[captainkill]

Hi my computer is acting weird lately. I have the McAfee Total Protection for my computer but it never turns on now. Each time I turn it on, it immediately goes back to off. Also, Firefox isn't working for me, so I tried uninstalling it from the control panel but the uninstaller never comes up. I scanned my computer with a software called SUPERAntiSpyware and it found the trojan agent gen nullo and removed it. Can you help me fix my computer please? I tried running the GMER rootkit test but whenever I started it, the window would close and nothing would happen. Here are my logs for the other tests:

Malwarebytes' Anti-Malware 1.46
www.malwarebytes.org

Database version: 4251

Windows 5.1.2600 Service Pack 3
Internet Explorer 8.0.6001.18702

6/28/2010 3:20:25 PM
mbam-log-2010-06-28 (15-20-25).txt

Scan type: Quick scan
Objects scanned: 123072
Time elapsed: 10 minute(s), 49 second(s)

Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 0
Registry Values Infected: 0
Registry Data Items Infected: 0
Folders Infected: 0
Files Infected: 0

Memory Processes Infected:
(No malicious items detected)

Memory Modules Infected:
(No malicious items detected)

Registry Keys Infected:
(No malicious items detected)

Registry Values Infected:
(No malicious items detected)

Registry Data Items Infected:
(No malicious items detected)

Folders Infected:
(No malicious items detected)

Files Infected:
(No malicious items detected)

OTL logfile created on: 6/28/2010 3:22:20 PM - Run 1
OTL by OldTimer - Version 3.2.7.0 Folder = C:\Documents and Settings\Steven\My Documents
Windows XP Home Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

2.00 Gb Total Physical Memory | 1.00 Gb Available Physical Memory | 67.00% Memory free
4.00 Gb Paging File | 3.00 Gb Available in Paging File | 86.00% Paging File free
Paging file location(s): C:\pagefile.sys 2046 4092 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 108.70 Gb Total Space | 19.88 Gb Free Space | 18.29% Space Free | Partition Type: NTFS
D: Drive not present or media not loaded
E: Drive not present or media not loaded
Drive F: | 1.82 Gb Total Space | 1.22 Gb Free Space | 67.04% Space Free | Partition Type: FAT
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded

Computer Name: STEVEN-421F9774
Current User Name: Steven
Logged in as Administrator.

Current Boot Mode: Normal
Scan Mode: Current user
Company Name Whitelist: On
Skip Microsoft Files: On
File Age = 90 Days
Output = Standard
Quick Scan

========== Processes (SafeList) ==========

PRC - [2010/06/28 15:01:13 | 000,574,464 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Steven\My Documents\OTL.exe
PRC - [2010/06/07 12:13:53 | 002,403,568 | ---- | M] (SUPERAntiSpyware.com) -- C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
PRC - [2010/04/29 15:39:32 | 001,090,952 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe
PRC - [2010/04/27 17:16:24 | 000,188,136 | ---- | M] (McAfee, Inc.) -- C:\Program Files\Common Files\Mcafee\SystemCore\mfefire.exe
PRC - [2010/04/27 17:16:24 | 000,141,792 | ---- | M] (McAfee, Inc.) -- C:\Program Files\Common Files\Mcafee\SystemCore\mfevtps.exe
PRC - [2010/04/01 23:05:04 | 001,180,976 | ---- | M] (McAfee, Inc.) -- C:\Program Files\McAfee.com\Agent\mcagent.exe
PRC - [2010/02/05 21:14:42 | 000,229,688 | ---- | M] (McAfee, Inc.) -- C:\Program Files\McAfee Online Backup\MOBKbackup.exe
PRC - [2010/01/05 18:04:02 | 000,170,144 | ---- | M] (McAfee, Inc.) -- C:\Program Files\Common Files\Mcafee\SystemCore\mcshield.exe
PRC - [2009/12/14 21:08:40 | 000,271,480 | ---- | M] (McAfee, Inc.) -- C:\Program Files\Common Files\Mcafee\McSvcHost\McSvHost.exe
PRC - [2008/04/13 19:12:19 | 001,033,728 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
PRC - [2007/02/20 12:29:08 | 001,191,936 | ---- | M] (Dell Inc) -- C:\Program Files\Dell\QuickSet\quickset.exe
PRC - [2006/07/27 14:19:00 | 000,282,624 | ---- | M] (SigmaTel, Inc.) -- C:\WINDOWS\stsystra.exe


========== Modules (SafeList) ==========

MOD - [2010/06/28 15:01:13 | 000,574,464 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Steven\My Documents\OTL.exe
MOD - [2008/04/13 19:10:20 | 000,110,592 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\msscript.ocx
MOD - [2008/04/13 12:39:24 | 002,897,920 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\xpsp2res.dll


========== Win32 Services (SafeList) ==========

SRV - File not found [On_Demand | Stopped] -- -- (clr_optimization_v2.0.50727_32)
SRV - File not found [Auto | Stopped] -- -- (0072071274897832mcinstcleanup) McAfee Application Installer Cleanup (0072071274897832)
SRV - [2010/04/27 17:16:24 | 000,188,136 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Program Files\Common Files\McAfee\SystemCore\mfefire.exe -- (mfefire)
SRV - [2010/04/27 17:16:24 | 000,141,792 | ---- | M] (McAfee, Inc.) [Unknown | Running] -- C:\Program Files\Common Files\Mcafee\SystemCore\mfevtps.exe -- (mfevtp)
SRV - [2010/03/18 16:47:22 | 000,035,160 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\aspnet_state.exe -- (aspnet_state)
SRV - [2010/03/18 13:16:28 | 000,753,504 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe -- (WPFFontCache_v0400)
SRV - [2010/03/18 13:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2010/03/10 11:16:56 | 000,364,216 | ---- | M] (McAfee, Inc.) [On_Demand | Stopped] -- C:\Program Files\McAfee\VirusScan\mcods.exe -- (McODS)
SRV - [2010/02/19 13:37:14 | 000,517,096 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Program Files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe -- (SwitchBoard)
SRV - [2010/02/05 21:14:42 | 000,229,688 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Program Files\McAfee Online Backup\MOBKbackup.exe -- (MOBKbackup)
SRV - [2010/01/05 18:04:02 | 000,170,144 | ---- | M] () [Unknown | Running] -- C:\Program Files\Common Files\McAfee\SystemCore\\mcshield.exe -- (McShield)
SRV - [2009/12/14 21:08:40 | 000,271,480 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Program Files\Common Files\Mcafee\McSvcHost\McSvHost.exe -- (MSK80Service)
SRV - [2009/12/14 21:08:40 | 000,271,480 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Program Files\Common Files\Mcafee\McSvcHost\McSvHost.exe -- (McProxy)
SRV - [2009/12/14 21:08:40 | 000,271,480 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Program Files\Common Files\Mcafee\McSvcHost\McSvHost.exe -- (McNASvc)
SRV - [2009/12/14 21:08:40 | 000,271,480 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Program Files\Common Files\Mcafee\McSvcHost\McSvHost.exe -- (McNaiAnn)
SRV - [2009/12/14 21:08:40 | 000,271,480 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Program Files\Common Files\Mcafee\McSvcHost\McSvHost.exe -- (mcmscsvc)
SRV - [2009/12/14 21:08:40 | 000,271,480 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Program Files\Common Files\Mcafee\McSvcHost\McSvHost.exe -- (McMPFSvc)
SRV - [2009/12/14 21:08:40 | 000,271,480 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Program Files\Common Files\Mcafee\McSvcHost\McSvHost.exe -- (McAfee SiteAdvisor Service)


========== Driver Services (SafeList) ==========

DRV - [2010/05/10 13:41:30 | 000,067,656 | ---- | M] (SUPERAdBlocker.com and SUPERAntiSpyware.com) [Kernel | System | Running] -- C:\Program Files\SUPERAntiSpyware\SASKUTIL.SYS -- (SASKUTIL)
DRV - [2010/04/29 15:39:38 | 000,038,224 | ---- | M] (Malwarebytes Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\mbamswissarmy.sys -- (MBAMSwissArmy)
DRV - [2010/04/27 17:16:24 | 000,385,880 | ---- | M] (McAfee, Inc.) [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\mfehidk.sys -- (mfehidk)
DRV - [2010/04/27 17:16:24 | 000,312,616 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\mfefirek.sys -- (mfefirek)
DRV - [2010/04/27 17:16:24 | 000,152,320 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\mfeavfk.sys -- (mfeavfk)
DRV - [2010/04/27 17:16:24 | 000,095,568 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\mfeapfk.sys -- (mfeapfk)
DRV - [2010/04/27 17:16:24 | 000,088,480 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\mfendisk.sys -- (mfendiskmp)
DRV - [2010/04/27 17:16:24 | 000,088,480 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\mfendisk.sys -- (mfendisk)
DRV - [2010/04/27 17:16:24 | 000,083,496 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\mferkdet.sys -- (mferkdet)
DRV - [2010/04/27 17:16:24 | 000,082,952 | ---- | M] (McAfee, Inc.) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\mfetdi2k.sys -- (mfetdi2k)
DRV - [2010/04/27 17:16:24 | 000,055,456 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\cfwids.sys -- (cfwids)
DRV - [2010/04/27 17:16:24 | 000,051,688 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\mfebopk.sys -- (mfebopk)
DRV - [2010/04/15 16:56:31 | 000,691,696 | ---- | M] () [Kernel | Boot | Running] -- C:\WINDOWS\System32\Drivers\sptd.sys -- (sptd)
DRV - [2010/02/17 13:25:48 | 000,012,872 | ---- | M] (SUPERAdBlocker.com and SUPERAntiSpyware.com) [Kernel | System | Running] -- C:\Program Files\SUPERAntiSpyware\sasdifsv.sys -- (SASDIFSV)
DRV - [2010/02/05 21:13:48 | 000,054,776 | ---- | M] (Mozy, Inc.) [File_System | System | Running] -- C:\WINDOWS\system32\drivers\MOBK.sys -- (MOBKFilter)
DRV - [2009/09/28 02:02:44 | 000,014,424 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Program Files\PeerBlock\pbfilter.sys -- (pbfilter)
DRV - [2009/05/09 01:14:20 | 000,014,736 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\nuidfltr.sys -- (NuidFltr)
DRV - [2008/12/01 17:13:40 | 003,452,928 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ati2mtag.sys -- (ati2mtag)
DRV - [2008/04/13 11:36:05 | 000,144,384 | ---- | M] (Windows ® Server 2003 DDK provider) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\hdaudbus.sys -- (HDAudBus)
DRV - [2007/03/16 18:10:56 | 000,604,928 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\BCMWL5.SYS -- (BCM43XX)
DRV - [2006/11/21 04:25:44 | 000,045,568 | R--- | M] (Broadcom Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\bcm4sbxp.sys -- (bcm4sbxp)
DRV - [2006/11/15 00:16:24 | 000,032,256 | ---- | M] (REDC) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\rimmptsk.sys -- (rimmptsk)
DRV - [2006/07/27 14:24:28 | 001,171,464 | ---- | M] (SigmaTel, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\sthda.sys -- (STHDA)
DRV - [2006/07/01 22:39:40 | 000,036,864 | ---- | M] (Advanced Micro Devices) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\AmdK8.sys -- (AmdK8)
DRV - [2006/03/08 12:35:10 | 000,191,872 | ---- | M] (Synaptics, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\SynTP.sys -- (SynTP)
DRV - [2005/12/01 01:40:56 | 000,936,960 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\HSX_DPV.sys -- (HSF_DPV)
DRV - [2005/12/01 01:40:12 | 000,192,512 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\HSXHWAZL.sys -- (HSXHWAZL)
DRV - [2005/12/01 01:40:08 | 000,669,696 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\HSX_CNXT.sys -- (winachsf)
DRV - [2005/08/12 16:50:46 | 000,016,128 | ---- | M] (Dell Inc) [Kernel | System | Running] -- C:\WINDOWS\SYSTEM32\DRIVERS\APPDRV.SYS -- (APPDRV)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========


IE - HKCU\..\URLSearchHook: {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\Program Files\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

========== FireFox ==========


FF - HKLM\software\mozilla\Firefox\extensions\\{B7082FAA-CB62-4872-9106-E42DD88EDE45}: C:\Program Files\McAfee\SiteAdvisor [2010/06/28 02:22:17 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.3\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2010/06/28 02:16:28 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.3\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2010/06/28 02:17:20 | 000,000,000 | ---D | M]

[2010/06/28 02:16:21 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Steven\Application Data\Mozilla\Extensions
[2010/06/28 02:20:57 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Steven\Application Data\Mozilla\Firefox\Profiles\rczfhizk.default\extensions
[2010/06/28 02:20:31 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Steven\Application Data\Mozilla\Firefox\Profiles\rczfhizk.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}
[2010/06/28 02:16:16 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Steven\Application Data\Mozilla\Firefox\Profiles(2)\1vu9wqfz.default\extensions
[2010/06/28 02:16:15 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Documents and Settings\Steven\Application Data\Mozilla\Firefox\Profiles(2)\1vu9wqfz.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}(2)
[2010/06/28 02:20:57 | 000,000,000 | ---D | M] -- C:\Program Files\Mozilla Firefox\extensions
[2010/04/15 11:15:42 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}
[2010/04/27 17:16:24 | 000,024,376 | ---- | M] (McAfee, Inc.) -- C:\Program Files\Mozilla Firefox\components\Scriptff.dll
[2010/04/15 11:15:32 | 000,411,368 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Mozilla Firefox\plugins\npdeployJava1.dll
[2010/05/26 12:07:03 | 000,075,208 | ---- | M] (Foxit Software Company) -- C:\Program Files\Mozilla Firefox\plugins\npFoxitReaderPlugin.dll

O1 HOSTS File: ([2010/04/30 14:56:09 | 000,001,798 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 activate.adobe.com
O1 - Hosts: 127.0.0.1 practivate.adobe.com
O1 - Hosts: 127.0.0.1 ereg.adobe.com
O1 - Hosts: 127.0.0.1 activate.wip3.adobe.com
O1 - Hosts: 127.0.0.1 wip3.adobe.com
O1 - Hosts: 127.0.0.1 3dns-3.adobe.com
O1 - Hosts: 127.0.0.1 3dns-2.adobe.com
O1 - Hosts: 127.0.0.1 adobe-dns.adobe.com
O1 - Hosts: 127.0.0.1 adobe-dns-2.adobe.com
O1 - Hosts: 127.0.0.1 adobe-dns-3.adobe.com
O1 - Hosts: 127.0.0.1 ereg.wip3.adobe.com
O1 - Hosts: 127.0.0.1 activate-sea.adobe.com
O1 - Hosts: 127.0.0.1 wwis-dubc1-vip60.adobe.com
O1 - Hosts: 127.0.0.1 activate-sjc0.adobe.com
O1 - Hosts: 127.0.0.1 adobe.activate.com
O1 - Hosts: 127.0.0.1 adobeereg.com
O1 - Hosts: 127.0.0.1 www.adobeereg.com
O1 - Hosts: 127.0.0.1 wwis-dubc1-vip60.adobe.com
O1 - Hosts: 127.0.0.1 125.252.224.90
O1 - Hosts: 127.0.0.1 125.252.224.91
O1 - Hosts: 127.0.0.1 hl2rcv.adobe.com
O2 - BHO: (McAfee Phishing Filter) - {27B4851A-3207-45A2-B947-BE8AFE6163AB} - c:\Program Files\McAfee\MSK\mskapbho.dll ()
O2 - BHO: (Groove GFS Browser Helper) - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll (Microsoft Corporation)
O2 - BHO: (scriptproxy) - {7DB2D5A0-7241-4E79-B68D-6309F01C5231} - C:\Program Files\Common Files\Mcafee\SystemCore\ScriptSn.20100517210809.dll (McAfee, Inc.)
O2 - BHO: (McAfee SiteAdvisor BHO) - {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - c:\Program Files\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
O3 - HKLM\..\Toolbar: (McAfee SiteAdvisor Toolbar) - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\Program Files\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {D4027C7F-154A-4066-A1AD-4243D8127440} - No CLSID value found.
O4 - HKLM..\Run: [Dell QuickSet] C:\Program Files\Dell\QuickSet\quickset.exe (Dell Inc)
O4 - HKLM..\Run: [mcui_exe] C:\Program Files\McAfee.com\Agent\mcagent.exe (McAfee, Inc.)
O4 - HKLM..\Run: [SigmatelSysTrayApp] C:\WINDOWS\stsystra.exe (SigmaTel, Inc.)
O4 - HKLM..\Run: [StartCCC] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.)
O4 - HKLM..\Run: [SwitchBoard] C:\Program Files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe (Adobe Systems Incorporated)
O4 - HKCU..\Run: [AdobeBridge] File not found
O4 - HKCU..\Run: [EPSON Stylus CX8400 Series] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATICEA.EXE (SEIKO EPSON CORPORATION)
O4 - HKCU..\Run: [SUPERAntiSpyware] C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe (SUPERAntiSpyware.com)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O8 - Extra context menu item: E&xport to Microsoft Excel - C:\Program Files\Microsoft Office\Office12\EXCEL.EXE (Microsoft Corporation)
O9 - Extra Button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office12\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office12\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\Program Files\Microsoft Office\Office12\REFIEBAR.DLL (Microsoft Corporation)
O9 - Extra Button: AIM - {AC9E2541-2814-11d5-BC6D-00B0D0A1DE45} - C:\Program Files\AIM\aim.exe (America Online, Inc.)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_20)
O16 - DPF: {CAFEEFAC-0015-0000-0006-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.5.0_06)
O16 - DPF: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_20)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_20)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 10.0.0.1
O18 - Protocol\Handler\dssrequest {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
O18 - Protocol\Handler\grooveLocalGWS {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll (Microsoft Corporation)
O18 - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Program Files\Common Files\Microsoft Shared\Help\hxds.dll (Microsoft Corporation)
O18 - Protocol\Handler\sacore {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
O18 - Protocol\Filter\application/octet-stream {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - File not found
O18 - Protocol\Filter\application/x-complus {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - File not found
O18 - Protocol\Filter\application/x-msdownload {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - File not found
O18 - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\Microsoft Shared\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - Winlogon\Notify\!SASWinLogon: DllName - C:\Program Files\SUPERAntiSpyware\SASWINLO.DLL - C:\Program Files\SUPERAntiSpyware\SASWINLO.DLL (SUPERAntiSpyware.com)
O20 - Winlogon\Notify\AtiExtEvent: DllName - Ati2evxx.dll - C:\WINDOWS\System32\ati2evxx.dll (ATI Technologies Inc.)
O24 - Desktop WallPaper: C:\WINDOWS\Web\Wallpaper\Bliss.bmp
O24 - Desktop BackupWallPaper: C:\WINDOWS\Web\Wallpaper\Bliss.bmp
O28 - HKLM ShellExecuteHooks: {5AE067D3-9AFB-48E0-853A-EBB7F4A000DA} - C:\Program Files\SUPERAntiSpyware\SASSEH.DLL (SuperAdBlocker.com)
O28 - HKLM ShellExecuteHooks: {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll (Microsoft Corporation)
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2010/04/15 04:07:18 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O33 - MountPoints2\{58db6ce8-5e2d-11df-8a2a-0019b97fe94d}\Shell - "" = AutoRun
O33 - MountPoints2\{58db6ce8-5e2d-11df-8a2a-0019b97fe94d}\Shell\AutoRun - "" = Auto&Play
O33 - MountPoints2\{58db6ce8-5e2d-11df-8a2a-0019b97fe94d}\Shell\AutoRun\command - "" = F:\WD SmartWare.exe -- File not found
O33 - MountPoints2\{5feaee6b-4a6a-11df-89e0-0019b97fe94d}\Shell\AutoRun\command - "" = setupSNK.exe
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

