Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Computer getting slower & hangs frequently


  • This topic is locked This topic is locked
25 replies to this topic

#1 C.Diva

C.Diva

  • Members
  • 13 posts
  • OFFLINE
  •  
  • Gender:Female
  • Local time:05:12 PM

Posted 31 August 2009 - 12:46 AM

My computer is getting slower and slower each time I browse the internet. It hangs and does not respond. Here is my HJT logfile. Thank you in advance for any help you can offer.


Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 12:45:13 AM, on 8/31/2009
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16876)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\LEXBCES.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\LEXPPS.EXE
C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe
C:\WINDOWS\Explorer.EXE
C:\PROGRA~1\AVG\AVG8\avgam.exe
C:\PROGRA~1\AVG\AVG8\avgnsx.exe
C:\windows\system\hpsysdrv.exe
C:\HP\KBD\KBD.EXE
C:\WINDOWS\system32\S3apphk.exe
C:\Program Files\Lexmark 1200 Series\lxczbmgr.exe
C:\Program Files\Lexmark 1200 Series\lxczbmon.exe
C:\Program Files\Win-Patrol\WinPatrol\winpatrol.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = www.google.com
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Crafty-Diva
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = 127.0.0.1
R3 - URLSearchHook: AVG Security Toolbar BHO - {A3BC75A2-1F87-4686-AA43-5347D756017C} - C:\Program Files\AVG\AVG8\Toolbar\IEToolbar.dll
R3 - URLSearchHook: (no name) - *{CFBFAE00-17A6-11D0-99CB-00C04FD64497} - (no file)
O4 - HKLM\..\Run: [hpsysdrv] "c:\windows\system\hpsysdrv.exe"
O4 - HKLM\..\Run: [KBD] "C:\HP\KBD\KBD.EXE"
O4 - HKLM\..\Run: [S3apphk] "S3apphk.exe"
O4 - HKLM\..\Run: [PS2] "C:\WINDOWS\system32\ps2.exe"
O4 - HKLM\..\Run: [Recguard] "C:\WINDOWS\SMINST\RECGUARD.EXE"
O4 - HKLM\..\Run: [Lexmark 1200 Series] "C:\Program Files\Lexmark 1200 Series\lxczbmgr.exe"
O4 - HKLM\..\Run: [WinPatrol] C:\Program Files\Win-Patrol\WinPatrol\winpatrol.exe -expressboot
O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe (file missing)
O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe (file missing)
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O15 - Trusted Zone: http://*.mycoupons.com
O15 - Trusted Zone: http://*.mypoints.com
O15 - Trusted Zone: http://download.windowsupdate.com
O16 - DPF: {3E68E405-C6DE-49FF-83AE-41EE9F4C36CE} -
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/microsoftupdat...b?1239078844765
O16 - DPF: {9732FB42-C321-11D1-836F-00A0C993F125} (mhLabel Class) - http://www.pcpitstop.com/mhLbl.cab
O16 - DPF: {9F1C11AA-197B-4942-BA54-47A8489BB47F} -
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} (get_atlcom Class) - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG8\avgpp.dll
O20 - Winlogon Notify: !SASWinLogon - C:\WINDOWS\
O20 - Winlogon Notify: avgrsstarter - C:\WINDOWS\
O23 - Service: LexBce Server (LexBceS) - Lexmark International, Inc. - C:\WINDOWS\system32\LEXBCES.EXE

--
End of file - 4089 bytes

BC AdBot (Login to Remove)

 


#2 DocSatan

DocSatan

    Bleepin' Wanna-Be


  • Members
  • 2,156 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Boston, Ma.
  • Local time:07:12 PM

Posted 15 September 2009 - 10:30 AM

Hello and welcome to Bleeping Computer

We apologize for the delay in responding to your request for help. Here at Bleeping Computer we get overwhelmed at times, and we are trying our best to keep up. Please note that your topic was not intentionally overlooked. Our mission is to help everyone in need, but sometimes it takes just a little longer to get to every request for help. No one is ignored here.

If you have since resolved the original problem you were having, we would appreciate you letting us know. If not please perform the following steps below so we can have a look at the current condition of your machine.

If you have not done so, include a clear description of the problems you're having, along with any steps you may have performed so far.

Upon completing the steps below another staff member will review and take the steps necessary with you to get your machine back in working order clean and free of malware.

If you have already posted a DDS log, please do so again, as your situation may have changed.
Use the 'Add Reply' and add the new log to this thread.


Thanks and again sorry for the delay.

We need to see some information about what is happening in your machine. Please perform the following scan:
  • Download DDS by sUBs from one of the following links. Save it to your desktop.
  • Double click on the DDS icon, allow it to run.
  • A small box will open, with an explaination about the tool. No input is needed, the scan is running.
  • Notepad will open with the results.
  • Follow the instructions that pop up for posting the results.
  • Close the program window, and delete the program from your desktop.
Please note: You may have to disable any script protection running if the scan fails to run. After downloading the tool, disconnect from the internet and disable all antivirus protection. Run the scan, enable your A/V and reconnect to the internet.

Information on A/V control HERE

#3 C.Diva

C.Diva
  • Topic Starter

  • Members
  • 13 posts
  • OFFLINE
  •  
  • Gender:Female
  • Local time:05:12 PM

Posted 16 September 2009 - 12:45 AM

My computer is still running slow and hanging alot. The only major thing I have done since my first post was upgrade(??) to IE8. Thanks for your help.


DDS (Ver_09-07-30.01) - NTFSx86
Run by DIVA at 0:29:03.73 on Wed 09/16/2009
Internet Explorer: 8.0.6001.18702
Microsoft Windows XP Home Edition 5.1.2600.3.1252.1.1033.18.126.8 [GMT -5:00]

AV: AVG Anti-Virus *On-access scanning disabled* (Outdated) {17DDD097-36FF-435F-9E1B-52D74245D6BF}

============== Running Processes ===============

C:\WINDOWS\system32\svchost -k DcomLaunch
svchost.exe
C:\WINDOWS\System32\svchost.exe -k netsvcs
C:\WINDOWS\system32\LEXBCES.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\LEXPPS.EXE
C:\WINDOWS\Explorer.EXE
C:\windows\system\hpsysdrv.exe
C:\HP\KBD\KBD.EXE
C:\WINDOWS\system32\S3apphk.exe
C:\Program Files\Lexmark 1200 Series\lxczbmgr.exe
C:\Program Files\Win-Patrol\WinPatrol\winpatrol.exe
C:\Program Files\Lexmark 1200 Series\lxczbmon.exe
C:\WINDOWS\System32\svchost.exe -k imgsvc
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Documents and Settings\Owner\Desktop\dds.scr

============== Pseudo HJT Report ===============

uStart Page = about:blank
uSearch Page = www.google.com
uWindow Title =
uSearchMigratedDefaultURL = hxxp://www.google.com/search?q={searchTerms}&sourceid=ie7&rls=com.microsoft:en-US&ie=utf8&oe=utf8
mWindow Title =
uInternet Settings,ProxyOverride = 127.0.0.1
uURLSearchHooks: AVG Security Toolbar BHO: {a3bc75a2-1f87-4686-aa43-5347d756017c} - c:\program files\avg\avg8\toolbar\IEToolbar.dll
uURLSearchHooks: H - No File
TB: &hp toolkit: {b2847e28-5d7d-4deb-8b67-05d28bcf79f5} - c:\hp\explorebar\HPTOOLKT.DLL
TB: {EF99BD32-C1FB-11D2-892F-0090271D4F88} - No File
TB: AVG Security Toolbar: {ccc7a320-b3ca-4199-b1a6-9f516dd69829} - c:\program files\avg\avg8\toolbar\IEToolbar.dll
EB: hp toolkit: {8f4902b6-6c04-4ade-8052-aa58578a21bd} - c:\windows\system32\Shdocvw.dll
EB: {32683183-48a0-441b-a342-7c2a440a9478} - No File
EB: {9404901D-06DA-4B23-A0EE-3EA4F64EC9B3} - No File
mRun: [hpsysdrv] "c:\windows\system\hpsysdrv.exe"
mRun: [KBD] "c:\hp\kbd\KBD.EXE"
mRun: [S3apphk] "S3apphk.exe"
mRun: [PS2] "c:\windows\system32\ps2.exe"
mRun: [Recguard] "c:\windows\sminst\RECGUARD.EXE"
mRun: [Lexmark 1200 Series] "c:\program files\lexmark 1200 series\lxczbmgr.exe"
mRun: [WinPatrol] c:\program files\win-patrol\winpatrol\winpatrol.exe -expressboot
IE: Add to Google Photos Screensa&ver - c:\windows\system32\GPhotos.scr/200
IE: {85d1f590-48f4-11d9-9669-0800200c9a66} - %windir%\bdoscandel.exe
IE: {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe
Trusted Zone: microsoft.com\*.update
Trusted Zone: microsoft.com\www.update
Trusted Zone: mycoupons.com
Trusted Zone: mycoupons.com\www
Trusted Zone: mypoints.com
Trusted Zone: mypoints.com\www
Trusted Zone: windowsupdate.com\download
DPF: {166B1BCA-3F9C-11CF-8075-444553540000} - hxxp://download.macromedia.com/pub/shockwave/cabs/director/sw.cab
DPF: {3E68E405-C6DE-49FF-83AE-41EE9F4C36CE}
DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} - hxxp://update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1239078844765
DPF: {8100D56A-5661-482C-BEE8-AFECE305D968} - hxxp://upload.facebook.com/controls/2009.07.28_v5.5.8.1/FacebookPhotoUploader55.cab
DPF: {9732FB42-C321-11D1-836F-00A0C993F125} - hxxp://www.pcpitstop.com/mhLbl.cab
DPF: {9F1C11AA-197B-4942-BA54-47A8489BB47F}
DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} - hxxp://fpdownload.macromedia.com/get/flashplayer/current/swflash.cab
DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
Handler: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - c:\program files\avg\avg8\avgpp.dll
Notify: !SASWinLogon -
Notify: avgrsstarter -
Notify: igfxcui - igfxsrvc.dll
Notify: WRNotifier -
SEH: SABShellExecuteHook Class: {5ae067d3-9afb-48e0-853a-ebb7f4a000da} - c:\program files\superantispyware\SASSEH.DLL

============= SERVICES / DRIVERS ===============

R0 AvgRkx86;avgrkx86.sys;c:\windows\system32\drivers\avgrkx86.sys [2009-8-30 12552]
R1 AvgMfx86;AVG On-access Scanner Minifilter Driver x86;c:\windows\system32\drivers\avgmfx86.sys [2009-8-30 27784]
R1 AvgTdiX;AVG8 Network Redirector;c:\windows\system32\drivers\avgtdix.sys [2009-8-30 108552]
S1 AvgLdx86;AVG AVI Loader Driver x86;c:\windows\system32\drivers\avgldx86.sys [2009-8-30 335240]
S3 Ad-Watch Connect Filter;Ad-Watch Connect Kernel Filter;\??\c:\windows\system32\drivers\nsdriver.sys --> c:\windows\system32\drivers\NSDriver.sys [?]
S3 PCDRDRV;Pcdr CPU Helper Driver;c:\windows\system32\drivers\pcdrdrv.sys --> c:\windows\system32\drivers\PCDRDRV.sys [?]

=============== Created Last 30 ================

2009-09-08 23:41 <DIR> --d----- c:\program files\IrfanView
2009-09-06 01:01 <DIR> --d----- c:\documents and settings\owner\Chandelier Images
2009-09-03 04:50 68,108 a---h--- c:\windows\system32\mlfcache.dat
2009-09-03 02:44 9,200 -------- c:\windows\system32\drivers\cdralw2k.sys
2009-09-03 02:44 9,072 -------- c:\windows\system32\drivers\cdr4_xp.sys
2009-09-03 02:42 <DIR> --d----- c:\windows\system32\IOSUBSYS
2009-09-03 01:27 <DIR> --d----- c:\program files\Excel Viewer
2009-09-02 22:21 <DIR> --d----- C:\Desktop Files2
2009-08-31 20:45 <DIR> --dsh--- c:\documents and settings\owner\IECompatCache
2009-08-31 20:43 <DIR> --dsh--- c:\documents and settings\owner\PrivacIE
2009-08-31 20:39 <DIR> --dsh--- c:\documents and settings\owner\IETldCache
2009-08-31 20:36 574,338 a------- C:\Diva's Pictures.nri
2009-08-31 20:26 <DIR> -cd-h--- c:\windows\ie8
2009-08-30 17:28 <DIR> --d-h--- C:\$AVG8.VAULT$
2009-08-30 17:04 11,952 a------- c:\windows\system32\avgrsstx.dll
2009-08-30 17:04 108,552 a------- c:\windows\system32\drivers\avgtdix.sys
2009-08-30 17:04 12,552 a------- c:\windows\system32\drivers\avgrkx86.sys
2009-08-30 17:03 335,240 a------- c:\windows\system32\drivers\avgldx86.sys
2009-08-30 17:01 <DIR> --d----- c:\windows\system32\drivers\Avg
2009-08-30 17:01 <DIR> --d----- c:\docume~1\alluse~1\applic~1\AVG Security Toolbar
2009-08-30 17:00 <DIR> --d----- c:\program files\AVG
2009-08-30 17:00 <DIR> --d----- c:\docume~1\alluse~1\applic~1\avg8
2009-08-30 16:51 <DIR> --d----- c:\docume~1\owner\applic~1\AVG8
2009-08-30 15:45 <DIR> --d----- c:\docume~1\alluse~1\applic~1\SUPERAntiSpyware.com
2009-08-30 15:42 <DIR> --d----- c:\program files\common files\Wise Installation Wizard
2009-08-30 15:04 38,160 a------- c:\windows\system32\drivers\mbamswissarmy.sys
2009-08-30 15:04 19,096 a------- c:\windows\system32\drivers\mbam.sys
2009-08-30 15:04 <DIR> --d----- c:\program files\Malwarebytes' Anti-Malware
2009-08-30 03:02 <DIR> --d----- c:\program files\CCleaner
2009-08-27 23:06 1,985,024 ac------ c:\windows\system32\dllcache\iertutil.dll
2009-08-27 23:06 594,432 ac------ c:\windows\system32\dllcache\msfeeds.dll
2009-08-27 23:06 55,296 ac------ c:\windows\system32\dllcache\msfeedsbs.dll
2009-08-27 23:06 59,904 ac------ c:\windows\system32\dllcache\icardie.dll
2009-08-27 23:06 13,824 -c------ c:\windows\system32\dllcache\ieudinit.exe
2009-08-27 23:06 445,952 ac------ c:\windows\system32\dllcache\ieapfltr.dll
2009-08-27 23:06 3,698,584 ac------ c:\windows\system32\dllcache\ieapfltr.dat
2009-08-27 23:06 1,241,088 ac------ c:\windows\system32\dllcache\ieframe.dll.mui
2009-08-27 23:06 11,063,808 ac------ c:\windows\system32\dllcache\ieframe.dll
2009-08-25 22:37 <DIR> --d----- c:\windows\system32\Adobe

==================== Find3M ====================

2009-08-14 06:44 410,984 a------- c:\windows\system32\deploytk.dll
2008-12-29 00:30 5,229,433 a------- c:\program files\AW701WebPlayerOSXCmpl.hqx
2006-09-22 00:17 12,477,344 a------- c:\program files\viewer.exe
2004-08-16 04:35 2,567 a------- c:\program files\DeIsL1.isu
2004-08-16 04:35 147 a------- c:\program files\_DEISREG.ISR
2003-08-27 04:08 686,864 a------- c:\program files\startup cop.exe
2000-03-22 16:47 49,152 a------- c:\program files\_ISREG32.DLL
2001-08-18 07:00 94,784 -c-sh--- c:\windows\twain.dll
2008-04-13 19:12 50,688 ---sh--- c:\windows\twain_32.dll
2008-04-13 19:11 1,028,096 ---sh--- c:\windows\system32\mfc42.dll
2008-04-13 19:12 57,344 a--sh--- c:\windows\system32\msvcirt.dll
2008-04-13 19:12 413,696 a--sh--- c:\windows\system32\msvcp60.dll
2008-04-13 19:12 343,040 a--sh--- c:\windows\system32\msvcrt.dll
2008-04-13 19:12 551,936 ---sh--- c:\windows\system32\oleaut32.dll
2008-04-13 19:12 84,992 a--sh--- c:\windows\system32\olepro32.dll
2008-04-13 19:12 11,776 ---sh--- c:\windows\system32\regsvr32.exe

============= FINISH: 0:31:34.54 ===============

Attached Files



#4 syler

syler

  • Malware Response Team
  • 8,150 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Warrington, UK
  • Local time:12:12 AM

Posted 17 September 2009 - 12:09 AM

Hello C.Diva,

My name is Syler and I will be helping you to solve your Malware issues.

Please download Malwarebytes' Anti-Malware from Here

Note: If you already have Malwarebytes' Anti-Malware, just update then run it.
  • Double Click mbam-setup.exe to install the application.
  • Make sure a checkmark is placed next to Update Malwarebytes' Anti-Malware and Launch Malwarebytes' Anti-Malware, then click Finish.
  • If an update is found, it will download and install the latest version.
  • Once the program has loaded, select "Perform Full Scan", then click Scan (the scan may take some time to finish, so please be patient).
  • When the scan is complete, click OK, then Show Results to view the results.
  • Make sure that everything is checked, and click Remove Selected.
  • When disinfection is completed, a log will open in Notepad and you may be prompted to Restart.(See Extra Note)
  • The log is automatically saved by MBAM and can be viewed by clicking the Logs tab in MBAM.
  • Copy and Paste the entire report in your next reply .
Note: If MBAM encounters a file that is difficult to remove,you will be presented with 1 of 2 prompts, click OK to either and let MBAM proceed with the disinfection process,if asked to restart the computer,please do so immediatly.

Next
  • Download random's system information tool (RSIT) by random/random from here and save it to your desktop.
  • Double click on RSIT.exe to run RSIT.
  • Click Continue at the disclaimer screen.
  • Once it has finished, two logs will open. Please post the contents of both log.txt (<<will be maximized) and info.txt (<<will be minimized)
Then please post back here with the following:
  • MBAM report
  • log.txt
  • info.txt
Thanks

unite.jpg


#5 C.Diva

C.Diva
  • Topic Starter

  • Members
  • 13 posts
  • OFFLINE
  •  
  • Gender:Female
  • Local time:05:12 PM

Posted 18 September 2009 - 02:02 AM

Hi Syler... Here are the logs you requested.
Thanks for your help


Malwarebytes' Anti-Malware 1.41
Database version: 2818
Windows 5.1.2600 Service Pack 3

9/18/2009 1:40:17 AM
mbam-log-2009-09-18 (01-40-17).txt

Scan type: Full Scan (C:\|D:\|)
Objects scanned: 163478
Time elapsed: 2 hour(s), 6 minute(s), 57 second(s)

Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 0
Registry Values Infected: 0
Registry Data Items Infected: 1
Folders Infected: 0
Files Infected: 0

Memory Processes Infected:
(No malicious items detected)

Memory Modules Infected:
(No malicious items detected)

Registry Keys Infected:
(No malicious items detected)

Registry Values Infected:
(No malicious items detected)

Registry Data Items Infected:
HKEY_CURRENT_USER\SOFTWARE\Policies\Microsoft\Internet Explorer\Control Panel\Homepage (Hijack.Homepage) -> Bad: (1) Good: (0) -> Quarantined and deleted successfully.

Folders Infected:
(No malicious items detected)

Files Infected:
(No malicious items detected)
_______________
_______________


Logfile of random's system information tool 1.06 (written by random/random)
Run by DIVA at 2009-09-18 01:54:19
Microsoft Windows XP Home Edition Service Pack 3
System drive C: has 20 GB (60%) free of 33 GB
Total RAM: 126 MB (13% free)

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 1:55:42 AM, on 9/18/2009
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\LEXBCES.EXE
C:\WINDOWS\system32\LEXPPS.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\windows\system\hpsysdrv.exe
C:\HP\KBD\KBD.EXE
C:\WINDOWS\system32\S3apphk.exe
C:\Program Files\Lexmark 1200 Series\lxczbmgr.exe
C:\Program Files\Win-Patrol\WinPatrol\winpatrol.exe
C:\Program Files\Lexmark 1200 Series\lxczbmon.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Documents and Settings\Owner\Desktop\RSIT.exe
C:\Program Files\Trend Micro\HijackThis\DIVA.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = www.google.com
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = 127.0.0.1
R3 - URLSearchHook: AVG Security Toolbar BHO - {A3BC75A2-1F87-4686-AA43-5347D756017C} - C:\Program Files\AVG\AVG8\Toolbar\IEToolbar.dll
R3 - URLSearchHook: (no name) - *{CFBFAE00-17A6-11D0-99CB-00C04FD64497} - (no file)
O4 - HKLM\..\Run: [hpsysdrv] "c:\windows\system\hpsysdrv.exe"
O4 - HKLM\..\Run: [KBD] "C:\HP\KBD\KBD.EXE"
O4 - HKLM\..\Run: [S3apphk] "S3apphk.exe"
O4 - HKLM\..\Run: [PS2] "C:\WINDOWS\system32\ps2.exe"
O4 - HKLM\..\Run: [Recguard] "C:\WINDOWS\SMINST\RECGUARD.EXE"
O4 - HKLM\..\Run: [Lexmark 1200 Series] "C:\Program Files\Lexmark 1200 Series\lxczbmgr.exe"
O4 - HKLM\..\Run: [WinPatrol] C:\Program Files\Win-Patrol\WinPatrol\winpatrol.exe -expressboot
O4 - HKLM\..\Run: [Malwarebytes Anti-Malware (reboot)] "C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe" /runcleanupscript
O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O8 - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\WINDOWS\system32\GPhotos.scr/200
O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe (file missing)
O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe (file missing)
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O15 - Trusted Zone: http://*.mycoupons.com
O15 - Trusted Zone: http://*.mypoints.com
O15 - Trusted Zone: http://download.windowsupdate.com
O16 - DPF: {3E68E405-C6DE-49FF-83AE-41EE9F4C36CE} -
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/microsoftupdat...b?1239078844765
O16 - DPF: {8100D56A-5661-482C-BEE8-AFECE305D968} (Facebook Photo Uploader 5 Control) - http://upload.facebook.com/controls/2009.0...oUploader55.cab
O16 - DPF: {9732FB42-C321-11D1-836F-00A0C993F125} (mhLabel Class) - http://www.pcpitstop.com/mhLbl.cab
O16 - DPF: {9F1C11AA-197B-4942-BA54-47A8489BB47F} -
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} (get_atlcom Class) - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG8\avgpp.dll
O20 - Winlogon Notify: !SASWinLogon - C:\WINDOWS\
O20 - Winlogon Notify: avgrsstarter - C:\WINDOWS\
O23 - Service: LexBce Server (LexBceS) - Lexmark International, Inc. - C:\WINDOWS\system32\LEXBCES.EXE

--
End of file - 4657 bytes

======Registry dump======

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"hpsysdrv"=c:\windows\system\hpsysdrv.exe [1998-05-07 52736]
"KBD"=C:\HP\KBD\KBD.EXE [2001-07-06 61440]
"S3apphk"=C:\WINDOWS\system32\S3apphk.exe [2002-03-16 28672]
"PS2"=C:\WINDOWS\system32\ps2.exe [2001-07-03 81920]
"Recguard"=C:\WINDOWS\SMINST\RECGUARD.EXE [2001-12-19 212992]
"Lexmark 1200 Series"=C:\Program Files\Lexmark 1200 Series\lxczbmgr.exe [2006-07-13 57344]
"WinPatrol"=C:\Program Files\Win-Patrol\WinPatrol\winpatrol.exe [2009-06-01 341312]
"Malwarebytes Anti-Malware (reboot)"=C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe [2009-09-10 1312080]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\fc40um]
C:\WINDOWS\System32\fc40um.exe []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\IgfxTray]
C:\WINDOWS\System32\igfxtray.exe [2001-08-08 143360]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\KernelFaultCheck]
C:\WINDOWS\system32\dumprep 0 -k []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MoneyAgent]
c:\Program Files\Microsoft Money\System\Money Express.exe []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NeroFilterCheck]
C:\WINDOWS\system32\NeroCheck.exe [2001-07-09 155648]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NvCplDaemon]
NvQTwk,NvCplDaemon initialize []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Pop-Up Stopper]
C:\Program Files\Panicware\Pop-Up Stopper\dpps2.exe []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PreloadApp]
c:\hp\drivers\printers\photosmart\hphprld.exe [2001-12-13 36864]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]
C:\Program Files\QuickTime\qttask.exe -atboottime []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SpybotSD TeaTimer]
C:\Program Files\Spybot - Search & Destroy-V1.3\TeaTimer.exe []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\wcmdmgr]
C:\WINDOWS\wt\updater\wcmdmgrl.exe -launch []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Zero Knowledge Freedom]
C:\Program Files\Zero Knowledge\Freedom\Freedom.exe []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^hp center UI.lnk]
C:\PROGRA~1\HPCENT~1\137903\Shadow\SHADOW~1.EXE -STARTUP []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^hp center.lnk]
C:\PROGRA~1\HPCENT~1\137903\Program\BACKWE~1.EXE -startup []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^Microsoft Windows.hta]
C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Microsoft Windows.hta []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^Owner^Start Menu^Programs^Startup^BHODemon 2.0.lnk]
C:\PROGRA~1\BHODEM~2\BHODemon.exe [2005-06-19 946176]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^Owner^Start Menu^Programs^Startup^Pop-Up Stopper.lnk]
C:\PROGRA~1\PANICW~1\POP-UP~1\dpps2.exe []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\services]
"helpsvc"=2
"NVSvc"=3
"WmiApSrv"=3
"VSS"=3
"Themes"=3
"SysmonLog"=3
"SwPrv"=3
"ShellHWDetection"=3
"SCardSvr"=3
"SCardDrv"=3
"RSVP"=3
"NtmsSvc"=3
"NtLmSsp"=3
"MSIServer"=3
"ImapiService"=3
"Dnscache"=3
"dmserver"=3
"dmadmin"=3
"COMSysApp"=3
"BITS"=3
"AppMgmt"=3
"AvgServ"=2
"Avg7UpdSvc"=2
"Avg7Alrt"=2
"AVGEMS"=2
"vsmon"=3
"ose"=3
"aawservice"=2

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\!SASWinLogon]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\avgrsstarter]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]
C:\WINDOWS\system32\igfxsrvc.dll [2001-08-08 270336]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\WRNotifier]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{5AE067D3-9AFB-48E0-853A-EBB7F4A000DA}"=C:\Program Files\SUPERAntiSpyware\SASSEH.DLL [2008-05-13 77824]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\nm]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\nm.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\SYMTDI]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\UploadMgr]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"HonorAutoRunSetting"=

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"C:\WINDOWS\system32\fxsclnt.exe"="C:\WINDOWS\system32\fxsclnt.exe:*:Enabled:Microsoft Fax Console"
"C:\WINDOWS\system32\sessmgr.exe"="C:\WINDOWS\system32\sessmgr.exe:*:Disabled:@xpsp2res.dll,-22019"
"C:\Program Files\AVG\AVG8\avgam.exe"="C:\Program Files\AVG\AVG8\avgam.exe:*:Enabled:avgam.exe"
"C:\Program Files\AVG\AVG8\avgdiag.exe"="C:\Program Files\AVG\AVG8\avgdiag.exe:*:Enabled:avgdiag.exe"
"C:\Program Files\AVG\AVG8\avgdiagex.exe"="C:\Program Files\AVG\AVG8\avgdiagex.exe:*:Enabled:avgdiagex.exe"
"C:\Program Files\AVG\AVG8\avgemc.exe"="C:\Program Files\AVG\AVG8\avgemc.exe:*:Enabled:avgemc.exe"
"C:\Program Files\AVG\AVG8\avgupd.exe"="C:\Program Files\AVG\AVG8\avgupd.exe:*:Enabled:avgupd.exe"
"C:\Program Files\AVG\AVG8\avgnsx.exe"="C:\Program Files\AVG\AVG8\avgnsx.exe:*:Enabled:avgnsx.exe"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"

======List of files/folders created in the last 1 months======

2009-09-18 01:54:19 ----D---- C:\rsit
2009-09-17 23:19:40 ----D---- C:\Program Files\Malwarebytes' Anti-Malware
2009-09-08 23:41:14 ----D---- C:\Program Files\IrfanView
2009-09-03 02:44:35 ----N---- C:\WINDOWS\system32\vxblock.dll
2009-09-03 02:44:35 ----N---- C:\WINDOWS\system32\pxhpinst.exe
2009-09-03 02:44:35 ----N---- C:\WINDOWS\system32\pxdrv.dll
2009-09-03 02:44:34 ----N---- C:\WINDOWS\system32\pxwave.dll
2009-09-03 02:44:34 ----N---- C:\WINDOWS\system32\pxmas.dll
2009-09-03 02:44:33 ----N---- C:\WINDOWS\system32\px.dll
2009-09-03 02:42:46 ----D---- C:\WINDOWS\system32\IOSUBSYS
2009-09-03 02:41:48 ----D---- C:\Program Files\Google
2009-09-03 01:27:06 ----D---- C:\Program Files\Excel Viewer
2009-09-02 22:21:37 ----D---- C:\Desktop Files2
2009-08-31 20:26:55 ----HDC---- C:\WINDOWS\ie8
2009-08-30 17:28:51 ----HD---- C:\$AVG8.VAULT$
2009-08-30 17:04:06 ----A---- C:\WINDOWS\system32\avgrsstx.dll
2009-08-30 17:01:08 ----D---- C:\Documents and Settings\All Users\Application Data\AVG Security Toolbar
2009-08-30 17:00:11 ----D---- C:\Program Files\AVG
2009-08-30 17:00:04 ----D---- C:\Documents and Settings\All Users\Application Data\avg8
2009-08-30 16:51:58 ----D---- C:\Documents and Settings\Owner\Application Data\AVG8
2009-08-30 15:45:11 ----D---- C:\Documents and Settings\All Users\Application Data\SUPERAntiSpyware.com
2009-08-30 15:42:56 ----D---- C:\Program Files\Common Files\Wise Installation Wizard
2009-08-30 05:33:26 ----D---- C:\Program Files\NOS
2009-08-30 05:33:26 ----D---- C:\Documents and Settings\All Users\Application Data\NOS
2009-08-30 03:02:41 ----D---- C:\Program Files\CCleaner
2009-08-27 23:29:45 ----D---- C:\WINDOWS\ie7updates
2009-08-27 23:26:06 ----D---- C:\WINDOWS\WBEM
2009-08-27 23:22:55 ----HDC---- C:\WINDOWS\ie7
2009-08-27 23:21:44 ----HDC---- C:\WINDOWS\$NtServicePackUninstallIDNMitigationAPIs$
2009-08-27 23:19:05 ----HDC---- C:\WINDOWS\$NtServicePackUninstallNLSDownlevelMapping$
2009-08-26 00:12:50 ----D---- C:\WINDOWS\Sun
2009-08-25 22:37:41 ----D---- C:\WINDOWS\system32\Adobe
2009-08-24 06:16:32 ----A---- C:\netstat.txt

======List of files/folders modified in the last 1 months======

2009-09-18 01:14:22 ----AD---- C:\WINDOWS
2009-09-17 23:19:46 ----D---- C:\WINDOWS\system32\drivers
2009-09-17 23:19:40 ----RD---- C:\Program Files
2009-09-17 04:15:12 ----D---- C:\WINDOWS\system32\FxsTmp
2009-09-17 00:30:01 ----A---- C:\WINDOWS\ModemLog_Lucent Win Modem.txt
2009-09-17 00:26:32 ----D---- C:\WINDOWS\Temp
2009-09-17 00:24:11 ----RD---- C:\temp
2009-09-14 03:12:20 ----D---- C:\WINDOWS\system32\CatRoot2
2009-09-11 22:10:00 ----A---- C:\WINDOWS\lexstat.ini
2009-09-10 00:25:30 ----D---- C:\WINDOWS\Help
2009-09-08 01:35:20 ----SD---- C:\WINDOWS\Downloaded Program Files
2009-09-03 04:50:41 ----D---- C:\WINDOWS\system32
2009-09-03 02:42:46 ----D---- C:\WINDOWS\inf
2009-09-03 01:27:14 ----SHD---- C:\WINDOWS\Installer
2009-09-03 01:27:07 ----D---- C:\Program Files\Common Files\Microsoft Shared
2009-09-01 15:44:02 ----AC---- C:\WINDOWS\NeroDigital.ini
2009-08-31 20:39:14 ----D---- C:\WINDOWS\system32\en-us
2009-08-31 20:39:10 ----D---- C:\WINDOWS\Media
2009-08-31 20:39:09 ----RSHDC---- C:\WINDOWS\system32\dllcache
2009-08-31 20:39:09 ----D---- C:\Program Files\Internet Explorer
2009-08-30 16:59:33 ----D---- C:\WINDOWS\WinSxS
2009-08-30 16:58:36 ----SD---- C:\Documents and Settings\Owner\Application Data\Microsoft
2009-08-30 15:44:14 ----D---- C:\Program Files\SUPERAntiSpyware
2009-08-30 14:55:34 ----AD---- C:\Documents and Settings\All Users\Application Data\TEMP
2009-08-30 03:11:00 ----D---- C:\Program Files\CCleaner_v2.08
2009-08-30 03:06:44 ----D---- C:\WINDOWS\Debug
2009-08-27 23:28:53 ----HD---- C:\WINDOWS\$hf_mig$
2009-08-25 22:40:39 ----D---- C:\Documents and Settings\Owner\Application Data\Adobe
2009-08-25 22:40:23 ----D---- C:\WINDOWS\system32\Macromed

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R1 AvgMfx86;AVG On-access Scanner Minifilter Driver x86; C:\WINDOWS\System32\Drivers\avgmfx86.sys [2009-08-30 27784]
R1 AvgTdiX;AVG8 Network Redirector; C:\WINDOWS\System32\Drivers\avgtdix.sys [2009-08-30 108552]
R1 P3;Intel PentiumIII Processor Driver; C:\WINDOWS\System32\DRIVERS\p3.sys [2008-04-13 42752]
R1 SASDIFSV;SASDIFSV; \??\C:\Program Files\SUPERAntiSpyware\SASDIFSV.SYS []
R1 SASKUTIL;SASKUTIL; \??\C:\Program Files\SUPERAntiSpyware\SASKUTIL.sys []
R1 WS2IFSL;Windows Socket 2.0 Non-IFS Service Provider Support Environment; C:\WINDOWS\System32\drivers\ws2ifsl.sys [2001-08-18 12032]
R3 i81x;i81x; C:\WINDOWS\System32\DRIVERS\i81xnt5.sys [2001-08-08 158140]
R3 ltmodem5;LT Modem Driver; C:\WINDOWS\System32\DRIVERS\ltmdmnt.sys [2003-03-31 625537]
R3 ms_mpu401;Microsoft MPU-401 MIDI UART Driver; C:\WINDOWS\system32\drivers\msmpu401.sys [2001-08-17 2944]
R3 pfc;Padus ASPI Shell; C:\WINDOWS\system32\drivers\pfc.sys [2002-03-26 13780]
R3 Ps2;PS2; C:\WINDOWS\System32\DRIVERS\PS2.sys [2001-06-04 14112]
R3 rtl8139;Realtek RTL8139(A/B/C)-based PCI Fast Ethernet Adapter NT Driver; C:\WINDOWS\System32\DRIVERS\RTL8139.SYS [2004-08-04 20992]
R3 smwdm;smwdm; C:\WINDOWS\system32\drivers\smwdm.sys [2001-11-29 411368]
R3 usbhub;Microsoft USB Standard Hub Driver; C:\WINDOWS\System32\DRIVERS\usbhub.sys [2008-04-13 59520]
R3 usbprint;Microsoft USB PRINTER Class; C:\WINDOWS\System32\DRIVERS\usbprint.sys [2008-04-13 25856]
R3 usbscan;USB Scanner Driver; C:\WINDOWS\System32\DRIVERS\usbscan.sys [2008-04-13 15104]
R3 usbuhci;Microsoft USB Universal Host Controller Miniport Driver; C:\WINDOWS\System32\DRIVERS\usbuhci.sys [2008-04-13 20608]
S1 AmdK7;AMD K7 Processor Driver; C:\WINDOWS\System32\DRIVERS\amdk7.sys [2008-04-13 37760]
S1 AvgLdx86;AVG AVI Loader Driver x86; C:\WINDOWS\System32\Drivers\avgldx86.sys [2009-08-30 335240]
S1 intelppm;Intel Processor Driver; C:\WINDOWS\System32\DRIVERS\intelppm.sys [2008-04-13 36352]
S3 {6080A529-897E-4629-A488-ABA0C29B635E};Intel® Graphics Platform (SoftBIOS) Driver; C:\WINDOWS\system32\drivers\ialmsbw.sys [2002-03-27 87648]
S3 {D31A0762-0CEB-444e-ACFF-B049A1F6FE91};Intel® Graphics Chipset (KCH) Driver; C:\WINDOWS\system32\drivers\ialmkchw.sys [2002-03-27 69472]
S3 Ad-Watch Connect Filter;Ad-Watch Connect Kernel Filter; \??\C:\WINDOWS\System32\drivers\NSDriver.sys []
S3 E100B;Intel® PRO Adapter Driver; C:\WINDOWS\System32\DRIVERS\e100b325.sys [2001-08-17 117760]
S3 Freedom;FREEDOM Miniport; C:\WINDOWS\System32\DRIVERS\FREEDOM.SYS []
S3 iAimFP0;iAimFP0; C:\WINDOWS\System32\DRIVERS\wADV01nt.sys [2001-08-08 12479]
S3 iAimFP1;iAimFP1; C:\WINDOWS\System32\DRIVERS\wADV02NT.sys [2001-08-08 12031]
S3 iAimFP2;iAimFP2; C:\WINDOWS\System32\DRIVERS\wADV05NT.sys [2001-08-08 11679]
S3 iAimFP3;iAimFP3; C:\WINDOWS\System32\DRIVERS\wSiINTxx.sys [2001-08-08 11999]
S3 iAimFP4;iAimFP4; C:\WINDOWS\System32\DRIVERS\wVchNTxx.sys [2001-08-08 19359]
S3 iAimTV0;iAimTV0; C:\WINDOWS\System32\DRIVERS\wATV01nt.sys [2001-08-08 29215]
S3 iAimTV1;iAimTV1; C:\WINDOWS\System32\DRIVERS\wATV02NT.sys [2001-08-08 19199]
S3 iAimTV3;iAimTV3; C:\WINDOWS\System32\DRIVERS\wATV04nt.sys [2001-08-08 33503]
S3 iAimTV4;iAimTV4; C:\WINDOWS\System32\DRIVERS\wCh7xxNT.sys [2001-08-08 23519]
S3 ialm;ialm; C:\WINDOWS\System32\DRIVERS\ialmnt5.sys [2002-03-27 77181]
S3 nv;nv; C:\WINDOWS\System32\DRIVERS\nv4_mini.sys [2002-03-09 909501]
S3 nv4;nv4; C:\WINDOWS\System32\DRIVERS\nv4.sys [2001-08-17 731648]
S3 PCDRDRV;Pcdr CPU Helper Driver; C:\WINDOWS\system32\drivers\PCDRDRV.sys []
S3 PcdrNt;PcdrNt; C:\WINDOWS\System32\drivers\PcdrNt.sys [2000-03-23 44192]
S3 SASENUM;SASENUM; \??\C:\Program Files\SUPERAntiSpyware\SASENUM.SYS []
S3 SiS315;SiS315; C:\WINDOWS\System32\DRIVERS\sisgrp.sys [2002-03-19 187520]
S3 trid3d;trid3d; C:\WINDOWS\System32\DRIVERS\trid3dm.sys [2002-03-21 144860]
S3 usbehci;Microsoft USB 2.0 Enhanced Host Controller Miniport Driver; C:\WINDOWS\System32\DRIVERS\usbehci.sys [2008-04-13 30208]
S3 usbohci;Microsoft USB Open Host Controller Miniport Driver; C:\WINDOWS\System32\DRIVERS\usbohci.sys [2008-04-13 17152]
S3 vsdatant;vsdatant; C:\WINDOWS\System32\vsdatant.sys []
S4 tmcomm;tmcomm; \??\C:\WINDOWS\System32\drivers\tmcomm.sys []

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 LexBceS;LexBce Server; C:\WINDOWS\system32\LEXBCES.EXE [2006-04-17 311296]
S3 Fax;Fax; C:\WINDOWS\system32\fxssvc.exe [2008-04-13 267776]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2003-07-28 89136]
S3 spupdsvc;Windows Service Pack Installer update service; C:\WINDOWS\system32\spupdsvc.exe [2009-01-07 26144]
S4 avg8emc;AVG8 E-mail Scanner; C:\PROGRA~1\AVG\AVG8\avgemc.exe [2009-08-30 908056]
S4 avg8wd;AVG8 WatchDog; C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe [2009-08-30 297752]
S4 getPlusHelper;getPlus® Helper; C:\WINDOWS\System32\svchost.exe [2008-04-13 14336]
S4 gusvc;Google Updater Service; C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe [2008-11-20 136120]
S4 NVSvc;NVIDIA Driver Helper Service; C:\WINDOWS\System32\nvsvc32.exe [2002-03-09 61440]
S4 UMWdf;Windows User Mode Driver Framework; C:\WINDOWS\System32\wdfmgr.exe [2004-09-22 38912]

-----------------EOF-----------------


info.txt logfile of random's system information tool 1.06 2009-09-18 01:55:49

======Uninstall list======

-->C:\WINDOWS\IsUninst.exe -fC:\WINDOWS\orun32.isu
-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{854A5F01-D692-11D4-A984-009027EC0A9C}\setup.exe"
-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{945E2519-C2B9-11D3-9D56-0060B0A4823E}\setup.exe"
-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{CD47EFC1-D692-11D4-A984-009027EC0A9C}\setup.exe"
-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{E7E518B2-B174-11D3-9D4E-0060B0A4823E}\setup.exe"
-->rundll32.exe setupapi.dll,InstallHinfSection DefaultUninstall 132 C:\WINDOWS\INF\PCHealth.inf
Adobe Acrobat 5.0-->C:\WINDOWS\ISUNINST.EXE -f"C:\Program Files\Common Files\Adobe\Acrobat 5.0\NT\Uninst.isu" -c"C:\Program Files\Common Files\Adobe\Acrobat 5.0\NT\Uninst.dll"
Adobe Download Manager-->"C:\WINDOWS\system32\rundll32.exe" "C:\Program Files\NOS\bin\getPlus_Helper.dll",Uninstall /Get1
Adobe Flash Player 10 ActiveX-->C:\WINDOWS\system32\Macromed\Flash\uninstall_activeX.exe
Adobe Shockwave Player 11.5-->"C:\WINDOWS\system32\Adobe\Shockwave 11\uninstaller.exe"
AVG 8.5-->C:\Program Files\AVG\AVG8\setup.exe /UNINSTALL
BHODemon 2.0.0.23-->"C:\Program Files\BHODemon_2\unins000.exe"
CCleaner (remove only)-->"C:\Program Files\CCleaner\uninst.exe"
Coupon Printer for Windows-->"C:\Program Files\Coupons\uninstall.exe" "/U:C:\Program Files\Coupons\Uninstall\uninstall.xml"
FaxTools-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{F45298E5-0083-426F-A668-1A2C5F04B8A0}\setup.exe" -l0x9 ControlPanel
FontList (remove only)-->"C:\Program Files\FontList\Uninstall.exe"
GTK+ 1.3.0-20030717-1 runtime environment-->C:\WINDOWS\unins000.exe
HDValet-->C:\PROGRA~1\HDValet\UNWISE.EXE C:\PROGRA~1\HDValet\INSTALL.LOG
HijackThis 2.0.2-->"C:\Program Files\Trend Micro\HijackThis\HijackThis.exe" /uninstall
Hotfix for Windows XP (KB952287)-->"C:\WINDOWS\$NtUninstallKB952287$\spuninst\spuninst.exe"
hp instant support-->C:\PROGRA~1\HEWLET~1\hpis\Uninstall.exe CeS
hp learning adventure-->c:\program files\HPSelect\Frontend\uninstall.exe
HP Photo Printing Software-->C:\WINDOWS\IsUninst.exe -f"C:\Program Files\Hewlett-Packard\PhotoSmart\Photo Printing\Uninstall.isu" -c"C:\Program Files\Hewlett-Packard\PhotoSmart\Photo Printing\hpiunPC.dll
Inactive HP Printer Drivers (Remove only)-->RunDll32 hpuninst.dll,InstallHinfSection UninstDefault 132 prntunin.inf
Intel® 845G Chipset Graphics Driver Software-->RUNDLL32.EXE C:\WINDOWS\System32\ialmrem.dll,UninstallW2KIGfx PCI\VEN_8086&DEV_2562
IrfanView (remove only)-->C:\Program Files\IrfanView\iv_uninstall.exe
KBD-->C:\HP\KBD\KBD.EXE uninstalled
Lexmark 1200 Series-->C:\WINDOWS\System32\spool\drivers\w32x86\3\LXCZUN5C.EXE -dLexmark 1200 Series
Malwarebytes' Anti-Malware-->"C:\Program Files\Malwarebytes' Anti-Malware\unins000.exe"
Microsoft Data Access Components KB870669-->C:\WINDOWS\muninst.exe C:\WINDOWS\INF\KB870669.inf
Microsoft Internationalized Domain Names Mitigation APIs-->"C:\WINDOWS\$NtServicePackUninstallIDNMitigationAPIs$\spuninst\spuninst.exe"
Microsoft National Language Support Downlevel APIs-->"C:\WINDOWS\$NtServicePackUninstallNLSDownlevelMapping$\spuninst\spuninst.exe"
Microsoft Office Excel Viewer 2003-->MsiExec.exe /I{90840409-6000-11D3-8CFE-0150048383C9}
Microsoft Office PowerPoint Viewer 2003-->MsiExec.exe /X{90AF0409-6000-11D3-8CFE-0150048383C9}
Microsoft Office Word Viewer 2003-->MsiExec.exe /I{90850409-6000-11D3-8CFE-0150048383C9}
Microsoft Visual C++ 2005 Redistributable-->MsiExec.exe /X{7299052b-02a4-4627-81f2-1818da5d550d}
Microsoft Works 6.0-->MsiExec.exe /I{A1B7B9B3-E1D2-41CA-9B4A-F18DC2710704}
Nero OEM-->C:\Program Files\Ahead\nero\uninstall\UNNERO.exe /UNINSTALL
NVIDIA Windows 2000/XP Display Drivers-->rundll32.exe C:\WINDOWS\System32\nvinstnt.dll,NvUninstallNT4 nvhp.inf
Picasa 3-->"C:\Program Files\Google\Picasa3\Uninstall.exe"
PS2-->C:\WINDOWS\system32\ps2.exe uninstall
Python 1.5 combined Win32 extensions-->C:\PROGRA~1\Python\UNWISE~1.EXE C:\PROGRA~1\Python\W32INST.LOG
Python 1.5.2 (final)-->C:\PROGRA~1\Python\UNWISE.EXE C:\PROGRA~1\Python\INSTALL.LOG
QuickTime-->C:\WINDOWS\unvise32qt.exe C:\WINDOWS\System32\QuickTime\Uninstall.log
Security Update for Step By Step Interactive Training (KB898458)-->"C:\WINDOWS\$NtUninstallKB898458$\spuninst\spuninst.exe"
Security Update for Step By Step Interactive Training (KB923723)-->"C:\WINDOWS\$NtUninstallKB923723$\spuninst\spuninst.exe"
Security Update for Windows Internet Explorer 7 (KB972260)-->"C:\WINDOWS\ie7updates\KB972260-IE7\spuninst\spuninst.exe"
Security Update for Windows Media Player (KB952069)-->"C:\WINDOWS\$NtUninstallKB952069_WM9$\spuninst\spuninst.exe"
Security Update for Windows Media Player 10 (KB917734)-->"C:\WINDOWS\$NtUninstallKB917734_WMP10$\spuninst\spuninst.exe"
Security Update for Windows Media Player 10 (KB936782)-->"C:\WINDOWS\$NtUninstallKB936782_WMP10$\spuninst\spuninst.exe"
Security Update for Windows XP (KB923689)-->"C:\WINDOWS\$NtUninstallKB923689$\spuninst\spuninst.exe"
Security Update for Windows XP (KB938464-v2)-->"C:\WINDOWS\$NtUninstallKB938464-v2$\spuninst\spuninst.exe"
Security Update for Windows XP (KB941569)-->"C:\WINDOWS\$NtUninstallKB941569$\spuninst\spuninst.exe"
Security Update for Windows XP (KB946648)-->"C:\WINDOWS\$NtUninstallKB946648$\spuninst\spuninst.exe"
Security Update for Windows XP (KB950760)-->"C:\WINDOWS\$NtUninstallKB950760$\spuninst\spuninst.exe"
Security Update for Windows XP (KB950762)-->"C:\WINDOWS\$NtUninstallKB950762$\spuninst\spuninst.exe"
Security Update for Windows XP (KB950974)-->"C:\WINDOWS\$NtUninstallKB950974$\spuninst\spuninst.exe"
Security Update for Windows XP (KB951066)-->"C:\WINDOWS\$NtUninstallKB951066$\spuninst\spuninst.exe"
Security Update for Windows XP (KB951376-v2)-->"C:\WINDOWS\$NtUninstallKB951376-v2$\spuninst\spuninst.exe"
Security Update for Windows XP (KB951698)-->"C:\WINDOWS\$NtUninstallKB951698$\spuninst\spuninst.exe"
Security Update for Windows XP (KB951748)-->"C:\WINDOWS\$NtUninstallKB951748$\spuninst\spuninst.exe"
Security Update for Windows XP (KB952954)-->"C:\WINDOWS\$NtUninstallKB952954$\spuninst\spuninst.exe"
Security Update for Windows XP (KB954459)-->"C:\WINDOWS\$NtUninstallKB954459$\spuninst\spuninst.exe"
Security Update for Windows XP (KB954600)-->"C:\WINDOWS\$NtUninstallKB954600$\spuninst\spuninst.exe"
Security Update for Windows XP (KB955069)-->"C:\WINDOWS\$NtUninstallKB955069$\spuninst\spuninst.exe"
Security Update for Windows XP (KB956802)-->"C:\WINDOWS\$NtUninstallKB956802$\spuninst\spuninst.exe"
Security Update for Windows XP (KB956803)-->"C:\WINDOWS\$NtUninstallKB956803$\spuninst\spuninst.exe"
Security Update for Windows XP (KB956841)-->"C:\WINDOWS\$NtUninstallKB956841$\spuninst\spuninst.exe"
Security Update for Windows XP (KB957097)-->"C:\WINDOWS\$NtUninstallKB957097$\spuninst\spuninst.exe"
Security Update for Windows XP (KB958215)-->"C:\WINDOWS\$NtUninstallKB958215$\spuninst\spuninst.exe"
Security Update for Windows XP (KB958644)-->"C:\WINDOWS\$NtUninstallKB958644$\spuninst\spuninst.exe"
Security Update for Windows XP (KB958687)-->"C:\WINDOWS\$NtUninstallKB958687$\spuninst\spuninst.exe"
Security Update for Windows XP (KB958690)-->"C:\WINDOWS\$NtUninstallKB958690$\spuninst\spuninst.exe"
Security Update for Windows XP (KB960225)-->"C:\WINDOWS\$NtUninstallKB960225$\spuninst\spuninst.exe"
Security Update for Windows XP (KB960714)-->"C:\WINDOWS\$NtUninstallKB960714$\spuninst\spuninst.exe"
Security Update for Windows XP (KB960715)-->"C:\WINDOWS\$NtUninstallKB960715$\spuninst\spuninst.exe"
Shockwave-->C:\WINDOWS\system32\Macromed\SHOCKW~1\UNWISE.EXE C:\WINDOWS\system32\Macromed\SHOCKW~1\Install.log
SoundMAX-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{F0A37341-D692-11D4-A984-009027EC0A9C}\Setup.exe"
StartupMonitor-->MsiExec.exe /I{76EFAC4F-1712-401F-B2AE-590B170C9BCE}
SUPERAntiSpyware Free Edition-->MsiExec.exe /X{CDDCBBF1-2703-46BC-938B-BCC81A1EEAAA}
Tcl 8.0.5 for Windows-->C:\PROGRA~1\Tcl\UNWISE.EXE C:\PROGRA~1\Tcl\INSTALL.LOG
Update for Windows XP (KB951978)-->"C:\WINDOWS\$NtUninstallKB951978$\spuninst\spuninst.exe"
Update for Windows XP (KB955839)-->"C:\WINDOWS\$NtUninstallKB955839$\spuninst\spuninst.exe"
Update for Windows XP (KB967715)-->"C:\WINDOWS\$NtUninstallKB967715$\spuninst\spuninst.exe"
Windows Internet Explorer 7-->"C:\WINDOWS\ie7\spuninst\spuninst.exe"
Windows Internet Explorer 8-->"C:\WINDOWS\ie8\spuninst\spuninst.exe"
Windows Media Format Runtime-->"C:\Program Files\Windows Media Player\wmsetsdk.exe" /UninstallAll
Windows Media Player 10-->"C:\Program Files\Windows Media Player\Setup_wm.exe" /Uninstall
Windows XP Service Pack 3-->"C:\WINDOWS\$NtServicePackUninstall$\spuninst\spuninst.exe"
WinPatrol 2009-->C:\PROGRA~1\WIN-PA~1\WINPAT~1\Setup.exe /remove /q0
Zoner Draw 3-->MsiExec.exe /I{D692E771-F6CC-11D4-83DE-004F4E03F091}

======Hosts File======

127.0.0.1 localhost
127.0.0.1 ad.a8.net
127.0.0.1 asy.a8ww.net
127.0.0.1 acezip.net #[SiteAdvisor.acezip.net]
127.0.0.1 www.acezip.net #[Win32/Adware.180Solutions]
127.0.0.1 phpadsnew.abac.com
127.0.0.1 a.abnad.net
127.0.0.1 b.abnad.net
127.0.0.1 c.abnad.net #[eTrust.Tracking.Cookie]
127.0.0.1 d.abnad.net

======Security center information======

AV: AVG Anti-Virus (disabled) (outdated)

======System event log======

Computer Name: YOUR-M5D4U9R2UV
Event Code: 1000
Message: Your computer has lost the lease to its IP address 68.94.183.191 on the
Network Card with network address 00402B32B879.

Record Number: 61108
Source Name: Dhcp
Time Written: 20090609221041.000000-300
Event Type: error
User:

Computer Name: YOUR-M5D4U9R2UV
Event Code: 1003
Message: Your computer was not able to renew its address from the network (from the
DHCP Server) for the Network Card with network address 00402B32B879. The following
error occurred:
The semaphore timeout period has expired.
.
Your computer will continue to try and obtain an address on its own from
the network address (DHCP) server.

Record Number: 61107
Source Name: Dhcp
Time Written: 20090609221041.000000-300
Event Type: warning
User:

Computer Name: YOUR-M5D4U9R2UV
Event Code: 1002
Message: The IP address lease 192.168.1.64 for the Network Card with network address 00402B32B879 has been
denied by the DHCP server 192.168.0.1 (The DHCP Server sent a DHCPNACK message).

