SWP2009 or wuauclt.exe [Solved]

Hello, thunderstorm387, and welcome to GeeksToGo!

Please download Win32kDiag.exe to your desktop. Double-click to run it. A log should appear when it is finished. Post that log here.

If it doesn't pop up, a log should be located on your desktop as "Win32kDiag.txt".

The log opens up in notepad...it disappears after a few seconds.

WARNING: Could not get backup privileges!

Searching 'C:\WINDOWS'...





Finished!

Edited by thunderstorm387, 21 August 2009 - 11:55 AM.

Go to Start > Run > and type in cmd and hit the ENTER key.

Type the following into the Command prompt. After each line completes, hit enter. After the second command, a notepad should appear with information in it. Copy and paste that information here.

DIR /a/s %windir%\scecli.dll %windir%\netlogon.dll %windir%\ntelogon.dll >Log.txt

Net Start >>Log.txt & START notepad Log.txt

Notepad closes every time. Should I keep trying?

Then I get a pop-up saying: "Application cannot be executed. The file CMD.EXE is infected. Do you want to activate your antivirus software now?"

Got it!

Volume in drive C is SQ003966
Volume Serial Number is 383A-BCAC

Directory of C:\WINDOWS\$NtUninstallKB968389$

08/04/2004 05:00 AM 407,040 netlogon.dll
1 File(s) 407,040 bytes

Directory of C:\WINDOWS\SoftwareDistribution\Download\555558d2c7916b118ad5baef62b18136\sp2qfe

02/06/2009 11:46 AM 408,064 netlogon.dll
1 File(s) 408,064 bytes

Directory of C:\WINDOWS\SoftwareDistribution\Download\dd9ab5193501484cf5e6884fa1d22f9e

04/13/2008 05:12 PM 181,248 scecli.dll

Directory of C:\WINDOWS\SoftwareDistribution\Download\dd9ab5193501484cf5e6884fa1d22f9e

04/13/2008 05:12 PM 407,040 netlogon.dll
2 File(s) 588,288 bytes

Directory of C:\WINDOWS\system32

08/04/2004 05:00 AM 180,224 scecli.dll

Directory of C:\WINDOWS\system32

02/06/2009 11:46 AM 408,064 netlogon.dll
2 File(s) 588,288 bytes

Directory of C:\WINDOWS\system32\dllcache

02/06/2009 11:46 AM 408,064 netlogon.dll
1 File(s) 408,064 bytes

Total Files Listed:
7 File(s) 2,399,744 bytes
0 Dir(s) 38,676,361,216 bytes free
These Windows services are started:

Apple Mobile Device
Application Layer Gateway Service
Automatic Updates
AVG Free8 WatchDog
Background Intelligent Transfer Service
COM+ Event System
ConfigFree Service
Cryptographic Services
DCOM Server Process Launcher
DHCP Client
Distributed Link Tracking Client
DNS Client
DVD-RAM_Service
Error Reporting Service
Event Log
EvtEng
Help and Support
HID Input Service
iPod Service
IPSEC Services
Network Connections
Network Location Awareness (NLA)
Plug and Play
Print Spooler
Protected Storage
RegSrvc
Remote Access Connection Manager
Remote Procedure Call (RPC)
Secondary Logon
Security Accounts Manager
Security Center
Server
Shell Hardware Detection
Spectrum24 Event Monitor
SSDP Discovery Service
Swupdtmr
System Event Notification
System Restore Service
TabletServicePen
Task Scheduler
TCP/IP NetBIOS Helper
Telephony
Terminal Services
Themes
TOSHIBA Application Service
WebClient
Windows Audio
Windows Firewall/Internet Connection Sharing (ICS)
Windows Image Acquisition (WIA)
Windows Management Instrumentation
Windows Time
Wireless Zero Configuration
Workstation

The command completed successfully.

These Windows services are started:

Apple Mobile Device
Application Layer Gateway Service
Automatic Updates
AVG Free8 WatchDog
Background Intelligent Transfer Service
COM+ Event System
ConfigFree Service
Cryptographic Services
DCOM Server Process Launcher
DHCP Client
Distributed Link Tracking Client
DNS Client
DVD-RAM_Service
Error Reporting Service
Event Log
EvtEng
Help and Support
HID Input Service
iPod Service
IPSEC Services
Network Connections
Network Location Awareness (NLA)
Plug and Play
Print Spooler
Protected Storage
RegSrvc
Remote Access Connection Manager
Remote Procedure Call (RPC)
Secondary Logon
Security Accounts Manager
Security Center
Server
Shell Hardware Detection
Spectrum24 Event Monitor
SSDP Discovery Service
Swupdtmr
System Event Notification
System Restore Service
TabletServicePen
Task Scheduler
TCP/IP NetBIOS Helper
Telephony
Terminal Services
Themes
TOSHIBA Application Service
WebClient
Windows Audio
Windows Firewall/Internet Connection Sharing (ICS)
Windows Image Acquisition (WIA)
Windows Management Instrumentation
Windows Time
Wireless Zero Configuration
Workstation

The command completed successfully.

These Windows services are started:

Apple Mobile Device
Application Layer Gateway Service
Automatic Updates
AVG Free8 WatchDog
Background Intelligent Transfer Service
COM+ Event System
ConfigFree Service
Cryptographic Services
DCOM Server Process Launcher
DHCP Client
Distributed Link Tracking Client
DNS Client
DVD-RAM_Service
Error Reporting Service
Event Log
EvtEng
Help and Support
HID Input Service
iPod Service
IPSEC Services
Network Connections
Network Location Awareness (NLA)
Plug and Play
Print Spooler
Protected Storage
RegSrvc
Remote Access Connection Manager
Remote Procedure Call (RPC)
Secondary Logon
Security Accounts Manager
Security Center
Server
Shell Hardware Detection
Spectrum24 Event Monitor
SSDP Discovery Service
Swupdtmr
System Event Notification
System Restore Service
TabletServicePen
Task Scheduler
TCP/IP NetBIOS Helper
Telephony
Terminal Services
Themes
TOSHIBA Application Service
WebClient
Windows Audio
Windows Firewall/Internet Connection Sharing (ICS)
Windows Image Acquisition (WIA)
Windows Management Instrumentation
Windows Time
Wireless Zero Configuration
Workstation

The command completed successfully.

These Windows services are started:

Apple Mobile Device
Application Layer Gateway Service
Automatic Updates
AVG Free8 WatchDog
Background Intelligent Transfer Service
COM+ Event System
ConfigFree Service
Cryptographic Services
DCOM Server Process Launcher
DHCP Client
Distributed Link Tracking Client
DNS Client
DVD-RAM_Service
Error Reporting Service
Event Log
EvtEng
Help and Support
HID Input Service
iPod Service
IPSEC Services
Network Connections
Network Location Awareness (NLA)
Plug and Play
Print Spooler
Protected Storage
RegSrvc
Remote Access Connection Manager
Remote Procedure Call (RPC)
Secondary Logon
Security Accounts Manager
Security Center
Server
Shell Hardware Detection
Spectrum24 Event Monitor
SSDP Discovery Service
Swupdtmr
System Event Notification
System Restore Service
TabletServicePen
Task Scheduler
TCP/IP NetBIOS Helper
Telephony
Terminal Services
Themes
TOSHIBA Application Service
WebClient
Windows Audio
Windows Firewall/Internet Connection Sharing (ICS)
Windows Image Acquisition (WIA)
Windows Management Instrumentation
Windows Time
Wireless Zero Configuration
Workstation

The command completed successfully.

Edited by thunderstorm387, 21 August 2009 - 12:17 PM.

Please download SystemLook from one of the links below and save it to your Desktop.
Download Mirror #1
Download Mirror #2

• Double-click SystemLook.exe to run it.
• Copy the content of the following codebox into the main textfield:
  

  :dir
  C:\Documents and Settings\All Users\Application Data /s

• Click the Look button to start the scan.
• When finished, a notepad window will open with the results of the scan. Please post this log in your next reply.

Note: The log can also be found on your Desktop entitled SystemLook.txt

SystemLook v1.0 by jpshortstuff (22.05.09)
Log created at 11:34 on 21/08/2009 by Julia Yu (Administrator - Elevation successful)

========== dir ==========

C:\Documents and Settings\All Users\Application Data - Parameters: "/s"

---Files---
desktop.ini --ahs- 62 bytes [18:33 04/11/2005] [18:33 04/11/2005]
ezsid.dat --a--c 32 bytes [02:05 23/02/2008] [02:05 23/02/2008]
hpzinstall.log --a--c 1676 bytes [04:51 09/04/2007] [04:11 03/05/2007]
QTSBandwidthCache --a--c 1369 bytes [03:47 24/06/2007] [00:22 19/04/2008]
Thumbs.db --ahsc 4608 bytes [05:14 26/11/2006] [05:14 26/11/2006]

C:\Documents and Settings\All Users\Application Data\Adobe d----- [03:53 03/06/2007]

C:\Documents and Settings\All Users\Application Data\Adobe\Acrobat d----- [03:53 03/06/2007]

C:\Documents and Settings\All Users\Application Data\Adobe\Acrobat\7.0 d----- [03:53 03/06/2007]

C:\Documents and Settings\All Users\Application Data\Adobe\Acrobat\7.0\Replicate d----- [03:53 03/06/2007]

C:\Documents and Settings\All Users\Application Data\Adobe\Acrobat\7.0\Replicate\Security d----- [03:53 03/06/2007]
directories.acrodata -ra--c 1026 bytes [22:45 20/10/2004] [22:45 20/10/2004]

C:\Documents and Settings\All Users\Application Data\Adobe\Updater d----- [01:18 13/06/2007]
AdobeESDGlobalApps.xml --a--- 990 bytes [01:22 13/06/2007] [19:20 20/08/2009]

C:\Documents and Settings\All Users\Application Data\Adobe\Updater\Certs d----- [01:18 13/06/2007]
AdobeAUM_rootCert.cer --a--c 1233 bytes [02:16 17/03/2005] [02:16 17/03/2005]
AdobeUpdate.cer --a--c 1262 bytes [02:16 17/03/2005] [02:16 17/03/2005]
AdobeUpdater.cer --a--c 1263 bytes [02:16 17/03/2005] [02:16 17/03/2005]
bridge.cer --a--c 1262 bytes [20:49 24/03/2005] [20:49 24/03/2005]
helpcenter.cer --a--c 1268 bytes [03:25 16/03/2005] [03:25 16/03/2005]
photoshop.cer --a--c 1265 bytes [18:39 04/01/2005] [18:39 04/01/2005]
stockphotos.cer --a--c 1284 bytes [23:33 03/03/2005] [23:33 03/03/2005]

C:\Documents and Settings\All Users\Application Data\Adobe Systems d----- [04:02 03/06/2007]

C:\Documents and Settings\All Users\Application Data\Adobe Systems\Product licenses d----- [04:02 03/06/2007]
B2B86000.dat -r---- 6204 bytes [01:20 13/06/2007] [01:21 13/06/2007]

C:\Documents and Settings\All Users\Application Data\Adobe(2) d----- [05:06 18/03/2007]

C:\Documents and Settings\All Users\Application Data\Adobe(2)\Acrobat(2) d----- [05:06 18/03/2007]

C:\Documents and Settings\All Users\Application Data\Adobe(2)\Acrobat(2)\7(2).0 d----- [05:06 18/03/2007]

C:\Documents and Settings\All Users\Application Data\Adobe(2)\Acrobat(2)\7(2).0\Replicate(2) d----- [05:06 18/03/2007]

C:\Documents and Settings\All Users\Application Data\Adobe(2)\Acrobat(2)\7(2).0\Replicate(2)\Security(2) d----- [05:06 18/03/2007]
directories.acrodata -ra--c 1026 bytes [22:45 20/10/2004] [22:45 20/10/2004]

C:\Documents and Settings\All Users\Application Data\AOL d----- [02:31 02/05/2007]

C:\Documents and Settings\All Users\Application Data\AOL\C_America Online 9.0 d----- [02:34 02/05/2007]
appdata.ini --a--c 105 bytes [04:27 05/11/2005] [04:28 05/11/2005]
goto.ini --a--c 362 bytes [17:28 18/08/2005] [17:28 18/08/2005]
gotoko.ini --a--c 419 bytes [17:28 18/08/2005] [17:28 18/08/2005]
version.inf --a--c 238 bytes [17:28 18/08/2005] [04:29 05/11/2005]
viewers.ini --a--c 1791 bytes [17:28 18/08/2005] [17:28 18/08/2005]

C:\Documents and Settings\All Users\Application Data\AOL\C_America Online 9.0\aolshare d----- [02:34 02/05/2007]

C:\Documents and Settings\All Users\Application Data\AOL\C_America Online 9.0\aolshare\sounds d----- [02:34 02/05/2007]

C:\Documents and Settings\All Users\Application Data\AOL\C_America Online 9.0\aolshare\sounds\US d----- [02:34 02/05/2007]

C:\Documents and Settings\All Users\Application Data\AOL\C_America Online 9.0\aolshare\sounds\US\Default d----- [02:34 02/05/2007]

C:\Documents and Settings\All Users\Application Data\AOL\C_America Online 9.0\backup d----- [02:34 02/05/2007]

C:\Documents and Settings\All Users\Application Data\AOL\C_America Online 9.0\idb d----- [02:34 02/05/2007]

C:\Documents and Settings\All Users\Application Data\AOL\C_America Online 9.0\organize d----- [02:34 02/05/2007]

C:\Documents and Settings\All Users\Application Data\AOL\C_America Online 9.0\sounds d----- [02:34 02/05/2007]

C:\Documents and Settings\All Users\Application Data\AOL\C_America Online 9.0\sounds\us d----- [02:34 02/05/2007]
sounds.ini --a--c 1191 bytes [17:28 18/08/2005] [17:28 18/08/2005]

C:\Documents and Settings\All Users\Application Data\AOL\Proofreader d----- [02:34 02/05/2007]
accent.tlx --a--c 2338 bytes [04:28 05/11/2005] [21:28 18/08/2005]
correctam.tlx --a--c 21529 bytes [04:28 05/11/2005] [21:28 18/08/2005]
ssceam.tlx --a--c 7796 bytes [04:28 05/11/2005] [21:28 18/08/2005]
ssceam2.clx --a--c 327608 bytes [04:28 05/11/2005] [21:28 18/08/2005]
tech.tlx --a--c 3618 bytes [04:28 05/11/2005] [21:28 18/08/2005]
userdicam.tlx --a--c 12 bytes [04:28 05/11/2005] [21:28 18/08/2005]

C:\Documents and Settings\All Users\Application Data\AOL\TopSpeed d----- [02:34 02/05/2007]

C:\Documents and Settings\All Users\Application Data\AOL\TopSpeed\2.0 d----- [02:34 02/05/2007]
aolstderr.txt --a--- 21 bytes [02:40 02/05/2007] [18:38 31/01/2009]
aolstdout.txt --a--- 0 bytes [02:40 02/05/2007] [18:38 31/01/2009]
aoltsmon.lock --a--c 4 bytes [02:40 02/05/2007] [18:38 31/01/2009]
cache.db --a--c 268435456 bytes [06:47 18/09/2007] [10:36 18/09/2007]
server.lock --a--c 4 bytes [02:40 02/05/2007] [18:38 31/01/2009]

C:\Documents and Settings\All Users\Application Data\AOL\UserProfiles d----- [02:31 02/05/2007]

C:\Documents and Settings\All Users\Application Data\AOL\UserProfiles\All Users d----- [02:31 02/05/2007]

C:\Documents and Settings\All Users\Application Data\AOL\UserProfiles\All Users\cls d----- [02:31 02/05/2007]

C:\Documents and Settings\All Users\Application Data\AOL\UserProfiles\All Users\toaster d----- [02:31 02/05/2007]

C:\Documents and Settings\All Users\Application Data\AOL\UserProfiles\All Users\toaster\aol.activeupdate d----- [02:31 02/05/2007]

C:\Documents and Settings\All Users\Application Data\AOL\UserProfiles\All Users\toaster\aol.activeupdate\ActiveUpdate d----- [02:31 02/05/2007]

C:\Documents and Settings\All Users\Application Data\AOL\UserProfiles\All Users\toaster\aol.activeupdate\ActiveUpdate\en-US d----- [02:31 02/05/2007]

C:\Documents and Settings\All Users\Application Data\AOL\UserProfilesAOL d----- [02:31 02/05/2007]

C:\Documents and Settings\All Users\Application Data\AOL\UserProfilesAOL\All Users d----- [02:31 02/05/2007]

C:\Documents and Settings\All Users\Application Data\AOL\UserProfilesAOL\All Users\BFTS d----- [02:31 02/05/2007]

C:\Documents and Settings\All Users\Application Data\AOL\UserProfilesAOL\All Users\SUDS d----- [02:31 02/05/2007]

C:\Documents and Settings\All Users\Application Data\AOL\UserProfilesAOL\All Users\SUDS\CACHE d----- [02:31 02/05/2007]

C:\Documents and Settings\All Users\Application Data\AOL\UserProfilesAOL\All Users\SUDS\CACHE\3991.4.16 d----- [02:31 02/05/2007]
AIMinst.exe --a--c 852328 bytes [18:04 09/09/2006] [19:39 23/08/2006]
AIMLang.exe --a--c 500896 bytes [18:04 09/09/2006] [19:39 23/08/2006]
gui.dll --a--c 474184 bytes [18:04 09/09/2006] [22:02 31/07/2006]
gui.ini --a--c 9290 bytes [18:04 09/09/2006] [01:24 10/08/2006]
imappver.dll --a--c 13904 bytes [18:04 09/09/2006] [19:39 23/08/2006]
instph.dll --a--c 94288 bytes [18:04 09/09/2006] [19:39 23/08/2006]
ProgUpd.dll --a--c 80976 bytes [18:04 09/09/2006] [19:39 23/08/2006]
setup.ini --a--c 882 bytes [18:04 09/09/2006] [19:39 23/08/2006]

C:\Documents and Settings\All Users\Application Data\AOL\UserProfilesAOL\All Users\SUDS\CACHE\4000.1.4 d----- [02:31 02/05/2007]
AIMinst.exe --a--c 874808 bytes [02:57 26/10/2006] [20:19 26/09/2006]
aiminst.ini --a--c 3970 bytes [02:57 26/10/2006] [20:19 26/09/2006]
AIMLang.exe --a--c 430168 bytes [02:57 26/10/2006] [20:19 26/09/2006]
alsetup.exe --a--c 81176 bytes [02:57 26/10/2006] [20:19 26/09/2006]
ampx.exe --a--c 601176 bytes [02:57 26/10/2006] [20:19 26/09/2006]
aod.exe --a--c 104528 bytes [02:57 26/10/2006] [20:19 26/09/2006]
AOLFirewallMgr.dll --a--c 87656 bytes [02:57 26/10/2006] [20:19 26/09/2006]
aoltbchk.dll --a--c 58984 bytes [02:57 26/10/2006] [20:19 26/09/2006]
gui.dll --a--c 473168 bytes [02:57 26/10/2006] [20:19 26/09/2006]
gui.ini --a--c 8265 bytes [02:57 26/10/2006] [20:19 26/09/2006]
imappver.dll --a--c 13904 bytes [02:57 26/10/2006] [20:19 26/09/2006]
instopts.exe --a--c 44448 bytes [02:57 26/10/2006] [20:19 26/09/2006]
instph.dll --a--c 94288 bytes [02:57 26/10/2006] [20:19 26/09/2006]
instSup.dll --a--c 63080 bytes [02:57 26/10/2006] [20:19 26/09/2006]
iphinst.exe --a--c 163888 bytes [02:57 26/10/2006] [20:19 26/09/2006]
muinst.exe --a--c 555736 bytes [02:57 26/10/2006] [20:19 26/09/2006]
ocpchk.dll --a--c 15976 bytes [02:57 26/10/2006] [20:19 26/09/2006]
ocpinst.exe --a--c 5269312 bytes [02:57 26/10/2006] [20:19 26/09/2006]
post.ini --a--c 1374 bytes [02:57 26/10/2006] [20:19 26/09/2006]
postproc.exe --a--c 34896 bytes [02:57 26/10/2006] [20:19 26/09/2006]
ProgUpd.dll --a--c 80976 bytes [02:57 26/10/2006] [20:19 26/09/2006]
setup.exe --a--c 312912 bytes [02:57 26/10/2006] [20:19 26/09/2006]
setup.ini --a--c 2233 bytes [02:57 26/10/2006] [20:20 26/09/2006]
tbinst.dll --a--c 11856 bytes [02:57 26/10/2006] [20:20 26/09/2006]
tbsetup.exe --a--c 357768 bytes [02:57 26/10/2006] [20:20 26/09/2006]
toolbar.exe --a--c 1144760 bytes [02:57 26/10/2006] [20:20 26/09/2006]
VerCopy.exe --a--c 69632 bytes [02:57 26/10/2006] [22:00 28/06/2006]
vwpt.exe --a--c 409640 bytes [02:57 26/10/2006] [20:20 26/09/2006]

C:\Documents and Settings\All Users\Application Data\AOL\UserProfilesAOL\All Users\SUDS\METRICS d----- [02:31 02/05/2007]
Update.ini --a--c 437 bytes [18:04 09/09/2006] [17:33 28/10/2006]

C:\Documents and Settings\All Users\Application Data\AOL\UserProfilesAOL\All Users\SUDS\PERSISTENT d----- [02:31 02/05/2007]

C:\Documents and Settings\All Users\Application Data\AOL\UserProfilesAOL\All Users\SUDS\PERSISTENT\1 d----- [02:31 02/05/2007]

C:\Documents and Settings\All Users\Application Data\AOL\UserProfilesAOL\All Users\SUDS\PERSISTENT\10 d----- [02:31 02/05/2007]

C:\Documents and Settings\All Users\Application Data\AOL\UserProfilesAOL\All Users\SUDS\PERSISTENT\11 d----- [02:31 02/05/2007]

C:\Documents and Settings\All Users\Application Data\AOL\UserProfilesAOL\All Users\SUDS\PERSISTENT\2 d----- [02:31 02/05/2007]

C:\Documents and Settings\All Users\Application Data\AOL\UserProfilesAOL\All Users\SUDS\PERSISTENT\3 d----- [02:31 02/05/2007]

C:\Documents and Settings\All Users\Application Data\AOL\UserProfilesAOL\All Users\SUDS\PERSISTENT\4 d----- [02:31 02/05/2007]

C:\Documents and Settings\All Users\Application Data\AOL\UserProfilesAOL\All Users\SUDS\PERSISTENT\5 d----- [02:31 02/05/2007]

C:\Documents and Settings\All Users\Application Data\AOL\UserProfilesAOL\All Users\SUDS\PERSISTENT\6 d----- [02:31 02/05/2007]

C:\Documents and Settings\All Users\Application Data\AOL\UserProfilesAOL\All Users\SUDS\PERSISTENT\8 d----- [02:31 02/05/2007]

C:\Documents and Settings\All Users\Application Data\AOL\UserProfilesAOL\All Users\SUDS\PERSISTENT\9 d----- [02:31 02/05/2007]

C:\Documents and Settings\All Users\Application Data\AOL\UserProfilesAOL\All Users\SUDS\TEMP d----- [02:31 02/05/2007]

C:\Documents and Settings\All Users\Application Data\AOL Downloads d----- [02:31 02/05/2007]

C:\Documents and Settings\All Users\Application Data\AOL Downloads\AIMSUD338 d----- [02:31 02/05/2007]
AIMinst.exe --a--c 874808 bytes [02:58 26/10/2006] [20:19 26/09/2006]
aiminst.ini --a--c 3970 bytes [02:58 26/10/2006] [20:19 26/09/2006]
AIMLang.exe --a--c 430168 bytes [02:58 26/10/2006] [20:19 26/09/2006]
alsetup.exe --a--c 81176 bytes [02:58 26/10/2006] [20:19 26/09/2006]
ampx.exe --a--c 601176 bytes [02:58 26/10/2006] [20:19 26/09/2006]
aod.exe --a--c 104528 bytes [02:58 26/10/2006] [20:19 26/09/2006]
AOLFirewallMgr.dll --a--c 87656 bytes [02:58 26/10/2006] [20:19 26/09/2006]
aoltbchk.dll --a--c 58984 bytes [02:58 26/10/2006] [20:19 26/09/2006]
gui.dll --a--c 473168 bytes [02:58 26/10/2006] [20:19 26/09/2006]
gui.ini --a--c 8265 bytes [02:58 26/10/2006] [20:19 26/09/2006]
imappver.dll --a--c 13904 bytes [02:58 26/10/2006] [20:19 26/09/2006]
instopts.exe --a--c 44448 bytes [02:58 26/10/2006] [20:19 26/09/2006]
instph.dll --a--c 94288 bytes [02:58 26/10/2006] [20:19 26/09/2006]
instSup.dll --a--c 63080 bytes [02:58 26/10/2006] [20:19 26/09/2006]
iphinst.exe --a--c 163888 bytes [02:58 26/10/2006] [20:19 26/09/2006]
muinst.exe --a--c 555736 bytes [02:58 26/10/2006] [20:19 26/09/2006]
ocpchk.dll --a--c 15976 bytes [02:58 26/10/2006] [20:19 26/09/2006]
ocpinst.exe --a--c 5269312 bytes [02:58 26/10/2006] [20:19 26/09/2006]
post.ini --a--c 1374 bytes [02:58 26/10/2006] [20:19 26/09/2006]
postproc.exe --a--c 34896 bytes [02:58 26/10/2006] [20:19 26/09/2006]
ProgUpd.dll --a--c 80976 bytes [02:58 26/10/2006] [20:19 26/09/2006]
setup.exe --a--c 312912 bytes [02:58 26/10/2006] [20:19 26/09/2006]
setup.ini --a--c 2233 bytes [02:58 26/10/2006] [20:20 26/09/2006]
tbinst.dll --a--c 11856 bytes [02:58 26/10/2006] [20:20 26/09/2006]
tbsetup.exe --a--c 357768 bytes [02:58 26/10/2006] [20:20 26/09/2006]
toolbar.exe --a--c 1144760 bytes [02:58 26/10/2006] [20:20 26/09/2006]
vwpt.exe --a--c 409640 bytes [02:58 26/10/2006] [20:20 26/09/2006]

C:\Documents and Settings\All Users\Application Data\AOL Downloads\SUD4024 d----- [02:31 02/05/2007]
aim.ico --a--c 20374 bytes [01:40 13/12/2006] [00:38 02/12/2006]
AIMinst.exe --a--c 1178096 bytes [01:40 13/12/2006] [00:38 02/12/2006]
aiminst.ini --a--c 4176 bytes [01:40 13/12/2006] [00:39 02/12/2006]
AIMLang.exe --a--c 560784 bytes [01:40 13/12/2006] [00:38 02/12/2006]
alsetup.exe --a--c 141944 bytes [01:40 13/12/2006] [00:38 02/12/2006]
ampx.exe --a--c 631624 bytes [01:40 13/12/2006] [00:38 02/12/2006]
AOLFirewallMgr.dll --a--c 87600 bytes [01:40 13/12/2006] [00:38 02/12/2006]
aoltbchk.dll --a--c 58928 bytes [01:40 13/12/2006] [00:38 02/12/2006]
chckampx.dll --a--c 46640 bytes [01:40 13/12/2006] [00:38 02/12/2006]
gui.dll --a--c 236592 bytes [01:40 13/12/2006] [00:38 02/12/2006]
gui.ini --a--c 4989 bytes [01:40 13/12/2006] [00:38 02/12/2006]
imappver.dll --a--c 13872 bytes [01:40 13/12/2006] [00:38 02/12/2006]
inst.exe --a--c 164912 bytes [01:40 13/12/2006] [00:38 02/12/2006]
instopts.exe --a--c 55200 bytes [01:40 13/12/2006] [00:39 02/12/2006]
instph.dll --a--c 94256 bytes [01:40 13/12/2006] [00:38 02/12/2006]
instSup.dll --a--c 63024 bytes [01:40 13/12/2006] [00:38 02/12/2006]
migrator.exe --a--c 228912 bytes [01:40 13/12/2006] [00:38 02/12/2006]
muinst.exe --a--c 579248 bytes [01:40 13/12/2006] [00:38 02/12/2006]
ocpchk.dll --a--c 15920 bytes [01:40 13/12/2006] [00:38 02/12/2006]
ocpinst.exe --a--c 5358864 bytes [01:40 13/12/2006] [00:38 02/12/2006]
post.ini --a--c 484 bytes [01:40 13/12/2006] [00:38 02/12/2006]
postproc.exe --a--c 35888 bytes [01:40 13/12/2006] [00:38 02/12/2006]
ProgUpd.dll --a--c 83504 bytes [01:40 13/12/2006] [00:38 02/12/2006]
setup.exe --a--c 312880 bytes [01:40 13/12/2006] [00:38 02/12/2006]
setup.ini --a--c 1424 bytes [01:40 13/12/2006] [00:38 02/12/2006]
tbinst.dll --a--c 11824 bytes [01:40 13/12/2006] [00:38 02/12/2006]
tbsetup.exe --a--c 357776 bytes [01:40 13/12/2006] [00:38 02/12/2006]
toolbar.exe --a--c 1082064 bytes [01:40 13/12/2006] [00:38 02/12/2006]
vwpt.exe --a--c 409640 bytes [01:40 13/12/2006] [00:38 02/12/2006]

C:\Documents and Settings\All Users\Application Data\AOL Downloads\SUD4024\html d----- [02:31 02/05/2007]

C:\Documents and Settings\All Users\Application Data\AOL Downloads\SUD4220 d----- [01:03 23/10/2007]
aim.ico --a--c 25214 bytes [01:03 23/10/2007] [17:09 11/10/2007]
AIMLang.exe --a--c 572960 bytes [01:03 23/10/2007] [17:09 11/10/2007]
alsetup.exe --a--c 142040 bytes [01:03 23/10/2007] [17:09 11/10/2007]
aoldlmgr.exe --a--c 120368 bytes [01:03 23/10/2007] [17:09 11/10/2007]
AOLFirewallMgr.dll --a--c 95792 bytes [01:03 23/10/2007] [17:09 11/10/2007]
close.bmp --a--c 3128 bytes [01:03 23/10/2007] [17:09 11/10/2007]
dlconfig.ini --a--c 82 bytes [01:03 23/10/2007] [17:09 11/10/2007]
gui.dll --a--c 243504 bytes [01:03 23/10/2007] [17:09 11/10/2007]
gui.ini --a--c 5467 bytes [01:03 23/10/2007] [17:09 11/10/2007]
ie7chck.dll --a--c 2560 bytes [01:03 23/10/2007] [17:09 11/10/2007]
imappver.dll --a--c 13664 bytes [01:03 23/10/2007] [17:09 11/10/2007]
instsize.log --a--c 70700 bytes [01:03 23/10/2007] [17:09 11/10/2007]
instSup.dll --a--c 75104 bytes [01:03 23/10/2007] [17:09 11/10/2007]
maximize.bmp --a--c 3128 bytes [01:03 23/10/2007] [17:09 11/10/2007]
migrator.exe --a--c 228192 bytes [01:03 23/10/2007] [17:09 11/10/2007]
minimize.bmp --a--c 3128 bytes [01:03 23/10/2007] [17:09 11/10/2007]
ocpchk.dll --a--c 15712 bytes [01:03 23/10/2007] [17:09 11/10/2007]
ocpinst.exe --a--c 5552832 bytes [01:03 23/10/2007] [17:09 11/10/2007]
post.ini --a--c 389 bytes [01:03 23/10/2007] [17:10 11/10/2007]
postinst.dll --a--c 195424 bytes [01:03 23/10/2007] [17:10 11/10/2007]
postproc.exe --a--c 36912 bytes [01:03 23/10/2007] [17:10 11/10/2007]
postui.ini --a--c 3206 bytes [01:03 23/10/2007] [17:10 11/10/2007]
ProgUpd.dll --a--c 83504 bytes [01:03 23/10/2007] [17:09 11/10/2007]
rbm.bin --a--c 80 bytes [01:03 23/10/2007] [17:10 11/10/2007]
setup.exe --a--c 170544 bytes [01:03 23/10/2007] [17:10 11/10/2007]
setup.ini --a--c 3204 bytes [01:03 23/10/2007] [17:10 11/10/2007]
tbinst.dll --a--c 11616 bytes [01:03 23/10/2007] [17:10 11/10/2007]
tbsetup.exe --a--c 359184 bytes [01:03 23/10/2007] [17:10 11/10/2007]
unagi3.exe --a--c 376568 bytes [01:03 23/10/2007] [17:10 11/10/2007]
Vwpt.exe --a--c 2882640 bytes [01:03 23/10/2007] [17:10 11/10/2007]

C:\Documents and Settings\All Users\Application Data\AOL Downloads\SUD4220\html d----- [01:03 23/10/2007]
AreYouSure.htm --a--c 584 bytes [01:03 23/10/2007] [17:09 11/10/2007]
CanceledInstall.htm --a--c 572 bytes [01:03 23/10/2007] [17:09 11/10/2007]
CancelingInstall.htm --a--c 595 bytes [01:03 23/10/2007] [17:09 11/10/2007]
CloseRunning.htm --a--c 926 bytes [01:03 23/10/2007] [17:09 11/10/2007]
Congrats1.htm --a--c 688 bytes [01:03 23/10/2007] [17:09 11/10/2007]
Congrats2.htm --a--c 780 bytes [01:03 23/10/2007] [17:09 11/10/2007]
Congrats3.htm --a--c 628 bytes [01:03 23/10/2007] [17:09 11/10/2007]
Congrats4.htm --a--c 619 bytes [01:03 23/10/2007] [17:09 11/10/2007]
Error_FailedDiskSpaceCheck.htm --a--c 723 bytes [01:03 23/10/2007] [17:09 11/10/2007]
eula.htm --a--c 46279 bytes [01:03 23/10/2007] [17:09 11/10/2007]
ExistNewerVersion.htm --a--c 614 bytes [01:03 23/10/2007] [17:09 11/10/2007]
InstallingProgress.htm --a--c 540 bytes [01:03 23/10/2007] [17:09 11/10/2007]
Legal.htm --a--c 7050 bytes [01:03 23/10/2007] [17:09 11/10/2007]
LegalAgreement.htm --a--c 37470 bytes [01:03 23/10/2007] [17:09 11/10/2007]
NoQualify.htm --a--c 565 bytes [01:03 23/10/2007] [17:09 11/10/2007]
NothingTodo.htm --a--c 618 bytes [01:03 23/10/2007] [17:09 11/10/2007]
Preparing.htm --a--c 563 bytes [01:03 23/10/2007] [17:09 11/10/2007]
privacy.htm --a--c 24869 bytes [01:03 23/10/2007] [17:09 11/10/2007]
PrivacyPolicy.htm --a--c 23743 bytes [01:03 23/10/2007] [17:09 11/10/2007]
ProductDetected.htm --a--c 568 bytes [01:03 23/10/2007] [17:09 11/10/2007]
RebootPending.htm --a--c 641 bytes [01:03 23/10/2007] [17:09 11/10/2007]
tos.htm --a--c 34668 bytes [01:03 23/10/2007] [17:09 11/10/2007]
Warning.htm --a--c 570 bytes [01:03 23/10/2007] [17:09 11/10/2007]
_styles.css --a--c 5547 bytes [01:03 23/10/2007] [17:09 11/10/2007]

C:\Documents and Settings\All Users\Application Data\AOL Downloads\SUD4268 d----- [02:46 15/02/2008]
aim.ico --a--c 25214 bytes [02:46 15/02/2008] [19:11 03/01/2008]
AIMinst.exe --a--c 1534136 bytes [02:46 15/02/2008] [19:11 03/01/2008]
AIMLang.exe --a--c 561928 bytes [02:46 15/02/2008] [19:11 03/01/2008]
alsetup.exe --a--c 142040 bytes [02:46 15/02/2008] [19:11 03/01/2008]
aoldlmgr.exe --a--c 120368 bytes [02:46 15/02/2008] [19:11 03/01/2008]
AOLFirewallMgr.dll --a--c 95792 bytes [02:46 15/02/2008] [19:11 03/01/2008]
AOLSearch.dll --a--c 111968 bytes [02:46 15/02/2008] [19:11 03/01/2008]
bsetutil.exe --a--c 96608 bytes [02:46 15/02/2008] [19:11 03/01/2008]
close.bmp --a--c 3128 bytes [02:46 15/02/2008] [19:11 03/01/2008]
dlconfig.ini --a--c 49 bytes [02:46 15/02/2008] [19:11 03/01/2008]
gui.dll --a--c 243504 bytes [02:46 15/02/2008] [19:11 03/01/2008]
gui.ini --a--c 5495 bytes [02:46 15/02/2008] [19:11 03/01/2008]
imappver.dll --a--c 13664 bytes [02:46 15/02/2008] [19:11 03/01/2008]
instsize.log --a--c 72741 bytes [02:46 15/02/2008] [19:12 03/01/2008]
instSup.dll --a--c 75104 bytes [02:46 15/02/2008] [19:11 03/01/2008]
maximize.bmp --a--c 3128 bytes [02:46 15/02/2008] [19:11 03/01/2008]
migrator.exe --a--c 228192 bytes [02:46 15/02/2008] [19:11 03/01/2008]
minimize.bmp --a--c 3128 bytes [02:46 15/02/2008] [19:11 03/01/2008]
ocpchk.dll --a--c 15712 bytes [02:46 15/02/2008] [19:11 03/01/2008]
ocpinst.exe --a--c 5572272 bytes [02:46 15/02/2008] [19:11 03/01/2008]
post.ini --a--c 389 bytes [02:46 15/02/2008] [19:11 03/01/2008]
postinst.dll --a--c 209248 bytes [02:46 15/02/2008] [19:11 03/01/2008]
postproc.exe --a--c 36912 bytes [02:46 15/02/2008] [19:11 03/01/2008]
postui.ini --a--c 1954 bytes [02:46 15/02/2008] [19:11 03/01/2008]
ProgUpd.dll --a--c 83808 bytes [02:46 15/02/2008] [19:11 03/01/2008]
rbm.bin --a--c 80 bytes [02:46 15/02/2008] [19:11 03/01/2008]
register.bat --a--c 25 bytes [02:46 15/02/2008] [19:11 03/01/2008]
setup.exe --a--c 170848 bytes [02:46 15/02/2008] [19:11 03/01/2008]
setup.ini --a--c 3299 bytes [02:46 15/02/2008] [19:11 03/01/2008]
tbinst.dll --a--c 11616 bytes [02:46 15/02/2008] [19:11 03/01/2008]
tbsetup.exe --a--c 383128 bytes [02:46 15/02/2008] [19:11 03/01/2008]
toolbar.exe --a--c 1628864 bytes [02:46 15/02/2008] [19:11 03/01/2008]
unagi3.exe --a--c 376568 bytes [02:46 15/02/2008] [19:11 03/01/2008]
Uninstaller.exe --a--c 30560 bytes [02:46 15/02/2008] [19:11 03/01/2008]
unregister.bat --a--c 28 bytes [02:46 15/02/2008] [19:11 03/01/2008]
vwpt.exe --a--c 2882640 bytes [02:46 15/02/2008] [19:11 03/01/2008]

C:\Documents and Settings\All Users\Application Data\AOL Downloads\SUD4268\html d----- [02:46 15/02/2008]
AreYouSure.htm --a--c 584 bytes [02:46 15/02/2008] [19:11 03/01/2008]
CanceledInstall.htm --a--c 572 bytes [02:46 15/02/2008] [19:11 03/01/2008]
CancelingInstall.htm --a--c 595 bytes [02:46 15/02/2008] [19:11 03/01/2008]
CloseRunning.htm --a--c 926 bytes [02:46 15/02/2008] [19:11 03/01/2008]
Congrats1.htm --a--c 688 bytes [02:46 15/02/2008] [19:11 03/01/2008]
Congrats2.htm --a--c 780 bytes [02:46 15/02/2008] [19:11 03/01/2008]
Congrats3.htm --a--c 628 bytes [02:46 15/02/2008] [19:11 03/01/2008]
Congrats4.htm --a--c 619 bytes [02:46 15/02/2008] [19:11 03/01/2008]
Error_FailedDiskSpaceCheck.htm --a--c 723 bytes [02:46 15/02/2008] [19:11 03/01/2008]
eula.htm --a--c 43955 bytes [02:46 15/02/2008] [19:11 03/01/2008]
ExistNewerVersion.htm --a--c 614 bytes [02:46 15/02/2008] [19:11 03/01/2008]
InstallingProgress.htm --a--c 540 bytes [02:46 15/02/2008] [19:11 03/01/2008]
Legal.htm --a--c 7159 bytes [02:46 15/02/2008] [19:11 03/01/2008]
LegalAgreement.htm --a--c 37470 bytes [02:46 15/02/2008] [19:11 03/01/2008]
NoQualify.htm --a--c 565 bytes [02:46 15/02/2008] [19:11 03/01/2008]
NothingTodo.htm --a--c 618 bytes [02:46 15/02/2008] [19:11 03/01/2008]
Preparing.htm --a--c 563 bytes [02:46 15/02/2008] [19:11 03/01/2008]
privacy.htm --a--c 24869 bytes [02:46 15/02/2008] [19:11 03/01/2008]
PrivacyPolicy.htm --a--c 23743 bytes [02:46 15/02/2008] [19:11 03/01/2008]
ProductDetected.htm --a--c 568 bytes [02:46 15/02/2008] [19:11 03/01/2008]
QQErr.htm --a--c 862 bytes [02:46 15/02/2008] [19:11 03/01/2008]
RebootPending.htm --a--c 641 bytes [02:46 15/02/2008] [19:11 03/01/2008]
tos.htm --a--c 34668 bytes [02:46 15/02/2008] [19:11 03/01/2008]
TunesErr.htm --a--c 868 bytes [02:46 15/02/2008] [19:11 03/01/2008]
Warning.htm --a--c 570 bytes [02:46 15/02/2008] [19:11 03/01/2008]
_styles.css --a--c 5547 bytes [02:46 15/02/2008] [19:11 03/01/2008]

C:\Documents and Settings\All Users\Application Data\AOL Downloads\triton_suite_install d----- [02:16 04/05/2007]

C:\Documents and Settings\All Users\Application Data\AOL Downloads\triton_suite_install\6.1.41.2 d----- [02:16 04/05/2007]
aim.ico --a--c 20374 bytes [02:17 04/05/2007] [02:17 04/05/2007]
AIMinst.exe --a--c 1272304 bytes [02:16 04/05/2007] [02:17 04/05/2007]
AIMLang.exe --a--c 481432 bytes [02:19 04/05/2007] [02:19 04/05/2007]
alsetup.exe --a--c 141944 bytes [02:17 04/05/2007] [02:17 04/05/2007]
aoldlmgr.exe --a--c 120368 bytes [02:17 04/05/2007] [02:17 04/05/2007]
AOLFirewallMgr.dll --a--c 87600 bytes [02:18 04/05/2007] [02:18 04/05/2007]
dlconfig.ini --a--c 82 bytes [02:18 04/05/2007] [02:18 04/05/2007]
gui.dll --a--c 237104 bytes [02:17 04/05/2007] [02:17 04/05/2007]
gui.ini --a--c 5013 bytes [02:17 04/05/2007] [02:17 04/05/2007]
imappver.dll --a--c 13872 bytes [02:20 04/05/2007] [02:20 04/05/2007]
instSup.dll --a--c 63024 bytes [02:17 04/05/2007] [02:17 04/05/2007]
migrator.exe --a--c 228912 bytes [02:17 04/05/2007] [02:17 04/05/2007]
ocpchk.dll --a--c 15920 bytes [02:17 04/05/2007] [02:17 04/05/2007]
ocpinst.exe --a--c 5312840 bytes [02:17 04/05/2007] [02:18 04/05/2007]
post.ini --a--c 391 bytes [02:17 04/05/2007] [02:17 04/05/2007]
postinst.dll --a--c 193584 bytes [02:17 04/05/2007] [02:17 04/05/2007]
postproc.exe --a--c 35888 bytes [02:17 04/05/2007] [02:17 04/05/2007]
postui.ini --a--c 1423 bytes [02:19 04/05/2007] [02:19 04/05/2007]
ProgUpd.dll --a--c 83504 bytes [02:17 04/05/2007] [02:17 04/05/2007]
rbm.bin --a--c 80 bytes [02:19 04/05/2007] [02:19 04/05/2007]
setup.exe --a--c 169520 bytes [02:17 04/05/2007] [02:17 04/05/2007]
setup.ini --a--c 3273 bytes [02:17 04/05/2007] [02:17 04/05/2007]
tbinst.dll --a--c 11824 bytes [02:17 04/05/2007] [02:17 04/05/2007]
tbsetup.exe --a--c 357776 bytes [02:18 04/05/2007] [02:18 04/05/2007]
unagi3.exe --a--c 376568 bytes [02:18 04/05/2007] [02:19 04/05/2007]
Vwpt.exe --a--c 3858056 bytes [02:19 04/05/2007] [02:20 04/05/2007]

