Possible infection/something bad? [Closed]

I accidentally deleted my My Documents folder yesterday. I was able to restore it with System Restore, but it's still buggy. I also downloaded something (okay, it was a *video* and I was stupid to do so) which caused me to get a BSOD that said it was for my computer's own good.

I've run all the suggested scans, and tried to run Avast but it got hung up, which was a big red flag for me. I have some know how of this kind of thing, but this has me stumped.

I don't have a MBAM logfile, but here's the other ones:

Root Repeal:

ROOTREPEAL © AD, 2007-2009
==================================================
Scan Start Time: 2009/08/03 13:49
Program Version: Version 1.3.3.0
Windows Version: Windows Vista SP1
==================================================

Drivers
-------------------
Name: dump_iaStor.sys
Image Path: C:\Windows\System32\Drivers\dump_iaStor.sys
Address: 0x8A704000 Size: 778240 File Visible: No Signed: -
Status: -

Name: rootrepeal.sys
Image Path: C:\Windows\system32\drivers\rootrepeal.sys
Address: 0x8F1EF000 Size: 49152 File Visible: No Signed: -
Status: -

Processes
-------------------
Path: System
PID: 4 Status: Locked to the Windows API!

Path: C:\Windows\System32\audiodg.exe
PID: 1276 Status: Locked to the Windows API!

==EOF==

OTL Log:

OTL logfile created on: 8/3/2009 1:57:13 PM - Run 1
OTL by OldTimer - Version 3.0.10.4 Folder = C:\Users\Rebecca\Desktop\Laptop Fix
Windows Vista Home Premium Edition Service Pack 1 (Version = 6.0.6001) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18813)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

2.00 Gb Total Physical Memory | 1.85 Gb Available Physical Memory | 92.60% Memory free
4.00 Gb Paging File | 4.00 Gb Available in Paging File | 100.00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 298.09 Gb Total Space | 128.23 Gb Free Space | 43.02% Space Free | Partition Type: NTFS
D: Drive not present or media not loaded
E: Drive not present or media not loaded
F: Drive not present or media not loaded
Drive G: | 7.50 Gb Total Space | 3.84 Gb Free Space | 51.16% Space Free | Partition Type: FAT32
H: Drive not present or media not loaded
I: Drive not present or media not loaded

Computer Name: REBECCA-PC
Current User Name: Rebecca
Logged in as Administrator.

Current Boot Mode: Normal
Scan Mode: Current user
Company Name Whitelist: Off
Skip Microsoft Files: Off
File Age = 30 Days
Output = Minimal

========== Processes (SafeList) ==========

PRC - C:\Windows\System32\WLTRYSVC.EXE ()
PRC - C:\Windows\System32\bcmwltry.exe (Dell Inc.)
PRC - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe (ALWIL Software)
PRC - C:\Program Files\Alwil Software\Avast4\ashServ.exe (ALWIL Software)
PRC - C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe (Lavasoft)
PRC - C:\Windows\System32\aestsrv.exe (Andrea Electronics Corporation)
PRC - C:\Program Files\AGI\common\win32\PythonService.exe ()
PRC - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe (Apple Inc.)
PRC - C:\Program Files\Bonjour\mDNSResponder.exe (Apple Inc.)
PRC - C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTMon.exe (Intel Corporation)
PRC - C:\Windows\System32\STacSV.exe (IDT, Inc.)
PRC - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE (Microsoft Corporation)
PRC - C:\Windows\System32\DRIVERS\xaudio.exe (Conexant Systems, Inc.)
PRC - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe (Microsoft Corporation)
PRC - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe (ALWIL Software)
PRC - C:\Windows\System32\wbem\unsecapp.exe (Microsoft Corporation)
PRC - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe (ALWIL Software)
PRC - C:\Windows\System32\wbem\wmiprvse.exe (Microsoft Corporation)
PRC - C:\Program Files\Alwil Software\Avast4\ashDisp.exe (ALWIL Software)
PRC - C:\Program Files\iPod\bin\iPodService.exe (Apple Inc.)
PRC - C:\Program Files\Windows Media Player\wmpnetwk.exe (Microsoft Corporation)
PRC - C:\Windows\System32\Taskmgr.exe (Microsoft Corporation)
PRC - C:\Windows\explorer.exe (Microsoft Corporation)
PRC - C:\Windows\System32\wbem\unsecapp.exe (Microsoft Corporation)
PRC - C:\Users\Rebecca\Desktop\Laptop Fix\OTL.exe (OldTimer Tools)
PRC - C:\Program Files\Unlocker\UnlockerAssistant.exe ()
PRC - C:\Program Files\Windows Media Player\wmplayer.exe (Microsoft Corporation)
PRC - C:\Windows\System32\WUDFHost.exe (Microsoft Corporation)

========== Win32 Services (SafeList) ==========

SRV - (AESTFilters [Auto | Running]) -- C:\Windows\System32\aestsrv.exe (Andrea Electronics Corporation)
SRV - (AGWinService [Auto | Running]) -- C:\Program Files\AGI\common\win32\PythonService.exe ()
SRV - (Apple Mobile Device [Auto | Running]) -- C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe (Apple Inc.)
SRV - (aswUpdSv [Auto | Running]) -- C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe (ALWIL Software)
SRV - (avast! Antivirus [Auto | Running]) -- C:\Program Files\Alwil Software\Avast4\ashServ.exe (ALWIL Software)
SRV - (avast! Mail Scanner [On_Demand | Running]) -- C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe (ALWIL Software)
SRV - (avast! Web Scanner [On_Demand | Running]) -- C:\Program Files\Alwil Software\Avast4\ashWebSv.exe (ALWIL Software)
SRV - (Bonjour Service [Auto | Running]) -- C:\Program Files\Bonjour\mDNSResponder.exe (Apple Inc.)
SRV - (clr_optimization_v2.0.50727_32 [On_Demand | Stopped]) -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe (Microsoft Corporation)
SRV - (ehRecvr [On_Demand | Stopped]) -- C:\Windows\ehome\ehRecvr.exe (Microsoft Corporation)
SRV - (ehSched [On_Demand | Stopped]) -- C:\Windows\ehome\ehsched.exe (Microsoft Corporation)
SRV - (ehstart [Auto | Stopped]) -- C:\Windows\ehome\ehstart.dll (Microsoft Corporation)
SRV - (Eventlog [Auto | Running]) -- C:\Windows\System32\wevtsvc.dll (Microsoft Corporation)
SRV - (FontCache3.0.0.0 [On_Demand | Stopped]) -- C:\Windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe (Microsoft Corporation)
SRV - (GoogleDesktopManager-110408-113106 [On_Demand | Stopped]) -- C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe (Google)
SRV - (gupdate1ca0950745ce880 [Auto | Stopped]) -- C:\Program Files\Google\Update\GoogleUpdate.exe (Google Inc.)
SRV - (gusvc [Auto | Stopped]) -- C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe (Google)
SRV - (IAANTMON [Auto | Running]) -- C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTMon.exe (Intel Corporation)
SRV - (idsvc [Unknown | Stopped]) -- C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe (Microsoft Corporation)
SRV - (iPod Service [On_Demand | Running]) -- C:\Program Files\iPod\bin\iPodService.exe (Apple Inc.)
SRV - (Lavasoft Ad-Aware Service [Auto | Running]) -- C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe (Lavasoft)
SRV - (NetTcpPortSharing [Disabled | Stopped]) -- C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe (Microsoft Corporation)
SRV - (odserv [On_Demand | Stopped]) -- C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE (Microsoft Corporation)
SRV - (ose [On_Demand | Stopped]) -- C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE (Microsoft Corporation)
SRV - (STacSV [Auto | Running]) -- C:\Windows\System32\STacSV.exe (IDT, Inc.)
SRV - (WinDefend [Auto | Running]) -- C:\Program Files\Windows Defender\mpsvc.dll (Microsoft Corporation)
SRV - (wlidsvc [Auto | Running]) -- C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE (Microsoft Corporation)
SRV - (wltrysvc [Auto | Running]) -- C:\Windows\System32\WLTRYSVC.EXE ()
SRV - (WMPNetworkSvc [Auto | Running]) -- C:\Program Files\Windows Media Player\wmpnetwk.exe (Microsoft Corporation)
SRV - (XAudioService [Auto | Running]) -- C:\Windows\System32\DRIVERS\xaudio.exe (Conexant Systems, Inc.)

========== Driver Services (SafeList) ==========

DRV - (adp94xx [Disabled | Stopped]) -- C:\Windows\system32\drivers\adp94xx.sys (Adaptec, Inc.)
DRV - (adpahci [Disabled | Stopped]) -- C:\Windows\system32\drivers\adpahci.sys (Adaptec, Inc.)
DRV - (adpu160m [Disabled | Stopped]) -- C:\Windows\system32\drivers\adpu160m.sys (Adaptec, Inc.)
DRV - (adpu320 [Disabled | Stopped]) -- C:\Windows\system32\drivers\adpu320.sys (Adaptec, Inc.)
DRV - (aic78xx [Disabled | Stopped]) -- C:\Windows\system32\drivers\djsvs.sys (Adaptec, Inc.)
DRV - (aliide [Disabled | Stopped]) -- C:\Windows\system32\drivers\aliide.sys (Acer Laboratories Inc.)
DRV - (ApfiltrService [On_Demand | Running]) -- C:\Windows\System32\DRIVERS\Apfiltr.sys (Alps Electric Co., Ltd.)
DRV - (arc [Disabled | Stopped]) -- C:\Windows\system32\drivers\arc.sys (Adaptec, Inc.)
DRV - (arcsas [Disabled | Stopped]) -- C:\Windows\system32\drivers\arcsas.sys (Adaptec, Inc.)
DRV - (aswFsBlk [Auto | Running]) -- C:\Windows\System32\DRIVERS\aswFsBlk.sys (ALWIL Software)
DRV - (aswMonFlt [Auto | Running]) -- C:\Windows\System32\DRIVERS\aswMonFlt.sys (ALWIL Software)
DRV - (aswRdr [System | Running]) -- C:\Windows\System32\drivers\aswRdr.sys (ALWIL Software)
DRV - (aswSP [System | Running]) -- C:\Windows\System32\drivers\aswSP.sys (ALWIL Software)
DRV - (aswTdi [System | Running]) -- C:\Windows\System32\drivers\aswTdi.sys (ALWIL Software)
DRV - (BCM43XX [On_Demand | Running]) -- C:\Windows\System32\DRIVERS\bcmwl6.sys (Broadcom Corp.)
DRV - (BrFiltLo [On_Demand | Stopped]) -- C:\Windows\system32\drivers\brfiltlo.sys (Brother Industries, Ltd.)
DRV - (BrFiltUp [On_Demand | Stopped]) -- C:\Windows\system32\drivers\brfiltup.sys (Brother Industries, Ltd.)
DRV - (Brserid [Disabled | Stopped]) -- C:\Windows\system32\drivers\brserid.sys (Brother Industries Ltd.)
DRV - (BrSerWdm [Disabled | Stopped]) -- C:\Windows\system32\drivers\brserwdm.sys (Brother Industries Ltd.)
DRV - (BrUsbMdm [Disabled | Stopped]) -- C:\Windows\system32\drivers\brusbmdm.sys (Brother Industries Ltd.)
DRV - (BrUsbSer [On_Demand | Stopped]) -- C:\Windows\system32\drivers\brusbser.sys (Brother Industries Ltd.)
DRV - (cmdide [Disabled | Stopped]) -- C:\Windows\system32\drivers\cmdide.sys (CMD Technology, Inc.)
DRV - (E1G60 [On_Demand | Stopped]) -- C:\Windows\System32\DRIVERS\E1G60I32.sys (Intel Corporation)
DRV - (elxstor [Disabled | Stopped]) -- C:\Windows\system32\drivers\elxstor.sys (Emulex)
DRV - (GEARAspiWDM [On_Demand | Running]) -- C:\Windows\System32\DRIVERS\GEARAspiWDM.sys (GEAR Software Inc.)
DRV - (HpCISSs [Disabled | Stopped]) -- C:\Windows\system32\drivers\hpcisss.sys (Hewlett-Packard Company)
DRV - (HSFHWAZL [On_Demand | Stopped]) -- C:\Windows\System32\DRIVERS\VSTAZL3.SYS (Conexant Systems, Inc.)
DRV - (HSF_DPV [On_Demand | Running]) -- C:\Windows\System32\DRIVERS\HSX_DPV.sys (Conexant Systems, Inc.)
DRV - (HSXHWAZL [On_Demand | Running]) -- C:\Windows\System32\DRIVERS\HSXHWAZL.sys (Conexant Systems, Inc.)
DRV - (iaStor [Boot | Running]) -- C:\Windows\system32\DRIVERS\iaStor.sys (Intel Corporation)
DRV - (iaStorV [Disabled | Stopped]) -- C:\Windows\system32\drivers\iastorv.sys (Intel Corporation)
DRV - (ICDUSB3 [On_Demand | Stopped]) -- C:\Windows\System32\Drivers\ICDUSB3.sys (Sony Corporation)
DRV - (igfx [On_Demand | Running]) -- C:\Windows\System32\DRIVERS\igdkmd32.sys (Intel Corporation)
DRV - (iirsp [Disabled | Stopped]) -- C:\Windows\system32\drivers\iirsp.sys (Intel Corp./ICP vortex GmbH)
DRV - (IntcHdmiAddService [On_Demand | Running]) -- C:\Windows\System32\drivers\IntcHdmi.sys (Intel® Corporation)
DRV - (iteatapi [Disabled | Stopped]) -- C:\Windows\system32\drivers\iteatapi.sys (Integrated Technology Express, Inc.)
DRV - (iteraid [Disabled | Stopped]) -- C:\Windows\system32\drivers\iteraid.sys (Integrated Technology Express, Inc.)
DRV - (Lbd [Boot | Running]) -- C:\Windows\system32\DRIVERS\Lbd.sys (Lavasoft AB)
DRV - (LSI_FC [Disabled | Stopped]) -- C:\Windows\system32\drivers\lsi_fc.sys (LSI Logic)
DRV - (LSI_SAS [Disabled | Stopped]) -- C:\Windows\system32\drivers\lsi_sas.sys (LSI Logic)
DRV - (LSI_SCSI [Disabled | Stopped]) -- C:\Windows\system32\drivers\lsi_scsi.sys (LSI Logic)
DRV - (mdmxsdk [Auto | Running]) -- C:\Windows\System32\DRIVERS\mdmxsdk.sys (Conexant)
DRV - (megasas [Disabled | Stopped]) -- C:\Windows\system32\drivers\megasas.sys (LSI Corporation)
DRV - (MegaSR [Disabled | Stopped]) -- C:\Windows\system32\drivers\megasr.sys (LSI Corporation, Inc.)
DRV - (Mraid35x [Disabled | Stopped]) -- C:\Windows\system32\drivers\mraid35x.sys (LSI Logic Corporation)
DRV - (nfrd960 [Disabled | Stopped]) -- C:\Windows\system32\drivers\nfrd960.sys (IBM Corporation)
DRV - (ntrigdigi [Disabled | Stopped]) -- C:\Windows\system32\drivers\ntrigdigi.sys (N-trig Innovative Technologies)
DRV - (NuidFltr [On_Demand | Running]) -- C:\Windows\System32\DRIVERS\NuidFltr.sys (Microsoft Corporation)
DRV - (nvraid [Disabled | Stopped]) -- C:\Windows\system32\drivers\nvraid.sys (NVIDIA Corporation)
DRV - (nvstor [Disabled | Stopped]) -- C:\Windows\system32\drivers\nvstor.sys (NVIDIA Corporation)
DRV - (OEM02Dev [On_Demand | Running]) -- C:\Windows\System32\DRIVERS\OEM02Dev.sys (Creative Technology Ltd.)
DRV - (OEM02Vfx [On_Demand | Running]) -- C:\Windows\System32\DRIVERS\OEM02Vfx.sys (EyePower Games Pte. Ltd.)
DRV - (pcouffin [On_Demand | Running]) -- C:\Windows\System32\Drivers\pcouffin.sys (VSO Software)
DRV - (PxHelp20 [Boot | Running]) -- C:\Windows\System32\Drivers\PxHelp20.sys (Sonic Solutions)
DRV - (ql2300 [Disabled | Stopped]) -- C:\Windows\system32\drivers\ql2300.sys (QLogic Corporation)
DRV - (ql40xx [Disabled | Stopped]) -- C:\Windows\system32\drivers\ql40xx.sys (QLogic Corporation)
DRV - (rimmptsk [Auto | Running]) -- C:\Windows\System32\DRIVERS\rimmptsk.sys (REDC)
DRV - (rimsptsk [Auto | Running]) -- C:\Windows\System32\DRIVERS\rimsptsk.sys (REDC)
DRV - (rismxdp [Auto | Running]) -- C:\Windows\System32\DRIVERS\rixdptsk.sys (REDC)
DRV - (secdrv [Auto | Running]) -- C:\Windows\System32\drivers\secdrv.sys (Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K.)
DRV - (SiSRaid4 [Disabled | Stopped]) -- C:\Windows\system32\drivers\sisraid4.sys (Silicon Integrated Systems)
DRV - (STHDA [On_Demand | Running]) -- C:\Windows\System32\drivers\stwrt.sys (IDT, Inc.)
DRV - (Symc8xx [Disabled | Stopped]) -- C:\Windows\system32\drivers\symc8xx.sys (LSI Logic)
DRV - (Sym_hi [Disabled | Stopped]) -- C:\Windows\system32\drivers\sym_hi.sys (LSI Logic)
DRV - (Sym_u3 [Disabled | Stopped]) -- C:\Windows\system32\drivers\sym_u3.sys (LSI Logic)
DRV - (uliahci [Disabled | Stopped]) -- C:\Windows\system32\drivers\uliahci.sys (ULi Electronics Inc.)
DRV - (UlSata [Disabled | Stopped]) -- C:\Windows\system32\drivers\ulsata.sys (Promise Technology, Inc.)
DRV - (ulsata2 [Disabled | Stopped]) -- C:\Windows\system32\drivers\ulsata2.sys (Promise Technology, Inc.)
DRV - (viaide [Disabled | Stopped]) -- C:\Windows\system32\drivers\viaide.sys (VIA Technologies, Inc.)
DRV - (vsmraid [Disabled | Stopped]) -- C:\Windows\system32\drivers\vsmraid.sys (VIA Technologies Inc.,Ltd)
DRV - (winachsf [On_Demand | Running]) -- C:\Windows\System32\DRIVERS\HSX_CNXT.sys (Conexant Systems, Inc.)
DRV - (XAudio [Auto | Running]) -- C:\Windows\System32\DRIVERS\xaudio.sys (Conexant Systems, Inc.)
DRV - (yukonwlh [On_Demand | Running]) -- C:\Windows\System32\DRIVERS\yk60x86.sys (Marvell)

