TechSpot

Yet another problem with my computer!

By merenwen
Feb 9, 2011
  1. Ok, so Broni was amazing and helped me remove a bunch of malware on the computer that had apparently been caused by my dns being hijacked. The computer "symptoms" were the same old google rerouting issue, and I couldn't get onto certain sites because of the messed up dns.

    Anyway... it looks like trouble is starting again. Here are a few of the symptoms:
    1) Computer is running slowly, particularly when I'm on the internet.
    2) When I click on the Start button and then "All Programs" , it appears as if half of them are new programs. They're highlighted in yellow which only happens when I've just installed a new program, yet all of these are very old.
    3) When I go to certain websites, like Facebook, I get the following error:
    4) The clock on the bottom right corner seems to have reset itself and is the wrong time for some reason.

    What should I do, and why is this happening again so soon? :(

    I'm going to run the 8-step thing now. I apologize, I should've done that before posting this.

    Thanks!!
     
  2. merenwen

    merenwen TS Rookie Topic Starter Posts: 35

    Here are the logs:

    Malwarebytes' Anti-Malware 1.50.1.1100
    www.malwarebytes.org

    Database version: 5726

    Windows 5.1.2600 Service Pack 3
    Internet Explorer 8.0.6001.18702

    1/1/2007 11:07:14 PM
    mbam-log-2007-01-01 (23-07-14).txt

    Scan type: Quick scan
    Objects scanned: 155573
    Time elapsed: 3 minute(s), 2 second(s)

    Memory Processes Infected: 0
    Memory Modules Infected: 0
    Registry Keys Infected: 0
    Registry Values Infected: 0
    Registry Data Items Infected: 0
    Folders Infected: 0
    Files Infected: 0

    Memory Processes Infected:
    (No malicious items detected)

    Memory Modules Infected:
    (No malicious items detected)

    Registry Keys Infected:
    (No malicious items detected)

    Registry Values Infected:
    (No malicious items detected)

    Registry Data Items Infected:
    (No malicious items detected)

    Folders Infected:
    (No malicious items detected)

    Files Infected:
    (No malicious items detected)

    -------------------------------------------------------

    GMER 1.0.15.15530 - http://www.gmer.net
    Rootkit quick scan 2007-01-01 23:16:06
    Windows 5.1.2600 Service Pack 3 Harddisk0\DR0 -> \Device\Ide\IdeDeviceP0T0L0-3 SAMSUNG_HD161HJ rev.JF100-22
    Running: k1xycswv.exe; Driver: C:\DOCUME~1\Shaina\LOCALS~1\Temp\fxdyqfob.sys


    ---- System - GMER 1.0.15 ----

    Code \SystemRoot\System32\Drivers\aswSP.SYS (avast! self protection module/AVAST Software) ZwCreateProcessEx [0xA893982E]
    Code \SystemRoot\System32\Drivers\aswSP.SYS (avast! self protection module/AVAST Software) ZwCreateSection [0xA8939652]
    Code \SystemRoot\System32\Drivers\aswSP.SYS (avast! self protection module/AVAST Software) ZwLoadDriver [0xA893978C]
    Code \SystemRoot\System32\Drivers\aswSP.SYS (avast! self protection module/AVAST Software) NtCreateSection
    Code \SystemRoot\System32\Drivers\aswSP.SYS (avast! self protection module/AVAST Software) ObInsertObject
    Code \SystemRoot\System32\Drivers\aswSP.SYS (avast! self protection module/AVAST Software) ObMakeTemporaryObject

    ---- Devices - GMER 1.0.15 ----

    Device \FileSystem\Ntfs \Ntfs aswSP.SYS (avast! self protection module/AVAST Software)

    AttachedDevice \FileSystem\Ntfs \Ntfs aswMon2.SYS (avast! File System Filter Driver for Windows XP/AVAST Software)
    AttachedDevice \Driver\Tcpip \Device\Ip aswTdi.SYS (avast! TDI Filter Driver/AVAST Software)
    AttachedDevice \Driver\Tcpip \Device\Tcp aswTdi.SYS (avast! TDI Filter Driver/AVAST Software)
    AttachedDevice \Driver\Tcpip \Device\Udp aswTdi.SYS (avast! TDI Filter Driver/AVAST Software)
    AttachedDevice \Driver\Tcpip \Device\RawIp aswTdi.SYS (avast! TDI Filter Driver/AVAST Software)

    ---- EOF - GMER 1.0.15 ----
     
  3. merenwen

    merenwen TS Rookie Topic Starter Posts: 35

    DDS (Ver_10-12-12.02) - NTFSx86
    Run by Shaina at 23:19:09.43 on Mon 01/01/2007
    Internet Explorer: 8.0.6001.18702 BrowserJavaVersion: 1.6.0_23
    Microsoft Windows XP Home Edition 5.1.2600.3.1252.1.1033.18.2037.1263 [GMT -5:00]

    AV: avast! Antivirus *Enabled/Updated* {7591DB91-41F0-48A3-B128-1A293FD8233D}

    ============== Running Processes ===============

    C:\WINDOWS\system32\savedump.exe
    C:\WINDOWS\system32\svchost -k DcomLaunch
    svchost.exe
    C:\WINDOWS\System32\svchost.exe -k netsvcs
    C:\WINDOWS\system32\svchost.exe -k WudfServiceGroup
    svchost.exe
    svchost.exe
    C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
    C:\WINDOWS\Explorer.EXE
    C:\WINDOWS\system32\spoolsv.exe
    C:\WINDOWS\system32\igfxpers.exe
    C:\WINDOWS\RTHDCPL.EXE
    C:\Program Files\Common Files\Java\Java Update\jusched.exe
    C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe
    C:\Program Files\Adobe\Acrobat 7.0\Distillr\Acrotray.exe
    C:\Program Files\Common Files\Real\Update_OB\realsched.exe
    C:\Program Files\Logitech\Logitech WebCam Software\LWS.exe
    C:\Program Files\Canon\MyPrinter\BJMyPrt.exe
    C:\Program Files\iTunes\iTunesHelper.exe
    C:\WINDOWS\system32\igfxsrvc.exe
    C:\Program Files\Canon\Canon IJ Network Scan Utility\CNMNSUT.EXE
    C:\Program Files\Alwil Software\Avast5\avastUI.exe
    C:\Program Files\Logitech\Vid HD\Vid.exe
    C:\WINDOWS\system32\ctfmon.exe
    C:\Program Files\Skype\Phone\Skype.exe
    svchost.exe
    C:\Program Files\Common Files\Logishrd\LQCVFX\COCIManager.exe
    C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
    C:\Program Files\Java\jre6\bin\jqs.exe
    C:\Program Files\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exe
    C:\Program Files\Secunia\PSI\PSIA.exe
    C:\Program Files\Secunia\PSI\psi_tray.exe
    C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE
    C:\WINDOWS\system32\svchost.exe -k imgsvc
    C:\Program Files\Skype\Plugin Manager\skypePM.exe
    C:\WINDOWS\system32\wuauclt.exe
    C:\Program Files\iPod\bin\iPodService.exe
    C:\WINDOWS\System32\svchost.exe -k HTTPFilter
    C:\Program Files\Mozilla Firefox\firefox.exe
    C:\Program Files\Mozilla Firefox\plugin-container.exe
    C:\Documents and Settings\Shaina\My Documents\Downloads\dds(2).scr

    ============== Pseudo HJT Report ===============

    uStart Page = hxxp://www.google.com/
    BHO: Adobe PDF Reader Link Helper: {06849e9f-c8d7-4d59-b87d-784b7d6be0b3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelper.dll
    BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelperShim.dll
    BHO: Groove GFS Browser Helper: {72853161-30c5-4d22-b7f9-0bbc1d38a37e} - c:\program files\microsoft office\office12\GrooveShellExtensions.dll
    BHO: AcroIEToolbarHelper Class: {ae7cd045-e861-484f-8273-0445ee161910} - c:\program files\adobe\acrobat 7.0\acrobat\AcroIEFavClient.dll
    BHO: Java(tm) Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - c:\program files\java\jre6\bin\jp2ssv.dll
    BHO: JQSIEStartDetectorImpl Class: {e7e6f031-17ce-4c07-bc86-eabfe594f69c} - c:\program files\java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
    TB: Adobe PDF: {47833539-d0c5-4125-9fa8-0819e2eaac93} - c:\program files\adobe\acrobat 7.0\acrobat\AcroIEFavClient.dll
    uRun: [Logitech Vid] "c:\program files\logitech\vid hd\Vid.exe" -bootmode
    uRun: [ctfmon.exe] c:\windows\system32\ctfmon.exe
    uRun: [Skype] "c:\program files\skype\phone\Skype.exe" /nosplash /minimized
    mRun: [IgfxTray] c:\windows\system32\igfxtray.exe
    mRun: [HotKeysCmds] c:\windows\system32\hkcmd.exe
    mRun: [Persistence] c:\windows\system32\igfxpers.exe
    mRun: [RTHDCPL] RTHDCPL.EXE
    mRun: [RoxWatchTray] "c:\program files\common files\roxio shared\9.0\sharedcom\RoxWatchTray9.exe"
    mRun: [SunJavaUpdateSched] "c:\program files\common files\java\java update\jusched.exe"
    mRun: [GrooveMonitor] "c:\program files\microsoft office\office12\GrooveMonitor.exe"
    mRun: [Acrobat Assistant 7.0] "c:\program files\adobe\acrobat 7.0\distillr\Acrotray.exe"
    mRun: [TkBellExe] "c:\program files\common files\real\update_ob\realsched.exe" -osboot
    mRun: [LogitechQuickCamRibbon] "c:\program files\logitech\logitech webcam software\LWS.exe" /hide
    mRun: [CanonMyPrinter] c:\program files\canon\myprinter\BJMyPrt.exe /logon
    mRun: [CanonSolutionMenu] c:\program files\canon\solutionmenu\CNSLMAIN.exe /logon
    mRun: [QuickTime Task] "c:\program files\quicktime\QTTask.exe" -atboottime
    mRun: [iTunesHelper] "c:\program files\itunes\iTunesHelper.exe"
    mRun: [IJNetworkScanUtility] c:\program files\canon\canon ij network scan utility\CNMNSUT.EXE
    mRun: [Adobe Reader Speed Launcher] "c:\program files\adobe\reader 10.0\reader\Reader_sl.exe"
    mRun: [Adobe ARM] "c:\program files\common files\adobe\arm\1.0\AdobeARM.exe"
    mRun: [avast5] "c:\program files\alwil software\avast5\avastUI.exe" /nogui
    mRun: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k
    dRunOnce: [RunNarrator] Narrator.exe
    StartupFolder: c:\docume~1\shaina\startm~1\programs\startup\onenot~1.lnk - c:\program files\microsoft office\office12\ONENOTEM.EXE
    StartupFolder: c:\documents and settings\shaina\start menu\programs\startup\OneNote Table Of Contents.onetoc2
    StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\adobea~1.lnk - c:\windows\installer\{ac76ba86-1033-0000-7760-100000000002}\SC_Acrobat.exe
    StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\secuni~1.lnk - c:\program files\secunia\psi\psi_tray.exe
    IE: Convert link target to Adobe PDF - c:\program files\adobe\acrobat 7.0\acrobat\AcroIEFavClient.dll/AcroIECapture.html
    IE: Convert link target to existing PDF - c:\program files\adobe\acrobat 7.0\acrobat\AcroIEFavClient.dll/AcroIEAppend.html
    IE: Convert selected links to Adobe PDF - c:\program files\adobe\acrobat 7.0\acrobat\AcroIEFavClient.dll/AcroIECaptureSelLinks.html
    IE: Convert selected links to existing PDF - c:\program files\adobe\acrobat 7.0\acrobat\AcroIEFavClient.dll/AcroIEAppendSelLinks.html
    IE: Convert selection to Adobe PDF - c:\program files\adobe\acrobat 7.0\acrobat\AcroIEFavClient.dll/AcroIECapture.html
    IE: Convert selection to existing PDF - c:\program files\adobe\acrobat 7.0\acrobat\AcroIEFavClient.dll/AcroIEAppend.html
    IE: Convert to Adobe PDF - c:\program files\adobe\acrobat 7.0\acrobat\AcroIEFavClient.dll/AcroIECapture.html
    IE: Convert to existing PDF - c:\program files\adobe\acrobat 7.0\acrobat\AcroIEFavClient.dll/AcroIEAppend.html
    IE: E&xport to Microsoft Excel - c:\progra~1\micros~2\office12\EXCEL.EXE/3000
    IE: {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe
    IE: {FB5F1910-F110-11d2-BB9E-00C04F795683} - c:\program files\messenger\msmsgs.exe
    IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - c:\progra~1\micros~2\office12\ONBttnIE.dll
    IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - c:\progra~1\micros~2\office12\REFIEBAR.DLL
    DPF: {406B5949-7190-4245-91A9-30A17DE16AD0} - hxxp://www2.snapfish.com/SnapfishActivia.cab
    DPF: {44C1E3A2-B594-401C-B27A-D1B4476E4797} - hxxps://vpn.level2iaas.com/XTSAC.cab
    DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_23-windows-i586.cab
    DPF: {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_23-windows-i586.cab
    DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_23-windows-i586.cab
    Handler: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - c:\program files\microsoft office\office12\GrooveSystemServices.dll
    Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - c:\progra~1\common~1\skype\SKYPE4~1.DLL
    Notify: igfxcui - igfxdev.dll
    SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - c:\windows\system32\WPDShServiceObj.dll
    SEH: Groove GFS Stub Execution Hook: {b5a7f190-dda6-4420-b3ba-52453494e6cd} - c:\program files\microsoft office\office12\GrooveShellExtensions.dll

    ================= FIREFOX ===================

    FF - ProfilePath - c:\docume~1\shaina\applic~1\mozilla\firefox\profiles\0fq2dssd.default\
    FF - prefs.js: browser.search.defaulturl - hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT2260173&SearchSource=3&q={searchTerms}
    FF - prefs.js: network.proxy.type - 0
    FF - component: c:\documents and settings\shaina\application data\mozilla\firefox\profiles\0fq2dssd.default\extensions\{0b457caa-602d-484a-8fe7-c1d894a011ba}\platform\winnt_x86-msvc\components\SSSLauncher.dll
    FF - plugin: c:\documents and settings\all users\application data\real\realplayer\browserrecordplugin\mozillaplugins\nprphtml5videoshim.dll
    FF - plugin: c:\program files\divx\divx plus web player\npdivx32.dll
    FF - plugin: c:\program files\google\update\1.2.183.39\npGoogleOneClick8.dll
    FF - plugin: c:\program files\java\jre6\bin\new_plugin\npdeployJava1.dll
    FF - plugin: c:\program files\mozilla firefox\plugins\npCouponPrinter.dll
    FF - plugin: c:\program files\mozilla firefox\plugins\npMozCouponPrinter.dll
    FF - plugin: c:\program files\mozilla firefox\plugins\npOGAPlugin.dll
    FF - Ext: Download Statusbar: {D4DD63FA-01E4-46a7-B6B1-EDAB7D6AD389} - %profile%\extensions\{D4DD63FA-01E4-46a7-B6B1-EDAB7D6AD389}
    FF - Ext: Forecastfox Weather: {0538E3E3-7E9B-4d49-8831-A227C80A7AD3} - %profile%\extensions\{0538E3E3-7E9B-4d49-8831-A227C80A7AD3}
    FF - Ext: PDF Download: {37E4D8EA-8BDA-4831-8EA1-89053939A250} - %profile%\extensions\{37E4D8EA-8BDA-4831-8EA1-89053939A250}
    FF - Ext: Adblock Plus: {d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d} - %profile%\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}
    FF - Ext: Tab Mix Plus: {dc572301-7619-498c-a57d-39143191b318} - %profile%\extensions\{dc572301-7619-498c-a57d-39143191b318}
    FF - Ext: FireShot: {0b457cAA-602d-484a-8fe7-c1d894a011ba} - %profile%\extensions\{0b457cAA-602d-484a-8fe7-c1d894a011ba}
    FF - Ext: WOT: {a0d7ccb3-214d-498b-b4aa-0e8fda9a7bf7} - %profile%\extensions\{a0d7ccb3-214d-498b-b4aa-0e8fda9a7bf7}
    FF - Ext: Default: {972ce4c6-7e08-4474-a285-3208198ce6fd} - c:\program files\mozilla firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
    FF - Ext: Java Console: {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA} - c:\program files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}
    FF - Ext: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\windows\microsoft.net\framework\v3.5\windows presentation foundation\DotNetAssistantExtension

    ---- FIREFOX POLICIES ----
    FF - user.js: yahoo.homepage.dontask - true);user_pref(network.protocol-handler.warn-external.dnupdate, false

    ============= SERVICES / DRIVERS ===============

    R1 aswSP;aswSP;c:\windows\system32\drivers\aswSP.sys [2011-1-29 294608]
    R2 aswFsBlk;aswFsBlk;c:\windows\system32\drivers\aswFsBlk.sys [2011-1-29 17744]
    R2 avast! Antivirus;avast! Antivirus;c:\program files\alwil software\avast5\AvastSvc.exe [2011-1-29 40384]
    R2 Secunia PSI Agent;Secunia PSI Agent;c:\program files\secunia\psi\psia.exe [2011-1-10 993848]
    S2 gupdate1ca1bc6c8bc7930;Google Update Service (gupdate1ca1bc6c8bc7930);c:\program files\google\update\GoogleUpdate.exe [2009-8-12 133104]
    S3 Lavasoft Kernexplorer;Lavasoft helper driver;\??\c:\program files\lavasoft\ad-aware\kernexplorer.sys --> c:\program files\lavasoft\ad-aware\KernExplorer.sys [?]
    S3 PSI;PSI;c:\windows\system32\drivers\psi_mf.sys [2010-9-1 15544]
     
