OTL logfile created on: 4/21/2010 11:48:39 AM - Run 1
OTL by OldTimer - Version 3.2.1.3 Folder = C:\Users\Rick\Desktop
Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18904)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy
2.00 Gb Total Physical Memory | 1.00 Gb Available Physical Memory | 34.00% Memory free
4.00 Gb Paging File | 2.00 Gb Available in Paging File | 54.00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 109.28 Gb Total Space | 43.24 Gb Free Space | 39.56% Space Free | Partition Type: NTFS
Drive D: | 1023.99 Mb Total Space | 985.19 Mb Free Space | 96.21% Space Free | Partition Type: NTFS
Drive E: | 3.81 Gb Total Space | 0.00 Gb Free Space | 0.00% Space Free | Partition Type: UDF
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded
Computer Name: RDY-1
Current User Name: Rick
Logged in as Administrator.
Current Boot Mode: Normal
Scan Mode: All users
Company Name Whitelist: Off
Skip Microsoft Files: Off
File Age = 90 Days
Output = Minimal
========== Processes (SafeList) ========== PRC - C:\Users\Rick\Desktop\OTL.exe (OldTimer Tools)
PRC - C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe (Apple Inc.)
PRC - C:\Program Files\Norton Internet Security\Norton Internet Security\Engine\17.6.0.32\ccsvchst.exe (Symantec Corporation)
PRC - C:\Windows\System32\Macromed\Flash\FlashUtil10e.exe (Adobe Systems, Inc.)
PRC - C:\Program Files\Taskix\Taskix32.exe (Robust IT)
PRC - C:\Program Files\MailWasher Pro\MailWasher.exe (Firetrust Ltd)
PRC - C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe (Intel Corporation)
PRC - C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTmon.exe (Intel Corporation)
PRC - C:\Windows\System32\wisptis.exe (Microsoft Corporation)
PRC - C:\Program Files\Common Files\microsoft shared\ink\TabTip.exe (Microsoft Corporation)
PRC - C:\Windows\explorer.exe (Microsoft Corporation)
PRC - C:\Program Files\Intel\WiFi\bin\EvtEng.exe (Intel(R) Corporation)
PRC - C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe (Intel(R) Corporation)
PRC - C:\Program Files\Diskeeper Corporation\Diskeeper\DkService.exe (Diskeeper Corporation)
PRC - C:\Program Files\Trend Micro\RUBotted\TMRUBotted.exe (Trend Micro Inc.)
PRC - C:\Program Files\Norton Save and Restore\Agent\VProSvc.exe (Symantec Corporation)
PRC - C:\Windows\RtHDVCpl.exe (Realtek Semiconductor)
PRC - C:\Program Files\Common Files\microsoft shared\ink\InputPersonalization.exe (Microsoft Corporation)
PRC - C:\Program Files\Fujitsu\SSUtility\FJSSDMN.exe (FUJITSU LIMITED)
PRC - C:\Program Files\Window Washer\WasherSvc.exe (Webroot Software, Inc.)
PRC - C:\Program Files\Softex\OmniPass\scureapp.exe ()
PRC - C:\Program Files\Softex\OmniPass\opvapp.exe ()
PRC - C:\Program Files\Softex\OmniPass\OmniServ.exe (Softex Inc.)
PRC - C:\Windows\RDrvMon.exe ()
PRC - C:\Program Files\Stardock ObjectDock\ObjectDock.exe (Stardock)
PRC - C:\Program Files\Fujitsu\fjdvrupd\updatenv.exe (FUJITSU LIMITED)
PRC - C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtMng.exe (TOSHIBA CORPORATION.)
PRC - c:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosAVRC.exe (TOSHIBA CORPORATION.)
PRC - c:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtSrv.exe (TOSHIBA CORPORATION)
PRC - c:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosOBEX.exe (TOSHIBA CORPORATION.)
PRC - C:\Program Files\Fujitsu\fjdvrupd\updnvsrv.exe (FUJITSU LIMITED)
PRC - C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtProc.exe (TOSHIBA CORPORATION.)
PRC - C:\Windows\System32\WTablet\TabUserW.exe (Wacom Technology, Corp.)
PRC - C:\Windows\System32\Tablet.exe (Wacom Technology, Corp.)
PRC - c:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosA2dp.exe (TOSHIBA CORPORATION.)
PRC - c:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtBty.exe (TOSHIBA CORPORATION.)
PRC - C:\Program Files\Fujitsu\Application Panel\QuickTouch.exe (FUJITSU LIMITED)
PRC - C:\Program Files\Fujitsu\FUJ02E3\FUJ02E3.exe (FUJITSU LIMITED)
PRC - C:\Program Files\Fujitsu\BtnHnd\BtnHnd.exe (FUJITSU LIMITED)
PRC - C:\Program Files\Fujitsu\Fujitsu Hotkey Utility\IndicatorUty.exe (FUJITSU LIMITED)
PRC - C:\Program Files\Symantec\LiveUpdate\AluSchedulerSvc.exe (Symantec Corporation)
PRC - c:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtHSP.exe (TOSHIBA CORPORATION.)
PRC - C:\Windows\System32\agrsmsvc.exe (Agere Systems)
PRC - C:\Program Files\Apoint2K\Hidfind.exe (Alps Electric Co., Ltd.)
PRC - c:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtHid.exe (TOSHIBA CORPORATION.)
PRC - C:\Windows\System32\o2flash.exe (O2Micro International)
========== Modules (SafeList) ========== MOD - C:\Users\Rick\Desktop\OTL.exe (OldTimer Tools)
MOD - C:\Program Files\Norton Internet Security\Norton Internet Security\Engine\17.6.0.32\asoehook.dll (Symantec Corporation)
MOD - C:\Program Files\Norton Internet Security\Norton Internet Security\Engine\17.6.0.32\microsoft.vc90.crt\msvcr90.dll (Microsoft Corporation)
MOD - C:\Program Files\Norton Internet Security\Norton Internet Security\Engine\17.6.0.32\microsoft.vc90.crt\msvcp90.dll (Microsoft Corporation)
MOD - C:\Program Files\Common Files\microsoft shared\ink\tiptsf.dll (Microsoft Corporation)
MOD - C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.18005_none_5cb72f96088b0de0\comctl32.dll (Microsoft Corporation)
========== Win32 Services (SafeList) ========== SRV - (LxrSII1s) -- File not found
SRV - (CAATT) -- File not found
SRV - (ATTRcAppSvc) -- File not found
SRV - (Apple Mobile Device) -- C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe (Apple Inc.)
SRV - (NIS) -- C:\Program Files\Norton Internet Security\Norton Internet Security\Engine\17.6.0.32\ccSvcHst.exe (Symantec Corporation)
SRV - (FontCache) -- C:\Windows\System32\FntCache.dll (Microsoft Corporation)
SRV - (IAANTMON) Intel(R) -- C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTmon.exe (Intel Corporation)
SRV - (EvtEng) Intel(R) -- C:\Program Files\Intel\WiFi\bin\EvtEng.exe (Intel(R) Corporation)
SRV - (RegSrvc) Intel(R) -- C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe (Intel(R) Corporation)
SRV - (Diskeeper) -- C:\Program Files\Diskeeper Corporation\Diskeeper\DkService.exe (Diskeeper Corporation)
SRV - (RUBotted) -- C:\Program Files\Trend Micro\RUBotted\TMRUBotted.exe (Trend Micro Inc.)
SRV - (Norton Save and Restore) -- C:\Program Files\Norton Save and Restore\Agent\VProSvc.exe (Symantec Corporation)
SRV - (Symantec RemoteAssist) -- C:\Program Files\Common Files\Symantec Shared\Support Controls\ssrc.exe (Symantec, Inc.)
SRV - (WinDefend) -- C:\Program Files\Windows Defender\MpSvc.dll (Microsoft Corporation)
SRV - (wwEngineSvc) -- C:\Program Files\Window Washer\WasherSvc.exe (Webroot Software, Inc.)
SRV - (omniserv) -- C:\Program Files\Softex\OmniPass\OmniServ.exe (Softex Inc.)
SRV - (TOSHIBA Bluetooth Service) -- c:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtSrv.exe (TOSHIBA CORPORATION)
SRV - (UpdateNaviInstallService) -- C:\Program Files\Fujitsu\fjdvrupd\updnvsrv.exe (FUJITSU LIMITED)
SRV - (TabletService) -- C:\Windows\System32\Tablet.exe (Wacom Technology, Corp.)
SRV - (LiveUpdate) -- C:\Program Files\Symantec\LiveUpdate\LuComServer_3_2.EXE (Symantec Corporation)
SRV - (Automatic LiveUpdate Scheduler) -- C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe (Symantec Corporation)
SRV - (AgereModemAudio) -- C:\Windows\System32\agrsmsvc.exe (Agere Systems)
SRV - (sassvc) -- C:\Program Files\ProgramChecker\sassvc.exe ()
SRV - (IDriverT) -- C:\Program Files\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe (Macrovision Corporation)
SRV - (O2Flash) -- C:\Windows\System32\o2flash.exe (O2Micro International)
========== Driver Services (SafeList) ========== DRV - (BHDrvx86) -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_17.0.0.136\Definitions\BASHDefs\20100324.001\BHDrvx86.sys (Symantec Corporation)
DRV - (SymIRON) -- C:\Windows\system32\drivers\NIS\1106000.020\Ironx86.SYS (Symantec Corporation)
DRV - (SRTSP) -- C:\Windows\System32\Drivers\NIS\1106000.020\SRTSP.SYS (Symantec Corporation)
DRV - (SRTSPX) Symantec Real Time Storage Protection (PEL) -- C:\Windows\system32\drivers\NIS\1106000.020\SRTSPX.SYS (Symantec Corporation)
DRV - (ccHP) -- C:\Windows\system32\drivers\NIS\1106000.020\ccHPx86.sys (Symantec Corporation)
DRV - (SYMTDIv) -- C:\Windows\System32\Drivers\NIS\1106000.020\SYMTDIV.SYS (Symantec Corporation)
DRV - (SymEFA) -- C:\Windows\system32\drivers\NIS\1106000.020\SYMEFA.SYS (Symantec Corporation)
DRV - (NAVEX15) -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_17.0.0.136\Definitions\VirusDefs\20100421.002\NAVEX15.SYS (Symantec Corporation)
DRV - (NAVENG) -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_17.0.0.136\Definitions\VirusDefs\20100421.002\NAVENG.SYS (Symantec Corporation)
DRV - (SymIM) -- C:\Windows\System32\drivers\SymIMV.sys (Symantec Corporation)
DRV - (SymDS) -- C:\Windows\system32\drivers\NIS\1106000.020\SYMDS.SYS (Symantec Corporation)
DRV - (IDSVix86) -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_17.0.0.136\Definitions\IPSDefs\20100415.001\IDSvix86.sys (Symantec Corporation)
DRV - (SymEvent) -- C:\Windows\System32\drivers\SYMEVENT.SYS (Symantec Corporation)
DRV - (eeCtrl) -- C:\Program Files\Common Files\Symantec Shared\EENGINE\eeCtrl.sys (Symantec Corporation)
DRV - (EraserUtilRebootDrv) -- C:\Program Files\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys (Symantec Corporation)
DRV - (tosrfbd) -- C:\Windows\System32\drivers\tosrfbd.sys (TOSHIBA CORPORATION)
DRV - (iaNvStor) Intel(R) -- C:\Windows\system32\DRIVERS\iaNvStor.sys (Intel Corporation)
DRV - (iaStor) -- C:\Windows\system32\DRIVERS\iaStor.sys (Intel Corporation)
DRV - (tosrfusb) -- C:\Windows\System32\drivers\tosrfusb.sys (TOSHIBA CORPORATION)
DRV - (usbaudio) USB Audio Driver (WDM) -- C:\Windows\System32\drivers\USBAUDIO.sys (Microsoft Corporation)
DRV - (NETw5v32) Intel(R) -- C:\Windows\System32\drivers\NETw5v32.sys (Intel Corporation)
DRV - (ATSwpWDF) -- C:\Windows\System32\drivers\ATSwpWDF.sys (AuthenTec, Inc.)