========== Standard Registry (SafeList) ==========

========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft....k/?LinkId=69157
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft....k/?LinkId=54896
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = [binary data]
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Extensions Off Page = about:NoAdd-ons
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\System32\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft....k/?LinkId=54896
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Security Risk Page = about:SecurityRisk
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft....k/?LinkId=69157

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\system32\blank.htm
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft....k/?LinkId=54896
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 1
IE - URLSearchHook: {0BC6E3FA-78EF-4886-842C-5A1258C4455A} - C:\Program Files\AGI\common\agcutils.dll (TODO: <Company name>)
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local

========== FireFox ==========

FF - prefs.js..browser.search.useDBForOrder: true
FF - prefs.js..browser.startup.homepage: "http://www.google.com/ig?hl=en&source=iglk"
FF - prefs.js..extensions.enabledItems: {DCBD1271-D228-4082-9FBC-36D9B7660B03}:1.1.8
FF - prefs.js..extensions.enabledItems: waybackbutton@lazar.kovacevic:1.2.1
FF - prefs.js..extensions.enabledItems: {d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}:1.1
FF - prefs.js..extensions.enabledItems: {987311C6-B504-4aa2-90BF-60CC49808D42}:2.1
FF - prefs.js..extensions.enabledItems: clean_and_close@csb7.com:2.3
FF - prefs.js..extensions.enabledItems: {0545b830-f0aa-4d7e-8820-50a4629a56fe}:3.9.3
FF - prefs.js..extensions.enabledItems: {6AC85730-7D0F-4de0-B3FA-21142DD85326}:2.0.2
FF - prefs.js..extensions.enabledItems: {DDC359D1-844A-42a7-9AA1-88A850A938A8}:1.1.4
FF - prefs.js..extensions.enabledItems: {4BBDD651-70CF-4821-84F8-2B918CF89CA3}:6.2
FF - prefs.js..extensions.enabledItems: {d37dc5d0-431d-44e5-8c91-49419370caa1}:2.5.33
FF - prefs.js..extensions.enabledItems: {463F6CA5-EE3C-4be1-B7E6-7FEE11953374}:3.5.5
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0012-ABCDEFFEDCBA}:6.0.12
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0013-ABCDEFFEDCBA}:6.0.13
FF - prefs.js..extensions.enabledItems: {a95d8332-e4b4-6e7f-98ac-20b733364387}:0.4.3
FF - prefs.js..extensions.enabledItems: homo_nudus@livejournal.com:8.7.1
FF - prefs.js..extensions.enabledItems: {20a82645-c095-46ed-80e3-08825760534b}:1.1
FF - prefs.js..extensions.enabledItems: myTimeZone@smartgamez.org:1.7
FF - prefs.js..extensions.enabledItems: {6b2a52f3-07c2-4c37-bf05-efa81b340ea1}:1.04
FF - prefs.js..extensions.enabledItems: {37E4D8EA-8BDA-4831-8EA1-89053939A250}:2.2.0.2
FF - prefs.js..extensions.enabledItems: personas@christopher.beard:1.2.1
FF - prefs.js..extensions.enabledItems: {b2509cd4-17cd-45ed-8146-a82af038f493}:1.30
FF - prefs.js..extensions.enabledItems: {ABDE892B-13A8-4d1b-88E6-365A6E755758}:1.0
FF - prefs.js..extensions.enabledItems: enquiries@retailmenot.com:2.3
FF - prefs.js..extensions.enabledItems: {02450954-cdd9-410f-b1da-db804e18c671}:0.96.1
FF - prefs.js..extensions.enabledItems: {AE93811A-5C9A-4d34-8462-F7B864FC4696}:3.38
FF - prefs.js..extensions.enabledItems: {46551EC9-40F0-4e47-8E18-8E5CF550CFB8}:1.0.5
FF - prefs.js..extensions.enabledItems: {dc572301-7619-498c-a57d-39143191b318}:0.3.7.4pre.090516
FF - prefs.js..extensions.enabledItems: twitternotifier@naan.net:1.8.3
FF - prefs.js..extensions.enabledItems: twittytunes@extras.foxytunes.com:0.5.4
FF - prefs.js..extensions.enabledItems: twitzerTiny@shorttext.com:1.31
FF - prefs.js..extensions.enabledItems: youtube-comment-snob@efinke.com:1.3
FF - prefs.js..extensions.enabledItems: youtube2mp3@mondayx.de:1.0.4
FF - prefs.js..extensions.enabledItems: {5f991430-50c5-11dd-ae16-0800200c9a66}:1.1pre1
FF - prefs.js..extensions.enabledItems: {d5890af0-d08c-11dd-ad8b-0800200c9a66}:1.0
FF - prefs.js..extensions.enabledItems: {972ce4c6-7e08-4474-a285-3208198ce6fd}:3.0.11
FF - prefs.js..extensions.enabledItems: {173487d0-5384-11dd-ae16-0800200c9a66}:0.4
FF - prefs.js..extensions.enabledItems: {BF32D2C8-9C75-404b-ACF4-880DB4679236}:1.1
FF - prefs.js..extensions.enabledItems: {a5df3a10-fc31-11dd-87af-0800200c9a66}:1.0.0.0.1
FF - prefs.js..extensions.enabledItems: {3f757d21-0b80-4009-a796-2b883bee6476}:1.0
FF - prefs.js..extensions.enabledItems: {285da7e0-729d-11db-9fe1-0800200c9a66}:2.121408
FF - prefs.js..extensions.enabledItems: {5A170DD3-63CA-4c58-93B7-DE9FF536C2FF}:1.8.50
FF - prefs.js..extensions.enabledItems: {C288E3D6-3588-4b60-BD4A-7413899D269B}:1.1
FF - prefs.js..extensions.enabledItems: theme@yogurttree.com:0.4

FF - HKLM\software\mozilla\Firefox\Extensions\\{ABDE892B-13A8-4d1b-88E6-365A6E755758}: C:\Program Files\Real\RealPlayer\browserrecord [2008/12/09 23:47:34 | 00,000,000 | ---D | M]
FF - HKLM\software\mozilla\Firefox\Extensions\\{20a82645-c095-46ed-80e3-08825760534b}: c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\ [2009/07/08 14:38:47 | 00,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.0.11\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2009/07/14 07:55:23 | 00,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.0.11\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2009/07/14 07:55:23 | 00,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Thunderbird 2.0.0.22\extensions\\Components: C:\Program Files\Mozilla Thunderbird\components [2009/06/24 15:14:30 | 00,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Thunderbird 2.0.0.22\extensions\\Plugins: C:\Program Files\Mozilla Thunderbird\plugins [2009/06/02 17:17:48 | 00,000,000 | ---D | M]