Record Number: 61106
Source Name: Dhcp
Time Written: 20090609201645.000000-300
Event Type: error
User:

Computer Name: YOUR-M5D4U9R2UV
Event Code: 1000
Message: Your computer has lost the lease to its IP address 68.93.97.187 on the
Network Card with network address 00402B32B879.

Record Number: 61104
Source Name: Dhcp
Time Written: 20090609200845.000000-300
Event Type: error
User:

Computer Name: YOUR-M5D4U9R2UV
Event Code: 1003
Message: Your computer was not able to renew its address from the network (from the
DHCP Server) for the Network Card with network address 00402B32B879. The following
error occurred:
The semaphore timeout period has expired.
.
Your computer will continue to try and obtain an address on its own from
the network address (DHCP) server.

Record Number: 61103
Source Name: Dhcp
Time Written: 20090609200845.000000-300
Event Type: warning
User:

=====Application event log=====

Computer Name: YOUR-M5D4U9R2UV
Event Code: 1517
Message: Windows saved user YOUR-M5D4U9R2UV\Owner registry while an application or service was still using the registry during log off. The memory used by the user's registry has not been freed. The registry will be unloaded when it is no longer in use.


This is often caused by services running as a user account, try configuring the services to run in either the LocalService or NetworkService account.

Record Number: 273
Source Name: Userenv
Time Written: 20030201054402.000000-360
Event Type: warning
User: NT AUTHORITY\SYSTEM

Computer Name: YOUR-M5D4U9R2UV
Event Code: 1000
Message: Faulting application spinwin.exe, version 5.0.7.0, faulting module ntdll.dll, version 5.1.2600.1106, fault address 0x000255e9.

Record Number: 252
Source Name: Application Error
Time Written: 20030130230533.000000-360
Event Type: error
User:

Computer Name: YOUR-M5D4U9R2UV
Event Code: 1000
Message: Faulting application spinwin.exe, version 5.0.7.0, faulting module ntdll.dll, version 5.1.2600.1106, fault address 0x000255e9.

Record Number: 251
Source Name: Application Error
Time Written: 20030130230533.000000-360
Event Type: error
User:

Computer Name: YOUR-M5D4U9R2UV
Event Code: 1517
Message: Windows saved user YOUR-M5D4U9R2UV\Owner registry while an application or service was still using the registry during log off. The memory used by the user's registry has not been freed. The registry will be unloaded when it is no longer in use.


This is often caused by services running as a user account, try configuring the services to run in either the LocalService or NetworkService account.

Record Number: 250
Source Name: Userenv
Time Written: 20030129185007.000000-360
Event Type: warning
User: NT AUTHORITY\SYSTEM

Computer Name: YOUR-M5D4U9R2UV
Event Code: 1517
Message: Windows saved user YOUR-M5D4U9R2UV\Owner registry while an application or service was still using the registry during log off. The memory used by the user's registry has not been freed. The registry will be unloaded when it is no longer in use.


This is often caused by services running as a user account, try configuring the services to run in either the LocalService or NetworkService account.

Record Number: 248
Source Name: Userenv
Time Written: 20030126201231.000000-360
Event Type: warning
User: NT AUTHORITY\SYSTEM

======Environment variables======

"ComSpec"=%SystemRoot%\system32\cmd.exe
"devmgr_show_nonpresent_devices"=1
"FP_NO_HOST_CHECK"=NO
"NUMBER_OF_PROCESSORS"=1
"OS"=Windows_NT
"Path"=%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;C:\Program files\PC-Doctor for Windows XP\WINDSAPI
"PATHEXT"=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH
"PROCESSOR_ARCHITECTURE"=x86
"PROCESSOR_IDENTIFIER"=x86 Family 6 Model 11 Stepping 1, GenuineIntel
"PROCESSOR_LEVEL"=6
"PROCESSOR_REVISION"=0b01
"TEMP"=%SystemRoot%\TEMP
"TMP"=%SystemRoot%\TEMP
"windir"=%SystemRoot%

-----------------EOF-----------------

#6 syler

syler

  • Malware Response Team
  • 8,150 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Warrington, UK
  • Local time:12:12 AM

Posted 18 September 2009 - 04:10 AM

C.Diva,

I don't see to much wrong here, just some bits that can be cleaned up, but I think your main problem is the following.

Total RAM: 126 MB (13% free)


This is an extremely low amount of RAM to have on an XP machine, and the only realistic way you can speed this pc up, is to buy more ram.

We need to create an OTL Report
  • Please download OTL from one of the following mirrors:
  • Save it to your desktop.
  • Double click on the Posted Image icon on your desktop.
  • Click the "Scan All Users" checkbox.
  • Push the Posted Image button.
  • Two reports will open, copy and paste them in a reply here:
    • OTListIt.txt <-- Will be opened
    • Extra.txt <-- Will be minimized
Thanks

unite.jpg


#7 C.Diva

C.Diva
  • Topic Starter

  • Members
  • 13 posts
  • OFFLINE
  •  
  • Gender:Female
  • Local time:05:12 PM

Posted 18 September 2009 - 09:48 PM

Syler,


OTL Extras logfile created on: 9/18/2009 9:44:17 PM - Run 1
OTL by OldTimer - Version 3.0.14.0 Folder = C:\Documents and Settings\Owner\Desktop
Windows XP Home Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

125.98 Mb Total Physical Memory | 17.61 Mb Available Physical Memory | 13.97% Memory free
489.61 Mb Paging File | 338.21 Mb Available in Paging File | 69.08% Paging File free
Paging file location(s): C:\pagefile.sys 0 0 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 32.42 Gb Total Space | 19.27 Gb Free Space | 59.46% Space Free | Partition Type: NTFS
Drive D: | 4.87 Gb Total Space | 1.07 Gb Free Space | 21.99% Space Free | Partition Type: FAT32
E: Drive not present or media not loaded
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded

Computer Name: YOUR-M5D4U9R2UV
Current User Name: DIVA
Logged in as Administrator.

Current Boot Mode: Normal
Scan Mode: All users
Company Name Whitelist: Off
Skip Microsoft Files: Off
File Age = 30 Days
Output = Standard

========== Extra Registry (SafeList) ==========


========== File Associations ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.chm [@ = chm.file] -- C:\WINDOWS\hh.exe (Microsoft Corporation)
.html [@ = htmlfile] -- C:\Program Files\Internet Explorer\IEXPLORE.EXE (Microsoft Corporation)

========== Shell Spawning ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %* File not found
chm.file [open] -- "C:\WINDOWS\hh.exe" %1 (Microsoft Corporation)
cmdfile [open] -- "%1" %* File not found
comfile [open] -- "%1" %* File not found
exefile [open] -- "%1" %* File not found
htmlfile [edit] -- "C:\Program Files\Excel Viewer\OFFICE11\msohtmed.exe" %1 File not found
htmlfile [open] -- "C:\Program Files\Internet Explorer\IEXPLORE.EXE" -nohome (Microsoft Corporation)
htmlfile [opennew] -- "C:\Program Files\Internet Explorer\IEXPLORE.EXE" %1 (Microsoft Corporation)
htmlfile [print] -- "C:\Program Files\Excel Viewer\OFFICE11\msohtmed.exe" /p %1 File not found
http [open] -- "C:\Program Files\Internet Explorer\IEXPLORE.EXE" -nohome (Microsoft Corporation)
https [open] -- "C:\Program Files\Internet Explorer\IEXPLORE.EXE" -nohome (Microsoft Corporation)
piffile [open] -- "%1" %* File not found
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1" File not found
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l (Microsoft Corporation)
scrfile [open] -- "%1" /S File not found
txtfile [edit] -- Reg Error: Key error.
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\IEXPLORE.EXE" %1 (Microsoft Corporation)
CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- "C:\Program Files\Internet Explorer\iexplore.exe" (Microsoft Corporation)

========== Security Center Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"AntiVirusDisableNotify" = 0
"FirewallDisableNotify" = 0
"UpdatesDisableNotify" = 0
"AntiVirusOverride" = 0
"FirewallOverride" = 0

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1
"DoNotAllowExceptions" = 0
"DisableNotifications" = 0

========== Authorized Applications List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
"%windir%\Network Diagnostic\xpnetdiag.exe" = %windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000 -- (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"%windir%\Network Diagnostic\xpnetdiag.exe" = %windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000 -- (Microsoft Corporation)
"C:\WINDOWS\system32\fxsclnt.exe" = C:\WINDOWS\system32\fxsclnt.exe:*:Enabled:Microsoft Fax Console -- (Microsoft Corporation)
"C:\Program Files\AVG\AVG8\avgam.exe" = C:\Program Files\AVG\AVG8\avgam.exe:*:Enabled:avgam.exe -- (AVG Technologies CZ, s.r.o.)
"C:\Program Files\AVG\AVG8\avgdiag.exe" = C:\Program Files\AVG\AVG8\avgdiag.exe:*:Enabled:avgdiag.exe -- (AVG Technologies CZ, s.r.o.)
"C:\Program Files\AVG\AVG8\avgdiagex.exe" = C:\Program Files\AVG\AVG8\avgdiagex.exe:*:Enabled:avgdiagex.exe -- (AVG Technologies CZ, s.r.o.)
"C:\Program Files\AVG\AVG8\avgemc.exe" = C:\Program Files\AVG\AVG8\avgemc.exe:*:Enabled:avgemc.exe -- (AVG Technologies CZ, s.r.o.)
"C:\Program Files\AVG\AVG8\avgupd.exe" = C:\Program Files\AVG\AVG8\avgupd.exe:*:Enabled:avgupd.exe -- (AVG Technologies CZ, s.r.o.)
"C:\Program Files\AVG\AVG8\avgnsx.exe" = C:\Program Files\AVG\AVG8\avgnsx.exe:*:Enabled:avgnsx.exe -- (AVG Technologies CZ, s.r.o.)


========== HKEY_LOCAL_MACHINE Uninstall List ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{350C97B0-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{76EFAC4F-1712-401F-B2AE-590B170C9BCE}" = StartupMonitor
"{8A708DD8-A5E6-11D4-A706-000629E95E20}" = Intel® 845G Chipset Graphics Driver Software
"{90840409-6000-11D3-8CFE-0150048383C9}" = Microsoft Office Excel Viewer 2003
"{90850409-6000-11D3-8CFE-0150048383C9}" = Microsoft Office Word Viewer 2003
"{90AF0409-6000-11D3-8CFE-0150048383C9}" = Microsoft Office PowerPoint Viewer 2003
"{A1B7B9B3-E1D2-41CA-9B4A-F18DC2710704}" = Microsoft Works 6.0
"{CDDCBBF1-2703-46BC-938B-BCC81A1EEAAA}" = SUPERAntiSpyware Free Edition
"{D692E771-F6CC-11D4-83DE-004F4E03F091}" = Zoner Draw 3
"{DC19E750-988B-4005-A355-85EF66055EFE}" = Works Suite OS Pack
"{E2883E8F-472F-4fb0-9522-AC9BF37916A7}" = Adobe Download Manager
"{F0A37341-D692-11D4-A984-009027EC0A9C}" = SoundMAX
"{F45298E5-0083-426F-A668-1A2C5F04B8A0}" = FaxTools
"Adobe Acrobat 5.0" = Adobe Acrobat 5.0
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Adobe Shockwave Player" = Adobe Shockwave Player 11.5
"AVG8Uninstall" = AVG 8.5
"BHODemon_is1" = BHODemon 2.0.0.23
"CCleaner" = CCleaner (remove only)
"Coupon Printer for Windows4.0" = Coupon Printer for Windows
"FontList" = FontList (remove only)
"HDValet" = HDValet
"HijackThis" = HijackThis 2.0.2
"HP Instant Support" = hp instant support
"hp learning adventure" = hp learning adventure
"HP Photo Printing Software" = HP Photo Printing Software
"IDNMitigationAPIs" = Microsoft Internationalized Domain Names Mitigation APIs
"ie7" = Windows Internet Explorer 7
"ie8" = Windows Internet Explorer 8
"Inactive HP Printer Drivers (Remove only)" = Inactive HP Printer Drivers (Remove only)
"IrfanView" = IrfanView (remove only)
"Lexmark 1200 Series" = Lexmark 1200 Series
"Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware
"Nero - Burning Rom!UninstallKey" = Nero OEM
"NLSDownlevelMapping" = Microsoft National Language Support Downlevel APIs
"NVIDIA" = NVIDIA Windows 2000/XP Display Drivers
"Picasa 3" = Picasa 3
"PS2" = PS2
"Python 1.5 combined Win32 extensions" = Python 1.5 combined Win32 extensions
"Python 1.5.2 (final)" = Python 1.5.2 (final)
"QuickTime" = QuickTime
"Shockwave" = Shockwave
"Tcl 8.0.5 for Windows" = Tcl 8.0.5 for Windows
"Windows Media Format Runtime" = Windows Media Format Runtime
"Windows Media Player" = Windows Media Player 10
"Windows XP Service Pack" = Windows XP Service Pack 3
"WinGTK-1.3_is1" = GTK+ 1.3.0-20030717-1 runtime environment
"WinPatrol" = WinPatrol 2009

========== Last 10 Event Log Errors ==========

[ Application Events ]
Error - 4/14/2008 4:12:45 AM | Computer Name = YOUR-M5D4U9R2UV | Source = Application Error | ID = 1000
Description = Faulting application acrord32.exe, version 5.1.0.216, faulting module
acrord32.exe, version 5.1.0.216, fault address 0x0002847f.

Error - 4/14/2008 5:28:32 AM | Computer Name = YOUR-M5D4U9R2UV | Source = Application Error | ID = 1000
Description = Faulting application iexplore.exe, version 6.0.2800.1106, faulting
module mshtml.dll, version 6.0.2800.1561, fault address 0x00178c66.

Error - 4/14/2008 7:32:30 AM | Computer Name = YOUR-M5D4U9R2UV | Source = COM+ | ID = 135761
Description = The run-time environment has detected an inconsistency in its internal
state. This indicates a potential instability in the process that could be caused
by the custom components running in the COM+ application, the components they make
use of, or other factors. Error in d:\nt_qxp\com\com1x\src\comsvcs\package\cpackage.cpp(1184),
hr = 80070422: InitEventCollector fail

Error - 4/18/2008 2:01:06 AM | Computer Name = YOUR-M5D4U9R2UV | Source = Application Error | ID = 1000
Description = Faulting application ad-aware2007.exe, version 7.0.2.7, faulting module
, version 0.0.0.0, fault address 0x00000000.

Error - 10/1/2008 2:44:42 AM | Computer Name = YOUR-M5D4U9R2UV | Source = Application Error | ID = 1000
Description = Faulting application iexplore.exe, version 6.0.2800.1106, faulting
module mshtml.dll, version 6.0.2800.1561, fault address 0x00175a6a.

Error - 10/1/2008 2:49:24 AM | Computer Name = YOUR-M5D4U9R2UV | Source = Application Error | ID = 1000
Description = Faulting application iexplore.exe, version 6.0.2800.1106, faulting
module mshtml.dll, version 6.0.2800.1561, fault address 0x00175e2a.

Error - 10/1/2008 2:53:23 AM | Computer Name = YOUR-M5D4U9R2UV | Source = Application Error | ID = 1000
Description = Faulting application iexplore.exe, version 6.0.2800.1106, faulting
module mshtml.dll, version 6.0.2800.1561, fault address 0x00175e2a.

Error - 10/1/2008 2:54:41 AM | Computer Name = YOUR-M5D4U9R2UV | Source = Application Error | ID = 1000
Description = Faulting application iexplore.exe, version 6.0.2800.1106, faulting
module mshtml.dll, version 6.0.2800.1561, fault address 0x00175e2a.

Error - 10/1/2008 2:55:41 AM | Computer Name = YOUR-M5D4U9R2UV | Source = Application Error | ID = 1000
Description = Faulting application iexplore.exe, version 6.0.2800.1106, faulting
module mshtml.dll, version 6.0.2800.1561, fault address 0x00178e92.

Error - 10/22/2008 12:41:12 AM | Computer Name = YOUR-M5D4U9R2UV | Source = Microsoft Fax | ID = 32092
Description = The Fax service failed to receive a fax. From: . CallerId: . To: Fax.
Pages:
0. Device Name: Lucent Win Modem.

[ System Events ]
Error - 9/18/2009 2:45:44 AM | Computer Name = YOUR-M5D4U9R2UV | Source = NetBT | ID = 4311
Description = Initialization failed because the driver device could not be created.

Error - 9/18/2009 2:46:48 AM | Computer Name = YOUR-M5D4U9R2UV | Source = Service Control Manager | ID = 7026
Description = The following boot-start or system-start driver(s) failed to load:
AvgLdx86

Error - 9/18/2009 2:37:58 PM | Computer Name = YOUR-M5D4U9R2UV | Source = Dhcp | ID = 1000
Description = Your computer has lost the lease to its IP address 68.94.180.227 on
the Network Card with network address 00402B32B879.

Error - 9/18/2009 2:48:04 PM | Computer Name = YOUR-M5D4U9R2UV | Source = Dhcp | ID = 1002
Description = The IP address lease 192.168.1.64 for the Network Card with network
address 00402B32B879 has been denied by the DHCP server 192.168.0.1 (The DHCP Server
sent a DHCPNACK message).

Error - 9/18/2009 2:48:20 PM | Computer Name = YOUR-M5D4U9R2UV | Source = Dhcp | ID = 1002
Description = The IP address lease 192.168.1.64 for the Network Card with network
address 00402B32B879 has been denied by the DHCP server 192.168.0.1 (The DHCP Server
sent a DHCPNACK message).

Error - 9/18/2009 3:29:25 PM | Computer Name = YOUR-M5D4U9R2UV | Source = Dhcp | ID = 1000
Description = Your computer has lost the lease to its IP address 68.94.188.234 on
the Network Card with network address 00402B32B879.

Error - 9/18/2009 3:29:46 PM | Computer Name = YOUR-M5D4U9R2UV | Source = Dhcp | ID = 1002
Description = The IP address lease 192.168.1.64 for the Network Card with network
address 00402B32B879 has been denied by the DHCP server 192.168.0.1 (The DHCP Server
sent a DHCPNACK message).

Error - 9/18/2009 5:28:04 PM | Computer Name = YOUR-M5D4U9R2UV | Source = Dhcp | ID = 1000
Description = Your computer has lost the lease to its IP address 68.93.33.137 on
the Network Card with network address 00402B32B879.

Error - 9/18/2009 9:26:53 PM | Computer Name = YOUR-M5D4U9R2UV | Source = Dhcp | ID = 1000
Description = Your computer has lost the lease to its IP address 192.168.1.64 on
the Network Card with network address 00402B32B879.

Error - 9/18/2009 9:30:03 PM | Computer Name = YOUR-M5D4U9R2UV | Source = Dhcp | ID = 1002
Description = The IP address lease 192.168.1.64 for the Network Card with network
address 00402B32B879 has been denied by the DHCP server 192.168.0.1 (The DHCP Server
sent a DHCPNACK message).


< End of report >


OTL logfile created on: 9/18/2009 9:44:17 PM - Run 1
OTL by OldTimer - Version 3.0.14.0 Folder = C:\Documents and Settings\Owner\Desktop
Windows XP Home Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

125.98 Mb Total Physical Memory | 17.61 Mb Available Physical Memory | 13.97% Memory free
489.61 Mb Paging File | 338.21 Mb Available in Paging File | 69.08% Paging File free
Paging file location(s): C:\pagefile.sys 0 0 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 32.42 Gb Total Space | 19.27 Gb Free Space | 59.46% Space Free | Partition Type: NTFS
Drive D: | 4.87 Gb Total Space | 1.07 Gb Free Space | 21.99% Space Free | Partition Type: FAT32
E: Drive not present or media not loaded
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded

Computer Name: YOUR-M5D4U9R2UV
Current User Name: DIVA
Logged in as Administrator.

Current Boot Mode: Normal
Scan Mode: All users
Company Name Whitelist: Off
Skip Microsoft Files: Off
File Age = 30 Days
Output = Standard

========== Processes (SafeList) ==========

PRC - [2006/04/17 12:42:14 | 00,311,296 | ---- | M] (Lexmark International, Inc.) -- C:\WINDOWS\System32\LEXBCES.EXE
PRC - [2006/04/17 12:41:24 | 00,174,592 | ---- | M] (Lexmark International, Inc.) -- C:\WINDOWS\System32\LEXPPS.EXE
PRC - [2008/04/13 19:12:19 | 01,033,728 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\Explorer.EXE
PRC - [1998/05/07 18:04:38 | 00,052,736 | ---- | M] (Hewlett-Packard Company) -- C:\windows\system\hpsysdrv.exe
PRC - [2001/07/06 22:56:56 | 00,061,440 | ---- | M] (Hewlett-Packard Company) -- C:\HP\KBD\KBD.EXE
PRC - [2002/03/16 00:51:02 | 00,028,672 | ---- | M] () -- C:\WINDOWS\System32\S3apphk.exe
PRC - [2009/06/01 11:41:11 | 00,341,312 | ---- | M] (BillP Studios) -- C:\Program Files\Win-Patrol\WinPatrol\winpatrol.exe
PRC - [2009/03/08 14:09:26 | 00,638,816 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Internet Explorer\iexplore.exe
PRC - [2009/03/08 14:09:26 | 00,638,816 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Internet Explorer\iexplore.exe
PRC - [2009/09/18 21:42:58 | 00,514,560 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Owner\Desktop\OTL.exe

========== Win32 Services (SafeList) ==========

SRV - [2009/08/30 17:00:25 | 00,908,056 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG8\avgemc.exe -- (avg8emc [Disabled | Stopped])
SRV - [2009/08/30 17:00:20 | 00,297,752 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG8\avgwdsvc.exe -- (avg8wd [Disabled | Stopped])
SRV - [2009/08/07 12:43:04 | 00,045,816 | ---- | M] (NOS Microsystems Ltd.) -- C:\Program Files\NOS\bin\getPlus_Helper.dll -- (getPlusHelper [Disabled | Stopped])
SRV - [2008/11/20 14:18:52 | 00,136,120 | ---- | M] (Google) -- C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe -- (gusvc [Disabled | Stopped])
SRV - [2008/04/13 19:12:02 | 00,038,400 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\PCHealth\HelpCtr\Binaries\pchsvc.dll -- (helpsvc [Disabled | Stopped])
SRV - [2006/04/17 12:42:14 | 00,311,296 | ---- | M] (Lexmark International, Inc.) -- C:\WINDOWS\System32\LEXBCES.EXE -- (LexBceS [Auto | Running])
SRV - [2002/03/09 18:53:00 | 00,061,440 | ---- | M] (NVIDIA Corporation) -- C:\WINDOWS\System32\nvsvc32.exe -- (NVSvc [Disabled | Stopped])
SRV - [2003/07/28 11:28:22 | 00,089,136 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE -- (ose [On_Demand | Stopped])
SRV - [2009/01/07 18:21:00 | 00,026,144 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\spupdsvc.exe -- (spupdsvc [On_Demand | Stopped])
SRV - [2004/09/22 18:46:10 | 00,038,912 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\wdfmgr.exe -- (UMWdf [Disabled | Stopped])

========== Driver Services (SafeList) ==========

DRV - [2009/08/30 17:03:33 | 00,335,240 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\WINDOWS\System32\Drivers\avgldx86.sys -- (AvgLdx86 [System | Stopped])
DRV - [2009/08/30 17:03:28 | 00,027,784 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\WINDOWS\System32\Drivers\avgmfx86.sys -- (AvgMfx86 [System | Running])
DRV - [2009/08/30 17:04:05 | 00,012,552 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\WINDOWS\System32\Drivers\avgrkx86.sys -- (AvgRkx86 [Boot | Running])
DRV - [2009/08/30 17:04:03 | 00,108,552 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\WINDOWS\System32\Drivers\avgtdix.sys -- (AvgTdiX [System | Running])
DRV - [2001/08/17 14:12:10 | 00,117,760 | ---- | M] (Intel Corporation) -- C:\WINDOWS\System32\DRIVERS\e100b325.sys -- (E100B [On_Demand | Stopped])
DRV - [2008/04/13 13:45:29 | 00,010,624 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\DRIVERS\gameenum.sys -- (gameenum [On_Demand | Running])
DRV - [2001/08/08 15:13:36 | 00,158,140 | ---- | M] (Intel® Corporation) -- C:\WINDOWS\System32\DRIVERS\i81xnt5.sys -- (i81x [On_Demand | Running])
DRV - [2001/08/08 15:13:30 | 00,012,479 | ---- | M] (Intel® Corporation) -- C:\WINDOWS\System32\DRIVERS\wADV01nt.sys -- (iAimFP0 [On_Demand | Stopped])
DRV - [2001/08/08 15:13:30 | 00,012,031 | ---- | M] (Intel® Corporation) -- C:\WINDOWS\System32\DRIVERS\wADV02NT.sys -- (iAimFP1 [On_Demand | Stopped])
DRV - [2001/08/08 15:13:30 | 00,011,679 | ---- | M] (Intel® Corporation) -- C:\WINDOWS\System32\DRIVERS\wADV05NT.sys -- (iAimFP2 [On_Demand | Stopped])
DRV - [2001/08/08 15:13:28 | 00,011,999 | ---- | M] (Intel® Corporation) -- C:\WINDOWS\System32\DRIVERS\wSiINTxx.sys -- (iAimFP3 [On_Demand | Stopped])
DRV - [2001/08/08 15:13:28 | 00,019,359 | ---- | M] (Intel® Corporation) -- C:\WINDOWS\System32\DRIVERS\wVchNTxx.sys -- (iAimFP4 [On_Demand | Stopped])
DRV - [2001/08/08 15:13:24 | 00,029,215 | ---- | M] (Intel® Corporation) -- C:\WINDOWS\System32\DRIVERS\wATV01nt.sys -- (iAimTV0 [On_Demand | Stopped])
DRV - [2001/08/08 15:13:24 | 00,019,199 | ---- | M] (Intel® Corporation) -- C:\WINDOWS\System32\DRIVERS\wATV02NT.sys -- (iAimTV1 [On_Demand | Stopped])
DRV - [2001/08/08 15:13:26 | 00,033,503 | ---- | M] (Intel® Corporation) -- C:\WINDOWS\System32\DRIVERS\wATV04nt.sys -- (iAimTV3 [On_Demand | Stopped])
DRV - [2001/08/08 15:13:24 | 00,023,519 | ---- | M] (Intel® Corporation) -- C:\WINDOWS\System32\DRIVERS\wCh7xxNT.sys -- (iAimTV4 [On_Demand | Stopped])
DRV - [2002/03/27 17:16:08 | 00,077,181 | ---- | M] (Intel Corporation) -- C:\WINDOWS\System32\DRIVERS\ialmnt5.sys -- (ialm [On_Demand | Stopped])
DRV - [2003/03/31 15:29:00 | 00,625,537 | ---- | M] (LT) -- C:\WINDOWS\System32\DRIVERS\ltmdmnt.sys -- (ltmodem5 [On_Demand | Running])
DRV - [2001/08/17 23:00:04 | 00,002,944 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\msmpu401.sys -- (ms_mpu401 [On_Demand | Running])
DRV - [2002/03/09 18:53:00 | 00,909,501 | ---- | M] (NVIDIA Corporation) -- C:\WINDOWS\System32\DRIVERS\nv4_mini.sys -- (nv [On_Demand | Stopped])
DRV - [2001/08/17 14:50:26 | 00,731,648 | ---- | M] (NVIDIA Corporation) -- C:\WINDOWS\System32\DRIVERS\nv4.sys -- (nv4 [On_Demand | Stopped])
DRV - [2001/12/07 23:26:00 | 00,013,502 | ---- | M] (NVIDIA Corporation) -- C:\WINDOWS\System32\DRIVERS\nv_agp.sys -- (nv_agp [Boot | Running])
DRV - [2000/03/23 06:42:24 | 00,044,192 | ---- | M] (PC-Doctor Inc.) -- C:\WINDOWS\System32\drivers\PcdrNt.sys -- (PcdrNt [On_Demand | Stopped])
DRV - [2002/03/26 20:20:22 | 00,013,780 | ---- | M] (Padus, Inc.) -- C:\WINDOWS\System32\drivers\pfc.sys -- (pfc [On_Demand | Running])
DRV - [2001/06/04 15:00:00 | 00,014,112 | ---- | M] (Hewlett-Packard Company) -- C:\WINDOWS\System32\DRIVERS\PS2.sys -- (Ps2 [On_Demand | Running])
DRV - [2001/08/18 07:00:00 | 00,017,792 | ---- | M] (Parallel Technologies, Inc.) -- C:\WINDOWS\System32\DRIVERS\ptilink.sys -- (Ptilink [On_Demand | Running])
DRV - [2008/11/20 14:19:06 | 00,043,872 | ---- | M] (Sonic Solutions) -- C:\WINDOWS\System32\Drivers\PxHelp20.sys -- (PxHelp20 [Boot | Running])
DRV - [2004/08/04 00:31:32 | 00,020,992 | ---- | M] (Realtek Semiconductor Corporation) -- C:\WINDOWS\System32\DRIVERS\RTL8139.SYS -- (rtl8139 [On_Demand | Running])
DRV - [2009/08/05 16:06:28 | 00,009,968 | ---- | M] (SUPERAdBlocker.com and SUPERAntiSpyware.com) -- C:\Program Files\SUPERAntiSpyware\SASDIFSV.SYS -- (SASDIFSV [System | Running])
DRV - [2009/08/05 16:06:30 | 00,007,408 | R--- | M] ( SUPERAdBlocker.com and SUPERAntiSpyware.com) -- C:\Program Files\SUPERAntiSpyware\SASENUM.SYS -- (SASENUM [On_Demand | Stopped])
DRV - [2009/08/05 16:06:28 | 00,074,480 | ---- | M] (SUPERAdBlocker.com and SUPERAntiSpyware.com) -- C:\Program Files\SUPERAntiSpyware\SASKUTIL.sys -- (SASKUTIL [System | Running])
DRV - [2008/04/13 11:39:15 | 00,020,480 | ---- | M] (Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K.) -- C:\WINDOWS\System32\DRIVERS\secdrv.sys -- (Secdrv [On_Demand | Stopped])
DRV - [2002/03/19 04:18:26 | 00,187,520 | ---- | M] (Silicon Integrated Systems Corporation) -- C:\WINDOWS\System32\DRIVERS\sisgrp.sys -- (SiS315 [On_Demand | Stopped])
DRV - [2001/12/27 05:52:58 | 00,027,136 | ---- | M] (Silicon Integrated Systems Corporation) -- C:\WINDOWS\System32\DRIVERS\SISAGP.sys -- (SISAGP [Boot | Running])
DRV - [2001/11/29 13:54:08 | 00,411,368 | ---- | M] (Analog Devices, Inc.) -- C:\WINDOWS\System32\drivers\smwdm.sys -- (smwdm [On_Demand | Running])
DRV - [2006/08/06 23:16:00 | 00,076,560 | ---- | M] (Trend Micro Inc.) -- C:\WINDOWS\System32\drivers\tmcomm.sys -- (tmcomm [Disabled | Stopped])
DRV - [2002/03/21 00:35:56 | 00,144,860 | ---- | M] (VIA Technologies, Inc.) -- C:\WINDOWS\System32\DRIVERS\trid3dm.sys -- (trid3d [On_Demand | Stopped])
DRV - [2002/03/27 17:17:10 | 00,087,648 | ---- | M] (Intel Corporation) -- C:\WINDOWS\System32\drivers\ialmsbw.sys -- ({6080A529-897E-4629-A488-ABA0C29B635E} [On_Demand | Stopped])
DRV - [2002/03/27 17:17:20 | 00,069,472 | ---- | M] (Intel Corporation) -- C:\WINDOWS\System32\drivers\ialmkchw.sys -- ({D31A0762-0CEB-444e-ACFF-B049A1F6FE91} [On_Demand | Stopped])

========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = [binary data]
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Extensions Off Page = about:NoAdd-ons
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\WINDOWS\system32\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Security Risk Page = about:SecurityRisk
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,CustomizeSearch = http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchcust.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchasst.htm


IE - HKU\.DEFAULT\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-18\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-20\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-21-2355909145-1709136994-1300003180-1003\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\WINDOWS\system32\blank.htm
IE - HKU\S-1-5-21-2355909145-1709136994-1300003180-1003\SOFTWARE\Microsoft\Internet Explorer\Main,Page_Transitions = 1
IE - HKU\S-1-5-21-2355909145-1709136994-1300003180-1003\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = www.google.com
IE - HKU\S-1-5-21-2355909145-1709136994-1300003180-1003\SOFTWARE\Microsoft\Internet Explorer\Main,SearchMigratedDefaultName = Google
IE - HKU\S-1-5-21-2355909145-1709136994-1300003180-1003\SOFTWARE\Microsoft\Internet Explorer\Main,SearchMigratedDefaultURL = http://www.google.com/search?q={searchTerm...tf8&oe=utf8
IE - HKU\S-1-5-21-2355909145-1709136994-1300003180-1003\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = about:blank
IE - URLSearchHook: *{CFBFAE00-17A6-11D0-99CB-00C04FD64497} - Reg Error: Key error. File not found
IE - URLSearchHook: {A3BC75A2-1F87-4686-AA43-5347D756017C} - C:\Program Files\AVG\AVG8\Toolbar\IEToolbar.dll ()
IE - HKU\S-1-5-21-2355909145-1709136994-1300003180-1003\S-1-5-21-2355909145-1709136994-1300003180-1003\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-2355909145-1709136994-1300003180-1003\S-1-5-21-2355909145-1709136994-1300003180-1003\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = 127.0.0.1



O1 HOSTS File: (618526 bytes) - C:\WINDOWS\System32\drivers\etc\Hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: 127.0.0.1 ad.a8.net
O1 - Hosts: 127.0.0.1 asy.a8ww.net
O1 - Hosts: 127.0.0.1 acezip.net #[SiteAdvisor.acezip.net]
O1 - Hosts: 127.0.0.1 www.acezip.net #[Win32/Adware.180Solutions]
O1 - Hosts: 127.0.0.1 phpadsnew.abac.com
O1 - Hosts: 127.0.0.1 a.abnad.net
O1 - Hosts: 127.0.0.1 b.abnad.net
O1 - Hosts: 127.0.0.1 c.abnad.net #[eTrust.Tracking.Cookie]
O1 - Hosts: 127.0.0.1 d.abnad.net
O1 - Hosts: 127.0.0.1 e.abnad.net
O1 - Hosts: 127.0.0.1 t.abnad.net
O1 - Hosts: 127.0.0.1 z.abnad.net
O1 - Hosts: 127.0.0.1 banners.absolpublisher.com
O1 - Hosts: 127.0.0.1 tracking.absolstats.com
O1 - Hosts: 127.0.0.1 adv.abv.bg
O1 - Hosts: 127.0.0.1 bimg.abv.bg
O1 - Hosts: 127.0.0.1 www2.a-counter.kiev.ua
O1 - Hosts: 127.0.0.1 track.acclaimnetwork.com
O1 - Hosts: 127.0.0.1 accuserveadsystem.com
O1 - Hosts: 127.0.0.1 www.accuserveadsystem.com
O1 - Hosts: 127.0.0.1 gtb5.acecounter.com
O1 - Hosts: 127.0.0.1 gtb19.acecounter.com
O1 - Hosts: 127.0.0.1 gtcc1.acecounter.com
O1 - Hosts: 127.0.0.1 gtp1.acecounter.com #[eTrust.Tracking.Cookie]
O1 - Hosts: 16469 more lines...
O3 - HKU\S-1-5-21-2355909145-1709136994-1300003180-1003\..\Toolbar\ShellBrowser: (no name) - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - No CLSID value found.
O3 - HKU\S-1-5-21-2355909145-1709136994-1300003180-1003\..\Toolbar\ShellBrowser: (&hp toolkit) - {B2847E28-5D7D-4DEB-8B67-05D28BCF79F5} - C:\HP\EXPLOREBAR\HPTOOLKT.DLL (Hewlett-Packard Company)
O3 - HKU\S-1-5-21-2355909145-1709136994-1300003180-1003\..\Toolbar\WebBrowser: (&hp toolkit) - {B2847E28-5D7D-4DEB-8B67-05D28BCF79F5} - C:\HP\EXPLOREBAR\HPTOOLKT.DLL (Hewlett-Packard Company)
O3 - HKU\S-1-5-21-2355909145-1709136994-1300003180-1003\..\Toolbar\WebBrowser: (AVG Security Toolbar) - {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - C:\Program Files\AVG\AVG8\Toolbar\IEToolbar.dll ()
O4 - HKLM..\Run: [hpsysdrv] c:\windows\system\hpsysdrv.exe (Hewlett-Packard Company)
O4 - HKLM..\Run: [KBD] C:\HP\KBD\KBD.EXE (Hewlett-Packard Company)
O4 - HKLM..\Run: [Lexmark 1200 Series] C:\Program Files\Lexmark 1200 Series\lxczbmgr.exe (Lexmark International, Inc.)
O4 - HKLM..\Run: [Malwarebytes Anti-Malware (reboot)] C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe (Malwarebytes Corporation)
O4 - HKLM..\Run: [PS2] C:\WINDOWS\System32\ps2.exe (Hewlett-Packard Company)
O4 - HKLM..\Run: [Recguard] C:\WINDOWS\SMINST\RECGUARD.EXE ()
O4 - HKLM..\Run: [S3apphk] C:\WINDOWS\System32\S3apphk.exe ()
O4 - HKLM..\Run: [WinPatrol] C:\Program Files\Win-Patrol\WinPatrol\winpatrol.exe (BillP Studios)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: dontdisplaylastusername = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticecaption =
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticetext =
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: shutdownwithoutlogon = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: undockwithoutlogon = 1
O7 - HKU\.DEFAULT\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\.DEFAULT\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-18\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-18\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-20\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-20\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-20_Classes\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-20_Classes\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O7 - HKU\S-1-5-21-2355909145-1709136994-1300003180-1003\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-21-2355909145-1709136994-1300003180-1003\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O7 - HKU\S-1-5-21-2355909145-1709136994-1300003180-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-21-2355909145-1709136994-1300003180-1003_Classes\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-21-2355909145-1709136994-1300003180-1003_Classes\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O8 - Extra context menu item: Add to Google Photos Screensa&ver - C:\WINDOWS\System32\GPhotos.scr (Google Inc.)
O9 - Extra 'Tools' menuitem : Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe File not found
O9 - Extra 'Tools' menuitem : @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000004 - C:\WINDOWS\System32\rsvpsp.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000005 - C:\WINDOWS\System32\rsvpsp.dll (Microsoft Corporation)
O15 - HKLM\..Trusted Domains: 215 domain(s) and sub-domain(s) not assigned to a zone.
O15 - HKU\.DEFAULT\..Trusted Domains: 81 domain(s) and sub-domain(s) not assigned to a zone.
O15 - HKU\S-1-5-18\..Trusted Domains: 81 domain(s) and sub-domain(s) not assigned to a zone.
O15 - HKU\S-1-5-21-2355909145-1709136994-1300003180-1003\..Trusted Domains: ([]msn in My Computer)
O15 - HKU\S-1-5-21-2355909145-1709136994-1300003180-1003\..Trusted Domains: microsoft.com ([*.update] http in Trusted sites)
O15 - HKU\S-1-5-21-2355909145-1709136994-1300003180-1003\..Trusted Domains: microsoft.com ([*.update] https in Trusted sites)
O15 - HKU\S-1-5-21-2355909145-1709136994-1300003180-1003\..Trusted Domains: microsoft.com ([www.update] http in Trusted sites)
O15 - HKU\S-1-5-21-2355909145-1709136994-1300003180-1003\..Trusted Domains: mycoupons.com ([]http in Trusted sites)
O15 - HKU\S-1-5-21-2355909145-1709136994-1300003180-1003\..Trusted Domains: mycoupons.com ([www] https in Trusted sites)
O15 - HKU\S-1-5-21-2355909145-1709136994-1300003180-1003\..Trusted Domains: mypoints.com ([]http in Trusted sites)
O15 - HKU\S-1-5-21-2355909145-1709136994-1300003180-1003\..Trusted Domains: mypoints.com ([www] https in Trusted sites)
O15 - HKU\S-1-5-21-2355909145-1709136994-1300003180-1003\..Trusted Domains: windowsupdate.com ([download] http in Trusted sites)
O15 - HKU\S-1-5-21-2355909145-1709136994-1300003180-1003\..Trusted Domains: 82 domain(s) and sub-domain(s) not assigned to a zone.
O16 - DPF: {166B1BCA-3F9C-11CF-8075-444553540000} http://download.macromedia.com/pub/shockwa...director/sw.cab (Shockwave ActiveX Control)
O16 - DPF: {3E68E405-C6DE-49FF-83AE-41EE9F4C36CE} Reg Error: Value error. (Reg Error: Key error.)
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} http://update.microsoft.com/microsoftupdat...b?1239078844765 (WUWebControl Class)
O16 - DPF: {8100D56A-5661-482C-BEE8-AFECE305D968} http://upload.facebook.com/controls/2009.0...oUploader55.cab (Facebook Photo Uploader 5 Control)
O16 - DPF: {9732FB42-C321-11D1-836F-00A0C993F125} http://www.pcpitstop.com/mhLbl.cab (mhLabel Class)
O16 - DPF: {9F1C11AA-197B-4942-BA54-47A8489BB47F} Reg Error: Value error. (Reg Error: Key error.)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload.macromedia.com/get/flash...ent/swflash.cab (Shockwave Flash Object)
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab (get_atlcom Class)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.0.1 192.168.0.1
O18 - Protocol\Handler\http\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\http\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\https\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\https\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\ipp - No CLSID value found
O18 - Protocol\Handler\ipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\linkscanner {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG8\avgpp.dll (AVG Technologies CZ, s.r.o.)
O18 - Protocol\Handler\msdaipp - No CLSID value found
O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\msdaipp.dll (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\Explorer.exe (Microsoft Corporation)
O20 - Winlogon\Notify\!SASWinLogon: DllName - - File not found
O20 - Winlogon\Notify\avgrsstarter: DllName - - File not found
O20 - Winlogon\Notify\igfxcui: DllName - igfxsrvc.dll - C:\WINDOWS\System32\igfxsrvc.dll (Intel Corporation)
O20 - Winlogon\Notify\WRNotifier: DllName - - File not found
O24 - Desktop Components:0 (My Current Home Page) - About:Home
O28 - HKLM ShellExecuteHooks: {5AE067D3-9AFB-48E0-853A-EBB7F4A000DA} - C:\Program Files\SUPERAntiSpyware\SASSEH.DLL (SuperAdBlocker.com)
O31 - SafeBoot: AlternateShell - cmd.exe
O32 - HKLM CDRom: AutoRun - 0
O32 - AutoRun File - [2002/08/18 02:44:09 | 00,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O32 - AutoRun File - [2002/08/01 23:06:52 | 00,000,000 | ---- | M] () - C:\AUTOEXEC.CAM -- [ NTFS ]
O32 - AutoRun File - [2001/07/28 07:07:38 | 00,000,000 | ---- | M] () - D:\AUTOEXEC.BAT -- [ FAT32 ]
O34 - HKLM BootExecute: (autocheck) - File not found
O34 - HKLM BootExecute: (autochk) - C:\WINDOWS\System32\autochk.exe (Microsoft Corporation)
O34 - HKLM BootExecute: (*) - File not found

