OTL logfile created on: 10/19/2010 12:38:56 PM - Run 1 OTL by OldTimer - Version 3.2.15.2 Folder = C:\Users\Deb\Downloads 64bit-Windows Vista Home Premium Edition Service Pack 1 (Version = 6.0.6001) - Type = NTWorkstation Internet Explorer (Version = 8.0.6001.18975) Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy 4.00 Gb Total Physical Memory | 3.00 Gb Available Physical Memory | 73.00% Memory free 8.00 Gb Paging File | 7.00 Gb Available in Paging File | 85.00% Paging File free Paging file location(s): ?:\pagefile.sys [binary data] %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86) Drive C: | 139.51 Gb Total Space | 33.80 Gb Free Space | 24.23% Space Free | Partition Type: NTFS Computer Name: DEB-PC | User Name: Deb | Logged in as Administrator. Boot Mode: Normal | Scan Mode: Current user | Quick Scan | Include 64bit Scans Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 90 Days ========== Processes (SafeList) ========== PRC - [2010/10/19 12:36:56 | 000,258,560 | ---- | M] (OldTimer Tools) -- C:\Users\Deb\Downloads\OTH(2).scr PRC - [2010/10/19 12:36:54 | 000,574,464 | ---- | M] (OldTimer Tools) -- C:\Users\Deb\Downloads\OTL.scr PRC - [2010/01/11 14:10:52 | 000,082,944 | ---- | M] () -- C:\Program Files (x86)\Novatel Wireless\Novacore\Server\NvtlSrvr.exe PRC - [2008/04/15 19:54:42 | 000,354,840 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAANTmon.exe ========== Modules (SafeList) ========== MOD - [2010/10/19 12:36:54 | 000,574,464 | ---- | M] (OldTimer Tools) -- C:\Users\Deb\Downloads\OTL.scr MOD - [2010/08/31 10:39:57 | 001,684,480 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6001.18523_none_5cdd65e20837faf2\comctl32.dll ========== Win32 Services (SafeList) ========== SRV:64bit: - File not found [On_Demand | Stopped] -- C:\Windows\SysNative\GameMon.des -- (npggsvc) SRV:64bit: - [2008/04/24 20:57:40 | 000,084,992 | ---- | M] (Toshiba) [On_Demand | Running] -- C:\Program Files\TOSHIBA\SmartFaceV\SmartFaceVWatchSrv.exe -- (SmartFaceVWatchSrv) SRV:64bit: - [2008/02/06 15:50:18 | 000,434,016 | ---- | M] (TOSHIBA Corporation) [Auto | Running] -- C:\Program Files\TOSHIBA\Power Saver\TosCoSrv.exe -- (TosCoSrv) SRV:64bit: - [2008/01/20 21:50:24 | 000,027,648 | ---- | M] () [On_Demand | Stopped] -- C:\Windows\SysNative\svchost.exe -- (usprserv) SRV:64bit: - [2008/01/20 21:47:32 | 000,383,544 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend) SRV:64bit: - [2007/12/11 13:11:30 | 000,015,872 | ---- | M] () [Auto | Running] -- C:\Windows\SysNative\agr64svc.exe -- (AgereModemAudio) SRV:64bit: - [2007/12/03 19:04:48 | 000,175,104 | ---- | M] (TOSHIBA Corporation) [Auto | Running] -- C:\Program Files\TOSHIBA\SMARTLogService\TosIPCSrv.exe -- (TOSHIBA SMART Log Service) SRV:64bit: - [2007/11/21 18:53:16 | 000,135,168 | ---- | M] () [Auto | Running] -- C:\Windows\SysNative\TODDSrv.exe -- (TODDSrv) SRV - [2010/09/22 21:08:00 | 002,950,744 | ---- | M] () [Auto | Running] -- c:\Program Files (x86)\Common Files\Akamai\netsession_win_062a651.dll -- (Akamai) SRV - [2010/06/08 16:48:26 | 000,120,128 | ---- | M] (SmithMicro Inc.) [On_Demand | Stopped] -- C:\Program Files (x86)\Sprint\Sprint SmartView\RcAppSvc.exe -- (SprintRcAppSvc) SRV - [2010/06/08 16:45:24 | 000,124,224 | ---- | M] (SmithMicro Inc.) [On_Demand | Stopped] -- C:\Program Files (x86)\Sprint\Sprint SmartView\ConAppsSvc.exe -- (CASprint) SRV - [2010/04/26 16:15:00 | 003,826,032 | ---- | M] (INCA Internet Co., Ltd.) [On_Demand | Stopped] -- C:\Windows\SysWow64\GameMon.des -- (npggsvc) SRV - [2010/03/18 13:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32) SRV - [2010/01/11 14:10:52 | 000,082,944 | ---- | M] () [Auto | Running] -- C:\Program Files (x86)\Novatel Wireless\Novacore\Server\NvtlSrvr.exe -- (NvtlService) SRV - [2009/03/06 12:59:12 | 000,020,376 | ---- | M] (WebEx Communications, Inc.) [Auto | Stopped] -- C:\Windows\SysWOW64\atashost.exe -- (atashost) SRV - [2008/08/04 16:46:22 | 000,046,392 | ---- | M] (TOSHIBA Corporation) [Auto | Running] -- C:\Program Files (x86)\Toshiba\TOSHIBA Service Station\TMachInfo.exe -- (TMachInfo) SRV - [2008/07/27 13:03:13 | 000,069,632 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32) SRV - [2008/07/18 22:39:30 | 000,083,312 | ---- | M] (TOSHIBA Corporation) [Auto | Stopped] -- C:\Program Files (x86)\Toshiba\TOSHIBA DVD PLAYER\TNaviSrv.exe -- (TNaviSrv) SRV - [2008/04/17 02:19:48 | 000,040,960 | ---- | M] (TOSHIBA CORPORATION) [Auto | Stopped] -- C:\Program Files (x86)\TOSHIBA\ConfigFree\CFSvcs.exe -- (ConfigFree Service) SRV - [2008/04/16 17:53:00 | 000,954,368 | ---- | M] (Atheros Communications, Inc.) [On_Demand | Stopped] -- C:\Program Files (x86)\Jumpstart\jswpsapi.exe -- (jswpsapi) SRV - [2008/04/15 19:54:42 | 000,354,840 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAANTmon.exe -- (IAANTMON) Intel® SRV - [2008/04/03 23:01:28 | 000,036,864 | ---- | M] (TOSHIBA Corporation.) [Auto | Stopped] -- C:\Program Files (x86)\TOSHIBA\ConfigFree\CFProcSRVC.exe -- (ConfigFree Gadget Service) SRV - [2006/08/23 18:39:48 | 000,049,152 | ---- | M] (Ulead Systems, Inc.) [Auto | Stopped] -- C:\Program Files (x86)\Common Files\Ulead Systems\DVD\ULCDRSvr.exe -- (UleadBurningHelper) SRV - [2005/11/14 03:06:04 | 000,069,632 | ---- | M] (Macrovision Corporation) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe -- (IDriverT) ========== Driver Services (SafeList) ========== DRV:64bit: - File not found [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\WPRO_40_1340.sys -- (WPRO_40_1340) WinPcap Packet Driver (WPRO_40_1340) DRV:64bit: - File not found [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\DRIVERS\nwlnkfwd.sys -- (NwlnkFwd) DRV:64bit: - File not found [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\DRIVERS\nwlnkflt.sys -- (NwlnkFlt) DRV:64bit: - File not found [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\npptNT2.sys -- (NPPTNT2) DRV:64bit: - File not found [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\DRIVERS\ipinip.sys -- (IpInIp) DRV:64bit: - [2010/06/08 16:35:46 | 000,255,488 