[2008/12/09 18:21:48 | 00,000,000 | ---D | M] -- C:\Users\Rebecca\AppData\Roaming\mozilla\Extensions
[2008/12/09 18:21:48 | 00,000,000 | ---D | M] -- C:\Users\Rebecca\AppData\Roaming\mozilla\Extensions\{ec8030f7-c20a-464f-9b0e-13a3a9e97384}
[2009/08/03 03:45:52 | 00,000,000 | ---D | M] -- C:\Users\Rebecca\AppData\Roaming\mozilla\Firefox\Profiles\7y737qrl.default\extensions
[2009/03/09 13:40:39 | 00,000,000 | ---D | M] -- C:\Users\Rebecca\AppData\Roaming\mozilla\Firefox\Profiles\7y737qrl.default\extensions\{02450954-cdd9-410f-b1da-db804e18c671}
[2009/08/01 14:24:56 | 00,000,000 | ---D | M] -- C:\Users\Rebecca\AppData\Roaming\mozilla\Firefox\Profiles\7y737qrl.default\extensions\{04CA07AB-7FC3-4110-A83F-EF1E6B75D5B0}(64)
[2009/08/02 20:58:21 | 00,000,000 | ---D | M] -- C:\Users\Rebecca\AppData\Roaming\mozilla\Firefox\Profiles\7y737qrl.default\extensions\{0545b830-f0aa-4d7e-8820-50a4629a56fe}
[2009/08/01 14:25:17 | 00,000,000 | ---D | M] -- C:\Users\Rebecca\AppData\Roaming\mozilla\Firefox\Profiles\7y737qrl.default\extensions\{0545b830-f0aa-4d7e-8820-50a4629a56fe}(65)
[2009/08/01 14:24:57 | 00,000,000 | ---D | M] -- C:\Users\Rebecca\AppData\Roaming\mozilla\Firefox\Profiles\7y737qrl.default\extensions\{069FB356-C69F-7349-D092-AB28AF836D0E}(66)
[2009/01/23 19:11:22 | 00,000,000 | ---D | M] -- C:\Users\Rebecca\AppData\Roaming\mozilla\Firefox\Profiles\7y737qrl.default\extensions\{1280606b-2510-4fe0-97ef-9b5a22eafe30}(203)
[2008/12/09 18:28:51 | 00,000,000 | ---D | M] -- C:\Users\Rebecca\AppData\Roaming\mozilla\Firefox\Profiles\7y737qrl.default\extensions\{173487d0-5384-11dd-ae16-0800200c9a66}
[2009/07/10 14:52:59 | 00,000,000 | ---D | M] -- C:\Users\Rebecca\AppData\Roaming\mozilla\Firefox\Profiles\7y737qrl.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}
[2008/12/17 23:37:25 | 00,000,000 | ---D | M] -- C:\Users\Rebecca\AppData\Roaming\mozilla\Firefox\Profiles\7y737qrl.default\extensions\{285da7e0-729d-11db-9fe1-0800200c9a66}
[2009/05/28 01:48:51 | 00,000,000 | ---D | M] -- C:\Users\Rebecca\AppData\Roaming\mozilla\Firefox\Profiles\7y737qrl.default\extensions\{37E4D8EA-8BDA-4831-8EA1-89053939A250}
[2008/12/11 16:03:32 | 00,000,000 | ---D | M] -- C:\Users\Rebecca\AppData\Roaming\mozilla\Firefox\Profiles\7y737qrl.default\extensions\{3f757d21-0b80-4009-a796-2b883bee6476}
[2009/05/09 17:11:36 | 00,000,000 | ---D | M] -- C:\Users\Rebecca\AppData\Roaming\mozilla\Firefox\Profiles\7y737qrl.default\extensions\{463F6CA5-EE3C-4be1-B7E6-7FEE11953374}
[2009/07/14 19:45:22 | 00,000,000 | ---D | M] -- C:\Users\Rebecca\AppData\Roaming\mozilla\Firefox\Profiles\7y737qrl.default\extensions\{46551EC9-40F0-4e47-8E18-8E5CF550CFB8}
[2009/08/03 03:44:58 | 00,000,000 | ---D | M] -- C:\Users\Rebecca\AppData\Roaming\mozilla\Firefox\Profiles\7y737qrl.default\extensions\{4BBDD651-70CF-4821-84F8-2B918CF89CA3}
[2009/08/01 14:25:16 | 00,000,000 | ---D | M] -- C:\Users\Rebecca\AppData\Roaming\mozilla\Firefox\Profiles\7y737qrl.default\extensions\{4BBDD651-70CF-4821-84F8-2B918CF89CA3}(67)
[2009/05/28 01:41:39 | 00,000,000 | ---D | M] -- C:\Users\Rebecca\AppData\Roaming\mozilla\Firefox\Profiles\7y737qrl.default\extensions\{5A170DD3-63CA-4c58-93B7-DE9FF536C2FF}
[2009/05/21 23:20:45 | 00,000,000 | ---D | M] -- C:\Users\Rebecca\AppData\Roaming\mozilla\Firefox\Profiles\7y737qrl.default\extensions\{5f991430-50c5-11dd-ae16-0800200c9a66}
[2009/02/14 14:33:16 | 00,000,000 | ---D | M] -- C:\Users\Rebecca\AppData\Roaming\mozilla\Firefox\Profiles\7y737qrl.default\extensions\{6AC85730-7D0F-4de0-B3FA-21142DD85326}
[2008/12/11 00:22:31 | 00,000,000 | ---D | M] -- C:\Users\Rebecca\AppData\Roaming\mozilla\Firefox\Profiles\7y737qrl.default\extensions\{6b2a52f3-07c2-4c37-bf05-efa81b340ea1}
[2008/12/16 15:43:07 | 00,000,000 | ---D | M] -- C:\Users\Rebecca\AppData\Roaming\mozilla\Firefox\Profiles\7y737qrl.default\extensions\{987311C6-B504-4aa2-90BF-60CC49808D42}
[2009/05/21 23:20:32 | 00,000,000 | ---D | M] -- C:\Users\Rebecca\AppData\Roaming\mozilla\Firefox\Profiles\7y737qrl.default\extensions\{a5df3a10-fc31-11dd-87af-0800200c9a66}
[2009/06/29 18:27:36 | 00,000,000 | ---D | M] -- C:\Users\Rebecca\AppData\Roaming\mozilla\Firefox\Profiles\7y737qrl.default\extensions\{a95d8332-e4b4-6e7f-98ac-20b733364387}
[2009/07/24 16:23:54 | 00,000,000 | ---D | M] -- C:\Users\Rebecca\AppData\Roaming\mozilla\Firefox\Profiles\7y737qrl.default\extensions\{AE93811A-5C9A-4d34-8462-F7B864FC4696}
[2009/06/29 18:27:43 | 00,000,000 | ---D | M] -- C:\Users\Rebecca\AppData\Roaming\mozilla\Firefox\Profiles\7y737qrl.default\extensions\{b2509cd4-17cd-45ed-8146-a82af038f493}
[2008/12/11 15:57:26 | 00,000,000 | ---D | M] -- C:\Users\Rebecca\AppData\Roaming\mozilla\Firefox\Profiles\7y737qrl.default\extensions\{BF32D2C8-9C75-404b-ACF4-880DB4679236}
[2008/12/10 23:02:24 | 00,000,000 | ---D | M] -- C:\Users\Rebecca\AppData\Roaming\mozilla\Firefox\Profiles\7y737qrl.default\extensions\{C288E3D6-3588-4b60-BD4A-7413899D269B}
[2009/07/14 19:45:11 | 00,000,000 | ---D | M] -- C:\Users\Rebecca\AppData\Roaming\mozilla\Firefox\Profiles\7y737qrl.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}
[2009/05/12 22:06:15 | 00,000,000 | ---D | M] -- C:\Users\Rebecca\AppData\Roaming\mozilla\Firefox\Profiles\7y737qrl.default\extensions\{d37dc5d0-431d-44e5-8c91-49419370caa1}
[2009/05/21 23:19:22 | 00,000,000 | ---D | M] -- C:\Users\Rebecca\AppData\Roaming\mozilla\Firefox\Profiles\7y737qrl.default\extensions\{d5890af0-d08c-11dd-ad8b-0800200c9a66}
[2009/06/30 17:03:47 | 00,000,000 | ---D | M] -- C:\Users\Rebecca\AppData\Roaming\mozilla\Firefox\Profiles\7y737qrl.default\extensions\{dc572301-7619-498c-a57d-39143191b318}
[2008/12/28 21:20:20 | 00,000,000 | ---D | M] -- C:\Users\Rebecca\AppData\Roaming\mozilla\Firefox\Profiles\7y737qrl.default\extensions\{DCBD1271-D228-4082-9FBC-36D9B7660B03}
[2009/07/02 22:26:13 | 00,000,000 | ---D | M] -- C:\Users\Rebecca\AppData\Roaming\mozilla\Firefox\Profiles\7y737qrl.default\extensions\{DDC359D1-844A-42a7-9AA1-88A850A938A8}
[2009/07/25 13:32:22 | 00,000,000 | ---D | M] -- C:\Users\Rebecca\AppData\Roaming\mozilla\Firefox\Profiles\7y737qrl.default\extensions\{EE223D7A-F30F-11DD-8F0A-D2AD55D89593}
[2009/02/27 16:25:07 | 00,000,000 | ---D | M] -- C:\Users\Rebecca\AppData\Roaming\mozilla\Firefox\Profiles\7y737qrl.default\extensions\clean_and_close@csb7.com
[2009/05/30 22:58:02 | 00,000,000 | ---D | M] -- C:\Users\Rebecca\AppData\Roaming\mozilla\Firefox\Profiles\7y737qrl.default\extensions\enquiries@retailmenot.com
[2009/06/29 18:27:42 | 00,000,000 | ---D | M] -- C:\Users\Rebecca\AppData\Roaming\mozilla\Firefox\Profiles\7y737qrl.default\extensions\homo_nudus@livejournal.com
[2008/12/09 18:28:28 | 00,000,000 | ---D | M] -- C:\Users\Rebecca\AppData\Roaming\mozilla\Firefox\Profiles\7y737qrl.default\extensions\instaclick@leahscape.com
[2008/12/09 18:28:28 | 00,000,000 | ---D | M] -- C:\Users\Rebecca\AppData\Roaming\mozilla\Firefox\Profiles\7y737qrl.default\extensions\myTimeZone@smartgamez.org
[2008/12/10 23:23:05 | 00,000,000 | ---D | M] -- C:\Users\Rebecca\AppData\Roaming\mozilla\Firefox\Profiles\7y737qrl.default\extensions\OMG@olive
[2009/06/30 17:03:47 | 00,000,000 | ---D | M] -- C:\Users\Rebecca\AppData\Roaming\mozilla\Firefox\Profiles\7y737qrl.default\extensions\personas@christopher.beard
[2009/07/07 21:36:41 | 00,000,000 | ---D | M] -- C:\Users\Rebecca\AppData\Roaming\mozilla\Firefox\Profiles\7y737qrl.default\extensions\theme@yogurttree.com
[2009/07/17 10:42:33 | 00,000,000 | ---D | M] -- C:\Users\Rebecca\AppData\Roaming\mozilla\Firefox\Profiles\7y737qrl.default\extensions\twitternotifier@naan.net
[2009/03/10 17:43:50 | 00,000,000 | ---D | M] -- C:\Users\Rebecca\AppData\Roaming\mozilla\Firefox\Profiles\7y737qrl.default\extensions\twittytunes@extras.foxytunes.com
[2009/07/05 06:06:00 | 00,000,000 | ---D | M] -- C:\Users\Rebecca\AppData\Roaming\mozilla\Firefox\Profiles\7y737qrl.default\extensions\twitzerTiny@shorttext.com
[2008/12/09 18:28:35 | 00,000,000 | ---D | M] -- C:\Users\Rebecca\AppData\Roaming\mozilla\Firefox\Profiles\7y737qrl.default\extensions\waybackbutton@lazar.kovacevic
[2009/07/14 19:45:29 | 00,000,000 | ---D | M] -- C:\Users\Rebecca\AppData\Roaming\mozilla\Firefox\Profiles\7y737qrl.default\extensions\youtube2mp3@mondayx.de
[2008/12/09 18:28:35 | 00,000,000 | ---D | M] -- C:\Users\Rebecca\AppData\Roaming\mozilla\Firefox\Profiles\7y737qrl.default\extensions\youtube-comment-snob@efinke.com
[2009/08/02 20:28:53 | 00,000,000 | ---D | M] -- C:\Users\Rebecca\AppData\Roaming\mozilla\Firefox\Profiles\febeprof.backup\extensions
[2009/08/02 20:28:41 | 00,000,000 | ---D | M] -- C:\Users\Rebecca\AppData\Roaming\mozilla\Firefox\Profiles\febeprof.backup\extensions\{02450954-cdd9-410f-b1da-db804e18c671}
[2009/08/02 20:28:43 | 00,000,000 | ---D | M] -- C:\Users\Rebecca\AppData\Roaming\mozilla\Firefox\Profiles\febeprof.backup\extensions\{04CA07AB-7FC3-4110-A83F-EF1E6B75D5B0}
[2009/08/02 20:28:40 | 00,000,000 | ---D | M] -- C:\Users\Rebecca\AppData\Roaming\mozilla\Firefox\Profiles\febeprof.backup\extensions\{069FB356-C69F-7349-D092-AB28AF836D0E}
[2009/08/02 20:28:48 | 00,000,000 | ---D | M] -- C:\Users\Rebecca\AppData\Roaming\mozilla\Firefox\Profiles\febeprof.backup\extensions\{1280606b-2510-4fe0-97ef-9b5a22eafe30}(203)
[2009/08/02 20:28:45 | 00,000,000 | ---D | M] -- C:\Users\Rebecca\AppData\Roaming\mozilla\Firefox\Profiles\febeprof.backup\extensions\{173487d0-5384-11dd-ae16-0800200c9a66}
[2009/08/02 20:28:52 | 00,000,000 | ---D | M] -- C:\Users\Rebecca\AppData\Roaming\mozilla\Firefox\Profiles\febeprof.backup\extensions\{20a82645-c095-46ed-80e3-08825760534b}
[2009/08/02 20:28:27 | 00,000,000 | ---D | M] -- C:\Users\Rebecca\AppData\Roaming\mozilla\Firefox\Profiles\febeprof.backup\extensions\{285da7e0-729d-11db-9fe1-0800200c9a66}
[2009/08/02 20:28:52 | 00,000,000 | ---D | M] -- C:\Users\Rebecca\AppData\Roaming\mozilla\Firefox\Profiles\febeprof.backup\extensions\{37E4D8EA-8BDA-4831-8EA1-89053939A250}
[2009/08/02 20:28:52 | 00,000,000 | ---D | M] -- C:\Users\Rebecca\AppData\Roaming\mozilla\Firefox\Profiles\febeprof.backup\extensions\{3f757d21-0b80-4009-a796-2b883bee6476}
[2009/08/02 20:28:47 | 00,000,000 | ---D | M] -- C:\Users\Rebecca\AppData\Roaming\mozilla\Firefox\Profiles\febeprof.backup\extensions\{463F6CA5-EE3C-4be1-B7E6-7FEE11953374}
[2009/08/02 20:28:33 | 00,000,000 | ---D | M] -- C:\Users\Rebecca\AppData\Roaming\mozilla\Firefox\Profiles\febeprof.backup\extensions\{46551EC9-40F0-4e47-8E18-8E5CF550CFB8}
[2009/08/02 20:28:46 | 00,000,000 | ---D | M] -- C:\Users\Rebecca\AppData\Roaming\mozilla\Firefox\Profiles\febeprof.backup\extensions\{4BBDD651-70CF-4821-84F8-2B918CF89CA3}
[2009/08/02 20:28:30 | 00,000,000 | ---D | M] -- C:\Users\Rebecca\AppData\Roaming\mozilla\Firefox\Profiles\febeprof.backup\extensions\{5f991430-50c5-11dd-ae16-0800200c9a66}
[2009/08/02 20:28:53 | 00,000,000 | ---D | M] -- C:\Users\Rebecca\AppData\Roaming\mozilla\Firefox\Profiles\febeprof.backup\extensions\{6AC85730-7D0F-4de0-B3FA-21142DD85326}
[2009/08/02 20:28:35 | 00,000,000 | ---D | M] -- C:\Users\Rebecca\AppData\Roaming\mozilla\Firefox\Profiles\febeprof.backup\extensions\{6b2a52f3-07c2-4c37-bf05-efa81b340ea1}
[2009/08/02 20:28:47 | 00,000,000 | ---D | M] -- C:\Users\Rebecca\AppData\Roaming\mozilla\Firefox\Profiles\febeprof.backup\extensions\{987311C6-B504-4aa2-90BF-60CC49808D42}
[2009/08/02 20:28:26 | 00,000,000 | ---D | M] -- C:\Users\Rebecca\AppData\Roaming\mozilla\Firefox\Profiles\febeprof.backup\extensions\{a95d8332-e4b4-6e7f-98ac-20b733364387}
[2009/08/02 20:28:42 | 00,000,000 | ---D | M] -- C:\Users\Rebecca\AppData\Roaming\mozilla\Firefox\Profiles\febeprof.backup\extensions\{AE93811A-5C9A-4d34-8462-F7B864FC4696}
[2009/08/02 20:28:30 | 00,000,000 | ---D | M] -- C:\Users\Rebecca\AppData\Roaming\mozilla\Firefox\Profiles\febeprof.backup\extensions\{b2509cd4-17cd-45ed-8146-a82af038f493}
[2009/08/02 20:28:52 | 00,000,000 | ---D | M] -- C:\Users\Rebecca\AppData\Roaming\mozilla\Firefox\Profiles\febeprof.backup\extensions\{C288E3D6-3588-4b60-BD4A-7413899D269B}
[2009/08/02 20:28:51 | 00,000,000 | ---D | M] -- C:\Users\Rebecca\AppData\Roaming\mozilla\Firefox\Profiles\febeprof.backup\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}
[2009/08/02 20:28:53 | 00,000,000 | ---D | M] -- C:\Users\Rebecca\AppData\Roaming\mozilla\Firefox\Profiles\febeprof.backup\extensions\{d37dc5d0-431d-44e5-8c91-49419370caa1}
[2009/08/02 20:28:41 | 00,000,000 | ---D | M] -- C:\Users\Rebecca\AppData\Roaming\mozilla\Firefox\Profiles\febeprof.backup\extensions\{d5890af0-d08c-11dd-ad8b-0800200c9a66}
[2009/08/02 20:28:45 | 00,000,000 | ---D | M] -- C:\Users\Rebecca\AppData\Roaming\mozilla\Firefox\Profiles\febeprof.backup\extensions\{dc572301-7619-498c-a57d-39143191b318}
[2009/08/02 20:28:20 | 00,000,000 | ---D | M] -- C:\Users\Rebecca\AppData\Roaming\mozilla\Firefox\Profiles\febeprof.backup\extensions\{DCBD1271-D228-4082-9FBC-36D9B7660B03}
[2009/08/02 20:28:44 | 00,000,000 | ---D | M] -- C:\Users\Rebecca\AppData\Roaming\mozilla\Firefox\Profiles\febeprof.backup\extensions\{DDC359D1-844A-42a7-9AA1-88A850A938A8}
[2009/08/02 20:28:35 | 00,000,000 | ---D | M] -- C:\Users\Rebecca\AppData\Roaming\mozilla\Firefox\Profiles\febeprof.backup\extensions\{EE223D7A-F30F-11DD-8F0A-D2AD55D89593}
[2009/08/02 20:28:30 | 00,000,000 | ---D | M] -- C:\Users\Rebecca\AppData\Roaming\mozilla\Firefox\Profiles\febeprof.backup\extensions\clean_and_close@csb7.com
[2009/08/02 20:28:28 | 00,000,000 | ---D | M] -- C:\Users\Rebecca\AppData\Roaming\mozilla\Firefox\Profiles\febeprof.backup\extensions\enquiries@retailmenot.com
[2009/08/02 20:28:20 | 00,000,000 | ---D | M] -- C:\Users\Rebecca\AppData\Roaming\mozilla\Firefox\Profiles\febeprof.backup\extensions\homo_nudus@livejournal.com
[2009/08/02 20:28:20 | 00,000,000 | ---D | M] -- C:\Users\Rebecca\AppData\Roaming\mozilla\Firefox\Profiles\febeprof.backup\extensions\myTimeZone@smartgamez.org
[2009/08/02 20:28:45 | 00,000,000 | ---D | M] -- C:\Users\Rebecca\AppData\Roaming\mozilla\Firefox\Profiles\febeprof.backup\extensions\theme@yogurttree.com
[2009/08/02 20:28:52 | 00,000,000 | ---D | M] -- C:\Users\Rebecca\AppData\Roaming\mozilla\Firefox\Profiles\febeprof.backup\extensions\twitternotifier@naan.net
[2009/08/02 20:28:52 | 00,000,000 | ---D | M] -- C:\Users\Rebecca\AppData\Roaming\mozilla\Firefox\Profiles\febeprof.backup\extensions\twittytunes@extras.foxytunes.com
[2009/08/02 20:28:27 | 00,000,000 | ---D | M] -- C:\Users\Rebecca\AppData\Roaming\mozilla\Firefox\Profiles\febeprof.backup\extensions\twitzerTiny@shorttext.com
[2009/08/02 20:28:21 | 00,000,000 | ---D | M] -- C:\Users\Rebecca\AppData\Roaming\mozilla\Firefox\Profiles\febeprof.backup\extensions\waybackbutton@lazar.kovacevic
[2009/08/02 20:28:52 | 00,000,000 | ---D | M] -- C:\Users\Rebecca\AppData\Roaming\mozilla\Firefox\Profiles\febeprof.backup\extensions\youtube-comment-snob@efinke.com
[2009/06/30 16:36:58 | 00,001,655 | ---- | M] () -- C:\Users\Rebecca\AppData\Roaming\Mozilla\FireFox\Profiles\7y737qrl.default\searchplugins\aeromp3com.xml
[2009/07/31 23:40:53 | 00,002,353 | ---- | M] () -- C:\Users\Rebecca\AppData\Roaming\Mozilla\FireFox\Profiles\7y737qrl.default\searchplugins\allmusic---album.xml
[2009/07/31 23:40:53 | 00,002,367 | ---- | M] () -- C:\Users\Rebecca\AppData\Roaming\Mozilla\FireFox\Profiles\7y737qrl.default\searchplugins\allmusic---artistgroup.xml
[2009/07/31 23:40:53 | 00,002,353 | ---- | M] () -- C:\Users\Rebecca\AppData\Roaming\Mozilla\FireFox\Profiles\7y737qrl.default\searchplugins\allmusic---song.xml
[2009/07/02 10:27:18 | 00,000,958 | ---- | M] () -- C:\Users\Rebecca\AppData\Roaming\Mozilla\FireFox\Profiles\7y737qrl.default\searchplugins\allrecipes.xml
[2009/07/14 10:03:03 | 00,002,164 | ---- | M] () -- C:\Users\Rebecca\AppData\Roaming\Mozilla\FireFox\Profiles\7y737qrl.default\searchplugins\bing.xml
[2009/07/31 23:40:53 | 00,001,137 | ---- | M] () -- C:\Users\Rebecca\AppData\Roaming\Mozilla\FireFox\Profiles\7y737qrl.default\searchplugins\dictionarycom.xml
[2009/07/31 23:40:51 | 00,002,859 | ---- | M] () -- C:\Users\Rebecca\AppData\Roaming\Mozilla\FireFox\Profiles\7y737qrl.default\searchplugins\google-images.xml
[2009/07/24 22:35:12 | 00,001,775 | ---- | M] () -- C:\Users\Rebecca\AppData\Roaming\Mozilla\FireFox\Profiles\7y737qrl.default\searchplugins\google-language-fr.xml
[2009/08/01 15:25:19 | 00,002,563 | ---- | M] () -- C:\Users\Rebecca\AppData\Roaming\Mozilla\FireFox\Profiles\7y737qrl.default\searchplugins\google-maps.xml
[2009/08/02 21:08:26 | 00,002,607 | ---- | M] () -- C:\Users\Rebecca\AppData\Roaming\Mozilla\FireFox\Profiles\7y737qrl.default\searchplugins\google-news---by-date.xml
[2009/08/02 21:08:25 | 00,002,136 | ---- | M] () -- C:\Users\Rebecca\AppData\Roaming\Mozilla\FireFox\Profiles\7y737qrl.default\searchplugins\google-news-fr.xml
[2009/07/31 23:40:55 | 00,002,572 | ---- | M] () -- C:\Users\Rebecca\AppData\Roaming\Mozilla\FireFox\Profiles\7y737qrl.default\searchplugins\halfcom.xml
[2009/07/31 23:40:52 | 00,002,229 | ---- | M] () -- C:\Users\Rebecca\AppData\Roaming\Mozilla\FireFox\Profiles\7y737qrl.default\searchplugins\hulu.xml
[2009/07/31 23:40:52 | 00,002,996 | ---- | M] () -- C:\Users\Rebecca\AppData\Roaming\Mozilla\FireFox\Profiles\7y737qrl.default\searchplugins\imdb.xml
[2009/07/31 23:40:54 | 00,000,957 | ---- | M] () -- C:\Users\Rebecca\AppData\Roaming\Mozilla\FireFox\Profiles\7y737qrl.default\searchplugins\le-conjugueur.xml
[2009/07/31 23:40:39 | 00,002,192 | ---- | M] () -- C:\Users\Rebecca\AppData\Roaming\Mozilla\FireFox\Profiles\7y737qrl.default\searchplugins\ljseek.xml
[2009/07/31 23:40:54 | 00,002,194 | ---- | M] () -- C:\Users\Rebecca\AppData\Roaming\Mozilla\FireFox\Profiles\7y737qrl.default\searchplugins\lyricwiki-direct.xml
[2009/07/31 23:40:41 | 00,002,195 | ---- | M] () -- C:\Users\Rebecca\AppData\Roaming\Mozilla\FireFox\Profiles\7y737qrl.default\searchplugins\lyricwikiorg.xml
[2009/07/31 23:40:51 | 00,000,880 | ---- | M] () -- C:\Users\Rebecca\AppData\Roaming\Mozilla\FireFox\Profiles\7y737qrl.default\searchplugins\merriam-webster-dictionary.xml
[2009/07/31 23:40:52 | 00,001,134 | ---- | M] () -- C:\Users\Rebecca\AppData\Roaming\Mozilla\FireFox\Profiles\7y737qrl.default\searchplugins\mininova.xml
[2009/08/02 21:08:27 | 00,001,942 | ---- | M] () -- C:\Users\Rebecca\AppData\Roaming\Mozilla\FireFox\Profiles\7y737qrl.default\searchplugins\mycroft-project.xml
[2009/07/31 23:40:34 | 00,000,947 | ---- | M] () -- C:\Users\Rebecca\AppData\Roaming\Mozilla\FireFox\Profiles\7y737qrl.default\searchplugins\npr.xml
[2009/07/31 23:40:44 | 00,001,079 | ---- | M] () -- C:\Users\Rebecca\AppData\Roaming\Mozilla\FireFox\Profiles\7y737qrl.default\searchplugins\radio-locator.xml
[2009/08/02 21:08:27 | 00,002,340 | ---- | M] () -- C:\Users\Rebecca\AppData\Roaming\Mozilla\FireFox\Profiles\7y737qrl.default\searchplugins\retailmenot.xml
[2009/02/04 00:38:40 | 00,000,961 | ---- | M] () -- C:\Users\Rebecca\AppData\Roaming\Mozilla\FireFox\Profiles\7y737qrl.default\searchplugins\shareminercom.xml
[2009/07/31 23:40:54 | 00,001,285 | ---- | M] () -- C:\Users\Rebecca\AppData\Roaming\Mozilla\FireFox\Profiles\7y737qrl.default\searchplugins\snopescom.xml
[2009/07/31 23:40:46 | 00,001,913 | ---- | M] () -- C:\Users\Rebecca\AppData\Roaming\Mozilla\FireFox\Profiles\7y737qrl.default\searchplugins\stumbleupon.xml
[2009/07/31 23:40:50 | 00,002,317 | ---- | M] () -- C:\Users\Rebecca\AppData\Roaming\Mozilla\FireFox\Profiles\7y737qrl.default\searchplugins\the-infosphere.xml
[2009/07/31 23:40:33 | 00,002,040 | ---- | M] () -- C:\Users\Rebecca\AppData\Roaming\Mozilla\FireFox\Profiles\7y737qrl.default\searchplugins\the-simpsons-archive.xml
[2009/02/25 22:25:10 | 00,001,281 | ---- | M] () -- C:\Users\Rebecca\AppData\Roaming\Mozilla\FireFox\Profiles\7y737qrl.default\searchplugins\twitter-search.xml
[2009/07/31 23:40:46 | 00,001,536 | ---- | M] () -- C:\Users\Rebecca\AppData\Roaming\Mozilla\FireFox\Profiles\7y737qrl.default\searchplugins\uni-directory.xml
[2009/07/31 23:40:54 | 00,002,643 | ---- | M] () -- C:\Users\Rebecca\AppData\Roaming\Mozilla\FireFox\Profiles\7y737qrl.default\searchplugins\wayback-machine.xml
[2009/07/31 23:40:43 | 00,000,931 | ---- | M] () -- C:\Users\Rebecca\AppData\Roaming\Mozilla\FireFox\Profiles\7y737qrl.default\searchplugins\webster-thesaurus.xml
[2009/07/31 23:40:49 | 00,002,281 | ---- | M] () -- C:\Users\Rebecca\AppData\Roaming\Mozilla\FireFox\Profiles\7y737qrl.default\searchplugins\wikiquote-en-1.xml
[2009/07/31 23:40:48 | 00,002,310 | ---- | M] () -- C:\Users\Rebecca\AppData\Roaming\Mozilla\FireFox\Profiles\7y737qrl.default\searchplugins\wikiquote-en.xml
[2008/09/30 16:33:50 | 00,001,678 | ---- | M] () -- C:\Users\Rebecca\AppData\Roaming\Mozilla\FireFox\Profiles\7y737qrl.default\searchplugins\wr-english-french.xml
[2008/09/30 16:33:50 | 00,001,878 | ---- | M] () -- C:\Users\Rebecca\AppData\Roaming\Mozilla\FireFox\Profiles\7y737qrl.default\searchplugins\wr-french-english.xml
[2009/07/31 23:40:52 | 00,002,431 | ---- | M] () -- C:\Users\Rebecca\AppData\Roaming\Mozilla\FireFox\Profiles\7y737qrl.default\searchplugins\youtube.xml
[2009/06/01 15:35:52 | 00,000,000 | ---D | M] -- C:\Program Files\mozilla firefox\extensions
[2009/07/14 07:55:23 | 00,000,000 | ---D | M] -- C:\Program Files\mozilla firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
[2009/02/14 14:29:33 | 00,000,000 | ---D | M] -- C:\Program Files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0012-ABCDEFFEDCBA}
[2009/03/28 15:32:27 | 00,000,000 | ---D | M] -- C:\Program Files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0013-ABCDEFFEDCBA}
[2009/07/14 07:54:34 | 00,023,032 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\browserdirprovider.dll
[2009/07/14 07:54:34 | 00,134,648 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\brwsrcmp.dll
[2008/12/24 06:27:02 | 00,122,880 | ---- | M] (Google) -- C:\Program Files\mozilla firefox\components\GoogleDesktopMozilla.dll
[2006/06/15 21:33:58 | 00,233,472 | ---- | M] (C3D) -- C:\Program Files\mozilla firefox\plugins\CrazyTalk4Native.dll
[2006/05/25 19:43:32 | 00,204,895 | ---- | M] (Reallusion Inc.) -- C:\Program Files\mozilla firefox\plugins\ctdomemhelper.dll
[2005/09/29 15:41:38 | 00,077,824 | ---- | M] (Reallusion Inc.) -- C:\Program Files\mozilla firefox\plugins\ctframeplayerobject.dll
[2006/06/19 14:10:42 | 00,426,081 | ---- | M] (Reallusion Inc.) -- C:\Program Files\mozilla firefox\plugins\ctplayerobject.dll
[2005/02/02 13:19:12 | 00,458,752 | ---- | M] (BEXTech) -- C:\Program Files\mozilla firefox\plugins\imagickrt.dll
[2008/11/24 15:35:00 | 00,114,688 | ---- | M] (Adobe Systems, Inc.) -- C:\Program Files\mozilla firefox\plugins\np32dsw.dll
[2009/03/09 05:19:09 | 00,410,984 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\mozilla firefox\plugins\npdeploytk.dll
[2009/07/14 07:55:04 | 00,065,528 | ---- | M] (mozilla.org) -- C:\Program Files\mozilla firefox\plugins\npnul32.dll
[2006/10/26 21:12:16 | 00,016,192 | ---- | M] (Microsoft Corporation) -- C:\Program Files\mozilla firefox\plugins\NPOFF12.DLL
[2009/02/27 12:13:42 | 00,103,792 | ---- | M] (Adobe Systems Inc.) -- C:\Program Files\mozilla firefox\plugins\nppdf32.dll
[2008/12/09 23:47:29 | 00,144,960 | ---- | M] (RealNetworks, Inc.) -- C:\Program Files\mozilla firefox\plugins\nppl3260.dll
[2009/06/02 17:17:47 | 00,143,360 | ---- | M] (Apple Inc.) -- C:\Program Files\mozilla firefox\plugins\npqtplugin.dll
[2009/06/02 17:17:47 | 00,143,360 | ---- | M] (Apple Inc.) -- C:\Program Files\mozilla firefox\plugins\npqtplugin2.dll
[2009/06/02 17:17:48 | 00,143,360 | ---- | M] (Apple Inc.) -- C:\Program Files\mozilla firefox\plugins\npqtplugin3.dll
[2009/06/02 17:17:48 | 00,143,360 | ---- | M] (Apple Inc.) -- C:\Program Files\mozilla firefox\plugins\npqtplugin4.dll
[2009/06/02 17:17:48 | 00,143,360 | ---- | M] (Apple Inc.) -- C:\Program Files\mozilla firefox\plugins\npqtplugin5.dll
[2009/06/02 17:17:48 | 00,143,360 | ---- | M] (Apple Inc.) -- C:\Program Files\mozilla firefox\plugins\npqtplugin6.dll
[2009/06/02 17:17:48 | 00,143,360 | ---- | M] (Apple Inc.) -- C:\Program Files\mozilla firefox\plugins\npqtplugin7.dll
[2008/12/09 23:47:37 | 00,008,192 | ---- | M] (RealNetworks, Inc.) -- C:\Program Files\mozilla firefox\plugins\nprjplug.dll
[2006/01/03 17:00:40 | 00,069,632 | ---- | M] ( ) -- C:\Program Files\mozilla firefox\plugins\npRLCT4Player.dll
[2008/12/09 23:47:20 | 00,094,208 | ---- | M] (RealNetworks, Inc.) -- C:\Program Files\mozilla firefox\plugins\nprpjplug.dll
[2006/04/10 19:35:38 | 00,139,264 | ---- | M] (Reallusion Inc.) -- C:\Program Files\mozilla firefox\plugins\rlcontentclass.dll
[2005/11/09 12:10:06 | 00,204,800 | ---- | M] () -- C:\Program Files\mozilla firefox\plugins\RLMusicPacker.dll
[2005/11/09 12:42:52 | 00,106,496 | ---- | M] () -- C:\Program Files\mozilla firefox\plugins\RLMusicUnpacker.dll
[2006/01/04 12:22:00 | 00,212,992 | ---- | M] () -- C:\Program Files\mozilla firefox\plugins\RLVoicePacker.dll
[2006/01/04 12:21:44 | 00,167,936 | ---- | M] () -- C:\Program Files\mozilla firefox\plugins\RLVoiceUnpacker.dll
[2009/07/14 07:55:13 | 00,001,394 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\amazondotcom.xml
[2009/07/14 07:55:13 | 00,002,193 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\answers.xml
[2009/07/14 07:55:13 | 00,001,534 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\creativecommons.xml
[2009/07/14 07:55:13 | 00,002,343 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\eBay.xml
[2009/07/14 07:55:13 | 00,001,706 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\google.xml
[2009/07/14 07:55:14 | 00,001,178 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\wikipedia.xml
[2009/07/14 07:55:14 | 00,000,792 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\yahoo.xml