C:\Documents and Settings\All Users\Application Data\AOL Downloads\triton_suite_install\6.1.41.2\html d----- [02:16 04/05/2007]
AreYouSure.htm --a--c 584 bytes [02:17 04/05/2007] [02:17 04/05/2007]
CanceledInstall.htm --a--c 572 bytes [02:20 04/05/2007] [02:20 04/05/2007]
CancelingInstall.htm --a--c 595 bytes [02:19 04/05/2007] [02:19 04/05/2007]
CloseRunning.htm --a--c 926 bytes [02:20 04/05/2007] [02:20 04/05/2007]
Congrats1.htm --a--c 688 bytes [02:19 04/05/2007] [02:19 04/05/2007]
Congrats2.htm --a--c 780 bytes [02:17 04/05/2007] [02:17 04/05/2007]
Congrats3.htm --a--c 628 bytes [02:17 04/05/2007] [02:17 04/05/2007]
Congrats4.htm --a--c 619 bytes [02:19 04/05/2007] [02:19 04/05/2007]
Error_FailedDiskSpaceCheck.htm --a--c 723 bytes [02:20 04/05/2007] [02:20 04/05/2007]
eula.htm --a--c 45125 bytes [02:17 04/05/2007] [02:17 04/05/2007]
ExistNewerVersion.htm --a--c 614 bytes [02:19 04/05/2007] [02:19 04/05/2007]
InstallingProgress.htm --a--c 540 bytes [02:17 04/05/2007] [02:17 04/05/2007]
Legal.htm --a--c 5569 bytes [02:19 04/05/2007] [02:19 04/05/2007]
LegalAgreement.htm --a--c 37470 bytes [02:16 04/05/2007] [02:16 04/05/2007]
NoQualify.htm --a--c 565 bytes [02:19 04/05/2007] [02:19 04/05/2007]
NothingTodo.htm --a--c 618 bytes [02:17 04/05/2007] [02:17 04/05/2007]
Preparing.htm --a--c 563 bytes [02:17 04/05/2007] [02:17 04/05/2007]
privacy.htm --a--c 24869 bytes [02:17 04/05/2007] [02:17 04/05/2007]
PrivacyPolicy.htm --a--c 23743 bytes [02:17 04/05/2007] [02:17 04/05/2007]
ProductDetected.htm --a--c 568 bytes [02:16 04/05/2007] [02:16 04/05/2007]
RebootPending.htm --a--c 641 bytes [02:16 04/05/2007] [02:16 04/05/2007]
tos.htm --a--c 34668 bytes [02:17 04/05/2007] [02:17 04/05/2007]
Warning.htm --a--c 570 bytes [02:18 04/05/2007] [02:18 04/05/2007]
_styles.css --a--c 5547 bytes [02:18 04/05/2007] [02:18 04/05/2007]

C:\Documents and Settings\All Users\Application Data\AOL Downloads\triton_suite_install_2.2.71.1 d----- [02:31 02/05/2007]
AIMinst.exe --a--c 851328 bytes [19:17 23/06/2006] [19:17 23/06/2006]
aiminst.ini --a--c 4573 bytes [19:18 23/06/2006] [19:18 23/06/2006]
AIMLang.exe --a--c 500776 bytes [19:19 23/06/2006] [19:19 23/06/2006]
alsetup.exe --a--c 81176 bytes [19:18 23/06/2006] [19:18 23/06/2006]
ampx.exe --a--c 601152 bytes [19:19 23/06/2006] [19:19 23/06/2006]
aod.exe --a--c 104528 bytes [19:19 23/06/2006] [19:19 23/06/2006]
AOLFirewallMgr.dll --a--c 87632 bytes [19:18 23/06/2006] [19:18 23/06/2006]
aoltbchk.dll --a--c 58960 bytes [19:18 23/06/2006] [19:18 23/06/2006]
brwschk.dll --a--c 15440 bytes [19:18 23/06/2006] [19:18 23/06/2006]
gui.dll --a--c 473168 bytes [19:19 23/06/2006] [19:19 23/06/2006]
gui.ini --a--c 8265 bytes [19:18 23/06/2006] [19:18 23/06/2006]
imappver.dll --a--c 13904 bytes [19:18 23/06/2006] [19:18 23/06/2006]
instopts.exe --a--c 44448 bytes [19:19 23/06/2006] [19:19 23/06/2006]
instph.dll --a--c 94288 bytes [19:17 23/06/2006] [19:17 23/06/2006]
instSup.dll --a--c 63056 bytes [19:18 23/06/2006] [19:18 23/06/2006]
iphinst.exe --a--c 163864 bytes [19:18 23/06/2006] [19:18 23/06/2006]
muinst.exe --a--c 552392 bytes [19:18 23/06/2006] [19:18 23/06/2006]
ocpchk.dll --a--c 15952 bytes [19:18 23/06/2006] [19:18 23/06/2006]
ocpinst.exe --a--c 5781112 bytes [19:20 23/06/2006] [19:21 23/06/2006]
plxochek.dll --a--c 5716 bytes [19:19 23/06/2006] [19:19 23/06/2006]
plxoinst.exe --a--c 2941832 bytes [19:20 23/06/2006] [19:20 23/06/2006]
post.ini --a--c 2514 bytes [19:18 23/06/2006] [19:18 23/06/2006]
postproc.exe --a--c 34896 bytes [19:19 23/06/2006] [19:19 23/06/2006]
ProgUpd.dll --a--c 80976 bytes [19:18 23/06/2006] [19:18 23/06/2006]
setup.exe --a--c 312912 bytes [19:19 23/06/2006] [19:19 23/06/2006]
setup.ini --a--c 2200 bytes [19:18 23/06/2006] [19:18 23/06/2006]
SLinst.exe --a--c 594240 bytes [19:18 23/06/2006] [19:18 23/06/2006]
SLinstLP.exe --a--c 352112 bytes [19:18 23/06/2006] [19:18 23/06/2006]
tbinst.dll --a--c 11856 bytes [19:19 23/06/2006] [19:19 23/06/2006]
tbsetup.exe --a--c 306168 bytes [19:21 23/06/2006] [19:21 23/06/2006]
toolbar.exe --a--c 1144736 bytes [19:19 23/06/2006] [19:20 23/06/2006]
vwpt.exe --a--c 410032 bytes [19:18 23/06/2006] [19:18 23/06/2006]
WDInst.exe --a--c 138296 bytes [19:18 23/06/2006] [19:18 23/06/2006]

C:\Documents and Settings\All Users\Application Data\AOL Downloads\triton_suite_install_2.2.71.1\media d----- [02:31 02/05/2007]
media.ini --a--c 154 bytes [19:19 23/06/2006] [19:19 23/06/2006]

C:\Documents and Settings\All Users\Application Data\AOL Downloads(2) d----- [21:39 11/03/2007]

C:\Documents and Settings\All Users\Application Data\AOL Downloads(2)\triton_suite_install_6.0.28.3 d----- [21:39 11/03/2007]
rbm.bin --a--c 80 bytes [21:40 11/03/2007] [21:40 11/03/2007]

C:\Documents and Settings\All Users\Application Data\AOL Downloads(2)\triton_suite_install_6.0.28.3\html d----- [21:39 11/03/2007]
AreYouSure.htm --a--c 584 bytes [21:42 11/03/2007] [21:42 11/03/2007]
CanceledInstall.htm --a--c 592 bytes [21:40 11/03/2007] [21:40 11/03/2007]
CancelingInstall.htm --a--c 507 bytes [21:42 11/03/2007] [21:42 11/03/2007]
CloseRunning.htm --a--c 926 bytes [21:40 11/03/2007] [21:40 11/03/2007]
Congrats1.htm --a--c 688 bytes [21:43 11/03/2007] [21:43 11/03/2007]
Congrats2.htm --a--c 780 bytes [21:42 11/03/2007] [21:42 11/03/2007]
Congrats3.htm --a--c 628 bytes [21:40 11/03/2007] [21:40 11/03/2007]
Congrats4.htm --a--c 619 bytes [21:40 11/03/2007] [21:40 11/03/2007]
Error_FailedDiskSpaceCheck.htm --a--c 723 bytes [21:39 11/03/2007] [21:39 11/03/2007]
eula.htm --a--c 42756 bytes [21:40 11/03/2007] [21:40 11/03/2007]
ExistNewerVersion.htm --a--c 614 bytes [21:40 11/03/2007] [21:40 11/03/2007]
InstallingProgress.htm --a--c 540 bytes [21:42 11/03/2007] [21:42 11/03/2007]
Legal.htm --a--c 5858 bytes [21:42 11/03/2007] [21:42 11/03/2007]
LegalAgreement.htm --a--c 37470 bytes [21:40 11/03/2007] [21:40 11/03/2007]
NoQualify.htm --a--c 565 bytes [21:39 11/03/2007] [21:39 11/03/2007]
NothingTodo.htm --a--c 618 bytes [21:42 11/03/2007] [21:42 11/03/2007]
Preparing.htm --a--c 475 bytes [21:40 11/03/2007] [21:40 11/03/2007]
privacy.htm --a--c 24869 bytes [21:42 11/03/2007] [21:42 11/03/2007]
PrivacyPolicy.htm --a--c 23743 bytes [21:42 11/03/2007] [21:42 11/03/2007]
ProductDetected.htm --a--c 568 bytes [21:40 11/03/2007] [21:40 11/03/2007]
RebootPending.htm --a--c 641 bytes [21:40 11/03/2007] [21:40 11/03/2007]
tos.htm --a--c 34668 bytes [21:39 11/03/2007] [21:39 11/03/2007]
Warning.htm --a--c 570 bytes [21:40 11/03/2007] [21:40 11/03/2007]
_styles.css --a--c 5547 bytes [21:40 11/03/2007] [21:40 11/03/2007]

C:\Documents and Settings\All Users\Application Data\AOL OCP d----- [02:31 02/05/2007]

C:\Documents and Settings\All Users\Application Data\AOL OCP\AIM d----- [02:31 02/05/2007]

C:\Documents and Settings\All Users\Application Data\AOL OCP\AIM\Storage d----- [02:31 02/05/2007]

C:\Documents and Settings\All Users\Application Data\AOL OCP\AIM\Storage\All Users d----- [02:31 02/05/2007]
profile.dat --a--c 30 bytes [02:23 04/05/2007] [02:23 04/05/2007]

C:\Documents and Settings\All Users\Application Data\AOL OCP\AIM\Storage\All Users\BFTS_BBC2683C d----- [02:31 02/05/2007]
BFTSDatabase.dat --a--c 3664 bytes [02:24 04/05/2007] [02:46 15/02/2008]

C:\Documents and Settings\All Users\Application Data\AOL OCP\AIM\Storage\All Users\localStorage d----- [02:23 04/05/2007]
common.cls --a--c 65536 bytes [02:23 04/05/2007] [02:47 15/02/2008]

C:\Documents and Settings\All Users\Application Data\AOL OCP\AIM\Storage\All Users\SUDS_BBC2683C d----- [02:31 02/05/2007]

C:\Documents and Settings\All Users\Application Data\AOL OCP\AIM\Storage\All Users\SUDS_BBC2683C\CACHE d----- [02:31 19/05/2007]

C:\Documents and Settings\All Users\Application Data\AOL OCP\AIM\Storage\All Users\SUDS_BBC2683C\METRICS d----- [02:31 02/05/2007]
Stic.log --a--c 3061901 bytes [02:23 04/05/2007] [16:41 15/08/2008]
Update.ini --a--c 752 bytes [01:03 23/10/2007] [03:24 15/02/2008]

C:\Documents and Settings\All Users\Application Data\AOL OCP\AIM\Storage\All Users\SUDS_BBC2683C\PERSISTENT d----- [02:31 02/05/2007]

C:\Documents and Settings\All Users\Application Data\AOL OCP\AIM\Storage\All Users\SUDS_BBC2683C\PERSISTENT\1 d----- [02:31 02/05/2007]
1.1.1 --a--c 1558 bytes [02:23 04/05/2007] [16:41 15/08/2008]

C:\Documents and Settings\All Users\Application Data\AOL OCP\AIM\Storage\All Users\SUDS_BBC2683C\PERSISTENT\10 d----- [02:23 04/05/2007]
1.1.1 --a--c 28 bytes [01:03 23/10/2007] [02:46 15/02/2008]

C:\Documents and Settings\All Users\Application Data\AOL OCP\AIM\Storage\All Users\SUDS_BBC2683C\PERSISTENT\11 d----- [02:31 02/05/2007]
1.1.1 --a--c 52 bytes [02:23 04/05/2007] [03:29 15/02/2008]

C:\Documents and Settings\All Users\Application Data\AOL OCP\AIM\Storage\All Users\SUDS_BBC2683C\PERSISTENT\12 d----- [02:31 02/05/2007]
0.1000.1 --a--c 68 bytes [02:30 04/05/2007] [02:30 04/05/2007]
0.1001.1 --a--c 192 bytes [02:30 04/05/2007] [02:30 04/05/2007]
0.1001.2 --a--c 192 bytes [02:30 04/05/2007] [02:30 04/05/2007]
0.1002.1 --a--c 138 bytes [02:30 04/05/2007] [05:21 14/03/2008]
0.1006.1 --a--c 156 bytes [02:30 04/05/2007] [02:30 04/05/2007]
0.1006.2 --a--c 156 bytes [02:30 04/05/2007] [02:30 04/05/2007]
0.1006.3 --a--c 176 bytes [03:26 20/10/2007] [03:26 20/10/2007]
0.1006.4 --a--c 176 bytes [02:42 16/02/2008] [02:42 16/02/2008]
0.1008.1 --a--c 176 bytes [02:30 04/05/2007] [02:30 04/05/2007]
0.1015.1 --a--c 164 bytes [02:30 04/05/2007] [02:30 04/05/2007]
0.1018.1 --a--c 164 bytes [02:30 04/05/2007] [02:30 04/05/2007]
0.1021.1 --a--c 116 bytes [02:30 04/05/2007] [02:30 04/05/2007]
0.1028.1 --a--c 128 bytes [02:30 04/05/2007] [02:30 04/05/2007]
0.1028.2 --a--c 204 bytes [02:30 04/05/2007] [02:30 04/05/2007]
0.1028.3 --a--c 204 bytes [02:30 04/05/2007] [02:30 04/05/2007]
0.1028.5 --a--c 204 bytes [00:13 28/08/2007] [00:13 28/08/2007]
0.1030.1 --a--c 120 bytes [02:30 04/05/2007] [02:30 04/05/2007]
0.1032.2 --a--c 152 bytes [02:30 04/05/2007] [02:30 04/05/2007]
0.1039.1 --a--c 104 bytes [02:30 04/05/2007] [02:30 04/05/2007]
0.1040.1 --a--c 302 bytes [02:30 04/05/2007] [02:30 04/05/2007]
0.1043.1 --a--c 136 bytes [02:30 04/05/2007] [02:30 04/05/2007]
0.1043.4 --a--c 212 bytes [02:30 04/05/2007] [02:30 04/05/2007]
0.1043.5 --a--c 212 bytes [02:24 09/05/2007] [02:25 09/05/2007]
0.1043.7 --a--c 206 bytes [00:56 23/10/2007] [00:56 23/10/2007]
0.1052.1 --a--c 312 bytes [02:30 04/05/2007] [02:30 04/05/2007]
0.1053.1 --a--c 308 bytes [02:30 04/05/2007] [02:30 04/05/2007]
0.1055.1 --a--c 180 bytes [02:30 04/05/2007] [02:30 04/05/2007]
0.1056.1 --a--c 118 bytes [02:30 04/05/2007] [02:30 04/05/2007]
0.1057.1 --a--c 218 bytes [02:30 04/05/2007] [02:30 04/05/2007]
0.1058.1 --a--c 184 bytes [02:30 04/05/2007] [02:30 04/05/2007]
0.1061.1 --a--c 198 bytes [02:30 04/05/2007] [02:30 04/05/2007]
0.1068.1 --a--c 200 bytes [02:30 04/05/2007] [02:30 04/05/2007]
0.1070.1 --a--c 186 bytes [02:30 04/05/2007] [02:30 04/05/2007]
0.1071.1 --a--c 180 bytes [02:30 04/05/2007] [02:30 04/05/2007]
0.1071.2 --a--c 180 bytes [02:30 04/05/2007] [02:30 04/05/2007]
0.1071.3 --a--c 168 bytes [02:58 22/08/2007] [02:58 22/08/2007]
0.1071.4 --a--c 182 bytes [02:20 02/11/2007] [02:21 02/11/2007]
0.1071.5 --a--c 186 bytes [02:47 27/10/2007] [02:47 27/10/2007]
0.1078.2 --a--c 138 bytes [02:30 04/05/2007] [02:30 04/05/2007]
0.1079.1 --a--c 168 bytes [02:30 04/05/2007] [02:30 04/05/2007]
0.1080.1 --a--c 190 bytes [02:30 04/05/2007] [02:30 04/05/2007]
0.1080.2 --a--c 190 bytes [02:30 04/05/2007] [02:30 04/05/2007]
0.1086.1 --a--c 218 bytes [02:30 04/05/2007] [02:30 04/05/2007]
0.1086.2 --a--c 218 bytes [02:30 04/05/2007] [02:30 04/05/2007]
0.1086.4 --a--c 218 bytes [02:30 04/05/2007] [02:30 04/05/2007]
0.1086.5 --a--c 218 bytes [03:23 24/05/2007] [02:21 02/11/2007]
0.1086.7 --a--c 216 bytes [02:42 16/02/2008] [05:21 14/03/2008]
0.1089.1 --a--c 152 bytes [02:30 04/05/2007] [02:30 04/05/2007]
0.1090.1 --a--c 108 bytes [02:30 04/05/2007] [02:30 04/05/2007]
0.1090.2 --a--c 86 bytes [22:21 12/08/2007] [22:21 12/08/2007]
0.1091.1 --a--c 102 bytes [02:30 04/05/2007] [02:30 04/05/2007]
0.1091.2 --a--c 106 bytes [01:41 10/01/2008] [01:41 10/01/2008]
0.1092.1 --a--c 100 bytes [02:30 04/05/2007] [02:30 04/05/2007]
0.1096.2 --a--c 202 bytes [23:55 01/06/2007] [23:56 01/06/2007]
0.1099.1 --a--c 208 bytes [01:04 14/07/2007] [01:05 14/07/2007]
0.1100.1 --a--c 152 bytes [01:04 14/07/2007] [01:05 14/07/2007]
0.1101.1 --a--c 98 bytes [23:19 24/08/2007] [23:19 24/08/2007]
0.1101.2 --a--c 86 bytes [06:25 18/09/2007] [06:25 18/09/2007]
0.1105.3 --a--c 176 bytes [02:44 12/10/2007] [00:28 04/11/2007]
0.1106.5 --a--c 176 bytes [02:44 12/10/2007] [02:44 12/10/2007]
0.1107.4 --a--c 176 bytes [02:44 12/10/2007] [02:44 12/10/2007]
0.1108.1 --a--c 194 bytes [02:44 12/10/2007] [00:28 04/11/2007]
0.1115.1 --a--c 176 bytes [02:42 16/02/2008] [19:01 16/02/2008]
0.1126.2 --a--c 250 bytes [23:14 07/07/2008] [23:14 07/07/2008]
0.1127.2 --a--c 276 bytes [23:14 07/07/2008] [23:14 07/07/2008]
0.2.1 --a--c 100 bytes [02:30 04/05/2007] [02:30 04/05/2007]
0.2.2 --a--c 94 bytes [02:30 04/05/2007] [02:30 04/05/2007]
0.2.3 --a--c 92 bytes [21:32 08/08/2007] [21:33 08/08/2007]

C:\Documents and Settings\All Users\Application Data\AOL OCP\AIM\Storage\All Users\SUDS_BBC2683C\PERSISTENT\3 d----- [02:31 02/05/2007]
1.1.1 --a--c 229 bytes [02:23 04/05/2007] [16:41 15/08/2008]

C:\Documents and Settings\All Users\Application Data\AOL OCP\AIM\Storage\All Users\SUDS_BBC2683C\PERSISTENT\4 d----- [02:31 02/05/2007]
0.0.100 --a--c 169 bytes [18:35 20/07/2007] [04:19 13/12/2007]
0.0.101 --a--c 177 bytes [23:19 24/08/2007] [22:33 28/05/2008]
0.0.105 --a--c 303 bytes [03:22 24/05/2007] [15:09 15/08/2008]
0.0.15 --a--c 299 bytes [02:30 04/05/2007] [15:09 15/08/2008]
0.0.16 --a--c 273 bytes [02:30 04/05/2007] [15:09 15/08/2008]
0.0.19 --a--c 713 bytes [02:30 04/05/2007] [15:09 15/08/2008]
0.0.20 --a--c 427 bytes [02:30 04/05/2007] [04:41 07/08/2008]
0.0.23 --a--c 183 bytes [02:30 04/05/2007] [02:38 12/05/2007]
0.0.24 --a--c 183 bytes [02:30 04/05/2007] [02:38 12/05/2007]
0.0.27 --a--c 175 bytes [02:30 04/05/2007] [02:38 12/05/2007]
0.0.32 --a--c 183 bytes [02:30 04/05/2007] [02:59 08/01/2008]
0.0.33 --a--c 183 bytes [02:30 04/05/2007] [04:48 05/10/2007]
0.0.36 --a--c 183 bytes [02:30 04/05/2007] [02:38 12/05/2007]
0.0.37 --a--c 183 bytes [02:30 04/05/2007] [02:38 12/05/2007]
0.0.4 --a--c 183 bytes [02:30 04/05/2007] [02:38 12/05/2007]
0.0.41 --a--c 175 bytes [02:30 04/05/2007] [02:38 12/05/2007]
0.0.46 --a--c 183 bytes [02:30 04/05/2007] [02:38 12/05/2007]
0.0.5 --a--c 183 bytes [02:30 04/05/2007] [04:38 06/08/2008]
0.0.50 --a--c 183 bytes [02:30 04/05/2007] [02:38 12/05/2007]
0.0.51 --a--c 183 bytes [02:30 04/05/2007] [02:38 12/05/2007]
0.0.54 --a--c 183 bytes [02:30 04/05/2007] [02:38 12/05/2007]
0.0.55 --a--c 183 bytes [02:30 04/05/2007] [02:38 12/05/2007]
0.0.58 --a--c 175 bytes [02:30 04/05/2007] [02:38 12/05/2007]
0.0.62 --a--c 183 bytes [02:30 04/05/2007] [02:38 12/05/2007]
0.0.63 --a--c 183 bytes [02:30 04/05/2007] [02:38 12/05/2007]
0.0.64 --a--c 141 bytes [23:55 01/06/2007] [04:46 20/08/2007]
0.0.67 --a--c 183 bytes [02:30 04/05/2007] [02:38 12/05/2007]
0.0.68 --a--c 183 bytes [02:30 04/05/2007] [02:38 12/05/2007]
0.0.71 --a--c 183 bytes [02:30 04/05/2007] [02:59 08/01/2008]
0.0.72 --a--c 183 bytes [02:30 04/05/2007] [16:04 25/06/2008]
0.0.75 --a--c 233 bytes [02:30 04/05/2007] [02:59 08/01/2008]
0.0.76 --a--c 183 bytes [02:30 04/05/2007] [02:36 23/02/2008]
0.0.8 --a--c 175 bytes [02:30 04/05/2007] [02:34 11/09/2007]
0.0.80 --a--c 183 bytes [02:30 04/05/2007] [02:38 12/05/2007]
0.0.84 --a--c 191 bytes [02:30 04/05/2007] [02:59 08/01/2008]
0.0.85 --a--c 191 bytes [02:30 04/05/2007] [02:38 30/11/2007]
0.0.88 --a--c 183 bytes [02:30 04/05/2007] [02:38 12/05/2007]
0.0.89 --a--c 183 bytes [02:30 04/05/2007] [22:12 19/12/2007]
0.0.9 --a--c 245 bytes [02:44 12/10/2007] [03:15 07/11/2007]
0.0.92 --a--c 183 bytes [02:30 04/05/2007] [02:59 08/01/2008]
0.0.93 --a--c 183 bytes [02:30 04/05/2007] [02:38 12/05/2007]
0.0.96 --a--c 161 bytes [02:58 22/08/2007] [16:41 14/08/2008]
0.0.97 --a--c 129 bytes [05:04 06/12/2007] [05:21 14/03/2008]

C:\Documents and Settings\All Users\Application Data\AOL OCP\AIM\Storage\All Users\SUDS_BBC2683C\PERSISTENT\5 d----- [02:31 02/05/2007]
3795.0.19 --a--c 1366 bytes [02:30 04/05/2007] [05:21 14/03/2008]
3807.4.19 --a--c 2450 bytes [02:30 04/05/2007] [05:21 14/03/2008]
3842.0.16 --a--c 1416 bytes [02:30 04/05/2007] [02:42 16/02/2008]
3881.7.19 --a--c 3928 bytes [02:30 04/05/2007] [05:21 14/03/2008]
3882.0.19 --a--c 2918 bytes [02:30 04/05/2007] [05:21 14/03/2008]
3883.0.19 --a--c 2918 bytes [02:30 04/05/2007] [05:21 14/03/2008]
3884.0.19 --a--c 2918 bytes [02:30 04/05/2007] [05:21 14/03/2008]
3885.2.19 --a--c 2918 bytes [02:30 04/05/2007] [05:21 14/03/2008]
3886.1.19 --a--c 2928 bytes [02:30 04/05/2007] [05:21 14/03/2008]
3989.1.19 --a--c 3492 bytes [02:30 04/05/2007] [05:21 14/03/2008]
3990.0.19 --a--c 2404 bytes [02:30 04/05/2007] [05:21 14/03/2008]
4008.0.3 --a--c 2210 bytes [02:30 04/05/2007] [02:42 16/02/2008]
4019.1.3 --a--c 1312 bytes [02:30 04/05/2007] [02:42 16/02/2008]
4032.0.3 --a--c 3116 bytes [02:30 04/05/2007] [05:21 14/03/2008]
4033.0.3 --a--c 3114 bytes [02:30 04/05/2007] [05:21 14/03/2008]
4074.0.3 --a--c 1600 bytes [02:30 04/05/2007] [23:50 30/10/2007]
4136.2.4 --a--c 4006 bytes [04:45 30/08/2007] [04:41 07/08/2008]
4138.2.4 --a--c 4006 bytes [03:55 08/09/2007] [04:41 07/08/2008]
4161.3.4 --a--c 4136 bytes [03:54 02/08/2007] [04:41 07/08/2008]
4162.4.4 --a--c 3940 bytes [03:54 02/08/2007] [04:41 07/08/2008]
4169.2.3 --a--c 1874 bytes [03:26 20/07/2007] [05:21 14/03/2008]
4170.2.4 --a--c 4006 bytes [00:13 28/08/2007] [04:41 07/08/2008]
4184.0.4 --a--c 3954 bytes [03:55 08/09/2007] [04:41 07/08/2008]
4194.13.4 --a--c 5372 bytes [02:44 12/10/2007] [03:15 07/11/2007]
4195.9.4 --a--c 4660 bytes [03:15 07/11/2007] [03:15 07/11/2007]
4252.3.4 --a--c 2660 bytes [02:42 16/02/2008] [23:45 03/06/2008]
4253.1.4 --a--c 1584 bytes [23:37 12/02/2008] [23:45 03/06/2008]
4304.1.4 --a--c 4938 bytes [01:55 15/05/2008] [23:45 03/06/2008]

C:\Documents and Settings\All Users\Application Data\AOL OCP\AIM\Storage\All Users\SUDS_BBC2683C\PERSISTENT\6 d----- [02:31 02/05/2007]
1.1.1 --a--c 20 bytes [02:23 04/05/2007] [16:41 15/08/2008]

C:\Documents and Settings\All Users\Application Data\AOL OCP\AIM\Storage\All Users\SUDS_BBC2683C\PERSISTENT\8 d----- [02:31 02/05/2007]
1.1.1 --a--c 80 bytes [02:30 04/05/2007] [16:41 15/08/2008]

C:\Documents and Settings\All Users\Application Data\AOL OCP\AIM\Storage\All Users\SUDS_BBC2683C\PERSISTENT\9 d----- [02:31 02/05/2007]
1.1.1 --a--c 20 bytes [02:23 04/05/2007] [05:17 14/03/2008]

C:\Documents and Settings\All Users\Application Data\AOL OCP\AIM\Storage\All Users\SUDS_BBC2683C\TEMP d----- [01:03 23/10/2007]
aolsetup.ini --a--c 179 bytes [01:03 23/10/2007] [02:46 15/02/2008]
ProgUpd.dll --a--c 83504 bytes [01:03 23/10/2007] [16:29 12/10/2006]

C:\Documents and Settings\All Users\Application Data\AOL OCP\AIM\Storage\All Users\toaster d----- [01:03 23/10/2007]

C:\Documents and Settings\All Users\Application Data\AOL OCP\AIM\Storage\All Users\toaster\aol.activeupdate d----- [01:03 23/10/2007]

C:\Documents and Settings\All Users\Application Data\AOL OCP\AIM\Storage\All Users\toaster\aol.activeupdate\ActiveUpdate d----- [01:03 23/10/2007]

C:\Documents and Settings\All Users\Application Data\AOL OCP\AIM\Storage\All Users\toaster\aol.activeupdate\ActiveUpdate\en-US d----- [01:03 23/10/2007]
ActiveUpdate.zip --a--c 25459 bytes [01:03 23/10/2007] [12:38 05/09/2006]
bg-menu.gif --a--c 283 bytes [01:03 23/10/2007] [03:05 08/02/2006]
bg-select-left.gif --a--c 634 bytes [01:03 23/10/2007] [17:38 07/02/2006]
bg-select-right.gif --a--c 682 bytes [01:03 23/10/2007] [17:51 07/02/2006]
btn_download_1.gif --a--c 1062 bytes [01:03 23/10/2007] [23:14 21/09/2004]
btn_download_2.gif --a--c 1065 bytes [01:03 23/10/2007] [23:13 21/09/2004]
btn_download_3.gif --a--c 1077 bytes [01:03 23/10/2007] [23:13 21/09/2004]
btn_install_1.gif --a--c 1057 bytes [01:03 23/10/2007] [23:20 21/09/2004]
btn_install_2.gif --a--c 1059 bytes [01:03 23/10/2007] [23:21 21/09/2004]
btn_install_3.gif --a--c 1067 bytes [01:03 23/10/2007] [23:22 21/09/2004]
btn_no_thanks_1.gif --a--c 1452 bytes [01:03 23/10/2007] [00:23 17/08/2005]
btn_no_thanks_2.gif --a--c 1458 bytes [01:03 23/10/2007] [00:36 17/08/2005]
btn_no_thanks_3.gif --a--c 1467 bytes [01:03 23/10/2007] [00:38 17/08/2005]
btn_reboot_later_1.gif --a--c 1372 bytes [01:03 23/10/2007] [23:49 16/08/2005]
btn_reboot_later_2.gif --a--c 1350 bytes [01:03 23/10/2007] [23:53 16/08/2005]
btn_reboot_later_3.gif --a--c 1370 bytes [01:03 23/10/2007] [00:00 17/08/2005]
btn_reboot_now_1.gif --a--c 1360 bytes [01:03 23/10/2007] [00:10 17/08/2005]
btn_reboot_now_2.gif --a--c 1343 bytes [01:03 23/10/2007] [00:16 17/08/2005]
btn_reboot_now_3.gif --a--c 1377 bytes [01:03 23/10/2007] [00:20 17/08/2005]
btn_remind_1.gif --a--c 1077 bytes [01:03 23/10/2007] [23:08 21/09/2004]
btn_remind_2.gif --a--c 1077 bytes [01:03 23/10/2007] [23:07 21/09/2004]
btn_remind_3.gif --a--c 1084 bytes [01:03 23/10/2007] [23:07 21/09/2004]
close.gif --a--c 1012 bytes [01:03 23/10/2007] [18:12 14/12/2005]
main-bg.gif --a--c 271 bytes [01:03 23/10/2007] [23:36 11/01/2006]
manifest.xml --a--c 1685 bytes [01:03 23/10/2007] [01:49 10/02/2006]
start.gif --a--c 543 bytes [01:03 23/10/2007] [18:12 14/12/2005]
updater.css --a--c 3121 bytes [01:03 23/10/2007] [23:50 05/09/2006]
user_style.css --a--c 339 bytes [01:03 23/10/2007] [07:32 30/08/2006]

C:\Documents and Settings\All Users\Application Data\AOL OCP(2) d----- [19:02 11/03/2007]

C:\Documents and Settings\All Users\Application Data\AOL OCP(2)\AIM(2) d----- [19:02 11/03/2007]

C:\Documents and Settings\All Users\Application Data\AOL OCP(2)\AIM(2)\Storage d----- [19:02 11/03/2007]

C:\Documents and Settings\All Users\Application Data\AOL OCP(2)\AIM(2)\Storage\All Users(2) d----- [19:02 11/03/2007]
profile.dat --a--c 30 bytes [19:02 11/03/2007] [19:02 11/03/2007]

C:\Documents and Settings\All Users\Application Data\AOL OCP(2)\AIM(2)\Storage\All Users(2)\BFTS_BBC2683C d----- [21:47 11/03/2007]
BFTSDatabase.dat --a--c 24 bytes [21:47 11/03/2007] [21:47 11/03/2007]
EELocation.txt --a--c 21 bytes [21:47 11/03/2007] [21:47 11/03/2007]

C:\Documents and Settings\All Users\Application Data\AOL OCP(2)\AIM(2)\Storage\All Users(2)\localStorage d----- [21:48 11/03/2007]
common.cls --a--c 40960 bytes [21:48 11/03/2007] [21:48 11/03/2007]

C:\Documents and Settings\All Users\Application Data\AOL OCP(2)\AIM(2)\Storage\All Users(2)\SUDS_BBC2683C(2) d----- [19:02 11/03/2007]
EELocation.txt --a--c 21 bytes [19:02 11/03/2007] [19:02 11/03/2007]

C:\Documents and Settings\All Users\Application Data\AOL OCP(2)\AIM(2)\Storage\All Users(2)\SUDS_BBC2683C(2)\METRICS d----- [19:02 11/03/2007]
Stic.log --a--c 704945 bytes [19:02 11/03/2007] [00:40 01/05/2007]

C:\Documents and Settings\All Users\Application Data\AOL OCP(2)\AIM(2)\Storage\All Users(2)\SUDS_BBC2683C(2)\PERSISTENT(2) d----- [19:02 11/03/2007]

C:\Documents and Settings\All Users\Application Data\AOL OCP(2)\AIM(2)\Storage\All Users(2)\SUDS_BBC2683C(2)\PERSISTENT(2)\1 d----- [21:46 11/03/2007]
1.1.1 --a--c 1064 bytes [21:46 11/03/2007] [00:10 01/05/2007]

C:\Documents and Settings\All Users\Application Data\AOL OCP(2)\AIM(2)\Storage\All Users(2)\SUDS_BBC2683C(2)\PERSISTENT(2)\11 d----- [19:02 11/03/2007]
1.1.1 --a--c 20 bytes [19:02 11/03/2007] [19:02 11/03/2007]

C:\Documents and Settings\All Users\Application Data\AOL OCP(2)\AIM(2)\Storage\All Users(2)\SUDS_BBC2683C(2)\PERSISTENT(2)\12 d----- [21:52 11/03/2007]
0.1000.1 --a--c 68 bytes [21:52 11/03/2007] [21:52 11/03/2007]
0.1001.1 --a--c 192 bytes [21:52 11/03/2007] [21:52 11/03/2007]
0.1001.2 --a--c 192 bytes [21:52 11/03/2007] [21:52 11/03/2007]
0.1002.1 --a--c 138 bytes [21:52 11/03/2007] [21:52 11/03/2007]
0.1006.1 --a--c 156 bytes [21:52 11/03/2007] [21:52 11/03/2007]
0.1006.2 --a--c 156 bytes [21:52 11/03/2007] [21:52 11/03/2007]
0.1008.1 --a--c 176 bytes [21:52 11/03/2007] [21:52 11/03/2007]
0.1015.1 --a--c 164 bytes [21:52 11/03/2007] [21:52 11/03/2007]
0.1018.1 --a--c 164 bytes [21:52 11/03/2007] [21:52 11/03/2007]
0.1021.1 --a--c 116 bytes [21:52 11/03/2007] [21:52 11/03/2007]
0.1028.1 --a--c 128 bytes [21:52 11/03/2007] [21:52 11/03/2007]
0.1028.2 --a--c 204 bytes [21:52 11/03/2007] [21:52 11/03/2007]
0.1028.3 --a--c 204 bytes [03:08 25/04/2007] [03:08 25/04/2007]
0.1030.1 --a--c 120 bytes [21:52 11/03/2007] [21:52 11/03/2007]
0.1032.2 --a--c 152 bytes [01:26 28/03/2007] [01:26 28/03/2007]
0.1039.1 --a--c 104 bytes [21:52 11/03/2007] [21:52 11/03/2007]
0.1040.1 --a--c 302 bytes [21:52 11/03/2007] [21:52 11/03/2007]
0.1043.1 --a--c 136 bytes [21:52 11/03/2007] [21:52 11/03/2007]
0.1043.4 --a--c 212 bytes [21:52 11/03/2007] [21:52 11/03/2007]
0.1052.1 --a--c 312 bytes [21:52 11/03/2007] [21:52 11/03/2007]
0.1053.1 --a--c 308 bytes [21:52 11/03/2007] [21:52 11/03/2007]
0.1055.1 --a--c 180 bytes [21:52 11/03/2007] [21:52 11/03/2007]
0.1056.1 --a--c 118 bytes [21:52 11/03/2007] [21:52 11/03/2007]
0.1057.1 --a--c 218 bytes [21:52 11/03/2007] [21:52 11/03/2007]
0.1058.1 --a--c 184 bytes [21:52 11/03/2007] [21:52 11/03/2007]
0.1061.1 --a--c 198 bytes [21:52 11/03/2007] [21:52 11/03/2007]
0.1068.1 --a--c 200 bytes [21:52 11/03/2007] [21:52 11/03/2007]
0.1070.1 --a--c 186 bytes [21:52 11/03/2007] [21:52 11/03/2007]
0.1071.1 --a--c 180 bytes [21:52 11/03/2007] [21:52 11/03/2007]
0.1071.2 --a--c 180 bytes [21:52 11/03/2007] [21:52 11/03/2007]
0.1078.2 --a--c 138 bytes [21:52 11/03/2007] [21:52 11/03/2007]
0.1079.1 --a--c 168 bytes [21:52 11/03/2007] [21:52 11/03/2007]
0.1080.1 --a--c 190 bytes [21:52 11/03/2007] [21:52 11/03/2007]
0.1080.2 --a--c 190 bytes [21:52 11/03/2007] [21:52 11/03/2007]
0.1086.1 --a--c 218 bytes [21:52 11/03/2007] [21:52 11/03/2007]
0.1086.2 --a--c 218 bytes [21:52 11/03/2007] [21:52 11/03/2007]
0.1086.4 --a--c 218 bytes [21:52 11/03/2007] [21:52 11/03/2007]
0.1089.1 --a--c 152 bytes [21:52 11/03/2007] [21:52 11/03/2007]
0.1090.1 --a--c 108 bytes [03:08 25/04/2007] [03:08 25/04/2007]
0.1091.1 --a--c 102 bytes [01:58 27/04/2007] [01:58 27/04/2007]
0.1092.1 --a--c 100 bytes [01:58 27/04/2007] [01:58 27/04/2007]
0.2.1 --a--c 100 bytes [21:52 11/03/2007] [21:52 11/03/2007]
0.2.2 --a--c 94 bytes [21:52 11/03/2007] [21:52 11/03/2007]

C:\Documents and Settings\All Users\Application Data\AOL OCP(2)\AIM(2)\Storage\All Users(2)\SUDS_BBC2683C(2)\PERSISTENT(2)\3 d----- [19:02 11/03/2007]
1.1.1 --a--c 229 bytes [19:02 11/03/2007] [00:10 01/05/2007]

C:\Documents and Settings\All Users\Application Data\AOL OCP(2)\AIM(2)\Storage\All Users(2)\SUDS_BBC2683C(2)\PERSISTENT(2)\4 d----- [21:52 11/03/2007]
0.0.15 --a--c 297 bytes [21:52 11/03/2007] [00:14 01/05/2007]
0.0.16 --a--c 375 bytes [21:52 11/03/2007] [00:14 01/05/2007]
0.0.19 --a--c 651 bytes [21:52 11/03/2007] [00:14 01/05/2007]
0.0.20 --a--c 161 bytes [21:52 11/03/2007] [21:52 11/03/2007]
0.0.23 --a--c 161 bytes [21:52 11/03/2007] [21:52 11/03/2007]
0.0.24 --a--c 161 bytes [21:52 11/03/2007] [21:52 11/03/2007]
0.0.27 --a--c 153 bytes [21:52 11/03/2007] [21:52 11/03/2007]
0.0.32 --a--c 161 bytes [21:52 11/03/2007] [03:07 25/04/2007]
0.0.33 --a--c 161 bytes [21:52 11/03/2007] [21:52 11/03/2007]
0.0.36 --a--c 161 bytes [21:52 11/03/2007] [21:52 11/03/2007]
0.0.37 --a--c 161 bytes [21:52 11/03/2007] [21:52 11/03/2007]
0.0.4 --a--c 161 bytes [21:52 11/03/2007] [01:57 27/04/2007]
0.0.41 --a--c 153 bytes [21:52 11/03/2007] [21:52 11/03/2007]
0.0.46 --a--c 161 bytes [21:52 11/03/2007] [21:52 11/03/2007]
0.0.5 --a--c 161 bytes [01:57 27/04/2007] [01:58 27/04/2007]
0.0.50 --a--c 161 bytes [21:52 11/03/2007] [21:52 11/03/2007]
0.0.51 --a--c 161 bytes [21:52 11/03/2007] [21:52 11/03/2007]
0.0.54 --a--c 161 bytes [21:52 11/03/2007] [21:52 11/03/2007]
0.0.55 --a--c 161 bytes [21:52 11/03/2007] [21:52 11/03/2007]
0.0.58 --a--c 153 bytes [21:52 11/03/2007] [21:52 11/03/2007]
0.0.62 --a--c 161 bytes [21:52 11/03/2007] [21:52 11/03/2007]
0.0.63 --a--c 161 bytes [21:52 11/03/2007] [21:52 11/03/2007]
0.0.67 --a--c 161 bytes [21:52 11/03/2007] [21:52 11/03/2007]
0.0.68 --a--c 161 bytes [21:52 11/03/2007] [05:08 21/03/2007]
0.0.71 --a--c 161 bytes [21:52 11/03/2007] [21:52 11/03/2007]
0.0.72 --a--c 161 bytes [21:52 11/03/2007] [21:52 11/03/2007]
0.0.75 --a--c 211 bytes [21:52 11/03/2007] [01:26 28/03/2007]
0.0.76 --a--c 161 bytes [21:52 11/03/2007] [00:39 16/03/2007]
0.0.8 --a--c 133 bytes [21:52 11/03/2007] [21:52 11/03/2007]
0.0.80 --a--c 161 bytes [21:52 11/03/2007] [21:52 11/03/2007]
0.0.84 --a--c 169 bytes [21:52 11/03/2007] [03:07 25/04/2007]
0.0.88 --a--c 161 bytes [01:57 27/04/2007] [01:58 27/04/2007]
0.0.89 --a--c 161 bytes [01:57 27/04/2007] [01:58 27/04/2007]
0.0.92 --a--c 161 bytes [01:57 27/04/2007] [01:58 27/04/2007]
0.0.93 --a--c 161 bytes [01:57 27/04/2007] [01:58 27/04/2007]

C:\Documents and Settings\All Users\Application Data\AOL OCP(2)\AIM(2)\Storage\All Users(2)\SUDS_BBC2683C(2)\PERSISTENT(2)\5 d----- [21:52 11/03/2007]
3786.4.19 --a--c 1378 bytes [21:52 11/03/2007] [21:52 11/03/2007]
3795.0.19 --a--c 1366 bytes [21:52 11/03/2007] [21:52 11/03/2007]
3807.4.19 --a--c 2450 bytes [21:52 11/03/2007] [21:52 11/03/2007]
3842.0.16 --a--c 1416 bytes [21:52 11/03/2007] [21:52 11/03/2007]
3852.1.16 --a--c 1212 bytes [21:52 11/03/2007] [21:52 11/03/2007]
3881.7.19 --a--c 3928 bytes [21:52 11/03/2007] [21:52 11/03/2007]
3882.0.19 --a--c 2918 bytes [21:52 11/03/2007] [21:52 11/03/2007]
3883.0.19 --a--c 2918 bytes [21:52 11/03/2007] [21:52 11/03/2007]
3884.0.19 --a--c 2918 bytes [21:52 11/03/2007] [21:52 11/03/2007]
3885.2.19 --a--c 2918 bytes [21:52 11/03/2007] [21:52 11/03/2007]
3886.1.19 --a--c 2928 bytes [21:52 11/03/2007] [21:52 11/03/2007]
3899.1.16 --a--c 3606 bytes [21:52 11/03/2007] [21:52 11/03/2007]
3989.1.19 --a--c 3492 bytes [21:52 11/03/2007] [21:52 11/03/2007]
3990.0.19 --a--c 2404 bytes [21:52 11/03/2007] [21:52 11/03/2007]
3991.4.16 --a--c 2158 bytes [21:52 11/03/2007] [21:52 11/03/2007]
3999.1.4 --a--c 2648 bytes [21:52 11/03/2007] [21:52 11/03/2007]
4000.1.4 --a--c 2966 bytes [21:52 11/03/2007] [21:52 11/03/2007]
4008.0.3 --a--c 2210 bytes [21:52 11/03/2007] [18:38 06/04/2007]
4019.1.3 --a--c 1312 bytes [21:52 11/03/2007] [18:38 06/04/2007]
4024.2.4 --a--c 3598 bytes [21:52 11/03/2007] [21:52 11/03/2007]
4032.0.3 --a--c 3116 bytes [21:52 11/03/2007] [21:52 11/03/2007]
4033.0.3 --a--c 3114 bytes [21:52 11/03/2007] [21:52 11/03/2007]
4054.0.3 --a--c 1560 bytes [21:52 11/03/2007] [18:38 06/04/2007]
4074.0.3 --a--c 1646 bytes [01:26 28/03/2007] [01:26 28/03/2007]
4085.1.3 --a--c 1568 bytes [18:38 06/04/2007] [18:38 06/04/2007]

C:\Documents and Settings\All Users\Application Data\AOL OCP(2)\AIM(2)\Storage\All Users(2)\SUDS_BBC2683C(2)\PERSISTENT(2)\6 d----- [19:02 11/03/2007]
1.1.1 --a--c 20 bytes [19:02 11/03/2007] [00:14 01/05/2007]

C:\Documents and Settings\All Users\Application Data\AOL OCP(2)\AIM(2)\Storage\All Users(2)\SUDS_BBC2683C(2)\PERSISTENT(2)\8 d----- [19:02 11/03/2007]
1.1.1 --a--c 80 bytes [21:52 11/03/2007] [00:14 01/05/2007]

C:\Documents and Settings\All Users\Application Data\AOL OCP(2)\AIM(2)\Storage\All Users(2)\SUDS_BBC2683C(2)\PERSISTENT(2)\9 d----- [21:46 11/03/2007]
1.1.1 --a--c 52 bytes [21:46 11/03/2007] [00:14 01/05/2007]

C:\Documents and Settings\All Users\Application Data\AOL(2) d----- [07:31 11/03/2007]

C:\Documents and Settings\All Users\Application Data\AOL(2)\AOLDiag(2) d----- [07:31 11/03/2007]

C:\Documents and Settings\All Users\Application Data\AOL(2)\AOLDiag(2)\AOL(2) d----- [07:31 11/03/2007]

C:\Documents and Settings\All Users\Application Data\AOL(2)\AOLDiag(2)\AOL(2)\ServiceHostUSGM(2) d----- [07:31 11/03/2007]

C:\Documents and Settings\All Users\Application Data\AOL(2)\AOLDiag(2)\AOL(2)\ServiceHostUSGM(2)\Win32(2) d----- [07:31 11/03/2007]

C:\Documents and Settings\All Users\Application Data\AOL(2)\AOLDiag(2)\AOL(2)\ServiceHostUSGM(2)\Win32(2)\1.5.6(2).1 d----- [07:31 11/03/2007]
manifest.bin --ah-c 6933 bytes [07:31 11/03/2007] [07:31 11/03/2007]
permdata.box --a--c 367 bytes [07:31 11/03/2007] [04:36 01/05/2007]

C:\Documents and Settings\All Users\Application Data\AOL(2)\AOLDiag(2)\AOL(2)\UberUninstaller(2) d----- [21:46 11/03/2007]

C:\Documents and Settings\All Users\Application Data\AOL(2)\AOLDiag(2)\AOL(2)\UberUninstaller(2)\Win32(2) d----- [21:46 11/03/2007]

C:\Documents and Settings\All Users\Application Data\AOL(2)\AOLDiag(2)\AOL(2)\UberUninstaller(2)\Win32(2)\1.1.80(2).1 d----- [21:46 11/03/2007]
manifest.bin --ah-c 4153 bytes [21:46 11/03/2007] [21:46 11/03/2007]
permdata.box --a--c 368 bytes [21:46 11/03/2007] [21:46 11/03/2007]

C:\Documents and Settings\All Users\Application Data\Apple d----- [22:53 06/06/2009]

C:\Documents and Settings\All Users\Application Data\Apple\Installer Cache d----- [22:53 06/06/2009]

C:\Documents and Settings\All Users\Application Data\Apple\Installer Cache\Apple Mobile Device Support 2.5.0.31 d----- [22:53 06/06/2009]
AppleMobileDeviceSupport.msi --a--- 15349248 bytes [19:29 30/05/2009] [19:29 30/05/2009]

C:\Documents and Settings\All Users\Application Data\Apple\Installer Cache\Apple Software Update 2.1.1.116 d----- [18:20 07/06/2009]
AppleSoftwareUpdate.msi --a--- 2083840 bytes [19:30 30/05/2009] [19:30 30/05/2009]

C:\Documents and Settings\All Users\Application Data\Apple Computer d----- [00:22 20/06/2007]

C:\Documents and Settings\All Users\Application Data\Apple Computer\Installer Cache d----- [22:55 06/06/2009]

C:\Documents and Settings\All Users\Application Data\Apple Computer\Installer Cache\iTunes 8.2.0.23 d----- [18:20 07/06/2009]
iTunes.msi --a--- 43722240 bytes [19:50 30/05/2009] [19:50 30/05/2009]
SetupAdmin.exe --a--- 75048 bytes [19:50 30/05/2009] [19:50 30/05/2009]

C:\Documents and Settings\All Users\Application Data\Apple Computer\Installer Cache\QuickTime 7.62.14.0 d----- [22:55 06/06/2009]
QuickTime.msi --a--- 28016128 bytes [19:29 30/05/2009] [19:29 30/05/2009]

C:\Documents and Settings\All Users\Application Data\Apple Computer\iTunes d----- [22:57 06/06/2009]
iPodDevices.xml --a--- 1582 bytes [23:11 06/06/2009] [02:11 21/08/2009]

C:\Documents and Settings\All Users\Application Data\Apple Computer\iTunes\SC Info d--h-- [21:02 01/08/2009]
SC Info.sidb --ah-- 0 bytes [21:02 01/08/2009] [23:02 06/06/2009]
SC Info.txt --a--- 24 bytes [21:02 01/08/2009] [02:11 21/08/2009]

C:\Documents and Settings\All Users\Application Data\Apple Computer\QuickTime d----- [00:22 20/06/2007]
com.apple.QuickTime.plist --a--- 226 bytes [03:49 24/06/2007] [03:50 24/06/2007]
QuickTime.qtp --a--c 14547 bytes [00:22 20/06/2007] [01:41 05/06/2008]
QuickTimeFavorites.qtr --a--c 2642 bytes [00:22 20/06/2007] [00:22 20/06/2007]

C:\Documents and Settings\All Users\Application Data\AT&T d----- [19:13 12/05/2007]

C:\Documents and Settings\All Users\Application Data\AT&T\Communication Manager d----- [19:13 12/05/2007]

C:\Documents and Settings\All Users\Application Data\Avg8 d----- [19:28 11/06/2008]

C:\Documents and Settings\All Users\Application Data\Avg8\admincli d----- [00:47 06/04/2009]

C:\Documents and Settings\All Users\Application Data\Avg8\AvgAm d----- [00:47 06/04/2009]

C:\Documents and Settings\All Users\Application Data\Avg8\AvgApi d----- [00:47 06/04/2009]

C:\Documents and Settings\All Users\Application Data\Avg8\Cfg d----- [00:47 06/04/2009]
krnl.cfg --a--- 585 bytes [00:48 06/04/2009] [00:49 06/04/2009]
mail.cfg --a--- 6884 bytes [03:56 06/04/2009] [06:38 21/08/2009]
malrep.cfg --a--- 13233 bytes [00:49 06/04/2009] [15:11 21/08/2009]
scan.cfg --a--- 15741 bytes [00:48 06/04/2009] [05:30 21/08/2009]
sched.cfg --a--- 68841 bytes [00:49 06/04/2009] [18:21 21/08/2009]
setup.cfg --a--- 528 bytes [00:47 06/04/2009] [23:10 01/05/2009]
update.cfg --a--- 102087 bytes [00:49 06/04/2009] [16:57 21/08/2009]
updatecomps.cfg --a--- 1048 bytes [00:47 06/04/2009] [16:57 21/08/2009]
user.cfg --a--- 98 bytes [00:49 06/04/2009] [00:50 06/04/2009]

C:\Documents and Settings\All Users\Application Data\Avg8\CfgAll d----- [00:47 06/04/2009]
changecfgreg.cfg --a--- 6260 bytes [00:48 06/04/2009] [00:48 06/04/2009]
srmall.cfg --a--- 102 bytes [01:20 25/07/2009] [18:00 25/07/2009]
updateall.cfg --a--- 12792 bytes [01:30 06/04/2009] [16:57 21/08/2009]

C:\Documents and Settings\All Users\Application Data\Avg8\Dumps d----- [00:47 06/04/2009]

C:\Documents and Settings\All Users\Application Data\Avg8\emc d----- [00:47 06/04/2009]

C:\Documents and Settings\All Users\Application Data\Avg8\Log d----- [21:21 10/01/2009]
avgcfg.log --a--- 110924 bytes [22:34 07/04/2009] [23:41 18/08/2009]
avgcfg.log.lock --a--- 0 bytes [22:34 07/04/2009] [22:34 07/04/2009]
avgcore.log --a--- 638876 bytes [00:48 06/04/2009] [18:34 21/08/2009]
avgcore.log.1 --a--- 1024156 bytes [00:48 06/04/2009] [18:01 21/08/2009]
avgcore.log.10 --a--- 1024300 bytes [00:48 06/04/2009] [02:28 20/08/2009]
avgcore.log.2 --a--- 1024404 bytes [00:48 06/04/2009] [17:12 21/08/2009]
avgcore.log.3 --a--- 1024214 bytes [00:48 06/04/2009] [17:43 21/08/2009]
avgcore.log.4 --a--- 1024300 bytes [00:48 06/04/2009] [16:57 21/08/2009]
avgcore.log.5 --a--- 1025626 bytes [00:48 06/04/2009] [05:21 21/08/2009]
avgcore.log.6 --a--- 1024586 bytes [00:48 06/04/2009] [06:37 21/08/2009]
avgcore.log.7 --a--- 1025476 bytes [00:48 06/04/2009] [03:40 21/08/2009]
avgcore.log.8 --a--- 1024874 bytes [00:48 06/04/2009] [06:02 21/08/2009]
avgcore.log.9 --a--- 1024060 bytes [00:48 06/04/2009] [03:41 20/08/2009]
avgcore.log.lock --a--- 0 bytes [00:48 06/04/2009] [00:48 06/04/2009]
avgfrw.log --a--- 486 bytes [00:50 06/04/2009] [00:50 06/04/2009]
avgfrw.log.lock --a--- 0 bytes [00:50 06/04/2009] [00:50 06/04/2009]
avgldr.log --a--- 2434 bytes [00:48 06/04/2009] [16:57 21/08/2009]
avgldr.log.1 --a--- 1024380 bytes [00:48 06/04/2009] [08:46 21/08/2009]
avgldr.log.2 --a--- 1024268 bytes [00:48 06/04/2009] [17:17 22/07/2009]
avgldr.log.lock --a--- 0 bytes [00:48 06/04/2009] [00:48 06/04/2009]
avglng.log --a--- 431850 bytes [00:48 06/04/2009] [18:21 21/08/2009]
avglng.log.1 --a--- 1024084 bytes [00:48 06/04/2009] [04:30 30/07/2009]
avglng.log.2 --a--- 1024246 bytes [00:48 06/04/2009] [16:30 14/06/2009]
avglng.log.3 --a--- 1024044 bytes [00:48 06/04/2009] [12:02 27/05/2009]
avglng.log.lock --a--- 0 bytes [00:48 06/04/2009] [00:48 06/04/2009]
avgns.log --a--- 462336 bytes [00:48 06/04/2009] [16:57 21/08/2009]
avgns.log.1 --a--- 1024070 bytes [00:48 06/04/2009] [17:21 27/07/2009]
avgns.log.2 --a--- 1024004 bytes [00:48 06/04/2009] [04:53 22/06/2009]
avgns.log.3 --a--- 1024208 bytes [00:48 06/04/2009] [03:49 12/05/2009]
avgns.log.lock --a--- 0 bytes [00:48 06/04/2009] [00:48 06/04/2009]
avgrs.log --a--- 323078 bytes [00:48 06/04/2009] [18:34 21/08/2009]
avgrs.log.1 --a--- 1024280 bytes [00:48 06/04/2009] [18:32 21/08/2009]
avgrs.log.10 --a--- 1024706 bytes [00:48 06/04/2009] [17:38 21/08/2009]
avgrs.log.2 --a--- 1024706 bytes [00:48 06/04/2009] [18:26 21/08/2009]
avgrs.log.3 --a--- 1024280 bytes [00:48 06/04/2009] [18:20 21/08/2009]
avgrs.log.4 --a--- 1024706 bytes [00:48 06/04/2009] [18:14 21/08/2009]
avgrs.log.5 --a--- 1024648 bytes [00:48 06/04/2009] [18:08 21/08/2009]
avgrs.log.6 --a--- 1024338 bytes [00:48 06/04/2009] [18:02 21/08/2009]
avgrs.log.7 --a--- 1024280 bytes [00:48 06/04/2009] [17:56 21/08/2009]
avgrs.log.8 --a--- 1025530 bytes [00:48 06/04/2009] [17:50 21/08/2009]
avgrs.log.9 --a--- 1024280 bytes [00:48 06/04/2009] [17:44 21/08/2009]
avgrs.log.lock --a--- 0 bytes [00:48 06/04/2009] [00:48 06/04/2009]
avgscan.log --a--- 961652 bytes [00:51 06/04/2009] [15:08 21/08/2009]
avgscan.log.1 --a--- 1024110 bytes [00:51 06/04/2009] [02:34 08/07/2009]
avgscan.log.2 --a--- 1024364 bytes [00:51 06/04/2009] [00:28 20/05/2009]
avgscan.log.lock --a--- 0 bytes [00:51 06/04/2009] [00:51 06/04/2009]
avgsched.log --a--- 238464 bytes [00:50 06/04/2009] [18:21 21/08/2009]
avgsched.log.1 --a--- 1024270 bytes [00:50 06/04/2009] [08:47 21/08/2009]
avgsched.log.10 --a--- 1024108 bytes [00:50 06/04/2009] [18:24 26/07/2009]
avgsched.log.2 --a--- 1024360 bytes [00:50 06/04/2009] [22:21 18/08/2009]
avgsched.log.3 --a--- 1024110 bytes [00:50 06/04/2009] [21:21 15/08/2009]
avgsched.log.4 --a--- 1024288 bytes [00:50 06/04/2009] [07:21 13/08/2009]
avgsched.log.5 --a--- 1024050 bytes [00:50 06/04/2009] [21:21 09/08/2009]
avgsched.log.6 --a--- 1024296 bytes [00:50 06/04/2009] [02:53 07/08/2009]
avgsched.log.7 --a--- 1024182 bytes [00:50 06/04/2009] [01:24 04/08/2009]
avgsched.log.8 --a--- 1024246 bytes [00:50 06/04/2009] [15:48 01/08/2009]
avgsched.log.9 --a--- 1024130 bytes [00:50 06/04/2009] [15:24 29/07/2009]
avgsched.log.lock --a--- 0 bytes [00:50 06/04/2009] [00:50 06/04/2009]
avgsrm.log --a--- 771142 bytes [00:51 06/04/2009] [15:11 21/08/2009]
avgsrm.log.lock --a--- 0 bytes [00:51 06/04/2009] [00:51 06/04/2009]
avgui.log --a--- 120696 bytes [00:49 06/04/2009] [06:37 21/08/2009]
avgui.log.lock --a--- 0 bytes [00:49 06/04/2009] [00:49 06/04/2009]
avguilog.cfg --a--- 1219 bytes [00:47 06/04/2009] [16:37 01/07/2009]
avgupd.log --a--- 863010 bytes [00:49 06/04/2009] [16:58 21/08/2009]
avgupd.log.1 --a--- 10240230 bytes [00:49 06/04/2009] [23:04 17/08/2009]
avgupd.log.2 --a--- 10246744 bytes [00:49 06/04/2009] [17:55 15/06/2009]
avgupd.log.lock --a--- 0 bytes [00:49 06/04/2009] [00:49 06/04/2009]
avgwd.log --a--- 781972 bytes [00:48 06/04/2009] [18:34 21/08/2009]
avgwd.log.1 --a--- 1024180 bytes [00:48 06/04/2009] [18:12 21/08/2009]
avgwd.log.10 --a--- 1024106 bytes [00:48 06/04/2009] [17:28 13/07/2009]
avgwd.log.2 --a--- 1024226 bytes [00:48 06/04/2009] [17:45 21/08/2009]
avgwd.log.3 --a--- 1024010 bytes [00:48 06/04/2009] [17:17 21/08/2009]
avgwd.log.4 --a--- 1024190 bytes [00:48 06/04/2009] [18:30 20/08/2009]
avgwd.log.5 --a--- 1024042 bytes [00:48 06/04/2009] [00:05 16/08/2009]
avgwd.log.6 --a--- 1024066 bytes [00:48 06/04/2009] [22:12 08/08/2009]
avgwd.log.7 --a--- 1024120 bytes [00:48 06/04/2009] [19:15 02/08/2009]
avgwd.log.8 --a--- 1024162 bytes [00:48 06/04/2009] [04:49 27/07/2009]
avgwd.log.9 --a--- 1024000 bytes [00:48 06/04/2009] [01:05 20/07/2009]
avgwd.log.lock --a--- 0 bytes [00:48 06/04/2009] [00:48 06/04/2009]
avgwdsvc.log --a--- 196036 bytes [00:48 06/04/2009] [17:42 21/08/2009]
avgwdsvc.log.1 --a--- 1024204 bytes [00:48 06/04/2009] [22:12 08/08/2009]
avgwdsvc.log.lock --a--- 0 bytes [00:48 06/04/2009] [00:48 06/04/2009]
cfgexlog.cfg --a--- 223 bytes [00:47 06/04/2009] [16:37 01/07/2009]
cfglog.cfg --a--- 739 bytes [00:47 06/04/2009] [16:37 01/07/2009]
commonpriv.log --a--- 575950 bytes [00:51 06/04/2009] [15:11 21/08/2009]
commonpriv.log.lock --a--- 0 bytes [00:51 06/04/2009] [00:51 06/04/2009]
commonpub.log --a--- 712 bytes [11:23 15/08/2009] [11:23 15/08/2009]
commonpub.log.lock --a--- 0 bytes [11:23 15/08/2009] [11:23 15/08/2009]
corelog.cfg --a--- 422 bytes [00:47 06/04/2009] [16:37 01/07/2009]
fixcfg.log --a--- 138654 bytes [00:49 06/04/2009] [16:57 21/08/2009]
fixcfg.log.lock --a--- 0 bytes [00:49 06/04/2009] [00:49 06/04/2009]
history.xml --a--- 254768 bytes [00:48 06/04/2009] [16:57 21/08/2009]
ldrlog.cfg --a--- 219 bytes [00:47 06/04/2009] [16:37 01/07/2009]
lnglog.cfg --a--- 216 bytes [00:47 06/04/2009] [16:37 01/07/2009]
nslog.cfg --a--- 311 bytes [00:47 06/04/2009] [16:37 01/07/2009]
privlog.cfg --a--- 288 bytes [00:47 06/04/2009] [16:37 01/07/2009]
publog.cfg --a--- 571 bytes [00:47 06/04/2009] [16:37 01/07/2009]
rslog.cfg --a--- 311 bytes [00:47 06/04/2009] [16:37 01/07/2009]
scanlog.cfg --a--- 325 bytes [00:47 06/04/2009] [16:37 01/07/2009]
schedlog.cfg --a--- 224 bytes [00:47 06/04/2009] [16:37 01/07/2009]
srmlog.cfg --a--- 442 bytes [00:47 06/04/2009] [16:37 01/07/2009]
updlog.cfg --a--- 216 bytes [00:47 06/04/2009] [16:37 01/07/2009]
vaultlog.cfg --a--- 219 bytes [00:47 06/04/2009] [16:37 01/07/2009]
wdlog.cfg --a--- 210 bytes [00:47 06/04/2009] [16:37 01/07/2009]
wdsvclog.cfg --a--- 236 bytes [00:47 06/04/2009] [16:37 01/07/2009]

C:\Documents and Settings\All Users\Application Data\Avg8\Lsdb d----- [00:47 06/04/2009]

C:\Documents and Settings\All Users\Application Data\Avg8\Lsdb\Prev d----- [00:47 06/04/2009]
prvcache.dat --a--- 0 bytes [23:21 06/04/2009] [18:22 21/08/2009]
prvglbl.dat --a--- 0 bytes [18:11 06/04/2009] [18:21 21/08/2009]

C:\Documents and Settings\All Users\Application Data\Avg8\scanlogs d----- [00:47 06/04/2009]
I_00000001.log --a--- 106283 bytes [00:04 07/04/2009] [18:33 21/08/2009]
I_00000003.log --a--- 1271 bytes [18:11 06/04/2009] [02:33 22/04/2009]
I_00000005.log --a--- 1395 bytes [00:51 06/04/2009] [00:53 06/04/2009]
I_00000006.log --a--- 44288 bytes [01:06 06/04/2009] [03:53 06/04/2009]
I_00000007.log --a--- 11830 bytes [00:00 07/04/2009] [00:00 07/04/2009]
I_00000008.log --a--- 57416 bytes [00:53 08/04/2009] [03:42 08/04/2009]
I_00000009.log --a--- 27892 bytes [00:00 09/04/2009] [00:00 09/04/2009]
I_00000010.log --a--- 54234 bytes [00:00 10/04/2009] [03:18 10/04/2009]
I_00000011.log --a--- 1485 bytes [01:39 10/04/2009] [01:39 10/04/2009]
I_00000012.log --a--- 2384 bytes [00:00 11/04/2009] [00:24 11/04/2009]
I_00000013.log --a--- 8572 bytes [00:00 12/04/2009] [00:54 12/04/2009]
I_00000014.log --a--- 36084 bytes [18:28 12/04/2009] [21:03 12/04/2009]
I_00000015.log --a--- 53116 bytes [01:34 13/04/2009] [05:02 13/04/2009]
I_00000016.log --a--- 55264 bytes [00:00 14/04/2009] [03:13 14/04/2009]
I_00000017.log --a--- 53116 bytes [00:00 15/04/2009] [02:52 15/04/2009]
I_00000018.log --a--- 55622 bytes [00:00 16/04/2009] [03:34 16/04/2009]
I_00000019.log --a--- 1463 bytes [04:44 16/04/2009] [04:44 16/04/2009]
I_00000020.log --a--- 54924 bytes [00:00 17/04/2009] [03:34 17/04/2009]
I_00000021.log --a--- 55220 bytes [18:21 18/04/2009] [21:47 18/04/2009]
I_00000022.log --a--- 54480 bytes [00:00 19/04/2009] [03:42 19/04/2009]
I_00000023.log --a--- 29422 bytes [00:15 20/04/2009] [00:15 20/04/2009]
I_00000024.log --a--- 55162 bytes [00:00 21/04/2009] [03:20 21/04/2009]
I_00000025.log --a--- 54982 bytes [00:00 22/04/2009] [03:33 22/04/2009]
I_00000026.log --a--- 55196 bytes [00:00 23/04/2009] [05:14 23/04/2009]
I_00000027.log --a--- 30734 bytes [00:00 24/04/2009] [00:00 24/04/2009]
I_00000028.log --a--- 55478 bytes [00:00 25/04/2009] [03:34 25/04/2009]
I_00000029.log --a--- 31314 bytes [02:17 26/04/2009] [02:17 26/04/2009]
I_00000030.log --a--- 55142 bytes [00:10 27/04/2009] [03:59 27/04/2009]
I_00000031.log --a--- 1491 bytes [03:03 27/04/2009] [03:03 27/04/2009]
I_00000032.log --a--- 54982 bytes [00:00 28/04/2009] [03:35 28/04/2009]
I_00000033.log --a--- 54982 bytes [00:19 29/04/2009] [03:55 29/04/2009]
I_00000034.log --a--- 41476 bytes [00:00 30/04/2009] [03:41 30/04/2009]
I_00000035.log --a--- 63132 bytes [00:00 01/05/2009] [03:49 01/05/2009]
I_00000036.log --a--- 55222 bytes [00:00 02/05/2009] [03:40 02/05/2009]
I_00000037.log --a--- 28958 bytes [00:00 03/05/2009] [00:00 03/05/2009]
I_00000038.log --a--- 55222 bytes [00:06 04/05/2009] [03:52 04/05/2009]
I_00000039.log --a--- 55794 bytes [00:40 05/05/2009] [04:51 05/05/2009]
I_00000040.log --a--- 55262 bytes [00:46 06/05/2009] [04:16 06/05/2009]
I_00000041.log --a--- 54518 bytes [00:00 07/05/2009] [04:27 07/05/2009]
I_00000042.log --a--- 54518 bytes [00:00 08/05/2009] [03:47 08/05/2009]
I_00000043.log --a--- 28958 bytes [00:18 09/05/2009] [00:18 09/05/2009]
I_00000044.log --a--- 54518 bytes [00:00 10/05/2009] [03:33 10/05/2009]
I_00000045.log --a--- 2208 bytes [16:21 10/05/2009] [16:26 10/05/2009]
I_00000046.log --a--- 1527 bytes [16:31 10/05/2009] [16:31 10/05/2009]
I_00000047.log --a--- 1503 bytes [16:31 10/05/2009] [16:31 10/05/2009]
I_00000048.log --a--- 1465 bytes [16:35 10/05/2009] [16:35 10/05/2009]
I_00000049.log --a--- 33084 bytes [00:00 11/05/2009] [03:17 11/05/2009]
I_00000050.log --a--- 54518 bytes [00:00 12/05/2009] [03:31 12/05/2009]
I_00000051.log --a--- 55118 bytes [01:07 13/05/2009] [04:17 13/05/2009]
I_00000052.log --a--- 54518 bytes [00:43 14/05/2009] [03:59 14/05/2009]
I_00000053.log --a--- 57134 bytes [00:10 15/05/2009] [03:34 15/05/2009]
I_00000054.log --a--- 31278 bytes [01:37 16/05/2009] [01:37 16/05/2009]
I_00000055.log --a--- 29364 bytes [01:27 17/05/2009] [01:27 17/05/2009]
I_00000056.log --a--- 28958 bytes [00:52 18/05/2009] [00:52 18/05/2009]
I_00000057.log --a--- 10538 bytes [00:00 20/05/2009] [00:00 20/05/2009]
I_00000058.log --a--- 55358 bytes [00:31 21/05/2009] [04:42 21/05/2009]
I_00000059.log --a--- 55454 bytes [00:41 22/05/2009] [05:11 22/05/2009]
I_00000060.log --a--- 33402 bytes [01:48 23/05/2009] [06:07 23/05/2009]
I_00000061.log --a--- 56158 bytes [00:00 24/05/2009] [04:22 24/05/2009]
I_00000062.log --a--- 55454 bytes [00:00 25/05/2009] [04:26 25/05/2009]
I_00000063.log --a--- 28958 bytes [00:00 26/05/2009] [00:00 26/05/2009]
I_00000064.log --a--- 55222 bytes [01:02 27/05/2009] [04:58 27/05/2009]
I_00000065.log --a--- 54518 bytes [00:13 28/05/2009] [03:30 28/05/2009]
I_00000066.log --a--- 55222 bytes [00:00 29/05/2009] [03:44 29/05/2009]
I_00000067.log --a--- 55118 bytes [00:36 30/05/2009] [05:43 30/05/2009]
I_00000068.log --a--- 54926 bytes [00:00 31/05/2009] [03:27 31/05/2009]
I_00000069.log --a--- 28958 bytes [00:00 01/06/2009] [00:00 01/06/2009]
I_00000070.log --a--- 28958 bytes [00:00 02/06/2009] [00:00 02/06/2009]
I_00000071.log --a--- 54518 bytes [00:00 03/06/2009] [04:29 03/06/2009]
I_00000072.log --a--- 32466 bytes [00:00 04/06/2009] [00:00 04/06/2009]
I_00000073.log --a--- 1626 bytes [00:00 05/06/2009] [00:06 05/06/2009]
I_00000074.log --a--- 54518 bytes [01:46 06/06/2009] [04:58 06/06/2009]
I_00000075.log --a--- 55222 bytes [00:00 07/06/2009] [03:45 07/06/2009]
I_00000076.log --a--- 32310 bytes [00:00 08/06/2009] [00:00 08/06/2009]
I_00000077.log --a--- 32466 bytes [02:15 09/06/2009] [02:15 09/06/2009]
I_00000078.log --a--- 70436 bytes [00:00 10/06/2009] [03:34 10/06/2009]
I_00000079.log --a--- 55222 bytes [02:01 11/06/2009] [05:20 11/06/2009]
I_00000080.log --a--- 53074 bytes [00:00 12/06/2009] [04:07 12/06/2009]
I_00000081.log --a--- 54240 bytes [00:00 13/06/2009] [04:21 13/06/2009]
I_00000082.log --a--- 56144 bytes [00:00 14/06/2009] [03:57 14/06/2009]
I_00000083.log --a--- 54518 bytes [00:00 15/06/2009] [03:38 15/06/2009]
I_00000084.log --a--- 28958 bytes [02:22 16/06/2009] [06:13 16/06/2009]
I_00000085.log --a--- 28958 bytes [00:00 17/06/2009] [00:00 17/06/2009]
I_00000086.log --a--- 54518 bytes [00:23 18/06/2009] [05:25 18/06/2009]
I_00000087.log --a--- 28958 bytes [00:00 19/06/2009] [00:00 19/06/2009]
I_00000088.log --a--- 28958 bytes [02:30 20/06/2009] [02:30 20/06/2009]
I_00000089.log --a--- 58926 bytes [00:00 21/06/2009] [03:29 21/06/2009]
I_00000090.log --a--- 27958 bytes [01:51 22/06/2009] [01:51 22/06/2009]
I_00000091.log --a--- 55222 bytes [00:00 23/06/2009] [03:11 23/06/2009]
I_00000092.log --a--- 55422 bytes [00:00 24/06/2009] [03:47 24/06/2009]
I_00000093.log --a--- 28958 bytes [01:46 25/06/2009] [01:46 25/06/2009]
I_00000094.log --a--- 54518 bytes [00:00 26/06/2009] [03:25 26/06/2009]
I_00000095.log --a--- 54518 bytes [00:00 27/06/2009] [03:45 27/06/2009]
I_00000096.log --a--- 10538 bytes [01:21 28/06/2009] [01:21 28/06/2009]
I_00000097.log --a--- 55988 bytes [00:00 29/06/2009] [03:33 29/06/2009]
I_00000098.log --a--- 11494 bytes [00:00 30/06/2009] [00:00 30/06/2009]
I_00000099.log --a--- 57346 bytes [00:00 01/07/2009] [03:43 01/07/2009]
I_00000100.log --a--- 59038 bytes [00:00 02/07/2009] [05:12 02/07/2009]
I_00000101.log --a--- 14122 bytes [00:00 03/07/2009] [00:00 03/07/2009]
I_00000102.log --a--- 59094 bytes [00:00 04/07/2009] [03:48 04/07/2009]
I_00000103.log --a--- 58390 bytes [18:47 05/07/2009] [22:10 05/07/2009]
I_00000104.log --a--- 1936 bytes [00:00 06/07/2009] [00:00 06/07/2009]
I_00000105.log --a--- 60290 bytes [00:00 07/07/2009] [03:43 07/07/2009]
I_00000106.log --a--- 58782 bytes [02:34 08/07/2009] [06:08 08/07/2009]
I_00000107.log --a--- 33454 bytes [02:54 09/07/2009] [02:54 09/07/2009]
I_00000108.log --a--- 59014 bytes [00:00 10/07/2009] [03:14 10/07/2009]
I_00000109.log --a--- 57962 bytes [00:00 11/07/2009] [00:00 11/07/2009]
I_00000110.log --a--- 53778 bytes [00:00 12/07/2009] [04:44 12/07/2009]
I_00000111.log --a--- 55330 bytes [00:00 13/07/2009] [00:00 13/07/2009]
I_00000112.log --a--- 32208 bytes [00:00 14/07/2009] [00:00 14/07/2009]
I_00000113.log --a--- 55666 bytes [01:01 15/07/2009] [04:31 15/07/2009]
I_00000114.log --a--- 54926 bytes [00:00 16/07/2009] [03:11 16/07/2009]
I_00000115.log --a--- 54222 bytes [00:00 17/07/2009] [04:42 17/07/2009]
I_00000116.log --a--- 58160 bytes [00:00 18/07/2009] [03:56 18/07/2009]
I_00000117.log --a--- 57456 bytes [00:00 19/07/2009] [03:24 19/07/2009]
I_00000118.log --a--- 57562 bytes [00:00 20/07/2009] [03:48 20/07/2009]
I_00000119.log --a--- 31298 bytes [16:34 21/07/2009] [16:34 21/07/2009]
I_00000120.log --a--- 55078 bytes [00:00 22/07/2009] [07:29 22/07/2009]
I_00000121.log --a--- 56370 bytes [17:51 23/07/2009] [21:26 23/07/2009]
I_00000122.log --a--- 30106 bytes [00:35 24/07/2009] [00:35 24/07/2009]
I_00000123.log --a--- 143716 bytes [00:00 25/07/2009] [00:00 25/07/2009]
I_00000124.log --a--- 102060 bytes [00:00 26/07/2009] [00:00 26/07/2009]
I_00000125.log --a--- 55222 bytes [00:00 27/07/2009] [04:05 27/07/2009]
I_00000126.log --a--- 33402 bytes [00:00 28/07/2009] [00:00 28/07/2009]
I_00000127.log --a--- 55014 bytes [02:57 29/07/2009] [06:16 29/07/2009]
I_00000128.log --a--- 32466 bytes [02:24 30/07/2009] [05:22 30/07/2009]
I_00000129.log --a--- 54518 bytes [00:27 31/07/2009] [04:03 31/07/2009]
I_00000130.log --a--- 55222 bytes [00:00 01/08/2009] [06:17 01/08/2009]
I_00000131.log --a--- 55222 bytes [00:00 02/08/2009] [03:43 02/08/2009]
I_00000132.log --a--- 53074 bytes [00:56 03/08/2009] [05:37 03/08/2009]
I_00000133.log --a--- 55222 bytes [00:00 04/08/2009] [03:21 04/08/2009]
I_00000134.log --a--- 28958 bytes [03:00 05/08/2009] [03:00 05/08/2009]
I_00000135.log --a--- 53778 bytes [00:00 06/08/2009] [05:18 06/08/2009]
I_00000136.log --a--- 8158 bytes [02:53 07/08/2009] [05:07 07/08/2009]
I_00000137.log --a--- 27924 bytes [00:00 08/08/2009] [00:00 08/08/2009]
I_00000138.log --a--- 28958 bytes [00:00 09/08/2009] [00:00 09/08/2009]
I_00000139.log --a--- 53778 bytes [00:00 10/08/2009] [03:38 10/08/2009]
I_00000140.log --a--- 54182 bytes [00:00 11/08/2009] [03:21 11/08/2009]
I_00000141.log --a--- 54182 bytes [00:00 12/08/2009] [03:03 12/08/2009]
I_00000142.log --a--- 53674 bytes [00:00 13/08/2009] [03:17 13/08/2009]
I_00000143.log --a--- 53442 bytes [00:00 14/08/2009] [03:08 14/08/2009]
I_00000144.log --a--- 62552 bytes [00:00 15/08/2009] [03:23 15/08/2009]
I_00000145.log --a--- 65912 bytes [00:00 16/08/2009] [03:21 16/08/2009]
I_00000146.log --a--- 35824 bytes [00:00 17/08/2009] [00:00 17/08/2009]
I_00000147.log --a--- 54518 bytes [00:00 18/08/2009] [03:07 18/08/2009]
I_00000148.log --a--- 1936 bytes [00:00 19/08/2009] [00:00 19/08/2009]
I_00000149.log --a--- 55244 bytes [00:00 20/08/2009] [03:47 20/08/2009]
I_00000150.log --a--- 55630 bytes [02:17 21/08/2009] [06:02 21/08/2009]
I_00000151.log --a--- 38875 bytes [15:05 21/08/2009] [15:05 21/08/2009]
srm.idx --ah-- 12 bytes [00:51 06/04/2009] [18:06 21/08/2009]

C:\Documents and Settings\All Users\Application Data\Avg8\Temp d----- [00:47 06/04/2009]
e94431e1-1d73-428d-b39c-c6ced4573dac-1d0-oopp.tmp --a--- 2874 bytes [00:48 06/04/2009] [00:48 06/04/2009]

C:\Documents and Settings\All Users\Application Data\Avg8\update d----- [00:47 06/04/2009]

C:\Documents and Settings\All Users\Application Data\Avg8\update\backup d----- [00:49 06/04/2009]
incavi.avm --a--- 39999145 bytes [23:02 17/08/2009] [01:04 20/08/2009]
microavi.avg --a--- 67775 bytes [16:57 21/08/2009] [15:21 19/08/2009]
sb.dat --a--- 209220 bytes [01:29 06/04/2009] [17:17 12/08/2009]
sb2.dat --a--- 2628 bytes [01:29 06/04/2009] [17:17 12/08/2009]
sc.dat --a--- 140236 bytes [01:29 06/04/2009] [01:04 20/08/2009]

C:\Documents and Settings\All Users\Application Data\Avg8\update\download d----- [00:49 06/04/2009]
avginfoavi.ctf --a--- 2393 bytes [08:20 21/08/2009] [16:57 21/08/2009]
avginfowin.ctf --a--- 7864 bytes [08:20 21/08/2009] [16:57 21/08/2009]
f8bnr403r388re.bin --a--- 1810 bytes [21:31 06/08/2009] [23:01 17/08/2009]
f8core408r387r9.bin --a--- 2011602 bytes [21:26 06/08/2009] [23:01 17/08/2009]
f8corex402r384r9.bin --a--- 38093 bytes [21:26 06/08/2009] [23:01 17/08/2009]
f8eml403r390r9.bin --a--- 124911 bytes [21:26 06/08/2009] [23:01 17/08/2009]
f8krnl407r391r9.bin --a--- 1187160 bytes [21:27 06/08/2009] [23:01 17/08/2009]
f8lngus409r392r6.bin --a--- 54258 bytes [21:24 06/08/2009] [23:01 17/08/2009]
f8ls401r316ra.bin --a--- 200629 bytes [21:27 06/08/2009] [23:01 17/08/2009]
f8lsff405r392ra.bin --a--- 68425 bytes [21:27 06/08/2009] [23:01 17/08/2009]
f8lsiex405r392ra.bin --a--- 87027 bytes [21:28 06/08/2009] [23:01 17/08/2009]
f8ns404r384rb.bin --a--- 333 bytes [21:28 06/08/2009] [23:01 17/08/2009]
f8nsx401r316rb.bin --a--- 64171 bytes [21:28 06/08/2009] [23:01 17/08/2009]
f8ofc401r300rb.bin --a--- 43999 bytes [21:28 06/08/2009] [23:01 17/08/2009]
f8rsx401r370rb.bin --a--- 45271 bytes [21:28 06/08/2009] [23:01 17/08/2009]
f8setup405r385rb.bin --a--- 219589 bytes [21:28 06/08/2009] [23:01 17/08/2009]
f8ui408r392rb.bin --a--- 1059237 bytes [21:28 06/08/2009] [23:01 17/08/2009]
f8upd408r385rb.bin --a--- 555803 bytes [21:29 06/08/2009] [22:59 17/08/2009]
u7avi1613u1590u6.bin --a--- 39916 bytes [06:06 22/07/2009] [17:18 22/07/2009]
u7avi1616u1590ia.bin --a--- 40816 bytes [18:08 23/07/2009] [00:58 24/07/2009]
u7avi1618u1590n3.bin --a--- 41109 bytes [18:36 24/07/2009] [00:40 25/07/2009]
u7avi1620u1590qg.bin --a--- 41308 bytes [18:12 25/07/2009] [01:19 26/07/2009]
u7avi1621u1590iy.bin --a--- 41537 bytes [11:17 26/07/2009] [00:42 27/07/2009]
u7avi1622u1590eb.bin --a--- 41688 bytes [06:05 27/07/2009] [17:24 27/07/2009]
u7avi1623u1590yd.bin --a--- 49789 bytes [18:07 27/07/2009] [00:23 28/07/2009]
u7avi1624u1590ie.bin --a--- 49833 bytes [06:07 28/07/2009] [15:58 28/07/2009]
u7avi1625u15902i.bin --a--- 53812 bytes [18:10 28/07/2009] [16:51 29/07/2009]
u7avi1626u1590qd.bin --a--- 53800 bytes [06:04 30/07/2009] [16:57 30/07/2009]
u7avi1627u1590av.bin --a--- 54272 bytes [18:21 30/07/2009] [00:57 31/07/2009]
u7avi1628u1590uf.bin --a--- 54247 bytes [06:05 31/07/2009] [16:33 31/07/2009]
u7avi1629u1590nl.bin --a--- 56046 bytes [09:44 01/08/2009] [16:44 01/08/2009]
u7avi1630u159026.bin --a--- 55947 bytes [18:28 01/08/2009] [00:06 02/08/2009]
u7avi1632u15905g.bin --a--- 56197 bytes [18:01 02/08/2009] [16:08 03/08/2009]
u7avi1633u15909i.bin --a--- 57706 bytes [18:02 03/08/2009] [00:46 04/08/2009]
u7avi1634u1590do.bin --a--- 57789 bytes [18:07 04/08/2009] [16:29 05/08/2009]
u7avi1635u1590ib.bin --a--- 59652 bytes [18:29 05/08/2009] [00:20 06/08/2009]
u7avi1636u1590hw.bin --a--- 59758 bytes [13:24 07/08/2009] [16:57 07/08/2009]
u7avi1637u1590qu.bin --a--- 59893 bytes [18:46 07/08/2009] [15:56 08/08/2009]
u7avi1638u1590uc.bin --a--- 60182 bytes [18:27 08/08/2009] [00:19 09/08/2009]
u7avi1639u1590y1.bin --a--- 60213 bytes [18:15 09/08/2009] [01:01 10/08/2009]
u7avi1640u1590m6.bin --a--- 60339 bytes [06:18 11/08/2009] [18:10 11/08/2009]
u7avi1641u159073.bin --a--- 64199 bytes [18:50 11/08/2009] [00:10 12/08/2009]
u7avi1642u1590q5.bin --a--- 64310 bytes [06:16 12/08/2009] [17:16 12/08/2009]
u7avi1643u1590a8.bin --a--- 65009 bytes [18:18 12/08/2009] [01:59 13/08/2009]
u7avi1644u1590ub.bin --a--- 65012 bytes [06:21 13/08/2009] [16:40 13/08/2009]
u7avi1645u1590ei.bin --a--- 65096 bytes [18:27 13/08/2009] [01:27 14/08/2009]
u7avi1646u1590y7.bin --a--- 65126 bytes [06:16 14/08/2009] [17:54 14/08/2009]
u7avi1647u1590i8.bin --a--- 65262 bytes [18:16 14/08/2009] [01:38 15/08/2009]
u7avi1648u15902m.bin --a--- 65322 bytes [06:29 15/08/2009] [16:03 15/08/2009]
u7avi1649u1590u5.bin --a--- 67500 bytes [18:10 17/08/2009] [23:01 17/08/2009]
u7avi1650u1590e7.bin --a--- 67713 bytes [06:11 18/08/2009] [16:24 18/08/2009]
u7avi1651u1590y8.bin --a--- 67743 bytes [18:12 18/08/2009] [15:21 19/08/2009]
u7avi1653u15906b.bin --a--- 67884 bytes [18:12 20/08/2009] [16:57 21/08/2009]
u7iavi2254u2252u9.bin --a--- 38810 bytes [06:11 22/07/2009] [17:18 22/07/2009]
u7iavi2257u2252ie.bin --a--- 93044 bytes [18:14 23/07/2009] [00:58 24/07/2009]
u7iavi2259u2257n5.bin --a--- 39253 bytes [18:40 24/07/2009] [00:40 25/07/2009]
u7iavi2262u2257qk.bin --a--- 65204 bytes [18:18 25/07/2009] [01:19 26/07/2009]
u7iavi2265u2260ud.bin --a--- 47738 bytes [18:10 26/07/2009] [00:42 27/07/2009]
u7iavi2266u2265eb.bin --a--- 13644 bytes [06:07 27/07/2009] [17:24 27/07/2009]
u7iavi2267u2266ye.bin --a--- 16519 bytes [18:10 27/07/2009] [00:23 28/07/2009]
u7iavi2268u2267ie.bin --a--- 18730 bytes [06:09 28/07/2009] [15:58 28/07/2009]
u7iavi2270u2268mw.bin --a--- 30132 bytes [06:28 29/07/2009] [16:51 29/07/2009]
u7iavi2272u2270qg.bin --a--- 28234 bytes [06:08 30/07/2009] [16:57 30/07/2009]
u7iavi2273u2272aw.bin --a--- 15723 bytes [18:24 30/07/2009] [00:57 31/07/2009]
u7iavi2274u2273uf.bin --a--- 19250 bytes [06:08 31/07/2009] [16:33 31/07/2009]
u7iavi2275u2274nm.bin --a--- 29598 bytes [09:47 01/08/2009] [16:44 01/08/2009]
u7iavi2276u227527.bin --a--- 9843 bytes [18:32 01/08/2009] [00:06 02/08/2009]
u7iavi2279u2274pn.bin --a--- 69592 bytes [06:11 03/08/2009] [16:08 03/08/2009]
u7iavi2280u22799j.bin --a--- 14610 bytes [18:04 03/08/2009] [00:46 04/08/2009]
u7iavi2281u2280tk.bin --a--- 13651 bytes [06:07 04/08/2009] [16:28 04/08/2009]
u7iavi2283u2281xm.bin --a--- 34241 bytes [06:08 05/08/2009] [16:29 05/08/2009]
u7iavi2284u2283ic.bin --a--- 15793 bytes [18:34 05/08/2009] [00:20 06/08/2009]
u7iavi2288u2283i5.bin --a--- 93986 bytes [13:38 07/08/2009] [16:57 07/08/2009]
u7iavi2290u2288a3.bin --a--- 23607 bytes [06:20 08/08/2009] [15:56 08/08/2009]
u7iavi2291u2290uc.bin --a--- 13043 bytes [18:29 08/08/2009] [00:19 09/08/2009]
u7iavi2292u2291hi.bin --a--- 15500 bytes [08:22 09/08/2009] [16:37 09/08/2009]
u7iavi2293u2292y2.bin --a--- 10279 bytes [18:18 09/08/2009] [01:01 10/08/2009]
u7iavi2295u22932i.bin --a--- 32932 bytes [18:31 10/08/2009] [00:07 11/08/2009]
u7iavi2296u2295m6.bin --a--- 20606 bytes [06:23 11/08/2009] [18:10 11/08/2009]
u7iavi2297u229674.bin --a--- 20927 bytes [18:55 11/08/2009] [00:10 12/08/2009]
u7iavi2298u2297q6.bin --a--- 15778 bytes [06:19 12/08/2009] [17:16 12/08/2009]
u7iavi2299u2298a9.bin --a--- 18568 bytes [18:21 12/08/2009] [01:59 13/08/2009]
u7iavi2300u2299uc.bin --a--- 19795 bytes [06:25 13/08/2009] [16:40 13/08/2009]
u7iavi2301u2300ei.bin --a--- 20448 bytes [18:31 13/08/2009] [01:27 14/08/2009]
u7iavi2302u2301y7.bin --a--- 24944 bytes [06:20 14/08/2009] [17:54 14/08/2009]
u7iavi2303u2302i9.bin --a--- 15857 bytes [18:19 14/08/2009] [01:38 15/08/2009]
u7iavi2304u23032m.bin --a--- 20267 bytes [06:32 15/08/2009] [16:03 15/08/2009]
u7iavi2305u2304mb.bin --a--- 13040 bytes [18:20 15/08/2009] [00:42 16/08/2009]
u7iavi2308u2305wi.bin --a--- 23110 bytes [22:02 16/08/2009] [00:42 17/08/2009]
u7iavi2310u2308u8.bin --a--- 32017 bytes [18:16 17/08/2009] [23:01 17/08/2009]
u7iavi2311u2310e8.bin --a--- 21519 bytes [06:14 18/08/2009] [16:24 18/08/2009]
u7iavi2313u2311ia.bin --a--- 29894 bytes [06:17 19/08/2009] [15:21 19/08/2009]
u7iavi2314u23132b.bin --a--- 20098 bytes [18:15 19/08/2009] [01:03 20/08/2009]
u7iavi2317u2312qe.bin --a--- 84374 bytes [06:17 21/08/2009] [16:57 21/08/2009]
x8xplsb2_82kz.bin --a--- 3270 bytes [22:10 22/07/2009] [00:58 24/07/2009]
x8xplsb2_83yz.bin --a--- 1056 bytes [11:14 30/07/2009] [00:57 31/07/2009]
x8xplsb2_884u.bin --a--- 2826 bytes [05:34 07/08/2009] [17:16 12/08/2009]
x8xplsb2_89l8.bin --a--- 3094 bytes [10:24 18/08/2009] [15:21 19/08/2009]
x8xplsb_65d64kz.bin --a--- 9591 bytes [22:10 22/07/2009] [00:58 24/07/2009]
x8xplsb_66d65yz.bin --a--- 8560 bytes [11:14 30/07/2009] [00:57 31/07/2009]
x8xplsb_67d66vm.bin --a--- 11992 bytes [09:33 12/08/2009] [17:16 12/08/2009]
x8xplsb_68d67l8.bin --a--- 5949 bytes [10:24 18/08/2009] [15:21 19/08/2009]
x8xplsc_100d98dj.bin --a--- 1264 bytes [13:12 06/08/2009] [17:16 12/08/2009]
x8xplsc_101d100do.bin --a--- 875 bytes [20:22 12/08/2009] [01:59 13/08/2009]
x8xplsc_102d1015q.bin --a--- 492 bytes [10:46 14/08/2009] [01:38 15/08/2009]
x8xplsc_103d102n4.bin --a--- 726 bytes [09:07 19/08/2009] [01:03 20/08/2009]
x8xplsc_104d103tt.bin --a--- 695 bytes [10:43 20/08/2009] [16:57 21/08/2009]
x8xplsc_95d93kz.bin --a--- 1140 bytes [22:10 22/07/2009] [00:58 24/07/2009]
x8xplsc_96d95mq.bin --a--- 846 bytes [11:08 27/07/2009] [00:23 28/07/2009]
x8xplsc_97d96yz.bin --a--- 521 bytes [11:14 30/07/2009] [00:57 31/07/2009]
x8xplsc_98d9757.bin --a--- 812 bytes [12:32 31/07/2009] [16:44 01/08/2009]