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Windows\SysNative\DRIVERS\NWADIenum.sys -- (NWADI) DRV:64bit: - [2010/06/08 16:30:34 | 000,043,032 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\PCTINDIS5X64.SYS -- (PCTINDIS5X64) DRV:64bit: - [2010/02/11 21:04:38 | 000,359,040 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\DRIVERS\drxvi314_64.sys -- (bcm) DRV:64bit: - [2010/02/11 21:02:54 | 000,062,976 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\DRIVERS\BcmBusCtr_64.sys -- (bcmbusctr) DRV:64bit: - [2009/03/31 11:57:22 | 000,041,280 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\PCASp50a64.sys -- (PCASp50a64) DRV:64bit: - [2008/07/28 17:55:28 | 001,146,368 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Windows\SysNative\DRIVERS\athrx.sys -- (athr) DRV:64bit: - [2008/07/18 20:52:16 | 000,504,912 | ---- | M] () [Kernel | Boot | Running] -- C:\Windows\SysNative\DRIVERS\tos_sps64.sys -- (tos_sps64) DRV:64bit: - [2008/06/12 20:51:36 | 007,911,840 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Windows\SysNative\DRIVERS\igdkmd64.sys -- (igfx) DRV:64bit: - [2008/05/29 14:53:26 | 000,133,120 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\DRIVERS\cm_net.sys -- (cm_net) DRV:64bit: - [2008/05/29 14:53:26 | 000,118,272 | R--- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\DRIVERS\cm_ser.sys -- (cm_ser) DRV:64bit: - [2008/04/28 18:59:26 | 000,026,624 | ---- | M] () [Kernel | System | Running] -- C:\Windows\SysNative\DRIVERS\jswpslwfx.sys -- (JSWPSLWF) DRV:64bit: - [2008/04/15 19:54:16 | 000,388,120 | ---- | M] () [Kernel | Boot | Running] -- C:\Windows\SysNative\DRIVERS\iaStor.sys -- (iaStor) DRV:64bit: - [2008/04/15 12:05:42 | 000,161,792 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Windows\SysNative\DRIVERS\Rtlh64.sys -- (RTL8169) DRV:64bit: - [2008/04/02 19:27:18 | 000,065,024 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\RTSTOR64.SYS -- (RTSTOR) DRV:64bit: - [2008/02/29 16:59:32 | 001,252,352 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Windows\SysNative\DRIVERS\agrsm64.sys -- (AgereSoftModem) DRV:64bit: - [2007/12/20 18:10:50 | 000,028,200 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\UVCFTR_S.SYS -- (UVCFTR) DRV:64bit: - [2007/12/11 16:03:36 | 000,027,272 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Windows\SysNative\DRIVERS\tdcmdpst.sys -- (tdcmdpst) DRV:64bit: - [2007/12/06 20:12:56 | 000,320,048 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Windows\SysNative\DRIVERS\SynTP.sys -- (SynTP) DRV:64bit: - [2007/11/09 16:00:30 | 000,026,968 | ---- | M] () [Kernel | Boot | Running] -- C:\Windows\SysNative\DRIVERS\TVALZ_O.SYS -- (TVALZ) DRV:64bit: - [2006/11/20 00:11:06 | 000,008,704 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Windows\SysNative\DRIVERS\FwLnk.sys -- (FwLnk) DRV:64bit: - [2006/11/09 01:34:00 | 000,237,568 | ---- | M] () [Kernel | Disabled | Stopped] -- C:\Windows\SysNative\drivers\kr10n64.sys -- (KR10N64) DRV:64bit: - [2006/11/09 01:33:00 | 000,248,320 | ---- | M] () [Kernel | Disabled | Stopped] -- C:\Windows\SysNative\drivers\kr10i64.sys -- (KR10I64) DRV:64bit: - [2006/09/18 16:36:24 | 000,000,308 | ---- | M] () [File_System | On_Demand | Running] -- C:\Windows\SysNative\Wbem\ntfs.mof -- (Ntfs) DRV - [2010/10/19 10:14:14 | 000,034,560 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\SysWow64\drivers\Normandy.sys -- (Normandy) DRV - [2010/01/11 14:11:46 | 000,041,280 | ---- | M] (Printing Communications Assoc., Inc. (PCAUSA)) [Kernel | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\PCASp50a64.sys -- (PCASp50a64) DRV - [2007/10/15 16:36:07 | 000,019,712 | ---- | M] (Printing Communications Assoc., Inc. (PCAUSA)) [Kernel | On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Motive\MREMP50.sys -- (MREMP50) DRV - [2007/10/15 16:36:07 | 000,018,304 | ---- | M] (Printing Communications Assoc., Inc. (PCAUSA)) [Kernel | On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Motive\MRESP50.sys -- (MRESP50) DRV - [2005/01/03 01:43:08 | 000,004,682 | ---- | M] (INCA Internet Co., Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysWOW64\npptNT2.sys -- (NPPTNT2) ========== Standard Registry (SafeList) ========== ========== Internet Explorer ========== IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.google.com/ig/redirectdomain?br...B&bmod=TSHB IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.google.com/ig/redirectdomain?br...B&bmod=TSHB IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com/ig/redirectdomain?br...B&bmod=TSHB IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.msn.com IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = www.bing.com [binary data] IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,SearchDefaultBranded = 1 IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.bing.com/ IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 1 IE - HKCU\..\URLSearchHook: - Reg Error: Key error. File not found IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 ========== FireFox ========== FF - prefs.js..browser.search.defaultenginename: "Bing" FF - prefs.js..browser.search.defaulturl: "http://www.bing.com/search?FORM=VE3D01&q=" FF - prefs.js..browser.search.useDBForOrder: true FF - prefs.js..browser.startup.homepage: "http://www.bing.com/" FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}:6.0.20 FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}:6.0.21 FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}:6.0.22 FF - prefs.js..extensions.enabledItems: {0545b830-f0aa-4d7e-8820-50a4629a56fe}:4.6.3 FF - prefs.js..extensions.enabledItems: {d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}:1.2.2 FF - HKLM\software\mozilla\Firefox\Extensions\\m3ffxtbr@mywebsearch.com: C:\Program Files (x86)\MyWebSearch\bar\1.bin File not found FF - HKLM\software\mozilla\Mozilla Firefox 3.6.10\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2010/10/10 19:29:11 | 000,000,000 | ---D | M] FF - HKLM\software\mozilla\Mozilla Firefox 3.6.10\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2010/10/13 09:47:11 | 000,000,000 | ---D | M] [2010/09/22 