DRV - (swmsflt) -- C:\Windows\System32\drivers\swmsflt.sys ()
DRV - (symsnap) -- C:\Windows\system32\DRIVERS\symsnap.sys (StorageCraft)
DRV - (igfx) -- C:\Windows\System32\drivers\igdkmd32.sys (Intel Corporation)
DRV - (ialm) -- C:\Windows\System32\drivers\igdkmd32.sys (Intel Corporation)
DRV - (IntcAzAudAddService) Service for Realtek HD Audio (WDM) -- C:\Windows\System32\drivers\RTKVHDA.sys (Realtek Semiconductor Corp.)
DRV - (TMPassthruMP) -- C:\Windows\System32\drivers\TMPassthru.sys (Trend Micro Inc.)
DRV - (TMPassthru) -- C:\Windows\System32\drivers\TMPassthru.sys (Trend Micro Inc.)
DRV - (O2MDRDR) -- C:\Windows\System32\drivers\o2media.sys (O2Micro )
DRV - (O2SDRDR) -- C:\Windows\System32\drivers\o2sd.sys (O2Micro )
DRV - (yukonwlh) -- C:\Windows\System32\drivers\yk60x86.sys (Marvell)
DRV - (wrssweep) -- C:\Program Files\Window Washer\wrSSweep.sys (Webroot Software Inc (
www.webroot.com))
DRV - (ATSWPDRV) AuthenTec TruePrint USB Driver (SwipeSensor) -- C:\Windows\System32\drivers\atswpdrv.sys (AuthenTec, Inc.)
DRV - (FJGSDisk) -- C:\Windows\system32\DRIVERS\FJGSDisk.sys (FUJITSU LIMITED)
DRV - (NETw4v32) Intel(R) -- C:\Windows\System32\drivers\NETw4v32.sys (Intel Corporation)
DRV - (VProEventMonitor) -- C:\Windows\System32\drivers\vproeventmonitor.sys (Symantec Corporation)
DRV - (SWUMX56) Sierra Wireless USB MUX Driver (UMTS56) -- C:\Windows\System32\drivers\swumx56.sys (Sierra Wireless Inc.)
DRV - (SWNC8U56) Sierra Wireless MUX NDIS Driver (UMTS56) -- C:\Windows\System32\drivers\swnc8u56.sys (Sierra Wireless Inc.)
DRV - (WimFltr) -- C:\Windows\System32\drivers\WimFltr.sys (Microsoft Corporation)
DRV - (v2imount) -- C:\Windows\System32\drivers\v2imount.sys (Symantec Corporation)
DRV - (USBAVCap) -- C:\Windows\System32\drivers\USBAVCap.sys (AVerMedia TECHNOLOGIES, Inc.)
DRV - (Tosrfhid) -- C:\Windows\System32\drivers\Tosrfhid.sys (TOSHIBA Corporation.)
DRV - (WISDPen) -- C:\Windows\System32\drivers\wisdpen.sys (Wacom Technology)
DRV - (FjGenIo) -- C:\Windows\System32\drivers\FjGenIo.sys (Fujitsu Computer Systems Corporation)
DRV - (wtpfiltr) -- C:\Windows\System32\drivers\wtpfiltr.sys (Wacom Technology)
DRV - (AgereSoftModem) -- C:\Windows\System32\drivers\AGRSM.sys (Agere Systems)
DRV - (SSPORT) -- C:\Windows\System32\drivers\SSPORT.SYS (Samsung Electronics)
DRV - (tosrfbnp) -- C:\Windows\System32\drivers\tosrfbnp.sys (TOSHIBA Corporation)
DRV - (ql2300) -- C:\Windows\system32\drivers\ql2300.sys (QLogic Corporation)
DRV - (adp94xx) -- C:\Windows\system32\drivers\adp94xx.sys (Adaptec, Inc.)
DRV - (elxstor) -- C:\Windows\system32\drivers\elxstor.sys (Emulex)
DRV - (adpahci) -- C:\Windows\system32\drivers\adpahci.sys (Adaptec, Inc.)
DRV - (uliahci) -- C:\Windows\system32\drivers\uliahci.sys (ULi Electronics Inc.)
DRV - (iaStorV) -- C:\Windows\system32\drivers\iastorv.sys (Intel Corporation)
DRV - (adpu320) -- C:\Windows\system32\drivers\adpu320.sys (Adaptec, Inc.)
DRV - (ulsata2) -- C:\Windows\system32\drivers\ulsata2.sys (Promise Technology, Inc.)
DRV - (vsmraid) -- C:\Windows\system32\drivers\vsmraid.sys (VIA Technologies Inc.,Ltd)
DRV - (ql40xx) -- C:\Windows\system32\drivers\ql40xx.sys (QLogic Corporation)
DRV - (UlSata) -- C:\Windows\system32\drivers\ulsata.sys (Promise Technology, Inc.)
DRV - (adpu160m) -- C:\Windows\system32\drivers\adpu160m.sys (Adaptec, Inc.)
DRV - (nvraid) -- C:\Windows\system32\drivers\nvraid.sys (NVIDIA Corporation)
DRV - (nfrd960) -- C:\Windows\system32\drivers\nfrd960.sys (IBM Corporation)
DRV - (iirsp) -- C:\Windows\system32\drivers\iirsp.sys (Intel Corp./ICP vortex GmbH)
DRV - (SiSRaid4) -- C:\Windows\system32\drivers\sisraid4.sys (Silicon Integrated Systems)
DRV - (nvstor) -- C:\Windows\system32\drivers\nvstor.sys (NVIDIA Corporation)
DRV - (aic78xx) -- C:\Windows\system32\drivers\djsvs.sys (Adaptec, Inc.)
DRV - (arcsas) -- C:\Windows\system32\drivers\arcsas.sys (Adaptec, Inc.)
DRV - (LSI_SCSI) -- C:\Windows\system32\drivers\lsi_scsi.sys (LSI Logic)
DRV - (SiSRaid2) -- C:\Windows\system32\drivers\sisraid2.sys (Silicon Integrated Systems Corp.)
DRV - (HpCISSs) -- C:\Windows\system32\drivers\hpcisss.sys (Hewlett-Packard Company)
DRV - (arc) -- C:\Windows\system32\drivers\arc.sys (Adaptec, Inc.)
DRV - (iteraid) -- C:\Windows\system32\drivers\iteraid.sys (Integrated Technology Express, Inc.)
DRV - (iteatapi) -- C:\Windows\system32\drivers\iteatapi.sys (Integrated Technology Express, Inc.)
DRV - (LSI_SAS) -- C:\Windows\system32\drivers\lsi_sas.sys (LSI Logic)
DRV - (Symc8xx) -- C:\Windows\system32\drivers\symc8xx.sys (LSI Logic)
DRV - (LSI_FC) -- C:\Windows\system32\drivers\lsi_fc.sys (LSI Logic)
DRV - (Sym_u3) -- C:\Windows\system32\drivers\sym_u3.sys (LSI Logic)
DRV - (Mraid35x) -- C:\Windows\system32\drivers\mraid35x.sys (LSI Logic Corporation)
DRV - (Sym_hi) -- C:\Windows\system32\drivers\sym_hi.sys (LSI Logic)
DRV - (megasas) -- C:\Windows\system32\drivers\megasas.sys (LSI Logic Corporation)
DRV - (viaide) -- C:\Windows\system32\drivers\viaide.sys (VIA Technologies, Inc.)
DRV - (cmdide) -- C:\Windows\system32\drivers\cmdide.sys (CMD Technology, Inc.)
DRV - (aliide) -- C:\Windows\system32\drivers\aliide.sys (Acer Laboratories Inc.)
DRV - (Brserid) Brother MFC Serial Port Interface Driver (WDM) -- C:\Windows\system32\drivers\brserid.sys (Brother Industries Ltd.)
DRV - (BrUsbSer) -- C:\Windows\system32\drivers\brusbser.sys (Brother Industries Ltd.)
DRV - (BrFiltUp) -- C:\Windows\system32\drivers\brfiltup.sys (Brother Industries, Ltd.)
DRV - (BrFiltLo) -- C:\Windows\system32\drivers\brfiltlo.sys (Brother Industries, Ltd.)
DRV - (BrSerWdm) -- C:\Windows\system32\drivers\brserwdm.sys (Brother Industries Ltd.)
DRV - (BrUsbMdm) -- C:\Windows\system32\drivers\brusbmdm.sys (Brother Industries Ltd.)
DRV - (ntrigdigi) -- C:\Windows\system32\drivers\ntrigdigi.sys (N-trig Innovative Technologies)
DRV - (E1G60) Intel(R) -- C:\Windows\System32\drivers\E1G60I32.sys (Intel Corporation)
DRV - (SMSCIRDA) -- C:\Windows\System32\drivers\smscirda.sys (SMSC)
DRV - (FUJ02E3) -- C:\Windows\System32\drivers\fuj02e3.sys (FUJITSU LIMITED)
DRV - (FUJ02B1) -- C:\Windows\System32\drivers\fuj02b1.sys (FUJITSU LIMITED)
DRV - (tosporte) -- C:\Windows\System32\drivers\tosporte.sys (TOSHIBA Corporation)
DRV - (DgiVecp) -- C:\Windows\System32\drivers\DGIVECP.SYS (Samsung Electronics Co., Ltd.)
DRV - (ApfiltrService) -- C:\Windows\System32\drivers\Apfiltr.sys (Alps Electric Co., Ltd.)
DRV - (FBIOSDRV) -- C:\Windows\system32\drivers\FBIOSDRV.SYS (FUJITSU LIMITED)
DRV - (Tosrfcom) -- C:\Windows\System32\drivers\tosrfcom.sys (TOSHIBA Corporation)
DRV - (toshidpt) -- C:\Windows\System32\drivers\Toshidpt.sys (TOSHIBA Corporation.)
DRV - (tosrfnds) -- C:\Windows\System32\drivers\tosrfnds.sys (TOSHIBA Corporation.)
DRV - (ADVNTDRV) -- C:\Windows\System32\drivers\ADVNTDRV.SYS (FUJITSU LIMITED.)
