Solved Yet another problem with my computer!

[merenwen]

Ok, so Broni was amazing and helped me remove a bunch of malware on the computer that had apparently been caused by my dns being hijacked. The computer "symptoms" were the same old google rerouting issue, and I couldn't get onto certain sites because of the messed up dns.

Anyway... it looks like trouble is starting again. Here are a few of the symptoms:
1) Computer is running slowly, particularly when I'm on the internet.
2) When I click on the Start button and then "All Programs" , it appears as if half of them are new programs. They're highlighted in yellow which only happens when I've just installed a new program, yet all of these are very old.
3) When I go to certain websites, like Facebook, I get the following error:

This Connection is Untrusted
You have asked Firefox to connect
securely to www.facebook.com, but we can't confirm that your connection is secure.
Normally, when you try to connect securely,
sites will present trusted identification to prove that you are
going to the right place. However, this site's identity can't be verified.
What Should I Do?
If you usually connect to
this site without problems, this error could mean that someone is
trying to impersonate the site, and you shouldn't continue.

4) The clock on the bottom right corner seems to have reset itself and is the wrong time for some reason.

What should I do, and why is this happening again so soon?

I'm going to run the 8-step thing now. I apologize, I should've done that before posting this.

Thanks!!

 

[merenwen]

Here are the logs:

Malwarebytes' Anti-Malware 1.50.1.1100
www.malwarebytes.org

Database version: 5726

Windows 5.1.2600 Service Pack 3
Internet Explorer 8.0.6001.18702

1/1/2007 11:07:14 PM
mbam-log-2007-01-01 (23-07-14).txt

Scan type: Quick scan
Objects scanned: 155573
Time elapsed: 3 minute(s), 2 second(s)

Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 0
Registry Values Infected: 0
Registry Data Items Infected: 0
Folders Infected: 0
Files Infected: 0

Memory Processes Infected:
(No malicious items detected)

Memory Modules Infected:
(No malicious items detected)

Registry Keys Infected:
(No malicious items detected)

Registry Values Infected:
(No malicious items detected)

Registry Data Items Infected:
(No malicious items detected)

Folders Infected:
(No malicious items detected)

Files Infected:
(No malicious items detected)

-------------------------------------------------------

GMER 1.0.15.15530 - http://www.gmer.net
Rootkit quick scan 2007-01-01 23:16:06
Windows 5.1.2600 Service Pack 3 Harddisk0\DR0 -> \Device\Ide\IdeDeviceP0T0L0-3 SAMSUNG_HD161HJ rev.JF100-22
Running: k1xycswv.exe; Driver: C:\DOCUME~1\Shaina\LOCALS~1\Temp\fxdyqfob.sys


---- System - GMER 1.0.15 ----

Code \SystemRoot\System32\Drivers\aswSP.SYS (avast! self protection module/AVAST Software) ZwCreateProcessEx [0xA893982E]
Code \SystemRoot\System32\Drivers\aswSP.SYS (avast! self protection module/AVAST Software) ZwCreateSection [0xA8939652]
Code \SystemRoot\System32\Drivers\aswSP.SYS (avast! self protection module/AVAST Software) ZwLoadDriver [0xA893978C]
Code \SystemRoot\System32\Drivers\aswSP.SYS (avast! self protection module/AVAST Software) NtCreateSection
Code \SystemRoot\System32\Drivers\aswSP.SYS (avast! self protection module/AVAST Software) ObInsertObject
Code \SystemRoot\System32\Drivers\aswSP.SYS (avast! self protection module/AVAST Software) ObMakeTemporaryObject

---- Devices - GMER 1.0.15 ----

Device \FileSystem\Ntfs \Ntfs aswSP.SYS (avast! self protection module/AVAST Software)

AttachedDevice \FileSystem\Ntfs \Ntfs aswMon2.SYS (avast! File System Filter Driver for Windows XP/AVAST Software)
AttachedDevice \Driver\Tcpip \Device\Ip aswTdi.SYS (avast! TDI Filter Driver/AVAST Software)
AttachedDevice \Driver\Tcpip \Device\Tcp aswTdi.SYS (avast! TDI Filter Driver/AVAST Software)
AttachedDevice \Driver\Tcpip \Device\Udp aswTdi.SYS (avast! TDI Filter Driver/AVAST Software)
AttachedDevice \Driver\Tcpip \Device\RawIp aswTdi.SYS (avast! TDI Filter Driver/AVAST Software)

---- EOF - GMER 1.0.15 ----

 

[merenwen]

DDS (Ver_10-12-12.02) - NTFSx86
Run by Shaina at 23:19:09.43 on Mon 01/01/2007
Internet Explorer: 8.0.6001.18702 BrowserJavaVersion: 1.6.0_23
Microsoft Windows XP Home Edition 5.1.2600.3.1252.1.1033.18.2037.1263 [GMT -5:00]

AV: avast! Antivirus *Enabled/Updated* {7591DB91-41F0-48A3-B128-1A293FD8233D}

============== Running Processes ===============

C:\WINDOWS\system32\savedump.exe
C:\WINDOWS\system32\svchost -k DcomLaunch
svchost.exe
C:\WINDOWS\System32\svchost.exe -k netsvcs
C:\WINDOWS\system32\svchost.exe -k WudfServiceGroup
svchost.exe
svchost.exe
C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\igfxpers.exe
C:\WINDOWS\RTHDCPL.EXE
C:\Program Files\Common Files\Java\Java Update\jusched.exe
C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe
C:\Program Files\Adobe\Acrobat 7.0\Distillr\Acrotray.exe
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\Program Files\Logitech\Logitech WebCam Software\LWS.exe
C:\Program Files\Canon\MyPrinter\BJMyPrt.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\WINDOWS\system32\igfxsrvc.exe
C:\Program Files\Canon\Canon IJ Network Scan Utility\CNMNSUT.EXE
C:\Program Files\Alwil Software\Avast5\avastUI.exe
C:\Program Files\Logitech\Vid HD\Vid.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Skype\Phone\Skype.exe
svchost.exe
C:\Program Files\Common Files\Logishrd\LQCVFX\COCIManager.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Program Files\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exe
C:\Program Files\Secunia\PSI\PSIA.exe
C:\Program Files\Secunia\PSI\psi_tray.exe
C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE
C:\WINDOWS\system32\svchost.exe -k imgsvc
C:\Program Files\Skype\Plugin Manager\skypePM.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\WINDOWS\System32\svchost.exe -k HTTPFilter
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Mozilla Firefox\plugin-container.exe
C:\Documents and Settings\Shaina\My Documents\Downloads\dds(2).scr

============== Pseudo HJT Report ===============

uStart Page = hxxp://www.google.com/
BHO: Adobe PDF Reader Link Helper: {06849e9f-c8d7-4d59-b87d-784b7d6be0b3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelper.dll
BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelperShim.dll
BHO: Groove GFS Browser Helper: {72853161-30c5-4d22-b7f9-0bbc1d38a37e} - c:\program files\microsoft office\office12\GrooveShellExtensions.dll
BHO: AcroIEToolbarHelper Class: {ae7cd045-e861-484f-8273-0445ee161910} - c:\program files\adobe\acrobat 7.0\acrobat\AcroIEFavClient.dll
BHO: Java(tm) Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - c:\program files\java\jre6\bin\jp2ssv.dll
BHO: JQSIEStartDetectorImpl Class: {e7e6f031-17ce-4c07-bc86-eabfe594f69c} - c:\program files\java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
TB: Adobe PDF: {47833539-d0c5-4125-9fa8-0819e2eaac93} - c:\program files\adobe\acrobat 7.0\acrobat\AcroIEFavClient.dll
uRun: [Logitech Vid] "c:\program files\logitech\vid hd\Vid.exe" -bootmode
uRun: [ctfmon.exe] c:\windows\system32\ctfmon.exe
uRun: [Skype] "c:\program files\skype\phone\Skype.exe" /nosplash /minimized
mRun: [IgfxTray] c:\windows\system32\igfxtray.exe
mRun: [HotKeysCmds] c:\windows\system32\hkcmd.exe
mRun: [Persistence] c:\windows\system32\igfxpers.exe
mRun: [RTHDCPL] RTHDCPL.EXE
mRun: [RoxWatchTray] "c:\program files\common files\roxio shared\9.0\sharedcom\RoxWatchTray9.exe"
mRun: [SunJavaUpdateSched] "c:\program files\common files\java\java update\jusched.exe"
mRun: [GrooveMonitor] "c:\program files\microsoft office\office12\GrooveMonitor.exe"
mRun: [Acrobat Assistant 7.0] "c:\program files\adobe\acrobat 7.0\distillr\Acrotray.exe"
mRun: [TkBellExe] "c:\program files\common files\real\update_ob\realsched.exe" -osboot
mRun: [LogitechQuickCamRibbon] "c:\program files\logitech\logitech webcam software\LWS.exe" /hide
mRun: [CanonMyPrinter] c:\program files\canon\myprinter\BJMyPrt.exe /logon
mRun: [CanonSolutionMenu] c:\program files\canon\solutionmenu\CNSLMAIN.exe /logon
mRun: [QuickTime Task] "c:\program files\quicktime\QTTask.exe" -atboottime
mRun: [iTunesHelper] "c:\program files\itunes\iTunesHelper.exe"
mRun: [IJNetworkScanUtility] c:\program files\canon\canon ij network scan utility\CNMNSUT.EXE
mRun: [Adobe Reader Speed Launcher] "c:\program files\adobe\reader 10.0\reader\Reader_sl.exe"
mRun: [Adobe ARM] "c:\program files\common files\adobe\arm\1.0\AdobeARM.exe"
mRun: [avast5] "c:\program files\alwil software\avast5\avastUI.exe" /nogui
mRun: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k
dRunOnce: [RunNarrator] Narrator.exe
StartupFolder: c:\docume~1\shaina\startm~1\programs\startup\onenot~1.lnk - c:\program files\microsoft office\office12\ONENOTEM.EXE
StartupFolder: c:\documents and settings\shaina\start menu\programs\startup\OneNote Table Of Contents.onetoc2
StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\adobea~1.lnk - c:\windows\installer\{ac76ba86-1033-0000-7760-100000000002}\SC_Acrobat.exe
StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\secuni~1.lnk - c:\program files\secunia\psi\psi_tray.exe
IE: Convert link target to Adobe PDF - c:\program files\adobe\acrobat 7.0\acrobat\AcroIEFavClient.dll/AcroIECapture.html
IE: Convert link target to existing PDF - c:\program files\adobe\acrobat 7.0\acrobat\AcroIEFavClient.dll/AcroIEAppend.html
IE: Convert selected links to Adobe PDF - c:\program files\adobe\acrobat 7.0\acrobat\AcroIEFavClient.dll/AcroIECaptureSelLinks.html
IE: Convert selected links to existing PDF - c:\program files\adobe\acrobat 7.0\acrobat\AcroIEFavClient.dll/AcroIEAppendSelLinks.html
IE: Convert selection to Adobe PDF - c:\program files\adobe\acrobat 7.0\acrobat\AcroIEFavClient.dll/AcroIECapture.html
IE: Convert selection to existing PDF - c:\program files\adobe\acrobat 7.0\acrobat\AcroIEFavClient.dll/AcroIEAppend.html
IE: Convert to Adobe PDF - c:\program files\adobe\acrobat 7.0\acrobat\AcroIEFavClient.dll/AcroIECapture.html
IE: Convert to existing PDF - c:\program files\adobe\acrobat 7.0\acrobat\AcroIEFavClient.dll/AcroIEAppend.html
IE: E&xport to Microsoft Excel - c:\progra~1\micros~2\office12\EXCEL.EXE/3000
IE: {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe
IE: {FB5F1910-F110-11d2-BB9E-00C04F795683} - c:\program files\messenger\msmsgs.exe
IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - c:\progra~1\micros~2\office12\ONBttnIE.dll
IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - c:\progra~1\micros~2\office12\REFIEBAR.DLL
DPF: {406B5949-7190-4245-91A9-30A17DE16AD0} - hxxp://www2.snapfish.com/SnapfishActivia.cab
DPF: {44C1E3A2-B594-401C-B27A-D1B4476E4797} - hxxps://vpn.level2iaas.com/XTSAC.cab
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_23-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_23-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_23-windows-i586.cab
Handler: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - c:\program files\microsoft office\office12\GrooveSystemServices.dll
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - c:\progra~1\common~1\skype\SKYPE4~1.DLL
Notify: igfxcui - igfxdev.dll
SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - c:\windows\system32\WPDShServiceObj.dll
SEH: Groove GFS Stub Execution Hook: {b5a7f190-dda6-4420-b3ba-52453494e6cd} - c:\program files\microsoft office\office12\GrooveShellExtensions.dll

================= FIREFOX ===================

FF - ProfilePath - c:\docume~1\shaina\applic~1\mozilla\firefox\profiles\0fq2dssd.default\
FF - prefs.js: browser.search.defaulturl - hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT2260173&SearchSource=3&q={searchTerms}
FF - prefs.js: network.proxy.type - 0
FF - component: c:\documents and settings\shaina\application data\mozilla\firefox\profiles\0fq2dssd.default\extensions\{0b457caa-602d-484a-8fe7-c1d894a011ba}\platform\winnt_x86-msvc\components\SSSLauncher.dll
FF - plugin: c:\documents and settings\all users\application data\real\realplayer\browserrecordplugin\mozillaplugins\nprphtml5videoshim.dll
FF - plugin: c:\program files\divx\divx plus web player\npdivx32.dll
FF - plugin: c:\program files\google\update\1.2.183.39\npGoogleOneClick8.dll
FF - plugin: c:\program files\java\jre6\bin\new_plugin\npdeployJava1.dll
FF - plugin: c:\program files\mozilla firefox\plugins\npCouponPrinter.dll
FF - plugin: c:\program files\mozilla firefox\plugins\npMozCouponPrinter.dll
FF - plugin: c:\program files\mozilla firefox\plugins\npOGAPlugin.dll
FF - Ext: Download Statusbar: {D4DD63FA-01E4-46a7-B6B1-EDAB7D6AD389} - %profile%\extensions\{D4DD63FA-01E4-46a7-B6B1-EDAB7D6AD389}
FF - Ext: Forecastfox Weather: {0538E3E3-7E9B-4d49-8831-A227C80A7AD3} - %profile%\extensions\{0538E3E3-7E9B-4d49-8831-A227C80A7AD3}
FF - Ext: PDF Download: {37E4D8EA-8BDA-4831-8EA1-89053939A250} - %profile%\extensions\{37E4D8EA-8BDA-4831-8EA1-89053939A250}
FF - Ext: Adblock Plus: {d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d} - %profile%\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}
FF - Ext: Tab Mix Plus: {dc572301-7619-498c-a57d-39143191b318} - %profile%\extensions\{dc572301-7619-498c-a57d-39143191b318}
FF - Ext: FireShot: {0b457cAA-602d-484a-8fe7-c1d894a011ba} - %profile%\extensions\{0b457cAA-602d-484a-8fe7-c1d894a011ba}
FF - Ext: WOT: {a0d7ccb3-214d-498b-b4aa-0e8fda9a7bf7} - %profile%\extensions\{a0d7ccb3-214d-498b-b4aa-0e8fda9a7bf7}
FF - Ext: Default: {972ce4c6-7e08-4474-a285-3208198ce6fd} - c:\program files\mozilla firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
FF - Ext: Java Console: {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA} - c:\program files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}
FF - Ext: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\windows\microsoft.net\framework\v3.5\windows presentation foundation\DotNetAssistantExtension

---- FIREFOX POLICIES ----
FF - user.js: yahoo.homepage.dontask - true);user_pref(network.protocol-handler.warn-external.dnupdate, false

============= SERVICES / DRIVERS ===============

R1 aswSP;aswSP;c:\windows\system32\drivers\aswSP.sys [2011-1-29 294608]
R2 aswFsBlk;aswFsBlk;c:\windows\system32\drivers\aswFsBlk.sys [2011-1-29 17744]
R2 avast! Antivirus;avast! Antivirus;c:\program files\alwil software\avast5\AvastSvc.exe [2011-1-29 40384]
R2 Secunia PSI Agent;Secunia PSI Agent;c:\program files\secunia\psi\psia.exe [2011-1-10 993848]
S2 gupdate1ca1bc6c8bc7930;Google Update Service (gupdate1ca1bc6c8bc7930);c:\program files\google\update\GoogleUpdate.exe [2009-8-12 133104]
S3 Lavasoft Kernexplorer;Lavasoft helper driver;\??\c:\program files\lavasoft\ad-aware\kernexplorer.sys --> c:\program files\lavasoft\ad-aware\KernExplorer.sys [?]
S3 PSI;PSI;c:\windows\system32\drivers\psi_mf.sys [2010-9-1 15544]

 

[merenwen]