  4. merenwen

    merenwen TS Rookie Topic Starter Posts: 35

    =============== Created Last 30 ================

    2011-01-31 13:50:33 -------- d-----r- c:\program files\Skype
    2011-01-30 15:45:12 135568 ----a-w- c:\program files\mozilla firefox\plugins\nppdf32.dll
    2011-01-30 15:45:12 135568 ----a-w- c:\program files\internet explorer\plugins\nppdf32.dll
    2011-01-28 19:13:28 38848 ----a-w- c:\windows\avastSS.scr
    2011-01-28 18:36:35 -------- d-----w- c:\docume~1\shaina\locals~1\applic~1\Secunia PSI
    2011-01-28 18:36:29 -------- d-----w- c:\program files\Secunia
    2011-01-28 16:56:26 -------- d-----w- c:\docume~1\alluse~1\applic~1\Alwil Software
    2011-01-28 05:06:37 -------- d-----w- c:\program files\ESET
    2011-01-21 14:44:37 439296 -c----w- c:\windows\system32\dllcache\shimgvw.dll
    2011-01-03 01:55:33 -------- d--h--w- c:\docume~1\alluse~1\applic~1\Common Files
    2011-01-03 01:54:17 -------- d-----w- c:\windows\system32\drivers\AVG
    2011-01-02 16:52:22 -------- d-----w- c:\docume~1\alluse~1\applic~1\SUPERAntiSpyware.com
    2010-12-14 21:33:38 40960 -c----w- c:\windows\system32\dllcache\ndproxy.sys
    2010-12-14 21:31:50 45568 -c----w- c:\windows\system32\dllcache\wab.exe
    2010-12-07 15:40:47 -------- d--h--w- c:\docume~1\alluse~1\applic~1\CanonIJScan
    2010-11-30 12:26:06 -------- d--h--w- c:\windows\PIF
    2010-11-18 18:12:44 81920 -c----w- c:\windows\system32\dllcache\isign32.dll
    2010-11-18 02:18:46 -------- d-----w- c:\docume~1\shaina\applic~1\FrostWire
    2010-11-18 02:14:29 -------- d-----w- c:\program files\FrostWire
    2010-11-09 14:52:35 536576 -c----w- c:\windows\system32\dllcache\msado15.dll
    2010-11-09 14:52:35 249856 -c----w- c:\windows\system32\dllcache\odbc32.dll
    2010-11-09 14:52:35 200704 -c----w- c:\windows\system32\dllcache\msadox.dll
    2010-11-09 14:52:35 180224 -c----w- c:\windows\system32\dllcache\msadomd.dll
    2010-11-09 14:52:35 143360 -c----w- c:\windows\system32\dllcache\msadco.dll
    2010-11-09 14:52:35 102400 -c----w- c:\windows\system32\dllcache\msjro.dll
    2010-10-13 06:43:22 974848 -c----w- c:\windows\system32\dllcache\mfc42.dll
    2010-10-13 06:43:22 953856 -c----w- c:\windows\system32\dllcache\mfc40u.dll
    2010-10-13 06:43:17 617472 -c----w- c:\windows\system32\dllcache\comctl32.dll
    2010-10-10 01:17:59 -------- d-----w- c:\program files\LimeWire
    2010-09-19 18:00:04 98304 ----a-w- c:\windows\system32\CNC860I.DLL
    2010-09-19 18:00:04 274432 ----a-w- c:\windows\system32\CNC860L.DLL
    2010-09-19 18:00:04 192512 ----a-w- c:\windows\system32\CNC860O.DLL
    2010-09-19 18:00:04 15872 ----a-w- c:\windows\system32\CNHMCA.DLL
    2010-09-19 18:00:04 1331200 ----a-w- c:\windows\system32\CNC860C.DLL
    2010-09-19 18:00:01 6784 -c--a-w- c:\windows\system32\dllcache\serscan.sys
    2010-09-19 18:00:01 6784 ----a-w- c:\windows\system32\drivers\serscan.sys
    2010-09-19 17:58:37 142336 ----a-w- c:\windows\system32\CNMNPUI.DLL
    2010-09-19 17:58:36 362496 ----a-w- c:\windows\system32\CNMNPPM.DLL
    2010-09-17 15:50:22 17244544 ----a-w- c:\program files\common files\microsoft shared\office12\MSO.DLL
    2010-09-08 15:17:46 94208 ----a-w- c:\windows\system32\QuickTimeVR.qtx
    2010-09-08 15:17:46 69632 ----a-w- c:\windows\system32\QuickTime.qts
    2010-09-01 08:30:58 15544 ----a-w- c:\windows\system32\drivers\psi_mf.sys
    2010-08-27 05:57:43 99840 -c----w- c:\windows\system32\dllcache\srvsvc.dll
    2010-08-17 13:17:06 58880 -c----w- c:\windows\system32\dllcache\spoolsv.exe
    2010-08-13 20:39:27 -------- d-----w- c:\windows\system32\NtmsData
    2010-08-13 00:44:30 472808 ----a-w- c:\windows\system32\deployJava1.dll
    2010-08-13 00:44:30 472808 ----a-w- c:\program files\mozilla firefox\plugins\npdeployJava1.dll
    2010-08-12 13:09:38 744448 -c----w- c:\windows\system32\dllcache\helpsvc.exe
    2010-08-11 04:27:32 -------- d-sha-r- C:\cmdcons
    2010-08-08 02:55:13 -------- d-----w- c:\docume~1\shaina\locals~1\applic~1\AOL
    2010-08-08 02:54:16 -------- d-----w- c:\program files\common files\AOL
    2010-07-22 13:58:54 119160 ----a-w- c:\program files\common files\microsoft shared\textconv\MSCONV97.DLL
    2010-07-16 22:57:02 -------- d-----w- c:\docume~1\shaina\applic~1\WinPatrol
    2010-07-16 22:56:50 -------- d-----w- c:\program files\BillP Studios
    2010-07-16 22:52:32 -------- d-----w- c:\program files\Trend Micro
    2010-07-16 12:05:55 1288192 -c----w- c:\windows\system32\dllcache\ole32.dll
    2010-07-16 11:06:41 -------- d-----w- C:\spoolerlogs
    2010-07-12 11:05:32 880640 ----a-w- c:\windows\system32\UniBox10.ocx
    2010-07-12 11:05:32 212992 ----a-w- c:\windows\system32\UniBoxVB12.ocx
    2010-07-12 11:05:32 1101824 ----a-w- c:\windows\system32\UniBox210.ocx
    2010-07-12 11:05:26 -------- d-----w- c:\program files\common files\PC Tools
    2010-07-11 16:30:25 16856 ----a-w- c:\program files\mozilla firefox\plugin-container.exe
    2010-07-11 16:30:24 719832 ----a-w- c:\program files\mozilla firefox\mozcpp19.dll
    2010-06-20 23:33:01 -------- d-----w- c:\windows\.jagex_cache_32
    2010-06-18 17:45:17 293376 -c----w- c:\windows\system32\dllcache\winsrv.dll
    2010-06-11 23:41:29 -------- d-----w- c:\docume~1\alluse~1\applic~1\{429CAD59-35B1-4DBC-BB6D-1DB246563521}
    2010-06-11 20:39:27 743424 -c----w- c:\windows\system32\dllcache\iedvtool.dll
    2010-05-23 02:01:19 -------- d-----w- c:\docume~1\alluse~1\applic~1\DivX
    2010-04-26 22:04:42 353592 ----a-w- c:\windows\system32\DivXControlPanelApplet.cpl
    2010-04-25 05:17:51 -------- d-----w- c:\program files\Microsoft CAPICOM 2.1.0.2
    2010-04-23 20:32:33 -------- d-----w- c:\docume~1\shaina\locals~1\applic~1\LogiShrd
    2010-04-23 20:31:27 6756632 ----a-w- c:\windows\system32\drivers\lvuvc.sys
    2010-04-23 20:31:27 539160 ----a-w- c:\windows\system32\LVUI2RC.dll
    2010-04-23 20:31:27 539160 ----a-w- c:\windows\system32\LVUI2.dll
    2010-04-23 20:31:27 416280 ----a-w- c:\windows\system32\lvcodec2.dll
    2010-04-23 20:31:04 34068 ----a-w- c:\windows\system32\Repository.reg
    2010-04-23 20:31:04 266008 ----a-w- c:\windows\system32\drivers\lvrs.sys
    2010-04-23 20:31:04 199192 ----a-w- c:\windows\system32\lvci12101110.dll
    2010-04-23 20:30:44 23832 ----a-w- c:\windows\system32\drivers\lvuvcflt.sys
    2010-04-20 05:30:08 290048 -c----w- c:\windows\system32\dllcache\atmfd.dll
    2010-04-16 15:36:56 406016 -c----w- c:\windows\system32\dllcache\usp10.dll
    2010-04-08 23:03:38 569397 ----a-w- c:\program files\internet explorer\plugins\richfx\player\nprfxins.dll
    2010-03-31 04:16:34 99176 ----a-w- c:\windows\system32\PresentationHostProxy.dll
    2010-03-31 04:10:40 295264 ----a-w- c:\windows\system32\PresentationHost.exe
    2010-03-30 16:24:40 317440 -c----w- c:\windows\system32\dllcache\mp4sdecd.dll
    2010-03-17 13:15:14 -------- d-----w- c:\docume~1\shaina\applic~1\Lala Music Mover
    2010-03-10 19:29:32 94208 ----a-w- c:\windows\system32\dpl100.dll
    2010-03-10 06:23:55 3558912 -c----w- c:\windows\system32\dllcache\moviemk.exe
    2010-03-05 14:37:40 65536 -c----w- c:\windows\system32\dllcache\asycfilt.dll
    2010-02-19 19:27:36 720384 ----a-w- c:\windows\system32\DivX.dll
    2010-02-19 19:27:16 856064 ----a-w- c:\windows\system32\divx_xx0c.dll
    2010-02-19 19:27:16 856064 ----a-w- c:\windows\system32\divx_xx07.dll
    2010-02-19 19:27:16 847872 ----a-w- c:\windows\system32\divx_xx0a.dll
    2010-02-19 19:27:16 843776 ----a-w- c:\windows\system32\divx_xx16.dll
    2010-02-19 19:27:16 839680 ----a-w- c:\windows\system32\divx_xx11.dll
    2010-02-12 04:33:11 100864 -c----w- c:\windows\system32\dllcache\6to4svc.dll
    2010-01-29 14:43:39 307260 ----a-w- c:\windows\system32\l3codeca.acm
    2010-01-21 00:38:04 -------- d-----w- c:\program files\Amazon
    2010-01-13 14:01:25 86016 -c----w- c:\windows\system32\dllcache\cabview.dll
    2010-01-12 18:53:25 471552 -c----w- c:\windows\system32\dllcache\aclayers.dll
    2009-12-24 06:59:40 177664 -c----w- c:\windows\system32\dllcache\wintrust.dll
    2009-12-16 18:43:27 343040 -c----w- c:\windows\system32\dllcache\mspaint.exe
    2009-12-14 07:08:23 33280 -c----w- c:\windows\system32\dllcache\csrsrv.dll
    2009-12-07 00:13:46 -------- d-----w- c:\docume~1\shaina\applic~1\Gleim
    2009-12-06 14:42:05 398744 ----a-r- c:\windows\system32\cpnprt2.cid
    2009-12-06 14:41:59 -------- d-----w- c:\windows\Cache
    2009-12-06 14:41:55 -------- d-----w- c:\program files\Coupons
    2009-11-27 16:07:34 11264 -c----w- c:\windows\system32\dllcache\msrle32.dll
    2009-11-11 02:01:16 -------- d-----w- c:\documents and settings\shaina\.jordan
    2009-11-10 04:21:04 91552 ----a-w- c:\program files\mozilla firefox\plugins\npMozCouponPrinter.dll
    2009-11-10 04:21:04 91552 ----a-w- c:\program files\mozilla firefox\plugins\npCouponPrinter.dll
    2009-11-10 04:21:03 68824 ----a-w- c:\windows\CouponPrinter.ocx
    2009-11-07 05:07:08 49488 ----a-w- c:\windows\system32\netfxperf.dll
    2009-11-07 05:07:04 297808 ----a-w- c:\windows\system32\mscoree.dll
    2009-11-07 05:06:46 1130824 ----a-w- c:\windows\system32\dfshim.dll
    2009-10-25 15:51:17 -------- d-----w- c:\docume~1\shaina\locals~1\applic~1\Opera
    2009-10-21 05:38:36 75776 -c----w- c:\windows\system32\dllcache\strmfilt.dll
    2009-10-21 05:38:36 25088 -c----w- c:\windows\system32\dllcache\httpapi.dll
    2009-10-20 16:20:16 265728 -c----w- c:\windows\system32\dllcache\http.sys
    2009-10-14 17:41:08 322392 ----a-w- c:\windows\system32\wiaaut.dll
    2009-10-13 23:45:51 -------- d-----w- c:\documents and settings\shaina\.thumbnails
    2009-10-13 23:43:40 -------- d-----w- c:\documents and settings\shaina\.gimp-2.6
    2009-10-13 10:30:16 270336 -c----w- c:\windows\system32\dllcache\oakley.dll
    2009-10-12 13:38:19 149504 -c----w- c:\windows\system32\dllcache\rastls.dll
    2009-10-12 13:38:18 79872 -c----w- c:\windows\system32\dllcache\raschap.dll
    2009-10-10 03:10:46 2594632 ----a-w- c:\program files\common files\microsoft shared\vba\vba6\VBE6.DLL
    2009-10-07 05:46:36 25752 ----a-w- c:\windows\system32\drivers\LVPr2Mon.sys
    2009-10-07 05:23:08 13584 ----a-w- c:\windows\system32\drivers\iKeyLFT2.dll
    2009-09-25 16:41:34 98304 ----a-w- c:\program files\mozilla firefox\plugins\npDivxPlayerPlugin.dll
    2009-09-09 19:34:58 153088 -c----w- c:\windows\system32\dllcache\triedit.dll
    2009-09-04 21:03:36 58880 -c----w- c:\windows\system32\dllcache\msasn1.dll
    2009-08-27 22:45:00 -------- d-----w- c:\docume~1\shaina\locals~1\applic~1\Temp
    2009-08-18 20:57:27 -------- d-sh--w- c:\documents and settings\shaina\IECompatCache
    2009-08-18 03:33:52 1193832 ----a-w- c:\windows\system32\FM20.DLL
    2009-08-16 07:04:12 -------- d-----w- c:\windows\system32\XPSViewer
    2009-08-16 07:03:46 89088 ----a-w- c:\windows\system32\spool\prtprocs\w32x86\filterpipelineprintproc.dll
    2009-08-16 07:03:29 89088 -c----w- c:\windows\system32\dllcache\filterpipelineprintproc.dll
    2009-08-16 07:03:29 597504 -c----w- c:\windows\system32\dllcache\printfilterpipelinesvc.exe
    2009-08-16 07:03:29 597504 ------w- c:\windows\system32\spool\prtprocs\w32x86\printfilterpipelinesvc.exe
    2009-08-16 07:03:29 575488 -c----w- c:\windows\system32\dllcache\xpsshhdr.dll
    2009-08-16 07:03:29 575488 ------w- c:\windows\system32\xpsshhdr.dll
    2009-08-16 07:03:29 1676288 -c----w- c:\windows\system32\dllcache\xpssvcs.dll
    2009-08-16 07:03:29 1676288 ------w- c:\windows\system32\xpssvcs.dll
    2009-08-16 07:03:29 117760 ------w- c:\windows\system32\prntvpt.dll
    2009-08-16 07:03:28 -------- d-----w- C:\d9c274b78117274c21c3
    2009-08-13 03:32:59 -------- d-----w- c:\docume~1\shaina\locals~1\applic~1\Google
    2009-08-13 03:32:54 -------- d-----w- c:\program files\common files\DivX Shared
    2009-08-12 22:56:07 1315328 -c----w- c:\windows\system32\dllcache\msoe.dll
    2009-08-11 11:44:20 -------- d-----w- c:\program files\CCleaner
    2009-08-09 18:38:37 -------- d-----w- c:\program files\iPod
    2009-08-09 18:38:33 -------- d-----w- c:\program files\iTunes
    2009-08-05 09:01:48 204800 -c----w- c:\windows\system32\dllcache\mswebdvd.dll
    2009-07-29 03:44:16 602112 -c----w- c:\windows\system32\dllcache\msfeeds.dll
    2009-07-29 03:44:16 55296 -c----w- c:\windows\system32\dllcache\msfeedsbs.dll
    2009-07-21 05:05:40 1348432 ----a-w- c:\windows\system32\msxml4.dll
    2009-07-19 01:45:34 -------- d-sh--w- c:\documents and settings\shaina\PrivacIE
    2009-07-17 19:01:06 58880 -c----w- c:\windows\system32\dllcache\atl.dll
    2009-07-17 16:22:18 1435648 -c----w- c:\windows\system32\dllcache\query.dll
    2009-07-12 17:11:20 670016 ----a-w- c:\program files\common files\microsoft shared\vc\msdia90.dll
    2009-07-12 02:37:20 641536 ----a-w- c:\program files\common files\microsoft shared\vc\msdia80.dll
    2009-06-26 12:19:42 -------- d-sh--w- c:\documents and settings\shaina\IETldCache
    2009-06-26 11:16:28 102912 -c----w- c:\windows\system32\dllcache\iecompat.dll
    2009-06-26 11:16:18 -------- d-----w- c:\windows\ie8updates
    2009-06-26 11:15:50 12800 -c----w- c:\windows\system32\dllcache\xpshims.dll
    2009-06-26 11:15:49 247808 -c----w- c:\windows\system32\dllcache\ieproxy.dll
    2009-06-26 11:15:49 1991680 -c----w- c:\windows\system32\dllcache\iertutil.dll
    2009-06-26 11:15:49 11080704 -c----w- c:\windows\system32\dllcache\ieframe.dll
    2009-06-26 11:14:26 -------- dc-h--w- c:\windows\ie8
    2009-06-26 10:45:41 8192 ----a-w- c:\program files\mozilla firefox\plugins\nprjplug.dll
    2009-06-26 10:45:23 140864 ----a-w- c:\program files\mozilla firefox\plugins\nppl3260.dll
    2009-06-26 10:45:18 98304 ----a-w- c:\program files\mozilla firefox\plugins\nprpjplug.dll
    2009-06-26 10:45:09 -------- d-----w- c:\program files\common files\xing shared
    2009-06-25 08:25:26 54272 -c----w- c:\windows\system32\dllcache\wdigest.dll
    2009-06-25 08:25:26 301568 -c----w- c:\windows\system32\dllcache\kerberos.dll
    2009-06-25 08:25:26 136192 -c----w- c:\windows\system32\dllcache\msv1_0.dll
    2009-06-24 11:18:41 92928 -c----w- c:\windows\system32\dllcache\ksecdd.sys
    2009-06-18 00:39:21 -------- d-----w- c:\windows\Downloaded Installations
    2009-06-18 00:35:48 -------- d-----w- c:\docume~1\shaina\locals~1\applic~1\Downloaded Installations
    2009-06-18 00:29:46 -------- d-----w- c:\program files\HALLMARK.CARD.STUDIO.2009-ADDICTION
    2009-06-18 00:25:50 -------- d-----w- c:\program files\Nitro PDF Professional 5.5.0.16 32-64bit
    2009-06-18 00:22:05 -------- d-----w- c:\docume~1\shaina\applic~1\FireShot
    2009-06-18 00:20:48 -------- d-----w- c:\program files\FireShot for IE
    2009-06-16 14:36:30 81920 -c----w- c:\windows\system32\dllcache\fontsub.dll
    2009-06-16 14:36:30 119808 -c----w- c:\windows\system32\dllcache\t2embed.dll
    2009-06-14 13:12:29 62976 -c----w- c:\windows\system32\dllcache\cdrom.sys
    2009-06-14 13:12:28 465920 -c----w- c:\windows\system32\dllcache\imapi2fs.dll
    2009-06-14 13:12:28 465920 ------w- c:\windows\system32\imapi2fs.dll
    2009-06-14 13:12:28 317952 -c----w- c:\windows\system32\dllcache\imapi2.dll
    2009-06-14 13:12:28 317952 ------w- c:\windows\system32\imapi2.dll
    2009-06-13 05:15:00 1661792 ----a-w- c:\program files\common files\microsoft shared\office12\OGL.DLL
    2009-06-12 12:31:39 76288 -c----w- c:\windows\system32\dllcache\telnet.exe
    2009-06-10 14:13:29 84992 -c----w- c:\windows\system32\dllcache\avifil32.dll
    2009-06-10 06:14:49 132096 -c----w- c:\windows\system32\dllcache\wkssvc.dll
    2009-05-13 21:07:53 -------- d-----w- c:\program files\AviSynth 2.5
    2009-05-08 21:19:29 26600 ----a-w- c:\windows\system32\drivers\GEARAspiWDM.sys
    2009-05-08 21:19:29 107368 ----a-w- c:\windows\system32\GEARAspi.dll
    2009-05-08 21:18:59 -------- d-----w- c:\docume~1\alluse~1\applic~1\{8CD7F5AF-ECFA-4793-BF40-D8F42DBFF906}
    2009-05-08 21:16:56 41984 ----a-w- c:\windows\system32\drivers\usbaapl.sys
    2009-05-08 21:16:56 4184352 ----a-w- c:\windows\system32\usbaaplrc.dll
    2009-05-07 15:32:35 345600 -c----w- c:\windows\system32\dllcache\localspl.dll
    2009-04-27 15:29:08 -------- d-----w- c:\program files\common files\Real
    2009-04-15 14:51:25 590848 -c----w- c:\windows\system32\dllcache\rpcrt4.dll
    2009-04-15 13:12:41 730112 -c----w- c:\windows\system32\dllcache\lsasrv.dll
    2009-04-15 13:12:41 718336 -c----w- c:\windows\system32\dllcache\ntdll.dll
    2009-04-15 13:12:41 617472 -c----w- c:\windows\system32\dllcache\advapi32.dll
    2009-04-15 13:12:41 473600 -c----w- c:\windows\system32\dllcache\fastprox.dll
    2009-04-15 13:12:41 453120 -c----w- c:\windows\system32\dllcache\wmiprvsd.dll
    2009-04-15 13:12:41 401408 -c----w- c:\windows\system32\dllcache\rpcss.dll
    2009-04-15 13:12:41 284160 -c----w- c:\windows\system32\dllcache\pdh.dll
    2009-04-15 13:12:41 227840 -c----w- c:\windows\system32\dllcache\wmiprvse.exe
    2009-04-15 13:12:41 110592 -c----w- c:\windows\system32\dllcache\services.exe
    2009-04-15 13:10:08 5120 ----a-w- c:\windows\system32\xpsp4res.dll
    2009-04-15 13:10:07 218112 -c----w- c:\windows\system32\dllcache\wordpad.exe
    2009-04-03 23:46:26 97640 ----a-w- c:\program files\common files\microsoft shared\office12\EXP_PDF.DLL
    2009-04-03 22:59:44 79728 ----a-w- c:\program files\common files\microsoft shared\office12\1033\xlsrvintl.dll
    2009-04-02 18:07:44 186240 ----a-w- c:\program files\common files\microsoft shared\office12\office setup controller\office.en-us\OSETUPUI.DLL
    2009-04-02 18:07:10 6540120 ----a-w- c:\program files\common files\microsoft shared\office12\office setup controller\OSETUP.DLL
    2009-04-02 18:06:52 439160 ----a-w- c:\program files\common files\microsoft shared\office12\office setup controller\SETUP.EXE
    2009-04-02 18:06:42 231848 ----a-w- c:\program files\common files\microsoft shared\office12\office setup controller\ODEPLOY.EXE
    2009-04-02 17:02:04 11632 ----a-w- c:\program files\common files\microsoft shared\office12\1033\OLBINTL.DLL
    2009-04-02 17:02:04 10339712 ----a-w- c:\program files\common files\microsoft shared\office12\1033\MSOINTL.DLL
    2009-04-02 17:02:02 45968 ----a-w- c:\program files\common files\microsoft shared\office12\office setup controller\OSETUPPS.DLL
    2009-04-02 17:02:02 14720 ----a-w- c:\program files\common files\microsoft shared\smart tag\SmartTagInstall.exe
    2009-04-02 17:02:00 552816 ----a-w- c:\program files\common files\microsoft shared\office12\OFFLB.EXE
    2009-04-02 17:02:00 17792 ----a-w- c:\program files\common files\microsoft shared\office12\OPHPROXY.DLL
    2009-04-02 17:02:00 15760 ----a-w- c:\program files\common files\microsoft shared\office12\OPTINPS.DLL
    2009-04-02 17:02:00 12616 ----a-w- c:\program files\common files\microsoft shared\office12\OFFREL.DLL
    2009-04-02 17:01:58 6637936 ----a-w- c:\program files\common files\microsoft shared\office12\MSORES.DLL
    2009-04-02 17:01:58 42864 ----a-w- c:\program files\common files\microsoft shared\office12\MSSH.DLL
    2009-04-02 17:01:46 18816 ----a-w- c:\program files\common files\microsoft shared\office12\MSMH.DLL
    2009-04-02 17:01:44 70000 ----a-w- c:\program files\common files\microsoft shared\office12\LBGHOST.DLL
    2009-04-02 17:01:44 56680 ----a-w- c:\program files\common files\microsoft shared\office12\EXP_XPS.DLL
    2009-04-02 17:01:44 177520 ----a-w- c:\program files\common files\microsoft shared\smart tag\IETAG.DLL
    2009-03-21 14:06:58 989696 -c----w- c:\windows\system32\dllcache\kernel32.dll
    2009-03-08 18:22:46 1241088 ------w- c:\windows\system32\ieframe.dll.mui
    2009-03-08 18:22:30 49152 ------w- c:\windows\system32\msrating.dll.mui
    2009-03-08 18:22:18 2560 ------w- c:\windows\system32\mshta.exe.mui
    2009-03-08 18:21:06 4096 ------w- c:\windows\system32\ie4uinit.exe.mui
    2009-03-08 18:21:06 10240 ------w- c:\windows\system32\advpack.dll.mui
    2009-03-08 18:20:54 81920 ------w- c:\windows\system32\iedkcs32.dll.mui
    2009-03-08 18:09:26 638816 -c----w- c:\windows\system32\dllcache\iexplore.exe
    2009-03-08 18:09:26 387584 -c----w- c:\windows\system32\dllcache\iedkcs32.dll
    2009-03-08 08:35:32 743424 ------w- c:\program files\internet explorer\iedvtool.dll
    2009-03-08 08:35:12 233984 ------w- c:\program files\internet explorer\jsprofilerui.dll
    2009-03-08 08:35:04 144384 ------w- c:\program files\internet explorer\ExtExport.exe
    2009-03-08 08:35:04 118272 ------w- c:\program files\internet explorer\JSProfilerCore.dll
    2009-03-08 08:35:04 102912 ------w- c:\program files\internet explorer\iecompat.dll
    2009-03-08 08:35:02 521216 ------w- c:\program files\internet explorer\jsdbgui.dll
    2009-03-08 08:35:02 121344 ------w- c:\program files\internet explorer\jsdebuggeride.dll
    2009-03-08 08:34:48 236544 -c----w- c:\windows\system32\dllcache\webcheck.dll
    2009-03-08 08:34:30 43520 -c----w- c:\windows\system32\dllcache\licmgr10.dll
    2009-03-08 08:34:28 105984 -c----w- c:\windows\system32\dllcache\url.dll
    2009-03-08 08:34:18 206848 -c----w- c:\windows\system32\dllcache\occache.dll
    2009-03-08 08:34:18 193536 -c----w- c:\windows\system32\dllcache\msrating.dll
    2009-03-08 08:33:50 247808 ------w- c:\program files\internet explorer\ieproxy.dll
    2009-03-08 08:33:48 759296 -c----w- c:\windows\system32\dllcache\VGX.dll
    2009-03-08 08:33:40 18944 -c----w- c:\windows\system32\dllcache\corpol.dll
    2009-03-08 08:33:26 25600 -c----w- c:\windows\system32\dllcache\jsproxy.dll
    2009-03-08 08:33:18 12800 ------w- c:\program files\internet explorer\xpshims.dll
    2009-03-08 08:33:08 229376 -c----w- c:\windows\system32\dllcache\ieaksie.dll
    2009-03-08 08:33:02 125952 -c----w- c:\windows\system32\dllcache\ieakeng.dll
    2009-03-08 08:32:56 72704 -c----w- c:\windows\system32\dllcache\admparse.dll
    2009-03-08 08:32:54 173568 -c----w- c:\windows\system32\dllcache\ie4uinit.exe
    2009-03-08 08:32:50 71680 -c----w- c:\windows\system32\dllcache\iesetup.dll
    2009-03-08 08:32:50 55808 -c----w- c:\windows\system32\dllcache\iernonce.dll
    2009-03-08 08:32:48 128512 -c----w- c:\windows\system32\dllcache\advpack.dll
    2009-03-08 08:32:46 94720 -c----w- c:\windows\system32\dllcache\inseng.dll
    2009-03-08 08:32:04 611840 -c----w- c:\windows\system32\dllcache\mstime.dll
    2009-03-08 08:31:56 184320 -c----w- c:\windows\system32\dllcache\iepeers.dll
    2009-03-08 08:31:44 348160 -c----w- c:\windows\system32\dllcache\dxtmsft.dll
    2009-03-08 08:31:38 34816 -c----w- c:\windows\system32\dllcache\imgutil.dll
    2009-03-08 08:31:38 216064 -c----w- c:\windows\system32\dllcache\dxtrans.dll
    2009-03-08 08:31:36 46592 -c----w- c:\windows\system32\dllcache\pngfilt.dll
    2009-03-08 08:31:26 66560 -c----w- c:\windows\system32\dllcache\mshtmled.dll
    2009-03-08 08:31:18 48128 -c----w- c:\windows\system32\dllcache\mshtmler.dll
    2009-03-08 08:31:02 45568 -c----w- c:\windows\system32\dllcache\mshta.exe
    2009-03-08 08:24:28 68608 -c----w- c:\windows\system32\dllcache\hmmapi.dll
    2009-03-06 10:10:32 47472 ----a-w- c:\program files\common files\microsoft shared\office12\MSE7.EXE
    2009-03-06 07:47:58 575416 ----a-w- c:\program files\common files\microsoft shared\office12\ACEDAO.DLL
    2009-03-06 07:47:58 47008 ----a-w- c:\program files\common files\microsoft shared\office12\ACEERR.DLL
    2009-03-06 07:47:58 190400 ----a-w- c:\program files\common files\microsoft shared\office12\ACEES.DLL
    2009-03-06 07:47:56 1759136 ----a-w- c:\program files\common files\microsoft shared\office12\ACECORE.DLL
    2009-02-14 10:04:38 756040 ----a-w- c:\program files\common files\microsoft shared\office12\MSPTLS.DLL
    2009-02-05 16:37:00 1117568 ----a-w- c:\program files\common files\microsoft shared\filters\offfiltx.dll
    2009-02-03 19:59:07 56832 -c----w- c:\windows\system32\dllcache\secur32.dll
    2009-01-07 22:20:54 134144 -c----w- c:\windows\system32\dllcache\sqmapi.dll
    2009-01-07 22:20:54 134144 ------w- c:\program files\internet explorer\sqmapi.dll
    2009-01-07 22:20:52 474112 -c----w- c:\windows\system32\dllcache\shlwapi.dll
    2009-01-07 22:20:52 1022976 -c----w- c:\windows\system32\dllcache\browseui.dll
    2009-01-07 22:20:38 24576 ----a-w- c:\windows\system32\nlsdl.dll
    2009-01-07 22:20:36 26112 ----a-w- c:\windows\system32\idndl.dll
    2009-01-07 22:20:36 23552 ----a-w- c:\windows\system32\normaliz.dll
    2009-01-07 22:20:18 355832 ------w- c:\program files\internet explorer\pdm.dll
    2009-01-07 22:20:18 265720 ----a-w- c:\windows\system32\msdbg2.dll
    2008-12-16 12:30:34 354816 -c----w- c:\windows\system32\dllcache\winhttp.dll
    2008-12-05 06:54:55 149504 -c----w- c:\windows\system32\dllcache\schannel.dll
    2008-12-04 10:00:58 969552 ----a-r- c:\program files\common files\microsoft shared\textconv\wkcvqd01.dll
    2008-12-04 10:00:58 279904 ----a-r- c:\program files\common files\microsoft shared\textconv\wkls31.dll
    2008-12-04 10:00:58 162640 ----a-r- c:\program files\common files\microsoft shared\textconv\wkcvqr01.dll
    2008-11-28 19:12:35 184320 ----a-w- c:\program files\common files\installshield\professional\runtime\11\00\intel32\iuser.dll
    2008-11-28 19:12:34 753664 ----a-w- c:\program files\common files\installshield\professional\runtime\11\00\intel32\iKernel.dll
    2008-11-28 19:12:34 69714 ----a-w- c:\program files\common files\installshield\professional\runtime\11\00\intel32\ctor.dll
    2008-11-28 19:12:34 5632 ----a-w- c:\program files\common files\installshield\professional\runtime\11\00\intel32\DotNetInstaller.exe
    2008-11-28 19:12:34 274432 ----a-w- c:\program files\common files\installshield\professional\runtime\11\00\intel32\iscript.dll
    2008-11-28 19:12:34 200836 ----a-w- c:\program files\common files\installshield\professional\runtime\11\00\intel32\iGdi.dll
    2008-11-28 19:12:33 331908 ----a-w- c:\program files\common files\installshield\professional\runtime\11\00\intel32\setup.dll
    2008-11-25 03:17:18 983944 ----a-w- c:\program files\common files\microsoft shared\web server extensions\12\bin\FPWEC.DLL
    2008-11-21 21:45:40 626688 ----a-w- c:\program files\mozilla firefox\plugins\microsoft.vc80.crt\msvcr80.dll
    2008-11-21 21:45:40 548864 ----a-w- c:\program files\mozilla firefox\plugins\microsoft.vc80.crt\msvcp80.dll
    2008-11-21 21:45:38 479232 ----a-w- c:\program files\mozilla firefox\plugins\microsoft.vc80.crt\msvcm80.dll
    2008-11-21 05:02:30 988040 ----a-w- c:\program files\common files\microsoft shared\office12\msoshext.dll
    2008-11-21 04:58:22 972632 ----a-w- c:\program files\common files\microsoft shared\web folders\MSONSEXT.DLL
    2008-11-21 04:58:20 1011544 ----a-w- c:\program files\common files\system\ole db\MSDAIPP.DLL
    2008-11-12 06:49:20 455680 -c----w- c:\windows\system32\dllcache\mrxsmb.sys
    2008-11-12 06:49:13 1172480 -c----w- c:\windows\system32\dllcache\msxml3.dll
    2008-11-10 16:38:42 27000 ----a-w- c:\program files\common files\microsoft shared\euro\MSOEURO.DLL
    2008-11-10 07:27:52 31592 ----a-w- c:\program files\common files\microsoft shared\filters\msgfilt.dll
    2008-11-04 09:06:08 208816 ----a-w- c:\program files\common files\microsoft shared\office12\ACEWSS.DLL
    2008-11-04 08:49:02 66424 ----a-w- c:\program files\common files\microsoft shared\office12\MSOMSE.DLL
    2008-11-04 08:49:02 460680 ----a-w- c:\program files\common files\microsoft shared\office12\MODHELP.DLL
    2008-11-04 08:09:04 77200 ----a-w- c:\program files\common files\microsoft shared\modi\12.0\TWSTRUCT.DLL
    2008-11-04 08:09:04 532872 ----a-w- c:\program files\common files\microsoft shared\modi\12.0\XPAGE3C.DLL
    2008-11-04 08:09:04 19840 ----a-w- c:\program files\common files\microsoft shared\modi\12.0\TWRECS.DLL
    2008-11-04 08:09:04 1196944 ----a-w- c:\program files\common files\microsoft shared\modi\12.0\XIMAGE3B.DLL
    2008-11-04 08:09:02 58224 ----a-w- c:\program files\common files\microsoft shared\modi\12.0\TWLAY32.DLL
    2008-11-04 08:09:02 51576 ----a-w- c:\program files\common files\microsoft shared\modi\12.0\TWRECE.DLL
    2008-11-04 08:09:02 33656 ----a-w- c:\program files\common files\microsoft shared\modi\12.0\TWRECC.DLL
    2008-11-04 08:09:02 27520 ----a-w- c:\program files\common files\microsoft shared\modi\12.0\TWORIENT.DLL
    2008-11-04 08:09:00 87928 ----a-w- c:\program files\common files\microsoft shared\modi\12.0\TWCUTLIN.DLL
    2008-11-04 08:09:00 127360 ----a-w- c:\program files\common files\microsoft shared\modi\12.0\TWCUTCHR.DLL
    2008-11-04 08:08:58 77208 ----a-w- c:\program files\common files\microsoft shared\modi\12.0\PSOM.DLL
    2008-11-04 08:08:58 76152 ----a-w- c:\program files\common files\microsoft shared\modi\12.0\FORM.DLL
    2008-11-04 08:08:58 30032 ----a-w- c:\program files\common files\microsoft shared\modi\12.0\THOCRAPI.DLL
    2008-11-04 08:08:58 20360 ----a-w- c:\program files\common files\microsoft shared\modi\12.0\BINDER.DLL
    2008-11-04 08:08:58 19840 ----a-w- c:\program files\common files\microsoft shared\modi\12.0\REVERSE.DLL
    2008-11-04 07:00:08 1079136 ----a-w- c:\program files\common files\microsoft shared\office12\RICHED20.DLL
    2008-11-04 06:44:24 814464 ----a-w- c:\program files\common files\microsoft shared\dw\DW20.EXE
    2008-11-04 06:44:24 439632 ----a-w- c:\program files\common files\microsoft shared\dw\DWDCW20.DLL
    2008-11-04 06:44:24 435096 ----a-w- c:\program files\common files\microsoft shared\dw\DWTRIG20.EXE
    2008-11-04 06:06:30 2872688 ----a-w- c:\program files\common files\microsoft shared\office12\OFFDIAG.EXE
    2008-11-04 06:06:28 441712 ----a-w- c:\program files\common files\microsoft shared\office12\ODSERV.EXE
    2008-11-04 04:39:44 179128 ----a-w- c:\program files\common files\microsoft shared\office12\1033\ACEINTL.DLL
    2008-11-04 03:37:08 50040 ----a-w- c:\program files\common files\system\msmapi\1033\MSMAPI32.DLL
    2008-10-26 10:42:18 16216 ----a-w- c:\program files\common files\microsoft shared\portal\1033\PortalConnect.dll
    2008-10-26 10:42:16 482656 ----a-w- c:\program files\common files\microsoft shared\portal\PortalConnectCore.dll
    2008-10-25 18:39:38 290632 ----a-w- c:\program files\common files\microsoft shared\msclientdatamgr\MSCDM.DLL
    2008-10-25 14:27:54 44408 ----a-w- c:\program files\common files\microsoft shared\office12\MSOXMLMF.DLL
    2008-10-25 11:38:38 145224 ----a-w- c:\program files\common files\microsoft shared\office12\1033\ALRTINTL.DLL
    2008-10-25 11:18:52 89464 ----a-w- c:\program files\common files\microsoft shared\smart tag\METCONV.DLL
    2008-10-25 10:31:28 15224 ----a-w- c:\program files\common files\microsoft shared\office12\ACEODTXT.DLL
    2008-10-25 10:31:28 15224 ----a-w- c:\program files\common files\microsoft shared\office12\ACEODPDX.DLL
    2008-10-25 10:31:28 15224 ----a-w- c:\program files\common files\microsoft shared\office12\ACEODEXL.DLL
    2008-10-25 10:31:28 15224 ----a-w- c:\program files\common files\microsoft shared\office12\ACEODDBS.DLL
    2008-10-25 08:38:36 1682800 ----a-w- c:\program files\common files\microsoft shared\web server extensions\12\bin\FPSRVUTL.DLL
    2008-10-25 03:50:52 436584 ----a-w- c:\program files\common files\microsoft shared\msorun\MSORUN.DLL
    2008-10-25 03:21:26 505192 ----a-w- c:\program files\common files\microsoft shared\office12\MSSOAP30.DLL
    2008-10-23 23:59:47 337408 -c----w- c:\windows\system32\dllcache\netapi32.dll
    2008-10-23 12:36:14 286720 -c----w- c:\windows\system32\dllcache\gdi32.dll
    2008-10-15 02:51:37 357248 -c----w- c:\windows\system32\dllcache\srv.sys
    2008-10-15 02:51:33 1854976 -c----w- c:\windows\system32\dllcache\win32k.sys
    2008-10-15 02:51:25 2148864 -c----w- c:\windows\system32\dllcache\ntkrnlmp.exe
    2008-10-15 02:51:24 2192768 -c----w- c:\windows\system32\dllcache\ntoskrnl.exe
    2008-10-15 02:51:24 2069376 -c----w- c:\windows\system32\dllcache\ntkrnlpa.exe
    2008-10-15 02:51:24 2027008 -c----w- c:\windows\system32\dllcache\ntkrpamp.exe
    2008-10-12 00:09:21 -------- d-----w- c:\program files\NCH Software
    2008-10-11 23:59:25 -------- d-----w- c:\program files\NCH Swift Sound
    2008-09-18 03:17:08 1425912 ----a-w- c:\program files\common files\microsoft shared\office11\msxml5.dll
    2008-08-31 01:21:24 -------- d-----w- c:\windows\system32\scripting
    2008-08-31 01:21:23 -------- d-----w- c:\windows\system32\en
    2008-08-31 01:21:23 -------- d-----w- c:\windows\system32\bits
    2008-08-31 01:21:23 -------- d-----w- c:\windows\l2schemas
    2008-08-31 01:19:49 -------- d-----w- c:\windows\ServicePackFiles
    2008-08-31 01:18:05 -------- d-----w- c:\windows\network diagnostic
    2008-08-31 01:14:44 -------- d-----w- c:\windows\EHome
    2008-08-26 03:50:22 155648 ----a-w- c:\program files\common files\microsoft shared\vba\vba6\1033\VBE6INTL.DLL
    2008-08-22 20:30:02 276992 ------w- c:\windows\system32\wmphoto.dll
    2008-08-22 20:30:01 69120 ------w- c:\windows\system32\wlanapi.dll
    2008-08-14 22:45:47 692736 -c----w- c:\windows\system32\dllcache\inetcomm.dll
    2008-08-03 15:37:36 36864 ----a-w- c:\windows\system32\sddevmgr.dll
    2008-08-01 00:39:24 -------- d-----w- c:\program files\Orban
    2008-07-30 01:10:04 73720 ----a-w- c:\windows\system32\dxva2.dll
    2008-07-30 01:10:04 493048 ----a-w- c:\windows\system32\evr.dll
    2008-07-30 01:10:04 26112 ----a-w- c:\windows\system32\TsWpfWrp.exe
    2008-07-29 23:59:58 781344 ----a-w- c:\windows\system32\PresentationNative_v0300.dll
    2008-07-29 23:59:58 161296 ----a-w- c:\windows\system32\UIAutomationCore.dll
    2008-07-29 23:59:58 105016 ----a-w- c:\windows\system32\PresentationCFFRasterizerNative_v0300.dll
    2008-07-29 23:24:50 97800 ----a-w- c:\windows\system32\infocardapi.dll
    2008-07-29 23:24:50 622080 ----a-w- c:\windows\system32\icardagt.exe
    2008-07-29 23:24:50 37384 ----a-w- c:\windows\system32\infocardcpl.cpl
    2008-07-29 23:24:50 11264 ----a-w- c:\windows\system32\icardres.dll
    2008-07-29 09:49:58 586240 ----a-w- c:\windows\system32\icardres.dll.mui
    2008-07-25 15:16:58 83968 ----a-w- c:\windows\system32\mscories.dll
    2008-07-25 15:16:58 158720 ----a-w- c:\windows\system32\mscorier.dll
    2008-07-25 15:16:58 158720 ----a-w- c:\program files\internet explorer\mui\0409\mscorier.dll
    2008-07-23 16:50:52 3596288 ----a-w- c:\windows\system32\qt-dx331.dll
    2008-07-07 20:26:58 253952 -c----w- c:\windows\system32\dllcache\es.dll
    2008-06-26 08:15:30 1210880 -c----w- c:\windows\system32\dllcache\urlmon.dll
    2008-06-26 08:15:29 1499136 -c----w- c:\windows\system32\dllcache\shdocvw.dll
    2008-06-24 16:43:16 74240 -c----w- c:\windows\system32\dllcache\mscms.dll
    2008-06-20 17:46:57 245248 -c----w- c:\windows\system32\dllcache\mswsock.dll
    2008-06-20 17:46:57 147968 -c----w- c:\windows\system32\dllcache\dnsapi.dll
    2008-06-20 11:51:12 361600 -c----w- c:\windows\system32\dllcache\tcpip.sys
    2008-06-20 11:40:08 138496 -c----w- c:\windows\system32\dllcache\afd.sys
    2008-06-20 11:08:27 226880 -c----w- c:\windows\system32\dllcache\tcpip6.sys
    2008-06-19 00:30:28 -------- d-----w- c:\docume~1\shaina\locals~1\applic~1\WMTools Downloaded Files
    2008-06-18 02:50:20 25048 ----a-w- c:\program files\mozilla firefox\components\browserdirprovider.dll
    2008-06-18 02:50:20 140248 ----a-w- c:\program files\mozilla firefox\components\brwsrcmp.dll
    2008-06-18 02:50:19 11775448 ----a-w- c:\program files\mozilla firefox\xul.dll
    2008-06-18 02:50:18 98304 ----a-w- c:\program files\mozilla firefox\nssdbm3.dll
    2008-06-18 02:50:18 89048 ----a-w- c:\program files\mozilla firefox\nssutil3.dll
    2008-06-18 02:50:18 719832 ----a-w- c:\program files\mozilla firefox\mozcrt19.dll
    2008-06-18 02:50:18 492504 ----a-w- c:\program files\mozilla firefox\sqlite3.dll
    2008-06-18 02:50:18 107480 ----a-w- c:\program files\mozilla firefox\crashreporter.exe
    2008-06-18 02:28:35 5632 ----a-w- c:\windows\system32\ptpusb.dll
    2008-06-18 02:28:34 159232 ----a-w- c:\windows\system32\ptpusd.dll
    2008-06-17 19:02:19 8462336 -c----w- c:\windows\system32\dllcache\shell32.dll
    2008-06-13 00:27:45 203136 -c----w- c:\windows\system32\dllcache\rmcast.sys
    2008-06-13 00:27:25 272128 -c----w- c:\windows\system32\dllcache\bthport.sys
    2008-06-13 00:27:25 272128 ------w- c:\windows\system32\drivers\bthport.sys
    2008-06-12 14:23:32 956928 -c----w- c:\windows\system32\dllcache\msdtctm.dll
    2008-06-12 14:23:32 91648 -c----w- c:\windows\system32\dllcache\mtxoci.dll
    2008-06-12 14:23:32 66560 -c----w- c:\windows\system32\dllcache\mtxclu.dll
    2008-06-12 14:23:32 58880 -c----w- c:\windows\system32\dllcache\msdtclog.dll
    2008-06-12 14:23:32 428032 -c----w- c:\windows\system32\dllcache\msdtcprx.dll
    2008-06-12 14:23:32 161792 -c----w- c:\windows\system32\dllcache\msdtcuiu.dll
    2008-05-09 11:54:12 376832 ----a-w- c:\program files\mozilla firefox\plugins\npsnapfish.dll
    2008-05-09 10:53:40 90112 -c----w- c:\windows\system32\dllcache\wshext.dll
    2008-05-09 10:53:40 420352 -c--a-w- c:\windows\system32\dllcache\vbscript.dll
    2008-05-09 10:53:40 172032 -c----w- c:\windows\system32\dllcache\scrrun.dll
    2008-05-09 10:53:39 726528 -c--a-w- c:\windows\system32\dllcache\jscript.dll
    2008-05-09 10:53:39 180224 -c----w- c:\windows\system32\dllcache\scrobj.dll
    2008-05-08 11:24:44 155648 -c----w- c:\windows\system32\dllcache\wscript.exe
    2008-05-07 09:07:23 135168 -c----w- c:\windows\system32\dllcache\cscript.exe
    2008-05-07 05:12:40 1291776 -c----w- c:\windows\system32\dllcache\quartz.dll
    2008-05-02 21:39:20 -------- d-----w- c:\docume~1\shaina\locals~1\applic~1\Apple
    2008-05-02 21:39:10 -------- d-----w- c:\docume~1\shaina\locals~1\applic~1\Apple Computer
    2008-04-21 06:44:29 916480 -c----w- c:\windows\system32\dllcache\wininet.dll
    2008-04-21 06:44:29 5961216 -c----w- c:\windows\system32\dllcache\mshtml.dll
    2008-03-28 01:00:00 -------- d-----w- c:\docume~1\shaina\applic~1\DVD Flick
    2008-03-28 00:59:39 81920 ----a-w- c:\windows\system32\mbmouse.ocx
    2008-03-28 00:59:39 36864 ----a-w- c:\windows\system32\trayicon.ocx
    2008-03-28 00:59:38 212240 ----a-w- c:\windows\system32\richtx32.ocx
    2008-03-28 00:59:38 -------- d-----w- c:\program files\DVD Flick
    2008-03-28 00:40:45 25856 ----a-w- c:\windows\system32\drivers\usbprint.sys
    2008-03-28 00:40:36 15104 ----a-w- c:\windows\system32\drivers\usbscan.sys
    2008-03-28 00:40:32 32128 -c--a-w- c:\windows\system32\dllcache\usbccgp.sys
    2008-03-28 00:40:32 32128 ----a-w- c:\windows\system32\drivers\usbccgp.sys
    2008-03-27 23:04:56 -------- d-----w- c:\program files\common files\CANON
    2008-03-27 23:01:33 69632 ----a-w- c:\windows\system32\spool\prtprocs\w32x86\CNMPP8S.DLL
    2008-03-27 23:01:33 27136 ----a-w- c:\windows\system32\spool\prtprocs\w32x86\CNMPD8S.DLL
    2008-03-27 23:01:32 215040 ----a-w- c:\windows\system32\CNMLM8S.DLL
    2008-03-27 23:01:25 98304 ----a-w- c:\windows\system32\CNC210I.DLL
    2008-03-27 23:01:25 200704 ----a-w- c:\windows\system32\CNC210L.DLL
    2008-03-27 23:01:25 188416 ----a-w- c:\windows\system32\CNC210O.DLL
    2008-03-27 23:01:25 1400832 ----a-w- c:\windows\system32\CNC210C.DLL
    2008-03-27 23:00:12 -------- d-----w- c:\program files\Canon
    2008-03-27 01:43:09 -------- d-sh--w- c:\documents and settings\shaina\UserData
    2008-03-21 01:46:26 22168 ----a-w- c:\windows\system32\dopdfmn6.dll
    2008-03-21 01:46:26 18072 ----a-w- c:\windows\system32\dopdfmi6.dll
    2008-03-21 01:46:24 -------- d-----w- c:\program files\Softland
    2008-03-21 01:41:12 663072 ----a-w- c:\program files\mozilla firefox\plugins\npOGAPlugin.dll
    2008-03-19 03:08:42 -------- d-----w- c:\docume~1\shaina\applic~1\Broderbund
    2008-03-19 02:12:33 -------- d-----w- c:\program files\Broderbund
    2008-03-19 02:12:33 -------- d-----w- c:\docume~1\alluse~1\applic~1\Broderbund
    2008-03-19 02:12:32 274432 ----a-w- c:\windows\TLCUninstall.exe
    2008-03-19 02:12:17 306688 ----a-w- c:\windows\IsUninst.exe
    2008-03-18 23:33:08 -------- d-----w- c:\program files\common files\AnswerWorks 5.0
    2008-03-18 23:32:59 3518464 ----a-w- c:\windows\system32\cdintf300.dll
    2008-03-18 23:32:59 1843200 ----a-w- c:\windows\system32\acXMLParser.dll
    2008-03-18 23:32:49 -------- d-----w- c:\docume~1\shaina\applic~1\Intuit
    2008-03-18 23:32:27 -------- d-----w- c:\program files\Quicken
    2008-03-18 23:32:11 -------- d-----w- c:\docume~1\alluse~1\applic~1\Intuit
    2008-03-18 23:26:09 -------- d-----w- c:\program files\MagicISO
    2008-03-10 22:01:43 7552 -c--a-w- c:\windows\system32\dllcache\sonypvu1.sys
    2008-03-10 22:01:43 7552 ----a-w- c:\windows\system32\drivers\SONYPVU1.SYS
    2008-03-02 22:55:33 133616 ------w- c:\windows\system32\pxafs.dll
    2008-03-02 22:55:33 125424 ------w- c:\windows\system32\pxinsi64.exe
    2008-03-02 22:55:33 123888 ------w- c:\windows\system32\pxcpyi64.exe
    2008-02-28 23:17:21 215920 ----a-w- c:\windows\system32\muweb.dll
    2008-02-28 23:17:21 16736 ----a-w- c:\windows\system32\mucltui.dll.mui
    2008-02-28 23:17:20 274288 ----a-w- c:\windows\system32\mucltui.dll
    2008-02-28 23:15:33 33104 ----a-w- c:\windows\system32\spool\prtprocs\w32x86\msonpppr.dll
    2008-02-28 23:15:33 32656 ----a-w- c:\windows\system32\msonpmon.dll
    2008-02-28 23:11:14 -------- d-----w- c:\windows\SHELLNEW
    2008-02-28 23:10:37 -------- d-----w- c:\docume~1\shaina\locals~1\applic~1\Microsoft Help
    2008-02-10 17:36:47 -------- d-----w- c:\windows\SxsCaPendDel
    2008-01-29 04:20:42 -------- d-----w- C:\MDT
    2008-01-29 04:17:16 -------- d-----w- c:\program files\VideoLAN
    2008-01-22 03:26:33 -------- d-----w- c:\docume~1\shaina\locals~1\applic~1\Adobe
    2008-01-21 23:47:13 -------- d-----w- c:\program files\DivX
    2008-01-20 22:06:09 1559040 ----a-w- c:\windows\system32\xvidcore.dll
    2008-01-20 22:06:09 -------- d-----w- c:\program files\K-Lite Codec Pack
    2008-01-20 22:05:31 2625445 ----a-w- c:\program files\klcodec365b.exe
    2008-01-20 18:03:07 -------- d-----w- c:\program files\Windows Media Connect 2
    2008-01-20 18:02:30 -------- d-----w- c:\windows\system32\LogFiles
    2008-01-20 17:39:28 -------- d-----w- c:\docume~1\shaina\applic~1\.ABC
    2008-01-20 17:38:32 -------- d-----w- c:\program files\ABC
    2008-01-20 17:24:26 73728 ----a-w- c:\windows\system32\javacpl.cpl
    2008-01-20 17:17:25 -------- d-----w- c:\docume~1\shaina\applic~1\Grisoft

