OTListIt logfile created on: 5/25/2009 12:26:36 AM - Run 1 OTListIt2 by OldTimer - Version 2.0.15.8 Folder = C:\Documents and Settings\A Teresa Birns\Desktop Windows XP Professional Edition Service Pack 2 (Version = 5.1.2600) - Type = NTWorkstation Internet Explorer (Version = 7.0.5730.11) Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy 1022.11 Mb Total Physical Memory | 547.24 Mb Available Physical Memory | 53.54% Memory free 2.40 Gb Paging File | 1.99 Gb Available in Paging File | 82.83% Paging File free Paging file location(s): C:\pagefile.sys 1536 3072 [binary data] %SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files Drive C: | 37.19 Gb Total Space | 14.11 Gb Free Space | 37.95% Space Free | Partition Type: NTFS D: Drive not present or media not loaded E: Drive not present or media not loaded F: Drive not present or media not loaded G: Drive not present or media not loaded H: Drive not present or media not loaded I: Drive not present or media not loaded Computer Name: DCMLHXB1 Current User Name: A Teresa Birns Logged in as Administrator. Current Boot Mode: Normal Scan Mode: Current user Output = Minimal File Age = 30 Days Company Name Whitelist: On [color=orange]========== Processes (SafeList) ==========[/color] PRC - C:\Program Files\Common Files\BitDefender\BitDefender Update Service\livesrv.exe (BitDefender SRL) PRC - C:\Program Files\BitDefender\BitDefender 2009\vsserv.exe (BitDefender S. R. L.) PRC - C:\Program Files\Intel\Wireless\Bin\EvtEng.exe (Intel Corporation) PRC - C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe (Intel Corporation ) PRC - C:\Program Files\Intel\Wireless\Bin\WLKeeper.exe (Intel(R) Corporation) PRC - C:\WINDOWS\Explorer.EXE (Microsoft Corporation) PRC - C:\Program Files\Wave Systems Corp\Common\DataServer.exe (Wave Systems Corp.) PRC - C:\WINDOWS\system32\E_S00RP1.EXE (SEIKO EPSON CORPORATION) PRC - C:\Program Files\Java\jre6\bin\jqs.exe (Sun Microsystems, Inc.) PRC - C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE (Microsoft Corporation) PRC - C:\Program Files\Dell\QuickSet\NICCONFIGSVC.exe (Dell Inc.) PRC - C:\WINDOWS\system32\nvsvc32.exe (NVIDIA Corporation) PRC - C:\Program Files\Common Files\Intuit\QuickBooks\QBCFMonitorService.exe (Intuit) PRC - C:\WINDOWS\VM_STI.EXE (Vimicro) PRC - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\Acrotray.exe (Adobe Systems Inc.) PRC - C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe (Intel Corporation) PRC - C:\Program Files\Common Files\SafeNet Sentinel\Sentinel Protection Server\WinNT\spnsrvnt.exe (SafeNet, Inc) PRC - C:\Program Files\CyberLink\PowerDVD\DVDLauncher.exe (CyberLink Corp.) PRC - C:\WINDOWS\system32\SAgent4.exe (SEIKO EPSON CORPORATION) PRC - C:\Program Files\NTRU Cryptosystems\NTRU Hybrid TSS v2.0.25\bin\tcsd_win32.exe () PRC - C:\Program Files\Wave Systems Corp\Services Manager\DocMgr\bin\docmgr.exe (Wave Systems Corp.) PRC - C:\WINDOWS\wanmpsvc.exe (America Online, Inc.) PRC - C:\Program Files\Dell Photo AIO Printer 924\dlccmon.exe (Dell) PRC - C:\WINDOWS\System32\DLA\DLACTRLW.EXE (Sonic Solutions) PRC - C:\Program Files\BitDefender\BitDefender 2009\bdagent.exe (BitDefender S.R.L.) PRC - C:\WINDOWS\system32\wbem\wmiprvse.exe (Microsoft Corporation) PRC - C:\Program Files\BitDefender\BitDefender 2009\seccenter.exe () PRC - C:\WINDOWS\system32\dlcccoms.exe ( ) PRC - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe (Macrovision Europe Ltd.) PRC - C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation) PRC - C:\Documents and Settings\A Teresa Birns\Desktop\OTListIt2.exe (OldTimer Tools) [color=orange]========== Win32 Services (SafeList) ==========[/color] SRV - (Adobe LM Service [On_Demand | Stopped]) -- C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe (Adobe Systems) SRV - (Arrakis3 [On_Demand | Stopped]) -- C:\Program Files\Common Files\BitDefender\BitDefender Arrakis Server\bin\Arrakis3.exe () SRV - (aspnet_state [On_Demand | Stopped]) -- C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe (Microsoft Corporation) SRV - (clr_optimization_v2.0.50727_32 [On_Demand | Stopped]) -- C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe (Microsoft Corporation) SRV - (DataSvr2 [Auto | Running]) -- C:\Program Files\Wave Systems Corp\Common\DataServer.exe (Wave Systems Corp.) SRV - (dlcc_device [On_Demand | Running]) -- C:\WINDOWS\system32\dlcccoms.exe ( ) SRV - (EPSON_PM_RPCV2_01 [Auto | Running]) -- C:\WINDOWS\system32\E_S00RP1.EXE (SEIKO EPSON CORPORATION) SRV - (EvtEng [Auto | Running]) -- C:\Program Files\Intel\Wireless\Bin\EvtEng.exe (Intel Corporation) SRV - (FLEXnet Licensing Service [On_Demand | Running]) -- C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe (Macrovision Europe Ltd.) SRV - (FontCache3.0.0.0 [On_Demand | Stopped]) -- c:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe (Microsoft Corporation) SRV - (gusvc [Auto | Stopped]) -- C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe (Google) SRV - (helpsvc [Auto | Running]) -- C:\WINDOWS\PCHealth\HelpCtr\Binaries\pchsvc.dll (Microsoft Corporation) SRV - (idsvc [Unknown | Stopped]) -- C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe (Microsoft Corporation) SRV - (JavaQuickStarterService [Auto | Running]) -- C:\Program Files\Java\jre6\bin\jqs.exe (Sun Microsystems, Inc.) SRV - (LIVESRV [Auto | Running]) -- C:\Program Files\Common Files\BitDefender\BitDefender Update Service\livesrv.exe (BitDefender SRL) SRV - (MDM [Auto | Running]) -- C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE (Microsoft Corporation) SRV - (NetTcpPortSharing [Disabled | Stopped]) -- C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe (Microsoft Corporation) SRV - (NICCONFIGSVC [Auto | Running]) -- C:\Program Files\Dell\QuickSet\NICCONFIGSVC.exe (Dell Inc.) SRV - (NVSvc [Auto | Running]) -- C:\WINDOWS\system32\nvsvc32.exe (NVIDIA Corporation) SRV - (ose [On_Demand | Stopped]) -- C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE (Microsoft Corporation) SRV - (QBCFMonitorService [Auto | Running]) -- C:\Program Files\Common Files\Intuit\QuickBooks\QBCFMonitorService.exe (Intuit) SRV - (QBFCService [On_Demand | Stopped]) -- C:\Program Files\Common Files\Intuit\QuickBooks\FCS\Intuit.QuickBooks.FCS.exe (Intuit Inc.) SRV - (RegSrvc [Auto | Running]) -- C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe (Intel Corporation) SRV - (S24EventMonitor [Auto | Running]) -- C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe (Intel Corporation ) SRV - (scan [On_Demand | Stopped]) -- C:\Program Files\Common Files\BitDefender\BitDefender Threat Scanner\scan.dll (S.C. BitDefender S.R.L) SRV - (SentinelProtectionServer [Auto | Running]) -- C:\Program Files\Common Files\SafeNet Sentinel\Sentinel Protection Server\WinNT\spnsrvnt.exe (SafeNet, Inc) SRV - (StatusAgent4 [Auto | Running]) -- C:\WINDOWS\system32\SAgent4.exe (SEIKO EPSON CORPORATION) SRV - (tcsd_win32.exe [Auto | Running]) -- C:\Program Files\NTRU Cryptosystems\NTRU Hybrid TSS v2.0.25\bin\tcsd_win32.exe () SRV - (uploadmgr [Auto | Stopped]) -- C:\WINDOWS\PCHealth\HelpCtr\Binaries\pchsvc.dll (Microsoft Corporation) SRV - (VSSERV [Auto | Running]) -- C:\Program Files\BitDefender\BitDefender 2009\vsserv.exe (BitDefender S. R. L.) SRV - (WANMiniportService [Auto | Running]) -- C:\WINDOWS\wanmpsvc.exe (America Online, Inc.) SRV - (WLANKEEPER [Auto | Running]) -- C:\Program Files\Intel\Wireless\Bin\WLKeeper.exe (Intel(R) Corporation) SRV - (WMPNetworkSvc [On_Demand | Stopped]) -- C:\Program Files\Windows Media Player\WMPNetwk.exe (Microsoft Corporation) [color=orange]========== Driver Services (SafeList) ==========[/color] DRV - (AegisP [Auto | Running]) -- C:\WINDOWS\system32\DRIVERS\AegisP.sys (Meetinghouse Data Communications) DRV - (AliIde [Disabled | Stopped]) -- C:\WINDOWS\system32\DRIVERS\aliide.sys (Acer Laboratories Inc.) DRV - (amdagp [Disabled | Stopped]) -- C:\WINDOWS\system32\DRIVERS\amdagp.sys (Advanced Micro Devices, Inc.) DRV - (ApfiltrService [On_Demand | Running]) -- C:\WINDOWS\system32\DRIVERS\Apfiltr.sys (Alps Electric Co., Ltd.) DRV - (APPDRV [System | Running]) -- C:\WINDOWS\SYSTEM32\DRIVERS\APPDRV.SYS (Dell Inc) DRV - (asc [Disabled | Stopped]) -- C:\WINDOWS\system32\DRIVERS\asc.sys (Advanced System Products, Inc.) DRV - (asc3550 [Disabled | Stopped]) -- C:\WINDOWS\system32\DRIVERS\asc3550.sys (Advanced System Products, Inc.) DRV - (ASCTRM [Auto | Running]) -- C:\WINDOWS\System32\drivers\asctrm.sys (Windows (R) 2000 DDK provider) DRV - (b57w2k [On_Demand | Running]) -- C:\WINDOWS\system32\DRIVERS\b57xp32.sys (Broadcom Corporation) DRV - (bdfm [On_Demand | Running]) -- C:\WINDOWS\system32\drivers\bdfm.sys (BitDefender S.R.L. Bucharest, ROMANIA) DRV - (Bdfndisf [On_Demand | Running]) -- C:\WINDOWS\system32\DRIVERS\bdfndisf.sys (BitDefender LLC) DRV - (bdfsfltr [On_Demand | Running]) -- C:\WINDOWS\system32\drivers\bdfsfltr.sys (BitDefender S.R.L. Bucharest, ROMANIA) DRV - (bdftdif [System | Running]) -- C:\Program Files\Common Files\BitDefender\BitDefender Firewall\bdftdif.sys (BitDefender LLC) DRV - (BDSelfPr [On_Demand | Running]) -- C:\Program Files\BitDefender\BitDefender 2009\bdselfpr.sys (BitDefender S.R.L.) DRV - (BDVEDISK [Auto | Running]) -- C:\Program Files\BitDefender\BitDefender 2009\BDVEDISK.sys (BitDefender S.R.L.) DRV - (CmdIde [Disabled | Stopped]) -- C:\WINDOWS\system32\DRIVERS\cmdide.sys (CMD Technology, Inc.) DRV - (dac2w2k [Disabled | Stopped]) -- C:\WINDOWS\system32\DRIVERS\dac2w2k.sys (Mylex Corporation) DRV - (DLABOIOM [Auto | Running]) -- C:\WINDOWS\System32\DLA\DLABOIOM.SYS (Sonic Solutions) DRV - (DLACDBHM [System | Running]) -- C:\WINDOWS\System32\Drivers\DLACDBHM.SYS (Sonic Solutions) DRV - (DLADResN [Auto | Running]) -- C:\WINDOWS\System32\DLA\DLADResN.SYS (Sonic Solutions) DRV - (DLAIFS_M [Auto | Running]) -- C:\WINDOWS\System32\DLA\DLAIFS_M.SYS (Sonic Solutions) DRV - (DLAOPIOM [Auto | Running]) -- C:\WINDOWS\System32\DLA\DLAOPIOM.SYS (Sonic Solutions) DRV - (DLAPoolM [Auto | Running]) -- C:\WINDOWS\System32\DLA\DLAPoolM.SYS (Sonic Solutions) DRV - (DLARTL_N [System | Running]) -- C:\WINDOWS\System32\Drivers\DLARTL_N.SYS (Sonic Solutions) DRV - (DLAUDFAM [Auto | Running]) -- C:\WINDOWS\System32\DLA\DLAUDFAM.SYS (Sonic Solutions) DRV - (DLAUDF_M [Auto | Running]) -- C:\WINDOWS\System32\DLA\DLAUDF_M.SYS (Sonic Solutions) DRV - (DRVMCDB [Boot | Running]) -- C:\WINDOWS\System32\Drivers\DRVMCDB.SYS (Sonic Solutions) DRV - (DRVNDDM [Auto | Running]) -- C:\WINDOWS\System32\Drivers\DRVNDDM.SYS (Sonic Solutions) DRV - (E100B [On_Demand | Stopped]) -- C:\WINDOWS\system32\DRIVERS\e100b325.sys (Intel Corporation) DRV - (Eplpdx02 [On_Demand | Running]) -- C:\WINDOWS\system32\Drivers\EPLPDX02.SYS (MK Systems CO., LTD.) DRV - (HDAudBus [On_Demand | Running]) -- C:\WINDOWS\system32\DRIVERS\HDAudBus.sys (Windows (R) Server 2003 DDK provider) DRV - (HSF_DPV [On_Demand | Running]) -- C:\WINDOWS\system32\DRIVERS\HSX_DPV.sys (Conexant Systems, Inc.) DRV - (HSXHWAZL [On_Demand | Running]) -- C:\WINDOWS\system32\DRIVERS\HSXHWAZL.sys (Conexant Systems, Inc.) DRV - (mdmxsdk [Auto | Running]) -- C:\WINDOWS\system32\DRIVERS\mdmxsdk.sys (Conexant) DRV - (mraid35x [Disabled | Stopped]) -- C:\WINDOWS\system32\DRIVERS\mraid35x.sys (American Megatrends Inc.) DRV - (nv [On_Demand | Running]) -- C:\WINDOWS\system32\DRIVERS\nv4_mini.sys (NVIDIA Corporation) DRV - (PBADRV [Boot | Running]) -- C:\WINDOWS\system32\drivers\pbadrv.sys (Dell Inc) DRV - (Profos [On_Demand | Stopped]) -- C:\Program Files\Common Files\BitDefender\BitDefender Threat Scanner\profos.sys () DRV - (Ptilink [On_Demand | Running]) -- C:\WINDOWS\system32\DRIVERS\ptilink.sys (Parallel Technologies, Inc.) DRV - (PxHelp20 [Boot | Running]) -- C:\WINDOWS\System32\Drivers\PxHelp20.sys (Sonic Solutions) DRV - (ql1080 [Disabled | Stopped]) -- C:\WINDOWS\system32\DRIVERS\ql1080.sys (QLogic Corporation) DRV - (ql12160 [Disabled | Stopped]) -- C:\WINDOWS\system32\DRIVERS\ql12160.sys (QLogic Corporation) DRV - (ql1280 [Disabled | Stopped]) -- C:\WINDOWS\system32\DRIVERS\ql1280.sys (QLogic Corporation) DRV - (s24trans [Auto | Running]) -- C:\WINDOWS\system32\DRIVERS\s24trans.sys (Intel Corporation) DRV - (Secdrv [On_Demand | Stopped]) -- C:\WINDOWS\system32\DRIVERS\secdrv.sys (Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K.) DRV - (Sentinel [Auto | Running]) -- C:\WINDOWS\System32\Drivers\SENTINEL.SYS (SafeNet, Inc.) DRV - (sisagp [Disabled | Stopped]) -- C:\WINDOWS\system32\DRIVERS\sisagp.sys (Silicon Integrated Systems Corporation) DRV - (slabbus [On_Demand | Stopped]) -- C:\WINDOWS\system32\DRIVERS\slabbus.sys (MCCI) DRV - (slabser [On_Demand | Stopped]) -- C:\WINDOWS\system32\DRIVERS\slabser.sys (MCCI) DRV - (SNTNLUSB [On_Demand | Stopped]) -- C:\WINDOWS\system32\DRIVERS\SNTNLUSB.SYS (SafeNet, Inc.) DRV - (Sparrow [Disabled | Stopped]) -- C:\WINDOWS\system32\DRIVERS\sparrow.sys (Adaptec, Inc.) DRV - (STHDA [On_Demand | Running]) -- C:\WINDOWS\system32\drivers\sthda.sys (SigmaTel, Inc.) DRV - (symc810 [Disabled | Stopped]) -- C:\WINDOWS\system32\DRIVERS\symc810.sys (Symbios Logic Inc.) DRV - (symc8xx [Disabled | Stopped]) -- C:\WINDOWS\system32\DRIVERS\symc8xx.sys (LSI Logic) DRV - (sym_hi [Disabled | Stopped]) -- C:\WINDOWS\system32\DRIVERS\sym_hi.sys (LSI Logic) DRV - (sym_u3 [Disabled | Stopped]) -- C:\WINDOWS\system32\DRIVERS\sym_u3.sys (LSI Logic) DRV - (Trufos [On_Demand | Stopped]) -- C:\Program Files\Common Files\BitDefender\BitDefender Threat Scanner\trufos.sys (BitDefender S.R.L.) DRV - (ultra [Disabled | Stopped]) -- C:\WINDOWS\system32\DRIVERS\ultra.sys (Promise Technology, Inc.) DRV - (USBCCID [On_Demand | Running]) -- C:\WINDOWS\system32\DRIVERS\usbccid.sys (Microsoft Corporation) DRV - (w39n51 [On_Demand | Running]) -- C:\WINDOWS\system32\DRIVERS\w39n51.sys (Intel® Corporation) DRV - (wanatw [On_Demand | Running]) -- C:\WINDOWS\system32\DRIVERS\wanatw4.sys (America Online, Inc.) DRV - (winachsf [On_Demand | Running]) -- C:\WINDOWS\system32\DRIVERS\HSX_CNXT.sys (Conexant Systems, Inc.) DRV - (ZSMC301b [On_Demand | Stopped]) -- C:\WINDOWS\System32\Drivers\usbVM31b.sys (VM) [color=orange]========== Standard Registry (SafeList) ==========[/color] [color=orange]========== Internet Explorer ==========[/color] IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157 IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = [binary data] IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Extensions Off Page = about:NoAdd-ons IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Security Risk Page = about:SecurityRisk IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157 IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,CustomizeSearch = http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchcust.htm IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.google.com/ie IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\WINDOWS\system32\blank.htm IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.google.com IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com/ IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 [color=orange]========== FireFox ==========[/color] FF - prefs.js..browser.startup.homepage: "file:///C:/Documents%20and%20Settings/A%20Teresa%20Birns/HomePage/index.html" FF - prefs.js..extensions.enabledItems: FFToolbar@bitdefender.com:2.0 FF - prefs.js..extensions.enabledItems: {e001c731-5e37-4538-a5cb-8168736a2360}:0.9.4.2 FF - prefs.js..extensions.enabledItems: {1018e4d6-728f-4b20-ad56-37578a4de76b}:3.3.12 FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0002-ABCDEFFEDCBA}:6.0.02 FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0003-ABCDEFFEDCBA}:6.0.03 FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0005-ABCDEFFEDCBA}:6.0.05 FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA}:6.0.07 FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0001-ABCDEFFEDCBA}:6.0.01 FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0011-ABCDEFFEDCBA}:6.0.11 FF - prefs.js..extensions.enabledItems: jqs@sun.com:1.0 FF - prefs.js..extensions.enabledItems: {20a82645-c095-46ed-80e3-08825760534b}:1.0 FF - prefs.js..extensions.enabledItems: {AE93811A-5C9A-4d34-8462-F7B864FC4696}:3.29 FF - prefs.js..extensions.enabledItems: {a0d7ccb3-214d-498b-b4aa-0e8fda9a7bf7}:20090325 FF - prefs.js..extensions.enabledItems: {972ce4c6-7e08-4474-a285-3208198ce6fd}:3.0.10 FF - HKLM\software\mozilla\CompuServe 7.0\Extensions\\: FF - HKLM\software\mozilla\CompuServe 7.0\Extensions\\Components: C:\PROGRAM FILES\COMMON FILES\CSSHARE\PLUGINS0942 [2008/08/16 19:44:48 | 00,000,000 | ---D | M] FF - HKLM\software\mozilla\CompuServe 7.0\Extensions\\Plugins: C:\PROGRAM FILES\COMMON FILES\CSSHARE\PLUGINS0942 [2008/08/16 19:44:48 | 00,000,000 | ---D | M] FF - HKLM\software\mozilla\Firefox\Extensions\\jqs@sun.com: C:\PROGRAM FILES\JAVA\JRE6\LIB\DEPLOY\JQS\FF [2008/12/23 09:45:37 | 00,000,000 | ---D | M] FF - HKLM\software\mozilla\Firefox\Extensions\\{20a82645-c095-46ed-80e3-08825760534b}: C:\WINDOWS\MICROSOFT.NET\FRAMEWORK\V3.5\WINDOWS PRESENTATION FOUNDATION\DOTNETASSISTANTEXTENSION\ [2009/03/31 15:39:27 | 00,000,000 | ---D | M] FF - HKLM\software\mozilla\Firefox\Extensions\\FFToolbar@bitdefender.com: C:\PROGRAM FILES\BITDEFENDER\BITDEFENDER 2009\FFTOOLBAR\ [2009/05/05 07:51:38 | 00,000,000 | ---D | M] FF - HKLM\software\mozilla\Mozilla Firefox 3.0.10\extensions\\Components: C:\PROGRAM FILES\MOZILLA FIREFOX\COMPONENTS [2009/05/05 07:55:54 | 00,000,000 | ---D | M] FF - HKLM\software\mozilla\Mozilla Firefox 3.0.10\extensions\\Plugins: C:\PROGRAM FILES\MOZILLA FIREFOX\PLUGINS [2009/04/29 08:03:17 | 00,000,000 | ---D | M] FF - HKLM\software\mozilla\Mozilla Thunderbird 2.0.0.21\extensions\\Components: C:\PROGRAM FILES\MOZILLA THUNDERBIRD\COMPONENTS [2009/05/05 07:55:55 | 00,000,000 | ---D | M] FF - HKLM\software\mozilla\Mozilla Thunderbird 2.0.0.21\extensions\\Plugins: C:\PROGRAM FILES\MOZILLA THUNDERBIRD\PLUGINS [2008/08/16 19:44:49 | 00,000,000 | ---D | M] FF - HKLM\software\mozilla\Thunderbird\Extensions\\bdThunderbird@bitdefender.com: C:\PROGRAM FILES\BITDEFENDER\BITDEFENDER 2009\TBEXTENSION\ [2009/05/05 07:51:39 | 00,000,000 | ---D | M] [2008/08/27 20:59:20 | 00,000,000 | ---D | M] -- C:\Documents and Settings\A Teresa Birns\Application Data\mozilla\Extensions [2008/08/27 20:59:20 | 00,000,000 | ---D | M] -- C:\Documents and Settings\A Teresa Birns\Application Data\mozilla\Extensions\{ec8030f7-c20a-464f-9b0e-13a3a9e97384} [2009/05/23 21:54:18 | 00,000,000 | ---D | M] -- C:\Documents and Settings\A Teresa Birns\Application Data\mozilla\Firefox\Profiles\mvlpn0u5.default\extensions [2009/04/24 19:43:16 | 00,000,000 | ---D | M] -- C:\Documents and Settings\A Teresa Birns\Application Data\mozilla\Firefox\Profiles\mvlpn0u5.default\extensions\{0538E3E3-7E9B-4d49-8831-A227C80A7AD3} [2009/03/29 21:53:48 | 00,000,000 | ---D | M] -- C:\Documents and Settings\A Teresa Birns\Application Data\mozilla\Firefox\Profiles\mvlpn0u5.default\extensions\{0545b830-f0aa-4d7e-8820-50a4629a56fe} [2009/05/17 08:30:27 | 00,000,000 | ---D | M] -- C:\Documents and Settings\A Teresa Birns\Application Data\mozilla\Firefox\Profiles\mvlpn0u5.default\extensions\{1018e4d6-728f-4b20-ad56-37578a4de76b} [2007/10/31 21:33:59 | 00,000,000 | ---D | M] -- C:\Documents and Settings\A Teresa Birns\Application Data\mozilla\Firefox\Profiles\mvlpn0u5.default\extensions\{5ed572bf-9878-43b3-be69-feb67cb4080e} [2009/03/29 21:53:53 | 00,000,000 | ---D | M] -- C:\Documents and Settings\A Teresa Birns\Application Data\mozilla\Firefox\Profiles\mvlpn0u5.default\extensions\{a0d7ccb3-214d-498b-b4aa-0e8fda9a7bf7} [2009/04/24 19:43:18 | 00,000,000 | ---D | M] -- C:\Documents and Settings\A Teresa Birns\Application Data\mozilla\Firefox\Profiles\mvlpn0u5.default\extensions\{AE93811A-5C9A-4d34-8462-F7B864FC4696} [2009/05/20 07:40:39 | 00,000,000 | ---D | M] -- C:\Documents and Settings\A Teresa Birns\Application Data\mozilla\Firefox\Profiles\mvlpn0u5.default\extensions\{e001c731-5e37-4538-a5cb-8168736a2360} [2009/05/19 08:05:17 | 00,000,000 | ---D | M] -- C:\Documents and Settings\A Teresa Birns\Application Data\mozilla\Firefox\Profiles\mvlpn0u5.default\extensions\validator@totalvalidator.com [2009/05/24 23:56:43 | 00,000,000 | ---D | M] -- C:\Program Files\mozilla firefox\extensions [2009/04/29 08:03:17 | 00,000,000 | ---D | M] -- C:\Program Files\mozilla firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd} [2007/05/16 16:42:18 | 00,000,000 | ---D | M] -- C:\Program Files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0001-ABCDEFFEDCBA} [2007/08/17 19:13:11 | 00,000,000 | ---D | M] -- C:\Program Files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0002-ABCDEFFEDCBA} [2007/10/14 21:19:52 | 00,000,000 | ---D | M] -- C:\Program Files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0003-ABCDEFFEDCBA} [2008/04/30 15:24:39 | 00,000,000 | ---D | M] -- C:\Program Files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0005-ABCDEFFEDCBA} [2008/07/17 20:16:55 | 00,000,000 | ---D | M] -- C:\Program Files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA} [2008/12/23 09:45:58 | 00,000,000 | ---D | M] -- C:\Program Files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0011-ABCDEFFEDCBA} [2009/04/29 08:03:07 | 00,023,032 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\browserdirprovider.dll [2009/04/29 08:03:07 | 00,134,648 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\brwsrcmp.dll [2009/03/05 18:08:04 | 00,049,664 | ---- | M] () -- C:\Program Files\mozilla firefox\components\FFComm.dll [2008/08/27 20:59:04 | 00,001,394 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\amazondotcom.xml [2008/08/27 20:59:04 | 00,002,193 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\answers.xml [2008/08/27 20:59:04 | 00,001,534 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\creativecommons.xml [2008/11/15 11:12:20 | 00,002,343 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\eBay.xml [2008/08/27 20:59:04 | 00,001,706 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\google.xml [2008/08/27 20:59:04 | 00,001,178 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\wikipedia.xml [2008/08/27 20:59:04 | 00,000,792 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\yahoo.xml O1 HOSTS File: (303844 bytes) - C:\WINDOWS\System32\drivers\etc\Hosts O1 - Hosts: 127.0.0.1 localhost O1 - Hosts: 127.0.0.1 www.007guard.com O1 - Hosts: 127.0.0.1 007guard.com O1 - Hosts: 127.0.0.1 008i.com O1 - Hosts: 127.0.0.1 www.008k.com O1 - Hosts: 127.0.0.1 008k.com O1 - Hosts: 127.0.0.1 www.00hq.com O1 - Hosts: 127.0.0.1 00hq.com O1 - Hosts: 127.0.0.1 010402.com O1 - Hosts: 127.0.0.1 www.032439.com O1 - Hosts: 127.0.0.1 032439.com O1 - Hosts: 127.0.0.1 www.0scan.com O1 - Hosts: 127.0.0.1 0scan.com O1 - Hosts: 127.0.0.1 www.1000gratisproben.com O1 - Hosts: 127.0.0.1 1000gratisproben.com O1 - Hosts: 127.0.0.1 www.1001namen.com O1 - Hosts: 127.0.0.1 1001namen.com O1 - Hosts: 127.0.0.1 100888290cs.com O1 - Hosts: 127.0.0.1 www.100888290cs.com O1 - Hosts: 127.0.0.1 100sexlinks.com O1 - Hosts: 127.0.0.1 www.100sexlinks.com O1 - Hosts: 127.0.0.1 10sek.com O1 - Hosts: 127.0.0.1 www.10sek.com O1 - Hosts: 127.0.0.1 www.1-2005-search.com O1 - Hosts: 127.0.0.1 1-2005-search.com O1 - Hosts: 10468 more lines... O2 - BHO: (DriveLetterAccess) - {5CA3D70E-1895-11CF-8E15-001234567890} - C:\WINDOWS\System32\DLA\DLASHX_W.DLL File not found O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll File not found O2 - BHO: (Google Toolbar Helper) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll File not found O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll File not found O3 - HKLM\..\Toolbar: (BitDefender Toolbar) - {381FFDE8-2394-4f90-B10D-FC6124A40F8C} - C:\Program Files\BitDefender\BitDefender 2009\IEToolbar.dll File not found O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll File not found O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll File not found O4 - HKLM..\Run: [Acrobat Assistant 8.0] "C:\Program Files\Adobe\Acrobat 8.0\Acrobat\Acrotray.exe" (Adobe Systems Inc.) O4 - HKLM..\Run: [BDAgent] "C:\Program Files\BitDefender\BitDefender 2009\bdagent.exe" (BitDefender S.R.L.) O4 - HKLM..\Run: [BigDogPath] C:\WINDOWS\VM_STI.EXE VIMICRO USB PC Camera (Vimicro) O4 - HKLM..\Run: [BitDefender Antiphishing Helper] "C:\Program Files\BitDefender\BitDefender 2009\IEShow.exe" (BitDefender) O4 - HKLM..\Run: [DLA] C:\WINDOWS\System32\DLA\DLACTRLW.EXE (Sonic Solutions) O4 - HKLM..\Run: [DLCCCATS] rundll32 C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\DLCCtime.dll,_RunDLLEntry@16 () O4 - HKLM..\Run: [dlccmon.exe] "C:\Program Files\Dell Photo AIO Printer 924\dlccmon.exe" (Dell) O4 - HKLM..\Run: [Document Manager] C:\Program Files\Wave Systems Corp\Services Manager\DocMgr\bin\docmgr.exe (Wave Systems Corp.) O4 - HKLM..\Run: [DVDLauncher] "C:\Program Files\CyberLink\PowerDVD\DVDLauncher.exe" (CyberLink Corp.) O4 - HKLM..\Run: [IndexSearch] C:\Program Files\ScanSoft\PaperPort\IndexSearch.exe (ScanSoft, Inc.) O4 - HKLM..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup (NVIDIA Corporation) O4 - HKCU..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe (Google Inc.) O4 - Startup: C:\Documents and Settings\A Teresa Birns\Start Menu\Programs\Startup\ERUNT AutoBackup.lnk = C:\Program Files\ERUNT\AUTOBACK.EXE () O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\UPS WorldShip PLD Reminder Utility.lnk = C:\UPS\UOWS\PldReminder.exe (UPS) O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoCDBurning = 0 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: dontdisplaylastusername = 0 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticecaption = O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticetext = O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: shutdownwithoutlogon = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: undockwithoutlogon = 1 O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145 O8 - Extra context menu item: Append to existing PDF - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html File not found O8 - Extra context menu item: Convert link target to Adobe PDF - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html File not found O8 - Extra context menu item: Convert link target to existing PDF - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html File not found O8 - Extra context menu item: Convert selected links to Adobe PDF - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECaptureSelLinks.html File not found O8 - Extra context menu item: Convert selected links to existing PDF - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppendSelLinks.html File not found O8 - Extra context menu item: Convert selection to Adobe PDF - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html File not found O8 - Extra context menu item: Convert selection to existing PDF - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html File not found O8 - Extra context menu item: Convert to Adobe PDF - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html File not found O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000 (Microsoft Corporation) O9 - Extra 'Tools' menuitem : Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe () O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\Program Files\Microsoft Office\OFFICE11\REFIEBAR.DLL (Microsoft Corporation) O9 - Extra 'Tools' menuitem : @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe (Microsoft Corporation) O9 - Extra Button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe (Microsoft Corporation) O9 - Extra 'Tools' menuitem : Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe (Microsoft Corporation) O15 - HKLM\..Trusted Domains: 49 domain(s) and sub-domain(s) not assigned to a zone. O15 - HKCU\..Trusted Domains: softswot.com ([]https in Trusted sites) O15 - HKCU\..Trusted Domains: 48 domain(s) and sub-domain(s) not assigned to a zone. O16 - DPF: {01113300-3E00-11D2-8470-0060089874ED} https://activatemydsl.verizon.net/sdcCommon/download/DSL/tgctlcm.cab (Support.com Configuration Class) O16 - DPF: {01A88BB1-1174-41EC-ACCB-963509EAE56B} http://support.dell.com/systemprofiler/SysPro.CAB (SysProWmi Class) O16 - DPF: {166B1BCA-3F9C-11CF-8075-444553540000} http://download.macromedia.com/pub/shockwave/cabs/director/sw.cab (Shockwave ActiveX Control) O16 - DPF: {31435657-9980-0010-8000-00AA00389B71} http://download.microsoft.com/download/e/2/f/e2fcec4b-6c8b-48b7-adab-ab9c403a978f/wvc1dmo.cab (Reg Error: Key error.) O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} http://download.bitdefender.com/resources/scan8/oscan8.cab (BDSCANONLINE Control) O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_11-windows-i586.cab (Java Plug-in 1.6.0_11) O16 - DPF: {CAFEEFAC-0013-0001-0002-ABCDEFFEDCBA} http://java.sun.com/products/plugin/1.3.1/jinstall-131_02-win.cab (Reg Error: Value error.) O16 - DPF: {CAFEEFAC-0015-0000-0006-ABCDEFFEDCBA} http://java.sun.com/update/1.5.0/jinstall-1_5_0_06-windows-i586.cab (Java Plug-in 1.5.0_06) O16 - DPF: {CAFEEFAC-0015-0000-0010-ABCDEFFEDCBA} http://java.sun.com/update/1.5.0/jinstall-1_5_0_10-windows-i586.cab (Java Plug-in 1.5.0_10) O16 - DPF: {CAFEEFAC-0015-0000-0011-ABCDEFFEDCBA} http://java.sun.com/update/1.5.0/jinstall-1_5_0_11-windows-i586.cab (Java Plug-in 1.5.0_11) O16 - DPF: {CAFEEFAC-0016-0000-0001-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_01-windows-i586.cab (Java Plug-in 1.6.0_01) O16 - DPF: {CAFEEFAC-0016-0000-0002-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_02-windows-i586.cab (Java Plug-in 1.6.0_02) O16 - DPF: {CAFEEFAC-0016-0000-0003-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_03-windows-i586.cab (Java Plug-in 1.6.0_03) O16 - DPF: {CAFEEFAC-0016-0000-0005-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_05-windows-i586.cab (Java Plug-in 1.6.0_05) O16 - DPF: {CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_07-windows-i586.cab (Java Plug-in 1.6.0_07) O16 - DPF: {CAFEEFAC-0016-0000-0011-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_11-windows-i586.cab (Java Plug-in 1.6.0_11) O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_11-windows-i586.cab (Java Plug-in 1.6.0_11) O18 - Protocol\Handler\http\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation) O18 - Protocol\Handler\http\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation) O18 - Protocol\Handler\https\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation) O18 - Protocol\Handler\https\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation) O18 - Protocol\Handler\intu-help-qb1 {9B0F96C7-2E4B-433e-ABF3-043BA1B54AE3} - C:\Program Files\Intuit\QuickBooks 2008\HelpAsyncPluggableProtocol.dll (TODO: ) O18 - Protocol\Handler\ipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation) O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation) O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation) O18 - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Program Files\Common Files\Microsoft Shared\Help\hxds.dll (Microsoft Corporation) O18 - Protocol\Handler\ms-itss {0A9007C0-4076-11D3-8789-0000F8105754} - C:\Program Files\Common Files\Microsoft Shared\Information Retrieval\MSITSS.DLL (Microsoft Corporation) O18 - Protocol\Handler\mso-offdap11 {32505114-5902-49B2-880A-1F7738E5A384} - C:\Program Files\Common Files\Microsoft Shared\Web Components\11\OWC11.DLL (Microsoft Corporation) O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies) O18 - Protocol\Filter: - text/xml - C:\Program Files\Common Files\Microsoft Shared\OFFICE11\MSOXMLMF.DLL (Microsoft Corporation) O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\Explorer.exe (Microsoft Corporation) O20 - Winlogon\Notify\dimsntfy: DllName - Reg Error: Value error. - Reg Error: Value error. File not found O24 - Desktop Components:0 (My Current Home Page) - About:Home O30 - LSA: Authentication Packages - (wvauth) - C:\WINDOWS\System32\wvauth.dll (Wave Systems Corp.) O31 - SafeBoot: AlternateShell - cmd.exe O32 - HKLM CDRom: AutoRun - 1 O32 - AutoRun File - [2004/08/11 18:15:00 | 00,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ] O33 - MountPoints2\{1c57bb34-ae87-11dd-b574-0015c5a645fa}\Shell - "" = AutoRun O33 - MountPoints2\{1c57bb34-ae87-11dd-b574-0015c5a645fa}\Shell\AutoRun - "" = Auto&Play O33 - MountPoints2\{1c57bb34-ae87-11dd-b574-0015c5a645fa}\Shell\AutoRun\command - "" = F:\LaunchU3.exe -- File not found O33 - MountPoints2\{4ba4e75f-d8c8-11db-b23b-0015c5a645fa}\Shell - "" = AutoRun O33 - MountPoints2\{4ba4e75f-d8c8-11db-b23b-0015c5a645fa}\Shell\AutoRun - "" = Auto&Play O33 - MountPoints2\{4ba4e75f-d8c8-11db-b23b-0015c5a645fa}\Shell\AutoRun\command - "" = H:\LaunchU3.exe -- File not found O33 - MountPoints2\{54e695d0-6ec6-11dc-b2d8-0018de83bbdb}\Shell\AutoRun\command - "" = F:\setupSNK.exe -- File not found O33 - MountPoints2\{d1804b2a-b645-11db-b212-0015c5a645fa}\Shell\AutoRun\command - "" = E:\JDSecure\Windows\JDSecure20.exe -- File not found O34 - HKLM BootExecute: (autocheck) - File not found O34 - HKLM BootExecute: (autochk) - C:\WINDOWS\System32\autochk.exe (Microsoft Corporation) O34 - HKLM BootExecute: (*) - * [2009/05/25 00:23:58 | 00,000,000 | ---D | M] O34 - HKLM BootExecute: (MACHINE) - File not found O34 - HKLM BootExecute: (BootExecut) - File not found [color=orange]========== Files/Folders - Created Within 30 Days ==========[/color] [2 C:\WINDOWS\*.tmp files] [2009/05/25 00:22:32 | 00,000,000 | ---D | C] -- C:\Rooter$ [2009/05/25 00:22:12 | 00,267,612 | ---- | C] () -- C:\DOCUME~1\ATERES~1\Desktop\Rooter.exe [2009/05/25 00:19:18 | 00,000,000 | ---D | C] -- C:\WINDOWS\ERDNT [2009/05/25 00:18:56 | 00,000,767 | ---- | C] () -- C:\Documents and Settings\A Teresa Birns\Start Menu\Programs\Startup\ERUNT AutoBackup.lnk [2009/05/25 00:18:53 | 00,000,611 | ---- | C] () -- C:\DOCUME~1\ATERES~1\Desktop\NTREGOPT.lnk [2009/05/25 00:18:53 | 00,000,592 | ---- | C] () -- C:\DOCUME~1\ATERES~1\Desktop\ERUNT.lnk [2009/05/25 00:18:51 | 00,000,000 | ---D | C] -- C:\Program Files\ERUNT [2009/05/25 00:18:26 | 00,791,393 | ---- | C] (Lars Hederer ) -- C:\DOCUME~1\ATERES~1\Desktop\erunt_setup.exe [2009/05/25 00:13:15 | 00,021,504 | ---- | C] (Doug Knox) -- C:\DOCUME~1\ATERES~1\Desktop\SysRestorePoint.exe [2009/05/24 23:47:55 | 00,501,248 | ---- | C] (OldTimer Tools) -- C:\DOCUME~1\ATERES~1\Desktop\OTListIt2.exe [2009/05/24 23:26:31 | 00,001,734 | ---- | C] () -- C:\DOCUME~1\ATERES~1\Desktop\HijackThis.lnk [2009/05/24 23:26:31 | 00,000,000 | ---D | C] -- C:\Program Files\Trend Micro [2009/05/24 23:25:27 | 00,812,344 | ---- | C] (Trend Micro Inc.) -- C:\DOCUME~1\ATERES~1\Desktop\HJTInstall.exe [2009/05/23 22:46:23 | 00,039,884 | ---- | C] () -- C:\DOCUME~1\ATERES~1\Desktop\Estate Back Office.png [2009/05/23 22:27:12 | 00,001,216 | ---- | C] () -- C:\DOCUME~1\ATERES~1\Desktop\stripe_27021b2ad9dea6e4848d150b0c9a7f98.png [2009/05/23 22:26:10 | 00,000,085 | ---- | C] () -- C:\DOCUME~1\ATERES~1\Desktop\stripe_35f24cfe5c6a911e02bae957b2151ae3.png [2009/05/22 20:13:59 | 00,000,696 | ---- | C] () -- C:\DOCUME~1\ALLUSE~1\Desktop\Malwarebytes' Anti-Malware.lnk [2009/05/22 20:13:58 | 00,015,504 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbam.sys [2009/05/22 20:13:55 | 00,038,496 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbamswissarmy.sys [2009/05/22 20:13:52 | 00,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware [2009/05/22 20:11:03 | 02,967,800 | ---- | C] (Malwarebytes Corporation ) -- C:\DOCUME~1\ATERES~1\Desktop\mbam-setup.exe [2009/05/20 07:41:05 | 00,000,829 | ---- | C] () -- C:\DOCUME~1\ATERES~1\Desktop\QuickScan Folder.lnk [2009/05/20 07:41:04 | 00,000,000 | ---D | C] -- C:\Documents and Settings\A Teresa Birns\Application Data\QuickScan [2009/05/19 23:05:51 | 00,000,868 | ---- | C] () -- C:\WINDOWS\tasks\Google Software Updater.job [2009/05/12 08:26:13 | 00,120,320 | ---- | C] () -- C:\Documents and Settings\A Teresa Birns\My Documents\Expense review worksheet.xls [2009/05/12 08:14:36 | 01,727,333 | ---- | C] () -- C:\DOCUME~1\ATERES~1\Desktop\struempler.JPG [2009/05/06 14:22:54 | 00,000,000 | ---D | C] -- C:\DOCUME~1\ATERES~1\Desktop\PoweTek Done [2009/05/06 12:55:17 | 00,018,944 | ---- | C] () -- C:\DOCUME~1\ATERES~1\Desktop\PowerTek products.xls [2009/05/06 12:49:50 | 00,004,627 | ---- | C] () -- C:\DOCUME~1\ATERES~1\Desktop\PowerTekproducts.dat [2009/05/06 08:02:39 | 00,034,816 | ---- | C] () -- C:\DOCUME~1\ATERES~1\Desktop\engravable gifts products RECOVERED.xls [2009/05/05 12:58:43 | 00,000,524 | ---- | C] () -- C:\WINDOWS\System32\BDUpdateV1.xml [2009/05/05 07:52:25 | 00,001,863 | ---- | C] () -- C:\DOCUME~1\ALLUSE~1\Desktop\BitDefender Total Security 2009.lnk [2009/05/05 07:52:24 | 00,000,000 | ---D | C] -- C:\Documents and Settings\A Teresa Birns\Application Data\BitDefender [2009/05/05 07:51:19 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\BitDefender [2009/05/05 07:49:48 | 00,000,000 | ---D | C] -- C:\Program Files\Common Files\BitDefender [2009/05/04 23:56:01 | 00,285,874 | ---- | C] () -- C:\DOCUME~1\ATERES~1\Desktop\bd_sys_log.xml.zip [2009/05/03 17:46:07 | 00,000,000 | ---D | C] -- C:\Documents and Settings\A Teresa Birns\My Documents\FW Business Plan [2009/05/03 16:31:11 | 00,000,000 | ---D | C] -- C:\Documents and Settings\A Teresa Birns\My Documents\EBO [2009/04/30 16:10:07 | 00,000,000 | ---D | C] -- C:\DOCUME~1\ATERES~1\Desktop\Engravable Gifts DONE [2009/04/30 16:05:48 | 00,034,816 | ---- | C] () -- C:\DOCUME~1\ATERES~1\Desktop\engravable gifts products.xls [2009/04/30 16:03:04 | 00,012,368 | ---- | C] () -- C:\DOCUME~1\ATERES~1\Desktop\products(2) [2009/04/29 07:04:13 | 00,029,696 | ---- | C] () -- C:\DOCUME~1\ATERES~1\Desktop\Business Plan Narrative.doc [2009/04/28 15:34:12 | 00,017,920 | ---- | C] () -- C:\Documents and Settings\A Teresa Birns\My Documents\BLANK emb. order form.xls [2009/04/28 15:25:01 | 00,017,408 | ---- | C] () -- C:\Documents and Settings\A Teresa Birns\My Documents\Kokopelli Traders emb. order form.xls [2009/04/28 14:32:01 | 00,114,176 | ---- | C] () -- C:\DOCUME~1\ATERES~1\Desktop\bizplan.doc [2009/04/26 23:35:34 | 00,048,913 | ---- | C] () -- C:\DOCUME~1\ATERES~1\Desktop\Holly Birns w-2.pdf [2008/10/28 12:49:27 | 00,000,121 | ---- | C] () -- C:\WINDOWS\bdagent.INI [2008/10/09 16:31:54 | 00,192,512 | ---- | C] () -- C:\WINDOWS\System32\txmlutil.dll [2008/09/17 01:39:42 | 00,086,016 | ---- | C] () -- C:\WINDOWS\System32\custmon32.dll [2008/03/13 17:06:12 | 00,008,704 | ---- | C] () -- C:\WINDOWS\System32\CNMVS75.DLL [2008/02/10 21:29:09 | 00,000,075 | ---- | C] () -- C:\WINDOWS\wifhsstest.ini [2008/01/09 15:01:48 | 00,000,453 | ---- | C] () -- C:\WINDOWS\bdoscandellang.ini [2007/05/20 20:11:13 | 00,000,000 | ---- | C] () -- C:\WINDOWS\JDSecure20.INI [2007/04/03 22:33:52 | 00,638,976 | ---- | C] ( ) -- C:\WINDOWS\System32\dlccpmui.dll [2007/04/03 22:33:52 | 00,106,496 | ---- | C] () -- C:\WINDOWS\System32\dlccinsr.dll [2007/04/03 22:33:51 | 00,483,328 | ---- | C] ( ) -- C:\WINDOWS\System32\dlcclmpm.dll [2007/04/03 22:33:51 | 00,413,696 | ---- | C] ( ) -- C:\WINDOWS\System32\dlcccomm.dll [2007/04/03 22:33:51 | 00,155,648 | ---- | C] () -- C:\WINDOWS\System32\dlccins.dll [2007/04/03 22:33:51 | 00,114,688 | ---- | C] ( ) -- C:\WINDOWS\System32\dlccpplc.dll [2007/04/03 22:33:51 | 00,040,960 | ---- | C] () -- C:\WINDOWS\System32\dlccvs.dll [2007/04/03 22:33:50 | 01,183,744 | ---- | C] ( ) -- C:\WINDOWS\System32\dlccserv.dll [2007/04/03 22:33:50 | 01,134,592 | ---- | C] ( ) -- C:\WINDOWS\System32\dlccusb1.dll [2007/04/03 22:33:50 | 00,774,144 | ---- | C] ( ) -- C:\WINDOWS\System32\dlcchbn3.dll [2007/04/03 22:33:50 | 00,704,512 | ---- | C] ( ) -- C:\WINDOWS\System32\dlcccomc.dll [2007/04/03 22:33:50 | 00,155,648 | ---- | C] ( ) -- C:\WINDOWS\System32\dlccprox.dll [2007/04/03 22:33:49 | 00,430,080 | ---- | C] () -- C:\WINDOWS\System32\dlccutil.dll [2007/04/03 22:33:49 | 00,073,728 | ---- | C] () -- C:\WINDOWS\System32\dlcccu.dll [2007/04/03 22:33:49 | 00,036,864 | ---- | C] () -- C:\WINDOWS\System32\dlcccur.dll [2007/04/03 22:33:47 | 00,176,128 | ---- | C] () -- C:\WINDOWS\System32\dlccinsb.dll [2007/04/03 22:33:47 | 00,086,016 | ---- | C] () -- C:\WINDOWS\System32\dlcccub.dll [2007/04/03 22:33:46 | 00,131,072 | ---- | C] () -- C:\WINDOWS\System32\dlccjswr.dll [2007/04/03 22:33:44 | 00,065,536 | ---- | C] () -- C:\WINDOWS\System32\dlcccfg.dll [2007/01/31 14:50:32 | 00,913,408 | ---- | C] () -- C:\WINDOWS\System32\xreglib.dll [2006/11/29 00:22:48 | 00,373,248 | ---- | C] () -- C:\WINDOWS\EyeCand3.INI [2006/11/19 23:38:09 | 00,000,002 | ---- | C] () -- C:\WINDOWS\msoffice.ini [2006/11/05 23:59:01 | 00,180,224 | ---- | C] () -- C:\WINDOWS\System32\nssckbi.dll [2006/11/05 23:57:55 | 00,000,127 | ---- | C] () -- C:\WINDOWS\UPSWSHIP.INI [2006/11/05 23:49:43 | 00,000,258 | ---- | C] () -- C:\WINDOWS\System32\BDEMERGE.INI [2006/11/05 23:36:57 | 00,012,126 | ---- | C] () -- C:\WINDOWS\System32\Pixpcz.dll [2006/11/05 23:36:57 | 00,011,934 | ---- | C] () -- C:\WINDOWS\System32\Pixpnr.dll [2006/11/05 23:33:55 | 00,027,185 | ---- | C] () -- C:\WINDOWS\maxlink.ini [2006/11/05 21:56:40 | 00,000,045 | ---- | C] () -- C:\WINDOWS\EPSONC84.ini [2006/11/05 21:42:47 | 00,000,139 | ---- | C] () -- C:\WINDOWS\KPCMS.INI [2006/11/05 21:42:46 | 00,210,944 | ---- | C] () -- C:\WINDOWS\System32\MSVCRT10.DLL [2006/10/25 17:34:35 | 00,000,061 | ---- | C] () -- C:\WINDOWS\smscfg.ini [2006/10/25 17:29:43 | 00,000,126 | ---- | C] () -- C:\WINDOWS\wininit.ini [2006/10/25 17:27:35 | 00,000,376 | ---- | C] () -- C:\WINDOWS\ODBC.INI [2006/10/25 17:19:55 | 00,143,360 | ---- | C] () -- C:\WINDOWS\System32\bioapi_mds300.dll [2006/10/25 17:19:55 | 00,106,496 | ---- | C] () -- C:\WINDOWS\System32\bioapi100.dll [2006/10/25 16:52:34 | 01,662,976 | ---- | C] () -- C:\WINDOWS\System32\nvwdmcpl.dll [2006/10/25 16:52:34 | 01,466,368 | ---- | C] () -- C:\WINDOWS\System32\nview.dll [2006/10/25 16:52:34 | 01,019,904 | ---- | C] () -- C:\WINDOWS\System32\nvwimg.dll [2006/10/25 16:52:34 | 00,466,944 | ---- | C] () -- C:\WINDOWS\System32\nvshell.dll [2006/10/25 16:52:33 | 00,106,496 | ---- | C] () -- C:\WINDOWS\System32\nvapi.dll [2006/10/25 16:51:42 | 00,000,390 | ---- | C] () -- C:\WINDOWS\System32\OEMINFO.INI [2006/09/18 14:37:50 | 00,000,530 | ---- | C] () -- C:\WINDOWS\System32\tx12_ic.ini [2006/09/18 14:37:48 | 00,667,280 | ---- | C] () -- C:\WINDOWS\System32\tx12.dll [2006/06/12 11:01:18 | 00,024,576 | ---- | C] () -- C:\WINDOWS\System32\TspPopup_RUS.dll [2006/06/12 11:01:18 | 00,024,576 | ---- | C] () -- C:\WINDOWS\System32\TspPopup_ITA.dll [2006/06/12 11:01:18 | 00,024,576 | ---- | C] () -- C:\WINDOWS\System32\TspPopup_FRA.dll [2006/06/12 11:01:18 | 00,024,576 | ---- | C] () -- C:\WINDOWS\System32\TspPopup_ESN.dll [2006/06/12 11:01:18 | 00,024,576 | ---- | C] () -- C:\WINDOWS\System32\TspPopup_ENU.dll [2006/06/12 11:01:18 | 00,024,576 | ---- | C] () -- C:\WINDOWS\System32\TspPopup_DEU.dll [2006/06/12 11:01:18 | 00,024,576 | ---- | C] () -- C:\WINDOWS\System32\TspPopup_CHS.dll [2006/06/12 11:01:16 | 00,348,160 | ---- | C] () -- C:\WINDOWS\System32\Tsp.dll [2006/05/22 09:37:36 | 00,184,320 | ---- | C] () -- C:\WINDOWS\System32\AmRes_en.dll [2006/05/22 09:32:12 | 00,192,512 | ---- | C] () -- C:\WINDOWS\System32\AmRes_es.dll [2006/05/22 09:32:06 | 00,192,512 | ---- | C] () -- C:\WINDOWS\System32\AmRes_ko.dll [2006/05/22 09:32:00 | 00,192,512 | ---- | C] () -- C:\WINDOWS\System32\AmRes_de.dll [2006/05/22 09:31:52 | 00,184,320 | ---- | C] () -- C:\WINDOWS\System32\AmRes_pt-BR.dll [2006/05/22 09:31:46 | 00,192,512 | ---- | C] () -- C:\WINDOWS\System32\AmRes_fr.dll [2006/05/22 09:31:38 | 00,184,320 | ---- | C] () -- C:\WINDOWS\System32\AmRes_ja.dll [2006/05/22 09:31:32 | 00,204,800 | ---- | C] () -- C:\WINDOWS\System32\AmRes_ru.dll [2006/05/22 09:31:26 | 00,192,512 | ---- | C] () -- C:\WINDOWS\System32\AmRes_it.dll [2006/05/22 09:31:18 | 00,176,128 | ---- | C] () -- C:\WINDOWS\System32\AmRes_zh-CHS.dll [2006/05/22 09:31:12 | 00,172,032 | ---- | C] () -- C:\WINDOWS\System32\AmRes_zh-CHT.dll [2006/05/16 13:34:22 | 00,286,720 | ---- | C] () -- C:\WINDOWS\System32\wxvault.dll [2006/05/16 13:33:06 | 00,004,096 | ---- | C] () -- C:\WINDOWS\System32\detoured.dll [2006/05/15 20:08:42 | 00,077,824 | ---- | C] () -- C:\WINDOWS\System32\Internationalization_en.dll [2006/05/15 19:52:12 | 00,073,728 | ---- | C] () -- C:\WINDOWS\System32\Internationalization_pt.dll [2006/05/15 19:52:02 | 00,069,632 | ---- | C] () -- C:\WINDOWS\System32\Internationalization_zh-CHT.dll [2006/05/15 19:51:52 | 00,073,728 | ---- | C] () -- C:\WINDOWS\System32\Internationalization_ko.dll [2006/05/15 19:51:42 | 00,077,824 | ---- | C] () -- C:\WINDOWS\System32\Internationalization_es.dll [2006/05/15 19:51:34 | 00,077,824 | ---- | C] () -- C:\WINDOWS\System32\Internationalization_ru.dll [2006/05/15 19:51:24 | 