=============== Created Last 30 ================

2011-01-31 13:50:33 -------- d-----r- c:\program files\Skype
2011-01-30 15:45:12 135568 ----a-w- c:\program files\mozilla firefox\plugins\nppdf32.dll
2011-01-30 15:45:12 135568 ----a-w- c:\program files\internet explorer\plugins\nppdf32.dll
2011-01-28 19:13:28 38848 ----a-w- c:\windows\avastSS.scr
2011-01-28 18:36:35 -------- d-----w- c:\docume~1\shaina\locals~1\applic~1\Secunia PSI
2011-01-28 18:36:29 -------- d-----w- c:\program files\Secunia
2011-01-28 16:56:26 -------- d-----w- c:\docume~1\alluse~1\applic~1\Alwil Software
2011-01-28 05:06:37 -------- d-----w- c:\program files\ESET
2011-01-21 14:44:37 439296 -c----w- c:\windows\system32\dllcache\shimgvw.dll
2011-01-03 01:55:33 -------- d--h--w- c:\docume~1\alluse~1\applic~1\Common Files
2011-01-03 01:54:17 -------- d-----w- c:\windows\system32\drivers\AVG
2011-01-02 16:52:22 -------- d-----w- c:\docume~1\alluse~1\applic~1\SUPERAntiSpyware.com
2010-12-14 21:33:38 40960 -c----w- c:\windows\system32\dllcache\ndproxy.sys
2010-12-14 21:31:50 45568 -c----w- c:\windows\system32\dllcache\wab.exe
2010-12-07 15:40:47 -------- d--h--w- c:\docume~1\alluse~1\applic~1\CanonIJScan
2010-11-30 12:26:06 -------- d--h--w- c:\windows\PIF
2010-11-18 18:12:44 81920 -c----w- c:\windows\system32\dllcache\isign32.dll
2010-11-18 02:18:46 -------- d-----w- c:\docume~1\shaina\applic~1\FrostWire
2010-11-18 02:14:29 -------- d-----w- c:\program files\FrostWire
2010-11-09 14:52:35 536576 -c----w- c:\windows\system32\dllcache\msado15.dll
2010-11-09 14:52:35 249856 -c----w- c:\windows\system32\dllcache\odbc32.dll
2010-11-09 14:52:35 200704 -c----w- c:\windows\system32\dllcache\msadox.dll
2010-11-09 14:52:35 180224 -c----w- c:\windows\system32\dllcache\msadomd.dll
2010-11-09 14:52:35 143360 -c----w- c:\windows\system32\dllcache\msadco.dll
2010-11-09 14:52:35 102400 -c----w- c:\windows\system32\dllcache\msjro.dll
2010-10-13 06:43:22 974848 -c----w- c:\windows\system32\dllcache\mfc42.dll
2010-10-13 06:43:22 953856 -c----w- c:\windows\system32\dllcache\mfc40u.dll
2010-10-13 06:43:17 617472 -c----w- c:\windows\system32\dllcache\comctl32.dll
2010-10-10 01:17:59 -------- d-----w- c:\program files\LimeWire
2010-09-19 18:00:04 98304 ----a-w- c:\windows\system32\CNC860I.DLL
2010-09-19 18:00:04 274432 ----a-w- c:\windows\system32\CNC860L.DLL
2010-09-19 18:00:04 192512 ----a-w- c:\windows\system32\CNC860O.DLL
2010-09-19 18:00:04 15872 ----a-w- c:\windows\system32\CNHMCA.DLL
2010-09-19 18:00:04 1331200 ----a-w- c:\windows\system32\CNC860C.DLL
2010-09-19 18:00:01 6784 -c--a-w- c:\windows\system32\dllcache\serscan.sys
2010-09-19 18:00:01 6784 ----a-w- c:\windows\system32\drivers\serscan.sys
2010-09-19 17:58:37 142336 ----a-w- c:\windows\system32\CNMNPUI.DLL
2010-09-19 17:58:36 362496 ----a-w- c:\windows\system32\CNMNPPM.DLL
2010-09-17 15:50:22 17244544 ----a-w- c:\program files\common files\microsoft shared\office12\MSO.DLL
2010-09-08 15:17:46 94208 ----a-w- c:\windows\system32\QuickTimeVR.qtx
2010-09-08 15:17:46 69632 ----a-w- c:\windows\system32\QuickTime.qts
2010-09-01 08:30:58 15544 ----a-w- c:\windows\system32\drivers\psi_mf.sys
2010-08-27 05:57:43 99840 -c----w- c:\windows\system32\dllcache\srvsvc.dll
2010-08-17 13:17:06 58880 -c----w- c:\windows\system32\dllcache\spoolsv.exe
2010-08-13 20:39:27 -------- d-----w- c:\windows\system32\NtmsData
2010-08-13 00:44:30 472808 ----a-w- c:\windows\system32\deployJava1.dll
2010-08-13 00:44:30 472808 ----a-w- c:\program files\mozilla firefox\plugins\npdeployJava1.dll
2010-08-12 13:09:38 744448 -c----w- c:\windows\system32\dllcache\helpsvc.exe
2010-08-11 04:27:32 -------- d-sha-r- C:\cmdcons
2010-08-08 02:55:13 -------- d-----w- c:\docume~1\shaina\locals~1\applic~1\AOL
2010-08-08 02:54:16 -------- d-----w- c:\program files\common files\AOL
2010-07-22 13:58:54 119160 ----a-w- c:\program files\common files\microsoft shared\textconv\MSCONV97.DLL
2010-07-16 22:57:02 -------- d-----w- c:\docume~1\shaina\applic~1\WinPatrol
2010-07-16 22:56:50 -------- d-----w- c:\program files\BillP Studios
2010-07-16 22:52:32 -------- d-----w- c:\program files\Trend Micro
2010-07-16 12:05:55 1288192 -c----w- c:\windows\system32\dllcache\ole32.dll
2010-07-16 11:06:41 -------- d-----w- C:\spoolerlogs
2010-07-12 11:05:32 880640 ----a-w- c:\windows\system32\UniBox10.ocx
2010-07-12 11:05:32 212992 ----a-w- c:\windows\system32\UniBoxVB12.ocx
2010-07-12 11:05:32 1101824 ----a-w- c:\windows\system32\UniBox210.ocx
2010-07-12 11:05:26 -------- d-----w- c:\program files\common files\PC Tools
2010-07-11 16:30:25 16856 ----a-w- c:\program files\mozilla firefox\plugin-container.exe
2010-07-11 16:30:24 719832 ----a-w- c:\program files\mozilla firefox\mozcpp19.dll
2010-06-20 23:33:01 -------- d-----w- c:\windows\.jagex_cache_32
2010-06-18 17:45:17 293376 -c----w- c:\windows\system32\dllcache\winsrv.dll
2010-06-11 23:41:29 -------- d-----w- c:\docume~1\alluse~1\applic~1\{429CAD59-35B1-4DBC-BB6D-1DB246563521}
2010-06-11 20:39:27 743424 -c----w- c:\windows\system32\dllcache\iedvtool.dll
2010-05-23 02:01:19 -------- d-----w- c:\docume~1\alluse~1\applic~1\DivX
2010-04-26 22:04:42 353592 ----a-w- c:\windows\system32\DivXControlPanelApplet.cpl
2010-04-25 05:17:51 -------- d-----w- c:\program files\Microsoft CAPICOM 2.1.0.2
2010-04-23 20:32:33 -------- d-----w- c:\docume~1\shaina\locals~1\applic~1\LogiShrd
2010-04-23 20:31:27 6756632 ----a-w- c:\windows\system32\drivers\lvuvc.sys
2010-04-23 20:31:27 539160 ----a-w- c:\windows\system32\LVUI2RC.dll
2010-04-23 20:31:27 539160 ----a-w- c:\windows\system32\LVUI2.dll
2010-04-23 20:31:27 416280 ----a-w- c:\windows\system32\lvcodec2.dll
2010-04-23 20:31:04 34068 ----a-w- c:\windows\system32\Repository.reg
2010-04-23 20:31:04 266008 ----a-w- c:\windows\system32\drivers\lvrs.sys
2010-04-23 20:31:04 199192 ----a-w- c:\windows\system32\lvci12101110.dll
2010-04-23 20:30:44 23832 ----a-w- c:\windows\system32\drivers\lvuvcflt.sys
2010-04-20 05:30:08 290048 -c----w- c:\windows\system32\dllcache\atmfd.dll
2010-04-16 15:36:56 406016 -c----w- c:\windows\system32\dllcache\usp10.dll
2010-04-08 23:03:38 569397 ----a-w- c:\program files\internet explorer\plugins\richfx\player\nprfxins.dll
2010-03-31 04:16:34 99176 ----a-w- c:\windows\system32\PresentationHostProxy.dll
2010-03-31 04:10:40 295264 ----a-w- c:\windows\system32\PresentationHost.exe
2010-03-30 16:24:40 317440 -c----w- c:\windows\system32\dllcache\mp4sdecd.dll
2010-03-17 13:15:14 -------- d-----w- c:\docume~1\shaina\applic~1\Lala Music Mover
2010-03-10 19:29:32 94208 ----a-w- c:\windows\system32\dpl100.dll
2010-03-10 06:23:55 3558912 -c----w- c:\windows\system32\dllcache\moviemk.exe
2010-03-05 14:37:40 65536 -c----w- c:\windows\system32\dllcache\asycfilt.dll
2010-02-19 19:27:36 720384 ----a-w- c:\windows\system32\DivX.dll
2010-02-19 19:27:16 856064 ----a-w- c:\windows\system32\divx_xx0c.dll
2010-02-19 19:27:16 856064 ----a-w- c:\windows\system32\divx_xx07.dll
2010-02-19 19:27:16 847872 ----a-w- c:\windows\system32\divx_xx0a.dll
2010-02-19 19:27:16 843776 ----a-w- c:\windows\system32\divx_xx16.dll
2010-02-19 19:27:16 839680 ----a-w- c:\windows\system32\divx_xx11.dll
2010-02-12 04:33:11 100864 -c----w- c:\windows\system32\dllcache\6to4svc.dll
2010-01-29 14:43:39 307260 ----a-w- c:\windows\system32\l3codeca.acm
2010-01-21 00:38:04 -------- d-----w- c:\program files\Amazon
2010-01-13 14:01:25 86016 -c----w- c:\windows\system32\dllcache\cabview.dll
2010-01-12 18:53:25 471552 -c----w- c:\windows\system32\dllcache\aclayers.dll
2009-12-24 06:59:40 177664 -c----w- c:\windows\system32\dllcache\wintrust.dll
2009-12-16 18:43:27 343040 -c----w- c:\windows\system32\dllcache\mspaint.exe
2009-12-14 07:08:23 33280 -c----w- c:\windows\system32\dllcache\csrsrv.dll
2009-12-07 00:13:46 -------- d-----w- c:\docume~1\shaina\applic~1\Gleim
2009-12-06 14:42:05 398744 ----a-r- c:\windows\system32\cpnprt2.cid
2009-12-06 14:41:59 -------- d-----w- c:\windows\Cache
2009-12-06 14:41:55 -------- d-----w- c:\program files\Coupons
2009-11-27 16:07:34 11264 -c----w- c:\windows\system32\dllcache\msrle32.dll
2009-11-11 02:01:16 -------- d-----w- c:\documents and settings\shaina\.jordan
2009-11-10 04:21:04 91552 ----a-w- c:\program files\mozilla firefox\plugins\npMozCouponPrinter.dll
2009-11-10 04:21:04 91552 ----a-w- c:\program files\mozilla firefox\plugins\npCouponPrinter.dll
2009-11-10 04:21:03 68824 ----a-w- c:\windows\CouponPrinter.ocx
2009-11-07 05:07:08 49488 ----a-w- c:\windows\system32\netfxperf.dll
2009-11-07 05:07:04 297808 ----a-w- c:\windows\system32\mscoree.dll
2009-11-07 05:06:46 1130824 ----a-w- c:\windows\system32\dfshim.dll
2009-10-25 15:51:17 -------- d-----w- c:\docume~1\shaina\locals~1\applic~1\Opera
2009-10-21 05:38:36 75776 -c----w- c:\windows\system32\dllcache\strmfilt.dll
2009-10-21 05:38:36 25088 -c----w- c:\windows\system32\dllcache\httpapi.dll
2009-10-20 16:20:16 265728 -c----w- c:\windows\system32\dllcache\http.sys
2009-10-14 17:41:08 322392 ----a-w- c:\windows\system32\wiaaut.dll
2009-10-13 23:45:51 -------- d-----w- c:\documents and settings\shaina\.thumbnails
2009-10-13 23:43:40 -------- d-----w- c:\documents and settings\shaina\.gimp-2.6
2009-10-13 10:30:16 270336 -c----w- c:\windows\system32\dllcache\oakley.dll
2009-10-12 13:38:19 149504 -c----w- c:\windows\system32\dllcache\rastls.dll
2009-10-12 13:38:18 79872 -c----w- c:\windows\system32\dllcache\raschap.dll
2009-10-10 03:10:46 2594632 ----a-w- c:\program files\common files\microsoft shared\vba\vba6\VBE6.DLL
2009-10-07 05:46:36 25752 ----a-w- c:\windows\system32\drivers\LVPr2Mon.sys
2009-10-07 05:23:08 13584 ----a-w- c:\windows\system32\drivers\iKeyLFT2.dll
2009-09-25 16:41:34 98304 ----a-w- c:\program files\mozilla firefox\plugins\npDivxPlayerPlugin.dll
2009-09-09 19:34:58 153088 -c----w- c:\windows\system32\dllcache\triedit.dll
2009-09-04 21:03:36 58880 -c----w- c:\windows\system32\dllcache\msasn1.dll
2009-08-27 22:45:00 -------- d-----w- c:\docume~1\shaina\locals~1\applic~1\Temp
2009-08-18 20:57:27 -------- d-sh--w- c:\documents and settings\shaina\IECompatCache
2009-08-18 03:33:52 1193832 ----a-w- c:\windows\system32\FM20.DLL
2009-08-16 07:04:12 -------- d-----w- c:\windows\system32\XPSViewer
2009-08-16 07:03:46 89088 ----a-w- c:\windows\system32\spool\prtprocs\w32x86\filterpipelineprintproc.dll
2009-08-16 07:03:29 89088 -c----w- c:\windows\system32\dllcache\filterpipelineprintproc.dll
2009-08-16 07:03:29 597504 -c----w- c:\windows\system32\dllcache\printfilterpipelinesvc.exe
2009-08-16 07:03:29 597504 ------w- c:\windows\system32\spool\prtprocs\w32x86\printfilterpipelinesvc.exe
2009-08-16 07:03:29 575488 -c----w- c:\windows\system32\dllcache\xpsshhdr.dll
2009-08-16 07:03:29 575488 ------w- c:\windows\system32\xpsshhdr.dll
2009-08-16 07:03:29 1676288 -c----w- c:\windows\system32\dllcache\xpssvcs.dll
2009-08-16 07:03:29 1676288 ------w- c:\windows\system32\xpssvcs.dll
2009-08-16 07:03:29 117760 ------w- c:\windows\system32\prntvpt.dll
2009-08-16 07:03:28 -------- d-----w- C:\d9c274b78117274c21c3
2009-08-13 03:32:59 -------- d-----w- c:\docume~1\shaina\locals~1\applic~1\Google
2009-08-13 03:32:54 -------- d-----w- c:\program files\common files\DivX Shared
2009-08-12 22:56:07 1315328 -c----w- c:\windows\system32\dllcache\msoe.dll
2009-08-11 11:44:20 -------- d-----w- c:\program files\CCleaner
2009-08-09 18:38:37 -------- d-----w- c:\program files\iPod
2009-08-09 18:38:33 -------- d-----w- c:\program files\iTunes
2009-08-05 09:01:48 204800 -c----w- c:\windows\system32\dllcache\mswebdvd.dll
2009-07-29 03:44:16 602112 -c----w- c:\windows\system32\dllcache\msfeeds.dll
2009-07-29 03:44:16 55296 -c----w- c:\windows\system32\dllcache\msfeedsbs.dll
2009-07-21 05:05:40 1348432 ----a-w- c:\windows\system32\msxml4.dll
2009-07-19 01:45:34 -------- d-sh--w- c:\documents and settings\shaina\PrivacIE
2009-07-17 19:01:06 58880 -c----w- c:\windows\system32\dllcache\atl.dll
2009-07-17 16:22:18 1435648 -c----w- c:\windows\system32\dllcache\query.dll
2009-07-12 17:11:20 670016 ----a-w- c:\program files\common files\microsoft shared\vc\msdia90.dll
2009-07-12 02:37:20 641536 ----a-w- c:\program files\common files\microsoft shared\vc\msdia80.dll
2009-06-26 12:19:42 -------- d-sh--w- c:\documents and settings\shaina\IETldCache
2009-06-26 11:16:28 102912 -c----w- c:\windows\system32\dllcache\iecompat.dll
2009-06-26 11:16:18 -------- d-----w- c:\windows\ie8updates
2009-06-26 11:15:50 12800 -c----w- c:\windows\system32\dllcache\xpshims.dll
2009-06-26 11:15:49 247808 -c----w- c:\windows\system32\dllcache\ieproxy.dll
2009-06-26 11:15:49 1991680 -c----w- c:\windows\system32\dllcache\iertutil.dll
2009-06-26 11:15:49 11080704 -c----w- c:\windows\system32\dllcache\ieframe.dll
2009-06-26 11:14:26 -------- dc-h--w- c:\windows\ie8
2009-06-26 10:45:41 8192 ----a-w- c:\program files\mozilla firefox\plugins\nprjplug.dll
2009-06-26 10:45:23 140864 ----a-w- c:\program files\mozilla firefox\plugins\nppl3260.dll
2009-06-26 10:45:18 98304 ----a-w- c:\program files\mozilla firefox\plugins\nprpjplug.dll
2009-06-26 10:45:09 -------- d-----w- c:\program files\common files\xing shared
2009-06-25 08:25:26 54272 -c----w- c:\windows\system32\dllcache\wdigest.dll
2009-06-25 08:25:26 301568 -c----w- c:\windows\system32\dllcache\kerberos.dll
2009-06-25 08:25:26 136192 -c----w- c:\windows\system32\dllcache\msv1_0.dll
2009-06-24 11:18:41 92928 -c----w- c:\windows\system32\dllcache\ksecdd.sys
2009-06-18 00:39:21 -------- d-----w- c:\windows\Downloaded Installations
2009-06-18 00:35:48 -------- d-----w- c:\docume~1\shaina\locals~1\applic~1\Downloaded Installations
2009-06-18 00:29:46 -------- d-----w- c:\program files\HALLMARK.CARD.STUDIO.2009-ADDICTION
2009-06-18 00:25:50 -------- d-----w- c:\program files\Nitro PDF Professional 5.5.0.16 32-64bit
2009-06-18 00:22:05 -------- d-----w- c:\docume~1\shaina\applic~1\FireShot
2009-06-18 00:20:48 -------- d-----w- c:\program files\FireShot for IE
2009-06-16 14:36:30 81920 -c----w- c:\windows\system32\dllcache\fontsub.dll
2009-06-16 14:36:30 119808 -c----w- c:\windows\system32\dllcache\t2embed.dll
2009-06-14 13:12:29 62976 -c----w- c:\windows\system32\dllcache\cdrom.sys
2009-06-14 13:12:28 465920 -c----w- c:\windows\system32\dllcache\imapi2fs.dll
2009-06-14 13:12:28 465920 ------w- c:\windows\system32\imapi2fs.dll
2009-06-14 13:12:28 317952 -c----w- c:\windows\system32\dllcache\imapi2.dll
2009-06-14 13:12:28 317952 ------w- c:\windows\system32\imapi2.dll
2009-06-13 05:15:00 1661792 ----a-w- c:\program files\common files\microsoft shared\office12\OGL.DLL
2009-06-12 12:31:39 76288 -c----w- c:\windows\system32\dllcache\telnet.exe
2009-06-10 14:13:29 84992 -c----w- c:\windows\system32\dllcache\avifil32.dll
2009-06-10 06:14:49 132096 -c----w- c:\windows\system32\dllcache\wkssvc.dll
2009-05-13 21:07:53 -------- d-----w- c:\program files\AviSynth 2.5
2009-05-08 21:19:29 26600 ----a-w- c:\windows\system32\drivers\GEARAspiWDM.sys
2009-05-08 21:19:29 107368 ----a-w- c:\windows\system32\GEARAspi.dll
2009-05-08 21:18:59 -------- d-----w- c:\docume~1\alluse~1\applic~1\{8CD7F5AF-ECFA-4793-BF40-D8F42DBFF906}
2009-05-08 21:16:56 41984 ----a-w- c:\windows\system32\drivers\usbaapl.sys
2009-05-08 21:16:56 4184352 ----a-w- c:\windows\system32\usbaaplrc.dll
2009-05-07 15:32:35 345600 -c----w- c:\windows\system32\dllcache\localspl.dll
2009-04-27 15:29:08 -------- d-----w- c:\program files\common files\Real
2009-04-15 14:51:25 590848 -c----w- c:\windows\system32\dllcache\rpcrt4.dll
2009-04-15 13:12:41 730112 -c----w- c:\windows\system32\dllcache\lsasrv.dll
2009-04-15 13:12:41 718336 -c----w- c:\windows\system32\dllcache\ntdll.dll
2009-04-15 13:12:41 617472 -c----w- c:\windows\system32\dllcache\advapi32.dll
2009-04-15 13:12:41 473600 -c----w- c:\windows\system32\dllcache\fastprox.dll
2009-04-15 13:12:41 453120 -c----w- c:\windows\system32\dllcache\wmiprvsd.dll
2009-04-15 13:12:41 401408 -c----w- c:\windows\system32\dllcache\rpcss.dll
2009-04-15 13:12:41 284160 -c----w- c:\windows\system32\dllcache\pdh.dll
2009-04-15 13:12:41 227840 -c----w- c:\windows\system32\dllcache\wmiprvse.exe
2009-04-15 13:12:41 110592 -c----w- c:\windows\system32\dllcache\services.exe
2009-04-15 13:10:08 5120 ----a-w- c:\windows\system32\xpsp4res.dll
2009-04-15 13:10:07 218112 -c----w- c:\windows\system32\dllcache\wordpad.exe
2009-04-03 23:46:26 97640 ----a-w- c:\program files\common files\microsoft shared\office12\EXP_PDF.DLL
2009-04-03 22:59:44 79728 ----a-w- c:\program files\common files\microsoft shared\office12\1033\xlsrvintl.dll
2009-04-02 18:07:44 186240 ----a-w- c:\program files\common files\microsoft shared\office12\office setup controller\office.en-us\OSETUPUI.DLL
2009-04-02 18:07:10 6540120 ----a-w- c:\program files\common files\microsoft shared\office12\office setup controller\OSETUP.DLL
2009-04-02 18:06:52 439160 ----a-w- c:\program files\common files\microsoft shared\office12\office setup controller\SETUP.EXE
2009-04-02 18:06:42 231848 ----a-w- c:\program files\common files\microsoft shared\office12\office setup controller\ODEPLOY.EXE
2009-04-02 17:02:04 11632 ----a-w- c:\program files\common files\microsoft shared\office12\1033\OLBINTL.DLL
2009-04-02 17:02:04 10339712 ----a-w- c:\program files\common files\microsoft shared\office12\1033\MSOINTL.DLL
2009-04-02 17:02:02 45968 ----a-w- c:\program files\common files\microsoft shared\office12\office setup controller\OSETUPPS.DLL
2009-04-02 17:02:02 14720 ----a-w- c:\program files\common files\microsoft shared\smart tag\SmartTagInstall.exe
2009-04-02 17:02:00 552816 ----a-w- c:\program files\common files\microsoft shared\office12\OFFLB.EXE
2009-04-02 17:02:00 17792 ----a-w- c:\program files\common files\microsoft shared\office12\OPHPROXY.DLL
2009-04-02 17:02:00 15760 ----a-w- c:\program files\common files\microsoft shared\office12\OPTINPS.DLL
2009-04-02 17:02:00 12616 ----a-w- c:\program files\common files\microsoft shared\office12\OFFREL.DLL
2009-04-02 17:01:58 6637936 ----a-w- c:\program files\common files\microsoft shared\office12\MSORES.DLL
2009-04-02 17:01:58 42864 ----a-w- c:\program files\common files\microsoft shared\office12\MSSH.DLL
2009-04-02 17:01:46 18816 ----a-w- c:\program files\common files\microsoft shared\office12\MSMH.DLL
2009-04-02 17:01:44 70000 ----a-w- c:\program files\common files\microsoft shared\office12\LBGHOST.DLL
2009-04-02 17:01:44 56680 ----a-w- c:\program files\common files\microsoft shared\office12\EXP_XPS.DLL
2009-04-02 17:01:44 177520 ----a-w- c:\program files\common files\microsoft shared\smart tag\IETAG.DLL
2009-03-21 14:06:58 989696 -c----w- c:\windows\system32\dllcache\kernel32.dll
2009-03-08 18:22:46 1241088 ------w- c:\windows\system32\ieframe.dll.mui
2009-03-08 18:22:30 49152 ------w- c:\windows\system32\msrating.dll.mui
2009-03-08 18:22:18 2560 ------w- c:\windows\system32\mshta.exe.mui
2009-03-08 18:21:06 4096 ------w- c:\windows\system32\ie4uinit.exe.mui
2009-03-08 18:21:06 10240 ------w- c:\windows\system32\advpack.dll.mui
2009-03-08 18:20:54 81920 ------w- c:\windows\system32\iedkcs32.dll.mui
2009-03-08 18:09:26 638816 -c----w- c:\windows\system32\dllcache\iexplore.exe
2009-03-08 18:09:26 387584 -c----w- c:\windows\system32\dllcache\iedkcs32.dll
2009-03-08 08:35:32 743424 ------w- c:\program files\internet explorer\iedvtool.dll
2009-03-08 08:35:12 233984 ------w- c:\program files\internet explorer\jsprofilerui.dll
2009-03-08 08:35:04 144384 ------w- c:\program files\internet explorer\ExtExport.exe
2009-03-08 08:35:04 118272 ------w- c:\program files\internet explorer\JSProfilerCore.dll
2009-03-08 08:35:04 102912 ------w- c:\program files\internet explorer\iecompat.dll
2009-03-08 08:35:02 521216 ------w- c:\program files\internet explorer\jsdbgui.dll
2009-03-08 08:35:02 121344 ------w- c:\program files\internet explorer\jsdebuggeride.dll
2009-03-08 08:34:48 236544 -c----w- c:\windows\system32\dllcache\webcheck.dll
2009-03-08 08:34:30 43520 -c----w- c:\windows\system32\dllcache\licmgr10.dll
2009-03-08 08:34:28 105984 -c----w- c:\windows\system32\dllcache\url.dll
2009-03-08 08:34:18 206848 -c----w- c:\windows\system32\dllcache\occache.dll
2009-03-08 08:34:18 193536 -c----w- c:\windows\system32\dllcache\msrating.dll
2009-03-08 08:33:50 247808 ------w- c:\program files\internet explorer\ieproxy.dll
2009-03-08 08:33:48 759296 -c----w- c:\windows\system32\dllcache\VGX.dll
2009-03-08 08:33:40 18944 -c----w- c:\windows\system32\dllcache\corpol.dll
2009-03-08 08:33:26 25600 -c----w- c:\windows\system32\dllcache\jsproxy.dll
2009-03-08 08:33:18 12800 ------w- c:\program files\internet explorer\xpshims.dll
2009-03-08 08:33:08 229376 -c----w- c:\windows\system32\dllcache\ieaksie.dll
2009-03-08 08:33:02 125952 -c----w- c:\windows\system32\dllcache\ieakeng.dll
2009-03-08 08:32:56 72704 -c----w- c:\windows\system32\dllcache\admparse.dll
2009-03-08 08:32:54 173568 -c----w- c:\windows\system32\dllcache\ie4uinit.exe
2009-03-08 08:32:50 71680 -c----w- c:\windows\system32\dllcache\iesetup.dll
2009-03-08 08:32:50 55808 -c----w- c:\windows\system32\dllcache\iernonce.dll
2009-03-08 08:32:48 128512 -c----w- c:\windows\system32\dllcache\advpack.dll
2009-03-08 08:32:46 94720 -c----w- c:\windows\system32\dllcache\inseng.dll
2009-03-08 08:32:04 611840 -c----w- c:\windows\system32\dllcache\mstime.dll
2009-03-08 08:31:56 184320 -c----w- c:\windows\system32\dllcache\iepeers.dll
2009-03-08 08:31:44 348160 -c----w- c:\windows\system32\dllcache\dxtmsft.dll
2009-03-08 08:31:38 34816 -c----w- c:\windows\system32\dllcache\imgutil.dll
2009-03-08 08:31:38 216064 -c----w- c:\windows\system32\dllcache\dxtrans.dll
2009-03-08 08:31:36 46592 -c----w- c:\windows\system32\dllcache\pngfilt.dll
2009-03-08 08:31:26 66560 -c----w- c:\windows\system32\dllcache\mshtmled.dll
2009-03-08 08:31:18 48128 -c----w- c:\windows\system32\dllcache\mshtmler.dll
2009-03-08 08:31:02 45568 -c----w- c:\windows\system32\dllcache\mshta.exe
2009-03-08 08:24:28 68608 -c----w- c:\windows\system32\dllcache\hmmapi.dll
2009-03-06 10:10:32 47472 ----a-w- c:\program files\common files\microsoft shared\office12\MSE7.EXE
2009-03-06 07:47:58 575416 ----a-w- c:\program files\common files\microsoft shared\office12\ACEDAO.DLL
2009-03-06 07:47:58 47008 ----a-w- c:\program files\common files\microsoft shared\office12\ACEERR.DLL
2009-03-06 07:47:58 190400 ----a-w- c:\program files\common files\microsoft shared\office12\ACEES.DLL
2009-03-06 07:47:56 1759136 ----a-w- c:\program files\common files\microsoft shared\office12\ACECORE.DLL
2009-02-14 10:04:38 756040 ----a-w- c:\program files\common files\microsoft shared\office12\MSPTLS.DLL
2009-02-05 16:37:00 1117568 ----a-w- c:\program files\common files\microsoft shared\filters\offfiltx.dll
2009-02-03 19:59:07 56832 -c----w- c:\windows\system32\dllcache\secur32.dll
2009-01-07 22:20:54 134144 -c----w- c:\windows\system32\dllcache\sqmapi.dll
2009-01-07 22:20:54 134144 ------w- c:\program files\internet explorer\sqmapi.dll
2009-01-07 22:20:52 474112 -c----w- c:\windows\system32\dllcache\shlwapi.dll
2009-01-07 22:20:52 1022976 -c----w- c:\windows\system32\dllcache\browseui.dll
2009-01-07 22:20:38 24576 ----a-w- c:\windows\system32\nlsdl.dll
2009-01-07 22:20:36 26112 ----a-w- c:\windows\system32\idndl.dll
2009-01-07 22:20:36 23552 ----a-w- c:\windows\system32\normaliz.dll
2009-01-07 22:20:18 355832 ------w- c:\program files\internet explorer\pdm.dll
2009-01-07 22:20:18 265720 ----a-w- c:\windows\system32\msdbg2.dll
2008-12-16 12:30:34 354816 -c----w- c:\windows\system32\dllcache\winhttp.dll
2008-12-05 06:54:55 149504 -c----w- c:\windows\system32\dllcache\schannel.dll
2008-12-04 10:00:58 969552 ----a-r- c:\program files\common files\microsoft shared\textconv\wkcvqd01.dll
2008-12-04 10:00:58 279904 ----a-r- c:\program files\common files\microsoft shared\textconv\wkls31.dll
2008-12-04 10:00:58 162640 ----a-r- c:\program files\common files\microsoft shared\textconv\wkcvqr01.dll
2008-11-28 19:12:35 184320 ----a-w- c:\program files\common files\installshield\professional\runtime\11\00\intel32\iuser.dll
2008-11-28 19:12:34 753664 ----a-w- c:\program files\common files\installshield\professional\runtime\11\00\intel32\iKernel.dll
2008-11-28 19:12:34 69714 ----a-w- c:\program files\common files\installshield\professional\runtime\11\00\intel32\ctor.dll
2008-11-28 19:12:34 5632 ----a-w- c:\program files\common files\installshield\professional\runtime\11\00\intel32\DotNetInstaller.exe
2008-11-28 19:12:34 274432 ----a-w- c:\program files\common files\installshield\professional\runtime\11\00\intel32\iscript.dll
2008-11-28 19:12:34 200836 ----a-w- c:\program files\common files\installshield\professional\runtime\11\00\intel32\iGdi.dll
2008-11-28 19:12:33 331908 ----a-w- c:\program files\common files\installshield\professional\runtime\11\00\intel32\setup.dll
2008-11-25 03:17:18 983944 ----a-w- c:\program files\common files\microsoft shared\web server extensions\12\bin\FPWEC.DLL
2008-11-21 21:45:40 626688 ----a-w- c:\program files\mozilla firefox\plugins\microsoft.vc80.crt\msvcr80.dll
2008-11-21 21:45:40 548864 ----a-w- c:\program files\mozilla firefox\plugins\microsoft.vc80.crt\msvcp80.dll
2008-11-21 21:45:38 479232 ----a-w- c:\program files\mozilla firefox\plugins\microsoft.vc80.crt\msvcm80.dll
2008-11-21 05:02:30 988040 ----a-w- c:\program files\common files\microsoft shared\office12\msoshext.dll
2008-11-21 04:58:22 972632 ----a-w- c:\program files\common files\microsoft shared\web folders\MSONSEXT.DLL
2008-11-21 04:58:20 1011544 ----a-w- c:\program files\common files\system\ole db\MSDAIPP.DLL
2008-11-12 06:49:20 455680 -c----w- c:\windows\system32\dllcache\mrxsmb.sys
2008-11-12 06:49:13 1172480 -c----w- c:\windows\system32\dllcache\msxml3.dll
2008-11-10 16:38:42 27000 ----a-w- c:\program files\common files\microsoft shared\euro\MSOEURO.DLL
2008-11-10 07:27:52 31592 ----a-w- c:\program files\common files\microsoft shared\filters\msgfilt.dll
2008-11-04 09:06:08 208816 ----a-w- c:\program files\common files\microsoft shared\office12\ACEWSS.DLL
2008-11-04 08:49:02 66424 ----a-w- c:\program files\common files\microsoft shared\office12\MSOMSE.DLL
2008-11-04 08:49:02 460680 ----a-w- c:\program files\common files\microsoft shared\office12\MODHELP.DLL
2008-11-04 08:09:04 77200 ----a-w- c:\program files\common files\microsoft shared\modi\12.0\TWSTRUCT.DLL
2008-11-04 08:09:04 532872 ----a-w- c:\program files\common files\microsoft shared\modi\12.0\XPAGE3C.DLL
2008-11-04 08:09:04 19840 ----a-w- c:\program files\common files\microsoft shared\modi\12.0\TWRECS.DLL
2008-11-04 08:09:04 1196944 ----a-w- c:\program files\common files\microsoft shared\modi\12.0\XIMAGE3B.DLL
2008-11-04 08:09:02 58224 ----a-w- c:\program files\common files\microsoft shared\modi\12.0\TWLAY32.DLL
2008-11-04 08:09:02 51576 ----a-w- c:\program files\common files\microsoft shared\modi\12.0\TWRECE.DLL
2008-11-04 08:09:02 33656 ----a-w- c:\program files\common files\microsoft shared\modi\12.0\TWRECC.DLL
2008-11-04 08:09:02 27520 ----a-w- c:\program files\common files\microsoft shared\modi\12.0\TWORIENT.DLL
2008-11-04 08:09:00 87928 ----a-w- c:\program files\common files\microsoft shared\modi\12.0\TWCUTLIN.DLL
2008-11-04 08:09:00 127360 ----a-w- c:\program files\common files\microsoft shared\modi\12.0\TWCUTCHR.DLL
2008-11-04 08:08:58 77208 ----a-w- c:\program files\common files\microsoft shared\modi\12.0\PSOM.DLL
2008-11-04 08:08:58 76152 ----a-w- c:\program files\common files\microsoft shared\modi\12.0\FORM.DLL
2008-11-04 08:08:58 30032 ----a-w- c:\program files\common files\microsoft shared\modi\12.0\THOCRAPI.DLL
2008-11-04 08:08:58 20360 ----a-w- c:\program files\common files\microsoft shared\modi\12.0\BINDER.DLL
2008-11-04 08:08:58 19840 ----a-w- c:\program files\common files\microsoft shared\modi\12.0\REVERSE.DLL
2008-11-04 07:00:08 1079136 ----a-w- c:\program files\common files\microsoft shared\office12\RICHED20.DLL
2008-11-04 06:44:24 814464 ----a-w- c:\program files\common files\microsoft shared\dw\DW20.EXE
2008-11-04 06:44:24 439632 ----a-w- c:\program files\common files\microsoft shared\dw\DWDCW20.DLL
2008-11-04 06:44:24 435096 ----a-w- c:\program files\common files\microsoft shared\dw\DWTRIG20.EXE
2008-11-04 06:06:30 2872688 ----a-w- c:\program files\common files\microsoft shared\office12\OFFDIAG.EXE
2008-11-04 06:06:28 441712 ----a-w- c:\program files\common files\microsoft shared\office12\ODSERV.EXE
2008-11-04 04:39:44 179128 ----a-w- c:\program files\common files\microsoft shared\office12\1033\ACEINTL.DLL
2008-11-04 03:37:08 50040 ----a-w- c:\program files\common files\system\msmapi\1033\MSMAPI32.DLL
2008-10-26 10:42:18 16216 ----a-w- c:\program files\common files\microsoft shared\portal\1033\PortalConnect.dll
2008-10-26 10:42:16 482656 ----a-w- c:\program files\common files\microsoft shared\portal\PortalConnectCore.dll
2008-10-25 18:39:38 290632 ----a-w- c:\program files\common files\microsoft shared\msclientdatamgr\MSCDM.DLL
2008-10-25 14:27:54 44408 ----a-w- c:\program files\common files\microsoft shared\office12\MSOXMLMF.DLL
2008-10-25 11:38:38 145224 ----a-w- c:\program files\common files\microsoft shared\office12\1033\ALRTINTL.DLL
2008-10-25 11:18:52 89464 ----a-w- c:\program files\common files\microsoft shared\smart tag\METCONV.DLL
2008-10-25 10:31:28 15224 ----a-w- c:\program files\common files\microsoft shared\office12\ACEODTXT.DLL
2008-10-25 10:31:28 15224 ----a-w- c:\program files\common files\microsoft shared\office12\ACEODPDX.DLL
2008-10-25 10:31:28 15224 ----a-w- c:\program files\common files\microsoft shared\office12\ACEODEXL.DLL
2008-10-25 10:31:28 15224 ----a-w- c:\program files\common files\microsoft shared\office12\ACEODDBS.DLL
2008-10-25 08:38:36 1682800 ----a-w- c:\program files\common files\microsoft shared\web server extensions\12\bin\FPSRVUTL.DLL
2008-10-25 03:50:52 436584 ----a-w- c:\program files\common files\microsoft shared\msorun\MSORUN.DLL
2008-10-25 03:21:26 505192 ----a-w- c:\program files\common files\microsoft shared\office12\MSSOAP30.DLL
2008-10-23 23:59:47 337408 -c----w- c:\windows\system32\dllcache\netapi32.dll
2008-10-23 12:36:14 286720 -c----w- c:\windows\system32\dllcache\gdi32.dll
2008-10-15 02:51:37 357248 -c----w- c:\windows\system32\dllcache\srv.sys
2008-10-15 02:51:33 1854976 -c----w- c:\windows\system32\dllcache\win32k.sys
2008-10-15 02:51:25 2148864 -c----w- c:\windows\system32\dllcache\ntkrnlmp.exe
2008-10-15 02:51:24 2192768 -c----w- c:\windows\system32\dllcache\ntoskrnl.exe
2008-10-15 02:51:24 2069376 -c----w- c:\windows\system32\dllcache\ntkrnlpa.exe
2008-10-15 02:51:24 2027008 -c----w- c:\windows\system32\dllcache\ntkrpamp.exe
2008-10-12 00:09:21 -------- d-----w- c:\program files\NCH Software
2008-10-11 23:59:25 -------- d-----w- c:\program files\NCH Swift Sound
2008-09-18 03:17:08 1425912 ----a-w- c:\program files\common files\microsoft shared\office11\msxml5.dll
2008-08-31 01:21:24 -------- d-----w- c:\windows\system32\scripting
2008-08-31 01:21:23 -------- d-----w- c:\windows\system32\en
2008-08-31 01:21:23 -------- d-----w- c:\windows\system32\bits
2008-08-31 01:21:23 -------- d-----w- c:\windows\l2schemas
2008-08-31 01:19:49 -------- d-----w- c:\windows\ServicePackFiles
2008-08-31 01:18:05 -------- d-----w- c:\windows\network diagnostic
2008-08-31 01:14:44 -------- d-----w- c:\windows\EHome
2008-08-26 03:50:22 155648 ----a-w- c:\program files\common files\microsoft shared\vba\vba6\1033\VBE6INTL.DLL
2008-08-22 20:30:02 276992 ------w- c:\windows\system32\wmphoto.dll
2008-08-22 20:30:01 69120 ------w- c:\windows\system32\wlanapi.dll
2008-08-14 22:45:47 692736 -c----w- c:\windows\system32\dllcache\inetcomm.dll
2008-08-03 15:37:36 36864 ----a-w- c:\windows\system32\sddevmgr.dll
2008-08-01 00:39:24 -------- d-----w- c:\program files\Orban
2008-07-30 01:10:04 73720 ----a-w- c:\windows\system32\dxva2.dll
2008-07-30 01:10:04 493048 ----a-w- c:\windows\system32\evr.dll
2008-07-30 01:10:04 26112 ----a-w- c:\windows\system32\TsWpfWrp.exe
2008-07-29 23:59:58 781344 ----a-w- c:\windows\system32\PresentationNative_v0300.dll
2008-07-29 23:59:58 161296 ----a-w- c:\windows\system32\UIAutomationCore.dll
2008-07-29 23:59:58 105016 ----a-w- c:\windows\system32\PresentationCFFRasterizerNative_v0300.dll
2008-07-29 23:24:50 97800 ----a-w- c:\windows\system32\infocardapi.dll
2008-07-29 23:24:50 622080 ----a-w- c:\windows\system32\icardagt.exe
2008-07-29 23:24:50 37384 ----a-w- c:\windows\system32\infocardcpl.cpl
2008-07-29 23:24:50 11264 ----a-w- c:\windows\system32\icardres.dll
2008-07-29 09:49:58 586240 ----a-w- c:\windows\system32\icardres.dll.mui
2008-07-25 15:16:58 83968 ----a-w- c:\windows\system32\mscories.dll
2008-07-25 15:16:58 158720 ----a-w- c:\windows\system32\mscorier.dll
2008-07-25 15:16:58 158720 ----a-w- c:\program files\internet explorer\mui\0409\mscorier.dll
2008-07-23 16:50:52 3596288 ----a-w- c:\windows\system32\qt-dx331.dll
2008-07-07 20:26:58 253952 -c----w- c:\windows\system32\dllcache\es.dll
2008-06-26 08:15:30 1210880 -c----w- c:\windows\system32\dllcache\urlmon.dll
2008-06-26 08:15:29 1499136 -c----w- c:\windows\system32\dllcache\shdocvw.dll
2008-06-24 16:43:16 74240 -c----w- c:\windows\system32\dllcache\mscms.dll
2008-06-20 17:46:57 245248 -c----w- c:\windows\system32\dllcache\mswsock.dll
2008-06-20 17:46:57 147968 -c----w- c:\windows\system32\dllcache\dnsapi.dll
2008-06-20 11:51:12 361600 -c----w- c:\windows\system32\dllcache\tcpip.sys
2008-06-20 11:40:08 138496 -c----w- c:\windows\system32\dllcache\afd.sys
2008-06-20 11:08:27 226880 -c----w- c:\windows\system32\dllcache\tcpip6.sys
2008-06-19 00:30:28 -------- d-----w- c:\docume~1\shaina\locals~1\applic~1\WMTools Downloaded Files
2008-06-18 02:50:20 25048 ----a-w- c:\program files\mozilla firefox\components\browserdirprovider.dll
2008-06-18 02:50:20 140248 ----a-w- c:\program files\mozilla firefox\components\brwsrcmp.dll
2008-06-18 02:50:19 11775448 ----a-w- c:\program files\mozilla firefox\xul.dll
2008-06-18 02:50:18 98304 ----a-w- c:\program files\mozilla firefox\nssdbm3.dll
2008-06-18 02:50:18 89048 ----a-w- c:\program files\mozilla firefox\nssutil3.dll
2008-06-18 02:50:18 719832 ----a-w- c:\program files\mozilla firefox\mozcrt19.dll
2008-06-18 02:50:18 492504 ----a-w- c:\program files\mozilla firefox\sqlite3.dll
2008-06-18 02:50:18 107480 ----a-w- c:\program files\mozilla firefox\crashreporter.exe
2008-06-18 02:28:35 5632 ----a-w- c:\windows\system32\ptpusb.dll
2008-06-18 02:28:34 159232 ----a-w- c:\windows\system32\ptpusd.dll
2008-06-17 19:02:19 8462336 -c----w- c:\windows\system32\dllcache\shell32.dll
2008-06-13 00:27:45 203136 -c----w- c:\windows\system32\dllcache\rmcast.sys
2008-06-13 00:27:25 272128 -c----w- c:\windows\system32\dllcache\bthport.sys
2008-06-13 00:27:25 272128 ------w- c:\windows\system32\drivers\bthport.sys
2008-06-12 14:23:32 956928 -c----w- c:\windows\system32\dllcache\msdtctm.dll
2008-06-12 14:23:32 91648 -c----w- c:\windows\system32\dllcache\mtxoci.dll
2008-06-12 14:23:32 66560 -c----w- c:\windows\system32\dllcache\mtxclu.dll
2008-06-12 14:23:32 58880 -c----w- c:\windows\system32\dllcache\msdtclog.dll
2008-06-12 14:23:32 428032 -c----w- c:\windows\system32\dllcache\msdtcprx.dll
2008-06-12 14:23:32 161792 -c----w- c:\windows\system32\dllcache\msdtcuiu.dll
2008-05-09 11:54:12 376832 ----a-w- c:\program files\mozilla firefox\plugins\npsnapfish.dll
2008-05-09 10:53:40 90112 -c----w- c:\windows\system32\dllcache\wshext.dll
2008-05-09 10:53:40 420352 -c--a-w- c:\windows\system32\dllcache\vbscript.dll
2008-05-09 10:53:40 172032 -c----w- c:\windows\system32\dllcache\scrrun.dll
2008-05-09 10:53:39 726528 -c--a-w- c:\windows\system32\dllcache\jscript.dll
2008-05-09 10:53:39 180224 -c----w- c:\windows\system32\dllcache\scrobj.dll
2008-05-08 11:24:44 155648 -c----w- c:\windows\system32\dllcache\wscript.exe
2008-05-07 09:07:23 135168 -c----w- c:\windows\system32\dllcache\cscript.exe
2008-05-07 05:12:40 1291776 -c----w- c:\windows\system32\dllcache\quartz.dll
2008-05-02 21:39:20 -------- d-----w- c:\docume~1\shaina\locals~1\applic~1\Apple
2008-05-02 21:39:10 -------- d-----w- c:\docume~1\shaina\locals~1\applic~1\Apple Computer
2008-04-21 06:44:29 916480 -c----w- c:\windows\system32\dllcache\wininet.dll
2008-04-21 06:44:29 5961216 -c----w- c:\windows\system32\dllcache\mshtml.dll
2008-03-28 01:00:00 -------- d-----w- c:\docume~1\shaina\applic~1\DVD Flick
2008-03-28 00:59:39 81920 ----a-w- c:\windows\system32\mbmouse.ocx
2008-03-28 00:59:39 36864 ----a-w- c:\windows\system32\trayicon.ocx
2008-03-28 00:59:38 212240 ----a-w- c:\windows\system32\richtx32.ocx
2008-03-28 00:59:38 -------- d-----w- c:\program files\DVD Flick
2008-03-28 00:40:45 25856 ----a-w- c:\windows\system32\drivers\usbprint.sys
2008-03-28 00:40:36 15104 ----a-w- c:\windows\system32\drivers\usbscan.sys
2008-03-28 00:40:32 32128 -c--a-w- c:\windows\system32\dllcache\usbccgp.sys
2008-03-28 00:40:32 32128 ----a-w- c:\windows\system32\drivers\usbccgp.sys
2008-03-27 23:04:56 -------- d-----w- c:\program files\common files\CANON
2008-03-27 23:01:33 69632 ----a-w- c:\windows\system32\spool\prtprocs\w32x86\CNMPP8S.DLL
2008-03-27 23:01:33 27136 ----a-w- c:\windows\system32\spool\prtprocs\w32x86\CNMPD8S.DLL
2008-03-27 23:01:32 215040 ----a-w- c:\windows\system32\CNMLM8S.DLL
2008-03-27 23:01:25 98304 ----a-w- c:\windows\system32\CNC210I.DLL
2008-03-27 23:01:25 200704 ----a-w- c:\windows\system32\CNC210L.DLL
2008-03-27 23:01:25 188416 ----a-w- c:\windows\system32\CNC210O.DLL
2008-03-27 23:01:25 1400832 ----a-w- c:\windows\system32\CNC210C.DLL
2008-03-27 23:00:12 -------- d-----w- c:\program files\Canon
2008-03-27 01:43:09 -------- d-sh--w- c:\documents and settings\shaina\UserData
2008-03-21 01:46:26 22168 ----a-w- c:\windows\system32\dopdfmn6.dll
2008-03-21 01:46:26 18072 ----a-w- c:\windows\system32\dopdfmi6.dll
2008-03-21 01:46:24 -------- d-----w- c:\program files\Softland
2008-03-21 01:41:12 663072 ----a-w- c:\program files\mozilla firefox\plugins\npOGAPlugin.dll
2008-03-19 03:08:42 -------- d-----w- c:\docume~1\shaina\applic~1\Broderbund
2008-03-19 02:12:33 -------- d-----w- c:\program files\Broderbund
2008-03-19 02:12:33 -------- d-----w- c:\docume~1\alluse~1\applic~1\Broderbund
2008-03-19 02:12:32 274432 ----a-w- c:\windows\TLCUninstall.exe
2008-03-19 02:12:17 306688 ----a-w- c:\windows\IsUninst.exe
2008-03-18 23:33:08 -------- d-----w- c:\program files\common files\AnswerWorks 5.0
2008-03-18 23:32:59 3518464 ----a-w- c:\windows\system32\cdintf300.dll
2008-03-18 23:32:59 1843200 ----a-w- c:\windows\system32\acXMLParser.dll
2008-03-18 23:32:49 -------- d-----w- c:\docume~1\shaina\applic~1\Intuit
2008-03-18 23:32:27 -------- d-----w- c:\program files\Quicken
2008-03-18 23:32:11 -------- d-----w- c:\docume~1\alluse~1\applic~1\Intuit
2008-03-18 23:26:09 -------- d-----w- c:\program files\MagicISO
2008-03-10 22:01:43 7552 -c--a-w- c:\windows\system32\dllcache\sonypvu1.sys
2008-03-10 22:01:43 7552 ----a-w- c:\windows\system32\drivers\SONYPVU1.SYS
2008-03-02 22:55:33 133616 ------w- c:\windows\system32\pxafs.dll
2008-03-02 22:55:33 125424 ------w- c:\windows\system32\pxinsi64.exe
2008-03-02 22:55:33 123888 ------w- c:\windows\system32\pxcpyi64.exe
2008-02-28 23:17:21 215920 ----a-w- c:\windows\system32\muweb.dll
2008-02-28 23:17:21 16736 ----a-w- c:\windows\system32\mucltui.dll.mui
2008-02-28 23:17:20 274288 ----a-w- c:\windows\system32\mucltui.dll
2008-02-28 23:15:33 33104 ----a-w- c:\windows\system32\spool\prtprocs\w32x86\msonpppr.dll
2008-02-28 23:15:33 32656 ----a-w- c:\windows\system32\msonpmon.dll
2008-02-28 23:11:14 -------- d-----w- c:\windows\SHELLNEW
2008-02-28 23:10:37 -------- d-----w- c:\docume~1\shaina\locals~1\applic~1\Microsoft Help
2008-02-10 17:36:47 -------- d-----w- c:\windows\SxsCaPendDel
2008-01-29 04:20:42 -------- d-----w- C:\MDT
2008-01-29 04:17:16 -------- d-----w- c:\program files\VideoLAN
2008-01-22 03:26:33 -------- d-----w- c:\docume~1\shaina\locals~1\applic~1\Adobe
2008-01-21 23:47:13 -------- d-----w- c:\program files\DivX
2008-01-20 22:06:09 1559040 ----a-w- c:\windows\system32\xvidcore.dll
2008-01-20 22:06:09 -------- d-----w- c:\program files\K-Lite Codec Pack
2008-01-20 22:05:31 2625445 ----a-w- c:\program files\klcodec365b.exe
2008-01-20 18:03:07 -------- d-----w- c:\program files\Windows Media Connect 2
2008-01-20 18:02:30 -------- d-----w- c:\windows\system32\LogFiles
2008-01-20 17:39:28 -------- d-----w- c:\docume~1\shaina\applic~1\.ABC
2008-01-20 17:38:32 -------- d-----w- c:\program files\ABC
2008-01-20 17:24:26 73728 ----a-w- c:\windows\system32\javacpl.cpl
2008-01-20 17:17:25 -------- d-----w- c:\docume~1\shaina\applic~1\Grisoft