    ==================== Find3M ====================

    2011-01-21 14:44:37 439296 ----a-w- c:\windows\system32\shimgvw.dll
    2011-01-07 14:09:02 290048 ----a-w- c:\windows\system32\atmfd.dll
    2011-01-03 15:02:36 26112 ----a-w- c:\windows\system32\userinit.exe
    2010-12-31 13:10:33 1854976 ----a-w- c:\windows\system32\win32k.sys
    2010-12-22 12:34:28 301568 ----a-w- c:\windows\system32\kerberos.dll
    2010-12-20 23:59:20 916480 ----a-w- c:\windows\system32\wininet.dll
    2010-12-20 23:59:19 43520 ----a-w- c:\windows\system32\licmgr10.dll
    2010-12-20 23:59:19 1469440 ------w- c:\windows\system32\inetcpl.cpl
    2010-12-20 17:26:00 730112 ----a-w- c:\windows\system32\lsasrv.dll
    2010-12-20 12:55:26 385024 ----a-w- c:\windows\system32\html.iec
    2010-12-09 15:15:09 718336 ----a-w- c:\windows\system32\ntdll.dll
    2010-12-09 14:30:22 33280 ----a-w- c:\windows\system32\csrsrv.dll
    2010-12-09 13:42:26 2148864 ----a-w- c:\windows\system32\ntoskrnl.exe
    2010-12-09 13:07:07 2027008 ----a-w- c:\windows\system32\ntkrnlpa.exe
    2010-11-18 18:12:44 81920 ----a-w- c:\windows\system32\isign32.dll
    2010-11-09 14:52:35 249856 ----a-w- c:\windows\system32\odbc32.dll
    2010-09-18 16:23:26 974848 ----a-w- c:\windows\system32\mfc42u.dll
    2010-09-18 06:53:25 974848 ----a-w- c:\windows\system32\mfc42.dll
    2010-09-18 06:53:25 954368 ----a-w- c:\windows\system32\mfc40.dll
    2010-09-18 06:53:25 953856 ----a-w- c:\windows\system32\mfc40u.dll
    2010-08-27 08:02:29 119808 ----a-w- c:\windows\system32\t2embed.dll
    2010-08-27 05:57:43 99840 ----a-w- c:\windows\system32\srvsvc.dll
    2010-08-23 16:12:04 617472 ----a-w- c:\windows\system32\comctl32.dll
    2010-08-17 13:17:06 58880 ----a-w- c:\windows\system32\spoolsv.exe
    2010-08-16 08:45:00 590848 ----a-w- c:\windows\system32\rpcrt4.dll
    2010-07-16 12:05:55 1288192 ----a-w- c:\windows\system32\ole32.dll
    2010-06-30 12:31:35 149504 ----a-w- c:\windows\system32\schannel.dll
    2010-06-18 17:45:17 293376 ----a-w- c:\windows\system32\winsrv.dll
    2010-06-17 14:03:00 80384 ----a-w- c:\windows\system32\iccvid.dll
    2010-06-15 16:17:24 143422 ----a-w- c:\windows\system32\l3codecx.ax
    2010-06-14 14:31:20 744448 ----a-w- c:\windows\pchealth\helpctr\binaries\helpsvc.exe
    2010-06-14 07:41:45 1172480 ----a-w- c:\windows\system32\msxml3.dll
    2010-06-09 07:43:36 692736 ----a-w- c:\windows\system32\inetcomm.dll
    2010-04-16 15:36:56 406016 ----a-w- c:\windows\system32\usp10.dll
    2010-03-30 16:24:40 317440 ------w- c:\windows\system32\mp4sdecd.dll
    2010-03-30 04:52:26 262416 ----a-w- c:\windows\system32\mpg4ds32.ax
    2010-03-10 06:15:52 420352 ----a-w- c:\windows\system32\vbscript.dll
    2010-03-05 14:37:40 65536 ----a-w- c:\windows\system32\asycfilt.dll
    2010-02-12 04:33:11 100864 ----a-w- c:\windows\system32\6to4svc.dll
    2010-02-05 18:27:45 1291776 ----a-w- c:\windows\system32\quartz.dll
    2010-01-13 14:01:25 86016 ----a-w- c:\windows\system32\cabview.dll
    2009-12-24 06:59:40 177664 ----a-w- c:\windows\system32\wintrust.dll
    2009-12-16 18:43:27 343040 ----a-w- c:\windows\system32\mspaint.exe
    2009-11-27 17:11:44 17920 ----a-w- c:\windows\system32\msyuv.dll
    2009-11-27 16:07:35 8704 ----a-w- c:\windows\system32\tsbyuv.dll
    2009-11-27 16:07:35 28672 ----a-w- c:\windows\system32\msvidc32.dll
    2009-11-27 16:07:34 84992 ----a-w- c:\windows\system32\avifil32.dll
    2009-11-27 16:07:34 48128 ----a-w- c:\windows\system32\iyuv_32.dll
    2009-11-27 16:07:34 11264 ----a-w- c:\windows\system32\msrle32.dll
    2009-11-21 15:51:04 471552 ----a-w- c:\windows\apppatch\aclayers.dll
    2009-10-21 05:38:36 75776 ----a-w- c:\windows\system32\strmfilt.dll
    2009-10-21 05:38:36 25088 ----a-w- c:\windows\system32\httpapi.dll
    2009-10-15 16:28:26 81920 ----a-w- c:\windows\system32\fontsub.dll
    2009-10-13 10:30:16 270336 ----a-w- c:\windows\system32\oakley.dll
    2009-10-12 13:38:19 149504 ----a-w- c:\windows\system32\rastls.dll
    2009-10-12 13:38:18 79872 ----a-w- c:\windows\system32\raschap.dll
    2009-09-11 14:18:39 136192 ----a-w- c:\windows\system32\msv1_0.dll
    2009-09-04 21:03:36 58880 ----a-w- c:\windows\system32\msasn1.dll
    2009-09-01 14:46:07 282654 ----a-w- c:\windows\system32\msaud32.acm
    2009-08-26 08:00:21 247326 ----a-w- c:\windows\system32\strmdll.dll
    2009-08-25 09:17:27 354816 ----a-w- c:\windows\system32\winhttp.dll
    2009-08-06 23:24:18 21728 ----a-w- c:\windows\system32\wucltui.dll.mui
    2009-08-06 23:24:12 15072 ----a-w- c:\windows\system32\wuaucpl.cpl.mui
    2009-08-06 23:24:10 217816 ----a-w- c:\windows\system32\wuaucpl.cpl
    2009-08-06 23:24:06 15064 ----a-w- c:\windows\system32\wuapi.dll.mui
    2009-08-06 23:24:00 17632 ----a-w- c:\windows\system32\wuaueng.dll.mui
    2009-08-05 09:01:48 204800 ----a-w- c:\windows\system32\mswebdvd.dll
    2009-07-31 15:05:44 1372672 ------w- c:\windows\system32\msxml6.dll
    2009-07-17 19:01:06 58880 ----a-w- c:\windows\system32\atl.dll
    2009-07-17 16:22:18 1435648 ----a-w- c:\windows\system32\query.dll
    2009-07-14 03:43:24 286208 ----a-w- c:\windows\system32\wmpdxm.dll
    2009-06-25 08:25:26 56832 ----a-w- c:\windows\system32\secur32.dll
    2009-06-25 08:25:26 54272 ----a-w- c:\windows\system32\wdigest.dll
    2009-06-12 12:31:39 76288 ----a-w- c:\windows\system32\telnet.exe
    2009-06-10 13:19:38 2066432 ----a-w- c:\windows\system32\mstscax.dll
    2009-06-10 06:14:49 132096 ----a-w- c:\windows\system32\wkssvc.dll
    2009-05-07 15:32:35 345600 ----a-w- c:\windows\system32\localspl.dll
    2009-04-02 03:02:22 604160 ----a-w- c:\windows\system32\wmspdmod.dll
    2009-03-08 08:33:40 18944 ----a-w- c:\windows\system32\corpol.dll
    2009-03-08 08:32:56 72704 ----a-w- c:\windows\system32\admparse.dll
    2009-03-08 08:32:50 71680 ----a-w- c:\windows\system32\iesetup.dll
    2009-03-08 08:31:38 34816 ----a-w- c:\windows\system32\imgutil.dll
    2009-03-08 08:31:18 48128 ----a-w- c:\windows\system32\mshtmler.dll
    2009-03-08 08:31:02 45568 ----a-w- c:\windows\system32\mshta.exe
    2009-03-08 08:31:02 1638912 ----a-w- c:\windows\system32\mshtml.tlb
    2009-03-08 08:30:56 66560 ----a-w- c:\windows\system32\tdc.ocx
    2009-03-08 08:22:38 156160 ----a-w- c:\windows\system32\msls31.dll
    2009-03-06 14:22:18 284160 ----a-w- c:\windows\system32\pdh.dll
    2009-02-09 12:10:48 617472 ----a-w- c:\windows\system32\advapi32.dll
    2009-02-09 12:10:48 473600 ----a-w- c:\windows\system32\wbem\fastprox.dll
    2009-02-09 12:10:48 453120 ----a-w- c:\windows\system32\wbem\wmiprvsd.dll
    2009-02-09 12:10:48 401408 ----a-w- c:\windows\system32\rpcss.dll
    2009-02-06 11:11:05 110592 ----a-w- c:\windows\system32\services.exe
    2009-02-06 10:39:08 35328 ----a-w- c:\windows\system32\sc.exe
    2009-02-06 10:10:02 227840 ----a-w- c:\windows\system32\wbem\wmiprvse.exe
    2009-01-07 22:21:00 26144 ----a-w- c:\windows\system32\spupdsvc.exe
    2008-10-26 09:00:00 69632 ----a-w- c:\windows\system32\spool\prtprocs\w32x86\CNMPP9N.DLL
    2008-10-26 09:00:00 27136 ----a-w- c:\windows\system32\spool\prtprocs\w32x86\CNMPD9N.DLL
    2008-10-26 09:00:00 236032 ----a-w- c:\windows\system32\CNMLM9N.DLL
    2008-10-23 12:36:14 286720 ----a-w- c:\windows\system32\gdi32.dll

    ============= FINISH: 23:20:35.20 ===============
     
  5. merenwen

    merenwen TS Rookie Topic Starter Posts: 35

    UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
    IF REQUESTED, ZIP IT UP & ATTACH IT

    DDS (Ver_10-12-12.02)

    Microsoft Windows XP Home Edition
    Boot Device: \Device\HarddiskVolume1
    Install Date: 1/20/2008 11:39:09 AM
    System Uptime: 1/1/2007 11:14:06 PM (0 hours ago)

    Motherboard: Dell Inc. | | 0CU409
    Processor: Intel(R) Core(TM)2 Duo CPU E4500 @ 2.20GHz | Socket 775 | 2194/200mhz

    ==== Disk Partitions =========================

    A: is Removable
    C: is FIXED (NTFS) - 149 GiB total, 12.518 GiB free.
    D: is CDROM (UDF)

    ==== Disabled Device Manager Items =============

    Class GUID: {6BDD1FC6-810F-11D0-BEC7-08002BE2092F}
    Description: Canon MX860 ser Network
    Device ID: ROOT\CANON_IJ_NETWORK\0000
    Manufacturer: Canon
    Name: Canon MX860 ser Network
    PNP Device ID: ROOT\CANON_IJ_NETWORK\0000
    Service: StillCam

    ==== System Restore Points ===================

    RP1: 1/28/2011 1:14:22 PM - System Checkpoint
    RP2: 1/28/2011 1:26:50 PM - Software Distribution Service 3.0
    RP3: 1/28/2011 2:04:04 PM - avast! Free Antivirus Setup
    RP4: 1/28/2011 2:13:24 PM - avast! Free Antivirus Setup
    RP5: 1/29/2011 2:14:42 PM - System Checkpoint
    RP6: 1/29/2011 11:26:55 PM - avast! Free Antivirus Setup
    RP7: 1/31/2011 12:39:25 AM - System Checkpoint
    RP8: 2/1/2011 1:25:37 AM - System Checkpoint
    RP9: 2/2/2011 2:19:26 AM - System Checkpoint
    RP10: 2/3/2011 2:21:06 AM - System Checkpoint
    RP11: 2/4/2011 3:01:16 AM - System Checkpoint
    RP12: 2/5/2011 4:01:41 AM - System Checkpoint
    RP13: 2/6/2011 4:02:38 AM - System Checkpoint
    RP14: 2/7/2011 5:01:16 AM - System Checkpoint
    RP15: 2/8/2011 6:01:16 AM - System Checkpoint
    RP16: 2/9/2011 3:00:15 AM - Software Distribution Service 3.0
    RP17: 1/1/2007 12:18:20 AM - System Checkpoint

    ==== Installed Programs ======================

    ABC (remove only)
    Adobe Acrobat 7.0 Professional
    Adobe AIR
    Adobe Flash Player 10 ActiveX
    Adobe Flash Player 10 Plugin
    Adobe Reader X (10.0.1)
    Apple Application Support
    Apple Mobile Device Support
    Apple Software Update
    avast! Free Antivirus
    Canon IJ Network Scan Utility
    Canon IJ Network Tool
    Canon MP Navigator EX 1.0
    Canon MP Navigator EX 2.1
    Canon MP210 series
    Canon MP210 series User Registration
    Canon MX860 series MP Drivers
    Canon MX860 series User Registration
    Canon Utilities Easy-PhotoPrint EX
    Canon Utilities My Printer
    Canon Utilities Solution Menu
    CCleaner (remove only)
    Coupon Printer for Windows
    Critical Update for Windows Media Player 11 (KB959772)
    Dell Resource CD
    DivX Converter
    DivX Plus DirectShow Filters
    DivX Setup
    DivX Version Checker
    doPDF 6.0 printer
    DVD Flick
    ESET Online Scanner v3
    FrostWire 4.21.1
    Google Chrome
    Google Update Helper
    High Definition Audio Driver Package - KB888111
    Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595)
    Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484)
    Hotfix for Windows Media Format 11 SDK (KB929399)
    Hotfix for Windows Media Player 11 (KB939683)
    Hotfix for Windows XP (KB2158563)
    Hotfix for Windows XP (KB2443685)
    Hotfix for Windows XP (KB932716-v2)
    Hotfix for Windows XP (KB952287)
    Hotfix for Windows XP (KB954550-v5)
    Hotfix for Windows XP (KB961118)
    Hotfix for Windows XP (KB970653-v3)
    Hotfix for Windows XP (KB976098-v2)
    Hotfix for Windows XP (KB979306)
    Hotfix for Windows XP (KB981793)
    Intel(R) Graphics Media Accelerator Driver
    Intel(R) PRO Network Connections 12.1.12.0
    iTunes
    Java Auto Updater
    Java(TM) 6 Update 23
    K-Lite Codec Pack 3.6.5 Basic
    Logitech Vid HD
    Logitech Webcam Software
    Logitech Webcam Software Driver Package
    Malwarebytes' Anti-Malware
    Microsoft .NET Framework 2.0 Service Pack 2
    Microsoft .NET Framework 3.0 Service Pack 2
    Microsoft .NET Framework 3.5 SP1
    Microsoft Compression Client Pack 1.0 for Windows XP
    Microsoft Kernel-Mode Driver Framework Feature Pack 1.5
    Microsoft Office 2007 Service Pack 2 (SP2)
    Microsoft Office Access MUI (English) 2007
    Microsoft Office Access Setup Metadata MUI (English) 2007
    Microsoft Office Enterprise 2007
    Microsoft Office Excel MUI (English) 2007
    Microsoft Office Groove MUI (English) 2007
    Microsoft Office Groove Setup Metadata MUI (English) 2007
    Microsoft Office InfoPath MUI (English) 2007
    Microsoft Office OneNote MUI (English) 2007
    Microsoft Office Outlook MUI (English) 2007
    Microsoft Office PowerPoint MUI (English) 2007
    Microsoft Office Proof (English) 2007
    Microsoft Office Proof (French) 2007
    Microsoft Office Proof (Spanish) 2007
    Microsoft Office Proofing (English) 2007
    Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
    Microsoft Office Publisher MUI (English) 2007
    Microsoft Office Shared MUI (English) 2007
    Microsoft Office Shared Setup Metadata MUI (English) 2007
    Microsoft Office Word MUI (English) 2007
    Microsoft Silverlight
    Microsoft Software Update for Web Folders (English) 12
    Microsoft User-Mode Driver Framework Feature Pack 1.0
    Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
    Microsoft Visual C++ 2005 Redistributable
    Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148
    Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
    Mozilla Firefox (3.6.13)
    MSXML 4.0 SP2 (KB936181)
    MSXML 4.0 SP2 (KB954430)
    MSXML 4.0 SP2 (KB973688)
    Orban/Coding Technologies AAC/aacPlus Player Plugin™ 1.0
    Prism Video Converter
    QuickTime
    RealPlayer
    Realtek High Definition Audio Driver
    RealUpgrade 1.0
    Roxio MyDVD DE
    Secunia PSI (2.0.0.3001)
    Security Update for 2007 Microsoft Office System (KB2288621)
    Security Update for 2007 Microsoft Office System (KB2288931)
    Security Update for 2007 Microsoft Office System (KB2289158)
    Security Update for 2007 Microsoft Office System (KB2344875)
    Security Update for 2007 Microsoft Office System (KB2345043)
    Security Update for 2007 Microsoft Office System (KB969559)
    Security Update for 2007 Microsoft Office System (KB976321)
    Security Update for CAPICOM (KB931906)
    Security Update for Microsoft .NET Framework 3.5 SP1 (KB2416473)
    Security Update for Microsoft Office Access 2007 (KB979440)
    Security Update for Microsoft Office Excel 2007 (KB2345035)
    Security Update for Microsoft Office InfoPath 2007 (KB979441)
    Security Update for Microsoft Office PowerPoint 2007 (KB982158)
    Security Update for Microsoft Office PowerPoint Viewer (KB2413381)
    Security Update for Microsoft Office Publisher 2007 (KB2284697)
    Security Update for Microsoft Office system 2007 (972581)
    Security Update for Microsoft Office system 2007 (KB974234)
    Security Update for Microsoft Office Visio Viewer 2007 (KB973709)
    Security Update for Microsoft Office Word 2007 (KB2344993)
    Security Update for Windows Internet Explorer 8 (KB2183461)
    Security Update for Windows Internet Explorer 8 (KB2360131)
    Security Update for Windows Internet Explorer 8 (KB2416400)
    Security Update for Windows Internet Explorer 8 (KB2482017)
    Security Update for Windows Internet Explorer 8 (KB969897)
    Security Update for Windows Internet Explorer 8 (KB971961)
    Security Update for Windows Internet Explorer 8 (KB972260)
    Security Update for Windows Internet Explorer 8 (KB974455)
    Security Update for Windows Internet Explorer 8 (KB976325)
    Security Update for Windows Internet Explorer 8 (KB978207)
    Security Update for Windows Internet Explorer 8 (KB981332)
    Security Update for Windows Internet Explorer 8 (KB982381)
    Security Update for Windows Media Player (KB2378111)
    Security Update for Windows Media Player (KB911564)
    Security Update for Windows Media Player (KB952069)
    Security Update for Windows Media Player (KB954155)
    Security Update for Windows Media Player (KB968816)
    Security Update for Windows Media Player (KB973540)
    Security Update for Windows Media Player (KB975558)
    Security Update for Windows Media Player (KB978695)
    Security Update for Windows Media Player 11 (KB936782)
    Security Update for Windows Media Player 11 (KB954154)
    Security Update for Windows Media Player 6.4 (KB925398)
    Security Update for Windows Media Player 9 (KB936782)
    Security Update for Windows XP (KB2079403)
    Security Update for Windows XP (KB2115168)
    Security Update for Windows XP (KB2121546)
    Security Update for Windows XP (KB2160329)
    Security Update for Windows XP (KB2229593)
    Security Update for Windows XP (KB2259922)
    Security Update for Windows XP (KB2279986)
    Security Update for Windows XP (KB2286198)
    Security Update for Windows XP (KB2296011)
    Security Update for Windows XP (KB2296199)
    Security Update for Windows XP (KB2347290)
    Security Update for Windows XP (KB2360937)
    Security Update for Windows XP (KB2387149)
    Security Update for Windows XP (KB2393802)
    Security Update for Windows XP (KB2419632)
    Security Update for Windows XP (KB2423089)
    Security Update for Windows XP (KB2436673)
    Security Update for Windows XP (KB2440591)
    Security Update for Windows XP (KB2443105)
    Security Update for Windows XP (KB2476687)
    Security Update for Windows XP (KB2478960)
    Security Update for Windows XP (KB2478971)
    Security Update for Windows XP (KB2479628)
    Security Update for Windows XP (KB2483185)
    Security Update for Windows XP (KB2485376)
    Security Update for Windows XP (KB923561)
    Security Update for Windows XP (KB923689)
    Security Update for Windows XP (KB923789)
    Security Update for Windows XP (KB938464)
    Security Update for Windows XP (KB941569)
    Security Update for Windows XP (KB946648)
    Security Update for Windows XP (KB950759)
    Security Update for Windows XP (KB950760)
    Security Update for Windows XP (KB950762)
    Security Update for Windows XP (KB950974)
    Security Update for Windows XP (KB951066)
    Security Update for Windows XP (KB951376-v2)
    Security Update for Windows XP (KB951376)
    Security Update for Windows XP (KB951698)
    Security Update for Windows XP (KB951748)
    Security Update for Windows XP (KB952004)
    Security Update for Windows XP (KB952954)
    Security Update for Windows XP (KB953838)
    Security Update for Windows XP (KB953839)
    Security Update for Windows XP (KB954211)
    Security Update for Windows XP (KB954459)
    Security Update for Windows XP (KB954600)
    Security Update for Windows XP (KB955069)
    Security Update for Windows XP (KB956390)
    Security Update for Windows XP (KB956391)
    Security Update for Windows XP (KB956572)
    Security Update for Windows XP (KB956744)
    Security Update for Windows XP (KB956802)
    Security Update for Windows XP (KB956803)
    Security Update for Windows XP (KB956841)
    Security Update for Windows XP (KB956844)
    Security Update for Windows XP (KB957095)
    Security Update for Windows XP (KB957097)
    Security Update for Windows XP (KB958215)
    Security Update for Windows XP (KB958644)
    Security Update for Windows XP (KB958687)
    Security Update for Windows XP (KB958690)
    Security Update for Windows XP (KB958869)
    Security Update for Windows XP (KB959426)
    Security Update for Windows XP (KB960225)
    Security Update for Windows XP (KB960714)
    Security Update for Windows XP (KB960715)
    Security Update for Windows XP (KB960803)
    Security Update for Windows XP (KB960859)
    Security Update for Windows XP (KB961371)
    Security Update for Windows XP (KB961373)
    Security Update for Windows XP (KB961501)
    Security Update for Windows XP (KB963027)
    Security Update for Windows XP (KB968537)
    Security Update for Windows XP (KB969059)
    Security Update for Windows XP (KB969897)
    Security Update for Windows XP (KB969898)
    Security Update for Windows XP (KB969947)
    Security Update for Windows XP (KB970238)
    Security Update for Windows XP (KB970430)
    Security Update for Windows XP (KB971468)
    Security Update for Windows XP (KB971486)
    Security Update for Windows XP (KB971557)
    Security Update for Windows XP (KB971633)
    Security Update for Windows XP (KB971657)
    Security Update for Windows XP (KB972270)
    Security Update for Windows XP (KB973346)
    Security Update for Windows XP (KB973354)
    Security Update for Windows XP (KB973507)
    Security Update for Windows XP (KB973525)
    Security Update for Windows XP (KB973869)
    Security Update for Windows XP (KB973904)
    Security Update for Windows XP (KB974112)
    Security Update for Windows XP (KB974318)
    Security Update for Windows XP (KB974392)
    Security Update for Windows XP (KB974571)
    Security Update for Windows XP (KB975025)
    Security Update for Windows XP (KB975467)
    Security Update for Windows XP (KB975560)
    Security Update for Windows XP (KB975561)
    Security Update for Windows XP (KB975562)
    Security Update for Windows XP (KB975713)
    Security Update for Windows XP (KB977165)
    Security Update for Windows XP (KB977816)
    Security Update for Windows XP (KB977914)
    Security Update for Windows XP (KB978037)
    Security Update for Windows XP (KB978251)
    Security Update for Windows XP (KB978262)
    Security Update for Windows XP (KB978338)
    Security Update for Windows XP (KB978542)
    Security Update for Windows XP (KB978601)
    Security Update for Windows XP (KB978706)
    Security Update for Windows XP (KB979309)
    Security Update for Windows XP (KB979482)
    Security Update for Windows XP (KB979559)
    Security Update for Windows XP (KB979683)
    Security Update for Windows XP (KB979687)
    Security Update for Windows XP (KB980195)
    Security Update for Windows XP (KB980218)
    Security Update for Windows XP (KB980232)
    Security Update for Windows XP (KB980436)
    Security Update for Windows XP (KB981322)
    Security Update for Windows XP (KB981852)
    Security Update for Windows XP (KB981957)
    Security Update for Windows XP (KB981997)
    Security Update for Windows XP (KB982132)
    Security Update for Windows XP (KB982214)
    Security Update for Windows XP (KB982665)
    Security Update for Windows XP (KB982802)
    Skype™ 5.1
    Switch Sound File Converter
    Update for 2007 Microsoft Office System (KB967642)
    Update for Microsoft .NET Framework 3.5 SP1 (KB963707)
    Update for Microsoft Office OneNote 2007 (KB980729)
    Update for Microsoft Office Outlook 2007 (KB2412171)
    Update for Outlook 2007 Junk Email Filter (KB2492475)
    Update for Windows Internet Explorer 8 (KB971930)
    Update for Windows Internet Explorer 8 (KB976662)
    Update for Windows Internet Explorer 8 (KB976749)
    Update for Windows Internet Explorer 8 (KB980182)
    Update for Windows XP (KB2141007)
    Update for Windows XP (KB2345886)
    Update for Windows XP (KB2467659)
    Update for Windows XP (KB951072-v2)
    Update for Windows XP (KB951978)
    Update for Windows XP (KB955759)
    Update for Windows XP (KB955839)
    Update for Windows XP (KB967715)
    Update for Windows XP (KB968389)
    Update for Windows XP (KB971737)
    Update for Windows XP (KB973687)
    Update for Windows XP (KB973815)
    Usmleworld Step2 QBank V2
    VC80CRTRedist - 8.0.50727.4053
    VideoCam Suite
    Visual C++ 2008 x86 Runtime - (v9.0.30729)
    Visual C++ 2008 x86 Runtime - v9.0.30729.01
    VLC media player 1.1.7
    VobSub v2.23 (Remove Only)
    WebFldrs XP
    Windows Genuine Advantage Validation Tool (KB892130)
    Windows Internet Explorer 8
    Windows Media Format 11 runtime
    Windows Media Player 11
    Windows XP Service Pack 3
    WinRAR archiver

    ==== Event Viewer Messages From Past Week ========

    1/3/2011 10:06:02 AM, error: System Error [1003] - Error code 000000ea, parameter1 8956a110, parameter2 8a27c1c0, parameter3 8a60b1a8, parameter4 00000001.
    1/3/2011 10:05:44 AM, error: System Error [1003] - Error code 000000ea, parameter1 89eb2438, parameter2 8a34c930, parameter3 89cf35a0, parameter4 00000001.
    1/29/2011 10:52:12 PM, error: DCOM [10005] - DCOM got error "%1084" attempting to start the service StiSvc with arguments "" in order to run the server: {A1F4E726-8CF1-11D1-BF92-0060081ED811}
    1/29/2011 10:50:45 PM, error: Service Control Manager [7026] - The following boot-start or system-start driver(s) failed to load: Aavmker4 AFD aswRdr aswSP aswTdi Fips intelppm IPSec MRxSmb NetBIOS NetBT RasAcd Rdbss Tcpip
    1/29/2011 10:50:45 PM, error: Service Control Manager [7001] - The TCP/IP NetBIOS Helper service depends on the AFD service which failed to start because of the following error: A device attached to the system is not functioning.
    1/29/2011 10:50:45 PM, error: Service Control Manager [7001] - The IPSEC Services service depends on the IPSEC driver service which failed to start because of the following error: A device attached to the system is not functioning.
    1/29/2011 10:50:45 PM, error: Service Control Manager [7001] - The DNS Client service depends on the TCP/IP Protocol Driver service which failed to start because of the following error: A device attached to the system is not functioning.
    1/29/2011 10:50:45 PM, error: Service Control Manager [7001] - The DHCP Client service depends on the NetBios over Tcpip service which failed to start because of the following error: A device attached to the system is not functioning.
    1/29/2011 10:50:45 PM, error: Service Control Manager [7001] - The Apple Mobile Device service depends on the TCP/IP Protocol Driver service which failed to start because of the following error: A device attached to the system is not functioning.
    1/29/2011 10:50:00 PM, error: DCOM [10005] - DCOM got error "%1084" attempting to start the service netman with arguments "" in order to run the server: {BA126AE5-2166-11D1-B1D0-00805FC1270E}
    1/29/2011 10:49:56 PM, error: DCOM [10005] - DCOM got error "%1084" attempting to start the service EventSystem with arguments "" in order to run the server: {1BE1F766-5536-11D1-B726-00C04FB926AF}
    1/27/2011 11:58:16 PM, error: Dhcp [1002] - The IP address lease 192.168.1.2 for the Network Card with network address 001D097DF82A has been denied by the DHCP server 0.0.0.0 (The DHCP Server sent a DHCPNACK message).
    1/26/2011 9:38:25 PM, error: Dhcp [1001] - Your computer was not assigned an address from the network (by the DHCP Server) for the Network Card with network address 001D097DF82A. The following error occurred: The operation was canceled by the user. . Your computer will continue to try and obtain an address on its own from the network address (DHCP) server.
    1/26/2011 9:18:28 PM, error: Service Control Manager [7034] - The Process Monitor service terminated unexpectedly. It has done this 1 time(s).
    1/26/2011 9:18:28 PM, error: Service Control Manager [7034] - The Java Quick Starter service terminated unexpectedly. It has done this 1 time(s).
    1/26/2011 9:18:28 PM, error: Service Control Manager [7034] - The iPod Service service terminated unexpectedly. It has done this 1 time(s).
    1/26/2011 9:18:28 PM, error: Service Control Manager [7031] - The Apple Mobile Device service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 60000 milliseconds: Restart the service.
    1/17/2011 10:37:46 AM, error: Service Control Manager [7023] - The Application Management service terminated with the following error: The specified module could not be found.
    1/12/2011 7:08:32 AM, error: Service Control Manager [7023] - The HID Input Service service terminated with the following error: The specified module could not be found.
    1/1/2007 12:34:03 AM, error: W32Time [34] - The time service has detected that the system time needs to be changed by +125765688 seconds. The time service will not change the system time by more than +54000 seconds. Verify that your time and time zone are correct, and that the time source time.windows.com (ntp.m|0x1|192.168.10.51:123->207.46.232.182:123) is working properly.
    1/1/2007 12:10:58 AM, error: Dhcp [1002] - The IP address lease 192.168.10.50 for the Network Card with network address 001D097DF82A has been denied by the DHCP server 0.0.0.0 (The DHCP Server sent a DHCPNACK message).
    1/1/2007 12:10:08 AM, error: Dhcp [1002] - The IP address lease 192.168.10.53 for the Network Card with network address 001D097DF82A has been denied by the DHCP server 0.0.0.0 (The DHCP Server sent a DHCPNACK message).
    1/1/2007 12:01:27 AM, error: W32Time [34] - The time service has detected that the system time needs to be changed by +125772818 seconds. The time service will not change the system time by more than +54000 seconds. Verify that your time and time zone are correct, and that the time source time.windows.com (ntp.m|0x1|192.168.10.50:123->207.46.232.182:123) is working properly.
    1/1/2007 12:01:01 AM, error: Dhcp [1002] - The IP address lease 192.168.1.3 for the Network Card with network address 001D097DF82A has been denied by the DHCP server 0.0.0.0 (The DHCP Server sent a DHCPNACK message).
    1/1/2007 12:00:54 AM, error: Dhcp [1002] - The IP address lease 192.168.10.51 for the Network Card with network address 001D097DF82A has been denied by the DHCP server 0.0.0.0 (The DHCP Server sent a DHCPNACK message).
    1/1/2007 10:57:36 PM, error: Service Control Manager [7034] - The Secunia PSI Agent service terminated unexpectedly. It has done this 1 time(s).

    ==== End Of File ===========================
     
  6. Broni

    Broni Malware Annihilator Posts: 52,911   +344

    Please, observe following rules:
    • Read all of my instructions very carefully. Your mistakes during cleaning process may have very serious consequences, like unbootable computer.
    • If you're stuck, or you're not sure about certain step, always ask before doing anything else.
    • Please refrain from running tools or applying updates other than those I suggest.
    • Never run more than one scan at a time.
    • Keep updating me regarding your computer behavior, good, or bad.
    • The cleaning process, once started, has to be completed. Even if your computer appears to act better, it may still be infected. Once the computer is totally clean, I'll certainly let you know.
    • If you leave the topic without explanation in the middle of a cleaning process, you may not be eligible to receive any more help in malware removal forum.
    • I close my topics if you have not replied in 5 days. If you need more time, simply let me know. If I closed your topic and you need it to be reopened, simply PM me.

    =======================================================================

    So far, I don't see much....

    Download MBRCheck to your desktop

    Double click MBRCheck.exe to run (Vista and Windows 7 users, right click and select Run as Administrator).
    It will show a black screen with some data on it.
    Enter N to exit.
    A report called MBRcheckxxxx.txt will be on your desktop
    Open this report and post its content in your next reply.

    =======================================================================

    Please download ComboFix from Here or Here to your Desktop.

    **Note: In the event you already have Combofix, this is a new version that I need you to download. It is important that it is saved directly to your desktop**
    1. Please, never rename Combofix unless instructed.
    2. Close any open browsers.
    3. Close/disable all anti virus and anti malware programs so they do not interfere with the running of ComboFix.
      • Very Important! Temporarily disable your anti-virus, script blocking and any anti-malware real-time protection before performing a scan. They can interfere with ComboFix or remove some of its embedded files which may cause "unpredictable results".
      • Click on this link to see a list of programs that should be disabled. The list is not all inclusive. If yours is not listed and you don't know how to disable it, please ask.
      NOTE1. If Combofix asks you to install Recovery Console, please allow it.
      NOTE 2. If Combofix asks you to update the program, always do so.
      • Close any open browsers.
      • WARNING: Combofix will disconnect your machine from the Internet as soon as it starts
      • Please do not attempt to re-connect your machine back to the Internet until Combofix has completely finished.
      • If there is no internet connection after running Combofix, then restart your computer to restore back your connection.
    4. Double click on combofix.exe & follow the prompts.
    5. When finished, it will produce a report for you.
    6. Please post the "C:\ComboFix.txt"
    **Note 1: Do not mouseclick combofix's window while it's running. That may cause it to stall
    **Note 2 for AVG users: ComboFix will not run until AVG is uninstalled as a protective measure against the anti-virus. This is because AVG "falsely" detects ComboFix (or its embedded files) as a threat and may remove them resulting in the tool not working correctly which in turn can cause "unpredictable results". Since AVG cannot be effectively disabled before running ComboFix, the author recommends you to uninstall AVG first.
    Use AppRemover to uninstall it: http://www.appremover.com/
    We can reinstall it when we're done with CF.
    **Note 3: If you receive an error "Illegal operation attempted on a registery key that has been marked for deletion", restart computer to fix the issue.



    Make sure, you re-enable your security programs, when you're done with Combofix.

    ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

    NOTE.
    If, for some reason, Combofix refuses to run, try one of the following:

    1. Run Combofix from Safe Mode.

    2. Delete Combofix file, download fresh one, but rename combofix.exe to your_name.exe BEFORE saving it to your desktop.
    Do NOT run it yet.

    Please download and run the below tool named Rkill (courtesy of BleepingComputer.com) which may help allow other programs to run.

    There are 4 different versions. If one of them won't run then download and try to run the other one.

    Vista and Win7 users need to right click Rkill and choose Run as Administrator

    You only need to get one of these to run, not all of them. You may get warnings from your antivirus about this tool, ignore them or shutdown your antivirus.

    Rkill.com
    Rkill.scr
    Rkill.exe

    • Double-click on the Rkill desktop icon to run the tool.
    • If using Vista or Windows 7 right-click on it and choose Run As Administrator.
    • A black DOS box will briefly flash and then disappear. This is normal and indicates the tool ran successfully.
    • If not, delete the file, then download and use the one provided in Link 2.
    • If it does not work, repeat the process and attempt to use one of the remaining links until the tool runs.
    • Do not reboot until instructed.
    • If the tool does not run from any of the links provided, please let me know.

    Once you've gotten one of them to run, immediately run your_name.exe by double clicking on it.

    If normal mode still doesn't work, run BOTH tools from safe mode.

    In case #2, please post BOTH logs, rKill and Combofix.

    DO NOT make any other changes to your computer (like installing programs, using other cleaning tools, etc.), until it's officially declared clean!!!
     