========== Files/Folders - Created Within 30 Days ==========

[2009/09/18 21:42:56 | 00,514,560 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\Owner\Desktop\OTL.exe
[2009/09/18 21:29:54 | 00,001,409 | ---- | C] () -- C:\WINDOWS\QTFont.for
[2009/09/18 21:29:53 | 00,054,156 | -H-- | C] () -- C:\WINDOWS\QTFont.qfn
[2009/09/18 01:54:19 | 00,000,000 | ---D | C] -- C:\rsit
[2009/09/18 01:52:32 | 00,781,909 | ---- | C] () -- C:\Documents and Settings\Owner\Desktop\RSIT.exe
[2009/09/17 23:19:53 | 00,000,707 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Malwarebytes' Anti-Malware.lnk
[2009/09/17 23:19:46 | 00,038,224 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbamswissarmy.sys
[2009/09/17 23:19:42 | 00,019,160 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbam.sys
[2009/09/17 23:19:40 | 00,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware
[2009/09/17 23:17:48 | 04,045,528 | ---- | C] (Malwarebytes Corporation ) -- C:\Documents and Settings\Owner\Desktop\mbam-setup.exe
[2009/09/17 14:28:46 | 00,009,233 | ---- | C] () -- C:\Documents and Settings\Owner\Desktop\UdidIt_Congrats.jpg
[2009/09/17 14:19:41 | 00,010,180 | ---- | C] () -- C:\Documents and Settings\Owner\Desktop\Congrats_Udid It.jpg
[2009/09/17 14:12:34 | 00,013,500 | ---- | C] () -- C:\Documents and Settings\Owner\Desktop\Congrats_loseGainLose wt.jpg
[2009/09/17 13:52:34 | 00,029,440 | ---- | C] () -- C:\Documents and Settings\Owner\Desktop\congratulations_myspace_graphics_02.jpg
[2009/09/17 13:36:57 | 00,174,313 | ---- | C] () -- C:\Documents and Settings\Owner\Desktop\dancing cat.gif
[2009/09/17 13:32:05 | 00,019,971 | ---- | C] () -- C:\Documents and Settings\Owner\Desktop\congratulations_myspace_graphics_02.gif
[2009/09/17 05:56:33 | 00,001,079 | ---- | C] () -- C:\Documents and Settings\Owner\Desktop\Shortcut to 1942._3D.jpg.lnk
[2009/09/16 23:39:51 | 00,011,074 | ---- | C] () -- C:\Documents and Settings\Owner\Desktop\Congratulations new hire.docx
[2009/09/16 23:16:51 | 00,096,806 | ---- | C] () -- C:\Documents and Settings\Owner\Desktop\FFA2B686-0F5F-48D2-8F2B-0B3A50D36D11.jpg
[2009/09/16 23:08:17 | 00,070,709 | ---- | C] () -- C:\Documents and Settings\Owner\Desktop\Party8_.jpg
[2009/09/16 23:00:04 | 00,022,391 | ---- | C] () -- C:\Documents and Settings\Owner\Desktop\FACEBOOK PIX ENHANCED.jpg
[2009/09/16 05:22:06 | 00,028,730 | ---- | C] () -- C:\Documents and Settings\Owner\Desktop\53000,1171143160,2_.gif
[2009/09/16 04:30:04 | 00,001,264 | ---- | C] () -- C:\Documents and Settings\Owner\Desktop\1228417399516089769j4p4n_cool_frame_-_1859_svg_med.gif
[2009/09/16 00:44:40 | 00,001,277 | ---- | C] () -- C:\Documents and Settings\Owner\Desktop\Attach.zip
[2009/09/16 00:26:14 | 00,359,932 | ---- | C] () -- C:\Documents and Settings\Owner\Desktop\dds.scr
[2009/09/14 05:47:38 | 00,135,149 | ---- | C] () -- C:\Documents and Settings\Owner\Desktop\Painting1a_irfan2.gif
[2009/09/14 05:45:05 | 00,134,190 | ---- | C] () -- C:\Documents and Settings\Owner\Desktop\Painting1a_irfan.gif
[2009/09/14 04:47:52 | 00,000,043 | ---- | C] () -- C:\Documents and Settings\Owner\Desktop\Painting1aframed2.gif
[2009/09/14 04:45:35 | 00,001,082 | ---- | C] () -- C:\Documents and Settings\Owner\Desktop\Painting1aFramed.bmp
[2009/09/14 04:06:57 | 00,026,032 | ---- | C] () -- C:\Documents and Settings\Owner\Desktop\BobTZ&me.jpg
[2009/09/14 04:02:49 | 00,046,620 | ---- | C] () -- C:\Documents and Settings\Owner\Desktop\Painting1a.jpg
[2009/09/14 03:46:03 | 00,032,758 | ---- | C] () -- C:\Documents and Settings\Owner\Desktop\Lilly_1a.bmp
[2009/09/14 03:45:30 | 00,032,278 | ---- | C] () -- C:\Documents and Settings\Owner\Desktop\Lilly_1.bmp
[2009/09/14 03:44:19 | 00,345,666 | ---- | C] () -- C:\Documents and Settings\Owner\Desktop\Painting2.bmp
[2009/09/14 03:44:00 | 00,345,666 | ---- | C] () -- C:\Documents and Settings\Owner\Desktop\Painting1.bmp
[2009/09/14 03:43:26 | 00,345,666 | ---- | C] () -- C:\Documents and Settings\Owner\Desktop\BobME &TZ.bmp
[2009/09/10 17:25:50 | 00,000,646 | ---- | C] () -- C:\Documents and Settings\Owner\Desktop\Shortcut to Collages (2).lnk
[2009/09/10 17:13:25 | 00,061,283 | ---- | C] () -- C:\Documents and Settings\Owner\Desktop\J&me4_editied.jpg
[2009/09/10 06:22:56 | 00,018,134 | ---- | C] () -- C:\Documents and Settings\Owner\Desktop\BirdcageSilhouhette_2.gif
[2009/09/09 18:43:28 | 00,208,896 | ---- | C] () -- C:\Documents and Settings\Owner\Desktop\Fall 2009 Scheduling Form (2)_.xls
[2009/09/09 02:22:20 | 00,000,907 | ---- | C] () -- C:\Documents and Settings\Owner\Desktop\Shortcut to Collages.jpg.lnk
[2009/09/08 23:47:08 | 08,036,352 | ---- | C] (Irfan Skiljan) -- C:\Documents and Settings\Owner\Desktop\irfanview_plugins_425_setup.exe
[2009/09/08 23:41:17 | 00,001,576 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\IrfanView Thumbnails.lnk
[2009/09/08 23:41:16 | 00,000,696 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\IrfanView.lnk
[2009/09/08 23:41:14 | 00,000,000 | ---D | C] -- C:\Program Files\IrfanView
[2009/09/08 23:23:02 | 01,359,360 | ---- | C] (Irfan Skiljan) -- C:\Documents and Settings\Owner\Desktop\iview425_setup.exe
[2009/09/08 20:51:19 | 00,064,265 | ---- | C] () -- C:\Documents and Settings\Owner\Desktop\FACEBOOK_K&me&A.Margie.jpg
[2009/09/08 20:50:25 | 00,070,895 | ---- | C] () -- C:\Documents and Settings\Owner\Desktop\FACEBOOK_alex.jpg
[2009/09/08 20:49:42 | 00,045,646 | ---- | C] () -- C:\Documents and Settings\Owner\Desktop\FACEBOOK_ K&Me.jpg
[2009/09/08 18:18:24 | 00,008,687 | ---- | C] () -- C:\Documents and Settings\Owner\Desktop\craftyBiochPnkFLAIR.jpg
[2009/09/08 18:17:19 | 00,008,880 | ---- | C] () -- C:\Documents and Settings\Owner\Desktop\UcraftyBiochFLAIR.jpg
[2009/09/08 18:16:28 | 00,007,116 | ---- | C] () -- C:\Documents and Settings\Owner\Desktop\craftyBiochFLAIR.jpg
[2009/09/08 18:15:15 | 00,005,547 | ---- | C] () -- C:\Documents and Settings\Owner\Desktop\CraftHoFLAIR.jpg
[2009/09/08 18:14:24 | 00,008,419 | ---- | C] () -- C:\Documents and Settings\Owner\Desktop\CraftW_attitudeFLAIR.jpg
[2009/09/08 18:13:07 | 00,007,105 | ---- | C] () -- C:\Documents and Settings\Owner\Desktop\SoManyIdeasFLAIR.jpg
[2009/09/08 18:11:23 | 00,007,948 | ---- | C] () -- C:\Documents and Settings\Owner\Desktop\the tudors flair.jpg
[2009/09/08 18:00:06 | 00,006,808 | ---- | C] () -- C:\Documents and Settings\Owner\Desktop\TrueThatFlair_1.jpg
[2009/09/08 17:45:56 | 00,055,813 | ---- | C] () -- C:\Documents and Settings\Owner\Desktop\TrueThatFLAIR2.jpg
[2009/09/08 16:44:27 | 00,020,217 | ---- | C] () -- C:\Documents and Settings\Owner\Desktop\AllIwntIs Jucy.jpg
[2009/09/08 16:41:13 | 00,041,855 | ---- | C] () -- C:\Documents and Settings\Owner\Desktop\multiBkgrnd6.jpg
[2009/09/08 16:40:48 | 00,031,531 | ---- | C] () -- C:\Documents and Settings\Owner\Desktop\multiBkgrnd5.jpg
[2009/09/08 16:40:29 | 00,030,901 | ---- | C] () -- C:\Documents and Settings\Owner\Desktop\multiRoseBkgrnd.jpg
[2009/09/08 16:38:59 | 00,041,093 | ---- | C] () -- C:\Documents and Settings\Owner\Desktop\antiqBkgrnd4.jpg
[2009/09/08 16:37:36 | 00,044,228 | ---- | C] () -- C:\Documents and Settings\Owner\Desktop\wildColorBkgrnd.jpg
[2009/09/08 16:37:17 | 00,031,503 | ---- | C] () -- C:\Documents and Settings\Owner\Desktop\butrflyBkgrnd.jpg
[2009/09/08 16:35:38 | 00,023,328 | ---- | C] () -- C:\Documents and Settings\Owner\Desktop\pastelMultiBkgrnd.jpg
[2009/09/08 16:34:46 | 00,039,300 | ---- | C] () -- C:\Documents and Settings\Owner\Desktop\multiFlwrBkgrnd.jpg
[2009/09/08 16:34:16 | 00,024,197 | ---- | C] () -- C:\Documents and Settings\Owner\Desktop\plum&multiBkgrnd.jpg
[2009/09/08 16:32:04 | 00,031,503 | ---- | C] () -- C:\Documents and Settings\Owner\Desktop\butrfly&flwrBkgrnd.jpg
[2009/09/08 16:31:27 | 00,035,525 | ---- | C] () -- C:\Documents and Settings\Owner\Desktop\grey&multiBkrnd.jpg
[2009/09/08 16:29:33 | 00,041,999 | ---- | C] () -- C:\Documents and Settings\Owner\Desktop\antiqBkgrnd.jpg
[2009/09/08 16:25:27 | 00,032,448 | ---- | C] () -- C:\Documents and Settings\Owner\Desktop\pnk&blkChandelierBKGRND.jpg
[2009/09/08 16:24:24 | 00,026,725 | ---- | C] () -- C:\Documents and Settings\Owner\Desktop\multiColorBkgrnd3.jpg
[2009/09/08 16:23:31 | 00,030,444 | ---- | C] () -- C:\Documents and Settings\Owner\Desktop\pnk&BlkBkgrnd.jpg
[2009/09/08 16:23:04 | 00,043,438 | ---- | C] () -- C:\Documents and Settings\Owner\Desktop\multiColorClocBkgrnd.jpg
[2009/09/08 16:19:41 | 00,017,885 | ---- | C] () -- C:\Documents and Settings\Owner\Desktop\ToilleBirds.jpg
[2009/09/08 16:19:24 | 00,015,956 | ---- | C] () -- C:\Documents and Settings\Owner\Desktop\antiqBird.jpg
[2009/09/08 16:17:07 | 00,018,242 | ---- | C] () -- C:\Documents and Settings\Owner\Desktop\pastlBkgrnd.jpg
[2009/09/08 16:16:09 | 00,034,895 | ---- | C] () -- C:\Documents and Settings\Owner\Desktop\multiColrBkgrnd2.jpg
[2009/09/08 16:15:14 | 00,037,966 | ---- | C] () -- C:\Documents and Settings\Owner\Desktop\multicolorFlowrBkgrnd.jpg
[2009/09/08 16:11:31 | 00,019,614 | ---- | C] () -- C:\Documents and Settings\Owner\Desktop\beigeButrflyBkgrnd.jpg
[2009/09/08 16:09:51 | 00,019,566 | ---- | C] () -- C:\Documents and Settings\Owner\Desktop\bluePatinaBkgrnd.jpg
[2009/09/08 16:07:03 | 00,034,895 | ---- | C] () -- C:\Documents and Settings\Owner\Desktop\multiBkgrnd.jpg
[2009/09/08 16:00:55 | 00,015,232 | ---- | C] () -- C:\Documents and Settings\Owner\Desktop\butterflyWallpaper.jpg
[2009/09/08 16:00:18 | 00,072,644 | ---- | C] () -- C:\Documents and Settings\Owner\Desktop\multiColorFlwr2Bkgrnd.jpg
[2009/09/08 15:58:25 | 00,030,305 | ---- | C] () -- C:\Documents and Settings\Owner\Desktop\vint.FlrwBlueBkgrnd.jpg
[2009/09/08 15:56:19 | 00,004,154 | ---- | C] () -- C:\Documents and Settings\Owner\Desktop\butterfly.jpg
[2009/09/08 15:53:33 | 00,003,650 | ---- | C] () -- C:\Documents and Settings\Owner\Desktop\birdcage.jpg
[2009/09/08 15:52:03 | 00,027,051 | ---- | C] () -- C:\Documents and Settings\Owner\Desktop\vintageFlowrCorner.jpg
[2009/09/08 15:50:51 | 00,015,146 | ---- | C] () -- C:\Documents and Settings\Owner\Desktop\blkWhimiscBkgrnd.jpg
[2009/09/08 15:49:06 | 00,041,093 | ---- | C] () -- C:\Documents and Settings\Owner\Desktop\antiqueFloralBkgrnd_.jpg
[2009/09/08 15:46:29 | 00,039,498 | ---- | C] () -- C:\Documents and Settings\Owner\Desktop\crackleDirtBkgrnd.jpg
[2009/09/08 15:46:10 | 00,031,445 | ---- | C] () -- C:\Documents and Settings\Owner\Desktop\MultiColorFloralBkgrnd.jpg
[2009/09/08 15:44:44 | 00,037,613 | ---- | C] () -- C:\Documents and Settings\Owner\Desktop\pinkFloralbkgrnd.jpg
[2009/09/08 15:44:19 | 00,046,003 | ---- | C] () -- C:\Documents and Settings\Owner\Desktop\pinkOrnge&whteBkgrnd.jpg
[2009/09/08 15:34:29 | 00,015,716 | ---- | C] () -- C:\Documents and Settings\Owner\Desktop\craftyMenRhot.jpg
[2009/09/07 20:23:24 | 00,072,192 | ---- | C] () -- C:\Documents and Settings\Owner\My Documents\Acupressure Info_.wps
[2009/09/07 16:51:28 | 00,071,246 | ---- | C] () -- C:\Documents and Settings\Owner\Desktop\chandelier7_.jpg
[2009/09/07 03:49:03 | 00,064,765 | ---- | C] () -- C:\Documents and Settings\Owner\Desktop\Paris SkyLine.jpg
[2009/09/07 03:46:44 | 00,012,904 | ---- | C] () -- C:\Documents and Settings\Owner\Desktop\Bkgrnd_pale blue2.jpg
[2009/09/07 03:46:17 | 00,000,360 | ---- | C] () -- C:\Documents and Settings\Owner\Desktop\Bkgrnd_pale blue.jpg
[2009/09/07 03:41:25 | 00,077,903 | ---- | C] () -- C:\Documents and Settings\Owner\Desktop\Bkgrnd_-Off-White.gif
[2009/09/07 03:37:44 | 00,000,043 | ---- | C] () -- C:\Documents and Settings\Owner\Desktop\Paris CityLine.gif
[2009/09/07 02:28:44 | 00,636,699 | ---- | C] () -- C:\Documents and Settings\Owner\Desktop\Printable Victorian Blk&Whte Objects.jpg
[2009/09/07 02:26:15 | 00,027,572 | ---- | C] () -- C:\Documents and Settings\Owner\Desktop\paisley clipart.gif
[2009/09/07 02:23:58 | 00,009,517 | ---- | C] () -- C:\Documents and Settings\Owner\Desktop\flower clipart.jpg
[2009/09/07 01:11:51 | 00,119,471 | ---- | C] () -- C:\Documents and Settings\Owner\Desktop\Copy of chandelier_Page2.jpg
[2009/09/07 01:11:51 | 00,054,298 | ---- | C] () -- C:\Documents and Settings\Owner\Desktop\Copy of Charm6.jpg
[2009/09/07 01:11:51 | 00,048,122 | ---- | C] () -- C:\Documents and Settings\Owner\Desktop\Copy of Charm4.jpg
[2009/09/07 01:08:58 | 00,086,828 | ---- | C] () -- C:\Documents and Settings\Owner\Desktop\Copy of chandelier40.jpg
[2009/09/07 01:08:58 | 00,044,352 | ---- | C] () -- C:\Documents and Settings\Owner\Desktop\Copy of chandelier38.jpg
[2009/09/07 01:08:58 | 00,042,729 | ---- | C] () -- C:\Documents and Settings\Owner\Desktop\Copy of chandelier37.jpg
[2009/09/07 01:08:58 | 00,031,961 | ---- | C] () -- C:\Documents and Settings\Owner\Desktop\Copy of chandelier39.jpg
[2009/09/06 23:25:21 | 00,001,961 | ---- | C] () -- C:\Documents and Settings\Owner\Desktop\chandelier_starburst1_square.jpg
[2009/09/06 23:21:12 | 00,001,233 | ---- | C] () -- C:\Documents and Settings\Owner\Desktop\chandelier_swirl5.jpg
[2009/09/06 23:08:51 | 00,001,180 | ---- | C] () -- C:\Documents and Settings\Owner\Desktop\chandelier_starburst4.jpg
[2009/09/06 23:08:06 | 00,003,301 | ---- | C] () -- C:\Documents and Settings\Owner\Desktop\chandelier_starburst2.jpg
[2009/09/06 23:07:01 | 00,002,790 | ---- | C] () -- C:\Documents and Settings\Owner\Desktop\chandelier_starburst1.jpg
[2009/09/06 22:51:57 | 00,006,190 | ---- | C] () -- C:\Documents and Settings\Owner\Desktop\chandelier_swirl4.jpg
[2009/09/06 22:51:51 | 00,008,252 | ---- | C] () -- C:\Documents and Settings\Owner\Desktop\chandelier_swirl3.jpg
[2009/09/06 22:51:39 | 00,008,310 | ---- | C] () -- C:\Documents and Settings\Owner\Desktop\chandelier_swirl2.jpg
[2009/09/06 22:46:47 | 00,003,134 | ---- | C] () -- C:\Documents and Settings\Owner\Desktop\Chandelier_swirl.jpg
[2009/09/06 20:38:42 | 00,095,447 | ---- | C] () -- C:\Documents and Settings\Owner\Desktop\aGeoPattern3.png
[2009/09/06 20:38:13 | 00,077,359 | ---- | C] () -- C:\Documents and Settings\Owner\Desktop\aGeoPattern2.png
[2009/09/06 20:37:43 | 00,077,359 | ---- | C] () -- C:\Documents and Settings\Owner\Desktop\aGeoPattern1.png
[2009/09/05 20:17:02 | 00,195,814 | ---- | C] () -- C:\Documents and Settings\Owner\My Documents\PETSmart Grooming $10 OFF.jpg
[2009/09/04 23:08:12 | 00,034,615 | ---- | C] () -- C:\Documents and Settings\Owner\Desktop\shapes4.png
[2009/09/04 23:07:45 | 00,034,775 | ---- | C] () -- C:\Documents and Settings\Owner\Desktop\shapes3.png
[2009/09/04 23:07:11 | 00,072,545 | ---- | C] () -- C:\Documents and Settings\Owner\Desktop\shape2_.png
[2009/09/04 23:06:46 | 00,018,749 | ---- | C] () -- C:\Documents and Settings\Owner\Desktop\shape2.png
[2009/09/04 23:04:33 | 00,016,220 | ---- | C] () -- C:\Documents and Settings\Owner\Desktop\shape1.png
[2009/09/04 05:03:21 | 00,000,000 | ---- | C] () -- C:\Documents and Settings\Owner\Desktop\LightShow COLLAGE1.jpg
[2009/09/04 03:12:23 | 00,061,779 | ---- | C] () -- C:\Documents and Settings\Owner\Desktop\FLAIR____.jpg
[2009/09/04 03:07:54 | 00,019,443 | ---- | C] () -- C:\Documents and Settings\Owner\Desktop\Bakgrnd15.jpg
[2009/09/04 02:55:59 | 00,009,726 | ---- | C] () -- C:\Documents and Settings\Owner\Desktop\bakgrnd10.jpg
[2009/09/04 02:46:32 | 00,267,918 | ---- | C] () -- C:\Documents and Settings\Owner\Desktop\RmIdea3.jpg
[2009/09/04 02:43:08 | 00,048,766 | ---- | C] () -- C:\Documents and Settings\Owner\Desktop\bakgrnd8.jpg
[2009/09/04 02:40:06 | 00,037,620 | ---- | C] () -- C:\Documents and Settings\Owner\Desktop\charm9.jpg
[2009/09/04 02:39:44 | 00,044,953 | ---- | C] () -- C:\Documents and Settings\Owner\Desktop\charm8.jpg
[2009/09/04 02:39:26 | 00,045,927 | ---- | C] () -- C:\Documents and Settings\Owner\Desktop\charm7.jpg
[2009/09/04 02:39:14 | 00,054,298 | ---- | C] () -- C:\Documents and Settings\Owner\Desktop\Charm6.jpg
[2009/09/04 02:38:56 | 00,048,122 | ---- | C] () -- C:\Documents and Settings\Owner\Desktop\Charm4.jpg
[2009/09/04 02:38:40 | 00,056,195 | ---- | C] () -- C:\Documents and Settings\Owner\Desktop\KeyCharm.jpg
[2009/09/04 02:37:48 | 00,081,631 | ---- | C] () -- C:\Documents and Settings\Owner\Desktop\L_crown.jpg
[2009/09/04 02:37:14 | 00,044,164 | ---- | C] () -- C:\Documents and Settings\Owner\Desktop\crown2.jpg
[2009/09/04 02:37:04 | 00,052,762 | ---- | C] () -- C:\Documents and Settings\Owner\Desktop\ShadowBox Charm.jpg
[2009/09/04 02:36:25 | 00,044,780 | ---- | C] () -- C:\Documents and Settings\Owner\Desktop\crownCharm.jpg
[2009/09/04 02:36:07 | 00,088,862 | ---- | C] () -- C:\Documents and Settings\Owner\Desktop\JewelryCharms.jpg
[2009/09/04 02:35:41 | 00,088,572 | ---- | C] () -- C:\Documents and Settings\Owner\Desktop\chandelier41.jpg
[2009/09/04 02:35:19 | 00,086,828 | ---- | C] () -- C:\Documents and Settings\Owner\Desktop\chandelier40.jpg
[2009/09/04 02:35:04 | 00,031,961 | ---- | C] () -- C:\Documents and Settings\Owner\Desktop\chandelier39.jpg
[2009/09/04 02:34:36 | 00,044,352 | ---- | C] () -- C:\Documents and Settings\Owner\Desktop\chandelier38.jpg
[2009/09/04 02:34:12 | 00,042,729 | ---- | C] () -- C:\Documents and Settings\Owner\Desktop\chandelier37.jpg
[2009/09/04 02:33:26 | 00,041,409 | ---- | C] () -- C:\Documents and Settings\Owner\Desktop\Bakgrnd6.jpg
[2009/09/04 02:31:23 | 00,189,005 | ---- | C] () -- C:\Documents and Settings\Owner\Desktop\bakgrnd5.jpg
[2009/09/04 02:31:14 | 00,328,660 | ---- | C] () -- C:\Documents and Settings\Owner\Desktop\bakgrnd4.jpg
[2009/09/04 02:30:55 | 00,123,866 | ---- | C] () -- C:\Documents and Settings\Owner\Desktop\bakgrnd3.jpg
[2009/09/04 02:30:29 | 00,119,471 | ---- | C] () -- C:\Documents and Settings\Owner\Desktop\chandelier_Page2.jpg
[2009/09/04 02:30:09 | 00,139,170 | ---- | C] () -- C:\Documents and Settings\Owner\Desktop\Bakgrnd.jpg
[2009/09/04 02:29:41 | 00,209,502 | ---- | C] () -- C:\Documents and Settings\Owner\Desktop\swirlGirlBkground.jpg
[2009/09/04 02:29:21 | 00,082,696 | ---- | C] () -- C:\Documents and Settings\Owner\Desktop\swanBkground.jpg
[2009/09/04 02:27:26 | 00,077,791 | ---- | C] () -- C:\Documents and Settings\Owner\Desktop\chandelier_Page.jpg
[2009/09/04 02:19:22 | 00,014,517 | ---- | C] () -- C:\Documents and Settings\Owner\Desktop\eiffelTower2.jpg
[2009/09/04 02:14:23 | 00,006,304 | ---- | C] () -- C:\Documents and Settings\Owner\Desktop\EiffelTower.jpg
[2009/09/04 02:10:51 | 00,038,108 | ---- | C] () -- C:\Documents and Settings\Owner\Desktop\ShabbyChicLight.jpg
[2009/09/04 02:06:41 | 00,065,094 | ---- | C] () -- C:\Documents and Settings\Owner\Desktop\RmIdea2.jpg
[2009/09/04 02:06:18 | 00,015,539 | ---- | C] () -- C:\Documents and Settings\Owner\Desktop\RmIdea.jpg
[2009/09/04 02:02:44 | 00,014,870 | ---- | C] () -- C:\Documents and Settings\Owner\Desktop\homecollage.jpg
[2009/09/03 21:15:16 | 00,013,520 | ---- | C] () -- C:\Documents and Settings\Owner\Desktop\Red Medalian.jpg
[2009/09/03 04:50:41 | 00,068,108 | -H-- | C] () -- C:\WINDOWS\System32\mlfcache.dat
[2009/09/03 02:44:36 | 00,009,200 | ---- | C] (Sonic Solutions) -- C:\WINDOWS\System32\drivers\cdralw2k.sys
[2009/09/03 02:44:36 | 00,009,072 | ---- | C] (Sonic Solutions) -- C:\WINDOWS\System32\drivers\cdr4_xp.sys
[2009/09/03 02:44:35 | 00,543,216 | ---- | C] (Sonic Solutions) -- C:\WINDOWS\System32\pxdrv.dll
[2009/09/03 02:44:35 | 00,088,560 | ---- | C] (Sonic Solutions) -- C:\WINDOWS\System32\vxblock.dll
[2009/09/03 02:44:35 | 00,072,176 | ---- | C] (Sonic Solutions) -- C:\WINDOWS\System32\pxhpinst.exe
[2009/09/03 02:44:34 | 00,379,376 | ---- | C] (Sonic Solutions) -- C:\WINDOWS\System32\pxwave.dll
[2009/09/03 02:44:34 | 00,186,864 | ---- | C] (Sonic Solutions) -- C:\WINDOWS\System32\pxmas.dll
[2009/09/03 02:44:33 | 00,588,272 | ---- | C] (Sonic Solutions) -- C:\WINDOWS\System32\px.dll
[2009/09/03 02:44:30 | 00,000,770 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Picasa 3.lnk
[2009/09/03 02:42:46 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\IOSUBSYS
[2009/09/03 02:41:48 | 00,000,000 | ---D | C] -- C:\Program Files\Google
[2009/09/03 02:37:42 | 10,053,112 | ---- | C] (Google Inc.) -- C:\Documents and Settings\Owner\Desktop\picasa3-setup.exe
[2009/09/03 01:27:06 | 00,000,000 | ---D | C] -- C:\Program Files\Excel Viewer
[2009/09/03 00:49:30 | 00,208,896 | ---- | C] () -- C:\Documents and Settings\Owner\Desktop\Fall 2009 Scheduling Form (2).xls
[2009/09/02 22:23:05 | 00,513,666 | ---- | C] () -- C:\Documents and Settings\Owner\Desktop\Copy of mini_schnauzer cut idea2.bmp
[2009/09/02 22:23:05 | 00,230,839 | ---- | C] () -- C:\Documents and Settings\Owner\Desktop\Copy of ZonedOut.zip
[2009/09/02 22:23:05 | 00,125,850 | ---- | C] () -- C:\Documents and Settings\Owner\Desktop\Copy of FlightofTheConcords.mp3
[2009/09/02 22:23:05 | 00,071,015 | ---- | C] () -- C:\Documents and Settings\Owner\Desktop\Copy of LZ_license.jpg
[2009/09/02 22:23:05 | 00,069,948 | ---- | C] () -- C:\Documents and Settings\Owner\Desktop\Copy of fotc_boom boom.mp3
[2009/09/02 22:23:05 | 00,055,064 | ---- | C] () -- C:\Documents and [2009/08/31 12:56:17 | 00,010,011 | ---- | C] () -- C:\Documents and Settings\Owner\Desktop\KidsIMarried1.jpg
[2009/08/31 12:55:20 | 00,010,538 | ---- | C] () -- C:\Documents and Settings\Owner\Desktop\MenHavFelnngs2.jpg
[2009/08/31 12:54:43 | 00,007,036 | ---- | C] () -- C:\Documents and Settings\Owner\Desktop\I BichTher4iAm.jpg
[2009/08/30 17:28:51 | 00,000,000 | -H-D | C] -- C:\$AVG8.VAULT$
[2009/08/30 17:04:25 | 00,001,518 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\AVG 8.5.lnk
[2009/08/30 17:04:06 | 00,011,952 | ---- | C] (AVG Technologies CZ, s.r.o.) -- C:\WINDOWS\System32\avgrsstx.dll
[2009/08/30 17:04:03 | 00,108,552 | ---- | C] (AVG Technologies CZ, s.r.o.) -- C:\WINDOWS\System32\drivers\avgtdix.sys
[2009/08/30 17:04:03 | 00,012,552 | ---- | C] (AVG Technologies CZ, s.r.o.) -- C:\WINDOWS\System32\drivers\avgrkx86.sys
[2009/08/30 17:03:33 | 00,335,240 | ---- | C] (AVG Technologies CZ, s.r.o.) -- C:\WINDOWS\System32\drivers\avgldx86.sys
[2009/08/30 17:03:28 | 00,027,784 | ---- | C] (AVG Technologies CZ, s.r.o.) -- C:\WINDOWS\System32\drivers\avgmfx86.sys
[2009/08/30 17:01:37 | 40,319,333 | ---- | C] () -- C:\WINDOWS\System32\drivers\Avg\incavi.avm
[2009/08/30 17:01:33 | 00,073,369 | ---- | C] () -- C:\WINDOWS\System32\drivers\Avg\microavi.avg
[2009/08/30 17:01:30 | 00,463,779 | ---- | C] () -- C:\WINDOWS\System32\drivers\Avg\miniavi.avg
[2009/08/30 17:01:23 | 06,061,540 | ---- | C] () -- C:\WINDOWS\System32\drivers\Avg\avi7.avg
[2009/08/30 17:01:23 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\drivers\Avg
[2009/08/30 17:01:08 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\AVG Security Toolbar
[2009/08/30 17:00:11 | 00,000,000 | ---D | C] -- C:\Program Files\AVG
[2009/08/30 17:00:04 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\avg8
[2009/08/30 16:51:58 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Owner\Application Data\AVG8
[2009/08/30 15:45:11 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\SUPERAntiSpyware.com
[2009/08/30 15:44:20 | 00,000,791 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\SUPERAntiSpyware Free Edition.lnk
[2009/08/30 15:42:56 | 00,000,000 | ---D | C] -- C:\Program Files\Common Files\Wise Installation Wizard
[2009/08/30 15:34:35 | 00,848,656 | ---- | C] (AVG Technologies) -- C:\Documents and Settings\Owner\My Documents\avg_avwt_stb_all_8_32.exe
[2009/08/30 15:33:18 | 06,881,824 | ---- | C] () -- C:\Documents and Settings\Owner\My Documents\SUPERAntiSpyware.exe
[2009/08/30 15:02:14 | 03,942,048 | ---- | C] (Malwarebytes Corporation ) -- C:\Documents and Settings\Owner\My Documents\mbam-setup.exe
[2009/08/30 05:33:26 | 00,000,000 | ---D | C] -- C:\Program Files\NOS
[2009/08/30 05:33:26 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\NOS
[2009/08/30 03:02:41 | 00,000,000 | ---D | C] -- C:\Program Files\CCleaner
[2009/08/30 02:09:42 | 00,003,991 | ---- | C] () -- C:\Documents and Settings\Owner\Desktop\hijackthis_8.30.09log
[2009/08/29 23:50:08 | 00,912,438 | ---- | C] () -- C:\Documents and Settings\Owner\Desktop\J&ME_paint.bmp
[2009/08/29 23:46:11 | 00,776,192 | ---- | C] () -- C:\Documents and Settings\Owner\My Documents\J&ME PIX.wps
[2009/08/29 23:10:49 | 00,912,438 | ---- | C] () -- C:\Documents and Settings\Owner\Desktop\J&me_revisedLast.bmp
[2009/08/29 22:33:50 | 00,036,273 | ---- | C] () -- C:\Documents and Settings\Owner\Desktop\J&me_spliced2.jpg
[2009/08/29 22:07:25 | 00,036,165 | ---- | C] () -- C:\Documents and Settings\Owner\Desktop\J&me_spliced.jpg
[2009/08/29 21:32:18 | 00,344,946 | ---- | C] () -- C:\Documents and Settings\Owner\Desktop\Lilly_8.09_4.bmp
[2009/08/29 21:31:49 | 00,344,946 | ---- | C] () -- C:\Documents and Settings\Owner\Desktop\Lilly_8.09_3.bmp
[2009/08/29 21:31:23 | 00,345,666 | ---- | C] () -- C:\Documents and Settings\Owner\Desktop\Lilly_8.09_2.bmp
[2009/08/29 21:30:49 | 00,345,666 | ---- | C] () -- C:\Documents and Settings\Owner\Desktop\Lilly_8.09.bmp
[2009/08/29 21:12:28 | 00,344,946 | ---- | C] () -- C:\Documents and Settings\Owner\Desktop\J&me6.bmp
[2009/08/29 21:00:18 | 00,106,959 | ---- | C] () -- C:\Documents and Settings\Owner\Desktop\J&me5.jpg
[2009/08/29 20:59:53 | 00,148,854 | ---- | C] () -- C:\Documents and Settings\Owner\Desktop\J&me4.jpg
[2009/08/29 20:59:36 | 00,118,727 | ---- | C] () -- C:\Documents and Settings\Owner\Desktop\J&me3.jpg
[2009/08/29 20:59:08 | 00,118,386 | ---- | C] () -- C:\Documents and Settings\Owner\Desktop\J&me2.jpg
[2009/08/29 20:58:19 | 00,113,632 | ---- | C] () -- C:\Documents and Settings\Owner\Desktop\J&me1.jpg
[2009/08/29 03:19:55 | 00,000,794 | ---- | C] () -- C:\Documents and Settings\Owner\Desktop\Internet Explorer (2).lnk
[2009/08/29 02:26:59 | 00,307,769 | ---- | C] () -- C:\Documents and Settings\Owner\Desktop\G&M_fb.jpg
[2009/08/29 01:48:39 | 00,030,140 | ---- | C] () -- C:\Documents and Settings\Owner\Desktop\G&M_.jpg
[2009/08/29 01:36:52 | 00,065,767 | ---- | C] () -- C:\Documents and Settings\Owner\Desktop\Mom&A_.jpg
[2009/08/29 01:15:52 | 00,082,681 | ---- | C] () -- C:\Documents and Settings\Owner\Desktop\MOM&J.jpg
[2009/08/27 23:29:45 | 00,000,000 | ---D | C] -- C:\WINDOWS\ie7updates
[2009/08/27 23:26:06 | 00,000,000 | ---D | C] -- C:\WINDOWS\WBEM
[2009/08/27 23:22:55 | 00,000,000 | -H-D | C] -- C:\WINDOWS\ie7
[2009/08/27 23:21:44 | 00,000,000 | -H-D | C] -- C:\WINDOWS\$NtServicePackUninstallIDNMitigationAPIs$
[2009/08/27 23:19:05 | 00,000,000 | -H-D | C] -- C:\WINDOWS\$NtServicePackUninstallNLSDownlevelMapping$
[2009/08/27 23:06:56 | 01,985,024 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\iertutil.dll
[2009/08/27 23:06:56 | 00,594,432 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msfeeds.dll
[2009/08/27 23:06:54 | 00,055,296 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msfeedsbs.dll
[2009/08/27 23:06:48 | 00,059,904 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\icardie.dll
[2009/08/27 23:06:48 | 00,013,824 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ieudinit.exe
[2009/08/27 23:06:39 | 00,445,952 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ieapfltr.dll
[2009/08/27 23:06:26 | 03,698,584 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ieapfltr.dat
[2009/08/27 23:06:25 | 01,241,088 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ieframe.dll.mui
[2009/08/27 23:06:09 | 11,063,808 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ieframe.dll
[2009/08/27 22:04:48 | 00,008,923 | ---- | C] () -- C:\Documents and Settings\Owner\Desktop\MomT&meXmas09_.jpg
[2009/08/27 22:02:37 | 00,007,630 | ---- | C] () -- C:\Documents and Settings\Owner\Desktop\Mom&meXmas09_.jpg
[2009/08/27 21:52:05 | 00,366,214 | ---- | C] () -- C:\Documents and Settings\Owner\Desktop\AlexPool.bmp
[2009/08/27 21:50:31 | 00,163,906 | ---- | C] () -- C:\Documents and Settings\Owner\Desktop\Lilly.bmp
[2009/08/27 21:48:02 | 00,163,906 | ---- | C] () -- C:\Documents and Settings\Owner\Desktop\MomT&meXmas09.bmp
[2009/08/27 21:46:45 | 00,163,906 | ---- | C] () -- C:\Documents and Settings\Owner\Desktop\Mom&meXmas09.bmp
[2009/08/27 05:32:16 | 00,006,889 | ---- | C] () -- C:\Documents and Settings\Owner\Desktop\Peace_Flair.jpg
[2009/08/27 02:43:30 | 00,035,085 | ---- | C] () -- C:\Documents and Settings\Owner\Desktop\Me&Teresa2.jpg
[2009/08/27 00:27:16 | 00,019,231 | ---- | C] () -- C:\Documents and Settings\Owner\Desktop\RayF'nSunshne.jpg
[2009/08/27 00:26:01 | 00,014,693 | ---- | C] () -- C:\Documents and Settings\Owner\Desktop\UrA_weenr.jpg
[[2009/08/26 00:12:50 | 00,000,000 | ---D | C] -- C:\WINDOWS\Sun
[2009/08/25 22:37:41 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\Adobe
[[2009/08/23 00:46:10 | 00,026,794 | ---- | C] () -- C:\Documents and Settings\Owner\Desktop\C.Diva3.jpg
[2009/08/22 23:48:31 | 00,028,984 | ---- | C] () -- C:\Documents and Settings\Owner\Desktop\C.Diva2.jpg
[2009/08/22 23:31:00 | 00,019,555 | ---- | C] () -- C:\Documents and Settings\Owner\Desktop\C.Diva1.jpg
[2009/08/20 23:06:54 | 00,042,450 | ---- | C] () -- C:\Documents and Settings\Owner\Desktop\BirdcageSilhouhette_2.jpg
[2009/08/20 22:43:41 | 00,012,223 | ---- | C] () -- C:\Documents and Settings\Owner\Desktop\AltrdArtAcidDolls_.JPG
[2009/08/20 20:52:36 | 00,000,536 | ---- | C] () -- C:\Documents and Settings\Owner\Desktop\Shortcut to GucciPattern2_URguci.bmp.lnk
[2009/08/20 20:52:29 | 00,000,506 | ---- | C] () -- C:\Documents and Settings\Owner\Desktop\Shortcut to GucciPattern2_.bmp.lnk
[2009/08/20 20:47:20 | 00,088,926 | ---- | C] () -- C:\Documents and Settings\Owner\Desktop\GucciPattern2_URguci.bmp
[2009/08/20 20:45:34 | 00,088,926 | ---- | C] () -- C:\Documents and Settings\Owner\Desktop\GucciPattern2_.bmp
[2009/08/20 20:13:03 | 00,199,680 | ---- | C] () -- C:\Documents and Settings\Owner\My Documents\URGucci_5_.wps
[2009/08/20 18:44:39 | 00,002,322 | ---- | C] () -- C:\Documents and Settings\Owner\Desktop\URGucci3.png
[2009/08/20 18:16:47 | 00,004,904 | ---- | C] () -- C:\Documents and Settings\Owner\Desktop\URGucci.png
[2009/08/20 17:26:38 | 00,211,266 | ---- | C] () -- C:\Documents and Settings\Owner\Desktop\GucciPattern2.bmp
[2009/08/20 17:24:54 | 00,095,066 | ---- | C] () -- C:\Documents and Settings\Owner\Desktop\GucciPattern.jpg
[2009/08/20 04:28:52 | 00,090,214 | ---- | C] () -- C:\Documents and Settings\Owner\Desktop\WallDecor_Idea_2.bmp
[2009/08/20 04:26:18 | 00,139,830 | ---- | C] () -- C:\Documents and Settings\Owner\Desktop\WallDecor_Idea_.bmp
[2009/08/20 03:30:58 | 00,087,750 | ---- | C] () -- C:\Documents and Settings\Owner\Desktop\AltrdArtAcidDolls1.bmp
[2009/08/20 03:22:31 | 00,000,526 | ---- | C] () -- C:\Documents and Settings\Owner\Desktop\Shortcut to AltrdArtAcidDolls_.bmp.lnk
[2009/08/20 02:24:18 | 00,360,054 | ---- | C] () -- C:\Documents and Settings\Owner\Desktop\WallDecor_Idea.bmp
[2009/08/20 02:09:48 | 00,173,466 | ---- | C] () -- C:\Documents and Settings\Owner\Desktop\GumWrapperWreath2.bmp
[2009/08/20 02:09:10 | 00,180,266 | ---- | C] () -- C:\Documents and Settings\Owner\Desktop\GumWrapperWreath1.bmp
[2009/08/20 01:07:04 | 00,024,354 | ---- | C] () -- C:\Documents and Settings\Owner\Desktop\EffngDishesPic_x2.bmp
[2009/08/20 01:06:33 | 00,097,254 | ---- | C] () -- C:\Documents and Settings\Owner\Desktop\EffngDishesPic_.bmp
[2009/08/20 00:36:00 | 00,007,349 | ---- | C] () -- C:\Documents and Settings\Owner\Desktop\StopSurfngPic_.png
[2009/08/20 00:31:33 | 00,091,638 | ---- | C] () -- C:\Documents and Settings\Owner\Desktop\LuvUWhorPic_.bmp
[2008/12/28 23:52:20 | 00,000,183 | ---- | C] () -- C:\WINDOWS\AWSHKWV.INI
[2007/10/28 17:30:32 | 00,000,453 | ---- | C] () -- C:\WINDOWS\lexstat.ini
[2007/10/28 17:30:25 | 00,000,100 | ---- | C] () -- C:\WINDOWS\dellstat.ini
[2006/11/28 01:59:27 | 00,684,032 | ---- | C] () -- C:\WINDOWS\System32\libeay32.dll
[2006/11/28 01:59:26 | 00,155,648 | ---- | C] () -- C:\WINDOWS\System32\ssleay32.dll
[2006/01/30 07:42:22 | 00,000,270 | ---- | C] () -- C:\WINDOWS\System32\lxczcoin.ini
[2005/03/07 02:28:16 | 00,000,116 | ---- | C] () -- C:\WINDOWS\NeroDigital.ini
[2005/02/07 06:09:42 | 00,000,006 | ---- | C] () -- C:\WINDOWS\dcstds3.dll
[2004/02/03 05:27:12 | 00,071,749 | ---- | C] () -- C:\WINDOWS\HCExtOutput.dll
[2003/08/19 04:36:39 | 00,000,754 | ---- | C] () -- C:\WINDOWS\WORDPAD.INI
[2003/06/24 03:40:45 | 00,011,776 | ---- | C] () -- C:\WINDOWS\System32\ZPORT4AS.dll
[2003/06/11 19:05:06 | 00,032,768 | ---- | C] () -- C:\WINDOWS\System32\tds3shl.dll
[2003/01/25 23:58:22 | 00,000,118 | ---- | C] () -- C:\WINDOWS\ALBUM.INI
[2002/11/13 02:40:22 | 00,040,960 | ---- | C] () -- C:\WINDOWS\System32\lxczvs.dll
[2002/10/03 21:19:19 | 00,000,000 | ---- | C] () -- C:\WINDOWS\MSDraw.ini
[2002/09/28 22:27:34 | 00,000,141 | ---- | C] () -- C:\WINDOWS\POSTER.INI
[2002/09/11 21:09:25 | 00,045,056 | ---- | C] () -- C:\WINDOWS\PANIC32.dll
[2002/09/11 21:09:25 | 00,040,960 | ---- | C] () -- C:\WINDOWS\PANICNT.dll
[2002/09/03 03:37:38 | 00,000,137 | ---- | C] () -- C:\WINDOWS\Weather.INI
[2002/09/02 21:40:08 | 00,057,344 | ---- | C] () -- C:\WINDOWS\System32\tlcsel32.dll
[2002/09/02 21:40:08 | 00,016,540 | ---- | C] () -- C:\WINDOWS\System32\tlcsel17.dll
[2002/08/28 02:37:48 | 00,000,004 | ---- | C] () -- C:\WINDOWS\uccspecb.sys
[2002/07/28 19:05:23 | 00,000,044 | ---- | C] () -- C:\WINDOWS\System32\msssc.dll
[2002/04/25 22:23:36 | 00,000,061 | ---- | C] () -- C:\WINDOWS\smscfg.ini
[2002/04/20 19:24:15 | 00,377,600 | ---- | C] () -- C:\WINDOWS\System32\BOCOLE.DLL
[2002/04/20 19:24:15 | 00,167,456 | ---- | C] () -- C:\WINDOWS\System32\Bocof.dll
[2002/04/20 19:16:42 | 00,045,056 | ---- | C] () -- C:\WINDOWS\System32\hpREG.DLL
[2002/04/20 19:16:42 | 00,024,576 | ---- | C] () -- C:\WINDOWS\System32\syscontr.dll
[2002/04/20 01:28:06 | 00,000,155 | ---- | C] () -- C:\WINDOWS\wininit.ini
[2002/04/20 01:19:46 | 00,019,968 | ---- | C] () -- C:\WINDOWS\System32\cpuinf32.dll
[2002/04/20 00:26:01 | 00,249,921 | ---- | C] () -- C:\WINDOWS\System32\PythonCOM15.dll
[2002/04/20 00:26:01 | 00,065,536 | ---- | C] () -- C:\WINDOWS\System32\PyWinTypes15.dll
[2002/04/20 00:25:32 | 00,016,896 | ---- | C] () -- C:\WINDOWS\System32\bcbmm.dll
[2002/04/19 23:20:31 | 00,000,901 | ---- | C] () -- C:\WINDOWS\orun32.ini
[2002/04/19 23:12:23 | 00,001,793 | ---- | C] () -- C:\WINDOWS\System32\fxsperf.ini
[2002/04/19 23:04:05 | 00,000,666 | ---- | C] () -- C:\WINDOWS\System32\oeminfo.ini
[2002/04/19 23:03:51 | 00,000,918 | ---- | C] () -- C:\WINDOWS\win.ini
[2002/04/19 23:03:49 | 00,000,259 | ---- | C] () -- C:\WINDOWS\system.ini
[2002/03/27 16:37:52 | 00,262,144 | ---- | C] () -- C:\WINDOWS\System32\shpshftr.dll
[2002/03/12 05:25:02 | 00,028,672 | ---- | C] () -- C:\WINDOWS\System32\igfxdgps.dll
[2001/10/28 17:42:30 | 00,116,224 | ---- | C] () -- C:\WINDOWS\System32\prnmnt.dll
[2001/08/08 15:13:22 | 00,012,351 | ---- | C] () -- C:\WINDOWS\System32\i81xcoin.dll
[1999/07/23 14:46:48 | 00,000,116 | ---- | C] () -- C:\WINDOWS\AuHCcup1.ini
[1999/07/23 11:53:20 | 00,129,536 | ---- | C] () -- C:\WINDOWS\AuHCcup1.dll
[1998/08/16 06:00:00 | 00,004,096 | ---- | C] () -- C:\WINDOWS\System32\sysres.dll