==================== Find3M ====================

2011-01-21 14:44:37 439296 ----a-w- c:\windows\system32\shimgvw.dll
2011-01-07 14:09:02 290048 ----a-w- c:\windows\system32\atmfd.dll
2011-01-03 15:02:36 26112 ----a-w- c:\windows\system32\userinit.exe
2010-12-31 13:10:33 1854976 ----a-w- c:\windows\system32\win32k.sys
2010-12-22 12:34:28 301568 ----a-w- c:\windows\system32\kerberos.dll
2010-12-20 23:59:20 916480 ----a-w- c:\windows\system32\wininet.dll
2010-12-20 23:59:19 43520 ----a-w- c:\windows\system32\licmgr10.dll
2010-12-20 23:59:19 1469440 ------w- c:\windows\system32\inetcpl.cpl
2010-12-20 17:26:00 730112 ----a-w- c:\windows\system32\lsasrv.dll
2010-12-20 12:55:26 385024 ----a-w- c:\windows\system32\html.iec
2010-12-09 15:15:09 718336 ----a-w- c:\windows\system32\ntdll.dll
2010-12-09 14:30:22 33280 ----a-w- c:\windows\system32\csrsrv.dll
2010-12-09 13:42:26 2148864 ----a-w- c:\windows\system32\ntoskrnl.exe
2010-12-09 13:07:07 2027008 ----a-w- c:\windows\system32\ntkrnlpa.exe
2010-11-18 18:12:44 81920 ----a-w- c:\windows\system32\isign32.dll
2010-11-09 14:52:35 249856 ----a-w- c:\windows\system32\odbc32.dll
2010-09-18 16:23:26 974848 ----a-w- c:\windows\system32\mfc42u.dll
2010-09-18 06:53:25 974848 ----a-w- c:\windows\system32\mfc42.dll
2010-09-18 06:53:25 954368 ----a-w- c:\windows\system32\mfc40.dll
2010-09-18 06:53:25 953856 ----a-w- c:\windows\system32\mfc40u.dll
2010-08-27 08:02:29 119808 ----a-w- c:\windows\system32\t2embed.dll
2010-08-27 05:57:43 99840 ----a-w- c:\windows\system32\srvsvc.dll
2010-08-23 16:12:04 617472 ----a-w- c:\windows\system32\comctl32.dll
2010-08-17 13:17:06 58880 ----a-w- c:\windows\system32\spoolsv.exe
2010-08-16 08:45:00 590848 ----a-w- c:\windows\system32\rpcrt4.dll
2010-07-16 12:05:55 1288192 ----a-w- c:\windows\system32\ole32.dll
2010-06-30 12:31:35 149504 ----a-w- c:\windows\system32\schannel.dll
2010-06-18 17:45:17 293376 ----a-w- c:\windows\system32\winsrv.dll
2010-06-17 14:03:00 80384 ----a-w- c:\windows\system32\iccvid.dll
2010-06-15 16:17:24 143422 ----a-w- c:\windows\system32\l3codecx.ax
2010-06-14 14:31:20 744448 ----a-w- c:\windows\pchealth\helpctr\binaries\helpsvc.exe
2010-06-14 07:41:45 1172480 ----a-w- c:\windows\system32\msxml3.dll
2010-06-09 07:43:36 692736 ----a-w- c:\windows\system32\inetcomm.dll
2010-04-16 15:36:56 406016 ----a-w- c:\windows\system32\usp10.dll
2010-03-30 16:24:40 317440 ------w- c:\windows\system32\mp4sdecd.dll
2010-03-30 04:52:26 262416 ----a-w- c:\windows\system32\mpg4ds32.ax
2010-03-10 06:15:52 420352 ----a-w- c:\windows\system32\vbscript.dll
2010-03-05 14:37:40 65536 ----a-w- c:\windows\system32\asycfilt.dll
2010-02-12 04:33:11 100864 ----a-w- c:\windows\system32\6to4svc.dll
2010-02-05 18:27:45 1291776 ----a-w- c:\windows\system32\quartz.dll
2010-01-13 14:01:25 86016 ----a-w- c:\windows\system32\cabview.dll
2009-12-24 06:59:40 177664 ----a-w- c:\windows\system32\wintrust.dll
2009-12-16 18:43:27 343040 ----a-w- c:\windows\system32\mspaint.exe
2009-11-27 17:11:44 17920 ----a-w- c:\windows\system32\msyuv.dll
2009-11-27 16:07:35 8704 ----a-w- c:\windows\system32\tsbyuv.dll
2009-11-27 16:07:35 28672 ----a-w- c:\windows\system32\msvidc32.dll
2009-11-27 16:07:34 84992 ----a-w- c:\windows\system32\avifil32.dll
2009-11-27 16:07:34 48128 ----a-w- c:\windows\system32\iyuv_32.dll
2009-11-27 16:07:34 11264 ----a-w- c:\windows\system32\msrle32.dll
2009-11-21 15:51:04 471552 ----a-w- c:\windows\apppatch\aclayers.dll
2009-10-21 05:38:36 75776 ----a-w- c:\windows\system32\strmfilt.dll
2009-10-21 05:38:36 25088 ----a-w- c:\windows\system32\httpapi.dll
2009-10-15 16:28:26 81920 ----a-w- c:\windows\system32\fontsub.dll
2009-10-13 10:30:16 270336 ----a-w- c:\windows\system32\oakley.dll
2009-10-12 13:38:19 149504 ----a-w- c:\windows\system32\rastls.dll
2009-10-12 13:38:18 79872 ----a-w- c:\windows\system32\raschap.dll
2009-09-11 14:18:39 136192 ----a-w- c:\windows\system32\msv1_0.dll
2009-09-04 21:03:36 58880 ----a-w- c:\windows\system32\msasn1.dll
2009-09-01 14:46:07 282654 ----a-w- c:\windows\system32\msaud32.acm
2009-08-26 08:00:21 247326 ----a-w- c:\windows\system32\strmdll.dll
2009-08-25 09:17:27 354816 ----a-w- c:\windows\system32\winhttp.dll
2009-08-06 23:24:18 21728 ----a-w- c:\windows\system32\wucltui.dll.mui
2009-08-06 23:24:12 15072 ----a-w- c:\windows\system32\wuaucpl.cpl.mui
2009-08-06 23:24:10 217816 ----a-w- c:\windows\system32\wuaucpl.cpl
2009-08-06 23:24:06 15064 ----a-w- c:\windows\system32\wuapi.dll.mui
2009-08-06 23:24:00 17632 ----a-w- c:\windows\system32\wuaueng.dll.mui
2009-08-05 09:01:48 204800 ----a-w- c:\windows\system32\mswebdvd.dll
2009-07-31 15:05:44 1372672 ------w- c:\windows\system32\msxml6.dll
2009-07-17 19:01:06 58880 ----a-w- c:\windows\system32\atl.dll
2009-07-17 16:22:18 1435648 ----a-w- c:\windows\system32\query.dll
2009-07-14 03:43:24 286208 ----a-w- c:\windows\system32\wmpdxm.dll
2009-06-25 08:25:26 56832 ----a-w- c:\windows\system32\secur32.dll
2009-06-25 08:25:26 54272 ----a-w- c:\windows\system32\wdigest.dll
2009-06-12 12:31:39 76288 ----a-w- c:\windows\system32\telnet.exe
2009-06-10 13:19:38 2066432 ----a-w- c:\windows\system32\mstscax.dll
2009-06-10 06:14:49 132096 ----a-w- c:\windows\system32\wkssvc.dll
2009-05-07 15:32:35 345600 ----a-w- c:\windows\system32\localspl.dll
2009-04-02 03:02:22 604160 ----a-w- c:\windows\system32\wmspdmod.dll
2009-03-08 08:33:40 18944 ----a-w- c:\windows\system32\corpol.dll
2009-03-08 08:32:56 72704 ----a-w- c:\windows\system32\admparse.dll
2009-03-08 08:32:50 71680 ----a-w- c:\windows\system32\iesetup.dll
2009-03-08 08:31:38 34816 ----a-w- c:\windows\system32\imgutil.dll
2009-03-08 08:31:18 48128 ----a-w- c:\windows\system32\mshtmler.dll
2009-03-08 08:31:02 45568 ----a-w- c:\windows\system32\mshta.exe
2009-03-08 08:31:02 1638912 ----a-w- c:\windows\system32\mshtml.tlb
2009-03-08 08:30:56 66560 ----a-w- c:\windows\system32\tdc.ocx
2009-03-08 08:22:38 156160 ----a-w- c:\windows\system32\msls31.dll
2009-03-06 14:22:18 284160 ----a-w- c:\windows\system32\pdh.dll
2009-02-09 12:10:48 617472 ----a-w- c:\windows\system32\advapi32.dll
2009-02-09 12:10:48 473600 ----a-w- c:\windows\system32\wbem\fastprox.dll
2009-02-09 12:10:48 453120 ----a-w- c:\windows\system32\wbem\wmiprvsd.dll
2009-02-09 12:10:48 401408 ----a-w- c:\windows\system32\rpcss.dll
2009-02-06 11:11:05 110592 ----a-w- c:\windows\system32\services.exe
2009-02-06 10:39:08 35328 ----a-w- c:\windows\system32\sc.exe
2009-02-06 10:10:02 227840 ----a-w- c:\windows\system32\wbem\wmiprvse.exe
2009-01-07 22:21:00 26144 ----a-w- c:\windows\system32\spupdsvc.exe
2008-10-26 09:00:00 69632 ----a-w- c:\windows\system32\spool\prtprocs\w32x86\CNMPP9N.DLL
2008-10-26 09:00:00 27136 ----a-w- c:\windows\system32\spool\prtprocs\w32x86\CNMPD9N.DLL
2008-10-26 09:00:00 236032 ----a-w- c:\windows\system32\CNMLM9N.DLL
2008-10-23 12:36:14 286720 ----a-w- c:\windows\system32\gdi32.dll

============= FINISH: 23:20:35.20 ===============

 

[merenwen]

UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
IF REQUESTED, ZIP IT UP & ATTACH IT

DDS (Ver_10-12-12.02)

Microsoft Windows XP Home Edition
Boot Device: \Device\HarddiskVolume1
Install Date: 1/20/2008 11:39:09 AM
System Uptime: 1/1/2007 11:14:06 PM (0 hours ago)

Motherboard: Dell Inc. | | 0CU409
Processor: Intel(R) Core(TM)2 Duo CPU E4500 @ 2.20GHz | Socket 775 | 2194/200mhz

==== Disk Partitions =========================

A: is Removable
C: is FIXED (NTFS) - 149 GiB total, 12.518 GiB free.
D: is CDROM (UDF)

==== Disabled Device Manager Items =============

Class GUID: {6BDD1FC6-810F-11D0-BEC7-08002BE2092F}
Description: Canon MX860 ser Network
Device ID: ROOT\CANON_IJ_NETWORK\0000
Manufacturer: Canon
Name: Canon MX860 ser Network
PNP Device ID: ROOT\CANON_IJ_NETWORK\0000
Service: StillCam

==== System Restore Points ===================

RP1: 1/28/2011 1:14:22 PM - System Checkpoint
RP2: 1/28/2011 1:26:50 PM - Software Distribution Service 3.0
RP3: 1/28/2011 2:04:04 PM - avast! Free Antivirus Setup
RP4: 1/28/2011 2:13:24 PM - avast! Free Antivirus Setup
RP5: 1/29/2011 2:14:42 PM - System Checkpoint
RP6: 1/29/2011 11:26:55 PM - avast! Free Antivirus Setup
RP7: 1/31/2011 12:39:25 AM - System Checkpoint
RP8: 2/1/2011 1:25:37 AM - System Checkpoint
RP9: 2/2/2011 2:19:26 AM - System Checkpoint
RP10: 2/3/2011 2:21:06 AM - System Checkpoint
RP11: 2/4/2011 3:01:16 AM - System Checkpoint
RP12: 2/5/2011 4:01:41 AM - System Checkpoint
RP13: 2/6/2011 4:02:38 AM - System Checkpoint
RP14: 2/7/2011 5:01:16 AM - System Checkpoint
RP15: 2/8/2011 6:01:16 AM - System Checkpoint
RP16: 2/9/2011 3:00:15 AM - Software Distribution Service 3.0
RP17: 1/1/2007 12:18:20 AM - System Checkpoint

==== Installed Programs ======================

ABC (remove only)
Adobe Acrobat 7.0 Professional
Adobe AIR
Adobe Flash Player 10 ActiveX
Adobe Flash Player 10 Plugin
Adobe Reader X (10.0.1)
Apple Application Support
Apple Mobile Device Support
Apple Software Update
avast! Free Antivirus
Canon IJ Network Scan Utility
Canon IJ Network Tool
Canon MP Navigator EX 1.0
Canon MP Navigator EX 2.1
Canon MP210 series
Canon MP210 series User Registration
Canon MX860 series MP Drivers
Canon MX860 series User Registration
Canon Utilities Easy-PhotoPrint EX
Canon Utilities My Printer
Canon Utilities Solution Menu
CCleaner (remove only)
Coupon Printer for Windows
Critical Update for Windows Media Player 11 (KB959772)
Dell Resource CD
DivX Converter
DivX Plus DirectShow Filters
DivX Setup
DivX Version Checker
doPDF 6.0 printer
DVD Flick
ESET Online Scanner v3
FrostWire 4.21.1
Google Chrome
Google Update Helper
High Definition Audio Driver Package - KB888111
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595)
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484)
Hotfix for Windows Media Format 11 SDK (KB929399)
Hotfix for Windows Media Player 11 (KB939683)
Hotfix for Windows XP (KB2158563)
Hotfix for Windows XP (KB2443685)
Hotfix for Windows XP (KB932716-v2)
Hotfix for Windows XP (KB952287)
Hotfix for Windows XP (KB954550-v5)
Hotfix for Windows XP (KB961118)
Hotfix for Windows XP (KB970653-v3)
Hotfix for Windows XP (KB976098-v2)
Hotfix for Windows XP (KB979306)
Hotfix for Windows XP (KB981793)
Intel(R) Graphics Media Accelerator Driver
Intel(R) PRO Network Connections 12.1.12.0
iTunes
Java Auto Updater
Java(TM) 6 Update 23
K-Lite Codec Pack 3.6.5 Basic
Logitech Vid HD
Logitech Webcam Software
Logitech Webcam Software Driver Package
Malwarebytes' Anti-Malware
Microsoft .NET Framework 2.0 Service Pack 2
Microsoft .NET Framework 3.0 Service Pack 2
Microsoft .NET Framework 3.5 SP1
Microsoft Compression Client Pack 1.0 for Windows XP
Microsoft Kernel-Mode Driver Framework Feature Pack 1.5
Microsoft Office 2007 Service Pack 2 (SP2)
Microsoft Office Access MUI (English) 2007
Microsoft Office Access Setup Metadata MUI (English) 2007
Microsoft Office Enterprise 2007
Microsoft Office Excel MUI (English) 2007
Microsoft Office Groove MUI (English) 2007
Microsoft Office Groove Setup Metadata MUI (English) 2007
Microsoft Office InfoPath MUI (English) 2007
Microsoft Office OneNote MUI (English) 2007
Microsoft Office Outlook MUI (English) 2007
Microsoft Office PowerPoint MUI (English) 2007
Microsoft Office Proof (English) 2007
Microsoft Office Proof (French) 2007
Microsoft Office Proof (Spanish) 2007
Microsoft Office Proofing (English) 2007
Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
Microsoft Office Publisher MUI (English) 2007
Microsoft Office Shared MUI (English) 2007
Microsoft Office Shared Setup Metadata MUI (English) 2007
Microsoft Office Word MUI (English) 2007
Microsoft Silverlight
Microsoft Software Update for Web Folders (English) 12
Microsoft User-Mode Driver Framework Feature Pack 1.0
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
Microsoft Visual C++ 2005 Redistributable
Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
Mozilla Firefox (3.6.13)
MSXML 4.0 SP2 (KB936181)
MSXML 4.0 SP2 (KB954430)
MSXML 4.0 SP2 (KB973688)
Orban/Coding Technologies AAC/aacPlus Player Plugin™ 1.0
Prism Video Converter
QuickTime
RealPlayer
Realtek High Definition Audio Driver
RealUpgrade 1.0
Roxio MyDVD DE
Secunia PSI (2.0.0.3001)
Security Update for 2007 Microsoft Office System (KB2288621)
Security Update for 2007 Microsoft Office System (KB2288931)
Security Update for 2007 Microsoft Office System (KB2289158)
Security Update for 2007 Microsoft Office System (KB2344875)
Security Update for 2007 Microsoft Office System (KB2345043)
Security Update for 2007 Microsoft Office System (KB969559)
Security Update for 2007 Microsoft Office System (KB976321)
Security Update for CAPICOM (KB931906)
Security Update for Microsoft .NET Framework 3.5 SP1 (KB2416473)
Security Update for Microsoft Office Access 2007 (KB979440)
Security Update for Microsoft Office Excel 2007 (KB2345035)
Security Update for Microsoft Office InfoPath 2007 (KB979441)
Security Update for Microsoft Office PowerPoint 2007 (KB982158)
Security Update for Microsoft Office PowerPoint Viewer (KB2413381)
Security Update for Microsoft Office Publisher 2007 (KB2284697)
Security Update for Microsoft Office system 2007 (972581)
Security Update for Microsoft Office system 2007 (KB974234)
Security Update for Microsoft Office Visio Viewer 2007 (KB973709)
Security Update for Microsoft Office Word 2007 (KB2344993)
Security Update for Windows Internet Explorer 8 (KB2183461)
Security Update for Windows Internet Explorer 8 (KB2360131)
Security Update for Windows Internet Explorer 8 (KB2416400)
Security Update for Windows Internet Explorer 8 (KB2482017)
Security Update for Windows Internet Explorer 8 (KB969897)
Security Update for Windows Internet Explorer 8 (KB971961)
Security Update for Windows Internet Explorer 8 (KB972260)
Security Update for Windows Internet Explorer 8 (KB974455)
Security Update for Windows Internet Explorer 8 (KB976325)
Security Update for Windows Internet Explorer 8 (KB978207)
Security Update for Windows Internet Explorer 8 (KB981332)
Security Update for Windows Internet Explorer 8 (KB982381)
Security Update for Windows Media Player (KB2378111)
Security Update for Windows Media Player (KB911564)
Security Update for Windows Media Player (KB952069)
Security Update for Windows Media Player (KB954155)
Security Update for Windows Media Player (KB968816)
Security Update for Windows Media Player (KB973540)
Security Update for Windows Media Player (KB975558)
Security Update for Windows Media Player (KB978695)
Security Update for Windows Media Player 11 (KB936782)
Security Update for Windows Media Player 11 (KB954154)
Security Update for Windows Media Player 6.4 (KB925398)
Security Update for Windows Media Player 9 (KB936782)
Security Update for Windows XP (KB2079403)
Security Update for Windows XP (KB2115168)
Security Update for Windows XP (KB2121546)
Security Update for Windows XP (KB2160329)
Security Update for Windows XP (KB2229593)
Security Update for Windows XP (KB2259922)
Security Update for Windows XP (KB2279986)
Security Update for Windows XP (KB2286198)
Security Update for Windows XP (KB2296011)
Security Update for Windows XP (KB2296199)
Security Update for Windows XP (KB2347290)
Security Update for Windows XP (KB2360937)
Security Update for Windows XP (KB2387149)
Security Update for Windows XP (KB2393802)
Security Update for Windows XP (KB2419632)
Security Update for Windows XP (KB2423089)
Security Update for Windows XP (KB2436673)
Security Update for Windows XP (KB2440591)
Security Update for Windows XP (KB2443105)
Security Update for Windows XP (KB2476687)
Security Update for Windows XP (KB2478960)
Security Update for Windows XP (KB2478971)
Security Update for Windows XP (KB2479628)
Security Update for Windows XP (KB2483185)
Security Update for Windows XP (KB2485376)
Security Update for Windows XP (KB923561)
Security Update for Windows XP (KB923689)
Security Update for Windows XP (KB923789)
Security Update for Windows XP (KB938464)
Security Update for Windows XP (KB941569)
Security Update for Windows XP (KB946648)
Security Update for Windows XP (KB950759)
Security Update for Windows XP (KB950760)
Security Update for Windows XP (KB950762)
Security Update for Windows XP (KB950974)
Security Update for Windows XP (KB951066)
Security Update for Windows XP (KB951376-v2)
Security Update for Windows XP (KB951376)
Security Update for Windows XP (KB951698)
Security Update for Windows XP (KB951748)
Security Update for Windows XP (KB952004)
Security Update for Windows XP (KB952954)
Security Update for Windows XP (KB953838)
Security Update for Windows XP (KB953839)
Security Update for Windows XP (KB954211)
Security Update for Windows XP (KB954459)
Security Update for Windows XP (KB954600)
Security Update for Windows XP (KB955069)
Security Update for Windows XP (KB956390)
Security Update for Windows XP (KB956391)
Security Update for Windows XP (KB956572)
Security Update for Windows XP (KB956744)
Security Update for Windows XP (KB956802)
Security Update for Windows XP (KB956803)
Security Update for Windows XP (KB956841)
Security Update for Windows XP (KB956844)
Security Update for Windows XP (KB957095)
Security Update for Windows XP (KB957097)
Security Update for Windows XP (KB958215)
Security Update for Windows XP (KB958644)
Security Update for Windows XP (KB958687)
Security Update for Windows XP (KB958690)
Security Update for Windows XP (KB958869)
Security Update for Windows XP (KB959426)
Security Update for Windows XP (KB960225)
Security Update for Windows XP (KB960714)
Security Update for Windows XP (KB960715)
Security Update for Windows XP (KB960803)
Security Update for Windows XP (KB960859)
Security Update for Windows XP (KB961371)
Security Update for Windows XP (KB961373)
Security Update for Windows XP (KB961501)
Security Update for Windows XP (KB963027)
Security Update for Windows XP (KB968537)
Security Update for Windows XP (KB969059)
Security Update for Windows XP (KB969897)
Security Update for Windows XP (KB969898)
Security Update for Windows XP (KB969947)
Security Update for Windows XP (KB970238)
Security Update for Windows XP (KB970430)
Security Update for Windows XP (KB971468)
Security Update for Windows XP (KB971486)
Security Update for Windows XP (KB971557)
Security Update for Windows XP (KB971633)
Security Update for Windows XP (KB971657)
Security Update for Windows XP (KB972270)
Security Update for Windows XP (KB973346)
Security Update for Windows XP (KB973354)
Security Update for Windows XP (KB973507)
Security Update for Windows XP (KB973525)
Security Update for Windows XP (KB973869)
Security Update for Windows XP (KB973904)
Security Update for Windows XP (KB974112)
Security Update for Windows XP (KB974318)
Security Update for Windows XP (KB974392)
Security Update for Windows XP (KB974571)
Security Update for Windows XP (KB975025)
Security Update for Windows XP (KB975467)
Security Update for Windows XP (KB975560)
Security Update for Windows XP (KB975561)
Security Update for Windows XP (KB975562)
Security Update for Windows XP (KB975713)
Security Update for Windows XP (KB977165)
Security Update for Windows XP (KB977816)
Security Update for Windows XP (KB977914)
Security Update for Windows XP (KB978037)
Security Update for Windows XP (KB978251)
Security Update for Windows XP (KB978262)
Security Update for Windows XP (KB978338)
Security Update for Windows XP (KB978542)
Security Update for Windows XP (KB978601)
Security Update for Windows XP (KB978706)
Security Update for Windows XP (KB979309)
Security Update for Windows XP (KB979482)
Security Update for Windows XP (KB979559)
Security Update for Windows XP (KB979683)
Security Update for Windows XP (KB979687)
Security Update for Windows XP (KB980195)
Security Update for Windows XP (KB980218)
Security Update for Windows XP (KB980232)
Security Update for Windows XP (KB980436)
Security Update for Windows XP (KB981322)
Security Update for Windows XP (KB981852)
Security Update for Windows XP (KB981957)
Security Update for Windows XP (KB981997)
Security Update for Windows XP (KB982132)
Security Update for Windows XP (KB982214)
Security Update for Windows XP (KB982665)
Security Update for Windows XP (KB982802)
Skype™ 5.1
Switch Sound File Converter
Update for 2007 Microsoft Office System (KB967642)
Update for Microsoft .NET Framework 3.5 SP1 (KB963707)
Update for Microsoft Office OneNote 2007 (KB980729)
Update for Microsoft Office Outlook 2007 (KB2412171)
Update for Outlook 2007 Junk Email Filter (KB2492475)
Update for Windows Internet Explorer 8 (KB971930)
Update for Windows Internet Explorer 8 (KB976662)
Update for Windows Internet Explorer 8 (KB976749)
Update for Windows Internet Explorer 8 (KB980182)
Update for Windows XP (KB2141007)
Update for Windows XP (KB2345886)
Update for Windows XP (KB2467659)
Update for Windows XP (KB951072-v2)
Update for Windows XP (KB951978)
Update for Windows XP (KB955759)
Update for Windows XP (KB955839)
Update for Windows XP (KB967715)
Update for Windows XP (KB968389)
Update for Windows XP (KB971737)
Update for Windows XP (KB973687)
Update for Windows XP (KB973815)
Usmleworld Step2 QBank V2
VC80CRTRedist - 8.0.50727.4053
VideoCam Suite
Visual C++ 2008 x86 Runtime - (v9.0.30729)
Visual C++ 2008 x86 Runtime - v9.0.30729.01
VLC media player 1.1.7
VobSub v2.23 (Remove Only)
WebFldrs XP
Windows Genuine Advantage Validation Tool (KB892130)
Windows Internet Explorer 8
Windows Media Format 11 runtime
Windows Media Player 11
Windows XP Service Pack 3
WinRAR archiver

==== Event Viewer Messages From Past Week ========

1/3/2011 10:06:02 AM, error: System Error [1003] - Error code 000000ea, parameter1 8956a110, parameter2 8a27c1c0, parameter3 8a60b1a8, parameter4 00000001.
1/3/2011 10:05:44 AM, error: System Error [1003] - Error code 000000ea, parameter1 89eb2438, parameter2 8a34c930, parameter3 89cf35a0, parameter4 00000001.
1/29/2011 10:52:12 PM, error: DCOM [10005] - DCOM got error "%1084" attempting to start the service StiSvc with arguments "" in order to run the server: {A1F4E726-8CF1-11D1-BF92-0060081ED811}
1/29/2011 10:50:45 PM, error: Service Control Manager [7026] - The following boot-start or system-start driver(s) failed to load: Aavmker4 AFD aswRdr aswSP aswTdi Fips intelppm IPSec MRxSmb NetBIOS NetBT RasAcd Rdbss Tcpip
1/29/2011 10:50:45 PM, error: Service Control Manager [7001] - The TCP/IP NetBIOS Helper service depends on the AFD service which failed to start because of the following error: A device attached to the system is not functioning.
1/29/2011 10:50:45 PM, error: Service Control Manager [7001] - The IPSEC Services service depends on the IPSEC driver service which failed to start because of the following error: A device attached to the system is not functioning.
1/29/2011 10:50:45 PM, error: Service Control Manager [7001] - The DNS Client service depends on the TCP/IP Protocol Driver service which failed to start because of the following error: A device attached to the system is not functioning.
1/29/2011 10:50:45 PM, error: Service Control Manager [7001] - The DHCP Client service depends on the NetBios over Tcpip service which failed to start because of the following error: A device attached to the system is not functioning.
1/29/2011 10:50:45 PM, error: Service Control Manager [7001] - The Apple Mobile Device service depends on the TCP/IP Protocol Driver service which failed to start because of the following error: A device attached to the system is not functioning.
1/29/2011 10:50:00 PM, error: DCOM [10005] - DCOM got error "%1084" attempting to start the service netman with arguments "" in order to run the server: {BA126AE5-2166-11D1-B1D0-00805FC1270E}
1/29/2011 10:49:56 PM, error: DCOM [10005] - DCOM got error "%1084" attempting to start the service EventSystem with arguments "" in order to run the server: {1BE1F766-5536-11D1-B726-00C04FB926AF}
1/27/2011 11:58:16 PM, error: Dhcp [1002] - The IP address lease 192.168.1.2 for the Network Card with network address 001D097DF82A has been denied by the DHCP server 0.0.0.0 (The DHCP Server sent a DHCPNACK message).
1/26/2011 9:38:25 PM, error: Dhcp [1001] - Your computer was not assigned an address from the network (by the DHCP Server) for the Network Card with network address 001D097DF82A. The following error occurred: The operation was canceled by the user. . Your computer will continue to try and obtain an address on its own from the network address (DHCP) server.
1/26/2011 9:18:28 PM, error: Service Control Manager [7034] - The Process Monitor service terminated unexpectedly. It has done this 1 time(s).
1/26/2011 9:18:28 PM, error: Service Control Manager [7034] - The Java Quick Starter service terminated unexpectedly. It has done this 1 time(s).
1/26/2011 9:18:28 PM, error: Service Control Manager [7034] - The iPod Service service terminated unexpectedly. It has done this 1 time(s).
1/26/2011 9:18:28 PM, error: Service Control Manager [7031] - The Apple Mobile Device service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 60000 milliseconds: Restart the service.
1/17/2011 10:37:46 AM, error: Service Control Manager [7023] - The Application Management service terminated with the following error: The specified module could not be found.
1/12/2011 7:08:32 AM, error: Service Control Manager [7023] - The HID Input Service service terminated with the following error: The specified module could not be found.
1/1/2007 12:34:03 AM, error: W32Time [34] - The time service has detected that the system time needs to be changed by +125765688 seconds. The time service will not change the system time by more than +54000 seconds. Verify that your time and time zone are correct, and that the time source time.windows.com (ntp.m|0x1|192.168.10.51:123->207.46.232.182:123) is working properly.
1/1/2007 12:10:58 AM, error: Dhcp [1002] - The IP address lease 192.168.10.50 for the Network Card with network address 001D097DF82A has been denied by the DHCP server 0.0.0.0 (The DHCP Server sent a DHCPNACK message).
1/1/2007 12:10:08 AM, error: Dhcp [1002] - The IP address lease 192.168.10.53 for the Network Card with network address 001D097DF82A has been denied by the DHCP server 0.0.0.0 (The DHCP Server sent a DHCPNACK message).
1/1/2007 12:01:27 AM, error: W32Time [34] - The time service has detected that the system time needs to be changed by +125772818 seconds. The time service will not change the system time by more than +54000 seconds. Verify that your time and time zone are correct, and that the time source time.windows.com (ntp.m|0x1|192.168.10.50:123->207.46.232.182:123) is working properly.
1/1/2007 12:01:01 AM, error: Dhcp [1002] - The IP address lease 192.168.1.3 for the Network Card with network address 001D097DF82A has been denied by the DHCP server 0.0.0.0 (The DHCP Server sent a DHCPNACK message).
1/1/2007 12:00:54 AM, error: Dhcp [1002] - The IP address lease 192.168.10.51 for the Network Card with network address 001D097DF82A has been denied by the DHCP server 0.0.0.0 (The DHCP Server sent a DHCPNACK message).
1/1/2007 10:57:36 PM, error: Service Control Manager [7034] - The Secunia PSI Agent service terminated unexpectedly. It has done this 1 time(s).

==== End Of File ===========================

 

[Broni]

Please, observe following rules:

• Read all of my instructions very carefully. Your mistakes during cleaning process may have very serious consequences, like unbootable computer.
• If you're stuck, or you're not sure about certain step, always ask before doing anything else.
• Please refrain from running tools or applying updates other than those I suggest.
• Never run more than one scan at a time.
• Keep updating me regarding your computer behavior, good, or bad.
• The cleaning process, once started, has to be completed. Even if your computer appears to act better, it may still be infected. Once the computer is totally clean, I'll certainly let you know.
• If you leave the topic without explanation in the middle of a cleaning process, you may not be eligible to receive any more help in malware removal forum.
• I close my topics if you have not replied in 5 days. If you need more time, simply let me know. If I closed your topic and you need it to be reopened, simply PM me.

=======================================================================

So far, I don't see much....

Download MBRCheck to your desktop

Double click MBRCheck.exe to run (Vista and Windows 7 users, right click and select Run as Administrator).
It will show a black screen with some data on it.
Enter N to exit.
A report called MBRcheckxxxx.txt will be on your desktop
Open this report and post its content in your next reply.

=======================================================================

Please download ComboFix from Here or Here to your Desktop.

**Note: In the event you already have Combofix, this is a new version that I need you to download. It is important that it is saved directly to your desktop**

1. Please, never rename Combofix unless instructed.
2. Close any open browsers.
3. Close/disable all anti virus and anti malware programs so they do not interfere with the running of ComboFix.
   • Very Important! Temporarily disable your anti-virus, script blocking and any anti-malware real-time protection before performing a scan. They can interfere with ComboFix or remove some of its embedded files which may cause "unpredictable results".
   • Click on this link to see a list of programs that should be disabled. The list is not all inclusive. If yours is not listed and you don't know how to disable it, please ask.
   NOTE1. If Combofix asks you to install Recovery Console, please allow it.
   NOTE 2. If Combofix asks you to update the program, always do so.
   • Close any open browsers.
   • WARNING: Combofix will disconnect your machine from the Internet as soon as it starts
   • Please do not attempt to re-connect your machine back to the Internet until Combofix has completely finished.
   • If there is no internet connection after running Combofix, then restart your computer to restore back your connection.
4. Double click on combofix.exe & follow the prompts.
5. When finished, it will produce a report for you.
6. Please post the "C:\ComboFix.txt"

**Note 1: Do not mouseclick combofix's window while it's running. That may cause it to stall
**Note 2 for AVG users: ComboFix will not run until AVG is uninstalled as a protective measure against the anti-virus. This is because AVG "falsely" detects ComboFix (or its embedded files) as a threat and may remove them resulting in the tool not working correctly which in turn can cause "unpredictable results". Since AVG cannot be effectively disabled before running ComboFix, the author recommends you to uninstall AVG first.
Use AppRemover to uninstall it: https://www.techspot.com/downloads/5514-appremover.html
We can reinstall it when we're done with CF.
**Note 3: If you receive an error "Illegal operation attempted on a registery key that has been marked for deletion", restart computer to fix the issue.



Make sure, you re-enable your security programs, when you're done with Combofix.

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

NOTE.
If, for some reason, Combofix refuses to run, try one of the following:

1. Run Combofix from Safe Mode.

2. Delete Combofix file, download fresh one, but rename combofix.exe to your_name.exe BEFORE saving it to your desktop.
Do NOT run it yet.

Please download and run the below tool named Rkill (courtesy of BleepingComputer.com) which may help allow other programs to run.

There are 4 different versions. If one of them won't run then download and try to run the other one.

Vista and Win7 users need to right click Rkill and choose Run as Administrator

You only need to get one of these to run, not all of them. You may get warnings from your antivirus about this tool, ignore them or shutdown your antivirus.

Rkill.com
Rkill.scr
Rkill.exe

• Double-click on the Rkill desktop icon to run the tool.
• If using Vista or Windows 7 right-click on it and choose Run As Administrator.
• A black DOS box will briefly flash and then disappear. This is normal and indicates the tool ran successfully.
• If not, delete the file, then download and use the one provided in Link 2.
• If it does not work, repeat the process and attempt to use one of the remaining links until the tool runs.
• Do not reboot until instructed.
• If the tool does not run from any of the links provided, please let me know.

Once you've gotten one of them to run, immediately run your_name.exe by double clicking on it.

If normal mode still doesn't work, run BOTH tools from safe mode.

In case #2, please post BOTH logs, rKill and Combofix.

DO NOT make any other changes to your computer (like installing programs, using other cleaning tools, etc.), until it's officially declared clean!!!