========== Standard Registry (SafeList) ========== ========== Internet Explorer ========== IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-3836192299-951331460-3705126066-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Secondary Start Pages = [binary data]
IE - HKU\S-1-5-21-3836192299-951331460-3705126066-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page =
http://my.earthlink.net/IE - HKU\S-1-5-21-3836192299-951331460-3705126066-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
========== FireFox ========== FF - prefs.js..browser.startup.homepage: "http://my.earthlink.net/"
FF - prefs.js..extensions.enabledItems: {BBDA0591-3099-440a-AA10-41764D9DB4DB}:2.0
FF - prefs.js..extensions.enabledItems: {2D3F3651-74B9-4795-BDEC-6DA2F431CB62}:4.6
FF - prefs.js..extensions.enabledItems:
moveplayer@movenetworks.com:7
FF - HKLM\software\mozilla\Firefox\Extensions\\{BBDA0591-3099-440a-AA10-41764D9DB4DB}: C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_17.0.0.136\IPSFFPlgn\ [2009/09/21 11:16:12 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Firefox\Extensions\\{2D3F3651-74B9-4795-BDEC-6DA2F431CB62}: C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_17.0.0.136\coFFPlgn\ [2010/01/21 13:14:19 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.3\extensions\\Components: C:\Program Files\Firefox\components [2010/04/20 17:08:30 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.3\extensions\\Plugins: C:\Program Files\Firefox\plugins [2010/04/20 17:36:42 | 000,000,000 | ---D | M]
[2008/06/17 18:27:36 | 000,000,000 | ---D | M] -- C:\Users\Rick\AppData\Roaming\Mozilla\Extensions
[2010/03/27 21:56:47 | 000,000,000 | ---D | M] -- C:\Users\Rick\AppData\Roaming\Mozilla\Firefox\Profiles\mculodyo.default\extensions
[2009/07/01 12:21:33 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Users\Rick\AppData\Roaming\Mozilla\Firefox\Profiles\mculodyo.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}
[2009/10/31 15:07:09 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Rick\AppData\Roaming\Mozilla\Firefox\Profiles\mculodyo.default\extensions\{E2883E8F-472F-4fb0-9522-AC9BF37916A7}
[2009/10/31 15:07:25 | 000,000,000 | ---D | M] -- C:\Users\Rick\AppData\Roaming\Mozilla\Firefox\Profiles\mculodyo.default\extensions\cybersearch@cybernetnews.com
[2009/10/31 15:07:25 | 000,000,000 | ---D | M] -- C:\Users\Rick\AppData\Roaming\Mozilla\Firefox\Profiles\mculodyo.default\extensions\staged-xpis
O1 HOSTS File: ([2010/04/20 18:10:59 | 000,380,956 | R--- | M]) - C:\Windows\System32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: 127.0.0.1
www.007guard.comO1 - Hosts: 127.0.0.1 007guard.com
O1 - Hosts: 127.0.0.1 008i.com
O1 - Hosts: 127.0.0.1
www.008k.comO1 - Hosts: 127.0.0.1 008k.com
O1 - Hosts: 127.0.0.1
www.00hq.comO1 - Hosts: 127.0.0.1 00hq.com
O1 - Hosts: 127.0.0.1 010402.com
O1 - Hosts: 127.0.0.1
www.032439.comO1 - Hosts: 127.0.0.1 032439.com
O1 - Hosts: 127.0.0.1
www.0scan.comO1 - Hosts: 127.0.0.1 0scan.com
O1 - Hosts: 127.0.0.1
www.1000gratisproben.comO1 - Hosts: 127.0.0.1 1000gratisproben.com
O1 - Hosts: 127.0.0.1
www.1001namen.comO1 - Hosts: 127.0.0.1 1001namen.com
O1 - Hosts: 127.0.0.1
www.100888290cs.comO1 - Hosts: 127.0.0.1 100888290cs.com
O1 - Hosts: 127.0.0.1
www.100sexlinks.comO1 - Hosts: 127.0.0.1 100sexlinks.com
O1 - Hosts: 127.0.0.1 10sek.com
O1 - Hosts: 127.0.0.1
www.10sek.comO1 - Hosts: 127.0.0.1 1-2005-search.com
O1 - Hosts: 127.0.0.1
www.1-2005-search.comO1 - Hosts: 13124 more lines...
O2 - BHO: (Symantec NCO BHO) - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files\Norton Internet Security\Norton Internet Security\Engine\17.6.0.32\coieplg.dll (Symantec Corporation)
O2 - BHO: (Symantec Intrusion Prevention) - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files\Norton Internet Security\Norton Internet Security\Engine\17.6.0.32\ipsbho.dll (Symantec Corporation)
O2 - BHO: (SSVHelper Class) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll (Sun Microsystems, Inc.)
O3 - HKLM\..\Toolbar: (Norton Toolbar) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files\Norton Internet Security\Norton Internet Security\Engine\17.6.0.32\coieplg.dll (Symantec Corporation)
O3 - HKU\S-1-5-21-3836192299-951331460-3705126066-1000\..\Toolbar\WebBrowser: (Norton Toolbar) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files\Norton Internet Security\Norton Internet Security\Engine\17.6.0.32\coieplg.dll (Symantec Corporation)
O4 - HKLM..\Run: [ATSwpNav] C:\Program Files\Fingerprint Sensor\ATSwpNav.exe (AuthenTec, Inc.)
O4 - HKLM..\Run: [FjRDrvMon] C:\Windows\RDrvMon.exe ()
O4 - HKLM..\Run: [FJUPDNV_Chitose] C:\Program Files\Fujitsu\fjdvrupd\updatenv.exe (FUJITSU LIMITED)
O4 - HKLM..\Run: [IAAnotif] C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe (Intel Corporation)
O4 - HKLM..\Run: [IaNvSrv] C:\Program Files\Intel\Intel Matrix Storage Manager\OROM\IaNvSrv\IaNvSrv.exe (Intel Corporation)
O4 - HKLM..\Run: [IndicatorUtility] C:\Program Files\Fujitsu\Fujitsu Hotkey Utility\IndicatorUty.exe (FUJITSU LIMITED)
O4 - HKLM..\Run: [LoadBtnHnd] C:\Program Files\Fujitsu\BtnHnd\BtnHnd.exe (FUJITSU LIMITED)
O4 - HKLM..\Run: [LoadFUJ02E3] C:\Program Files\Fujitsu\FUJ02E3\FUJ02E3.exe (FUJITSU LIMITED)
O4 - HKLM..\Run: [LoadFujitsuQuickTouch] C:\Program Files\Fujitsu\Application Panel\QuickTouch.exe (FUJITSU LIMITED)
O4 - HKLM..\Run: [OmniPass] C:\Program Files\Softex\OmniPass\scureapp.exe ()
O4 - HKLM..\Run: [RtHDVCpl] C:\Windows\RtHDVCpl.exe (Realtek Semiconductor)
O4 - HKLM..\Run: [Skytel] C:\Windows\SkyTel.exe (Realtek Semiconductor Corp.)
O4 - HKLM..\Run: [SSUtility] C:\Program Files\Fujitsu\SSUtility\FJSSDMN.exe (FUJITSU LIMITED)
O4 - HKLM..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre6\bin\jusched.exe File not found
O4 - HKU\S-1-5-21-3836192299-951331460-3705126066-1000..\Run: [Taskix] C:\Program Files\Taskix\Taskix32.exe (Robust IT)
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\control panel present
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\restrictions present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 8
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: HideLegacyLogonScripts = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: HideLogoffScripts = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: RunLogonScriptSync = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: RunStartupScriptSync = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: HideStartupScripts = 0
O7 - HKU\.DEFAULT\Software\Policies\Microsoft\Internet Explorer\AdvancedOptions present
O7 - HKU\.DEFAULT\Software\Policies\Microsoft\Internet Explorer\Infodelivery present
O7 - HKU\S-1-5-18\Software\Policies\Microsoft\Internet Explorer\AdvancedOptions present
O7 - HKU\S-1-5-18\Software\Policies\Microsoft\Internet Explorer\Infodelivery present
O7 - HKU\S-1-5-19\Software\Policies\Microsoft\Internet Explorer\AdvancedOptions present
O7 - HKU\S-1-5-19\Software\Policies\Microsoft\Internet Explorer\Infodelivery present
O7 - HKU\S-1-5-20\Software\Policies\Microsoft\Internet Explorer\AdvancedOptions present
O7 - HKU\S-1-5-20\Software\Policies\Microsoft\Internet Explorer\Infodelivery present
O7 - HKU\S-1-5-21-3836192299-951331460-3705126066-1000\Software\Policies\Microsoft\Internet Explorer\AdvancedOptions present
O7 - HKU\S-1-5-21-3836192299-951331460-3705126066-1000\Software\Policies\Microsoft\Internet Explorer\Infodelivery present
O7 - HKU\S-1-5-21-3836192299-951331460-3705126066-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HideSCABattery = 0
O7 - HKU\S-1-5-21-3836192299-951331460-3705126066-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: AlwaysShowClassicMenu = 1
O7 - HKU\S-1-5-21-3836192299-951331460-3705126066-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HideSCAVolume = 0
O7 - HKU\S-1-5-21-3836192299-951331460-3705126066-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: HideLegacyLogonScripts = 0
O7 - HKU\S-1-5-21-3836192299-951331460-3705126066-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: HideLogoffScripts = 0
O7 - HKU\S-1-5-21-3836192299-951331460-3705126066-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: HideStartupScripts = 0
O7 - HKU\S-1-5-21-3836192299-951331460-3705126066-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: RunLogonScriptSync = 1
O7 - HKU\S-1-5-21-3836192299-951331460-3705126066-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: RunStartupScriptSync = 0
O9 - Extra 'Tools' menuitem : Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre6\bin\ssv.dll (Sun Microsystems, Inc.)
O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\Program Files\Microsoft Office\Office12\REFIEBAR.DLL (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O16 - DPF: {166B1BCA-3F9C-11CF-8075-444553540000}
http://download.macromedia.com/pub/shoc ... tor/sw.cab (Shockwave ActiveX Control)
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700}
http://download.microsoft.com/download/ ... ontrol.cab (Windows Genuine Advantage Validation Tool)
O16 - DPF: {233C1507-6A77-46A4-9443-F871F945D258}
http://download.macromedia.com/pub/shoc ... tor/sw.cab (Shockwave ActiveX Control)
O16 - DPF: {2BC66F54-93A8-11D3-BEB6-00105AA9B6AE}
http://security.symantec.com/sscv6/Shar ... vSniff.cab (Symantec AntiVirus scanner)
O16 - DPF: {644E432F-49D3-41A1-8DD5-E099162EEEC5}
http://security.symantec.com/sscv6/Shar ... /cabsa.cab (Symantec RuFSI Utility Class)
O16 - DPF: {65FDEDF3-8ED9-4F5B-825E-18C2D44191A7}
https://as00.estara.com/UI/proxyhttps.p ... 2OneCC.cab (OneCCCtl Class)
O16 - DPF: {8A0019EB-51FA-4AE5-A40B-C0496BBFC739}
http://picture.vzw.com/activex/VerizonW ... ontrol.cab (Verizon Wireless Media Upload)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93}
http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_18)
O16 - DPF: {8FD07749-EFFA-48C6-947C-45A8D7BF422F}
http://www.cyberlink.com/vista/prog/CLVistaGenie.cab (CLVistaGenie Control)
O16 - DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C}
http://fpdownload.macromedia.com/get/fl ... rashim.cab (Reg Error: Key error.)
O16 - DPF: {B1E2B96C-12FE-45E2-BEF1-44A219113CDD}
http://www.superadblocker.com/activex/sabspx.cab (SABScanProcesses Class)
O16 - DPF: {CAFEEFAC-0016-0000-0018-ABCDEFFEDCBA}
http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_18)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA}
http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_18)
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7}
http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab (Reg Error: Key error.)
