] https in Trusted sites)
O15 - HKCU\..Trusted Domains: turbotax.com ([]https in Trusted sites)
O15 - HKCU\..Trusted Domains: 1 domain(s) and sub-domain(s) not assigned to a zone.
O16 - DPF: {0C92900E-4D5A-4F04-ACC9-729E1767BBAE} [You must be registered and logged in to see this link.] (Image Uploader Control)
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} [You must be registered and logged in to see this link.] (Windows Genuine Advantage Validation Tool)
O16 - DPF: {1E2941E3-8E63-11D4-9D5A-00902742D6E0} [You must be registered and logged in to see this link.] (iNotes Class)
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} C:\Program Files\Yahoo!\Common\Yinsthelper.dll (Installation Support)
O16 - DPF: {3BFFE033-BF43-11D5-A271-00A024A51325} [You must be registered and logged in to see this link.] (iNotes6 Class)
O16 - DPF: {406B5949-7190-4245-91A9-30A17DE16AD0} [You must be registered and logged in to see this link.] (Snapfish Activia)
O16 - DPF: {895D1291-D5BD-4982-BA84-AD11D29C1D6A} [You must be registered and logged in to see this link.] (Image Uploader Control)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} [You must be registered and logged in to see this link.] (Java Plug-in 1.6.0_07)
O16 - DPF: {9600F64D-755F-11D4-A47F-0001023E6D5A} [You must be registered and logged in to see this link.] (Shutterfly Picture Upload Plugin)
O16 - DPF: {AE6C4705-0F11-4ACB-BDD4-37F138BEF289} [You must be registered and logged in to see this link.] (Image Uploader Control)
O16 - DPF: {CAFEEFAC-0015-0000-0000-ABCDEFFEDCBA} [You must be registered and logged in to see this link.] (Java Plug-in 1.5.0)
O16 - DPF: {CAFEEFAC-0016-0000-0000-ABCDEFFEDCBA} [You must be registered and logged in to see this link.] (Java Plug-in 1.6.0)
O16 - DPF: {CAFEEFAC-0016-0000-0001-ABCDEFFEDCBA} [You must be registered and logged in to see this link.] (Java Plug-in 1.6.0_01)
O16 - DPF: {CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA} [You must be registered and logged in to see this link.] (Java Plug-in 1.6.0_07)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} [You must be registered and logged in to see this link.] (Java Plug-in 1.6.0_07)
O16 - DPF: {CF40ACC5-E1BB-4AFF-AC72-04C2F616BCA7} [You must be registered and logged in to see this link.] (get_atlcom Class)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} [You must be registered and logged in to see this link.] (Shockwave Flash Object)
O16 - DPF: {F127B9BA-89EA-4B04-9C67-2074A9DF61FD} [You must be registered and logged in to see this link.] (Photo Upload Plugin Class)
O16 - DPF: Microsoft XML Parser for Java [You must be registered and logged in to see this link.] (Reg Error: Key error.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 68.94.156.1 68.94.157.1
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\WINDOWS\system32\winlogon32.exe) - C:\WINDOWS\system32\winlogon32.exe (IpVOPqgs)
O20 - Winlogon\Notify\igfxcui: DllName - igfxsrvc.dll - C:\WINDOWS\System32\igfxsrvc.dll (Intel Corporation)
O24 - Desktop WallPaper:
O24 - Desktop BackupWallPaper: C:\Documents and Settings\Administrator\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O32 - HKLM CDRom: AutoRun - 1
O33 - MountPoints2\{37ceba36-8d7a-11dc-bc87-000c41f04185}\Shell\AutoRun\command - "" = F:\JDSecure\Windows\JDSecure31.exe -- File not found
O33 - MountPoints2\{fdd7fc96-e9db-11de-be7c-000c41f04185}\Shell - "" = AutoRun
O33 - MountPoints2\{fdd7fc96-e9db-11de-be7c-000c41f04185}\Shell\AutoRun - "" = Auto&Play
O33 - MountPoints2\{fdd7fc96-e9db-11de-be7c-000c41f04185}\Shell\AutoRun\command - "" = G:\PhotoViewer.exe -- File not found
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35 - comfile [open] -- "%1" %*
O35 - exefile [open] -- "%1" %*

========== Files/Folders - Created Within 30 Days ==========

[2010/01/24 10:20:09 | 00,000,000 | ---D | C] -- C:\Program Files\TrendMicro
[2010/01/24 09:49:54 | 00,000,000 | ---D | C] -- C:\Program Files\InternetSecurity2010
[2010/01/23 22:08:56 | 00,000,000 | ---D | M] -- C:\Documents and Settings\NetworkService\Local Settings\Application Data\Microsoft
[2010/01/23 22:08:56 | 00,000,000 | ---D | M] -- C:\Documents and Settings\LocalService\Local Settings\Application Data\Microsoft
[2010/01/23 22:08:55 | 00,000,000 | --SD | M] -- C:\Documents and Settings\NetworkService\Application Data\Microsoft
[2010/01/23 22:08:55 | 00,000,000 | --SD | M] -- C:\Documents and Settings\LocalService\Application Data\Microsoft
[2010/01/23 18:13:34 | 00,020,480 | ---- | C] (IpVOPqgs) -- C:\WINDOWS\System32\winlogon32.exe
[2010/01/23 18:13:34 | 00,020,480 | ---- | C] (IpVOPqgs) -- C:\WINDOWS\System32\smss32.exe
[2010/01/12 19:12:18 | 00,471,552 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\aclayers.dll
[2009/12/30 19:47:29 | 00,005,504 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mstee.sys
[2009/12/30 19:44:38 | 00,010,880 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ndisip.sys
[2009/12/30 19:44:28 | 00,015,232 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\streamip.sys
[2009/12/30 19:44:27 | 00,016,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\ipsink.ax
[2009/12/30 19:44:27 | 00,016,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ipsink.ax
[2009/12/30 19:44:21 | 00,011,136 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\slip.sys
[2009/12/30 19:44:14 | 00,019,200 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wstcodec.sys
[2009/12/30 19:44:09 | 00,085,248 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\nabtsfec.sys
[2009/12/30 19:44:03 | 00,017,024 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ccdecode.sys
[2009/12/30 19:43:24 | 00,053,760 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\vfwwdm32.dll
[2009/12/30 19:43:24 | 00,053,760 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\vfwwdm32.dll
[2009/12/30 19:43:24 | 00,043,008 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\ksxbar.ax
[2009/12/30 19:43:24 | 00,043,008 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ksxbar.ax
[2009/12/30 19:43:23 | 00,091,136 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kswdmcap.ax
[2009/12/30 19:43:23 | 00,091,136 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kswdmcap.ax
[2009/12/30 19:43:23 | 00,061,952 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kstvtune.ax
[2009/12/30 19:43:23 | 00,061,952 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kstvtune.ax
[2009/12/30 19:42:43 | 00,037,760 | ---- | C] (Service & Quality Technology.) -- C:\WINDOWS\System32\drivers\Capt905c.sys
[2009/12/30 19:42:43 | 00,025,216 | ---- | C] (Service & Quality Technology.) -- C:\WINDOWS\System32\drivers\Camd905c.sys
[2009/12/30 19:42:37 | 00,000,000 | ---D | C] -- C:\Program Files\DB CIF Cam
[2009/12/30 19:41:30 | 00,000,000 | ---D | C] -- C:\Program Files\Disney Pix Micro Downloader
[2009/12/30 18:57:52 | 00,000,000 | ---D | C] -- C:\Program Files\Disney Pix 2.2
[2009/12/27 14:17:06 | 00,000,000 | ---D | C] -- C:\Program Files\Common Files\Wise Installation Wizard
[2008/12/05 14:35:07 | 00,000,000 | ---D | M] -- C:\Documents and Settings\LocalService\Local Settings\Application Data\Google
[2007/08/28 13:55:02 | 00,000,000 | ---D | M] -- C:\Documents and Settings\NetworkService\Local Settings\Application Data\Apple
[2005/11/22 21:38:06 | 20,921,040 | ---- | C] ( ) -- C:\Program Files\AdbeRdr705_enu_full.exe
[2005/09/12 20:21:12 | 00,000,000 | ---D | M] -- C:\Documents and Settings\NetworkService\Application Data\Symantec
[4 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
[1 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2010/01/24 20:14:21 | 00,000,000 | ---- | M] () -- C:\WINDOWS\System32\41.exe
[2010/01/24 20:14:17 | 00,002,931 | ---- | M] () -- C:\WINDOWS\System32\warning.html
[2010/01/24 20:14:01 | 00,001,158 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2010/01/24 20:13:30 | 00,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2010/01/24 20:12:19 | 00,000,006 | -H-- | M] () -- C:\WINDOWS\tasks\SA.DAT
[2010/01/24 20:10:49 | 04,718,592 | -H-- | M] () -- C:\Documents and Settings\Administrator\ntuser.dat
[2010/01/24 20:10:49 | 00,000,178 | -HS- | M] () -- C:\Documents and Settings\Administrator\ntuser.ini
[2010/01/24 20:07:17 | 00,001,010 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-421591467-158189010-1035158585-500UA.job
[2010/01/24 20:06:52 | 00,000,631 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\ImageMixer destination folder.lnk
[2010/01/24 20:04:21 | 00,001,280 | ---- | M] () -- C:\AClient.cfg
[2010/01/24 18:15:54 | 00,000,438 | -H-- | M] () -- C:\WINDOWS\tasks\User_Feed_Synchronization-{A599B464-9115-4E09-AE36-54CBFCC55CA5}.job
[2010/01/24 14:32:59 | 00,000,000 | ---- | M] () -- C:\WINDOWS\System32\19169.exe
[2010/01/24 14:24:32 | 00,039,363 | ---- | M] () -- C:\Documents and Settings\Administrator\My Documents\10ALAuction.ods
[2010/01/24 14:24:24 | 00,043,442 | ---- | M] () -- C:\Documents and Settings\Administrator\My Documents\10NLAuction.ods
[2010/01/24 14:12:58 | 00,000,000 | ---- | M] () -- C:\WINDOWS\System32\26500.exe
[2010/01/24 13:52:58 | 00,000,000 | ---- | M] () -- C:\WINDOWS\System32\6334.exe
[2010/01/24 13:32:58 | 00,000,000 | ---- | M] () -- C:\WINDOWS\System32\18467.exe
[2010/01/24 10:03:24 | 03,952,746 | -H-- | M] () -- C:\Documents and Settings\Administrator\Local Settings\Application Data\IconCache.db
[2010/01/23 22:00:35 | 00,000,000 | ---- | M] () -- C:\WINDOWS\System32\28145.exe
[2010/01/23 21:40:25 | 00,000,000 | ---- | M] () -- C:\WINDOWS\System32\5705.exe
[2010/01/23 21:20:16 | 00,000,000 | ---- | M] () -- C:\WINDOWS\System32\24464.exe
[2010/01/23 21:00:12 | 00,000,000 | ---- | M] () -- C:\WINDOWS\System32\26962.exe
[2010/01/23 20:39:47 | 00,000,000 | ---- | M] () -- C:\WINDOWS\System32\29358.exe
[2010/01/23 20:26:07 | 00,004,806 | -H-- | M] () -- C:\ffastun.ffa
[2010/01/23 20:26:06 | 00,315,392 | -H-- | M] () -- C:\ffastun.ffo
[2010/01/23 20:25:58 | 02,797,568 | -H-- | M] () -- C:\ffastun0.ffx
[2010/01/23 20:25:58 | 01,671,168 | -H-- | M] () -- C:\ffastun.ffl
[2010/01/23 20:19:32 | 00,000,000 | ---- | M] () -- C:\WINDOWS\System32\11478.exe
[2010/01/23 19:59:31 | 00,000,000 | ---- | M] () -- C:\WINDOWS\System32\15724.exe
[2010/01/23 18:18:47 | 00,018,432 | ---- | M] () -- C:\WINDOWS\System32\helper32.dll
[2010/01/23 18:13:36 | 00,000,001 | ---- | M] () -- C:\s
[2010/01/23 18:13:31 | 00,020,480 | ---- | M] (IpVOPqgs) -- C:\WINDOWS\System32\winlogon32.exe
[2010/01/23 18:13:31 | 00,020,480 | ---- | M] (IpVOPqgs) -- C:\WINDOWS\System32\smss32.exe
[2010/01/22 23:14:27 | 00,026,624 | ---- | M] () -- C:\Documents and Settings\Administrator\My Documents\012210lnnchoop.doc
[2010/01/22 22:16:52 | 00,002,473 | ---- | M] () -- C:\Documents and Settings\Administrator\Desktop\Microsoft Word.lnk
[2010/01/21 19:15:40 | 00,002,137 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\iTunes.lnk
[2010/01/19 08:07:33 | 00,000,638 | ---- | M] () -- C:\WINDOWS\tasks\Norton Internet Security - Run Full System Scan - Administrator.job
[2010/01/19 04:07:04 | 00,000,958 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-421591467-158189010-1035158585-500Core.job
[2010/01/13 03:07:50 | 00,001,374 | ---- | M] () -- C:\WINDOWS\imsins.BAK
[2010/01/11 12:12:41 | 00,000,284 | ---- | M] () -- C:\WINDOWS\tasks\AppleSoftwareUpdate.job
[2009/12/30 19:42:45 | 00,000,531 | ---- | M] () -- C:\WINDOWS\win.ini
[2009/12/30 19:41:57 | 00,000,949 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Disney Pix Micro Downloader.lnk
[2009/12/30 19:01:07 | 00,000,734 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Disney Pix 2.lnk
[4 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
[1 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]