 

[merenwen]

Thanks! The computer is still having all the same issues I mentioned in my first post. Here are the logs:

MBRCheck, version 1.2.3
(c) 2010, AD

Command-line:
Windows Version: Windows XP Home Edition
Windows Information: Service Pack 3 (build 2600)
Logical Drives Mask: 0x0000001d

Kernel Drivers (total 125):
0x804D7000 \WINDOWS\system32\ntkrnlpa.exe
0x806E5000 \WINDOWS\system32\hal.dll
0xBA5A8000 \WINDOWS\system32\KDCOM.DLL
0xBA4B8000 \WINDOWS\system32\BOOTVID.dll
0xB9F79000 ACPI.sys
0xBA5AA000 \WINDOWS\system32\DRIVERS\WMILIB.SYS
0xB9F68000 pci.sys
0xBA0A8000 isapnp.sys
0xBA670000 pciide.sys
0xBA328000 \WINDOWS\system32\DRIVERS\PCIIDEX.SYS
0xBA0B8000 MountMgr.sys
0xB9F49000 ftdisk.sys
0xBA330000 PartMgr.sys
0xBA0C8000 VolSnap.sys
0xB9F31000 atapi.sys
0xBA338000 cercsr6.sys
0xB9F19000 \WINDOWS\System32\Drivers\SCSIPORT.SYS
0xBA0D8000 disk.sys
0xBA0E8000 \WINDOWS\system32\DRIVERS\CLASSPNP.SYS
0xB9EF9000 fltmgr.sys
0xB9EE7000 sr.sys
0xBA0F8000 PxHelp20.sys
0xB9ED0000 KSecDD.sys
0xB9EBD000 WudfPf.sys
0xB9E30000 Ntfs.sys
0xB9E03000 NDIS.sys
0xB9DE9000 Mup.sys
0xBA128000 \SystemRoot\system32\DRIVERS\intelppm.sys
0xB92CF000 \SystemRoot\system32\DRIVERS\igxpmp32.sys
0xB92BB000 \SystemRoot\system32\DRIVERS\VIDEOPRT.SYS
0xBA418000 \SystemRoot\system32\DRIVERS\usbuhci.sys
0xB9256000 \SystemRoot\system32\DRIVERS\USBPORT.SYS
0xBA420000 \SystemRoot\system32\DRIVERS\usbehci.sys
0xB922E000 \SystemRoot\system32\DRIVERS\HDAudBus.sys
0xBA428000 \SystemRoot\system32\DRIVERS\fdc.sys
0xBA138000 \SystemRoot\system32\DRIVERS\imapi.sys
0xBA148000 \SystemRoot\system32\DRIVERS\cdrom.sys
0xBA158000 \SystemRoot\system32\DRIVERS\redbook.sys
0xB920B000 \SystemRoot\system32\DRIVERS\ks.sys
0xBA430000 \SystemRoot\system32\DRIVERS\GEARAspiWDM.sys
0xBA7F0000 \SystemRoot\system32\DRIVERS\audstub.sys
0xBA168000 \SystemRoot\system32\DRIVERS\rasl2tp.sys
0xBA58C000 \SystemRoot\system32\DRIVERS\ndistapi.sys
0xB91F4000 \SystemRoot\system32\DRIVERS\ndiswan.sys
0xBA178000 \SystemRoot\system32\DRIVERS\raspppoe.sys
0xBA188000 \SystemRoot\system32\DRIVERS\raspptp.sys
0xBA440000 \SystemRoot\system32\DRIVERS\TDI.SYS
0xB91E3000 \SystemRoot\system32\DRIVERS\psched.sys
0xBA198000 \SystemRoot\system32\DRIVERS\msgpc.sys
0xBA448000 \SystemRoot\system32\DRIVERS\ptilink.sys
0xBA450000 \SystemRoot\system32\DRIVERS\raspti.sys
0xBA1A8000 \SystemRoot\system32\DRIVERS\termdd.sys
0xBA458000 \SystemRoot\system32\DRIVERS\kbdclass.sys
0xBA460000 \SystemRoot\system32\DRIVERS\mouclass.sys
0xBA5DC000 \SystemRoot\system32\DRIVERS\swenum.sys
0xB9185000 \SystemRoot\system32\DRIVERS\update.sys
0xBA598000 \SystemRoot\system32\DRIVERS\mssmbios.sys
0xBA470000 \SystemRoot\system32\DRIVERS\flpydisk.sys
0xBA1C8000 \SystemRoot\System32\Drivers\NDProxy.SYS
0xBA1E8000 \SystemRoot\system32\DRIVERS\usbhub.sys
0xBA5E2000 \SystemRoot\system32\DRIVERS\USBD.SYS
0xA8B6E000 \SystemRoot\system32\drivers\RtkHDAud.sys
0xA8B4A000 \SystemRoot\system32\drivers\portcls.sys
0xBA1F8000 \SystemRoot\system32\drivers\drmk.sys
0xBA5E8000 \SystemRoot\System32\Drivers\Fs_Rec.SYS
0xBA6B1000 \SystemRoot\System32\Drivers\Null.SYS
0xBA5EA000 \SystemRoot\System32\Drivers\Beep.SYS
0xBA488000 \SystemRoot\system32\DRIVERS\HIDPARSE.SYS
0xBA490000 \SystemRoot\System32\drivers\vga.sys
0xBA5EC000 \SystemRoot\System32\Drivers\mnmdd.SYS
0xBA5EE000 \SystemRoot\System32\DRIVERS\RDPCDD.sys
0xBA498000 \SystemRoot\System32\Drivers\Msfs.SYS
0xBA4A0000 \SystemRoot\System32\Drivers\Npfs.SYS
0xBA554000 \SystemRoot\system32\DRIVERS\rasacd.sys
0xA8AC7000 \SystemRoot\system32\DRIVERS\ipsec.sys
0xA8A6E000 \SystemRoot\system32\DRIVERS\tcpip.sys
0xA8A48000 \SystemRoot\system32\DRIVERS\ipnat.sys
0xBA218000 \SystemRoot\System32\Drivers\aswTdi.SYS
0xBA228000 \SystemRoot\system32\DRIVERS\wanarp.sys
0xA8A20000 \SystemRoot\system32\DRIVERS\netbt.sys
0xBA4A8000 \SystemRoot\System32\Drivers\aswRdr.SYS
0xA89FE000 \SystemRoot\System32\drivers\afd.sys
0xBA238000 \SystemRoot\system32\DRIVERS\netbios.sys
0xA89D3000 \SystemRoot\system32\DRIVERS\rdbss.sys
0xA8963000 \SystemRoot\system32\DRIVERS\mrxsmb.sys
0xBA248000 \SystemRoot\System32\Drivers\Fips.SYS
0xA891C000 \SystemRoot\System32\Drivers\aswSP.SYS
0xBA348000 \SystemRoot\System32\Drivers\Aavmker4.SYS
0xA8B1E000 \SystemRoot\system32\DRIVERS\hidusb.sys
0xBA268000 \SystemRoot\system32\DRIVERS\HIDCLASS.SYS
0xA88BB000 \SystemRoot\System32\Drivers\Udfs.SYS
0xBA3A0000 \SystemRoot\system32\DRIVERS\usbccgp.sys
0xA8B1A000 \SystemRoot\system32\DRIVERS\mouhid.sys
0xA8B12000 \SystemRoot\system32\DRIVERS\kbdhid.sys
0xA824B000 \SystemRoot\system32\DRIVERS\lvuvc.sys
0xBA278000 \SystemRoot\system32\drivers\usbaudio.sys
0xA820B000 \SystemRoot\system32\DRIVERS\lvrs.sys
0xA81F3000 \SystemRoot\System32\Drivers\dump_atapi.sys
0xBA612000 \SystemRoot\System32\Drivers\dump_WMILIB.SYS
0xBF800000 \SystemRoot\System32\win32k.sys
0xA8AFE000 \SystemRoot\System32\drivers\Dxapi.sys
0xBA3B8000 \SystemRoot\System32\watchdog.sys
0xBF000000 \SystemRoot\System32\drivers\dxg.sys
0xBA727000 \SystemRoot\System32\drivers\dxgthk.sys
0xBF024000 \SystemRoot\System32\igxpgd32.dll
0xBF012000 \SystemRoot\System32\igxprd32.dll
0xBF04E000 \SystemRoot\System32\igxpdv32.DLL
0xBF1F2000 \SystemRoot\System32\igxpdx32.DLL
0xBF48D000 \SystemRoot\System32\ATMFD.DLL
0xA8143000 \SystemRoot\System32\Drivers\aswFsBlk.SYS
0xA80D7000 \SystemRoot\system32\DRIVERS\ndisuio.sys
0xA7F34000 \SystemRoot\System32\Drivers\aswMon2.SYS
0xA7C9F000 \SystemRoot\system32\drivers\wdmaud.sys
0xA7E7C000 \SystemRoot\system32\drivers\sysaudio.sys
0xA77EA000 \SystemRoot\system32\DRIVERS\mrxdav.sys
0xA74EA000 \SystemRoot\system32\DRIVERS\srv.sys
0xBA380000 \SystemRoot\system32\DRIVERS\LVPr2Mon.sys
0xA6F37000 \SystemRoot\System32\Drivers\HTTP.sys
0xA6CC4000 \??\C:\DOCUME~1\Shaina\LOCALS~1\Temp\fxdyqfob.sys
0xA6C58000 \SystemRoot\system32\DRIVERS\e1e5132.sys
0xBA378000 \??\C:\DOCUME~1\Shaina\LOCALS~1\Temp\mbr.sys
0xA7692000 \SystemRoot\system32\DRIVERS\usbscan.sys
0xBA4B0000 \SystemRoot\system32\DRIVERS\usbprint.sys
0xBA390000 \SystemRoot\system32\DRIVERS\USBSTOR.SYS
0x7C900000 \WINDOWS\system32\ntdll.dll

Processes (total 50):
0 System Idle Process
4 System
624 C:\WINDOWS\system32\smss.exe
688 csrss.exe
720 C:\WINDOWS\system32\winlogon.exe
764 C:\WINDOWS\system32\services.exe
784 C:\WINDOWS\system32\lsass.exe
948 C:\WINDOWS\system32\svchost.exe
1020 svchost.exe
1116 C:\WINDOWS\system32\svchost.exe
1156 C:\WINDOWS\system32\svchost.exe
1204 svchost.exe
1316 svchost.exe
1464 C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
1656 C:\WINDOWS\explorer.exe
1944 C:\WINDOWS\system32\spoolsv.exe
440 C:\WINDOWS\system32\hkcmd.exe
448 C:\WINDOWS\system32\igfxpers.exe
456 C:\WINDOWS\RTHDCPL.exe
472 C:\Program Files\Common Files\Java\Java Update\jusched.exe
480 C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe
484 C:\Program Files\Adobe\Acrobat 7.0\Distillr\acrotray.exe
500 C:\Program Files\Common Files\Real\Update_OB\realsched.exe
508 C:\Program Files\Logitech\Logitech WebCam Software\LWS.exe
520 C:\Program Files\Canon\MyPrinter\BJMYPRT.EXE
648 C:\Program Files\iTunes\iTunesHelper.exe
644 C:\WINDOWS\system32\igfxsrvc.exe
640 C:\Program Files\Canon\Canon IJ Network Scan Utility\CNMNSUT.EXE
788 C:\Program Files\Alwil Software\Avast5\AvastUI.exe
1144 C:\Program Files\Logitech\Vid HD\Vid.exe
1212 C:\WINDOWS\system32\ctfmon.exe
1220 C:\Program Files\Skype\Phone\Skype.exe
1528 svchost.exe
1572 C:\Program Files\Common Files\LogiShrd\LQCVFX\COCIManager.exe
2076 C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
2168 C:\Program Files\Java\jre6\bin\jqs.exe
2284 C:\Program Files\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exe
2396 C:\Program Files\Secunia\PSI\psia.exe
2536 C:\Program Files\Secunia\PSI\psi_tray.exe
2548 C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE
2764 C:\WINDOWS\system32\svchost.exe
3116 C:\Program Files\Skype\Plugin Manager\skypePM.exe
3660 C:\Program Files\iPod\bin\iPodService.exe
124 alg.exe
3180 C:\WINDOWS\system32\svchost.exe
1992 C:\Program Files\Mozilla Firefox\firefox.exe
200 C:\Program Files\Mozilla Firefox\plugin-container.exe
2968 C:\Program Files\Adobe\Reader 10.0\Reader\AcroRd32.exe
2788 C:\Program Files\Adobe\Reader 10.0\Reader\AcroRd32.exe
412 C:\Documents and Settings\Shaina\Desktop\MBRCheck.exe

\\.\C: --> \\.\PhysicalDrive0 at offset 0x00000000`00007e00 (NTFS)

PhysicalDrive0 Model Number: SAMSUNGHD161HJ, Rev: JF100-22

Size Device Name MBR Status
--------------------------------------------
149 GB \\.\PhysicalDrive0 Windows XP MBR code detected
SHA1: DA38B874B7713D1B51CBC449F4EF809B0DEC644A


Done!

----------------------------------------------

ComboFix 11-02-09.05 - Shaina 01/02/2007 14:20:36.5.2 - x86
Microsoft Windows XP Home Edition 5.1.2600.3.1252.1.1033.18.2037.1645 [GMT -5:00]
Running from: c:\documents and settings\Shaina\Desktop\ComboFix.exe
AV: avast! Antivirus *Disabled/Updated* {7591DB91-41F0-48A3-B128-1A293FD8233D}
.

((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.

c:\windows\system\winspool.drv

Infected copy of c:\windows\system32\msgsvc.dll was found and disinfected
Restored copy from - c:\windows\ERDNT\cache\msgsvc.dll

.
((((((((((((((((((((((((( Files Created from 2006-12-02 to 2007-01-02 )))))))))))))))))))))))))))))))
.

2010-07-16 11:06 . 2010-07-16 11:06 -------- d-----w- C:\spoolerlogs
2009-08-16 07:03 . 2009-08-16 07:03 -------- d-----w- C:\d9c274b78117274c21c3
2008-02-28 23:10 . 2008-02-28 23:10 -------- d-----r- C:\MSOCache
2008-01-29 04:20 . 2010-08-06 01:10 -------- d-----w- C:\MDT

.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2011-01-21 14:44 . 2004-08-04 10:00 439296 ----a-w- c:\windows\system32\shimgvw.dll
2011-01-07 14:09 . 2004-08-04 10:00 290048 ----a-w- c:\windows\system32\atmfd.dll
2011-01-03 15:02 . 2004-08-04 10:00 26112 ----a-w- c:\windows\system32\userinit.exe
2010-12-31 13:10 . 2004-08-04 10:00 1854976 ----a-w- c:\windows\system32\win32k.sys
2010-12-22 12:34 . 2004-08-04 10:00 301568 ----a-w- c:\windows\system32\kerberos.dll
2010-12-20 23:59 . 2006-03-04 03:33 916480 ----a-w- c:\windows\system32\wininet.dll
2010-12-20 23:59 . 2004-08-04 10:00 43520 ----a-w- c:\windows\system32\licmgr10.dll
2010-12-20 23:59 . 2004-08-04 10:00 1469440 ------w- c:\windows\system32\inetcpl.cpl
2010-12-20 17:26 . 2004-08-04 10:00 730112 ----a-w- c:\windows\system32\lsasrv.dll
2010-12-20 12:55 . 2004-08-04 10:00 385024 ----a-w- c:\windows\system32\html.iec
2010-12-09 15:15 . 2004-08-04 10:00 718336 ----a-w- c:\windows\system32\ntdll.dll
2010-12-09 14:30 . 2004-08-04 10:00 33280 ----a-w- c:\windows\system32\csrsrv.dll
2010-12-09 13:42 . 2005-03-30 01:21 2148864 ----a-w- c:\windows\system32\ntoskrnl.exe
2010-12-09 13:07 . 2005-03-30 01:01 2027008 ----a-w- c:\windows\system32\ntkrnlpa.exe
2010-11-09 14:52 . 2004-08-04 10:00 249856 ----a-w- c:\windows\system32\odbc32.dll
2010-11-02 15:17 . 2004-08-04 10:00 40960 ----a-w- c:\windows\system32\drivers\ndproxy.sys
2010-09-18 16:23 . 2004-08-04 10:00 974848 ----a-w- c:\windows\system32\mfc42u.dll
2010-09-18 06:53 . 2004-08-04 10:00 974848 ----a-w- c:\windows\system32\mfc42.dll
2010-09-18 06:53 . 2004-08-04 10:00 954368 ----a-w- c:\windows\system32\mfc40.dll
2010-09-18 06:53 . 2004-08-04 10:00 953856 ----a-w- c:\windows\system32\mfc40u.dll
2010-08-27 08:02 . 2004-08-04 10:00 119808 ----a-w- c:\windows\system32\t2embed.dll
2010-08-27 05:57 . 2004-08-04 10:00 99840 ----a-w- c:\windows\system32\srvsvc.dll
2010-08-26 13:39 . 2004-08-04 10:00 357248 ----a-w- c:\windows\system32\drivers\srv.sys
2010-08-23 16:12 . 2004-08-04 10:00 617472 ----a-w- c:\windows\system32\comctl32.dll
2010-08-17 13:17 . 2004-08-04 10:00 58880 ----a-w- c:\windows\system32\spoolsv.exe
2010-08-16 08:45 . 2004-08-04 10:00 590848 ----a-w- c:\windows\system32\rpcrt4.dll
2010-08-11 02:55 . 2004-08-04 10:00 42112 ----a-w- c:\windows\system32\drivers\imapi.sys
2010-07-16 12:05 . 2004-08-04 10:00 1288192 ----a-w- c:\windows\system32\ole32.dll
2010-06-30 12:31 . 2004-08-04 10:00 149504 ----a-w- c:\windows\system32\schannel.dll
2010-06-18 17:45 . 2004-08-04 10:00 293376 ----a-w- c:\windows\system32\winsrv.dll
2010-06-17 14:03 . 2004-08-04 10:00 80384 ----a-w- c:\windows\system32\iccvid.dll
2010-06-15 16:17 . 2004-08-04 10:00 143422 ----a-w- c:\windows\system32\l3codecx.ax
2010-06-14 14:31 . 2008-01-20 16:35 744448 ----a-w- c:\windows\pchealth\helpctr\binaries\helpsvc.exe
2010-06-14 07:41 . 2004-08-04 10:00 1172480 ----a-w- c:\windows\system32\msxml3.dll
2010-04-16 15:36 . 2004-08-04 10:00 406016 ----a-w- c:\windows\system32\usp10.dll
2010-03-31 01:58 . 2006-07-24 08:00 44944 ------w- c:\windows\system32\drivers\pxhelp20.sys
2010-03-30 16:24 . 2006-10-19 02:47 317440 ------w- c:\windows\system32\mp4sdecd.dll
2010-03-30 04:52 . 2004-08-04 10:00 262416 ----a-w- c:\windows\system32\mpg4ds32.ax
2010-03-10 06:15 . 2004-08-04 10:00 420352 ----a-w- c:\windows\system32\vbscript.dll
2010-03-05 14:37 . 2004-08-04 10:00 65536 ----a-w- c:\windows\system32\asycfilt.dll
2010-02-24 13:11 . 2004-08-04 10:00 455680 ----a-w- c:\windows\system32\drivers\mrxsmb.sys
2010-02-12 04:33 . 2004-08-04 10:00 100864 ----a-w- c:\windows\system32\6to4svc.dll
2010-02-11 12:02 . 2004-08-04 10:00 226880 ----a-w- c:\windows\system32\drivers\tcpip6.sys
2010-02-05 18:27 . 2004-08-04 10:00 1291776 ----a-w- c:\windows\system32\quartz.dll
2010-01-13 14:01 . 2004-08-04 10:00 86016 ----a-w- c:\windows\system32\cabview.dll
2009-12-24 06:59 . 2004-08-04 10:00 177664 ----a-w- c:\windows\system32\wintrust.dll
2009-11-27 17:11 . 2004-08-04 00:56 17920 ----a-w- c:\windows\system32\msyuv.dll
2009-11-27 16:07 . 2004-08-04 10:00 28672 ----a-w- c:\windows\system32\msvidc32.dll
2009-11-27 16:07 . 2001-08-17 22:36 8704 ----a-w- c:\windows\system32\tsbyuv.dll
2009-11-27 16:07 . 2004-08-04 10:00 84992 ----a-w- c:\windows\system32\avifil32.dll
2009-11-27 16:07 . 2004-08-04 10:00 11264 ----a-w- c:\windows\system32\msrle32.dll
2009-11-27 16:07 . 2004-08-04 00:56 48128 ----a-w- c:\windows\system32\iyuv_32.dll
2009-11-21 15:51 . 2004-08-04 10:00 471552 ----a-w- c:\windows\apppatch\aclayers.dll
2009-10-21 05:38 . 2004-08-04 10:00 75776 ----a-w- c:\windows\system32\strmfilt.dll
2009-10-21 05:38 . 2004-08-04 10:00 25088 ----a-w- c:\windows\system32\httpapi.dll
2009-10-20 16:20 . 2004-08-04 10:00 265728 ----a-w- c:\windows\system32\drivers\http.sys
2009-10-15 16:28 . 2004-08-04 10:00 81920 ----a-w- c:\windows\system32\fontsub.dll
2009-10-13 10:30 . 2004-08-04 10:00 270336 ----a-w- c:\windows\system32\oakley.dll
2009-10-12 13:38 . 2004-08-04 10:00 149504 ----a-w- c:\windows\system32\rastls.dll
2009-10-12 13:38 . 2004-08-04 10:00 79872 ----a-w- c:\windows\system32\raschap.dll
2009-09-11 14:18 . 2004-08-04 10:00 136192 ----a-w- c:\windows\system32\msv1_0.dll
2009-09-04 21:03 . 2004-08-04 10:00 58880 ----a-w- c:\windows\system32\msasn1.dll
2009-09-01 14:46 . 2004-08-04 10:00 282654 ----a-w- c:\windows\system32\msaud32.acm
2009-08-26 08:00 . 2004-08-04 10:00 247326 ----a-w- c:\windows\system32\strmdll.dll
2009-08-25 09:17 . 2004-08-04 10:00 354816 ----a-w- c:\windows\system32\winhttp.dll
2009-08-06 23:24 . 2004-08-04 10:00 96480 ----a-w- c:\windows\system32\cdm.dll
2009-08-05 09:01 . 2004-08-04 10:00 204800 ----a-w- c:\windows\system32\mswebdvd.dll
2009-07-17 19:01 . 2004-08-04 10:00 58880 ----a-w- c:\windows\system32\atl.dll
2009-07-17 16:22 . 2004-08-04 10:00 1435648 ----a-w- c:\windows\system32\query.dll
2009-07-14 03:43 . 2004-08-04 10:00 286208 ----a-w- c:\windows\system32\wmpdxm.dll
2009-06-25 08:25 . 2004-08-04 10:00 56832 ----a-w- c:\windows\system32\secur32.dll
2009-06-25 08:25 . 2004-08-04 10:00 54272 ----a-w- c:\windows\system32\wdigest.dll
2009-06-24 11:18 . 2004-08-04 10:00 92928 ----a-w- c:\windows\system32\drivers\ksecdd.sys
2009-06-12 12:31 . 2004-08-04 10:00 76288 ----a-w- c:\windows\system32\telnet.exe
2009-06-10 06:14 . 2004-08-04 10:00 132096 ----a-w- c:\windows\system32\wkssvc.dll
2009-05-07 15:32 . 2004-08-04 10:00 345600 ----a-w- c:\windows\system32\localspl.dll
2009-04-02 03:02 . 2004-08-04 10:00 604160 ----a-w- c:\windows\system32\wmspdmod.dll
2009-03-08 08:33 . 2004-08-04 10:00 18944 ----a-w- c:\windows\system32\corpol.dll
2009-03-08 08:32 . 2004-08-04 10:00 72704 ----a-w- c:\windows\system32\admparse.dll
2009-03-08 08:32 . 2004-08-04 10:00 71680 ----a-w- c:\windows\system32\iesetup.dll
2009-03-08 08:31 . 2004-08-04 10:00 34816 ----a-w- c:\windows\system32\imgutil.dll
2009-03-08 08:31 . 2004-08-04 10:00 48128 ----a-w- c:\windows\system32\mshtmler.dll
2009-03-08 08:31 . 2004-08-04 10:00 45568 ----a-w- c:\windows\system32\mshta.exe
2009-03-08 08:31 . 2004-08-04 10:00 1638912 ----a-w- c:\windows\system32\mshtml.tlb
2009-03-08 08:30 . 2004-08-04 10:00 66560 ----a-w- c:\windows\system32\tdc.ocx
2009-03-08 08:22 . 2004-08-04 10:00 156160 ----a-w- c:\windows\system32\msls31.dll
2009-03-06 14:22 . 2004-08-04 10:00 284160 ----a-w- c:\windows\system32\pdh.dll
2009-02-09 12:10 . 2004-08-04 10:00 617472 ----a-w- c:\windows\system32\advapi32.dll
2009-02-09 12:10 . 2004-08-04 10:00 401408 ----a-w- c:\windows\system32\rpcss.dll
2009-02-06 11:11 . 2004-08-04 10:00 110592 ----a-w- c:\windows\system32\services.exe
2009-02-06 10:39 . 2004-08-04 10:00 35328 ----a-w- c:\windows\system32\sc.exe
2008-10-23 12:36 . 2004-08-04 10:00 286720 ----a-w- c:\windows\system32\gdi32.dll
2008-08-14 10:04 . 2004-08-04 10:00 138496 ----a-w- c:\windows\system32\drivers\afd.sys
2008-07-07 20:26 . 2004-08-04 10:00 253952 ----a-w- c:\windows\system32\es.dll
2008-06-24 22:12 . 2006-10-19 02:47 295936 ------w- c:\windows\system32\wmpeffects.dll
2008-06-24 16:43 . 2004-08-04 10:00 74240 ----a-w- c:\windows\system32\mscms.dll
2008-06-20 17:46 . 2004-08-04 10:00 245248 ----a-w- c:\windows\system32\mswsock.dll
2008-06-20 11:51 . 2004-08-04 10:00 361600 ----a-w- c:\windows\system32\drivers\tcpip.sys
2008-06-18 10:03 . 2004-08-04 10:00 938496 ----a-w- c:\windows\system32\WMNetmgr.dll
2008-06-18 06:09 . 2004-08-04 10:00 100864 ----a-w- c:\windows\system32\logagent.exe
.

((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Logitech Vid"="c:\program files\Logitech\Vid HD\Vid.exe" [2010-10-29 5915480]
"Skype"="c:\program files\Skype\Phone\Skype.exe" [2011-01-26 15026056]
"ctfmon.exe"="c:\windows\system32\ctfmon.exe" [2008-04-14 15360]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2007-04-17 142104]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2007-04-17 162584]
"Persistence"="c:\windows\system32\igfxpers.exe" [2007-04-17 138008]
"RTHDCPL"="RTHDCPL.EXE" [2007-04-26 16132608]
"RoxWatchTray"="c:\program files\Common Files\Roxio Shared\9.0\SharedCOM\RoxWatchTray9.exe" [2006-11-05 221184]
"SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2010-05-14 248552]
"GrooveMonitor"="c:\program files\Microsoft Office\Office12\GrooveMonitor.exe" [2008-10-25 31072]
"Acrobat Assistant 7.0"="c:\program files\Adobe\Acrobat 7.0\Distillr\Acrotray.exe" [2004-12-14 483328]
"TkBellExe"="c:\program files\Common Files\Real\Update_OB\realsched.exe" [2010-04-08 202256]
"LogitechQuickCamRibbon"="c:\program files\Logitech\Logitech WebCam Software\LWS.exe" [2009-10-14 2793304]
"CanonMyPrinter"="c:\program files\Canon\MyPrinter\BJMyPrt.exe" [2008-03-18 1848648]
"CanonSolutionMenu"="c:\program files\Canon\SolutionMenu\CNSLMAIN.exe" [2008-12-12 722256]
"QuickTime Task"="c:\program files\QuickTime\QTTask.exe" [2010-09-08 421888]
"iTunesHelper"="c:\program files\iTunes\iTunesHelper.exe" [2010-11-18 421160]
"IJNetworkScanUtility"="c:\program files\Canon\Canon IJ Network Scan Utility\CNMNSUT.EXE" [2007-05-21 124512]
"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 10.0\Reader\Reader_sl.exe" [2011-01-30 35736]
"Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2010-11-10 932288]
"avast5"="c:\program files\Alwil Software\Avast5\avastUI.exe" [2011-01-13 3396624]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"RunNarrator"="Narrator.exe" [2008-04-14 53760]

c:\documents and settings\Shaina\Start Menu\Programs\Startup\
OneNote 2007 Screen Clipper and Launcher.lnk - c:\program files\Microsoft Office\Office12\ONENOTEM.EXE [2009-2-26 97680]
OneNote Table Of Contents.onetoc2 [2010-10-18 3656]

c:\documents and settings\All Users\Start Menu\Programs\Startup\
Adobe Acrobat Speed Launcher.lnk - c:\windows\Installer\{AC76BA86-1033-0000-7760-100000000002}\SC_Acrobat.exe [2009-3-25 25214]
Secunia PSI Tray.lnk - c:\program files\Secunia\PSI\psi_tray.exe [2011-1-10 291896]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager]
BootExecute REG_MULTI_SZ autocheck autochk *\0c:\progra~1\AVG\AVG10\avgchsvx.exe /sync\0c:\progra~1\AVG\AVG10\avgrsx.exe /sync /restart

[HKEY_LOCAL_MACHINE\software\microsoft\security center]
"AntiVirusOverride"=dword:00000001

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"c:\\Program Files\\ABC\\abc.exe"=
"c:\\Program Files\\Microsoft Office\\Office12\\OUTLOOK.EXE"=
"c:\\Program Files\\Microsoft Office\\Office12\\GROOVE.EXE"=
"c:\\Program Files\\Microsoft Office\\Office12\\ONENOTE.EXE"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"c:\\Program Files\\VideoLAN\\VLC\\vlc.exe"=
"c:\\Program Files\\FrostWire\\FrostWire.exe"=
"c:\\Program Files\\iTunes\\iTunes.exe"=
"c:\\Program Files\\Mozilla Firefox\\firefox.exe"=
"c:\\Program Files\\Logitech\\Vid HD\\Vid.exe"=
"c:\\Program Files\\Skype\\Phone\\Skype.exe"=
"c:\\Program Files\\Skype\\Plugin Manager\\skypePM.exe"=

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"28403:TCP"= 28403:TCP:LimeWire1
"17563:TCP"= 17563:TCP:abc1
"6346:TCP"= 6346:TCP:Limewire2
"11095:TCP"= 11095:TCP:limewire 4.16.7

R1 aswSP;aswSP;c:\windows\system32\drivers\aswSP.sys [1/29/2011 11:27 PM 294608]
R2 aswFsBlk;aswFsBlk;c:\windows\system32\drivers\aswFsBlk.sys [1/29/2011 11:27 PM 17744]
R2 Secunia PSI Agent;Secunia PSI Agent;c:\program files\Secunia\PSI\psia.exe [1/10/2011 9:24 AM 993848]
S2 gupdate1ca1bc6c8bc7930;Google Update Service (gupdate1ca1bc6c8bc7930);c:\program files\Google\Update\GoogleUpdate.exe [8/12/2009 10:33 PM 133104]
S3 Lavasoft Kernexplorer;Lavasoft helper driver;\??\c:\program files\Lavasoft\Ad-Aware\KernExplorer.sys --> c:\program files\Lavasoft\Ad-Aware\KernExplorer.sys [?]
S3 PSI;PSI;c:\windows\system32\drivers\psi_mf.sys [9/1/2010 3:30 AM 15544]
.
Contents of the 'Scheduled Tasks' folder

2011-02-07 c:\windows\Tasks\AppleSoftwareUpdate.job
- c:\program files\Apple Software Update\SoftwareUpdate.exe [2008-07-30 16:34]

2007-01-02 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files\Google\Update\GoogleUpdate.exe [2009-08-13 03:32]

2011-02-10 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files\Google\Update\GoogleUpdate.exe [2009-08-13 03:32]

2007-01-02 c:\windows\Tasks\RealUpgradeLogonTaskS-1-5-21-1757981266-220523388-839522115-1004.job
- c:\program files\Real\RealUpgrade\realupgrade.exe [2010-02-25 02:09]

2011-02-03 c:\windows\Tasks\RealUpgradeScheduledTaskS-1-5-21-1757981266-220523388-839522115-1004.job
- c:\program files\Real\RealUpgrade\realupgrade.exe [2010-02-25 02:09]
.
.
------- Supplementary Scan -------
.
uStart Page = hxxp://www.google.com/
IE: Convert link target to Adobe PDF - c:\program files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
IE: Convert link target to existing PDF - c:\program files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
IE: Convert selected links to Adobe PDF - c:\program files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECaptureSelLinks.html
IE: Convert selected links to existing PDF - c:\program files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppendSelLinks.html
IE: Convert selection to Adobe PDF - c:\program files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
IE: Convert selection to existing PDF - c:\program files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
IE: Convert to Adobe PDF - c:\program files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
IE: Convert to existing PDF - c:\program files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
IE: E&xport to Microsoft Excel - c:\progra~1\MICROS~2\Office12\EXCEL.EXE/3000
FF - ProfilePath - c:\documents and settings\Shaina\Application Data\Mozilla\Firefox\Profiles\0fq2dssd.default\
FF - prefs.js: browser.search.defaulturl - hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT2260173&SearchSource=3&q={searchTerms}
FF - prefs.js: network.proxy.type - 0
FF - Ext: Download Statusbar: {D4DD63FA-01E4-46a7-B6B1-EDAB7D6AD389} - %profile%\extensions\{D4DD63FA-01E4-46a7-B6B1-EDAB7D6AD389}
FF - Ext: Forecastfox Weather: {0538E3E3-7E9B-4d49-8831-A227C80A7AD3} - %profile%\extensions\{0538E3E3-7E9B-4d49-8831-A227C80A7AD3}
FF - Ext: PDF Download: {37E4D8EA-8BDA-4831-8EA1-89053939A250} - %profile%\extensions\{37E4D8EA-8BDA-4831-8EA1-89053939A250}
FF - Ext: Adblock Plus: {d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d} - %profile%\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}
FF - Ext: Tab Mix Plus: {dc572301-7619-498c-a57d-39143191b318} - %profile%\extensions\{dc572301-7619-498c-a57d-39143191b318}
FF - Ext: FireShot: {0b457cAA-602d-484a-8fe7-c1d894a011ba} - %profile%\extensions\{0b457cAA-602d-484a-8fe7-c1d894a011ba}
FF - Ext: WOT: {a0d7ccb3-214d-498b-b4aa-0e8fda9a7bf7} - %profile%\extensions\{a0d7ccb3-214d-498b-b4aa-0e8fda9a7bf7}
FF - Ext: Default: {972ce4c6-7e08-4474-a285-3208198ce6fd} - c:\program files\Mozilla Firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
FF - Ext: Java Console: {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA} - c:\program files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}
FF - Ext: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension
FF - user.js: yahoo.homepage.dontask - true);user_pref(network.protocol-handler.warn-external.dnupdate, false
.

**************************************************************************

catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2007-01-02 14:31
Windows 5.1.2600 Service Pack 3 NTFS

scanning hidden processes ...

scanning hidden autostart entries ...

scanning hidden files ...

scan completed successfully
hidden files: 0

**************************************************************************
.
--------------------- DLLs Loaded Under Running Processes ---------------------

- - - - - - - > 'explorer.exe'(3488)
c:\windows\system32\WININET.dll
c:\windows\TEMP\logishrd\LVPrcInj01.dll
c:\windows\WinSxS\x86_Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.4053_x-ww_e6967989\MSVCR80.dll
c:\progra~1\WINDOW~2\wmpband.dll
c:\windows\system32\ieframe.dll
c:\windows\system32\webcheck.dll
c:\windows\system32\WPDShServiceObj.dll
c:\windows\system32\PortableDeviceTypes.dll
c:\windows\system32\PortableDeviceApi.dll
.
------------------------ Other Running Processes ------------------------
.
c:\program files\Alwil Software\Avast5\AvastSvc.exe
c:\windows\RTHDCPL.EXE
c:\windows\system32\igfxsrvc.exe
c:\program files\Common Files\Logishrd\LQCVFX\COCIManager.exe
c:\program files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
c:\program files\Java\jre6\bin\jqs.exe
c:\program files\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exe
c:\program files\Skype\Plugin Manager\skypePM.exe
c:\program files\iPod\bin\iPodService.exe
.
**************************************************************************
.
Completion time: 2007-01-02 14:37:37 - machine was rebooted
ComboFix-quarantined-files.txt 2007-01-02 19:37

Pre-Run: 13,350,244,352 bytes free
Post-Run: 13,338,796,032 bytes free

- - End Of File - - D92F6B3D77EC5ADB2E989EDA2AB2C432

 

[Broni]

Download OTL to your Desktop.

• Double click on the icon to run it. Make sure all other windows are closed and to let it run uninterrupted.
• Click the Scan All Users checkbox.
• Under the Custom Scan box paste this in:

netsvcs
drivers32
%SYSTEMDRIVE%\*.*
%systemroot%\Fonts\*.com
%systemroot%\Fonts\*.dll
%systemroot%\Fonts\*.ini
%systemroot%\Fonts\*.ini2
%systemroot%\Fonts\*.exe
%systemroot%\system32\spool\prtprocs\w32x86\*.*
%systemroot%\REPAIR\*.bak1
%systemroot%\REPAIR\*.ini
%systemroot%\system32\*.jpg
%systemroot%\*.jpg
%systemroot%\*.png
%systemroot%\*.scr
%systemroot%\*._sy
%APPDATA%\Adobe\Update\*.*
%ALLUSERSPROFILE%\Favorites\*.*
%APPDATA%\Microsoft\*.*
%PROGRAMFILES%\*.*
%APPDATA%\Update\*.*
%systemroot%\*. /mp /s
CREATERESTOREPOINT
%systemroot%\System32\config\*.sav
%PROGRAMFILES%\bak. /s
%systemroot%\system32\bak. /s
%ALLUSERSPROFILE%\Start Menu\*.lnk /x
%systemroot%\system32\config\systemprofile\*.dat /x
%systemroot%\*.config
%systemroot%\system32\*.db
%APPDATA%\Microsoft\Internet Explorer\Quick Launch\*.lnk /x
%USERPROFILE%\Desktop\*.exe
%PROGRAMFILES%\Common Files\*.*
%systemroot%\*.src
%systemroot%\install\*.*
%systemroot%\system32\DLL\*.*
%systemroot%\system32\HelpFiles\*.*
%systemroot%\system32\rundll\*.*
%systemroot%\winn32\*.*
%systemroot%\Java\*.*
%systemroot%\system32\test\*.*
%systemroot%\system32\Rundll32\*.*
%systemroot%\AppPatch\Custom\*.*
%APPDATA%\Roaming\Microsoft\Windows\Recent\*.lnk /x
%PROGRAMFILES%\PC-Doctor\Downloads\*.*
%PROGRAMFILES%\Internet Explorer\*.tmp
%PROGRAMFILES%\Internet Explorer\*.dat
%USERPROFILE%\My Documents\*.exe
%USERPROFILE%\*.exe
%systemroot%\ADDINS\*.*
%systemroot%\assembly\*.bak2
%systemroot%\Config\*.*
%systemroot%\REPAIR\*.bak2
%systemroot%\SECURITY\Database\*.sdb /x
%systemroot%\SYSTEM\*.bak2
%systemroot%\Web\*.bak2
%systemroot%\Driver Cache\*.*
%PROGRAMFILES%\Mozilla Firefox\0*.exe
%ProgramFiles%\Microsoft Common\*.*
%ProgramFiles%\TinyProxy.
%USERPROFILE%\Favorites\*.url /x
%systemroot%\system32\*.bk
%systemroot%\*.te
%systemroot%\system32\system32\*.*
%ALLUSERSPROFILE%\*.dat /x
%systemroot%\system32\drivers\*.rmv
dir /b "%systemroot%\system32\*.exe" | find /i " " /c
dir /b "%systemroot%\*.exe" | find /i " " /c
%PROGRAMFILES%\Microsoft\*.*
%systemroot%\System32\Wbem\proquota.exe
%PROGRAMFILES%\Mozilla Firefox\*.dat
%USERPROFILE%\Cookies\*.txt /x
%SystemRoot%\system32\fonts\*.*
%systemroot%\system32\winlog\*.*
%systemroot%\system32\Language\*.*
%systemroot%\system32\Settings\*.*
%systemroot%\system32\*.quo
%SYSTEMROOT%\AppPatch\*.exe
%SYSTEMROOT%\inf\*.exe
%SYSTEMROOT%\Installer\*.exe
%systemroot%\system32\config\*.bak2
%systemroot%\system32\Computers\*.*
%SystemRoot%\system32\Sound\*.*
%SystemRoot%\system32\SpecialImg\*.*
%SystemRoot%\system32\code\*.*
%SystemRoot%\system32\draft\*.*
%SystemRoot%\system32\MSSSys\*.*
%ProgramFiles%\Javascript\*.*
%systemroot%\pchealth\helpctr\System\*.exe /s
%systemroot%\Web\*.exe
%systemroot%\system32\msn\*.*
%systemroot%\system32\*.tro
%AppData%\Microsoft\Installer\msupdates\*.*
%ProgramFiles%\Messenger\*.*
%systemroot%\system32\systhem32\*.*
%systemroot%\system\*.exe
HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate\AU
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update\Results\Install|LastSuccessTime /rs
/md5start
/md5stop

• Click the Quick Scan button. Do not change any settings unless otherwise told to do so. The scan wont take long.
• When the scan completes, it will open two notepad windows: OTL.txt and Extras.txt. These are saved in the same location as OTL.
• Please copy (Edit->Select All, Edit->Copy) the contents of these files, one at a time, and post them back here.

