Hi jack this new user

Hi there, I'm new to HijackThis, I have scanned my comp using it, however i;m not sure which files to be fixed. Everytime i press cntrl+alt+delete i get an error msg popping up with the msg "taskmanager has been disable dby your administrator" and then my comp shuts down. I was wondering if you could please help me in any way to fix this as i have googled endless answers and so far everyone has mentioned to use hijackthis. I was wary about using anything else and would greatly appreciate any assistance

thank you and kind regards

pippen

Below is my log as scanned:

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 9:48:25 AM, on 11/19/2008
Platform: Windows XP (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 (6.00.2600.0000)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Nero\Nero 7\InCD\InCDsrv.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\fxssvc.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe
C:\WINDOWS\System32\Msmsgs.exe
C:\Program Files\Nero\Nero 7\InCD\NBHGui.exe
C:\Program Files\Nero\Nero 7\InCD\InCD.exe
C:\Program Files\QuickTime\qttask.exe
C:\Program Files\iriver\iriver plus\iAgent.exe
C:\Program Files\Sony\Sony Picture Utility\VolumeWatcher\SPUVolumeWatcher.exe
C:\Program Files\Java\jre1.6.0_03\bin\jucheck.exe
C:\PROGRA~1\MOZILL~1\FIREFOX.EXE
C:\Documents and Settings\Liz Balinger\Desktop\HiJackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http:///
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: LPVideoPlugin - {9F2C20C1-43DB-4ED2-8B6A-3DBAFDBAB4A8} - C:\WINDOWS\System32\LPVideo.dll
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\System32\msdxm.ocx
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe"
O4 - HKLM\..\Run: [SYS1] C:\WINDOWS\System32\system.exe
O4 - HKLM\..\Run: [SYS2] C:\WINDOWS\System32\bad1.exe
O4 - HKLM\..\Run: [SYS3] C:\WINDOWS\System32\bad2.exe
O4 - HKLM\..\Run: [SYS4] C:\WINDOWS\System32\bad3.exe
O4 - HKLM\..\Run: [Msmsgs] C:\WINDOWS\System32\Msmsgs.exe
O4 - HKLM\..\Run: [NeroFilterCheck] C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe
O4 - HKLM\..\Run: [SecurDisc] C:\Program Files\Nero\Nero 7\InCD\NBHGui.exe
O4 - HKLM\..\Run: [InCD] C:\Program Files\Nero\Nero 7\InCD\InCD.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [TuneClone] C:\Program Files\TuneClone\TuneClone.exe /silence
O4 - HKCU\..\Run: [Microsoft Works Update Detection] C:\Program Files\Microsoft Works\WkDetect.exe
O4 - HKCU\..\Run: [iPlusAgent] "C:\Program Files\iriver\iriver plus\iAgent.exe"
O4 - Startup: Picture Motion Browser Media Check Tool.lnk = C:\Program Files\Sony\Sony Picture Utility\VolumeWatcher\SPUVolumeWatcher.exe
O7 - HKCU\Software\Microsoft\Windows\CurrentVersion\Policies\System, DisableRegedit=1
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O20 - AppInit_DLLs: c:\windows\system32\pmkhhfg.dll
O20 - Winlogon Notify: kstwiz - C:\WINDOWS\SYSTEM32\kstwiz.dll
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: InCD Helper (InCDsrv) - Nero AG - C:\Program Files\Nero\Nero 7\InCD\InCDsrv.exe
O23 - Service: iPodService - Unknown owner - C:\Program Files\iPod\bin\iPodService.exe (file missing)
O23 - Service: NBService - Nero AG - C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe
O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe

--
End of file - 4078 bytes

please any help would be appreciated?

Hello pippen

Welcome to BleepingComputer
========================

• Download random's system information tool (RSIT) by random/random from here and save it to your desktop.
• Double click on RSIT.exe to run RSIT.
• Click Continue at the disclaimer screen.
• Once it has finished, two logs will open. Please post the contents of both log.txt (<<will be maximized) and info.txt (<<will be minimized)

Thanks Kahdah, below is the log and the info - thanks for ur time and effort


Logfile of random's system information tool 1.04 (written by random/random)
Run by Liz Balinger at 2008-11-20 05:36:44
Microsoft Windows XP Home Edition
System drive C: has 12 GB (33%) free of 38 GB
Total RAM: 255 MB (19% free)

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 5:36:50 AM, on 11/20/2008
Platform: Windows XP (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 (6.00.2600.0000)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\fxssvc.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe
C:\WINDOWS\System32\Msmsgs.exe
C:\Program Files\QuickTime\qttask.exe
C:\Program Files\iriver\iriver plus\iAgent.exe
C:\Program Files\Sony\Sony Picture Utility\VolumeWatcher\SPUVolumeWatcher.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\WINDOWS\System32\wuauclt.exe
C:\WINDOWS\System32\wuauclt.exe
C:\Documents and Settings\Liz Balinger\Desktop\RSIT.exe
C:\Documents and Settings\Liz Balinger\Desktop\Liz Balinger.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http:///
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: LPVideoPlugin - {9F2C20C1-43DB-4ED2-8B6A-3DBAFDBAB4A8} - C:\WINDOWS\System32\LPVideo.dll
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\System32\msdxm.ocx
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe"
O4 - HKLM\..\Run: [SYS1] C:\WINDOWS\System32\system.exe
O4 - HKLM\..\Run: [SYS2] C:\WINDOWS\System32\bad1.exe
O4 - HKLM\..\Run: [SYS3] C:\WINDOWS\System32\bad2.exe
O4 - HKLM\..\Run: [SYS4] C:\WINDOWS\System32\bad3.exe
O4 - HKLM\..\Run: [Msmsgs] C:\WINDOWS\System32\Msmsgs.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [TuneClone] C:\Program Files\TuneClone\TuneClone.exe /silence
O4 - HKCU\..\Run: [Microsoft Works Update Detection] C:\Program Files\Microsoft Works\WkDetect.exe
O4 - HKCU\..\Run: [iPlusAgent] "C:\Program Files\iriver\iriver plus\iAgent.exe"
O4 - Startup: Picture Motion Browser Media Check Tool.lnk = C:\Program Files\Sony\Sony Picture Utility\VolumeWatcher\SPUVolumeWatcher.exe
O7 - HKCU\Software\Microsoft\Windows\CurrentVersion\Policies\System, DisableRegedit=1
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://www.update.microsoft.com/microsoftu...b?1227126955842
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://www.update.microsoft.com/microsoftu...b?1227126921827
O20 - AppInit_DLLs: c:\windows\system32\pmkhhfg.dll
O20 - Winlogon Notify: kstwiz - C:\WINDOWS\SYSTEM32\kstwiz.dll
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: iPodService - Unknown owner - C:\Program Files\iPod\bin\iPodService.exe (file missing)
O23 - Service: NMIndexingService - Unknown owner - C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe (file missing)

--
End of file - 3979 bytes

======Scheduled tasks folder======

C:\WINDOWS\tasks\Norton AntiVirus - Scan my computer.job
C:\WINDOWS\tasks\Symantec NetDetect.job

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
SSVHelper Class - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll [2007-09-25 501136]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{7E853D72-626A-48EC-A868-BA8D5E23E045}]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Windows Live Sign-in Helper - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2006-08-31 322368]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9F2C20C1-43DB-4ED2-8B6A-3DBAFDBAB4A8}]
LPVideoPlugin - C:\WINDOWS\System32\LPVideo.dll [2008-10-29 151552]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{8E718888-423F-11D2-876E-00A0C9082467} - &Radio - C:\WINDOWS\System32\msdxm.ocx [2001-08-18 843804]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"TkBellExe"=C:\Program Files\Common Files\Real\Update_OB\realsched.exe [2006-01-25 180269]
"SunJavaUpdateSched"=C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe [2007-09-25 132496]
"SYS1"=C:\WINDOWS\System32\system.exe []
"SYS2"=C:\WINDOWS\System32\bad1.exe []
"SYS3"=C:\WINDOWS\System32\bad2.exe []
"SYS4"=C:\WINDOWS\System32\bad3.exe []
"Msmsgs"=C:\WINDOWS\System32\Msmsgs.exe [2007-07-18 215456]
"QuickTime Task"=C:\Program Files\QuickTime\qttask.exe [2008-10-21 155648]
"TuneClone"=C:\Program Files\TuneClone\TuneClone.exe /silence []

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"Microsoft Works Update Detection"=C:\Program Files\Microsoft Works\WkDetect.exe []
"iPlusAgent"=C:\Program Files\iriver\iriver plus\iAgent.exe [2005-06-07 225280]

C:\Documents and Settings\Liz Balinger\Start Menu\Programs\Startup
Picture Motion Browser Media Check Tool.lnk - C:\Program Files\Sony\Sony Picture Utility\VolumeWatcher\SPUVolumeWatcher.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLS"="c:\windows\system32\pmkhhfg.dll"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\kstwiz]
C:\WINDOWS\system32\kstwiz.dll [2007-08-09 94583]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"DisableTaskMgr"=1
"DisableRegistryTools"=1

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=91
"NoFind"=1
"NoFolderOptions"=1

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

======List of files/folders created in the last 3 months======

2008-11-20 05:36:44 ----D---- C:\rsit
2008-11-19 14:49:29 ----D---- C:\Program Files\DScaler5
2008-11-19 14:28:03 ----D---- C:\Program Files\ffdshow
2008-11-19 12:54:01 ----SHD---- C:\Config.Msi
2008-11-19 12:44:20 ----D---- C:\WINDOWS\System32\bits
2008-11-19 12:44:06 ----HDC---- C:\WINDOWS\$NtUninstallKB842773$
2008-11-19 12:43:40 ----N---- C:\WINDOWS\System32\xpob2res.dll
2008-11-19 12:43:40 ----N---- C:\WINDOWS\System32\bitsprx3.dll
2008-11-19 12:43:40 ----N---- C:\WINDOWS\System32\bitsprx2.dll
2008-11-19 12:43:40 ----A---- C:\WINDOWS\System32\winhttp.dll
2008-11-19 12:43:40 ----A---- C:\WINDOWS\System32\qmgrprxy.dll
2008-11-19 12:41:31 ----A---- C:\WINDOWS\System32\mucltui.dll.mui
2008-11-19 12:41:31 ----A---- C:\WINDOWS\System32\mucltui.dll
2008-11-19 12:39:48 ----A---- C:\WINDOWS\System32\wuapi.dll.mui
2008-11-19 12:37:18 ----A---- C:\WINDOWS\System32\wucltui.dll.mui
2008-11-19 12:37:18 ----A---- C:\WINDOWS\System32\wuaueng.dll.mui
2008-11-17 10:37:36 ----A---- C:\WINDOWS\System32\NCTWMAFile2.dll
2008-11-17 10:37:34 ----A---- C:\WINDOWS\System32\VB6STKIT.DLL
2008-11-17 10:37:34 ----A---- C:\WINDOWS\System32\Msvcr70.dll
2008-11-04 18:04:23 ----RA---- C:\WINDOWS\System32\P16Xres.dll
2008-11-04 18:04:23 ----RA---- C:\WINDOWS\System32\P16X.dll
2008-11-04 18:04:23 ----RA---- C:\WINDOWS\System32\A3d.dll
2008-11-04 16:44:45 ----A---- C:\WINDOWS\gui.INI
2008-11-04 16:43:40 ----D---- C:\My Music
2008-11-04 16:43:07 ----D---- C:\Program Files\AEDTools Pro
2008-11-04 16:24:39 ----D---- C:\Program Files\MSVideoPlugin
2008-11-01 13:21:26 ----D---- C:\Program Files\WMA To MP3 Encoder
2008-11-01 12:42:45 ----D---- C:\Program Files\LPVideoPlugin
2008-11-01 12:25:46 ----D---- C:\Program Files\Mediatwins software
2008-10-30 09:02:50 ----D---- C:\Documents and Settings\Liz Balinger\Application Data\zweitgeist
2008-10-29 06:17:48 ----A---- C:\WINDOWS\System32\LPVideo.dll
2008-10-25 14:54:57 ----D---- C:\My SyncDirectory
2008-10-25 14:45:30 ----D---- C:\Program Files\iPod
2008-10-25 14:45:19 ----D---- C:\Program Files\iTunes
2008-10-25 14:28:57 ----D---- C:\Program Files\Haali
2008-10-25 14:16:20 ----A---- C:\WINDOWS\System32\Redemption.dll
2008-10-25 13:49:39 ----D---- C:\Program Files\doubleTwist
2008-10-25 12:55:49 ----D---- C:\Converted
2008-10-25 10:01:33 ----D---- C:\Program Files\Common Files\Download Manager
2008-10-25 09:46:21 ----AD---- C:\Documents and Settings\All Users\Application Data\TEMP
2008-10-25 09:40:04 ----D---- C:\Documents and Settings\All Users\Application Data\NCH Software
2008-10-25 09:39:26 ----D---- C:\Program Files\NCH Software
2008-10-25 09:38:54 ----D---- C:\Documents and Settings\All Users\Application Data\NCH Swift Sound
2008-10-25 09:38:19 ----D---- C:\Program Files\NCH Swift Sound
2008-10-25 09:38:19 ----D---- C:\Documents and Settings\Liz Balinger\Application Data\NCH Swift Sound
2008-10-25 09:12:24 ----D---- C:\Documents and Settings\Liz Balinger\Application Data\AccurateRip
2008-10-25 09:12:21 ----A---- C:\WINDOWS\System32\SpoonUninstall.exe
2008-10-25 09:12:18 ----D---- C:\Program Files\Illustrate
2008-10-25 08:53:00 ----D---- C:\Documents and Settings\All Users\Application Data\Pianosoft
2008-10-22 07:15:20 ----D---- C:\Program Files\MediaMonkey
2008-10-21 19:18:04 ----D---- C:\Documents and Settings\Liz Balinger\Application Data\Apple Computer
2008-10-21 19:15:04 ----D---- C:\Program Files\QuickTime
2008-10-21 19:13:14 ----D---- C:\Documents and Settings\All Users\Application Data\Apple Computer
2008-09-28 20:43:10 ----D---- C:\Program Files\Alcohol Soft
2008-09-25 00:03:18 ----A---- C:\WINDOWS\System32\DivXCodecVersionChecker.exe
2008-09-15 18:55:02 ----D---- C:\Program Files\Audacity

======List of files/folders modified in the last 3 months======

2008-11-20 05:34:05 ----D---- C:\Program Files\Mozilla Firefox
2008-11-20 05:33:49 ----D---- C:\WINDOWS\Temp
2008-11-20 05:33:48 ----A---- C:\WINDOWS\ModemLog_Bluetooth DUN Modem.txt
2008-11-20 05:33:47 ----A---- C:\WINDOWS\ModemLog_Bluetooth Fax Modem.txt
2008-11-20 05:33:41 ----A---- C:\WINDOWS\ModemLog_Generic SoftK56 #2.txt
2008-11-20 05:33:29 ----D---- C:\WINDOWS\Debug
2008-11-19 21:55:13 ----A---- C:\WINDOWS\SchedLgU.Txt
2008-11-19 21:16:09 ----D---- C:\WINDOWS
2008-11-19 14:49:29 ----D---- C:\Program Files
2008-11-19 14:37:52 ----D---- C:\WINDOWS\system32
2008-11-19 14:18:46 ----D---- C:\WINDOWS\security
2008-11-19 14:13:48 ----RSHDC---- C:\WINDOWS\System32\dllcache
2008-11-19 14:13:43 ----D---- C:\Program Files\Windows Media Player
2008-11-19 14:13:42 ----D---- C:\WINDOWS\RegisteredPackages
2008-11-19 14:13:14 ----HD---- C:\WINDOWS\inf
2008-11-19 14:13:14 ----D---- C:\WINDOWS\Help
2008-11-19 14:12:43 ----D---- C:\WINDOWS\System32\drivers
2008-11-19 14:11:51 ----D---- C:\WINDOWS\Prefetch
2008-11-19 14:11:47 ----D---- C:\WINDOWS\System32\CatRoot2
2008-11-19 12:55:22 ----SHD---- C:\WINDOWS\Installer
2008-11-19 12:54:41 ----D---- C:\Program Files\Common Files
2008-11-19 12:38:42 ----D---- C:\WINDOWS\SoftwareDistribution
2008-11-19 12:36:10 ----SD---- C:\WINDOWS\Downloaded Program Files
2008-11-19 12:05:22 ----A---- C:\WINDOWS\WIN.INI
2008-11-19 09:21:39 ----D---- C:\WINDOWS\Minidump
2008-11-17 14:06:22 ----A---- C:\WINDOWS\NeroDigital.ini
2008-11-17 14:05:28 ----A---- C:\WINDOWS\QTW.INI
2008-11-04 18:08:56 ----D---- C:\WINDOWS\System32\FxsTmp
2008-11-04 17:47:07 ----D---- C:\Documents and Settings\All Users\Application Data\Ulead Systems
2008-11-04 17:47:02 ----HD---- C:\Program Files\InstallShield Installation Information
2008-11-04 17:47:02 ----D---- C:\Program Files\Ulead Systems
2008-11-01 14:17:58 ----A---- C:\WINDOWS\cdplayer.ini
2008-10-28 14:39:25 ----A---- C:\WINDOWS\System32\PerfStringBackup.INI
2008-10-25 14:25:52 ----D---- C:\WINDOWS\WinSxS
2008-10-25 14:21:39 ----RSD---- C:\WINDOWS\assembly
2008-10-25 14:21:39 ----D---- C:\WINDOWS\Microsoft.NET
2008-10-25 14:08:13 ----D---- C:\WINDOWS\Registration
2008-10-25 14:05:12 ----D---- C:\Program Files\Internet Explorer
2008-10-25 10:02:20 ----D---- C:\Program Files\Common Files\Microsoft Shared
2008-10-21 19:12:10 ----D---- C:\WINDOWS\Downloaded Installations
2008-10-19 09:29:56 ----D---- C:\Documents and Settings
2008-10-16 14:13:40 ----A---- C:\WINDOWS\System32\wuaueng.dll
2008-10-16 14:12:22 ----A---- C:\WINDOWS\System32\wucltui.dll
2008-10-16 14:12:20 ----A---- C:\WINDOWS\System32\wuapi.dll
2008-10-16 14:09:44 ----A---- C:\WINDOWS\System32\wups2.dll
2008-10-16 14:09:44 ----A---- C:\WINDOWS\System32\wuauclt.exe
2008-10-16 14:09:44 ----A---- C:\WINDOWS\System32\cdm.dll
2008-10-16 14:08:58 ----A---- C:\WINDOWS\System32\wups.dll
2008-09-26 16:09:50 ----D---- C:\Program Files\EA SPORTS
2008-09-26 16:04:47 ----D---- C:\Temp
2008-09-23 15:36:06 ----D---- C:\Documents and Settings\Liz Balinger\Application Data\Image Zone Express
2008-09-19 13:57:32 ----N---- C:\WINDOWS\System32\pxwave.dll
2008-09-19 13:57:32 ----N---- C:\WINDOWS\System32\pxmas.dll
2008-09-19 13:57:32 ----N---- C:\WINDOWS\System32\pxhpinst.exe
2008-09-19 13:57:32 ----N---- C:\WINDOWS\System32\pxdrv.dll
2008-09-19 13:57:30 ----N---- C:\WINDOWS\System32\vxblock.dll
2008-09-19 13:57:30 ----N---- C:\WINDOWS\System32\px.dll
2008-09-11 08:29:19 ----D---- C:\WINDOWS\System32\CatRoot
2008-08-23 17:22:32 ----D---- C:\Documents and Settings\Liz Balinger\Application Data\AdobeUM

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R1 AFS2K;AFS2k; C:\WINDOWS\System32\drivers\AFS2K.sys [2006-06-14 82380]
R1 Cdr4_xp;Cdr4_xp; C:\WINDOWS\System32\drivers\Cdr4_xp.sys [2006-08-28 2432]
R1 Cdralw2k;Cdralw2k; C:\WINDOWS\System32\drivers\Cdralw2k.sys [2006-08-28 2560]
R1 cdudf_xp;cdudf_xp; C:\WINDOWS\System32\drivers\cdudf_xp.sys [2002-04-10 236032]
R1 OMCI;OMCI; C:\WINDOWS\SYSTEM32\DRIVERS\OMCI.SYS [2001-08-22 13632]
R1 pwd_2k;pwd_2k; C:\WINDOWS\System32\drivers\pwd_2k.sys [2002-04-10 117898]
R1 UdfReadr_xp;UdfReadr_xp; C:\WINDOWS\System32\drivers\UdfReadr_xp.sys [2002-04-10 206336]
R2 Fallback;Fallback; C:\WINDOWS\System32\DRIVERS\HSF_FALL.sys [2001-08-17 289887]
R2 Fsks;Fsks; C:\WINDOWS\System32\DRIVERS\HSF_FSKS.sys [2001-08-17 115807]
R2 K56;K56; C:\WINDOWS\System32\DRIVERS\HSF_K56K.sys [2001-08-17 391199]
R2 PfModNT;PfModNT; \??\C:\WINDOWS\System32\PfModNT.sys []
R2 SoftFax;SoftFax; C:\WINDOWS\System32\DRIVERS\HSF_FAXX.sys [2001-08-17 199711]
R2 SYMTDI;SYMTDI; \??\C:\WINDOWS\System32\Drivers\SYMTDI.SYS []
R2 Tones;Tones; C:\WINDOWS\System32\DRIVERS\HSF_TONE.sys [2001-08-17 50751]
R2 V124;V124; C:\WINDOWS\System32\DRIVERS\HSF_V124.sys [2001-08-17 488383]
R3 alcan5ln;Alcatel SpeedTouch™ USB ADSL RFC1483 Networking Driver (NDIS); C:\WINDOWS\System32\DRIVERS\alcan5ln.sys [2002-06-06 36048]
R3 alcaudsl;Alcatel Speed Touch ADSL Modem ATM Transport; C:\WINDOWS\System32\DRIVERS\alcaudsl.sys [2002-06-06 743136]
R3 basic2;basic2; C:\WINDOWS\System32\DRIVERS\HSF_BSC2.sys [2001-08-17 67167]
R3 BlueletAudio;Bluetooth Audio Service; C:\WINDOWS\System32\DRIVERS\blueletaudio.sys [2007-03-05 34576]
R3 BlueletSCOAudio;Bluetooth SCO Audio Service; C:\WINDOWS\System32\DRIVERS\BlueletSCOAudio.sys [2007-03-05 27792]
R3 BT;Bluetooth PAN Network Adapter; C:\WINDOWS\System32\DRIVERS\btnetdrv.sys [2007-03-05 18320]
R3 hsf_msft;hsf_msft; C:\WINDOWS\System32\DRIVERS\HSF_MSFT.sys [2001-08-17 542879]
R3 mmc_2K;mmc_2K; C:\WINDOWS\System32\drivers\mmc_2K.sys [2002-04-10 29638]
R3 nv;nv; C:\WINDOWS\System32\DRIVERS\nv4_mini.sys [2002-04-18 909837]
R3 P16X;Creative SB Live! Series (WDM); C:\WINDOWS\system32\drivers\P16X.sys [2002-08-30 1293440]
R3 Rksample;Rksample; C:\WINDOWS\System32\DRIVERS\HSF_SAMP.sys [2001-08-17 57471]
R3 ROOTMODEM;Microsoft Legacy Modem Driver; C:\WINDOWS\System32\Drivers\RootMdm.sys [2001-08-18 5888]
R3 SymEvent;SymEvent; \??\C:\Program Files\Symantec\SYMEVENT.SYS []
R3 usbehci;Microsoft USB 2.0 Enhanced Host Controller Miniport Driver; C:\WINDOWS\System32\DRIVERS\usbehci.sys [2002-04-01 19072]
R3 usbhub;USB Root Hub (usbport); C:\WINDOWS\System32\DRIVERS\usbhub.sys [2001-08-17 50688]
R3 usbuhci;Microsoft USB Universal Host Controller Miniport Driver; C:\WINDOWS\System32\DRIVERS\usbuhci.sys [2001-08-17 18944]
R3 VComm;Virtual Serial port driver; C:\WINDOWS\System32\DRIVERS\VComm.sys [2007-03-05 34448]
R3 VcommMgr;Bluetooth VComm Manager Service; C:\WINDOWS\System32\Drivers\VcommMgr.sys [2007-03-05 44304]
R3 wsvad_driver;WS Audio Device; C:\WINDOWS\system32\drivers\VirtualAudio.sys [2008-10-17 16896]
S1 chgsprt;WDNDrive; \??\C:\WINDOWS\System32\chgsprt.sys []
S2 Ca533av;Cam 3200, WDM Video Capture; C:\WINDOWS\System32\Drivers\Ca533av.sys [2002-10-21 515803]
S3 Btcsrusb;Bluetooth USB For Bluetooth Service; C:\WINDOWS\System32\Drivers\btcusb.sys [2007-03-05 39184]
S3 CCDECODE;Closed Caption Decoder; C:\WINDOWS\System32\DRIVERS\CCDECODE.sys [2004-07-09 16384]
S3 DrmCAudio;DrmCAudio; C:\WINDOWS\system32\drivers\DrmCAudio.sys [2008-10-24 23096]
S3 DrmCVideo;DrmCVideo; C:\WINDOWS\System32\DRIVERS\DrmCVideo.sys [2008-10-24 3768]
S3 dvd_2K;dvd_2K; C:\WINDOWS\System32\drivers\dvd_2K.sys [2002-04-10 24554]
S3 GEARAspiWDM;GEARAspiWDM; C:\WINDOWS\System32\Drivers\GEARAspiWDM.sys []
S3 hidgame;Microsoft Hid to Joystick Port Enabler; C:\WINDOWS\System32\DRIVERS\hidgame.sys [2001-08-17 8576]
S3 HidUsb;Microsoft HID Class Driver; C:\WINDOWS\System32\DRIVERS\hidusb.sys [2001-08-17 9600]
S3 HPZid412;IEEE-1284.4 Driver HPZid412; C:\WINDOWS\System32\DRIVERS\HPZid412.sys [2005-03-07 51120]
S3 HPZipr12;Print Class Driver for IEEE-1284.4 HPZipr12; C:\WINDOWS\System32\DRIVERS\HPZipr12.sys [2005-03-07 16496]
S3 HPZius12;USB to IEEE-1284.4 Translation Driver HPZius12; C:\WINDOWS\System32\DRIVERS\HPZius12.sys [2005-03-07 21744]
S3 m_hook;Empty; C:\WINDOWS\System32\drivers\m_hook.sys []
S3 MSTEE;Microsoft Streaming Tee/Sink-to-Sink Converter; C:\WINDOWS\system32\drivers\MSTEE.sys [2002-12-12 5504]
S3 NABTSFEC;NABTS/FEC VBI Codec; C:\WINDOWS\System32\DRIVERS\NABTSFEC.sys [2004-07-09 83968]
S3 NAVAP;NAVAP; \??\C:\WINDOWS\System32\Drivers\NAVAP.SYS []
S3 NAVENG;NAVENG; \??\C:\PROGRA~1\COMMON~1\SYMANT~1\VIRUSD~1\20040509.017\NAVENG.Sys []
S3 NAVEX15;NAVEX15; \??\C:\PROGRA~1\COMMON~1\SYMANT~1\VIRUSD~1\20040509.017\NavEx15.Sys []
S3 NCHSSVAD;SoundTap Recorder; C:\WINDOWS\system32\drivers\nchssvad.sys [2008-10-25 27136]
S3 NdisIP;Microsoft TV/Video Connection; C:\WINDOWS\System32\DRIVERS\NdisIP.sys [2004-07-09 10112]
S3 PortlUSB;PortlUSB; C:\WINDOWS\System32\DRIVERS\H10USB.sys [2004-06-23 7552]
S3 SbcpHid;SbcpHid; \??\C:\WINDOWS\System32\Drivers\SbcpHid.sys []
S3 slabbus;USB Data Cable driver (WDM); C:\WINDOWS\System32\DRIVERS\slabbus.sys []
S3 slabser;USB Data Cable Drivers; C:\WINDOWS\System32\DRIVERS\slabser.sys []
S3 SLIP;BDA Slip De-Framer; C:\WINDOWS\System32\DRIVERS\SLIP.sys [2004-07-09 10880]
S3 SONYPVU1;Sony USB Filter Driver (SONYPVU1); C:\WINDOWS\System32\DRIVERS\SONYPVU1.SYS [2001-08-17 7552]
S3 streamip;BDA IPSink; C:\WINDOWS\System32\DRIVERS\StreamIP.sys [2004-07-09 14976]
S3 SYMREDRV;SYMREDRV; \??\C:\WINDOWS\System32\Drivers\SYMREDRV.SYS []
S3 usbccgp;Microsoft USB Generic Parent Driver; C:\WINDOWS\System32\DRIVERS\usbccgp.sys [2001-08-17 24960]
S3 usbprint;Microsoft USB PRINTER Class; C:\WINDOWS\System32\DRIVERS\usbprint.sys [2001-08-17 24832]
S3 usbscan;USB Scanner Driver; C:\WINDOWS\System32\DRIVERS\usbscan.sys [2001-08-17 13824]
S3 USBSTOR;USB Mass Storage Driver; C:\WINDOWS\System32\DRIVERS\USBSTOR.SYS [2001-08-17 21760]
S3 WSTCODEC;World Standard Teletext Codec; C:\WINDOWS\System32\DRIVERS\WSTCODEC.SYS [2004-07-09 18688]
S4 IntelIde;IntelIde; C:\WINDOWS\System32\drivers\IntelIde.sys []