========== Files - Modified Within 30 Days ==========

[2009/09/18 21:42:58 | 00,514,560 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Owner\Desktop\OTL.exe
[2009/09/18 21:29:54 | 00,054,156 | -H-- | M] () -- C:\WINDOWS\QTFont.qfn
[2009/09/18 21:29:54 | 00,001,409 | ---- | M] () -- C:\WINDOWS\QTFont.for
[2009/09/18 01:52:36 | 00,781,909 | ---- | M] () -- C:\Documents and Settings\Owner\Desktop\RSIT.exe
[2009/09/18 01:46:33 | 00,000,189 | ---- | M] () -- C:\WINDOWS\System\hpsysdrv.DAT
[2009/09/18 01:45:16 | 00,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2009/09/17 23:19:53 | 00,000,707 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Malwarebytes' Anti-Malware.lnk
[2009/09/17 23:18:01 | 04,045,528 | ---- | M] (Malwarebytes Corporation ) -- C:\Documents and Settings\Owner\Desktop\mbam-setup.exe
[2009/09/17 14:27:58 | 00,009,233 | ---- | M] () -- C:\Documents and Settings\Owner\Desktop\UdidIt_Congrats.jpg
[2009/09/17 14:18:49 | 00,010,180 | ---- | M] () -- C:\Documents and Settings\Owner\Desktop\Congrats_Udid It.jpg
[2009/09/17 14:09:59 | 00,013,500 | ---- | M] () -- C:\Documents and Settings\Owner\Desktop\Congrats_loseGainLose wt.jpg
[2009/09/17 13:52:34 | 00,029,440 | ---- | M] () -- C:\Documents and Settings\Owner\Desktop\congratulations_myspace_graphics_02.jpg
[2009/09/17 13:50:06 | 00,019,971 | ---- | M] () -- C:\Documents and Settings\Owner\Desktop\congratulations_myspace_graphics_02.gif
[2009/09/17 13:35:33 | 00,174,313 | ---- | M] () -- C:\Documents and Settings\Owner\Desktop\dancing cat.gif
[2009/09/17 05:56:33 | 00,001,079 | ---- | M] () -- C:\Documents and Settings\Owner\Desktop\Shortcut to 1942._3D.jpg.lnk
[2009/09/16 23:39:52 | 00,011,074 | ---- | M] () -- C:\Documents and Settings\Owner\Desktop\Congratulations new hire.docx
[2009/09/16 23:17:20 | 00,096,806 | ---- | M] () -- C:\Documents and Settings\Owner\Desktop\FFA2B686-0F5F-48D2-8F2B-0B3A50D36D11.jpg
[2009/09/16 23:08:17 | 00,070,709 | ---- | M] () -- C:\Documents and Settings\Owner\Desktop\Party8_.jpg
[2009/09/16 22:59:32 | 00,022,391 | ---- | M] () -- C:\Documents and Settings\Owner\Desktop\FACEBOOK PIX ENHANCED.jpg
[2009/09/16 05:22:06 | 00,028,730 | ---- | M] () -- C:\Documents and Settings\Owner\Desktop\53000,1171143160,2_.gif
[2009/09/16 04:30:04 | 00,001,264 | ---- | M] () -- C:\Documents and Settings\Owner\Desktop\1228417399516089769j4p4n_cool_frame_-_1859_svg_med.gif
[2009/09/16 00:44:40 | 00,001,277 | ---- | M] () -- C:\Documents and Settings\Owner\Desktop\Attach.zip
[2009/09/16 00:26:16 | 00,359,932 | ---- | M] () -- C:\Documents and Settings\Owner\Desktop\dds.scr
[2009/09/14 05:47:38 | 00,135,149 | ---- | M] () -- C:\Documents and Settings\Owner\Desktop\Painting1a_irfan2.gif
[2009/09/14 05:45:05 | 00,134,190 | ---- | M] () -- C:\Documents and Settings\Owner\Desktop\Painting1a_irfan.gif
[2009/09/14 04:47:28 | 00,000,043 | ---- | M] () -- C:\Documents and Settings\Owner\Desktop\Painting1aframed2.gif
[2009/09/14 04:45:37 | 00,001,082 | ---- | M] () -- C:\Documents and Settings\Owner\Desktop\Painting1aFramed.bmp
[2009/09/14 04:06:04 | 00,026,032 | ---- | M] () -- C:\Documents and Settings\Owner\Desktop\BobTZ&me.jpg
[2009/09/14 04:00:17 | 00,046,620 | ---- | M] () -- C:\Documents and Settings\Owner\Desktop\Painting1a.jpg
[2009/09/14 03:46:04 | 00,032,758 | ---- | M] () -- C:\Documents and Settings\Owner\Desktop\Lilly_1a.bmp
[2009/09/14 03:45:31 | 00,032,278 | ---- | M] () -- C:\Documents and Settings\Owner\Desktop\Lilly_1.bmp
[2009/09/14 03:44:19 | 00,345,666 | ---- | M] () -- C:\Documents and Settings\Owner\Desktop\Painting2.bmp
[2009/09/14 03:44:00 | 00,345,666 | ---- | M] () -- C:\Documents and Settings\Owner\Desktop\Painting1.bmp
[2009/09/14 03:43:27 | 00,345,666 | ---- | M] () -- C:\Documents and Settings\Owner\Desktop\BobME &TZ.bmp
[2009/09/11 22:10:00 | 00,000,453 | ---- | M] () -- C:\WINDOWS\lexstat.ini
[2009/09/10 17:25:50 | 00,000,646 | ---- | M] () -- C:\Documents and Settings\Owner\Desktop\Shortcut to Collages (2).lnk
[2009/09/10 17:12:27 | 00,061,283 | ---- | M] () -- C:\Documents and Settings\Owner\Desktop\J&me4_editied.jpg
[2009/09/10 14:54:06 | 00,038,224 | ---- | M] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbamswissarmy.sys
[2009/09/10 14:53:50 | 00,019,160 | ---- | M] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbam.sys
[2009/09/10 06:22:56 | 00,018,134 | ---- | M] () -- C:\Documents and Settings\Owner\Desktop\BirdcageSilhouhette_2.gif
[2009/09/10 00:24:01 | 00,000,280 | ---- | M] () -- C:\WINDOWS\emm386g.dl
[2009/09/09 18:43:39 | 00,208,896 | ---- | M] () -- C:\Documents and Settings\Owner\Desktop\Fall 2009 Scheduling Form (2)_.xls
[2009/09/09 02:22:20 | 00,000,907 | ---- | M] () -- C:\Documents and Settings\Owner\Desktop\Shortcut to Collages.jpg.lnk
[2009/09/08 23:47:16 | 08,036,352 | ---- | M] (Irfan Skiljan) -- C:\Documents and Settings\Owner\Desktop\irfanview_plugins_425_setup.exe
[2009/09/08 23:41:17 | 00,001,576 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\IrfanView Thumbnails.lnk
[2009/09/08 23:41:17 | 00,000,696 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\IrfanView.lnk
[2009/09/08 23:23:06 | 01,359,360 | ---- | M] (Irfan Skiljan) -- C:\Documents and Settings\Owner\Desktop\iview425_setup.exe
[2009/09/08 20:50:37 | 00,064,265 | ---- | M] () -- C:\Documents and Settings\Owner\Desktop\FACEBOOK_K&me&A.Margie.jpg
[2009/09/08 20:50:10 | 00,070,895 | ---- | M] () -- C:\Documents and Settings\Owner\Desktop\FACEBOOK_alex.jpg
[2009/09/08 20:49:10 | 00,045,646 | ---- | M] () -- C:\Documents and Settings\Owner\Desktop\FACEBOOK_ K&Me.jpg
[2009/09/08 18:15:58 | 00,008,687 | ---- | M] () -- C:\Documents and Settings\Owner\Desktop\craftyBiochPnkFLAIR.jpg
[2009/09/08 18:15:56 | 00,008,880 | ---- | M] () -- C:\Documents and Settings\Owner\Desktop\UcraftyBiochFLAIR.jpg
[2009/09/08 18:15:54 | 00,007,116 | ---- | M] () -- C:\Documents and Settings\Owner\Desktop\craftyBiochFLAIR.jpg
[2009/09/08 18:12:36 | 00,005,547 | ---- | M] () -- C:\Documents and Settings\Owner\Desktop\CraftHoFLAIR.jpg
[2009/09/08 18:12:35 | 00,008,419 | ---- | M] () -- C:\Documents and Settings\Owner\Desktop\CraftW_attitudeFLAIR.jpg
[2009/09/08 18:12:34 | 00,007,105 | ---- | M] () -- C:\Documents and Settings\Owner\Desktop\SoManyIdeasFLAIR.jpg
[2009/09/08 18:10:00 | 00,007,948 | ---- | M] () -- C:\Documents and Settings\Owner\Desktop\the tudors flair.jpg
[2009/09/08 17:58:47 | 00,006,808 | ---- | M] () -- C:\Documents and Settings\Owner\Desktop\TrueThatFlair_1.jpg
[2009/09/08 17:53:06 | 00,055,813 | ---- | M] () -- C:\Documents and Settings\Owner\Desktop\TrueThatFLAIR2.jpg
[2009/09/08 16:44:16 | 00,020,217 | ---- | M] () -- C:\Documents and Settings\Owner\Desktop\AllIwntIs Jucy.jpg
[2009/09/08 16:41:00 | 00,041,855 | ---- | M] () -- C:\Documents and Settings\Owner\Desktop\multiBkgrnd6.jpg
[2009/09/08 16:40:38 | 00,031,531 | ---- | M] () -- C:\Documents and Settings\Owner\Desktop\multiBkgrnd5.jpg
[2009/09/08 16:40:18 | 00,030,901 | ---- | M] () -- C:\Documents and Settings\Owner\Desktop\multiRoseBkgrnd.jpg
[2009/09/08 16:38:45 | 00,041,093 | ---- | M] () -- C:\Documents and Settings\Owner\Desktop\antiqBkgrnd4.jpg
[2009/09/08 16:37:27 | 00,044,228 | ---- | M] () -- C:\Documents and Settings\Owner\Desktop\wildColorBkgrnd.jpg
[2009/09/08 16:35:25 | 00,023,328 | ---- | M] () -- C:\Documents and Settings\Owner\Desktop\pastelMultiBkgrnd.jpg
[2009/09/08 16:34:23 | 00,039,300 | ---- | M] () -- C:\Documents and Settings\Owner\Desktop\multiFlwrBkgrnd.jpg
[2009/09/08 16:33:54 | 00,024,197 | ---- | M] () -- C:\Documents and Settings\Owner\Desktop\plum&multiBkgrnd.jpg
[2009/09/08 16:31:50 | 00,031,503 | ---- | M] () -- C:\Documents and Settings\Owner\Desktop\butrflyBkgrnd.jpg
[2009/09/08 16:31:50 | 00,031,503 | ---- | M] () -- C:\Documents and Settings\Owner\Desktop\butrfly&flwrBkgrnd.jpg
[2009/09/08 16:31:11 | 00,035,525 | ---- | M] () -- C:\Documents and Settings\Owner\Desktop\grey&multiBkrnd.jpg
[2009/09/08 16:29:10 | 00,041,999 | ---- | M] () -- C:\Documents and Settings\Owner\Desktop\antiqBkgrnd.jpg
[2009/09/08 16:25:02 | 00,032,448 | ---- | M] () -- C:\Documents and Settings\Owner\Desktop\pnk&blkChandelierBKGRND.jpg
[2009/09/08 16:24:08 | 00,026,725 | ---- | M] () -- C:\Documents and Settings\Owner\Desktop\multiColorBkgrnd3.jpg
[2009/09/08 16:23:13 | 00,030,444 | ---- | M] () -- C:\Documents and Settings\Owner\Desktop\pnk&BlkBkgrnd.jpg
[2009/09/08 16:22:41 | 00,043,438 | ---- | M] () -- C:\Documents and Settings\Owner\Desktop\multiColorClocBkgrnd.jpg
[2009/09/08 16:19:28 | 00,017,885 | ---- | M] () -- C:\Documents and Settings\Owner\Desktop\ToilleBirds.jpg
[2009/09/08 16:19:14 | 00,015,956 | ---- | M] () -- C:\Documents and Settings\Owner\Desktop\antiqBird.jpg
[2009/09/08 16:16:27 | 00,018,242 | ---- | M] () -- C:\Documents and Settings\Owner\Desktop\pastlBkgrnd.jpg
[2009/09/08 16:15:00 | 00,037,966 | ---- | M] () -- C:\Documents and Settings\Owner\Desktop\multicolorFlowrBkgrnd.jpg
[2009/09/08 16:11:11 | 00,019,614 | ---- | M] () -- C:\Documents and Settings\Owner\Desktop\beigeButrflyBkgrnd.jpg
[2009/09/08 16:09:29 | 00,019,566 | ---- | M] () -- C:\Documents and Settings\Owner\Desktop\bluePatinaBkgrnd.jpg
[2009/09/08 16:06:50 | 00,034,895 | ---- | M] () -- C:\Documents and Settings\Owner\Desktop\multiColrBkgrnd2.jpg
[2009/09/08 16:06:50 | 00,034,895 | ---- | M] () -- C:\Documents and Settings\Owner\Desktop\multiBkgrnd.jpg
[2009/09/08 16:00:42 | 00,015,232 | ---- | M] () -- C:\Documents and Settings\Owner\Desktop\butterflyWallpaper.jpg
[2009/09/08 15:59:57 | 00,072,644 | ---- | M] () -- C:\Documents and Settings\Owner\Desktop\multiColorFlwr2Bkgrnd.jpg
[2009/09/08 15:58:00 | 00,030,305 | ---- | M] () -- C:\Documents and Settings\Owner\Desktop\vint.FlrwBlueBkgrnd.jpg
[2009/09/08 15:56:11 | 00,004,154 | ---- | M] () -- C:\Documents and Settings\Owner\Desktop\butterfly.jpg
[2009/09/08 15:53:25 | 00,003,650 | ---- | M] () -- C:\Documents and Settings\Owner\Desktop\birdcage.jpg
[2009/09/08 15:51:44 | 00,027,051 | ---- | M] () -- C:\Documents and Settings\Owner\Desktop\vintageFlowrCorner.jpg
[2009/09/08 15:50:31 | 00,015,146 | ---- | M] () -- C:\Documents and Settings\Owner\Desktop\blkWhimiscBkgrnd.jpg
[2009/09/08 15:48:37 | 00,041,093 | ---- | M] () -- C:\Documents and Settings\Owner\Desktop\antiqueFloralBkgrnd_.jpg
[2009/09/08 15:46:13 | 00,039,498 | ---- | M] () -- C:\Documents and Settings\Owner\Desktop\crackleDirtBkgrnd.jpg
[2009/09/08 15:45:46 | 00,031,445 | ---- | M] () -- C:\Documents and Settings\Owner\Desktop\MultiColorFloralBkgrnd.jpg
[2009/09/08 15:44:27 | 00,037,613 | ---- | M] () -- C:\Documents and Settings\Owner\Desktop\pinkFloralbkgrnd.jpg
[2009/09/08 15:43:38 | 00,046,003 | ---- | M] () -- C:\Documents and Settings\Owner\Desktop\pinkOrnge&whteBkgrnd.jpg
[2009/09/08 15:33:59 | 00,015,716 | ---- | M] () -- C:\Documents and Settings\Owner\Desktop\craftyMenRhot.jpg
[2009/09/07 20:23:27 | 00,072,192 | ---- | M] () -- C:\Documents and Settings\Owner\My Documents\Acupressure Info_.wps
[2009/09/07 20:18:44 | 00,079,872 | ---- | M] () -- C:\Documents and Settings\Owner\My Documents\Acupressure INFO.wps
[2009/09/07 16:51:28 | 00,071,246 | ---- | M] () -- C:\Documents and Settings\Owner\Desktop\chandelier7_.jpg
[2009/09/07 03:48:43 | 00,064,765 | ---- | M] () -- C:\Documents and Settings\Owner\Desktop\Paris SkyLine.jpg
[2009/09/07 03:46:32 | 00,012,904 | ---- | M] () -- C:\Documents and Settings\Owner\Desktop\Bkgrnd_pale blue2.jpg
[2009/09/07 03:42:37 | 00,000,360 | ---- | M] () -- C:\Documents and Settings\Owner\Desktop\Bkgrnd_pale blue.jpg
[2009/09/07 03:41:02 | 00,077,903 | ---- | M] () -- C:\Documents and Settings\Owner\Desktop\Bkgrnd_-Off-White.gif
[2009/09/07 03:34:43 | 00,000,043 | ---- | M] () -- C:\Documents and Settings\Owner\Desktop\Paris CityLine.gif
[2009/09/07 02:28:11 | 00,636,699 | ---- | M] () -- C:\Documents and Settings\Owner\Desktop\Printable Victorian Blk&Whte Objects.jpg
[2009/09/07 02:23:19 | 00,009,517 | ---- | M] () -- C:\Documents and Settings\Owner\Desktop\flower clipart.jpg
[2009/09/07 02:22:30 | 00,027,572 | ---- | M] () -- C:\Documents and Settings\Owner\Desktop\paisley clipart.gif
[2009/09/06 23:25:21 | 00,001,961 | ---- | M] () -- C:\Documents and Settings\Owner\Desktop\chandelier_starburst1_square.jpg
[2009/09/06 23:21:12 | 00,001,233 | ---- | M] () -- C:\Documents and Settings\Owner\Desktop\chandelier_swirl5.jpg
[2009/09/06 23:08:51 | 00,001,180 | ---- | M] () -- C:\Documents and Settings\Owner\Desktop\chandelier_starburst4.jpg
[2009/09/06 23:08:06 | 00,003,301 | ---- | M] () -- C:\Documents and Settings\Owner\Desktop\chandelier_starburst2.jpg
[2009/09/06 23:07:01 | 00,002,790 | ---- | M] () -- C:\Documents and Settings\Owner\Desktop\chandelier_starburst1.jpg
[2009/09/06 22:50:58 | 00,008,310 | ---- | M] () -- C:\Documents and Settings\Owner\Desktop\chandelier_swirl2.jpg
[2009/09/06 22:50:58 | 00,008,252 | ---- | M] () -- C:\Documents and Settings\Owner\Desktop\chandelier_swirl3.jpg
[2009/09/06 22:50:58 | 00,006,190 | ---- | M] () -- C:\Documents and Settings\Owner\Desktop\chandelier_swirl4.jpg
[2009/09/06 22:46:11 | 00,003,134 | ---- | M] () -- C:\Documents and Settings\Owner\Desktop\Chandelier_swirl.jpg
[2009/09/06 20:34:18 | 00,095,447 | ---- | M] () -- C:\Documents and Settings\Owner\Desktop\aGeoPattern3.png
[2009/09/06 20:34:18 | 00,077,359 | ---- | M] () -- C:\Documents and Settings\Owner\Desktop\aGeoPattern2.png
[2009/09/06 20:34:18 | 00,077,359 | ---- | M] () -- C:\Documents and Settings\Owner\Desktop\aGeoPattern1.png
[2009/09/05 20:17:07 | 00,195,814 | ---- | M] () -- C:\Documents and Settings\Owner\My Documents\PETSmart Grooming $10 OFF.jpg
[2009/09/04 23:08:00 | 00,034,615 | ---- | M] () -- C:\Documents and Settings\Owner\Desktop\shapes4.png
[2009/09/04 23:07:21 | 00,034,775 | ---- | M] () -- C:\Documents and Settings\Owner\Desktop\shapes3.png
[2009/09/04 23:06:06 | 00,072,545 | ---- | M] () -- C:\Documents and Settings\Owner\Desktop\shape2_.png
[2009/09/04 23:05:59 | 00,018,749 | ---- | M] () -- C:\Documents and Settings\Owner\Desktop\shape2.png
[2009/09/04 23:01:46 | 00,016,220 | ---- | M] () -- C:\Documents and Settings\Owner\Desktop\shape1.png
[2009/09/04 05:03:21 | 00,000,000 | ---- | M] () -- C:\Documents and Settings\Owner\Desktop\LightShow COLLAGE1.jpg
[2009/09/04 03:11:33 | 00,061,779 | ---- | M] () -- C:\Documents and Settings\Owner\Desktop\FLAIR____.jpg
[2009/09/04 03:07:44 | 00,019,443 | ---- | M] () -- C:\Documents and Settings\Owner\Desktop\Bakgrnd15.jpg
[2009/09/04 02:55:42 | 00,009,726 | ---- | M] () -- C:\Documents and Settings\Owner\Desktop\bakgrnd10.jpg
[2009/09/04 02:46:16 | 00,267,918 | ---- | M] () -- C:\Documents and Settings\Owner\Desktop\RmIdea3.jpg
[2009/09/04 02:42:57 | 00,048,766 | ---- | M] () -- C:\Documents and Settings\Owner\Desktop\bakgrnd8.jpg
[2009/09/04 02:39:36 | 00,044,953 | ---- | M] () -- C:\Documents and Settings\Owner\Desktop\charm8.jpg
[2009/09/04 02:39:32 | 00,037,620 | ---- | M] () -- C:\Documents and Settings\Owner\Desktop\charm9.jpg
[2009/09/04 02:39:07 | 00,054,298 | ---- | M] () -- C:\Documents and Settings\Owner\Desktop\Copy of Charm6.jpg
[2009/09/04 02:39:07 | 00,054,298 | ---- | M] () -- C:\Documents and Settings\Owner\Desktop\Charm6.jpg
[2009/09/04 02:38:48 | 00,048,122 | ---- | M] () -- C:\Documents and Settings\Owner\Desktop\Copy of Charm4.jpg
[2009/09/04 02:38:48 | 00,048,122 | ---- | M] () -- C:\Documents and Settings\Owner\Desktop\Charm4.jpg
[2009/09/04 02:38:44 | 00,045,927 | ---- | M] () -- C:\Documents and Settings\Owner\Desktop\charm7.jpg
[2009/09/04 02:37:53 | 00,056,195 | ---- | M] () -- C:\Documents and Settings\Owner\Desktop\KeyCharm.jpg
[2009/09/04 02:37:09 | 00,044,164 | ---- | M] () -- C:\Documents and Settings\Owner\Desktop\crown2.jpg
[2009/09/04 02:36:50 | 00,052,762 | ---- | M] () -- C:\Documents and Settings\Owner\Desktop\ShadowBox Charm.jpg
[2009/09/04 02:36:44 | 00,081,631 | ---- | M] () -- C:\Documents and Settings\Owner\Desktop\L_crown.jpg
[2009/09/04 02:36:13 | 00,044,780 | ---- | M] () -- C:\Documents and Settings\Owner\Desktop\crownCharm.jpg
[2009/09/04 02:35:56 | 00,088,862 | ---- | M] () -- C:\Documents and Settings\Owner\Desktop\JewelryCharms.jpg
[2009/09/04 02:35:34 | 00,088,572 | ---- | M] () -- C:\Documents and Settings\Owner\Desktop\chandelier41.jpg
[2009/09/04 02:35:10 | 00,086,828 | ---- | M] () -- C:\Documents and Settings\Owner\Desktop\Copy of chandelier40.jpg
[2009/09/04 02:35:10 | 00,086,828 | ---- | M] () -- C:\Documents and Settings\Owner\Desktop\chandelier40.jpg
[2009/09/04 02:34:53 | 00,031,961 | ---- | M] () -- C:\Documents and Settings\Owner\Desktop\Copy of chandelier39.jpg
[2009/09/04 02:34:53 | 00,031,961 | ---- | M] () -- C:\Documents and Settings\Owner\Desktop\chandelier39.jpg
[2009/09/04 02:34:30 | 00,044,352 | ---- | M] () -- C:\Documents and Settings\Owner\Desktop\Copy of chandelier38.jpg
[2009/09/04 02:34:30 | 00,044,352 | ---- | M] () -- C:\Documents and Settings\Owner\Desktop\chandelier38.jpg
[2009/09/04 02:33:59 | 00,042,729 | ---- | M] () -- C:\Documents and Settings\Owner\Desktop\Copy of chandelier37.jpg
[2009/09/04 02:33:59 | 00,042,729 | ---- | M] () -- C:\Documents and Settings\Owner\Desktop\chandelier37.jpg
[2009/09/04 02:33:17 | 00,041,409 | ---- | M] () -- C:\Documents and Settings\Owner\Desktop\Bakgrnd6.jpg
[2009/09/04 02:29:01 | 00,209,502 | ---- | M] () -- C:\Documents and Settings\Owner\Desktop\swirlGirlBkground.jpg
[2009/09/04 02:28:58 | 00,139,170 | ---- | M] () -- C:\Documents and Settings\Owner\Desktop\Bakgrnd.jpg
[2009/09/04 02:28:58 | 00,119,471 | ---- | M] () -- C:\Documents and Settings\Owner\Desktop\Copy of chandelier_Page2.jpg
[2009/09/04 02:28:58 | 00,119,471 | ---- | M] () -- C:\Documents and Settings\Owner\Desktop\chandelier_Page2.jpg
[2009/09/04 02:28:56 | 00,123,866 | ---- | M] () -- C:\Documents and Settings\Owner\Desktop\bakgrnd3.jpg
[2009/09/04 02:28:53 | 00,328,660 | ---- | M] () -- C:\Documents and Settings\Owner\Desktop\bakgrnd4.jpg
[2009/09/04 02:28:52 | 00,082,696 | ---- | M] () -- C:\Documents and Settings\Owner\Desktop\swanBkground.jpg
[2009/09/04 02:28:49 | 00,189,005 | ---- | M] () -- C:\Documents and Settings\Owner\Desktop\bakgrnd5.jpg
[2009/09/04 02:27:14 | 00,077,791 | ---- | M] () -- C:\Documents and Settings\Owner\Desktop\chandelier_Page.jpg
[2009/09/04 02:15:41 | 00,014,517 | ---- | M] () -- C:\Documents and Settings\Owner\Desktop\eiffelTower2.jpg
[2009/09/04 02:13:44 | 00,006,304 | ---- | M] () -- C:\Documents and Settings\Owner\Desktop\EiffelTower.jpg
[2009/09/04 02:10:33 | 00,038,108 | ---- | M] () -- C:\Documents and Settings\Owner\Desktop\ShabbyChicLight.jpg
[2009/09/04 02:06:27 | 00,065,094 | ---- | M] () -- C:\Documents and Settings\Owner\Desktop\RmIdea2.jpg
[2009/09/04 02:06:09 | 00,015,539 | ---- | M] () -- C:\Documents and Settings\Owner\Desktop\RmIdea.jpg
[2009/09/04 02:01:11 | 00,014,870 | ---- | M] () -- C:\Documents and Settings\Owner\Desktop\homecollage.jpg
[2009/09/03 23:40:18 | 00,020,896 | ---- | M] () -- C:\Documents and Settings\Owner\Desktop\Silhouhette_furniture2.jpg
[2009/09/03 22:50:19 | 00,021,426 | ---- | M] () -- C:\Documents and Settings\Owner\Desktop\bird-and-cage-silhouette.jpg
[2009/09/03 21:15:16 | 00,013,520 | ---- | M] () -- C:\Documents and Settings\Owner\Desktop\Red Medalian.jpg
[2009/09/03 04:50:42 | 00,068,108 | -H-- | M] () -- C:\WINDOWS\System32\mlfcache.dat
[2009/09/03 02:44:30 | 00,000,770 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Picasa 3.lnk
[2009/09/03 02:37:45 | 10,053,112 | ---- | M] (Google Inc.) -- C:\Documents and Settings\Owner\Desktop\picasa3-setup.exe
[2009/09/03 00:56:22 | 00,208,896 | ---- | M] () -- C:\Documents and Settings\Owner\Desktop\Fall 2009 Scheduling Form (2).xls
[2009/09/02 15:41:56 | 00,054,387 | ---- | M] () -- C:\Documents and Settings\Owner\Desktop\Collage IDEA.jpg
[2009/09/02 13:53:46 | 00,037,767 | ---- | M] () -- C:\Documents and Settings\Owner\Desktop\jewelryCuzDsntLast4evr.jpg
[2009/09/02 13:51:39 | 00,031,959 | ---- | M] () -- C:\Documents and Settings\Owner\Desktop\dude_WTF.jpg
[2009/09/02 13:39:12 | 00,041,565 | ---- | M] () -- C:\Documents and Settings\Owner\Desktop\Wondrful&hotGUYevr.jpg
[2009/09/02 13:31:21 | 00,043,767 | ---- | M] () -- C:\Documents and Settings\Owner\Desktop\AmI2Sexy.jpg
[2009/09/02 13:28:01 | 00,062,181 | ---- | M] () -- C:\Documents and Settings\Owner\Desktop\ItaPartyTimel.gif
[2009/09/02 03:36:56 | 00,000,873 | ---- | M] () -- C:\Documents and Settings\Owner\Desktop\Shortcut to Wire Chair.jpg.lnk
[2009/09/02 03:36:55 | 00,000,958 | ---- | M] () -- C:\Documents and Settings\Owner\Desktop\Shortcut to Wire & SaltClay Flower Idea.jpg.lnk
[2009/09/02 03:36:51 | 00,000,952 | ---- | M] () -- C:\Documents and Settings\Owner\Desktop\Shortcut to Ribbon Shoe1.gif.lnk
[2009/09/02 01:04:21 | 00,023,083 | ---- | M] () -- C:\Documents and Settings\Owner\Desktop\Silhouhette_images PAGE.jpg
[2009/09/02 01:02:30 | 00,034,044 | ---- | M] () -- C:\Documents and Settings\Owner\Desktop\Silhouette_Room Art IDEA2.jpg
[2009/09/02 00:57:16 | 00,028,907 | ---- | M] () -- C:\Documents and Settings\Owner\Desktop\silhouette Furniture3.jpg
[2009/09/02 00:56:28 | 00,112,017 | ---- | M] () -- C:\Documents and Settings\Owner\Desktop\Silhouette_Room Art IDEA.jpg
[2009/09/02 00:51:59 | 00,109,854 | ---- | M] () -- C:\Documents and Settings\Owner\Desktop\Silhouettes_furniture.jpg
[2009/09/02 00:50:52 | 00,111,384 | ---- | M] () -- C:\Documents and Settings\Owner\Desktop\flame-of-fire-elements.jpg
[2009/09/02 00:50:09 | 00,068,383 | ---- | M] () -- C:\Documents and Settings\Owner\Desktop\-love-bird-cage.jpg
[2009/09/02 00:49:42 | 00,000,903 | ---- | M] () -- C:\Documents and Settings\Owner\Desktop\Shortcut to WireCameo Charms.jpg.lnk
[2009/09/02 00:48:46 | 00,047,963 | ---- | M] () -- C:\Documents and Settings\Owner\Desktop\bird-in-cage2.jpg
[2009/09/02 00:10:01 | 00,008,692 | ---- | M] () -- C:\Documents and Settings\Owner\Desktop\Necklace_blk.jpg
[2009/09/02 00:09:11 | 00,027,798 | ---- | M] () -- C:\Documents and Settings\Owner\Desktop\Bird silhoette.jpg
[2009/09/01 16:32:59 | 00,000,000 | ---- | M] () -- C:\WINDOWS\MEMORY.DMP
[2009/09/01 15:44:02 | 00,000,116 | ---- | M] () -- C:\WINDOWS\NeroDigital.ini
[2009/09/01 05:26:10 | 00,005,907 | ---- | M] () -- C:\Documents and Settings\Owner\Desktop\FashionFlair.jpg
[2009/08/31 23:24:10 | 00,214,515 | ---- | M] () -- C:\Documents and Settings\Owner\Desktop\DadA&TZ.JPG
[2009/08/31 20:36:34 | 00,574,338 | ---- | M] () -- C:\Diva's Pictures.nri
[2009/08/31 20:33:18 | 00,006,928 | ---- | M] () -- C:\WINDOWS\System32\spupdsvc.inf
[2009/08/31 20:16:43 | 16,883,056 | ---- | M] (Microsoft Corporation) -- C:\Documents and Settings\Owner\My Documents\IE8-WindowsXP-x86-ENU.exe
[2009/08/31 16:05:14 | 00,006,504 | ---- | M] () -- C:\Documents and Settings\Owner\Desktop\BigHelloFrmTx.jpg
[2009/08/31 16:01:23 | 00,007,216 | ---- | M] () -- C:\Documents and Settings\Owner\Desktop\Texans60Freezng.jpg
[2009/08/31 15:59:17 | 00,008,390 | ---- | M] () -- C:\Documents and Settings\Owner\Desktop\HowdyBootFlair.jpg
[2009/08/31 15:59:15 | 00,007,025 | ---- | M] () -- C:\Documents and Settings\Owner\Desktop\HowdyFlair.jpg
[2009/08/31 15:30:49 | 00,007,129 | ---- | M] () -- C:\Documents and Settings\Owner\Desktop\UrSoGucci.jpg
[2009/08/31 13:32:46 | 00,007,103 | ---- | M] () -- C:\Documents and Settings\Owner\Desktop\HelloFrnd.jpg
[2009/08/31 13:31:14 | 00,008,098 | ---- | M] () -- C:\Documents and Settings\Owner\Desktop\HeyGirlWutsUp.jpg
[2009/08/31 13:30:16 | 00,005,889 | ---- | M] () -- C:\Documents and Settings\Owner\Desktop\IveGotTheBestFrnds.jpg
[2009/08/31 13:28:47 | 00,006,671 | ---- | M] () -- C:\Documents and Settings\Owner\Desktop\AsianDogHerro.jpg
[2009/08/31 13:26:15 | 00,005,780 | ---- | M] () -- C:\Documents and Settings\Owner\Desktop\HavAniceDayFlair.jpg
[2009/08/31 13:25:53 | 00,006,054 | ---- | M] () -- C:\Documents and Settings\Owner\Desktop\HelloKittyFlair.jpg
[2009/08/31 13:21:59 | 00,006,181 | ---- | M] () -- C:\Documents and Settings\Owner\Desktop\HelloFlair.jpg
[[2009/08/30 17:04:25 | 00,001,518 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\AVG 8.5.lnk
[2009/08/30 17:04:06 | 00,011,952 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\WINDOWS\System32\avgrsstx.dll
[2009/08/30 17:04:05 | 00,012,552 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\WINDOWS\System32\drivers\avgrkx86.sys
[2009/08/30 17:04:03 | 00,108,552 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\WINDOWS\System32\drivers\avgtdix.sys
[2009/08/30 17:03:33 | 00,335,240 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\WINDOWS\System32\drivers\avgldx86.sys
[2009/08/30 17:03:28 | 00,027,784 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\WINDOWS\System32\drivers\avgmfx86.sys
[2009/08/30 17:03:18 | 40,319,333 | ---- | M] () -- C:\WINDOWS\System32\drivers\Avg\incavi.avm
[2009/08/30 17:01:37 | 00,073,369 | ---- | M] () -- C:\WINDOWS\System32\drivers\Avg\microavi.avg
[2009/08/30 17:01:33 | 00,463,779 | ---- | M] () -- C:\WINDOWS\System32\drivers\Avg\miniavi.avg
[2009/08/30 17:01:30 | 06,061,540 | ---- | M] () -- C:\WINDOWS\System32\drivers\Avg\avi7.avg
[2009/08/30 15:44:20 | 00,000,791 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\SUPERAntiSpyware Free Edition.lnk
[2009/08/30 15:34:44 | 00,848,656 | ---- | M] (AVG Technologies) -- C:\Documents and Settings\Owner\My Documents\avg_avwt_stb_all_8_32.exe
[2009/08/30 15:33:18 | 06,881,824 | ---- | M] () -- C:\Documents and Settings\Owner\My Documents\SUPERAntiSpyware.exe
[2009/08/30 15:02:15 | 03,942,048 | ---- | M] (Malwarebytes Corporation ) -- C:\Documents and Settings\Owner\My Documents\mbam-setup.exe
[2009/08/30 03:02:43 | 00,001,559 | ---- | M] () -- C:\Documents and Settings\Owner\Desktop\CCleaner.lnk
[2009/08/30 02:09:42 | 00,003,991 | ---- | M] () -- C:\Documents and Settings\Owner\Desktop\hijackthis_8.30.09log
[2009/08/29 23:50:09 | 00,912,438 | ---- | M] () -- C:\Documents and Settings\Owner\Desktop\J&ME_paint.bmp
[2009/08/29 23:46:20 | 00,776,192 | ---- | M] () -- C:\Documents and Settings\Owner\My Documents\J&ME PIX.wps
[2009/08/29 23:15:56 | 00,912,438 | ---- | M] () -- C:\Documents and Settings\Owner\Desktop\J&me_revisedLast.bmp
[2009/08/29 22:35:50 | 00,036,273 | ---- | M] () -- C:\Documents and Settings\Owner\Desktop\J&me_spliced2.jpg
[2009/08/29 22:07:25 | 00,036,165 | ---- | M] () -- C:\Documents and Settings\Owner\Desktop\J&me_spliced.jpg
[2009/08/29 21:32:18 | 00,344,946 | ---- | M] () -- C:\Documents and Settings\Owner\Desktop\Lilly_8.09_4.bmp
[2009/08/29 21:31:49 | 00,344,946 | ---- | M] () -- C:\Documents and Settings\Owner\Desktop\Lilly_8.09_3.bmp
[2009/08/29 21:31:23 | 00,345,666 | ---- | M] () -- C:\Documents and Settings\Owner\Desktop\Lilly_8.09_2.bmp
[2009/08/29 21:30:50 | 00,345,666 | ---- | M] () -- C:\Documents and Settings\Owner\Desktop\Lilly_8.09.bmp
[2009/08/29 21:12:29 | 00,344,946 | ---- | M] () -- C:\Documents and Settings\Owner\Desktop\J&me6.bmp
[2009/08/29 21:00:19 | 00,106,959 | ---- | M] () -- C:\Documents and Settings\Owner\Desktop\J&me5.jpg
[2009/08/29 20:59:53 | 00,148,854 | ---- | M] () -- C:\Documents and Settings\Owner\Desktop\J&me4.jpg
[2009/08/29 20:59:36 | 00,118,727 | ---- | M] () -- C:\Documents and Settings\Owner\Desktop\J&me3.jpg
[2009/08/29 20:59:08 | 00,118,386 | ---- | M] () -- C:\Documents and Settings\Owner\Desktop\J&me2.jpg
[2009/08/29 20:58:23 | 00,113,632 | ---- | M] () -- C:\Documents and Settings\Owner\Desktop\J&me1.jpg
[2009/08/29 03:19:55 | 00,000,794 | ---- | M] () -- C:\Documents and Settings\Owner\Desktop\Internet Explorer (2).lnk
[2009/08/29 02:30:16 | 00,307,769 | ---- | M] () -- C:\Documents and Settings\Owner\Desktop\G&M_fb.jpg
[2009/08/29 01:48:39 | 00,030,140 | ---- | M] () -- C:\Documents and Settings\Owner\Desktop\G&M_.jpg
[2009/08/29 01:36:52 | 00,065,767 | ---- | M] () -- C:\Documents and Settings\Owner\Desktop\Mom&A_.jpg
[2009/08/29 01:23:26 | 00,082,681 | ---- | M] () -- C:\Documents and Settings\Owner\Desktop\MOM&J.jpg
[2009/08/27 22:04:48 | 00,008,923 | ---- | M] () -- C:\Documents and Settings\Owner\Desktop\MomT&meXmas09_.jpg
[2009/08/27 22:02:37 | 00,007,630 | ---- | M] () -- C:\Documents and Settings\Owner\Desktop\Mom&meXmas09_.jpg
[2009/08/27 21:52:05 | 00,366,214 | ---- | M] () -- C:\Documents and Settings\Owner\Desktop\AlexPool.bmp
[2009/08/27 21:50:34 | 00,163,906 | ---- | M] () -- C:\Documents and Settings\Owner\Desktop\Lilly.bmp
[2009/08/27 21:48:03 | 00,163,906 | ---- | M] () -- C:\Documents and Settings\Owner\Desktop\MomT&meXmas09.bmp
[2009/08/27 21:46:51 | 00,163,906 | ---- | M] () -- C:\Documents and Settings\Owner\Desktop\Mom&meXmas09.bmp
[2009/08/27 05:31:16 | 00,006,889 | ---- | M] () -- C:\Documents and Settings\Owner\Desktop\Peace_Flair.jpg
[2009/08/20 18:15:59 | 00,004,904 | ---- | M] () -- C:\Documents and Settings\Owner\Desktop\URGucci.png
[2009/08/20 17:26:43 | 00,211,266 | ---- | M] () -- C:\Documents and Settings\Owner\Desktop\GucciPattern2.bmp
[2009/08/20 17:24:29 | 00,095,066 | ---- | M] () -- C:\Documents and Settings\Owner\Desktop\GucciPattern.jpg
[2009/08/20 04:28:52 | 00,090,214 | ---- | M] () -- C:\Documents and Settings\Owner\Desktop\WallDecor_Idea_2.bmp
[2009/08/20 04:26:18 | 00,139,830 | ---- | M] () -- C:\Documents and Settings\Owner\Desktop\WallDecor_Idea_.bmp
[2009/08/20 03:30:58 | 00,087,750 | ---- | M] () -- C:\Documents and Settings\Owner\Desktop\AltrdArtAcidDolls1.bmp
[2009/08/20 03:22:31 | 00,000,526 | ---- | M] () -- C:\Documents and Settings\Owner\Desktop\Shortcut to AltrdArtAcidDolls_.bmp.lnk
[2009/08/20 02:24:27 | 00,360,054 | ---- | M] () -- C:\Documents and Settings\Owner\Desktop\WallDecor_Idea.bmp
[2009/08/20 02:09:49 | 00,173,466 | ---- | M] () -- C:\Documents and Settings\Owner\Desktop\GumWrapperWreath2.bmp

========== Alternate Data Streams ==========

@Alternate Data Stream - 125 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:5C321E34
< End of report >

Edited by C.Diva, 18 September 2009 - 10:08 PM.


#8 syler

syler

  • Malware Response Team
  • 8,150 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Warrington, UK
  • Local time:12:12 AM

Posted 20 September 2009 - 06:33 AM

Hi C.Diva,

Please click this link-->Jotti
When the jotti page has finished loading, click the Browse button and navigate to the following file and click Submit.

C:\WINDOWS\emm386g.dl

Please post back the results of the scan in your next post.
If Jotti is busy, try the same at Virustotal: http://www.virustotal.com/

Next

Click Start >> Run, then type msconfig in the box.
Under the general tab, select Normal Startup - load all devices and services.
Click Apply then Close and restart your computer.

Next

You have an outdated version of Adobe Reader, these have vulnerabilities that can be exploited by malware, to get in to your machine. Please follow these
steps to remove older versions of Adobe Reader and download the latest version.

Go to Start >> Settings >> Control Panel, double-click on Add/Remove Programs and remove any older versions of Adobe Reader.
  • Download the latest version of Adobe Acrobat Reader
  • Select your Windows version and click on Download. If you are using Internet Explorer, you will receive prompts. Allow the installation to be ran and it will be installed automatically for you. If you are using other browsers, it will prompt you to save a file. Save this file to your desktop and run it to install the latest version of Adobe Reader.
  • Close your Internet browser and open it again.
Next

Run OTL
  • Under the Custom Scans/Fixes box at the bottom, paste in the following

    :OTL
    DRV - [2006/08/06 23:16:00 | 00,076,560 | ---- | M] (Trend Micro Inc.) -- C:\WINDOWS\System32\drivers\tmcomm.sys -- (tmcomm [Disabled | Stopped])
    O3 - HKU\S-1-5-21-2355909145-1709136994-1300003180-1003\..\Toolbar\ShellBrowser: (no name) - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - No CLSID value found.
    O9 - Extra 'Tools' menuitem : Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe File not found
    O16 - DPF: {3E68E405-C6DE-49FF-83AE-41EE9F4C36CE} Reg Error: Value error. (Reg Error: Key error.)
    O16 - DPF: {9F1C11AA-197B-4942-BA54-47A8489BB47F} Reg Error: Value error. (Reg Error: Key error.)
    O20 - Winlogon\Notify\!SASWinLogon: DllName - - File not found
    O20 - Winlogon\Notify\avgrsstarter: DllName - - File not found
    O20 - Winlogon\Notify\WRNotifier: DllName - - File not found
    :Reg
    [-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\fc40um]
    [-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\KernelFaultCheck]
    [-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MoneyAgent]
    [-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NvCplDaemon]
    [-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Pop-Up Stopper]
    [-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]
    [-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SpybotSD TeaTimer]
    [-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^hp center UI.lnk]
    [-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^hp center.lnk]
    [-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^Microsoft Windows.hta]
    [-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^Owner^Start Menu^Programs^Startup^Pop-Up Stopper.lnk]
    [-HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\SYMTDI]
    :Commands
    [emptytemp]
    [Reboot]
  • Then click the Run Fix button at the top
  • Let the program run unhindered, reboot when it is done
  • You will get a log that shows the results of the fix. Please post it.
  • Then also run and post a new OTL log.
Please post back here with the following logs:
  • Jotti results
  • OTL results
  • New OTL log
Thanks

unite.jpg


#9 C.Diva

C.Diva
  • Topic Starter

  • Members
  • 13 posts
  • OFFLINE
  •  
  • Gender:Female
  • Local time:05:12 PM

Posted 20 September 2009 - 05:17 PM

Hi Syler,

I posted the VirusTotal Scan below but I keep getting an error message on the OTL scan. It says:

Invalid Time Flag!
C:\WINDOWS\System32\drivers\tmcomm.sys -- (tmcomm [Disabled | Stopped])
Must be numerical


File emm386g.dl received on 2009.09.20 21:05:31 (UTC)
Current status: Loading ...
queued waiting scanning finished NOT FOUND STOPPED

Result: 0/41 (0%)

Antivirus Version Last Update Result
a-squared 4.5.0.24 2009.09.20 -
AhnLab-V3 5.0.0.2 2009.09.19 -
AntiVir 7.9.1.19 2009.09.18 -
Antiy-AVL 2.0.3.7 2009.09.18 -
Authentium 5.1.2.4 2009.09.20 -
Avast 4.8.1351.0 2009.09.20 -
AVG 8.5.0.412 2009.09.20 -
BitDefender 7.2 2009.09.20 -
CAT-QuickHeal 10.00 2009.09.19 -
ClamAV 0.94.1 2009.09.19 -
Comodo 2384 2009.09.20 -
DrWeb 5.0.0.12182 2009.09.20 -
eSafe 7.0.17.0 2009.09.17 -
eTrust-Vet 31.6.6746 2009.09.18 -
F-Prot 4.5.1.85 2009.09.20 -
F-Secure 8.0.14470.0 2009.09.20 -
Fortinet 3.120.0.0 2009.09.19 -
GData 19 2009.09.20 -
Ikarus T3.1.1.72.0 2009.09.20 -
Jiangmin 11.0.800 2009.09.20 -
K7AntiVirus 7.10.849 2009.09.19 -
Kaspersky 7.0.0.125 2009.09.20 -
McAfee 5747 2009.09.20 -
McAfee+Artemis 5747 2009.09.20 -
McAfee-GW-Edition 6.8.5 2009.09.20 -
Microsoft 1.5005 2009.09.20 -
NOD32 4441 2009.09.19 -
Norman 6.01.09 2009.09.18 -
nProtect 2009.1.8.0 2009.09.20 -
Panda 10.0.2.2 2009.09.20 -
PCTools 4.4.2.0 2009.09.20 -
Prevx 3.0 2009.09.20 -
Rising 21.47.62.00 2009.09.20 -
Sophos 4.45.0 2009.09.20 -
Sunbelt 3.2.1858.2 2009.09.20 -
Symantec 1.4.4.12 2009.09.20 -
TheHacker 6.5.0.2.012 2009.09.18 -
TrendMicro 8.950.0.1094 2009.09.20 -
VBA32 3.12.10.10 2009.09.20 -
ViRobot 2009.9.18.1943 2009.09.18 -
VirusBuster 4.6.5.0 2009.09.20 -
Additional information
File size: 280 bytes
MD5...: dbd3d31f2a2cdab860ed3e6b16e21176
SHA1..: 81fb2744570b8c80043789270e76596d1be24f42
SHA256: 88d5a5a3ae09339ce7e63bfc4501c6957a4dcf0531a7691ef8326be34037d5cd
ssdeep: 6:+gdQmsGP8lXtaw5pJu1lk21e+7ePr4aMvl:qzl9aw5pU1lX4yAMaMvl

PEiD..: -
PEInfo: -
RDS...: NSRL Reference Data Set
-
pdfid.: -
trid..: Unknown!
sigcheck:
publisher....: n/a
copyright....: n/a
product......: n/a
description..: n/a
original name: n/a
internal name: n/a
file version.: n/a
comments.....: n/a
signers......: -
signing date.: -
verified.....: Unsigned

#10 syler

syler

  • Malware Response Team
  • 8,150 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Warrington, UK
  • Local time:12:12 AM

Posted 21 September 2009 - 01:22 AM

C.Diva,

Please try running this OTL script instead.

Run OTL
  • Under the Custom Scans/Fixes box at the bottom, paste in the following

    :OTL
    O3 - HKU\S-1-5-21-2355909145-1709136994-1300003180-1003\..\Toolbar\ShellBrowser: (no name) - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - No CLSID value found.
    O9 - Extra 'Tools' menuitem : Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe File not found
    O16 - DPF: {3E68E405-C6DE-49FF-83AE-41EE9F4C36CE} Reg Error: Value error. (Reg Error: Key error.)
    O16 - DPF: {9F1C11AA-197B-4942-BA54-47A8489BB47F} Reg Error: Value error. (Reg Error: Key error.)
    O20 - Winlogon\Notify\!SASWinLogon: DllName - - File not found
    O20 - Winlogon\Notify\avgrsstarter: DllName - - File not found
    O20 - Winlogon\Notify\WRNotifier: DllName - - File not found
    :Reg
    [-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\fc40um]
    [-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\KernelFaultCheck]
    [-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MoneyAgent]
    [-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NvCplDaemon]
    [-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Pop-Up Stopper]
    [-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]
    [-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SpybotSD TeaTimer]
    [-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^hp center UI.lnk]
    [-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^hp center.lnk]
    [-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^Microsoft Windows.hta]
    [-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^Owner^Start Menu^Programs^Startup^Pop-Up Stopper.lnk]
    [-HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\SYMTDI]
    :Commands
    [emptytemp]
    [Reboot]
  • Then click the Run Fix button at the top
  • Let the program run unhindered, reboot when it is done
  • You will get a log that shows the results of the fix. Please post it.
  • Then also run and post a new OTL log.
Cheers

unite.jpg


#11 C.Diva

C.Diva
  • Topic Starter

  • Members
  • 13 posts
  • OFFLINE
  •  
  • Gender:Female
  • Local time:05:12 PM

Posted 21 September 2009 - 06:03 AM

Hi Syler,


All processes killed
========== OTL ==========
Registry value HKEY_USERS\S-1-5-21-2355909145-1709136994-1300003180-1003\Software\Microsoft\Internet Explorer\Toolbar\ShellBrowser\\{42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extensions\{85d1f590-48f4-11d9-9669-0800200c9a66}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{85d1f590-48f4-11d9-9669-0800200c9a66}\ not found.
Starting removal of ActiveX control {3E68E405-C6DE-49FF-83AE-41EE9F4C36CE} Reg Error: Value error.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{3E68E405-C6DE-49FF-83AE-41EE9F4C36CE} Reg Error: Value error.\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{3E68E405-C6DE-49FF-83AE-41EE9F4C36CE} Reg Error: Value error.\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{3E68E405-C6DE-49FF-83AE-41EE9F4C36CE} Reg Error: Value error.\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{3E68E405-C6DE-49FF-83AE-41EE9F4C36CE} Reg Error: Value error.\ not found.
Starting removal of ActiveX control {9F1C11AA-197B-4942-BA54-47A8489BB47F} Reg Error: Value error.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{9F1C11AA-197B-4942-BA54-47A8489BB47F} Reg Error: Value error.\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{9F1C11AA-197B-4942-BA54-47A8489BB47F} Reg Error: Value error.\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{9F1C11AA-197B-4942-BA54-47A8489BB47F} Reg Error: Value error.\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{9F1C11AA-197B-4942-BA54-47A8489BB47F} Reg Error: Value error.\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\!SASWinLogon\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\avgrsstarter\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\WRNotifier\ deleted successfully.
========== REGISTRY ==========
Registry key HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\fc40um\ not found.
Registry key HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\KernelFaultCheck\ not found.
Registry key HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MoneyAgent\ not found.
Registry key HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NvCplDaemon\ not found.
Registry key HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Pop-Up Stopper\ not found.
Registry key HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task\ not found.
Registry key HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SpybotSD TeaTimer\ not found.
Registry key HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^hp center UI.lnk\ not found.
Registry key HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^hp center.lnk\ not found.
Registry key HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^Microsoft Windows.hta\ not found.
Registry key HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^Owner^Start Menu^Programs^Startup^Pop-Up Stopper.lnk\ not found.
Registry key HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\SYMTDI\ deleted successfully.
========== COMMANDS ==========

[EMPTYTEMP]

User: All Users

User: LocalService
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33170 bytes

User: NetworkService
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33170 bytes

User: Owner
File delete failed. C:\Documents and Settings\Owner\Local Settings\Temp\Temporary Internet Files\Content.IE5\WL4NO7EB\8YGohCcMy_0oZNInexmtmu_JcPj912jmGn4-o39Z3qsY9FQQjcvk4gE59kHc5bub6Qb6R8DjcPRmWM0w0lMU-jamXs1aehYvw7z0br1QTVS4-j4vIaTzjqHhZuvlPru7IIBiSSMkvvmSVPXC-um3fXFZ6vGaz-zWGlS_Mgd1K_Tz[1].jpg scheduled to be deleted on reboot.
File delete failed. C:\Documents and Settings\Owner\Local Settings\Temp\Temporary Internet Files\Content.IE5\WL4NO7EB\A-BGPYVC0lYBbSQGtEjNP-_JcPj912jmGn4-o39Z3qsY9FQQjcvk4gE59kHc5bub6Qb6R8DjcPRmWM0w0lMU-jamXs1aehYvrcc1giga_FFuF0p9pFrIhKHhZuvlPru7IIBiSSMkvvk_1xRsoZmhh-JfUaWHLdKd_3lHMVWoeSZY[1].jpg scheduled to be deleted on reboot.
File delete failed. C:\Documents and Settings\Owner\Local Settings\Temp\Temporary Internet Files\Content.IE5\WL4NO7EB\fold_main.js.v48851.48851.48851.48851.48851.38771.48851.48851.76369.38771.71746.71745.62864.38771.66362.76606.76912.69832.38771.63688.38771.73289.67088.55944.73491[1].14 scheduled to be deleted on reboot.
File delete failed. C:\Documents and Settings\Owner\Local Settings\Temp\Temporary Internet Files\Content.IE5\WL4NO7EB\GWiOkNkCCRjDC3FtuNQSs-_JcPj912jmGn4-o39Z3qsY9FQQjcvk4gE59kHc5bub6Qb6R8DjcPRmWM0w0lMU-jamXs1aehYvUvgaGHMA-TtUaYlzqnXItaHhZuvlPru7IIBiSSMkvvk15xKZuvi8avf3aYR9G4HIwDJuk6l0UxkT[1].jpg scheduled to be deleted on reboot.
File delete failed. C:\Documents and Settings\Owner\Local Settings\Temp\Temporary Internet Files\Content.IE5\WL4NO7EB\Tnq2fLUVMvIVGSe6VwKyMkghaXy28R7FGn4-o39Z3qsY9FQQjcvk4gE59kHc5bub6Qb6R8DjcPRmWM0w0lMU-jamXs1aehYvn_SwrTrtB7G_gHXnArG0MsmL0PoJGO_TJOZ7DqoPS9WelSLMSy49-oaNW_YlpgqUNjEUeV3cG4ZI[1].jpg scheduled to be deleted on reboot.
File delete failed. C:\Documents and Settings\Owner\Local Settings\Temp\Temporary Internet Files\Content.IE5\UNEVW3SD\HPpvnqCG3miCT-LY9pc8h-_JcPj912jmGn4-o39Z3qsY9FQQjcvk4gE59kHc5bub6Qb6R8DjcPRmWM0w0lMU-jamXs1aehYvgp7tOX9750zQ2x13h1_BGaHhZuvlPru7IIBiSSMkvvnJkXF3vOcW0IYTh_vpkAY6fN1Ocj3cy7sD[1].jpg scheduled to be deleted on reboot.
File delete failed. C:\Documents and Settings\Owner\Local Settings\Temp\Temporary Internet Files\Content.IE5\U3ELGNO1\pBleXsd6SJWqWS1PeBGEX0ghaXy28R7FGn4-o39Z3qsY9FQQjcvk4gE59kHc5bub6Qb6R8DjcPRmWM0w0lMU-jamXs1aehYvuqKhKALwNSLYnTe9rwuR4smL0PoJGO_TJOZ7DqoPS9XbiHXWNZuN40JRrxaicVTmoX3y7M1hFNVX[1].jpg scheduled to be deleted on reboot.
File delete failed. C:\Documents and Settings\Owner\Local Settings\Temp\Temporary Internet Files\Content.IE5\CRKL6H6V\a9ZgPHMteHLCRo4YMtidkEghaXy28R7FGn4-o39Z3qsY9FQQjcvk4gE59kHc5bub6Qb6R8DjcPRmWM0w0lMU-jamXs1aehYvwn0Xo41TY3nTZfbswjJyv8mL0PoJGO_TJOZ7DqoPS9WqKq_N6CS1LnSDeWT0LGcJZypNM7VXq9hS[1].jpg scheduled to be deleted on reboot.
File delete failed. C:\Documents and Settings\Owner\Local Settings\Temp\Temporary Internet Files\Content.IE5\CRKL6H6V\F44R3U0phNEztnypSjPHtu_JcPj912jmGn4-o39Z3qsY9FQQjcvk4gE59kHc5bub6Qb6R8DjcPRmWM0w0lMU-jamXs1aehYvcJ5s7Kap_0HIzPgU2m05xqHhZuvlPru7IIBiSSMkvvnM_MyxKyofv4KIJpoET3lRWOgzLjKjHwZ3[1].jpg scheduled to be deleted on reboot.
File delete failed. C:\Documents and Settings\Owner\Local Settings\Temp\Temporary Internet Files\Content.IE5\CRKL6H6V\H03REpYCM_zqQaevJ0gt0O_JcPj912jmGn4-o39Z3qsY9FQQjcvk4gE59kHc5bub6Qb6R8DjcPRmWM0w0lMU-jamXs1aehYvcz-_avFNwF35sn3cCEeI0KHhZuvlPru7IIBiSSMkvvnHomFi-ej572EV26rrJIc_V1yYkr1hWWhU[1].jpg scheduled to be deleted on reboot.
File delete failed. C:\Documents and Settings\Owner\Local Settings\Temp\Temporary Internet Files\Content.IE5\CRKL6H6V\HPpvnqCG3mipdFyChybAEO_JcPj912jmGn4-o39Z3qsY9FQQjcvk4gE59kHc5bub6Qb6R8DjcPRmWM0w0lMU-jamXs1aehYvgp7tOX9750zQ2x13h1_BGaHhZuvlPru7IIBiSSMkvvnJkXF3vOcW0IYTh_vpkAY6fN1Ocj3cy7sD[1].jpg scheduled to be deleted on reboot.
->Temp folder emptied: 199847647 bytes
File delete failed. C:\Documents and Settings\Owner\Local Settings\Temporary Internet Files\Content.IE5\index.dat scheduled to be deleted on reboot.
->Temporary Internet Files folder emptied: 53120293 bytes
->Java cache emptied: 61341 bytes

%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
Windows Temp folder emptied: 41026 bytes
RecycleBin emptied: 138529659 bytes

Total Files Cleaned = 373.52 mb


OTL by OldTimer - Version 3.0.14.0 log created on 09212009_054426

Files\Folders moved on Reboot...
File\Folder C:\Documents and Settings\Owner\Local Settings\Temp\Temporary Internet Files\Content.IE5\WL4NO7EB\8YGohCcMy_0oZNInexmtmu_JcPj912jmGn4-o39Z3qsY9FQQjcvk4gE59kHc5bub6Qb6R8DjcPRmWM0w0lMU-jamXs1aehYvw7z0br1QTVS4-j4vIaTzjqHhZuvlPru7IIBiSSMkvvmSVPXC-um3fXFZ6vGaz-zWGlS_Mgd1K_Tz[1].jpg not found!
File\Folder C:\Documents and Settings\Owner\Local Settings\Temp\Temporary Internet Files\Content.IE5\WL4NO7EB\A-BGPYVC0lYBbSQGtEjNP-_JcPj912jmGn4-o39Z3qsY9FQQjcvk4gE59kHc5bub6Qb6R8DjcPRmWM0w0lMU-jamXs1aehYvrcc1giga_FFuF0p9pFrIhKHhZuvlPru7IIBiSSMkvvk_1xRsoZmhh-JfUaWHLdKd_3lHMVWoeSZY[1].jpg not found!
File\Folder C:\Documents and Settings\Owner\Local Settings\Temp\Temporary Internet Files\Content.IE5\WL4NO7EB\fold_main.js.v48851.48851.48851.48851.48851.38771.48851.48851.76369.38771.71746.71745.62864.38771.66362.76606.76912.69832.38771.63688.38771.73289.67088.55944.73491[1].14 not found!
File\Folder C:\Documents and Settings\Owner\Local Settings\Temp\Temporary Internet Files\Content.IE5\WL4NO7EB\GWiOkNkCCRjDC3FtuNQSs-_JcPj912jmGn4-o39Z3qsY9FQQjcvk4gE59kHc5bub6Qb6R8DjcPRmWM0w0lMU-jamXs1aehYvUvgaGHMA-TtUaYlzqnXItaHhZuvlPru7IIBiSSMkvvk15xKZuvi8avf3aYR9G4HIwDJuk6l0UxkT[1].jpg not found!
File\Folder C:\Documents and Settings\Owner\Local Settings\Temp\Temporary Internet Files\Content.IE5\WL4NO7EB\Tnq2fLUVMvIVGSe6VwKyMkghaXy28R7FGn4-o39Z3qsY9FQQjcvk4gE59kHc5bub6Qb6R8DjcPRmWM0w0lMU-jamXs1aehYvn_SwrTrtB7G_gHXnArG0MsmL0PoJGO_TJOZ7DqoPS9WelSLMSy49-oaNW_YlpgqUNjEUeV3cG4ZI[1].jpg not found!
File\Folder C:\Documents and Settings\Owner\Local Settings\Temp\Temporary Internet Files\Content.IE5\UNEVW3SD\HPpvnqCG3miCT-LY9pc8h-_JcPj912jmGn4-o39Z3qsY9FQQjcvk4gE59kHc5bub6Qb6R8DjcPRmWM0w0lMU-jamXs1aehYvgp7tOX9750zQ2x13h1_BGaHhZuvlPru7IIBiSSMkvvnJkXF3vOcW0IYTh_vpkAY6fN1Ocj3cy7sD[1].jpg not found!
File\Folder C:\Documents and Settings\Owner\Local Settings\Temp\Temporary Internet Files\Content.IE5\U3ELGNO1\pBleXsd6SJWqWS1PeBGEX0ghaXy28R7FGn4-o39Z3qsY9FQQjcvk4gE59kHc5bub6Qb6R8DjcPRmWM0w0lMU-jamXs1aehYvuqKhKALwNSLYnTe9rwuR4smL0PoJGO_TJOZ7DqoPS9XbiHXWNZuN40JRrxaicVTmoX3y7M1hFNVX[1].jpg not found!
File\Folder C:\Documents and Settings\Owner\Local Settings\Temp\Temporary Internet Files\Content.IE5\CRKL6H6V\a9ZgPHMteHLCRo4YMtidkEghaXy28R7FGn4-o39Z3qsY9FQQjcvk4gE59kHc5bub6Qb6R8DjcPRmWM0w0lMU-jamXs1aehYvwn0Xo41TY3nTZfbswjJyv8mL0PoJGO_TJOZ7DqoPS9WqKq_N6CS1LnSDeWT0LGcJZypNM7VXq9hS[1].jpg not found!
File\Folder C:\Documents and Settings\Owner\Local Settings\Temp\Temporary Internet Files\Content.IE5\CRKL6H6V\F44R3U0phNEztnypSjPHtu_JcPj912jmGn4-o39Z3qsY9FQQjcvk4gE59kHc5bub6Qb6R8DjcPRmWM0w0lMU-jamXs1aehYvcJ5s7Kap_0HIzPgU2m05xqHhZuvlPru7IIBiSSMkvvnM_MyxKyofv4KIJpoET3lRWOgzLjKjHwZ3[1].jpg not found!
File\Folder C:\Documents and Settings\Owner\Local Settings\Temp\Temporary Internet Files\Content.IE5\CRKL6H6V\H03REpYCM_zqQaevJ0gt0O_JcPj912jmGn4-o39Z3qsY9FQQjcvk4gE59kHc5bub6Qb6R8DjcPRmWM0w0lMU-jamXs1aehYvcz-_avFNwF35sn3cCEeI0KHhZuvlPru7IIBiSSMkvvnHomFi-ej572EV26rrJIc_V1yYkr1hWWhU[1].jpg not found!
File\Folder C:\Documents and Settings\Owner\Local Settings\Temp\Temporary Internet Files\Content.IE5\CRKL6H6V\HPpvnqCG3mipdFyChybAEO_JcPj912jmGn4-o39Z3qsY9FQQjcvk4gE59kHc5bub6Qb6R8DjcPRmWM0w0lMU-jamXs1aehYvgp7tOX9750zQ2x13h1_BGaHhZuvlPru7IIBiSSMkvvnJkXF3vOcW0IYTh_vpkAY6fN1Ocj3cy7sD[1].jpg not found!

Registry entries deleted on Reboot...


________
________

OTL logfile created on: 9/21/2009 5:54:47 AM - Run 3
OTL by OldTimer - Version 3.0.14.0 Folder = C:\Documents and Settings\Owner\Desktop
Windows XP Home Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

125.98 Mb Total Physical Memory | 27.11 Mb Available Physical Memory | 21.52% Memory free
303.64 Mb Paging File | 153.46 Mb Available in Paging File | 50.54% Paging File free
Paging file location(s): C:\pagefile.sys 0 0 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 32.42 Gb Total Space | 20.36 Gb Free Space | 62.82% Space Free | Partition Type: NTFS
Drive D: | 4.87 Gb Total Space | 1.07 Gb Free Space | 21.99% Space Free | Partition Type: FAT32
E: Drive not present or media not loaded
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded

Computer Name: YOUR-M5D4U9R2UV
Current User Name: DIVA
Logged in as Administrator.