O16 - DPF: {E8F628B5-259A-4734-97EE-BA914D7BE941}
http://driveragent.com/files/driveragent.cab (Driver Agent ActiveX Control)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 10.0.0.1
O18 - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Program Files\Common Files\microsoft shared\Help\hxds.dll (Microsoft Corporation)
O18 - Protocol\Handler\x-excid {9D6CC632-1337-4a33-9214-2DA092E776F4} - c:\Windows\Downloaded Program Files\mimectl.dll ()
O18 - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\microsoft shared\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20 - Winlogon\Notify\igfxcui: DllName - igfxdev.dll - C:\Windows\System32\igfxdev.dll (Intel Corporation)
O24 - Desktop WallPaper: C:\Users\Public\Pictures\Sample Pictures\Fall Foliage.jpg
O24 - Desktop BackupWallPaper: C:\Users\Public\Pictures\Sample Pictures\Fall Foliage.jpg
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2006/09/18 14:43:36 | 000,000,024 | ---- | M] () - C:\Autoexec.bat -- [ NTFS ]
O33 - MountPoints2\{89d3ba88-4613-11dd-b44b-00037ab1e5ce}\Shell - "" = AutoRun
O33 - MountPoints2\{89d3ba88-4613-11dd-b44b-00037ab1e5ce}\Shell\AutoRun\command - "" = F:\setup.exe -- File not found
O33 - MountPoints2\{f816b7f8-2133-11de-9566-00037ab1e5ce}\Shell - "" = AutoRun
O33 - MountPoints2\{f816b7f8-2133-11de-9566-00037ab1e5ce}\Shell\AutoRun\command - "" = F:\AutoRun.exe -- File not found
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O34 - HKLM BootExecute: (autocheck lsdelete) - File not found
O34 - HKLM BootExecute: (autocheck lsdelete) - File not found
O34 - HKLM BootExecute: (autocheck lsdelete) - File not found
O34 - HKLM BootExecute: (autocheck lsdelete) - File not found
O34 - HKLM BootExecute: (autocheck lsdelete) - File not found
O34 - HKLM BootExecute: (autocheck lsdelete) - File not found
O34 - HKLM BootExecute: (autocheck lsdelete) - File not found
O34 - HKLM BootExecute: (autocheck lsdelete) - File not found
O34 - HKLM BootExecute: (autocheck lsdelete) - File not found
O34 - HKLM BootExecute: (autocheck lsdelete) - File not found
O34 - HKLM BootExecute: (autocheck lsdelete) - File not found
O34 - HKLM BootExecute: (autocheck lsdelete) - File not found
O34 - HKLM BootExecute: (autocheck lsdelete) - File not found
O34 - HKLM BootExecute: (autocheck lsdelete) - File not found
O34 - HKLM BootExecute: (autocheck lsdelete) - File not found
O34 - HKLM BootExecute: (autocheck lsdelete) - File not found
O34 - HKLM BootExecute: (autocheck lsdelete) - File not found
O34 - HKLM BootExecute: (autocheck lsdelete) - File not found
O34 - HKLM BootExecute: (autocheck lsdelete) - File not found
O34 - HKLM BootExecute: (autocheck lsdelete) - File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = ComFile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
========== Files/Folders - Created Within 90 Days ========== [2010/04/21 11:43:06 | 000,562,176 | ---- | C] (OldTimer Tools) -- C:\Users\Rick\Desktop\OTL.exe
[2010/04/20 19:08:04 | 000,000,000 | ---D | C] -- C:\Users\Rick\Desktop\Malware Removal Forum
[2010/04/20 18:21:22 | 000,000,000 | ---D | C] -- C:\rsit
[2010/04/20 18:21:22 | 000,000,000 | ---D | C] -- \rsit
[2010/04/20 17:31:45 | 000,000,000 | -HSD | C] -- C:\Config.Msi
[2010/04/20 17:31:45 | 000,000,000 | -HSD | C] -- \Config.Msi
[2010/04/16 23:27:52 | 000,000,000 | ---D | C] -- C:\Users\Rick\Desktop\Medical Supplement Info
[2010/04/14 08:25:40 | 003,600,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ntkrnlpa.exe
[2010/04/14 08:25:40 | 003,548,040 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ntoskrnl.exe
[2010/04/14 08:25:38 | 000,420,352 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\vbscript.dll
[2010/04/14 08:25:33 | 000,220,672 | ---- | C] (Fraunhofer Institut Integrierte Schaltungen IIS) -- C:\Windows\System32\l3codecp.acm
[2010/04/14 08:25:33 | 000,062,464 | ---- | C] (Fraunhofer Institut Integrierte Schaltungen IIS) -- C:\Windows\System32\l3codeca.acm
[2010/04/11 18:38:56 | 000,000,000 | ---D | C] -- C:\Users\Rick\Desktop\ELCO
[2010/04/05 11:45:12 | 000,099,840 | ---- | C] (Broderbund Properties LLC) -- C:\Windows\System32\IMgr.ocx
[2010/04/05 11:45:12 | 000,000,000 | ---D | C] -- C:\ProgramData\Broderbund Software
[2010/04/05 11:37:14 | 000,000,000 | ---D | C] -- C:\Program Files\Calendar Creator
[2010/04/03 17:45:07 | 000,000,000 | ---D | C] -- C:\Program Files\iPod
[2010/04/03 17:44:57 | 000,000,000 | ---D | C] -- C:\ProgramData\{429CAD59-35B1-4DBC-BB6D-1DB246563521}
[2010/04/03 17:37:54 | 000,000,000 | ---D | C] -- C:\Program Files\Bonjour
[2010/03/31 19:39:23 | 001,638,912 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mshtml.tlb
[2010/03/31 19:39:23 | 001,469,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\inetcpl.cpl
[2010/03/31 19:39:23 | 000,611,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mstime.dll
[2010/03/31 19:39:23 | 000,594,432 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msfeeds.dll
[2010/03/31 19:39:23 | 000,387,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iedkcs32.dll
[2010/03/31 19:39:23 | 000,184,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iepeers.dll
[2010/03/31 19:39:23 | 000,173,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ie4uinit.exe
[2010/03/31 19:39:23 | 000,164,352 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieui.dll
[2010/03/31 19:39:23 | 000,133,632 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieUnatt.exe
[2010/03/31 19:39:23 | 000,109,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iesysprep.dll
[2010/03/31 19:39:23 | 000,071,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iesetup.dll
[2010/03/31 19:39:23 | 000,055,808 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iernonce.dll
[2010/03/31 19:39:23 | 000,055,296 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msfeedsbs.dll
[2010/03/31 19:39:23 | 000,025,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jsproxy.dll
[2010/03/31 19:39:23 | 000,013,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msfeedssync.exe
[2010/03/28 21:44:01 | 000,000,000 | ---D | C] -- C:\Users\Rick\Desktop\AT&T Wi-Fi
[2010/03/20 00:25:07 | 000,000,000 | ---D | C] -- C:\Program Files\MailWasher Pro 2010 Beta
[2010/03/17 21:53:42 | 000,094,208 | ---- | C] (Apple Inc.) -- C:\Windows\System32\QuickTimeVR.qtx
[2010/03/17 21:53:42 | 000,069,632 | ---- | C] (Apple Inc.) -- C:\Windows\System32\QuickTime.qts
[2010/03/10 23:16:14 | 000,000,000 | ---D | C] -- C:\Users\Rick\AppData\Roaming\Avery
[2010/03/10 11:08:08 | 000,024,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\nshhttp.dll
[2010/03/10 11:08:07 | 000,030,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\httpapi.dll
[2010/03/09 12:58:45 | 000,000,000 | ---D | C] -- C:\Users\Rick\Desktop\SFG
[2010/03/07 12:57:55 | 000,000,000 | ---D | C] -- C:\Users\Rick\AppData\Roaming\Smart PDF Converter Pro
[2010/02/23 18:54:45 | 000,726,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jscript.dll
[2010/02/23 18:54:38 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\tzres.dll
[2010/02/23 18:54:16 | 000,471,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\secproc_isv.dll
[2010/02/23 18:54:16 | 000,471,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\secproc.dll
[2010/02/23 18:54:15 | 000,526,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\RMActivate_isv.exe
[2010/02/23 18:54:15 | 000,518,144 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\RMActivate.exe
[2010/02/23 18:54:15 | 000,347,136 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\RMActivate_ssp.exe
[2010/02/23 18:54:15 | 000,346,624 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\RMActivate_ssp_isv.exe
[2010/02/23 18:54:15 | 000,332,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msdrm.dll
[2010/02/23 18:54:15 | 000,152,576 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\secproc_ssp_isv.dll
[2010/02/23 18:54:15 | 000,152,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\secproc_ssp.dll
[2010/02/23 18:54:13 | 001,696,256 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\gameux.dll
[2010/02/23 18:54:12 | 004,240,384 | ---- | C] (Microsoft) -- C:\Windows\System32\GameUXLegacyGDFs.dll
[2010/02/23 18:54:12 | 000,028,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\Apphlpdm.dll
[2010/02/12 11:46:14 | 000,107,808 | ---- | C] (Apple Inc.) -- C:\Windows\System32\dns-sd.exe
[2010/02/12 11:46:14 | 000,091,424 | ---- | C] (Apple Inc.) -- C:\Windows\System32\dnssd.dll
[2010/02/09 15:55:20 | 001,314,816 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\quartz.dll
[2010/02/09 15:55:20 | 000,123,904 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msvfw32.dll
[2010/02/09 15:55:20 | 000,091,136 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\avifil32.dll
[2010/02/09 15:55:20 | 000,082,944 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mciavi32.dll
[2010/01/28 02:46:02 | 000,000,000 | ---D | C] -- C:\ProgramData\Sun
[2010/01/28 02:45:46 | 000,153,376 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\System32\javaws.exe
[2010/01/28 02:45:46 | 000,145,184 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\System32\javaw.exe
[2010/01/28 02:45:46 | 000,145,184 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\System32\java.exe