========== Files Created - No Company Name ==========

[2010/01/24 20:14:17 | 00,002,931 | ---- | C] () -- C:\WINDOWS\System32\warning.html
[2010/01/24 20:06:43 | 00,000,000 | ---- | C] () -- C:\WINDOWS\System32\41.exe
[2010/01/23 22:00:35 | 00,000,000 | ---- | C] () -- C:\WINDOWS\System32\28145.exe
[2010/01/23 21:40:25 | 00,000,000 | ---- | C] () -- C:\WINDOWS\System32\5705.exe
[2010/01/23 21:20:16 | 00,000,000 | ---- | C] () -- C:\WINDOWS\System32\24464.exe
[2010/01/23 21:00:12 | 00,000,000 | ---- | C] () -- C:\WINDOWS\System32\26962.exe
[2010/01/23 20:39:47 | 00,000,000 | ---- | C] () -- C:\WINDOWS\System32\29358.exe
[2010/01/23 20:19:32 | 00,000,000 | ---- | C] () -- C:\WINDOWS\System32\11478.exe
[2010/01/23 19:59:31 | 00,000,000 | ---- | C] () -- C:\WINDOWS\System32\15724.exe
[2010/01/23 19:39:28 | 00,000,000 | ---- | C] () -- C:\WINDOWS\System32\19169.exe
[2010/01/23 19:19:25 | 00,000,000 | ---- | C] () -- C:\WINDOWS\System32\26500.exe
[2010/01/23 18:59:21 | 00,000,000 | ---- | C] () -- C:\WINDOWS\System32\6334.exe
[2010/01/23 18:39:18 | 00,000,000 | ---- | C] () -- C:\WINDOWS\System32\18467.exe
[2010/01/23 18:18:47 | 00,018,432 | ---- | C] () -- C:\WINDOWS\System32\helper32.dll
[2010/01/23 18:13:36 | 00,000,001 | ---- | C] () -- C:\s
[2010/01/22 22:49:17 | 00,026,624 | ---- | C] () -- C:\Documents and Settings\Administrator\My Documents\012210lnnchoop.doc
[2009/12/30 19:41:57 | 00,000,949 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Disney Pix Micro Downloader.lnk
[2009/12/30 19:01:07 | 00,000,734 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Disney Pix 2.lnk
[2009/10/10 12:47:16 | 00,000,000 | ---- | C] () -- C:\WINDOWS\OPPRIN~1.INI
[2008/09/08 18:49:25 | 00,053,760 | ---- | C] () -- C:\WINDOWS\System32\Zlib.dll
[2008/04/07 15:48:10 | 00,003,654 | ---- | C] () -- C:\WINDOWS\System32\drivers\Sonyhcp.dll
[2008/01/26 15:34:55 | 00,000,812 | ---- | C] () -- C:\WINDOWS\ka.ini
[2007/11/07 16:41:53 | 00,000,000 | ---- | C] () -- C:\WINDOWS\JDSecure31.INI
[2007/11/07 16:41:49 | 00,061,440 | ---- | C] () -- C:\WINDOWS\System32\LxrJD20Sat.dll
[2007/11/07 16:41:48 | 00,249,856 | ---- | C] () -- C:\WINDOWS\System32\LxrJD31.dll
[2007/11/07 16:41:48 | 00,069,824 | ---- | C] () -- C:\WINDOWS\System32\drivers\LxrJD31d.sys
[2007/10/03 10:19:23 | 00,000,069 | ---- | C] () -- C:\WINDOWS\NeroDigital.ini
[2006/11/06 21:34:57 | 00,001,747 | ---- | C] () -- C:\Documents and Settings\All Users\Application Data\QTSBandwidthCache
[2006/04/30 19:21:38 | 00,000,109 | ---- | C] () -- C:\WINDOWS\webica.ini
[2006/03/24 14:09:50 | 00,972,800 | ---- | C] () -- C:\Program Files\PECOTA_03_21_2006.xls
[2006/02/05 12:32:58 | 00,674,304 | ---- | C] () -- C:\Program Files\PECOTA_01_25_2006.xls
[2006/01/19 10:32:48 | 00,029,696 | ---- | C] () -- C:\Program Files\ALOF_1_.xlr
[2006/01/18 18:25:29 | 00,024,064 | ---- | C] () -- C:\Program Files\ALC.xls
[2006/01/18 18:22:47 | 00,000,893 | ---- | C] () -- C:\WINDOWS\wizards.ini
[2005/11/10 00:27:46 | 42,068,374 | ---- | C] () -- C:\Program Files\NIS06900_2YR.exe
[2005/09/25 11:29:47 | 00,007,812 | ---- | C] () -- C:\WINDOWS\System32\visorusb.dll
[2005/09/24 09:01:28 | 00,098,304 | ---- | C] () -- C:\Documents and Settings\Administrator\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2005/09/23 14:21:06 | 00,000,061 | ---- | C] () -- C:\WINDOWS\ma_Tales.ini
[2005/09/23 14:20:39 | 00,012,074 | ---- | C] () -- C:\WINDOWS\MA_BB.INI
[2005/09/16 09:08:41 | 00,000,113 | ---- | C] () -- C:\WINDOWS\WININIT.INI
[2005/09/13 01:27:13 | 00,000,063 | ---- | C] () -- C:\WINDOWS\mdm.ini
[2005/09/13 01:00:22 | 00,000,376 | ---- | C] () -- C:\WINDOWS\ODBC.INI
[2005/09/12 20:58:01 | 00,040,960 | ---- | C] () -- C:\WINDOWS\System32\IsUser11b.dll
[2005/09/08 22:06:04 | 00,065,536 | ---- | C] () -- C:\WINDOWS\System32\YCRWin32.dll
[2005/08/31 11:43:32 | 00,098,304 | ---- | C] () -- C:\WINDOWS\System32\resourceGeneric.dll
[2005/08/03 13:01:23 | 00,000,061 | ---- | C] () -- C:\WINDOWS\smscfg.ini
[2005/08/03 12:53:02 | 00,049,152 | ---- | C] () -- C:\WINDOWS\EAKUSB.dll
[2005/08/03 12:53:02 | 00,024,576 | ---- | C] () -- C:\WINDOWS\MAKHkdll.dll
[2005/08/03 12:51:10 | 00,000,044 | ---- | C] () -- C:\WINDOWS\System32\msssc.dll
[2003/07/14 14:30:28 | 00,197,120 | ---- | C] () -- C:\WINDOWS\patchw32.dll
[2002/05/08 04:12:22 | 00,001,065 | ---- | C] () -- C:\WINDOWS\System32\oeminfo.ini
[1998/05/14 00:00:00 | 00,116,736 | ---- | C] () -- C:\WINDOWS\System32\PCDLIB32.DLL
[1997/11/10 15:18:48 | 00,010,240 | ---- | C] () -- C:\WINDOWS\System32\vidx16.dll
[1997/08/19 00:00:00 | 00,022,016 | ---- | C] () -- C:\WINDOWS\System32\DOCOBJ.DLL
[1997/08/19 00:00:00 | 00,012,288 | ---- | C] () -- C:\WINDOWS\System32\HLINKPRX.DLL

< End of report >
SRV - File not found [Disabled | Stopped] -- -- (NMIndexingService)
SRV - File not found [Auto | Stopped] -- -- ($sys$DRMServer)
SRV - [2009/10/28 20:21:14 | 00,545,568 | ---- | M] (Apple Inc.) [On_Demand | Stopped] -- C:\Program Files\iPod\bin\iPodService.exe -- (iPod Service)
SRV - [2009/09/28 08:42:50 | 00,109,056 | ---- | M] (ArcSoft Inc.) [Auto | Stopped] -- C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACService.exe -- (ACDaemon)
SRV - [2009/06/05 10:48:14 | 00,144,712 | ---- | M] (Apple Inc.) [Auto | Stopped] -- C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe -- (Apple Mobile Device)
SRV - [2008/12/12 11:17:38 | 00,238,888 | ---- | M] (Apple Inc.) [Auto | Stopped] -- C:\Program Files\Bonjour\mDNSResponder.exe -- (Bonjour Service)
SRV - [2008/10/17 14:52:10 | 00,149,352 | ---- | M] (Symantec Corporation) [Auto | Stopped] -- C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe -- (LiveUpdate Notice)
SRV - [2008/10/17 14:52:10 | 00,149,352 | ---- | M] (Symantec Corporation) [Auto | Stopped] -- C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe -- (CLTNetCnService)
SRV - [2008/10/17 14:52:10 | 00,149,352 | ---- | M] (Symantec Corporation) [Auto | Stopped] -- C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe -- (ccSetMgr)
SRV - [2008/10/17 14:52:10 | 00,149,352 | ---- | M] (Symantec Corporation) [Auto | Stopped] -- C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe -- (ccEvtMgr)
SRV - [2008/10/10 05:45:26 | 00,013,088 | ---- | M] (Intuit Inc.) [Auto | Stopped] -- C:\Program Files\Common Files\Intuit\Update Service\IntuitUpdateService.exe -- (IntuitUpdateService)
SRV - [2008/01/23 15:59:05 | 01,251,720 | ---- | M] () [On_Demand | Stopped] -- C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe -- (Symantec Core LC)
SRV - [2007/11/07 16:41:48 | 00,071,168 | ---- | M] () [Auto | Stopped] -- C:\WINDOWS\System32\LxrJD31s.exe -- (LxrJD31s)
SRV - [2007/08/31 10:49:50 | 00,243,064 | ---- | M] (Symantec Corporation) [Auto | Stopped] -- C:\Program Files\Symantec\LiveUpdate\AluSchedulerSvc.exe -- (Automatic LiveUpdate Scheduler)
SRV - [2007/08/23 15:35:22 | 03,192,184 | ---- | M] (Symantec Corporation) [On_Demand | Stopped] -- C:\Program Files\Symantec\LiveUpdate\LuComServer_3_4.EXE -- (LiveUpdate)
SRV - [2007/08/22 02:21:30 | 00,055,640 | ---- | M] (Symantec Corporation) [On_Demand | Stopped] -- C:\Program Files\Common Files\Symantec Shared\VAScanner\comHost.exe -- (comHost)
SRV - [2007/01/03 20:40:21 | 00,136,120 | ---- | M] (Google) [On_Demand | Stopped] -- C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe -- (gusvc)
SRV - [2004/10/07 09:42:57 | 00,167,936 | ---- | M] () [Auto | Stopped] -- C:\WINDOWS\CDProxyServ.exe -- (CD_Proxy)
SRV - [2004/08/23 08:31:34 | 04,845,644 | ---- | M] (Altiris, Inc.) [Auto | Stopped] -- C:\Program Files\Aclient\AClient.exe -- (AClient)
SRV - [2002/09/20 17:50:10 | 00,045,056 | ---- | M] (Analog Devices, Inc.) [Auto | Stopped] -- C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe -- (SoundMAX Agent Service (default))