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 Fax;Fax; C:\WINDOWS\system32\fxssvc.exe [2001-08-18 249344]
R2 UMWdf;Windows User Mode Driver Framework; C:\WINDOWS\System32\wdfmgr.exe [2005-01-28 38912]
S3 aspnet_state;ASP.NET State Service; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2005-09-23 29896]
S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2005-09-23 66240]
S3 IDriverT;InstallDriver Table Manager; C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [2005-04-03 69632]
S3 iPodService;iPodService; C:\Program Files\iPod\bin\iPodService.exe []
S3 NMIndexingService;NMIndexingService; C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe []
S3 usnjsvc;Messenger Sharing Folders USN Journal Reader service; C:\Program Files\MSN Messenger\usnsvc.exe [2007-01-19 97136]
S4 navapsvc;Norton AntiVirus Auto Protect Service; C:\Program Files\Norton AntiVirus\navapsvc.exe []
S4 NVSvc;NVIDIA Driver Helper Service; C:\WINDOWS\System32\nvsvc32.exe [2002-04-18 61440]
S4 Pml Driver HPZ12;Pml Driver HPZ12; C:\WINDOWS\System32\HPZipm12.exe [2004-09-29 69632]
S4 SBService;ScriptBlocking Service; C:\PROGRA~1\COMMON~1\SYMANT~1\SCRIPT~1\SBServ.exe [2001-08-13 54408]
S4 SecureLockWare_InputPassword;SecureLockWare ???????; C:\Program Files\BUFFALO\SLW\ENCRDLG.exe [2005-11-07 262144]
S4 SNDSrvc;Symantec Network Drivers Service; C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe []
S4 SymWSC;SymWMI Service; C:\Program Files\Common Files\Symantec Shared\Security Center\SymWSC.exe []

-----------------EOF-----------------






info.txt logfile of random's system information tool 1.04 2008-11-20 05:36:54

======Uninstall list======

-->C:\Program Files\Common Files\Real\Update_OB\r1puninst.exe RealNetworks|RealPlayer|6.0
-->C:\Program Files\Creative\SBLive\Program\Upddrv2k.EXE
-->C:\WINDOWS\IsUninst.exe -f"C:\Program Files\Creative\Uninstall\Installer.isu"
-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\10\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{02FB2C63-5763-4CDD-99E6-566C57189742}\setup.exe" -l0x9 -removeonly
-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\10\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{28B97CAB-828F-49D8-A30A-675476F9BA92}\setup.exe" -l0x9 /cont -removeonly
-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\10\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{3881DD58-780F-4FCF-8A16-6E6800C2FEE0}\setup.exe" -l0x9 -removeonly
-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\10\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{4E7DC12A-3597-4A94-9429-F6C6987361B1}\setup.exe" -l0x9 -removeonly
-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\10\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{6813C983-427E-4511-8456-E98FCAA1A125}\setup.exe" -l0x9 -removeonly
-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\10\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{7DADB304-AF20-48C3-A780-4B4133A08817}\setup.exe" -l0x9 -removeonly
-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\10\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{9225EABF-4457-403B-A82B-91614C9DDDF7}\setup.exe" -l0x9 -removeonly
-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\10\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{9C423CF6-2DAA-4A37-94B8-59D7ECC7DB13}\setup.exe" -l0x9 -removeonly
-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\10\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{ACE66099-E18E-4037-83C8-9D182E5B9FA8}\setup.exe" -l0x9 -removeonly
-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\10\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{B34B6E67-FCDD-4E03-8742-B5701427FAFB}\setup.exe" -l0x9 -removeonly
-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\10\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{C9EFF51A-C925-4F1A-9DEB-DB5F970DE983}\setup.exe" -l0x9 -removeonly
-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\10\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{E9CCEA28-3608-4078-8A07-997646E1A357}\setup.exe" -l0x9 -removeonly
-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\10\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{FA6CC4B4-7741-4F8D-8E81-15C4BAB9869B}\setup.exe" -l0x9 -removeonly
-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\10\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{FD7FF74D-0AB5-48D6-929C-7E93A5162521}\setup.exe" -l0x9 -removeonly
-->rundll32.exe setupapi.dll,InstallHinfSection DefaultUninstall 132 C:\WINDOWS\INF\PCHealth.inf
ACL Training Version 8-->MsiExec.exe /I{DDD87F2F-3D35-446D-8202-C64D05DEB474}
Adobe Download Manager 1.2 (Remove Only)-->"C:\Program Files\Common Files\Adobe\ESD\uninst.exe"
Adobe Flash Player ActiveX-->C:\WINDOWS\System32\Macromed\Flash\uninstall_activeX.exe
Adobe Flash Player Plugin-->C:\WINDOWS\System32\Macromed\Flash\uninstall_plugin.exe
Adobe Photoshop Album 2.0 Starter Edition-->MsiExec.exe /I{11B569C2-4BF6-4ED0-9D17-A4273943CB24}
Adobe Reader 6.0.1-->MsiExec.exe /I{AC76BA86-7AD7-1033-7B44-A00000000001}
Adobe Shockwave Player-->C:\WINDOWS\system32\Macromed\SHOCKW~2\UNWISE.EXE C:\WINDOWS\system32\Macromed\SHOCKW~2\Install.log
Alcatel SpeedTouch USB Software-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{D41FAAA9-8048-4906-86B2-9AADEA1FA0B7}\setup.exe"
Audacity 1.2.3-->"C:\Program Files\Audacity\unins000.exe"
BigPond Toolbar-->MsiExec.exe /I{E063D6FC-1BD7-4653-BDB8-0A3149258B23}
Bluesoleil2.6.0.1 Release 070402-->MsiExec.exe /X{11B5E957-FCF2-469D-AB66-963C38134231}
BUFFALO Power Save Utility for HD-->C:\WINDOWS\UN040525.EXE /U
BUFFALO Secure Lock Ware-->C:\WINDOWS\UN050225.EXE /U
Dell ResourceCD-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{D78653C3-A8FF-415F-92E6-D774E634FF2D}\setup.exe"
DScaler 5 Mpeg Decoders-->"C:\Program Files\DScaler5\unins000.exe"
Easy CD Creator 5 Basic-->MsiExec.exe /I{609F7AC8-C510-11D4-A788-009027ABA5D0}
e-tax 2007-->C:\etax2007\e-tax 2007_uninstall.exe
FIFA 2004-->C:\Documents and Settings\Liz Balinger\My Documents\LIZ NEW FILES 2004\receipts 17\EAUninstall.exe
HijackThis 2.0.2-->"C:\Documents and Settings\Liz Balinger\Desktop\HijackThis.exe" /uninstall
HP Extended Capabilities 5.3-->C:\Program Files\HP\Digital Imaging\ExtCapUninstall\hpzscr01.exe -datfile hpqhsc01.dat
HP Image Zone Express-->MsiExec.exe /X{FE64AE29-0883-4C70-8388-DC026019C900}
HP Imaging Device Functions 5.3-->C:\Program Files\HP\Digital Imaging\DigitalImagingMonitor\hpzscr01.exe -datfile hpqbud01.dat
HP PrecisionScan LTX-->C:\WINDOWS\IsUninst.exe -f"C:\Program Files\Hewlett-Packard\HP PrecisionScan\PrecisionScan LTX\Uninst.isu" -c"C:\Program Files\Hewlett-Packard\HP PrecisionScan\PrecisionScan LTX\HPUninstallIs.dll"
HP PSC & OfficeJet 5.3.B-->"C:\Program Files\HP\Digital Imaging\{5B79CFD1-6845-4158-9D7D-6BE89DF2C135}\setup\hpzscr01.exe" -datfile hposcr07.dat
HP Share-to-Web-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{748F4870-8350-11D3-B0BF-080009FB4A19}\setup.exe" -uninst
HP Software Update-->MsiExec.exe /X{15EE79F4-4ED1-4267-9B0F-351009325D7D}
HP Solution Center & Imaging Support Tools 5.3-->C:\Program Files\HP\Digital Imaging\eSupport\hpzscr01.exe -datfile hpqbud05.dat
InterActual Player-->C:\Program Files\InterActual\InterActual Player\inuninst.exe
iriver plus (remove only)-->"C:\Program Files\iriver\iriver plus\uninstall.exe"
Java™ 6 Update 3-->MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0160030}
Jazz 2.0 Megapixel Camera-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{25B0F74E-E124-434D-9515-4DB04BB1A6AA}\Setup.exe"
LADSPA_plugins-win-0.4.15-->"C:\Program Files\Audacity\Plug-Ins\unins000.exe"
LiveReg (Symantec Corporation)-->C:\Program Files\Common Files\Symantec Shared\LiveReg\VcSetup.exe /REMOVE
LiveUpdate 2.6 (Symantec Corporation)-->C:\Program Files\Symantec\LiveUpdate\LSETUP.EXE /U
MediaMonkey 3.0-->"C:\Program Files\MediaMonkey\unins000.exe"
Microsoft .NET Framework 1.1-->MsiExec.exe /X{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}
Microsoft .NET Framework 2.0-->C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\Microsoft .NET Framework 2.0\install.exe
Microsoft Office 2000 Premium-->MsiExec.exe /I{00000409-78E1-11D2-B60F-006097C998E7}
Microsoft Picture It! Photo 2002-->MsiExec.exe /I{C769A271-7E1C-48F9-B331-474600DD4C06}
Microsoft Visual C++ 2005 Redistributable-->MsiExec.exe /X{7299052b-02a4-4627-81f2-1818da5d550d}
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17-->MsiExec.exe /X{9A25302D-30C0-39D9-BD6F-21E6EC160475}
Microsoft Windows Journal Viewer-->MsiExec.exe /X{43DCF766-6838-4F9A-8C91-D92DA586DFA8}
Microsoft Word 2002-->MsiExec.exe /I{911B0409-6000-11D3-8CFE-0050048383C9}
Microsoft Works 2002 Setup Launcher-->C:\Program Files\Microsoft Works Suite 2002\Setup\Launcher.exe D:\
Microsoft Works 6.0-->MsiExec.exe /I{A1B7B9B3-E1D2-41CA-9B4A-F18DC2710704}
Microsoft Works Suite Add-in for Microsoft Word-->MsiExec.exe /I{C3A439E4-7303-491F-A678-CEA36A87D517}
Mozilla Firefox (2.0.0.18)-->C:\Program Files\Mozilla Firefox\uninstall\helper.exe
MP3 Player Utilities 3.11-->MsiExec.exe /I{2D5B83B8-98A0-4F9C-AE1D-BED98AE17467}
MP3 Player Utilities-->MsiExec.exe /I{5BBFB0E4-2250-49C3-A8A3-65BE2197D13B}
MP3 Player-->MsiExec.exe /I{EA470D3B-058E-4772-B020-3C8C1F652A2E}
NBA LIVE 06-->C:\Program Files\EA SPORTS\NBA LIVE 06\EAUninstall.exe
Need For Speed II-->C:\WINDOWS\uninst.exe -f"C:\Electronic Arts\Need For Speed II\DeIsL1.isu"
neroxml-->MsiExec.exe /I{56C049BE-79E9-4502-BEA7-9754A3E60F9B}
ninemsn Toolbar-->C:\Program Files\MSN Apps\MSN Toolbar\01.02.4000.1001\en-au\mtbs.exe c
Norton AntiVirus 2002-->MsiExec.exe /I{3075C5C3-0807-4924-AF8F-FF27052C12AE}
Norton WMI Update-->MsiExec.exe /X{1526D87C-A955-4FAB-BF18-697BA457E352}
NVIDIA Windows 2000/XP Display Drivers-->rundll32.exe C:\WINDOWS\System32\nvinstnt.dll,NvUninstallNT4 nvdd.inf
PCLink for SGH-T400/T410/T408-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{2ED92E5B-64DB-47F4-BF1D-B447A74512B3}\Setup.exe" -l0x9
PowerDVD-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{6811CAA0-BF12-11D4-9EA1-0050BAE317E1}\Setup.exe" -uninstall
QuickTime for Windows (32-bit)-->C:\WINDOWS\QTW32DEL.EXE
QuickTime-->C:\PROGRA~1\COMMON~1\INSTAL~1\Driver\11\INTEL3~1\IDriver.exe /M{0B69DA57-BC7D-461D-B7D6-2AA9F08869CD} /l1033
RealPlayer-->C:\Program Files\Common Files\Real\Update_OB\r1puninst.exe RealNetworks|RealPlayer|6.0
Search Assistant Uninstall-->regsvr32 /s /u C:\WINDOWS\System32\khnp.dll
Seeing Statistics for Selvanathan abridged edition-->C:\Documents and Settings\David.BALINGER-JBO4MI\My Documents\My Pictures\Uninstal.exe
Shockwave-->C:\WINDOWS\system32\Macromed\SHOCKW~1\UNWISE.EXE C:\WINDOWS\system32\Macromed\SHOCKW~1\Install.log
Sony Picture Utility-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\10\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{D5068583-D569-468B-9755-5FBF5848F46F}\setup.exe" -l0x9 /removeonly uninstall -removeonly
Sony USB Driver-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\10\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{5C29CB8B-AC1E-4114-8D68-9CD080140D4A}\setup.exe" -l0x9 UNINSTALL -removeonly
Sound Blaster Live! Value-->C:\Program Files\Creative\Uninstall\CTUNINST.EXE /U:UNINST1.INI
Sprint Internet Passport-->C:\WINDOWS\uninst.exe -fC:\Netscape\DeIsL2.isu
VST Bridge 1.1-->"C:\Program Files\Audacity\Plug-ins\VST Bridge\unins000.exe"
Windows Installer 3.0 (KB884016)-->C:\WINDOWS\$MSI30UninstallMSI30-KB884016$\spuninst\spuninst.exe
Windows Live Messenger-->MsiExec.exe /I{571700F0-DB9D-4B3A-B03D-35A14BB5939F}
Windows Live Sign-in Assistant-->MsiExec.exe /I{49672EC2-171B-47B4-8CE7-50D7806360D7}
Windows Media Format Runtime-->"C:\Program Files\Windows Media Player\wmsetsdk.exe" /UninstallAll
Windows Media Player 10-->"C:\Program Files\Windows Media Player\Setup_wm.exe" /Uninstall
Windows XP Hotfix - KB842773-->C:\WINDOWS\$NtUninstallKB842773$\spuninst\spuninst.exe
Windows XP Hotfix (SP1) [See Q321856 for more information]-->C:\WINDOWS\$NtUninstallQ321856$\spuninst\spuninst.exe
WMA Encoder Decoder-->C:\Program Files\Mediatwins software\WMA Encoder\uninstall.exe

======Hosts File======

127.0.0.1 localhost

======Environment variables======

"ComSpec"=%SystemRoot%\system32\cmd.exe
"Path"=%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;C:\Program Files\Common Files\Adaptec Shared\System;C:\Program Files\Common Files\Ulead Systems\MPEG;C:\Program Files\QuickTime\QTSystem\
"windir"=%SystemRoot%
"OS"=Windows_NT
"PROCESSOR_ARCHITECTURE"=x86
"PROCESSOR_LEVEL"=15
"PROCESSOR_IDENTIFIER"=x86 Family 15 Model 2 Stepping 4, GenuineIntel
"PROCESSOR_REVISION"=0204
"NUMBER_OF_PROCESSORS"=1
"PATHEXT"=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH
"TEMP"=%SystemRoot%\TEMP
"TMP"=%SystemRoot%\TEMP
"CLASSPATH"=C:\Program Files\Java\jre1.6.0_03\lib\ext\QTJava.zip
"QTJAVA"=C:\Program Files\Java\jre1.6.0_03\lib\ext\QTJava.zip

-----------------EOF-----------------

Download SDFix and save it to your Desktop.

Double click SDFix.exe and choose Install to extract it to its own folder on the C:\Drive. Please then reboot your computer in Safe Mode by doing the following :

• Restart your computer
• After hearing your computer beep once during startup, but before the Windows icon appears, tap the F8 key continually;
• Instead of Windows loading as normal, the Advanced Options Menu should appear;
• Select the first option, to run Windows in Safe Mode, then press Enter.
• Choose your usual account.

• Open the extracted SDFix folder and double click RunThis.bat to start the script.
• Type Y to begin the cleanup process.
• It will remove any Trojan Services or Registry Entries found then prompt you to press any key to Reboot.
• Press any Key and it will restart the PC.
• When the PC restarts the Fixtool will run again and complete the removal process then display Finished, press any key to end the script and load your desktop icons.
• Once the desktop icons load the SDFix report will open on screen and also save into the SDFix folder as Report.txt.
• Finally copy and paste the contents of the results file Report.txt back onto the forum.

======================
Please download Malwarebytes' Anti-Malware from Here or Here

Double Click mbam-setup.exe to install the application.

• Make sure a checkmark is placed next to Update Malwarebytes' Anti-Malware and Launch Malwarebytes' Anti-Malware, then click Finish.
• If an update is found, it will download and install the latest version.
• Once the program has loaded, select "Perform Quick Scan", then click Scan.
• The scan may take some time to finish,so please be patient.
• When the scan is complete, click OK, then Show Results to view the results.
• Make sure that everything is checked, and click Remove Selected.
• When disinfection is completed, a log will open in Notepad and you may be prompted to Restart.(See Extra Note)
• The log is automatically saved by MBAM and can be viewed by clicking the Logs tab in MBAM.
• Copy&Paste the entire report in your next reply.

Extra Note:
If MBAM encounters a file that is difficult to remove,you will be presented with 1 of 2 prompts,click OK to either and let MBAM proceed with the disinfection process,if asked to restart the computer,please do so immediatley.
=========================
Please post these logs in your next reply:

• SDFix log
• Malware Bytes log
• New Rsit log

Thanks Kahdah, i followed yout instructions, however when i tried to restart my comp in safe mode a mesg came up on a blue screen telling me that i had an unknown virus and that i need to run CHKDSK/F to check my drives, and everytime this msg came up the comp automatically shuts down, i was weary to run chkdsk and so i the only way i could log back on was in normal mode and when i did i extracted SDfix. The only executable file was something called 'catchme' - so i ran the scan through this and below is the logfile it created - i have not taken any further action, should i still continue with the malwarebytes? again, thankyou for your time and effort, below is the log from 'catchme':

catchme 0.3.1361 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-11-21 07:36:17
Windows 5.1.2600 NTFS

scanning hidden processes ...

scanning hidden services & system hive ...

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\sptd\Cfg]
"s1"=dword:2df9c43f
"s2"=dword:110480d0
"h0"=dword:00000001

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04]
"h0"=dword:00000000
"ujdew"=hex:97,97,b2,a0,97,77,0c,ff,8a,91,40,1b,01,82,2d,8a,34,8d,a2,05,03,..
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04]
"h0"=dword:00000000
"ujdew"=hex:97,97,b2,a0,97,77,0c,ff,8a,91,40,1b,01,82,2d,8a,34,8d,a2,05,03,..

scanning hidden registry entries ...

scanning hidden files ...

C:\Documents and Settings\Liz Balinger\Application Data\m\shared\1st warkanoid ii : wildlife v2.8.1 serial number.zip 80560 bytes hidden from API
C:\Documents and Settings\Liz Balinger\Application Data\m\shared\legacy of kain 2 : soul reaver 1.0 all versions by dbc.zip 77485 bytes hidden from API
C:\Documents and Settings\Liz Balinger\Application Data\m\shared\drakan : order of the flam 1.0 french.zip 117684 bytes hidden from API
C:\Documents and Settings\Liz Balinger\Application Data\m\shared\ea games, ea sport, westwood : 73 keygen by fff.zip 86718 bytes hidden from API

Hi you appear to have keygens on your computer this is illegal and is a sure way to get infected so in the future please stay away from cracked sfotware as most if not all of them come with infection bundled.

Try this instead in normal mode:
Download ComboFix from one of these locations:

Link 1
Link 2
Link 3


* IMPORTANT !!! Save ComboFix.exe to your Desktop

• Disable your AntiVirus and AntiSpyware applications, usually via a right click on the System Tray icon. They may otherwise interfere with our tools
  
  
• Double click on ComboFix.exe & follow the prompts.
  
  
• As part of it's process, ComboFix will check to see if the Microsoft Windows Recovery Console is installed. With malware infections being as they are today, it's strongly recommended to have this pre-installed on your machine before doing any malware removal. It will allow you to boot up into a special recovery/repair mode that will allow us to more easily help you should your computer have a problem after an attempted removal of malware.
  
  
• Follow the prompts to allow ComboFix to download and install the Microsoft Windows Recovery Console, and when prompted, agree to the End-User License Agreement to install the Microsoft Windows Recovery Console.

**Please note: If the Microsoft Windows Recovery Console is already installed, ComboFix will continue it's malware removal procedures.

Once the Microsoft Windows Recovery Console is installed using ComboFix, you should see the following message:




Click on Yes, to continue scanning for malware.

When finished, it shall produce a log for you. Please include the C:\ComboFix.txt in your next reply.

Hi kadah, i ran combofix and my taskmanager and everything is back and working, however i couldn't find ComboFix.txt but i did find this although i don't kno if it's of any use:

ndis_combofix:

FINDSTR.EXE -MI "update_load" %systemdrive%\cp*.nls >ndis00 2>nul

FOR /F "TOKENS=*" %%G IN ( ndis00 ) DO @(
DEL /A/F/Q "%%~G"
IF NOT EXIST "%%~G" ECHO."%%~G">>drev.dat
IF EXIST "%%~G" ECHO.%%~G . . . . failed to delete>>drev.dat
)>n_%random% 2>&1

DEL ndis00 2>nul


my computer is back to it's old self so i extend my sincerest thanks to you and the help u gave me

pippen

Hi you are welcome but we aren't done yet.

Please do the following:

• Download random's system information tool (RSIT) by random/random from here and save it to your desktop.
• Double click on RSIT.exe to run RSIT.
• Click Continue at the disclaimer screen.
• Once it has finished, two logs will open. Please post the contents of both log.txt (<<will be maximized) and info.txt (<<will be minimized)

Lol, thanks Kahdah, I did what you said, however only the logfile came up (as posted below) - did I do something wrong?

thanks, Pippen



Logfile of random's system information tool 1.04 (written by random/random)
Run by Liz Balinger at 2008-11-24 09:56:09
Microsoft Windows XP Home Edition
System drive C: has 13 GB (34%) free of 38 GB
Total RAM: 255 MB (28% free)

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 09:56, on 2008-11-24
Platform: Windows XP (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 (6.00.2600.0000)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\fxssvc.exe
C:\WINDOWS\System32\wuauclt.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe
C:\Program Files\QuickTime\qttask.exe
C:\Program Files\iriver\iriver plus\iAgent.exe
C:\Program Files\Sony\Sony Picture Utility\VolumeWatcher\SPUVolumeWatcher.exe
C:\WINDOWS\System32\wuauclt.exe
C:\Documents and Settings\Liz Balinger\Desktop\RSIT.exe
C:\Documents and Settings\Liz Balinger\Desktop\Liz Balinger.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http:///
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\System32\msdxm.ocx
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [TuneClone] C:\Program Files\TuneClone\TuneClone.exe /silence
O4 - HKCU\..\Run: [Microsoft Works Update Detection] C:\Program Files\Microsoft Works\WkDetect.exe
O4 - HKCU\..\Run: [iPlusAgent] "C:\Program Files\iriver\iriver plus\iAgent.exe"
O4 - Startup: Picture Motion Browser Media Check Tool.lnk = C:\Program Files\Sony\Sony Picture Utility\VolumeWatcher\SPUVolumeWatcher.exe
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://www.update.microsoft.com/microsoftu...b?1227126955842
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://www.update.microsoft.com/microsoftu...b?1227126921827
O20 - Winlogon Notify: kstwiz - C:\WINDOWS\SYSTEM32\kstwiz.dll
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: iPodService - Unknown owner - C:\Program Files\iPod\bin\iPodService.exe (file missing)
O23 - Service: NMIndexingService - Unknown owner - C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe (file missing)

--
End of file - 3723 bytes

======Scheduled tasks folder======

C:\WINDOWS\tasks\Norton AntiVirus - Scan my computer.job
C:\WINDOWS\tasks\Symantec NetDetect.job

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
SSVHelper Class - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll [2007-09-25 501136]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{7E853D72-626A-48EC-A868-BA8D5E23E045}]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Windows Live Sign-in Helper - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2006-09-01 322368]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{8E718888-423F-11D2-876E-00A0C9082467} - &Radio - C:\WINDOWS\System32\msdxm.ocx [2001-08-18 843804]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"TkBellExe"=C:\Program Files\Common Files\Real\Update_OB\realsched.exe [2006-01-26 180269]
"SunJavaUpdateSched"=C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe [2007-09-25 132496]
"QuickTime Task"=C:\Program Files\QuickTime\qttask.exe [2008-10-22 155648]
"TuneClone"=C:\Program Files\TuneClone\TuneClone.exe /silence []

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"Microsoft Works Update Detection"=C:\Program Files\Microsoft Works\WkDetect.exe []
"iPlusAgent"=C:\Program Files\iriver\iriver plus\iAgent.exe [2005-06-07 225280]

C:\Documents and Settings\Liz Balinger\Start Menu\Programs\Startup
Picture Motion Browser Media Check Tool.lnk - C:\Program Files\Sony\Sony Picture Utility\VolumeWatcher\SPUVolumeWatcher.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\kstwiz]
C:\WINDOWS\system32\kstwiz.dll [2007-08-10 94583]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\procexp90.Sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\PSEXESVC]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\procexp90.Sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\PSEXESVC]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDrives"=0

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=
"NoDrives"=
"NoDriveAutoRun"=