  7. merenwen

    merenwen TS Rookie Topic Starter Posts: 35

    Thanks! The computer is still having all the same issues I mentioned in my first post. Here are the logs:

    MBRCheck, version 1.2.3
    (c) 2010, AD

    Command-line:
    Windows Version: Windows XP Home Edition
    Windows Information: Service Pack 3 (build 2600)
    Logical Drives Mask: 0x0000001d

    Kernel Drivers (total 125):
    0x804D7000 \WINDOWS\system32\ntkrnlpa.exe
    0x806E5000 \WINDOWS\system32\hal.dll
    0xBA5A8000 \WINDOWS\system32\KDCOM.DLL
    0xBA4B8000 \WINDOWS\system32\BOOTVID.dll
    0xB9F79000 ACPI.sys
    0xBA5AA000 \WINDOWS\system32\DRIVERS\WMILIB.SYS
    0xB9F68000 pci.sys
    0xBA0A8000 isapnp.sys
    0xBA670000 pciide.sys
    0xBA328000 \WINDOWS\system32\DRIVERS\PCIIDEX.SYS
    0xBA0B8000 MountMgr.sys
    0xB9F49000 ftdisk.sys
    0xBA330000 PartMgr.sys
    0xBA0C8000 VolSnap.sys
    0xB9F31000 atapi.sys
    0xBA338000 cercsr6.sys
    0xB9F19000 \WINDOWS\System32\Drivers\SCSIPORT.SYS
    0xBA0D8000 disk.sys
    0xBA0E8000 \WINDOWS\system32\DRIVERS\CLASSPNP.SYS
    0xB9EF9000 fltmgr.sys
    0xB9EE7000 sr.sys
    0xBA0F8000 PxHelp20.sys
    0xB9ED0000 KSecDD.sys
    0xB9EBD000 WudfPf.sys
    0xB9E30000 Ntfs.sys
    0xB9E03000 NDIS.sys
    0xB9DE9000 Mup.sys
    0xBA128000 \SystemRoot\system32\DRIVERS\intelppm.sys
    0xB92CF000 \SystemRoot\system32\DRIVERS\igxpmp32.sys
    0xB92BB000 \SystemRoot\system32\DRIVERS\VIDEOPRT.SYS
    0xBA418000 \SystemRoot\system32\DRIVERS\usbuhci.sys
    0xB9256000 \SystemRoot\system32\DRIVERS\USBPORT.SYS
    0xBA420000 \SystemRoot\system32\DRIVERS\usbehci.sys
    0xB922E000 \SystemRoot\system32\DRIVERS\HDAudBus.sys
    0xBA428000 \SystemRoot\system32\DRIVERS\fdc.sys
    0xBA138000 \SystemRoot\system32\DRIVERS\imapi.sys
    0xBA148000 \SystemRoot\system32\DRIVERS\cdrom.sys
    0xBA158000 \SystemRoot\system32\DRIVERS\redbook.sys
    0xB920B000 \SystemRoot\system32\DRIVERS\ks.sys
    0xBA430000 \SystemRoot\system32\DRIVERS\GEARAspiWDM.sys
    0xBA7F0000 \SystemRoot\system32\DRIVERS\audstub.sys
    0xBA168000 \SystemRoot\system32\DRIVERS\rasl2tp.sys
    0xBA58C000 \SystemRoot\system32\DRIVERS\ndistapi.sys
    0xB91F4000 \SystemRoot\system32\DRIVERS\ndiswan.sys
    0xBA178000 \SystemRoot\system32\DRIVERS\raspppoe.sys
    0xBA188000 \SystemRoot\system32\DRIVERS\raspptp.sys
    0xBA440000 \SystemRoot\system32\DRIVERS\TDI.SYS
    0xB91E3000 \SystemRoot\system32\DRIVERS\psched.sys
    0xBA198000 \SystemRoot\system32\DRIVERS\msgpc.sys
    0xBA448000 \SystemRoot\system32\DRIVERS\ptilink.sys
    0xBA450000 \SystemRoot\system32\DRIVERS\raspti.sys
    0xBA1A8000 \SystemRoot\system32\DRIVERS\termdd.sys
    0xBA458000 \SystemRoot\system32\DRIVERS\kbdclass.sys
    0xBA460000 \SystemRoot\system32\DRIVERS\mouclass.sys
    0xBA5DC000 \SystemRoot\system32\DRIVERS\swenum.sys
    0xB9185000 \SystemRoot\system32\DRIVERS\update.sys
    0xBA598000 \SystemRoot\system32\DRIVERS\mssmbios.sys
    0xBA470000 \SystemRoot\system32\DRIVERS\flpydisk.sys
    0xBA1C8000 \SystemRoot\System32\Drivers\NDProxy.SYS
    0xBA1E8000 \SystemRoot\system32\DRIVERS\usbhub.sys
    0xBA5E2000 \SystemRoot\system32\DRIVERS\USBD.SYS
    0xA8B6E000 \SystemRoot\system32\drivers\RtkHDAud.sys
    0xA8B4A000 \SystemRoot\system32\drivers\portcls.sys
    0xBA1F8000 \SystemRoot\system32\drivers\drmk.sys
    0xBA5E8000 \SystemRoot\System32\Drivers\Fs_Rec.SYS
    0xBA6B1000 \SystemRoot\System32\Drivers\Null.SYS
    0xBA5EA000 \SystemRoot\System32\Drivers\Beep.SYS
    0xBA488000 \SystemRoot\system32\DRIVERS\HIDPARSE.SYS
    0xBA490000 \SystemRoot\System32\drivers\vga.sys
    0xBA5EC000 \SystemRoot\System32\Drivers\mnmdd.SYS
    0xBA5EE000 \SystemRoot\System32\DRIVERS\RDPCDD.sys
    0xBA498000 \SystemRoot\System32\Drivers\Msfs.SYS
    0xBA4A0000 \SystemRoot\System32\Drivers\Npfs.SYS
    0xBA554000 \SystemRoot\system32\DRIVERS\rasacd.sys
    0xA8AC7000 \SystemRoot\system32\DRIVERS\ipsec.sys
    0xA8A6E000 \SystemRoot\system32\DRIVERS\tcpip.sys
    0xA8A48000 \SystemRoot\system32\DRIVERS\ipnat.sys
    0xBA218000 \SystemRoot\System32\Drivers\aswTdi.SYS
    0xBA228000 \SystemRoot\system32\DRIVERS\wanarp.sys
    0xA8A20000 \SystemRoot\system32\DRIVERS\netbt.sys
    0xBA4A8000 \SystemRoot\System32\Drivers\aswRdr.SYS
    0xA89FE000 \SystemRoot\System32\drivers\afd.sys
    0xBA238000 \SystemRoot\system32\DRIVERS\netbios.sys
    0xA89D3000 \SystemRoot\system32\DRIVERS\rdbss.sys
    0xA8963000 \SystemRoot\system32\DRIVERS\mrxsmb.sys
    0xBA248000 \SystemRoot\System32\Drivers\Fips.SYS
    0xA891C000 \SystemRoot\System32\Drivers\aswSP.SYS
    0xBA348000 \SystemRoot\System32\Drivers\Aavmker4.SYS
    0xA8B1E000 \SystemRoot\system32\DRIVERS\hidusb.sys
    0xBA268000 \SystemRoot\system32\DRIVERS\HIDCLASS.SYS
    0xA88BB000 \SystemRoot\System32\Drivers\Udfs.SYS
    0xBA3A0000 \SystemRoot\system32\DRIVERS\usbccgp.sys
    0xA8B1A000 \SystemRoot\system32\DRIVERS\mouhid.sys
    0xA8B12000 \SystemRoot\system32\DRIVERS\kbdhid.sys
    0xA824B000 \SystemRoot\system32\DRIVERS\lvuvc.sys
    0xBA278000 \SystemRoot\system32\drivers\usbaudio.sys
    0xA820B000 \SystemRoot\system32\DRIVERS\lvrs.sys
    0xA81F3000 \SystemRoot\System32\Drivers\dump_atapi.sys
    0xBA612000 \SystemRoot\System32\Drivers\dump_WMILIB.SYS
    0xBF800000 \SystemRoot\System32\win32k.sys
    0xA8AFE000 \SystemRoot\System32\drivers\Dxapi.sys
    0xBA3B8000 \SystemRoot\System32\watchdog.sys
    0xBF000000 \SystemRoot\System32\drivers\dxg.sys
    0xBA727000 \SystemRoot\System32\drivers\dxgthk.sys
    0xBF024000 \SystemRoot\System32\igxpgd32.dll
    0xBF012000 \SystemRoot\System32\igxprd32.dll
    0xBF04E000 \SystemRoot\System32\igxpdv32.DLL
    0xBF1F2000 \SystemRoot\System32\igxpdx32.DLL
    0xBF48D000 \SystemRoot\System32\ATMFD.DLL
    0xA8143000 \SystemRoot\System32\Drivers\aswFsBlk.SYS
    0xA80D7000 \SystemRoot\system32\DRIVERS\ndisuio.sys
    0xA7F34000 \SystemRoot\System32\Drivers\aswMon2.SYS
    0xA7C9F000 \SystemRoot\system32\drivers\wdmaud.sys
    0xA7E7C000 \SystemRoot\system32\drivers\sysaudio.sys
    0xA77EA000 \SystemRoot\system32\DRIVERS\mrxdav.sys
    0xA74EA000 \SystemRoot\system32\DRIVERS\srv.sys
    0xBA380000 \SystemRoot\system32\DRIVERS\LVPr2Mon.sys
    0xA6F37000 \SystemRoot\System32\Drivers\HTTP.sys
    0xA6CC4000 \??\C:\DOCUME~1\Shaina\LOCALS~1\Temp\fxdyqfob.sys
    0xA6C58000 \SystemRoot\system32\DRIVERS\e1e5132.sys
    0xBA378000 \??\C:\DOCUME~1\Shaina\LOCALS~1\Temp\mbr.sys
    0xA7692000 \SystemRoot\system32\DRIVERS\usbscan.sys
    0xBA4B0000 \SystemRoot\system32\DRIVERS\usbprint.sys
    0xBA390000 \SystemRoot\system32\DRIVERS\USBSTOR.SYS
    0x7C900000 \WINDOWS\system32\ntdll.dll

    Processes (total 50):
    0 System Idle Process
    4 System
    624 C:\WINDOWS\system32\smss.exe
    688 csrss.exe
    720 C:\WINDOWS\system32\winlogon.exe
    764 C:\WINDOWS\system32\services.exe
    784 C:\WINDOWS\system32\lsass.exe
    948 C:\WINDOWS\system32\svchost.exe
    1020 svchost.exe
    1116 C:\WINDOWS\system32\svchost.exe
    1156 C:\WINDOWS\system32\svchost.exe
    1204 svchost.exe
    1316 svchost.exe
    1464 C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
    1656 C:\WINDOWS\explorer.exe
    1944 C:\WINDOWS\system32\spoolsv.exe
    440 C:\WINDOWS\system32\hkcmd.exe
    448 C:\WINDOWS\system32\igfxpers.exe
    456 C:\WINDOWS\RTHDCPL.exe
    472 C:\Program Files\Common Files\Java\Java Update\jusched.exe
    480 C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe
    484 C:\Program Files\Adobe\Acrobat 7.0\Distillr\acrotray.exe
    500 C:\Program Files\Common Files\Real\Update_OB\realsched.exe
    508 C:\Program Files\Logitech\Logitech WebCam Software\LWS.exe
    520 C:\Program Files\Canon\MyPrinter\BJMYPRT.EXE
    648 C:\Program Files\iTunes\iTunesHelper.exe
    644 C:\WINDOWS\system32\igfxsrvc.exe
    640 C:\Program Files\Canon\Canon IJ Network Scan Utility\CNMNSUT.EXE
    788 C:\Program Files\Alwil Software\Avast5\AvastUI.exe
    1144 C:\Program Files\Logitech\Vid HD\Vid.exe
    1212 C:\WINDOWS\system32\ctfmon.exe
    1220 C:\Program Files\Skype\Phone\Skype.exe
    1528 svchost.exe
    1572 C:\Program Files\Common Files\LogiShrd\LQCVFX\COCIManager.exe
    2076 C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
    2168 C:\Program Files\Java\jre6\bin\jqs.exe
    2284 C:\Program Files\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exe
    2396 C:\Program Files\Secunia\PSI\psia.exe
    2536 C:\Program Files\Secunia\PSI\psi_tray.exe
    2548 C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE
    2764 C:\WINDOWS\system32\svchost.exe
    3116 C:\Program Files\Skype\Plugin Manager\skypePM.exe
    3660 C:\Program Files\iPod\bin\iPodService.exe
    124 alg.exe
    3180 C:\WINDOWS\system32\svchost.exe
    1992 C:\Program Files\Mozilla Firefox\firefox.exe
    200 C:\Program Files\Mozilla Firefox\plugin-container.exe
    2968 C:\Program Files\Adobe\Reader 10.0\Reader\AcroRd32.exe
    2788 C:\Program Files\Adobe\Reader 10.0\Reader\AcroRd32.exe
    412 C:\Documents and Settings\Shaina\Desktop\MBRCheck.exe

    \\.\C: --> \\.\PhysicalDrive0 at offset 0x00000000`00007e00 (NTFS)

    PhysicalDrive0 Model Number: SAMSUNGHD161HJ, Rev: JF100-22

    Size Device Name MBR Status
    --------------------------------------------
    149 GB \\.\PhysicalDrive0 Windows XP MBR code detected
    SHA1: DA38B874B7713D1B51CBC449F4EF809B0DEC644A


    Done!

    ----------------------------------------------

    ComboFix 11-02-09.05 - Shaina 01/02/2007 14:20:36.5.2 - x86
    Microsoft Windows XP Home Edition 5.1.2600.3.1252.1.1033.18.2037.1645 [GMT -5:00]
    Running from: c:\documents and settings\Shaina\Desktop\ComboFix.exe
    AV: avast! Antivirus *Disabled/Updated* {7591DB91-41F0-48A3-B128-1A293FD8233D}
    .

    ((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
    .

    c:\windows\system\winspool.drv

    Infected copy of c:\windows\system32\msgsvc.dll was found and disinfected
    Restored copy from - c:\windows\ERDNT\cache\msgsvc.dll

    .
    ((((((((((((((((((((((((( Files Created from 2006-12-02 to 2007-01-02 )))))))))))))))))))))))))))))))
    .

    2010-07-16 11:06 . 2010-07-16 11:06 -------- d-----w- C:\spoolerlogs
    2009-08-16 07:03 . 2009-08-16 07:03 -------- d-----w- C:\d9c274b78117274c21c3
    2008-02-28 23:10 . 2008-02-28 23:10 -------- d-----r- C:\MSOCache
    2008-01-29 04:20 . 2010-08-06 01:10 -------- d-----w- C:\MDT

    .
    (((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
    .
    2011-01-21 14:44 . 2004-08-04 10:00 439296 ----a-w- c:\windows\system32\shimgvw.dll
    2011-01-07 14:09 . 2004-08-04 10:00 290048 ----a-w- c:\windows\system32\atmfd.dll
    2011-01-03 15:02 . 2004-08-04 10:00 26112 ----a-w- c:\windows\system32\userinit.exe
    2010-12-31 13:10 . 2004-08-04 10:00 1854976 ----a-w- c:\windows\system32\win32k.sys
    2010-12-22 12:34 . 2004-08-04 10:00 301568 ----a-w- c:\windows\system32\kerberos.dll
    2010-12-20 23:59 . 2006-03-04 03:33 916480 ----a-w- c:\windows\system32\wininet.dll
    2010-12-20 23:59 . 2004-08-04 10:00 43520 ----a-w- c:\windows\system32\licmgr10.dll
    2010-12-20 23:59 . 2004-08-04 10:00 1469440 ------w- c:\windows\system32\inetcpl.cpl
    2010-12-20 17:26 . 2004-08-04 10:00 730112 ----a-w- c:\windows\system32\lsasrv.dll
    2010-12-20 12:55 . 2004-08-04 10:00 385024 ----a-w- c:\windows\system32\html.iec
    2010-12-09 15:15 . 2004-08-04 10:00 718336 ----a-w- c:\windows\system32\ntdll.dll
    2010-12-09 14:30 . 2004-08-04 10:00 33280 ----a-w- c:\windows\system32\csrsrv.dll
    2010-12-09 13:42 . 2005-03-30 01:21 2148864 ----a-w- c:\windows\system32\ntoskrnl.exe
    2010-12-09 13:07 . 2005-03-30 01:01 2027008 ----a-w- c:\windows\system32\ntkrnlpa.exe
    2010-11-09 14:52 . 2004-08-04 10:00 249856 ----a-w- c:\windows\system32\odbc32.dll
    2010-11-02 15:17 . 2004-08-04 10:00 40960 ----a-w- c:\windows\system32\drivers\ndproxy.sys
    2010-09-18 16:23 . 2004-08-04 10:00 974848 ----a-w- c:\windows\system32\mfc42u.dll
    2010-09-18 06:53 . 2004-08-04 10:00 974848 ----a-w- c:\windows\system32\mfc42.dll
    2010-09-18 06:53 . 2004-08-04 10:00 954368 ----a-w- c:\windows\system32\mfc40.dll
    2010-09-18 06:53 . 2004-08-04 10:00 953856 ----a-w- c:\windows\system32\mfc40u.dll
    2010-08-27 08:02 . 2004-08-04 10:00 119808 ----a-w- c:\windows\system32\t2embed.dll
    2010-08-27 05:57 . 2004-08-04 10:00 99840 ----a-w- c:\windows\system32\srvsvc.dll
    2010-08-26 13:39 . 2004-08-04 10:00 357248 ----a-w- c:\windows\system32\drivers\srv.sys
    2010-08-23 16:12 . 2004-08-04 10:00 617472 ----a-w- c:\windows\system32\comctl32.dll
    2010-08-17 13:17 . 2004-08-04 10:00 58880 ----a-w- c:\windows\system32\spoolsv.exe
    2010-08-16 08:45 . 2004-08-04 10:00 590848 ----a-w- c:\windows\system32\rpcrt4.dll
    2010-08-11 02:55 . 2004-08-04 10:00 42112 ----a-w- c:\windows\system32\drivers\imapi.sys
    2010-07-16 12:05 . 2004-08-04 10:00 1288192 ----a-w- c:\windows\system32\ole32.dll
    2010-06-30 12:31 . 2004-08-04 10:00 149504 ----a-w- c:\windows\system32\schannel.dll
    2010-06-18 17:45 . 2004-08-04 10:00 293376 ----a-w- c:\windows\system32\winsrv.dll
    2010-06-17 14:03 . 2004-08-04 10:00 80384 ----a-w- c:\windows\system32\iccvid.dll
    2010-06-15 16:17 . 2004-08-04 10:00 143422 ----a-w- c:\windows\system32\l3codecx.ax
    2010-06-14 14:31 . 2008-01-20 16:35 744448 ----a-w- c:\windows\pchealth\helpctr\binaries\helpsvc.exe
    2010-06-14 07:41 . 2004-08-04 10:00 1172480 ----a-w- c:\windows\system32\msxml3.dll
    2010-04-16 15:36 . 2004-08-04 10:00 406016 ----a-w- c:\windows\system32\usp10.dll
    2010-03-31 01:58 . 2006-07-24 08:00 44944 ------w- c:\windows\system32\drivers\pxhelp20.sys
    2010-03-30 16:24 . 2006-10-19 02:47 317440 ------w- c:\windows\system32\mp4sdecd.dll
    2010-03-30 04:52 . 2004-08-04 10:00 262416 ----a-w- c:\windows\system32\mpg4ds32.ax
    2010-03-10 06:15 . 2004-08-04 10:00 420352 ----a-w- c:\windows\system32\vbscript.dll
    2010-03-05 14:37 . 2004-08-04 10:00 65536 ----a-w- c:\windows\system32\asycfilt.dll
    2010-02-24 13:11 . 2004-08-04 10:00 455680 ----a-w- c:\windows\system32\drivers\mrxsmb.sys
    2010-02-12 04:33 . 2004-08-04 10:00 100864 ----a-w- c:\windows\system32\6to4svc.dll
    2010-02-11 12:02 . 2004-08-04 10:00 226880 ----a-w- c:\windows\system32\drivers\tcpip6.sys
    2010-02-05 18:27 . 2004-08-04 10:00 1291776 ----a-w- c:\windows\system32\quartz.dll
    2010-01-13 14:01 . 2004-08-04 10:00 86016 ----a-w- c:\windows\system32\cabview.dll
    2009-12-24 06:59 . 2004-08-04 10:00 177664 ----a-w- c:\windows\system32\wintrust.dll
    2009-11-27 17:11 . 2004-08-04 00:56 17920 ----a-w- c:\windows\system32\msyuv.dll
    2009-11-27 16:07 . 2004-08-04 10:00 28672 ----a-w- c:\windows\system32\msvidc32.dll
    2009-11-27 16:07 . 2001-08-17 22:36 8704 ----a-w- c:\windows\system32\tsbyuv.dll
    2009-11-27 16:07 . 2004-08-04 10:00 84992 ----a-w- c:\windows\system32\avifil32.dll
    2009-11-27 16:07 . 2004-08-04 10:00 11264 ----a-w- c:\windows\system32\msrle32.dll
    2009-11-27 16:07 . 2004-08-04 00:56 48128 ----a-w- c:\windows\system32\iyuv_32.dll
    2009-11-21 15:51 . 2004-08-04 10:00 471552 ----a-w- c:\windows\apppatch\aclayers.dll
    2009-10-21 05:38 . 2004-08-04 10:00 75776 ----a-w- c:\windows\system32\strmfilt.dll
    2009-10-21 05:38 . 2004-08-04 10:00 25088 ----a-w- c:\windows\system32\httpapi.dll
    2009-10-20 16:20 . 2004-08-04 10:00 265728 ----a-w- c:\windows\system32\drivers\http.sys
    2009-10-15 16:28 . 2004-08-04 10:00 81920 ----a-w- c:\windows\system32\fontsub.dll
    2009-10-13 10:30 . 2004-08-04 10:00 270336 ----a-w- c:\windows\system32\oakley.dll
    2009-10-12 13:38 . 2004-08-04 10:00 149504 ----a-w- c:\windows\system32\rastls.dll
    2009-10-12 13:38 . 2004-08-04 10:00 79872 ----a-w- c:\windows\system32\raschap.dll
    2009-09-11 14:18 . 2004-08-04 10:00 136192 ----a-w- c:\windows\system32\msv1_0.dll
    2009-09-04 21:03 . 2004-08-04 10:00 58880 ----a-w- c:\windows\system32\msasn1.dll
    2009-09-01 14:46 . 2004-08-04 10:00 282654 ----a-w- c:\windows\system32\msaud32.acm
    2009-08-26 08:00 . 2004-08-04 10:00 247326 ----a-w- c:\windows\system32\strmdll.dll
    2009-08-25 09:17 . 2004-08-04 10:00 354816 ----a-w- c:\windows\system32\winhttp.dll
    2009-08-06 23:24 . 2004-08-04 10:00 96480 ----a-w- c:\windows\system32\cdm.dll
    2009-08-05 09:01 . 2004-08-04 10:00 204800 ----a-w- c:\windows\system32\mswebdvd.dll
    2009-07-17 19:01 . 2004-08-04 10:00 58880 ----a-w- c:\windows\system32\atl.dll
    2009-07-17 16:22 . 2004-08-04 10:00 1435648 ----a-w- c:\windows\system32\query.dll
    2009-07-14 03:43 . 2004-08-04 10:00 286208 ----a-w- c:\windows\system32\wmpdxm.dll
    2009-06-25 08:25 . 2004-08-04 10:00 56832 ----a-w- c:\windows\system32\secur32.dll
    2009-06-25 08:25 . 2004-08-04 10:00 54272 ----a-w- c:\windows\system32\wdigest.dll
    2009-06-24 11:18 . 2004-08-04 10:00 92928 ----a-w- c:\windows\system32\drivers\ksecdd.sys
    2009-06-12 12:31 . 2004-08-04 10:00 76288 ----a-w- c:\windows\system32\telnet.exe
    2009-06-10 06:14 . 2004-08-04 10:00 132096 ----a-w- c:\windows\system32\wkssvc.dll
    2009-05-07 15:32 . 2004-08-04 10:00 345600 ----a-w- c:\windows\system32\localspl.dll
    2009-04-02 03:02 . 2004-08-04 10:00 604160 ----a-w- c:\windows\system32\wmspdmod.dll
    2009-03-08 08:33 . 2004-08-04 10:00 18944 ----a-w- c:\windows\system32\corpol.dll
    2009-03-08 08:32 . 2004-08-04 10:00 72704 ----a-w- c:\windows\system32\admparse.dll
    2009-03-08 08:32 . 2004-08-04 10:00 71680 ----a-w- c:\windows\system32\iesetup.dll
    2009-03-08 08:31 . 2004-08-04 10:00 34816 ----a-w- c:\windows\system32\imgutil.dll
    2009-03-08 08:31 . 2004-08-04 10:00 48128 ----a-w- c:\windows\system32\mshtmler.dll
    2009-03-08 08:31 . 2004-08-04 10:00 45568 ----a-w- c:\windows\system32\mshta.exe
    2009-03-08 08:31 . 2004-08-04 10:00 1638912 ----a-w- c:\windows\system32\mshtml.tlb
    2009-03-08 08:30 . 2004-08-04 10:00 66560 ----a-w- c:\windows\system32\tdc.ocx
    2009-03-08 08:22 . 2004-08-04 10:00 156160 ----a-w- c:\windows\system32\msls31.dll
    2009-03-06 14:22 . 2004-08-04 10:00 284160 ----a-w- c:\windows\system32\pdh.dll
    2009-02-09 12:10 . 2004-08-04 10:00 617472 ----a-w- c:\windows\system32\advapi32.dll
    2009-02-09 12:10 . 2004-08-04 10:00 401408 ----a-w- c:\windows\system32\rpcss.dll
    2009-02-06 11:11 . 2004-08-04 10:00 110592 ----a-w- c:\windows\system32\services.exe
    2009-02-06 10:39 . 2004-08-04 10:00 35328 ----a-w- c:\windows\system32\sc.exe
    2008-10-23 12:36 . 2004-08-04 10:00 286720 ----a-w- c:\windows\system32\gdi32.dll
    2008-08-14 10:04 . 2004-08-04 10:00 138496 ----a-w- c:\windows\system32\drivers\afd.sys
    2008-07-07 20:26 . 2004-08-04 10:00 253952 ----a-w- c:\windows\system32\es.dll
    2008-06-24 22:12 . 2006-10-19 02:47 295936 ------w- c:\windows\system32\wmpeffects.dll
    2008-06-24 16:43 . 2004-08-04 10:00 74240 ----a-w- c:\windows\system32\mscms.dll
    2008-06-20 17:46 . 2004-08-04 10:00 245248 ----a-w- c:\windows\system32\mswsock.dll
    2008-06-20 11:51 . 2004-08-04 10:00 361600 ----a-w- c:\windows\system32\drivers\tcpip.sys
    2008-06-18 10:03 . 2004-08-04 10:00 938496 ----a-w- c:\windows\system32\WMNetmgr.dll
    2008-06-18 06:09 . 2004-08-04 10:00 100864 ----a-w- c:\windows\system32\logagent.exe
    .

    ((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
    .
    .
    *Note* empty entries & legit default entries are not shown
    REGEDIT4

    [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
    "Logitech Vid"="c:\program files\Logitech\Vid HD\Vid.exe" [2010-10-29 5915480]
    "Skype"="c:\program files\Skype\Phone\Skype.exe" [2011-01-26 15026056]
    "ctfmon.exe"="c:\windows\system32\ctfmon.exe" [2008-04-14 15360]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
    "IgfxTray"="c:\windows\system32\igfxtray.exe" [2007-04-17 142104]
    "HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2007-04-17 162584]
    "Persistence"="c:\windows\system32\igfxpers.exe" [2007-04-17 138008]
    "RTHDCPL"="RTHDCPL.EXE" [2007-04-26 16132608]
    "RoxWatchTray"="c:\program files\Common Files\Roxio Shared\9.0\SharedCOM\RoxWatchTray9.exe" [2006-11-05 221184]
    "SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2010-05-14 248552]
    "GrooveMonitor"="c:\program files\Microsoft Office\Office12\GrooveMonitor.exe" [2008-10-25 31072]
    "Acrobat Assistant 7.0"="c:\program files\Adobe\Acrobat 7.0\Distillr\Acrotray.exe" [2004-12-14 483328]
    "TkBellExe"="c:\program files\Common Files\Real\Update_OB\realsched.exe" [2010-04-08 202256]
    "LogitechQuickCamRibbon"="c:\program files\Logitech\Logitech WebCam Software\LWS.exe" [2009-10-14 2793304]
    "CanonMyPrinter"="c:\program files\Canon\MyPrinter\BJMyPrt.exe" [2008-03-18 1848648]
    "CanonSolutionMenu"="c:\program files\Canon\SolutionMenu\CNSLMAIN.exe" [2008-12-12 722256]
    "QuickTime Task"="c:\program files\QuickTime\QTTask.exe" [2010-09-08 421888]
    "iTunesHelper"="c:\program files\iTunes\iTunesHelper.exe" [2010-11-18 421160]
    "IJNetworkScanUtility"="c:\program files\Canon\Canon IJ Network Scan Utility\CNMNSUT.EXE" [2007-05-21 124512]
    "Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 10.0\Reader\Reader_sl.exe" [2011-01-30 35736]
    "Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2010-11-10 932288]
    "avast5"="c:\program files\Alwil Software\Avast5\avastUI.exe" [2011-01-13 3396624]

    [HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\RunOnce]
    "RunNarrator"="Narrator.exe" [2008-04-14 53760]

    c:\documents and settings\Shaina\Start Menu\Programs\Startup\
    OneNote 2007 Screen Clipper and Launcher.lnk - c:\program files\Microsoft Office\Office12\ONENOTEM.EXE [2009-2-26 97680]
    OneNote Table Of Contents.onetoc2 [2010-10-18 3656]

    c:\documents and settings\All Users\Start Menu\Programs\Startup\
    Adobe Acrobat Speed Launcher.lnk - c:\windows\Installer\{AC76BA86-1033-0000-7760-100000000002}\SC_Acrobat.exe [2009-3-25 25214]
    Secunia PSI Tray.lnk - c:\program files\Secunia\PSI\psi_tray.exe [2011-1-10 291896]

    [HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager]
    BootExecute REG_MULTI_SZ autocheck autochk *\0c:\progra~1\AVG\AVG10\avgchsvx.exe /sync\0c:\progra~1\AVG\AVG10\avgrsx.exe /sync /restart

    [HKEY_LOCAL_MACHINE\software\microsoft\security center]
    "AntiVirusOverride"=dword:00000001

    [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
    "%windir%\\system32\\sessmgr.exe"=
    "c:\\Program Files\\ABC\\abc.exe"=
    "c:\\Program Files\\Microsoft Office\\Office12\\OUTLOOK.EXE"=
    "c:\\Program Files\\Microsoft Office\\Office12\\GROOVE.EXE"=
    "c:\\Program Files\\Microsoft Office\\Office12\\ONENOTE.EXE"=
    "%windir%\\Network Diagnostic\\xpnetdiag.exe"=
    "c:\\Program Files\\VideoLAN\\VLC\\vlc.exe"=
    "c:\\Program Files\\FrostWire\\FrostWire.exe"=
    "c:\\Program Files\\iTunes\\iTunes.exe"=
    "c:\\Program Files\\Mozilla Firefox\\firefox.exe"=
    "c:\\Program Files\\Logitech\\Vid HD\\Vid.exe"=
    "c:\\Program Files\\Skype\\Phone\\Skype.exe"=
    "c:\\Program Files\\Skype\\Plugin Manager\\skypePM.exe"=

    [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
    "28403:TCP"= 28403:TCP:LimeWire1
    "17563:TCP"= 17563:TCP:abc1
    "6346:TCP"= 6346:TCP:Limewire2
    "11095:TCP"= 11095:TCP:limewire 4.16.7

    R1 aswSP;aswSP;c:\windows\system32\drivers\aswSP.sys [1/29/2011 11:27 PM 294608]
    R2 aswFsBlk;aswFsBlk;c:\windows\system32\drivers\aswFsBlk.sys [1/29/2011 11:27 PM 17744]
    R2 Secunia PSI Agent;Secunia PSI Agent;c:\program files\Secunia\PSI\psia.exe [1/10/2011 9:24 AM 993848]
    S2 gupdate1ca1bc6c8bc7930;Google Update Service (gupdate1ca1bc6c8bc7930);c:\program files\Google\Update\GoogleUpdate.exe [8/12/2009 10:33 PM 133104]
    S3 Lavasoft Kernexplorer;Lavasoft helper driver;\??\c:\program files\Lavasoft\Ad-Aware\KernExplorer.sys --> c:\program files\Lavasoft\Ad-Aware\KernExplorer.sys [?]
    S3 PSI;PSI;c:\windows\system32\drivers\psi_mf.sys [9/1/2010 3:30 AM 15544]
    .
    Contents of the 'Scheduled Tasks' folder

    2011-02-07 c:\windows\Tasks\AppleSoftwareUpdate.job
    - c:\program files\Apple Software Update\SoftwareUpdate.exe [2008-07-30 16:34]

    2007-01-02 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
    - c:\program files\Google\Update\GoogleUpdate.exe [2009-08-13 03:32]

    2011-02-10 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
    - c:\program files\Google\Update\GoogleUpdate.exe [2009-08-13 03:32]

    2007-01-02 c:\windows\Tasks\RealUpgradeLogonTaskS-1-5-21-1757981266-220523388-839522115-1004.job
    - c:\program files\Real\RealUpgrade\realupgrade.exe [2010-02-25 02:09]

    2011-02-03 c:\windows\Tasks\RealUpgradeScheduledTaskS-1-5-21-1757981266-220523388-839522115-1004.job
    - c:\program files\Real\RealUpgrade\realupgrade.exe [2010-02-25 02:09]
    .
    .
    ------- Supplementary Scan -------
    .
    uStart Page = hxxp://www.google.com/
    IE: Convert link target to Adobe PDF - c:\program files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
    IE: Convert link target to existing PDF - c:\program files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
    IE: Convert selected links to Adobe PDF - c:\program files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECaptureSelLinks.html
    IE: Convert selected links to existing PDF - c:\program files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppendSelLinks.html
    IE: Convert selection to Adobe PDF - c:\program files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
    IE: Convert selection to existing PDF - c:\program files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
    IE: Convert to Adobe PDF - c:\program files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
    IE: Convert to existing PDF - c:\program files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
    IE: E&xport to Microsoft Excel - c:\progra~1\MICROS~2\Office12\EXCEL.EXE/3000
    FF - ProfilePath - c:\documents and settings\Shaina\Application Data\Mozilla\Firefox\Profiles\0fq2dssd.default\
    FF - prefs.js: browser.search.defaulturl - hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT2260173&SearchSource=3&q={searchTerms}
    FF - prefs.js: network.proxy.type - 0
    FF - Ext: Download Statusbar: {D4DD63FA-01E4-46a7-B6B1-EDAB7D6AD389} - %profile%\extensions\{D4DD63FA-01E4-46a7-B6B1-EDAB7D6AD389}
    FF - Ext: Forecastfox Weather: {0538E3E3-7E9B-4d49-8831-A227C80A7AD3} - %profile%\extensions\{0538E3E3-7E9B-4d49-8831-A227C80A7AD3}
    FF - Ext: PDF Download: {37E4D8EA-8BDA-4831-8EA1-89053939A250} - %profile%\extensions\{37E4D8EA-8BDA-4831-8EA1-89053939A250}
    FF - Ext: Adblock Plus: {d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d} - %profile%\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}
    FF - Ext: Tab Mix Plus: {dc572301-7619-498c-a57d-39143191b318} - %profile%\extensions\{dc572301-7619-498c-a57d-39143191b318}
    FF - Ext: FireShot: {0b457cAA-602d-484a-8fe7-c1d894a011ba} - %profile%\extensions\{0b457cAA-602d-484a-8fe7-c1d894a011ba}
    FF - Ext: WOT: {a0d7ccb3-214d-498b-b4aa-0e8fda9a7bf7} - %profile%\extensions\{a0d7ccb3-214d-498b-b4aa-0e8fda9a7bf7}
    FF - Ext: Default: {972ce4c6-7e08-4474-a285-3208198ce6fd} - c:\program files\Mozilla Firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
    FF - Ext: Java Console: {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA} - c:\program files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}
    FF - Ext: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension
    FF - user.js: yahoo.homepage.dontask - true);user_pref(network.protocol-handler.warn-external.dnupdate, false
    .

    **************************************************************************

    catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
    Rootkit scan 2007-01-02 14:31
    Windows 5.1.2600 Service Pack 3 NTFS

    scanning hidden processes ...

    scanning hidden autostart entries ...

    scanning hidden files ...

    scan completed successfully
    hidden files: 0

    **************************************************************************
    .
    --------------------- DLLs Loaded Under Running Processes ---------------------

    - - - - - - - > 'explorer.exe'(3488)
    c:\windows\system32\WININET.dll
    c:\windows\TEMP\logishrd\LVPrcInj01.dll
    c:\windows\WinSxS\x86_Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.4053_x-ww_e6967989\MSVCR80.dll
    c:\progra~1\WINDOW~2\wmpband.dll
    c:\windows\system32\ieframe.dll
    c:\windows\system32\webcheck.dll
    c:\windows\system32\WPDShServiceObj.dll
    c:\windows\system32\PortableDeviceTypes.dll
    c:\windows\system32\PortableDeviceApi.dll
    .
    ------------------------ Other Running Processes ------------------------
    .
    c:\program files\Alwil Software\Avast5\AvastSvc.exe
    c:\windows\RTHDCPL.EXE
    c:\windows\system32\igfxsrvc.exe
    c:\program files\Common Files\Logishrd\LQCVFX\COCIManager.exe
    c:\program files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
    c:\program files\Java\jre6\bin\jqs.exe
    c:\program files\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exe
    c:\program files\Skype\Plugin Manager\skypePM.exe
    c:\program files\iPod\bin\iPodService.exe
    .
    **************************************************************************
    .
    Completion time: 2007-01-02 14:37:37 - machine was rebooted
    ComboFix-quarantined-files.txt 2007-01-02 19:37

    Pre-Run: 13,350,244,352 bytes free
    Post-Run: 13,338,796,032 bytes free

    - - End Of File - - D92F6B3D77EC5ADB2E989EDA2AB2C432
     
  8. Broni

    Broni Malware Annihilator Posts: 52,911   +344

    Download OTL to your Desktop.

    • Double click on the icon to run it. Make sure all other windows are closed and to let it run uninterrupted.
    • Click the Scan All Users checkbox.
    • Under the Custom Scan box paste this in:


    netsvcs
    drivers32
    %SYSTEMDRIVE%\*.*
    %systemroot%\Fonts\*.com
    %systemroot%\Fonts\*.dll
    %systemroot%\Fonts\*.ini
    %systemroot%\Fonts\*.ini2
    %systemroot%\Fonts\*.exe
    %systemroot%\system32\spool\prtprocs\w32x86\*.*
    %systemroot%\REPAIR\*.bak1
    %systemroot%\REPAIR\*.ini
    %systemroot%\system32\*.jpg
    %systemroot%\*.jpg
    %systemroot%\*.png
    %systemroot%\*.scr
    %systemroot%\*._sy
    %APPDATA%\Adobe\Update\*.*
    %ALLUSERSPROFILE%\Favorites\*.*
    %APPDATA%\Microsoft\*.*
    %PROGRAMFILES%\*.*
    %APPDATA%\Update\*.*
    %systemroot%\*. /mp /s
    CREATERESTOREPOINT
    %systemroot%\System32\config\*.sav
    %PROGRAMFILES%\bak. /s
    %systemroot%\system32\bak. /s
    %ALLUSERSPROFILE%\Start Menu\*.lnk /x
    %systemroot%\system32\config\systemprofile\*.dat /x
    %systemroot%\*.config
    %systemroot%\system32\*.db
    %APPDATA%\Microsoft\Internet Explorer\Quick Launch\*.lnk /x
    %USERPROFILE%\Desktop\*.exe
    %PROGRAMFILES%\Common Files\*.*
    %systemroot%\*.src
    %systemroot%\install\*.*
    %systemroot%\system32\DLL\*.*
    %systemroot%\system32\HelpFiles\*.*
    %systemroot%\system32\rundll\*.*
    %systemroot%\winn32\*.*
    %systemroot%\Java\*.*
    %systemroot%\system32\test\*.*
    %systemroot%\system32\Rundll32\*.*
    %systemroot%\AppPatch\Custom\*.*
    %APPDATA%\Roaming\Microsoft\Windows\Recent\*.lnk /x
    %PROGRAMFILES%\PC-Doctor\Downloads\*.*
    %PROGRAMFILES%\Internet Explorer\*.tmp
    %PROGRAMFILES%\Internet Explorer\*.dat
    %USERPROFILE%\My Documents\*.exe
    %USERPROFILE%\*.exe
    %systemroot%\ADDINS\*.*
    %systemroot%\assembly\*.bak2
    %systemroot%\Config\*.*
    %systemroot%\REPAIR\*.bak2
    %systemroot%\SECURITY\Database\*.sdb /x
    %systemroot%\SYSTEM\*.bak2
    %systemroot%\Web\*.bak2
    %systemroot%\Driver Cache\*.*
    %PROGRAMFILES%\Mozilla Firefox\0*.exe
    %ProgramFiles%\Microsoft Common\*.*
    %ProgramFiles%\TinyProxy.
    %USERPROFILE%\Favorites\*.url /x
    %systemroot%\system32\*.bk
    %systemroot%\*.te
    %systemroot%\system32\system32\*.*
    %ALLUSERSPROFILE%\*.dat /x
    %systemroot%\system32\drivers\*.rmv
    dir /b "%systemroot%\system32\*.exe" | find /i " " /c
    dir /b "%systemroot%\*.exe" | find /i " " /c
    %PROGRAMFILES%\Microsoft\*.*
    %systemroot%\System32\Wbem\proquota.exe
    %PROGRAMFILES%\Mozilla Firefox\*.dat
    %USERPROFILE%\Cookies\*.txt /x
    %SystemRoot%\system32\fonts\*.*
    %systemroot%\system32\winlog\*.*
    %systemroot%\system32\Language\*.*
    %systemroot%\system32\Settings\*.*
    %systemroot%\system32\*.quo
    %SYSTEMROOT%\AppPatch\*.exe
    %SYSTEMROOT%\inf\*.exe
    %SYSTEMROOT%\Installer\*.exe
    %systemroot%\system32\config\*.bak2
    %systemroot%\system32\Computers\*.*
    %SystemRoot%\system32\Sound\*.*
    %SystemRoot%\system32\SpecialImg\*.*
    %SystemRoot%\system32\code\*.*
    %SystemRoot%\system32\draft\*.*
    %SystemRoot%\system32\MSSSys\*.*
    %ProgramFiles%\Javascript\*.*
    %systemroot%\pchealth\helpctr\System\*.exe /s
    %systemroot%\Web\*.exe
    %systemroot%\system32\msn\*.*
    %systemroot%\system32\*.tro
    %AppData%\Microsoft\Installer\msupdates\*.*
    %ProgramFiles%\Messenger\*.*
    %systemroot%\system32\systhem32\*.*
    %systemroot%\system\*.exe
    HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate\AU
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update\Results\Install|LastSuccessTime /rs
    /md5start
    /md5stop


    • Click the Quick Scan button. Do not change any settings unless otherwise told to do so. The scan wont take long.
    • When the scan completes, it will open two notepad windows: OTL.txt and Extras.txt. These are saved in the same location as OTL.
    • Please copy (Edit->Select All, Edit->Copy) the contents of these files, one at a time, and post them back here.
     