17:18:19 | 000,000,000 | ---D | M] -- C:\Users\Deb\AppData\Roaming\Mozilla\Extensions [2010/09/22 17:18:19 | 000,000,000 | ---D | M] -- C:\Users\Deb\AppData\Roaming\Mozilla\Extensions\IMVUClientXUL@imvu.com [2010/02/16 11:31:35 | 000,000,000 | ---D | M] -- C:\Users\Deb\AppData\Roaming\Mozilla\Extensions\mozswing@mozswing.org [2010/10/18 23:34:33 | 000,000,000 | ---D | M] -- C:\Users\Deb\AppData\Roaming\Mozilla\Firefox\Profiles\mgr9egbp.default\extensions [2010/08/28 16:55:47 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Deb\AppData\Roaming\Mozilla\Firefox\Profiles\mgr9egbp.default\extensions\{0545b830-f0aa-4d7e-8820-50a4629a56fe} [2010/09/14 12:03:34 | 000,000,000 | ---D | M] (Google Toolbar for Firefox) -- C:\Users\Deb\AppData\Roaming\Mozilla\Firefox\Profiles\mgr9egbp.default\extensions\{3112ca9c-de6d-4884-a869-9855de68056c} [2010/08/28 16:55:47 | 000,000,000 | ---D | M] (Adblock Plus) -- C:\Users\Deb\AppData\Roaming\Mozilla\Firefox\Profiles\mgr9egbp.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d} [2010/09/01 21:35:35 | 000,001,820 | ---- | M] () -- C:\Users\Deb\AppData\Roaming\Mozilla\Firefox\Profiles\mgr9egbp.default\searchplugins\bing.xml [2010/10/17 23:07:40 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Mozilla Firefox\extensions [2010/06/16 21:16:07 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA} [2010/08/20 19:42:37 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA} [2010/10/17 23:07:40 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA} [2010/09/15 04:50:38 | 000,472,808 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files (x86)\Mozilla Firefox\plugins\npdeployJava1.dll [2010/01/13 17:46:00 | 000,063,488 | ---- | M] (Nullsoft, Inc.) -- C:\Program Files (x86)\Mozilla Firefox\plugins\npwachk.dll O1 HOSTS File: ([2006/09/18 16:37:24 | 000,000,761 | ---- | M]) - C:\Windows\SysNative\drivers\etc\Hosts O1 - Hosts: 127.0.0.1 localhost O1 - Hosts: ::1 localhost O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {4B3803EA-5230-4DC3-A7FC-33638F3D3542} - No CLSID value found. O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {D4027C7F-154A-4066-A1AD-4243D8127440} - No CLSID value found. O4:64bit: - HKLM..\Run: [00TCrdMain] C:\Program Files\TOSHIBA\FlashCards\TCrdMain.exe (TOSHIBA Corporation) O4:64bit: - HKLM..\Run: [HotKeysCmds] C:\Windows\SysNative\hkcmd.exe () O4:64bit: - HKLM..\Run: [HSON] C:\Program Files\TOSHIBA\TBS\HSON.exe (TOSHIBA Corporation) O4:64bit: - HKLM..\Run: [iAAnotif] C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\iaanotif.exe (Intel Corporation) O4:64bit: - HKLM..\Run: [igfxTray] C:\Windows\SysNative\igfxtray.exe () O4:64bit: - HKLM..\Run: [Persistence] C:\Windows\SysNative\igfxpers.exe () O4:64bit: - HKLM..\Run: [RtHDVCpl] C:\Windows\RAVCpl64.exe (Realtek Semiconductor) O4:64bit: - HKLM..\Run: [skytel] C:\Windows\SkyTel.exe (Realtek Semiconductor Corp.) O4:64bit: - HKLM..\Run: [smoothView] C:\Program Files\TOSHIBA\SmoothView\SmoothView.exe (TOSHIBA Corporation) O4:64bit: - HKLM..\Run: [TPwrMain] C:\Program Files\TOSHIBA\Power Saver\TPwrMain.exe (TOSHIBA Corporation) O4:64bit: - HKLM..\Run: [Windows Defender] C:\Program Files\Windows Defender\MSASCui.exe (Microsoft Corporation) O4 - HKLM..\Run: [Camera Assistant Software] C:\Program Files\Camera Assistant Software for Toshiba\traybar.exe (Chicony) O4 - HKLM..\Run: [cfFncEnabler.exe] File not found O4 - HKLM..\Run: [DivXUpdate] C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe () O4 - HKLM..\Run: [jswtrayutil] C:\Program Files (x86)\Jumpstart\jswtrayutil.exe File not found O4 - HKLM..\Run: [NDSTray.exe] File not found O4 - HKLM..\Run: [RDVCHG] C:\Program Files (x86)\Sprint\Sprint SmartView\RDVCHG.exe (C-motech Co.,Ltd) O4 - HKLM..\Run: [sprint SmartView] C:\Program Files (x86)\Sprint\Sprint SmartView\SprintSV.exe (Sprint) O4 - HKLM..\Run: [WinampAgent] C:\Program Files (x86)\Winamp\winampa.exe File not found O4 - HKCU..\Run: [bitTorrent DNA] C:\Program Files (x86)\DNA\btdna.exe (BitTorrent, Inc.) O4 - HKCU..\Run: [DW6] C:\Program Files (x86)\The Weather Channel FW\Desktop\DesktopWeather.exe File not found O4 - HKCU..\Run: [KOO9RV9K4Z] C:\Users\Deb\AppData\Local\Temp\Gt1.exe (Trend Micro Inc.) O4 - HKCU..\Run: [sMH2B46TDP] C:\Users\Deb\AppData\Local\Temp\Gt0.exe (Trend Micro Inc.) O4 - HKCU..\Run: [TOSCDSPD] File not found O4 - HKCU..\Run: [WMPNSCFG] C:\Program Files (x86)\Windows Media Player\WMPNSCFG.exe File not found O4 - HKCU..\RunOnce: [10727299] C:\Users\Deb\AppData\Local\10727299.exe () O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0 O13 - gopher Prefix: missing O13 - gopher Prefix: missing O16 - DPF: {166B1BCA-3F9C-11CF-8075-444553540000} http://download.macromedia.com/pub/shockwa...director/sw.cab (Shockwave ActiveX Control) O16 - DPF: {67DABFBF-D0AB-41FA-9C46-CC0F21721616} http://download.divx.com/player/DivXBrowserPlugin.cab (DivXBrowserPlugin Object) O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-...indows-i586.cab (Java Plug-in 1.6.0_22) O16 - DPF: {CAEAFE12-7726-4C39-B620-2601216CFBB5} http://phughescw.hughes.motive.com/wizlet/.../Mcci_6-1-0.cab (McciContext Class) O16 - DPF: {CAFEEFAC-0016-0000-0006-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-...indows-i586.cab (Java Plug-in 1.6.0_06) O16 - DPF: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-...indows-i586.cab (Java Plug-in 1.6.0_22) O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-...indows-i586.cab (Java Plug-in 1.6.0_22) O16 - DPF: {DF780F87-FF2B-4DF8-92D0-73DB16A1543A} http://www.popcap.com/webgames/popcaploader_v10.cab (PopCapLoader Object) O16 - DPF: {E06E2E99-0AA1-11D4-ABA6-0060082AA75C} (Reg Error: Value error.) O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1 O18:64bit: - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - Reg Error: Key error. File not found O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation) O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation) O20:64bit: - Winlogon\Notify\igfxcui: DllName - Reg Error: Key error. - C:\Windows\SysNative\igfxdev.dll () O32 - HKLM CDRom: AutoRun - 1 O33 - MountPoints2\{40507e3e-aa37-11df-92dd-8ef50315eb1f}\Shell - "" = AutoRun O33 - MountPoints2\{40507e3e-aa37-11df-92dd-8ef50315eb1f}\Shell\AutoRun\command - "" = F:\LaunchU3.exe -- File not found O33 - MountPoints2\F\Shell - "" = AutoRun O33 - MountPoints2\F\Shell\AutoRun\command - "" = F:\LaunchU3.exe -- File not found O34 - HKLM BootExecute: (autocheck autochk *) - File not found O35:64bit: - HKLM\..comfile [open] -- "%1" %* O35:64bit: - HKLM\..exefile [open] -- "%1" %* O35 - HKLM\..comfile [open] -- "%1" %* O35 - HKLM\..exefile [open] -- "%1" %* O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %* O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %* O37 - HKLM\...com [@ = comfile] -- "%1" %* O37 - HKLM\...exe [@ = exefile] -- "%1" %* ========== Files/Folders - Created Within 90 Days ========== [2010/10/19 12:34:51 | 000,196,608 | ---- | C] (Trend Micro Inc.) -- C:\Windows\Gmupoc.exe [2010/10/19 11:10:52 | 000,196,608 | ---- | C] (Trend Micro Inc.) -- C:\Windows\Gmupob.exe [2010/10/19 10:03:14 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\DNA [2010/10/19 10:03:10 | 000,196,608 | ---- | C] (Trend Micro Inc.) -- C:\Windows\Gmupoa.exe [2010/10/16 20:55:00 | 000,000,000 | ---D | C] -- C:\Users\Deb\Desktop\Deb [2010/10/15 17:24:35 | 000,000,000 | ---D | C] -- C:\Users\Deb\Desktop\2010-10-15 [2010/10/15 16:23:13 | 000,000,000 | ---D | C] -- C:\Users\Deb\Desktop\Moi [2010/10/09 21:15:07 | 000,000,000 | ---D | C] -- C:\Users\Deb\Desktop\embalming [2010/10/09 20:35:03 | 000,000,000 | ---D | C] -- C:\Users\Deb\Desktop\Abandoned [2010/10/09 18:47:35 | 000,000,000 | ---D | C] -- C:\Users\Deb\Desktop\Devices [2010/10/07 17:47:24 | 000,000,000 | ---D | C] -- C:\Users\Deb\Desktop\miscfb [2010/10/07 16:21:56 | 000,000,000 | ---D | C] -- C:\Users\Deb\Desktop\Specimens [2010/10/07 16:02:07 | 000,000,000 | ---D | C] -- C:\Users\Deb\Desktop\taxidermy [2010/10/06 21:43:05 | 000,000,000 | ---D | C] -- C:\Users\Deb\AppData\Roaming\Raptr [2010/10/06 21:43:05 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Raptr [2010/09/22 17:35:57 | 000,000,000 | ---D | C] -- C:\Users\Deb\AppData\Roaming\Vivox [2010/09/08 11:25:40 | 000,000,000 | ---D | C] -- C:\Users\Deb\AppData\Local\vSide [2010/09/03 22:52:59 | 000,000,000 | ---D | C] -- C:\Users\Deb\Desktop\DivX [2010/09/02 19:19:20 | 000,000,000 | ---D | C] -- C:\Program Files\DivX [2010/09/01 11:29:28 | 000,000,000 | ---D | C] -- C:\Users\Deb\AppData\Local\IsolatedStorage [2010/09/01 11:28:36 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Virtual Earth 3D [2010/08/22 13:27:15 | 000,000,000 | ---D | C] -- C:\Users\Deb\AppData\Roaming\Toshiba [2010/08/22 12:27:54 | 000,000,000 | ---D | C] -- C:\Users\Deb\Desktop\tempmovie [2010/08/20 19:37:04 | 000,000,000 | ---D | C] -- C:\Users\Deb\AppData\Roaming\LimeWire [2010/08/19 19:04:48 | 000,000,000 | ---D | C] -- C:\Users\Deb\Desktop\limewiremusic [2010/08/18 11:54:05 | 000,000,000 | ---D | C] -- C:\Users\Deb\Desktop\Temporary Downloaded Files [2010/08/18 10:21:27 | 000,000,000 | ---D | C] -- C:\Windows\SQLTools9_KB970892_ENU [2010/08/18 10:19:19 | 000,000,000 | ---D | C] -- C:\Windows\SQL9_KB970892_ENU [2010/08/17 16:02:05 | 000,000,000 | -H-D | C] -- C:\ProgramData\CanonBJ [2010/08/17 15:53:16 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\MSECache [2010/08/03 21:48:17 | 000,000,000 | ---D | C] -- C:\Windows\Minidump [2010/07/24 21:48:24 | 000,000,000 | ---D | C] -- C:\Users\Deb\Desktop\subha [1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ] ========== Files - Modified Within 90 Days ========== [2010/10/19 12:38:00 | 000,000,278 | -H-- | M] () -- C:\Windows\tasks\{22116563-108C-42c0-A7CE-60161B75E508}.job [2010/10/19 12:34:26 | 000,003,616 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0 [2010/10/19 12:34:26 | 000,003,616 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0 [2010/10/19 12:34:20 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat [2010/10/19 12:34:14 | 4156,551,168 | -HS- | M] () -- C:\hiberfil.sys [2010/10/19 12:30:00 | 000,000,900 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-389025536-2933004900-1149884802-1000UA.job [2010/10/19 10:30:00 | 000,000,848 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-389025536-2933004900-1149884802-1000Core.job [2010/10/19 10:14:14 | 000,034,560 | ---- | M] () -- C:\Windows\SysWow64\drivers\Normandy.sys [2010/10/18 23:08:40 | 000,196,608 | ---- | M] (Trend Micro Inc.) -- C:\Windows\Gmupoc.exe [2010/10/18 23:08:40 | 000,196,608 | ---- | M] (Trend Micro Inc.) -- C:\Windows\Gmupob.exe [2010/10/18 23:08:40 | 000,196,608 | ---- | M] (Trend Micro Inc.) -- C:\Windows\Gmupoa.exe [2010/10/18 23:07:51 | 001,193,472 | ---- | M] () -- C:\Users\Deb\AppData\Local\10727299.exe [2010/10/15 17:29:47 | 000,005,120 | ---- | M] () -- C:\Users\Deb\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini [2010/10/15 17:26:02 | 000,769,072 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI [2010/10/15 17:26:02 | 000,651,210 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat [2010/10/15 17:26:02 | 000,121,692 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat [2010/10/15 09:54:59 | 000,406,760 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT [2010/10/13 09:47:11 | 000,001,888 | ---- | M] () -- C:\Users\Public\Desktop\Adobe Reader 9.lnk [2010/10/09 23:23:50 | 000,001,558 | ---- | M] () -- C:\Users\Deb\Desktop\LastChaos.lnk [2010/10/03 15:25:49 | 000,001,727 | ---- | M] () -- C:\Users\Deb\Desktop\LimeWire 5.5.16.lnk [2010/09/23 19:25:36 | 000,002,043 | ---- | M] () -- C:\Users\Deb\Desktop\Google Chrome.lnk [2010/09/23 19:25:36 | 000,002,005 | ---- | M] () -- C:\Users\Deb\Application Data\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk [2010/09/21 18:54:00 | 000,005,245 | ---- | M] () -- C:\Users\Deb\.recently-used.xbel [2010/09/20 12:16:09 | 000,010,816 | ---- | M] () -- C:\Users\Deb\Desktop\psychchart2.xlsx [2010/09/20 07:14:32 | 000,316,416 | ---- | M] () -- C:\Windows\SysNative\msshsq.dll [2010/09/17 13:30:24 | 000,020,958 | ---- | M] () -- C:\Users\Deb\Desktop\Shampoochart3.xlsx [2010/09/16 