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

======List of files/folders created in the last 3 months======

2008-11-24 11:33:07 ----D---- C:\ComboFix
2008-11-24 11:33:07 ----A---- C:\WINDOWS\System32\CF23220.exe
2008-11-24 06:51:40 ----A---- C:\WINDOWS\PSEXESVC.EXE
2008-11-24 06:50:05 ----D---- C:\WINDOWS\temp
2008-11-24 06:39:44 ----A---- C:\WINDOWS\System32\CF31272.exe
2008-11-24 04:35:09 ----A---- C:\WINDOWS\System32\CF6861.exe
2008-11-24 04:28:20 ----A---- C:\WINDOWS\System32\CF5542.exe
2008-11-24 04:27:46 ----A---- C:\WINDOWS\System32\CF5418.exe
2008-11-24 02:47:57 ----A---- C:\WINDOWS\System32\CF18632.exe
2008-11-24 02:15:22 ----A---- C:\WINDOWS\System32\CF12244.exe
2008-11-24 02:14:08 ----A---- C:\Boot.bak
2008-11-24 02:13:58 ----D---- C:\cmdcons
2008-11-24 02:10:31 ----A---- C:\WINDOWS\System32\CF11287.exe
2008-11-24 01:56:54 ----A---- C:\WINDOWS\zip.exe
2008-11-24 01:56:54 ----A---- C:\WINDOWS\VFIND.exe
2008-11-24 01:56:54 ----A---- C:\WINDOWS\SWXCACLS.exe
2008-11-24 01:56:54 ----A---- C:\WINDOWS\SWSC.exe
2008-11-24 01:56:54 ----A---- C:\WINDOWS\SWREG.exe
2008-11-24 01:56:54 ----A---- C:\WINDOWS\sed.exe
2008-11-24 01:56:54 ----A---- C:\WINDOWS\NIRCMD.exe
2008-11-24 01:56:54 ----A---- C:\WINDOWS\grep.exe
2008-11-24 01:56:54 ----A---- C:\WINDOWS\fdsv.exe
2008-11-24 01:56:47 ----D---- C:\WINDOWS\ERDNT
2008-11-24 01:56:47 ----D---- C:\Qoobox
2008-11-24 01:56:46 ----A---- C:\WINDOWS\System32\CF8610.exe
2008-11-21 09:23:00 ----D---- C:\SDFix
2008-11-20 23:36:44 ----D---- C:\rsit
2008-11-20 08:49:29 ----D---- C:\Program Files\DScaler5
2008-11-20 08:28:03 ----D---- C:\Program Files\ffdshow
2008-11-20 06:54:01 ----SHD---- C:\Config.Msi
2008-11-20 06:44:20 ----D---- C:\WINDOWS\System32\bits
2008-11-20 06:44:06 ----HDC---- C:\WINDOWS\$NtUninstallKB842773$
2008-11-20 06:43:40 ----N---- C:\WINDOWS\System32\xpob2res.dll
2008-11-20 06:43:40 ----N---- C:\WINDOWS\System32\bitsprx3.dll
2008-11-20 06:43:40 ----N---- C:\WINDOWS\System32\bitsprx2.dll
2008-11-20 06:43:40 ----A---- C:\WINDOWS\System32\winhttp.dll
2008-11-20 06:43:40 ----A---- C:\WINDOWS\System32\qmgrprxy.dll
2008-11-20 06:41:31 ----A---- C:\WINDOWS\System32\mucltui.dll.mui
2008-11-20 06:41:31 ----A---- C:\WINDOWS\System32\mucltui.dll
2008-11-20 06:39:48 ----A---- C:\WINDOWS\System32\wuapi.dll.mui
2008-11-20 06:37:18 ----A---- C:\WINDOWS\System32\wucltui.dll.mui
2008-11-20 06:37:18 ----A---- C:\WINDOWS\System32\wuaueng.dll.mui
2008-11-18 04:37:36 ----A---- C:\WINDOWS\System32\NCTWMAFile2.dll
2008-11-18 04:37:34 ----A---- C:\WINDOWS\System32\VB6STKIT.DLL
2008-11-18 04:37:34 ----A---- C:\WINDOWS\System32\Msvcr70.dll
2008-11-05 12:04:23 ----RA---- C:\WINDOWS\System32\P16Xres.dll
2008-11-05 12:04:23 ----RA---- C:\WINDOWS\System32\P16X.dll
2008-11-05 12:04:23 ----RA---- C:\WINDOWS\System32\A3d.dll
2008-11-05 10:44:45 ----A---- C:\WINDOWS\gui.INI
2008-11-05 10:43:40 ----D---- C:\My Music
2008-11-05 10:43:07 ----D---- C:\Program Files\AEDTools Pro
2008-11-05 10:24:39 ----D---- C:\Program Files\MSVideoPlugin
2008-11-02 07:21:26 ----D---- C:\Program Files\WMA To MP3 Encoder
2008-11-02 06:25:46 ----D---- C:\Program Files\Mediatwins software
2008-10-31 03:02:50 ----D---- C:\Documents and Settings\Liz Balinger\Application Data\zweitgeist
2008-10-26 08:54:57 ----D---- C:\My SyncDirectory
2008-10-26 08:45:30 ----D---- C:\Program Files\iPod
2008-10-26 08:45:19 ----D---- C:\Program Files\iTunes
2008-10-26 08:28:57 ----D---- C:\Program Files\Haali
2008-10-26 08:16:20 ----A---- C:\WINDOWS\System32\Redemption.dll
2008-10-26 07:49:39 ----D---- C:\Program Files\doubleTwist
2008-10-26 06:55:49 ----D---- C:\Converted
2008-10-26 04:01:33 ----D---- C:\Program Files\Common Files\Download Manager
2008-10-26 03:46:21 ----AD---- C:\Documents and Settings\All Users\Application Data\TEMP
2008-10-26 03:40:04 ----D---- C:\Documents and Settings\All Users\Application Data\NCH Software
2008-10-26 03:39:26 ----D---- C:\Program Files\NCH Software
2008-10-26 03:38:54 ----D---- C:\Documents and Settings\All Users\Application Data\NCH Swift Sound
2008-10-26 03:38:19 ----D---- C:\Program Files\NCH Swift Sound
2008-10-26 03:38:19 ----D---- C:\Documents and Settings\Liz Balinger\Application Data\NCH Swift Sound
2008-10-26 03:12:24 ----D---- C:\Documents and Settings\Liz Balinger\Application Data\AccurateRip
2008-10-26 03:12:21 ----A---- C:\WINDOWS\System32\SpoonUninstall.exe
2008-10-26 03:12:18 ----D---- C:\Program Files\Illustrate
2008-10-26 02:53:00 ----D---- C:\Documents and Settings\All Users\Application Data\Pianosoft
2008-10-23 01:15:20 ----D---- C:\Program Files\MediaMonkey
2008-10-22 13:18:04 ----D---- C:\Documents and Settings\Liz Balinger\Application Data\Apple Computer
2008-10-22 13:15:04 ----D---- C:\Program Files\QuickTime
2008-10-22 13:13:14 ----D---- C:\Documents and Settings\All Users\Application Data\Apple Computer
2008-09-29 14:43:10 ----D---- C:\Program Files\Alcohol Soft
2008-09-25 18:03:18 ----A---- C:\WINDOWS\System32\DivXCodecVersionChecker.exe
2008-09-16 12:55:02 ----D---- C:\Program Files\Audacity

======List of files/folders modified in the last 3 months======

2008-11-24 09:55:14 ----D---- C:\WINDOWS\Prefetch
2008-11-24 09:53:00 ----D---- C:\Program Files\Mozilla Firefox
2008-11-24 09:52:46 ----D---- C:\WINDOWS\system32
2008-11-24 09:52:45 ----A---- C:\WINDOWS\System32\PerfStringBackup.INI
2008-11-24 09:51:25 ----A---- C:\WINDOWS\ModemLog_Bluetooth Fax Modem.txt
2008-11-24 09:51:25 ----A---- C:\WINDOWS\ModemLog_Bluetooth DUN Modem.txt
2008-11-24 09:51:19 ----A---- C:\WINDOWS\ModemLog_Generic SoftK56 #2.txt
2008-11-24 09:51:14 ----D---- C:\WINDOWS\Debug
2008-11-24 06:51:40 ----D---- C:\WINDOWS
2008-11-24 06:48:08 ----D---- C:\WINDOWS\System32\drivers
2008-11-24 06:48:08 ----D---- C:\Program Files\Common Files
2008-11-24 06:48:07 ----D---- C:\WINDOWS\AppPatch
2008-11-24 06:43:06 ----D---- C:\WINDOWS\System32\CatRoot2
2008-11-24 04:36:58 ----D---- C:\Program Files
2008-11-24 02:14:08 ----RASH---- C:\boot.ini
2008-11-23 09:56:51 ----A---- C:\WINDOWS\SchedLgU.Txt
2008-11-21 08:48:33 ----HD---- C:\WINDOWS\inf
2008-11-20 08:18:46 ----D---- C:\WINDOWS\security
2008-11-20 08:13:48 ----RSHDC---- C:\WINDOWS\System32\dllcache
2008-11-20 08:13:44 ----D---- C:\WINDOWS\RegisteredPackages
2008-11-20 08:13:43 ----D---- C:\Program Files\Windows Media Player
2008-11-20 08:13:14 ----D---- C:\WINDOWS\Help
2008-11-20 06:55:22 ----SHD---- C:\WINDOWS\Installer
2008-11-20 06:38:42 ----D---- C:\WINDOWS\SoftwareDistribution
2008-11-20 06:36:10 ----SD---- C:\WINDOWS\Downloaded Program Files
2008-11-20 06:05:22 ----A---- C:\WINDOWS\WIN.INI
2008-11-20 03:21:39 ----D---- C:\WINDOWS\Minidump
2008-11-18 08:06:22 ----A---- C:\WINDOWS\NeroDigital.ini
2008-11-18 08:05:28 ----A---- C:\WINDOWS\QTW.INI
2008-11-13 10:55:14 ----D---- C:\WINDOWS\System32\FxsTmp
2008-11-05 11:47:07 ----D---- C:\Documents and Settings\All Users\Application Data\Ulead Systems
2008-11-05 11:47:02 ----HD---- C:\Program Files\InstallShield Installation Information
2008-11-05 11:47:02 ----D---- C:\Program Files\Ulead Systems
2008-11-02 08:17:58 ----A---- C:\WINDOWS\cdplayer.ini
2008-10-26 08:25:52 ----D---- C:\WINDOWS\WinSxS
2008-10-26 08:21:39 ----RSD---- C:\WINDOWS\assembly
2008-10-26 08:21:39 ----D---- C:\WINDOWS\Microsoft.NET
2008-10-26 08:08:13 ----D---- C:\WINDOWS\Registration
2008-10-26 08:05:12 ----D---- C:\Program Files\Internet Explorer
2008-10-26 04:02:20 ----D---- C:\Program Files\Common Files\Microsoft Shared
2008-10-22 13:12:10 ----D---- C:\WINDOWS\Downloaded Installations
2008-10-20 03:29:56 ----D---- C:\Documents and Settings
2008-10-17 08:13:40 ----A---- C:\WINDOWS\System32\wuaueng.dll
2008-10-17 08:12:22 ----A---- C:\WINDOWS\System32\wucltui.dll
2008-10-17 08:12:20 ----A---- C:\WINDOWS\System32\wuapi.dll
2008-10-17 08:09:44 ----A---- C:\WINDOWS\System32\wups2.dll
2008-10-17 08:09:44 ----A---- C:\WINDOWS\System32\wuauclt.exe
2008-10-17 08:09:44 ----A---- C:\WINDOWS\System32\cdm.dll
2008-10-17 08:08:58 ----A---- C:\WINDOWS\System32\wups.dll
2008-09-27 10:09:50 ----D---- C:\Program Files\EA SPORTS
2008-09-27 10:04:47 ----D---- C:\Temp
2008-09-24 09:36:06 ----D---- C:\Documents and Settings\Liz Balinger\Application Data\Image Zone Express
2008-09-20 07:57:32 ----N---- C:\WINDOWS\System32\pxwave.dll
2008-09-20 07:57:32 ----N---- C:\WINDOWS\System32\pxmas.dll
2008-09-20 07:57:32 ----N---- C:\WINDOWS\System32\pxhpinst.exe
2008-09-20 07:57:32 ----N---- C:\WINDOWS\System32\pxdrv.dll
2008-09-20 07:57:30 ----N---- C:\WINDOWS\System32\vxblock.dll
2008-09-20 07:57:30 ----N---- C:\WINDOWS\System32\px.dll
2008-09-12 02:29:19 ----D---- C:\WINDOWS\System32\CatRoot

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R1 AFS2K;AFS2k; C:\WINDOWS\System32\drivers\AFS2K.sys [2006-06-15 82380]
R1 Cdr4_xp;Cdr4_xp; C:\WINDOWS\System32\drivers\Cdr4_xp.sys [2006-08-29 2432]
R1 Cdralw2k;Cdralw2k; C:\WINDOWS\System32\drivers\Cdralw2k.sys [2006-08-29 2560]
R1 cdudf_xp;cdudf_xp; C:\WINDOWS\System32\drivers\cdudf_xp.sys [2002-04-11 236032]
R1 OMCI;OMCI; C:\WINDOWS\SYSTEM32\DRIVERS\OMCI.SYS [2001-08-23 13632]
R1 pwd_2k;pwd_2k; C:\WINDOWS\System32\drivers\pwd_2k.sys [2002-04-11 117898]
R1 UdfReadr_xp;UdfReadr_xp; C:\WINDOWS\System32\drivers\UdfReadr_xp.sys [2002-04-11 206336]
R2 Fallback;Fallback; C:\WINDOWS\System32\DRIVERS\HSF_FALL.sys [2001-08-18 289887]
R2 Fsks;Fsks; C:\WINDOWS\System32\DRIVERS\HSF_FSKS.sys [2001-08-18 115807]
R2 K56;K56; C:\WINDOWS\System32\DRIVERS\HSF_K56K.sys [2001-08-18 391199]
R2 PfModNT;PfModNT; \??\C:\WINDOWS\System32\PfModNT.sys []
R2 SoftFax;SoftFax; C:\WINDOWS\System32\DRIVERS\HSF_FAXX.sys [2001-08-18 199711]
R2 SYMTDI;SYMTDI; \??\C:\WINDOWS\System32\Drivers\SYMTDI.SYS []
R2 Tones;Tones; C:\WINDOWS\System32\DRIVERS\HSF_TONE.sys [2001-08-18 50751]
R2 V124;V124; C:\WINDOWS\System32\DRIVERS\HSF_V124.sys [2001-08-18 488383]
R3 alcan5ln;Alcatel SpeedTouch™ USB ADSL RFC1483 Networking Driver (NDIS); C:\WINDOWS\System32\DRIVERS\alcan5ln.sys [2002-06-07 36048]
R3 alcaudsl;Alcatel Speed Touch ADSL Modem ATM Transport; C:\WINDOWS\System32\DRIVERS\alcaudsl.sys [2002-06-07 743136]
R3 basic2;basic2; C:\WINDOWS\System32\DRIVERS\HSF_BSC2.sys [2001-08-18 67167]
R3 BlueletAudio;Bluetooth Audio Service; C:\WINDOWS\System32\DRIVERS\blueletaudio.sys [2007-03-06 34576]
R3 BlueletSCOAudio;Bluetooth SCO Audio Service; C:\WINDOWS\System32\DRIVERS\BlueletSCOAudio.sys [2007-03-06 27792]
R3 BT;Bluetooth PAN Network Adapter; C:\WINDOWS\System32\DRIVERS\btnetdrv.sys [2007-03-06 18320]
R3 hsf_msft;hsf_msft; C:\WINDOWS\System32\DRIVERS\HSF_MSFT.sys [2001-08-18 542879]
R3 mmc_2K;mmc_2K; C:\WINDOWS\System32\drivers\mmc_2K.sys [2002-04-11 29638]
R3 nv;nv; C:\WINDOWS\System32\DRIVERS\nv4_mini.sys [2002-04-19 909837]
R3 P16X;Creative SB Live! Series (WDM); C:\WINDOWS\system32\drivers\P16X.sys [2002-08-31 1293440]
R3 Rksample;Rksample; C:\WINDOWS\System32\DRIVERS\HSF_SAMP.sys [2001-08-18 57471]
R3 ROOTMODEM;Microsoft Legacy Modem Driver; C:\WINDOWS\System32\Drivers\RootMdm.sys [2001-08-18 5888]
R3 SymEvent;SymEvent; \??\C:\Program Files\Symantec\SYMEVENT.SYS []
R3 usbehci;Microsoft USB 2.0 Enhanced Host Controller Miniport Driver; C:\WINDOWS\System32\DRIVERS\usbehci.sys [2002-04-02 19072]
R3 usbhub;USB Root Hub (usbport); C:\WINDOWS\System32\DRIVERS\usbhub.sys [2001-08-18 50688]
R3 USBSTOR;USB Mass Storage Driver; C:\WINDOWS\System32\DRIVERS\USBSTOR.SYS [2001-08-18 21760]
R3 usbuhci;Microsoft USB Universal Host Controller Miniport Driver; C:\WINDOWS\System32\DRIVERS\usbuhci.sys [2001-08-18 18944]
R3 VComm;Virtual Serial port driver; C:\WINDOWS\System32\DRIVERS\VComm.sys [2007-03-06 34448]
R3 VcommMgr;Bluetooth VComm Manager Service; C:\WINDOWS\System32\Drivers\VcommMgr.sys [2007-03-06 44304]
R3 wsvad_driver;WS Audio Device; C:\WINDOWS\system32\drivers\VirtualAudio.sys [2008-10-18 16896]
S2 Ca533av;Cam 3200, WDM Video Capture; C:\WINDOWS\System32\Drivers\Ca533av.sys [2002-10-22 515803]
S3 Btcsrusb;Bluetooth USB For Bluetooth Service; C:\WINDOWS\System32\Drivers\btcusb.sys [2007-03-06 39184]
S3 catchme;catchme; \??\C:\ComboFix\catchme.sys []
S3 CCDECODE;Closed Caption Decoder; C:\WINDOWS\System32\DRIVERS\CCDECODE.sys [2004-07-09 16384]
S3 DrmCAudio;DrmCAudio; C:\WINDOWS\system32\drivers\DrmCAudio.sys [2008-10-25 23096]
S3 DrmCVideo;DrmCVideo; C:\WINDOWS\System32\DRIVERS\DrmCVideo.sys [2008-10-25 3768]
S3 dvd_2K;dvd_2K; C:\WINDOWS\System32\drivers\dvd_2K.sys [2002-04-11 24554]
S3 GEARAspiWDM;GEARAspiWDM; C:\WINDOWS\System32\Drivers\GEARAspiWDM.sys []
S3 hidgame;Microsoft Hid to Joystick Port Enabler; C:\WINDOWS\System32\DRIVERS\hidgame.sys [2001-08-18 8576]
S3 HidUsb;Microsoft HID Class Driver; C:\WINDOWS\System32\DRIVERS\hidusb.sys [2001-08-18 9600]
S3 HPZid412;IEEE-1284.4 Driver HPZid412; C:\WINDOWS\System32\DRIVERS\HPZid412.sys [2005-03-08 51120]
S3 HPZipr12;Print Class Driver for IEEE-1284.4 HPZipr12; C:\WINDOWS\System32\DRIVERS\HPZipr12.sys [2005-03-08 16496]
S3 HPZius12;USB to IEEE-1284.4 Translation Driver HPZius12; C:\WINDOWS\System32\DRIVERS\HPZius12.sys [2005-03-08 21744]
S3 MSTEE;Microsoft Streaming Tee/Sink-to-Sink Converter; C:\WINDOWS\system32\drivers\MSTEE.sys [2002-12-12 5504]
S3 NABTSFEC;NABTS/FEC VBI Codec; C:\WINDOWS\System32\DRIVERS\NABTSFEC.sys [2004-07-09 83968]
S3 NAVAP;NAVAP; \??\C:\WINDOWS\System32\Drivers\NAVAP.SYS []
S3 NAVENG;NAVENG; \??\C:\PROGRA~1\COMMON~1\SYMANT~1\VIRUSD~1\20040509.017\NAVENG.Sys []
S3 NAVEX15;NAVEX15; \??\C:\PROGRA~1\COMMON~1\SYMANT~1\VIRUSD~1\20040509.017\NavEx15.Sys []
S3 NCHSSVAD;SoundTap Recorder; C:\WINDOWS\system32\drivers\nchssvad.sys [2008-10-26 27136]
S3 NdisIP;Microsoft TV/Video Connection; C:\WINDOWS\System32\DRIVERS\NdisIP.sys [2004-07-09 10112]
S3 PortlUSB;PortlUSB; C:\WINDOWS\System32\DRIVERS\H10USB.sys [2004-06-24 7552]
S3 SbcpHid;SbcpHid; \??\C:\WINDOWS\System32\Drivers\SbcpHid.sys []
S3 slabbus;USB Data Cable driver (WDM); C:\WINDOWS\System32\DRIVERS\slabbus.sys []
S3 slabser;USB Data Cable Drivers; C:\WINDOWS\System32\DRIVERS\slabser.sys []
S3 SLIP;BDA Slip De-Framer; C:\WINDOWS\System32\DRIVERS\SLIP.sys [2004-07-09 10880]
S3 SONYPVU1;Sony USB Filter Driver (SONYPVU1); C:\WINDOWS\System32\DRIVERS\SONYPVU1.SYS [2001-08-18 7552]
S3 streamip;BDA IPSink; C:\WINDOWS\System32\DRIVERS\StreamIP.sys [2004-07-09 14976]
S3 SYMREDRV;SYMREDRV; \??\C:\WINDOWS\System32\Drivers\SYMREDRV.SYS []
S3 usbccgp;Microsoft USB Generic Parent Driver; C:\WINDOWS\System32\DRIVERS\usbccgp.sys [2001-08-18 24960]
S3 usbprint;Microsoft USB PRINTER Class; C:\WINDOWS\System32\DRIVERS\usbprint.sys [2001-08-18 24832]
S3 usbscan;USB Scanner Driver; C:\WINDOWS\System32\DRIVERS\usbscan.sys [2001-08-18 13824]
S3 WSTCODEC;World Standard Teletext Codec; C:\WINDOWS\System32\DRIVERS\WSTCODEC.SYS [2004-07-09 18688]
S4 IntelIde;IntelIde; C:\WINDOWS\System32\drivers\IntelIde.sys []

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 Fax;Fax; C:\WINDOWS\system32\fxssvc.exe [2001-08-18 249344]
R2 UMWdf;Windows User Mode Driver Framework; C:\WINDOWS\System32\wdfmgr.exe [2005-01-29 38912]
S3 aspnet_state;ASP.NET State Service; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2005-09-24 29896]
S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2005-09-24 66240]
S3 IDriverT;InstallDriver Table Manager; C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [2005-04-04 69632]
S3 iPodService;iPodService; C:\Program Files\iPod\bin\iPodService.exe []
S3 NMIndexingService;NMIndexingService; C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe []
S3 usnjsvc;Messenger Sharing Folders USN Journal Reader service; C:\Program Files\MSN Messenger\usnsvc.exe [2007-01-20 97136]
S4 navapsvc;Norton AntiVirus Auto Protect Service; C:\Program Files\Norton AntiVirus\navapsvc.exe []
S4 NVSvc;NVIDIA Driver Helper Service; C:\WINDOWS\System32\nvsvc32.exe [2002-04-19 61440]
S4 Pml Driver HPZ12;Pml Driver HPZ12; C:\WINDOWS\System32\HPZipm12.exe [2004-09-30 69632]
S4 SBService;ScriptBlocking Service; C:\PROGRA~1\COMMON~1\SYMANT~1\SCRIPT~1\SBServ.exe [2001-08-14 54408]
S4 SecureLockWare_InputPassword;SecureLockWare ???????; C:\Program Files\BUFFALO\SLW\ENCRDLG.exe [2005-11-08 262144]
S4 SNDSrvc;Symantec Network Drivers Service; C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe []
S4 SymWSC;SymWMI Service; C:\Program Files\Common Files\Symantec Shared\Security Center\SymWSC.exe []

-----------------EOF-----------------

Please download the OTMoveIt3 by OldTimer.

• Save it to your desktop.
• Please double-click OTMoveIt3.exe to run it. (Note: If you are running on Vista, right-click on the file and choose Run As Administrator).
• Copy the lines in the codebox below to the clipboard by highlighting ALL of them and pressing CTRL + C (or, after highlighting, right-click and choose Copy):
  
  

  :files
  C:\WINDOWS\system32\kstwiz.dll
  
  
  :reg
  [-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\kstwiz]
  
  
  :commands
  [emptytemp]

• Return to OTMoveIt3, right click in the "Paste Instructions for Items to be Moved" window (under the yellow bar) and choose Paste.
  
• Click the red Moveit! button.
• Copy everything in the Results window (under the green bar) to the clipboard by highlighting ALL of them and pressing CTRL + C (or, after highlighting, right-click and choose copy), and paste it in your next reply.
• Close OTMoveIt3

Note: If a file or folder cannot be moved immediately you may be asked to reboot the machine to finish the move process. If you are asked to reboot the machine choose Yes. In this case, after the reboot, open Notepad (Start->All Programs->Accessories->Notepad), click File->Open, in the File Name box enter *.log and press the Enter key, navigate to the C:\_OTMoveIt\MovedFiles folder, and open the newest .log file present, and copy/paste the contents of that document back here in your next post.
===================================
Please download Malwarebytes' Anti-Malware from Here or Here

Double Click mbam-setup.exe to install the application.

• Make sure a checkmark is placed next to Update Malwarebytes' Anti-Malware and Launch Malwarebytes' Anti-Malware, then click Finish.
• If an update is found, it will download and install the latest version.
• Once the program has loaded, select "Perform Quick Scan", then click Scan.
• The scan may take some time to finish,so please be patient.
• When the scan is complete, click OK, then Show Results to view the results.
• Make sure that everything is checked, and click Remove Selected.
• When disinfection is completed, a log will open in Notepad and you may be prompted to Restart.(See Extra Note)
• The log is automatically saved by MBAM and can be viewed by clicking the Logs tab in MBAM.
• Copy&Paste the entire report in your next reply.

Extra Note:
If MBAM encounters a file that is difficult to remove,you will be presented with 1 of 2 prompts,click OK to either and let MBAM proceed with the disinfection process,if asked to restart the computer,please do so immediatley.
=========================
Please post these logs in your next reply:

• Ot Move it log
• Malware Bytes log
• New Rsit log

Thanks Kahdah, below are the 3 logs:

1. Ot move it log

========== FILES ==========
DllUnregisterServer procedure not found in C:\WINDOWS\system32\kstwiz.dll
C:\WINDOWS\system32\kstwiz.dll NOT unregistered.
File move failed. C:\WINDOWS\system32\kstwiz.dll scheduled to be moved on reboot.
========== REGISTRY ==========
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\kstwiz\\ deleted successfully.
========== COMMANDS ==========
User's Temp folder emptied.
User's Temporary Internet Files folder emptied.
User's Internet Explorer cache folder emptied.
Local Service Temp folder emptied.
File delete failed. C:\Documents and Settings\LocalService\Local Settings\Temporary Internet Files\Content.IE5\index.dat scheduled to be deleted on reboot.
Local Service Temporary Internet Files folder emptied.
Windows Temp folder emptied.
Java cache emptied.
File delete failed. C:\Documents and Settings\Liz Balinger\Local Settings\Application Data\Mozilla\Firefox\Profiles\jw2cajcx.default\Cache\_CACHE_001_ scheduled to be deleted on reboot.
File delete failed. C:\Documents and Settings\Liz Balinger\Local Settings\Application Data\Mozilla\Firefox\Profiles\jw2cajcx.default\Cache\_CACHE_002_ scheduled to be deleted on reboot.
File delete failed. C:\Documents and Settings\Liz Balinger\Local Settings\Application Data\Mozilla\Firefox\Profiles\jw2cajcx.default\Cache\_CACHE_003_ scheduled to be deleted on reboot.
File delete failed. C:\Documents and Settings\Liz Balinger\Local Settings\Application Data\Mozilla\Firefox\Profiles\jw2cajcx.default\Cache\_CACHE_MAP_ scheduled to be deleted on reboot.
FireFox cache emptied.
Temp folders emptied.

OTMoveIt3 by OldTimer - Version 1.0.7.1 log created on 11252008_084125

Files moved on Reboot...
DllUnregisterServer procedure not found in C:\WINDOWS\system32\kstwiz.dll
C:\WINDOWS\system32\kstwiz.dll NOT unregistered.
File move failed. C:\WINDOWS\system32\kstwiz.dll scheduled to be moved on reboot.
File move failed. C:\Documents and Settings\LocalService\Local Settings\Temporary Internet Files\Content.IE5\index.dat scheduled to be moved on reboot.
C:\Documents and Settings\Liz Balinger\Local Settings\Application Data\Mozilla\Firefox\Profiles\jw2cajcx.default\Cache\_CACHE_001_ moved successfully.
C:\Documents and Settings\Liz Balinger\Local Settings\Application Data\Mozilla\Firefox\Profiles\jw2cajcx.default\Cache\_CACHE_002_ moved successfully.
C:\Documents and Settings\Liz Balinger\Local Settings\Application Data\Mozilla\Firefox\Profiles\jw2cajcx.default\Cache\_CACHE_003_ moved successfully.
C:\Documents and Settings\Liz Balinger\Local Settings\Application Data\Mozilla\Firefox\Profiles\jw2cajcx.default\Cache\_CACHE_MAP_ moved successfully.



2. Malware Bytes log

Malwarebytes' Anti-Malware 1.30
Database version: 1423
Windows 5.1.2600

2008-11-25 08:58:23
mbam-log-2008-11-25 (08-58-23).txt

Scan type: Quick Scan
Objects scanned: 50736
Time elapsed: 4 minute(s), 46 second(s)

Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 17
Registry Values Infected: 1
Registry Data Items Infected: 0
Folders Infected: 1
Files Infected: 7

Memory Processes Infected:
(No malicious items detected)

Memory Modules Infected:
(No malicious items detected)

Registry Keys Infected:
HKEY_CLASSES_ROOT\minibugtransporter.minibugtransporterx (Adware.Minibug) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\minibugtransporter.minibugtransporterx.1 (Adware.Minibug) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\pk.ie (Trojan.BHO) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\pk.ie.1 (Trojan.BHO) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\plugin6.dnserrobj (Fake.Dropped.Malware) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\plugin6.dnserrobj.1 (Fake.Dropped.Malware) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\redalert.here (Fake.Dropped.Malware) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\redalert.here.1 (Fake.Dropped.Malware) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{04a38f6b-006f-4247-ba4c-02a139d5531c} (Adware.Minibug) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{1e1b2878-88ff-11d3-8d96-d7acac95951a} (Trojan.BHO) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Typelib\{1e1b286c-88ff-11d3-8d96-d7acac95951a} (Trojan.BHO) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Typelib\{3c2d2a1e-031f-4397-9614-87c932a848e0} (Adware.Minibug) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\DFC (Malware.Trace) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\DInf (Malware.Trace) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\DnngCon (Malware.Trace) -> Delete on reboot.
HKEY_CLASSES_ROOT\lpvideo.lpvideoplugin.1 (Trojan.FakeAlert) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\lpvideo.xmldomdocumenteventssink.1 (Trojan.FakeAlert) -> Quarantined and deleted successfully.

Registry Values Infected:
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDLLs\C:\Program Files\Common Files\Real\WeatherBug\MiniBugTransporter.dll (Adware.Minibug) -> Quarantined and deleted successfully.

Registry Data Items Infected:
(No malicious items detected)

Folders Infected:
C:\Program Files\MSVideoPlugin (Trojan.Agent) -> Quarantined and deleted successfully.

Files Infected:
C:\WINDOWS\system32\win_updatewb.dll (Trojan.BHO) -> Quarantined and deleted successfully.
C:\Program Files\Common Files\Real\WeatherBug\MiniBugTransporter.dll (Adware.Minibug) -> Quarantined and deleted successfully.
C:\Program Files\MSVideoPlugin\80_11.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Program Files\MSVideoPlugin\x11.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\keystrokes.html (Stolen.Data) -> Quarantined and deleted successfully.
C:\WINDOWS\2498187.exe (Rootkit.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\2498296.exe (Rootkit.Agent) -> Quarantined and deleted successfully.