00,073,728 | ---- | C] () -- C:\WINDOWS\System32\Internationalization_ja.dll [2006/05/15 19:51:16 | 00,081,920 | ---- | C] () -- C:\WINDOWS\System32\Internationalization_it.dll [2006/05/15 19:51:06 | 00,081,920 | ---- | C] () -- C:\WINDOWS\System32\Internationalization_de.dll [2006/05/15 19:50:56 | 00,081,920 | ---- | C] () -- C:\WINDOWS\System32\Internationalization_fr.dll [2006/05/15 19:50:46 | 00,069,632 | ---- | C] () -- C:\WINDOWS\System32\Internationalization_zh-CHS.dll [2005/12/01 15:41:20 | 00,057,344 | ---- | C] () -- C:\WINDOWS\System32\pbadrvdll.dll [2005/11/10 02:38:34 | 00,000,000 | ---- | C] () -- C:\WINDOWS\System32\px.ini [2005/09/20 14:36:06 | 00,798,720 | ---- | C] () -- C:\WINDOWS\System32\DemoLicense.dll [2005/06/11 12:47:00 | 00,045,056 | ---- | C] () -- C:\WINDOWS\System32\fpprintmon.dll [2004/08/11 18:24:19 | 00,000,791 | ---- | C] () -- C:\WINDOWS\orun32.ini [2004/08/11 18:11:31 | 00,001,793 | ---- | C] () -- C:\WINDOWS\System32\fxsperf.ini [2004/08/11 18:00:37 | 00,000,922 | ---- | C] () -- C:\WINDOWS\win.ini [2004/08/11 18:00:35 | 00,000,227 | ---- | C] () -- C:\WINDOWS\system.ini [2004/08/11 18:00:31 | 00,022,040 | ---- | C] () -- C:\WINDOWS\System32\_004240_.tmp.dll [2004/08/11 18:00:18 | 00,249,270 | ---- | C] () -- C:\WINDOWS\System32\_004272_.tmp.dll [2004/07/21 16:03:14 | 00,917,504 | ---- | C] () -- C:\WINDOWS\System32\lmgr10.dll [2004/07/20 15:27:52 | 00,057,344 | ---- | C] () -- C:\WINDOWS\System32\ADsSecurity.dll [2004/03/18 19:01:20 | 00,072,192 | ---- | C] () -- C:\WINDOWS\System32\xltZlib.dll [2003/01/07 16:05:08 | 00,002,695 | ---- | C] () -- C:\WINDOWS\System32\OUTLPERF.INI [2002/03/04 11:16:34 | 00,110,592 | R--- | C] () -- C:\WINDOWS\System32\Jpeg32.dll [color=orange]========== Files - Modified Within 30 Days ==========[/color] [248 C:\WINDOWS\System32\*.tmp files] [2 C:\WINDOWS\*.tmp files] [2009/05/25 00:22:13 | 00,267,612 | ---- | M] () -- C:\DOCUME~1\ATERES~1\Desktop\Rooter.exe [2009/05/25 00:18:56 | 00,000,767 | ---- | M] () -- C:\Documents and Settings\A Teresa Birns\Start Menu\Programs\Startup\ERUNT AutoBackup.lnk [2009/05/25 00:18:53 | 00,000,611 | ---- | M] () -- C:\DOCUME~1\ATERES~1\Desktop\NTREGOPT.lnk [2009/05/25 00:18:53 | 00,000,592 | ---- | M] () -- C:\DOCUME~1\ATERES~1\Desktop\ERUNT.lnk [2009/05/25 00:18:27 | 00,791,393 | ---- | M] (Lars Hederer ) -- C:\DOCUME~1\ATERES~1\Desktop\erunt_setup.exe [2009/05/25 00:13:16 | 00,021,504 | ---- | M] (Doug Knox) -- C:\DOCUME~1\ATERES~1\Desktop\SysRestorePoint.exe [2009/05/24 23:55:41 | 00,002,206 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl [2009/05/24 23:55:18 | 00,023,680 | ---- | M] () -- C:\WINDOWS\System32\nvModes.001 [2009/05/24 23:55:17 | 00,000,127 | ---- | M] () -- C:\WINDOWS\UPSWSHIP.INI [2009/05/24 23:54:55 | 00,000,000 | ---- | M] () -- C:\WINDOWS\System32\NvwsApps.xml [2009/05/24 23:54:46 | 00,000,868 | ---- | M] () -- C:\WINDOWS\tasks\Google Software Updater.job [2009/05/24 23:54:27 | 00,000,006 | -H-- | M] () -- C:\WINDOWS\tasks\SA.DAT [2009/05/24 23:54:21 | 00,000,062 | -HS- | M] () -- C:\Documents and Settings\A Teresa Birns\Local Settings\desktop.ini [2009/05/24 23:53:56 | 00,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat [2009/05/24 23:47:56 | 00,501,248 | ---- | M] (OldTimer Tools) -- C:\DOCUME~1\ATERES~1\Desktop\OTListIt2.exe [2009/05/24 23:26:32 | 00,001,734 | ---- | M] () -- C:\DOCUME~1\ATERES~1\Desktop\HijackThis.lnk [2009/05/24 23:25:28 | 00,812,344 | ---- | M] (Trend Micro Inc.) -- C:\DOCUME~1\ATERES~1\Desktop\HJTInstall.exe [2009/05/24 16:50:52 | 00,081,984 | ---- | M] () -- C:\WINDOWS\System32\bdod.bin [2009/05/24 16:50:17 | 00,023,680 | ---- | M] () -- C:\WINDOWS\System32\nvModes.dat [2009/05/23 22:46:24 | 00,039,884 | ---- | M] () -- C:\DOCUME~1\ATERES~1\Desktop\Estate Back Office.png [2009/05/23 22:27:12 | 00,001,216 | ---- | M] () -- C:\DOCUME~1\ATERES~1\Desktop\stripe_27021b2ad9dea6e4848d150b0c9a7f98.png [2009/05/23 22:26:10 | 00,000,085 | ---- | M] () -- C:\DOCUME~1\ATERES~1\Desktop\stripe_35f24cfe5c6a911e02bae957b2151ae3.png [2009/05/22 20:13:59 | 00,000,696 | ---- | M] () -- C:\DOCUME~1\ALLUSE~1\Desktop\Malwarebytes' Anti-Malware.lnk [2009/05/22 20:11:32 | 02,967,800 | ---- | M] (Malwarebytes Corporation ) -- C:\DOCUME~1\ATERES~1\Desktop\mbam-setup.exe [2009/05/22 15:00:00 | 00,000,424 | ---- | M] () -- C:\WINDOWS\tasks\Norton Security Scan.job [2009/05/20 07:41:05 | 00,000,829 | ---- | M] () -- C:\DOCUME~1\ATERES~1\Desktop\QuickScan Folder.lnk [2009/05/19 16:55:00 | 00,000,472 | ---- | M] () -- C:\WINDOWS\tasks\Ad-Aware Update (Weekly).job [2009/05/17 20:15:42 | 00,000,524 | ---- | M] () -- C:\WINDOWS\System32\BDUpdateV1.xml [2009/05/12 08:26:13 | 00,120,320 | ---- | M] () -- C:\Documents and Settings\A Teresa Birns\My Documents\Expense review worksheet.xls [2009/05/12 08:14:36 | 01,727,333 | ---- | M] () -- C:\DOCUME~1\ATERES~1\Desktop\struempler.JPG [2009/05/07 15:58:23 | 00,034,816 | ---- | M] () -- C:\DOCUME~1\ATERES~1\Desktop\engravable gifts products.xls [2009/05/06 16:17:08 | 00,018,944 | ---- | M] () -- C:\DOCUME~1\ATERES~1\Desktop\PowerTek products.xls [2009/05/06 12:49:51 | 00,004,627 | ---- | M] () -- C:\DOCUME~1\ATERES~1\Desktop\PowerTekproducts.dat [2009/05/06 08:02:39 | 00,034,816 | ---- | M] () -- C:\DOCUME~1\ATERES~1\Desktop\engravable gifts products RECOVERED.xls [2009/05/05 13:17:32 | 00,285,874 | ---- | M] () -- C:\DOCUME~1\ATERES~1\Desktop\bd_sys_log.xml.zip [2009/05/05 07:52:26 | 00,001,863 | ---- | M] () -- C:\DOCUME~1\ALLUSE~1\Desktop\BitDefender Total Security 2009.lnk [2009/05/04 09:10:23 | 00,000,121 | ---- | M] () -- C:\WINDOWS\bdagent.INI [2009/05/04 07:24:13 | 00,000,524 | ---- | M] () -- C:\WINDOWS\System32\BDUpdateV1-old.xml [2009/04/30 16:03:04 | 00,012,368 | ---- | M] () -- C:\DOCUME~1\ATERES~1\Desktop\products(2) [2009/04/29 11:01:46 | 00,029,696 | ---- | M] () -- C:\DOCUME~1\ATERES~1\Desktop\Business Plan Narrative.doc [2009/04/28 16:06:42 | 00,017,408 | ---- | M] () -- C:\Documents and Settings\A Teresa Birns\My Documents\Kokopelli Traders emb. order form.xls [2009/04/28 15:34:31 | 00,017,920 | ---- | M] () -- C:\Documents and Settings\A Teresa Birns\My Documents\BLANK emb. order form.xls [2009/04/28 14:32:01 | 00,114,176 | ---- | M] () -- C:\DOCUME~1\ATERES~1\Desktop\bizplan.doc [2009/04/26 23:35:35 | 00,048,913 | ---- | M] () -- C:\DOCUME~1\ATERES~1\Desktop\Holly Birns w-2.pdf < End of report >