NetSvcs: 6to4 - File not found
NetSvcs: Ias - C:\WINDOWS\system32\ias [2010/04/14 22:42:10 | 000,000,000 | ---D | M]
NetSvcs: Iprip - File not found
NetSvcs: Irmon - File not found
NetSvcs: NWCWorkstation - File not found
NetSvcs: Nwsapagent - File not found
NetSvcs: Wmi - C:\WINDOWS\system32\wmi.dll (Microsoft Corporation)
NetSvcs: WmdmPmSp - File not found

Drivers32: midi - C:\WINDOWS\System32\wdmaud.drv (Microsoft Corporation)
Drivers32: midimapper - C:\WINDOWS\System32\midimap.dll (Microsoft Corporation)
Drivers32: mixer - C:\WINDOWS\System32\wdmaud.drv (Microsoft Corporation)
Drivers32: msacm.ac3filter - C:\WINDOWS\System32\ac3filter.acm ()
Drivers32: msacm.divxa32 - C:\WINDOWS\System32\msaud32_divx.acm (Microsoft Corporation)
Drivers32: msacm.iac2 - C:\WINDOWS\system32\iac25_32.ax (Intel Corporation)
Drivers32: msacm.imaadpcm - C:\WINDOWS\System32\imaadp32.acm (Microsoft Corporation)
Drivers32: msacm.l3acm - C:\WINDOWS\system32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: msacm.msadpcm - C:\WINDOWS\System32\msadp32.acm (Microsoft Corporation)
Drivers32: msacm.msaudio1 - C:\WINDOWS\System32\msaud32.acm (Microsoft Corporation)
Drivers32: msacm.msg711 - C:\WINDOWS\System32\msg711.acm (Microsoft Corporation)
Drivers32: msacm.msg723 - C:\WINDOWS\System32\msg723.acm (Microsoft Corporation)
Drivers32: msacm.msgsm610 - C:\WINDOWS\System32\msgsm32.acm (Microsoft Corporation)
Drivers32: msacm.sl_anet - C:\WINDOWS\System32\sl_anet.acm (Sipro Lab Telecom Inc.)
Drivers32: msacm.trspch - C:\WINDOWS\System32\tssoft32.acm (DSP GROUP, INC.)
Drivers32: vidc.cvid - C:\WINDOWS\System32\iccvid.dll (Radius Inc.)
Drivers32: vidc.DIVX - C:\WINDOWS\System32\DivX.dll (DivX, Inc.)
Drivers32: VIDC.FFDS - C:\WINDOWS\System32\ff_vfw.dll ()
Drivers32: vidc.I420 - C:\WINDOWS\System32\msh263.drv (Microsoft Corporation)
Drivers32: vidc.iv31 - C:\WINDOWS\System32\ir32_32.dll ()
Drivers32: vidc.iv32 - C:\WINDOWS\System32\ir32_32.dll ()
Drivers32: vidc.iv41 - C:\WINDOWS\System32\ir41_32.ax (Intel Corporation)
Drivers32: vidc.iv50 - C:\WINDOWS\System32\ir50_32.dll (Intel Corporation)
Drivers32: vidc.iyuv - C:\WINDOWS\System32\iyuv_32.dll (Microsoft Corporation)
Drivers32: vidc.M261 - C:\WINDOWS\System32\msh261.drv (Microsoft Corporation)
Drivers32: vidc.M263 - C:\WINDOWS\System32\msh263.drv (Microsoft Corporation)
Drivers32: vidc.mrle - C:\WINDOWS\System32\msrle32.dll (Microsoft Corporation)
Drivers32: vidc.msvc - C:\WINDOWS\System32\msvidc32.dll (Microsoft Corporation)
Drivers32: vidc.uyvy - C:\WINDOWS\System32\msyuv.dll (Microsoft Corporation)
Drivers32: vidc.yuy2 - C:\WINDOWS\System32\msyuv.dll (Microsoft Corporation)
Drivers32: vidc.yv12 - C:\WINDOWS\System32\DivX.dll (DivX, Inc.)
Drivers32: vidc.yvu9 - C:\WINDOWS\System32\tsbyuv.dll (Microsoft Corporation)
Drivers32: vidc.yvyu - C:\WINDOWS\System32\msyuv.dll (Microsoft Corporation)
Drivers32: wave - C:\WINDOWS\System32\wdmaud.drv (Microsoft Corporation)
Drivers32: wavemapper - C:\WINDOWS\System32\msacm32.drv (Microsoft Corporation)

CREATERESTOREPOINT
Restore point Set: OTL Restore Point (16902109354000384)