3. New Rsit log

Logfile of random's system information tool 1.04 (written by random/random)
Run by Liz Balinger at 2008-11-25 09:27:12
Microsoft Windows XP Home Edition
System drive C: has 13 GB (33%) free of 38 GB
Total RAM: 255 MB (44% free)

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 09:27, on 2008-11-25
Platform: Windows XP (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 (6.00.2600.0000)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\fxssvc.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe
C:\Program Files\QuickTime\qttask.exe
C:\Program Files\iriver\iriver plus\iAgent.exe
C:\Program Files\Sony\Sony Picture Utility\VolumeWatcher\SPUVolumeWatcher.exe
C:\WINDOWS\System32\wuauclt.exe
C:\Program Files\Java\jre1.6.0_03\bin\jucheck.exe
C:\Documents and Settings\Liz Balinger\Desktop\RSIT.exe
C:\Documents and Settings\Liz Balinger\Desktop\Liz Balinger.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http:///
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\System32\msdxm.ocx
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [TuneClone] C:\Program Files\TuneClone\TuneClone.exe /silence
O4 - HKCU\..\Run: [Microsoft Works Update Detection] C:\Program Files\Microsoft Works\WkDetect.exe
O4 - HKCU\..\Run: [iPlusAgent] "C:\Program Files\iriver\iriver plus\iAgent.exe"
O4 - Startup: Picture Motion Browser Media Check Tool.lnk = C:\Program Files\Sony\Sony Picture Utility\VolumeWatcher\SPUVolumeWatcher.exe
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://www.update.microsoft.com/microsoftu...b?1227126955842
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://www.update.microsoft.com/microsoftu...b?1227126921827
O20 - Winlogon Notify: kstwiz - C:\WINDOWS\SYSTEM32\kstwiz.dll
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: iPodService - Unknown owner - C:\Program Files\iPod\bin\iPodService.exe (file missing)
O23 - Service: NMIndexingService - Unknown owner - C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe (file missing)

--
End of file - 3741 bytes

======Scheduled tasks folder======

C:\WINDOWS\tasks\Norton AntiVirus - Scan my computer.job
C:\WINDOWS\tasks\Symantec NetDetect.job

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
SSVHelper Class - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll [2007-09-25 501136]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{7E853D72-626A-48EC-A868-BA8D5E23E045}]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Windows Live Sign-in Helper - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2006-09-01 322368]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{8E718888-423F-11D2-876E-00A0C9082467} - &Radio - C:\WINDOWS\System32\msdxm.ocx [2001-08-18 843804]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"TkBellExe"=C:\Program Files\Common Files\Real\Update_OB\realsched.exe [2006-01-26 180269]
"SunJavaUpdateSched"=C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe [2007-09-25 132496]
"QuickTime Task"=C:\Program Files\QuickTime\qttask.exe [2008-10-22 155648]
"TuneClone"=C:\Program Files\TuneClone\TuneClone.exe /silence []

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"Microsoft Works Update Detection"=C:\Program Files\Microsoft Works\WkDetect.exe []
"iPlusAgent"=C:\Program Files\iriver\iriver plus\iAgent.exe [2005-06-07 225280]

C:\Documents and Settings\Liz Balinger\Start Menu\Programs\Startup
Picture Motion Browser Media Check Tool.lnk - C:\Program Files\Sony\Sony Picture Utility\VolumeWatcher\SPUVolumeWatcher.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\kstwiz]
C:\WINDOWS\system32\kstwiz.dll [2007-08-10 94583]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\procexp90.Sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\PSEXESVC]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\procexp90.Sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\PSEXESVC]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDrives"=0

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=
"NoDrives"=
"NoDriveAutoRun"=

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

======List of files/folders created in the last 3 months======

2008-11-25 08:51:21 ----D---- C:\Documents and Settings\Liz Balinger\Application Data\Malwarebytes
2008-11-25 08:51:12 ----D---- C:\Program Files\Malwarebytes' Anti-Malware
2008-11-25 08:51:12 ----D---- C:\Documents and Settings\All Users\Application Data\Malwarebytes
2008-11-25 08:41:25 ----D---- C:\_OTMoveIt
2008-11-24 11:33:07 ----D---- C:\ComboFix
2008-11-24 11:33:07 ----A---- C:\WINDOWS\System32\CF23220.exe
2008-11-24 06:51:40 ----A---- C:\WINDOWS\PSEXESVC.EXE
2008-11-24 06:50:05 ----D---- C:\WINDOWS\temp
2008-11-24 06:39:44 ----A---- C:\WINDOWS\System32\CF31272.exe
2008-11-24 04:35:09 ----A---- C:\WINDOWS\System32\CF6861.exe
2008-11-24 04:28:20 ----A---- C:\WINDOWS\System32\CF5542.exe
2008-11-24 04:27:46 ----A---- C:\WINDOWS\System32\CF5418.exe
2008-11-24 02:47:57 ----A---- C:\WINDOWS\System32\CF18632.exe
2008-11-24 02:15:22 ----A---- C:\WINDOWS\System32\CF12244.exe
2008-11-24 02:14:08 ----A---- C:\Boot.bak
2008-11-24 02:13:58 ----D---- C:\cmdcons
2008-11-24 02:10:31 ----A---- C:\WINDOWS\System32\CF11287.exe
2008-11-24 01:56:54 ----A---- C:\WINDOWS\zip.exe
2008-11-24 01:56:54 ----A---- C:\WINDOWS\VFIND.exe
2008-11-24 01:56:54 ----A---- C:\WINDOWS\SWXCACLS.exe
2008-11-24 01:56:54 ----A---- C:\WINDOWS\SWSC.exe
2008-11-24 01:56:54 ----A---- C:\WINDOWS\SWREG.exe
2008-11-24 01:56:54 ----A---- C:\WINDOWS\sed.exe
2008-11-24 01:56:54 ----A---- C:\WINDOWS\NIRCMD.exe
2008-11-24 01:56:54 ----A---- C:\WINDOWS\grep.exe
2008-11-24 01:56:54 ----A---- C:\WINDOWS\fdsv.exe
2008-11-24 01:56:47 ----D---- C:\WINDOWS\ERDNT
2008-11-24 01:56:47 ----D---- C:\Qoobox
2008-11-24 01:56:46 ----A---- C:\WINDOWS\System32\CF8610.exe
2008-11-21 09:23:00 ----D---- C:\SDFix
2008-11-20 23:36:44 ----D---- C:\rsit
2008-11-20 08:49:29 ----D---- C:\Program Files\DScaler5
2008-11-20 08:28:03 ----D---- C:\Program Files\ffdshow
2008-11-20 06:54:01 ----SHD---- C:\Config.Msi
2008-11-20 06:44:20 ----D---- C:\WINDOWS\System32\bits
2008-11-20 06:44:06 ----HDC---- C:\WINDOWS\$NtUninstallKB842773$
2008-11-20 06:43:40 ----N---- C:\WINDOWS\System32\xpob2res.dll
2008-11-20 06:43:40 ----N---- C:\WINDOWS\System32\bitsprx3.dll
2008-11-20 06:43:40 ----N---- C:\WINDOWS\System32\bitsprx2.dll
2008-11-20 06:43:40 ----A---- C:\WINDOWS\System32\winhttp.dll
2008-11-20 06:43:40 ----A---- C:\WINDOWS\System32\qmgrprxy.dll
2008-11-20 06:41:31 ----A---- C:\WINDOWS\System32\mucltui.dll.mui
2008-11-20 06:41:31 ----A---- C:\WINDOWS\System32\mucltui.dll
2008-11-20 06:39:48 ----A---- C:\WINDOWS\System32\wuapi.dll.mui
2008-11-20 06:37:18 ----A---- C:\WINDOWS\System32\wucltui.dll.mui
2008-11-20 06:37:18 ----A---- C:\WINDOWS\System32\wuaueng.dll.mui
2008-11-18 04:37:36 ----A---- C:\WINDOWS\System32\NCTWMAFile2.dll
2008-11-18 04:37:34 ----A---- C:\WINDOWS\System32\VB6STKIT.DLL
2008-11-18 04:37:34 ----A---- C:\WINDOWS\System32\Msvcr70.dll
2008-11-05 12:04:23 ----RA---- C:\WINDOWS\System32\P16Xres.dll
2008-11-05 12:04:23 ----RA---- C:\WINDOWS\System32\P16X.dll
2008-11-05 12:04:23 ----RA---- C:\WINDOWS\System32\A3d.dll
2008-11-05 10:44:45 ----A---- C:\WINDOWS\gui.INI
2008-11-05 10:43:40 ----D---- C:\My Music
2008-11-05 10:43:07 ----D---- C:\Program Files\AEDTools Pro
2008-11-02 07:21:26 ----D---- C:\Program Files\WMA To MP3 Encoder
2008-11-02 06:25:46 ----D---- C:\Program Files\Mediatwins software
2008-10-31 03:02:50 ----D---- C:\Documents and Settings\Liz Balinger\Application Data\zweitgeist
2008-10-26 08:54:57 ----D---- C:\My SyncDirectory
2008-10-26 08:45:30 ----D---- C:\Program Files\iPod
2008-10-26 08:45:19 ----D---- C:\Program Files\iTunes
2008-10-26 08:28:57 ----D---- C:\Program Files\Haali
2008-10-26 08:16:20 ----A---- C:\WINDOWS\System32\Redemption.dll
2008-10-26 07:49:39 ----D---- C:\Program Files\doubleTwist
2008-10-26 06:55:49 ----D---- C:\Converted
2008-10-26 04:01:33 ----D---- C:\Program Files\Common Files\Download Manager
2008-10-26 03:46:21 ----AD---- C:\Documents and Settings\All Users\Application Data\TEMP
2008-10-26 03:40:04 ----D---- C:\Documents and Settings\All Users\Application Data\NCH Software
2008-10-26 03:39:26 ----D---- C:\Program Files\NCH Software
2008-10-26 03:38:54 ----D---- C:\Documents and Settings\All Users\Application Data\NCH Swift Sound
2008-10-26 03:38:19 ----D---- C:\Program Files\NCH Swift Sound
2008-10-26 03:38:19 ----D---- C:\Documents and Settings\Liz Balinger\Application Data\NCH Swift Sound
2008-10-26 03:12:24 ----D---- C:\Documents and Settings\Liz Balinger\Application Data\AccurateRip
2008-10-26 03:12:21 ----A---- C:\WINDOWS\System32\SpoonUninstall.exe
2008-10-26 03:12:18 ----D---- C:\Program Files\Illustrate
2008-10-26 02:53:00 ----D---- C:\Documents and Settings\All Users\Application Data\Pianosoft
2008-10-23 01:15:20 ----D---- C:\Program Files\MediaMonkey
2008-10-22 13:18:04 ----D---- C:\Documents and Settings\Liz Balinger\Application Data\Apple Computer
2008-10-22 13:15:04 ----D---- C:\Program Files\QuickTime
2008-10-22 13:13:14 ----D---- C:\Documents and Settings\All Users\Application Data\Apple Computer
2008-09-29 14:43:10 ----D---- C:\Program Files\Alcohol Soft
2008-09-25 18:03:18 ----A---- C:\WINDOWS\System32\DivXCodecVersionChecker.exe
2008-09-16 12:55:02 ----D---- C:\Program Files\Audacity

======List of files/folders modified in the last 3 months======

2008-11-25 09:02:37 ----A---- C:\WINDOWS\ModemLog_Bluetooth Fax Modem.txt
2008-11-25 09:02:37 ----A---- C:\WINDOWS\ModemLog_Bluetooth DUN Modem.txt
2008-11-25 09:02:31 ----A---- C:\WINDOWS\ModemLog_Generic SoftK56 #2.txt
2008-11-25 09:02:16 ----D---- C:\WINDOWS\Debug
2008-11-25 09:01:30 ----D---- C:\WINDOWS\System32\drivers
2008-11-25 09:00:46 ----A---- C:\WINDOWS\SchedLgU.Txt
2008-11-25 08:59:45 ----D---- C:\WINDOWS\Prefetch
2008-11-25 08:58:23 ----D---- C:\Program Files
2008-11-25 08:58:22 ----D---- C:\WINDOWS\system32
2008-11-25 08:58:22 ----D---- C:\WINDOWS
2008-11-25 08:47:47 ----D---- C:\Program Files\Mozilla Firefox
2008-11-24 10:06:18 ----D---- C:\WINDOWS\System32\CatRoot2
2008-11-24 10:06:16 ----HD---- C:\WINDOWS\inf
2008-11-24 09:52:45 ----A---- C:\WINDOWS\System32\PerfStringBackup.INI
2008-11-24 06:48:08 ----D---- C:\Program Files\Common Files
2008-11-24 06:48:07 ----D---- C:\WINDOWS\AppPatch
2008-11-24 02:14:08 ----RASH---- C:\boot.ini
2008-11-20 08:18:46 ----D---- C:\WINDOWS\security
2008-11-20 08:13:48 ----RSHDC---- C:\WINDOWS\System32\dllcache
2008-11-20 08:13:44 ----D---- C:\WINDOWS\RegisteredPackages
2008-11-20 08:13:43 ----D---- C:\Program Files\Windows Media Player
2008-11-20 08:13:14 ----D---- C:\WINDOWS\Help
2008-11-20 06:55:22 ----SHD---- C:\WINDOWS\Installer
2008-11-20 06:38:42 ----D---- C:\WINDOWS\SoftwareDistribution
2008-11-20 06:36:10 ----SD---- C:\WINDOWS\Downloaded Program Files
2008-11-20 06:05:22 ----A---- C:\WINDOWS\WIN.INI
2008-11-20 03:21:39 ----D---- C:\WINDOWS\Minidump
2008-11-18 08:06:22 ----A---- C:\WINDOWS\NeroDigital.ini
2008-11-18 08:05:28 ----A---- C:\WINDOWS\QTW.INI
2008-11-13 10:55:14 ----D---- C:\WINDOWS\System32\FxsTmp
2008-11-05 11:47:07 ----D---- C:\Documents and Settings\All Users\Application Data\Ulead Systems
2008-11-05 11:47:02 ----HD---- C:\Program Files\InstallShield Installation Information
2008-11-05 11:47:02 ----D---- C:\Program Files\Ulead Systems
2008-11-02 08:17:58 ----A---- C:\WINDOWS\cdplayer.ini
2008-10-26 08:25:52 ----D---- C:\WINDOWS\WinSxS
2008-10-26 08:21:39 ----RSD---- C:\WINDOWS\assembly
2008-10-26 08:21:39 ----D---- C:\WINDOWS\Microsoft.NET
2008-10-26 08:08:13 ----D---- C:\WINDOWS\Registration
2008-10-26 08:05:12 ----D---- C:\Program Files\Internet Explorer
2008-10-26 04:02:20 ----D---- C:\Program Files\Common Files\Microsoft Shared
2008-10-22 13:12:10 ----D---- C:\WINDOWS\Downloaded Installations
2008-10-20 03:29:56 ----D---- C:\Documents and Settings
2008-10-17 08:13:40 ----A---- C:\WINDOWS\System32\wuaueng.dll
2008-10-17 08:12:22 ----A---- C:\WINDOWS\System32\wucltui.dll
2008-10-17 08:12:20 ----A---- C:\WINDOWS\System32\wuapi.dll
2008-10-17 08:09:44 ----A---- C:\WINDOWS\System32\wups2.dll
2008-10-17 08:09:44 ----A---- C:\WINDOWS\System32\wuauclt.exe
2008-10-17 08:09:44 ----A---- C:\WINDOWS\System32\cdm.dll
2008-10-17 08:08:58 ----A---- C:\WINDOWS\System32\wups.dll
2008-09-27 10:09:50 ----D---- C:\Program Files\EA SPORTS
2008-09-27 10:04:47 ----D---- C:\Temp
2008-09-24 09:36:06 ----D---- C:\Documents and Settings\Liz Balinger\Application Data\Image Zone Express
2008-09-20 07:57:32 ----N---- C:\WINDOWS\System32\pxwave.dll
2008-09-20 07:57:32 ----N---- C:\WINDOWS\System32\pxmas.dll
2008-09-20 07:57:32 ----N---- C:\WINDOWS\System32\pxhpinst.exe
2008-09-20 07:57:32 ----N---- C:\WINDOWS\System32\pxdrv.dll
2008-09-20 07:57:30 ----N---- C:\WINDOWS\System32\vxblock.dll
2008-09-20 07:57:30 ----N---- C:\WINDOWS\System32\px.dll
2008-09-12 02:29:19 ----D---- C:\WINDOWS\System32\CatRoot

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R1 AFS2K;AFS2k; C:\WINDOWS\System32\drivers\AFS2K.sys [2006-06-15 82380]
R1 Cdr4_xp;Cdr4_xp; C:\WINDOWS\System32\drivers\Cdr4_xp.sys [2006-08-29 2432]
R1 Cdralw2k;Cdralw2k; C:\WINDOWS\System32\drivers\Cdralw2k.sys [2006-08-29 2560]
R1 cdudf_xp;cdudf_xp; C:\WINDOWS\System32\drivers\cdudf_xp.sys [2002-04-11 236032]
R1 OMCI;OMCI; C:\WINDOWS\SYSTEM32\DRIVERS\OMCI.SYS [2001-08-23 13632]
R1 pwd_2k;pwd_2k; C:\WINDOWS\System32\drivers\pwd_2k.sys [2002-04-11 117898]
R1 UdfReadr_xp;UdfReadr_xp; C:\WINDOWS\System32\drivers\UdfReadr_xp.sys [2002-04-11 206336]
R2 Fallback;Fallback; C:\WINDOWS\System32\DRIVERS\HSF_FALL.sys [2001-08-18 289887]
R2 Fsks;Fsks; C:\WINDOWS\System32\DRIVERS\HSF_FSKS.sys [2001-08-18 115807]
R2 K56;K56; C:\WINDOWS\System32\DRIVERS\HSF_K56K.sys [2001-08-18 391199]
R2 PfModNT;PfModNT; \??\C:\WINDOWS\System32\PfModNT.sys []
R2 SoftFax;SoftFax; C:\WINDOWS\System32\DRIVERS\HSF_FAXX.sys [2001-08-18 199711]
R2 SYMTDI;SYMTDI; \??\C:\WINDOWS\System32\Drivers\SYMTDI.SYS []
R2 Tones;Tones; C:\WINDOWS\System32\DRIVERS\HSF_TONE.sys [2001-08-18 50751]
R2 V124;V124; C:\WINDOWS\System32\DRIVERS\HSF_V124.sys [2001-08-18 488383]
R3 alcan5ln;Alcatel SpeedTouch™ USB ADSL RFC1483 Networking Driver (NDIS); C:\WINDOWS\System32\DRIVERS\alcan5ln.sys [2002-06-07 36048]
R3 alcaudsl;Alcatel Speed Touch ADSL Modem ATM Transport; C:\WINDOWS\System32\DRIVERS\alcaudsl.sys [2002-06-07 743136]
R3 basic2;basic2; C:\WINDOWS\System32\DRIVERS\HSF_BSC2.sys [2001-08-18 67167]
R3 BlueletAudio;Bluetooth Audio Service; C:\WINDOWS\System32\DRIVERS\blueletaudio.sys [2007-03-06 34576]
R3 BlueletSCOAudio;Bluetooth SCO Audio Service; C:\WINDOWS\System32\DRIVERS\BlueletSCOAudio.sys [2007-03-06 27792]
R3 BT;Bluetooth PAN Network Adapter; C:\WINDOWS\System32\DRIVERS\btnetdrv.sys [2007-03-06 18320]
R3 HPZid412;IEEE-1284.4 Driver HPZid412; C:\WINDOWS\System32\DRIVERS\HPZid412.sys [2005-03-08 51120]
R3 HPZipr12;Print Class Driver for IEEE-1284.4 HPZipr12; C:\WINDOWS\System32\DRIVERS\HPZipr12.sys [2005-03-08 16496]
R3 HPZius12;USB to IEEE-1284.4 Translation Driver HPZius12; C:\WINDOWS\System32\DRIVERS\HPZius12.sys [2005-03-08 21744]
R3 hsf_msft;hsf_msft; C:\WINDOWS\System32\DRIVERS\HSF_MSFT.sys [2001-08-18 542879]
R3 mmc_2K;mmc_2K; C:\WINDOWS\System32\drivers\mmc_2K.sys [2002-04-11 29638]
R3 nv;nv; C:\WINDOWS\System32\DRIVERS\nv4_mini.sys [2002-04-19 909837]
R3 P16X;Creative SB Live! Series (WDM); C:\WINDOWS\system32\drivers\P16X.sys [2002-08-31 1293440]
R3 Rksample;Rksample; C:\WINDOWS\System32\DRIVERS\HSF_SAMP.sys [2001-08-18 57471]
R3 ROOTMODEM;Microsoft Legacy Modem Driver; C:\WINDOWS\System32\Drivers\RootMdm.sys [2001-08-18 5888]
R3 SymEvent;SymEvent; \??\C:\Program Files\Symantec\SYMEVENT.SYS []
R3 usbccgp;Microsoft USB Generic Parent Driver; C:\WINDOWS\System32\DRIVERS\usbccgp.sys [2001-08-18 24960]
R3 usbehci;Microsoft USB 2.0 Enhanced Host Controller Miniport Driver; C:\WINDOWS\System32\DRIVERS\usbehci.sys [2002-04-02 19072]
R3 usbhub;USB Root Hub (usbport); C:\WINDOWS\System32\DRIVERS\usbhub.sys [2001-08-18 50688]
R3 usbprint;Microsoft USB PRINTER Class; C:\WINDOWS\System32\DRIVERS\usbprint.sys [2001-08-18 24832]
R3 usbscan;USB Scanner Driver; C:\WINDOWS\System32\DRIVERS\usbscan.sys [2001-08-18 13824]
R3 USBSTOR;USB Mass Storage Driver; C:\WINDOWS\System32\DRIVERS\USBSTOR.SYS [2001-08-18 21760]
R3 usbuhci;Microsoft USB Universal Host Controller Miniport Driver; C:\WINDOWS\System32\DRIVERS\usbuhci.sys [2001-08-18 18944]
R3 VComm;Virtual Serial port driver; C:\WINDOWS\System32\DRIVERS\VComm.sys [2007-03-06 34448]
R3 VcommMgr;Bluetooth VComm Manager Service; C:\WINDOWS\System32\Drivers\VcommMgr.sys [2007-03-06 44304]
R3 wsvad_driver;WS Audio Device; C:\WINDOWS\system32\drivers\VirtualAudio.sys [2008-10-18 16896]
S2 Ca533av;Cam 3200, WDM Video Capture; C:\WINDOWS\System32\Drivers\Ca533av.sys [2002-10-22 515803]
S3 Btcsrusb;Bluetooth USB For Bluetooth Service; C:\WINDOWS\System32\Drivers\btcusb.sys [2007-03-06 39184]
S3 catchme;catchme; \??\C:\ComboFix\catchme.sys []
S3 CCDECODE;Closed Caption Decoder; C:\WINDOWS\System32\DRIVERS\CCDECODE.sys [2004-07-09 16384]
S3 DrmCAudio;DrmCAudio; C:\WINDOWS\system32\drivers\DrmCAudio.sys [2008-10-25 23096]
S3 DrmCVideo;DrmCVideo; C:\WINDOWS\System32\DRIVERS\DrmCVideo.sys [2008-10-25 3768]
S3 dvd_2K;dvd_2K; C:\WINDOWS\System32\drivers\dvd_2K.sys [2002-04-11 24554]
S3 GEARAspiWDM;GEARAspiWDM; C:\WINDOWS\System32\Drivers\GEARAspiWDM.sys []
S3 hidgame;Microsoft Hid to Joystick Port Enabler; C:\WINDOWS\System32\DRIVERS\hidgame.sys [2001-08-18 8576]
S3 HidUsb;Microsoft HID Class Driver; C:\WINDOWS\System32\DRIVERS\hidusb.sys [2001-08-18 9600]
S3 MSTEE;Microsoft Streaming Tee/Sink-to-Sink Converter; C:\WINDOWS\system32\drivers\MSTEE.sys [2002-12-12 5504]
S3 NABTSFEC;NABTS/FEC VBI Codec; C:\WINDOWS\System32\DRIVERS\NABTSFEC.sys [2004-07-09 83968]
S3 NAVAP;NAVAP; \??\C:\WINDOWS\System32\Drivers\NAVAP.SYS []
S3 NAVENG;NAVENG; \??\C:\PROGRA~1\COMMON~1\SYMANT~1\VIRUSD~1\20040509.017\NAVENG.Sys []
S3 NAVEX15;NAVEX15; \??\C:\PROGRA~1\COMMON~1\SYMANT~1\VIRUSD~1\20040509.017\NavEx15.Sys []
S3 NCHSSVAD;SoundTap Recorder; C:\WINDOWS\system32\drivers\nchssvad.sys [2008-10-26 27136]
S3 NdisIP;Microsoft TV/Video Connection; C:\WINDOWS\System32\DRIVERS\NdisIP.sys [2004-07-09 10112]
S3 PortlUSB;PortlUSB; C:\WINDOWS\System32\DRIVERS\H10USB.sys [2004-06-24 7552]
S3 SbcpHid;SbcpHid; \??\C:\WINDOWS\System32\Drivers\SbcpHid.sys []
S3 slabbus;USB Data Cable driver (WDM); C:\WINDOWS\System32\DRIVERS\slabbus.sys []
S3 slabser;USB Data Cable Drivers; C:\WINDOWS\System32\DRIVERS\slabser.sys []
S3 SLIP;BDA Slip De-Framer; C:\WINDOWS\System32\DRIVERS\SLIP.sys [2004-07-09 10880]
S3 SONYPVU1;Sony USB Filter Driver (SONYPVU1); C:\WINDOWS\System32\DRIVERS\SONYPVU1.SYS [2001-08-18 7552]
S3 streamip;BDA IPSink; C:\WINDOWS\System32\DRIVERS\StreamIP.sys [2004-07-09 14976]
S3 SYMREDRV;SYMREDRV; \??\C:\WINDOWS\System32\Drivers\SYMREDRV.SYS []
S3 WSTCODEC;World Standard Teletext Codec; C:\WINDOWS\System32\DRIVERS\WSTCODEC.SYS [2004-07-09 18688]
S4 IntelIde;IntelIde; C:\WINDOWS\System32\drivers\IntelIde.sys []

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 Fax;Fax; C:\WINDOWS\system32\fxssvc.exe [2001-08-18 249344]
R2 UMWdf;Windows User Mode Driver Framework; C:\WINDOWS\System32\wdfmgr.exe [2005-01-29 38912]
S3 aspnet_state;ASP.NET State Service; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2005-09-24 29896]
S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2005-09-24 66240]
S3 IDriverT;InstallDriver Table Manager; C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [2005-04-04 69632]
S3 iPodService;iPodService; C:\Program Files\iPod\bin\iPodService.exe []
S3 NMIndexingService;NMIndexingService; C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe []
S3 usnjsvc;Messenger Sharing Folders USN Journal Reader service; C:\Program Files\MSN Messenger\usnsvc.exe [2007-01-20 97136]
S4 navapsvc;Norton AntiVirus Auto Protect Service; C:\Program Files\Norton AntiVirus\navapsvc.exe []
S4 NVSvc;NVIDIA Driver Helper Service; C:\WINDOWS\System32\nvsvc32.exe [2002-04-19 61440]
S4 Pml Driver HPZ12;Pml Driver HPZ12; C:\WINDOWS\System32\HPZipm12.exe [2004-09-30 69632]
S4 SBService;ScriptBlocking Service; C:\PROGRA~1\COMMON~1\SYMANT~1\SCRIPT~1\SBServ.exe [2001-08-14 54408]
S4 SecureLockWare_InputPassword;SecureLockWare ???????; C:\Program Files\BUFFALO\SLW\ENCRDLG.exe [2005-11-08 262144]
S4 SNDSrvc;Symantec Network Drivers Service; C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe []
S4 SymWSC;SymWMI Service; C:\Program Files\Common Files\Symantec Shared\Security Center\SymWSC.exe []

-----------------EOF-----------------

Hi please delete your version of Combofix and do the following:

Download ComboFix from one of these locations:

Link 1
Link 2
Link 3


* IMPORTANT !!! Save ComboFix.exe to your Desktop

• Disable your AntiVirus and AntiSpyware applications, usually via a right click on the System Tray icon. They may otherwise interfere with our tools
  
  
• Double click on ComboFix.exe & follow the prompts.
  
  
• As part of it's process, ComboFix will check to see if the Microsoft Windows Recovery Console is installed. With malware infections being as they are today, it's strongly recommended to have this pre-installed on your machine before doing any malware removal. It will allow you to boot up into a special recovery/repair mode that will allow us to more easily help you should your computer have a problem after an attempted removal of malware.
  
  
• Follow the prompts to allow ComboFix to download and install the Microsoft Windows Recovery Console, and when prompted, agree to the End-User License Agreement to install the Microsoft Windows Recovery Console.

**Please note: If the Microsoft Windows Recovery Console is already installed, ComboFix will continue it's malware removal procedures.

Once the Microsoft Windows Recovery Console is installed using ComboFix, you should see the following message:




Click on Yes, to continue scanning for malware.