[2010/01/21 13:13:58 | 000,044,080 | R--- | C] (Symantec Corporation) -- C:\Windows\System32\drivers\SymIMV.sys
[2009/04/21 11:14:06 | 000,455,928 | ---- | C] (Stardock) -- C:\Program Files\Common Files\StardockWeather.ocx
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
========== Files - Modified Within 90 Days ========== [2010/04/21 11:47:11 | 008,126,464 | -H-- | M] () -- C:\Users\Rick\ntuser.dat
[2010/04/21 11:46:49 | 000,003,296 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
[2010/04/21 11:46:49 | 000,003,296 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
[2010/04/21 11:45:01 | 000,000,882 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2010/04/21 11:43:10 | 000,562,176 | ---- | M] (OldTimer Tools) -- C:\Users\Rick\Desktop\OTL.exe
[2010/04/21 10:08:20 | 002,055,860 | ---- | M] () -- C:\Windows\System32\drivers\NIS\1106000.020\Cat.DB
[2010/04/21 09:55:32 | 000,248,320 | ---- | M] () -- C:\Users\Rick\Desktop\Graduation Event Dates & Times.doc
[2010/04/21 09:45:00 | 000,000,878 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2010/04/21 07:46:30 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2010/04/20 22:57:07 | 000,000,128 | ---- | M] () -- C:\Users\Rick\Desktop\Umbo Bluetooth Earbud.url
[2010/04/20 19:00:44 | 000,000,177 | ---- | M] () -- C:\Users\Rick\Desktop\Johns Hopkins Health Alerts.url
[2010/04/20 18:48:33 | 000,713,158 | ---- | M] () -- C:\Windows\System32\PerfStringBackup.INI
[2010/04/20 18:48:33 | 000,611,788 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2010/04/20 18:48:33 | 000,106,796 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2010/04/20 18:40:51 | 000,000,006 | -H-- | M] () -- C:\Windows\tasks\SA.DAT
[2010/04/20 18:40:40 | 2137,427,968 | -HS- | M] () -- C:\hiberfil.sys
[2010/04/20 18:39:03 | 000,524,288 | -HS- | M] () -- C:\Users\Rick\ntuser.dat{d644a900-d707-11de-88ac-00037ab1e5ce}.TMContainer00000000000000000001.regtrans-ms
[2010/04/20 18:39:03 | 000,065,536 | -HS- | M] () -- C:\Users\Rick\ntuser.dat{d644a900-d707-11de-88ac-00037ab1e5ce}.TM.blf
[2010/04/20 18:38:59 | 003,300,407 | -H-- | M] () -- C:\Users\Rick\AppData\Local\IconCache.db
[2010/04/20 18:10:59 | 000,380,956 | R--- | M] () -- C:\Windows\System32\drivers\etc\hosts
[2010/04/19 22:48:37 | 000,000,256 | ---- | M] () -- C:\Windows\System32\TweakVI.val
[2010/04/19 09:10:00 | 000,000,522 | ---- | M] () -- C:\Windows\tasks\AdAwareUpdate Weekly software update.job
[2010/04/18 21:11:37 | 001,886,483 | ---- | M] () -- C:\Users\Rick\Desktop\Long-Term Care Info.mht
[2010/04/18 07:07:54 | 000,000,456 | ---- | M] () -- C:\Windows\tasks\Driver Robot.job
[2010/04/16 13:42:48 | 000,000,636 | ---- | M] () -- C:\Windows\tasks\Norton Internet Security - Rick - Full System Scan.job
[2010/04/16 08:13:16 | 000,000,420 | -H-- | M] () -- C:\Windows\tasks\User_Feed_Synchronization-{B71D2D97-D49C-46E6-8824-6B4B2FF44829}.job
[2010/04/13 21:48:45 | 000,021,504 | ---- | M] () -- C:\Users\Rick\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2010/04/07 13:36:23 | 000,000,209 | ---- | M] () -- C:\Users\Rick\Desktop\Facebook CBS PAGE REUNION.url
[2010/04/05 10:53:54 | 000,000,349 | ---- | M] () -- C:\Users\Rick\Desktop\JCP Rewards Member Sweepstakes.url
[2010/04/03 18:24:20 | 000,000,299 | ---- | M] () -- C:\Users\Rick\Desktop\JCPenney OrderConfirmation.url
[2010/03/30 15:38:07 | 000,000,036 | ---- | M] () -- C:\Users\Rick\AppData\Local\housecall.guid.cache
[2010/03/30 00:46:30 | 000,038,224 | ---- | M] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbamswissarmy.sys
[2010/03/30 00:45:52 | 000,020,824 | ---- | M] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbam.sys
[2010/03/29 09:30:31 | 000,006,648 | ---- | M] () -- C:\Users\Rick\AppData\Local\d3d9caps.dat
[2010/03/26 17:57:35 | 000,000,172 | ---- | M] () -- C:\Windows\System32\drivers\NIS\1106000.020\isolate.ini
[2010/03/24 08:21:38 | 000,377,782 | R--- | M] () -- C:\Windows\System32\drivers\etc\hosts.20100324-082620.backup
[2010/03/23 14:47:06 | 000,000,875 | R--- | M] () -- C:\Windows\System32\drivers\etc\hosts.20100324-082137.backup
[2010/03/18 10:35:37 | 000,000,222 | ---- | M] () -- C:\Users\Rick\Desktop\Home (Ladue1970).url
[2010/03/18 10:31:10 | 000,014,634 | ---- | M] () -- C:\Users\Rick\Documents\Pocket Notecard.docx
[2010/03/17 21:53:42 | 000,094,208 | ---- | M] (Apple Inc.) -- C:\Windows\System32\QuickTimeVR.qtx
[2010/03/17 21:53:42 | 000,069,632 | ---- | M] (Apple Inc.) -- C:\Windows\System32\QuickTime.qts
[2010/03/15 11:16:21 | 000,000,174 | ---- | M] () -- C:\Users\Rick\Desktop\National Train Day 2010 (5-08-10).url
[2010/03/13 17:44:09 | 000,168,640 | ---- | M] () -- C:\Users\Rick\AppData\Local\GDIPFONTCACHEV1.DAT
[2010/03/13 17:37:46 | 000,536,160 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT
[2010/03/07 14:01:42 | 000,000,883 | ---- | M] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\ObjectDock.lnk
[2010/03/05 07:01:02 | 000,420,352 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\vbscript.dll
[2010/03/01 20:32:06 | 000,007,442 | ---- | M] () -- C:\Windows\System32\drivers\NIS\1106000.020\srtspx.cat
[2010/03/01 20:32:06 | 000,007,438 | ---- | M] () -- C:\Windows\System32\drivers\NIS\1106000.020\srtsp.cat
[2010/02/26 19:23:54 | 000,116,784 | ---- | M] (Symantec Corporation) -- C:\Windows\System32\drivers\NIS\1106000.020\ironx86.sys
[2010/02/26 19:23:54 | 000,007,438 | ---- | M] () -- C:\Windows\System32\drivers\NIS\1106000.020\iron.cat
[2010/02/26 19:23:54 | 000,000,741 | ---- | M] () -- C:\Windows\System32\drivers\NIS\1106000.020\iron.inf
[2010/02/26 19:23:21 | 000,325,680 | ---- | M] (Symantec Corporation) -- C:\Windows\System32\drivers\NIS\1106000.020\srtsp.sys
[2010/02/26 19:23:21 | 000,043,696 | ---- | M] (Symantec Corporation) -- C:\Windows\System32\drivers\NIS\1106000.020\srtspx.sys
[2010/02/26 19:23:21 | 000,001,388 | ---- | M] () -- C:\Windows\System32\drivers\NIS\1106000.020\srtspx.inf
[2010/02/26 19:23:21 | 000,001,382 | ---- | M] () -- C:\Windows\System32\drivers\NIS\1106000.020\srtsp.inf
[2010/02/25 16:22:57 | 000,501,888 | ---- | M] (Symantec Corporation) -- C:\Windows\System32\drivers\NIS\1106000.020\cchpx86.sys
[2010/02/25 10:54:56 | 000,007,396 | ---- | M] () -- C:\Windows\System32\drivers\NIS\1106000.020\cchpx86.cat
[2010/02/22 23:35:21 | 000,611,840 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\mstime.dll
[2010/02/22 23:34:49 | 000,594,432 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\msfeeds.dll
[2010/02/22 23:34:49 | 000,055,296 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\msfeedsbs.dll
[2010/02/22 23:34:06 | 000,025,600 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\jsproxy.dll
[2010/02/22 23:33:59 | 001,469,440 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\inetcpl.cpl
[2010/02/22 23:33:45 | 000,164,352 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ieui.dll
[2010/02/22 23:33:45 | 000,109,056 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\iesysprep.dll
[2010/02/22 23:33:45 | 000,071,680 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\iesetup.dll
[2010/02/22 23:33:44 | 000,184,320 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\iepeers.dll
[2010/02/22 23:33:44 | 000,055,808 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\iernonce.dll
[2010/02/22 23:33:38 | 000,387,584 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\iedkcs32.dll
[2010/02/22 21:55:36 | 000,133,632 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ieUnatt.exe
[2010/02/22 21:55:24 | 000,173,056 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ie4uinit.exe
[2010/02/22 21:54:43 | 000,013,312 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\msfeedssync.exe
[2010/02/22 21:54:20 | 001,638,912 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\mshtml.tlb
[2010/02/20 16:06:41 | 000,024,064 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\nshhttp.dll
[2010/02/20 16:05:14 | 000,030,720 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\httpapi.dll
[2010/02/18 07:07:05 | 003,600,776 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ntkrnlpa.exe
[2010/02/18 07:07:05 | 003,548,040 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ntoskrnl.exe
[2010/02/12 11:46:14 | 000,107,808 | ---- | M] (Apple Inc.) -- C:\Windows\System32\dns-sd.exe
[2010/02/12 11:46:14 | 000,091,424 | ---- | M] (Apple Inc.) -- C:\Windows\System32\dnssd.dll
[2010/02/07 14:44:46 | 000,113,001 | ---- | M] () -- C:\Users\Rick\Desktop\max-romer622.pdf
[2010/02/05 13:52:57 | 000,001,754 | ---- | M] () -- C:\Windows\System32\drivers\NIS\1106000.020\cchpx86.inf
[2010/02/03 18:40:52 | 000,340,016 | ---- | M] (Symantec Corporation) -- C:\Windows\System32\drivers\NIS\1106000.020\symtdiv.sys
[2010/02/03 18:40:51 | 000,007,787 | ---- | M] () -- C:\Windows\System32\drivers\NIS\1106000.020\symnetv.cat
[2010/02/03 18:40:51 | 000,007,368 | ---- | M] () -- C:\Windows\System32\drivers\NIS\1106000.020\symnet.cat
[2010/02/03 18:40:51 | 000,001,473 | ---- | M] () -- C:\Windows\System32\drivers\NIS\1106000.020\symnetv.inf
[2010/02/03 18:40:51 | 000,001,445 | ---- | M] () -- C:\Windows\System32\drivers\NIS\1106000.020\symnet.inf
[2010/02/03 18:40:50 | 000,172,592 | ---- | M] (Symantec Corporation) -- C:\Windows\System32\drivers\NIS\1106000.020\symefa.sys