========== Files/Folders - Created Within 90 Days ==========

[2010/06/28 15:13:18 | 000,000,000 | ---D | C] -- C:\WINDOWS\LastGood
[2010/06/28 15:00:56 | 000,574,464 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\Steven\My Documents\OTL.exe
[2010/06/28 12:35:36 | 000,000,000 | ---D | C] -- C:\31adf4f3aaae832caf11
[2010/06/28 02:27:33 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Steven\Application Data\SUPERAntiSpyware.com
[2010/06/28 02:27:33 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\SUPERAntiSpyware.com
[2010/06/28 02:27:24 | 000,000,000 | ---D | C] -- C:\Program Files\SUPERAntiSpyware
[2010/06/28 02:20:50 | 000,000,000 | RH-D | C] -- C:\Documents and Settings\Steven\Recent
[2010/06/24 18:57:44 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Steven\Application Data\dvdcss
[2010/06/13 23:18:17 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Real
[2010/06/13 23:18:16 | 000,000,000 | ---D | C] -- C:\Program Files\Real
[2010/06/13 23:18:16 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Real
[2010/06/13 23:18:12 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Steven\Application Data\Real
[2010/06/11 07:46:17 | 000,000,000 | ---D | C] -- C:\eb35f5cdccb5430420265617
[2010/06/01 13:55:34 | 000,000,000 | -HSD | C] -- C:\Documents and Settings\Steven\PrivacIE
[2010/05/26 12:33:08 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Steven\My Documents\Kaplan
[2010/05/24 17:15:03 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Steven\My Documents\receipt_print.aspx_files
[2010/05/15 23:15:05 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Steven\Local Settings\Application Data\Help
[2010/05/15 23:15:05 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Steven\Application Data\Help
[2010/05/15 22:02:17 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Steven\Application Data\Adobe Mini Bridge CS5
[2010/05/15 22:02:16 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Steven\Application Data\StageManager.BD092818F67280F4B42B04877600987F0111B594.1
[2010/05/12 22:42:08 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Steven\Local Settings\Application Data\Western Digital
[2010/05/09 03:05:24 | 000,000,000 | ---D | C] -- C:\Program Files\CDisplay
[2010/05/07 19:22:56 | 000,000,000 | -HSD | C] -- C:\Documents and Settings\Steven\IETldCache
[2010/05/07 12:13:23 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Steven\Application Data\U3
[2010/05/07 04:16:38 | 000,000,000 | ---D | C] -- C:\WINDOWS\ie8updates
[2010/05/07 04:15:44 | 000,000,000 | ---D | C] -- C:\WINDOWS\WBEM
[2010/05/07 04:14:25 | 000,000,000 | -H-D | C] -- C:\WINDOWS\ie8
[2010/05/06 21:49:51 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Steven\My Documents\filelib
[2010/05/05 22:32:55 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\regid.1986-12.com.adobe
[2010/05/05 22:25:08 | 000,000,000 | ---D | C] -- C:\Program Files\Adobe Media Player
[2010/05/05 22:22:44 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Adobe AIR
[2010/05/05 22:22:41 | 000,000,000 | ---D | C] -- C:\Program Files\Adobe
[2010/05/05 22:14:58 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Adobe
[2010/05/05 22:14:51 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Adobe
[2010/05/05 22:13:59 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Steven\Local Settings\Application Data\Adobe
[2010/05/02 16:57:11 | 000,000,000 | ---D | C] -- C:\Program Files\Vpskeys
[2010/04/29 02:12:09 | 000,000,000 | ---D | C] -- C:\Program Files\Trend Micro
[2010/04/26 19:22:06 | 000,000,000 | ---D | C] -- C:\Program Files\McAfeeMOBK
[2010/04/26 19:21:50 | 000,054,776 | ---- | C] (Mozy, Inc.) -- C:\WINDOWS\System32\drivers\MOBK.sys
[2010/04/26 19:21:23 | 000,000,000 | ---D | C] -- C:\Program Files\McAfee Online Backup
[2010/04/26 19:19:31 | 000,009,344 | ---- | C] (McAfee, Inc.) -- C:\WINDOWS\System32\drivers\mfeclnk.sys
[2010/04/26 19:19:21 | 000,088,480 | ---- | C] (McAfee, Inc.) -- C:\WINDOWS\System32\drivers\mfendisk.sys
[2010/04/26 19:19:21 | 000,083,496 | ---- | C] (McAfee, Inc.) -- C:\WINDOWS\System32\drivers\mferkdet.sys
[2010/04/26 19:19:21 | 000,082,952 | ---- | C] (McAfee, Inc.) -- C:\WINDOWS\System32\drivers\mfetdi2k.sys
[2010/04/26 19:19:20 | 000,312,616 | ---- | C] (McAfee, Inc.) -- C:\WINDOWS\System32\drivers\mfefirek.sys
[2010/04/26 19:19:20 | 000,152,320 | ---- | C] (McAfee, Inc.) -- C:\WINDOWS\System32\drivers\mfeavfk.sys
[2010/04/26 19:19:20 | 000,051,688 | ---- | C] (McAfee, Inc.) -- C:\WINDOWS\System32\drivers\mfebopk.sys
[2010/04/26 19:19:19 | 000,055,456 | ---- | C] (McAfee, Inc.) -- C:\WINDOWS\System32\drivers\cfwids.sys
[2010/04/26 19:19:08 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Mcafee
[2010/04/26 19:19:06 | 000,000,000 | ---D | C] -- C:\Program Files\McAfee.com
[2010/04/26 19:18:47 | 000,000,000 | ---D | C] -- C:\Program Files\McAfee
[2010/04/26 18:47:35 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\McAfee
[2010/04/26 17:04:42 | 000,353,592 | ---- | C] (DivX, Inc.) -- C:\WINDOWS\System32\DivXControlPanelApplet.cpl
[2010/04/24 04:10:31 | 000,000,000 | ---D | C] -- C:\Program Files\DCoder Image Source
[2010/04/24 04:10:30 | 000,000,000 | ---D | C] -- C:\Program Files\SHOUTcast Source
[2010/04/24 04:10:28 | 000,000,000 | ---D | C] -- C:\Program Files\MONOGRAM AMR SplitterDecoder
[2010/04/24 04:10:27 | 000,000,000 | ---D | C] -- C:\Program Files\CD Audio Reader Filter
[2010/04/24 04:10:25 | 000,000,000 | ---D | C] -- C:\Program Files\Gabest MPEG Splitter
[2010/04/24 04:10:24 | 000,000,000 | ---D | C] -- C:\Program Files\OpenSource DTSAC3DD+ Source Filter
[2010/04/24 04:10:15 | 000,000,000 | ---D | C] -- C:\Program Files\RealMedia
[2010/04/24 04:09:58 | 000,000,000 | ---D | C] -- C:\Program Files\DScaler5
[2010/04/24 04:09:47 | 000,000,000 | ---D | C] -- C:\Program Files\AC3Filter
[2010/04/24 04:09:37 | 000,000,000 | ---D | C] -- C:\Program Files\OpenSource Flash Video Splitter
[2010/04/24 04:09:35 | 000,000,000 | ---D | C] -- C:\Program Files\DirectVobSub
[2010/04/24 04:09:30 | 000,000,000 | ---D | C] -- C:\Program Files\Haali
[2010/04/24 04:09:17 | 000,000,000 | ---D | C] -- C:\Program Files\Bass Audio Decoder
[2010/04/24 04:08:45 | 000,060,273 | ---- | C] (Open Source Software community project) -- C:\WINDOWS\System32\pthreadGC2.dll
[2010/04/24 04:08:43 | 000,000,000 | ---D | C] -- C:\Program Files\ffdshow
[2010/04/24 04:07:31 | 000,000,000 | ---D | C] -- C:\Program Files\Zoom Player
[2010/04/23 15:22:43 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Steven\My Documents\Madden NFL 08
[2010/04/23 15:19:20 | 000,000,000 | RH-D | C] -- C:\Documents and Settings\Steven\Application Data\SecuROM
[2010/04/23 15:19:19 | 000,107,888 | ---- | C] (Sony DADC Austria AG.) -- C:\WINDOWS\System32\CmdLineExt.dll
[2010/04/23 15:12:43 | 000,000,000 | ---D | C] -- C:\Program Files\EA Sports
[2010/04/23 02:57:44 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Steven\My Documents\GomPlayer
[2010/04/23 02:57:43 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Steven\Application Data\GRETECH
[2010/04/23 02:56:09 | 000,000,000 | ---D | C] -- C:\Program Files\GRETECH
[2010/04/23 02:39:21 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Steven\Application Data\Apple Computer
[2010/04/20 01:13:00 | 000,000,000 | ---D | C] -- C:\Program Files\ArcSoft
[2010/04/20 01:11:47 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\EPSON
[2010/04/20 01:10:46 | 000,000,000 | ---D | C] -- C:\Program Files\epson
[2010/04/19 03:32:48 | 000,000,000 | ---D | C] -- C:\WINDOWS\Sun
[2010/04/19 01:42:56 | 000,410,624 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\Steven\My Documents\TFC.exe
[2010/04/19 01:42:56 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Steven\My Documents\Microbio
[2010/04/18 20:25:40 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\ATI
[2010/04/18 20:15:44 | 000,000,000 | ---D | C] -- C:\ATI
[2010/04/18 19:37:18 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Steven\Local Settings\Application Data\ATI
[2010/04/18 19:37:18 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Steven\Application Data\ATI
[2010/04/18 16:19:51 | 000,000,000 | ---D | C] -- C:\NVIDIA
[2010/04/18 15:24:03 | 000,000,000 | ---D | C] -- C:\Program Files\ATI Technologies
[2010/04/17 20:44:49 | 000,000,000 | ---D | C] -- C:\WINDOWS\Minidump
[2010/04/17 18:45:22 | 000,000,000 | ---D | C] -- C:\Program Files\Viewpoint
[2010/04/17 18:45:22 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Viewpoint
[2010/04/17 18:44:54 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Steven\Application Data\Windows Search
[2010/04/17 18:44:54 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Steven\Application Data\Publish Providers
[2010/04/17 18:44:42 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Sony
[2010/04/17 18:44:26 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Steven\Application Data\Sony
[2010/04/17 18:44:26 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Steven\Application Data\DivX
[2010/04/17 18:44:20 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Steven\Local Settings\Application Data\ApplicationHistory
[2010/04/17 18:44:10 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Works
[2010/04/17 18:43:47 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Visual Studio
[2010/04/17 18:43:47 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\DESIGNER
[2010/04/17 18:43:01 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Steven\Local Settings\Application Data\Microsoft Help
[2010/04/17 18:12:26 | 000,000,000 | ---D | C] -- C:\Config.Msi
[2010/04/17 18:05:14 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Steven\My Documents\Heroes of Might and Magic 3
[2010/04/17 17:51:06 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Steven\My Documents\One Piece
[2010/04/17 16:44:26 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Steven\Application Data\Aim
[2010/04/17 16:44:18 | 000,000,000 | ---D | C] -- C:\Program Files\AOD
[2010/04/17 16:44:13 | 000,000,000 | ---D | C] -- C:\Program Files\AIM
[2010/04/16 23:39:10 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Steven\Local Settings\Application Data\Sony
[2010/04/16 23:35:17 | 000,000,000 | ---D | C] -- C:\Program Files\Sony
[2010/04/16 14:27:16 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Visual Studio 8
[2010/04/16 14:26:20 | 000,000,000 | ---D | C] -- C:\WINDOWS\SHELLNEW
[2010/04/16 14:25:34 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Office
[2010/04/16 14:25:29 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Microsoft Help
[2010/04/16 14:25:04 | 000,000,000 | RH-D | C] -- C:\MSOCache
[2010/04/16 14:19:56 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Steven\Application Data\WinRAR
[2010/04/16 03:07:07 | 000,147,456 | ---- | C] (ATI Technologies, Inc.) -- C:\WINDOWS\System32\Oemdspif.dll
[2010/04/16 02:35:17 | 000,000,000 | ---D | C] -- C:\Program Files\Uniblue
[2010/04/16 02:35:17 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Steven\Application Data\Uniblue
[2010/04/16 02:35:17 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\DriverScanner
[2010/04/16 02:33:52 | 000,000,000 | -H-D | C] -- C:\Documents and Settings\All Users\Application Data\{D5ABFFAD-D592-4F98-B02B-587125B4801F}
[2010/04/16 02:27:04 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\PC Drivers HeadQuarters
[2010/04/16 02:26:20 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\DivX Shared
[2010/04/16 02:24:37 | 000,000,000 | ---D | C] -- C:\Program Files\DivX
[2010/04/16 02:23:29 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\DivX
[2010/04/16 02:15:31 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Steven\Local Settings\Application Data\Identities
[2010/04/16 02:15:02 | 000,000,000 | ---D | C] -- C:\Program Files\Windows Desktop Search
[2010/04/16 02:15:02 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\GroupPolicy
[2010/04/15 22:28:59 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Steven\Application Data\Dell
[2010/04/15 22:26:16 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Steven\Local Settings\Application Data\Deployment
[2010/04/15 19:19:39 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\XPSViewer
[2010/04/15 19:19:33 | 000,000,000 | ---D | C] -- C:\Program Files\MSBuild
[2010/04/15 19:19:23 | 000,000,000 | ---D | C] -- C:\Program Files\Reference Assemblies
[2010/04/15 19:18:51 | 000,000,000 | ---D | C] -- C:\c54da0262e8fe704362f9b43641f
[2010/04/15 18:18:54 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Steven\Application Data\vlc
[2010/04/15 18:14:25 | 000,000,000 | ---D | C] -- C:\WINDOWS\Prefetch
[2010/04/15 18:01:36 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\scripting
[2010/04/15 18:01:35 | 000,000,000 | ---D | C] -- C:\WINDOWS\l2schemas
[2010/04/15 18:01:35 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\en
[2010/04/15 18:01:35 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\bits
[2010/04/15 17:56:12 | 000,000,000 | ---D | C] -- C:\WINDOWS\network diagnostic
[2010/04/15 17:51:48 | 000,000,000 | -H-D | C] -- C:\WINDOWS\$NtServicePackUninstall$
[2010/04/15 17:51:47 | 000,000,000 | ---D | C] -- C:\WINDOWS\EHome
[2010/04/15 17:22:43 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\{74D08EB8-01D1-4BAE-91E3-F30C1B031AC6}
[2010/04/15 17:19:15 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\en-US
[2010/04/15 17:18:57 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft.NET
[2010/04/15 17:13:29 | 000,000,000 | ---D | C] -- C:\Program Files\QuickTime
[2010/04/15 17:13:26 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Apple Computer
[2010/04/15 17:13:02 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Apple
[2010/04/15 17:12:51 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Steven\Local Settings\Application Data\Apple
[2010/04/15 17:12:44 | 000,000,000 | ---D | C] -- C:\Program Files\Apple Software Update
[2010/04/15 17:12:44 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Apple
[2010/04/15 17:12:31 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Steven\Local Settings\Application Data\Apple Computer
[2010/04/15 17:10:31 | 000,000,000 | ---D | C] -- C:\Program Files\Alwil Software
[2010/04/15 17:10:31 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Alwil Software
[2010/04/15 17:10:12 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Steven\Application Data\Malwarebytes
[2010/04/15 17:10:05 | 000,038,224 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbamswissarmy.sys
[2010/04/15 17:10:03 | 000,020,952 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbam.sys
[2010/04/15 17:10:03 | 000,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware
[2010/04/15 17:10:03 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Malwarebytes
[2010/04/15 17:09:39 | 000,000,000 | R--D | C] -- C:\Documents and Settings\Steven\My Documents\My Videos
[2010/04/15 17:09:39 | 000,000,000 | R--D | C] -- C:\Documents and Settings\All Users\Documents\My Videos
[2010/04/15 17:08:25 | 000,000,000 | ---D | C] -- C:\Program Files\Windows Media Connect 2
[2010/04/15 17:07:16 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\drivers\UMDF
[2010/04/15 17:07:16 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\LogFiles
[2010/04/15 17:05:25 | 000,000,000 | ---D | C] -- C:\Program Files\Foxit Software
[2010/04/15 17:04:56 | 000,000,000 | ---D | C] -- C:\Program Files\WinRAR
[2010/04/15 17:04:00 | 000,000,000 | ---D | C] -- C:\Program Files\VideoLAN
[2010/04/15 17:03:16 | 000,000,000 | ---D | C] -- C:\Program Files\CCleaner
[2010/04/15 16:57:01 | 000,000,000 | ---D | C] -- C:\Program Files\PeerBlock
[2010/04/15 16:56:39 | 000,000,000 | ---D | C] -- C:\Program Files\FileHippo.com
[2010/04/15 16:56:23 | 000,000,000 | ---D | C] -- C:\Program Files\DAEMON Tools Lite
[2010/04/15 16:56:05 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Steven\Application Data\DAEMON Tools Lite
[2010/04/15 16:56:02 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\DAEMON Tools Lite
[2010/04/15 16:54:35 | 000,000,000 | R-SD | C] -- C:\WINDOWS\assembly
[2010/04/15 16:54:03 | 000,000,000 | ---D | C] -- C:\WINDOWS\Microsoft.NET
[2010/04/15 16:40:15 | 000,000,000 | -HSD | C] -- C:\RECYCLER
[2010/04/15 11:51:56 | 000,000,000 | ---D | C] -- C:\WINDOWS\ServicePackFiles
[2010/04/15 11:25:53 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Steven\Application Data\Macromedia
[2010/04/15 11:25:53 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Steven\Application Data\Adobe
[2010/04/15 11:20:23 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Windows Genuine Advantage
[2010/04/15 11:15:55 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Sun
[2010/04/15 11:14:28 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\PreInstall
[2010/04/15 11:14:06 | 000,000,000 | -H-D | C] -- C:\WINDOWS\$MSI31Uninstall_KB893803v2$
[2010/04/15 11:14:03 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Steven\Application Data\Sun
[2010/04/15 11:12:14 | 000,000,000 | -HSD | C] -- C:\Documents and Settings\Steven\UserData
[2010/04/15 11:11:26 | 000,000,000 | ---D | C] -- C:\Program Files\uTorrent
[2010/04/15 11:11:01 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Steven\Application Data\uTorrent
[2010/04/15 11:10:53 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Steven\My Documents\Downloads
[2010/04/15 11:07:47 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Steven\Local Settings\Application Data\Mozilla
[2010/04/15 11:07:47 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Steven\Application Data\Mozilla
[2010/04/15 11:07:40 | 000,000,000 | ---D | C] -- C:\Program Files\Mozilla Firefox
[2010/04/15 11:05:45 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\SoftwareDistribution
[2010/04/15 11:00:45 | 000,000,000 | ---D | C] -- C:\Program Files\Java
[2010/04/15 11:00:44 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Java
[2010/04/15 11:00:35 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Steven\Local Settings\Application Data\{3248F0A6-6813-11D6-A77B-00B0D0150060}
[2010/04/15 11:00:03 | 000,191,872 | ---- | C] (Synaptics, Inc.) -- C:\WINDOWS\System32\drivers\SynTP.sys
[2010/04/15 11:00:03 | 000,114,688 | ---- | C] (Synaptics, Inc.) -- C:\WINDOWS\System32\SynCtrl.dll
[2010/04/15 11:00:03 | 000,094,299 | ---- | C] (Synaptics, Inc.) -- C:\WINDOWS\System32\SynTPAPI.dll
[2010/04/15 11:00:03 | 000,082,014 | ---- | C] (Synaptics, Inc.) -- C:\WINDOWS\System32\SynCOM.dll
[2010/04/15 11:00:03 | 000,081,920 | ---- | C] (Synaptics, Inc.) -- C:\WINDOWS\System32\SynTPCo2.dll
[2010/04/15 11:00:03 | 000,069,723 | ---- | C] (Synaptics, Inc.) -- C:\WINDOWS\System32\SynTPFcs.dll
[2010/04/15 11:00:03 | 000,000,000 | ---D | C] -- C:\Program Files\Synaptics
[2010/04/15 10:59:11 | 000,000,000 | ---D | C] -- C:\Program Files\AMD
[2010/04/15 10:58:30 | 000,000,000 | ---D | C] -- C:\Program Files\CONEXANT
[2010/04/15 10:58:04 | 000,000,000 | ---D | C] -- C:\Program Files\Modem Helper
[2010/04/15 10:56:45 | 000,000,000 | ---D | C] -- C:\Program Files\SigmaTel
[2010/04/15 10:55:48 | 000,016,128 | ---- | C] (Dell Inc) -- C:\WINDOWS\System32\drivers\APPDRV.SYS
[2010/04/15 10:55:47 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Steven\Application Data\InstallShield
[2010/04/15 10:55:03 | 000,033,664 | ---- | C] (CACE Technologies) -- C:\WINDOWS\System32\drivers\BCMWLNPF.SYS
[2010/04/15 10:55:02 | 000,069,632 | ---- | C] (CACE Technologies) -- C:\WINDOWS\System32\bcmwlpkt.dll
[2010/04/15 10:55:01 | 002,129,920 | ---- | C] (BCGSoft Ltd) -- C:\WINDOWS\System32\WLBCGCBPRO731.DLL
[2010/04/15 10:54:23 | 000,000,000 | ---D | C] -- C:\Program Files\Broadcom
[2010/04/15 10:53:51 | 000,000,000 | ---D | C] -- C:\Program Files\DIFX
[2010/04/15 10:53:49 | 000,032,256 | ---- | C] (REDC) -- C:\WINDOWS\System32\drivers\rimmptsk.sys
[2010/04/15 10:53:48 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\DRVSTORE
[2010/04/15 10:53:13 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\ReinstallBackups
[2010/04/15 10:53:08 | 000,000,000 | -H-D | C] -- C:\Program Files\InstallShield Installation Information
[2010/04/15 10:53:02 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\InstallShield
[2010/04/15 10:51:35 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\vmm32
[2010/04/15 10:51:35 | 000,000,000 | ---D | C] -- C:\Program Files\Dell
[2010/04/15 04:12:02 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Steven\Application Data\Identities
[2010/04/15 04:12:01 | 000,000,000 | -H-D | C] -- C:\Program Files\Uninstall Information
[2010/04/15 04:11:57 | 000,000,000 | R--D | C] -- C:\Documents and Settings\Steven\My Documents\My Pictures
[2010/04/15 04:11:57 | 000,000,000 | R--D | C] -- C:\Documents and Settings\Steven\My Documents\My Music
[2010/04/15 04:11:54 | 000,000,000 | --SD | C] -- C:\Documents and Settings\Steven\Application Data\Microsoft
[2010/04/15 04:11:54 | 000,000,000 | RH-D | C] -- C:\Documents and Settings\Steven\SendTo
[2010/04/15 04:11:54 | 000,000,000 | RH-D | C] -- C:\Documents and Settings\Steven\Application Data
[2010/04/15 04:11:54 | 000,000,000 | R--D | C] -- C:\Documents and Settings\Steven\Start Menu
[2010/04/15 04:11:54 | 000,000,000 | R--D | C] -- C:\Documents and Settings\Steven\My Documents
[2010/04/15 04:11:54 | 000,000,000 | R--D | C] -- C:\Documents and Settings\Steven\Favorites
[2010/04/15 04:11:54 | 000,000,000 | -HSD | C] -- C:\Documents and Settings\Steven\Cookies
[2010/04/15 04:11:54 | 000,000,000 | -H-D | C] -- C:\Documents and Settings\Steven\Templates
[2010/04/15 04:11:54 | 000,000,000 | -H-D | C] -- C:\Documents and Settings\Steven\PrintHood
[2010/04/15 04:11:54 | 000,000,000 | -H-D | C] -- C:\Documents and Settings\Steven\NetHood
[2010/04/15 04:11:54 | 000,000,000 | -H-D | C] -- C:\Documents and Settings\Steven\Local Settings
[2010/04/15 04:11:54 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Steven\Local Settings\Application Data\Microsoft
[2010/04/15 04:11:54 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Steven\Desktop
[2010/04/15 04:11:07 | 000,000,000 | ---D | C] -- C:\WINDOWS\SoftwareDistribution
[2010/04/15 04:11:04 | 000,000,000 | --SD | C] -- C:\WINDOWS\System32\Microsoft
[2010/04/15 04:11:04 | 000,000,000 | ---D | C] -- C:\Documents and Settings\LocalService\Local Settings\Application Data\Microsoft
[2010/04/15 04:11:03 | 000,000,000 | --SD | C] -- C:\Documents and Settings\LocalService\Application Data\Microsoft
[2010/04/15 04:10:40 | 000,000,000 | --SD | C] -- C:\Documents and Settings\NetworkService\Application Data\Microsoft
[2010/04/15 04:10:40 | 000,000,000 | ---D | C] -- C:\Documents and Settings\NetworkService\Local Settings\Application Data\Microsoft
[2010/04/15 04:09:17 | 000,079,872 | ---- | C] (Ricoh Co., Ltd.) -- C:\WINDOWS\System32\dllcache\rwia330.dll
[2010/04/15 04:09:16 | 000,079,872 | ---- | C] (Ricoh Co., Ltd.) -- C:\WINDOWS\System32\dllcache\rwia001.dll
[2010/04/15 04:08:12 | 000,054,528 | ---- | C] (Philips Semiconductors GmbH) -- C:\WINDOWS\System32\dllcache\cap7146.sys
[2010/04/15 04:07:51 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\xircom
[2010/04/15 04:07:51 | 000,000,000 | ---D | C] -- C:\Program Files\xerox
[2010/04/15 04:07:51 | 000,000,000 | ---D | C] -- C:\Program Files\microsoft frontpage
[2010/04/15 04:07:48 | 000,000,000 | ---D | C] -- C:\DELL
[2010/04/15 04:07:38 | 000,000,000 | -H-D | C] -- C:\WINDOWS\$hf_mig$
[2010/04/15 04:06:19 | 000,000,000 | -HSD | C] -- C:\Documents and Settings\All Users\DRM
[2010/04/15 04:06:10 | 000,000,000 | --SD | C] -- C:\WINDOWS\Downloaded Program Files
[2010/04/15 04:06:10 | 000,000,000 | R--D | C] -- C:\WINDOWS\Offline Web Pages
[2010/04/15 04:06:00 | 000,000,000 | -H-D | C] -- C:\Program Files\WindowsUpdate
[2010/04/15 04:05:36 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\DirectX
[2010/04/15 04:05:01 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Services
[2010/04/15 04:04:58 | 000,000,000 | --SD | C] -- C:\WINDOWS\Tasks
[2010/04/15 04:04:57 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\MSSoap
[2010/04/15 04:04:52 | 000,000,000 | ---D | C] -- C:\WINDOWS\srchasst
[2010/04/15 04:04:51 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\Macromed
[2010/04/15 04:04:40 | 000,000,000 | ---D | C] -- C:\Program Files\Movie Maker
[2010/04/15 04:04:31 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\Restore
[2010/04/15 04:04:26 | 000,000,000 | ---D | C] -- C:\Program Files\NetMeeting
[2010/04/15 04:04:22 | 000,000,000 | ---D | C] -- C:\Program Files\Outlook Express
[2010/04/15 04:04:14 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\System
[2010/04/15 04:04:08 | 000,000,000 | ---D | C] -- C:\Program Files\Internet Explorer
[2010/04/15 04:04:07 | 000,000,000 | R--D | C] -- C:\Documents and Settings\All Users\Documents\My Pictures
[2010/04/15 04:03:54 | 000,000,000 | ---D | C] -- C:\Program Files\ComPlus Applications
[2010/04/15 04:03:47 | 000,000,000 | ---D | C] -- C:\WINDOWS\Registration
[2010/04/15 04:03:17 | 000,000,000 | R--D | C] -- C:\Documents and Settings\All Users\Documents\My Music
[2010/04/15 04:03:17 | 000,000,000 | ---D | C] -- C:\Program Files\Windows Media Player
[2010/04/15 04:03:17 | 000,000,000 | ---D | C] -- C:\Program Files\Online Services
[2010/04/15 04:03:12 | 000,000,000 | ---D | C] -- C:\Program Files\Messenger
[2010/04/15 04:03:07 | 000,000,000 | ---D | C] -- C:\Program Files\MSN Gaming Zone
[2010/04/15 04:02:24 | 000,000,000 | ---D | C] -- C:\Program Files\MSN
[2010/04/15 04:02:21 | 000,000,000 | ---D | C] -- C:\Program Files\Windows NT
[2010/04/15 04:02:18 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\MsDtc
[2010/04/15 04:02:15 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\Com
[2010/04/14 22:58:05 | 000,000,000 | R--D | C] -- C:\Documents and Settings\All Users\Start Menu
[2010/04/14 22:58:05 | 000,000,000 | R--D | C] -- C:\Documents and Settings\All Users\Documents
[2010/04/14 22:58:05 | 000,000,000 | -H-D | C] -- C:\Documents and Settings\All Users\Templates
[2010/04/14 22:58:05 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Favorites
[2010/04/14 22:58:05 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Desktop
[2010/04/14 22:57:36 | 000,000,000 | --SD | C] -- C:\Documents and Settings\All Users\Application Data\Microsoft
[2010/04/14 22:57:36 | 000,000,000 | RH-D | C] -- C:\Documents and Settings\All Users\Application Data
[2010/04/14 22:50:58 | 000,000,000 | -HSD | C] -- C:\WINDOWS\Installer
[2010/04/14 22:50:57 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\ODBC
[2010/04/14 22:50:53 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\SpeechEngines
[2010/04/14 22:50:52 | 000,000,000 | R--D | C] -- C:\Program Files
[2010/04/14 22:50:52 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Microsoft Shared
[2010/04/14 22:50:52 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files
[2010/04/14 22:50:14 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\CatRoot2
[2010/04/14 22:50:14 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\CatRoot
[2010/04/14 22:49:42 | 000,000,000 | ---D | C] -- C:\Documents and Settings
[2010/04/14 22:49:41 | 000,000,000 | -HSD | C] -- C:\System Volume Information
[2010/04/14 22:40:33 | 000,000,000 | R-SD | C] -- C:\WINDOWS\Fonts
[2010/04/14 22:40:33 | 000,000,000 | RHSD | C] -- C:\WINDOWS\System32\dllcache
[2010/04/14 22:40:33 | 000,000,000 | R--D | C] -- C:\WINDOWS\Web
[2010/04/14 22:40:33 | 000,000,000 | -H-D | C] -- C:\WINDOWS\inf
[2010/04/14 22:40:33 | 000,000,000 | ---D | C] -- C:\WINDOWS\WinSxS
[2010/04/14 22:40:33 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\wins
[2010/04/14 22:40:33 | 000,000,000 | ---D | C] -- C:\WINDOWS
[2010/04/14 22:40:33 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\wbem
[2010/04/14 22:40:33 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\usmt
[2010/04/14 22:40:33 | 000,000,000 | ---D | C] -- C:\WINDOWS\twain_32
[2010/04/14 22:40:33 | 000,000,000 | ---D | C] -- C:\WINDOWS\Temp
[2010/04/14 22:40:33 | 000,000,000 | ---D | C] -- C:\WINDOWS\system32
[2010/04/14 22:40:33 | 000,000,000 | ---D | C] -- C:\WINDOWS\system
[2010/04/14 22:40:33 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\spool
[2010/04/14 22:40:33 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\ShellExt
[2010/04/14 22:40:33 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\Setup
[2010/04/14 22:40:33 | 000,000,000 | ---D | C] -- C:\WINDOWS\security
[2010/04/14 22:40:33 | 000,000,000 | ---D | C] -- C:\WINDOWS\Resources
[2010/04/14 22:40:33 | 000,000,000 | ---D | C] -- C:\WINDOWS\repair
[2010/04/14 22:40:33 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\ras
[2010/04/14 22:40:33 | 000,000,000 | ---D | C] -- C:\WINDOWS\Provisioning
[2010/04/14 22:40:33 | 000,000,000 | ---D | C] -- C:\WINDOWS\PeerNet
[2010/04/14 22:40:33 | 000,000,000 | ---D | C] -- C:\WINDOWS\pchealth
[2010/04/14 22:40:33 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\oobe
[2010/04/14 22:40:33 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\npp
[2010/04/14 22:40:33 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\mui
[2010/04/14 22:40:33 | 000,000,000 | ---D | C] -- C:\WINDOWS\mui
[2010/04/14 22:40:33 | 000,000,000 | ---D | C] -- C:\WINDOWS\msapps
[2010/04/14 22:40:33 | 000,000,000 | ---D | C] -- C:\WINDOWS\msagent
[2010/04/14 22:40:33 | 000,000,000 | ---D | C] -- C:\WINDOWS\Media
[2010/04/14 22:40:33 | 000,000,000 | ---D | C] -- C:\WINDOWS\java
[2010/04/14 22:40:33 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\inetsrv
[2010/04/14 22:40:33 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\IME
[2010/04/14 22:40:33 | 000,000,000 | ---D | C] -- C:\WINDOWS\ime
[2010/04/14 22:40:33 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\icsxml
[2010/04/14 22:40:33 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\ias
[2010/04/14 22:40:33 | 000,000,000 | ---D | C] -- C:\WINDOWS\Help
[2010/04/14 22:40:33 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\export
[2010/04/14 22:40:33 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\drivers\etc
[2010/04/14 22:40:33 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\drivers
[2010/04/14 22:40:33 | 000,000,000 | ---D | C] -- C:\WINDOWS\Driver Cache
[2010/04/14 22:40:33 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\drivers\disdn
[2010/04/14 22:40:33 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\dhcp
[2010/04/14 22:40:33 | 000,000,000 | ---D | C] -- C:\WINDOWS\dell
[2010/04/14 22:40:33 | 000,000,000 | ---D | C] -- C:\WINDOWS\Debug
[2010/04/14 22:40:33 | 000,000,000 | ---D | C] -- C:\WINDOWS\Cursors
[2010/04/14 22:40:33 | 000,000,000 | ---D | C] -- C:\WINDOWS\Connection Wizard
[2010/04/14 22:40:33 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\config
[2010/04/14 22:40:33 | 000,000,000 | ---D | C] -- C:\WINDOWS\Config
[2010/04/14 22:40:33 | 000,000,000 | ---D | C] -- C:\WINDOWS\AppPatch
[2010/04/14 22:40:33 | 000,000,000 | ---D | C] -- C:\WINDOWS\addins
[2010/04/14 22:40:33 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\3com_dmi
[2010/04/14 22:40:33 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\3076
[2010/04/14 22:40:33 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\2052
[2010/04/14 22:40:33 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\1054
[2010/04/14 22:40:33 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\1042
[2010/04/14 22:40:33 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\1041
[2010/04/14 22:40:33 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\1037
[2010/04/14 22:40:33 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\1033
[2010/04/14 22:40:33 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\1031
[2010/04/14 22:40:33 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\1028
[2010/04/14 22:40:33 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\1025
[3 C:\Documents and Settings\Steven\My Documents\*.tmp files -> C:\Documents and Settings\Steven\My Documents\*.tmp -> ]