When finished, it shall produce a log for you. Please include the C:\ComboFix.txt in your next reply.

Hi kahdah - below is the log from combofix:

ComboFix 08-11-27.03 - Liz Balinger 2008-11-28 12:18:14.6 - NTFSx86
Microsoft Windows XP Home Edition 5.1.2600.0.1252.1.1033.18.104 [GMT 10:00]
Running from: c:\documents and settings\Liz Balinger\Desktop\ComboFix.exe
.

((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
---- Previous Run -------
.
c:\documents and settings\Liz Balinger\Application Data\hidires
c:\documents and settings\Liz Balinger\Application Data\hidn
c:\documents and settings\Liz Balinger\Application Data\hidn\hidn1.exe
c:\documents and settings\Liz Balinger\Application Data\hidn\hidn2.exe
c:\documents and settings\Liz Balinger\Application Data\hidn\hldrrr.exe
c:\documents and settings\Liz Balinger\Application Data\hidn\m_hook.sys
c:\documents and settings\Liz Balinger\Application Data\m
c:\documents and settings\Liz Balinger\Application Data\m\data.oct
c:\documents and settings\Liz Balinger\Application Data\m\list.oct
c:\documents and settings\Liz Balinger\Application Data\m\shared\(PC.APPL).Panda.Titanium.Antivirus.+.Antispyware.2006.zip
c:\documents and settings\Liz Balinger\Application Data\m\shared\.11-2006.zip
c:\documents and settings\Liz Balinger\Application Data\m\shared\.Mc.Afee.Virusscan.8.0.Crack.zip
c:\documents and settings\Liz Balinger\Application Data\m\shared\.Panda.Antivirus.Titanium.2004.3.0.crack-serial-keygen.zip
c:\documents and settings\Liz Balinger\Application Data\m\shared\[app.ita.&.multilinguage]AVG.AntiVirus.Pro.7.5.425.812.keygen.freddy.zip
c:\documents and settings\Liz Balinger\Application Data\m\shared\[ITA].-.NOD32.W98&WNT.-.2.51.26.+.FIX.zip
c:\documents and settings\Liz Balinger\Application Data\m\shared\1st warkanoid ii
c:\documents and settings\Liz Balinger\Application Data\m\shared\2.Norton.Antivirus.2004.Crack.zip
c:\documents and settings\Liz Balinger\Application Data\m\shared\2006 Netmite Communities FireFox Extension 2.2.zip
c:\documents and settings\Liz Balinger\Application Data\m\shared\2006 Poor David's Almanac 5.12.07.zip
c:\documents and settings\Liz Balinger\Application Data\m\shared\2D GhostForest Interactive Desktop 04 1.zip
c:\documents and settings\Liz Balinger\Application Data\m\shared\365 Magnificent Flowers Screensaver 2.1.zip
c:\documents and settings\Liz Balinger\Application Data\m\shared\3D Amazing Yosemite 3.zip
c:\documents and settings\Liz Balinger\Application Data\m\shared\3D Ghosts in the Graveyard 2.0.zip
c:\documents and settings\Liz Balinger\Application Data\m\shared\3D Interstellar Voyager 1.2.zip
c:\documents and settings\Liz Balinger\Application Data\m\shared\3D Pie Chart 1.6.zip
c:\documents and settings\Liz Balinger\Application Data\m\shared\3D Rain Forest Adventure 3.0.zip
c:\documents and settings\Liz Balinger\Application Data\m\shared\3D Speed City (Pocket PC) 1.1f.zip
c:\documents and settings\Liz Balinger\Application Data\m\shared\3Day Organizer 1.0.zip
c:\documents and settings\Liz Balinger\Application Data\m\shared\52Deck Texas Holdem Poker Calculator Trainer 2.1.1.zip
c:\documents and settings\Liz Balinger\Application Data\m\shared\7art Graceful Horses ScreenSaver 1.5.zip
c:\documents and settings\Liz Balinger\Application Data\m\shared\A1 SpeechTRON 1.zip
c:\documents and settings\Liz Balinger\Application Data\m\shared\A1 Website Analyzer 1.0.8.zip
c:\documents and settings\Liz Balinger\Application Data\m\shared\ABC Chinese Learning Tools 1.zip
c:\documents and settings\Liz Balinger\Application Data\m\shared\Abilities Builder Language Plus 8.6.zip
c:\documents and settings\Liz Balinger\Application Data\m\shared\Acala DVD Copy 2.3.4.zip
c:\documents and settings\Liz Balinger\Application Data\m\shared\Acala DVD to Pocket PC Movie 2.4.2.zip
c:\documents and settings\Liz Balinger\Application Data\m\shared\Access Folders 2.1.zip
c:\documents and settings\Liz Balinger\Application Data\m\shared\ACCU Ripper 1.zip
c:\documents and settings\Liz Balinger\Application Data\m\shared\Aces Texas Hold'em - No Limit 1.3.12.zip
c:\documents and settings\Liz Balinger\Application Data\m\shared\Acme Rapidtype 3.zip
c:\documents and settings\Liz Balinger\Application Data\m\shared\ACT_INFINITAS_NOD32_patch_por_gurguru_1.zip
c:\documents and settings\Liz Balinger\Application Data\m\shared\Activation.McAfee.Internet.Security.2006.+.Cracks.&.Super.Infos.2006.fr.zip
c:\documents and settings\Liz Balinger\Application Data\m\shared\Activation.Symantec.Norton.Internet.Security.2007.avec.crack.&.Super.News.2007.zip
c:\documents and settings\Liz Balinger\Application Data\m\shared\Active@ Boot Disk 2.1.2.zip
c:\documents and settings\Liz Balinger\Application Data\m\shared\ActiveMailer 3.2.zip
c:\documents and settings\Liz Balinger\Application Data\m\shared\Acupressure Guide (Smartphone) 3.0.zip
c:\documents and settings\Liz Balinger\Application Data\m\shared\AdmWin 7.5.zip
c:\documents and settings\Liz Balinger\Application Data\m\shared\Adobe GoLive CS2.zip
c:\documents and settings\Liz Balinger\Application Data\m\shared\Advanced Outlook Express Repair 1.4.zip
c:\documents and settings\Liz Balinger\Application Data\m\shared\Advanced Screen Capture 1.1.zip
c:\documents and settings\Liz Balinger\Application Data\m\shared\AeroTags Search Expert 1.2.zip
c:\documents and settings\Liz Balinger\Application Data\m\shared\AES (256bit) 1.zip
c:\documents and settings\Liz Balinger\Application Data\m\shared\After The End 1.1.3.zip
c:\documents and settings\Liz Balinger\Application Data\m\shared\Age of Mythology The Titans Final Fantasy Crystal Chronicles map.zip
c:\documents and settings\Liz Balinger\Application Data\m\shared\Age of Sail II Privateer's Bounty 1.0.zip
c:\documents and settings\Liz Balinger\Application Data\m\shared\Air Warrior III D3D patch.zip
c:\documents and settings\Liz Balinger\Application Data\m\shared\Airscanner.v2.9.(Mobile.Antivirus.Pro.for.Pocket.PC).zip
c:\documents and settings\Liz Balinger\Application Data\m\shared\AK-FireFrame 1.4.zip
c:\documents and settings\Liz Balinger\Application Data\m\shared\AkeeSoft WMViewer 1.0.zip
c:\documents and settings\Liz Balinger\Application Data\m\shared\Alarm Reminder eBay Edition 2.0.zip
c:\documents and settings\Liz Balinger\Application Data\m\shared\Alcootest English Version 1.0.zip
c:\documents and settings\Liz Balinger\Application Data\m\shared\AliasKeys 1.0.3.zip
c:\documents and settings\Liz Balinger\Application Data\m\shared\All In One Keylogger 2.6.zip
c:\documents and settings\Liz Balinger\Application Data\m\shared\Altova XMLSpy Enterprise Edition 2007.zip
c:\documents and settings\Liz Balinger\Application Data\m\shared\American Civil War Gettysburg 1.zip
c:\documents and settings\Liz Balinger\Application Data\m\shared\Analyzer I 1 build 0.zip
c:\documents and settings\Liz Balinger\Application Data\m\shared\Anasoft Helena 1.1.1.zip
c:\documents and settings\Liz Balinger\Application Data\m\shared\Ancient Ball 1.0.zip
c:\documents and settings\Liz Balinger\Application Data\m\shared\Animal Kids Screensaver 1.0.zip
c:\documents and settings\Liz Balinger\Application Data\m\shared\AniMatch 1.0a.zip
c:\documents and settings\Liz Balinger\Application Data\m\shared\Anti Red Eye 1.0.zip
c:\documents and settings\Liz Balinger\Application Data\m\shared\AntiHook 2.6 build 14.zip
c:\documents and settings\Liz Balinger\Application Data\m\shared\AntiVir.PersonalEdition.Classic.7.+.Handbuch.by.neonic.zip
c:\documents and settings\Liz Balinger\Application Data\m\shared\AntiVir_PersonalEdition_Classic_v7.02.zip
c:\documents and settings\Liz Balinger\Application Data\m\shared\Antivirus.-.AVG.Free.Edition.7.0.zip
c:\documents and settings\Liz Balinger\Application Data\m\shared\Any Sound Recorder 2.93 build 2932.zip
c:\documents and settings\Liz Balinger\Application Data\m\shared\AnyQuery 2.5.01.zip
c:\documents and settings\Liz Balinger\Application Data\m\shared\AnyReader 1.8 build 52.zip
c:\documents and settings\Liz Balinger\Application Data\m\shared\APA Referencing Macros 1.8.zip
c:\documents and settings\Liz Balinger\Application Data\m\shared\AppToService 2.7.zip
c:\documents and settings\Liz Balinger\Application Data\m\shared\Arc Menu 5.3.zip
c:\documents and settings\Liz Balinger\Application Data\m\shared\Arch Avenger Pro 2.zip
c:\documents and settings\Liz Balinger\Application Data\m\shared\Articulation 1.1.zip
c:\documents and settings\Liz Balinger\Application Data\m\shared\ASCII Art Generator 3.2.4.2.zip
c:\documents and settings\Liz Balinger\Application Data\m\shared\ASCII Key 1.3.zip
c:\documents and settings\Liz Balinger\Application Data\m\shared\ASP.NET AI-Tree 1.1.zip
c:\documents and settings\Liz Balinger\Application Data\m\shared\AstroChip 1.zip
c:\documents and settings\Liz Balinger\Application Data\m\shared\Astrologer Free 1.zip
c:\documents and settings\Liz Balinger\Application Data\m\shared\Audioscrobbler Windows Media Player 9 Plugin 1.1.7.zip
c:\documents and settings\Liz Balinger\Application Data\m\shared\AudioWeb 1.0.zip
c:\documents and settings\Liz Balinger\Application Data\m\shared\Aurionix FileUsage 1.1.zip
c:\documents and settings\Liz Balinger\Application Data\m\shared\Auscomp eNavigator Suite 7.5.zip
c:\documents and settings\Liz Balinger\Application Data\m\shared\Authent-I 1.2.zip
c:\documents and settings\Liz Balinger\Application Data\m\shared\Auto Signature 2.1.0.zip
c:\documents and settings\Liz Balinger\Application Data\m\shared\AutoISO 1.0.1.zip
c:\documents and settings\Liz Balinger\Application Data\m\shared\AV MP3 Player Morpher 3.0.18.zip
c:\documents and settings\Liz Balinger\Application Data\m\shared\Avast!.4.Professional.Edition.4.7.844.Portuguese.zip
c:\documents and settings\Liz Balinger\Application Data\m\shared\Avast!4.7.892+keygen.zip
c:\documents and settings\Liz Balinger\Application Data\m\shared\Avast.Antivirus.4.6.Profesional.spanish-español.+.keygen.por.TuNeM.zip
c:\documents and settings\Liz Balinger\Application Data\m\shared\AVG.+.Firewall.+.Serial.+.Cracks.-.V.7.zip
c:\documents and settings\Liz Balinger\Application Data\m\shared\AVG.7.0.344.incl..serial.zip
c:\documents and settings\Liz Balinger\Application Data\m\shared\AVG.Anti-Virus.v7.1.405a.791.Multilangages.Incl-Keygen.updated-fixed.Release.01-2007.zip
c:\documents and settings\Liz Balinger\Application Data\m\shared\Avg.Antispyware.zip
c:\documents and settings\Liz Balinger\Application Data\m\shared\AVG.Pro.v7.0.308.466.(CRACK).zip
c:\documents and settings\Liz Balinger\Application Data\m\shared\AVG_7.X_keygen.zip
c:\documents and settings\Liz Balinger\Application Data\m\shared\AVG_AntiVirus_Professional_v7.1_Multilang+.keygen.zip
c:\documents and settings\Liz Balinger\Application Data\m\shared\Avira.Antivir.Personaledition.Premium.7.+.Key.16-03-2011.zip
c:\documents and settings\Liz Balinger\Application Data\m\shared\Babarosa Gif Animator 3.6.zip
c:\documents and settings\Liz Balinger\Application Data\m\shared\Baby Boom II 1.2.zip
c:\documents and settings\Liz Balinger\Application Data\m\shared\Backup Manager 2.5.zip
c:\documents and settings\Liz Balinger\Application Data\m\shared\Bad Cookie 1.6.zip
c:\documents and settings\Liz Balinger\Application Data\m\shared\Bad News Bears Trailer.zip
c:\documents and settings\Liz Balinger\Application Data\m\shared\Ball-Bar 1.zip
c:\documents and settings\Liz Balinger\Application Data\m\shared\Balloon Headed Boy 1.zip
c:\documents and settings\Liz Balinger\Application Data\m\shared\BatchSync FTP 2 build 26.zip
c:\documents and settings\Liz Balinger\Application Data\m\shared\Battlefield 1942 - Christmas on the Battlefield mod.zip
c:\documents and settings\Liz Balinger\Application Data\m\shared\Battlefield 1942 - Rocket World mod.zip
c:\documents and settings\Liz Balinger\Application Data\m\shared\Battlefield 1942 - RtR Dirty Weapons Pack.zip
c:\documents and settings\Liz Balinger\Application Data\m\shared\Battlefield Vietnam Jungle Fever mod.zip
c:\documents and settings\Liz Balinger\Application Data\m\shared\Baytex Party 3.0.zip
c:\documents and settings\Liz Balinger\Application Data\m\shared\BBEdit 8.2.6.zip
c:\documents and settings\Liz Balinger\Application Data\m\shared\Beavis and Butt-head in Virtual Stupidity Court Chaos demo.zip
c:\documents and settings\Liz Balinger\Application Data\m\shared\Bestwarez.Org.Kaspersky.Internet.Security.6.X.Key.Non.Blacklist.zip
c:\documents and settings\Liz Balinger\Application Data\m\shared\BetterCalc 1.0.zip
c:\documents and settings\Liz Balinger\Application Data\m\shared\BG.-.Anelia.(2005).-.Vsichko.vodi.kum.teb.(by.PANDA_1960).zip
c:\documents and settings\Liz Balinger\Application Data\m\shared\BG.-.Kompilacija.(2006).-.Pajner.Hit.Sezoni.-.Prolet.2006.(by.PANDA_1960).zip
c:\documents and settings\Liz Balinger\Application Data\m\shared\BibleProjector (Russian) 1.0a.zip
c:\documents and settings\Liz Balinger\Application Data\m\shared\Bid-n-Invoice Home Cleaning 2.1.zip
c:\documents and settings\Liz Balinger\Application Data\m\shared\Big Kahuna Reef 2 1.zip
c:\documents and settings\Liz Balinger\Application Data\m\shared\BigJig 8.07.zip
c:\documents and settings\Liz Balinger\Application Data\m\shared\Bio Lines 1.1.zip
c:\documents and settings\Liz Balinger\Application Data\m\shared\Bistro Stars 1.1.zip
c:\documents and settings\Liz Balinger\Application Data\m\shared\Bitdefender.Internet.Security.v10.0.FRENCH+Keygen.zip
c:\documents and settings\Liz Balinger\Application Data\m\shared\Bitdefender.Professional.v9.0.Build.9.Crack.-.Keygen.-.Serial.zip
c:\documents and settings\Liz Balinger\Application Data\m\shared\Bitdefender.v10.Standard.Ita.zip
c:\documents and settings\Liz Balinger\Application Data\m\shared\bitdefender_profesionnal.plus.v10+key.(French).ok.updated-fixed.01-2007.zip
c:\documents and settings\Liz Balinger\Application Data\m\shared\BIToolz for SQL Server 1.5.zip
c:\documents and settings\Liz Balinger\Application Data\m\shared\Biz-Plan 3.zip
c:\documents and settings\Liz Balinger\Application Data\m\shared\BJ Printer Driver Canon Pixma iP6000D 1.8.zip
c:\documents and settings\Liz Balinger\Application Data\m\shared\Black & White 1.1 patch.zip
c:\documents and settings\Liz Balinger\Application Data\m\shared\Blast Thru 1.zip
c:\documents and settings\Liz Balinger\Application Data\m\shared\Blocks (CE handheld, MIPS) 0.20.zip
c:\documents and settings\Liz Balinger\Application Data\m\shared\Blue Shield 1.1.zip
c:\documents and settings\Liz Balinger\Application Data\m\shared\Body Art Screensaver 1.0.zip
c:\documents and settings\Liz Balinger\Application Data\m\shared\Brainstorm The Game Show 1.0.zip
c:\documents and settings\Liz Balinger\Application Data\m\shared\Bricks of Camelot 1.zip
c:\documents and settings\Liz Balinger\Application Data\m\shared\Brixout XP 2.5.zip
c:\documents and settings\Liz Balinger\Application Data\m\shared\btp_reakts 2.7.zip
c:\documents and settings\Liz Balinger\Application Data\m\shared\Bubbloids 1.2b.zip
c:\documents and settings\Liz Balinger\Application Data\m\shared\BuildingMage 2.1.zip
c:\documents and settings\Liz Balinger\Application Data\m\shared\Business Lite 1.6.zip
c:\documents and settings\Liz Balinger\Application Data\m\shared\Business2Go Small Business 2.4.1.zip
c:\documents and settings\Liz Balinger\Application Data\m\shared\Buzzsaw CD Ripper 3.2.zip
c:\documents and settings\Liz Balinger\Application Data\m\shared\BVRP Connection Manager Pro 1.03.zip
c:\documents and settings\Liz Balinger\Application Data\m\shared\BZFlag 2.0.4.zip
c:\documents and settings\Liz Balinger\Application Data\m\shared\Cabos for Windows 0.5.5.zip
c:\documents and settings\Liz Balinger\Application Data\m\shared\Cake Mania 1.0.zip
c:\documents and settings\Liz Balinger\Application Data\m\shared\Call of Duty Capture the Flag mod.zip
c:\documents and settings\Liz Balinger\Application Data\m\shared\Callserve Internet Telephone 4.35.zip
c:\documents and settings\Liz Balinger\Application Data\m\shared\Camo Soda Break 2.1.zip
c:\documents and settings\Liz Balinger\Application Data\m\shared\Canon EOS 20D Firmware Update 2.0.3.zip
c:\documents and settings\Liz Balinger\Application Data\m\shared\Canon PowerShot S70 Firmware Update 1.0.1.zip
c:\documents and settings\Liz Balinger\Application Data\m\shared\CaptureWizPro 3.6.zip
c:\documents and settings\Liz Balinger\Application Data\m\shared\Cara-Pic 1.zip
c:\documents and settings\Liz Balinger\Application Data\m\shared\CardDragon2006 1.zip
c:\documents and settings\Liz Balinger\Application Data\m\shared\Cards Plus 1.zip
c:\documents and settings\Liz Balinger\Application Data\m\shared\CardSuite 3.71.zip
c:\documents and settings\Liz Balinger\Application Data\m\shared\Care Meter widget.zip
c:\documents and settings\Liz Balinger\Application Data\m\shared\Cat5Data 1.0.9.zip
c:\documents and settings\Liz Balinger\Application Data\m\shared\Catamarans Screensaver 1.04.zip
c:\documents and settings\Liz Balinger\Application Data\m\shared\CatDV Personal Edition 3.0.9.zip
c:\documents and settings\Liz Balinger\Application Data\m\shared\CCDi Image 2.0.zip
c:\documents and settings\Liz Balinger\Application Data\m\shared\CD Menu Builder 1.03.zip
c:\documents and settings\Liz Balinger\Application Data\m\shared\Change Any Icon 1.0.zip
c:\documents and settings\Liz Balinger\Application Data\m\shared\Chart Wars 1.2.zip
c:\documents and settings\Liz Balinger\Application Data\m\shared\Chat Parrots Screensaver 1.zip
c:\documents and settings\Liz Balinger\Application Data\m\shared\ChemXL Ref 1.0.zip
c:\documents and settings\Liz Balinger\Application Data\m\shared\Chinese Before You Know It Lite 3.6.zip
c:\documents and settings\Liz Balinger\Application Data\m\shared\Chm2web 2.46.zip
c:\documents and settings\Liz Balinger\Application Data\m\shared\Clicktionary (Traditional Chinese) 3.2.1.zip
c:\documents and settings\Liz Balinger\Application Data\m\shared\Client for Remote Administrator 2.1.zip
c:\documents and settings\Liz Balinger\Application Data\m\shared\Codename Countdown 1.zip
c:\documents and settings\Liz Balinger\Application Data\m\shared\Codestarter 1.0.2.zip
c:\documents and settings\Liz Balinger\Application Data\m\shared\CoffeeCup Live Chat 4.0.zip
c:\documents and settings\Liz Balinger\Application Data\m\shared\Color StyleWriter 4000 Series Update 1.1.zip
c:\documents and settings\Liz Balinger\Application Data\m\shared\Coloroid Professional Color Plan Designer 1.1.zip
c:\documents and settings\Liz Balinger\Application Data\m\shared\COM-X-RAY 1.2.zip
c:\documents and settings\Liz Balinger\Application Data\m\shared\Combat Command 2 Desert Rats demo.zip
c:\documents and settings\Liz Balinger\Application Data\m\shared\Command & Conquer Generals - Cliff Top map.zip
c:\documents and settings\Liz Balinger\Application Data\m\shared\Command & Conquer Generals - USA map.zip
c:\documents and settings\Liz Balinger\Application Data\m\shared\Command & Conquer Renegade - map pack 3.zip
c:\documents and settings\Liz Balinger\Application Data\m\shared\Commandos 2 Men of Courage v1.2 patch.zip
c:\documents and settings\Liz Balinger\Application Data\m\shared\Compact Outlook Express Backup 2.7.zip
c:\documents and settings\Liz Balinger\Application Data\m\shared\Compare & Backup 1.6.zip
c:\documents and settings\Liz Balinger\Application Data\m\shared\CompeGPS Land 6.2.zip
c:\documents and settings\Liz Balinger\Application Data\m\shared\ComponentSet 1.3.zip
c:\documents and settings\Liz Balinger\Application Data\m\shared\Computech MP3 Locator 1.0.zip
c:\documents and settings\Liz Balinger\Application Data\m\shared\Converter Plus x86 e1.1.zip
c:\documents and settings\Liz Balinger\Application Data\m\shared\Copernicus 1.1.zip
c:\documents and settings\Liz Balinger\Application Data\m\shared\Countdown Clock 2.0.4.zip
c:\documents and settings\Liz Balinger\Application Data\m\shared\crack.Kaspersky.5.0.201.All.Language.(FR.English).zip
c:\documents and settings\Liz Balinger\Application Data\m\shared\Crack.Mcafee.All.Versions.Complete.zip
c:\documents and settings\Liz Balinger\Application Data\m\shared\crack.para.panda.antivirus.titanium.2004.by.belmont.(spanish).zip
c:\documents and settings\Liz Balinger\Application Data\m\shared\Creatrix.zip
c:\documents and settings\Liz Balinger\Application Data\m\shared\Cresotech PocketLANce 1.15.zip
c:\documents and settings\Liz Balinger\Application Data\m\shared\Crystal Cave Gold 1.8.zip
c:\documents and settings\Liz Balinger\Application Data\m\shared\CS-RCSBrowser 4.0.zip
c:\documents and settings\Liz Balinger\Application Data\m\shared\Cyrillic-English Keyboard Driver 5.3.zip
c:\documents and settings\Liz Balinger\Application Data\m\shared\Daily Inspiration 1.zip
c:\documents and settings\Liz Balinger\Application Data\m\shared\Dancing Olympic Mascot Screensaver.zip
c:\documents and settings\Liz Balinger\Application Data\m\shared\DART CD-Recorder 4.1.33p.zip
c:\documents and settings\Liz Balinger\Application Data\m\shared\Data Scrambler 1.2.zip
c:\documents and settings\Liz Balinger\Application Data\m\shared\Death 1.0.zip
c:\documents and settings\Liz Balinger\Application Data\m\shared\Decookie 1 build 25.zip
c:\documents and settings\Liz Balinger\Application Data\m\shared\DepecheOS 1.2.zip
c:\documents and settings\Liz Balinger\Application Data\m\shared\DesignWorks Professional 4.2.zip
c:\documents and settings\Liz Balinger\Application Data\m\shared\Desktop Clock 4 4.0.1.zip
c:\documents and settings\Liz Balinger\Application Data\m\shared\DeviceLock Plug and Play Auditor 5.72 build 152.zip
c:\documents and settings\Liz Balinger\Application Data\m\shared\Dialgo VOIP TAPI DLL SDK 3.zip
c:\documents and settings\Liz Balinger\Application Data\m\shared\Dicy 1.zip
c:\documents and settings\Liz Balinger\Application Data\m\shared\Digital Sound Recorder 3.2.5.zip
c:\documents and settings\Liz Balinger\Application Data\m\shared\DipTrace 1.23.zip
c:\documents and settings\Liz Balinger\Application Data\m\shared\DIRD 1.0.zip
c:\documents and settings\Liz Balinger\Application Data\m\shared\Direct WAV MP3 Splitter 2.4.zip
c:\documents and settings\Liz Balinger\Application Data\m\shared\Directory Content Printer 1.1.zip
c:\documents and settings\Liz Balinger\Application Data\m\shared\Dirt Track Racing Patch 1.02d.zip
c:\documents and settings\Liz Balinger\Application Data\m\shared\DiskView 3.6.zip
c:\documents and settings\Liz Balinger\Application Data\m\shared\Disney World of Motion WinAmp Skin 1.0.zip
c:\documents and settings\Liz Balinger\Application Data\m\shared\DistribuTrak Professional for Small Business 5.zip
c:\documents and settings\Liz Balinger\Application Data\m\shared\Divine Divinity demo.zip
c:\documents and settings\Liz Balinger\Application Data\m\shared\Donarius 2.752.zip
c:\documents and settings\Liz Balinger\Application Data\m\shared\Doom 3 Battle Ready mod 1.5.zip
c:\documents and settings\Liz Balinger\Application Data\m\shared\Doom 3 Project Brian mod.zip
c:\documents and settings\Liz Balinger\Application Data\m\shared\DOPING.PANDA.-.WE.IN.MUSIC.zip
c:\documents and settings\Liz Balinger\Application Data\m\shared\dotDefender 2.12.zip
c:\documents and settings\Liz Balinger\Application Data\m\shared\Double Top.zip
c:\documents and settings\Liz Balinger\Application Data\m\shared\Download Commander 2.zip
c:\documents and settings\Liz Balinger\Application Data\m\shared\drakan
c:\documents and settings\Liz Balinger\Application Data\m\shared\DriveSwap32 1.0.503.zip
c:\documents and settings\Liz Balinger\Application Data\m\shared\DriveWizard Professional 3.13.zip
c:\documents and settings\Liz Balinger\Application Data\m\shared\DrugDoses for Palm 2.zip
c:\documents and settings\Liz Balinger\Application Data\m\shared\Drum Kit Ace 1.zip
c:\documents and settings\Liz Balinger\Application Data\m\shared\DrWeb.4.33.Keys.zip
c:\documents and settings\Liz Balinger\Application Data\m\shared\DS NegativeScroll 1.0.zip
c:\documents and settings\Liz Balinger\Application Data\m\shared\DuctSizer 4.2.zip
c:\documents and settings\Liz Balinger\Application Data\m\shared\Duvantin Screensaver 1.zip
c:\documents and settings\Liz Balinger\Application Data\m\shared\Dynasoft TeleFactura Billing 3.52.zip
c:\documents and settings\Liz Balinger\Application Data\m\shared\ea games, ea sport, westwood
c:\documents and settings\Liz Balinger\Application Data\m\shared\Earth 2150 The Lost Souls patch 2.0.zip
c:\documents and settings\Liz Balinger\Application Data\m\shared\Earth Photo Screensaver 1.0.zip
c:\documents and settings\Liz Balinger\Application Data\m\shared\Earthworm Jim demo.zip
c:\documents and settings\Liz Balinger\Application Data\m\shared\Easy 3D Creator 3.0.zip
c:\documents and settings\Liz Balinger\Application Data\m\shared\Easy Image Resizer 1.1.zip
c:\documents and settings\Liz Balinger\Application Data\m\shared\Easy Projects .NET 4.2.zip
c:\documents and settings\Liz Balinger\Application Data\m\shared\Easy Way to Build MySQL Client Programs 2.zip
c:\documents and settings\Liz Balinger\Application Data\m\shared\EasySMS StarLink x86 e2.1.zip
c:\documents and settings\Liz Balinger\Application Data\m\shared\EasyZip 2.0.23.zip
c:\documents and settings\Liz Balinger\Application Data\m\shared\Eclarsys PopGrabber 1.zip
c:\documents and settings\Liz Balinger\Application Data\m\shared\EditPad Lite 6.1.1.zip
c:\documents and settings\Liz Balinger\Application Data\m\shared\Einstein's Kids & Family Resource Guide 2.zip
c:\documents and settings\Liz Balinger\Application Data\m\shared\Elite Keylogger 3.0 build 014.zip
c:\documents and settings\Liz Balinger\Application Data\m\shared\Ell-Jay 0.1.zip
c:\documents and settings\Liz Balinger\Application Data\m\shared\EMailerID 2.1.zip
c:\documents and settings\Liz Balinger\Application Data\m\shared\Emantic Outware 1.0.zip
c:\documents and settings\Liz Balinger\Application Data\m\shared\EMC Retrospect 6.1 Server for Macintosh 6.1.zip
c:\documents and settings\Liz Balinger\Application Data\m\shared\EngCalc Hyd 1.4.zip
c:\documents and settings\Liz Balinger\Application Data\m\shared\English to Swedish Phrasebook 1.11.zip
c:\documents and settings\Liz Balinger\Application Data\m\shared\EnhanceMovie 2.2.zip
c:\documents and settings\Liz Balinger\Application Data\m\shared\Enter the Internet Registry 3.zip
c:\documents and settings\Liz Balinger\Application Data\m\shared\EON Raptor (for 3ds Max) 5.5.1.zip
c:\documents and settings\Liz Balinger\Application Data\m\shared\eOrdering Complete X 2.4.6.zip
c:\documents and settings\Liz Balinger\Application Data\m\shared\ErgoEnterprise Single User 5.50.12.zip
c:\documents and settings\Liz Balinger\Application Data\m\shared\Eset.Nod32.Antivirus.v2.000.5-Core.zip
c:\documents and settings\Liz Balinger\Application Data\m\shared\Etherscan Analyzer 1.2 build 1237.zip
c:\documents and settings\Liz Balinger\Application Data\m\shared\Eusing Free Registry Cleaner 1.1.zip
c:\documents and settings\Liz Balinger\Application Data\m\shared\Excel File Size Reduce Software 7.zip
c:\documents and settings\Liz Balinger\Application Data\m\shared\Excel Power Expander 4.5.zip
c:\documents and settings\Liz Balinger\Application Data\m\shared\Expedoinge 1.1.zip
c:\documents and settings\Liz Balinger\Application Data\m\shared\Explosions 1.2.zip
c:\documents and settings\Liz Balinger\Application Data\m\shared\F-Prot Antivirus 3.16f.zip
c:\documents and settings\Liz Balinger\Application Data\m\shared\f-prot.(FPROT.ANTIVIRUS.PARA.DOS).zip
c:\documents and settings\Liz Balinger\Application Data\m\shared\Facade 1.03.zip
c:\documents and settings\Liz Balinger\Application Data\m\shared\FaceCode DX 2.0.zip
c:\documents and settings\Liz Balinger\Application Data\m\shared\Far Cry MP Vietnam map.zip
c:\documents and settings\Liz Balinger\Application Data\m\shared\Far West demo.zip
c:\documents and settings\Liz Balinger\Application Data\m\shared\Fashion Cents 1.6.3.zip
c:\documents and settings\Liz Balinger\Application Data\m\shared\Fast Internet 1.1.zip
c:\documents and settings\Liz Balinger\Application Data\m\shared\FastInfoset.NET Community 1.0.1.zip
c:\documents and settings\Liz Balinger\Application Data\m\shared\File Encryptor 2.zip
c:\documents and settings\Liz Balinger\Application Data\m\shared\File Investigator 2.06.zip
c:\documents and settings\Liz Balinger\Application Data\m\shared\File Lock 6.1.2.zip
c:\documents and settings\Liz Balinger\Application Data\m\shared\FileScan Tool Pro 6.5.3.zip
c:\documents and settings\Liz Balinger\Application Data\m\shared\Filipino Foxes Screensaver 3.zip
c:\documents and settings\Liz Balinger\Application Data\m\shared\Flash Player Pro 3.1.zip
c:\documents and settings\Liz Balinger\Application Data\m\shared\Flasher 4.0.zip
c:\documents and settings\Liz Balinger\Application Data\m\shared\FlashReliance 1.1.zip
c:\documents and settings\Liz Balinger\Application Data\m\shared\FlashSpring Lite 1.3.zip
c:\documents and settings\Liz Balinger\Application Data\m\shared\Fly the Legend 1.0.zip
c:\documents and settings\Liz Balinger\Application Data\m\shared\Fly! II map pack 13.zip
c:\documents and settings\Liz Balinger\Application Data\m\shared\Fly! II map pack 16.zip
c:\documents and settings\Liz Balinger\Application Data\m\shared\FlyConferencing Suite 1.0.zip
c:\documents and settings\Liz Balinger\Application Data\m\shared\FontCreator 5.5.zip
c:\documents and settings\Liz Balinger\Application Data\m\shared\For Liberty demo.zip
c:\documents and settings\Liz Balinger\Application Data\m\shared\Free Applet Collection 1.zip
c:\documents and settings\Liz Balinger\Application Data\m\shared\Free Audio Recorder 1.0.zip
c:\documents and settings\Liz Balinger\Application Data\m\shared\Free Durian Server 2.0.zip
c:\documents and settings\Liz Balinger\Application Data\m\shared\Free Renju 5.zip