 

[merenwen]

Here you go!


OTL logfile created on: 1/2/2007 6:34:40 PM - Run 1
OTL by OldTimer - Version 3.2.20.6 Folder = C:\Documents and Settings\Shaina\Desktop
Windows XP Home Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

2.00 Gb Total Physical Memory | 1.00 Gb Available Physical Memory | 52.00% Memory free
5.00 Gb Paging File | 4.00 Gb Available in Paging File | 73.00% Paging File free
Paging file location(s): C:\pagefile.sys 3072 5120 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 149.00 Gb Total Space | 12.44 Gb Free Space | 8.35% Space Free | Partition Type: NTFS
Drive D: | 1.55 Gb Total Space | 0.00 Gb Free Space | 0.00% Space Free | Partition Type: UDF

Computer Name: ARONHOMEPC | User Name: Shaina | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Quick Scan
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2011/01/13 03:47:34 | 003,396,624 | ---- | M] (AVAST Software) -- C:\Program Files\Alwil Software\Avast5\AvastUI.exe
PRC - [2011/01/13 03:47:33 | 000,040,384 | ---- | M] (AVAST Software) -- C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
PRC - [2011/01/10 09:24:20 | 000,993,848 | ---- | M] (Secunia) -- C:\Program Files\Secunia\PSI\psia.exe
PRC - [2011/01/10 09:24:20 | 000,291,896 | ---- | M] (Secunia) -- C:\Program Files\Secunia\PSI\psi_tray.exe
PRC - [2011/01/02 19:19:48 | 000,016,856 | ---- | M] (Mozilla Corporation) -- C:\Program Files\Mozilla Firefox\plugin-container.exe
PRC - [2011/01/02 19:19:43 | 000,912,344 | ---- | M] (Mozilla Corporation) -- C:\Program Files\Mozilla Firefox\firefox.exe
PRC - [2010/10/29 15:06:08 | 005,915,480 | ---- | M] (Logitech Inc.) -- C:\Program Files\Logitech\Vid HD\Vid.exe
PRC - [2010/10/16 00:40:40 | 000,037,664 | ---- | M] (Apple Inc.) -- C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
PRC - [2010/04/08 18:03:36 | 000,202,256 | ---- | M] (RealNetworks, Inc.) -- C:\Program Files\Common Files\Real\Update_OB\realsched.exe
PRC - [2009/10/14 12:36:56 | 002,793,304 | ---- | M] () -- C:\Program Files\Logitech\Logitech WebCam Software\LWS.exe
PRC - [2009/10/14 12:34:18 | 000,560,472 | ---- | M] () -- C:\Program Files\Common Files\LogiShrd\LQCVFX\COCIManager.exe
PRC - [2009/10/07 00:47:34 | 000,154,136 | ---- | M] (Logitech Inc.) -- C:\Program Files\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exe
PRC - [2008/04/13 19:12:19 | 001,033,728 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
PRC - [2008/03/17 20:06:00 | 001,848,648 | ---- | M] (CANON INC.) -- C:\Program Files\Canon\MyPrinter\BJMYPRT.EXE
PRC - [2007/05/21 03:37:36 | 000,124,512 | ---- | M] (CANON INC.) -- C:\Program Files\Canon\Canon IJ Network Scan Utility\CNMNSUT.EXE
PRC - [2007/01/02 18:34:03 | 000,602,624 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Shaina\Desktop\OTL.exe
PRC - [2004/12/14 01:12:02 | 000,483,328 | ---- | M] (Adobe Systems Inc.) -- C:\Program Files\Adobe\Acrobat 7.0\Distillr\acrotray.exe


========== Modules (SafeList) ==========

MOD - [2011/01/13 03:47:35 | 000,189,728 | ---- | M] (AVAST Software) -- C:\Program Files\Alwil Software\Avast5\snxhk.dll
MOD - [2010/08/23 11:12:02 | 001,054,208 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.6028_x-ww_61e65202\comctl32.dll
MOD - [2007/01/02 18:34:03 | 000,602,624 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Shaina\Desktop\OTL.exe


========== Win32 Services (SafeList) ==========

SRV - File not found [On_Demand | Stopped] -- -- (AppMgmt)
SRV - [2011/01/13 03:47:33 | 000,040,384 | ---- | M] (AVAST Software) [Auto | Running] -- C:\Program Files\Alwil Software\Avast5\AvastSvc.exe -- (avast! Antivirus)
SRV - [2011/01/10 09:24:20 | 000,993,848 | ---- | M] (Secunia) [Auto | Running] -- C:\Program Files\Secunia\PSI\PSIA.exe -- (Secunia PSI Agent)
SRV - [2010/10/16 00:40:40 | 000,037,664 | ---- | M] (Apple Inc.) [Auto | Running] -- C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe -- (Apple Mobile Device)
SRV - [2009/10/07 00:47:34 | 000,154,136 | ---- | M] (Logitech Inc.) [Auto | Running] -- C:\Program Files\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exe -- (LVPrcSrv)
SRV - [2004/10/22 03:24:18 | 000,073,728 | ---- | M] (Macrovision Corporation) [On_Demand | Stopped] -- C:\Program Files\Roxio\Roxio MyDVD DE\InstallShield\Driver\1050\Intel 32\IDriverT.exe -- (IDriverT)


========== Driver Services (SafeList) ==========

DRV - File not found [Kernel | On_Demand | Running] -- -- (catchme)
DRV - [2011/01/13 03:41:16 | 000,294,608 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\aswSP.sys -- (aswSP)
DRV - [2011/01/13 03:40:16 | 000,047,440 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\aswTdi.sys -- (aswTdi)
DRV - [2011/01/13 03:40:04 | 000,100,176 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\WINDOWS\System32\drivers\aswmon2.sys -- (aswMon2)
DRV - [2011/01/13 03:37:30 | 000,023,632 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\aswRdr.sys -- (aswRdr)
DRV - [2011/01/13 03:37:11 | 000,029,392 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\aavmker4.sys -- (Aavmker4)
DRV - [2011/01/13 03:37:09 | 000,017,744 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\WINDOWS\System32\drivers\aswFsBlk.sys -- (aswFsBlk)
DRV - [2010/09/01 03:30:58 | 000,015,544 | ---- | M] (Secunia) [File_System | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\psi_mf.sys -- (PSI)
DRV - [2009/10/07 03:49:50 | 000,023,832 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\lvuvcflt.sys -- (FilterService)
DRV - [2009/10/07 03:49:38 | 006,756,632 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\lvuvc.sys -- (LVUVC) Logitech Webcam 500(UVC)
DRV - [2009/10/07 03:47:54 | 000,266,008 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\lvrs.sys -- (LVRS)
DRV - [2009/10/07 00:46:36 | 000,025,752 | ---- | M] () [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\LVPr2Mon.sys -- (LVPr2Mon)
DRV - [2008/04/13 13:45:12 | 000,060,032 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\USBAUDIO.sys -- (usbaudio) USB Audio Driver (WDM)
DRV - [2008/04/13 11:36:05 | 000,144,384 | ---- | M] (Windows (R) Server 2003 DDK provider) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\hdaudbus.sys -- (HDAudBus)
DRV - [2007/06/18 20:18:26 | 000,023,680 | ---- | M] (Motorola) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\motmodem.sys -- (motmodem)
DRV - [2007/05/02 16:21:22 | 004,403,712 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\RtkHDAud.sys -- (IntcAzAudAddService) Service for Realtek HD Audio (WDM)
DRV - [2007/04/16 21:16:26 | 005,760,096 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\igxpmp32.sys -- (ialm)
DRV - [2007/04/13 20:33:34 | 000,254,872 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\e1e5132.sys -- (e1express) Intel(R)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========



IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 1
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = <local>
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyServer" = http=127.0.0.1:5643

IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 1
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = <local>
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyServer" = http=127.0.0.1:5643



IE - HKU\S-1-5-21-1757981266-220523388-839522115-1004\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com/
IE - HKU\S-1-5-21-1757981266-220523388-839522115-1004\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

========== FireFox ==========

FF - prefs.js..browser.search.defaultthis.engineName: "Swag Bucks Customized Web Search"
FF - prefs.js..browser.search.defaulturl: "http://search.conduit.com/ResultsExt.aspx?ctid=CT2260173&SearchSource=3&q={searchTerms}"
FF - prefs.js..browser.search.useDBForOrder: true
FF - prefs.js..extensions.enabledItems: {d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}:1.3.3
FF - prefs.js..extensions.enabledItems: {D4DD63FA-01E4-46a7-B6B1-EDAB7D6AD389}:0.9.7.2
FF - prefs.js..extensions.enabledItems: {0b457cAA-602d-484a-8fe7-c1d894a011ba}:0.88
FF - prefs.js..extensions.enabledItems: {0538E3E3-7E9B-4d49-8831-A227C80A7AD3}:2.0.2
FF - prefs.js..extensions.enabledItems: {37E4D8EA-8BDA-4831-8EA1-89053939A250}:3.0.0.2
FF - prefs.js..extensions.enabledItems: {dc572301-7619-498c-a57d-39143191b318}:0.3.8.4
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}:6.0.23
FF - prefs.js..extensions.enabledItems: {a0d7ccb3-214d-498b-b4aa-0e8fda9a7bf7}:20100908
FF - prefs.js..network.proxy.type: 0


FF - HKLM\software\mozilla\Firefox\Extensions\\{3f963a5b-e555-4543-90e2-c3908898db71}: C:\Program Files\AVG\AVG10\Firefox\
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.13\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2011/01/05 21:27:54 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.13\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2007/01/01 21:04:26 | 000,000,000 | ---D | M]

[2010/10/09 20:18:48 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Shaina\Application Data\Mozilla\Extensions
[2010/10/09 20:18:48 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Shaina\Application Data\Mozilla\Extensions\mozswing@mozswing.org
[2011/02/09 11:32:20 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Shaina\Application Data\Mozilla\Firefox\Profiles\0fq2dssd.default\extensions
[2010/09/28 06:24:37 | 000,000,000 | ---D | M] (Forecastfox Weather) -- C:\Documents and Settings\Shaina\Application Data\Mozilla\Firefox\Profiles\0fq2dssd.default\extensions\{0538E3E3-7E9B-4d49-8831-A227C80A7AD3}
[2011/01/05 21:28:35 | 000,000,000 | ---D | M] (FireShot) -- C:\Documents and Settings\Shaina\Application Data\Mozilla\Firefox\Profiles\0fq2dssd.default\extensions\{0b457cAA-602d-484a-8fe7-c1d894a011ba}
[2011/02/03 22:12:23 | 000,000,000 | ---D | M] (PDF Download) -- C:\Documents and Settings\Shaina\Application Data\Mozilla\Firefox\Profiles\0fq2dssd.default\extensions\{37E4D8EA-8BDA-4831-8EA1-89053939A250}
[2011/01/28 13:35:35 | 000,000,000 | ---D | M] (WOT) -- C:\Documents and Settings\Shaina\Application Data\Mozilla\Firefox\Profiles\0fq2dssd.default\extensions\{a0d7ccb3-214d-498b-b4aa-0e8fda9a7bf7}
[2008/01/20 12:51:23 | 000,000,000 | ---D | M] (Fasterfox) -- C:\Documents and Settings\Shaina\Application Data\Mozilla\Firefox\Profiles\0fq2dssd.default\extensions\{c36177c0-224a-11da-8cd6-0800200c9a66}
[2011/01/04 15:14:19 | 000,000,000 | ---D | M] (Adblock Plus) -- C:\Documents and Settings\Shaina\Application Data\Mozilla\Firefox\Profiles\0fq2dssd.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}
[2010/10/09 18:47:22 | 000,000,000 | ---D | M] (Download Statusbar) -- C:\Documents and Settings\Shaina\Application Data\Mozilla\Firefox\Profiles\0fq2dssd.default\extensions\{D4DD63FA-01E4-46a7-B6B1-EDAB7D6AD389}
[2010/08/04 19:34:37 | 000,000,000 | ---D | M] ("Tab Mix Plus") -- C:\Documents and Settings\Shaina\Application Data\Mozilla\Firefox\Profiles\0fq2dssd.default\extensions\{dc572301-7619-498c-a57d-39143191b318}
[2010/12/30 17:26:06 | 000,000,923 | ---- | M] () -- C:\Documents and Settings\Shaina\Application Data\Mozilla\Firefox\Profiles\0fq2dssd.default\searchplugins\conduit.xml
[2011/02/01 22:50:20 | 000,001,635 | ---- | M] () -- C:\Documents and Settings\Shaina\Application Data\Mozilla\Firefox\Profiles\0fq2dssd.default\searchplugins\firefox-add-ons.xml
[2011/02/09 11:32:20 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions
[2011/01/27 23:07:11 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}
[2009/09/02 02:00:25 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\WINDOWS\MICROSOFT.NET\FRAMEWORK\V3.5\WINDOWS PRESENTATION FOUNDATION\DOTNETASSISTANTEXTENSION
[2009/11/19 17:16:28 | 000,091,552 | ---- | M] (Coupons, Inc.) -- C:\Program Files\Mozilla Firefox\plugins\npCouponPrinter.dll
[2010/11/12 18:53:06 | 000,472,808 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Mozilla Firefox\plugins\npdeployJava1.dll
[2009/11/19 17:16:29 | 000,091,552 | ---- | M] (Coupons, Inc.) -- C:\Program Files\Mozilla Firefox\plugins\npMozCouponPrinter.dll
[2008/02/04 17:49:18 | 000,663,072 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Mozilla Firefox\plugins\npOGAPlugin.dll
[2008/09/15 11:52:06 | 000,376,832 | ---- | M] ( ) -- C:\Program Files\Mozilla Firefox\plugins\npsnapfish.dll

O1 HOSTS File: ([2007/01/02 14:29:59 | 000,000,027 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (Adobe PDF Reader Link Helper) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
O2 - BHO: (AcroIEToolbarHelper Class) - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O3 - HKLM\..\Toolbar: (Adobe PDF) - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O3 - HKU\S-1-5-21-1757981266-220523388-839522115-1004\..\Toolbar\ShellBrowser: (Adobe PDF) - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O3 - HKU\S-1-5-21-1757981266-220523388-839522115-1004\..\Toolbar\WebBrowser: (Adobe PDF) - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O4 - HKLM..\Run: [Acrobat Assistant 7.0] C:\Program Files\Adobe\Acrobat 7.0\Distillr\Acrotray.exe (Adobe Systems Inc.)
O4 - HKLM..\Run: [Adobe Reader Speed Launcher] C:\Program Files\Adobe\Reader 10.0\Reader\Reader_sl.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [avast5] C:\Program Files\Alwil Software\Avast5\avastUI.exe (AVAST Software)
O4 - HKLM..\Run: [CanonMyPrinter] C:\Program Files\Canon\MyPrinter\BJMyPrt.exe (CANON INC.)
O4 - HKLM..\Run: [CanonSolutionMenu] C:\Program Files\Canon\SolutionMenu\CNSLMAIN.exe (CANON INC.)
O4 - HKLM..\Run: [IJNetworkScanUtility] C:\Program Files\Canon\Canon IJ Network Scan Utility\CNMNSUT.EXE (CANON INC.)
O4 - HKLM..\Run: [LogitechQuickCamRibbon] C:\Program Files\Logitech\Logitech WebCam Software\LWS.exe ()
O4 - HKLM..\Run: [RoxWatchTray] C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxWatchTray9.exe (Sonic Solutions)
O4 - HKLM..\Run: [TkBellExe] C:\Program Files\Common Files\Real\Update_OB\realsched.exe (RealNetworks, Inc.)
O4 - HKU\S-1-5-21-1757981266-220523388-839522115-1004..\Run: [Logitech Vid] C:\Program Files\Logitech\Vid HD\Vid.exe (Logitech Inc.)
O4 - HKU\.DEFAULT..\RunOnce: [RunNarrator] C:\WINDOWS\System32\narrator.exe (Microsoft Corporation)
O4 - HKU\S-1-5-18..\RunOnce: [RunNarrator] C:\WINDOWS\System32\narrator.exe (Microsoft Corporation)
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Adobe Acrobat Speed Launcher.lnk = C:\WINDOWS\Installer\{AC76BA86-1033-0000-7760-100000000002}\SC_Acrobat.exe ()
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Secunia PSI Tray.lnk = C:\Program Files\Secunia\PSI\psi_tray.exe (Secunia)
O4 - Startup: C:\Documents and Settings\Shaina\Start Menu\Programs\Startup\OneNote Table Of Contents.onetoc2 ()
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O7 - HKU\.DEFAULT\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKU\S-1-5-18\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKU\S-1-5-19\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-20\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-21-1757981266-220523388-839522115-1004\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-21-1757981266-220523388-839522115-1004\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKU\S-1-5-21-1757981266-220523388-839522115-1004\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKU\S-1-5-21-1757981266-220523388-839522115-1004\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O8 - Extra context menu item: Convert link target to Adobe PDF - C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Convert link target to existing PDF - C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Convert selected links to Adobe PDF - C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Convert selected links to existing PDF - C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Convert selection to Adobe PDF - C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Convert selection to existing PDF - C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Convert to Adobe PDF - C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Convert to existing PDF - C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O16 - DPF: {406B5949-7190-4245-91A9-30A17DE16AD0} http://www2.snapfish.com/SnapfishActivia.cab (Snapfish Activia)
O16 - DPF: {44C1E3A2-B594-401C-B27A-D1B4476E4797} https://vpn.level2iaas.com/XTSAC.cab (XTSAC Control)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_23-windows-i586.cab (Java Plug-in 1.6.0_23)
O16 - DPF: {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_23-windows-i586.cab (Java Plug-in 1.6.0_23)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_23-windows-i586.cab (Java Plug-in 1.6.0_23)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - Winlogon\Notify\igfxcui: DllName - igfxdev.dll - C:\WINDOWS\System32\igfxdev.dll (Intel Corporation)
O24 - Desktop WallPaper: C:\Documents and Settings\Shaina\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O24 - Desktop BackupWallPaper: C:\Documents and Settings\Shaina\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2008/01/20 11:37:36 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O34 - HKLM BootExecute: (C:\PROGRA~1\AVG\AVG10\avgchsvx.exe /sync) - File not found
O34 - HKLM BootExecute: (C:\PROGRA~1\AVG\AVG10\avgrsx.exe /sync /restart) - File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = ComFile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

NetSvcs: 6to4 - File not found
NetSvcs: AppMgmt - File not found
NetSvcs: Ias - File not found
NetSvcs: Iprip - File not found
NetSvcs: Irmon - File not found
NetSvcs: NWCWorkstation - File not found
NetSvcs: Nwsapagent - File not found
NetSvcs: WmdmPmSp - File not found

Drivers32: msacm.iac2 - C:\WINDOWS\system32\iac25_32.ax (Intel Corporation)
Drivers32: msacm.l3acm - C:\WINDOWS\system32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: msacm.sl_anet - C:\WINDOWS\System32\sl_anet.acm (Sipro Lab Telecom Inc.)
Drivers32: msacm.trspch - C:\WINDOWS\System32\tssoft32.acm (DSP GROUP, INC.)
Drivers32: MSVideo - C:\WINDOWS\System32\vfwwdm32.dll (Microsoft Corporation)
Drivers32: MSVideo8 - C:\WINDOWS\System32\vfwwdm32.dll (Microsoft Corporation)
Drivers32: vidc.cvid - C:\WINDOWS\System32\iccvid.dll (Radius Inc.)
Drivers32: vidc.DIVX - C:\WINDOWS\System32\DivX.dll (DivX, Inc.)
Drivers32: VIDC.I420 - C:\WINDOWS\System32\lvcodec2.dll (Logitech Inc.)
Drivers32: vidc.iv31 - C:\WINDOWS\System32\ir32_32.dll ()
Drivers32: vidc.iv32 - C:\WINDOWS\System32\ir32_32.dll ()
Drivers32: vidc.iv41 - C:\WINDOWS\System32\ir41_32.ax (Intel Corporation)
Drivers32: vidc.iv50 - C:\WINDOWS\System32\ir50_32.dll (Intel Corporation)
Drivers32: vidc.yv12 - C:\WINDOWS\System32\DivX.dll (DivX, Inc.)

CREATERESTOREPOINT
Restore point Set: OTL Restore Point (56590081070202880)

========== Files/Folders - Created Within 30 Days ==========

[2011/02/09 11:23:32 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Shaina\Desktop\Estie's Vort
[2011/02/05 23:35:27 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\VideoLAN
[2011/01/31 08:50:40 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Skype
[2011/01/31 08:50:40 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Skype
[2011/01/31 08:50:33 | 000,000,000 | R--D | C] -- C:\Program Files\Skype
[2011/01/29 23:27:15 | 000,294,608 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswSP.sys
[2011/01/29 23:27:15 | 000,017,744 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswFsBlk.sys
[2011/01/29 23:27:15 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\avast! Free Antivirus
[2011/01/29 23:27:14 | 000,047,440 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswTdi.sys
[2011/01/29 23:27:14 | 000,023,632 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswRdr.sys
[2011/01/29 23:27:13 | 000,100,176 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswmon2.sys
[2011/01/29 23:27:13 | 000,094,544 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswmon.sys
[2011/01/29 23:27:13 | 000,029,392 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\drivers\aavmker4.sys
[2011/01/29 23:26:58 | 000,188,216 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\aswBoot.exe
[2011/01/28 14:13:28 | 000,038,848 | ---- | C] (AVAST Software) -- C:\WINDOWS\avastSS.scr
[2011/01/28 13:36:35 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Shaina\Local Settings\Application Data\Secunia PSI
[2011/01/28 13:36:29 | 000,000,000 | ---D | C] -- C:\Program Files\Secunia
[2011/01/28 11:56:26 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Alwil Software
[2011/01/28 00:06:37 | 000,000,000 | ---D | C] -- C:\Program Files\ESET
[2011/01/06 13:13:41 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Shaina\Desktop\Incomplete
[2011/01/02 20:55:33 | 000,000,000 | -H-D | C] -- C:\Documents and Settings\All Users\Application Data\Common Files
[2011/01/02 20:54:17 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\drivers\AVG
[2011/01/02 11:52:22 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\SUPERAntiSpyware.com
[2010/12/16 17:59:22 | 000,000,000 | ---D | C] -- C:\Documents and Settings\LocalService\Application Data\Apple Computer
[2010/12/07 10:40:47 | 000,000,000 | -H-D | C] -- C:\Documents and Settings\All Users\Application Data\CanonIJScan
[2010/12/06 09:46:07 | 000,000,000 | ---D | C] -- C:\Documents and Settings\NetworkService\Application Data\Apple Computer
[2010/12/05 16:03:07 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\iTunes
[2010/12/01 20:08:36 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Shaina\Desktop\DORA VIDEOS
[2010/11/30 07:26:06 | 000,000,000 | -H-D | C] -- C:\WINDOWS\PIF
[2010/11/17 21:18:50 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Shaina\My Documents\FrostWire
[2010/11/17 21:18:46 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Shaina\Application Data\FrostWire
[2010/11/17 21:14:29 | 000,000,000 | ---D | C] -- C:\Program Files\FrostWire
[2010/10/18 08:14:22 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Shaina\My Documents\OneNote Notebooks
[2010/10/17 10:16:19 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\QuickTime
[2010/10/17 10:15:58 | 000,000,000 | ---D | C] -- C:\Program Files\QuickTime
[2010/10/09 20:17:59 | 000,000,000 | ---D | C] -- C:\Program Files\LimeWire
[2010/09/19 13:08:23 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Canon MX860 series User Registration
[2010/09/19 13:01:54 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Canon IJ Network Utilities
[2010/09/19 13:00:36 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Canon MX860 series Manual
[2010/09/19 12:59:36 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Canon MX860 series
[2010/09/01 03:30:58 | 000,015,544 | ---- | C] (Secunia) -- C:\WINDOWS\System32\drivers\psi_mf.sys
[2010/08/13 15:39:27 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\NtmsData
[2010/08/13 15:25:49 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Adobe AIR
[2010/08/12 19:44:41 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Sun
[2010/08/10 23:27:32 | 000,000,000 | RHSD | C] -- C:\cmdcons
[2010/08/10 23:26:14 | 000,000,000 | ---D | C] -- C:\WINDOWS\ERDNT
[2010/08/08 20:33:26 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Shaina\Desktop\Elazar Movies
[2010/08/07 21:55:13 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Shaina\Local Settings\Application Data\AOL
[2010/08/07 21:54:16 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\AOL
[2010/08/05 06:25:12 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Shaina\Desktop\SHAINA STUFF
[2010/07/16 18:03:21 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Lavasoft
[2010/07/16 17:57:02 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Shaina\Application Data\WinPatrol
[2010/07/16 17:56:50 | 000,000,000 | ---D | C] -- C:\Program Files\BillP Studios
[2010/07/16 17:52:32 | 000,000,000 | ---D | C] -- C:\Program Files\Trend Micro
[2010/07/16 14:44:52 | 000,000,000 | ---D | C] -- C:\WINDOWS\Prefetch
[2010/07/16 06:06:41 | 000,000,000 | ---D | C] -- C:\spoolerlogs
[2010/07/16 03:17:09 | 000,000,000 | ---D | C] -- C:\Documents and Settings\NetworkService\Application Data\AdobeUM
[2010/07/16 03:10:15 | 000,000,000 | ---D | C] -- C:\Documents and Settings\NetworkService\Local Settings\Application Data\Adobe
[2010/07/13 10:40:14 | 000,000,000 | ---D | C] -- C:\Documents and Settings\LocalService\Application Data\AdobeUM
[2010/07/13 10:39:25 | 000,000,000 | ---D | C] -- C:\Documents and Settings\LocalService\Local Settings\Application Data\Adobe
[2010/07/13 08:13:50 | 000,000,000 | ---D | C] -- C:\Documents and Settings\LocalService\Application Data\Real
[2010/07/12 06:05:32 | 001,101,824 | ---- | C] (Woodbury Associates Limited) -- C:\WINDOWS\System32\UniBox210.ocx
[2010/07/12 06:05:32 | 000,880,640 | ---- | C] (Woodbury Associates Limited) -- C:\WINDOWS\System32\UniBox10.ocx
[2010/07/12 06:05:32 | 000,212,992 | ---- | C] (Woodbury Associates Limited) -- C:\WINDOWS\System32\UniBoxVB12.ocx
[2010/07/12 06:05:26 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\PC Tools
[2010/07/12 06:05:21 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\TEMP
[2010/07/12 06:05:21 | 000,000,000 | ---D | C] -- C:\Program Files\Registry Mechanic
[2010/07/11 06:37:00 | 000,000,000 | ---D | C] -- C:\Documents and Settings\LocalService\Application Data\Macromedia
[2010/07/11 06:36:59 | 000,000,000 | ---D | C] -- C:\Documents and Settings\LocalService\Application Data\Adobe
[2010/07/11 03:37:20 | 000,000,000 | ---D | C] -- C:\Documents and Settings\NetworkService\Application Data\Sun
[2010/07/10 22:51:21 | 000,000,000 | ---D | C] -- C:\Documents and Settings\NetworkService\Application Data\Macromedia
[2010/07/10 22:51:21 | 000,000,000 | ---D | C] -- C:\Documents and Settings\NetworkService\Application Data\Adobe
[2010/07/04 11:05:34 | 000,000,000 | RH-D | C] -- C:\Documents and Settings\Shaina\Recent
[2010/06/20 18:33:01 | 000,000,000 | ---D | C] -- C:\WINDOWS\.jagex_cache_32
[2010/06/11 18:41:29 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\{429CAD59-35B1-4DBC-BB6D-1DB246563521}
[2010/06/04 02:01:03 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Microsoft Silverlight
[2010/05/23 08:54:35 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Shaina\Start Menu\Programs\Usmleworld Step2 QBank V2
[2010/05/22 21:03:34 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\DivX Plus
[2010/05/22 21:01:19 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\DivX
[2010/04/26 17:04:42 | 000,353,592 | ---- | C] (DivX, Inc.) -- C:\WINDOWS\System32\DivXControlPanelApplet.cpl
[2010/04/25 00:17:51 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft CAPICOM 2.1.0.2
[2010/04/23 15:37:02 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Shaina\My Documents\SightSpeed Recordings
[2010/04/23 15:32:33 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Shaina\Local Settings\Application Data\LogiShrd
[2010/04/23 15:32:11 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Shaina\Application Data\Leadertech
[2010/04/23 15:30:13 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Logitech
[2010/04/23 15:30:05 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\LogiShrd
[2010/04/23 15:30:04 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\LogiShrd
[2010/04/23 15:30:03 | 000,000,000 | ---D | C] -- C:\Program Files\Logitech
[2010/03/29 14:04:57 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Shaina\Application Data\skypePM
[2010/03/29 14:02:54 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Shaina\Application Data\Skype
[2010/03/29 14:02:19 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Skype
[2010/03/17 08:15:14 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Shaina\Application Data\Lala Music Mover
[2010/03/10 14:29:32 | 000,094,208 | ---- | C] (DivX, Inc.) -- C:\WINDOWS\System32\dpl100.dll
[2010/03/03 10:57:50 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Real
[2010/03/03 00:12:00 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\NCH Software
[2010/03/03 00:11:47 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\NCH Software Suite
[2010/03/03 00:11:46 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Video Related Programs
[2010/03/03 00:11:46 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Prism Video Converter
[2010/02/28 02:38:55 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\McAfee
[2010/02/19 14:27:36 | 000,720,384 | ---- | C] (DivX, Inc.) -- C:\WINDOWS\System32\DivX.dll
[2010/02/19 14:27:16 | 000,856,064 | ---- | C] (DivX, Inc.) -- C:\WINDOWS\System32\divx_xx0c.dll
[2010/02/19 14:27:16 | 000,856,064 | ---- | C] (DivX, Inc.) -- C:\WINDOWS\System32\divx_xx07.dll
[2010/02/19 14:27:16 | 000,847,872 | ---- | C] (DivX, Inc.) -- C:\WINDOWS\System32\divx_xx0a.dll
[2010/02/19 14:27:16 | 000,843,776 | ---- | C] (DivX, Inc.) -- C:\WINDOWS\System32\divx_xx16.dll
[2010/02/19 14:27:16 | 000,839,680 | ---- | C] (DivX, Inc.) -- C:\WINDOWS\System32\divx_xx11.dll
[2010/01/20 19:38:20 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Shaina\Application Data\Amazon
[2010/01/20 19:38:05 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Amazon
[2010/01/20 19:38:04 | 000,000,000 | ---D | C] -- C:\Program Files\Amazon
[2009/12/06 19:13:46 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Shaina\Application Data\Gleim
[2009/12/06 09:42:05 | 000,398,744 | R--- | C] (Coupons, Inc.) -- C:\WINDOWS\System32\cpnprt2.cid
[2009/12/06 09:41:59 | 000,000,000 | ---D | C] -- C:\WINDOWS\Cache
[2009/12/06 09:41:58 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Coupons
[2009/12/06 09:41:55 | 000,000,000 | ---D | C] -- C:\Program Files\Coupons
[2009/11/10 21:01:16 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Shaina\.jordan
[2009/10/25 10:51:17 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Shaina\Local Settings\Application Data\Opera
[2009/10/25 10:51:17 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Shaina\Application Data\Opera
[2009/10/25 10:51:08 | 000,000,000 | ---D | C] -- C:\Program Files\Opera
[2009/10/13 18:45:53 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Shaina\Application Data\gtk-2.0
[2009/10/13 18:45:51 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Shaina\.thumbnails
[2009/10/13 18:43:40 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Shaina\.gimp-2.6
[2009/10/13 18:43:39 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Shaina\My Documents\gegl-0.0
[2009/10/12 14:07:42 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Shaina\Desktop\CZ STUFF
[2009/08/27 17:45:00 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Shaina\Local Settings\Application Data\Temp
[2009/08/20 21:40:31 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Shaina\Application Data\U3
[2009/08/18 15:57:27 | 000,000,000 | -HSD | C] -- C:\Documents and Settings\Shaina\IECompatCache
[2009/08/16 02:04:12 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\XPSViewer
[2009/08/16 02:03:57 | 000,000,000 | ---D | C] -- C:\Program Files\Reference Assemblies
[2009/08/16 02:03:28 | 000,000,000 | ---D | C] -- C:\d9c274b78117274c21c3
[2009/08/12 22:47:24 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Shaina\My Documents\Downloads
[2009/08/12 22:45:00 | 000,000,000 | ---D | C] -- C:\Documents and Settings\NetworkService\Local Settings\Application Data\Google
[2009/08/12 22:34:36 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Google Chrome
[2009/08/12 22:33:20 | 000,000,000 | ---D | C] -- C:\Documents and Settings\LocalService\Local Settings\Application Data\Google
[2009/08/12 22:32:59 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Shaina\Local Settings\Application Data\Google
[2009/08/12 22:32:54 | 000,000,000 | ---D | C] -- C:\Program Files\Google
[2009/08/12 22:32:54 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\DivX Shared
[2009/08/11 06:44:22 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Shaina\Start Menu\Programs\CCleaner
[2009/08/11 06:44:20 | 000,000,000 | ---D | C] -- C:\Program Files\CCleaner
[2009/08/09 13:40:22 | 000,000,000 | ---D | C] -- C:\Program Files\Safari
[2009/08/09 13:38:37 | 000,000,000 | ---D | C] -- C:\Program Files\iPod
[2009/08/09 13:38:33 | 000,000,000 | ---D | C] -- C:\Program Files\iTunes
[2009/07/18 20:45:34 | 000,000,000 | -HSD | C] -- C:\Documents and Settings\Shaina\PrivacIE
[2009/06/26 07:19:42 | 000,000,000 | -HSD | C] -- C:\Documents and Settings\Shaina\IETldCache
[2009/06/26 06:16:18 | 000,000,000 | ---D | C] -- C:\WINDOWS\ie8updates
[2009/06/26 06:15:36 | 000,000,000 | ---D | C] -- C:\WINDOWS\WBEM
[2009/06/26 06:14:26 | 000,000,000 | -H-D | C] -- C:\WINDOWS\ie8
[2009/06/26 05:45:09 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\xing shared
[2009/06/26 05:44:40 | 000,278,528 | ---- | C] (Real Networks, Inc) -- C:\WINDOWS\System32\pncrt.dll
[2009/06/26 05:44:40 | 000,000,000 | ---D | C] -- C:\Program Files\Real
[2009/06/26 05:44:40 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Real
[2009/06/17 19:39:21 | 000,000,000 | ---D | C] -- C:\WINDOWS\Downloaded Installations
[2009/06/17 19:38:36 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Shaina\Application Data\Nitro PDF
[2009/06/17 19:36:18 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Nitro PDF
[2009/06/17 19:35:48 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Shaina\Local Settings\Application Data\Downloaded Installations
[2009/06/17 19:29:46 | 000,000,000 | ---D | C] -- C:\Program Files\HALLMARK.CARD.STUDIO.2009-ADDICTION
[2009/06/17 19:25:50 | 000,000,000 | ---D | C] -- C:\Program Files\Nitro PDF Professional 5.5.0.16 32-64bit
[2009/06/17 19:22:05 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Shaina\Application Data\FireShot
[2009/06/17 19:20:48 | 000,000,000 | ---D | C] -- C:\Program Files\FireShot for IE
[2009/05/13 16:12:41 | 000,000,000 | R-SD | C] -- C:\WINDOWS\assembly
[2009/05/13 16:12:00 | 000,000,000 | ---D | C] -- C:\WINDOWS\Microsoft.NET
[2009/05/13 16:07:53 | 000,000,000 | ---D | C] -- C:\Program Files\AviSynth 2.5
[2009/05/08 16:18:59 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\{8CD7F5AF-ECFA-4793-BF40-D8F42DBFF906}
[2009/05/08 16:18:00 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Apple Computer
[2009/05/08 16:17:05 | 000,000,000 | ---D | C] -- C:\Program Files\Apple Software Update
[2009/05/08 16:16:40 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Apple
[2009/05/08 16:16:40 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Apple