========== Files - Modified Within 90 Days ==========

[2010/06/28 15:05:59 | 000,001,595 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\McAfee Total Protection.lnk
[2010/06/28 15:05:54 | 000,000,280 | ---- | M] () -- C:\WINDOWS\tasks\RealUpgradeLogonTaskS-1-5-21-839522115-1085031214-725345543-1004.job
[2010/06/28 15:05:53 | 000,000,006 | -H-- | M] () -- C:\WINDOWS\tasks\SA.DAT
[2010/06/28 15:05:51 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2010/06/28 15:05:47 | 2011,213,824 | -HS- | M] () -- C:\hiberfil.sys
[2010/06/28 15:04:30 | 000,000,178 | -HS- | M] () -- C:\Documents and Settings\Steven\ntuser.ini
[2010/06/28 15:04:29 | 003,526,656 | ---- | M] () -- C:\Documents and Settings\Steven\NTUSER.DAT
[2010/06/28 15:03:52 | 000,284,915 | ---- | M] () -- C:\Documents and Settings\Steven\My Documents\gmer.zip
[2010/06/28 15:01:13 | 000,574,464 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Steven\My Documents\OTL.exe
[2010/06/28 13:57:39 | 000,505,730 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
[2010/06/28 13:57:39 | 000,089,052 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
[2010/06/28 02:27:27 | 000,001,678 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\SUPERAntiSpyware Free Edition.lnk
[2010/06/28 02:24:33 | 003,578,984 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2010/06/28 02:00:01 | 000,000,344 | ---- | M] () -- C:\WINDOWS\tasks\AdobeAAMUpdater-1.0-STEVEN-421F9774-Steven.job
[2010/06/28 01:51:39 | 004,810,862 | -H-- | M] () -- C:\Documents and Settings\Steven\Local Settings\Application Data\IconCache.db
[2010/06/28 01:43:01 | 000,002,206 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2010/06/27 23:20:00 | 000,000,288 | ---- | M] () -- C:\WINDOWS\tasks\RealUpgradeScheduledTaskS-1-5-21-839522115-1085031214-725345543-1004.job
[2010/06/14 00:36:51 | 000,021,303 | ---- | M] () -- C:\Documents and Settings\Steven\My Documents\Photo1002.jpg
[2010/06/11 08:10:08 | 000,001,374 | ---- | M] () -- C:\WINDOWS\imsins.BAK
[2010/06/09 17:16:10 | 000,036,864 | ---- | M] () -- C:\Documents and Settings\Steven\My Documents\Tutorial - Classifications of Drugs to Study.doc
[2010/06/09 17:15:09 | 000,040,448 | ---- | M] () -- C:\Documents and Settings\Steven\My Documents\Tutorial- Conversion Factors.doc
[2010/06/08 12:04:54 | 000,007,480 | ---- | M] () -- C:\WINDOWS\System32\d3d9caps.dat
[2010/06/03 01:57:46 | 000,011,534 | ---- | M] () -- C:\Documents and Settings\Steven\My Documents\Kaplan Biology notes.docx
[2010/06/02 22:50:26 | 048,018,629 | ---- | M] () -- C:\Documents and Settings\Steven\My Documents\Purves_-_Neuroscience.pdf
[2010/06/02 22:26:56 | 000,027,612 | ---- | M] () -- C:\Documents and Settings\Steven\My Documents\Neuroscience Fourth Edition by Dale Purves - 5 Star Review.pdf
[2010/06/02 22:12:53 | 034,807,649 | ---- | M] () -- C:\Documents and Settings\Steven\My Documents\Neuroscience 3ed - DALE PURVES.pdf
[2010/06/02 14:04:37 | 000,000,162 | -H-- | M] () -- C:\Documents and Settings\Steven\My Documents\~$plan Biology notes.docx
[2010/05/28 12:39:44 | 000,010,431 | ---- | M] () -- C:\Documents and Settings\Steven\My Documents\Hi.docx
[2010/05/28 00:24:10 | 000,015,256 | ---- | M] () -- C:\Documents and Settings\Steven\My Documents\Animal-Neon Trees2.mp3.sfk
[2010/05/28 00:24:05 | 001,411,346 | ---- | M] () -- C:\Documents and Settings\Steven\My Documents\Animal-Neon Trees2.mp3
[2010/05/28 00:20:18 | 000,012,376 | ---- | M] () -- C:\Documents and Settings\Steven\My Documents\Animal-Neon Trees1.mp3.sfk
[2010/05/28 00:20:17 | 001,143,852 | ---- | M] () -- C:\Documents and Settings\Steven\My Documents\Animal-Neon Trees1.mp3
[2010/05/26 16:00:08 | 000,053,760 | ---- | M] () -- C:\Documents and Settings\Steven\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2010/05/26 12:07:25 | 000,000,901 | ---- | M] () -- C:\Documents and Settings\Steven\Application Data\Microsoft\Internet Explorer\Quick Launch\Foxit Reader.lnk
[2010/05/26 12:07:25 | 000,000,883 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Foxit Reader.lnk
[2010/05/25 13:43:41 | 004,151,620 | ---- | M] () -- C:\Documents and Settings\Steven\My Documents\David Choi- That Girl.mp3
[2010/05/24 17:15:05 | 000,008,030 | ---- | M] () -- C:\Documents and Settings\Steven\My Documents\receipt_print.aspx.htm
[2010/05/22 22:16:25 | 000,002,449 | ---- | M] () -- C:\Documents and Settings\Steven\Desktop\HiJackThis.lnk
[2010/05/19 14:17:18 | 000,010,092 | ---- | M] () -- C:\Documents and Settings\Steven\My Documents\Pharm tech.docx
[2010/05/19 14:14:43 | 000,074,488 | ---- | M] () -- C:\Documents and Settings\Steven\My Documents\Animal-Neon Trees.mp3.sfk
[2010/05/18 18:26:21 | 096,846,303 | ---- | M] () -- C:\Documents and Settings\Steven\My Documents\tron_leg_trl_030910_wmvhd.wmv
[2010/05/14 21:53:51 | 000,032,764 | ---- | M] () -- C:\Documents and Settings\Steven\My Documents\ironman.jpg
[2010/05/13 15:55:54 | 000,010,443 | ---- | M] () -- C:\Documents and Settings\Steven\My Documents\notes.docx
[2010/05/13 11:36:23 | 000,000,162 | -H-- | M] () -- C:\Documents and Settings\Steven\My Documents\~$tivism final.docx
[2010/05/12 21:31:26 | 000,000,162 | -H-- | M] () -- C:\Documents and Settings\Steven\My Documents\~$notes.docx
[2010/05/12 20:20:50 | 000,033,792 | ---- | M] () -- C:\Documents and Settings\Steven\My Documents\Nguyen, Steven.doc
[2010/05/12 20:19:35 | 000,015,886 | ---- | M] () -- C:\Documents and Settings\Steven\My Documents\Nguyen, Steven.docx
[2010/05/12 15:23:27 | 000,035,840 | ---- | M] () -- C:\Documents and Settings\Steven\My Documents\ss.doc
[2010/05/12 15:17:42 | 000,022,655 | ---- | M] () -- C:\Documents and Settings\Steven\My Documents\Nguyen, Kimberly edited.docx
[2010/05/12 05:12:35 | 000,016,309 | ---- | M] () -- C:\Documents and Settings\Steven\My Documents\real.docx
[2010/05/11 21:59:14 | 046,070,212 | ---- | M] () -- C:\Documents and Settings\Steven\My Documents\inception_trl3_051110_wmvhighwide.wmv
[2010/05/11 00:10:53 | 000,001,472 | ---- | M] () -- C:\Documents and Settings\Steven\Desktop\DivX Movies.lnk
[2010/05/11 00:10:19 | 000,000,777 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\DivX Plus Player.lnk
[2010/05/11 00:09:19 | 000,000,817 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\DivX Plus Converter.lnk
[2010/05/10 22:14:33 | 000,045,056 | ---- | M] () -- C:\Documents and Settings\Steven\My Documents\Final Paper Instructions.doc
[2010/05/10 21:50:20 | 000,022,058 | ---- | M] () -- C:\Documents and Settings\Steven\My Documents\Nguyen, Kimberly.docx
[2010/05/10 18:44:33 | 003,457,232 | ---- | M] () -- C:\Documents and Settings\Steven\My Documents\Animal-Neon Trees.mp3
[2010/05/10 00:32:21 | 000,051,601 | ---- | M] () -- C:\Documents and Settings\Steven\My Documents\13354_1152309455899_1472534382_30323577_2516575_n.jpg
[2010/05/10 00:16:58 | 000,039,833 | ---- | M] () -- C:\Documents and Settings\Steven\My Documents\iron-man-2.jpg
[2010/05/10 00:15:28 | 000,233,599 | ---- | M] () -- C:\Documents and Settings\Steven\My Documents\vista-wallpaper-boulder-sunset.JPG
[2010/05/09 04:28:20 | 000,012,232 | ---- | M] () -- C:\Documents and Settings\Steven\My Documents\sisqo - the thong song.mp3.sfk
[2010/05/09 02:12:44 | 000,014,936 | ---- | M] () -- C:\Documents and Settings\Steven\My Documents\03-Smile Like You Mean It1.mp3.sfk
[2010/05/09 02:12:42 | 001,382,089 | ---- | M] () -- C:\Documents and Settings\Steven\My Documents\03-Smile Like You Mean It1.mp3
[2010/05/07 19:23:23 | 000,000,815 | ---- | M] () -- C:\Documents and Settings\Steven\Application Data\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk
[2010/05/07 09:23:49 | 000,016,152 | ---- | M] () -- C:\Documents and Settings\Steven\My Documents\microbio exam 3.docx
[2010/05/05 22:33:03 | 000,075,440 | ---- | M] () -- C:\Documents and Settings\Steven\Local Settings\Application Data\GDIPFONTCACHEV1.DAT
[2010/05/05 03:44:21 | 000,016,766 | ---- | M] () -- C:\Documents and Settings\Steven\My Documents\book note review for exam 3 (ch 13 16 17 18).docx
[2010/05/05 01:09:40 | 000,069,632 | ---- | M] () -- C:\Documents and Settings\Steven\My Documents\multcomp_l.doc
[2010/05/04 10:14:46 | 000,836,047 | ---- | M] () -- C:\Documents and Settings\Steven\Desktop\kims presentation.pptx
[2010/05/03 02:50:52 | 000,002,607 | ---- | M] () -- C:\Documents and Settings\Steven\My Documents\contentWrapper.jsp
[2010/05/02 16:57:11 | 000,001,580 | ---- | M] () -- C:\Documents and Settings\Steven\Application Data\Microsoft\Internet Explorer\Quick Launch\VPSKEYS 4.3.lnk
[2010/04/30 14:56:09 | 000,001,798 | ---- | M] () -- C:\WINDOWS\System32\drivers\etc\hosts
[2010/04/29 15:39:38 | 000,038,224 | ---- | M] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbamswissarmy.sys
[2010/04/29 15:39:26 | 000,020,952 | ---- | M] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbam.sys
[2010/04/29 02:12:40 | 000,000,648 | ---- | M] () -- C:\Documents and Settings\Steven\Application Data\Microsoft\Internet Explorer\Quick Launch\µTorrent.lnk
[2010/04/29 00:52:28 | 000,054,784 | ---- | M] () -- C:\Documents and Settings\Steven\My Documents\statswiz_3_w_mc.doc
[2010/04/29 00:52:23 | 000,047,104 | ---- | M] () -- C:\Documents and Settings\Steven\My Documents\exam3_formulas_mc.doc
[2010/04/29 00:52:18 | 000,036,864 | ---- | M] () -- C:\Documents and Settings\Steven\My Documents\Exam3_specs_sp10.doc
[2010/04/27 21:56:04 | 000,064,000 | ---- | M] () -- C:\Documents and Settings\Steven\My Documents\ReviewEX2sample04(2).doc
[2010/04/27 17:16:24 | 000,385,880 | ---- | M] (McAfee, Inc.) -- C:\WINDOWS\System32\drivers\mfehidk.sys
[2010/04/27 17:16:24 | 000,312,616 | ---- | M] (McAfee, Inc.) -- C:\WINDOWS\System32\drivers\mfefirek.sys
[2010/04/27 17:16:24 | 000,152,320 | ---- | M] (McAfee, Inc.) -- C:\WINDOWS\System32\drivers\mfeavfk.sys
[2010/04/27 17:16:24 | 000,095,568 | ---- | M] (McAfee, Inc.) -- C:\WINDOWS\System32\drivers\mfeapfk.sys
[2010/04/27 17:16:24 | 000,088,480 | ---- | M] (McAfee, Inc.) -- C:\WINDOWS\System32\drivers\mfendisk.sys
[2010/04/27 17:16:24 | 000,083,496 | ---- | M] (McAfee, Inc.) -- C:\WINDOWS\System32\drivers\mferkdet.sys
[2010/04/27 17:16:24 | 000,082,952 | ---- | M] (McAfee, Inc.) -- C:\WINDOWS\System32\drivers\mfetdi2k.sys
[2010/04/27 17:16:24 | 000,055,456 | ---- | M] (McAfee, Inc.) -- C:\WINDOWS\System32\drivers\cfwids.sys
[2010/04/27 17:16:24 | 000,051,688 | ---- | M] (McAfee, Inc.) -- C:\WINDOWS\System32\drivers\mfebopk.sys
[2010/04/27 17:16:24 | 000,009,344 | ---- | M] (McAfee, Inc.) -- C:\WINDOWS\System32\drivers\mfeclnk.sys
[2010/04/26 19:32:35 | 000,002,577 | ---- | M] () -- C:\WINDOWS\System32\CONFIG.NT
[2010/04/26 17:04:42 | 000,353,592 | ---- | M] (DivX, Inc.) -- C:\WINDOWS\System32\DivXControlPanelApplet.cpl
[2010/04/26 11:12:24 | 000,605,412 | ---- | M] () -- C:\WINDOWS\System32\PerfStringBackup.INI
[2010/04/26 02:12:37 | 000,013,465 | ---- | M] () -- C:\Documents and Settings\Steven\My Documents\outline.docx
[2010/04/26 00:38:32 | 000,014,912 | ---- | M] () -- C:\Documents and Settings\Steven\My Documents\03-Smile Like You Mean It1.sfk
[2010/04/23 17:51:37 | 000,064,000 | ---- | M] () -- C:\Documents and Settings\Steven\My Documents\ReviewEX2sample04.doc
[2010/04/23 17:51:34 | 000,064,512 | ---- | M] () -- C:\Documents and Settings\Steven\My Documents\ReviewEX2sample05.doc
[2010/04/23 17:51:31 | 000,030,208 | ---- | M] () -- C:\Documents and Settings\Steven\My Documents\070905ReviewEx2.doc
[2010/04/23 15:19:19 | 000,107,888 | ---- | M] (Sony DADC Austria AG.) -- C:\WINDOWS\System32\CmdLineExt.dll
[2010/04/22 00:57:09 | 000,000,162 | -H-- | M] () -- C:\Documents and Settings\Steven\My Documents\~$etnamese cultures.docx
[2010/04/21 01:53:29 | 000,014,619 | ---- | M] () -- C:\Documents and Settings\Steven\My Documents\6portfolio.docx
[2010/04/20 01:10:48 | 000,000,665 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\EPSON Scan.lnk
[2010/04/20 01:10:05 | 000,000,025 | ---- | M] () -- C:\WINDOWS\EPCX8400.ini
[2010/04/19 22:35:24 | 000,000,000 | -H-- | M] () -- C:\WINDOWS\System32\drivers\UMDF\Msft_User_WpdMtpDr_01_00_00.Wdf
[2010/04/19 21:48:01 | 000,014,820 | ---- | M] () -- C:\Documents and Settings\Steven\My Documents\portfolio 6.docx
[2010/04/19 20:17:51 | 000,325,078 | ---- | M] () -- C:\Documents and Settings\Steven\My Documents\FB0C2747d01.pdf
[2010/04/18 20:25:21 | 000,000,000 | ---- | M] () -- C:\WINDOWS\ativpsrm.bin
[2010/04/18 19:18:37 | 000,000,162 | -H-- | M] () -- C:\Documents and Settings\Steven\My Documents\~$b report 11.docx
[2010/04/18 16:14:29 | 000,000,162 | -H-- | M] () -- C:\Documents and Settings\Steven\My Documents\~$GuideF06.doc
[2010/04/17 16:44:21 | 000,000,628 | ---- | M] () -- C:\Documents and Settings\Steven\Application Data\Microsoft\Internet Explorer\Quick Launch\AOL Instant Messenger.lnk
[2010/04/17 16:38:42 | 000,000,000 | -H-- | M] () -- C:\WINDOWS\System32\drivers\Msft_Kernel_NuidFltr_01005.Wdf
[2010/04/17 16:38:40 | 000,000,000 | -H-- | M] () -- C:\WINDOWS\System32\drivers\MsftWdf_Kernel_01005_Coinstaller_Critical.Wdf
[2010/04/16 14:26:42 | 000,000,582 | ---- | M] () -- C:\WINDOWS\win.ini
[2010/04/16 02:18:55 | 000,000,552 | ---- | M] () -- C:\WINDOWS\System32\d3d8caps.dat
[2010/04/15 17:55:45 | 000,250,048 | RHS- | M] () -- C:\ntldr
[2010/04/15 17:09:27 | 000,000,800 | ---- | M] () -- C:\Documents and Settings\Steven\Application Data\Microsoft\Internet Explorer\Quick Launch\Windows Media Player.lnk
[2010/04/15 17:08:35 | 000,023,392 | ---- | M] () -- C:\WINDOWS\System32\nscompat.tlb
[2010/04/15 17:08:35 | 000,016,832 | ---- | M] () -- C:\WINDOWS\System32\amcompat.tlb
[2010/04/15 17:07:18 | 000,000,000 | -H-- | M] () -- C:\WINDOWS\System32\drivers\UMDF\MsftWdf_user_01_00_00.Wdf
[2010/04/15 16:57:02 | 000,000,752 | ---- | M] () -- C:\Documents and Settings\Steven\Application Data\Microsoft\Internet Explorer\Quick Launch\PeerBlock.lnk
[2010/04/15 16:56:31 | 000,691,696 | ---- | M] () -- C:\WINDOWS\System32\drivers\sptd.sys
[2010/04/15 11:07:59 | 000,000,000 | ---- | M] () -- C:\WINDOWS\nsreg.dat
[2010/04/15 11:07:44 | 000,001,620 | ---- | M] () -- C:\Documents and Settings\Steven\Application Data\Microsoft\Internet Explorer\Quick Launch\Mozilla Firefox.lnk
[2010/04/15 11:07:44 | 000,001,602 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Mozilla Firefox.lnk
[2010/04/15 11:02:12 | 000,000,005 | ---- | M] () -- C:\WINDOWS\System32\drivers\DELL_INS_1501.MRK
[2010/04/15 11:02:12 | 000,000,005 | ---- | M] () -- C:\WINDOWS\System32\drivers\1028_DELL_INS_1501.MRK
[2010/04/15 10:59:10 | 000,000,223 | RHS- | M] () -- C:\boot.ini
[2010/04/15 04:12:09 | 000,000,079 | ---- | M] () -- C:\Documents and Settings\Steven\Application Data\Microsoft\Internet Explorer\Quick Launch\Show Desktop.scf
[2010/04/15 04:10:43 | 000,008,192 | ---- | M] () -- C:\WINDOWS\REGLOCS.OLD
[2010/04/15 04:09:49 | 000,000,261 | ---- | M] () -- C:\WINDOWS\System32\$winnt$.inf
[2010/04/15 04:07:18 | 000,000,000 | RHS- | M] () -- C:\MSDOS.SYS
[2010/04/15 04:07:18 | 000,000,000 | RHS- | M] () -- C:\IO.SYS
[2010/04/15 04:07:18 | 000,000,000 | ---- | M] () -- C:\WINDOWS\control.ini
[2010/04/15 04:07:18 | 000,000,000 | ---- | M] () -- C:\AUTOEXEC.BAT
[2010/04/15 04:07:17 | 000,000,000 | ---- | M] () -- C:\CONFIG.SYS
[2010/04/15 04:07:14 | 000,316,640 | ---- | M] () -- C:\WINDOWS\WMSysPr9.prx
[2010/04/15 04:07:03 | 000,004,161 | ---- | M] () -- C:\WINDOWS\ODBCINST.INI
[2010/04/15 04:06:10 | 000,000,488 | RH-- | M] () -- C:\WINDOWS\System32\WindowsLogon.manifest
[2010/04/15 04:06:10 | 000,000,488 | RH-- | M] () -- C:\WINDOWS\System32\logonui.exe.manifest
[2010/04/15 04:06:04 | 000,000,749 | RH-- | M] () -- C:\WINDOWS\System32\wuaucpl.cpl.manifest
[2010/04/15 04:06:04 | 000,000,749 | RH-- | M] () -- C:\WINDOWS\WindowsShell.Manifest
[2010/04/15 04:06:04 | 000,000,749 | RH-- | M] () -- C:\WINDOWS\System32\sapi.cpl.manifest
[2010/04/15 04:06:04 | 000,000,749 | RH-- | M] () -- C:\WINDOWS\System32\nwc.cpl.manifest
[2010/04/15 04:06:04 | 000,000,749 | RH-- | M] () -- C:\WINDOWS\System32\ncpa.cpl.manifest
[2010/04/15 04:06:04 | 000,000,749 | RH-- | M] () -- C:\WINDOWS\System32\cdplayer.exe.manifest
[2010/04/15 04:04:05 | 000,021,640 | ---- | M] () -- C:\WINDOWS\System32\emptyregdb.dat
[2010/04/15 04:03:52 | 000,000,037 | ---- | M] () -- C:\WINDOWS\vbaddin.ini
[2010/04/15 04:03:52 | 000,000,036 | ---- | M] () -- C:\WINDOWS\vb.ini
[2010/04/14 22:58:15 | 000,000,231 | ---- | M] () -- C:\WINDOWS\system.ini
[3 C:\Documents and Settings\Steven\My Documents\*.tmp files -> C:\Documents and Settings\Steven\My Documents\*.tmp -> ]