c:\documents and settings\Liz Balinger\Application Data\m\shared\Free Ringtone Collection 1.zip
c:\documents and settings\Liz Balinger\Application Data\m\shared\FreeCAD 8.0.zip
c:\documents and settings\Liz Balinger\Application Data\m\shared\Freeware Browser 4.0.zip
c:\documents and settings\Liz Balinger\Application Data\m\shared\Frontpage 2000 Server Extensions (Windows 9x and NT) 4.0.2.5526.zip
c:\documents and settings\Liz Balinger\Application Data\m\shared\FullRecall 1.2.28.zip
c:\documents and settings\Liz Balinger\Application Data\m\shared\Fund Downloader (New Zealand Edition) 1.0.5.zip
c:\documents and settings\Liz Balinger\Application Data\m\shared\Funetica 5.04.zip
c:\documents and settings\Liz Balinger\Application Data\m\shared\G-Lock EasyMail Professional 4.52.zip
c:\documents and settings\Liz Balinger\Application Data\m\shared\GalaxiaForEver 2.zip
c:\documents and settings\Liz Balinger\Application Data\m\shared\GavaBAS 2.01.02.zip
c:\documents and settings\Liz Balinger\Application Data\m\shared\Generador2.0.Para.Actualizaciones.Del.Antivirus.Nod32.zip
c:\documents and settings\Liz Balinger\Application Data\m\shared\GEO Spider 2.7.zip
c:\documents and settings\Liz Balinger\Application Data\m\shared\GeVeZe Instant LAN Messenger 2.0 build 387.zip
c:\documents and settings\Liz Balinger\Application Data\m\shared\GFP - Personal Finance Manager 0.6.zip
c:\documents and settings\Liz Balinger\Application Data\m\shared\GirlFriend X 5.1.zip
c:\documents and settings\Liz Balinger\Application Data\m\shared\glTron (OS X) 0.62.zip
c:\documents and settings\Liz Balinger\Application Data\m\shared\Go Game Life and Death for Symbian Series 80 1.zip
c:\documents and settings\Liz Balinger\Application Data\m\shared\GoBeProductive 3.0.4.zip
c:\documents and settings\Liz Balinger\Application Data\m\shared\Gogame Skill of Endgame for Windows 1.17.zip
c:\documents and settings\Liz Balinger\Application Data\m\shared\goScreen 5.2.5.84.zip
c:\documents and settings\Liz Balinger\Application Data\m\shared\Green Valley 3D Screensaver 1.zip
c:\documents and settings\Liz Balinger\Application Data\m\shared\Gunner 1.21.zip
c:\documents and settings\Liz Balinger\Application Data\m\shared\HandWallet 4.09.zip
c:\documents and settings\Liz Balinger\Application Data\m\shared\Harfang 1.2.zip
c:\documents and settings\Liz Balinger\Application Data\m\shared\Harmony 1.0.zip
c:\documents and settings\Liz Balinger\Application Data\m\shared\Harry Potter and the Goblet of Fire demo.zip
c:\documents and settings\Liz Balinger\Application Data\m\shared\HD-Locker 2.zip
c:\documents and settings\Liz Balinger\Application Data\m\shared\Help Desk for IIS 2.zip
c:\documents and settings\Liz Balinger\Application Data\m\shared\Holiday Hounds Screensaver 1.zip
c:\documents and settings\Liz Balinger\Application Data\m\shared\HomeGallery 2.5.zip
c:\documents and settings\Liz Balinger\Application Data\m\shared\Honestech VHS to DVD 2.0.zip
c:\documents and settings\Liz Balinger\Application Data\m\shared\Horse Rider Memories 2.0.zip
c:\documents and settings\Liz Balinger\Application Data\m\shared\Hot Air Balloon Screensaver 1.1.zip
c:\documents and settings\Liz Balinger\Application Data\m\shared\Hot Keyboard 2.7.zip
c:\documents and settings\Liz Balinger\Application Data\m\shared\HotConference Pro 4.2.0.4.zip
c:\documents and settings\Liz Balinger\Application Data\m\shared\Hover It Producer Pro 2.01.zip
c:\documents and settings\Liz Balinger\Application Data\m\shared\HTML to Image Wizard 1.02.zip
c:\documents and settings\Liz Balinger\Application Data\m\shared\HTTP E-mail MAPI Transport 1.3.5.zip
c:\documents and settings\Liz Balinger\Application Data\m\shared\HTTPSupervisor 1.2.zip
c:\documents and settings\Liz Balinger\Application Data\m\shared\Hyper 21 1.7.zip
c:\documents and settings\Liz Balinger\Application Data\m\shared\I of the Dragon demo.zip
c:\documents and settings\Liz Balinger\Application Data\m\shared\i.Xchange Movie Editor 1.7.1.zip
c:\documents and settings\Liz Balinger\Application Data\m\shared\Ibis 2.6.zip
c:\documents and settings\Liz Balinger\Application Data\m\shared\iCab X 3.0.3.zip
c:\documents and settings\Liz Balinger\Application Data\m\shared\ICE Book Reader Professional 8.6.zip
c:\documents and settings\Liz Balinger\Application Data\m\shared\IceFTP 1.0.zip
c:\documents and settings\Liz Balinger\Application Data\m\shared\IconMasterXP 4.1.zip
c:\documents and settings\Liz Balinger\Application Data\m\shared\IE Catcher 1.3.zip
c:\documents and settings\Liz Balinger\Application Data\m\shared\iFever 1.3.0.1.zip
c:\documents and settings\Liz Balinger\Application Data\m\shared\iFunPix 0.34.zip
c:\documents and settings\Liz Balinger\Application Data\m\shared\ImageConvertor 1.1.0328.zip
c:\documents and settings\Liz Balinger\Application Data\m\shared\ImageCrush 1.1.zip
c:\documents and settings\Liz Balinger\Application Data\m\shared\IMAN- Invoice Manager 1.zip
c:\documents and settings\Liz Balinger\Application Data\m\shared\Imperialism demo.zip
c:\documents and settings\Liz Balinger\Application Data\m\shared\InboxRules RW Free Edition 2.10.zip
c:\documents and settings\Liz Balinger\Application Data\m\shared\InfoManager 1.zip
c:\documents and settings\Liz Balinger\Application Data\m\shared\IntelliGolf Eagle 8.zip
c:\documents and settings\Liz Balinger\Application Data\m\shared\IntelliView Designer 3.5.zip
c:\documents and settings\Liz Balinger\Application Data\m\shared\Internet Caffe 5.3.1.zip
c:\documents and settings\Liz Balinger\Application Data\m\shared\Internet Download Calculator 1.zip
c:\documents and settings\Liz Balinger\Application Data\m\shared\Internet Explorer 5.01 SP1 Scriptlet Rendering Vulnerability Patch.zip
c:\documents and settings\Liz Balinger\Application Data\m\shared\Internet Explorer Key 6.5 build 1014.zip
c:\documents and settings\Liz Balinger\Application Data\m\shared\Internet Graphics Finder 4.0.8.zip
c:\documents and settings\Liz Balinger\Application Data\m\shared\Intranet Organizer 1.zip
c:\documents and settings\Liz Balinger\Application Data\m\shared\Invasion 1.4.0.zip
c:\documents and settings\Liz Balinger\Application Data\m\shared\IOXperts USB WebCam Driver 1.0.zip
c:\documents and settings\Liz Balinger\Application Data\m\shared\IPetC Basic 1.0.zip
c:\documents and settings\Liz Balinger\Application Data\m\shared\Iranian Calendar Toolbar 1.zip
c:\documents and settings\Liz Balinger\Application Data\m\shared\ISPTimer 3.4.zip
c:\documents and settings\Liz Balinger\Application Data\m\shared\iUnformat NTFS 1.9.757.zip
c:\documents and settings\Liz Balinger\Application Data\m\shared\J Virtual Keyboard 1.zip
c:\documents and settings\Liz Balinger\Application Data\m\shared\JAAScois PC Monitor 1.zip
c:\documents and settings\Liz Balinger\Application Data\m\shared\Jack Nicklaus 4 demo.zip
c:\documents and settings\Liz Balinger\Application Data\m\shared\Jackpot Keno 1.zip
c:\documents and settings\Liz Balinger\Application Data\m\shared\Janitor Dan the Spaceman 1.6.zip
c:\documents and settings\Liz Balinger\Application Data\m\shared\Java News Ticker Applet 1.zip
c:\documents and settings\Liz Balinger\Application Data\m\shared\Javascript SlideMenu 1.0.zip
c:\documents and settings\Liz Balinger\Application Data\m\shared\JCVGantt Pro 2.zip
c:\documents and settings\Liz Balinger\Application Data\m\shared\Jedi Knight Jedi Academy Yavin Elite Academy map.zip
c:\documents and settings\Liz Balinger\Application Data\m\shared\JetAudio Basic 6.2.6.zip
c:\documents and settings\Liz Balinger\Application Data\m\shared\JRelaxTimer 1.0.001.zip
c:\documents and settings\Liz Balinger\Application Data\m\shared\Jukebox Pro 1.0.68.zip
c:\documents and settings\Liz Balinger\Application Data\m\shared\Kandalu X Lite 1.18c.76.zip
c:\documents and settings\Liz Balinger\Application Data\m\shared\Karaoke Sing-n-Burn 1.zip
c:\documents and settings\Liz Balinger\Application Data\m\shared\Karvonite 3.0.122.zip
c:\documents and settings\Liz Balinger\Application Data\m\shared\Kaspersky(卡巴斯基).Anti-Virus.V6.0.0.307.中文版.zip
c:\documents and settings\Liz Balinger\Application Data\m\shared\Kaspersky.Anti-Virus.5.+.Kaspersky.Anti-Hacker.par.PASTX.zip
c:\documents and settings\Liz Balinger\Application Data\m\shared\Kaspersky.Anti-Virus.Personal.Pro.2007.Keyfiles.zip
c:\documents and settings\Liz Balinger\Application Data\m\shared\Kaspersky.Anti-Virus.v6.0.1.411.WinAll-TWK.zip
c:\documents and settings\Liz Balinger\Application Data\m\shared\Kaspersky.Anti.Virus.Personal.v5.0.527.German.zip
c:\documents and settings\Liz Balinger\Application Data\m\shared\Kaspersky.Antivirus.2006.key.zip
c:\documents and settings\Liz Balinger\Application Data\m\shared\Kaspersky.AntiVirus.KAV.5.0.527.ITA.Key.09-2007.Controller.Programmi.zip
c:\documents and settings\Liz Balinger\Application Data\m\shared\Kaspersky.AntiVirus.Personal.5.0.142.Ita.con.manuale.e.key.zip
c:\documents and settings\Liz Balinger\Application Data\m\shared\Kaspersky.Antivirus.Personal.5.0.372.(español).zip
c:\documents and settings\Liz Balinger\Application Data\m\shared\Kaspersky.Antivirus.Personal.Pro.v5.0.20.Key.zip
c:\documents and settings\Liz Balinger\Application Data\m\shared\Kaspersky.Antivirus.Personal.v6.0.1.411.Final.con.keyfiles.incluidos.zip
c:\documents and settings\Liz Balinger\Application Data\m\shared\Kaspersky.AVP_Blacklist_Removal_Tool_v1.8.updated-fixed.Release.12-2006.zip
c:\documents and settings\Liz Balinger\Application Data\m\shared\Kaspersky.Internet.Security.6.0.0.303.-.Español.+.Llave.Hasta.05.04.2008.(No.Lista.Negra).zip
c:\documents and settings\Liz Balinger\Application Data\m\shared\Kaspersky.Internet.Security.6.0.1.411.Key.zip
c:\documents and settings\Liz Balinger\Application Data\m\shared\Kaspersky.Personal.v6.00300.zip
c:\documents and settings\Liz Balinger\Application Data\m\shared\Kaspersky.regkeyen.2007.zip
c:\documents and settings\Liz Balinger\Application Data\m\shared\Kaspersky_Anti-Virus_Personal_v5.0.227_Español_Spanish+Licencia_Key_.zip
c:\documents and settings\Liz Balinger\Application Data\m\shared\Kaspersky_Internet_Security_2006_6.0.0.303_FINAL_.zip
c:\documents and settings\Liz Balinger\Application Data\m\shared\Key Launcher 1.zip
c:\documents and settings\Liz Balinger\Application Data\m\shared\KeyRing 1.1.zip
c:\documents and settings\Liz Balinger\Application Data\m\shared\Kid's Programming Language 1.1.zip
c:\documents and settings\Liz Balinger\Application Data\m\shared\Kingdia DVD Ripper SE 3.0.2.zip
c:\documents and settings\Liz Balinger\Application Data\m\shared\Kingdom of Heaven Screensaver.zip
c:\documents and settings\Liz Balinger\Application Data\m\shared\Labels and Cards Pro 2.0.7.zip
c:\documents and settings\Liz Balinger\Application Data\m\shared\Lambda HTML Editor 2.0.2.zip
c:\documents and settings\Liz Balinger\Application Data\m\shared\Lander 1.1.zip
c:\documents and settings\Liz Balinger\Application Data\m\shared\Lattice Screensaver 1.0.zip
c:\documents and settings\Liz Balinger\Application Data\m\shared\LeadingProject 1.3.6.zip
c:\documents and settings\Liz Balinger\Application Data\m\shared\LeftHack 3.0.zip
c:\documents and settings\Liz Balinger\Application Data\m\shared\legacy of kain 2
c:\documents and settings\Liz Balinger\Application Data\m\shared\LightningCode 1.5.zip
c:\documents and settings\Liz Balinger\Application Data\m\shared\LingvoSoft English-Bosnian Dictionary for Windows 3.1.41.zip
c:\documents and settings\Liz Balinger\Application Data\m\shared\LingvoSoft Suite 2006 English-Spanish for Windows 1.zip
c:\documents and settings\Liz Balinger\Application Data\m\shared\LinkTile 1.3.zip
c:\documents and settings\Liz Balinger\Application Data\m\shared\Liquib 1.2.zip
c:\documents and settings\Liz Balinger\Application Data\m\shared\Live Alpha 1.zip
c:\documents and settings\Liz Balinger\Application Data\m\shared\Living Family Journal 3.7.zip
c:\documents and settings\Liz Balinger\Application Data\m\shared\Llave.Kaspersky.5.0.237.21-05-2007.zip
c:\documents and settings\Liz Balinger\Application Data\m\shared\LOGiX--Simulation of Logic Circuits 1.1.zip
c:\documents and settings\Liz Balinger\Application Data\m\shared\Lord of the Rings Battle for Middle-earth II v1.01 German patch.zip
c:\documents and settings\Liz Balinger\Application Data\m\shared\Lords of Everquest single-player demo.zip
c:\documents and settings\Liz Balinger\Application Data\m\shared\LOTTOmania 2005 1.0.15.zip
c:\documents and settings\Liz Balinger\Application Data\m\shared\Lullaby Management 6.zip
c:\documents and settings\Liz Balinger\Application Data\m\shared\M6.Net PR Quick Check 1.zip
c:\documents and settings\Liz Balinger\Application Data\m\shared\Mac Style Menu for Dreamweaver 1.1.zip
c:\documents and settings\Liz Balinger\Application Data\m\shared\MacAfee.VirusScan.Professional.7.0.zip
c:\documents and settings\Liz Balinger\Application Data\m\shared\MacAstronomica 2.0.5.zip
c:\documents and settings\Liz Balinger\Application Data\m\shared\Macromedia Contribute 3.0.zip
c:\documents and settings\Liz Balinger\Application Data\m\shared\Mad Libs 1.zip
c:\documents and settings\Liz Balinger\Application Data\m\shared\Madness Manager 2.zip
c:\documents and settings\Liz Balinger\Application Data\m\shared\MageSlayer demo.zip
c:\documents and settings\Liz Balinger\Application Data\m\shared\Magic RM RAM to MP3 Converter 2.55.zip
c:\documents and settings\Liz Balinger\Application Data\m\shared\Mahjongg Artifacts 1.05.zip
c:\documents and settings\Liz Balinger\Application Data\m\shared\Mail Preview 2.3a.zip
c:\documents and settings\Liz Balinger\Application Data\m\shared\Mail Shower 0.8.2.zip
c:\documents and settings\Liz Balinger\Application Data\m\shared\Mandelbrot 1.0.zip
c:\documents and settings\Liz Balinger\Application Data\m\shared\Master and Disciple 1.0.zip
c:\documents and settings\Liz Balinger\Application Data\m\shared\MasterBlaster Deluxe 2.0.zip
c:\documents and settings\Liz Balinger\Application Data\m\shared\Masterra Email Reserve 1.4.zip
c:\documents and settings\Liz Balinger\Application Data\m\shared\McAfee.Desktop.Firewall.v8.5.0.591.German-DVT.zip
c:\documents and settings\Liz Balinger\Application Data\m\shared\McAfee.InterneSecurity.2005.Ver.7.(Español-Spanish).zip
c:\documents and settings\Liz Balinger\Application Data\m\shared\Mcafee.Internet.Security.Suite.2006.v8.0.114.4.-.Ita.zip
c:\documents and settings\Liz Balinger\Application Data\m\shared\McAfee.Internet.Security.Suite.2007.[Fr].zip
c:\documents and settings\Liz Balinger\Application Data\m\shared\McAfee.Internet.Security.v5.02.6000.zip
c:\documents and settings\Liz Balinger\Application Data\m\shared\mcafee.securitycenter.crack.updated-fixed.11-2006.zip
c:\documents and settings\Liz Balinger\Application Data\m\shared\Mcafee.Spamkiller.6.0.Crack-Serial-Keygen.zip
c:\documents and settings\Liz Balinger\Application Data\m\shared\McAfee.Total.Protection.2007.zip
c:\documents and settings\Liz Balinger\Application Data\m\shared\McHurricane 5.2.2.zip
c:\documents and settings\Liz Balinger\Application Data\m\shared\Mean Girls Screensaver 1.0.zip
c:\documents and settings\Liz Balinger\Application Data\m\shared\Mech Warrior 4 Mercenaries - New Battlefields map pack.zip
c:\documents and settings\Liz Balinger\Application Data\m\shared\MechWarrior 4 Vengeance - Lavarena map.zip
c:\documents and settings\Liz Balinger\Application Data\m\shared\Medal of Honor Allied Assault 180th All In One Pack 1.0.zip
c:\documents and settings\Liz Balinger\Application Data\m\shared\Medal of Honor Allied Assault Norway map.zip
c:\documents and settings\Liz Balinger\Application Data\m\shared\Medal of Honor Allied Assault Spearhead - Tripoli map.zip
c:\documents and settings\Liz Balinger\Application Data\m\shared\MedCalc 9.zip
c:\documents and settings\Liz Balinger\Application Data\m\shared\MediaEdit 1.7.zip
c:\documents and settings\Liz Balinger\Application Data\m\shared\Meeting Timer 1.zip
c:\documents and settings\Liz Balinger\Application Data\m\shared\MemoryStick 1.3.4.zip
c:\documents and settings\Liz Balinger\Application Data\m\shared\Merge MP3 0.1d.zip
c:\documents and settings\Liz Balinger\Application Data\m\shared\Message Client 1.6.7.zip
c:\documents and settings\Liz Balinger\Application Data\m\shared\Message Parse 3.18.zip
c:\documents and settings\Liz Balinger\Application Data\m\shared\Messenger History 1.0.zip
c:\documents and settings\Liz Balinger\Application Data\m\shared\MetriWorks Signature 1.zip
c:\documents and settings\Liz Balinger\Application Data\m\shared\Metronome 1.zip
c:\documents and settings\Liz Balinger\Application Data\m\shared\Michigan Rummy 1.0.1.4.zip
c:\documents and settings\Liz Balinger\Application Data\m\shared\MicroSE Player.MSE 1.3.9.27.zip
c:\documents and settings\Liz Balinger\Application Data\m\shared\Microsoft SNARF 1.7.004.zip
c:\documents and settings\Liz Balinger\Application Data\m\shared\MidiSyn 1.8.zip
c:\documents and settings\Liz Balinger\Application Data\m\shared\miniTrezor 2.0.3.zip
c:\documents and settings\Liz Balinger\Application Data\m\shared\Missing Since January patch.zip
c:\documents and settings\Liz Balinger\Application Data\m\shared\Mobile Exchange Rate 1.zip
c:\documents and settings\Liz Balinger\Application Data\m\shared\Mobile Phone MP3 Encoder & Play List Maker Pro 1.06.zip
c:\documents and settings\Liz Balinger\Application Data\m\shared\MobileCameo 1.1.zip
c:\documents and settings\Liz Balinger\Application Data\m\shared\ModelCAD 12.0.zip
c:\documents and settings\Liz Balinger\Application Data\m\shared\Molecular Workbench 1.3.zip
c:\documents and settings\Liz Balinger\Application Data\m\shared\Moulin Rouge Slide Show Screensaver 1.0.zip
c:\documents and settings\Liz Balinger\Application Data\m\shared\MovieBase 1.1.zip
c:\documents and settings\Liz Balinger\Application Data\m\shared\MovieFind 1.zip
c:\documents and settings\Liz Balinger\Application Data\m\shared\MP3 DirPlayer 3.0.zip
c:\documents and settings\Liz Balinger\Application Data\m\shared\Mp3 Frame Editor 3.zip
c:\documents and settings\Liz Balinger\Application Data\m\shared\MP3 To Ringtone Pro 1.2.zip
c:\documents and settings\Liz Balinger\Application Data\m\shared\MParty3 1.5.zip
c:\documents and settings\Liz Balinger\Application Data\m\shared\MSCBlob 2.0.zip
c:\documents and settings\Liz Balinger\Application Data\m\shared\MSDict Concise Oxford-Paravia Italian Dictionary (Symbian Series 80) 2.50.zip
c:\documents and settings\Liz Balinger\Application Data\m\shared\MSDict Oxford Dictionary of Business 7.40.zip
c:\documents and settings\Liz Balinger\Application Data\m\shared\MSN Webcam Recorder 9.1.zip
c:\documents and settings\Liz Balinger\Application Data\m\shared\Multi-Web JEDic 2005 2.zip
c:\documents and settings\Liz Balinger\Application Data\m\shared\MultiCrypt 1.zip
c:\documents and settings\Liz Balinger\Application Data\m\shared\Mundu Radio (for Smartphones) 1ws beta.zip
c:\documents and settings\Liz Balinger\Application Data\m\shared\MusicGoals Rhythm 1.02.zip
c:\documents and settings\Liz Balinger\Application Data\m\shared\MusicPactus 2.9.127.zip
c:\documents and settings\Liz Balinger\Application Data\m\shared\Mutilate File Wiper 2.92 build 52.zip
c:\documents and settings\Liz Balinger\Application Data\m\shared\MuvAudio2 2.1.zip
c:\documents and settings\Liz Balinger\Application Data\m\shared\MVP Bridge 3.4.zip
c:\documents and settings\Liz Balinger\Application Data\m\shared\My Cats Screensaver 3.0.zip
c:\documents and settings\Liz Balinger\Application Data\m\shared\My Games 3.33.zip
c:\documents and settings\Liz Balinger\Application Data\m\shared\MyCleanerPC 1.0.24.zip
c:\documents and settings\Liz Balinger\Application Data\m\shared\MyLife Notebook & DB Utilities 6.2.zip
c:\documents and settings\Liz Balinger\Application Data\m\shared\Myth III The Wolf Age update 1.3.1.zip
c:\documents and settings\Liz Balinger\Application Data\m\shared\MZSplit 2.zip
c:\documents and settings\Liz Balinger\Application Data\m\shared\NapTracK 1.3.zip
c:\documents and settings\Liz Balinger\Application Data\m\shared\Navy Field Patch 1.101 1.101.zip
c:\documents and settings\Liz Balinger\Application Data\m\shared\Neotrek 649 Picker 1.6.zip
c:\documents and settings\Liz Balinger\Application Data\m\shared\Netintelligence Business Edition 1.0.zip
c:\documents and settings\Liz Balinger\Application Data\m\shared\NetLeech 3.0.zip
c:\documents and settings\Liz Balinger\Application Data\m\shared\NetSwitch 2.1.zip
c:\documents and settings\Liz Balinger\Application Data\m\shared\NetTaskExec 1.zip
c:\documents and settings\Liz Balinger\Application Data\m\shared\Network Inventory Master 4.5.zip
c:\documents and settings\Liz Balinger\Application Data\m\shared\New England Patriots Winamp Skin.zip
c:\documents and settings\Liz Balinger\Application Data\m\shared\NewsPiper 3.5.zip
c:\documents and settings\Liz Balinger\Application Data\m\shared\No Limit Texas Hold 'em Poker 1.zip
c:\documents and settings\Liz Balinger\Application Data\m\shared\NOD32.2.51.20.(Spanish.-.Español).+.CRACK.de.por.Vida.by.FerMuFer.zip
c:\documents and settings\Liz Balinger\Application Data\m\shared\NOD32.FiX.v1.0-nsane.zip
c:\documents and settings\Liz Balinger\Application Data\m\shared\NOD32.FiX.v1.3-nsane.zip
c:\documents and settings\Liz Balinger\Application Data\m\shared\Nod32.Key.Generator.All.Version.Updated-Fixed.01-2007.zip
c:\documents and settings\Liz Balinger\Application Data\m\shared\Nod32_2.51.12_ita.zip
c:\documents and settings\Liz Balinger\Application Data\m\shared\nod32_antivirus.zip
c:\documents and settings\Liz Balinger\Application Data\m\shared\NOD32_Antivirus_System_2.70.16_-_FINAL.zip
c:\documents and settings\Liz Balinger\Application Data\m\shared\NoRedEye 1.zip
c:\documents and settings\Liz Balinger\Application Data\m\shared\Norton.Ghost.2004.(Symantec).Serial.zip
c:\documents and settings\Liz Balinger\Application Data\m\shared\Norton.Symantec.Recovery.Disk.2005.zip
c:\documents and settings\Liz Balinger\Application Data\m\shared\Notepedia for iPod 0.91.zip
c:\documents and settings\Liz Balinger\Application Data\m\shared\nQuick 3.0.zip
c:\documents and settings\Liz Balinger\Application Data\m\shared\Numara Track-It 7.zip
c:\documents and settings\Liz Balinger\Application Data\m\shared\Ocean Sunsets Photo Screensaver 1.0.zip
c:\documents and settings\Liz Balinger\Application Data\m\shared\Office XP Tool Global IME (Traditional Chinese).zip
c:\documents and settings\Liz Balinger\Application Data\m\shared\Office.2003.WinALL.fix.WinRAR.and.DosRAR.v3.42.zip
c:\documents and settings\Liz Balinger\Application Data\m\shared\OfficeCalendar for Microsoft Outlook 2.3.2.zip
c:\documents and settings\Liz Balinger\Application Data\m\shared\OhMyGolf 1.3.3.zip
c:\documents and settings\Liz Balinger\Application Data\m\shared\Oil Painting Assistant 3.0.2007.zip
c:\documents and settings\Liz Balinger\Application Data\m\shared\Omni Accounts 7.1.38.zip
c:\documents and settings\Liz Balinger\Application Data\m\shared\OmniGraffle Pro 4.1.2.zip
c:\documents and settings\Liz Balinger\Application Data\m\shared\On2Share MCE 1.1.0.1.zip
c:\documents and settings\Liz Balinger\Application Data\m\shared\Once Twice Thrice 3.0.zip
c:\documents and settings\Liz Balinger\Application Data\m\shared\One Rep Max Calculator 1.0.zip
c:\documents and settings\Liz Balinger\Application Data\m\shared\OPCWare Client Developer 3.0.1.zip
c:\documents and settings\Liz Balinger\Application Data\m\shared\OrbitGraph 2.zip
c:\documents and settings\Liz Balinger\Application Data\m\shared\OS9 Helper 1.0.1.zip
c:\documents and settings\Liz Balinger\Application Data\m\shared\Outside 1.zip
c:\documents and settings\Liz Balinger\Application Data\m\shared\PAL Evidence Eliminator and Tracks Eraser 1.01.zip
c:\documents and settings\Liz Balinger\Application Data\m\shared\Panda.Antivirus.Platinium.7.0.+.serials.zip
c:\documents and settings\Liz Balinger\Application Data\m\shared\Panda.AntiVirus.Titanium.2005.v4.1.Cracked.Version.zip
c:\documents and settings\Liz Balinger\Application Data\m\shared\Panda.Antivirus.v6.09.Platinum.zip
c:\documents and settings\Liz Balinger\Application Data\m\shared\Panda.Platinum.2006.Internet.Security.v10.03.00.WinALL.Retail-ARN.zip
c:\documents and settings\Liz Balinger\Application Data\m\shared\Panda.Titanium.2005.exe(con.usuario.y.contraseña)hasta.2006.zip
c:\documents and settings\Liz Balinger\Application Data\m\shared\Panda.Titanium.2006.Antivirus.Antispyware.(French).Crackeado.By.Menmac.Software.zip
c:\documents and settings\Liz Balinger\Application Data\m\shared\panda.titanium.2006.keygen.zip
c:\documents and settings\Liz Balinger\Application Data\m\shared\Panorama Perfect Lite 1.6.2.zip
c:\documents and settings\Liz Balinger\Application Data\m\shared\Particle Fire Screensaver 1.0.zip
c:\documents and settings\Liz Balinger\Application Data\m\shared\PassMark SoundCheck 2.0.zip
c:\documents and settings\Liz Balinger\Application Data\m\shared\Pathfinder III 1.2.zip
c:\documents and settings\Liz Balinger\Application Data\m\shared\Pax Galaxia 1.13.9.zip
c:\documents and settings\Liz Balinger\Application Data\m\shared\PC Power Sweeper 2.1.zip
c:\documents and settings\Liz Balinger\Application Data\m\shared\PCMesh Internet Cleanup 4.1.1.zip
c:\documents and settings\Liz Balinger\Application Data\m\shared\PCMop Evidence Washer for PC 1.0.zip
c:\documents and settings\Liz Balinger\Application Data\m\shared\PDF-Office 2.8.zip
c:\documents and settings\Liz Balinger\Application Data\m\shared\PDF Info 1.0.zip
c:\documents and settings\Liz Balinger\Application Data\m\shared\PDF Master 1.2.zip
c:\documents and settings\Liz Balinger\Application Data\m\shared\Peachtree Key 6.1.zip
c:\documents and settings\Liz Balinger\Application Data\m\shared\PentaZip 7.0.zip
c:\documents and settings\Liz Balinger\Application Data\m\shared\People Book (PowerPC) 3.5.1.zip
c:\documents and settings\Liz Balinger\Application Data\m\shared\People Putty 1.1.zip
c:\documents and settings\Liz Balinger\Application Data\m\shared\Perfect Shutdown 2.5.zip
c:\documents and settings\Liz Balinger\Application Data\m\shared\Personal Accounts 5.21.zip
c:\documents and settings\Liz Balinger\Application Data\m\shared\Personal Testing System 1.0.zip
c:\documents and settings\Liz Balinger\Application Data\m\shared\Peter's XML Editor 2.0.zip
c:\documents and settings\Liz Balinger\Application Data\m\shared\Photo Dater 1.2.zip
c:\documents and settings\Liz Balinger\Application Data\m\shared\Photo Puzzle FX 2.zip
c:\documents and settings\Liz Balinger\Application Data\m\shared\PhotoStory 2005 - Organize Your Photos 2005.zip
c:\documents and settings\Liz Balinger\Application Data\m\shared\PHPMaker 4.2.zip
c:\documents and settings\Liz Balinger\Application Data\m\shared\Phraze Daze 2.0.zip
c:\documents and settings\Liz Balinger\Application Data\m\shared\PianoEx (MidiFile Player) 1.1.zip
c:\documents and settings\Liz Balinger\Application Data\m\shared\Picture Saver Screen Saver 3.0.zip
c:\documents and settings\Liz Balinger\Application Data\m\shared\Ping Test Easy 2.07.zip
c:\documents and settings\Liz Balinger\Application Data\m\shared\Pirates of Treasure Island 1.02.zip
c:\documents and settings\Liz Balinger\Application Data\m\shared\PixMatrix 2.1.zip
c:\documents and settings\Liz Balinger\Application Data\m\shared\Png2ico 20021208.zip
c:\documents and settings\Liz Balinger\Application Data\m\shared\PNP Sampler Screensaver 1.0.zip
c:\documents and settings\Liz Balinger\Application Data\m\shared\Pocket Calculus 1.zip
c:\documents and settings\Liz Balinger\Application Data\m\shared\Pocket Icon 1.0.zip
c:\documents and settings\Liz Balinger\Application Data\m\shared\Pocket Ludo 1.0.zip
c:\documents and settings\Liz Balinger\Application Data\m\shared\PocketLingo Thesaurus 2.0.zip
c:\documents and settings\Liz Balinger\Application Data\m\shared\PocketMan2 1.zip
c:\documents and settings\Liz Balinger\Application Data\m\shared\PocketTV Classic for Pocket PC (Windows Mobile 5) 1.2.11.zip
c:\documents and settings\Liz Balinger\Application Data\m\shared\PodQuest 1.3.1.zip
c:\documents and settings\Liz Balinger\Application Data\m\shared\Points Import for AutoCAD 1.0.zip
c:\documents and settings\Liz Balinger\Application Data\m\shared\Poker-Spy 2.20.20.zip
c:\documents and settings\Liz Balinger\Application Data\m\shared\Pokie MagicTotem Treasure 17.7.15.9.zip
c:\documents and settings\Liz Balinger\Application Data\m\shared\Polar Draw Component 3.zip
c:\documents and settings\Liz Balinger\Application Data\m\shared\PolyTrans 3D Translation System 4.1.2.zip
c:\documents and settings\Liz Balinger\Application Data\m\shared\Postal 2 Share the Pain v1409 patch.zip
c:\documents and settings\Liz Balinger\Application Data\m\shared\PPWizard - HTML Preprocessor 02.148.zip
c:\documents and settings\Liz Balinger\Application Data\m\shared\Practical Chinese Am Elementary Course 1.zip
c:\documents and settings\Liz Balinger\Application Data\m\shared\PrefsOverload 5.3.1.zip
c:\documents and settings\Liz Balinger\Application Data\m\shared\Press Start Font.zip
c:\documents and settings\Liz Balinger\Application Data\m\shared\Printer's Apprentice 7.57.zip
c:\documents and settings\Liz Balinger\Application Data\m\shared\Printer Squirrel 2.0.5.zip
c:\documents and settings\Liz Balinger\Application Data\m\shared\Pro Penalty '06 1.zip
c:\documents and settings\Liz Balinger\Application Data\m\shared\ProfileSharp Developer Edition 1.zip
c:\documents and settings\Liz Balinger\Application Data\m\shared\Program Sleuth 2.zip
c:\documents and settings\Liz Balinger\Application Data\m\shared\Psarakia 1.21.zip
c:\documents and settings\Liz Balinger\Application Data\m\shared\Pub Quiz Machine 2004 1.0.zip
c:\documents and settings\Liz Balinger\Application Data\m\shared\Puffer 4.0.zip