19:54:01 | 000,010,495 | ---- | M] () -- C:\Users\Deb\Desktop\Piechart1.xlsx [2010/09/10 12:30:57 | 013,425,152 | ---- | M] () -- C:\Windows\SysNative\wmp.dll [2010/09/10 10:52:05 | 008,147,968 | ---- | M] () -- C:\Windows\SysNative\wmploc.DLL [2010/09/08 01:39:23 | 000,243,712 | ---- | M] () -- C:\Windows\SysNative\occache.dll [2010/09/08 01:37:26 | 000,096,768 | ---- | M] () -- C:\Windows\SysNative\mshtmled.dll [2010/09/08 01:37:23 | 000,710,656 | ---- | M] () -- C:\Windows\SysNative\msfeeds.dll [2010/09/08 01:36:53 | 000,056,832 | ---- | M] () -- C:\Windows\SysNative\licmgr10.dll [2010/09/08 01:36:38 | 001,538,560 | ---- | M] () -- C:\Windows\SysNative\inetcpl.cpl [2010/09/08 01:36:24 | 000,219,136 | ---- | M] () -- C:\Windows\SysNative\ieui.dll [2010/09/08 01:36:24 | 000,132,096 | ---- | M] () -- C:\Windows\SysNative\iesysprep.dll [2010/09/08 01:36:23 | 000,252,416 | ---- | M] () -- C:\Windows\SysNative\iepeers.dll [2010/09/08 01:36:23 | 000,077,312 | ---- | M] () -- C:\Windows\SysNative\iesetup.dll [2010/09/08 01:36:23 | 000,072,192 | ---- | M] () -- C:\Windows\SysNative\iernonce.dll [2010/09/08 00:36:07 | 000,479,232 | ---- | M] () -- C:\Windows\SysNative\html.iec [2010/09/07 23:51:18 | 000,162,816 | ---- | M] () -- C:\Windows\SysNative\ieUnatt.exe [2010/09/07 23:51:01 | 000,070,656 | ---- | M] () -- C:\Windows\SysNative\ie4uinit.exe [2010/09/07 23:50:15 | 000,012,288 | ---- | M] () -- C:\Windows\SysNative\msfeedssync.exe [2010/09/06 10:59:19 | 000,012,288 | ---- | M] () -- C:\Windows\SysNative\sscore.dll [2010/09/06 10:57:48 | 000,017,920 | ---- | M] () -- C:\Windows\SysNative\netevent.dll [2010/09/02 19:42:09 | 000,001,727 | ---- | M] () -- C:\Users\Deb\Application Data\Microsoft\Internet Explorer\Quick Launch\LimeWire 5.5.14.lnk [2010/09/01 11:29:02 | 000,001,921 | ---- | M] () -- C:\Users\Public\Desktop\Bing Maps 3D.lnk [2010/08/31 10:21:34 | 000,633,856 | ---- | M] () -- C:\Windows\SysNative\comctl32.dll [2010/08/26 11:27:46 | 000,189,952 | ---- | M] () -- C:\Windows\SysNative\t2embed.dll [2010/08/20 10:56:01 | 001,090,048 | ---- | M] () -- C:\Windows\SysNative\wmpmde.dll [2010/08/19 11:19:39 | 000,709,336 | ---- | M] () -- C:\Windows\SysWow64\PerfStringBackup.INI [2010/08/03 21:48:17 | 453,231,341 | ---- | M] () -- C:\Windows\MEMORY.DMP [1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ] ========== Files Created - No Company Name ========== [2010/10/19 10:10:15 | 000,034,560 | ---- | C] () -- C:\Windows\SysWow64\drivers\Normandy.sys [2010/10/18 23:08:43 | 000,000,278 | -H-- | C] () -- C:\Windows\tasks\{22116563-108C-42c0-A7CE-60161B75E508}.job [2010/10/18 23:07:51 | 001,193,472 | ---- | C] () -- C:\Users\Deb\AppData\Local\10727299.exe [2010/10/14 09:51:56 | 000,316,416 | ---- | C] () -- C:\Windows\SysNative\msshsq.dll [2010/10/13 14:08:08 | 001,923,584 | ---- | C] () -- C:\Windows\SysNative\ole32.dll [2010/10/13 14:08:02 | 000,189,952 | ---- | C] () -- C:\Windows\SysNative\t2embed.dll [2010/10/13 14:08:00 | 000,633,856 | ---- | C] () -- C:\Windows\SysNative\comctl32.dll [2010/10/13 14:07:57 | 002,751,488 | ---- | C] () -- C:\Windows\SysNative\win32k.sys [2010/10/13 14:07:47 | 013,425,152 | ---- | C] () -- C:\Windows\SysNative\wmp.dll [2010/10/13 14:07:33 | 008,147,968 | ---- | C] () -- C:\Windows\SysNative\wmploc.DLL [2010/10/13 14:07:22 | 009,257,472 | ---- | C] () -- C:\Windows\SysNative\mshtml.dll [2010/10/13 14:07:20 | 012,474,368 | ---- | C] () -- C:\Windows\SysNative\ieframe.dll [2010/10/13 14:07:16 | 001,486,848 | ---- | C] () -- C:\Windows\SysNative\urlmon.dll [2010/10/13 14:07:16 | 000,710,656 | ---- | C] () -- C:\Windows\SysNative\msfeeds.dll [2010/10/13 14:07:16 | 000,479,232 | ---- | C] () -- C:\Windows\SysNative\html.iec [2010/10/13 14:07:15 | 001,147,904 | ---- | C] () -- C:\Windows\SysNative\wininet.dll [2010/10/13 14:07:14 | 000,096,768 | ---- | C] () -- C:\Windows\SysNative\mshtmled.dll [2010/10/13 14:07:14 | 000,056,832 | ---- | C] () -- C:\Windows\SysNative\licmgr10.dll [2010/10/13 14:07:12 | 002,335,744 | ---- | C] () -- C:\Windows\SysNative\iertutil.dll [2010/10/13 14:07:12 | 001,538,560 | ---- | C] () -- C:\Windows\SysNative\inetcpl.cpl [2010/10/13 14:07:12 | 001,062,912 | ---- | C] () -- C:\Windows\SysNative\mstime.dll [2010/10/13 14:07:12 | 000,459,776 | ---- | C] () -- C:\Windows\SysNative\iedkcs32.dll [2010/10/13 14:07:12 | 000,252,416 | ---- | C] () -- C:\Windows\SysNative\iepeers.dll [2010/10/13 14:07:12 | 000,243,712 | ---- | C] () -- C:\Windows\SysNative\occache.dll [2010/10/13 14:07:12 | 000,219,136 | ---- | C] () -- C:\Windows\SysNative\ieui.dll [2010/10/13 14:07:12 | 000,077,312 | ---- | C] () -- C:\Windows\SysNative\iesetup.dll [2010/10/13 14:07:12 | 000,072,192 | ---- | C] () -- C:\Windows\SysNative\iernonce.dll [2010/10/13 14:07:12 | 000,071,680 | ---- | C] () -- C:\Windows\SysNative\msfeedsbs.dll [2010/10/13 14:07:12 | 000,031,744 | ---- | C] () -- C:\Windows\SysNative\jsproxy.dll [2010/10/13 14:07:11 | 000,162,816 | ---- | C] () -- C:\Windows\SysNative\ieUnatt.exe [2010/10/13 14:07:11 | 000,132,096 | ---- | C] () -- C:\Windows\SysNative\iesysprep.dll [2010/10/13 14:07:10 | 001,638,912 | ---- | C] () -- C:\Windows\SysNative\mshtml.tlb [2010/10/13 14:07:10 | 000,070,656 | ---- | C] () -- C:\Windows\SysNative\ie4uinit.exe [2010/10/13 14:07:10 | 000,012,288 | ---- | C] () -- C:\Windows\SysNative\msfeedssync.exe [2010/10/13 14:07:04 | 000,461,824 | ---- | C] () -- C:\Windows\SysNative\drivers\srv.sys [2010/10/13 14:07:04 | 000,179,712 | ---- | C] () -- C:\Windows\SysNative\srvsvc.dll [2010/10/13 14:07:04 | 000,175,104 | ---- | C] () -- C:\Windows\SysNative\drivers\srv2.sys [2010/10/13 14:07:04 | 000,144,896 | ---- | C] () -- C:\Windows\SysNative\drivers\srvnet.sys [2010/10/13 14:07:04 | 000,017,920 | ---- | C] () -- C:\Windows\SysNative\netevent.dll [2010/10/13 14:07:04 | 000,012,288 | ---- | C] () -- C:\Windows\SysNative\sscore.dll [2010/10/13 14:07:00 | 000,343,040 | ---- | C] () -- C:\Windows\SysNative\schannel.dll [2010/10/13 14:06:59 | 001,090,048 | ---- | C] () -- C:\Windows\SysNative\wmpmde.dll [2010/10/13 09:47:11 | 000,001,888 | ---- | C] () -- C:\Users\Public\Desktop\Adobe Reader 9.lnk [2010/10/03 15:25:49 | 000,001,727 | ---- | C] () -- C:\Users\Deb\Desktop\LimeWire 5.5.16.lnk [2010/09/28 13:43:04 | 000,002,048 | ---- | C] () -- C:\Windows\SysNative\tzres.dll [2010/09/22 21:10:10 | 000,334,432 | ---- | C] () -- C:\Users\Deb\AppData\Local\dd_vcredistMSI57F9.txt [2010/09/22 21:10:10 | 000,011,182 | ---- | C] () -- C:\Users\Deb\AppData\Local\dd_vcredistUI57F9.txt [2010/09/21 18:54:00 | 000,005,245 | ---- | C] () -- C:\Users\Deb\.recently-used.xbel [2010/09/17 13:30:23 | 000,020,958 | ---- | C] () -- C:\Users\Deb\Desktop\Shampoochart3.xlsx [2010/09/16 20:21:19 | 000,010,816 | ---- | C] () -- C:\Users\Deb\Desktop\psychchart2.xlsx [2010/09/16 19:49:16 | 000,010,495 | ---- | C] () -- C:\Users\Deb\Desktop\Piechart1.xlsx [2010/09/15 15:51:05 | 000,295,424 | ---- | C] () -- C:\Windows\SysNative\MP4SDECD.DLL [2010/09/15 15:51:04 | 000,975,360 | ---- | C] () -- C:\Windows\SysNative\inetcomm.dll [2010/09/15 15:50:59 | 000,267,776 | ---- | C] () -- C:\Windows\SysNative\spoolsv.exe [2010/09/15 15:50:57 | 000,622,080 | ---- | C] () -- C:\Windows\SysNative\usp10.dll [2010/09/09 16:29:14 | 000,332,902 | ---- | C] () -- C:\Users\Deb\AppData\Local\dd_vcredistMSI0939.txt [2010/09/09 16:29:14 | 000,011,118 | ---- | C] () -- C:\Users\Deb\AppData\Local\dd_vcredistUI0939.txt [2010/09/02 19:42:09 | 000,001,727 | ---- | C] () -- C:\Users\Deb\Application Data\Microsoft\Internet Explorer\Quick Launch\LimeWire 5.5.14.lnk [2010/09/01 11:29:02 | 000,001,921 | ---- | C] () -- C:\Users\Public\Desktop\Bing Maps 3D.lnk [2010/08/23 15:18:10 | 000,335,566 | ---- | C] () -- C:\Users\Deb\AppData\Local\dd_vcredistMSI228F.txt [2010/08/23 15:18:09 | 000,011,230 | ---- | C] () -- C:\Users\Deb\AppData\Local\dd_vcredistUI228F.txt [2010/08/19 12:41:13 | 000,442,368 | ---- | C] () -- C:\Windows\SysNative\winhttp.dll [2010/08/19 12:06:26 | 000,024,064 | ---- | C] () -- C:\Windows\SysNative\wsepno.dll [2010/08/19 12:06:26 | 000,012,288 | ---- | C] () -- C:\Windows\SysNative\msshooks.dll [2010/08/19 12:06:25 | 000,106,605 | ---- | C] () -- C:\Windows\SysWow64\StructuredQuerySchema.bin [2010/08/19 12:06:25 | 000,106,605 | ---- | C] () -- C:\Windows\SysNative\StructuredQuerySchema.bin [2010/08/19 12:06:25 | 000,080,896 | ---- | C] () -- C:\Windows\SysNative\propdefs.dll [2010/08/19 12:06:25 | 000,067,072 | ---- | C] () -- C:\Windows\SysNative\xmlfilter.dll [2010/08/19 12:06:25 | 000,044,544 | ---- | C] () -- C:\Windows\SysNative\msscb.dll [2010/08/19 12:06:25 | 000,043,008 | ---- | C] () -- C:\Windows\SysNative\rtffilt.dll [2010/08/19 12:06:25 | 000,037,376 | ---- | C] () -- C:\Windows\SysNative\mimefilt.dll [2010/08/19 12:06:25 | 000,018,904 | ---- | C] () -- C:\Windows\SysWow64\StructuredQuerySchemaTrivial.bin [2010/08/19 12:06:25 | 000,018,904 | ---- | C] () -- C:\Windows\SysNative\StructuredQuerySchemaTrivial.bin [2010/08/19 12:06:23 | 001,676,800 | ---- | C] () -- C:\Windows\SysNative\chsbrkr.dll [2010/08/19 12:06:23 | 000,087,552 | ---- | C] () -- C:\Windows\SysNative\mssitlb.dll [2010/08/19 12:06:23 | 000,040,448 | ---- | C] () -- C:\Windows\SysNative\mssprxy.dll [2010/08/19 12:06:22 | 000,921,088 | ---- | C] () -- C:\Windows\SysNative\propsys.dll [2010/08/19 12:06:22 | 000,347,648 | ---- | C] () -- C:\Windows\SysNative\srchadmin.dll [2010/08/19 12:06:22 | 000,317,440 | ---- | C] () -- C:\Windows\SysNative\thawbrkr.dll [2010/08/19 12:06:22 | 000,280,064 | ---- | C] () -- C:\Windows\SysNative\offfilt.dll [2010/08/19 12:06:22 | 000,181,248 | ---- | C] () -- C:\Windows\SysNative\nlhtml.dll [2010/08/19 12:06:22 | 000,180,736 | ---- | C] () -- C:\Windows\SysNative\korwbrkr.dll [2010/08/19 12:06:21 | 011,967,524 | ---- | C] () -- C:\Windows\SysWow64\korwbrkr.lex [2010/08/19 12:06:21 | 011,967,524 | ---- | C] () -- C:\Windows\SysNative\korwbrkr.lex [2010/08/19 12:06:21 | 006,100,480 | ---- | C] () -- C:\Windows\SysNative\chtbrkr.dll [2010/08/19 12:06:21 | 000,796,672 | ---- | C] () -- C:\Windows\SysNative\mssvp.dll [2010/08/19 12:06:21 | 000,498,176 | ---- | C] () -- C:\Windows\SysNative\mssph.dll [2010/08/19 12:06:21 | 000,312,832 | ---- | C] () -- C:\Windows\SysNative\mssphtb.dll [2010/08/19 12:06:21 | 000,258,560 | ---- | C] () -- C:\Windows\SysNative\SearchProtocolHost.exe [2010/08/19 12:06:21 | 000,112,128 | ---- | C] () -- C:\Windows\SysNative\SearchFilterHost.exe [2010/08/19 12:06:21 | 000,078,848 | ---- | C] () -- C:\Windows\SysNative\msstrc.dll [2010/08/19 12:06:21 | 000,073,728 | ---- | C] () -- C:\Windows\SysNative\msscntrs.dll [2010/08/19 12:06:20 | 002,209,792 | ---- | C] () -- C:\Windows\SysNative\tquery.dll [2010/08/19 12:06:20 | 002,176,512 | ---- | C] () -- C:\Windows\SysNative\mssrch.dll [2010/08/19 12:06:20 | 000,598,016 | ---- | C] () -- C:\Windows\SysNative\SearchIndexer.exe [2010/08/19 11:42:26 | 000,032,768 | ---- | C] () -- C:\Windows\SysNative\nshhttp.dll [2010/08/19 11:42:23 | 000,610,304 | ---- | C] () -- C:\Windows\SysNative\drivers\http.sys [2010/08/19 11:42:23 | 000,033,792 | ---- | C] () -- C:\Windows\SysNative\httpapi.dll [2010/08/19 11:30:00 | 000,227,328 | ---- | C] () -- C:\Windows\SysNative\mpg2splt.ax [2010/08/19 11:30:00 | 000,101,376 | ---- | C] () -- C:\Windows\SysNative\MSNP.ax [2010/08/19 11:29:57 | 000,375,808 | ---- | C] () -- C:\Windows\SysNative\psisdecd.dll [2010/08/19 11:29:56 | 000,558,592 | ---- | C] () -- C:\Windows\SysNative\EncDec.dll [2010/08/19 11:29:56 | 000,289,792 | ---- | C] () -- C:\Windows\SysNative\psisrndr.ax [2010/08/19 11:27:35 | 001,942,856 | ---- | C] () -- C:\Windows\SysNative\dfshim.dll [2010/08/19 11:27:35 | 000,444,752 | ---- | C] () -- C:\Windows\SysNative\mscoree.dll [2010/08/19 11:27:35 | 000,320,352 | ---- | C] () -- C:\Windows\SysNative\PresentationHost.exe [2010/08/19 11:27:35 | 000,109,912 | ---- | C] () -- C:\Windows\SysNative\PresentationHostProxy.dll [2010/08/19 11:27:35 | 000,048,960 | ---- | C] () -- C:\Windows\SysNative\netfxperf.dll [2010/08/18 19:29:55 | 000,295,936 | ---- | C] () -- C:\Windows\SysNative\raschap.dll [2010/08/18 19:29:55 | 