========== Files Created - No Company Name ==========

[2010/06/28 15:03:52 | 000,284,915 | ---- | C] () -- C:\Documents and Settings\Steven\My Documents\gmer.zip
[2010/06/28 02:27:27 | 000,001,678 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\SUPERAntiSpyware Free Edition.lnk
[2010/06/14 00:31:35 | 000,021,303 | ---- | C] () -- C:\Documents and Settings\Steven\My Documents\Photo1002.jpg
[2010/06/13 23:19:53 | 000,000,288 | ---- | C] () -- C:\WINDOWS\tasks\RealUpgradeScheduledTaskS-1-5-21-839522115-1085031214-725345543-1004.job
[2010/06/13 23:19:53 | 000,000,280 | ---- | C] () -- C:\WINDOWS\tasks\RealUpgradeLogonTaskS-1-5-21-839522115-1085031214-725345543-1004.job
[2010/06/11 07:59:20 | 000,001,374 | ---- | C] () -- C:\WINDOWS\imsins.BAK
[2010/06/09 17:16:09 | 000,036,864 | ---- | C] () -- C:\Documents and Settings\Steven\My Documents\Tutorial - Classifications of Drugs to Study.doc
[2010/06/09 17:15:07 | 000,040,448 | ---- | C] () -- C:\Documents and Settings\Steven\My Documents\Tutorial- Conversion Factors.doc
[2010/06/02 22:40:19 | 048,018,629 | ---- | C] () -- C:\Documents and Settings\Steven\My Documents\Purves_-_Neuroscience.pdf
[2010/06/02 22:26:56 | 000,027,612 | ---- | C] () -- C:\Documents and Settings\Steven\My Documents\Neuroscience Fourth Edition by Dale Purves - 5 Star Review.pdf
[2010/06/02 22:06:28 | 034,807,649 | ---- | C] () -- C:\Documents and Settings\Steven\My Documents\Neuroscience 3ed - DALE PURVES.pdf
[2010/06/02 14:04:37 | 000,000,162 | -H-- | C] () -- C:\Documents and Settings\Steven\My Documents\~$plan Biology notes.docx
[2010/06/02 14:04:36 | 000,011,534 | ---- | C] () -- C:\Documents and Settings\Steven\My Documents\Kaplan Biology notes.docx
[2010/05/28 12:39:44 | 000,010,431 | ---- | C] () -- C:\Documents and Settings\Steven\My Documents\Hi.docx
[2010/05/28 00:24:05 | 000,015,256 | ---- | C] () -- C:\Documents and Settings\Steven\My Documents\Animal-Neon Trees2.mp3.sfk
[2010/05/28 00:24:03 | 001,411,346 | ---- | C] () -- C:\Documents and Settings\Steven\My Documents\Animal-Neon Trees2.mp3
[2010/05/28 00:20:17 | 000,012,376 | ---- | C] () -- C:\Documents and Settings\Steven\My Documents\Animal-Neon Trees1.mp3.sfk
[2010/05/28 00:20:14 | 001,143,852 | ---- | C] () -- C:\Documents and Settings\Steven\My Documents\Animal-Neon Trees1.mp3
[2010/05/25 13:41:11 | 004,151,620 | ---- | C] () -- C:\Documents and Settings\Steven\My Documents\David Choi- That Girl.mp3
[2010/05/24 17:15:03 | 000,008,030 | ---- | C] () -- C:\Documents and Settings\Steven\My Documents\receipt_print.aspx.htm
[2010/05/19 14:14:40 | 000,074,488 | ---- | C] () -- C:\Documents and Settings\Steven\My Documents\Animal-Neon Trees.mp3.sfk
[2010/05/18 21:39:01 | 000,010,092 | ---- | C] () -- C:\Documents and Settings\Steven\My Documents\Pharm tech.docx
[2010/05/18 17:56:09 | 096,846,303 | ---- | C] () -- C:\Documents and Settings\Steven\My Documents\tron_leg_trl_030910_wmvhd.wmv
[2010/05/14 21:53:50 | 000,032,764 | ---- | C] () -- C:\Documents and Settings\Steven\My Documents\ironman.jpg
[2010/05/13 11:36:23 | 000,000,162 | -H-- | C] () -- C:\Documents and Settings\Steven\My Documents\~$tivism final.docx
[2010/05/12 21:31:26 | 000,010,443 | ---- | C] () -- C:\Documents and Settings\Steven\My Documents\notes.docx
[2010/05/12 21:31:26 | 000,000,162 | -H-- | C] () -- C:\Documents and Settings\Steven\My Documents\~$notes.docx
[2010/05/12 20:20:49 | 000,033,792 | ---- | C] () -- C:\Documents and Settings\Steven\My Documents\Nguyen, Steven.doc
[2010/05/12 15:23:26 | 000,035,840 | ---- | C] () -- C:\Documents and Settings\Steven\My Documents\ss.doc
[2010/05/12 15:17:13 | 000,022,655 | ---- | C] () -- C:\Documents and Settings\Steven\My Documents\Nguyen, Kimberly edited.docx
[2010/05/12 01:39:37 | 000,016,309 | ---- | C] () -- C:\Documents and Settings\Steven\My Documents\real.docx
[2010/05/11 21:58:51 | 046,070,212 | ---- | C] () -- C:\Documents and Settings\Steven\My Documents\inception_trl3_051110_wmvhighwide.wmv
[2010/05/11 20:38:54 | 000,001,595 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\McAfee Total Protection.lnk
[2010/05/11 00:10:53 | 000,001,472 | ---- | C] () -- C:\Documents and Settings\Steven\Desktop\DivX Movies.lnk
[2010/05/11 00:10:19 | 000,000,777 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\DivX Plus Player.lnk
[2010/05/10 22:14:33 | 000,045,056 | ---- | C] () -- C:\Documents and Settings\Steven\My Documents\Final Paper Instructions.doc
[2010/05/10 21:50:19 | 000,022,058 | ---- | C] () -- C:\Documents and Settings\Steven\My Documents\Nguyen, Kimberly.docx
[2010/05/10 18:22:28 | 003,457,232 | ---- | C] () -- C:\Documents and Settings\Steven\My Documents\Animal-Neon Trees.mp3
[2010/05/10 02:16:55 | 000,015,886 | ---- | C] () -- C:\Documents and Settings\Steven\My Documents\Nguyen, Steven.docx
[2010/05/10 00:32:20 | 000,051,601 | ---- | C] () -- C:\Documents and Settings\Steven\My Documents\13354_1152309455899_1472534382_30323577_2516575_n.jpg
[2010/05/10 00:16:58 | 000,039,833 | ---- | C] () -- C:\Documents and Settings\Steven\My Documents\iron-man-2.jpg
[2010/05/10 00:15:27 | 000,233,599 | ---- | C] () -- C:\Documents and Settings\Steven\My Documents\vista-wallpaper-boulder-sunset.JPG
[2010/05/10 00:04:29 | 000,000,344 | ---- | C] () -- C:\WINDOWS\tasks\AdobeAAMUpdater-1.0-STEVEN-421F9774-Steven.job
[2010/05/09 02:13:21 | 000,012,232 | ---- | C] () -- C:\Documents and Settings\Steven\My Documents\sisqo - the thong song.mp3.sfk
[2010/05/09 02:12:43 | 000,014,936 | ---- | C] () -- C:\Documents and Settings\Steven\My Documents\03-Smile Like You Mean It1.mp3.sfk
[2010/05/09 02:12:41 | 001,382,089 | ---- | C] () -- C:\Documents and Settings\Steven\My Documents\03-Smile Like You Mean It1.mp3
[2010/05/07 19:23:23 | 000,000,815 | ---- | C] () -- C:\Documents and Settings\Steven\Application Data\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk
[2010/05/06 20:20:53 | 000,016,152 | ---- | C] () -- C:\Documents and Settings\Steven\My Documents\microbio exam 3.docx
[2010/05/05 03:44:20 | 000,016,766 | ---- | C] () -- C:\Documents and Settings\Steven\My Documents\book note review for exam 3 (ch 13 16 17 18).docx
[2010/05/05 01:09:39 | 000,069,632 | ---- | C] () -- C:\Documents and Settings\Steven\My Documents\multcomp_l.doc
[2010/05/04 10:14:45 | 000,836,047 | ---- | C] () -- C:\Documents and Settings\Steven\Desktop\kims presentation.pptx
[2010/05/03 02:50:51 | 000,002,607 | ---- | C] () -- C:\Documents and Settings\Steven\My Documents\contentWrapper.jsp
[2010/05/02 16:57:11 | 000,001,580 | ---- | C] () -- C:\Documents and Settings\Steven\Application Data\Microsoft\Internet Explorer\Quick Launch\VPSKEYS 4.3.lnk
[2010/04/29 00:52:28 | 000,054,784 | ---- | C] () -- C:\Documents and Settings\Steven\My Documents\statswiz_3_w_mc.doc
[2010/04/29 00:52:23 | 000,047,104 | ---- | C] () -- C:\Documents and Settings\Steven\My Documents\exam3_formulas_mc.doc
[2010/04/29 00:52:17 | 000,036,864 | ---- | C] () -- C:\Documents and Settings\Steven\My Documents\Exam3_specs_sp10.doc
[2010/04/27 21:56:03 | 000,064,000 | ---- | C] () -- C:\Documents and Settings\Steven\My Documents\ReviewEX2sample04(2).doc
[2010/04/26 00:38:31 | 000,014,912 | ---- | C] () -- C:\Documents and Settings\Steven\My Documents\03-Smile Like You Mean It1.sfk
[2010/04/25 22:36:22 | 000,013,465 | ---- | C] () -- C:\Documents and Settings\Steven\My Documents\outline.docx
[2010/04/24 04:09:47 | 000,497,664 | ---- | C] () -- C:\WINDOWS\System32\ac3filter.acm
[2010/04/24 04:08:48 | 000,000,547 | ---- | C] () -- C:\WINDOWS\System32\ff_vfw.dll.manifest
[2010/04/24 04:08:47 | 000,057,344 | ---- | C] () -- C:\WINDOWS\System32\ff_vfw.dll
[2010/04/23 17:51:37 | 000,064,000 | ---- | C] () -- C:\Documents and Settings\Steven\My Documents\ReviewEX2sample04.doc
[2010/04/23 17:51:34 | 000,064,512 | ---- | C] () -- C:\Documents and Settings\Steven\My Documents\ReviewEX2sample05.doc
[2010/04/23 17:51:31 | 000,030,208 | ---- | C] () -- C:\Documents and Settings\Steven\My Documents\070905ReviewEx2.doc
[2010/04/22 00:57:09 | 000,000,162 | -H-- | C] () -- C:\Documents and Settings\Steven\My Documents\~$etnamese cultures.docx
[2010/04/21 01:33:05 | 000,014,619 | ---- | C] () -- C:\Documents and Settings\Steven\My Documents\6portfolio.docx
[2010/04/20 04:09:30 | 2011,213,824 | -HS- | C] () -- C:\hiberfil.sys
[2010/04/20 01:11:55 | 000,073,220 | ---- | C] () -- C:\WINDOWS\System32\EPPICPrinterDB.dat
[2010/04/20 01:11:55 | 000,031,053 | ---- | C] () -- C:\WINDOWS\System32\EPPICPattern131.dat
[2010/04/20 01:11:55 | 000,029,114 | ---- | C] () -- C:\WINDOWS\System32\EPPICPattern1.dat
[2010/04/20 01:11:55 | 000,027,417 | ---- | C] () -- C:\WINDOWS\System32\EPPICPattern121.dat
[2010/04/20 01:11:55 | 000,021,021 | ---- | C] () -- C:\WINDOWS\System32\EPPICPattern3.dat
[2010/04/20 01:11:55 | 000,015,670 | ---- | C] () -- C:\WINDOWS\System32\EPPICPattern5.dat
[2010/04/20 01:11:55 | 000,013,280 | ---- | C] () -- C:\WINDOWS\System32\EPPICPattern2.dat
[2010/04/20 01:11:55 | 000,012,669 | ---- | C] () -- C:\WINDOWS\System32\EPPICLocal_EN.cfg
[2010/04/20 01:11:55 | 000,010,673 | ---- | C] () -- C:\WINDOWS\System32\EPPICPattern4.dat
[2010/04/20 01:11:55 | 000,006,478 | ---- | C] () -- C:\WINDOWS\System32\EPPICLocal_PT.cfg
[2010/04/20 01:11:55 | 000,006,478 | ---- | C] () -- C:\WINDOWS\System32\EPPICLocal_BP.cfg
[2010/04/20 01:11:55 | 000,006,366 | ---- | C] () -- C:\WINDOWS\System32\EPPICLocal_FR.cfg
[2010/04/20 01:11:55 | 000,006,366 | ---- | C] () -- C:\WINDOWS\System32\EPPICLocal_CF.cfg
[2010/04/20 01:11:55 | 000,006,226 | ---- | C] () -- C:\WINDOWS\System32\EPPICLocal_ES.cfg
[2010/04/20 01:11:55 | 000,004,943 | ---- | C] () -- C:\WINDOWS\System32\EPPICPattern6.dat
[2010/04/20 01:11:55 | 000,001,140 | ---- | C] () -- C:\WINDOWS\System32\EPPICPresetData_PT.dat
[2010/04/20 01:11:55 | 000,001,140 | ---- | C] () -- C:\WINDOWS\System32\EPPICPresetData_BP.dat
[2010/04/20 01:11:55 | 000,001,137 | ---- | C] () -- C:\WINDOWS\System32\EPPICPresetData_ES.dat
[2010/04/20 01:11:55 | 000,001,130 | ---- | C] () -- C:\WINDOWS\System32\EPPICPresetData_FR.dat
[2010/04/20 01:11:55 | 000,001,130 | ---- | C] () -- C:\WINDOWS\System32\EPPICPresetData_CF.dat
[2010/04/20 01:11:55 | 000,001,104 | ---- | C] () -- C:\WINDOWS\System32\EPPICPresetData_EN.dat
[2010/04/20 01:11:55 | 000,000,097 | ---- | C] () -- C:\WINDOWS\System32\PICSDK.ini
[2010/04/20 01:10:48 | 000,000,665 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\EPSON Scan.lnk
[2010/04/20 01:10:05 | 000,000,025 | ---- | C] () -- C:\WINDOWS\EPCX8400.ini
[2010/04/19 22:35:24 | 000,000,000 | -H-- | C] () -- C:\WINDOWS\System32\drivers\UMDF\Msft_User_WpdMtpDr_01_00_00.Wdf
[2010/04/19 21:48:00 | 000,014,820 | ---- | C] () -- C:\Documents and Settings\Steven\My Documents\portfolio 6.docx
[2010/04/19 20:18:01 | 000,325,078 | ---- | C] () -- C:\Documents and Settings\Steven\My Documents\FB0C2747d01.pdf
[2010/04/19 01:43:03 | 000,082,432 | ---- | C] () -- C:\Documents and Settings\Steven\My Documents\Interview transcript.doc
[2010/04/18 20:25:21 | 000,000,000 | ---- | C] () -- C:\WINDOWS\ativpsrm.bin
[2010/04/18 20:21:30 | 000,593,920 | ---- | C] () -- C:\WINDOWS\System32\ati2sgag.exe
[2010/04/18 19:18:37 | 000,000,162 | -H-- | C] () -- C:\Documents and Settings\Steven\My Documents\~$b report 11.docx
[2010/04/18 16:14:29 | 000,000,162 | -H-- | C] () -- C:\Documents and Settings\Steven\My Documents\~$GuideF06.doc
[2010/04/17 16:44:21 | 000,000,628 | ---- | C] () -- C:\Documents and Settings\Steven\Application Data\Microsoft\Internet Explorer\Quick Launch\AOL Instant Messenger.lnk
[2010/04/17 16:38:42 | 000,000,000 | -H-- | C] () -- C:\WINDOWS\System32\drivers\Msft_Kernel_NuidFltr_01005.Wdf
[2010/04/17 16:38:40 | 000,000,000 | -H-- | C] () -- C:\WINDOWS\System32\drivers\MsftWdf_Kernel_01005_Coinstaller_Critical.Wdf
[2010/04/16 22:47:27 | 000,053,760 | ---- | C] () -- C:\Documents and Settings\Steven\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2010/04/16 02:26:41 | 000,000,817 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\DivX Plus Converter.lnk
[2010/04/16 02:18:55 | 000,000,552 | ---- | C] () -- C:\WINDOWS\System32\d3d8caps.dat
[2010/04/15 17:09:27 | 000,000,800 | ---- | C] () -- C:\Documents and Settings\Steven\Application Data\Microsoft\Internet Explorer\Quick Launch\Windows Media Player.lnk
[2010/04/15 17:07:18 | 000,000,000 | -H-- | C] () -- C:\WINDOWS\System32\drivers\UMDF\MsftWdf_user_01_00_00.Wdf
[2010/04/15 17:05:27 | 000,000,901 | ---- | C] () -- C:\Documents and Settings\Steven\Application Data\Microsoft\Internet Explorer\Quick Launch\Foxit Reader.lnk
[2010/04/15 17:05:27 | 000,000,883 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Foxit Reader.lnk
[2010/04/15 17:03:33 | 000,002,449 | ---- | C] () -- C:\Documents and Settings\Steven\Desktop\HiJackThis.lnk
[2010/04/15 16:57:02 | 000,000,752 | ---- | C] () -- C:\Documents and Settings\Steven\Application Data\Microsoft\Internet Explorer\Quick Launch\PeerBlock.lnk
[2010/04/15 16:56:31 | 000,691,696 | ---- | C] () -- C:\WINDOWS\System32\drivers\sptd.sys
[2010/04/15 11:30:33 | 000,067,866 | ---- | C] () -- C:\WINDOWS\System32\drivers\netwlan5.img
[2010/04/15 11:30:29 | 000,129,045 | ---- | C] () -- C:\WINDOWS\System32\drivers\cxthsfs2.cty
[2010/04/15 11:15:48 | 000,007,480 | ---- | C] () -- C:\WINDOWS\System32\d3d9caps.dat
[2010/04/15 11:11:26 | 000,000,648 | ---- | C] () -- C:\Documents and Settings\Steven\Application Data\Microsoft\Internet Explorer\Quick Launch\µTorrent.lnk
[2010/04/15 11:07:59 | 000,000,000 | ---- | C] () -- C:\WINDOWS\nsreg.dat
[2010/04/15 11:07:44 | 000,001,620 | ---- | C] () -- C:\Documents and Settings\Steven\Application Data\Microsoft\Internet Explorer\Quick Launch\Mozilla Firefox.lnk
[2010/04/15 11:07:44 | 000,001,602 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Mozilla Firefox.lnk
[2010/04/15 11:02:12 | 000,000,005 | ---- | C] () -- C:\WINDOWS\System32\drivers\DELL_INS_1501.MRK
[2010/04/15 11:02:12 | 000,000,005 | ---- | C] () -- C:\WINDOWS\System32\drivers\1028_DELL_INS_1501.MRK
[2010/04/15 11:01:42 | 000,000,666 | ---- | C] () -- C:\WINDOWS\speed.reg
[2010/04/15 10:58:18 | 000,141,497 | ---- | C] () -- C:\WINDOWS\System32\drivers\del1028.cty
[2010/04/15 10:55:03 | 000,086,016 | ---- | C] () -- C:\WINDOWS\System32\preflib.dll
[2010/04/15 10:55:02 | 000,020,480 | ---- | C] () -- C:\WINDOWS\System32\WLTRYSVC.EXE
[2010/04/15 10:55:01 | 000,757,760 | ---- | C] () -- C:\WINDOWS\System32\bcm1xsup.dll
[2010/04/15 04:12:09 | 000,000,079 | ---- | C] () -- C:\Documents and Settings\Steven\Application Data\Microsoft\Internet Explorer\Quick Launch\Show Desktop.scf
[2010/04/15 04:11:55 | 000,032,768 | -H-- | C] () -- C:\Documents and Settings\Steven\ntuser.dat.LOG
[2010/04/15 04:11:55 | 000,000,178 | -HS- | C] () -- C:\Documents and Settings\Steven\ntuser.ini
[2010/04/15 04:11:54 | 003,526,656 | ---- | C] () -- C:\Documents and Settings\Steven\NTUSER.DAT
[2010/04/15 04:10:43 | 000,008,192 | ---- | C] () -- C:\WINDOWS\REGLOCS.OLD
[2010/04/15 04:09:43 | 000,002,048 | --S- | C] () -- C:\WINDOWS\bootstat.dat