c:\documents and settings\Liz Balinger\Application Data\m\shared\Puzzle Chest 1.32.zip
c:\documents and settings\Liz Balinger\Application Data\m\shared\Puzzle Online 0.05.zip
c:\documents and settings\Liz Balinger\Application Data\m\shared\Q Set 1.3.2022.zip
c:\documents and settings\Liz Balinger\Application Data\m\shared\QEX2 1.07.zip
c:\documents and settings\Liz Balinger\Application Data\m\shared\QIT Sigma Calculator 1.0a.zip
c:\documents and settings\Liz Balinger\Application Data\m\shared\Quake 4 Software Developers Kit 1.0.zip
c:\documents and settings\Liz Balinger\Application Data\m\shared\quick_heal_xgen_7-01.zip
c:\documents and settings\Liz Balinger\Application Data\m\shared\QuickFS 1.0.zip
c:\documents and settings\Liz Balinger\Application Data\m\shared\Quickpoint S60 1.1.zip
c:\documents and settings\Liz Balinger\Application Data\m\shared\QuickSoundSwitch 1.03.zip
c:\documents and settings\Liz Balinger\Application Data\m\shared\RaidenFTPD 2.4.zip
c:\documents and settings\Liz Balinger\Application Data\m\shared\Random Car Game 2.5.zip
c:\documents and settings\Liz Balinger\Application Data\m\shared\Random Factor Mahjong 1.0.2.zip
c:\documents and settings\Liz Balinger\Application Data\m\shared\Rapid TIFF Page Count 1.0.zip
c:\documents and settings\Liz Balinger\Application Data\m\shared\RatheDG Cachalot System 2.1.1.zip
c:\documents and settings\Liz Balinger\Application Data\m\shared\RawXplorer 1.0.2.zip
c:\documents and settings\Liz Balinger\Application Data\m\shared\Readiris Pro 11 build 4704.zip
c:\documents and settings\Liz Balinger\Application Data\m\shared\Real Estate Edition 1.0.zip
c:\documents and settings\Liz Balinger\Application Data\m\shared\Realbasic 2006 release 3.zip
c:\documents and settings\Liz Balinger\Application Data\m\shared\rebuilt.ewido.anti-malware.3.5.+.serial.zip
c:\documents and settings\Liz Balinger\Application Data\m\shared\RecipeWorks 2.5.zip
c:\documents and settings\Liz Balinger\Application Data\m\shared\Rectogen 1.2.zip
c:\documents and settings\Liz Balinger\Application Data\m\shared\RefreshBar 1.zip
c:\documents and settings\Liz Balinger\Application Data\m\shared\RentBuyEstimator 1.0.zip
c:\documents and settings\Liz Balinger\Application Data\m\shared\Replica 1.1.0.4.zip
c:\documents and settings\Liz Balinger\Application Data\m\shared\Report Email 1.5.zip
c:\documents and settings\Liz Balinger\Application Data\m\shared\Restoration Manager 1 build 1061.zip
c:\documents and settings\Liz Balinger\Application Data\m\shared\Return to Castle Wolfenstein Airstrip map.zip
c:\documents and settings\Liz Balinger\Application Data\m\shared\Return to Castle Wolfenstein Enemy Territory Den of Lions map.zip
c:\documents and settings\Liz Balinger\Application Data\m\shared\Returnil Flash Video Scanner 1.1.zip
c:\documents and settings\Liz Balinger\Application Data\m\shared\Ring-Writer 1.zip
c:\documents and settings\Liz Balinger\Application Data\m\shared\Ring Factory 1.0.zip
c:\documents and settings\Liz Balinger\Application Data\m\shared\Rise of Nations Agincourt Map.zip
c:\documents and settings\Liz Balinger\Application Data\m\shared\Rise of Nations Korean Attack map.zip
c:\documents and settings\Liz Balinger\Application Data\m\shared\Rise of Nations Lake Erie map.zip
c:\documents and settings\Liz Balinger\Application Data\m\shared\RiskyProject 1.3.3.zip
c:\documents and settings\Liz Balinger\Application Data\m\shared\River Past Crazi Video for PMC 1.5.1.zip
c:\documents and settings\Liz Balinger\Application Data\m\shared\Robot Recess Gravity Ball 1.0.zip
c:\documents and settings\Liz Balinger\Application Data\m\shared\Rocket Clock ScreenSaver 2.3.zip
c:\documents and settings\Liz Balinger\Application Data\m\shared\Rockets and Robots 1.1.zip
c:\documents and settings\Liz Balinger\Application Data\m\shared\Rosoft Media Player 4.1.3.zip
c:\documents and settings\Liz Balinger\Application Data\m\shared\Rune Absolom map.zip
c:\documents and settings\Liz Balinger\Application Data\m\shared\Rune Hail The Flame map.zip
c:\documents and settings\Liz Balinger\Application Data\m\shared\Rune Music pack map.zip
c:\documents and settings\Liz Balinger\Application Data\m\shared\School Tycoon 1.0.zip
c:\documents and settings\Liz Balinger\Application Data\m\shared\Schoolhouse Bingo 1.0.zip
c:\documents and settings\Liz Balinger\Application Data\m\shared\Scrub DNC 1.1.3.zip
c:\documents and settings\Liz Balinger\Application Data\m\shared\SecExFile Professional Edition 1.1.zip
c:\documents and settings\Liz Balinger\Application Data\m\shared\Secret Eyes 1.25.zip
c:\documents and settings\Liz Balinger\Application Data\m\shared\Secure Endpoint 2006.zip
c:\documents and settings\Liz Balinger\Application Data\m\shared\Securibook 1.1.zip
c:\documents and settings\Liz Balinger\Application Data\m\shared\Selingua Columns 1.0.zip
c:\documents and settings\Liz Balinger\Application Data\m\shared\SendASound Basic 1.0.zip
c:\documents and settings\Liz Balinger\Application Data\m\shared\SEO Explorer 1.203.zip
c:\documents and settings\Liz Balinger\Application Data\m\shared\Serial Link 3.zip
c:\documents and settings\Liz Balinger\Application Data\m\shared\seriale.+.crack.Panda.Platinum.e.Titanium.antivirus.2006.zip
c:\documents and settings\Liz Balinger\Application Data\m\shared\Seriales.avast.zip
c:\documents and settings\Liz Balinger\Application Data\m\shared\Server 2003 Active Directory Infrastructure (Exam 70-294) 3.1.11.zip
c:\documents and settings\Liz Balinger\Application Data\m\shared\SessionSaver 2 0.2.1.030.zip
c:\documents and settings\Liz Balinger\Application Data\m\shared\SFX Compiler 2.03.zip
c:\documents and settings\Liz Balinger\Application Data\m\shared\Shark Tale Screensaver.zip
c:\documents and settings\Liz Balinger\Application Data\m\shared\Sharp World Clock 1.03.zip
c:\documents and settings\Liz Balinger\Application Data\m\shared\SharpTools 2.0.zip
c:\documents and settings\Liz Balinger\Application Data\m\shared\Shift Based Payroll Application 1.0.zip
c:\documents and settings\Liz Balinger\Application Data\m\shared\SignIn - Employee Locator 3.1.1.zip
c:\documents and settings\Liz Balinger\Application Data\m\shared\Silent Lake 3D Screensaver 1.2.zip
c:\documents and settings\Liz Balinger\Application Data\m\shared\Simple Image Editor for Web Developers 3.6.zip
c:\documents and settings\Liz Balinger\Application Data\m\shared\SimplEquations 2.0.1.zip
c:\documents and settings\Liz Balinger\Application Data\m\shared\SimWorks.AntiVirus.v1.30.S60.SymbianOS.Cracked-SyMPDA.zip
c:\documents and settings\Liz Balinger\Application Data\m\shared\Sketcher Plus 2.1.zip
c:\documents and settings\Liz Balinger\Application Data\m\shared\Sketsa 3.3.1.zip
c:\documents and settings\Liz Balinger\Application Data\m\shared\Sky Blade Sword of the Heavens 1.zip
c:\documents and settings\Liz Balinger\Application Data\m\shared\SmartBees Merchant 2.0.zip
c:\documents and settings\Liz Balinger\Application Data\m\shared\SmartGIF 1.0.2.zip
c:\documents and settings\Liz Balinger\Application Data\m\shared\SmartPac Link for Outlook 1.0.zip
c:\documents and settings\Liz Balinger\Application Data\m\shared\Smiley Guys Redux 1.0.zip
c:\documents and settings\Liz Balinger\Application Data\m\shared\SMSCMD 1.1.zip
c:\documents and settings\Liz Balinger\Application Data\m\shared\Snake Arena 1.zip
c:\documents and settings\Liz Balinger\Application Data\m\shared\Snakes Screensaver 1.2b.zip
c:\documents and settings\Liz Balinger\Application Data\m\shared\Sndmail.DLL 1.zip
c:\documents and settings\Liz Balinger\Application Data\m\shared\Snowboard Bob 1.8.zip
c:\documents and settings\Liz Balinger\Application Data\m\shared\Soccer Master Ball 1.zip
c:\documents and settings\Liz Balinger\Application Data\m\shared\SoftCollection LCD Clock 1.99.zip
c:\documents and settings\Liz Balinger\Application Data\m\shared\SoftCollection Magnifier 1.76.zip
c:\documents and settings\Liz Balinger\Application Data\m\shared\Softricks ClipboardX 1.zip
c:\documents and settings\Liz Balinger\Application Data\m\shared\Softtanks Business 1.0.zip
c:\documents and settings\Liz Balinger\Application Data\m\shared\SOHO Scan And Photo Touch-Up Machine 3.zip
c:\documents and settings\Liz Balinger\Application Data\m\shared\SolarCell 1.32.zip
c:\documents and settings\Liz Balinger\Application Data\m\shared\Soldiers of Empires 1.5.zip
c:\documents and settings\Liz Balinger\Application Data\m\shared\Solid Print PDF 1.0.127.zip
c:\documents and settings\Liz Balinger\Application Data\m\shared\Solitaire Pack 2 3.09.zip
c:\documents and settings\Liz Balinger\Application Data\m\shared\Solitaire Till Dawn X 1.2.1.zip
c:\documents and settings\Liz Balinger\Application Data\m\shared\Sonic Eye English 1.zip
c:\documents and settings\Liz Balinger\Application Data\m\shared\Sophos.Antivirus.v6.0.4.Multilingual=RETAIL=.zip
c:\documents and settings\Liz Balinger\Application Data\m\shared\Soulseek 157 test 5.zip
c:\documents and settings\Liz Balinger\Application Data\m\shared\Space Lights Screensaver 1.0.zip
c:\documents and settings\Liz Balinger\Application Data\m\shared\Spam Filter spamologist 1.zip
c:\documents and settings\Liz Balinger\Application Data\m\shared\SpamButcher 1.8m.zip
c:\documents and settings\Liz Balinger\Application Data\m\shared\Spanish & Armenian Dictionary 2.zip
c:\documents and settings\Liz Balinger\Application Data\m\shared\Spanish Whiz 6.4.zip
c:\documents and settings\Liz Balinger\Application Data\m\shared\Spb Finance 2.3.4.zip
c:\documents and settings\Liz Balinger\Application Data\m\shared\SpiderMan 2099 Theme 1.0.zip
c:\documents and settings\Liz Balinger\Application Data\m\shared\SpiderUI Developer's Suite - VS2005 1.0.0.6.zip
c:\documents and settings\Liz Balinger\Application Data\m\shared\Sprimer 1.0.zip
c:\documents and settings\Liz Balinger\Application Data\m\shared\Spring and Easter Collection for PostSmile 1.1.zip
c:\documents and settings\Liz Balinger\Application Data\m\shared\Star Wars Mara Jade Theme Package 1.4.zip
c:\documents and settings\Liz Balinger\Application Data\m\shared\StarBurn SDK 4.0.zip
c:\documents and settings\Liz Balinger\Application Data\m\shared\Steel Panthers III demo.zip
c:\documents and settings\Liz Balinger\Application Data\m\shared\Sticky Memo Note & Reminder Software 1.zip
c:\documents and settings\Liz Balinger\Application Data\m\shared\Storm 2.0.zip
c:\documents and settings\Liz Balinger\Application Data\m\shared\Strong Contact 1.zip
c:\documents and settings\Liz Balinger\Application Data\m\shared\Student Organizer 2 1.3.5.zip
c:\documents and settings\Liz Balinger\Application Data\m\shared\Submariner 1.0.zip
c:\documents and settings\Liz Balinger\Application Data\m\shared\Sudoku Assistant from www.SudokuAdvisor.com 1.1.zip
c:\documents and settings\Liz Balinger\Application Data\m\shared\Super MP3 Converter 4.2.11.zip
c:\documents and settings\Liz Balinger\Application Data\m\shared\Survivor Parody Screensaver 1.0.zip
c:\documents and settings\Liz Balinger\Application Data\m\shared\swBatchPrint 1.5.zip
c:\documents and settings\Liz Balinger\Application Data\m\shared\Swift 3D 4.5.zip
c:\documents and settings\Liz Balinger\Application Data\m\shared\SWMate 4.0.zip
c:\documents and settings\Liz Balinger\Application Data\m\shared\Symantec-Norton-2004-Francais-(Antivirus-Pro.Internet-Security-Pro.Systemworks-Pro)-By-Jazzy.zip
c:\documents and settings\Liz Balinger\Application Data\m\shared\Symantec.Norton.Antivirus.2007.Full.Version.Keygen.zip
c:\documents and settings\Liz Balinger\Application Data\m\shared\Symantec.Norton.GoBack.v4.0.Retail-SSG.zip
c:\documents and settings\Liz Balinger\Application Data\m\shared\Sync Assistant 1.1.zip
c:\documents and settings\Liz Balinger\Application Data\m\shared\syncOtunes 0.95.zip
c:\documents and settings\Liz Balinger\Application Data\m\shared\Tabmaster 1.1.zip
c:\documents and settings\Liz Balinger\Application Data\m\shared\Talking English-Japanese Travel Phrasebook 5.9.zip
c:\documents and settings\Liz Balinger\Application Data\m\shared\TaMiGoN 1.1.0.zip
c:\documents and settings\Liz Balinger\Application Data\m\shared\Tarpri Incorrect Answers Tracker 1.zip
c:\documents and settings\Liz Balinger\Application Data\m\shared\Taskbar Organizer 1.01.zip
c:\documents and settings\Liz Balinger\Application Data\m\shared\Taskforce 1.01.zip
c:\documents and settings\Liz Balinger\Application Data\m\shared\TD Waterhouse 1.0.zip
c:\documents and settings\Liz Balinger\Application Data\m\shared\Teddy 1.0.zip
c:\documents and settings\Liz Balinger\Application Data\m\shared\Terraformers v1.02 patch.zip
c:\documents and settings\Liz Balinger\Application Data\m\shared\Tersus Visual Programming Platform 0.9.5 build id 200512271430.zip
c:\documents and settings\Liz Balinger\Application Data\m\shared\Tetris Planet 5.01.zip
c:\documents and settings\Liz Balinger\Application Data\m\shared\Text Effects Collection 1.0.zip
c:\documents and settings\Liz Balinger\Application Data\m\shared\The 80 Classic Games 1.0.zip
c:\documents and settings\Liz Balinger\Application Data\m\shared\The Address Manager 6.5.zip
c:\documents and settings\Liz Balinger\Application Data\m\shared\The Athlete's Diary 3.2.zip
c:\documents and settings\Liz Balinger\Application Data\m\shared\The Collectors Crown 5.0.52.zip
c:\documents and settings\Liz Balinger\Application Data\m\shared\The Complete Guide To Counterpoint 1.zip
c:\documents and settings\Liz Balinger\Application Data\m\shared\The Enkoder 3.0.zip
c:\documents and settings\Liz Balinger\Application Data\m\shared\The GodFather 0.70.zip
c:\documents and settings\Liz Balinger\Application Data\m\shared\The Hunting Game demo.zip
c:\documents and settings\Liz Balinger\Application Data\m\shared\The Incredible Machine 3 demo.zip
c:\documents and settings\Liz Balinger\Application Data\m\shared\The Labyrinth of Time 1.0.zip
c:\documents and settings\Liz Balinger\Application Data\m\shared\The Lost City of Gold 1.0.zip
c:\documents and settings\Liz Balinger\Application Data\m\shared\The Noteable Music Flashcards 5.12.zip
c:\documents and settings\Liz Balinger\Application Data\m\shared\The Peppers Game 2 1.zip
c:\documents and settings\Liz Balinger\Application Data\m\shared\The Punisher demo.zip
c:\documents and settings\Liz Balinger\Application Data\m\shared\The Ringtone Maker 3.zip
c:\documents and settings\Liz Balinger\Application Data\m\shared\The Sims - Wet Suit skin.zip
c:\documents and settings\Liz Balinger\Application Data\m\shared\The Treasures of India 1.3.zip
c:\documents and settings\Liz Balinger\Application Data\m\shared\TheDietTracker 1.01.zip
c:\documents and settings\Liz Balinger\Application Data\m\shared\Tin Soldiers Alexander the Great demo.zip
c:\documents and settings\Liz Balinger\Application Data\m\shared\Tiny Keylogger 2.0.zip
c:\documents and settings\Liz Balinger\Application Data\m\shared\TMP[ITA].Avast!.Antivirus.4.6.691.Professional.Edition.+.Crack.zip
c:\documents and settings\Liz Balinger\Application Data\m\shared\TomahawkGold 3.4.0.2.zip
c:\documents and settings\Liz Balinger\Application Data\m\shared\Tools For Sites 1.zip
c:\documents and settings\Liz Balinger\Application Data\m\shared\Total Communicator 2.3.zip
c:\documents and settings\Liz Balinger\Application Data\m\shared\Total Immersion 1.zip
c:\documents and settings\Liz Balinger\Application Data\m\shared\Track4Win Enterprise 2.3 build 1201.zip
c:\documents and settings\Liz Balinger\Application Data\m\shared\TrackerCam 3.03.zip
c:\documents and settings\Liz Balinger\Application Data\m\shared\Transaction Generator 0.61.zip
c:\documents and settings\Liz Balinger\Application Data\m\shared\Travel Data 2002b.zip
c:\documents and settings\Liz Balinger\Application Data\m\shared\Travel Mate (Professional Edition) 3.zip
c:\documents and settings\Liz Balinger\Application Data\m\shared\TrivialNet 1.34.zip
c:\documents and settings\Liz Balinger\Application Data\m\shared\TrueSpace 3.2.zip
c:\documents and settings\Liz Balinger\Application Data\m\shared\TSMobiles 2.1.4.zip
c:\documents and settings\Liz Balinger\Application Data\m\shared\TubeTwist 1.zip
c:\documents and settings\Liz Balinger\Application Data\m\shared\Turbine Video Encoder 2.1.409.zip
c:\documents and settings\Liz Balinger\Application Data\m\shared\Tux Walk 1.zip
c:\documents and settings\Liz Balinger\Application Data\m\shared\TwinSeek 1.101.zip
c:\documents and settings\Liz Balinger\Application Data\m\shared\uCertify - CIW Practice Test for Exam 1D0-420 - 153+ Questions 6.00.05.zip
c:\documents and settings\Liz Balinger\Application Data\m\shared\uCertify - MCSE Practice Test for Exam 70-228 - 306+ Questions 8.01.05.zip
c:\documents and settings\Liz Balinger\Application Data\m\shared\UFS Explorer Professional 2.7.1.zip
c:\documents and settings\Liz Balinger\Application Data\m\shared\UML StateWizard 7.2.zip
c:\documents and settings\Liz Balinger\Application Data\m\shared\Universal Table Browser 2.zip
c:\documents and settings\Liz Balinger\Application Data\m\shared\Unreal Tournament 2003 - 1-on-1 Sniper Forest deathmatch map.zip
c:\documents and settings\Liz Balinger\Application Data\m\shared\Unreal Tournament 2003 - Bad Mootie 2 beta deathmatch map.zip
c:\documents and settings\Liz Balinger\Application Data\m\shared\Unreal Tournament 2003 - Black Remus skin.zip
c:\documents and settings\Liz Balinger\Application Data\m\shared\Unreal Tournament 2003 - Cold Death Beta map.zip
c:\documents and settings\Liz Balinger\Application Data\m\shared\Unreal Tournament 2003 - Decay mod.zip
c:\documents and settings\Liz Balinger\Application Data\m\shared\Unreal Tournament 2003 - Home Sweet Home deathmatch map.zip
c:\documents and settings\Liz Balinger\Application Data\m\shared\Unreal Tournament 2003 - Ironman 2020 skin.zip
c:\documents and settings\Liz Balinger\Application Data\m\shared\Unreal Tournament 2003 - Morpheus 5 beta deathmatch map.zip
c:\documents and settings\Liz Balinger\Application Data\m\shared\Unreal Tournament 2003 - Pain skin.zip
c:\documents and settings\Liz Balinger\Application Data\m\shared\Unreal Tournament 2003 - Relics Redux.zip
c:\documents and settings\Liz Balinger\Application Data\m\shared\Unreal Tournament 2003 - Robo King skin.zip
c:\documents and settings\Liz Balinger\Application Data\m\shared\Unreal Tournament 2003 - Silver deathmatch map.zip
c:\documents and settings\Liz Balinger\Application Data\m\shared\Unreal Tournament 2003 - Symmetrical Devastation map.zip
c:\documents and settings\Liz Balinger\Application Data\m\shared\Unreal Tournament 2003 - Temple of Death deathmatch map.zip
c:\documents and settings\Liz Balinger\Application Data\m\shared\Unreal Tournament 2003 - Tiffany skin.zip
c:\documents and settings\Liz Balinger\Application Data\m\shared\Unreal Tournament 2003 - Twilight of Decadence deathmatch map.zip
c:\documents and settings\Liz Balinger\Application Data\m\shared\Unreal Tournament 2003 - VSK Kitchen deathmatch map.zip
c:\documents and settings\Liz Balinger\Application Data\m\shared\Unreal Tournament 2003 - Whirlwind 1on1 deathmatch map.zip
c:\documents and settings\Liz Balinger\Application Data\m\shared\Unreal Tournament 2003 Stonewall CTF Map 1.0.zip
c:\documents and settings\Liz Balinger\Application Data\m\shared\Unreal Tournament 2004 1on1 Map Pack.zip
c:\documents and settings\Liz Balinger\Application Data\m\shared\Unreal Tournament 2004 BR Anima Ex Machina Map.zip
c:\documents and settings\Liz Balinger\Application Data\m\shared\Unreal Tournament 2004 Content Mania mod 62a.zip
c:\documents and settings\Liz Balinger\Application Data\m\shared\Unreal Tournament 2004 CTF Eternal Crossings Map.zip
c:\documents and settings\Liz Balinger\Application Data\m\shared\Unreal Tournament 2004 DM 1on1 Steamwork map.zip
c:\documents and settings\Liz Balinger\Application Data\m\shared\Unreal Tournament 2004 DM Flow Control Map.zip
c:\documents and settings\Liz Balinger\Application Data\m\shared\Unreal Tournament 2004 DM Reconstruct map.zip
c:\documents and settings\Liz Balinger\Application Data\m\shared\Unreal Tournament 2004 Instagib MiniGun Mod.zip
c:\documents and settings\Liz Balinger\Application Data\m\shared\Unreal Tournament 2004 ONS Firestorm map.zip
c:\documents and settings\Liz Balinger\Application Data\m\shared\Unreal Tournament 2004 ONS Jungle Hill 2 Map.zip
c:\documents and settings\Liz Balinger\Application Data\m\shared\Unreal Tournament 2004 Vehicle Stuff mod.zip
c:\documents and settings\Liz Balinger\Application Data\m\shared\Unreal Tournament Nights Edge v1.0 Mod.zip
c:\documents and settings\Liz Balinger\Application Data\m\shared\Unwired InfoShare List Manager 1.3.zip
c:\documents and settings\Liz Balinger\Application Data\m\shared\URL Manager 2005 2.67.zip
c:\documents and settings\Liz Balinger\Application Data\m\shared\Uru Ages Beyond Myst demo.zip
c:\documents and settings\Liz Balinger\Application Data\m\shared\UserManagemeNT Lite 5.4 build 1853.zip
c:\documents and settings\Liz Balinger\Application Data\m\shared\Usuario.Panda.Internet.Security.2007.50.updated-fixed.09-2006.zip
c:\documents and settings\Liz Balinger\Application Data\m\shared\UTM Calculator 1.4.zip
c:\documents and settings\Liz Balinger\Application Data\m\shared\UUPan 1.1.zip
c:\documents and settings\Liz Balinger\Application Data\m\shared\VbScript Database Class Builder 1.0.zip
c:\documents and settings\Liz Balinger\Application Data\m\shared\VCDCut Pro 4.14.zip
c:\documents and settings\Liz Balinger\Application Data\m\shared\VideoGet 1.zip
c:\documents and settings\Liz Balinger\Application Data\m\shared\Virgin Islands Screensaver 1.02.zip
c:\documents and settings\Liz Balinger\Application Data\m\shared\Virtual Juggler 3d Gold 2.5.zip
c:\documents and settings\Liz Balinger\Application Data\m\shared\Virtual Tennis demo.zip
c:\documents and settings\Liz Balinger\Application Data\m\shared\Virtual Terminal 2.1.18.zip
c:\documents and settings\Liz Balinger\Application Data\m\shared\Virtuosa 5.2.zip
c:\documents and settings\Liz Balinger\Application Data\m\shared\VisNotes for Pocket PC 2.0.zip
c:\documents and settings\Liz Balinger\Application Data\m\shared\Visual TimeAnalyzer 1.4.zip
c:\documents and settings\Liz Balinger\Application Data\m\shared\Visual Web Spider 5.zip
c:\documents and settings\Liz Balinger\Application Data\m\shared\Vlog It 1.zip
c:\documents and settings\Liz Balinger\Application Data\m\shared\Vocabulary Grapher Dictionary Eastern Europe Pack 1.3.zip
c:\documents and settings\Liz Balinger\Application Data\m\shared\VoiceMix 1.zip
c:\documents and settings\Liz Balinger\Application Data\m\shared\VPR-Desktop tm Medical Records 6.2.zip
c:\documents and settings\Liz Balinger\Application Data\m\shared\VRE Toolbar for Firefox 1.4.zip
c:\documents and settings\Liz Balinger\Application Data\m\shared\VulKa.[ARG].-.Avast.Antivirus.4.7.827.Español+Registro.zip
c:\documents and settings\Liz Balinger\Application Data\m\shared\W2B_Restaurant 1.06.zip
c:\documents and settings\Liz Balinger\Application Data\m\shared\Walk the Line Screensaver.zip
c:\documents and settings\Liz Balinger\Application Data\m\shared\Warcraft III - Assassins Quest Chapter 2 map.zip
c:\documents and settings\Liz Balinger\Application Data\m\shared\Warcraft III - Mathias Part 1 Epilogue map.zip
c:\documents and settings\Liz Balinger\Application Data\m\shared\Warcraft III - The Naga Temple map.zip
c:\documents and settings\Liz Balinger\Application Data\m\shared\Warcraft III The Frozen Throne Predators map.zip
c:\documents and settings\Liz Balinger\Application Data\m\shared\Water Lily v2 Animated Screensaver 3.11.zip
c:\documents and settings\Liz Balinger\Application Data\m\shared\Watterfalls 50.13.zip
c:\documents and settings\Liz Balinger\Application Data\m\shared\Weather Station Database 2.0.zip
c:\documents and settings\Liz Balinger\Application Data\m\shared\WeatherPop Free Edition 2.0.1.zip
c:\documents and settings\Liz Balinger\Application Data\m\shared\WebAlbum 1.2.zip
c:\documents and settings\Liz Balinger\Application Data\m\shared\WebLogic Workshop 8.1 with SP3.zip
c:\documents and settings\Liz Balinger\Application Data\m\shared\WebSundew 2 SE.zip
c:\documents and settings\Liz Balinger\Application Data\m\shared\Webteachers Webdata 2.41o.zip
c:\documents and settings\Liz Balinger\Application Data\m\shared\WebUpgrader 1.zip
c:\documents and settings\Liz Balinger\Application Data\m\shared\WetSock 4.9 build 360.zip
c:\documents and settings\Liz Balinger\Application Data\m\shared\wGrabber 3.3.zip
c:\documents and settings\Liz Balinger\Application Data\m\shared\Wild West Wendy 1.1.zip
c:\documents and settings\Liz Balinger\Application Data\m\shared\WildSnake Pinball Soccer Stars 1.27.zip
c:\documents and settings\Liz Balinger\Application Data\m\shared\Wimpy AV 2.2.8.zip
c:\documents and settings\Liz Balinger\Application Data\m\shared\WinArcHelper 1.zip
c:\documents and settings\Liz Balinger\Application Data\m\shared\Windows 2000 Service Pack 4 (SP4).zip
c:\documents and settings\Liz Balinger\Application Data\m\shared\Windows Fonts Explorer 2.1.zip
c:\documents and settings\Liz Balinger\Application Data\m\shared\Windows Manager 2.3.zip
c:\documents and settings\Liz Balinger\Application Data\m\shared\Windows NT 4.0 RPC Interface Buffer Overrun Security Vulnerability Patch 823980.zip
c:\documents and settings\Liz Balinger\Application Data\m\shared\Windows XP 64-bit RPC Interface Buffer Overrun Security Vulnerability Patch 823980.zip
c:\documents and settings\Liz Balinger\Application Data\m\shared\Winged Warrior III 3.zip
c:\documents and settings\Liz Balinger\Application Data\m\shared\WinPac 2 1.03b.zip
c:\documents and settings\Liz Balinger\Application Data\m\shared\WinPLM 1.6.5.zip
c:\documents and settings\Liz Balinger\Application Data\m\shared\Winter Break & Catch 1.zip
c:\documents and settings\Liz Balinger\Application Data\m\shared\WMP Tag Support Extender 1.01.zip
c:\documents and settings\Liz Balinger\Application Data\m\shared\Woman 6.0.zip
c:\documents and settings\Liz Balinger\Application Data\m\shared\Word Jolt 1.0.zip
c:\documents and settings\Liz Balinger\Application Data\m\shared\Word Report Builder 5.5.zip
c:\documents and settings\Liz Balinger\Application Data\m\shared\World Flags Screensaver 1.3.zip
c:\documents and settings\Liz Balinger\Application Data\m\shared\X-Ripper 1.zip
c:\documents and settings\Liz Balinger\Application Data\m\shared\XClipview 1.zip
c:\documents and settings\Liz Balinger\Application Data\m\shared\XHEO - Licensing 2.1.zip
c:\documents and settings\Liz Balinger\Application Data\m\shared\Xi!Swatch 1.01.zip
c:\documents and settings\Liz Balinger\Application Data\m\shared\XL-EasyGantt 2.2.zip
c:\documents and settings\Liz Balinger\Application Data\m\shared\Xolox 2.zip
c:\documents and settings\Liz Balinger\Application Data\m\shared\XP Protection 2.43.zip
c:\documents and settings\Liz Balinger\Application Data\m\shared\XPCSpy Pro 2.6.zip
c:\documents and settings\Liz Balinger\Application Data\m\shared\XRay Standard Edition 3.0.2.147.zip
c:\documents and settings\Liz Balinger\Application Data\m\shared\XyEdit 1.0.zip
c:\documents and settings\Liz Balinger\Application Data\m\shared\Xylobot 1.0.0.83.zip
c:\documents and settings\Liz Balinger\Application Data\m\shared\Yahtzee 123 1.zip
c:\documents and settings\Liz Balinger\Application Data\m\shared\Youthere1.com's Jigsaw Puzzle 1.5.zip
c:\documents and settings\Liz Balinger\Application Data\m\shared\Z Mini Game 10 - IT 1.1.zip
c:\documents and settings\Liz Balinger\Application Data\m\shared\Zoo Tycoon 2 Marine Mania demo.zip
c:\documents and settings\Liz Balinger\Application Data\m\srvlist.oct
c:\documents and settings\Liz Balinger\Favorites\Download programs.url
c:\documents and settings\Liz Balinger\Favorites\Games.url
c:\documents and settings\Liz Balinger\Favorites\Translator.url
c:\documents and settings\Liz Balinger\Favorites\Videos.url
c:\documents and settings\Liz Balinger\Local Settings\Temporary Internet Files\BL_H10.rom
c:\documents and settings\Liz Balinger\Local Settings\Temporary Internet Files\bootloader.inf
c:\documents and settings\Liz Balinger\Local Settings\Temporary Internet Files\credit.swf
c:\documents and settings\Liz Balinger\Local Settings\Temporary Internet Files\firmware.inf
c:\documents and settings\Liz Balinger\Local Settings\Temporary Internet Files\update.inf
c:\program files\LPVideoPlugin
c:\windows\autorun.inf
c:\windows\exefld
c:\windows\exefld\349937.exe
c:\windows\exefld\351734.exe
c:\windows\exefld\352796.exe
c:\windows\exefld\355437.exe
c:\windows\exefld\376968.exe
c:\windows\exefld\380468.exe
c:\windows\exefld\385750.exe
c:\windows\exefld\386203.exe
c:\windows\exefld\398015.exe
c:\windows\exefld\399250.exe
c:\windows\exefld\402843.exe
c:\windows\exefld\403953.exe
c:\windows\exefld\404015.exe
c:\windows\exefld\404781.exe
c:\windows\exefld\419375.exe
c:\windows\exefld\419562.exe
c:\windows\exefld\44056609.exe
c:\windows\exefld\44057015.exe
c:\windows\exefld\451390.exe
c:\windows\exefld\452593.exe
c:\windows\exefld\456171.exe
c:\windows\exefld\456609.exe
c:\windows\exefld\462687.exe
c:\windows\exefld\464453.exe
c:\windows\exefld\468015.exe
c:\windows\exefld\619484.exe
c:\windows\exefld\622781.exe
c:\windows\exefld\625828.exe
c:\windows\exefld\629531.exe
c:\windows\exefld\698312.exe
c:\windows\exefld\698750.exe
c:\windows\exefld\759437.exe
c:\windows\exefld\759906.exe
c:\windows\exefld\810531.exe
c:\windows\exefld\952515.exe
c:\windows\exefld\953406.exe
c:\windows\system32\bad1.exe
c:\windows\system32\bad2.exe
c:\windows\system32\bad3.exe
c:\windows\system32\inst.dat
c:\windows\system32\kw.dat
c:\windows\system32\LPVideo.dll
c:\windows\system32\msmsgs.exe
c:\windows\system32\pk.bin
c:\windows\system32\win_update.exe