C:\Documents and Settings\All Users\Application Data\Avg8\update\download\ads d----- [00:49 06/04/2009]

C:\Documents and Settings\All Users\Application Data\Avg8\update\prepare d----- [00:49 06/04/2009]
avgxch32.dll.prepare --a--- 52847 bytes [23:13 01/05/2009] [23:02 17/08/2009]
incavi.avm --a--- 40046181 bytes [01:27 06/04/2009] [16:57 21/08/2009]
sb.dat.prepare --a--- 10703 bytes [01:29 06/04/2009] [15:21 19/08/2009]
sc.dat.prepare --a--- 295 bytes [00:19 03/07/2009] [16:57 21/08/2009]

C:\Documents and Settings\All Users\Application Data\Google d----- [21:55 02/06/2007]

C:\Documents and Settings\All Users\Application Data\Google\Custom Buttons d----- [21:55 02/06/2007]
toolbar.google.com_J66T77NJDBMW4FEUU7FA.xml --a--c 6697 bytes [21:55 02/06/2007] [21:55 02/06/2007]
toolbar.google.com_O8Y91YHB24Z6SR0SGYSK.xml --a--c 7667 bytes [21:55 02/06/2007] [21:55 02/06/2007]

C:\Documents and Settings\All Users\Application Data\Hewlett-Packard d----- [05:04 09/04/2007]

C:\Documents and Settings\All Users\Application Data\Hewlett-Packard\Diagnostic Assistant d----- [05:04 09/04/2007]

C:\Documents and Settings\All Users\Application Data\Hewlett-Packard\Diagnostic Assistant\data d----- [05:04 09/04/2007]
hprbevdb.dll --a--c 1216 bytes [22:42 25/02/2004] [22:42 25/02/2004]
hprbevdb.mdb --a--c 112640 bytes [20:16 04/02/2004] [20:16 04/02/2004]

C:\Documents and Settings\All Users\Application Data\Hewlett-Packard\Diagnostic Assistant\RPSCache d----- [04:04 03/05/2007]

C:\Documents and Settings\All Users\Application Data\Hewlett-Packard\Diagnostic Assistant\SOLCache d----- [04:04 03/05/2007]

C:\Documents and Settings\All Users\Application Data\Intel d----- [20:06 23/06/2006]

C:\Documents and Settings\All Users\Application Data\Intel\Wireless d----- [20:06 23/06/2006]

C:\Documents and Settings\All Users\Application Data\Intel\Wireless\Settings d--h-- [20:06 23/06/2006]
ItSttngs.ini --a--- 267 bytes [01:35 23/03/2005] [01:35 23/03/2005]
Settings.ini --a--c 522 bytes [20:07 23/06/2006] [20:07 23/06/2006]

C:\Documents and Settings\All Users\Application Data\Intel\Wireless\WLANProfiles d--h-- [20:07 23/06/2006]
ITProfiles.enc --a--- 199 bytes [20:07 23/06/2006] [20:07 23/06/2006]
ITProfiles.enc.bak --a--- 199 bytes [20:07 23/06/2006] [20:07 23/06/2006]

C:\Documents and Settings\All Users\Application Data\Intuit d----- [02:31 02/05/2007]

C:\Documents and Settings\All Users\Application Data\Intuit\Quicken d----- [02:31 02/05/2007]

C:\Documents and Settings\All Users\Application Data\Intuit\Quicken\Cache d----- [02:31 02/05/2007]

C:\Documents and Settings\All Users\Application Data\Intuit\Quicken\Cache\Bgt d----- [02:31 02/05/2007]

C:\Documents and Settings\All Users\Application Data\Intuit\Quicken\Config d----- [02:31 02/05/2007]
QUICKEN.INI --a--c 1099 bytes [04:23 05/11/2005] [19:18 30/09/2006]

C:\Documents and Settings\All Users\Application Data\Malwarebytes d----- [17:32 12/06/2008]

C:\Documents and Settings\All Users\Application Data\Malwarebytes\Malwarebytes' Anti-Malware d----- [17:32 12/06/2008]
news.txt --a--c 32 bytes [17:32 12/06/2008] [17:32 12/06/2008]

C:\Documents and Settings\All Users\Application Data\McAfee.com d----- [04:32 05/11/2005]

C:\Documents and Settings\All Users\Application Data\McAfee.com\Agent d----- [04:32 05/11/2005]
agntclient.log --a--c 3957 bytes [04:32 05/11/2005] [02:24 03/05/2007]
mcifolog.log --a--- 2493 bytes [19:15 23/06/2006] [23:37 15/04/2009]
mcini.ini --a--- 174 bytes [04:33 05/11/2005] [04:33 05/11/2005]
McSubDB.Dat --a--- 473 bytes [04:33 05/11/2005] [19:13 24/06/2006]

C:\Documents and Settings\All Users\Application Data\McAfee.com\Agent\Cache d----- [04:33 05/11/2005]
McSubDB.Bak --a--c 473 bytes [04:33 05/11/2005] [19:13 24/06/2006]

C:\Documents and Settings\All Users\Application Data\McAfee.com\Agent\Logs d----- [04:32 05/11/2005]

C:\Documents and Settings\All Users\Application Data\McAfee.com\Agent\Logs\TaskScheduler d----- [04:32 05/11/2005]
McTskshd000.log --a--- 51238 bytes [04:32 05/11/2005] [12:18 14/04/2009]
McTskshd001.log --a--- 51211 bytes [19:03 22/11/2005] [23:27 15/04/2009]
McTskshd002.log --a--- 45421 bytes [02:02 03/12/2005] [05:24 16/04/2009]

C:\Documents and Settings\All Users\Application Data\McAfee.com\Agent\News d----- [04:32 05/11/2005]
mcltvers.ini --a--c 2657 bytes [19:15 23/06/2006] [19:15 23/06/2006]
mcscins.cfg --a--c 49 bytes [19:15 23/06/2006] [19:15 23/06/2006]
oemcfg.ini --a--c 12732 bytes [04:32 05/11/2005] [20:09 23/06/2006]
valert.ui --a--c 22112 bytes [19:15 23/06/2006] [19:15 23/06/2006]

C:\Documents and Settings\All Users\Application Data\McAfee.com\Agent\RegWiz d----- [04:32 05/11/2005]

C:\Documents and Settings\All Users\Application Data\McAfee.com\Agent\RegWiz\RegApp d----- [04:32 05/11/2005]

C:\Documents and Settings\All Users\Application Data\McAfee.com\Agent\update d----- [02:31 02/05/2007]

C:\Documents and Settings\All Users\Application Data\McAfee.com\download d----- [02:31 02/05/2007]

C:\Documents and Settings\All Users\Application Data\McAfee.com\VSO d----- [04:32 05/11/2005]

C:\Documents and Settings\All Users\Application Data\McAfee.com\VSO\Data d--h-- [04:32 05/11/2005]
VMapLogs.log --a--- 125 bytes [19:15 23/06/2006] [23:37 15/04/2009]
VMapLogs.old --a--- 125 bytes [19:15 23/06/2006] [04:16 15/04/2009]
VSL6.tmp --a--c 67 bytes [04:50 04/06/2008] [04:50 04/06/2008]

C:\Documents and Settings\All Users\Application Data\McAfee.com\VSO\OASLogs d----- [04:32 05/11/2005]
OAS.log --a--- 2337 bytes [04:43 05/11/2005] [21:07 12/04/2009]

C:\Documents and Settings\All Users\Application Data\McAfee.com\VSO\ODSLog d----- [22:08 23/06/2006]
Julia Yu_ods.log --a--c 501 bytes [22:08 23/06/2006] [01:48 13/07/2006]

C:\Documents and Settings\All Users\Application Data\McAfee.com\VSO\Quarantine d--h-- [04:32 05/11/2005]

C:\Documents and Settings\All Users\Application Data\Microsoft d---s- [18:33 04/11/2005]
Thumbs.db --ahsc 8192 bytes [05:14 26/11/2006] [05:14 26/11/2006]

C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto d---s- [02:31 02/05/2007]

C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\DSS d---s- [02:31 02/05/2007]

C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\DSS\MachineKeys d---s- [02:31 02/05/2007]

C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA d---s- [02:31 02/05/2007]

C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys d---s- [02:31 02/05/2007]
fc1e3851f429ea606d6ff1e01a5229f1_4785280b-b19f-4756-8e82-a75bede69e8c --a-s- 52 bytes [22:56 06/06/2009] [22:56 06/06/2009]

C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\S-1-5-18 d---s- [02:31 02/05/2007]
d42cc0c3858a58db2db37658219e6400_4785280b-b19f-4756-8e82-a75bede69e8c --a-sc 893 bytes [02:50 02/05/2007] [02:50 02/05/2007]

C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto(2) d---s- [08:10 11/03/2007]

C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto(2)\RSA d---s- [08:10 11/03/2007]

C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto(2)\RSA\S-1-5-18 d---s- [08:10 11/03/2007]
d42cc0c3858a58db2db37658219e6400_4785280b-b19f-4756-8e82-a75bede69e8c --a-sc 893 bytes [08:10 11/03/2007] [08:10 11/03/2007]

C:\Documents and Settings\All Users\Application Data\Microsoft\Dr Watson d----- [02:31 02/05/2007]
drwtsn32.log --a--c 16787832 bytes [00:07 05/05/2007] [01:30 08/08/2009]
user.dmp --a--c 83696 bytes [00:07 05/05/2007] [01:30 08/08/2009]

C:\Documents and Settings\All Users\Application Data\Microsoft\Dr Watson(2) d----- [08:05 11/03/2007]
drwtsn32.log --a--c 360834 bytes [03:07 13/03/2007] [02:15 24/03/2007]
user.dmp --a--c 40547 bytes [03:07 13/03/2007] [02:15 24/03/2007]

C:\Documents and Settings\All Users\Application Data\Microsoft\HTML Help d----- [02:31 02/05/2007]
hhcolreg.dat --a--- 1307 bytes [03:48 27/03/2009] [03:48 27/03/2009]

C:\Documents and Settings\All Users\Application Data\Microsoft\IMG d----- [02:31 02/05/2007]

C:\Documents and Settings\All Users\Application Data\Microsoft\Media Index d----- [02:31 02/05/2007]

C:\Documents and Settings\All Users\Application Data\Microsoft\Media Player d----- [02:40 05/11/2005]
DefaultStore_59R.bin -rah-c 720896 bytes [02:41 05/11/2005] [02:41 05/11/2005]
UserMigratedStore_59R.bin -rah-c 720896 bytes [02:41 05/11/2005] [02:41 05/11/2005]

C:\Documents and Settings\All Users\Application Data\Microsoft\Network d----- [02:36 05/11/2005]

C:\Documents and Settings\All Users\Application Data\Microsoft\Network\Connections d----- [02:36 05/11/2005]

C:\Documents and Settings\All Users\Application Data\Microsoft\Network\Connections\Cm d----- [02:31 02/05/2007]

C:\Documents and Settings\All Users\Application Data\Microsoft\Network\Connections\Pbk d----- [02:36 05/11/2005]
rasphone.pbk --a--c 0 bytes [04:28 05/11/2005] [21:58 26/11/2006]
sharedaccess.ini --a--c 853 bytes [02:36 05/11/2005] [22:24 21/07/2001]

C:\Documents and Settings\All Users\Application Data\Microsoft\Network\Downloader d----- [02:31 02/05/2007]
qmgr0.dat --a--- 4232 bytes [02:41 02/05/2007] [15:05 21/08/2009]
qmgr1.dat --a--- 4617 bytes [02:41 02/05/2007] [15:05 21/08/2009]

C:\Documents and Settings\All Users\Application Data\Microsoft\Network\Downloader(2) d----- [05:03 14/03/2007]
qmgr0.dat --a--c 4232 bytes [05:03 14/03/2007] [01:52 12/04/2007]
qmgr1.dat --a--c 5530 bytes [05:03 14/03/2007] [01:52 12/04/2007]

C:\Documents and Settings\All Users\Application Data\Microsoft\OFFICE d----- [19:47 30/09/2006]

C:\Documents and Settings\All Users\Application Data\Microsoft\OFFICE\DATA d----- [19:47 30/09/2006]
OPA11.BAK --a--c 8200 bytes [04:23 18/10/2002] [04:23 18/10/2002]
opa11.dat ------ 8206 bytes [19:50 30/09/2006] [19:50 30/09/2006]

C:\Documents and Settings\All Users\Application Data\Microsoft\Provisioning d----- [02:31 02/05/2007]

C:\Documents and Settings\All Users\Application Data\Microsoft\User Account Pictures d----- [02:39 05/11/2005]
Administrator.bmp --a--c 6976 bytes [02:58 23/11/2006] [02:58 23/11/2006]
Guest.bmp --a--c 6976 bytes [02:39 05/11/2005] [07:14 23/02/2007]
Julia Yu.bmp --a--c 6976 bytes [20:08 23/06/2006] [03:52 02/05/2007]
Owner.bmp --a--c 6976 bytes [02:44 05/11/2005] [02:44 05/11/2005]
Thumbs.db --ahsc 17920 bytes [05:14 26/11/2006] [07:35 11/03/2007]

C:\Documents and Settings\All Users\Application Data\Microsoft\User Account Pictures\Default Pictures d----- [02:39 05/11/2005]
Airplane.bmp --a--c 6968 bytes [02:39 05/11/2005] [12:00 04/08/2004]
Avarice.bmp --a--c 6966 bytes [07:39 11/03/2007] [07:39 11/03/2007]
Butterfly.bmp --a--c 6968 bytes [02:39 05/11/2005] [12:00 04/08/2004]
Chess.bmp --a--c 6968 bytes [02:39 05/11/2005] [12:00 04/08/2004]
Envy.bmp --a--c 6966 bytes [07:41 11/03/2007] [07:41 11/03/2007]
Fly.bmp --a--c 6966 bytes [05:07 26/11/2006] [05:07 26/11/2006]
Ghost Horse.bmp --a--c 6966 bytes [04:54 26/11/2006] [04:54 26/11/2006]
Gluttony.bmp --a--c 6966 bytes [07:42 11/03/2007] [07:42 11/03/2007]
Horses.bmp --a--c 6968 bytes [02:39 05/11/2005] [12:00 04/08/2004]
Knight.bmp --a--c 6966 bytes [05:13 26/11/2006] [05:13 26/11/2006]
Lust.bmp --a--c 6966 bytes [07:43 11/03/2007] [07:43 11/03/2007]
Sloth.bmp --a--c 6966 bytes [07:44 11/03/2007] [07:44 11/03/2007]
Snowflake.bmp --a--c 6968 bytes [02:39 05/11/2005] [12:00 04/08/2004]
Thumbs.db --ahsc 92672 bytes [04:42 26/11/2006] [07:46 11/03/2007]
Wrath.bmp --a--c 6966 bytes [07:46 11/03/2007] [07:46 11/03/2007]

C:\Documents and Settings\All Users\Application Data\Microsoft\Windows NT d----- [02:31 02/05/2007]

C:\Documents and Settings\All Users\Application Data\Microsoft\Windows NT\MSFax d----- [02:31 02/05/2007]

C:\Documents and Settings\All Users\Application Data\Microsoft\Windows NT\MSFax\ActivityLog d----- [02:31 02/05/2007]
InboxLOG.txt --a--c 278 bytes [02:40 02/05/2007] [02:40 02/05/2007]
OutboxLOG.txt --a--c 1518 bytes [02:40 02/05/2007] [02:40 02/05/2007]
schema.ini --a--c 4334 bytes [02:38 05/11/2005] [15:18 05/05/2007]

C:\Documents and Settings\All Users\Application Data\Microsoft\Windows NT\MSFax\Common Coverpages d----- [02:31 02/05/2007]

C:\Documents and Settings\All Users\Application Data\Microsoft\Windows NT\MSFax\Inbox d----- [02:31 02/05/2007]

C:\Documents and Settings\All Users\Application Data\Microsoft\Windows NT\MSFax\Queue d--hs- [02:31 02/05/2007]

C:\Documents and Settings\All Users\Application Data\Microsoft\Windows NT\MSFax\SentItems d----- [02:31 02/05/2007]

C:\Documents and Settings\All Users\Application Data\Microsoft\Works d----- [21:49 08/11/2005]
CalMRU.dat --a--c 12 bytes [08:11 07/03/2007] [08:11 07/03/2007]
mswkscal.wcd --a--c 188416 bytes [01:07 06/01/2005] [01:07 06/01/2005]
wkcalcat.dat --a--c 16384 bytes [08:11 07/03/2007] [08:11 07/03/2007]

C:\Documents and Settings\All Users\Application Data\Microsoft Corporation d----- [21:03 15/10/2006]

C:\Documents and Settings\All Users\Application Data\Microsoft Corporation\Windows Vista Upgrade Advisor d----- [21:03 15/10/2006]

C:\Documents and Settings\All Users\Application Data\Microsoft Corporation\Windows Vista Upgrade Advisor\1.0.0000000.309 d----- [21:03 15/10/2006]
blockers.xml --a--c 3194 bytes [21:03 15/10/2006] [21:03 15/10/2006]

C:\Documents and Settings\All Users\Application Data\MSScanAppDataDir d----- [08:48 07/03/2007]
xscan32.dat --a--c 59466 bytes [08:48 07/03/2007] [22:03 17/01/2003]

C:\Documents and Settings\All Users\Application Data\Pure Networks d----- [04:28 05/11/2005]

C:\Documents and Settings\All Users\Application Data\Pure Networks\Port Magic d----- [04:28 05/11/2005]

C:\Documents and Settings\All Users\Application Data\Pure Networks\Port Magic\log d----- [02:34 02/05/2007]

C:\Documents and Settings\All Users\Application Data\QuickTime d----- [04:28 05/11/2005]
QuickTime.qtp --a--c 9717 bytes [04:28 05/11/2005] [22:02 27/05/2007]
QuickTimeFavorites.qtr --a--c 2642 bytes [16:46 06/07/2006] [02:10 02/01/2007]

C:\Documents and Settings\All Users\Application Data\Skype d----- [04:00 22/02/2008]

C:\Documents and Settings\All Users\Application Data\Skype\Plugins d----- [04:01 22/02/2008]
collection.ini --a--c 354 bytes [01:22 02/02/2008] [01:22 02/02/2008]
local_store.dat --a--c 1148 bytes [02:05 23/02/2008] [04:15 01/05/2009]
pxml.xml --a--c 564468 bytes [01:22 02/02/2008] [00:16 01/05/2009]
_sstore.dat --a--c 444 bytes [02:05 23/02/2008] [04:39 01/05/2009]

C:\Documents and Settings\All Users\Application Data\Skype\Plugins\Local Cache d----- [04:01 22/02/2008]
0019ED3CC0A745F8891EAEAAE2D3BED9_icon24.png --a--c 4015 bytes [02:06 23/02/2008] [02:06 23/02/2008]
0019ED3CC0A745F8891EAEAAE2D3BED9_icon48.png --a--c 4418 bytes [02:06 23/02/2008] [02:06 23/02/2008]
04B3EC9B2B5945A1B7AFC5FAFC297401_icon24.png --a--c 1238 bytes [02:05 23/02/2008] [02:05 23/02/2008]
04B3EC9B2B5945A1B7AFC5FAFC297401_icon48.png --a--c 2906 bytes [02:05 23/02/2008] [02:05 23/02/2008]
04B3EC9B2B5945A1B7AFC5FAFC297401_more.jpg --a--c 25414 bytes [02:05 23/02/2008] [02:05 23/02/2008]
04B85A4AD92F471CB8EC199BEBD26C57_icon24.png --a--c 4203 bytes [02:06 23/02/2008] [02:06 23/02/2008]
04B85A4AD92F471CB8EC199BEBD26C57_icon48.png --a--c 7694 bytes [02:06 23/02/2008] [02:06 23/02/2008]
04B85A4AD92F471CB8EC199BEBD26C57_more.jpg --a--c 30094 bytes [02:06 23/02/2008] [02:06 23/02/2008]
073AF5AC136443AEAF82FBD0E6EE23D0_icon24.png --a--c 979 bytes [02:06 23/02/2008] [02:06 23/02/2008]
073AF5AC136443AEAF82FBD0E6EE23D0_icon48.png --a--c 2372 bytes [02:06 23/02/2008] [02:06 23/02/2008]
073AF5AC136443AEAF82FBD0E6EE23D0_named_strings.mlsxml --a--c 965 bytes [02:06 23/02/2008] [02:06 23/02/2008]
07B9E799E57E446881426C489ED9764D_icon24.png --a--c 1475 bytes [02:05 23/02/2008] [02:05 23/02/2008]
07B9E799E57E446881426C489ED9764D_icon48.png --a--c 1367 bytes [02:05 23/02/2008] [02:05 23/02/2008]
07B9E799E57E446881426C489ED9764D_more.jpg --a--c 10324 bytes [02:05 23/02/2008] [02:05 23/02/2008]
08ADE748DA334F498231E20B7E0BF69E_icon24.png -ra--c 1072 bytes [01:22 02/02/2008] [01:22 02/02/2008]
08ADE748DA334F498231E20B7E0BF69E_icon48.png --a--c 1355 bytes [02:05 23/02/2008] [02:05 23/02/2008]
08ADE748DA334F498231E20B7E0BF69E_more.jpg --a--c 7688 bytes [02:05 23/02/2008] [02:05 23/02/2008]
0B3223A1A4EA4592841023160E190196_icon24.png --a--c 3820 bytes [02:06 23/02/2008] [02:06 23/02/2008]
0B3223A1A4EA4592841023160E190196_icon48.png --a--c 7921 bytes [02:06 23/02/2008] [02:06 23/02/2008]
0B3223A1A4EA4592841023160E190196_more.jpg --a--c 10598 bytes [02:06 23/02/2008] [02:06 23/02/2008]
0E9B418314BC4742BE13D94710A876D6_icon48.png --a--- 3395 bytes [00:16 01/05/2009] [00:16 01/05/2009]
1163D2B46CC742E5A3CC9E4157887751_icon24.png --a--c 30671 bytes [02:05 23/02/2008] [02:05 23/02/2008]
1163D2B46CC742E5A3CC9E4157887751_icon48.png --a--c 36303 bytes [02:05 23/02/2008] [02:05 23/02/2008]
1163D2B46CC742E5A3CC9E4157887751_more.jpg --a--c 10555 bytes [02:05 23/02/2008] [02:05 23/02/2008]
1163D2B46CC742E5A3CC9E4157887751_named_strings.mlsxml --a--c 7524 bytes [02:05 23/02/2008] [02:05 23/02/2008]
13651BBE51534FF1B250EBE56CDE0987_icon48.png --a--c 1923 bytes [02:06 23/02/2008] [02:06 23/02/2008]
13651BBE51534FF1B250EBE56CDE0987_named_strings.mlsxml --a--c 503 bytes [02:06 23/02/2008] [02:06 23/02/2008]
15820943763B412CB59AA18ACC0EB6D7_icon24.png --a--c 1534 bytes [02:06 23/02/2008] [02:06 23/02/2008]
15820943763B412CB59AA18ACC0EB6D7_icon48.png --a--c 5330 bytes [02:06 23/02/2008] [02:06 23/02/2008]
15820943763B412CB59AA18ACC0EB6D7_named_strings.mlsxml --a--c 353 bytes [02:06 23/02/2008] [02:06 23/02/2008]
1597FB434D964733B5D8B2B112EE34C2_icon24.png --a--c 541 bytes [02:06 23/02/2008] [02:06 23/02/2008]
1597FB434D964733B5D8B2B112EE34C2_icon48.png --a--c 1122 bytes [02:06 23/02/2008] [02:06 23/02/2008]
1597FB434D964733B5D8B2B112EE34C2_named_strings.mlsxml --a--c 638 bytes [02:06 23/02/2008] [02:06 23/02/2008]
185538D1B9D7403E8163FCDCD905001E_icon24.png --a--c 1250 bytes [02:06 23/02/2008] [02:06 23/02/2008]
185538D1B9D7403E8163FCDCD905001E_icon48.png --a--c 3568 bytes [02:06 23/02/2008] [02:06 23/02/2008]
185538D1B9D7403E8163FCDCD905001E_more.jpg --a--c 6601 bytes [02:06 23/02/2008] [02:06 23/02/2008]
1C858F44FD20414EA6E3ACFBA01EBBD2_icon24.png --a--c 1370 bytes [02:06 23/02/2008] [02:06 23/02/2008]
1C858F44FD20414EA6E3ACFBA01EBBD2_icon48.png --a--c 3985 bytes [02:06 23/02/2008] [02:06 23/02/2008]
1C858F44FD20414EA6E3ACFBA01EBBD2_more.jpg --a--c 33665 bytes [02:06 23/02/2008] [02:06 23/02/2008]
1C858F44FD20414EA6E3ACFBA01EBBD2_named_strings.mlsxml --a--c 898 bytes [02:06 23/02/2008] [02:06 23/02/2008]
215F17483FA345F985AFB7F0D52C6B80_icon24.png --a--c 307 bytes [02:06 23/02/2008] [02:06 23/02/2008]
215F17483FA345F985AFB7F0D52C6B80_icon48.png --a--c 646 bytes [02:06 23/02/2008] [02:06 23/02/2008]
215F17483FA345F985AFB7F0D52C6B80_more.jpg --a--c 5317 bytes [02:06 23/02/2008] [02:06 23/02/2008]
215F17483FA345F985AFB7F0D52C6B80_named_strings.mlsxml --a--c 1042 bytes [02:06 23/02/2008] [02:06 23/02/2008]
2286118ED27F4185B8E914DB419B9845_icon24.png --a--c 1445 bytes [02:06 23/02/2008] [02:06 23/02/2008]
2286118ED27F4185B8E914DB419B9845_icon48.png --a--c 5499 bytes [02:06 23/02/2008] [02:06 23/02/2008]
22E1CF92BED041C09C94A28F62FA6E12_icon24.png --a--c 4502 bytes [02:06 23/02/2008] [02:06 23/02/2008]
22E1CF92BED041C09C94A28F62FA6E12_icon48.png --a--c 6910 bytes [02:06 23/02/2008] [02:06 23/02/2008]
22E1CF92BED041C09C94A28F62FA6E12_more.jpg --a--c 38554 bytes [02:06 23/02/2008] [02:06 23/02/2008]
26BF497F320A43C3B0EF4CB5702DDFDA_icon24.png --a--c 1142 bytes [02:06 23/02/2008] [02:06 23/02/2008]
26BF497F320A43C3B0EF4CB5702DDFDA_icon48.png --a--c 3060 bytes [02:06 23/02/2008] [02:06 23/02/2008]
26BF497F320A43C3B0EF4CB5702DDFDA_more.jpg --a--c 31500 bytes [02:06 23/02/2008] [02:06 23/02/2008]
289650C9E52C40FE91D947C6D0EB72DA_icon24.png --a--c 2454 bytes [02:06 23/02/2008] [02:06 23/02/2008]
289650C9E52C40FE91D947C6D0EB72DA_icon48.png --a--c 9402 bytes [02:06 23/02/2008] [02:06 23/02/2008]
2DA9E410035A495AA15707F5F57B8290_icon24.png --a--c 1651 bytes [02:06 23/02/2008] [02:06 23/02/2008]
2DA9E410035A495AA15707F5F57B8290_icon48.png --a--c 4277 bytes [02:06 23/02/2008] [02:06 23/02/2008]
2DA9E410035A495AA15707F5F57B8290_more.jpg --a--c 8208 bytes [02:06 23/02/2008] [02:06 23/02/2008]
310891C5FB3645A0BEC3A6648A1468C8_icon24.png --a--c 1272 bytes [02:05 23/02/2008] [02:05 23/02/2008]
310891C5FB3645A0BEC3A6648A1468C8_icon48.png --a--c 3157 bytes [02:05 23/02/2008] [02:05 23/02/2008]
310891C5FB3645A0BEC3A6648A1468C8_more.jpg --a--c 5984 bytes [02:05 23/02/2008] [02:05 23/02/2008]
31E6481A7A624C39BB43E8BF6390376C_icon24.png --a--c 1728 bytes [02:06 23/02/2008] [02:06 23/02/2008]
31E6481A7A624C39BB43E8BF6390376C_icon48.png --a--c 5674 bytes [02:06 23/02/2008] [02:06 23/02/2008]
31E6481A7A624C39BB43E8BF6390376C_more.jpg --a--c 7492 bytes [02:06 23/02/2008] [02:06 23/02/2008]
344D33EE48D740E890505EB2FEA27CF9_icon24.png --a--c 1629 bytes [02:05 23/02/2008] [02:05 23/02/2008]
344D33EE48D740E890505EB2FEA27CF9_icon48.png --a--c 5073 bytes [02:05 23/02/2008] [02:05 23/02/2008]
39B2F533597C4902A09E458E1F529484_icon24.png --a--c 514 bytes [02:06 23/02/2008] [02:06 23/02/2008]
39B2F533597C4902A09E458E1F529484_icon48.png --a--c 496 bytes [02:06 23/02/2008] [02:06 23/02/2008]
39B2F533597C4902A09E458E1F529484_named_strings.mlsxml --a--c 852 bytes [02:06 23/02/2008] [02:06 23/02/2008]
3FC333113C2B4835B62DCD762B266874_icon24.png --a--c 4368 bytes [02:06 23/02/2008] [02:06 23/02/2008]
3FC333113C2B4835B62DCD762B266874_icon48.png --a--c 4875 bytes [02:06 23/02/2008] [02:06 23/02/2008]
3FC333113C2B4835B62DCD762B266874_more.jpg --a--c 52877 bytes [02:06 23/02/2008] [02:06 23/02/2008]
4241BB637A4E428696AA5B176904B25F_icon24.png --a--c 1112 bytes [02:06 23/02/2008] [02:06 23/02/2008]
4241BB637A4E428696AA5B176904B25F_icon48.png --a--c 1574 bytes [02:06 23/02/2008] [02:06 23/02/2008]
467A7D6F4FB84F3BBA97CE5218E3174C_icon24.png --a--c 1322 bytes [02:05 23/02/2008] [02:05 23/02/2008]
467A7D6F4FB84F3BBA97CE5218E3174C_icon48.png --a--c 3585 bytes [02:05 23/02/2008] [02:05 23/02/2008]
467A7D6F4FB84F3BBA97CE5218E3174C_more.jpg --a--c 5468 bytes [02:05 23/02/2008] [02:05 23/02/2008]
4B0CD40E64684EFBB9596337DF1BFCD9_icon24.png --a--c 630 bytes [02:05 23/02/2008] [02:05 23/02/2008]
4B0CD40E64684EFBB9596337DF1BFCD9_icon48.png --a--c 1675 bytes [02:05 23/02/2008] [02:05 23/02/2008]
4B0CD40E64684EFBB9596337DF1BFCD9_more.jpg --a--c 23226 bytes [02:05 23/02/2008] [02:05 23/02/2008]
4B5C625A1D594B07BD2A5535186DA00D_icon24.png --a--c 602 bytes [02:06 23/02/2008] [02:06 23/02/2008]
4B5C625A1D594B07BD2A5535186DA00D_icon48.png --a--c 1910 bytes [02:06 23/02/2008] [02:06 23/02/2008]
4B5C625A1D594B07BD2A5535186DA00D_more.jpg --a--c 5176 bytes [02:06 23/02/2008] [02:06 23/02/2008]
4D05EF472458470DA8EF5F5B1C4258B0_icon24.png --a--c 2005 bytes [02:06 23/02/2008] [02:06 23/02/2008]
4D05EF472458470DA8EF5F5B1C4258B0_icon48.png --a--c 4895 bytes [02:06 23/02/2008] [02:06 23/02/2008]
4D05EF472458470DA8EF5F5B1C4258B0_more.jpg --a--c 46269 bytes [02:06 23/02/2008] [02:06 23/02/2008]
565F009C651A4787952DCE8DCAEC7A2F_icon24.png --a--c 30716 bytes [02:06 23/02/2008] [02:06 23/02/2008]
565F009C651A4787952DCE8DCAEC7A2F_icon48.png --a--c 34752 bytes [02:06 23/02/2008] [02:06 23/02/2008]
5E79B22DC5314A7F8CA44FD6F346D763_icon24.png --a--c 955 bytes [02:06 23/02/2008] [02:06 23/02/2008]
5E79B22DC5314A7F8CA44FD6F346D763_icon48.png --a--c 2523 bytes [02:06 23/02/2008] [02:06 23/02/2008]
5E79B22DC5314A7F8CA44FD6F346D763_named_strings.mlsxml --a--c 486 bytes [02:06 23/02/2008] [02:06 23/02/2008]
5F4F26549C094CDEA4BA0531F053A953_icon24.png --a--c 4552 bytes [02:06 23/02/2008] [02:06 23/02/2008]
5F4F26549C094CDEA4BA0531F053A953_icon48.png --a--c 8833 bytes [02:06 23/02/2008] [02:06 23/02/2008]
5F4F26549C094CDEA4BA0531F053A953_more.jpg --a--c 26390 bytes [02:06 23/02/2008] [02:06 23/02/2008]
6580944A1D1042CAAC209DD9E3B09CDB_icon24.png --a--c 1075 bytes [02:06 23/02/2008] [02:06 23/02/2008]
6580944A1D1042CAAC209DD9E3B09CDB_icon48.png --a--c 2845 bytes [02:06 23/02/2008] [02:06 23/02/2008]
6580944A1D1042CAAC209DD9E3B09CDB_more.jpg --a--c 16147 bytes [02:06 23/02/2008] [02:06 23/02/2008]
70A769DCB31D4D59AE936EAC08D29EE4_icon24.png --a--c 1479 bytes [02:06 23/02/2008] [02:06 23/02/2008]
70A769DCB31D4D59AE936EAC08D29EE4_icon48.png --a--c 3712 bytes [02:06 23/02/2008] [02:06 23/02/2008]
70A769DCB31D4D59AE936EAC08D29EE4_more.jpg --a--c 9180 bytes [02:06 23/02/2008] [02:06 23/02/2008]
71333359BE364048AEB3666CC9793DC2_icon24.png --a--c 808 bytes [02:06 23/02/2008] [02:06 23/02/2008]
71333359BE364048AEB3666CC9793DC2_icon48.png --a--c 2602 bytes [02:06 23/02/2008] [02:06 23/02/2008]
71333359BE364048AEB3666CC9793DC2_more.jpg --a--c 12193 bytes [02:06 23/02/2008] [02:06 23/02/2008]
7583A6C03F894E7DB7977696F2A303B8_icon24.png --a--c 1663 bytes [02:06 23/02/2008] [02:06 23/02/2008]
7583A6C03F894E7DB7977696F2A303B8_icon48.png --a--c 2115 bytes [02:06 23/02/2008] [02:06 23/02/2008]
7606D527D0F54914BDC42899342D7164_icon24.png --a--c 858 bytes [02:06 23/02/2008] [02:06 23/02/2008]
7606D527D0F54914BDC42899342D7164_icon48.png --a--c 31508 bytes [02:06 23/02/2008] [02:06 23/02/2008]
7606D527D0F54914BDC42899342D7164_more.jpg --a--c 32765 bytes [02:06 23/02/2008] [02:06 23/02/2008]
76DD75F4114D4980AA886269FB262203_icon24.png --a--c 4059 bytes [02:06 23/02/2008] [02:06 23/02/2008]
76DD75F4114D4980AA886269FB262203_icon48.png --a--c 2163 bytes [02:06 23/02/2008] [02:06 23/02/2008]
76DD75F4114D4980AA886269FB262203_more.jpg --a--c 63601 bytes [02:06 23/02/2008] [02:06 23/02/2008]
791AA5C0E2B842988FC61FF9DE4B1D06_icon24.png --a--c 4252 bytes [02:06 23/02/2008] [02:06 23/02/2008]
791AA5C0E2B842988FC61FF9DE4B1D06_icon48.png --a--c 5403 bytes [02:06 23/02/2008] [02:06 23/02/2008]
791AA5C0E2B842988FC61FF9DE4B1D06_more.jpg --a--c 47838 bytes [02:06 23/02/2008] [02:06 23/02/2008]
791AA5C0E2B842988FC61FF9DE4B1D06_named_strings.mlsxml --a--c 983 bytes [02:06 23/02/2008] [02:06 23/02/2008]
7A35F6B8E3B747518F5737995988E6FB_icon24.png --a--c 1472 bytes [02:06 23/02/2008] [02:06 23/02/2008]
7A35F6B8E3B747518F5737995988E6FB_icon48.png --a--c 4226 bytes [02:06 23/02/2008] [02:06 23/02/2008]
7A35F6B8E3B747518F5737995988E6FB_more.jpg --a--c 25971 bytes [02:06 23/02/2008] [02:06 23/02/2008]
7BD52F8969074343A52FB2FEF12D9285_icon24.png --a--c 1396 bytes [02:06 23/02/2008] [02:06 23/02/2008]
7BD52F8969074343A52FB2FEF12D9285_icon48.png --a--c 3368 bytes [02:06 23/02/2008] [02:06 23/02/2008]
7BD52F8969074343A52FB2FEF12D9285_more.jpg --a--c 5794 bytes [02:06 23/02/2008] [02:06 23/02/2008]
7F8A4A2B676D4EDEB6B6DC6F46FEFE41_icon24.png -ra--c 1323 bytes [01:22 02/02/2008] [01:22 02/02/2008]
7F8A4A2B676D4EDEB6B6DC6F46FEFE41_icon48.png --a--c 3624 bytes [02:05 23/02/2008] [02:05 23/02/2008]
7F8A4A2B676D4EDEB6B6DC6F46FEFE41_more.jpg --a--c 20651 bytes [02:05 23/02/2008] [02:05 23/02/2008]
7F8A4A2B676D4EDEB6B6DC6F46FEFE41_named_strings.mlsxml --a--c 123167 bytes [02:05 23/02/2008] [02:05 23/02/2008]
80D03E349BF44E6D9BCD6BF3006A2379_icon24.png --a--c 1585 bytes [02:06 23/02/2008] [02:06 23/02/2008]
80D03E349BF44E6D9BCD6BF3006A2379_icon48.png --a--c 5642 bytes [02:06 23/02/2008] [02:06 23/02/2008]
823837D034CA4FC58C73C7108F00081E_icon24.png --a--c 1794 bytes [02:06 23/02/2008] [02:06 23/02/2008]
823837D034CA4FC58C73C7108F00081E_icon48.png --a--c 6235 bytes [02:06 23/02/2008] [02:06 23/02/2008]
823837D034CA4FC58C73C7108F00081E_more.jpg --a--c 10006 bytes [02:06 23/02/2008] [02:06 23/02/2008]
823837D034CA4FC58C73C7108F00081E_named_strings.mlsxml --a--c 453 bytes [02:06 23/02/2008] [02:06 23/02/2008]
827568A28AD44457A81ABC08309D7D62_icon24.png --a--c 1212 bytes [02:06 23/02/2008] [02:06 23/02/2008]
827568A28AD44457A81ABC08309D7D62_icon48.png --a--c 3352 bytes [02:06 23/02/2008] [02:06 23/02/2008]
827568A28AD44457A81ABC08309D7D62_more.jpg --a--c 13444 bytes [02:06 23/02/2008] [02:06 23/02/2008]
856B815D49644E71B7440FBDC105ED28_icon48.png --a--c 458 bytes [02:06 23/02/2008] [02:06 23/02/2008]
86B67BC476C5410CA9C1F0FE1D97BEB2_icon24.png --a--c 4326 bytes [02:05 23/02/2008] [02:05 23/02/2008]
86B67BC476C5410CA9C1F0FE1D97BEB2_icon48.png --a--c 6538 bytes [02:05 23/02/2008] [02:05 23/02/2008]
86B67BC476C5410CA9C1F0FE1D97BEB2_more.jpg --a--c 10363 bytes [02:05 23/02/2008] [02:05 23/02/2008]
86B67BC476C5410CA9C1F0FE1D97BEB2_named_strings.mlsxml --a--c 345 bytes [02:05 23/02/2008] [02:05 23/02/2008]
880C4AF585E7424893A3D22C64C3E597_icon24.png --a--c 1371 bytes [02:06 23/02/2008] [02:06 23/02/2008]
880C4AF585E7424893A3D22C64C3E597_icon48.png --a--c 3761 bytes [02:06 23/02/2008] [02:06 23/02/2008]
880C4AF585E7424893A3D22C64C3E597_more.jpg --a--c 5916 bytes [02:06 23/02/2008] [02:06 23/02/2008]
885D1E7B61B84B46BC70973A9C4327BA_icon24.png --a--c 4396 bytes [02:06 23/02/2008] [02:06 23/02/2008]
885D1E7B61B84B46BC70973A9C4327BA_icon48.png --a--c 8423 bytes [02:06 23/02/2008] [02:06 23/02/2008]
885D1E7B61B84B46BC70973A9C4327BA_more.jpg --a--c 35009 bytes [02:06 23/02/2008] [02:06 23/02/2008]
88C635100B414F1DA4886C1AA7B925FF_icon24.png --a--c 1084 bytes [02:06 23/02/2008] [02:06 23/02/2008]
88C635100B414F1DA4886C1AA7B925FF_icon48.png --a--c 2808 bytes [02:06 23/02/2008] [02:06 23/02/2008]
88C635100B414F1DA4886C1AA7B925FF_more.jpg --a--c 14510 bytes [02:06 23/02/2008] [02:06 23/02/2008]
8BC41031C6CA43DD9DB7DDFA6F73C729_icon24.png --a--c 494 bytes [02:06 23/02/2008] [02:06 23/02/2008]
8BC41031C6CA43DD9DB7DDFA6F73C729_icon48.png --a--c 535 bytes [02:06 23/02/2008] [02:06 23/02/2008]
8BC41031C6CA43DD9DB7DDFA6F73C729_named_strings.mlsxml --a--c 814 bytes [02:06 23/02/2008] [02:06 23/02/2008]
8DC8467972494A2FA46A9106F7003291_icon24.png --a--c 4316 bytes [02:06 23/02/2008] [02:06 23/02/2008]
8DC8467972494A2FA46A9106F7003291_icon48.png --a--c 3975 bytes [02:06 23/02/2008] [02:06 23/02/2008]
8DC8467972494A2FA46A9106F7003291_more.jpg --a--c 21842 bytes [02:06 23/02/2008] [02:06 23/02/2008]
903CB56BA52F42478957BE8314837A86_icon24.png -ra--c 1546 bytes [01:22 02/02/2008] [01:22 02/02/2008]
903CB56BA52F42478957BE8314837A86_icon48.png --a--c 3427 bytes [02:05 23/02/2008] [02:05 23/02/2008]
903CB56BA52F42478957BE8314837A86_more.jpg --a--c 27444 bytes [02:05 23/02/2008] [02:05 23/02/2008]
903CB56BA52F42478957BE8314837A86_named_strings.mlsxml --a--c 1598 bytes [02:05 23/02/2008] [02:05 23/02/2008]
906D8ACBEDCF4F9ABA608DE65965F0A9_icon24.png --a--c 3356 bytes [02:06 23/02/2008] [02:06 23/02/2008]
906D8ACBEDCF4F9ABA608DE65965F0A9_icon48.png --a--c 3882 bytes [02:06 23/02/2008] [02:06 23/02/2008]
906D8ACBEDCF4F9ABA608DE65965F0A9_more.jpg --a--c 12896 bytes [02:06 23/02/2008] [02:06 23/02/2008]
90F9407DF16A48EAA743527F2C290774_icon24.png --a--c 1357 bytes [02:05 23/02/2008] [02:05 23/02/2008]
90F9407DF16A48EAA743527F2C290774_icon48.png --a--c 2740 bytes [02:05 23/02/2008] [02:05 23/02/2008]
90F9407DF16A48EAA743527F2C290774_more.jpg --a--c 45116 bytes [02:05 23/02/2008] [02:05 23/02/2008]
90F9407DF16A48EAA743527F2C290774_named_strings.mlsxml --a--c 1670 bytes [02:05 23/02/2008] [02:05 23/02/2008]
95F12167483D466CABC98CAFE4B4FD93_icon24.png -ra--c 4329 bytes [01:22 02/02/2008] [01:22 02/02/2008]
95F12167483D466CABC98CAFE4B4FD93_icon48.png --a--c 6969 bytes [02:05 23/02/2008] [02:05 23/02/2008]
95F12167483D466CABC98CAFE4B4FD93_more.jpg --a--c 46702 bytes [02:05 23/02/2008] [02:05 23/02/2008]
95F12167483D466CABC98CAFE4B4FD93_named_strings.mlsxml --a--c 2213 bytes [02:05 23/02/2008] [02:05 23/02/2008]
962C58B9C93944A28A0B82EF9F85A392_icon24.png --a--c 4358 bytes [02:06 23/02/2008] [02:06 23/02/2008]
962C58B9C93944A28A0B82EF9F85A392_icon48.png --a--c 4435 bytes [02:06 23/02/2008] [02:06 23/02/2008]
962C58B9C93944A28A0B82EF9F85A392_more.jpg --a--c 45883 bytes [02:06 23/02/2008] [02:06 23/02/2008]
97E065B58DB34359BED4D223D737C7E9_icon24.png --a--c 1765 bytes [02:05 23/02/2008] [02:05 23/02/2008]
97E065B58DB34359BED4D223D737C7E9_icon48.png --a--c 4927 bytes [02:05 23/02/2008] [02:05 23/02/2008]
97E065B58DB34359BED4D223D737C7E9_more.jpg --a--c 6262 bytes [02:05 23/02/2008] [02:05 23/02/2008]
99999DACB5D54C46ABDF74397417741F_icon24.png --a--c 1284 bytes [02:06 23/02/2008] [02:05 23/02/2008]
99999DACB5D54C46ABDF74397417741F_icon48.png --a--c 2118 bytes [02:05 23/02/2008] [02:05 23/02/2008]
99999DACB5D54C46ABDF74397417741F_more.jpg --a--c 19877 bytes [02:06 23/02/2008] [02:06 23/02/2008]
9B3841924CC847D7A428DE45431EFC77_icon24.png --a--c 3024 bytes [02:06 23/02/2008] [02:06 23/02/2008]
9B3841924CC847D7A428DE45431EFC77_icon48.png --a--c 3048 bytes [02:06 23/02/2008] [02:06 23/02/2008]
9B3841924CC847D7A428DE45431EFC77_more.jpg --a--c 26640 bytes [02:06 23/02/2008] [02:06 23/02/2008]
9B3841924CC847D7A428DE45431EFC77_named_strings.mlsxml --a--c 7617 bytes [02:06 23/02/2008] [02:06 23/02/2008]
9DD0E9094EA9457586DBCCEF6C641617_icon24.png --a--c 3156 bytes [02:06 23/02/2008] [02:06 23/02/2008]
9DD0E9094EA9457586DBCCEF6C641617_icon48.png --a--c 3379 bytes [02:06 23/02/2008] [02:06 23/02/2008]
9DD0E9094EA9457586DBCCEF6C641617_more.jpg --a--c 7494 bytes [02:06 23/02/2008] [02:06 23/02/2008]
9DD0E9094EA9457586DBCCEF6C641617_named_strings.mlsxml --a--c 842 bytes [02:06 23/02/2008] [02:06 23/02/2008]
A38257F4BDAC4615BBE5E0ACDF608896_icon24.png --a--c 925 bytes [02:06 23/02/2008] [02:06 23/02/2008]
A38257F4BDAC4615BBE5E0ACDF608896_icon48.png --a--c 1406 bytes [02:06 23/02/2008] [02:06 23/02/2008]
A5D98C699A4049D0A43C1136F38B1B07_icon24.png --a--c 1200 bytes [02:06 23/02/2008] [02:06 23/02/2008]
A5D98C699A4049D0A43C1136F38B1B07_icon48.png --a--c 3137 bytes [02:06 23/02/2008] [02:06 23/02/2008]
A5D98C699A4049D0A43C1136F38B1B07_more.jpg --a--c 58216 bytes [02:06 23/02/2008] [02:06 23/02/2008]
A64E72D796E944EBA048AA1312AC2827_icon24.png --a--c 1947 bytes [02:06 23/02/2008] [02:06 23/02/2008]
A64E72D796E944EBA048AA1312AC2827_icon48.png --a--c 6343 bytes [02:06 23/02/2008] [02:06 23/02/2008]
A64E72D796E944EBA048AA1312AC2827_more.jpg --a--c 23231 bytes [02:06 23/02/2008] [02:06 23/02/2008]
ADEECE83278F48DCBD8FF75E21342C35_icon24.png -ra--c 4008 bytes [01:22 02/02/2008] [01:22 02/02/2008]
ADEECE83278F48DCBD8FF75E21342C35_icon48.png --a--c 5733 bytes [02:05 23/02/2008] [02:05 23/02/2008]
ADEECE83278F48DCBD8FF75E21342C35_more.jpg --a--c 56684 bytes [02:05 23/02/2008] [02:05 23/02/2008]
B5403225562D4A258B9F2E4C83852D9F_icon24.png --a--c 1898 bytes [02:06 23/02/2008] [02:06 23/02/2008]
B5403225562D4A258B9F2E4C83852D9F_icon48.png --a--c 5345 bytes [02:06 23/02/2008] [02:06 23/02/2008]
B5403225562D4A258B9F2E4C83852D9F_more.jpg --a--c 38191 bytes [02:06 23/02/2008] [02:06 23/02/2008]
B6699E9B0FC545D88F648101AF84DA49_icon24.png --a--c 3446 bytes [02:06 23/02/2008] [02:06 23/02/2008]
B6699E9B0FC545D88F648101AF84DA49_icon48.png --a--c 5404 bytes [02:06 23/02/2008] [02:06 23/02/2008]
B6699E9B0FC545D88F648101AF84DA49_named_strings.mlsxml --a--c 2326 bytes [02:06 23/02/2008] [02:06 23/02/2008]
B6A7F3A52FFD4934A26DAFDF41C6AC1B_icon24.png --a--c 1571 bytes [02:06 23/02/2008] [02:06 23/02/2008]
B6A7F3A52FFD4934A26DAFDF41C6AC1B_icon48.png --a--c 4385 bytes [02:06 23/02/2008] [02:06 23/02/2008]
B6A7F3A52FFD4934A26DAFDF41C6AC1B_named_strings.mlsxml --a--c 773 bytes [02:06 23/02/2008] [02:06 23/02/2008]
B7AA6314C6724DE38206EA862EF5A90E_icon24.png --a--c 1687 bytes [02:06 23/02/2008] [02:06 23/02/2008]
B7AA6314C6724DE38206EA862EF5A90E_icon48.png --a--c 5792 bytes [02:06 23/02/2008] [02:06 23/02/2008]
B7AA6314C6724DE38206EA862EF5A90E_more.jpg --a--c 11268 bytes [02:06 23/02/2008] [02:06 23/02/2008]
B9206F7A33BA4CE1BED2DE155CB6D812_icon24.png --a--c 1694 bytes [02:06 23/02/2008] [02:06 23/02/2008]
B9206F7A33BA4CE1BED2DE155CB6D812_icon48.png --a--c 4280 bytes [02:06 23/02/2008] [02:06 23/02/2008]
B9206F7A33BA4CE1BED2DE155CB6D812_more.jpg --a--c 4774 bytes [02:06 23/02/2008] [02:06 23/02/2008]
BD8D6FC5009346649E12CAC16EF2C33B_icon24.png --a--c 1794 bytes [02:06 23/02/2008] [02:06 23/02/2008]
BD8D6FC5009346649E12CAC16EF2C33B_icon48.png --a--c 6235 bytes [02:06 23/02/2008] [02:06 23/02/2008]
BD8D6FC5009346649E12CAC16EF2C33B_more.jpg --a--c 12432 bytes [02:06 23/02/2008] [02:06 23/02/2008]
BD8D6FC5009346649E12CAC16EF2C33B_named_strings.mlsxml --a--c 443 bytes [02:06 23/02/2008] [02:06 23/02/2008]
BFE95A1F90BF4D7CBFCBEF696C13FF58_icon48.png --a--c 458 bytes [02:06 23/02/2008] [02:06 23/02/2008]
C248BA0AB16341EE98466B74579F6923_icon24.png --a--c 4488 bytes [02:06 23/02/2008] [02:06 23/02/2008]
C248BA0AB16341EE98466B74579F6923_icon48.png --a--c 8821 bytes [02:06 23/02/2008] [02:06 23/02/2008]
C248BA0AB16341EE98466B74579F6923_more.jpg --a--c 34464 bytes [02:06 23/02/2008] [02:06 23/02/2008]
C2CD97BCD8524DE79DC188FA2460C61A_icon24.png -ra--c 1543 bytes [01:22 02/02/2008] [01:22 02/02/2008]
C528FFB1B9EC473792CF67849E25EDB6_icon24.png --a--c 1413 bytes [02:06 23/02/2008] [02:06 23/02/2008]
C528FFB1B9EC473792CF67849E25EDB6_icon48.png --a--c 3055 bytes [02:06 23/02/2008] [02:06 23/02/2008]
C528FFB1B9EC473792CF67849E25EDB6_more.jpg --a--c 9483 bytes [02:06 23/02/2008] [02:06 23/02/2008]
C665089E09A74A44B11CBE01878E1049_icon24.png --a--c 3888 bytes [02:06 23/02/2008] [02:06 23/02/2008]
C665089E09A74A44B11CBE01878E1049_icon48.png --a--c 3089 bytes [02:06 23/02/2008] [02:06 23/02/2008]
C665089E09A74A44B11CBE01878E1049_more.jpg --a--c 37228 bytes [02:06 23/02/2008] [02:06 23/02/2008]
C764B54920584E4DB6ED22C76181C663_icon24.png --a--c 1857 bytes [02:06 23/02/2008] [02:06 23/02/2008]
C764B54920584E4DB6ED22C76181C663_icon48.png --a--c 6496 bytes [02:06 23/02/2008] [02:06 23/02/2008]
C764B54920584E4DB6ED22C76181C663_more.jpg --a--c 13051 bytes [02:06 23/02/2008] [02:06 23/02/2008]
C862D5FF867E44C7AF42F7D27E77515D_icon24.png --a--c 1152 bytes [02:06 23/02/2008] [02:06 23/02/2008]
C862D5FF867E44C7AF42F7D27E77515D_icon48.png --a--c 2394 bytes [02:06 23/02/2008] [02:06 23/02/2008]
CBBF3DD80BDE4A29A723BE906CAFF33B_icon24.png --a--c 1215 bytes [02:06 23/02/2008] [02:06 23/02/2008]
CBBF3DD80BDE4A29A723BE906CAFF33B_icon48.png --a--c 2680 bytes [02:06 23/02/2008] [02:06 23/02/2008]
CBBF3DD80BDE4A29A723BE906CAFF33B_more.jpg --a--c 5561 bytes [02:06 23/02/2008] [02:06 23/02/2008]
CED7EA9B9D5D4C368001CEC627017007_icon24.png --a--c 1802 bytes [02:05 23/02/2008] [02:05 23/02/2008]
CED7EA9B9D5D4C368001CEC627017007_icon48.png --a--c 3716 bytes [02:05 23/02/2008] [02:05 23/02/2008]
CED7EA9B9D5D4C368001CEC627017007_more.jpg --a--c 52374 bytes [02:05 23/02/2008] [02:05 23/02/2008]
D3987B641C134048B815DB578D607F42_icon24.png --a--c 1462 bytes [02:06 23/02/2008] [02:06 23/02/2008]
D3987B641C134048B815DB578D607F42_icon48.png --a--c 4221 bytes [02:06 23/02/2008] [02:06 23/02/2008]
D3987B641C134048B815DB578D607F42_more.jpg --a--c 7021 bytes [02:06 23/02/2008] [02:06 23/02/2008]
D804062847E141ACAE576A54264242C7_icon24.png --a--c 1034 bytes [02:06 23/02/2008] [02:06 23/02/2008]
D804062847E141ACAE576A54264242C7_icon48.png --a--c 2737 bytes [02:06 23/02/2008] [02:06 23/02/2008]
D804062847E141ACAE576A54264242C7_more.jpg --a--c 21547 bytes [02:06 23/02/2008] [02:06 23/02/2008]
D804062847E141ACAE576A54264242C7_named_strings.mlsxml --a--c 157 bytes [02:06 23/02/2008] [02:06 23/02/2008]
D9DE1C0C0B674A588218C5698E2193D3_icon24.png --a--c 1794 bytes [02:06 23/02/2008] [02:06 23/02/2008]
D9DE1C0C0B674A588218C5698E2193D3_icon48.png --a--c 6235 bytes [02:06 23/02/2008] [02:06 23/02/2008]
D9DE1C0C0B674A588218C5698E2193D3_more.jpg --a--c 10013 bytes [02:06 23/02/2008] [02:06 23/02/2008]
D9DE1C0C0B674A588218C5698E2193D3_named_strings.mlsxml --a--c 417 bytes [02:06 23/02/2008] [02:06 23/02/2008]
DDEB1C5957CB432E8BA823B6D3B25E0D_icon24.png --a--c 799 bytes [02:05 23/02/2008] [02:05 23/02/2008]
DDEB1C5957CB432E8BA823B6D3B25E0D_icon48.png --a--c 1399 bytes [02:05 23/02/2008] [02:05 23/02/2008]
DDEB1C5957CB432E8BA823B6D3B25E0D_more.jpg --a--c 18366 bytes [02:05 23/02/2008] [02:05 23/02/2008]
E0EC36FFC2E841ECBB16385CBF6D932D_icon24.png --a--c 518 bytes [02:06 23/02/2008] [02:06 23/02/2008]
E0EC36FFC2E841ECBB16385CBF6D932D_icon48.png --a--c 1138 bytes [02:06 23/02/2008] [02:06 23/02/2008]
E0EC36FFC2E841ECBB16385CBF6D932D_more.jpg --a--c 23117 bytes [02:06 23/02/2008] [02:06 23/02/2008]
E12C95FCBD1240FEAE314D89676CA6F8_icon24.png --a--c 1297 bytes [02:05 23/02/2008] [02:05 23/02/2008]
E12C95FCBD1240FEAE314D89676CA6F8_icon48.png --a--c 4211 bytes [02:05 23/02/2008] [02:05 23/02/2008]
E12C95FCBD1240FEAE314D89676CA6F8_more.jpg --a--c 38053 bytes [02:05 23/02/2008] [02:05 23/02/2008]
E12C95FCBD1240FEAE314D89676CA6F8_named_strings.mlsxml --a--c 1893 bytes [02:05 23/02/2008] [02:05 23/02/2008]
E1667E89D6F2409287165EA4D8F06DC4_icon24.png --a--c 4403 bytes [02:06 23/02/2008] [02:06 23/02/2008]
E1667E89D6F2409287165EA4D8F06DC4_icon48.png --a--c 9808 bytes [02:06 23/02/2008] [02:06 23/02/2008]
E1667E89D6F2409287165EA4D8F06DC4_more.jpg --a--c 33971 bytes [02:06 23/02/2008] [02:06 23/02/2008]
E1C4A63D24CE4ADC87D41DBEC1B27380_icon24.png --a--c 549 bytes [02:06 23/02/2008] [02:06 23/02/2008]
E1C4A63D24CE4ADC87D41DBEC1B27380_icon48.png --a--c 1185 bytes [02:06 23/02/2008] [02:06 23/02/2008]
E1C4A63D24CE4ADC87D41DBEC1B27380_more.jpg --a--c 11007 bytes [02:06 23/02/2008] [02:06 23/02/2008]
E6EC567C64B94F07A1A0826808B80B28_icon24.png --a--c 1305 bytes [02:06 23/02/2008] [02:06 23/02/2008]
E6EC567C64B94F07A1A0826808B80B28_icon48.png --a--c 3626 bytes [02:06 23/02/2008] [02:06 23/02/2008]
EB88264BC73E4BA0995109CEAF506A5F_icon24.png --a--- 28306 bytes [00:16 01/05/2009] [00:16 01/05/2009]
EB88264BC73E4BA0995109CEAF506A5F_icon48.png --a--- 31177 bytes [00:16 01/05/2009] [00:16 01/05/2009]
EB977B98998D4925929512564A60FED8_icon24.png --a--c 1498 bytes [02:06 23/02/2008] [02:06 23/02/2008]
EB977B98998D4925929512564A60FED8_icon48.png --a--c 3964 bytes [02:06 23/02/2008] [02:06 23/02/2008]
F09C3B9060684346A02C2F528049D062_icon24.png -ra--c 1615 bytes [01:22 02/02/2008] [01:22 02/02/2008]
F09C3B9060684346A02C2F528049D062_icon48.png --a--c 4420 bytes [02:05 23/02/2008] [02:05 23/02/2008]
F09C3B9060684346A02C2F528049D062_more.jpg --a--c 7484 bytes [02:05 23/02/2008] [02:05 23/02/2008]
F1C19BF14C0246F693A175DFB7664EAD_icon24.png --a--c 1284 bytes [02:06 23/02/2008] [02:06 23/02/2008]
F1C19BF14C0246F693A175DFB7664EAD_icon48.png --a--c 4560 bytes [02:06 23/02/2008] [02:06 23/02/2008]
F2B83EECD4CF4910A0260B914BA281BA_icon24.png --a--c 1470 bytes [02:06 23/02/2008] [02:06 23/02/2008]
F2B83EECD4CF4910A0260B914BA281BA_icon48.png --a--c 4655 bytes [02:06 23/02/2008] [02:06 23/02/2008]
F2B83EECD4CF4910A0260B914BA281BA_more.jpg --a--c 28002 bytes [02:06 23/02/2008] [02:06 23/02/2008]
F3053EF74652448F98A5C45703106076_icon24.png --a--c 1181 bytes [02:06 23/02/2008] [02:06 23/02/2008]
F3053EF74652448F98A5C45703106076_icon48.png --a--c 2566 bytes [02:06 23/02/2008] [02:06 23/02/2008]
F3053EF74652448F98A5C45703106076_more.jpg --a--c 7247 bytes [02:06 23/02/2008] [02:06 23/02/2008]
F3053EF74652448F98A5C45703106076_named_strings.mlsxml --a--c 336 bytes [02:06 23/02/2008] [02:06 23/02/2008]
F35E193DC3E84933B83DE961D9AC33BF_icon24.png --a--c 1992 bytes [02:05 23/02/2008] [02:06 23/02/2008]
F35E193DC3E84933B83DE961D9AC33BF_icon48.png --a--c 5368 bytes [02:05 23/02/2008] [02:06 23/02/2008]
F35E193DC3E84933B83DE961D9AC33BF_more.jpg --a--c 11205 bytes [02:05 23/02/2008] [02:06 23/02/2008]
F35E193DC3E84933B83DE961D9AC33BF_named_strings.mlsxml --a--c 5722 bytes [02:05 23/02/2008] [02:06 23/02/2008]
F6978F4ED0EB4A2B957D08E37B29E951_icon24.png --a--c 4143 bytes [02:06 23/02/2008] [02:06 23/02/2008]
F6978F4ED0EB4A2B957D08E37B29E951_icon48.png --a--c 6612 bytes [02:06 23/02/2008] [02:06 23/02/2008]
F6978F4ED0EB4A2B957D08E37B29E951_more.jpg --a--c 18684 bytes [02:06 23/02/2008] [02:06 23/02/2008]
FE8E23D36D8A4E3AA10BB1FBB58E9876_icon24.png --a--- 917 bytes [00:16 01/05/2009] [00:16 01/05/2009]
FE8E23D36D8A4E3AA10BB1FBB58E9876_icon48.png --a--- 2868 bytes [00:16 01/05/2009] [00:16 01/05/2009]
FE8E23D36D8A4E3AA10BB1FBB58E9876_more.jpg --a--- 16678 bytes [00:16 01/05/2009] [00:16 01/05/2009]
FE8E23D36D8A4E3AA10BB1FBB58E9876_named_strings.mlsxml --a--- 628 bytes [00:16 01/05/2009] [00:16 01/05/2009]
FF343C082C7E44418B47411DCB57438D_icon24.png --a--c 1337 bytes [02:05 23/02/2008] [02:05 23/02/2008]
FF343C082C7E44418B47411DCB57438D_icon48.png --a--c 3522 bytes [02:05 23/02/2008] [02:05 23/02/2008]
FF343C082C7E44418B47411DCB57438D_more.jpg --a--c 5343 bytes [02:05 23/02/2008] [02:05 23/02/2008]
~Please do not delete files from this folder -ra--c 0 bytes [01:22 02/02/2008] [01:22 02/02/2008]