[2010/04/15 04:09:37 | 000,028,288 | ---- | C] () -- C:\WINDOWS\System32\dllcache\xjis.nls
[2010/04/15 04:09:13 | 000,083,748 | ---- | C] () -- C:\WINDOWS\System32\dllcache\prcp.nls
[2010/04/15 04:09:13 | 000,083,748 | ---- | C] () -- C:\WINDOWS\System32\dllcache\prc.nls
[2010/04/15 04:09:11 | 000,175,104 | ---- | C] () -- C:\WINDOWS\System32\dllcache\pintlcsa.dll
[2010/04/15 04:08:58 | 000,047,066 | ---- | C] () -- C:\WINDOWS\System32\dllcache\ksc.nls
[2010/04/15 04:08:57 | 001,158,818 | ---- | C] () -- C:\WINDOWS\System32\dllcache\korwbrkr.lex
[2010/04/15 04:08:52 | 000,059,392 | ---- | C] () -- C:\WINDOWS\System32\dllcache\imscinst.exe
[2010/04/15 04:08:50 | 000,196,665 | ---- | C] () -- C:\WINDOWS\System32\dllcache\imjpinst.exe
[2010/04/15 04:08:48 | 000,134,339 | ---- | C] () -- C:\WINDOWS\System32\dllcache\imekr.lex
[2010/04/15 04:08:35 | 013,463,552 | ---- | C] () -- C:\WINDOWS\System32\dllcache\hwxjpn.dll
[2010/04/15 04:08:28 | 000,108,827 | ---- | C] () -- C:\WINDOWS\System32\dllcache\hanja.lex
[2010/04/15 04:08:15 | 000,173,568 | ---- | C] () -- C:\WINDOWS\System32\dllcache\chtskf.dll
[2010/04/15 04:08:12 | 000,066,594 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_864.nls
[2010/04/15 04:08:12 | 000,066,594 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_862.nls
[2010/04/15 04:08:12 | 000,066,594 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_858.nls
[2010/04/15 04:08:12 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_870.nls
[2010/04/15 04:08:11 | 000,180,770 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20932.nls
[2010/04/15 04:08:11 | 000,177,698 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20949.nls
[2010/04/15 04:08:11 | 000,173,602 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20936.nls
[2010/04/15 04:08:11 | 000,066,594 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_720.nls
[2010/04/15 04:08:11 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_708.nls
[2010/04/15 04:08:11 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_28596.nls
[2010/04/15 04:08:11 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_21027.nls
[2010/04/15 04:08:11 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_21025.nls
[2010/04/15 04:08:11 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20924.nls
[2010/04/15 04:08:10 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20880.nls
[2010/04/15 04:08:10 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20871.nls
[2010/04/15 04:08:10 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20838.nls
[2010/04/15 04:08:10 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20833.nls
[2010/04/15 04:08:10 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20424.nls
[2010/04/15 04:08:10 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20423.nls
[2010/04/15 04:08:10 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20420.nls
[2010/04/15 04:08:10 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20297.nls
[2010/04/15 04:08:10 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20290.nls
[2010/04/15 04:08:10 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20285.nls
[2010/04/15 04:08:10 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20284.nls
[2010/04/15 04:08:10 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20280.nls
[2010/04/15 04:08:10 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20278.nls
[2010/04/15 04:08:09 | 000,187,938 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20005.nls
[2010/04/15 04:08:09 | 000,185,378 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20003.nls
[2010/04/15 04:08:09 | 000,180,258 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20004.nls
[2010/04/15 04:08:09 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20277.nls
[2010/04/15 04:08:09 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20273.nls
[2010/04/15 04:08:09 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20269.nls
[2010/04/15 04:08:09 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20108.nls
[2010/04/15 04:08:09 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20107.nls
[2010/04/15 04:08:09 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20106.nls
[2010/04/15 04:08:09 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20105.nls
[2010/04/15 04:08:08 | 000,189,986 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_1361.nls
[2010/04/15 04:08:08 | 000,186,402 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20001.nls
[2010/04/15 04:08:08 | 000,180,258 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20000.nls
[2010/04/15 04:08:08 | 000,173,602 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20002.nls
[2010/04/15 04:08:08 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_1149.nls
[2010/04/15 04:08:08 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_1148.nls
[2010/04/15 04:08:08 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_1147.nls
[2010/04/15 04:08:08 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_1146.nls
[2010/04/15 04:08:08 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_1145.nls
[2010/04/15 04:08:07 | 000,177,698 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_10003.nls
[2010/04/15 04:08:07 | 000,173,602 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_10008.nls
[2010/04/15 04:08:07 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_1144.nls
[2010/04/15 04:08:07 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_1143.nls
[2010/04/15 04:08:07 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_1142.nls
[2010/04/15 04:08:07 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_1141.nls
[2010/04/15 04:08:07 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_1140.nls
[2010/04/15 04:08:07 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_1047.nls
[2010/04/15 04:08:07 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_10021.nls
[2010/04/15 04:08:07 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_10005.nls
[2010/04/15 04:08:07 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_10004.nls
[2010/04/15 04:08:06 | 000,195,618 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_10002.nls
[2010/04/15 04:08:06 | 000,162,850 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_10001.nls
[2010/04/15 04:08:06 | 000,082,172 | ---- | C] () -- C:\WINDOWS\System32\dllcache\bopomofo.nls
[2010/04/15 04:08:06 | 000,066,728 | ---- | C] () -- C:\WINDOWS\System32\dllcache\big5.nls
[2010/04/15 04:07:18 | 000,002,577 | ---- | C] () -- C:\WINDOWS\System32\CONFIG.NT
[2010/04/15 04:07:18 | 000,000,000 | RHS- | C] () -- C:\MSDOS.SYS
[2010/04/15 04:07:18 | 000,000,000 | RHS- | C] () -- C:\IO.SYS
[2010/04/15 04:07:18 | 000,000,000 | ---- | C] () -- C:\AUTOEXEC.BAT
[2010/04/15 04:07:17 | 000,000,000 | ---- | C] () -- C:\CONFIG.SYS
[2010/04/15 04:07:13 | 000,023,392 | ---- | C] () -- C:\WINDOWS\System32\nscompat.tlb
[2010/04/15 04:07:13 | 000,016,832 | ---- | C] () -- C:\WINDOWS\System32\amcompat.tlb
[2010/04/15 04:07:12 | 000,316,640 | ---- | C] () -- C:\WINDOWS\WMSysPr9.prx
[2010/04/15 04:06:10 | 000,000,488 | RH-- | C] () -- C:\WINDOWS\System32\WindowsLogon.manifest
[2010/04/15 04:06:10 | 000,000,488 | RH-- | C] () -- C:\WINDOWS\System32\logonui.exe.manifest
[2010/04/15 04:06:04 | 000,000,749 | RH-- | C] () -- C:\WINDOWS\System32\wuaucpl.cpl.manifest
[2010/04/15 04:06:04 | 000,000,749 | RH-- | C] () -- C:\WINDOWS\WindowsShell.Manifest
[2010/04/15 04:06:04 | 000,000,749 | RH-- | C] () -- C:\WINDOWS\System32\sapi.cpl.manifest
[2010/04/15 04:06:04 | 000,000,749 | RH-- | C] () -- C:\WINDOWS\System32\nwc.cpl.manifest
[2010/04/15 04:06:04 | 000,000,749 | RH-- | C] () -- C:\WINDOWS\System32\ncpa.cpl.manifest
[2010/04/15 04:06:04 | 000,000,749 | RH-- | C] () -- C:\WINDOWS\System32\cdplayer.exe.manifest
[2010/04/15 04:05:44 | 004,399,505 | ---- | C] () -- C:\WINDOWS\System32\dllcache\nls302en.lex
[2010/04/15 04:05:10 | 000,048,680 | -HS- | C] () -- C:\WINDOWS\winnt256.bmp
[2010/04/15 04:05:10 | 000,048,680 | -HS- | C] () -- C:\WINDOWS\winnt.bmp
[2010/04/15 04:05:03 | 000,000,984 | ---- | C] () -- C:\WINDOWS\System32\dllcache\srframe.mmf
[2010/04/15 04:04:05 | 000,021,640 | ---- | C] () -- C:\WINDOWS\System32\emptyregdb.dat
[2010/04/15 04:02:53 | 000,065,954 | ---- | C] () -- C:\WINDOWS\Prairie Wind.bmp
[2010/04/15 04:02:53 | 000,065,832 | ---- | C] () -- C:\WINDOWS\Santa Fe Stucco.bmp
[2010/04/15 04:02:53 | 000,026,680 | ---- | C] () -- C:\WINDOWS\River Sumida.bmp
[2010/04/15 04:02:53 | 000,017,362 | ---- | C] () -- C:\WINDOWS\Rhododendron.bmp
[2010/04/15 04:02:53 | 000,009,522 | ---- | C] () -- C:\WINDOWS\Zapotec.bmp
[2010/04/15 04:02:52 | 000,093,702 | ---- | C] () -- C:\WINDOWS\System32\subrange.uce
[2010/04/15 04:02:52 | 000,065,978 | ---- | C] () -- C:\WINDOWS\Soap Bubbles.bmp
[2010/04/15 04:02:52 | 000,026,582 | ---- | C] () -- C:\WINDOWS\Greenstone.bmp
[2010/04/15 04:02:52 | 000,017,336 | ---- | C] () -- C:\WINDOWS\Gone Fishing.bmp
[2010/04/15 04:02:52 | 000,017,062 | ---- | C] () -- C:\WINDOWS\Coffee Bean.bmp
[2010/04/15 04:02:52 | 000,016,730 | ---- | C] () -- C:\WINDOWS\FeatherTexture.bmp
[2010/04/15 04:02:52 | 000,001,272 | ---- | C] () -- C:\WINDOWS\Blue Lace 16.bmp
[2010/04/15 04:02:51 | 000,060,458 | ---- | C] () -- C:\WINDOWS\System32\ideograf.uce
[2010/04/15 04:02:51 | 000,024,006 | ---- | C] () -- C:\WINDOWS\System32\gb2312.uce
[2010/04/15 04:02:51 | 000,022,984 | ---- | C] () -- C:\WINDOWS\System32\bopomofo.uce
[2010/04/15 04:02:51 | 000,016,740 | ---- | C] () -- C:\WINDOWS\System32\shiftjis.uce
[2010/04/15 04:02:51 | 000,012,876 | ---- | C] () -- C:\WINDOWS\System32\korean.uce
[2010/04/15 04:02:51 | 000,008,484 | ---- | C] () -- C:\WINDOWS\System32\kanji_2.uce
[2010/04/15 04:02:51 | 000,006,948 | ---- | C] () -- C:\WINDOWS\System32\kanji_1.uce
[2010/04/15 04:02:49 | 000,003,286 | ---- | C] () -- C:\WINDOWS\System32\tslabels.h
[2010/04/15 04:02:49 | 000,001,161 | ---- | C] () -- C:\WINDOWS\System32\usrlogon.cmd
[2010/04/15 04:02:48 | 000,000,768 | ---- | C] () -- C:\WINDOWS\System32\msdtcprf.h
[2010/04/15 04:02:42 | 000,063,488 | ---- | C] () -- C:\WINDOWS\System32\wmimgmt.msc
[2010/04/14 22:50:55 | 001,685,606 | ---- | C] () -- C:\WINDOWS\System32\dllcache\sam.spd
[2010/04/14 22:50:55 | 000,000,888 | ---- | C] () -- C:\WINDOWS\System32\dllcache\sam.sdf
[2010/04/14 22:50:54 | 000,605,050 | ---- | C] () -- C:\WINDOWS\System32\dllcache\r1033tts.lxa
[2010/04/14 22:50:53 | 000,643,717 | ---- | C] () -- C:\WINDOWS\System32\dllcache\ltts1033.lxa
[2010/04/14 22:50:51 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_28603.nls
[2010/04/14 22:50:51 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\c_28603.nls
[2010/04/14 22:50:50 | 000,066,594 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_857.nls
[2010/04/14 22:50:50 | 000,066,594 | ---- | C] () -- C:\WINDOWS\System32\c_857.nls
[2010/04/14 22:50:50 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_28599.nls
[2010/04/14 22:50:50 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\c_28599.nls
[2010/04/14 22:50:49 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_10081.nls
[2010/04/14 22:50:49 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\c_10081.nls
[2010/04/14 22:50:47 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_28595.nls
[2010/04/14 22:50:47 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\C_28595.NLS
[2010/04/14 22:50:47 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_10017.nls
[2010/04/14 22:50:47 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\c_10017.nls
[2010/04/14 22:50:47 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_10007.nls
[2010/04/14 22:50:47 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\c_10007.nls
[2010/04/14 22:50:45 | 000,066,594 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_869.nls
[2010/04/14 22:50:45 | 000,066,594 | ---- | C] () -- C:\WINDOWS\System32\c_869.nls
[2010/04/14 22:50:45 | 000,066,594 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_737.nls
[2010/04/14 22:50:45 | 000,066,594 | ---- | C] () -- C:\WINDOWS\System32\c_737.nls
[2010/04/14 22:50:45 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_875.nls
[2010/04/14 22:50:45 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\c_875.nls
[2010/04/14 22:50:45 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_28597.nls
[2010/04/14 22:50:45 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\C_28597.NLS
[2010/04/14 22:50:45 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_10006.nls
[2010/04/14 22:50:45 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\c_10006.nls
[2010/04/14 22:50:44 | 000,066,594 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_866.nls
[2010/04/14 22:50:44 | 000,066,594 | ---- | C] () -- C:\WINDOWS\System32\c_866.nls
[2010/04/14 22:50:44 | 000,066,594 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_855.nls
[2010/04/14 22:50:44 | 000,066,594 | ---- | C] () -- C:\WINDOWS\System32\c_855.nls
[2010/04/14 22:50:44 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_28594.nls
[2010/04/14 22:50:44 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\C_28594.NLS
[2010/04/14 22:50:42 | 000,066,594 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_852.nls
[2010/04/14 22:50:42 | 000,066,594 | ---- | C] () -- C:\WINDOWS\System32\c_852.nls
[2010/04/14 22:50:42 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_10082.nls
[2010/04/14 22:50:42 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\c_10082.nls
[2010/04/14 22:50:42 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_10029.nls
[2010/04/14 22:50:42 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\c_10029.nls
[2010/04/14 22:50:42 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_10010.nls
[2010/04/14 22:50:42 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\c_10010.nls
[2010/04/14 22:50:40 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20127.nls
[2010/04/14 22:50:40 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\c_20127.nls
[2010/04/14 22:50:37 | 000,001,688 | ---- | C] () -- C:\WINDOWS\System32\AUTOEXEC.NT
[2010/04/14 22:50:26 | 000,399,645 | ---- | C] () -- C:\WINDOWS\System32\dllcache\MAPIMIG.CAT
[2010/04/14 22:50:26 | 000,037,484 | ---- | C] () -- C:\WINDOWS\System32\dllcache\MW770.CAT
[2010/04/14 22:50:26 | 000,013,472 | ---- | C] () -- C:\WINDOWS\System32\dllcache\HPCRDP.CAT
[2010/04/14 22:50:26 | 000,008,574 | ---- | C] () -- C:\WINDOWS\System32\dllcache\IASNT4.CAT
[2010/04/14 22:50:26 | 000,007,710 | ---- | C] () -- C:\WINDOWS\System32\dllcache\OEMBIOS.CAT
[2010/04/14 22:50:26 | 000,007,334 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wmerrenu.cat
[2010/04/14 22:50:25 | 001,042,903 | ---- | C] () -- C:\WINDOWS\System32\dllcache\SP2.CAT
[2010/04/14 22:50:25 | 000,797,189 | ---- | C] () -- C:\WINDOWS\System32\dllcache\NT5IIS.CAT
[2010/04/14 22:49:40 | 003,578,984 | ---- | C] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2010/04/14 22:48:44 | 000,000,223 | RHS- | C] () -- C:\boot.ini
[2010/04/14 22:48:40 | 000,000,261 | ---- | C] () -- C:\WINDOWS\System32\$winnt$.inf