.
((((((((((((((((((((((((((((((((((((((( Drivers/Services )))))))))))))))))))))))))))))))))))))))))))))))))
.

-------\Legacy_CHGSPRT
-------\Legacy_M_HOOK
-------\Service_chgsprt
-------\Service_m_hook


((((((((((((((((((((((((( Files Created from 2008-10-28 to 2008-11-28 )))))))))))))))))))))))))))))))
.

2008-11-25 08:51 . 2008-11-25 08:51 <DIR> d-------- c:\program files\Malwarebytes' Anti-Malware
2008-11-25 08:51 . 2008-11-25 08:51 <DIR> d-------- c:\documents and settings\Liz Balinger\Application Data\Malwarebytes
2008-11-25 08:51 . 2008-11-25 08:51 <DIR> d-------- c:\documents and settings\All Users\Application Data\Malwarebytes
2008-11-25 08:51 . 2008-10-22 16:10 38,496 --a------ c:\windows\system32\drivers\mbamswissarmy.sys
2008-11-25 08:51 . 2008-10-22 16:10 15,504 --a------ c:\windows\system32\drivers\mbam.sys
2008-11-25 08:41 . 2008-11-25 08:41 <DIR> d-------- C:\_OTMoveIt
2008-11-23 16:44 . 2008-11-28 12:17 52 --ah----- c:\windows\system32\kstwiz.dns
2008-11-21 09:23 . 2008-11-22 01:35 <DIR> d-------- C:\SDFix
2008-11-20 23:36 . 2008-11-20 23:36 <DIR> d-------- C:\rsit
2008-11-20 08:49 . 2008-11-20 08:49 <DIR> d-------- c:\program files\DScaler5
2008-11-20 08:28 . 2008-11-20 09:32 <DIR> d-------- c:\program files\ffdshow
2008-11-20 06:44 . 2008-11-20 06:44 <DIR> d-------- c:\windows\system32\bits
2008-11-20 06:43 . 2004-07-02 08:08 361,984 --a--c--- c:\windows\system32\dllcache\qmgr.dll
2008-11-20 06:43 . 2004-07-02 08:08 331,776 --a------ c:\windows\system32\winhttp.dll
2008-11-20 06:43 . 2004-07-02 08:08 331,776 -----c--- c:\windows\system32\dllcache\winhttp.dll
2008-11-20 06:43 . 2004-07-01 09:59 158,720 --------- c:\windows\system32\xpob2res.dll
2008-11-20 06:43 . 2004-07-02 08:08 17,408 --a------ c:\windows\system32\qmgrprxy.dll
2008-11-20 06:43 . 2004-07-02 08:08 17,408 --a--c--- c:\windows\system32\dllcache\qmgrprxy.dll
2008-11-20 06:43 . 2004-07-02 08:08 7,680 -----c--- c:\windows\system32\dllcache\bitsprx2.dll
2008-11-20 06:43 . 2004-07-02 08:08 7,680 --------- c:\windows\system32\bitsprx2.dll
2008-11-20 06:43 . 2004-07-02 08:08 7,168 -----c--- c:\windows\system32\dllcache\bitsprx3.dll
2008-11-20 06:43 . 2004-07-02 08:08 7,168 --------- c:\windows\system32\bitsprx3.dll
2008-11-20 06:41 . 2008-07-19 16:07 270,880 --a------ c:\windows\system32\mucltui.dll
2008-11-20 06:41 . 2008-07-19 16:07 29,728 --a------ c:\windows\system32\mucltui.dll.mui
2008-11-20 06:39 . 2008-10-17 08:07 23,576 --a------ c:\windows\system32\wuapi.dll.mui
2008-11-20 06:37 . 2008-10-17 08:09 31,768 --a------ c:\windows\system32\wucltui.dll.mui
2008-11-20 06:37 . 2008-10-17 08:07 23,576 --a------ c:\windows\system32\wuaucpl.cpl.mui
2008-11-20 06:37 . 2008-10-17 08:07 18,456 --a------ c:\windows\system32\wuaueng.dll.mui
2008-11-18 07:58 . 2008-11-20 08:13 23,392 --a------ c:\windows\system32\nscompat.tlb
2008-11-18 07:58 . 2008-11-20 08:13 16,832 --a------ c:\windows\system32\amcompat.tlb
2008-11-18 04:37 . 2004-04-09 21:51 939,368 --a------ c:\windows\system32\Flash.ocx
2008-11-18 04:37 . 2004-02-06 17:53 389,120 --a------ c:\windows\system32\actskn43.ocx
2008-11-18 04:37 . 2002-01-06 20:37 344,064 --a------ c:\windows\system32\Msvcr70.dll
2008-11-18 04:37 . 2003-12-16 23:24 196,608 --a------ c:\windows\system32\NCTWMAFile2.dll
2008-11-18 04:37 . 2004-01-10 15:54 188,416 --a------ c:\windows\system32\actsplash.ocx
2008-11-18 04:37 . 2001-09-25 22:48 159,744 --a------ c:\windows\system32\Dmc2.OCX
2008-11-18 04:37 . 2000-07-16 02:00 101,888 --a------ c:\windows\system32\VB6STKIT.DLL
2008-11-18 04:37 . 2004-10-21 16:27 32,768 --a------ c:\windows\system32\ZeroVSlider.ocx
2008-11-18 04:37 . 2004-10-29 16:25 32,768 --a------ c:\windows\system32\ZeroHSlider.ocx
2008-11-05 10:44 . 2008-11-05 10:44 110 --a------ c:\windows\gui.INI
2008-11-05 10:43 . 2008-11-05 11:18 <DIR> d-------- c:\program files\AEDTools Pro
2008-11-05 10:43 . 2008-11-05 10:43 <DIR> d-------- C:\My Music
2008-11-02 07:21 . 2008-11-18 07:05 <DIR> d-------- c:\program files\WMA To MP3 Encoder
2008-11-02 06:28 . 2008-11-02 06:28 <DIR> d---s---- c:\documents and settings\Liz Balinger\UserData
2008-11-02 06:25 . 2008-11-02 06:25 <DIR> d-------- c:\program files\Mediatwins software
2008-10-31 03:02 . 2008-10-31 03:02 <DIR> d-------- c:\documents and settings\Liz Balinger\Application Data\zweitgeist

.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2008-11-05 01:47 --------- d--h--w c:\program files\InstallShield Installation Information
2008-11-05 01:47 --------- d-----w c:\program files\Ulead Systems
2008-11-05 01:47 --------- d-----w c:\documents and settings\All Users\Application Data\Ulead Systems
2008-11-05 01:39 --------- d-----w c:\program files\NCH Swift Sound
2008-11-05 00:33 --------- d-----w c:\program files\iTunes
2008-10-26 02:07 --------- d---a-w c:\documents and settings\All Users\Application Data\TEMP
2008-10-26 00:43 83,432 ----a-w c:\documents and settings\Liz Balinger\Application Data\GDIPFONTCACHEV1.DAT
2008-10-25 23:38 --------- d-----w c:\documents and settings\Liz Balinger\Application Data\Apple Computer
2008-10-25 22:45 --------- d-----w c:\program files\iPod
2008-10-25 22:34 --------- d-----w c:\program files\doubleTwist
2008-10-25 22:28 --------- d-----w c:\program files\Haali
2008-10-25 18:01 --------- d-----w c:\program files\Common Files\Download Manager
2008-10-25 17:42 --------- d-----w c:\program files\NCH Software
2008-10-25 17:42 --------- d-----w c:\documents and settings\Liz Balinger\Application Data\NCH Swift Sound
2008-10-25 17:40 --------- d-----w c:\documents and settings\All Users\Application Data\NCH Swift Sound
2008-10-25 17:40 --------- d-----w c:\documents and settings\All Users\Application Data\NCH Software
2008-10-25 17:39 27,136 ----a-w c:\windows\system32\drivers\nchssvad.sys
2008-10-25 17:12 --------- d-----w c:\program files\Illustrate
2008-10-25 17:12 --------- d-----w c:\documents and settings\Liz Balinger\Application Data\AccurateRip
2008-10-25 16:53 --------- d-----w c:\documents and settings\All Users\Application Data\Pianosoft
2008-10-24 21:57 --------- d-----w c:\program files\MediaMonkey
2008-10-24 18:17 3,768 ----a-w c:\windows\system32\drivers\DrmCVideo.sys
2008-10-24 18:17 23,096 ----a-w c:\windows\system32\drivers\DrmCAudio.sys
2008-10-22 03:17 --------- d-----w c:\program files\QuickTime
2008-10-22 03:13 --------- d-----w c:\documents and settings\All Users\Application Data\Apple Computer
2008-10-18 02:22 16,896 ----a-w c:\windows\system32\drivers\VirtualAudio.sys
2008-09-29 04:43 --------- d-----w c:\program files\Alcohol Soft
2008-09-29 04:40 716,272 ----a-w c:\windows\system32\drivers\sptd.sys
2005-02-19 19:42 3,826,636 ----a-w c:\program files\Security iGuard.exe
2004-02-17 05:04 16,706,160 ----a-w c:\program files\AdbeRdr60_enu_full.exe
.

((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"iPlusAgent"="c:\program files\iriver\iriver plus\iAgent.exe" [2005-06-07 225280]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"TkBellExe"="c:\program files\Common Files\Real\Update_OB\realsched.exe" [2006-01-26 180269]
"SunJavaUpdateSched"="c:\program files\Java\jre1.6.0_03\bin\jusched.exe" [2007-09-25 132496]
"QuickTime Task"="c:\program files\QuickTime\qttask.exe" [2008-10-22 155648]

c:\documents and settings\Liz Balinger\Start Menu\Programs\Startup\
Picture Motion Browser Media Check Tool.lnk - c:\program files\Sony\Sony Picture Utility\VolumeWatcher\SPUVolumeWatcher.exe [2008-07-12 344064]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\kstwiz]
2007-08-10 07:56 94583 c:\windows\system32\kstwiz.dll

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows]
"AppInit_DLLs"=c:\windows\system32\pmkhhfg.dll

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
"VIDC.SP54"= SP5X_32.DLL
"VIDC.SP55"= SP5X_32.DLL
"VIDC.SP56"= SP5X_32.DLL
"VIDC.SP57"= SP5X_32.DLL
"VIDC.SP58"= SP5X_32.DLL

.
Contents of the 'Scheduled Tasks' folder

2008-08-09 c:\windows\Tasks\Norton AntiVirus - Scan my computer.job
- c:\progra~1\NORTON~1\NAVW32.exe []

2008-11-25 c:\windows\Tasks\Symantec NetDetect.job
- c:\program files\Symantec\LiveUpdate\NDETECT.EXE [2004-12-15 06:24]
.
- - - - ORPHANS REMOVED - - - -

HKCU-Run-Microsoft Works Update Detection - c:\program files\Microsoft Works\WkDetect.exe
HKLM-Run-TuneClone - c:\program files\TuneClone\TuneClone.exe


.
------- Supplementary Scan -------
.
FireFox -: Profile - c:\documents and settings\Liz Balinger\Application Data\Mozilla\Firefox\Profiles\jw2cajcx.default\
.

**************************************************************************

catchme 0.3.1367 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-11-28 12:24:52
Windows 5.1.2600 NTFS

scanning hidden processes ...

scanning hidden autostart entries ...

scanning hidden files ...

scan completed successfully
hidden files: 0

**************************************************************************
.
--------------------- DLLs Loaded Under Running Processes ---------------------

- - - - - - - > 'winlogon.exe'(916)
c:\windows\system32\ODBC32.dll
c:\windows\system32\kstwiz.dll

- - - - - - - > 'lsass.exe'(976)
c:\windows\system32\dssenh.dll
.
Completion time: 2008-11-28 12:37:42
ComboFix-quarantined-files.txt 2008-11-28 02:37:39

Pre-Run: 13,176,389,632 bytes free
Post-Run: 13,055,234,048 bytes free

1114 --- E O F --- 2008-11-19 20:44:41

1. Please open Notepad

• Click Start , then Run
• type in notepad in the Run Box then hit ok.

2. Now copy/paste the entire content of the codebox below into the Notepad window:

File::
c:\windows\system32\kstwiz.dns


Registry::
[-HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\kstwiz]
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows]
"AppInit_DLLs"=""

3. Save the above as CFScript.txt

4. Then drag the CFScript.txt into ComboFix.exe as depicted in the animation below. This will start ComboFix again.




5. After reboot, (in case it asks to reboot), please post the following reports/logs into your next reply:

• Combofix.txt
• A new HijackThis log.