Current Boot Mode: Normal
Scan Mode: All users
Company Name Whitelist: Off
Skip Microsoft Files: Off
File Age = 30 Days
Output = Standard

========== Processes (SafeList) ==========

PRC - [2006/04/17 12:42:14 | 00,311,296 | ---- | M] (Lexmark International, Inc.) -- C:\WINDOWS\System32\LEXBCES.EXE
PRC - [2006/04/17 12:41:24 | 00,174,592 | ---- | M] (Lexmark International, Inc.) -- C:\WINDOWS\System32\LEXPPS.EXE
PRC - [2008/04/13 19:12:19 | 01,033,728 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\Explorer.EXE
PRC - [2008/04/13 19:12:29 | 00,069,120 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\notepad.exe
PRC - [1998/05/07 18:04:38 | 00,052,736 | ---- | M] (Hewlett-Packard Company) -- C:\windows\system\hpsysdrv.exe
PRC - [2001/07/06 22:56:56 | 00,061,440 | ---- | M] (Hewlett-Packard Company) -- C:\HP\KBD\KBD.EXE
PRC - [2002/03/16 00:51:02 | 00,028,672 | ---- | M] () -- C:\WINDOWS\System32\S3apphk.exe
PRC - [2006/07/13 00:22:50 | 00,057,344 | ---- | M] (Lexmark International, Inc.) -- C:\Program Files\Lexmark 1200 Series\lxczbmgr.exe
PRC - [2006/07/13 00:33:14 | 00,053,248 | ---- | M] (Lexmark International, Inc.) -- C:\Program Files\Lexmark 1200 Series\lxczbmon.exe
PRC - [2009/06/01 11:41:11 | 00,341,312 | ---- | M] (BillP Studios) -- C:\Program Files\Win-Patrol\WinPatrol\winpatrol.exe
PRC - [2009/03/08 14:09:26 | 00,638,816 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Internet Explorer\iexplore.exe
PRC - [2009/03/08 14:09:26 | 00,638,816 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Internet Explorer\iexplore.exe
PRC - [2009/09/18 21:42:58 | 00,514,560 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Owner\Desktop\OTL.exe

========== Win32 Services (SafeList) ==========

SRV - [2009/08/07 12:43:04 | 00,045,816 | ---- | M] (NOS Microsystems Ltd.) -- C:\Program Files\NOS\bin\getPlus_Helper.dll -- (getPlusHelper [Disabled | Stopped])
SRV - [2008/11/20 14:18:52 | 00,136,120 | ---- | M] (Google) -- C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe -- (gusvc [Disabled | Stopped])
SRV - [2008/04/13 19:12:02 | 00,038,400 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\PCHealth\HelpCtr\Binaries\pchsvc.dll -- (helpsvc [Auto | Running])
SRV - [2006/04/17 12:42:14 | 00,311,296 | ---- | M] (Lexmark International, Inc.) -- C:\WINDOWS\System32\LEXBCES.EXE -- (LexBceS [Auto | Running])
SRV - [2002/03/09 18:53:00 | 00,061,440 | ---- | M] (NVIDIA Corporation) -- C:\WINDOWS\System32\nvsvc32.exe -- (NVSvc [On_Demand | Stopped])
SRV - [2003/07/28 11:28:22 | 00,089,136 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE -- (ose [On_Demand | Stopped])
SRV - [2009/01/07 18:21:00 | 00,026,144 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\spupdsvc.exe -- (spupdsvc [On_Demand | Stopped])
SRV - [2004/09/22 18:46:10 | 00,038,912 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\wdfmgr.exe -- (UMWdf [Disabled | Stopped])

========== Driver Services (SafeList) ==========

DRV - [2001/08/17 14:12:10 | 00,117,760 | ---- | M] (Intel Corporation) -- C:\WINDOWS\System32\DRIVERS\e100b325.sys -- (E100B [On_Demand | Stopped])
DRV - [2008/04/13 13:45:29 | 00,010,624 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\DRIVERS\gameenum.sys -- (gameenum [On_Demand | Running])
DRV - [2001/08/08 15:13:36 | 00,158,140 | ---- | M] (Intel® Corporation) -- C:\WINDOWS\System32\DRIVERS\i81xnt5.sys -- (i81x [On_Demand | Running])
DRV - [2001/08/08 15:13:30 | 00,012,479 | ---- | M] (Intel® Corporation) -- C:\WINDOWS\System32\DRIVERS\wADV01nt.sys -- (iAimFP0 [On_Demand | Stopped])
DRV - [2001/08/08 15:13:30 | 00,012,031 | ---- | M] (Intel® Corporation) -- C:\WINDOWS\System32\DRIVERS\wADV02NT.sys -- (iAimFP1 [On_Demand | Stopped])
DRV - [2001/08/08 15:13:30 | 00,011,679 | ---- | M] (Intel® Corporation) -- C:\WINDOWS\System32\DRIVERS\wADV05NT.sys -- (iAimFP2 [On_Demand | Stopped])
DRV - [2001/08/08 15:13:28 | 00,011,999 | ---- | M] (Intel® Corporation) -- C:\WINDOWS\System32\DRIVERS\wSiINTxx.sys -- (iAimFP3 [On_Demand | Stopped])
DRV - [2001/08/08 15:13:28 | 00,019,359 | ---- | M] (Intel® Corporation) -- C:\WINDOWS\System32\DRIVERS\wVchNTxx.sys -- (iAimFP4 [On_Demand | Stopped])
DRV - [2001/08/08 15:13:24 | 00,029,215 | ---- | M] (Intel® Corporation) -- C:\WINDOWS\System32\DRIVERS\wATV01nt.sys -- (iAimTV0 [On_Demand | Stopped])
DRV - [2001/08/08 15:13:24 | 00,019,199 | ---- | M] (Intel® Corporation) -- C:\WINDOWS\System32\DRIVERS\wATV02NT.sys -- (iAimTV1 [On_Demand | Stopped])
DRV - [2001/08/08 15:13:26 | 00,033,503 | ---- | M] (Intel® Corporation) -- C:\WINDOWS\System32\DRIVERS\wATV04nt.sys -- (iAimTV3 [On_Demand | Stopped])
DRV - [2001/08/08 15:13:24 | 00,023,519 | ---- | M] (Intel® Corporation) -- C:\WINDOWS\System32\DRIVERS\wCh7xxNT.sys -- (iAimTV4 [On_Demand | Stopped])
DRV - [2002/03/27 17:16:08 | 00,077,181 | ---- | M] (Intel Corporation) -- C:\WINDOWS\System32\DRIVERS\ialmnt5.sys -- (ialm [On_Demand | Stopped])
DRV - [2003/03/31 15:29:00 | 00,625,537 | ---- | M] (LT) -- C:\WINDOWS\System32\DRIVERS\ltmdmnt.sys -- (ltmodem5 [On_Demand | Running])
DRV - [2001/08/17 23:00:04 | 00,002,944 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\msmpu401.sys -- (ms_mpu401 [On_Demand | Running])
DRV - [2002/03/09 18:53:00 | 00,909,501 | ---- | M] (NVIDIA Corporation) -- C:\WINDOWS\System32\DRIVERS\nv4_mini.sys -- (nv [On_Demand | Stopped])
DRV - [2001/08/17 14:50:26 | 00,731,648 | ---- | M] (NVIDIA Corporation) -- C:\WINDOWS\System32\DRIVERS\nv4.sys -- (nv4 [On_Demand | Stopped])
DRV - [2001/12/07 23:26:00 | 00,013,502 | ---- | M] (NVIDIA Corporation) -- C:\WINDOWS\System32\DRIVERS\nv_agp.sys -- (nv_agp [Boot | Running])
DRV - [2000/03/23 06:42:24 | 00,044,192 | ---- | M] (PC-Doctor Inc.) -- C:\WINDOWS\System32\drivers\PcdrNt.sys -- (PcdrNt [On_Demand | Stopped])
DRV - [2002/03/26 20:20:22 | 00,013,780 | ---- | M] (Padus, Inc.) -- C:\WINDOWS\System32\drivers\pfc.sys -- (pfc [On_Demand | Running])
DRV - [2001/06/04 15:00:00 | 00,014,112 | ---- | M] (Hewlett-Packard Company) -- C:\WINDOWS\System32\DRIVERS\PS2.sys -- (Ps2 [On_Demand | Running])
DRV - [2001/08/18 07:00:00 | 00,017,792 | ---- | M] (Parallel Technologies, Inc.) -- C:\WINDOWS\System32\DRIVERS\ptilink.sys -- (Ptilink [On_Demand | Running])
DRV - [2008/11/20 14:19:06 | 00,043,872 | ---- | M] (Sonic Solutions) -- C:\WINDOWS\System32\Drivers\PxHelp20.sys -- (PxHelp20 [Boot | Running])
DRV - [2004/08/04 00:31:32 | 00,020,992 | ---- | M] (Realtek Semiconductor Corporation) -- C:\WINDOWS\System32\DRIVERS\RTL8139.SYS -- (rtl8139 [On_Demand | Running])
DRV - [2009/08/05 16:06:28 | 00,009,968 | ---- | M] (SUPERAdBlocker.com and SUPERAntiSpyware.com) -- C:\Program Files\SUPERAntiSpyware\SASDIFSV.SYS -- (SASDIFSV [System | Running])
DRV - [2009/08/05 16:06:30 | 00,007,408 | R--- | M] ( SUPERAdBlocker.com and SUPERAntiSpyware.com) -- C:\Program Files\SUPERAntiSpyware\SASENUM.SYS -- (SASENUM [On_Demand | Stopped])
DRV - [2009/08/05 16:06:28 | 00,074,480 | ---- | M] (SUPERAdBlocker.com and SUPERAntiSpyware.com) -- C:\Program Files\SUPERAntiSpyware\SASKUTIL.sys -- (SASKUTIL [System | Running])
DRV - [2008/04/13 11:39:15 | 00,020,480 | ---- | M] (Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K.) -- C:\WINDOWS\System32\DRIVERS\secdrv.sys -- (Secdrv [On_Demand | Stopped])
DRV - [2002/03/19 04:18:26 | 00,187,520 | ---- | M] (Silicon Integrated Systems Corporation) -- C:\WINDOWS\System32\DRIVERS\sisgrp.sys -- (SiS315 [On_Demand | Stopped])
DRV - [2001/12/27 05:52:58 | 00,027,136 | ---- | M] (Silicon Integrated Systems Corporation) -- C:\WINDOWS\System32\DRIVERS\SISAGP.sys -- (SISAGP [Boot | Running])
DRV - [2001/11/29 13:54:08 | 00,411,368 | ---- | M] (Analog Devices, Inc.) -- C:\WINDOWS\System32\drivers\smwdm.sys -- (smwdm [On_Demand | Running])
DRV - [2006/08/06 23:16:00 | 00,076,560 | ---- | M] (Trend Micro Inc.) -- C:\WINDOWS\System32\drivers\tmcomm.sys -- (tmcomm [Disabled | Stopped])
DRV - [2002/03/21 00:35:56 | 00,144,860 | ---- | M] (VIA Technologies, Inc.) -- C:\WINDOWS\System32\DRIVERS\trid3dm.sys -- (trid3d [On_Demand | Stopped])
DRV - [2002/03/27 17:17:10 | 00,087,648 | ---- | M] (Intel Corporation) -- C:\WINDOWS\System32\drivers\ialmsbw.sys -- ({6080A529-897E-4629-A488-ABA0C29B635E} [On_Demand | Stopped])
DRV - [2002/03/27 17:17:20 | 00,069,472 | ---- | M] (Intel Corporation) -- C:\WINDOWS\System32\drivers\ialmkchw.sys -- ({D31A0762-0CEB-444e-ACFF-B049A1F6FE91} [On_Demand | Stopped])

========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = [binary data]
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Extensions Off Page = about:NoAdd-ons
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\WINDOWS\system32\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Security Risk Page = about:SecurityRisk
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,CustomizeSearch = http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchcust.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchasst.htm


IE - HKU\.DEFAULT\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-18\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-20\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-21-2355909145-1709136994-1300003180-1003\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\WINDOWS\system32\blank.htm
IE - HKU\S-1-5-21-2355909145-1709136994-1300003180-1003\SOFTWARE\Microsoft\Internet Explorer\Main,Page_Transitions = 1
IE - HKU\S-1-5-21-2355909145-1709136994-1300003180-1003\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = www.google.com
IE - HKU\S-1-5-21-2355909145-1709136994-1300003180-1003\SOFTWARE\Microsoft\Internet Explorer\Main,SearchMigratedDefaultName = Google
IE - HKU\S-1-5-21-2355909145-1709136994-1300003180-1003\SOFTWARE\Microsoft\Internet Explorer\Main,SearchMigratedDefaultURL = http://www.google.com/search?q={searchTerm...tf8&oe=utf8
IE - HKU\S-1-5-21-2355909145-1709136994-1300003180-1003\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = about:blank
IE - HKU\S-1-5-21-2355909145-1709136994-1300003180-1003\S-1-5-21-2355909145-1709136994-1300003180-1003\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-2355909145-1709136994-1300003180-1003\S-1-5-21-2355909145-1709136994-1300003180-1003\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = 127.0.0.1



O1 HOSTS File: (618526 bytes) - C:\WINDOWS\System32\drivers\etc\Hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: 127.0.0.1 ad.a8.net
O1 - Hosts: 127.0.0.1 asy.a8ww.net
O1 - Hosts: 127.0.0.1 acezip.net #[SiteAdvisor.acezip.net]
O1 - Hosts: 127.0.0.1 www.acezip.net #[Win32/Adware.180Solutions]
O1 - Hosts: 127.0.0.1 phpadsnew.abac.com
O1 - Hosts: 127.0.0.1 a.abnad.net
O1 - Hosts: 127.0.0.1 b.abnad.net
O1 - Hosts: 127.0.0.1 c.abnad.net #[eTrust.Tracking.Cookie]
O1 - Hosts: 127.0.0.1 d.abnad.net
O1 - Hosts: 127.0.0.1 e.abnad.net
O1 - Hosts: 127.0.0.1 t.abnad.net
O1 - Hosts: 127.0.0.1 z.abnad.net
O1 - Hosts: 127.0.0.1 banners.absolpublisher.com
O1 - Hosts: 127.0.0.1 tracking.absolstats.com
O1 - Hosts: 127.0.0.1 adv.abv.bg
O1 - Hosts: 127.0.0.1 bimg.abv.bg
O1 - Hosts: 127.0.0.1 www2.a-counter.kiev.ua
O1 - Hosts: 127.0.0.1 track.acclaimnetwork.com
O1 - Hosts: 127.0.0.1 accuserveadsystem.com
O1 - Hosts: 127.0.0.1 www.accuserveadsystem.com
O1 - Hosts: 127.0.0.1 gtb5.acecounter.com
O1 - Hosts: 127.0.0.1 gtb19.acecounter.com
O1 - Hosts: 127.0.0.1 gtcc1.acecounter.com
O1 - Hosts: 127.0.0.1 gtp1.acecounter.com #[eTrust.Tracking.Cookie]
O1 - Hosts: 16469 more lines...
O3 - HKU\S-1-5-21-2355909145-1709136994-1300003180-1003\..\Toolbar\ShellBrowser: (&hp toolkit) - {B2847E28-5D7D-4DEB-8B67-05D28BCF79F5} - C:\HP\EXPLOREBAR\HPTOOLKT.DLL (Hewlett-Packard Company)
O3 - HKU\S-1-5-21-2355909145-1709136994-1300003180-1003\..\Toolbar\WebBrowser: (&hp toolkit) - {B2847E28-5D7D-4DEB-8B67-05D28BCF79F5} - C:\HP\EXPLOREBAR\HPTOOLKT.DLL (Hewlett-Packard Company)
O4 - HKLM..\Run: [hpsysdrv] c:\windows\system\hpsysdrv.exe (Hewlett-Packard Company)
O4 - HKLM..\Run: [KBD] C:\HP\KBD\KBD.EXE (Hewlett-Packard Company)
O4 - HKLM..\Run: [Lexmark 1200 Series] C:\Program Files\Lexmark 1200 Series\lxczbmgr.exe (Lexmark International, Inc.)
O4 - HKLM..\Run: [Malwarebytes Anti-Malware (reboot)] C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe (Malwarebytes Corporation)
O4 - HKLM..\Run: [PS2] C:\WINDOWS\System32\ps2.exe (Hewlett-Packard Company)
O4 - HKLM..\Run: [Recguard] C:\WINDOWS\SMINST\RECGUARD.EXE ()
O4 - HKLM..\Run: [S3apphk] C:\WINDOWS\System32\S3apphk.exe ()
O4 - HKLM..\Run: [WinPatrol] C:\Program Files\Win-Patrol\WinPatrol\winpatrol.exe (BillP Studios)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: dontdisplaylastusername = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticecaption =
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticetext =
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: shutdownwithoutlogon = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: undockwithoutlogon = 1
O7 - HKU\.DEFAULT\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\.DEFAULT\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-18\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-18\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-20\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-20\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-20_Classes\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-20_Classes\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O7 - HKU\S-1-5-21-2355909145-1709136994-1300003180-1003\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-21-2355909145-1709136994-1300003180-1003\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O7 - HKU\S-1-5-21-2355909145-1709136994-1300003180-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-21-2355909145-1709136994-1300003180-1003_Classes\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-21-2355909145-1709136994-1300003180-1003_Classes\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O8 - Extra context menu item: Add to Google Photos Screensa&ver - C:\WINDOWS\System32\GPhotos.scr (Google Inc.)
O9 - Extra 'Tools' menuitem : @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000004 - C:\WINDOWS\System32\rsvpsp.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000005 - C:\WINDOWS\System32\rsvpsp.dll (Microsoft Corporation)
O15 - HKLM\..Trusted Domains: 215 domain(s) and sub-domain(s) not assigned to a zone.
O15 - HKU\.DEFAULT\..Trusted Domains: 81 domain(s) and sub-domain(s) not assigned to a zone.
O15 - HKU\S-1-5-18\..Trusted Domains: 81 domain(s) and sub-domain(s) not assigned to a zone.
O15 - HKU\S-1-5-21-2355909145-1709136994-1300003180-1003\..Trusted Domains: ([]msn in My Computer)
O15 - HKU\S-1-5-21-2355909145-1709136994-1300003180-1003\..Trusted Domains: facebook.com ([login] https in Trusted sites)
O15 - HKU\S-1-5-21-2355909145-1709136994-1300003180-1003\..Trusted Domains: facebook.com ([www] https in Trusted sites)
O15 - HKU\S-1-5-21-2355909145-1709136994-1300003180-1003\..Trusted Domains: microsoft.com ([*.update] http in Trusted sites)
O15 - HKU\S-1-5-21-2355909145-1709136994-1300003180-1003\..Trusted Domains: microsoft.com ([*.update] https in Trusted sites)
O15 - HKU\S-1-5-21-2355909145-1709136994-1300003180-1003\..Trusted Domains: microsoft.com ([www.update] http in Trusted sites)
O15 - HKU\S-1-5-21-2355909145-1709136994-1300003180-1003\..Trusted Domains: mycoupons.com ([]http in Trusted sites)
O15 - HKU\S-1-5-21-2355909145-1709136994-1300003180-1003\..Trusted Domains: mycoupons.com ([www] https in Trusted sites)
O15 - HKU\S-1-5-21-2355909145-1709136994-1300003180-1003\..Trusted Domains: mypoints.com ([]http in Trusted sites)
O15 - HKU\S-1-5-21-2355909145-1709136994-1300003180-1003\..Trusted Domains: mypoints.com ([www] https in Trusted sites)
O15 - HKU\S-1-5-21-2355909145-1709136994-1300003180-1003\..Trusted Domains: windowsupdate.com ([download] http in Trusted sites)
O15 - HKU\S-1-5-21-2355909145-1709136994-1300003180-1003\..Trusted Domains: 83 domain(s) and sub-domain(s) not assigned to a zone.
O16 - DPF: {166B1BCA-3F9C-11CF-8075-444553540000} http://download.macromedia.com/pub/shockwa...director/sw.cab (Shockwave ActiveX Control)
O16 - DPF: {3E68E405-C6DE-49FF-83AE-41EE9F4C36CE} Reg Error: Value error. (Reg Error: Key error.)
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} http://update.microsoft.com/microsoftupdat...b?1239078844765 (WUWebControl Class)
O16 - DPF: {8100D56A-5661-482C-BEE8-AFECE305D968} http://upload.facebook.com/controls/2009.0...oUploader55.cab (Facebook Photo Uploader 5 Control)
O16 - DPF: {9732FB42-C321-11D1-836F-00A0C993F125} http://www.pcpitstop.com/mhLbl.cab (mhLabel Class)
O16 - DPF: {9F1C11AA-197B-4942-BA54-47A8489BB47F} Reg Error: Value error. (Reg Error: Key error.)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload.macromedia.com/get/flash...ent/swflash.cab (Shockwave Flash Object)
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab (get_atlcom Class)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.0.1 192.168.0.1
O18 - Protocol\Handler\http\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\http\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\https\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\https\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\ipp - No CLSID value found
O18 - Protocol\Handler\ipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp - No CLSID value found
O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\msdaipp.dll (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\Explorer.exe (Microsoft Corporation)
O20 - Winlogon\Notify\igfxcui: DllName - igfxsrvc.dll - C:\WINDOWS\System32\igfxsrvc.dll (Intel Corporation)
O24 - Desktop Components:0 (My Current Home Page) - About:Home
O28 - HKLM ShellExecuteHooks: {5AE067D3-9AFB-48E0-853A-EBB7F4A000DA} - C:\Program Files\SUPERAntiSpyware\SASSEH.DLL (SuperAdBlocker.com)
O31 - SafeBoot: AlternateShell - cmd.exe
O32 - HKLM CDRom: AutoRun - 0
O32 - AutoRun File - [2002/08/18 02:44:09 | 00,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O32 - AutoRun File - [2002/08/01 23:06:52 | 00,000,000 | ---- | M] () - C:\AUTOEXEC.CAM -- [ NTFS ]
O32 - AutoRun File - [2001/07/28 07:07:38 | 00,000,000 | ---- | M] () - D:\AUTOEXEC.BAT -- [ FAT32 ]
O34 - HKLM BootExecute: (autocheck) - File not found
O34 - HKLM BootExecute: (autochk) - C:\WINDOWS\System32\autochk.exe (Microsoft Corporation)
O34 - HKLM BootExecute: (*) - File not found

========== Files/Folders - Created Within 30 Days ==========

[2009/09/21 05:44:26 | 00,000,000 | ---D | C] -- C:\_OTL
[2009/09/21 05:21:49 | 00,159,030 | ---- | C] () -- C:\Documents and Settings\Owner\Desktop\J&me1_______________hair_last.jpg
[2009/09/21 04:07:29 | 00,155,673 | ---- | C] () -- C:\Documents and Settings\Owner\Desktop\J&me1______________1_hair.JPG
[2009/09/21 03:32:37 | 00,000,000 | ---- | C] () -- C:\Documents and Settings\Owner\Desktop\J&me1______________1.jpg
[2009/09/21 03:29:24 | 00,158,199 | ---- | C] () -- C:\Documents and Settings\Owner\Desktop\J&me1_______________.jpg
[2009/09/21 02:06:27 | 00,104,321 | ---- | C] () -- C:\Documents and Settings\Owner\Desktop\J&Me_enhanced1.jpg
[2009/09/20 16:43:29 | 26,739,584 | ---- | C] ( ) -- C:\Documents and Settings\Owner\Desktop\AdbeRdr910_en_US.exe
[2009/09/18 22:34:01 | 00,044,582 | ---- | C] () -- C:\Documents and Settings\Owner\Desktop\Z_2.jpg
[2009/09/18 22:29:14 | 00,054,085 | ---- | C] () -- C:\Documents and Settings\Owner\Desktop\Z_.jpg
[2009/09/18 21:42:56 | 00,514,560 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\Owner\Desktop\OTL.exe
[2009/09/18 21:29:54 | 00,001,409 | ---- | C] () -- C:\WINDOWS\QTFont.for
[2009/09/18 21:29:53 | 00,054,156 | -H-- | C] () -- C:\WINDOWS\QTFont.qfn
[2009/09/18 01:54:19 | 00,000,000 | ---D | C] -- C:\rsit
[2009/09/18 01:52:32 | 00,781,909 | ---- | C] () -- C:\Documents and Settings\Owner\Desktop\RSIT.exe
[2009/09/17 23:19:53 | 00,000,707 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Malwarebytes' Anti-Malware.lnk
[2009/09/17 23:19:46 | 00,038,224 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbamswissarmy.sys
[2009/09/17 23:19:42 | 00,019,160 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbam.sys
[2009/09/17 23:19:40 | 00,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware
[2009/09/17 23:17:48 | 04,045,528 | ---- | C] (Malwarebytes Corporation ) -- C:\Documents and Settings\Owner\Desktop\mbam-setup.exe
[2009/09/17 14:28:46 | 00,009,233 | ---- | C] () -- C:\Documents and Settings\Owner\Desktop\UdidIt_Congrats.jpg
[2009/09/17 14:19:41 | 00,010,180 | ---- | C] () -- C:\Documents and Settings\Owner\Desktop\Congrats_Udid It.jpg
[2009/09/17 14:12:34 | 00,013,500 | ---- | C] () -- C:\Documents and Settings\Owner\Desktop\Congrats_loseGainLose wt.jpg
[2009/09/17 13:52:34 | 00,029,440 | ---- | C] () -- C:\Documents and Settings\Owner\Desktop\congratulations_myspace_graphics_02.jpg
[2009/09/17 13:36:57 | 00,174,313 | ---- | C] () -- C:\Documents and Settings\Owner\Desktop\dancing cat.gif
[2009/09/17 13:32:05 | 00,019,971 | ---- | C] () -- C:\Documents and Settings\Owner\Desktop\congratulations_myspace_graphics_02.gif
[2009/09/17 05:56:33 | 00,001,079 | ---- | C] () -- C:\Documents and Settings\Owner\Desktop\Shortcut to 1942._3D.jpg.lnk
[2009/09/16 23:39:51 | 00,011,074 | ---- | C] () -- C:\Documents and Settings\Owner\Desktop\Congratulations new hire.docx
[2009/09/16 23:16:51 | 00,096,806 | ---- | C] () -- C:\Documents and Settings\Owner\Desktop\FFA2B686-0F5F-48D2-8F2B-0B3A50D36D11.jpg
[2009/09/16 23:08:17 | 00,070,709 | ---- | C] () -- C:\Documents and Settings\Owner\Desktop\Party8_.jpg
[2009/09/16 05:22:06 | 00,028,730 | ---- | C] () -- C:\Documents and Settings\Owner\Desktop\53000,1171143160,2_.gif
[2009/09/16 04:30:04 | 00,001,264 | ---- | C] () -- C:\Documents and Settings\Owner\Desktop\1228417399516089769j4p4n_cool_frame_-_1859_svg_med.gif
[2009/09/16 00:44:40 | 00,001,277 | ---- | C] () -- C:\Documents and Settings\Owner\Desktop\Attach.zip
[2009/09/16 00:26:14 | 00,359,932 | ---- | C] () -- C:\Documents and Settings\Owner\Desktop\dds.scr
[2009/09/14 04:06:57 | 00,026,032 | ---- | C] () -- C:\Documents and Settings\Owner\Desktop\BobTZ&me.jpg
[2009/09/14 03:46:03 | 00,032,758 | ---- | C] () -- C:\Documents and Settings\Owner\Desktop\Lilly_1a.bmp
[2009/09/14 03:45:30 | 00,032,278 | ---- | C] () -- C:\Documents and Settings\Owner\Desktop\Lilly_1.bmp
[2009/09/14 03:43:26 | 00,345,666 | ---- | C] () -- C:\Documents and Settings\Owner\Desktop\BobME &TZ.bmp
[2009/09/10 17:25:50 | 00,000,646 | ---- | C] () -- C:\Documents and Settings\Owner\Desktop\Shortcut to Collages (2).lnk
[2009/09/10 17:13:25 | 00,061,283 | ---- | C] () -- C:\Documents and Settings\Owner\Desktop\J&me4_editied.jpg
[2009/09/10 06:22:56 | 00,018,134 | ---- | C] () -- C:\Documents and Settings\Owner\Desktop\BirdcageSilhouhette_2.gif
[2009/09/09 18:43:28 | 00,208,896 | ---- | C] () -- C:\Documents and Settings\Owner\Desktop\Fall 2009 Scheduling Form (2)_.xls
[2009/09/09 02:22:20 | 00,000,907 | ---- | C] () -- C:\Documents and Settings\Owner\Desktop\Shortcut to Collages.jpg.lnk
[2009/09/08 23:47:08 | 08,036,352 | ---- | C] (Irfan Skiljan) -- C:\Documents and Settings\Owner\Desktop\irfanview_plugins_425_setup.exe
[2009/09/08 23:41:17 | 00,001,576 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\IrfanView Thumbnails.lnk
[2009/09/08 23:41:16 | 00,000,696 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\IrfanView.lnk
[2009/09/08 23:41:14 | 00,000,000 | ---D | C] -- C:\Program Files\IrfanView
[2009/09/08 23:23:02 | 01,359,360 | ---- | C] (Irfan Skiljan) -- C:\Documents and Settings\Owner\Desktop\iview425_setup.exe
[2009/09/08 20:51:19 | 00,064,265 | ---- | C] () -- C:\Documents and Settings\Owner\Desktop\FACEBOOK_K&me&A.Margie.jpg
[2009/09/08 20:50:25 | 00,070,895 | ---- | C] () -- C:\Documents and Settings\Owner\Desktop\FACEBOOK_alex.jpg
[2009/09/08 20:49:42 | 00,045,646 | ---- | C] () -- C:\Documents and Settings\Owner\Desktop\FACEBOOK_ K&Me.jpg
[2009/09/08 18:18:24 | 00,008,687 | ---- | C] () -- C:\Documents and Settings\Owner\Desktop\craftyBiochPnkFLAIR.jpg
[2009/09/08 18:17:19 | 00,008,880 | ---- | C] () -- C:\Documents and Settings\Owner\Desktop\UcraftyBiochFLAIR.jpg
[2009/09/08 18:16:28 | 00,007,116 | ---- | C] () -- C:\Documents and Settings\Owner\Desktop\craftyBiochFLAIR.jpg
[2009/09/08 18:15:15 | 00,005,547 | ---- | C] () -- C:\Documents and Settings\Owner\Desktop\CraftHoFLAIR.jpg
[2009/09/08 18:14:24 | 00,008,419 | ---- | C] () -- C:\Documents and Settings\Owner\Desktop\CraftW_attitudeFLAIR.jpg
[2009/09/08 18:13:07 | 00,007,105 | ---- | C] () -- C:\Documents and Settings\Owner\Desktop\SoManyIdeasFLAIR.jpg
[2009/09/08 18:11:23 | 00,007,948 | ---- | C] () -- C:\Documents and Settings\Owner\Desktop\the tudors flair.jpg
[2009/09/08 18:00:06 | 00,006,808 | ---- | C] () -- C:\Documents and Settings\Owner\Desktop\TrueThatFlair_1.jpg
[2009/09/08 17:45:56 | 00,055,813 | ---- | C] () -- C:\Documents and Settings\Owner\Desktop\TrueThatFLAIR2.jpg
[2009/09/08 16:44:27 | 00,020,217 | ---- | C] () -- C:\Documents and Settings\Owner\Desktop\AllIwntIs Jucy.jpg
[2009/09/08 16:41:13 | 00,041,855 | ---- | C] () -- C:\Documents and Settings\Owner\Desktop\multiBkgrnd6.jpg
[2009/09/08 16:40:48 | 00,031,531 | ---- | C] () -- C:\Documents and Settings\Owner\Desktop\multiBkgrnd5.jpg
[2009/09/08 16:40:29 | 00,030,901 | ---- | C] () -- C:\Documents and Settings\Owner\Desktop\multiRoseBkgrnd.jpg
[2009/09/08 16:38:59 | 00,041,093 | ---- | C] () -- C:\Documents and Settings\Owner\Desktop\antiqBkgrnd4.jpg
[2009/09/08 16:37:36 | 00,044,228 | ---- | C] () -- C:\Documents and Settings\Owner\Desktop\wildColorBkgrnd.jpg
[2009/09/08 16:37:17 | 00,031,503 | ---- | C] () -- C:\Documents and Settings\Owner\Desktop\butrflyBkgrnd.jpg
[2009/09/08 16:35:38 | 00,023,328 | ---- | C] () -- C:\Documents and Settings\Owner\Desktop\pastelMultiBkgrnd.jpg
[2009/09/08 16:34:46 | 00,039,300 | ---- | C] () -- C:\Documents and Settings\Owner\Desktop\multiFlwrBkgrnd.jpg
[2009/09/08 16:34:16 | 00,024,197 | ---- | C] () -- C:\Documents and Settings\Owner\Desktop\plum&multiBkgrnd.jpg
[2009/09/08 16:32:04 | 00,031,503 | ---- | C] () -- C:\Documents and Settings\Owner\Desktop\butrfly&flwrBkgrnd.jpg
[2009/09/08 16:31:27 | 00,035,525 | ---- | C] () -- C:\Documents and Settings\Owner\Desktop\grey&multiBkrnd.jpg
[2009/09/08 16:29:33 | 00,041,999 | ---- | C] () -- C:\Documents and Settings\Owner\Desktop\antiqBkgrnd.jpg
[2009/09/08 16:25:27 | 00,032,448 | ---- | C] () -- C:\Documents and Settings\Owner\Desktop\pnk&blkChandelierBKGRND.jpg
[2009/09/08 16:24:24 | 00,026,725 | ---- | C] () -- C:\Documents and Settings\Owner\Desktop\multiColorBkgrnd3.jpg
[2009/09/08 16:23:31 | 00,030,444 | ---- | C] () -- C:\Documents and Settings\Owner\Desktop\pnk&BlkBkgrnd.jpg
[2009/09/08 16:23:04 | 00,043,438 | ---- | C] () -- C:\Documents and Settings\Owner\Desktop\multiColorClocBkgrnd.jpg
[2009/09/08 16:19:41 | 00,017,885 | ---- | C] () -- C:\Documents and Settings\Owner\Desktop\ToilleBirds.jpg
[2009/09/08 16:19:24 | 00,015,956 | ---- | C] () -- C:\Documents and Settings\Owner\Desktop\antiqBird.jpg
[2009/09/08 16:17:07 | 00,018,242 | ---- | C] () -- C:\Documents and Settings\Owner\Desktop\pastlBkgrnd.jpg
[2009/09/08 16:16:09 | 00,034,895 | ---- | C] () -- C:\Documents and Settings\Owner\Desktop\multiColrBkgrnd2.jpg
[2009/09/08 16:15:14 | 00,037,966 | ---- | C] () -- C:\Documents and Settings\Owner\Desktop\multicolorFlowrBkgrnd.jpg
[2009/09/08 16:11:31 | 00,019,614 | ---- | C] () -- C:\Documents and Settings\Owner\Desktop\beigeButrflyBkgrnd.jpg
[2009/09/08 16:09:51 | 00,019,566 | ---- | C] () -- C:\Documents and Settings\Owner\Desktop\bluePatinaBkgrnd.jpg
[2009/09/08 16:07:03 | 00,034,895 | ---- | C] () -- C:\Documents and Settings\Owner\Desktop\multiBkgrnd.jpg
[2009/09/08 16:00:55 | 00,015,232 | ---- | C] () -- C:\Documents and Settings\Owner\Desktop\butterflyWallpaper.jpg
[2009/09/08 16:00:18 | 00,072,644 | ---- | C] () -- C:\Documents and Settings\Owner\Desktop\multiColorFlwr2Bkgrnd.jpg
[2009/09/08 15:58:25 | 00,030,305 | ---- | C] () -- C:\Documents and Settings\Owner\Desktop\vint.FlrwBlueBkgrnd.jpg
[2009/09/08 15:56:19 | 00,004,154 | ---- | C] () -- C:\Documents and Settings\Owner\Desktop\butterfly.jpg
[2009/09/08 15:53:33 | 00,003,650 | ---- | C] () -- C:\Documents and Settings\Owner\Desktop\birdcage.jpg
[2009/09/08 15:52:03 | 00,027,051 | ---- | C] () -- C:\Documents and Settings\Owner\Desktop\vintageFlowrCorner.jpg
[2009/09/08 15:50:51 | 00,015,146 | ---- | C] () -- C:\Documents and Settings\Owner\Desktop\blkWhimiscBkgrnd.jpg
[2009/09/08 15:49:06 | 00,041,093 | ---- | C] () -- C:\Documents and Settings\Owner\Desktop\antiqueFloralBkgrnd_.jpg
[2009/09/08 15:46:29 | 00,039,498 | ---- | C] () -- C:\Documents and Settings\Owner\Desktop\crackleDirtBkgrnd.jpg
[2009/09/08 15:46:10 | 00,031,445 | ---- | C] () -- C:\Documents and Settings\Owner\Desktop\MultiColorFloralBkgrnd.jpg
[2009/09/08 15:44:44 | 00,037,613 | ---- | C] () -- C:\Documents and Settings\Owner\Desktop\pinkFloralbkgrnd.jpg
[2009/09/08 15:44:19 | 00,046,003 | ---- | C] () -- C:\Documents and Settings\Owner\Desktop\pinkOrnge&whteBkgrnd.jpg
[2009/09/08 15:34:29 | 00,015,716 | ---- | C] () -- C:\Documents and Settings\Owner\Desktop\craftyMenRhot.jpg
[2009/09/07 20:23:24 | 00,072,192 | ---- | C] () -- C:\Documents and Settings\Owner\My Documents\Acupressure Info_.wps
[2009/09/07 16:51:28 | 00,071,246 | ---- | C] () -- C:\Documents and Settings\Owner\Desktop\chandelier7_.jpg
[2009/09/07 03:49:03 | 00,064,765 | ---- | C] () -- C:\Documents and Settings\Owner\Desktop\Paris SkyLine.jpg
[2009/09/07 03:46:44 | 00,012,904 | ---- | C] () -- C:\Documents and Settings\Owner\Desktop\Bkgrnd_pale blue2.jpg
[2009/09/07 03:46:17 | 00,000,360 | ---- | C] () -- C:\Documents and Settings\Owner\Desktop\Bkgrnd_pale blue.jpg
[2009/09/07 03:41:25 | 00,077,903 | ---- | C] () -- C:\Documents and Settings\Owner\Desktop\Bkgrnd_-Off-White.gif
[2009/09/07 03:37:44 | 00,000,043 | ---- | C] () -- C:\Documents and Settings\Owner\Desktop\Paris CityLine.gif
[2009/09/07 02:28:44 | 00,636,699 | ---- | C] () -- C:\Documents and Settings\Owner\Desktop\Printable Victorian Blk&Whte Objects.jpg
[2009/09/07 02:26:15 | 00,027,572 | ---- | C] () -- C:\Documents and Settings\Owner\Desktop\paisley clipart.gif
[2009/09/07 02:23:58 | 00,009,517 | ---- | C] () -- C:\Documents and Settings\Owner\Desktop\flower clipart.jpg
[2009/09/07 01:11:51 | 00,119,471 | ---- | C] () -- C:\Documents and Settings\Owner\Desktop\Copy of chandelier_Page2.jpg
[2009/09/07 01:11:51 | 00,054,298 | ---- | C] () -- C:\Documents and Settings\Owner\Desktop\Copy of Charm6.jpg
[2009/09/07 01:11:51 | 00,048,122 | ---- | C] () -- C:\Documents and Settings\Owner\Desktop\Copy of Charm4.jpg
[2009/09/07 01:08:58 | 00,086,828 | ---- | C] () -- C:\Documents and Settings\Owner\Desktop\Copy of chandelier40.jpg
[2009/09/07 01:08:58 | 00,044,352 | ---- | C] () -- C:\Documents and Settings\Owner\Desktop\Copy of chandelier38.jpg
[2009/09/07 01:08:58 | 00,042,729 | ---- | C] () -- C:\Documents and Settings\Owner\Desktop\Copy of chandelier37.jpg
[2009/09/07 01:08:58 | 00,031,961 | ---- | C] () -- C:\Documents and Settings\Owner\Desktop\Copy of chandelier39.jpg
[2009/09/06 23:25:21 | 00,001,961 | ---- | C] () -- C:\Documents and Settings\Owner\Desktop\chandelier_starburst1_square.jpg
[2009/09/06 23:21:12 | 00,001,233 | ---- | C] () -- C:\Documents and Settings\Owner\Desktop\chandelier_swirl5.jpg
[2009/09/06 23:08:51 | 00,001,180 | ---- | C] () -- C:\Documents and Settings\Owner\Desktop\chandelier_starburst4.jpg
[2009/09/06 23:08:06 | 00,003,301 | ---- | C] () -- C:\Documents and Settings\Owner\Desktop\chandelier_starburst2.jpg
[2009/09/06 23:07:01 | 00,002,790 | ---- | C] () -- C:\Documents and Settings\Owner\Desktop\chandelier_starburst1.jpg
[2009/09/06 22:51:57 | 00,006,190 | ---- | C] () -- C:\Documents and Settings\Owner\Desktop\chandelier_swirl4.jpg
[2009/09/06 22:51:51 | 00,008,252 | ---- | C] () -- C:\Documents and Settings\Owner\Desktop\chandelier_swirl3.jpg
[2009/09/06 22:51:39 | 00,008,310 | ---- | C] () -- C:\Documents and Settings\Owner\Desktop\chandelier_swirl2.jpg
[2009/09/06 22:46:47 | 00,003,134 | ---- | C] () -- C:\Documents and Settings\Owner\Desktop\Chandelier_swirl.jpg
[2009/09/06 20:38:42 | 00,095,447 | ---- | C] () -- C:\Documents and Settings\Owner\Desktop\aGeoPattern3.png
[2009/09/06 20:38:13 | 00,077,359 | ---- | C] () -- C:\Documents and Settings\Owner\Desktop\aGeoPattern2.png
[2009/09/06 20:37:43 | 00,077,359 | ---- | C] () -- C:\Documents and Settings\Owner\Desktop\aGeoPattern1.png
[2009/09/05 20:17:02 | 00,195,814 | ---- | C] () -- C:\Documents and Settings\Owner\My Documents\PETSmart Grooming $10 OFF.jpg
[2009/09/04 23:08:12 | 00,034,615 | ---- | C] () -- C:\Documents and Settings\Owner\Desktop\shapes4.png
[2009/09/04 23:07:45 | 00,034,775 | ---- | C] () -- C:\Documents and Settings\Owner\Desktop\shapes3.png
[2009/09/04 23:07:11 | 00,072,545 | ---- | C] () -- C:\Documents and Settings\Owner\Desktop\shape2_.png
[2009/09/04 23:06:46 | 00,018,749 | ---- | C] () -- C:\Documents and Settings\Owner\Desktop\shape2.png
[2009/09/04 23:04:33 | 00,016,220 | ---- | C] () -- C:\Documents and Settings\Owner\Desktop\shape1.png
[2009/09/04 05:03:21 | 00,000,000 | ---- | C] () -- C:\Documents and Settings\Owner\Desktop\LightShow COLLAGE1.jpg
[2009/09/04 03:12:23 | 00,061,779 | ---- | C] () -- C:\Documents and Settings\Owner\Desktop\FLAIR____.jpg
[2009/09/04 03:07:54 | 00,019,443 | ---- | C] () -- C:\Documents and Settings\Owner\Desktop\Bakgrnd15.jpg
[2009/09/04 02:55:59 | 00,009,726 | ---- | C] () -- C:\Documents and Settings\Owner\Desktop\bakgrnd10.jpg
[2009/09/04 02:46:32 | 00,267,918 | ---- | C] () -- C:\Documents and Settings\Owner\Desktop\RmIdea3.jpg
[2009/09/04 02:43:08 | 00,048,766 | ---- | C] () -- C:\Documents and Settings\Owner\Desktop\bakgrnd8.jpg
[2009/09/04 02:40:06 | 00,037,620 | ---- | C] () -- C:\Documents and Settings\Owner\Desktop\charm9.jpg
[2009/09/04 02:39:44 | 00,044,953 | ---- | C] () -- C:\Documents and Settings\Owner\Desktop\charm8.jpg
[2009/09/04 02:39:26 | 00,045,927 | ---- | C] () -- C:\Documents and Settings\Owner\Desktop\charm7.jpg
[2009/09/04 02:39:14 | 00,054,298 | ---- | C] () -- C:\Documents and Settings\Owner\Desktop\Charm6.jpg
[2009/09/04 02:38:56 | 00,048,122 | ---- | C] () -- C:\Documents and Settings\Owner\Desktop\Charm4.jpg
[2009/09/04 02:38:40 | 00,056,195 | ---- | C] () -- C:\Documents and Settings\Owner\Desktop\KeyCharm.jpg
[2009/09/04 02:37:48 | 00,081,631 | ---- | C] () -- C:\Documents and Settings\Owner\Desktop\L_crown.jpg
[2009/09/04 02:37:14 | 00,044,164 | ---- | C] () -- C:\Documents and Settings\Owner\Desktop\crown2.jpg
[2009/09/04 02:37:04 | 00,052,762 | ---- | C] () -- C:\Documents and Settings\Owner\Desktop\ShadowBox Charm.jpg
[2009/09/04 02:36:25 | 00,044,780 | ---- | C] () -- C:\Documents and Settings\Owner\Desktop\crownCharm.jpg
[2009/09/04 02:36:07 | 00,088,862 | ---- | C] () -- C:\Documents and Settings\Owner\Desktop\JewelryCharms.jpg
[2009/09/04 02:35:41 | 00,088,572 | ---- | C] () -- C:\Documents and Settings\Owner\Desktop\chandelier41.jpg
[2009/09/04 02:35:19 | 00,086,828 | ---- | C] () -- C:\Documents and Settings\Owner\Desktop\chandelier40.jpg
[2009/09/04 02:35:04 | 00,031,961 | ---- | C] () -- C:\Documents and Settings\Owner\Desktop\chandelier39.jpg
[2009/09/04 02:34:36 | 00,044,352 | ---- | C] () -- C:\Documents and Settings\Owner\Desktop\chandelier38.jpg
[2009/09/04 02:34:12 | 00,042,729 | ---- | C] () -- C:\Documents and Settings\Owner\Desktop\chandelier37.jpg
[2009/09/04 02:33:26 | 00,041,409 | ---- | C] () -- C:\Documents and Settings\Owner\Desktop\Bakgrnd6.jpg
[2009/09/04 02:31:23 | 00,189,005 | ---- | C] () -- C:\Documents and Settings\Owner\Desktop\bakgrnd5.jpg
[2009/09/04 02:31:14 | 00,328,660 | ---- | C] () -- C:\Documents and Settings\Owner\Desktop\bakgrnd4.jpg
[2009/09/04 02:30:55 | 00,123,866 | ---- | C] () -- C:\Documents and Settings\Owner\Desktop\bakgrnd3.jpg
[2009/09/04 02:30:29 | 00,119,471 | ---- | C] () -- C:\Documents and Settings\Owner\Desktop\chandelier_Page2.jpg
[2009/09/04 02:30:09 | 00,139,170 | ---- | C] () -- C:\Documents and Settings\Owner\Desktop\Bakgrnd.jpg
[2009/09/04 02:29:41 | 00,209,502 | ---- | C] () -- C:\Documents and Settings\Owner\Desktop\swirlGirlBkground.jpg
[2009/09/04 02:29:21 | 00,082,696 | ---- | C] () -- C:\Documents and Settings\Owner\Desktop\swanBkground.jpg
[2009/09/04 02:27:26 | 00,077,791 | ---- | C] () -- C:\Documents and Settings\Owner\Desktop\chandelier_Page.jpg
[2009/09/04 02:19:22 | 00,014,517 | ---- | C] () -- C:\Documents and Settings\Owner\Desktop\eiffelTower2.jpg
[2009/09/04 02:14:23 | 00,006,304 | ---- | C] () -- C:\Documents and Settings\Owner\Desktop\EiffelTower.jpg
[2009/09/04 02:10:51 | 00,038,108 | ---- | C] () -- C:\Documents and Settings\Owner\Desktop\ShabbyChicLight.jpg
[2009/09/04 02:06:41 | 00,065,094 | ---- | C] () -- C:\Documents and Settings\Owner\Desktop\RmIdea2.jpg
[2009/09/04 02:06:18 | 00,015,539 | ---- | C] () -- C:\Documents and Settings\Owner\Desktop\RmIdea.jpg
[2009/09/04 02:02:44 | 00,014,870 | ---- | C] () -- C:\Documents and Settings\Owner\Desktop\homecollage.jpg
[2009/09/03 21:15:16 | 00,013,520 | ---- | C] () -- C:\Documents and Settings\Owner\Desktop\Red Medalian.jpg
[2009/09/03 04:50:41 | 00,068,108 | -H-- | C] () -- C:\WINDOWS\System32\mlfcache.dat
[2009/09/03 02:44:36 | 00,009,200 | ---- | C] (Sonic Solutions) -- C:\WINDOWS\System32\drivers\cdralw2k.sys
[2009/09/03 02:44:36 | 00,009,072 | ---- | C] (Sonic Solutions) -- C:\WINDOWS\System32\drivers\cdr4_xp.sys
[2009/09/03 02:44:35 | 00,543,216 | ---- | C] (Sonic Solutions) -- C:\WINDOWS\System32\pxdrv.dll
[2009/09/03 02:44:35 | 00,088,560 | ---- | C] (Sonic Solutions) -- C:\WINDOWS\System32\vxblock.dll
[2009/09/03 02:44:35 | 00,072,176 | ---- | C] (Sonic Solutions) -- C:\WINDOWS\System32\pxhpinst.exe
[2009/09/03 02:44:34 | 00,379,376 | ---- | C] (Sonic Solutions) -- C:\WINDOWS\System32\pxwave.dll
[2009/09/03 02:44:34 | 00,186,864 | ---- | C] (Sonic Solutions) -- C:\WINDOWS\System32\pxmas.dll
[2009/09/03 02:44:33 | 00,588,272 | ---- | C] (Sonic Solutions) -- C:\WINDOWS\System32\px.dll
[2009/09/03 02:44:30 | 00,000,770 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Picasa 3.lnk
[2009/09/03 02:42:46 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\IOSUBSYS
[2009/09/03 02:41:48 | 00,000,000 | ---D | C] -- C:\Program Files\Google
[2009/09/03 02:37:42 | 10,053,112 | ---- | C] (Google Inc.) -- C:\Documents and Settings\Owner\Desktop\picasa3-setup.exe
[2009/09/03 01:27:06 | 00,000,000 | ---D | C] -- C:\Program Files\Excel Viewer
[2009/09/03 00:49:30 | 00,208,896 | ---- | C] () -- C:\Documents and Settings\Owner\Desktop\Fall 2009 Scheduling Form (2).xls
[2009/09/02 22:23:05 | 00,513,666 | ---- | C] () -- C:\Documents and Settings\Owner\Desktop\Copy of mini_schnauzer cut idea2.bmp
[2009/09/02 22:23:05 | 00,230,839 | ---- | C] () -- C:\Documents and Settings\Owner\Desktop\Copy of ZonedOut.zip
[2009/09/02 22:23:05 | 00,125,850 | ---- | C] () -- C:\Documents and Settings\Owner\Desktop\Copy of FlightofTheConcords.mp3
[2009/09/02 22:23:05 | 00,071,015 | ---- | C] () -- C:\Documents and Settings\Owner\Desktop\Copy of LZ_license.jpg
[2009/09/02 22:23:05 | 00,069,948 | ---- | C] () -- C:\Documents and Settings\Owner\Desktop\Copy of fotc_boom boom.mp3
[2009/09/02 22:23:05 | 00,055,064 | ---- | C] () -- C:\Documents and Settings\Owner\Desktop\Copy of TZ_license.jpg
[2009/09/02 22:23:05 | 00,030,665 | ---- | C] () -- C:\Documents and Settings\Owner\Desktop\Copy of LZ_DL.jpg
[2009/09/02 22:23:05 | 00,026,195 | ---- | C] () -- C:\Documents and Settings\Owner\Desktop\Copy of BeYourself.jpg
[2009/09/02 22:23:05 | 00,020,809 | ---- | C] () -- C:\Documents and Settings\Owner\Desktop\Copy of GangstaMyself.jpg
[2009/09/02 22:23:04 | 00,741,330 | ---- | C] () -- C:\Documents and Settings\Owner\Desktop\Copy of petco.bmp
[2009/09/02 22:23:04 | 00,578,346 | ---- | C] () -- C:\Documents and Settings\Owner\Desktop\Copy of Sign_Dogs_go away.bmp
[2009/09/02 22:23:04 | 00,113,413 | ---- | C] () -- C:\Documents and Settings\Owner\Desktop\Copy of Jewelry_gilded Lucite Flower ring.jpg
[2009/09/02 22:23:04 | 00,107,761 | ---- | C] () -- C:\Documents and Settings\Owner\Desktop\Copy of COUPON_qdoba_1.jpg
[2009/09/02 22:23:04 | 00,097,009 | ---- | C] () -- C:\Documents and Settings\Owner\Desktop\Copy of TSH_test.jpg
[2009/09/02 22:23:04 | 00,088,798 | ---- | C] () -- C:\Documents and Settings\Owner\Desktop\Copy of MorningPerson.png
[2009/09/02 22:23:04 | 00,058,353 | ---- | C] () -- C:\Documents and Settings\Owner\Desktop\Copy of COUPON_Petco_5off25.pdf
[2009/09/02 22:23:04 | 00,055,156 | ---- | C] () -- C:\Documents and Settings\Owner\Desktop\Copy of Tx_$$_ClaimForm.pdf
[2009/09/02 22:23:03 | 02,289,334 | ---- | C] () -- C:\Documents and Settings\Owner\Desktop\Copy of TGIF_Coupon2.bmp
[2009/09/02 22:23:03 | 00,834,438 | ---- | C] () -- C:\Documents and Settings\Owner\Desktop\Copy of TGIF_Coupon1.bmp
[2009/09/02 22:23:03 | 00,149,284 | ---- | C] () -- C:\Documents and Settings\Owner\Desktop\Copy of hosts.zip
[2009/09/02 22:23:02 | 00,000,747 | ---- | C] () -- C:\Documents and Settings\Owner\Desktop\Copy of Shortcut to homedepot-COUPON.jpg.lnk
[2009/09/02 22:21:37 | 00,000,000 | ---D | C] -- C:\Desktop Files2
[2009/09/02 15:42:18 | 00,054,387 | ---- | C] () -- C:\Documents and Settings\Owner\Desktop\Collage IDEA.jpg
[2009/09/02 13:54:54 | 00,037,767 | ---- | C] () -- C:\Documents and Settings\Owner\Desktop\jewelryCuzDsntLast4evr.jpg
[2009/09/02 13:53:39 | 00,031,959 | ---- | C] () -- C:\Documents and Settings\Owner\Desktop\dude_WTF.jpg
[2009/09/02 13:39:45 | 00,041,565 | ---- | C] () -- C:\Documents and Settings\Owner\Desktop\Wondrful&hotGUYevr.jpg
[2009/09/02 13:31:50 | 00,043,767 | ---- | C] () -- C:\Documents and Settings\Owner\Desktop\AmI2Sexy.jpg
[2009/09/02 13:28:38 | 00,062,181 | ---- | C] () -- C:\Documents and Settings\Owner\Desktop\ItaPartyTimel.gif
[2009/09/02 01:04:46 | 00,023,083 | ---- | C] () -- C:\Documents and Settings\Owner\Desktop\Silhouhette_images PAGE.jpg
[2009/09/02 01:02:50 | 00,034,044 | ---- | C] () -- C:\Documents and Settings\Owner\Desktop\Silhouette_Room Art IDEA2.jpg
[2009/09/02 00:57:29 | 00,028,907 | ---- | C] () -- C:\Documents and Settings\Owner\Desktop\silhouette Furniture3.jpg
[2009/09/02 00:56:49 | 00,112,017 | ---- | C] () -- C:\Documents and Settings\Owner\Desktop\Silhouette_Room Art IDEA.jpg
[2009/09/02 00:55:33 | 00,020,896 | ---- | C] () -- C:\Documents and Settings\Owner\Desktop\Silhouhette_furniture2.jpg
[2009/09/02 00:52:26 | 00,109,854 | ---- | C] () -- C:\Documents and Settings\Owner\Desktop\Silhouettes_furniture.jpg
[2009/09/02 00:51:05 | 00,111,384 | ---- | C] () -- C:\Documents and Settings\Owner\Desktop\flame-of-fire-elements.jpg
[2009/09/02 00:50:21 | 00,068,383 | ---- | C] () -- C:\Documents and Settings\Owner\Desktop\-love-bird-cage.jpg
[2009/09/02 00:49:04 | 00,047,963 | ---- | C] () -- C:\Documents and Settings\Owner\Desktop\bird-in-cage2.jpg
[2009/09/02 00:47:17 | 00,021,426 | ---- | C] () -- C:\Documents and Settings\Owner\Desktop\bird-and-cage-silhouette.jpg
[2009/09/02 00:10:24 | 00,008,692 | ---- | C] () -- C:\Documents and Settings\Owner\Desktop\Necklace_blk.jpg
[2009/09/02 00:09:38 | 00,027,798 | ---- | C] () -- C:\Documents and Settings\Owner\Desktop\Bird silhoette.jpg
[2009/09/01 05:26:55 | 00,005,907 | ---- | C] () -- C:\Documents and Settings\Owner\Desktop\FashionFlair.jpg
[2009/08/31 23:24:10 | 00,214,515 | ---- | C] () -- C:\Documents and Settings\Owner\Desktop\DadA&TZ.JPG
[2009/08/31 20:36:34 | 00,574,338 | ---- | C] () -- C:\Diva's Pictures.nri
[2009/08/31 20:26:55 | 00,000,000 | -H-D | C] -- C:\WINDOWS\ie8
[2009/08/31 20:16:36 | 16,883,056 | ---- | C] (Microsoft Corporation) -- C:\Documents and Settings\Owner\My Documents\IE8-WindowsXP-x86-ENU.exe
[2009/08/31 16:06:46 | 00,006,504 | ---- | C] () -- C:\Documents and Settings\Owner\Desktop\BigHelloFrmTx.jpg
[2009/08/31 16:04:36 | 00,007,216 | ---- | C] () -- C:\Documents and Settings\Owner\Desktop\Texans60Freezng.jpg
[2009/08/31 16:02:27 | 00,008,390 | ---- | C] () -- C:\Documents and Settings\Owner\Desktop\HowdyBootFlair.jpg
[2009/08/31 16:00:44 | 00,007,025 | ---- | C] () -- C:\Documents and Settings\Owner\Desktop\HowdyFlair.jpg
[2009/08/31 15:46:51 | 00,007,129 | ---- | C] () -- C:\Documents and Settings\Owner\Desktop\UrSoGucci.jpg
[2009/08/31 13:44:57 | 00,006,181 | ---- | C] () -- C:\Documents and Settings\Owner\Desktop\HelloFlair.jpg
[2009/08/31 13:33:42 | 00,007,103 | ---- | C] () -- C:\Documents and Settings\Owner\Desktop\HelloFrnd.jpg
[2009/08/31 13:32:39 | 00,008,098 | ---- | C] () -- C:\Documents and Settings\Owner\Desktop\HeyGirlWutsUp.jpg
[2009/08/31 13:31:36 | 00,005,889 | ---- | C] () -- C:\Documents and Settings\Owner\Desktop\IveGotTheBestFrnds.jpg
[2009/08/31 13:29:48 | 00,006,671 | ---- | C] () -- C:\Documents and Settings\Owner\Desktop\AsianDogHerro.jpg
[2009/08/31 13:28:17 | 00,005,780 | ---- | C] () -- C:\Documents and Settings\Owner\Desktop\HavAniceDayFlair.jpg
[2009/08/31 13:26:40 | 00,006,054 | ---- | C] () -- C:\Documents and Settings\Owner\Desktop\HelloKittyFlair.jpg
[2009/08/31 13:21:33 | 00,006,681 | ---- | C] () -- C:\Documents and Settings\Owner\Desktop\StrtUpGngstrYo.jpg
[2009/08/31 12:58:04 | 00,019,387 | ---- | C] () -- C:\Documents and Settings\Owner\Desktop\WhoLitUrTampon.jpg
[2009/08/31 12:56:32 | 00,010,922 | ---- | C] () -- C:\Documents and Settings\Owner\Desktop\BarbieHasEvrythng.jpg
[2009/08/31 12:56:17 | 00,010,011 | ---- | C] () -- C:\Documents and Settings\Owner\Desktop\KidsIMarried1.jpg
[2009/08/31 12:55:20 | 00,010,538 | ---- | C] () -- C:\Documents and Settings\Owner\Desktop\MenHavFelnngs2.jpg
[2009/08/31 12:54:43 | 00,007,036 | ---- | C] () -- C:\Documents and Settings\Owner\Desktop\I BichTher4iAm.jpg
[2009/08/30 17:28:51 | 00,000,000 | -H-D | C] -- C:\$AVG8.VAULT$
[2009/08/30 17:00:04 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\avg8
[2009/08/30 16:51:58 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Owner\Application Data\AVG8
[2009/08/30 15:45:11 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\SUPERAntiSpyware.com
[2009/08/30 15:44:20 | 00,000,791 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\SUPERAntiSpyware Free Edition.lnk
[2009/08/30 15:42:56 | 00,000,000 | ---D | C] -- C:\Program Files\Common Files\Wise Installation Wizard
[2009/08/30 15:34:35 | 00,848,656 | ---- | C] (AVG Technologies) -- C:\Documents and Settings\Owner\My Documents\avg_avwt_stb_all_8_32.exe
[2009/08/30 15:33:18 | 06,881,824 | ---- | C] () -- C:\Documents and Settings\Owner\My Documents\SUPERAntiSpyware.exe
[2009/08/30 15:02:14 | 03,942,048 | ---- | C] (Malwarebytes Corporation ) -- C:\Documents and Settings\Owner\My Documents\mbam-setup.exe
[2009/08/30 05:33:26 | 00,000,000 | ---D | C] -- C:\Program Files\NOS
[2009/08/30 05:33:26 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\NOS
[2009/08/30 03:02:41 | 00,000,000 | ---D | C] -- C:\Program Files\CCleaner
[2009/08/30 02:09:42 | 00,003,991 | ---- | C] () -- C:\Documents and Settings\Owner\Desktop\hijackthis_8.30.09log
[2009/08/29 23:50:08 | 00,912,438 | ---- | C] () -- C:\Documents and Settings\Owner\Desktop\J&ME_paint.bmp
[2009/08/29 23:46:11 | 00,776,192 | ---- | C] () -- C:\Documents and Settings\Owner\My Documents\J&ME PIX.wps
[2009/08/29 23:10:49 | 00,912,438 | ---- | C] () -- C:\Documents and Settings\Owner\Desktop\J&me_revisedLast.bmp
[2009/08/29 22:33:50 | 00,036,273 | ---- | C] () -- C:\Documents and Settings\Owner\Desktop\J&me_spliced2.jpg
[2009/08/29 22:07:25 | 00,035,540 | ---- | C] () -- C:\Documents and Settings\Owner\Desktop\J&me_spliced.jpg
[2009/08/29 21:32:18 | 00,344,946 | ---- | C] () -- C:\Documents and Settings\Owner\Desktop\Lilly_8.09_4.bmp
[2009/08/29 21:31:49 | 00,344,946 | ---- | C] () -- C:\Documents and Settings\Owner\Desktop\Lilly_8.09_3.bmp
[2009/08/29 21:31:23 | 00,345,666 | ---- | C] () -- C:\Documents and Settings\Owner\Desktop\Lilly_8.09_2.bmp
[2009/08/29 21:30:49 | 00,345,666 | ---- | C] () -- C:\Documents and Settings\Owner\Desktop\Lilly_8.09.bmp
[2009/08/29 21:12:28 | 00,344,946 | ---- | C] () -- C:\Documents and Settings\Owner\Desktop\J&me6.bmp
[2009/08/29 21:00:18 | 00,106,959 | ---- | C] () -- C:\Documents and Settings\Owner\Desktop\J&me5.jpg
[2009/08/29 20:59:53 | 00,148,854 | ---- | C] () -- C:\Documents and Settings\Owner\Desktop\J&me4.jpg
[2009/08/29 20:59:36 | 00,118,727 | ---- | C] () -- C:\Documents and Settings\Owner\Desktop\J&me3.jpg
[2009/08/29 20:59:08 | 00,118,386 | ---- | C] () -- C:\Documents and Settings\Owner\Desktop\J&me2.jpg
[2009/08/29 20:58:19 | 00,113,632 | ---- | C] () -- C:\Documents and Settings\Owner\Desktop\J&me1.jpg
[2009/08/29 03:19:55 | 00,000,794 | ---- | C] () -- C:\Documents and Settings\Owner\Desktop\Internet Explorer (2).lnk
[2009/08/29 02:26:59 | 00,307,769 | ---- | C] () -- C:\Documents and Settings\Owner\Desktop\G&M_fb.jpg
[2009/08/29 01:48:39 | 00,030,140 | ---- | C] () -- C:\Documents and Settings\Owner\Desktop\G&M_.jpg
[2009/08/29 01:36:52 | 00,065,767 | ---- | C] () -- C:\Documents and Settings\Owner\Desktop\Mom&A_.jpg
[2009/08/29 01:15:52 | 00,082,681 | ---- | C] () -- C:\Documents and Settings\Owner\Desktop\MOM&J.jpg
[2009/08/27 23:29:45 | 00,000,000 | ---D | C] -- C:\WINDOWS\ie7updates
[2009/08/27 23:26:06 | 00,000,000 | ---D | C] -- C:\WINDOWS\WBEM
[2009/08/27 23:22:55 | 00,000,000 | -H-D | C] -- C:\WINDOWS\ie7
[2009/08/27 23:21:44 | 00,000,000 | -H-D | C] -- C:\WINDOWS\$NtServicePackUninstallIDNMitigationAPIs$
[2009/08/27 23:19:05 | 00,000,000 | -H-D | C] -- C:\WINDOWS\$NtServicePackUninstallNLSDownlevelMapping$
[2009/08/27 23:06:56 | 01,985,024 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\iertutil.dll
[2009/08/27 23:06:56 | 00,594,432 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msfeeds.dll
[2009/08/27 23:06:54 | 00,055,296 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msfeedsbs.dll
[2009/08/27 23:06:48 | 00,059,904 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\icardie.dll
[2009/08/27 23:06:48 | 00,013,824 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ieudinit.exe
[2009/08/27 23:06:39 | 00,445,952 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ieapfltr.dll
[2009/08/27 23:06:26 | 03,698,584 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ieapfltr.dat
[2009/08/27 23:06:25 | 01,241,088 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ieframe.dll.mui
[2009/08/27 23:06:09 | 11,063,808 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ieframe.dll
[2009/08/27 22:04:48 | 00,008,923 | ---- | C] () -- C:\Documents and Settings\Owner\Desktop\MomT&meXmas09_.jpg
[2009/08/27 22:02:37 | 00,007,630 | ---- | C] () -- C:\Documents and Settings\Owner\Desktop\Mom&meXmas09_.jpg
[2009/08/27 21:52:05 | 00,366,214 | ---- | C] () -- C:\Documents and Settings\Owner\Desktop\AlexPool.bmp
[2009/08/27 21:50:31 | 00,163,906 | ---- | C] () -- C:\Documents and Settings\Owner\Desktop\Lilly.bmp
[2009/08/27 21:48:02 | 00,163,906 | ---- | C] () -- C:\Documents and Settings\Owner\Desktop\MomT&meXmas09.bmp
[2009/08/27 21:46:45 | 00,163,906 | ---- | C] () -- C:\Documents and Settings\Owner\Desktop\Mom&meXmas09.bmp
[2009/08/27 05:32:16 | 00,006,889 | ---- | C] () -- C:\Documents and Settings\Owner\Desktop\Peace_Flair.jpg
[2009/08/23 00:46:10 | 00,026,794 | ---- | C] () -- C:\Documents and Settings\Owner\Desktop\C.Diva3.jpg
[2009/08/22 23:48:31 | 00,028,984 | ---- | C] () -- C:\Documents and Settings\Owner\Desktop\C.Diva2.jpg
[2009/08/22 23:31:00 | 00,019,555 | ---- | C] () -- C:\Documents and Settings\Owner\Desktop\C.Diva1.jpg
[2008/12/28 23:52:20 | 00,000,183 | ---- | C] () -- C:\WINDOWS\AWSHKWV.INI
[2007/10/28 17:30:32 | 00,000,453 | ---- | C] () -- C:\WINDOWS\lexstat.ini
[2007/10/28 17:30:25 | 00,000,100 | ---- | C] () -- C:\WINDOWS\dellstat.ini
[2006/11/28 01:59:27 | 00,684,032 | ---- | C] () -- C:\WINDOWS\System32\libeay32.dll
[2006/11/28 01:59:26 | 00,155,648 | ---- | C] () -- C:\WINDOWS\System32\ssleay32.dll
[2006/01/30 07:42:22 | 00,000,270 | ---- | C] () -- C:\WINDOWS\System32\lxczcoin.ini
[2005/03/07 02:28:16 | 00,000,116 | ---- | C] () -- C:\WINDOWS\NeroDigital.ini
[2005/02/07 06:09:42 | 00,000,006 | ---- | C] () -- C:\WINDOWS\dcstds3.dll
[2004/02/03 05:27:12 | 00,071,749 | ---- | C] () -- C:\WINDOWS\HCExtOutput.dll
[2003/08/19 04:36:39 | 00,000,754 | ---- | C] () -- C:\WINDOWS\WORDPAD.INI
[2003/06/24 03:40:45 | 00,011,776 | ---- | C] () -- C:\WINDOWS\System32\ZPORT4AS.dll
[2003/06/11 19:05:06 | 00,032,768 | ---- | C] () -- C:\WINDOWS\System32\tds3shl.dll
[2003/01/25 23:58:22 | 00,000,118 | ---- | C] () -- C:\WINDOWS\ALBUM.INI
[2002/11/13 02:40:22 | 00,040,960 | ---- | C] () -- C:\WINDOWS\System32\lxczvs.dll
[2002/10/03 21:19:19 | 00,000,000 | ---- | C] () -- C:\WINDOWS\MSDraw.ini
[2002/09/28 22:27:34 | 00,000,141 | ---- | C] () -- C:\WINDOWS\POSTER.INI
[2002/09/11 21:09:25 | 00,045,056 | ---- | C] () -- C:\WINDOWS\PANIC32.dll
[2002/09/11 21:09:25 | 00,040,960 | ---- | C] () -- C:\WINDOWS\PANICNT.dll
[2002/09/03 03:37:38 | 00,000,137 | ---- | C] () -- C:\WINDOWS\Weather.INI
[2002/09/02 21:40:08 | 00,057,344 | ---- | C] () -- C:\WINDOWS\System32\tlcsel32.dll
[2002/09/02 21:40:08 | 00,016,540 | ---- | C] () -- C:\WINDOWS\System32\tlcsel17.dll
[2002/08/28 02:37:48 | 00,000,004 | ---- | C] () -- C:\WINDOWS\uccspecb.sys
[2002/07/28 19:05:23 | 00,000,044 | ---- | C] () -- C:\WINDOWS\System32\msssc.dll
[2002/04/25 22:23:36 | 00,000,061 | ---- | C] () -- C:\WINDOWS\smscfg.ini
[2002/04/20 19:24:15 | 00,377,600 | ---- | C] () -- C:\WINDOWS\System32\BOCOLE.DLL
[2002/04/20 19:24:15 | 00,167,456 | ---- | C] () -- C:\WINDOWS\System32\Bocof.dll
[2002/04/20 19:16:42 | 00,045,056 | ---- | C] () -- C:\WINDOWS\System32\hpREG.DLL
[2002/04/20 19:16:42 | 00,024,576 | ---- | C] () -- C:\WINDOWS\System32\syscontr.dll
[2002/04/20 01:28:06 | 00,000,155 | ---- | C] () -- C:\WINDOWS\wininit.ini
[2002/04/20 01:19:46 | 00,019,968 | ---- | C] () -- C:\WINDOWS\System32\cpuinf32.dll
[2002/04/20 00:26:01 | 00,249,921 | ---- | C] () -- C:\WINDOWS\System32\PythonCOM15.dll
[2002/04/20 00:26:01 | 00,065,536 | ---- | C] () -- C:\WINDOWS\System32\PyWinTypes15.dll
[2002/04/20 00:25:32 | 00,016,896 | ---- | C] () -- C:\WINDOWS\System32\bcbmm.dll
[2002/04/19 23:20:31 | 00,000,901 | ---- | C] () -- C:\WINDOWS\orun32.ini
[2002/04/19 23:12:23 | 00,001,793 | ---- | C] () -- C:\WINDOWS\System32\fxsperf.ini
[2002/04/19 23:04:05 | 00,000,666 | ---- | C] () -- C:\WINDOWS\System32\oeminfo.ini
[2002/04/19 23:03:51 | 00,000,918 | ---- | C] () -- C:\WINDOWS\win.ini
[2002/04/19 23:03:49 | 00,000,259 | ---- | C] () -- C:\WINDOWS\system.ini
[2002/03/27 16:37:52 | 00,262,144 | ---- | C] () -- C:\WINDOWS\System32\shpshftr.dll
[2002/03/12 05:25:02 | 00,028,672 | ---- | C] () -- C:\WINDOWS\System32\igfxdgps.dll
[2001/10/28 17:42:30 | 00,116,224 | ---- | C] () -- C:\WINDOWS\System32\prnmnt.dll
[2001/08/08 15:13:22 | 00,012,351 | ---- | C] () -- C:\WINDOWS\System32\i81xcoin.dll
[1999/07/23 14:46:48 | 00,000,116 | ---- | C] () -- C:\WINDOWS\AuHCcup1.ini
[1999/07/23 11:53:20 | 00,129,536 | ---- | C] () -- C:\WINDOWS\AuHCcup1.dll
[1998/08/16 06:00:00 | 00,004,096 | ---- | C] () -- C:\WINDOWS\System32\sysres.dll