 

[merenwen]

[2009/04/27 10:29:08 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Real
[2009/04/27 10:29:03 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Shaina\Application Data\Real
[2009/03/27 13:35:03 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Shaina\Application Data\AdobeUM
[2009/03/25 15:14:35 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Documents\Adobe PDF
[2009/03/20 09:06:49 | 000,000,000 | --SD | C] -- C:\Documents and Settings\Shaina\My Documents\My Data Sources
[2008/12/17 07:53:31 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Shaina\Desktop\Budget Stuff
[2008/11/15 22:27:26 | 000,000,000 | ---D | C] -- C:\Program Files\Adobe
[2008/10/11 19:09:21 | 000,000,000 | ---D | C] -- C:\Program Files\NCH Software
[2008/10/11 18:59:59 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\NCH Swift Sound
[2008/10/11 18:59:58 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Switch Sound File Converter
[2008/10/11 18:59:57 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Shaina\Application Data\NCH Swift Sound
[2008/10/11 18:59:25 | 000,000,000 | ---D | C] -- C:\Program Files\NCH Swift Sound
[2008/08/30 20:21:24 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\scripting
[2008/08/30 20:21:24 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\en-us
[2008/08/30 20:21:23 | 000,000,000 | ---D | C] -- C:\WINDOWS\l2schemas
[2008/08/30 20:21:23 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\en
[2008/08/30 20:21:23 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\bits
[2008/08/30 20:19:49 | 000,000,000 | ---D | C] -- C:\WINDOWS\ServicePackFiles
[2008/08/30 20:18:05 | 000,000,000 | ---D | C] -- C:\WINDOWS\network diagnostic
[2008/08/30 20:14:45 | 000,000,000 | -H-D | C] -- C:\WINDOWS\$NtServicePackUninstall$
[2008/08/30 20:14:44 | 000,000,000 | ---D | C] -- C:\WINDOWS\EHome
[2008/08/17 13:08:02 | 000,000,000 | ---D | C] -- C:\WINDOWS\Minidump
[2008/08/14 07:51:36 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Silverlight
[2008/08/03 10:40:47 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Shaina\Application Data\Panasonic
[2008/07/31 19:39:24 | 000,000,000 | ---D | C] -- C:\Program Files\Orban
[2008/07/31 19:39:24 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Orban
[2008/06/30 17:03:15 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Shaina\Application Data\Canon
[2008/06/18 19:30:28 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Shaina\Local Settings\Application Data\WMTools Downloaded Files
[2008/06/17 11:25:01 | 000,000,000 | ---D | C] -- C:\Documents and Settings\NetworkService\Local Settings\Application Data\Apple
[2008/05/11 18:20:18 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Shaina\Application Data\Apple Computer
[2008/05/09 06:54:14 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Shaina\Application Data\Snapfish
[2008/05/04 21:35:48 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Shaina\Desktop\pics
[2008/05/02 16:39:20 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Shaina\Local Settings\Application Data\Apple
[2008/05/02 16:39:10 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Shaina\Local Settings\Application Data\Apple Computer
[2008/03/27 20:28:06 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Shaina\Application Data\dvdcss
[2008/03/27 20:00:47 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Shaina\My Documents\DVD
[2008/03/27 20:00:00 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Shaina\Application Data\DVD Flick
[2008/03/27 19:59:41 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\DVD Flick
[2008/03/27 19:59:39 | 000,081,920 | ---- | C] (Marco Bellinaso) -- C:\WINDOWS\System32\mbmouse.ocx
[2008/03/27 19:59:39 | 000,036,864 | ---- | C] (Robdogg Inc.) -- C:\WINDOWS\System32\trayicon.ocx
[2008/03/27 19:59:38 | 000,000,000 | ---D | C] -- C:\Program Files\DVD Flick
[2008/03/27 19:43:10 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Canon MP210 series User Registration
[2008/03/27 18:04:56 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\CANON
[2008/03/27 18:02:14 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Canon Utilities
[2008/03/27 18:01:48 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Canon MP210 series Manual
[2008/03/27 18:01:38 | 000,000,000 | -H-D | C] -- C:\Documents and Settings\All Users\Application Data\CanonBJ
[2008/03/27 18:01:29 | 000,000,000 | -H-D | C] -- C:\WINDOWS\System32\CanonIJ Uninstaller Information
[2008/03/27 18:01:28 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Canon MP210 series
[2008/03/27 18:01:15 | 000,000,000 | -H-D | C] -- C:\Program Files\CanonBJ
[2008/03/27 18:00:12 | 000,000,000 | ---D | C] -- C:\Program Files\Canon
[2008/03/26 20:43:09 | 000,000,000 | -HSD | C] -- C:\Documents and Settings\Shaina\UserData
[2008/03/20 20:46:26 | 000,022,168 | ---- | C] (Softland) -- C:\WINDOWS\System32\dopdfmn6.dll
[2008/03/20 20:46:26 | 000,018,072 | ---- | C] (Softland) -- C:\WINDOWS\System32\dopdfmi6.dll
[2008/03/20 20:46:25 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\doPDF 6
[2008/03/20 20:46:24 | 000,000,000 | ---D | C] -- C:\Program Files\Softland
[2008/03/20 20:42:47 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Office Genuine Advantage
[2008/03/18 22:08:42 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Shaina\Application Data\Broderbund
[2008/03/18 21:12:33 | 000,000,000 | ---D | C] -- C:\Program Files\Broderbund
[2008/03/18 21:12:33 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Broderbund
[2008/03/18 21:12:32 | 000,274,432 | ---- | C] (Riverdeep Interactive Learning Limited) -- C:\WINDOWS\TLCUninstall.exe
[2008/03/18 18:38:37 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Shaina\My Documents\Quicken
[2008/03/18 18:33:08 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\AnswerWorks 5.0
[2008/03/18 18:32:59 | 003,518,464 | ---- | C] (Amyuni Technologies
http://www.amyuni.com) -- C:\WINDOWS\System32\cdintf300.dll
[2008/03/18 18:32:59 | 001,843,200 | ---- | C] (Apache Software Foundation) -- C:\WINDOWS\System32\acXMLParser.dll
[2008/03/18 18:32:49 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Shaina\Application Data\Intuit
[2008/03/18 18:32:27 | 000,000,000 | ---D | C] -- C:\Program Files\Quicken
[2008/03/18 18:32:11 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Intuit
[2008/03/18 18:26:09 | 000,000,000 | ---D | C] -- C:\Program Files\MagicISO
[2008/03/02 17:56:37 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Shaina\Application Data\DivX
[2008/02/28 18:15:37 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Microsoft Office
[2008/02/28 18:14:59 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Works
[2008/02/28 18:14:50 | 000,000,000 | ---D | C] -- C:\Program Files\MSBuild
[2008/02/28 18:14:27 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Visual Studio
[2008/02/28 18:14:26 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\DESIGNER
[2008/02/28 18:11:14 | 000,000,000 | ---D | C] -- C:\WINDOWS\SHELLNEW
[2008/02/28 18:10:37 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Shaina\Local Settings\Application Data\Microsoft Help
[2008/02/28 18:10:22 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Office
[2008/02/28 18:10:20 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Microsoft Help
[2008/02/28 18:10:03 | 000,000,000 | R--D | C] -- C:\MSOCache
[2008/02/22 09:40:04 | 000,000,000 | ---D | C] -- C:\Program Files\Alwil Software
[2008/02/10 12:36:47 | 000,000,000 | ---D | C] -- C:\WINDOWS\SxsCaPendDel
[2008/01/28 23:20:42 | 000,000,000 | ---D | C] -- C:\MDT
[2008/01/28 23:20:32 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Shaina\Application Data\CyberLink
[2008/01/28 23:20:32 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\CyberLink
[2008/01/28 23:19:45 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Shaina\Application Data\vlc
[2008/01/28 23:17:16 | 000,000,000 | ---D | C] -- C:\Program Files\VideoLAN
[2008/01/27 19:21:11 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Shaina\Start Menu\Programs\VobSub
[2008/01/27 19:21:11 | 000,000,000 | ---D | C] -- C:\Program Files\Gabest
[2008/01/27 14:18:18 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Shaina\Application Data\WinRAR
[2008/01/27 14:18:10 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Shaina\Start Menu\Programs\WinRAR
[2008/01/27 14:18:10 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\WinRAR
[2008/01/27 14:18:08 | 000,000,000 | ---D | C] -- C:\Program Files\WinRAR
[2008/01/21 22:26:33 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Shaina\Local Settings\Application Data\Adobe
[2008/01/21 22:26:13 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Adobe
[2008/01/21 22:26:08 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Adobe
[2008/01/21 18:47:14 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\DivX
[2008/01/21 18:47:13 | 000,000,000 | ---D | C] -- C:\Program Files\DivX
[2008/01/21 10:35:39 | 000,000,000 | ---D | C] -- C:\WINDOWS\Sun
[2008/01/21 10:35:38 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Shaina\Application Data\Sun
[2008/01/20 17:06:09 | 000,000,000 | ---D | C] -- C:\Program Files\K-Lite Codec Pack
[2008/01/20 17:06:09 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\K-Lite Codec Pack
[2008/01/20 17:05:31 | 002,625,445 | ---- | C] ( ) -- C:\Program Files\klcodec365b.exe
[2008/01/20 13:03:49 | 000,000,000 | R--D | C] -- C:\Documents and Settings\All Users\Documents\My Videos
[2008/01/20 13:03:07 | 000,000,000 | ---D | C] -- C:\Program Files\Windows Media Connect 2
[2008/01/20 13:02:30 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\drivers\UMDF
[2008/01/20 13:02:30 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\LogFiles
[2008/01/20 13:02:08 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Windows Genuine Advantage
[2008/01/20 12:47:20 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Shaina\Desktop\MOVIES
[2008/01/20 12:39:28 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Shaina\Application Data\.ABC
[2008/01/20 12:38:33 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Shaina\Start Menu\Programs\ABC
[2008/01/20 12:38:32 | 000,000,000 | ---D | C] -- C:\Program Files\ABC
[2008/01/20 12:25:30 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Shaina\Desktop\MUSIC
[2008/01/20 12:25:06 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Shaina\My Documents\LimeWire
[2008/01/20 12:25:01 | 000,000,000 | ---D | C] -- C:\Program Files\MSXML 4.0
[2008/01/20 12:24:47 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Shaina\Application Data\Macromedia
[2008/01/20 12:24:46 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Shaina\Application Data\Adobe
[2008/01/20 12:24:10 | 000,000,000 | ---D | C] -- C:\Program Files\Java
[2008/01/20 12:22:55 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Java
[2008/01/20 12:17:25 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Shaina\Application Data\Grisoft
[2008/01/20 12:17:17 | 000,000,000 | ---D | C] -- C:\Program Files\Grisoft
[2008/01/20 12:05:33 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Shaina\Local Settings\Application Data\Mozilla
[2008/01/20 12:05:33 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Shaina\Application Data\Mozilla
[2008/01/20 12:05:28 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Mozilla Firefox
[2008/01/20 12:05:25 | 000,000,000 | ---D | C] -- C:\Program Files\Mozilla Firefox
[2008/01/20 11:57:11 | 000,000,000 | ---D | C] -- C:\Documents and Settings\LocalService\Application Data\Roxio
[2008/01/20 11:57:09 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Shaina\Application Data\Roxio
[2008/01/20 11:54:28 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\InstallShield
[2008/01/20 11:53:33 | 000,000,000 | -H-D | C] -- C:\WINDOWS\$MSI31Uninstall_KB893803v2$
[2008/01/20 11:53:24 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\PreInstall
[2008/01/20 11:52:02 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Roxio
[2008/01/20 11:50:56 | 000,000,000 | ---D | C] -- C:\WINDOWS\RegisteredPackages
[2008/01/20 11:50:20 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Sonic
[2008/01/20 11:50:17 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Sonic Shared
[2008/01/20 11:50:00 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Roxio Shared
[2008/01/20 11:49:55 | 000,000,000 | ---D | C] -- C:\Program Files\Roxio
[2008/01/20 11:49:49 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\SoftwareDistribution
[2008/01/20 11:48:23 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Shaina\Local Settings\Application Data\PowerDVD DX
[2008/01/20 11:48:23 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Dell
[2008/01/20 11:48:18 | 000,000,000 | R--D | C] -- C:\Documents and Settings\Shaina\My Documents\My Videos
[2008/01/20 11:48:03 | 000,000,000 | ---D | C] -- C:\Program Files\CyberLink
[2008/01/20 11:44:46 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\RTCOM
[2008/01/20 11:44:18 | 002,808,832 | ---- | C] (RealTek Semicoductor Corp.) -- C:\WINDOWS\alcwzrd.exe
[2008/01/20 11:44:18 | 000,000,000 | -H-D | C] -- C:\Program Files\InstallShield Installation Information
[2008/01/20 11:44:18 | 000,000,000 | ---D | C] -- C:\Program Files\Realtek
[2008/01/20 11:44:14 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\InstallShield
[2008/01/20 11:43:34 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\Lang
[2008/01/20 11:41:50 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\ReinstallBackups
[2008/01/20 11:41:48 | 000,000,000 | ---D | C] -- C:\Program Files\Intel
[2008/01/20 11:41:48 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\DRVSTORE
[2008/01/20 11:41:42 | 000,000,000 | ---D | C] -- C:\Intel
[2008/01/20 11:41:13 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\vmm32
[2008/01/20 11:41:13 | 000,000,000 | ---D | C] -- C:\Program Files\Dell
[2008/01/20 11:40:30 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Shaina\Application Data\Identities
[2008/01/20 11:40:29 | 000,000,000 | -H-D | C] -- C:\Program Files\Uninstall Information
[2008/01/20 11:40:25 | 000,000,000 | R--D | C] -- C:\Documents and Settings\Shaina\My Documents\My Pictures
[2008/01/20 11:40:25 | 000,000,000 | R--D | C] -- C:\Documents and Settings\Shaina\My Documents\My Music
[2008/01/20 11:40:23 | 000,000,000 | --SD | C] -- C:\Documents and Settings\Shaina\Application Data\Microsoft
[2008/01/20 11:40:23 | 000,000,000 | RH-D | C] -- C:\Documents and Settings\Shaina\SendTo
[2008/01/20 11:40:23 | 000,000,000 | R--D | C] -- C:\Documents and Settings\Shaina\Start Menu\Programs\Startup
[2008/01/20 11:40:23 | 000,000,000 | R--D | C] -- C:\Documents and Settings\Shaina\Start Menu
[2008/01/20 11:40:23 | 000,000,000 | R--D | C] -- C:\Documents and Settings\Shaina\My Documents
[2008/01/20 11:40:23 | 000,000,000 | R--D | C] -- C:\Documents and Settings\Shaina\Favorites
[2008/01/20 11:40:23 | 000,000,000 | R--D | C] -- C:\Documents and Settings\Shaina\Start Menu\Programs\Accessories
[2008/01/20 11:40:23 | 000,000,000 | -HSD | C] -- C:\Documents and Settings\Shaina\Cookies
[2008/01/20 11:40:23 | 000,000,000 | -H-D | C] -- C:\Documents and Settings\Shaina\Templates
[2008/01/20 11:40:23 | 000,000,000 | -H-D | C] -- C:\Documents and Settings\Shaina\PrintHood
[2008/01/20 11:40:23 | 000,000,000 | -H-D | C] -- C:\Documents and Settings\Shaina\NetHood
[2008/01/20 11:40:23 | 000,000,000 | -H-D | C] -- C:\Documents and Settings\Shaina\Local Settings
[2008/01/20 11:40:23 | 000,000,000 | -H-D | C] -- C:\Documents and Settings\Shaina\Application Data
[2008/01/20 11:40:23 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Shaina\Local Settings\Application Data\Microsoft
[2008/01/20 11:40:23 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Shaina\Desktop
[2008/01/20 11:39:59 | 000,000,000 | ---D | C] -- C:\WINDOWS\SoftwareDistribution
[2008/01/20 11:39:57 | 000,000,000 | --SD | C] -- C:\WINDOWS\System32\Microsoft
[2008/01/20 11:39:56 | 000,000,000 | --SD | C] -- C:\Documents and Settings\LocalService\Application Data\Microsoft
[2008/01/20 11:39:56 | 000,000,000 | ---D | C] -- C:\Documents and Settings\LocalService\Local Settings\Application Data\Microsoft
[2008/01/20 11:39:42 | 000,000,000 | --SD | C] -- C:\Documents and Settings\NetworkService\Application Data\Microsoft
[2008/01/20 11:39:42 | 000,000,000 | ---D | C] -- C:\Documents and Settings\NetworkService\Local Settings\Application Data\Microsoft
[2008/01/20 11:38:55 | 000,079,872 | ---- | C] (Ricoh Co., Ltd.) -- C:\WINDOWS\System32\dllcache\rwia330.dll
[2008/01/20 11:38:55 | 000,079,872 | ---- | C] (Ricoh Co., Ltd.) -- C:\WINDOWS\System32\dllcache\rwia001.dll
[2008/01/20 11:38:11 | 000,054,528 | ---- | C] (Philips Semiconductors GmbH) -- C:\WINDOWS\System32\dllcache\cap7146.sys
[2008/01/20 11:37:57 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\xircom
[2008/01/20 11:37:57 | 000,000,000 | ---D | C] -- C:\Program Files\xerox
[2008/01/20 11:37:57 | 000,000,000 | ---D | C] -- C:\Program Files\microsoft frontpage
[2008/01/20 11:37:55 | 000,000,000 | ---D | C] -- C:\DELL
[2008/01/20 11:37:47 | 000,000,000 | -H-D | C] -- C:\WINDOWS\$hf_mig$
[2008/01/20 11:36:58 | 000,000,000 | -HSD | C] -- C:\Documents and Settings\All Users\DRM
[2008/01/20 11:36:52 | 000,000,000 | --SD | C] -- C:\WINDOWS\Downloaded Program Files
[2008/01/20 11:36:52 | 000,000,000 | R--D | C] -- C:\WINDOWS\Offline Web Pages
[2008/01/20 11:36:45 | 000,000,000 | -H-D | C] -- C:\Program Files\WindowsUpdate
[2008/01/20 11:36:29 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\DirectX
[2008/01/20 11:35:56 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Services
[2008/01/20 11:35:53 | 000,000,000 | --SD | C] -- C:\WINDOWS\Tasks
[2008/01/20 11:35:52 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\MSSoap
[2008/01/20 11:35:47 | 000,000,000 | ---D | C] -- C:\WINDOWS\srchasst
[2008/01/20 11:35:46 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\Macromed
[2008/01/20 11:35:37 | 000,000,000 | ---D | C] -- C:\Program Files\Movie Maker
[2008/01/20 11:35:28 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\Restore
[2008/01/20 11:35:23 | 000,000,000 | ---D | C] -- C:\Program Files\NetMeeting
[2008/01/20 11:35:19 | 000,000,000 | ---D | C] -- C:\Program Files\Outlook Express
[2008/01/20 11:35:12 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\System
[2008/01/20 11:35:11 | 000,000,000 | ---D | C] -- C:\Program Files\Internet Explorer
[2008/01/20 11:35:10 | 000,000,000 | R--D | C] -- C:\Documents and Settings\All Users\Documents\My Pictures
[2008/01/20 11:35:02 | 000,000,000 | ---D | C] -- C:\Program Files\ComPlus Applications
[2008/01/20 11:34:58 | 000,000,000 | ---D | C] -- C:\WINDOWS\Registration
[2008/01/20 11:34:57 | 000,000,000 | R--D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Administrative Tools
[2008/01/20 11:34:39 | 000,000,000 | R--D | C] -- C:\Documents and Settings\All Users\Documents\My Music
[2008/01/20 11:34:39 | 000,000,000 | R--D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Games
[2008/01/20 11:34:39 | 000,000,000 | ---D | C] -- C:\Program Files\Windows Media Player
[2008/01/20 11:34:39 | 000,000,000 | ---D | C] -- C:\Program Files\Online Services
[2008/01/20 11:34:35 | 000,000,000 | ---D | C] -- C:\Program Files\Messenger
[2008/01/20 11:34:31 | 000,000,000 | ---D | C] -- C:\Program Files\MSN Gaming Zone
[2008/01/20 11:33:49 | 000,000,000 | ---D | C] -- C:\Program Files\MSN
[2008/01/20 11:33:47 | 000,000,000 | ---D | C] -- C:\Program Files\Windows NT
[2008/01/20 11:33:44 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\MsDtc
[2008/01/20 11:33:41 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\Com
[2008/01/20 11:33:14 | 000,000,000 | R--D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Accessories
[2008/01/20 06:17:41 | 000,000,000 | -HSD | C] -- C:\WINDOWS\Installer
[2008/01/20 06:17:41 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\ODBC
[2008/01/20 06:17:37 | 000,000,000 | R--D | C] -- C:\Program Files
[2008/01/20 06:17:37 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\SpeechEngines
[2008/01/20 06:17:37 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Microsoft Shared
[2008/01/20 06:17:37 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files
[2008/01/20 06:17:14 | 000,000,000 | R--D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Startup
[2008/01/20 06:17:14 | 000,000,000 | R--D | C] -- C:\Documents and Settings\All Users\Start Menu
[2008/01/20 06:17:14 | 000,000,000 | R--D | C] -- C:\Documents and Settings\All Users\Documents
[2008/01/20 06:17:14 | 000,000,000 | -H-D | C] -- C:\Documents and Settings\All Users\Templates
[2008/01/20 06:17:14 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Favorites
[2008/01/20 06:17:14 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Desktop
[2008/01/20 06:17:03 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\CatRoot2
[2008/01/20 06:17:03 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\CatRoot
[2008/01/20 06:16:58 | 000,000,000 | --SD | C] -- C:\Documents and Settings\All Users\Application Data\Microsoft
[2008/01/20 06:16:58 | 000,000,000 | -H-D | C] -- C:\Documents and Settings\All Users\Application Data
[2008/01/20 06:16:34 | 000,000,000 | -HSD | C] -- C:\System Volume Information
[2008/01/20 06:16:34 | 000,000,000 | ---D | C] -- C:\Documents and Settings
[2008/01/20 06:08:45 | 000,000,000 | R-SD | C] -- C:\WINDOWS\Fonts
[2008/01/20 06:08:45 | 000,000,000 | RHSD | C] -- C:\WINDOWS\System32\dllcache
[2008/01/20 06:08:45 | 000,000,000 | R--D | C] -- C:\WINDOWS\Web
[2008/01/20 06:08:45 | 000,000,000 | -H-D | C] -- C:\WINDOWS\inf
[2008/01/20 06:08:45 | 000,000,000 | ---D | C] -- C:\WINDOWS\WinSxS
[2008/01/20 06:08:45 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\wins
[2008/01/20 06:08:45 | 000,000,000 | ---D | C] -- C:\WINDOWS
[2008/01/20 06:08:45 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\wbem
[2008/01/20 06:08:45 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\usmt
[2008/01/20 06:08:45 | 000,000,000 | ---D | C] -- C:\WINDOWS\twain_32
[2008/01/20 06:08:45 | 000,000,000 | ---D | C] -- C:\WINDOWS\Temp
[2008/01/20 06:08:45 | 000,000,000 | ---D | C] -- C:\WINDOWS\system32
[2008/01/20 06:08:45 | 000,000,000 | ---D | C] -- C:\WINDOWS\system
[2008/01/20 06:08:45 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\spool
[2008/01/20 06:08:45 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\ShellExt
[2008/01/20 06:08:45 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\Setup
[2008/01/20 06:08:45 | 000,000,000 | ---D | C] -- C:\WINDOWS\security
[2008/01/20 06:08:45 | 000,000,000 | ---D | C] -- C:\WINDOWS\Resources
[2008/01/20 06:08:45 | 000,000,000 | ---D | C] -- C:\WINDOWS\repair
[2008/01/20 06:08:45 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\ras
[2008/01/20 06:08:45 | 000,000,000 | ---D | C] -- C:\WINDOWS\Provisioning
[2008/01/20 06:08:45 | 000,000,000 | ---D | C] -- C:\WINDOWS\PeerNet
[2008/01/20 06:08:45 | 000,000,000 | ---D | C] -- C:\WINDOWS\pchealth
[2008/01/20 06:08:45 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\oobe
[2008/01/20 06:08:45 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\npp
[2008/01/20 06:08:45 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\mui
[2008/01/20 06:08:45 | 000,000,000 | ---D | C] -- C:\WINDOWS\mui
[2008/01/20 06:08:45 | 000,000,000 | ---D | C] -- C:\WINDOWS\msapps
[2008/01/20 06:08:45 | 000,000,000 | ---D | C] -- C:\WINDOWS\msagent
[2008/01/20 06:08:45 | 000,000,000 | ---D | C] -- C:\WINDOWS\Media
[2008/01/20 06:08:45 | 000,000,000 | ---D | C] -- C:\WINDOWS\java
[2008/01/20 06:08:45 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\inetsrv
[2008/01/20 06:08:45 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\IME
[2008/01/20 06:08:45 | 000,000,000 | ---D | C] -- C:\WINDOWS\ime
[2008/01/20 06:08:45 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\icsxml
[2008/01/20 06:08:45 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\ias
[2008/01/20 06:08:45 | 000,000,000 | ---D | C] -- C:\WINDOWS\Help
[2008/01/20 06:08:45 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\export
[2008/01/20 06:08:45 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\drivers\etc
[2008/01/20 06:08:45 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\drivers
[2008/01/20 06:08:45 | 000,000,000 | ---D | C] -- C:\WINDOWS\Driver Cache
[2008/01/20 06:08:45 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\drivers\disdn
[2008/01/20 06:08:45 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\dhcp
[2008/01/20 06:08:45 | 000,000,000 | ---D | C] -- C:\WINDOWS\dell
[2008/01/20 06:08:45 | 000,000,000 | ---D | C] -- C:\WINDOWS\Debug
[2008/01/20 06:08:45 | 000,000,000 | ---D | C] -- C:\WINDOWS\Cursors
[2008/01/20 06:08:45 | 000,000,000 | ---D | C] -- C:\WINDOWS\Connection Wizard
[2008/01/20 06:08:45 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\config
[2008/01/20 06:08:45 | 000,000,000 | ---D | C] -- C:\WINDOWS\Config
[2008/01/20 06:08:45 | 000,000,000 | ---D | C] -- C:\WINDOWS\AppPatch
[2008/01/20 06:08:45 | 000,000,000 | ---D | C] -- C:\WINDOWS\addins
[2008/01/20 06:08:45 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\3com_dmi
[2008/01/20 06:08:45 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\3076
[2008/01/20 06:08:45 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\2052
[2008/01/20 06:08:45 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\1054
[2008/01/20 06:08:45 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\1042
[2008/01/20 06:08:45 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\1041
[2008/01/20 06:08:45 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\1037
[2008/01/20 06:08:45 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\1033
[2008/01/20 06:08:45 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\1031
[2008/01/20 06:08:45 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\1028
[2008/01/20 06:08:45 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\1025
[2007/06/18 20:18:26 | 000,023,680 | ---- | C] (Motorola) -- C:\WINDOWS\System32\drivers\motmodem.sys
[2007/01/02 18:34:01 | 000,602,624 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\Shaina\Desktop\OTL.exe
[2007/01/02 13:58:43 | 000,212,480 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWXCACLS.exe
[2007/01/02 13:58:43 | 000,161,792 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWREG.exe
[2007/01/02 13:58:43 | 000,136,704 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWSC.exe
[2007/01/02 13:58:43 | 000,031,232 | ---- | C] (NirSoft) -- C:\WINDOWS\NIRCMD.exe
[2007/01/02 13:57:59 | 000,000,000 | ---D | C] -- C:\Qoobox
[2007/01/01 22:56:40 | 000,446,464 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\Shaina\Desktop\TFC(3).exe
[2007/01/01 02:05:12 | 000,000,000 | R--D | C] -- C:\Documents and Settings\Shaina\Start Menu\Programs\Administrative Tools
[2007/01/01 00:01:51 | 000,000,000 | ---D | C] -- C:\Documents and Settings\NetworkService\Local Settings\Application Data\Temp
[2006/12/31 23:03:38 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Shaina\Application Data\Malwarebytes
[2006/12/31 23:03:29 | 000,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware
[2006/12/31 23:03:29 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Malwarebytes
[2006/12/31 20:14:55 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Malwarebytes' Anti-Malware
[2006/12/31 20:14:52 | 000,038,224 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbamswissarmy.sys
[2006/12/31 20:14:50 | 000,020,952 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbam.sys