========== LOP Check ==========

[2010/04/15 17:10:31 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Alwil Software
[2010/04/15 16:56:10 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\DAEMON Tools Lite
[2010/04/16 02:36:56 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\DriverScanner
[2010/04/20 01:11:50 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\EPSON
[2010/04/16 02:27:04 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\PC Drivers HeadQuarters
[2010/05/05 22:32:55 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\regid.1986-12.com.adobe
[2010/04/17 18:44:42 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Sony
[2010/04/17 18:45:22 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Viewpoint
[2010/04/15 17:22:43 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\{74D08EB8-01D1-4BAE-91E3-F30C1B031AC6}
[2010/04/16 02:35:24 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Application Data\{D5ABFFAD-D592-4F98-B02B-587125B4801F}
[2010/05/06 21:49:52 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Steven\Application Data\Aim
[2010/04/23 15:21:21 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Steven\Application Data\DAEMON Tools Lite
[2010/04/17 18:44:54 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Steven\Application Data\Publish Providers
[2010/04/17 18:44:54 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Steven\Application Data\Sony
[2010/05/15 22:02:16 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Steven\Application Data\StageManager.BD092818F67280F4B42B04877600987F0111B594.1
[2010/04/16 02:35:17 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Steven\Application Data\Uniblue
[2010/06/28 02:20:57 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Steven\Application Data\uTorrent
[2010/04/17 18:44:54 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Steven\Application Data\Windows Search

========== Purity Check ==========



========== Custom Scans ==========


< %SYSTEMDRIVE%\*.* >
[2010/04/15 04:07:18 | 000,000,000 | ---- | M] () -- C:\AUTOEXEC.BAT
[2010/04/15 10:59:10 | 000,000,223 | RHS- | M] () -- C:\boot.ini
[2010/04/15 04:07:17 | 000,000,000 | ---- | M] () -- C:\CONFIG.SYS
[2010/06/28 15:05:47 | 2011,213,824 | -HS- | M] () -- C:\hiberfil.sys
[2010/04/15 04:07:18 | 000,000,000 | RHS- | M] () -- C:\IO.SYS
[2010/04/15 04:07:18 | 000,000,000 | RHS- | M] () -- C:\MSDOS.SYS
[2004/08/04 05:00:00 | 000,047,564 | RHS- | M] () -- C:\NTDETECT.COM
[2010/04/15 17:55:45 | 000,250,048 | RHS- | M] () -- C:\ntldr
[2010/06/28 15:05:45 | 2145,386,496 | -HS- | M] () -- C:\pagefile.sys

< %systemroot%\system32\Spool\prtprocs\w32x86\*.dll >
[2008/07/06 07:06:10 | 000,089,088 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\spool\prtprocs\w32x86\filterpipelineprintproc.dll
[2006/10/26 19:56:12 | 000,033,104 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\spool\prtprocs\w32x86\msonpppr.dll

< %systemroot%\system32\*.wt >

< %systemroot%\system32\*.ruy >

< %systemroot%\Fonts\*.com >
[2006/04/18 15:39:28 | 000,026,040 | ---- | M] () -- C:\WINDOWS\Fonts\GlobalMonospace.CompositeFont
[2006/06/29 14:53:56 | 000,026,489 | ---- | M] () -- C:\WINDOWS\Fonts\GlobalSansSerif.CompositeFont
[2006/04/18 15:39:28 | 000,029,779 | ---- | M] () -- C:\WINDOWS\Fonts\GlobalSerif.CompositeFont
[2006/06/29 14:58:52 | 000,030,808 | ---- | M] () -- C:\WINDOWS\Fonts\GlobalUserInterface.CompositeFont

< %systemroot%\system32\spool\prtprocs\w32x86\*.tmp >

< %systemroot%\*. /mp /s >

< %systemroot%\system32\*.dll /lockedfiles >
[2009/03/08 04:31:44 | 000,348,160 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\WINDOWS\system32\dxtmsft.dll
[2009/03/08 04:31:38 | 000,216,064 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\WINDOWS\system32\dxtrans.dll

< %systemroot%\Tasks\*.job /lockedfiles >

< %systemroot%\System32\config\*.sav >
[2010/04/14 22:48:43 | 000,094,208 | ---- | M] () -- C:\WINDOWS\system32\config\default.sav
[2010/04/14 22:48:43 | 000,634,880 | ---- | M] () -- C:\WINDOWS\system32\config\software.sav
[2010/04/14 22:48:42 | 000,901,120 | ---- | M] () -- C:\WINDOWS\system32\config\system.sav

< %systemroot%\system32\user32.dll /md5 >
[2008/04/13 19:12:08 | 000,578,560 | ---- | M] (Microsoft Corporation) MD5=B26B135FF1B9F60C9388B4A7D16F600B -- C:\WINDOWS\system32\user32.dll

< %systemroot%\system32\ws2_32.dll /md5 >
[2008/04/13 19:12:10 | 000,082,432 | ---- | M] (Microsoft Corporation) MD5=2CCC474EB85CEAA3E1FA1726580A3E5A -- C:\WINDOWS\system32\ws2_32.dll

< %systemroot%\system32\ws2help.dll /md5 >
[2008/04/13 19:12:10 | 000,019,968 | ---- | M] (Microsoft Corporation) MD5=9789E95E1D88EEB4B922BF3EA7779C28 -- C:\WINDOWS\system32\ws2help.dll

< HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate\AU >

< HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update\Results\Install|LastSuccessTime /rs >
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update\Results\Install\\LastSuccessTime: 2010-05-12 19:32:36
< End of report >


OTL Extras logfile created on: 6/28/2010 3:22:20 PM - Run 1
OTL by OldTimer - Version 3.2.7.0 Folder = C:\Documents and Settings\Steven\My Documents
Windows XP Home Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

2.00 Gb Total Physical Memory | 1.00 Gb Available Physical Memory | 67.00% Memory free
4.00 Gb Paging File | 3.00 Gb Available in Paging File | 86.00% Paging File free
Paging file location(s): C:\pagefile.sys 2046 4092 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 108.70 Gb Total Space | 19.88 Gb Free Space | 18.29% Space Free | Partition Type: NTFS
D: Drive not present or media not loaded
E: Drive not present or media not loaded
Drive F: | 1.82 Gb Total Space | 1.22 Gb Free Space | 67.04% Space Free | Partition Type: FAT
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded

Computer Name: STEVEN-421F9774
Current User Name: Steven
Logged in as Administrator.

Current Boot Mode: Normal
Scan Mode: Current user
Company Name Whitelist: On
Skip Microsoft Files: On
File Age = 90 Days
Output = Standard
Quick Scan

========== Extra Registry (SafeList) ==========


========== File Associations ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]

[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)

========== Shell Spawning ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
htmlfile [edit] -- "C:\Program Files\Microsoft Office\Office12\msohtmed.exe" %1 (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l (Microsoft Corporation)
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [Bridge] -- C:\Program Files\Adobe\Adobe Bridge CS5\Bridge.exe "%L" (Adobe Systems, Inc.)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [OneNote.Open] -- C:\PROGRA~1\MICROS~2\Office12\ONENOTE.EXE "%L" (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

========== Security Center Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"FirstRunDisabled" = 1
"UpdatesDisableNotify" = 0
"AntiVirusOverride" = 0
"FirewallOverride" = 0
"AntiVirusDisableNotify" = 0
"FirewallDisableNotify" = 0

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus]
"DisableMonitoring" = 1

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall]
"DisableMonitoring" = 1

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 0

========== Authorized Applications List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"C:\Program Files\uTorrent\uTorrent.exe" = C:\Program Files\uTorrent\uTorrent.exe:*:Enabled:µTorrent -- (BitTorrent, Inc.)
"C:\Program Files\Microsoft Office\Office12\OUTLOOK.EXE" = C:\Program Files\Microsoft Office\Office12\OUTLOOK.EXE:*:Enabled:Microsoft Office Outlook -- (Microsoft Corporation)
"C:\Program Files\Microsoft Office\Office12\GROOVE.EXE" = C:\Program Files\Microsoft Office\Office12\GROOVE.EXE:*:Enabled:Microsoft Office Groove -- (Microsoft Corporation)
"C:\Program Files\Microsoft Office\Office12\ONENOTE.EXE" = C:\Program Files\Microsoft Office\Office12\ONENOTE.EXE:*:Enabled:Microsoft Office OneNote -- (Microsoft Corporation)
"C:\Program Files\Common Files\Mcafee\McSvcHost\McSvHost.exe" = C:\Program Files\Common Files\Mcafee\McSvcHost\McSvHost.exe:*:Enabled:McAfee Shared Service Host -- (McAfee, Inc.)