[2010/02/03 18:40:50 | 000,007,444 | ---- | M] () -- C:\Windows\System32\drivers\NIS\1106000.020\symefa.cat
[2010/02/03 18:40:50 | 000,003,374 | ---- | M] () -- C:\Windows\System32\drivers\NIS\1106000.020\symefa.inf
[2010/02/03 18:40:47 | 000,007,425 | ---- | M] () -- C:\Windows\System32\drivers\NIS\1106000.020\symds.cat
[2010/01/30 11:20:56 | 000,377,794 | R--- | M] () -- C:\Windows\System32\drivers\etc\hosts.20100323-144706.backup
[2010/01/29 23:48:36 | 000,000,242 | ---- | M] () -- C:\Users\Rick\Desktop\Ford Test Drive Ticket Redemption.url
[2010/01/25 05:00:35 | 000,471,552 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\secproc_isv.dll
[2010/01/25 05:00:35 | 000,152,576 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\secproc_ssp_isv.dll
[2010/01/25 05:00:35 | 000,152,064 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\secproc_ssp.dll
[2010/01/25 05:00:22 | 000,471,552 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\secproc.dll
[2010/01/25 04:58:52 | 000,332,288 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\msdrm.dll
[2010/01/25 01:21:20 | 000,526,336 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\RMActivate_isv.exe
[2010/01/25 01:21:20 | 000,346,624 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\RMActivate_ssp_isv.exe
[2010/01/25 01:21:18 | 000,518,144 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\RMActivate.exe
[2010/01/25 01:21:18 | 000,347,136 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\RMActivate_ssp.exe
[2010/01/23 02:26:13 | 000,002,048 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\tzres.dll
[2010/01/21 12:36:47 | 000,030,208 | ---- | M] () -- C:\Users\Rick\Documents\Stonefire Grill Employee Benefit Sheet.xls
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
========== Files Created - No Company Name ========== [2010/04/20 22:57:07 | 000,000,128 | ---- | C] () -- C:\Users\Rick\Desktop\Umbo Bluetooth Earbud.url
[2010/04/20 19:00:44 | 000,000,177 | ---- | C] () -- C:\Users\Rick\Desktop\Johns Hopkins Health Alerts.url
[2010/04/18 21:11:32 | 001,886,483 | ---- | C] () -- C:\Users\Rick\Desktop\Long-Term Care Info.mht
[2010/04/12 09:50:39 | 000,248,320 | ---- | C] () -- C:\Users\Rick\Desktop\Graduation Event Dates & Times.doc
[2010/04/07 13:36:23 | 000,000,209 | ---- | C] () -- C:\Users\Rick\Desktop\Facebook CBS PAGE REUNION.url
[2010/04/05 11:45:11 | 002,359,352 | ---- | C] () -- C:\Windows\System32\ccsaver.bmp
[2010/04/05 11:45:11 | 000,087,040 | ---- | C] () -- C:\Windows\System32\ccsaver.scr
[2010/04/05 10:53:53 | 000,000,349 | ---- | C] () -- C:\Users\Rick\Desktop\JCP Rewards Member Sweepstakes.url
[2010/04/03 18:24:20 | 000,000,299 | ---- | C] () -- C:\Users\Rick\Desktop\JCPenney OrderConfirmation.url
[2010/03/30 15:38:07 | 000,000,036 | ---- | C] () -- C:\Users\Rick\AppData\Local\housecall.guid.cache
[2010/03/18 10:35:37 | 000,000,222 | ---- | C] () -- C:\Users\Rick\Desktop\Home (Ladue1970).url
[2010/03/18 10:31:09 | 000,014,634 | ---- | C] () -- C:\Users\Rick\Documents\Pocket Notecard.docx
[2010/03/15 11:16:21 | 000,000,174 | ---- | C] () -- C:\Users\Rick\Desktop\National Train Day 2010 (5-08-10).url
[2010/03/07 14:03:56 | 000,000,883 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\ObjectDock.lnk
[2010/02/07 14:44:46 | 000,113,001 | ---- | C] () -- C:\Users\Rick\Desktop\max-romer622.pdf
[2010/01/29 23:48:36 | 000,000,242 | ---- | C] () -- C:\Users\Rick\Desktop\Ford Test Drive Ticket Redemption.url
[2010/01/21 12:36:47 | 000,030,208 | ---- | C] () -- C:\Users\Rick\Documents\Stonefire Grill Employee Benefit Sheet.xls
[2009/11/21 18:56:42 | 000,524,288 | -HS- | C] () -- C:\Users\Rick\ntuser.dat{d644a900-d707-11de-88ac-00037ab1e5ce}.TMContainer00000000000000000002.regtrans-ms
[2009/11/21 18:56:42 | 000,524,288 | -HS- | C] () -- C:\Users\Rick\ntuser.dat{d644a900-d707-11de-88ac-00037ab1e5ce}.TMContainer00000000000000000001.regtrans-ms
[2009/11/21 18:56:42 | 000,065,536 | -HS- | C] () -- C:\Users\Rick\ntuser.dat{d644a900-d707-11de-88ac-00037ab1e5ce}.TM.blf
[2009/11/21 18:39:45 | 2137,427,968 | -HS- | C] () --
[2009/08/03 15:07:42 | 000,403,816 | ---- | C] () -- C:\Windows\System32\OGACheckControl.dll
[2009/05/26 11:27:39 | 000,117,248 | ---- | C] () -- C:\Windows\System32\EhStorAuthn.dll
[2009/05/01 18:30:41 | 000,000,024 | ---- | C] () -- C:\Users\Rick\AppData\Roaming\Final Draft Tagger Preferences
[2009/05/01 17:57:42 | 000,000,025 | -H-- | C] () -- C:\ProgramData\.811261211181235583101118113995
[2009/02/02 08:59:03 | 000,064,732 | ---- | C] () -- \aaw7boot.log
[2008/12/10 19:35:05 | 000,338,944 | ---- | C] () -- C:\Windows\System32\lffpx7.dll
[2008/12/10 19:35:05 | 000,118,784 | ---- | C] () -- C:\Windows\System32\lfkodak.dll
[2008/11/24 13:52:17 | 000,004,096 | -HS- | C] () -- \VSNAP.IDX
[2008/11/24 12:55:37 | 000,524,288 | -HS- | C] () -- C:\Users\Rick\NTUSER.DAT{e0e18f2e-ba5f-11dd-abcf-00037ab1e5ce}.TMContainer00000000000000000002.regtrans-ms
[2008/11/24 12:55:37 | 000,524,288 | -HS- | C] () -- C:\Users\Rick\NTUSER.DAT{e0e18f2e-ba5f-11dd-abcf-00037ab1e5ce}.TMContainer00000000000000000001.regtrans-ms
[2008/11/24 12:55:37 | 000,065,536 | -HS- | C] () -- C:\Users\Rick\NTUSER.DAT{e0e18f2e-ba5f-11dd-abcf-00037ab1e5ce}.TM.blf
[2008/11/20 13:32:23 | 000,215,144 | R--- | C] () -- C:\Windows\patchw32.dll
[2008/11/19 17:29:50 | 000,000,133 | ---- | C] () -- C:\ProgramData\Microsoft.SqlServer.Compact.351.32.bc
[2008/11/12 11:30:36 | 000,524,288 | -HS- | C] () -- C:\Users\Rick\NTUSER.DAT{98f26d39-b0cc-11dd-8433-00037ab1e5ce}.TMContainer00000000000000000002.regtrans-ms
[2008/11/12 11:30:36 | 000,524,288 | -HS- | C] () -- C:\Users\Rick\NTUSER.DAT{98f26d39-b0cc-11dd-8433-00037ab1e5ce}.TMContainer00000000000000000001.regtrans-ms
[2008/11/12 11:30:35 | 000,065,536 | -HS- | C] () -- C:\Users\Rick\NTUSER.DAT{98f26d39-b0cc-11dd-8433-00037ab1e5ce}.TM.blf
[2008/11/04 14:06:52 | 000,524,288 | -HS- | C] () -- C:\Users\Rick\NTUSER.DAT{ff1b362c-aab3-11dd-83b5-00037ab1e5ce}.TMContainer00000000000000000002.regtrans-ms
[2008/11/04 14:06:51 | 000,524,288 | -HS- | C] () -- C:\Users\Rick\NTUSER.DAT{ff1b362c-aab3-11dd-83b5-00037ab1e5ce}.TMContainer00000000000000000001.regtrans-ms
[2008/11/04 14:06:50 | 000,065,536 | -HS- | C] () -- C:\Users\Rick\NTUSER.DAT{ff1b362c-aab3-11dd-83b5-00037ab1e5ce}.TM.blf
[2008/11/04 13:57:51 | 000,524,288 | -HS- | C] () -- C:\Users\Rick\NTUSER.DAT{21fb7c0c-aab3-11dd-8106-00037ab1e5ce}.TMContainer00000000000000000002.regtrans-ms
[2008/11/04 13:57:51 | 000,524,288 | -HS- | C] () -- C:\Users\Rick\NTUSER.DAT{21fb7c0c-aab3-11dd-8106-00037ab1e5ce}.TMContainer00000000000000000001.regtrans-ms
[2008/11/04 13:57:51 | 000,065,536 | -HS- | C] () -- C:\Users\Rick\NTUSER.DAT{21fb7c0c-aab3-11dd-8106-00037ab1e5ce}.TM.blf
[2008/10/25 17:18:49 | 000,019,564 | ---- | C] () -- \ComboFix.txt
[2008/09/25 08:05:54 | 000,026,000 | ---- | C] () -- C:\Windows\System32\E3TL.DLL
[2008/09/19 09:13:53 | 000,147,456 | ---- | C] () -- C:\Windows\System32\igfxCoIn_v1461.dll
[2008/09/03 18:27:40 | 000,524,288 | -HS- | C] () -- C:\Users\Rick\NTUSER.DAT{9778995f-7a20-11dd-a19f-00037ab1e5ce}.TMContainer00000000000000000002.regtrans-ms
[2008/09/03 18:27:40 | 000,524,288 | -HS- | C] () -- C:\Users\Rick\NTUSER.DAT{9778995f-7a20-11dd-a19f-00037ab1e5ce}.TMContainer00000000000000000001.regtrans-ms
[2008/09/03 18:27:40 | 000,065,536 | -HS- | C] () -- C:\Users\Rick\NTUSER.DAT{9778995f-7a20-11dd-a19f-00037ab1e5ce}.TM.blf
[2008/09/03 18:26:25 | 000,262,144 | -H-- | C] () -- C:\Users\Rick\NTUSER.LMIRescue.TMP.LOG1
[2008/09/03 18:26:25 | 000,000,000 | -H-- | C] () -- C:\Users\Rick\NTUSER.LMIRescue.TMP.LOG2
[2008/07/13 08:53:34 | 000,000,000 | ---- | C] () -- C:\Windows\tosOBEX.INI
[2008/06/29 13:03:19 | 000,025,736 | ---- | C] () -- C:\Windows\System32\drivers\swmsflt.sys
[2008/05/11 09:18:56 | 000,000,028 | ---- | C] () -- C:\Windows\ODBC.INI
[2008/05/04 09:08:55 | 000,020,480 | ---- | C] () -- C:\Windows\System32\CPUINFO2.DLL
[2008/03/30 10:29:16 | 000,000,818 | ---- | C] () -- \Prefs.js
[2008/03/25 13:49:03 | 000,000,000 | RHS- | C] () -- \MSDOS.SYS
[2008/03/25 13:49:03 | 000,000,000 | RHS- | C] () -- \IO.SYS
[2008/02/24 23:29:29 | 000,059,392 | R--- | C] () -- C:\Windows\System32\streamhlp.dll
[2008/02/19 16:52:57 | 000,000,025 | -H-- | C] () -- C:\ProgramData\.119889580931711767808769176
[2008/02/19 16:50:43 | 000,000,021 | -H-- | C] () -- C:\ProgramData\.24554863501262644635642126105
[2008/02/13 16:29:07 | 000,000,258 | RHS- | C] () -- C:\ProgramData\ntuser.pol
[2008/01/30 18:56:42 | 000,000,000 | ---- | C] () -- C:\Users\Rick\AppData\Roaming\wklnhst.dat
[2007/12/03 10:16:23 | 000,001,710 | R--- | C] () -- C:\Windows\fjtmf.ini
[2007/12/02 09:22:04 | 000,021,504 | ---- | C] () -- C:\Users\Rick\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2007/11/20 16:12:13 | 000,524,288 | -HS- | C] () -- C:\Users\Rick\NTUSER.DAT{3a539871-6a70-11db-887c-d362bd253390}.TMContainer00000000000000000002.regtrans-ms
[2007/11/20 16:12:13 | 000,524,288 | -HS- | C] () -- C:\Users\Rick\NTUSER.DAT{3a539871-6a70-11db-887c-d362bd253390}.TMContainer00000000000000000001.regtrans-ms
[2007/11/20 16:12:13 | 000,262,144 | -H-- | C] () -- C:\Users\Rick\ntuser.dat.LOG1
[2007/11/20 16:12:13 | 000,065,536 | -HS- | C] () -- C:\Users\Rick\NTUSER.DAT{3a539871-6a70-11db-887c-d362bd253390}.TM.blf