000,280,576 | ---- | C] () -- C:\Windows\SysNative\rastls.dll [2010/08/18 19:29:36 | 000,372,736 | ---- | C] () -- C:\Windows\SysNative\unregmp2.exe [2010/08/18 19:28:43 | 001,420,176 | ---- | C] () -- C:\Windows\SysNative\drivers\tcpip.sys [2010/08/18 19:28:40 | 001,691,648 | ---- | C] () -- C:\Windows\SysNative\connect.dll [2010/08/18 19:28:32 | 000,054,272 | ---- | C] () -- C:\Windows\SysNative\iyuv_32.dll [2010/08/18 19:28:32 | 000,038,400 | ---- | C] () -- C:\Windows\SysNative\msvidc32.dll [2010/08/18 19:28:32 | 000,025,600 | ---- | C] () -- C:\Windows\SysNative\msyuv.dll [2010/08/18 19:28:31 | 000,108,544 | ---- | C] () -- C:\Windows\SysNative\avifil32.dll [2010/08/18 19:28:31 | 000,093,184 | ---- | C] () -- C:\Windows\SysNative\mciavi32.dll [2010/08/18 19:28:31 | 000,076,800 | ---- | C] () -- C:\Windows\SysNative\avicap32.dll [2010/08/18 19:28:31 | 000,015,872 | ---- | C] () -- C:\Windows\SysNative\msrle32.dll [2010/08/18 19:28:31 | 000,013,824 | ---- | C] () -- C:\Windows\SysNative\tsbyuv.dll [2010/08/18 19:28:30 | 000,143,360 | ---- | C] () -- C:\Windows\SysNative\msvfw32.dll [2010/08/18 19:27:57 | 000,817,664 | ---- | C] () -- C:\Windows\SysNative\jscript.dll [2010/08/18 19:27:44 | 000,032,256 | ---- | C] () -- C:\Windows\SysNative\Apphlpdm.dll [2010/08/18 19:27:42 | 004,240,384 | ---- | C] () -- C:\Windows\SysNative\GameUXLegacyGDFs.dll [2010/08/18 19:27:30 | 000,366,080 | ---- | C] () -- C:\Windows\SysNative\atmfd.dll [2010/08/18 19:27:30 | 000,096,256 | ---- | C] () -- C:\Windows\SysNative\fontsub.dll [2010/08/18 19:27:30 | 000,048,128 | ---- | C] () -- C:\Windows\SysNative\atmlib.dll [2010/08/18 19:27:22 | 000,818,688 | ---- | C] () -- C:\Windows\SysNative\WMSPDMOD.DLL [2010/08/18 19:27:20 | 000,437,248 | ---- | C] () -- C:\Windows\SysNative\WSDApi.dll [2010/08/18 19:27:13 | 000,656,384 | ---- | C] () -- C:\Windows\SysNative\kerberos.dll [2010/08/18 19:26:55 | 000,084,480 | ---- | C] () -- C:\Windows\SysNative\asycfilt.dll [2010/08/18 19:26:52 | 012,898,304 | ---- | C] () -- C:\Windows\SysNative\shell32.dll [2010/08/18 19:26:39 | 000,273,920 | ---- | C] () -- C:\Windows\SysNative\drivers\mrxsmb10.sys [2010/08/18 19:26:39 | 000,135,168 | ---- | C] () -- C:\Windows\SysNative\drivers\mrxsmb.sys [2010/08/18 19:26:39 | 000,105,472 | ---- | C] () -- C:\Windows\SysNative\drivers\mrxsmb20.sys [2010/08/18 19:26:33 | 000,612,864 | ---- | C] () -- C:\Windows\SysNative\vbscript.dll [2010/08/18 19:26:32 | 000,050,688 | ---- | C] () -- C:\Windows\SysNative\rtutils.dll [2010/08/18 19:26:13 | 004,690,832 | ---- | C] () -- C:\Windows\SysNative\ntoskrnl.exe [2010/08/18 19:26:10 | 000,324,608 | ---- | C] () -- C:\Windows\SysNative\PortableDeviceApi.dll [2010/08/18 19:26:01 | 002,423,296 | ---- | C] () -- C:\Windows\SysNative\mstscax.dll [2010/08/18 19:25:57 | 000,880,640 | ---- | C] () -- C:\Windows\SysNative\timedate.cpl [2010/08/18 19:25:52 | 000,594,944 | ---- | C] () -- C:\Windows\SysNative\RMActivate_isv.exe [2010/08/18 19:25:52 | 000,594,432 | ---- | C] () -- C:\Windows\SysNative\RMActivate.exe [2010/08/18 19:25:51 | 000,413,696 | ---- | C] () -- C:\Windows\SysNative\RMActivate_ssp_isv.exe [2010/08/18 19:25:51 | 000,409,600 | ---- | C] () -- C:\Windows\SysNative\RMActivate_ssp.exe [2010/08/18 19:25:50 | 000,535,040 | ---- | C] () -- C:\Windows\SysNative\secproc.dll [2010/08/18 19:25:50 | 000,534,016 | ---- | C] () -- C:\Windows\SysNative\secproc_isv.dll [2010/08/18 19:25:50 | 000,457,216 | ---- | C] () -- C:\Windows\SysNative\msdrm.dll [2010/08/18 19:25:50 | 000,159,232 | ---- | C] () -- C:\Windows\SysNative\secproc_ssp_isv.dll [2010/08/18 19:25:50 | 000,158,720 | ---- | C] () -- C:\Windows\SysNative\secproc_ssp.dll [2010/08/18 19:24:51 | 002,900,480 | ---- | C] () -- C:\Windows\SysNative\WMVCORE.DLL [2010/08/18 19:24:50 | 003,547,136 | ---- | C] () -- C:\Windows\SysNative\mf.dll [2010/08/18 19:24:43 | 001,692,160 | ---- | C] () -- C:\Windows\SysNative\lsasrv.dll [2010/08/18 19:24:43 | 000,268,800 | ---- | C] () -- C:\Windows\SysNative\msv1_0.dll [2010/08/18 19:24:42 | 000,205,312 | ---- | C] () -- C:\Windows\SysNative\wdigest.dll [2010/08/18 19:24:41 | 000,515,656 | ---- | C] () -- C:\Windows\SysNative\drivers\ksecdd.sys [2010/08/18 19:24:40 | 000,094,720 | ---- | C] () -- C:\Windows\SysNative\secur32.dll [2010/08/18 19:24:40 | 000,011,264 | ---- | C] () -- C:\Windows\SysNative\lsass.exe [2010/08/18 19:24:38 | 000,088,576 | ---- | C] () -- C:\Windows\SysNative\atl.dll [2010/08/18 19:24:13 | 000,141,312 | ---- | C] () -- C:\Windows\SysNative\netiohlp.dll [2010/08/18 19:24:13 | 000,032,256 | ---- | C] () -- C:\Windows\SysNative\NETSTAT.EXE [2010/08/18 19:24:13 | 000,023,040 | ---- | C] () -- C:\Windows\SysNative\ARP.EXE [2010/08/18 19:24:13 | 000,012,800 | ---- | C] () -- C:\Windows\SysNative\MRINFO.EXE [2010/08/18 19:24:12 | 000,021,504 | ---- | C] () -- C:\Windows\SysNative\ROUTE.EXE [2010/08/18 19:24:12 | 000,011,264 | ---- | C] () -- C:\Windows\SysNative\finger.exe [2010/08/18 19:24:12 | 000,010,752 | ---- | C] () -- C:\Windows\SysNative\TCPSVCS.EXE [2010/08/18 19:24:12 | 000,010,240 | ---- | C] () -- C:\Windows\SysNative\HOSTNAME.EXE [2010/08/18 19:23:34 | 001,875,456 | ---- | C] () -- C:\Windows\SysNative\msxml3.dll [2010/08/18 19:23:30 | 001,570,816 | ---- | C] () -- C:\Windows\SysNative\quartz.dll [2010/08/18 19:23:26 | 000,082,944 | ---- | C] () -- C:\Windows\SysNative\msasn1.dll [2010/08/18 19:23:23 | 000,202,752 | ---- | C] () -- C:\Windows\SysNative\wkssvc.dll [2010/08/18 19:23:21 | 000,218,112 | ---- | C] () -- C:\Windows\SysNative\wintrust.dll [2010/08/18 19:22:25 | 000,104,960 | ---- | C] () -- C:\Windows\SysNative\cabview.dll [2010/08/18 19:04:10 | 000,072,192 | ---- | C] () -- C:\Windows\SysNative\l3codeca.acm [2010/08/18 19:03:57 | 000,368,128 | ---- | C] () -- C:\Windows\SysNative\wmpdxm.dll [2010/08/18 19:03:55 | 000,009,216 | ---- | C] () -- C:\Windows\SysNative\spwmp.dll [2010/08/18 19:03:55 | 000,005,120 | ---- | C] () -- C:\Windows\SysNative\msdxm.ocx [2010/08/18 19:03:55 | 000,005,120 | ---- | C] () -- C:\Windows\SysNative\dxmasf.dll [2010/08/18 