========== Files - Modified Within 30 Days ==========

[2011/02/09 19:10:00 | 000,000,886 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
[2011/02/09 11:34:09 | 000,064,251 | ---- | M] () -- C:\Documents and Settings\Shaina\Desktop\downsize.jpg
[2011/02/09 11:21:27 | 000,316,360 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2011/02/09 03:04:26 | 000,001,355 | ---- | M] () -- C:\WINDOWS\imsins.BAK
[2011/02/08 15:46:44 | 000,017,920 | ---- | M] () -- C:\Documents and Settings\Shaina\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2011/02/07 07:06:01 | 000,000,284 | ---- | M] () -- C:\WINDOWS\tasks\AppleSoftwareUpdate.job
[2011/02/03 18:28:31 | 000,002,515 | ---- | M] () -- C:\Documents and Settings\Shaina\Desktop\Word.lnk
[2011/02/03 12:04:00 | 000,000,288 | ---- | M] () -- C:\WINDOWS\tasks\RealUpgradeScheduledTaskS-1-5-21-1757981266-220523388-839522115-1004.job
[2011/02/03 08:10:00 | 000,022,016 | ---- | M] () -- C:\Documents and Settings\Shaina\Desktop\Residency Spreadsheet.xls
[2011/01/30 21:32:44 | 000,455,327 | ---- | M] () -- C:\Documents and Settings\Shaina\Desktop\2010TaxReturn.pdf
[2011/01/30 20:00:41 | 000,002,473 | ---- | M] () -- C:\Documents and Settings\Shaina\Desktop\Excel.lnk
[2011/01/29 23:27:13 | 000,002,626 | ---- | M] () -- C:\WINDOWS\System32\CONFIG.NT
[2011/01/28 13:36:31 | 000,000,753 | ---- | M] () -- C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Secunia PSI Tray.lnk
[2011/01/18 12:45:27 | 000,022,528 | ---- | M] () -- C:\Documents and Settings\Shaina\Desktop\Book1.xls
[2011/01/16 23:56:43 | 000,668,068 | ---- | M] () -- C:\Documents and Settings\Shaina\Desktop\IMG_0671.JPG
[2011/01/13 03:47:35 | 000,038,848 | ---- | M] (AVAST Software) -- C:\WINDOWS\avastSS.scr
[2011/01/13 03:47:32 | 000,188,216 | ---- | M] (AVAST Software) -- C:\WINDOWS\System32\aswBoot.exe
[2011/01/13 03:41:16 | 000,294,608 | ---- | M] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswSP.sys
[2011/01/13 03:40:16 | 000,047,440 | ---- | M] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswTdi.sys
[2011/01/13 03:40:04 | 000,100,176 | ---- | M] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswmon2.sys
[2011/01/13 03:39:50 | 000,094,544 | ---- | M] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswmon.sys
[2011/01/13 03:37:30 | 000,023,632 | ---- | M] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswRdr.sys
[2011/01/13 03:37:11 | 000,029,392 | ---- | M] (AVAST Software) -- C:\WINDOWS\System32\drivers\aavmker4.sys
[2011/01/13 03:37:09 | 000,017,744 | ---- | M] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswFsBlk.sys
[2010/12/26 16:30:48 | 1407,071,087 | ---- | M] () -- C:\Documents and Settings\Shaina\Desktop\Go Diego Go Rainforest Fiesta 2009 DVDRip [A Release-Lounge H264].mp4
[2010/12/26 13:35:13 | 731,826,176 | ---- | M] () -- C:\Documents and Settings\Shaina\Desktop\Barney.A.Counting.We.Will.Go.2010.DVDRip.XviD-DOCUMENT.avi
[2010/12/20 18:09:00 | 000,038,224 | ---- | M] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbamswissarmy.sys
[2010/12/20 18:08:40 | 000,020,952 | ---- | M] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbam.sys
[2010/12/19 19:48:07 | 000,017,887 | ---- | M] () -- C:\Documents and Settings\Shaina\My Documents\Gmail - (no subject).pdf
[2010/12/14 04:46:24 | 943,195,068 | ---- | M] () -- C:\Documents and Settings\Shaina\Desktop\dance.mp4
[2010/12/14 03:51:24 | 941,702,964 | ---- | M] () -- C:\Documents and Settings\Shaina\Desktop\dora.mp4
[2010/12/14 02:40:43 | 941,778,073 | ---- | M] () -- C:\Documents and Settings\Shaina\Desktop\big sister.mp4
[2010/12/14 02:12:26 | 942,198,213 | ---- | M] () -- C:\Documents and Settings\Shaina\Desktop\doras world adventure.mp4
[2010/12/13 11:58:07 | 001,435,996 | ---- | M] () -- C:\Documents and Settings\Shaina\Desktop\Medical Enrollment.pdf
[2010/12/12 20:22:55 | 000,289,168 | ---- | M] () -- C:\Documents and Settings\Shaina\Desktop\Daycare Letter.pdf
[2010/12/07 11:04:53 | 000,028,672 | ---- | M] () -- C:\Documents and Settings\Shaina\Desktop\budget for financial aid.doc
[2010/12/07 11:00:59 | 001,986,946 | ---- | M] () -- C:\Documents and Settings\Shaina\Desktop\Lease.pdf
[2010/12/07 11:00:03 | 000,696,089 | ---- | M] () -- C:\Documents and Settings\Shaina\Desktop\IMG_0005.pdf
[2010/12/07 10:59:02 | 001,335,675 | ---- | M] () -- C:\Documents and Settings\Shaina\Desktop\IMG_0004.pdf
[2010/12/07 10:46:11 | 001,206,001 | ---- | M] () -- C:\Documents and Settings\Shaina\Desktop\Chaim Aron Tuition Remission.pdf
[2010/12/07 10:45:02 | 000,618,135 | ---- | M] () -- C:\Documents and Settings\Shaina\Desktop\IMG_0002.pdf
[2010/12/07 10:34:08 | 000,034,321 | ---- | M] () -- C:\Documents and Settings\Shaina\Desktop\NYCOM Clerkship Schedule.pdf
[2010/12/07 10:29:14 | 000,042,670 | ---- | M] () -- C:\Documents and Settings\Shaina\Desktop\ConEd Payment History.pdf
[2010/12/07 10:28:08 | 000,042,191 | ---- | M] () -- C:\Documents and Settings\Shaina\Desktop\Geico Policy.pdf
[2010/12/07 10:24:35 | 000,195,864 | ---- | M] () -- C:\Documents and Settings\Shaina\Desktop\Oct. 25 Coned Bill.pdf
[2010/12/07 10:23:42 | 000,196,015 | ---- | M] () -- C:\Documents and Settings\Shaina\Desktop\Nov. 23 Coned Bill.pdf
[2010/11/11 18:10:12 | 000,435,590 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
[2010/11/11 18:10:12 | 000,068,360 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
[2010/11/11 00:14:21 | 733,730,816 | ---- | M] () -- C:\Documents and Settings\Shaina\Desktop\Dora the Explorer - Meet Diego DVDRip Occor.avi
[2010/11/10 23:47:36 | 948,805,900 | ---- | M] () -- C:\Documents and Settings\Shaina\Desktop\Dora the Explorer - Puppy Power.avi
[2010/11/10 22:54:09 | 734,816,256 | ---- | M] () -- C:\Documents and Settings\Shaina\Desktop\Dora.The.Explorer.Best.Friends.2009.DvDRiP.XviD-ExtraScene RG.avi
[2010/11/08 01:20:24 | 000,089,088 | ---- | M] () -- C:\WINDOWS\MBR.exe
[2010/11/01 06:44:53 | 000,021,868 | ---- | M] () -- C:\Documents and Settings\Shaina\My Documents\MyERAS 2011 - Documents.pdf
[2010/10/18 08:14:27 | 000,003,656 | -HS- | M] () -- C:\Documents and Settings\Shaina\Start Menu\Programs\Startup\OneNote Table Of Contents.onetoc2
[2010/10/18 08:14:21 | 000,000,947 | ---- | M] () -- C:\Documents and Settings\Shaina\Start Menu\Programs\Startup\OneNote 2007 Screen Clipper and Launcher.lnk
[2010/09/01 03:30:58 | 000,015,544 | ---- | M] (Secunia) -- C:\WINDOWS\System32\drivers\psi_mf.sys
[2010/08/24 16:25:36 | 000,398,744 | R--- | M] (Coupons, Inc.) -- C:\WINDOWS\System32\cpnprt2.cid
[2010/08/10 23:27:38 | 000,000,282 | RHS- | M] () -- C:\boot.ini
[2010/08/07 21:55:12 | 000,000,359 | -H-- | M] () -- C:\IPH.PH
[2010/08/05 22:55:03 | 000,000,076 | ---- | M] () -- C:\WINDOWS\QUICKEN.INI
[2010/08/05 20:07:12 | 000,000,212 | ---- | M] () -- C:\Boot.bak
[2010/07/19 17:35:40 | 000,000,664 | ---- | M] () -- C:\WINDOWS\System32\d3d9caps.dat
[2010/07/12 06:10:05 | 004,657,152 | ---- | M] () -- C:\Documents and Settings\Shaina\s-1-5-21-1757981266-220523388-839522115-1004.rrr
[2010/07/11 11:30:30 | 000,001,620 | ---- | M] () -- C:\Documents and Settings\Shaina\Application Data\Microsoft\Internet Explorer\Quick Launch\Mozilla Firefox.lnk
[2010/06/20 18:33:35 | 000,000,045 | ---- | M] () -- C:\Documents and Settings\Shaina\jagex_runescape_preferences.dat
[2010/04/26 17:04:42 | 000,353,592 | ---- | M] (DivX, Inc.) -- C:\WINDOWS\System32\DivXControlPanelApplet.cpl
[2010/04/26 15:58:12 | 000,256,512 | ---- | M] () -- C:\WINDOWS\PEV.exe
[2010/04/08 18:03:40 | 000,278,528 | ---- | M] (Real Networks, Inc) -- C:\WINDOWS\System32\pncrt.dll
[2010/03/29 14:04:57 | 000,000,056 | -H-- | M] () -- C:\WINDOWS\System32\ezsidmv.dat
[2010/03/16 18:01:21 | 003,331,653 | ---- | M] () -- C:\Documents and Settings\Shaina\Desktop\Chaim Aron COMLEX Level I.pdf
[2010/03/16 18:00:44 | 000,015,757 | ---- | M] () -- C:\Documents and Settings\Shaina\My Documents\Chaim Aron CV.docx
[2010/03/10 14:29:32 | 000,094,208 | ---- | M] (DivX, Inc.) -- C:\WINDOWS\System32\dpl100.dll
[2010/03/09 20:28:04 | 000,113,935 | ---- | M] () -- C:\Documents and Settings\Shaina\Desktop\OUTSIDE_ROTATION_REQUEST_FORM.pdf
[2010/02/19 14:27:36 | 000,720,384 | ---- | M] (DivX, Inc.) -- C:\WINDOWS\System32\DivX.dll
[2010/02/19 14:27:16 | 000,856,064 | ---- | M] (DivX, Inc.) -- C:\WINDOWS\System32\divx_xx0c.dll
[2010/02/19 14:27:16 | 000,856,064 | ---- | M] (DivX, Inc.) -- C:\WINDOWS\System32\divx_xx07.dll
[2010/02/19 14:27:16 | 000,847,872 | ---- | M] (DivX, Inc.) -- C:\WINDOWS\System32\divx_xx0a.dll
[2010/02/19 14:27:16 | 000,843,776 | ---- | M] (DivX, Inc.) -- C:\WINDOWS\System32\divx_xx16.dll
[2010/02/19 14:27:16 | 000,839,680 | ---- | M] (DivX, Inc.) -- C:\WINDOWS\System32\divx_xx11.dll
[2010/02/05 13:27:45 | 001,291,776 | ---- | M] () -- C:\WINDOWS\System32\dllcache\quartz.dll
[2009/12/18 07:51:09 | 000,022,016 | ---- | M] () -- C:\Documents and Settings\Shaina\My Documents\Dear Dr.doc
[2009/11/19 17:16:27 | 000,068,824 | ---- | M] () -- C:\WINDOWS\CouponPrinter.ocx
[2009/10/13 19:12:41 | 000,001,500 | ---- | M] () -- C:\Documents and Settings\Shaina\.recently-used.xbel
[2009/10/07 03:25:08 | 000,266,828 | ---- | M] () -- C:\WINDOWS\System32\drivers\LVAFT.cfg
[2009/10/07 03:24:20 | 000,082,289 | ---- | M] () -- C:\WINDOWS\System32\lvcoinst.ini
[2009/10/07 03:24:04 | 000,034,068 | ---- | M] () -- C:\WINDOWS\System32\Repository.reg
[2009/10/07 00:46:36 | 000,025,752 | ---- | M] () -- C:\WINDOWS\System32\drivers\LVPr2Mon.sys
[2009/10/07 00:25:10 | 000,227,172 | ---- | M] () -- C:\WINDOWS\System32\drivers\LVFeL100.cfg
[2009/10/07 00:25:10 | 000,146,680 | ---- | M] () -- C:\WINDOWS\System32\drivers\LVFeL101.cfg
[2009/10/07 00:25:10 | 000,085,302 | ---- | M] () -- C:\WINDOWS\System32\drivers\LVFeL102.cfg
[2009/10/07 00:25:10 | 000,069,592 | ---- | M] () -- C:\WINDOWS\System32\drivers\LVFaL100.cfg
[2009/10/07 00:23:08 | 000,013,584 | ---- | M] () -- C:\WINDOWS\System32\drivers\iKeyLFT2.dll
[2009/09/29 20:11:22 | 000,030,382 | ---- | M] () -- C:\Documents and Settings\Shaina\My Documents\Obstetrics History and Physical.docx
[2009/09/17 22:43:57 | 000,027,648 | ---- | M] () -- C:\Documents and Settings\Shaina\My Documents\gyn clam paper sources.doc
[2009/09/17 22:43:32 | 000,027,287 | ---- | M] () -- C:\Documents and Settings\Shaina\My Documents\gyn clam paper.docx
[2009/08/23 21:58:14 | 000,012,317 | ---- | M] () -- C:\Documents and Settings\Shaina\My Documents\fever sources.docx
[2009/08/23 21:58:07 | 000,026,789 | ---- | M] () -- C:\Documents and Settings\Shaina\My Documents\Fever baby M.L..docx
[2009/08/18 23:25:13 | 000,105,770 | ---- | M] () -- C:\Documents and Settings\Shaina\My Documents\Patient Presentation appendicitis.pptx
[2009/08/17 22:27:16 | 000,042,663 | ---- | M] () -- C:\Documents and Settings\Shaina\My Documents\Evaluation and diagnosis of appendicitis in children.docx
[2009/08/16 22:08:36 | 000,012,316 | ---- | M] () -- C:\Documents and Settings\Shaina\My Documents\sources asthma.docx
[2009/08/16 22:05:09 | 000,025,988 | ---- | M] () -- C:\Documents and Settings\Shaina\My Documents\asthma 2 year old.docx
[2009/08/12 22:34:36 | 000,001,791 | ---- | M] () -- C:\Documents and Settings\Shaina\Application Data\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk
[2009/08/09 16:24:41 | 000,067,276 | -H-- | M] () -- C:\WINDOWS\System32\mlfcache.dat
[2009/08/04 21:03:39 | 000,000,000 | -H-- | M] () -- C:\WINDOWS\System32\drivers\UMDF\Msft_User_WpdMtpDr_01_00_00.Wdf
[2009/06/29 03:40:16 | 000,057,667 | ---- | M] () -- C:\WINDOWS\System32\ieuinit.inf
[2009/06/26 07:19:46 | 000,000,815 | ---- | M] () -- C:\Documents and Settings\Shaina\Application Data\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk
[2009/04/20 12:56:28 | 000,031,232 | ---- | M] (NirSoft) -- C:\WINDOWS\NIRCMD.exe
[2009/02/12 21:20:42 | 000,005,630 | ---- | M] () -- C:\WINDOWS\System32\IE8Eula.rtf
[2009/01/07 17:20:20 | 000,008,798 | ---- | M] () -- C:\WINDOWS\System32\icrav03.rat
[2009/01/07 17:20:20 | 000,001,988 | ---- | M] () -- C:\WINDOWS\System32\ticrf.rat
[2009/01/04 21:46:43 | 000,000,000 | -H-- | M] () -- C:\WINDOWS\System32\drivers\Msft_Kernel_motmodem_01005.Wdf
[2009/01/04 21:46:42 | 000,000,000 | -H-- | M] () -- C:\WINDOWS\System32\drivers\MsftWdf_Kernel_01005_Coinstaller_Critical.Wdf
[2008/11/21 16:47:52 | 003,596,288 | ---- | M] () -- C:\WINDOWS\System32\qt-dx331.dll
[2008/08/31 06:21:55 | 000,000,079 | ---- | M] () -- C:\Documents and Settings\Shaina\Application Data\Microsoft\Internet Explorer\Quick Launch\Show Desktop.scf
[2008/08/30 20:17:51 | 000,250,048 | RHS- | M] () -- C:\ntldr
[2008/07/08 12:09:58 | 000,014,592 | ---- | M] () -- C:\WINDOWS\System32\CNC1735D.TBL
[2008/05/09 06:54:12 | 000,001,931 | ---- | M] () -- C:\WINDOWS\mozver.dat
[2008/04/13 19:25:26 | 000,001,804 | ---- | M] () -- C:\WINDOWS\System32\dcache.bin
[2008/04/13 19:12:42 | 000,148,992 | ---- | M] () -- C:\WINDOWS\System32\mpg2splt.ax
[2008/04/13 19:12:42 | 000,118,272 | ---- | M] () -- C:\WINDOWS\System32\mpeg2data.ax
[2008/04/13 19:11:52 | 000,498,742 | ---- | M] () -- C:\WINDOWS\System32\dllcache\dxmasf.dll
[2008/04/13 19:10:34 | 000,175,104 | ---- | M] () -- C:\WINDOWS\System32\dllcache\pintlcsa.dll
[2008/04/13 19:10:08 | 000,844,314 | ---- | M] () -- C:\WINDOWS\System32\msdxm.ocx
[2008/04/13 19:10:08 | 000,844,314 | ---- | M] () -- C:\WINDOWS\System32\dllcache\msdxm.ocx
[2008/04/13 19:10:08 | 000,004,126 | ---- | M] () -- C:\WINDOWS\System32\dllcache\msdxmlc.dll
[2008/04/13 19:09:39 | 013,463,552 | ---- | M] () -- C:\WINDOWS\System32\dllcache\hwxjpn.dll
[2008/04/13 19:09:05 | 000,173,568 | ---- | M] () -- C:\WINDOWS\System32\dllcache\chtskf.dll
[2008/04/13 12:26:09 | 000,004,310 | ---- | M] () -- C:\WINDOWS\System32\odbcconf.rsp
[2008/04/11 17:44:45 | 000,000,422 | ---- | M] () -- C:\Documents and Settings\Shaina\My Documents\dvdauthor.xml
[2008/04/02 14:54:20 | 001,101,824 | ---- | M] (Woodbury Associates Limited) -- C:\WINDOWS\System32\UniBox210.ocx
[2008/04/02 14:53:50 | 000,212,992 | ---- | M] (Woodbury Associates Limited) -- C:\WINDOWS\System32\UniBoxVB12.ocx
[2008/04/02 14:53:36 | 000,880,640 | ---- | M] (Woodbury Associates Limited) -- C:\WINDOWS\System32\UniBox10.ocx
[2008/03/24 23:50:40 | 000,355,112 | ---- | M] () -- C:\WINDOWS\System32\dllcache\msjetol1.dll
[2008/03/20 14:54:58 | 000,015,124 | ---- | M] () -- C:\Documents and Settings\Shaina\My Documents\Poem for purim.docx
[2008/02/20 14:37:02 | 000,022,168 | ---- | M] (Softland) -- C:\WINDOWS\System32\dopdfmn6.dll
[2008/02/20 14:37:02 | 000,018,072 | ---- | M] (Softland) -- C:\WINDOWS\System32\dopdfmi6.dll
[2008/02/12 22:02:28 | 000,000,567 | ---- | M] () -- C:\Documents and Settings\Shaina\Application Data\Microsoft\Internet Explorer\Quick Launch\Shortcut to Show Desktop.lnk
[2008/02/12 21:59:29 | 000,000,078 | ---- | M] () -- C:\WINDOWS\Show Desktop.scf
[2008/02/11 15:14:12 | 000,007,477 | ---- | M] () -- C:\WINDOWS\System32\dopdf6.ctm
[2008/01/20 17:05:44 | 002,625,445 | ---- | M] ( ) -- C:\Program Files\klcodec365b.exe
[2008/01/20 13:03:44 | 000,000,800 | ---- | M] () -- C:\Documents and Settings\Shaina\Application Data\Microsoft\Internet Explorer\Quick Launch\Windows Media Player.lnk
[2008/01/20 13:03:14 | 000,023,392 | ---- | M] () -- C:\WINDOWS\System32\nscompat.tlb
[2008/01/20 13:03:14 | 000,016,832 | ---- | M] () -- C:\WINDOWS\System32\amcompat.tlb
[2008/01/20 13:02:49 | 000,316,640 | ---- | M] () -- C:\WINDOWS\WMSysPr9.prx
[2008/01/20 13:02:30 | 000,000,000 | -H-- | M] () -- C:\WINDOWS\System32\drivers\UMDF\MsftWdf_user_01_00_00.Wdf
[2008/01/20 12:05:35 | 000,000,000 | ---- | M] () -- C:\WINDOWS\nsreg.dat
[2008/01/20 11:53:41 | 000,000,057 | ---- | M] () -- C:\WINDOWS\WININIT.INI
[2008/01/20 11:46:08 | 000,940,794 | ---- | M] () -- C:\WINDOWS\System32\LoopyMusic.wav
[2008/01/20 11:46:08 | 000,146,650 | ---- | M] () -- C:\WINDOWS\System32\BuzzingBee.wav
[2008/01/20 11:39:45 | 000,008,192 | ---- | M] () -- C:\WINDOWS\REGLOCS.OLD
[2008/01/20 11:39:15 | 000,000,261 | ---- | M] () -- C:\WINDOWS\System32\$winnt$.inf
[2008/01/20 11:37:36 | 000,000,000 | RHS- | M] () -- C:\MSDOS.SYS
[2008/01/20 11:37:36 | 000,000,000 | RHS- | M] () -- C:\IO.SYS
[2008/01/20 11:37:36 | 000,000,000 | ---- | M] () -- C:\CONFIG.SYS
[2008/01/20 11:37:36 | 000,000,000 | ---- | M] () -- C:\AUTOEXEC.BAT
[2008/01/20 11:37:27 | 000,004,161 | ---- | M] () -- C:\WINDOWS\ODBCINST.INI
[2008/01/20 11:35:09 | 000,021,640 | ---- | M] () -- C:\WINDOWS\System32\emptyregdb.dat
[2007/09/17 03:48:10 | 000,001,261 | ---- | M] () -- C:\WINDOWS\System32\pid.inf
[2007/07/26 16:13:30 | 003,518,464 | ---- | M] (Amyuni Technologies
http://www.amyuni.com) -- C:\WINDOWS\System32\cdintf300.dll
[2007/07/26 16:13:30 | 001,843,200 | ---- | M] (Apache Software Foundation) -- C:\WINDOWS\System32\acXMLParser.dll
[2007/07/25 14:24:30 | 001,559,040 | ---- | M] () -- C:\WINDOWS\System32\xvidcore.dll
[2007/06/18 20:18:26 | 000,023,680 | ---- | M] (Motorola) -- C:\WINDOWS\System32\drivers\motmodem.sys
[2007/04/16 22:19:40 | 000,026,304 | ---- | M] () -- C:\WINDOWS\System32\igxpxs32.vp
[2007/04/16 21:51:16 | 000,204,800 | ---- | M] () -- C:\WINDOWS\System32\igfxCoIn_v4820.dll
[2007/04/16 19:46:22 | 000,002,096 | ---- | M] () -- C:\WINDOWS\System32\igxpxk32.vp
[2007/03/19 19:14:20 | 000,117,850 | ---- | M] () -- C:\WINDOWS\System32\Cnmnput.chm
[2007/01/02 18:34:03 | 000,602,624 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Shaina\Desktop\OTL.exe
[2007/01/02 14:30:09 | 000,002,335 | ---- | M] () -- C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Adobe Acrobat Speed Launcher.lnk
[2007/01/02 14:30:04 | 000,000,882 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
[2007/01/02 14:30:04 | 000,000,280 | ---- | M] () -- C:\WINDOWS\tasks\RealUpgradeLogonTaskS-1-5-21-1757981266-220523388-839522115-1004.job
[2007/01/02 14:29:59 | 000,000,027 | ---- | M] () -- C:\WINDOWS\System32\drivers\etc\hosts
[2007/01/02 14:29:40 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2007/01/02 14:29:36 | 000,000,000 | ---- | M] () -- C:\WINDOWS\System32\drivers\lvuvc.hs
[2007/01/02 14:29:30 | 000,000,000 | ---- | M] () -- C:\WINDOWS\System32\drivers\logiflt.iad
[2007/01/02 13:54:07 | 004,266,254 | R--- | M] () -- C:\Documents and Settings\Shaina\Desktop\ComboFix.exe
[2007/01/02 13:52:55 | 000,080,384 | ---- | M] () -- C:\Documents and Settings\Shaina\Desktop\MBRCheck.exe
[2007/01/01 23:08:47 | 000,296,448 | ---- | M] () -- C:\Documents and Settings\Shaina\Desktop\k1xycswv.exe
[2007/01/01 23:01:21 | 000,350,262 | ---- | M] () -- C:\Documents and Settings\Shaina\Desktop\untitled.bmp
[2007/01/01 22:56:47 | 000,446,464 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Shaina\Desktop\TFC(3).exe
[2007/01/01 21:04:27 | 000,001,734 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Adobe Reader X.lnk
[2007/01/01 00:01:02 | 000,002,206 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl

 

[merenwen]

========== Files Created - No Company Name ==========

[2011/02/09 11:34:06 | 000,064,251 | ---- | C] () -- C:\Documents and Settings\Shaina\Desktop\downsize.jpg
[2011/02/08 12:34:09 | 000,350,262 | ---- | C] () -- C:\Documents and Settings\Shaina\Desktop\untitled.bmp
[2011/01/30 21:32:44 | 000,455,327 | ---- | C] () -- C:\Documents and Settings\Shaina\Desktop\2010TaxReturn.pdf
[2011/01/30 20:21:10 | 000,022,016 | ---- | C] () -- C:\Documents and Settings\Shaina\Desktop\Residency Spreadsheet.xls
[2011/01/28 13:36:31 | 000,000,753 | ---- | C] () -- C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Secunia PSI Tray.lnk
[2011/01/28 13:36:31 | 000,000,716 | ---- | C] () -- C:\Documents and Settings\All Users\Start Menu\Programs\Secunia PSI.lnk
[2011/01/28 12:07:31 | 000,002,347 | ---- | C] () -- C:\Documents and Settings\All Users\Start Menu\Programs\Adobe Reader X.lnk
[2011/01/18 12:45:23 | 000,022,528 | ---- | C] () -- C:\Documents and Settings\Shaina\Desktop\Book1.xls
[2011/01/16 23:55:39 | 000,668,068 | ---- | C] () -- C:\Documents and Settings\Shaina\Desktop\IMG_0671.JPG
[2011/01/11 10:17:26 | 000,017,920 | ---- | C] () -- C:\Documents and Settings\Shaina\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2010/12/26 13:01:16 | 1407,071,087 | ---- | C] () -- C:\Documents and Settings\Shaina\Desktop\Go Diego Go Rainforest Fiesta 2009 DVDRip [A Release-Lounge H264].mp4
[2010/12/26 12:59:52 | 731,826,176 | ---- | C] () -- C:\Documents and Settings\Shaina\Desktop\Barney.A.Counting.We.Will.Go.2010.DVDRip.XviD-DOCUMENT.avi
[2010/12/19 19:48:07 | 000,017,887 | ---- | C] () -- C:\Documents and Settings\Shaina\My Documents\Gmail - (no subject).pdf
[2010/12/13 21:42:41 | 941,702,964 | ---- | C] () -- C:\Documents and Settings\Shaina\Desktop\dora.mp4
[2010/12/13 21:42:31 | 942,198,213 | ---- | C] () -- C:\Documents and Settings\Shaina\Desktop\doras world adventure.mp4
[2010/12/13 21:42:26 | 943,195,068 | ---- | C] () -- C:\Documents and Settings\Shaina\Desktop\dance.mp4
[2010/12/13 21:42:02 | 941,778,073 | ---- | C] () -- C:\Documents and Settings\Shaina\Desktop\big sister.mp4
[2010/12/13 11:57:16 | 001,435,996 | ---- | C] () -- C:\Documents and Settings\Shaina\Desktop\Medical Enrollment.pdf
[2010/12/12 20:22:55 | 000,289,168 | ---- | C] () -- C:\Documents and Settings\Shaina\Desktop\Daycare Letter.pdf
[2010/12/07 22:01:06 | 000,000,700 | ---- | C] () -- C:\Documents and Settings\Shaina\Start Menu\Programs\Shortcut to FrostWire.lnk
[2010/12/07 11:00:59 | 001,986,946 | ---- | C] () -- C:\Documents and Settings\Shaina\Desktop\Lease.pdf
[2010/12/07 11:00:03 | 000,696,089 | ---- | C] () -- C:\Documents and Settings\Shaina\Desktop\IMG_0005.pdf
[2010/12/07 10:59:02 | 001,335,675 | ---- | C] () -- C:\Documents and Settings\Shaina\Desktop\IMG_0004.pdf
[2010/12/07 10:46:11 | 001,206,001 | ---- | C] () -- C:\Documents and Settings\Shaina\Desktop\Chaim Aron Tuition Remission.pdf
[2010/12/07 10:45:02 | 000,618,135 | ---- | C] () -- C:\Documents and Settings\Shaina\Desktop\IMG_0002.pdf
[2010/12/07 10:34:08 | 000,034,321 | ---- | C] () -- C:\Documents and Settings\Shaina\Desktop\NYCOM Clerkship Schedule.pdf
[2010/12/07 10:29:14 | 000,042,670 | ---- | C] () -- C:\Documents and Settings\Shaina\Desktop\ConEd Payment History.pdf
[2010/12/07 10:28:08 | 000,042,191 | ---- | C] () -- C:\Documents and Settings\Shaina\Desktop\Geico Policy.pdf
[2010/12/07 10:24:35 | 000,195,864 | ---- | C] () -- C:\Documents and Settings\Shaina\Desktop\Oct. 25 Coned Bill.pdf
[2010/12/07 10:23:42 | 000,196,015 | ---- | C] () -- C:\Documents and Settings\Shaina\Desktop\Nov. 23 Coned Bill.pdf
[2010/12/06 22:12:26 | 000,028,672 | ---- | C] () -- C:\Documents and Settings\Shaina\Desktop\budget for financial aid.doc
[2010/11/10 20:42:25 | 733,730,816 | ---- | C] () -- C:\Documents and Settings\Shaina\Desktop\Dora the Explorer - Meet Diego DVDRip Occor.avi
[2010/11/10 20:42:21 | 948,805,900 | ---- | C] () -- C:\Documents and Settings\Shaina\Desktop\Dora the Explorer - Puppy Power.avi
[2010/11/10 20:42:17 | 734,816,256 | ---- | C] () -- C:\Documents and Settings\Shaina\Desktop\Dora.The.Explorer.Best.Friends.2009.DvDRiP.XviD-ExtraScene RG.avi
[2010/11/01 06:44:53 | 000,021,868 | ---- | C] () -- C:\Documents and Settings\Shaina\My Documents\MyERAS 2011 - Documents.pdf
[2010/10/18 08:14:27 | 000,005,096 | -HS- | C] () -- C:\Documents and Settings\Shaina\Start Menu\Programs\OneNote Table Of Contents.onetoc2
[2010/10/18 08:14:27 | 000,003,656 | -HS- | C] () -- C:\Documents and Settings\Shaina\Start Menu\Programs\Startup\OneNote Table Of Contents.onetoc2
[2010/10/18 08:14:21 | 000,000,947 | ---- | C] () -- C:\Documents and Settings\Shaina\Start Menu\Programs\Startup\OneNote 2007 Screen Clipper and Launcher.lnk
[2010/09/19 13:00:04 | 000,014,592 | ---- | C] () -- C:\WINDOWS\System32\CNC1735D.TBL
[2010/09/19 12:58:35 | 000,117,850 | ---- | C] () -- C:\WINDOWS\System32\Cnmnput.chm
[2010/08/13 02:01:59 | 000,001,355 | ---- | C] () -- C:\WINDOWS\imsins.BAK
[2010/08/10 23:27:38 | 000,000,212 | ---- | C] () -- C:\Boot.bak
[2010/08/10 23:27:35 | 000,260,272 | ---- | C] () -- C:\cmldr
[2010/08/07 21:53:45 | 000,000,359 | -H-- | C] () -- C:\IPH.PH
[2010/07/19 17:35:40 | 000,000,664 | ---- | C] () -- C:\WINDOWS\System32\d3d9caps.dat
[2010/07/12 06:10:03 | 004,657,152 | ---- | C] () -- C:\Documents and Settings\Shaina\s-1-5-21-1757981266-220523388-839522115-1004.rrr
[2010/06/20 18:33:15 | 000,000,045 | ---- | C] () -- C:\Documents and Settings\Shaina\jagex_runescape_preferences.dat
[2010/04/23 15:31:44 | 000,000,000 | ---- | C] () -- C:\WINDOWS\System32\drivers\lvuvc.hs
[2010/04/23 15:31:27 | 000,266,828 | ---- | C] () -- C:\WINDOWS\System32\drivers\LVAFT.cfg
[2010/04/23 15:31:04 | 000,082,289 | ---- | C] () -- C:\WINDOWS\System32\lvcoinst.ini
[2010/04/23 15:31:04 | 000,034,068 | ---- | C] () -- C:\WINDOWS\System32\Repository.reg
[2010/04/23 15:30:50 | 000,000,000 | ---- | C] () -- C:\WINDOWS\System32\drivers\logiflt.iad
[2010/04/08 18:04:46 | 000,000,280 | ---- | C] () -- C:\WINDOWS\tasks\RealUpgradeLogonTaskS-1-5-21-1757981266-220523388-839522115-1004.job
[2010/04/08 18:04:45 | 000,000,288 | ---- | C] () -- C:\WINDOWS\tasks\RealUpgradeScheduledTaskS-1-5-21-1757981266-220523388-839522115-1004.job
[2010/03/29 14:04:57 | 000,000,056 | -H-- | C] () -- C:\WINDOWS\System32\ezsidmv.dat
[2010/03/16 18:01:21 | 003,331,653 | ---- | C] () -- C:\Documents and Settings\Shaina\Desktop\Chaim Aron COMLEX Level I.pdf
[2010/03/16 18:00:43 | 000,015,757 | ---- | C] () -- C:\Documents and Settings\Shaina\My Documents\Chaim Aron CV.docx
[2010/03/09 20:28:04 | 000,113,935 | ---- | C] () -- C:\Documents and Settings\Shaina\Desktop\OUTSIDE_ROTATION_REQUEST_FORM.pdf
[2009/12/18 07:51:09 | 000,022,016 | ---- | C] () -- C:\Documents and Settings\Shaina\My Documents\Dear Dr.doc
[2009/11/09 23:21:03 | 000,068,824 | ---- | C] () -- C:\WINDOWS\CouponPrinter.ocx
[2009/10/13 19:12:41 | 000,001,500 | ---- | C] () -- C:\Documents and Settings\Shaina\.recently-used.xbel
[2009/10/07 00:46:36 | 000,025,752 | ---- | C] () -- C:\WINDOWS\System32\drivers\LVPr2Mon.sys
[2009/10/07 00:25:10 | 000,227,172 | ---- | C] () -- C:\WINDOWS\System32\drivers\LVFeL100.cfg
[2009/10/07 00:25:10 | 000,146,680 | ---- | C] () -- C:\WINDOWS\System32\drivers\LVFeL101.cfg
[2009/10/07 00:25:10 | 000,085,302 | ---- | C] () -- C:\WINDOWS\System32\drivers\LVFeL102.cfg
[2009/10/07 00:25:10 | 000,069,592 | ---- | C] () -- C:\WINDOWS\System32\drivers\LVFaL100.cfg
[2009/10/07 00:23:08 | 000,013,584 | ---- | C] () -- C:\WINDOWS\System32\drivers\iKeyLFT2.dll
[2009/09/27 11:40:20 | 000,030,382 | ---- | C] () -- C:\Documents and Settings\Shaina\My Documents\Obstetrics History and Physical.docx
[2009/09/17 21:49:51 | 000,027,648 | ---- | C] () -- C:\Documents and Settings\Shaina\My Documents\gyn clam paper sources.doc
[2009/09/15 18:19:43 | 000,027,287 | ---- | C] () -- C:\Documents and Settings\Shaina\My Documents\gyn clam paper.docx
[2009/08/23 21:58:14 | 000,012,317 | ---- | C] () -- C:\Documents and Settings\Shaina\My Documents\fever sources.docx
[2009/08/23 21:58:07 | 000,026,789 | ---- | C] () -- C:\Documents and Settings\Shaina\My Documents\Fever baby M.L..docx
[2009/08/17 22:27:16 | 000,042,663 | ---- | C] () -- C:\Documents and Settings\Shaina\My Documents\Evaluation and diagnosis of appendicitis in children.docx
[2009/08/17 17:57:16 | 000,105,770 | ---- | C] () -- C:\Documents and Settings\Shaina\My Documents\Patient Presentation appendicitis.pptx
[2009/08/16 22:08:36 | 000,012,316 | ---- | C] () -- C:\Documents and Settings\Shaina\My Documents\sources asthma.docx
[2009/08/16 22:00:26 | 000,025,988 | ---- | C] () -- C:\Documents and Settings\Shaina\My Documents\asthma 2 year old.docx
[2009/08/12 22:40:29 | 000,000,886 | ---- | C] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
[2009/08/12 22:40:29 | 000,000,882 | ---- | C] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
[2009/08/12 22:34:36 | 000,001,791 | ---- | C] () -- C:\Documents and Settings\Shaina\Application Data\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk
[2009/08/09 16:24:41 | 000,067,276 | -H-- | C] () -- C:\WINDOWS\System32\mlfcache.dat
[2009/08/04 21:03:39 | 000,000,000 | -H-- | C] () -- C:\WINDOWS\System32\drivers\UMDF\Msft_User_WpdMtpDr_01_00_00.Wdf
[2009/05/08 16:17:09 | 000,000,284 | ---- | C] () -- C:\WINDOWS\tasks\AppleSoftwareUpdate.job
[2009/05/08 16:17:06 | 000,002,265 | ---- | C] () -- C:\Documents and Settings\All Users\Start Menu\Programs\Apple Software Update.lnk
[2009/03/25 15:15:30 | 000,002,363 | ---- | C] () -- C:\Documents and Settings\All Users\Start Menu\Programs\Adobe Designer 7.0.lnk
[2009/03/25 15:15:30 | 000,002,353 | ---- | C] () -- C:\Documents and Settings\All Users\Start Menu\Programs\Adobe Acrobat 7.0 Professional.lnk
[2009/03/25 15:15:30 | 000,002,335 | ---- | C] () -- C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Adobe Acrobat Speed Launcher.lnk
[2009/03/25 15:15:30 | 000,001,810 | ---- | C] () -- C:\Documents and Settings\All Users\Start Menu\Programs\Acrobat Distiller 7.0.lnk
[2009/02/12 21:20:42 | 000,005,630 | ---- | C] () -- C:\WINDOWS\System32\IE8Eula.rtf
[2009/01/07 17:20:20 | 000,008,798 | ---- | C] () -- C:\WINDOWS\System32\icrav03.rat
[2009/01/07 17:20:20 | 000,001,988 | ---- | C] () -- C:\WINDOWS\System32\ticrf.rat
[2009/01/04 21:46:43 | 000,000,000 | -H-- | C] () -- C:\WINDOWS\System32\drivers\Msft_Kernel_motmodem_01005.Wdf
[2009/01/04 21:46:42 | 000,000,000 | -H-- | C] () -- C:\WINDOWS\System32\drivers\MsftWdf_Kernel_01005_Coinstaller_Critical.Wdf
[2008/08/31 06:21:55 | 000,000,079 | ---- | C] () -- C:\Documents and Settings\Shaina\Application Data\Microsoft\Internet Explorer\Quick Launch\Show Desktop.scf
[2008/08/31 06:21:51 | 000,000,815 | ---- | C] () -- C:\Documents and Settings\Shaina\Application Data\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk
[2008/08/22 15:29:40 | 000,067,866 | ---- | C] () -- C:\WINDOWS\System32\drivers\netwlan5.img
[2008/08/22 15:29:19 | 000,001,261 | ---- | C] () -- C:\WINDOWS\System32\pid.inf
[2008/08/22 15:29:09 | 000,129,045 | ---- | C] () -- C:\WINDOWS\System32\drivers\cxthsfs2.cty
[2008/08/22 15:29:05 | 000,064,352 | ---- | C] () -- C:\WINDOWS\System32\drivers\ativmc20.cod
[2008/07/23 11:50:52 | 003,596,288 | ---- | C] () -- C:\WINDOWS\System32\qt-dx331.dll
[2008/05/07 00:12:40 | 001,291,776 | ---- | C] () -- C:\WINDOWS\System32\dllcache\quartz.dll
[2008/04/11 17:44:45 | 000,000,422 | ---- | C] () -- C:\Documents and Settings\Shaina\My Documents\dvdauthor.xml
[2008/03/20 20:46:26 | 000,007,477 | ---- | C] () -- C:\WINDOWS\System32\dopdf6.ctm
[2008/03/20 10:35:19 | 000,015,124 | ---- | C] () -- C:\Documents and Settings\Shaina\My Documents\Poem for purim.docx
[2008/03/18 18:32:22 | 000,000,076 | ---- | C] () -- C:\WINDOWS\QUICKEN.INI
[2008/02/28 18:18:44 | 000,002,473 | ---- | C] () -- C:\Documents and Settings\Shaina\Desktop\Excel.lnk
[2008/02/28 18:18:31 | 000,002,515 | ---- | C] () -- C:\Documents and Settings\Shaina\Desktop\Word.lnk
[2008/02/18 17:29:54 | 000,001,620 | ---- | C] () -- C:\Documents and Settings\Shaina\Application Data\Microsoft\Internet Explorer\Quick Launch\Mozilla Firefox.lnk
[2008/02/12 22:02:28 | 000,000,567 | ---- | C] () -- C:\Documents and Settings\Shaina\Application Data\Microsoft\Internet Explorer\Quick Launch\Shortcut to Show Desktop.lnk
[2008/02/12 21:59:29 | 000,000,078 | ---- | C] () -- C:\WINDOWS\Show Desktop.scf
[2008/01/20 17:06:09 | 001,559,040 | ---- | C] () -- C:\WINDOWS\System32\xvidcore.dll
[2008/01/20 13:02:30 | 000,000,000 | -H-- | C] () -- C:\WINDOWS\System32\drivers\UMDF\MsftWdf_user_01_00_00.Wdf
[2008/01/20 12:56:36 | 000,000,800 | ---- | C] () -- C:\Documents and Settings\Shaina\Application Data\Microsoft\Internet Explorer\Quick Launch\Windows Media Player.lnk
[2008/01/20 12:24:34 | 000,001,931 | ---- | C] () -- C:\WINDOWS\mozver.dat
[2008/01/20 12:05:35 | 000,000,000 | ---- | C] () -- C:\WINDOWS\nsreg.dat
[2008/01/20 11:53:41 | 000,000,057 | ---- | C] () -- C:\WINDOWS\WININIT.INI
[2008/01/20 11:46:08 | 000,940,794 | ---- | C] () -- C:\WINDOWS\System32\LoopyMusic.wav
[2008/01/20 11:46:08 | 000,146,650 | ---- | C] () -- C:\WINDOWS\System32\BuzzingBee.wav
[2008/01/20 11:45:01 | 000,049,152 | ---- | C] () -- C:\WINDOWS\System32\ChCfg.exe
[2008/01/20 11:43:35 | 000,204,800 | ---- | C] () -- C:\WINDOWS\System32\igfxCoIn_v4820.dll
[2008/01/20 11:43:35 | 000,026,304 | ---- | C] () -- C:\WINDOWS\System32\igxpxs32.vp
[2008/01/20 11:43:35 | 000,002,096 | ---- | C] () -- C:\WINDOWS\System32\igxpxk32.vp
[2008/01/20 11:43:34 | 000,121,232 | ---- | C] () -- C:\WINDOWS\System32\IScrNBR.bmp
[2008/01/20 11:43:34 | 000,121,232 | ---- | C] () -- C:\WINDOWS\System32\IScrNB.bmp
[2008/01/20 11:43:04 | 000,001,904 | ---- | C] () -- C:\WINDOWS\System32\SetupBD.din
[2008/01/20 11:42:50 | 000,002,889 | ---- | C] () -- C:\WINDOWS\System32\e1e5132.din
[2008/01/20 11:40:31 | 000,000,738 | ---- | C] () -- C:\Documents and Settings\Shaina\Start Menu\Programs\Outlook Express.lnk
[2008/01/20 11:40:29 | 000,000,803 | ---- | C] () -- C:\Documents and Settings\Shaina\Start Menu\Programs\Internet Explorer.lnk
[2008/01/20 11:40:23 | 000,001,599 | ---- | C] () -- C:\Documents and Settings\Shaina\Start Menu\Programs\Remote Assistance.lnk
[2008/01/20 11:40:23 | 000,000,788 | ---- | C] () -- C:\Documents and Settings\Shaina\Start Menu\Programs\Windows Media Player.lnk
[2008/01/20 11:39:45 | 000,008,192 | ---- | C] () -- C:\WINDOWS\REGLOCS.OLD
[2008/01/20 11:39:12 | 000,002,048 | --S- | C] () -- C:\WINDOWS\bootstat.dat
[2008/01/20 11:38:51 | 000,175,104 | ---- | C] () -- C:\WINDOWS\System32\dllcache\pintlcsa.dll
[2008/01/20 11:38:42 | 001,158,818 | ---- | C] () -- C:\WINDOWS\System32\dllcache\korwbrkr.lex
[2008/01/20 11:38:38 | 000,196,665 | ---- | C] () -- C:\WINDOWS\System32\dllcache\imjpinst.exe
[2008/01/20 11:38:38 | 000,059,392 | ---- | C] () -- C:\WINDOWS\System32\dllcache\imscinst.exe
[2008/01/20 11:38:36 | 000,134,339 | ---- | C] () -- C:\WINDOWS\System32\dllcache\imekr.lex
[2008/01/20 11:38:27 | 013,463,552 | ---- | C] () -- C:\WINDOWS\System32\dllcache\hwxjpn.dll
[2008/01/20 11:38:22 | 000,108,827 | ---- | C] () -- C:\WINDOWS\System32\dllcache\hanja.lex
[2008/01/20 11:38:14 | 000,173,568 | ---- | C] () -- C:\WINDOWS\System32\dllcache\chtskf.dll
[2008/01/20 11:37:36 | 000,002,626 | ---- | C] () -- C:\WINDOWS\System32\CONFIG.NT
[2008/01/20 11:37:36 | 000,000,000 | RHS- | C] () -- C:\MSDOS.SYS
[2008/01/20 11:37:36 | 000,000,000 | RHS- | C] () -- C:\IO.SYS
[2008/01/20 11:37:36 | 000,000,000 | ---- | C] () -- C:\CONFIG.SYS
[2008/01/20 11:37:36 | 000,000,000 | ---- | C] () -- C:\AUTOEXEC.BAT
[2008/01/20 11:37:34 | 000,023,392 | ---- | C] () -- C:\WINDOWS\System32\nscompat.tlb
[2008/01/20 11:37:34 | 000,016,832 | ---- | C] () -- C:\WINDOWS\System32\amcompat.tlb
[2008/01/20 11:37:33 | 000,316,640 | ---- | C] () -- C:\WINDOWS\WMSysPr9.prx
[2008/01/20 11:36:45 | 000,000,786 | ---- | C] () -- C:\Documents and Settings\All Users\Start Menu\Programs\Windows Movie Maker.lnk
[2008/01/20 11:36:36 | 004,399,505 | ---- | C] () -- C:\WINDOWS\System32\dllcache\nls302en.lex
[2008/01/20 11:36:05 | 000,048,680 | -HS- | C] () -- C:\WINDOWS\winnt256.bmp
[2008/01/20 11:36:05 | 000,048,680 | -HS- | C] () -- C:\WINDOWS\winnt.bmp
[2008/01/20 11:35:58 | 000,000,984 | ---- | C] () -- C:\WINDOWS\System32\dllcache\srframe.mmf
[2008/01/20 11:35:09 | 000,021,640 | ---- | C] () -- C:\WINDOWS\System32\emptyregdb.dat
[2008/01/20 11:34:39 | 000,001,986 | ---- | C] () -- C:\Documents and Settings\All Users\Start Menu\Programs\MSN.lnk
[2008/01/20 11:34:39 | 000,000,609 | ---- | C] () -- C:\Documents and Settings\All Users\Start Menu\Programs\Windows Messenger.lnk
[2008/01/20 11:34:17 | 000,065,954 | ---- | C] () -- C:\WINDOWS\Prairie Wind.bmp
[2008/01/20 11:34:17 | 000,065,832 | ---- | C] () -- C:\WINDOWS\Santa Fe Stucco.bmp
[2008/01/20 11:34:17 | 000,026,680 | ---- | C] () -- C:\WINDOWS\River Sumida.bmp
[2008/01/20 11:34:17 | 000,026,582 | ---- | C] () -- C:\WINDOWS\Greenstone.bmp
[2008/01/20 11:34:17 | 000,017,362 | ---- | C] () -- C:\WINDOWS\Rhododendron.bmp
[2008/01/20 11:34:17 | 000,017,336 | ---- | C] () -- C:\WINDOWS\Gone Fishing.bmp
[2008/01/20 11:34:17 | 000,017,062 | ---- | C] () -- C:\WINDOWS\Coffee Bean.bmp
[2008/01/20 11:34:17 | 000,016,730 | ---- | C] () -- C:\WINDOWS\FeatherTexture.bmp
[2008/01/20 11:34:17 | 000,009,522 | ---- | C] () -- C:\WINDOWS\Zapotec.bmp
[2008/01/20 11:34:16 | 000,065,978 | ---- | C] () -- C:\WINDOWS\Soap Bubbles.bmp
[2008/01/20 11:34:16 | 000,001,272 | ---- | C] () -- C:\WINDOWS\Blue Lace 16.bmp
[2008/01/20 11:34:13 | 000,003,286 | ---- | C] () -- C:\WINDOWS\System32\tslabels.h
[2008/01/20 11:34:13 | 000,001,161 | ---- | C] () -- C:\WINDOWS\System32\usrlogon.cmd
[2008/01/20 11:34:12 | 000,000,768 | ---- | C] () -- C:\WINDOWS\System32\msdtcprf.h
[2008/01/20 11:34:06 | 000,063,488 | ---- | C] () -- C:\WINDOWS\System32\wmimgmt.msc
[2008/01/20 06:17:41 | 000,004,161 | ---- | C] () -- C:\WINDOWS\ODBCINST.INI
[2008/01/20 06:17:39 | 001,685,606 | ---- | C] () -- C:\WINDOWS\System32\dllcache\sam.spd
[2008/01/20 06:17:39 | 000,000,888 | ---- | C] () -- C:\WINDOWS\System32\dllcache\sam.sdf
[2008/01/20 06:17:38 | 000,605,050 | ---- | C] () -- C:\WINDOWS\System32\dllcache\r1033tts.lxa
[2008/01/20 06:17:37 | 000,643,717 | ---- | C] () -- C:\WINDOWS\System32\dllcache\ltts1033.lxa
[2008/01/20 06:17:20 | 000,001,688 | ---- | C] () -- C:\WINDOWS\System32\AUTOEXEC.NT
[2008/01/20 06:17:13 | 001,042,903 | ---- | C] () -- C:\WINDOWS\System32\dllcache\SP2.CAT
[2008/01/20 06:17:13 | 000,797,189 | ---- | C] () -- C:\WINDOWS\System32\dllcache\NT5IIS.CAT
[2008/01/20 06:17:13 | 000,399,645 | ---- | C] () -- C:\WINDOWS\System32\dllcache\MAPIMIG.CAT
[2008/01/20 06:17:13 | 000,037,484 | ---- | C] () -- C:\WINDOWS\System32\dllcache\MW770.CAT
[2008/01/20 06:17:13 | 000,013,472 | ---- | C] () -- C:\WINDOWS\System32\dllcache\HPCRDP.CAT
[2008/01/20 06:17:13 | 000,008,574 | ---- | C] () -- C:\WINDOWS\System32\dllcache\IASNT4.CAT
[2008/01/20 06:17:13 | 000,007,710 | ---- | C] () -- C:\WINDOWS\System32\dllcache\OEMBIOS.CAT
[2008/01/20 06:17:13 | 000,007,334 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wmerrenu.cat
[2008/01/20 06:16:34 | 000,316,360 | ---- | C] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2008/01/20 06:15:42 | 000,000,282 | RHS- | C] () -- C:\boot.ini
[2008/01/20 06:15:40 | 000,000,261 | ---- | C] () -- C:\WINDOWS\System32\$winnt$.inf
[2007/01/02 13:58:43 | 000,256,512 | ---- | C] () -- C:\WINDOWS\PEV.exe
[2007/01/02 13:58:43 | 000,098,816 | ---- | C] () -- C:\WINDOWS\sed.exe
[2007/01/02 13:58:43 | 000,089,088 | ---- | C] () -- C:\WINDOWS\MBR.exe
[2007/01/02 13:58:43 | 000,080,412 | ---- | C] () -- C:\WINDOWS\grep.exe
[2007/01/02 13:58:43 | 000,068,096 | ---- | C] () -- C:\WINDOWS\zip.exe
[2007/01/02 13:54:00 | 004,266,254 | R--- | C] () -- C:\Documents and Settings\Shaina\Desktop\ComboFix.exe
[2007/01/02 13:52:54 | 000,080,384 | ---- | C] () -- C:\Documents and Settings\Shaina\Desktop\MBRCheck.exe
[2007/01/01 23:08:47 | 000,296,448 | ---- | C] () -- C:\Documents and Settings\Shaina\Desktop\k1xycswv.exe
[2007/01/01 21:04:27 | 000,001,734 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Adobe Reader X.lnk
[2006/09/16 23:36:50 | 000,520,192 | ---- | C] () -- C:\WINDOWS\System32\CddbPlaylist2Roxio.dll
[2006/09/16 23:36:50 | 000,204,800 | ---- | C] () -- C:\WINDOWS\System32\CddbFileTaggerRoxio.dll
[2002/10/15 17:54:04 | 000,153,088 | ---- | C] () -- C:\WINDOWS\System32\unrar.dll