[2007/11/20 16:12:13 | 000,006,648 | ---- | C] () -- C:\Users\Rick\AppData\Local\d3d9caps.dat
[2007/11/20 16:12:13 | 000,000,000 | -H-- | C] () -- C:\Users\Rick\ntuser.dat.LOG2
[2007/11/20 16:12:06 | 008,126,464 | -H-- | C] () -- C:\Users\Rick\ntuser.dat
[2007/11/20 16:12:06 | 000,000,020 | -HS- | C] () -- C:\Users\Rick\ntuser.ini
[2007/11/05 07:33:24 | 2451,243,008 | -HS- | C] () --
[2007/04/16 12:27:14 | 000,003,155 | ---- | C] () -- C:\Windows\System32\FJSaver.ini
[2007/04/16 12:01:27 | 000,910,304 | ---- | C] () -- C:\Windows\System32\igmedkrn.dll
[2007/04/16 12:01:27 | 000,204,800 | ---- | C] () -- C:\Windows\System32\igfxCoIn_v1244.dll
[2007/04/06 15:17:15 | 000,333,257 | RHS- | C] () -- \bootmgr
[2007/04/03 10:59:38 | 000,215,144 | R--- | C] () -- C:\Windows\pw32a.dll
[2006/12/13 19:16:12 | 000,000,000 | ---- | C] () -- C:\Windows\System32\px.ini
[2006/12/05 14:05:06 | 000,114,688 | ---- | C] () -- C:\Windows\System32\TosBtAcc.dll
[2006/11/07 07:02:36 | 000,520,192 | ---- | C] () -- C:\Windows\System32\CddbPlaylist2Roxio.dll
[2006/11/07 07:02:36 | 000,204,800 | ---- | C] () -- C:\Windows\System32\CddbFileTaggerRoxio.dll
[2006/11/02 05:35:32 | 000,005,632 | ---- | C] () -- C:\Windows\System32\sysprepMCE.dll
[2006/11/02 03:23:09 | 000,000,024 | ---- | C] () -- \Autoexec.bat
[2006/11/02 00:40:29 | 000,013,750 | ---- | C] () -- C:\Windows\System32\pacerprf.ini
[2006/11/01 23:25:08 | 000,000,010 | ---- | C] () -- \Config.sys
[2005/07/22 22:30:20 | 000,065,536 | ---- | C] () -- C:\Windows\System32\TosCommAPI.dll
========== Files - Unicode (All) ==========[2010/01/31 23:25:57 | 000,000,008 | RHS- | M] ()(C:\Z™?) -- C:\ℤ™☠
[2009/07/31 12:16:51 | 000,000,008 | RHS- | C] ()(C:\Z™?) -- C:\ℤ™☠
[2009/07/31 12:16:51 | 000,000,008 | RHS- | C] ()(\Z™?) -- \ℤ™☠
========== Alternate Data Streams ========== @Alternate Data Stream - 125 bytes -> C:\ProgramData\TEMP:5C321E34
@Alternate Data Stream - 124 bytes -> C:\ProgramData\TEMP:1CA73D29
@Alternate Data Stream - 104 bytes -> C:\ProgramData\TEMP:DFC5A2B2
< End of report >
OTL Extras logfile created on: 4/21/2010 11:48:40 AM - Run 1
OTL by OldTimer - Version 3.2.1.3 Folder = C:\Users\Rick\Desktop
Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18904)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy
2.00 Gb Total Physical Memory | 1.00 Gb Available Physical Memory | 34.00% Memory free
4.00 Gb Paging File | 2.00 Gb Available in Paging File | 54.00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 109.28 Gb Total Space | 43.24 Gb Free Space | 39.56% Space Free | Partition Type: NTFS
Drive D: | 1023.99 Mb Total Space | 985.19 Mb Free Space | 96.21% Space Free | Partition Type: NTFS
Drive E: | 3.81 Gb Total Space | 0.00 Gb Free Space | 0.00% Space Free | Partition Type: UDF
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded
Computer Name: RDY-1
Current User Name: Rick
Logged in as Administrator.
Current Boot Mode: Normal
Scan Mode: All users
Company Name Whitelist: Off
Skip Microsoft Files: Off
File Age = 90 Days
Output = Minimal
========== Extra Registry (SafeList) ========== ========== File Associations ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation)
[HKEY_USERS\S-1-5-21-3836192299-951331460-3705126066-1000\SOFTWARE\Classes\<extension>]
.html [@ = htmlfile] -- Reg Error: Key error. File not found
========== Shell Spawning ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation)
htmlfile [edit] -- "C:\Program Files\Microsoft Office\Office12\msohtmed.exe" %1 (Microsoft Corporation)
htmlfile [print] -- "C:\Program Files\Microsoft Office\Office12\msohtmed.exe" /p %1 (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l (Microsoft Corporation)
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe /separate,/idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /separate,/e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
========== Security Center Settings ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
"UacDisableNotify" = 1
"InternetSettingsDisableNotify" = 1
"AutoUpdateDisableNotify" = 1
"FirewallDisableNotify" = 0
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
"DisableMonitoring" = 1
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]
"DisableMonitoring" = 1
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]
"DisableMonitoring" = 1
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
"VistaSp1" = Reg Error: Unknown registry data type -- File not found
"VistaSp2" = Reg Error: Unknown registry data type -- File not found
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\S-1-5-21-3836192299-951331460-3705126066-1000]
"EnableNotificationsRef" = 3
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 0
========== Authorized Applications List ========== [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
========== Vista Active Open Ports Exception List ========== [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{218ABA0E-8B79-4B77-A097-093C73F58F8D}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{2A90F7B7-C480-414D-AF17-0435269F11DF}" = rport=10243 | protocol=6 | dir=out | app=system |
"{3D9FD594-185F-4463-92E3-AF483D1ED34E}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{51966A0A-E8D7-4429-B85A-7830FC82C481}" = lport=2869 | protocol=6 | dir=in | app=system |
"{5DEB120E-C822-4881-B1F7-33AE3FB48163}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{9E8E7794-A5A1-4050-9976-D1EFB13FBC3B}" = lport=6004 | protocol=17 | dir=in | app=c:\program files\microsoft office\office12\outlook.exe |
"{B82324FB-DD8E-4A74-A70D-BB01959FCDB1}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{CCEFE1C8-BBCE-4D3B-B968-B5DDE565E277}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{D5EE84F5-B531-4995-92C7-320BCF65333F}" = lport=10243 | protocol=6 | dir=in | app=system |
"{DFC74666-A502-4A8E-9908-B7C3BC762FE6}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
========== Vista Active Application Exception List ========== [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{06CE335C-FD4E-44A3-808E-1803CC6645B9}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{0E05B359-043F-4EF7-9F40-6B3C17D40BB9}" = protocol=17 | dir=in | app=c:\program files\turbotax\home & business 2007\32bit\ttax.exe |
"{1BCB1F93-E41E-4C1C-A7D1-06744C9F8CE6}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{248255C8-1029-4768-8B6D-EED8F1F0B790}" = protocol=6 | dir=in | app=c:\program files\cyberlink\powerdvd\powerdvd.exe |
"{27998AFE-55A9-4BB5-A76D-B4A53894EA14}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{336906D8-1B02-4AA7-BA7E-AAE9EA651E87}" = protocol=17 | dir=in | app=c:\program files\cyberlink\powerdvd\powerdvd.exe |
"{362E4D34-AC33-4C91-9314-79F6C6558941}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{36B29A84-522E-4405-AEA0-7908F672C39E}" = protocol=6 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{4DD50DBE-ADFE-424C-A45B-21E443977588}" = protocol=6 | dir=in | app=c:\program files\microsoft office\office12\onenote.exe |
"{4FEE9114-F2B0-4F2E-A55C-9468EA0894C0}" = protocol=17 | dir=in | app=c:\program files\mailwasher pro\mailwasher.exe |
"{7F4C4570-D2F7-40BC-B47D-ABA9AD2845E2}" = protocol=6 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{7F9A00CC-837A-4AA3-8D90-AB0996E08A62}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{835865F1-634D-466F-A6BE-CB7C101B8A86}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{8C413B02-3360-4CCE-BE3E-A5FAE6FE2CB8}" = protocol=6 | dir=in | app=c:\program files\mailwasher pro\mailwasher.exe |
"{8EE28B77-0D36-4154-ADAD-34382617BEC1}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{8F80395E-9A53-4091-AD39-8046227F6FD0}" = protocol=6 | dir=out | app=system |
"{BC8E1551-7069-468E-B3E8-EB59B5861EC7}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{BD02D22E-6BF0-4BC6-A860-C3D3B9AB52D7}" = protocol=6 | dir=in | app=c:\program files\turbotax\home & business 2007\32bit\updatemgr.exe |
"{BE02EFDE-1CCF-44BA-AA4E-6D64E97B03FF}" = protocol=17 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{CDF26890-1476-47A8-A430-CF3DD2238F64}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{DB293FF2-9EED-459D-8F8F-4CCF5907F797}" = protocol=6 | dir=in | app=c:\program files\turbotax\home & business 2007\32bit\ttax.exe |
"{DF49C840-1144-4BA1-B2A4-0984A6654FAD}" = protocol=6 | dir=in | app=c:\program files\itunes\itunes.exe |
"{E0678986-E444-4869-B718-B54C7403054E}" = protocol=17 | dir=in | app=c:\program files\itunes\itunes.exe |
"{EC6E6F96-2A93-46CF-B843-F8E2E7B80632}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
"{F3ED9B60-D2C1-4CAB-A465-559CDA508590}" = protocol=17 | dir=in | app=c:\program files\microsoft office\office12\onenote.exe |
"{FB2DACD0-3109-4021-8D98-BF20E6D0CE9F}" = protocol=17 | dir=in | app=c:\program files\turbotax\home & business 2007\32bit\updatemgr.exe |
========== HKEY_LOCAL_MACHINE Uninstall List ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}" = Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148
"{08C0729E-3E50-11DF-9D81-005056806466}" = Google Earth
"{12650598-D7B9-4FB5-91B2-2CAA641AC589}" = Trend Micro RUBotted
"{15C77FC3-8137-4A5E-8F81-F559045DD6B0}" = Shipping Assistant 3.5
"{191C41F6-4BA8-4D3D-BBC5-AAC8F3077E3F}" = Fujitsu MobilityCenter Extension Utility
"{20C53FA2-4307-4671-A93F-9463B29DFCF1}" = Symantec Technical Support Web Controls