========== Driver Services (SafeList) ==========

DRV - [2009/11/19 22:02:58 | 00,268,664 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Stopped] -- C:\Program Files\Common Files\Symantec Shared\SymcData\ipsdefs\20100119.001\SymIDSCo.sys -- (SYMIDSCO)
DRV - [2009/08/28 18:42:52 | 00,040,448 | ---- | M] (Apple, Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\usbaapl.sys -- (USBAAPL)
DRV - [2009/08/27 03:00:00 | 00,371,248 | ---- | M] (Symantec Corporation) [Kernel | System | Stopped] -- C:\Program Files\Common Files\Symantec Shared\EENGINE\eeCtrl.sys -- (eeCtrl)
DRV - [2009/08/27 03:00:00 | 00,102,448 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Stopped] -- C:\Program Files\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys -- (EraserUtilRebootDrv)

nstnewell
Novice
Novice

Posts Posts : 11
Joined Joined : 2010-01-24
OS OS : Windows XP
Points Points : 25233
# Likes # Likes : 0

View user profile

Back to top Go down

Re: Internet Security 2010

Post by nstnewell on Mon Jan 25, 2010 1:59 am

Part 8 (final part of pop up)


DRV - [2009/08/25 03:00:00 | 01,323,568 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Stopped] -- C:\Program Files\Common Files\Symantec Shared\VirusDefs\20100123.003\NAVEX15.SYS -- (NAVEX15)
DRV - [2009/08/25 03:00:00 | 00,084,912 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Stopped] -- C:\Program Files\Common Files\Symantec Shared\VirusDefs\20100123.003\NAVENG.SYS -- (NAVENG)
DRV - [2009/05/18 13:17:00 | 00,026,600 | ---- | M] (GEAR Software Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\GEARAspiWDM.sys -- (GEARAspiWDM)
DRV - [2009/02/19 11:31:42 | 00,031,280 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\SymIM.sys -- (SymIMMP)
DRV - [2009/02/19 11:31:42 | 00,031,280 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\SymIM.sys -- (SymIM)
DRV - [2009/02/19 11:31:16 | 00,184,496 | ---- | M] (Symantec Corporation) [Kernel | System | Stopped] -- C:\WINDOWS\System32\Drivers\SYMTDI.SYS -- (SYMTDI)
DRV - [2009/02/19 11:31:16 | 00,096,560 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\System32\Drivers\SYMFW.SYS -- (SYMFW)
DRV - [2009/02/19 11:31:16 | 00,038,576 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\System32\Drivers\SYMIDS.SYS -- (SYMIDS)
DRV - [2009/02/19 11:31:16 | 00,037,424 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\System32\Drivers\SYMNDIS.SYS -- (SYMNDIS)
DRV - [2009/02/19 11:31:16 | 00,022,320 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\System32\Drivers\SYMREDRV.SYS -- (SYMREDRV)
DRV - [2009/02/19 11:31:16 | 00,013,616 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\System32\Drivers\SYMDNS.SYS -- (SYMDNS)
DRV - [2009/01/09 09:54:07 | 00,124,464 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\SYMEVENT.SYS -- (SymEvent)
DRV - [2008/11/20 14:19:06 | 00,043,872 | ---- | M] (Sonic Solutions) [Kernel | Boot | Running] -- C:\WINDOWS\System32\Drivers\PxHelp20.sys -- (PxHelp20)
DRV - [2008/09/05 13:31:42 | 00,447,024 | ---- | M] (Symantec Corporation) [Kernel | System | Stopped] -- C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCDrv.sys -- (SPBBCDrv)
DRV - [2008/07/30 16:42:12 | 00,023,888 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\COH_Mon.sys -- (COH_Mon)
DRV - [2007/11/30 23:57:12 | 00,317,616 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\srtspl.sys -- (SRTSPL)
DRV - [2007/11/30 23:57:12 | 00,279,088 | ---- | M] (Symantec Corporation) [File_System | System | Stopped] -- C:\WINDOWS\system32\drivers\srtsp.sys -- (SRTSP)
DRV - [2007/11/30 23:57:12 | 00,043,696 | ---- | M] (Symantec Corporation) [Kernel | System | Stopped] -- C:\WINDOWS\system32\drivers\srtspx.sys -- (SRTSPX)
DRV - [2007/11/13 05:25:53 | 00,020,480 | ---- | M] (Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\secdrv.sys -- (Secdrv)
DRV - [2007/11/07 16:41:48 | 00,069,824 | ---- | M] () [Kernel | Auto | Stopped] -- C:\WINDOWS\system32\drivers\LxrJD31d.sys -- (LxrJD31d)
DRV - [2007/08/08 18:39:56 | 00,036,056 | ---- | M] (Symantec Corporation) [Kernel | Auto | Stopped] -- C:\WINDOWS\system32\drivers\CO_Mon.sys -- (CO_Mon)
DRV - [2007/05/18 11:41:30 | 00,037,760 | ---- | M] (Service & Quality Technology.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\Capt905c.sys -- (SQTECH905C)
DRV - [2005/11/10 00:34:45 | 00,010,344 | ---- | M] (Symantec Corporation) [Kernel | Auto | Stopped] -- C:\WINDOWS\system32\drivers\symlcbrd.sys -- (symlcbrd)
DRV - [2005/07/04 07:52:50 | 00,018,432 | ---- | M] (First 4 Internet) [Kernel | Boot | Running] -- C:\WINDOWS\System32\Drivers\$sys$cor.sys -- ($sys$cor)
DRV - [2005/07/04 05:51:37 | 00,011,904 | ---- | M] (First 4 Internet) [Kernel | System | Running] -- C:\WINDOWS\system32\$sys$filesystem\crater.sys -- ($sys$crater)
DRV - [2005/04/21 00:33:12 | 00,112,384 | R--- | M] (NETGEAR Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\wg111v2.sys -- (RTLWUSB)
DRV - [2004/11/16 08:46:38 | 00,190,592 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\b57xp32.sys -- (b57w2k)
DRV - [2004/09/30 12:05:12 | 00,752,093 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ialmnt5.sys -- (ialm)
DRV - [2004/08/04 03:00:00 | 00,017,792 | ---- | M] (Parallel Technologies, Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ptilink.sys -- (Ptilink)
DRV - [2004/08/03 22:31:20 | 00,036,224 | ---- | M] (ADMtek Incorporated.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\an983.sys -- (AN983)
DRV - [2004/08/03 12:29:50 | 00,019,455 | ---- | M] (Intel(R) Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\wVchNTxx.sys -- (iAimFP4)
DRV - [2004/08/03 12:29:48 | 00,012,063 | ---- | M] (Intel(R) Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\wSiINTxx.sys -- (iAimFP3)
DRV - [2004/08/03 12:29:46 | 00,025,471 | ---- | M] (Intel(R) Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\wATV10nt.sys -- (iAimTV5)
DRV - [2004/08/03 12:29:46 | 00,023,615 | ---- | M] (Intel(R) Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\wCh7xxNT.sys -- (iAimTV4)
DRV - [2004/08/03 12:29:46 | 00,022,271 | ---- | M] (Intel(R) Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\wATV06nt.sys -- (iAimTV6)
DRV - [2004/08/03 12:29:44 | 00,033,599 | ---- | M] (Intel(R) Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\wATV04nt.sys -- (iAimTV3)
DRV - [2004/08/03 12:29:44 | 00,019,551 | ---- | M] (Intel(R) Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\wATV02NT.sys -- (iAimTV1)
DRV - [2004/08/03 12:29:42 | 00,029,311 | ---- | M] (Intel(R) Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\wATV01nt.sys -- (iAimTV0)
DRV - [2004/08/03 12:29:42 | 00,011,871 | ---- | M] (Intel(R) Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\wADV09NT.sys -- (iAimFP7)
DRV - [2004/08/03 12:29:40 | 00,011,807 | ---- | M] (Intel(R) Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\wADV07nt.sys -- (iAimFP5)
DRV - [2004/08/03 12:29:40 | 00,011,295 | ---- | M] (Intel(R) Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\wADV08NT.sys -- (iAimFP6)
DRV - [2004/08/03 12:29:38 | 00,161,020 | ---- | M] (Intel(R) Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\i81xnt5.sys -- (i81x)
DRV - [2004/08/03 12:29:38 | 00,012,415 | ---- | M] (Intel(R) Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\wADV01nt.sys -- (iAimFP0)
DRV - [2004/08/03 12:29:38 | 00,012,127 | ---- | M] (Intel(R) Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\wADV02NT.sys -- (iAimFP1)
DRV - [2004/08/03 12:29:38 | 00,011,775 | ---- | M] (Intel(R) Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\wADV05NT.sys -- (iAimFP2)
DRV - [2004/04/15 13:20:36 | 00,612,416 | ---- | M] (Analog Devices, Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\smwdm.sys -- (smwdm)
DRV - [2004/02/04 13:34:16 | 00,051,584 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\baspxp32.sys -- (Blfp)
DRV - [2003/10/23 06:17:10 | 00,100,384 | ---- | M] (Andrea Electronics Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\aeaudio.sys -- (aeaudio)
DRV - [2002/05/08 13:44:42 | 00,105,472 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\WINDOWS\system32\DRIVERS\adpu320.sys -- (adpu320)
DRV - [2002/04/04 01:32:06 | 00,028,416 | R--- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\WINDOWS\system32\DRIVERS\symmpi.sys -- (Symmpi)
DRV - [2001/10/24 19:16:10 | 00,036,224 | R--- | M] (LinkSys Group Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\lne100v5.sys -- (LNE100) Linksys LNE100TX(v5)
DRV - [2001/08/30 10:15:36 | 00,019,968 | ---- | M] (Handspring, Inc) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\VisorUsb.sys -- (VisorUsb)
DRV - [2001/08/17 12:56:16 | 00,007,552 | ---- | M] (Sony Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\SONYPVU1.SYS -- (SONYPVU1) Sony USB Filter Driver (SONYPVU1)
DRV - [2001/08/17 11:07:42 | 00,030,688 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\WINDOWS\system32\DRIVERS\sym_u3.sys -- (sym_u3)
DRV - [2001/08/17 11:07:40 | 00,028,384 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\WINDOWS\system32\DRIVERS\sym_hi.sys -- (sym_hi)
DRV - [2001/08/17 11:07:36 | 00,032,640 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\WINDOWS\system32\DRIVERS\symc8xx.sys -- (symc8xx)
DRV - [2001/08/17 11:07:34 | 00,016,256 | ---- | M] (Symbios Logic Inc.) [Kernel | Disabled | Stopped] -- C:\WINDOWS\system32\DRIVERS\symc810.sys -- (symc810)
DRV - [2001/08/17 02:20:04 | 00,096,256 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ac97intc.sys -- (ac97intc) Intel(r) 82801 Audio Driver Install Service (WDM)
DRV - [2001/08/17 02:12:10 | 00,117,760 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\e100b325.sys -- (E100B) Intel(R)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,CustomSearch = [You must be registered and logged in to see this link.]