========== Files - Modified Within 30 Days ==========

[2009/09/21 05:51:02 | 00,000,189 | ---- | M] () -- C:\WINDOWS\System\hpsysdrv.DAT
[2009/09/21 05:49:07 | 00,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2009/09/21 05:30:46 | 00,000,000 | ---- | M] () -- C:\Documents and Settings\Owner\Desktop\J&me1______________1.jpg
[2009/09/21 05:22:17 | 00,159,030 | ---- | M] () -- C:\Documents and Settings\Owner\Desktop\J&me1_______________hair_last.jpg
[2009/09/21 04:07:30 | 00,155,673 | ---- | M] () -- C:\Documents and Settings\Owner\Desktop\J&me1______________1_hair.JPG
[2009/09/21 03:51:15 | 00,158,199 | ---- | M] () -- C:\Documents and Settings\Owner\Desktop\J&me1_______________.jpg
[2009/09/21 03:15:27 | 00,035,540 | ---- | M] () -- C:\Documents and Settings\Owner\Desktop\J&me_spliced.jpg
[2009/09/21 02:57:59 | 00,912,438 | ---- | M] () -- C:\Documents and Settings\Owner\Desktop\J&ME_paint.bmp
[2009/09/21 02:04:39 | 00,104,321 | ---- | M] () -- C:\Documents and Settings\Owner\Desktop\J&Me_enhanced1.jpg
[2009/09/21 01:34:12 | 00,000,882 | ---- | M] () -- C:\Documents and Settings\Owner\Desktop\Shortcut to ShrinkyDinkRing2.jpg.lnk
[2009/09/20 16:43:53 | 26,739,584 | ---- | M] ( ) -- C:\Documents and Settings\Owner\Desktop\AdbeRdr910_en_US.exe
[2009/09/20 16:24:58 | 00,000,918 | ---- | M] () -- C:\WINDOWS\win.ini
[2009/09/20 16:24:58 | 00,000,259 | ---- | M] () -- C:\WINDOWS\system.ini
[2009/09/20 16:24:58 | 00,000,199 | RHS- | M] () -- C:\BOOT.INI
[2009/09/18 23:24:08 | 00,054,156 | -H-- | M] () -- C:\WINDOWS\QTFont.qfn
[2009/09/18 22:37:39 | 00,044,582 | ---- | M] () -- C:\Documents and Settings\Owner\Desktop\Z_2.jpg
[2009/09/18 22:31:33 | 00,054,085 | ---- | M] () -- C:\Documents and Settings\Owner\Desktop\Z_.jpg
[2009/09/18 21:42:58 | 00,514,560 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Owner\Desktop\OTL.exe
[2009/09/18 21:29:54 | 00,001,409 | ---- | M] () -- C:\WINDOWS\QTFont.for
[2009/09/18 01:52:36 | 00,781,909 | ---- | M] () -- C:\Documents and Settings\Owner\Desktop\RSIT.exe
[2009/09/17 23:19:53 | 00,000,707 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Malwarebytes' Anti-Malware.lnk
[2009/09/17 23:18:01 | 04,045,528 | ---- | M] (Malwarebytes Corporation ) -- C:\Documents and Settings\Owner\Desktop\mbam-setup.exe
[2009/09/17 14:27:58 | 00,009,233 | ---- | M] () -- C:\Documents and Settings\Owner\Desktop\UdidIt_Congrats.jpg
[2009/09/17 14:18:49 | 00,010,180 | ---- | M] () -- C:\Documents and Settings\Owner\Desktop\Congrats_Udid It.jpg
[2009/09/17 14:09:59 | 00,013,500 | ---- | M] () -- C:\Documents and Settings\Owner\Desktop\Congrats_loseGainLose wt.jpg
[2009/09/17 13:52:34 | 00,029,440 | ---- | M] () -- C:\Documents and Settings\Owner\Desktop\congratulations_myspace_graphics_02.jpg
[2009/09/17 13:50:06 | 00,019,971 | ---- | M] () -- C:\Documents and Settings\Owner\Desktop\congratulations_myspace_graphics_02.gif
[2009/09/17 13:35:33 | 00,174,313 | ---- | M] () -- C:\Documents and Settings\Owner\Desktop\dancing cat.gif
[2009/09/17 05:56:33 | 00,001,079 | ---- | M] () -- C:\Documents and Settings\Owner\Desktop\Shortcut to 1942._3D.jpg.lnk
[2009/09/16 23:39:52 | 00,011,074 | ---- | M] () -- C:\Documents and Settings\Owner\Desktop\Congratulations new hire.docx
[2009/09/16 23:17:20 | 00,096,806 | ---- | M] () -- C:\Documents and Settings\Owner\Desktop\FFA2B686-0F5F-48D2-8F2B-0B3A50D36D11.jpg
[2009/09/16 23:08:17 | 00,070,709 | ---- | M] () -- C:\Documents and Settings\Owner\Desktop\Party8_.jpg
[2009/09/16 05:22:06 | 00,028,730 | ---- | M] () -- C:\Documents and Settings\Owner\Desktop\53000,1171143160,2_.gif
[2009/09/16 04:30:04 | 00,001,264 | ---- | M] () -- C:\Documents and Settings\Owner\Desktop\1228417399516089769j4p4n_cool_frame_-_1859_svg_med.gif
[2009/09/16 00:44:40 | 00,001,277 | ---- | M] () -- C:\Documents and Settings\Owner\Desktop\Attach.zip
[2009/09/16 00:26:16 | 00,359,932 | ---- | M] () -- C:\Documents and Settings\Owner\Desktop\dds.scr
[2009/09/14 04:06:04 | 00,026,032 | ---- | M] () -- C:\Documents and Settings\Owner\Desktop\BobTZ&me.jpg
[2009/09/14 03:46:04 | 00,032,758 | ---- | M] () -- C:\Documents and Settings\Owner\Desktop\Lilly_1a.bmp
[2009/09/14 03:45:31 | 00,032,278 | ---- | M] () -- C:\Documents and Settings\Owner\Desktop\Lilly_1.bmp
[2009/09/14 03:43:27 | 00,345,666 | ---- | M] () -- C:\Documents and Settings\Owner\Desktop\BobME &TZ.bmp
[2009/09/11 22:10:00 | 00,000,453 | ---- | M] () -- C:\WINDOWS\lexstat.ini
[2009/09/10 17:25:50 | 00,000,646 | ---- | M] () -- C:\Documents and Settings\Owner\Desktop\Shortcut to Collages (2).lnk
[2009/09/10 17:12:27 | 00,061,283 | ---- | M] () -- C:\Documents and Settings\Owner\Desktop\J&me4_editied.jpg
[2009/09/10 14:54:06 | 00,038,224 | ---- | M] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbamswissarmy.sys
[2009/09/10 14:53:50 | 00,019,160 | ---- | M] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbam.sys
[2009/09/10 06:22:56 | 00,018,134 | ---- | M] () -- C:\Documents and Settings\Owner\Desktop\BirdcageSilhouhette_2.gif
[2009/09/10 00:24:01 | 00,000,280 | ---- | M] () -- C:\WINDOWS\emm386g.dl
[2009/09/09 18:43:39 | 00,208,896 | ---- | M] () -- C:\Documents and Settings\Owner\Desktop\Fall 2009 Scheduling Form (2)_.xls
[2009/09/09 02:22:20 | 00,000,907 | ---- | M] () -- C:\Documents and Settings\Owner\Desktop\Shortcut to Collages.jpg.lnk
[2009/09/08 23:47:16 | 08,036,352 | ---- | M] (Irfan Skiljan) -- C:\Documents and Settings\Owner\Desktop\irfanview_plugins_425_setup.exe
[2009/09/08 23:41:17 | 00,001,576 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\IrfanView Thumbnails.lnk
[2009/09/08 23:41:17 | 00,000,696 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\IrfanView.lnk
[2009/09/08 23:23:06 | 01,359,360 | ---- | M] (Irfan Skiljan) -- C:\Documents and Settings\Owner\Desktop\iview425_setup.exe
[2009/09/08 20:50:37 | 00,064,265 | ---- | M] () -- C:\Documents and Settings\Owner\Desktop\FACEBOOK_K&me&A.Margie.jpg
[2009/09/08 20:50:10 | 00,070,895 | ---- | M] () -- C:\Documents and Settings\Owner\Desktop\FACEBOOK_alex.jpg
[2009/09/08 20:49:10 | 00,045,646 | ---- | M] () -- C:\Documents and Settings\Owner\Desktop\FACEBOOK_ K&Me.jpg
[2009/09/08 18:15:58 | 00,008,687 | ---- | M] () -- C:\Documents and Settings\Owner\Desktop\craftyBiochPnkFLAIR.jpg
[2009/09/08 18:15:56 | 00,008,880 | ---- | M] () -- C:\Documents and Settings\Owner\Desktop\UcraftyBiochFLAIR.jpg
[2009/09/08 18:15:54 | 00,007,116 | ---- | M] () -- C:\Documents and Settings\Owner\Desktop\craftyBiochFLAIR.jpg
[2009/09/08 18:12:36 | 00,005,547 | ---- | M] () -- C:\Documents and Settings\Owner\Desktop\CraftHoFLAIR.jpg
[2009/09/08 18:12:35 | 00,008,419 | ---- | M] () -- C:\Documents and Settings\Owner\Desktop\CraftW_attitudeFLAIR.jpg
[2009/09/08 18:12:34 | 00,007,105 | ---- | M] () -- C:\Documents and Settings\Owner\Desktop\SoManyIdeasFLAIR.jpg
[2009/09/08 18:10:00 | 00,007,948 | ---- | M] () -- C:\Documents and Settings\Owner\Desktop\the tudors flair.jpg
[2009/09/08 17:58:47 | 00,006,808 | ---- | M] () -- C:\Documents and Settings\Owner\Desktop\TrueThatFlair_1.jpg
[2009/09/08 17:53:06 | 00,055,813 | ---- | M] () -- C:\Documents and Settings\Owner\Desktop\TrueThatFLAIR2.jpg
[2009/09/08 16:44:16 | 00,020,217 | ---- | M] () -- C:\Documents and Settings\Owner\Desktop\AllIwntIs Jucy.jpg
[2009/09/08 16:41:00 | 00,041,855 | ---- | M] () -- C:\Documents and Settings\Owner\Desktop\multiBkgrnd6.jpg
[2009/09/08 16:40:38 | 00,031,531 | ---- | M] () -- C:\Documents and Settings\Owner\Desktop\multiBkgrnd5.jpg
[2009/09/08 16:40:18 | 00,030,901 | ---- | M] () -- C:\Documents and Settings\Owner\Desktop\multiRoseBkgrnd.jpg
[2009/09/08 16:38:45 | 00,041,093 | ---- | M] () -- C:\Documents and Settings\Owner\Desktop\antiqBkgrnd4.jpg
[2009/09/08 16:37:27 | 00,044,228 | ---- | M] () -- C:\Documents and Settings\Owner\Desktop\wildColorBkgrnd.jpg
[2009/09/08 16:35:25 | 00,023,328 | ---- | M] () -- C:\Documents and Settings\Owner\Desktop\pastelMultiBkgrnd.jpg
[2009/09/08 16:34:23 | 00,039,300 | ---- | M] () -- C:\Documents and Settings\Owner\Desktop\multiFlwrBkgrnd.jpg
[2009/09/08 16:33:54 | 00,024,197 | ---- | M] () -- C:\Documents and Settings\Owner\Desktop\plum&multiBkgrnd.jpg
[2009/09/08 16:31:50 | 00,031,503 | ---- | M] () -- C:\Documents and Settings\Owner\Desktop\butrflyBkgrnd.jpg
[2009/09/08 16:31:50 | 00,031,503 | ---- | M] () -- C:\Documents and Settings\Owner\Desktop\butrfly&flwrBkgrnd.jpg
[2009/09/08 16:31:11 | 00,035,525 | ---- | M] () -- C:\Documents and Settings\Owner\Desktop\grey&multiBkrnd.jpg
[2009/09/08 16:29:10 | 00,041,999 | ---- | M] () -- C:\Documents and Settings\Owner\Desktop\antiqBkgrnd.jpg
[2009/09/08 16:25:02 | 00,032,448 | ---- | M] () -- C:\Documents and Settings\Owner\Desktop\pnk&blkChandelierBKGRND.jpg
[2009/09/08 16:24:08 | 00,026,725 | ---- | M] () -- C:\Documents and Settings\Owner\Desktop\multiColorBkgrnd3.jpg
[2009/09/08 16:23:13 | 00,030,444 | ---- | M] () -- C:\Documents and Settings\Owner\Desktop\pnk&BlkBkgrnd.jpg
[2009/09/08 16:22:41 | 00,043,438 | ---- | M] () -- C:\Documents and Settings\Owner\Desktop\multiColorClocBkgrnd.jpg
[2009/09/08 16:19:28 | 00,017,885 | ---- | M] () -- C:\Documents and Settings\Owner\Desktop\ToilleBirds.jpg
[2009/09/08 16:19:14 | 00,015,956 | ---- | M] () -- C:\Documents and Settings\Owner\Desktop\antiqBird.jpg
[2009/09/08 16:16:27 | 00,018,242 | ---- | M] () -- C:\Documents and Settings\Owner\Desktop\pastlBkgrnd.jpg
[2009/09/08 16:15:00 | 00,037,966 | ---- | M] () -- C:\Documents and Settings\Owner\Desktop\multicolorFlowrBkgrnd.jpg
[2009/09/08 16:11:11 | 00,019,614 | ---- | M] () -- C:\Documents and Settings\Owner\Desktop\beigeButrflyBkgrnd.jpg
[2009/09/08 16:09:29 | 00,019,566 | ---- | M] () -- C:\Documents and Settings\Owner\Desktop\bluePatinaBkgrnd.jpg
[2009/09/08 16:06:50 | 00,034,895 | ---- | M] () -- C:\Documents and Settings\Owner\Desktop\multiColrBkgrnd2.jpg
[2009/09/08 16:06:50 | 00,034,895 | ---- | M] () -- C:\Documents and Settings\Owner\Desktop\multiBkgrnd.jpg
[2009/09/08 16:00:42 | 00,015,232 | ---- | M] () -- C:\Documents and Settings\Owner\Desktop\butterflyWallpaper.jpg
[2009/09/08 15:59:57 | 00,072,644 | ---- | M] () -- C:\Documents and Settings\Owner\Desktop\multiColorFlwr2Bkgrnd.jpg
[2009/09/08 15:58:00 | 00,030,305 | ---- | M] () -- C:\Documents and Settings\Owner\Desktop\vint.FlrwBlueBkgrnd.jpg
[2009/09/08 15:56:11 | 00,004,154 | ---- | M] () -- C:\Documents and Settings\Owner\Desktop\butterfly.jpg
[2009/09/08 15:53:25 | 00,003,650 | ---- | M] () -- C:\Documents and Settings\Owner\Desktop\birdcage.jpg
[2009/09/08 15:51:44 | 00,027,051 | ---- | M] () -- C:\Documents and Settings\Owner\Desktop\vintageFlowrCorner.jpg
[2009/09/08 15:50:31 | 00,015,146 | ---- | M] () -- C:\Documents and Settings\Owner\Desktop\blkWhimiscBkgrnd.jpg
[2009/09/08 15:48:37 | 00,041,093 | ---- | M] () -- C:\Documents and Settings\Owner\Desktop\antiqueFloralBkgrnd_.jpg
[2009/09/08 15:46:13 | 00,039,498 | ---- | M] () -- C:\Documents and Settings\Owner\Desktop\crackleDirtBkgrnd.jpg
[2009/09/08 15:45:46 | 00,031,445 | ---- | M] () -- C:\Documents and Settings\Owner\Desktop\MultiColorFloralBkgrnd.jpg
[2009/09/08 15:44:27 | 00,037,613 | ---- | M] () -- C:\Documents and Settings\Owner\Desktop\pinkFloralbkgrnd.jpg
[2009/09/08 15:43:38 | 00,046,003 | ---- | M] () -- C:\Documents and Settings\Owner\Desktop\pinkOrnge&whteBkgrnd.jpg
[2009/09/08 15:33:59 | 00,015,716 | ---- | M] () -- C:\Documents and Settings\Owner\Desktop\craftyMenRhot.jpg
[2009/09/07 20:23:27 | 00,072,192 | ---- | M] () -- C:\Documents and Settings\Owner\My Documents\Acupressure Info_.wps
[2009/09/07 20:18:44 | 00,079,872 | ---- | M] () -- C:\Documents and Settings\Owner\My Documents\Acupressure INFO.wps
[2009/09/07 16:51:28 | 00,071,246 | ---- | M] () -- C:\Documents and Settings\Owner\Desktop\chandelier7_.jpg
[2009/09/07 03:48:43 | 00,064,765 | ---- | M] () -- C:\Documents and Settings\Owner\Desktop\Paris SkyLine.jpg
[2009/09/07 03:46:32 | 00,012,904 | ---- | M] () -- C:\Documents and Settings\Owner\Desktop\Bkgrnd_pale blue2.jpg
[2009/09/07 03:42:37 | 00,000,360 | ---- | M] () -- C:\Documents and Settings\Owner\Desktop\Bkgrnd_pale blue.jpg
[2009/09/07 03:41:02 | 00,077,903 | ---- | M] () -- C:\Documents and Settings\Owner\Desktop\Bkgrnd_-Off-White.gif
[2009/09/07 03:34:43 | 00,000,043 | ---- | M] () -- C:\Documents and Settings\Owner\Desktop\Paris CityLine.gif
[2009/09/07 02:28:11 | 00,636,699 | ---- | M] () -- C:\Documents and Settings\Owner\Desktop\Printable Victorian Blk&Whte Objects.jpg
[2009/09/07 02:23:19 | 00,009,517 | ---- | M] () -- C:\Documents and Settings\Owner\Desktop\flower clipart.jpg
[2009/09/07 02:22:30 | 00,027,572 | ---- | M] () -- C:\Documents and Settings\Owner\Desktop\paisley clipart.gif
[2009/09/06 23:25:21 | 00,001,961 | ---- | M] () -- C:\Documents and Settings\Owner\Desktop\chandelier_starburst1_square.jpg
[2009/09/06 23:21:12 | 00,001,233 | ---- | M] () -- C:\Documents and Settings\Owner\Desktop\chandelier_swirl5.jpg
[2009/09/06 23:08:51 | 00,001,180 | ---- | M] () -- C:\Documents and Settings\Owner\Desktop\chandelier_starburst4.jpg
[2009/09/06 23:08:06 | 00,003,301 | ---- | M] () -- C:\Documents and Settings\Owner\Desktop\chandelier_starburst2.jpg
[2009/09/06 23:07:01 | 00,002,790 | ---- | M] () -- C:\Documents and Settings\Owner\Desktop\chandelier_starburst1.jpg
[2009/09/06 22:50:58 | 00,008,310 | ---- | M] () -- C:\Documents and Settings\Owner\Desktop\chandelier_swirl2.jpg
[2009/09/06 22:50:58 | 00,008,252 | ---- | M] () -- C:\Documents and Settings\Owner\Desktop\chandelier_swirl3.jpg
[2009/09/06 22:50:58 | 00,006,190 | ---- | M] () -- C:\Documents and Settings\Owner\Desktop\chandelier_swirl4.jpg
[2009/09/06 22:46:11 | 00,003,134 | ---- | M] () -- C:\Documents and Settings\Owner\Desktop\Chandelier_swirl.jpg
[2009/09/06 20:34:18 | 00,095,447 | ---- | M] () -- C:\Documents and Settings\Owner\Desktop\aGeoPattern3.png
[2009/09/06 20:34:18 | 00,077,359 | ---- | M] () -- C:\Documents and Settings\Owner\Desktop\aGeoPattern2.png
[2009/09/06 20:34:18 | 00,077,359 | ---- | M] () -- C:\Documents and Settings\Owner\Desktop\aGeoPattern1.png
[2009/09/05 20:17:07 | 00,195,814 | ---- | M] () -- C:\Documents and Settings\Owner\My Documents\PETSmart Grooming $10 OFF.jpg
[2009/09/04 23:08:00 | 00,034,615 | ---- | M] () -- C:\Documents and Settings\Owner\Desktop\shapes4.png
[2009/09/04 23:07:21 | 00,034,775 | ---- | M] () -- C:\Documents and Settings\Owner\Desktop\shapes3.png
[2009/09/04 23:06:06 | 00,072,545 | ---- | M] () -- C:\Documents and Settings\Owner\Desktop\shape2_.png
[2009/09/04 23:05:59 | 00,018,749 | ---- | M] () -- C:\Documents and Settings\Owner\Desktop\shape2.png
[2009/09/04 23:01:46 | 00,016,220 | ---- | M] () -- C:\Documents and Settings\Owner\Desktop\shape1.png
[2009/09/04 05:03:21 | 00,000,000 | ---- | M] () -- C:\Documents and Settings\Owner\Desktop\LightShow COLLAGE1.jpg
[2009/09/04 03:11:33 | 00,061,779 | ---- | M] () -- C:\Documents and Settings\Owner\Desktop\FLAIR____.jpg
[2009/09/04 03:07:44 | 00,019,443 | ---- | M] () -- C:\Documents and Settings\Owner\Desktop\Bakgrnd15.jpg
[2009/09/04 02:55:42 | 00,009,726 | ---- | M] () -- C:\Documents and Settings\Owner\Desktop\bakgrnd10.jpg
[2009/09/04 02:46:16 | 00,267,918 | ---- | M] () -- C:\Documents and Settings\Owner\Desktop\RmIdea3.jpg
[2009/09/04 02:42:57 | 00,048,766 | ---- | M] () -- C:\Documents and Settings\Owner\Desktop\bakgrnd8.jpg
[2009/09/04 02:39:36 | 00,044,953 | ---- | M] () -- C:\Documents and Settings\Owner\Desktop\charm8.jpg
[2009/09/04 02:39:32 | 00,037,620 | ---- | M] () -- C:\Documents and Settings\Owner\Desktop\charm9.jpg
[2009/09/04 02:39:07 | 00,054,298 | ---- | M] () -- C:\Documents and Settings\Owner\Desktop\Copy of Charm6.jpg
[2009/09/04 02:39:07 | 00,054,298 | ---- | M] () -- C:\Documents and Settings\Owner\Desktop\Charm6.jpg
[2009/09/04 02:38:48 | 00,048,122 | ---- | M] () -- C:\Documents and Settings\Owner\Desktop\Copy of Charm4.jpg
[2009/09/04 02:38:48 | 00,048,122 | ---- | M] () -- C:\Documents and Settings\Owner\Desktop\Charm4.jpg
[2009/09/04 02:38:44 | 00,045,927 | ---- | M] () -- C:\Documents and Settings\Owner\Desktop\charm7.jpg
[2009/09/04 02:37:53 | 00,056,195 | ---- | M] () -- C:\Documents and Settings\Owner\Desktop\KeyCharm.jpg
[2009/09/04 02:37:09 | 00,044,164 | ---- | M] () -- C:\Documents and Settings\Owner\Desktop\crown2.jpg
[2009/09/04 02:36:50 | 00,052,762 | ---- | M] () -- C:\Documents and Settings\Owner\Desktop\ShadowBox Charm.jpg
[2009/09/04 02:36:44 | 00,081,631 | ---- | M] () -- C:\Documents and Settings\Owner\Desktop\L_crown.jpg
[2009/09/04 02:36:13 | 00,044,780 | ---- | M] () -- C:\Documents and Settings\Owner\Desktop\crownCharm.jpg
[2009/09/04 02:35:56 | 00,088,862 | ---- | M] () -- C:\Documents and Settings\Owner\Desktop\JewelryCharms.jpg
[2009/09/04 02:35:34 | 00,088,572 | ---- | M] () -- C:\Documents and Settings\Owner\Desktop\chandelier41.jpg
[2009/09/04 02:35:10 | 00,086,828 | ---- | M] () -- C:\Documents and Settings\Owner\Desktop\Copy of chandelier40.jpg
[2009/09/04 02:35:10 | 00,086,828 | ---- | M] () -- C:\Documents and Settings\Owner\Desktop\chandelier40.jpg
[2009/09/04 02:34:53 | 00,031,961 | ---- | M] () -- C:\Documents and Settings\Owner\Desktop\Copy of chandelier39.jpg
[2009/09/04 02:34:53 | 00,031,961 | ---- | M] () -- C:\Documents and Settings\Owner\Desktop\chandelier39.jpg
[2009/09/04 02:34:30 | 00,044,352 | ---- | M] () -- C:\Documents and Settings\Owner\Desktop\Copy of chandelier38.jpg
[2009/09/04 02:34:30 | 00,044,352 | ---- | M] () -- C:\Documents and Settings\Owner\Desktop\chandelier38.jpg
[2009/09/04 02:33:59 | 00,042,729 | ---- | M] () -- C:\Documents and Settings\Owner\Desktop\Copy of chandelier37.jpg
[2009/09/04 02:33:59 | 00,042,729 | ---- | M] () -- C:\Documents and Settings\Owner\Desktop\chandelier37.jpg
[2009/09/04 02:33:17 | 00,041,409 | ---- | M] () -- C:\Documents and Settings\Owner\Desktop\Bakgrnd6.jpg
[2009/09/04 02:29:01 | 00,209,502 | ---- | M] () -- C:\Documents and Settings\Owner\Desktop\swirlGirlBkground.jpg
[2009/09/04 02:28:58 | 00,139,170 | ---- | M] () -- C:\Documents and Settings\Owner\Desktop\Bakgrnd.jpg
[2009/09/04 02:28:58 | 00,119,471 | ---- | M] () -- C:\Documents and Settings\Owner\Desktop\Copy of chandelier_Page2.jpg
[2009/09/04 02:28:58 | 00,119,471 | ---- | M] () -- C:\Documents and Settings\Owner\Desktop\chandelier_Page2.jpg
[2009/09/04 02:28:56 | 00,123,866 | ---- | M] () -- C:\Documents and Settings\Owner\Desktop\bakgrnd3.jpg
[2009/09/04 02:28:53 | 00,328,660 | ---- | M] () -- C:\Documents and Settings\Owner\Desktop\bakgrnd4.jpg
[2009/09/04 02:28:52 | 00,082,696 | ---- | M] () -- C:\Documents and Settings\Owner\Desktop\swanBkground.jpg
[2009/09/04 02:28:49 | 00,189,005 | ---- | M] () -- C:\Documents and Settings\Owner\Desktop\bakgrnd5.jpg
[2009/09/04 02:27:14 | 00,077,791 | ---- | M] () -- C:\Documents and Settings\Owner\Desktop\chandelier_Page.jpg
[2009/09/04 02:15:41 | 00,014,517 | ---- | M] () -- C:\Documents and Settings\Owner\Desktop\eiffelTower2.jpg
[2009/09/04 02:13:44 | 00,006,304 | ---- | M] () -- C:\Documents and Settings\Owner\Desktop\EiffelTower.jpg
[2009/09/04 02:10:33 | 00,038,108 | ---- | M] () -- C:\Documents and Settings\Owner\Desktop\ShabbyChicLight.jpg
[2009/09/04 02:06:27 | 00,065,094 | ---- | M] () -- C:\Documents and Settings\Owner\Desktop\RmIdea2.jpg
[2009/09/04 02:06:09 | 00,015,539 | ---- | M] () -- C:\Documents and Settings\Owner\Desktop\RmIdea.jpg
[2009/09/04 02:01:11 | 00,014,870 | ---- | M] () -- C:\Documents and Settings\Owner\Desktop\homecollage.jpg
[2009/09/03 23:40:18 | 00,020,896 | ---- | M] () -- C:\Documents and Settings\Owner\Desktop\Silhouhette_furniture2.jpg
[2009/09/03 22:50:19 | 00,021,426 | ---- | M] () -- C:\Documents and Settings\Owner\Desktop\bird-and-cage-silhouette.jpg
[2009/09/03 21:15:16 | 00,013,520 | ---- | M] () -- C:\Documents and Settings\Owner\Desktop\Red Medalian.jpg
[2009/09/03 04:50:42 | 00,068,108 | -H-- | M] () -- C:\WINDOWS\System32\mlfcache.dat
[2009/09/03 02:44:30 | 00,000,770 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Picasa 3.lnk
[2009/09/03 02:37:45 | 10,053,112 | ---- | M] (Google Inc.) -- C:\Documents and Settings\Owner\Desktop\picasa3-setup.exe
[2009/09/03 00:56:22 | 00,208,896 | ---- | M] () -- C:\Documents and Settings\Owner\Desktop\Fall 2009 Scheduling Form (2).xls
[2009/09/02 15:41:56 | 00,054,387 | ---- | M] () -- C:\Documents and Settings\Owner\Desktop\Collage IDEA.jpg
[2009/09/02 13:53:46 | 00,037,767 | ---- | M] () -- C:\Documents and Settings\Owner\Desktop\jewelryCuzDsntLast4evr.jpg
[2009/09/02 13:51:39 | 00,031,959 | ---- | M] () -- C:\Documents and Settings\Owner\Desktop\dude_WTF.jpg
[2009/09/02 13:39:12 | 00,041,565 | ---- | M] () -- C:\Documents and Settings\Owner\Desktop\Wondrful&hotGUYevr.jpg
[2009/09/02 13:31:21 | 00,043,767 | ---- | M] () -- C:\Documents and Settings\Owner\Desktop\AmI2Sexy.jpg
[2009/09/02 13:28:01 | 00,062,181 | ---- | M] () -- C:\Documents and Settings\Owner\Desktop\ItaPartyTimel.gif
[2009/09/02 03:36:56 | 00,000,873 | ---- | M] () -- C:\Documents and Settings\Owner\Desktop\Shortcut to Wire Chair.jpg.lnk
[2009/09/02 03:36:55 | 00,000,958 | ---- | M] () -- C:\Documents and Settings\Owner\Desktop\Shortcut to Wire & SaltClay Flower Idea.jpg.lnk
[2009/09/02 03:36:51 | 00,000,952 | ---- | M] () -- C:\Documents and Settings\Owner\Desktop\Shortcut to Ribbon Shoe1.gif.lnk
[2009/09/02 01:04:21 | 00,023,083 | ---- | M] () -- C:\Documents and Settings\Owner\Desktop\Silhouhette_images PAGE.jpg
[2009/09/02 01:02:30 | 00,034,044 | ---- | M] () -- C:\Documents and Settings\Owner\Desktop\Silhouette_Room Art IDEA2.jpg
[2009/09/02 00:57:16 | 00,028,907 | ---- | M] () -- C:\Documents and Settings\Owner\Desktop\silhouette Furniture3.jpg
[2009/09/02 00:56:28 | 00,112,017 | ---- | M] () -- C:\Documents and Settings\Owner\Desktop\Silhouette_Room Art IDEA.jpg
[2009/09/02 00:51:59 | 00,109,854 | ---- | M] () -- C:\Documents and Settings\Owner\Desktop\Silhouettes_furniture.jpg
[2009/09/02 00:50:52 | 00,111,384 | ---- | M] () -- C:\Documents and Settings\Owner\Desktop\flame-of-fire-elements.jpg
[2009/09/02 00:50:09 | 00,068,383 | ---- | M] () -- C:\Documents and Settings\Owner\Desktop\-love-bird-cage.jpg
[2009/09/02 00:49:42 | 00,000,903 | ---- | M] () -- C:\Documents and Settings\Owner\Desktop\Shortcut to WireCameo Charms.jpg.lnk
[2009/09/02 00:48:46 | 00,047,963 | ---- | M] () -- C:\Documents and Settings\Owner\Desktop\bird-in-cage2.jpg
[2009/09/02 00:10:01 | 00,008,692 | ---- | M] () -- C:\Documents and Settings\Owner\Desktop\Necklace_blk.jpg
[2009/09/02 00:09:11 | 00,027,798 | ---- | M] () -- C:\Documents and Settings\Owner\Desktop\Bird silhoette.jpg
[2009/09/01 16:32:59 | 00,000,000 | ---- | M] () -- C:\WINDOWS\MEMORY.DMP
[2009/09/01 15:44:02 | 00,000,116 | ---- | M] () -- C:\WINDOWS\NeroDigital.ini
[2009/09/01 05:26:10 | 00,005,907 | ---- | M] () -- C:\Documents and Settings\Owner\Desktop\FashionFlair.jpg
[2009/08/31 23:24:10 | 00,214,515 | ---- | M] () -- C:\Documents and Settings\Owner\Desktop\DadA&TZ.JPG
[2009/08/31 20:36:34 | 00,574,338 | ---- | M] () -- C:\Diva's Pictures.nri
[2009/08/31 20:33:18 | 00,006,928 | ---- | M] () -- C:\WINDOWS\System32\spupdsvc.inf
[2009/08/31 20:16:43 | 16,883,056 | ---- | M] (Microsoft Corporation) -- C:\Documents and Settings\Owner\My Documents\IE8-WindowsXP-x86-ENU.exe
[2009/08/31 16:05:14 | 00,006,504 | ---- | M] () -- C:\Documents and Settings\Owner\Desktop\BigHelloFrmTx.jpg
[2009/08/31 16:01:23 | 00,007,216 | ---- | M] () -- C:\Documents and Settings\Owner\Desktop\Texans60Freezng.jpg
[2009/08/31 15:59:17 | 00,008,390 | ---- | M] () -- C:\Documents and Settings\Owner\Desktop\HowdyBootFlair.jpg
[2009/08/31 15:59:15 | 00,007,025 | ---- | M] () -- C:\Documents and Settings\Owner\Desktop\HowdyFlair.jpg
[2009/08/31 15:30:49 | 00,007,129 | ---- | M] () -- C:\Documents and Settings\Owner\Desktop\UrSoGucci.jpg
[2009/08/31 13:32:46 | 00,007,103 | ---- | M] () -- C:\Documents and Settings\Owner\Desktop\HelloFrnd.jpg
[2009/08/31 12:53:49 | 00,007,036 | ---- | M] () -- C:\Documents and Settings\Owner\Desktop\I BichTher4iAm.jpg
[2009/08/30 15:44:20 | 00,000,791 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\SUPERAntiSpyware Free Edition.lnk
[2009/08/30 15:34:44 | 00,848,656 | ---- | M] (AVG Technologies) -- C:\Documents and Settings\Owner\My Documents\avg_avwt_stb_all_8_32.exe
[2009/08/30 15:33:18 | 06,881,824 | ---- | M] () -- C:\Documents and Settings\Owner\My Documents\SUPERAntiSpyware.exe
[2009/08/30 15:02:15 | 03,942,048 | ---- | M] (Malwarebytes Corporation ) -- C:\Documents and Settings\Owner\My Documents\mbam-setup.exe
[2009/08/30 03:02:43 | 00,001,559 | ---- | M] () -- C:\Documents and Settings\Owner\Desktop\CCleaner.lnk
[2009/08/30 02:09:42 | 00,003,991 | ---- | M] () -- C:\Documents and Settings\Owner\Desktop\hijackthis_8.30.09log
[2009/08/29 23:46:20 | 00,776,192 | ---- | M] () -- C:\Documents and Settings\Owner\My Documents\J&ME PIX.wps
[2009/08/29 23:15:56 | 00,912,438 | ---- | M] () -- C:\Documents and Settings\Owner\Desktop\J&me_revisedLast.bmp
[2009/08/29 22:35:50 | 00,036,273 | ---- | M] () -- C:\Documents and Settings\Owner\Desktop\J&me_spliced2.jpg
[2009/08/29 21:32:18 | 00,344,946 | ---- | M] () -- C:\Documents and Settings\Owner\Desktop\Lilly_8.09_4.bmp
[2009/08/29 21:31:49 | 00,344,946 | ---- | M] () -- C:\Documents and Settings\Owner\Desktop\Lilly_8.09_3.bmp
[2009/08/29 21:31:23 | 00,345,666 | ---- | M] () -- C:\Documents and Settings\Owner\Desktop\Lilly_8.09_2.bmp
[2009/08/29 21:30:50 | 00,345,666 | ---- | M] () -- C:\Documents and Settings\Owner\Desktop\Lilly_8.09.bmp
[2009/08/29 21:12:29 | 00,344,946 | ---- | M] () -- C:\Documents and Settings\Owner\Desktop\J&me6.bmp
[2009/08/29 21:00:19 | 00,106,959 | ---- | M] () -- C:\Documents and Settings\Owner\Desktop\J&me5.jpg
[2009/08/29 20:59:53 | 00,148,854 | ---- | M] () -- C:\Documents and Settings\Owner\Desktop\J&me4.jpg
[2009/08/29 20:59:36 | 00,118,727 | ---- | M] () -- C:\Documents and Settings\Owner\Desktop\J&me3.jpg
[2009/08/29 20:59:08 | 00,118,386 | ---- | M] () -- C:\Documents and Settings\Owner\Desktop\J&me2.jpg
[2009/08/29 20:58:23 | 00,113,632 | ---- | M] () -- C:\Documents and Settings\Owner\Desktop\J&me1.jpg
[2009/08/29 03:19:55 | 00,000,794 | ---- | M] () -- C:\Documents and Settings\Owner\Desktop\Internet Explorer (2).lnk
[2009/08/29 02:30:16 | 00,307,769 | ---- | M] () -- C:\Documents and Settings\Owner\Desktop\G&M_fb.jpg
[2009/08/29 01:48:39 | 00,030,140 | ---- | M] () -- C:\Documents and Settings\Owner\Desktop\G&M_.jpg
[2009/08/29 01:36:52 | 00,065,767 | ---- | M] () -- C:\Documents and Settings\Owner\Desktop\Mom&A_.jpg
[2009/08/29 01:23:26 | 00,082,681 | ---- | M] () -- C:\Documents and Settings\Owner\Desktop\MOM&J.jpg
[2009/08/27 22:04:48 | 00,008,923 | ---- | M] () -- C:\Documents and Settings\Owner\Desktop\MomT&meXmas09_.jpg
[2009/08/27 22:02:37 | 00,007,630 | ---- | M] () -- C:\Documents and Settings\Owner\Desktop\Mom&meXmas09_.jpg
[2009/08/27 21:52:05 | 00,366,214 | ---- | M] () -- C:\Documents and Settings\Owner\Desktop\AlexPool.bmp
[2009/08/27 21:50:34 | 00,163,906 | ---- | M] () -- C:\Documents and Settings\Owner\Desktop\Lilly.bmp
[2009/08/27 21:48:03 | 00,163,906 | ---- | M] () -- C:\Documents and Settings\Owner\Desktop\MomT&meXmas09.bmp
[2009/08/27 21:46:51 | 00,163,906 | ---- | M] () -- C:\Documents and Settings\Owner\Desktop\Mom&meXmas09.bmp
[2009/08/27 05:31:16 | 00,006,889 | ---- | M] () -- C:\Documents and Settings\Owner\Desktop\Peace_Flair.jpg
[2009/08/27 02:43:00 | 00,035,085 | ---- | M] () -- C:\Documents and Settings\Owner\Desktop\Me&Teresa2.jpg
[2009/08/27 00:18:16 | 00,019,231 | ---- | M] () -- C:\Documents and Settings\Owner\Desktop\RayF'nSunshne.jpg
[2009/08/27 00:17:59 | 00,014,693 | ---- | M] () -- C:\Documents and Settings\Owner\Desktop\UrA_weenr.jpg
[[2009/08/26 21:32:54 | 00,011,810 | ---- | M] () -- C:\Documents and Settings\Owner\Desktop\GucciPattern2_this one.jpg
[2009/08/26 18:37:19 | 00,020,332 | ---- | M] () -- C:\Documents and Settings\Owner\Desktop\BOBS_CABIN_SIGN ALLfinal_.jpg
[2009/08/26 15:47:28 | 00,015,334 | ---- | M] () -- C:\Documents and Settings\Owner\Desktop\Bobs CabinS.jpg
[2009/08/26 15:28:36 | 00,059,691 | ---- | M] () -- C:\Documents and Settings\Owner\Desktop\Bobs Cabin2.jpg
[2009/08/26 15:27:41 | 00,073,446 | ---- | M] () -- C:\Documents and Settings\Owner\Desktop\Bobs Cabin.png
[2009/08/23 05:01:30 | 00,377,934 | ---- | M] () -- C:\Documents and Settings\Owner\Desktop\J.R&L_....bmp
[2009/08/23 04:53:17 | 00,024,174 | ---- | M] () -- C:\Documents and Settings\Owner\Desktop\J.R&L1_.jpg
[2009/08/23 03:44:53 | 00,960,066 | ---- | M] () -- C:\Documents and Settings\Owner\Desktop\R.J&me3.bmp
[2009/08/23 03:44:18 | 00,960,066 | ---- | M] () -- C:\Documents and Settings\Owner\Desktop\R.J&me2.bmp
[2009/08/23 03:32:52 | 00,960,066 | ---- | M] () -- C:\Documents and Settings\Owner\Desktop\J.R&L1.bmp
[2009/08/23 00:45:37 | 00,026,794 | ---- | M] () -- C:\Documents and Settings\Owner\Desktop\C.Diva3.jpg
[2009/08/22 23:48:00 | 00,028,984 | ---- | M] () -- C:\Documents and Settings\Owner\Desktop\C.Diva2.jpg
[2009/08/22 23:26:31 | 00,019,555 | ---- | M] () -- C:\Documents and Settings\Owner\Desktop\C.Diva1.jpg

========== Alternate Data Streams ==========

@Alternate Data Stream - 125 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:5C321E34
< End of report >

#12 syler

syler

  • Malware Response Team
  • 8,150 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Warrington, UK
  • Local time:12:12 AM

Posted 21 September 2009 - 06:13 AM

Hi C.Diva,

Did you follow the steps to enable the startup entries in msconfig?

Download Security Check by screen317 from here or here.
Save it to your Desktop.
Double click SecurityCheck.exe and follow the onscreen instructions inside of the black box.
A Notepad document should open automatically called checkup.txt.
Please post the contents of that document.

unite.jpg


#13 C.Diva

C.Diva
  • Topic Starter

  • Members
  • 13 posts
  • OFFLINE
  •  
  • Gender:Female
  • Local time:05:12 PM

Posted 21 September 2009 - 01:24 PM

Hi Syler,

Yes, I did enable all the startup entries in msconfig and rebooted but every time Winpatrol came up to alert me I would not allow them to start so.... sorry I totally missed it on that one. Let me try this again and I'll disable Winpatrol first, ok? :(

Thanks again for all your help.

#14 syler

syler

  • Malware Response Team
  • 8,150 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Warrington, UK
  • Local time:12:12 AM

Posted 21 September 2009 - 01:32 PM

Ah ok I see, yes please do it with Winpatrol disabled :( then run Security Check and post back with the log.