19:03:54 | 000,043,520 | ---- | C] () -- C:\Windows\SysNative\msdxm.tlb [2010/08/18 19:03:53 | 000,018,432 | ---- | C] () -- C:\Windows\SysNative\amcompat.tlb [2010/08/18 19:03:09 | 000,176,640 | ---- | C] () -- C:\Windows\SysNative\Faultrep.dll [2010/08/18 19:03:08 | 000,120,832 | ---- | C] () -- C:\Windows\SysNative\wersvc.dll [2010/08/18 19:02:52 | 000,470,016 | ---- | C] () -- C:\Windows\SysNative\PhotoMetadataHandler.dll [2010/08/18 19:02:48 | 000,386,560 | ---- | C] () -- C:\Windows\SysNative\WindowsCodecsExt.dll [2010/08/18 19:02:47 | 000,841,216 | ---- | C] () -- C:\Windows\SysNative\WindowsCodecs.dll [2010/08/18 19:02:29 | 002,608,803 | ---- | C] () -- C:\Windows\SysNative\wlan.tmf [2010/08/18 19:02:28 | 000,376,832 | ---- | C] () -- C:\Windows\SysNative\wlansec.dll [2010/08/18 19:02:28 | 000,353,280 | ---- | C] () -- C:\Windows\SysNative\wlanmsm.dll [2010/08/18 19:02:28 | 000,157,184 | ---- | C] () -- C:\Windows\SysNative\L2SecHC.dll [2010/08/18 19:02:27 | 000,615,936 | ---- | C] () -- C:\Windows\SysNative\wlansvc.dll [2010/08/18 19:02:27 | 000,097,792 | ---- | C] () -- C:\Windows\SysNative\wlanhlp.dll [2010/08/18 19:02:27 | 000,086,528 | ---- | C] () -- C:\Windows\SysNative\wlanapi.dll [2010/08/17 16:00:59 | 000,235,520 | ---- | C] () -- C:\Windows\SysNative\CNMLM82.DLL [2010/08/03 21:47:00 | 453,231,341 | ---- | C] () -- C:\Windows\MEMORY.DMP [2010/07/27 20:40:54 | 000,001,558 | ---- | C] () -- C:\Users\Deb\Desktop\LastChaos.lnk [2010/07/02 16:08:08 | 000,334,802 | ---- | C] () -- C:\Users\Deb\AppData\Local\dd_vcredistMSI69E3.txt [2010/07/02 16:08:07 | 000,011,198 | ---- | C] () -- C:\Users\Deb\AppData\Local\dd_vcredistUI69E3.txt [2010/06/02 15:20:09 | 000,005,120 | ---- | C] () -- C:\Users\Deb\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini [2010/05/24 15:39:15 | 000,000,258 | RHS- | C] () -- C:\ProgramData\ntuser.pol [2010/05/10 16:30:38 | 000,335,192 | ---- | C] () -- C:\Users\Deb\AppData\Local\dd_vcredistMSI4E12.txt [2010/05/10 16:30:38 | 000,011,214 | ---- | C] () -- C:\Users\Deb\AppData\Local\dd_vcredistUI4E12.txt [2010/05/01 10:13:38 | 008,892,928 | ---- | C] () -- C:\ProgramData\atscie.msi [2010/04/26 11:43:44 | 000,000,056 | -H-- | C] () -- C:\ProgramData\ezsidmv.dat [2010/04/23 09:39:09 | 000,334,098 | ---- | C] () -- C:\Users\Deb\AppData\Local\dd_vcredistMSI62DF.txt [2010/04/23 09:39:09 | 000,011,182 | ---- | C] () -- C:\Users\Deb\AppData\Local\dd_vcredistUI62DF.txt [2010/04/08 22:44:55 | 000,010,562 | ---- | C] () -- C:\Users\Deb\AppData\Local\dd_vcredistUI2848.txt [2010/04/08 22:44:54 | 000,424,098 | ---- | C] () -- C:\Users\Deb\AppData\Local\dd_vcredistMSI2845.txt [2010/04/08 22:44:54 | 000,011,390 | ---- | C] () -- C:\Users\Deb\AppData\Local\dd_vcredistUI2845.txt [2009/06/01 22:19:36 | 000,709,336 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI [2009/05/28 13:27:18 | 000,000,013 | RHS- | C] () -- C:\Windows\SysWow64\drivers\fbd.sys [2009/04/23 06:14:31 | 000,128,113 | ---- | C] () -- C:\Windows\SysWow64\csellang.ini [2009/04/23 06:14:31 | 000,045,056 | ---- | C] () -- C:\Windows\SysWow64\csellang.dll [2009/04/23 06:14:31 | 000,007,671 | ---- | C] () -- C:\Windows\SysWow64\cseltbl.ini [2008/09/15 19:14:24 | 003,596,288 | ---- | C] () -- C:\Windows\SysWow64\qt-dx331.dll [2008/09/15 19:11:10 | 000,012,288 | ---- | C] () -- C:\Windows\SysWow64\DivXWMPExtType.dll [2008/08/18 13:37:34 | 000,000,000 | ---- | C] () -- C:\Windows\NDSTray.INI [2008/08/18 13:23:51 | 000,204,800 | ---- | C] () -- C:\Windows\SysWow64\IVIresizeW7.dll [2008/08/18 13:23:51 | 000,200,704 | ---- | C] () -- C:\Windows\SysWow64\IVIresizeA6.dll [2008/08/18 13:23:51 | 000,192,512 | ---- | C] () -- C:\Windows\SysWow64\IVIresizeP6.dll [2008/08/18 13:23:51 | 000,192,512 | ---- | C] () -- C:\Windows\SysWow64\IVIresizeM6.dll [2008/08/18 13:23:51 | 000,188,416 | ---- | C] () -- C:\Windows\SysWow64\IVIresizePX.dll [2008/08/18 13:23:51 | 000,020,480 | ---- | C] () -- C:\Windows\SysWow64\IVIresize.dll [2008/01/20 21:50:05 | 000,060,124 | ---- | C] () -- C:\Windows\SysWow64\tcpmon.ini [2008/01/20 21:49:49 | 000,368,640 | ---- | C] () -- C:\Windows\SysWow64\msjetoledb40.dll ========== LOP Check ========== [2010/02/17 18:32:53 | 000,000,000 | ---D | M] -- C:\Users\Deb\AppData\Roaming\Ambient Design [2010/10/16 22:02:19 | 000,000,000 | ---D | M] -- C:\Users\Deb\AppData\Roaming\BitTorrent [2010/05/24 15:40:39 | 000,000,000 | ---D | M] -- C:\Users\Deb\AppData\Roaming\Bytemobile [2009/06/01 19:39:41 | 000,000,000 | ---D | M] -- C:\Users\Deb\AppData\Roaming\com.adobe.mauby.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1 [2010/10/19 12:34:55 | 000,000,000 | ---D | M] -- C:\Users\Deb\AppData\Roaming\DNA [2010/07/31 15:18:55 | 000,000,000 | ---D | M] -- C:\Users\Deb\AppData\Roaming\GetRightToGo [2010/09/21 18:54:00 | 000,000,000 | ---D | M] -- C:\Users\Deb\AppData\Roaming\gtk-2.0 [2009/11/26 19:17:43 | 000,000,000 | ---D | M] -- C:\Users\Deb\AppData\Roaming\ijjigame [2010/10/18 23:16:52 | 000,000,000 | ---D | M] -- C:\Users\Deb\AppData\Roaming\LimeWire [2010/03/25 21:39:17 | 000,000,000 | ---D | M] -- C:\Users\Deb\AppData\Roaming\Opera [2010/03/10 11:29:40 | 000,000,000 | ---D | M] -- C:\Users\Deb\AppData\Roaming\PhotoFiltre [2010/10/17 23:25:06 | 000,000,000 | ---D | M] -- C:\Users\Deb\AppData\Roaming\Raptr [2010/05/24 15:39:03 | 000,000,000 | ---D | M] -- C:\Users\Deb\AppData\Roaming\Sierra Wireless [2009/12/02 10:12:05 | 000,000,000 | ---D | M] -- C:\Users\Deb\AppData\Roaming\SiteRanker [2010/08/22 13:27:15 | 000,000,000 | ---D | M] -- C:\Users\Deb\AppData\Roaming\Toshiba [2010/09/22 17:35:57 | 000,000,000 | ---D | M] -- C:\Users\Deb\AppData\Roaming\Vivox [2010/10/19 12:33:12 | 000,032,614 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT [2010/10/19 12:38:00 | 000,000,278 | -H-- | M] () -- C:\Windows\Tasks\{22116563-108C-42c0-A7CE-60161B75E508}.job ========== Purity Check ========== ========== Alternate Data Streams ========== @Alternate Data Stream - 121 bytes -> C:\ProgramData\TEMP:DFC5A2B2 @Alternate Data Stream - 115 bytes -> C:\ProgramData\TEMP:A8ADE5D8 < End of report >