  9. merenwen

    merenwen TS Rookie Topic Starter Posts: 35

    Here you go!


    OTL logfile created on: 1/2/2007 6:34:40 PM - Run 1
    OTL by OldTimer - Version 3.2.20.6 Folder = C:\Documents and Settings\Shaina\Desktop
    Windows XP Home Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
    Internet Explorer (Version = 8.0.6001.18702)
    Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

    2.00 Gb Total Physical Memory | 1.00 Gb Available Physical Memory | 52.00% Memory free
    5.00 Gb Paging File | 4.00 Gb Available in Paging File | 73.00% Paging File free
    Paging file location(s): C:\pagefile.sys 3072 5120 [binary data]

    %SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
    Drive C: | 149.00 Gb Total Space | 12.44 Gb Free Space | 8.35% Space Free | Partition Type: NTFS
    Drive D: | 1.55 Gb Total Space | 0.00 Gb Free Space | 0.00% Space Free | Partition Type: UDF

    Computer Name: ARONHOMEPC | User Name: Shaina | Logged in as Administrator.
    Boot Mode: Normal | Scan Mode: All users | Quick Scan
    Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

    ========== Processes (SafeList) ==========

    PRC - [2011/01/13 03:47:34 | 003,396,624 | ---- | M] (AVAST Software) -- C:\Program Files\Alwil Software\Avast5\AvastUI.exe
    PRC - [2011/01/13 03:47:33 | 000,040,384 | ---- | M] (AVAST Software) -- C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
    PRC - [2011/01/10 09:24:20 | 000,993,848 | ---- | M] (Secunia) -- C:\Program Files\Secunia\PSI\psia.exe
    PRC - [2011/01/10 09:24:20 | 000,291,896 | ---- | M] (Secunia) -- C:\Program Files\Secunia\PSI\psi_tray.exe
    PRC - [2011/01/02 19:19:48 | 000,016,856 | ---- | M] (Mozilla Corporation) -- C:\Program Files\Mozilla Firefox\plugin-container.exe
    PRC - [2011/01/02 19:19:43 | 000,912,344 | ---- | M] (Mozilla Corporation) -- C:\Program Files\Mozilla Firefox\firefox.exe
    PRC - [2010/10/29 15:06:08 | 005,915,480 | ---- | M] (Logitech Inc.) -- C:\Program Files\Logitech\Vid HD\Vid.exe
    PRC - [2010/10/16 00:40:40 | 000,037,664 | ---- | M] (Apple Inc.) -- C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
    PRC - [2010/04/08 18:03:36 | 000,202,256 | ---- | M] (RealNetworks, Inc.) -- C:\Program Files\Common Files\Real\Update_OB\realsched.exe
    PRC - [2009/10/14 12:36:56 | 002,793,304 | ---- | M] () -- C:\Program Files\Logitech\Logitech WebCam Software\LWS.exe
    PRC - [2009/10/14 12:34:18 | 000,560,472 | ---- | M] () -- C:\Program Files\Common Files\LogiShrd\LQCVFX\COCIManager.exe
    PRC - [2009/10/07 00:47:34 | 000,154,136 | ---- | M] (Logitech Inc.) -- C:\Program Files\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exe
    PRC - [2008/04/13 19:12:19 | 001,033,728 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
    PRC - [2008/03/17 20:06:00 | 001,848,648 | ---- | M] (CANON INC.) -- C:\Program Files\Canon\MyPrinter\BJMYPRT.EXE
    PRC - [2007/05/21 03:37:36 | 000,124,512 | ---- | M] (CANON INC.) -- C:\Program Files\Canon\Canon IJ Network Scan Utility\CNMNSUT.EXE
    PRC - [2007/01/02 18:34:03 | 000,602,624 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Shaina\Desktop\OTL.exe
    PRC - [2004/12/14 01:12:02 | 000,483,328 | ---- | M] (Adobe Systems Inc.) -- C:\Program Files\Adobe\Acrobat 7.0\Distillr\acrotray.exe


    ========== Modules (SafeList) ==========

    MOD - [2011/01/13 03:47:35 | 000,189,728 | ---- | M] (AVAST Software) -- C:\Program Files\Alwil Software\Avast5\snxhk.dll
    MOD - [2010/08/23 11:12:02 | 001,054,208 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.6028_x-ww_61e65202\comctl32.dll
    MOD - [2007/01/02 18:34:03 | 000,602,624 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Shaina\Desktop\OTL.exe


    ========== Win32 Services (SafeList) ==========

    SRV - File not found [On_Demand | Stopped] -- -- (AppMgmt)
    SRV - [2011/01/13 03:47:33 | 000,040,384 | ---- | M] (AVAST Software) [Auto | Running] -- C:\Program Files\Alwil Software\Avast5\AvastSvc.exe -- (avast! Antivirus)
    SRV - [2011/01/10 09:24:20 | 000,993,848 | ---- | M] (Secunia) [Auto | Running] -- C:\Program Files\Secunia\PSI\PSIA.exe -- (Secunia PSI Agent)
    SRV - [2010/10/16 00:40:40 | 000,037,664 | ---- | M] (Apple Inc.) [Auto | Running] -- C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe -- (Apple Mobile Device)
    SRV - [2009/10/07 00:47:34 | 000,154,136 | ---- | M] (Logitech Inc.) [Auto | Running] -- C:\Program Files\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exe -- (LVPrcSrv)
    SRV - [2004/10/22 03:24:18 | 000,073,728 | ---- | M] (Macrovision Corporation) [On_Demand | Stopped] -- C:\Program Files\Roxio\Roxio MyDVD DE\InstallShield\Driver\1050\Intel 32\IDriverT.exe -- (IDriverT)


    ========== Driver Services (SafeList) ==========

    DRV - File not found [Kernel | On_Demand | Running] -- -- (catchme)
    DRV - [2011/01/13 03:41:16 | 000,294,608 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\aswSP.sys -- (aswSP)
    DRV - [2011/01/13 03:40:16 | 000,047,440 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\aswTdi.sys -- (aswTdi)
    DRV - [2011/01/13 03:40:04 | 000,100,176 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\WINDOWS\System32\drivers\aswmon2.sys -- (aswMon2)
    DRV - [2011/01/13 03:37:30 | 000,023,632 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\aswRdr.sys -- (aswRdr)
    DRV - [2011/01/13 03:37:11 | 000,029,392 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\aavmker4.sys -- (Aavmker4)
    DRV - [2011/01/13 03:37:09 | 000,017,744 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\WINDOWS\System32\drivers\aswFsBlk.sys -- (aswFsBlk)
    DRV - [2010/09/01 03:30:58 | 000,015,544 | ---- | M] (Secunia) [File_System | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\psi_mf.sys -- (PSI)
    DRV - [2009/10/07 03:49:50 | 000,023,832 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\lvuvcflt.sys -- (FilterService)
    DRV - [2009/10/07 03:49:38 | 006,756,632 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\lvuvc.sys -- (LVUVC) Logitech Webcam 500(UVC)
    DRV - [2009/10/07 03:47:54 | 000,266,008 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\lvrs.sys -- (LVRS)
    DRV - [2009/10/07 00:46:36 | 000,025,752 | ---- | M] () [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\LVPr2Mon.sys -- (LVPr2Mon)
    DRV - [2008/04/13 13:45:12 | 000,060,032 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\USBAUDIO.sys -- (usbaudio) USB Audio Driver (WDM)
    DRV - [2008/04/13 11:36:05 | 000,144,384 | ---- | M] (Windows (R) Server 2003 DDK provider) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\hdaudbus.sys -- (HDAudBus)
    DRV - [2007/06/18 20:18:26 | 000,023,680 | ---- | M] (Motorola) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\motmodem.sys -- (motmodem)
    DRV - [2007/05/02 16:21:22 | 004,403,712 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\RtkHDAud.sys -- (IntcAzAudAddService) Service for Realtek HD Audio (WDM)
    DRV - [2007/04/16 21:16:26 | 005,760,096 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\igxpmp32.sys -- (ialm)
    DRV - [2007/04/13 20:33:34 | 000,254,872 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\e1e5132.sys -- (e1express) Intel(R)


    ========== Standard Registry (SafeList) ==========


    ========== Internet Explorer ==========



    IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 1
    IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = <local>
    IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyServer" = http=127.0.0.1:5643

    IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 1
    IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = <local>
    IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyServer" = http=127.0.0.1:5643



    IE - HKU\S-1-5-21-1757981266-220523388-839522115-1004\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com/
    IE - HKU\S-1-5-21-1757981266-220523388-839522115-1004\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

    ========== FireFox ==========

    FF - prefs.js..browser.search.defaultthis.engineName: "Swag Bucks Customized Web Search"
    FF - prefs.js..browser.search.defaulturl: "http://search.conduit.com/ResultsExt.aspx?ctid=CT2260173&SearchSource=3&q={searchTerms}"
    FF - prefs.js..browser.search.useDBForOrder: true
    FF - prefs.js..extensions.enabledItems: {d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}:1.3.3
    FF - prefs.js..extensions.enabledItems: {D4DD63FA-01E4-46a7-B6B1-EDAB7D6AD389}:0.9.7.2
    FF - prefs.js..extensions.enabledItems: {0b457cAA-602d-484a-8fe7-c1d894a011ba}:0.88
    FF - prefs.js..extensions.enabledItems: {0538E3E3-7E9B-4d49-8831-A227C80A7AD3}:2.0.2
    FF - prefs.js..extensions.enabledItems: {37E4D8EA-8BDA-4831-8EA1-89053939A250}:3.0.0.2
    FF - prefs.js..extensions.enabledItems: {dc572301-7619-498c-a57d-39143191b318}:0.3.8.4
    FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}:6.0.23
    FF - prefs.js..extensions.enabledItems: {a0d7ccb3-214d-498b-b4aa-0e8fda9a7bf7}:20100908
    FF - prefs.js..network.proxy.type: 0


    FF - HKLM\software\mozilla\Firefox\Extensions\\{3f963a5b-e555-4543-90e2-c3908898db71}: C:\Program Files\AVG\AVG10\Firefox\
    FF - HKLM\software\mozilla\Mozilla Firefox 3.6.13\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2011/01/05 21:27:54 | 000,000,000 | ---D | M]
    FF - HKLM\software\mozilla\Mozilla Firefox 3.6.13\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2007/01/01 21:04:26 | 000,000,000 | ---D | M]

    [2010/10/09 20:18:48 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Shaina\Application Data\Mozilla\Extensions
    [2010/10/09 20:18:48 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Shaina\Application Data\Mozilla\Extensions\mozswing@mozswing.org
    [2011/02/09 11:32:20 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Shaina\Application Data\Mozilla\Firefox\Profiles\0fq2dssd.default\extensions
    [2010/09/28 06:24:37 | 000,000,000 | ---D | M] (Forecastfox Weather) -- C:\Documents and Settings\Shaina\Application Data\Mozilla\Firefox\Profiles\0fq2dssd.default\extensions\{0538E3E3-7E9B-4d49-8831-A227C80A7AD3}
    [2011/01/05 21:28:35 | 000,000,000 | ---D | M] (FireShot) -- C:\Documents and Settings\Shaina\Application Data\Mozilla\Firefox\Profiles\0fq2dssd.default\extensions\{0b457cAA-602d-484a-8fe7-c1d894a011ba}
    [2011/02/03 22:12:23 | 000,000,000 | ---D | M] (PDF Download) -- C:\Documents and Settings\Shaina\Application Data\Mozilla\Firefox\Profiles\0fq2dssd.default\extensions\{37E4D8EA-8BDA-4831-8EA1-89053939A250}
    [2011/01/28 13:35:35 | 000,000,000 | ---D | M] (WOT) -- C:\Documents and Settings\Shaina\Application Data\Mozilla\Firefox\Profiles\0fq2dssd.default\extensions\{a0d7ccb3-214d-498b-b4aa-0e8fda9a7bf7}
    [2008/01/20 12:51:23 | 000,000,000 | ---D | M] (Fasterfox) -- C:\Documents and Settings\Shaina\Application Data\Mozilla\Firefox\Profiles\0fq2dssd.default\extensions\{c36177c0-224a-11da-8cd6-0800200c9a66}
    [2011/01/04 15:14:19 | 000,000,000 | ---D | M] (Adblock Plus) -- C:\Documents and Settings\Shaina\Application Data\Mozilla\Firefox\Profiles\0fq2dssd.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}
    [2010/10/09 18:47:22 | 000,000,000 | ---D | M] (Download Statusbar) -- C:\Documents and Settings\Shaina\Application Data\Mozilla\Firefox\Profiles\0fq2dssd.default\extensions\{D4DD63FA-01E4-46a7-B6B1-EDAB7D6AD389}
    [2010/08/04 19:34:37 | 000,000,000 | ---D | M] ("Tab Mix Plus") -- C:\Documents and Settings\Shaina\Application Data\Mozilla\Firefox\Profiles\0fq2dssd.default\extensions\{dc572301-7619-498c-a57d-39143191b318}
    [2010/12/30 17:26:06 | 000,000,923 | ---- | M] () -- C:\Documents and Settings\Shaina\Application Data\Mozilla\Firefox\Profiles\0fq2dssd.default\searchplugins\conduit.xml
    [2011/02/01 22:50:20 | 000,001,635 | ---- | M] () -- C:\Documents and Settings\Shaina\Application Data\Mozilla\Firefox\Profiles\0fq2dssd.default\searchplugins\firefox-add-ons.xml
    [2011/02/09 11:32:20 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions
    [2011/01/27 23:07:11 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}
    [2009/09/02 02:00:25 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\WINDOWS\MICROSOFT.NET\FRAMEWORK\V3.5\WINDOWS PRESENTATION FOUNDATION\DOTNETASSISTANTEXTENSION
    [2009/11/19 17:16:28 | 000,091,552 | ---- | M] (Coupons, Inc.) -- C:\Program Files\Mozilla Firefox\plugins\npCouponPrinter.dll
    [2010/11/12 18:53:06 | 000,472,808 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Mozilla Firefox\plugins\npdeployJava1.dll
    [2009/11/19 17:16:29 | 000,091,552 | ---- | M] (Coupons, Inc.) -- C:\Program Files\Mozilla Firefox\plugins\npMozCouponPrinter.dll
    [2008/02/04 17:49:18 | 000,663,072 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Mozilla Firefox\plugins\npOGAPlugin.dll
    [2008/09/15 11:52:06 | 000,376,832 | ---- | M] ( ) -- C:\Program Files\Mozilla Firefox\plugins\npsnapfish.dll

    O1 HOSTS File: ([2007/01/02 14:29:59 | 000,000,027 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
    O1 - Hosts: 127.0.0.1 localhost
    O2 - BHO: (Adobe PDF Reader Link Helper) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
    O2 - BHO: (AcroIEToolbarHelper Class) - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
    O3 - HKLM\..\Toolbar: (Adobe PDF) - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
    O3 - HKU\S-1-5-21-1757981266-220523388-839522115-1004\..\Toolbar\ShellBrowser: (Adobe PDF) - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
    O3 - HKU\S-1-5-21-1757981266-220523388-839522115-1004\..\Toolbar\WebBrowser: (Adobe PDF) - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
    O4 - HKLM..\Run: [Acrobat Assistant 7.0] C:\Program Files\Adobe\Acrobat 7.0\Distillr\Acrotray.exe (Adobe Systems Inc.)
    O4 - HKLM..\Run: [Adobe Reader Speed Launcher] C:\Program Files\Adobe\Reader 10.0\Reader\Reader_sl.exe (Adobe Systems Incorporated)
    O4 - HKLM..\Run: [avast5] C:\Program Files\Alwil Software\Avast5\avastUI.exe (AVAST Software)
    O4 - HKLM..\Run: [CanonMyPrinter] C:\Program Files\Canon\MyPrinter\BJMyPrt.exe (CANON INC.)
    O4 - HKLM..\Run: [CanonSolutionMenu] C:\Program Files\Canon\SolutionMenu\CNSLMAIN.exe (CANON INC.)
    O4 - HKLM..\Run: [IJNetworkScanUtility] C:\Program Files\Canon\Canon IJ Network Scan Utility\CNMNSUT.EXE (CANON INC.)
    O4 - HKLM..\Run: [LogitechQuickCamRibbon] C:\Program Files\Logitech\Logitech WebCam Software\LWS.exe ()
    O4 - HKLM..\Run: [RoxWatchTray] C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxWatchTray9.exe (Sonic Solutions)
    O4 - HKLM..\Run: [TkBellExe] C:\Program Files\Common Files\Real\Update_OB\realsched.exe (RealNetworks, Inc.)
    O4 - HKU\S-1-5-21-1757981266-220523388-839522115-1004..\Run: [Logitech Vid] C:\Program Files\Logitech\Vid HD\Vid.exe (Logitech Inc.)
    O4 - HKU\.DEFAULT..\RunOnce: [RunNarrator] C:\WINDOWS\System32\narrator.exe (Microsoft Corporation)
    O4 - HKU\S-1-5-18..\RunOnce: [RunNarrator] C:\WINDOWS\System32\narrator.exe (Microsoft Corporation)
    O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Adobe Acrobat Speed Launcher.lnk = C:\WINDOWS\Installer\{AC76BA86-1033-0000-7760-100000000002}\SC_Acrobat.exe ()
    O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Secunia PSI Tray.lnk = C:\Program Files\Secunia\PSI\psi_tray.exe (Secunia)
    O4 - Startup: C:\Documents and Settings\Shaina\Start Menu\Programs\Startup\OneNote Table Of Contents.onetoc2 ()
    O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
    O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
    O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
    O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
    O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
    O7 - HKU\.DEFAULT\Software\Policies\Microsoft\Internet Explorer\Control Panel present
    O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
    O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
    O7 - HKU\S-1-5-18\Software\Policies\Microsoft\Internet Explorer\Control Panel present
    O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
    O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
    O7 - HKU\S-1-5-19\Software\Policies\Microsoft\Internet Explorer\Control Panel present
    O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
    O7 - HKU\S-1-5-20\Software\Policies\Microsoft\Internet Explorer\Control Panel present
    O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
    O7 - HKU\S-1-5-21-1757981266-220523388-839522115-1004\Software\Policies\Microsoft\Internet Explorer\Control Panel present
    O7 - HKU\S-1-5-21-1757981266-220523388-839522115-1004\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
    O7 - HKU\S-1-5-21-1757981266-220523388-839522115-1004\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
    O7 - HKU\S-1-5-21-1757981266-220523388-839522115-1004\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
    O8 - Extra context menu item: Convert link target to Adobe PDF - C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
    O8 - Extra context menu item: Convert link target to existing PDF - C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
    O8 - Extra context menu item: Convert selected links to Adobe PDF - C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
    O8 - Extra context menu item: Convert selected links to existing PDF - C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
    O8 - Extra context menu item: Convert selection to Adobe PDF - C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
    O8 - Extra context menu item: Convert selection to existing PDF - C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
    O8 - Extra context menu item: Convert to Adobe PDF - C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
    O8 - Extra context menu item: Convert to existing PDF - C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
    O16 - DPF: {406B5949-7190-4245-91A9-30A17DE16AD0} http://www2.snapfish.com/SnapfishActivia.cab (Snapfish Activia)
    O16 - DPF: {44C1E3A2-B594-401C-B27A-D1B4476E4797} https://vpn.level2iaas.com/XTSAC.cab (XTSAC Control)
    O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_23-windows-i586.cab (Java Plug-in 1.6.0_23)
    O16 - DPF: {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_23-windows-i586.cab (Java Plug-in 1.6.0_23)
    O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_23-windows-i586.cab (Java Plug-in 1.6.0_23)
    O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1
    O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
    O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
    O20 - Winlogon\Notify\igfxcui: DllName - igfxdev.dll - C:\WINDOWS\System32\igfxdev.dll (Intel Corporation)
    O24 - Desktop WallPaper: C:\Documents and Settings\Shaina\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
    O24 - Desktop BackupWallPaper: C:\Documents and Settings\Shaina\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
    O32 - HKLM CDRom: AutoRun - 1
    O32 - AutoRun File - [2008/01/20 11:37:36 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
    O34 - HKLM BootExecute: (autocheck autochk *) - File not found
    O34 - HKLM BootExecute: (C:\PROGRA~1\AVG\AVG10\avgchsvx.exe /sync) - File not found
    O34 - HKLM BootExecute: (C:\PROGRA~1\AVG\AVG10\avgrsx.exe /sync /restart) - File not found
    O35 - HKLM\..comfile [open] -- "%1" %*
    O35 - HKLM\..exefile [open] -- "%1" %*
    O37 - HKLM\...com [@ = ComFile] -- "%1" %*
    O37 - HKLM\...exe [@ = exefile] -- "%1" %*

    NetSvcs: 6to4 - File not found
    NetSvcs: AppMgmt - File not found
    NetSvcs: Ias - File not found
    NetSvcs: Iprip - File not found
    NetSvcs: Irmon - File not found
    NetSvcs: NWCWorkstation - File not found
    NetSvcs: Nwsapagent - File not found
    NetSvcs: WmdmPmSp - File not found

    Drivers32: msacm.iac2 - C:\WINDOWS\system32\iac25_32.ax (Intel Corporation)
    Drivers32: msacm.l3acm - C:\WINDOWS\system32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
    Drivers32: msacm.sl_anet - C:\WINDOWS\System32\sl_anet.acm (Sipro Lab Telecom Inc.)
    Drivers32: msacm.trspch - C:\WINDOWS\System32\tssoft32.acm (DSP GROUP, INC.)
    Drivers32: MSVideo - C:\WINDOWS\System32\vfwwdm32.dll (Microsoft Corporation)
    Drivers32: MSVideo8 - C:\WINDOWS\System32\vfwwdm32.dll (Microsoft Corporation)
    Drivers32: vidc.cvid - C:\WINDOWS\System32\iccvid.dll (Radius Inc.)
    Drivers32: vidc.DIVX - C:\WINDOWS\System32\DivX.dll (DivX, Inc.)
    Drivers32: VIDC.I420 - C:\WINDOWS\System32\lvcodec2.dll (Logitech Inc.)
    Drivers32: vidc.iv31 - C:\WINDOWS\System32\ir32_32.dll ()
    Drivers32: vidc.iv32 - C:\WINDOWS\System32\ir32_32.dll ()
    Drivers32: vidc.iv41 - C:\WINDOWS\System32\ir41_32.ax (Intel Corporation)
    Drivers32: vidc.iv50 - C:\WINDOWS\System32\ir50_32.dll (Intel Corporation)
    Drivers32: vidc.yv12 - C:\WINDOWS\System32\DivX.dll (DivX, Inc.)

    CREATERESTOREPOINT
    Restore point Set: OTL Restore Point (56590081070202880)

    ========== Files/Folders - Created Within 30 Days ==========

    [2011/02/09 11:23:32 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Shaina\Desktop\Estie's Vort
    [2011/02/05 23:35:27 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\VideoLAN
    [2011/01/31 08:50:40 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Skype
    [2011/01/31 08:50:40 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Skype
    [2011/01/31 08:50:33 | 000,000,000 | R--D | C] -- C:\Program Files\Skype
    [2011/01/29 23:27:15 | 000,294,608 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswSP.sys
    [2011/01/29 23:27:15 | 000,017,744 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswFsBlk.sys
    [2011/01/29 23:27:15 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\avast! Free Antivirus
    [2011/01/29 23:27:14 | 000,047,440 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswTdi.sys
    [2011/01/29 23:27:14 | 000,023,632 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswRdr.sys
    [2011/01/29 23:27:13 | 000,100,176 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswmon2.sys
    [2011/01/29 23:27:13 | 000,094,544 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswmon.sys
    [2011/01/29 23:27:13 | 000,029,392 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\drivers\aavmker4.sys
    [2011/01/29 23:26:58 | 000,188,216 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\aswBoot.exe
    [2011/01/28 14:13:28 | 000,038,848 | ---- | C] (AVAST Software) -- C:\WINDOWS\avastSS.scr
    [2011/01/28 13:36:35 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Shaina\Local Settings\Application Data\Secunia PSI
    [2011/01/28 13:36:29 | 000,000,000 | ---D | C] -- C:\Program Files\Secunia
    [2011/01/28 11:56:26 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Alwil Software
    [2011/01/28 00:06:37 | 000,000,000 | ---D | C] -- C:\Program Files\ESET
    [2011/01/06 13:13:41 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Shaina\Desktop\Incomplete
    [2011/01/02 20:55:33 | 000,000,000 | -H-D | C] -- C:\Documents and Settings\All Users\Application Data\Common Files
    [2011/01/02 20:54:17 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\drivers\AVG
    [2011/01/02 11:52:22 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\SUPERAntiSpyware.com
    [2010/12/16 17:59:22 | 000,000,000 | ---D | C] -- C:\Documents and Settings\LocalService\Application Data\Apple Computer
    [2010/12/07 10:40:47 | 000,000,000 | -H-D | C] -- C:\Documents and Settings\All Users\Application Data\CanonIJScan
    [2010/12/06 09:46:07 | 000,000,000 | ---D | C] -- C:\Documents and Settings\NetworkService\Application Data\Apple Computer
    [2010/12/05 16:03:07 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\iTunes
    [2010/12/01 20:08:36 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Shaina\Desktop\DORA VIDEOS
    [2010/11/30 07:26:06 | 000,000,000 | -H-D | C] -- C:\WINDOWS\PIF
    [2010/11/17 21:18:50 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Shaina\My Documents\FrostWire
    [2010/11/17 21:18:46 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Shaina\Application Data\FrostWire
    [2010/11/17 21:14:29 | 000,000,000 | ---D | C] -- C:\Program Files\FrostWire
    [2010/10/18 08:14:22 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Shaina\My Documents\OneNote Notebooks
    [2010/10/17 10:16:19 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\QuickTime
    [2010/10/17 10:15:58 | 000,000,000 | ---D | C] -- C:\Program Files\QuickTime
    [2010/10/09 20:17:59 | 000,000,000 | ---D | C] -- C:\Program Files\LimeWire
    [2010/09/19 13:08:23 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Canon MX860 series User Registration
    [2010/09/19 13:01:54 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Canon IJ Network Utilities
    [2010/09/19 13:00:36 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Canon MX860 series Manual
    [2010/09/19 12:59:36 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Canon MX860 series
    [2010/09/01 03:30:58 | 000,015,544 | ---- | C] (Secunia) -- C:\WINDOWS\System32\drivers\psi_mf.sys
    [2010/08/13 15:39:27 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\NtmsData
    [2010/08/13 15:25:49 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Adobe AIR
    [2010/08/12 19:44:41 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Sun
    [2010/08/10 23:27:32 | 000,000,000 | RHSD | C] -- C:\cmdcons
    [2010/08/10 23:26:14 | 000,000,000 | ---D | C] -- C:\WINDOWS\ERDNT
    [2010/08/08 20:33:26 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Shaina\Desktop\Elazar Movies
    [2010/08/07 21:55:13 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Shaina\Local Settings\Application Data\AOL
    [2010/08/07 21:54:16 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\AOL
    [2010/08/05 06:25:12 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Shaina\Desktop\SHAINA STUFF
    [2010/07/16 18:03:21 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Lavasoft
    [2010/07/16 17:57:02 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Shaina\Application Data\WinPatrol
    [2010/07/16 17:56:50 | 000,000,000 | ---D | C] -- C:\Program Files\BillP Studios
    [2010/07/16 17:52:32 | 000,000,000 | ---D | C] -- C:\Program Files\Trend Micro
    [2010/07/16 14:44:52 | 000,000,000 | ---D | C] -- C:\WINDOWS\Prefetch
    [2010/07/16 06:06:41 | 000,000,000 | ---D | C] -- C:\spoolerlogs
    [2010/07/16 03:17:09 | 000,000,000 | ---D | C] -- C:\Documents and Settings\NetworkService\Application Data\AdobeUM
    [2010/07/16 03:10:15 | 000,000,000 | ---D | C] -- C:\Documents and Settings\NetworkService\Local Settings\Application Data\Adobe
    [2010/07/13 10:40:14 | 000,000,000 | ---D | C] -- C:\Documents and Settings\LocalService\Application Data\AdobeUM
    [2010/07/13 10:39:25 | 000,000,000 | ---D | C] -- C:\Documents and Settings\LocalService\Local Settings\Application Data\Adobe
    [2010/07/13 08:13:50 | 000,000,000 | ---D | C] -- C:\Documents and Settings\LocalService\Application Data\Real
    [2010/07/12 06:05:32 | 001,101,824 | ---- | C] (Woodbury Associates Limited) -- C:\WINDOWS\System32\UniBox210.ocx
    [2010/07/12 06:05:32 | 000,880,640 | ---- | C] (Woodbury Associates Limited) -- C:\WINDOWS\System32\UniBox10.ocx
    [2010/07/12 06:05:32 | 000,212,992 | ---- | C] (Woodbury Associates Limited) -- C:\WINDOWS\System32\UniBoxVB12.ocx
    [2010/07/12 06:05:26 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\PC Tools
    [2010/07/12 06:05:21 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\TEMP
    [2010/07/12 06:05:21 | 000,000,000 | ---D | C] -- C:\Program Files\Registry Mechanic
    [2010/07/11 06:37:00 | 000,000,000 | ---D | C] -- C:\Documents and Settings\LocalService\Application Data\Macromedia
    [2010/07/11 06:36:59 | 000,000,000 | ---D | C] -- C:\Documents and Settings\LocalService\Application Data\Adobe
    [2010/07/11 03:37:20 | 000,000,000 | ---D | C] -- C:\Documents and Settings\NetworkService\Application Data\Sun
    [2010/07/10 22:51:21 | 000,000,000 | ---D | C] -- C:\Documents and Settings\NetworkService\Application Data\Macromedia
    [2010/07/10 22:51:21 | 000,000,000 | ---D | C] -- C:\Documents and Settings\NetworkService\Application Data\Adobe
    [2010/07/04 11:05:34 | 000,000,000 | RH-D | C] -- C:\Documents and Settings\Shaina\Recent
    [2010/06/20 18:33:01 | 000,000,000 | ---D | C] -- C:\WINDOWS\.jagex_cache_32
    [2010/06/11 18:41:29 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\{429CAD59-35B1-4DBC-BB6D-1DB246563521}
    [2010/06/04 02:01:03 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Microsoft Silverlight
    [2010/05/23 08:54:35 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Shaina\Start Menu\Programs\Usmleworld Step2 QBank V2
    [2010/05/22 21:03:34 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\DivX Plus
    [2010/05/22 21:01:19 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\DivX
    [2010/04/26 17:04:42 | 000,353,592 | ---- | C] (DivX, Inc.) -- C:\WINDOWS\System32\DivXControlPanelApplet.cpl
    [2010/04/25 00:17:51 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft CAPICOM 2.1.0.2
    [2010/04/23 15:37:02 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Shaina\My Documents\SightSpeed Recordings
    [2010/04/23 15:32:33 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Shaina\Local Settings\Application Data\LogiShrd
    [2010/04/23 15:32:11 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Shaina\Application Data\Leadertech
    [2010/04/23 15:30:13 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Logitech
    [2010/04/23 15:30:05 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\LogiShrd
    [2010/04/23 15:30:04 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\LogiShrd
    [2010/04/23 15:30:03 | 000,000,000 | ---D | C] -- C:\Program Files\Logitech
    [2010/03/29 14:04:57 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Shaina\Application Data\skypePM
    [2010/03/29 14:02:54 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Shaina\Application Data\Skype
    [2010/03/29 14:02:19 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Skype
    [2010/03/17 08:15:14 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Shaina\Application Data\Lala Music Mover
    [2010/03/10 14:29:32 | 000,094,208 | ---- | C] (DivX, Inc.) -- C:\WINDOWS\System32\dpl100.dll
    [2010/03/03 10:57:50 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Real
    [2010/03/03 00:12:00 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\NCH Software
    [2010/03/03 00:11:47 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\NCH Software Suite
    [2010/03/03 00:11:46 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Video Related Programs
    [2010/03/03 00:11:46 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Prism Video Converter
    [2010/02/28 02:38:55 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\McAfee
    [2010/02/19 14:27:36 | 000,720,384 | ---- | C] (DivX, Inc.) -- C:\WINDOWS\System32\DivX.dll
    [2010/02/19 14:27:16 | 000,856,064 | ---- | C] (DivX, Inc.) -- C:\WINDOWS\System32\divx_xx0c.dll
    [2010/02/19 14:27:16 | 000,856,064 | ---- | C] (DivX, Inc.) -- C:\WINDOWS\System32\divx_xx07.dll
    [2010/02/19 14:27:16 | 000,847,872 | ---- | C] (DivX, Inc.) -- C:\WINDOWS\System32\divx_xx0a.dll
    [2010/02/19 14:27:16 | 000,843,776 | ---- | C] (DivX, Inc.) -- C:\WINDOWS\System32\divx_xx16.dll
    [2010/02/19 14:27:16 | 000,839,680 | ---- | C] (DivX, Inc.) -- C:\WINDOWS\System32\divx_xx11.dll
    [2010/01/20 19:38:20 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Shaina\Application Data\Amazon
    [2010/01/20 19:38:05 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Amazon
    [2010/01/20 19:38:04 | 000,000,000 | ---D | C] -- C:\Program Files\Amazon
    [2009/12/06 19:13:46 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Shaina\Application Data\Gleim
    [2009/12/06 09:42:05 | 000,398,744 | R--- | C] (Coupons, Inc.) -- C:\WINDOWS\System32\cpnprt2.cid
    [2009/12/06 09:41:59 | 000,000,000 | ---D | C] -- C:\WINDOWS\Cache
    [2009/12/06 09:41:58 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Coupons
    [2009/12/06 09:41:55 | 000,000,000 | ---D | C] -- C:\Program Files\Coupons
    [2009/11/10 21:01:16 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Shaina\.jordan
    [2009/10/25 10:51:17 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Shaina\Local Settings\Application Data\Opera
    [2009/10/25 10:51:17 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Shaina\Application Data\Opera
    [2009/10/25 10:51:08 | 000,000,000 | ---D | C] -- C:\Program Files\Opera
    [2009/10/13 18:45:53 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Shaina\Application Data\gtk-2.0
    [2009/10/13 18:45:51 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Shaina\.thumbnails
    [2009/10/13 18:43:40 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Shaina\.gimp-2.6
    [2009/10/13 18:43:39 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Shaina\My Documents\gegl-0.0
    [2009/10/12 14:07:42 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Shaina\Desktop\CZ STUFF
    [2009/08/27 17:45:00 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Shaina\Local Settings\Application Data\Temp
    [2009/08/20 21:40:31 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Shaina\Application Data\U3
    [2009/08/18 15:57:27 | 000,000,000 | -HSD | C] -- C:\Documents and Settings\Shaina\IECompatCache
    [2009/08/16 02:04:12 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\XPSViewer
    [2009/08/16 02:03:57 | 000,000,000 | ---D | C] -- C:\Program Files\Reference Assemblies
    [2009/08/16 02:03:28 | 000,000,000 | ---D | C] -- C:\d9c274b78117274c21c3
    [2009/08/12 22:47:24 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Shaina\My Documents\Downloads
    [2009/08/12 22:45:00 | 000,000,000 | ---D | C] -- C:\Documents and Settings\NetworkService\Local Settings\Application Data\Google
    [2009/08/12 22:34:36 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Google Chrome
    [2009/08/12 22:33:20 | 000,000,000 | ---D | C] -- C:\Documents and Settings\LocalService\Local Settings\Application Data\Google
    [2009/08/12 22:32:59 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Shaina\Local Settings\Application Data\Google
    [2009/08/12 22:32:54 | 000,000,000 | ---D | C] -- C:\Program Files\Google
    [2009/08/12 22:32:54 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\DivX Shared
    [2009/08/11 06:44:22 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Shaina\Start Menu\Programs\CCleaner
    [2009/08/11 06:44:20 | 000,000,000 | ---D | C] -- C:\Program Files\CCleaner
    [2009/08/09 13:40:22 | 000,000,000 | ---D | C] -- C:\Program Files\Safari
    [2009/08/09 13:38:37 | 000,000,000 | ---D | C] -- C:\Program Files\iPod
    [2009/08/09 13:38:33 | 000,000,000 | ---D | C] -- C:\Program Files\iTunes
    [2009/07/18 20:45:34 | 000,000,000 | -HSD | C] -- C:\Documents and Settings\Shaina\PrivacIE
    [2009/06/26 07:19:42 | 000,000,000 | -HSD | C] -- C:\Documents and Settings\Shaina\IETldCache
    [2009/06/26 06:16:18 | 000,000,000 | ---D | C] -- C:\WINDOWS\ie8updates
    [2009/06/26 06:15:36 | 000,000,000 | ---D | C] -- C:\WINDOWS\WBEM
    [2009/06/26 06:14:26 | 000,000,000 | -H-D | C] -- C:\WINDOWS\ie8
    [2009/06/26 05:45:09 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\xing shared
    [2009/06/26 05:44:40 | 000,278,528 | ---- | C] (Real Networks, Inc) -- C:\WINDOWS\System32\pncrt.dll
    [2009/06/26 05:44:40 | 000,000,000 | ---D | C] -- C:\Program Files\Real
    [2009/06/26 05:44:40 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Real
    [2009/06/17 19:39:21 | 000,000,000 | ---D | C] -- C:\WINDOWS\Downloaded Installations
    [2009/06/17 19:38:36 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Shaina\Application Data\Nitro PDF
    [2009/06/17 19:36:18 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Nitro PDF
    [2009/06/17 19:35:48 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Shaina\Local Settings\Application Data\Downloaded Installations
    [2009/06/17 19:29:46 | 000,000,000 | ---D | C] -- C:\Program Files\HALLMARK.CARD.STUDIO.2009-ADDICTION
    [2009/06/17 19:25:50 | 000,000,000 | ---D | C] -- C:\Program Files\Nitro PDF Professional 5.5.0.16 32-64bit
    [2009/06/17 19:22:05 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Shaina\Application Data\FireShot
    [2009/06/17 19:20:48 | 000,000,000 | ---D | C] -- C:\Program Files\FireShot for IE
    [2009/05/13 16:12:41 | 000,000,000 | R-SD | C] -- C:\WINDOWS\assembly
    [2009/05/13 16:12:00 | 000,000,000 | ---D | C] -- C:\WINDOWS\Microsoft.NET
    [2009/05/13 16:07:53 | 000,000,000 | ---D | C] -- C:\Program Files\AviSynth 2.5
    [2009/05/08 16:18:59 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\{8CD7F5AF-ECFA-4793-BF40-D8F42DBFF906}
    [2009/05/08 16:18:00 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Apple Computer
    [2009/05/08 16:17:05 | 000,000,000 | ---D | C] -- C:\Program Files\Apple Software Update
    [2009/05/08 16:16:40 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Apple
    [2009/05/08 16:16:40 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Apple
     