"{26A24AE4-039D-4CA4-87B4-2F83216016FF}" = Java(TM) 6 Update 18
"{28BE306E-5DA6-4F9C-BDB0-DBA3C8C6FFFD}" = QuickTime
"{31423F74-36B2-4d24-B10D-CD00BFB7C118}" = Intel® Turbo Memory
"{31A5ED9F-E07B-4F6E-8179-27325BAAC502}" = AuthenTec Fingerprint Sensor Minimum Install
"{47BC37A3-35C8-484A-8CBD-851914EB095E}" = Fujitsu Driver Update
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{553255F3-78FD-40F1-A6F8-6882140265FE}" = Apple Application Support
"{57F0ED40-8F11-41AA-B926-4A66D0D1A9CC}" = Microsoft Office Live Add-in 1.3
"{5FDFCCA0-59EC-4162-B0B8-632EEE3DF787}" = WebIQ Technology Engine
"{6226477E-444F-4DFE-BA19-9F4F7D4565BC}" = LifeBook Application Panel
"{65DA2EC9-0642-47E9-AAE2-B5267AA14D75}" = Activation Assistant for the 2007 Microsoft Office suites
"{6811CAA0-BF12-11D4-9EA1-0050BAE317E1}" = PowerDVD
"{6956856F-B6B3-4BE0-BA0B-8F495BE32033}" = Apple Software Update
"{6CF08AD2-00C5-4A63-B74B-2EFFFAFEBE1A}" = Microsoft Outlook Web Access S/MIME
"{713EEAB9-A03B-47F3-B405-12F6B77D875E}" = O2Micro Flash Memory Card Windows Driver
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{753D852A-D86D-42C9-9978-40AE66FB8985}" = Driver Installer
"{76BC2442-0002-47FA-9617-43BAD82BEF4C}" = Bonjour
"{76C038B6-95BF-47CE-85C8-2EE5915D145C}" = Diskeeper 2009 Professional
"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
"{7C3C895B-AE02-4F30-8A6A-051D37A38DD0}" = Final Draft
"{7DD9A065-2C86-4A9F-A5FF-796EC1B99DCA}" = AnswerWorks 4.0 Runtime
"{827517C3-9B89-458E-A8F2-96DD24BDFE29}" = Shock Sensor Utility
"{8A5F34E2-37CF-4AD4-808C-2D413786E31A}" = Microsoft Visual C Runtime
"{90120000-0015-0409-0000-0000000FF1CE}" = Microsoft Office Access MUI (English) 2007
"{90120000-0015-0409-0000-0000000FF1CE}_PROHYBRIDR_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0016-0409-0000-0000000FF1CE}" = Microsoft Office Excel MUI (English) 2007
"{90120000-0016-0409-0000-0000000FF1CE}_PROHYBRIDR_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0018-0409-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (English) 2007
"{90120000-0018-0409-0000-0000000FF1CE}_PROHYBRIDR_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0019-0409-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (English) 2007
"{90120000-0019-0409-0000-0000000FF1CE}_PROHYBRIDR_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001A-0409-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (English) 2007
"{90120000-001A-0409-0000-0000000FF1CE}_PROHYBRIDR_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001B-0409-0000-0000000FF1CE}" = Microsoft Office Word MUI (English) 2007
"{90120000-001B-0409-0000-0000000FF1CE}_PROHYBRIDR_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-0409-0000-0000000FF1CE}_PROHYBRIDR_{ABDDE972-355B-4AF1-89A8-DA50B7B5C045}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2007
"{90120000-001F-040C-0000-0000000FF1CE}_PROHYBRIDR_{F580DDD5-8D37-4998-968E-EBB76BB86787}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-0C0A-0000-0000000FF1CE}" = Microsoft Office Proof (Spanish) 2007
"{90120000-001F-0C0A-0000-0000000FF1CE}_PROHYBRIDR_{187308AB-5FA7-4F14-9AB9-D290383A10D9}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-002C-0409-0000-0000000FF1CE}" = Microsoft Office Proofing (English) 2007
"{90120000-006E-0409-0000-0000000FF1CE}" = Microsoft Office Shared MUI (English) 2007
"{90120000-006E-0409-0000-0000000FF1CE}_PROHYBRIDR_{DE5A002D-8122-4278-A7EE-3121E7EA254E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0115-0409-0000-0000000FF1CE}" = Microsoft Office Shared Setup Metadata MUI (English) 2007
"{90120000-0115-0409-0000-0000000FF1CE}_PROHYBRIDR_{DE5A002D-8122-4278-A7EE-3121E7EA254E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0117-0409-0000-0000000FF1CE}" = Microsoft Office Access Setup Metadata MUI (English) 2007
"{90120000-0117-0409-0000-0000000FF1CE}_PROHYBRIDR_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{9068B2BE-D93A-4C0A-861C-5E35E2C0E09E}" = Intel® Matrix Storage Manager and Intel® Turbo Memory
"{91120000-0031-0000-0000-0000000FF1CE}" = Microsoft Office Professional Hybrid 2007
"{91120000-0031-0000-0000-0000000FF1CE}_PROHYBRIDR_{0B36C6D6-F5D8-4EAF-BF94-4376A230AD5B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{91120000-0031-0000-0000-0000000FF1CE}_PROHYBRIDR_{3D019598-7B59-447A-80AE-815B703B84FF}" = Security Update for Microsoft Office system 2007 (972581)
"{9422C8EA-B0C6-4197-B8FC-DC797658CA00}" = Windows Live Sign-in Assistant
"{996A2FAA-7514-4628-9D12-A8FC34A0016E}" = iTunes
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9DF095E1-8EC2-4892-8740-93769DB1E944}" = User Agent String Utility
"{9F72EF8B-AEC9-4CA5-B483-143980AFD6FD}" = ALPS Touch Pad Driver
"{A49F249F-0C91-497F-86DF-B2585E8E76B7}" = Microsoft Visual C++ 2005 Redistributable
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{AB05F2C8-F608-403b-95E1-FD8ADFACD31E}" = Windows 7 Upgrade Advisor
"{AC76BA86-7AD7-1033-7B44-A93000000001}" = Adobe Reader 9.3.2
"{AC76BA86-7AD7-5464-3428-900000000004}" = Spelling Dictionaries Support For Adobe Reader 9
"{B0255743-165B-4BD5-8DA8-37DFB993B201}" = Norton Save and Restore
"{B145EC69-66F5-11D8-9D75-000129760D75}" = MakeDisc
"{B2544A03-10D0-4E5E-BA69-0362FFC20D18}" = OGA Notifier 2.0.0048.0
"{B4E96960-5F6B-48B9-A5BD-6A5A9BB4F027}" = Avery Wizard 3.1
"{B5C3B892-0849-476C-9F46-B12F84819D57}" = Apple Mobile Device Support
"{B7A0CE06-068E-11D6-97FD-0050BACBF861}" = PowerProducer
"{B7FB0C86-41A4-4402-9A33-912C462042A0}" = Roxio Easy Media Creator Home
"{BA0CC975-682B-4678-A35C-05E607F36387}" = Fujitsu Hotkey Utility
"{C7D2E795-E802-41EE-81E7-CF0D986AC5EC}" = MailWasherPro
"{C9C54891-3688-4BE1-9749-56B50C6C37E9}" = Fujitsu Display Manager
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{CEBB6BFB-D708-4F99-A633-BC2600E01EF6}" = Bluetooth Stack for Windows by Toshiba
"{E80F9F48-86F8-447D-8CDC-A98B1870C1D4}" = Taskix 2.1
"{E8A5B78F-4456-4511-AB3D-E7BFFB974A7A}" = Fujitsu System Extension Utility
"{EC2ADB7C-8A45-40C9-BFD1-18F22D9A7DF5}" = AuthenTec Fingerprint Sensor Minimum Install
"{EDE721EC-870A-11D8-9D75-000129760D75}" = PowerDirector Express
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F1BA3CD5-89DC-4273-8603-A75F33E9B335}" = Nokia Connectivity Adapter Cable DKU-5
"{F22FD942-651D-4EE8-BD6F-7E0AF5E17625}" = Intel(R) PROSet/Wireless WiFi Software
"{F333A33D-125C-32A2-8DCE-5C5D14231E27}" = Visual C++ 2008 x86 Runtime - (v9.0.30729)
"{F333A33D-125C-32A2-8DCE-5C5D14231E27}.vc_x86runtime_30729_01" = Visual C++ 2008 x86 Runtime - v9.0.30729.01
"{F4E57F49-84B4-4CF2-B0A1-8CA1752BDF7E}" = OmniPass 5.00.62
"{FE047432-CD76-41F9-88FA-1AD225604FFB}" = ProgramChecker
"{FEDE400D-3381-4087-ACCB-689DD8A56123}" = Inst5657
"Activation Assistant for the 2007 Microsoft Office suites" = Activation Assistant for 2007 Microsoft Office Suites
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"Adobe Shockwave Player" = Adobe Shockwave Player 11.5
"Agere Systems Soft Modem" = Agere Systems HDA Modem
"Autoplay Repair" = Autoplay Repair 2.2.2
"AVerMedia HC80 ExpressCard Hybrid ATSC" = AVerMedia HC80 ExpressCard Hybrid ATSC 1.3.0.56
"CANONIJINBOXADDON100" = Canon Inkjet Printer Driver Add-On Module
"CC12_is1" = Calendar Creator 12
"CCleaner" = CCleaner
"Click'N Design 3D" = Click'N Design 3D
"ContextAdvisor" = ContextAdvisor
"Defraggler" = Defraggler
"HDMI" = Intel(R) Graphics Media Accelerator Driver
"HijackThis" = HijackThis 2.0.2
"InstallShield_{191C41F6-4BA8-4D3D-BBC5-AAC8F3077E3F}" = Fujitsu MobilityCenter Extension Utility
"InstallShield_{6226477E-444F-4DFE-BA19-9F4F7D4565BC}" = LifeBook Application Panel
"InstallShield_{713EEAB9-A03B-47F3-B405-12F6B77D875E}" = O2Micro Flash Memory Card Windows Driver
"InstallShield_{827517C3-9B89-458E-A8F2-96DD24BDFE29}" = Shock Sensor Utility
"InstallShield_{BA0CC975-682B-4678-A35C-05E607F36387}" = Fujitsu Hotkey Utility
"InstallShield_{C9C54891-3688-4BE1-9749-56B50C6C37E9}" = Fujitsu Display Manager
"InstallShield_{E8A5B78F-4456-4511-AB3D-E7BFFB974A7A}" = Fujitsu System Extension Utility
"LiveUpdate" = LiveUpdate 3.2 (Symantec Corporation)
"MailWasher Pro_is1" = MailWasher Pro
"Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware
"Marvell Miniport Driver" = Marvell Miniport Driver
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"Mozilla Firefox (3.6.3)" = Mozilla Firefox (3.6.3)
"NIS" = Norton Internet Security
"ObjectDock" = ObjectDock
"Picasa 3" = Picasa 3
"PROHYBRIDR" = 2007 Microsoft Office System
"ProInst" = Intel PROSet Wireless
"Samsung ML-2150 Series" = Samsung ML-2150 Series
"Samsung ML-2150 Series PCL 6" = Samsung ML-2150 Series PCL 6
"Samsung ML-2150 Series PS" = Samsung ML-2150 Series PS
"Security Task Manager" = Security Task Manager 1.7f
"Tablet Driver" = Tablet
"Text Cleanup 2.0" = Text Cleanup 2.0
"TweakVI" = TweakVI
"Window Washer" = Window Washer
"ZTreeWin" = ZTreeWin (remove only)
========== HKEY_USERS Uninstall List ========== [HKEY_USERS\S-1-5-21-3836192299-951331460-3705126066-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Google Chrome" = Google Chrome
"Move Media Player" = Move Media Player
========== Last 10 Event Log Errors ========== Error reading Event Logs: The Event Service is not operating properly or the Event Logs are corrupt!
< End of report >