O1 HOSTS File: (289944 bytes) - C:\Windows\System32\drivers\etc\Hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: ::1 localhost
O1 - Hosts: 127.0.0.1 www.007guard.com
O1 - Hosts: 127.0.0.1 007guard.com
O1 - Hosts: 127.0.0.1 008i.com
O1 - Hosts: 127.0.0.1 www.008k.com
O1 - Hosts: 127.0.0.1 008k.com
O1 - Hosts: 127.0.0.1 www.00hq.com
O1 - Hosts: 127.0.0.1 00hq.com
O1 - Hosts: 127.0.0.1 010402.com
O1 - Hosts: 127.0.0.1 www.032439.com
O1 - Hosts: 127.0.0.1 032439.com
O1 - Hosts: 127.0.0.1 www.0scan.com
O1 - Hosts: 127.0.0.1 0scan.com
O1 - Hosts: 127.0.0.1 1000gratisproben.com
O1 - Hosts: 127.0.0.1 www.1000gratisproben.com
O1 - Hosts: 127.0.0.1 www.1001namen.com
O1 - Hosts: 127.0.0.1 1001namen.com
O1 - Hosts: 127.0.0.1 www.100888290cs.com
O1 - Hosts: 127.0.0.1 100888290cs.com
O1 - Hosts: 127.0.0.1 www.100sexlinks.com
O1 - Hosts: 127.0.0.1 100sexlinks.com
O1 - Hosts: 127.0.0.1 www.10sek.com
O1 - Hosts: 127.0.0.1 10sek.com
O1 - Hosts: 127.0.0.1 www.1-2005-search.com
O1 - Hosts: 9987 more lines...
O2 - BHO: (Adobe PDF Link Helper) - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)
O2 - BHO: (RealPlayer Download and Record Plugin for Internet Explorer) - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Program Files\Real\RealPlayer\rpbrowserrecordplugin.dll (RealPlayer)
O2 - BHO: (Spybot-S&D IE Protection) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - No CLSID value found.
O2 - BHO: (Windows Live ID Sign-in Helper) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)
O2 - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.1.1309.15642\swg.dll (Google Inc.)
O2 - BHO: (Java™ Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll (Sun Microsystems, Inc.)
O4 - HKLM..\Run: [Adobe Reader Speed Launcher] C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [Ad-Watch] C:\Program Files\Lavasoft\Ad-Aware\AAWTray.exe (Lavasoft)
O4 - HKLM..\Run: [Apoint] C:\Program Files\DellTPad\Apoint.exe (Alps Electric Co., Ltd.)
O4 - HKLM..\Run: [avast!] C:\Program Files\Alwil Software\Avast4\ashDisp.exe (ALWIL Software)
O4 - HKLM..\Run: [Broadcom Wireless Manager UI] C:\Windows\System32\WLTRAY.exe (Dell Inc.)
O4 - HKLM..\Run: [DELL Webcam Manager] C:\Program Files\Dell\Dell Webcam Manager\DellWMgr.exe (Creative Technology Ltd.)
O4 - HKLM..\Run: [Google Desktop Search] C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe (Google)
O4 - HKLM..\Run: [HotKeysCmds] C:\Windows\System32\hkcmd.exe (Intel Corporation)
O4 - HKLM..\Run: [IAAnotif] C:\Program Files\Intel\Intel Matrix Storage Manager\iaanotif.exe (Intel Corporation)
O4 - HKLM..\Run: [IgfxTray] C:\Windows\System32\igfxtray.exe (Intel Corporation)
O4 - HKLM..\Run: [iTunesHelper] C:\Program Files\iTunes\iTunesHelper.exe (Apple Inc.)
O4 - HKLM..\Run: [OEM02Mon.exe] C:\Windows\OEM02Mon.exe (Creative Technology Ltd.)
O4 - HKLM..\Run: [Persistence] C:\Windows\System32\igfxpers.exe (Intel Corporation)
O4 - HKLM..\Run: [QuickTime Task] C:\Program Files\QuickTime\QTTask.exe (Apple Inc.)
O4 - HKLM..\Run: [SigmatelSysTrayApp] C:\Program Files\SigmaTel\C-Major Audio\WDM\sttray.exe (IDT, Inc.)
O4 - HKLM..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre6\bin\jusched.exe (Sun Microsystems, Inc.)
O4 - HKLM..\Run: [Windows Defender] C:\Program Files\Windows Defender\MSASCui.exe (Microsoft Corporation)
O4 - HKCU..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe (Microsoft Corporation)
O4 - HKCU..\Run: [googletalk] C:\Users\Rebecca\AppData\Roaming\Google\Google Talk\googletalk.exe (Google)
O4 - HKCU..\Run: [Semagic] C:\Program Files\Semagic\LiveJournalU.exe (Alexey Semenov)
O4 - HKCU..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe (Google Inc.)
O4 - HKCU..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe (Microsoft Corporation)
O4 - Startup: C:\Users\Rebecca\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ERUNT AutoBackup.lnk = C:\Program Files\ERUNT\AUTOBACK.EXE ()
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 2
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableInstallerDetection = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableSecureUIAPaths = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableVirtualization = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ValidateAdminCodeSignatures = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: dontdisplaylastusername = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticecaption =
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticetext =
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: scforceoption = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: shutdownwithoutlogon = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: undockwithoutlogon = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: FilterAdministratorToken = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableUIADesktopToggle = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_TEXT = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_BITMAP = 2
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_OEMTEXT = 7
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_DIB = 8
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_PALETTE = 9
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_UNICODETEXT = 13
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_DIBV5 = 17
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableRegistryTools = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableTaskmgr = 0
O8 - Extra context menu item: Copy to Semagic - C:\Program Files\Semagic\copy.htm ()
O8 - Extra context menu item: E&xport to Microsoft Excel - C:\Program Files\Microsoft Office\Office12\EXCEL.EXE (Microsoft Corporation)
O8 - Extra context menu item: Semagic - C:\Program Files\Semagic\link.htm ()
O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\Program Files\Microsoft Office\Office12\REFIEBAR.DLL (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O13 - gopher Prefix: missing
O15 - HKLM\..Trusted Domains: 49 domain(s) and sub-domain(s) not assigned to a zone.
O15 - HKCU\..Trusted Domains: 49 domain(s) and sub-domain(s) not assigned to a zone.
O15 - HKCU\..Trusted Ranges: GD ([http] in Local intranet)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-...indows-i586.cab (Java Plug-in 1.6.0_13)
O16 - DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} http://fpdownload.macromedia.com/get/flash...r/ultrashim.cab (Reg Error: Key error.)
O16 - DPF: {A93B47FD-9BF6-4DA8-97FC-9270B9D64A6C} http://173.27.72.195...in/h263ctrl.cab (VaPgCtrl Class)
O16 - DPF: {CAFEEFAC-0016-0000-0005-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-...indows-i586.cab (Java Plug-in 1.6.0_05)
O16 - DPF: {CAFEEFAC-0016-0000-0013-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-...indows-i586.cab (Java Plug-in 1.6.0_13)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-...indows-i586.cab (Java Plug-in 1.6.0_13)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 134.161.1.39 134.161.1.33
O18 - Protocol\Handler\livecall {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files\Windows Live\Messenger\msgrapp.14.0.8064.0206.dll (Microsoft Corporation)
O18 - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Program Files\Common Files\Microsoft Shared\Help\hxds.dll (Microsoft Corporation)
O18 - Protocol\Handler\msnim {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files\Windows Live\Messenger\msgrapp.14.0.8064.0206.dll (Microsoft Corporation)
O18 - Protocol\Filter: - text/xml - C:\Program Files\Common Files\microsoft shared\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)
O20 - AppInit_DLLs: (C:\PROGRA~1\Google\GOOGLE~1\GOEC62~1.DLL) - C:\Program Files\Google\Google Desktop Search\GoogleDesktopNetwork3.dll (Google)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20 - Winlogon\Notify\igfxcui: DllName - igfxdev.dll - C:\Windows\System32\igfxdev.dll (Intel Corporation)
O31 - SafeBoot: AlternateShell - cmd.exe
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2006/09/18 16:43:36 | 00,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O33 - MountPoints2\{cc442ee9-05ff-11de-9ec7-00219bda7f48}\Shell - "" = AutoRun
O33 - MountPoints2\{cc442ee9-05ff-11de-9ec7-00219bda7f48}\Shell\AutoRun\command - "" = F:\LaunchU3.exe -- File not found
O34 - HKLM BootExecute: (autocheck) - File not found
O34 - HKLM BootExecute: (autochk) - C:\Windows\System32\autochk.exe (Microsoft Corporation)
O34 - HKLM BootExecute: (*) - File not found
O34 - HKLM BootExecute: (lsdelete) - C:\Windows\System32\lsdelete.exe ()