  10. merenwen

    merenwen TS Rookie Topic Starter Posts: 35

    [2009/04/27 10:29:08 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Real
    [2009/04/27 10:29:03 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Shaina\Application Data\Real
    [2009/03/27 13:35:03 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Shaina\Application Data\AdobeUM
    [2009/03/25 15:14:35 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Documents\Adobe PDF
    [2009/03/20 09:06:49 | 000,000,000 | --SD | C] -- C:\Documents and Settings\Shaina\My Documents\My Data Sources
    [2008/12/17 07:53:31 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Shaina\Desktop\Budget Stuff
    [2008/11/15 22:27:26 | 000,000,000 | ---D | C] -- C:\Program Files\Adobe
    [2008/10/11 19:09:21 | 000,000,000 | ---D | C] -- C:\Program Files\NCH Software
    [2008/10/11 18:59:59 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\NCH Swift Sound
    [2008/10/11 18:59:58 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Switch Sound File Converter
    [2008/10/11 18:59:57 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Shaina\Application Data\NCH Swift Sound
    [2008/10/11 18:59:25 | 000,000,000 | ---D | C] -- C:\Program Files\NCH Swift Sound
    [2008/08/30 20:21:24 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\scripting
    [2008/08/30 20:21:24 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\en-us
    [2008/08/30 20:21:23 | 000,000,000 | ---D | C] -- C:\WINDOWS\l2schemas
    [2008/08/30 20:21:23 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\en
    [2008/08/30 20:21:23 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\bits
    [2008/08/30 20:19:49 | 000,000,000 | ---D | C] -- C:\WINDOWS\ServicePackFiles
    [2008/08/30 20:18:05 | 000,000,000 | ---D | C] -- C:\WINDOWS\network diagnostic
    [2008/08/30 20:14:45 | 000,000,000 | -H-D | C] -- C:\WINDOWS\$NtServicePackUninstall$
    [2008/08/30 20:14:44 | 000,000,000 | ---D | C] -- C:\WINDOWS\EHome
    [2008/08/17 13:08:02 | 000,000,000 | ---D | C] -- C:\WINDOWS\Minidump
    [2008/08/14 07:51:36 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Silverlight
    [2008/08/03 10:40:47 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Shaina\Application Data\Panasonic
    [2008/07/31 19:39:24 | 000,000,000 | ---D | C] -- C:\Program Files\Orban
    [2008/07/31 19:39:24 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Orban
    [2008/06/30 17:03:15 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Shaina\Application Data\Canon
    [2008/06/18 19:30:28 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Shaina\Local Settings\Application Data\WMTools Downloaded Files
    [2008/06/17 11:25:01 | 000,000,000 | ---D | C] -- C:\Documents and Settings\NetworkService\Local Settings\Application Data\Apple
    [2008/05/11 18:20:18 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Shaina\Application Data\Apple Computer
    [2008/05/09 06:54:14 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Shaina\Application Data\Snapfish
    [2008/05/04 21:35:48 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Shaina\Desktop\pics
    [2008/05/02 16:39:20 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Shaina\Local Settings\Application Data\Apple
    [2008/05/02 16:39:10 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Shaina\Local Settings\Application Data\Apple Computer
    [2008/03/27 20:28:06 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Shaina\Application Data\dvdcss
    [2008/03/27 20:00:47 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Shaina\My Documents\DVD
    [2008/03/27 20:00:00 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Shaina\Application Data\DVD Flick
    [2008/03/27 19:59:41 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\DVD Flick
    [2008/03/27 19:59:39 | 000,081,920 | ---- | C] (Marco Bellinaso) -- C:\WINDOWS\System32\mbmouse.ocx
    [2008/03/27 19:59:39 | 000,036,864 | ---- | C] (Robdogg Inc.) -- C:\WINDOWS\System32\trayicon.ocx
    [2008/03/27 19:59:38 | 000,000,000 | ---D | C] -- C:\Program Files\DVD Flick
    [2008/03/27 19:43:10 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Canon MP210 series User Registration
    [2008/03/27 18:04:56 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\CANON
    [2008/03/27 18:02:14 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Canon Utilities
    [2008/03/27 18:01:48 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Canon MP210 series Manual
    [2008/03/27 18:01:38 | 000,000,000 | -H-D | C] -- C:\Documents and Settings\All Users\Application Data\CanonBJ
    [2008/03/27 18:01:29 | 000,000,000 | -H-D | C] -- C:\WINDOWS\System32\CanonIJ Uninstaller Information
    [2008/03/27 18:01:28 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Canon MP210 series
    [2008/03/27 18:01:15 | 000,000,000 | -H-D | C] -- C:\Program Files\CanonBJ
    [2008/03/27 18:00:12 | 000,000,000 | ---D | C] -- C:\Program Files\Canon
    [2008/03/26 20:43:09 | 000,000,000 | -HSD | C] -- C:\Documents and Settings\Shaina\UserData
    [2008/03/20 20:46:26 | 000,022,168 | ---- | C] (Softland) -- C:\WINDOWS\System32\dopdfmn6.dll
    [2008/03/20 20:46:26 | 000,018,072 | ---- | C] (Softland) -- C:\WINDOWS\System32\dopdfmi6.dll
    [2008/03/20 20:46:25 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\doPDF 6
    [2008/03/20 20:46:24 | 000,000,000 | ---D | C] -- C:\Program Files\Softland
    [2008/03/20 20:42:47 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Office Genuine Advantage
    [2008/03/18 22:08:42 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Shaina\Application Data\Broderbund
    [2008/03/18 21:12:33 | 000,000,000 | ---D | C] -- C:\Program Files\Broderbund
    [2008/03/18 21:12:33 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Broderbund
    [2008/03/18 21:12:32 | 000,274,432 | ---- | C] (Riverdeep Interactive Learning Limited) -- C:\WINDOWS\TLCUninstall.exe
    [2008/03/18 18:38:37 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Shaina\My Documents\Quicken
    [2008/03/18 18:33:08 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\AnswerWorks 5.0
    [2008/03/18 18:32:59 | 003,518,464 | ---- | C] (Amyuni Technologies
    http://www.amyuni.com) -- C:\WINDOWS\System32\cdintf300.dll
    [2008/03/18 18:32:59 | 001,843,200 | ---- | C] (Apache Software Foundation) -- C:\WINDOWS\System32\acXMLParser.dll
    [2008/03/18 18:32:49 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Shaina\Application Data\Intuit
    [2008/03/18 18:32:27 | 000,000,000 | ---D | C] -- C:\Program Files\Quicken
    [2008/03/18 18:32:11 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Intuit
    [2008/03/18 18:26:09 | 000,000,000 | ---D | C] -- C:\Program Files\MagicISO
    [2008/03/02 17:56:37 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Shaina\Application Data\DivX
    [2008/02/28 18:15:37 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Microsoft Office
    [2008/02/28 18:14:59 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Works
    [2008/02/28 18:14:50 | 000,000,000 | ---D | C] -- C:\Program Files\MSBuild
    [2008/02/28 18:14:27 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Visual Studio
    [2008/02/28 18:14:26 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\DESIGNER
    [2008/02/28 18:11:14 | 000,000,000 | ---D | C] -- C:\WINDOWS\SHELLNEW
    [2008/02/28 18:10:37 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Shaina\Local Settings\Application Data\Microsoft Help
    [2008/02/28 18:10:22 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Office
    [2008/02/28 18:10:20 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Microsoft Help
    [2008/02/28 18:10:03 | 000,000,000 | R--D | C] -- C:\MSOCache
    [2008/02/22 09:40:04 | 000,000,000 | ---D | C] -- C:\Program Files\Alwil Software
    [2008/02/10 12:36:47 | 000,000,000 | ---D | C] -- C:\WINDOWS\SxsCaPendDel
    [2008/01/28 23:20:42 | 000,000,000 | ---D | C] -- C:\MDT
    [2008/01/28 23:20:32 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Shaina\Application Data\CyberLink
    [2008/01/28 23:20:32 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\CyberLink
    [2008/01/28 23:19:45 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Shaina\Application Data\vlc
    [2008/01/28 23:17:16 | 000,000,000 | ---D | C] -- C:\Program Files\VideoLAN
    [2008/01/27 19:21:11 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Shaina\Start Menu\Programs\VobSub
    [2008/01/27 19:21:11 | 000,000,000 | ---D | C] -- C:\Program Files\Gabest
    [2008/01/27 14:18:18 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Shaina\Application Data\WinRAR
    [2008/01/27 14:18:10 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Shaina\Start Menu\Programs\WinRAR
    [2008/01/27 14:18:10 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\WinRAR
    [2008/01/27 14:18:08 | 000,000,000 | ---D | C] -- C:\Program Files\WinRAR
    [2008/01/21 22:26:33 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Shaina\Local Settings\Application Data\Adobe
    [2008/01/21 22:26:13 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Adobe
    [2008/01/21 22:26:08 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Adobe
    [2008/01/21 18:47:14 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\DivX
    [2008/01/21 18:47:13 | 000,000,000 | ---D | C] -- C:\Program Files\DivX
    [2008/01/21 10:35:39 | 000,000,000 | ---D | C] -- C:\WINDOWS\Sun
    [2008/01/21 10:35:38 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Shaina\Application Data\Sun
    [2008/01/20 17:06:09 | 000,000,000 | ---D | C] -- C:\Program Files\K-Lite Codec Pack
    [2008/01/20 17:06:09 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\K-Lite Codec Pack
    [2008/01/20 17:05:31 | 002,625,445 | ---- | C] ( ) -- C:\Program Files\klcodec365b.exe
    [2008/01/20 13:03:49 | 000,000,000 | R--D | C] -- C:\Documents and Settings\All Users\Documents\My Videos
    [2008/01/20 13:03:07 | 000,000,000 | ---D | C] -- C:\Program Files\Windows Media Connect 2
    [2008/01/20 13:02:30 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\drivers\UMDF
    [2008/01/20 13:02:30 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\LogFiles
    [2008/01/20 13:02:08 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Windows Genuine Advantage
    [2008/01/20 12:47:20 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Shaina\Desktop\MOVIES
    [2008/01/20 12:39:28 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Shaina\Application Data\.ABC
    [2008/01/20 12:38:33 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Shaina\Start Menu\Programs\ABC
    [2008/01/20 12:38:32 | 000,000,000 | ---D | C] -- C:\Program Files\ABC
    [2008/01/20 12:25:30 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Shaina\Desktop\MUSIC
    [2008/01/20 12:25:06 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Shaina\My Documents\LimeWire
    [2008/01/20 12:25:01 | 000,000,000 | ---D | C] -- C:\Program Files\MSXML 4.0
    [2008/01/20 12:24:47 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Shaina\Application Data\Macromedia
    [2008/01/20 12:24:46 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Shaina\Application Data\Adobe
    [2008/01/20 12:24:10 | 000,000,000 | ---D | C] -- C:\Program Files\Java
    [2008/01/20 12:22:55 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Java
    [2008/01/20 12:17:25 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Shaina\Application Data\Grisoft
    [2008/01/20 12:17:17 | 000,000,000 | ---D | C] -- C:\Program Files\Grisoft
    [2008/01/20 12:05:33 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Shaina\Local Settings\Application Data\Mozilla
    [2008/01/20 12:05:33 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Shaina\Application Data\Mozilla
    [2008/01/20 12:05:28 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Mozilla Firefox
    [2008/01/20 12:05:25 | 000,000,000 | ---D | C] -- C:\Program Files\Mozilla Firefox
    [2008/01/20 11:57:11 | 000,000,000 | ---D | C] -- C:\Documents and Settings\LocalService\Application Data\Roxio
    [2008/01/20 11:57:09 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Shaina\Application Data\Roxio
    [2008/01/20 11:54:28 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\InstallShield
    [2008/01/20 11:53:33 | 000,000,000 | -H-D | C] -- C:\WINDOWS\$MSI31Uninstall_KB893803v2$
    [2008/01/20 11:53:24 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\PreInstall
    [2008/01/20 11:52:02 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Roxio
    [2008/01/20 11:50:56 | 000,000,000 | ---D | C] -- C:\WINDOWS\RegisteredPackages
    [2008/01/20 11:50:20 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Sonic
    [2008/01/20 11:50:17 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Sonic Shared
    [2008/01/20 11:50:00 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Roxio Shared
    [2008/01/20 11:49:55 | 000,000,000 | ---D | C] -- C:\Program Files\Roxio
    [2008/01/20 11:49:49 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\SoftwareDistribution
    [2008/01/20 11:48:23 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Shaina\Local Settings\Application Data\PowerDVD DX
    [2008/01/20 11:48:23 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Dell
    [2008/01/20 11:48:18 | 000,000,000 | R--D | C] -- C:\Documents and Settings\Shaina\My Documents\My Videos
    [2008/01/20 11:48:03 | 000,000,000 | ---D | C] -- C:\Program Files\CyberLink
    [2008/01/20 11:44:46 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\RTCOM
    [2008/01/20 11:44:18 | 002,808,832 | ---- | C] (RealTek Semicoductor Corp.) -- C:\WINDOWS\alcwzrd.exe
    [2008/01/20 11:44:18 | 000,000,000 | -H-D | C] -- C:\Program Files\InstallShield Installation Information
    [2008/01/20 11:44:18 | 000,000,000 | ---D | C] -- C:\Program Files\Realtek
    [2008/01/20 11:44:14 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\InstallShield
    [2008/01/20 11:43:34 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\Lang
    [2008/01/20 11:41:50 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\ReinstallBackups
    [2008/01/20 11:41:48 | 000,000,000 | ---D | C] -- C:\Program Files\Intel
    [2008/01/20 11:41:48 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\DRVSTORE
    [2008/01/20 11:41:42 | 000,000,000 | ---D | C] -- C:\Intel
    [2008/01/20 11:41:13 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\vmm32
    [2008/01/20 11:41:13 | 000,000,000 | ---D | C] -- C:\Program Files\Dell
    [2008/01/20 11:40:30 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Shaina\Application Data\Identities
    [2008/01/20 11:40:29 | 000,000,000 | -H-D | C] -- C:\Program Files\Uninstall Information
    [2008/01/20 11:40:25 | 000,000,000 | R--D | C] -- C:\Documents and Settings\Shaina\My Documents\My Pictures
    [2008/01/20 11:40:25 | 000,000,000 | R--D | C] -- C:\Documents and Settings\Shaina\My Documents\My Music
    [2008/01/20 11:40:23 | 000,000,000 | --SD | C] -- C:\Documents and Settings\Shaina\Application Data\Microsoft
    [2008/01/20 11:40:23 | 000,000,000 | RH-D | C] -- C:\Documents and Settings\Shaina\SendTo
    [2008/01/20 11:40:23 | 000,000,000 | R--D | C] -- C:\Documents and Settings\Shaina\Start Menu\Programs\Startup
    [2008/01/20 11:40:23 | 000,000,000 | R--D | C] -- C:\Documents and Settings\Shaina\Start Menu
    [2008/01/20 11:40:23 | 000,000,000 | R--D | C] -- C:\Documents and Settings\Shaina\My Documents
    [2008/01/20 11:40:23 | 000,000,000 | R--D | C] -- C:\Documents and Settings\Shaina\Favorites
    [2008/01/20 11:40:23 | 000,000,000 | R--D | C] -- C:\Documents and Settings\Shaina\Start Menu\Programs\Accessories
    [2008/01/20 11:40:23 | 000,000,000 | -HSD | C] -- C:\Documents and Settings\Shaina\Cookies
    [2008/01/20 11:40:23 | 000,000,000 | -H-D | C] -- C:\Documents and Settings\Shaina\Templates
    [2008/01/20 11:40:23 | 000,000,000 | -H-D | C] -- C:\Documents and Settings\Shaina\PrintHood
    [2008/01/20 11:40:23 | 000,000,000 | -H-D | C] -- C:\Documents and Settings\Shaina\NetHood
    [2008/01/20 11:40:23 | 000,000,000 | -H-D | C] -- C:\Documents and Settings\Shaina\Local Settings
    [2008/01/20 11:40:23 | 000,000,000 | -H-D | C] -- C:\Documents and Settings\Shaina\Application Data
    [2008/01/20 11:40:23 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Shaina\Local Settings\Application Data\Microsoft
    [2008/01/20 11:40:23 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Shaina\Desktop
    [2008/01/20 11:39:59 | 000,000,000 | ---D | C] -- C:\WINDOWS\SoftwareDistribution
    [2008/01/20 11:39:57 | 000,000,000 | --SD | C] -- C:\WINDOWS\System32\Microsoft
    [2008/01/20 11:39:56 | 000,000,000 | --SD | C] -- C:\Documents and Settings\LocalService\Application Data\Microsoft
    [2008/01/20 11:39:56 | 000,000,000 | ---D | C] -- C:\Documents and Settings\LocalService\Local Settings\Application Data\Microsoft
    [2008/01/20 11:39:42 | 000,000,000 | --SD | C] -- C:\Documents and Settings\NetworkService\Application Data\Microsoft
    [2008/01/20 11:39:42 | 000,000,000 | ---D | C] -- C:\Documents and Settings\NetworkService\Local Settings\Application Data\Microsoft
    [2008/01/20 11:38:55 | 000,079,872 | ---- | C] (Ricoh Co., Ltd.) -- C:\WINDOWS\System32\dllcache\rwia330.dll
    [2008/01/20 11:38:55 | 000,079,872 | ---- | C] (Ricoh Co., Ltd.) -- C:\WINDOWS\System32\dllcache\rwia001.dll
    [2008/01/20 11:38:11 | 000,054,528 | ---- | C] (Philips Semiconductors GmbH) -- C:\WINDOWS\System32\dllcache\cap7146.sys
    [2008/01/20 11:37:57 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\xircom
    [2008/01/20 11:37:57 | 000,000,000 | ---D | C] -- C:\Program Files\xerox
    [2008/01/20 11:37:57 | 000,000,000 | ---D | C] -- C:\Program Files\microsoft frontpage
    [2008/01/20 11:37:55 | 000,000,000 | ---D | C] -- C:\DELL
    [2008/01/20 11:37:47 | 000,000,000 | -H-D | C] -- C:\WINDOWS\$hf_mig$
    [2008/01/20 11:36:58 | 000,000,000 | -HSD | C] -- C:\Documents and Settings\All Users\DRM
    [2008/01/20 11:36:52 | 000,000,000 | --SD | C] -- C:\WINDOWS\Downloaded Program Files
    [2008/01/20 11:36:52 | 000,000,000 | R--D | C] -- C:\WINDOWS\Offline Web Pages
    [2008/01/20 11:36:45 | 000,000,000 | -H-D | C] -- C:\Program Files\WindowsUpdate
    [2008/01/20 11:36:29 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\DirectX
    [2008/01/20 11:35:56 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Services
    [2008/01/20 11:35:53 | 000,000,000 | --SD | C] -- C:\WINDOWS\Tasks
    [2008/01/20 11:35:52 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\MSSoap
    [2008/01/20 11:35:47 | 000,000,000 | ---D | C] -- C:\WINDOWS\srchasst
    [2008/01/20 11:35:46 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\Macromed
    [2008/01/20 11:35:37 | 000,000,000 | ---D | C] -- C:\Program Files\Movie Maker
    [2008/01/20 11:35:28 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\Restore
    [2008/01/20 11:35:23 | 000,000,000 | ---D | C] -- C:\Program Files\NetMeeting
    [2008/01/20 11:35:19 | 000,000,000 | ---D | C] -- C:\Program Files\Outlook Express
    [2008/01/20 11:35:12 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\System
    [2008/01/20 11:35:11 | 000,000,000 | ---D | C] -- C:\Program Files\Internet Explorer
    [2008/01/20 11:35:10 | 000,000,000 | R--D | C] -- C:\Documents and Settings\All Users\Documents\My Pictures
    [2008/01/20 11:35:02 | 000,000,000 | ---D | C] -- C:\Program Files\ComPlus Applications
    [2008/01/20 11:34:58 | 000,000,000 | ---D | C] -- C:\WINDOWS\Registration
    [2008/01/20 11:34:57 | 000,000,000 | R--D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Administrative Tools
    [2008/01/20 11:34:39 | 000,000,000 | R--D | C] -- C:\Documents and Settings\All Users\Documents\My Music
    [2008/01/20 11:34:39 | 000,000,000 | R--D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Games
    [2008/01/20 11:34:39 | 000,000,000 | ---D | C] -- C:\Program Files\Windows Media Player
    [2008/01/20 11:34:39 | 000,000,000 | ---D | C] -- C:\Program Files\Online Services
    [2008/01/20 11:34:35 | 000,000,000 | ---D | C] -- C:\Program Files\Messenger
    [2008/01/20 11:34:31 | 000,000,000 | ---D | C] -- C:\Program Files\MSN Gaming Zone
    [2008/01/20 11:33:49 | 000,000,000 | ---D | C] -- C:\Program Files\MSN
    [2008/01/20 11:33:47 | 000,000,000 | ---D | C] -- C:\Program Files\Windows NT
    [2008/01/20 11:33:44 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\MsDtc
    [2008/01/20 11:33:41 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\Com
    [2008/01/20 11:33:14 | 000,000,000 | R--D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Accessories
    [2008/01/20 06:17:41 | 000,000,000 | -HSD | C] -- C:\WINDOWS\Installer
    [2008/01/20 06:17:41 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\ODBC
    [2008/01/20 06:17:37 | 000,000,000 | R--D | C] -- C:\Program Files
    [2008/01/20 06:17:37 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\SpeechEngines
    [2008/01/20 06:17:37 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Microsoft Shared
    [2008/01/20 06:17:37 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files
    [2008/01/20 06:17:14 | 000,000,000 | R--D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Startup
    [2008/01/20 06:17:14 | 000,000,000 | R--D | C] -- C:\Documents and Settings\All Users\Start Menu
    [2008/01/20 06:17:14 | 000,000,000 | R--D | C] -- C:\Documents and Settings\All Users\Documents
    [2008/01/20 06:17:14 | 000,000,000 | -H-D | C] -- C:\Documents and Settings\All Users\Templates
    [2008/01/20 06:17:14 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Favorites
    [2008/01/20 06:17:14 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Desktop
    [2008/01/20 06:17:03 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\CatRoot2
    [2008/01/20 06:17:03 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\CatRoot
    [2008/01/20 06:16:58 | 000,000,000 | --SD | C] -- C:\Documents and Settings\All Users\Application Data\Microsoft
    [2008/01/20 06:16:58 | 000,000,000 | -H-D | C] -- C:\Documents and Settings\All Users\Application Data
    [2008/01/20 06:16:34 | 000,000,000 | -HSD | C] -- C:\System Volume Information
    [2008/01/20 06:16:34 | 000,000,000 | ---D | C] -- C:\Documents and Settings
    [2008/01/20 06:08:45 | 000,000,000 | R-SD | C] -- C:\WINDOWS\Fonts
    [2008/01/20 06:08:45 | 000,000,000 | RHSD | C] -- C:\WINDOWS\System32\dllcache
    [2008/01/20 06:08:45 | 000,000,000 | R--D | C] -- C:\WINDOWS\Web
    [2008/01/20 06:08:45 | 000,000,000 | -H-D | C] -- C:\WINDOWS\inf
    [2008/01/20 06:08:45 | 000,000,000 | ---D | C] -- C:\WINDOWS\WinSxS
    [2008/01/20 06:08:45 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\wins
    [2008/01/20 06:08:45 | 000,000,000 | ---D | C] -- C:\WINDOWS
    [2008/01/20 06:08:45 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\wbem
    [2008/01/20 06:08:45 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\usmt
    [2008/01/20 06:08:45 | 000,000,000 | ---D | C] -- C:\WINDOWS\twain_32
    [2008/01/20 06:08:45 | 000,000,000 | ---D | C] -- C:\WINDOWS\Temp
    [2008/01/20 06:08:45 | 000,000,000 | ---D | C] -- C:\WINDOWS\system32
    [2008/01/20 06:08:45 | 000,000,000 | ---D | C] -- C:\WINDOWS\system
    [2008/01/20 06:08:45 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\spool
    [2008/01/20 06:08:45 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\ShellExt
    [2008/01/20 06:08:45 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\Setup
    [2008/01/20 06:08:45 | 000,000,000 | ---D | C] -- C:\WINDOWS\security
    [2008/01/20 06:08:45 | 000,000,000 | ---D | C] -- C:\WINDOWS\Resources
    [2008/01/20 06:08:45 | 000,000,000 | ---D | C] -- C:\WINDOWS\repair
    [2008/01/20 06:08:45 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\ras
    [2008/01/20 06:08:45 | 000,000,000 | ---D | C] -- C:\WINDOWS\Provisioning
    [2008/01/20 06:08:45 | 000,000,000 | ---D | C] -- C:\WINDOWS\PeerNet
    [2008/01/20 06:08:45 | 000,000,000 | ---D | C] -- C:\WINDOWS\pchealth
    [2008/01/20 06:08:45 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\oobe
    [2008/01/20 06:08:45 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\npp
    [2008/01/20 06:08:45 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\mui
    [2008/01/20 06:08:45 | 000,000,000 | ---D | C] -- C:\WINDOWS\mui
    [2008/01/20 06:08:45 | 000,000,000 | ---D | C] -- C:\WINDOWS\msapps
    [2008/01/20 06:08:45 | 000,000,000 | ---D | C] -- C:\WINDOWS\msagent
    [2008/01/20 06:08:45 | 000,000,000 | ---D | C] -- C:\WINDOWS\Media
    [2008/01/20 06:08:45 | 000,000,000 | ---D | C] -- C:\WINDOWS\java
    [2008/01/20 06:08:45 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\inetsrv
    [2008/01/20 06:08:45 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\IME
    [2008/01/20 06:08:45 | 000,000,000 | ---D | C] -- C:\WINDOWS\ime
    [2008/01/20 06:08:45 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\icsxml
    [2008/01/20 06:08:45 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\ias
    [2008/01/20 06:08:45 | 000,000,000 | ---D | C] -- C:\WINDOWS\Help
    [2008/01/20 06:08:45 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\export
    [2008/01/20 06:08:45 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\drivers\etc
    [2008/01/20 06:08:45 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\drivers
    [2008/01/20 06:08:45 | 000,000,000 | ---D | C] -- C:\WINDOWS\Driver Cache
    [2008/01/20 06:08:45 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\drivers\disdn
    [2008/01/20 06:08:45 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\dhcp
    [2008/01/20 06:08:45 | 000,000,000 | ---D | C] -- C:\WINDOWS\dell
    [2008/01/20 06:08:45 | 000,000,000 | ---D | C] -- C:\WINDOWS\Debug
    [2008/01/20 06:08:45 | 000,000,000 | ---D | C] -- C:\WINDOWS\Cursors
    [2008/01/20 06:08:45 | 000,000,000 | ---D | C] -- C:\WINDOWS\Connection Wizard
    [2008/01/20 06:08:45 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\config
    [2008/01/20 06:08:45 | 000,000,000 | ---D | C] -- C:\WINDOWS\Config
    [2008/01/20 06:08:45 | 000,000,000 | ---D | C] -- C:\WINDOWS\AppPatch
    [2008/01/20 06:08:45 | 000,000,000 | ---D | C] -- C:\WINDOWS\addins
    [2008/01/20 06:08:45 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\3com_dmi
    [2008/01/20 06:08:45 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\3076
    [2008/01/20 06:08:45 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\2052
    [2008/01/20 06:08:45 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\1054
    [2008/01/20 06:08:45 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\1042
    [2008/01/20 06:08:45 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\1041
    [2008/01/20 06:08:45 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\1037
    [2008/01/20 06:08:45 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\1033
    [2008/01/20 06:08:45 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\1031
    [2008/01/20 06:08:45 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\1028
    [2008/01/20 06:08:45 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\1025
    [2007/06/18 20:18:26 | 000,023,680 | ---- | C] (Motorola) -- C:\WINDOWS\System32\drivers\motmodem.sys
    [2007/01/02 18:34:01 | 000,602,624 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\Shaina\Desktop\OTL.exe
    [2007/01/02 13:58:43 | 000,212,480 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWXCACLS.exe
    [2007/01/02 13:58:43 | 000,161,792 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWREG.exe
    [2007/01/02 13:58:43 | 000,136,704 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWSC.exe
    [2007/01/02 13:58:43 | 000,031,232 | ---- | C] (NirSoft) -- C:\WINDOWS\NIRCMD.exe
    [2007/01/02 13:57:59 | 000,000,000 | ---D | C] -- C:\Qoobox
    [2007/01/01 22:56:40 | 000,446,464 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\Shaina\Desktop\TFC(3).exe
    [2007/01/01 02:05:12 | 000,000,000 | R--D | C] -- C:\Documents and Settings\Shaina\Start Menu\Programs\Administrative Tools
    [2007/01/01 00:01:51 | 000,000,000 | ---D | C] -- C:\Documents and Settings\NetworkService\Local Settings\Application Data\Temp
    [2006/12/31 23:03:38 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Shaina\Application Data\Malwarebytes
    [2006/12/31 23:03:29 | 000,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware
    [2006/12/31 23:03:29 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Malwarebytes
    [2006/12/31 20:14:55 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Malwarebytes' Anti-Malware
    [2006/12/31 20:14:52 | 000,038,224 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbamswissarmy.sys
    [2006/12/31 20:14:50 | 000,020,952 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbam.sys