Thanks

unite.jpg


#15 C.Diva

C.Diva
  • Topic Starter

  • Members
  • 13 posts
  • OFFLINE
  •  
  • Gender:Female
  • Local time:05:12 PM

Posted 21 September 2009 - 02:09 PM

Syler,

All processes killed
========== OTL ==========
Registry value HKEY_USERS\S-1-5-21-2355909145-1709136994-1300003180-1003\Software\Microsoft\Internet Explorer\Toolbar\ShellBrowser\\{42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extensions\{85d1f590-48f4-11d9-9669-0800200c9a66}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{85d1f590-48f4-11d9-9669-0800200c9a66}\ not found.
Starting removal of ActiveX control {3E68E405-C6DE-49FF-83AE-41EE9F4C36CE} Reg Error: Value error.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{3E68E405-C6DE-49FF-83AE-41EE9F4C36CE} Reg Error: Value error.\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{3E68E405-C6DE-49FF-83AE-41EE9F4C36CE} Reg Error: Value error.\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{3E68E405-C6DE-49FF-83AE-41EE9F4C36CE} Reg Error: Value error.\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{3E68E405-C6DE-49FF-83AE-41EE9F4C36CE} Reg Error: Value error.\ not found.
Starting removal of ActiveX control {9F1C11AA-197B-4942-BA54-47A8489BB47F} Reg Error: Value error.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{9F1C11AA-197B-4942-BA54-47A8489BB47F} Reg Error: Value error.\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{9F1C11AA-197B-4942-BA54-47A8489BB47F} Reg Error: Value error.\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{9F1C11AA-197B-4942-BA54-47A8489BB47F} Reg Error: Value error.\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{9F1C11AA-197B-4942-BA54-47A8489BB47F} Reg Error: Value error.\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\!SASWinLogon\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\avgrsstarter\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\WRNotifier\ not found.
========== REGISTRY ==========
Registry key HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\fc40um\ not found.
Registry key HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\KernelFaultCheck\ not found.
Registry key HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MoneyAgent\ not found.
Registry key HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NvCplDaemon\ not found.
Registry key HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Pop-Up Stopper\ not found.
Registry key HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task\ not found.
Registry key HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SpybotSD TeaTimer\ not found.
Registry key HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^hp center UI.lnk\ not found.
Registry key HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^hp center.lnk\ not found.
Registry key HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^Microsoft Windows.hta\ not found.
Registry key HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^Owner^Start Menu^Programs^Startup^Pop-Up Stopper.lnk\ not found.
Registry key HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\SYMTDI\ not found.
========== COMMANDS ==========

[EMPTYTEMP]

User: All Users

User: LocalService
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes

User: NetworkService
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes

User: Owner
->Temp folder emptied: 40960 bytes
File delete failed. C:\Documents and Settings\Owner\Local Settings\Temporary Internet Files\Content.IE5\index.dat scheduled to be deleted on reboot.
->Temporary Internet Files folder emptied: 6343229 bytes
->Java cache emptied: 0 bytes

%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
Windows Temp folder emptied: 40960 bytes
RecycleBin emptied: 0 bytes

Total Files Cleaned = 6.13 mb


OTL by OldTimer - Version 3.0.14.0 log created on 09212009_140040

Files\Folders moved on Reboot...

Registry entries deleted on Reboot...
_____________
_____________


OTL logfile created on: 9/21/2009 2:09:32 PM - Run 5
OTL by OldTimer - Version 3.0.14.0 Folder = C:\Documents and Settings\Owner\Desktop
Windows XP Home Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

125.98 Mb Total Physical Memory | 24.32 Mb Available Physical Memory | 19.30% Memory free
303.64 Mb Paging File | 159.39 Mb Available in Paging File | 52.50% Paging File free
Paging file location(s): C:\pagefile.sys 0 0 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 32.42 Gb Total Space | 20.37 Gb Free Space | 62.83% Space Free | Partition Type: NTFS
Drive D: | 4.87 Gb Total Space | 1.07 Gb Free Space | 21.99% Space Free | Partition Type: FAT32
E: Drive not present or media not loaded
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded

Computer Name: YOUR-M5D4U9R2UV
Current User Name: DIVA
Logged in as Administrator.

Current Boot Mode: Normal
Scan Mode: All users
Company Name Whitelist: Off
Skip Microsoft Files: Off
File Age = 30 Days
Output = Standard

========== Processes (SafeList) ==========

PRC - [2006/04/17 12:42:14 | 00,311,296 | ---- | M] (Lexmark International, Inc.) -- C:\WINDOWS\System32\LEXBCES.EXE
PRC - [2006/04/17 12:41:24 | 00,174,592 | ---- | M] (Lexmark International, Inc.) -- C:\WINDOWS\System32\LEXPPS.EXE
PRC - [2008/04/13 19:12:19 | 01,033,728 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\Explorer.EXE
PRC - [2008/04/13 19:12:29 | 00,069,120 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\notepad.exe
PRC - [1998/05/07 18:04:38 | 00,052,736 | ---- | M] (Hewlett-Packard Company) -- C:\windows\system\hpsysdrv.exe
PRC - [2001/07/06 22:56:56 | 00,061,440 | ---- | M] (Hewlett-Packard Company) -- C:\HP\KBD\KBD.EXE
PRC - [2002/03/16 00:51:02 | 00,028,672 | ---- | M] () -- C:\WINDOWS\System32\S3apphk.exe
PRC - [2006/07/13 00:22:50 | 00,057,344 | ---- | M] (Lexmark International, Inc.) -- C:\Program Files\Lexmark 1200 Series\lxczbmgr.exe
PRC - [2006/07/13 00:33:14 | 00,053,248 | ---- | M] (Lexmark International, Inc.) -- C:\Program Files\Lexmark 1200 Series\lxczbmon.exe
PRC - [2009/03/08 14:09:26 | 00,638,816 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Internet Explorer\iexplore.exe
PRC - [2009/03/08 14:09:26 | 00,638,816 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Internet Explorer\iexplore.exe
PRC - [2009/09/18 21:42:58 | 00,514,560 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Owner\Desktop\OTL.exe

========== Win32 Services (SafeList) ==========

SRV - [2009/08/07 12:43:04 | 00,045,816 | ---- | M] (NOS Microsystems Ltd.) -- C:\Program Files\NOS\bin\getPlus_Helper.dll -- (getPlusHelper [Disabled | Stopped])
SRV - [2008/11/20 14:18:52 | 00,136,120 | ---- | M] (Google) -- C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe -- (gusvc [Disabled | Stopped])
SRV - [2008/04/13 19:12:02 | 00,038,400 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\PCHealth\HelpCtr\Binaries\pchsvc.dll -- (helpsvc [Auto | Running])
SRV - [2006/04/17 12:42:14 | 00,311,296 | ---- | M] (Lexmark International, Inc.) -- C:\WINDOWS\System32\LEXBCES.EXE -- (LexBceS [Auto | Running])
SRV - [2002/03/09 18:53:00 | 00,061,440 | ---- | M] (NVIDIA Corporation) -- C:\WINDOWS\System32\nvsvc32.exe -- (NVSvc [On_Demand | Stopped])
SRV - [2003/07/28 11:28:22 | 00,089,136 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE -- (ose [On_Demand | Stopped])
SRV - [2009/01/07 18:21:00 | 00,026,144 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\spupdsvc.exe -- (spupdsvc [On_Demand | Stopped])
SRV - [2004/09/22 18:46:10 | 00,038,912 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\wdfmgr.exe -- (UMWdf [Disabled | Stopped])

========== Driver Services (SafeList) ==========

DRV - [2001/08/17 14:12:10 | 00,117,760 | ---- | M] (Intel Corporation) -- C:\WINDOWS\System32\DRIVERS\e100b325.sys -- (E100B [On_Demand | Stopped])
DRV - [2008/04/13 13:45:29 | 00,010,624 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\DRIVERS\gameenum.sys -- (gameenum [On_Demand | Running])
DRV - [2001/08/08 15:13:36 | 00,158,140 | ---- | M] (Intel® Corporation) -- C:\WINDOWS\System32\DRIVERS\i81xnt5.sys -- (i81x [On_Demand | Running])
DRV - [2001/08/08 15:13:30 | 00,012,479 | ---- | M] (Intel® Corporation) -- C:\WINDOWS\System32\DRIVERS\wADV01nt.sys -- (iAimFP0 [On_Demand | Stopped])
DRV - [2001/08/08 15:13:30 | 00,012,031 | ---- | M] (Intel® Corporation) -- C:\WINDOWS\System32\DRIVERS\wADV02NT.sys -- (iAimFP1 [On_Demand | Stopped])
DRV - [2001/08/08 15:13:30 | 00,011,679 | ---- | M] (Intel® Corporation) -- C:\WINDOWS\System32\DRIVERS\wADV05NT.sys -- (iAimFP2 [On_Demand | Stopped])
DRV - [2001/08/08 15:13:28 | 00,011,999 | ---- | M] (Intel® Corporation) -- C:\WINDOWS\System32\DRIVERS\wSiINTxx.sys -- (iAimFP3 [On_Demand | Stopped])
DRV - [2001/08/08 15:13:28 | 00,019,359 | ---- | M] (Intel® Corporation) -- C:\WINDOWS\System32\DRIVERS\wVchNTxx.sys -- (iAimFP4 [On_Demand | Stopped])
DRV - [2001/08/08 15:13:24 | 00,029,215 | ---- | M] (Intel® Corporation) -- C:\WINDOWS\System32\DRIVERS\wATV01nt.sys -- (iAimTV0 [On_Demand | Stopped])
DRV - [2001/08/08 15:13:24 | 00,019,199 | ---- | M] (Intel® Corporation) -- C:\WINDOWS\System32\DRIVERS\wATV02NT.sys -- (iAimTV1 [On_Demand | Stopped])
DRV - [2001/08/08 15:13:26 | 00,033,503 | ---- | M] (Intel® Corporation) -- C:\WINDOWS\System32\DRIVERS\wATV04nt.sys -- (iAimTV3 [On_Demand | Stopped])
DRV - [2001/08/08 15:13:24 | 00,023,519 | ---- | M] (Intel® Corporation) -- C:\WINDOWS\System32\DRIVERS\wCh7xxNT.sys -- (iAimTV4 [On_Demand | Stopped])
DRV - [2002/03/27 17:16:08 | 00,077,181 | ---- | M] (Intel Corporation) -- C:\WINDOWS\System32\DRIVERS\ialmnt5.sys -- (ialm [On_Demand | Stopped])
DRV - [2003/03/31 15:29:00 | 00,625,537 | ---- | M] (LT) -- C:\WINDOWS\System32\DRIVERS\ltmdmnt.sys -- (ltmodem5 [On_Demand | Running])
DRV - [2001/08/17 23:00:04 | 00,002,944 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\msmpu401.sys -- (ms_mpu401 [On_Demand | Running])
DRV - [2002/03/09 18:53:00 | 00,909,501 | ---- | M] (NVIDIA Corporation) -- C:\WINDOWS\System32\DRIVERS\nv4_mini.sys -- (nv [On_Demand | Stopped])
DRV - [2001/08/17 14:50:26 | 00,731,648 | ---- | M] (NVIDIA Corporation) -- C:\WINDOWS\System32\DRIVERS\nv4.sys -- (nv4 [On_Demand | Stopped])
DRV - [2001/12/07 23:26:00 | 00,013,502 | ---- | M] (NVIDIA Corporation) -- C:\WINDOWS\System32\DRIVERS\nv_agp.sys -- (nv_agp [Boot | Running])
DRV - [2000/03/23 06:42:24 | 00,044,192 | ---- | M] (PC-Doctor Inc.) -- C:\WINDOWS\System32\drivers\PcdrNt.sys -- (PcdrNt [On_Demand | Stopped])
DRV - [2002/03/26 20:20:22 | 00,013,780 | ---- | M] (Padus, Inc.) -- C:\WINDOWS\System32\drivers\pfc.sys -- (pfc [On_Demand | Running])
DRV - [2001/06/04 15:00:00 | 00,014,112 | ---- | M] (Hewlett-Packard Company) -- C:\WINDOWS\System32\DRIVERS\PS2.sys -- (Ps2 [On_Demand | Running])
DRV - [2001/08/18 07:00:00 | 00,017,792 | ---- | M] (Parallel Technologies, Inc.) -- C:\WINDOWS\System32\DRIVERS\ptilink.sys -- (Ptilink [On_Demand | Running])
DRV - [2008/11/20 14:19:06 | 00,043,872 | ---- | M] (Sonic Solutions) -- C:\WINDOWS\System32\Drivers\PxHelp20.sys -- (PxHelp20 [Boot | Running])
DRV - [2004/08/04 00:31:32 | 00,020,992 | ---- | M] (Realtek Semiconductor Corporation) -- C:\WINDOWS\System32\DRIVERS\RTL8139.SYS -- (rtl8139 [On_Demand | Running])
DRV - [2009/08/05 16:06:28 | 00,009,968 | ---- | M] (SUPERAdBlocker.com and SUPERAntiSpyware.com) -- C:\Program Files\SUPERAntiSpyware\SASDIFSV.SYS -- (SASDIFSV [System | Running])
DRV - [2009/08/05 16:06:30 | 00,007,408 | R--- | M] ( SUPERAdBlocker.com and SUPERAntiSpyware.com) -- C:\Program Files\SUPERAntiSpyware\SASENUM.SYS -- (SASENUM [On_Demand | Stopped])
DRV - [2009/08/05 16:06:28 | 00,074,480 | ---- | M] (SUPERAdBlocker.com and SUPERAntiSpyware.com) -- C:\Program Files\SUPERAntiSpyware\SASKUTIL.sys -- (SASKUTIL [System | Running])
DRV - [2008/04/13 11:39:15 | 00,020,480 | ---- | M] (Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K.) -- C:\WINDOWS\System32\DRIVERS\secdrv.sys -- (Secdrv [On_Demand | Stopped])
DRV - [2002/03/19 04:18:26 | 00,187,520 | ---- | M] (Silicon Integrated Systems Corporation) -- C:\WINDOWS\System32\DRIVERS\sisgrp.sys -- (SiS315 [On_Demand | Stopped])
DRV - [2001/12/27 05:52:58 | 00,027,136 | ---- | M] (Silicon Integrated Systems Corporation) -- C:\WINDOWS\System32\DRIVERS\SISAGP.sys -- (SISAGP [Boot | Running])
DRV - [2001/11/29 13:54:08 | 00,411,368 | ---- | M] (Analog Devices, Inc.) -- C:\WINDOWS\System32\drivers\smwdm.sys -- (smwdm [On_Demand | Running])
DRV - [2006/08/06 23:16:00 | 00,076,560 | ---- | M] (Trend Micro Inc.) -- C:\WINDOWS\System32\drivers\tmcomm.sys -- (tmcomm [Disabled | Stopped])
DRV - [2002/03/21 00:35:56 | 00,144,860 | ---- | M] (VIA Technologies, Inc.) -- C:\WINDOWS\System32\DRIVERS\trid3dm.sys -- (trid3d [On_Demand | Stopped])
DRV - [2002/03/27 17:17:10 | 00,087,648 | ---- | M] (Intel Corporation) -- C:\WINDOWS\System32\drivers\ialmsbw.sys -- ({6080A529-897E-4629-A488-ABA0C29B635E} [On_Demand | Stopped])
DRV - [2002/03/27 17:17:20 | 00,069,472 | ---- | M] (Intel Corporation) -- C:\WINDOWS\System32\drivers\ialmkchw.sys -- ({D31A0762-0CEB-444e-ACFF-B049A1F6FE91} [On_Demand | Stopped])

========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = [binary data]
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Extensions Off Page = about:NoAdd-ons
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\WINDOWS\system32\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Security Risk Page = about:SecurityRisk
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,CustomizeSearch = http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchcust.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchasst.htm


IE - HKU\.DEFAULT\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-18\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-20\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-21-2355909145-1709136994-1300003180-1003\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\WINDOWS\system32\blank.htm
IE - HKU\S-1-5-21-2355909145-1709136994-1300003180-1003\SOFTWARE\Microsoft\Internet Explorer\Main,Page_Transitions = 1
IE - HKU\S-1-5-21-2355909145-1709136994-1300003180-1003\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = www.google.com
IE - HKU\S-1-5-21-2355909145-1709136994-1300003180-1003\SOFTWARE\Microsoft\Internet Explorer\Main,SearchMigratedDefaultName = Google
IE - HKU\S-1-5-21-2355909145-1709136994-1300003180-1003\SOFTWARE\Microsoft\Internet Explorer\Main,SearchMigratedDefaultURL = http://www.google.com/search?q={searchTerm...tf8&oe=utf8
IE - HKU\S-1-5-21-2355909145-1709136994-1300003180-1003\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = about:blank
IE - HKU\S-1-5-21-2355909145-1709136994-1300003180-1003\S-1-5-21-2355909145-1709136994-1300003180-1003\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-2355909145-1709136994-1300003180-1003\S-1-5-21-2355909145-1709136994-1300003180-1003\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = 127.0.0.1



O1 HOSTS File: (618526 bytes) - C:\WINDOWS\System32\drivers\etc\Hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: 127.0.0.1 ad.a8.net
O1 - Hosts: 127.0.0.1 asy.a8ww.net
O1 - Hosts: 127.0.0.1 acezip.net #[SiteAdvisor.acezip.net]
O1 - Hosts: 127.0.0.1 www.acezip.net #[Win32/Adware.180Solutions]
O1 - Hosts: 127.0.0.1 phpadsnew.abac.com
O1 - Hosts: 127.0.0.1 a.abnad.net
O1 - Hosts: 127.0.0.1 b.abnad.net
O1 - Hosts: 127.0.0.1 c.abnad.net #[eTrust.Tracking.Cookie]
O1 - Hosts: 127.0.0.1 d.abnad.net
O1 - Hosts: 127.0.0.1 e.abnad.net
O1 - Hosts: 127.0.0.1 t.abnad.net
O1 - Hosts: 127.0.0.1 z.abnad.net
O1 - Hosts: 127.0.0.1 banners.absolpublisher.com
O1 - Hosts: 127.0.0.1 tracking.absolstats.com
O1 - Hosts: 127.0.0.1 adv.abv.bg
O1 - Hosts: 127.0.0.1 bimg.abv.bg
O1 - Hosts: 127.0.0.1 www2.a-counter.kiev.ua
O1 - Hosts: 127.0.0.1 track.acclaimnetwork.com
O1 - Hosts: 127.0.0.1 accuserveadsystem.com
O1 - Hosts: 127.0.0.1 www.accuserveadsystem.com
O1 - Hosts: 127.0.0.1 gtb5.acecounter.com
O1 - Hosts: 127.0.0.1 gtb19.acecounter.com
O1 - Hosts: 127.0.0.1 gtcc1.acecounter.com
O1 - Hosts: 127.0.0.1 gtp1.acecounter.com #[eTrust.Tracking.Cookie]
O1 - Hosts: 16469 more lines...
O3 - HKU\S-1-5-21-2355909145-1709136994-1300003180-1003\..\Toolbar\ShellBrowser: (&hp toolkit) - {B2847E28-5D7D-4DEB-8B67-05D28BCF79F5} - C:\HP\EXPLOREBAR\HPTOOLKT.DLL (Hewlett-Packard Company)
O3 - HKU\S-1-5-21-2355909145-1709136994-1300003180-1003\..\Toolbar\WebBrowser: (&hp toolkit) - {B2847E28-5D7D-4DEB-8B67-05D28BCF79F5} - C:\HP\EXPLOREBAR\HPTOOLKT.DLL (Hewlett-Packard Company)
O4 - HKLM..\Run: [hpsysdrv] c:\windows\system\hpsysdrv.exe (Hewlett-Packard Company)
O4 - HKLM..\Run: [KBD] C:\HP\KBD\KBD.EXE (Hewlett-Packard Company)
O4 - HKLM..\Run: [Lexmark 1200 Series] C:\Program Files\Lexmark 1200 Series\lxczbmgr.exe (Lexmark International, Inc.)
O4 - HKLM..\Run: [Malwarebytes Anti-Malware (reboot)] C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe (Malwarebytes Corporation)
O4 - HKLM..\Run: [PS2] C:\WINDOWS\System32\ps2.exe (Hewlett-Packard Company)
O4 - HKLM..\Run: [Recguard] C:\WINDOWS\SMINST\RECGUARD.EXE ()
O4 - HKLM..\Run: [S3apphk] C:\WINDOWS\System32\S3apphk.exe ()
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: dontdisplaylastusername = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticecaption =
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticetext =
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: shutdownwithoutlogon = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: undockwithoutlogon = 1
O7 - HKU\.DEFAULT\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\.DEFAULT\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-18\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-18\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-20\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-20\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-20_Classes\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-20_Classes\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O7 - HKU\S-1-5-21-2355909145-1709136994-1300003180-1003\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-21-2355909145-1709136994-1300003180-1003\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O7 - HKU\S-1-5-21-2355909145-1709136994-1300003180-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-21-2355909145-1709136994-1300003180-1003_Classes\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-21-2355909145-1709136994-1300003180-1003_Classes\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O8 - Extra context menu item: Add to Google Photos Screensa&ver - C:\WINDOWS\System32\GPhotos.scr (Google Inc.)
O9 - Extra 'Tools' menuitem : @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000004 - C:\WINDOWS\System32\rsvpsp.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000005 - C:\WINDOWS\System32\rsvpsp.dll (Microsoft Corporation)
O15 - HKLM\..Trusted Domains: 215 domain(s) and sub-domain(s) not assigned to a zone.
O15 - HKU\.DEFAULT\..Trusted Domains: 81 domain(s) and sub-domain(s) not assigned to a zone.
O15 - HKU\S-1-5-18\..Trusted Domains: 81 domain(s) and sub-domain(s) not assigned to a zone.
O15 - HKU\S-1-5-21-2355909145-1709136994-1300003180-1003\..Trusted Domains: ([]msn in My Computer)
O15 - HKU\S-1-5-21-2355909145-1709136994-1300003180-1003\..Trusted Domains: facebook.com ([login] https in Trusted sites)
O15 - HKU\S-1-5-21-2355909145-1709136994-1300003180-1003\..Trusted Domains: facebook.com ([www] https in Trusted sites)
O15 - HKU\S-1-5-21-2355909145-1709136994-1300003180-1003\..Trusted Domains: microsoft.com ([*.update] http in Trusted sites)
O15 - HKU\S-1-5-21-2355909145-1709136994-1300003180-1003\..Trusted Domains: microsoft.com ([*.update] https in Trusted sites)
O15 - HKU\S-1-5-21-2355909145-1709136994-1300003180-1003\..Trusted Domains: microsoft.com ([www.update] http in Trusted sites)
O15 - HKU\S-1-5-21-2355909145-1709136994-1300003180-1003\..Trusted Domains: mycoupons.com ([]http in Trusted sites)
O15 - HKU\S-1-5-21-2355909145-1709136994-1300003180-1003\..Trusted Domains: mycoupons.com ([www] https in Trusted sites)
O15 - HKU\S-1-5-21-2355909145-1709136994-1300003180-1003\..Trusted Domains: mypoints.com ([]http in Trusted sites)
O15 - HKU\S-1-5-21-2355909145-1709136994-1300003180-1003\..Trusted Domains: mypoints.com ([www] https in Trusted sites)
O15 - HKU\S-1-5-21-2355909145-1709136994-1300003180-1003\..Trusted Domains: windowsupdate.com ([download] http in Trusted sites)
O15 - HKU\S-1-5-21-2355909145-1709136994-1300003180-1003\..Trusted Domains: 83 domain(s) and sub-domain(s) not assigned to a zone.
O16 - DPF: {166B1BCA-3F9C-11CF-8075-444553540000} http://download.macromedia.com/pub/shockwa...director/sw.cab (Shockwave ActiveX Control)
O16 - DPF: {3E68E405-C6DE-49FF-83AE-41EE9F4C36CE} Reg Error: Value error. (Reg Error: Key error.)
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} http://update.microsoft.com/microsoftupdat...b?1239078844765 (WUWebControl Class)
O16 - DPF: {8100D56A-5661-482C-BEE8-AFECE305D968} http://upload.facebook.com/controls/2009.0...oUploader55.cab (Facebook Photo Uploader 5 Control)
O16 - DPF: {9732FB42-C321-11D1-836F-00A0C993F125} http://www.pcpitstop.com/mhLbl.cab (mhLabel Class)
O16 - DPF: {9F1C11AA-197B-4942-BA54-47A8489BB47F} Reg Error: Value error. (Reg Error: Key error.)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload.macromedia.com/get/flash...ent/swflash.cab (Shockwave Flash Object)
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab (get_atlcom Class)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.0.1 192.168.0.1
O18 - Protocol\Handler\http\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\http\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\https\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\https\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\ipp - No CLSID value found
O18 - Protocol\Handler\ipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp - No CLSID value found
O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\msdaipp.dll (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\Explorer.exe (Microsoft Corporation)
O20 - Winlogon\Notify\igfxcui: DllName - igfxsrvc.dll - C:\WINDOWS\System32\igfxsrvc.dll (Intel Corporation)
O24 - Desktop Components:0 (My Current Home Page) - About:Home
O28 - HKLM ShellExecuteHooks: {5AE067D3-9AFB-48E0-853A-EBB7F4A000DA} - C:\Program Files\SUPERAntiSpyware\SASSEH.DLL (SuperAdBlocker.com)
O31 - SafeBoot: AlternateShell - cmd.exe
O32 - HKLM CDRom: AutoRun - 0
O32 - AutoRun File - [2002/08/18 02:44:09 | 00,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O32 - AutoRun File - [2002/08/01 23:06:52 | 00,000,000 | ---- | M] () - C:\AUTOEXEC.CAM -- [ NTFS ]
O32 - AutoRun File - [2001/07/28 07:07:38 | 00,000,000 | ---- | M] () - D:\AUTOEXEC.BAT -- [ FAT32 ]
O34 - HKLM BootExecute: (autocheck) - File not found
O34 - HKLM BootExecute: (autochk) - C:\WINDOWS\System32\autochk.exe (Microsoft Corporation)
O34 - HKLM BootExecute: (*) - File not found

========== Files/Folders - Created Within 30 Days ==========

[2009/09/21 05:44:26 | 00,000,000 | ---D | C] -- C:\_OTL
[2009/09/21 05:21:49 | 00,159,030 | ---- | C] () -- C:\Documents and Settings\Owner\Desktop\J&me1_______________hair_last.jpg
[2009/09/21 04:07:29 | 00,155,673 | ---- | C] () -- C:\Documents and Settings\Owner\Desktop\J&me1______________1_hair.JPG
[2009/09/21 03:32:37 | 00,000,000 | ---- | C] () -- C:\Documents and Settings\Owner\Desktop\J&me1______________1.jpg
[2009/09/21 03:29:24 | 00,158,199 | ---- | C] () -- C:\Documents and Settings\Owner\Desktop\J&me1_______________.jpg
[2009/09/21 02:06:27 | 00,104,321 | ---- | C] () -- C:\Documents and Settings\Owner\Desktop\J&Me_enhanced1.jpg
[2009/09/20 16:43:29 | 26,739,584 | ---- | C] ( ) -- C:\Documents and Settings\Owner\Desktop\AdbeRdr910_en_US.exe
[2009/09/18 22:34:01 | 00,044,582 | ---- | C] () -- C:\Documents and Settings\Owner\Desktop\Z_2.jpg
[2009/09/18 22:29:14 | 00,054,085 | ---- | C] () -- C:\Documents and Settings\Owner\Desktop\Z_.jpg
[2009/09/18 21:42:56 | 00,514,560 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\Owner\Desktop\OTL.exe
[2009/09/18 21:29:54 | 00,001,409 | ---- | C] () -- C:\WINDOWS\QTFont.for
[2009/09/18 21:29:53 | 00,054,156 | -H-- | C] () -- C:\WINDOWS\QTFont.qfn
[2009/09/18 01:54:19 | 00,000,000 | ---D | C] -- C:\rsit
[2009/09/18 01:52:32 | 00,781,909 | ---- | C] () -- C:\Documents and Settings\Owner\Desktop\RSIT.exe
[2009/09/17 23:19:53 | 00,000,707 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Malwarebytes' Anti-Malware.lnk
[2009/09/17 23:19:46 | 00,038,224 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbamswissarmy.sys
[2009/09/17 23:19:42 | 00,019,160 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbam.sys
[2009/09/17 23:19:40 | 00,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware
[2009/09/17 23:17:48 | 04,045,528 | ---- | C] (Malwarebytes Corporation ) -- C:\Documents and Settings\Owner\Desktop\mbam-setup.exe
[2009/09/17 14:28:46 | 00,009,233 | ---- | C] () -- C:\Documents and Settings\Owner\Desktop\UdidIt_Congrats.jpg
[2009/09/16 23:16:51 | 00,096,806 | ---- | C] () -- C:\Documents and Settings\Owner\Desktop\FFA2B686-0F5F-48D2-8F2B-0B3A50D36D11.jpg
[2009/09/16 23:08:17 | 00,070,709 | ---- | C] () -- C:\Documents and Settings\Owner\Desktop\Party8_.jpg
[2009/09/16 05:22:06 | 00,028,730 | ---- | C] () -- C:\Documents and Settings\Owner\Desktop\53000,1171143160,2_.gif
[2009/09/16 04:30:04 | 00,001,264 | ---- | C] () -- C:\Documents and Settings\Owner\Desktop\1228417399516089769j4p4n_cool_frame_-_1859_svg_med.gif
[2009/09/16 00:44:40 | 00,001,277 | ---- | C] () -- C:\Documents and Settings\Owner\Desktop\Attach.zip
[2009/09/16 00:26:14 | 00,359,932 | ---- | C] () -- C:\Documents and Settings\Owner\Desktop\dds.scr
[2009/09/14 04:06:57 | 00,026,032 | ---- | C] () -- C:\Documents and Settings\Owner\Desktop\BobTZ&me.jpg
[2009/09/14 03:46:03 | 00,032,758 | ---- | C] () -- C:\Documents and Settings\Owner\Desktop\Lilly_1a.bmp
[2009/09/14 03:45:30 | 00,032,278 | ---- | C] () -- C:\Documents and Settings\Owner\Desktop\Lilly_1.bmp
[2009/09/14 03:43:26 | 00,345,666 | ---- | C] () -- C:\Documents and Settings\Owner\Desktop\BobME &TZ.bmp
[2009/09/10 17:25:50 | 00,000,646 | ---- | C] () -- C:\Documents and Settings\Owner\Desktop\Shortcut to Collages (2).lnk
[2009/09/10 17:13:25 | 00,061,283 | ---- | C] () -- C:\Documents and Settings\Owner\Desktop\J&me4_editied.jpg
[2009/09/10 06:22:56 | 00,018,134 | ---- | C] () -- C:\Documents and Settings\Owner\Desktop\BirdcageSilhouhette_2.gif
[2009/09/09 18:43:28 | 00,208,896 | ---- | C] () -- C:\Documents and Settings\Owner\Desktop\Fall 2009 Scheduling Form (2)_.xls
[2009/09/09 02:22:20 | 00,000,907 | ---- | C] () -- C:\Documents and Settings\Owner\Desktop\Shortcut to Collages.jpg.lnk
[2009/09/08 23:47:08 | 08,036,352 | ---- | C] (Irfan Skiljan) -- C:\Documents and Settings\Owner\Desktop\irfanview_plugins_425_setup.exe
[2009/09/08 23:41:17 | 00,001,576 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\IrfanView Thumbnails.lnk
[2009/09/08 23:41:16 | 00,000,696 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\IrfanView.lnk
[2009/09/08 23:41:14 | 00,000,000 | ---D | C] -- C:\Program Files\IrfanView
[2009/09/08 23:23:02 | 01,359,360 | ---- | C] (Irfan Skiljan) -- C:\Documents and Settings\Owner\Desktop\iview425_setup.exe
[2009/09/08 20:51:19 | 00,064,265 | ---- | C] () -- C:\Documents and Settings\Owner\Desktop\FACEBOOK_K&me&A.Margie.jpg
[2009/09/08 20:50:25 | 00,070,895 | ---- | C] () -- C:\Documents and Settings\Owner\Desktop\FACEBOOK_alex.jpg
[2009/09/08 20:49:42 | 00,045,646 | ---- | C] () -- C:\Documents and Settings\Owner\Desktop\FACEBOOK_ K&Me.jpg
[2009/09/08 18:18:24 | 00,008,687 | ---- | C] () -- C:\Documents and Settings\Owner\Desktop\craftyBiochPnkFLAIR.jpg
[2009/09/08 18:17:19 | 00,008,880 | ---- | C] () -- C:\Documents and Settings\Owner\Desktop\UcraftyBiochFLAIR.jpg
[2009/09/08 18:16:28 | 00,007,116 | ---- | C] () -- C:\Documents and Settings\Owner\Desktop\craftyBiochFLAIR.jpg
[2009/09/08 18:15:15 | 00,005,547 | ---- | C] () -- C:\Documents and Settings\Owner\Desktop\CraftHoFLAIR.jpg
[2009/09/08 18:14:24 | 00,008,419 | ---- | C] () -- C:\Documents and Settings\Owner\Desktop\CraftW_attitudeFLAIR.jpg
[2009/09/08 18:13:07 | 00,007,105 | ---- | C] () -- C:\Documents and Settings\Owner\Desktop\SoManyIdeasFLAIR.jpg
[2009/09/08 18:11:23 | 00,007,948 | ---- | C] () -- C:\Documents and Settings\Owner\Desktop\the tudors flair.jpg
[2009/09/08 18:00:06 | 00,006,808 | ---- | C] () -- C:\Documents and Settings\Owner\Desktop\TrueThatFlair_1.jpg
[2009/09/08 17:45:56 | 00,055,813 | ---- | C] () -- C:\Documents and Settings\Owner\Desktop\TrueThatFLAIR2.jpg
[2009/09/08 16:44:27 | 00,020,217 | ---- | C] () -- C:\Documents and Settings\Owner\Desktop\AllIwntIs Jucy.jpg
[2009/09/08 16:41:13 | 00,041,855 | ---- | C] () -- C:\Documents and Settings\Owner\Desktop\multiBkgrnd6.jpg
[2009/09/08 16:40:48 | 00,031,531 | ---- | C] () -- C:\Documents and Settings\Owner\Desktop\multiBkgrnd5.jpg
[2009/09/08 16:40:29 | 00,030,901 | ---- | C] () -- C:\Documents and Settings\Owner\Desktop\multiRoseBkgrnd.jpg
[2009/09/08 16:38:59 | 00,041,093 | ---- | C] () -- C:\Documents and Settings\Owner\Desktop\antiqBkgrnd4.jpg
[2009/09/08 16:37:36 | 00,044,228 | ---- | C] () -- C:\Documents and Settings\Owner\Desktop\wildColorBkgrnd.jpg
[2009/09/08 16:37:17 | 00,031,503 | ---- | C] () -- C:\Documents and Settings\Owner\Desktop\butrflyBkgrnd.jpg
[2009/09/08 16:35:38 | 00,023,328 | ---- | C] () -- C:\Documents and Settings\Owner\Desktop\pastelMultiBkgrnd.jpg
[2009/09/08 16:34:46 | 00,039,300 | ---- | C] () -- C:\Documents and Settings\Owner\Desktop\multiFlwrBkgrnd.jpg
[2009/09/08 16:34:16 | 00,024,197 | ---- | C] () -- C:\Documents and Settings\Owner\Desktop\plum&multiBkgrnd.jpg
[2009/09/08 16:32:04 | 00,031,503 | ---- | C] () -- C:\Documents and Settings\Owner\Desktop\butrfly&flwrBkgrnd.jpg
[2009/09/08 16:31:27 | 00,035,525 | ---- | C] () -- C:\Documents and Settings\Owner\Desktop\grey&multiBkrnd.jpg
[2009/09/08 16:29:33 | 00,041,999 | ---- | C] () -- C:\Documents and Settings\Owner\Desktop\antiqBkgrnd.jpg
[2009/09/08 16:25:27 | 00,032,448 | ---- | C] () -- C:\Documents and Settings\Owner\Desktop\pnk&blkChandelierBKGRND.jpg
[2009/09/08 16:24:24 | 00,026,725 | ---- | C] () -- C:\Documents and Settings\Owner\Desktop\multiColorBkgrnd3.jpg
[2009/09/08 16:23:31 | 00,030,444 | ---- | C] () -- C:\Documents and Settings\Owner\Desktop\pnk&BlkBkgrnd.jpg
[2009/09/08 16:23:04 | 00,043,438 | ---- | C] () -- C:\Documents and Settings\Owner\Desktop\multiColorClocBkgrnd.jpg
[2009/09/08 16:19:41 | 00,017,885 | ---- | C] () -- C:\Documents and Settings\Owner\Desktop\ToilleBirds.jpg
[2009/09/08 16:19:24 | 00,015,956 | ---- | C] () -- C:\Documents and Settings\Owner\Desktop\antiqBird.jpg
[2009/09/08 16:17:07 | 00,018,242 | ---- | C] () -- C:\Documents and Settings\Owner\Desktop\pastlBkgrnd.jpg
[2009/09/08 16:16:09 | 00,034,895 | ---- | C] () -- C:\Documents and Settings\Owner\Desktop\multiColrBkgrnd2.jpg
[2009/09/08 16:15:14 | 00,037,966 | ---- | C] () -- C:\Documents and Settings\Owner\Desktop\multicolorFlowrBkgrnd.jpg
[2009/09/08 16:11:31 | 00,019,614 | ---- | C] () -- C:\Documents and Settings\Owner\Desktop\beigeButrflyBkgrnd.jpg
[2009/09/08 16:09:51 | 00,019,566 | ---- | C] () -- C:\Documents and Settings\Owner\Desktop\bluePatinaBkgrnd.jpg
[2009/09/08 16:07:03 | 00,034,895 | ---- | C] () -- C:\Documents and Settings\Owner\Desktop\multiBkgrnd.jpg
[2009/09/08 16:00:55 | 00,015,232 | ---- | C] () -- C:\Documents and Settings\Owner\Desktop\butterflyWallpaper.jpg
[2009/09/08 16:00:18 | 00,072,644 | ---- | C] () -- C:\Documents and Settings\Owner\Desktop\multiColorFlwr2Bkgrnd.jpg
[2009/09/08 15:58:25 | 00,030,305 | ---- | C] () -- C:\Documents and Settings\Owner\Desktop\vint.FlrwBlueBkgrnd.jpg
[2009/09/08 15:56:19 | 00,004,154 | ---- | C] () -- C:\Documents and Settings\Owner\Desktop\butterfly.jpg
[2009/09/08 15:53:33 | 00,003,650 | ---- | C] () -- C:\Documents and Settings\Owner\Desktop\birdcage.jpg
[2009/09/08 15:52:03 | 00,027,051 | ---- | C] () -- C:\Documents and Settings\Owner\Desktop\vintageFlowrCorner.jpg
[2009/09/08 15:50:51 | 00,015,146 | ---- | C] () -- C:\Documents and Settings\Owner\Desktop\blkWhimiscBkgrnd.jpg
[2009/09/08 15:49:06 | 00,041,093 | ---- | C] () -- C:\Documents and Settings\Owner\Desktop\antiqueFloralBkgrnd_.jpg
[2009/09/08 15:46:29 | 00,039,498 | ---- | C] () -- C:\Documents and Settings\Owner\Desktop\crackleDirtBkgrnd.jpg
[2009/09/08 15:46:10 | 00,031,445 | ---- | C] () -- C:\Documents and Settings\Owner\Desktop\MultiColorFloralBkgrnd.jpg
[2009/09/08 15:44:44 | 00,037,613 | ---- | C] () -- C:\Documents and Settings\Owner\Desktop\pinkFloralbkgrnd.jpg
[2009/09/08 15:44:19 | 00,046,003 | ---- | C] () -- C:\Documents and Settings\Owner\Desktop\pinkOrnge&whteBkgrnd.jpg
[2009/09/08 15:34:29 | 00,015,716 | ---- | C] () -- C:\Documents and Settings\Owner\Desktop\craftyMenRhot.jpg
[2009/09/07 20:23:24 | 00,072,192 | ---- | C] () -- C:\Documents and Settings\Owner\My Documents\Acupressure Info_.wps
[2009/09/07 16:51:28 | 00,071,246 | ---- | C] () -- C:\Documents and Settings\Owner\Desktop\chandelier7_.jpg
[2009/09/07 03:49:03 | 00,064,765 | ---- | C] () -- C:\Documents and Settings\Owner\Desktop\Paris SkyLine.jpg
[2009/09/07 03:46:44 | 00,012,904 | ---- | C] () -- C:\Documents and Settings\Owner\Desktop\Bkgrnd_pale blue2.jpg
[2009/09/07 03:46:17 | 00,000,360 | ---- | C] () -- C:\Documents and Settings\Owner\Desktop\Bkgrnd_pale blue.jpg
[2009/09/07 03:41:25 | 00,077,903 | ---- | C] () -- C:\Documents and Settings\Owner\Desktop\Bkgrnd_-Off-White.gif
[2009/09/07 03:37:44 | 00,000,043 | ---- | C] () -- C:\Documents and Settings\Owner\Desktop\Paris CityLine.gif
[2009/09/07 02:28:44 | 00,636,699 | ---- | C] () -- C:\Documents and Settings\Owner\Desktop\Printable Victorian Blk&Whte Objects.jpg
[2009/09/07 02:26:15 | 00,027,572 | ---- | C] () -- C:\Documents and Settings\Owner\Desktop\paisley clipart.gif
[2009/09/07 02:23:58 | 00,009,517 | ---- | C] () -- C:\Documents and Settings\Owner\Desktop\flower clipart.jpg
[2009/09/07 01:11:51 | 00,119,471 | ---- | C] () -- C:\Documents and Settings\Owner\Desktop\Copy of chandelier_Page2.jpg
[2009/09/07 01:11:51 | 00,054,298 | ---- | C] () -- C:\Documents and Settings\Owner\Desktop\Copy of Charm6.jpg
[2009/09/07 01:11:51 | 00,048,122 | ---- | C] () -- C:\Documents and Settings\Owner\Desktop\Copy of Charm4.jpg
[2009/09/07 01:08:58 | 00,086,828 | ---- | C] () -- C:\Documents and Settings\Owner\Desktop\Copy of chandelier40.jpg
[2009/09/07 01:08:58 | 00,044,352 | ---- | C] () -- C:\Documents and Settings\Owner\Desktop\Copy of chandelier38.jpg
[2009/09/07 01:08:58 | 00,042,729 | ---- | C] () -- C:\Documents and Settings\Owner\Desktop\Copy of chandelier37.jpg
[2009/09/07 01:08:58 | 00,031,961 | ---- | C] () -- C:\Documents and Settings\Owner\Desktop\Copy of chandelier39.jpg
[2009/09/06 23:25:21 | 00,001,961 | ---- | C] () -- C:\Documents and Settings\Owner\Desktop\chandelier_starburst1_square.jpg
[2009/09/06 23:21:12 | 00,001,233 | ---- | C] () -- C:\Documents and Settings\Owner\Desktop\chandelier_swirl5.jpg
[2009/09/06 23:08:51 | 00,001,180 | ---- | C] () -- C:\Documents and Settings\Owner\Desktop\chandelier_starburst4.jpg
[2009/09/06 23:08:06 | 00,003,301 | ---- | C] () -- C:\Documents and Settings\Owner\Desktop\chandelier_starburst2.jpg
[2009/09/06 23:07:01 | 00,002,790 | ---- | C] () -- C:\Documents and Settings\Owner\Desktop\chandelier_starburst1.jpg
[2009/09/06 22:51:57 | 00,006,190 | ---- | C] () -- C:\Documents and Settings\Owner\Desktop\chandelier_swirl4.jpg
[2009/09/06 22:51:51 | 00,008,252 | ---- | C] () -- C:\Documents and Settings\Owner\Desktop\chandelier_swirl3.jpg
[2009/09/06 22:51:39 | 00,008,310 | ---- | C] () -- C:\Documents and Settings\Owner\Desktop\chandelier_swirl2.jpg
[2009/09/06 22:46:47 | 00,003,134 | ---- | C] () -- C:\Documents and Settings\Owner\Desktop\Chandelier_swirl.jpg
[2009/09/06 20:38:42 | 00,095,447 | ---- | C] () -- C:\Documents and Settings\Owner\Desktop\aGeoPattern3.png
[2009/09/06 20:38:13 | 00,077,359 | ---- | C] () -- C:\Documents and Settings\Owner\Desktop\aGeoPattern2.png
[2009/09/06 20:37:43 | 00,077,359 | ---- | C] () -- C:\Documents and Settings\Owner\Desktop\aGeoPattern1.png
[2009/09/05 20:17:02 | 00,195,814 | ---- | C] () -- C:\Documents and Settings\Owner\My Documents\PETSmart Grooming $10 OFF.jpg
[2009/09/04 23:08:12 | 00,034,615 | ---- | C] () -- C:\Documents and Settings\Owner\Desktop\shapes4.png
[2009/09/04 23:07:45 | 00,034,775 | ---- | C] () -- C:\Documents and Settings\Owner\Desktop\shapes3.png
[2009/09/04 23:07:11 | 00,072,545 | ---- | C] () -- C:\Documents and Settings\Owner\Desktop\shape2_.png
[2009/09/04 23:06:46 | 00,018,749 | ---- | C] () -- C:\Documents and Settings\Owner\Desktop\shape2.png
[2009/09/04 23:04:33 | 00,016,220 | ---- | C] () -- C:\Documents and Settings\Owner\Desktop\shape1.png
[2009/09/04 05:03:21 | 00,000,000 | ---- | C] () -- C:\Documents and Settings\Owner\Desktop\LightShow COLLAGE1.jpg
[2009/09/04 03:12:23 | 00,061,779 | ---- | C] () -- C:\Documents and Settings\Owner\Desktop\FLAIR____.jpg
[2009/09/04 03:07:54 | 00,019,443 | ---- | C] () -- C:\Documents and Settings\Owner\Desktop\Bakgrnd15.jpg
[2009/09/04 02:55:59 | 00,009,726 | ---- | C] () -- C:\Documents and Settings\Owner\Desktop\bakgrnd10.jpg
[2009/09/04 02:46:32 | 00,267,918 | ---- | C] () -- C:\Documents and Settings\Owner\Desktop\RmIdea3.jpg
[2009/09/04 02:43:08 | 00,048,766 | ---- | C] () -- C:\Documents and Settings\Owner\Desktop\bakgrnd8.jpg
[2009/09/04 02:40:06 | 00,037,620 | ---- | C] () -- C:\Documents and Settings\Owner\Desktop\charm9.jpg
[2009/09/04 02:39:44 | 00,044,953 | ---- | C] () -- C:\Documents and Settings\Owner\Desktop\charm8.jpg
[2009/09/04 02:39:26 | 00,045,927 | ---- | C] () -- C:\Documents and Settings\Owner\Desktop\charm7.jpg
[2009/09/04 02:39:14 | 00,054,298 | ---- | C] () -- C:\Documents and Settings\Owner\Desktop\Charm6.jpg
[2009/09/04 02:38:56 | 00,048,122 | ---- | C] () -- C:\Documents and Settings\Owner\Desktop\Charm4.jpg
[2009/09/04 02:38:40 | 00,056,195 | ---- | C] () -- C:\Documents and Settings\Owner\Desktop\KeyCharm.jpg
[2009/09/04 02:37:48 | 00,081,631 | ---- | C] () -- C:\Documents and Settings\Owner\Desktop\L_crown.jpg
[2009/09/04 02:37:14 | 00,044,164 | ---- | C] () -- C:\Documents and Settings\Owner\Desktop\crown2.jpg
[2009/09/04 02:37:04 | 00,052,762 | ---- | C] () -- C:\Documents and Settings\Owner\Desktop\ShadowBox Charm.jpg
[2009/09/04 02:36:25 | 00,044,780 | ---- | C] () -- C:\Documents and Settings\Owner\Desktop\crownCharm.jpg
[2009/09/04 02:36:07 | 00,088,862 | ---- | C] () -- C:\Documents and Settings\Owner\Desktop\JewelryCharms.jpg
[2009/09/04 02:35:41 | 00,088,572 | ---- | C] () -- C:\Documents and Settings\Owner\Desktop\chandelier41.jpg
[2009/09/04 02:35:19 | 00,086,828 | ---- | C] () -- C:\Documents and Settings\Owner\Desktop\chandelier40.jpg
[2009/09/04 02:35:04 | 00,031,961 | ---- | C] () -- C:\Documents and Settings\Owner\Desktop\chandelier39.jpg
[2009/09/04 02:34:36 | 00,044,352 | ---- | C] () -- C:\Documents and Settings\Owner\Desktop\chandelier38.jpg
[2009/09/04 02:34:12 | 00,042,729 | ---- | C] () -- C:\Documents and Settings\Owner\Desktop\chandelier37.jpg
[2009/09/04 02:33:26 | 00,041,409 | ---- | C] () -- C:\Documents and Settings\Owner\Desktop\Bakgrnd6.jpg
[2009/09/04 02:31:23 | 00,189,005 | ---- | C] () -- C:\Documents and Settings\Owner\Desktop\bakgrnd5.jpg
[2009/09/04 02:31:14 | 00,328,660 | ---- | C] () -- C:\Documents and Settings\Owner\Desktop\bakgrnd4.jpg
[2009/09/04 02:30:55 | 00,123,866 | ---- | C] () -- C:\Documents and Settings\Owner\Desktop\bakgrnd3.jpg
[2009/09/04 02:30:29 | 00,119,471 | ---- | C] () -- C:\Documents and Settings\Owner\Desktop\chandelier_Page2.jpg
[2009/09/04 02:30:09 | 00,139,170 | ---- | C] () -- C:\Documents and Settings\Owner\Desktop\Bakgrnd.jpg
[2009/09/04 02:29:41 | 00,209,502 | ---- | C] () -- C:\Documents and Settings\Owner\Desktop\swirlGirlBkground.jpg
[2009/09/04 02:29:21 | 00,082,696 | ---- | C] () -- C:\Documents and Settings\Owner\Desktop\swanBkground.jpg
[2009/09/04 02:27:26 | 00,077,791 | ---- | C] () -- C:\Documents and Settings\Owner\Desktop\chandelier_Page.jpg
[2009/09/04 02:19:22 | 00,014,517 | ---- | C] () -- C:\Documents and Settings\Owner\Desktop\eiffelTower2.jpg
[2009/09/04 02:14:23 | 00,006,304 | ---- | C] () -- C:\Documents and Settings\Owner\Desktop\EiffelTower.jpg
[2009/09/04 02:10:51 | 00,038,108 | ---- | C] () -- C:\Documents and Settings\Owner\Desktop\ShabbyChicLight.jpg
[2009/09/04 02:06:41 | 00,065,094 | ---- | C] () -- C:\Documents and Settings\Owner\Desktop\RmIdea2.jpg
[2009/09/04 02:06:18 | 00,015,539 | ---- | C] () -- C:\Documents and Settings\Owner\Desktop\RmIdea.jpg
[2009/09/04 02:02:44 | 00,014,870 | ---- | C] () -- C:\Documents and Settings\Owner\Desktop\homecollage.jpg
[2009/09/03 21:15:16 | 00,013,520 | ---- | C] () -- C:\Documents and Settings\Owner\Desktop\Red Medalian.jpg
[2009/09/03 04:50:41 | 00,068,108 | -H-- | C] () -- C:\WINDOWS\System32\mlfcache.dat
[2009/09/03 02:44:36 | 00,009,200 | ---- | C] (Sonic Solutions) -- C:\WINDOWS\System32\drivers\cdralw2k.sys
[2009/09/03 02:44:36 | 00,009,072 | ---- | C] (Sonic Solutions) -- C:\WINDOWS\System32\drivers\cdr4_xp.sys
[2009/09/03 02:44:35 | 00,543,216 | ---- | C] (Sonic Solutions) -- C:\WINDOWS\System32\pxdrv.dll
[2009/09/03 02:44:35 | 00,088,560 | ---- | C] (Sonic Solutions) -- C:\WINDOWS\System32\vxblock.dll
[2009/09/03 02:44:35 | 00,072,176 | ---- | C] (Sonic Solutions) -- C:\WINDOWS\System32\pxhpinst.exe
[2009/09/03 02:44:34 | 00,379,376 | ---- | C] (Sonic Solutions) -- C:\WINDOWS\System32\pxwave.dll
[2009/09/03 02:44:34 | 00,186,864 | ---- | C] (Sonic Solutions) -- C:\WINDOWS\System32\pxmas.dll
[2009/09/03 02:44:33 | 00,588,272 | ---- | C] (Sonic Solutions) -- C:\WINDOWS\System32\px.dll
[2009/09/03 02:44:30 | 00,000,770 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Picasa 3.lnk
[2009/09/03 02:42:46 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\IOSUBSYS
[2009/09/03 02:41:48 | 00,000,000 | ---D | C] -- C:\Program Files\Google
[2009/09/03 02:37:42 | 10,053,112 | ---- | C] (Google Inc.) -- C:\Documents and Settings\Owner\Desktop\picasa3-setup.exe
[2009/09/03 01:27:06 | 00,000,000 | ---D | C] -- C:\Program Files\Excel Viewer
[2009/09/03 00:49:30 | 00,208,896 | ---- | C] () -- C:\Documents and Settings\Owner\Desktop\Fall 2009 Scheduling Form (2).xls
[2009/09/02 22:23:05 | 00,513,666 | ---- | C] () -- C:\Documents and Settings\Owner\Desktop\Copy of mini_schnauzer cut idea2.bmp
[2009/09/02 22:23:05 | 00,230,839 | ---- | C] () -- C:\Documents and Settings\Owner\Desktop\Copy of ZonedOut.zip
[2009/09/02 22:23:05 | 00,125,850 | ---- | C] () -- C:\Documents and Settings\Owner\Desktop\Copy of FlightofTheConcords.mp3
[2009/09/02 22:23:04 | 00,113,413 | ---- | C] () -- C:\Documents and Settings\Owner\Desktop\Copy of Jewelry_gilded Lucite Flower ring.jpg
[2009/09/02 22:23:04 | 00,107,761 | ---- | C] () -- C:\Documents and Settings\Owner\Desktop\Copy of COUPON_qdoba_1.jpg
[2009/09/02 22:23:04 | 00,097,009 | ---- | C] () -- C:\Documents and Settings\Owner\Desktop\Copy of TSH_test.jpg
[2009/09/02 22:23:04 | 00,088,798 | ---- | C] () -- C:\Documents and Settings\Owner\Desktop\Copy of MorningPerson.png
[2009/09/02 22:23:04 | 00,058,353 | ---- | C] () -- C:\Documents and Settings\Owner\Desktop\Copy of COUPON_Petco_5off25.pdf
[2009/09/02 22:23:04 | 00,055,156 | ---- | C] () -- C:\Documents and Settings\Owner\Desktop\Copy of Tx_$$_ClaimForm.pdf
[2009/09/02 22:23:03 | 02,289,334 | ---- | C] () -- C:\Documents and Settings\Owner\Desktop\Copy of TGIF_Coupon2.bmp
[2009/09/02 22:23:03 | 00,834,438 | ---- | C] () -- C:\Documents and Settings\Owner\Desktop\Copy of TGIF_Coupon1.bmp
[2009/09/02 22:23:03 | 00,149,284 | ---- | C] () -- C:\Documents and Settings\Owner\Desktop\Copy of hosts.zip
[2009/09/02 22:23:02 | 00,000,747 | ---- | C] () -- C:\Documents and Settings\Owner\Desktop\Copy of Shortcut to homedepot-COUPON.jpg.lnk
[2009/09/02 22:21:37 | 00,000,000 | ---D | C] -- C:\Desktop Files2
[2009/09/02 15:42:18 | 00,054,387 | ---- | C] () -- C:\Documents and Settings\Owner\Desktop\Collage IDEA.jpg
[2009/09/02 00:56:49 | 00,112,017 | ---- | C] () -- C:\Documents and Settings\Owner\Desktop\Silhouette_Room Art IDEA.jpg
[2009/09/02 00:55:33 | 00,020,896 | ---- | C] () -- C:\Documents and Settings\Owner\Desktop\Silhouhette_furniture2.jpg
[2009/09/02 00:52:26 | 00,109,854 | ---- | C] () -- C:\Documents and Settings\Owner\Desktop\Silhouettes_furniture.jpg
[2009/09/02 00:51:05 | 00,111,384 | ---- | C] () -- C:\Documents and Settings\Owner\Desktop\flame-of-fire-elements.jpg
[2009/09/02 00:50:21 | 00,068,383 | ---- | C] () -- C:\Documents and Settings\Owner\Desktop\-love-bird-cage.jpg
[2009/09/02 00:49:04 | 00,047,963 | ---- | C] () -- C:\Documents and Settings\Owner\Desktop\bird-in-cage2.jpg
[2009/09/02 00:47:17 | 00,021,426 | ---- | C] () -- C:\Documents and Settings\Owner\Desktop\bird-and-cage-silhouette.jpg
[2009/09/02 00:10:24 | 00,008,692 | ---- | C] () -- C:\Documents and Settings\Owner\Desktop\Necklace_blk.jpg
[2009/09/02 00:09:38 | 00,027,798 | ---- | C] () -- C:\Documents and Settings\Owner\Desktop\Bird silhoette.jpg
[2009/09/01 05:26:55 | 00,005,907 | ---- | C] () -- C:\Documents and Settings\Owner\Desktop\FashionFlair.jpg
[2009/08/31 23:24:10 | 00,214,515 | ---- | C] () -- C:\Documents and Settings\Owner\Desktop\DadA&TZ.JPG
[2009/08/31 20:36:34 | 00,574,338 | ---- | C] () -- C:\Diva's Pictures.nri
[2009/08/31 20:26:55 | 00,000,000 | -H-D | C] -- C:\WINDOWS\ie8
[2009/08/31 20:16:36 | 16,883,056 | ---- | C] (Microsoft Corporation) -- C:\Documents and Settings\Owner\My Documents\IE8-WindowsXP-x86-ENU.exe
[2009/08/31 15:46:51 | 00,007,129 | ---- | C] () -- C:\Documents and Settings\Owner\Desktop\UrSoGucci.jpg
[2009/08/30 17:28:51 | 00,000,000 | -H-D | C] -- C:\$AVG8.VAULT$
[2009/08/30 17:00:04 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\avg8
[2009/08/30 16:51:58 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Owner\Application Data\AVG8
[2009/08/30 15:45:11 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\SUPERAntiSpyware.com
[2009/08/30 15:44:20 | 00,000,791 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\SUPERAntiSpyware Free Edition.lnk
[2009/08/30 15:42:56 | 00,000,000 | ---D | C] -- C:\Program Files\Common Files\Wise Installation Wizard
[2009/08/30 15:34:35 | 00,848,656 | ---- | C] (AVG Technologies) -- C:\Documents and Settings\Owner\My Documents\avg_avwt_stb_all_8_32.exe
[2009/08/30 15:33:18 | 06,881,824 | ---- | C] () -- C:\Documents and Settings\Owner\My Documents\SUPERAntiSpyware.exe
[2009/08/30 15:02:14 | 03,942,048 | ---- | C] (Malwarebytes Corporation ) -- C:\Documents and Settings\Owner\My Documents\mbam-setup.exe
[2009/08/30 05:33:26 | 00,000,000 | ---D | C] -- C:\Program Files\NOS
[2009/08/30 05:33:26 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\NOS
[2009/08/30 03:02:41 | 00,000,000 | ---D | C] -- C:\Program Files\CCleaner
[2009/08/30 02:09:42 | 00,003,991 | ---- | C] () -- C:\Documents and Settings\Owner\Desktop\hijackthis_8.30.09log
[2009/08/29 23:50:08 | 00,912,438 | ---- | C] () -- C:\Documents and Settings\Owner\Desktop\J&ME_paint.bmp
[2009/08/29 23:46:11 | 00,776,192 | ---- | C] () -- C:\Documents and Settings\Owner\My Documents\J&ME PIX.wps
[2009/08/29 23:10:49 | 00,912,438 | ---- | C] () -- C:\Documents and Settings\Owner\Desktop\J&me_revisedLast.bmp
[2009/08/29 22:33:50 | 00,036,273 | ---- | C] () -- C:\Documents and Settings\Owner\Desktop\J&me_spliced2.jpg
[2009/08/29 22:07:25 | 00,035,540 | ---- | C] () -- C:\Documents and Settings\Owner\Desktop\J&me_spliced.jpg
[2009/08/29 21:32:18 | 00,344,946 | ---- | C] () -- C:\Documents and Settings\Owner\Desktop\Lilly_8.09_4.bmp
[2009/08/29 21:31:49 | 00,344,946 | ---- | C] () -- C:\Documents and Settings\Owner\Desktop\Lilly_8.09_3.bmp
[2009/08/29 21:31:23 | 00,345,666 | ---- | C] () -- C:\Documents and Settings\Owner\Desktop\Lilly_8.09_2.bmp
[2009/08/29 21:30:49 | 00,345,666 | ---- | C] () -- C:\Documents and Settings\Owner\Desktop\Lilly_8.09.bmp
[2009/08/29 21:12:28 | 00,344,946 | ---- | C] () -- C:\Documents and Settings\Owner\Desktop\J&me6.bmp
[2009/08/29 21:00:18 | 00,106,959 | ---- | C] () -- C:\Documents and Settings\Owner\Desktop\J&me5.jpg
[2009/08/29 20:59:53 | 00,148,854 | ---- | C] () -- C:\Documents and Settings\Owner\Desktop\J&me4.jpg
[2009/08/29 20:59:36 | 00,118,727 | ---- | C] () -- C:\Documents and Settings\Owner\Desktop\J&me3.jpg
[2009/08/29 20:59:08 | 00,118,386 | ---- | C] () -- C:\Documents and Settings\Owner\Desktop\J&me2.jpg
[2009/08/29 20:58:19 | 00,113,632 | ---- | C] () -- C:\Documents and Settings\Owner\Desktop\J&me1.jpg
[2009/08/29 03:19:55 | 00,000,794 | ---- | C] () -- C:\Documents and Settings\Owner\Desktop\Internet Explorer (2).lnk
[2009/08/29 02:26:59 | 00,307,769 | ---- | C] () -- C:\Documents and Settings\Owner\Desktop\G&M_fb.jpg
[2009/08/29 01:48:39 | 00,030,140 | ---- | C] () -- C:\Documents and Settings\Owner\Desktop\G&M_.jpg
[2009/08/29 01:36:52 | 00,065,767 | ---- | C] () -- C:\Documents and Settings\Owner\Desktop\Mom&A_.jpg
[2009/08/29 01:15:52 | 00,082,681 | ---- | C] () -- C:\Documents and Settings\Owner\Desktop\MOM&J.jpg
[2009/08/27 23:29:45 | 00,000,000 | ---D | C] -- C:\WINDOWS\ie7updates
[2009/08/27 23:26:06 | 00,000,000 | ---D | C] -- C:\WINDOWS\WBEM
[2009/08/27 23:22:55 | 00,000,000 | -H-D | C] -- C:\WINDOWS\ie7
[2009/08/27 23:21:44 | 00,000,000 | -H-D | C] -- C:\WINDOWS\$NtServicePackUninstallIDNMitigationAPIs$
[2009/08/27 23:19:05 | 00,000,000 | -H-D | C] -- C:\WINDOWS\$NtServicePackUninstallNLSDownlevelMapping$
[2009/08/27 23:06:56 | 01,985,024 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\iertutil.dll
[2009/08/27 23:06:56 | 00,594,432 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msfeeds.dll
[2009/08/27 23:06:54 | 00,055,296 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msfeedsbs.dll
[2009/08/27 23:06:48 | 00,059,904 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\icardie.dll
[2009/08/27 23:06:48 | 00,013,824 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ieudinit.exe
[2009/08/27 23:06:39 | 00,445,952 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ieapfltr.dll
[2009/08/27 23:06:26 | 03,698,584 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ieapfltr.dat
[2009/08/27 23:06:25 | 01,241,088 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ieframe.dll.mui
[2009/08/27 23:06:09 | 11,063,808 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ieframe.dll
[2009/08/27 22:04:48 | 00,008,923 | ---- | C] () -- C:\Documents and Settings\Owner\Desktop\MomT&meXmas09_.jpg
[2009/08/27 22:02:37 | 00,007,630 | ---- | C] () -- C:\Documents and Settings\Owner\Desktop\Mom&meXmas09_.jpg
[2009/08/27 21:52:05 | 00,366,214 | ---- | C] () -- C:\Documents and Settings\Owner\Desktop\AlexPool.bmp
[2009/08/27 21:50:31 | 00,163,906 | ---- | C] () -- C:\Documents and Settings\Owner\Desktop\Lilly.bmp
[2009/08/27 21:48:02 | 00,163,906 | ---- | C] () -- C:\Documents and Settings\Owner\Desktop\MomT&meXmas09.bmp
[2009/08/27 21:46:45 | 00,163,906 | ---- | C] () -- C:\Documents and Settings\Owner\Desktop\Mom&meXmas09.bmp
[2009/08/27 05:32:16 | 00,006,889 | ---- | C] () -- C:\Documents and Settings\Owner\Desktop\Peace_Flair.jpg
[2009/08/27 02:43:30 | 00,035,085 | ---- | C] () -- C:\Documents and Settings\Owner\Desktop\Me&Teresa2.jpg
[2009/08/27 00:27:16 | 00,019,231 | ---- | C] () -- C:\Documents and Settings\Owner\Desktop\RayF'nSunshne.jpg
[2009/08/27 00:26:01 | 00,014,693 | ---- | C] () -- C:\Documents and Settings\Owner\Desktop\UrA_weenr.jpg
[2009/08/26 00:12:50 | 00,000,000 | ---D | C] -- C:\WINDOWS\Sun
[2009/08/25 22:37:41 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\Adobe
[2009/08/23 05:04:58 | 00,024,190 | ---- | C] () -- C:\Documents and Settings\Owner\Desktop\J.R&L1_123.jpg
[2009/08/23 05:01:30 | 00,377,934 | ---- | C] () -- C:\Documents and Settings\Owner\Desktop\J.R&L_....bmp
[2009/08/23 03:48:30 | 00,024,174 | ---- | C] () -- C:\Documents and Settings\Owner\Desktop\J.R&L1_.jpg
[2009/08/23 03:44:52 | 00,960,066 | ---- | C] () -- C:\Documents and Settings\Owner\Desktop\R.J&me3.bmp
[2009/08/23 03:44:04 | 00,960,066 | ---- | C] () -- C:\Documents and Settings\Owner\Desktop\R.J&me2.bmp
[2009/08/23 03:32:51 | 00,960,066 | ---- | C] () -- C:\Documents and Settings\Owner\Desktop\J.R&L1.bmp
[2009/08/23 00:46:10 | 00,026,794 | ---- | C] () -- C:\Documents and Settings\Owner\Desktop\C.Diva3.jpg
[2009/08/22 23:48:31 | 00,028,984 | ---- | C] () -- C:\Documents and Settings\Owner\Desktop\C.Diva2.jpg
[2009/08/22 23:31:00 | 00,019,555 | ---- | C] () -- C:\Documents and Settings\Owner\Desktop\C.Diva1.jpg
[2008/12/28 23:52:20 | 00,000,183 | ---- | C] () -- C:\WINDOWS\AWSHKWV.INI
[2007/10/28 17:30:32 | 00,000,453 | ---- | C] () -- C:\WINDOWS\lexstat.ini
[2007/10/28 17:30:25 | 00,000,100 | ---- | C] () -- C:\WINDOWS\dellstat.ini
[2006/11/28 01:59:27 | 00,684,032 | ---- | C] () -- C:\WINDOWS\System32\libeay32.dll
[2006/11/28 01:59:26 | 00,155,648 | ---- | C] () -- C:\WINDOWS\System32\ssleay32.dll
[2006/01/30 07:42:22 | 00,000,270 | ---- | C] () -- C:\WINDOWS\System32\lxczcoin.ini
[2005/03/07 02:28:16 | 00,000,116 | ---- | C] () -- C:\WINDOWS\NeroDigital.ini
[2005/02/07 06:09:42 | 00,000,006 | ---- | C] () -- C:\WINDOWS\dcstds3.dll
[2004/02/03 05:27:12 | 00,071,749 | ---- | C] () -- C:\WINDOWS\HCExtOutput.dll
[2003/08/19 04:36:39 | 00,000,754 | ---- | C] () -- C:\WINDOWS\WORDPAD.INI
[2003/06/24 03:40:45 | 00,011,776 | ---- | C] () -- C:\WINDOWS\System32\ZPORT4AS.dll
[2003/06/11 19:05:06 | 00,032,768 | ---- | C] () -- C:\WINDOWS\System32\tds3shl.dll
[2003/01/25 23:58:22 | 00,000,118 | ---- | C] () -- C:\WINDOWS\ALBUM.INI
[2002/11/13 02:40:22 | 00,040,960 | ---- | C] () -- C:\WINDOWS\System32\lxczvs.dll
[2002/10/03 21:19:19 | 00,000,000 | ---- | C] () -- C:\WINDOWS\MSDraw.ini
[2002/09/28 22:27:34 | 00,000,141 | ---- | C] () -- C:\WINDOWS\POSTER.INI
[2002/09/11 21:09:25 | 00,045,056 | ---- | C] () -- C:\WINDOWS\PANIC32.dll
[2002/09/11 21:09:25 | 00,040,960 | ---- | C] () -- C:\WINDOWS\PANICNT.dll
[2002/09/03 03:37:38 | 00,000,137 | ---- | C] () -- C:\WINDOWS\Weather.INI
[2002/09/02 21:40:08 | 00,057,344 | ---- | C] () -- C:\WINDOWS\System32\tlcsel32.dll
[2002/09/02 21:40:08 | 00,016,540 | ---- | C] () -- C:\WINDOWS\System32\tlcsel17.dll
[2002/08/28 02:37:48 | 00,000,004 | ---- | C] () -- C:\WINDOWS\uccspecb.sys
[2002/07/28 19:05:23 | 00,000,044 | ---- | C] () -- C:\WINDOWS\System32\msssc.dll
[2002/04/25 22:23:36 | 00,000,061 | ---- | C] () -- C:\WINDOWS\smscfg.ini
[2002/04/20 19:24:15 | 00,377,600 | ---- | C] () -- C:\WINDOWS\System32\BOCOLE.DLL
[2002/04/20 19:24:15 | 00,167,456 | ---- | C] () -- C:\WINDOWS\System32\Bocof.dll
[2002/04/20 19:16:42 | 00,045,056 | ---- | C] () -- C:\WINDOWS\System32\hpREG.DLL
[2002/04/20 19:16:42 | 00,024,576 | ---- | C] () -- C:\WINDOWS\System32\syscontr.dll
[2002/04/20 01:28:06 | 00,000,155 | ---- | C] () -- C:\WINDOWS\wininit.ini
[2002/04/20 01:19:46 | 00,019,968 | ---- | C] () -- C:\WINDOWS\System32\cpuinf32.dll
[2002/04/20 00:26:01 | 00,249,921 | ---- | C] () -- C:\WINDOWS\System32\PythonCOM15.dll
[2002/04/20 00:26:01 | 00,065,536 | ---- | C] () -- C:\WINDOWS\System32\PyWinTypes15.dll
[2002/04/20 00:25:32 | 00,016,896 | ---- | C] () -- C:\WINDOWS\System32\bcbmm.dll
[2002/04/19 23:20:31 | 00,000,901 | ---- | C] () -- C:\WINDOWS\orun32.ini
[2002/04/19 23:12:23 | 00,001,793 | ---- | C] () -- C:\WINDOWS\System32\fxsperf.ini
[2002/04/19 23:04:05 | 00,000,666 | ---- | C] () -- C:\WINDOWS\System32\oeminfo.ini
[2002/04/19 23:03:51 | 00,000,918 | ---- | C] () -- C:\WINDOWS\win.ini
[2002/04/19 23:03:49 | 00,000,259 | ---- | C] () -- C:\WINDOWS\system.ini
[2002/03/27 16:37:52 | 00,262,144 | ---- | C] () -- C:\WINDOWS\System32\shpshftr.dll
[2002/03/12 05:25:02 | 00,028,672 | ---- | C] () -- C:\WINDOWS\System32\igfxdgps.dll
[2001/10/28 17:42:30 | 00,116,224 | ---- | C] () -- C:\WINDOWS\System32\prnmnt.dll
[2001/08/08 15:13:22 | 00,012,351 | ---- | C] () -- C:\WINDOWS\System32\i81xcoin.dll
[1999/07/23 14:46:48 | 00,000,116 | ---- | C] () -- C:\WINDOWS\AuHCcup1.ini
[1999/07/23 11:53:20 | 00,129,536 | ---- | C] () -- C:\WINDOWS\AuHCcup1.dll
[1998/08/16 06:00:00 | 00,004,096 | ---- | C] () -- C:\WINDOWS\System32\sysres.dll

========== Files - Modified Within 30 Days ==========

[2009/09/21 14:04:25 | 00,000,189 | ---- | M] () -- C:\WINDOWS\System\hpsysdrv.DAT
[2009/09/21 14:02:46 | 00,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2009/09/21 13:41:55 | 00,000,199 | RHS- | M] () -- C:\BOOT.INI
[2009/09/21 13:41:54 | 00,000,918 | ---- | M] () -- C:\WINDOWS\win.ini
[2009/09/21 13:41:54 | 00,000,259 | ---- | M] () -- C:\WINDOWS\system.ini
[2009/09/21 05:30:46 | 00,000,000 | ---- | M] () -- C:\Documents and Settings\Owner\Desktop\J&me1______________1.jpg
[2009/09/21 05:22:17 | 00,159,030 | ---- | M] () -- C:\Documents and Settings\Owner\Desktop\J&me1_______________hair_last.jpg
[2009/09/21 04:07:30 | 00,155,673 | ---- | M] () -- C:\Documents and Settings\Owner\Desktop\J&me1______________1_hair.JPG
[2009/09/21 03:51:15 | 00,158,199 | ---- | M] () -- C:\Documents and Settings\Owner\Desktop\J&me1_______________.jpg
[2009/09/21 03:15:27 | 00,035,540 | ---- | M] () -- C:\Documents and Settings\Owner\Desktop\J&me_spliced.jpg
[2009/09/21 02:57:59 | 00,912,438 | ---- | M] () -- C:\Documents and Settings\Owner\Desktop\J&ME_paint.bmp
[2009/09/21 02:04:39 | 00,104,321 | ---- | M] () -- C:\Documents and Settings\Owner\Desktop\J&Me_enhanced1.jpg
[2009/09/21 01:34:12 | 00,000,882 | ---- | M] () -- C:\Documents and Settings\Owner\Desktop\Shortcut to ShrinkyDinkRing2.jpg.lnk
[2009/09/20 16:43:53 | 26,739,584 | ---- | M] ( ) -- C:\Documents and Settings\Owner\Desktop\AdbeRdr910_en_US.exe
[2009/09/18 23:24:08 | 00,054,156 | -H-- | M] () -- C:\WINDOWS\QTFont.qfn
[2009/09/18 22:37:39 | 00,044,582 | ---- | M] () -- C:\Documents and Settings\Owner\Desktop\Z_2.jpg
[2009/09/18 22:31:33 | 00,054,085 | ---- | M] () -- C:\Documents and Settings\Owner\Desktop\Z_.jpg
[2009/09/18 21:42:58 | 00,514,560 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Owner\Desktop\OTL.exe
[2009/09/18 21:29:54 | 00,001,409 | ---- | M] () -- C:\WINDOWS\QTFont.for
[2009/09/18 01:52:36 | 00,781,909 | ---- | M] () -- C:\Documents and Settings\Owner\Desktop\RSIT.exe
[2009/09/17 23:19:53 | 00,000,707 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Malwarebytes' Anti-Malware.lnk
[2009/09/17 23:18:01 | 04,045,528 | ---- | M] (Malwarebytes Corporation ) -- C:\Documents and Settings\Owner\Desktop\mbam-setup.exe
[2009/09/17 14:27:58 | 00,009,233 | ---- | M] () -- C:\Documents and Settings\Owner\Desktop\UdidIt_Congrats.jpg
[2009/09/17 14:18:49 | 00,010,180 | ---- | M] () -- C:\Documents and Settings\Owner\Desktop\Congrats_Udid It.jpg
[2009/09/17 14:09:59 | 00,013,500 | ---- | M] () -- C:\Documents and Settings\Owner\Desktop\Congrats_loseGainLose wt.jpg
[2009/09/17 13:52:34 | 00,029,440 | ---- | M] () -- C:\Documents and Settings\Owner\Desktop\congratulations_myspace_graphics_02.jpg
[2009/09/17 13:50:06 | 00,019,971 | ---- | M] () -- C:\Documents and Settings\Owner\Desktop\congratulations_myspace_graphics_02.gif
[2009/09/17 13:35:33 | 00,174,313 | ---- | M] () -- C:\Documents and Settings\Owner\Desktop\dancing cat.gif
[2009/09/17 05:56:33 | 00,001,079 | ---- | M] () -- C:\Documents and Settings\Owner\Desktop\Shortcut to 1942._3D.jpg.lnk
[2009/09/16 23:39:52 | 00,011,074 | ---- | M] () -- C:\Documents and Settings\Owner\Desktop\Congratulations new hire.docx
[2009/09/16 23:17:20 | 00,096,806 | ---- | M] () -- C:\Documents and Settings\Owner\Desktop\FFA2B686-0F5F-48D2-8F2B-0B3A50D36D11.jpg
[2009/09/16 23:08:17 | 00,070,709 | ---- | M] () -- C:\Documents and Settings\Owner\Desktop\Party8_.jpg
[2009/09/16 05:22:06 | 00,028,730 | ---- | M] () -- C:\Documents and Settings\Owner\Desktop\53000,1171143160,2_.gif
[2009/09/16 04:30:04 | 00,001,264 | ---- | M] () -- C:\Documents and Settings\Owner\Desktop\1228417399516089769j4p4n_cool_frame_-_1859_svg_med.gif
[2009/09/16 00:44:40 | 00,001,277 | ---- | M] () -- C:\Documents and Settings\Owner\Desktop\Attach.zip
[2009/09/16 00:26:16 | 00,359,932 | ---- | M] () -- C:\Documents and Settings\Owner\Desktop\dds.scr
[2009/09/14 04:06:04 | 00,026,032 | ---- | M] () -- C:\Documents and Settings\Owner\Desktop\BobTZ&me.jpg
[2009/09/14 03:46:04 | 00,032,758 | ---- | M] () -- C:\Documents and Settings\Owner\Desktop\Lilly_1a.bmp
[2009/09/14 03:45:31 | 00,032,278 | ---- | M] () -- C:\Documents and Settings\Owner\Desktop\Lilly_1.bmp
[2009/09/14 03:43:27 | 00,345,666 | ---- | M] () -- C:\Documents and Settings\Owner\Desktop\BobME &TZ.bmp
[2009/09/11 22:10:00 | 00,000,453 | ---- | M] () -- C:\WINDOWS\lexstat.ini
[2009/09/10 17:25:50 | 00,000,646 | ---- | M] () -- C:\Documents and Settings\Owner\Desktop\Shortcut to Collages (2).lnk
[2009/09/10 17:12:27 | 00,061,283 | ---- | M] () -- C:\Documents and Settings\Owner\Desktop\J&me4_editied.jpg
[2009/09/10 14:54:06 | 00,038,224 | ---- | M] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbamswissarmy.sys
[2009/09/10 14:53:50 | 00,019,160 | ---- | M] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbam.sys
[2009/09/10 06:22:56 | 00,018,134 | ---- | M] () -- C:\Documents and Settings\Owner\Desktop\BirdcageSilhouhette_2.gif
[2009/09/10 00:24:01 | 00,000,280 | ---- | M] () -- C:\WINDOWS\emm386g.dl
[2009/09/09 18:43:39 | 00,208,896 | ---- | M] () -- C:\Documents and Settings\Owner\Desktop\Fall 2009 Scheduling Form (2)_.xls
[2009/09/09 02:22:20 | 00,000,907 | ---- | M] () -- C:\Documents and Settings\Owner\Desktop\Shortcut to Collages.jpg.lnk
[2009/09/08 23:47:16 | 08,036,352 | ---- | M] (Irfan Skiljan) -- C:\Documents and Settings\Owner\Desktop\irfanview_plugins_425_setup.exe
[2009/09/08 23:41:17 | 00,001,576 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\IrfanView Thumbnails.lnk
[2009/09/08 23:41:17 | 00,000,696 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\IrfanView.lnk
[2009/09/08 23:23:06 | 01,359,360 | ---- | M] (Irfan Skiljan) -- C:\Documents and Settings\Owner\Desktop\iview425_setup.exe
[2009/09/08 20:50:37 | 00,064,265 | ---- | M] () -- C:\Documents and Settings\Owner\Desktop\FACEBOOK_K&me&A.Margie.jpg
[2009/09/08 20:50:10 | 00,070,895 | ---- | M] () -- C:\Documents and Settings\Owner\Desktop\FACEBOOK_alex.jpg
[2009/09/08 20:49:10 | 00,045,646 | ---- | M] () -- C:\Documents and Settings\Owner\Desktop\FACEBOOK_ K&Me.jpg
[2009/09/08 18:15:58 | 00,008,687 | ---- | M] () -- C:\Documents and Settings\Owner\Desktop\craftyBiochPnkFLAIR.jpg
[2009/09/08 18:15:56 | 00,008,880 | ---- | M] () -- C:\Documents and Settings\Owner\Desktop\UcraftyBiochFLAIR.jpg
[2009/09/08 18:15:54 | 00,007,116 | ---- | M] () -- C:\Documents and Settings\Owner\Desktop\craftyBiochFLAIR.jpg
[2009/09/08 18:12:36 | 00,005,547 | ---- | M] () -- C:\Documents and Settings\Owner\Desktop\CraftHoFLAIR.jpg
[2009/09/08 18:12:35 | 00,008,419 | ---- | M] () -- C:\Documents and Settings\Owner\Desktop\CraftW_attitudeFLAIR.jpg
[2009/09/08 18:12:34 | 00,007,105 | ---- | M] () -- C:\Documents and Settings\Owner\Desktop\SoManyIdeasFLAIR.jpg
[2009/09/08 18:10:00 | 00,007,948 | ---- | M] () -- C:\Documents and Settings\Owner\Desktop\the tudors flair.jpg
[2009/09/08 17:58:47 | 00,006,808 | ---- | M] () -- C:\Documents and Settings\Owner\Desktop\TrueThatFlair_1.jpg
[2009/09/08 17:53:06 | 00,055,813 | ---- | M] () -- C:\Documents and Settings\Owner\Desktop\TrueThatFLAIR2.jpg
[2009/09/08 16:44:16 | 00,020,217 | ---- | M] () -- C:\Documents and Settings\Owner\Desktop\AllIwntIs Jucy.jpg
[2009/09/08 16:41:00 | 00,041,855 | ---- | M] () -- C:\Documents and Settings\Owner\Desktop\multiBkgrnd6.jpg
[2009/09/08 16:40:38 | 00,031,531 | ---- | M] () -- C:\Documents and Settings\Owner\Desktop\multiBkgrnd5.jpg
[2009/09/08 16:40:18 | 00,030,901 | ---- | M] () -- C:\Documents and Settings\Owner\Desktop\multiRoseBkgrnd.jpg
[2009/09/08 16:38:45 | 00,041,093 | ---- | M] () -- C:\Documents and Settings\Owner\Desktop\antiqBkgrnd4.jpg
[2009/09/08 16:37:27 | 00,044,228 | ---- | M] () -- C:\Documents and Settings\Owner\Desktop\wildColorBkgrnd.jpg
[2009/09/08 16:35:25 | 00,023,328 | ---- | M] () -- C:\Documents and Settings\Owner\Desktop\pastelMultiBkgrnd.jpg
[2009/09/08 16:34:23 | 00,039,300 | ---- | M] () -- C:\Documents and Settings\Owner\Desktop\multiFlwrBkgrnd.jpg
[2009/09/08 16:33:54 | 00,024,197 | ---- | M] () -- C:\Documents and Settings\Owner\Desktop\plum&multiBkgrnd.jpg
[2009/09/08 16:31:50 | 00,031,503 | ---- | M] () -- C:\Documents and Settings\Owner\Desktop\butrflyBkgrnd.jpg
[2009/09/08 16:31:50 | 00,031,503 | ---- | M] () -- C:\Documents and Settings\Owner\Desktop\butrfly&flwrBkgrnd.jpg
[2009/09/08 16:31:11 | 00,035,525 | ---- | M] () -- C:\Documents and Settings\Owner\Desktop\grey&multiBkrnd.jpg
[2009/09/08 16:29:10 | 00,041,999 | ---- | M] () -- C:\Documents and Settings\Owner\Desktop\antiqBkgrnd.jpg
[2009/09/08 16:25:02 | 00,032,448 | ---- | M] () -- C:\Documents and Settings\Owner\Desktop\pnk&blkChandelierBKGRND.jpg
[2009/09/08 16:24:08 | 00,026,725 | ---- | M] () -- C:\Documents and Settings\Owner\Desktop\multiColorBkgrnd3.jpg
[2009/09/08 16:23:13 | 00,030,444 | ---- | M] () -- C:\Documents and Settings\Owner\Desktop\pnk&BlkBkgrnd.jpg
[2009/09/08 16:22:41 | 00,043,438 | ---- | M] () -- C:\Documents and Settings\Owner\Desktop\multiColorClocBkgrnd.jpg
[2009/09/08 16:19:28 | 00,017,885 | ---- | M] () -- C:\Documents and Settings\Owner\Desktop\ToilleBirds.jpg
[2009/09/08 16:19:14 | 00,015,956 | ---- | M] () -- C:\Documents and Settings\Owner\Desktop\antiqBird.jpg
[2009/09/08 16:16:27 | 00,018,242 | ---- | M] () -- C:\Documents and Settings\Owner\Desktop\pastlBkgrnd.jpg
[2009/09/08 16:15:00 | 00,037,966 | ---- | M] () -- C:\Documents and Settings\Owner\Desktop\multicolorFlowrBkgrnd.jpg
[2009/09/08 16:11:11 | 00,019,614 | ---- | M] () -- C:\Documents and Settings\Owner\Desktop\beigeButrflyBkgrnd.jpg
[2009/09/08 16:09:29 | 00,019,566 | ---- | M] () -- C:\Documents and Settings\Owner\Desktop\bluePatinaBkgrnd.jpg
[2009/09/08 16:06:50 | 00,034,895 | ---- | M] () -- C:\Documents and Settings\Owner\Desktop\multiColrBkgrnd2.jpg
[2009/09/08 16:06:50 | 00,034,895 | ---- | M] () -- C:\Documents and Settings\Owner\Desktop\multiBkgrnd.jpg
[2009/09/08 16:00:42 | 00,015,232 | ---- | M] () -- C:\Documents and Settings\Owner\Desktop\butterflyWallpaper.jpg
[2009/09/08 15:59:57 | 00,072,644 | ---- | M] () -- C:\Documents and Settings\Owner\Desktop\multiColorFlwr2Bkgrnd.jpg
[2009/09/08 15:58:00 | 00,030,305 | ---- | M] () -- C:\Documents and Settings\Owner\Desktop\vint.FlrwBlueBkgrnd.jpg
[2009/09/08 15:56:11 | 00,004,154 | ---- | M] () -- C:\Documents and Settings\Owner\Desktop\butterfly.jpg
[2009/09/08 15:53:25 | 00,003,650 | ---- | M] () -- C:\Documents and Settings\Owner\Desktop\birdcage.jpg
[2009/09/08 15:51:44 | 00,027,051 | ---- | M] () -- C:\Documents and Settings\Owner\Desktop\vintageFlowrCorner.jpg
[2009/09/08 15:50:31 | 00,015,146 | ---- | M] () -- C:\Documents and Settings\Owner\Desktop\blkWhimiscBkgrnd.jpg
[2009/09/08 15:48:37 | 00,041,093 | ---- | M] () -- C:\Documents and Settings\Owner\Desktop\antiqueFloralBkgrnd_.jpg
[2009/09/08 15:46:13 | 00,039,498 | ---- | M] () -- C:\Documents and Settings\Owner\Desktop\crackleDirtBkgrnd.jpg
[2009/09/08 15:45:46 | 00,031,445 | ---- | M] () -- C:\Documents and Settings\Owner\Desktop\MultiColorFloralBkgrnd.jpg
[2009/09/08 15:44:27 | 00,037,613 | ---- | M] () -- C:\Documents and Settings\Owner\Desktop\pinkFloralbkgrnd.jpg
[2009/09/08 15:43:38 | 00,046,003 | ---- | M] () -- C:\Documents and Settings\Owner\Desktop\pinkOrnge&whteBkgrnd.jpg
[2009/09/08 15:33:59 | 00,015,716 | ---- | M] () -- C:\Documents and Settings\Owner\Desktop\craftyMenRhot.jpg
[2009/09/07 20:23:27 | 00,072,192 | ---- | M] () -- C:\Documents and Settings\Owner\My Documents\Acupressure Info_.wps
[2009/09/07 20:18:44 | 00,079,872 | ---- | M] () -- C:\Documents and Settings\Owner\My Documents\Acupressure INFO.wps
[2009/09/07 16:51:28 | 00,071,246 | ---- | M] () -- C:\Documents and Settings\Owner\Desktop\chandelier7_.jpg
[2009/09/07 03:48:43 | 00,064,765 | ---- | M] () -- C:\Documents and Settings\Owner\Desktop\Paris SkyLine.jpg
[2009/09/07 03:46:32 | 00,012,904 | ---- | M] () -- C:\Documents and Settings\Owner\Desktop\Bkgrnd_pale blue2.jpg
[2009/09/07 03:42:37 | 00,000,360 | ---- | M] () -- C:\Documents and Settings\Owner\Desktop\Bkgrnd_pale blue.jpg
[2009/09/07 03:41:02 | 00,077,903 | ---- | M] () -- C:\Documents and Settings\Owner\Desktop\Bkgrnd_-Off-White.gif
[2009/09/07 03:34:43 | 00,000,043 | ---- | M] () -- C:\Documents and Settings\Owner\Desktop\Paris CityLine.gif
[2009/09/07 02:28:11 | 00,636,699 | ---- | M] () -- C:\Documents and Settings\Owner\Desktop\Printable Victorian Blk&Whte Objects.jpg
[2009/09/07 02:23:19 | 00,009,517 | ---- | M] () -- C:\Documents and Settings\Owner\Desktop\flower clipart.jpg
[2009/09/07 02:22:30 | 00,027,572 | ---- | M] () -- C:\Documents and Settings\Owner\Desktop\paisley clipart.gif
[2009/09/06 23:25:21 | 00,001,961 | ---- | M] () -- C:\Documents and Settings\Owner\Desktop\chandelier_starburst1_square.jpg
[2009/09/06 23:21:12 | 00,001,233 | ---- | M] () -- C:\Documents and Settings\Owner\Desktop\chandelier_swirl5.jpg
[2009/09/06 23:08:51 | 00,001,180 | ---- | M] () -- C:\Documents and Settings\Owner\Desktop\chandelier_starburst4.jpg
[2009/09/06 23:08:06 | 00,003,301 | ---- | M] () -- C:\Documents and Settings\Owner\Desktop\chandelier_starburst2.jpg
[2009/09/06 23:07:01 | 00,002,790 | ---- | M] () -- C:\Documents and Settings\Owner\Desktop\chandelier_starburst1.jpg
[2009/09/06 22:50:58 | 00,008,310 | ---- | M] () -- C:\Documents and Settings\Owner\Desktop\chandelier_swirl2.jpg
[2009/09/06 22:50:58 | 00,008,252 | ---- | M] () -- C:\Documents and Settings\Owner\Desktop\chandelier_swirl3.jpg
[2009/09/06 22:50:58 | 00,006,190 | ---- | M] () -- C:\Documents and Settings\Owner\Desktop\chandelier_swirl4.jpg
[2009/09/06 22:46:11 | 00,003,134 | ---- | M] () -- C:\Documents and Settings\Owner\Desktop\Chandelier_swirl.jpg
[2009/09/06 20:34:18 | 00,095,447 | ---- | M] () -- C:\Documents and Settings\Owner\Desktop\aGeoPattern3.png
[2009/09/06 20:34:18 | 00,077,359 | ---- | M] () -- C:\Documents and Settings\Owner\Desktop\aGeoPattern2.png
[2009/09/06 20:34:18 | 00,077,359 | ---- | M] () -- C:\Documents and Settings\Owner\Desktop\aGeoPattern1.png
[2009/09/05 20:17:07 | 00,195,814 | ---- | M] () -- C:\Documents and Settings\Owner\My Documents\PETSmart Grooming $10 OFF.jpg
[2009/09/04 23:08:00 | 00,034,615 | ---- | M] () -- C:\Documents and Settings\Owner\Desktop\shapes4.png
[2009/09/04 23:07:21 | 00,034,775 | ---- | M] () -- C:\Documents and Settings\Owner\Desktop\shapes3.png
[2009/09/04 23:06:06 | 00,072,545 | ---- | M] () -- C:\Documents and Settings\Owner\Desktop\shape2_.png
[2009/09/04 23:05:59 | 00,018,749 | ---- | M] () -- C:\Documents and Settings\Owner\Desktop\shape2.png
[2009/09/04 23:01:46 | 00,016,220 | ---- | M] () -- C:\Documents and Settings\Owner\Desktop\shape1.png
[2009/09/04 05:03:21 | 00,000,000 | ---- | M] () -- C:\Documents and Settings\Owner\Desktop\LightShow COLLAGE1.jpg
[2009/09/04 03:11:33 | 00,061,779 | ---- | M] () -- C:\Documents and Settings\Owner\Desktop\FLAIR____.jpg
[2009/09/04 03:07:44 | 00,019,443 | ---- | M] () -- C:\Documents and Settings\Owner\Desktop\Bakgrnd15.jpg
[2009/09/04 02:55:42 | 00,009,726 | ---- | M] () -- C:\Documents and Settings\Owner\Desktop\bakgrnd10.jpg
[2009/09/04 02:46:16 | 00,267,918 | ---- | M] () -- C:\Documents and Settings\Owner\Desktop\RmIdea3.jpg
[2009/09/04 02:42:57 | 00,048,766 | ---- | M] () -- C:\Documents and Settings\Owner\Desktop\bakgrnd8.jpg
[2009/09/04 02:39:36 | 00,044,953 | ---- | M] () -- C:\Documents and Settings\Owner\Desktop\charm8.jpg
[2009/09/04 02:39:32 | 00,037,620 | ---- | M] () -- C:\Documents and Settings\Owner\Desktop\charm9.jpg
[2009/09/04 02:39:07 | 00,054,298 | ---- | M] () -- C:\Documents and Settings\Owner\Desktop\Copy of Charm6.jpg
[2009/09/04 02:39:07 | 00,054,298 | ---- | M] () -- C:\Documents and Settings\Owner\Desktop\Charm6.jpg
[2009/09/04 02:38:48 | 00,048,122 | ---- | M] () -- C:\Documents and Settings\Owner\Desktop\Copy of Charm4.jpg
[2009/09/04 02:38:48 | 00,048,122 | ---- | M] () -- C:\Documents and Settings\Owner\Desktop\Charm4.jpg
[2009/09/04 02:38:44 | 00,045,927 | ---- | M] () -- C:\Documents and Settings\Owner\Desktop\charm7.jpg
[2009/09/04 02:37:53 | 00,056,195 | ---- | M] () -- C:\Documents and Settings\Owner\Desktop\KeyCharm.jpg
[2009/09/04 02:37:09 | 00,044,164 | ---- | M] () -- C:\Documents and Settings\Owner\Desktop\crown2.jpg
[2009/09/04 02:36:50 | 00,052,762 | ---- | M] () -- C:\Documents and Settings\Owner\Desktop\ShadowBox Charm.jpg
[2009/09/04 02:36:44 | 00,081,631 | ---- | M] () -- C:\Documents and Settings\Owner\Desktop\L_crown.jpg
[2009/09/04 02:36:13 | 00,044,780 | ---- | M] () -- C:\Documents and Settings\Owner\Desktop\crownCharm.jpg
[2009/09/04 02:35:56 | 00,088,862 | ---- | M] () -- C:\Documents and Settings\Owner\Desktop\JewelryCharms.jpg
[2009/09/04 02:35:34 | 00,088,572 | ---- | M] () -- C:\Documents and Settings\Owner\Desktop\chandelier41.jpg
[2009/09/04 02:35:10 | 00,086,828 | ---- | M] () -- C:\Documents and Settings\Owner\Desktop\Copy of chandelier40.jpg
[2009/09/04 02:35:10 | 00,086,828 | ---- | M] () -- C:\Documents and Settings\Owner\Desktop\chandelier40.jpg
[2009/09/04 02:34:53 | 00,031,961 | ---- | M] () -- C:\Documents and Settings\Owner\Desktop\Copy of chandelier39.jpg
[2009/09/04 02:34:53 | 00,031,961 | ---- | M] () -- C:\Documents and Settings\Owner\Desktop\chandelier39.jpg
[2009/09/04 02:34:30 | 00,044,352 | ---- | M] () -- C:\Documents and Settings\Owner\Desktop\Copy of chandelier38.jpg
[2009/09/04 02:34:30 | 00,044,352 | ---- | M] () -- C:\Documents and Settings\Owner\Desktop\chandelier38.jpg
[2009/09/04 02:33:59 | 00,042,729 | ---- | M] () -- C:\Documents and Settings\Owner\Desktop\Copy of chandelier37.jpg
[2009/09/04 02:33:59 | 00,042,729 | ---- | M] () -- C:\Documents and Settings\Owner\Desktop\chandelier37.jpg
[2009/09/04 02:33:17 | 00,041,409 | ---- | M] () -- C:\Documents and Settings\Owner\Desktop\Bakgrnd6.jpg
[2009/09/04 02:29:01 | 00,209,502 | ---- | M] () -- C:\Documents and Settings\Owner\Desktop\swirlGirlBkground.jpg
[2009/09/04 02:28:58 | 00,139,170 | ---- | M] () -- C:\Documents and Settings\Owner\Desktop\Bakgrnd.jpg
[2009/09/04 02:28:58 | 00,119,471 | ---- | M] () -- C:\Documents and Settings\Owner\Desktop\Copy of chandelier_Page2.jpg
[2009/09/04 02:28:58 | 00,119,471 | ---- | M] () -- C:\Documents and Settings\Owner\Desktop\chandelier_Page2.jpg
[2009/09/04 02:28:56 | 00,123,866 | ---- | M] () -- C:\Documents and Settings\Owner\Desktop\bakgrnd3.jpg
[2009/09/04 02:28:53 | 00,328,660 | ---- | M] () -- C:\Documents and Settings\Owner\Desktop\bakgrnd4.jpg
[2009/09/04 02:28:52 | 00,082,696 | ---- | M] () -- C:\Documents and Settings\Owner\Desktop\swanBkground.jpg
[2009/09/04 02:28:49 | 00,189,005 | ---- | M] () -- C:\Documents and Settings\Owner\Desktop\bakgrnd5.jpg
[2009/09/04 02:27:14 | 00,077,791 | ---- | M] () -- C:\Documents and Settings\Owner\Desktop\chandelier_Page.jpg
[2009/09/04 02:15:41 | 00,014,517 | ---- | M] () -- C:\Documents and Settings\Owner\Desktop\eiffelTower2.jpg
[2009/09/04 02:13:44 | 00,006,304 | ---- | M] () -- C:\Documents and Settings\Owner\Desktop\EiffelTower.jpg
[2009/09/04 02:10:33 | 00,038,108 | ---- | M] () -- C:\Documents and Settings\Owner\Desktop\ShabbyChicLight.jpg
[2009/09/04 02:06:27 | 00,065,094 | ---- | M] () -- C:\Documents and Settings\Owner\Desktop\RmIdea2.jpg
[2009/09/04 02:06:09 | 00,015,539 | ---- | M] () -- C:\Documents and Settings\Owner\Desktop\RmIdea.jpg
[2009/09/04 02:01:11 | 00,014,870 | ---- | M] () -- C:\Documents and Settings\Owner\Desktop\homecollage.jpg
[2009/09/03 23:40:18 | 00,020,896 | ---- | M] () -- C:\Documents and Settings\Owner\Desktop\Silhouhette_furniture2.jpg
[2009/09/03 22:50:19 | 00,021,426 | ---- | M] () -- C:\Documents and Settings\Owner\Desktop\bird-and-cage-silhouette.jpg
[2009/09/03 21:15:16 | 00,013,520 | ---- | M] () -- C:\Documents and Settings\Owner\Desktop\Red Medalian.jpg
[2009/09/03 04:50:42 | 00,068,108 | -H-- | M] () -- C:\WINDOWS\System32\mlfcache.dat
[2009/09/03 02:44:30 | 00,000,770 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Picasa 3.lnk
[2009/09/03 02:37:45 | 10,053,112 | ---- | M] (Google Inc.) -- C:\Documents and Settings\Owner\Desktop\picasa3-setup.exe
[2009/09/03 00:56:22 | 00,208,896 | ---- | M] () -- C:\Documents and Settings\Owner\Desktop\Fall 2009 Scheduling Form (2).xls
[2009/09/02 15:41:56 | 00,054,387 | ---- | M] () -- C:\Documents and Settings\Owner\Desktop\Collage IDEA.jpg
[2009/09/02 03:36:55 | 00,000,958 | ---- | M] () -- C:\Documents and Settings\Owner\Desktop\Shortcut to Wire & SaltClay Flower Idea.jpg.lnk
[2009/09/02 03:36:51 | 00,000,952 | ---- | M] () -- C:\Documents and Settings\Owner\Desktop\Shortcut to Ribbon Shoe1.gif.lnk
[2009/09/02 01:04:21 | 00,023,083 | ---- | M] () -- C:\Documents and Settings\Owner\Desktop\Silhouhette_images PAGE.jpg
[2009/09/02 01:02:30 | 00,034,044 | ---- | M] () -- C:\Documents and Settings\Owner\Desktop\Silhouette_Room Art IDEA2.jpg
[2009/09/02 00:57:16 | 00,028,907 | ---- | M] () -- C:\Documents and Settings\Owner\Desktop\silhouette Furniture3.jpg
[2009/09/02 00:56:28 | 00,112,017 | ---- | M] () -- C:\Documents and Settings\Owner\Desktop\Silhouette_Room Art IDEA.jpg
[2009/09/02 00:51:59 | 00,109,854 | ---- | M] () -- C:\Documents and Settings\Owner\Desktop\Silhouettes_furniture.jpg
[2009/09/02 00:50:52 | 00,111,384 | ---- | M] () -- C:\Documents and Settings\Owner\Desktop\flame-of-fire-elements.jpg
[2009/09/02 00:50:09 | 00,068,383 | ---- | M] () -- C:\Documents and Settings\Owner\Desktop\-love-bird-cage.jpg
[2009/09/02 00:49:42 | 00,000,903 | ---- | M] () -- C:\Documents and Settings\Owner\Desktop\Shortcut to WireCameo Charms.jpg.lnk
[2009/09/02 00:48:46 | 00,047,963 | ---- | M] () -- C:\Documents and Settings\Owner\Desktop\bird-in-cage2.jpg
[2009/09/02 00:10:01 | 00,008,692 | ---- | M] () -- C:\Documents and Settings\Owner\Desktop\Necklace_blk.jpg
[2009/09/02 00:09:11 | 00,027,798 | ---- | M] () -- C:\Documents and Settings\Owner\Desktop\Bird silhoette.jpg
[2009/09/01 16:32:59 | 00,000,000 | ---- | M] () -- C:\WINDOWS\MEMORY.DMP
[2009/09/01 15:44:02 | 00,000,116 | ---- | M] () -- C:\WINDOWS\NeroDigital.ini
[2009/09/01 05:26:10 | 00,005,907 | ---- | M] () -- C:\Documents and Settings\Owner\Desktop\FashionFlair.jpg
[2009/08/31 23:24:10 | 00,214,515 | ---- | M] () -- C:\Documents and Settings\Owner\Desktop\DadA&TZ.JPG
[2009/08/31 20:36:34 | 00,574,338 | ---- | M] () -- C:\Diva's Pictures.nri
[2009/08/31 20:33:18 | 00,006,928 | ---- | M] () -- C:\WINDOWS\System32\spupdsvc.inf
[2009/08/31 20:16:43 | 16,883,056 | ---- | M] (Microsoft Corporation) -- C:\Documents and Settings\Owner\My Documents\IE8-WindowsXP-x86-ENU.exe
[2009/08/30 15:44:20 | 00,000,791 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\SUPERAntiSpyware Free Edition.lnk
[2009/08/30 15:34:44 | 00,848,656 | ---- | M] (AVG Technologies) -- C:\Documents and Settings\Owner\My Documents\avg_avwt_stb_all_8_32.exe
[2009/08/30 15:33:18 | 06,881,824 | ---- | M] () -- C:\Documents and Settings\Owner\My Documents\SUPERAntiSpyware.exe
[2009/08/30 15:02:15 | 03,942,048 | ---- | M] (Malwarebytes Corporation ) -- C:\Documents and Settings\Owner\My Documents\mbam-setup.exe
[2009/08/30 03:02:43 | 00,001,559 | ---- | M] () -- C:\Documents and Settings\Owner\Desktop\CCleaner.lnk
[2009/08/30 02:09:42 | 00,003,991 | ---- | M] () -- C:\Documents and Settings\Owner\Desktop\hijackthis_8.30.09log
[2009/08/29 23:46:20 | 00,776,192 | ---- | M] () -- C:\Documents and Settings\Owner\My Documents\J&ME PIX.wps
[2009/08/29 23:15:56 | 00,912,438 | ---- | M] () -- C:\Documents and Settings\Owner\Desktop\J&me_revisedLast.bmp
[2009/08/29 22:35:50 | 00,036,273 | ---- | M] () -- C:\Documents and Settings\Owner\Desktop\J&me_spliced2.jpg
[2009/08/29 21:32:18 | 00,344,946 | ---- | M] () -- C:\Documents and Settings\Owner\Desktop\Lilly_8.09_4.bmp
[2009/08/29 21:31:49 | 00,344,946 | ---- | M] () -- C:\Documents and Settings\Owner\Desktop\Lilly_8.09_3.bmp
[2009/08/29 21:31:23 | 00,345,666 | ---- | M] () -- C:\Documents and Settings\Owner\Desktop\Lilly_8.09_2.bmp
[2009/08/29 21:30:50 | 00,345,666 | ---- | M] () -- C:\Documents and Settings\Owner\Desktop\Lilly_8.09.bmp
[2009/08/29 21:12:29 | 00,344,946 | ---- | M] () -- C:\Documents and Settings\Owner\Desktop\J&me6.bmp
[2009/08/29 21:00:19 | 00,106,959 | ---- | M] () -- C:\Documents and Settings\Owner\Desktop\J&me5.jpg
[2009/08/29 20:59:53 | 00,148,854 | ---- | M] () -- C:\Documents and Settings\Owner\Desktop\J&me4.jpg
[2009/08/29 20:59:36 | 00,118,727 | ---- | M] () -- C:\Documents and Settings\Owner\Desktop\J&me3.jpg
[2009/08/29 20:59:08 | 00,118,386 | ---- | M] () -- C:\Documents and Settings\Owner\Desktop\J&me2.jpg
[2009/08/29 20:58:23 | 00,113,632 | ---- | M] () -- C:\Documents and Settings\Owner\Desktop\J&me1.jpg
[2009/08/29 03:19:55 | 00,000,794 | ---- | M] () -- C:\Documents and Settings\Owner\Desktop\Internet Explorer (2).lnk
[2009/08/29 02:30:16 | 00,307,769 | ---- | M] () -- C:\Documents and Settings\Owner\Desktop\G&M_fb.jpg
[2009/08/29 01:48:39 | 00,030,140 | ---- | M] () -- C:\Documents and Settings\Owner\Desktop\G&M_.jpg
[2009/08/29 01:36:52 | 00,065,767 | ---- | M] () -- C:\Documents and Settings\Owner\Desktop\Mom&A_.jpg
[2009/08/29 01:23:26 | 00,082,681 | ---- | M] () -- C:\Documents and Settings\Owner\Desktop\MOM&J.jpg
[2009/08/27 22:04:48 | 00,008,923 | ---- | M] () -- C:\Documents and Settings\Owner\Desktop\MomT&meXmas09_.jpg
[2009/08/27 22:02:37 | 00,007,630 | ---- | M] () -- C:\Documents and Settings\Owner\Desktop\Mom&meXmas09_.jpg
[2009/08/27 21:52:05 | 00,366,214 | ---- | M] () -- C:\Documents and Settings\Owner\Desktop\AlexPool.bmp
[2009/08/27 21:50:34 | 00,163,906 | ---- | M] () -- C:\Documents and Settings\Owner\Desktop\Lilly.bmp
[2009/08/27 21:48:03 | 00,163,906 | ---- | M] () -- C:\Documents and Settings\Owner\Desktop\MomT&meXmas09.bmp
[2009/08/27 21:46:51 | 00,163,906 | ---- | M] () -- C:\Documents and Settings\Owner\Desktop\Mom&meXmas09.bmp
[2009/08/27 05:31:16 | 00,006,889 | ---- | M] () -- C:\Documents and Settings\Owner\Desktop\Peace_Flair.jpg
[2009/08/27 02:43:00 | 00,035,085 | ---- | M] () -- C:\Documents and Settings\Owner\Desktop\Me&Teresa2.jpg
[2009/08/23 21:28:36 | 00,004,657 | ---- | M] () -- C:\Documents and Settings\Owner\Desktop\P_juicyFLAIR.jpg
[2009/08/23 05:34:44 | 00,024,190 | ---- | M] () -- C:\Documents and Settings\Owner\Desktop\J.R&L1_123.jpg
[2009/08/23 05:01:30 | 00,377,934 | ---- | M] () -- C:\Documents and Settings\Owner\Desktop\J.R&L_....bmp
[2009/08/23 04:53:17 | 00,024,174 | ---- | M] () -- C:\Documents and Settings\Owner\Desktop\J.R&L1_.jpg
[2009/08/23 03:44:53 | 00,960,066 | ---- | M] () -- C:\Documents and Settings\Owner\Desktop\R.J&me3.bmp
[2009/08/23 03:44:18 | 00,960,066 | ---- | M] () -- C:\Documents and Settings\Owner\Desktop\R.J&me2.bmp
[2009/08/23 03:32:52 | 00,960,066 | ---- | M] () -- C:\Documents and Settings\Owner\Desktop\J.R&L1.bmp
[2009/08/23 00:45:37 | 00,026,794 | ---- | M] () -- C:\Documents and Settings\Owner\Desktop\C.Diva3.jpg
[2009/08/22 23:48:00 | 00,028,984 | ---- | M] () -- C:\Documents and Settings\Owner\Desktop\C.Diva2.jpg
[2009/08/22 23:26:31 | 00,019,555 | ---- | M] () -- C:\Documents and Settings\Owner\Desktop\C.Diva1.jpg

========== Alternate Data Streams ==========

@Alternate Data Stream - 125 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:5C321E34
< End of report >




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users