C:\Documents and Settings\All Users\Application Data\Skype\Plugins\Local Cache\Categories d----- [04:01 22/02/2008]
Business.png -ra--c 753 bytes [01:22 02/02/2008] [01:22 02/02/2008]
Collaboration.png -ra--c 1499 bytes [01:22 02/02/2008] [01:22 02/02/2008]
Community.png -ra--c 1199 bytes [01:22 02/02/2008] [01:22 02/02/2008]
Expression.png -ra--c 866 bytes [01:22 02/02/2008] [01:22 02/02/2008]
Featured.png -ra--c 1400 bytes [01:22 02/02/2008] [01:22 02/02/2008]
GameChannel.png -ra--c 1301 bytes [01:22 02/02/2008] [01:22 02/02/2008]
GreetingCards.png -ra--c 4086 bytes [01:22 02/02/2008] [01:22 02/02/2008]
Manage.png -ra--c 1426 bytes [01:22 02/02/2008] [01:22 02/02/2008]
MostPopular.png -ra--c 1240 bytes [01:22 02/02/2008] [01:22 02/02/2008]
Movies.png -ra--c 1038 bytes [01:22 02/02/2008] [01:22 02/02/2008]
MyPlugins.png -ra--c 1468 bytes [01:22 02/02/2008] [01:22 02/02/2008]
New.png -ra--c 1060 bytes [01:22 02/02/2008] [01:22 02/02/2008]
Productivity.png -ra--c 1273 bytes [01:22 02/02/2008] [01:22 02/02/2008]
RemoteAccess.png -ra--c 1137 bytes [01:22 02/02/2008] [01:22 02/02/2008]
Utilities.png -ra--c 1653 bytes [01:22 02/02/2008] [01:22 02/02/2008]

C:\Documents and Settings\All Users\Application Data\Skype\Plugins\Plugins d----- [04:01 22/02/2008]

C:\Documents and Settings\All Users\Application Data\Skype\Plugins\Plugins\F57B48ADF2224F088EDD1A2B9BAD84E8 d----- [04:01 22/02/2008]
collection.ini --a--c 357 bytes [01:22 02/02/2008] [01:22 02/02/2008]
Game List.swf --a--- 22274 bytes [21:39 21/04/2009] [21:39 21/04/2009]
Handler.png --a--c 3137 bytes [01:22 02/02/2008] [01:22 02/02/2008]
HandlerInfo.dat --a--c 66 bytes [01:22 02/02/2008] [01:22 02/02/2008]
icon24.png --a--c 1301 bytes [01:22 02/02/2008] [01:22 02/02/2008]
icon48.png --a--c 3755 bytes [01:22 02/02/2008] [01:22 02/02/2008]
Local.png --a--c 3769 bytes [01:22 02/02/2008] [01:22 02/02/2008]
named_strings.mlsxml --a--- 8168 bytes [21:39 21/04/2009] [21:39 21/04/2009]
PickGame.htm --a--- 1808 bytes [21:39 21/04/2009] [21:39 21/04/2009]
pxml.xml --a--c 104380 bytes [01:22 02/02/2008] [00:15 01/05/2009]

C:\Documents and Settings\All Users\Application Data\Skype\Plugins\Plugins\F57B48ADF2224F088EDD1A2B9BAD84E8\Games d----- [02:05 23/02/2008]

C:\Documents and Settings\All Users\Application Data\Skype\Plugins\Plugins\F57B48ADF2224F088EDD1A2B9BAD84E8\Local Cache d----- [04:01 22/02/2008]
01E408B224F44A85B5C58CEAFA619E53_icon24.png --a--c 4402 bytes [02:05 23/02/2008] [02:05 23/02/2008]
01E408B224F44A85B5C58CEAFA619E53_icon48.png --a--c 7430 bytes [02:05 23/02/2008] [02:05 23/02/2008]
01E408B224F44A85B5C58CEAFA619E53_named_strings.mlsxml --a--c 2313 bytes [02:05 23/02/2008] [02:05 23/02/2008]
01E408B224F44A85B5C58CEAFA619E53_thumb135x80.jpg --a--c 34901 bytes [02:05 23/02/2008] [02:05 23/02/2008]
0827725D5A0C415AB3B72E8ECA712134_icon24.png --a--c 3179 bytes [02:05 23/02/2008] [02:05 23/02/2008]
0827725D5A0C415AB3B72E8ECA712134_icon48.png --a--c 8804 bytes [02:05 23/02/2008] [02:05 23/02/2008]
0827725D5A0C415AB3B72E8ECA712134_thumb135x80.jpg --a--c 31408 bytes [02:05 23/02/2008] [02:05 23/02/2008]
0C99AA2DA06E4F6BA61B15297AA0DBEF_icon24.png --a--c 4288 bytes [02:05 23/02/2008] [02:05 23/02/2008]
0C99AA2DA06E4F6BA61B15297AA0DBEF_icon48.png --a--c 7871 bytes [02:05 23/02/2008] [02:05 23/02/2008]
0C99AA2DA06E4F6BA61B15297AA0DBEF_thumb135x80.jpg --a--c 32822 bytes [02:05 23/02/2008] [02:05 23/02/2008]
164368FE9051439A8E8FB3FE5730FC7C_icon24.png --a--c 4672 bytes [02:05 23/02/2008] [02:05 23/02/2008]
164368FE9051439A8E8FB3FE5730FC7C_icon48.png --a--c 8496 bytes [02:05 23/02/2008] [02:05 23/02/2008]
164368FE9051439A8E8FB3FE5730FC7C_named_strings.mlsxml --a--c 2656 bytes [02:05 23/02/2008] [02:05 23/02/2008]
164368FE9051439A8E8FB3FE5730FC7C_thumb135x80.jpg --a--c 33783 bytes [02:05 23/02/2008] [02:05 23/02/2008]
2E06D5039B734EE8A1244F34184BD499_icon24.png --a--c 4091 bytes [02:05 23/02/2008] [02:05 23/02/2008]
2E06D5039B734EE8A1244F34184BD499_icon48.png --a--c 8235 bytes [02:05 23/02/2008] [02:05 23/02/2008]
2E06D5039B734EE8A1244F34184BD499_named_strings.mlsxml --a--c 2822 bytes [02:05 23/02/2008] [02:05 23/02/2008]
2E06D5039B734EE8A1244F34184BD499_thumb135x80.jpg --a--c 34394 bytes [02:05 23/02/2008] [02:05 23/02/2008]
4136746E049B4E648BAE5299828AAC2B_icon48.png --a--c 3269 bytes [02:05 23/02/2008] [02:05 23/02/2008]
4136746E049B4E648BAE5299828AAC2B_thumb135x80.jpg --a--c 8638 bytes [02:05 23/02/2008] [02:05 23/02/2008]
454EB22F4CF24AD0B14FBA4A4C21E879_icon24.png --a--c 3470 bytes [02:05 23/02/2008] [02:05 23/02/2008]
454EB22F4CF24AD0B14FBA4A4C21E879_icon48.png --a--c 6833 bytes [02:05 23/02/2008] [02:05 23/02/2008]
454EB22F4CF24AD0B14FBA4A4C21E879_thumb135x80.jpg --a--c 33241 bytes [02:05 23/02/2008] [02:05 23/02/2008]
4C89916128C54976B7A80B10F3C19137_icon24.png --a--c 4510 bytes [02:05 23/02/2008] [02:05 23/02/2008]
4C89916128C54976B7A80B10F3C19137_icon48.png --a--c 8079 bytes [02:05 23/02/2008] [02:05 23/02/2008]
4C89916128C54976B7A80B10F3C19137_thumb135x80.jpg --a--c 33847 bytes [02:05 23/02/2008] [02:05 23/02/2008]
5823ABD88F47457C9D2BF864D89C5FBC_icon24.png --a--c 4327 bytes [02:05 23/02/2008] [02:05 23/02/2008]
5823ABD88F47457C9D2BF864D89C5FBC_icon48.png --a--c 7812 bytes [02:05 23/02/2008] [02:05 23/02/2008]
5823ABD88F47457C9D2BF864D89C5FBC_thumb135x80.jpg --a--c 32268 bytes [02:05 23/02/2008] [02:05 23/02/2008]
6BD422D51C4342F2B6B8AB37C42AA17B_icon24.png --a--c 4668 bytes [02:05 23/02/2008] [02:05 23/02/2008]
6BD422D51C4342F2B6B8AB37C42AA17B_icon48.png --a--c 7348 bytes [02:05 23/02/2008] [02:05 23/02/2008]
6BD422D51C4342F2B6B8AB37C42AA17B_named_strings.mlsxml --a--c 2143 bytes [02:05 23/02/2008] [02:05 23/02/2008]
6BD422D51C4342F2B6B8AB37C42AA17B_thumb135x80.jpg --a--c 31397 bytes [02:05 23/02/2008] [02:05 23/02/2008]
7FF10FD1D9E1467181402A0155363CB2_icon24.png --a--c 1833 bytes [01:22 02/02/2008] [02:05 23/02/2008]
7FF10FD1D9E1467181402A0155363CB2_icon48.png --a--c 7563 bytes [02:05 23/02/2008] [02:05 23/02/2008]
7FF10FD1D9E1467181402A0155363CB2_more.jpg --a--c 10139 bytes [02:05 23/02/2008] [02:05 23/02/2008]
7FF10FD1D9E1467181402A0155363CB2_named_strings.mlsxml --a--c 2677 bytes [02:05 23/02/2008] [02:05 23/02/2008]
7FF10FD1D9E1467181402A0155363CB2_thumb135x80.jpg --a--c 30005 bytes [02:05 23/02/2008] [02:05 23/02/2008]
8CA38853EAF74A618812B5185704FA72_icon24.png --a--c 4727 bytes [02:05 23/02/2008] [02:05 23/02/2008]
8CA38853EAF74A618812B5185704FA72_icon48.png --a--c 7547 bytes [02:05 23/02/2008] [02:05 23/02/2008]
8CA38853EAF74A618812B5185704FA72_named_strings.mlsxml --a--c 2632 bytes [02:05 23/02/2008] [02:05 23/02/2008]
8CA38853EAF74A618812B5185704FA72_thumb135x80.jpg --a--c 30590 bytes [02:05 23/02/2008] [02:05 23/02/2008]
8F2BEA1A2B56457AA3182B880C863A52_icon24.png --a--c 4122 bytes [02:05 23/02/2008] [02:05 23/02/2008]
8F2BEA1A2B56457AA3182B880C863A52_icon48.png --a--c 8409 bytes [02:05 23/02/2008] [02:05 23/02/2008]
8F2BEA1A2B56457AA3182B880C863A52_thumb135x80.jpg --a--c 5201 bytes [02:05 23/02/2008] [02:05 23/02/2008]
91B6FD143522487DBC07A35DE803C671_icon24.png --a--c 4256 bytes [02:05 23/02/2008] [02:05 23/02/2008]
91B6FD143522487DBC07A35DE803C671_icon48.png --a--c 7323 bytes [02:05 23/02/2008] [02:05 23/02/2008]
91B6FD143522487DBC07A35DE803C671_more.jpg --a--c 11355 bytes [02:05 23/02/2008] [02:05 23/02/2008]
91B6FD143522487DBC07A35DE803C671_thumb135x80.jpg --a--c 3866 bytes [02:05 23/02/2008] [02:05 23/02/2008]
ABC0C93967AD43098E0382FD5EA9DFE1_icon24.png --a--c 4522 bytes [02:05 23/02/2008] [02:05 23/02/2008]
ABC0C93967AD43098E0382FD5EA9DFE1_icon48.png --a--c 7509 bytes [02:05 23/02/2008] [02:05 23/02/2008]
ABC0C93967AD43098E0382FD5EA9DFE1_named_strings.mlsxml --a--c 2598 bytes [02:05 23/02/2008] [02:05 23/02/2008]
ABC0C93967AD43098E0382FD5EA9DFE1_thumb135x80.jpg --a--c 31236 bytes [02:05 23/02/2008] [02:05 23/02/2008]
B5362B0B24E14E6B8A330041B208FF78_icon24.png --a--c 4056 bytes [02:05 23/02/2008] [02:05 23/02/2008]
B5362B0B24E14E6B8A330041B208FF78_icon48.png --a--c 4660 bytes [02:05 23/02/2008] [02:05 23/02/2008]
B5362B0B24E14E6B8A330041B208FF78_more.jpg --a--c 12267 bytes [02:05 23/02/2008] [02:05 23/02/2008]
B5362B0B24E14E6B8A330041B208FF78_thumb135x80.jpg --a--c 19056 bytes [02:05 23/02/2008] [02:05 23/02/2008]
C5094D21049946CC8CCB397AAB28817A_icon24.png --a--c 4320 bytes [02:05 23/02/2008] [02:05 23/02/2008]
C5094D21049946CC8CCB397AAB28817A_icon48.png --a--c 6545 bytes [02:05 23/02/2008] [02:05 23/02/2008]
C5094D21049946CC8CCB397AAB28817A_named_strings.mlsxml --a--c 2214 bytes [02:05 23/02/2008] [02:05 23/02/2008]
C5094D21049946CC8CCB397AAB28817A_thumb135x80.jpg --a--c 28863 bytes [02:05 23/02/2008] [02:05 23/02/2008]
C7D94334204347AEBB0F776ED21C7F29_icon24.png --a--c 4668 bytes [02:05 23/02/2008] [02:05 23/02/2008]
C7D94334204347AEBB0F776ED21C7F29_icon48.png --a--c 7434 bytes [02:05 23/02/2008] [02:05 23/02/2008]
C7D94334204347AEBB0F776ED21C7F29_named_strings.mlsxml --a--c 2162 bytes [02:05 23/02/2008] [02:05 23/02/2008]
C7D94334204347AEBB0F776ED21C7F29_thumb135x80.jpg --a--c 31190 bytes [02:05 23/02/2008] [02:05 23/02/2008]
CA2E420582B3484EA454CB5E7A1C8892_icon24.png --a--c 4125 bytes [01:22 02/02/2008] [02:05 23/02/2008]
CA2E420582B3484EA454CB5E7A1C8892_icon48.png --a--c 7192 bytes [02:05 23/02/2008] [02:05 23/02/2008]
CA2E420582B3484EA454CB5E7A1C8892_more.jpg --a--c 41857 bytes [02:05 23/02/2008] [02:05 23/02/2008]
CA2E420582B3484EA454CB5E7A1C8892_thumb135x80.jpg --a--c 34917 bytes [02:05 23/02/2008] [02:05 23/02/2008]
CE6B3C1D64654E4B8331A1CB0ED028AD_icon24.png --a--c 1603 bytes [02:05 23/02/2008] [02:05 23/02/2008]
CE6B3C1D64654E4B8331A1CB0ED028AD_icon48.png --a--c 3670 bytes [02:05 23/02/2008] [02:05 23/02/2008]
CE6B3C1D64654E4B8331A1CB0ED028AD_more.jpg --a--c 30701 bytes [02:05 23/02/2008] [02:05 23/02/2008]
CE6B3C1D64654E4B8331A1CB0ED028AD_thumb135x80.jpg --a--c 10774 bytes [02:05 23/02/2008] [02:05 23/02/2008]
D8F6378E7EE742B9A38730ECE6FA7CCA_icon24.png --a--c 4112 bytes [02:05 23/02/2008] [02:05 23/02/2008]
D8F6378E7EE742B9A38730ECE6FA7CCA_icon48.png --a--c 7627 bytes [02:05 23/02/2008] [02:05 23/02/2008]
D8F6378E7EE742B9A38730ECE6FA7CCA_thumb135x80.jpg --a--c 28555 bytes [02:05 23/02/2008] [02:05 23/02/2008]
DE3FAACAE2834545AADAAE424244F5D8_icon24.png --a--c 4652 bytes [02:05 23/02/2008] [02:05 23/02/2008]
DE3FAACAE2834545AADAAE424244F5D8_icon48.png --a--c 8654 bytes [02:05 23/02/2008] [02:05 23/02/2008]
DE3FAACAE2834545AADAAE424244F5D8_named_strings.mlsxml --a--c 2229 bytes [02:05 23/02/2008] [02:05 23/02/2008]
DE3FAACAE2834545AADAAE424244F5D8_thumb135x80.jpg --a--c 32412 bytes [02:05 23/02/2008] [02:05 23/02/2008]
EB659AD2FCC647F38E82982293E1663C_icon24.png --a--c 4708 bytes [19:38 02/03/2008] [19:38 02/03/2008]
EB659AD2FCC647F38E82982293E1663C_icon48.png --a--c 9814 bytes [19:38 02/03/2008] [19:38 02/03/2008]
EB659AD2FCC647F38E82982293E1663C_named_strings.mlsxml --a--c 2634 bytes [19:38 02/03/2008] [19:38 02/03/2008]
EB659AD2FCC647F38E82982293E1663C_thumb135x80.jpg --a--c 33292 bytes [19:38 02/03/2008] [19:38 02/03/2008]
EF40E569ACCA4FA3A41083BA475C2102_icon24.png --a--c 1660 bytes [01:22 02/02/2008] [02:05 23/02/2008]
EF40E569ACCA4FA3A41083BA475C2102_icon48.png --a--c 8594 bytes [02:05 23/02/2008] [02:05 23/02/2008]
EF40E569ACCA4FA3A41083BA475C2102_more.jpg --a--c 10216 bytes [02:05 23/02/2008] [02:05 23/02/2008]
EF40E569ACCA4FA3A41083BA475C2102_named_strings.mlsxml --a--c 2560 bytes [02:05 23/02/2008] [02:05 23/02/2008]
EF40E569ACCA4FA3A41083BA475C2102_thumb135x80.jpg --a--c 33034 bytes [02:05 23/02/2008] [02:05 23/02/2008]
F9C6228EE2884EB0B722ECBB9296FA74_icon24.png --a--c 4243 bytes [02:05 23/02/2008] [02:05 23/02/2008]
F9C6228EE2884EB0B722ECBB9296FA74_icon48.png --a--c 8193 bytes [02:05 23/02/2008] [02:05 23/02/2008]
F9C6228EE2884EB0B722ECBB9296FA74_thumb135x80.jpg --a--c 29957 bytes [02:05 23/02/2008] [02:05 23/02/2008]
~Please do not delete files from this folder --a--c 0 bytes [01:22 02/02/2008] [01:22 02/02/2008]

C:\Documents and Settings\All Users\Application Data\Skype\{24D753CA-6AE9-4E30-8F5F-EFC93E08BF3D} d----- [03:45 30/04/2009]
Skype.msi --a--- 19132928 bytes [03:45 30/04/2009] [03:45 30/04/2009]

C:\Documents and Settings\All Users\Application Data\Skype\{5C82DAE5-6EB0-4374-9254-BE3319BA4E82} d----- [04:00 22/02/2008]
Skype.msi --a--c 17916928 bytes [04:00 22/02/2008] [04:00 22/02/2008]

C:\Documents and Settings\All Users\Application Data\TEMP d-a--- [22:50 05/06/2008]

C:\Documents and Settings\All Users\Application Data\Ulead Systems d----- [20:15 01/01/2007]
ULEAD32.INI --a--c 98 bytes [20:15 01/01/2007] [05:56 19/01/2007]

C:\Documents and Settings\All Users\Application Data\Viewpoint d----- [02:31 02/05/2007]

C:\Documents and Settings\All Users\Application Data\Viewpoint\AxMetaStream_Win d----- [02:31 02/05/2007]

C:\Documents and Settings\All Users\Application Data\Windows Genuine Advantage d----- [21:50 29/06/2006]

C:\Documents and Settings\All Users\Application Data\Windows Genuine Advantage\data d----- [21:50 29/06/2006]
data.dat --a--- 3066 bytes [21:50 29/06/2006] [21:50 29/06/2006]

C:\Documents and Settings\All Users\Application Data\Zoom Player d----- [02:58 17/05/2009]
bgdvd.bmp --a--- 589878 bytes [16:42 30/07/2008] [16:42 30/07/2008]
bgmedia.bmp --a--- 589878 bytes [14:29 28/07/2008] [14:29 28/07/2008]
default.zpl --a--- 158 bytes [03:01 17/05/2009] [03:24 17/05/2009]
zplayer.eq --a--- 752 bytes [13:16 25/08/2008] [13:16 25/08/2008]
zplayer.zdf --a--- 3628 bytes [22:08 13/04/2005] [22:08 13/04/2005]

C:\Documents and Settings\All Users\Application Data\Zoom Player\DVDAutoGraph d----- [02:59 17/05/2009]
AC3Filter.audiodecoder --a--- 123 bytes [06:18 03/03/2003] [06:18 03/03/2003]
AC3Filter.filterdata --a--- 122 bytes [21:00 25/06/2004] [21:00 25/06/2004]
ATI OEM PowerDVD.audiodecoder --a--- 133 bytes [22:36 10/06/2003] [22:36 10/06/2003]
ATI OEM PowerDVD.videodecoder --a--- 206 bytes [22:36 10/06/2003] [22:36 10/06/2003]
CL Audio Decoder (Roxio).audiodecoder --a--- 133 bytes [02:36 18/12/2003] [02:36 18/12/2003]
CL Video Decoder (Roxio).videodecoder --a--- 206 bytes [02:36 18/12/2003] [02:36 18/12/2003]
Convolver Wrapper DMO.filterdata --a--- 192 bytes [10:09 04/03/2008] [10:09 04/03/2008]
Convolver Wrapper.filterdata --a--- 143 bytes [10:10 04/03/2008] [10:10 04/03/2008]
Cyberlink Audio Effect.filterdata --a--- 145 bytes [08:09 11/11/2004] [08:09 11/11/2004]
Cyberlink PowerDVD.audiodecoder --a--- 133 bytes [06:10 03/03/2003] [06:10 03/03/2003]
Cyberlink PowerDVD.videodecoder --a--- 206 bytes [06:10 03/03/2003] [06:10 03/03/2003]
Cyberlink PowerDVD6+ TimeStretch.filterdata --a--- 146 bytes [05:35 18/05/2006] [05:35 18/05/2006]
Cyberlink PowerDVD6+.audiodecoder --a--- 133 bytes [08:04 11/11/2004] [08:04 11/11/2004]
Cyberlink PowerDVD6+.videodecoder --a--- 206 bytes [08:04 11/11/2004] [08:04 11/11/2004]
Cyberlink PowerDVD8.audiodecoder --a--- 131 bytes [23:24 30/05/2008] [23:24 30/05/2008]
Cyberlink PowerDVD8.videodecoder --a--- 206 bytes [20:14 28/04/2008] [20:14 28/04/2008]
DELL OEM PowerDVD.audiodecoder --a--- 133 bytes [05:49 11/08/2003] [05:49 11/08/2003]
DELL OEM PowerDVD.videodecoder --a--- 206 bytes [05:49 11/08/2003] [05:49 11/08/2003]
DirectVobSub.filterdata --a--- 125 bytes [06:13 19/06/2003] [06:13 19/06/2003]
DMO_A InterVideo Compander.filterdata --a--- 183 bytes [17:30 19/12/2003] [17:30 19/12/2003]
DMO_A InterVideo Downmix.filterdata --a--- 184 bytes [11:41 27/04/2003] [11:41 27/04/2003]
DMO_A InterVideo DSP.filterdata --a--- 176 bytes [11:43 27/04/2003] [11:43 27/04/2003]
DMO_A InterVideo EXP.filterdata --a--- 176 bytes [11:43 27/04/2003] [11:43 27/04/2003]
DMO_A InterVideo Speaker.filterdata --a--- 184 bytes [17:29 19/12/2003] [17:29 19/12/2003]
DMO_A InterVideo Timestretch.filterdata --a--- 192 bytes [11:43 27/04/2003] [11:43 27/04/2003]
DMO_A TruSurround XT Encoder.filterdata --a--- 186 bytes [17:31 19/12/2003] [17:31 19/12/2003]
DMO_V InterVideo Abstract.filterdata --a--- 183 bytes [17:31 19/12/2003] [17:31 19/12/2003]
DMO_V InterVideo MovieEffect.filterdata --a--- 186 bytes [17:34 19/12/2003] [17:34 19/12/2003]
DMO_V InterVideo Negative.filterdata --a--- 182 bytes [17:32 19/12/2003] [17:32 19/12/2003]
DMO_V InterVideo Refine.filterdata --a--- 180 bytes [17:32 19/12/2003] [17:32 19/12/2003]
DMO_V InterVideo Sharpness.filterdata --a--- 185 bytes [17:32 19/12/2003] [17:32 19/12/2003]
DMO_V InterVideo Vintage.filterdata --a--- 182 bytes [17:32 19/12/2003] [17:32 19/12/2003]
DMO_V Movie Effector.filterdata --a--- 177 bytes [17:33 19/12/2003] [17:33 19/12/2003]
DMO_V Sharp3DConversion.filterdata --a--- 153 bytes [17:28 19/12/2003] [17:28 19/12/2003]
DMO_V Smart Stretch.filterdata --a--- 149 bytes [17:25 19/12/2003] [17:25 19/12/2003]
DScaler (No CSS).audiodecoder --a--- 148 bytes [19:55 24/07/2004] [19:55 24/07/2004]
DScaler (No CSS).videodecoder --a--- 187 bytes [19:54 24/07/2004] [19:54 24/07/2004]
Elecard (No CSS).videodecoder --a--- 184 bytes [19:55 26/01/2004] [19:55 26/01/2004]
Elecard (No CSS, No Sub).videodecoder --a--- 172 bytes [19:26 26/01/2004] [19:26 26/01/2004]
Elecard v3+ (No CSS, No Sub).videodecoder --a--- 174 bytes [21:42 12/09/2006] [21:42 12/09/2006]
ffdshow Audio Decoder.audiodecoder --a--- 133 bytes [05:11 03/11/2004] [05:11 03/11/2004]
FFDShow Audio Processor.filterdata --a--- 134 bytes [13:36 27/02/2008] [13:36 27/02/2008]
FFDShow RAW Video Processor.filterdata --a--- 138 bytes [11:36 10/09/2004] [11:36 10/09/2004]
FFDShow Video Decoder.videodecoder --a--- 170 bytes [20:07 17/10/2006] [20:07 17/10/2006]
FFDShow Video Processor.filterdata --a--- 134 bytes [06:30 03/03/2003] [06:30 03/03/2003]
GPL DVD (No CSS).videodecoder --a--- 176 bytes [14:27 11/09/2004] [14:27 11/09/2004]
Intervideo WinDVD Audio Processor.filterdata --a--- 146 bytes [10:38 22/04/2003] [10:38 22/04/2003]
Intervideo WinDVD.audiodecoder --a--- 137 bytes [06:11 03/03/2003] [06:11 03/03/2003]
Intervideo WinDVD.videodecoder --a--- 211 bytes [06:12 03/03/2003] [06:12 03/03/2003]
Microsoft.audiodecoder --a--- 150 bytes [13:41 04/11/2007] [13:41 04/11/2007]
Microsoft.videodecoder --a--- 253 bytes [14:50 29/11/2007] [14:50 29/11/2007]
Moonlight Odio (No CSS).audiodecoder --a--- 131 bytes [20:02 12/03/2003] [20:02 12/03/2003]
Nero.audiodecoder --a--- 138 bytes [23:21 25/11/2004] [23:21 25/11/2004]
Nero.videodecoder --a--- 189 bytes [23:17 25/11/2004] [23:17 25/11/2004]
NVIDIA NVDVD v3+.audiodecoder --a--- 151 bytes [22:10 27/05/2004] [22:10 27/05/2004]
NVIDIA NVDVD v3+.videodecoder --a--- 207 bytes [22:10 27/05/2004] [22:10 27/05/2004]
NVIDIA NVDVD.audiodecoder --a--- 151 bytes [06:12 03/03/2003] [06:12 03/03/2003]
NVIDIA NVDVD.videodecoder --a--- 207 bytes [06:12 03/03/2003] [06:12 03/03/2003]
NVIDIA Video Post Processor.filterdata --a--- 112 bytes [08:41 07/12/2003] [08:41 07/12/2003]
OpenSource DVD.videodecoder --a--- 180 bytes [09:14 12/12/2004] [09:14 12/12/2004]
Overlay Mixer.filterdata --a--- 105 bytes [21:04 12/11/2003] [21:04 12/11/2003]
Ravisent CineMaster.audiodecoder --a--- 173 bytes [06:13 03/03/2003] [06:13 03/03/2003]
Ravisent CineMaster.videodecoder --a--- 218 bytes [06:13 03/03/2003] [06:13 03/03/2003]
Sigma Designs XCard NoSub.videodecoder --a--- 204 bytes [07:50 23/11/2003] [07:50 23/11/2003]
Sigma Designs XCard.videodecoder --a--- 213 bytes [06:19 29/10/2003] [06:19 29/10/2003]
SoftDVD.audiodecoder --a--- 133 bytes [00:21 29/01/2004] [00:21 29/01/2004]
SoftDVD.videodecoder --a--- 302 bytes [00:36 29/01/2004] [00:36 29/01/2004]
Sonic CineMaster 2.2+.videodecoder --a--- 212 bytes [10:55 02/01/2005] [10:55 02/01/2005]
Sonic CineMaster.audiodecoder --a--- 166 bytes [06:13 03/03/2003] [06:13 03/03/2003]
Sonic CineMaster.videodecoder --a--- 211 bytes [06:13 03/03/2003] [06:13 03/03/2003]
Spdifer (Direct Digital Out).audiodecoder --a--- 119 bytes [10:25 05/11/2007] [10:25 05/11/2007]
TFM Audio Processor.filterdata --a--- 131 bytes [06:30 03/03/2003] [06:30 03/03/2003]
Trombettworks Channel Downmixer.filterdata --a--- 206 bytes [08:37 10/10/2005] [08:37 10/10/2005]
Ulead DVD.audiodecoder --a--- 135 bytes [16:48 03/03/2005] [16:48 03/03/2005]
Ulead DVD.videodecoder --a--- 188 bytes [16:49 03/03/2005] [16:49 03/03/2005]

C:\Documents and Settings\All Users\Application Data\Zoom Player\DVDGraph d----- [02:59 17/05/2009]
-- Sample Graph with Building Notes.dvdgraph --a--- 5554 bytes [12:39 30/12/2002] [12:39 30/12/2002]
-- Unregister all Filters.dvdgraph --a--- 426 bytes [21:23 09/01/2003] [21:23 09/01/2003]
CinePlayer v2.dvdgraph --a--- 835 bytes [20:17 17/05/2002] [20:17 17/05/2002]
CinePlayer v4 for Default DirectSound Device.dvdgraph --a--- 1224 bytes [04:41 08/12/2001] [04:41 08/12/2001]
CinePlayer v4 for Default Waveout Device.dvdgraph --a--- 1216 bytes [01:10 16/12/2001] [01:10 16/12/2001]
CinePlayer v4 for M-Audio SPDIF - Not for Win2K or XP.dvdgraph --a--- 1244 bytes [04:37 08/12/2001] [04:37 08/12/2001]
CinePlayer v4 for Radeon AIW SPDIF Dolby Digital (no DTS).dvdgraph --a--- 1232 bytes [01:53 16/12/2001] [01:53 16/12/2001]
CinePlayer v4 for Ravisent Waveout SPDIF.dvdgraph --a--- 1247 bytes [05:31 03/12/2001] [05:31 03/12/2001]
CinePlayer v4 with CineMaster v2 for Audio.dvdgraph --a--- 999 bytes [21:15 09/01/2003] [21:15 09/01/2003]
CinePlayer v4 with PowerDVD v4 Audio for Default Directsound.dvdgraph --a--- 1158 bytes [16:43 16/05/2002] [16:43 16/05/2002]
CinePlayer v4 with PowerDVD v4 Audio for Default Waveout Device.dvdgraph --a--- 1150 bytes [13:20 18/01/2002] [13:20 18/01/2002]
CinePlayer v4 with PowerDVD v4 Audio for M-Audio SPDIF Not for Win2K or XP.dvdgraph --a--- 1178 bytes [13:20 18/01/2002] [13:20 18/01/2002]
CinePlayer v4 with PowerDVD v4 Audio for Ravisent Waveout SPDIF.dvdgraph --a--- 1181 bytes [13:20 18/01/2002] [13:20 18/01/2002]
CinePlayer v4 with WinDVD Audio for Default DirectSound Device.dvdgraph --a--- 1176 bytes [19:59 21/12/2001] [19:59 21/12/2001]
CinePlayer v4 with WinDVD Audio for Default Waveout Device.dvdgraph --a--- 1168 bytes [01:08 16/12/2001] [01:08 16/12/2001]
CinePlayer v4 with WinDVD Audio for M-Audio SPDIF - Not for Win2K or XP.dvdgraph --a--- 1196 bytes [04:37 08/12/2001] [04:37 08/12/2001]
NVDVD v1 with PowerDVD Audio for Default DirectSound (XP Only).dvdgraph --a--- 760 bytes [03:17 20/07/2002] [03:17 20/07/2002]
PowerDVD v4 for Default DirectSound Device.dvdgraph --a--- 1103 bytes [22:10 09/12/2001] [22:10 09/12/2001]
PowerDVD v4 for Default Waveout Device.dvdgraph --a--- 1098 bytes [16:00 13/01/2002] [16:00 13/01/2002]
PowerDVD v4 for M-Audio SPDIF - Not for Win2K or XP.dvdgraph --a--- 1126 bytes [16:03 13/01/2002] [16:03 13/01/2002]
PowerDVD v4 for Ravisent Waveout SPDIF.dvdgraph --a--- 1122 bytes [16:05 13/01/2002] [16:05 13/01/2002]
PowerDVD v4 with Cineplayer v4 Audio for Default Waveout Device.dvdgraph --a--- 1224 bytes [01:04 16/12/2001] [01:04 16/12/2001]
PowerDVD v4 with Cineplayer v4 Audio for M-Audio SPDIF - Not for Win2K or XP.dvdgraph --a--- 1193 bytes [04:40 08/12/2001] [04:40 08/12/2001]
PowerDVD v4 with Cineplayer v4 Audio for Ravisent Waveout SPDIF.dvdgraph --a--- 1255 bytes [01:18 16/12/2001] [01:18 16/12/2001]
PowerDVD v4 with WinDVD Audio and M-Audio SPDIF out - Not for Win2K or XP.dvdgraph --a--- 1130 bytes [04:38 08/12/2001] [04:38 08/12/2001]
PowerDVD v4 with WinDVD Audio for Default DirectSound Device.dvdgraph --a--- 1109 bytes [05:14 02/12/2001] [05:14 02/12/2001]
PowerDVD v4 with WinDVD Audio for Default Waveout Device.dvdgraph --a--- 1104 bytes [02:28 16/12/2001] [02:28 16/12/2001]
Sonic CineMaster v1.5 for DirectSound.dvdgraph --a--- 1200 bytes [00:02 09/09/2002] [00:02 09/09/2002]
Sonic CineMaster v1.5 for WaveOut.dvdgraph --a--- 1192 bytes [00:02 09/09/2002] [00:02 09/09/2002]
Sonic CineMaster v1.5 with PowerDVD v4 Audio for M-Audio SPDIF Not for Win2K or XP.dvdgraph --a--- 1164 bytes [11:29 26/09/2002] [11:29 26/09/2002]
WinDVD v3 for Default DirectSound Device.dvdgraph --a--- 1187 bytes [04:43 08/12/2001] [04:43 08/12/2001]
WinDVD v3 for Default Waveout Device.dvdgraph --a--- 1179 bytes [01:15 16/12/2001] [01:15 16/12/2001]
WinDVD v3 for M-Audio SPDIF - Not for Win2K or XP.dvdgraph --a--- 1208 bytes [04:40 08/12/2001] [04:40 08/12/2001]
WinDVD v3 with Cineplayer Audio for Default DirectSound Device.dvdgraph --a--- 1169 bytes [04:43 08/12/2001] [04:43 08/12/2001]
WinDVD v3 with Cineplayer Audio for Default Waveout Device.dvdgraph --a--- 1161 bytes [01:13 16/12/2001] [01:13 16/12/2001]
WinDVD v3 with Cineplayer Audio for MAUDIO SPDIF - Not for Win2K or XP.dvdgraph --a--- 1189 bytes [01:29 16/12/2001] [01:29 16/12/2001]
WinDVD v3 with Cineplayer Audio for Ravisent Waveout SPDIF.dvdgraph --a--- 1192 bytes [01:21 16/12/2001] [01:21 16/12/2001]
WinDVD v3 with PowerDVD v4 Audio for Default DirectSound Device.dvdgraph --a--- 1103 bytes [06:23 12/05/2002] [06:23 12/05/2002]
WinDVD VMR9 for Default DirectSound Device.dvdgraph --a--- 1034 bytes [10:18 11/01/2003] [10:18 11/01/2003]

C:\Documents and Settings\All Users\Application Data\Zoom Player\MediaAutoGraph d----- [02:59 17/05/2009]
3IVX.viddecoder --a--- 206 bytes [02:59 17/05/2009] [03:30 17/05/2009]
3IVX.viddecoder.profiles --a--- 246 bytes [17:30 03/07/2006] [17:30 03/07/2006]
AAC Audio.auddecoder --a--- 312 bytes [02:59 17/05/2009] [03:30 17/05/2009]
AAC Audio.auddecoder.profiles --a--- 896 bytes [14:08 23/12/2007] [14:08 23/12/2007]
AAC.splitter.profiles --a--- 310 bytes [04:52 27/03/2007] [04:52 27/03/2007]
AC3.auddecoder --a--- 273 bytes [02:59 17/05/2009] [03:30 17/05/2009]
AC3.auddecoder.profiles --a--- 2185 bytes [12:57 25/08/2008] [12:57 25/08/2008]
ACELP.auddecoder --a--- 153 bytes [02:59 17/05/2009] [03:30 17/05/2009]
ACELP.auddecoder.profiles --a--- 205 bytes [08:08 23/12/2005] [08:08 23/12/2005]
ACM Audio.auddecoder --a--- 326 bytes [02:59 17/05/2009] [03:30 17/05/2009]
ACM Audio.auddecoder.profiles --a--- 356 bytes [17:33 13/05/2007] [17:33 13/05/2007]
AMR.auddecoder --a--- 199 bytes [02:59 17/05/2009] [03:30 17/05/2009]
AMR.auddecoder.profiles --a--- 239 bytes [00:12 03/10/2006] [00:12 03/10/2006]
ASF ACM.auddecoder --a--- 213 bytes [02:59 17/05/2009] [03:30 17/05/2009]
ASF ACM.auddecoder.profiles --a--- 247 bytes [08:08 23/12/2005] [08:08 23/12/2005]
ASF VCM.viddecoder --a--- 206 bytes [02:59 17/05/2009] [03:30 17/05/2009]
ASF VCM.viddecoder.profiles --a--- 240 bytes [08:09 23/12/2005] [08:09 23/12/2005]
AVI Synth.sourcefilter --a--- 100 bytes [02:59 17/05/2009] [03:30 17/05/2009]
AVI Synth.sourcefilter.profiles --a--- 140 bytes [09:51 23/12/2005] [09:51 23/12/2005]
AVI.sourcefilter --a--- 155 bytes [02:59 17/05/2009] [03:30 17/05/2009]
AVI.sourcefilter.profiles --a--- 194 bytes [23:09 24/03/2007] [23:09 24/03/2007]
AVI.splitter --a--- 175 bytes [02:59 17/05/2009] [03:30 17/05/2009]
AVI.splitter.profiles --a--- 317 bytes [17:45 03/07/2006] [17:45 03/07/2006]
CD Audio.sourcefilter.profiles --a--- 849 bytes [12:28 25/08/2008] [12:28 25/08/2008]
DIVX 3.11.viddecoder --a--- 245 bytes [02:59 17/05/2009] [03:30 17/05/2009]
DIVX 3.11.viddecoder.profiles --a--- 1145 bytes [17:31 03/07/2006] [17:31 03/07/2006]
DIVX 5.viddecoder --a--- 325 bytes [02:59 17/05/2009] [03:30 17/05/2009]
DIVX 5.viddecoder.profiles --a--- 1346 bytes [15:59 24/03/2007] [15:59 24/03/2007]
DTS Audio.sourcefilter.profiles --a--- 185 bytes [17:43 03/07/2006] [17:43 03/07/2006]
DTS in Container.auddecoder --a--- 194 bytes [02:59 17/05/2009] [03:30 17/05/2009]
DTS in Container.auddecoder.profiles --a--- 1190 bytes [08:40 12/04/2008] [08:40 12/04/2008]
DTS.auddecoder --a--- 194 bytes [02:59 17/05/2009] [03:30 17/05/2009]
DTS.auddecoder.profiles --a--- 890 bytes [17:34 03/07/2006] [17:34 03/07/2006]
DV.viddecoder --a--- 219 bytes [02:59 17/05/2009] [03:30 17/05/2009]
DV.viddecoder.profiles --a--- 361 bytes [11:53 11/04/2007] [11:53 11/04/2007]
DVR Microsoft.sourcefilter --a--- 102 bytes [02:59 17/05/2009] [03:30 17/05/2009]
DVR Microsoft.sourcefilter.profiles --a--- 151 bytes [17:42 03/07/2006] [17:42 03/07/2006]
EVO.sourcefilter --a--- 106 bytes [02:59 17/05/2009] [03:30 17/05/2009]
EVO.sourcefilter.profiles --a--- 145 bytes [23:09 24/03/2007] [23:09 24/03/2007]
FLAC.auddecoder --a--- 235 bytes [02:59 17/05/2009] [03:30 17/05/2009]
FLAC.auddecoder.profiles --a--- 389 bytes [16:55 18/04/2007] [16:55 18/04/2007]
FLAC.sourcefilter.profiles --a--- 446 bytes [12:36 04/03/2007] [12:36 04/03/2007]
Flash Video.viddecoder --a--- 241 bytes [02:59 17/05/2009] [03:30 17/05/2009]
Flash Video.viddecoder.profiles --a--- 281 bytes [22:53 11/03/2007] [22:53 11/03/2007]
Flash.sourcefilter.profiles --a--- 17 bytes [11:15 16/07/2007] [11:15 16/07/2007]
Flic Video.sourcefilter.profiles --a--- 185 bytes [17:44 03/07/2006] [17:44 03/07/2006]
FLV.sourcefilter --a--- 155 bytes [02:59 17/05/2009] [03:30 17/05/2009]
FLV.sourcefilter.profiles --a--- 194 bytes [17:44 03/07/2006] [17:44 03/07/2006]
FLV.splitter.profiles --a--- 213 bytes [17:45 03/07/2006] [17:45 03/07/2006]
H263.viddecoder --a--- 245 bytes [02:59 17/05/2009] [03:30 17/05/2009]
H263.viddecoder.profiles --a--- 285 bytes [17:30 03/07/2006] [17:30 03/07/2006]
H264.viddecoder --a--- 320 bytes [02:59 17/05/2009] [03:30 17/05/2009]
H264.viddecoder.profiles --a--- 1324 bytes [12:57 25/08/2008] [12:57 25/08/2008]
HuffYUV.viddecoder --a--- 206 bytes [02:59 17/05/2009] [03:30 17/05/2009]
HuffYUV.viddecoder.profiles --a--- 427 bytes [17:30 03/07/2006] [17:30 03/07/2006]
Intel Indeo 5.viddecoder --a--- 146 bytes [02:59 17/05/2009] [03:30 17/05/2009]
Intel Indeo 5.viddecoder.profiles --a--- 191 bytes [08:09 23/12/2005] [08:09 23/12/2005]
LPCM.auddecoder --a--- 141 bytes [02:59 17/05/2009] [03:30 17/05/2009]
LPCM.auddecoder.profiles --a--- 1928 bytes [03:49 18/05/2006] [03:49 18/05/2006]
Matroska.sourcefilter --a--- 164 bytes [02:59 17/05/2009] [03:30 17/05/2009]
Matroska.sourcefilter.profiles --a--- 326 bytes [03:12 31/12/2006] [03:12 31/12/2006]
Matroska.splitter --a--- 185 bytes [03:30 17/05/2009] [03:30 17/05/2009]
Matroska.splitter.profiles --a--- 228 bytes [17:45 03/07/2006] [17:45 03/07/2006]
Microsoft MPEG4.viddecoder --a--- 265 bytes [02:59 17/05/2009] [03:30 17/05/2009]
Microsoft MPEG4.viddecoder.profiles --a--- 417 bytes [21:53 14/11/2006] [21:53 14/11/2006]
MIDI Audio.splitter --a--- 120 bytes [02:59 17/05/2009] [03:30 17/05/2009]
MIDI Audio.splitter.profiles --a--- 150 bytes [08:08 23/12/2005] [08:08 23/12/2005]
Motion JPEG.viddecoder --a--- 245 bytes [02:59 17/05/2009] [03:30 17/05/2009]
Motion JPEG.viddecoder.profiles --a--- 403 bytes [14:12 02/09/2007] [14:12 02/09/2007]
MP3.sourcefilter --a--- 155 bytes [02:59 17/05/2009] [03:30 17/05/2009]
MP3.sourcefilter.profiles --a--- 431 bytes [12:54 26/02/2008] [12:54 26/02/2008]
MP4.sourcefilter --a--- 171 bytes [02:59 17/05/2009] [03:30 17/05/2009]
MP4.sourcefilter.profiles --a--- 580 bytes [12:57 25/08/2008] [12:57 25/08/2008]
MPEG Audio.auddecoder --a--- 152 bytes [02:59 17/05/2009] [03:30 17/05/2009]
MPEG Audio.auddecoder.profiles --a--- 1253 bytes [10:27 29/02/2008] [10:27 29/02/2008]
MPEG Layer-3 Decoder.auddecoder --a--- 140 bytes [02:59 17/05/2009] [03:30 17/05/2009]
MPEG Layer-3 Decoder.auddecoder.profiles --a--- 1108 bytes [18:43 16/08/2008] [18:43 16/08/2008]
MPEG Layer-3.splitter --a--- 256 bytes [02:59 17/05/2009] [03:30 17/05/2009]
MPEG Layer-3.splitter.profiles --a--- 299 bytes [08:08 23/12/2005] [08:08 23/12/2005]
MPEG Video.viddecoder --a--- 138 bytes [02:59 17/05/2009] [03:30 17/05/2009]
MPEG Video.viddecoder.profiles --a--- 539 bytes [21:28 06/04/2006] [21:28 06/04/2006]
MPEG1.splitter --a--- 262 bytes [02:59 17/05/2009] [03:30 17/05/2009]
MPEG1.splitter.profiles --a--- 693 bytes [10:23 29/02/2008] [10:23 29/02/2008]
MPEG2 Audio.auddecoder --a--- 200 bytes [02:59 17/05/2009] [03:30 17/05/2009]
MPEG2 Audio.auddecoder.profiles --a--- 2163 bytes [20:21 23/03/2007] [20:21 23/03/2007]
MPEG2 Program.splitter --a--- 180 bytes [02:59 17/05/2009] [03:30 17/05/2009]
MPEG2 Program.splitter.profiles --a--- 1053 bytes [22:07 11/03/2007] [22:07 11/03/2007]
MPEG2 Transport Video.viddecoder --a--- 230 bytes [02:59 17/05/2009] [03:30 17/05/2009]
MPEG2 Transport Video.viddecoder.profiles --a--- 2294 bytes [11:28 19/06/2008] [11:28 19/06/2008]
MPEG2 Transport.sourcefilter --a--- 227 bytes [02:59 17/05/2009] [03:30 17/05/2009]
MPEG2 Transport.sourcefilter.profiles --a--- 979 bytes [13:01 04/11/2007] [13:01 04/11/2007]
MPEG2 Transport.splitter --a--- 184 bytes [02:59 17/05/2009] [03:30 17/05/2009]
MPEG2 Transport.splitter.profiles --a--- 1107 bytes [17:46 03/07/2006] [17:46 03/07/2006]
MPEG2 Video.viddecoder --a--- 222 bytes [02:59 17/05/2009] [03:30 17/05/2009]
MPEG2 Video.viddecoder.profiles --a--- 2418 bytes [11:28 19/06/2008] [11:28 19/06/2008]
MPEG4 Audio.auddecoder.profiles --a--- 179 bytes [03:50 18/05/2006] [03:50 18/05/2006]
MPEG4 ISO.splitter.profiles --a--- 676 bytes [12:47 25/08/2008] [12:47 25/08/2008]
MPEG4 ISO.viddecoder --a--- 284 bytes [02:59 17/05/2009] [03:30 17/05/2009]
MPEG4 ISO.viddecoder.profiles --a--- 954 bytes [11:42 29/06/2008] [11:42 29/06/2008]
OGG.sourcefilter --a--- 158 bytes [02:59 17/05/2009] [03:30 17/05/2009]
OGG.sourcefilter.profiles --a--- 439 bytes [12:35 04/03/2007] [12:35 04/03/2007]
OGM.sourcefilter --a--- 155 bytes [02:59 17/05/2009] [03:30 17/05/2009]
OGM.sourcefilter.profiles --a--- 317 bytes [12:35 04/03/2007] [12:35 04/03/2007]
OGM.splitter.profiles --a--- 346 bytes [12:34 04/03/2007] [12:34 04/03/2007]
PCM Audio.auddecoder --a--- 170 bytes [02:59 17/05/2009] [03:30 17/05/2009]
PCM Audio.auddecoder.profiles --a--- 316 bytes [10:57 31/08/2008] [10:57 31/08/2008]
QDesign Music 2.auddecoder --a--- 180 bytes [02:59 17/05/2009] [03:30 17/05/2009]
QDesign Music 2.auddecoder.profiles --a--- 350 bytes [11:22 12/07/2008] [11:22 12/07/2008]
QuickTime Generic.auddecoder.profiles --a--- 277 bytes [13:55 27/07/2008] [13:55 27/07/2008]
QuickTime JPEG.viddecoder --a--- 148 bytes [02:59 17/05/2009] [03:30 17/05/2009]
QuickTime JPEG.viddecoder.profiles --a--- 284 bytes [13:58 27/07/2008] [13:58 27/07/2008]
QuickTime.sourcefilter --a--- 167 bytes [02:59 17/05/2009] [03:30 17/05/2009]
QuickTime.sourcefilter.profiles --a--- 450 bytes [13:55 27/07/2008] [13:55 27/07/2008]
QuickTime.viddecoder.profiles --a--- 161 bytes [08:10 23/12/2005] [08:10 23/12/2005]
RAW ARGB32.viddecoder --a--- 141 bytes [02:59 17/05/2009] [03:30 17/05/2009]
RAW ARGB32.viddecoder.profiles --a--- 181 bytes [08:10 23/12/2005] [08:10 23/12/2005]
RAW RGB24.viddecoder --a--- 141 bytes [02:59 17/05/2009] [03:30 17/05/2009]
RAW RGB24.viddecoder.profiles --a--- 181 bytes [08:10 23/12/2005] [08:10 23/12/2005]
RAW RGB32.viddecoder --a--- 141 bytes [02:59 17/05/2009] [03:30 17/05/2009]
RAW RGB32.viddecoder.profiles --a--- 181 bytes [08:10 23/12/2005] [08:10 23/12/2005]
RAW YUV.viddecoder --a--- 175 bytes [02:59 17/05/2009] [03:30 17/05/2009]
RAW YUV.viddecoder.profiles --a--- 210 bytes [08:10 23/12/2005] [08:10 23/12/2005]
Real Audio.auddecoder.profiles --a--- 428 bytes [14:08 23/12/2007] [14:08 23/12/2007]
Real Media.splitter.profiles --a--- 231 bytes [17:46 03/07/2006] [17:46 03/07/2006]
Real Video.viddecoder.profiles --a--- 350 bytes [17:32 03/07/2006] [17:32 03/07/2006]
Shorten.auddecoder.profiles --a--- 127 bytes [17:35 03/07/2006] [17:35 03/07/2006]
Shorten.sourcefilter --a--- 159 bytes [02:59 17/05/2009] [03:30 17/05/2009]
Shorten.sourcefilter.profiles --a--- 198 bytes [17:45 03/07/2006] [17:45 03/07/2006]
Snow.viddecoder --a--- 206 bytes [02:59 17/05/2009] [03:30 17/05/2009]
Snow.viddecoder.profiles --a--- 246 bytes [17:33 03/07/2006] [17:33 03/07/2006]
Sorenson Video.viddecoder --a--- 245 bytes [02:59 17/05/2009] [03:30 17/05/2009]
Sorenson Video.viddecoder.profiles --a--- 422 bytes [17:33 03/07/2006] [17:33 03/07/2006]
Still Image.sourcefilter.profiles --a--- 294 bytes [14:08 18/12/2007] [14:08 18/12/2007]
VCM Backward Compatibility.viddecoder --a--- 364 bytes [02:59 17/05/2009] [03:30 17/05/2009]
VCM Backward Compatibility.viddecoder.profiles --a--- 399 bytes [20:43 09/09/2006] [20:43 09/09/2006]
Vorbis Audio.auddecoder --a--- 210 bytes [02:59 17/05/2009] [03:30 17/05/2009]
Vorbis Audio.auddecoder.profiles --a--- 577 bytes [16:30 13/08/2007] [16:30 13/08/2007]
Vorbis Matroska Audio.auddecoder --a--- 198 bytes [02:59 17/05/2009] [03:30 17/05/2009]
Vorbis Matroska Audio.auddecoder.profiles --a--- 565 bytes [05:24 15/08/2007] [05:24 15/08/2007]
Voxware Metasound.auddecoder.profiles --a--- 132 bytes [04:01 14/12/2003] [04:01 14/12/2003]
VP31.viddecoder --a--- 148 bytes [02:59 17/05/2009] [03:30 17/05/2009]
VP31.viddecoder.profiles --a--- 311 bytes [08:10 23/12/2005] [08:10 23/12/2005]
VP6.viddecoder.profiles --a--- 248 bytes [12:24 04/11/2007] [12:24 04/11/2007]
WAV Audio.sourcefilter --a--- 101 bytes [02:59 17/05/2009] [03:30 17/05/2009]
WAV Audio.sourcefilter.profiles --a--- 257 bytes [08:35 12/04/2008] [08:35 12/04/2008]
Wave Parser.splitter --a--- 128 bytes [02:59 17/05/2009] [03:30 17/05/2009]
Wave Parser.splitter.profiles --a--- 158 bytes [08:36 12/04/2008] [08:36 12/04/2008]
WavPack.auddecoder --a--- 199 bytes [02:59 17/05/2009] [03:30 17/05/2009]
WavPack.auddecoder.profiles --a--- 239 bytes [17:36 03/07/2006] [17:36 03/07/2006]
WavPack.splitter --a--- 189 bytes [02:59 17/05/2009] [03:30 17/05/2009]
WavPack.splitter.profiles --a--- 230 bytes [17:46 03/07/2006] [17:46 03/07/2006]
Windows Media Audio.auddecoder --a--- 257 bytes [02:59 17/05/2009] [03:30 17/05/2009]
Windows Media Audio.auddecoder.profiles --a--- 490 bytes [21:12 08/05/2006] [21:12 08/05/2006]
Windows Media Format.sourcefilter --a--- 101 bytes [02:59 17/05/2009] [03:30 17/05/2009]
Windows Media Format.sourcefilter.profiles --a--- 129 bytes [09:53 23/12/2005] [09:53 23/12/2005]
Windows Media Screen Capture.viddecoder --a--- 143 bytes [02:59 17/05/2009] [03:30 17/05/2009]
Windows Media Screen Capture.viddecoder.profiles --a--- 184 bytes [08:10 23/12/2005] [08:10 23/12/2005]
Windows Media Speech.auddecoder --a--- 141 bytes [02:59 17/05/2009] [03:30 17/05/2009]
Windows Media Speech.auddecoder.profiles --a--- 176 bytes [08:09 23/12/2005] [08:09 23/12/2005]
Windows Media Video.viddecoder --a--- 296 bytes [02:59 17/05/2009] [03:30 17/05/2009]
Windows Media Video.viddecoder.profiles --a--- 446 bytes [14:38 04/04/2008] [14:38 04/04/2008]
XVID.viddecoder --a--- 281 bytes [02:59 17/05/2009] [03:30 17/05/2009]
XVID.viddecoder.profiles --a--- 1009 bytes [07:49 17/10/2007] [07:49 17/10/2007]

C:\Documents and Settings\All Users\Application Data\Zoom Player\MediaGraph d----- [02:59 17/05/2009]
example_avi.mediagraph --a--- 3735 bytes [12:39 30/12/2002] [12:39 30/12/2002]
example_cdaudio_using_cyberlink.mediagraph --a--- 379 bytes [12:18 30/12/2002] [12:18 30/12/2002]
example_jpeg_image.mediagraph --a--- 227 bytes [10:51 20/02/2003] [10:51 20/02/2003]
example_mp3.mediagraph --a--- 778 bytes [07:08 04/01/2002] [07:08 04/01/2002]
example_mpeg2ts_using_windvd.mediagraph --a--- 1518 bytes [09:24 20/04/2003] [09:24 20/04/2003]
example_mpeg2_using_elecard.mediagraph --a--- 1285 bytes [01:47 14/02/2003] [01:47 14/02/2003]
example_mpeg2_using_windvd.mediagraph --a--- 2144 bytes [04:21 04/11/2002] [04:21 04/11/2002]

C:\Documents and Settings\All Users\Application Data\Zoom Player\Skin d----- [02:58 17/05/2009]
skins.tint --a--- 402 bytes [14:45 02/09/2008] [14:45 02/09/2008]

C:\Documents and Settings\All Users\Application Data\Zoom Player\Skin\Drapes d----- [02:58 17/05/2009]
alnav_arrows.bmp --a--- 230456 bytes [14:14 24/07/2007] [14:14 24/07/2007]
alnav_arrowsbg.bmp --a--- 294968 bytes [14:14 24/07/2007] [14:14 24/07/2007]
alnav_background.bmp --a--- 2073654 bytes [03:42 13/08/2007] [03:42 13/08/2007]
alnav_blanking.bmp --a--- 540056 bytes [14:14 24/07/2007] [14:14 24/07/2007]
alnav_bookmark.bmp --a--- 540056 bytes [14:14 24/07/2007] [14:14 24/07/2007]
alnav_color.bmp --a--- 540056 bytes [14:14 24/07/2007] [14:14 24/07/2007]
alnav_context.bmp --a--- 540056 bytes [14:14 24/07/2007] [14:14 24/07/2007]
alnav_download.bmp --a--- 540056 bytes [14:14 24/07/2007] [14:14 24/07/2007]
alnav_equalizer.bmp --a--- 540056 bytes [14:14 24/07/2007] [14:14 24/07/2007]
alnav_file.bmp --a--- 540056 bytes [14:14 24/07/2007] [14:14 24/07/2007]
alnav_goto.bmp --a--- 540056 bytes [14:14 24/07/2007] [14:14 24/07/2007]
alnav_media.bmp --a--- 540056 bytes [14:14 24/07/2007] [14:14 24/07/2007]
alnav_mousewheel.bmp --a--- 540056 bytes [14:14 24/07/2007] [14:14 24/07/2007]
alnav_nav.bmp --a--- 540056 bytes [14:14 24/07/2007] [14:14 24/07/2007]
alnav_playhistory.bmp --a--- 540056 bytes [14:14 24/07/2007] [14:14 24/07/2007]
alnav_playlist.bmp --a--- 540056 bytes [14:14 24/07/2007] [14:14 24/07/2007]
alnav_resize.bmp --a--- 540056 bytes [14:14 24/07/2007] [14:14 24/07/2007]
alnav_station.bmp --a--- 540056 bytes [14:14 24/07/2007] [14:14 24/07/2007]
alnav_web.bmp --a--- 540056 bytes [14:14 24/07/2007] [14:14 24/07/2007]
cfnav_background.bmp --a--- 501174 bytes [03:41 13/08/2007] [03:41 13/08/2007]
clnav_background.bmp --a--- 455094 bytes [11:52 29/11/2007] [11:52 29/11/2007]
Drapes.nav --a--- 11402 bytes [12:03 16/11/2007] [12:03 16/11/2007]
elnav_icons.bmp --a--- 2764856 bytes [01:30 02/10/2007] [01:30 02/10/2007]
esnav_background.bmp --a--- 1382454 bytes [03:42 13/08/2007] [03:42 13/08/2007]
lsnav_background.bmp --a--- 2073654 bytes [03:40 13/08/2007] [03:40 13/08/2007]
mlnav_all.bmp --a--- 540056 bytes [14:14 24/07/2007] [14:14 24/07/2007]
mlnav_audio.bmp --a--- 540056 bytes [14:14 24/07/2007] [14:14 24/07/2007]
mlnav_background.bmp --a--- 2073654 bytes [03:45 13/08/2007] [03:45 13/08/2007]
mlnav_executable.bmp --a--- 540056 bytes [14:14 24/07/2007] [14:14 24/07/2007]
mlnav_path.bmp --a--- 116984 bytes [21:07 05/08/2007] [21:07 05/08/2007]
mlnav_picture.bmp --a--- 540056 bytes [14:14 24/07/2007] [14:14 24/07/2007]
mlnav_scroll.bmp --a--- 165944 bytes [14:14 24/07/2007] [14:14 24/07/2007]
mlnav_select.bmp --a--- 687800 bytes [14:14 24/07/2007] [14:14 24/07/2007]
mlnav_unselect.bmp --a--- 687800 bytes [12:33 29/07/2007] [12:33 29/07/2007]
mlnav_video.bmp --a--- 540056 bytes [14:14 24/07/2007] [14:14 24/07/2007]
mlnav_widget.bmp --a--- 55352 bytes [14:14 24/07/2007] [14:14 24/07/2007]

C:\Documents and Settings\All Users\Application Data\Zoom Player\Skin\Fusion d----- [02:59 17/05/2009]
Fusion.bmp --a--- 915712 bytes [11:44 29/11/2007] [11:44 29/11/2007]
Fusion.skn --a--- 28123 bytes [10:16 08/01/2008] [10:16 08/01/2008]
FusionAudio.skn --a--- 25144 bytes [11:46 29/11/2007] [11:46 29/11/2007]
FusionDVD.skn --a--- 28089 bytes [10:16 08/01/2008] [10:16 08/01/2008]

C:\Documents and Settings\All Users\Application Data\{8CD7F5AF-ECFA-4793-BF40-D8F42DBFF906} d----- [22:57 06/06/2009]

C:\Documents and Settings\All Users\Application Data\{8CD7F5AF-ECFA-4793-BF40-D8F42DBFF906}\x86 d----- [22:57 06/06/2009]
DIFxAPI.dll --a--- 319456 bytes [13:21 02/11/2006] [13:21 02/11/2006]
DifXInstall32.exe --a--- 75112 bytes [20:56 04/02/2009] [20:56 04/02/2009]
DIFxInstallLog.txt --a--- 2094 bytes [22:57 06/06/2009] [21:02 01/08/2009]
GEARAspiWDM.inf --a--- 2763 bytes [23:38 19/03/2009] [23:38 19/03/2009]
gearaspiwdmx86.cat --a--- 7919 bytes [08:19 25/03/2009] [08:19 25/03/2009]

C:\Documents and Settings\All Users\Application Data\{8CD7F5AF-ECFA-4793-BF40-D8F42DBFF906}\x86\x86 d----- [18:21 07/06/2009]
GEARAspi.dll --a--- 107368 bytes [19:12 17/04/2008] [19:12 17/04/2008]
GEARAspiWDM.sys --a--- 23400 bytes [23:32 19/03/2009] [23:32 19/03/2009]

-=End Of File=-

Download kill.pif from here

• Unzip it to your desktop to a folder named avz4
• Double click on kill.pif to run it.
• Run an update by clicking the Auto Update button on the Right of the Log window:
• Click Start to begin the update

Note: If you recieve an error message, chose a different source, then click Start again

• Start kill.pif.
  
• Choose from the menu "File" => "Standard scripts " and mark the "Healing/Quarantine and Advanced System Analysis" check box.
  
• Click on the “Execute selected scripts”.
• Automatic scanning, healing and system check will be executed.
• A logfile (avz_sysinfo.htm) will be created and saved in the LOG folder in the AVZ directory as virusinfo_syscure.zip.
• It is necessary to reboot your machine, because kill.pif might disturb some program operations (like antiviruses and firewall) during the system scan.
• All applications will work properly after the system restart.

When restarted

• Start kill.pif.
  
• Choose from the menu "File" => "Standard scripts " and mark the “Advanced System Analysis" check box.
  
• Click on the "Execute selected scripts".
• A system check will be automatically performed, and the created logfile (avz_sysinfo.htm) will be saved in the LOG folder in the AVZ directory as virusinfo_syscheck.zip.

Attach both virusinfo_syscure.zip and virusinfo_syscheck.zip to your next post

To attach a file, do the following:

• Click Add Reply
• Under the reply panel is the Attachments Panel
• Browse for the attachment file you want to upload, then click the green Upload button
• Once it has uploaded, click the Manage Current Attachments drop down box
• Click on to insert the attachment into your post

 virusinfo_syscheck.zip   36.53KB   234 downloads
 virusinfo_syscure.zip   38.88KB   255 downloads

Please download ComboFix from Here or Here to your Desktop.

**Note: In the event you already have Combofix, this is a new version that I need you to download. It is important that it is saved and renamed following this process directly to your desktop**

• If you are using Firefox, make sure that your download settings are as follows:
  
  • Tools->Options->Main tab
  • Set to "Always ask me where to Save the files".
• During the download, rename Combofix to Combo-Fix as follows:
  
  
  
  
  
  
• It is important you rename Combofix during the download, but not after.
• Please do not rename Combofix to other names, but only to the one indicated.
• Close any open browsers.
• Close/disable all anti virus and anti malware programs so they do not interfere with the running of ComboFix.
  

  -----------------------------------------------------------

  • Very Important! Temporarily disable your anti-virus, script blocking and any anti-malware real-time protection before performing a scan. They can interfere with ComboFix or remove some of its embedded files which may cause "unpredictable results".
  • Click on this link to see a list of programs that should be disabled. The list is not all inclusive. If yours is not listed and you don't know how to disable it, please ask.
    

    -----------------------------------------------------------

  • Close any open browsers.
  • WARNING: Combofix will disconnect your machine from the Internet as soon as it starts
  • Please do not attempt to re-connect your machine back to the Internet until Combofix has completely finished.
  • If there is no internet connection after running Combofix, then restart your computer to restore back your connection.

  -----------------------------------------------------------

• Double click on combo-Fix.exe & follow the prompts.
• When finished, it will produce a report for you.
• Please post the "C:\Combo-Fix.txt" along with a new OTL log for further review.

**Note: Do not mouseclick combo-fix's window while it's running. That may cause it to stall**

ComboFix 09-08-22.06 - Julia Yu 08/23/2009 9:49.3.1 - NTFSx86
Microsoft Windows XP Home Edition 5.1.2600.2.1252.1.1033.18.503.198 [GMT -7:00]
Running from: c:\documents and settings\Julia Yu\Desktop\Combo-Fix.exe
.

((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.

c:\recycler\S-1-5-21-1414112411-1330998596-107729866-1003
c:\windows\syssvc.exe

.
((((((((((((((((((((((((((((((((((((((( Drivers/Services )))))))))))))))))))))))))))))))))))))))))))))))))
.

-------\Legacy_MSUPDATE


((((((((((((((((((((((((( Files Created from 2009-07-23 to 2009-08-23 )))))))))))))))))))))))))))))))
.

2009-08-21 15:44 . 2009-08-21 15:44 -------- d-----w- c:\program files\Trend Micro
2009-08-21 03:42 . 2009-08-22 04:57 -------- d-----w- c:\program files\pspgof
2009-08-14 07:52 . 2009-08-14 07:52 -------- d-----w- c:\windows\ServicePackFiles

.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2009-08-23 16:59 . 2009-01-05 01:40 -------- d-----w- c:\documents and settings\Julia Yu\Application Data\WTablet
2009-08-23 16:58 . 2009-01-05 01:40 -------- d-----w- c:\documents and settings\LocalService\Application Data\WTablet
2009-08-22 15:18 . 2008-06-11 19:28 -------- d-----w- c:\documents and settings\All Users\Application Data\Avg8
2009-08-22 04:56 . 2007-07-07 05:35 664 ----a-w- c:\windows\system32\d3d9caps.dat
2009-08-21 06:38 . 2006-06-23 21:27 -------- d-----w- c:\program files\FlashGet
2009-08-21 06:37 . 2007-05-02 02:30 -------- d-----w- c:\documents and settings\Julia Yu\Application Data\BitTorrent
2009-08-20 01:36 . 2008-08-16 00:37 -------- d-----w- c:\program files\Trillian
2009-08-17 23:02 . 2009-04-06 00:48 11952 ----a-w- c:\windows\system32\avgrsstx.dll
2009-08-17 23:02 . 2009-04-06 00:48 335240 ----a-w- c:\windows\system32\drivers\avgldx86.sys
2009-08-17 23:02 . 2009-04-06 00:48 27784 ----a-w- c:\windows\system32\drivers\avgmfx86.sys
2009-08-05 09:11 . 2005-11-05 01:16 204800 ----a-w- c:\windows\system32\mswebdvd.dll
2009-07-17 18:55 . 2005-11-05 01:16 58880 ----a-w- c:\windows\system32\atl.dll
2009-07-14 06:43 . 2005-11-05 01:17 286208 ----a-w- c:\windows\system32\wmpdxm.dll
2009-06-29 16:12 . 2005-11-05 01:17 827392 ----a-w- c:\windows\system32\wininet.dll
2009-06-29 16:12 . 2007-08-14 01:42 17408 ----a-w- c:\windows\system32\corpol.dll
2009-06-29 16:12 . 2005-11-05 01:16 78336 ----a-w- c:\windows\system32\ieencode.dll
2009-06-27 20:34 . 2009-06-27 20:34 -------- d-----w- c:\documents and settings\Julia Yu\Application Data\Synthesia
2009-06-25 08:17 . 2005-11-05 01:17 59392 ----a-w- c:\windows\system32\wdigest.dll
2009-06-25 08:17 . 2005-11-05 01:16 56320 ----a-w- c:\windows\system32\secur32.dll
2009-06-25 08:17 . 2005-11-05 01:16 168448 ----a-w- c:\windows\system32\schannel.dll
2009-06-25 08:17 . 2005-11-05 01:16 136192 ----a-w- c:\windows\system32\msv1_0.dll
2009-06-25 08:17 . 2005-11-05 01:16 729600 ----a-w- c:\windows\system32\lsasrv.dll
2009-06-25 08:17 . 2005-11-05 01:16 301568 ----a-w- c:\windows\system32\kerberos.dll
2009-06-22 11:35 . 2005-11-05 01:16 92544 ----a-w- c:\windows\system32\drivers\ksecdd.sys
2009-06-16 14:55 . 2005-11-05 01:17 119808 ----a-w- c:\windows\system32\t2embed.dll
2009-06-16 14:55 . 2005-11-05 01:16 82432 ----a-w- c:\windows\system32\fontsub.dll
2009-06-12 11:50 . 2005-11-05 01:17 76288 ----a-w- c:\windows\system32\telnet.exe
2009-06-10 14:21 . 2005-11-05 01:16 84992 ----a-w- c:\windows\system32\avifil32.dll
2009-06-10 06:32 . 2005-11-05 01:17 132096 ----a-w- c:\windows\system32\wkssvc.dll
2009-06-06 23:04 . 2006-10-15 21:02 45496 -c--a-w- c:\documents and settings\Julia Yu\Local Settings\Application Data\GDIPFONTCACHEV1.DAT
2009-06-05 07:42 . 2005-11-05 02:37 655872 ----a-w- c:\windows\system32\mstscax.dll
2009-06-03 19:27 . 2005-11-05 01:16 1290752 ----a-w- c:\windows\system32\quartz.dll
2009-05-30 19:50 . 2009-05-30 19:50 75048 ----a-w- c:\documents and settings\All Users\Application Data\Apple Computer\Installer Cache\iTunes 8.2.0.23\SetupAdmin.exe
2009-05-29 20:36 . 2009-06-06 22:54 39424 ----a-w- c:\windows\system32\drivers\usbaapl.sys
2009-05-29 20:36 . 2009-06-06 22:54 2060288 ----a-w- c:\windows\system32\usbaaplrc.dll
.

------- Sigcheck -------

[-] 2008-04-14 00:12 14336 27C6D03BCDB8CFEB96B716F3D8BE3E18 c:\windows\SoftwareDistribution\Download\dd9ab5193501484cf5e6884fa1d22f9e\svchost.exe
[-] 2004-08-04 12:00 14336 8F078AE4ED187AAABC0A305146DE6716 c:\windows\system32\svchost.exe

[-] 2008-04-14 00:12 82432 2CCC474EB85CEAA3E1FA1726580A3E5A c:\windows\SoftwareDistribution\Download\dd9ab5193501484cf5e6884fa1d22f9e\ws2_32.dll
[-] 2004-08-04 12:00 82944 2ED0B7F12A60F90092081C50FA0EC2B2 c:\windows\system32\ws2_32.dll

[-] 2008-04-14 00:12 507904 ED0EF0A136DEC83DF69F04118870003E c:\windows\SoftwareDistribution\Download\dd9ab5193501484cf5e6884fa1d22f9e\winlogon.exe
[-] 2004-08-04 12:00 502272 01C3346C241652F43AED8E2149881BFE c:\windows\system32\winlogon.exe

[-] 2008-04-13 19:20 182656 1DF7F42665C94B825322FAE71721130D c:\windows\SoftwareDistribution\Download\dd9ab5193501484cf5e6884fa1d22f9e\ndis.sys
[-] 2004-08-04 12:00 182912 558635D3AF1C7546D26067D5D9B6959E c:\windows\system32\dllcache\ndis.sys
[-] 2004-08-04 12:00 182912 558635D3AF1C7546D26067D5D9B6959E c:\windows\system32\drivers\ndis.sys

[-] 2008-04-13 18:53 36608 3BB22519A194418D5FEC05D800A19AD0 c:\windows\SoftwareDistribution\Download\dd9ab5193501484cf5e6884fa1d22f9e\ip6fw.sys
[-] 2004-08-04 12:00 29056 4448006B6BC60E6C027932CFC38D6855 c:\windows\system32\drivers\ip6fw.sys

[-] 2008-04-14 00:12 13312 BF2466B3E18E970D8A976FB95FC1CA85 c:\windows\SoftwareDistribution\Download\dd9ab5193501484cf5e6884fa1d22f9e\lsass.exe
[-] 2004-08-04 12:00 13312 84885F9B82F4D55C6146EBF6065D75D2 c:\windows\system32\lsass.exe

[-] 2008-04-14 00:12 15360 5F1D5F88303D4A4DBC8E5F97BA967CC3 c:\windows\SoftwareDistribution\Download\dd9ab5193501484cf5e6884fa1d22f9e\ctfmon.exe

[-] 2008-04-14 00:12 26112 A93AEE1928A9D7CE3E16D24EC7380F89 c:\windows\SoftwareDistribution\Download\dd9ab5193501484cf5e6884fa1d22f9e\userinit.exe
[-] 2004-08-04 12:00 24576 39B1FFB03C2296323832ACBAE50D2AFF c:\windows\system32\userinit.exe

[-] 2008-04-14 00:12 295424 FF3477C03BE7201C294C35F684B3479F c:\windows\SoftwareDistribution\Download\dd9ab5193501484cf5e6884fa1d22f9e\termsrv.dll
[-] 2004-08-04 12:00 295424 B60C877D16D9C880B952FDA04ADF16E6 c:\windows\system32\termsrv.dll

[-] 2008-04-14 00:12 17408 50A166237A0FA771261275A405646CC0 c:\windows\SoftwareDistribution\Download\dd9ab5193501484cf5e6884fa1d22f9e\powrprof.dll
[-] 2004-08-04 12:00 17408 1B5F6923ABB450692E9FE0672C897AED c:\windows\system32\powrprof.dll

[-] 2008-04-14 00:11 110080 0DA85218E92526972A821587E6A8BF8F c:\windows\SoftwareDistribution\Download\dd9ab5193501484cf5e6884fa1d22f9e\imm32.dll
[-] 2004-08-04 12:00 110080 87CA7CE6469577F059297B9D6556D66D c:\windows\system32\imm32.dll

[-] 2008-04-13 18:39 24576 463C1EC80CD17420A542B7F36A36F128 c:\windows\SoftwareDistribution\Download\dd9ab5193501484cf5e6884fa1d22f9e\kbdclass.sys
[-] 2004-08-04 06:58 24576 EBDEE8A2EE5393890A1ACEE971C4C246 c:\windows\system32\drivers\kbdclass.sys

[-] 2008-04-14 00:11 792064 1280A158C722FA95A80FB7AEBE78FA7D c:\windows\SoftwareDistribution\Download\dd9ab5193501484cf5e6884fa1d22f9e\comres.dll
[-] 2004-08-04 12:00 792064 6728270CB7DBB776ED086F5AC4C82310 c:\windows\system32\comres.dll

[-] 2008-04-14 00:11 22016 012DF358CEBAA23ACB26D82077820817 c:\windows\SoftwareDistribution\Download\dd9ab5193501484cf5e6884fa1d22f9e\lpk.dll
[-] 2004-08-04 12:00 22016 74D66B3DE265E8789153414E75175F26 c:\windows\system32\lpk.dll

[-] 2004-08-04 12:00 4224 DA1F27D85E0D1525F6621372E7B685E9 c:\windows\system32\drivers\beep.sys

[-] 2004-08-04 12:00 2944 73C1E1F395918BC2C6DD67AF7591A3AD c:\windows\system32\drivers\null.sys

[-] 2008-04-14 00:11 33792 986B1FF5814366D71E0AC5755C88F2D3 c:\windows\SoftwareDistribution\Download\dd9ab5193501484cf5e6884fa1d22f9e\msgsvc.dll
[-] 2004-08-04 12:00 33792 95FD808E4AC22ABA025A7B3EAC0375D2 c:\windows\system32\msgsvc.dll
[-] 2004-08-04 12:00 33792 95FD808E4AC22ABA025A7B3EAC0375D2 c:\windows\system32\dllcache\msgsvc.dll

[-] 2004-08-04 12:00 11648 9859C0F6936E723E4892D7141B1327D5 c:\windows\system32\drivers\acpiec.sys

[-] 2008-04-14 00:12 5120 96E1C926F22EE1BFBAE82901A35F6BF3 c:\windows\SoftwareDistribution\Download\dd9ab5193501484cf5e6884fa1d22f9e\sfc.dll
[-] 2004-08-04 12:00 5120 E8A12A12EA9088B4327D49EDCA3ADD3E c:\windows\system32\sfc.dll

[-] 2008-04-14 00:12 409088 574738F61FCA2935F5265DC4E5691314 c:\windows\SoftwareDistribution\Download\dd9ab5193501484cf5e6884fa1d22f9e\qmgr.dll
[-] 2004-08-04 12:00 382464 2C69EC7E5A311334D10DD95F338FCCEA c:\windows\system32\qmgr.dll

[-] 2008-04-14 00:12 181248 A86BB5E61BF3E39B62AB4C7E7085A084 c:\windows\SoftwareDistribution\Download\dd9ab5193501484cf5e6884fa1d22f9e\scecli.dll
[-] 2004-08-04 12:00 180224 0F78E27F563F2AAF74B91A49E2ABF19A c:\windows\system32\scecli.dll

[-] 2008-04-14 00:11 56320 6D4FEB43EE538FC5428CC7F0565AA656 c:\windows\SoftwareDistribution\Download\dd9ab5193501484cf5e6884fa1d22f9e\eventlog.dll
[-] 2004-08-04 12:00 55808 82B24CB70E5944E6E34662205A2A5B78 c:\windows\system32\eventlog.dll

[-] 2008-04-13 18:57 14336 B153AFFAC761E7F5FCFA822B9C4E97BC c:\windows\SoftwareDistribution\Download\dd9ab5193501484cf5e6884fa1d22f9e\asyncmac.sys
[-] 2004-08-04 12:00 14336 02000ABF34AF4C218C35D257024807D6 c:\windows\system32\drivers\asyncmac.sys

[-] 2005-01-28 21:44 25088 140EF97B64F560FD78643CAE2CDAD838 c:\windows\$NtUninstallWMFDist11$\mspmsnsv.dll
[-] 2005-01-28 21:44 25088 140EF97B64F560FD78643CAE2CDAD838 c:\windows\RegisteredPackages\{30C7234B-6482-4A55-A11D-ECD9030313F2}\MsPMSNSv.dll
[7] 2004-08-04 12:00 52224 C086483E3DBA8C1C0A687EC8D5B3D4C1 c:\windows\RegisteredPackages\{30C7234B-6482-4A55-A11D-ECD9030313F2}$BACKUP$\System\MsPMSNSv.dll
[-] 2006-10-19 05:47 27136 C51B4A5C05A5475708E3C81C7765B71D c:\windows\system32\mspmsnsv.dll
[-] 2006-10-19 05:47 27136 C51B4A5C05A5475708E3C81C7765B71D c:\windows\system32\dllcache\mspmsnsv.dll

[-] 2008-04-14 00:12 129024 295D21F14C335B53CB8154E5B1F892B9 c:\windows\SoftwareDistribution\Download\dd9ab5193501484cf5e6884fa1d22f9e\xmlprov.dll
[-] 2004-08-04 12:00 129536 EEF46DAB68229A14DA3D8E73C99E2959 c:\windows\system32\xmlprov.dll

[-] 2008-04-14 00:11 62464 3D4E199942E29207970E04315D02AD3B c:\windows\SoftwareDistribution\Download\dd9ab5193501484cf5e6884fa1d22f9e\cryptsvc.dll
[-] 2004-08-04 12:00 60416 10654F9DDCEA9C46CFB77554231BE73B c:\windows\system32\cryptsvc.dll

[-] 2008-04-14 00:11 77824 A06CE3399D16DB864F55FAEB1F1927A9 c:\windows\SoftwareDistribution\Download\dd9ab5193501484cf5e6884fa1d22f9e\browser.dll
[-] 2004-08-04 12:00 77312 E3CFCCDDA4EDD1D0DC9168B2E18F27B8 c:\windows\system32\browser.dll

[-] 2008-04-14 00:12 71680 0A5679B3714EDAB99E357057EE88FCA6 c:\windows\SoftwareDistribution\Download\dd9ab5193501484cf5e6884fa1d22f9e\ssdpsrv.dll
[-] 2004-08-04 12:00 71680 4B8D61792F7175BED48859CC18CE4E38 c:\windows\system32\ssdpsrv.dll

[-] 2008-04-14 00:12 171008 3805DF0AC4296A34BA4BF93B346CC378 c:\windows\SoftwareDistribution\Download\dd9ab5193501484cf5e6884fa1d22f9e\srsvc.dll
[-] 2004-08-04 12:00 170496 92BDF74F12D6CBEC43C94D4B7F804838 c:\windows\system32\srsvc.dll

[-] 2008-04-14 00:12 13824 F92E1076C42FCD6DB3D72D8CFE9816D5 c:\windows\SoftwareDistribution\Download\dd9ab5193501484cf5e6884fa1d22f9e\wscntfy.exe
[-] 2004-08-04 12:00 13824 49911DD39E023BB6C45E4E436CFBD297 c:\windows\system32\wscntfy.exe
[-] 2004-08-04 12:00 13824 49911DD39E023BB6C45E4E436CFBD297 c:\windows\system32\dllcache\wscntfy.exe

[-] 2008-04-14 00:12 435200 156F64A3345BD23C600655FB4D10BC08 c:\windows\SoftwareDistribution\Download\dd9ab5193501484cf5e6884fa1d22f9e\ntmssvc.dll
[-] 2004-08-04 12:00 435200 B62F29C00AC55A761B2E45877D85EA0F c:\windows\system32\ntmssvc.dll
[-] 2004-08-04 12:00 435200 B62F29C00AC55A761B2E45877D85EA0F c:\windows\system32\dllcache\ntmssvc.dll

[-] 2008-04-14 00:12 88576 AD188BE7BDF94E8DF4CA0A55C00A5073 c:\windows\SoftwareDistribution\Download\dd9ab5193501484cf5e6884fa1d22f9e\rasauto.dll
[-] 2004-08-04 12:00 89088 44DB7A9BDD2FB58747D123FBF1D35ADB c:\windows\system32\rasauto.dll
[-] 2004-08-04 12:00 89088 44DB7A9BDD2FB58747D123FBF1D35ADB c:\windows\system32\dllcache\rasauto.dll

[-] 2008-04-14 00:12 1614848 9DD07AF82244867CA36681EA2D29CE79 c:\windows\SoftwareDistribution\Download\dd9ab5193501484cf5e6884fa1d22f9e\sfcfiles.dll
[-] 2004-08-04 12:00 1580544 30A609E00BD1D4FFC49D6B5A432BE7F2 c:\windows\system32\sfcfiles.dll

[-] 2008-04-14 00:12 192512 0A9A7365A1CA4319AA7C1D6CD8E4EAFA c:\windows\SoftwareDistribution\Download\dd9ab5193501484cf5e6884fa1d22f9e\schedsvc.dll
[-] 2004-08-04 12:00 190976 92360854316611F6CC471612213C3D92 c:\windows\system32\schedsvc.dll

[-] 2008-04-14 00:12 59904 5B19B557B0C188210A56A6B699D90B8F c:\windows\SoftwareDistribution\Download\dd9ab5193501484cf5e6884fa1d22f9e\regsvc.dll
[-] 2004-08-04 12:00 59904 3151427DB7D87107D1C5BE58FAC53960 c:\windows\system32\regsvc.dll
[-] 2004-08-04 12:00 59904 3151427DB7D87107D1C5BE58FAC53960 c:\windows\system32\dllcache\regsvc.dll

c:\windows\system32\ctfmon.exe ... is missing !!
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Rainlendar2"="c:\program files\Rainlendar2\Rainlendar2.exe" [2006-10-28 981504]
"Rainlendar"="c:\program files\Rainlendar2\Rainlendar2.exe" [2006-10-28 981504]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"QuickTime Task"="c:\program files\QuickTime\QTTask.exe" [2009-05-27 413696]
"iTunesHelper"="c:\program files\iTunes\iTunesHelper.exe" [2009-05-30 292136]

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\explorer]
"NoRecentDocsNetHood"= 01000000

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\IntelWireless]
2005-07-23 05:46 110592 ----a-w- c:\program files\Intel\Wireless\Bin\LgNotify.dll

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\avgrsstarter]
2009-08-17 23:02 11952 ----a-w- c:\windows\system32\avgrsstx.dll

[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^Adobe Acrobat Speed Launcher.lnk]
path=c:\documents and settings\All Users\Start Menu\Programs\Startup\Adobe Acrobat Speed Launcher.lnk
backup=c:\windows\pss\Adobe Acrobat Speed Launcher.lnkCommon Startup

[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^Adobe Gamma Loader.exe.lnk]
path=c:\documents and settings\All Users\Start Menu\Programs\Startup\Adobe Gamma Loader.exe.lnk
backup=c:\windows\pss\Adobe Gamma Loader.exe.lnkCommon Startup

[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^Adobe Reader Speed Launch.lnk]
path=c:\documents and settings\All Users\Start Menu\Programs\Startup\Adobe Reader Speed Launch.lnk
backup=c:\windows\pss\Adobe Reader Speed Launch.lnkCommon Startup

[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^Bluetooth Manager.lnk]
path=c:\documents and settings\All Users\Start Menu\Programs\Startup\Bluetooth Manager.lnk
backup=c:\windows\pss\Bluetooth Manager.lnkCommon Startup

[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^HP Digital Imaging Monitor.lnk]
path=c:\documents and settings\All Users\Start Menu\Programs\Startup\HP Digital Imaging Monitor.lnk
backup=c:\windows\pss\HP Digital Imaging Monitor.lnkCommon Startup

[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^RAMASST.lnk]
path=c:\documents and settings\All Users\Start Menu\Programs\Startup\RAMASST.lnk
backup=c:\windows\pss\RAMASST.lnkCommon Startup

[HKLM\~\startupfolder\C:^Documents and Settings^Julia Yu^Start Menu^Programs^Startup^Adobe Gamma.lnk]
path=c:\documents and settings\Julia Yu\Start Menu\Programs\Startup\Adobe Gamma.lnk
backup=c:\windows\pss\Adobe Gamma.lnkStartup

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\services]
"AOL TopSpeedMonitor"=2 (0x2)

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"c:\\Program Files\\Common Files\\AOL\\System Information\\sinf.exe"=
"c:\\Program Files\\Common Files\\AOL\\TopSpeed\\2.0\\aoltpspd.exe"=
"c:\\Program Files\\Common Files\\AOL\\TopSpeed\\2.0\\aoltsmon.exe"=
"c:\\WINDOWS\\Network Diagnostic\\xpnetdiag.exe"=
"c:\\TOSHIBA\\ivp\\NetInt\\Netint.exe"=
"c:\\WINDOWS\\system32\\sessmgr.exe"=
"c:\\TOSHIBA\\IVP\\ISM\\pinger.exe"=
"c:\\Program Files\\DNA\\btdna.exe"=
"c:\\Program Files\\BitTorrent\\bittorrent.exe"=
"c:\\Program Files\\Trillian\\trillian.exe"=
"c:\\Program Files\\Netscape\\Navigator 9\\navigator.exe"=
"c:\\Program Files\\Mozilla Firefox\\firefox.exe"=
"c:\\Program Files\\Common Files\\AOL\\Loader\\aolload.exe"=
"c:\\Program Files\\AVG\\AVG8\\avgupd.exe"=
"c:\\Program Files\\AVG\\AVG8\\avgnsx.exe"=
"c:\\Program Files\\iTunes\\iTunes.exe"=

R1 AvgLdx86;AVG Free AVI Loader Driver x86;c:\windows\system32\drivers\avgldx86.sys [4/5/2009 5:48 PM 335240]
R1 AvgTdiX;AVG Free8 Network Redirector;c:\windows\system32\drivers\avgtdix.sys [4/5/2009 5:48 PM 108552]
R2 avg8wd;AVG Free8 WatchDog;c:\progra~1\AVG\AVG8\avgwdsvc.exe [4/5/2009 5:47 PM 297752]
R2 TabletServicePen;TabletServicePen;c:\windows\system32\Pen_Tablet.exe [1/3/2009 7:02 PM 1373480]
.
.
------- Supplementary Scan -------
.
uStart Page = about:blank
uInternet Connection Wizard,ShellNext = hxxp://www.toshibadirect.com/dpdstart
IE: Download All by FlashGet - c:\program files\FlashGet\jc_all.htm
IE: Download using FlashGet - c:\program files\FlashGet\jc_link.htm
IE: E&xport to Microsoft Excel - c:\progra~1\MICROS~3\OFFICE11\EXCEL.EXE/3000
FF - ProfilePath - c:\documents and settings\Julia Yu\Application Data\Mozilla\Firefox\Profiles\kx5604n8.default\
FF - prefs.js: browser.search.defaulturl - hxxp://www.google.com/search?lr=&ie=UTF-8&oe=UTF-8&q=
FF - prefs.js: browser.search.selectedEngine - Google
FF - prefs.js: browser.startup.homepage - about:blank
FF - component: c:\program files\AVG\AVG8\Firefox\components\avgssff.dll
FF - plugin: c:\documents and settings\Julia Yu\Local Settings\Application Data\Google\Update\1.2.141.5\npGoogleOneClick7.dll
FF - plugin: c:\program files\Mozilla Firefox\plugins\npunagi2.dll
FF - plugin: c:\program files\Mozilla Firefox\plugins\npyaxmpb.dll
.

**************************************************************************

catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2009-08-23 10:00
Windows 5.1.2600 Service Pack 2 NTFS

scanning hidden processes ...

scanning hidden autostart entries ...

scanning hidden files ...

scan completed successfully
hidden files: 0

**************************************************************************
.
--------------------- DLLs Loaded Under Running Processes ---------------------

- - - - - - - > 'winlogon.exe'(772)
c:\program files\Intel\Wireless\Bin\LgNotify.dll

- - - - - - - > 'explorer.exe'(1144)
c:\windows\system32\WININET.dll
c:\windows\system32\ieframe.dll
c:\windows\system32\WPDShServiceObj.dll
c:\windows\system32\PortableDeviceTypes.dll
c:\windows\system32\PortableDeviceApi.dll
.
------------------------ Other Running Processes ------------------------
.
c:\program files\Intel\Wireless\Bin\EvtEng.exe
c:\program files\Intel\Wireless\Bin\S24EvMon.exe
c:\program files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
c:\program files\TOSHIBA\ConfigFree\CFSvcs.exe
c:\windows\system32\DVDRAMSV.exe
c:\program files\Intel\Wireless\Bin\RegSrvc.exe
c:\toshiba\IVP\swupdate\swupdtmr.exe
c:\program files\TOSHIBA\TOSHIBA Applet\TAPPSRV.exe
c:\program files\AVG\AVG8\avgrsx.exe
c:\progra~1\AVG\AVG8\avgnsx.exe
c:\program files\Intel\Wireless\Bin\ZCfgSvc.exe
c:\windows\system32\WTablet\Pen_TabletUser.exe
c:\windows\system32\wscntfy.exe
c:\progra~1\Intel\Wireless\Bin\1XConfig.exe
c:\program files\iPod\bin\iPodService.exe
.
**************************************************************************
.
Completion time: 2009-08-23 10:04 - machine was rebooted
ComboFix-quarantined-files.txt 2009-08-23 17:04

Pre-Run: 38,482,157,568 bytes free
Post-Run: 39,001,739,264 bytes free

258 --- E O F --- 2009-08-23 05:08







OTL logfile created on: 8/23/2009 10:16:58 AM - Run 1
OTL by OldTimer - Version 3.0.10.7 Folder = C:\Documents and Settings\Julia Yu\Desktop
Windows XP Home Edition Service Pack 2 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 7.0.5730.13)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

503.42 Mb Total Physical Memory | 122.55 Mb Available Physical Memory | 24.34% Memory free
1.20 Gb Paging File | 0.87 Gb Available in Paging File | 72.70% Paging File free
Paging file location(s): C:\pagefile.sys 756 1512 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 55.65 Gb Total Space | 36.35 Gb Free Space | 65.33% Space Free | Partition Type: NTFS
D: Drive not present or media not loaded
E: Drive not present or media not loaded
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded

Computer Name: MEEPIT
Current User Name: Julia Yu
Logged in as Administrator.

Current Boot Mode: Normal
Scan Mode: Current user
Company Name Whitelist: On
Skip Microsoft Files: On
File Age = 14 Days
Output = Standard
Quick Scan

========== Processes (SafeList) ==========

PRC - [2005/07/22 22:40:54 | 00,086,016 | ---- | M] (Intel Corporation) -- C:\Program Files\Intel\Wireless\Bin\EvtEng.exe
PRC - [2005/07/22 22:43:46 | 00,372,809 | ---- | M] (Intel Corporation ) -- C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe
PRC - [2009/05/29 13:41:26 | 00,144,712 | ---- | M] (Apple Inc.) -- C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
PRC - [2009/08/17 16:01:55 | 00,297,752 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG8\avgwdsvc.exe
PRC - [2005/01/17 17:38:38 | 00,040,960 | ---- | M] (TOSHIBA CORPORATION) -- C:\Program Files\TOSHIBA\ConfigFree\CFSvcs.exe
PRC - [2004/08/28 01:33:00 | 00,110,592 | ---- | M] (Matsushita Electric Industrial Co., Ltd.) -- C:\WINDOWS\System32\DVDRAMSV.exe
PRC - [2005/07/22 22:40:16 | 00,139,264 | ---- | M] (Intel Corporation) -- C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe
PRC - [2005/07/12 18:14:42 | 00,040,960 | ---- | M] () -- c:\TOSHIBA\IVP\swupdate\swupdtmr.exe
PRC - [2007/09/07 11:16:18 | 01,373,480 | ---- | M] (Wacom Technology, Corp.) -- C:\WINDOWS\System32\Pen_Tablet.exe
PRC - [2005/08/10 11:15:50 | 00,035,328 | ---- | M] (TOSHIBA Corp.) -- C:\Program Files\TOSHIBA\TOSHIBA Applet\TAPPSRV.exe
PRC - [2009/08/17 16:02:11 | 00,486,680 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG8\avgrsx.exe
PRC - [2009/08/17 16:02:06 | 00,595,736 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG8\avgnsx.exe
PRC - [2005/07/22 22:46:52 | 00,401,408 | ---- | M] (Intel Corporation) -- C:\Program Files\Intel\Wireless\Bin\ZcfgSvc.exe
PRC - [2007/09/07 11:16:50 | 00,132,392 | ---- | M] (Wacom Technology, Corp.) -- C:\WINDOWS\System32\WTablet\Pen_TabletUser.exe
PRC - [2007/09/07 11:16:18 | 01,373,480 | ---- | M] (Wacom Technology, Corp.) -- C:\WINDOWS\System32\Pen_Tablet.exe
PRC - [2004/08/04 05:00:00 | 00,013,824 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\wscntfy.exe
PRC - [2005/07/22 22:41:58 | 00,245,760 | ---- | M] (Intel) -- C:\Program Files\Intel\Wireless\Bin\1XConfig.exe
PRC - [2009/05/30 12:30:26 | 00,292,136 | ---- | M] (Apple Inc.) -- C:\Program Files\iTunes\iTunesHelper.exe
PRC - [2006/10/28 07:22:56 | 00,981,504 | ---- | M] () -- C:\Program Files\Rainlendar2\Rainlendar2.exe
PRC - [2009/05/30 12:30:20 | 00,541,992 | ---- | M] (Apple Inc.) -- C:\Program Files\iPod\bin\iPodService.exe
PRC - [2007/06/13 03:23:07 | 01,033,216 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
PRC - [2008/08/15 07:45:29 | 00,307,712 | ---- | M] (Mozilla Corporation) -- C:\Program Files\Mozilla Firefox\firefox.exe
PRC - [2009/08/17 16:01:52 | 00,761,624 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG8\avgscanx.exe
PRC - [2009/08/17 16:02:10 | 00,693,016 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG8\avgcsrvx.exe
PRC - [2009/08/21 09:03:43 | 00,514,048 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Julia Yu\Desktop\OTL.exe

========== Win32 Services (SafeList) ==========

SRV - [2007/06/12 18:20:22 | 00,072,704 | ---- | M] (Adobe Systems) -- C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe -- (Adobe LM Service [On_Demand | Stopped])
SRV - [2004/10/15 13:54:14 | 00,100,016 | ---- | M] (America Online, Inc) -- C:\Program Files\Common Files\AOL\TopSpeed\2.0\aoltsmon.exe -- (AOL TopSpeedMonitor [Disabled | Stopped])
SRV - [2009/05/29 13:41:26 | 00,144,712 | ---- | M] (Apple Inc.) -- C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe -- (Apple Mobile Device [Auto | Running])
SRV - [2004/07/15 02:49:26 | 00,032,768 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\aspnet_state.exe -- (aspnet_state [On_Demand | Stopped])
SRV - [2009/08/17 16:01:55 | 00,297,752 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG8\avgwdsvc.exe -- (avg8wd [Auto | Running])
SRV - [2005/01/17 17:38:38 | 00,040,960 | ---- | M] (TOSHIBA CORPORATION) -- C:\Program Files\TOSHIBA\ConfigFree\CFSvcs.exe -- (CFSvcs [Auto | Running])
SRV - [2004/08/28 01:33:00 | 00,110,592 | ---- | M] (Matsushita Electric Industrial Co., Ltd.) -- C:\WINDOWS\System32\DVDRAMSV.exe -- (DVD-RAM_Service [Auto | Running])
SRV - [2005/07/22 22:40:54 | 00,086,016 | ---- | M] (Intel Corporation) -- C:\Program Files\Intel\Wireless\Bin\EvtEng.exe -- (EvtEng [Auto | Running])
SRV - [2004/08/04 05:00:00 | 00,038,912 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\PCHealth\HelpCtr\Binaries\pchsvc.dll -- (helpsvc [Auto | Running])
SRV - [2009/05/30 12:30:20 | 00,541,992 | ---- | M] (Apple Inc.) -- C:\Program Files\iPod\bin\iPodService.exe -- (iPod Service [On_Demand | Running])
SRV - File not found -- -- (McDetect.exe [Auto | Stopped])
SRV - File not found -- -- (McShield [Auto | Stopped])
SRV - File not found -- -- (McTskshd.exe [Auto | Stopped])
SRV - File not found -- -- (mcupdmgr.exe [On_Demand | Stopped])
SRV - [2003/07/28 12:28:22 | 00,089,136 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE -- (ose [On_Demand | Stopped])
SRV - [2004/03/18 16:55:48 | 00,065,536 | ---- | M] (HP) -- C:\WINDOWS\System32\HPZipm12.exe -- (Pml Driver HPZ12 [On_Demand | Stopped])
SRV - [2005/07/22 22:40:16 | 00,139,264 | ---- | M] (Intel Corporation) -- C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe -- (RegSrvc [Auto | Running])
SRV - [2005/07/22 22:43:46 | 00,372,809 | ---- | M] (Intel Corporation ) -- C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe -- (S24EventMonitor [Auto | Running])
SRV - [2005/07/12 18:14:42 | 00,040,960 | ---- | M] () -- c:\TOSHIBA\IVP\swupdate\swupdtmr.exe -- (Swupdtmr [Auto | Running])
SRV - [2007/09/07 11:16:18 | 01,373,480 | ---- | M] (Wacom Technology, Corp.) -- C:\WINDOWS\System32\Pen_Tablet.exe -- (TabletServicePen [Auto | Running])
SRV - [2005/08/10 11:15:50 | 00,035,328 | ---- | M] (TOSHIBA Corp.) -- C:\Program Files\TOSHIBA\TOSHIBA Applet\TAPPSRV.exe -- (TAPPSRV [Auto | Running])
SRV - [2006/10/18 21:05:24 | 00,913,408 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Windows Media Player\WMPNetwk.exe -- (WMPNetworkSvc [On_Demand | Stopped])

========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft....k/?LinkId=69157
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft....k/?LinkId=54896
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = [binary data]
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Extensions Off Page = about:NoAdd-ons
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft....k/?LinkId=54896
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Security Risk Page = about:SecurityRisk
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft....k/?LinkId=69157
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,CustomizeSearch = http://ie.search.msn...st/srchcust.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://ie.search.msn...st/srchasst.htm

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\WINDOWS\system32\blank.htm
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Page_Transitions = 1
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft...amp;ar=iesearch
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = about:blank
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

========== FireFox ==========

FF - prefs.js..browser.search.defaultenginename: "Google"
FF - prefs.js..browser.search.defaulturl: "http://www.google.co...-8&oe=UTF-8&q="
FF - prefs.js..browser.search.selectedEngine: "Google"
FF - prefs.js..browser.search.update: false
FF - prefs.js..browser.startup.homepage: "about:blank"
FF - prefs.js..extensions.enabledItems: {3f963a5b-e555-4543-90e2-c3908898db71}:8.5
FF - prefs.js..extensions.enabledItems: {d37dc5d0-431d-44e5-8c91-49419370caa1}:2.5.33
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0006-ABCDEFFEDCBA}:6.0.06
FF - prefs.js..extensions.enabledItems: {888d99e7-e8b5-46a3-851e-1ec45da1e644}:3.5.1
FF - prefs.js..extensions.enabledItems: [email protected]:0.0.7.1
FF - prefs.js..extensions.enabledItems: {972ce4c6-7e08-4474-a285-3208198ce6fd}:3.0.1
FF - prefs.js..extensions.enabledItems: {57407AE0-868F-11DC-AD21-49A755D89593}:3.0.0
FF - prefs.js..extensions.enabledItems: {6E1A2A2E-AE2A-4A26-A812-46F54288379E}:3.5

FF - HKLM\software\mozilla\Firefox\Extensions\\{3f963a5b-e555-4543-90e2-c3908898db71}: C:\Program Files\AVG\AVG8\Firefox [2009/07/01 09:39:26 | 00,000,000 | ---D | M]
FF - HKLM\software\mozilla\Flock\Extensions\\Plugins: C:\Program Files\Flock\flock\plugins [2009/06/06 15:56:25 | 00,000,000 | ---D | M]
FF - HKLM\software\mozilla\Flock\Extensions\\Components: C:\Program Files\Flock\flock\components [2009/06/06 15:56:26 | 00,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.0.1\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2009/06/18 15:06:54 | 00,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.0.1\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2009/06/06 15:56:26 | 00,000,000 | ---D | M]
FF - HKLM\software\mozilla\Netscape Navigator 9.0.0.6\extensions\\Components: C:\Program Files\Netscape\Navigator 9\components [2009/06/06 15:56:27 | 00,000,000 | ---D | M]
FF - HKLM\software\mozilla\Netscape Navigator 9.0.0.6\extensions\\Plugins: C:\Program Files\Netscape\Navigator 9\plugins [2009/06/06 15:56:26 | 00,000,000 | ---D | M]

[2008/06/17 22:15:46 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Julia Yu\Application Data\mozilla\Extensions
[2008/06/17 22:15:46 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Julia Yu\Application Data\mozilla\Extensions\{ec8030f7-c20a-464f-9b0e-13a3a9e97384}
[2009/08/21 21:03:33 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Julia Yu\Application Data\mozilla\Firefox\Profiles\kx5604n8.default\extensions
[2007/05/01 19:38:20 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Julia Yu\Application Data\mozilla\Firefox\Profiles\kx5604n8.default\extensions\{2cb97724-d789-4f43-8888-a763cbb8df6f}(2)
[2007/05/01 19:36:29 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Julia Yu\Application Data\mozilla\Firefox\Profiles\kx5604n8.default\extensions\{43505cd0-6e9a-11da-8cd6-0800200c9a66}
[2008/10/18 19:10:13 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Julia Yu\Application Data\mozilla\Firefox\Profiles\kx5604n8.default\extensions\{57407AE0-868F-11DC-AD21-49A755D89593}
[2009/08/10 13:01:49 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Julia Yu\Application Data\mozilla\Firefox\Profiles\kx5604n8.default\extensions\{6E1A2A2E-AE2A-4A26-A812-46F54288379E}
[2007/05/01 19:27:28 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Julia Yu\Application Data\mozilla\Firefox\Profiles\kx5604n8.default\extensions\{77b819fa-95ad-4f2c-ac7c-486b356188a9}(2)
[2009/08/17 17:18:05 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Julia Yu\Application Data\mozilla\Firefox\Profiles\kx5604n8.default\extensions\{888d99e7-e8b5-46a3-851e-1ec45da1e644}
[2009/05/12 22:08:02 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Julia Yu\Application Data\mozilla\Firefox\Profiles\kx5604n8.default\extensions\{d37dc5d0-431d-44e5-8c91-49419370caa1}
[2007/05/01 19:36:29 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Julia Yu\Application Data\mozilla\Firefox\Profiles\kx5604n8.default\extensions\{d3d70bca-2d54-425e-b02c-b7e2f4b07688}
[2007/05/01 19:26:55 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Julia Yu\Application Data\mozilla\Firefox\Profiles\kx5604n8.default\extensions\{ff356687-aa08-463d-a46c-11c451824939}(2)
[2008/08/19 20:28:48 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Julia Yu\Application Data\mozilla\Firefox\Profiles\kx5604n8.default\extensions\[email protected]
[2009/08/22 21:11:25 | 00,000,000 | ---D | M] -- C:\Program Files\mozilla firefox\extensions
[2008/08/15 07:45:40 | 00,000,000 | ---D | M] -- C:\Program Files\mozilla firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
[2008/06/12 16:26:14 | 00,000,000 | ---D | M] -- C:\Program Files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0006-ABCDEFFEDCBA}
[2008/08/15 07:45:28 | 00,023,040 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\browserdirprovider.dll
[2008/08/15 07:45:28 | 00,134,144 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\brwsrcmp.dll
[2007/04/30 16:29:22 | 00,049,152 | ---- | M] (Adobe Systems, Inc.) -- C:\Program Files\mozilla firefox\plugins\np32dsw.dll
[2008/08/15 07:45:32 | 00,065,536 | ---- | M] (mozilla.org) -- C:\Program Files\mozilla firefox\plugins\npnul32.dll
[2003/07/14 22:56:52 | 00,013,888 | ---- | M] (Microsoft Corporation) -- C:\Program Files\mozilla firefox\plugins\NPOFFICE.DLL
[2007/05/01 20:18:20 | 00,144,984 | ---- | M] (RealNetworks, Inc.) -- C:\Program Files\mozilla firefox\plugins\nppl3260.dll
[2009/06/06 15:56:25 | 00,143,360 | ---- | M] (Apple Inc.) -- C:\Program Files\mozilla firefox\plugins\npqtplugin.dll
[2009/06/06 15:56:25 | 00,143,360 | ---- | M] (Apple Inc.) -- C:\Program Files\mozilla firefox\plugins\npqtplugin2.dll
[2009/06/06 15:56:25 | 00,143,360 | ---- | M] (Apple Inc.) -- C:\Program Files\mozilla firefox\plugins\npqtplugin3.dll
[2009/06/06 15:56:25 | 00,143,360 | ---- | M] (Apple Inc.) -- C:\Program Files\mozilla firefox\plugins\npqtplugin4.dll
[2009/06/06 15:56:25 | 00,143,360 | ---- | M] (Apple Inc.) -- C:\Program Files\mozilla firefox\plugins\npqtplugin5.dll
[2009/06/06 15:56:25 | 00,143,360 | ---- | M] (Apple Inc.) -- C:\Program Files\mozilla firefox\plugins\npqtplugin6.dll
[2009/06/06 15:56:25 | 00,143,360 | ---- | M] (Apple Inc.) -- C:\Program Files\mozilla firefox\plugins\npqtplugin7.dll
[2007/05/01 20:18:26 | 00,024,576 | ---- | M] (RealNetworks, Inc.) -- C:\Program Files\mozilla firefox\plugins\nprjplug.dll
[2007/05/01 20:18:13 | 00,081,920 | ---- | M] (RealNetworks, Inc.) -- C:\Program Files\mozilla firefox\plugins\nprpjplug.dll
[2008/03/08 16:22:20 | 02,884,992 | ---- | M] () -- C:\Program Files\mozilla firefox\plugins\NPSWF32.dll
[2005/08/09 11:42:53 | 00,057,344 | ---- | M] (America Online, Inc.) -- C:\Program Files\mozilla firefox\plugins\npunagi2.dll
[2007/03/09 16:16:44 | 00,189,496 | ---- | M] (Yahoo! Inc.) -- C:\Program Files\mozilla firefox\plugins\npyaxmpb.dll
[2008/05/29 07:24:14 | 00,001,394 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\amazondotcom.xml
[2008/05/29 07:24:14 | 00,002,193 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\answers.xml
[2008/05/29 07:24:14 | 00,001,534 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\creativecommons.xml
[2008/05/29 07:24:14 | 00,002,642 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\eBay.xml
[2008/05/29 07:24:14 | 00,001,706 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\google.xml
[2008/05/29 07:24:14 | 00,001,178 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\wikipedia.xml
[2008/05/29 07:24:14 | 00,000,792 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\yahoo.xml

O1 HOSTS File: (27 bytes) - C:\WINDOWS\System32\drivers\etc\Hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (Adobe PDF Reader Link Helper) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
O2 - BHO: (IeCatch5 Class) - {2F364306-AA45-47B5-9F9D-39A8B94E7EF7} - C:\Program Files\FlashGet\Jccatch.dll (FlashGet)
O2 - BHO: (AVG Safe Search) - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG8\avgssie.dll (AVG Technologies CZ, s.r.o.)
O2 - BHO: (DriveLetterAccess) - {5CA3D70E-1895-11CF-8E15-001234567890} - C:\WINDOWS\System32\DLA\DLASHX_W.DLL (Sonic Solutions)
O2 - BHO: (SSVHelper Class) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_06\bin\ssv.dll (Sun Microsystems, Inc.)
O3 - HKLM\..\Toolbar: (McAfee VirusScan) - {BA52B914-B692-46c4-B683-905236F6F655} - c:\progra~1\mcafee.com\vso\mcvsshl.dll File not found
O3 - HKLM\..\Toolbar: (FlashGet Bar) - {E0E899AB-F487-11D5-8D29-0050BA6940E3} - C:\Program Files\FlashGet\fgiebar.dll (Amaze Soft)
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - No CLSID value found.
O4 - HKLM..\Run: [iTunesHelper] C:\Program Files\iTunes\iTunesHelper.exe (Apple Inc.)
O4 - HKLM..\Run: [QuickTime Task] C:\Program Files\QuickTime\QTTask.exe (Apple Inc.)
O4 - HKCU..\Run: [Rainlendar] C:\Program Files\Rainlendar2\Rainlendar2.exe ()
O4 - HKCU..\Run: [Rainlendar2] C:\Program Files\Rainlendar2\Rainlendar2.exe ()
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoCDBurning = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: dontdisplaylastusername = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticecaption =
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticetext =
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: shutdownwithoutlogon = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: undockwithoutlogon = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableRegistryTools = 0
O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoRecentDocsMenu = 01 00 00 00 [binary data]
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoRecentDocsHistory = 01 00 00 00 [binary data]
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoRecentDocsNetHood = 01 00 00 00 [binary data]
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoComputersNearMe = 01 00 00 00 [binary data]
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O8 - Extra context menu item: Download All by FlashGet - C:\Program Files\FlashGet\jc_all.htm ()
O8 - Extra context menu item: Download using FlashGet - C:\Program Files\FlashGet\jc_link.htm ()
O8 - Extra context menu item: E&xport to Microsoft Excel - C:\Program Files\Microsoft Office\OFFICE11\EXCEL.EXE (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_06\bin\npjpi160_06.dll (Sun Microsystems, Inc.)
O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\Program Files\Microsoft Office\OFFICE11\REFIEBAR.DLL (Microsoft Corporation)
O9 - Extra Button: FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - C:\Program Files\FlashGet\flashget.exe (FlashGet.com)
O9 - Extra 'Tools' menuitem : &FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - C:\Program Files\FlashGet\flashget.exe (FlashGet.com)
O9 - Extra 'Tools' menuitem : @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe (Microsoft Corporation)
O9 - Extra Button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe File not found
O9 - Extra 'Tools' menuitem : Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe File not found
O15 - HKLM\..Trusted Domains: 1 domain(s) and sub-domain(s) not assigned to a zone.
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_06)
O16 - DPF: {CAFEEFAC-0016-0000-0006-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_06)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_06)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.m...ash/swflash.cab (Shockwave Flash Object)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.254
O18 - Protocol\Handler\cetihpz {CF184AD3-CDCB-4168-A3F7-8E447D129300} - C:\Program Files\HP\hpcoretech\comp\hpuiprot.dll (Hewlett-Packard Company)
O18 - Protocol\Handler\http\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\http\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\https\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\https\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\ipp - No CLSID value found
O18 - Protocol\Handler\ipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\linkscanner {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG8\avgpp.dll (AVG Technologies CZ, s.r.o.)
O18 - Protocol\Handler\msdaipp - No CLSID value found
O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\mso-offdap {3D9F03FA-7A94-11D3-BE81-0050048385D1} - C:\PROGRA~1\COMMON~1\MICROS~1\WEBCOM~1\10\OWC10.DLL File not found
O18 - Protocol\Handler\mso-offdap11 {32505114-5902-49B2-880A-1F7738E5A384} - C:\PROGRA~1\COMMON~1\MICROS~1\WEBCOM~1\11\OWC11.DLL File not found
O18 - Protocol\Filter: - text/xml - C:\Program Files\Common Files\Microsoft Shared\OFFICE11\MSOXMLMF.DLL (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\Explorer.exe (Microsoft Corporation)
O20 - Winlogon\Notify\avgrsstarter: DllName - avgrsstx.dll - C:\WINDOWS\System32\avgrsstx.dll (AVG Technologies CZ, s.r.o.)
O20 - Winlogon\Notify\igfxcui: DllName - igfxdev.dll - C:\WINDOWS\System32\igfxdev.dll (Intel Corporation)
O20 - Winlogon\Notify\IntelWireless: DllName - C:\Program Files\Intel\Wireless\Bin\LgNotify.dll - C:\Program Files\Intel\Wireless\Bin\LgNotify.dll (Intel Corporation)
O24 - Desktop Components:0 (My Current Home Page) - About:Home
O31 - SafeBoot: AlternateShell - cmd.exe
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2005/11/04 19:41:04 | 00,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck) - File not found
O34 - HKLM BootExecute: (autochk) - C:\WINDOWS\System32\autochk.exe (Microsoft Corporation)
O34 - HKLM BootExecute: (*) - File not found

NetSvcs: 6to4 - Service key not found. File not found
NetSvcs: Ias - Service key not found. File not found
NetSvcs: Iprip - Service key not found. File not found
NetSvcs: Irmon - Service key not found. File not found
NetSvcs: NWCWorkstation - Service key not found. File not found
NetSvcs: Nwsapagent - Service key not found. File not found
NetSvcs: Wmi - Service key not found. File not found
NetSvcs: WmdmPmSp - Service key not found. File not found
NetSvcs: helpsvc - C:\WINDOWS\PCHealth\HelpCtr\Binaries\pchsvc.dll (Microsoft Corporation)

========== Files/Folders - Created Within 14 Days ==========

[2009/08/23 10:04:35 | 00,000,000 | ---D | C] -- C:\WINDOWS\temp
[2009/08/23 10:02:50 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\dllcache\cache
[2009/08/23 09:47:53 | 00,229,376 | ---- | C] () -- C:\WINDOWS\PEV.exe
[2009/08/23 09:47:53 | 00,212,480 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWXCACLS.exe
[2009/08/23 09:47:53 | 00,161,792 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWREG.exe
[2009/08/23 09:47:53 | 00,136,704 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWSC.exe
[2009/08/23 09:47:53 | 00,098,816 | ---- | C] () -- C:\WINDOWS\sed.exe
[2009/08/23 09:47:53 | 00,080,412 | ---- | C] () -- C:\WINDOWS\grep.exe
[2009/08/23 09:47:53 | 00,068,096 | ---- | C] () -- C:\WINDOWS\zip.exe
[2009/08/23 09:47:53 | 00,031,232 | ---- | C] (NirSoft) -- C:\WINDOWS\NIRCMD.exe
[2009/08/23 09:47:50 | 00,000,000 | ---D | C] -- C:\WINDOWS\ERDNT
[2009/08/23 09:47:45 | 00,000,000 | ---D | C] -- C:\Qoobox
[2009/08/23 09:37:34 | 03,182,166 | R--- | C] () -- C:\Documents and Settings\Julia Yu\Desktop\Combo-Fix.exe
[2009/08/21 20:43:19 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Julia Yu\Desktop\avz4
[2009/08/21 11:33:00 | 00,102,148 | ---- | C] () -- C:\Documents and Settings\Julia Yu\Desktop\SystemLook.exe
[2009/08/21 10:46:17 | 00,046,080 | ---- | C] () -- C:\Documents and Settings\Julia Yu\Desktop\Win32kDiag.exe
[2009/08/21 09:03:39 | 00,514,048 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\Julia Yu\Desktop\OTL.exe
[2009/08/21 09:00:32 | 00,272,384 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\Julia Yu\Desktop\TFC.exe
[2009/08/21 08:44:27 | 00,001,742 | ---- | C] () -- C:\Documents and Settings\Julia Yu\Desktop\HijackThis.lnk
[2009/08/21 08:44:24 | 00,000,000 | ---D | C] -- C:\Program Files\Trend Micro
[2009/08/21 08:43:52 | 00,812,344 | ---- | C] (Trend Micro Inc.) -- C:\Documents and Settings\Julia Yu\Desktop\HJTInstall.exe
[2009/08/20 20:42:01 | 00,000,000 | ---D | C] -- C:\Program Files\pspgof
[2009/08/19 17:17:23 | 00,000,000 | R--D | C] -- C:\Documents and Settings\Julia Yu\Desktop\Dreams from my father
[2009/08/18 21:33:57 | 73,469,0354 | ---- | C] () -- C:\Documents and Settings\Julia Yu\Desktop\Batman.The.Dark.Knight.PROPER.DVDSCR.XviD-contempt.avi
[2009/08/15 19:38:28 | 73,283,1744 | ---- | C] () -- C:\Documents and Settings\Julia Yu\Desktop\Slumdog.Millionaire.DVDSCR.XviD-NoGrp.avi
[2009/08/15 03:40:04 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Julia Yu\My Documents\Updater
[2009/08/14 00:52:43 | 00,000,000 | ---D | C] -- C:\WINDOWS\ServicePackFiles

========== Files - Modified Within 14 Days ==========

[13 C:\WINDOWS\System32\*.tmp files]
[2009/08/23 10:00:29 | 00,000,253 | ---- | M] () -- C:\WINDOWS\system.ini
[2009/08/23 09:59:48 | 00,000,027 | ---- | M] () -- C:\WINDOWS\System32\drivers\etc\hosts
[2009/08/23 09:59:38 | 00,001,158 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2009/08/23 09:58:30 | 00,000,006 | -H-- | M] () -- C:\WINDOWS\tasks\SA.DAT
[2009/08/23 09:58:15 | 00,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2009/08/23 09:38:04 | 03,182,166 | R--- | M] () -- C:\Documents and Settings\Julia Yu\Desktop\Combo-Fix.exe
[2009/08/23 03:09:13 | 00,229,376 | ---- | M] () -- C:\WINDOWS\PEV.exe
[2009/08/22 08:41:41 | 40,079,995 | ---- | M] () -- C:\WINDOWS\System32\drivers\Avg\incavi.avm
[2009/08/21 21:56:47 | 00,000,664 | ---- | M] () -- C:\WINDOWS\System32\d3d9caps.dat
[2009/08/21 18:02:40 | 00,068,001 | ---- | M] () -- C:\WINDOWS\System32\drivers\Avg\microavi.avg
[2009/08/21 11:32:59 | 00,102,148 | ---- | M] () -- C:\Documents and Settings\Julia Yu\Desktop\SystemLook.exe
[2009/08/21 10:46:14 | 00,046,080 | ---- | M] () -- C:\Documents and Settings\Julia Yu\Desktop\Win32kDiag.exe
[2009/08/21 09:03:43 | 00,514,048 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Julia Yu\Desktop\OTL.exe
[2009/08/21 09:00:32 | 00,272,384 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Julia Yu\Desktop\TFC.exe
[2009/08/21 08:44:28 | 00,001,742 | ---- | M] () -- C:\Documents and Settings\Julia Yu\Desktop\HijackThis.lnk
[2009/08/21 08:43:59 | 00,812,344 | ---- | M] (Trend Micro Inc.) -- C:\Documents and Settings\Julia Yu\Desktop\HJTInstall.exe
[2009/08/20 23:29:18 | 00,171,008 | ---- | M] () -- C:\Documents and Settings\Julia Yu\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2009/08/20 22:51:32 | 00,446,880 | ---- | M] () -- C:\WINDOWS\System32\PerfStringBackup.INI
[2009/08/20 22:51:32 | 00,386,040 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
[2009/08/20 22:51:32 | 00,055,200 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
[2009/08/20 22:32:10 | 00,001,917 | ---- | M] () -- C:\WINDOWS\imsins.BAK
[2009/08/19 11:12:19 | 73,469,0354 | ---- | M] () -- C:\Documents and Settings\Julia Yu\Desktop\Batman.The.Dark.Knight.PROPER.DVDSCR.XviD-contempt.avi
[2009/08/18 16:39:02 | 05,336,460 | -H-- | M] () -- C:\Documents and Settings\Julia Yu\Local Settings\Application Data\IconCache.db
[2009/08/17 16:02:11 | 00,335,240 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\WINDOWS\System32\drivers\avgldx86.sys
[2009/08/17 16:02:11 | 00,027,784 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\WINDOWS\System32\drivers\avgmfx86.sys
[2009/08/17 16:02:11 | 00,011,952 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\WINDOWS\System32\avgrsstx.dll
[2009/08/16 11:13:47 | 73,283,1744 | ---- | M] () -- C:\Documents and Settings\Julia Yu\Desktop\Slumdog.Millionaire.DVDSCR.XviD-NoGrp.avi
[2009/08/14 23:06:52 | 00,000,677 | ---- | M] () -- C:\WINDOWS\win.ini

========== LOP Check ==========

[2009/06/06 15:57:17 | 00,000,000 | RH-D | M] -- C:\Documents and Settings\All Users\Application Data
[2009/06/06 15:57:50 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\{8CD7F5AF-ECFA-4793-BF40-D8F42DBFF906}
[2007/05/12 12:13:11 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\AT&T
[2006/06/23 13:06:49 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Intel
[2007/05/01 19:31:22 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Intuit
[2007/03/07 01:48:56 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\MSScanAppDataDir
[2005/11/04 21:28:16 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Pure Networks
[2008/06/05 16:53:41 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\TEMP
[2007/05/01 19:28:42 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Ulead Systems
[2008/03/08 15:24:21 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Viewpoint
[2009/05/16 20:24:54 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Zoom Player
[2009/08/20 22:43:48 | 00,000,000 | RH-D | M] -- C:\Documents and Settings\Julia Yu\Application Data
[2007/05/01 19:29:35 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Julia Yu\Application Data\acccore(2)
[2007/05/12 11:41:26 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Julia Yu\Application Data\AT&T
[2009/08/20 23:37:57 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Julia Yu\Application Data\BitTorrent
[2007/05/12 11:37:00 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Julia Yu\Application Data\DBUpdater
[2009/04/08 16:20:07 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Julia Yu\Application Data\DNA
[2008/03/25 15:30:12 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Julia Yu\Application Data\Flock
[2006/06/23 13:08:26 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Julia Yu\Application Data\Intel
[2007/05/01 19:30:55 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Julia Yu\Application Data\Intuit
[2007/05/01 19:30:15 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Julia Yu\Application Data\MSNInstaller
[2008/03/25 14:55:26 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Julia Yu\Application Data\Netscape
[2007/06/12 18:51:34 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Julia Yu\Application Data\Opera
[2007/05/01 19:30:53 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Julia Yu\Application Data\Softplicity
[2009/06/27 13:34:33 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Julia Yu\Application Data\Synthesia
[2007/05/12 21:03:07 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Julia Yu\Application Data\toshiba
[2009/03/15 12:45:33 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Julia Yu\Application Data\U3
[2007/01/01 13:16:16 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Julia Yu\Application Data\Ulead Systems
[2008/03/08 15:24:21 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Julia Yu\Application Data\Viewpoint
[2009/08/23 09:59:34 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Julia Yu\Application Data\WTablet
[2004/08/04 05:00:00 | 00,000,065 | RH-- | M] () -- C:\WINDOWS\Tasks\desktop.ini
[2009/08/23 09:58:30 | 00,000,006 | -H-- | M] () -- C:\WINDOWS\Tasks\SA.DAT

========== Purity Check ==========



========== Custom Scans ==========


< %SYSTEMDRIVE%\*.exe >

< %systemroot%\system32\eventlog.dll >
[2004/08/04 05:00:00 | 00,055,808 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\eventlog.dll
[13 C:\WINDOWS\system32\*.tmp files]

< %systemroot%\system32\scecli.dll >
[2004/08/04 05:00:00 | 00,180,224 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\scecli.dll
[13 C:\WINDOWS\system32\*.tmp files]

< %systemroot%\netlogon.dll >

< %systemroot%\system32\cngaudit.dll >

< %systemroot%\system32\sceclt.dll >

< %systemroot%\ntelogon.dll >

< %systemroot%\system32\logevent.dll >

========== Alternate Data Streams ==========

@Alternate Data Stream - 106 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:DFC5A2B2
< End of report >




OTL Extras logfile created on: 8/23/2009 10:16:58 AM - Run 1
OTL by OldTimer - Version 3.0.10.7 Folder = C:\Documents and Settings\Julia Yu\Desktop
Windows XP Home Edition Service Pack 2 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 7.0.5730.13)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

503.42 Mb Total Physical Memory | 122.55 Mb Available Physical Memory | 24.34% Memory free
1.20 Gb Paging File | 0.87 Gb Available in Paging File | 72.70% Paging File free
Paging file location(s): C:\pagefile.sys 756 1512 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 55.65 Gb Total Space | 36.35 Gb Free Space | 65.33% Space Free | Partition Type: NTFS
D: Drive not present or media not loaded
E: Drive not present or media not loaded
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded

Computer Name: MEEPIT
Current User Name: Julia Yu
Logged in as Administrator.

Current Boot Mode: Normal
Scan Mode: Current user
Company Name Whitelist: On
Skip Microsoft Files: On
File Age = 14 Days
Output = Standard
Quick Scan

========== Extra Registry (SafeList) ==========


========== File Associations ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)

========== Security Center Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"FirstRunDisabled" = 1
"AntiVirusDisableNotify" = 0
"FirewallDisableNotify" = 0
"UpdatesDisableNotify" = 0
"AntiVirusOverride" = 0
"FirewallOverride" = 0

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1
"DoNotAllowExceptions" = 0
"DisableNotifications" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
"1900:UDP" = 1900:UDP:LocalSubNet:Disabled:@xpsp2res.dll,-22007
"2869:TCP" = 2869:TCP:LocalSubNet:Disabled:@xpsp2res.dll,-22008

========== Authorized Applications List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
"%windir%\Network Diagnostic\xpnetdiag.exe" = %windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000 -- (Microsoft Corporation)
"C:\Program Files\MSN Messenger\msnmsgr.exe" = C:\Program Files\MSN Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger 8.1 -- File not found
"C:\Program Files\MSN Messenger\livecall.exe" = C:\Program Files\MSN Messenger\livecall.exe:*:Enabled:Windows Live Messenger 8.1 (Phone) -- File not found
"%windir%\system32\drivers\svchost.exe" = %windir%\system32\drivers\svchost.exe:*:Enabled:svchost -- File not found

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"C:\Program Files\Common Files\AOL\System Information\sinf.exe" = C:\Program Files\Common Files\AOL\System Information\sinf.exe:*:Disabled:AOL -- (America Online Inc.)
"C:\Program Files\Common Files\AOL\TopSpeed\2.0\aoltpspd.exe" = C:\Program Files\Common Files\AOL\TopSpeed\2.0\aoltpspd.exe:*:Disabled:AOLTopSpeed -- (America Online Inc)
"C:\Program Files\Common Files\AOL\TopSpeed\2.0\aoltsmon.exe" = C:\Program Files\Common Files\AOL\TopSpeed\2.0\aoltsmon.exe:*:Disabled:AOLTsMon -- (America Online, Inc)
"C:\WINDOWS\Network Diagnostic\xpnetdiag.exe" = C:\WINDOWS\Network Diagnostic\xpnetdiag.exe:*:Disabled:@xpsp3res.dll,-20000 -- (Microsoft Corporation)
"C:\TOSHIBA\ivp\NetInt\Netint.exe" = C:\TOSHIBA\ivp\NetInt\Netint.exe:*:Disabled:NIE - Toshiba Software Upgrade Engine -- (TOSHIBA Corporation)
"C:\TOSHIBA\IVP\ISM\pinger.exe" = C:\TOSHIBA\IVP\ISM\pinger.exe:*:Disabled:Toshiba Software Upgrades Pinger -- (TOSHIBA Corporation)
"C:\Program Files\DNA\btdna.exe" = C:\Program Files\DNA\btdna.exe:*:Enabled:DNA -- (BitTorrent, Inc.)
"C:\Program Files\BitTorrent\bittorrent.exe" = C:\Program Files\BitTorrent\bittorrent.exe:*:Enabled:BitTorrent -- (BitTorrent, Inc.)
"C:\Program Files\Trillian\trillian.exe" = C:\Program Files\Trillian\trillian.exe:*:Enabled:Trillian -- (Cerulean Studios)
"C:\Program Files\Netscape\Navigator 9\navigator.exe" = C:\Program Files\Netscape\Navigator 9\navigator.exe:*:Enabled:Navigator -- (Netscape)
"C:\Program Files\Mozilla Firefox\firefox.exe" = C:\Program Files\Mozilla Firefox\firefox.exe:*:Disabled:Firefox -- (Mozilla Corporation)
"C:\Program Files\Common Files\AOL\Loader\aolload.exe" = C:\Program Files\Common Files\AOL\Loader\aolload.exe:*:Disabled:AOL Loader -- (AOL LLC)
"C:\Program Files\AVG\AVG8\avgupd.exe" = C:\Program Files\AVG\AVG8\avgupd.exe:*:Enabled:avgupd.exe -- (AVG Technologies CZ, s.r.o.)
"C:\Program Files\AVG\AVG8\avgnsx.exe" = C:\Program Files\AVG\AVG8\avgnsx.exe:*:Enabled:avgnsx.exe -- (AVG Technologies CZ, s.r.o.)
"C:\Program Files\iTunes\iTunes.exe" = C:\Program Files\iTunes\iTunes.exe:*:Enabled:iTunes -- (Apple Inc.)


========== HKEY_LOCAL_MACHINE Uninstall List ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{008D69EB-70FF-46AB-9C75-924620DF191A}" = TOSHIBA Speech System SR Engine(U.S.) Version1.0
"{0AFC9710-5DD6-4C6A-BA52-91AE992B2C9D}" = Safari
"{0E2B0B41-7E08-4F9F-B21F-41C4133F43B7}" = mLogView
"{1206EF92-2E83-4859-ACCB-2048C3CB7DA6}" = Sonic DLA
"{179624B1-2683-45ED-965A-B72189EB5820}" = Opera 9.51
"{1F63ED0B-EDD2-4037-B6AB-1358C624AF48}" = Scan
"{21E75254-410E-49C4-8981-2E1A2A2221F2}" = HP Diagnostic Assistant
"{236BB7C4-4419-42FD-0409-1E257A25E34D}" = Adobe Photoshop CS2
"{23FB368F-1399-4EAC-817C-4B83ECBE3D83}" = mProSafe
"{2405665A-16C9-4D3A-B70E-F006220E1472}" = Overland
"{267868CE-6DFF-40F7-9C58-C01119B7B117}" = Fax
"{2FCE4FC5-6930-40E7-A4F1-F862207424EF}" = InterVideo WinDVD Creator 2
"{3248F0A8-6813-11D6-A77B-00B0D0160060}" = Java™ 6 Update 6
"{34A59AC3-6C5C-4A09-A7F5-369A37176C8A}" = AiOSoftware
"{350C97B0-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP
"{3CF78481-FB7B-4B51-99A2-D5E0CD0B3AAF}" = HPSystemDiagnostics
"{3E9D596A-61D4-4239-BD19-2DB984D2A16F}" = mIWA
"{3FBF6F99-8EC6-41B4-8527-0A32241B5496}" = TOSHIBA Speech System TTS Engine(U.S.) Version1.0
"{41254D7B-EADF-4078-AE4A-BD73B300EE86}" = Unload
"{425A2BC2-AA64-4107-9C29-484245BBEA05}" = TOSHIBA Software Upgrades
"{457791C5-D702-4143-A7B2-2744BE9573F2}" = HP Software Update
"{47D2103B-FD51-4017-9C20-DD408B17D726}" = Office 2003 Trial Assistant
"{48CF9A66-5F03-4025-ABD0-B3A3FA095A59}" = TOSHIBA SD Memory Card Format
"{597D73A8-5FDB-4bc1-9893-40B54459F1BC}" = ProductContext
"{64212898-097F-4F3F-AECA-6D34A7EF82DF}" = TOSHIBA Zooming Utility
"{64DD71BC-3109-4C88-9AD3-D5422644B722}" = TOSHIBA Hotkey Utility
"{659B48CD-0608-4ED5-94C0-0B6C87114F10}" = Apple Mobile Device Support
"{6815FCDD-401D-481E-BA88-31B4754C2B46}" = Macromedia Flash Player 8
"{6956856F-B6B3-4BE0-BA0B-8F495BE32033}" = Apple Software Update
"{69BE47C2-36FE-4397-8199-85D8EAE69982}" = TOSHIBA TouchPad ON/Off Utility
"{6DE14BE4-6F04-4935-8ABD-A0A19FE2E55A}" = mCore
"{6E448242-1967-4470-A3F5-FFB62B341D8F}" = 2600
"{6FFFE74E-3FBD-4E2E-97F9-5E9A2A077626}" = mIWCA
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{786C5747-1033-0000-B58E-000000000001}" = Adobe Stock Photos 1.0
"{78C68CB9-3DF5-44F3-AB9D-FA305C5EB85C}" = TOSHIBA Utilities
"{7CD7A451-7224-49C8-95EF-9A1859C66607}" = mZConfig
"{7F22ADCE-3549-49C2-BC16-07B692F57EFF}" = 2600_Help
"{8777AC6D-89F9-4793-8266-DE406F343E89}" = QFolder
"{8B12BA86-ADAC-4BA6-B441-FFC591087252}" = TOSHIBA Virtual Sound
"{8B928BA1-EDEC-4227-A2DA-DD83026C36F5}" = mPfMgr
"{8C6BB412-D3A8-4AAE-A01B-35B681789D68}" = mHelp
"{8EDBA74D-0686-4C99-BFDD-F894678E5B39}" = Adobe Common File Installer
"{90110409-6000-11D3-8CFE-0150048383C9}" = Microsoft Office Professional Edition 2003
"{901F0409-6000-11D3-8CFE-0150048383C9}" = Microsoft Office 2003 Proofing Tools
"{90B0D222-8C21-4B35-9262-53B042F18AF9}" = mPfWiz
"{91810AFC-A4F8-4EBA-A5AA-B198BBC81144}" = InterVideo WinDVD for TOSHIBA
"{9541FED0-327F-4DF0-8B96-EF57EF622F19}" = Sonic RecordNow!
"{9CC89556-3578-48DD-8408-04E66EBEF401}" = mXML
"{9D765FA6-F2BC-40AF-8145-50808F9BDF4E}" = DVD-RAM Driver
"{9F15F5AD-AA10-46d9-B34D-AF2945DC65A6}" = 2600Trb
"{9FE35071-CAB2-4E79-93E7-BFC6A2DC5C5D}" = CD/DVD Drive Acoustic Silencer
"{A1062847-0846-427A-92A1-BB8251A91E91}" = HP PSC & OfficeJet 4.2
"{A2500497-FD32-493e-B8E5-28D6728DBEF5}" = Readme
"{A4EA3AB4-E78C-4286-96DF-26035507CE55}" = AiO_Scan
"{A6690C0E-B96E-4F0F-A8EB-D5B332454AC6}" = TOSHIBA Controls
"{AC76BA86-7AD7-1033-7B44-A70000000000}" = Adobe Reader 7.0.7
"{B3D5D4E0-E965-41C4-ABFD-A7B1AD0663C2}" = Director
"{B74D4E10-1033-0000-0000-000000000001}" = Adobe Bridge 1.0
"{BA561482-C49D-4687-A61C-96236C1688F0}" = ArcSoft Software Suite
"{BDD83DC9-BEE9-4654-A5DA-CC46C250088D}" = TOSHIBA ConfigFree
"{BF018D2F-C788-4AB1-AB95-1280EAB8F13E}" = TrayApp
"{C45F4811-31D5-4786-801D-F79CD06EDD85}" = SD Secure Module
"{C78EAC6F-7A73-452E-8134-DBB2165C5A68}" = QuickTime
"{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}" = Microsoft .NET Framework 1.1
"{CC5702D7-86E2-45A8-99D7-E8B976ADCC56}" = iTunes
"{CEBB6BFB-D708-4F99-A633-BC2600E01EF6}" = Bluetooth Stack for Windows by Toshiba
"{E18E644D-4FC1-4E7F-87B7-A0288A14A322}" = TIxx21/x515
"{E9787678-1033-0000-8E67-000000000001}" = Adobe Help Center 1.0
"{EC8673DA-F96B-497E-B2DB-BC7B029FD680}" = BufferChm
"{EE033C1F-443E-41EC-A0E2-559B539A4E4D}" = TOSHIBA Speech System Applications
"{F0BFC7EF-9CF8-44EE-91B0-158884CD87C5}" = mMHouse
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F1BA3CD5-89DC-4273-8603-A75F33E9B335}" = Nokia Connectivity Adapter Cable DKU-5
"{F4F47155-5B4D-42AA-97F8-490BC52EA7F3}" = Destinations
"{F6090A17-0967-4A8A-B3C3-422A1B514D49}" = mDrWiFi
"{F65787F3-B356-45EC-8DD0-0E6758EDBCEE}" = WebReg
"{FCA651F3-5BDA-4DDA-9E4A-5D87D6914CC4}" = mWlsSafe
"Adobe Flash Player Plugin" = Adobe Flash Player Plugin
"Adobe Photoshop CS2 - {236BB7C4-4419-42FD-0409-1E257A25E34D}" = Adobe Photoshop CS2
"Adobe Shockwave Player" = Adobe Shockwave Player
"AOL Uninstaller" = AOL Uninstaller (Choose which Products to Remove)
"AVG8Uninstall" = AVG 8.5
"Combined Community Codec Pack_is1" = Combined Community Codec Pack 2008-09-21 16:18
"FlashGet(JetCar)" = FlashGet(JetCar)
"Flock" = Flock 1.1
"HijackThis" = HijackThis 2.0.2
"HP Photo & Imaging" = HP Image Zone 4.2
"IDNMitigationAPIs" = Microsoft Internationalized Domain Names Mitigation APIs
"ie7" = Windows Internet Explorer 7
"InstallShield_{E18E644D-4FC1-4E7F-87B7-A0288A14A322}" = Texas Instruments PCIxx21/x515 drivers.
"Microsoft .NET Framework 1.1 (1033)" = Microsoft .NET Framework 1.1
"Mozilla Firefox (3.0.1)" = Mozilla Firefox (3.0.1)
"MSCompPackV1" = Microsoft Compression Client Pack 1.0 for Windows XP
"Netscape Navigator (9.0.0.6)" = Netscape Navigator (9.0.0.6)
"NLSDownlevelMapping" = Microsoft National Language Support Downlevel APIs
"PC Diagnostic Tool" = TOSHIBA PC Diagnostic Tool
"Pen Tablet Driver" = Pen Tablet
"Port Magic" = Pure Networks Port Magic
"ProInst" = Intel® PROSet/Wireless Software
"Rainlendar2" = Rainlendar2 (remove only)
"RealPlayer 6.0" = RealPlayer
"ShockwaveFlash" = Adobe Flash Player 9 ActiveX
"SynTPDeinstKey" = Synaptics Pointing Device Driver
"TOSHIBA Software Modem" = TOSHIBA Software Modem
"Trillian" = Trillian
"Tweak UI 2.10" = Tweak UI
"VLC media player" = VideoLAN VLC media player 0.8.6f
"Windows Media Format Runtime" = Windows Media Format 11 runtime
"Windows Media Player" = Windows Media Player 11
"WMFDist11" = Windows Media Format 11 runtime
"wmp11" = Windows Media Player 11
"Wudf01000" = Microsoft User-Mode Driver Framework Feature Pack 1.0

========== HKEY_CURRENT_USER Uninstall List ==========

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"BitTorrent" = BitTorrent
"BitTorrent DNA" = DNA
"Google Chrome" = Google Chrome

========== Last 10 Event Log Errors ==========

[ Application Events ]
Error - 6/27/2009 4:37:43 PM | Computer Name = MEEPIT | Source = Application Error | ID = 1000
Description = Faulting application synthesia.exe, version 0.0.0.0, faulting module
synthesia.exe, version 0.0.0.0, fault address 0x000d16c9.

Error - 6/27/2009 4:38:33 PM | Computer Name = MEEPIT | Source = Application Error | ID = 1000
Description = Faulting application synthesia.exe, version 0.0.0.0, faulting module
synthesia.exe, version 0.0.0.0, fault address 0x000d16c9.

Error - 6/29/2009 3:44:19 PM | Computer Name = MEEPIT | Source = Application Error | ID = 1000
Description = Faulting application firefox.exe, version 1.9.0.3105, faulting module
unknown, version 0.0.0.0, fault address 0x00140014.

Error - 7/9/2009 8:23:59 PM | Computer Name = MEEPIT | Source = Application Error | ID = 1000
Description = Faulting application svchost.exe, version 5.1.2600.2180, faulting
module wiaservc.dll, version 5.1.2600.3051, fault address 0x000223cd.

Error - 7/15/2009 4:55:13 PM | Computer Name = MEEPIT | Source = Application Error | ID = 1000
Description = Faulting application explorer.exe, version 6.0.2900.3156, faulting
module comctl32.dll, version 6.0.2900.2982, fault address 0x0008a25a.

Error - 7/15/2009 4:55:46 PM | Computer Name = MEEPIT | Source = Application Error | ID = 1000
Description = Faulting application drwtsn32.exe, version 5.1.2600.0, faulting module
dbghelp.dll, version 5.1.2600.2180, fault address 0x0001295d.

Error - 7/24/2009 7:35:09 PM | Computer Name = MEEPIT | Source = Application Hang | ID = 1002
Description = Hanging application firefox.exe, version 1.9.0.3105, hang module hungapp,
version 0.0.0.0, hang address 0x00000000.

Error - 8/7/2009 9:28:17 PM | Computer Name = MEEPIT | Source = Application Error | ID = 1000
Description = Faulting application wmplayer.exe, version 11.0.5721.5145, faulting
module libavcodec.dll, version 0.0.0.0, fault address 0x001a598e.

Error - 8/16/2009 10:48:45 PM | Computer Name = MEEPIT | Source = Application Hang | ID = 1002
Description = Hanging application firefox.exe, version 1.9.0.3105, hang module hungapp,
version 0.0.0.0, hang address 0x00000000.

Error - 8/21/2009 11:36:52 AM | Computer Name = MEEPIT | Source = Application Error | ID = 1000
Description = Faulting application firefox.exe, version 1.9.0.3105, faulting module
js3250.dll, version 4.0.0.0, fault address 0x00075eba.

[ Application Events ]
Error - 6/27/2009 4:37:43 PM | Computer Name = MEEPIT | Source = Application Error | ID = 1000
Description = Faulting application synthesia.exe, version 0.0.0.0, faulting module
synthesia.exe, version 0.0.0.0, fault address 0x000d16c9.

Error - 6/27/2009 4:38:33 PM | Computer Name = MEEPIT | Source = Application Error | ID = 1000
Description = Faulting application synthesia.exe, version 0.0.0.0, faulting module
synthesia.exe, version 0.0.0.0, fault address 0x000d16c9.

Error - 6/29/2009 3:44:19 PM | Computer Name = MEEPIT | Source = Application Error | ID = 1000
Description = Faulting application firefox.exe, version 1.9.0.3105, faulting module
unknown, version 0.0.0.0, fault address 0x00140014.

Error - 7/9/2009 8:23:59 PM | Computer Name = MEEPIT | Source = Application Error | ID = 1000
Description = Faulting application svchost.exe, version 5.1.2600.2180, faulting
module wiaservc.dll, version 5.1.2600.3051, fault address 0x000223cd.

Error - 7/15/2009 4:55:13 PM | Computer Name = MEEPIT | Source = Application Error | ID = 1000
Description = Faulting application explorer.exe, version 6.0.2900.3156, faulting
module comctl32.dll, version 6.0.2900.2982, fault address 0x0008a25a.

Error - 7/15/2009 4:55:46 PM | Computer Name = MEEPIT | Source = Application Error | ID = 1000
Description = Faulting application drwtsn32.exe, version 5.1.2600.0, faulting module
dbghelp.dll, version 5.1.2600.2180, fault address 0x0001295d.

Error - 7/24/2009 7:35:09 PM | Computer Name = MEEPIT | Source = Application Hang | ID = 1002
Description = Hanging application firefox.exe, version 1.9.0.3105, hang module hungapp,
version 0.0.0.0, hang address 0x00000000.

Error - 8/7/2009 9:28:17 PM | Computer Name = MEEPIT | Source = Application Error | ID = 1000
Description = Faulting application wmplayer.exe, version 11.0.5721.5145, faulting
module libavcodec.dll, version 0.0.0.0, fault address 0x001a598e.

Error - 8/16/2009 10:48:45 PM | Computer Name = MEEPIT | Source = Application Hang | ID = 1002
Description = Hanging application firefox.exe, version 1.9.0.3105, hang module hungapp,
version 0.0.0.0, hang address 0x00000000.

Error - 8/21/2009 11:36:52 AM | Computer Name = MEEPIT | Source = Application Error | ID = 1000
Description = Faulting application firefox.exe, version 1.9.0.3105, faulting module
js3250.dll, version 4.0.0.0, fault address 0x00075eba.

[ System Events ]
Error - 8/23/2009 12:33:56 PM | Computer Name = MEEPIT | Source = Service Control Manager | ID = 7000
Description = The McAfee WSC Integration service failed to start due to the following
error: %%2

Error - 8/23/2009 12:33:56 PM | Computer Name = MEEPIT | Source = Service Control Manager | ID = 7000
Description = The McAfee.com McShield service failed to start due to the following
error: %%3

Error - 8/23/2009 12:33:56 PM | Computer Name = MEEPIT | Source = Service Control Manager | ID = 7000
Description = The McAfee Task Scheduler service failed to start due to the following
error: %%3

Error - 8/23/2009 12:49:43 PM | Computer Name = MEEPIT | Source = Service Control Manager | ID = 7009
Description = Timeout (30000 milliseconds) waiting for the PEVSystemStart service
to connect.

Error - 8/23/2009 12:56:27 PM | Computer Name = MEEPIT | Source = Service Control Manager | ID = 7009
Description = Timeout (30000 milliseconds) waiting for the PEVSystemStart service
to connect.

Error - 8/23/2009 12:56:39 PM | Computer Name = MEEPIT | Source = Service Control Manager | ID = 7009
Description = Timeout (30000 milliseconds) waiting for the PEVSystemStart service
to connect.

Error - 8/23/2009 12:58:42 PM | Computer Name = MEEPIT | Source = Service Control Manager | ID = 7000
Description = The McAfee WSC Integration service failed to start due to the following
error: %%2

Error - 8/23/2009 12:58:42 PM | Computer Name = MEEPIT | Source = Service Control Manager | ID = 7000
Description = The McAfee.com McShield service failed to start due to the following
error: %%3

Error - 8/23/2009 12:58:42 PM | Computer Name = MEEPIT | Source = Service Control Manager | ID = 7000
Description = The McAfee Task Scheduler service failed to start due to the following
error: %%3

Error - 8/23/2009 12:59:58 PM | Computer Name = MEEPIT | Source = Service Control Manager | ID = 7009
Description = Timeout (30000 milliseconds) waiting for the PEVSystemStart service
to connect.


< End of report >

Edited by thunderstorm387, 23 August 2009 - 11:19 AM.

Please download CCSkeys to your desktop

• Double click CCSkeys.exe to create a folder on your Desktop named CCSkeys
• Open the CCSkeys folder then double click CCScheck.exe to run the tool.
• When complete a Notepad file will open, please copy and paste the entire contents into your next reply

Note: A copy of the Notepad file can be found at C:\export.txt. You can delete it, along with the CCSkeys folder after posting the contents here.

CCScheck.exe
SWreg.exe courtesy of Bobbi Flekman
Run at: 12:01:52.43
On Sun 08/23/2009

Run from C:\Documents and Settings\Julia Yu\Desktop\CCSkeys




SteelWerX Registry Console Tool 3.0
Written by Bobbi Flekman 2006 ©

HKEY_LOCAL_MACHINE\system\currentcontrolset\services\cryptsvc
DependOnService REG_MULTI_SZ RpcSs\0\0
Description REG_SZ Provides three management services: Catalog Database Service, which confirms the signatures of Windows files; Protected Root Service, which adds and removes Trusted Root Certification Authority certificates from this computer; and Key Service, which helps enroll this computer for certificates. If this service is stopped, these management services will not function properly. If this service is disabled, any services that explicitly depend on it will fail to start.
DisplayName REG_SZ CryptSvc
ErrorControl REG_DWORD 1 (0x1)
ImagePath REG_EXPAND_SZ %SystemRoot%\system32\svchost.exe -k netsvcs
ObjectName REG_SZ LocalSystem
Start REG_DWORD 2 (0x2)
Type REG_DWORD 32 (0x20)

HKEY_LOCAL_MACHINE\system\currentcontrolset\services\cryptsvc\Parameters
ServiceDll REG_EXPAND_SZ %SystemRoot%\System32\cryptsvc.dll
ServiceMain REG_SZ CryptServiceMain

HKEY_LOCAL_MACHINE\system\currentcontrolset\services\cryptsvc\Security
Security REG_BINARY 00000e0001

HKEY_LOCAL_MACHINE\system\currentcontrolset\services\cryptsvc\Enum
0 REG_SZ Root\LEGACY_CRYPTSVC\0000
Count REG_DWORD 1 (0x1)
NextInstance REG_DWORD 1 (0x1)

SteelWerX Registry Console Tool 3.0
Written by Bobbi Flekman 2006 ©

HKEY_LOCAL_MACHINE\system\currentcontrolset\services\seclogon
Description REG_SZ Enables starting processes under alternate credentials. If this service is stopped, this type of logon access will be unavailable. If this service is disabled, any services that explicitly depend on it will fail to start.
DisplayName REG_SZ Secondary Logon
ErrorControl REG_DWORD 0 (0x0)
ImagePath REG_EXPAND_SZ %SystemRoot%\System32\svchost.exe -k netsvcs
Objectname REG_SZ LocalSystem
Start REG_DWORD 2 (0x2)
Type REG_DWORD 288 (0x120)

HKEY_LOCAL_MACHINE\system\currentcontrolset\services\seclogon\Parameters
ServiceDll REG_EXPAND_SZ %SystemRoot%\System32\seclogon.dll
ServiceMain REG_SZ SvcEntry_Seclogon

HKEY_LOCAL_MACHINE\system\currentcontrolset\services\seclogon\Security
Security REG_BINARY 010014807800000084000000140000003000000002001c000100000002801400ff010f00010100000000000100000000020048000300000000001400
8d01020001010000000000050b00000000001800ff010f000102000000000005200000002002000000001400fd0102000101000000000005120000000
10100000000000512000000010100000000000512000000

HKEY_LOCAL_MACHINE\system\currentcontrolset\services\seclogon\Enum
0 REG_SZ Root\LEGACY_SECLOGON\0000
Count REG_DWORD 1 (0x1)
NextInstance REG_DWORD 1 (0x1)

SteelWerX Registry Console Tool 3.0
Written by Bobbi Flekman 2006 ©

HKEY_LOCAL_MACHINE\system\currentcontrolset\services\spooler
DependOnService REG_MULTI_SZ RPCSS\0\0
Description REG_SZ Loads files to memory for later printing.
DisplayName REG_SZ Print Spooler
ErrorControl REG_DWORD 1 (0x1)
Group REG_SZ SpoolerGroup
ImagePath REG_EXPAND_SZ %SystemRoot%\system32\spoolsv.exe
ObjectName REG_SZ LocalSystem
Start REG_DWORD 2 (0x2)
Type REG_DWORD 272 (0x110)

HKEY_LOCAL_MACHINE\system\currentcontrolset\services\spooler\Parameters

HKEY_LOCAL_MACHINE\system\currentcontrolset\services\spooler\Performance
Close REG_SZ PerfClose
Collect REG_SZ PerfCollect
Collect Timeout REG_DWORD 2000 (0x7d0)
Library REG_SZ winspool.drv
Object List REG_SZ 1450
Open REG_SZ PerfOpen
Open Timeout REG_DWORD 4000 (0xfa0)
WbemAdapFileSignature REG_BINARY bd83aba61e8accc8d9ffb869f29418ce
WbemAdapFileTime REG_BINARY 002952e37a79c401
WbemAdapFileSize REG_DWORD 146432 (0x23c00)
WbemAdapStatus REG_DWORD 0 (0x0)

HKEY_LOCAL_MACHINE\system\currentcontrolset\services\spooler\Security
Security REG_BINARY 010014807800000084000000140000003000000002001c000100000002801400ff010f00010100000000000100000000020048000300000000001400
8d01020001010000000000050b00000000001800ff010f000102000000000005200000002002000000001400fd0102000101000000000005120000000
10100000000000512000000010100000000000512000000

HKEY_LOCAL_MACHINE\system\currentcontrolset\services\spooler\Enum
0 REG_SZ Root\LEGACY_SPOOLER\0000
Count REG_DWORD 1 (0x1)
NextInstance REG_DWORD 1 (0x1)

SteelWerX Registry Console Tool 3.0
Written by Bobbi Flekman 2006 ©

HKEY_LOCAL_MACHINE\system\currentcontrolset\services\wscsvc
Type REG_DWORD 32 (0x20)
Start REG_DWORD 2 (0x2)
ErrorControl REG_DWORD 1 (0x1)
ImagePath REG_EXPAND_SZ %SystemRoot%\System32\svchost.exe -k netsvcs
DisplayName REG_SZ Security Center
DependOnService REG_MULTI_SZ RpcSs\0winmgmt\0\0
ObjectName REG_SZ LocalSystem
Description REG_SZ Monitors system security settings and configurations.

HKEY_LOCAL_MACHINE\system\currentcontrolset\services\wscsvc\Parameters
ServiceDll REG_EXPAND_SZ %SYSTEMROOT%\system32\wscsvc.dll

HKEY_LOCAL_MACHINE\system\currentcontrolset\services\wscsvc\Security
Security REG_BINARY 01001480900000009c000000140000003000000002001c000100000002801400ff010f00010100000000000100000000020060000400000000001400
fd01020001010000000000051200000000001800ff010f0001020000000000052000000020020000000014008d01020001010000000000050b0000000
0001800fd01020001020000000000052000000023020000010100000000000512000000010100000000000512000000

HKEY_LOCAL_MACHINE\system\currentcontrolset\services\wscsvc\Enum
0 REG_SZ Root\LEGACY_WSCSVC\0000
Count REG_DWORD 1 (0x1)
NextInstance REG_DWORD 1 (0x1)


-----------------EOF-----------------

Download the GMER Rootkit Scanner. Unzip it to your Desktop.

Before scanning, make sure all other running programs are closed and no other actions like a scheduled antivirus scan will occur while the scan is being performed. Do not use your computer for anything else during the scan.

Double-click gmer.exe. The program will begin to run.

**Caution**
These types of scans can produce false positives. Do NOT take any action on any "<--- ROOKIT" entries unless advised!

If possible rootkit activity is found, you will be asked if you would like to perform a full scan.

• Click NO
• In the right panel, you will see a bunch of boxes that have been checked ... leave everything checked and ensure the Show all box is un-checked.
• Now click the Scan button.
  Once the scan is complete, you may receive another notice about rootkit activity.
• Click OK.
• GMER will produce a log. Click on the [Save..] button, and in the File name area, type in "GMER.txt"
• Save it where you can easily find it, such as your desktop.

Post the contents of GMER.txt in your next reply.

GMER 1.0.15.15077 [gmer.exe] - http://www.gmer.net
Rootkit scan 2009-08-24 20:42:36
Windows 5.1.2600 Service Pack 2


---- Devices - GMER 1.0.15 ----

Device \FileSystem\Udfs \UdfsCdRom DLAIFS_M.SYS (Drive Letter Access Component/Sonic Solutions)
Device \FileSystem\meiudf \MeiUDF_Disk DLAIFS_M.SYS (Drive Letter Access Component/Sonic Solutions)
Device \FileSystem\meiudf \MeiUDF_CdRom DLAIFS_M.SYS (Drive Letter Access Component/Sonic Solutions)
Device \FileSystem\Udfs \UdfsDisk DLAIFS_M.SYS (Drive Letter Access Component/Sonic Solutions)

AttachedDevice \Driver\Tcpip \Device\Ip avgtdix.sys (AVG Network connection watcher/AVG Technologies CZ, s.r.o.)
AttachedDevice \Driver\Kbdclass \Device\KeyboardClass0 SynTP.sys (Synaptics Touchpad Driver/Synaptics, Inc.)
AttachedDevice \Driver\Tcpip \Device\Tcp avgtdix.sys (AVG Network connection watcher/AVG Technologies CZ, s.r.o.)

Device pci.sys (NT Plug and Play PCI Enumerator/Microsoft Corporation)

AttachedDevice \Driver\Tcpip \Device\Udp avgtdix.sys (AVG Network connection watcher/AVG Technologies CZ, s.r.o.)
AttachedDevice \Driver\Tcpip \Device\RawIp avgtdix.sys (AVG Network connection watcher/AVG Technologies CZ, s.r.o.)

Device \FileSystem\Cdfs \Cdfs DLAIFS_M.SYS (Drive Letter Access Component/Sonic Solutions)

---- EOF - GMER 1.0.15 ----