    ========== Files - Modified Within 30 Days ==========

    [2011/02/09 19:10:00 | 000,000,886 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
    [2011/02/09 11:34:09 | 000,064,251 | ---- | M] () -- C:\Documents and Settings\Shaina\Desktop\downsize.jpg
    [2011/02/09 11:21:27 | 000,316,360 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT
    [2011/02/09 03:04:26 | 000,001,355 | ---- | M] () -- C:\WINDOWS\imsins.BAK
    [2011/02/08 15:46:44 | 000,017,920 | ---- | M] () -- C:\Documents and Settings\Shaina\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
    [2011/02/07 07:06:01 | 000,000,284 | ---- | M] () -- C:\WINDOWS\tasks\AppleSoftwareUpdate.job
    [2011/02/03 18:28:31 | 000,002,515 | ---- | M] () -- C:\Documents and Settings\Shaina\Desktop\Word.lnk
    [2011/02/03 12:04:00 | 000,000,288 | ---- | M] () -- C:\WINDOWS\tasks\RealUpgradeScheduledTaskS-1-5-21-1757981266-220523388-839522115-1004.job
    [2011/02/03 08:10:00 | 000,022,016 | ---- | M] () -- C:\Documents and Settings\Shaina\Desktop\Residency Spreadsheet.xls
    [2011/01/30 21:32:44 | 000,455,327 | ---- | M] () -- C:\Documents and Settings\Shaina\Desktop\2010TaxReturn.pdf
    [2011/01/30 20:00:41 | 000,002,473 | ---- | M] () -- C:\Documents and Settings\Shaina\Desktop\Excel.lnk
    [2011/01/29 23:27:13 | 000,002,626 | ---- | M] () -- C:\WINDOWS\System32\CONFIG.NT
    [2011/01/28 13:36:31 | 000,000,753 | ---- | M] () -- C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Secunia PSI Tray.lnk
    [2011/01/18 12:45:27 | 000,022,528 | ---- | M] () -- C:\Documents and Settings\Shaina\Desktop\Book1.xls
    [2011/01/16 23:56:43 | 000,668,068 | ---- | M] () -- C:\Documents and Settings\Shaina\Desktop\IMG_0671.JPG
    [2011/01/13 03:47:35 | 000,038,848 | ---- | M] (AVAST Software) -- C:\WINDOWS\avastSS.scr
    [2011/01/13 03:47:32 | 000,188,216 | ---- | M] (AVAST Software) -- C:\WINDOWS\System32\aswBoot.exe
    [2011/01/13 03:41:16 | 000,294,608 | ---- | M] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswSP.sys
    [2011/01/13 03:40:16 | 000,047,440 | ---- | M] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswTdi.sys
    [2011/01/13 03:40:04 | 000,100,176 | ---- | M] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswmon2.sys
    [2011/01/13 03:39:50 | 000,094,544 | ---- | M] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswmon.sys
    [2011/01/13 03:37:30 | 000,023,632 | ---- | M] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswRdr.sys
    [2011/01/13 03:37:11 | 000,029,392 | ---- | M] (AVAST Software) -- C:\WINDOWS\System32\drivers\aavmker4.sys
    [2011/01/13 03:37:09 | 000,017,744 | ---- | M] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswFsBlk.sys
    [2010/12/26 16:30:48 | 1407,071,087 | ---- | M] () -- C:\Documents and Settings\Shaina\Desktop\Go Diego Go Rainforest Fiesta 2009 DVDRip [A Release-Lounge H264].mp4
    [2010/12/26 13:35:13 | 731,826,176 | ---- | M] () -- C:\Documents and Settings\Shaina\Desktop\Barney.A.Counting.We.Will.Go.2010.DVDRip.XviD-DOCUMENT.avi
    [2010/12/20 18:09:00 | 000,038,224 | ---- | M] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbamswissarmy.sys
    [2010/12/20 18:08:40 | 000,020,952 | ---- | M] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbam.sys
    [2010/12/19 19:48:07 | 000,017,887 | ---- | M] () -- C:\Documents and Settings\Shaina\My Documents\Gmail - (no subject).pdf
    [2010/12/14 04:46:24 | 943,195,068 | ---- | M] () -- C:\Documents and Settings\Shaina\Desktop\dance.mp4
    [2010/12/14 03:51:24 | 941,702,964 | ---- | M] () -- C:\Documents and Settings\Shaina\Desktop\dora.mp4
    [2010/12/14 02:40:43 | 941,778,073 | ---- | M] () -- C:\Documents and Settings\Shaina\Desktop\big sister.mp4
    [2010/12/14 02:12:26 | 942,198,213 | ---- | M] () -- C:\Documents and Settings\Shaina\Desktop\doras world adventure.mp4
    [2010/12/13 11:58:07 | 001,435,996 | ---- | M] () -- C:\Documents and Settings\Shaina\Desktop\Medical Enrollment.pdf
    [2010/12/12 20:22:55 | 000,289,168 | ---- | M] () -- C:\Documents and Settings\Shaina\Desktop\Daycare Letter.pdf
    [2010/12/07 11:04:53 | 000,028,672 | ---- | M] () -- C:\Documents and Settings\Shaina\Desktop\budget for financial aid.doc
    [2010/12/07 11:00:59 | 001,986,946 | ---- | M] () -- C:\Documents and Settings\Shaina\Desktop\Lease.pdf
    [2010/12/07 11:00:03 | 000,696,089 | ---- | M] () -- C:\Documents and Settings\Shaina\Desktop\IMG_0005.pdf
    [2010/12/07 10:59:02 | 001,335,675 | ---- | M] () -- C:\Documents and Settings\Shaina\Desktop\IMG_0004.pdf
    [2010/12/07 10:46:11 | 001,206,001 | ---- | M] () -- C:\Documents and Settings\Shaina\Desktop\Chaim Aron Tuition Remission.pdf
    [2010/12/07 10:45:02 | 000,618,135 | ---- | M] () -- C:\Documents and Settings\Shaina\Desktop\IMG_0002.pdf
    [2010/12/07 10:34:08 | 000,034,321 | ---- | M] () -- C:\Documents and Settings\Shaina\Desktop\NYCOM Clerkship Schedule.pdf
    [2010/12/07 10:29:14 | 000,042,670 | ---- | M] () -- C:\Documents and Settings\Shaina\Desktop\ConEd Payment History.pdf
    [2010/12/07 10:28:08 | 000,042,191 | ---- | M] () -- C:\Documents and Settings\Shaina\Desktop\Geico Policy.pdf
    [2010/12/07 10:24:35 | 000,195,864 | ---- | M] () -- C:\Documents and Settings\Shaina\Desktop\Oct. 25 Coned Bill.pdf
    [2010/12/07 10:23:42 | 000,196,015 | ---- | M] () -- C:\Documents and Settings\Shaina\Desktop\Nov. 23 Coned Bill.pdf
    [2010/11/11 18:10:12 | 000,435,590 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
    [2010/11/11 18:10:12 | 000,068,360 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
    [2010/11/11 00:14:21 | 733,730,816 | ---- | M] () -- C:\Documents and Settings\Shaina\Desktop\Dora the Explorer - Meet Diego DVDRip Occor.avi
    [2010/11/10 23:47:36 | 948,805,900 | ---- | M] () -- C:\Documents and Settings\Shaina\Desktop\Dora the Explorer - Puppy Power.avi
    [2010/11/10 22:54:09 | 734,816,256 | ---- | M] () -- C:\Documents and Settings\Shaina\Desktop\Dora.The.Explorer.Best.Friends.2009.DvDRiP.XviD-ExtraScene RG.avi
    [2010/11/08 01:20:24 | 000,089,088 | ---- | M] () -- C:\WINDOWS\MBR.exe
    [2010/11/01 06:44:53 | 000,021,868 | ---- | M] () -- C:\Documents and Settings\Shaina\My Documents\MyERAS 2011 - Documents.pdf
    [2010/10/18 08:14:27 | 000,003,656 | -HS- | M] () -- C:\Documents and Settings\Shaina\Start Menu\Programs\Startup\OneNote Table Of Contents.onetoc2
    [2010/10/18 08:14:21 | 000,000,947 | ---- | M] () -- C:\Documents and Settings\Shaina\Start Menu\Programs\Startup\OneNote 2007 Screen Clipper and Launcher.lnk
    [2010/09/01 03:30:58 | 000,015,544 | ---- | M] (Secunia) -- C:\WINDOWS\System32\drivers\psi_mf.sys
    [2010/08/24 16:25:36 | 000,398,744 | R--- | M] (Coupons, Inc.) -- C:\WINDOWS\System32\cpnprt2.cid
    [2010/08/10 23:27:38 | 000,000,282 | RHS- | M] () -- C:\boot.ini
    [2010/08/07 21:55:12 | 000,000,359 | -H-- | M] () -- C:\IPH.PH
    [2010/08/05 22:55:03 | 000,000,076 | ---- | M] () -- C:\WINDOWS\QUICKEN.INI
    [2010/08/05 20:07:12 | 000,000,212 | ---- | M] () -- C:\Boot.bak
    [2010/07/19 17:35:40 | 000,000,664 | ---- | M] () -- C:\WINDOWS\System32\d3d9caps.dat
    [2010/07/12 06:10:05 | 004,657,152 | ---- | M] () -- C:\Documents and Settings\Shaina\s-1-5-21-1757981266-220523388-839522115-1004.rrr
    [2010/07/11 11:30:30 | 000,001,620 | ---- | M] () -- C:\Documents and Settings\Shaina\Application Data\Microsoft\Internet Explorer\Quick Launch\Mozilla Firefox.lnk
    [2010/06/20 18:33:35 | 000,000,045 | ---- | M] () -- C:\Documents and Settings\Shaina\jagex_runescape_preferences.dat
    [2010/04/26 17:04:42 | 000,353,592 | ---- | M] (DivX, Inc.) -- C:\WINDOWS\System32\DivXControlPanelApplet.cpl
    [2010/04/26 15:58:12 | 000,256,512 | ---- | M] () -- C:\WINDOWS\PEV.exe
    [2010/04/08 18:03:40 | 000,278,528 | ---- | M] (Real Networks, Inc) -- C:\WINDOWS\System32\pncrt.dll
    [2010/03/29 14:04:57 | 000,000,056 | -H-- | M] () -- C:\WINDOWS\System32\ezsidmv.dat
    [2010/03/16 18:01:21 | 003,331,653 | ---- | M] () -- C:\Documents and Settings\Shaina\Desktop\Chaim Aron COMLEX Level I.pdf
    [2010/03/16 18:00:44 | 000,015,757 | ---- | M] () -- C:\Documents and Settings\Shaina\My Documents\Chaim Aron CV.docx
    [2010/03/10 14:29:32 | 000,094,208 | ---- | M] (DivX, Inc.) -- C:\WINDOWS\System32\dpl100.dll
    [2010/03/09 20:28:04 | 000,113,935 | ---- | M] () -- C:\Documents and Settings\Shaina\Desktop\OUTSIDE_ROTATION_REQUEST_FORM.pdf
    [2010/02/19 14:27:36 | 000,720,384 | ---- | M] (DivX, Inc.) -- C:\WINDOWS\System32\DivX.dll
    [2010/02/19 14:27:16 | 000,856,064 | ---- | M] (DivX, Inc.) -- C:\WINDOWS\System32\divx_xx0c.dll
    [2010/02/19 14:27:16 | 000,856,064 | ---- | M] (DivX, Inc.) -- C:\WINDOWS\System32\divx_xx07.dll
    [2010/02/19 14:27:16 | 000,847,872 | ---- | M] (DivX, Inc.) -- C:\WINDOWS\System32\divx_xx0a.dll
    [2010/02/19 14:27:16 | 000,843,776 | ---- | M] (DivX, Inc.) -- C:\WINDOWS\System32\divx_xx16.dll
    [2010/02/19 14:27:16 | 000,839,680 | ---- | M] (DivX, Inc.) -- C:\WINDOWS\System32\divx_xx11.dll
    [2010/02/05 13:27:45 | 001,291,776 | ---- | M] () -- C:\WINDOWS\System32\dllcache\quartz.dll
    [2009/12/18 07:51:09 | 000,022,016 | ---- | M] () -- C:\Documents and Settings\Shaina\My Documents\Dear Dr.doc
    [2009/11/19 17:16:27 | 000,068,824 | ---- | M] () -- C:\WINDOWS\CouponPrinter.ocx
    [2009/10/13 19:12:41 | 000,001,500 | ---- | M] () -- C:\Documents and Settings\Shaina\.recently-used.xbel
    [2009/10/07 03:25:08 | 000,266,828 | ---- | M] () -- C:\WINDOWS\System32\drivers\LVAFT.cfg
    [2009/10/07 03:24:20 | 000,082,289 | ---- | M] () -- C:\WINDOWS\System32\lvcoinst.ini
    [2009/10/07 03:24:04 | 000,034,068 | ---- | M] () -- C:\WINDOWS\System32\Repository.reg
    [2009/10/07 00:46:36 | 000,025,752 | ---- | M] () -- C:\WINDOWS\System32\drivers\LVPr2Mon.sys
    [2009/10/07 00:25:10 | 000,227,172 | ---- | M] () -- C:\WINDOWS\System32\drivers\LVFeL100.cfg
    [2009/10/07 00:25:10 | 000,146,680 | ---- | M] () -- C:\WINDOWS\System32\drivers\LVFeL101.cfg
    [2009/10/07 00:25:10 | 000,085,302 | ---- | M] () -- C:\WINDOWS\System32\drivers\LVFeL102.cfg
    [2009/10/07 00:25:10 | 000,069,592 | ---- | M] () -- C:\WINDOWS\System32\drivers\LVFaL100.cfg
    [2009/10/07 00:23:08 | 000,013,584 | ---- | M] () -- C:\WINDOWS\System32\drivers\iKeyLFT2.dll
    [2009/09/29 20:11:22 | 000,030,382 | ---- | M] () -- C:\Documents and Settings\Shaina\My Documents\Obstetrics History and Physical.docx
    [2009/09/17 22:43:57 | 000,027,648 | ---- | M] () -- C:\Documents and Settings\Shaina\My Documents\gyn clam paper sources.doc
    [2009/09/17 22:43:32 | 000,027,287 | ---- | M] () -- C:\Documents and Settings\Shaina\My Documents\gyn clam paper.docx
    [2009/08/23 21:58:14 | 000,012,317 | ---- | M] () -- C:\Documents and Settings\Shaina\My Documents\fever sources.docx
    [2009/08/23 21:58:07 | 000,026,789 | ---- | M] () -- C:\Documents and Settings\Shaina\My Documents\Fever baby M.L..docx
    [2009/08/18 23:25:13 | 000,105,770 | ---- | M] () -- C:\Documents and Settings\Shaina\My Documents\Patient Presentation appendicitis.pptx
    [2009/08/17 22:27:16 | 000,042,663 | ---- | M] () -- C:\Documents and Settings\Shaina\My Documents\Evaluation and diagnosis of appendicitis in children.docx
    [2009/08/16 22:08:36 | 000,012,316 | ---- | M] () -- C:\Documents and Settings\Shaina\My Documents\sources asthma.docx
    [2009/08/16 22:05:09 | 000,025,988 | ---- | M] () -- C:\Documents and Settings\Shaina\My Documents\asthma 2 year old.docx
    [2009/08/12 22:34:36 | 000,001,791 | ---- | M] () -- C:\Documents and Settings\Shaina\Application Data\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk
    [2009/08/09 16:24:41 | 000,067,276 | -H-- | M] () -- C:\WINDOWS\System32\mlfcache.dat
    [2009/08/04 21:03:39 | 000,000,000 | -H-- | M] () -- C:\WINDOWS\System32\drivers\UMDF\Msft_User_WpdMtpDr_01_00_00.Wdf
    [2009/06/29 03:40:16 | 000,057,667 | ---- | M] () -- C:\WINDOWS\System32\ieuinit.inf
    [2009/06/26 07:19:46 | 000,000,815 | ---- | M] () -- C:\Documents and Settings\Shaina\Application Data\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk
    [2009/04/20 12:56:28 | 000,031,232 | ---- | M] (NirSoft) -- C:\WINDOWS\NIRCMD.exe
    [2009/02/12 21:20:42 | 000,005,630 | ---- | M] () -- C:\WINDOWS\System32\IE8Eula.rtf
    [2009/01/07 17:20:20 | 000,008,798 | ---- | M] () -- C:\WINDOWS\System32\icrav03.rat
    [2009/01/07 17:20:20 | 000,001,988 | ---- | M] () -- C:\WINDOWS\System32\ticrf.rat
    [2009/01/04 21:46:43 | 000,000,000 | -H-- | M] () -- C:\WINDOWS\System32\drivers\Msft_Kernel_motmodem_01005.Wdf
    [2009/01/04 21:46:42 | 000,000,000 | -H-- | M] () -- C:\WINDOWS\System32\drivers\MsftWdf_Kernel_01005_Coinstaller_Critical.Wdf
    [2008/11/21 16:47:52 | 003,596,288 | ---- | M] () -- C:\WINDOWS\System32\qt-dx331.dll
    [2008/08/31 06:21:55 | 000,000,079 | ---- | M] () -- C:\Documents and Settings\Shaina\Application Data\Microsoft\Internet Explorer\Quick Launch\Show Desktop.scf
    [2008/08/30 20:17:51 | 000,250,048 | RHS- | M] () -- C:\ntldr
    [2008/07/08 12:09:58 | 000,014,592 | ---- | M] () -- C:\WINDOWS\System32\CNC1735D.TBL
    [2008/05/09 06:54:12 | 000,001,931 | ---- | M] () -- C:\WINDOWS\mozver.dat
    [2008/04/13 19:25:26 | 000,001,804 | ---- | M] () -- C:\WINDOWS\System32\dcache.bin
    [2008/04/13 19:12:42 | 000,148,992 | ---- | M] () -- C:\WINDOWS\System32\mpg2splt.ax
    [2008/04/13 19:12:42 | 000,118,272 | ---- | M] () -- C:\WINDOWS\System32\mpeg2data.ax
    [2008/04/13 19:11:52 | 000,498,742 | ---- | M] () -- C:\WINDOWS\System32\dllcache\dxmasf.dll
    [2008/04/13 19:10:34 | 000,175,104 | ---- | M] () -- C:\WINDOWS\System32\dllcache\pintlcsa.dll
    [2008/04/13 19:10:08 | 000,844,314 | ---- | M] () -- C:\WINDOWS\System32\msdxm.ocx
    [2008/04/13 19:10:08 | 000,844,314 | ---- | M] () -- C:\WINDOWS\System32\dllcache\msdxm.ocx
    [2008/04/13 19:10:08 | 000,004,126 | ---- | M] () -- C:\WINDOWS\System32\dllcache\msdxmlc.dll
    [2008/04/13 19:09:39 | 013,463,552 | ---- | M] () -- C:\WINDOWS\System32\dllcache\hwxjpn.dll
    [2008/04/13 19:09:05 | 000,173,568 | ---- | M] () -- C:\WINDOWS\System32\dllcache\chtskf.dll
    [2008/04/13 12:26:09 | 000,004,310 | ---- | M] () -- C:\WINDOWS\System32\odbcconf.rsp
    [2008/04/11 17:44:45 | 000,000,422 | ---- | M] () -- C:\Documents and Settings\Shaina\My Documents\dvdauthor.xml
    [2008/04/02 14:54:20 | 001,101,824 | ---- | M] (Woodbury Associates Limited) -- C:\WINDOWS\System32\UniBox210.ocx
    [2008/04/02 14:53:50 | 000,212,992 | ---- | M] (Woodbury Associates Limited) -- C:\WINDOWS\System32\UniBoxVB12.ocx
    [2008/04/02 14:53:36 | 000,880,640 | ---- | M] (Woodbury Associates Limited) -- C:\WINDOWS\System32\UniBox10.ocx
    [2008/03/24 23:50:40 | 000,355,112 | ---- | M] () -- C:\WINDOWS\System32\dllcache\msjetol1.dll
    [2008/03/20 14:54:58 | 000,015,124 | ---- | M] () -- C:\Documents and Settings\Shaina\My Documents\Poem for purim.docx
    [2008/02/20 14:37:02 | 000,022,168 | ---- | M] (Softland) -- C:\WINDOWS\System32\dopdfmn6.dll
    [2008/02/20 14:37:02 | 000,018,072 | ---- | M] (Softland) -- C:\WINDOWS\System32\dopdfmi6.dll
    [2008/02/12 22:02:28 | 000,000,567 | ---- | M] () -- C:\Documents and Settings\Shaina\Application Data\Microsoft\Internet Explorer\Quick Launch\Shortcut to Show Desktop.lnk
    [2008/02/12 21:59:29 | 000,000,078 | ---- | M] () -- C:\WINDOWS\Show Desktop.scf
    [2008/02/11 15:14:12 | 000,007,477 | ---- | M] () -- C:\WINDOWS\System32\dopdf6.ctm
    [2008/01/20 17:05:44 | 002,625,445 | ---- | M] ( ) -- C:\Program Files\klcodec365b.exe
    [2008/01/20 13:03:44 | 000,000,800 | ---- | M] () -- C:\Documents and Settings\Shaina\Application Data\Microsoft\Internet Explorer\Quick Launch\Windows Media Player.lnk
    [2008/01/20 13:03:14 | 000,023,392 | ---- | M] () -- C:\WINDOWS\System32\nscompat.tlb
    [2008/01/20 13:03:14 | 000,016,832 | ---- | M] () -- C:\WINDOWS\System32\amcompat.tlb
    [2008/01/20 13:02:49 | 000,316,640 | ---- | M] () -- C:\WINDOWS\WMSysPr9.prx
    [2008/01/20 13:02:30 | 000,000,000 | -H-- | M] () -- C:\WINDOWS\System32\drivers\UMDF\MsftWdf_user_01_00_00.Wdf
    [2008/01/20 12:05:35 | 000,000,000 | ---- | M] () -- C:\WINDOWS\nsreg.dat
    [2008/01/20 11:53:41 | 000,000,057 | ---- | M] () -- C:\WINDOWS\WININIT.INI
    [2008/01/20 11:46:08 | 000,940,794 | ---- | M] () -- C:\WINDOWS\System32\LoopyMusic.wav
    [2008/01/20 11:46:08 | 000,146,650 | ---- | M] () -- C:\WINDOWS\System32\BuzzingBee.wav
    [2008/01/20 11:39:45 | 000,008,192 | ---- | M] () -- C:\WINDOWS\REGLOCS.OLD
    [2008/01/20 11:39:15 | 000,000,261 | ---- | M] () -- C:\WINDOWS\System32\$winnt$.inf
    [2008/01/20 11:37:36 | 000,000,000 | RHS- | M] () -- C:\MSDOS.SYS
    [2008/01/20 11:37:36 | 000,000,000 | RHS- | M] () -- C:\IO.SYS
    [2008/01/20 11:37:36 | 000,000,000 | ---- | M] () -- C:\CONFIG.SYS
    [2008/01/20 11:37:36 | 000,000,000 | ---- | M] () -- C:\AUTOEXEC.BAT
    [2008/01/20 11:37:27 | 000,004,161 | ---- | M] () -- C:\WINDOWS\ODBCINST.INI
    [2008/01/20 11:35:09 | 000,021,640 | ---- | M] () -- C:\WINDOWS\System32\emptyregdb.dat
    [2007/09/17 03:48:10 | 000,001,261 | ---- | M] () -- C:\WINDOWS\System32\pid.inf
    [2007/07/26 16:13:30 | 003,518,464 | ---- | M] (Amyuni Technologies
    http://www.amyuni.com) -- C:\WINDOWS\System32\cdintf300.dll
    [2007/07/26 16:13:30 | 001,843,200 | ---- | M] (Apache Software Foundation) -- C:\WINDOWS\System32\acXMLParser.dll
    [2007/07/25 14:24:30 | 001,559,040 | ---- | M] () -- C:\WINDOWS\System32\xvidcore.dll
    [2007/06/18 20:18:26 | 000,023,680 | ---- | M] (Motorola) -- C:\WINDOWS\System32\drivers\motmodem.sys
    [2007/04/16 22:19:40 | 000,026,304 | ---- | M] () -- C:\WINDOWS\System32\igxpxs32.vp
    [2007/04/16 21:51:16 | 000,204,800 | ---- | M] () -- C:\WINDOWS\System32\igfxCoIn_v4820.dll
    [2007/04/16 19:46:22 | 000,002,096 | ---- | M] () -- C:\WINDOWS\System32\igxpxk32.vp
    [2007/03/19 19:14:20 | 000,117,850 | ---- | M] () -- C:\WINDOWS\System32\Cnmnput.chm
    [2007/01/02 18:34:03 | 000,602,624 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Shaina\Desktop\OTL.exe
    [2007/01/02 14:30:09 | 000,002,335 | ---- | M] () -- C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Adobe Acrobat Speed Launcher.lnk
    [2007/01/02 14:30:04 | 000,000,882 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
    [2007/01/02 14:30:04 | 000,000,280 | ---- | M] () -- C:\WINDOWS\tasks\RealUpgradeLogonTaskS-1-5-21-1757981266-220523388-839522115-1004.job
    [2007/01/02 14:29:59 | 000,000,027 | ---- | M] () -- C:\WINDOWS\System32\drivers\etc\hosts
    [2007/01/02 14:29:40 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
    [2007/01/02 14:29:36 | 000,000,000 | ---- | M] () -- C:\WINDOWS\System32\drivers\lvuvc.hs
    [2007/01/02 14:29:30 | 000,000,000 | ---- | M] () -- C:\WINDOWS\System32\drivers\logiflt.iad
    [2007/01/02 13:54:07 | 004,266,254 | R--- | M] () -- C:\Documents and Settings\Shaina\Desktop\ComboFix.exe
    [2007/01/02 13:52:55 | 000,080,384 | ---- | M] () -- C:\Documents and Settings\Shaina\Desktop\MBRCheck.exe
    [2007/01/01 23:08:47 | 000,296,448 | ---- | M] () -- C:\Documents and Settings\Shaina\Desktop\k1xycswv.exe
    [2007/01/01 23:01:21 | 000,350,262 | ---- | M] () -- C:\Documents and Settings\Shaina\Desktop\untitled.bmp
    [2007/01/01 22:56:47 | 000,446,464 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Shaina\Desktop\TFC(3).exe
    [2007/01/01 21:04:27 | 000,001,734 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Adobe Reader X.lnk
    [2007/01/01 00:01:02 | 000,002,206 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
     
  11. merenwen

    merenwen TS Rookie Topic Starter Posts: 35

    ========== Files Created - No Company Name ==========

    [2011/02/09 11:34:06 | 000,064,251 | ---- | C] () -- C:\Documents and Settings\Shaina\Desktop\downsize.jpg
    [2011/02/08 12:34:09 | 000,350,262 | ---- | C] () -- C:\Documents and Settings\Shaina\Desktop\untitled.bmp
    [2011/01/30 21:32:44 | 000,455,327 | ---- | C] () -- C:\Documents and Settings\Shaina\Desktop\2010TaxReturn.pdf
    [2011/01/30 20:21:10 | 000,022,016 | ---- | C] () -- C:\Documents and Settings\Shaina\Desktop\Residency Spreadsheet.xls
    [2011/01/28 13:36:31 | 000,000,753 | ---- | C] () -- C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Secunia PSI Tray.lnk
    [2011/01/28 13:36:31 | 000,000,716 | ---- | C] () -- C:\Documents and Settings\All Users\Start Menu\Programs\Secunia PSI.lnk
    [2011/01/28 12:07:31 | 000,002,347 | ---- | C] () -- C:\Documents and Settings\All Users\Start Menu\Programs\Adobe Reader X.lnk
    [2011/01/18 12:45:23 | 000,022,528 | ---- | C] () -- C:\Documents and Settings\Shaina\Desktop\Book1.xls
    [2011/01/16 23:55:39 | 000,668,068 | ---- | C] () -- C:\Documents and Settings\Shaina\Desktop\IMG_0671.JPG
    [2011/01/11 10:17:26 | 000,017,920 | ---- | C] () -- C:\Documents and Settings\Shaina\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
    [2010/12/26 13:01:16 | 1407,071,087 | ---- | C] () -- C:\Documents and Settings\Shaina\Desktop\Go Diego Go Rainforest Fiesta 2009 DVDRip [A Release-Lounge H264].mp4
    [2010/12/26 12:59:52 | 731,826,176 | ---- | C] () -- C:\Documents and Settings\Shaina\Desktop\Barney.A.Counting.We.Will.Go.2010.DVDRip.XviD-DOCUMENT.avi
    [2010/12/19 19:48:07 | 000,017,887 | ---- | C] () -- C:\Documents and Settings\Shaina\My Documents\Gmail - (no subject).pdf
    [2010/12/13 21:42:41 | 941,702,964 | ---- | C] () -- C:\Documents and Settings\Shaina\Desktop\dora.mp4
    [2010/12/13 21:42:31 | 942,198,213 | ---- | C] () -- C:\Documents and Settings\Shaina\Desktop\doras world adventure.mp4
    [2010/12/13 21:42:26 | 943,195,068 | ---- | C] () -- C:\Documents and Settings\Shaina\Desktop\dance.mp4
    [2010/12/13 21:42:02 | 941,778,073 | ---- | C] () -- C:\Documents and Settings\Shaina\Desktop\big sister.mp4
    [2010/12/13 11:57:16 | 001,435,996 | ---- | C] () -- C:\Documents and Settings\Shaina\Desktop\Medical Enrollment.pdf
    [2010/12/12 20:22:55 | 000,289,168 | ---- | C] () -- C:\Documents and Settings\Shaina\Desktop\Daycare Letter.pdf
    [2010/12/07 22:01:06 | 000,000,700 | ---- | C] () -- C:\Documents and Settings\Shaina\Start Menu\Programs\Shortcut to FrostWire.lnk
    [2010/12/07 11:00:59 | 001,986,946 | ---- | C] () -- C:\Documents and Settings\Shaina\Desktop\Lease.pdf
    [2010/12/07 11:00:03 | 000,696,089 | ---- | C] () -- C:\Documents and Settings\Shaina\Desktop\IMG_0005.pdf
    [2010/12/07 10:59:02 | 001,335,675 | ---- | C] () -- C:\Documents and Settings\Shaina\Desktop\IMG_0004.pdf
    [2010/12/07 10:46:11 | 001,206,001 | ---- | C] () -- C:\Documents and Settings\Shaina\Desktop\Chaim Aron Tuition Remission.pdf
    [2010/12/07 10:45:02 | 000,618,135 | ---- | C] () -- C:\Documents and Settings\Shaina\Desktop\IMG_0002.pdf
    [2010/12/07 10:34:08 | 000,034,321 | ---- | C] () -- C:\Documents and Settings\Shaina\Desktop\NYCOM Clerkship Schedule.pdf
    [2010/12/07 10:29:14 | 000,042,670 | ---- | C] () -- C:\Documents and Settings\Shaina\Desktop\ConEd Payment History.pdf
    [2010/12/07 10:28:08 | 000,042,191 | ---- | C] () -- C:\Documents and Settings\Shaina\Desktop\Geico Policy.pdf
    [2010/12/07 10:24:35 | 000,195,864 | ---- | C] () -- C:\Documents and Settings\Shaina\Desktop\Oct. 25 Coned Bill.pdf
    [2010/12/07 10:23:42 | 000,196,015 | ---- | C] () -- C:\Documents and Settings\Shaina\Desktop\Nov. 23 Coned Bill.pdf
    [2010/12/06 22:12:26 | 000,028,672 | ---- | C] () -- C:\Documents and Settings\Shaina\Desktop\budget for financial aid.doc
    [2010/11/10 20:42:25 | 733,730,816 | ---- | C] () -- C:\Documents and Settings\Shaina\Desktop\Dora the Explorer - Meet Diego DVDRip Occor.avi
    [2010/11/10 20:42:21 | 948,805,900 | ---- | C] () -- C:\Documents and Settings\Shaina\Desktop\Dora the Explorer - Puppy Power.avi
    [2010/11/10 20:42:17 | 734,816,256 | ---- | C] () -- C:\Documents and Settings\Shaina\Desktop\Dora.The.Explorer.Best.Friends.2009.DvDRiP.XviD-ExtraScene RG.avi
    [2010/11/01 06:44:53 | 000,021,868 | ---- | C] () -- C:\Documents and Settings\Shaina\My Documents\MyERAS 2011 - Documents.pdf
    [2010/10/18 08:14:27 | 000,005,096 | -HS- | C] () -- C:\Documents and Settings\Shaina\Start Menu\Programs\OneNote Table Of Contents.onetoc2
    [2010/10/18 08:14:27 | 000,003,656 | -HS- | C] () -- C:\Documents and Settings\Shaina\Start Menu\Programs\Startup\OneNote Table Of Contents.onetoc2
    [2010/10/18 08:14:21 | 000,000,947 | ---- | C] () -- C:\Documents and Settings\Shaina\Start Menu\Programs\Startup\OneNote 2007 Screen Clipper and Launcher.lnk
    [2010/09/19 13:00:04 | 000,014,592 | ---- | C] () -- C:\WINDOWS\System32\CNC1735D.TBL
    [2010/09/19 12:58:35 | 000,117,850 | ---- | C] () -- C:\WINDOWS\System32\Cnmnput.chm
    [2010/08/13 02:01:59 | 000,001,355 | ---- | C] () -- C:\WINDOWS\imsins.BAK
    [2010/08/10 23:27:38 | 000,000,212 | ---- | C] () -- C:\Boot.bak
    [2010/08/10 23:27:35 | 000,260,272 | ---- | C] () -- C:\cmldr
    [2010/08/07 21:53:45 | 000,000,359 | -H-- | C] () -- C:\IPH.PH
    [2010/07/19 17:35:40 | 000,000,664 | ---- | C] () -- C:\WINDOWS\System32\d3d9caps.dat
    [2010/07/12 06:10:03 | 004,657,152 | ---- | C] () -- C:\Documents and Settings\Shaina\s-1-5-21-1757981266-220523388-839522115-1004.rrr
    [2010/06/20 18:33:15 | 000,000,045 | ---- | C] () -- C:\Documents and Settings\Shaina\jagex_runescape_preferences.dat
    [2010/04/23 15:31:44 | 000,000,000 | ---- | C] () -- C:\WINDOWS\System32\drivers\lvuvc.hs
    [2010/04/23 15:31:27 | 000,266,828 | ---- | C] () -- C:\WINDOWS\System32\drivers\LVAFT.cfg
    [2010/04/23 15:31:04 | 000,082,289 | ---- | C] () -- C:\WINDOWS\System32\lvcoinst.ini
    [2010/04/23 15:31:04 | 000,034,068 | ---- | C] () -- C:\WINDOWS\System32\Repository.reg
    [2010/04/23 15:30:50 | 000,000,000 | ---- | C] () -- C:\WINDOWS\System32\drivers\logiflt.iad
    [2010/04/08 18:04:46 | 000,000,280 | ---- | C] () -- C:\WINDOWS\tasks\RealUpgradeLogonTaskS-1-5-21-1757981266-220523388-839522115-1004.job
    [2010/04/08 18:04:45 | 000,000,288 | ---- | C] () -- C:\WINDOWS\tasks\RealUpgradeScheduledTaskS-1-5-21-1757981266-220523388-839522115-1004.job
    [2010/03/29 14:04:57 | 000,000,056 | -H-- | C] () -- C:\WINDOWS\System32\ezsidmv.dat
    [2010/03/16 18:01:21 | 003,331,653 | ---- | C] () -- C:\Documents and Settings\Shaina\Desktop\Chaim Aron COMLEX Level I.pdf
    [2010/03/16 18:00:43 | 000,015,757 | ---- | C] () -- C:\Documents and Settings\Shaina\My Documents\Chaim Aron CV.docx
    [2010/03/09 20:28:04 | 000,113,935 | ---- | C] () -- C:\Documents and Settings\Shaina\Desktop\OUTSIDE_ROTATION_REQUEST_FORM.pdf
    [2009/12/18 07:51:09 | 000,022,016 | ---- | C] () -- C:\Documents and Settings\Shaina\My Documents\Dear Dr.doc
    [2009/11/09 23:21:03 | 000,068,824 | ---- | C] () -- C:\WINDOWS\CouponPrinter.ocx
    [2009/10/13 19:12:41 | 000,001,500 | ---- | C] () -- C:\Documents and Settings\Shaina\.recently-used.xbel
    [2009/10/07 00:46:36 | 000,025,752 | ---- | C] () -- C:\WINDOWS\System32\drivers\LVPr2Mon.sys
    [2009/10/07 00:25:10 | 000,227,172 | ---- | C] () -- C:\WINDOWS\System32\drivers\LVFeL100.cfg
    [2009/10/07 00:25:10 | 000,146,680 | ---- | C] () -- C:\WINDOWS\System32\drivers\LVFeL101.cfg
    [2009/10/07 00:25:10 | 000,085,302 | ---- | C] () -- C:\WINDOWS\System32\drivers\LVFeL102.cfg
    [2009/10/07 00:25:10 | 000,069,592 | ---- | C] () -- C:\WINDOWS\System32\drivers\LVFaL100.cfg
    [2009/10/07 00:23:08 | 000,013,584 | ---- | C] () -- C:\WINDOWS\System32\drivers\iKeyLFT2.dll
    [2009/09/27 11:40:20 | 000,030,382 | ---- | C] () -- C:\Documents and Settings\Shaina\My Documents\Obstetrics History and Physical.docx
    [2009/09/17 21:49:51 | 000,027,648 | ---- | C] () -- C:\Documents and Settings\Shaina\My Documents\gyn clam paper sources.doc
    [2009/09/15 18:19:43 | 000,027,287 | ---- | C] () -- C:\Documents and Settings\Shaina\My Documents\gyn clam paper.docx
    [2009/08/23 21:58:14 | 000,012,317 | ---- | C] () -- C:\Documents and Settings\Shaina\My Documents\fever sources.docx
    [2009/08/23 21:58:07 | 000,026,789 | ---- | C] () -- C:\Documents and Settings\Shaina\My Documents\Fever baby M.L..docx
    [2009/08/17 22:27:16 | 000,042,663 | ---- | C] () -- C:\Documents and Settings\Shaina\My Documents\Evaluation and diagnosis of appendicitis in children.docx
    [2009/08/17 17:57:16 | 000,105,770 | ---- | C] () -- C:\Documents and Settings\Shaina\My Documents\Patient Presentation appendicitis.pptx
    [2009/08/16 22:08:36 | 000,012,316 | ---- | C] () -- C:\Documents and Settings\Shaina\My Documents\sources asthma.docx
    [2009/08/16 22:00:26 | 000,025,988 | ---- | C] () -- C:\Documents and Settings\Shaina\My Documents\asthma 2 year old.docx
    [2009/08/12 22:40:29 | 000,000,886 | ---- | C] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
    [2009/08/12 22:40:29 | 000,000,882 | ---- | C] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
    [2009/08/12 22:34:36 | 000,001,791 | ---- | C] () -- C:\Documents and Settings\Shaina\Application Data\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk
    [2009/08/09 16:24:41 | 000,067,276 | -H-- | C] () -- C:\WINDOWS\System32\mlfcache.dat
    [2009/08/04 21:03:39 | 000,000,000 | -H-- | C] () -- C:\WINDOWS\System32\drivers\UMDF\Msft_User_WpdMtpDr_01_00_00.Wdf
    [2009/05/08 16:17:09 | 000,000,284 | ---- | C] () -- C:\WINDOWS\tasks\AppleSoftwareUpdate.job
    [2009/05/08 16:17:06 | 000,002,265 | ---- | C] () -- C:\Documents and Settings\All Users\Start Menu\Programs\Apple Software Update.lnk
    [2009/03/25 15:15:30 | 000,002,363 | ---- | C] () -- C:\Documents and Settings\All Users\Start Menu\Programs\Adobe Designer 7.0.lnk
    [2009/03/25 15:15:30 | 000,002,353 | ---- | C] () -- C:\Documents and Settings\All Users\Start Menu\Programs\Adobe Acrobat 7.0 Professional.lnk
    [2009/03/25 15:15:30 | 000,002,335 | ---- | C] () -- C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Adobe Acrobat Speed Launcher.lnk
    [2009/03/25 15:15:30 | 000,001,810 | ---- | C] () -- C:\Documents and Settings\All Users\Start Menu\Programs\Acrobat Distiller 7.0.lnk
    [2009/02/12 21:20:42 | 000,005,630 | ---- | C] () -- C:\WINDOWS\System32\IE8Eula.rtf
    [2009/01/07 17:20:20 | 000,008,798 | ---- | C] () -- C:\WINDOWS\System32\icrav03.rat
    [2009/01/07 17:20:20 | 000,001,988 | ---- | C] () -- C:\WINDOWS\System32\ticrf.rat
    [2009/01/04 21:46:43 | 000,000,000 | -H-- | C] () -- C:\WINDOWS\System32\drivers\Msft_Kernel_motmodem_01005.Wdf
    [2009/01/04 21:46:42 | 000,000,000 | -H-- | C] () -- C:\WINDOWS\System32\drivers\MsftWdf_Kernel_01005_Coinstaller_Critical.Wdf
    [2008/08/31 06:21:55 | 000,000,079 | ---- | C] () -- C:\Documents and Settings\Shaina\Application Data\Microsoft\Internet Explorer\Quick Launch\Show Desktop.scf
    [2008/08/31 06:21:51 | 000,000,815 | ---- | C] () -- C:\Documents and Settings\Shaina\Application Data\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk
    [2008/08/22 15:29:40 | 000,067,866 | ---- | C] () -- C:\WINDOWS\System32\drivers\netwlan5.img
    [2008/08/22 15:29:19 | 000,001,261 | ---- | C] () -- C:\WINDOWS\System32\pid.inf
    [2008/08/22 15:29:09 | 000,129,045 | ---- | C] () -- C:\WINDOWS\System32\drivers\cxthsfs2.cty
    [2008/08/22 15:29:05 | 000,064,352 | ---- | C] () -- C:\WINDOWS\System32\drivers\ativmc20.cod
    [2008/07/23 11:50:52 | 003,596,288 | ---- | C] () -- C:\WINDOWS\System32\qt-dx331.dll
    [2008/05/07 00:12:40 | 001,291,776 | ---- | C] () -- C:\WINDOWS\System32\dllcache\quartz.dll
    [2008/04/11 17:44:45 | 000,000,422 | ---- | C] () -- C:\Documents and Settings\Shaina\My Documents\dvdauthor.xml
    [2008/03/20 20:46:26 | 000,007,477 | ---- | C] () -- C:\WINDOWS\System32\dopdf6.ctm
    [2008/03/20 10:35:19 | 000,015,124 | ---- | C] () -- C:\Documents and Settings\Shaina\My Documents\Poem for purim.docx
    [2008/03/18 18:32:22 | 000,000,076 | ---- | C] () -- C:\WINDOWS\QUICKEN.INI
    [2008/02/28 18:18:44 | 000,002,473 | ---- | C] () -- C:\Documents and Settings\Shaina\Desktop\Excel.lnk
    [2008/02/28 18:18:31 | 000,002,515 | ---- | C] () -- C:\Documents and Settings\Shaina\Desktop\Word.lnk
    [2008/02/18 17:29:54 | 000,001,620 | ---- | C] () -- C:\Documents and Settings\Shaina\Application Data\Microsoft\Internet Explorer\Quick Launch\Mozilla Firefox.lnk
    [2008/02/12 22:02:28 | 000,000,567 | ---- | C] () -- C:\Documents and Settings\Shaina\Application Data\Microsoft\Internet Explorer\Quick Launch\Shortcut to Show Desktop.lnk
    [2008/02/12 21:59:29 | 000,000,078 | ---- | C] () -- C:\WINDOWS\Show Desktop.scf
    [2008/01/20 17:06:09 | 001,559,040 | ---- | C] () -- C:\WINDOWS\System32\xvidcore.dll
    [2008/01/20 13:02:30 | 000,000,000 | -H-- | C] () -- C:\WINDOWS\System32\drivers\UMDF\MsftWdf_user_01_00_00.Wdf
    [2008/01/20 12:56:36 | 000,000,800 | ---- | C] () -- C:\Documents and Settings\Shaina\Application Data\Microsoft\Internet Explorer\Quick Launch\Windows Media Player.lnk
    [2008/01/20 12:24:34 | 000,001,931 | ---- | C] () -- C:\WINDOWS\mozver.dat
    [2008/01/20 12:05:35 | 000,000,000 | ---- | C] () -- C:\WINDOWS\nsreg.dat
    [2008/01/20 11:53:41 | 000,000,057 | ---- | C] () -- C:\WINDOWS\WININIT.INI
    [2008/01/20 11:46:08 | 000,940,794 | ---- | C] () -- C:\WINDOWS\System32\LoopyMusic.wav
    [2008/01/20 11:46:08 | 000,146,650 | ---- | C] () -- C:\WINDOWS\System32\BuzzingBee.wav
    [2008/01/20 11:45:01 | 000,049,152 | ---- | C] () -- C:\WINDOWS\System32\ChCfg.exe
    [2008/01/20 11:43:35 | 000,204,800 | ---- | C] () -- C:\WINDOWS\System32\igfxCoIn_v4820.dll
    [2008/01/20 11:43:35 | 000,026,304 | ---- | C] () -- C:\WINDOWS\System32\igxpxs32.vp
    [2008/01/20 11:43:35 | 000,002,096 | ---- | C] () -- C:\WINDOWS\System32\igxpxk32.vp
    [2008/01/20 11:43:34 | 000,121,232 | ---- | C] () -- C:\WINDOWS\System32\IScrNBR.bmp
    [2008/01/20 11:43:34 | 000,121,232 | ---- | C] () -- C:\WINDOWS\System32\IScrNB.bmp
    [2008/01/20 11:43:04 | 000,001,904 | ---- | C] () -- C:\WINDOWS\System32\SetupBD.din
    [2008/01/20 11:42:50 | 000,002,889 | ---- | C] () -- C:\WINDOWS\System32\e1e5132.din
    [2008/01/20 11:40:31 | 000,000,738 | ---- | C] () -- C:\Documents and Settings\Shaina\Start Menu\Programs\Outlook Express.lnk
    [2008/01/20 11:40:29 | 000,000,803 | ---- | C] () -- C:\Documents and Settings\Shaina\Start Menu\Programs\Internet Explorer.lnk
    [2008/01/20 11:40:23 | 000,001,599 | ---- | C] () -- C:\Documents and Settings\Shaina\Start Menu\Programs\Remote Assistance.lnk
    [2008/01/20 11:40:23 | 000,000,788 | ---- | C] () -- C:\Documents and Settings\Shaina\Start Menu\Programs\Windows Media Player.lnk
    [2008/01/20 11:39:45 | 000,008,192 | ---- | C] () -- C:\WINDOWS\REGLOCS.OLD
    [2008/01/20 11:39:12 | 000,002,048 | --S- | C] () -- C:\WINDOWS\bootstat.dat
    [2008/01/20 11:38:51 | 000,175,104 | ---- | C] () -- C:\WINDOWS\System32\dllcache\pintlcsa.dll
    [2008/01/20 11:38:42 | 001,158,818 | ---- | C] () -- C:\WINDOWS\System32\dllcache\korwbrkr.lex
    [2008/01/20 11:38:38 | 000,196,665 | ---- | C] () -- C:\WINDOWS\System32\dllcache\imjpinst.exe
    [2008/01/20 11:38:38 | 000,059,392 | ---- | C] () -- C:\WINDOWS\System32\dllcache\imscinst.exe
    [2008/01/20 11:38:36 | 000,134,339 | ---- | C] () -- C:\WINDOWS\System32\dllcache\imekr.lex
    [2008/01/20 11:38:27 | 013,463,552 | ---- | C] () -- C:\WINDOWS\System32\dllcache\hwxjpn.dll
    [2008/01/20 11:38:22 | 000,108,827 | ---- | C] () -- C:\WINDOWS\System32\dllcache\hanja.lex
    [2008/01/20 11:38:14 | 000,173,568 | ---- | C] () -- C:\WINDOWS\System32\dllcache\chtskf.dll
    [2008/01/20 11:37:36 | 000,002,626 | ---- | C] () -- C:\WINDOWS\System32\CONFIG.NT
    [2008/01/20 11:37:36 | 000,000,000 | RHS- | C] () -- C:\MSDOS.SYS
    [2008/01/20 11:37:36 | 000,000,000 | RHS- | C] () -- C:\IO.SYS
    [2008/01/20 11:37:36 | 000,000,000 | ---- | C] () -- C:\CONFIG.SYS
    [2008/01/20 11:37:36 | 000,000,000 | ---- | C] () -- C:\AUTOEXEC.BAT
    [2008/01/20 11:37:34 | 000,023,392 | ---- | C] () -- C:\WINDOWS\System32\nscompat.tlb
    [2008/01/20 11:37:34 | 000,016,832 | ---- | C] () -- C:\WINDOWS\System32\amcompat.tlb
    [2008/01/20 11:37:33 | 000,316,640 | ---- | C] () -- C:\WINDOWS\WMSysPr9.prx
    [2008/01/20 11:36:45 | 000,000,786 | ---- | C] () -- C:\Documents and Settings\All Users\Start Menu\Programs\Windows Movie Maker.lnk
    [2008/01/20 11:36:36 | 004,399,505 | ---- | C] () -- C:\WINDOWS\System32\dllcache\nls302en.lex
    [2008/01/20 11:36:05 | 000,048,680 | -HS- | C] () -- C:\WINDOWS\winnt256.bmp
    [2008/01/20 11:36:05 | 000,048,680 | -HS- | C] () -- C:\WINDOWS\winnt.bmp
    [2008/01/20 11:35:58 | 000,000,984 | ---- | C] () -- C:\WINDOWS\System32\dllcache\srframe.mmf
    [2008/01/20 11:35:09 | 000,021,640 | ---- | C] () -- C:\WINDOWS\System32\emptyregdb.dat
    [2008/01/20 11:34:39 | 000,001,986 | ---- | C] () -- C:\Documents and Settings\All Users\Start Menu\Programs\MSN.lnk
    [2008/01/20 11:34:39 | 000,000,609 | ---- | C] () -- C:\Documents and Settings\All Users\Start Menu\Programs\Windows Messenger.lnk
    [2008/01/20 11:34:17 | 000,065,954 | ---- | C] () -- C:\WINDOWS\Prairie Wind.bmp
    [2008/01/20 11:34:17 | 000,065,832 | ---- | C] () -- C:\WINDOWS\Santa Fe Stucco.bmp
    [2008/01/20 11:34:17 | 000,026,680 | ---- | C] () -- C:\WINDOWS\River Sumida.bmp
    [2008/01/20 11:34:17 | 000,026,582 | ---- | C] () -- C:\WINDOWS\Greenstone.bmp
    [2008/01/20 11:34:17 | 000,017,362 | ---- | C] () -- C:\WINDOWS\Rhododendron.bmp
    [2008/01/20 11:34:17 | 000,017,336 | ---- | C] () -- C:\WINDOWS\Gone Fishing.bmp
    [2008/01/20 11:34:17 | 000,017,062 | ---- | C] () -- C:\WINDOWS\Coffee Bean.bmp
    [2008/01/20 11:34:17 | 000,016,730 | ---- | C] () -- C:\WINDOWS\FeatherTexture.bmp
    [2008/01/20 11:34:17 | 000,009,522 | ---- | C] () -- C:\WINDOWS\Zapotec.bmp
    [2008/01/20 11:34:16 | 000,065,978 | ---- | C] () -- C:\WINDOWS\Soap Bubbles.bmp
    [2008/01/20 11:34:16 | 000,001,272 | ---- | C] () -- C:\WINDOWS\Blue Lace 16.bmp
    [2008/01/20 11:34:13 | 000,003,286 | ---- | C] () -- C:\WINDOWS\System32\tslabels.h
    [2008/01/20 11:34:13 | 000,001,161 | ---- | C] () -- C:\WINDOWS\System32\usrlogon.cmd
    [2008/01/20 11:34:12 | 000,000,768 | ---- | C] () -- C:\WINDOWS\System32\msdtcprf.h
    [2008/01/20 11:34:06 | 000,063,488 | ---- | C] () -- C:\WINDOWS\System32\wmimgmt.msc
    [2008/01/20 06:17:41 | 000,004,161 | ---- | C] () -- C:\WINDOWS\ODBCINST.INI
    [2008/01/20 06:17:39 | 001,685,606 | ---- | C] () -- C:\WINDOWS\System32\dllcache\sam.spd
    [2008/01/20 06:17:39 | 000,000,888 | ---- | C] () -- C:\WINDOWS\System32\dllcache\sam.sdf
    [2008/01/20 06:17:38 | 000,605,050 | ---- | C] () -- C:\WINDOWS\System32\dllcache\r1033tts.lxa
    [2008/01/20 06:17:37 | 000,643,717 | ---- | C] () -- C:\WINDOWS\System32\dllcache\ltts1033.lxa
    [2008/01/20 06:17:20 | 000,001,688 | ---- | C] () -- C:\WINDOWS\System32\AUTOEXEC.NT
    [2008/01/20 06:17:13 | 001,042,903 | ---- | C] () -- C:\WINDOWS\System32\dllcache\SP2.CAT
    [2008/01/20 06:17:13 | 000,797,189 | ---- | C] () -- C:\WINDOWS\System32\dllcache\NT5IIS.CAT
    [2008/01/20 06:17:13 | 000,399,645 | ---- | C] () -- C:\WINDOWS\System32\dllcache\MAPIMIG.CAT
    [2008/01/20 06:17:13 | 000,037,484 | ---- | C] () -- C:\WINDOWS\System32\dllcache\MW770.CAT
    [2008/01/20 06:17:13 | 000,013,472 | ---- | C] () -- C:\WINDOWS\System32\dllcache\HPCRDP.CAT
    [2008/01/20 06:17:13 | 000,008,574 | ---- | C] () -- C:\WINDOWS\System32\dllcache\IASNT4.CAT
    [2008/01/20 06:17:13 | 000,007,710 | ---- | C] () -- C:\WINDOWS\System32\dllcache\OEMBIOS.CAT
    [2008/01/20 06:17:13 | 000,007,334 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wmerrenu.cat
    [2008/01/20 06:16:34 | 000,316,360 | ---- | C] () -- C:\WINDOWS\System32\FNTCACHE.DAT
    [2008/01/20 06:15:42 | 000,000,282 | RHS- | C] () -- C:\boot.ini
    [2008/01/20 06:15:40 | 000,000,261 | ---- | C] () -- C:\WINDOWS\System32\$winnt$.inf
    [2007/01/02 13:58:43 | 000,256,512 | ---- | C] () -- C:\WINDOWS\PEV.exe
    [2007/01/02 13:58:43 | 000,098,816 | ---- | C] () -- C:\WINDOWS\sed.exe
    [2007/01/02 13:58:43 | 000,089,088 | ---- | C] () -- C:\WINDOWS\MBR.exe
    [2007/01/02 13:58:43 | 000,080,412 | ---- | C] () -- C:\WINDOWS\grep.exe
    [2007/01/02 13:58:43 | 000,068,096 | ---- | C] () -- C:\WINDOWS\zip.exe
    [2007/01/02 13:54:00 | 004,266,254 | R--- | C] () -- C:\Documents and Settings\Shaina\Desktop\ComboFix.exe
    [2007/01/02 13:52:54 | 000,080,384 | ---- | C] () -- C:\Documents and Settings\Shaina\Desktop\MBRCheck.exe
    [2007/01/01 23:08:47 | 000,296,448 | ---- | C] () -- C:\Documents and Settings\Shaina\Desktop\k1xycswv.exe
    [2007/01/01 21:04:27 | 000,001,734 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Adobe Reader X.lnk
    [2006/09/16 23:36:50 | 000,520,192 | ---- | C] () -- C:\WINDOWS\System32\CddbPlaylist2Roxio.dll
    [2006/09/16 23:36:50 | 000,204,800 | ---- | C] () -- C:\WINDOWS\System32\CddbFileTaggerRoxio.dll
    [2002/10/15 17:54:04 | 000,153,088 | ---- | C] () -- C:\WINDOWS\System32\unrar.dll