========== LOP Check ==========

[2011/01/28 14:13:24 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Alwil Software
[2008/03/18 22:08:42 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Broderbund
[2008/03/27 18:01:38 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Application Data\CanonBJ
[2010/12/07 10:40:47 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Application Data\CanonIJScan
[2011/01/02 20:55:33 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Application Data\Common Files
[2008/10/11 19:00:01 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\NCH Swift Sound
[2009/06/17 19:36:18 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Nitro PDF
[2006/12/31 19:32:55 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\TEMP
[2010/06/11 18:42:42 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\{429CAD59-35B1-4DBC-BB6D-1DB246563521}
[2009/05/08 16:19:28 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\{8CD7F5AF-ECFA-4793-BF40-D8F42DBFF906}
[2008/01/20 14:15:57 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Shaina\Application Data\.ABC
[2010/08/05 22:58:40 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Shaina\Application Data\Amazon
[2008/03/18 22:08:42 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Shaina\Application Data\Broderbund
[2010/12/07 10:40:47 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Shaina\Application Data\Canon
[2009/06/23 17:08:25 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Shaina\Application Data\FireShot
[2011/01/06 13:14:02 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Shaina\Application Data\FrostWire
[2009/12/06 19:13:46 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Shaina\Application Data\Gleim
[2008/01/20 12:17:25 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Shaina\Application Data\Grisoft
[2009/10/13 19:12:41 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Shaina\Application Data\gtk-2.0
[2010/03/17 08:15:18 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Shaina\Application Data\Lala Music Mover
[2010/04/23 15:32:11 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Shaina\Application Data\Leadertech
[2009/01/19 19:25:46 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Shaina\Application Data\NCH Swift Sound
[2009/06/17 19:38:36 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Shaina\Application Data\Nitro PDF
[2009/10/25 10:51:17 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Shaina\Application Data\Opera
[2008/08/03 10:40:47 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Shaina\Application Data\Panasonic
[2008/05/09 06:54:16 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Shaina\Application Data\Snapfish
[2010/07/16 17:57:08 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Shaina\Application Data\WinPatrol

========== Purity Check ==========



========== Custom Scans ==========


< %SYSTEMDRIVE%\*.* >
[2008/01/20 11:37:36 | 000,000,000 | ---- | M] () -- C:\AUTOEXEC.BAT
[2010/08/05 20:07:12 | 000,000,212 | ---- | M] () -- C:\Boot.bak
[2010/08/10 23:27:38 | 000,000,282 | RHS- | M] () -- C:\boot.ini
[2004/08/03 22:00:00 | 000,260,272 | ---- | M] () -- C:\cmldr
[2007/01/02 14:37:38 | 000,019,924 | ---- | M] () -- C:\ComboFix.txt
[2008/01/20 11:37:36 | 000,000,000 | ---- | M] () -- C:\CONFIG.SYS
[2008/01/20 11:37:36 | 000,000,000 | RHS- | M] () -- C:\IO.SYS
[2010/08/07 21:55:12 | 000,000,359 | -H-- | M] () -- C:\IPH.PH
[2011/01/27 23:10:50 | 000,032,083 | ---- | M] () -- C:\JavaRa.log
[2008/01/20 11:37:36 | 000,000,000 | RHS- | M] () -- C:\MSDOS.SYS
[2004/08/04 05:00:00 | 000,047,564 | RHS- | M] () -- C:\NTDETECT.COM
[2008/08/30 20:17:51 | 000,250,048 | RHS- | M] () -- C:\ntldr
[2007/01/02 14:29:38 | 3221,225,472 | -HS- | M] () -- C:\pagefile.sys

< %systemroot%\Fonts\*.com >
[2006/04/18 14:39:28 | 000,026,040 | ---- | M] () -- C:\WINDOWS\Fonts\GlobalMonospace.CompositeFont
[2006/06/29 13:53:56 | 000,026,489 | ---- | M] () -- C:\WINDOWS\Fonts\GlobalSansSerif.CompositeFont
[2006/04/18 14:39:28 | 000,029,779 | ---- | M] () -- C:\WINDOWS\Fonts\GlobalSerif.CompositeFont
[2006/06/29 13:58:52 | 000,030,808 | ---- | M] () -- C:\WINDOWS\Fonts\GlobalUserInterface.CompositeFont

< %systemroot%\Fonts\*.dll >

< %systemroot%\Fonts\*.ini >
[2008/01/20 11:37:20 | 000,000,067 | -HS- | M] () -- C:\WINDOWS\Fonts\desktop.ini

< %systemroot%\Fonts\*.ini2 >

< %systemroot%\Fonts\*.exe >

< %systemroot%\system32\spool\prtprocs\w32x86\*.* >
[2007/03/19 00:00:00 | 000,027,136 | ---- | M] (CANON INC.) -- C:\WINDOWS\system32\spool\prtprocs\w32x86\CNMPD8S.DLL
[2008/10/26 04:00:00 | 000,027,136 | ---- | M] (CANON INC.) -- C:\WINDOWS\system32\spool\prtprocs\w32x86\CNMPD9N.DLL
[2007/03/19 00:00:00 | 000,069,632 | ---- | M] (CANON INC.) -- C:\WINDOWS\system32\spool\prtprocs\w32x86\CNMPP8S.DLL
[2008/10/26 04:00:00 | 000,069,632 | ---- | M] (CANON INC.) -- C:\WINDOWS\system32\spool\prtprocs\w32x86\CNMPP9N.DLL
[2008/07/06 07:06:10 | 000,089,088 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\spool\prtprocs\w32x86\filterpipelineprintproc.dll
[2006/10/26 19:56:12 | 000,033,104 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\spool\prtprocs\w32x86\msonpppr.dll
[2008/07/06 05:50:03 | 000,597,504 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\spool\prtprocs\w32x86\printfilterpipelinesvc.exe

< %systemroot%\REPAIR\*.bak1 >

< %systemroot%\REPAIR\*.ini >

< %systemroot%\system32\*.jpg >

< %systemroot%\*.jpg >

< %systemroot%\*.png >

< %systemroot%\*.scr >
[2011/01/13 03:47:35 | 000,038,848 | ---- | M] (AVAST Software) -- C:\WINDOWS\avastSS.scr

< %systemroot%\*._sy >

< %APPDATA%\Adobe\Update\*.* >

< %ALLUSERSPROFILE%\Favorites\*.* >

< %APPDATA%\Microsoft\*.* >

< %PROGRAMFILES%\*.* >
[2008/01/20 17:05:44 | 002,625,445 | ---- | M] ( ) -- C:\Program Files\klcodec365b.exe

< %APPDATA%\Update\*.* >

< %systemroot%\*. /mp /s >

< %systemroot%\System32\config\*.sav >
[2008/01/20 06:15:42 | 000,094,208 | ---- | M] () -- C:\WINDOWS\system32\config\default.sav
[2008/01/20 06:15:42 | 000,634,880 | ---- | M] () -- C:\WINDOWS\system32\config\software.sav
[2008/01/20 06:15:42 | 000,892,928 | ---- | M] () -- C:\WINDOWS\system32\config\system.sav

< %PROGRAMFILES%\bak. /s >

< %systemroot%\system32\bak. /s >

< %ALLUSERSPROFILE%\Start Menu\*.lnk /x >
[2008/08/30 20:21:57 | 000,000,272 | -HS- | M] () -- C:\Documents and Settings\All Users\Start Menu\desktop.ini

< %systemroot%\system32\config\systemprofile\*.dat /x >

< %systemroot%\*.config >

< %systemroot%\system32\*.db >

< %APPDATA%\Microsoft\Internet Explorer\Quick Launch\*.lnk /x >
[2008/08/31 06:21:55 | 000,000,119 | -HS- | M] () -- C:\Documents and Settings\Shaina\Application Data\Microsoft\Internet Explorer\Quick Launch\desktop.ini
[2008/08/31 06:21:55 | 000,000,079 | ---- | M] () -- C:\Documents and Settings\Shaina\Application Data\Microsoft\Internet Explorer\Quick Launch\Show Desktop.scf

< %USERPROFILE%\Desktop\*.exe >
[2007/01/02 13:54:07 | 004,266,254 | R--- | M] () -- C:\Documents and Settings\Shaina\Desktop\ComboFix.exe
[2007/01/01 23:08:47 | 000,296,448 | ---- | M] () -- C:\Documents and Settings\Shaina\Desktop\k1xycswv.exe
[2007/01/02 13:52:55 | 000,080,384 | ---- | M] () -- C:\Documents and Settings\Shaina\Desktop\MBRCheck.exe
[2007/01/02 18:34:03 | 000,602,624 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Shaina\Desktop\OTL.exe
[2007/01/01 22:56:47 | 000,446,464 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Shaina\Desktop\TFC(3).exe

< %PROGRAMFILES%\Common Files\*.* >

< %systemroot%\*.src >

< %systemroot%\install\*.* >

< %systemroot%\system32\DLL\*.* >

< %systemroot%\system32\HelpFiles\*.* >

< %systemroot%\system32\rundll\*.* >

< %systemroot%\winn32\*.* >

< %systemroot%\Java\*.* >

< %systemroot%\system32\test\*.* >

< %systemroot%\system32\Rundll32\*.* >

< %systemroot%\AppPatch\Custom\*.* >

< %APPDATA%\Roaming\Microsoft\Windows\Recent\*.lnk /x >

< %PROGRAMFILES%\PC-Doctor\Downloads\*.* >

< %PROGRAMFILES%\Internet Explorer\*.tmp >

< %PROGRAMFILES%\Internet Explorer\*.dat >

< %USERPROFILE%\My Documents\*.exe >

< %USERPROFILE%\*.exe >

< %systemroot%\ADDINS\*.* >

< %systemroot%\assembly\*.bak2 >

< %systemroot%\Config\*.* >

< %systemroot%\REPAIR\*.bak2 >

< %systemroot%\SECURITY\Database\*.sdb /x >

< %systemroot%\SYSTEM\*.bak2 >

< %systemroot%\Web\*.bak2 >

< %systemroot%\Driver Cache\*.* >

< %PROGRAMFILES%\Mozilla Firefox\0*.exe >

< %ProgramFiles%\Microsoft Common\*.* >

< %ProgramFiles%\TinyProxy. >

< %USERPROFILE%\Favorites\*.url /x >
[2008/08/31 06:21:55 | 000,000,122 | -HS- | M] () -- C:\Documents and Settings\Shaina\Favorites\Desktop.ini
[2010/03/03 00:11:50 | 000,000,248 | ---- | M] () -- C:\Documents and Settings\Shaina\Favorites\NCH Software Download.lnk

< %systemroot%\system32\*.bk >

< %systemroot%\*.te >

< %systemroot%\system32\system32\*.* >

< %ALLUSERSPROFILE%\*.dat /x >

< %systemroot%\system32\drivers\*.rmv >

< dir /b "%systemroot%\system32\*.exe" | find /i " " /c >

< dir /b "%systemroot%\*.exe" | find /i " " /c >

< %PROGRAMFILES%\Microsoft\*.* >

< %systemroot%\System32\Wbem\proquota.exe >

< %PROGRAMFILES%\Mozilla Firefox\*.dat >

< %USERPROFILE%\Cookies\*.txt /x >
[2007/01/02 17:40:09 | 000,032,768 | -HS- | M] () -- C:\Documents and Settings\Shaina\Cookies\index.dat

< %SystemRoot%\system32\fonts\*.* >

< %systemroot%\system32\winlog\*.* >

< %systemroot%\system32\Language\*.* >

< %systemroot%\system32\Settings\*.* >

< %systemroot%\system32\*.quo >

< %SYSTEMROOT%\AppPatch\*.exe >

< %SYSTEMROOT%\inf\*.exe >
[2007/06/26 22:10:26 | 000,317,440 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\inf\unregmp2.exe

< %SYSTEMROOT%\Installer\*.exe >

< %systemroot%\system32\config\*.bak2 >

< %systemroot%\system32\Computers\*.* >

< %SystemRoot%\system32\Sound\*.* >

< %SystemRoot%\system32\SpecialImg\*.* >

< %SystemRoot%\system32\code\*.* >

< %SystemRoot%\system32\draft\*.* >

< %SystemRoot%\system32\MSSSys\*.* >

< %ProgramFiles%\Javascript\*.* >

< %systemroot%\pchealth\helpctr\System\*.exe /s >

< %systemroot%\Web\*.exe >

< %systemroot%\system32\msn\*.* >

< %systemroot%\system32\*.tro >

< %AppData%\Microsoft\Installer\msupdates\*.* >

< %ProgramFiles%\Messenger\*.* >
[2008/04/13 19:11:51 | 000,033,792 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Messenger\custsat.dll
[2004/08/04 01:06:34 | 000,004,821 | ---- | M] () -- C:\Program Files\Messenger\logowin.gif
[2004/08/04 01:06:34 | 000,007,047 | ---- | M] () -- C:\Program Files\Messenger\lvback.gif
[2008/05/02 09:01:49 | 000,083,968 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Messenger\msgsc.dll
[2008/04/13 12:30:28 | 000,180,224 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Messenger\msgslang.dll
[2008/04/13 19:12:28 | 001,695,232 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Messenger\msmsgs.exe
[2007/04/02 13:07:23 | 000,002,882 | ---- | M] () -- C:\Program Files\Messenger\newalert.wav
[2007/04/02 13:07:23 | 000,006,156 | ---- | M] () -- C:\Program Files\Messenger\newemail.wav
[2007/04/02 13:07:24 | 000,006,160 | ---- | M] () -- C:\Program Files\Messenger\online.wav
[2004/08/04 01:06:36 | 000,004,454 | ---- | M] () -- C:\Program Files\Messenger\type.wav
[2004/08/04 01:06:36 | 000,115,981 | ---- | M] () -- C:\Program Files\Messenger\xpmsgr.chm

< %systemroot%\system32\systhem32\*.* >

< %systemroot%\system\*.exe >

< HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate\AU >

< HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\ Auto Update\Results\Install|LastSuccessTime /rs >


< End of report >

 

[Broni]

You're running low on C drive free space:

Drive C: | 149.00 Gb Total Space | 12.44 Gb Free Space | 8.35% Space Free

Run OTL

• Under the Custom Scans/Fixes box at the bottom, paste in the following
  
  

  :OTL
  IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
  IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = <local>
  IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyServer" = http=127.0.0.1:5643
  IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
  IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = <local>
  IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyServer" = http=127.0.0.1:5643
  O34 - HKLM BootExecute: (C:\PROGRA~1\AVG\AVG10\avgchsvx.exe /sync) - File not found
  O34 - HKLM BootExecute: (C:\PROGRA~1\AVG\AVG10\avgrsx.exe /sync /restart) - File not found
  [2011/01/02 20:54:17 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\drivers\AVG
  [2010/07/12 06:05:21 | 000,000,000 | ---D | C] -- C:\Program Files\Registry Mechanic
  [2010/03/29 14:04:57 | 000,000,056 | -H-- | C] () -- C:\WINDOWS\System32\ezsidmv.dat
  
  
  :Commands
  [purity]
  [emptytemp]
  [emptyflash]
  [Reboot]

• Then click the Run Fix button at the top
• Let the program run unhindered, reboot the PC when it is done
• You will get a log that shows the results of the fix. Please post it.

====================================================================

Last scans...

1. Download Security Check from HERE, and save it to your Desktop.

• Double-click SecurityCheck.exe
• Follow the onscreen instructions inside of the black box.
• A Notepad document should open automatically called checkup.txt; please post the contents of that document.
  
  NOTE SecurityCheck may produce some false warning(s), so leave the results reading to me.

2. Download Temp File Cleaner (TFC)

• Double click on TFC.exe to run the program.
• Click on Start button to begin cleaning process.
• TFC will close all running programs, and it may ask you to restart computer.

3. Please run a free online scan with the ESET Online Scanner

• Disable your antivirus program
• Tick the box next to YES, I accept the Terms of Use
• Click Start
• IMPORTANT! UN-check Remove found threats
• Accept any security warnings from your browser.
• Check Scan archives
• Click Start
• ESET will then download updates for itself, install itself, and begin scanning your computer. Please be patient as this can take some time.
• When the scan completes, push List of found threats
• Click on Export to text file , and save the file to your desktop using a unique name, such as ESETScan. Include the contents of this report in your next reply.
• NOTE. If Eset won't find any threats, it won't produce any log.

 

[merenwen]

Thanks, I will work on deleting stuff from my hard drive.

By the way, my computer is still having the same issues

Here are the logs (ESET was clear):

All processes killed
========== OTL ==========
HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings\\ProxyEnable|dword:0 /E : value set successfully!
HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings\\ProxyOverride| /E : value set successfully!
HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings\\ProxyServer| /E : value set successfully!
HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings\\ProxyEnable|dword:0 /E : value set successfully!
HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings\\ProxyOverride| /E : value set successfully!
HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings\\ProxyServer| /E : value set successfully!
Registry value HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Session manager\\BootExecute:C:\PROGRA~1\AVG\AVG10\avgchsvx.exe /sync deleted successfully.
Registry value HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Session manager\\BootExecute:C:\PROGRA~1\AVG\AVG10\avgrsx.exe /sync /restart deleted successfully.
Folder C:\WINDOWS\System32\drivers\AVG\ not found.
Folder C:\Program Files\Registry Mechanic\ not found.
C:\WINDOWS\system32\ezsidmv.dat moved successfully.
========== COMMANDS ==========

[EMPTYTEMP]

User: Administrator
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
->Flash cache emptied: 0 bytes

User: All Users

User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
->Flash cache emptied: 0 bytes

User: LocalService
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33170 bytes
->Flash cache emptied: 0 bytes

User: NetworkService
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33170 bytes
->Java cache emptied: 0 bytes
->Flash cache emptied: 0 bytes

User: Shaina
->Temp folder emptied: 593674 bytes
->Temporary Internet Files folder emptied: 34490 bytes
->Java cache emptied: 0 bytes
->FireFox cache emptied: 40968383 bytes
->Google Chrome cache emptied: 0 bytes
->Apple Safari cache emptied: 0 bytes
->Opera cache emptied: 0 bytes
->Flash cache emptied: 756 bytes

%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32\dllcache .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 125464 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temp folder emptied: 0 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temporary Internet Files folder emptied: 0 bytes
RecycleBin emptied: 0 bytes

Total Files Cleaned = 40.00 mb


[EMPTYFLASH]

User: Administrator
->Flash cache emptied: 0 bytes

User: All Users

User: Default User
->Flash cache emptied: 0 bytes

User: LocalService
->Flash cache emptied: 0 bytes

User: NetworkService
->Flash cache emptied: 0 bytes

User: Shaina
->Flash cache emptied: 0 bytes

Total Flash Files Cleaned = 0.00 mb


OTL by OldTimer - Version 3.2.20.6 log created on 01022007_215732

Files\Folders moved on Reboot...
File move failed. C:\WINDOWS\temp\_avast5_\Webshlock.txt scheduled to be moved on reboot.

Registry entries deleted on Reboot...

-------------------------------------------------------------------------

Results of screen317's Security Check version 0.99.7
Windows XP Service Pack 3
Internet Explorer 8
``````````````````````````````
Antivirus/Firewall Check:
Windows Firewall Enabled!
avast! Free Antivirus
ESET Online Scanner v3
```````````````````````````````
Anti-malware/Other Utilities Check:
Malwarebytes' Anti-Malware
CCleaner (remove only)
Java(TM) 6 Update 23
Out of date Java installed!
Adobe Flash Player 10.1.82.76
Adobe Reader X (10.0.1)
Mozilla Firefox (3.6.13)
````````````````````````````````
Process Check:
objlist.exe by Laurent
Alwil Software Avast5 AvastSvc.exe
Alwil Software Avast5 avastUI.exe
``````````End of Log````````````

 

[Broni]

Your computer is clean

1. We need to reset system restore to prevent your computer from being accidentally reinfected by using some old restore point(s). We'll create fresh, clean restore point, using following OTL script:

Run OTL

• Under the Custom Scans/Fixes box at the bottom, paste in the following:

:OTL
:Commands
[purity]
[emptytemp]
[EMPTYFLASH]
[CLEARALLRESTOREPOINTS]
[Reboot]

• Then click the Run Fix button at the top
• Let the program run unhindered, reboot the PC when it is done
• Post resulting log.

2. Now, we'll remove all tools, we used during our cleaning process

Clean up with OTL:

• Double-click OTL.exe to start the program.
• Close all other programs apart from OTL as this step will require a reboot
• On the OTL main screen, press the CLEANUP button
• Say Yes to the prompt and then allow the program to reboot your computer.

If you still have any tools or logs leftover on your computer you can go ahead and delete those off of your computer now.

3. Make sure, Windows Updates are current.

4. If any Trojan was listed among your infection(s), make sure, you change all of your on-line important passwords (bank account(s), secured web sites, etc.) immediately!

5. Download, and install WOT (Web OF Trust): http://www.mywot.com/. It'll warn you (in most cases) about dangerous web sites.

6. Run Malwarebytes "Quick scan" once in a while to assure safety of your computer.

7. Run Temporary File Cleaner (TFC) weekly.

8. Download and install Secunia Personal Software Inspector (PSI): https://www.techspot.com/downloads/4898-secunia-personal-software-inspector-psi.html. The Secunia PSI is a FREE security tool designed to detect vulnerable and out-dated programs and plug-ins which expose your PC to attacks. Run it weekly.

9. (optional) If you want to keep all your programs up to date, download and install FileHippo Update Checker.
The Update Checker will scan your computer for installed software, check the versions and then send this information to FileHippo.com to see if there are any newer releases.

10. Run defrag at your convenience.

11. Read How did I get infected?, With steps so it does not happen again!: http://www.bleepingcomputer.com/forums/topic2520.html

12. If you still have some issues.....
In this forum, we make sure, your computer is free of malware and your computer is clean
Because the access to malware forum is very limited, your best option is to create new topic about your current issue, at Windows section.
You'll get more attention.

Good luck

 

[merenwen]

Thanks so much! I guess I'll go over to the Windows forum and ask why I still have these issues.

Here's the OTL log:

All processes killed
========== OTL ==========
========== COMMANDS ==========

[EMPTYTEMP]

User: Administrator
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
->Flash cache emptied: 0 bytes

User: All Users

User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
->Flash cache emptied: 0 bytes

User: LocalService
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33170 bytes
->Flash cache emptied: 0 bytes

User: NetworkService
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33170 bytes
->Java cache emptied: 0 bytes
->Flash cache emptied: 0 bytes

User: Shaina
->Temp folder emptied: 593674 bytes
->Temporary Internet Files folder emptied: 34490 bytes
->Java cache emptied: 0 bytes
->FireFox cache emptied: 15584962 bytes
->Google Chrome cache emptied: 0 bytes
->Apple Safari cache emptied: 0 bytes
->Opera cache emptied: 0 bytes
->Flash cache emptied: 611 bytes

%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32\dllcache .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 109080 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temp folder emptied: 0 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temporary Internet Files folder emptied: 0 bytes
RecycleBin emptied: 0 bytes

Total Files Cleaned = 16.00 mb


[EMPTYFLASH]

User: Administrator
->Flash cache emptied: 0 bytes

User: All Users

User: Default User
->Flash cache emptied: 0 bytes

User: LocalService
->Flash cache emptied: 0 bytes

User: NetworkService
->Flash cache emptied: 0 bytes

User: Shaina
->Flash cache emptied: 0 bytes

Total Flash Files Cleaned = 0.00 mb

Restore points cleared and new OTL Restore Point set!

OTL by OldTimer - Version 3.2.20.6 log created on 01022007_223027

Files\Folders moved on Reboot...
File move failed. C:\WINDOWS\temp\_avast5_\Webshlock.txt scheduled to be moved on reboot.

Registry entries deleted on Reboot...

 

[Broni]

Sure thing

 

[Broni]

The issue has been resolved.