NetSvcs: FastUserSwitchingCompatibility - Service key not found. File not found
NetSvcs: Ias - Service key not found. File not found
NetSvcs: Irmon - Service key not found. File not found
NetSvcs: Nla - Service key not found. File not found
NetSvcs: Ntmssvc - Service key not found. File not found
NetSvcs: NWCWorkstation - Service key not found. File not found
NetSvcs: Nwsapagent - Service key not found. File not found
NetSvcs: SRService - Service key not found. File not found
NetSvcs: Wmi - Service key not found. File not found
NetSvcs: WmdmPmSp - Service key not found. File not found
NetSvcs: LogonHours - Service key not found. File not found
NetSvcs: PCAudit - Service key not found. File not found
NetSvcs: helpsvc - Service key not found. File not found
NetSvcs: uploadmgr - Service key not found. File not found

MsConfig - StartUpFolder: C:^Users^Rebecca^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^OneNote 2007 Screen Clipper and Launcher.lnk - C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE - (Microsoft Corporation)
MsConfig - StartUpFolder: C:^Users^Rebecca^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Webshots.lnk - C:\Program Files\Webshots\Launcher.exe - (Webshots.com)
MsConfig - StartUpReg: Adobe Reader Speed Launcher - hkey= - key= - C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe (Adobe Systems Incorporated)
MsConfig - StartUpReg: iTunesHelper - hkey= - key= - C:\Program Files\iTunes\iTunesHelper.exe (Apple Inc.)
MsConfig - StartUpReg: QuickTime Task - hkey= - key= - C:\Program Files\QuickTime\QTTask.exe (Apple Inc.)
MsConfig - StartUpReg: TkBellExe - hkey= - key= - C:\Program Files\Common Files\Real\Update_OB\realsched.exe (RealNetworks, Inc.)
MsConfig - StartUpReg: WinampAgent - hkey= - key= - C:\Program Files\Winamp\winampa.exe ()
MsConfig - State: "services" - 2
MsConfig - State: "startup" - 2

SafeBootMin: AppMgmt - Service
SafeBootMin: Base - Driver Group
SafeBootMin: Boot Bus Extender - Driver Group
SafeBootMin: Boot file system - Driver Group
SafeBootMin: EventLog - C:\Windows\System32\wevtsvc.dll (Microsoft Corporation)
SafeBootMin: File system - Driver Group
SafeBootMin: Filter - Driver Group
SafeBootMin: HelpSvc - Service
SafeBootMin: Lavasoft Ad-Aware Service - C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe (Lavasoft)
SafeBootMin: NTDS - File not found
SafeBootMin: PCI Configuration - Driver Group
SafeBootMin: PNP Filter - Driver Group
SafeBootMin: Primary disk - Driver Group
SafeBootMin: sacsvr - Service
SafeBootMin: SCSI Class - Driver Group
SafeBootMin: System Bus Extender - Driver Group
SafeBootMin: WinDefend - C:\Program Files\Windows Defender\mpsvc.dll (Microsoft Corporation)
SafeBootMin: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootMin: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootMin: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootMin: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootMin: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootMin: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootMin: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootMin: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootMin: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootMin: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootMin: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootMin: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy
SafeBootMin: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers
SafeBootMin: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootMin: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices
SafeBootMin: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices
SafeBootMin: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices

SafeBootNet: AppMgmt - Service
SafeBootNet: Base - Driver Group
SafeBootNet: Boot Bus Extender - Driver Group
SafeBootNet: Boot file system - Driver Group
SafeBootNet: EventLog - C:\Windows\System32\wevtsvc.dll (Microsoft Corporation)
SafeBootNet: File system - Driver Group
SafeBootNet: Filter - Driver Group
SafeBootNet: HelpSvc - Service
SafeBootNet: Lavasoft Ad-Aware Service - C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe (Lavasoft)
SafeBootNet: Messenger - Service
SafeBootNet: NDIS Wrapper - Driver Group
SafeBootNet: NetBIOSGroup - Driver Group
SafeBootNet: NetDDEGroup - Driver Group
SafeBootNet: Network - Driver Group
SafeBootNet: NetworkProvider - Driver Group
SafeBootNet: NTDS - File not found
SafeBootNet: PCI Configuration - Driver Group
SafeBootNet: PNP Filter - Driver Group
SafeBootNet: PNP_TDI - Driver Group
SafeBootNet: Primary disk - Driver Group
SafeBootNet: rdsessmgr - Service
SafeBootNet: sacsvr - Service
SafeBootNet: SCSI Class - Driver Group
SafeBootNet: Streams Drivers - Driver Group
SafeBootNet: System Bus Extender - Driver Group
SafeBootNet: TDI - Driver Group
SafeBootNet: WinDefend - C:\Program Files\Windows Defender\mpsvc.dll (Microsoft Corporation)
SafeBootNet: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootNet: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootNet: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootNet: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootNet: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootNet: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootNet: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootNet: {4D36E972-E325-11CE-BFC1-08002BE10318} - Net
SafeBootNet: {4D36E973-E325-11CE-BFC1-08002BE10318} - NetClient
SafeBootNet: {4D36E974-E325-11CE-BFC1-08002BE10318} - NetService
SafeBootNet: {4D36E975-E325-11CE-BFC1-08002BE10318} - NetTrans
SafeBootNet: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootNet: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootNet: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootNet: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootNet: {50DD5230-BA8A-11D1-BF5D-0000F805F530} - Smart card readers
SafeBootNet: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy
SafeBootNet: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers
SafeBootNet: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootNet: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices
SafeBootNet: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices
SafeBootNet: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices

ActiveX: {08B0E5C0-4FCB-11CF-AAA5-00401C608500} - Java (Sun)
ActiveX: {2179C5D3-EBFF-11CF-B6FD-00AA00B4E220} -
ActiveX: {22d6f312-b0f6-11d0-94ab-0080c74c7e95} - Microsoft Windows Media Player 11.0
ActiveX: {233C1507-6A77-46A4-9443-F871F945D258} - Adobe Shockwave Director 11.0.3
ActiveX: {2A202491-F00D-11cf-87CC-0020AFEECF20} - Adobe Shockwave Director 11.0.3
ActiveX: {2C7339CF-2B09-4501-B3F3-F3508C9228ED} - %SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll
ActiveX: {3af36230-a269-11d1-b5bf-0000f8051515} - Offline Browsing Pack
ActiveX: {44BBA840-CC51-11CF-AAFA-00AA00B6015C} - "%ProgramFiles%\Windows Mail\WinMail.exe" OCInstallUserConfigOE
ActiveX: {44BBA848-CC51-11CF-AAFA-00AA00B6015C} -
ActiveX: {44BBA855-CC51-11CF-AAFA-00AA00B6015F} - DirectDrawEx
ActiveX: {45ea75a0-a269-11d1-b5bf-0000f8051515} - Internet Explorer Help
ActiveX: {4f645220-306d-11d2-995d-00c04f98bbc9} - Microsoft Windows Script 5.6
ActiveX: {5fd399c0-a70a-11d1-9948-00c04f98bbc9} - Internet Explorer Setup Tools
ActiveX: {630b1da0-b465-11d1-9948-00c04f98bbc9} - Browsing Enhancements
ActiveX: {6BF52A52-394A-11d3-B153-00C04F79FAA6} - Microsoft Windows Media Player
ActiveX: {6fab99d0-bab8-11d1-994a-00c04f98bbc9} - MSN Site Access
ActiveX: {7790769C-0471-11d2-AF11-00C04FA35D02} - Address Book 7
ActiveX: {7C028AF8-F614-47B3-82DA-BA94E41B1089} - .NET Framework
ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4340} - regsvr32.exe /s /n /i:U shell32.dll
ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4383} - C:\Windows\system32\ie4uinit.exe -BaseSettings
ActiveX: {89B4C1CD-B018-4511-B0A1-5476DBF70820} - C:\Windows\system32\Rundll32.exe C:\Windows\system32\mscories.dll,Install
ActiveX: {9381D8F2-0288-11D0-9501-00AA00B911A5} - Dynamic HTML Data Binding
ActiveX: {C9E9A340-D1F1-11D0-821E-444553540600} - Internet Explorer Core Fonts
ActiveX: {CDD7975E-60F8-41d5-8149-19E51D6F71D0} - Windows Movie Maker v2.1
ActiveX: {D27CDB6E-AE6D-11CF-96B8-444553540000} - Adobe Flash Player
ActiveX: {de5aed00-a4bf-11d1-9948-00c04f98bbc9} - HTML Help
ActiveX: {E5D12C4E-7B4F-11D3-B5C9-0050045C3C96} - Reg Error: Value error.
ActiveX: {E92B03AB-B707-11d2-9CBD-0000F87A369E} - Active Directory Service Interface
ActiveX: >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} - C:\Windows\system32\unregmp2.exe /ShowWMP
ActiveX: >{26923b43-4d38-484f-9b9e-de460746276c} - C:\Windows\system32\ie4uinit.exe -UserIconConfig
ActiveX: >{60B49E34-C7CC-11D0-8953-00A0C90347FF} - "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\iedkcs32.dll",BrandIEActiveSetup SIGNUP

Drivers32: msacm.l3acm - C:\Windows\System32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: msacm.siren - C:\Windows\System32\sirenacm.dll (Microsoft Corporation)
Drivers32: MSVideo8 - C:\Windows\System32\VfWWDM32.dll (Microsoft Corporation)
Drivers32: vidc.cvid - C:\Windows\System32\iccvid.dll (Radius Inc.)

========== Files/Folders - Created Within 30 Days ==========

[2009/08/03 13:47:59 | 00,000,000 | ---D | C] -- C:\Rooter$
[2009/08/03 13:46:44 | 00,000,000 | ---D | C] -- C:\Users\Rebecca\Desktop\Laptop Fix
[2009/08/03 13:31:33 | 00,000,000 | ---D | C] -- C:\Windows\ERDNT
[2009/08/03 13:31:14 | 00,000,913 | ---- | C] () -- C:\Users\Rebecca\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ERUNT AutoBackup.lnk
[2009/08/03 13:31:08 | 00,000,733 | ---- | C] () -- C:\Users\Rebecca\Desktop\NTREGOPT.lnk
[2009/08/03 13:31:08 | 00,000,714 | ---- | C] () -- C:\Users\Rebecca\Desktop\ERUNT.lnk
[2009/08/03 13:31:06 | 00,000,000 | ---D | C] -- C:\Program Files\ERUNT
[2009/08/03 13:27:00 | 32,107,84768 | -HS- | C] () -- C:\hiberfil.sys
[2009/08/03 10:39:34 | 00,172,032 | ---- | C] (Intel Corporation) -- C:\Windows\System32\igfxres.dll
[2009/08/03 03:56:03 | 00,000,284 | ---- | C] () -- C:\Users\Rebecca\Desktop\Enable_Task_Manager.reg
[2009/08/02 19:51:34 | 00,000,000 | ---D | C] -- C:\Users\Rebecca\Documents\July 2009
[2009/08/02 15:23:35 | 00,000,000 | ---D | C] -- C:\Users\Rebecca\Desktop\August 2009
[2009/08/01 10:01:53 | 00,000,000 | ---D | C] -- C:\Users\Rebecca\Desktop\Fabric
[2009/07/31 15:35:48 | 00,806,550 | ---- | C] () -- C:\Users\Rebecca\Documents\Bookmarks 2009-07-31.json
[2009/07/31 15:34:17 | 00,002,488 | ---- | C] () -- C:\Users\Rebecca\Documents\Results - FEBE 2009 07-31 15.34.17.html
[2009/07/31 09:57:57 | 01,638,912 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mshtml.tlb
[2009/07/31 09:57:56 | 00,206,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\occache.dll
[2009/07/31 09:57:56 | 00,025,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jsproxy.dll
[2009/07/31 09:57:55 | 00,594,432 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msfeeds.dll
[2009/07/31 09:57:55 | 00,184,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iepeers.dll
[2009/07/31 09:57:55 | 00,055,296 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msfeedsbs.dll
[2009/07/31 09:57:54 | 00,164,352 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieui.dll
[2009/07/31 09:57:54 | 00,071,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iesetup.dll
[2009/07/31 09:57:53 | 00,915,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wininet.dll
[2009/07/31 09:57:53 | 00,055,808 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iernonce.dll
[2009/07/31 09:57:52 | 01,985,536 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iertutil.dll
[2009/07/31 09:57:52 | 00,173,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ie4uinit.exe
[2009/07/31 09:57:52 | 00,057,667 | ---- | C] () -- C:\Windows\System32\ieuinit.inf
[2009/07/31 09:57:52 | 00,013,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msfeedssync.exe
[2009/07/31 09:57:51 | 00,386,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iedkcs32.dll
[2009/07/31 09:57:51 | 00,133,632 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieUnatt.exe
[2009/07/31 09:57:51 | 00,109,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iesysprep.dll
[2009/07/31 09:57:50 | 01,208,832 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\urlmon.dll
[2009/07/31 09:57:49 | 01,469,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\inetcpl.cpl
[2009/07/31 09:57:48 | 11,067,392 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieframe.dll
[2009/07/31 09:57:46 | 05,937,152 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mshtml.dll
[2009/07/31 09:53:32 | 00,066,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mshtmled.dll
[2009/07/31 09:53:31 | 00,072,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\admparse.dll
[2009/07/31 09:53:31 | 00,059,904 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\icardie.dll
[2009/07/31 09:53:31 | 00,048,128 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mshtmler.dll
[2009/07/31 09:53:30 | 00,156,160 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msls31.dll
[2009/07/31 09:53:30 | 00,018,944 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\corpol.dll
[2009/07/31 09:53:29 | 00,348,160 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dxtmsft.dll
[2009/07/31 09:53:29 | 00,125,952 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieakeng.dll
[2009/07/31 09:53:29 | 00,066,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\tdc.ocx
[2009/07/31 09:53:29 | 00,034,816 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\imgutil.dll
[2009/07/31 09:53:28 | 00,216,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dxtrans.dll
[2009/07/31 09:53:28 | 00,043,008 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\licmgr10.dll
[2009/07/31 09:53:27 | 00,236,544 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\webcheck.dll
[2009/07/31 09:53:27 | 00,229,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieaksie.dll
[2009/07/31 09:53:27 | 00,193,536 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msrating.dll
[2009/07/31 09:53:27 | 00,094,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\inseng.dll
[2009/07/31 09:53:26 | 00,611,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mstime.dll
[2009/07/31 09:53:26 | 00,208,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WinFXDocObj.exe
[2009/07/31 09:53:26 | 00,163,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieakui.dll
[2009/07/31 09:53:26 | 00,066,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wextract.exe
[2009/07/31 09:53:25 | 00,128,512 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\advpack.dll
[2009/07/31 09:53:25 | 00,046,592 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\pngfilt.dll
[2009/07/31 09:53:22 | 00,445,952 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieapfltr.dll
[2009/07/31 09:53:20 | 00,726,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jscript.dll
[2009/07/31 09:53:20 | 00,420,352 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\vbscript.dll
[2009/07/31 09:53:19 | 00,105,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\url.dll
[2009/07/31 09:53:13 | 00,385,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\html.iec
[2009/07/31 09:53:12 | 03,698,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieapfltr.dat
[2009/07/31 09:53:12 | 00,169,472 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iexpress.exe
[2009/07/31 09:53:12 | 00,045,568 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mshta.exe
[2009/07/31 09:53:11 | 00,109,568 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\PDMSetup.exe
[2009/07/31 09:53:11 | 00,107,520 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\RegisterIEPKEYs.exe
[2009/07/31 09:53:11 | 00,107,008 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\SetIEInstalledDate.exe
[2009/07/31 09:53:11 | 00,103,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\SetDepNx.exe
[2009/07/28 10:44:22 | 02,203,716 | ---- | C] () -- C:\Users\Rebecca\Desktop\Simple_Sky_by_SloAu.zip
[2009/07/23 00:25:21 | 00,000,000 | ---D | C] -- C:\Users\Rebecca\Documents\DestroyToday
[2009/07/23 00:25:08 | 00,000,000 | ---D | C] -- C:\Users\Rebecca\AppData\Roaming\app.destroytwitter.23CA2F9B070E2FB8C4472F982F88B1A471F11AE2.1
[2009/07/23 00:10:00 | 00,000,812 | ---- | C] () -- C:\Users\Public\Desktop\DestroyTwitter.lnk
[2009/07/23 00:09:59 | 00,000,000 | ---D | C] -- C:\Program Files\DestroyTwitter
[2009/07/20 10:55:28 | 00,000,886 | ---- | C] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2009/07/20 10:55:26 | 00,000,882 | ---- | C] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2009/07/20 10:42:56 | 00,001,976 | ---- | C] () -- C:\Users\Public\Desktop\Google Earth.lnk
[2009/07/17 23:40:21 | 00,000,000 | ---D | C] -- C:\Program Files\uTorrent
[2009/07/17 23:39:29 | 00,000,000 | ---D | C] -- C:\Users\Rebecca\AppData\Roaming\uTorrent
[2009/07/17 17:36:17 | 00,002,488 | ---- | C] () -- C:\Users\Rebecca\Documents\Results - FEBE 2009 07-17 17.36.17.html
[2009/07/15 14:26:55 | 00,000,000 | ---D | C] -- C:\Users\Rebecca\Desktop\eBay
[2009/07/14 18:58:33 | 00,773,325 | ---- | C] () -- C:\Users\Rebecca\Documents\Bookmarks 2009-07-14.json
[2009/07/14 17:42:01 | 00,156,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\t2embed.dll
[2009/07/14 17:42:00 | 00,289,792 | ---- | C] (Adobe Systems Incorporated) -- C:\Windows\System32\atmfd.dll
[2009/07/14 17:42:00 | 00,072,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\fontsub.dll
[2009/07/14 17:42:00 | 00,010,240 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dciman32.dll
[2009/07/07 20:57:54 | 00,000,000 | ---D | C] -- C:\Program Files\BillyMaysCapsLock
[2009/07/07 19:54:46 | 00,000,000 | ---D | C] -- C:\Users\Rebecca\Desktop\July 2009--Music
[2009/07/07 19:35:58 | 00,000,000 | ---D | C] -- C:\Program Files\SystemRequirementsLab
[2009/07/07 19:35:50 | 00,000,000 | ---D | C] -- C:\Users\Rebecca\AppData\Roaming\SystemRequirementsLab
[2009/05/31 00:46:19 | 01,970,176 | ---- | C] () -- C:\Windows\System32\d3dx9.dll
[2009/03/31 18:28:37 | 00,122,880 | ---- | C] () -- C:\Windows\System32\trc.dll
[2009/03/31 18:27:28 | 00,005,120 | ---- | C] () -- C:\Windows\System32\IcdSptSvps.dll
[2009/03/31 18:27:27 | 00,118,784 | ---- | C] () -- C:\Windows\System32\mp3dec.dll
[2009/03/31 18:27:27 | 00,081,920 | ---- | C] () -- C:\Windows\System32\dsp_trc.dll
[2009/02/20 14:49:52 | 00,339,968 | ---- | C] () -- C:\Windows\System32\pythoncom25.dll
[2009/02/20 14:49:51 | 00,114,688 | ---- | C] () -- C:\Windows\System32\pywintypes25.dll
[2008/12/09 17:55:25 | 00,054,784 | ---- | C] () -- C:\Windows\System32\bcmwlrmt.dll
[2008/12/09 17:53:44 | 00,016,480 | ---- | C] () -- C:\Windows\System32\rixdicon.dll
[2008/12/08 19:11:17 | 01,953,696 | ---- | C] () -- C:\Windows\System32\igklg400.dll
[2008/12/08 19:11:17 | 01,533,360 | ---- | C] () -- C:\Windows\System32\igklg450.dll
[2008/12/08 19:11:17 | 00,147,456 | ---- | C] () -- C:\Windows\System32\igfxCoIn_v1409.dll
[2008/12/08 19:11:17 | 00,104,636 | ---- | C] () -- C:\Windows\System32\igmedcompkrn.dll
[2008/12/08 19:11:17 | 00,004,608 | ---- | C] () -- C:\Windows\System32\HdmiCoin.dll
[2006/11/02 07:35:32 | 00,005,632 | ---- | C] () -- C:\Windows\System32\sysprepMCE.dll
[2006/11/02 05:23:31 | 00,000,219 | ---- | C] () -- C:\Windows\win.ini
[2006/11/02 05:23:31 | 00,000,219 | ---- | C] () -- C:\Windows\system.ini
[2006/11/02 02:40:29 | 00,013,750 | ---- | C] () -- C:\Windows\System32\pacerprf.ini