    ========== LOP Check ==========

    [2011/01/28 14:13:24 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Alwil Software
    [2008/03/18 22:08:42 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Broderbund
    [2008/03/27 18:01:38 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Application Data\CanonBJ
    [2010/12/07 10:40:47 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Application Data\CanonIJScan
    [2011/01/02 20:55:33 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Application Data\Common Files
    [2008/10/11 19:00:01 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\NCH Swift Sound
    [2009/06/17 19:36:18 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Nitro PDF
    [2006/12/31 19:32:55 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\TEMP
    [2010/06/11 18:42:42 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\{429CAD59-35B1-4DBC-BB6D-1DB246563521}
    [2009/05/08 16:19:28 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\{8CD7F5AF-ECFA-4793-BF40-D8F42DBFF906}
    [2008/01/20 14:15:57 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Shaina\Application Data\.ABC
    [2010/08/05 22:58:40 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Shaina\Application Data\Amazon
    [2008/03/18 22:08:42 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Shaina\Application Data\Broderbund
    [2010/12/07 10:40:47 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Shaina\Application Data\Canon
    [2009/06/23 17:08:25 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Shaina\Application Data\FireShot
    [2011/01/06 13:14:02 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Shaina\Application Data\FrostWire
    [2009/12/06 19:13:46 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Shaina\Application Data\Gleim
    [2008/01/20 12:17:25 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Shaina\Application Data\Grisoft
    [2009/10/13 19:12:41 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Shaina\Application Data\gtk-2.0
    [2010/03/17 08:15:18 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Shaina\Application Data\Lala Music Mover
    [2010/04/23 15:32:11 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Shaina\Application Data\Leadertech
    [2009/01/19 19:25:46 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Shaina\Application Data\NCH Swift Sound
    [2009/06/17 19:38:36 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Shaina\Application Data\Nitro PDF
    [2009/10/25 10:51:17 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Shaina\Application Data\Opera
    [2008/08/03 10:40:47 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Shaina\Application Data\Panasonic
    [2008/05/09 06:54:16 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Shaina\Application Data\Snapfish
    [2010/07/16 17:57:08 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Shaina\Application Data\WinPatrol

    ========== Purity Check ==========



    ========== Custom Scans ==========


    < %SYSTEMDRIVE%\*.* >
    [2008/01/20 11:37:36 | 000,000,000 | ---- | M] () -- C:\AUTOEXEC.BAT
    [2010/08/05 20:07:12 | 000,000,212 | ---- | M] () -- C:\Boot.bak
    [2010/08/10 23:27:38 | 000,000,282 | RHS- | M] () -- C:\boot.ini
    [2004/08/03 22:00:00 | 000,260,272 | ---- | M] () -- C:\cmldr
    [2007/01/02 14:37:38 | 000,019,924 | ---- | M] () -- C:\ComboFix.txt
    [2008/01/20 11:37:36 | 000,000,000 | ---- | M] () -- C:\CONFIG.SYS
    [2008/01/20 11:37:36 | 000,000,000 | RHS- | M] () -- C:\IO.SYS
    [2010/08/07 21:55:12 | 000,000,359 | -H-- | M] () -- C:\IPH.PH
    [2011/01/27 23:10:50 | 000,032,083 | ---- | M] () -- C:\JavaRa.log
    [2008/01/20 11:37:36 | 000,000,000 | RHS- | M] () -- C:\MSDOS.SYS
    [2004/08/04 05:00:00 | 000,047,564 | RHS- | M] () -- C:\NTDETECT.COM
    [2008/08/30 20:17:51 | 000,250,048 | RHS- | M] () -- C:\ntldr
    [2007/01/02 14:29:38 | 3221,225,472 | -HS- | M] () -- C:\pagefile.sys

    < %systemroot%\Fonts\*.com >
    [2006/04/18 14:39:28 | 000,026,040 | ---- | M] () -- C:\WINDOWS\Fonts\GlobalMonospace.CompositeFont
    [2006/06/29 13:53:56 | 000,026,489 | ---- | M] () -- C:\WINDOWS\Fonts\GlobalSansSerif.CompositeFont
    [2006/04/18 14:39:28 | 000,029,779 | ---- | M] () -- C:\WINDOWS\Fonts\GlobalSerif.CompositeFont
    [2006/06/29 13:58:52 | 000,030,808 | ---- | M] () -- C:\WINDOWS\Fonts\GlobalUserInterface.CompositeFont

    < %systemroot%\Fonts\*.dll >

    < %systemroot%\Fonts\*.ini >
    [2008/01/20 11:37:20 | 000,000,067 | -HS- | M] () -- C:\WINDOWS\Fonts\desktop.ini

    < %systemroot%\Fonts\*.ini2 >

    < %systemroot%\Fonts\*.exe >

    < %systemroot%\system32\spool\prtprocs\w32x86\*.* >
    [2007/03/19 00:00:00 | 000,027,136 | ---- | M] (CANON INC.) -- C:\WINDOWS\system32\spool\prtprocs\w32x86\CNMPD8S.DLL
    [2008/10/26 04:00:00 | 000,027,136 | ---- | M] (CANON INC.) -- C:\WINDOWS\system32\spool\prtprocs\w32x86\CNMPD9N.DLL
    [2007/03/19 00:00:00 | 000,069,632 | ---- | M] (CANON INC.) -- C:\WINDOWS\system32\spool\prtprocs\w32x86\CNMPP8S.DLL
    [2008/10/26 04:00:00 | 000,069,632 | ---- | M] (CANON INC.) -- C:\WINDOWS\system32\spool\prtprocs\w32x86\CNMPP9N.DLL
    [2008/07/06 07:06:10 | 000,089,088 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\spool\prtprocs\w32x86\filterpipelineprintproc.dll
    [2006/10/26 19:56:12 | 000,033,104 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\spool\prtprocs\w32x86\msonpppr.dll
    [2008/07/06 05:50:03 | 000,597,504 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\spool\prtprocs\w32x86\printfilterpipelinesvc.exe

    < %systemroot%\REPAIR\*.bak1 >

    < %systemroot%\REPAIR\*.ini >

    < %systemroot%\system32\*.jpg >

    < %systemroot%\*.jpg >

    < %systemroot%\*.png >

    < %systemroot%\*.scr >
    [2011/01/13 03:47:35 | 000,038,848 | ---- | M] (AVAST Software) -- C:\WINDOWS\avastSS.scr

    < %systemroot%\*._sy >

    < %APPDATA%\Adobe\Update\*.* >

    < %ALLUSERSPROFILE%\Favorites\*.* >

    < %APPDATA%\Microsoft\*.* >

    < %PROGRAMFILES%\*.* >
    [2008/01/20 17:05:44 | 002,625,445 | ---- | M] ( ) -- C:\Program Files\klcodec365b.exe

    < %APPDATA%\Update\*.* >

    < %systemroot%\*. /mp /s >

    < %systemroot%\System32\config\*.sav >
    [2008/01/20 06:15:42 | 000,094,208 | ---- | M] () -- C:\WINDOWS\system32\config\default.sav
    [2008/01/20 06:15:42 | 000,634,880 | ---- | M] () -- C:\WINDOWS\system32\config\software.sav
    [2008/01/20 06:15:42 | 000,892,928 | ---- | M] () -- C:\WINDOWS\system32\config\system.sav

    < %PROGRAMFILES%\bak. /s >

    < %systemroot%\system32\bak. /s >

    < %ALLUSERSPROFILE%\Start Menu\*.lnk /x >
    [2008/08/30 20:21:57 | 000,000,272 | -HS- | M] () -- C:\Documents and Settings\All Users\Start Menu\desktop.ini

    < %systemroot%\system32\config\systemprofile\*.dat /x >

    < %systemroot%\*.config >

    < %systemroot%\system32\*.db >

    < %APPDATA%\Microsoft\Internet Explorer\Quick Launch\*.lnk /x >
    [2008/08/31 06:21:55 | 000,000,119 | -HS- | M] () -- C:\Documents and Settings\Shaina\Application Data\Microsoft\Internet Explorer\Quick Launch\desktop.ini
    [2008/08/31 06:21:55 | 000,000,079 | ---- | M] () -- C:\Documents and Settings\Shaina\Application Data\Microsoft\Internet Explorer\Quick Launch\Show Desktop.scf

    < %USERPROFILE%\Desktop\*.exe >
    [2007/01/02 13:54:07 | 004,266,254 | R--- | M] () -- C:\Documents and Settings\Shaina\Desktop\ComboFix.exe
    [2007/01/01 23:08:47 | 000,296,448 | ---- | M] () -- C:\Documents and Settings\Shaina\Desktop\k1xycswv.exe
    [2007/01/02 13:52:55 | 000,080,384 | ---- | M] () -- C:\Documents and Settings\Shaina\Desktop\MBRCheck.exe
    [2007/01/02 18:34:03 | 000,602,624 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Shaina\Desktop\OTL.exe
    [2007/01/01 22:56:47 | 000,446,464 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Shaina\Desktop\TFC(3).exe

    < %PROGRAMFILES%\Common Files\*.* >

    < %systemroot%\*.src >

    < %systemroot%\install\*.* >

    < %systemroot%\system32\DLL\*.* >

    < %systemroot%\system32\HelpFiles\*.* >

    < %systemroot%\system32\rundll\*.* >

    < %systemroot%\winn32\*.* >

    < %systemroot%\Java\*.* >

    < %systemroot%\system32\test\*.* >

    < %systemroot%\system32\Rundll32\*.* >

    < %systemroot%\AppPatch\Custom\*.* >

    < %APPDATA%\Roaming\Microsoft\Windows\Recent\*.lnk /x >

    < %PROGRAMFILES%\PC-Doctor\Downloads\*.* >

    < %PROGRAMFILES%\Internet Explorer\*.tmp >

    < %PROGRAMFILES%\Internet Explorer\*.dat >

    < %USERPROFILE%\My Documents\*.exe >

    < %USERPROFILE%\*.exe >

    < %systemroot%\ADDINS\*.* >

    < %systemroot%\assembly\*.bak2 >

    < %systemroot%\Config\*.* >

    < %systemroot%\REPAIR\*.bak2 >

    < %systemroot%\SECURITY\Database\*.sdb /x >

    < %systemroot%\SYSTEM\*.bak2 >

    < %systemroot%\Web\*.bak2 >

    < %systemroot%\Driver Cache\*.* >

    < %PROGRAMFILES%\Mozilla Firefox\0*.exe >

    < %ProgramFiles%\Microsoft Common\*.* >

    < %ProgramFiles%\TinyProxy. >

    < %USERPROFILE%\Favorites\*.url /x >
    [2008/08/31 06:21:55 | 000,000,122 | -HS- | M] () -- C:\Documents and Settings\Shaina\Favorites\Desktop.ini
    [2010/03/03 00:11:50 | 000,000,248 | ---- | M] () -- C:\Documents and Settings\Shaina\Favorites\NCH Software Download.lnk

    < %systemroot%\system32\*.bk >

    < %systemroot%\*.te >

    < %systemroot%\system32\system32\*.* >

    < %ALLUSERSPROFILE%\*.dat /x >

    < %systemroot%\system32\drivers\*.rmv >

    < dir /b "%systemroot%\system32\*.exe" | find /i " " /c >

    < dir /b "%systemroot%\*.exe" | find /i " " /c >

    < %PROGRAMFILES%\Microsoft\*.* >

    < %systemroot%\System32\Wbem\proquota.exe >

    < %PROGRAMFILES%\Mozilla Firefox\*.dat >

    < %USERPROFILE%\Cookies\*.txt /x >
    [2007/01/02 17:40:09 | 000,032,768 | -HS- | M] () -- C:\Documents and Settings\Shaina\Cookies\index.dat

    < %SystemRoot%\system32\fonts\*.* >

    < %systemroot%\system32\winlog\*.* >

    < %systemroot%\system32\Language\*.* >

    < %systemroot%\system32\Settings\*.* >

    < %systemroot%\system32\*.quo >

    < %SYSTEMROOT%\AppPatch\*.exe >

    < %SYSTEMROOT%\inf\*.exe >
    [2007/06/26 22:10:26 | 000,317,440 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\inf\unregmp2.exe

    < %SYSTEMROOT%\Installer\*.exe >

    < %systemroot%\system32\config\*.bak2 >

    < %systemroot%\system32\Computers\*.* >

    < %SystemRoot%\system32\Sound\*.* >

    < %SystemRoot%\system32\SpecialImg\*.* >

    < %SystemRoot%\system32\code\*.* >

    < %SystemRoot%\system32\draft\*.* >

    < %SystemRoot%\system32\MSSSys\*.* >

    < %ProgramFiles%\Javascript\*.* >

    < %systemroot%\pchealth\helpctr\System\*.exe /s >

    < %systemroot%\Web\*.exe >

    < %systemroot%\system32\msn\*.* >

    < %systemroot%\system32\*.tro >

    < %AppData%\Microsoft\Installer\msupdates\*.* >

    < %ProgramFiles%\Messenger\*.* >
    [2008/04/13 19:11:51 | 000,033,792 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Messenger\custsat.dll
    [2004/08/04 01:06:34 | 000,004,821 | ---- | M] () -- C:\Program Files\Messenger\logowin.gif
    [2004/08/04 01:06:34 | 000,007,047 | ---- | M] () -- C:\Program Files\Messenger\lvback.gif
    [2008/05/02 09:01:49 | 000,083,968 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Messenger\msgsc.dll
    [2008/04/13 12:30:28 | 000,180,224 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Messenger\msgslang.dll
    [2008/04/13 19:12:28 | 001,695,232 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Messenger\msmsgs.exe
    [2007/04/02 13:07:23 | 000,002,882 | ---- | M] () -- C:\Program Files\Messenger\newalert.wav
    [2007/04/02 13:07:23 | 000,006,156 | ---- | M] () -- C:\Program Files\Messenger\newemail.wav
    [2007/04/02 13:07:24 | 000,006,160 | ---- | M] () -- C:\Program Files\Messenger\online.wav
    [2004/08/04 01:06:36 | 000,004,454 | ---- | M] () -- C:\Program Files\Messenger\type.wav
    [2004/08/04 01:06:36 | 000,115,981 | ---- | M] () -- C:\Program Files\Messenger\xpmsgr.chm

    < %systemroot%\system32\systhem32\*.* >

    < %systemroot%\system\*.exe >

    < HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate\AU >

    < HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\ Auto Update\Results\Install|LastSuccessTime /rs >


    < End of report >
     
  12. Broni

    Broni Malware Annihilator Posts: 52,911   +344

    You're running low on C drive free space:
    Run OTL
    • Under the Custom Scans/Fixes box at the bottom, paste in the following

      Code:
      :OTL
      IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
      IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = <local>
      IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyServer" = http=127.0.0.1:5643
      IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
      IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = <local>
      IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyServer" = http=127.0.0.1:5643
      O34 - HKLM BootExecute: (C:\PROGRA~1\AVG\AVG10\avgchsvx.exe /sync) - File not found
      O34 - HKLM BootExecute: (C:\PROGRA~1\AVG\AVG10\avgrsx.exe /sync /restart) - File not found
      [2011/01/02 20:54:17 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\drivers\AVG
      [2010/07/12 06:05:21 | 000,000,000 | ---D | C] -- C:\Program Files\Registry Mechanic
      [2010/03/29 14:04:57 | 000,000,056 | -H-- | C] () -- C:\WINDOWS\System32\ezsidmv.dat
      
      
      :Commands
      [purity]
      [emptytemp]
      [emptyflash]
      [Reboot]
      
    • Then click the Run Fix button at the top
    • Let the program run unhindered, reboot the PC when it is done
    • You will get a log that shows the results of the fix. Please post it.

    ====================================================================

    Last scans...

    1. Download Security Check from HERE, and save it to your Desktop.
    • Double-click SecurityCheck.exe
    • Follow the onscreen instructions inside of the black box.
    • A Notepad document should open automatically called checkup.txt; please post the contents of that document.

      NOTE SecurityCheck may produce some false warning(s), so leave the results reading to me.


    2. Download Temp File Cleaner (TFC)
    • Double click on TFC.exe to run the program.
    • Click on Start button to begin cleaning process.
    • TFC will close all running programs, and it may ask you to restart computer.


    3. Please run a free online scan with the ESET Online Scanner

    • Disable your antivirus program
    • Tick the box next to YES, I accept the Terms of Use
    • Click Start
    • IMPORTANT! UN-check Remove found threats
    • Accept any security warnings from your browser.
    • Check Scan archives
    • Click Start
    • ESET will then download updates for itself, install itself, and begin scanning your computer. Please be patient as this can take some time.
    • When the scan completes, push List of found threats
    • Click on Export to text file , and save the file to your desktop using a unique name, such as ESETScan. Include the contents of this report in your next reply.
    • NOTE. If Eset won't find any threats, it won't produce any log.
     
  13. merenwen

    merenwen TS Rookie Topic Starter Posts: 35

    Thanks, I will work on deleting stuff from my hard drive.

    By the way, my computer is still having the same issues :(

    Here are the logs (ESET was clear):

    All processes killed
    ========== OTL ==========
    HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings\\ProxyEnable|dword:0 /E : value set successfully!
    HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings\\ProxyOverride| /E : value set successfully!
    HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings\\ProxyServer| /E : value set successfully!
    HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings\\ProxyEnable|dword:0 /E : value set successfully!
    HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings\\ProxyOverride| /E : value set successfully!
    HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings\\ProxyServer| /E : value set successfully!
    Registry value HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Session manager\\BootExecute:C:\PROGRA~1\AVG\AVG10\avgchsvx.exe /sync deleted successfully.
    Registry value HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Session manager\\BootExecute:C:\PROGRA~1\AVG\AVG10\avgrsx.exe /sync /restart deleted successfully.
    Folder C:\WINDOWS\System32\drivers\AVG\ not found.
    Folder C:\Program Files\Registry Mechanic\ not found.
    C:\WINDOWS\system32\ezsidmv.dat moved successfully.
    ========== COMMANDS ==========

    [EMPTYTEMP]

    User: Administrator
    ->Temp folder emptied: 0 bytes
    ->Temporary Internet Files folder emptied: 0 bytes
    ->Flash cache emptied: 0 bytes

    User: All Users

    User: Default User
    ->Temp folder emptied: 0 bytes
    ->Temporary Internet Files folder emptied: 0 bytes
    ->Flash cache emptied: 0 bytes

    User: LocalService
    ->Temp folder emptied: 0 bytes
    ->Temporary Internet Files folder emptied: 33170 bytes
    ->Flash cache emptied: 0 bytes

    User: NetworkService
    ->Temp folder emptied: 0 bytes
    ->Temporary Internet Files folder emptied: 33170 bytes
    ->Java cache emptied: 0 bytes
    ->Flash cache emptied: 0 bytes

    User: Shaina
    ->Temp folder emptied: 593674 bytes
    ->Temporary Internet Files folder emptied: 34490 bytes
    ->Java cache emptied: 0 bytes
    ->FireFox cache emptied: 40968383 bytes
    ->Google Chrome cache emptied: 0 bytes
    ->Apple Safari cache emptied: 0 bytes
    ->Opera cache emptied: 0 bytes
    ->Flash cache emptied: 756 bytes

    %systemdrive% .tmp files removed: 0 bytes
    %systemroot% .tmp files removed: 0 bytes
    %systemroot%\System32 .tmp files removed: 0 bytes
    %systemroot%\System32\dllcache .tmp files removed: 0 bytes
    %systemroot%\System32\drivers .tmp files removed: 0 bytes
    Windows Temp folder emptied: 125464 bytes
    %systemroot%\system32\config\systemprofile\Local Settings\Temp folder emptied: 0 bytes
    %systemroot%\system32\config\systemprofile\Local Settings\Temporary Internet Files folder emptied: 0 bytes
    RecycleBin emptied: 0 bytes

    Total Files Cleaned = 40.00 mb


    [EMPTYFLASH]

    User: Administrator
    ->Flash cache emptied: 0 bytes

    User: All Users

    User: Default User
    ->Flash cache emptied: 0 bytes

    User: LocalService
    ->Flash cache emptied: 0 bytes

    User: NetworkService
    ->Flash cache emptied: 0 bytes

    User: Shaina
    ->Flash cache emptied: 0 bytes

    Total Flash Files Cleaned = 0.00 mb


    OTL by OldTimer - Version 3.2.20.6 log created on 01022007_215732

    Files\Folders moved on Reboot...
    File move failed. C:\WINDOWS\temp\_avast5_\Webshlock.txt scheduled to be moved on reboot.

    Registry entries deleted on Reboot...

    -------------------------------------------------------------------------

    Results of screen317's Security Check version 0.99.7
    Windows XP Service Pack 3
    Internet Explorer 8
    ``````````````````````````````
    Antivirus/Firewall Check:

    Windows Firewall Enabled!
    avast! Free Antivirus
    ESET Online Scanner v3
    ```````````````````````````````
    Anti-malware/Other Utilities Check:

    Malwarebytes' Anti-Malware
    CCleaner (remove only)
    Java(TM) 6 Update 23
    Out of date Java installed!
    Adobe Flash Player 10.1.82.76
    Adobe Reader X (10.0.1)
    Mozilla Firefox (3.6.13)
    ````````````````````````````````
    Process Check:
    objlist.exe by Laurent

    Alwil Software Avast5 AvastSvc.exe
    Alwil Software Avast5 avastUI.exe
    ``````````End of Log````````````
     
  14. Broni

    Broni Malware Annihilator Posts: 52,911   +344

    Your computer is clean [​IMG]

    1. We need to reset system restore to prevent your computer from being accidentally reinfected by using some old restore point(s). We'll create fresh, clean restore point, using following OTL script:

    Run OTL

    • Under the Custom Scans/Fixes box at the bottom, paste in the following:

    Code:
    :OTL
    :Commands
    [purity]
    [emptytemp]
    [EMPTYFLASH]
    [CLEARALLRESTOREPOINTS]
    [Reboot]
    • Then click the Run Fix button at the top
    • Let the program run unhindered, reboot the PC when it is done
    • Post resulting log.

    2. Now, we'll remove all tools, we used during our cleaning process

    Clean up with OTL:

    • Double-click OTL.exe to start the program.
    • Close all other programs apart from OTL as this step will require a reboot
    • On the OTL main screen, press the CLEANUP button
    • Say Yes to the prompt and then allow the program to reboot your computer.

    If you still have any tools or logs leftover on your computer you can go ahead and delete those off of your computer now.

    3. Make sure, Windows Updates are current.

    4. If any Trojan was listed among your infection(s), make sure, you change all of your on-line important passwords (bank account(s), secured web sites, etc.) immediately!

    5. Download, and install WOT (Web OF Trust): http://www.mywot.com/. It'll warn you (in most cases) about dangerous web sites.

    6. Run Malwarebytes "Quick scan" once in a while to assure safety of your computer.

    7. Run Temporary File Cleaner (TFC) weekly.

    8. Download and install Secunia Personal Software Inspector (PSI): http://secunia.com/vulnerability_scanning/personal/. The Secunia PSI is a FREE security tool designed to detect vulnerable and out-dated programs and plug-ins which expose your PC to attacks. Run it weekly.

    9. (optional) If you want to keep all your programs up to date, download and install FileHippo Update Checker.
    The Update Checker will scan your computer for installed software, check the versions and then send this information to FileHippo.com to see if there are any newer releases.

    10. Run defrag at your convenience.

    11. Read How did I get infected?, With steps so it does not happen again!: http://www.bleepingcomputer.com/forums/topic2520.html

    12. If you still have some issues.....
    In this forum, we make sure, your computer is free of malware and your computer is clean :)
    Because the access to malware forum is very limited, your best option is to create new topic about your current issue, at Windows section.
    You'll get more attention.

    Good luck :)
     
  15. merenwen

    merenwen TS Rookie Topic Starter Posts: 35

    Thanks so much! I guess I'll go over to the Windows forum and ask why I still have these issues.

    Here's the OTL log:

    All processes killed
    ========== OTL ==========
    ========== COMMANDS ==========

    [EMPTYTEMP]

    User: Administrator
    ->Temp folder emptied: 0 bytes
    ->Temporary Internet Files folder emptied: 0 bytes
    ->Flash cache emptied: 0 bytes

    User: All Users

    User: Default User
    ->Temp folder emptied: 0 bytes
    ->Temporary Internet Files folder emptied: 0 bytes
    ->Flash cache emptied: 0 bytes

    User: LocalService
    ->Temp folder emptied: 0 bytes
    ->Temporary Internet Files folder emptied: 33170 bytes
    ->Flash cache emptied: 0 bytes

    User: NetworkService
    ->Temp folder emptied: 0 bytes
    ->Temporary Internet Files folder emptied: 33170 bytes
    ->Java cache emptied: 0 bytes
    ->Flash cache emptied: 0 bytes

    User: Shaina
    ->Temp folder emptied: 593674 bytes
    ->Temporary Internet Files folder emptied: 34490 bytes
    ->Java cache emptied: 0 bytes
    ->FireFox cache emptied: 15584962 bytes
    ->Google Chrome cache emptied: 0 bytes
    ->Apple Safari cache emptied: 0 bytes
    ->Opera cache emptied: 0 bytes
    ->Flash cache emptied: 611 bytes

    %systemdrive% .tmp files removed: 0 bytes
    %systemroot% .tmp files removed: 0 bytes
    %systemroot%\System32 .tmp files removed: 0 bytes
    %systemroot%\System32\dllcache .tmp files removed: 0 bytes
    %systemroot%\System32\drivers .tmp files removed: 0 bytes
    Windows Temp folder emptied: 109080 bytes
    %systemroot%\system32\config\systemprofile\Local Settings\Temp folder emptied: 0 bytes
    %systemroot%\system32\config\systemprofile\Local Settings\Temporary Internet Files folder emptied: 0 bytes
    RecycleBin emptied: 0 bytes

    Total Files Cleaned = 16.00 mb


    [EMPTYFLASH]

    User: Administrator
    ->Flash cache emptied: 0 bytes

    User: All Users

    User: Default User
    ->Flash cache emptied: 0 bytes

    User: LocalService
    ->Flash cache emptied: 0 bytes

    User: NetworkService
    ->Flash cache emptied: 0 bytes

    User: Shaina
    ->Flash cache emptied: 0 bytes

    Total Flash Files Cleaned = 0.00 mb

    Restore points cleared and new OTL Restore Point set!

    OTL by OldTimer - Version 3.2.20.6 log created on 01022007_223027

    Files\Folders moved on Reboot...
    File move failed. C:\WINDOWS\temp\_avast5_\Webshlock.txt scheduled to be moved on reboot.

    Registry entries deleted on Reboot...
     
  16. Broni

    Broni Malware Annihilator Posts: 52,911   +344

    Sure thing :)
     
  17. Broni

    Broni Malware Annihilator Posts: 52,911   +344

    The issue has been resolved.
     
Topic Status:
Not open for further replies.

Similar Topics

Add New Comment

You need to be a member to leave a comment. Join thousands of tech enthusiasts and participate.
TechSpot Account You may also...