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,SearchMigratedDefaultName = Yahoo! Search
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,SearchMigratedDefaultURL = [You must be registered and logged in to see this link.]
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = [You must be registered and logged in to see this link.]
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local

========== FireFox ==========

FF - prefs.js..browser.search.defaultenginename: "Yahoo! Search"
FF - prefs.js..browser.search.defaulturl: "http://www.google.com/search?lr=&ie=UTF-8&oe=UTF-8&q="
FF - prefs.js..browser.search.selectedEngine: "Yahoo! Search"
FF - prefs.js..keyword.URL: "http://us.yhs.search.yahoo.com/avg/search?fr=yhs-avgb&type=yahoo_avg_hs2-tb-web_us&p="

FF - HKLM\software\mozilla\Mozilla Firefox 3.5.7\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2010/01/20 12:31:40 | 00,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.5.7\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2010/01/20 12:31:40 | 00,000,000 | ---D | M]

[2009/01/13 11:38:39 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Application Data\Mozilla\Extensions
[2010/01/24 13:56:24 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\cldhl1pz.default\extensions
[2008/08/09 12:31:12 | 00,000,000 | ---D | M] (Yahoo! Toolbar) -- C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\cldhl1pz.default\extensions\{635abd67-4fe9-1b23-4f01-e679fa7484c1}
[2010/01/24 13:56:24 | 00,000,000 | ---D | M] -- C:\Program Files\Mozilla Firefox\extensions
[2007/05/24 20:16:01 | 00,000,000 | ---D | M] (Google Toolbar for Firefox) -- C:\Program Files\Mozilla Firefox\extensions\{3112ca9c-de6d-4884-a869-9855de68056c}
[2007/08/24 22:52:00 | 00,300,400 | ---- | M] (Symantec Corporation) -- C:\Program Files\Mozilla Firefox\components\coFFPlgn.dll
[2006/01/18 11:50:00 | 00,319,488 | ---- | M] ( ) -- C:\Program Files\Mozilla Firefox\plugins\npsnapfish.dll

O1 HOSTS File: ([2004/08/04 03:00:00 | 00,000,734 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (no name) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - No CLSID value found.
O2 - BHO: (Adobe PDF Reader Link Helper) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
O2 - BHO: (AVG Safe Search) - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG8\avgssie.dll File not found
O2 - BHO: (no name) - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files\Common Files\Symantec Shared\coShared\Browser\2.0\CoIEPlg.dll (Symantec Corporation)
O2 - BHO: (Symantec Intrusion Prevention) - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files\Common Files\Symantec Shared\IDS\IPSBHO.dll (Symantec Corporation)
O2 - BHO: (SSVHelper Class) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll (Sun Microsystems, Inc.)
O2 - BHO: (DCA BHO) - {B49699FC-1665-4414-A1CB-C4A2A4A13EEC} - C:\Program Files\Upromise\dca-bho.dll (Compete, Inc.)
O2 - BHO: (Upromise TurboSaver) - {EDC0F17F-F4B7-47e4-B73E-887FAEB376FA} - C:\Program Files\Upromise\upromisetoolbar.dll (Upromise, Inc.)
O3 - HKLM\..\Toolbar: (Upromise TurboSaver) - {06E58E5E-F8CB-4049-991E-A41C03BD419E} - C:\Program Files\Upromise\upromisetoolbar.dll (Upromise, Inc.)
O3 - HKLM\..\Toolbar: (Show Norton Toolbar) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files\Common Files\Symantec Shared\coShared\Browser\2.0\CoIEPlg.dll (Symantec Corporation)
O3 - HKLM\..\Toolbar: (no name) - {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - No CLSID value found.
O3 - HKCU\..\Toolbar\ShellBrowser: (no name) - {C4069E3A-68F1-403E-B40E-20066696354B} - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (Show Norton Toolbar) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files\Common Files\Symantec Shared\coShared\Browser\2.0\CoIEPlg.dll (Symantec Corporation)
O4 - HKLM..\Run: [AClntUsr] C:\Program Files\Aclient\AClntUsr.EXE ()
O4 - HKLM..\Run: [AppleSyncNotifier] C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleSyncNotifier.exe (Apple Inc.)
O4 - HKLM..\Run: [ArcSoft Connection Service] C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe (ArcSoft Inc.)
O4 - HKLM..\Run: [bacstray] C:\Program Files\Broadcom\BACS\BacsTray.exe (Broadcom Corporation)
O4 - HKLM..\Run: [BJCFD] C:\Program Files\BroadJump\Client Foundation\CFD.exe ()
O4 - HKLM..\Run: [ccApp] C:\Program Files\Common Files\Symantec Shared\ccApp.exe (Symantec Corporation)
O4 - HKLM..\Run: [HotKeysCmds] C:\WINDOWS\system32\hkcmd.exe (Intel Corporation)
O4 - HKLM..\Run: [IgfxTray] C:\WINDOWS\system32\igfxtray.exe (Intel Corporation)
O4 - HKLM..\Run: [IPInSightLAN 02] C:\Program Files\Visual Networks\Visual IP InSight\SBC\IPClient.exe (Visual Networks)
O4 - HKLM..\Run: [IPInSightMonitor 02] C:\Program Files\Visual Networks\Visual IP InSight\SBC\IPMon32.exe (Visual Networks)
O4 - HKLM..\Run: [iTunesHelper] C:\Program Files\iTunes\iTunesHelper.exe (Apple Inc.)
O4 - HKLM..\Run: [MAKTray] C:\WINDOWS\MAKTray.exe (Hewlett-Packard Development Company, L.P.)
O4 - HKLM..\Run: [osCheck] C:\Program Files\Norton Internet Security\osCheck.exe (Symantec Corporation)
O4 - HKLM..\Run: [PDF Complete] C:\Program Files\PDF Complete\pdfsty.exe (PDF Complete Inc)
O4 - HKLM..\Run: [QuickTime Task] C:\Program Files\QuickTime\QTTask.exe (Apple Inc.)
O4 - HKLM..\Run: [SetRefresh] C:\Program Files\Compaq\SetRefresh\SetRefresh.exe (Hewlett-Packard Company)
O4 - HKLM..\Run: [Smapp] C:\Program Files\Analog Devices\SoundMAX\SMTray.exe (Analog Devices, Inc.)
O4 - HKLM..\Run: [smss32.exe] C:\WINDOWS\system32\smss32.exe (IpVOPqgs)
O4 - HKLM..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe (Sun Microsystems, Inc.)
O4 - HKCU..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe File not found
O4 - HKCU..\Run: [Google Update] C:\Documents and Settings\Administrator\Local Settings\Application Data\Google\Update\GoogleUpdate.exe (Google Inc.)
O4 - HKCU..\Run: [Internet Security 2010] C:\Program Files\InternetSecurity2010\IS2010.exe (Internet Security)
O4 - HKCU..\Run: [Reminder] C:\Program Files\Microsoft Money\System\REMINDER.EXE (Microsoft Corporation)
O4 - HKCU..\Run: [updateMgr] C:\Program Files\Adobe\Acrobat 7.0\Reader\AdobeUpdateManager.exe (Adobe Systems Incorporated)
O4 - HKCU..\Run: [Upromise Tray] C:\Program Files\Upromise\UpromiseTray.exe ()
O4 - HKCU..\Run: [Upromise Update] C:\Program Files\Upromise\dca-ua.exe (Compete Inc)
O4 - HKCU..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\wmpnscfg.exe (Microsoft Corporation)
O4 - HKCU..\Run: [XPAgent] C:\WINDOWS\System32\XPAgent.exe File not found
O4 - Startup: C:\Documents and Settings\Administrator\Start Menu\Programs\Startup\GoZone iSync.lnk = C:\Program Files\GoZone\GoZone_iSync.exe (Virgin HealthMiles Inc.)
O4 - Startup: C:\Documents and Settings\Administrator\Start Menu\Programs\Startup\HotSync Manager.lnk = C:\Program Files\Handspring\HOTSYNC.EXE (Palm Computing, Inc.)
O4 - Startup: C:\Documents and Settings\Administrator\Start Menu\Programs\Startup\OpenOffice.org 2.2.lnk = C:\Program Files\OpenOffice.org 2.2\program\quickstart.exe ()
O4 - Startup: C:\Documents and Settings\Administrator\Start Menu\Programs\Startup\Picture Motion Browser Media Check Tool.lnk = C:\Program Files\Sony\Sony Picture Utility\VolumeWatcher\SPUVolumeWatcher.exe (Sony Corporation)
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe (Adobe Systems Incorporated)
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\ImageMixer for HDD Camcorder.lnk = C:\Program Files\PIXELA\ImageMixer for HDD Camcorder\IMx3Launcher.exe (PIXELA CORPORATION)
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Kodak EasyShare software.lnk = C:\Program Files\Kodak\Kodak EasyShare software\bin\EasyShare.exe (Eastman Kodak Company)
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Microsoft Find Fast.lnk = C:\Program Files\Microsoft Office\FINDFAST.EXE ()
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office\OSA9.EXE (Microsoft Corporation)
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Office Startup.lnk = C:\Program Files\Microsoft Office\OSA.EXE ()
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Philips GoGear VIBE Device Manager.lnk = C:\Program Files\Philips\GoGear VIBE Device Manager\GoGear_Vibe_DeviceManager.exe (Philips)
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Snapfish PictureMover.lnk = C:\Program Files\Snapfish PictureMover\PictureMover.exe ()
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoSetActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoSetActiveDesktop = 1
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableTaskMgr = 1
O8 - Extra context menu item: Add to Google Photos Screensa&ver - C:\WINDOWS\System32\GPhotos.scr (Google Inc.)
O9 - Extra Button: Upromise TurboSaver - {06E58E5E-F8CB-4049-991E-A41C03BD419E} - C:\Program Files\Upromise\upromisetoolbar.dll (Upromise, Inc.)
O9 - Extra 'Tools' menuitem : Upromise TurboSaver - {06E58E5E-F8CB-4049-991E-A41C03BD419E} - C:\Program Files\Upromise\upromisetoolbar.dll (Upromise, Inc.)
O9 - Extra 'Tools' menuitem : Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\npjpi160_07.dll (Sun Microsystems, Inc.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O10 - Protocol_Catalog9\Catalog_Entries\000000000001 - C:\WINDOWS\System32\helper32.dll ()
O10 - Protocol_Catalog9\Catalog_Entries\000000000019 - C:\WINDOWS\System32\helper32.dll ()
O15 - HKLM\..Trusted Domains: 1 domain(s) and sub-domain(s) not assigned to a zone.
O15 - HKCU\..Trusted Domains: e-rewards.com ([www] https in Trusted sites)
O15 - HKCU\..Trusted Domains: turbotax.com ([]https in Trusted sites)
O15 - HKCU\..Trusted Domains: 1 domain(s) and sub-domain(s) not assigned to a zone.
O16 - DPF: {0C92900E-4D5A-4F04-ACC9-729E1767BBAE} [You must be registered and logged in to see this link.] (Image Uploader Control)
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} [You must be registered and logged in to see this link.] (Windows Genuine Advantage Validation Tool)
O16 - DPF: {1E2941E3-8E63-11D4-9D5A-00902742D6E0} [You must be registered and logged in to see this link.] (iNotes Class)
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} C:\Program Files\Yahoo!\Common\Yinsthelper.dll (Installation Support)
O16 - DPF: {3BFFE033-BF43-11D5-A271-00A024A51325} [You must be registered and logged in to see this link.] (iNotes6 Class)
O16 - DPF: {406B5949-7190-4245-91A9-30A17DE16AD0} [You must be registered and logged in to see this link.] (Snapfish Activia)
O16 - DPF: {895D1291-D5BD-4982-BA84-AD11D29C1D6A} [You must be registered and logged in to see this link.] (Image Uploader Control)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} [You must be registered and logged in to see this link.] (Java Plug-in 1.6.0_07)
O16 - DPF: {9600F64D-755F-11D4-A47F-0001023E6D5A} [You must be registered and logged in to see this link.] (Shutterfly Picture Upload Plugin)
O16 - DPF: {AE6C4705-0F11-4ACB-BDD4-37F138BEF289} [You must be registered and logged in to see this link.] (Image Uploader Control)
O16 - DPF: {CAFEEFAC-0015-0000-0000-ABCDEFFEDCBA} [You must be registered and logged in to see this link.] (Java Plug-in 1.5.0)
O16 - DPF: {CAFEEFAC-0016-0000-0000-ABCDEFFEDCBA} [You must be registered and logged in to see this link.] (Java Plug-in 1.6.0)
O16 - DPF: {CAFEEFAC-0016-0000-0001-ABCDEFFEDCBA} [You must be registered and logged in to see this link.] (Java Plug-in 1.6.0_01)
O16 - DPF: {CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA} [You must be registered and logged in to see this link.] (Java Plug-in 1.6.0_07)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} [You must be registered and logged in to see this link.] (Java Plug-in 1.6.0_07)
O16 - DPF: {CF40ACC5-E1BB-4AFF-AC72-04C2F616BCA7} [You must be registered and logged in to see this link.] (get_atlcom Class)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} [You must be registered and logged in to see this link.] (Shockwave Flash Object)
O16 - DPF: {F127B9BA-89EA-4B04-9C67-2074A9DF61FD} [You must be registered and logged in to see this link.] (Photo Upload Plugin Class)
O16 - DPF: Microsoft XML Parser for Java [You must be registered and logged in to see this link.] (Reg Error: Key error.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 68.94.156.1 68.94.157.1
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\WINDOWS\system32\winlogon32.exe) - C:\WINDOWS\system32\winlogon32.exe (IpVOPqgs)
O20 - Winlogon\Notify\igfxcui: DllName - igfxsrvc.dll - C:\WINDOWS\System32\igfxsrvc.dll (Intel Corporation)
O24 - Desktop WallPaper:
O24 - Desktop BackupWallPaper: C:\Documents and Settings\Administrator\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O32 - HKLM CDRom: AutoRun - 1
O33 - MountPoints2\{37ceba36-8d7a-11dc-bc87-000c41f04185}\Shell\AutoRun\command - "" = F:\JDSecure\Windows\JDSecure31.exe -- File not found
O33 - MountPoints2\{fdd7fc96-e9db-11de-be7c-000c41f04185}\Shell - "" = AutoRun
O33 - MountPoints2\{fdd7fc96-e9db-11de-be7c-000c41f04185}\Shell\AutoRun - "" = Auto&Play
O33 - MountPoints2\{fdd7fc96-e9db-11de-be7c-000c41f04185}\Shell\AutoRun\command - "" = G:\PhotoViewer.exe -- File not found
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35 - comfile [open] -- "%1" %*
O35 - exefile [open] -- "%1" %*

========== Files/Folders - Created Within 30 Days ==========

[2010/01/24 10:20:09 | 00,000,000 | ---D | C] -- C:\Program Files\TrendMicro
[2010/01/24 09:49:54 | 00,000,000 | ---D | C] -- C:\Program Files\InternetSecurity2010
[2010/01/23 22:08:56 | 00,000,000 | ---D | M] -- C:\Documents and Settings\NetworkService\Local Settings\Application Data\Microsoft
[2010/01/23 22:08:56 | 00,000,000 | ---D | M] -- C:\Documents and Settings\LocalService\Local Settings\Application Data\Microsoft
[2010/01/23 22:08:55 | 00,000,000 | --SD | M] -- C:\Documents and Settings\NetworkService\Application Data\Microsoft
[2010/01/23 22:08:55 | 00,000,000 | --SD | M] -- C:\Documents and Settings\LocalService\Application Data\Microsoft
[2010/01/23 18:13:34 | 00,020,480 | ---- | C] (IpVOPqgs) -- C:\WINDOWS\System32\winlogon32.exe
[2010/01/23 18:13:34 | 00,020,480 | ---- | C] (IpVOPqgs) -- C:\WINDOWS\System32\smss32.exe
[2010/01/12 19:12:18 | 00,471,552 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\aclayers.dll
[2009/12/30 19:47:29 | 00,005,504 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mstee.sys
[2009/12/30 19:44:38 | 00,010,880 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ndisip.sys
[2009/12/30 19:44:28 | 00,015,232 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\streamip.sys
[2009/12/30 19:44:27 | 00,016,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\ipsink.ax
[2009/12/30 19:44:27 | 00,016,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ipsink.ax
[2009/12/30 19:44:21 | 00,011,136 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\slip.sys
[2009/12/30 19:44:14 | 00,019,200 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wstcodec.sys
[2009/12/30 19:44:09 | 00,085,248 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\nabtsfec.sys
[2009/12/30 19:44:03 | 00,017,024 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ccdecode.sys
[2009/12/30 19:43:24 | 00,053,760 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\vfwwdm32.dll
[2009/12/30 19:43:24 | 00,053,760 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\vfwwdm32.dll
[2009/12/30 19:43:24 | 00,043,008 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\ksxbar.ax
[2009/12/30 19:43:24 | 00,043,008 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ksxbar.ax
[2009/12/30 19:43:23 | 00,091,136 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kswdmcap.ax
[2009/12/30 19:43:23 | 00,091,136 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kswdmcap.ax
[2009/12/30 19:43:23 | 00,061,952 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kstvtune.ax
[2009/12/30 19:43:23 | 00,061,952 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kstvtune.ax
[2009/12/30 19:42:43 | 00,037,760 | ---- | C] (Service & Quality Technology.) -- C:\WINDOWS\System32\drivers\Capt905c.sys
[2009/12/30 19:42:43 | 00,025,216 | ---- | C] (Service & Quality Technology.) -- C:\WINDOWS\System32\drivers\Camd905c.sys
[2009/12/30 19:42:37 | 00,000,000 | ---D | C] -- C:\Program Files\DB CIF Cam
[2009/12/30 19:41:30 | 00,000,000 | ---D | C] -- C:\Program Files\Disney Pix Micro Downloader
[2009/12/30 18:57:52 | 00,000,000 | ---D | C] -- C:\Program Files\Disney Pix 2.2
[2009/12/27 14:17:06 | 00,000,000 | ---D | C] -- C:\Program Files\Common Files\Wise Installation Wizard
[2008/12/05 14:35:07 | 00,000,000 | ---D | M] -- C:\Documents and Settings\LocalService\Local Settings\Application Data\Google
[2007/08/28 13:55:02 | 00,000,000 | ---D | M] -- C:\Documents and Settings\NetworkService\Local Settings\Application Data\Apple
[2005/11/22 21:38:06 | 20,921,040 | ---- | C] ( ) -- C:\Program Files\AdbeRdr705_enu_full.exe
[2005/09/12 20:21:12 | 00,000,000 | ---D | M] -- C:\Documents and Settings\NetworkService\Application Data\Symantec
[4 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
[1 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2010/01/24 20:14:21 | 00,000,000 | ---- | M] () -- C:\WINDOWS\System32\41.exe
[2010/01/24 20:14:17 | 00,002,931 | ---- | M] () -- C:\WINDOWS\System32\warning.html
[2010/01/24 20:14:01 | 00,001,158 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2010/01/24 20:13:30 | 00,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2010/01/24 20:12:19 | 00,000,006 | -H-- | M] () -- C:\WINDOWS\tasks\SA.DAT
[2010/01/24 20:10:49 | 04,718,592 | -H-- | M] () -- C:\Documents and Settings\Administrator\ntuser.dat
[2010/01/24 20:10:49 | 00,000,178 | -HS- | M] () -- C:\Documents and Settings\Administrator\ntuser.ini
[2010/01/24 20:07:17 | 00,001,010 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-421591467-158189010-1035158585-500UA.job
[2010/01/24 20:06:52 | 00,000,631 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\ImageMixer destination folder.lnk
[2010/01/24 20:04:21 | 00,001,280 | ---- | M] () -- C:\AClient.cfg
[2010/01/24 18:15:54 | 00,000,438 | -H-- | M] () -- C:\WINDOWS\tasks\User_Feed_Synchronization-{A599B464-9115-4E09-AE36-54CBFCC55CA5}.job
[2010/01/24 14:32:59 | 00,000,000 | ---- | M] () -- C:\WINDOWS\System32\19169.exe
[2010/01/24 14:24:32 | 00,039,363 | ---- | M] () -- C:\Documents and Settings\Administrator\My Documents\10ALAuction.ods
[2010/01/24 14:24:24 | 00,043,442 | ---- | M] () -- C:\Documents and Settings\Administrator\My Documents\10NLAuction.ods
[2010/01/24 14:12:58 | 00,000,000 | ---- | M] () -- C:\WINDOWS\System32\26500.exe
[2010/01/24 13:52:58 | 00,000,000 | ---- | M] () -- C:\WINDOWS\System32\6334.exe
[2010/01/24 13:32:58 | 00,000,000 | ---- | M] () -- C:\WINDOWS\System32\18467.exe
[2010/01/24 10:03:24 | 03,952,746 | -H-- | M] () -- C:\Documents and Settings\Administrator\Local Settings\Application Data\IconCache.db
[2010/01/23 22:00:35 | 00,000,000 | ---- | M] () -- C:\WINDOWS\System32\28145.exe
[2010/01/23 21:40:25 | 00,000,000 | ---- | M] () -- C:\WINDOWS\System32\5705.exe
[2010/01/23 21:20:16 | 00,000,000 | ---- | M] () -- C:\WINDOWS\System32\24464.exe
[2010/01/23 21:00:12 | 00,000,000 | ---- | M] () -- C:\WINDOWS\System32\26962.exe
[2010/01/23 20:39:47 | 00,000,000 | ---- | M] () -- C:\WINDOWS\System32\29358.exe
[2010/01/23 20:26:07 | 00,004,806 | -H-- | M] () -- C:\ffastun.ffa
[2010/01/23 20:26:06 | 00,315,392 | -H-- | M] () -- C:\ffastun.ffo
[2010/01/23 20:25:58 | 02,797,568 | -H-- | M] () -- C:\ffastun0.ffx
[2010/01/23 20:25:58 | 01,671,168 | -H-- | M] () -- C:\ffastun.ffl
[2010/01/23 20:19:32 | 00,000,000 | ---- | M] () -- C:\WINDOWS\System32\11478.exe
[2010/01/23 19:59:31 | 00,000,000 | ---- | M] () -- C:\WINDOWS\System32\15724.exe
[2010/01/23 18:18:47 | 00,018,432 | ---- | M] () -- C:\WINDOWS\System32\helper32.dll
[2010/01/23 18:13:36 | 00,000,001 | ---- | M] () -- C:\s
[2010/01/23 18:13:31 | 00,020,480 | ---- | M] (IpVOPqgs) -- C:\WINDOWS\System32\winlogon32.exe
[2010/01/23 18:13:31 | 00,020,480 | ---- | M] (IpVOPqgs) -- C:\WINDOWS\System32\smss32.exe
[2010/01/22 23:14:27 | 00,026,624 | ---- | M] () -- C:\Documents and Settings\Administrator\My Documents\012210lnnchoop.doc
[2010/01/22 22:16:52 | 00,002,473 | ---- | M] () -- C:\Documents and Settings\Administrator\Desktop\Microsoft Word.lnk
[2010/01/21 19:15:40 | 00,002,137 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\iTunes.lnk
[2010/01/19 08:07:33 | 00,000,638 | ---- | M] () -- C:\WINDOWS\tasks\Norton Internet Security - Run Full System Scan - Administrator.job
[2010/01/19 04:07:04 | 00,000,958 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-421591467-158189010-1035158585-500Core.job
[2010/01/13 03:07:50 | 00,001,374 | ---- | M] () -- C:\WINDOWS\imsins.BAK
[2010/01/11 12:12:41 | 00,000,284 | ---- | M] () -- C:\WINDOWS\tasks\AppleSoftwareUpdate.job
[2009/12/30 19:42:45 | 00,000,531 | ---- | M] () -- C:\WINDOWS\win.ini
[2009/12/30 19:41:57 | 00,000,949 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Disney Pix Micro Downloader.lnk
[2009/12/30 19:01:07 | 00,000,734 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Disney Pix 2.lnk
[4 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
[1 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]