========== Files - Modified Within 30 Days ==========

[2009/08/03 14:00:05 | 00,000,886 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2009/08/03 13:47:26 | 00,690,960 | ---- | M] () -- C:\Windows\System32\PerfStringBackup.INI
[2009/08/03 13:47:26 | 00,595,684 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2009/08/03 13:47:26 | 00,101,350 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2009/08/03 13:44:45 | 00,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2009/08/03 13:31:14 | 00,000,913 | ---- | M] () -- C:\Users\Rebecca\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ERUNT AutoBackup.lnk
[2009/08/03 13:31:08 | 00,000,733 | ---- | M] () -- C:\Users\Rebecca\Desktop\NTREGOPT.lnk
[2009/08/03 13:31:08 | 00,000,714 | ---- | M] () -- C:\Users\Rebecca\Desktop\ERUNT.lnk
[2009/08/03 13:29:46 | 00,000,868 | ---- | M] () -- C:\Windows\tasks\Google Software Updater.job
[2009/08/03 13:27:49 | 00,000,882 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2009/08/03 13:27:17 | 00,003,712 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
[2009/08/03 13:27:17 | 00,003,712 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
[2009/08/03 13:27:16 | 00,000,006 | -H-- | M] () -- C:\Windows\tasks\SA.DAT
[2009/08/03 13:27:00 | 32,107,84768 | -HS- | M] () -- C:\hiberfil.sys
[2009/08/03 11:22:35 | 00,001,356 | ---- | M] () -- C:\Users\Rebecca\AppData\Local\d3d9caps.dat
[2009/08/03 11:21:21 | 00,194,560 | ---- | M] () -- C:\Users\Rebecca\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2009/08/03 03:56:08 | 00,000,284 | ---- | M] () -- C:\Users\Rebecca\Desktop\Enable_Task_Manager.reg
[2009/08/03 01:41:51 | 00,261,176 | ---- | M] () -- C:\Users\Rebecca\AppData\Local\GDIPFONTCACHEV1.DAT
[2009/08/03 01:40:29 | 00,754,128 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT
[2009/07/31 15:35:50 | 00,806,550 | ---- | M] () -- C:\Users\Rebecca\Documents\Bookmarks 2009-07-31.json
[2009/07/31 15:34:17 | 00,002,488 | ---- | M] () -- C:\Users\Rebecca\Documents\Results - FEBE 2009 07-31 15.34.17.html
[2009/07/31 15:34:13 | 59,382,540 | ---- | M] () -- C:\Users\Rebecca\Documents\profileFx3{default}.fbu
[2009/07/29 14:26:59 | 00,000,472 | ---- | M] () -- C:\Windows\tasks\Ad-Aware Update (Weekly).job
[2009/07/28 16:42:11 | 00,000,952 | ---- | M] () -- C:\Users\Public\Desktop\Yahoo! Messenger.lnk
[2009/07/28 10:44:26 | 02,203,716 | ---- | M] () -- C:\Users\Rebecca\Desktop\Simple_Sky_by_SloAu.zip
[2009/07/23 00:10:00 | 00,000,812 | ---- | M] () -- C:\Users\Public\Desktop\DestroyTwitter.lnk
[2009/07/21 16:52:28 | 00,915,456 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\wininet.dll
[2009/07/21 16:52:13 | 01,208,832 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\urlmon.dll
[2009/07/21 16:50:46 | 00,206,848 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\occache.dll
[2009/07/21 16:48:31 | 05,937,152 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\mshtml.dll
[2009/07/21 16:48:27 | 00,594,432 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\msfeeds.dll
[2009/07/21 16:48:27 | 00,055,296 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\msfeedsbs.dll
[2009/07/21 16:47:47 | 00,025,600 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\jsproxy.dll
[2009/07/21 16:47:41 | 01,469,440 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\inetcpl.cpl
[2009/07/21 16:47:28 | 00,164,352 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ieui.dll
[2009/07/21 16:47:28 | 00,109,056 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\iesysprep.dll
[2009/07/21 16:47:27 | 01,985,536 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\iertutil.dll
[2009/07/21 16:47:27 | 00,071,680 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\iesetup.dll
[2009/07/21 16:47:26 | 11,067,392 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ieframe.dll
[2009/07/21 16:47:26 | 00,184,320 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\iepeers.dll
[2009/07/21 16:47:26 | 00,055,808 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\iernonce.dll
[2009/07/21 16:47:21 | 00,386,048 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\iedkcs32.dll
[2009/07/21 15:13:58 | 00,133,632 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ieUnatt.exe
[2009/07/21 15:13:51 | 00,173,056 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ie4uinit.exe
[2009/07/21 15:13:15 | 00,013,312 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\msfeedssync.exe
[2009/07/21 15:12:49 | 01,638,912 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\mshtml.tlb
[2009/07/21 13:31:43 | 00,057,667 | ---- | M] () -- C:\Windows\System32\ieuinit.inf
[2009/07/20 10:42:56 | 00,001,976 | ---- | M] () -- C:\Users\Public\Desktop\Google Earth.lnk
[2009/07/17 17:36:17 | 00,002,488 | ---- | M] () -- C:\Users\Rebecca\Documents\Results - FEBE 2009 07-17 17.36.17.html
[2009/07/14 18:58:38 | 00,773,325 | ---- | M] () -- C:\Users\Rebecca\Documents\Bookmarks 2009-07-14.json
[2009/07/13 13:36:34 | 00,038,160 | ---- | M] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbamswissarmy.sys
[2009/07/13 13:36:12 | 00,019,096 | ---- | M] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbam.sys
[2009/07/11 08:03:02 | 00,001,854 | ---- | M] () -- C:\Users\Public\Desktop\Safari.lnk
[2009/07/07 10:10:56 | 24,539,592 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\mrt.exe

========== LOP Check ==========

[2009/07/23 00:25:08 | 00,000,000 | ---D | M] -- C:\Users\Rebecca\AppData\Roaming
[2008/12/09 18:18:16 | 00,000,000 | ---D | M] -- C:\Users\Rebecca\AppData\Roaming\acccore
[2009/02/20 14:51:48 | 00,000,000 | ---D | M] -- C:\Users\Rebecca\AppData\Roaming\agi
[2009/02/10 23:49:08 | 00,000,000 | ---D | M] -- C:\Users\Rebecca\AppData\Roaming\aignes
[2008/12/09 23:56:03 | 00,000,000 | ---D | M] -- C:\Users\Rebecca\AppData\Roaming\Amazon
[2009/07/23 00:25:08 | 00,000,000 | ---D | M] -- C:\Users\Rebecca\AppData\Roaming\app.destroytwitter.23CA2F9B070E2FB8C4472F982F88B1A471F11AE2.1
[2008/12/13 12:16:45 | 00,000,000 | ---D | M] -- C:\Users\Rebecca\AppData\Roaming\Auslogics
[2009/04/07 21:02:02 | 00,000,000 | ---D | M] -- C:\Users\Rebecca\AppData\Roaming\com.seesmic.desktop.client.D89F32799270693BEF34AAA36E9B2632B59240FA.1
[2009/02/24 15:32:01 | 00,000,000 | ---D | M] -- C:\Users\Rebecca\AppData\Roaming\de.makesoft.twhirl.0EA062BC275E7ED1E6EC3762EFFD73C7158ADF33.1
[2009/06/30 01:21:02 | 00,000,000 | ---D | M] -- C:\Users\Rebecca\AppData\Roaming\dvdcss
[2009/06/21 19:38:38 | 00,000,000 | ---D | M] -- C:\Users\Rebecca\AppData\Roaming\GRLevel3
[2009/04/15 20:17:59 | 00,000,000 | ---D | M] -- C:\Users\Rebecca\AppData\Roaming\gtk-2.0
[2009/06/21 21:44:18 | 00,000,000 | ---D | M] -- C:\Users\Rebecca\AppData\Roaming\iExpert Software
[2009/01/07 02:22:05 | 00,000,000 | ---D | M] -- C:\Users\Rebecca\AppData\Roaming\IsolatedStorage
[2008/12/23 23:18:11 | 00,000,000 | ---D | M] -- C:\Users\Rebecca\AppData\Roaming\Jasc
[2009/01/21 20:48:07 | 00,000,000 | ---D | M] -- C:\Users\Rebecca\AppData\Roaming\Livestation
[2006/11/02 07:37:34 | 00,000,000 | ---D | M] -- C:\Users\Rebecca\AppData\Roaming\Media Center Programs
[2009/07/07 19:36:06 | 00,000,000 | ---D | M] -- C:\Users\Rebecca\AppData\Roaming\SystemRequirementsLab
[2008/12/10 00:52:53 | 00,000,000 | ---D | M] -- C:\Users\Rebecca\AppData\Roaming\Thunderbird
[2008/12/09 17:57:52 | 00,000,000 | ---D | M] -- C:\Users\Rebecca\AppData\Roaming\TMP
[2009/04/08 23:55:00 | 00,000,000 | ---D | M] -- C:\Users\Rebecca\AppData\Roaming\Trillian
[2009/03/11 17:43:42 | 00,000,000 | ---D | M] -- C:\Users\Rebecca\AppData\Roaming\TweetDeckFast.F9107117265DB7542C1A806C8DB837742CE14C21.1
[2009/03/03 15:48:10 | 00,000,000 | ---D | M] -- C:\Users\Rebecca\AppData\Roaming\U3
[2009/07/19 19:42:01 | 00,000,000 | ---D | M] -- C:\Users\Rebecca\AppData\Roaming\uTorrent
[2009/03/18 21:05:01 | 00,000,000 | ---D | M] -- C:\Users\Rebecca\AppData\Roaming\Vso
[2009/02/20 14:51:48 | 00,000,000 | ---D | M] -- C:\Users\Rebecca\AppData\Roaming\Webshots
[2009/07/29 14:26:59 | 00,000,472 | ---- | M] () -- C:\Windows\Tasks\Ad-Aware Update (Weekly).job
[2009/08/03 13:29:46 | 00,000,868 | ---- | M] () -- C:\Windows\Tasks\Google Software Updater.job
[2009/08/03 13:27:49 | 00,000,882 | ---- | M] () -- C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
[2009/08/03 14:00:05 | 00,000,886 | ---- | M] () -- C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
[2009/08/03 13:27:16 | 00,000,006 | -H-- | M] () -- C:\Windows\Tasks\SA.DAT
[2009/07/31 10:27:51 | 00,032,656 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT

========== Purity Check ==========

========== Custom Scans ==========

< %systemroot%\System32\antiwpa.dll >

< %systemroot%\SYSTEM32\wpa.dll >

< %systemroot%\setup\scripts\biestart.exe >

< %systemroot%\system32\drivers\royal.sys >

< %systemroot%\system32\oobe\AntiWPA_Crypt.dll >

< %TEMP%\antiwpa_crypt.dll >

< %TEMP%\antiwpa.dll /s >

< %PROGRAMFILES%\antiwpa.dll /s >

< %systemroot%\system32\crypt.dll >

< %TEMP%\crypt.dll >

< %SYSTEMDRIVE%\*. >
[2009/08/03 13:57:41 | 00,000,000 | ---D | M] -- C:
[2008/12/27 18:59:30 | 00,000,000 | -HSD | M] -- C:\$Recycle.Bin
[2008/12/09 19:22:12 | 00,000,000 | -HSD | M] -- C:\Boot
[2008/12/08 18:45:19 | 00,000,000 | ---D | M] -- C:\dell
[2006/11/02 08:02:03 | 00,000,000 | -HSD | M] -- C:\Documents and Settings
[2008/12/08 19:20:58 | 00,000,000 | ---D | M] -- C:\Intel
[2008/12/09 23:10:30 | 00,000,000 | RH-D | M] -- C:\MSOCache
[2009/07/07 19:30:23 | 00,000,000 | ---D | M] -- C:\PerfLogs
[2009/08/03 13:31:06 | 00,000,000 | R--D | M] -- C:\Program Files
[2009/06/11 16:44:09 | 00,000,000 | -H-D | M] -- C:\ProgramData
[2009/08/03 13:48:01 | 00,000,000 | ---D | M] -- C:\Rooter$
[2009/08/03 13:33:21 | 00,000,000 | -HSD | M] -- C:\System Volume Information
[2008/12/09 17:38:02 | 00,000,000 | R--D | M] -- C:\Users
[2009/08/03 13:31:33 | 00,000,000 | ---D | M] -- C:\Windows

< %SYSTEMDRIVE%\*.* >
[2009/08/03 13:26:58 | 00,021,724 | ---- | M] () -- C:\aaw7boot.log
[2008/12/09 22:51:53 | 00,000,176 | ---- | M] () -- C:\aswBoot.log
[2006/09/18 16:43:36 | 00,000,024 | ---- | M] () -- C:\autoexec.bat
[2008/01/20 21:24:42 | 00,333,203 | RHS- | M] () -- C:\bootmgr
[2008/12/09 19:22:13 | 00,008,192 | R-S- | M] () -- C:\BOOTSECT.BAK
[2006/09/18 16:43:37 | 00,000,010 | ---- | M] () -- C:\config.sys
[2009/08/03 13:27:00 | 32,107,84768 | -HS- | M] () -- C:\hiberfil.sys
[2008/12/09 18:17:58 | 00,000,367 | -H-- | M] () -- C:\IPH.PH
[2009/03/08 16:12:08 | 00,022,729 | ---- | M] () -- C:\newfile.enc
[2009/03/08 16:12:08 | 00,022,729 | ---- | M] () -- C:\newkey
[2009/08/03 13:26:58 | 35,245,87520 | -HS- | M] () -- C:\pagefile.sys
[2008/12/12 23:01:04 | 00,004,244 | ---- | M] () -- C:\rapport.txt
[2009/08/03 13:51:46 | 00,001,530 | ---- | M] () -- C:\RootRepeal report 08-03-09 (13-51-46).txt
[2008/12/09 14:57:08 | 00,000,000 | ---- | M] () -- C:\Updates.txt