========== HKEY_LOCAL_MACHINE Uninstall List ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{015C5B35-B678-451C-9AEE-821E8D69621C}_is1" = PeerBlock 1.0.0 (r181)
"{033E378E-6AD3-4AD5-BDEB-CBD69B31046C}" = Microsoft_VC90_ATL_x86
"{055EE59D-217B-43A7-ABFF-507B966405D8}" = ATI Catalyst Control Center
"{08D2E121-7F6A-43EB-97FD-629B44903403}" = Microsoft_VC90_CRT_x86
"{0A0CADCF-78DA-33C4-A350-CD51849B9702}" = Microsoft .NET Framework 4 Extended
"{0D2DBE8A-43D0-7830-7AE7-CA6C99A832E7}" = Adobe Community Help
"{0F3647F8-E51D-4FCC-8862-9A8D0C5ACF25}" = Microsoft_VC80_ATL_x86
"{15FEDA5F-141C-4127-8D7E-B962D1742728}" = Adobe Photoshop CS5
"{1ED6E4D0-8DB0-A333-DEA6-188F957F5A43}" = Catalyst Control Center Graphics Light
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{24ADC0E4-8D3E-40C4-9106-F2DE5E9112F1}" = EPSON Stylus CX8400 Series Scanner Driver Update
"{26A24AE4-039D-4CA4-87B4-2F83216020FF}" = Java™ 6 Update 20
"{27C467F8-F8EF-4f68-BD72-D63632B2096C}" = McAfee Online Backup
"{28BE306E-5DA6-4F9C-BDB0-DBA3C8C6FFFD}" = QuickTime
"{3248F0A8-6813-11D6-A77B-00B0D0150060}" = J2SE Runtime Environment 5.0 Update 6
"{350C97B0-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP
"{3C3901C5-3455-3E0A-A214-0B093A5070A6}" = Microsoft .NET Framework 4 Client Profile
"{407E0CBD-D6BF-F243-6DE9-F1EEA525BA1C}" = Catalyst Control Center Graphics Full Existing
"{42929F0F-CE14-47AF-9FC7-FF297A603021}" = Dell Resource CD
"{45A66726-69BC-466B-A7A4-12FCBA4883D7}" = HiJackThis
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{553255F3-78FD-40F1-A6F8-6882140265FE}" = Apple Application Support
"{5EC634FA-5047-38B2-A53A-15963D9BD872}" = CCC Help English
"{612B9183-67A9-4B44-9877-2F059E35B86A}" = Broadcom 440x 10/100 Integrated Controller
"{635FED5B-2C6D-49BE-87E6-7A6FCD22BC5A}" = Microsoft_VC90_MFC_x86
"{651AFCC8-2F1A-8132-0A33-FA5F041380BA}" = Catalyst Control Center Graphics Full New
"{6956856F-B6B3-4BE0-BA0B-8F495BE32033}" = Apple Software Update
"{69EF33D7-3425-1409-0BE1-C4F3A6FB57A8}" = ccc-utility
"{7510EF8C-99B9-8533-524E-BF41BDC04188}" = Skins
"{773040E1-3B60-6507-C387-71F8F0A03C59}" = ccc-core-static
"{7F142D56-3326-11D5-B229-002078017FBF}" = Modem Helper
"{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable
"{90120000-0010-0409-0000-0000000FF1CE}" = Microsoft Software Update for Web Folders (English) 12
"{90120000-0015-0409-0000-0000000FF1CE}" = Microsoft Office Access MUI (English) 2007
"{90120000-0016-0409-0000-0000000FF1CE}" = Microsoft Office Excel MUI (English) 2007
"{90120000-0018-0409-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (English) 2007
"{90120000-0019-0409-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (English) 2007
"{90120000-001A-0409-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (English) 2007
"{90120000-001B-0409-0000-0000000FF1CE}" = Microsoft Office Word MUI (English) 2007
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2007
"{90120000-001F-0C0A-0000-0000000FF1CE}" = Microsoft Office Proof (Spanish) 2007
"{90120000-002C-0409-0000-0000000FF1CE}" = Microsoft Office Proofing (English) 2007
"{90120000-0030-0000-0000-0000000FF1CE}" = Microsoft Office Enterprise 2007
"{90120000-0044-0409-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (English) 2007
"{90120000-006E-0409-0000-0000000FF1CE}" = Microsoft Office Shared MUI (English) 2007
"{90120000-00A1-0409-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (English) 2007
"{90120000-00BA-0409-0000-0000000FF1CE}" = Microsoft Office Groove MUI (English) 2007
"{90120000-0114-0409-0000-0000000FF1CE}" = Microsoft Office Groove Setup Metadata MUI (English) 2007
"{90120000-0115-0409-0000-0000000FF1CE}" = Microsoft Office Shared Setup Metadata MUI (English) 2007
"{90120000-0117-0409-0000-0000000FF1CE}" = Microsoft Office Access Setup Metadata MUI (English) 2007
"{92D58719-BBC1-4CC3-A08B-56C9E884CC2C}" = Microsoft_VC80_CRT_x86
"{92DEC792-A722-5991-2607-3EE3A4BD502B}" = Catalyst Control Center HydraVision Full
"{96793032-8651-805A-67EF-E1759C1A8E3D}" = Catalyst Control Center Graphics Previews Common
"{A2BCA9F1-566C-4805-97D1-7FDC93386723}" = Adobe AIR
"{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}" = Microsoft .NET Framework 3.0 Service Pack 2
"{A3BC1DBD-64D6-4EBC-0091-24C811662D40}" = Madden NFL 08
"{A462213D-EED4-42C2-9A60-7BDD4D4B0B17}" = SigmaTel Audio
"{A78FE97A-C0C8-49CE-89D0-EDD524A17392}" = PDF Settings CS5
"{B094F70F-2CC2-5062-8534-D3830FC4B018}" = Catalyst Control Center Core Implementation
"{B8A817D7-AE0F-42BA-AEB9-B5F1F3EFB7AF}" = Sound Forge Pro 10.0
"{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}" = Microsoft .NET Framework 2.0 Service Pack 2
"{C151CE54-E7EA-4804-854B-F515368B0798}" = AMD Processor Driver
"{C427E746-4EC9-4E3C-AACB-C6BB1F714D7F}" = Uniblue DriverScanner 2009
"{C5074CC4-0E26-4716-A307-960272A90040}" = QuickSet
"{CA42C38C-B369-B190-AD06-76D3AC95CFAC}" = ccc-core-preinstall
"{CDDCBBF1-2703-46BC-938B-BCC81A1EEAAA}" = SUPERAntiSpyware
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{CFF4500E-C5D6-695D-A027-B3D4DDED2CC3}" = McAfee Online Backup
"{D1A19B02-817E-4296-A45B-07853FD74D57}" = Microsoft_VC80_MFC_x86
"{D3B1C799-CB73-42DE-BA0F-2344793A095C}" = Catalyst Control Center - Branding
"{D92BBB52-82FF-42ED-8A3C-4E062F944AB7}" = Microsoft_VC80_MFCLOC_x86
"{DE3A9DC5-9A5D-6485-9662-347162C7E4CA}" = Adobe Media Player
"4569969E1360D2854474C661EF9B4D54F143EB16" = Windows Driver Package - Ricoh Company (rimsptsk) hdc (11/14/2006 6.00.01.04)
"AC3Filter_is1" = AC3Filter 1.63b
"Adobe AIR" = Adobe AIR
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"All ATI Software" = ATI - Software Uninstall Utility
"AOL Instant Messenger" = AOL Instant Messenger
"ATI Display Driver" = ATI Display Driver
"Bass Audio Decoder" = Bass Audio Decoder (remove only)
"Broadcom 802.11b Network Adapter" = Dell Wireless WLAN Card
"CCleaner" = CCleaner
"CD Audio Reader Filter" = CD Audio Reader Filter (remove only)
"CDisplay_is1" = CDisplay 1.8
"chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1" = Adobe Community Help
"CNXT_MODEM_HDAUDIO_VEN_14F1&DEV_2BFA&SUBSYS_14F100C3" = Conexant HDA D110 MDC V.92 Modem
"com.adobe.amp.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1" = Adobe Media Player
"DCoder Image Source" = DCoder Image Source (remove only)
"DirectVobSub" = DirectVobSub (remove only)
"DivX Setup.divx.com" = DivX Setup
"DScaler 5 Mpeg Decoders_is1" = DScaler 5 Mpeg Decoders
"ENTERPRISE" = Microsoft Office Enterprise 2007
"EPSON Printer and Utilities" = EPSON Printer Software
"EPSON Scanner" = EPSON Scan
"ffdshow_is1" = ffdshow [rev 2527] [2008-12-19]
"FileHippo.com" = FileHippo.com Update Checker
"Foxit Reader" = Foxit Reader
"Gabest MPEG Splitter" = Gabest MPEG Splitter (remove only)
"GOM Player" = GOM Player
"HaaliMkx" = Haali Media Splitter
"ie8" = Windows Internet Explorer 8
"Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Extended" = Microsoft .NET Framework 4 Extended
"MONOGRAM AMR Splitter/Decoder" = MONOGRAM AMR Splitter/Decoder (remove only)
"Mozilla Firefox (3.6.3)" = Mozilla Firefox (3.6.3)
"MSC" = McAfee Total Protection
"MSCompPackV1" = Microsoft Compression Client Pack 1.0 for Windows XP
"OpenSource DTS/AC3/DD+ Source Filter" = OpenSource DTS/AC3/DD+ Source Filter (remove only)
"OpenSource Flash Video Splitter" = OpenSource Flash Video Splitter (remove only)
"RealMedia" = RealMedia (remove only)
"SHOUTcast Source" = SHOUTcast Source (remove only)
"SynTPDeinstKey" = Synaptics Pointing Device Driver
"Uniblue DriverScanner 2009" = Uniblue DriverScanner 2009
"uTorrent" = µTorrent
"ViewpointMediaPlayer" = Viewpoint Media Player
"VLC media player" = VLC media player 1.0.5
"Vpskeys_is1" = Vpskeys 4.3
"Wdf01005" = Microsoft Kernel-Mode Driver Framework Feature Pack 1.5
"WIC" = Windows Imaging Component
"Windows Media Format Runtime" = Windows Media Format 11 runtime
"Windows Media Player" = Windows Media Player 11
"Windows XP Service Pack" = Windows XP Service Pack 3
"WinRAR archiver" = WinRAR archiver
"WMFDist11" = Windows Media Format 11 runtime
"wmp11" = Windows Media Player 11
"Wudf01000" = Microsoft User-Mode Driver Framework Feature Pack 1.0
"ZoomPlayer" = Zoom Player (remove only)

========== Last 10 Event Log Errors ==========

[ Application Events ]
Error - 4/26/2010 8:23:50 PM | Computer Name = STEVEN-421F9774 | Source = crypt32 | ID = 131080
Description = Failed auto update retrieval of third-party root list sequence number
from: <http://www.download....uthrootseq.txt>
with error: The specified server cannot perform the requested operation.

Error - 4/26/2010 8:23:50 PM | Computer Name = STEVEN-421F9774 | Source = crypt32 | ID = 131080
Description = Failed auto update retrieval of third-party root list sequence number
from: <http://www.download....uthrootseq.txt>
with error: The specified server cannot perform the requested operation.

Error - 4/26/2010 8:23:50 PM | Computer Name = STEVEN-421F9774 | Source = crypt32 | ID = 131080
Description = Failed auto update retrieval of third-party root list sequence number
from: <http://www.download....uthrootseq.txt>
with error: The specified server cannot perform the requested operation.

Error - 4/26/2010 8:23:51 PM | Computer Name = STEVEN-421F9774 | Source = crypt32 | ID = 131080
Description = Failed auto update retrieval of third-party root list sequence number
from: <http://www.download....uthrootseq.txt>
with error: The specified server cannot perform the requested operation.

Error - 4/26/2010 8:23:51 PM | Computer Name = STEVEN-421F9774 | Source = crypt32 | ID = 131080
Description = Failed auto update retrieval of third-party root list sequence number
from: <http://www.download....uthrootseq.txt>
with error: The specified server cannot perform the requested operation.

Error - 4/26/2010 8:30:40 PM | Computer Name = STEVEN-421F9774 | Source = McLogEvent | ID = 5051
Description = A thread in process C:\Program Files\Common Files\McAfee\SystemCore\mcshield.exe
took longer than 90000 ms to complete a request. The process will be terminated.
Thread
id : 1072 (0x430) Thread address : 0x7C90E514 Thread message : Build VSCORE.14.2.0.723
/ 5400.1158 Object being scanned = \Device\HarddiskVolume2\Program Files\Common
Files\Mcafee\SystemCore\mfeapfa.dll by C:\Program Files\Alwil Software\Avast5\AvastSvc.exe

4(0)(0) 4(0)(0) 7200(0)(0) 7595(0)(0) 7005(0)(0) 7004(0)(0) 5006(0)(0) 5004(0)(0)


Error - 4/26/2010 8:32:25 PM | Computer Name = STEVEN-421F9774 | Source = McLogEvent | ID = 5051
Description = A thread in process C:\Program Files\Common Files\McAfee\SystemCore\mcshield.exe
took longer than 90000 ms to complete a request. The process will be terminated.
Thread
id : 2344 (0x928) Thread address : 0x7C90E514 Thread message : Build VSCORE.14.2.0.723
/ 5400.1158 Object being scanned = \Device\HarddiskVolume2\Program Files\McAfee.com\Agent\mcagent.exe

by C:\WINDOWS\Explorer.EXE 4(0)(0) 4(0)(0) 7200(0)(0) 7595(0)(0) 7005(0)(0) 7004(0)(0)

5006(0)(0) 5004(0)(0)

Error - 4/29/2010 3:15:16 AM | Computer Name = STEVEN-421F9774 | Source = MsiInstaller | ID = 10005
Description = Product: QuickTime -- A newer version of QuickTime is already installed.
This installation cannot proceed while the newer version of QuickTime is installed.

Error - 4/29/2010 7:11:46 PM | Computer Name = STEVEN-421F9774 | Source = VSS | ID = 12302
Description = Volume Shadow Copy Service error: An internal inconsistency was detected
in trying to contact shadow copy service writers. Please check to see that the
Event Service and Volume Shadow Copy Service are operating properly.

Error - 4/29/2010 9:03:52 PM | Computer Name = STEVEN-421F9774 | Source = Application Error | ID = 1000
Description = Faulting application ati2evxx.exe, version 6.14.10.4213, faulting
module ntdll.dll, version 5.1.2600.5755, fault address 0x00011689.

[ System Events ]
Error - 6/28/2010 4:21:38 PM | Computer Name = STEVEN-421F9774 | Source = SideBySide | ID = 16842811
Description = Generate Activation Context failed for C:\PROGRA~1\MICROS~2\Office12\GRA8E1~1.DLL.
Reference
error message: The operation completed successfully. .

Error - 6/28/2010 4:21:38 PM | Computer Name = STEVEN-421F9774 | Source = SideBySide | ID = 16842784
Description = Dependent Assembly Microsoft.VC80.CRT could not be found and Last
Error was The referenced assembly is not installed on your system.

Error - 6/28/2010 4:21:38 PM | Computer Name = STEVEN-421F9774 | Source = SideBySide | ID = 16842811
Description = Resolve Partial Assembly failed for Microsoft.VC80.CRT. Reference error
message: The referenced assembly is not installed on your system. .

Error - 6/28/2010 4:21:38 PM | Computer Name = STEVEN-421F9774 | Source = SideBySide | ID = 16842811
Description = Generate Activation Context failed for C:\PROGRA~1\MICROS~2\Office12\GRA8E1~1.DLL.
Reference
error message: The operation completed successfully. .

Error - 6/28/2010 4:21:40 PM | Computer Name = STEVEN-421F9774 | Source = SideBySide | ID = 16842784
Description = Dependent Assembly Microsoft.VC80.CRT could not be found and Last
Error was The referenced assembly is not installed on your system.

Error - 6/28/2010 4:21:40 PM | Computer Name = STEVEN-421F9774 | Source = SideBySide | ID = 16842811
Description = Resolve Partial Assembly failed for Microsoft.VC80.CRT. Reference error
message: The referenced assembly is not installed on your system. .

Error - 6/28/2010 4:21:40 PM | Computer Name = STEVEN-421F9774 | Source = SideBySide | ID = 16842811
Description = Generate Activation Context failed for C:\PROGRA~1\MICROS~2\Office12\GRA8E1~1.DLL.
Reference
error message: The operation completed successfully. .

Error - 6/28/2010 4:21:44 PM | Computer Name = STEVEN-421F9774 | Source = SideBySide | ID = 16842784
Description = Dependent Assembly Microsoft.VC80.CRT could not be found and Last
Error was The referenced assembly is not installed on your system.

Error - 6/28/2010 4:21:44 PM | Computer Name = STEVEN-421F9774 | Source = SideBySide | ID = 16842811
Description = Resolve Partial Assembly failed for Microsoft.VC80.CRT. Reference error
message: The referenced assembly is not installed on your system. .

Error - 6/28/2010 4:21:44 PM | Computer Name = STEVEN-421F9774 | Source = SideBySide | ID = 16842811
Description = Generate Activation Context failed for C:\PROGRA~1\MICROS~2\Office12\GRA8E1~1.DLL.
Reference
error message: The operation completed successfully. .


< End of report >

[Advertisements]

Download but do not yet run ComboFix
:!: If you have a previous version of Combofix.exe, delete it and download a fresh copy. :!:

:!: It must be saved to your desktop, do not run it :!:

:!: Disable your Antivirus software when downloading or running Combofix. If it has Script Blocking features, please disable these as well. See: http://www.bleepingc...opic114351.html


Download and Rename this file -- (call it george.exe ) to your Desktop -- from either of these two sources:
http://download.blee...Bs/ComboFix.exe
http://subs.geekstogo.com/ComboFix.exe

Doubleclick on george to start the program.



* :!: Important: Have no other programs running. Your Task Bar should be clear of any program entries including your Browser.


* A window may open with a series of Disclaimers. Accept the Disclaimers to start the fix. Allow it to install the Recovery Console then Continue. When the scan completes Notepad will open with with your results log open. Do a File, Exit and answer 'Yes' to save changes.


A caution - Do not run Combofix more than once. Do not touch your mouse/keyboard until the scan has completed, as this may cause the process to stall or your computer to lock. The scan will temporarily disable your desktop, and if interrupted may leave your desktop disabled. If this occurs, please reboot to restore the desktop. Even when ComboFix appears to be doing nothing, look at your Drive light. If it is flashing, Combofix is still at work.

A file will be created at => C:\Combofix.txt. I'll need to see that in your reply.

Re-activate your protection programs at this time :!:

• Go to this page and Download TDSSKiller.zip to your Desktop.
• Extract its contents to your desktop and drag TDSSKiller.exe on the desktop, not in the folder.
• Vista Start logo >All Programs> Accessories> RIGHT-click on Command Prompt and Select Run As Administrator. Copy/paste the following bolded command and hit Enter.
  
  "%userprofile%\Desktop\TDSSKiller.exe" -l C:\TDSSKiller.txt -v
• If TDSSKiller alerts you that the system needs to reboot, please consent.
• When done, a log file should be created on your C: drive named "TDSSKiller.txt" please copy and paste the contents in your next reply.

Post Back (copy/paste the .txt files, do not use attachments)
After following the above, post back with:


Combofix log
TDSSKiller log

Ron

[RKinner]

Download but do not yet run ComboFix
:!: If you have a previous version of Combofix.exe, delete it and download a fresh copy. :!:

:!: It must be saved to your desktop, do not run it :!:

:!: Disable your Antivirus software when downloading or running Combofix. If it has Script Blocking features, please disable these as well. See: http://www.bleepingc...opic114351.html


Download and Rename this file -- (call it george.exe ) to your Desktop -- from either of these two sources:
http://download.blee...Bs/ComboFix.exe
http://subs.geekstogo.com/ComboFix.exe

Doubleclick on george to start the program.



* :!: Important: Have no other programs running. Your Task Bar should be clear of any program entries including your Browser.


* A window may open with a series of Disclaimers. Accept the Disclaimers to start the fix. Allow it to install the Recovery Console then Continue. When the scan completes Notepad will open with with your results log open. Do a File, Exit and answer 'Yes' to save changes.


A caution - Do not run Combofix more than once. Do not touch your mouse/keyboard until the scan has completed, as this may cause the process to stall or your computer to lock. The scan will temporarily disable your desktop, and if interrupted may leave your desktop disabled. If this occurs, please reboot to restore the desktop. Even when ComboFix appears to be doing nothing, look at your Drive light. If it is flashing, Combofix is still at work.

A file will be created at => C:\Combofix.txt. I'll need to see that in your reply.

Re-activate your protection programs at this time :!:

• Go to this page and Download TDSSKiller.zip to your Desktop.
• Extract its contents to your desktop and drag TDSSKiller.exe on the desktop, not in the folder.
• Vista Start logo >All Programs> Accessories> RIGHT-click on Command Prompt and Select Run As Administrator. Copy/paste the following bolded command and hit Enter.
  
  "%userprofile%\Desktop\TDSSKiller.exe" -l C:\TDSSKiller.txt -v
• If TDSSKiller alerts you that the system needs to reboot, please consent.
• When done, a log file should be created on your C: drive named "TDSSKiller.txt" please copy and paste the contents in your next reply.

Post Back (copy/paste the .txt files, do not use attachments)
After following the above, post back with:


Combofix log
TDSSKiller log

Ron