========== Files Created - No Company Name ==========

[2010/01/24 20:14:17 | 00,002,931 | ---- | C] () -- C:\WINDOWS\System32\warning.html
[2010/01/24 20:06:43 | 00,000,000 | ---- | C] () -- C:\WINDOWS\System32\41.exe
[2010/01/23 22:00:35 | 00,000,000 | ---- | C] () -- C:\WINDOWS\System32\28145.exe
[2010/01/23 21:40:25 | 00,000,000 | ---- | C] () -- C:\WINDOWS\System32\5705.exe
[2010/01/23 21:20:16 | 00,000,000 | ---- | C] () -- C:\WINDOWS\System32\24464.exe
[2010/01/23 21:00:12 | 00,000,000 | ---- | C] () -- C:\WINDOWS\System32\26962.exe
[2010/01/23 20:39:47 | 00,000,000 | ---- | C] () -- C:\WINDOWS\System32\29358.exe
[2010/01/23 20:19:32 | 00,000,000 | ---- | C] () -- C:\WINDOWS\System32\11478.exe
[2010/01/23 19:59:31 | 00,000,000 | ---- | C] () -- C:\WINDOWS\System32\15724.exe
[2010/01/23 19:39:28 | 00,000,000 | ---- | C] () -- C:\WINDOWS\System32\19169.exe
[2010/01/23 19:19:25 | 00,000,000 | ---- | C] () -- C:\WINDOWS\System32\26500.exe
[2010/01/23 18:59:21 | 00,000,000 | ---- | C] () -- C:\WINDOWS\System32\6334.exe
[2010/01/23 18:39:18 | 00,000,000 | ---- | C] () -- C:\WINDOWS\System32\18467.exe
[2010/01/23 18:18:47 | 00,018,432 | ---- | C] () -- C:\WINDOWS\System32\helper32.dll
[2010/01/23 18:13:36 | 00,000,001 | ---- | C] () -- C:\s
[2010/01/22 22:49:17 | 00,026,624 | ---- | C] () -- C:\Documents and Settings\Administrator\My Documents\012210lnnchoop.doc
[2009/12/30 19:41:57 | 00,000,949 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Disney Pix Micro Downloader.lnk
[2009/12/30 19:01:07 | 00,000,734 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Disney Pix 2.lnk
[2009/10/10 12:47:16 | 00,000,000 | ---- | C] () -- C:\WINDOWS\OPPRIN~1.INI
[2008/09/08 18:49:25 | 00,053,760 | ---- | C] () -- C:\WINDOWS\System32\Zlib.dll
[2008/04/07 15:48:10 | 00,003,654 | ---- | C] () -- C:\WINDOWS\System32\drivers\Sonyhcp.dll
[2008/01/26 15:34:55 | 00,000,812 | ---- | C] () -- C:\WINDOWS\ka.ini
[2007/11/07 16:41:53 | 00,000,000 | ---- | C] () -- C:\WINDOWS\JDSecure31.INI
[2007/11/07 16:41:49 | 00,061,440 | ---- | C] () -- C:\WINDOWS\System32\LxrJD20Sat.dll
[2007/11/07 16:41:48 | 00,249,856 | ---- | C] () -- C:\WINDOWS\System32\LxrJD31.dll
[2007/11/07 16:41:48 | 00,069,824 | ---- | C] () -- C:\WINDOWS\System32\drivers\LxrJD31d.sys
[2007/10/03 10:19:23 | 00,000,069 | ---- | C] () -- C:\WINDOWS\NeroDigital.ini
[2006/11/06 21:34:57 | 00,001,747 | ---- | C] () -- C:\Documents and Settings\All Users\Application Data\QTSBandwidthCache
[2006/04/30 19:21:38 | 00,000,109 | ---- | C] () -- C:\WINDOWS\webica.ini
[2006/03/24 14:09:50 | 00,972,800 | ---- | C] () -- C:\Program Files\PECOTA_03_21_2006.xls
[2006/02/05 12:32:58 | 00,674,304 | ---- | C] () -- C:\Program Files\PECOTA_01_25_2006.xls
[2006/01/19 10:32:48 | 00,029,696 | ---- | C] () -- C:\Program Files\ALOF_1_.xlr
[2006/01/18 18:25:29 | 00,024,064 | ---- | C] () -- C:\Program Files\ALC.xls
[2006/01/18 18:22:47 | 00,000,893 | ---- | C] () -- C:\WINDOWS\wizards.ini
[2005/11/10 00:27:46 | 42,068,374 | ---- | C] () -- C:\Program Files\NIS06900_2YR.exe
[2005/09/25 11:29:47 | 00,007,812 | ---- | C] () -- C:\WINDOWS\System32\visorusb.dll
[2005/09/24 09:01:28 | 00,098,304 | ---- | C] () -- C:\Documents and Settings\Administrator\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2005/09/23 14:21:06 | 00,000,061 | ---- | C] () -- C:\WINDOWS\ma_Tales.ini
[2005/09/23 14:20:39 | 00,012,074 | ---- | C] () -- C:\WINDOWS\MA_BB.INI
[2005/09/16 09:08:41 | 00,000,113 | ---- | C] () -- C:\WINDOWS\WININIT.INI
[2005/09/13 01:27:13 | 00,000,063 | ---- | C] () -- C:\WINDOWS\mdm.ini
[2005/09/13 01:00:22 | 00,000,376 | ---- | C] () -- C:\WINDOWS\ODBC.INI
[2005/09/12 20:58:01 | 00,040,960 | ---- | C] () -- C:\WINDOWS\System32\IsUser11b.dll
[2005/09/08 22:06:04 | 00,065,536 | ---- | C] () -- C:\WINDOWS\System32\YCRWin32.dll
[2005/08/31 11:43:32 | 00,098,304 | ---- | C] () -- C:\WINDOWS\System32\resourceGeneric.dll
[2005/08/03 13:01:23 | 00,000,061 | ---- | C] () -- C:\WINDOWS\smscfg.ini
[2005/08/03 12:53:02 | 00,049,152 | ---- | C] () -- C:\WINDOWS\EAKUSB.dll
[2005/08/03 12:53:02 | 00,024,576 | ---- | C] () -- C:\WINDOWS\MAKHkdll.dll
[2005/08/03 12:51:10 | 00,000,044 | ---- | C] () -- C:\WINDOWS\System32\msssc.dll
[2003/07/14 14:30:28 | 00,197,120 | ---- | C] () -- C:\WINDOWS\patchw32.dll
[2002/05/08 04:12:22 | 00,001,065 | ---- | C] () -- C:\WINDOWS\System32\oeminfo.ini
[1998/05/14 00:00:00 | 00,116,736 | ---- | C] () -- C:\WINDOWS\System32\PCDLIB32.DLL
[1997/11/10 15:18:48 | 00,010,240 | ---- | C] () -- C:\WINDOWS\System32\vidx16.dll
[1997/08/19 00:00:00 | 00,022,016 | ---- | C] () -- C:\WINDOWS\System32\DOCOBJ.DLL
[1997/08/19 00:00:00 | 00,012,288 | ---- | C] () -- C:\WINDOWS\System32\HLINKPRX.DLL

< End of report >

nstnewell
Novice
Novice

Posts Posts : 11
Joined Joined : 2010-01-24
OS OS : Windows XP
Points Points : 25233
# Likes # Likes : 0

View user profile

Back to top Go down

Re: Internet Security 2010

Post by nstnewell on Mon Jan 25, 2010 2:00 am

Part 1 of 1 of Extras

OTL Extras logfile created on: 1/24/2010 1:38:07 PM - Run 1
OTL by OldTimer - Version 3.1.26.0 Folder = C:\Documents and Settings\Administrator\My Documents\Downloads
Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

503.00 Mb Total Physical Memory | 176.00 Mb Available Physical Memory | 35.00% Memory free
1.00 Gb Paging File | 1.00 Gb Available in Paging File | 60.00% Paging File free
Paging file location(s): C:\pagefile.sys 756 1512 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 74.52 Gb Total Space | 24.73 Gb Free Space | 33.18% Space Free | Partition Type: NTFS
D: Drive not present or media not loaded
E: Drive not present or media not loaded
Drive F: | 931.51 Gb Total Space | 886.72 Gb Free Space | 95.19% Space Free | Partition Type: NTFS
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded

Computer Name: HP21763218672
Current User Name: Administrator
Logged in as Administrator.

Current Boot Mode: Normal
Scan Mode: Current user
Company Name Whitelist: Off
Skip Microsoft Files: Off
File Age = 30 Days
Output = Standard

========== Extra Registry (SafeList) ==========


========== File Associations ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\]
.html [@ = FirefoxHTML] -- C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)

[HKEY_CURRENT_USER\SOFTWARE\Classes\]
.html [@ = ChromeHTML] -- C:\Documents and Settings\Administrator\Local Settings\Application Data\Google\Chrome\Application\chrome.exe (Google Inc.)

========== Shell Spawning ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
htmlfile [edit] -- Reg Error: Key error.
htmlfile [open] -- "C:\Program Files\Internet Explorer\IEXPLORE.EXE" -nohome (Microsoft Corporation)
htmlfile [opennew] -- "C:\Program Files\Internet Explorer\IEXPLORE.EXE" %1 (Microsoft Corporation)
http [open] -- "C:\Documents and Settings\Administrator\Local Settings\Application Data\Google\Chrome\Application\chrome.exe" -- "%1" (Google Inc.)
https [open] -- "C:\Documents and Settings\Administrator\Local Settings\Application Data\Google\Chrome\Application\chrome.exe" -- "%1" (Google Inc.)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l (Microsoft Corporation)
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\IEXPLORE.EXE" %1 (Microsoft Corporation)
CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- "C:\Program Files\Internet Explorer\iexplore.exe" (Microsoft Corporation)

========== Security Center Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"FirstRunDisabled" = 1
"AntiVirusDisableNotify" = 0
"FirewallDisableNotify" = 0
"UpdatesDisableNotify" = 0
"AntiVirusOverride" = 0
"FirewallOverride" = 0

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
"DisableMonitoring" = 1

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]
"DisableMonitoring" = 1

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]
"DisableMonitoring" = 1

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List]
"1900:UDP" = 1900:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22007
"2869:TCP" = 2869:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22008
"10243:TCP" = 10243:TCP:LocalSubNet:Enabled:Windows Media Player Network Sharing Service
"10280:UDP" = 10280:UDP:LocalSubNet:Enabled:Windows Media Player Network Sharing Service
"10281:UDP" = 10281:UDP:LocalSubNet:Enabled:Windows Media Player Network Sharing Service
"10282:UDP" = 10282:UDP:LocalSubNet:Enabled:Windows Media Player Network Sharing Service
"10283:UDP" = 10283:UDP:LocalSubNet:Enabled:Windows Media Player Network Sharing Service
"10284:UDP" = 10284:UDP:LocalSubNet:Enabled:Windows Media Player Network Sharing Service

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 0
"DoNotAllowExceptions" = 0
"DisableNotifications" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
"1900:UDP" = 1900:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22007
"2869:TCP" = 2869:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22008
"139:TCP" = 139:TCP:LocalSubNet:Disabled:@xpsp2res.dll,-22004
"445:TCP" = 445:TCP:LocalSubNet:Disabled:@xpsp2res.dll,-22005
"137:UDP" = 137:UDP:LocalSubNet:Disabled:@xpsp2res.dll,-22001
"138:UDP" = 138:UDP:LocalSubNet:Disabled:@xpsp2res.dll,-22002
"10243:TCP" = 10243:TCP:LocalSubNet:Enabled:Windows Media Player Network Sharing Service
"10280:UDP" = 10280:UDP:LocalSubNet:Enabled:Windows Media Player Network Sharing Service
"10281:UDP" = 10281:UDP:LocalSubNet:Enabled:Windows Media Player Network Sharing Service
"10282:UDP" = 10282:UDP:LocalSubNet:Enabled:Windows Media Player Network Sharing Service
"10283:UDP" = 10283:UDP:LocalSubNet:Enabled:Windows Media Player Network Sharing Service
"10284:UDP" = 10284:UDP:LocalSubNet:Enabled:Windows Media Player Network Sharing Service

========== Authorized Applications List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"C:\Program Files\Aclient\AClntUsr.EXE" = C:\Program Files\Aclient\AClntUsr.EXE:*:Enabled:AClntUsr - AClient Interactive User Service -- ()
"C:\Program Files\Yahoo!\Messenger\YPager.exe" = C:\Program Files\Yahoo!\Messenger\YPager.exe:*:Disabled:Yahoo! Messenger -- File not found
"C:\PROGRA~1\Yahoo!\MESSEN~1\YPAGER.EXE" = C:\PROGRA~1\Yahoo!\MESSEN~1\YPAGER.EXE:*:Enabled:Yahoo! Messenger -- File not found
"C:\PROGRA~1\Yahoo!\MESSEN~1\yserver.exe" = C:\PROGRA~1\Yahoo!\MESSEN~1\yserver.exe:*:Enabled:Yahoo! FT Server -- File not found
"C:\Program Files\Hasbro Interactive\Clue\Clue.exe" = C:\Program Files\Hasbro Interactive\Clue\Clue.exe:*:Disabled:Clue -- File not found
"C:\Program Files\TurboTax\Deluxe 2006\32bit\ttax.exe" = C:\Program Files\TurboTax\Deluxe 2006\32bit\ttax.exe:LocalSubNet:Enabled:TurboTax -- (Intuit, Inc.)
"C:\Program Files\TurboTax\Deluxe 2006\32bit\updatemgr.exe" = C:\Program Files\TurboTax\Deluxe 2006\32bit\updatemgr.exe:LocalSubNet:Enabled:TurboTax Update Manager -- (Intuit, Inc.)
"C:\Program Files\TurboTax\Deluxe 2007\32bit\ttax.exe" = C:\Program Files\TurboTax\Deluxe 2007\32bit\ttax.exe:LocalSubNet:Enabled:TurboTax -- (Intuit, Inc.)
"C:\Program Files\TurboTax\Deluxe 2007\32bit\updatemgr.exe" = C:\Program Files\TurboTax\Deluxe 2007\32bit\updatemgr.exe:LocalSubNet:Enabled:TurboTax Update Manager -- (Intuit, Inc.)
"C:\Program Files\Bonjour\mDNSResponder.exe" = C:\Program Files\Bonjour\mDNSResponder.exe:*:Enabled:Bonjour -- (Apple Inc.)
"C:\Program Files\Kodak\Kodak EasyShare software\bin\EasyShare.exe" = C:\Program Files\Kodak\Kodak EasyShare software\bin\EasyShare.exe:*:Enabled:EasyShare -- (Eastman Kodak Company)
"C:\Program Files\Common Files\Intuit\Update Service\IntuitUpdateService.exe" = C:\Program Files\Common Files\Intuit\Update Service\IntuitUpdateService.exe:LocalSubNet:Disabled:Intuit Update Shared Downloads Server -- (Intuit Inc.)
"C:\Program Files\iTunes\iTunes.exe" = C:\Program Files\iTunes\iTunes.exe:*:Enabled:iTunes -- (Apple Inc.)


========== HKEY_LOCAL_MACHINE Uninstall List ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{00170409-78E1-11D2-B60F-006097C998E7}" = Microsoft Word 2000
"{007B37D9-0C45-4202-834B-DD5FAAE99D63}" = ArcSoft Print Creations - Slimline Card
"{010F7E2B-9ACA-4D31-B87C-09EC5CC8D3F1}" = TurboTax 2008 winiper
"{03EDED24-8375-407D-A721-4643D9768BE1}" = kgchlwn
"{07287123-B8AC-41CE-8346-3D777245C35B}" = Bonjour
"{0761C9A8-8F3A-4216-B4A7-B7AFBF24A24A}" = HiJackThis
"{08C5815C-2C6E-44f8-8748-0E61BC9AFB68}" = Symantec KB-DocID:2003093015493306
"{097346E0-6A51-11D1-AD16-00A0C95E0503}(SBC)" = Visual IP InSight(SBC)
"{11F3F858-4131-4FFA-A560-3FE282933B6E}" = kgchday
"{1445ECFA-AD4B-4f22-A1D2-DDB81354EC1D}" = Snapfish PictureMover
"{14D4ED84-6A9A-45A0-96F6-1753768C3CB5}" = ESSPCD
"{183135A3-2CE8-43B5-BA5A-757EBAECB413}" = Disney Pix Micro Downloader
"{269F596B-E679-40DD-866A-DF7182A483BF}" = HP MAK Software
"{29521505-F489-4822-ADFA-32C6DEE4F114}" = TurboTax 2008 WinPerUserEducation
"{2D03B6F8-DF36-4980-B7B6-5B93D5BA3A8F}" = essvatgt
"{2DFF31F9-7893-4922-AF66-C9A1EB4EBB31}" = Rhapsody Player Engine
"{2E7595EC-4FB1-4E29-93D4-9083C8A9B107}" = TurboTax ItsDeductible 2005
"{31478BE1-CDE5-4753-A8B2-F6D4BC1FBE09}" = Component Framework
"{3248F0A8-6813-11D6-A77B-00B0D0150000}" = J2SE Runtime Environment 5.0
"{3248F0A8-6813-11D6-A77B-00B0D0160000}" = Java(TM) SE Runtime Environment 6
"{3248F0A8-6813-11D6-A77B-00B0D0160010}" = Java(TM) SE Runtime Environment 6 Update 1
"{3248F0A8-6813-11D6-A77B-00B0D0160070}" = Java(TM) 6 Update 7
"{350C97B0-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP
"{3AC54383-31D1-4907-961B-B12CBB1D0AE8}" = MobileMe Control Panel
"{3FA365DF-2D68-45ED-8F83-8C8A33E65143}" = Apple Application Support
"{42938595-0D83-404D-9F73-F8177FDD531A}" = ESScore
"{44E5B47F-870E-4E38-A458-8A5FC4DCFECF}" = ImageMixer for HDD Camcorder
"{4537EA4B-F603-4181-89FB-2953FC695AB1}" = netbrdg
"{4D74931D-C9DD-436D-996F-EF18659EEB22}" = SymNet
"{5316DFC9-CE99-4458-9AB3-E8726EDE0210}" = skin0001
"{55A6283C-638A-4EE0-B491-51118554BDA2}" = Norton Confidential Core
"{56589DFE-0C29-4DFE-8E42-887B771ECD23}" = ArcSoft Print Creations - Photo Book
"{5C29CB8B-AC1E-4114-8D68-9CD080140D4A}" = Sony USB Driver
"{605A4E39-613C-4A12-B56F-DEFBE6757237}" = SHASTA
"{608D2A3C-6889-4C11-9B54-A42F45ACBFDB}" = fflink
"{62120008-8E1E-4807-860D-A8B48F8552DB}" = Norton Protection Center
"{643EAE81-920C-4931-9F0B-4B343B225CA6}" = ESSBrwr
"{64A77F14-0E08-4A97-A859-E93CFF428756}" = Broadcom Management Programs
"{693C08A7-9E76-43FF-B11E-9A58175474C4}" = kgckids
"{6956856F-B6B3-4BE0-BA0B-8F495BE32033}" = Apple Software Update
"{6DE13770-01B7-4366-8DA6-48237793F445}" = VoiceOver Kit
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{7570F1CA-016D-46AC-B586-CD74645EFB52}" = TurboTax 2008 WinPerFedFormset
"{77772678-817F-4401-9301-ED1D01A8DA56}" = SPBBC 32bit
"{77FFBA7E-0973-4F39-BBDB-AC2F537578D2}" = Norton AntiVirus
"{78B50D1D-642C-4B89-BCC7-352EAE3614D7}" = iPod for Windows 2005-02-07
"{7DD9A065-2C86-4A9F-A5FF-796EC1B99DCA}" = AnswerWorks 4.0 Runtime - English
"{83d96ed0-98aa-4515-8ddc-816f3efdd104}" = DB CIF Cam
"{88214092-836F-4E22-A5AC-569AC9EE6A0F}" = TurboTax 2008 WinPerReleaseEngine
"{8943CE61-53BD-475E-90E1-A580869E98A2}" = staticcr
"{8A502E38-29C9-49FA-BCFA-D727CA062589}" = ESSTOOLS
"{8A708DD8-A5E6-11D4-A706-000629E95E20}" = Intel(R) Graphics Media Accelerator Driver
"{8A8664E1-84C8-4936-891C-BC1F07797549}" = kgcvday
"{8E92D746-CD9F-4B90-9668-42B74C14F765}" = ESSini
"{91517631-A9F3-4B7C-B482-43E0068FD55A}" = ESSgui
"{9591C049-5CAE-4E89-A8D9-191F1899628B}" = ArcSoft Print Creations - Funhouse
"{999D43F4-9709-4887-9B1A-83EBB15A8370}" = VPRINTOL
"{9BD54685-1496-46A5-AB62-357CD140ED8B}" = kgcinvt
"{9E5A03E3-6246-4920-9630-0527D5DA9B07}" = AnswerWorks 5.0 English Runtime
"{A1588373-1D86-4D44-86C9-78ABD190F9CC}" = kgcmove
"{A1C8D94A-4303-4489-B585-4B6E6CD408CB}" = OpenOffice.org 2.2
"{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}" = Microsoft .NET Framework 3.0 Service Pack 2
"{A429C2AE-EBF1-4F81-A221-1C115CAADDAD}" = QuickTime
"{A93C4E94-1005-489D-BEAA-B873C1AA6CFC}" = HP Help and Support
"{AAC4426A-42CD-4B4E-8057-9738C96F2C8F}" = HP Safety and Comfort Guide
"{AADEA55D-C834-4BCB-98A3-4B8D1C18F4EE}" = Apple Mobile Device Support
"{AC76BA86-7AD7-1033-7B44-A70900000002}" = Adobe Reader 7.0.9
"{AE1FA02D-E6A4-4EA0-8E58-6483CAC016DD}" = ESSCDBK
"{AFF1EA96-9C23-4249-B7D4-CD4B54D4582F}" = TurboTax ItsDeductible 2006
"{B0D83FCD-9D42-43ED-8315-250326AADA02}" = ArcSoft Print Creations - Scrapbook
"{B162D0A6-9A1D-4B7C-91A5-88FB48113C45}" = OfotoXMI
"{B1DB1AD8-C07E-4052-81A1-D2930232BA70}" = TurboTax 2008 wrapper
"{B23726CF-68BF-41A6-A4EB-72F12F87FE05}" = TurboTax 2008 WinPerTaxSupport
"{B24E05CC-46FF-4787-BBB8-5CD516AFB118}" = ccCommon
"{B4B44FE7-41FF-4DAD-8C0A-E406DDA72992}" = CCScore
"{B78823CD-488F-43B4-80D6-FAEADAE40EC4}" = Instant Wireless USB Adapter
"{BA0F44C2-A883-11D1-AD0A-006097D15E2C}" = Palm Desktop and Synchronization Software
"{BCE72AED-3332-4863-9567-C5DCB9052CA2}" = Netflix Movie Viewer
"{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}" = Microsoft .NET Framework 2.0 Service Pack 2
"{C1C185CA-C531-49F5-A6FA-B838405A049D}" = Norton Internet Security
"{CA9ED5E4-1548-485B-A293-417840060158}" = ArcSoft Print Creations - Photo Calendar
"{CAE8A0F1-B498-4C23-95FA-55047E730C8F}" = ArcSoft Print Creations
"{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}" = Microsoft .NET Framework 1.1
"{CC8E0363-B20C-4792-8A1C-8DF5E01B68A6}" = GoGear VIBE Device Manager
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{D1A74FBB-CA8D-4CCA-9B89-BAAA436DB178}" = iTunes
"{D32470A1-B10C-4059-BA53-CF0486F68EBC}" = Kodak EasyShare software
"{D4936AAF-FFD0-44A1-A7EA-A2DB41CEB5BC}" = iPod for Windows 2005-09-23
"{D5068583-D569-468B-9755-5FBF5848F46F}" = Sony Picture Utility
"{D6E4E5D6-7693-4BB4-95BA-21F38FAFEE90}" = Safari
"{D989BCC0-757C-4FB6-893C-512DF4382656}" = MetaFrame Presentation Server Client
"{DB02F716-6275-42E9-B8D2-83BA2BF5100B}" = SFR
"{DBA4DB9D-EE51-4944-A419-98AB1F1249C8}" = LiveUpdate Notice (Symantec Corporation)
"{DC8235CC-3D5A-4D32-94BE-E2F0A1749920}" = Disney Pix 2.2
"{E18B549C-5D15-45DA-8D8F-8FD2BD946344}" = kgcbaby
"{E3EFA461-EB83-4C3B-9C47-2C1D58A01555}" = Norton AntiVirus Help
"{E6B4117F-AC59-4B13-9274-EB136E8897EE}" = ArcSoft Print Creations - Album Page
"{E6D9BC25-0DBC-4368-8E4A-7DEE80661CD9}" = TurboTax 2008 WinPerProgramHelp
"{E79987F0-0E34-42CC-B8FF-6C860AEEB26A}" = tooltips
"{E80F62FF-5D3C-4A19-8409-9721F2928206}" = LiveUpdate (Symantec Corporation)
"{E8E73C46-405A-4CF7-9A28-FF4D24E5B5D0}" = Symantec Real Time Storage Protection Component
"{EA2BEBD6-87B9-41E5-95AC-7E4C165A9475}" = WexTech AnswerWorks
"{EFB5B3B5-A280-4E25-BE1C-634EEFE32C1B}" = AppCore
"{F04F9557-81A9-4293-BC49-2C216FA325A7}" = ArcSoft Print Creations - Greeting Card
"{F0A37341-D692-11D4-A984-009027EC0A9C}" = SoundMAX
"{F4A2E7CC-60CA-4AFA-B67F-AD5E58173C3F}" = SKINXSDK
"{F9593CFB-D836-49BC-BFF1-0E669A411D9F}" = WIRELESS
"{FCDB1C92-03C6-4C76-8625-371224256091}" = ESSPDock
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"Amazon MP3 Downloader" = Amazon MP3 Downloader 1.0.3
"BroadJump Client Foundation" = BroadJump Client Foundation
"Canon Digital Camera USB WIA Driver" = Canon Digital Camera USB WIA Driver
"Canon PhotoStitch 3.1" = Canon Utilities PhotoStitch 3.1
"Canon Utilities RAW Image Converter" = Canon Utilities RAW Image Converter
"DirectXMediaRuntime" = DirectX Media Runtime 5.1
"Flickr Uploadr" = Flickr Uploadr 2.5.0.15
"getPlus(R)_ocx" = getPlus(R)_ocx
"GoZone iSync" = GoZone iSync
"IDNMitigationAPIs" = Microsoft Internationalized Domain Names Mitigation APIs
"ie7" = Windows Internet Explorer 7
"ie8" = Windows Internet Explorer 8
"InstallShield_{64A77F14-0E08-4A97-A859-E93CFF428756}" = Broadcom Management Programs
"InstallShield_{78B50D1D-642C-4B89-BCC7-352EAE3614D7}" = iPod for Windows 2005-02-07
"InstallShield_{D4936AAF-FFD0-44A1-A7EA-A2DB41CEB5BC}" = iPod for Windows 2005-09-23
"JDSecure" = JD Secure 3.1
"JumpStart Advanced Discovery Time" = JumpStart Advanced Discovery Time
"JumpStart Advanced Play & Learn Time" = JumpStart Advanced Play & Learn Time
"Microsoft .NET Framework 1.1 (1033)" = Microsoft .NET Framework 1.1
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"Mozilla Firefox (3.5.7)" = Mozilla Firefox (3.5.7)
"MSCompPackV1" = Microsoft Compression Client Pack 1.0 for Windows XP
"MSMONEYV70" = Microsoft Money 99
"NLSDownlevelMapping" = Microsoft National Language Support Downlevel APIs
"PDF Complete" = PDF Complete
"Photo Viewer_is1" = Photo Viewer 2.4
"PhotoRecord" = Canon PhotoRecord
"Picasa 3" = Picasa 3
"PsuedoLiveUpdate" = LiveUpdate (Symantec Corporation)
"RemoteCapture" = Canon Utilities RemoteCapture 2.2
"Rhapsody" = Rhapsody
"Software Setup" = Software Setup
"Strat-O-Matic CD-ROM Ver10.0" = Strat-O-Matic CD-ROM Ver10.0
"Strat-O-Matic CD-ROM Ver11.0" = Strat-O-Matic CD-ROM Ver11.0
"SymSetup.{C1C185CA-C531-49F5-A6FA-B838405A049D}" = Norton Internet Security (Symantec Corporation)
"TurboTax 2005" = TurboTax 2005
"TurboTax 2008" = TurboTax 2008
"TurboTax Deluxe 2007" = TurboTax Deluxe 2007
"TurboTax Deluxe Deduction Maximizer 2006" = TurboTax Deluxe Deduction Maximizer 2006
"Upromise TurboSaver" = Upromise TurboSaver (remove only)
"Windows Media Format Runtime" = Windows Media Format 11 runtime
"Windows Media Player" = Windows Media Player 11
"Windows XP Service Pack" = Windows XP Service Pack 3
"WMFDist11" = Windows Media Format 11 runtime
"wmp11" = Windows Media Player 11
"Word8.0" = Microsoft Word 97
"Works" = Microsoft Works 4.5
"Works99Setup" = Microsoft Works Setup Launcher
"Wudf01000" = Microsoft User-Mode Driver Framework Feature Pack 1.0
"Yahoo! Photos Drag-Drop Uploader 1v7" = Yahoo! Photos Easy Upload Tool 1v7
"YInstHelper" = Yahoo! Install Manager
"ZoomBrowserEXDeInstall" = Canon Utilities ZoomBrowser EX

========== HKEY_CURRENT_USER Uninstall List ==========

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Google Chrome" = Google Chrome
"Move Networks Player - IE" = Move Networks Media Player for Internet Explorer

========== Last 10 Event Log Errors ==========

[ Application Events ]
Error - 1/13/2010 12:56:22 PM | Computer Name = HP21763218672 | Source = crypt32 | ID = 131080
Description = Failed auto update retrieval of third-party root list sequence number
from:
with error: The specified server cannot perform the requested operation.

Error - 1/15/2010 9:50:00 AM | Computer Name = HP21763218672 | Source = Application Hang | ID = 1002
Description = Hanging application firefox.exe, version 1.9.0.3642, hang module hungapp,
version 0.0.0.0, hang address 0x00000000.

Error - 1/20/2010 9:09:31 AM | Computer Name = HP21763218672 | Source = crypt32 | ID = 131080
Description = Failed auto update retrieval of third-party root list sequence number
from:
with error: This operation returned because the timeout period expired.

Error - 1/20/2010 9:09:31 AM | Computer Name = HP21763218672 | Source = crypt32 | ID = 131080
Description = Failed auto update retrieval of third-party root list sequence number
from:
with error: The specified server cannot perform the requested operation.

Error - 1/20/2010 9:09:33 AM | Computer Name = HP21763218672 | Source = crypt32 | ID = 131080
Description = Failed auto update retrieval of third-party root list sequence number
from:
with error: The specified server cannot perform the requested operation.

Error - 1/20/2010 9:09:33 AM | Computer Name = HP21763218672 | Source = crypt32 | ID = 131080
Description = Failed auto update retrieval of third-party root list sequence number
from:
with error: The specified server cannot perform the requested operation.

Error - 1/20/2010 9:09:20 PM | Computer Name = HP21763218672 | Source = crypt32 | ID = 131080
Description = Failed auto update retrieval of third-party root list sequence number
from:
with error: This operation returned because the timeout period expired.

Error - 1/20/2010 9:09:23 PM | Computer Name = HP21763218672 | Source = crypt32 | ID = 131080
Description = Failed auto update retrieval of third-party root list sequence number
from:
with error: The specified server cannot perform the requested operation.

Error - 1/20/2010 9:09:24 PM | Computer Name = HP21763218672 | Source = crypt32 | ID = 131080
Description = Failed auto update retrieval of third-party root list sequence number
from:
with error: The specified server cannot perform the requested operation.

Error - 1/20/2010 9:09:24 PM | Computer Name = HP21763218672 | Source = crypt32 | ID = 131080
Description = Failed auto update retrieval of third-party root list sequence number
from:
with error: The specified server cannot perform the requested operation.

[ System Events ]
Error - 1/24/2010 11:01:54 AM | Computer Name = HP21763218672 | Source = Service Control Manager | ID = 7000
Description = The Plug and Play Device Manager service failed to start due to the
following error: %%2

Error - 1/24/2010 11:07:22 AM | Computer Name = HP21763218672 | Source = Dhcp | ID = 1002
Description = The IP address lease 192.168.1.101 for the Network Card with network
address 000C41F04185 has been denied by the DHCP server 192.168.1.1 (The DHCP Server
sent a DHCPNACK message).

Error - 1/24/2010 11:07:26 AM | Computer Name = HP21763218672 | Source = Dhcp | ID = 1002
Description = The IP address lease 192.168.1.100 for the Network Card with network
address 000FFE2150F5 has been denied by the DHCP server 192.168.1.1 (The DHCP Server
sent a DHCPNACK message).

Error - 1/24/2010 11:08:43 AM | Computer Name = HP21763218672 | Source = Service Control Manager | ID = 7000
Description = The Plug and Play Device Manager service failed to start due to the
following error: %%2

Error - 1/24/2010 11:08:43 AM | Computer Name = HP21763218672 | Source = Service Control Manager | ID = 7009
Description = Timeout (30000 milliseconds) waiting for the IMAPI CD-Burning COM
Service service to connect.

Error - 1/24/2010 11:08:43 AM | Computer Name = HP21763218672 | Source = Service Control Manager | ID = 7000
Description = The IMAPI CD-Burning COM Service service failed to start due to the
following error: %%1053

Error - 1/24/2010 2:07:20 PM | Computer Name = HP21763218672 | Source = sr | ID = 1
Description = The System Restore filter encountered the unexpected error '0xC0000243'
while processing the file 'SrtETmp' on the volume 'HarddiskVolume1'. It has stopped
monitoring the volume.

Error - 1/24/2010 2:08:41 PM | Computer Name = HP21763218672 | Source = Service Control Manager | ID = 7000
Description = The Plug and Play Device Manager service failed to start due to the
following error: %%2

Error - 1/24/2010 2:16:29 PM | Computer Name = HP21763218672 | Source = Dhcp | ID = 1002
Description = The IP address lease 192.168.1.101 for the Network Card with network
address 000FFE2150F5 has been denied by the DHCP server 192.168.1.1 (The DHCP Server
sent a DHCPNACK message).

Error - 1/24/2010 2:16:29 PM | Computer Name = HP21763218672 | Source = Dhcp | ID = 1002
Description = The IP address lease 192.168.1.100 for the Network Card with network
address 000C41F04185 has been denied by the DHCP server 192.168.1.1 (The DHCP Server
sent a DHCPNACK message).


< End of report >

nstnewell
Novice
Novice

Posts Posts : 11
Joined Joined : 2010-01-24
OS OS : Windows XP
Points Points : 25233
# Likes # Likes : 0

View user profile

Back to top Go down

Re: Internet Security 2010

Post by Belahzur on Mon Jan 25, 2010 10:13 pm

Hello.

  • Download combofix from here
    [You must be registered and logged in to see this link.]
    [You must be registered and logged in to see this link.]

    1. If you are using Firefox, make sure that your download settings are as follows:

    * Tools->Options->Main tab
    * Set to "Always ask me where to Save the files".

    2. During the download, rename Combofix to Combo-Fix as follows:





    3. It is important you rename Combofix during the download, but not after.
    4. Please do not rename Combofix to other names, but only to the one indicated.
    5. Close any open browsers.
    6. Close/disable all anti virus and anti malware programs so they do not interfere with the running of ComboFix.

  • We need to disable your local AV (Anti-virus) before running Combofix.
  • See [You must be registered and logged in to see this link.] for how to disable your AV.
  • Double click on ComboFix.exe.
  • Follow the prompts. NOTE:
  • ComboFix will check to see if the Microsoft Windows Recovery Console is installed.
    ***It's strongly recommended to have the Recovery Console installed before doing any malware removal.***

    **Please note: If the Microsoft Windows Recovery Console is already installed, ComboFix will automatically proceed with its scan.


  • The Recovery Console provides a recovery/repair mode should a problem occur during a Combofix run.



  • Allow ComboFix to download the Recovery Console.
  • Accept the End-User License Agreement.
  • The Recovery Console will be installed.
  • You will then get this next prompt that asks if you want to continue the malware scan, select yes



  • Allow combofix to run
  • Post C:\combofix.txt back here.

    Note:
    Do not mouseclick combofix's window whilst it's running. That may cause it to stall.


[You must be registered and logged in to see this link.] - [You must be registered and logged in to see this link.] - Please PM me if I fail to respond within 24hrs.


Belahzur
Administrator
Administrator

Posts Posts : 34916
Joined Joined : 2008-08-03
Gender Gender : Male
OS OS : XP SP3 Media Centre
Points Points : 245069
# Likes # Likes : 1

View user profile

Back to top Go down

View previous topic View next topic Back to top

- Similar topics

 
Permissions in this forum:
You cannot reply to topics in this forum