< %PROGRAMFILES%\*. >
[2009/08/03 13:31:06 | 00,000,000 | R--D | M] -- C:\Program Files
[2008/12/10 01:04:55 | 00,000,000 | ---D | M] -- C:\Program Files\7-Zip
[2009/03/16 21:39:20 | 00,000,000 | ---D | M] -- C:\Program Files\Adobe
[2009/02/20 14:49:41 | 00,000,000 | ---D | M] -- C:\Program Files\AGI
[2008/12/09 18:17:56 | 00,000,000 | ---D | M] -- C:\Program Files\AIM6
[2008/12/09 18:24:25 | 00,000,000 | ---D | M] -- C:\Program Files\Alwil Software
[2008/12/09 18:15:06 | 00,000,000 | ---D | M] -- C:\Program Files\Amazon
[2009/02/10 23:48:55 | 00,000,000 | ---D | M] -- C:\Program Files\AM-DeadLink
[2008/12/18 19:23:53 | 00,000,000 | ---D | M] -- C:\Program Files\AMP Font Viewer
[2008/12/09 18:22:00 | 00,000,000 | ---D | M] -- C:\Program Files\Apple Software Update
[2008/12/21 12:36:35 | 00,000,000 | ---D | M] -- C:\Program Files\Audacity
[2008/12/09 23:54:38 | 00,000,000 | ---D | M] -- C:\Program Files\Auslogics
[2009/07/07 20:57:55 | 00,000,000 | ---D | M] -- C:\Program Files\BillyMaysCapsLock
[2008/12/20 08:59:30 | 00,000,000 | ---D | M] -- C:\Program Files\Bonjour
[2009/05/31 01:24:47 | 00,000,000 | ---D | M] -- C:\Program Files\Cheat Engine
[2008/12/09 18:09:20 | 00,000,000 | ---D | M] -- C:\Program Files\Cisco
[2009/04/08 13:31:37 | 00,000,000 | ---D | M] -- C:\Program Files\Citrix
[2009/04/29 20:58:41 | 00,000,000 | ---D | M] -- C:\Program Files\Common Files
[2008/12/09 18:01:23 | 00,000,000 | ---D | M] -- C:\Program Files\CONEXANT
[2008/12/09 23:46:09 | 00,000,000 | ---D | M] -- C:\Program Files\Creative
[2008/12/09 23:44:11 | 00,000,000 | ---D | M] -- C:\Program Files\Creative Live! Cam
[2008/12/18 03:32:31 | 00,000,000 | ---D | M] -- C:\Program Files\Dell
[2008/12/09 17:55:56 | 00,000,000 | ---D | M] -- C:\Program Files\DellTPad
[2009/07/23 00:10:00 | 00,000,000 | ---D | M] -- C:\Program Files\DestroyTwitter
[2009/08/03 13:31:14 | 00,000,000 | ---D | M] -- C:\Program Files\ERUNT
[2008/12/12 21:56:13 | 00,000,000 | ---D | M] -- C:\Program Files\Exterminate It!
[2008/12/09 18:15:58 | 00,000,000 | ---D | M] -- C:\Program Files\GIMP-2.0
[2009/07/20 10:42:14 | 00,000,000 | ---D | M] -- C:\Program Files\Google
[2009/05/30 23:29:43 | 00,000,000 | ---D | M] -- C:\Program Files\Governor of Poker
[2009/06/21 19:37:02 | 00,000,000 | ---D | M] -- C:\Program Files\GRLevelX
[2009/03/31 18:26:38 | 00,000,000 | -H-D | M] -- C:\Program Files\InstallShield Installation Information
[2008/12/09 17:59:01 | 00,000,000 | ---D | M] -- C:\Program Files\Intel
[2009/07/31 10:27:01 | 00,000,000 | ---D | M] -- C:\Program Files\Internet Explorer
[2009/06/11 02:39:04 | 00,000,000 | ---D | M] -- C:\Program Files\iPod
[2009/06/05 23:02:18 | 00,000,000 | ---D | M] -- C:\Program Files\iPod(7)
[2008/12/09 23:49:48 | 00,000,000 | ---D | M] -- C:\Program Files\IrfanView
[2009/06/11 16:44:09 | 00,000,000 | ---D | M] -- C:\Program Files\iTunes
[2008/12/23 23:17:16 | 00,000,000 | ---D | M] -- C:\Program Files\Jasc Software Inc
[2009/03/28 15:32:16 | 00,000,000 | ---D | M] -- C:\Program Files\Java
[2009/06/11 03:35:02 | 00,000,000 | ---D | M] -- C:\Program Files\Last.fm
[2009/02/18 15:25:47 | 00,000,000 | ---D | M] -- C:\Program Files\Lavasoft
[2009/01/21 20:47:15 | 00,000,000 | ---D | M] -- C:\Program Files\Livestation
[2009/01/07 02:21:55 | 00,000,000 | ---D | M] -- C:\Program Files\ljArchive
[2009/08/03 03:54:10 | 00,000,000 | ---D | M] -- C:\Program Files\Malwarebytes' Anti-Malware
[2008/12/19 22:22:16 | 00,000,000 | ---D | M] -- C:\Program Files\Microangelo Toolset 6
[2009/04/23 18:58:44 | 00,000,000 | ---D | M] -- C:\Program Files\Microsoft
[2006/11/02 07:37:34 | 00,000,000 | ---D | M] -- C:\Program Files\Microsoft Games
[2008/12/09 23:23:49 | 00,000,000 | ---D | M] -- C:\Program Files\Microsoft Office
[2009/08/02 20:39:52 | 00,000,000 | ---D | M] -- C:\Program Files\Microsoft Silverlight
[2008/12/09 23:23:37 | 00,000,000 | ---D | M] -- C:\Program Files\Microsoft Visual Studio
[2008/12/09 23:17:40 | 00,000,000 | ---D | M] -- C:\Program Files\Microsoft Visual Studio 8
[2009/05/04 13:17:53 | 00,000,000 | ---D | M] -- C:\Program Files\Microsoft Works
[2008/12/09 23:21:40 | 00,000,000 | ---D | M] -- C:\Program Files\Microsoft.NET
[2008/12/09 18:02:17 | 00,000,000 | ---D | M] -- C:\Program Files\Modem Diagnostic Tool
[2008/01/20 21:35:17 | 00,000,000 | ---D | M] -- C:\Program Files\Movie Maker
[2008/12/09 18:26:02 | 00,000,000 | ---D | M] -- C:\Program Files\MozBackup
[2009/07/14 07:55:23 | 00,000,000 | ---D | M] -- C:\Program Files\Mozilla Firefox
[2009/06/24 15:14:34 | 00,000,000 | ---D | M] -- C:\Program Files\Mozilla Thunderbird
[2008/12/09 23:24:19 | 00,000,000 | ---D | M] -- C:\Program Files\MSBuild
[2008/12/10 15:10:13 | 00,000,000 | ---D | M] -- C:\Program Files\NOS
[2009/01/21 20:47:23 | 00,000,000 | ---D | M] -- C:\Program Files\OpenAL
[2009/02/21 10:26:59 | 00,000,000 | ---D | M] -- C:\Program Files\PopCap Games
[2009/06/02 17:17:47 | 00,000,000 | ---D | M] -- C:\Program Files\QuickTime
[2009/01/26 23:09:10 | 00,000,000 | ---D | M] -- C:\Program Files\QuickTime(127)
[2008/12/09 23:47:18 | 00,000,000 | ---D | M] -- C:\Program Files\Real
[2006/11/02 07:37:34 | 00,000,000 | ---D | M] -- C:\Program Files\Reference Assemblies
[2009/07/11 08:03:01 | 00,000,000 | ---D | M] -- C:\Program Files\Safari
[2008/12/09 23:37:20 | 00,000,000 | ---D | M] -- C:\Program Files\Semagic
[2008/12/09 17:50:18 | 00,000,000 | ---D | M] -- C:\Program Files\SigmaTel
[2009/01/20 20:36:00 | 00,000,000 | ---D | M] -- C:\Program Files\Simplify Media
[2009/03/31 18:37:48 | 00,000,000 | ---D | M] -- C:\Program Files\Sony
[2009/08/02 20:39:53 | 00,000,000 | ---D | M] -- C:\Program Files\Spybot - Search & Destroy
[2008/12/13 08:43:19 | 00,000,000 | ---D | M] -- C:\Program Files\SpywareBlaster
[2009/04/29 20:58:29 | 00,000,000 | ---D | M] -- C:\Program Files\SUPERAntiSpyware
[2009/07/07 19:35:59 | 00,000,000 | ---D | M] -- C:\Program Files\SystemRequirementsLab
[2008/12/12 22:39:01 | 00,000,000 | ---D | M] -- C:\Program Files\Trend Micro
[2009/06/01 15:37:12 | 00,000,000 | ---D | M] -- C:\Program Files\Trillian
[2009/04/03 18:42:04 | 00,000,000 | ---D | M] -- C:\Program Files\twhirl
[2006/11/02 08:01:55 | 00,000,000 | -H-D | M] -- C:\Program Files\Uninstall Information
[2009/01/27 14:50:20 | 00,000,000 | ---D | M] -- C:\Program Files\Unlocker
[2009/07/17 23:40:21 | 00,000,000 | ---D | M] -- C:\Program Files\uTorrent
[2008/12/09 18:20:06 | 00,000,000 | ---D | M] -- C:\Program Files\VideoLAN
[2008/12/10 17:24:32 | 00,000,000 | ---D | M] -- C:\Program Files\VSO
[2009/02/20 14:53:02 | 00,000,000 | ---D | M] -- C:\Program Files\Webshots
[2008/12/09 18:21:58 | 00,000,000 | ---D | M] -- C:\Program Files\Winamp
[2008/01/20 21:35:18 | 00,000,000 | ---D | M] -- C:\Program Files\Windows Calendar
[2008/01/20 21:35:15 | 00,000,000 | ---D | M] -- C:\Program Files\Windows Collaboration
[2008/01/20 21:35:09 | 00,000,000 | ---D | M] -- C:\Program Files\Windows Defender
[2008/01/20 21:35:14 | 00,000,000 | ---D | M] -- C:\Program Files\Windows Journal
[2009/04/23 18:57:55 | 00,000,000 | ---D | M] -- C:\Program Files\Windows Live
[2009/05/30 19:02:41 | 00,000,000 | ---D | M] -- C:\Program Files\Windows Live Safety Center
[2009/04/23 18:58:25 | 00,000,000 | ---D | M] -- C:\Program Files\Windows Live SkyDrive
[2009/07/15 17:08:41 | 00,000,000 | ---D | M] -- C:\Program Files\Windows Mail
[2009/03/09 13:26:20 | 00,000,000 | ---D | M] -- C:\Program Files\Windows Media Player
[2006/11/02 07:37:34 | 00,000,000 | ---D | M] -- C:\Program Files\Windows NT
[2008/01/20 21:35:14 | 00,000,000 | ---D | M] -- C:\Program Files\Windows Photo Gallery
[2008/01/20 21:35:17 | 00,000,000 | ---D | M] -- C:\Program Files\Windows Sidebar
[2008/12/10 01:04:35 | 00,000,000 | ---D | M] -- C:\Program Files\WinRAR
[2008/12/09 23:25:56 | 00,000,000 | ---D | M] -- C:\Program Files\Yahoo!

< %systemroot%\*.exe >
[2008/01/20 21:24:38 | 00,058,880 | ---- | M] (Microsoft Corporation) -- C:\Windows\bfsvc.exe
[2007/07/18 20:51:26 | 00,090,112 | ---- | M] (Creative Technology Ltd.) -- C:\Windows\CtDrvIns.exe
[2008/10/29 01:29:41 | 02,927,104 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe
[2008/01/20 21:24:28 | 00,013,312 | ---- | M] (Microsoft Corporation) -- C:\Windows\fveupdate.exe
[2008/01/20 21:24:02 | 00,498,176 | ---- | M] (Microsoft Corporation) -- C:\Windows\HelpPane.exe
[2006/11/02 04:45:13 | 00,014,848 | ---- | M] (Microsoft Corporation) -- C:\Windows\hh.exe
[2008/01/20 21:23:41 | 00,151,040 | ---- | M] (Microsoft Corporation) -- C:\Windows\notepad.exe
[2007/10/11 02:02:00 | 00,028,672 | ---- | M] (Creative Technology Ltd.) -- C:\Windows\OEM02Cfg.exe
[2007/05/10 02:01:00 | 00,036,864 | ---- | M] (Creative Technology Ltd.) -- C:\Windows\OEM02Mon.exe
[2008/01/20 21:24:53 | 00,134,656 | ---- | M] (Microsoft Corporation) -- C:\Windows\regedit.exe
[2006/11/02 07:34:41 | 00,049,680 | ---- | M] (Twain Working Group) -- C:\Windows\twunk_16.exe
[2006/11/02 07:34:41 | 00,031,232 | ---- | M] (Twain Working Group) -- C:\Windows\twunk_32.exe
[2006/09/18 16:43:37 | 00,256,192 | ---- | M] (Microsoft Corporation) -- C:\Windows\winhelp.exe
[2006/11/02 04:45:57 | 00,009,216 | ---- | M] (Microsoft Corporation) -- C:\Windows\winhlp32.exe

< %systemroot%\system32\drivers\*.exe >
[2006/08/04 17:39:20 | 00,386,560 | ---- | M] (Conexant Systems, Inc.) -- C:\Windows\system32\drivers\XAudio.exe

< %systemroot%\system32\drivers\*.dat >

< %systemroot%\system\*.exe >

< %PROGRAMFILES%\*.* >
[2008/01/20 21:43:21 | 00,000,174 | -HS- | M] () -- C:\Program Files\desktop.ini

< %APPDATA%\*.* >
[2008/12/10 17:24:44 | 00,087,608 | ---- | M] () -- C:\Users\Rebecca\AppData\Roaming\inst.exe
[2008/12/10 17:24:44 | 00,007,887 | ---- | M] () -- C:\Users\Rebecca\AppData\Roaming\pcouffin.cat
[2008/12/10 17:24:44 | 00,001,144 | ---- | M] () -- C:\Users\Rebecca\AppData\Roaming\pcouffin.inf
[2008/12/10 17:26:29 | 00,000,034 | ---- | M] () -- C:\Users\Rebecca\AppData\Roaming\pcouffin.log
[2008/12/10 17:24:44 | 00,047,360 | ---- | M] (VSO Software) -- C:\Users\Rebecca\AppData\Roaming\pcouffin.sys
[2009/03/18 21:05:00 | 00,213,195 | ---- | M] () -- C:\Users\Rebecca\AppData\Roaming\vso_ts_preview.xml

< set /c >
ALLUSERSPROFILE=C:\ProgramData
APPDATA=C:\Users\Rebecca\AppData\Roaming
CLASSPATH=.;C:\Program Files\Java\jre6\lib\ext\QTJava.zip
CommonProgramFiles=C:\Program Files\Common Files
COMPUTERNAME=REBECCA-PC
ComSpec=C:\Windows\system32\cmd.exe
DFSTRACINGON=FALSE
FP_NO_HOST_CHECK=NO
HOMEDRIVE=C:
HOMEPATH=\Users\Rebecca
LOCALAPPDATA=C:\Users\Rebecca\AppData\Local
LOGONSERVER=\\REBECCA-PC
NUMBER_OF_PROCESSORS=2
OS=Windows_NT
Path=C:\Program Files\Common Files\Microsoft Shared\Windows Live;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Program Files\QuickTime\QTSystem\;C:\Program Files\Common Files\Microsoft Shared\Windows Live
PATHEXT=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH;.MSC
PROCESSOR_ARCHITECTURE=x86
PROCESSOR_IDENTIFIER=x86 Family 6 Model 15 Stepping 13, GenuineIntel
PROCESSOR_LEVEL=6
PROCESSOR_REVISION=0f0d
ProgramData=C:\ProgramData
ProgramFiles=C:\Program Files
PROMPT=$P$G
PUBLIC=C:\Users\Public
QTJAVA=C:\Program Files\Java\jre6\lib\ext\QTJava.zip
SystemDrive=C:
SystemRoot=C:\Windows
TEMP=C:\Users\Rebecca\AppData\Local\Temp
TMP=C:\Users\Rebecca\AppData\Local\Temp
TRACE_FORMAT_SEARCH_PATH=\\NTREL202.ntdev.corp.microsoft.com\4F18C3A5-CA09-4DBD-B6FC-219FDD4C6BE0\TraceFormat
USERDOMAIN=Rebecca-PC
USERNAME=Rebecca
USERPROFILE=C:\Users\Rebecca
windir=C:\Windows
< End of report >

Any help you can give me would be SUPER!! Thanks in advance.

Possible infection/something bad? [Closed] - Geeks to Go Forums

Possible infection/something bad? [Closed] running slow, freezes up forcing hard restart

#1 rawbery79

#2 emeraldnzl

#3 emeraldnzl

Share this topic:

Related Topics: